> Subject: Re: [PATCH V2 2/2] mailbox: introduce ARM SMC based mailbox
>
> On 6/3/19 1:30 AM, peng....@nxp.com wrote:
> > From: Peng Fan <peng....@nxp.com>
> >
> > This mailbox driver implements a mailbox which signals transmitted
> > data via an ARM smc (secure monitor call) instruction. The mailbox
> > receiver is implemented in firmware and can synchronously return data
> > when it returns execution to the non-secure world again.
> > An asynchronous receive path is not implemented.
> > This allows the usage of a mailbox to trigger firmware actions on SoCs
> > which either don't have a separate management processor or on which
> > such a core is not available. A user of this mailbox could be the SCP
> > interface.
> >
> > Modified from Andre Przywara's v2 patch
> > https://eur01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flore
> > .kernel.org%2Fpatchwork%2Fpatch%2F812999%2F&data=02%7C01%7
> Cpeng.fa
> >
> n%40nxp.com%7Caa396ba11ba244111fe408d6e8411fba%7C686ea1d3bc2b4
> c6fa92cd
> >
> 99c5c301635%7C0%7C0%7C636951763738548621&sdata=UlNESNg7I7
> 4TM9xp%2F
> > VMce4CSbMuJ95lh68cQw%2FnQMOw%3D&reserved=0
> >
> > Cc: Andre Przywara <andre.przyw...@arm.com>
> > Signed-off-by: Peng Fan <peng....@nxp.com>
> > ---
>
> [snip]
>
> +#define ARM_SMC_MBOX_USB_IRQ BIT(1)
>
> That flag appears unused.
I'll remove this in V3.
>
> > +static int arm_smc_mbox_probe(struct platform_device *pdev) {
> > + struct device *dev = &pdev->dev;
> > + struct mbox_controller *mbox;
> > + struct arm_smc_chan_data *chan_data;
> > + const char *method;
> > + bool use_hvc = false;
> > + int ret, irq_count, i;
> > + u32 val;
> > +
> > + if (!of_property_read_u32(dev->of_node, "arm,num-chans", &val)) {
> > + if (val < 1 || val > INT_MAX) {
> > + dev_err(dev, "invalid arm,num-chans value %u of
> > %pOFn\n",
> val, pdev->dev.of_node);
> > + return -EINVAL;
> > + }
> > + }
>
> Should not the upper bound check be done against UINT_MAX since val is an
> unsigned int?
Fix in V3.
>
> > +
> > + irq_count = platform_irq_count(pdev);
> > + if (irq_count == -EPROBE_DEFER)
> > + return irq_count;
> > +
> > + if (irq_count && irq_count != val) {
> > + dev_err(dev, "Interrupts not match num-chans\n");
>
> Interrupts property does not match \"arm,num-chans\" would be more
> correct.
Fix in V3.
>
> > + return -EINVAL;
> > + }
> > +
> > + if (!of_property_read_string(dev->of_node, "method", &method)) {
> > + if (!strcmp("hvc", method)) {
> > + use_hvc = true;
> > + } else if (!strcmp("smc", method)) {
> > + use_hvc = false;
> > + } else {
> > + dev_warn(dev, "invalid \"method\" property: %s\n",
> > + method);
> > +
> > + return -EINVAL;
> > + }
>
> Having at least one method specified does not seem to be checked later on in
> the code, so if I omitted to specify that property, we would still register
> the
> mailbox and default to use "smc" since the ARM_SMC_MBOX_USE_HVC flag
> would not be set, would not we want to make sure that we do have in fact a
> valid method specified given the binding documents that property as
> mandatory?
When arm_smc_send_data, it will check ARM_SMC_MBOX_USE_HVC,
you mean there are other places needs this flag check?
>
> [snip]
>
> > + mbox->txdone_poll = false;
> > + mbox->txdone_irq = false;
> > + mbox->ops = &arm_smc_mbox_chan_ops;
> > + mbox->dev = dev;
> > +
> > + ret = mbox_controller_register(mbox);
> > + if (ret)
> > + return ret;
> > +
> > + platform_set_drvdata(pdev, mbox);
>
> I would move this above mbox_controller_register() that way there is no room
> for race conditions in case another part of the driver expects to have
> pdev->dev.drvdata set before the mbox controller is registered.
Right.
> Since you use devm_* functions for everything, you may even remove that
> call.
You mean remove " platform_set_drvdata(pdev, mbox);" ?
>
> [snip]
>
> > +#ifndef _LINUX_ARM_SMC_MAILBOX_H_
> > +#define _LINUX_ARM_SMC_MAILBOX_H_
> > +
> > +struct arm_smccc_mbox_cmd {
> > + unsigned long a0, a1, a2, a3, a4, a5, a6, a7; };
>
> Do you expect this to be used by other in-kernel users? If so, it might be
> good
> to document how a0 can have a special meaning and be used as a substitute
> for the function_id?
This was to address comments here:
https://lore.kernel.org/patchwork/patch/812999/#1010433
Thanks,
Peng.
> --
> Florian
