lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID:
 <AS1PR04MB955988579ADFC6B5CCC8BBB3EAC12@AS1PR04MB9559.eurprd04.prod.outlook.com>
Date: Thu, 13 Jun 2024 07:11:07 +0000
From: Zhai He <zhai.he@....com>
To: Barry Song <baohua@...nel.org>
CC: Andrew Morton <akpm@...ux-foundation.org>, "sboyd@...nel.org"
	<sboyd@...nel.org>, "linux-mm@...ck.org" <linux-mm@...ck.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Zhipeng Wang
	<zhipeng.wang_1@....com>, Jindong Yue <jindong.yue@....com>, Christoph
 Hellwig <hch@....de>
Subject: RE: [EXT] Re: [PATCH v2] Supports to use the default CMA when the
 device-specified CMA memory is not enough.

> -----Original Message-----
> From: Barry Song <baohua@...nel.org>
> Sent: Thursday, June 13, 2024 2:15 PM
> To: Zhai He <zhai.he@....com>
> Cc: Andrew Morton <akpm@...ux-foundation.org>; sboyd@...nel.org;
> linux-mm@...ck.org; linux-kernel@...r.kernel.org; Zhipeng Wang
> <zhipeng.wang_1@....com>; Jindong Yue <jindong.yue@....com>; Christoph
> Hellwig <hch@....de>
> Subject: Re: [EXT] Re: [PATCH v2] Supports to use the default CMA when the
> device-specified CMA memory is not enough.
> 
> Caution: This is an external email. Please take care when clicking links or
> opening attachments. When in doubt, report the message using the 'Report
> this email' button
> 
> 
> On Thu, Jun 13, 2024 at 5:32 PM Zhai He <zhai.he@....com> wrote:
> >
> > > -----Original Message-----
> > > From: Barry Song <baohua@...nel.org>
> > > Sent: Thursday, June 13, 2024 11:28 AM
> > > To: Zhai He <zhai.he@....com>
> > > Cc: Andrew Morton <akpm@...ux-foundation.org>; sboyd@...nel.org;
> > > linux-mm@...ck.org; linux-kernel@...r.kernel.org; Zhipeng Wang
> > > <zhipeng.wang_1@....com>; Jindong Yue <jindong.yue@....com>;
> > > Christoph Hellwig <hch@....de>
> > > Subject: Re: [EXT] Re: [PATCH v2] Supports to use the default CMA
> > > when the device-specified CMA memory is not enough.
> > >
> > > Caution: This is an external email. Please take care when clicking
> > > links or opening attachments. When in doubt, report the message
> > > using the 'Report this email' button
> > >
> > >
> > > On Thu, Jun 13, 2024 at 2:34 PM Zhai He <zhai.he@....com> wrote:
> > > >
> > > > > -----Original Message-----
> > > > > From: Barry Song <baohua@...nel.org>
> > > > > Sent: Thursday, June 13, 2024 5:37 AM
> > > > > To: Andrew Morton <akpm@...ux-foundation.org>
> > > > > Cc: Zhai He <zhai.he@....com>; sboyd@...nel.org;
> > > > > linux-mm@...ck.org; linux-kernel@...r.kernel.org;
> > > > > stable@...r.kernel.org; Zhipeng Wang <zhipeng.wang_1@....com>;
> > > > > Jindong Yue <jindong.yue@....com>; Christoph Hellwig
> > > > > <hch@....de>
> > > > > Subject: [EXT] Re: [PATCH v2] Supports to use the default CMA
> > > > > when the device-specified CMA memory is not enough.
> > > > >
> > > > > Caution: This is an external email. Please take care when
> > > > > clicking links or opening attachments. When in doubt, report the
> > > > > message using the 'Report this email' button
> > > > >
> > > > >
> > > > > On Thu, Jun 13, 2024 at 6:47 AM Andrew Morton
> > > > > <akpm@...ux-foundation.org>
> > > > > wrote:
> > > > > >
> > > > > > On Wed, 12 Jun 2024 16:12:16 +0800 "zhai.he" <zhai.he@....com>
> > > wrote:
> > > > > >
> > > > > > > From: He Zhai <zhai.he@....com>
> > > > > >
> > > > > > (cc Barry & Christoph)
> > > > > >
> > > > > > What was your reason for adding cc:stable to the email headers?
> > > > > > Does this address some serious problem?  If so, please fully
> > > > > > describe that problem.
> > > > > >
> > > > > > > In the current code logic, if the device-specified CMA
> > > > > > > memory allocation fails, memory will not be allocated from the
> default CMA area.
> > > > > > > This patch will use the default cma region when the device's
> > > > > > > specified CMA is not enough.
> > > > > > >
> > > > > > > In addition, the log level of allocation failure is changed to debug.
> > > > > > > Because these logs will be printed when memory allocation
> > > > > > > from the device specified CMA fails, but if the allocation
> > > > > > > fails, it will be allocated from the default cma area. It
> > > > > > > can easily mislead
> > > developers'
> > > > > > > judgment.
> > > > >
> > > > > I am not convinced that this patch is correct. If
> > > > > device-specific CMA is too small, why not increase it in the device tree?
> > > > > Conversely, if the default CMA size is too large, why not reduce
> > > > > it via the cmdline?  CMA offers all kinds of flexible
> > > > > configuration options based
> > > on users’ needs.
> > > > >
> > > > > One significant benefit of device-specific CMA is that it helps
> > > > > decrease fragmentation in the common CMA pool. While many
> > > > > devices allocate memory from the same pool, they have different
> > > > > memory requirements in terms of sizes and alignments. Occasions
> > > > > of memory allocation and release can lead to situations where
> > > > > the CMA pool has enough free space, yet someone fails to obtain
> contiguous memory from it.
> > > > >
> > > > > This patch entirely negates the advantage we gain from device-specific
> CMA.
> > > > > My point is that instead of modifying the core code, please
> > > > > consider correcting your device tree or cmdline configurations.
> > > > >
> > > > Because we enabled secure heap to support widevine DRM, and secure
> > > > heap requires security configuration, its starting address cannot
> > > > be specified arbitrarily, which causes the default CMA to be
> > > > reduced. So we
> > > reduced the CMA, but in order to avoid the impact of reducing the
> > > CMA, we used a multi-segment CMA and gave one segment to the VPU.
> > > >
> > > > However, under our memory configuration, the device-specific CMA
> > > > is not
> > > enough to support the VPU decoding high-resolution code streams, so
> > > this patch is added so that the VPU can work properly.
> > > > Thanks.
> > >
> > > I don’t quite understand what you are saying. Why can’t you increase
> > > VPU’s CMA size?
> > Thanks for your quick reply.
> > Because we added a secure heap to support Widevine DRM, this heap
> requires hardware protection, so its starting address cannot be specified
> arbitrarily. This causes the secure heap to occupy part of the default CMA, and
> the default CMA is therefore reduced, so in order to avoid default CMA
> Shrinking introduces other problems. We added a specific CMA area for the
> VPU. However, due to the large size of the secure heap and default CMA, There
> is no remaining memory available to increase specific CMA for VPU.
> 
> I assume the secure heap you are referring to is a section of memory that
> should only be accessed by TrustZone and not be visible to Linux running in
> non-secure mode. How do you allocate this secure heap from the default CMA?

No, secure heap is a reserved memory, secure heap is not allocated from CMA, secure heap has been reserved during the kernel startup phase.
And this reserved memory is protected by hardware. Only specific hardware and secure world can accessed it.
For example:
&{/reserved-memory/} {
        secure_region: secure {
                compatible = "imx-secure-ion-pool";
                reg = <0x0 0xA0000000 0 0x1EF00000>;
        };
};

> Do you use the cma_alloc() APIs or the dma_alloc_coherent() APIs? Given that
> the VPU has its own device-specific CMA, why is this secure heap allocated
> from the default CMA instead of the VPU's CMA?
> 
The VPU driver will use dma_alloc_coherent() to allocate contiguous memory. The secure heap is not allocated from the CMA, but because the secure heap is enabled, it occupies some contiguous memory, causing the default CMA to be reduced.

> If this secure heap was allocated before the kernel booted, why did the
> kernel(your dts) fail to mark this area as nomap/reserved to prevent the
> default CMA from intersecting with it?
> 
Secure heap does not intersect with the CMA.
for example:
before secure heap enabled:
0xA000 0000 ~ 0xFFFFFFFF: default CMA
after secure heap enabled:
0x9000 0000 ~0x9FFF FFFF is the CMA specified by VPU,
0xA000 0000 ~0xAFFF FFFF is secure heap, (the start address cannot be specified arbitrarily, because this memory is protected by hardware, if the start address is 0x9000 0000, uboot will use this memory, but uboot can't access this memory because of hardware protection. So we find a section of memory that UBOOT will not use as secure heap. 
Note: The memory of uboot can be adjusted, but avoiding the secure heap will limit the memory range that uboot can use, causing problems such as the uboot stack)
0xB000 0000 ~0xFFFFFFFF is default CMA.
So default CMA is reduced.

> >
> > > It seems you mean that only in some corner cases do you need a large
> > > CMA, but most of the time, you don’t need it to be this big? So you have
> to "borrow"
> > > memory from the
> > > default CMA. but why not move that portion from the default CMA to
> > > your VPU’s CMA?
> > >
> > This is a method, but because for VPU, the continuous memory size allocated
> by the driver is based on the video stream, we cannot determine the maximum
> size of memory required by the VPU. This makes it impossible for us to
> determine the size of the specific CMA assigned to the VPU. Thanks.
> 
> I don't understand how this can happen. You should precisely know the
> maximum size required for the VPU based on your multimedia pipeline and
> resolutions.
> 
We cannot estimate the maximum contiguous memory required by the VPU because it depends on how the video is encoded.
Thanks very much.

> I still don't understand your scenarios or the problem you are facing.


> Thanks
> Barry

Download attachment "smime.p7s" of type "application/pkcs7-signature" (9790 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ