On 11/4/25 8:35 AM, Mukesh Ojha wrote:
> Qualcomm remote processor may rely on Static and Dynamic resources for
> it to be functional. Static resources are fixed like for example,
> memory-mapped addresses required by the subsystem and dynamic
> resources, such as shared memory in DDR etc., are determined at
> runtime during the boot process.
>
> For most of the Qualcomm SoCs, when run with Gunyah or older QHEE
> hypervisor, all the resources whether it is static or dynamic, is
> managed by the hypervisor. Dynamic resources if it is present for a
> remote processor will always be coming from secure world via SMC call
> while static resources may be present in remote processor firmware
> binary or it may be coming qcom_scm_pas_get_rsc_table() SMC call along
> with dynamic resources.
[...]
> + /*
> + * TrustZone can not accept buffer as NULL value as argument Hence,
> + * we need to pass a input buffer indicating that subsystem firmware
> + * does not have resource table by filling resource table structure.
> + */
> + if (!input_rt)
> + input_rt_size = sizeof(*rsc);
Would the expected size of the received data ever be any different
than sizeof(*rsc) anyway?
[...]
> +int qcom_scm_pas_get_rsc_table(struct qcom_scm_pas_context *ctx, void
> *input_rt,
> + size_t input_rt_size, void **output_rt,
> + size_t *output_rt_size)
> +{
> + int ret;
> +
> + do {
> + *output_rt = kzalloc(*output_rt_size, GFP_KERNEL);
> + if (!*output_rt)
> + return -ENOMEM;
> +
> + ret = __qcom_scm_pas_get_rsc_table(ctx->pas_id, input_rt,
> + input_rt_size, output_rt,
> + output_rt_size);
> + if (ret)
> + kfree(*output_rt);
> +
> + } while (ret == -EAGAIN);
This should at the very least be limited to a number of retries
Konrad
