Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 45f1a214 authored by Srinu Gorle's avatar Srinu Gorle
Browse files

msm: vidc: Skip session id validation for HFI_EVENT_SYS_ERROR 



When SSR is triggered from driver, firmware is responding with session id
as 0X0000dead. Hence, firmware response is being discarded due to such
invalid session id. Skip session id validation for HFI_EVENT_SYS_ERROR
event type.

Change-Id: I750a7332baab4ebeb7702b49ffb744aae9803a36
CRs-Fixed: 539080
Signed-off-by: default avatarSrinu Gorle <sgorle@codeaurora.org>
parent 54938e72

drivers/media/platform/msm/vidc/hfi_response_handler.c

+64 −63
Original line number Diff line number Diff line
@@ -78,7 +78,7 @@ static enum vidc_status hfi_map_err_status(int hfi_err) 
	return vidc_err;

}



static int sanitize_session_pkt(struct list_head *sessions,

static int validate_session_pkt(struct list_head *sessions,

		struct hal_session *sess, struct mutex *session_lock)

{

	struct hal_session *session;
@@ -184,8 +184,10 @@ static void hfi_process_session_error( 
}

static void hfi_process_event_notify(

		msm_vidc_callback callback, u32 device_id,

		struct hfi_msg_event_notify_packet *pkt)

		struct hfi_msg_event_notify_packet *pkt,

		struct list_head *sessions, struct mutex *session_lock)

{

	struct hal_session *sess = NULL;

	dprintk(VIDC_DBG, "RECVD:EVENT_NOTIFY");



	if (!callback || !pkt ||
@@ -193,6 +195,7 @@ static void hfi_process_event_notify( 
		dprintk(VIDC_ERR, "Invalid Params");

		return;

	}

	sess = (struct hal_session *)pkt->session_id;



	switch (pkt->event_id) {

	case HFI_EVENT_SYS_ERROR:
@@ -202,11 +205,14 @@ static void hfi_process_event_notify( 
		break;

	case HFI_EVENT_SESSION_ERROR:

		dprintk(VIDC_ERR, "HFI_EVENT_SESSION_ERROR");

		if (!validate_session_pkt(sessions, sess, session_lock))

			hfi_process_session_error(callback, device_id, pkt);

		break;

	case HFI_EVENT_SESSION_SEQUENCE_CHANGED:

		dprintk(VIDC_INFO, "HFI_EVENT_SESSION_SEQUENCE_CHANGED");

		hfi_process_sess_evt_seq_changed(callback, device_id, pkt);

		if (!validate_session_pkt(sessions, sess, session_lock))

			hfi_process_sess_evt_seq_changed(callback,

				device_id, pkt);

		break;

	case HFI_EVENT_SESSION_PROPERTY_CHANGED:

		dprintk(VIDC_INFO, "HFI_EVENT_SESSION_PROPERTY_CHANGED");
@@ -1139,7 +1145,7 @@ u32 hfi_process_msg_packet( 
		struct list_head *sessions, struct mutex *session_lock)

{

	u32 rc = 0;

	struct hal_session *sess;

	struct hal_session *sess = NULL;

	if (!callback || !msg_hdr || msg_hdr->size <

		VIDC_IFACEQ_MIN_PKT_SIZE) {

		dprintk(VIDC_ERR, "hal_process_msg_packet:bad"
@@ -1148,21 +1154,16 @@ u32 hfi_process_msg_packet( 
		return rc;

	}



#define SANITIZE_SESSION_PKT(msg_pkt) ({ \

		sess = (struct hal_session *) \

				(((struct vidc_hal_session_cmd_pkt *) \

				msg_pkt)->session_id); \

		if (sanitize_session_pkt(sessions, sess, session_lock)) \

			break; \

	})



	dprintk(VIDC_INFO, "Received: 0x%x in ", msg_hdr->packet);

	rc = (u32) msg_hdr->packet;

	sess = (struct hal_session *)((struct

			vidc_hal_session_cmd_pkt*) msg_hdr)->session_id;



	switch (msg_hdr->packet) {

	case HFI_MSG_EVENT_NOTIFY:

		SANITIZE_SESSION_PKT(msg_hdr);

		hfi_process_event_notify(callback, device_id,

			(struct hfi_msg_event_notify_packet *) msg_hdr);

			(struct hfi_msg_event_notify_packet *) msg_hdr,

			sessions, session_lock);

		break;

	case  HFI_MSG_SYS_INIT_DONE:

		hfi_process_sys_init_done(callback, device_id,
@@ -1173,7 +1174,7 @@ u32 hfi_process_msg_packet( 
	case HFI_MSG_SYS_PC_PREP_DONE:

		break;

	case HFI_MSG_SYS_SESSION_INIT_DONE:

		SANITIZE_SESSION_PKT(msg_hdr);

		if (!validate_session_pkt(sessions, sess, session_lock))

			hfi_process_session_init_done(callback, device_id,

				(struct hfi_msg_sys_session_init_done_packet *)

						msg_hdr);
@@ -1184,53 +1185,54 @@ u32 hfi_process_msg_packet( 
			msg_hdr);

		break;

	case HFI_MSG_SYS_SESSION_END_DONE:

		SANITIZE_SESSION_PKT(msg_hdr);

		if (!validate_session_pkt(sessions, sess, session_lock))

			hfi_process_session_end_done(callback, device_id,

				(struct hfi_msg_sys_session_end_done_packet *)

						msg_hdr);

		break;

	case HFI_MSG_SESSION_LOAD_RESOURCES_DONE:

		SANITIZE_SESSION_PKT(msg_hdr);

		if (!validate_session_pkt(sessions, sess, session_lock))

			hfi_process_session_load_res_done(callback, device_id,

			(struct hfi_msg_session_load_resources_done_packet *)

						msg_hdr);

		break;

	case HFI_MSG_SESSION_START_DONE:

		SANITIZE_SESSION_PKT(msg_hdr);

		if (!validate_session_pkt(sessions, sess, session_lock))

			hfi_process_session_start_done(callback, device_id,

				(struct hfi_msg_session_start_done_packet *)

						msg_hdr);

		break;

	case HFI_MSG_SESSION_STOP_DONE:

		SANITIZE_SESSION_PKT(msg_hdr);

		if (!validate_session_pkt(sessions, sess, session_lock))

			hfi_process_session_stop_done(callback, device_id,

				(struct hfi_msg_session_stop_done_packet *)

						msg_hdr);

		break;

	case HFI_MSG_SESSION_EMPTY_BUFFER_DONE:

		SANITIZE_SESSION_PKT(msg_hdr);

		if (!validate_session_pkt(sessions, sess, session_lock))

			hfi_process_session_etb_done(callback, device_id,

			(struct hfi_msg_session_empty_buffer_done_packet *)

						msg_hdr);

		break;

	case HFI_MSG_SESSION_FILL_BUFFER_DONE:

		SANITIZE_SESSION_PKT(msg_hdr);

		hfi_process_session_ftb_done(callback, device_id, msg_hdr);

		if (!validate_session_pkt(sessions, sess, session_lock))

			hfi_process_session_ftb_done(callback, device_id,

						msg_hdr);

		break;

	case HFI_MSG_SESSION_FLUSH_DONE:

		SANITIZE_SESSION_PKT(msg_hdr);

		if (!validate_session_pkt(sessions, sess, session_lock))

			hfi_process_session_flush_done(callback, device_id,

				(struct hfi_msg_session_flush_done_packet *)

						msg_hdr);

		break;

	case HFI_MSG_SESSION_PROPERTY_INFO:

		SANITIZE_SESSION_PKT(msg_hdr);

		if (!validate_session_pkt(sessions, sess, session_lock))

			hfi_process_session_prop_info(callback, device_id,

				(struct hfi_msg_session_property_info_packet *)

						msg_hdr);

		break;

	case HFI_MSG_SESSION_RELEASE_RESOURCES_DONE:

		SANITIZE_SESSION_PKT(msg_hdr);

		if (!validate_session_pkt(sessions, sess, session_lock))

			hfi_process_session_rel_res_done(callback, device_id,

			(struct hfi_msg_session_release_resources_done_packet *)

						msg_hdr);
@@ -1241,28 +1243,27 @@ u32 hfi_process_msg_packet( 
						msg_hdr);

		break;

	case HFI_MSG_SESSION_GET_SEQUENCE_HEADER_DONE:

		SANITIZE_SESSION_PKT(msg_hdr);

		if (!validate_session_pkt(sessions, sess, session_lock))

			hfi_process_session_get_seq_hdr_done(

			callback, device_id, (struct

			hfi_msg_session_get_sequence_header_done_packet*)

						msg_hdr);

		break;

	case HFI_MSG_SESSION_RELEASE_BUFFERS_DONE:

		SANITIZE_SESSION_PKT(msg_hdr);

		hfi_process_session_rel_buf_done(

			callback, device_id, (struct

			hfi_msg_session_release_buffers_done_packet*)

		if (!validate_session_pkt(sessions, sess, session_lock))

			hfi_process_session_rel_buf_done(callback, device_id,

			(struct hfi_msg_session_release_buffers_done_packet *)

						msg_hdr);

		break;

	case HFI_MSG_SYS_SESSION_ABORT_DONE:

		SANITIZE_SESSION_PKT(msg_hdr);

		hfi_process_session_abort_done(callback, device_id, (struct

			hfi_msg_sys_session_abort_done_packet*) msg_hdr);

		if (!validate_session_pkt(sessions, sess, session_lock))

			hfi_process_session_abort_done(callback, device_id,

			(struct hfi_msg_sys_session_abort_done_packet *)

						msg_hdr);

		break;

	default:

		dprintk(VIDC_DBG, "UNKNOWN_MSG_TYPE : %d", msg_hdr->packet);

		break;

	}

#undef SANITIZE_SESSION_PKT

	return rc;

}