| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 7 Jul 2017 15:49:56 -0700
From: Stephen Boyd <sboyd@...eaurora.org>
To: Avaneesh Kumar Dwivedi <akdwived@...eaurora.org>
Cc: bjorn.andersson@...aro.org, agross@...eaurora.org,
linux-arm-msm@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-remoteproc@...r.kernel.org
Subject: Re: [PATCH v6 1/4] firmware: scm: Add new SCM call API for switching
memory ownership
On 06/22, Avaneesh Kumar Dwivedi wrote:
> diff --git a/drivers/firmware/qcom_scm-64.c b/drivers/firmware/qcom_scm-64.c
> index 6e6d561..cdfe986 100644
> --- a/drivers/firmware/qcom_scm-64.c
> +++ b/drivers/firmware/qcom_scm-64.c
> @@ -292,6 +304,86 @@ int qcom_scm_pas_shutdown(u32 peripheral)
> }
> EXPORT_SYMBOL(qcom_scm_pas_shutdown);
>
> +/**
> + * qcom_scm_assign_mem() - Make a secure call to reassign memory ownership
> + *
> + * @mem_addr: mem region whose ownership need to be reassigned
> + * @mem_sz: size of the region.
> + * @srcvm: vmid for current set of owners, each set bit in
> + * flag indicate a unique owner
> + * @newvm: array having new owners and corrsponding permission
> + * flags
> + * @dest_cnt: number of owners in next set.
> + * Return next set of owners on success.
> + */
> +int qcom_scm_assign_mem(phys_addr_t mem_addr, size_t mem_sz, int srcvm,
> + struct qcom_scm_vmperm *newvm, int dest_cnt)
> +{
> + unsigned long dma_attrs = DMA_ATTR_FORCE_CONTIGUOUS;
Why do we need this? Just curious if we can drop this.
> + struct qcom_scm_current_perm_info *destvm;
> + struct qcom_scm_mem_map_info *mem;
> + phys_addr_t memory_phys;
> + phys_addr_t dest_phys;
> + phys_addr_t src_phys;
> + size_t mem_all_sz;
> + size_t memory_sz;
> + size_t dest_sz;
> + size_t src_sz;
> + int next_vm;
> + __le32 *src;
> + void *ptr;
> + int ret;
> + int len;
> + int i;
> +
> + src_sz = hweight_long(srcvm) * sizeof(*src);
> + memory_sz = sizeof(*mem);
> + dest_sz = dest_cnt*sizeof(*destvm);
> + mem_all_sz = src_sz + memory_sz + dest_sz;
> +
> + ptr = dma_alloc_attrs(__scm->dev, ALIGN(mem_all_sz, SZ_64),
> + &src_phys, GFP_KERNEL, dma_attrs);
> + if (!ptr)
> + return -ENOMEM;
> +
> + /* Fill source vmid detail */
> + src = (__le32 *)ptr;
Cast is necessary?
> + len = hweight_long(srcvm);
> + for (i = 0; i < len; i++) {
> + src[i] = cpu_to_le32(ffs(srcvm) - 1);
> + srcvm ^= 1 << (ffs(srcvm) - 1);
> + }
> +
> + /* Fill details of mem buff to map */
> + mem = ptr + ALIGN(src_sz, SZ_64);
> + memory_phys = src_phys + ALIGN(src_sz, SZ_64);
> + mem[0].mem_addr = cpu_to_le64(mem_addr);
> + mem[0].mem_size = cpu_to_le64(mem_sz);
> +
> + next_vm = 0;
> + /* Fill details of next vmid detail */
> + destvm = ptr + ALIGN(memory_sz, SZ_64) + ALIGN(src_sz, SZ_64);
> + dest_phys = memory_phys + ALIGN(memory_sz, SZ_64);
> + for (i = 0; i < dest_cnt; i++) {
> + destvm[i].vmid = cpu_to_le32(newvm[i].vmid);
> + destvm[i].perm = cpu_to_le32(newvm[i].perm);
> + destvm[i].ctx = 0;
> + destvm[i].ctx_size = 0;
> + next_vm |= BIT(newvm[i].vmid);
> + }
> +
> + ret = __qcom_scm_assign_mem(__scm->dev, memory_phys,
> + memory_sz, src_phys, src_sz, dest_phys, dest_sz);
> + dma_free_attrs(__scm->dev, ALIGN(mem_all_sz, SZ_64),
> + ptr, src_phys, dma_attrs);
> + if (ret == 0)
> + return next_vm;
> + else if (ret > 0)
> + return -ret;
This still confuses me. Do we really just pass whatever the
firmware tells us the error code is up to the caller? Shouldn't
we be remapping the scm errors we receive to normal linux errnos?
> + return ret;
> +}
> +EXPORT_SYMBOL(qcom_scm_assign_mem);
> +
> static int qcom_scm_pas_reset_assert(struct reset_controller_dev *rcdev,
> unsigned long idx)
> {
--
Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum,
a Linux Foundation Collaborative Project
Powered by blists - more mailing lists