Re: [PATCH v2] soc: qcom: cmd-db: Map shared memory as WC, not WB

Pavan Kondeti <quic_pkondeti@xxxxxxxxxxx> · Thu, 18 Jul 2024 13:08:25 +0530

On Thu, Jul 18, 2024 at 11:33:23AM +0530, Maulik Shah wrote:
> From: Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>
> 
> Linux does not write into cmd-db region. This region of memory is write
> protected by XPU. XPU may sometime falsely detect clean cache eviction
> as "write" into the write protected region leading to secure interrupt
> which causes an endless loop somewhere in Trust Zone.
> 
> The only reason it is working right now is because Qualcomm Hypervisor
> maps the same region as Non-Cacheable memory in Stage 2 translation
> tables. The issue manifests if we want to use another hypervisor (like
> Xen or KVM), which does not know anything about those specific mappings.
> 
> Changing the mapping of cmd-db memory from MEMREMAP_WB to MEMREMAP_WT/WC
> removes dependency on correct mappings in Stage 2 tables. This patch
> fixes the issue by updating the mapping to MEMREMAP_WC.
> 
> I tested this on SA8155P with Xen.
> 
> Fixes: 312416d9171a ("drivers: qcom: add command DB driver")
> Cc: stable@xxxxxxxxxxxxxxx # 5.4+
> Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@xxxxxxxx>
> Tested-by: Nikita Travkin <nikita@xxxxxxx> # sc7180 WoA in EL2
> Signed-off-by: Maulik Shah <quic_mkshah@xxxxxxxxxxx>
> ---
> Changes in v2:
>  - Use MEMREMAP_WC instead of MEMREMAP_WT
>  - Update commit message from comments in v1
>  - Add Fixes tag and Cc to stable
>  - Link to v1: https://lore.kernel.org/lkml/20240327200917.2576034-1-volodymyr_babchuk@xxxxxxxx
> ---
>  drivers/soc/qcom/cmd-db.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/soc/qcom/cmd-db.c b/drivers/soc/qcom/cmd-db.c
> index d84572662017..ae66c2623d25 100644
> --- a/drivers/soc/qcom/cmd-db.c
> +++ b/drivers/soc/qcom/cmd-db.c
> @@ -349,7 +349,7 @@ static int cmd_db_dev_probe(struct platform_device *pdev)
>  		return -EINVAL;
>  	}
>  
> -	cmd_db_header = memremap(rmem->base, rmem->size, MEMREMAP_WB);
> +	cmd_db_header = memremap(rmem->base, rmem->size, MEMREMAP_WC);
>  	if (!cmd_db_header) {
>  		ret = -ENOMEM;
>  		cmd_db_header = NULL;
> 

Thanks Maulik for sharing the patch. It works as expected. Feel free to
use

Tested-by: Pavankumar Kondeti <quic_pkondeti@xxxxxxxxxxx>

Thanks,
Pavan