lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20241224091457.1050233-3-b-padhi@ti.com>
Date: Tue, 24 Dec 2024 14:44:56 +0530
From: Beleswar Padhi <b-padhi@...com>
To: <andersson@...nel.org>, <mathieu.poirier@...aro.org>
CC: <afd@...com>, <hnagalla@...com>, <u-kumar1@...com>, <s-vadapalli@...com>,
        <srk@...com>, <jan.kiszka@...mens.com>,
        <christophe.jaillet@...adoo.fr>, <jkangas@...hat.com>,
        <eballetbo@...hat.com>, <b-padhi@...com>,
        <linux-remoteproc@...r.kernel.org>, <linux-kernel@...r.kernel.org>
Subject: [PATCH 2/3] remoteproc: k3-dsp: Fix checks in k3_dsp_rproc_{mbox_callback/kick}

Commit ea1d6fb5b571 ("remoteproc: k3-dsp: Acquire mailbox handle during
probe routine") introduced a check in the "k3_dsp_rproc_mbox_callback()"
and "k3_dsp_rproc_kick()" callbacks to exit if the remote core's state
was "RPROC_DETACHED". However, this caused issues in IPC-only mode, as
the default state of the core is set to "RPROC_DETACHED", and the
transition to "RPROC_ATTACHED" happens only after the "__rproc_attach()"
function has invoked "rproc_start_subdevices()".

The "rproc_start_subdevices()" function triggers the probe of Virtio
RPMsg subdevices, which require the mailbox callbacks to be functional.
To resolve this, a new variable, "is_attach_ongoing", is introduced to
distinguish between core states: when a core is actually detached and
when it is in the process of being attached. The callbacks are updated
to return early only if the core is actually detached and not during an
ongoing attach operation in IPC-only mode.

Reported-by: Siddharth Vadapalli <s-vadapalli@...com>
Closes: https://lore.kernel.org/all/20240916083131.2801755-1-s-vadapalli@ti.com/
Fixes: ea1d6fb5b571 ("remoteproc: k3-dsp: Acquire mailbox handle during probe routine")
Signed-off-by: Beleswar Padhi <b-padhi@...com>
---
Link to RFC version:
https://lore.kernel.org/all/20240916083131.2801755-1-s-vadapalli@ti.com/

Improvements in v1:
1. Ensured these mbox callbacks are functional when the core is in the proccess
of getting attached in IPC-Only mode.
2. Ensured these mbox callbacks are _not_ functional when the core state is
actually detached.

 drivers/remoteproc/ti_k3_dsp_remoteproc.c | 53 +++++++++++++++++------
 1 file changed, 39 insertions(+), 14 deletions(-)

diff --git a/drivers/remoteproc/ti_k3_dsp_remoteproc.c b/drivers/remoteproc/ti_k3_dsp_remoteproc.c
index a695890254ff..f20fc2db077b 100644
--- a/drivers/remoteproc/ti_k3_dsp_remoteproc.c
+++ b/drivers/remoteproc/ti_k3_dsp_remoteproc.c
@@ -76,6 +76,7 @@ struct k3_dsp_dev_data {
  * @ti_sci_id: TI-SCI device identifier
  * @mbox: mailbox channel handle
  * @client: mailbox client to request the mailbox channel
+ * @is_attach_ongoing: flag to indicate if IPC-only "attach()" is in progress
  */
 struct k3_dsp_rproc {
 	struct device *dev;
@@ -91,6 +92,7 @@ struct k3_dsp_rproc {
 	u32 ti_sci_id;
 	struct mbox_chan *mbox;
 	struct mbox_client client;
+	bool is_attach_ongoing;
 };
 
 /**
@@ -115,8 +117,11 @@ static void k3_dsp_rproc_mbox_callback(struct mbox_client *client, void *data)
 	const char *name = kproc->rproc->name;
 	u32 msg = omap_mbox_message(data);
 
-	/* Do not forward messages from a detached core */
-	if (kproc->rproc->state == RPROC_DETACHED)
+	/*
+	 * Do not forward messages from a detached core, except when the core
+	 * is in the process of being attached in IPC-only mode.
+	 */
+	if (!kproc->is_attach_ongoing && kproc->rproc->state == RPROC_DETACHED)
 		return;
 
 	dev_dbg(dev, "mbox msg: 0x%x\n", msg);
@@ -159,8 +164,11 @@ static void k3_dsp_rproc_kick(struct rproc *rproc, int vqid)
 	mbox_msg_t msg = (mbox_msg_t)vqid;
 	int ret;
 
-	/* Do not forward messages to a detached core */
-	if (kproc->rproc->state == RPROC_DETACHED)
+	/*
+	 * Do not forward messages to a detached core, except when the core is
+	 * in the process of being attached in IPC-only mode.
+	 */
+	if (!kproc->is_attach_ongoing && kproc->rproc->state == RPROC_DETACHED)
 		return;
 
 	/* send the index of the triggered virtqueue in the mailbox payload */
@@ -357,22 +365,39 @@ static int k3_dsp_rproc_stop(struct rproc *rproc)
 /*
  * Attach to a running DSP remote processor (IPC-only mode)
  *
- * This rproc attach callback is a NOP. The remote processor is already booted,
- * and all required resources have been acquired during probe routine, so there
- * is no need to issue any TI-SCI commands to boot the DSP core. This callback
- * is invoked only in IPC-only mode and exists because rproc_validate() checks
- * for its existence.
+ * This rproc attach callback only needs to set the "is_attach_ongoing" flag to
+ * notify k3_dsp_rproc_{kick/mbox_callback} functions that the core is in the
+ * process of getting attached in IPC-only mode. The remote processor is already
+ * booted, and all required resources have been acquired during probe routine,
+ * so there is no need to issue any TI-SCI commands to boot the DSP core. This
+ * callback is invoked only in IPC-only mode.
  */
-static int k3_dsp_rproc_attach(struct rproc *rproc) { return 0; }
+static int k3_dsp_rproc_attach(struct rproc *rproc)
+{
+	struct k3_dsp_rproc *kproc = rproc->priv;
+
+	kproc->is_attach_ongoing = true;
+
+	return 0;
+}
 
 /*
  * Detach from a running DSP remote processor (IPC-only mode)
  *
- * This rproc detach callback is a NOP. The DSP core is not stopped and will be
- * left to continue to run its booted firmware. This callback is invoked only in
- * IPC-only mode and exists for sanity sake.
+ * This rproc detach callback performs the opposite operation to attach callback
+ * and only needs to clear the "is_attach_ongoing" flag to ensure no mailbox
+ * messages are sent to or received from a detached core. The DSP core is not
+ * stopped and will be left to continue to run its booted firmware. This callback
+ * is invoked only in IPC-only mode.
  */
-static int k3_dsp_rproc_detach(struct rproc *rproc) { return 0; }
+static int k3_dsp_rproc_detach(struct rproc *rproc)
+{
+	struct k3_dsp_rproc *kproc = rproc->priv;
+
+	kproc->is_attach_ongoing = false;
+
+	return 0;
+}
 
 /*
  * This function implements the .get_loaded_rsc_table() callback and is used
-- 
2.34.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ