From patchwork Wed Sep 11 11:50:49 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Huang Rui <ray.huang@amd.com>
X-Patchwork-Id: 11140999
Return-Path: <SRS0=K6T8=XG=lists.freedesktop.org=dri-devel-bounces@kernel.org>
Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org
 [172.30.200.123])
	by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 546FE14E5
	for <patchwork-dri-devel@patchwork.kernel.org>;
 Wed, 11 Sep 2019 11:50:55 +0000 (UTC)
Received: from gabe.freedesktop.org (gabe.freedesktop.org [131.252.210.177])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id 3C89F20CC7
	for <patchwork-dri-devel@patchwork.kernel.org>;
 Wed, 11 Sep 2019 11:50:55 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 3C89F20CC7
Authentication-Results: mail.kernel.org;
 dmarc=none (p=none dis=none) header.from=amd.com
Authentication-Results: mail.kernel.org;
 spf=none smtp.mailfrom=dri-devel-bounces@lists.freedesktop.org
Received: from gabe.freedesktop.org (localhost [127.0.0.1])
	by gabe.freedesktop.org (Postfix) with ESMTP id 3F8756EAC0;
	Wed, 11 Sep 2019 11:50:54 +0000 (UTC)
X-Original-To: dri-devel@lists.freedesktop.org
Delivered-To: dri-devel@lists.freedesktop.org
Received: from NAM02-BL2-obe.outbound.protection.outlook.com
 (mail-eopbgr750071.outbound.protection.outlook.com [40.107.75.71])
 by gabe.freedesktop.org (Postfix) with ESMTPS id C1A5C6EABF;
 Wed, 11 Sep 2019 11:50:51 +0000 (UTC)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=LTaQQ8I4tPsL+bzhLUZ5l21AaJBAAiN97kYhErAO8Dv+vUqZ/gvgfry0Z1zvA4V2rP6wSLn7NX7iMDmPpOV0ov5inZb6eU0NZQ0yAJ38gLQKUXIFg+xurwYBJfa3ApHmWWkn3NBO50cvddwIaAi3IVoRtMmEecsIQou202GFZx/9x3Rz7q7H+zB2FbUtIXiDEW0kL0NnBq+MVht4JoiUPkIujHL0MyOP/Vsl+9LAE+saSHbohUtGkP5IEAQpHHRsZF/5CwwO0zGpPBkH+Iatl0ftQSD5HVWr+P3IQP+NDK5mb7RPSGHOkxTf2m6Fwm7pg1rJjKlxMjoqOeFmle/eig==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=i23x7E+IXkEnP4gtZ8uWh5WqSf4bhfJ2XqT5HoicJFc=;
 b=E0/CHtc1kz7q0HQnZZcSLG++RdRyDvvmDjofQqueoW/y3KXYjl4SFHCQdLeZP9elcgL9dvQbX6xk+3PLQH/OKP4A+hNNDh0r3TX92EXjH1mbVre7kamExK+0IS7oS9jnLP7C9OoD5hV7PeU5tHgxlQFZ9aXKqlsaXPqTBxHHbAFTZyM6YXFsUK7fnm6ctaBuGoyX7i29YMOVyVwKVvRJQvmJ6yDaXSVpIrmEeODtJTgrbOC91hNmCJXOpdzxJMN9SSl8LpswFbX9iPkaf/e53m3Qdercb+q+LvUfi8vg4CkTDBJP6Axi2xosQfAOjJJGZJW1HVOF+4uaA1UfIy8Lcw==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass
 header.d=amd.com; arc=none
Received: from MN2PR12MB3309.namprd12.prod.outlook.com (20.179.83.157) by
 MN2PR12MB2942.namprd12.prod.outlook.com (20.179.84.27) with Microsoft SMTP
 Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.20.2241.18; Wed, 11 Sep 2019 11:50:50 +0000
Received: from MN2PR12MB3309.namprd12.prod.outlook.com
 ([fe80::e105:cd24:c71d:c38d]) by MN2PR12MB3309.namprd12.prod.outlook.com
 ([fe80::e105:cd24:c71d:c38d%4]) with mapi id 15.20.2241.022; Wed, 11 Sep 2019
 11:50:50 +0000
From: "Huang, Ray" <Ray.Huang@amd.com>
To: "amd-gfx@lists.freedesktop.org" <amd-gfx@lists.freedesktop.org>,
 "dri-devel@lists.freedesktop.org" <dri-devel@lists.freedesktop.org>,
 "Deucher, Alexander" <Alexander.Deucher@amd.com>
Subject: [PATCH 14/14] drm/amdgpu: set TMZ bits in PTEs for secure bo (v2)
Thread-Topic: [PATCH 14/14] drm/amdgpu: set TMZ bits in PTEs for secure bo
 (v2)
Thread-Index: AQHVaJcopKpC1OzuDEifbwgZtSrWxw==
Date: Wed, 11 Sep 2019 11:50:49 +0000
Message-ID: <1568202584-14471-15-git-send-email-ray.huang@amd.com>
References: <1568202584-14471-1-git-send-email-ray.huang@amd.com>
In-Reply-To: <1568202584-14471-1-git-send-email-ray.huang@amd.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [180.167.199.189]
x-clientproxiedby: HK2PR04CA0046.apcprd04.prod.outlook.com
 (2603:1096:202:14::14) To MN2PR12MB3309.namprd12.prod.outlook.com
 (2603:10b6:208:106::29)
x-ms-exchange-messagesentrepresentingtype: 1
x-mailer: git-send-email 2.7.4
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: dd6c9886-9a64-4200-def2-08d736ae4a6a
x-ms-office365-filtering-ht: Tenant
x-microsoft-antispam: BCL:0; PCL:0;
 RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600166)(711020)(4605104)(1401327)(4618075)(2017052603328)(7193020);
 SRVR:MN2PR12MB2942;
x-ms-traffictypediagnostic: MN2PR12MB2942:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: 
 <MN2PR12MB2942FA3F05BEBD4234A1AC18ECB10@MN2PR12MB2942.namprd12.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0157DEB61B
x-forefront-antispam-report: SFV:NSPM;
 SFS:(10009020)(4636009)(39860400002)(366004)(346002)(376002)(136003)(396003)(199004)(189003)(478600001)(6486002)(53936002)(3846002)(26005)(6512007)(102836004)(6506007)(386003)(7736002)(66066001)(8676002)(81166006)(2616005)(11346002)(446003)(476003)(486006)(6116002)(50226002)(36756003)(81156014)(8936002)(52116002)(186003)(305945005)(2906002)(76176011)(6636002)(99286004)(110136005)(54906003)(316002)(14444005)(5660300002)(256004)(2501003)(86362001)(4326008)(450100002)(25786009)(66946007)(6436002)(66556008)(71200400001)(71190400001)(66476007)(66446008)(14454004)(64756008)(21314003);
 DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR12MB2942;
 H:MN2PR12MB3309.namprd12.prod.outlook.com; FPR:; SPF:None; LANG:en;
 PTR:InfoNoRecords; A:1; MX:1;
received-spf: None (protection.outlook.com: amd.com does not designate
 permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: 
 ClqkMOxTWgZS4jLkkSEHWp1jXB0eRjdt2syYPw8ifRDNHG2VhtjGHeSYMrA/RfNGllGY7Mu8JpYmW1AgYm04vjKFK1PHPYJ3UCPhpCdZ46j+26c1Spuf6SEdmHcir7bj9m11z8qENIvwMa3auRy0KV093GsdmBdxNazrocFwZGIy6ldteAV6f4PmDRNozNpR8Mc+6kNi0e+2SDy2PRbpOUutBJUzseuhsN23erftckVFlHiOnW9KtVvepEHC1sxxjjWDUpkV3DY5sCQd3C7AQtoYfyyYEz39J6anmZbdoEFM/RXGbERdcaAdPbLE/k7SdKPGlCdkaP9Y0cH7Fb15Bw3m/KsnU3G3q8XgN+oyEp8fSOFI5aFa1h1TLtCdMN5/XDiFrVF34AVBllqTCimXdlTluiCqYQtbg7hQWHO2Ag4=
MIME-Version: 1.0
X-OriginatorOrg: amd.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 dd6c9886-9a64-4200-def2-08d736ae4a6a
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Sep 2019 11:50:49.9630 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: 
 m1i+ZbCHsBlqGmLOaf0hr5zVlrDPD8ZIBl56H89ghM/nvHEMb+/4L1CPJPeU4KxVMEN6nn5oE6FQaREt6cY4bA==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR12MB2942
X-Mailman-Original-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=amdcloud.onmicrosoft.com; s=selector2-amdcloud-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=i23x7E+IXkEnP4gtZ8uWh5WqSf4bhfJ2XqT5HoicJFc=;
 b=0xd+d8j+AEf0wK0Q/ZGsMSnFeAiVzbQsmGM7Si6UhTZWVxFlL4zvtQwlW6n6kuDYr/vZPgxmwmdHN67CeF/j8lEjZex48BEWPXrPrmbmRpg7PFnvxJVKfytgQ1qU1OZpFy0jQX+Boau48biVd/2UT9yOvhfctiIswBOUCTLp5jE=
X-Mailman-Original-Authentication-Results: spf=none (sender IP is )
 smtp.mailfrom=Ray.Huang@amd.com;
X-BeenThere: dri-devel@lists.freedesktop.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: Direct Rendering Infrastructure - Development
 <dri-devel.lists.freedesktop.org>
List-Unsubscribe: <https://lists.freedesktop.org/mailman/options/dri-devel>,
 <mailto:dri-devel-request@lists.freedesktop.org?subject=unsubscribe>
List-Archive: <https://lists.freedesktop.org/archives/dri-devel>
List-Post: <mailto:dri-devel@lists.freedesktop.org>
List-Help: <mailto:dri-devel-request@lists.freedesktop.org?subject=help>
List-Subscribe: <https://lists.freedesktop.org/mailman/listinfo/dri-devel>,
 <mailto:dri-devel-request@lists.freedesktop.org?subject=subscribe>
Cc: "Tuikov, Luben" <Luben.Tuikov@amd.com>, "Huang, Ray" <Ray.Huang@amd.com>,
 "Koenig, Christian" <Christian.Koenig@amd.com>, "Liu,
 Aaron" <Aaron.Liu@amd.com>
Errors-To: dri-devel-bounces@lists.freedesktop.org
Sender: "dri-devel" <dri-devel-bounces@lists.freedesktop.org>

From: Alex Deucher <alexander.deucher@amd.com>

If one bo is secure (created with AMDGPU_GEM_CREATE_ENCRYPTED), the TMZ bits of
PTEs that belongs that bo should be set. Then psp is able to protect the pages
of this bo to avoid the access from an "untrust" domain such as CPU.

v1: design and draft the skeletion of tmz bits setting on PTEs (Alex)
v2: return failure once create secure bo on no-tmz platform  (Ray)

Signed-off-by: Alex Deucher <alexander.deucher@amd.com>
Reviewed-by: Huang Rui <ray.huang@amd.com>
Signed-off-by: Huang Rui <ray.huang@amd.com>
---
 drivers/gpu/drm/amd/amdgpu/amdgpu_gem.c    | 12 +++++++++++-
 drivers/gpu/drm/amd/amdgpu/amdgpu_object.h | 10 ++++++++++
 drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c    |  5 +++++
 3 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_gem.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_gem.c
index 22eab74..5332104 100644
--- a/drivers/gpu/drm/amd/amdgpu/amdgpu_gem.c
+++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_gem.c
@@ -222,7 +222,8 @@ int amdgpu_gem_create_ioctl(struct drm_device *dev, void *data,
 		      AMDGPU_GEM_CREATE_CPU_GTT_USWC |
 		      AMDGPU_GEM_CREATE_VRAM_CLEARED |
 		      AMDGPU_GEM_CREATE_VM_ALWAYS_VALID |
-		      AMDGPU_GEM_CREATE_EXPLICIT_SYNC))
+		      AMDGPU_GEM_CREATE_EXPLICIT_SYNC |
+		      AMDGPU_GEM_CREATE_ENCRYPTED))
 
 		return -EINVAL;
 
@@ -230,6 +231,11 @@ int amdgpu_gem_create_ioctl(struct drm_device *dev, void *data,
 	if (args->in.domains & ~AMDGPU_GEM_DOMAIN_MASK)
 		return -EINVAL;
 
+	if (!adev->tmz.enabled && (flags & AMDGPU_GEM_CREATE_ENCRYPTED)) {
+		DRM_ERROR("Cannot allocate secure buffer while tmz is disabled\n");
+		return -EINVAL;
+	}
+
 	/* create a gem object to contain this object in */
 	if (args->in.domains & (AMDGPU_GEM_DOMAIN_GDS |
 	    AMDGPU_GEM_DOMAIN_GWS | AMDGPU_GEM_DOMAIN_OA)) {
@@ -251,6 +257,10 @@ int amdgpu_gem_create_ioctl(struct drm_device *dev, void *data,
 		resv = vm->root.base.bo->tbo.resv;
 	}
 
+	if (flags & AMDGPU_GEM_CREATE_ENCRYPTED) {
+		/* XXX: pad out alignment to meet TMZ requirements */
+	}
+
 	r = amdgpu_gem_object_create(adev, size, args->in.alignment,
 				     (u32)(0xffffffff & args->in.domains),
 				     flags, ttm_bo_type_device, resv, &gobj);
diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_object.h b/drivers/gpu/drm/amd/amdgpu/amdgpu_object.h
index 5a3c177..286e2e2 100644
--- a/drivers/gpu/drm/amd/amdgpu/amdgpu_object.h
+++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_object.h
@@ -224,6 +224,16 @@ static inline bool amdgpu_bo_explicit_sync(struct amdgpu_bo *bo)
 	return bo->flags & AMDGPU_GEM_CREATE_EXPLICIT_SYNC;
 }
 
+/**
+ * amdgpu_bo_encrypted - return whether the bo is encrypted
+ */
+static inline bool amdgpu_bo_encrypted(struct amdgpu_bo *bo)
+{
+	struct amdgpu_device *adev = amdgpu_ttm_adev(bo->tbo.bdev);
+
+	return adev->tmz.enabled && (bo->flags & AMDGPU_GEM_CREATE_ENCRYPTED);
+}
+
 bool amdgpu_bo_is_amdgpu_bo(struct ttm_buffer_object *bo);
 void amdgpu_bo_placement_from_domain(struct amdgpu_bo *abo, u32 domain);
 
diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c
index 3663655..8f00bb2 100644
--- a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c
+++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c
@@ -1434,6 +1434,8 @@ bool amdgpu_ttm_tt_is_readonly(struct ttm_tt *ttm)
 uint64_t amdgpu_ttm_tt_pde_flags(struct ttm_tt *ttm, struct ttm_mem_reg *mem)
 {
 	uint64_t flags = 0;
+	struct ttm_buffer_object *tbo = ttm_mem_reg_to_bo(mem);
+	struct amdgpu_bo *abo = ttm_to_amdgpu_bo(tbo);
 
 	if (mem && mem->mem_type != TTM_PL_SYSTEM)
 		flags |= AMDGPU_PTE_VALID;
@@ -1444,6 +1446,9 @@ uint64_t amdgpu_ttm_tt_pde_flags(struct ttm_tt *ttm, struct ttm_mem_reg *mem)
 		if (ttm->caching_state == tt_cached)
 			flags |= AMDGPU_PTE_SNOOPED;
 	}
+	if (amdgpu_bo_encrypted(abo)) {
+		flags |= AMDGPU_PTE_TMZ;
+	}
 
 	return flags;
 }