> diff --git a/drivers/firmware/imx/ele_base_msg.c > b/drivers/firmware/imx/ele_base_msg.c > new file mode 100644 > index 000000000000..e3e570a25e85 > --- /dev/null > +++ b/drivers/firmware/imx/ele_base_msg.c > @@ -0,0 +1,286 @@ > +// SPDX-License-Identifier: GPL-2.0+ > +/* > + * Copyright 2024 NXP > + */ > + > +#include <linux/types.h> > + > +#include <linux/completion.h> > +#include <linux/dma-mapping.h> > +#include <linux/genalloc.h> > + > +#include "ele_base_msg.h" > +#include "ele_common.h" > + > +int ele_get_info(struct device *dev, struct ele_dev_info *s_info) I repeat once again: The context pointer argument should be struct se_if_priv *. Do not expect foreign code to pass in a struct device * here from which you blindly expect that it's the right one. > +int ele_fetch_soc_info(struct device *dev, u16 *soc_rev, u64 > +*serial_num) > Also here and all the other functions in this file. Accepted. > + * > + * Header file for the EdgeLock Enclave Base API(s). > + */ > + > +#ifndef ELE_BASE_MSG_H > +#define ELE_BASE_MSG_H > + > +#include <linux/device.h> > +#include <linux/types.h> > + > +#define WORD_SZ i4 > Unused. Accepted will remove in V8. > +#define ELE_NONE_VAL 0x0 > + > +#define ELE_GET_INFO_REQ 0xDA > +#define ELE_GET_INFO_REQ_MSG_SZ 0x10 > +#define ELE_GET_INFO_RSP_MSG_SZ 0x08 > + > +#define DEFAULT_IMX_SOC_VER 0xA000 > Unused Accepted will remove in V8. > +#define SOC_VER_MASK 0xFFFF0000 > Unused Accepted will remove in V8. > +int ele_msg_send(struct se_if_priv *priv, > + void *tx_msg, > + int tx_msg_sz) > +{ > + struct se_msg_hdr *header; > + int err; > + > + header = tx_msg; > + > + /* > + * Check that the size passed as argument matches the size > + * carried in the message. > + */ > + if (header->size << 2 != tx_msg_sz) { > + err = -EINVAL; > + dev_err(priv->dev, > + "User buf hdr: 0x%x, sz mismatced with input-sz (%d != %d).", > + *(u32 *)header, > + header->size << 2, tx_msg_sz); > + goto exit; > + } > + guard(mutex)(&priv->se_if_lock); > Drop this mutex. All it does is to protect mbox_send_message() which already has its own locking. Accepted. Since the TX buffers are dynamically allocated. There is no chance of TX-Buffer getting over-written. Will remove this in v8. > + > + err = mbox_send_message(priv->tx_chan, tx_msg); > + if (err < 0) { > + dev_err(priv->dev, "Error: mbox_send_message failure.\n"); > + return err; > + } > + err = tx_msg_sz; > + > +exit: > + return err; > +} > + > +void se_if_rx_callback(struct mbox_client *mbox_cl, void *msg) { > + struct se_clbk_handle *se_clbk_hdl; > + struct device *dev = mbox_cl->dev; > + struct se_msg_hdr *header; > + struct se_if_priv *priv; > + u32 rx_msg_sz; > + > + priv = dev_get_drvdata(dev); > + > + /* The function can be called with NULL msg */ > You already identified this as a possible case... Intention of this comment was to give the reason for checking "msg" for NULL, before using it. > + if (!msg) { > + dev_err(dev, "Message is invalid\n"); > ...so why print an error message here? This will help, know that there is incoming message with no length. > + return; > + } > + > + header = msg; > + rx_msg_sz = header->size << 2; > + > + /* Incoming command: wake up the receiver if any. */ > + if (header->tag == priv->cmd_tag) { > + se_clbk_hdl = &priv->cmd_receiver_clbk_hdl; > + dev_dbg(dev, > + "Selecting cmd receiver for mesg header:0x%x.", > + *(u32 *) header); > + > + /* Pre-allocated buffer of MAX_NVM_MSG_LEN > + * as the NVM command are initiated by FW. > + * Size is revealed as part of this call function. > + */ > + if (rx_msg_sz > MAX_NVM_MSG_LEN) { > + dev_err(dev, > + "CMD-RCVER NVM: hdr(0x%x) with different sz(%d != %d).\n", > + *(u32 *) header, > + rx_msg_sz, se_clbk_hdl->rx_msg_sz); > + > + se_clbk_hdl->rx_msg_sz = MAX_NVM_MSG_LEN; > + } > + se_clbk_hdl->rx_msg_sz = rx_msg_sz; > + > + } else if (header->tag == priv->rsp_tag) { > + se_clbk_hdl = &priv->waiting_rsp_clbk_hdl; > + dev_dbg(dev, > + "Selecting resp waiter for mesg header:0x%x.", > + *(u32 *) header); > + > + if (rx_msg_sz != se_clbk_hdl->rx_msg_sz > + && !exception_for_size(priv, header)) { > + dev_err(dev, > + "Rsp to CMD: hdr(0x%x) with different sz(%d != %d).\n", > + *(u32 *) header, > + rx_msg_sz, se_clbk_hdl->rx_msg_sz); > + > + se_clbk_hdl->rx_msg_sz = min(rx_msg_sz, se_clbk_hdl->rx_msg_sz); > + } > + } else { > + dev_err(dev, "Failed to select a device for message: %.8x\n", > + *((u32 *) header)); > + return; > + } > + > + memcpy(se_clbk_hdl->rx_msg, msg, se_clbk_hdl->rx_msg_sz); > + > + /* Allow user to read */ > + atomic_inc(&se_clbk_hdl->pending_hdr); > + > + wake_up_interruptible(&se_clbk_hdl->wq); > You are rebuilding a completion here, why not use a completion then? Accepted. > +#include <linux/mod_devicetable.h> > +#include <linux/module.h> > +#include <linux/of_platform.h> > +#include <linux/of_reserved_mem.h> > +#include <linux/platform_device.h> > +#include <linux/slab.h> > +#include <linux/string.h> > +#include <linux/sys_soc.h> > + > +#include "ele_base_msg.h" > +#include "ele_common.h" > +#include "se_ctrl.h" > + > +#define RESERVED_DMA_POOL BIT(0) > Unused Accepted will remove in V8. > +static void se_load_firmware(const struct firmware *fw, void > +*context) { > + struct se_if_priv *priv = context; > + const struct se_if_node_info *info = priv->info; > + phys_addr_t se_fw_phyaddr; > + u8 *se_fw_buf; > + int ret; > + > + if (!fw) { > + if (priv->fw_fail > MAX_FW_LOAD_RETRIES) > + dev_dbg(priv->dev, > + "External FW not found, using ROM FW.\n"); > + else { > + /*add a bit delay to wait for firmware priv released */ > + msleep(20); > + > + /* Load firmware one more time if timeout */ > + request_firmware_nowait(THIS_MODULE, > + FW_ACTION_UEVENT, priv->se_img_file_to_load, > + priv->dev, GFP_KERNEL, priv, > + se_load_firmware); > + priv->fw_fail++; > + dev_dbg(priv->dev, "Value of retries = 0x%x.\n", > + priv->fw_fail); > + } > + > + return; > + } > Are you continuously trying to load the firmware here in the hope that the rootfs is mounted before your retry counter exceeds? Yes. > Don't do this. Shall the retry counter to be removed, to make it predictable? Or am I missing something. Thanks. >Sascha -- Pengutronix e.K. | | Steuerwalder Str. 21 | https://eur01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.pengutr onix.de%2F&data=05%7C02%7Cpankaj.gupta%40nxp.com%7C332a105e5ed24741d3b808dcd 0c9a781%7C686ea1d3bc2b4c6fa92cd99c5c301635%7C0%7C0%7C638614811726643343%7CUn known%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJX VCI6Mn0%3D%7C0%7C%7C%7C&sdata=AzbLQ4wpSte4lA2myKQBDYRzSxhc72EcbVq42CcRo0M%3D &reserved=0 | 31137 Hildesheim, Germany | Phone: +49-5121-206917-0 | Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
Attachment:
smime.p7s
Description: S/MIME cryptographic signature