diff mbox series

[v8,01/20] remoteproc: k3-m4: Prevent Mailbox level IPC with detached core

Message ID 20250103101231.1508151-2-b-padhi@ti.com (mailing list archive)
State New
Headers show
Series Refactor TI K3 DSP and M4 Drivers | expand

Commit Message

Beleswar Prasad Padhi Jan. 3, 2025, 10:12 a.m. UTC
Inter-Processor Communication is facilitated through mailbox payloads,
which typically contains the index of the triggered virtqueue having the
actual data to be consumed, but the payload can also be used for trivial
communication, like sending an echo message or notifying a crash etc.
When the core is detached, the virtqueues are freed, and thus the Virtio
level IPC is not functional. However, Mailbox IPC is still possible with
trivial payloads.

Therefore, introduce checks in k3_m4_rproc_kick() and
k3_m4_rproc_mbox_callback() functions to return early without parsing
the payload when core is detached, and is not undergoing an attach
operation in IPC-only mode.

Signed-off-by: Beleswar Padhi <b-padhi@ti.com>
---
 drivers/remoteproc/ti_k3_m4_remoteproc.c | 41 ++++++++++++++++++++----
 1 file changed, 35 insertions(+), 6 deletions(-)

Comments

Beleswar Prasad Padhi Jan. 8, 2025, 8:49 a.m. UTC | #1
On 03/01/25 15:42, Beleswar Padhi wrote:
> Inter-Processor Communication is facilitated through mailbox payloads,
> which typically contains the index of the triggered virtqueue having the
> actual data to be consumed, but the payload can also be used for trivial
> communication, like sending an echo message or notifying a crash etc.
> When the core is detached, the virtqueues are freed, and thus the Virtio
> level IPC is not functional. However, Mailbox IPC is still possible with
> trivial payloads.
>
> Therefore, introduce checks in k3_m4_rproc_kick() and
> k3_m4_rproc_mbox_callback() functions to return early without parsing
> the payload when core is detached, and is not undergoing an attach
> operation in IPC-only mode.
>
> Signed-off-by: Beleswar Padhi <b-padhi@ti.com>
> ---
>   drivers/remoteproc/ti_k3_m4_remoteproc.c | 41 ++++++++++++++++++++----
>   1 file changed, 35 insertions(+), 6 deletions(-)
>
> diff --git a/drivers/remoteproc/ti_k3_m4_remoteproc.c b/drivers/remoteproc/ti_k3_m4_remoteproc.c
> index a16fb165fced..3201c3684a86 100644
> --- a/drivers/remoteproc/ti_k3_m4_remoteproc.c
> +++ b/drivers/remoteproc/ti_k3_m4_remoteproc.c
> @@ -50,6 +50,7 @@ struct k3_m4_rproc_mem_data {
>   /**
>    * struct k3_m4_rproc - k3 remote processor driver structure
>    * @dev: cached device pointer
> + * @rproc: remoteproc device handle
>    * @mem: internal memory regions data
>    * @num_mems: number of internal memory regions
>    * @rmem: reserved memory regions data
> @@ -60,9 +61,11 @@ struct k3_m4_rproc_mem_data {
>    * @ti_sci_id: TI-SCI device identifier
>    * @mbox: mailbox channel handle
>    * @client: mailbox client to request the mailbox channel
> + * @is_attach_ongoing: flag to indicate if IPC-only "attach()" is in progress


Note: This variable naming will be changed to 'is_attached' (for better 
clarity) in the next revision. I wish to take more feedback for the 
whole series before posting next revision.

Thanks,
Beleswar

>    */
>   struct k3_m4_rproc {
>   	struct device *dev;
> +	struct rproc *rproc;
>   	struct k3_m4_rproc_mem *mem;
>   	int num_mems;
>   	struct k3_m4_rproc_mem *rmem;
> @@ -73,6 +76,7 @@ struct k3_m4_rproc {
>   	u32 ti_sci_id;
>   	struct mbox_chan *mbox;
>   	struct mbox_client client;
> +	bool is_attach_ongoing;
>   };
>   
>   /**
> @@ -93,8 +97,16 @@ static void k3_m4_rproc_mbox_callback(struct mbox_client *client, void *data)
>   {
>   	struct device *dev = client->dev;
>   	struct rproc *rproc = dev_get_drvdata(dev);
> +	struct k3_m4_rproc *kproc = rproc->priv;
>   	u32 msg = (u32)(uintptr_t)(data);
>   
> +	/*
> +	 * Do not forward messages from a detached core, except when the core
> +	 * is in the process of being attached in IPC-only mode.
> +	 */
> +	if (!kproc->is_attach_ongoing && kproc->rproc->state == RPROC_DETACHED)
> +		return;
> +
>   	dev_dbg(dev, "mbox msg: 0x%x\n", msg);
>   
>   	switch (msg) {
> @@ -135,6 +147,12 @@ static void k3_m4_rproc_kick(struct rproc *rproc, int vqid)
>   	u32 msg = (u32)vqid;
>   	int ret;
>   
> +	/*
> +	 * Do not forward messages to a detached core, except when the core
> +	 * is in the process of being attached in IPC-only mode.
> +	 */
> +	if (!kproc->is_attach_ongoing && kproc->rproc->state == RPROC_DETACHED)
> +		return;
>   	/*
>   	 * Send the index of the triggered virtqueue in the mailbox payload.
>   	 * NOTE: msg is cast to uintptr_t to prevent compiler warnings when
> @@ -515,15 +533,19 @@ static int k3_m4_rproc_stop(struct rproc *rproc)
>   /*
>    * Attach to a running M4 remote processor (IPC-only mode)
>    *
> - * The remote processor is already booted, so there is no need to issue any
> - * TI-SCI commands to boot the M4 core. This callback is used only in IPC-only
> - * mode.
> + * This rproc attach callback only needs to set the "is_attach_ongoing" flag to
> + * notify k3_m4_rproc_{kick/mbox_callback} functions that the core is in the
> + * process of getting attached in IPC-only mode. The remote processor is already
> + * booted, so there is no need to issue any TI-SCI commands to boot the M4 core.
> + * This callback is used only in IPC-only mode.
>    */
>   static int k3_m4_rproc_attach(struct rproc *rproc)
>   {
>   	struct k3_m4_rproc *kproc = rproc->priv;
>   	int ret;
>   
> +	kproc->is_attach_ongoing = true;
> +
>   	ret = k3_m4_rproc_ping_mbox(kproc);
>   	if (ret)
>   		return ret;
> @@ -534,12 +556,18 @@ static int k3_m4_rproc_attach(struct rproc *rproc)
>   /*
>    * Detach from a running M4 remote processor (IPC-only mode)
>    *
> - * This rproc detach callback performs the opposite operation to attach
> - * callback, the M4 core is not stopped and will be left to continue to
> - * run its booted firmware. This callback is invoked only in IPC-only mode.
> + * This rproc detach callback performs the opposite operation to attach callback
> + * and only needs to clear the "is_attach_ongoing" flag to ensure no mailbox
> + * messages are sent to or received from a detached core. The M4 core is not
> + * stopped and will be left to continue to run its booted firmware. This
> + * callback is invoked only in IPC-only mode.
>    */
>   static int k3_m4_rproc_detach(struct rproc *rproc)
>   {
> +	struct k3_m4_rproc *kproc = rproc->priv;
> +
> +	kproc->is_attach_ongoing = false;
> +
>   	return 0;
>   }
>   
> @@ -577,6 +605,7 @@ static int k3_m4_rproc_probe(struct platform_device *pdev)
>   	rproc->has_iommu = false;
>   	rproc->recovery_disabled = true;
>   	kproc = rproc->priv;
> +	kproc->rproc = rproc;
>   	kproc->dev = dev;
>   	platform_set_drvdata(pdev, rproc);
>
diff mbox series

Patch

diff --git a/drivers/remoteproc/ti_k3_m4_remoteproc.c b/drivers/remoteproc/ti_k3_m4_remoteproc.c
index a16fb165fced..3201c3684a86 100644
--- a/drivers/remoteproc/ti_k3_m4_remoteproc.c
+++ b/drivers/remoteproc/ti_k3_m4_remoteproc.c
@@ -50,6 +50,7 @@  struct k3_m4_rproc_mem_data {
 /**
  * struct k3_m4_rproc - k3 remote processor driver structure
  * @dev: cached device pointer
+ * @rproc: remoteproc device handle
  * @mem: internal memory regions data
  * @num_mems: number of internal memory regions
  * @rmem: reserved memory regions data
@@ -60,9 +61,11 @@  struct k3_m4_rproc_mem_data {
  * @ti_sci_id: TI-SCI device identifier
  * @mbox: mailbox channel handle
  * @client: mailbox client to request the mailbox channel
+ * @is_attach_ongoing: flag to indicate if IPC-only "attach()" is in progress
  */
 struct k3_m4_rproc {
 	struct device *dev;
+	struct rproc *rproc;
 	struct k3_m4_rproc_mem *mem;
 	int num_mems;
 	struct k3_m4_rproc_mem *rmem;
@@ -73,6 +76,7 @@  struct k3_m4_rproc {
 	u32 ti_sci_id;
 	struct mbox_chan *mbox;
 	struct mbox_client client;
+	bool is_attach_ongoing;
 };
 
 /**
@@ -93,8 +97,16 @@  static void k3_m4_rproc_mbox_callback(struct mbox_client *client, void *data)
 {
 	struct device *dev = client->dev;
 	struct rproc *rproc = dev_get_drvdata(dev);
+	struct k3_m4_rproc *kproc = rproc->priv;
 	u32 msg = (u32)(uintptr_t)(data);
 
+	/*
+	 * Do not forward messages from a detached core, except when the core
+	 * is in the process of being attached in IPC-only mode.
+	 */
+	if (!kproc->is_attach_ongoing && kproc->rproc->state == RPROC_DETACHED)
+		return;
+
 	dev_dbg(dev, "mbox msg: 0x%x\n", msg);
 
 	switch (msg) {
@@ -135,6 +147,12 @@  static void k3_m4_rproc_kick(struct rproc *rproc, int vqid)
 	u32 msg = (u32)vqid;
 	int ret;
 
+	/*
+	 * Do not forward messages to a detached core, except when the core
+	 * is in the process of being attached in IPC-only mode.
+	 */
+	if (!kproc->is_attach_ongoing && kproc->rproc->state == RPROC_DETACHED)
+		return;
 	/*
 	 * Send the index of the triggered virtqueue in the mailbox payload.
 	 * NOTE: msg is cast to uintptr_t to prevent compiler warnings when
@@ -515,15 +533,19 @@  static int k3_m4_rproc_stop(struct rproc *rproc)
 /*
  * Attach to a running M4 remote processor (IPC-only mode)
  *
- * The remote processor is already booted, so there is no need to issue any
- * TI-SCI commands to boot the M4 core. This callback is used only in IPC-only
- * mode.
+ * This rproc attach callback only needs to set the "is_attach_ongoing" flag to
+ * notify k3_m4_rproc_{kick/mbox_callback} functions that the core is in the
+ * process of getting attached in IPC-only mode. The remote processor is already
+ * booted, so there is no need to issue any TI-SCI commands to boot the M4 core.
+ * This callback is used only in IPC-only mode.
  */
 static int k3_m4_rproc_attach(struct rproc *rproc)
 {
 	struct k3_m4_rproc *kproc = rproc->priv;
 	int ret;
 
+	kproc->is_attach_ongoing = true;
+
 	ret = k3_m4_rproc_ping_mbox(kproc);
 	if (ret)
 		return ret;
@@ -534,12 +556,18 @@  static int k3_m4_rproc_attach(struct rproc *rproc)
 /*
  * Detach from a running M4 remote processor (IPC-only mode)
  *
- * This rproc detach callback performs the opposite operation to attach
- * callback, the M4 core is not stopped and will be left to continue to
- * run its booted firmware. This callback is invoked only in IPC-only mode.
+ * This rproc detach callback performs the opposite operation to attach callback
+ * and only needs to clear the "is_attach_ongoing" flag to ensure no mailbox
+ * messages are sent to or received from a detached core. The M4 core is not
+ * stopped and will be left to continue to run its booted firmware. This
+ * callback is invoked only in IPC-only mode.
  */
 static int k3_m4_rproc_detach(struct rproc *rproc)
 {
+	struct k3_m4_rproc *kproc = rproc->priv;
+
+	kproc->is_attach_ongoing = false;
+
 	return 0;
 }
 
@@ -577,6 +605,7 @@  static int k3_m4_rproc_probe(struct platform_device *pdev)
 	rproc->has_iommu = false;
 	rproc->recovery_disabled = true;
 	kproc = rproc->priv;
+	kproc->rproc = rproc;
 	kproc->dev = dev;
 	platform_set_drvdata(pdev, rproc);