Linaro-mm-sig

linaro-mm-sig@lists.linaro.org

31 participants
6622 discussions

4mmc best quality for sale WhatsApp +33605825265

by takulopez45＠gmail.com

4mmc best quality for sale WhatsApp +33605825265 3mmc best quality for sale WhatsApp +33605825265 We offer a wide range of products from the best laboratories in the world. All our products are 100% original and delivered worldwide at affordable prices. Contact details. WhatsApp +33605825265 E-mail: cryvojaserty(a)gmail.com after registering their products, customers can track their shipment online and know its current location, until it reaches the addressee. Our products are characterized by purity from 98 to 99%. For questions about our products, please contact us. Contact details. WhatsApp +33605825265 Email .. cryvojaserty(a)gmail.com Buy 4MMC Online|4MMC For Sale|Order 4MMC Online.. WhatsApp +33605825265 Buy 6apb, 4mmc, 5mapb, MDMA, Coke, Ketamine ... WhatsApp +33605825265 buy crystal meth online, buy meth online, how to buy cheap meth online, buy methamphetamine for personal use, buy MDPV online, buy cheap meth online, buy cheap methylone online, buy amphetamine tablets online, buy methylone online, buy MDMA online, how to buy cheap amphetamines online, concert for sale online, cheap concerts online buy meth online, methamphetamine for sale, lisdexamfetamine used to treat ADHD for sale online Contact details. WhatsApp +33605825265 Email .. cryvojaserty(a)gmail.com Each product has its own unique properties. We import directly from factory, so we can guarantee high quality product with purity over 99.9%. We are one of the safest and most trusted sellers of mephedrone, methylone, amphetamines, MDAI, 4- Buy weight loss medications: Mounjaro, Ozempic, Wegovy, Saxenda Buy weight loss medications without a prescription Buy Mounjaro, Buy Ozempic, What is the most effective weight loss remedy available over the counter? What is the most effective weight loss drug? Ketamine HCl 200 mg/ml, solution for injection, 10 ml Where to buy ketamine HCL 200 mg/ml Contact details. WhatsApp +33605825265 Email .. cryvojaserty(a)gmail.com Ketamine Sale Online ..WhatsApp +33605825265 Ketamine hydrochloride injection 50 mg Buy ketamine online with delivery via PayPal Ketamine hydrochloride injection 50 mg, 10 ml vial BUY COKE, XANAX, ADDERALL, ESTACY, METH, AMPHETAMINE SPEED, OXY 80 MG, COCAINE, MDMA WhatsApp +33605825265 Buy Ketamine, Nembutal, Adderall Online: WhatsApp +33605825265 ,Buy Xanax 2 mg Online, Buy Painkillers, Buy Ozempic, Buy Sexanda Online, Buy Abortion Pills Online, Buy Xanax, Buy Wegovy | MDMA, 2CB, A-PVP, 3CMC | OZEMPIC | STEROIDS (ECT/Nembutal) | Heroin, cocaine. Buy Xanax Online, Buy Painkillers Online, Buy Nembutal Online, Buy Anxiety Pills Online Contact details. WhatsApp +33605825265 Email .. cryvojaserty(a)gmail.com

2 weeks, 5 days

[PATCH 00/15] accel/qda: Qualcomm DSP Accelerator driver

by Ekansh Gupta via B4 Relay

This patch series introduces the Qualcomm DSP Accelerator (QDA) driver, a DRM-based accelerator driver for Qualcomm DSPs. The driver provides a standardized interface for offloading computational tasks to DSPs found on Qualcomm SoCs, supporting all DSP domains. The QDA driver implements the FastRPC protocol over the DRM accel subsystem. It uses the same device-tree node structure as the existing fastrpc driver in drivers/misc/. The approach for binding the QDA driver to device-tree nodes while coexisting with the fastrpc driver is an open item described below. RFC thread: https://lore.kernel.org/dri-devel/20260224-qda-firstpost-v1-0-fe46a9c1a046@… User-space staging branch ========================= https://github.com/qualcomm/fastrpc/tree/accel/staging Key Features ============ * Standard DRM accelerator interface via /dev/accel/accelN * GEM-based buffer management with DMA-BUF import/export (PRIME) * IOMMU-based memory isolation using per-process context banks * FastRPC protocol implementation for DSP communication * RPMsg transport layer for reliable message passing * Support for all DSP domains (ADSP, CDSP, SDSP, GDSP) * DRM IOCTL interface for DSP session management, buffer allocation, and remote procedure invocation Architecture ============ 1. DRM Accelerator Framework Integration The driver registers as a DRM accel device, exposing a standard /dev/accel/accelN character device node. This provides established DRM infrastructure for device management, file operations, and IOCTL dispatch. 2. Memory Management Buffers are managed as GEM objects with full PRIME support for DMA-BUF import/export. This enables seamless buffer sharing with other DRM drivers (GPU, camera, video) using standard kernel mechanisms. 3. IOMMU Context Bank Management IOMMU context banks (CBs) are represented as proper struct device instances on a custom virtual bus (qda-compute-cb). Each CB device is registered with the IOMMU subsystem and receives its own IOMMU domain, enabling per-session address space isolation. The custom bus was introduced because IOMMU context banks are synthetic constructs — not real platform devices — and to ensure CB device lifetime is strictly subordinate to the parent QDA device. See also: https://lore.kernel.org/all/245d602f-3037-4ae3-9af9-d98f37258aae@oss.qualco… 4. Memory Manager Architecture A pluggable memory manager coordinates IOMMU device assignment and buffer allocation. The current implementation uses a DMA-coherent backend with SID-prefixed DMA addresses for DSP firmware compatibility. 5. Transport Layer RPMsg communication is handled in a dedicated transport layer (qda_rpmsg.c), separate from the core DRM driver logic. 6. Code Organization The driver is organized across multiple files (~4600 lines total): * qda_drv.c: Core driver and DRM integration * qda_rpmsg.c: RPMsg transport layer * qda_cb.c: Context bank device management * qda_compute_bus.c: Custom virtual bus for CB devices * qda_gem.c: GEM object management * qda_prime.c: DMA-BUF import (PRIME) * qda_memory_manager.c: IOMMU device registry and allocation * qda_memory_dma.c: DMA-coherent allocation backend * qda_fastrpc.c: FastRPC protocol implementation * qda_ioctl.c: IOCTL dispatch 7. UAPI Design The driver exposes DRM-style IOCTLs defined in include/uapi/drm/qda_accel.h, following DRM UAPI conventions (__u32/__u64 types, C++ guard, GPL-2.0-only WITH Linux-syscall-note). Patch Series Organization ========================== Patch 01: MAINTAINERS entry Patch 02: Driver documentation (Documentation/accel/qda/) Patches 03-04: Core driver skeleton and compute bus Patch 05: iommu: Register qda-compute-cb bus with IOMMU subsystem Patches 06-07: CB device enumeration and memory manager Patch 08: QUERY IOCTL and UAPI header Patches 09-11: GEM buffer management and PRIME import Patches 12-15: FastRPC protocol (invoke, session create/release, map/unmap) Open Items =========== 1. Device-Tree Compatible String The QDA driver uses the same device-tree node structure and properties as the existing fastrpc driver in drivers/misc/. A mechanism is needed to allow the QDA driver to bind to its device node independently of the fastrpc driver. The intended coexistence model is: platforms that require the complete fastrpc feature set continue to use "qcom,fastrpc"; new platforms where a feature available only in QDA takes priority, or where QDA's current feature set is sufficient, use a QDA-specific compatible string. New feature development is directed toward QDA rather than the existing fastrpc driver. As QDA matures toward feature parity with fastrpc, platforms can adopt the QDA-specific compatible string exclusively. The options under consideration are: a) Add a new "qcom,qda" compatible string to the existing qcom,fastrpc.yaml binding, since the DT node structure and properties are identical. This avoids a separate binding file but adds a QDA-specific string to a fastrpc binding. b) Introduce a separate qcom,qda.yaml binding that references or inherits the fastrpc binding properties. Seeking guidance from DT binding maintainers on the preferred approach. 2. Privilege Level Management Currently, daemon processes and user processes have the same access level as both use the same accel device node. This needs to be addressed as daemons attach to privileged DSP protection domains and require higher privilege levels for system-level operations. Seeking guidance on the best approach: separate device nodes, capability-based checks, or DRM master/authentication mechanisms. 3. UAPI Compatibility Layer A compatibility layer is needed to facilitate migration of client applications from the existing FastRPC UAPI to the new QDA UAPI, ensuring a smooth transition for existing userspace code. Seeking guidance on the preferred implementation approach: in-kernel translation layer, userspace wrapper library, or hybrid solution. An initial evaluation of an in-kernel translation shim was performed, where legacy FastRPC device nodes (/dev/fastrpc-*) are exposed and requests are internally routed to the QDA accel driver. The goal was to keep the compatibility layer minimal, reuse existing QDA helper paths (attach, buffer allocation, mapping, etc.), and avoid duplication of GEM and buffer management logic. However, the following challenges were identified: a) Dependency on drm_file for QDA helpers QDA relies on GEM-backed allocations and per-client handle namespaces, which require a valid struct drm_file. Since GEM handles are scoped per drm_file, the compatibility layer cannot directly reuse QDA helper paths without establishing a proper drm_file context for each client. b) Lack of public API for drm_file creation Creating a drm_file directly (similar to mock_drm_getfile()-style approaches) is not feasible, as the required helpers (drm_file_alloc(), drm_file_free(), etc.) are internal to the DRM core and not exported. This prevents external drivers from safely constructing and managing drm_file instances. c) VFS-based open is not a viable solution Opening the underlying accel device (/dev/accel/accelN) from the compatibility driver via filp_open() does provide a valid drm_file, but introduces reliance on userspace-visible device paths, lack of stability in containerized or chroot environments, and no clean mapping between legacy device nodes and accel devices. d) Userspace proxy limitations (CUSE) A CUSE-based userspace proxy was evaluated. However, DMA-buf file descriptors passed by legacy applications cannot be directly reused in the CUSE daemon (file descriptors are process-specific), which breaks buffer sharing semantics. e) drm_client-based approaches do not match requirements drm_client APIs (used for fbdev emulation) rely on a shared drm_file and do not provide the per-client isolation required by FastRPC semantics. Due to the above constraints, it is currently unclear how to implement an in-kernel compatibility layer that correctly handles per-client drm_file contexts without relying on VFS paths or non-exported DRM internals. 4. Documentation Improvements Add detailed IOCTL usage examples, document DSP firmware interface requirements, and create a migration guide from the existing FastRPC driver. 5. Per-Session Memory Allocation Develop a userspace API to support memory allocation on a per-session basis, enabling session-specific memory management. 6. Audio and Sensors PD Support The current series does not handle Audio PD and Sensors PD functionalities. These specialized protection domains require additional support for real-time constraints and power management. Interface Compatibility ======================== The QDA driver uses the same device-tree node structure and child node layout (including "qcom,fastrpc-compute-cb" child nodes) as the existing fastrpc driver. The underlying FastRPC protocol and DSP firmware interface are compatible with the existing fastrpc driver, ensuring that DSP firmware and libraries continue to work without modification. References ========== Previous discussions on this migration: - https://lkml.org/lkml/2024/6/24/479 - https://lkml.org/lkml/2024/6/21/1252 Testing ======= The driver has been tested on Qualcomm platforms with: - Basic FastRPC attach/release operations - DSP process creation and initialization - Memory mapping/unmapping operations - Dynamic invocation with various buffer types - GEM buffer allocation and mmap - PRIME buffer import from other subsystems Signed-off-by: Ekansh Gupta <ekansh.gupta(a)oss.qualcomm.com> --- Ekansh Gupta (15): MAINTAINERS: Add entry for Qualcomm DSP Accelerator (QDA) driver accel/qda: Add QDA driver documentation accel/qda: Add initial QDA DRM accelerator driver accel/qda: Add compute bus for QDA context banks iommu: Add QDA compute context bank bus to iommu_buses accel/qda: Create compute context bank devices on QDA compute bus accel/qda: Add memory manager for CB devices accel/qda: Add QUERY IOCTL and QDA UAPI header accel/qda: Add DMA-backed GEM objects and memory manager integration accel/qda: Add GEM_CREATE and GEM_MMAP_OFFSET IOCTLs accel/qda: Add PRIME DMA-BUF import support accel/qda: Add FastRPC invocation support accel/qda: Add DSP process creation and release accel/qda: Add remote memory mapping to DSP address space accel/qda: Add remote memory unmap from DSP address space Documentation/accel/index.rst | 1 + Documentation/accel/qda/index.rst | 13 + Documentation/accel/qda/qda.rst | 146 +++++ MAINTAINERS | 9 + drivers/accel/Kconfig | 1 + drivers/accel/Makefile | 2 + drivers/accel/qda/Kconfig | 34 + drivers/accel/qda/Makefile | 19 + drivers/accel/qda/qda_cb.c | 146 +++++ drivers/accel/qda/qda_cb.h | 32 + drivers/accel/qda/qda_compute_bus.c | 68 ++ drivers/accel/qda/qda_drv.c | 192 ++++++ drivers/accel/qda/qda_drv.h | 91 +++ drivers/accel/qda/qda_fastrpc.c | 1058 ++++++++++++++++++++++++++++++++ drivers/accel/qda/qda_fastrpc.h | 390 ++++++++++++ drivers/accel/qda/qda_gem.c | 177 ++++++ drivers/accel/qda/qda_gem.h | 62 ++ drivers/accel/qda/qda_ioctl.c | 296 +++++++++ drivers/accel/qda/qda_ioctl.h | 19 + drivers/accel/qda/qda_memory_dma.c | 110 ++++ drivers/accel/qda/qda_memory_dma.h | 17 + drivers/accel/qda/qda_memory_manager.c | 380 ++++++++++++ drivers/accel/qda/qda_memory_manager.h | 75 +++ drivers/accel/qda/qda_prime.c | 184 ++++++ drivers/accel/qda/qda_prime.h | 18 + drivers/accel/qda/qda_rpmsg.c | 248 ++++++++ drivers/accel/qda/qda_rpmsg.h | 30 + drivers/iommu/iommu.c | 4 + include/linux/qda_compute_bus.h | 32 + include/uapi/drm/qda_accel.h | 229 +++++++ 30 files changed, 4083 insertions(+) --- base-commit: 80dd246accce631c328ea43294e53b2b2dd2aa32 change-id: 20260519-qda-series-78c2bf0ed78b Best regards, -- Ekansh Gupta <ekansh.gupta(a)oss.qualcomm.com>

2 weeks, 5 days

[PATCH 00/12] misc/syncobj: add /dev/syncobj device

by Julian Orth

This series adds a new device /dev/syncobj that can be used to create and manipulate DRM syncobjs. Previously, these operations required the use of a DRM device and the device needed to support the DRIVER_SYNCOBJ and DRIVER_SYNCOBJ_TIMELINE features. There are several issues with the existing API: - Syncobjs are the only explicit sync mechanism available on wayland. Most compositors do not use GPU waits. Instead, they use the DRM_IOCTL_SYNCOBJ_EVENTFD ioctl to perform a CPU wait. Being tied to DRM devices means that compositors cannot consistently offer this feature even though no device-specific logic is involved. - llvmpipe currently cannot offer syncobj interop because it does not have access to a DRM device. This means that applications using llvmpipe cannot present images before they have finished rendering, despite llvmpipe using threaded rendering. - Clients that do not use the Vulkan WSI need to manually probe /dev/dri for devices that support the syncobj ioctls in order to use the wayland syncobj protocol. - Similarly, clients that want to use screen capture have no equivalent to the WSI and are therefore forced into that path. - Having to keep a DRM device open has potentially negative interactions with GPU hotplug. - Having to translate between syncobj FDs and handles is troublesome in the compositor usecase since syncobjs come and go frequently and need to be cleaned up when clients disconnect. /dev/syncobj solves these issues by providing all syncobj ioctls under a consistent path that is not tied to any DRM device. It also operates directly on file descriptors instead of syncobj handles. The series starts with a number of small refactorings in drm_syncobj.c to make its functionality available outside of the file and without the need for drm_file/handle pairs. The last commit adds the /dev/syncobj module. I've added it as a misc device but maybe this should instead live somewhere under gpu/drm. An application using the new interface can be found at [1]. [1]: https://github.com/mahkoh/jay/pull/947 --- Julian Orth (12): drm/syncobj: add drm_syncobj_from_fd drm/syncobj: add drm_syncobj_fence_lookup drm/syncobj: make drm_syncobj_array_wait_timeout public drm/syncobj: add drm_syncobj_register_eventfd drm/syncobj: have transfer functions accept drm_syncobj directly drm/syncobj: add drm_syncobj_transfer drm/syncobj: add drm_syncobj_timeline_signal drm/syncobj: add drm_syncobj_query drm/syncobj: fix resource leak in drm_syncobj_import_sync_file_fence drm/syncobj: add drm_syncobj_import_sync_file drm/syncobj: add drm_syncobj_export_sync_file misc/syncobj: add new device Documentation/userspace-api/ioctl/ioctl-number.rst | 1 + drivers/gpu/drm/drm_syncobj.c | 374 ++++++++++++++----- drivers/misc/Kconfig | 10 + drivers/misc/Makefile | 1 + drivers/misc/syncobj.c | 404 +++++++++++++++++++++ include/drm/drm_syncobj.h | 21 ++ include/uapi/linux/syncobj.h | 75 ++++ 7 files changed, 795 insertions(+), 91 deletions(-) --- base-commit: 6916d5703ddf9a38f1f6c2cc793381a24ee914c6 change-id: 20260516-jorth-syncobj-d4d374c8c61b Best regards, -- Julian Orth <ju.orth(a)gmail.com>

2 weeks, 5 days

[PATCH] dma-buf: system_heap: Use LIST_HEAD() to initialize on stack list head

by Jisheng Zhang

Use LIST_HEAD to initialize on stack list head. No intentional functional impact. Change generated with below coccinelle script: @@ identifier name; @@ - struct list_head name; + LIST_HEAD(name); ... when != name - INIT_LIST_HEAD(&name); Signed-off-by: Jisheng Zhang <jszhang(a)kernel.org> --- drivers/dma-buf/heaps/system_heap.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/drivers/dma-buf/heaps/system_heap.c b/drivers/dma-buf/heaps/system_heap.c index 03c2b87cb111..6f8b7138ff56 100644 --- a/drivers/dma-buf/heaps/system_heap.c +++ b/drivers/dma-buf/heaps/system_heap.c @@ -409,7 +409,7 @@ static struct dma_buf *system_heap_allocate(struct dma_heap *heap, struct dma_buf *dmabuf; struct sg_table *table; struct scatterlist *sg; - struct list_head pages; + LIST_HEAD(pages); struct page *page, *tmp_page; int i, ret = -ENOMEM; @@ -423,7 +423,6 @@ static struct dma_buf *system_heap_allocate(struct dma_heap *heap, buffer->len = len; buffer->cc_shared = cc_shared; - INIT_LIST_HEAD(&pages); i = 0; while (size_remaining > 0) { /* -- 2.53.0

2 weeks, 5 days

[PATCH RFC 0/5] memcg: dma-buf per-cgroup accounting via pid_fd

by Albert Esteve

This RFC builds on T.J. Mercier's earlier series [1] which added a memory.stat counter for exported dma-bufs and a binder-backed mechanism to transfer charges between cgroups. The first commit is taken almost verbatim from TJ's series: it introduces MEMCG_DMABUF as a dedicated per-cgroup stat, so that the total exported dma-buf footprint is visible both system-wide (via the root cgroup) and per-application (via per-process cgroups). This avoids the overhead of DMABUF_SYSFS_STATS and integrates naturally into the existing cgroup memory hierarchy. The rest of the series departs from TJ's approach. While the first commit introduces the memcg stat infrastructure for dmabufs, the export-time charging it introduces in dma_buf_export() is then superseded: we charge at dma_heap_ioctl_allocate() time, using a new charge_pid_fd field in struct dma_heap_allocation_data. The allocator opens a pidfd for its client (e.g., from binder's sender_pid), passes it to the ioctl, and the kernel charges the buffer directly to the client's cgroup at allocation time, so no transfer step is needed. This decouples the accounting path from binder entirely: any allocator that knows its client's PID can use the pid_fd mechanism regardless of the IPC transport in use. The cross-cgroup charging capability requires access control. Patches #3 and #4 add a generic LSM hook (security_dma_heap_alloc) and an SELinux implementation based on a new dma_heap object class with a charge_to permission, so policy authors can express which domains are allowed to charge memory to another domain's cgroup. Last patch adds some tests to verify the new charge_pid_fd field. We are sending it as an RFC to spark broader discussion. It may or may not be the right path forward, and we welcome feedback on the trade-offs. Collision note: Eric Chanudet's series [2] adds __GFP_ACCOUNT to system_heap page allocations as an opt-in module parameter. That approach charges pages to the allocator's own kmem, which overlaps with MEMCG_DMABUF. This series explicitly removes __GFP_ACCOUNT from system heap allocations and routes all accounting through the MEMCG_DMABUF path to avoid double-counting. [1] https://lore.kernel.org/cgroups/20230109213809.418135-1-tjmercier@google.co… [2] https://lore.kernel.org/r/20260113-dmabuf-heap-system-memcg-v2-0-e85722cc2f… Signed-off-by: Albert Esteve <aesteve(a)redhat.com> --- Albert Esteve (4): dma-heap: charge dma-buf memory via explicit memcg security: dma-heap: Add dma_heap_alloc LSM hook selinux: Restrict cross-cgroup dma-heap charging selftests/dmabuf-heaps: Add dma-buf memcg accounting tests T.J. Mercier (1): memcg: Track exported dma-buffers Documentation/admin-guide/cgroup-v2.rst | 5 + drivers/dma-buf/dma-buf.c | 7 + drivers/dma-buf/dma-heap.c | 54 +++++- drivers/dma-buf/heaps/system_heap.c | 2 - include/linux/dma-buf.h | 4 + include/linux/lsm_hook_defs.h | 1 + include/linux/memcontrol.h | 37 ++++ include/linux/security.h | 7 + include/uapi/linux/dma-heap.h | 6 + mm/memcontrol.c | 19 ++ security/security.c | 16 ++ security/selinux/hooks.c | 7 + security/selinux/include/classmap.h | 1 + tools/testing/selftests/cgroup/Makefile | 2 +- tools/testing/selftests/cgroup/test_memcontrol.c | 143 +++++++++++++- tools/testing/selftests/dmabuf-heaps/config | 1 + tools/testing/selftests/dmabuf-heaps/dmabuf-heap.c | 126 ++++++++++++- tools/testing/selftests/dmabuf-heaps/vmtest.sh | 205 +++++++++++++++++++++ 18 files changed, 633 insertions(+), 10 deletions(-) --- base-commit: 74fe02ce122a6103f207d29fafc8b3a53de6abaf change-id: 20260508-v2_20230123_tjmercier_google_com-f44fcfb16530 Best regards, -- Albert Esteve <aesteve(a)redhat.com>

2 weeks, 6 days

Re: [PATCH 4/8] drm/panthor: Add support for protected memory allocation in panthor

by Boris Brezillon

On Thu, 7 May 2026 11:02:26 +0200 Marcin Ślusarz <marcin.slusarz(a)arm.com> wrote: > On Tue, May 05, 2026 at 06:15:23PM +0200, Boris Brezillon wrote: > > > @@ -277,9 +286,21 @@ int panthor_device_init(struct panthor_device *ptdev) > > > return ret; > > > } > > > > > > + /* If a protected heap name is specified but not found, defer the probe until created */ > > > + if (protected_heap_name && strlen(protected_heap_name)) { > > > > Do we really need this strlen() > 0? Won't dma_heap_find() fail is the > > name is "" already? > > If dma_heap_find() will fail, then the whole probe with fail too. > This check prevents that. Yeah, that's also a questionable design choice. I mean, we can currently probe and boot the FW even though we never setup the protected FW sections, so why should we defer the probe here? Can't we just retry the next time a group with the protected bit is created and fail if we can find a protected heap? > I'm not sure why it's needed at all, but if > it is really needed, then s/strlen(protected_heap_name)/protected_heap_name[0]/ > would simplify this. It's not so much about how you do the test, and more about the case you're trying to protect against. I guess here you assume that panthor.protected_heap_name="" means "I don't have a protected heap for you". If it's deemed acceptable, this should most certainly be described somewhere. > > > > + ptdev->protm.heap = dma_heap_find(protected_heap_name); > > > + if (!ptdev->protm.heap) { > > > + drm_warn(&ptdev->base, > > > + "Protected heap \'%s\' not (yet) available - deferring probe", > > > + protected_heap_name); > > > + ret = -EPROBE_DEFER; > > > + goto err_rpm_put; > > > > If you move the heap retrieval before the rpm enablement, you can get > > rid of this goto err_rpm_put. > > > > > + } > > > + } > > > + > > > ret = panthor_hw_init(ptdev); > > > if (ret) > > > - goto err_rpm_put; > > > + goto err_dma_heap_put; > > > > > > ret = panthor_pwr_init(ptdev); > > > if (ret)

2 weeks, 6 days

[PATCH V2] accel/amdxdna: Remove mmap and export support for ubuf

by Lizhi Hou

Ubuf pages should not be mmaped or exported. Remove the ubuf mmap callback and return -EOPNOTSUPP when exporting ubuf objects. ubuf vmap is also removed for there is not a real use case yet. Fixes: bd72d4acda10 ("accel/amdxdna: Support user space allocated buffer") Cc: Christian Koenig <christian.koenig(a)amd.com> Signed-off-by: Lizhi Hou <lizhi.hou(a)amd.com> --- v2: Remove dead code amdxdna_ubuf_vm_ops structure and amdxdna_ubuf_vm_fault function. Rename Non-exportable buffer flag from 'pri' to 'private_buffer' drivers/accel/amdxdna/amdxdna_gem.c | 9 ++++- drivers/accel/amdxdna/amdxdna_gem.h | 2 ++ drivers/accel/amdxdna/amdxdna_ubuf.c | 50 ---------------------------- 3 files changed, 10 insertions(+), 51 deletions(-) diff --git a/drivers/accel/amdxdna/amdxdna_gem.c b/drivers/accel/amdxdna/amdxdna_gem.c index 319d2064fafa..6b9b556de555 100644 --- a/drivers/accel/amdxdna/amdxdna_gem.c +++ b/drivers/accel/amdxdna/amdxdna_gem.c @@ -492,6 +492,9 @@ static struct dma_buf *amdxdna_gem_prime_export(struct drm_gem_object *gobj, int struct amdxdna_gem_obj *abo = to_xdna_obj(gobj); DEFINE_DMA_BUF_EXPORT_INFO(exp_info); + if (abo->private_buffer) + return ERR_PTR(-EOPNOTSUPP); + if (abo->dma_buf) { get_dma_buf(abo->dma_buf); return abo->dma_buf; @@ -716,6 +719,7 @@ amdxdna_gem_create_ubuf_object(struct drm_device *dev, struct amdxdna_drm_create { struct amdxdna_dev *xdna = to_xdna_dev(dev); struct amdxdna_drm_va_tbl va_tbl; + struct amdxdna_gem_obj *abo; struct drm_gem_object *gobj; struct dma_buf *dma_buf; @@ -742,7 +746,10 @@ amdxdna_gem_create_ubuf_object(struct drm_device *dev, struct amdxdna_drm_create dma_buf_put(dma_buf); - return to_xdna_obj(gobj); + abo = to_xdna_obj(gobj); + abo->private_buffer = true; + + return abo; } static struct amdxdna_gem_obj * diff --git a/drivers/accel/amdxdna/amdxdna_gem.h b/drivers/accel/amdxdna/amdxdna_gem.h index 4fc48a1189d2..957305ccb485 100644 --- a/drivers/accel/amdxdna/amdxdna_gem.h +++ b/drivers/accel/amdxdna/amdxdna_gem.h @@ -54,6 +54,8 @@ struct amdxdna_gem_obj { /* True, if BO is managed by XRT, not application */ bool internal; + /* True, if BO is not exportable */ + bool private_buffer; }; #define to_gobj(obj) (&(obj)->base.base) diff --git a/drivers/accel/amdxdna/amdxdna_ubuf.c b/drivers/accel/amdxdna/amdxdna_ubuf.c index 3769210c55cc..bb60fb80467e 100644 --- a/drivers/accel/amdxdna/amdxdna_ubuf.c +++ b/drivers/accel/amdxdna/amdxdna_ubuf.c @@ -69,60 +69,10 @@ static void amdxdna_ubuf_release(struct dma_buf *dbuf) kfree(ubuf); } -static vm_fault_t amdxdna_ubuf_vm_fault(struct vm_fault *vmf) -{ - struct vm_area_struct *vma = vmf->vma; - struct amdxdna_ubuf_priv *ubuf; - unsigned long pfn; - pgoff_t pgoff; - - ubuf = vma->vm_private_data; - pgoff = (vmf->address - vma->vm_start) >> PAGE_SHIFT; - - pfn = page_to_pfn(ubuf->pages[pgoff]); - return vmf_insert_pfn(vma, vmf->address, pfn); -} - -static const struct vm_operations_struct amdxdna_ubuf_vm_ops = { - .fault = amdxdna_ubuf_vm_fault, -}; - -static int amdxdna_ubuf_mmap(struct dma_buf *dbuf, struct vm_area_struct *vma) -{ - struct amdxdna_ubuf_priv *ubuf = dbuf->priv; - - vma->vm_ops = &amdxdna_ubuf_vm_ops; - vma->vm_private_data = ubuf; - vm_flags_set(vma, VM_PFNMAP | VM_DONTEXPAND | VM_DONTDUMP); - - return 0; -} - -static int amdxdna_ubuf_vmap(struct dma_buf *dbuf, struct iosys_map *map) -{ - struct amdxdna_ubuf_priv *ubuf = dbuf->priv; - void *kva; - - kva = vmap(ubuf->pages, ubuf->nr_pages, VM_MAP, PAGE_KERNEL); - if (!kva) - return -EINVAL; - - iosys_map_set_vaddr(map, kva); - return 0; -} - -static void amdxdna_ubuf_vunmap(struct dma_buf *dbuf, struct iosys_map *map) -{ - vunmap(map->vaddr); -} - static const struct dma_buf_ops amdxdna_ubuf_dmabuf_ops = { .map_dma_buf = amdxdna_ubuf_map, .unmap_dma_buf = amdxdna_ubuf_unmap, .release = amdxdna_ubuf_release, - .mmap = amdxdna_ubuf_mmap, - .vmap = amdxdna_ubuf_vmap, - .vunmap = amdxdna_ubuf_vunmap, }; static int readonly_va_entry(struct amdxdna_drm_va_entry *va_ent) -- 2.34.1

2 weeks, 6 days

[PATCH 0/9] vfio/pci: Add mmap() for DMABUFs

by Matt Evans

Hi all, This series is based on previous RFCs/discussions: Tech topic: https://lore.kernel.org/linux-iommu/20250918214425.2677057-1-amastro@fb.com/ RFCv1: https://lore.kernel.org/all/20260226202211.929005-1-mattev@meta.com/ RFCv2: https://lore.kernel.org/kvm/20260312184613.3710705-1-mattev@meta.com/ The background/rationale is covered in more detail in the RFC cover letters. The TL;DR is: The goal is to enable userspace driver designs that use VFIO to export DMABUFs representing subsets of PCI device BARs, and "vend" those buffers from a primary process to other subordinate processes by fd. These processes then mmap() the buffers and their access to the device is isolated to the exported ranges. This is an improvement on sharing the VFIO device fd to subordinate processes, which would allow unfettered access . This is achieved by enabling mmap() of vfio-pci DMABUFs. Second, a new ioctl()-based revocation mechanism is added to allow the primary process to forcibly revoke access to previously-shared BAR spans, even if the subordinate processes haven't cleanly exited. (The related topic of safe delegation of iommufd control to the subordinate processes is not addressed here, and is follow-up work.) As well as isolation and revocation, another advantage to accessing a BAR through a VMA backed by a DMABUF is that it's straightforward to create the buffer with access attributes, such as write-combining. Notes on patches ================ Feedback from the RFCs requested that, instead of creating DMABUF-specific vm_ops and .fault paths, to go the whole way and migrate the existing VFIO PCI BAR mmap() to be backed by a DMABUF too, resulting in a common vm_ops and fault handler for mmap()s of both the VFIO device and explicitly-exported DMABUFs. This has been done for vfio-pci, but not sub-drivers (nvgrace-gpu's special-case mappings are unchanged). vfio/pci: Fix vfio_pci_dma_buf_cleanup() double-put A bug fix to a related are, whose context is a depdency for later patches. vfio/pci: Add a helper to look up PFNs for DMABUFs vfio/pci: Add a helper to create a DMABUF for a BAR-map VMA The first is for a DMABUF VMA fault handler to determine arbitrary-sized PFNs from ranges in DMABUF. Secondly, refactor DMABUF export for use by the existing export feature and a new helper that creates a DMABUF corresponding to a VFIO BAR mmap() request. vfio/pci: Convert BAR mmap() to use a DMABUF The vfio-pci core mmap() creates a DMABUF with the helper, and the vm_ops fault handler uses the other helper to resolve the fault. Because this depends on DMABUF structs/code, CONFIG_VFIO_PCI_CORE needs to depend on CONFIG_DMA_SHARED_BUFFER. The CONFIG_VFIO_PCI_DMABUF still conditionally enables the export support code. NOTE: The user mmap()s a device fd, but the resulting VMA's vm_file becomes that of the DMABUF which takes ownership of the device and puts it on release. This maintains the existing behaviour of a VMA keeping the VFIO device open. BAR zapping then happens via the existing vfio_pci_dma_buf_move() path, which now needs to unmap PTEs in the DMABUF's address_space. vfio/pci: Provide a user-facing name for BAR mappings There was a request for decent debug naming in /proc/<pid>/maps etc. comparable to the existing VFIO names: since the VMAs are DMABUFs, they have a "dmabuf:" prefix and can't be 100% identical to before. This is a user-visible change, but this patch at least now gives us extra info on the BDF & BAR being mapped. vfio/pci: Clean up BAR zap and revocation In general (see NOTE!) the vfio_pci_zap_bars() is now obsolete, since it unmaps PTEs in the VFIO device address_space which is now unused. This consolidates all calls (e.g. around reset) with the neighbouring vfio_pci_dma_buf_move()s into new functions, to revoke-zap/unrevoke. NOTE: the nvgrace-gpu driver continues to use its own private vm_ops, fault handler, etc. for its special memregions, and these DO still add PTEs to the VFIO device address_space. So, a temporary flag, vdev->bar_needs_zap, maintains the old behaviour for this use. At least this patch's consolidation makes it easy to remove the remaining zap when this need goes away. A FIXME is added: if nvgrace-gpu is converted to DMABUFs, remove the flag and final zap. vfio/pci: Support mmap() of a VFIO DMABUF Adds mmap() for a DMABUF fd exported from vfio-pci. It was a goal to keep the VFIO device fd lifetime behaviour unchanged with respect to the DMABUFs. An application can close all device fds, and this will revoke/clean up all DMABUFs; no mappings or other access can be performed now. When enabling mmap() of the DMABUFs, this means access through the VMA is also revoked. This complicates the fault handler because whilst the DMABUF exists, it has no guarantee that the corresponding VFIO device is still alive. Adds synchronisation ensuring the vdev is available before vdev->memory_lock is touched. (I decided against the alternative of preventing cleanup by holding the VFIO device open if any DMABUFs exist, because it's both a change of behaviour and less clean overall.) I've added a chonky comment in place, happy to clarify more if you have ideas. vfio/pci: Permanently revoke a DMABUF on request By weight, this is mostly a rename of revoked to an enum, status. There are now 3 states for a buffer, usable and revoked temporary/permanent. A new VFIO device ioctl is added, VFIO_DEVICE_PCI_DMABUF_REVOKE, which passes a DMABUF (exported from that device) and permanently revokes it. Thus a userspace driver can guarantee any downstream consumers of a shared fd are prevented from accessing a BAR range, and that range can be reused. The code doing revocation in vfio_pci_dma_buf_move() is moved, unchanged, to a common function for use by _move() and the new ioctl path. Q: I can't think of a good reason to temporarily revoke/unrevoke buffers from userspace, so didn't add a 'flags' field to the ioctl struct. Easy to add if people think it's worthwhile for future use. vfio/pci: Add mmap() attributes to DMABUF feature Reserves bits [31:28] in vfio_device_feature_dma_buf to allow a (CPU) mapping attribute to be specified for an exported set of ranges. The default is the current UC, and a new flag can specify CPU access as WC. Q: I've taken 4 bits; the intention is for this field to be a scalar not a bitmap (i.e. mutually-exclusive access properties). Perhaps 4 is a bit too many? Testing ======= (The [RFC ONLY] userspace test program, for QEMU edu-plus, has been dropped, but can be found in the GitHub branch below.) This code has been tested in mapping DMABUFs of single/multiple ranges, aliasing mmap()s, aliasing ranges across DMABUFs, vm_pgoff > 0, revocation, shutdown/cleanup scenarios, and hugepage mappings seem to work correctly. I've lightly tested WC mappings also (by observing resulting PTEs as having the correct attributes...). No regressions observed on the VFIO selftests, or on our internal vfio-pci applications. End === This is based on -next (next-20260414 but will merge earlier), as it depends on Leon's series "vfio: Wait for dma-buf invalidation to complete": https://lore.kernel.org/linux-iommu/20260205-nocturnal-poetic-chamois-f566a… These commits are on GitHub, along with "[RFC ONLY] selftests: vfio: Add standalone vfio_dmabuf_mmap_test": https://github.com/metamev/linux/compare/next-20260414...metamev:linux:dev/… Thanks for reading, Matt ================================================================================ Change log: v1: - Cleanup of the common DMABUF-aware VMA vm_ops fault handler and export code. - Fixed a lot of races, particularly faults racing with DMABUF cleanup (if the VFIO device fds close, for example). - Added nicer human-readable names for VFIO mmap() VMAs RFCv2: Respin based on the feedback/suggestions: https://lore.kernel.org/kvm/20260312184613.3710705-1-mattev@meta.com/ - Transform the existing VFIO BAR mmap path to also use DMABUFs behind the scenes, and then simply share that code for explicitly-mapped DMABUFs. Jason wanted to go that direction to enable iommufd VFIO type 1 emulation to pick up a DMABUF for an IO mapping. - Revoke buffers using a VFIO device fd ioctl RFCv1: https://lore.kernel.org/all/20260226202211.929005-1-mattev@meta.com/ Matt Evans (9): vfio/pci: Fix vfio_pci_dma_buf_cleanup() double-put vfio/pci: Add a helper to look up PFNs for DMABUFs vfio/pci: Add a helper to create a DMABUF for a BAR-map VMA vfio/pci: Convert BAR mmap() to use a DMABUF vfio/pci: Provide a user-facing name for BAR mappings vfio/pci: Clean up BAR zap and revocation vfio/pci: Support mmap() of a VFIO DMABUF vfio/pci: Permanently revoke a DMABUF on request vfio/pci: Add mmap() attributes to DMABUF feature drivers/vfio/pci/Kconfig | 3 +- drivers/vfio/pci/Makefile | 3 +- drivers/vfio/pci/nvgrace-gpu/main.c | 5 + drivers/vfio/pci/vfio_pci_config.c | 30 +- drivers/vfio/pci/vfio_pci_core.c | 224 ++++++++++--- drivers/vfio/pci/vfio_pci_dmabuf.c | 500 +++++++++++++++++++++++----- drivers/vfio/pci/vfio_pci_priv.h | 49 ++- include/linux/vfio_pci_core.h | 1 + include/uapi/linux/vfio.h | 42 ++- 9 files changed, 690 insertions(+), 167 deletions(-) -- 2.47.3

2 weeks, 6 days

From Loss to Recovery: Helping You Take Back Control

by carbideinfos＠gmail.com

JimRecoveryTeam outlines digital hoax tracing and reclamation-related services, mentioning no upfront fees. It also offers confidential consultations.

2 weeks, 6 days

[PATCH v3] drm/virtio: use uninterruptible resv lock for plane updates

by Deepanshu Kartikey

virtio_gpu_cursor_plane_update() and virtio_gpu_resource_flush() lock the framebuffer BO's dma_resv via virtio_gpu_array_lock_resv() and ignore its return value. The function can fail with -EINTR from dma_resv_lock_interruptible() (signal during lock wait) or with -ENOMEM from dma_resv_reserve_fences() (fence slot allocation), leaving the resv lock not held. The queue path then walks the object array and calls dma_resv_add_fence(), which requires the lock held; with lockdep enabled this trips dma_resv_assert_held(): WARNING: drivers/dma-buf/dma-resv.c:296 at dma_resv_add_fence+0x71e/0x840 Call Trace: virtio_gpu_array_add_fence virtio_gpu_queue_ctrl_sgs virtio_gpu_queue_fenced_ctrl_buffer virtio_gpu_cursor_plane_update drm_atomic_helper_commit_planes drm_atomic_helper_commit_tail commit_tail drm_atomic_helper_commit drm_atomic_commit drm_atomic_helper_update_plane __setplane_atomic drm_mode_cursor_universal drm_mode_cursor_common drm_mode_cursor_ioctl drm_ioctl __x64_sys_ioctl Beyond the WARN, mutating the dma_resv fence list without the lock races with concurrent readers/writers and can corrupt the list. Both call sites run inside the .atomic_update plane callback, which DRM atomic helpers do not allow to fail (by the time it runs, the commit has been signed off to userspace and there is no clean rollback path). Moving the lock acquisition to .prepare_fb (v2) was rejected because the broader lock scope deadlocks against other BO locking paths in the same atomic commit. Introduce virtio_gpu_array_lock_resv_uninterruptible() that uses dma_resv_lock() instead of dma_resv_lock_interruptible() on the nents==1 path. This eliminates the -EINTR failure mode -- the realistic syzbot trigger -- without extending the lock hold across the commit. Use it from both virtio_gpu_cursor_plane_update() and virtio_gpu_resource_flush(); check the return value to handle the remaining -ENOMEM case by freeing the objs and skipping the plane update for that frame. The framebuffer BOs touched here are not shared with other contexts and lock contention is expected to be brief, so the loss of signal-interruptibility is acceptable. Other callers of virtio_gpu_array_lock_resv() (the ioctl paths) continue to use the interruptible variant. The bug was reported by syzbot, triggered via fault injection (fail_nth) on the DRM_IOCTL_MODE_CURSOR path, which forces the -ENOMEM branch in dma_resv_reserve_fences(). Reported-by: syzbot+72bd3dd3a5d5f39a0271(a)syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=72bd3dd3a5d5f39a0271 Fixes: 5cfd31c5b3a3 ("drm/virtio: fix virtio_gpu_cursor_plane_update().") Cc: stable(a)vger.kernel.org Signed-off-by: Deepanshu Kartikey <kartikey406(a)gmail.com> --- v3: Per maintainer feedback on v2 (lockup caused by the broader lock scope in prepare_fb conflicting with other BO locking in the same atomic commit): drop the prepare_fb/cleanup_fb approach, introduce an uninterruptible variant of virtio_gpu_array_lock_resv(), and use it in both virtio_gpu_cursor_plane_update() and virtio_gpu_resource_flush(). v2: Move resv lock acquisition from .atomic_update (which must not fail) to .prepare_fb (which may), per maintainer review of v1. The previous approach of silently skipping the cursor update on lock failure violated the atomic-commit contract with userspace. --- drivers/gpu/drm/virtio/virtgpu_drv.h | 1 + drivers/gpu/drm/virtio/virtgpu_gem.c | 24 ++++++++++++++++++++++++ drivers/gpu/drm/virtio/virtgpu_plane.c | 10 ++++++++-- 3 files changed, 33 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/virtio/virtgpu_drv.h b/drivers/gpu/drm/virtio/virtgpu_drv.h index f17660a71a3e..43a7eb568e15 100644 --- a/drivers/gpu/drm/virtio/virtgpu_drv.h +++ b/drivers/gpu/drm/virtio/virtgpu_drv.h @@ -317,6 +317,7 @@ virtio_gpu_array_from_handles(struct drm_file *drm_file, u32 *handles, u32 nents void virtio_gpu_array_add_obj(struct virtio_gpu_object_array *objs, struct drm_gem_object *obj); int virtio_gpu_array_lock_resv(struct virtio_gpu_object_array *objs); +int virtio_gpu_array_lock_resv_uninterruptible(struct virtio_gpu_object_array *objs); void virtio_gpu_array_unlock_resv(struct virtio_gpu_object_array *objs); void virtio_gpu_array_add_fence(struct virtio_gpu_object_array *objs, struct dma_fence *fence); diff --git a/drivers/gpu/drm/virtio/virtgpu_gem.c b/drivers/gpu/drm/virtio/virtgpu_gem.c index f22dc5c21cd4..08c4b7ef8d44 100644 --- a/drivers/gpu/drm/virtio/virtgpu_gem.c +++ b/drivers/gpu/drm/virtio/virtgpu_gem.c @@ -238,6 +238,30 @@ int virtio_gpu_array_lock_resv(struct virtio_gpu_object_array *objs) return ret; } +int virtio_gpu_array_lock_resv_uninterruptible(struct virtio_gpu_object_array *objs) +{ + unsigned int i; + int ret = 0; + + if (objs->nents == 1) { + dma_resv_lock(objs->objs[0]->resv, NULL); + } else { + ret = drm_gem_lock_reservations(objs->objs, objs->nents, + &objs->ticket); + if (ret) + return ret; + } + + for (i = 0; i < objs->nents; ++i) { + ret = dma_resv_reserve_fences(objs->objs[i]->resv, 1); + if (ret) { + virtio_gpu_array_unlock_resv(objs); + return ret; + } + } + return 0; +} + void virtio_gpu_array_unlock_resv(struct virtio_gpu_object_array *objs) { if (objs->nents == 1) { diff --git a/drivers/gpu/drm/virtio/virtgpu_plane.c b/drivers/gpu/drm/virtio/virtgpu_plane.c index a126d1b25f46..ef118cb4f0fa 100644 --- a/drivers/gpu/drm/virtio/virtgpu_plane.c +++ b/drivers/gpu/drm/virtio/virtgpu_plane.c @@ -215,7 +215,10 @@ static void virtio_gpu_resource_flush(struct drm_plane *plane, if (!objs) return; virtio_gpu_array_add_obj(objs, vgfb->base.obj[0]); - virtio_gpu_array_lock_resv(objs); + if (virtio_gpu_array_lock_resv_uninterruptible(objs)) { + virtio_gpu_array_put_free(objs); + return; + } virtio_gpu_cmd_resource_flush(vgdev, bo->hw_res_handle, x, y, width, height, objs, vgplane_st->fence); @@ -459,7 +462,10 @@ static void virtio_gpu_cursor_plane_update(struct drm_plane *plane, if (!objs) return; virtio_gpu_array_add_obj(objs, vgfb->base.obj[0]); - virtio_gpu_array_lock_resv(objs); + if (virtio_gpu_array_lock_resv_uninterruptible(objs)) { + virtio_gpu_array_put_free(objs); + return; + } virtio_gpu_cmd_transfer_to_host_2d (vgdev, 0, plane->state->crtc_w, -- 2.43.0

2 weeks, 6 days

← Newer
1
...
8
9
10
11
12
13
14
...
663
Older →

Jump to page:

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

Linaro-mm-sig