Re: [PATCH v3 2/2] firmware: arm_scmi: Augment SMC/HVC to allow optional parameter

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 4/17/2023 11:01 AM, Florian Fainelli wrote:
On 4/17/23 10:44, Nikunj Kela wrote:
This patch add support for passing shmem channel address as parameter
in smc/hvc call. This patch is useful when multiple scmi instances are
using same smc-id and firmware needs to distiguish among the instances.

Typo: distinguish.

Will fix it.
It really would have been a lot clearer and made a whole lot more sense to encode a VM ID/channel number within some of the SMCCC parameters, possibly as part of the function ID itself.
smc-id(func-id) is 32 bit long and the spec doesn't define any such provisions in it. Having said that, there are optional parameters as session-id and client-id(secureOS-id) that can be passed in w6/r6 and w7/r7 registers. If maintainers are OK to use dtb to pass them instead, I can rework the patches.


Signed-off-by: Nikunj Kela <quic_nkela@xxxxxxxxxxx>
---
  drivers/firmware/arm_scmi/driver.c |  1 +
  drivers/firmware/arm_scmi/smc.c    | 25 ++++++++++++++++++++++++-
  2 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/drivers/firmware/arm_scmi/driver.c b/drivers/firmware/arm_scmi/driver.c
index e7d97b59963b..b5957cc12fee 100644
--- a/drivers/firmware/arm_scmi/driver.c
+++ b/drivers/firmware/arm_scmi/driver.c
@@ -2914,6 +2914,7 @@ static const struct of_device_id scmi_of_match[] = {
  #endif
  #ifdef CONFIG_ARM_SCMI_TRANSPORT_SMC
      { .compatible = "arm,scmi-smc", .data = &scmi_smc_desc},
+    { .compatible = "arm,scmi-smc-param", .data = &scmi_smc_desc},
  #endif
  #ifdef CONFIG_ARM_SCMI_TRANSPORT_VIRTIO
      { .compatible = "arm,scmi-virtio", .data = &scmi_virtio_desc},
diff --git a/drivers/firmware/arm_scmi/smc.c b/drivers/firmware/arm_scmi/smc.c
index 93272e4bbd12..e28387346d33 100644
--- a/drivers/firmware/arm_scmi/smc.c
+++ b/drivers/firmware/arm_scmi/smc.c
@@ -20,6 +20,9 @@
    #include "common.h"
  +#define lower32(x)    ((u32)((x) & 0xffffffff))
+#define upper32(x)    ((u32)(((u64)(x) >> 32) & 0xffffffff))

Cannot you use the existing lower_32_bits and upper_32_bits macros from kernel.h here?

+
  /**
   * struct scmi_smc - Structure representing a SCMI smc transport
   *
@@ -30,6 +33,8 @@
   * @inflight: Atomic flag to protect access to Tx/Rx shared memory area.
   *          Used when operating in atomic mode.
   * @func_id: smc/hvc call function id
+ * @is_smc64: smc/hvc calling convention type 64 vs 32
+ * @param: physical address of the shmem channel
   */
    struct scmi_smc {
@@ -40,6 +45,8 @@ struct scmi_smc {
  #define INFLIGHT_NONE    MSG_TOKEN_MAX
      atomic_t inflight;
      u32 func_id;
+    bool is_smc64;
+    phys_addr_t param;
  };
    static irqreturn_t smc_msg_done_isr(int irq, void *data)
@@ -137,6 +144,8 @@ static int smc_chan_setup(struct scmi_chan_info *cinfo, struct device *dev,
      if (ret < 0)
          return ret;
  +    if (of_device_is_compatible(dev->of_node, "arm,scmi-smc-param"))
+        scmi_info->param = res.start;

There is not even a check that this is going to be part of the kernel's view of memory, that seems a bit brittle and possibly a security hole, too. Your hypervisor presumably needs to have carved out some amount of memory in order for the messages to be written to/read from, and so would the VM kernel, so eventually we should have a 'reserved-memory' entry of some sort, no?

      /*
       * If there is an interrupt named "a2p", then the service and
       * completion of a message is signaled by an interrupt rather than by @@ -156,6 +165,7 @@ static int smc_chan_setup(struct scmi_chan_info *cinfo, struct device *dev,
      }
        scmi_info->func_id = func_id;
+    scmi_info->is_smc64 = ARM_SMCCC_IS_64(func_id);
      scmi_info->cinfo = cinfo;
      smc_channel_lock_init(scmi_info);
      cinfo->transport_info = scmi_info;
@@ -188,7 +198,20 @@ static int smc_send_message(struct scmi_chan_info *cinfo,
        shmem_tx_prepare(scmi_info->shmem, xfer, cinfo);
  -    arm_smccc_1_1_invoke(scmi_info->func_id, 0, 0, 0, 0, 0, 0, 0, &res);
+#ifdef CONFIG_ARM64
+    /*
+     * if SMC32 convention is used, pass 64 bit address in
+     * two parameters
+     */
+    if (!scmi_info->is_smc64)

There is no need for scmi_info to store is_smc64, just check the func_id here and declare is_smc64 as a local variable to the function.

Also, another way to approach this would be to encode the parameters region in 4KB units such that event on a 32-bit system with LPAE you are guaranteed to fit the region into a 32-bit unsigned long. AFAIR virtualization and LPAE are indistinguishable on real CPUs?

+ arm_smccc_1_1_invoke(scmi_info->func_id,
+                     lower32(scmi_info->param),
+                     upper32(scmi_info->param),
+                     0, 0, 0, 0, 0, &res);
+    else
+#endif
+        arm_smccc_1_1_invoke(scmi_info->func_id, scmi_info->param,
+                     0, 0, 0, 0, 0, 0, &res);
        /* Only SMCCC_RET_NOT_SUPPORTED is valid error code */
      if (res.a0) {




[Index of Archives]     [Device Tree Compilter]     [Device Tree Spec]     [Linux Driver Backports]     [Video for Linux]     [Linux USB Devel]     [Linux PCI Devel]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [XFree86]     [Yosemite Backpacking]


  Powered by Linux