On Wed, 16 Jun 2021, Claire Chang wrote:
Introduce the new compatible string, restricted-dma-pool, for restricted DMA. One can specify the address and length of the restricted DMA memory region by restricted-dma-pool in the reserved-memory node.
Signed-off-by: Claire Chang tientzu@chromium.org
.../reserved-memory/reserved-memory.txt | 36 +++++++++++++++++-- 1 file changed, 33 insertions(+), 3 deletions(-)
diff --git a/Documentation/devicetree/bindings/reserved-memory/reserved-memory.txt b/Documentation/devicetree/bindings/reserved-memory/reserved-memory.txt index e8d3096d922c..46804f24df05 100644 --- a/Documentation/devicetree/bindings/reserved-memory/reserved-memory.txt +++ b/Documentation/devicetree/bindings/reserved-memory/reserved-memory.txt @@ -51,6 +51,23 @@ compatible (optional) - standard definition used as a shared pool of DMA buffers for a set of devices. It can be used by an operating system to instantiate the necessary pool management subsystem if necessary.
- restricted-dma-pool: This indicates a region of memory meant to beused as a pool of restricted DMA buffers for a set of devices. Thememory region would be the only region accessible to those devices.When using this, the no-map and reusable properties must not be set,so the operating system can create a virtual mapping that will be usedfor synchronization. The main purpose for restricted DMA is tomitigate the lack of DMA access control on systems without an IOMMU,which could result in the DMA accessing the system memory atunexpected times and/or unexpected addresses, possibly leading to dataleakage or corruption. The feature on its own provides a basic levelof protection against the DMA overwriting buffer contents atunexpected times. However, to protect against general data leakage andsystem memory corruption, the system needs to provide way to lock downthe memory access, e.g., MPU. Note that since coherent allocationneeds remapping, one must set up another device coherent pool byshared-dma-pool and use dma_alloc_from_dev_coherent instead for atomiccoherent allocation. - vendor specific string in the form <vendor>,[<device>-]<usage>no-map (optional) - empty property - Indicates the operating system must not create a virtual mapping @@ -85,10 +102,11 @@ memory-region-names (optional) - a list of names, one for each corresponding
Example
-This example defines 3 contiguous regions are defined for Linux kernel: +This example defines 4 contiguous regions for Linux kernel: one default of all device drivers (named linux,cma@72000000 and 64MiB in size), -one dedicated to the framebuffer device (named framebuffer@78000000, 8MiB), and -one for multimedia processing (named multimedia-memory@77000000, 64MiB). +one dedicated to the framebuffer device (named framebuffer@78000000, 8MiB), +one for multimedia processing (named multimedia-memory@77000000, 64MiB), and +one for restricted dma pool (named restricted_dma_reserved@0x50000000, 64MiB).
/ { #address-cells = <1>; @@ -120,6 +138,11 @@ one for multimedia processing (named multimedia-memory@77000000, 64MiB). compatible = "acme,multimedia-memory"; reg = <0x77000000 0x4000000>; };
restricted_dma_reserved: restricted_dma_reserved {compatible = "restricted-dma-pool";reg = <0x50000000 0x4000000>;};};
/* ... */
@@ -138,4 +161,11 @@ one for multimedia processing (named multimedia-memory@77000000, 64MiB). memory-region = <&multimedia_reserved>; /* ... */ };
- pcie_device: pcie_device@0,0 {
reg = <0x83010000 0x0 0x00000000 0x0 0x001000000x83010000 0x0 0x00100000 0x0 0x00100000>;memory-region = <&restricted_dma_mem_reserved>;
Shouldn't it be &restricted_dma_reserved ?