On 2023-06-15 00:59, Douglas Anderson wrote:
This reverts commit 7bd6680b47fa4cd53ee1047693c09825e212a6f5.
When booting a sc7180-trogdor based device on mainline, I see errors
that look like this:
qcom_scm firmware:scm: Assign memory protection call failed -22
qcom_rmtfs_mem 94600000.memory: assign memory failed
qcom_rmtfs_mem: probe of 94600000.memory failed with error -22
The device still boots OK, but WiFi doesn't work.
The failure only seems to happen when
CONFIG_INIT_ON_ALLOC_DEFAULT_ON=y. When I don't have that set then
everything is peachy. Presumably something about the extra
initialization disagrees with the change to drop cache invalidation.
AFAICS init_on_alloc essentially just adds __GFP_ZERO to the page
allocation. This should make no difference to a DMA allocation given
that dma_alloc_attrs explicitly zeros its allocation anyway. However...
for the non-coherent case, the DMA API's memset will be done through the
non-cacheable remap, while __GFP_ZERO can leave behind cached zeros for
the linear map alias. Thus what I assume must be happening here is that
"DMA" from the firmware is still making cacheable accesses to the buffer
and getting those zeros instead of whatever actual data which was
subsequently written non-cacheably direct to RAM. So either the firmware
still needs fixing to make non-cacheable accesses, or the SCM driver
needs to correctly describe it as coherent.
Thanks,
Robin.
Fixes: 7bd6680b47fa ("Revert "Revert "arm64: dma: Drop cache invalidation from arch_dma_prep_coherent()""")
Signed-off-by: Douglas Anderson <dianders@xxxxxxxxxxxx>
---
arch/arm64/mm/dma-mapping.c | 17 ++++++++++++++++-
1 file changed, 16 insertions(+), 1 deletion(-)
diff --git a/arch/arm64/mm/dma-mapping.c b/arch/arm64/mm/dma-mapping.c
index 3cb101e8cb29..5240f6acad64 100644
--- a/arch/arm64/mm/dma-mapping.c
+++ b/arch/arm64/mm/dma-mapping.c
@@ -36,7 +36,22 @@ void arch_dma_prep_coherent(struct page *page, size_t size)
{
unsigned long start = (unsigned long)page_address(page);
- dcache_clean_poc(start, start + size);
+ /*
+ * The architecture only requires a clean to the PoC here in order to
+ * meet the requirements of the DMA API. However, some vendors (i.e.
+ * Qualcomm) abuse the DMA API for transferring buffers from the
+ * non-secure to the secure world, resetting the system if a non-secure
+ * access shows up after the buffer has been transferred:
+ *
+ * https://lore.kernel.org/r/20221114110329.68413-1-manivannan.sadhasivam@xxxxxxxxxx
+ *
+ * Using clean+invalidate appears to make this issue less likely, but
+ * the drivers themselves still need fixing as the CPU could issue a
+ * speculative read from the buffer via the linear mapping irrespective
+ * of the cache maintenance we use. Once the drivers are fixed, we can
+ * relax this to a clean operation.
+ */
+ dcache_clean_inval_poc(start, start + size);
}
#ifdef CONFIG_IOMMU_DMA