Linaro-mm-sig

linaro-mm-sig@lists.linaro.org

14 participants
3161 discussions

[PATCH v3 0/7] dma-buf: heaps: Add secure heap

by Yong Wu

This patchset is for secure video playback and enables other potential uses in the future. The 'secure dma-heap' will be used to allocate dma_buf objects that reference memory in the secure world that is inaccessible/ unmappable by the non-secure (i.e.kernel/userspace) world. That memory will be used by the secure world to store secure information (i.e. decrypted media content). The dma_bufs allocated from the kernel will be passed to V4L2 for video decoding (as input and output). They will also be used by the drm system for rendering of the content. This patchset adds two secure heaps and they will be used v4l2[1] and drm[2]. 1) secure_mtk_cm: secure chunk memory for MediaTek SVP (Secure Video Path). The buffer is reserved for the secure world after bootup and it is used for vcodec's ES/working buffer; 2) secure_mtk_cma: secure CMA memory for MediaTek SVP. This buffer is dynamically reserved for the secure world and will be got when we start playing secure videos, Once the security video playing is complete, the CMA will be released. This heap is used for the vcodec's frame buffer. [1] https://lore.kernel.org/linux-mediatek/20231206081538.17056-1-yunfei.dong@m… [2] https://lore.kernel.org/linux-mediatek/20231023044549.21412-1-jason-jh.lin@… Change note: v3: Base on v6.7-rc1. 1) Separate the secure heap into a common file(secure_heap.c) and a mtk special file (secure_heap_mtk.c), and put all tee related code into our special file. 2) About dt-binding, a) Add "mediatek," prefix since this is Mediatek TEE firmware definition. b) Mute dt-binding check waring. 3) Remove the normal CMA heap which is a draft for qcom. v2: https://lore.kernel.org/linux-mediatek/20231111111559.8218-1-yong.wu@mediat… 1) Move John's patches into the vcodec patchset since they use the new dma heap interface directly. https://lore.kernel.org/linux-mediatek/20231106120423.23364-1-yunfei.dong@m… 2) Reword the dt-binding description. 3) Rename the heap name from mtk_svp to secure_mtk_cm. This means the current vcodec/DRM upstream code doesn't match this. 4) Add a normal CMA heap. currently it should be a draft version. 5) Regarding the UUID, I still use hard code, but put it in a private data which allow the others could set their own UUID. What's more, UUID is necessary for the session with TEE. If we don't have it, we can't communicate with the TEE, including the get_uuid interface, which tries to make uuid more generic, not working. If there is other way to make UUID more general, please free to tell me. v1: https://lore.kernel.org/linux-mediatek/20230911023038.30649-1-yong.wu@media… Base on v6.6-rc1. Yong Wu (7): dt-bindings: reserved-memory: Add mediatek,dynamic-secure-region dma-buf: heaps: Initialize a secure heap dma-buf: heaps: secure_heap: Add private heap ops dma-buf: heaps: secure_heap: Add dma_ops dma-buf: heaps: secure_heap: Add MediaTek secure heap and heap_init dma-buf: heaps: secure_heap_mtk: Add tee memory service call dma_buf: heaps: secure_heap_mtk: Add a new CMA heap .../mediatek,dynamic-secure-region.yaml | 43 +++ drivers/dma-buf/heaps/Kconfig | 13 + drivers/dma-buf/heaps/Makefile | 2 + drivers/dma-buf/heaps/secure_heap.c | 234 +++++++++++++ drivers/dma-buf/heaps/secure_heap.h | 43 +++ drivers/dma-buf/heaps/secure_heap_mtk.c | 321 ++++++++++++++++++ 6 files changed, 656 insertions(+) create mode 100644 Documentation/devicetree/bindings/reserved-memory/mediatek,dynamic-secure-region.yaml create mode 100644 drivers/dma-buf/heaps/secure_heap.c create mode 100644 drivers/dma-buf/heaps/secure_heap.h create mode 100644 drivers/dma-buf/heaps/secure_heap_mtk.c -- 2.18.0

1 year, 10 months

Re: [PATCH v3,03/21] v4l2: verify secure dmabufs are used in secure queue

by Jeffrey Kardatzke

On Mon, Dec 11, 2023 at 2:58 AM Hans Verkuil <hverkuil-cisco(a)xs4all.nl> wrote: > > On 06/12/2023 09:15, Yunfei Dong wrote: > > From: Jeffrey Kardatzke <jkardatzke(a)google.com> > > > > Verfies in the dmabuf implementations that if the secure memory flag is > > Verfies -> Verifies Thanks. Yunfei, change that please. > > > set for a queue that the dmabuf submitted to the queue is unmappable. > > > > Signed-off-by: Jeffrey Kardatzke <jkardatzke(a)google.com> > > Signed-off-by: Yunfei Dong <yunfei.dong(a)mediatek.com> > > --- > > drivers/media/common/videobuf2/videobuf2-dma-contig.c | 6 ++++++ > > drivers/media/common/videobuf2/videobuf2-dma-sg.c | 6 ++++++ > > 2 files changed, 12 insertions(+) > > > > diff --git a/drivers/media/common/videobuf2/videobuf2-dma-contig.c b/drivers/media/common/videobuf2/videobuf2-dma-contig.c > > index 3d4fd4ef5310..ad58ef8dc231 100644 > > --- a/drivers/media/common/videobuf2/videobuf2-dma-contig.c > > +++ b/drivers/media/common/videobuf2/videobuf2-dma-contig.c > > @@ -710,6 +710,12 @@ static int vb2_dc_map_dmabuf(void *mem_priv) > > return -EINVAL; > > } > > > > + /* verify the dmabuf is secure if we are in secure mode */ > > + if (buf->vb->vb2_queue->secure_mem && sg_page(sgt->sgl)) { > > This needs a bit more explanation. I guess that for secure memory > sg_page returns NULL? How about if we change it to: /* verify the dmabuf is secure if we are in secure mode, this is done by validating there is no page entry for the dmabuf */ > > > + pr_err("secure queue requires secure dma_buf"); > > + return -EINVAL; > > + } > > + > > /* checking if dmabuf is big enough to store contiguous chunk */ > > contig_size = vb2_dc_get_contiguous_size(sgt); > > if (contig_size < buf->size) { > > diff --git a/drivers/media/common/videobuf2/videobuf2-dma-sg.c b/drivers/media/common/videobuf2/videobuf2-dma-sg.c > > index 28f3fdfe23a2..55428c73c380 100644 > > --- a/drivers/media/common/videobuf2/videobuf2-dma-sg.c > > +++ b/drivers/media/common/videobuf2/videobuf2-dma-sg.c > > @@ -564,6 +564,12 @@ static int vb2_dma_sg_map_dmabuf(void *mem_priv) > > return -EINVAL; > > } > > > > + /* verify the dmabuf is secure if we are in secure mode */ > > + if (buf->vb->vb2_queue->secure_mem && !sg_dma_secure(sgt->sgl)) { > > I can't find the sg_dma_secure function. I suspect this patch series > depends on another series? That was an oversight, it should be the same as in videobuf2-dma-contig.c. Yunfei, can you change this to match what's in videobuf2-dma-contig.c after the comment is reworded? > > > + pr_err("secure queue requires secure dma_buf"); > > + return -EINVAL; > > + } > > + > > buf->dma_sgt = sgt; > > buf->vaddr = NULL; > > > > Regards, > > Hans

1 year, 10 months

Re: [PATCH v3,04/21] v4l: add documentation for secure memory flag

by Jeffrey Kardatzke

On Mon, Dec 11, 2023 at 3:05 AM Hans Verkuil <hverkuil-cisco(a)xs4all.nl> wrote: > > On 06/12/2023 09:15, Yunfei Dong wrote: > > From: Jeffrey Kardatzke <jkardatzke(a)google.com> > > > > Adds documentation for V4L2_MEMORY_FLAG_SECURE. > > > > Signed-off-by: Jeffrey Kardatzke <jkardatzke(a)google.com> > > Signed-off-by: Yunfei Dong <yunfei.dong(a)mediatek.com> > > --- > > Documentation/userspace-api/media/v4l/buffer.rst | 8 +++++++- > > 1 file changed, 7 insertions(+), 1 deletion(-) > > > > diff --git a/Documentation/userspace-api/media/v4l/buffer.rst b/Documentation/userspace-api/media/v4l/buffer.rst > > index 52bbee81c080..a5a7d1c72d53 100644 > > --- a/Documentation/userspace-api/media/v4l/buffer.rst > > +++ b/Documentation/userspace-api/media/v4l/buffer.rst > > @@ -696,7 +696,7 @@ enum v4l2_memory > > > > .. _memory-flags: > > > > -Memory Consistency Flags > > +Memory Flags > > ------------------------ > > > > .. raw:: latex > > @@ -728,6 +728,12 @@ Memory Consistency Flags > > only if the buffer is used for :ref:`memory mapping <mmap>` I/O and the > > queue reports the :ref:`V4L2_BUF_CAP_SUPPORTS_MMAP_CACHE_HINTS > > <V4L2-BUF-CAP-SUPPORTS-MMAP-CACHE-HINTS>` capability. > > + * .. _`V4L2-MEMORY-FLAG-SECURE`: > > + > > + - ``V4L2_MEMORY_FLAG_SECURE`` > > + - 0x00000002 > > + - DMA bufs passed into the queue will be validated to ensure they were > > + allocated from a secure dma-heap. > > Hmm, that needs a bit more work. How about: > > - The queued buffers are expected to be in secure memory. If not, an error will be > returned. This flag can only be used with ``V4L2_MEMORY_DMABUF``. Typically > secure buffers are allocated using a secure dma-heap. This flag can only be > specified if the ``V4L2_BUF_CAP_SUPPORTS_SECURE_MEM`` is set. > Thanks Hans. Yunfei, can you integrate this change into the patch please? > In addition, the title of this table is currently "Memory Consistency Flags": that > should be renamed to "Memory Flags". Hans, the patch is already renaming the table as you suggested. :) (unless there's some other spot I'm missing) > > Regards, > > Hans > > > > > .. raw:: latex > > >

1 year, 10 months

Re: [PATCH v3,02/21] v4l2: handle secure memory flags in queue setup

by Jeffrey Kardatzke

Yunfei, Can you please integrate these changes into the patch? Thanks, Jeff On Mon, Dec 11, 2023 at 2:45 AM Hans Verkuil <hverkuil-cisco(a)xs4all.nl> wrote: > > Hi Yunfei, Jeffrey, > > Some comments below: > > On 06/12/2023 09:15, Yunfei Dong wrote: > > From: Jeffrey Kardatzke <jkardatzke(a)google.com> > > > > Validates the secure memory flags when setting up a queue and ensures > > the queue has the proper capability. > > > > Signed-off-by: Jeffrey Kardatzke <jkardatzke(a)google.com> > > Signed-off-by: Yunfei Dong <yunfei.dong(a)mediatek.com> > > --- > > .../media/common/videobuf2/videobuf2-core.c | 23 +++++++++++++ > > .../media/common/videobuf2/videobuf2-v4l2.c | 34 +++++++++++++------ > > 2 files changed, 46 insertions(+), 11 deletions(-) > > > > diff --git a/drivers/media/common/videobuf2/videobuf2-core.c b/drivers/media/common/videobuf2/videobuf2-core.c > > index 8c1df829745b..09dc030484be 100644 > > --- a/drivers/media/common/videobuf2/videobuf2-core.c > > +++ b/drivers/media/common/videobuf2/videobuf2-core.c > > @@ -813,6 +813,15 @@ static bool verify_coherency_flags(struct vb2_queue *q, bool non_coherent_mem) > > return true; > > } > > > > +static bool verify_secure_mem_flags(struct vb2_queue *q, bool secure_mem) > > +{ > > + if (secure_mem != q->secure_mem) { > > + dprintk(q, 1, "secure memory model mismatch\n"); > > + return false; > > + } > > + return true; > > +} > > + > > int vb2_core_reqbufs(struct vb2_queue *q, enum vb2_memory memory, > > unsigned int flags, unsigned int *count) > > { > > @@ -820,6 +829,7 @@ int vb2_core_reqbufs(struct vb2_queue *q, enum vb2_memory memory, > > unsigned int q_num_bufs = vb2_get_num_buffers(q); > > unsigned plane_sizes[VB2_MAX_PLANES] = { }; > > bool non_coherent_mem = flags & V4L2_MEMORY_FLAG_NON_COHERENT; > > + bool secure_mem = flags & V4L2_MEMORY_FLAG_SECURE; > > unsigned int i; > > int ret = 0; > > > > @@ -836,6 +846,8 @@ int vb2_core_reqbufs(struct vb2_queue *q, enum vb2_memory memory, > > if (*count == 0 || q_num_bufs != 0 || > > (q->memory != VB2_MEMORY_UNKNOWN && q->memory != memory) || > > !verify_coherency_flags(q, non_coherent_mem)) { > > + bool no_previous_buffers = !q->num_buffers; > > + > > /* > > * We already have buffers allocated, so first check if they > > * are not in use and can be freed. > > @@ -854,6 +866,12 @@ int vb2_core_reqbufs(struct vb2_queue *q, enum vb2_memory memory, > > __vb2_queue_free(q, q_num_bufs); > > mutex_unlock(&q->mmap_lock); > > > > + /* > > + * Do not allow switching secure buffer mode. > > + */ > > + if (!no_previous_buffers && !verify_secure_mem_flags(q, secure_mem)) > > + return -EINVAL; > > + > > Why is this needed? Here VIDIOC_REQBUFS is called either to just delete > all existing buffers (count == 0), or to delete all existing buffers and > allocate new buffers (count > 0). > > Since in both cases all existing buffers are deleted, you are free to choose > whatever new secure mode you want. > > > /* > > * In case of REQBUFS(0) return immediately without calling > > * driver's queue_setup() callback and allocating resources. > > @@ -882,6 +900,7 @@ int vb2_core_reqbufs(struct vb2_queue *q, enum vb2_memory memory, > > if (ret) > > return ret; > > set_queue_coherency(q, non_coherent_mem); > > + q->secure_mem = secure_mem; > > > > /* > > * Ask the driver how many buffers and planes per buffer it requires. > > @@ -986,6 +1005,7 @@ int vb2_core_create_bufs(struct vb2_queue *q, enum vb2_memory memory, > > unsigned plane_sizes[VB2_MAX_PLANES] = { }; > > bool non_coherent_mem = flags & V4L2_MEMORY_FLAG_NON_COHERENT; > > unsigned int q_num_bufs = vb2_get_num_buffers(q); > > + bool secure_mem = flags & V4L2_MEMORY_FLAG_SECURE; > > bool no_previous_buffers = !q_num_bufs; > > int ret = 0; > > > > @@ -1015,6 +1035,7 @@ int vb2_core_create_bufs(struct vb2_queue *q, enum vb2_memory memory, > > return ret; > > q->waiting_for_buffers = !q->is_output; > > set_queue_coherency(q, non_coherent_mem); > > + q->secure_mem = secure_mem; > > } else { > > if (q->memory != memory) { > > dprintk(q, 1, "memory model mismatch\n"); > > @@ -1022,6 +1043,8 @@ int vb2_core_create_bufs(struct vb2_queue *q, enum vb2_memory memory, > > } > > if (!verify_coherency_flags(q, non_coherent_mem)) > > return -EINVAL; > > + if (!verify_secure_mem_flags(q, secure_mem)) > > + return -EINVAL; > > } > > > > num_buffers = min(*count, q->max_num_buffers - q_num_bufs); > > diff --git a/drivers/media/common/videobuf2/videobuf2-v4l2.c b/drivers/media/common/videobuf2/videobuf2-v4l2.c > > index 54d572c3b515..0a530830276c 100644 > > --- a/drivers/media/common/videobuf2/videobuf2-v4l2.c > > +++ b/drivers/media/common/videobuf2/videobuf2-v4l2.c > > @@ -686,22 +686,30 @@ static void fill_buf_caps(struct vb2_queue *q, u32 *caps) > > *caps |= V4L2_BUF_CAP_SUPPORTS_MMAP_CACHE_HINTS; > > if (q->supports_requests) > > *caps |= V4L2_BUF_CAP_SUPPORTS_REQUESTS; > > + if (q->allow_secure_mem && q->io_modes & VB2_DMABUF) > > + *caps |= V4L2_BUF_CAP_SUPPORTS_SECURE_MEM; > > } > > > > -static void validate_memory_flags(struct vb2_queue *q, > > +static bool validate_memory_flags(struct vb2_queue *q, > > int memory, > > u32 *flags) > > { > > + if (*flags & V4L2_MEMORY_FLAG_SECURE && > > + (!q->allow_secure_mem || memory != V4L2_MEMORY_DMABUF)) { > > + return false; > > + } > > + > > This check belongs to videobuf2-core.c and the check should be done > in vb2_core_reqbufs and vb2_core_create_bufs. > > So just leave this function as a void. > > > if (!q->allow_cache_hints || memory != V4L2_MEMORY_MMAP) { > > /* > > - * This needs to clear V4L2_MEMORY_FLAG_NON_COHERENT only, > > - * but in order to avoid bugs we zero out all bits. > > + * This needs to clear V4L2_MEMORY_FLAG_NON_COHERENT only. > > Just drop this as well since it adds no useful information anymore. > > > */ > > - *flags = 0; > > - } else { > > - /* Clear all unknown flags. */ > > - *flags &= V4L2_MEMORY_FLAG_NON_COHERENT; > > + *flags &= ~V4L2_MEMORY_FLAG_NON_COHERENT; > > } > > + > > + /* Clear all unknown flags. */ > > + *flags &= V4L2_MEMORY_FLAG_NON_COHERENT | V4L2_MEMORY_FLAG_SECURE; > > This is still needed here. > > > + > > + return true; > > } > > > > So the following changes from here... > > > int vb2_reqbufs(struct vb2_queue *q, struct v4l2_requestbuffers *req) > > @@ -710,7 +718,8 @@ int vb2_reqbufs(struct vb2_queue *q, struct v4l2_requestbuffers *req) > > u32 flags = req->flags; > > > > fill_buf_caps(q, &req->capabilities); > > - validate_memory_flags(q, req->memory, &flags); > > + if (!validate_memory_flags(q, req->memory, &flags)) > > + return -EINVAL; > > req->flags = flags; > > return ret ? ret : vb2_core_reqbufs(q, req->memory, > > req->flags, &req->count); > > @@ -752,7 +761,8 @@ int vb2_create_bufs(struct vb2_queue *q, struct v4l2_create_buffers *create) > > unsigned i; > > > > fill_buf_caps(q, &create->capabilities); > > - validate_memory_flags(q, create->memory, &create->flags); > > + if (!validate_memory_flags(q, create->memory, &create->flags)) > > + return -EINVAL; > > create->index = vb2_get_num_buffers(q); > > create->max_num_buffers = q->max_num_buffers; > > create->capabilities |= V4L2_BUF_CAP_SUPPORTS_MAX_NUM_BUFFERS; > > @@ -1007,7 +1017,8 @@ int vb2_ioctl_reqbufs(struct file *file, void *priv, > > u32 flags = p->flags; > > > > fill_buf_caps(vdev->queue, &p->capabilities); > > - validate_memory_flags(vdev->queue, p->memory, &flags); > > + if (!validate_memory_flags(vdev->queue, p->memory, &flags)) > > + return -EINVAL; > > p->flags = flags; > > if (res) > > return res; > > @@ -1031,7 +1042,8 @@ int vb2_ioctl_create_bufs(struct file *file, void *priv, > > > > p->index = vdev->queue->num_buffers; > > fill_buf_caps(vdev->queue, &p->capabilities); > > - validate_memory_flags(vdev->queue, p->memory, &p->flags); > > + if (!validate_memory_flags(vdev->queue, p->memory, &p->flags)) > > + return -EINVAL; > > /* > > * If count == 0, then just check if memory and type are valid. > > * Any -EBUSY result from vb2_verify_memory_type can be mapped to 0. > > ...to the end should all be dropped since the vb2 core will do the checks. > > Regards, > > Hans

1 year, 10 months

Re: [syzbot] [dri?] WARNING in drm_prime_destroy_file_private (2)

by Christian König

Am 28.12.23 um 03:57 schrieb Qi Zheng: > > > On 2023/12/28 04:51, syzbot wrote: >> Hello, >> >> syzbot found the following issue on: >> >> HEAD commit: 5254c0cbc92d Merge tag 'block-6.7-2023-12-22' of >> git://git.. >> git tree: upstream >> console+strace: https://syzkaller.appspot.com/x/log.txt?x=10cc6995e80000 >> kernel config: >> https://syzkaller.appspot.com/x/.config?x=314e9ad033a7d3a7 >> dashboard link: >> https://syzkaller.appspot.com/bug?extid=59dcc2e7283a6f5f5ba1 >> compiler: gcc (Debian 12.2.0-14) 12.2.0, GNU ld (GNU Binutils >> for Debian) 2.40 >> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=13e35809e80000 >> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=155d5fd6e80000 >> >> Downloadable assets: >> disk image: >> https://storage.googleapis.com/syzbot-assets/ebe09a5995ee/disk-5254c0cb.raw… >> vmlinux: >> https://storage.googleapis.com/syzbot-assets/02178d7f5f98/vmlinux-5254c0cb.… >> kernel image: >> https://storage.googleapis.com/syzbot-assets/12307f47d87c/bzImage-5254c0cb.… >> >> The issue was bisected to: >> >> commit ea4452de2ae987342fadbdd2c044034e6480daad >> Author: Qi Zheng <zhengqi.arch(a)bytedance.com> >> Date: Fri Nov 18 10:00:11 2022 +0000 >> >> mm: fix unexpected changes to {failslab|fail_page_alloc}.attr >> >> bisection log: >> https://syzkaller.appspot.com/x/bisect.txt?x=13027f76e80000 >> final oops: https://syzkaller.appspot.com/x/report.txt?x=10827f76e80000 >> console output: https://syzkaller.appspot.com/x/log.txt?x=17027f76e80000 >> >> IMPORTANT: if you fix the issue, please add the following tag to the >> commit: >> Reported-by: syzbot+59dcc2e7283a6f5f5ba1(a)syzkaller.appspotmail.com >> Fixes: ea4452de2ae9 ("mm: fix unexpected changes to >> {failslab|fail_page_alloc}.attr") >> >> R10: 0000000000000000 R11: 0000000000000246 R12: 00007efe98069194 >> R13: 00007efe97fd2210 R14: 0000000000000002 R15: 6972642f7665642f >> </TASK> >> ------------[ cut here ]------------ >> WARNING: CPU: 0 PID: 5107 at drivers/gpu/drm/drm_prime.c:227 >> drm_prime_destroy_file_private+0x43/0x60 drivers/gpu/drm/drm_prime.c:227 > > The warning is caused by !RB_EMPTY_ROOT(&prime_fpriv->dmabufs): > > drm_prime_destroy_file_private > --> WARN_ON(!RB_EMPTY_ROOT(&prime_fpriv->dmabufs)); > > It seems irrelevant to the logic of fault injection. So I don't see > why the commit ea4452de2ae9 can cause this warning. :( Making an educated guess I strongly think syzbot incorrectly bisected this. What basically happens is that a DRM test case crashes because a file private data structure is destroyed before all DMA-bufs referring to it are destroyed. Looks like a random race condition in a test case to me. Question is really what test is syzbot running and who is maintaining this test case? Regards, Christian. > >> Modules linked in: >> CPU: 0 PID: 5107 Comm: syz-executor227 Not tainted >> 6.7.0-rc6-syzkaller-00248-g5254c0cbc92d #0 >> Hardware name: Google Google Compute Engine/Google Compute Engine, >> BIOS Google 11/17/2023 >> RIP: 0010:drm_prime_destroy_file_private+0x43/0x60 >> drivers/gpu/drm/drm_prime.c:227 >> Code: 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 75 21 48 8b 83 >> 90 00 00 00 48 85 c0 75 06 5b e9 13 f1 93 fc e8 0e f1 93 fc 90 <0f> >> 0b 90 5b e9 04 f1 93 fc e8 3f 9b ea fc eb d8 66 66 2e 0f 1f 84 >> RSP: 0018:ffffc90003bdf9e0 EFLAGS: 00010293 >> RAX: 0000000000000000 RBX: ffff888019f28378 RCX: ffffc90003bdf9b0 >> RDX: ffff888018ff9dc0 RSI: ffffffff84f380c2 RDI: ffff888019f28408 >> RBP: ffff888019f28000 R08: 0000000000000001 R09: 0000000000000001 >> R10: ffffffff8f193a57 R11: 0000000000000000 R12: ffff88814829a000 >> R13: ffff888019f282a8 R14: ffff88814829a068 R15: ffff88814829a0a0 >> FS: 0000000000000000(0000) GS:ffff8880b9800000(0000) >> knlGS:0000000000000000 >> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 >> CR2: 00007efe98050410 CR3: 000000006d1ff000 CR4: 0000000000350ef0 >> Call Trace: >> <TASK> >> drm_file_free.part.0+0x738/0xb90 drivers/gpu/drm/drm_file.c:290 >> drm_file_free drivers/gpu/drm/drm_file.c:247 [inline] >> drm_close_helper.isra.0+0x180/0x1f0 drivers/gpu/drm/drm_file.c:307 >> drm_release+0x22a/0x4f0 drivers/gpu/drm/drm_file.c:494 >> __fput+0x270/0xb70 fs/file_table.c:394 >> task_work_run+0x14d/0x240 kernel/task_work.c:180 >> exit_task_work include/linux/task_work.h:38 [inline] >> do_exit+0xa8a/0x2ad0 kernel/exit.c:869 >> do_group_exit+0xd4/0x2a0 kernel/exit.c:1018 >> get_signal+0x23b5/0x2790 kernel/signal.c:2904 >> arch_do_signal_or_restart+0x90/0x7f0 arch/x86/kernel/signal.c:309 >> exit_to_user_mode_loop kernel/entry/common.c:168 [inline] >> exit_to_user_mode_prepare+0x121/0x240 kernel/entry/common.c:204 >> __syscall_exit_to_user_mode_work kernel/entry/common.c:285 [inline] >> syscall_exit_to_user_mode+0x1e/0x60 kernel/entry/common.c:296 >> do_syscall_64+0x4d/0x110 arch/x86/entry/common.c:89 >> entry_SYSCALL_64_after_hwframe+0x63/0x6b >> RIP: 0033:0x7efe98014769 >> Code: Unable to access opcode bytes at 0x7efe9801473f. >> RSP: 002b:00007efe97fd2208 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca >> RAX: fffffffffffffe00 RBX: 00007efe9809c408 RCX: 00007efe98014769 >> RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007efe9809c408 >> RBP: 00007efe9809c400 R08: 0000000000003131 R09: 0000000000003131 >> R10: 0000000000000000 R11: 0000000000000246 R12: 00007efe98069194 >> R13: 00007efe97fd2210 R14: 0000000000000002 R15: 6972642f7665642f >> </TASK> >> >> >> --- >> This report is generated by a bot. It may contain errors. >> See https://goo.gl/tpsmEJ for more information about syzbot. >> syzbot engineers can be reached at syzkaller(a)googlegroups.com. >> >> syzbot will keep track of this issue. See: >> https://goo.gl/tpsmEJ#status for how to communicate with syzbot. >> For information about bisection process see: >> https://goo.gl/tpsmEJ#bisection >> >> If the report is already addressed, let syzbot know by replying with: >> #syz fix: exact-commit-title >> >> If you want syzbot to run the reproducer, reply with: >> #syz test: git://repo/address.git branch-or-commit-hash >> If you attach or paste a git patch, syzbot will apply it before testing. >> >> If you want to overwrite report's subsystems, reply with: >> #syz set subsystems: new-subsystem >> (See the list of subsystem names on the web dashboard) >> >> If the report is a duplicate of another one, reply with: >> #syz dup: exact-subject-of-another-report >> >> If you want to undo deduplication, reply with: >> #syz undup

1 year, 10 months

[PATCH] drm/scheduler: Unwrap job dependencies

by Rob Clark

1 year, 11 months

[syzbot] [dri?] KMSAN: uninit-value in drm_mode_setcrtc

by syzbot

Hello, syzbot found the following issue on: HEAD commit: 2741f1b02117 string: use __builtin_memcpy() in strlcpy/str.. git tree: https://github.com/google/kmsan.git master console+strace: https://syzkaller.appspot.com/x/log.txt?x=17bb33d1280000 kernel config: https://syzkaller.appspot.com/x/.config?x=753079601b2300f9 dashboard link: https://syzkaller.appspot.com/bug?extid=4fad2e57beb6397ab2fc compiler: Debian clang version 15.0.7, GNU ld (GNU Binutils for Debian) 2.35.2 syz repro: https://syzkaller.appspot.com/x/repro.syz?x=16d669a5280000 C reproducer: https://syzkaller.appspot.com/x/repro.c?x=14d8f095280000 Downloadable assets: disk image: https://storage.googleapis.com/syzbot-assets/ebd05512d8d7/disk-2741f1b0.raw… vmlinux: https://storage.googleapis.com/syzbot-assets/aa555b09582c/vmlinux-2741f1b0.… kernel image: https://storage.googleapis.com/syzbot-assets/5ea0934e02cc/bzImage-2741f1b0.… IMPORTANT: if you fix the issue, please add the following tag to the commit: Reported-by: syzbot+4fad2e57beb6397ab2fc(a)syzkaller.appspotmail.com ===================================================== BUG: KMSAN: uninit-value in drm_mode_setcrtc+0x1ad3/0x24a0 drivers/gpu/drm/drm_crtc.c:896 drm_mode_setcrtc+0x1ad3/0x24a0 drivers/gpu/drm/drm_crtc.c:896 drm_ioctl_kernel+0x5ae/0x730 drivers/gpu/drm/drm_ioctl.c:788 drm_ioctl+0xd12/0x1590 drivers/gpu/drm/drm_ioctl.c:891 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:870 [inline] __se_sys_ioctl+0x222/0x400 fs/ioctl.c:856 __x64_sys_ioctl+0x96/0xe0 fs/ioctl.c:856 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd Uninit was created at: slab_post_alloc_hook+0x12d/0xb60 mm/slab.h:716 slab_alloc_node mm/slub.c:3451 [inline] __kmem_cache_alloc_node+0x4ff/0x8b0 mm/slub.c:3490 __do_kmalloc_node mm/slab_common.c:965 [inline] __kmalloc+0x121/0x3c0 mm/slab_common.c:979 kmalloc_array include/linux/slab.h:596 [inline] drm_mode_setcrtc+0x1dba/0x24a0 drivers/gpu/drm/drm_crtc.c:846 drm_ioctl_kernel+0x5ae/0x730 drivers/gpu/drm/drm_ioctl.c:788 drm_ioctl+0xd12/0x1590 drivers/gpu/drm/drm_ioctl.c:891 vfs_ioctl fs/ioctl.c:51 [inline] __do_sys_ioctl fs/ioctl.c:870 [inline] __se_sys_ioctl+0x222/0x400 fs/ioctl.c:856 __x64_sys_ioctl+0x96/0xe0 fs/ioctl.c:856 do_syscall_x64 arch/x86/entry/common.c:50 [inline] do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80 entry_SYSCALL_64_after_hwframe+0x63/0xcd CPU: 1 PID: 4955 Comm: syz-executor275 Not tainted 6.4.0-rc4-syzkaller-g2741f1b02117 #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/25/2023 ===================================================== --- This report is generated by a bot. It may contain errors. See https://goo.gl/tpsmEJ for more information about syzbot. syzbot engineers can be reached at syzkaller(a)googlegroups.com. syzbot will keep track of this issue. See: https://goo.gl/tpsmEJ#status for how to communicate with syzbot. If the bug is already fixed, let syzbot know by replying with: #syz fix: exact-commit-title If you want syzbot to run the reproducer, reply with: #syz test: git://repo/address.git branch-or-commit-hash If you attach or paste a git patch, syzbot will apply it before testing. If you want to change bug's subsystems, reply with: #syz set subsystems: new-subsystem (See the list of subsystem names on the web dashboard) If the bug is a duplicate of another bug, reply with: #syz dup: exact-subject-of-another-report If you want to undo deduplication, reply with: #syz undup

1 year, 11 months

Re: [PATCH] media: medkatek: vcodec: support tee decoder

by kernel test robot

Hi Yunfei, kernel test robot noticed the following build errors: [auto build test ERROR on media-tree/master] [also build test ERROR on linus/master v6.7-rc4 next-20231206] [If your patch is applied to the wrong git tree, kindly drop us a note. And when submitting patch, we suggest to use '--base' as documented in https://git-scm.com/docs/git-format-patch#_base_tree_information] url: https://github.com/intel-lab-lkp/linux/commits/Yunfei-Dong/media-medkatek-v… base: git://linuxtv.org/media_tree.git master patch link: https://lore.kernel.org/r/20231206081538.17056-21-yunfei.dong%40mediatek.com patch subject: [PATCH] media: medkatek: vcodec: support tee decoder config: powerpc-allmodconfig (https://download.01.org/0day-ci/archive/20231207/202312070723.APrpMLj9-lkp@…) compiler: clang version 17.0.0 (https://github.com/llvm/llvm-project.git 4a5ac14ee968ff0ad5d2cc1ffa0299048db4c88a) reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20231207/202312070723.APrpMLj9-lkp@…) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <lkp(a)intel.com> | Closes: https://lore.kernel.org/oe-kbuild-all/202312070723.APrpMLj9-lkp@intel.com/ All errors (new ones prefixed by >>): >> drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_drv.c:313:11: error: no member named 'is_secure_playback' in 'struct mtk_vcodec_dec_ctx' 313 | if (ctx->is_secure_playback) | ~~~ ^ >> drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_drv.c:314:3: error: call to undeclared function 'mtk_vcodec_dec_optee_release'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] 314 | mtk_vcodec_dec_optee_release(dev->optee_private); | ^ drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_drv.c:314:3: note: did you mean 'mtk_vcodec_dec_release'? drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec.h:88:6: note: 'mtk_vcodec_dec_release' declared here 88 | void mtk_vcodec_dec_release(struct mtk_vcodec_dec_ctx *ctx); | ^ >> drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_drv.c:314:37: error: no member named 'optee_private' in 'struct mtk_vcodec_dec_dev' 314 | mtk_vcodec_dec_optee_release(dev->optee_private); | ~~~ ^ >> drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_drv.c:472:8: error: call to undeclared function 'mtk_vcodec_dec_optee_private_init'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration] 472 | ret = mtk_vcodec_dec_optee_private_init(dev); | ^ drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_drv.c:472:8: note: did you mean 'mtk_vcodec_dec_queue_init'? drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec.h:85:5: note: 'mtk_vcodec_dec_queue_init' declared here 85 | int mtk_vcodec_dec_queue_init(void *priv, struct vb2_queue *src_vq, | ^ 4 errors generated. vim +313 drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_drv.c 291 292 static int fops_vcodec_release(struct file *file) 293 { 294 struct mtk_vcodec_dec_dev *dev = video_drvdata(file); 295 struct mtk_vcodec_dec_ctx *ctx = fh_to_dec_ctx(file->private_data); 296 297 mtk_v4l2_vdec_dbg(0, ctx, "[%d] decoder", ctx->id); 298 mutex_lock(&dev->dev_mutex); 299 300 /* 301 * Call v4l2_m2m_ctx_release before mtk_vcodec_dec_release. First, it 302 * makes sure the worker thread is not running after vdec_if_deinit. 303 * Second, the decoder will be flushed and all the buffers will be 304 * returned in stop_streaming. 305 */ 306 v4l2_m2m_ctx_release(ctx->m2m_ctx); 307 mtk_vcodec_dec_release(ctx); 308 309 v4l2_fh_del(&ctx->fh); 310 v4l2_fh_exit(&ctx->fh); 311 v4l2_ctrl_handler_free(&ctx->ctrl_hdl); 312 > 313 if (ctx->is_secure_playback) > 314 mtk_vcodec_dec_optee_release(dev->optee_private); 315 316 mtk_vcodec_dbgfs_remove(dev, ctx->id); 317 list_del_init(&ctx->list); 318 kfree(ctx); 319 mutex_unlock(&dev->dev_mutex); 320 return 0; 321 } 322 323 static const struct v4l2_file_operations mtk_vcodec_fops = { 324 .owner = THIS_MODULE, 325 .open = fops_vcodec_open, 326 .release = fops_vcodec_release, 327 .poll = v4l2_m2m_fop_poll, 328 .unlocked_ioctl = video_ioctl2, 329 .mmap = v4l2_m2m_fop_mmap, 330 }; 331 332 static void mtk_vcodec_dec_get_chip_name(struct mtk_vcodec_dec_dev *vdec_dev) 333 { 334 struct device *dev = &vdec_dev->plat_dev->dev; 335 336 if (of_device_is_compatible(dev->of_node, "mediatek,mt8173-vcodec-dec")) 337 vdec_dev->chip_name = MTK_VDEC_MT8173; 338 else if (of_device_is_compatible(dev->of_node, "mediatek,mt8183-vcodec-dec")) 339 vdec_dev->chip_name = MTK_VDEC_MT8183; 340 else if (of_device_is_compatible(dev->of_node, "mediatek,mt8192-vcodec-dec")) 341 vdec_dev->chip_name = MTK_VDEC_MT8192; 342 else if (of_device_is_compatible(dev->of_node, "mediatek,mt8195-vcodec-dec")) 343 vdec_dev->chip_name = MTK_VDEC_MT8195; 344 else if (of_device_is_compatible(dev->of_node, "mediatek,mt8186-vcodec-dec")) 345 vdec_dev->chip_name = MTK_VDEC_MT8186; 346 else if (of_device_is_compatible(dev->of_node, "mediatek,mt8188-vcodec-dec")) 347 vdec_dev->chip_name = MTK_VDEC_MT8188; 348 else 349 vdec_dev->chip_name = MTK_VDEC_INVAL; 350 } 351 352 static int mtk_vcodec_probe(struct platform_device *pdev) 353 { 354 struct mtk_vcodec_dec_dev *dev; 355 struct video_device *vfd_dec; 356 phandle rproc_phandle; 357 enum mtk_vcodec_fw_type fw_type; 358 int i, ret; 359 360 dev = devm_kzalloc(&pdev->dev, sizeof(*dev), GFP_KERNEL); 361 if (!dev) 362 return -ENOMEM; 363 364 INIT_LIST_HEAD(&dev->ctx_list); 365 dev->plat_dev = pdev; 366 367 mtk_vcodec_dec_get_chip_name(dev); 368 if (dev->chip_name == MTK_VDEC_INVAL) { 369 dev_err(&pdev->dev, "Failed to get decoder chip name"); 370 return -EINVAL; 371 } 372 373 dev->vdec_pdata = of_device_get_match_data(&pdev->dev); 374 if (!of_property_read_u32(pdev->dev.of_node, "mediatek,vpu", 375 &rproc_phandle)) { 376 fw_type = VPU; 377 } else if (!of_property_read_u32(pdev->dev.of_node, "mediatek,scp", 378 &rproc_phandle)) { 379 fw_type = SCP; 380 } else { 381 dev_dbg(&pdev->dev, "Could not get vdec IPI device"); 382 return -ENODEV; 383 } 384 dma_set_max_seg_size(&pdev->dev, UINT_MAX); 385 386 dev->fw_handler = mtk_vcodec_fw_select(dev, fw_type, DECODER); 387 if (IS_ERR(dev->fw_handler)) 388 return PTR_ERR(dev->fw_handler); 389 390 ret = mtk_vcodec_init_dec_resources(dev); 391 if (ret) { 392 dev_err(&pdev->dev, "Failed to init dec resources"); 393 goto err_dec_pm; 394 } 395 396 if (IS_VDEC_LAT_ARCH(dev->vdec_pdata->hw_arch)) { 397 dev->core_workqueue = 398 alloc_ordered_workqueue("core-decoder", 399 WQ_MEM_RECLAIM | WQ_FREEZABLE); 400 if (!dev->core_workqueue) { 401 dev_dbg(&pdev->dev, "Failed to create core workqueue"); 402 ret = -EINVAL; 403 goto err_res; 404 } 405 } 406 407 for (i = 0; i < MTK_VDEC_HW_MAX; i++) 408 mutex_init(&dev->dec_mutex[i]); 409 mutex_init(&dev->dev_mutex); 410 spin_lock_init(&dev->irqlock); 411 412 snprintf(dev->v4l2_dev.name, sizeof(dev->v4l2_dev.name), "%s", 413 "[/MTK_V4L2_VDEC]"); 414 415 ret = v4l2_device_register(&pdev->dev, &dev->v4l2_dev); 416 if (ret) { 417 dev_err(&pdev->dev, "v4l2_device_register err=%d", ret); 418 goto err_core_workq; 419 } 420 421 vfd_dec = video_device_alloc(); 422 if (!vfd_dec) { 423 dev_err(&pdev->dev, "Failed to allocate video device"); 424 ret = -ENOMEM; 425 goto err_dec_alloc; 426 } 427 vfd_dec->fops = &mtk_vcodec_fops; 428 vfd_dec->ioctl_ops = &mtk_vdec_ioctl_ops; 429 vfd_dec->release = video_device_release; 430 vfd_dec->lock = &dev->dev_mutex; 431 vfd_dec->v4l2_dev = &dev->v4l2_dev; 432 vfd_dec->vfl_dir = VFL_DIR_M2M; 433 vfd_dec->device_caps = V4L2_CAP_VIDEO_M2M_MPLANE | 434 V4L2_CAP_STREAMING; 435 436 snprintf(vfd_dec->name, sizeof(vfd_dec->name), "%s", 437 MTK_VCODEC_DEC_NAME); 438 video_set_drvdata(vfd_dec, dev); 439 dev->vfd_dec = vfd_dec; 440 platform_set_drvdata(pdev, dev); 441 442 dev->m2m_dev_dec = v4l2_m2m_init(&mtk_vdec_m2m_ops); 443 if (IS_ERR((__force void *)dev->m2m_dev_dec)) { 444 dev_err(&pdev->dev, "Failed to init mem2mem dec device"); 445 ret = PTR_ERR((__force void *)dev->m2m_dev_dec); 446 goto err_dec_alloc; 447 } 448 449 dev->decode_workqueue = 450 alloc_ordered_workqueue(MTK_VCODEC_DEC_NAME, 451 WQ_MEM_RECLAIM | WQ_FREEZABLE); 452 if (!dev->decode_workqueue) { 453 dev_err(&pdev->dev, "Failed to create decode workqueue"); 454 ret = -EINVAL; 455 goto err_event_workq; 456 } 457 458 if (dev->vdec_pdata->is_subdev_supported) { 459 ret = of_platform_populate(pdev->dev.of_node, NULL, NULL, 460 &pdev->dev); 461 if (ret) { 462 dev_err(&pdev->dev, "Main device of_platform_populate failed."); 463 goto err_reg_cont; 464 } 465 } else { 466 set_bit(MTK_VDEC_CORE, dev->subdev_bitmap); 467 } 468 469 atomic_set(&dev->dec_active_cnt, 0); 470 memset(dev->vdec_racing_info, 0, sizeof(dev->vdec_racing_info)); 471 mutex_init(&dev->dec_racing_info_mutex); > 472 ret = mtk_vcodec_dec_optee_private_init(dev); 473 if (ret) { 474 dev_err(&pdev->dev, "Failed to init svp private."); 475 goto err_reg_cont; 476 } 477 478 ret = video_register_device(vfd_dec, VFL_TYPE_VIDEO, -1); 479 if (ret) { 480 dev_err(&pdev->dev, "Failed to register video device"); 481 goto err_reg_cont; 482 } 483 484 if (dev->vdec_pdata->uses_stateless_api) { 485 v4l2_disable_ioctl(vfd_dec, VIDIOC_DECODER_CMD); 486 v4l2_disable_ioctl(vfd_dec, VIDIOC_TRY_DECODER_CMD); 487 488 dev->mdev_dec.dev = &pdev->dev; 489 strscpy(dev->mdev_dec.model, MTK_VCODEC_DEC_NAME, 490 sizeof(dev->mdev_dec.model)); 491 492 media_device_init(&dev->mdev_dec); 493 dev->mdev_dec.ops = &mtk_vcodec_media_ops; 494 dev->v4l2_dev.mdev = &dev->mdev_dec; 495 496 ret = v4l2_m2m_register_media_controller(dev->m2m_dev_dec, dev->vfd_dec, 497 MEDIA_ENT_F_PROC_VIDEO_DECODER); 498 if (ret) { 499 dev_err(&pdev->dev, "Failed to register media controller"); 500 goto err_dec_mem_init; 501 } 502 503 ret = media_device_register(&dev->mdev_dec); 504 if (ret) { 505 dev_err(&pdev->dev, "Failed to register media device"); 506 goto err_media_reg; 507 } 508 509 dev_dbg(&pdev->dev, "media registered as /dev/media%d", vfd_dec->minor); 510 } 511 512 mtk_vcodec_dbgfs_init(dev, false); 513 dev_dbg(&pdev->dev, "decoder registered as /dev/video%d", vfd_dec->minor); 514 515 return 0; 516 517 err_media_reg: 518 v4l2_m2m_unregister_media_controller(dev->m2m_dev_dec); 519 err_dec_mem_init: 520 video_unregister_device(vfd_dec); 521 err_reg_cont: 522 if (dev->vdec_pdata->uses_stateless_api) 523 media_device_cleanup(&dev->mdev_dec); 524 destroy_workqueue(dev->decode_workqueue); 525 err_event_workq: 526 v4l2_m2m_release(dev->m2m_dev_dec); 527 err_dec_alloc: 528 v4l2_device_unregister(&dev->v4l2_dev); 529 err_core_workq: 530 if (IS_VDEC_LAT_ARCH(dev->vdec_pdata->hw_arch)) 531 destroy_workqueue(dev->core_workqueue); 532 err_res: 533 if (!dev->vdec_pdata->is_subdev_supported) 534 pm_runtime_disable(dev->pm.dev); 535 err_dec_pm: 536 mtk_vcodec_fw_release(dev->fw_handler); 537 return ret; 538 } 539 -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki

1 year, 11 months

Re: [PATCH] media: medkatek: vcodec: support tee decoder

by kernel test robot

Hi Yunfei, kernel test robot noticed the following build errors: [auto build test ERROR on media-tree/master] [also build test ERROR on linus/master v6.7-rc4 next-20231206] [If your patch is applied to the wrong git tree, kindly drop us a note. And when submitting patch, we suggest to use '--base' as documented in https://git-scm.com/docs/git-format-patch#_base_tree_information] url: https://github.com/intel-lab-lkp/linux/commits/Yunfei-Dong/media-medkatek-v… base: git://linuxtv.org/media_tree.git master patch link: https://lore.kernel.org/r/20231206081538.17056-21-yunfei.dong%40mediatek.com patch subject: [PATCH] media: medkatek: vcodec: support tee decoder config: arm64-defconfig (https://download.01.org/0day-ci/archive/20231207/202312070717.a86rODYn-lkp@…) compiler: aarch64-linux-gcc (GCC) 13.2.0 reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20231207/202312070717.a86rODYn-lkp@…) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <lkp(a)intel.com> | Closes: https://lore.kernel.org/oe-kbuild-all/202312070717.a86rODYn-lkp@intel.com/ All errors (new ones prefixed by >>): drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_drv.c: In function 'fops_vcodec_release': >> drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_drv.c:313:16: error: 'struct mtk_vcodec_dec_ctx' has no member named 'is_secure_playback' 313 | if (ctx->is_secure_playback) | ^~ >> drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_drv.c:314:17: error: implicit declaration of function 'mtk_vcodec_dec_optee_release'; did you mean 'mtk_vcodec_dec_release'? [-Werror=implicit-function-declaration] 314 | mtk_vcodec_dec_optee_release(dev->optee_private); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~ | mtk_vcodec_dec_release >> drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_drv.c:314:49: error: 'struct mtk_vcodec_dec_dev' has no member named 'optee_private' 314 | mtk_vcodec_dec_optee_release(dev->optee_private); | ^~ drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_drv.c: In function 'mtk_vcodec_probe': >> drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_drv.c:472:15: error: implicit declaration of function 'mtk_vcodec_dec_optee_private_init'; did you mean 'mtk_vcodec_dec_queue_init'? [-Werror=implicit-function-declaration] 472 | ret = mtk_vcodec_dec_optee_private_init(dev); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | mtk_vcodec_dec_queue_init cc1: some warnings being treated as errors vim +313 drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_drv.c 291 292 static int fops_vcodec_release(struct file *file) 293 { 294 struct mtk_vcodec_dec_dev *dev = video_drvdata(file); 295 struct mtk_vcodec_dec_ctx *ctx = fh_to_dec_ctx(file->private_data); 296 297 mtk_v4l2_vdec_dbg(0, ctx, "[%d] decoder", ctx->id); 298 mutex_lock(&dev->dev_mutex); 299 300 /* 301 * Call v4l2_m2m_ctx_release before mtk_vcodec_dec_release. First, it 302 * makes sure the worker thread is not running after vdec_if_deinit. 303 * Second, the decoder will be flushed and all the buffers will be 304 * returned in stop_streaming. 305 */ 306 v4l2_m2m_ctx_release(ctx->m2m_ctx); 307 mtk_vcodec_dec_release(ctx); 308 309 v4l2_fh_del(&ctx->fh); 310 v4l2_fh_exit(&ctx->fh); 311 v4l2_ctrl_handler_free(&ctx->ctrl_hdl); 312 > 313 if (ctx->is_secure_playback) > 314 mtk_vcodec_dec_optee_release(dev->optee_private); 315 316 mtk_vcodec_dbgfs_remove(dev, ctx->id); 317 list_del_init(&ctx->list); 318 kfree(ctx); 319 mutex_unlock(&dev->dev_mutex); 320 return 0; 321 } 322 323 static const struct v4l2_file_operations mtk_vcodec_fops = { 324 .owner = THIS_MODULE, 325 .open = fops_vcodec_open, 326 .release = fops_vcodec_release, 327 .poll = v4l2_m2m_fop_poll, 328 .unlocked_ioctl = video_ioctl2, 329 .mmap = v4l2_m2m_fop_mmap, 330 }; 331 332 static void mtk_vcodec_dec_get_chip_name(struct mtk_vcodec_dec_dev *vdec_dev) 333 { 334 struct device *dev = &vdec_dev->plat_dev->dev; 335 336 if (of_device_is_compatible(dev->of_node, "mediatek,mt8173-vcodec-dec")) 337 vdec_dev->chip_name = MTK_VDEC_MT8173; 338 else if (of_device_is_compatible(dev->of_node, "mediatek,mt8183-vcodec-dec")) 339 vdec_dev->chip_name = MTK_VDEC_MT8183; 340 else if (of_device_is_compatible(dev->of_node, "mediatek,mt8192-vcodec-dec")) 341 vdec_dev->chip_name = MTK_VDEC_MT8192; 342 else if (of_device_is_compatible(dev->of_node, "mediatek,mt8195-vcodec-dec")) 343 vdec_dev->chip_name = MTK_VDEC_MT8195; 344 else if (of_device_is_compatible(dev->of_node, "mediatek,mt8186-vcodec-dec")) 345 vdec_dev->chip_name = MTK_VDEC_MT8186; 346 else if (of_device_is_compatible(dev->of_node, "mediatek,mt8188-vcodec-dec")) 347 vdec_dev->chip_name = MTK_VDEC_MT8188; 348 else 349 vdec_dev->chip_name = MTK_VDEC_INVAL; 350 } 351 352 static int mtk_vcodec_probe(struct platform_device *pdev) 353 { 354 struct mtk_vcodec_dec_dev *dev; 355 struct video_device *vfd_dec; 356 phandle rproc_phandle; 357 enum mtk_vcodec_fw_type fw_type; 358 int i, ret; 359 360 dev = devm_kzalloc(&pdev->dev, sizeof(*dev), GFP_KERNEL); 361 if (!dev) 362 return -ENOMEM; 363 364 INIT_LIST_HEAD(&dev->ctx_list); 365 dev->plat_dev = pdev; 366 367 mtk_vcodec_dec_get_chip_name(dev); 368 if (dev->chip_name == MTK_VDEC_INVAL) { 369 dev_err(&pdev->dev, "Failed to get decoder chip name"); 370 return -EINVAL; 371 } 372 373 dev->vdec_pdata = of_device_get_match_data(&pdev->dev); 374 if (!of_property_read_u32(pdev->dev.of_node, "mediatek,vpu", 375 &rproc_phandle)) { 376 fw_type = VPU; 377 } else if (!of_property_read_u32(pdev->dev.of_node, "mediatek,scp", 378 &rproc_phandle)) { 379 fw_type = SCP; 380 } else { 381 dev_dbg(&pdev->dev, "Could not get vdec IPI device"); 382 return -ENODEV; 383 } 384 dma_set_max_seg_size(&pdev->dev, UINT_MAX); 385 386 dev->fw_handler = mtk_vcodec_fw_select(dev, fw_type, DECODER); 387 if (IS_ERR(dev->fw_handler)) 388 return PTR_ERR(dev->fw_handler); 389 390 ret = mtk_vcodec_init_dec_resources(dev); 391 if (ret) { 392 dev_err(&pdev->dev, "Failed to init dec resources"); 393 goto err_dec_pm; 394 } 395 396 if (IS_VDEC_LAT_ARCH(dev->vdec_pdata->hw_arch)) { 397 dev->core_workqueue = 398 alloc_ordered_workqueue("core-decoder", 399 WQ_MEM_RECLAIM | WQ_FREEZABLE); 400 if (!dev->core_workqueue) { 401 dev_dbg(&pdev->dev, "Failed to create core workqueue"); 402 ret = -EINVAL; 403 goto err_res; 404 } 405 } 406 407 for (i = 0; i < MTK_VDEC_HW_MAX; i++) 408 mutex_init(&dev->dec_mutex[i]); 409 mutex_init(&dev->dev_mutex); 410 spin_lock_init(&dev->irqlock); 411 412 snprintf(dev->v4l2_dev.name, sizeof(dev->v4l2_dev.name), "%s", 413 "[/MTK_V4L2_VDEC]"); 414 415 ret = v4l2_device_register(&pdev->dev, &dev->v4l2_dev); 416 if (ret) { 417 dev_err(&pdev->dev, "v4l2_device_register err=%d", ret); 418 goto err_core_workq; 419 } 420 421 vfd_dec = video_device_alloc(); 422 if (!vfd_dec) { 423 dev_err(&pdev->dev, "Failed to allocate video device"); 424 ret = -ENOMEM; 425 goto err_dec_alloc; 426 } 427 vfd_dec->fops = &mtk_vcodec_fops; 428 vfd_dec->ioctl_ops = &mtk_vdec_ioctl_ops; 429 vfd_dec->release = video_device_release; 430 vfd_dec->lock = &dev->dev_mutex; 431 vfd_dec->v4l2_dev = &dev->v4l2_dev; 432 vfd_dec->vfl_dir = VFL_DIR_M2M; 433 vfd_dec->device_caps = V4L2_CAP_VIDEO_M2M_MPLANE | 434 V4L2_CAP_STREAMING; 435 436 snprintf(vfd_dec->name, sizeof(vfd_dec->name), "%s", 437 MTK_VCODEC_DEC_NAME); 438 video_set_drvdata(vfd_dec, dev); 439 dev->vfd_dec = vfd_dec; 440 platform_set_drvdata(pdev, dev); 441 442 dev->m2m_dev_dec = v4l2_m2m_init(&mtk_vdec_m2m_ops); 443 if (IS_ERR((__force void *)dev->m2m_dev_dec)) { 444 dev_err(&pdev->dev, "Failed to init mem2mem dec device"); 445 ret = PTR_ERR((__force void *)dev->m2m_dev_dec); 446 goto err_dec_alloc; 447 } 448 449 dev->decode_workqueue = 450 alloc_ordered_workqueue(MTK_VCODEC_DEC_NAME, 451 WQ_MEM_RECLAIM | WQ_FREEZABLE); 452 if (!dev->decode_workqueue) { 453 dev_err(&pdev->dev, "Failed to create decode workqueue"); 454 ret = -EINVAL; 455 goto err_event_workq; 456 } 457 458 if (dev->vdec_pdata->is_subdev_supported) { 459 ret = of_platform_populate(pdev->dev.of_node, NULL, NULL, 460 &pdev->dev); 461 if (ret) { 462 dev_err(&pdev->dev, "Main device of_platform_populate failed."); 463 goto err_reg_cont; 464 } 465 } else { 466 set_bit(MTK_VDEC_CORE, dev->subdev_bitmap); 467 } 468 469 atomic_set(&dev->dec_active_cnt, 0); 470 memset(dev->vdec_racing_info, 0, sizeof(dev->vdec_racing_info)); 471 mutex_init(&dev->dec_racing_info_mutex); > 472 ret = mtk_vcodec_dec_optee_private_init(dev); 473 if (ret) { 474 dev_err(&pdev->dev, "Failed to init svp private."); 475 goto err_reg_cont; 476 } 477 478 ret = video_register_device(vfd_dec, VFL_TYPE_VIDEO, -1); 479 if (ret) { 480 dev_err(&pdev->dev, "Failed to register video device"); 481 goto err_reg_cont; 482 } 483 484 if (dev->vdec_pdata->uses_stateless_api) { 485 v4l2_disable_ioctl(vfd_dec, VIDIOC_DECODER_CMD); 486 v4l2_disable_ioctl(vfd_dec, VIDIOC_TRY_DECODER_CMD); 487 488 dev->mdev_dec.dev = &pdev->dev; 489 strscpy(dev->mdev_dec.model, MTK_VCODEC_DEC_NAME, 490 sizeof(dev->mdev_dec.model)); 491 492 media_device_init(&dev->mdev_dec); 493 dev->mdev_dec.ops = &mtk_vcodec_media_ops; 494 dev->v4l2_dev.mdev = &dev->mdev_dec; 495 496 ret = v4l2_m2m_register_media_controller(dev->m2m_dev_dec, dev->vfd_dec, 497 MEDIA_ENT_F_PROC_VIDEO_DECODER); 498 if (ret) { 499 dev_err(&pdev->dev, "Failed to register media controller"); 500 goto err_dec_mem_init; 501 } 502 503 ret = media_device_register(&dev->mdev_dec); 504 if (ret) { 505 dev_err(&pdev->dev, "Failed to register media device"); 506 goto err_media_reg; 507 } 508 509 dev_dbg(&pdev->dev, "media registered as /dev/media%d", vfd_dec->minor); 510 } 511 512 mtk_vcodec_dbgfs_init(dev, false); 513 dev_dbg(&pdev->dev, "decoder registered as /dev/video%d", vfd_dec->minor); 514 515 return 0; 516 517 err_media_reg: 518 v4l2_m2m_unregister_media_controller(dev->m2m_dev_dec); 519 err_dec_mem_init: 520 video_unregister_device(vfd_dec); 521 err_reg_cont: 522 if (dev->vdec_pdata->uses_stateless_api) 523 media_device_cleanup(&dev->mdev_dec); 524 destroy_workqueue(dev->decode_workqueue); 525 err_event_workq: 526 v4l2_m2m_release(dev->m2m_dev_dec); 527 err_dec_alloc: 528 v4l2_device_unregister(&dev->v4l2_dev); 529 err_core_workq: 530 if (IS_VDEC_LAT_ARCH(dev->vdec_pdata->hw_arch)) 531 destroy_workqueue(dev->core_workqueue); 532 err_res: 533 if (!dev->vdec_pdata->is_subdev_supported) 534 pm_runtime_disable(dev->pm.dev); 535 err_dec_pm: 536 mtk_vcodec_fw_release(dev->fw_handler); 537 return ret; 538 } 539 -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki

1 year, 11 months

[RFC] drm/scheduler: Unwrap job dependencies

by Rob Clark

From: Rob Clark <robdclark(a)chromium.org> Container fences have burner contexts, which makes the trick to store at most one fence per context somewhat useless if we don't unwrap array or chain fences. Signed-off-by: Rob Clark <robdclark(a)chromium.org> --- tbh, I'm not sure why we weren't doing this already, unless there is something I'm overlooking drivers/gpu/drm/scheduler/sched_main.c | 43 +++++++++++++++++--------- 1 file changed, 28 insertions(+), 15 deletions(-) diff --git a/drivers/gpu/drm/scheduler/sched_main.c b/drivers/gpu/drm/scheduler/sched_main.c index c2ee44d6224b..f59e5335afbb 100644 --- a/drivers/gpu/drm/scheduler/sched_main.c +++ b/drivers/gpu/drm/scheduler/sched_main.c @@ -41,20 +41,21 @@ * 4. Entities themselves maintain a queue of jobs that will be scheduled on * the hardware. * * The jobs in a entity are always scheduled in the order that they were pushed. */ #include <linux/kthread.h> #include <linux/wait.h> #include <linux/sched.h> #include <linux/completion.h> +#include <linux/dma-fence-unwrap.h> #include <linux/dma-resv.h> #include <uapi/linux/sched/types.h> #include <drm/drm_print.h> #include <drm/drm_gem.h> #include <drm/gpu_scheduler.h> #include <drm/spsc_queue.h> #define CREATE_TRACE_POINTS #include "gpu_scheduler_trace.h" @@ -665,41 +666,27 @@ void drm_sched_job_arm(struct drm_sched_job *job) sched = entity->rq->sched; job->sched = sched; job->s_priority = entity->rq - sched->sched_rq; job->id = atomic64_inc_return(&sched->job_id_count); drm_sched_fence_init(job->s_fence, job->entity); } EXPORT_SYMBOL(drm_sched_job_arm); -/** - * drm_sched_job_add_dependency - adds the fence as a job dependency - * @job: scheduler job to add the dependencies to - * @fence: the dma_fence to add to the list of dependencies. - * - * Note that @fence is consumed in both the success and error cases. - * - * Returns: - * 0 on success, or an error on failing to expand the array. - */ -int drm_sched_job_add_dependency(struct drm_sched_job *job, - struct dma_fence *fence) +static int _add_dependency(struct drm_sched_job *job, struct dma_fence *fence) { struct dma_fence *entry; unsigned long index; u32 id = 0; int ret; - if (!fence) - return 0; - /* Deduplicate if we already depend on a fence from the same context. * This lets the size of the array of deps scale with the number of * engines involved, rather than the number of BOs. */ xa_for_each(&job->dependencies, index, entry) { if (entry->context != fence->context) continue; if (dma_fence_is_later(fence, entry)) { dma_fence_put(entry); @@ -709,20 +696,46 @@ int drm_sched_job_add_dependency(struct drm_sched_job *job, } return 0; } ret = xa_alloc(&job->dependencies, &id, fence, xa_limit_32b, GFP_KERNEL); if (ret != 0) dma_fence_put(fence); return ret; } + +/** + * drm_sched_job_add_dependency - adds the fence as a job dependency + * @job: scheduler job to add the dependencies to + * @fence: the dma_fence to add to the list of dependencies. + * + * Note that @fence is consumed in both the success and error cases. + * + * Returns: + * 0 on success, or an error on failing to expand the array. + */ +int drm_sched_job_add_dependency(struct drm_sched_job *job, + struct dma_fence *fence) +{ + struct dma_fence_unwrap iter; + struct dma_fence *f; + int ret = 0; + + dma_fence_unwrap_for_each (f, &iter, fence) { + ret = _add_dependency(job, f); + if (ret) + break; + } + + return ret; +} EXPORT_SYMBOL(drm_sched_job_add_dependency); /** * drm_sched_job_add_resv_dependencies - add all fences from the resv to the job * @job: scheduler job to add the dependencies to * @resv: the dma_resv object to get the fences from * @usage: the dma_resv_usage to use to filter the fences * * This adds all fences matching the given usage from @resv to @job. * Must be called with the @resv lock held. -- 2.39.2

1 year, 11 months

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

Linaro-mm-sig