FROMLIST: media: iris: Enable Secure PAS support with IOMMU managed b…#653
Merged
dikshita-agarwal merged 1 commit intoqualcomm-linux:tech/mm/videofrom Feb 13, 2026
Merged
Conversation
vgarodia
reviewed
Feb 11, 2026
| return 0; | ||
|
|
||
| err_iommu_free: | ||
| iommu_domain_free(iommu_dom); |
vgarodia
reviewed
Feb 11, 2026
| res_size = resource_size(&res); | ||
|
|
||
| if (core->has_iommu) | ||
| dev = core->fw.dev; |
There was a problem hiding this comment.
Why there is a need for has_iommu ?
dev = core->fw.dev ? : core->dev;
vgarodia
reviewed
Feb 11, 2026
| if (ret) | ||
| goto err_mem_unmap; | ||
|
|
||
| if (core->has_iommu) { |
vgarodia
reviewed
Feb 11, 2026
|
|
||
| ctx = core->fw.ctx; | ||
| ret = qcom_scm_pas_shutdown(ctx->pas_id); | ||
| if (core->has_iommu) { |
vgarodia
reviewed
Feb 11, 2026
| if (!np) | ||
| return 0; | ||
|
|
||
| core->has_iommu = true; |
vgarodia
reviewed
Feb 11, 2026
|
|
||
| void iris_fw_deinit(struct iris_core *core) | ||
| { | ||
| if (!core->has_iommu) |
There was a problem hiding this comment.
..something like if (!fw dev) return 0;
dikshita-agarwal
force-pushed
the
video-KVM
branch
from
61dc622 to
a9d2b6f
Compare
…y Linux Most Qualcomm platforms feature a inhouse hypervisor (such as Gunyah or QHEE), which typically handles IOMMU configuration. This includes mapping memory regions and device memory resources for remote processors by intercepting qcom_scm_pas_auth_and_reset() calls. These mappings are later removed during teardown. Additionally, SHM bridge setup is required to enable memory protection for both remoteproc metadata and its memory regions. When the hypervisor is absent, the operating system must perform these configurations instead. Support for handling IOMMU and SHM setup in the absence of a hypervisor is now in place. Extend the Iris driver to enable this functionality on platforms where IOMMU is managed by Linux (i.e., non-Gunyah, non-QHEE). Additionally, the Iris driver must map the firmware and its required resources to the firmware SID, which is now specified via the device tree. Link: https://lore.kernel.org/lkml/20250819165447.4149674-12-mukesh.ojha@oss.qualcomm.com/ Signed-off-by: Vikash Garodia <vikash.garodia@oss.qualcomm.com> Signed-off-by: Mukesh Ojha <mukesh.ojha@oss.qualcomm.com>
dikshita-agarwal
force-pushed
the
video-KVM
branch
from
a9d2b6f to
9dc87eb
Compare
dikshita-agarwal
merged commit 31153be
into
qualcomm-linux:tech/mm/video
5 of 6 checks passed
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Most Qualcomm platforms feature a inhouse hypervisor (such as Gunyah or QHEE), which typically handles IOMMU configuration. This includes mapping memory regions and device memory resources for remote processors by intercepting qcom_scm_pas_auth_and_reset() calls. These mappings are later removed during teardown. Additionally, SHM bridge setup is required to enable memory protection for both remoteproc metadata and its memory regions.
When the hypervisor is absent, the operating system must perform these configurations instead.
Support for handling IOMMU and SHM setup in the absence of a hypervisor is now in place. Extend the Iris driver to enable this functionality on platforms where IOMMU is managed by Linux (i.e., non-Gunyah, non-QHEE).
Additionally, the Iris driver must map the firmware and its required resources to the firmware SID, which is now specified via the device tree.
Link: https://lore.kernel.org/lkml/20250819165447.4149674-12-mukesh.ojha@oss.qualcomm.com/
Exception JIRA: https://jira-dc.qualcomm.com/jira/browse/QLIJIRA-109
CRs-Fixed: 4345867