From: Stephen Boyd <sboyd@codeaurora.org>
To: kgunda@codeaurora.org
Cc: Abhijeet Dharmapurikar <adharmap@codeaurora.org>,
Christophe JAILLET <christophe.jaillet@wanadoo.fr>,
Subbaraman Narayanamurthy <subbaram@codeaurora.org>,
David Collins <collinsd@codeaurora.org>,
linux-kernel@vger.kernel.org, linux-arm-msm@vger.kernel.org,
adharmap@quicinc.com, aghayal@qti.qualcomm.com,
linux-arm-msm-owner@vger.kernel.org
Subject: Re: [PATCH V1 01/15] spmi: pmic_arb: block access of invalid read and writes
Date: Mon, 12 Jun 2017 19:09:43 -0700 [thread overview]
Message-ID: <20170613020943.GR20170@codeaurora.org> (raw)
In-Reply-To: <a3f516a2ab42c5ed1d7b7996846e6d67@codeaurora.org>
On 06/12, kgunda@codeaurora.org wrote:
> On 2017-05-31 06:03, Stephen Boyd wrote:
> >On 05/30, Kiran Gunda wrote:
> >>From: Abhijeet Dharmapurikar <adharmap@codeaurora.org>
> >>
> >>The system crashes due to bad access when reading from an non
> >>configured
> >>peripheral and when writing to peripheral which is not owned by
> >>current
> >>ee. This patch verifies ownership to avoid crashing on
> >>write.
> >
> >What systems? As far as I know we don't have any bad accesses
> >happening right now. If they are happening, we should fix the
> >code that's accessing hardware that isn't owned by them.
> >
> This change greatly improves the debugging effort for developers by
> printing
> a very simple and clear error message when an invalid SPMI access occurs
> (due to bad DT configuration, bad bootloader SPMI permission
> configurations,
> or other issues). Without this change, such accesses will cause XPU
> violations
> that crash the system and require extensive effort to decode.
Right, but they're easily detectable because we would know almost
immediately that something isn't working when we integrate a
change. If you update the DT and it stops working, the DT is bad.
If you update the bootloader and it stops working, the bootloader
is bad, etc.
>
> >>For reads, since the forward mapping table, data_channel->ppid, is
> >>towards the end of the block, we use the core size to figure the
> >>max number of ppids supported. The table starts at an offset of 0x800
> >>within the block, so size - 0x800 will give us the area used by the
> >>table. Since each table is 4 bytes long (core_size - 0x800) / 4 will
> >>gives us the number of data_channel supported.
> >>This new protection is functional on hw v2.
> >
> >Which brings us to the next question which is why do we need this
> >patch at all? We aren't probing hardware to see what we have
> >access to and then populating device structures based on that.
> >Instead, we're just populating DT nodes that we've hardcoded in
> >the dts files, so I'm a little lost on why we would have a node
> >in there that we couldn't access. Please add such details to the
> >commit text.
> >
> invalid SPMI access occurs due to bad DT configuration, bad
> bootloader SPMI
> permission configurations, or other issues. This change reduces the
> debugging
> effort for developers by printing clear error message when an
> invalid SPMI
> access occurs.
Well we also take an overhead on every read/write. Sure things
are slow so the overhead is negligible, but the permissions are
on a peripheral id basis, so really we should look into _not_
populating devices that aren't accessible in the first place.
Then we move the checks out of the read/write path and to a more
logical place whereby we prevent a driver from attempting to even
attach to read or write a register that is protected.
--
Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum,
a Linux Foundation Collaborative Project
next prev parent reply other threads:[~2017-06-13 2:09 UTC|newest]
Thread overview: 62+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-30 12:38 [PATCH V1 00/15]: support for spmi_pmic_arb v3/v5 and bug fixes Kiran Gunda
2017-05-30 12:38 ` Kiran Gunda
2017-05-30 12:38 ` [PATCH V1 01/15] spmi: pmic_arb: block access of invalid read and writes Kiran Gunda
2017-05-31 0:33 ` Stephen Boyd
2017-06-12 11:26 ` kgunda
2017-06-13 2:09 ` Stephen Boyd [this message]
2017-06-14 15:09 ` kgunda
2017-05-30 12:38 ` [PATCH V1 02/15] spmi: pmic-arb: rename spmi_pmic_arb_dev to spmi_pmic_arb Kiran Gunda
2017-05-31 0:46 ` Stephen Boyd
2017-06-01 16:11 ` kgunda
2017-06-02 18:29 ` Stephen Boyd
2017-06-05 6:28 ` kgunda
2017-05-30 12:38 ` [PATCH V1 03/15] spmi: pmic-arb: fix inconsistent use of apid and chan Kiran Gunda
2017-05-31 1:31 ` Stephen Boyd
2017-06-01 16:37 ` kgunda
2017-05-30 12:38 ` [PATCH V1 04/15] spmi: pmic-arb: optimize table lookups Kiran Gunda
2017-05-31 1:44 ` Stephen Boyd
2017-06-01 16:53 ` kgunda
2017-06-02 18:31 ` Stephen Boyd
2017-06-05 6:33 ` kgunda
2017-05-30 12:38 ` [PATCH V1 05/15] spmi: pmic-arb: cleanup unrequested irqs Kiran Gunda
2017-05-31 1:57 ` Stephen Boyd
2017-06-06 10:50 ` kgunda
2017-06-13 2:11 ` Stephen Boyd
2017-06-14 15:04 ` kgunda
2017-05-30 12:38 ` [PATCH V1 06/15] spmi: pmic-arb: fix missing interrupts Kiran Gunda
2017-05-31 2:00 ` Stephen Boyd
2017-06-01 17:06 ` kgunda
2017-05-30 12:38 ` [PATCH V1 07/15] spmi: pmic-arb: clear the latched status of the interrupt Kiran Gunda
2017-05-31 22:03 ` Stephen Boyd
2017-06-06 10:55 ` kgunda
2017-05-30 12:38 ` [PATCH V1 08/15] spmi: pmic_arb: use appropriate flow handler Kiran Gunda
2017-05-31 19:03 ` Stephen Boyd
2017-06-06 10:57 ` kgunda
2017-05-30 12:38 ` [PATCH V1 09/15] spmi: pmic-arb: check apid enabled before calling the handler Kiran Gunda
2017-05-31 20:39 ` Stephen Boyd
2017-06-14 15:38 ` kgunda
2017-06-16 21:11 ` Stephen Boyd
2017-06-21 5:02 ` kgunda
2017-05-30 12:38 ` [PATCH V1 10/15] spmi: pmic_arb: add support for PMIC bus arbiter v3 Kiran Gunda
2017-05-31 22:18 ` Stephen Boyd
2017-06-06 11:10 ` kgunda
2017-05-30 12:38 ` [PATCH V1 11/15] spmi: spmi-pmic-arb: enable the SPMI interrupt as a wakeup source Kiran Gunda
2017-05-31 17:13 ` Stephen Boyd
2017-06-08 11:30 ` kgunda
2017-05-30 12:39 ` [PATCH V1 12/15] spmi-pmic-arb: fix a possible null pointer dereference Kiran Gunda
2017-05-31 17:29 ` Stephen Boyd
2017-06-02 7:13 ` kgunda
2017-05-30 12:39 ` [PATCH V1 13/15] spmi: pmic-arb: add support for HW version 5 Kiran Gunda
2017-06-01 6:08 ` Stephen Boyd
2017-06-08 11:28 ` kgunda
2017-05-30 12:39 ` [PATCH V1 14/15] spmi: pmic-arb: do not ack and clear peripheral interrupts in cleanup_irq Kiran Gunda
2017-05-30 22:23 ` kbuild test robot
2017-05-30 22:23 ` kbuild test robot
2017-05-31 17:53 ` Stephen Boyd
2017-06-02 7:26 ` kgunda
2017-06-06 11:27 ` kgunda
2017-06-13 2:10 ` Stephen Boyd
2017-07-18 11:53 ` kgunda
2017-05-30 12:39 ` [PATCH V1 15/15] spmi: pmic-arb: instantiate spmi_devices at arch_initcall Kiran Gunda
2017-05-31 22:07 ` Stephen Boyd
2017-07-18 11:49 ` kgunda
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170613020943.GR20170@codeaurora.org \
--to=sboyd@codeaurora.org \
--cc=adharmap@codeaurora.org \
--cc=adharmap@quicinc.com \
--cc=aghayal@qti.qualcomm.com \
--cc=christophe.jaillet@wanadoo.fr \
--cc=collinsd@codeaurora.org \
--cc=kgunda@codeaurora.org \
--cc=linux-arm-msm-owner@vger.kernel.org \
--cc=linux-arm-msm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=subbaram@codeaurora.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.