| Message ID | 20200214120142.50529-1-hsinyi@chromium.org (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [v2] media: mtk-vpu: avoid unaligned access to DTCM buffer. | expand |
On 2/14/20 1:01 PM, Hsin-Yi Wang wrote: > struct vpu_run *run in vpu_init_ipi_handler() is an ioremapped DTCM (Data > Tightly Coupled Memory) buffer shared with AP. It's not able to do > unaligned access. Otherwise kernel would crash due to unable to handle > kernel paging request. > > struct vpu_run { > u32 signaled; > char fw_ver[VPU_FW_VER_LEN]; > unsigned int dec_capability; > unsigned int enc_capability; > wait_queue_head_t wq; > }; > > fw_ver starts at 4 byte boundary. If system enables > CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS, strscpy() will do > read_word_at_a_time(), which tries to read 8-byte: *(unsigned long *)addr > > Copy the string by memcpy_fromio() for this buffer to avoid unaligned > access. > > Fixes: 85709cbf1524 ("media: replace strncpy() by strscpy()") > Signed-off-by: Hsin-Yi Wang <hsinyi@chromium.org> > --- > Change in v2: > - fix sparse warnings. I still get sparse warnings: drivers/media/platform/mtk-vpu/mtk_vpu.c:710:47: warning: incorrect type in argument 1 (different address spaces) drivers/media/platform/mtk-mdp/mtk_mdp_vpu.c:66:32: warning: incorrect type in argument 3 (incompatible argument 1 (different address spaces)) drivers/media/platform/mtk-vcodec/vdec_vpu_if.c:111:22: warning: incorrect type in assignment (incompatible argument 1 (different address spaces)) drivers/media/platform/mtk-vcodec/venc_vpu_if.c:96:54: warning: incorrect type in argument 3 (incompatible argument 1 (different address spaces)) Regards, Hans > --- > drivers/media/platform/mtk-vpu/mtk_vpu.c | 17 ++++++++++------- > drivers/media/platform/mtk-vpu/mtk_vpu.h | 2 +- > 2 files changed, 11 insertions(+), 8 deletions(-) > > diff --git a/drivers/media/platform/mtk-vpu/mtk_vpu.c b/drivers/media/platform/mtk-vpu/mtk_vpu.c > index a768707abb94..c59373e84a33 100644 > --- a/drivers/media/platform/mtk-vpu/mtk_vpu.c > +++ b/drivers/media/platform/mtk-vpu/mtk_vpu.c > @@ -600,15 +600,18 @@ int vpu_load_firmware(struct platform_device *pdev) > } > EXPORT_SYMBOL_GPL(vpu_load_firmware); > > -static void vpu_init_ipi_handler(void *data, unsigned int len, void *priv) > +static void vpu_init_ipi_handler(void __iomem *data, unsigned int len, > + void *priv) > { > struct mtk_vpu *vpu = (struct mtk_vpu *)priv; > - struct vpu_run *run = (struct vpu_run *)data; > - > - vpu->run.signaled = run->signaled; > - strscpy(vpu->run.fw_ver, run->fw_ver, sizeof(vpu->run.fw_ver)); > - vpu->run.dec_capability = run->dec_capability; > - vpu->run.enc_capability = run->enc_capability; > + struct vpu_run __iomem *run = data; > + > + vpu->run.signaled = readl(&run->signaled); > + memcpy_fromio(vpu->run.fw_ver, run->fw_ver, sizeof(vpu->run.fw_ver)); > + /* Make sure the string is NUL-terminated */ > + vpu->run.fw_ver[sizeof(vpu->run.fw_ver) - 1] = '\0'; > + vpu->run.dec_capability = readl(&run->dec_capability); > + vpu->run.enc_capability = readl(&run->enc_capability); > wake_up_interruptible(&vpu->run.wq); > } > > diff --git a/drivers/media/platform/mtk-vpu/mtk_vpu.h b/drivers/media/platform/mtk-vpu/mtk_vpu.h > index d4453b4bcee9..a7ac351b19c1 100644 > --- a/drivers/media/platform/mtk-vpu/mtk_vpu.h > +++ b/drivers/media/platform/mtk-vpu/mtk_vpu.h > @@ -15,7 +15,7 @@ > * VPU interfaces with other blocks by share memory and interrupt. > **/ > > -typedef void (*ipi_handler_t) (void *data, > +typedef void (*ipi_handler_t) (void __iomem *data, > unsigned int len, > void *priv); > >
diff --git a/drivers/media/platform/mtk-vpu/mtk_vpu.c b/drivers/media/platform/mtk-vpu/mtk_vpu.c index a768707abb94..c59373e84a33 100644 --- a/drivers/media/platform/mtk-vpu/mtk_vpu.c +++ b/drivers/media/platform/mtk-vpu/mtk_vpu.c @@ -600,15 +600,18 @@ int vpu_load_firmware(struct platform_device *pdev) } EXPORT_SYMBOL_GPL(vpu_load_firmware); -static void vpu_init_ipi_handler(void *data, unsigned int len, void *priv) +static void vpu_init_ipi_handler(void __iomem *data, unsigned int len, + void *priv) { struct mtk_vpu *vpu = (struct mtk_vpu *)priv; - struct vpu_run *run = (struct vpu_run *)data; - - vpu->run.signaled = run->signaled; - strscpy(vpu->run.fw_ver, run->fw_ver, sizeof(vpu->run.fw_ver)); - vpu->run.dec_capability = run->dec_capability; - vpu->run.enc_capability = run->enc_capability; + struct vpu_run __iomem *run = data; + + vpu->run.signaled = readl(&run->signaled); + memcpy_fromio(vpu->run.fw_ver, run->fw_ver, sizeof(vpu->run.fw_ver)); + /* Make sure the string is NUL-terminated */ + vpu->run.fw_ver[sizeof(vpu->run.fw_ver) - 1] = '\0'; + vpu->run.dec_capability = readl(&run->dec_capability); + vpu->run.enc_capability = readl(&run->enc_capability); wake_up_interruptible(&vpu->run.wq); } diff --git a/drivers/media/platform/mtk-vpu/mtk_vpu.h b/drivers/media/platform/mtk-vpu/mtk_vpu.h index d4453b4bcee9..a7ac351b19c1 100644 --- a/drivers/media/platform/mtk-vpu/mtk_vpu.h +++ b/drivers/media/platform/mtk-vpu/mtk_vpu.h @@ -15,7 +15,7 @@ * VPU interfaces with other blocks by share memory and interrupt. **/ -typedef void (*ipi_handler_t) (void *data, +typedef void (*ipi_handler_t) (void __iomem *data, unsigned int len, void *priv);
struct vpu_run *run in vpu_init_ipi_handler() is an ioremapped DTCM (Data Tightly Coupled Memory) buffer shared with AP. It's not able to do unaligned access. Otherwise kernel would crash due to unable to handle kernel paging request. struct vpu_run { u32 signaled; char fw_ver[VPU_FW_VER_LEN]; unsigned int dec_capability; unsigned int enc_capability; wait_queue_head_t wq; }; fw_ver starts at 4 byte boundary. If system enables CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS, strscpy() will do read_word_at_a_time(), which tries to read 8-byte: *(unsigned long *)addr Copy the string by memcpy_fromio() for this buffer to avoid unaligned access. Fixes: 85709cbf1524 ("media: replace strncpy() by strscpy()") Signed-off-by: Hsin-Yi Wang <hsinyi@chromium.org> --- Change in v2: - fix sparse warnings. --- drivers/media/platform/mtk-vpu/mtk_vpu.c | 17 ++++++++++------- drivers/media/platform/mtk-vpu/mtk_vpu.h | 2 +- 2 files changed, 11 insertions(+), 8 deletions(-)