1 // SPDX-License-Identifier: GPL-2.0
2 // Copyright (c) 2011-2018, The Linux Foundation. All rights reserved.
3 // Copyright (c) 2018, Linaro Limited
5 #include <linux/completion.h>
6 #include <linux/device.h>
7 #include <linux/dma-buf.h>
8 #include <linux/dma-mapping.h>
9 #include <linux/dma-resv.h>
10 #include <linux/idr.h>
11 #include <linux/list.h>
12 #include <linux/miscdevice.h>
13 #include <linux/module.h>
14 #include <linux/of_address.h>
16 #include <linux/sort.h>
17 #include <linux/of_platform.h>
18 #include <linux/rpmsg.h>
19 #include <linux/scatterlist.h>
20 #include <linux/slab.h>
21 #include <linux/firmware/qcom/qcom_scm.h>
22 #include <uapi/misc/fastrpc.h>
23 #include <linux/of_reserved_mem.h>
25 #define ADSP_DOMAIN_ID (0)
26 #define MDSP_DOMAIN_ID (1)
27 #define SDSP_DOMAIN_ID (2)
28 #define CDSP_DOMAIN_ID (3)
29 #define FASTRPC_DEV_MAX 4 /* adsp, mdsp, slpi, cdsp*/
30 #define FASTRPC_MAX_SESSIONS 14
31 #define FASTRPC_MAX_VMIDS 16
32 #define FASTRPC_ALIGN 128
33 #define FASTRPC_MAX_FDLIST 16
34 #define FASTRPC_MAX_CRCLIST 64
35 #define FASTRPC_PHYS(p) ((p) & 0xffffffff)
36 #define FASTRPC_CTX_MAX (256)
37 #define FASTRPC_INIT_HANDLE 1
38 #define FASTRPC_DSP_UTILITIES_HANDLE 2
39 #define FASTRPC_CTXID_MASK (0xFF0)
40 #define INIT_FILELEN_MAX (2 * 1024 * 1024)
41 #define INIT_FILE_NAMELEN_MAX (128)
42 #define FASTRPC_DEVICE_NAME "fastrpc"
44 /* Add memory to static PD pool, protection thru XPU */
45 #define ADSP_MMAP_HEAP_ADDR 4
46 /* MAP static DMA buffer on DSP User PD */
47 #define ADSP_MMAP_DMA_BUFFER 6
48 /* Add memory to static PD pool protection thru hypervisor */
49 #define ADSP_MMAP_REMOTE_HEAP_ADDR 8
50 /* Add memory to userPD pool, for user heap */
51 #define ADSP_MMAP_ADD_PAGES 0x1000
52 /* Add memory to userPD pool, for LLC heap */
53 #define ADSP_MMAP_ADD_PAGES_LLC 0x3000,
55 #define DSP_UNSUPPORTED_API (0x80000414)
56 /* MAX NUMBER of DSP ATTRIBUTES SUPPORTED */
57 #define FASTRPC_MAX_DSP_ATTRIBUTES (256)
58 #define FASTRPC_MAX_DSP_ATTRIBUTES_LEN (sizeof(u32) * FASTRPC_MAX_DSP_ATTRIBUTES)
60 /* Retrives number of input buffers from the scalars parameter */
61 #define REMOTE_SCALARS_INBUFS(sc) (((sc) >> 16) & 0x0ff)
63 /* Retrives number of output buffers from the scalars parameter */
64 #define REMOTE_SCALARS_OUTBUFS(sc) (((sc) >> 8) & 0x0ff)
66 /* Retrives number of input handles from the scalars parameter */
67 #define REMOTE_SCALARS_INHANDLES(sc) (((sc) >> 4) & 0x0f)
69 /* Retrives number of output handles from the scalars parameter */
70 #define REMOTE_SCALARS_OUTHANDLES(sc) ((sc) & 0x0f)
72 #define REMOTE_SCALARS_LENGTH(sc) (REMOTE_SCALARS_INBUFS(sc) + \
73 REMOTE_SCALARS_OUTBUFS(sc) + \
74 REMOTE_SCALARS_INHANDLES(sc)+ \
75 REMOTE_SCALARS_OUTHANDLES(sc))
76 #define FASTRPC_BUILD_SCALARS(attr, method, in, out, oin, oout) \
77 (((attr & 0x07) << 29) | \
78 ((method & 0x1f) << 24) | \
79 ((in & 0xff) << 16) | \
80 ((out & 0xff) << 8) | \
81 ((oin & 0x0f) << 4) | \
84 #define FASTRPC_SCALARS(method, in, out) \
85 FASTRPC_BUILD_SCALARS(0, method, in, out, 0, 0)
87 #define FASTRPC_CREATE_PROCESS_NARGS 6
88 #define FASTRPC_CREATE_STATIC_PROCESS_NARGS 3
89 /* Remote Method id table */
90 #define FASTRPC_RMID_INIT_ATTACH 0
91 #define FASTRPC_RMID_INIT_RELEASE 1
92 #define FASTRPC_RMID_INIT_MMAP 4
93 #define FASTRPC_RMID_INIT_MUNMAP 5
94 #define FASTRPC_RMID_INIT_CREATE 6
95 #define FASTRPC_RMID_INIT_CREATE_ATTR 7
96 #define FASTRPC_RMID_INIT_CREATE_STATIC 8
97 #define FASTRPC_RMID_INIT_MEM_MAP 10
98 #define FASTRPC_RMID_INIT_MEM_UNMAP 11
100 /* Protection Domain(PD) ids */
103 #define SENSORS_PD (2)
105 #define miscdev_to_fdevice(d) container_of(d, struct fastrpc_device, miscdev)
107 static const char *domains[FASTRPC_DEV_MAX] = { "adsp", "mdsp",
109 struct fastrpc_phy_page {
110 u64 addr; /* physical address */
111 u64 size; /* size of contiguous region */
114 struct fastrpc_invoke_buf {
115 u32 num; /* number of contiguous regions */
116 u32 pgidx; /* index to start of contiguous region */
119 struct fastrpc_remote_dmahandle {
120 s32 fd; /* dma handle fd */
121 u32 offset; /* dma handle offset */
122 u32 len; /* dma handle length */
125 struct fastrpc_remote_buf {
126 u64 pv; /* buffer pointer */
127 u64 len; /* length of buffer */
130 union fastrpc_remote_arg {
131 struct fastrpc_remote_buf buf;
132 struct fastrpc_remote_dmahandle dma;
135 struct fastrpc_mmap_rsp_msg {
139 struct fastrpc_mmap_req_msg {
146 struct fastrpc_mem_map_req_msg {
156 struct fastrpc_munmap_req_msg {
162 struct fastrpc_mem_unmap_req_msg {
170 int pid; /* process group id */
171 int tid; /* thread id */
172 u64 ctx; /* invoke caller context */
173 u32 handle; /* handle to invoke */
174 u32 sc; /* scalars structure describing the data */
175 u64 addr; /* physical address */
176 u64 size; /* size of contiguous region */
179 struct fastrpc_invoke_rsp {
180 u64 ctx; /* invoke caller context */
181 int retval; /* invoke return value */
184 struct fastrpc_buf_overlap {
194 struct fastrpc_user *fl;
195 struct dma_buf *dmabuf;
200 /* Lock for dma buf attachments */
202 struct list_head attachments;
204 struct list_head node; /* list of user requested mmaps */
208 struct fastrpc_dma_buf_attachment {
211 struct list_head node;
215 struct list_head node;
216 struct fastrpc_user *fl;
219 struct sg_table *table;
220 struct dma_buf_attachment *attach;
227 struct kref refcount;
230 struct fastrpc_invoke_ctx {
240 struct kref refcount;
241 struct list_head node; /* list of ctxs */
242 struct completion work;
243 struct work_struct put_work;
244 struct fastrpc_msg msg;
245 struct fastrpc_user *fl;
246 union fastrpc_remote_arg *rpra;
247 struct fastrpc_map **maps;
248 struct fastrpc_buf *buf;
249 struct fastrpc_invoke_args *args;
250 struct fastrpc_buf_overlap *olaps;
251 struct fastrpc_channel_ctx *cctx;
254 struct fastrpc_session_ctx {
261 struct fastrpc_channel_ctx {
266 struct qcom_scm_vmperm vmperms[FASTRPC_MAX_VMIDS];
267 struct rpmsg_device *rpdev;
268 struct fastrpc_session_ctx session[FASTRPC_MAX_SESSIONS];
271 struct list_head users;
272 struct kref refcount;
273 /* Flag if dsp attributes are cached */
274 bool valid_attributes;
275 u32 dsp_attributes[FASTRPC_MAX_DSP_ATTRIBUTES];
276 struct fastrpc_device *secure_fdevice;
277 struct fastrpc_device *fdevice;
278 struct fastrpc_buf *remote_heap;
279 struct list_head invoke_interrupted_mmaps;
281 bool unsigned_support;
285 struct fastrpc_device {
286 struct fastrpc_channel_ctx *cctx;
287 struct miscdevice miscdev;
291 struct fastrpc_user {
292 struct list_head user;
293 struct list_head maps;
294 struct list_head pending;
295 struct list_head mmaps;
297 struct fastrpc_channel_ctx *cctx;
298 struct fastrpc_session_ctx *sctx;
299 struct fastrpc_buf *init_mem;
306 /* lock for allocations */
310 static void fastrpc_free_map(struct kref *ref)
312 struct fastrpc_map *map;
314 map = container_of(ref, struct fastrpc_map, refcount);
317 if (map->attr & FASTRPC_ATTR_SECUREMAP) {
318 struct qcom_scm_vmperm perm;
319 int vmid = map->fl->cctx->vmperms[0].vmid;
320 u64 src_perms = BIT(QCOM_SCM_VMID_HLOS) | BIT(vmid);
323 perm.vmid = QCOM_SCM_VMID_HLOS;
324 perm.perm = QCOM_SCM_PERM_RWX;
325 err = qcom_scm_assign_mem(map->phys, map->size,
326 &src_perms, &perm, 1);
328 dev_err(map->fl->sctx->dev, "Failed to assign memory phys 0x%llx size 0x%llx err %d",
329 map->phys, map->size, err);
333 dma_buf_unmap_attachment_unlocked(map->attach, map->table,
335 dma_buf_detach(map->buf, map->attach);
336 dma_buf_put(map->buf);
340 spin_lock(&map->fl->lock);
341 list_del(&map->node);
342 spin_unlock(&map->fl->lock);
349 static void fastrpc_map_put(struct fastrpc_map *map)
352 kref_put(&map->refcount, fastrpc_free_map);
355 static int fastrpc_map_get(struct fastrpc_map *map)
360 return kref_get_unless_zero(&map->refcount) ? 0 : -ENOENT;
364 static int fastrpc_map_lookup(struct fastrpc_user *fl, int fd,
365 struct fastrpc_map **ppmap, bool take_ref)
367 struct fastrpc_session_ctx *sess = fl->sctx;
368 struct fastrpc_map *map = NULL;
371 spin_lock(&fl->lock);
372 list_for_each_entry(map, &fl->maps, node) {
377 ret = fastrpc_map_get(map);
379 dev_dbg(sess->dev, "%s: Failed to get map fd=%d ret=%d\n",
389 spin_unlock(&fl->lock);
394 static void fastrpc_buf_free(struct fastrpc_buf *buf)
396 dma_free_coherent(buf->dev, buf->size, buf->virt,
397 FASTRPC_PHYS(buf->phys));
401 static int __fastrpc_buf_alloc(struct fastrpc_user *fl, struct device *dev,
402 u64 size, struct fastrpc_buf **obuf)
404 struct fastrpc_buf *buf;
406 buf = kzalloc(sizeof(*buf), GFP_KERNEL);
410 INIT_LIST_HEAD(&buf->attachments);
411 INIT_LIST_HEAD(&buf->node);
412 mutex_init(&buf->lock);
421 buf->virt = dma_alloc_coherent(dev, buf->size, (dma_addr_t *)&buf->phys,
424 mutex_destroy(&buf->lock);
434 static int fastrpc_buf_alloc(struct fastrpc_user *fl, struct device *dev,
435 u64 size, struct fastrpc_buf **obuf)
438 struct fastrpc_buf *buf;
440 ret = __fastrpc_buf_alloc(fl, dev, size, obuf);
446 if (fl->sctx && fl->sctx->sid)
447 buf->phys += ((u64)fl->sctx->sid << 32);
452 static int fastrpc_remote_heap_alloc(struct fastrpc_user *fl, struct device *dev,
453 u64 size, struct fastrpc_buf **obuf)
455 struct device *rdev = &fl->cctx->rpdev->dev;
457 return __fastrpc_buf_alloc(fl, rdev, size, obuf);
460 static void fastrpc_channel_ctx_free(struct kref *ref)
462 struct fastrpc_channel_ctx *cctx;
464 cctx = container_of(ref, struct fastrpc_channel_ctx, refcount);
469 static void fastrpc_channel_ctx_get(struct fastrpc_channel_ctx *cctx)
471 kref_get(&cctx->refcount);
474 static void fastrpc_channel_ctx_put(struct fastrpc_channel_ctx *cctx)
476 kref_put(&cctx->refcount, fastrpc_channel_ctx_free);
479 static void fastrpc_context_free(struct kref *ref)
481 struct fastrpc_invoke_ctx *ctx;
482 struct fastrpc_channel_ctx *cctx;
486 ctx = container_of(ref, struct fastrpc_invoke_ctx, refcount);
489 for (i = 0; i < ctx->nbufs; i++)
490 fastrpc_map_put(ctx->maps[i]);
493 fastrpc_buf_free(ctx->buf);
495 spin_lock_irqsave(&cctx->lock, flags);
496 idr_remove(&cctx->ctx_idr, ctx->ctxid >> 4);
497 spin_unlock_irqrestore(&cctx->lock, flags);
503 fastrpc_channel_ctx_put(cctx);
506 static void fastrpc_context_get(struct fastrpc_invoke_ctx *ctx)
508 kref_get(&ctx->refcount);
511 static void fastrpc_context_put(struct fastrpc_invoke_ctx *ctx)
513 kref_put(&ctx->refcount, fastrpc_context_free);
516 static void fastrpc_context_put_wq(struct work_struct *work)
518 struct fastrpc_invoke_ctx *ctx =
519 container_of(work, struct fastrpc_invoke_ctx, put_work);
521 fastrpc_context_put(ctx);
524 #define CMP(aa, bb) ((aa) == (bb) ? 0 : (aa) < (bb) ? -1 : 1)
525 static int olaps_cmp(const void *a, const void *b)
527 struct fastrpc_buf_overlap *pa = (struct fastrpc_buf_overlap *)a;
528 struct fastrpc_buf_overlap *pb = (struct fastrpc_buf_overlap *)b;
529 /* sort with lowest starting buffer first */
530 int st = CMP(pa->start, pb->start);
531 /* sort with highest ending buffer first */
532 int ed = CMP(pb->end, pa->end);
534 return st == 0 ? ed : st;
537 static void fastrpc_get_buff_overlaps(struct fastrpc_invoke_ctx *ctx)
542 for (i = 0; i < ctx->nbufs; ++i) {
543 ctx->olaps[i].start = ctx->args[i].ptr;
544 ctx->olaps[i].end = ctx->olaps[i].start + ctx->args[i].length;
545 ctx->olaps[i].raix = i;
548 sort(ctx->olaps, ctx->nbufs, sizeof(*ctx->olaps), olaps_cmp, NULL);
550 for (i = 0; i < ctx->nbufs; ++i) {
551 /* Falling inside previous range */
552 if (ctx->olaps[i].start < max_end) {
553 ctx->olaps[i].mstart = max_end;
554 ctx->olaps[i].mend = ctx->olaps[i].end;
555 ctx->olaps[i].offset = max_end - ctx->olaps[i].start;
557 if (ctx->olaps[i].end > max_end) {
558 max_end = ctx->olaps[i].end;
560 ctx->olaps[i].mend = 0;
561 ctx->olaps[i].mstart = 0;
565 ctx->olaps[i].mend = ctx->olaps[i].end;
566 ctx->olaps[i].mstart = ctx->olaps[i].start;
567 ctx->olaps[i].offset = 0;
568 max_end = ctx->olaps[i].end;
573 static struct fastrpc_invoke_ctx *fastrpc_context_alloc(
574 struct fastrpc_user *user, u32 kernel, u32 sc,
575 struct fastrpc_invoke_args *args)
577 struct fastrpc_channel_ctx *cctx = user->cctx;
578 struct fastrpc_invoke_ctx *ctx = NULL;
582 ctx = kzalloc(sizeof(*ctx), GFP_KERNEL);
584 return ERR_PTR(-ENOMEM);
586 INIT_LIST_HEAD(&ctx->node);
588 ctx->nscalars = REMOTE_SCALARS_LENGTH(sc);
589 ctx->nbufs = REMOTE_SCALARS_INBUFS(sc) +
590 REMOTE_SCALARS_OUTBUFS(sc);
593 ctx->maps = kcalloc(ctx->nscalars,
594 sizeof(*ctx->maps), GFP_KERNEL);
597 return ERR_PTR(-ENOMEM);
599 ctx->olaps = kcalloc(ctx->nscalars,
600 sizeof(*ctx->olaps), GFP_KERNEL);
604 return ERR_PTR(-ENOMEM);
607 fastrpc_get_buff_overlaps(ctx);
610 /* Released in fastrpc_context_put() */
611 fastrpc_channel_ctx_get(cctx);
615 ctx->pid = current->pid;
616 ctx->tgid = user->tgid;
618 init_completion(&ctx->work);
619 INIT_WORK(&ctx->put_work, fastrpc_context_put_wq);
621 spin_lock(&user->lock);
622 list_add_tail(&ctx->node, &user->pending);
623 spin_unlock(&user->lock);
625 spin_lock_irqsave(&cctx->lock, flags);
626 ret = idr_alloc_cyclic(&cctx->ctx_idr, ctx, 1,
627 FASTRPC_CTX_MAX, GFP_ATOMIC);
629 spin_unlock_irqrestore(&cctx->lock, flags);
632 ctx->ctxid = ret << 4;
633 spin_unlock_irqrestore(&cctx->lock, flags);
635 kref_init(&ctx->refcount);
639 spin_lock(&user->lock);
640 list_del(&ctx->node);
641 spin_unlock(&user->lock);
642 fastrpc_channel_ctx_put(cctx);
650 static struct sg_table *
651 fastrpc_map_dma_buf(struct dma_buf_attachment *attachment,
652 enum dma_data_direction dir)
654 struct fastrpc_dma_buf_attachment *a = attachment->priv;
655 struct sg_table *table;
660 ret = dma_map_sgtable(attachment->dev, table, dir, 0);
662 table = ERR_PTR(ret);
666 static void fastrpc_unmap_dma_buf(struct dma_buf_attachment *attach,
667 struct sg_table *table,
668 enum dma_data_direction dir)
670 dma_unmap_sgtable(attach->dev, table, dir, 0);
673 static void fastrpc_release(struct dma_buf *dmabuf)
675 struct fastrpc_buf *buffer = dmabuf->priv;
677 fastrpc_buf_free(buffer);
680 static int fastrpc_dma_buf_attach(struct dma_buf *dmabuf,
681 struct dma_buf_attachment *attachment)
683 struct fastrpc_dma_buf_attachment *a;
684 struct fastrpc_buf *buffer = dmabuf->priv;
687 a = kzalloc(sizeof(*a), GFP_KERNEL);
691 ret = dma_get_sgtable(buffer->dev, &a->sgt, buffer->virt,
692 FASTRPC_PHYS(buffer->phys), buffer->size);
694 dev_err(buffer->dev, "failed to get scatterlist from DMA API\n");
699 a->dev = attachment->dev;
700 INIT_LIST_HEAD(&a->node);
701 attachment->priv = a;
703 mutex_lock(&buffer->lock);
704 list_add(&a->node, &buffer->attachments);
705 mutex_unlock(&buffer->lock);
710 static void fastrpc_dma_buf_detatch(struct dma_buf *dmabuf,
711 struct dma_buf_attachment *attachment)
713 struct fastrpc_dma_buf_attachment *a = attachment->priv;
714 struct fastrpc_buf *buffer = dmabuf->priv;
716 mutex_lock(&buffer->lock);
718 mutex_unlock(&buffer->lock);
719 sg_free_table(&a->sgt);
723 static int fastrpc_vmap(struct dma_buf *dmabuf, struct iosys_map *map)
725 struct fastrpc_buf *buf = dmabuf->priv;
727 iosys_map_set_vaddr(map, buf->virt);
732 static int fastrpc_mmap(struct dma_buf *dmabuf,
733 struct vm_area_struct *vma)
735 struct fastrpc_buf *buf = dmabuf->priv;
736 size_t size = vma->vm_end - vma->vm_start;
738 dma_resv_assert_held(dmabuf->resv);
740 return dma_mmap_coherent(buf->dev, vma, buf->virt,
741 FASTRPC_PHYS(buf->phys), size);
744 static const struct dma_buf_ops fastrpc_dma_buf_ops = {
745 .attach = fastrpc_dma_buf_attach,
746 .detach = fastrpc_dma_buf_detatch,
747 .map_dma_buf = fastrpc_map_dma_buf,
748 .unmap_dma_buf = fastrpc_unmap_dma_buf,
749 .mmap = fastrpc_mmap,
750 .vmap = fastrpc_vmap,
751 .release = fastrpc_release,
754 static int fastrpc_map_create(struct fastrpc_user *fl, int fd,
755 u64 len, u32 attr, struct fastrpc_map **ppmap)
757 struct fastrpc_session_ctx *sess = fl->sctx;
758 struct fastrpc_map *map = NULL;
761 if (!fastrpc_map_lookup(fl, fd, ppmap, true))
764 map = kzalloc(sizeof(*map), GFP_KERNEL);
768 INIT_LIST_HEAD(&map->node);
769 kref_init(&map->refcount);
773 map->buf = dma_buf_get(fd);
774 if (IS_ERR(map->buf)) {
775 err = PTR_ERR(map->buf);
779 map->attach = dma_buf_attach(map->buf, sess->dev);
780 if (IS_ERR(map->attach)) {
781 dev_err(sess->dev, "Failed to attach dmabuf\n");
782 err = PTR_ERR(map->attach);
786 map->table = dma_buf_map_attachment_unlocked(map->attach, DMA_BIDIRECTIONAL);
787 if (IS_ERR(map->table)) {
788 err = PTR_ERR(map->table);
792 if (attr & FASTRPC_ATTR_SECUREMAP) {
793 map->phys = sg_phys(map->table->sgl);
795 map->phys = sg_dma_address(map->table->sgl);
796 map->phys += ((u64)fl->sctx->sid << 32);
799 map->va = sg_virt(map->table->sgl);
802 if (attr & FASTRPC_ATTR_SECUREMAP) {
804 * If subsystem VMIDs are defined in DTSI, then do
805 * hyp_assign from HLOS to those VM(s)
807 u64 src_perms = BIT(QCOM_SCM_VMID_HLOS);
808 struct qcom_scm_vmperm dst_perms[2] = {0};
810 dst_perms[0].vmid = QCOM_SCM_VMID_HLOS;
811 dst_perms[0].perm = QCOM_SCM_PERM_RW;
812 dst_perms[1].vmid = fl->cctx->vmperms[0].vmid;
813 dst_perms[1].perm = QCOM_SCM_PERM_RWX;
815 err = qcom_scm_assign_mem(map->phys, (u64)map->size, &src_perms, dst_perms, 2);
817 dev_err(sess->dev, "Failed to assign memory with phys 0x%llx size 0x%llx err %d",
818 map->phys, map->size, err);
822 spin_lock(&fl->lock);
823 list_add_tail(&map->node, &fl->maps);
824 spin_unlock(&fl->lock);
830 dma_buf_detach(map->buf, map->attach);
832 dma_buf_put(map->buf);
834 fastrpc_map_put(map);
840 * Fastrpc payload buffer with metadata looks like:
842 * >>>>>> START of METADATA <<<<<<<<<
843 * +---------------------------------+
845 * | type:(union fastrpc_remote_arg)|
847 * +---------------------------------+
848 * | Invoke Buffer list |
849 * | type:(struct fastrpc_invoke_buf)|
851 * +---------------------------------+
853 * | type:(struct fastrpc_phy_page) |
855 * +---------------------------------+
857 * |(can be specific to SoC/Firmware)|
858 * +---------------------------------+
859 * >>>>>>>> END of METADATA <<<<<<<<<
860 * +---------------------------------+
863 * +---------------------------------+
866 static int fastrpc_get_meta_size(struct fastrpc_invoke_ctx *ctx)
870 size = (sizeof(struct fastrpc_remote_buf) +
871 sizeof(struct fastrpc_invoke_buf) +
872 sizeof(struct fastrpc_phy_page)) * ctx->nscalars +
873 sizeof(u64) * FASTRPC_MAX_FDLIST +
874 sizeof(u32) * FASTRPC_MAX_CRCLIST;
879 static u64 fastrpc_get_payload_size(struct fastrpc_invoke_ctx *ctx, int metalen)
884 size = ALIGN(metalen, FASTRPC_ALIGN);
885 for (oix = 0; oix < ctx->nbufs; oix++) {
886 int i = ctx->olaps[oix].raix;
888 if (ctx->args[i].fd == 0 || ctx->args[i].fd == -1) {
890 if (ctx->olaps[oix].offset == 0)
891 size = ALIGN(size, FASTRPC_ALIGN);
893 size += (ctx->olaps[oix].mend - ctx->olaps[oix].mstart);
900 static int fastrpc_create_maps(struct fastrpc_invoke_ctx *ctx)
902 struct device *dev = ctx->fl->sctx->dev;
905 for (i = 0; i < ctx->nscalars; ++i) {
907 if (ctx->args[i].fd == 0 || ctx->args[i].fd == -1 ||
908 ctx->args[i].length == 0)
911 err = fastrpc_map_create(ctx->fl, ctx->args[i].fd,
912 ctx->args[i].length, ctx->args[i].attr, &ctx->maps[i]);
914 dev_err(dev, "Error Creating map %d\n", err);
922 static struct fastrpc_invoke_buf *fastrpc_invoke_buf_start(union fastrpc_remote_arg *pra, int len)
924 return (struct fastrpc_invoke_buf *)(&pra[len]);
927 static struct fastrpc_phy_page *fastrpc_phy_page_start(struct fastrpc_invoke_buf *buf, int len)
929 return (struct fastrpc_phy_page *)(&buf[len]);
932 static int fastrpc_get_args(u32 kernel, struct fastrpc_invoke_ctx *ctx)
934 struct device *dev = ctx->fl->sctx->dev;
935 union fastrpc_remote_arg *rpra;
936 struct fastrpc_invoke_buf *list;
937 struct fastrpc_phy_page *pages;
938 int inbufs, i, oix, err = 0;
939 u64 len, rlen, pkt_size;
940 u64 pg_start, pg_end;
944 inbufs = REMOTE_SCALARS_INBUFS(ctx->sc);
945 metalen = fastrpc_get_meta_size(ctx);
946 pkt_size = fastrpc_get_payload_size(ctx, metalen);
948 err = fastrpc_create_maps(ctx);
952 ctx->msg_sz = pkt_size;
954 err = fastrpc_buf_alloc(ctx->fl, dev, pkt_size, &ctx->buf);
958 rpra = ctx->buf->virt;
959 list = fastrpc_invoke_buf_start(rpra, ctx->nscalars);
960 pages = fastrpc_phy_page_start(list, ctx->nscalars);
961 args = (uintptr_t)ctx->buf->virt + metalen;
962 rlen = pkt_size - metalen;
965 for (oix = 0; oix < ctx->nbufs; ++oix) {
968 i = ctx->olaps[oix].raix;
969 len = ctx->args[i].length;
972 rpra[i].buf.len = len;
973 list[i].num = len ? 1 : 0;
980 struct vm_area_struct *vma = NULL;
982 rpra[i].buf.pv = (u64) ctx->args[i].ptr;
983 pages[i].addr = ctx->maps[i]->phys;
985 mmap_read_lock(current->mm);
986 vma = find_vma(current->mm, ctx->args[i].ptr);
988 pages[i].addr += ctx->args[i].ptr -
990 mmap_read_unlock(current->mm);
992 pg_start = (ctx->args[i].ptr & PAGE_MASK) >> PAGE_SHIFT;
993 pg_end = ((ctx->args[i].ptr + len - 1) & PAGE_MASK) >>
995 pages[i].size = (pg_end - pg_start + 1) * PAGE_SIZE;
999 if (ctx->olaps[oix].offset == 0) {
1000 rlen -= ALIGN(args, FASTRPC_ALIGN) - args;
1001 args = ALIGN(args, FASTRPC_ALIGN);
1004 mlen = ctx->olaps[oix].mend - ctx->olaps[oix].mstart;
1009 rpra[i].buf.pv = args - ctx->olaps[oix].offset;
1010 pages[i].addr = ctx->buf->phys -
1011 ctx->olaps[oix].offset +
1013 pages[i].addr = pages[i].addr & PAGE_MASK;
1015 pg_start = (args & PAGE_MASK) >> PAGE_SHIFT;
1016 pg_end = ((args + len - 1) & PAGE_MASK) >> PAGE_SHIFT;
1017 pages[i].size = (pg_end - pg_start + 1) * PAGE_SIZE;
1022 if (i < inbufs && !ctx->maps[i]) {
1023 void *dst = (void *)(uintptr_t)rpra[i].buf.pv;
1024 void *src = (void *)(uintptr_t)ctx->args[i].ptr;
1027 if (copy_from_user(dst, (void __user *)src,
1033 memcpy(dst, src, len);
1038 for (i = ctx->nbufs; i < ctx->nscalars; ++i) {
1039 list[i].num = ctx->args[i].length ? 1 : 0;
1042 pages[i].addr = ctx->maps[i]->phys;
1043 pages[i].size = ctx->maps[i]->size;
1045 rpra[i].dma.fd = ctx->args[i].fd;
1046 rpra[i].dma.len = ctx->args[i].length;
1047 rpra[i].dma.offset = (u64) ctx->args[i].ptr;
1052 dev_err(dev, "Error: get invoke args failed:%d\n", err);
1057 static int fastrpc_put_args(struct fastrpc_invoke_ctx *ctx,
1060 union fastrpc_remote_arg *rpra = ctx->rpra;
1061 struct fastrpc_user *fl = ctx->fl;
1062 struct fastrpc_map *mmap = NULL;
1063 struct fastrpc_invoke_buf *list;
1064 struct fastrpc_phy_page *pages;
1066 int i, inbufs, outbufs, handles;
1068 inbufs = REMOTE_SCALARS_INBUFS(ctx->sc);
1069 outbufs = REMOTE_SCALARS_OUTBUFS(ctx->sc);
1070 handles = REMOTE_SCALARS_INHANDLES(ctx->sc) + REMOTE_SCALARS_OUTHANDLES(ctx->sc);
1071 list = fastrpc_invoke_buf_start(rpra, ctx->nscalars);
1072 pages = fastrpc_phy_page_start(list, ctx->nscalars);
1073 fdlist = (uint64_t *)(pages + inbufs + outbufs + handles);
1075 for (i = inbufs; i < ctx->nbufs; ++i) {
1076 if (!ctx->maps[i]) {
1077 void *src = (void *)(uintptr_t)rpra[i].buf.pv;
1078 void *dst = (void *)(uintptr_t)ctx->args[i].ptr;
1079 u64 len = rpra[i].buf.len;
1082 if (copy_to_user((void __user *)dst, src, len))
1085 memcpy(dst, src, len);
1090 for (i = 0; i < FASTRPC_MAX_FDLIST; i++) {
1093 if (!fastrpc_map_lookup(fl, (int)fdlist[i], &mmap, false))
1094 fastrpc_map_put(mmap);
1100 static int fastrpc_invoke_send(struct fastrpc_session_ctx *sctx,
1101 struct fastrpc_invoke_ctx *ctx,
1102 u32 kernel, uint32_t handle)
1104 struct fastrpc_channel_ctx *cctx;
1105 struct fastrpc_user *fl = ctx->fl;
1106 struct fastrpc_msg *msg = &ctx->msg;
1110 msg->pid = fl->tgid;
1111 msg->tid = current->pid;
1116 msg->ctx = ctx->ctxid | fl->pd;
1117 msg->handle = handle;
1119 msg->addr = ctx->buf ? ctx->buf->phys : 0;
1120 msg->size = roundup(ctx->msg_sz, PAGE_SIZE);
1121 fastrpc_context_get(ctx);
1123 ret = rpmsg_send(cctx->rpdev->ept, (void *)msg, sizeof(*msg));
1126 fastrpc_context_put(ctx);
1132 static int fastrpc_internal_invoke(struct fastrpc_user *fl, u32 kernel,
1134 struct fastrpc_invoke_args *args)
1136 struct fastrpc_invoke_ctx *ctx = NULL;
1137 struct fastrpc_buf *buf, *b;
1144 if (!fl->cctx->rpdev)
1147 if (handle == FASTRPC_INIT_HANDLE && !kernel) {
1148 dev_warn_ratelimited(fl->sctx->dev, "user app trying to send a kernel RPC message (%d)\n", handle);
1152 ctx = fastrpc_context_alloc(fl, kernel, sc, args);
1154 return PTR_ERR(ctx);
1156 if (ctx->nscalars) {
1157 err = fastrpc_get_args(kernel, ctx);
1162 /* make sure that all CPU memory writes are seen by DSP */
1164 /* Send invoke buffer to remote dsp */
1165 err = fastrpc_invoke_send(fl->sctx, ctx, kernel, handle);
1170 if (!wait_for_completion_timeout(&ctx->work, 10 * HZ))
1173 err = wait_for_completion_interruptible(&ctx->work);
1179 /* Check the response from remote dsp */
1184 if (ctx->nscalars) {
1185 /* make sure that all memory writes by DSP are seen by CPU */
1187 /* populate all the output buffers with results */
1188 err = fastrpc_put_args(ctx, kernel);
1194 if (err != -ERESTARTSYS && err != -ETIMEDOUT) {
1195 /* We are done with this compute context */
1196 spin_lock(&fl->lock);
1197 list_del(&ctx->node);
1198 spin_unlock(&fl->lock);
1199 fastrpc_context_put(ctx);
1202 if (err == -ERESTARTSYS) {
1203 list_for_each_entry_safe(buf, b, &fl->mmaps, node) {
1204 list_del(&buf->node);
1205 list_add_tail(&buf->node, &fl->cctx->invoke_interrupted_mmaps);
1210 dev_dbg(fl->sctx->dev, "Error: Invoke Failed %d\n", err);
1215 static bool is_session_rejected(struct fastrpc_user *fl, bool unsigned_pd_request)
1217 /* Check if the device node is non-secure and channel is secure*/
1218 if (!fl->is_secure_dev && fl->cctx->secure) {
1220 * Allow untrusted applications to offload only to Unsigned PD when
1221 * channel is configured as secure and block untrusted apps on channel
1222 * that does not support unsigned PD offload
1224 if (!fl->cctx->unsigned_support || !unsigned_pd_request) {
1225 dev_err(&fl->cctx->rpdev->dev, "Error: Untrusted application trying to offload to signed PD");
1233 static int fastrpc_init_create_static_process(struct fastrpc_user *fl,
1236 struct fastrpc_init_create_static init;
1237 struct fastrpc_invoke_args *args;
1238 struct fastrpc_phy_page pages[1];
1248 args = kcalloc(FASTRPC_CREATE_STATIC_PROCESS_NARGS, sizeof(*args), GFP_KERNEL);
1252 if (copy_from_user(&init, argp, sizeof(init))) {
1257 if (init.namelen > INIT_FILE_NAMELEN_MAX) {
1262 name = kzalloc(init.namelen, GFP_KERNEL);
1268 if (copy_from_user(name, (void __user *)(uintptr_t)init.name, init.namelen)) {
1273 if (!fl->cctx->remote_heap) {
1274 err = fastrpc_remote_heap_alloc(fl, fl->sctx->dev, init.memlen,
1275 &fl->cctx->remote_heap);
1279 /* Map if we have any heap VMIDs associated with this ADSP Static Process. */
1280 if (fl->cctx->vmcount) {
1281 err = qcom_scm_assign_mem(fl->cctx->remote_heap->phys,
1282 (u64)fl->cctx->remote_heap->size,
1284 fl->cctx->vmperms, fl->cctx->vmcount);
1286 dev_err(fl->sctx->dev, "Failed to assign memory with phys 0x%llx size 0x%llx err %d",
1287 fl->cctx->remote_heap->phys, fl->cctx->remote_heap->size, err);
1293 inbuf.pgid = fl->tgid;
1294 inbuf.namelen = init.namelen;
1298 args[0].ptr = (u64)(uintptr_t)&inbuf;
1299 args[0].length = sizeof(inbuf);
1302 args[1].ptr = (u64)(uintptr_t)name;
1303 args[1].length = inbuf.namelen;
1306 pages[0].addr = fl->cctx->remote_heap->phys;
1307 pages[0].size = fl->cctx->remote_heap->size;
1309 args[2].ptr = (u64)(uintptr_t) pages;
1310 args[2].length = sizeof(*pages);
1313 sc = FASTRPC_SCALARS(FASTRPC_RMID_INIT_CREATE_STATIC, 3, 0);
1315 err = fastrpc_internal_invoke(fl, true, FASTRPC_INIT_HANDLE,
1324 if (fl->cctx->vmcount) {
1325 struct qcom_scm_vmperm perm;
1327 perm.vmid = QCOM_SCM_VMID_HLOS;
1328 perm.perm = QCOM_SCM_PERM_RWX;
1329 err = qcom_scm_assign_mem(fl->cctx->remote_heap->phys,
1330 (u64)fl->cctx->remote_heap->size,
1331 &fl->cctx->perms, &perm, 1);
1333 dev_err(fl->sctx->dev, "Failed to assign memory phys 0x%llx size 0x%llx err %d",
1334 fl->cctx->remote_heap->phys, fl->cctx->remote_heap->size, err);
1337 fastrpc_buf_free(fl->cctx->remote_heap);
1346 static int fastrpc_init_create_process(struct fastrpc_user *fl,
1349 struct fastrpc_init_create init;
1350 struct fastrpc_invoke_args *args;
1351 struct fastrpc_phy_page pages[1];
1352 struct fastrpc_map *map = NULL;
1353 struct fastrpc_buf *imem = NULL;
1365 bool unsigned_module = false;
1367 args = kcalloc(FASTRPC_CREATE_PROCESS_NARGS, sizeof(*args), GFP_KERNEL);
1371 if (copy_from_user(&init, argp, sizeof(init))) {
1376 if (init.attrs & FASTRPC_MODE_UNSIGNED_MODULE)
1377 unsigned_module = true;
1379 if (is_session_rejected(fl, unsigned_module)) {
1380 err = -ECONNREFUSED;
1384 if (init.filelen > INIT_FILELEN_MAX) {
1389 inbuf.pgid = fl->tgid;
1390 inbuf.namelen = strlen(current->comm) + 1;
1391 inbuf.filelen = init.filelen;
1393 inbuf.attrs = init.attrs;
1394 inbuf.siglen = init.siglen;
1397 if (init.filelen && init.filefd) {
1398 err = fastrpc_map_create(fl, init.filefd, init.filelen, 0, &map);
1403 memlen = ALIGN(max(INIT_FILELEN_MAX, (int)init.filelen * 4),
1405 err = fastrpc_buf_alloc(fl, fl->sctx->dev, memlen,
1410 fl->init_mem = imem;
1411 args[0].ptr = (u64)(uintptr_t)&inbuf;
1412 args[0].length = sizeof(inbuf);
1415 args[1].ptr = (u64)(uintptr_t)current->comm;
1416 args[1].length = inbuf.namelen;
1419 args[2].ptr = (u64) init.file;
1420 args[2].length = inbuf.filelen;
1421 args[2].fd = init.filefd;
1423 pages[0].addr = imem->phys;
1424 pages[0].size = imem->size;
1426 args[3].ptr = (u64)(uintptr_t) pages;
1427 args[3].length = 1 * sizeof(*pages);
1430 args[4].ptr = (u64)(uintptr_t)&inbuf.attrs;
1431 args[4].length = sizeof(inbuf.attrs);
1434 args[5].ptr = (u64)(uintptr_t) &inbuf.siglen;
1435 args[5].length = sizeof(inbuf.siglen);
1438 sc = FASTRPC_SCALARS(FASTRPC_RMID_INIT_CREATE, 4, 0);
1440 sc = FASTRPC_SCALARS(FASTRPC_RMID_INIT_CREATE_ATTR, 6, 0);
1442 err = fastrpc_internal_invoke(fl, true, FASTRPC_INIT_HANDLE,
1452 fl->init_mem = NULL;
1453 fastrpc_buf_free(imem);
1455 fastrpc_map_put(map);
1462 static struct fastrpc_session_ctx *fastrpc_session_alloc(
1463 struct fastrpc_channel_ctx *cctx)
1465 struct fastrpc_session_ctx *session = NULL;
1466 unsigned long flags;
1469 spin_lock_irqsave(&cctx->lock, flags);
1470 for (i = 0; i < cctx->sesscount; i++) {
1471 if (!cctx->session[i].used && cctx->session[i].valid) {
1472 cctx->session[i].used = true;
1473 session = &cctx->session[i];
1477 spin_unlock_irqrestore(&cctx->lock, flags);
1482 static void fastrpc_session_free(struct fastrpc_channel_ctx *cctx,
1483 struct fastrpc_session_ctx *session)
1485 unsigned long flags;
1487 spin_lock_irqsave(&cctx->lock, flags);
1488 session->used = false;
1489 spin_unlock_irqrestore(&cctx->lock, flags);
1492 static int fastrpc_release_current_dsp_process(struct fastrpc_user *fl)
1494 struct fastrpc_invoke_args args[1];
1499 args[0].ptr = (u64)(uintptr_t) &tgid;
1500 args[0].length = sizeof(tgid);
1502 sc = FASTRPC_SCALARS(FASTRPC_RMID_INIT_RELEASE, 1, 0);
1504 return fastrpc_internal_invoke(fl, true, FASTRPC_INIT_HANDLE,
1508 static int fastrpc_device_release(struct inode *inode, struct file *file)
1510 struct fastrpc_user *fl = (struct fastrpc_user *)file->private_data;
1511 struct fastrpc_channel_ctx *cctx = fl->cctx;
1512 struct fastrpc_invoke_ctx *ctx, *n;
1513 struct fastrpc_map *map, *m;
1514 struct fastrpc_buf *buf, *b;
1515 unsigned long flags;
1517 fastrpc_release_current_dsp_process(fl);
1519 spin_lock_irqsave(&cctx->lock, flags);
1520 list_del(&fl->user);
1521 spin_unlock_irqrestore(&cctx->lock, flags);
1524 fastrpc_buf_free(fl->init_mem);
1526 list_for_each_entry_safe(ctx, n, &fl->pending, node) {
1527 list_del(&ctx->node);
1528 fastrpc_context_put(ctx);
1531 list_for_each_entry_safe(map, m, &fl->maps, node)
1532 fastrpc_map_put(map);
1534 list_for_each_entry_safe(buf, b, &fl->mmaps, node) {
1535 list_del(&buf->node);
1536 fastrpc_buf_free(buf);
1539 fastrpc_session_free(cctx, fl->sctx);
1540 fastrpc_channel_ctx_put(cctx);
1542 mutex_destroy(&fl->mutex);
1544 file->private_data = NULL;
1549 static int fastrpc_device_open(struct inode *inode, struct file *filp)
1551 struct fastrpc_channel_ctx *cctx;
1552 struct fastrpc_device *fdevice;
1553 struct fastrpc_user *fl = NULL;
1554 unsigned long flags;
1556 fdevice = miscdev_to_fdevice(filp->private_data);
1557 cctx = fdevice->cctx;
1559 fl = kzalloc(sizeof(*fl), GFP_KERNEL);
1563 /* Released in fastrpc_device_release() */
1564 fastrpc_channel_ctx_get(cctx);
1566 filp->private_data = fl;
1567 spin_lock_init(&fl->lock);
1568 mutex_init(&fl->mutex);
1569 INIT_LIST_HEAD(&fl->pending);
1570 INIT_LIST_HEAD(&fl->maps);
1571 INIT_LIST_HEAD(&fl->mmaps);
1572 INIT_LIST_HEAD(&fl->user);
1573 fl->tgid = current->tgid;
1575 fl->is_secure_dev = fdevice->secure;
1577 fl->sctx = fastrpc_session_alloc(cctx);
1579 dev_err(&cctx->rpdev->dev, "No session available\n");
1580 mutex_destroy(&fl->mutex);
1586 spin_lock_irqsave(&cctx->lock, flags);
1587 list_add_tail(&fl->user, &cctx->users);
1588 spin_unlock_irqrestore(&cctx->lock, flags);
1593 static int fastrpc_dmabuf_alloc(struct fastrpc_user *fl, char __user *argp)
1595 struct fastrpc_alloc_dma_buf bp;
1596 DEFINE_DMA_BUF_EXPORT_INFO(exp_info);
1597 struct fastrpc_buf *buf = NULL;
1600 if (copy_from_user(&bp, argp, sizeof(bp)))
1603 err = fastrpc_buf_alloc(fl, fl->sctx->dev, bp.size, &buf);
1606 exp_info.ops = &fastrpc_dma_buf_ops;
1607 exp_info.size = bp.size;
1608 exp_info.flags = O_RDWR;
1609 exp_info.priv = buf;
1610 buf->dmabuf = dma_buf_export(&exp_info);
1611 if (IS_ERR(buf->dmabuf)) {
1612 err = PTR_ERR(buf->dmabuf);
1613 fastrpc_buf_free(buf);
1617 bp.fd = dma_buf_fd(buf->dmabuf, O_ACCMODE);
1619 dma_buf_put(buf->dmabuf);
1623 if (copy_to_user(argp, &bp, sizeof(bp))) {
1625 * The usercopy failed, but we can't do much about it, as
1626 * dma_buf_fd() already called fd_install() and made the
1627 * file descriptor accessible for the current process. It
1628 * might already be closed and dmabuf no longer valid when
1629 * we reach this point. Therefore "leak" the fd and rely on
1630 * the process exit path to do any required cleanup.
1638 static int fastrpc_init_attach(struct fastrpc_user *fl, int pd)
1640 struct fastrpc_invoke_args args[1];
1641 int tgid = fl->tgid;
1644 args[0].ptr = (u64)(uintptr_t) &tgid;
1645 args[0].length = sizeof(tgid);
1647 sc = FASTRPC_SCALARS(FASTRPC_RMID_INIT_ATTACH, 1, 0);
1650 return fastrpc_internal_invoke(fl, true, FASTRPC_INIT_HANDLE,
1654 static int fastrpc_invoke(struct fastrpc_user *fl, char __user *argp)
1656 struct fastrpc_invoke_args *args = NULL;
1657 struct fastrpc_invoke inv;
1661 if (copy_from_user(&inv, argp, sizeof(inv)))
1664 /* nscalars is truncated here to max supported value */
1665 nscalars = REMOTE_SCALARS_LENGTH(inv.sc);
1667 args = kcalloc(nscalars, sizeof(*args), GFP_KERNEL);
1671 if (copy_from_user(args, (void __user *)(uintptr_t)inv.args,
1672 nscalars * sizeof(*args))) {
1678 err = fastrpc_internal_invoke(fl, false, inv.handle, inv.sc, args);
1684 static int fastrpc_get_info_from_dsp(struct fastrpc_user *fl, uint32_t *dsp_attr_buf,
1685 uint32_t dsp_attr_buf_len)
1687 struct fastrpc_invoke_args args[2] = { 0 };
1689 /* Capability filled in userspace */
1690 dsp_attr_buf[0] = 0;
1692 args[0].ptr = (u64)(uintptr_t)&dsp_attr_buf_len;
1693 args[0].length = sizeof(dsp_attr_buf_len);
1695 args[1].ptr = (u64)(uintptr_t)&dsp_attr_buf[1];
1696 args[1].length = dsp_attr_buf_len;
1700 return fastrpc_internal_invoke(fl, true, FASTRPC_DSP_UTILITIES_HANDLE,
1701 FASTRPC_SCALARS(0, 1, 1), args);
1704 static int fastrpc_get_info_from_kernel(struct fastrpc_ioctl_capability *cap,
1705 struct fastrpc_user *fl)
1707 struct fastrpc_channel_ctx *cctx = fl->cctx;
1708 uint32_t attribute_id = cap->attribute_id;
1709 uint32_t *dsp_attributes;
1710 unsigned long flags;
1711 uint32_t domain = cap->domain;
1714 spin_lock_irqsave(&cctx->lock, flags);
1715 /* check if we already have queried dsp for attributes */
1716 if (cctx->valid_attributes) {
1717 spin_unlock_irqrestore(&cctx->lock, flags);
1720 spin_unlock_irqrestore(&cctx->lock, flags);
1722 dsp_attributes = kzalloc(FASTRPC_MAX_DSP_ATTRIBUTES_LEN, GFP_KERNEL);
1723 if (!dsp_attributes)
1726 err = fastrpc_get_info_from_dsp(fl, dsp_attributes, FASTRPC_MAX_DSP_ATTRIBUTES_LEN);
1727 if (err == DSP_UNSUPPORTED_API) {
1728 dev_info(&cctx->rpdev->dev,
1729 "Warning: DSP capabilities not supported on domain: %d\n", domain);
1730 kfree(dsp_attributes);
1733 dev_err(&cctx->rpdev->dev, "Error: dsp information is incorrect err: %d\n", err);
1734 kfree(dsp_attributes);
1738 spin_lock_irqsave(&cctx->lock, flags);
1739 memcpy(cctx->dsp_attributes, dsp_attributes, FASTRPC_MAX_DSP_ATTRIBUTES_LEN);
1740 cctx->valid_attributes = true;
1741 spin_unlock_irqrestore(&cctx->lock, flags);
1742 kfree(dsp_attributes);
1744 cap->capability = cctx->dsp_attributes[attribute_id];
1748 static int fastrpc_get_dsp_info(struct fastrpc_user *fl, char __user *argp)
1750 struct fastrpc_ioctl_capability cap = {0};
1753 if (copy_from_user(&cap, argp, sizeof(cap)))
1757 if (cap.domain >= FASTRPC_DEV_MAX) {
1758 dev_err(&fl->cctx->rpdev->dev, "Error: Invalid domain id:%d, err:%d\n",
1763 /* Fastrpc Capablities does not support modem domain */
1764 if (cap.domain == MDSP_DOMAIN_ID) {
1765 dev_err(&fl->cctx->rpdev->dev, "Error: modem not supported %d\n", err);
1769 if (cap.attribute_id >= FASTRPC_MAX_DSP_ATTRIBUTES) {
1770 dev_err(&fl->cctx->rpdev->dev, "Error: invalid attribute: %d, err: %d\n",
1771 cap.attribute_id, err);
1775 err = fastrpc_get_info_from_kernel(&cap, fl);
1779 if (copy_to_user(argp, &cap.capability, sizeof(cap.capability)))
1785 static int fastrpc_req_munmap_impl(struct fastrpc_user *fl, struct fastrpc_buf *buf)
1787 struct fastrpc_invoke_args args[1] = { [0] = { 0 } };
1788 struct fastrpc_munmap_req_msg req_msg;
1789 struct device *dev = fl->sctx->dev;
1793 req_msg.pgid = fl->tgid;
1794 req_msg.size = buf->size;
1795 req_msg.vaddr = buf->raddr;
1797 args[0].ptr = (u64) (uintptr_t) &req_msg;
1798 args[0].length = sizeof(req_msg);
1800 sc = FASTRPC_SCALARS(FASTRPC_RMID_INIT_MUNMAP, 1, 0);
1801 err = fastrpc_internal_invoke(fl, true, FASTRPC_INIT_HANDLE, sc,
1804 dev_dbg(dev, "unmmap\tpt 0x%09lx OK\n", buf->raddr);
1805 spin_lock(&fl->lock);
1806 list_del(&buf->node);
1807 spin_unlock(&fl->lock);
1808 fastrpc_buf_free(buf);
1810 dev_err(dev, "unmmap\tpt 0x%09lx ERROR\n", buf->raddr);
1816 static int fastrpc_req_munmap(struct fastrpc_user *fl, char __user *argp)
1818 struct fastrpc_buf *buf = NULL, *iter, *b;
1819 struct fastrpc_req_munmap req;
1820 struct device *dev = fl->sctx->dev;
1822 if (copy_from_user(&req, argp, sizeof(req)))
1825 spin_lock(&fl->lock);
1826 list_for_each_entry_safe(iter, b, &fl->mmaps, node) {
1827 if ((iter->raddr == req.vaddrout) && (iter->size == req.size)) {
1832 spin_unlock(&fl->lock);
1835 dev_err(dev, "mmap\t\tpt 0x%09llx [len 0x%08llx] not in list\n",
1836 req.vaddrout, req.size);
1840 return fastrpc_req_munmap_impl(fl, buf);
1843 static int fastrpc_req_mmap(struct fastrpc_user *fl, char __user *argp)
1845 struct fastrpc_invoke_args args[3] = { [0 ... 2] = { 0 } };
1846 struct fastrpc_buf *buf = NULL;
1847 struct fastrpc_mmap_req_msg req_msg;
1848 struct fastrpc_mmap_rsp_msg rsp_msg;
1849 struct fastrpc_phy_page pages;
1850 struct fastrpc_req_mmap req;
1851 struct device *dev = fl->sctx->dev;
1855 if (copy_from_user(&req, argp, sizeof(req)))
1858 if (req.flags != ADSP_MMAP_ADD_PAGES && req.flags != ADSP_MMAP_REMOTE_HEAP_ADDR) {
1859 dev_err(dev, "flag not supported 0x%x\n", req.flags);
1865 dev_err(dev, "adding user allocated pages is not supported\n");
1869 err = fastrpc_buf_alloc(fl, fl->sctx->dev, req.size, &buf);
1871 dev_err(dev, "failed to allocate buffer\n");
1875 req_msg.pgid = fl->tgid;
1876 req_msg.flags = req.flags;
1877 req_msg.vaddr = req.vaddrin;
1878 req_msg.num = sizeof(pages);
1880 args[0].ptr = (u64) (uintptr_t) &req_msg;
1881 args[0].length = sizeof(req_msg);
1883 pages.addr = buf->phys;
1884 pages.size = buf->size;
1886 args[1].ptr = (u64) (uintptr_t) &pages;
1887 args[1].length = sizeof(pages);
1889 args[2].ptr = (u64) (uintptr_t) &rsp_msg;
1890 args[2].length = sizeof(rsp_msg);
1892 sc = FASTRPC_SCALARS(FASTRPC_RMID_INIT_MMAP, 2, 1);
1893 err = fastrpc_internal_invoke(fl, true, FASTRPC_INIT_HANDLE, sc,
1896 dev_err(dev, "mmap error (len 0x%08llx)\n", buf->size);
1900 /* update the buffer to be able to deallocate the memory on the DSP */
1901 buf->raddr = (uintptr_t) rsp_msg.vaddr;
1903 /* let the client know the address to use */
1904 req.vaddrout = rsp_msg.vaddr;
1906 /* Add memory to static PD pool, protection thru hypervisor */
1907 if (req.flags == ADSP_MMAP_REMOTE_HEAP_ADDR && fl->cctx->vmcount) {
1908 struct qcom_scm_vmperm perm;
1910 perm.vmid = QCOM_SCM_VMID_HLOS;
1911 perm.perm = QCOM_SCM_PERM_RWX;
1912 err = qcom_scm_assign_mem(buf->phys, buf->size,
1913 &fl->cctx->perms, &perm, 1);
1915 dev_err(fl->sctx->dev, "Failed to assign memory phys 0x%llx size 0x%llx err %d",
1916 buf->phys, buf->size, err);
1921 spin_lock(&fl->lock);
1922 list_add_tail(&buf->node, &fl->mmaps);
1923 spin_unlock(&fl->lock);
1925 if (copy_to_user((void __user *)argp, &req, sizeof(req))) {
1930 dev_dbg(dev, "mmap\t\tpt 0x%09lx OK [len 0x%08llx]\n",
1931 buf->raddr, buf->size);
1936 fastrpc_req_munmap_impl(fl, buf);
1938 fastrpc_buf_free(buf);
1943 static int fastrpc_req_mem_unmap_impl(struct fastrpc_user *fl, struct fastrpc_mem_unmap *req)
1945 struct fastrpc_invoke_args args[1] = { [0] = { 0 } };
1946 struct fastrpc_map *map = NULL, *iter, *m;
1947 struct fastrpc_mem_unmap_req_msg req_msg = { 0 };
1950 struct device *dev = fl->sctx->dev;
1952 spin_lock(&fl->lock);
1953 list_for_each_entry_safe(iter, m, &fl->maps, node) {
1954 if ((req->fd < 0 || iter->fd == req->fd) && (iter->raddr == req->vaddr)) {
1960 spin_unlock(&fl->lock);
1963 dev_err(dev, "map not in list\n");
1967 req_msg.pgid = fl->tgid;
1968 req_msg.len = map->len;
1969 req_msg.vaddrin = map->raddr;
1970 req_msg.fd = map->fd;
1972 args[0].ptr = (u64) (uintptr_t) &req_msg;
1973 args[0].length = sizeof(req_msg);
1975 sc = FASTRPC_SCALARS(FASTRPC_RMID_INIT_MEM_UNMAP, 1, 0);
1976 err = fastrpc_internal_invoke(fl, true, FASTRPC_INIT_HANDLE, sc,
1978 fastrpc_map_put(map);
1980 dev_err(dev, "unmmap\tpt fd = %d, 0x%09llx error\n", map->fd, map->raddr);
1985 static int fastrpc_req_mem_unmap(struct fastrpc_user *fl, char __user *argp)
1987 struct fastrpc_mem_unmap req;
1989 if (copy_from_user(&req, argp, sizeof(req)))
1992 return fastrpc_req_mem_unmap_impl(fl, &req);
1995 static int fastrpc_req_mem_map(struct fastrpc_user *fl, char __user *argp)
1997 struct fastrpc_invoke_args args[4] = { [0 ... 3] = { 0 } };
1998 struct fastrpc_mem_map_req_msg req_msg = { 0 };
1999 struct fastrpc_mmap_rsp_msg rsp_msg = { 0 };
2000 struct fastrpc_mem_unmap req_unmap = { 0 };
2001 struct fastrpc_phy_page pages = { 0 };
2002 struct fastrpc_mem_map req;
2003 struct device *dev = fl->sctx->dev;
2004 struct fastrpc_map *map = NULL;
2008 if (copy_from_user(&req, argp, sizeof(req)))
2011 /* create SMMU mapping */
2012 err = fastrpc_map_create(fl, req.fd, req.length, 0, &map);
2014 dev_err(dev, "failed to map buffer, fd = %d\n", req.fd);
2018 req_msg.pgid = fl->tgid;
2019 req_msg.fd = req.fd;
2020 req_msg.offset = req.offset;
2021 req_msg.vaddrin = req.vaddrin;
2022 map->va = (void *) (uintptr_t) req.vaddrin;
2023 req_msg.flags = req.flags;
2024 req_msg.num = sizeof(pages);
2025 req_msg.data_len = 0;
2027 args[0].ptr = (u64) (uintptr_t) &req_msg;
2028 args[0].length = sizeof(req_msg);
2030 pages.addr = map->phys;
2031 pages.size = map->size;
2033 args[1].ptr = (u64) (uintptr_t) &pages;
2034 args[1].length = sizeof(pages);
2036 args[2].ptr = (u64) (uintptr_t) &pages;
2039 args[3].ptr = (u64) (uintptr_t) &rsp_msg;
2040 args[3].length = sizeof(rsp_msg);
2042 sc = FASTRPC_SCALARS(FASTRPC_RMID_INIT_MEM_MAP, 3, 1);
2043 err = fastrpc_internal_invoke(fl, true, FASTRPC_INIT_HANDLE, sc, &args[0]);
2045 dev_err(dev, "mem mmap error, fd %d, vaddr %llx, size %lld\n",
2046 req.fd, req.vaddrin, map->size);
2050 /* update the buffer to be able to deallocate the memory on the DSP */
2051 map->raddr = rsp_msg.vaddr;
2053 /* let the client know the address to use */
2054 req.vaddrout = rsp_msg.vaddr;
2056 if (copy_to_user((void __user *)argp, &req, sizeof(req))) {
2057 /* unmap the memory and release the buffer */
2058 req_unmap.vaddr = (uintptr_t) rsp_msg.vaddr;
2059 req_unmap.length = map->size;
2060 fastrpc_req_mem_unmap_impl(fl, &req_unmap);
2067 fastrpc_map_put(map);
2072 static long fastrpc_device_ioctl(struct file *file, unsigned int cmd,
2075 struct fastrpc_user *fl = (struct fastrpc_user *)file->private_data;
2076 char __user *argp = (char __user *)arg;
2080 case FASTRPC_IOCTL_INVOKE:
2081 err = fastrpc_invoke(fl, argp);
2083 case FASTRPC_IOCTL_INIT_ATTACH:
2084 err = fastrpc_init_attach(fl, ROOT_PD);
2086 case FASTRPC_IOCTL_INIT_ATTACH_SNS:
2087 err = fastrpc_init_attach(fl, SENSORS_PD);
2089 case FASTRPC_IOCTL_INIT_CREATE_STATIC:
2090 err = fastrpc_init_create_static_process(fl, argp);
2092 case FASTRPC_IOCTL_INIT_CREATE:
2093 err = fastrpc_init_create_process(fl, argp);
2095 case FASTRPC_IOCTL_ALLOC_DMA_BUFF:
2096 err = fastrpc_dmabuf_alloc(fl, argp);
2098 case FASTRPC_IOCTL_MMAP:
2099 err = fastrpc_req_mmap(fl, argp);
2101 case FASTRPC_IOCTL_MUNMAP:
2102 err = fastrpc_req_munmap(fl, argp);
2104 case FASTRPC_IOCTL_MEM_MAP:
2105 err = fastrpc_req_mem_map(fl, argp);
2107 case FASTRPC_IOCTL_MEM_UNMAP:
2108 err = fastrpc_req_mem_unmap(fl, argp);
2110 case FASTRPC_IOCTL_GET_DSP_INFO:
2111 err = fastrpc_get_dsp_info(fl, argp);
2121 static const struct file_operations fastrpc_fops = {
2122 .open = fastrpc_device_open,
2123 .release = fastrpc_device_release,
2124 .unlocked_ioctl = fastrpc_device_ioctl,
2125 .compat_ioctl = fastrpc_device_ioctl,
2128 static int fastrpc_cb_probe(struct platform_device *pdev)
2130 struct fastrpc_channel_ctx *cctx;
2131 struct fastrpc_session_ctx *sess;
2132 struct device *dev = &pdev->dev;
2133 int i, sessions = 0;
2134 unsigned long flags;
2137 cctx = dev_get_drvdata(dev->parent);
2141 of_property_read_u32(dev->of_node, "qcom,nsessions", &sessions);
2143 spin_lock_irqsave(&cctx->lock, flags);
2144 if (cctx->sesscount >= FASTRPC_MAX_SESSIONS) {
2145 dev_err(&pdev->dev, "too many sessions\n");
2146 spin_unlock_irqrestore(&cctx->lock, flags);
2149 sess = &cctx->session[cctx->sesscount++];
2153 dev_set_drvdata(dev, sess);
2155 if (of_property_read_u32(dev->of_node, "reg", &sess->sid))
2156 dev_info(dev, "FastRPC Session ID not specified in DT\n");
2159 struct fastrpc_session_ctx *dup_sess;
2161 for (i = 1; i < sessions; i++) {
2162 if (cctx->sesscount >= FASTRPC_MAX_SESSIONS)
2164 dup_sess = &cctx->session[cctx->sesscount++];
2165 memcpy(dup_sess, sess, sizeof(*dup_sess));
2168 spin_unlock_irqrestore(&cctx->lock, flags);
2169 rc = dma_set_mask(dev, DMA_BIT_MASK(32));
2171 dev_err(dev, "32-bit DMA enable failed\n");
2178 static int fastrpc_cb_remove(struct platform_device *pdev)
2180 struct fastrpc_channel_ctx *cctx = dev_get_drvdata(pdev->dev.parent);
2181 struct fastrpc_session_ctx *sess = dev_get_drvdata(&pdev->dev);
2182 unsigned long flags;
2185 spin_lock_irqsave(&cctx->lock, flags);
2186 for (i = 1; i < FASTRPC_MAX_SESSIONS; i++) {
2187 if (cctx->session[i].sid == sess->sid) {
2188 cctx->session[i].valid = false;
2192 spin_unlock_irqrestore(&cctx->lock, flags);
2197 static const struct of_device_id fastrpc_match_table[] = {
2198 { .compatible = "qcom,fastrpc-compute-cb", },
2202 static struct platform_driver fastrpc_cb_driver = {
2203 .probe = fastrpc_cb_probe,
2204 .remove = fastrpc_cb_remove,
2206 .name = "qcom,fastrpc-cb",
2207 .of_match_table = fastrpc_match_table,
2208 .suppress_bind_attrs = true,
2212 static int fastrpc_device_register(struct device *dev, struct fastrpc_channel_ctx *cctx,
2213 bool is_secured, const char *domain)
2215 struct fastrpc_device *fdev;
2218 fdev = devm_kzalloc(dev, sizeof(*fdev), GFP_KERNEL);
2222 fdev->secure = is_secured;
2224 fdev->miscdev.minor = MISC_DYNAMIC_MINOR;
2225 fdev->miscdev.fops = &fastrpc_fops;
2226 fdev->miscdev.name = devm_kasprintf(dev, GFP_KERNEL, "fastrpc-%s%s",
2227 domain, is_secured ? "-secure" : "");
2228 err = misc_register(&fdev->miscdev);
2231 cctx->secure_fdevice = fdev;
2233 cctx->fdevice = fdev;
2239 static int fastrpc_rpmsg_probe(struct rpmsg_device *rpdev)
2241 struct device *rdev = &rpdev->dev;
2242 struct fastrpc_channel_ctx *data;
2243 int i, err, domain_id = -1, vmcount;
2246 unsigned int vmids[FASTRPC_MAX_VMIDS];
2248 err = of_property_read_string(rdev->of_node, "label", &domain);
2250 dev_info(rdev, "FastRPC Domain not specified in DT\n");
2254 for (i = 0; i <= CDSP_DOMAIN_ID; i++) {
2255 if (!strcmp(domains[i], domain)) {
2261 if (domain_id < 0) {
2262 dev_info(rdev, "FastRPC Invalid Domain ID %d\n", domain_id);
2266 if (of_reserved_mem_device_init_by_idx(rdev, rdev->of_node, 0))
2267 dev_info(rdev, "no reserved DMA memory for FASTRPC\n");
2269 vmcount = of_property_read_variable_u32_array(rdev->of_node,
2270 "qcom,vmids", &vmids[0], 0, FASTRPC_MAX_VMIDS);
2273 else if (!qcom_scm_is_available())
2274 return -EPROBE_DEFER;
2276 data = kzalloc(sizeof(*data), GFP_KERNEL);
2281 data->vmcount = vmcount;
2282 data->perms = BIT(QCOM_SCM_VMID_HLOS);
2283 for (i = 0; i < data->vmcount; i++) {
2284 data->vmperms[i].vmid = vmids[i];
2285 data->vmperms[i].perm = QCOM_SCM_PERM_RWX;
2289 secure_dsp = !(of_property_read_bool(rdev->of_node, "qcom,non-secure-domain"));
2290 data->secure = secure_dsp;
2292 switch (domain_id) {
2293 case ADSP_DOMAIN_ID:
2294 case MDSP_DOMAIN_ID:
2295 case SDSP_DOMAIN_ID:
2296 /* Unsigned PD offloading is only supported on CDSP*/
2297 data->unsigned_support = false;
2298 err = fastrpc_device_register(rdev, data, secure_dsp, domains[domain_id]);
2302 case CDSP_DOMAIN_ID:
2303 data->unsigned_support = true;
2304 /* Create both device nodes so that we can allow both Signed and Unsigned PD */
2305 err = fastrpc_device_register(rdev, data, true, domains[domain_id]);
2309 err = fastrpc_device_register(rdev, data, false, domains[domain_id]);
2318 kref_init(&data->refcount);
2320 dev_set_drvdata(&rpdev->dev, data);
2321 rdev->dma_mask = &data->dma_mask;
2322 dma_set_mask_and_coherent(rdev, DMA_BIT_MASK(32));
2323 INIT_LIST_HEAD(&data->users);
2324 INIT_LIST_HEAD(&data->invoke_interrupted_mmaps);
2325 spin_lock_init(&data->lock);
2326 idr_init(&data->ctx_idr);
2327 data->domain_id = domain_id;
2328 data->rpdev = rpdev;
2330 err = of_platform_populate(rdev->of_node, NULL, NULL, rdev);
2332 goto populate_error;
2338 misc_deregister(&data->fdevice->miscdev);
2339 if (data->secure_fdevice)
2340 misc_deregister(&data->secure_fdevice->miscdev);
2347 static void fastrpc_notify_users(struct fastrpc_user *user)
2349 struct fastrpc_invoke_ctx *ctx;
2351 spin_lock(&user->lock);
2352 list_for_each_entry(ctx, &user->pending, node) {
2353 ctx->retval = -EPIPE;
2354 complete(&ctx->work);
2356 spin_unlock(&user->lock);
2359 static void fastrpc_rpmsg_remove(struct rpmsg_device *rpdev)
2361 struct fastrpc_channel_ctx *cctx = dev_get_drvdata(&rpdev->dev);
2362 struct fastrpc_buf *buf, *b;
2363 struct fastrpc_user *user;
2364 unsigned long flags;
2366 /* No invocations past this point */
2367 spin_lock_irqsave(&cctx->lock, flags);
2369 list_for_each_entry(user, &cctx->users, user)
2370 fastrpc_notify_users(user);
2371 spin_unlock_irqrestore(&cctx->lock, flags);
2374 misc_deregister(&cctx->fdevice->miscdev);
2376 if (cctx->secure_fdevice)
2377 misc_deregister(&cctx->secure_fdevice->miscdev);
2379 list_for_each_entry_safe(buf, b, &cctx->invoke_interrupted_mmaps, node)
2380 list_del(&buf->node);
2382 if (cctx->remote_heap)
2383 fastrpc_buf_free(cctx->remote_heap);
2385 of_platform_depopulate(&rpdev->dev);
2387 fastrpc_channel_ctx_put(cctx);
2390 static int fastrpc_rpmsg_callback(struct rpmsg_device *rpdev, void *data,
2391 int len, void *priv, u32 addr)
2393 struct fastrpc_channel_ctx *cctx = dev_get_drvdata(&rpdev->dev);
2394 struct fastrpc_invoke_rsp *rsp = data;
2395 struct fastrpc_invoke_ctx *ctx;
2396 unsigned long flags;
2397 unsigned long ctxid;
2399 if (len < sizeof(*rsp))
2402 ctxid = ((rsp->ctx & FASTRPC_CTXID_MASK) >> 4);
2404 spin_lock_irqsave(&cctx->lock, flags);
2405 ctx = idr_find(&cctx->ctx_idr, ctxid);
2406 spin_unlock_irqrestore(&cctx->lock, flags);
2409 dev_err(&rpdev->dev, "No context ID matches response\n");
2413 ctx->retval = rsp->retval;
2414 complete(&ctx->work);
2417 * The DMA buffer associated with the context cannot be freed in
2418 * interrupt context so schedule it through a worker thread to
2419 * avoid a kernel BUG.
2421 schedule_work(&ctx->put_work);
2426 static const struct of_device_id fastrpc_rpmsg_of_match[] = {
2427 { .compatible = "qcom,fastrpc" },
2430 MODULE_DEVICE_TABLE(of, fastrpc_rpmsg_of_match);
2432 static struct rpmsg_driver fastrpc_driver = {
2433 .probe = fastrpc_rpmsg_probe,
2434 .remove = fastrpc_rpmsg_remove,
2435 .callback = fastrpc_rpmsg_callback,
2437 .name = "qcom,fastrpc",
2438 .of_match_table = fastrpc_rpmsg_of_match,
2442 static int fastrpc_init(void)
2446 ret = platform_driver_register(&fastrpc_cb_driver);
2448 pr_err("fastrpc: failed to register cb driver\n");
2452 ret = register_rpmsg_driver(&fastrpc_driver);
2454 pr_err("fastrpc: failed to register rpmsg driver\n");
2455 platform_driver_unregister(&fastrpc_cb_driver);
2461 module_init(fastrpc_init);
2463 static void fastrpc_exit(void)
2465 platform_driver_unregister(&fastrpc_cb_driver);
2466 unregister_rpmsg_driver(&fastrpc_driver);
2468 module_exit(fastrpc_exit);
2470 MODULE_LICENSE("GPL v2");
2471 MODULE_IMPORT_NS(DMA_BUF);
projects / platform / kernel / linux-starfive.git / blob