1 // SPDX-License-Identifier: GPL-2.0
2 // Copyright (c) 2011-2018, The Linux Foundation. All rights reserved.
3 // Copyright (c) 2018, Linaro Limited
5 #include <linux/completion.h>
6 #include <linux/device.h>
7 #include <linux/dma-buf.h>
8 #include <linux/dma-mapping.h>
10 #include <linux/list.h>
11 #include <linux/miscdevice.h>
12 #include <linux/module.h>
13 #include <linux/of_address.h>
15 #include <linux/sort.h>
16 #include <linux/of_platform.h>
17 #include <linux/rpmsg.h>
18 #include <linux/scatterlist.h>
19 #include <linux/slab.h>
20 #include <linux/qcom_scm.h>
21 #include <uapi/misc/fastrpc.h>
23 #define ADSP_DOMAIN_ID (0)
24 #define MDSP_DOMAIN_ID (1)
25 #define SDSP_DOMAIN_ID (2)
26 #define CDSP_DOMAIN_ID (3)
27 #define FASTRPC_DEV_MAX 4 /* adsp, mdsp, slpi, cdsp*/
28 #define FASTRPC_MAX_SESSIONS 13 /*12 compute, 1 cpz*/
29 #define FASTRPC_MAX_VMIDS 16
30 #define FASTRPC_ALIGN 128
31 #define FASTRPC_MAX_FDLIST 16
32 #define FASTRPC_MAX_CRCLIST 64
33 #define FASTRPC_PHYS(p) ((p) & 0xffffffff)
34 #define FASTRPC_CTX_MAX (256)
35 #define FASTRPC_INIT_HANDLE 1
36 #define FASTRPC_DSP_UTILITIES_HANDLE 2
37 #define FASTRPC_CTXID_MASK (0xFF0)
38 #define INIT_FILELEN_MAX (2 * 1024 * 1024)
39 #define FASTRPC_DEVICE_NAME "fastrpc"
40 #define ADSP_MMAP_ADD_PAGES 0x1000
41 #define DSP_UNSUPPORTED_API (0x80000414)
42 /* MAX NUMBER of DSP ATTRIBUTES SUPPORTED */
43 #define FASTRPC_MAX_DSP_ATTRIBUTES (256)
44 #define FASTRPC_MAX_DSP_ATTRIBUTES_LEN (sizeof(u32) * FASTRPC_MAX_DSP_ATTRIBUTES)
46 /* Retrives number of input buffers from the scalars parameter */
47 #define REMOTE_SCALARS_INBUFS(sc) (((sc) >> 16) & 0x0ff)
49 /* Retrives number of output buffers from the scalars parameter */
50 #define REMOTE_SCALARS_OUTBUFS(sc) (((sc) >> 8) & 0x0ff)
52 /* Retrives number of input handles from the scalars parameter */
53 #define REMOTE_SCALARS_INHANDLES(sc) (((sc) >> 4) & 0x0f)
55 /* Retrives number of output handles from the scalars parameter */
56 #define REMOTE_SCALARS_OUTHANDLES(sc) ((sc) & 0x0f)
58 #define REMOTE_SCALARS_LENGTH(sc) (REMOTE_SCALARS_INBUFS(sc) + \
59 REMOTE_SCALARS_OUTBUFS(sc) + \
60 REMOTE_SCALARS_INHANDLES(sc)+ \
61 REMOTE_SCALARS_OUTHANDLES(sc))
62 #define FASTRPC_BUILD_SCALARS(attr, method, in, out, oin, oout) \
63 (((attr & 0x07) << 29) | \
64 ((method & 0x1f) << 24) | \
65 ((in & 0xff) << 16) | \
66 ((out & 0xff) << 8) | \
67 ((oin & 0x0f) << 4) | \
70 #define FASTRPC_SCALARS(method, in, out) \
71 FASTRPC_BUILD_SCALARS(0, method, in, out, 0, 0)
73 #define FASTRPC_CREATE_PROCESS_NARGS 6
74 /* Remote Method id table */
75 #define FASTRPC_RMID_INIT_ATTACH 0
76 #define FASTRPC_RMID_INIT_RELEASE 1
77 #define FASTRPC_RMID_INIT_MMAP 4
78 #define FASTRPC_RMID_INIT_MUNMAP 5
79 #define FASTRPC_RMID_INIT_CREATE 6
80 #define FASTRPC_RMID_INIT_CREATE_ATTR 7
81 #define FASTRPC_RMID_INIT_CREATE_STATIC 8
82 #define FASTRPC_RMID_INIT_MEM_MAP 10
83 #define FASTRPC_RMID_INIT_MEM_UNMAP 11
85 /* Protection Domain(PD) ids */
86 #define AUDIO_PD (0) /* also GUEST_OS PD? */
88 #define SENSORS_PD (2)
90 #define miscdev_to_fdevice(d) container_of(d, struct fastrpc_device, miscdev)
92 static const char *domains[FASTRPC_DEV_MAX] = { "adsp", "mdsp",
94 struct fastrpc_phy_page {
95 u64 addr; /* physical address */
96 u64 size; /* size of contiguous region */
99 struct fastrpc_invoke_buf {
100 u32 num; /* number of contiguous regions */
101 u32 pgidx; /* index to start of contiguous region */
104 struct fastrpc_remote_dmahandle {
105 s32 fd; /* dma handle fd */
106 u32 offset; /* dma handle offset */
107 u32 len; /* dma handle length */
110 struct fastrpc_remote_buf {
111 u64 pv; /* buffer pointer */
112 u64 len; /* length of buffer */
115 union fastrpc_remote_arg {
116 struct fastrpc_remote_buf buf;
117 struct fastrpc_remote_dmahandle dma;
120 struct fastrpc_mmap_rsp_msg {
124 struct fastrpc_mmap_req_msg {
131 struct fastrpc_mem_map_req_msg {
141 struct fastrpc_munmap_req_msg {
147 struct fastrpc_mem_unmap_req_msg {
155 int pid; /* process group id */
156 int tid; /* thread id */
157 u64 ctx; /* invoke caller context */
158 u32 handle; /* handle to invoke */
159 u32 sc; /* scalars structure describing the data */
160 u64 addr; /* physical address */
161 u64 size; /* size of contiguous region */
164 struct fastrpc_invoke_rsp {
165 u64 ctx; /* invoke caller context */
166 int retval; /* invoke return value */
169 struct fastrpc_buf_overlap {
179 struct fastrpc_user *fl;
180 struct dma_buf *dmabuf;
185 /* Lock for dma buf attachments */
187 struct list_head attachments;
189 struct list_head node; /* list of user requested mmaps */
193 struct fastrpc_dma_buf_attachment {
196 struct list_head node;
200 struct list_head node;
201 struct fastrpc_user *fl;
204 struct sg_table *table;
205 struct dma_buf_attachment *attach;
212 struct kref refcount;
215 struct fastrpc_invoke_ctx {
225 struct kref refcount;
226 struct list_head node; /* list of ctxs */
227 struct completion work;
228 struct work_struct put_work;
229 struct fastrpc_msg msg;
230 struct fastrpc_user *fl;
231 union fastrpc_remote_arg *rpra;
232 struct fastrpc_map **maps;
233 struct fastrpc_buf *buf;
234 struct fastrpc_invoke_args *args;
235 struct fastrpc_buf_overlap *olaps;
236 struct fastrpc_channel_ctx *cctx;
239 struct fastrpc_session_ctx {
246 struct fastrpc_channel_ctx {
251 struct qcom_scm_vmperm vmperms[FASTRPC_MAX_VMIDS];
252 struct rpmsg_device *rpdev;
253 struct fastrpc_session_ctx session[FASTRPC_MAX_SESSIONS];
256 struct list_head users;
257 struct kref refcount;
258 /* Flag if dsp attributes are cached */
259 bool valid_attributes;
260 u32 dsp_attributes[FASTRPC_MAX_DSP_ATTRIBUTES];
261 struct fastrpc_device *secure_fdevice;
262 struct fastrpc_device *fdevice;
264 bool unsigned_support;
267 struct fastrpc_device {
268 struct fastrpc_channel_ctx *cctx;
269 struct miscdevice miscdev;
273 struct fastrpc_user {
274 struct list_head user;
275 struct list_head maps;
276 struct list_head pending;
277 struct list_head mmaps;
279 struct fastrpc_channel_ctx *cctx;
280 struct fastrpc_session_ctx *sctx;
281 struct fastrpc_buf *init_mem;
288 /* lock for allocations */
292 static void fastrpc_free_map(struct kref *ref)
294 struct fastrpc_map *map;
296 map = container_of(ref, struct fastrpc_map, refcount);
299 if (map->attr & FASTRPC_ATTR_SECUREMAP) {
300 struct qcom_scm_vmperm perm;
303 perm.vmid = QCOM_SCM_VMID_HLOS;
304 perm.perm = QCOM_SCM_PERM_RWX;
305 err = qcom_scm_assign_mem(map->phys, map->size,
306 &(map->fl->cctx->vmperms[0].vmid), &perm, 1);
308 dev_err(map->fl->sctx->dev, "Failed to assign memory phys 0x%llx size 0x%llx err %d",
309 map->phys, map->size, err);
313 dma_buf_unmap_attachment(map->attach, map->table,
315 dma_buf_detach(map->buf, map->attach);
316 dma_buf_put(map->buf);
322 static void fastrpc_map_put(struct fastrpc_map *map)
325 kref_put(&map->refcount, fastrpc_free_map);
328 static void fastrpc_map_get(struct fastrpc_map *map)
331 kref_get(&map->refcount);
335 static int fastrpc_map_lookup(struct fastrpc_user *fl, int fd,
336 struct fastrpc_map **ppmap)
338 struct fastrpc_map *map = NULL;
340 mutex_lock(&fl->mutex);
341 list_for_each_entry(map, &fl->maps, node) {
344 mutex_unlock(&fl->mutex);
348 mutex_unlock(&fl->mutex);
353 static int fastrpc_map_find(struct fastrpc_user *fl, int fd,
354 struct fastrpc_map **ppmap)
356 int ret = fastrpc_map_lookup(fl, fd, ppmap);
359 fastrpc_map_get(*ppmap);
364 static void fastrpc_buf_free(struct fastrpc_buf *buf)
366 dma_free_coherent(buf->dev, buf->size, buf->virt,
367 FASTRPC_PHYS(buf->phys));
371 static int fastrpc_buf_alloc(struct fastrpc_user *fl, struct device *dev,
372 u64 size, struct fastrpc_buf **obuf)
374 struct fastrpc_buf *buf;
376 buf = kzalloc(sizeof(*buf), GFP_KERNEL);
380 INIT_LIST_HEAD(&buf->attachments);
381 INIT_LIST_HEAD(&buf->node);
382 mutex_init(&buf->lock);
391 buf->virt = dma_alloc_coherent(dev, buf->size, (dma_addr_t *)&buf->phys,
394 mutex_destroy(&buf->lock);
399 if (fl->sctx && fl->sctx->sid)
400 buf->phys += ((u64)fl->sctx->sid << 32);
407 static void fastrpc_channel_ctx_free(struct kref *ref)
409 struct fastrpc_channel_ctx *cctx;
411 cctx = container_of(ref, struct fastrpc_channel_ctx, refcount);
416 static void fastrpc_channel_ctx_get(struct fastrpc_channel_ctx *cctx)
418 kref_get(&cctx->refcount);
421 static void fastrpc_channel_ctx_put(struct fastrpc_channel_ctx *cctx)
423 kref_put(&cctx->refcount, fastrpc_channel_ctx_free);
426 static void fastrpc_context_free(struct kref *ref)
428 struct fastrpc_invoke_ctx *ctx;
429 struct fastrpc_channel_ctx *cctx;
433 ctx = container_of(ref, struct fastrpc_invoke_ctx, refcount);
436 for (i = 0; i < ctx->nbufs; i++)
437 fastrpc_map_put(ctx->maps[i]);
440 fastrpc_buf_free(ctx->buf);
442 spin_lock_irqsave(&cctx->lock, flags);
443 idr_remove(&cctx->ctx_idr, ctx->ctxid >> 4);
444 spin_unlock_irqrestore(&cctx->lock, flags);
450 fastrpc_channel_ctx_put(cctx);
453 static void fastrpc_context_get(struct fastrpc_invoke_ctx *ctx)
455 kref_get(&ctx->refcount);
458 static void fastrpc_context_put(struct fastrpc_invoke_ctx *ctx)
460 kref_put(&ctx->refcount, fastrpc_context_free);
463 static void fastrpc_context_put_wq(struct work_struct *work)
465 struct fastrpc_invoke_ctx *ctx =
466 container_of(work, struct fastrpc_invoke_ctx, put_work);
468 fastrpc_context_put(ctx);
471 #define CMP(aa, bb) ((aa) == (bb) ? 0 : (aa) < (bb) ? -1 : 1)
472 static int olaps_cmp(const void *a, const void *b)
474 struct fastrpc_buf_overlap *pa = (struct fastrpc_buf_overlap *)a;
475 struct fastrpc_buf_overlap *pb = (struct fastrpc_buf_overlap *)b;
476 /* sort with lowest starting buffer first */
477 int st = CMP(pa->start, pb->start);
478 /* sort with highest ending buffer first */
479 int ed = CMP(pb->end, pa->end);
481 return st == 0 ? ed : st;
484 static void fastrpc_get_buff_overlaps(struct fastrpc_invoke_ctx *ctx)
489 for (i = 0; i < ctx->nbufs; ++i) {
490 ctx->olaps[i].start = ctx->args[i].ptr;
491 ctx->olaps[i].end = ctx->olaps[i].start + ctx->args[i].length;
492 ctx->olaps[i].raix = i;
495 sort(ctx->olaps, ctx->nbufs, sizeof(*ctx->olaps), olaps_cmp, NULL);
497 for (i = 0; i < ctx->nbufs; ++i) {
498 /* Falling inside previous range */
499 if (ctx->olaps[i].start < max_end) {
500 ctx->olaps[i].mstart = max_end;
501 ctx->olaps[i].mend = ctx->olaps[i].end;
502 ctx->olaps[i].offset = max_end - ctx->olaps[i].start;
504 if (ctx->olaps[i].end > max_end) {
505 max_end = ctx->olaps[i].end;
507 ctx->olaps[i].mend = 0;
508 ctx->olaps[i].mstart = 0;
512 ctx->olaps[i].mend = ctx->olaps[i].end;
513 ctx->olaps[i].mstart = ctx->olaps[i].start;
514 ctx->olaps[i].offset = 0;
515 max_end = ctx->olaps[i].end;
520 static struct fastrpc_invoke_ctx *fastrpc_context_alloc(
521 struct fastrpc_user *user, u32 kernel, u32 sc,
522 struct fastrpc_invoke_args *args)
524 struct fastrpc_channel_ctx *cctx = user->cctx;
525 struct fastrpc_invoke_ctx *ctx = NULL;
529 ctx = kzalloc(sizeof(*ctx), GFP_KERNEL);
531 return ERR_PTR(-ENOMEM);
533 INIT_LIST_HEAD(&ctx->node);
535 ctx->nscalars = REMOTE_SCALARS_LENGTH(sc);
536 ctx->nbufs = REMOTE_SCALARS_INBUFS(sc) +
537 REMOTE_SCALARS_OUTBUFS(sc);
540 ctx->maps = kcalloc(ctx->nscalars,
541 sizeof(*ctx->maps), GFP_KERNEL);
544 return ERR_PTR(-ENOMEM);
546 ctx->olaps = kcalloc(ctx->nscalars,
547 sizeof(*ctx->olaps), GFP_KERNEL);
551 return ERR_PTR(-ENOMEM);
554 fastrpc_get_buff_overlaps(ctx);
557 /* Released in fastrpc_context_put() */
558 fastrpc_channel_ctx_get(cctx);
562 ctx->pid = current->pid;
563 ctx->tgid = user->tgid;
565 init_completion(&ctx->work);
566 INIT_WORK(&ctx->put_work, fastrpc_context_put_wq);
568 spin_lock(&user->lock);
569 list_add_tail(&ctx->node, &user->pending);
570 spin_unlock(&user->lock);
572 spin_lock_irqsave(&cctx->lock, flags);
573 ret = idr_alloc_cyclic(&cctx->ctx_idr, ctx, 1,
574 FASTRPC_CTX_MAX, GFP_ATOMIC);
576 spin_unlock_irqrestore(&cctx->lock, flags);
579 ctx->ctxid = ret << 4;
580 spin_unlock_irqrestore(&cctx->lock, flags);
582 kref_init(&ctx->refcount);
586 spin_lock(&user->lock);
587 list_del(&ctx->node);
588 spin_unlock(&user->lock);
589 fastrpc_channel_ctx_put(cctx);
597 static struct sg_table *
598 fastrpc_map_dma_buf(struct dma_buf_attachment *attachment,
599 enum dma_data_direction dir)
601 struct fastrpc_dma_buf_attachment *a = attachment->priv;
602 struct sg_table *table;
607 ret = dma_map_sgtable(attachment->dev, table, dir, 0);
609 table = ERR_PTR(ret);
613 static void fastrpc_unmap_dma_buf(struct dma_buf_attachment *attach,
614 struct sg_table *table,
615 enum dma_data_direction dir)
617 dma_unmap_sgtable(attach->dev, table, dir, 0);
620 static void fastrpc_release(struct dma_buf *dmabuf)
622 struct fastrpc_buf *buffer = dmabuf->priv;
624 fastrpc_buf_free(buffer);
627 static int fastrpc_dma_buf_attach(struct dma_buf *dmabuf,
628 struct dma_buf_attachment *attachment)
630 struct fastrpc_dma_buf_attachment *a;
631 struct fastrpc_buf *buffer = dmabuf->priv;
634 a = kzalloc(sizeof(*a), GFP_KERNEL);
638 ret = dma_get_sgtable(buffer->dev, &a->sgt, buffer->virt,
639 FASTRPC_PHYS(buffer->phys), buffer->size);
641 dev_err(buffer->dev, "failed to get scatterlist from DMA API\n");
646 a->dev = attachment->dev;
647 INIT_LIST_HEAD(&a->node);
648 attachment->priv = a;
650 mutex_lock(&buffer->lock);
651 list_add(&a->node, &buffer->attachments);
652 mutex_unlock(&buffer->lock);
657 static void fastrpc_dma_buf_detatch(struct dma_buf *dmabuf,
658 struct dma_buf_attachment *attachment)
660 struct fastrpc_dma_buf_attachment *a = attachment->priv;
661 struct fastrpc_buf *buffer = dmabuf->priv;
663 mutex_lock(&buffer->lock);
665 mutex_unlock(&buffer->lock);
666 sg_free_table(&a->sgt);
670 static int fastrpc_vmap(struct dma_buf *dmabuf, struct iosys_map *map)
672 struct fastrpc_buf *buf = dmabuf->priv;
674 iosys_map_set_vaddr(map, buf->virt);
679 static int fastrpc_mmap(struct dma_buf *dmabuf,
680 struct vm_area_struct *vma)
682 struct fastrpc_buf *buf = dmabuf->priv;
683 size_t size = vma->vm_end - vma->vm_start;
685 return dma_mmap_coherent(buf->dev, vma, buf->virt,
686 FASTRPC_PHYS(buf->phys), size);
689 static const struct dma_buf_ops fastrpc_dma_buf_ops = {
690 .attach = fastrpc_dma_buf_attach,
691 .detach = fastrpc_dma_buf_detatch,
692 .map_dma_buf = fastrpc_map_dma_buf,
693 .unmap_dma_buf = fastrpc_unmap_dma_buf,
694 .mmap = fastrpc_mmap,
695 .vmap = fastrpc_vmap,
696 .release = fastrpc_release,
699 static int fastrpc_map_create(struct fastrpc_user *fl, int fd,
700 u64 len, u32 attr, struct fastrpc_map **ppmap)
702 struct fastrpc_session_ctx *sess = fl->sctx;
703 struct fastrpc_map *map = NULL;
706 if (!fastrpc_map_find(fl, fd, ppmap))
709 map = kzalloc(sizeof(*map), GFP_KERNEL);
713 INIT_LIST_HEAD(&map->node);
716 map->buf = dma_buf_get(fd);
717 if (IS_ERR(map->buf)) {
718 err = PTR_ERR(map->buf);
722 map->attach = dma_buf_attach(map->buf, sess->dev);
723 if (IS_ERR(map->attach)) {
724 dev_err(sess->dev, "Failed to attach dmabuf\n");
725 err = PTR_ERR(map->attach);
729 map->table = dma_buf_map_attachment(map->attach, DMA_BIDIRECTIONAL);
730 if (IS_ERR(map->table)) {
731 err = PTR_ERR(map->table);
735 map->phys = sg_dma_address(map->table->sgl);
736 map->phys += ((u64)fl->sctx->sid << 32);
738 map->va = sg_virt(map->table->sgl);
740 kref_init(&map->refcount);
742 if (attr & FASTRPC_ATTR_SECUREMAP) {
744 * If subsystem VMIDs are defined in DTSI, then do
745 * hyp_assign from HLOS to those VM(s)
747 unsigned int perms = BIT(QCOM_SCM_VMID_HLOS);
750 err = qcom_scm_assign_mem(map->phys, (u64)map->size, &perms,
751 fl->cctx->vmperms, fl->cctx->vmcount);
753 dev_err(sess->dev, "Failed to assign memory with phys 0x%llx size 0x%llx err %d",
754 map->phys, map->size, err);
758 spin_lock(&fl->lock);
759 list_add_tail(&map->node, &fl->maps);
760 spin_unlock(&fl->lock);
766 dma_buf_detach(map->buf, map->attach);
768 dma_buf_put(map->buf);
776 * Fastrpc payload buffer with metadata looks like:
778 * >>>>>> START of METADATA <<<<<<<<<
779 * +---------------------------------+
781 * | type:(union fastrpc_remote_arg)|
783 * +---------------------------------+
784 * | Invoke Buffer list |
785 * | type:(struct fastrpc_invoke_buf)|
787 * +---------------------------------+
789 * | type:(struct fastrpc_phy_page) |
791 * +---------------------------------+
793 * |(can be specific to SoC/Firmware)|
794 * +---------------------------------+
795 * >>>>>>>> END of METADATA <<<<<<<<<
796 * +---------------------------------+
799 * +---------------------------------+
802 static int fastrpc_get_meta_size(struct fastrpc_invoke_ctx *ctx)
806 size = (sizeof(struct fastrpc_remote_buf) +
807 sizeof(struct fastrpc_invoke_buf) +
808 sizeof(struct fastrpc_phy_page)) * ctx->nscalars +
809 sizeof(u64) * FASTRPC_MAX_FDLIST +
810 sizeof(u32) * FASTRPC_MAX_CRCLIST;
815 static u64 fastrpc_get_payload_size(struct fastrpc_invoke_ctx *ctx, int metalen)
820 size = ALIGN(metalen, FASTRPC_ALIGN);
821 for (oix = 0; oix < ctx->nbufs; oix++) {
822 int i = ctx->olaps[oix].raix;
824 if (ctx->args[i].fd == 0 || ctx->args[i].fd == -1) {
826 if (ctx->olaps[oix].offset == 0)
827 size = ALIGN(size, FASTRPC_ALIGN);
829 size += (ctx->olaps[oix].mend - ctx->olaps[oix].mstart);
836 static int fastrpc_create_maps(struct fastrpc_invoke_ctx *ctx)
838 struct device *dev = ctx->fl->sctx->dev;
841 for (i = 0; i < ctx->nscalars; ++i) {
843 if (ctx->args[i].fd == 0 || ctx->args[i].fd == -1 ||
844 ctx->args[i].length == 0)
847 err = fastrpc_map_create(ctx->fl, ctx->args[i].fd,
848 ctx->args[i].length, ctx->args[i].attr, &ctx->maps[i]);
850 dev_err(dev, "Error Creating map %d\n", err);
858 static struct fastrpc_invoke_buf *fastrpc_invoke_buf_start(union fastrpc_remote_arg *pra, int len)
860 return (struct fastrpc_invoke_buf *)(&pra[len]);
863 static struct fastrpc_phy_page *fastrpc_phy_page_start(struct fastrpc_invoke_buf *buf, int len)
865 return (struct fastrpc_phy_page *)(&buf[len]);
868 static int fastrpc_get_args(u32 kernel, struct fastrpc_invoke_ctx *ctx)
870 struct device *dev = ctx->fl->sctx->dev;
871 union fastrpc_remote_arg *rpra;
872 struct fastrpc_invoke_buf *list;
873 struct fastrpc_phy_page *pages;
874 int inbufs, i, oix, err = 0;
875 u64 len, rlen, pkt_size;
876 u64 pg_start, pg_end;
880 inbufs = REMOTE_SCALARS_INBUFS(ctx->sc);
881 metalen = fastrpc_get_meta_size(ctx);
882 pkt_size = fastrpc_get_payload_size(ctx, metalen);
884 err = fastrpc_create_maps(ctx);
888 ctx->msg_sz = pkt_size;
890 err = fastrpc_buf_alloc(ctx->fl, dev, pkt_size, &ctx->buf);
894 rpra = ctx->buf->virt;
895 list = fastrpc_invoke_buf_start(rpra, ctx->nscalars);
896 pages = fastrpc_phy_page_start(list, ctx->nscalars);
897 args = (uintptr_t)ctx->buf->virt + metalen;
898 rlen = pkt_size - metalen;
901 for (oix = 0; oix < ctx->nbufs; ++oix) {
904 i = ctx->olaps[oix].raix;
905 len = ctx->args[i].length;
908 rpra[i].buf.len = len;
909 list[i].num = len ? 1 : 0;
916 struct vm_area_struct *vma = NULL;
918 rpra[i].buf.pv = (u64) ctx->args[i].ptr;
919 pages[i].addr = ctx->maps[i]->phys;
921 mmap_read_lock(current->mm);
922 vma = find_vma(current->mm, ctx->args[i].ptr);
924 pages[i].addr += ctx->args[i].ptr -
926 mmap_read_unlock(current->mm);
928 pg_start = (ctx->args[i].ptr & PAGE_MASK) >> PAGE_SHIFT;
929 pg_end = ((ctx->args[i].ptr + len - 1) & PAGE_MASK) >>
931 pages[i].size = (pg_end - pg_start + 1) * PAGE_SIZE;
935 if (ctx->olaps[oix].offset == 0) {
936 rlen -= ALIGN(args, FASTRPC_ALIGN) - args;
937 args = ALIGN(args, FASTRPC_ALIGN);
940 mlen = ctx->olaps[oix].mend - ctx->olaps[oix].mstart;
945 rpra[i].buf.pv = args - ctx->olaps[oix].offset;
946 pages[i].addr = ctx->buf->phys -
947 ctx->olaps[oix].offset +
949 pages[i].addr = pages[i].addr & PAGE_MASK;
951 pg_start = (args & PAGE_MASK) >> PAGE_SHIFT;
952 pg_end = ((args + len - 1) & PAGE_MASK) >> PAGE_SHIFT;
953 pages[i].size = (pg_end - pg_start + 1) * PAGE_SIZE;
958 if (i < inbufs && !ctx->maps[i]) {
959 void *dst = (void *)(uintptr_t)rpra[i].buf.pv;
960 void *src = (void *)(uintptr_t)ctx->args[i].ptr;
963 if (copy_from_user(dst, (void __user *)src,
969 memcpy(dst, src, len);
974 for (i = ctx->nbufs; i < ctx->nscalars; ++i) {
975 list[i].num = ctx->args[i].length ? 1 : 0;
978 pages[i].addr = ctx->maps[i]->phys;
979 pages[i].size = ctx->maps[i]->size;
981 rpra[i].dma.fd = ctx->args[i].fd;
982 rpra[i].dma.len = ctx->args[i].length;
983 rpra[i].dma.offset = (u64) ctx->args[i].ptr;
988 dev_err(dev, "Error: get invoke args failed:%d\n", err);
993 static int fastrpc_put_args(struct fastrpc_invoke_ctx *ctx,
996 union fastrpc_remote_arg *rpra = ctx->rpra;
997 struct fastrpc_user *fl = ctx->fl;
998 struct fastrpc_map *mmap = NULL;
999 struct fastrpc_invoke_buf *list;
1000 struct fastrpc_phy_page *pages;
1002 int i, inbufs, outbufs, handles;
1004 inbufs = REMOTE_SCALARS_INBUFS(ctx->sc);
1005 outbufs = REMOTE_SCALARS_OUTBUFS(ctx->sc);
1006 handles = REMOTE_SCALARS_INHANDLES(ctx->sc) + REMOTE_SCALARS_OUTHANDLES(ctx->sc);
1007 list = fastrpc_invoke_buf_start(rpra, ctx->nscalars);
1008 pages = fastrpc_phy_page_start(list, ctx->nscalars);
1009 fdlist = (uint64_t *)(pages + inbufs + outbufs + handles);
1011 for (i = inbufs; i < ctx->nbufs; ++i) {
1012 if (!ctx->maps[i]) {
1013 void *src = (void *)(uintptr_t)rpra[i].buf.pv;
1014 void *dst = (void *)(uintptr_t)ctx->args[i].ptr;
1015 u64 len = rpra[i].buf.len;
1018 if (copy_to_user((void __user *)dst, src, len))
1021 memcpy(dst, src, len);
1026 for (i = 0; i < FASTRPC_MAX_FDLIST; i++) {
1029 if (!fastrpc_map_lookup(fl, (int)fdlist[i], &mmap))
1030 fastrpc_map_put(mmap);
1036 static int fastrpc_invoke_send(struct fastrpc_session_ctx *sctx,
1037 struct fastrpc_invoke_ctx *ctx,
1038 u32 kernel, uint32_t handle)
1040 struct fastrpc_channel_ctx *cctx;
1041 struct fastrpc_user *fl = ctx->fl;
1042 struct fastrpc_msg *msg = &ctx->msg;
1046 msg->pid = fl->tgid;
1047 msg->tid = current->pid;
1052 msg->ctx = ctx->ctxid | fl->pd;
1053 msg->handle = handle;
1055 msg->addr = ctx->buf ? ctx->buf->phys : 0;
1056 msg->size = roundup(ctx->msg_sz, PAGE_SIZE);
1057 fastrpc_context_get(ctx);
1059 ret = rpmsg_send(cctx->rpdev->ept, (void *)msg, sizeof(*msg));
1062 fastrpc_context_put(ctx);
1068 static int fastrpc_internal_invoke(struct fastrpc_user *fl, u32 kernel,
1070 struct fastrpc_invoke_args *args)
1072 struct fastrpc_invoke_ctx *ctx = NULL;
1078 if (!fl->cctx->rpdev)
1081 if (handle == FASTRPC_INIT_HANDLE && !kernel) {
1082 dev_warn_ratelimited(fl->sctx->dev, "user app trying to send a kernel RPC message (%d)\n", handle);
1086 ctx = fastrpc_context_alloc(fl, kernel, sc, args);
1088 return PTR_ERR(ctx);
1090 if (ctx->nscalars) {
1091 err = fastrpc_get_args(kernel, ctx);
1096 /* make sure that all CPU memory writes are seen by DSP */
1098 /* Send invoke buffer to remote dsp */
1099 err = fastrpc_invoke_send(fl->sctx, ctx, kernel, handle);
1104 if (!wait_for_completion_timeout(&ctx->work, 10 * HZ))
1107 err = wait_for_completion_interruptible(&ctx->work);
1113 /* Check the response from remote dsp */
1118 if (ctx->nscalars) {
1119 /* make sure that all memory writes by DSP are seen by CPU */
1121 /* populate all the output buffers with results */
1122 err = fastrpc_put_args(ctx, kernel);
1128 if (err != -ERESTARTSYS && err != -ETIMEDOUT) {
1129 /* We are done with this compute context */
1130 spin_lock(&fl->lock);
1131 list_del(&ctx->node);
1132 spin_unlock(&fl->lock);
1133 fastrpc_context_put(ctx);
1136 dev_dbg(fl->sctx->dev, "Error: Invoke Failed %d\n", err);
1141 static bool is_session_rejected(struct fastrpc_user *fl, bool unsigned_pd_request)
1143 /* Check if the device node is non-secure and channel is secure*/
1144 if (!fl->is_secure_dev && fl->cctx->secure) {
1146 * Allow untrusted applications to offload only to Unsigned PD when
1147 * channel is configured as secure and block untrusted apps on channel
1148 * that does not support unsigned PD offload
1150 if (!fl->cctx->unsigned_support || !unsigned_pd_request) {
1151 dev_err(&fl->cctx->rpdev->dev, "Error: Untrusted application trying to offload to signed PD");
1159 static int fastrpc_init_create_process(struct fastrpc_user *fl,
1162 struct fastrpc_init_create init;
1163 struct fastrpc_invoke_args *args;
1164 struct fastrpc_phy_page pages[1];
1165 struct fastrpc_map *map = NULL;
1166 struct fastrpc_buf *imem = NULL;
1178 bool unsigned_module = false;
1180 args = kcalloc(FASTRPC_CREATE_PROCESS_NARGS, sizeof(*args), GFP_KERNEL);
1184 if (copy_from_user(&init, argp, sizeof(init))) {
1189 if (init.attrs & FASTRPC_MODE_UNSIGNED_MODULE)
1190 unsigned_module = true;
1192 if (is_session_rejected(fl, unsigned_module)) {
1193 err = -ECONNREFUSED;
1197 if (init.filelen > INIT_FILELEN_MAX) {
1202 inbuf.pgid = fl->tgid;
1203 inbuf.namelen = strlen(current->comm) + 1;
1204 inbuf.filelen = init.filelen;
1206 inbuf.attrs = init.attrs;
1207 inbuf.siglen = init.siglen;
1210 if (init.filelen && init.filefd) {
1211 err = fastrpc_map_create(fl, init.filefd, init.filelen, 0, &map);
1216 memlen = ALIGN(max(INIT_FILELEN_MAX, (int)init.filelen * 4),
1218 err = fastrpc_buf_alloc(fl, fl->sctx->dev, memlen,
1223 fl->init_mem = imem;
1224 args[0].ptr = (u64)(uintptr_t)&inbuf;
1225 args[0].length = sizeof(inbuf);
1228 args[1].ptr = (u64)(uintptr_t)current->comm;
1229 args[1].length = inbuf.namelen;
1232 args[2].ptr = (u64) init.file;
1233 args[2].length = inbuf.filelen;
1234 args[2].fd = init.filefd;
1236 pages[0].addr = imem->phys;
1237 pages[0].size = imem->size;
1239 args[3].ptr = (u64)(uintptr_t) pages;
1240 args[3].length = 1 * sizeof(*pages);
1243 args[4].ptr = (u64)(uintptr_t)&inbuf.attrs;
1244 args[4].length = sizeof(inbuf.attrs);
1247 args[5].ptr = (u64)(uintptr_t) &inbuf.siglen;
1248 args[5].length = sizeof(inbuf.siglen);
1251 sc = FASTRPC_SCALARS(FASTRPC_RMID_INIT_CREATE, 4, 0);
1253 sc = FASTRPC_SCALARS(FASTRPC_RMID_INIT_CREATE_ATTR, 6, 0);
1255 err = fastrpc_internal_invoke(fl, true, FASTRPC_INIT_HANDLE,
1265 fl->init_mem = NULL;
1266 fastrpc_buf_free(imem);
1269 spin_lock(&fl->lock);
1270 list_del(&map->node);
1271 spin_unlock(&fl->lock);
1272 fastrpc_map_put(map);
1280 static struct fastrpc_session_ctx *fastrpc_session_alloc(
1281 struct fastrpc_channel_ctx *cctx)
1283 struct fastrpc_session_ctx *session = NULL;
1284 unsigned long flags;
1287 spin_lock_irqsave(&cctx->lock, flags);
1288 for (i = 0; i < cctx->sesscount; i++) {
1289 if (!cctx->session[i].used && cctx->session[i].valid) {
1290 cctx->session[i].used = true;
1291 session = &cctx->session[i];
1295 spin_unlock_irqrestore(&cctx->lock, flags);
1300 static void fastrpc_session_free(struct fastrpc_channel_ctx *cctx,
1301 struct fastrpc_session_ctx *session)
1303 unsigned long flags;
1305 spin_lock_irqsave(&cctx->lock, flags);
1306 session->used = false;
1307 spin_unlock_irqrestore(&cctx->lock, flags);
1310 static int fastrpc_release_current_dsp_process(struct fastrpc_user *fl)
1312 struct fastrpc_invoke_args args[1];
1317 args[0].ptr = (u64)(uintptr_t) &tgid;
1318 args[0].length = sizeof(tgid);
1320 sc = FASTRPC_SCALARS(FASTRPC_RMID_INIT_RELEASE, 1, 0);
1322 return fastrpc_internal_invoke(fl, true, FASTRPC_INIT_HANDLE,
1326 static int fastrpc_device_release(struct inode *inode, struct file *file)
1328 struct fastrpc_user *fl = (struct fastrpc_user *)file->private_data;
1329 struct fastrpc_channel_ctx *cctx = fl->cctx;
1330 struct fastrpc_invoke_ctx *ctx, *n;
1331 struct fastrpc_map *map, *m;
1332 struct fastrpc_buf *buf, *b;
1333 unsigned long flags;
1335 fastrpc_release_current_dsp_process(fl);
1337 spin_lock_irqsave(&cctx->lock, flags);
1338 list_del(&fl->user);
1339 spin_unlock_irqrestore(&cctx->lock, flags);
1342 fastrpc_buf_free(fl->init_mem);
1344 list_for_each_entry_safe(ctx, n, &fl->pending, node) {
1345 list_del(&ctx->node);
1346 fastrpc_context_put(ctx);
1349 list_for_each_entry_safe(map, m, &fl->maps, node) {
1350 list_del(&map->node);
1351 fastrpc_map_put(map);
1354 list_for_each_entry_safe(buf, b, &fl->mmaps, node) {
1355 list_del(&buf->node);
1356 fastrpc_buf_free(buf);
1359 fastrpc_session_free(cctx, fl->sctx);
1360 fastrpc_channel_ctx_put(cctx);
1362 mutex_destroy(&fl->mutex);
1364 file->private_data = NULL;
1369 static int fastrpc_device_open(struct inode *inode, struct file *filp)
1371 struct fastrpc_channel_ctx *cctx;
1372 struct fastrpc_device *fdevice;
1373 struct fastrpc_user *fl = NULL;
1374 unsigned long flags;
1376 fdevice = miscdev_to_fdevice(filp->private_data);
1377 cctx = fdevice->cctx;
1379 fl = kzalloc(sizeof(*fl), GFP_KERNEL);
1383 /* Released in fastrpc_device_release() */
1384 fastrpc_channel_ctx_get(cctx);
1386 filp->private_data = fl;
1387 spin_lock_init(&fl->lock);
1388 mutex_init(&fl->mutex);
1389 INIT_LIST_HEAD(&fl->pending);
1390 INIT_LIST_HEAD(&fl->maps);
1391 INIT_LIST_HEAD(&fl->mmaps);
1392 INIT_LIST_HEAD(&fl->user);
1393 fl->tgid = current->tgid;
1395 fl->is_secure_dev = fdevice->secure;
1397 fl->sctx = fastrpc_session_alloc(cctx);
1399 dev_err(&cctx->rpdev->dev, "No session available\n");
1400 mutex_destroy(&fl->mutex);
1406 spin_lock_irqsave(&cctx->lock, flags);
1407 list_add_tail(&fl->user, &cctx->users);
1408 spin_unlock_irqrestore(&cctx->lock, flags);
1413 static int fastrpc_dmabuf_alloc(struct fastrpc_user *fl, char __user *argp)
1415 struct fastrpc_alloc_dma_buf bp;
1416 DEFINE_DMA_BUF_EXPORT_INFO(exp_info);
1417 struct fastrpc_buf *buf = NULL;
1420 if (copy_from_user(&bp, argp, sizeof(bp)))
1423 err = fastrpc_buf_alloc(fl, fl->sctx->dev, bp.size, &buf);
1426 exp_info.ops = &fastrpc_dma_buf_ops;
1427 exp_info.size = bp.size;
1428 exp_info.flags = O_RDWR;
1429 exp_info.priv = buf;
1430 buf->dmabuf = dma_buf_export(&exp_info);
1431 if (IS_ERR(buf->dmabuf)) {
1432 err = PTR_ERR(buf->dmabuf);
1433 fastrpc_buf_free(buf);
1437 bp.fd = dma_buf_fd(buf->dmabuf, O_ACCMODE);
1439 dma_buf_put(buf->dmabuf);
1443 if (copy_to_user(argp, &bp, sizeof(bp))) {
1445 * The usercopy failed, but we can't do much about it, as
1446 * dma_buf_fd() already called fd_install() and made the
1447 * file descriptor accessible for the current process. It
1448 * might already be closed and dmabuf no longer valid when
1449 * we reach this point. Therefore "leak" the fd and rely on
1450 * the process exit path to do any required cleanup.
1458 static int fastrpc_init_attach(struct fastrpc_user *fl, int pd)
1460 struct fastrpc_invoke_args args[1];
1461 int tgid = fl->tgid;
1464 args[0].ptr = (u64)(uintptr_t) &tgid;
1465 args[0].length = sizeof(tgid);
1467 sc = FASTRPC_SCALARS(FASTRPC_RMID_INIT_ATTACH, 1, 0);
1470 return fastrpc_internal_invoke(fl, true, FASTRPC_INIT_HANDLE,
1474 static int fastrpc_invoke(struct fastrpc_user *fl, char __user *argp)
1476 struct fastrpc_invoke_args *args = NULL;
1477 struct fastrpc_invoke inv;
1481 if (copy_from_user(&inv, argp, sizeof(inv)))
1484 /* nscalars is truncated here to max supported value */
1485 nscalars = REMOTE_SCALARS_LENGTH(inv.sc);
1487 args = kcalloc(nscalars, sizeof(*args), GFP_KERNEL);
1491 if (copy_from_user(args, (void __user *)(uintptr_t)inv.args,
1492 nscalars * sizeof(*args))) {
1498 err = fastrpc_internal_invoke(fl, false, inv.handle, inv.sc, args);
1504 static int fastrpc_get_info_from_dsp(struct fastrpc_user *fl, uint32_t *dsp_attr_buf,
1505 uint32_t dsp_attr_buf_len)
1507 struct fastrpc_invoke_args args[2] = { 0 };
1509 /* Capability filled in userspace */
1510 dsp_attr_buf[0] = 0;
1512 args[0].ptr = (u64)(uintptr_t)&dsp_attr_buf_len;
1513 args[0].length = sizeof(dsp_attr_buf_len);
1515 args[1].ptr = (u64)(uintptr_t)&dsp_attr_buf[1];
1516 args[1].length = dsp_attr_buf_len;
1520 return fastrpc_internal_invoke(fl, true, FASTRPC_DSP_UTILITIES_HANDLE,
1521 FASTRPC_SCALARS(0, 1, 1), args);
1524 static int fastrpc_get_info_from_kernel(struct fastrpc_ioctl_capability *cap,
1525 struct fastrpc_user *fl)
1527 struct fastrpc_channel_ctx *cctx = fl->cctx;
1528 uint32_t attribute_id = cap->attribute_id;
1529 uint32_t *dsp_attributes;
1530 unsigned long flags;
1531 uint32_t domain = cap->domain;
1534 spin_lock_irqsave(&cctx->lock, flags);
1535 /* check if we already have queried dsp for attributes */
1536 if (cctx->valid_attributes) {
1537 spin_unlock_irqrestore(&cctx->lock, flags);
1540 spin_unlock_irqrestore(&cctx->lock, flags);
1542 dsp_attributes = kzalloc(FASTRPC_MAX_DSP_ATTRIBUTES_LEN, GFP_KERNEL);
1543 if (!dsp_attributes)
1546 err = fastrpc_get_info_from_dsp(fl, dsp_attributes, FASTRPC_MAX_DSP_ATTRIBUTES_LEN);
1547 if (err == DSP_UNSUPPORTED_API) {
1548 dev_info(&cctx->rpdev->dev,
1549 "Warning: DSP capabilities not supported on domain: %d\n", domain);
1550 kfree(dsp_attributes);
1553 dev_err(&cctx->rpdev->dev, "Error: dsp information is incorrect err: %d\n", err);
1554 kfree(dsp_attributes);
1558 spin_lock_irqsave(&cctx->lock, flags);
1559 memcpy(cctx->dsp_attributes, dsp_attributes, FASTRPC_MAX_DSP_ATTRIBUTES_LEN);
1560 cctx->valid_attributes = true;
1561 spin_unlock_irqrestore(&cctx->lock, flags);
1562 kfree(dsp_attributes);
1564 cap->capability = cctx->dsp_attributes[attribute_id];
1568 static int fastrpc_get_dsp_info(struct fastrpc_user *fl, char __user *argp)
1570 struct fastrpc_ioctl_capability cap = {0};
1573 if (copy_from_user(&cap, argp, sizeof(cap)))
1577 if (cap.domain >= FASTRPC_DEV_MAX) {
1578 dev_err(&fl->cctx->rpdev->dev, "Error: Invalid domain id:%d, err:%d\n",
1583 /* Fastrpc Capablities does not support modem domain */
1584 if (cap.domain == MDSP_DOMAIN_ID) {
1585 dev_err(&fl->cctx->rpdev->dev, "Error: modem not supported %d\n", err);
1589 if (cap.attribute_id >= FASTRPC_MAX_DSP_ATTRIBUTES) {
1590 dev_err(&fl->cctx->rpdev->dev, "Error: invalid attribute: %d, err: %d\n",
1591 cap.attribute_id, err);
1595 err = fastrpc_get_info_from_kernel(&cap, fl);
1599 if (copy_to_user(argp, &cap.capability, sizeof(cap.capability)))
1605 static int fastrpc_req_munmap_impl(struct fastrpc_user *fl,
1606 struct fastrpc_req_munmap *req)
1608 struct fastrpc_invoke_args args[1] = { [0] = { 0 } };
1609 struct fastrpc_buf *buf = NULL, *iter, *b;
1610 struct fastrpc_munmap_req_msg req_msg;
1611 struct device *dev = fl->sctx->dev;
1615 spin_lock(&fl->lock);
1616 list_for_each_entry_safe(iter, b, &fl->mmaps, node) {
1617 if ((iter->raddr == req->vaddrout) && (iter->size == req->size)) {
1622 spin_unlock(&fl->lock);
1625 dev_err(dev, "mmap not in list\n");
1629 req_msg.pgid = fl->tgid;
1630 req_msg.size = buf->size;
1631 req_msg.vaddr = buf->raddr;
1633 args[0].ptr = (u64) (uintptr_t) &req_msg;
1634 args[0].length = sizeof(req_msg);
1636 sc = FASTRPC_SCALARS(FASTRPC_RMID_INIT_MUNMAP, 1, 0);
1637 err = fastrpc_internal_invoke(fl, true, FASTRPC_INIT_HANDLE, sc,
1640 dev_dbg(dev, "unmmap\tpt 0x%09lx OK\n", buf->raddr);
1641 spin_lock(&fl->lock);
1642 list_del(&buf->node);
1643 spin_unlock(&fl->lock);
1644 fastrpc_buf_free(buf);
1646 dev_err(dev, "unmmap\tpt 0x%09lx ERROR\n", buf->raddr);
1652 static int fastrpc_req_munmap(struct fastrpc_user *fl, char __user *argp)
1654 struct fastrpc_req_munmap req;
1656 if (copy_from_user(&req, argp, sizeof(req)))
1659 return fastrpc_req_munmap_impl(fl, &req);
1662 static int fastrpc_req_mmap(struct fastrpc_user *fl, char __user *argp)
1664 struct fastrpc_invoke_args args[3] = { [0 ... 2] = { 0 } };
1665 struct fastrpc_buf *buf = NULL;
1666 struct fastrpc_mmap_req_msg req_msg;
1667 struct fastrpc_mmap_rsp_msg rsp_msg;
1668 struct fastrpc_req_munmap req_unmap;
1669 struct fastrpc_phy_page pages;
1670 struct fastrpc_req_mmap req;
1671 struct device *dev = fl->sctx->dev;
1675 if (copy_from_user(&req, argp, sizeof(req)))
1678 if (req.flags != ADSP_MMAP_ADD_PAGES) {
1679 dev_err(dev, "flag not supported 0x%x\n", req.flags);
1684 dev_err(dev, "adding user allocated pages is not supported\n");
1688 err = fastrpc_buf_alloc(fl, fl->sctx->dev, req.size, &buf);
1690 dev_err(dev, "failed to allocate buffer\n");
1694 req_msg.pgid = fl->tgid;
1695 req_msg.flags = req.flags;
1696 req_msg.vaddr = req.vaddrin;
1697 req_msg.num = sizeof(pages);
1699 args[0].ptr = (u64) (uintptr_t) &req_msg;
1700 args[0].length = sizeof(req_msg);
1702 pages.addr = buf->phys;
1703 pages.size = buf->size;
1705 args[1].ptr = (u64) (uintptr_t) &pages;
1706 args[1].length = sizeof(pages);
1708 args[2].ptr = (u64) (uintptr_t) &rsp_msg;
1709 args[2].length = sizeof(rsp_msg);
1711 sc = FASTRPC_SCALARS(FASTRPC_RMID_INIT_MMAP, 2, 1);
1712 err = fastrpc_internal_invoke(fl, true, FASTRPC_INIT_HANDLE, sc,
1715 dev_err(dev, "mmap error (len 0x%08llx)\n", buf->size);
1719 /* update the buffer to be able to deallocate the memory on the DSP */
1720 buf->raddr = (uintptr_t) rsp_msg.vaddr;
1722 /* let the client know the address to use */
1723 req.vaddrout = rsp_msg.vaddr;
1725 spin_lock(&fl->lock);
1726 list_add_tail(&buf->node, &fl->mmaps);
1727 spin_unlock(&fl->lock);
1729 if (copy_to_user((void __user *)argp, &req, sizeof(req))) {
1730 /* unmap the memory and release the buffer */
1731 req_unmap.vaddrout = buf->raddr;
1732 req_unmap.size = buf->size;
1733 fastrpc_req_munmap_impl(fl, &req_unmap);
1737 dev_dbg(dev, "mmap\t\tpt 0x%09lx OK [len 0x%08llx]\n",
1738 buf->raddr, buf->size);
1743 fastrpc_buf_free(buf);
1748 static int fastrpc_req_mem_unmap_impl(struct fastrpc_user *fl, struct fastrpc_mem_unmap *req)
1750 struct fastrpc_invoke_args args[1] = { [0] = { 0 } };
1751 struct fastrpc_map *map = NULL, *iter, *m;
1752 struct fastrpc_mem_unmap_req_msg req_msg = { 0 };
1755 struct device *dev = fl->sctx->dev;
1757 spin_lock(&fl->lock);
1758 list_for_each_entry_safe(iter, m, &fl->maps, node) {
1759 if ((req->fd < 0 || iter->fd == req->fd) && (iter->raddr == req->vaddr)) {
1765 spin_unlock(&fl->lock);
1768 dev_err(dev, "map not in list\n");
1772 req_msg.pgid = fl->tgid;
1773 req_msg.len = map->len;
1774 req_msg.vaddrin = map->raddr;
1775 req_msg.fd = map->fd;
1777 args[0].ptr = (u64) (uintptr_t) &req_msg;
1778 args[0].length = sizeof(req_msg);
1780 sc = FASTRPC_SCALARS(FASTRPC_RMID_INIT_MEM_UNMAP, 1, 0);
1781 err = fastrpc_internal_invoke(fl, true, FASTRPC_INIT_HANDLE, sc,
1783 fastrpc_map_put(map);
1785 dev_err(dev, "unmmap\tpt fd = %d, 0x%09llx error\n", map->fd, map->raddr);
1790 static int fastrpc_req_mem_unmap(struct fastrpc_user *fl, char __user *argp)
1792 struct fastrpc_mem_unmap req;
1794 if (copy_from_user(&req, argp, sizeof(req)))
1797 return fastrpc_req_mem_unmap_impl(fl, &req);
1800 static int fastrpc_req_mem_map(struct fastrpc_user *fl, char __user *argp)
1802 struct fastrpc_invoke_args args[4] = { [0 ... 3] = { 0 } };
1803 struct fastrpc_mem_map_req_msg req_msg = { 0 };
1804 struct fastrpc_mmap_rsp_msg rsp_msg = { 0 };
1805 struct fastrpc_mem_unmap req_unmap = { 0 };
1806 struct fastrpc_phy_page pages = { 0 };
1807 struct fastrpc_mem_map req;
1808 struct device *dev = fl->sctx->dev;
1809 struct fastrpc_map *map = NULL;
1813 if (copy_from_user(&req, argp, sizeof(req)))
1816 /* create SMMU mapping */
1817 err = fastrpc_map_create(fl, req.fd, req.length, 0, &map);
1819 dev_err(dev, "failed to map buffer, fd = %d\n", req.fd);
1823 req_msg.pgid = fl->tgid;
1824 req_msg.fd = req.fd;
1825 req_msg.offset = req.offset;
1826 req_msg.vaddrin = req.vaddrin;
1827 map->va = (void *) (uintptr_t) req.vaddrin;
1828 req_msg.flags = req.flags;
1829 req_msg.num = sizeof(pages);
1830 req_msg.data_len = 0;
1832 args[0].ptr = (u64) (uintptr_t) &req_msg;
1833 args[0].length = sizeof(req_msg);
1835 pages.addr = map->phys;
1836 pages.size = map->size;
1838 args[1].ptr = (u64) (uintptr_t) &pages;
1839 args[1].length = sizeof(pages);
1841 args[2].ptr = (u64) (uintptr_t) &pages;
1844 args[3].ptr = (u64) (uintptr_t) &rsp_msg;
1845 args[3].length = sizeof(rsp_msg);
1847 sc = FASTRPC_SCALARS(FASTRPC_RMID_INIT_MEM_MAP, 3, 1);
1848 err = fastrpc_internal_invoke(fl, true, FASTRPC_INIT_HANDLE, sc, &args[0]);
1850 dev_err(dev, "mem mmap error, fd %d, vaddr %llx, size %lld\n",
1851 req.fd, req.vaddrin, map->size);
1855 /* update the buffer to be able to deallocate the memory on the DSP */
1856 map->raddr = rsp_msg.vaddr;
1858 /* let the client know the address to use */
1859 req.vaddrout = rsp_msg.vaddr;
1861 if (copy_to_user((void __user *)argp, &req, sizeof(req))) {
1862 /* unmap the memory and release the buffer */
1863 req_unmap.vaddr = (uintptr_t) rsp_msg.vaddr;
1864 req_unmap.length = map->size;
1865 fastrpc_req_mem_unmap_impl(fl, &req_unmap);
1872 fastrpc_map_put(map);
1877 static long fastrpc_device_ioctl(struct file *file, unsigned int cmd,
1880 struct fastrpc_user *fl = (struct fastrpc_user *)file->private_data;
1881 char __user *argp = (char __user *)arg;
1885 case FASTRPC_IOCTL_INVOKE:
1886 err = fastrpc_invoke(fl, argp);
1888 case FASTRPC_IOCTL_INIT_ATTACH:
1889 err = fastrpc_init_attach(fl, AUDIO_PD);
1891 case FASTRPC_IOCTL_INIT_ATTACH_SNS:
1892 err = fastrpc_init_attach(fl, SENSORS_PD);
1894 case FASTRPC_IOCTL_INIT_CREATE:
1895 err = fastrpc_init_create_process(fl, argp);
1897 case FASTRPC_IOCTL_ALLOC_DMA_BUFF:
1898 err = fastrpc_dmabuf_alloc(fl, argp);
1900 case FASTRPC_IOCTL_MMAP:
1901 err = fastrpc_req_mmap(fl, argp);
1903 case FASTRPC_IOCTL_MUNMAP:
1904 err = fastrpc_req_munmap(fl, argp);
1906 case FASTRPC_IOCTL_MEM_MAP:
1907 err = fastrpc_req_mem_map(fl, argp);
1909 case FASTRPC_IOCTL_MEM_UNMAP:
1910 err = fastrpc_req_mem_unmap(fl, argp);
1912 case FASTRPC_IOCTL_GET_DSP_INFO:
1913 err = fastrpc_get_dsp_info(fl, argp);
1923 static const struct file_operations fastrpc_fops = {
1924 .open = fastrpc_device_open,
1925 .release = fastrpc_device_release,
1926 .unlocked_ioctl = fastrpc_device_ioctl,
1927 .compat_ioctl = fastrpc_device_ioctl,
1930 static int fastrpc_cb_probe(struct platform_device *pdev)
1932 struct fastrpc_channel_ctx *cctx;
1933 struct fastrpc_session_ctx *sess;
1934 struct device *dev = &pdev->dev;
1935 int i, sessions = 0;
1936 unsigned long flags;
1939 cctx = dev_get_drvdata(dev->parent);
1943 of_property_read_u32(dev->of_node, "qcom,nsessions", &sessions);
1945 spin_lock_irqsave(&cctx->lock, flags);
1946 sess = &cctx->session[cctx->sesscount];
1950 dev_set_drvdata(dev, sess);
1952 if (of_property_read_u32(dev->of_node, "reg", &sess->sid))
1953 dev_info(dev, "FastRPC Session ID not specified in DT\n");
1956 struct fastrpc_session_ctx *dup_sess;
1958 for (i = 1; i < sessions; i++) {
1959 if (cctx->sesscount++ >= FASTRPC_MAX_SESSIONS)
1961 dup_sess = &cctx->session[cctx->sesscount];
1962 memcpy(dup_sess, sess, sizeof(*dup_sess));
1966 spin_unlock_irqrestore(&cctx->lock, flags);
1967 rc = dma_set_mask(dev, DMA_BIT_MASK(32));
1969 dev_err(dev, "32-bit DMA enable failed\n");
1976 static int fastrpc_cb_remove(struct platform_device *pdev)
1978 struct fastrpc_channel_ctx *cctx = dev_get_drvdata(pdev->dev.parent);
1979 struct fastrpc_session_ctx *sess = dev_get_drvdata(&pdev->dev);
1980 unsigned long flags;
1983 spin_lock_irqsave(&cctx->lock, flags);
1984 for (i = 1; i < FASTRPC_MAX_SESSIONS; i++) {
1985 if (cctx->session[i].sid == sess->sid) {
1986 cctx->session[i].valid = false;
1990 spin_unlock_irqrestore(&cctx->lock, flags);
1995 static const struct of_device_id fastrpc_match_table[] = {
1996 { .compatible = "qcom,fastrpc-compute-cb", },
2000 static struct platform_driver fastrpc_cb_driver = {
2001 .probe = fastrpc_cb_probe,
2002 .remove = fastrpc_cb_remove,
2004 .name = "qcom,fastrpc-cb",
2005 .of_match_table = fastrpc_match_table,
2006 .suppress_bind_attrs = true,
2010 static int fastrpc_device_register(struct device *dev, struct fastrpc_channel_ctx *cctx,
2011 bool is_secured, const char *domain)
2013 struct fastrpc_device *fdev;
2016 fdev = devm_kzalloc(dev, sizeof(*fdev), GFP_KERNEL);
2020 fdev->secure = is_secured;
2022 fdev->miscdev.minor = MISC_DYNAMIC_MINOR;
2023 fdev->miscdev.fops = &fastrpc_fops;
2024 fdev->miscdev.name = devm_kasprintf(dev, GFP_KERNEL, "fastrpc-%s%s",
2025 domain, is_secured ? "-secure" : "");
2026 err = misc_register(&fdev->miscdev);
2029 cctx->secure_fdevice = fdev;
2031 cctx->fdevice = fdev;
2037 static int fastrpc_rpmsg_probe(struct rpmsg_device *rpdev)
2039 struct device *rdev = &rpdev->dev;
2040 struct fastrpc_channel_ctx *data;
2041 int i, err, domain_id = -1, vmcount;
2044 unsigned int vmids[FASTRPC_MAX_VMIDS];
2046 err = of_property_read_string(rdev->of_node, "label", &domain);
2048 dev_info(rdev, "FastRPC Domain not specified in DT\n");
2052 for (i = 0; i <= CDSP_DOMAIN_ID; i++) {
2053 if (!strcmp(domains[i], domain)) {
2059 if (domain_id < 0) {
2060 dev_info(rdev, "FastRPC Invalid Domain ID %d\n", domain_id);
2064 vmcount = of_property_read_variable_u32_array(rdev->of_node,
2065 "qcom,vmids", &vmids[0], 0, FASTRPC_MAX_VMIDS);
2068 else if (!qcom_scm_is_available())
2069 return -EPROBE_DEFER;
2071 data = kzalloc(sizeof(*data), GFP_KERNEL);
2076 data->vmcount = vmcount;
2077 data->perms = BIT(QCOM_SCM_VMID_HLOS);
2078 for (i = 0; i < data->vmcount; i++) {
2079 data->vmperms[i].vmid = vmids[i];
2080 data->vmperms[i].perm = QCOM_SCM_PERM_RWX;
2084 secure_dsp = !(of_property_read_bool(rdev->of_node, "qcom,non-secure-domain"));
2085 data->secure = secure_dsp;
2087 switch (domain_id) {
2088 case ADSP_DOMAIN_ID:
2089 case MDSP_DOMAIN_ID:
2090 case SDSP_DOMAIN_ID:
2091 /* Unsigned PD offloading is only supported on CDSP*/
2092 data->unsigned_support = false;
2093 err = fastrpc_device_register(rdev, data, secure_dsp, domains[domain_id]);
2097 case CDSP_DOMAIN_ID:
2098 data->unsigned_support = true;
2099 /* Create both device nodes so that we can allow both Signed and Unsigned PD */
2100 err = fastrpc_device_register(rdev, data, true, domains[domain_id]);
2104 err = fastrpc_device_register(rdev, data, false, domains[domain_id]);
2113 kref_init(&data->refcount);
2115 dev_set_drvdata(&rpdev->dev, data);
2116 dma_set_mask_and_coherent(rdev, DMA_BIT_MASK(32));
2117 INIT_LIST_HEAD(&data->users);
2118 spin_lock_init(&data->lock);
2119 idr_init(&data->ctx_idr);
2120 data->domain_id = domain_id;
2121 data->rpdev = rpdev;
2123 return of_platform_populate(rdev->of_node, NULL, NULL, rdev);
2129 static void fastrpc_notify_users(struct fastrpc_user *user)
2131 struct fastrpc_invoke_ctx *ctx;
2133 spin_lock(&user->lock);
2134 list_for_each_entry(ctx, &user->pending, node)
2135 complete(&ctx->work);
2136 spin_unlock(&user->lock);
2139 static void fastrpc_rpmsg_remove(struct rpmsg_device *rpdev)
2141 struct fastrpc_channel_ctx *cctx = dev_get_drvdata(&rpdev->dev);
2142 struct fastrpc_user *user;
2143 unsigned long flags;
2145 spin_lock_irqsave(&cctx->lock, flags);
2146 list_for_each_entry(user, &cctx->users, user)
2147 fastrpc_notify_users(user);
2148 spin_unlock_irqrestore(&cctx->lock, flags);
2151 misc_deregister(&cctx->fdevice->miscdev);
2153 if (cctx->secure_fdevice)
2154 misc_deregister(&cctx->secure_fdevice->miscdev);
2156 of_platform_depopulate(&rpdev->dev);
2159 fastrpc_channel_ctx_put(cctx);
2162 static int fastrpc_rpmsg_callback(struct rpmsg_device *rpdev, void *data,
2163 int len, void *priv, u32 addr)
2165 struct fastrpc_channel_ctx *cctx = dev_get_drvdata(&rpdev->dev);
2166 struct fastrpc_invoke_rsp *rsp = data;
2167 struct fastrpc_invoke_ctx *ctx;
2168 unsigned long flags;
2169 unsigned long ctxid;
2171 if (len < sizeof(*rsp))
2174 ctxid = ((rsp->ctx & FASTRPC_CTXID_MASK) >> 4);
2176 spin_lock_irqsave(&cctx->lock, flags);
2177 ctx = idr_find(&cctx->ctx_idr, ctxid);
2178 spin_unlock_irqrestore(&cctx->lock, flags);
2181 dev_err(&rpdev->dev, "No context ID matches response\n");
2185 ctx->retval = rsp->retval;
2186 complete(&ctx->work);
2189 * The DMA buffer associated with the context cannot be freed in
2190 * interrupt context so schedule it through a worker thread to
2191 * avoid a kernel BUG.
2193 schedule_work(&ctx->put_work);
2198 static const struct of_device_id fastrpc_rpmsg_of_match[] = {
2199 { .compatible = "qcom,fastrpc" },
2202 MODULE_DEVICE_TABLE(of, fastrpc_rpmsg_of_match);
2204 static struct rpmsg_driver fastrpc_driver = {
2205 .probe = fastrpc_rpmsg_probe,
2206 .remove = fastrpc_rpmsg_remove,
2207 .callback = fastrpc_rpmsg_callback,
2209 .name = "qcom,fastrpc",
2210 .of_match_table = fastrpc_rpmsg_of_match,
2214 static int fastrpc_init(void)
2218 ret = platform_driver_register(&fastrpc_cb_driver);
2220 pr_err("fastrpc: failed to register cb driver\n");
2224 ret = register_rpmsg_driver(&fastrpc_driver);
2226 pr_err("fastrpc: failed to register rpmsg driver\n");
2227 platform_driver_unregister(&fastrpc_cb_driver);
2233 module_init(fastrpc_init);
2235 static void fastrpc_exit(void)
2237 platform_driver_unregister(&fastrpc_cb_driver);
2238 unregister_rpmsg_driver(&fastrpc_driver);
2240 module_exit(fastrpc_exit);
2242 MODULE_LICENSE("GPL v2");
2243 MODULE_IMPORT_NS(DMA_BUF);
projects / platform / kernel / linux-starfive.git / blob