If the server dies, the memobj would be released two times.
Assuming, one instance is already held by the server which
is not true.
Change-Id: I609b1e5f64648736d26c2e780aefcf7f2db64729
If invoke call fails due to some reason, map objects created
for memory objects should also be released. Failing to do so,
creates a memory leak as TZ is unaware of these objects and
no one calls release on these.
Change-Id: If5c48b810192553e3a216a0c3671f98a79bb2b59
Signed-off-by: Anmolpreet Kaur <quic_anmolpre@quicinc.com>
Ref_count should be with shmbridge and shmbridge should
maintain real owner and ref_count info as smcinvoke is a
client it should blindly do register and deregister.
Change-Id: Ib9400af0db1abafa7c6262e7cd80c8ae301a4ed1
Signed-off-by: Nitin LNU <quic_nlakra@quicinc.com>
Add support for map opjects to be written into the
async side channel also for the use case where memory
objects are created as a result of a CB request.
Change-Id: I63798d92e40127fe842c08b892d734134f792dd9
Signed-off-by: Reut Zysman <quic_rzysman@quicinc.com>
Use printk_ratelimit() to limit the logs
indicating that secure side is busy,
that the sever state was set to defunct,
and other logs that may be printed frequently.
Change-Id: I93c64bfa65cc2f499cabff3fd26b74764269b6f6
Signed-off-by: Reut Zysman <quic_rzysman@quicinc.com>
call release tz object in sync manner
only in case of EBUSY add
object in to post process list, so that we can retry
and process it later in a seprate kthread.
Change-Id: I2158b3faa5c41d2f10ed532c50c9c6b113961c57
This change makes changes to smcinvoke driver to handle suspend and resume
scenarios. If the accept thread gets interrupted, do not set the server state
as defunct if the thread is in freezing state, i.e. if the thread is going in
suspend. In such cases, increase timeout of that server so that invoke thread
waits indefinitely for response from userspace until the system resumes back.
Tests:
1. Stability testing has been done on kalama.
2. smcinvoke vendor client testing is done on pineapple.
Change-Id: Iaa7b91d6ed484305349c04468263919e26a3316d
Signed-off-by: Anmolpreet Kaur <quic_anmolpre@quicinc.com>
Add support for map objects to be written into the async
side channel rather than have to be explicitly asked for
by QTEE.
Change-Id: Ia1c56555dc3a6422f4fb448f94f73fef661ac89d
Signed-off-by: Reut Zysman <quic_rzysman@quicinc.com>
Change consists creation of ADCI thread at SMCInvoke
driver initialization
Change consists creation of ADCI thread at SMCInvoke driver initialization
Following scenario have been tested for this change
(1) ADCI thread creation and QTEE invocation during driver initialization
(2) Backward Compatibility - IF ADCI feature is not supported (OBJECT_ERROR_INVALID)
then exit the ADCI thread gracefully after cleaning up all the resources
(3) Leak Test: All the resources held by ADCI thread should be released if ADCI feature
is not supported by QTEE
(i) adci task_struct state and exit state:
state = TASK_RUNNING , exit_state = 0 (While ADCI thread execution)
state = TASK_DEAD , exit_state = EXIT_DEAD (During ADCI thread termination)
(ii) adci task_struct = NULL (fetched based on adci thread_id) which make sure
task_struct has been deallocated
(4) SMCInvoke related Test: All the internal(suuported),memobj and cbo testing has been performed.
Change-Id: I2916ce260fae293b88fbc8b9d24baccdee1ea89f
Signed-off-by: Pawan Rai <quic_pawarai@quicinc.com>
Avoid marshalling user args in kernel driver if the corresponding CallBack
invocation fails in userspace.
Change-Id: I1dc5ca562c5a67e1ac2273a1ff2a854f2010c1d3
during smcinvoke callback response handling.
Add Cache flush before invalidating out_buf during cb
response handling in smcinvoke driver.
Change-Id: I68b70c078675f1841690c93048cbba3589a388f3
In case the accept thread has invalid cbtxn, start waiting
for new requests instead of going to userspace and then coming
back.
Change-Id: I2cce16ebb0481d184fed636a559e73adaacdcf0f
Signed-off-by: Anmolpreet Kaur <quic_anmolpre@quicinc.com>
A new module named qseecom_proxy has been defined in kernel
which acts as a forwarder for calls received from kernel clients
of qseecom and smcinvoke. This change adds the support for calling
that module from the vendor dlkm modules smcinvoke and qseecom.
Change-Id: I0d1aa93b9cea9e6a6e1fee17c33c78e14deb8ecf
Signed-off-by: Anmolpreet Kaur <quic_anmolpre@quicinc.com>
Release memory object from userspace when a call to release comes in
kernel to prevent the memory leaks in the cases where mem objects
are passed as a response inside a callback call.
Change-Id: I5ce57b6be90e71e255a890895d5f2859312ba1e4
Signed-off-by: Anmolpreet Kaur <quic_anmolpre@quicinc.com>
1. While waiting for callback response instead of waiting uninterruptibly for
1sec split wait timeout to 100ms and increase number of retries to 50.
2. If a wait is interrupted due to signal, continue to wait if callback server
is in a good state.
Change-Id: I15faf27ebdb98e2df4a0c75695643a611ad9889d
Add following changes.
Fix switch case
latest compiler throwing error where CASE statement does
not have break or return under all the execution paths.
Rename size_add to size_add_
There is a name collision between this one and one coming from
overflow.h. Hence renaming it.
Modify IRQ handling for qce50 module
Change PDE_DATA to pde_data
Signed-off-by: Smita Ghosh <quic_smitag@quicinc.com>
Change-Id: I4226fb41df12273b45d2e114f1aad2709dc36eb7
Signed-off-by: Smita Ghosh <quic_smitag@quicinc.com>
1. When invoke thread have resumed from freezing to running or is
killed, the interruption signals will always interrupt the
smcinvoke callback calls. this will lead the QTEE and listener
to be out of sync.
2. To fix this issue, we remove the signal interruption, this solution
will prevent the smcinvoke from being out of sync.
Change-Id: I8f0cd7342784564ce12e617dc4076638f365aba9
Signed-off-by: wenji <quic_wenji@quicinc.com>
During Callback request from TZ, smcinvoke in and out buffers need
explicit cache operation with legacy smcinvoke.
Change-Id: I3eacd69901c1ce117017b2d59a28dfab83b5f3f9
smcinvoke.c:578:10: error: implicit declaration of function 'kthread_should_stop'
while (!kthread_should_stop()) {
smcinvoke.c:617:43: error: implicit declaration of function 'kthread_run'
smcinvoke[i].postprocess_kthread_task = kthread_run(
Change-Id: Id6a8b6844ec7ae00b55c81d3760a91da9d49a9ad
Signed-off-by: Patrick Daly <quic_pdaly@quicinc.com>
Because the device node of smcinvoke is published at the
beginning of the smcinvoke_probe(), the device node will
be ready while the smcinvoke is not initialized completely.
Hence the smcinvoke_release probably is called when the
smcinvoke driver is not ready. this case will lead to
smcinvoke crash issue.
To avoid this concurrency issue, we create the device node
at the end of the smcinvoke_probe.
Change-Id: I930685a24fb744893017c90c1881f13e2f2c3d7c
Signed-off-by: wenji <quic_wenji@quicinc.com>
1. When there is a large shambridge memory which is not
deleted in time, The shambridge in QTEE might be out of
memory. we met this issue in the TVM TUI unit test.
TrustedUISampleTest -vm --gtest_filter=*Basic_TUIStartStop*
2. To avoid being out of shambridge memory, we should postpone
the deletion of shambridge created by smcinvoke itself.
Change-Id: I2ef837339881c1dcd78a0da10fc848488c9819ca
Signed-off-by: wenji <quic_wenji@quicinc.com>
1.When the QTEE is busy with a high concurrency, the objects and shared
memory bridge will not be released and deleted in time, this will lead
to memory leakage issues in the QTEE.
2.To avoid the memory leakage in case of EBUSY, we add 2 exclusive worker
threads to postprocess the object release and shmbridge deletion
separately.
Change-Id: I94c656d191d5098f1c093650e4321e6b5353e45e
Signed-off-by: Nitin LNU <quic_nlakra@quicinc.com>
Acquire lock before delete_cb_txn_locked.
This API expects the lock is aquired before calling it
release the lock afterwards.
Also rename the api with_locked to state that api
needs to be called on locked mutex.
Change-Id: I6384ff60004da90b46904823e399c62c55ea4273
a validation added to check whether retrieved struct smcinvoke_file_data
inside the function get_server_id belongs to g_smcinvoke_fops or not.
Change-Id: I50bce93ab89759b4fdcb76e41f699d8199771fbd
Signed-off-by: Pavan Bobba <quic_pav@quicinc.com>
Add MODULE_IMPORT_NS for smcinvoke driver to ignore consider it as as
filesystem and not a driver.
Change-Id: I839b972f68f45f184f6a46de6779ac6adace9d38
pull commits
smcinvoke: Release lock for non critical region
When entering into non critical region make sure to release the lock and
increase reference for memobj instead of holding the lock and causing
memobj not to be released when third party module using it.
smcinvoke: Add support for splitbin
Remove hard limit on the number of splitbins available.
Let the TZ decide if the reassembled binary is good for usage.
cherrypicked from I6d7b5c3154c8c362be0a6bad2da1c4687191536d
Change-Id: Ibb12bc906fb3e995928a0b51b742e8193d737ba3
