[20/27] drm/i915/pxp: Create the arbitrary session after boot

Message ID	20201114014537.25495-20-sean.z.huang@intel.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <SRS0=QofO=EU=lists.freedesktop.org=intel-gfx-bounces@kernel.org> DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 118302225F IronPort-SDR: KTHFjYuixPglUxG/fUwxZCGohNLrQsrBcvksV85YdKeiWyC66wbRCxBpXptlKuKh6AdigSOb2z mY/iL/59+cVw== IronPort-SDR: JYlGN/uTX3IaXB1hssottmkJOiQ2cKnkMuOx2RVkIVKz690Aa9GgaKBC0yIuV15ouZknD8hspR p6gP0NmFpEtw== From: Sean Z Huang <sean.z.huang@intel.com> To: Intel-gfx@lists.freedesktop.org Date: Fri, 13 Nov 2020 17:45:30 -0800 Message-Id: <20201114014537.25495-20-sean.z.huang@intel.com> In-Reply-To: <20201114014537.25495-1-sean.z.huang@intel.com> References: <20201114014537.25495-1-sean.z.huang@intel.com> Subject: [Intel-gfx] [PATCH 20/27] drm/i915/pxp: Create the arbitrary session after boot Precedence: list Cc: "Huang, Sean Z" <sean.z.huang@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: intel-gfx-bounces@lists.freedesktop.org Sender: "Intel-gfx" <intel-gfx-bounces@lists.freedesktop.org>
Series	[01/27] drm/i915/pxp: Introduce Intel PXP component \| expand [01/27] drm/i915/pxp: Introduce Intel PXP component [02/27] drm/i915/pxp: Enable PXP irq worker and callback stub [03/27] drm/i915/pxp: Add PXP context for logical hardware states. [04/27] drm/i915/pxp: set KCR reg init during the boot time [05/27] drm/i915/pxp: Enable ioctl action to set the ring3 context [06/27] drm/i915: Rename the whitelist to allowlist [07/27] drm/i915/pxp: Add PXP-related registers into allowlist [08/27] drm/i915/pxp: Read register to check hardware session state [09/27] drm/i915/pxp: Implement funcs to get/set PXP tag [10/27] drm/i915/pxp: Enable ioctl action to reserve session slot [11/27] drm/i915/pxp: Enable ioctl action to set session in play [12/27] drm/i915/pxp: Func to send hardware session termination [13/27] drm/i915/pxp: Enable ioctl action to terminate the session [14/27] drm/i915/pxp: Enable ioctl action to query PXP tag [15/27] drm/i915/pxp: Destroy all type0 sessions upon teardown [16/27] drm/i915/pxp: Termiante the session upon app crash [17/27] drm/i915/pxp: Enable PXP power management [18/27] drm/i915/pxp: Implement funcs to create the TEE channel [19/27] drm/i915/pxp: Enable ioctl action to send TEE commands [20/27] drm/i915/pxp: Create the arbitrary session after boot [21/27] drm/i915/pxp: Add i915 trace logs for PXP operations [22/27] drm/i915/pxp: Expose session state for display protection flip [23/27] mei: bus: enable pavp device. [24/27] mei: pxp: export pavp client to me client bus [25/27] drm/i915/uapi: introduce drm_i915_gem_create_ext for TGL [26/27] drm/i915/pavp: User interface for Protected buffer [27/27] drm/i915/pxp: Add plane decryption support

diff --git a/drivers/gpu/drm/i915/pxp/intel_pxp.c b/drivers/gpu/drm/i915/pxp/intel_pxp.c index 1a6cad0502c5..80e632b614f5 100644 --- a/drivers/gpu/drm/i915/pxp/intel_pxp.c +++ b/drivers/gpu/drm/i915/pxp/intel_pxp.c @@ -140,6 +140,46 @@ int intel_pxp_close(struct drm_i915_private *i915, struct drm_file *drmfile) return ret; } +int intel_pxp_create_arb_session(struct drm_i915_private *i915) +{ + struct pxp_tag pxptag; + int ret; + + drm_dbg(&i915->drm, ">>> %s\n", __func__); + + lockdep_assert_held(&i915->pxp.r0ctx->ctx_mutex); + + if (i915->pxp.r0ctx->flag_display_hm_surface_keys) { + drm_dbg(&i915->drm, "%s: arb session is alive so skipping the creation\n", + __func__); + return 0; + } + + ret = intel_pxp_sm_reserve_arb_session(i915, &pxptag.value); + if (ret) { + drm_dbg(&i915->drm, "Failed to reserve session\n"); + goto end; + } + + ret = intel_pxp_tee_cmd_create_arb_session(i915); + if (ret) { + drm_dbg(&i915->drm, "Failed to send tee cmd for arb session creation\n"); + goto end; + } + + ret = pxp_sm_mark_protected_session_in_play(i915, ARB_SESSION_TYPE, pxptag.session_id); + if (ret) { + drm_dbg(&i915->drm, "Failed to mark session status in play\n"); + goto end; + } + + i915->pxp.r0ctx->flag_display_hm_surface_keys = true; + +end: + drm_dbg(&i915->drm, "<<< %s ret=[%d]\n", __func__, ret); + return ret; +} + static void intel_pxp_write_irq_mask_reg(struct drm_i915_private *i915, u32 mask) { WARN_ON(INTEL_GEN(i915) < 11); @@ -190,9 +230,17 @@ static int intel_pxp_global_terminate_complete_callback(struct drm_i915_private mutex_lock(&i915->pxp.r0ctx->ctx_mutex); - if (i915->pxp.r0ctx->global_state_attacked) + if (i915->pxp.r0ctx->global_state_attacked) { i915->pxp.r0ctx->global_state_attacked = false; + /* Re-create the arb session after teardown handle complete */ + ret = intel_pxp_create_arb_session(i915); + if (ret) { + drm_dbg(&i915->drm, "Failed to create arb session\n"); + goto end; + } + } +end: mutex_unlock(&i915->pxp.r0ctx->ctx_mutex); drm_dbg(&i915->drm, "<<< %s ret=[%d]\n", __func__, ret); diff --git a/drivers/gpu/drm/i915/pxp/intel_pxp.h b/drivers/gpu/drm/i915/pxp/intel_pxp.h index 2c16ed0b5c0b..c0119ccdab08 100644 --- a/drivers/gpu/drm/i915/pxp/intel_pxp.h +++ b/drivers/gpu/drm/i915/pxp/intel_pxp.h @@ -102,6 +102,8 @@ struct drm_i915_private; int i915_pxp_ops_ioctl(struct drm_device *dev, void *data, struct drm_file *drmfile); int intel_pxp_close(struct drm_i915_private *i915, struct drm_file *drmfile); +int intel_pxp_create_arb_session(struct drm_i915_private *i915); + void intel_pxp_irq_handler(struct intel_gt *gt, u16 iir); int i915_pxp_teardown_required_callback(struct drm_i915_private *i915); int i915_pxp_global_terminate_complete_callback(struct drm_i915_private *i915); diff --git a/drivers/gpu/drm/i915/pxp/intel_pxp_sm.c b/drivers/gpu/drm/i915/pxp/intel_pxp_sm.c index 71082938b9f0..55cdd402f704 100644 --- a/drivers/gpu/drm/i915/pxp/intel_pxp_sm.c +++ b/drivers/gpu/drm/i915/pxp/intel_pxp_sm.c @@ -673,6 +673,39 @@ int intel_pxp_sm_reserve_session(struct drm_i915_private *i915, struct drm_file return ret; } +int intel_pxp_sm_reserve_arb_session(struct drm_i915_private *i915, u32 *pxp_tag) +{ + int ret; + + drm_dbg(&i915->drm, ">>> %s\n", __func__); + + lockdep_assert_held(&i915->pxp.r0ctx->ctx_mutex); + + if (!pxp_tag || !i915) { + ret = -EINVAL; + drm_dbg(&i915->drm, "Failed to %s, bad params\n", __func__); + goto end; + } + + ret = sync_hw_sw_state(i915, ARB_SESSION_INDEX, ARB_SESSION_TYPE); + if (unlikely(ret)) + goto end; + + ret = create_new_session_entry(i915, NULL, 0, ARB_SESSION_TYPE, + ARB_PROTECTION_MODE, ARB_SESSION_INDEX); + if (unlikely(ret)) + goto end; + + ret = pxp_set_pxp_tag(i915, ARB_SESSION_TYPE, ARB_SESSION_INDEX, ARB_PROTECTION_MODE); + +end: + if (ret == 0) + *pxp_tag = intel_pxp_get_pxp_tag(i915, ARB_SESSION_INDEX, ARB_SESSION_TYPE, NULL); + + drm_dbg(&i915->drm, "<<< %s ret=[%d]\n", __func__, ret); + return ret; +} + /** * pxp_sm_mark_protected_session_in_play - To put an reserved protected session to "in_play" state * @i915: i915 device handle. diff --git a/drivers/gpu/drm/i915/pxp/intel_pxp_sm.h b/drivers/gpu/drm/i915/pxp/intel_pxp_sm.h index b968a3169133..17ece9a375db 100644 --- a/drivers/gpu/drm/i915/pxp/intel_pxp_sm.h +++ b/drivers/gpu/drm/i915/pxp/intel_pxp_sm.h @@ -38,6 +38,11 @@ /* CRYPTO_KEY_EXCHANGE */ #define CRYPTO_KEY_EXCHANGE ((0x3 << 29) | (0x01609 << 16)) +/* Arbitrary session */ +#define ARB_SESSION_INDEX 0xf +#define ARB_SESSION_TYPE SESSION_TYPE_TYPE0 +#define ARB_PROTECTION_MODE PROTECTION_MODE_HM + enum pxp_session_types { SESSION_TYPE_TYPE0 = 0, SESSION_TYPE_TYPE1 = 1, @@ -102,6 +107,7 @@ struct pxp_protected_session { int intel_pxp_sm_reserve_session(struct drm_i915_private *i915, struct drm_file *drmfile, int context_id, int session_type, int protection_mode, u32 *pxp_tag); +int intel_pxp_sm_reserve_arb_session(struct drm_i915_private *i915, u32 *pxp_tag); int pxp_sm_mark_protected_session_in_play(struct drm_i915_private *i915, int session_type, u32 session_id); int pxp_sm_terminate_protected_session_safe(struct drm_i915_private *i915, int context_id, diff --git a/drivers/gpu/drm/i915/pxp/intel_pxp_tee.c b/drivers/gpu/drm/i915/pxp/intel_pxp_tee.c index 7e10b7ac584f..d9ab33139cdc 100644 --- a/drivers/gpu/drm/i915/pxp/intel_pxp_tee.c +++ b/drivers/gpu/drm/i915/pxp/intel_pxp_tee.c @@ -138,6 +138,7 @@ int pxp_tee_ioctl_io_message(struct drm_i915_private *i915, static int i915_pxp_tee_component_bind(struct device *i915_kdev, struct device *tee_kdev, void *data) { + int ret; struct drm_i915_private *i915 = kdev_to_i915(i915_kdev); drm_dbg(&i915->drm, "i915 PXP TEE component bind\n"); @@ -152,6 +153,16 @@ static int i915_pxp_tee_component_bind(struct device *i915_kdev, i915->pxp_tee_master->tee_dev = tee_kdev; mutex_unlock(&i915->pxp_tee_comp_mutex); + mutex_lock(&i915->pxp.r0ctx->ctx_mutex); + /* Create arb session only if tee is ready, during system boot or sleep/resume */ + ret = intel_pxp_create_arb_session(i915); + mutex_unlock(&i915->pxp.r0ctx->ctx_mutex); + + if (ret) { + drm_dbg(&i915->drm, "Failed to create arb session ret=[%d]\n", ret); + return ret; + } + return 0; } @@ -203,3 +214,26 @@ void intel_pxp_tee_component_fini(struct drm_i915_private *i915) component_del(i915->drm.dev, &i915_pxp_tee_component_ops); } + +int intel_pxp_tee_cmd_create_arb_session(struct drm_i915_private *i915) +{ + int ret; + u32 msg_out_size_received = 0; + u32 msg_in[PXP_TEE_ARB_CMD_DW_LEN] = PXP_TEE_ARB_CMD_BIN; + u32 msg_out[PXP_TEE_ARB_CMD_DW_LEN] = {0}; + + mutex_lock(&i915->pxp_tee_comp_mutex); + + ret = intel_pxp_tee_io_message(i915, + &msg_in, + sizeof(msg_in), + &msg_out, &msg_out_size_received, + sizeof(msg_out)); + + mutex_unlock(&i915->pxp_tee_comp_mutex); + + if (ret) + drm_dbg(&i915->drm, "Failed to send/receive tee message\n"); + + return ret; +} diff --git a/drivers/gpu/drm/i915/pxp/intel_pxp_tee.h b/drivers/gpu/drm/i915/pxp/intel_pxp_tee.h index 4df077c906ae..a6d694c2277c 100644 --- a/drivers/gpu/drm/i915/pxp/intel_pxp_tee.h +++ b/drivers/gpu/drm/i915/pxp/intel_pxp_tee.h @@ -16,4 +16,10 @@ int pxp_tee_ioctl_io_message(struct drm_i915_private *i915, void __user *msg_out_user_ptr, u32 *msg_out_size_ptr, u32 msg_out_buf_size); +int intel_pxp_tee_cmd_create_arb_session(struct drm_i915_private *i915); + +/* TEE command to create the arbitrary session */ +#define PXP_TEE_ARB_CMD_BIN {0x00040000, 0x0000001e, 0x00000000, 0x00000008, 0x00000002, 0x0000000f} +#define PXP_TEE_ARB_CMD_DW_LEN (6) + #endif /* __INTEL_PXP_TEE_H__ */

[20/27] drm/i915/pxp: Create the arbitrary session after boot

Commit Message

Patch