From: Anusha Srivatsa <anusha.srivatsa@intel.com>
To: intel-gfx@lists.freedesktop.org
Cc: Alex Dai <yu.dai@intel.com>, Peter Antoine <peter.antoine@intel.com>
Subject: [PATCH 5/7] drm/i915/huc: Support HuC authentication
Date: Fri, 28 Oct 2016 17:05:44 -0700 [thread overview]
Message-ID: <1477699546-6624-6-git-send-email-anusha.srivatsa@intel.com> (raw)
In-Reply-To: <1477699546-6624-1-git-send-email-anusha.srivatsa@intel.com>
From: Peter Antoine <peter.antoine@intel.com>
The HuC authentication is done by host2guc call. The HuC RSA keys
are sent to GuC for authentication.
v2: rebased on top of drm-intel-nightly.
changed name format and upped version 1.7.
v3: rebased on top of drm-intel-nightly.
v4: changed wait_for_automic to wait_for
v5: rebased.
v7: rebased.
v8: rebased.
v9: rebased. Rename intel_huc_auh() to intel_guc_auth_huc()
and place the prototype in intel_guc.h,correct the comments.
Tested-by: Xiang Haihao <haihao.xiang@intel.com>
Signed-off-by: Anusha Srivatsa <anusha.srivatsa@intel.com>
Signed-off-by: Alex Dai <yu.dai@intel.com>
Signed-off-by: Peter Antoine <peter.antoine@intel.com>
Reviewed-by: Dave Gordon <david.s.gordon@intel.com>
---
drivers/gpu/drm/i915/i915_guc_submission.c | 63 ++++++++++++++++++++++++++++++
drivers/gpu/drm/i915/intel_guc.h | 2 +-
drivers/gpu/drm/i915/intel_guc_fwif.h | 1 +
drivers/gpu/drm/i915/intel_guc_loader.c | 2 +
4 files changed, 67 insertions(+), 1 deletion(-)
diff --git a/drivers/gpu/drm/i915/i915_guc_submission.c b/drivers/gpu/drm/i915/i915_guc_submission.c
index 99dc5d9..936eefc 100644
--- a/drivers/gpu/drm/i915/i915_guc_submission.c
+++ b/drivers/gpu/drm/i915/i915_guc_submission.c
@@ -27,6 +27,7 @@
#include <linux/relay.h>
#include "i915_drv.h"
#include "intel_guc.h"
+#include "intel_huc.h"
/**
* DOC: GuC-based command submission
@@ -1713,3 +1714,65 @@ int i915_guc_log_control(struct drm_i915_private *dev_priv, u64 control_val)
return ret;
}
+
+/**
+ * intel_guc_auth_huc() - authenticate ucode
+ * @dev: the drm device
+ *
+ * Triggers a HuC fw authentication request to the GuC via host-2-guc
+ * interface.
+ */
+void intel_guc_auth_huc(struct drm_device *dev)
+{
+ struct drm_i915_private *dev_priv = dev->dev_private;
+ struct intel_guc *guc = &dev_priv->guc;
+ struct intel_huc *huc = &dev_priv->huc;
+ struct i915_vma *vma;
+ int ret;
+ u32 data[2];
+
+ /* Bypass the case where there is no HuC firmware */
+ if (huc->huc_fw.fetch_status == UC_FIRMWARE_NONE ||
+ huc->huc_fw.load_status == UC_FIRMWARE_NONE)
+ return;
+
+ if (guc->guc_fw.load_status != UC_FIRMWARE_SUCCESS) {
+ DRM_ERROR("HuC: GuC fw wasn't loaded. Can't authenticate");
+ return;
+ }
+
+ if (huc->huc_fw.load_status != UC_FIRMWARE_SUCCESS) {
+ DRM_ERROR("HuC: fw wasn't loaded. Nothing to authenticate");
+ return;
+ }
+
+ vma = i915_gem_object_ggtt_pin(huc->huc_fw.uc_fw_obj, NULL, 0, 0, 0);
+ if (IS_ERR(vma)) {
+ DRM_DEBUG_DRIVER("pin failed %d\n", (int)PTR_ERR(vma));
+ return;
+ }
+
+
+ /* Invalidate GuC TLB to let GuC take the latest updates to GTT. */
+ I915_WRITE(GEN8_GTCR, GEN8_GTCR_INVALIDATE);
+
+ /* Specify auth action and where public signature is. */
+ data[0] = HOST2GUC_ACTION_AUTHENTICATE_HUC;
+ data[1] = i915_ggtt_offset(vma) + huc->huc_fw.rsa_offset;
+
+ ret = host2guc_action(guc, data, ARRAY_SIZE(data));
+ if (ret) {
+ DRM_ERROR("HuC: GuC did not ack Auth request\n");
+ goto out;
+ }
+
+ /* Check authentication status, it should be done by now */
+ ret = wait_for((I915_READ(HUC_STATUS2) & HUC_FW_VERIFIED) > 0, 50);
+ if (ret) {
+ DRM_ERROR("HuC: Authentication failed\n");
+ goto out;
+ }
+
+out:
+ i915_vma_unpin(vma);
+}
diff --git a/drivers/gpu/drm/i915/intel_guc.h b/drivers/gpu/drm/i915/intel_guc.h
index 4647e41..ffdd5b9 100644
--- a/drivers/gpu/drm/i915/intel_guc.h
+++ b/drivers/gpu/drm/i915/intel_guc.h
@@ -197,5 +197,5 @@ void i915_guc_flush_logs(struct drm_i915_private *dev_priv);
void i915_guc_register(struct drm_i915_private *dev_priv);
void i915_guc_unregister(struct drm_i915_private *dev_priv);
int i915_guc_log_control(struct drm_i915_private *dev_priv, u64 control_val);
-
+void intel_guc_auth_huc(struct drm_device *dev);
#endif
diff --git a/drivers/gpu/drm/i915/intel_guc_fwif.h b/drivers/gpu/drm/i915/intel_guc_fwif.h
index c2a7fdd..99a092d 100644
--- a/drivers/gpu/drm/i915/intel_guc_fwif.h
+++ b/drivers/gpu/drm/i915/intel_guc_fwif.h
@@ -513,6 +513,7 @@ enum host2guc_action {
HOST2GUC_ACTION_EXIT_S_STATE = 0x502,
HOST2GUC_ACTION_SLPC_REQUEST = 0x3003,
HOST2GUC_ACTION_UK_LOG_ENABLE_LOGGING = 0x0E000,
+ HOST2GUC_ACTION_AUTHENTICATE_HUC = 0x4000,
HOST2GUC_ACTION_LIMIT
};
diff --git a/drivers/gpu/drm/i915/intel_guc_loader.c b/drivers/gpu/drm/i915/intel_guc_loader.c
index dc79968..11e3bbb 100644
--- a/drivers/gpu/drm/i915/intel_guc_loader.c
+++ b/drivers/gpu/drm/i915/intel_guc_loader.c
@@ -531,6 +531,8 @@ int intel_guc_setup(struct drm_device *dev)
intel_uc_fw_status_repr(guc_fw->fetch_status),
intel_uc_fw_status_repr(guc_fw->load_status));
+ intel_guc_auth_huc(dev);
+
if (i915.enable_guc_submission) {
if (i915.guc_log_level >= 0)
gen9_enable_guc_interrupts(dev_priv);
--
2.7.4
_______________________________________________
Intel-gfx mailing list
Intel-gfx@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/intel-gfx
next prev parent reply other threads:[~2016-10-29 0:06 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-10-29 0:05 [PATCH 0/7] HuC Loading Patches Anusha Srivatsa
2016-10-29 0:05 ` [PATCH 1/7] drm/i915/guc: Make the GuC fw loading helper functions general Anusha Srivatsa
2016-10-29 0:05 ` [PATCH 2/7] drm/i915/huc: Unified css_header struct for GuC and HuC Anusha Srivatsa
2016-10-31 20:02 ` Jeff McGee
2016-10-29 0:05 ` [PATCH 3/7] drm/i915/huc: Add HuC fw loading support Anusha Srivatsa
2016-10-31 20:21 ` Jeff McGee
2016-10-29 0:05 ` [PATCH 4/7] drm/i915/huc: Add debugfs for HuC loading status check Anusha Srivatsa
2016-10-29 0:05 ` Anusha Srivatsa [this message]
2016-10-31 20:26 ` [PATCH 5/7] drm/i915/huc: Support HuC authentication Jeff McGee
2016-10-29 0:05 ` [PATCH 6/7] drm/i915/huc: Add BXT HuC Loading Support Anusha Srivatsa
2016-10-31 20:29 ` Jeff McGee
2016-10-29 0:05 ` [PATCH 7/7] drm/i915/get_params: Add HuC status to getparams Anusha Srivatsa
2016-10-31 20:31 ` Jeff McGee
2016-10-29 0:46 ` ✓ Fi.CI.BAT: success for HuC Loading Patches Patchwork
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1477699546-6624-6-git-send-email-anusha.srivatsa@intel.com \
--to=anusha.srivatsa@intel.com \
--cc=intel-gfx@lists.freedesktop.org \
--cc=peter.antoine@intel.com \
--cc=yu.dai@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.