From: "Huang, Sean Z" <sean.z.huang@intel.com>
To: Intel-gfx@lists.freedesktop.org
Subject: [Intel-gfx] [RFC-v8 17/23] drm/i915/pxp: Implement ioctl action to send TEE commands
Date: Fri, 11 Dec 2020 01:04:51 -0800 [thread overview]
Message-ID: <20201211090457.32674-18-sean.z.huang@intel.com> (raw)
In-Reply-To: <20201211090457.32674-1-sean.z.huang@intel.com>
Implement the ioctl action to allow userspace driver sends TEE
commands via PXP ioctl, instead of TEE iotcl. So we can
centralize those protection operations at PXP.
Signed-off-by: Huang, Sean Z <sean.z.huang@intel.com>
---
drivers/gpu/drm/i915/pxp/intel_pxp.c | 48 +++++++++++++++++---
drivers/gpu/drm/i915/pxp/intel_pxp_tee.c | 57 ++++++++++++++++++++++++
drivers/gpu/drm/i915/pxp/intel_pxp_tee.h | 5 +++
3 files changed, 105 insertions(+), 5 deletions(-)
diff --git a/drivers/gpu/drm/i915/pxp/intel_pxp.c b/drivers/gpu/drm/i915/pxp/intel_pxp.c
index c35011b84f5a..2445af5f763c 100644
--- a/drivers/gpu/drm/i915/pxp/intel_pxp.c
+++ b/drivers/gpu/drm/i915/pxp/intel_pxp.c
@@ -16,7 +16,10 @@
/* Setting KCR Init bit is required after system boot */
#define KCR_INIT_ALLOW_DISPLAY_ME_WRITES (BIT(14) | (BIT(14) << KCR_INIT_MASK_SHIFT))
-#define PXP_ACTION_SET_SESSION_STATUS 1
+enum pxp_ioctl_action {
+ PXP_ACTION_SET_SESSION_STATUS = 1,
+ PXP_ACTION_TEE_IO_MESSAGE = 4,
+};
enum pxp_session_req {
/* Request KMD to allocate session id and move it to IN INIT */
@@ -38,13 +41,28 @@ struct pxp_set_session_status_params {
u32 req_session_state; /* in, new session state */
};
+/*
+ * struct pxp_tee_io_message_params - Params to send/receive message to/from TEE.
+ */
+struct pxp_tee_io_message_params {
+ u8 __user *msg_in; /* in - message input */
+ u32 msg_in_size; /* in - message input size */
+ u8 __user *msg_out; /* in - message output buffer */
+ u32 msg_out_size; /* out- message output size from TEE */
+ u32 msg_out_buf_size; /* in - message output buffer size */
+};
+
/* struct pxp_info - Params for PXP operation. */
struct pxp_info {
u32 action; /* in - specified action of this operation */
u32 sm_status; /* out - status output for this operation */
- /* in - action params to set the PXP session state */
- struct pxp_set_session_status_params set_session_status;
+ union {
+ /* in - action params to set the PXP session state */
+ struct pxp_set_session_status_params set_session_status;
+ /* in - action params to send TEE commands */
+ struct pxp_tee_io_message_params tee_io_message;
+ };
} __attribute__((packed));
struct drm_i915_pxp_ops {
@@ -228,7 +246,9 @@ int i915_pxp_ops_ioctl(struct drm_device *dev, void *data, struct drm_file *drmf
goto end;
}
- if (pxp_info.action == PXP_ACTION_SET_SESSION_STATUS) {
+ switch (pxp_info.action) {
+ case PXP_ACTION_SET_SESSION_STATUS:
+ {
struct pxp_set_session_status_params *params = &pxp_info.set_session_status;
if (params->req_session_state == PXP_REQ_SESSION_ID_INIT) {
@@ -250,8 +270,26 @@ int i915_pxp_ops_ioctl(struct drm_device *dev, void *data, struct drm_file *drmf
} else {
ret = -EINVAL;
}
- } else {
+ break;
+ }
+ case PXP_ACTION_TEE_IO_MESSAGE:
+ {
+ struct pxp_tee_io_message_params *params = &pxp_info.tee_io_message;
+
+ ret = intel_pxp_tee_ioctl_io_message(pxp,
+ params->msg_in, params->msg_in_size,
+ params->msg_out, ¶ms->msg_out_size,
+ params->msg_out_buf_size);
+ if (ret) {
+ drm_err(&i915->drm, "Failed to send TEE IO message\n");
+ ret = -EFAULT;
+ }
+ break;
+ }
+ default:
+ drm_err(&i915->drm, "Failed to %s due to bad params\n", __func__);
ret = -EINVAL;
+ break;
}
end:
diff --git a/drivers/gpu/drm/i915/pxp/intel_pxp_tee.c b/drivers/gpu/drm/i915/pxp/intel_pxp_tee.c
index 816a6d5a54e4..e0815b2ee9ab 100644
--- a/drivers/gpu/drm/i915/pxp/intel_pxp_tee.c
+++ b/drivers/gpu/drm/i915/pxp/intel_pxp_tee.c
@@ -168,3 +168,60 @@ int intel_pxp_tee_cmd_create_arb_session(struct intel_pxp *pxp)
return ret;
}
+
+int intel_pxp_tee_ioctl_io_message(struct intel_pxp *pxp,
+ void __user *msg_in_user_ptr, u32 msg_in_size,
+ void __user *msg_out_user_ptr, u32 *msg_out_size_ptr,
+ u32 msg_out_buf_size)
+{
+ int ret;
+ void *msg_in = NULL;
+ void *msg_out = NULL;
+ struct intel_gt *gt = container_of(pxp, typeof(*gt), pxp);
+ struct drm_i915_private *i915 = gt->i915;
+
+ if (!msg_in_user_ptr || !msg_out_user_ptr || msg_out_buf_size == 0 ||
+ msg_in_size == 0 || !msg_out_size_ptr)
+ return -EINVAL;
+
+ msg_in = kzalloc(msg_in_size, GFP_KERNEL);
+ if (!msg_in)
+ return -ENOMEM;
+
+ msg_out = kzalloc(msg_out_buf_size, GFP_KERNEL);
+ if (!msg_out) {
+ ret = -ENOMEM;
+ goto end;
+ }
+
+ if (copy_from_user(msg_in, msg_in_user_ptr, msg_in_size) != 0) {
+ ret = -EFAULT;
+ drm_err(&i915->drm, "Failed to copy_from_user for TEE message\n");
+ goto end;
+ }
+
+ mutex_lock(&i915->pxp_tee_comp_mutex);
+
+ ret = intel_pxp_tee_io_message(pxp,
+ msg_in, msg_in_size,
+ msg_out, msg_out_size_ptr,
+ msg_out_buf_size);
+
+ mutex_unlock(&i915->pxp_tee_comp_mutex);
+
+ if (ret) {
+ drm_err(&i915->drm, "Failed to send/receive tee message\n");
+ goto end;
+ }
+
+ if (copy_to_user(msg_out_user_ptr, msg_out, *msg_out_size_ptr) != 0) {
+ ret = -EFAULT;
+ drm_err(&i915->drm, "Failed to copy_to_user for TEE message\n");
+ goto end;
+ }
+
+end:
+ kfree(msg_in);
+ kfree(msg_out);
+ return ret;
+}
diff --git a/drivers/gpu/drm/i915/pxp/intel_pxp_tee.h b/drivers/gpu/drm/i915/pxp/intel_pxp_tee.h
index 757a54208a4d..d3129786758f 100644
--- a/drivers/gpu/drm/i915/pxp/intel_pxp_tee.h
+++ b/drivers/gpu/drm/i915/pxp/intel_pxp_tee.h
@@ -13,6 +13,11 @@ void intel_pxp_tee_component_fini(struct intel_pxp *pxp);
int intel_pxp_tee_cmd_create_arb_session(struct intel_pxp *pxp);
+int intel_pxp_tee_ioctl_io_message(struct intel_pxp *pxp,
+ void __user *msg_in_user_ptr, u32 msg_in_size,
+ void __user *msg_out_user_ptr, u32 *msg_out_size_ptr,
+ u32 msg_out_buf_size);
+
/* TEE command to create the arbitrary session */
#define PXP_TEE_ARB_CMD_BIN {0x00040000, 0x0000001e, 0x00000000, 0x00000008, 0x00000002, 0x0000000f}
#define PXP_TEE_ARB_CMD_DW_LEN (6)
--
2.17.1
_______________________________________________
Intel-gfx mailing list
Intel-gfx@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/intel-gfx
next prev parent reply other threads:[~2020-12-11 9:05 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-11 9:04 [Intel-gfx] [RFC-v8 00/23] Introduce Intel PXP component - Mesa single session Huang, Sean Z
2020-12-11 9:04 ` [Intel-gfx] [RFC-v8 01/23] drm/i915/pxp: Introduce Intel PXP component Huang, Sean Z
2020-12-11 9:04 ` [Intel-gfx] [RFC-v8 02/23] drm/i915/pxp: set KCR reg init during the boot time Huang, Sean Z
2020-12-11 9:04 ` [Intel-gfx] [RFC-v8 03/23] drm/i915/pxp: Implement funcs to create the TEE channel Huang, Sean Z
2020-12-11 9:04 ` [Intel-gfx] [RFC-v8 04/23] drm/i915/pxp: Create the arbitrary session after boot Huang, Sean Z
2020-12-11 9:04 ` [Intel-gfx] [RFC-v8 05/23] drm/i915/pxp: Func to send hardware session termination Huang, Sean Z
2020-12-11 9:04 ` [Intel-gfx] [RFC-v8 06/23] drm/i915/pxp: Enable PXP irq worker and callback stub Huang, Sean Z
2020-12-11 9:04 ` [Intel-gfx] [RFC-v8 07/23] drm/i915/pxp: Destroy arb session upon teardown Huang, Sean Z
2020-12-11 9:04 ` [Intel-gfx] [RFC-v8 08/23] drm/i915/pxp: Enable PXP power management Huang, Sean Z
2020-12-11 9:04 ` [Intel-gfx] [RFC-v8 09/23] drm/i915/pxp: Expose session state for display protection flip Huang, Sean Z
2020-12-11 9:04 ` [Intel-gfx] [RFC-v8 10/23] mei: pxp: export pavp client to me client bus Huang, Sean Z
2020-12-11 9:04 ` [Intel-gfx] [RFC-v8 11/23] drm/i915/uapi: introduce drm_i915_gem_create_ext Huang, Sean Z
2020-12-11 9:04 ` [Intel-gfx] [RFC-v8 12/23] drm/i915/pxp: User interface for Protected buffer Huang, Sean Z
2020-12-11 9:04 ` [Intel-gfx] [RFC-v8 13/23] drm/i915/pxp: Add plane decryption support Huang, Sean Z
2020-12-11 9:04 ` [Intel-gfx] [RFC-v8 14/23] drm/i915/pxp: Implement ioctl action to reserve session slots Huang, Sean Z
2020-12-11 9:04 ` [Intel-gfx] [RFC-v8 15/23] drm/i915/pxp: Implement ioctl action to set session in play Huang, Sean Z
2020-12-11 9:04 ` [Intel-gfx] [RFC-v8 16/23] drm/i915/pxp: Implement ioctl action to terminate the session Huang, Sean Z
2020-12-11 9:04 ` Huang, Sean Z [this message]
2020-12-11 9:04 ` [Intel-gfx] [RFC-v8 18/23] drm/i915/pxp: Implement ioctl action to query PXP tag Huang, Sean Z
2020-12-11 9:04 ` [Intel-gfx] [RFC-v8 19/23] drm/i915/pxp: Termiante the session upon app crash Huang, Sean Z
2020-12-11 9:04 ` [Intel-gfx] [RFC-v8 20/23] drm/i915/pxp: Add PXP-related registers into allowlist Huang, Sean Z
2020-12-11 9:04 ` [Intel-gfx] [RFC-v8 21/23] mei: bus: add vtag support Huang, Sean Z
2020-12-11 9:04 ` [Intel-gfx] [RFC-v8 22/23] mei: pxp: add vtag parameter to mei_pxp_send/receive interface Huang, Sean Z
2020-12-11 9:04 ` [Intel-gfx] [RFC-v8 23/23] drm/i915/pxp: Enable the PXP ioctl for protected session Huang, Sean Z
2020-12-11 9:36 ` [Intel-gfx] ✗ Fi.CI.CHECKPATCH: warning for Introduce Intel PXP component - Mesa single session (rev8) Patchwork
2020-12-11 9:41 ` [Intel-gfx] ✗ Fi.CI.DOCS: " Patchwork
2020-12-11 10:05 ` [Intel-gfx] ✓ Fi.CI.BAT: success " Patchwork
2020-12-11 11:12 ` [Intel-gfx] ✓ Fi.CI.IGT: " Patchwork
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201211090457.32674-18-sean.z.huang@intel.com \
--to=sean.z.huang@intel.com \
--cc=Intel-gfx@lists.freedesktop.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.