- Linaro-mm-sig - lists.linaro.org

[PATCH v4 00/10] vfio/pci: Allow MMIO regions to be exported through dma-buf

by Leon Romanovsky

Changelog: v4: * Split pcim_p2pdma_provider() to two functions, one that initializes array of providers and another to return right provider pointer. v3: https://lore.kernel.org/all/cover.1758804980.git.leon@kernel.org * Changed pcim_p2pdma_enable() to be pcim_p2pdma_provider(). * Cache provider in vfio_pci_dma_buf struct instead of BAR index. * Removed misleading comment from pcim_p2pdma_provider(). * Moved MMIO check to be in pcim_p2pdma_provider(). v2: https://lore.kernel.org/all/cover.1757589589.git.leon@kernel.org/ * Added extra patch which adds new CONFIG, so next patches can reuse it. * Squashed "PCI/P2PDMA: Remove redundant bus_offset from map state" into the other patch. * Fixed revoke calls to be aligned with true->false semantics. * Extended p2pdma_providers to be per-BAR and not global to whole device. * Fixed possible race between dmabuf states and revoke. * Moved revoke to PCI BAR zap block. v1: https://lore.kernel.org/all/cover.1754311439.git.leon@kernel.org * Changed commit messages. * Reused DMA_ATTR_MMIO attribute. * Returned support for multiple DMA ranges per-dMABUF. v0: https://lore.kernel.org/all/cover.1753274085.git.leonro@nvidia.com --------------------------------------------------------------------------- Based on "[PATCH v6 00/16] dma-mapping: migrate to physical address-based API" https://lore.kernel.org/all/cover.1757423202.git.leonro@nvidia.com/ series. --------------------------------------------------------------------------- This series extends the VFIO PCI subsystem to support exporting MMIO regions from PCI device BARs as dma-buf objects, enabling safe sharing of non-struct page memory with controlled lifetime management. This allows RDMA and other subsystems to import dma-buf FDs and build them into memory regions for PCI P2P operations. The series supports a use case for SPDK where a NVMe device will be owned by SPDK through VFIO but interacting with a RDMA device. The RDMA device may directly access the NVMe CMB or directly manipulate the NVMe device's doorbell using PCI P2P. However, as a general mechanism, it can support many other scenarios with VFIO. This dmabuf approach can be usable by iommufd as well for generic and safe P2P mappings. In addition to the SPDK use-case mentioned above, the capability added in this patch series can also be useful when a buffer (located in device memory such as VRAM) needs to be shared between any two dGPU devices or instances (assuming one of them is bound to VFIO PCI) as long as they are P2P DMA compatible. The implementation provides a revocable attachment mechanism using dma-buf move operations. MMIO regions are normally pinned as BARs don't change physical addresses, but access is revoked when the VFIO device is closed or a PCI reset is issued. This ensures kernel self-defense against potentially hostile userspace. The series includes significant refactoring of the PCI P2PDMA subsystem to separate core P2P functionality from memory allocation features, making it more modular and suitable for VFIO use cases that don't need struct page support. ----------------------------------------------------------------------- The series is based originally on https://lore.kernel.org/all/20250307052248.405803-1-vivek.kasireddy@intel.c… but heavily rewritten to be based on DMA physical API. ----------------------------------------------------------------------- The WIP branch can be found here: https://git.kernel.org/pub/scm/linux/kernel/git/leon/linux-rdma.git/log/?h=… Thanks Leon Romanovsky (8): PCI/P2PDMA: Separate the mmap() support from the core logic PCI/P2PDMA: Simplify bus address mapping API PCI/P2PDMA: Refactor to separate core P2P functionality from memory allocation PCI/P2PDMA: Export pci_p2pdma_map_type() function types: move phys_vec definition to common header vfio/pci: Add dma-buf export config for MMIO regions vfio/pci: Enable peer-to-peer DMA transactions by default vfio/pci: Add dma-buf export support for MMIO regions Vivek Kasireddy (2): vfio: Export vfio device get and put registration helpers vfio/pci: Share the core device pointer while invoking feature functions block/blk-mq-dma.c | 7 +- drivers/iommu/dma-iommu.c | 4 +- drivers/pci/p2pdma.c | 177 +++++++++---- drivers/vfio/pci/Kconfig | 20 ++ drivers/vfio/pci/Makefile | 2 + drivers/vfio/pci/vfio_pci_config.c | 22 +- drivers/vfio/pci/vfio_pci_core.c | 56 ++-- drivers/vfio/pci/vfio_pci_dmabuf.c | 398 +++++++++++++++++++++++++++++ drivers/vfio/pci/vfio_pci_priv.h | 23 ++ drivers/vfio/vfio_main.c | 2 + include/linux/pci-p2pdma.h | 120 +++++---- include/linux/types.h | 5 + include/linux/vfio.h | 2 + include/linux/vfio_pci_core.h | 3 + include/uapi/linux/vfio.h | 25 ++ kernel/dma/direct.c | 4 +- mm/hmm.c | 2 +- 17 files changed, 750 insertions(+), 122 deletions(-) create mode 100644 drivers/vfio/pci/vfio_pci_dmabuf.c -- 2.51.0

4 months, 2 weeks

2
19
0 0

Re: [PATCH 08/29] media: mfc: Add Exynos‑MFC driver probe support

by Krzysztof Kozlowski

On Tue, 30 Sept 2025 at 12:56, Himanshu Dewangan <h.dewangan(a)samsung.com> wrote: > > From: Nagaraju Siddineni <nagaraju.s(a)samsung.com> > > Introduce a new Kconfig entry VIDEO_EXYNOS_MFC for the Samsung > Exynos MFC driver that supports firmware version 13 and later. > Extend the top‑level Samsung platform Kconfig to disable the legacy > S5P‑MFC driver when its firmware version is > v12 and to select the > new Exynos‑MFC driver only when VIDEO_SAMSUNG_S5P_MFC is not enabled. > > Add exynos-mfc Kconfig and Makefile for probe functionality and creation > of decoder and encoder device files by registering the driver object > exynos_mfc.o and other relevant source files. > > Provide header files mfc_core_ops.h and mfc_rm.h containing core > operation prototypes, resource‑manager helpers, > and core‑selection utilities. > > Add a configurable option MFC_USE_COREDUMP to enable core‑dump > support for debugging MFC errors. > > These changes bring support for newer Exynos‑based MFC hardware, > cleanly separate it from the legacy S5P‑MFC driver, and lay the > groundwork for future feature development and debugging. > No, NAK. Existing driver is well tested and already used on newest Exynos SoC, so all this new driver is exactly how you should not work in upstream. You need to integrate into existing driver. Samsung received this review multiple times already. Best regards, Krzysztof

4 months, 2 weeks

2
3
0 0

Re: [PATCH v4 10/10] vfio/pci: Add dma-buf export support for MMIO regions

by Jason Gunthorpe

On Tue, Sep 30, 2025 at 12:50:47PM +0000, Shameer Kolothum wrote: > This is where hisi_acc reports a different BAR size as it tries to hide > the migration control region from Guest access. I think for now we should disable DMABUF for any PCI driver that implements a VFIO_DEVICE_GET_REGION_INFO For a while I've wanted to further reduce the use of the ioctl multiplexer, so maybe this series: https://github.com/jgunthorpe/linux/commits/vfio_get_region_info_op/ And then the dmabuf code can check if the ops are set to the generic or not and disable itself automatically. Otherwise perhaps route the dmabuf through an op and deliberately omit it (with a comment!) from hisi, virtio, nvgrace. We need to route it through an op anyhow as those three drivers will probably eventually want to implement their own version. Jason

4 months, 2 weeks

2
2
0 0

Re: [PATCH 00/29] media: codec: add new Samsung Exynos-MFC driver

by Nicolas Dufresne

Hi Himanshu, Le mardi 30 septembre 2025 à 09:33 +0530, Himanshu Dewangan a écrit : > Exynos MFC new driver upstream proposal > +++++++++++++++++++++++++++++++++++++++ > > The s5p-mfc driver in the kernel is quite outdated and has not kept up with the hardware advances of the MFC IP. > Going forward, we want to provide support for all the later versions of MFC in open source (both mobile and > ExynosAuto would be supported by Samsung) > > We (Samsung) would like to propose a new driver for the latest generation of Samsung MFC (Multi-Format Codec) hardware. > Although the kernel already contains a Samsung MFC driver (drivers/media/platform/s5p-mfc/), the newer hardware > diverges significantly from the previous generations, in features supported, register interface and in system integration. > This has necessitated a new driver, rather than updating the existing one. I wont deny that sometimes a new driver is needed, and I encourage you to defend your point. It does just justify any form of copy paste, also understand that device descriptions should be independent from the driver implementation. This is also why this is reviewed indecently, and DT nack won't ever be ignored by us. From quick walk through, I'm not convince this new driver actually makes use of everything new in Linux and Linux Media since 2011. It will be important for you to research what other modern drivers do, and what could apply to your code base. I'm quite skeptical with all the custom memory handling code, which generally indicates the miss-use of dma APIs. Realistically, you will have to split your driver in smaller parts and submit in a way we can see your design principle, and not just randomly unused files being added. Considering the state of it, we are up to 20 or 30 revision, with 29 patches, you won't get to the end of that process. V4L2 wise, one of the common mistakes is that you are adding a lot of new controls, most of them just slammed as vendor control without even trying to generalize. It did make sense in 2011, since there was no decoder to compare against, but today there is a lot of example and overlap between various brand. Omitting documentation and not keeping the API addition separate is also a no go for me. Make it very clear whenever something that will live in our API forever is to be added. We also added rules since 2011 that enforce drivers submitter to show that proper testing have occurred. Its starts with the very basic v4l2-compliance report which you have omitted. Since its codec driver, we require a summary of your conformance decoding testing done with fluster[] with the supported framework of your choice (for v4l2 stateful, ffmpeg and gstreamer are supported, you can add more, as long as they are open source). We also expect that your firmware has been submitted to linux-firmware with a link to that submission. Without that, we can only consider your set as an RFC to show people what is coming. regards, Nicolas > > > Current driver vs targetted driver comparison > +++++++++++++++++++++++++++++++++++++++++++++ > > Target Feature > Current mainline : Simple V4L2/ VB2 interface based encoder/ decoder > New proposed driver: Dual core support, NAL-q support, LLC, Coredump, performance > measurement, plugin driver architecture, hardware manager(meerkat), DRM/OTF, > Resource manager, bandwidth compression, New Pixel formats (NV12N, YV12, P010, > SBWC, RGB family), 10 bit support, HDR support, Prio and RR Process Scheduler support, > > Register map > Current mainline : Fixed register layout, compatible across s5p variants > New proposed driver: Completely redesigned register set, incompatible with old layout > > Command model > Current mainline : Mailbox-style command queue > New proposed driver: Ring-buffer command queue with different signaling > > Memory management > Current mainline : CMA-backed contiguous buffers, ION legacy > New proposed driver: dma-heap / scatter-gather buffers with strict alignment rules > > Firmware > Current mainline : Supports up to Firmware v12, Legacy binary format, loaded via shared mechanism > New proposed driver: New firmware format, different protocol for control messages. Support Firmware v13 onwards > > DT bindings > Current mainline : Single clock + reset, simple PM > New proposed driver: Multiple clocks, reset domains, runtime PM dependencies > > Error handling > Current mainline : Simple IRQ error flags > New proposed driver: Detailed error codes, recovery sequences required > > Code impact > Current mainline :~8k LOC, minimal conditionals > New proposed driver: ~65KLOC with full features > > > Plan for supporting latest MFC (Best balance between code clarity and long-term kernel health, while still respecting ABI and legacy users.) > 1 We propose a new driver (exynos-mfc) for the latest generation of Samsung MFC (Multi-Format Codec) hardware. > 2 MFC FW V6 to V12 will be supported by existing mainline (s5p-mfc) and later versions by Exynos-mfc driver > 3 The existing MFC driver will remain available for older SoC’s and will not be broken. The new driver will only bind > to new compatible strings in DT, avoiding regressions for legacy hardware. Samsung will take responsibility for > maintaining both drivers until the old one can be formally marked as “legacy.” > 4 Keep it buildable for old SoCs but clearly say new SoCs should use the new driver. > 5 VIDEO_SAMSUNG_S5P_MFC and VIDEO_EXYNOS_MFC will both be supported for an agreed time > 6 Long term Support for new driver - commitment from Samsung > 7 The hardware has diverged to the point where conditionally supporting both in one codebase is worse for long-term kernel health > 8 Splitting keeps the code clean, testable, and reviewable, while ensuring legacy users aren’t broken due to user space ABI guarantees. > This seems more clean and easier approach Both can coexist without code spaghetti. > > Features and description supported > ++++++++++++++++++++++++++++++++++ > > 1 MFC driver registration Probe functionality and video nodes registration > 2 MFC driver open & close support MFC firmware loading, "ls" & "cat" on the video nodes and udev rules on the video nodes > 3 H264 decoding H264 decoding support - HW supported profiles & levels (YUV420 Semi-Planar, 8-bit, min/max resolution) > 4 HEVC decoding HEVC decoding support - HW supported profiles & levels (YUV420 Semi-Planar, 8-bit, min/max resolution) > 5 VP8 decoding VP8 decoding support - HW supported profiles & levels (YUV420 Semi-Planar, 8-bit, min/max resolution) > 6 VP9 decoding VP9 decoding support - HW supported profiles & levels (YUV420 Semi-Planar, 8-bit, min/max resolution) > 7 AV1 decoding AV1 decoding support - HW supported profiles & levels (YUV420 Semi-Planar, 8-bit, min/max resolution) > 8 H264 encoding H264 encoding support - Basic encoding (YUV420 Semi-Planar, 8-bit, min/max resolution) > 9 HEVC encoding HEVC encoding support - Basic encoding (YUV420 Semi-Planar, 8-bit, min/max resolution) > 10 VP8 encoding VP8 encoding support - Basic encoding (YUV420 Semi-Planar, 8-bit, min/max resolution) > 11 VP9 encoding VP9 encoding support - Basic encoding (YUV420 Semi-Planar, 8-bit, min/max resolution) > 12 Debug fs support Debug fs to control the MFC functionalities > 13 Debug log support Debug logs to get on the dmesg prompt for debug purpose > 14 Debug SFR dump support MFC SFR dumps during failures > 15 NAL Queue mode control NAL Queue mode support > 16 Batch mode control Batch mode support > 17 HW supported YUV formats YUV 420, 422, 444 (planar, semi-planar) formats support as per MFC HW specification > 18 HW supported RGB formats RGB format support as per MFC HW specification > 19 Multi instance decoding/encoding Multi instance decoding/encoding > 20 Suspend and resume Suspend and resume support > 21 Runtime suspend and resume Runtime suspend and resume support > 22 Priority decoding (decoders) Priority decoding support > 23 Frame delay configuration (decoders) Frame delay configuration support > 24 Error handling and conceal control (decoders) HW/Platform limitations should be gracefully exited and, > bit stream errors should be reported or concealed with warning indication > 25 Reference frame control (encoders) Reference frame control support > 26 SPS/PPS control (encoders) SPS/PPS control support > 27 Loop filter control (encoders) Loop filter control support > 28 B frame support (encoders) B frame support > 29 GOP control (encoders) GOP control support > 30 Frame rate control (encoders) Frame rate control support > > Features to be supported in 2026 > +++++++++++++++++++++++++++++++++ > > 31 Bit rate control (encoders) Bit rate control support > 32 QP control (encoders) QP control support > 33 I/IDR control (encoders) I/IDR control support > 34 Scalable control (encoders) Scalable control support > 35 ROI control (encoders) ROI control support > 36 Multi slice control (encoders) Multi slice control support > 37 Profile/Level control (encoders) Profile/Level control support > 38 Padding control (encoders) Padding control support > 39 Aspect ratio control (encoders) Aspect ratio control support > 40 Buffer full handling (encoders) Buffer full handling support > 41 SBWC SBWC bandwidth compression support > 42 10-bit support 10-bit support as per MFC HW specification > 43 Secure signed FW support Security signed FW support > 44 Secure playback DRM content playback for decoders > 45 HDR Support (decoders) HDR metadata support > 46 Dynamic resolution change Dynamic resolution change support > > Nagaraju Siddineni (29): > dt-bindings: media: mfc: Add Exynos MFC devicetree binding > arm64: dts: mfc: Add MFC device tree for Auto V920 SoC > media: mfc: Add MFC driver data structures and debugging macros > media: mfc: Add full register map and bit definitions for MFC hardware > media: mfc: Add MFC driver header files and core utilities > media: mfc: Add MFC core hardware register and debugfs APIs > media: mfc: Add MFC core command, hwlock, ISR and run functionalities > media: mfc: Add Exynos‑MFC driver probe support > media: mfc: Add bus‑devfreq, QoS, multi‑view and control > infrastructure > media: mfc: Add buffer‑queue and IOVMM support > media: mfc: Add rate‑calculation framework and memory utilities > media: mfc: Introduce QoS support and instance context handling > media: mfc: Add decoder core sync functions > media: mfc: Add buffer‑control framework > media: mfc: Add decoder resource‑management (RM) support and > load‑balancing > media: mfc: Enhance HW‑lock handling, scheduling and error recovery > media: mfc: Add VB2 decoder support > media: mfc: Add V4L2 decoder driver > media: mfc: Add QoS, Butler workqueue, and priority‑based scheduling > media: mfc: Add H264 decoder support > media: mfc: Add multi‑codec support & QoS improvements > media: mfc: Add H.264 encoder support with buffer and QoS improvements > media: mfc: Add encoder parameters, ROI & QoS support > media: mfc: Add encoder VB2 support to driver > media: mfc: Add encoder v4l2 driver interface > media: mfc: Add full encoder support > media: mfc: Add H.264 encoder support > media: mfc: Add AVC, VP8, VP9, and HEVC encoding support > media: mfc: Hardware‑accelerated encoding support > > .../bindings/media/samsung,exynos-mfc.yaml | 77 + > MAINTAINERS | 10 + > .../dts/exynos/exynosautov920-evt2-mfc.dtsi | 630 +++ > .../arm64/boot/dts/exynos/exynosautov920.dtsi | 1 + > drivers/media/platform/samsung/Kconfig | 7 + > drivers/media/platform/samsung/Makefile | 1 + > .../media/platform/samsung/exynos-mfc/Kconfig | 34 + > .../platform/samsung/exynos-mfc/Makefile | 26 + > .../samsung/exynos-mfc/base/mfc_buf.c | 765 +++ > .../samsung/exynos-mfc/base/mfc_buf.h | 43 + > .../samsung/exynos-mfc/base/mfc_common.h | 444 ++ > .../samsung/exynos-mfc/base/mfc_data_struct.h | 2014 +++++++ > .../samsung/exynos-mfc/base/mfc_debug.h | 247 + > .../samsung/exynos-mfc/base/mfc_format.h | 316 ++ > .../samsung/exynos-mfc/base/mfc_macros.h | 95 + > .../samsung/exynos-mfc/base/mfc_media.h | 554 ++ > .../samsung/exynos-mfc/base/mfc_mem.c | 995 ++++ > .../samsung/exynos-mfc/base/mfc_mem.h | 155 + > .../samsung/exynos-mfc/base/mfc_qos.c | 1070 ++++ > .../samsung/exynos-mfc/base/mfc_qos.h | 99 + > .../samsung/exynos-mfc/base/mfc_queue.c | 966 ++++ > .../samsung/exynos-mfc/base/mfc_queue.h | 158 + > .../exynos-mfc/base/mfc_rate_calculate.c | 640 +++ > .../exynos-mfc/base/mfc_rate_calculate.h | 106 + > .../samsung/exynos-mfc/base/mfc_regs.h | 58 + > .../samsung/exynos-mfc/base/mfc_regs_mfc.h | 1002 ++++ > .../samsung/exynos-mfc/base/mfc_sched.h | 30 + > .../samsung/exynos-mfc/base/mfc_utils.c | 401 ++ > .../samsung/exynos-mfc/base/mfc_utils.h | 481 ++ > .../media/platform/samsung/exynos-mfc/mfc.c | 1366 +++++ > .../platform/samsung/exynos-mfc/mfc_core.c | 703 +++ > .../samsung/exynos-mfc/mfc_core_buf_ctrl.c | 543 ++ > .../samsung/exynos-mfc/mfc_core_cmd.c | 576 ++ > .../samsung/exynos-mfc/mfc_core_cmd.h | 41 + > .../samsung/exynos-mfc/mfc_core_enc_param.c | 1463 ++++++ > .../samsung/exynos-mfc/mfc_core_enc_param.h | 23 + > .../samsung/exynos-mfc/mfc_core_hw_reg_api.c | 122 + > .../samsung/exynos-mfc/mfc_core_hw_reg_api.h | 144 + > .../samsung/exynos-mfc/mfc_core_hwlock.c | 761 +++ > .../samsung/exynos-mfc/mfc_core_hwlock.h | 80 + > .../samsung/exynos-mfc/mfc_core_intlock.c | 98 + > .../samsung/exynos-mfc/mfc_core_intlock.h | 20 + > .../samsung/exynos-mfc/mfc_core_isr.c | 2104 ++++++++ > .../samsung/exynos-mfc/mfc_core_isr.h | 25 + > .../samsung/exynos-mfc/mfc_core_ops.c | 813 +++ > .../samsung/exynos-mfc/mfc_core_ops.h | 16 + > .../platform/samsung/exynos-mfc/mfc_core_pm.c | 209 + > .../platform/samsung/exynos-mfc/mfc_core_pm.h | 33 + > .../samsung/exynos-mfc/mfc_core_reg_api.c | 597 +++ > .../samsung/exynos-mfc/mfc_core_reg_api.h | 380 ++ > .../samsung/exynos-mfc/mfc_core_run.c | 541 ++ > .../samsung/exynos-mfc/mfc_core_run.h | 35 + > .../samsung/exynos-mfc/mfc_core_sched_prio.c | 431 ++ > .../samsung/exynos-mfc/mfc_core_sync.c | 423 ++ > .../samsung/exynos-mfc/mfc_core_sync.h | 34 + > .../samsung/exynos-mfc/mfc_ctx_ctrl.c | 1469 ++++++ > .../platform/samsung/exynos-mfc/mfc_debugfs.c | 248 + > .../platform/samsung/exynos-mfc/mfc_debugfs.h | 20 + > .../samsung/exynos-mfc/mfc_dec_v4l2.c | 1739 +++++++ > .../samsung/exynos-mfc/mfc_dec_v4l2.h | 20 + > .../platform/samsung/exynos-mfc/mfc_dec_vb2.c | 394 ++ > .../platform/samsung/exynos-mfc/mfc_dec_vb2.h | 19 + > .../samsung/exynos-mfc/mfc_enc_v4l2.c | 4614 +++++++++++++++++ > .../samsung/exynos-mfc/mfc_enc_v4l2.h | 20 + > .../platform/samsung/exynos-mfc/mfc_enc_vb2.c | 443 ++ > .../platform/samsung/exynos-mfc/mfc_enc_vb2.h | 19 + > .../platform/samsung/exynos-mfc/mfc_rm.c | 2652 ++++++++++ > .../platform/samsung/exynos-mfc/mfc_rm.h | 110 + > 68 files changed, 34773 insertions(+) > create mode 100644 Documentation/devicetree/bindings/media/samsung,exynos-mfc.yaml > create mode 100644 arch/arm64/boot/dts/exynos/exynosautov920-evt2-mfc.dtsi > create mode 100644 drivers/media/platform/samsung/exynos-mfc/Kconfig > create mode 100644 drivers/media/platform/samsung/exynos-mfc/Makefile > create mode 100644 drivers/media/platform/samsung/exynos-mfc/base/mfc_buf.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/base/mfc_buf.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/base/mfc_common.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/base/mfc_data_struct.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/base/mfc_debug.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/base/mfc_format.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/base/mfc_macros.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/base/mfc_media.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/base/mfc_mem.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/base/mfc_mem.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/base/mfc_qos.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/base/mfc_qos.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/base/mfc_queue.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/base/mfc_queue.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/base/mfc_rate_calculate.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/base/mfc_rate_calculate.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/base/mfc_regs.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/base/mfc_regs_mfc.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/base/mfc_sched.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/base/mfc_utils.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/base/mfc_utils.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_core.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_core_buf_ctrl.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_core_cmd.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_core_cmd.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_core_enc_param.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_core_enc_param.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_core_hw_reg_api.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_core_hw_reg_api.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_core_hwlock.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_core_hwlock.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_core_intlock.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_core_intlock.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_core_isr.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_core_isr.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_core_ops.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_core_ops.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_core_pm.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_core_pm.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_core_reg_api.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_core_reg_api.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_core_run.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_core_run.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_core_sched_prio.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_core_sync.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_core_sync.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_ctx_ctrl.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_debugfs.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_debugfs.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_dec_v4l2.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_dec_v4l2.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_dec_vb2.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_dec_vb2.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_enc_v4l2.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_enc_v4l2.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_enc_vb2.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_enc_vb2.h > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_rm.c > create mode 100644 drivers/media/platform/samsung/exynos-mfc/mfc_rm.h

4 months, 2 weeks

1
0
0 0

Re: [PATCH 02/29] arm64: dts: mfc: Add MFC device tree for Auto V920 SoC

by Krzysztof Kozlowski

On Tue, 30 Sept 2025 at 12:55, Himanshu Dewangan <h.dewangan(a)samsung.com> wrote: > > From: Nagaraju Siddineni <nagaraju.s(a)samsung.com> > > Introduce the device‑tree entries for the Samsung Exynos AUTO V920 > multimedia‑function controller (MFC). The patch defines: > - Reserved memory regions for firmware and CMA buffers. > - Core0 and Core1 memory mappings. > - The main MFC node with basic properties (compatible, reg, interrupts, > clocks, DMA window, firmware name, debug mode, etc.). > - Per‑core sub‑nodes (MFC‑0 and MFC‑1) with their own sysmmu, > firmware region, and configuration parameters. > - Resource table listing supported codecs and their capabilities. > > Adds full support for the V920 MFC hardware to the mainline kernel > device‑tree, enabling proper memory allocation, interrupt handling and > codec operation on this platform. > > Signed-off-by: Nagaraju Siddineni <nagaraju.s(a)samsung.com> > Signed-off-by: Himanshu Dewangan <h.dewangan(a)samsung.com> > --- > .../dts/exynos/exynosautov920-evt2-mfc.dtsi | 187 ++++++++++++++++++ No, there are no such files. Don't push your downstream here. > .../arm64/boot/dts/exynos/exynosautov920.dtsi | 1 + > 2 files changed, 188 insertions(+) > create mode 100644 arch/arm64/boot/dts/exynos/exynosautov920-evt2-mfc.dtsi > This doesn't belong to media patchset, don't combine them. Anyway, you completely disregarded DTS coding style and how we were Samsung DTS. Please don't send us downstream code. I won't be reviewing this, you need to start from scratch looming at other recent code. Remember also about Samsung maintainer profile, although with such completely broken and non working bindings it's pointless now - this code couldn't even be reliably tested with them. Best regards, Krzysztof

4 months, 2 weeks

1
0
0 0

Re: [PATCH 01/29] dt-bindings: media: mfc: Add Exynos MFC devicetree binding

by Krzysztof Kozlowski

On Tue, 30 Sept 2025 at 12:55, Himanshu Dewangan <h.dewangan(a)samsung.com> wrote: > > From: Nagaraju Siddineni <nagaraju.s(a)samsung.com> > > Introduce a new DT binding file for exynos-mfc > > Documentation/devicetree/bindings/media/samsung,exynos-mfc.yaml > which describes the Exynos Multi‑Format Codec (MFC) IP. The schema > covers the core node properties, required fields, and provides an > example snippet. > > Signed-off-by: Himanshu Dewangan <h.dewangan(a)samsung.com> > Signed-off-by: Nagaraju Siddineni <nagaraju.s(a)samsung.com> > --- > .../bindings/media/samsung,exynos-mfc.yaml | 77 +++++++++++++++++++ > MAINTAINERS | 10 +++ > 2 files changed, 87 insertions(+) > create mode 100644 Documentation/devicetree/bindings/media/samsung,exynos-mfc.yaml > > diff --git a/Documentation/devicetree/bindings/media/samsung,exynos-mfc.yaml b/Documentation/devicetree/bindings/media/samsung,exynos-mfc.yaml > new file mode 100644 > index 000000000000..fbed987fb9cf > --- /dev/null > +++ b/Documentation/devicetree/bindings/media/samsung,exynos-mfc.yaml > @@ -0,0 +1,77 @@ > +# SPDX-License-Identifier: GPL-2.0-only OR BSD-2-Clause > +%YAML 1.2 > +--- > +$id: http://devicetree.org/schemas/media/samsung,exynos-mfc.yaml# > +$schema: http://devicetree.org/meta-schemas/core.yaml# > + > +title: Samsung Exynos Multi Format Codec (MFC) > + > +maintainers: > + - Nagaraju Siddineni <nagaraju.s(a)samsung.com> > + - Himanshu Dewangan <h.dewangan(a)samsung.com> > + > +description: > + Multi Format Codec (MFC) is the IP present in Samsung SoCs which > + supports high resolution decoding and encoding functionalities. > + > +properties: > + compatible: > + oneOf: > + - enum: > + - samsung,exynos-mfc # Exynos920 > + - samsung,mfc_core0_mem # Reserved Memory > + - samsung,mfc_core1_mem # Reserved Memory NAK These bindings duplicate existing ones, do not follow any existing standards (wrong compatible) and are written completely different than any other binding, which means you probably created big AI slop. I'm not going to review this, it's quality is just beyond basic standards. Sending something like this from Samsung means you do not respect our time. You need to stay from scratch and read existing documentation and existing bindings I'll be organizing a mini meeting with Samsung on 13th Oct in Seoul, feel free to join if you are around. I can explain then more why wasting our time is making me very grumpy. Best regards, Krzysztof

4 months, 2 weeks

1
0
0 0

[RFC PATCH v2 0/2] dma-buf private interconnect POC

by Thomas Hellström

Two patches to implement a generic framework for dma-buf to support local private interconnects, in particular interconnects that are not driver-private. The interconnect support is negotiated as part of an attachment and is not a property of the dma-buf itself. Just like pcie p2p support. The first patch adds members to the dma_buf_attach_ops and to the dma_buf_attachment structure. These are needed for generic check of interconnect support, typically when an interconnect is shared between drivers. For truly driver-private interconnects they are not strictly needed, but still could be convenient. The second patch implements an interconnect negotiation for xe, without actually changing the protocol itself from pcie_p2p. Just as an example. This patch is not intended to be merged. Note: This RFC only deals with interconnect negotiation. The attachment state and what data-structure to use to convey the mapping information is not dealt with in this RFC. v2: - Get rid of void pointers and instead provide generic structures that are intended to be embedded / subclassed for each interconnect implementation. Thomas Hellström (2): dma-buf: Add support for private interconnects drm/xe/dma-buf: Add generic interconnect support framework drivers/gpu/drm/xe/tests/xe_dma_buf.c | 12 ++--- drivers/gpu/drm/xe/xe_dma_buf.c | 73 ++++++++++++++++++++++++--- drivers/gpu/drm/xe/xe_dma_buf.h | 1 - drivers/gpu/drm/xe/xe_interconnect.h | 31 ++++++++++++ include/linux/dma-buf.h | 51 +++++++++++++++++++ 5 files changed, 155 insertions(+), 13 deletions(-) create mode 100644 drivers/gpu/drm/xe/xe_interconnect.h -- 2.51.0

4 months, 2 weeks

3
15
0 0

[PATCH v2 00/10] vfio/pci: Allow MMIO regions to be exported through dma-buf

by Leon Romanovsky

Changelog: v2: * Added extra patch which adds new CONFIG, so next patches can reuse it. * Squashed "PCI/P2PDMA: Remove redundant bus_offset from map state" into the other patch. * Fixed revoke calls to be aligned with true->false semantics. * Extended p2pdma_providers to be per-BAR and not global to whole device. * Fixed possible race between dmabuf states and revoke. * Moved revoke to PCI BAR zap block. v1: https://lore.kernel.org/all/cover.1754311439.git.leon@kernel.org * Changed commit messages. * Reused DMA_ATTR_MMIO attribute. * Returned support for multiple DMA ranges per-dMABUF. v0: https://lore.kernel.org/all/cover.1753274085.git.leonro@nvidia.com --------------------------------------------------------------------------- Based on "[PATCH v6 00/16] dma-mapping: migrate to physical address-based API" https://lore.kernel.org/all/cover.1757423202.git.leonro@nvidia.com/ series. --------------------------------------------------------------------------- This series extends the VFIO PCI subsystem to support exporting MMIO regions from PCI device BARs as dma-buf objects, enabling safe sharing of non-struct page memory with controlled lifetime management. This allows RDMA and other subsystems to import dma-buf FDs and build them into memory regions for PCI P2P operations. The series supports a use case for SPDK where a NVMe device will be owned by SPDK through VFIO but interacting with a RDMA device. The RDMA device may directly access the NVMe CMB or directly manipulate the NVMe device's doorbell using PCI P2P. However, as a general mechanism, it can support many other scenarios with VFIO. This dmabuf approach can be usable by iommufd as well for generic and safe P2P mappings. In addition to the SPDK use-case mentioned above, the capability added in this patch series can also be useful when a buffer (located in device memory such as VRAM) needs to be shared between any two dGPU devices or instances (assuming one of them is bound to VFIO PCI) as long as they are P2P DMA compatible. The implementation provides a revocable attachment mechanism using dma-buf move operations. MMIO regions are normally pinned as BARs don't change physical addresses, but access is revoked when the VFIO device is closed or a PCI reset is issued. This ensures kernel self-defense against potentially hostile userspace. The series includes significant refactoring of the PCI P2PDMA subsystem to separate core P2P functionality from memory allocation features, making it more modular and suitable for VFIO use cases that don't need struct page support. ----------------------------------------------------------------------- The series is based originally on https://lore.kernel.org/all/20250307052248.405803-1-vivek.kasireddy@intel.c… but heavily rewritten to be based on DMA physical API. ----------------------------------------------------------------------- The WIP branch can be found here: https://git.kernel.org/pub/scm/linux/kernel/git/leon/linux-rdma.git/log/?h=… Thanks Leon Romanovsky (8): PCI/P2PDMA: Separate the mmap() support from the core logic PCI/P2PDMA: Simplify bus address mapping API PCI/P2PDMA: Refactor to separate core P2P functionality from memory allocation PCI/P2PDMA: Export pci_p2pdma_map_type() function types: move phys_vec definition to common header vfio/pci: Add dma-buf export config for MMIO regions vfio/pci: Enable peer-to-peer DMA transactions by default vfio/pci: Add dma-buf export support for MMIO regions :wqa Vivek Kasireddy (2): vfio: Export vfio device get and put registration helpers vfio/pci: Share the core device pointer while invoking feature functions block/blk-mq-dma.c | 7 +- drivers/iommu/dma-iommu.c | 4 +- drivers/pci/p2pdma.c | 165 ++++++++---- drivers/vfio/pci/Kconfig | 20 ++ drivers/vfio/pci/Makefile | 2 + drivers/vfio/pci/vfio_pci_config.c | 22 +- drivers/vfio/pci/vfio_pci_core.c | 59 +++-- drivers/vfio/pci/vfio_pci_dmabuf.c | 398 +++++++++++++++++++++++++++++ drivers/vfio/pci/vfio_pci_priv.h | 23 ++ drivers/vfio/vfio_main.c | 2 + include/linux/pci-p2pdma.h | 114 +++++---- include/linux/types.h | 5 + include/linux/vfio.h | 2 + include/linux/vfio_pci_core.h | 4 + include/uapi/linux/vfio.h | 25 ++ kernel/dma/direct.c | 4 +- mm/hmm.c | 2 +- 17 files changed, 734 insertions(+), 124 deletions(-) create mode 100644 drivers/vfio/pci/vfio_pci_dmabuf.c -- 2.51.0

4 months, 2 weeks

3
23
0 0

[PATCH v3 0/2] accel: Add Arm Ethos-U NPU

by Rob Herring (Arm)

The Arm Ethos-U65/85 NPUs are designed for edge AI inference applications[0]. The driver works with Mesa Teflon. A merge request for Ethos support is here[1]. The UAPI should also be compatible with the downstream (open source) driver stack[2] and Vela compiler though that has not been implemented. Testing so far has been on i.MX93 boards with Ethos-U65 and a FVP model with Ethos-U85. More work is needed in mesa for handling U85 command stream differences, but that doesn't affect the UABI. A git tree is here[3]. Rob [0] https://www.arm.com/products/silicon-ip-cpu?families=ethos%20npus [1] https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/36699/ [2] https://gitlab.arm.com/artificial-intelligence/ethos-u/ [3] git://git.kernel.org/pub/scm/linux/kernel/git/robh/linux.git ethos-v3 Signed-off-by: Rob Herring (Arm) <robh(a)kernel.org> --- Changes in v3: - Rework and improve job submit validation - Rename ethos to ethosu. There was an Ethos-Nxx that's unrelated. - Add missing init for sched_lock mutex - Drop some prints to debug level - Fix i.MX93 SRAM accesses (AXI config) - Add U85 AXI configuration and test on FVP with U85 - Print the current cmd value on timeout - Link to v2: https://lore.kernel.org/r/20250811-ethos-v2-0-a219fc52a95b@kernel.org Changes in v2: - Rebase on v6.17-rc1 adapting to scheduler changes - scheduler: Drop the reset workqueue. According to the scheduler docs, we don't need it since we have a single h/w queue. - scheduler: Rework the timeout handling to continue running if we are making progress. Fixes timeouts on larger jobs. - Reset the NPU on resume so it's in a known state - Add error handling on clk_get() calls - Fix drm_mm splat on module unload. We were missing a put on the cmdstream BO in the scheduler clean-up. - Fix 0-day report needing explicit bitfield.h include - Link to v1: https://lore.kernel.org/r/20250722-ethos-v1-0-cc1c5a0cbbfb@kernel.org --- Rob Herring (Arm) (2): dt-bindings: npu: Add Arm Ethos-U65/U85 accel: Add Arm Ethos-U NPU driver .../devicetree/bindings/npu/arm,ethos.yaml | 79 +++ MAINTAINERS | 9 + drivers/accel/Kconfig | 1 + drivers/accel/Makefile | 1 + drivers/accel/ethosu/Kconfig | 10 + drivers/accel/ethosu/Makefile | 4 + drivers/accel/ethosu/ethosu_device.h | 187 ++++++ drivers/accel/ethosu/ethosu_drv.c | 430 +++++++++++++ drivers/accel/ethosu/ethosu_drv.h | 15 + drivers/accel/ethosu/ethosu_gem.c | 709 +++++++++++++++++++++ drivers/accel/ethosu/ethosu_gem.h | 46 ++ drivers/accel/ethosu/ethosu_job.c | 543 ++++++++++++++++ drivers/accel/ethosu/ethosu_job.h | 41 ++ include/uapi/drm/ethosu_accel.h | 262 ++++++++ 14 files changed, 2337 insertions(+) --- base-commit: 8f5ae30d69d7543eee0d70083daf4de8fe15d585 change-id: 20250715-ethos-3fdd39ef6f19 Best regards, -- Rob Herring (Arm) <robh(a)kernel.org>

4 months, 3 weeks

1
2
0 0

[RFC PATCH 0/2] dma-buf private interconnect POC

by Thomas Hellström

Two patches to implement a generic framework for dma-buf to support local private interconnects. The interconnect support is negotiated as part of an attachment and is not a property of the dma-buf itself. Just like pcie p2p support. The first patch adds members to the dma_buf_attach_ops and to the dma_buf_attachment structure. These are needed for generic check of interconnect support, typically when an interconnect is shared between drivers. For truly driver-private interconnects they are not strictly needed, but still could be convenient. The second patch implements an interconnect negotiation for xe, without actually changing the protocol itself from pcie_p2p. Just as an example. Thomas Hellström (2): dma-buf: Add support for private interconnects drm/xe/dma-buf: Add generic interconnect support framework drivers/gpu/drm/xe/tests/xe_dma_buf.c | 12 +++--- drivers/gpu/drm/xe/xe_dma_buf.c | 54 +++++++++++++++++++++++---- drivers/gpu/drm/xe/xe_dma_buf.h | 1 - drivers/gpu/drm/xe/xe_interconnect.h | 22 +++++++++++ include/linux/dma-buf.h | 15 ++++++++ 5 files changed, 90 insertions(+), 14 deletions(-) create mode 100644 drivers/gpu/drm/xe/xe_interconnect.h -- 2.51.0

4 months, 3 weeks

1
3
0 0

[PATCH v3 00/10] vfio/pci: Allow MMIO regions to be exported through dma-buf

by Leon Romanovsky

Changelog: v3: * Changed pcim_p2pdma_enable() to be pcim_p2pdma_provider(). * Cache provider in vfio_pci_dma_buf struct instead of BAR index. * Removed misleading comment from pcim_p2pdma_provider(). * Moved MMIO check to be in pcim_p2pdma_provider(). v2: https://lore.kernel.org/all/cover.1757589589.git.leon@kernel.org/ * Added extra patch which adds new CONFIG, so next patches can reuse it. * Squashed "PCI/P2PDMA: Remove redundant bus_offset from map state" into the other patch. * Fixed revoke calls to be aligned with true->false semantics. * Extended p2pdma_providers to be per-BAR and not global to whole device. * Fixed possible race between dmabuf states and revoke. * Moved revoke to PCI BAR zap block. v1: https://lore.kernel.org/all/cover.1754311439.git.leon@kernel.org * Changed commit messages. * Reused DMA_ATTR_MMIO attribute. * Returned support for multiple DMA ranges per-dMABUF. v0: https://lore.kernel.org/all/cover.1753274085.git.leonro@nvidia.com --------------------------------------------------------------------------- Based on "[PATCH v6 00/16] dma-mapping: migrate to physical address-based API" https://lore.kernel.org/all/cover.1757423202.git.leonro@nvidia.com/ series. --------------------------------------------------------------------------- This series extends the VFIO PCI subsystem to support exporting MMIO regions from PCI device BARs as dma-buf objects, enabling safe sharing of non-struct page memory with controlled lifetime management. This allows RDMA and other subsystems to import dma-buf FDs and build them into memory regions for PCI P2P operations. The series supports a use case for SPDK where a NVMe device will be owned by SPDK through VFIO but interacting with a RDMA device. The RDMA device may directly access the NVMe CMB or directly manipulate the NVMe device's doorbell using PCI P2P. However, as a general mechanism, it can support many other scenarios with VFIO. This dmabuf approach can be usable by iommufd as well for generic and safe P2P mappings. In addition to the SPDK use-case mentioned above, the capability added in this patch series can also be useful when a buffer (located in device memory such as VRAM) needs to be shared between any two dGPU devices or instances (assuming one of them is bound to VFIO PCI) as long as they are P2P DMA compatible. The implementation provides a revocable attachment mechanism using dma-buf move operations. MMIO regions are normally pinned as BARs don't change physical addresses, but access is revoked when the VFIO device is closed or a PCI reset is issued. This ensures kernel self-defense against potentially hostile userspace. The series includes significant refactoring of the PCI P2PDMA subsystem to separate core P2P functionality from memory allocation features, making it more modular and suitable for VFIO use cases that don't need struct page support. ----------------------------------------------------------------------- The series is based originally on https://lore.kernel.org/all/20250307052248.405803-1-vivek.kasireddy@intel.c… but heavily rewritten to be based on DMA physical API. ----------------------------------------------------------------------- The WIP branch can be found here: https://git.kernel.org/pub/scm/linux/kernel/git/leon/linux-rdma.git/log/?h=… Thanks Leon Romanovsky (8): PCI/P2PDMA: Separate the mmap() support from the core logic PCI/P2PDMA: Simplify bus address mapping API PCI/P2PDMA: Refactor to separate core P2P functionality from memory allocation PCI/P2PDMA: Export pci_p2pdma_map_type() function types: move phys_vec definition to common header vfio/pci: Add dma-buf export config for MMIO regions vfio/pci: Enable peer-to-peer DMA transactions by default vfio/pci: Add dma-buf export support for MMIO regions Vivek Kasireddy (2): vfio: Export vfio device get and put registration helpers vfio/pci: Share the core device pointer while invoking feature functions block/blk-mq-dma.c | 7 +- drivers/iommu/dma-iommu.c | 4 +- drivers/pci/p2pdma.c | 176 +++++++++---- drivers/vfio/pci/Kconfig | 20 ++ drivers/vfio/pci/Makefile | 2 + drivers/vfio/pci/vfio_pci_config.c | 22 +- drivers/vfio/pci/vfio_pci_core.c | 58 +++-- drivers/vfio/pci/vfio_pci_dmabuf.c | 394 +++++++++++++++++++++++++++++ drivers/vfio/pci/vfio_pci_priv.h | 23 ++ drivers/vfio/vfio_main.c | 2 + include/linux/pci-p2pdma.h | 115 +++++---- include/linux/types.h | 5 + include/linux/vfio.h | 2 + include/linux/vfio_pci_core.h | 4 + include/uapi/linux/vfio.h | 25 ++ kernel/dma/direct.c | 4 +- mm/hmm.c | 2 +- 17 files changed, 741 insertions(+), 124 deletions(-) create mode 100644 drivers/vfio/pci/vfio_pci_dmabuf.c -- 2.51.0

4 months, 3 weeks

1
10
0 0

[PATCH v4] Documentation: dma-buf: heaps: Add naming guidelines

by Maxime Ripard

We've discussed a number of times of how some heap names are bad, but not really what makes a good heap name. Let's document what we expect the heap names to look like. Reviewed-by: Andrew Davis <afd(a)ti.com> Reviewed-by: Bagas Sanjaya <bagasdotme(a)gmail.com> Signed-off-by: Maxime Ripard <mripard(a)kernel.org> --- Changes in v4: - Dropped *all* the cacheable mentions - Link to v3: https://lore.kernel.org/r/20250717-dma-buf-heap-names-doc-v3-1-d2dbb4b95ef6… Changes in v3: - Grammar, spelling fixes - Remove the cacheable / uncacheable name suggestion - Link to v2: https://lore.kernel.org/r/20250616-dma-buf-heap-names-doc-v2-1-8ae43174cdbf… Changes in v2: - Added justifications for each requirement / suggestions - Added a mention and example of buffer attributes - Link to v1: https://lore.kernel.org/r/20250520-dma-buf-heap-names-doc-v1-1-ab31f74809ee… --- Documentation/userspace-api/dma-buf-heaps.rst | 35 +++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/Documentation/userspace-api/dma-buf-heaps.rst b/Documentation/userspace-api/dma-buf-heaps.rst index 535f49047ce6450796bf4380c989e109355efc05..1ced2720f929432661182f1a3a88aa1ff80bd6af 100644 --- a/Documentation/userspace-api/dma-buf-heaps.rst +++ b/Documentation/userspace-api/dma-buf-heaps.rst @@ -21,5 +21,40 @@ following heaps: usually created either through the kernel commandline through the `cma` parameter, a memory region Device-Tree node with the `linux,cma-default` property set, or through the `CMA_SIZE_MBYTES` or `CMA_SIZE_PERCENTAGE` Kconfig options. Depending on the platform, it might be called ``reserved``, ``linux,cma``, or ``default-pool``. + +Naming Convention +================= + +``dma-buf`` heaps name should meet a number of constraints: + +- The name must be stable, and must not change from one version to the other. + Userspace identifies heaps by their name, so if the names ever change, we + would be likely to introduce regressions. + +- The name must describe the memory region the heap will allocate from, and + must uniquely identify it in a given platform. Since userspace applications + use the heap name as the discriminant, it must be able to tell which heap it + wants to use reliably if there's multiple heaps. + +- The name must not mention implementation details, such as the allocator. The + heap driver will change over time, and implementation details when it was + introduced might not be relevant in the future. + +- The name should describe properties of the buffers that would be allocated. + Doing so will make heap identification easier for userspace. Such properties + are: + + - ``contiguous`` for physically contiguous buffers; + + - ``protected`` for encrypted buffers not accessible the OS; + +- The name may describe intended usage. Doing so will make heap identification + easier for userspace applications and users. + +For example, assuming a platform with a reserved memory region located +at the RAM address 0x42000000, intended to allocate video framebuffers, +physically contiguous, and backed by the CMA kernel allocator, good +names would be ``memory@42000000-contiguous`` or ``video@42000000``, but +``cma-video`` wouldn't. --- base-commit: 038d61fd642278bab63ee8ef722c50d10ab01e8f change-id: 20250520-dma-buf-heap-names-doc-31261aa0cfe6 Best regards, -- Maxime Ripard <mripard(a)kernel.org>

4 months, 3 weeks

2
2
0 0

[PATCH] dma-buf: fix reference count leak in dma_buf_poll_add_cb()

by Dan Carpenter

Call dma_fence_put(fence) if dma_fence_add_callback() fails. Fixes: 6b51b02a3a0a ("dma-buf: fix and rework dma_buf_poll v7") Signed-off-by: Dan Carpenter <dan.carpenter(a)linaro.org> --- From code review, not from testing. Please review carefully. drivers/dma-buf/dma-buf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/dma-buf/dma-buf.c b/drivers/dma-buf/dma-buf.c index 2bcf9ceca997..a14e1f50b090 100644 --- a/drivers/dma-buf/dma-buf.c +++ b/drivers/dma-buf/dma-buf.c @@ -301,9 +301,9 @@ static bool dma_buf_poll_add_cb(struct dma_resv *resv, bool write, fence) { dma_fence_get(fence); r = dma_fence_add_callback(fence, &dcb->cb, dma_buf_poll_cb); + dma_fence_put(fence); if (!r) return true; - dma_fence_put(fence); } return false; -- 2.51.0

4 months, 3 weeks

2
2
0 0

Re: [PATCH] dma-buf/sw-sync: Hide the feature by default

by Christian König

On 22.09.25 15:24, Janusz Krzysztofik wrote: > When multiple fences of an sw_sync timeline are signaled via > sw_sync_ioctl_inc(), we now disable interrupts and keep them disabled > while signaling all requested fences of the timeline in a loop. Since > user space may set up an arbitrary long timeline of fences with > arbitrarily expensive callbacks added to each fence, we may end up running > with interrupts disabled for too long, longer than NMI watchdog limit. > That potentially risky scenario has been demonstrated on Intel DRM CI > trybot[1], on a low end machine fi-pnv-d510, with one of new IGT subtests > that tried to reimplement wait_* test cases of a dma_fence_chain selftest > in user space. > > [141.993704] [IGT] syncobj_timeline: starting subtest stress-enable-all-signal-all-forward > [164.964389] watchdog: CPU3: Watchdog detected hard LOCKUP on cpu 3 > [164.964407] Modules linked in: snd_hda_codec_alc662 snd_hda_codec_realtek_lib snd_hda_codec_generic snd_hda_intel snd_intel_dspcfg snd_hda_codec snd_hda_core snd_hwdep snd_pcm snd_timer snd soundcore i915 prime_numbers ttm drm_buddy drm_display_helper cec rc_core i2c_algo_bit video wmi overlay at24 ppdev gpio_ich binfmt_misc nls_iso8859_1 coretemp i2c_i801 i2c_mux i2c_smbus r8169 lpc_ich realtek parport_pc parport nvme_fabrics dm_multipath fuse msr efi_pstore nfnetlink autofs4 > [164.964569] irq event stamp: 1002206 > [164.964575] hardirqs last enabled at (1002205): [<ffffffff82898ac7>] _raw_spin_unlock_irq+0x27/0x70 > [164.964599] hardirqs last disabled at (1002206): [<ffffffff8287d021>] sysvec_irq_work+0x11/0xc0 > [164.964616] softirqs last enabled at (1002138): [<ffffffff81341bc5>] fpu_clone+0xb5/0x270 > [164.964631] softirqs last disabled at (1002136): [<ffffffff81341b97>] fpu_clone+0x87/0x270 > [164.964650] CPU: 3 UID: 0 PID: 1515 Comm: syncobj_timelin Tainted: G U 6.17.0-rc6-Trybot_154715v1-gc1b827f32471+ #1 PREEMPT(voluntary) > [164.964662] Tainted: [U]=USER > [164.964665] Hardware name: /D510MO, BIOS MOPNV10J.86A.0311.2010.0802.2346 08/02/2010 > [164.964669] RIP: 0010:lock_release+0x13d/0x2a0 > [164.964680] Code: c2 01 48 8d 4d c8 44 89 f6 4c 89 ef e8 bc fc ff ff 0b 05 96 ca 42 06 0f 84 fc 00 00 00 b8 ff ff ff ff 65 0f c1 05 0b 71 a9 02 <83> f8 01 0f 85 2f 01 00 00 48 f7 45 c0 00 02 00 00 74 06 fb 0f 1f > [164.964686] RSP: 0018:ffffc90000170e70 EFLAGS: 00000057 > [164.964693] RAX: 0000000000000001 RBX: ffffffff83595520 RCX: 0000000000000000 > [164.964698] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 > [164.964701] RBP: ffffc90000170eb0 R08: 0000000000000000 R09: 0000000000000000 > [164.964706] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff8226a948 > [164.964710] R13: ffff88802423b340 R14: 0000000000000001 R15: ffff88802423c238 > [164.964714] FS: 0000729f4d972940(0000) GS:ffff8880f8e77000(0000) knlGS:0000000000000000 > [164.964720] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > [164.964725] CR2: 0000729f4d92e720 CR3: 000000003afe4000 CR4: 00000000000006f0 > [164.964729] Call Trace: > [164.964734] <IRQ> > [164.964750] dma_fence_chain_get_prev+0x13d/0x240 > [164.964769] dma_fence_chain_walk+0xbd/0x200 > [164.964784] dma_fence_chain_enable_signaling+0xb2/0x280 > [164.964803] dma_fence_chain_irq_work+0x1b/0x80 > [164.964816] irq_work_single+0x75/0xa0 > [164.964834] irq_work_run_list+0x33/0x60 > [164.964846] irq_work_run+0x18/0x40 > [164.964856] __sysvec_irq_work+0x35/0x170 > [164.964868] sysvec_irq_work+0x9b/0xc0 > [164.964879] </IRQ> > [164.964882] <TASK> > [164.964890] asm_sysvec_irq_work+0x1b/0x20 > [164.964900] RIP: 0010:_raw_spin_unlock_irq+0x2d/0x70 > [164.964907] Code: 00 00 55 48 89 e5 53 48 89 fb 48 83 c7 18 48 8b 75 08 e8 06 63 bf fe 48 89 df e8 be 98 bf fe e8 59 ee d3 fe fb 0f 1f 44 00 00 <65> ff 0d 5c 85 68 01 74 14 48 8b 5d f8 c9 31 c0 31 d2 31 c9 31 f6 > [164.964913] RSP: 0018:ffffc9000070fca0 EFLAGS: 00000246 > [164.964919] RAX: 0000000000000000 RBX: ffff88800c2d8b10 RCX: 0000000000000000 > [164.964923] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 > [164.964927] RBP: ffffc9000070fca8 R08: 0000000000000000 R09: 0000000000000000 > [164.964931] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88800c2d8ac0 > [164.964934] R13: ffffc9000070fcc8 R14: ffff88800c2d8ac0 R15: 00000000ffffffff > [164.964967] sync_timeline_signal+0x153/0x2c0 > [164.964989] sw_sync_ioctl+0x98/0x580 > [164.965017] __x64_sys_ioctl+0xa2/0x100 > [164.965034] x64_sys_call+0x1226/0x2680 > [164.965046] do_syscall_64+0x93/0x980 > [164.965057] ? do_syscall_64+0x1b7/0x980 > [164.965070] ? lock_release+0xce/0x2a0 > [164.965082] ? __might_fault+0x53/0xb0 > [164.965096] ? __might_fault+0x89/0xb0 > [164.965104] ? __might_fault+0x53/0xb0 > [164.965116] ? _copy_to_user+0x53/0x70 > [164.965131] ? __x64_sys_rt_sigprocmask+0x8f/0xe0 > [164.965152] ? do_syscall_64+0x1b7/0x980 > [164.965169] entry_SYSCALL_64_after_hwframe+0x76/0x7e > [164.965176] RIP: 0033:0x729f4fb24ded > [164.965188] Code: 04 25 28 00 00 00 48 89 45 c8 31 c0 48 8d 45 10 c7 45 b0 10 00 00 00 48 89 45 b8 48 8d 45 d0 48 89 45 c0 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1a 48 8b 45 c8 64 48 2b 04 25 28 00 00 00 > [164.965193] RSP: 002b:00007ffdc36220e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 > [164.965200] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000729f4fb24ded > [164.965205] RDX: 00007ffdc3622174 RSI: 0000000040045701 RDI: 0000000000000007 > [164.965209] RBP: 00007ffdc3622130 R08: 0000000000000000 R09: 0000000000000000 > [164.965213] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdc3622174 > [164.965217] R13: 0000000040045701 R14: 0000000000000007 R15: 0000000000000003 > [164.965248] </TASK> > [166.952984] perf: interrupt took too long (11861 > 6217), lowering kernel.perf_event_max_sample_rate to 16000 > [166.953134] clocksource: Long readout interval, skipping watchdog check: cs_nsec: 13036276804 wd_nsec: 13036274445 > > As explained by Christian Köenig[2], "The purpose of the sw-sync is to > test what happens if drivers exposing dma-fences doesn't behave well. So > being able to trigger the NMI watchdog for example is part of why that > functionality exists in the first place. ... You can actually use the > functionality to intentionally deadlock drivers and even the core memory > management." > > Let the feature show up only if EXPERT is selected. > > [1] https://patchwork.freedesktop.org/series/154715/ > [2] https://patchwork.freedesktop.org/patch/675579/#comment_1239269 > > Fixes: 35538d7822e86 ("dma-buf/sw_sync: de-stage SW_SYNC") > Cc: Christian König <christian.koenig(a)amd.com> > Signed-off-by: Janusz Krzysztofik <janusz.krzysztofik(a)linux.intel.com> Good idea, we have previously discussed to taint the kernel if sw_sync is used but that is also a clearly step in the right direction. Reviewed-by: Christian König <christian.koenig(a)amd.com> Regards, Christian. > --- > drivers/dma-buf/Kconfig | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/dma-buf/Kconfig b/drivers/dma-buf/Kconfig > index b46eb8a552d7b..e726948b64f67 100644 > --- a/drivers/dma-buf/Kconfig > +++ b/drivers/dma-buf/Kconfig > @@ -18,7 +18,7 @@ config SYNC_FILE > Documentation/driver-api/sync_file.rst. > > config SW_SYNC > - bool "Sync File Validation Framework" > + bool "Sync File Validation Framework" if EXPERT > default n > depends on SYNC_FILE > depends on DEBUG_FS

4 months, 3 weeks

1
0
0 0

Re: [PATCH] dma-buf/sw-sync: Fix interrupts disabled excessively long

by Christian König

On 19.09.25 12:44, Janusz Krzysztofik wrote: > When multiple fences of an sw_sync timeline are signaled via > sw_sync_ioctl_inc(), we now disable interrupts and keep them disabled > while signaling all requested fences of the timeline in a loop. Since > user space may set up an arbitrary long timeline of fences with > arbitrarily expensive callbacks added to each fence, we may end up running > with interrupts disabled for too long, longer than NMI watchdog limit. > That potentially risky scenario has been demonstrated on Intel DRM CI > trybot[1], on a low end machine fi-pnv-d510, with one of new IGT subtests > that try to reimplement wait_* test cases of a dma_fence_chain selftest in > user space. The purpose of the sw-sync is to test what happens if drivers exposing dma-fences doesn't behave well. So being able to trigger the NMI watchdog for example is part of why that functionality exists in the first place. See this WARNING in the Kconfig file as well: config SW_SYNC bool "Sync File Validation Framework" default n depends on SYNC_FILE depends on DEBUG_FS help A sync object driver that uses a 32bit counter to coordinate synchronization. Useful when there is no hardware primitive backing the synchronization. WARNING: improper use of this can result in deadlocking kernel drivers from userspace. Intended for test and debug only. You can actually use the functionality to intentionally deadlock drivers and even the core memory management. Regards, Christian. > > [141.993704] [IGT] syncobj_timeline: starting subtest stress-enable-all-signal-all-forward > [164.964389] watchdog: CPU3: Watchdog detected hard LOCKUP on cpu 3 > [164.964407] Modules linked in: snd_hda_codec_alc662 snd_hda_codec_realtek_lib snd_hda_codec_generic snd_hda_intel snd_intel_dspcfg snd_hda_codec snd_hda_core snd_hwdep snd_pcm snd_timer snd soundcore i915 prime_numbers ttm drm_buddy drm_display_helper cec rc_core i2c_algo_bit video wmi overlay at24 ppdev gpio_ich binfmt_misc nls_iso8859_1 coretemp i2c_i801 i2c_mux i2c_smbus r8169 lpc_ich realtek parport_pc parport nvme_fabrics dm_multipath fuse msr efi_pstore nfnetlink autofs4 > [164.964569] irq event stamp: 1002206 > [164.964575] hardirqs last enabled at (1002205): [<ffffffff82898ac7>] _raw_spin_unlock_irq+0x27/0x70 > [164.964599] hardirqs last disabled at (1002206): [<ffffffff8287d021>] sysvec_irq_work+0x11/0xc0 > [164.964616] softirqs last enabled at (1002138): [<ffffffff81341bc5>] fpu_clone+0xb5/0x270 > [164.964631] softirqs last disabled at (1002136): [<ffffffff81341b97>] fpu_clone+0x87/0x270 > [164.964650] CPU: 3 UID: 0 PID: 1515 Comm: syncobj_timelin Tainted: G U 6.17.0-rc6-Trybot_154715v1-gc1b827f32471+ #1 PREEMPT(voluntary) > [164.964662] Tainted: [U]=USER > [164.964665] Hardware name: /D510MO, BIOS MOPNV10J.86A.0311.2010.0802.2346 08/02/2010 > [164.964669] RIP: 0010:lock_release+0x13d/0x2a0 > [164.964680] Code: c2 01 48 8d 4d c8 44 89 f6 4c 89 ef e8 bc fc ff ff 0b 05 96 ca 42 06 0f 84 fc 00 00 00 b8 ff ff ff ff 65 0f c1 05 0b 71 a9 02 <83> f8 01 0f 85 2f 01 00 00 48 f7 45 c0 00 02 00 00 74 06 fb 0f 1f > [164.964686] RSP: 0018:ffffc90000170e70 EFLAGS: 00000057 > [164.964693] RAX: 0000000000000001 RBX: ffffffff83595520 RCX: 0000000000000000 > [164.964698] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 > [164.964701] RBP: ffffc90000170eb0 R08: 0000000000000000 R09: 0000000000000000 > [164.964706] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff8226a948 > [164.964710] R13: ffff88802423b340 R14: 0000000000000001 R15: ffff88802423c238 > [164.964714] FS: 0000729f4d972940(0000) GS:ffff8880f8e77000(0000) knlGS:0000000000000000 > [164.964720] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > [164.964725] CR2: 0000729f4d92e720 CR3: 000000003afe4000 CR4: 00000000000006f0 > [164.964729] Call Trace: > [164.964734] <IRQ> > [164.964750] dma_fence_chain_get_prev+0x13d/0x240 > [164.964769] dma_fence_chain_walk+0xbd/0x200 > [164.964784] dma_fence_chain_enable_signaling+0xb2/0x280 > [164.964803] dma_fence_chain_irq_work+0x1b/0x80 > [164.964816] irq_work_single+0x75/0xa0 > [164.964834] irq_work_run_list+0x33/0x60 > [164.964846] irq_work_run+0x18/0x40 > [164.964856] __sysvec_irq_work+0x35/0x170 > [164.964868] sysvec_irq_work+0x9b/0xc0 > [164.964879] </IRQ> > [164.964882] <TASK> > [164.964890] asm_sysvec_irq_work+0x1b/0x20 > [164.964900] RIP: 0010:_raw_spin_unlock_irq+0x2d/0x70 > [164.964907] Code: 00 00 55 48 89 e5 53 48 89 fb 48 83 c7 18 48 8b 75 08 e8 06 63 bf fe 48 89 df e8 be 98 bf fe e8 59 ee d3 fe fb 0f 1f 44 00 00 <65> ff 0d 5c 85 68 01 74 14 48 8b 5d f8 c9 31 c0 31 d2 31 c9 31 f6 > [164.964913] RSP: 0018:ffffc9000070fca0 EFLAGS: 00000246 > [164.964919] RAX: 0000000000000000 RBX: ffff88800c2d8b10 RCX: 0000000000000000 > [164.964923] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 > [164.964927] RBP: ffffc9000070fca8 R08: 0000000000000000 R09: 0000000000000000 > [164.964931] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88800c2d8ac0 > [164.964934] R13: ffffc9000070fcc8 R14: ffff88800c2d8ac0 R15: 00000000ffffffff > [164.964967] sync_timeline_signal+0x153/0x2c0 > [164.964989] sw_sync_ioctl+0x98/0x580 > [164.965017] __x64_sys_ioctl+0xa2/0x100 > [164.965034] x64_sys_call+0x1226/0x2680 > [164.965046] do_syscall_64+0x93/0x980 > [164.965057] ? do_syscall_64+0x1b7/0x980 > [164.965070] ? lock_release+0xce/0x2a0 > [164.965082] ? __might_fault+0x53/0xb0 > [164.965096] ? __might_fault+0x89/0xb0 > [164.965104] ? __might_fault+0x53/0xb0 > [164.965116] ? _copy_to_user+0x53/0x70 > [164.965131] ? __x64_sys_rt_sigprocmask+0x8f/0xe0 > [164.965152] ? do_syscall_64+0x1b7/0x980 > [164.965169] entry_SYSCALL_64_after_hwframe+0x76/0x7e > [164.965176] RIP: 0033:0x729f4fb24ded > [164.965188] Code: 04 25 28 00 00 00 48 89 45 c8 31 c0 48 8d 45 10 c7 45 b0 10 00 00 00 48 89 45 b8 48 8d 45 d0 48 89 45 c0 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1a 48 8b 45 c8 64 48 2b 04 25 28 00 00 00 > [164.965193] RSP: 002b:00007ffdc36220e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 > [164.965200] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000729f4fb24ded > [164.965205] RDX: 00007ffdc3622174 RSI: 0000000040045701 RDI: 0000000000000007 > [164.965209] RBP: 00007ffdc3622130 R08: 0000000000000000 R09: 0000000000000000 > [164.965213] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdc3622174 > [164.965217] R13: 0000000040045701 R14: 0000000000000007 R15: 0000000000000003 > [164.965248] </TASK> > [166.952984] perf: interrupt took too long (11861 > 6217), lowering kernel.perf_event_max_sample_rate to 16000 > [166.953134] clocksource: Long readout interval, skipping watchdog check: cs_nsec: 13036276804 wd_nsec: 13036274445 > > Avoid potentially expensive signaling of each fence when removing it from > the timeline from inside the loop under protection of a common lock and > disabled interrupts, do that only after interrupts are re-enabled. Each > call to dma_fence_signal() will then disable and re-enable interrputs as > needed for processing of each signaled fence. > > [1] https://patchwork.freedesktop.org/series/154715/ > > Fixes: 0f0d8406fb9c3 ("android: convert sync to fence api, v6") > Signed-off-by: Janusz Krzysztofik <janusz.krzysztofik(a)linux.intel.com> > --- > drivers/dma-buf/sw_sync.c | 3 +-- > 1 file changed, 1 insertion(+), 2 deletions(-) > > diff --git a/drivers/dma-buf/sw_sync.c b/drivers/dma-buf/sw_sync.c > index 3c20f1d31cf54..638c2f756299a 100644 > --- a/drivers/dma-buf/sw_sync.c > +++ b/drivers/dma-buf/sw_sync.c > @@ -224,13 +224,12 @@ static void sync_timeline_signal(struct sync_timeline *obj, unsigned int inc) > > list_move_tail(&pt->link, &signalled); > rb_erase(&pt->node, &obj->pt_tree); > - > - dma_fence_signal_locked(&pt->base); > } > > spin_unlock_irq(&obj->lock); > > list_for_each_entry_safe(pt, next, &signalled, link) { > + dma_fence_signal(&pt->base); > list_del_init(&pt->link); > dma_fence_put(&pt->base); > }

4 months, 4 weeks

1
0
0 0

Re: [PATCH v1 1/2] drm/amdgpu: make non-NULL out fence mandatory

by Christian König

On 16.09.25 13:58, Pierre-Eric Pelloux-Prayer wrote: > > > Le 16/09/2025 à 12:52, Christian König a écrit : >> On 16.09.25 11:46, Pierre-Eric Pelloux-Prayer wrote: >>> >>> >>> Le 16/09/2025 à 11:25, Christian König a écrit : >>>> On 16.09.25 09:08, Pierre-Eric Pelloux-Prayer wrote: >>>>> amdgpu_ttm_copy_mem_to_mem has a single caller, make sure the out >>>>> fence is non-NULL to simplify the code. >>>>> Since none of the pointers should be NULL, we can enable >>>>> __attribute__((nonnull))__. >>>>> >>>>> While at it make the function static since it's only used from >>>>> amdgpuu_ttm.c. >>>>> >>>>> Signed-off-by: Pierre-Eric Pelloux-Prayer <pierre-eric.pelloux-prayer(a)amd.com> >>>>> --- >>>>> drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c | 17 ++++++++--------- >>>>> drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.h | 6 ------ >>>>> 2 files changed, 8 insertions(+), 15 deletions(-) >>>>> >>>>> diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c >>>>> index 27ab4e754b2a..70b817b5578d 100644 >>>>> --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c >>>>> +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c >>>>> @@ -284,12 +284,13 @@ static int amdgpu_ttm_map_buffer(struct ttm_buffer_object *bo, >>>>> * move and different for a BO to BO copy. >>>>> * >>>>> */ >>>>> -int amdgpu_ttm_copy_mem_to_mem(struct amdgpu_device *adev, >>>>> - const struct amdgpu_copy_mem *src, >>>>> - const struct amdgpu_copy_mem *dst, >>>>> - uint64_t size, bool tmz, >>>>> - struct dma_resv *resv, >>>>> - struct dma_fence **f) >>>>> +__attribute__((nonnull)) >>>> >>>> That looks fishy. >>>> >>>>> +static int amdgpu_ttm_copy_mem_to_mem(struct amdgpu_device *adev, >>>>> + const struct amdgpu_copy_mem *src, >>>>> + const struct amdgpu_copy_mem *dst, >>>>> + uint64_t size, bool tmz, >>>>> + struct dma_resv *resv, >>>>> + struct dma_fence **f) >>>> >>>> I'm not an expert for those, but looking at other examples that should be here and look something like: >>>> >>>> __attribute__((nonnull(7))) >>> >>> Both syntax are valid. The GCC docs says: >>> >>> If no arg-index is given to the nonnull attribute, all pointer arguments are marked as non-null >> >> Never seen that before. Is that gcc specifc or standardized? > > clang supports it: > > https://clang.llvm.org/docs/AttributeReference.html#id10 > > And both syntaxes are already used in the drm subtree by i915. Ok in that case Reviewed-by: Christian König <christian.koenig(a)amd.com>. Regards, Christian. > > Pierre-Eric > >> >>> >>> >>>> >>>> But I think for this case here it is also not a must have to have that. >>> >>> I can remove it if you prefer, but it doesn't hurt to have the compiler validate usage of the functions. >> >> Yeah it's clearly useful, but I'm worried that clang won't like it. >> >> Christian. >> >>> >>> Pierre-Eric >>> >>> >>>> >>>> Regards, >>>> Christian. >>>> >>>>> { >>>>> struct amdgpu_ring *ring = adev->mman.buffer_funcs_ring; >>>>> struct amdgpu_res_cursor src_mm, dst_mm; >>>>> @@ -363,9 +364,7 @@ int amdgpu_ttm_copy_mem_to_mem(struct amdgpu_device *adev, >>>>> } >>>>> error: >>>>> mutex_unlock(&adev->mman.gtt_window_lock); >>>>> - if (f) >>>>> - *f = dma_fence_get(fence); >>>>> - dma_fence_put(fence); >>>>> + *f = fence; >>>>> return r; >>>>> } >>>>> diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.h b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.h >>>>> index bb17987f0447..07ae2853c77c 100644 >>>>> --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.h >>>>> +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.h >>>>> @@ -170,12 +170,6 @@ int amdgpu_copy_buffer(struct amdgpu_ring *ring, uint64_t src_offset, >>>>> struct dma_resv *resv, >>>>> struct dma_fence **fence, bool direct_submit, >>>>> bool vm_needs_flush, uint32_t copy_flags); >>>>> -int amdgpu_ttm_copy_mem_to_mem(struct amdgpu_device *adev, >>>>> - const struct amdgpu_copy_mem *src, >>>>> - const struct amdgpu_copy_mem *dst, >>>>> - uint64_t size, bool tmz, >>>>> - struct dma_resv *resv, >>>>> - struct dma_fence **f); >>>>> int amdgpu_ttm_clear_buffer(struct amdgpu_bo *bo, >>>>> struct dma_resv *resv, >>>>> struct dma_fence **fence); >>

5 months

1
0
0 0

Re: [PATCH v1 1/2] drm/amdgpu: make non-NULL out fence mandatory

by Christian König

On 16.09.25 11:46, Pierre-Eric Pelloux-Prayer wrote: > > > Le 16/09/2025 à 11:25, Christian König a écrit : >> On 16.09.25 09:08, Pierre-Eric Pelloux-Prayer wrote: >>> amdgpu_ttm_copy_mem_to_mem has a single caller, make sure the out >>> fence is non-NULL to simplify the code. >>> Since none of the pointers should be NULL, we can enable >>> __attribute__((nonnull))__. >>> >>> While at it make the function static since it's only used from >>> amdgpuu_ttm.c. >>> >>> Signed-off-by: Pierre-Eric Pelloux-Prayer <pierre-eric.pelloux-prayer(a)amd.com> >>> --- >>> drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c | 17 ++++++++--------- >>> drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.h | 6 ------ >>> 2 files changed, 8 insertions(+), 15 deletions(-) >>> >>> diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c >>> index 27ab4e754b2a..70b817b5578d 100644 >>> --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c >>> +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c >>> @@ -284,12 +284,13 @@ static int amdgpu_ttm_map_buffer(struct ttm_buffer_object *bo, >>> * move and different for a BO to BO copy. >>> * >>> */ >>> -int amdgpu_ttm_copy_mem_to_mem(struct amdgpu_device *adev, >>> - const struct amdgpu_copy_mem *src, >>> - const struct amdgpu_copy_mem *dst, >>> - uint64_t size, bool tmz, >>> - struct dma_resv *resv, >>> - struct dma_fence **f) >>> +__attribute__((nonnull)) >> >> That looks fishy. >> >>> +static int amdgpu_ttm_copy_mem_to_mem(struct amdgpu_device *adev, >>> + const struct amdgpu_copy_mem *src, >>> + const struct amdgpu_copy_mem *dst, >>> + uint64_t size, bool tmz, >>> + struct dma_resv *resv, >>> + struct dma_fence **f) >> >> I'm not an expert for those, but looking at other examples that should be here and look something like: >> >> __attribute__((nonnull(7))) > > Both syntax are valid. The GCC docs says: > > If no arg-index is given to the nonnull attribute, all pointer arguments are marked as non-null Never seen that before. Is that gcc specifc or standardized? > > >> >> But I think for this case here it is also not a must have to have that. > > I can remove it if you prefer, but it doesn't hurt to have the compiler validate usage of the functions. Yeah it's clearly useful, but I'm worried that clang won't like it. Christian. > > Pierre-Eric > > >> >> Regards, >> Christian. >> >>> { >>> struct amdgpu_ring *ring = adev->mman.buffer_funcs_ring; >>> struct amdgpu_res_cursor src_mm, dst_mm; >>> @@ -363,9 +364,7 @@ int amdgpu_ttm_copy_mem_to_mem(struct amdgpu_device *adev, >>> } >>> error: >>> mutex_unlock(&adev->mman.gtt_window_lock); >>> - if (f) >>> - *f = dma_fence_get(fence); >>> - dma_fence_put(fence); >>> + *f = fence; >>> return r; >>> } >>> diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.h b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.h >>> index bb17987f0447..07ae2853c77c 100644 >>> --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.h >>> +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.h >>> @@ -170,12 +170,6 @@ int amdgpu_copy_buffer(struct amdgpu_ring *ring, uint64_t src_offset, >>> struct dma_resv *resv, >>> struct dma_fence **fence, bool direct_submit, >>> bool vm_needs_flush, uint32_t copy_flags); >>> -int amdgpu_ttm_copy_mem_to_mem(struct amdgpu_device *adev, >>> - const struct amdgpu_copy_mem *src, >>> - const struct amdgpu_copy_mem *dst, >>> - uint64_t size, bool tmz, >>> - struct dma_resv *resv, >>> - struct dma_fence **f); >>> int amdgpu_ttm_clear_buffer(struct amdgpu_bo *bo, >>> struct dma_resv *resv, >>> struct dma_fence **fence);

5 months

1
0
0 0

Re: [PATCH v1 1/2] drm/amdgpu: make non-NULL out fence mandatory

by Christian König

On 16.09.25 09:08, Pierre-Eric Pelloux-Prayer wrote: > amdgpu_ttm_copy_mem_to_mem has a single caller, make sure the out > fence is non-NULL to simplify the code. > Since none of the pointers should be NULL, we can enable > __attribute__((nonnull))__. > > While at it make the function static since it's only used from > amdgpuu_ttm.c. > > Signed-off-by: Pierre-Eric Pelloux-Prayer <pierre-eric.pelloux-prayer(a)amd.com> > --- > drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c | 17 ++++++++--------- > drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.h | 6 ------ > 2 files changed, 8 insertions(+), 15 deletions(-) > > diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c > index 27ab4e754b2a..70b817b5578d 100644 > --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c > +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c > @@ -284,12 +284,13 @@ static int amdgpu_ttm_map_buffer(struct ttm_buffer_object *bo, > * move and different for a BO to BO copy. > * > */ > -int amdgpu_ttm_copy_mem_to_mem(struct amdgpu_device *adev, > - const struct amdgpu_copy_mem *src, > - const struct amdgpu_copy_mem *dst, > - uint64_t size, bool tmz, > - struct dma_resv *resv, > - struct dma_fence **f) > +__attribute__((nonnull)) That looks fishy. > +static int amdgpu_ttm_copy_mem_to_mem(struct amdgpu_device *adev, > + const struct amdgpu_copy_mem *src, > + const struct amdgpu_copy_mem *dst, > + uint64_t size, bool tmz, > + struct dma_resv *resv, > + struct dma_fence **f) I'm not an expert for those, but looking at other examples that should be here and look something like: __attribute__((nonnull(7))) But I think for this case here it is also not a must have to have that. Regards, Christian. > { > struct amdgpu_ring *ring = adev->mman.buffer_funcs_ring; > struct amdgpu_res_cursor src_mm, dst_mm; > @@ -363,9 +364,7 @@ int amdgpu_ttm_copy_mem_to_mem(struct amdgpu_device *adev, > } > error: > mutex_unlock(&adev->mman.gtt_window_lock); > - if (f) > - *f = dma_fence_get(fence); > - dma_fence_put(fence); > + *f = fence; > return r; > } > > diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.h b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.h > index bb17987f0447..07ae2853c77c 100644 > --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.h > +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.h > @@ -170,12 +170,6 @@ int amdgpu_copy_buffer(struct amdgpu_ring *ring, uint64_t src_offset, > struct dma_resv *resv, > struct dma_fence **fence, bool direct_submit, > bool vm_needs_flush, uint32_t copy_flags); > -int amdgpu_ttm_copy_mem_to_mem(struct amdgpu_device *adev, > - const struct amdgpu_copy_mem *src, > - const struct amdgpu_copy_mem *dst, > - uint64_t size, bool tmz, > - struct dma_resv *resv, > - struct dma_fence **f); > int amdgpu_ttm_clear_buffer(struct amdgpu_bo *bo, > struct dma_resv *resv, > struct dma_fence **fence);

5 months

1
0
0 0

Re: [PATCH v12 00/11] Trusted Execution Environment (TEE) driver for Qualcomm TEE (QTEE)

by Jens Wiklander

Hi, On Fri, Sep 12, 2025 at 6:07 AM Amirreza Zarrabi <amirreza.zarrabi(a)oss.qualcomm.com> wrote: > > This patch series introduces a Trusted Execution Environment (TEE) > driver for Qualcomm TEE (QTEE). QTEE enables Trusted Applications (TAs) > and services to run securely. It uses an object-based interface, where > each service is an object with sets of operations. Clients can invoke > these operations on objects, which can generate results, including other > objects. For example, an object can load a TA and return another object > that represents the loaded TA, allowing access to its services. > [snip] I'm OK with the TEE patches, Sumit and I have reviewed them. There were some minor conflicts with other patches I have in the pipe for this merge window, so this patchset is on top of what I have to avoid merge conflicts. However, the firmware patches are for code maintained by Björn. Björn, how would you like to do this? Can I take them via my tree, or what do you suggest? It's urgent to get this patchset into linux-next if it's to make it for the coming merge window. Ideally, I'd like to send my pull request to arm-soc during this week. Cheers, Jens > > --- > Amirreza Zarrabi (11): > firmware: qcom: tzmem: export shm_bridge create/delete > firmware: qcom: scm: add support for object invocation > tee: allow a driver to allocate a tee_device without a pool > tee: add close_context to TEE driver operation > tee: add TEE_IOCTL_PARAM_ATTR_TYPE_UBUF > tee: add TEE_IOCTL_PARAM_ATTR_TYPE_OBJREF > tee: increase TEE_MAX_ARG_SIZE to 4096 > tee: add Qualcomm TEE driver > tee: qcom: add primordial object > tee: qcom: enable TEE_IOC_SHM_ALLOC ioctl > Documentation: tee: Add Qualcomm TEE driver > > Documentation/tee/index.rst | 1 + > Documentation/tee/qtee.rst | 96 ++++ > MAINTAINERS | 7 + > drivers/firmware/qcom/qcom_scm.c | 119 ++++ > drivers/firmware/qcom/qcom_scm.h | 7 + > drivers/firmware/qcom/qcom_tzmem.c | 63 ++- > drivers/tee/Kconfig | 1 + > drivers/tee/Makefile | 1 + > drivers/tee/qcomtee/Kconfig | 12 + > drivers/tee/qcomtee/Makefile | 9 + > drivers/tee/qcomtee/async.c | 182 ++++++ > drivers/tee/qcomtee/call.c | 820 +++++++++++++++++++++++++++ > drivers/tee/qcomtee/core.c | 915 +++++++++++++++++++++++++++++++ > drivers/tee/qcomtee/mem_obj.c | 169 ++++++ > drivers/tee/qcomtee/primordial_obj.c | 113 ++++ > drivers/tee/qcomtee/qcomtee.h | 185 +++++++ > drivers/tee/qcomtee/qcomtee_msg.h | 304 ++++++++++ > drivers/tee/qcomtee/qcomtee_object.h | 316 +++++++++++ > drivers/tee/qcomtee/shm.c | 150 +++++ > drivers/tee/qcomtee/user_obj.c | 692 +++++++++++++++++++++++ > drivers/tee/tee_core.c | 127 ++++- > drivers/tee/tee_private.h | 6 - > include/linux/firmware/qcom/qcom_scm.h | 6 + > include/linux/firmware/qcom/qcom_tzmem.h | 15 + > include/linux/tee_core.h | 54 +- > include/linux/tee_drv.h | 12 + > include/uapi/linux/tee.h | 56 +- > 27 files changed, 4410 insertions(+), 28 deletions(-) > --- > base-commit: 8b8aefa5a5c7d4a65883e5653cf12f94c0b68dbf > change-id: 20241202-qcom-tee-using-tee-ss-without-mem-obj-362c66340527 > > Best regards, > -- > Amirreza Zarrabi <amirreza.zarrabi(a)oss.qualcomm.com> >

5 months

2
2
0 0

[PATCH v4 0/3] Batch 2 of rust gem shmem work

by Lyude Paul

Now that we're getting close to reaching the finish line for upstreaming the rust gem shmem bindings, we've got another batch of patches that have been reviewed and can be safely pushed to drm-rust-next independently of the rest of the series. These patches of course apply against the drm-rust-next branch, and are part of the gem shmem series, the latest version of which can be found here: https://patchwork.freedesktop.org/series/146465/ Lyude Paul (3): drm/gem/shmem: Extract drm_gem_shmem_init() from drm_gem_shmem_create() drm/gem/shmem: Extract drm_gem_shmem_release() from drm_gem_shmem_free() rust: Add dma_buf stub bindings drivers/gpu/drm/drm_gem_shmem_helper.c | 98 ++++++++++++++++++-------- include/drm/drm_gem_shmem_helper.h | 2 + rust/kernel/dma_buf.rs | 40 +++++++++++ rust/kernel/lib.rs | 1 + 4 files changed, 111 insertions(+), 30 deletions(-) create mode 100644 rust/kernel/dma_buf.rs base-commit: cf4fd52e323604ccfa8390917593e1fb965653ee -- 2.51.0

5 months

2
8
0 0

Re: (subset) [PATCH v12 00/11] Trusted Execution Environment (TEE) driver for Qualcomm TEE (QTEE)

by Bjorn Andersson

On Thu, 11 Sep 2025 21:07:39 -0700, Amirreza Zarrabi wrote: > This patch series introduces a Trusted Execution Environment (TEE) > driver for Qualcomm TEE (QTEE). QTEE enables Trusted Applications (TAs) > and services to run securely. It uses an object-based interface, where > each service is an object with sets of operations. Clients can invoke > these operations on objects, which can generate results, including other > objects. For example, an object can load a TA and return another object > that represents the loaded TA, allowing access to its services. > > [...] Applied, thanks! [01/11] firmware: qcom: tzmem: export shm_bridge create/delete commit: 8aa1e3a6f0ffbcfdf3bd7d87feb9090f96c54bc4 [02/11] firmware: qcom: scm: add support for object invocation commit: 4b700098c0fc4a76c5c1e54465c8f35e13755294 Best regards, -- Bjorn Andersson <andersson(a)kernel.org>

5 months

1
0
0 0

Re: [PATCH v1 10/10] vfio/pci: Add dma-buf export support for MMIO regions

by Leon Romanovsky

On Fri, Sep 12, 2025 at 11:55:29AM -0700, Alex Mastro wrote: > On Mon, Aug 04, 2025 at 04:00:45PM +0300, Leon Romanovsky wrote: > > +static void dma_ranges_to_p2p_phys(struct vfio_pci_dma_buf *priv, > > + struct vfio_device_feature_dma_buf *dma_buf, > > + struct vfio_region_dma_range *dma_ranges) > > +{ > > + struct pci_dev *pdev = priv->vdev->pdev; > > + phys_addr_t pci_start; > > + int i; > > + > > + pci_start = pci_resource_start(pdev, dma_buf->region_index); > > + for (i = 0; i < dma_buf->nr_ranges; i++) { > > + priv->phys_vec[i].len = dma_ranges[i].length; > > + priv->phys_vec[i].paddr += pci_start + dma_ranges[i].offset; > > Is the intent really to += paddr? I would have expected a plain assignment. In this specific case, there is no difference, because phys_vec is initialized to 0, but It needs to be "=" and not "+=". > > > + priv->size += priv->phys_vec[i].len; > > + } > > + priv->nr_ranges = dma_buf->nr_ranges; > > +} > > ... > > > + priv->phys_vec = kcalloc(get_dma_buf.nr_ranges, sizeof(*priv->phys_vec), > > + GFP_KERNEL); > > + if (!priv->phys_vec) { > > + ret = -ENOMEM; > > + goto err_free_priv; > > + } > > + > > + priv->vdev = vdev; > > + dma_ranges_to_p2p_phys(priv, &get_dma_buf, dma_ranges); >

5 months

1
0
0 0

[PATCH v12 0/9] TEE subsystem for protected dma-buf allocations

by Jens Wiklander

Hi, This patch set allocates the protected DMA-bufs from a DMA-heap instantiated from the TEE subsystem. The TEE subsystem handles the DMA-buf allocations since it is the TEE (OP-TEE, AMD-TEE, TS-TEE, or perhaps a future QTEE) which sets up the protection for the memory used for the DMA-bufs. The DMA-heap uses a protected memory pool provided by the backend TEE driver, allowing it to choose how to allocate the protected physical memory. The allocated DMA-bufs must be imported with a new TEE_IOC_SHM_REGISTER_FD before they can be passed as arguments when requesting services from the secure world. Three use-cases (Secure Video Playback, Trusted UI, and Secure Video Recording) have been identified so far to serve as examples of what can be expected. The use-cases have predefined DMA-heap names, "protected,secure-video", "protected,trusted-ui", and "protected,secure-video-record". The backend driver registers protected memory pools for the use-cases it supports. Each use-case has its own protected memory pool since different use-cases require isolation from different parts of the system. A protected memory pool can be based on a static carveout instantiated while probing the TEE backend driver, or dynamically allocated from CMA (dma_alloc_pages()) and made protected as needed by the TEE. This can be tested on a RockPi 4B+ with the following steps: repo init -u https://github.com/jenswi-linaro/manifest.git -m rockpi4.xml \ -b prototype/sdp-v12 repo sync -j8 cd build make toolchains -j$(nproc) make all -j$(nproc) # Copy ../out/rockpi4.img to an SD card and boot the RockPi from that # Connect a monitor to the RockPi # login and at the prompt: gst-launch-1.0 videotestsrc ! \ aesenc key=1f9423681beb9a79215820f6bda73d0f \ iv=e9aa8e834d8d70b7e0d254ff670dd718 serialize-iv=true ! \ aesdec key=1f9423681beb9a79215820f6bda73d0f ! \ kmssink The aesdec module has been hacked to use an OP-TEE TA to decrypt the stream into protected DMA-bufs which are consumed by the kmssink. The primitive QEMU tests from previous patch sets can be tested on RockPi in the same way using: xtest --sdp-basic The primitive tests are tested on QEMU with the following steps: repo init -u https://github.com/jenswi-linaro/manifest.git -m qemu_v8.xml \ -b prototype/sdp-v12 repo sync -j8 cd build make toolchains -j$(nproc) make SPMC_AT_EL=1 all -j$(nproc) make SPMC_AT_EL=1 run-only # login and at the prompt: xtest --sdp-basic The SPMC_AT_EL=1 parameter configures the build with FF-A and an SPMC at S-EL1 inside OP-TEE. The parameter can be changed to SPMC_AT_EL=n to test without FF-A using the original SMC ABI instead. Please remember to do %make arm-tf-clean for TF-A to be rebuilt properly using the new configuration. https://optee.readthedocs.io/en/latest/building/prerequisites.html list dependencies required to build the above. The primitive tests are pretty basic, mostly checking that a Trusted Application in the secure world can access and manipulate the memory. There are also some negative tests for out of bounds buffers, etc. Thanks, Jens Changes since V11: * In "dma-buf: dma-heap: export declared functions": - use EXPORT_SYMBOL_NS_GPL() - Added TJ's R-B and Sumit's Ack * In "tee: implement protected DMA-heap", import the namespaces "DMA_BUF" and "DMA_BUF_HEAP" as needed. Changes since V10: * Changed the new ABI OPTEE_MSG_CMD_GET_PROTMEM_CONFIG to report a list of u32 memory attributes instead of u16 endpoints to make room for both endpoint and access permissions in each entry. * In "tee: new ioctl to a register tee_shm from a dmabuf file descriptor", remove the unused path for DMA-bufs allocated by other means than the on in the TEE SS. * In "tee: implement protected DMA-heap", handle unloading of the backend driver module implementing the heap. The heap is reference counted and also calls tee_device_get() to guarantee that the module remains available while the heap is instantiated. * In "optee: support protected memory allocation", use dma_coerce_mask_and_coherent() instead of open-coding the function. * Added Sumit's R-B to - "optee: smc abi: dynamic protected memory allocation" - "optee: FF-A: dynamic protected memory allocation" - "optee: support protected memory allocation" - "tee: implement protected DMA-heap" - "dma-buf: dma-heap: export declared functions" Changes since V9: * Adding Sumit's R-B to "optee: sync secure world ABI headers" * Update commit message as requested for "dma-buf: dma-heap: export declared functions". * In "tee: implement protected DMA-heap": - add the hidden config option TEE_DMABUF_HEAPS to tell if the TEE subsystem can support DMA heaps - add a pfn_valid() to check that the passed physical address can be used by __pfn_to_page() and friends - remove the memremap() call, the caller is should do that instead if needed * In "tee: add tee_shm_alloc_dma_mem()" guard the calls to dma_alloc_pages() and dma_free_pages() with TEE_DMABUF_HEAPS to avoid linking errors in some configurations * In "optee: support protected memory allocation": - add the hidden config option OPTEE_STATIC_PROTMEM_POOL to tell if the driver can support a static protected memory pool - optee_protmem_pool_init() is slightly refactored to make the patches that follow easier - Call devm_memremap() before calling tee_protmem_static_pool_alloc() Changes since V8: * Using dma_alloc_pages() instead of cma_alloc() so the direct dependency on CMA can be removed together with the patches "cma: export cma_alloc() and cma_release()" and "dma-contiguous: export dma_contiguous_default_area". The patch * Renaming the patch "tee: add tee_shm_alloc_cma_phys_mem()" to "tee: add tee_shm_alloc_dma_mem()" * Setting DMA mask for the OP-TEE TEE device based on input from the secure world instead of relying on the parent device so following patches are removed: "tee: tee_device_alloc(): copy dma_mask from parent device" and "optee: pass parent device to tee_device_alloc()". * Adding Sumit Garg's R-B to "tee: refactor params_from_user()" * In the patch "tee: implement protected DMA-heap", map the physical memory passed to tee_protmem_static_pool_alloc(). Changes since V7: * Adding "dma-buf: dma-heap: export declared functions", "cma: export cma_alloc() and cma_release()", and "dma-contiguous: export dma_contiguous_default_area" to export the symbols needed to keep the TEE subsystem as a load module. * Removing CONFIG_TEE_DMABUF_HEAP and CONFIG_TEE_CMA since they aren't needed any longer. * Addressing review comments in "optee: sync secure world ABI headers" * Better align protected memory pool initialization between the smc-abi and ffa-abi parts of the optee driver. * Removing the patch "optee: account for direction while converting parameters" Changes since V6: * Restricted memory is now known as protected memory since to use the same term as https://docs.vulkan.org/guide/latest/protected.html. Update all patches to consistently use protected memory. * In "tee: implement protected DMA-heap" add the hidden config option TEE_DMABUF_HEAP to tell if the DMABUF_HEAPS functions are available for the TEE subsystem * Adding "tee: refactor params_from_user()", broken out from the patch "tee: new ioctl to a register tee_shm from a dmabuf file descriptor" * For "tee: new ioctl to a register tee_shm from a dmabuf file descriptor": - Update commit message to mention protected memory - Remove and open code tee_shm_get_parent_shm() in param_from_user_memref() * In "tee: add tee_shm_alloc_cma_phys_mem" add the hidden config option TEE_CMA to tell if the CMA functions are available for the TEE subsystem * For "tee: tee_device_alloc(): copy dma_mask from parent device" and "optee: pass parent device to tee_device_alloc", added Reviewed-by: Sumit Garg <sumit.garg(a)kernel.org> Changes since V5: * Removing "tee: add restricted memory allocation" and "tee: add TEE_IOC_RSTMEM_FD_INFO" * Adding "tee: implement restricted DMA-heap", "tee: new ioctl to a register tee_shm from a dmabuf file descriptor", "tee: add tee_shm_alloc_cma_phys_mem()", "optee: pass parent device to tee_device_alloc()", and "tee: tee_device_alloc(): copy dma_mask from parent device" * The two TEE driver OPs "rstmem_alloc()" and "rstmem_free()" are replaced with a struct tee_rstmem_pool abstraction. * Replaced the the TEE_IOC_RSTMEM_ALLOC user space API with the DMA-heap API Changes since V4: * Adding the patch "tee: add TEE_IOC_RSTMEM_FD_INFO" needed by the GStreamer demo * Removing the dummy CPU access and mmap functions from the dma_buf_ops * Fixing a compile error in "optee: FF-A: dynamic restricted memory allocation" reported by kernel test robot <lkp(a)intel.com> Changes since V3: * Make the use_case and flags field in struct tee_shm u32's instead of u16's * Add more description for TEE_IOC_RSTMEM_ALLOC in the header file * Import namespace DMA_BUF in module tee, reported by lkp(a)intel.com * Added a note in the commit message for "optee: account for direction while converting parameters" why it's needed * Factor out dynamic restricted memory allocation from "optee: support restricted memory allocation" into two new commits "optee: FF-A: dynamic restricted memory allocation" and "optee: smc abi: dynamic restricted memory allocation" * Guard CMA usage with #ifdef CONFIG_CMA, effectively disabling dynamic restricted memory allocate if CMA isn't configured Changes since the V2 RFC: * Based on v6.12 * Replaced the flags for SVP and Trusted UID memory with a u32 field with unique id for each use case * Added dynamic allocation of restricted memory pools * Added OP-TEE ABI both with and without FF-A for dynamic restricted memory * Added support for FF-A with FFA_LEND Changes since the V1 RFC: * Based on v6.11 * Complete rewrite, replacing the restricted heap with TEE_IOC_RSTMEM_ALLOC Changes since Olivier's post [2]: * Based on Yong Wu's post [1] where much of dma-buf handling is done in the generic restricted heap * Simplifications and cleanup * New commit message for "dma-buf: heaps: add Linaro restricted dmabuf heap support" * Replaced the word "secure" with "restricted" where applicable Etienne Carriere (1): tee: new ioctl to a register tee_shm from a dmabuf file descriptor Jens Wiklander (8): optee: sync secure world ABI headers dma-buf: dma-heap: export declared functions tee: implement protected DMA-heap tee: refactor params_from_user() tee: add tee_shm_alloc_dma_mem() optee: support protected memory allocation optee: FF-A: dynamic protected memory allocation optee: smc abi: dynamic protected memory allocation drivers/dma-buf/dma-heap.c | 4 + drivers/tee/Kconfig | 5 + drivers/tee/Makefile | 1 + drivers/tee/optee/Kconfig | 5 + drivers/tee/optee/Makefile | 1 + drivers/tee/optee/core.c | 7 + drivers/tee/optee/ffa_abi.c | 146 ++++++++- drivers/tee/optee/optee_ffa.h | 27 +- drivers/tee/optee/optee_msg.h | 84 ++++- drivers/tee/optee/optee_private.h | 15 +- drivers/tee/optee/optee_smc.h | 37 ++- drivers/tee/optee/protmem.c | 335 ++++++++++++++++++++ drivers/tee/optee/smc_abi.c | 141 ++++++++- drivers/tee/tee_core.c | 158 +++++++--- drivers/tee/tee_heap.c | 500 ++++++++++++++++++++++++++++++ drivers/tee/tee_private.h | 14 + drivers/tee/tee_shm.c | 157 +++++++++- include/linux/tee_core.h | 59 ++++ include/linux/tee_drv.h | 10 + include/uapi/linux/tee.h | 31 ++ 20 files changed, 1670 insertions(+), 67 deletions(-) create mode 100644 drivers/tee/optee/protmem.c create mode 100644 drivers/tee/tee_heap.c base-commit: c17b750b3ad9f45f2b6f7e6f7f4679844244f0b9 -- 2.43.0

5 months

1
10
0 0

[PATCH v7 0/5] dma-buf: heaps: Create a CMA heap for each CMA reserved region

by Maxime Ripard

Hi, Here's another attempt at supporting user-space allocations from a specific carved-out reserved memory region. The initial problem we were discussing was that I'm currently working on a platform which has a memory layout with ECC enabled. However, enabling the ECC has a number of drawbacks on that platform: lower performance, increased memory usage, etc. So for things like framebuffers, the trade-off isn't great and thus there's a memory region with ECC disabled to allocate from for such use cases. After a suggestion from John, I chose to first start using heap allocations flags to allow for userspace to ask for a particular ECC setup. This is then backed by a new heap type that runs from reserved memory chunks flagged as such, and the existing DT properties to specify the ECC properties. After further discussion, it was considered that flags were not the right solution, and relying on the names of the heaps would be enough to let userspace know the kind of buffer it deals with. Thus, even though the uAPI part of it had been dropped in this second version, we still needed a driver to create heaps out of carved-out memory regions. In addition to the original usecase, a similar driver can be found in BSPs from most vendors, so I believe it would be a useful addition to the kernel. Some extra discussion with Rob Herring [1] came to the conclusion that some specific compatible for this is not great either, and as such an new driver probably isn't called for either. Some other discussions we had with John [2] also dropped some hints that multiple CMA heaps might be a good idea, and some vendors seem to do that too. So here's another attempt that doesn't affect the device tree at all and will just create a heap for every CMA reserved memory region. It also falls nicely into the current plan we have to support cgroups in DRM/KMS and v4l2, which is an additional benefit. Let me know what you think, Maxime 1: https://lore.kernel.org/all/20250707-cobalt-dingo-of-serenity-dbf92c@houat/ 2: https://lore.kernel.org/all/CANDhNCroe6ZBtN_o=c71kzFFaWK-fF5rCdnr9P5h1sgPOW… Let me know what you think, Maxime Signed-off-by: Maxime Ripard <mripard(a)kernel.org> --- Changes in v7: - Invert the logic and register CMA heap from the reserved memory / dma contiguous code, instead of iterating over them from the CMA heap. - Link to v6: https://lore.kernel.org/r/20250709-dma-buf-ecc-heap-v6-0-dac9bf80f35d@kerne… Changes in v6: - Drop the new driver and allocate a CMA heap for each region now - Dropped the binding - Rebased on 6.16-rc5 - Link to v5: https://lore.kernel.org/r/20250617-dma-buf-ecc-heap-v5-0-0abdc5863a4f@kerne… Changes in v5: - Rebased on 6.16-rc2 - Switch from property to dedicated binding - Link to v4: https://lore.kernel.org/r/20250520-dma-buf-ecc-heap-v4-1-bd2e1f1bb42c@kerne… Changes in v4: - Rebased on 6.15-rc7 - Map buffers only when map is actually called, not at allocation time - Deal with restricted-dma-pool and shared-dma-pool - Reword Kconfig options - Properly report dma_map_sgtable failures - Link to v3: https://lore.kernel.org/r/20250407-dma-buf-ecc-heap-v3-0-97cdd36a5f29@kerne… Changes in v3: - Reworked global variable patch - Link to v2: https://lore.kernel.org/r/20250401-dma-buf-ecc-heap-v2-0-043fd006a1af@kerne… Changes in v2: - Add vmap/vunmap operations - Drop ECC flags uapi - Rebase on top of 6.14 - Link to v1: https://lore.kernel.org/r/20240515-dma-buf-ecc-heap-v1-0-54cbbd049511@kerne… --- Maxime Ripard (5): doc: dma-buf: List the heaps by name dma-buf: heaps: cma: Register list of CMA regions at boot dma: contiguous: Register reusable CMA regions at boot dma: contiguous: Reserve default CMA heap dma-buf: heaps: cma: Create CMA heap for each CMA reserved region Documentation/userspace-api/dma-buf-heaps.rst | 24 ++++++++------ MAINTAINERS | 1 + drivers/dma-buf/heaps/Kconfig | 10 ------ drivers/dma-buf/heaps/cma_heap.c | 47 +++++++++++++++++---------- include/linux/dma-buf/heaps/cma.h | 16 +++++++++ kernel/dma/contiguous.c | 11 +++++++ 6 files changed, 72 insertions(+), 37 deletions(-) --- base-commit: 47633099a672fc7bfe604ef454e4f116e2c954b1 change-id: 20240515-dma-buf-ecc-heap-28a311d2c94e prerequisite-message-id: <20250610131231.1724627-1-jkangas(a)redhat.com> prerequisite-patch-id: bc44be5968feb187f2bc1b8074af7209462b18e7 prerequisite-patch-id: f02a91b723e5ec01fbfedf3c3905218b43d432da prerequisite-patch-id: e944d0a3e22f2cdf4d3b3906e5603af934696deb Best regards, -- Maxime Ripard <mripard(a)kernel.org>

5 months

2
10
0 0

Re: [PATCH v11 2/9] dma-buf: dma-heap: export declared functions

by T.J. Mercier

On Wed, Aug 13, 2025 at 11:13 PM Sumit Garg <sumit.garg(a)kernel.org> wrote: > > On Wed, Aug 13, 2025 at 08:02:51AM +0200, Jens Wiklander wrote: > > Export the dma-buf heap functions to allow them to be used by the OP-TEE > > driver. The OP-TEE driver wants to register and manage specific secure > > DMA heaps with it. > > > > Signed-off-by: Jens Wiklander <jens.wiklander(a)linaro.org> > > Reviewed-by: Sumit Garg <sumit.garg(a)oss.qualcomm.com> > > --- > > drivers/dma-buf/dma-heap.c | 3 +++ > > 1 file changed, 3 insertions(+) > > > > Can we get an ack from DMAbuf maintainers here? With that we should be > able to queue this patch-set for linux-next targetting the 6.18 merge > window. > > -Sumit Reviewed-by: T.J. Mercier <tjmercier(a)google.com> Sorry I haven't been able to participate much upstream lately. > > > diff --git a/drivers/dma-buf/dma-heap.c b/drivers/dma-buf/dma-heap.c > > index 3cbe87d4a464..cdddf0e24dce 100644 > > --- a/drivers/dma-buf/dma-heap.c > > +++ b/drivers/dma-buf/dma-heap.c > > @@ -202,6 +202,7 @@ void *dma_heap_get_drvdata(struct dma_heap *heap) > > { > > return heap->priv; > > } > > +EXPORT_SYMBOL(dma_heap_get_drvdata); > > > > /** > > * dma_heap_get_name - get heap name > > @@ -214,6 +215,7 @@ const char *dma_heap_get_name(struct dma_heap *heap) > > { > > return heap->name; > > } > > +EXPORT_SYMBOL(dma_heap_get_name); > > > > /** > > * dma_heap_add - adds a heap to dmabuf heaps > > @@ -303,6 +305,7 @@ struct dma_heap *dma_heap_add(const struct dma_heap_export_info *exp_info) > > kfree(heap); > > return err_ret; > > } > > +EXPORT_SYMBOL(dma_heap_add); > > > > static char *dma_heap_devnode(const struct device *dev, umode_t *mode) > > { > > -- > > 2.43.0 > >

5 months

3
4
0 0

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

Linaro-mm-sig