c209777216
The current codebase makes use of the zero-length array language
extension to the C90 standard, but the preferred mechanism to declare
variable-length types such as these ones is a flexible array member[1][2],
introduced in C99:
struct foo {
int stuff;
struct boo array[];
};
By making use of the mechanism above, we will get a compiler warning
in case the flexible array does not occur last in the structure, which
will help us prevent some kind of undefined behavior bugs from being
inadvertently introduced[3] to the codebase from now on.
Also, notice that, dynamic memory allocations won't be affected by
this change:
"Flexible array members have incomplete type, and so the sizeof operator
may not be applied. As a quirk of the original implementation of
zero-length arrays, sizeof evaluates to zero."[1]
sizeof(flexible-array-member) triggers a warning because flexible array
members have incomplete type[1]. There are some instances of code in
which the sizeof operator is being incorrectly/erroneously applied to
zero-length arrays and the result is zero. Such instances may be hiding
some bugs. So, this work (flexible-array member conversions) will also
help to get completely rid of those sorts of issues.
This issue was found with the help of Coccinelle.
[1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html
[2] https://github.com/KSPP/linux/issues/21
[3] commit 7649773293
("cxgb3/l2t: Fix undefined behaviour")
Reviewed-by: Jeffrey Hugo <jhugo@codeaurora.org>
Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org>
Link: https://lore.kernel.org/r/20200508210805.GA24170@embeddedor
Signed-off-by: Bjorn Andersson <bjorn.andersson@linaro.org>
243 lines
6.8 KiB
C
243 lines
6.8 KiB
C
// SPDX-License-Identifier: GPL-2.0-only
|
|
/* Copyright (c) 2010,2015,2019 The Linux Foundation. All rights reserved.
|
|
* Copyright (C) 2015 Linaro Ltd.
|
|
*/
|
|
|
|
#include <linux/slab.h>
|
|
#include <linux/io.h>
|
|
#include <linux/module.h>
|
|
#include <linux/mutex.h>
|
|
#include <linux/errno.h>
|
|
#include <linux/err.h>
|
|
#include <linux/qcom_scm.h>
|
|
#include <linux/arm-smccc.h>
|
|
#include <linux/dma-mapping.h>
|
|
|
|
#include "qcom_scm.h"
|
|
|
|
static DEFINE_MUTEX(qcom_scm_lock);
|
|
|
|
|
|
/**
|
|
* struct arm_smccc_args
|
|
* @args: The array of values used in registers in smc instruction
|
|
*/
|
|
struct arm_smccc_args {
|
|
unsigned long args[8];
|
|
};
|
|
|
|
|
|
/**
|
|
* struct scm_legacy_command - one SCM command buffer
|
|
* @len: total available memory for command and response
|
|
* @buf_offset: start of command buffer
|
|
* @resp_hdr_offset: start of response buffer
|
|
* @id: command to be executed
|
|
* @buf: buffer returned from scm_legacy_get_command_buffer()
|
|
*
|
|
* An SCM command is laid out in memory as follows:
|
|
*
|
|
* ------------------- <--- struct scm_legacy_command
|
|
* | command header |
|
|
* ------------------- <--- scm_legacy_get_command_buffer()
|
|
* | command buffer |
|
|
* ------------------- <--- struct scm_legacy_response and
|
|
* | response header | scm_legacy_command_to_response()
|
|
* ------------------- <--- scm_legacy_get_response_buffer()
|
|
* | response buffer |
|
|
* -------------------
|
|
*
|
|
* There can be arbitrary padding between the headers and buffers so
|
|
* you should always use the appropriate scm_legacy_get_*_buffer() routines
|
|
* to access the buffers in a safe manner.
|
|
*/
|
|
struct scm_legacy_command {
|
|
__le32 len;
|
|
__le32 buf_offset;
|
|
__le32 resp_hdr_offset;
|
|
__le32 id;
|
|
__le32 buf[];
|
|
};
|
|
|
|
/**
|
|
* struct scm_legacy_response - one SCM response buffer
|
|
* @len: total available memory for response
|
|
* @buf_offset: start of response data relative to start of scm_legacy_response
|
|
* @is_complete: indicates if the command has finished processing
|
|
*/
|
|
struct scm_legacy_response {
|
|
__le32 len;
|
|
__le32 buf_offset;
|
|
__le32 is_complete;
|
|
};
|
|
|
|
/**
|
|
* scm_legacy_command_to_response() - Get a pointer to a scm_legacy_response
|
|
* @cmd: command
|
|
*
|
|
* Returns a pointer to a response for a command.
|
|
*/
|
|
static inline struct scm_legacy_response *scm_legacy_command_to_response(
|
|
const struct scm_legacy_command *cmd)
|
|
{
|
|
return (void *)cmd + le32_to_cpu(cmd->resp_hdr_offset);
|
|
}
|
|
|
|
/**
|
|
* scm_legacy_get_command_buffer() - Get a pointer to a command buffer
|
|
* @cmd: command
|
|
*
|
|
* Returns a pointer to the command buffer of a command.
|
|
*/
|
|
static inline void *scm_legacy_get_command_buffer(
|
|
const struct scm_legacy_command *cmd)
|
|
{
|
|
return (void *)cmd->buf;
|
|
}
|
|
|
|
/**
|
|
* scm_legacy_get_response_buffer() - Get a pointer to a response buffer
|
|
* @rsp: response
|
|
*
|
|
* Returns a pointer to a response buffer of a response.
|
|
*/
|
|
static inline void *scm_legacy_get_response_buffer(
|
|
const struct scm_legacy_response *rsp)
|
|
{
|
|
return (void *)rsp + le32_to_cpu(rsp->buf_offset);
|
|
}
|
|
|
|
static void __scm_legacy_do(const struct arm_smccc_args *smc,
|
|
struct arm_smccc_res *res)
|
|
{
|
|
do {
|
|
arm_smccc_smc(smc->args[0], smc->args[1], smc->args[2],
|
|
smc->args[3], smc->args[4], smc->args[5],
|
|
smc->args[6], smc->args[7], res);
|
|
} while (res->a0 == QCOM_SCM_INTERRUPTED);
|
|
}
|
|
|
|
/**
|
|
* qcom_scm_call() - Sends a command to the SCM and waits for the command to
|
|
* finish processing.
|
|
*
|
|
* A note on cache maintenance:
|
|
* Note that any buffers that are expected to be accessed by the secure world
|
|
* must be flushed before invoking qcom_scm_call and invalidated in the cache
|
|
* immediately after qcom_scm_call returns. Cache maintenance on the command
|
|
* and response buffers is taken care of by qcom_scm_call; however, callers are
|
|
* responsible for any other cached buffers passed over to the secure world.
|
|
*/
|
|
int scm_legacy_call(struct device *dev, const struct qcom_scm_desc *desc,
|
|
struct qcom_scm_res *res)
|
|
{
|
|
u8 arglen = desc->arginfo & 0xf;
|
|
int ret = 0, context_id;
|
|
unsigned int i;
|
|
struct scm_legacy_command *cmd;
|
|
struct scm_legacy_response *rsp;
|
|
struct arm_smccc_args smc = {0};
|
|
struct arm_smccc_res smc_res;
|
|
const size_t cmd_len = arglen * sizeof(__le32);
|
|
const size_t resp_len = MAX_QCOM_SCM_RETS * sizeof(__le32);
|
|
size_t alloc_len = sizeof(*cmd) + cmd_len + sizeof(*rsp) + resp_len;
|
|
dma_addr_t cmd_phys;
|
|
__le32 *arg_buf;
|
|
const __le32 *res_buf;
|
|
|
|
cmd = kzalloc(PAGE_ALIGN(alloc_len), GFP_KERNEL);
|
|
if (!cmd)
|
|
return -ENOMEM;
|
|
|
|
cmd->len = cpu_to_le32(alloc_len);
|
|
cmd->buf_offset = cpu_to_le32(sizeof(*cmd));
|
|
cmd->resp_hdr_offset = cpu_to_le32(sizeof(*cmd) + cmd_len);
|
|
cmd->id = cpu_to_le32(SCM_LEGACY_FNID(desc->svc, desc->cmd));
|
|
|
|
arg_buf = scm_legacy_get_command_buffer(cmd);
|
|
for (i = 0; i < arglen; i++)
|
|
arg_buf[i] = cpu_to_le32(desc->args[i]);
|
|
|
|
rsp = scm_legacy_command_to_response(cmd);
|
|
|
|
cmd_phys = dma_map_single(dev, cmd, alloc_len, DMA_TO_DEVICE);
|
|
if (dma_mapping_error(dev, cmd_phys)) {
|
|
kfree(cmd);
|
|
return -ENOMEM;
|
|
}
|
|
|
|
smc.args[0] = 1;
|
|
smc.args[1] = (unsigned long)&context_id;
|
|
smc.args[2] = cmd_phys;
|
|
|
|
mutex_lock(&qcom_scm_lock);
|
|
__scm_legacy_do(&smc, &smc_res);
|
|
if (smc_res.a0)
|
|
ret = qcom_scm_remap_error(smc_res.a0);
|
|
mutex_unlock(&qcom_scm_lock);
|
|
if (ret)
|
|
goto out;
|
|
|
|
do {
|
|
dma_sync_single_for_cpu(dev, cmd_phys + sizeof(*cmd) + cmd_len,
|
|
sizeof(*rsp), DMA_FROM_DEVICE);
|
|
} while (!rsp->is_complete);
|
|
|
|
dma_sync_single_for_cpu(dev, cmd_phys + sizeof(*cmd) + cmd_len +
|
|
le32_to_cpu(rsp->buf_offset),
|
|
resp_len, DMA_FROM_DEVICE);
|
|
|
|
if (res) {
|
|
res_buf = scm_legacy_get_response_buffer(rsp);
|
|
for (i = 0; i < MAX_QCOM_SCM_RETS; i++)
|
|
res->result[i] = le32_to_cpu(res_buf[i]);
|
|
}
|
|
out:
|
|
dma_unmap_single(dev, cmd_phys, alloc_len, DMA_TO_DEVICE);
|
|
kfree(cmd);
|
|
return ret;
|
|
}
|
|
|
|
#define SCM_LEGACY_ATOMIC_N_REG_ARGS 5
|
|
#define SCM_LEGACY_ATOMIC_FIRST_REG_IDX 2
|
|
#define SCM_LEGACY_CLASS_REGISTER (0x2 << 8)
|
|
#define SCM_LEGACY_MASK_IRQS BIT(5)
|
|
#define SCM_LEGACY_ATOMIC_ID(svc, cmd, n) \
|
|
((SCM_LEGACY_FNID(svc, cmd) << 12) | \
|
|
SCM_LEGACY_CLASS_REGISTER | \
|
|
SCM_LEGACY_MASK_IRQS | \
|
|
(n & 0xf))
|
|
|
|
/**
|
|
* qcom_scm_call_atomic() - Send an atomic SCM command with up to 5 arguments
|
|
* and 3 return values
|
|
* @desc: SCM call descriptor containing arguments
|
|
* @res: SCM call return values
|
|
*
|
|
* This shall only be used with commands that are guaranteed to be
|
|
* uninterruptable, atomic and SMP safe.
|
|
*/
|
|
int scm_legacy_call_atomic(struct device *unused,
|
|
const struct qcom_scm_desc *desc,
|
|
struct qcom_scm_res *res)
|
|
{
|
|
int context_id;
|
|
struct arm_smccc_res smc_res;
|
|
size_t arglen = desc->arginfo & 0xf;
|
|
|
|
BUG_ON(arglen > SCM_LEGACY_ATOMIC_N_REG_ARGS);
|
|
|
|
arm_smccc_smc(SCM_LEGACY_ATOMIC_ID(desc->svc, desc->cmd, arglen),
|
|
(unsigned long)&context_id,
|
|
desc->args[0], desc->args[1], desc->args[2],
|
|
desc->args[3], desc->args[4], 0, &smc_res);
|
|
|
|
if (res) {
|
|
res->result[0] = smc_res.a1;
|
|
res->result[1] = smc_res.a2;
|
|
res->result[2] = smc_res.a3;
|
|
}
|
|
|
|
return smc_res.a0;
|
|
}
|