Currently, on SSR notification connection reset
error is returned even if invoke send completes
successfully. So, if there is invoke call for PD
spawn, init memory gets freed after receiving the
error. Currently, if init memory is accessed on DSP,
SMMU fault occurs. If internal invoke is successfully
completed, return the connection reset error only
for non-kernel handles.
Change-Id: I2f35a22562fac14a410815df6121cb1df80982a4
Acked-by: Abhishek Singh<abhishes@qti.qualcomm.com>
Signed-off-by: Ansa Ahmed <quic_ansa@quicinc.com>
Currently a process is limited to create only 2 sessions, by toggling
the 30th bit of tgid of the process, to create different process IDs on DSP
remote sybsystem. This approach is not scalable to create unique process
IDs to DSP, by using bits within the tgid of the process. Add support to
allow a process to create multiple sessions by choosing and sending unique
dsp process IDs on DSP remote sub system, instead of tgid of HLOS process.
Change-Id: I33f52c68453301bdbb83dfb9a10df16143098a49
Signed-off-by: Himateja Reddy <quic_hmreddy@quicinc.com>
Compilation was failing with new header on LE HY11 build.
Adding compile time flags to fix the issue.
Change-Id: Ia51e54f6b18e4d7195f47294b88f39ed2d52c4e8
Signed-off-by: Anirudh Raghavendra <quic_araghave@quicinc.com>
NSP device status is exposed via SOC API.
On cat to this sys fs node, NSP status will be
returned. NSP status flag renamed to maintain
backward compatibility.
Change-Id: I67ae19e51fd58e02d78a40b30563f147bef5b20e
Signed-off-by: Ansa Ahmed <quic_ansa@quicinc.com>
Include new header fastrpc_shared.h in existing header
(adsprpc_shared.h) and remove all ioctl definitions
from the existing header.
Change-Id: I5c5a08de0a077ec2717683134a0ec31466c34047
Signed-off-by: Anirudh Raghavendra <quic_araghave@quicinc.com>
Currently probe is failing if device is closed. Driver registration
with device might already be finished, if match is successful, even
though probe fails. Fail the bus match when device is closed, so
driver does not gets registered with device.
Change-Id: I0511c7b3a27ddd4c2cd30d4aea9f961d1f4355d9
Signed-off-by: Himateja Reddy <quic_hmreddy@quicinc.com>
Currently, spinlock is acquired and wait state
is entered for dma_invoke to complete. This scenario
leads to watchdog bark for threads waiting to acquire
spinlock. This change is to avoid waiting for dma_invoke
completion after acquiring spinlock.
Change-Id: I9443fd8bfda77194103a871e4ad0295f79cf3034
Signed-off-by: Ansa Ahmed <quic_ansa@quicinc.com>
Currently, QoS core count is probed from dtsi property.
Instead, update it at run-time by counting number of
lowest capacity cores. Probe DT to check if latency
voting for only a single-core is enabled, update count then.
Change-Id: I8eaddc382a4929d28a60db8d351eb8ca9793e82e
Signed-off-by: Ansa Ahmed <quic_ansa@quicinc.com>
A dynamic SMMU mapping created as part of an RPC call can potentially
be removed by a parallel munmap ioctl call before the RPC call is
complete, leading to SMMU faults.
Maintain a ref-count that indicates that the mapping is being used by
a pending RPC call and allow the mapping to be removed only if this
count is 0.
Change-Id: Ieb4ff6b298ff9c48953bc5b3539fdfe19a14b442
Acked-by: Santosh Sakore <ssakore@qti.qualcomm.com>
Signed-off-by: Santosh Sakore <quic_ssakore@quicinc.com>
When secure PD exits in case of SSR or another scenario, notify
all rpc threads waiting on kernel. This should allow rpc threads
to return failure to TVM clients.
Change-Id: Ie0e97d2cb0e378b9b1c1e558f8ed642710690d1f
Signed-off-by: Edgar Flores <quic_edgarf@quicinc.com>
After message is sent to DSP, async response thread
could immediately get the response and free context,
which will result in a use-after-free in invoke send.
To fix this, add local copy of ctx to trace and gmsg
logging. To fix async response and SSR race, we rely
on is_job_sent_to_remote_ss of ctx, now check valid
ctx from ctxtable to set is_job_sent_to_remote_ss.
Change-Id: I1ebbed61443beda7b5ffcbe858481a54cca96acb
Signed-off-by: nishant chaubey <quic_chaubey@quicinc.com>
Move ioctl definitions and structures to new header file.
Kernel team has a new requirement to move userspace related API
and structure definitions to a new header file independent of
kernel only headers.
Change-Id: Ic0fa54a2c18036cb6a7fa5f2cd389d9f8d07096f
Signed-off-by: Anirudh Raghavendra <quic_araghave@quicinc.com>
Currently SMMU context banks are chosen dynamically based on
available context bank. Few use cases requires context banks to
be fixed to retain SMMU mappings even after process exits and resumes
again. Few other use cases requires to use multiple context banks of
similar remote subsystem process types. Allocate designated context
bank session with process type matching with remote subsystem
process type.
Change-Id: Ie8ccad2fde4e2e21aaf8c6ede0ab31645cdf350c
Signed-off-by: Himateja Reddy <quic_hmreddy@quicinc.com>
Multiple sessions were being allocated from ADSP using
the shared context bank. Remove second for loop which was
not checking for the sharedcb variable.
Change-Id: Ie5831eb9454b909dfea62cffbdaf66d94b200b3b
Signed-off-by: Anirudh Raghavendra <quic_araghave@quicinc.com>
Currently there is no interface request to get HLOS PID of
the device attached to FastRPC bus driver. Add new request
FASTRPC_DEV_GET_HLOS_PID, to get HLOS PID of the attached
device.
Signed-off-by: Himateja Reddy <quic_hmreddy@quicinc.com>
The remote argument array size is more than the utilized.
Add fix to have proper array size to accommodate the
arguments for remote invocation.
Change-Id: Id0b290eebae850765f24e22918166d7e9d8827c4
Signed-off-by: Vamsi Krishna Gattupalli <quic_vgattupa@quicinc.com>
When DSP process successfully spawned on the ADSP ,
the APPS side init memory is getting unmapped due to an error in driver,
by the time error printing in user space logs the SMMU fault is happening in ADSP.
So add the error log in fastrpc_init_create_dynamic_process.
Acked-by: Ramesh Nallagopu <rnallago@qti.qualcomm.com>
Change-Id: I6df8000e9e34fa0916947528a52793b164ab3acb
Signed-off-by: Santosh Sakore <quic_ssakore@quicinc.com>
This change enables sharing of a new page to DSP.
New page will contain inital debug parameters which we
need to pass to the DSP during the process initiation.
Change-Id: I8ae12cb364811a97eca3f15e70106b36bcec3f54
Signed-off-by: Vamsi Krishna Gattupalli <quic_vgattupa@quicinc.com>
LE static analysis KW is giving error from fastrpc traces because
traces are using __assign_str() which translates to strcpy() and
this is a deprecated API.
Kernel team suggested to use memcpy instead of __assign_str().
Change-Id: Idf92446a26d8b6f472963e9215f738df3f6fcdef
Thread T1 add buffer to fl->cached_bufs and release fl->hlock and holding
buffer reference. Now thread T2 will aquire fl->hlock and free buffer in
fastrpc_cached_buf_list_free(). T1 will dereference the freed buffer.
Moving reference buffer uses for T1 inside fl->hlock to avoid UAF.
Change-Id: I5f08d5497099133f87d55f5879cfe50c2ba23ae6
Signed-off-by: Santosh Sakore <quic_ssakore@quicinc.com>
To log error for fastrpc_mmap_remove_ssr and
compat_fastrpc_get_dsp_info for avoiding null pointer
dereferences leading to kw issues.
Change-Id: I515485d891331e0740722a0de1291353db645b66
Acked-by: Ansa Ahmed <ansa@qti.qualcomm.com>
Signed-off-by: Vamsi Krishna Gattupalli <quic_vgattupa@quicinc.com>
Currently async job is first added to pending context list and later
job is send to remote sub system. After the job is added to pending
context list, if any SSR happens, all the async pending job contexts are
responded and freed in async response thread. Original thread that added
job to pending context list might not have sent the job, as there is SSR and can
free the context again in same thread. Queue response in SSR only when
the job is sent to remote sub system.
Signed-off-by: Himateja Reddy <quic_hmreddy@quicinc.com>
Change-Id: I1f880316f327a8345433d5d22b619ef0a50d7240
In TVM buffers might be lend from PVM and ownership might
be shared between TVM and PVM. This might lead to some issues
in TVM.
Change-Id: I9c2ea67c1c4664512881a301cf57ab5e204f6a65
Signed-off-by: Edgar Flores <quic_edgarf@quicinc.com>
In current code fastrpc_file_free and bus driver invoke call are in
parallel, we would see corruption as both try to access fastrpc_mmap
list. To resolve this issue added signaling mechanism between
fastrpc_file_free and bus driver invoke call. If bus driver invoke
call is running in parallel with fastrpc_file_free, it would wait
until the invoke call is completed. Also added locks in bus driver API
to protect fastrpc_mmap's.
To improve code readablity created separate API for bus driver map
and unmap.
Change-Id: I5fd6f331febdecb319b168b36590a73e4532038a
Signed-off-by: Anirudh Raghavendra <quic_araghave@quicinc.com>
after allocation of a buffer, verify if null is returned.
if null check is success then bailout.
Change-Id: Idbc94c6cf109d34340b55b25f8df74afd5975d36
Signed-off-by: Vamsi Krishna Gattupalli <quic_vgattupa@quicinc.com>
Acked-by: ANANDU E <anane@qti.qualcomm.com>
Current map and buf flags are not being printed in the debugfs data
of process. Print map and buf flags.
Change-Id: I621e7ca08de45f189d5b49046b3c37cfef968d54
Acked-by: DEEPAK SANNAPAREDDY <sdeeredd@qti.qualcomm.com>
Signed-off-by: Vamsi Krishna Gattupalli <quic_vgattupa@quicinc.com>
If pd is down, new device ioctls wait for pdup before
copying ioctl params and saving ctx information.
Shift logic to check pdup from device_ioctl to after
context creation and before invoke send to allow
current ioctl information to be store in pending ctx.
Change-Id: Ia9747394020fd35b02f4074a82edecace72f87db
Signed-off-by: nishant chaubey <quic_chaubey@quicinc.com>
Fixes to fastrpc trusted driver to run on TVM.
Added a workqueue for receiving kernel packets.
Changed array allocation of kernel sockets to save space.
Original design was allocating static 2-d array glist_session_ctrl
for all possible subsystems and domains.
New implementation is allocating staic 2-d reference array.
Each entry in the array will only be allocated if remote domain
is supported.
Change-Id: I303375822714aa6f8eadf525b09326aa05714fd7
Signed-off-by: Edgar Flores <quic_edgarf@quicinc.com>
Increasing number of allowed sessions from 13 to 14 to accomodate
the shared context banks for CPZ.
Change-Id: Ie0757dae9d0876f5e827daab4fe9e9a661fc0680
Signed-off-by: Anirudh Raghavendra <quic_araghave@quicinc.com>
CMA alloc will not work on TVM. Stubbing out fastrpc_alloc_cma_memory
in fastrpc_init to prevent errors during loading.
Change-Id: I5774f1f0333da86582b9aca8b9cdeae725eaf64f
Signed-off-by: Anirudh Raghavendra <quic_araghave@quicinc.com>
Currently hyp_assign_phys is being used to assign mmeory to remote
subsystems. hyp_assign_phys is not upstream friendly. Use qcom_scm_assign_mem
in place of hyp_assign_phys to deprecate downstream API.
Signed-off-by: Himateja Reddy <quic_hmreddy@quicinc.com>
Change-Id: Ic4aed6570598a96e6401777836bd390ede877ff2
Add copy_to_dist_dir to Bazel build to output kernel build outputs
to dist dir.
Change-Id: Ic6ae4a1b98e9672aa1beba11aeff3707b0d78667
Signed-off-by: John Moon <quic_johmoo@quicinc.com>
CDSP state flag is not updated after subsystem is shutdown. Due to
this CDSP image loading is skipped. Update state flag after unloading.
Change-Id: Ife49e6845da4a6bfe149c04459c6823c09ccde31
Signed-off-by: Abhinav Parihar <quic_parihar@quicinc.com>
Current subsystem state flag cannot define all state of the subsystem.
Different handling might be needed for different subsystem states.
Add multiple subsystem state support.
Change-Id: Id091dfded583c8cd7e95c0d306de6dd34b03485d
Acked-by: Santosh Sakore <ssakore@qti.qualcomm.com>
Signed-off-by: Vamsi Krishna Gattupalli <quic_vgattupa@quicinc.com>
