On 4/30/26 9:12 PM, Mukesh Ojha wrote: > Qualcomm remoteproc drivers such as qcom_q6v5_mss, which do not use the > Peripheral Authentication Service (PAS), always map the MBA region before > use and unmap it once the usage is complete. This behavior was introduced > to avoid issues seen in the past where speculative accesses from the > application processor to the MBA region after it was assigned to the remote > Q6 led to an XPU violation. The issue was mitigated by unmapping the region > before handing control to the remote Q6. > > Currently, most Qualcomm SoCs using the PAS driver run either with a > standalone QHEE or the Gunyah hypervisor. In these environments, the > hypervisor unmaps the Q6 memory from HLOS Stage-2 and remaps it into the > Q6 Stage-2 page table. As a result, speculative accesses from HLOS cannot > reach the region even if it remains mapped in HLOS Stage-1; therefore, XPU > violations cannot occur. > > However, when the same SoC runs Linux at EL2, Linux itself must perform the > unmapping to avoid such issues. It is still correct to apply this mapping/ > unmapping sequence even for SoCs that run under Gunyah, so this behavior > should not be conditional. > > Signed-off-by: Mukesh Ojha <[email protected]> > ---
Reviewed-by: Konrad Dybcio <[email protected]> Konrad
