#
0d25da8e |
|
12-Jun-2023 |
Bjorn Andersson <quic_bjorande@quicinc.com> |
soc: qcom: mdt_loader: Fix split image detection The enhanced detection introduced in commit '210d12c8197a ("soc: qcom: mdt_loader: Enhance split binary detection")' requires that all segments lies within the file on disk. But the Qualcomm firmware files consistently has a BSS-like segment at the end, with a p_offset aligned to the next 4k boundary. As the p_size is 0 and there's nothing to load, the image is not padded to cover this (empty) segment. Ignore zero-sized segments when determining if the image is split, to avoid this problem. Fixes: 210d12c8197a ("soc: qcom: mdt_loader: Enhance split binary detection") Signed-off-by: Bjorn Andersson <quic_bjorande@quicinc.com> Reviewed-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> Tested-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> # qrb5165-rb5 Signed-off-by: Bjorn Andersson <andersson@kernel.org> Link: https://lore.kernel.org/r/20230612215804.1883458-1-quic_bjorande@quicinc.com
|
#
bcb88989 |
|
26-May-2023 |
Christian Marangi <ansuelsmth@gmail.com> |
soc: qcom: mdt_loader: Fix unconditional call to scm_pas_mem_setup Commit ebeb20a9cd3f ("soc: qcom: mdt_loader: Always invoke PAS mem_setup") dropped the relocate check and made pas_mem_setup run unconditionally. The code was later moved with commit f4e526ff7e38 ("soc: qcom: mdt_loader: Extract PAS operations") to qcom_mdt_pas_init() effectively losing track of what was actually done. The assumption that PAS mem_setup can be done anytime was effectively wrong, with no good reason and this caused regression on some SoC that use remoteproc to bringup ath11k. One example is IPQ8074 SoC that effectively broke resulting in remoteproc silently die and ath11k not working. On this SoC FW relocate is not enabled and PAS mem_setup was correctly skipped in previous kernel version resulting in correct bringup and function of remoteproc and ath11k. To fix the regression, reintroduce the relocate check in qcom_mdt_pas_init() and correctly skip PAS mem_setup where relocate is not enabled. Fixes: ebeb20a9cd3f ("soc: qcom: mdt_loader: Always invoke PAS mem_setup") Tested-by: Robert Marko <robimarko@gmail.com> Co-developed-by: Robert Marko <robimarko@gmail.com> Signed-off-by: Robert Marko <robimarko@gmail.com> Signed-off-by: Christian Marangi <ansuelsmth@gmail.com> Cc: stable@vger.kernel.org Reviewed-by: Mukesh Ojha <quic_mojha@quicinc.com> Signed-off-by: Bjorn Andersson <andersson@kernel.org> Link: https://lore.kernel.org/r/20230526115511.3328-1-ansuelsmth@gmail.com
|
#
210d12c8 |
|
08-May-2023 |
Gokul krishna Krishnakumar <quic_gokukris@quicinc.com> |
soc: qcom: mdt_loader: Enhance split binary detection It may be that the offset of the first program header lies inside the mdt's filesize, in this case the loader would incorrectly assume that the bins were not split and in this scenario the firmware authentication fails. This change updates the logic used by the mdt loader to understand whether the firmware images are split or not. It figures this out by checking if each programs header's segment lies within the file or not. Co-developed-by: Melody Olvera <quic_molvera@quicinc.com> Signed-off-by: Melody Olvera <quic_molvera@quicinc.com> Signed-off-by: Gokul krishna Krishnakumar <quic_gokukris@quicinc.com> Signed-off-by: Bjorn Andersson <andersson@kernel.org> Link: https://lore.kernel.org/r/20230509001821.24010-1-quic_gokukris@quicinc.com
|
#
3bf90eca |
|
03-Feb-2023 |
Elliot Berman <quic_eberman@quicinc.com> |
firmware: qcom_scm: Move qcom_scm.h to include/linux/firmware/qcom/ Move include/linux/qcom_scm.h to include/linux/firmware/qcom/qcom_scm.h. This removes 1 of a few remaining Qualcomm-specific headers into a more approciate subdirectory under include/. Suggested-by: Bjorn Andersson <andersson@kernel.org> Signed-off-by: Elliot Berman <quic_eberman@quicinc.com> Reviewed-by: Guru Das Srinagesh <quic_gurus@quicinc.com> Acked-by: Mukesh Ojha <quic_mojha@quicinc.com> Signed-off-by: Bjorn Andersson <andersson@kernel.org> Link: https://lore.kernel.org/r/20230203210956.3580811-1-quic_eberman@quicinc.com
|
#
d11a34a4 |
|
19-May-2022 |
Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org> |
soc: qcom: correct kerneldoc Correct kerneldoc warnings like: drivers/soc/qcom/mdt_loader.c:126: warning: Function parameter or member 'fw_name' not described in 'qcom_mdt_read_metadata' Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@linaro.org> Reviewed-by: Stephen Boyd <sboyd@kernel.org> Signed-off-by: Bjorn Andersson <bjorn.andersson@linaro.org> Link: https://lore.kernel.org/r/20220519073301.7072-2-krzysztof.kozlowski@linaro.org
|
#
a1b01987 |
|
14-Feb-2022 |
Bjorn Andersson <bjorn.andersson@linaro.org> |
soc: qcom: mdt_loader: Fix split-firmware condition The updated condition checking if a segment can be found in the loaded firmware blob, or need to be loaded from a separate file, incorrectly classifies segments that ends at the end of the loaded blob. The result is that the mdt loader attempts to load the segment from a separate file. Correct the conditional to use the loaded segment instead. Fixes: ea90330fa329 ("soc: qcom: mdt_loader: Extend check for split firmware") Signed-off-by: Bjorn Andersson <bjorn.andersson@linaro.org> Reviewed-by: Vinod Koul <vkoul@kernel.org> Link: https://lore.kernel.org/r/20220215034819.1209367-1-bjorn.andersson@linaro.org
|
#
f4e526ff |
|
27-Jan-2022 |
Bjorn Andersson <bjorn.andersson@linaro.org> |
soc: qcom: mdt_loader: Extract PAS operations Rather than passing a boolean to indicate if the PAS operations should be performed from within __mdt_load(), extract them to their own helper function. This will allow clients to invoke this directly, with some qcom_scm_pas_metadata context that they later needs to release, without further having to complicate the prototype of qcom_mdt_load(). Signed-off-by: Bjorn Andersson <bjorn.andersson@linaro.org> Reviewed-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> Link: https://lore.kernel.org/r/20220128025513.97188-9-bjorn.andersson@linaro.org
|
#
ebeb20a9 |
|
27-Jan-2022 |
Bjorn Andersson <bjorn.andersson@linaro.org> |
soc: qcom: mdt_loader: Always invoke PAS mem_setup After spelunking various old kernel trees no finds has been found indicating that the PAS mem_setup call should actually be made conditional on the image being relocatable. Group the two PAS operations together, to facilitate splitting them out in a following patch. Signed-off-by: Bjorn Andersson <bjorn.andersson@linaro.org> Reviewed-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> Link: https://lore.kernel.org/r/20220128025513.97188-8-bjorn.andersson@linaro.org
|
#
75d7213c |
|
27-Jan-2022 |
Bjorn Andersson <bjorn.andersson@linaro.org> |
soc: qcom: mdt_loader: Reorder parts of __qcom_mdt_load() Move the traversal of the program headers to the start of the function, to make sure that min_ and max_addr are in scope as the call to qcom_scm_pas_mem_setup() is moved in the next commit. Signed-off-by: Bjorn Andersson <bjorn.andersson@linaro.org> Reviewed-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> Link: https://lore.kernel.org/r/20220128025513.97188-7-bjorn.andersson@linaro.org
|
#
ea90330f |
|
27-Jan-2022 |
Bjorn Andersson <bjorn.andersson@linaro.org> |
soc: qcom: mdt_loader: Extend check for split firmware Some of the Qualcomm SM8450 firmware files are padded such that the start of the first segment falls within the .mdt file but the segment to be loaded is stored as a separate .bNN file. Extend the condition to only attempt to read a segment inline if the entire segment would be available. Signed-off-by: Bjorn Andersson <bjorn.andersson@linaro.org> Reviewed-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> Link: https://lore.kernel.org/r/20220128025513.97188-6-bjorn.andersson@linaro.org
|
#
64fb5eb8 |
|
27-Jan-2022 |
Bjorn Andersson <bjorn.andersson@linaro.org> |
soc: qcom: mdt_loader: Allow hash to reside in any segment It's been observed that some firmware found on Qualcomm SM8450 devices carries the hash segment as the last segment in the ELF. Extend the support to allow picking the hash from any segment in the MDT/MBN. Signed-off-by: Bjorn Andersson <bjorn.andersson@linaro.org> Reviewed-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> Link: https://lore.kernel.org/r/20220128025513.97188-5-bjorn.andersson@linaro.org
|
#
8bd42e23 |
|
27-Jan-2022 |
Bjorn Andersson <bjorn.andersson@linaro.org> |
soc: qcom: mdt_loader: Allow hash segment to be split out It's been observed that some firmware found in a Qualcomm SM8450 device has the hash table in a separate .bNN file. Use the newly extracted helper function to load this segment from the separate file, if it's determined that the hashes are not part of the already loaded firmware. In order to do this, the function needs access to the firmware basename and to provide more useful error messages a struct device to associate the errors with. Signed-off-by: Bjorn Andersson <bjorn.andersson@linaro.org> Reviewed-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> Link: https://lore.kernel.org/r/20220128025513.97188-4-bjorn.andersson@linaro.org
|
#
26c1f170 |
|
27-Jan-2022 |
Bjorn Andersson <bjorn.andersson@linaro.org> |
soc: qcom: mdt_loader: Split out split-file-loader Spotted in a SM8450 device, the hash metadata segment is split out in a separate .bNN file which means that the logic for loading split out segmenents needs to be duplicated in qcom_mdt_read_metadata(). Split out the existing logic to a helper function that can be used in both code paths. Signed-off-by: Bjorn Andersson <bjorn.andersson@linaro.org> Reviewed-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> Link: https://lore.kernel.org/r/20220128025513.97188-3-bjorn.andersson@linaro.org
|
#
3a99f121 |
|
27-Jan-2022 |
Bjorn Andersson <bjorn.andersson@linaro.org> |
firmware: qcom: scm: Introduce pas_metadata context Starting with Qualcomm SM8450, some new security enhancements has been done in the secure world, which results in the requirement to keep the metadata segment accessible by the secure world from init_image() until auth_and_reset(). Introduce a "PAS metadata context" object that can be passed to init_image() for tracking the mapped memory and a related release function for client drivers to release the mapping once either auth_and_reset() has been invoked or in error handling paths on the way there. Signed-off-by: Bjorn Andersson <bjorn.andersson@linaro.org> Reviewed-by: Dmitry Baryshkov <dmitry.baryshkov@linaro.org> Link: https://lore.kernel.org/r/20220128025513.97188-2-bjorn.andersson@linaro.org
|
#
833d51d7 |
|
28-Aug-2021 |
Shawn Guo <shawn.guo@linaro.org> |
soc: qcom: mdt_loader: Drop PT_LOAD check on hash segment PT_LOAD type denotes that the segment should be loaded into the final firmware memory region. Hash segment is not one such, because it's only needed for PAS init and shouldn't be in the final firmware memory region. That's why mdt_phdr_valid() explicitly reject non PT_LOAD segment and hash segment. This actually makes the hash segment type check in qcom_mdt_read_metadata() unnecessary and redundant. For a hash segment, it won't be loaded into firmware memory region anyway, due to the QCOM_MDT_TYPE_HASH check in mdt_phdr_valid(), even if it has a PT_LOAD type for some reason (misusing or abusing?). Some firmware files on Sony phones are such examples, e.g WCNSS firmware of Sony Xperia M4 Aqua phone. The type of hash segment is just PT_LOAD. Drop the unnecessary hash segment type check in qcom_mdt_read_metadata() to fix firmware loading failure on these phones, while hash segment is still kept away from the final firmware memory region. Fixes: 498b98e93900 ("soc: qcom: mdt_loader: Support loading non-split images") Signed-off-by: Shawn Guo <shawn.guo@linaro.org> Reviewed-by: Marijn Suijten <marijn.suijten@somainline.org> Signed-off-by: Bjorn Andersson <bjorn.andersson@linaro.org> Link: https://lore.kernel.org/r/20210828070202.7033-1-shawn.guo@linaro.org
|
#
ad68c620 |
|
15-Mar-2021 |
Alex Elder <elder@linaro.org> |
soc: qcom: mdt_loader: be more informative on errors In __qcom_mdt_load() there are cases where an error occurs that cause a message to be printed. In some of those cases the errno value can be helpful to understand exactly what caused the problem. Print the errno (as well as the firmware file name) where it is helpful, and in a few cases reword the error message. Consistently use the private fw_name for the file name. Signed-off-by: Alex Elder <elder@linaro.org> Link: https://lore.kernel.org/r/20210315144455.1770492-1-elder@linaro.org Signed-off-by: Bjorn Andersson <bjorn.andersson@linaro.org>
|
#
0648c55e |
|
07-Jan-2021 |
Bjorn Andersson <bjorn.andersson@linaro.org> |
soc: qcom: mdt_loader: Detect truncated read of segments Given that no validation of how much data the firmware loader read in for a given segment truncated segment files would best case result in a hash verification failure, without any indication of what went wrong. Improve this by validating that the firmware loader did return the amount of data requested. Fixes: 445c2410a449 ("soc: qcom: mdt_loader: Use request_firmware_into_buf()") Reviewed-by: Sibi Sankar <sibis@codeaurora.org> Link: https://lore.kernel.org/r/20210107232526.716989-1-bjorn.andersson@linaro.org Signed-off-by: Bjorn Andersson <bjorn.andersson@linaro.org>
|
#
84168d1b |
|
07-Jan-2021 |
Bjorn Andersson <bjorn.andersson@linaro.org> |
soc: qcom: mdt_loader: Validate that p_filesz < p_memsz The code validates that segments of p_memsz bytes of a segment will fit in the provided memory region, but does not validate that p_filesz bytes will, which means that an incorrectly crafted ELF header might write beyond the provided memory region. Fixes: 051fb70fd4ea ("remoteproc: qcom: Driver for the self-authenticating Hexagon v5") Reviewed-by: Sibi Sankar <sibis@codeaurora.org> Link: https://lore.kernel.org/r/20210107233119.717173-1-bjorn.andersson@linaro.org Signed-off-by: Bjorn Andersson <bjorn.andersson@linaro.org>
|
#
498b98e9 |
|
21-Jun-2019 |
Bjorn Andersson <bjorn.andersson@linaro.org> |
soc: qcom: mdt_loader: Support loading non-split images In some software releases the firmware images are not split up with each loadable segment in it's own file. Check the size of the loaded firmware to see if it still contains each segment to be loaded, before falling back to the split-out segments. Acked-by: Andy Gross <agross@kernel.org> Reviewed-by: Jeffrey Hugo <jeffrey.l.hugo@gmail.com> Signed-off-by: Bjorn Andersson <bjorn.andersson@linaro.org>
|
#
1802d0be |
|
27-May-2019 |
Thomas Gleixner <tglx@linutronix.de> |
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 174 Based on 1 normalized pattern(s): this program is free software you can redistribute it and or modify it under the terms of the gnu general public license version 2 as published by the free software foundation this program is distributed in the hope that it will be useful but without any warranty without even the implied warranty of merchantability or fitness for a particular purpose see the gnu general public license for more details extracted by the scancode license scanner the SPDX license identifier GPL-2.0-only has been chosen to replace the boilerplate/reference in 655 file(s). Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Allison Randal <allison@lohutok.net> Reviewed-by: Kate Stewart <kstewart@linuxfoundation.org> Reviewed-by: Richard Fontana <rfontana@redhat.com> Cc: linux-spdx@vger.kernel.org Link: https://lkml.kernel.org/r/20190527070034.575739538@linutronix.de Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
#
0e622e80 |
|
04-Jun-2018 |
Sricharan R <sricharan@codeaurora.org> |
remoteproc: qcom: mdt_loader: Make the firmware authentication optional qcom_mdt_load function loads the mdt type firmware and initialises the secure memory as well. Make the initialisation only when requested by the caller, so that the function can be used by self-authenticating remoteproc as well. Acked-by: Andy Gross <andy.gross@linaro.org> Signed-off-by: Sricharan R <sricharan@codeaurora.org> Signed-off-by: Bjorn Andersson <bjorn.andersson@linaro.org>
|
#
d7dc899a |
|
14-Jun-2018 |
Stefan Agner <stefan@agner.ch> |
treewide: use PHYS_ADDR_MAX to avoid type casting ULLONG_MAX With PHYS_ADDR_MAX there is now a type safe variant for all bits set. Make use of it. Patch created using a semantic patch as follows: // <smpl> @@ typedef phys_addr_t; @@ -(phys_addr_t)ULLONG_MAX +PHYS_ADDR_MAX // </smpl> Link: http://lkml.kernel.org/r/20180419214204.19322-1-stefan@agner.ch Signed-off-by: Stefan Agner <stefan@agner.ch> Reviewed-by: Andrew Morton <akpm@linux-foundation.org> Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Acked-by: Catalin Marinas <catalin.marinas@arm.com> [arm64] Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
#
4dd27f54 |
|
05-Jan-2018 |
Bjorn Andersson <bjorn.andersson@linaro.org> |
soc: qcom: mdt-loader: Return relocation base In order to implement support for grabbing core dumps in remoteproc it's necessary to know the relocated base of the image, as the offsets from the virtual memory base might not be based on the physical address. Return the adjusted physical base address to the caller. Acked-by: Andy Gross <andy.gross@linaro.org> Signed-off-by: Bjorn Andersson <bjorn.andersson@linaro.org>
|
#
445c2410 |
|
26-Jun-2017 |
Bjorn Andersson <bjorn.andersson@linaro.org> |
soc: qcom: mdt_loader: Use request_firmware_into_buf() By switching to the request_firmware_into_buf() we load the segment data straight into the preallocated buffers, reducing the need for allocating scratch buffers for these. In particular the modem firmware consists of multiple segments in the range 5-15MB, making this worth while. Signed-off-by: Bjorn Andersson <bjorn.andersson@linaro.org> Signed-off-by: Andy Gross <andy.gross@linaro.org>
|
#
01625cc5 |
|
15-Feb-2017 |
Bjorn Andersson <bjorn.andersson@linaro.org> |
remoteproc: qcom: mdt_loader: Use signed type for offset In the transition from using rproc_da_to_va(), the type of the load offset became unsigned. This causes the subsequent check to let negative values less than p_memsz + mem_size through and we write outside of the buffer. Change the type back to a signed value to catch this. Fixes: 7f0dd07a9b29 ("remoteproc: qcom: mdt_loader: Refactor MDT loader") Fixes: e7fd25226295 ("remoteproc: qcom: q6v5: Decouple driver from MDT loader") Reported-by: Dan Carpenter <dan.carpenter@oracle.com> Reported-by: Stanimir Varbanov <stanimir.varbanov@linaro.org> Acked-by: Andy Gross <andy.gross@linaro.org> Signed-off-by: Bjorn Andersson <bjorn.andersson@linaro.org>
|
#
2aad40d9 |
|
27-Jan-2017 |
Bjorn Andersson <bjorn.andersson@linaro.org> |
remoteproc: Move qcom_mdt_loader into drivers/soc/qcom With the remoteproc parts cleaned out of the MDT loader we can move it to drivers/soc/qcom. Acked-by: Andy Gross <andy.gross@linaro.org> Signed-off-by: Bjorn Andersson <bjorn.andersson@linaro.org>
|