From patchwork Wed Sep 11 11:50:49 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Huang Rui X-Patchwork-Id: 11140999 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 546FE14E5 for ; Wed, 11 Sep 2019 11:50:55 +0000 (UTC) Received: from gabe.freedesktop.org (gabe.freedesktop.org [131.252.210.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 3C89F20CC7 for ; Wed, 11 Sep 2019 11:50:55 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 3C89F20CC7 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=amd.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=dri-devel-bounces@lists.freedesktop.org Received: from gabe.freedesktop.org (localhost [127.0.0.1]) by gabe.freedesktop.org (Postfix) with ESMTP id 3F8756EAC0; Wed, 11 Sep 2019 11:50:54 +0000 (UTC) X-Original-To: dri-devel@lists.freedesktop.org Delivered-To: dri-devel@lists.freedesktop.org Received: from NAM02-BL2-obe.outbound.protection.outlook.com (mail-eopbgr750071.outbound.protection.outlook.com [40.107.75.71]) by gabe.freedesktop.org (Postfix) with ESMTPS id C1A5C6EABF; Wed, 11 Sep 2019 11:50:51 +0000 (UTC) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=LTaQQ8I4tPsL+bzhLUZ5l21AaJBAAiN97kYhErAO8Dv+vUqZ/gvgfry0Z1zvA4V2rP6wSLn7NX7iMDmPpOV0ov5inZb6eU0NZQ0yAJ38gLQKUXIFg+xurwYBJfa3ApHmWWkn3NBO50cvddwIaAi3IVoRtMmEecsIQou202GFZx/9x3Rz7q7H+zB2FbUtIXiDEW0kL0NnBq+MVht4JoiUPkIujHL0MyOP/Vsl+9LAE+saSHbohUtGkP5IEAQpHHRsZF/5CwwO0zGpPBkH+Iatl0ftQSD5HVWr+P3IQP+NDK5mb7RPSGHOkxTf2m6Fwm7pg1rJjKlxMjoqOeFmle/eig== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=i23x7E+IXkEnP4gtZ8uWh5WqSf4bhfJ2XqT5HoicJFc=; b=E0/CHtc1kz7q0HQnZZcSLG++RdRyDvvmDjofQqueoW/y3KXYjl4SFHCQdLeZP9elcgL9dvQbX6xk+3PLQH/OKP4A+hNNDh0r3TX92EXjH1mbVre7kamExK+0IS7oS9jnLP7C9OoD5hV7PeU5tHgxlQFZ9aXKqlsaXPqTBxHHbAFTZyM6YXFsUK7fnm6ctaBuGoyX7i29YMOVyVwKVvRJQvmJ6yDaXSVpIrmEeODtJTgrbOC91hNmCJXOpdzxJMN9SSl8LpswFbX9iPkaf/e53m3Qdercb+q+LvUfi8vg4CkTDBJP6Axi2xosQfAOjJJGZJW1HVOF+4uaA1UfIy8Lcw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none Received: from MN2PR12MB3309.namprd12.prod.outlook.com (20.179.83.157) by MN2PR12MB2942.namprd12.prod.outlook.com (20.179.84.27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2241.18; Wed, 11 Sep 2019 11:50:50 +0000 Received: from MN2PR12MB3309.namprd12.prod.outlook.com ([fe80::e105:cd24:c71d:c38d]) by MN2PR12MB3309.namprd12.prod.outlook.com ([fe80::e105:cd24:c71d:c38d%4]) with mapi id 15.20.2241.022; Wed, 11 Sep 2019 11:50:50 +0000 From: "Huang, Ray" To: "amd-gfx@lists.freedesktop.org" , "dri-devel@lists.freedesktop.org" , "Deucher, Alexander" Subject: [PATCH 14/14] drm/amdgpu: set TMZ bits in PTEs for secure bo (v2) Thread-Topic: [PATCH 14/14] drm/amdgpu: set TMZ bits in PTEs for secure bo (v2) Thread-Index: AQHVaJcopKpC1OzuDEifbwgZtSrWxw== Date: Wed, 11 Sep 2019 11:50:49 +0000 Message-ID: <1568202584-14471-15-git-send-email-ray.huang@amd.com> References: <1568202584-14471-1-git-send-email-ray.huang@amd.com> In-Reply-To: <1568202584-14471-1-git-send-email-ray.huang@amd.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [180.167.199.189] x-clientproxiedby: HK2PR04CA0046.apcprd04.prod.outlook.com (2603:1096:202:14::14) To MN2PR12MB3309.namprd12.prod.outlook.com (2603:10b6:208:106::29) x-ms-exchange-messagesentrepresentingtype: 1 x-mailer: git-send-email 2.7.4 x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: dd6c9886-9a64-4200-def2-08d736ae4a6a x-ms-office365-filtering-ht: Tenant x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600166)(711020)(4605104)(1401327)(4618075)(2017052603328)(7193020); SRVR:MN2PR12MB2942; x-ms-traffictypediagnostic: MN2PR12MB2942: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:9508; x-forefront-prvs: 0157DEB61B x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(39860400002)(366004)(346002)(376002)(136003)(396003)(199004)(189003)(478600001)(6486002)(53936002)(3846002)(26005)(6512007)(102836004)(6506007)(386003)(7736002)(66066001)(8676002)(81166006)(2616005)(11346002)(446003)(476003)(486006)(6116002)(50226002)(36756003)(81156014)(8936002)(52116002)(186003)(305945005)(2906002)(76176011)(6636002)(99286004)(110136005)(54906003)(316002)(14444005)(5660300002)(256004)(2501003)(86362001)(4326008)(450100002)(25786009)(66946007)(6436002)(66556008)(71200400001)(71190400001)(66476007)(66446008)(14454004)(64756008)(21314003); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR12MB2942; H:MN2PR12MB3309.namprd12.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: amd.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: ClqkMOxTWgZS4jLkkSEHWp1jXB0eRjdt2syYPw8ifRDNHG2VhtjGHeSYMrA/RfNGllGY7Mu8JpYmW1AgYm04vjKFK1PHPYJ3UCPhpCdZ46j+26c1Spuf6SEdmHcir7bj9m11z8qENIvwMa3auRy0KV093GsdmBdxNazrocFwZGIy6ldteAV6f4PmDRNozNpR8Mc+6kNi0e+2SDy2PRbpOUutBJUzseuhsN23erftckVFlHiOnW9KtVvepEHC1sxxjjWDUpkV3DY5sCQd3C7AQtoYfyyYEz39J6anmZbdoEFM/RXGbERdcaAdPbLE/k7SdKPGlCdkaP9Y0cH7Fb15Bw3m/KsnU3G3q8XgN+oyEp8fSOFI5aFa1h1TLtCdMN5/XDiFrVF34AVBllqTCimXdlTluiCqYQtbg7hQWHO2Ag4= MIME-Version: 1.0 X-OriginatorOrg: amd.com X-MS-Exchange-CrossTenant-Network-Message-Id: dd6c9886-9a64-4200-def2-08d736ae4a6a X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Sep 2019 11:50:49.9630 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 3dd8961f-e488-4e60-8e11-a82d994e183d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: m1i+ZbCHsBlqGmLOaf0hr5zVlrDPD8ZIBl56H89ghM/nvHEMb+/4L1CPJPeU4KxVMEN6nn5oE6FQaREt6cY4bA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR12MB2942 X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amdcloud.onmicrosoft.com; s=selector2-amdcloud-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=i23x7E+IXkEnP4gtZ8uWh5WqSf4bhfJ2XqT5HoicJFc=; b=0xd+d8j+AEf0wK0Q/ZGsMSnFeAiVzbQsmGM7Si6UhTZWVxFlL4zvtQwlW6n6kuDYr/vZPgxmwmdHN67CeF/j8lEjZex48BEWPXrPrmbmRpg7PFnvxJVKfytgQ1qU1OZpFy0jQX+Boau48biVd/2UT9yOvhfctiIswBOUCTLp5jE= X-Mailman-Original-Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=Ray.Huang@amd.com; X-BeenThere: dri-devel@lists.freedesktop.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Direct Rendering Infrastructure - Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: "Tuikov, Luben" , "Huang, Ray" , "Koenig, Christian" , "Liu, Aaron" Errors-To: dri-devel-bounces@lists.freedesktop.org Sender: "dri-devel" From: Alex Deucher If one bo is secure (created with AMDGPU_GEM_CREATE_ENCRYPTED), the TMZ bits of PTEs that belongs that bo should be set. Then psp is able to protect the pages of this bo to avoid the access from an "untrust" domain such as CPU. v1: design and draft the skeletion of tmz bits setting on PTEs (Alex) v2: return failure once create secure bo on no-tmz platform (Ray) Signed-off-by: Alex Deucher Reviewed-by: Huang Rui Signed-off-by: Huang Rui --- drivers/gpu/drm/amd/amdgpu/amdgpu_gem.c | 12 +++++++++++- drivers/gpu/drm/amd/amdgpu/amdgpu_object.h | 10 ++++++++++ drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c | 5 +++++ 3 files changed, 26 insertions(+), 1 deletion(-) diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_gem.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_gem.c index 22eab74..5332104 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_gem.c +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_gem.c @@ -222,7 +222,8 @@ int amdgpu_gem_create_ioctl(struct drm_device *dev, void *data, AMDGPU_GEM_CREATE_CPU_GTT_USWC | AMDGPU_GEM_CREATE_VRAM_CLEARED | AMDGPU_GEM_CREATE_VM_ALWAYS_VALID | - AMDGPU_GEM_CREATE_EXPLICIT_SYNC)) + AMDGPU_GEM_CREATE_EXPLICIT_SYNC | + AMDGPU_GEM_CREATE_ENCRYPTED)) return -EINVAL; @@ -230,6 +231,11 @@ int amdgpu_gem_create_ioctl(struct drm_device *dev, void *data, if (args->in.domains & ~AMDGPU_GEM_DOMAIN_MASK) return -EINVAL; + if (!adev->tmz.enabled && (flags & AMDGPU_GEM_CREATE_ENCRYPTED)) { + DRM_ERROR("Cannot allocate secure buffer while tmz is disabled\n"); + return -EINVAL; + } + /* create a gem object to contain this object in */ if (args->in.domains & (AMDGPU_GEM_DOMAIN_GDS | AMDGPU_GEM_DOMAIN_GWS | AMDGPU_GEM_DOMAIN_OA)) { @@ -251,6 +257,10 @@ int amdgpu_gem_create_ioctl(struct drm_device *dev, void *data, resv = vm->root.base.bo->tbo.resv; } + if (flags & AMDGPU_GEM_CREATE_ENCRYPTED) { + /* XXX: pad out alignment to meet TMZ requirements */ + } + r = amdgpu_gem_object_create(adev, size, args->in.alignment, (u32)(0xffffffff & args->in.domains), flags, ttm_bo_type_device, resv, &gobj); diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_object.h b/drivers/gpu/drm/amd/amdgpu/amdgpu_object.h index 5a3c177..286e2e2 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_object.h +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_object.h @@ -224,6 +224,16 @@ static inline bool amdgpu_bo_explicit_sync(struct amdgpu_bo *bo) return bo->flags & AMDGPU_GEM_CREATE_EXPLICIT_SYNC; } +/** + * amdgpu_bo_encrypted - return whether the bo is encrypted + */ +static inline bool amdgpu_bo_encrypted(struct amdgpu_bo *bo) +{ + struct amdgpu_device *adev = amdgpu_ttm_adev(bo->tbo.bdev); + + return adev->tmz.enabled && (bo->flags & AMDGPU_GEM_CREATE_ENCRYPTED); +} + bool amdgpu_bo_is_amdgpu_bo(struct ttm_buffer_object *bo); void amdgpu_bo_placement_from_domain(struct amdgpu_bo *abo, u32 domain); diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c index 3663655..8f00bb2 100644 --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c @@ -1434,6 +1434,8 @@ bool amdgpu_ttm_tt_is_readonly(struct ttm_tt *ttm) uint64_t amdgpu_ttm_tt_pde_flags(struct ttm_tt *ttm, struct ttm_mem_reg *mem) { uint64_t flags = 0; + struct ttm_buffer_object *tbo = ttm_mem_reg_to_bo(mem); + struct amdgpu_bo *abo = ttm_to_amdgpu_bo(tbo); if (mem && mem->mem_type != TTM_PL_SYSTEM) flags |= AMDGPU_PTE_VALID; @@ -1444,6 +1446,9 @@ uint64_t amdgpu_ttm_tt_pde_flags(struct ttm_tt *ttm, struct ttm_mem_reg *mem) if (ttm->caching_state == tt_cached) flags |= AMDGPU_PTE_SNOOPED; } + if (amdgpu_bo_encrypted(abo)) { + flags |= AMDGPU_PTE_TMZ; + } return flags; }