From: Sean Z Huang <sean.z.huang@intel.com>
To: Intel-gfx@lists.freedesktop.org
Cc: "Huang, Sean Z" <sean.z.huang@intel.com>
Subject: [Intel-gfx] [PATCH 18/27] drm/i915/pxp: Implement funcs to create the TEE channel
Date: Fri, 13 Nov 2020 17:45:28 -0800 [thread overview]
Message-ID: <20201114014537.25495-18-sean.z.huang@intel.com> (raw)
In-Reply-To: <20201114014537.25495-1-sean.z.huang@intel.com>
From: "Huang, Sean Z" <sean.z.huang@intel.com>
Currently ring3 driver sends the TEE commands directly to TEE, but
later, as our design, we would like to make ring3 sending the TEE
commands via the ring0 PXP ioctl action instead of TEE ioctl, so
we can centralize those protection operations at ring0 PXP.
Co-developed-by: Vitaly Lubart <vitaly.lubart@intel.com>
Co-developed-by: Tomas Winkler <tomas.winkler@intel.com>
Signed-off-by: Huang, Sean Z <sean.z.huang@intel.com>
---
drivers/gpu/drm/i915/Makefile | 1 +
drivers/gpu/drm/i915/i915_drv.c | 1 +
drivers/gpu/drm/i915/i915_drv.h | 6 +
drivers/gpu/drm/i915/pxp/intel_pxp.c | 4 +
drivers/gpu/drm/i915/pxp/intel_pxp_tee.c | 140 +++++++++++++++++++++++
drivers/gpu/drm/i915/pxp/intel_pxp_tee.h | 14 +++
include/drm/i915_component.h | 1 +
include/drm/i915_pxp_tee_interface.h | 45 ++++++++
8 files changed, 212 insertions(+)
create mode 100644 drivers/gpu/drm/i915/pxp/intel_pxp_tee.c
create mode 100644 drivers/gpu/drm/i915/pxp/intel_pxp_tee.h
create mode 100644 include/drm/i915_pxp_tee_interface.h
diff --git a/drivers/gpu/drm/i915/Makefile b/drivers/gpu/drm/i915/Makefile
index 6858392c1ef2..1f3e0b89ae42 100644
--- a/drivers/gpu/drm/i915/Makefile
+++ b/drivers/gpu/drm/i915/Makefile
@@ -259,6 +259,7 @@ i915-y += \
pxp/intel_pxp.o \
pxp/intel_pxp_context.o \
pxp/intel_pxp_sm.o \
+ pxp/intel_pxp_tee.o \
pxp/intel_pxp_pm.o
# Post-mortem debug and GPU hang state capture
diff --git a/drivers/gpu/drm/i915/i915_drv.c b/drivers/gpu/drm/i915/i915_drv.c
index 830708414f92..73c77a4e8216 100644
--- a/drivers/gpu/drm/i915/i915_drv.c
+++ b/drivers/gpu/drm/i915/i915_drv.c
@@ -324,6 +324,7 @@ static int i915_driver_early_probe(struct drm_i915_private *dev_priv)
mutex_init(&dev_priv->wm.wm_mutex);
mutex_init(&dev_priv->pps_mutex);
mutex_init(&dev_priv->hdcp_comp_mutex);
+ mutex_init(&dev_priv->pxp_tee_comp_mutex);
i915_memcpy_init_early(dev_priv);
intel_runtime_pm_init_early(&dev_priv->runtime_pm);
diff --git a/drivers/gpu/drm/i915/i915_drv.h b/drivers/gpu/drm/i915/i915_drv.h
index f34ed07a68ee..9ba6eada4f84 100644
--- a/drivers/gpu/drm/i915/i915_drv.h
+++ b/drivers/gpu/drm/i915/i915_drv.h
@@ -1219,6 +1219,12 @@ struct drm_i915_private {
struct intel_pxp pxp;
+ struct i915_pxp_comp_master *pxp_tee_master;
+ bool pxp_tee_comp_added;
+
+ /* Mutex to protect the above pxp_tee component related values. */
+ struct mutex pxp_tee_comp_mutex;
+
I915_SELFTEST_DECLARE(struct i915_selftest_stash selftest;)
/*
diff --git a/drivers/gpu/drm/i915/pxp/intel_pxp.c b/drivers/gpu/drm/i915/pxp/intel_pxp.c
index 75858c0842ba..2cbdc6fa7cf6 100644
--- a/drivers/gpu/drm/i915/pxp/intel_pxp.c
+++ b/drivers/gpu/drm/i915/pxp/intel_pxp.c
@@ -227,6 +227,8 @@ int intel_pxp_init(struct drm_i915_private *i915)
return ret;
}
+ intel_pxp_tee_component_init(i915);
+
INIT_WORK(&i915->pxp.irq_work, intel_pxp_irq_work);
i915->pxp.handled_irr = (PXP_IRQ_VECTOR_DISPLAY_PXP_STATE_TERMINATED |
@@ -238,6 +240,8 @@ int intel_pxp_init(struct drm_i915_private *i915)
void intel_pxp_uninit(struct drm_i915_private *i915)
{
+ intel_pxp_tee_component_fini(i915);
+
intel_pxp_destroy_r0ctx(i915);
}
diff --git a/drivers/gpu/drm/i915/pxp/intel_pxp_tee.c b/drivers/gpu/drm/i915/pxp/intel_pxp_tee.c
new file mode 100644
index 000000000000..5bf79ca45cea
--- /dev/null
+++ b/drivers/gpu/drm/i915/pxp/intel_pxp_tee.c
@@ -0,0 +1,140 @@
+/* SPDX-License-Identifier: MIT */
+/*
+ * Copyright(c) 2020 Intel Corporation.
+ */
+
+#include <linux/component.h>
+#include "i915_drv.h"
+#include "drm/i915_component.h"
+#include "intel_pxp.h"
+#include "intel_pxp_context.h"
+#include "intel_pxp_tee.h"
+
+static int intel_pxp_tee_io_message(struct drm_i915_private *i915,
+ void *msg_in, u32 msg_in_size,
+ void *msg_out, u32 *msg_out_size_ptr,
+ u32 msg_out_buf_size)
+{
+ int ret;
+ struct i915_pxp_comp_master *pxp_tee_master = i915->pxp_tee_master;
+
+ if (!pxp_tee_master || !msg_in || !msg_out || !msg_out_size_ptr) {
+ ret = -EINVAL;
+ drm_dbg(&i915->drm, "Failed to %s, invalid params\n", __func__);
+ goto end;
+ }
+
+ lockdep_assert_held(&i915->pxp_tee_comp_mutex);
+
+ if (drm_debug_enabled(DRM_UT_DRIVER))
+ print_hex_dump(KERN_DEBUG, "TEE input message binaries:",
+ DUMP_PREFIX_OFFSET, 4, 4, msg_in, msg_in_size, true);
+
+ ret = pxp_tee_master->ops->send(pxp_tee_master->tee_dev, msg_in, msg_in_size);
+ if (ret) {
+ ret = -EFAULT;
+ drm_dbg(&i915->drm, "Failed to send TEE message\n");
+ goto end;
+ }
+
+ ret = pxp_tee_master->ops->receive(pxp_tee_master->tee_dev, msg_out, msg_out_buf_size);
+ if (ret < 0) {
+ ret = -EFAULT;
+ drm_dbg(&i915->drm, "Failed to receive TEE message\n");
+ goto end;
+ }
+
+ if (ret > msg_out_buf_size) {
+ ret = -EFAULT;
+ drm_dbg(&i915->drm, "Failed to receive TEE message due to unexpected output size\n");
+ goto end;
+ }
+
+ *msg_out_size_ptr = ret;
+ ret = 0;
+
+ if (drm_debug_enabled(DRM_UT_DRIVER))
+ print_hex_dump(KERN_DEBUG, "TEE output message binaries:",
+ DUMP_PREFIX_OFFSET, 4, 4, msg_out, *msg_out_size_ptr, true);
+end:
+ return ret;
+}
+
+/**
+ * i915_pxp_tee_component_bind - bind funciton to pass the function pointers to pxp_tee
+ * @i915_kdev: pointer to i915 kernel device
+ * @tee_kdev: pointer to tee kernel device
+ * @data: pointer to pxp_tee_master containing the function pointers
+ *
+ * This bind function is called during the system boot or resume from system sleep.
+ *
+ * Return: return 0 if successful.
+ */
+static int i915_pxp_tee_component_bind(struct device *i915_kdev,
+ struct device *tee_kdev, void *data)
+{
+ struct drm_i915_private *i915 = kdev_to_i915(i915_kdev);
+
+ drm_dbg(&i915->drm, "i915 PXP TEE component bind\n");
+
+ if (!i915 || !tee_kdev || !data) {
+ drm_dbg(&i915->drm, "Failed to bind for i915 PXP TEE component, invalid params\n");
+ return -EPERM;
+ }
+
+ mutex_lock(&i915->pxp_tee_comp_mutex);
+ i915->pxp_tee_master = (struct i915_pxp_comp_master *)data;
+ i915->pxp_tee_master->tee_dev = tee_kdev;
+ mutex_unlock(&i915->pxp_tee_comp_mutex);
+
+ return 0;
+}
+
+static void i915_pxp_tee_component_unbind(struct device *i915_kdev,
+ struct device *tee_kdev, void *data)
+{
+ struct drm_i915_private *i915 = kdev_to_i915(i915_kdev);
+
+ drm_dbg(&i915->drm, "i915 PXP TEE component unbind\n");
+
+ if (!i915 || !tee_kdev || !data) {
+ drm_dbg(&i915->drm, "Failed to unbind for i915 PXP TEE component, invalid params\n");
+ return;
+ }
+
+ mutex_lock(&i915->pxp_tee_comp_mutex);
+ i915->pxp_tee_master = NULL;
+ mutex_unlock(&i915->pxp_tee_comp_mutex);
+}
+
+static const struct component_ops i915_pxp_tee_component_ops = {
+ .bind = i915_pxp_tee_component_bind,
+ .unbind = i915_pxp_tee_component_unbind,
+};
+
+void intel_pxp_tee_component_init(struct drm_i915_private *i915)
+{
+ int ret;
+
+ drm_WARN_ON(&i915->drm, i915->pxp_tee_comp_added);
+
+ ret = component_add_typed(i915->drm.dev, &i915_pxp_tee_component_ops,
+ I915_COMPONENT_PXP);
+ if (ret < 0) {
+ drm_dbg_kms(&i915->drm, "Failed at component add(%d)\n", ret);
+ return;
+ }
+
+ mutex_lock(&i915->pxp_tee_comp_mutex);
+ i915->pxp_tee_comp_added = true;
+ mutex_unlock(&i915->pxp_tee_comp_mutex);
+}
+
+void intel_pxp_tee_component_fini(struct drm_i915_private *i915)
+{
+ mutex_lock(&i915->pxp_tee_comp_mutex);
+ i915->pxp_tee_comp_added = false;
+ mutex_unlock(&i915->pxp_tee_comp_mutex);
+
+ component_del(i915->drm.dev, &i915_pxp_tee_component_ops);
+}
diff --git a/drivers/gpu/drm/i915/pxp/intel_pxp_tee.h b/drivers/gpu/drm/i915/pxp/intel_pxp_tee.h
new file mode 100644
index 000000000000..54d6e89a68a8
--- /dev/null
+++ b/drivers/gpu/drm/i915/pxp/intel_pxp_tee.h
@@ -0,0 +1,14 @@
+/* SPDX-License-Identifier: MIT */
+/*
+ * Copyright(c) 2020, Intel Corporation. All rights reserved.
+ */
+
+#ifndef __INTEL_PXP_TEE_H__
+#define __INTEL_PXP_TEE_H__
+
+#include "drm/i915_pxp_tee_interface.h"
+
+void intel_pxp_tee_component_init(struct drm_i915_private *i915);
+void intel_pxp_tee_component_fini(struct drm_i915_private *i915);
+
+#endif /* __INTEL_PXP_TEE_H__ */
diff --git a/include/drm/i915_component.h b/include/drm/i915_component.h
index 55c3b123581b..c1e2a43d2d1e 100644
--- a/include/drm/i915_component.h
+++ b/include/drm/i915_component.h
@@ -29,6 +29,7 @@
enum i915_component_type {
I915_COMPONENT_AUDIO = 1,
I915_COMPONENT_HDCP,
+ I915_COMPONENT_PXP
};
/* MAX_PORT is the number of port
diff --git a/include/drm/i915_pxp_tee_interface.h b/include/drm/i915_pxp_tee_interface.h
new file mode 100644
index 000000000000..3999e255e145
--- /dev/null
+++ b/include/drm/i915_pxp_tee_interface.h
@@ -0,0 +1,45 @@
+/* SPDX-License-Identifier: MIT */
+/*
+ * Copyright © 2020 Intel Corporation
+ *
+ * Authors:
+ * Vitaly Lubart <vitaly.lubart@intel.com>
+ */
+
+#ifndef _I915_PXP_TEE_INTERFACE_H_
+#define _I915_PXP_TEE_INTERFACE_H_
+
+#include <linux/mutex.h>
+#include <linux/device.h>
+
+/**
+ * struct i915_pxp_component_ops - ops for PXP services.
+ * @owner: Module providing the ops
+ * @send: sends data to PXP
+ * @receive: receives data from PXP
+ */
+struct i915_pxp_component_ops {
+ /**
+ * @owner: owner of the module provding the ops
+ */
+ struct module *owner;
+
+ int (*send)(struct device *dev, const void *message, size_t size);
+ int (*receive)(struct device *dev, void *buffer, size_t size);
+};
+
+/**
+ * struct i915_pxp_component_master - Used for communication between i915
+ * and TEE drivers for the PXP services
+ * @tee_dev: device that provide the PXP service from TEE Bus.
+ * @pxp_ops: Ops implemented by TEE driver, used by i915 driver.
+ */
+struct i915_pxp_comp_master {
+ struct device *tee_dev;
+ const struct i915_pxp_component_ops *ops;
+
+ /* To protect the above members. */
+ struct mutex mutex;
+};
+
+#endif /* _I915_TEE_PXP_INTERFACE_H_ */
--
2.17.1
_______________________________________________
Intel-gfx mailing list
Intel-gfx@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/intel-gfx
next prev parent reply other threads:[~2020-11-14 1:45 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-14 1:45 [Intel-gfx] [PATCH 01/27] drm/i915/pxp: Introduce Intel PXP component Sean Z Huang
2020-11-14 1:45 ` [Intel-gfx] [PATCH 02/27] drm/i915/pxp: Enable PXP irq worker and callback stub Sean Z Huang
2020-11-14 1:45 ` [Intel-gfx] [PATCH 03/27] drm/i915/pxp: Add PXP context for logical hardware states Sean Z Huang
2020-11-14 1:45 ` [Intel-gfx] [PATCH 04/27] drm/i915/pxp: set KCR reg init during the boot time Sean Z Huang
2020-11-14 1:45 ` [Intel-gfx] [PATCH 05/27] drm/i915/pxp: Enable ioctl action to set the ring3 context Sean Z Huang
2020-11-14 4:23 ` kernel test robot
2020-11-14 4:23 ` kernel test robot
2020-11-16 9:46 ` Dan Carpenter
2020-11-16 9:46 ` Dan Carpenter
2020-11-16 9:46 ` Dan Carpenter
2020-11-14 1:45 ` [Intel-gfx] [PATCH 06/27] drm/i915: Rename the whitelist to allowlist Sean Z Huang
2020-11-14 1:45 ` [Intel-gfx] [PATCH 07/27] drm/i915/pxp: Add PXP-related registers into allowlist Sean Z Huang
2020-11-14 1:45 ` [Intel-gfx] [PATCH 08/27] drm/i915/pxp: Read register to check hardware session state Sean Z Huang
2020-11-14 5:04 ` kernel test robot
2020-11-14 5:04 ` kernel test robot
2020-11-14 5:04 ` [Intel-gfx] [RFC PATCH] drm/i915/pxp: pxp_sm_reg_read() can be static kernel test robot
2020-11-14 5:04 ` kernel test robot
2020-11-14 5:14 ` [Intel-gfx] [PATCH 08/27] drm/i915/pxp: Read register to check hardware session state kernel test robot
2020-11-14 5:14 ` kernel test robot
2020-11-14 1:45 ` [Intel-gfx] [PATCH 09/27] drm/i915/pxp: Implement funcs to get/set PXP tag Sean Z Huang
2020-11-14 1:45 ` [Intel-gfx] [PATCH 10/27] drm/i915/pxp: Enable ioctl action to reserve session slot Sean Z Huang
2020-11-14 1:45 ` [Intel-gfx] [PATCH 11/27] drm/i915/pxp: Enable ioctl action to set session in play Sean Z Huang
2020-11-14 1:45 ` [Intel-gfx] [PATCH 12/27] drm/i915/pxp: Func to send hardware session termination Sean Z Huang
2020-11-14 1:45 ` [Intel-gfx] [PATCH 13/27] drm/i915/pxp: Enable ioctl action to terminate the session Sean Z Huang
2020-11-14 1:45 ` [Intel-gfx] [PATCH 14/27] drm/i915/pxp: Enable ioctl action to query PXP tag Sean Z Huang
2020-11-14 1:45 ` [Intel-gfx] [PATCH 15/27] drm/i915/pxp: Destroy all type0 sessions upon teardown Sean Z Huang
2020-11-14 5:51 ` kernel test robot
2020-11-14 5:51 ` kernel test robot
2020-11-14 5:51 ` [Intel-gfx] [RFC PATCH] drm/i915/pxp: intel_pxp_sm_destroy_all_sw_sessions() can be static kernel test robot
2020-11-14 5:51 ` kernel test robot
2020-11-14 6:28 ` [Intel-gfx] [PATCH 15/27] drm/i915/pxp: Destroy all type0 sessions upon teardown kernel test robot
2020-11-14 6:28 ` kernel test robot
2020-11-14 1:45 ` [Intel-gfx] [PATCH 16/27] drm/i915/pxp: Termiante the session upon app crash Sean Z Huang
2020-11-14 1:45 ` [Intel-gfx] [PATCH 17/27] drm/i915/pxp: Enable PXP power management Sean Z Huang
2020-11-14 1:45 ` Sean Z Huang [this message]
2020-11-14 1:45 ` [Intel-gfx] [PATCH 19/27] drm/i915/pxp: Enable ioctl action to send TEE commands Sean Z Huang
2020-11-14 1:45 ` [Intel-gfx] [PATCH 20/27] drm/i915/pxp: Create the arbitrary session after boot Sean Z Huang
2020-11-14 1:45 ` [Intel-gfx] [PATCH 21/27] drm/i915/pxp: Add i915 trace logs for PXP operations Sean Z Huang
2020-11-14 1:45 ` [Intel-gfx] [PATCH 22/27] drm/i915/pxp: Expose session state for display protection flip Sean Z Huang
2020-11-14 1:45 ` [Intel-gfx] [PATCH 23/27] mei: bus: enable pavp device Sean Z Huang
2020-11-14 1:45 ` [Intel-gfx] [PATCH 24/27] mei: pxp: export pavp client to me client bus Sean Z Huang
2020-11-14 1:45 ` [Intel-gfx] [PATCH 25/27] drm/i915/uapi: introduce drm_i915_gem_create_ext for TGL Sean Z Huang
2020-11-14 1:45 ` [Intel-gfx] [PATCH 26/27] drm/i915/pavp: User interface for Protected buffer Sean Z Huang
2020-11-14 1:45 ` [Intel-gfx] [PATCH 27/27] drm/i915/pxp: Add plane decryption support Sean Z Huang
2020-11-14 1:59 ` [Intel-gfx] ✗ Fi.CI.BUILD: failure for series starting with [01/27] drm/i915/pxp: Introduce Intel PXP component Patchwork
2020-11-14 22:48 [Intel-gfx] [PATCH 18/27] drm/i915/pxp: Implement funcs to create the TEE channel kernel test robot
2020-11-15 20:23 [Intel-gfx] [PATCH 01/27] drm/i915/pxp: Introduce Intel PXP component Huang, Sean Z
2020-11-15 20:23 ` [Intel-gfx] [PATCH 18/27] drm/i915/pxp: Implement funcs to create the TEE channel Huang, Sean Z
2020-11-15 21:07 [Intel-gfx] [PATCH 01/27] drm/i915/pxp: Introduce Intel PXP component Huang, Sean Z
2020-11-15 21:08 ` [Intel-gfx] [PATCH 18/27] drm/i915/pxp: Implement funcs to create the TEE channel Huang, Sean Z
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201114014537.25495-18-sean.z.huang@intel.com \
--to=sean.z.huang@intel.com \
--cc=Intel-gfx@lists.freedesktop.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.