[PATCH 1/4] qcom-scm: add ocmem support
Rob Clark
robdclark at gmail.com
Mon Sep 28 16:02:02 PDT 2015
On Mon, Sep 28, 2015 at 6:35 PM, Stephen Boyd <sboyd at codeaurora.org> wrote:
> On 09/28, Bjorn Andersson wrote:
>> On Mon 28 Sep 14:08 PDT 2015, Rob Clark wrote:
>>
>> > On Mon, Sep 28, 2015 at 4:51 PM, Stephen Boyd <sboyd at codeaurora.org> wrote:
>> > > On 09/28, Rob Clark wrote:
>> > >> +bool qcom_scm_ocmem_secure_available(void)
>> > >> +{
>> > >> + int ret = qcom_scm_clk_enable();
>> > >
>> > > I doubt we need to enable clocks to figure out if a call is
>> > > available. Please drop clk stuff here.
>> >
>> > hmm, hdcp did, but pas didn't.. otoh it looks like the call to
>> > __qcom_scm_pas_supported() *should* be wrapped in clk enable/disable..
>> >
>> > And __qcom_scm_is_call_available() does call qcom_scm_call(). Which
>> > is, I assume, what needs the clk's.. so not entirely sure if *all*
>> > the clk enable/disable stuff should be stripped out, or if missing clk
>> > stuff should be added in qcom_scm_pas_supported()..
>> >
>>
>> The scm clocks here are the crypto engine clocks, they are not needed to
>> check if TZ implements PAS for a given processor or not.
>>
>> But it could be argued that this is simply an assumption I make of the
>> black box we're calling into...
>
> Let's not make assumptions. They're not needed to check if it has
> support for something.
>
>>
>> >
>> > >> +
>> > >> + if (ret)
>> > >> + goto clk_err;
>> > >> +
>> > >> + ret = __qcom_scm_is_call_available(QCOM_SCM_OCMEM_SECURE_SVC,
>> > >> + QCOM_SCM_OCMEM_SECURE_CFG);
>> > >> +
>> > >> + qcom_scm_clk_disable();
>> > >> +
>> > >> +clk_err:
>> > >> + return (ret > 0) ? true : false;
>> > >> +}
>> > >> +EXPORT_SYMBOL(qcom_scm_ocmem_secure_available);
>> > >> +
>> [..]
>> > >> +int qcom_scm_ocmem_unlock(uint32_t id, uint32_t offset, uint32_t size)
>> > >> +{
>> > >> + int ret = qcom_scm_clk_enable();
>> > >> +
>> > >> + if (ret)
>> > >> + return ret;
>> > >> +
>> > >> + ret = __qcom_scm_ocmem_unlock(id, offset, size);
>> > >> + qcom_scm_clk_disable();
>> > >> +
>> > >> + return ret;
>> > >> +}
>> > >> +EXPORT_SYMBOL(qcom_scm_ocmem_unlock);
>> > >
>> > > I don't think we need any clocks for lock/unlock/cfg either. The
>> > > scm clocks are some crypto clocks that the secure side isn't able
>> > > to enable and we don't have a device in DT for them. In the ocmem
>> > > case, we should rely on the ocmem device to get the clocks and
>> > > turn them on before calling any scm APIs that may require those
>> > > clocks.
>> >
>> > Hmm, if that is true then we should probably drop the clks for hdcp
>> > fxns too, and maybe add a comment somewhere since it isn't really
>> > clear what the clks are for (and when it is unclear, folks will just
>> > cargo-cult what the existing fxns are doing). As-is it is hard to
>> > tell what is required and what is luck..
>> >
>>
>> I would expect hdcp to use the crypto engines in some way and we don't
>> want people to feel that they should add the random clocks here, so
>> commenting them is probably the way to go.
>
> Yes HDCP uses crypto for something so those clock calls should
> stay. If the clocks were used by a HDCP device then it would be
> like the ocmem case, but it isn't.
>
>>
>> > >> diff --git a/include/linux/qcom_scm.h b/include/linux/qcom_scm.h
>> > >> index 46d41e4..a934457 100644
>> > >> --- a/include/linux/qcom_scm.h
>> > >> +++ b/include/linux/qcom_scm.h
>> > >> @@ -23,10 +23,20 @@ struct qcom_scm_hdcp_req {
>> > >> u32 val;
>> > >> };
>> > >>
>> > >> +extern bool qcom_scm_is_available(void);
>> > >
>> > > Is this used? Looks like noise.
>> >
>> > perhaps should be split out into a separate patch.. but I am using
>> > this, and it seems like a good idea to avoid null ptr deref's of
>> > __scm. Probably some of the scm callers should call this first..
>> > either that or we should make other scm entry points behave better if
>> > __scm is null..
>> >
>>
>> This is part of Andy's platformication, didn't he export it properly?
>> I use it as well from the remoteproc.
>
> Do we probe defer ocmem if scm isn't ready? Maybe we should name
> it qcom_scm_is_probed() and have it return -EPROBE_DEFER if it
> isn't probed and 0 if it is probed. Then drivers just call that
> function and return the error if there is one. I'd rather not
> litter scm_*() APIs with checks to see if the driver has probed
> yet. Just let those crash the system. Of course, this probably
> doesn't matter because we don't need to do any clock stuff here
> anyway.
currently, we just skip the scm calls.. which is maybe not the right
thing. With the various kconfig options in downstream driver, I can't
say I'm really sure if there are any cases where we would skip scm
completely and do everything from kernel..
That said, I'm not a huge fan of 'crash the system' approach in
general.. it's kinda nice if the system can at least boot far enough
to tell what went wrong, especially on devices without serial ports
(or jtag, etc).
If I can assume there should always be scm, then an 'if
(!qcom_scm_is_available()) return -EPROBE_DEFER;' somewhere early on
in the probe seems like the right thing.
BR,
-R
>
> --
> Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum,
> a Linux Foundation Collaborative Project
More information about the dri-devel
mailing list