Linaro-mm-sig

linaro-mm-sig@lists.linaro.org

14 participants
3243 discussions

Re: [PATCH net-next 5/6] net: ti: icssg-prueth: Add AF_XDP zero copy for RX

by Jakub Kicinski

On Mon, 18 Aug 2025 16:54:23 +0530 Meghana Malladi wrote: > @@ -1332,6 +1350,13 @@ static int prueth_xsk_wakeup(struct net_device *ndev, u32 qid, u32 flags) > } > } > > + if (flags & XDP_WAKEUP_RX) { > + if (!napi_if_scheduled_mark_missed(&emac->napi_rx)) { > + if (likely(napi_schedule_prep(&emac->napi_rx))) > + __napi_schedule(&emac->napi_rx); > + } > + } > + > return 0; I suspect this series is generated against old source or there's another conflicting series in flight, because git ends up applying this chunk to prueth_xsk_pool_disable() :S Before you proceed with AF_XDP could you make this driver build under COMPILE_TEST on x86? This is very easy to miss, luckily we got an off list report but its pure luck. And obviously much more effort for the maintainers to investigate than if it was caught by the CI. -- pw-bot: cr

4 months

Re: [PATCH 4/4] dma-buf/fence-chain: Speed up processing of rearmed callbacks

by Christian König

On 19.08.25 11:04, Janusz Krzysztofik wrote: > On Monday, 18 August 2025 16:42:56 CEST Christian König wrote: >> On 18.08.25 16:30, Janusz Krzysztofik wrote: >>> Hi Christian, >>> >>> On Thursday, 14 August 2025 14:24:29 CEST Christian König wrote: >>>> >>>> On 14.08.25 10:16, Janusz Krzysztofik wrote: >>>>> When first user starts waiting on a not yet signaled fence of a chain >>>>> link, a dma_fence_chain callback is added to a user fence of that link. >>>>> When the user fence of that chain link is then signaled, the chain is >>>>> traversed in search for a first not signaled link and the callback is >>>>> rearmed on a user fence of that link. >>>>> >>>>> Since chain fences may be exposed to user space, e.g. over drm_syncobj >>>>> IOCTLs, users may start waiting on any link of the chain, then many links >>>>> of a chain may have signaling enabled and their callbacks added to their >>>>> user fences. Once an arbitrary user fence is signaled, all >>>>> dma_fence_chain callbacks added to it so far must be rearmed to another >>>>> user fence of the chain. In extreme scenarios, when all N links of a >>>>> chain are awaited and then signaled in reverse order, the dma_fence_chain >>>>> callback may be called up to N * (N + 1) / 2 times (an arithmetic series). >>>>> >>>>> To avoid that potential excessive accumulation of dma_fence_chain >>>>> callbacks, rearm a trimmed-down, signal only callback version to the base >>>>> fence of a previous link, if not yet signaled, otherwise just signal the >>>>> base fence of the current link instead of traversing the chain in search >>>>> for a first not signaled link and moving all callbacks collected so far to >>>>> a user fence of that link. >>>> >>>> Well clear NAK to that! You can easily overflow the kernel stack with that! >>> >>> I'll be happy to propose a better solution, but for that I need to understand >>> better your message. Could you please point out an exact piece of the >>> proposed code and/or describe a scenario where you can see the risk of stack >>> overflow? >> >> The sentence "rearm .. to the base fence of a previous link" sounds like you are trying to install a callback on the signaling to the previous chain element. >> >> That is exactly what I pointed out previously where you need to be super careful because when this chain signals the callbacks will execute recursively which means that you can trivially overflow the kernel stack if you have more than a handful of chain elements. >> >> In other words A waits for B, B waits for C, C waits for D etc.... when D finally signals it will call C which in turn calls B which in turn calls A. > > OK, maybe my commit description was not precise enough, however, I didn't > describe implementation details (how) intentionally. > When D signals then it doesn't call C directly, only it submits an irq work > that calls C. Then C doesn't just call B, only it submits another irq work > that calls B, and so on. > Doesn't that code pattern effectively break the recursion loop into separate > work items, each with its own separate stack? No, it's architecture dependent if the irq_work executes on a separate stack or not. You would need a work_struct to really separate the two and I would reject that because it adds additional latency to the signaling path. >> >> Even if the chain is a recursive data structure you absolutely can't use recursion for the handling of it. >> >> Maybe I misunderstood your textual description but reading a sentence like this rings all alarm bells here. Otherwise I can't see what the patch is supposed to be optimizing. > > OK, maybe I should start my commit description of this patch with a copy of > the first sentence from cover letter and also from patch 1/4 description that > informs about the problem as reported by CI. Maybe I should also provide a > comparison of measured signaling times from trybot executions [1][2][3]. > Here are example numbers from CI machine fi-bsw-n3050: Yeah and I've pointed out before that this is irrelevant. The problem is *not* the dma_fence_chain implementation, that one is doing exactly what is expected to do. The problem is that the test case is nonsense. I've pointed that out numerous times now! Regards, Christian. > > With signaling time reports only added to selftests (patch 1 of 4): > <6> [777.914451] dma-buf: Running dma_fence_chain/wait_forward > <6> [778.123516] wait_forward: 4096 signals in 21373487 ns > <6> [778.335709] dma-buf: Running dma_fence_chain/wait_backward > <6> [795.791546] wait_backward: 4096 signals in 17249051192 ns > <6> [795.859699] dma-buf: Running dma_fence_chain/wait_random > <6> [796.161375] wait_random: 4096 signals in 97386256 ns > > With dma_fence_enable_signaling() replaced in selftests with dma_fence_wait() > (patches 1-3 of 4): > <6> [782.505692] dma-buf: Running dma_fence_chain/wait_forward > <6> [784.609213] wait_forward: 4096 signals in 36513103 ns > <3> [784.837226] Reported -4 for kthread_stop_put(0)! > <6> [785.147643] dma-buf: Running dma_fence_chain/wait_backward > <6> [806.367763] wait_backward: 4096 signals in 18428009499 ns > <6> [807.175325] dma-buf: Running dma_fence_chain/wait_random > <6> [809.453942] wait_random: 4096 signals in 119761950 ns > > With the fix (patches 1-4 of 4): > <6> [731.519020] dma-buf: Running dma_fence_chain/wait_forward > <6> [733.623375] wait_forward: 4096 signals in 31890220 ns > <6> [734.258972] dma-buf: Running dma_fence_chain/wait_backward > <6> [736.267325] wait_backward: 4096 signals in 39007955 ns > <6> [736.700221] dma-buf: Running dma_fence_chain/wait_random > <6> [739.346706] wait_random: 4096 signals in 48384865 ns > > Signaling time in wait_backward selftest has been reduced from 17s to 39ms. > > [1] https://intel-gfx-ci.01.org/tree/drm-tip/Trybot_152785v1/index.html? > [2] https://intel-gfx-ci.01.org/tree/drm-tip/Trybot_152828v2/index.html? > [3] https://intel-gfx-ci.01.org/tree/drm-tip/Trybot_152830v2/index.html? > >> >>>> >>>> Additional to this messing with the fence ops outside of the dma_fence code is an absolute no-go. >>> >>> Could you please explain what piece of code you are referring to when you say >>> "messing with the fence ops outside the dma_fence code"? If not this patch >>> then which particular one of this series did you mean? I'm assuming you >>> didn't mean drm_syncobj code that I mentioned in my commit descriptions. >> >> See below. >> >>> >>> Thanks, >>> Janusz >>> >>>> >>>> Regards, >>>> Christian. >>>> >>>>> >>>>> Closes: https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/12904 >>>>> Suggested-by: Chris Wilson <chris.p.wilson(a)linux.intel.com> >>>>> Signed-off-by: Janusz Krzysztofik <janusz.krzysztofik(a)linux.intel.com> >>>>> --- >>>>> drivers/dma-buf/dma-fence-chain.c | 101 +++++++++++++++++++++++++----- >>>>> 1 file changed, 84 insertions(+), 17 deletions(-) >>>>> >>>>> diff --git a/drivers/dma-buf/dma-fence-chain.c b/drivers/dma-buf/dma-fence-chain.c >>>>> index a8a90acf4f34d..90eff264ee05c 100644 >>>>> --- a/drivers/dma-buf/dma-fence-chain.c >>>>> +++ b/drivers/dma-buf/dma-fence-chain.c >>>>> @@ -119,46 +119,113 @@ static const char *dma_fence_chain_get_timeline_name(struct dma_fence *fence) >>>>> return "unbound"; >>>>> } >>>>> >>>>> -static void dma_fence_chain_irq_work(struct irq_work *work) >>>>> +static void signal_irq_work(struct irq_work *work) >>>>> { >>>>> struct dma_fence_chain *chain; >>>>> >>>>> chain = container_of(work, typeof(*chain), work); >>>>> >>>>> - /* Try to rearm the callback */ >>>>> - if (!dma_fence_chain_enable_signaling(&chain->base)) >>>>> - /* Ok, we are done. No more unsignaled fences left */ >>>>> - dma_fence_signal(&chain->base); >>>>> + dma_fence_signal(&chain->base); >>>>> dma_fence_put(&chain->base); >>>>> } >>>>> >>>>> -static void dma_fence_chain_cb(struct dma_fence *f, struct dma_fence_cb *cb) >>>>> +static void signal_cb(struct dma_fence *f, struct dma_fence_cb *cb) >>>>> +{ >>>>> + struct dma_fence_chain *chain; >>>>> + >>>>> + chain = container_of(cb, typeof(*chain), cb); >>>>> + init_irq_work(&chain->work, signal_irq_work); >>>>> + irq_work_queue(&chain->work); >>>>> +} >>>>> + >>>>> +static void rearm_irq_work(struct irq_work *work) >>>>> +{ >>>>> + struct dma_fence_chain *chain; >>>>> + struct dma_fence *prev; >>>>> + >>>>> + chain = container_of(work, typeof(*chain), work); >>>>> + >>>>> + rcu_read_lock(); >>>>> + prev = rcu_dereference(chain->prev); >>>>> + if (prev && dma_fence_add_callback(prev, &chain->cb, signal_cb)) >>>>> + prev = NULL; >>>>> + rcu_read_unlock(); >>>>> + if (prev) >>>>> + return; >>>>> + >>>>> + /* Ok, we are done. No more unsignaled fences left */ >>>>> + signal_irq_work(work); >>>>> +} >>>>> + >>>>> +static inline bool fence_is_signaled__nested(struct dma_fence *fence) >>>>> +{ >>>>> + if (test_bit(DMA_FENCE_FLAG_SIGNALED_BIT, &fence->flags)) >>>>> + return true; >>>>> + >> >>>>> + if (fence->ops->signaled && fence->ops->signaled(fence)) { >> >> Calling this outside of dma-fence.[ch] is a clear no-go. > > But this patch applies only to drivers/dma-buf/dma-fence-chain.c, not > outside of it. > > Thanks, > Janusz > >> >> Regards, >> Christian. >> >>>>> + unsigned long flags; >>>>> + >>>>> + spin_lock_irqsave_nested(fence->lock, flags, SINGLE_DEPTH_NESTING); >>>>> + dma_fence_signal_locked(fence); >>>>> + spin_unlock_irqrestore(fence->lock, flags); >>>>> + >>>>> + return true; >>>>> + } >>>>> + >>>>> + return false; >>>>> +} >>>>> + >>>>> +static bool prev_is_signaled(struct dma_fence_chain *chain) >>>>> +{ >>>>> + struct dma_fence *prev; >>>>> + bool result; >>>>> + >>>>> + rcu_read_lock(); >>>>> + prev = rcu_dereference(chain->prev); >>>>> + result = !prev || fence_is_signaled__nested(prev); >>>>> + rcu_read_unlock(); >>>>> + >>>>> + return result; >>>>> +} >>>>> + >>>>> +static void rearm_or_signal_cb(struct dma_fence *f, struct dma_fence_cb *cb) >>>>> { >>>>> struct dma_fence_chain *chain; >>>>> >>>>> chain = container_of(cb, typeof(*chain), cb); >>>>> - init_irq_work(&chain->work, dma_fence_chain_irq_work); >>>>> + if (prev_is_signaled(chain)) { >>>>> + /* Ok, we are done. No more unsignaled fences left */ >>>>> + init_irq_work(&chain->work, signal_irq_work); >>>>> + } else { >>>>> + /* Try to rearm the callback */ >>>>> + init_irq_work(&chain->work, rearm_irq_work); >>>>> + } >>>>> + >>>>> irq_work_queue(&chain->work); >>>>> - dma_fence_put(f); >>>>> } >>>>> >>>>> static bool dma_fence_chain_enable_signaling(struct dma_fence *fence) >>>>> { >>>>> struct dma_fence_chain *head = to_dma_fence_chain(fence); >>>>> + int err = -ENOENT; >>>>> >>>>> - dma_fence_get(&head->base); >>>>> - dma_fence_chain_for_each(fence, &head->base) { >>>>> - struct dma_fence *f = dma_fence_chain_contained(fence); >>>>> + if (WARN_ON(!head)) >>>>> + return false; >>>>> >>>>> - dma_fence_get(f); >>>>> - if (!dma_fence_add_callback(f, &head->cb, dma_fence_chain_cb)) { >>>>> + dma_fence_get(fence); >>>>> + if (head->fence) >>>>> + err = dma_fence_add_callback(head->fence, &head->cb, rearm_or_signal_cb); >>>>> + if (err) { >>>>> + if (prev_is_signaled(head)) { >>>>> dma_fence_put(fence); >>>>> - return true; >>>>> + } else { >>>>> + init_irq_work(&head->work, rearm_irq_work); >>>>> + irq_work_queue(&head->work); >>>>> + err = 0; >>>>> } >>>>> - dma_fence_put(f); >>>>> } >>>>> - dma_fence_put(&head->base); >>>>> - return false; >>>>> + >>>>> + return !err; >>>>> } >>>>> >>>>> static bool dma_fence_chain_signaled(struct dma_fence *fence) >>>> >>>> >>> >>> >>> >>> >> >> > > > >

4 months

[PATCH] drm/amdgpu: Pin buffer while vmap'ing exported dma-buf objects

by Thomas Zimmermann

Current dma-buf vmap semantics require that the mapped buffer remains in place until the corresponding vunmap has completed. For GEM-SHMEM, this used to be guaranteed by a pin operation while creating an S/G table in import. GEM-SHMEN can now import dma-buf objects without creating the S/G table, so the pin is missing. Leads to page-fault errors, such as the one shown below. [ 102.101726] BUG: unable to handle page fault for address: ffffc90127000000 [...] [ 102.157102] RIP: 0010:udl_compress_hline16+0x219/0x940 [udl] [...] [ 102.243250] Call Trace: [ 102.245695] <TASK> [ 102.2477V95] ? validate_chain+0x24e/0x5e0 [ 102.251805] ? __lock_acquire+0x568/0xae0 [ 102.255807] udl_render_hline+0x165/0x341 [udl] [ 102.260338] ? __pfx_udl_render_hline+0x10/0x10 [udl] [ 102.265379] ? local_clock_noinstr+0xb/0x100 [ 102.269642] ? __lock_release.isra.0+0x16c/0x2e0 [ 102.274246] ? mark_held_locks+0x40/0x70 [ 102.278177] udl_primary_plane_helper_atomic_update+0x43e/0x680 [udl] [ 102.284606] ? __pfx_udl_primary_plane_helper_atomic_update+0x10/0x10 [udl] [ 102.291551] ? lockdep_hardirqs_on_prepare.part.0+0x92/0x170 [ 102.297208] ? lockdep_hardirqs_on+0x88/0x130 [ 102.301554] ? _raw_spin_unlock_irq+0x24/0x50 [ 102.305901] ? wait_for_completion_timeout+0x2bb/0x3a0 [ 102.311028] ? drm_atomic_helper_calc_timestamping_constants+0x141/0x200 [ 102.317714] ? drm_atomic_helper_commit_planes+0x3b6/0x1030 [ 102.323279] drm_atomic_helper_commit_planes+0x3b6/0x1030 [ 102.328664] drm_atomic_helper_commit_tail+0x41/0xb0 [ 102.333622] commit_tail+0x204/0x330 [...] [ 102.529946] ---[ end trace 0000000000000000 ]--- [ 102.651980] RIP: 0010:udl_compress_hline16+0x219/0x940 [udl] In this stack strace, udl (based on GEM-SHMEM) imported and vmap'ed a dma-buf from amdgpu. Amdgpu relocated the buffer, thereby invalidating the mapping. Provide a custom dma-buf vmap method in amdgpu that pins the object before mapping it's buffer's pages into kernel address space. Do the opposite in vunmap. Note that dma-buf vmap differs from GEM vmap in how it handles relocation. While dma-buf vmap keeps the buffer in place, GEM vmap requires the caller to keep the buffer in place. Hence, this fix is in amdgpu's dma-buf code instead of its GEM code. A discussion of various approaches to solving the problem is available at [1]. Signed-off-by: Thomas Zimmermann <tzimmermann(a)suse.de> Fixes: 660cd44659a0 ("drm/shmem-helper: Import dmabuf without mapping its sg_table") Reported-by: Thomas Zimmermann <tzimmermann(a)suse.de> Closes: https://lore.kernel.org/dri-devel/ba1bdfb8-dbf7-4372-bdcb-df7e0511c702@suse… Cc: Shixiong Ou <oushixiong(a)kylinos.cn> Cc: Thomas Zimmermann <tzimmermann(a)suse.de> Cc: Maarten Lankhorst <maarten.lankhorst(a)linux.intel.com> Cc: Maxime Ripard <mripard(a)kernel.org> Cc: David Airlie <airlied(a)gmail.com> Cc: Simona Vetter <simona(a)ffwll.ch> Cc: Sumit Semwal <sumit.semwal(a)linaro.org> Cc: "Christian König" <christian.koenig(a)amd.com> Cc: dri-devel(a)lists.freedesktop.org Cc: linux-media(a)vger.kernel.org Cc: linaro-mm-sig(a)lists.linaro.org Link: https://lore.kernel.org/dri-devel/9792c6c3-a2b8-4b2b-b5ba-fba19b153e21@suse… # [1] --- drivers/gpu/drm/amd/amdgpu/amdgpu_dma_buf.c | 36 +++++++++++++++++++-- 1 file changed, 34 insertions(+), 2 deletions(-) diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_dma_buf.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_dma_buf.c index 5743ebb2f1b7..5b33776eeece 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_dma_buf.c +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_dma_buf.c @@ -285,6 +285,38 @@ static int amdgpu_dma_buf_begin_cpu_access(struct dma_buf *dma_buf, return ret; } +static int amdgpu_dma_buf_vmap(struct dma_buf *dma_buf, struct iosys_map *map) +{ + struct drm_gem_object *obj = dma_buf->priv; + struct amdgpu_bo *bo = gem_to_amdgpu_bo(obj); + int ret; + + /* + * Pin to keep buffer in place while it's vmap'ed. The actual + * location is not important as long as it's mapable. + * + * This code is required for exporting to GEM-SHMEM without S/G table. + * Once GEM-SHMEM supports dynamic imports, it should be dropped. + */ + ret = amdgpu_bo_pin(bo, AMDGPU_GEM_DOMAIN_MASK); + if (ret) + return ret; + ret = drm_gem_dmabuf_vmap(dma_buf, map); + if (ret) + amdgpu_bo_unpin(bo); + + return ret; +} + +static void amdgpu_dma_buf_vunmap(struct dma_buf *dma_buf, struct iosys_map *map) +{ + struct drm_gem_object *obj = dma_buf->priv; + struct amdgpu_bo *bo = gem_to_amdgpu_bo(obj); + + drm_gem_dmabuf_vunmap(dma_buf, map); + amdgpu_bo_unpin(bo); +} + const struct dma_buf_ops amdgpu_dmabuf_ops = { .attach = amdgpu_dma_buf_attach, .pin = amdgpu_dma_buf_pin, @@ -294,8 +326,8 @@ const struct dma_buf_ops amdgpu_dmabuf_ops = { .release = drm_gem_dmabuf_release, .begin_cpu_access = amdgpu_dma_buf_begin_cpu_access, .mmap = drm_gem_dmabuf_mmap, - .vmap = drm_gem_dmabuf_vmap, - .vunmap = drm_gem_dmabuf_vunmap, + .vmap = amdgpu_dma_buf_vmap, + .vunmap = amdgpu_dma_buf_vunmap, }; /** -- 2.50.1

4 months

Re: [PATCH 4/4] dma-buf/fence-chain: Speed up processing of rearmed callbacks

by Christian König

On 18.08.25 16:30, Janusz Krzysztofik wrote: > Hi Christian, > > On Thursday, 14 August 2025 14:24:29 CEST Christian König wrote: >> >> On 14.08.25 10:16, Janusz Krzysztofik wrote: >>> When first user starts waiting on a not yet signaled fence of a chain >>> link, a dma_fence_chain callback is added to a user fence of that link. >>> When the user fence of that chain link is then signaled, the chain is >>> traversed in search for a first not signaled link and the callback is >>> rearmed on a user fence of that link. >>> >>> Since chain fences may be exposed to user space, e.g. over drm_syncobj >>> IOCTLs, users may start waiting on any link of the chain, then many links >>> of a chain may have signaling enabled and their callbacks added to their >>> user fences. Once an arbitrary user fence is signaled, all >>> dma_fence_chain callbacks added to it so far must be rearmed to another >>> user fence of the chain. In extreme scenarios, when all N links of a >>> chain are awaited and then signaled in reverse order, the dma_fence_chain >>> callback may be called up to N * (N + 1) / 2 times (an arithmetic series). >>> >>> To avoid that potential excessive accumulation of dma_fence_chain >>> callbacks, rearm a trimmed-down, signal only callback version to the base >>> fence of a previous link, if not yet signaled, otherwise just signal the >>> base fence of the current link instead of traversing the chain in search >>> for a first not signaled link and moving all callbacks collected so far to >>> a user fence of that link. >> >> Well clear NAK to that! You can easily overflow the kernel stack with that! > > I'll be happy to propose a better solution, but for that I need to understand > better your message. Could you please point out an exact piece of the > proposed code and/or describe a scenario where you can see the risk of stack > overflow? The sentence "rearm .. to the base fence of a previous link" sounds like you are trying to install a callback on the signaling to the previous chain element. That is exactly what I pointed out previously where you need to be super careful because when this chain signals the callbacks will execute recursively which means that you can trivially overflow the kernel stack if you have more than a handful of chain elements. In other words A waits for B, B waits for C, C waits for D etc.... when D finally signals it will call C which in turn calls B which in turn calls A. Even if the chain is a recursive data structure you absolutely can't use recursion for the handling of it. Maybe I misunderstood your textual description but reading a sentence like this rings all alarm bells here. Otherwise I can't see what the patch is supposed to be optimizing. >> >> Additional to this messing with the fence ops outside of the dma_fence code is an absolute no-go. > > Could you please explain what piece of code you are referring to when you say > "messing with the fence ops outside the dma_fence code"? If not this patch > then which particular one of this series did you mean? I'm assuming you > didn't mean drm_syncobj code that I mentioned in my commit descriptions. See below. > > Thanks, > Janusz > >> >> Regards, >> Christian. >> >>> >>> Closes: https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/12904 >>> Suggested-by: Chris Wilson <chris.p.wilson(a)linux.intel.com> >>> Signed-off-by: Janusz Krzysztofik <janusz.krzysztofik(a)linux.intel.com> >>> --- >>> drivers/dma-buf/dma-fence-chain.c | 101 +++++++++++++++++++++++++----- >>> 1 file changed, 84 insertions(+), 17 deletions(-) >>> >>> diff --git a/drivers/dma-buf/dma-fence-chain.c b/drivers/dma-buf/dma-fence-chain.c >>> index a8a90acf4f34d..90eff264ee05c 100644 >>> --- a/drivers/dma-buf/dma-fence-chain.c >>> +++ b/drivers/dma-buf/dma-fence-chain.c >>> @@ -119,46 +119,113 @@ static const char *dma_fence_chain_get_timeline_name(struct dma_fence *fence) >>> return "unbound"; >>> } >>> >>> -static void dma_fence_chain_irq_work(struct irq_work *work) >>> +static void signal_irq_work(struct irq_work *work) >>> { >>> struct dma_fence_chain *chain; >>> >>> chain = container_of(work, typeof(*chain), work); >>> >>> - /* Try to rearm the callback */ >>> - if (!dma_fence_chain_enable_signaling(&chain->base)) >>> - /* Ok, we are done. No more unsignaled fences left */ >>> - dma_fence_signal(&chain->base); >>> + dma_fence_signal(&chain->base); >>> dma_fence_put(&chain->base); >>> } >>> >>> -static void dma_fence_chain_cb(struct dma_fence *f, struct dma_fence_cb *cb) >>> +static void signal_cb(struct dma_fence *f, struct dma_fence_cb *cb) >>> +{ >>> + struct dma_fence_chain *chain; >>> + >>> + chain = container_of(cb, typeof(*chain), cb); >>> + init_irq_work(&chain->work, signal_irq_work); >>> + irq_work_queue(&chain->work); >>> +} >>> + >>> +static void rearm_irq_work(struct irq_work *work) >>> +{ >>> + struct dma_fence_chain *chain; >>> + struct dma_fence *prev; >>> + >>> + chain = container_of(work, typeof(*chain), work); >>> + >>> + rcu_read_lock(); >>> + prev = rcu_dereference(chain->prev); >>> + if (prev && dma_fence_add_callback(prev, &chain->cb, signal_cb)) >>> + prev = NULL; >>> + rcu_read_unlock(); >>> + if (prev) >>> + return; >>> + >>> + /* Ok, we are done. No more unsignaled fences left */ >>> + signal_irq_work(work); >>> +} >>> + >>> +static inline bool fence_is_signaled__nested(struct dma_fence *fence) >>> +{ >>> + if (test_bit(DMA_FENCE_FLAG_SIGNALED_BIT, &fence->flags)) >>> + return true; >>> + >>> + if (fence->ops->signaled && fence->ops->signaled(fence)) { Calling this outside of dma-fence.[ch] is a clear no-go. Regards, Christian. >>> + unsigned long flags; >>> + >>> + spin_lock_irqsave_nested(fence->lock, flags, SINGLE_DEPTH_NESTING); >>> + dma_fence_signal_locked(fence); >>> + spin_unlock_irqrestore(fence->lock, flags); >>> + >>> + return true; >>> + } >>> + >>> + return false; >>> +} >>> + >>> +static bool prev_is_signaled(struct dma_fence_chain *chain) >>> +{ >>> + struct dma_fence *prev; >>> + bool result; >>> + >>> + rcu_read_lock(); >>> + prev = rcu_dereference(chain->prev); >>> + result = !prev || fence_is_signaled__nested(prev); >>> + rcu_read_unlock(); >>> + >>> + return result; >>> +} >>> + >>> +static void rearm_or_signal_cb(struct dma_fence *f, struct dma_fence_cb *cb) >>> { >>> struct dma_fence_chain *chain; >>> >>> chain = container_of(cb, typeof(*chain), cb); >>> - init_irq_work(&chain->work, dma_fence_chain_irq_work); >>> + if (prev_is_signaled(chain)) { >>> + /* Ok, we are done. No more unsignaled fences left */ >>> + init_irq_work(&chain->work, signal_irq_work); >>> + } else { >>> + /* Try to rearm the callback */ >>> + init_irq_work(&chain->work, rearm_irq_work); >>> + } >>> + >>> irq_work_queue(&chain->work); >>> - dma_fence_put(f); >>> } >>> >>> static bool dma_fence_chain_enable_signaling(struct dma_fence *fence) >>> { >>> struct dma_fence_chain *head = to_dma_fence_chain(fence); >>> + int err = -ENOENT; >>> >>> - dma_fence_get(&head->base); >>> - dma_fence_chain_for_each(fence, &head->base) { >>> - struct dma_fence *f = dma_fence_chain_contained(fence); >>> + if (WARN_ON(!head)) >>> + return false; >>> >>> - dma_fence_get(f); >>> - if (!dma_fence_add_callback(f, &head->cb, dma_fence_chain_cb)) { >>> + dma_fence_get(fence); >>> + if (head->fence) >>> + err = dma_fence_add_callback(head->fence, &head->cb, rearm_or_signal_cb); >>> + if (err) { >>> + if (prev_is_signaled(head)) { >>> dma_fence_put(fence); >>> - return true; >>> + } else { >>> + init_irq_work(&head->work, rearm_irq_work); >>> + irq_work_queue(&head->work); >>> + err = 0; >>> } >>> - dma_fence_put(f); >>> } >>> - dma_fence_put(&head->base); >>> - return false; >>> + >>> + return !err; >>> } >>> >>> static bool dma_fence_chain_signaled(struct dma_fence *fence) >> >> > > > >

4 months

[PATCH v2 0/3] udmabuf: Sync to attached devices

by Andrew Davis

Hello all, This series makes it so the udmabuf will sync the backing buffer with the set of attached devices as required for DMA-BUFs when doing {begin,end}_cpu_access. Thanks Andrew Changes for v2: - fix attachment table use-after-free - rebased on v6.17-rc1 Andrew Davis (3): udmabuf: Keep track current device mappings udmabuf: Sync buffer mappings for attached devices udmabuf: Use module_misc_device() to register this device drivers/dma-buf/udmabuf.c | 133 +++++++++++++++++++------------------- 1 file changed, 67 insertions(+), 66 deletions(-) -- 2.39.2

4 months

[PATCH] drm/gem-shmem: Pin and unpin buffers when importing w/o S/G table

by Thomas Zimmermann

Imported dma-buf objects need to be pinned while being vmap'ed into kernel address space. This used to be done before while creating an S/G table. GEM-SHMEN can import dma-buf objects without creating the S/G table, but the pin/unpin is now missing. Leads to page-mapping errors such as the one shown below. [ 102.101726] BUG: unable to handle page fault for address: ffffc90127000000 [...] [ 102.157102] RIP: 0010:udl_compress_hline16+0x219/0x940 [udl] [...] [ 102.243250] Call Trace: [ 102.245695] <TASK> [ 102.2477V95] ? validate_chain+0x24e/0x5e0 [ 102.251805] ? __lock_acquire+0x568/0xae0 [ 102.255807] udl_render_hline+0x165/0x341 [udl] [ 102.260338] ? __pfx_udl_render_hline+0x10/0x10 [udl] [ 102.265379] ? local_clock_noinstr+0xb/0x100 [ 102.269642] ? __lock_release.isra.0+0x16c/0x2e0 [ 102.274246] ? mark_held_locks+0x40/0x70 [ 102.278177] udl_primary_plane_helper_atomic_update+0x43e/0x680 [udl] [ 102.284606] ? __pfx_udl_primary_plane_helper_atomic_update+0x10/0x10 [udl] [ 102.291551] ? lockdep_hardirqs_on_prepare.part.0+0x92/0x170 [ 102.297208] ? lockdep_hardirqs_on+0x88/0x130 [ 102.301554] ? _raw_spin_unlock_irq+0x24/0x50 [ 102.305901] ? wait_for_completion_timeout+0x2bb/0x3a0 [ 102.311028] ? drm_atomic_helper_calc_timestamping_constants+0x141/0x200 [ 102.317714] ? drm_atomic_helper_commit_planes+0x3b6/0x1030 [ 102.323279] drm_atomic_helper_commit_planes+0x3b6/0x1030 [ 102.328664] drm_atomic_helper_commit_tail+0x41/0xb0 [ 102.333622] commit_tail+0x204/0x330 [...] [ 102.529946] ---[ end trace 0000000000000000 ]--- [ 102.651980] RIP: 0010:udl_compress_hline16+0x219/0x940 [udl] Support pin/unpin in drm_buf_map_attachment() without creating an S/G table. Passing DMA_NONE for the DMA direction will only pin. Do the inverse for unmap_attachment(). Modify GEM-SHMEM accordingly, so that it pins the imported dma-buf. Signed-off-by: Thomas Zimmermann <tzimmermann(a)suse.de> Fixes: 660cd44659a0 ("drm/shmem-helper: Import dmabuf without mapping its sg_table") Reported-by: Thomas Zimmermann <tzimmermann(a)suse.de> Closes: https://lore.kernel.org/dri-devel/ba1bdfb8-dbf7-4372-bdcb-df7e0511c702@suse… Cc: Shixiong Ou <oushixiong(a)kylinos.cn> Cc: Thomas Zimmermann <tzimmermann(a)suse.de> Cc: Maarten Lankhorst <maarten.lankhorst(a)linux.intel.com> Cc: Maxime Ripard <mripard(a)kernel.org> Cc: David Airlie <airlied(a)gmail.com> Cc: Simona Vetter <simona(a)ffwll.ch> Cc: Sumit Semwal <sumit.semwal(a)linaro.org> Cc: "Christian König" <christian.koenig(a)amd.com> Cc: dri-devel(a)lists.freedesktop.org Cc: linux-media(a)vger.kernel.org Cc: linaro-mm-sig(a)lists.linaro.org --- drivers/dma-buf/dma-buf.c | 16 +++++++++++++--- drivers/gpu/drm/drm_gem_shmem_helper.c | 11 ++++++++++- drivers/gpu/drm/drm_prime.c | 2 ++ 3 files changed, 25 insertions(+), 4 deletions(-) diff --git a/drivers/dma-buf/dma-buf.c b/drivers/dma-buf/dma-buf.c index 2bcf9ceca997..f1e1385ce630 100644 --- a/drivers/dma-buf/dma-buf.c +++ b/drivers/dma-buf/dma-buf.c @@ -1086,7 +1086,8 @@ EXPORT_SYMBOL_NS_GPL(dma_buf_unpin, "DMA_BUF"); * @direction: [in] direction of DMA transfer * * Returns sg_table containing the scatterlist to be returned; returns ERR_PTR - * on error. May return -EINTR if it is interrupted by a signal. + * on error. May return -EINTR if it is interrupted by a signal. Returns NULL + * on success iff direction is DMA_NONE. * * On success, the DMA addresses and lengths in the returned scatterlist are * PAGE_SIZE aligned. @@ -1122,6 +1123,8 @@ struct sg_table *dma_buf_map_attachment(struct dma_buf_attachment *attach, if (ret) return ERR_PTR(ret); } + if (!valid_dma_direction(direction)) + return NULL; /* only pin; don't map */ sg_table = attach->dmabuf->ops->map_dma_buf(attach, direction); if (!sg_table) @@ -1216,14 +1219,21 @@ void dma_buf_unmap_attachment(struct dma_buf_attachment *attach, { might_sleep(); - if (WARN_ON(!attach || !attach->dmabuf || !sg_table)) + if (WARN_ON(!attach || !attach->dmabuf)) return; dma_resv_assert_held(attach->dmabuf->resv); + if (!valid_dma_direction(direction)) + goto unpin; + + if (WARN_ON(!sg_table)) + return; + mangle_sg_table(sg_table); attach->dmabuf->ops->unmap_dma_buf(attach, sg_table, direction); +unpin: if (dma_buf_pin_on_map(attach)) attach->dmabuf->ops->unpin(attach); } @@ -1245,7 +1255,7 @@ void dma_buf_unmap_attachment_unlocked(struct dma_buf_attachment *attach, { might_sleep(); - if (WARN_ON(!attach || !attach->dmabuf || !sg_table)) + if (WARN_ON(!attach || !attach->dmabuf)) return; dma_resv_lock(attach->dmabuf->resv, NULL); diff --git a/drivers/gpu/drm/drm_gem_shmem_helper.c b/drivers/gpu/drm/drm_gem_shmem_helper.c index 5d1349c34afd..1b66501420d3 100644 --- a/drivers/gpu/drm/drm_gem_shmem_helper.c +++ b/drivers/gpu/drm/drm_gem_shmem_helper.c @@ -817,6 +817,7 @@ struct drm_gem_object *drm_gem_shmem_prime_import_no_map(struct drm_device *dev, struct dma_buf *dma_buf) { struct dma_buf_attachment *attach; + struct sg_table *sgt; struct drm_gem_shmem_object *shmem; struct drm_gem_object *obj; size_t size; @@ -838,12 +839,18 @@ struct drm_gem_object *drm_gem_shmem_prime_import_no_map(struct drm_device *dev, get_dma_buf(dma_buf); + sgt = dma_buf_map_attachment_unlocked(attach, DMA_NONE); + if (IS_ERR(sgt)) { + ret = PTR_ERR(sgt); + goto fail_detach; + } + size = PAGE_ALIGN(attach->dmabuf->size); shmem = __drm_gem_shmem_create(dev, size, true, NULL); if (IS_ERR(shmem)) { ret = PTR_ERR(shmem); - goto fail_detach; + goto fail_unmap; } drm_dbg_prime(dev, "size = %zu\n", size); @@ -853,6 +860,8 @@ struct drm_gem_object *drm_gem_shmem_prime_import_no_map(struct drm_device *dev, return &shmem->base; +fail_unmap: + dma_buf_unmap_attachment_unlocked(attach, sgt, DMA_NONE); fail_detach: dma_buf_detach(dma_buf, attach); dma_buf_put(dma_buf); diff --git a/drivers/gpu/drm/drm_prime.c b/drivers/gpu/drm/drm_prime.c index 43a10b4af43a..b3b070868e3b 100644 --- a/drivers/gpu/drm/drm_prime.c +++ b/drivers/gpu/drm/drm_prime.c @@ -1109,6 +1109,8 @@ void drm_prime_gem_destroy(struct drm_gem_object *obj, struct sg_table *sg) attach = obj->import_attach; if (sg) dma_buf_unmap_attachment_unlocked(attach, sg, DMA_BIDIRECTIONAL); + else + dma_buf_unmap_attachment_unlocked(attach, NULL, DMA_NONE); dma_buf = attach->dmabuf; dma_buf_detach(attach->dmabuf, attach); /* remove the reference */ -- 2.50.1

4 months

[PATCH v2 0/2] accel: Add Arm Ethos-U NPU

by Rob Herring (Arm)

The Arm Ethos-U65/85 NPUs are designed for edge AI inference applications[0]. The driver works with Mesa Teflon. A merge request for Ethos support is here[1]. The UAPI should also be compatible with the downstream (open source) driver stack[2] and Vela compiler though that has not been implemented. Testing so far has been on i.MX93 boards with Ethos-U65. Support for U85 is still todo. Only minor changes on driver side will be needed for U85 support. A git tree is here[3]. Rob [0] https://www.arm.com/products/silicon-ip-cpu?families=ethos%20npus [1] https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/36699/ [2] https://gitlab.arm.com/artificial-intelligence/ethos-u/ [3] git://git.kernel.org/pub/scm/linux/kernel/git/robh/linux.git ethos-v2 Signed-off-by: Rob Herring (Arm) <robh(a)kernel.org> --- Changes in v2: - Rebase on v6.17-rc1 adapting to scheduler changes - scheduler: Drop the reset workqueue. According to the scheduler docs, we don't need it since we have a single h/w queue. - scheduler: Rework the timeout handling to continue running if we are making progress. Fixes timeouts on larger jobs. - Reset the NPU on resume so it's in a known state - Add error handling on clk_get() calls - Fix drm_mm splat on module unload. We were missing a put on the cmdstream BO in the scheduler clean-up. - Fix 0-day report needing explicit bitfield.h include - Link to v1: https://lore.kernel.org/r/20250722-ethos-v1-0-cc1c5a0cbbfb@kernel.org --- Rob Herring (Arm) (2): dt-bindings: npu: Add Arm Ethos-U65/U85 accel: Add Arm Ethos-U NPU driver .../devicetree/bindings/npu/arm,ethos.yaml | 79 +++ MAINTAINERS | 9 + drivers/accel/Kconfig | 1 + drivers/accel/Makefile | 1 + drivers/accel/ethos/Kconfig | 10 + drivers/accel/ethos/Makefile | 4 + drivers/accel/ethos/ethos_device.h | 181 ++++++ drivers/accel/ethos/ethos_drv.c | 418 ++++++++++++ drivers/accel/ethos/ethos_drv.h | 15 + drivers/accel/ethos/ethos_gem.c | 707 +++++++++++++++++++++ drivers/accel/ethos/ethos_gem.h | 46 ++ drivers/accel/ethos/ethos_job.c | 514 +++++++++++++++ drivers/accel/ethos/ethos_job.h | 41 ++ include/uapi/drm/ethos_accel.h | 262 ++++++++ 14 files changed, 2288 insertions(+) --- base-commit: 8f5ae30d69d7543eee0d70083daf4de8fe15d585 change-id: 20250715-ethos-3fdd39ef6f19 Best regards, -- Rob Herring (Arm) <robh(a)kernel.org>

4 months, 1 week

Re: [PATCH 4/4] dma-buf/fence-chain: Speed up processing of rearmed callbacks

by Christian König

On 14.08.25 10:16, Janusz Krzysztofik wrote: > When first user starts waiting on a not yet signaled fence of a chain > link, a dma_fence_chain callback is added to a user fence of that link. > When the user fence of that chain link is then signaled, the chain is > traversed in search for a first not signaled link and the callback is > rearmed on a user fence of that link. > > Since chain fences may be exposed to user space, e.g. over drm_syncobj > IOCTLs, users may start waiting on any link of the chain, then many links > of a chain may have signaling enabled and their callbacks added to their > user fences. Once an arbitrary user fence is signaled, all > dma_fence_chain callbacks added to it so far must be rearmed to another > user fence of the chain. In extreme scenarios, when all N links of a > chain are awaited and then signaled in reverse order, the dma_fence_chain > callback may be called up to N * (N + 1) / 2 times (an arithmetic series). > > To avoid that potential excessive accumulation of dma_fence_chain > callbacks, rearm a trimmed-down, signal only callback version to the base > fence of a previous link, if not yet signaled, otherwise just signal the > base fence of the current link instead of traversing the chain in search > for a first not signaled link and moving all callbacks collected so far to > a user fence of that link. Well clear NAK to that! You can easily overflow the kernel stack with that! Additional to this messing with the fence ops outside of the dma_fence code is an absolute no-go. Regards, Christian. > > Closes: https://gitlab.freedesktop.org/drm/i915/kernel/-/issues/12904 > Suggested-by: Chris Wilson <chris.p.wilson(a)linux.intel.com> > Signed-off-by: Janusz Krzysztofik <janusz.krzysztofik(a)linux.intel.com> > --- > drivers/dma-buf/dma-fence-chain.c | 101 +++++++++++++++++++++++++----- > 1 file changed, 84 insertions(+), 17 deletions(-) > > diff --git a/drivers/dma-buf/dma-fence-chain.c b/drivers/dma-buf/dma-fence-chain.c > index a8a90acf4f34d..90eff264ee05c 100644 > --- a/drivers/dma-buf/dma-fence-chain.c > +++ b/drivers/dma-buf/dma-fence-chain.c > @@ -119,46 +119,113 @@ static const char *dma_fence_chain_get_timeline_name(struct dma_fence *fence) > return "unbound"; > } > > -static void dma_fence_chain_irq_work(struct irq_work *work) > +static void signal_irq_work(struct irq_work *work) > { > struct dma_fence_chain *chain; > > chain = container_of(work, typeof(*chain), work); > > - /* Try to rearm the callback */ > - if (!dma_fence_chain_enable_signaling(&chain->base)) > - /* Ok, we are done. No more unsignaled fences left */ > - dma_fence_signal(&chain->base); > + dma_fence_signal(&chain->base); > dma_fence_put(&chain->base); > } > > -static void dma_fence_chain_cb(struct dma_fence *f, struct dma_fence_cb *cb) > +static void signal_cb(struct dma_fence *f, struct dma_fence_cb *cb) > +{ > + struct dma_fence_chain *chain; > + > + chain = container_of(cb, typeof(*chain), cb); > + init_irq_work(&chain->work, signal_irq_work); > + irq_work_queue(&chain->work); > +} > + > +static void rearm_irq_work(struct irq_work *work) > +{ > + struct dma_fence_chain *chain; > + struct dma_fence *prev; > + > + chain = container_of(work, typeof(*chain), work); > + > + rcu_read_lock(); > + prev = rcu_dereference(chain->prev); > + if (prev && dma_fence_add_callback(prev, &chain->cb, signal_cb)) > + prev = NULL; > + rcu_read_unlock(); > + if (prev) > + return; > + > + /* Ok, we are done. No more unsignaled fences left */ > + signal_irq_work(work); > +} > + > +static inline bool fence_is_signaled__nested(struct dma_fence *fence) > +{ > + if (test_bit(DMA_FENCE_FLAG_SIGNALED_BIT, &fence->flags)) > + return true; > + > + if (fence->ops->signaled && fence->ops->signaled(fence)) { > + unsigned long flags; > + > + spin_lock_irqsave_nested(fence->lock, flags, SINGLE_DEPTH_NESTING); > + dma_fence_signal_locked(fence); > + spin_unlock_irqrestore(fence->lock, flags); > + > + return true; > + } > + > + return false; > +} > + > +static bool prev_is_signaled(struct dma_fence_chain *chain) > +{ > + struct dma_fence *prev; > + bool result; > + > + rcu_read_lock(); > + prev = rcu_dereference(chain->prev); > + result = !prev || fence_is_signaled__nested(prev); > + rcu_read_unlock(); > + > + return result; > +} > + > +static void rearm_or_signal_cb(struct dma_fence *f, struct dma_fence_cb *cb) > { > struct dma_fence_chain *chain; > > chain = container_of(cb, typeof(*chain), cb); > - init_irq_work(&chain->work, dma_fence_chain_irq_work); > + if (prev_is_signaled(chain)) { > + /* Ok, we are done. No more unsignaled fences left */ > + init_irq_work(&chain->work, signal_irq_work); > + } else { > + /* Try to rearm the callback */ > + init_irq_work(&chain->work, rearm_irq_work); > + } > + > irq_work_queue(&chain->work); > - dma_fence_put(f); > } > > static bool dma_fence_chain_enable_signaling(struct dma_fence *fence) > { > struct dma_fence_chain *head = to_dma_fence_chain(fence); > + int err = -ENOENT; > > - dma_fence_get(&head->base); > - dma_fence_chain_for_each(fence, &head->base) { > - struct dma_fence *f = dma_fence_chain_contained(fence); > + if (WARN_ON(!head)) > + return false; > > - dma_fence_get(f); > - if (!dma_fence_add_callback(f, &head->cb, dma_fence_chain_cb)) { > + dma_fence_get(fence); > + if (head->fence) > + err = dma_fence_add_callback(head->fence, &head->cb, rearm_or_signal_cb); > + if (err) { > + if (prev_is_signaled(head)) { > dma_fence_put(fence); > - return true; > + } else { > + init_irq_work(&head->work, rearm_irq_work); > + irq_work_queue(&head->work); > + err = 0; > } > - dma_fence_put(f); > } > - dma_fence_put(&head->base); > - return false; > + > + return !err; > } > > static bool dma_fence_chain_signaled(struct dma_fence *fence)

4 months, 1 week

Re: [PATCH v7 08/11] tee: add Qualcomm TEE driver

by kernel test robot

Hi Amirreza, kernel test robot noticed the following build warnings: [auto build test WARNING on 2674d1eadaa2fd3a918dfcdb6d0bb49efe8a8bb9] url: https://github.com/intel-lab-lkp/linux/commits/Amirreza-Zarrabi/tee-allow-a… base: 2674d1eadaa2fd3a918dfcdb6d0bb49efe8a8bb9 patch link: https://lore.kernel.org/r/20250812-qcom-tee-using-tee-ss-without-mem-obj-v7… patch subject: [PATCH v7 08/11] tee: add Qualcomm TEE driver config: hexagon-randconfig-r072-20250814 (https://download.01.org/0day-ci/archive/20250814/202508140527.ighXikjo-lkp@…) compiler: clang version 22.0.0git (https://github.com/llvm/llvm-project 3769ce013be2879bf0b329c14a16f5cb766f26ce) reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20250814/202508140527.ighXikjo-lkp@…) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <lkp(a)intel.com> | Closes: https://lore.kernel.org/oe-kbuild-all/202508140527.ighXikjo-lkp@intel.com/ All warnings (new ones prefixed by >>): >> drivers/tee/qcomtee/user_obj.c:384:12: warning: format specifies type 'unsigned long' but the argument has type 'u64' (aka 'unsigned long long') [-Wformat] 383 | &qcomtee_user_object_ops, "uo-%lu", | ~~~ | %llu 384 | param->u.objref.id); | ^~~~~~~~~~~~~~~~~~ 1 warning generated. vim +384 drivers/tee/qcomtee/user_obj.c 355 356 /** 357 * qcomtee_user_param_to_object() - OBJREF parameter to &struct qcomtee_object. 358 * @object: object returned. 359 * @param: TEE parameter. 360 * @ctx: context in which the conversion should happen. 361 * 362 * @param is an OBJREF with %QCOMTEE_OBJREF_FLAG_USER flags. 363 * 364 * Return: On success, returns 0; on failure, returns < 0. 365 */ 366 int qcomtee_user_param_to_object(struct qcomtee_object **object, 367 struct tee_param *param, 368 struct tee_context *ctx) 369 { 370 struct qcomtee_user_object *user_object __free(kfree) = NULL; 371 int err; 372 373 user_object = kzalloc(sizeof(*user_object), GFP_KERNEL); 374 if (!user_object) 375 return -ENOMEM; 376 377 user_object->ctx = ctx; 378 user_object->object_id = param->u.objref.id; 379 /* By default, always notify userspace upon release. */ 380 user_object->notify = true; 381 err = qcomtee_object_user_init(&user_object->object, 382 QCOMTEE_OBJECT_TYPE_CB, 383 &qcomtee_user_object_ops, "uo-%lu", > 384 param->u.objref.id); 385 if (err) 386 return err; 387 /* Matching teedev_ctx_put() is in qcomtee_user_object_release(). */ 388 teedev_ctx_get(ctx); 389 390 *object = &no_free_ptr(user_object)->object; 391 392 return 0; 393 } 394 -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests/wiki

4 months, 1 week

Re: [PATCH v7 00/11] Trusted Execution Environment (TEE) driver for Qualcomm TEE (QTEE)

by Jens Wiklander

Hi Amir, On Wed, Aug 13, 2025 at 2:37 AM Amirreza Zarrabi <amirreza.zarrabi(a)oss.qualcomm.com> wrote: > > This patch series introduces a Trusted Execution Environment (TEE) > driver for Qualcomm TEE (QTEE). QTEE enables Trusted Applications (TAs) > and services to run securely. It uses an object-based interface, where > each service is an object with sets of operations. Clients can invoke > these operations on objects, which can generate results, including other > objects. For example, an object can load a TA and return another object > that represents the loaded TA, allowing access to its services. > There are some build errors/warnings for arm and x86_64, see https://tuxapi.tuxsuite.com/v1/groups/linaro/projects/jens/plans/31DmCOn1pF… Thanks, Jens

4 months, 1 week

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

Linaro-mm-sig