Message ID | 20240819-smmu-v1-1-bce6e4738825@freebox.fr |
---|---|
State | New |
Headers | show |
Series | Work around reserved SMMU context bank on msm8998 | expand |
On Mon, Aug 19, 2024 at 02:59:35PM GMT, Marc Gonzalez wrote: > On qcom msm8998, writing to the last context bank of lpass_q6_smmu > (base address 0x05100000) produces a system freeze & reboot. > > The hardware/hypervisor reports 13 context banks for the LPASS SMMU > on msm8998, but only the first 12 are accessible... > Override the number of context banks > > [ 2.546101] arm-smmu 5100000.iommu: probing hardware configuration... > [ 2.552439] arm-smmu 5100000.iommu: SMMUv2 with: > [ 2.558945] arm-smmu 5100000.iommu: stage 1 translation > [ 2.563627] arm-smmu 5100000.iommu: address translation ops > [ 2.568923] arm-smmu 5100000.iommu: non-coherent table walk > [ 2.574566] arm-smmu 5100000.iommu: (IDR0.CTTW overridden by FW configuration) > [ 2.580220] arm-smmu 5100000.iommu: stream matching with 12 register groups > [ 2.587263] arm-smmu 5100000.iommu: 13 context banks (0 stage-2 only) > [ 2.614447] arm-smmu 5100000.iommu: Supported page sizes: 0x63315000 > [ 2.621358] arm-smmu 5100000.iommu: Stage-1: 36-bit VA -> 36-bit IPA > [ 2.627772] arm-smmu 5100000.iommu: preserved 0 boot mappings > > Specifically, the crashes occur here: > > qsmmu->bypass_cbndx = smmu->num_context_banks - 1; > arm_smmu_cb_write(smmu, qsmmu->bypass_cbndx, ARM_SMMU_CB_SCTLR, 0); > > and here: > > arm_smmu_write_context_bank(smmu, i); > arm_smmu_cb_write(smmu, i, ARM_SMMU_CB_FSR, ARM_SMMU_CB_FSR_FAULT); > > It is likely that FW reserves the last context bank for its own use, > thus a simple work-around is: DON'T USE IT in Linux. > > If we decrease the number of context banks, last one will be "hidden". > > Signed-off-by: Marc Gonzalez <mgonzalez@freebox.fr> > --- > drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c b/drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c > index 7e65189ca7b8c..d08c18edf5732 100644 > --- a/drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c > +++ b/drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c > @@ -282,6 +282,11 @@ static int qcom_smmu_cfg_probe(struct arm_smmu_device *smmu) > u32 smr; > int i; > > + if (of_device_is_compatible(smmu->dev->of_node, "qcom,msm8998-lpass-smmu")) { > + dev_warn(smmu->dev, "hide last ctx bank from linux"); dev_info() or dev_dbg(). dev_warn should be reserved to the case when you need to warn the user that something went wrong. In this case it is expected that the last bank is unusable. > + --smmu->num_context_banks; > + } > + > /* > * Some platforms support more than the Arm SMMU architected maximum of > * 128 stream matching groups. For unknown reasons, the additional > > -- > 2.34.1 >
diff --git a/drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c b/drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c index 7e65189ca7b8c..d08c18edf5732 100644 --- a/drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c +++ b/drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c @@ -282,6 +282,11 @@ static int qcom_smmu_cfg_probe(struct arm_smmu_device *smmu) u32 smr; int i; + if (of_device_is_compatible(smmu->dev->of_node, "qcom,msm8998-lpass-smmu")) { + dev_warn(smmu->dev, "hide last ctx bank from linux"); + --smmu->num_context_banks; + } + /* * Some platforms support more than the Arm SMMU architected maximum of * 128 stream matching groups. For unknown reasons, the additional
On qcom msm8998, writing to the last context bank of lpass_q6_smmu (base address 0x05100000) produces a system freeze & reboot. The hardware/hypervisor reports 13 context banks for the LPASS SMMU on msm8998, but only the first 12 are accessible... Override the number of context banks [ 2.546101] arm-smmu 5100000.iommu: probing hardware configuration... [ 2.552439] arm-smmu 5100000.iommu: SMMUv2 with: [ 2.558945] arm-smmu 5100000.iommu: stage 1 translation [ 2.563627] arm-smmu 5100000.iommu: address translation ops [ 2.568923] arm-smmu 5100000.iommu: non-coherent table walk [ 2.574566] arm-smmu 5100000.iommu: (IDR0.CTTW overridden by FW configuration) [ 2.580220] arm-smmu 5100000.iommu: stream matching with 12 register groups [ 2.587263] arm-smmu 5100000.iommu: 13 context banks (0 stage-2 only) [ 2.614447] arm-smmu 5100000.iommu: Supported page sizes: 0x63315000 [ 2.621358] arm-smmu 5100000.iommu: Stage-1: 36-bit VA -> 36-bit IPA [ 2.627772] arm-smmu 5100000.iommu: preserved 0 boot mappings Specifically, the crashes occur here: qsmmu->bypass_cbndx = smmu->num_context_banks - 1; arm_smmu_cb_write(smmu, qsmmu->bypass_cbndx, ARM_SMMU_CB_SCTLR, 0); and here: arm_smmu_write_context_bank(smmu, i); arm_smmu_cb_write(smmu, i, ARM_SMMU_CB_FSR, ARM_SMMU_CB_FSR_FAULT); It is likely that FW reserves the last context bank for its own use, thus a simple work-around is: DON'T USE IT in Linux. If we decrease the number of context banks, last one will be "hidden". Signed-off-by: Marc Gonzalez <mgonzalez@freebox.fr> --- drivers/iommu/arm/arm-smmu/arm-smmu-qcom.c | 5 +++++ 1 file changed, 5 insertions(+)