On Mon, Aug 19, 2024 at 02:59:35PM GMT, Marc Gonzalez wrote:
> On qcom msm8998, writing to the last context bank of lpass_q6_smmu
> (base address 0x05100000) produces a system freeze & reboot.
>
> The hardware/hypervisor reports 13 context banks for the LPASS SMMU
> on msm8998, but only the first 12 are accessible...
> Override the number of context banks
>
> [ 2.546101] arm-smmu 5100000.iommu: probing hardware configuration...
> [ 2.552439] arm-smmu 5100000.iommu: SMMUv2 with:
> [ 2.558945] arm-smmu 5100000.iommu: stage 1 translation
> [ 2.563627] arm-smmu 5100000.iommu: address translation ops
> [ 2.568923] arm-smmu 5100000.iommu: non-coherent table walk
> [ 2.574566] arm-smmu 5100000.iommu: (IDR0.CTTW overridden by FW configuration)
> [ 2.580220] arm-smmu 5100000.iommu: stream matching with 12 register groups
> [ 2.587263] arm-smmu 5100000.iommu: 13 context banks (0 stage-2 only)
> [ 2.614447] arm-smmu 5100000.iommu: Supported page sizes: 0x63315000
> [ 2.621358] arm-smmu 5100000.iommu: Stage-1: 36-bit VA -> 36-bit IPA
> [ 2.627772] arm-smmu 5100000.iommu: preserved 0 boot mappings
>
> Specifically, the crashes occur here:
>
> qsmmu->bypass_cbndx = smmu->num_context_banks - 1;
> arm_smmu_cb_write(smmu, qsmmu->bypass_cbndx, ARM_SMMU_CB_SCTLR, 0);
>
> and here:
>
> arm_smmu_write_context_bank(smmu, i);
> arm_smmu_cb_write(smmu, i, ARM_SMMU_CB_FSR, ARM_SMMU_CB_FSR_FAULT);
>
> It is likely that FW reserves the last context bank for its own use,
> thus a simple work-around is: DON'T USE IT in Linux.
>
> If we decrease the number of context banks, last one will be "hidden".
>
> Signed-off-by: Marc Gonzalez <mgonzalez@xxxxxxxxxx>
> ---
> drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c b/drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c
> index 7e65189ca7b8c..d08c18edf5732 100644
> --- a/drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c
> +++ b/drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c
> @@ -282,6 +282,11 @@ static int qcom_smmu_cfg_probe(struct arm_smmu_device *smmu)
> u32 smr;
> int i;
>
> + if (of_device_is_compatible(smmu->dev->of_node, "qcom,msm8998-lpass-smmu")) {
> + dev_warn(smmu->dev, "hide last ctx bank from linux");
dev_info() or dev_dbg(). dev_warn should be reserved to the case when
you need to warn the user that something went wrong. In this case it is
expected that the last bank is unusable.
> + --smmu->num_context_banks;
> + }
> +
> /*
> * Some platforms support more than the Arm SMMU architected maximum of
> * 128 stream matching groups. For unknown reasons, the additional
>
> --
> 2.34.1
>
--
With best wishes
Dmitry
