| Message ID | 20240606165939.12950-9-quic_ekangupt@quicinc.com |
|---|---|
| State | New |
| Headers | show |
| Series | Add missing features to FastRPC driver | expand |
On Thu, Jun 06, 2024 at 10:29:28PM +0530, Ekansh Gupta wrote: > Audio PD daemon will allocate memory for audio PD dynamic loading > usage when it is attaching for the first time to audio PD. As > part of this, the memory ownership is moved to the VM where > audio PD can use it. In case daemon process is killed without any > impact to DSP audio PD, the daemon process will retry to attach to > audio PD and in this case memory won't be reallocated. If the invoke > fails due to any reason, as part of err_invoke, the memory ownership > is getting reassigned to HLOS even when the memory was not allocated. > At this time the audio PD might still be using the memory and an > attemp of ownership reassignment would result in memory issue. > > Fixes: 0871561055e6 ("misc: fastrpc: Add support for audiopd") Fixes before functional changes. > Cc: stable <stable@kernel.org> > Signed-off-by: Ekansh Gupta <quic_ekangupt@quicinc.com> > --- > drivers/misc/fastrpc.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/drivers/misc/fastrpc.c b/drivers/misc/fastrpc.c > index 3686b2d34741..68c1595446d5 100644 > --- a/drivers/misc/fastrpc.c > +++ b/drivers/misc/fastrpc.c > @@ -1334,6 +1334,7 @@ static int fastrpc_init_create_static_process(struct fastrpc_user *fl, > u64 phys = 0, size = 0; > char *name; > int err; > + bool scm_done = false; > struct { > int pgid; > u32 namelen; > @@ -1398,6 +1399,7 @@ static int fastrpc_init_create_static_process(struct fastrpc_user *fl, > phys, size, err); > goto err_map; > } > + scm_done = true; > } > } > > @@ -1439,7 +1441,7 @@ static int fastrpc_init_create_static_process(struct fastrpc_user *fl, > > return 0; > err_invoke: > - if (fl->cctx->vmcount) { > + if (fl->cctx->vmcount && scm_done) { > u64 src_perms = 0; > struct qcom_scm_vmperm dst_perms; > u32 i; > -- > 2.43.0 >
diff --git a/drivers/misc/fastrpc.c b/drivers/misc/fastrpc.c index 3686b2d34741..68c1595446d5 100644 --- a/drivers/misc/fastrpc.c +++ b/drivers/misc/fastrpc.c @@ -1334,6 +1334,7 @@ static int fastrpc_init_create_static_process(struct fastrpc_user *fl, u64 phys = 0, size = 0; char *name; int err; + bool scm_done = false; struct { int pgid; u32 namelen; @@ -1398,6 +1399,7 @@ static int fastrpc_init_create_static_process(struct fastrpc_user *fl, phys, size, err); goto err_map; } + scm_done = true; } } @@ -1439,7 +1441,7 @@ static int fastrpc_init_create_static_process(struct fastrpc_user *fl, return 0; err_invoke: - if (fl->cctx->vmcount) { + if (fl->cctx->vmcount && scm_done) { u64 src_perms = 0; struct qcom_scm_vmperm dst_perms; u32 i;
Audio PD daemon will allocate memory for audio PD dynamic loading usage when it is attaching for the first time to audio PD. As part of this, the memory ownership is moved to the VM where audio PD can use it. In case daemon process is killed without any impact to DSP audio PD, the daemon process will retry to attach to audio PD and in this case memory won't be reallocated. If the invoke fails due to any reason, as part of err_invoke, the memory ownership is getting reassigned to HLOS even when the memory was not allocated. At this time the audio PD might still be using the memory and an attemp of ownership reassignment would result in memory issue. Fixes: 0871561055e6 ("misc: fastrpc: Add support for audiopd") Cc: stable <stable@kernel.org> Signed-off-by: Ekansh Gupta <quic_ekangupt@quicinc.com> --- drivers/misc/fastrpc.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)