From: Mark Yacoub <markyacoub@chromium.org>
To: igt-dev@lists.freedesktop.org
Subject: [igt-dev] [PATCH] kms_prop_blob: Add new subtest for write-only blobs
Date: Wed, 25 May 2022 15:18:01 -0400 [thread overview]
Message-ID: <20220525191801.2746592-1-markyacoub@chromium.org> (raw)
[Why]
Some blobs support secret data injected into the kernel that should be
retrieved back to user space (like HDCP key provisioned from a server
and injected to the kernel)
[How]
Create a blob using the write only flag and validate that the data it
holds can't be read again by the user space.
Compare this behavior against a blob created without the flag.
TEST=blob-write-only
TESTED-ON=Trogdor
Signed-off-by: Mark Yacoub <markyacoub@chromium.org>
---
include/drm-uapi/drm_mode.h | 6 ++++++
tests/kms_prop_blob.c | 39 +++++++++++++++++++++++++++++++++++--
2 files changed, 43 insertions(+), 2 deletions(-)
diff --git a/include/drm-uapi/drm_mode.h b/include/drm-uapi/drm_mode.h
index e4a2570a..38d6c1f0 100644
--- a/include/drm-uapi/drm_mode.h
+++ b/include/drm-uapi/drm_mode.h
@@ -1075,6 +1075,9 @@ struct drm_format_modifier {
__u64 modifier;
};
+#define DRM_MODE_CREATE_BLOB_WRITE_ONLY \
+ (1 << 0) /* data of the blob can't be read by user space */
+
/**
* struct drm_mode_create_blob - Create New blob property
*
@@ -1088,6 +1091,9 @@ struct drm_mode_create_blob {
__u32 length;
/** @blob_id: Return: new property ID. */
__u32 blob_id;
+ /** Flags for special handling. */
+ __u32 flags;
+ __u32 pad;
};
/**
diff --git a/tests/kms_prop_blob.c b/tests/kms_prop_blob.c
index 96aa6d8d..c130a432 100644
--- a/tests/kms_prop_blob.c
+++ b/tests/kms_prop_blob.c
@@ -75,6 +75,7 @@ validate_prop(int fd, uint32_t prop_id)
{
struct drm_mode_get_blob get;
struct drm_mode_modeinfo ret_mode;
+ ret_mode.clock = 0;
get.blob_id = prop_id;
get.length = 0;
@@ -94,12 +95,13 @@ validate_prop(int fd, uint32_t prop_id)
}
static uint32_t
-create_prop(int fd)
+create_prop_with_flags(int fd, uint32_t flags)
{
struct drm_mode_create_blob create;
create.length = sizeof(test_mode_valid);
- create.data = (uintptr_t) &test_mode_valid;
+ create.data = (uintptr_t)&test_mode_valid;
+ create.flags = flags;
do_ioctl(fd, DRM_IOCTL_MODE_CREATEPROPBLOB, &create);
igt_assert_neq_u32(create.blob_id, 0);
@@ -107,6 +109,12 @@ create_prop(int fd)
return create.blob_id;
}
+static uint32_t
+create_prop(int fd)
+{
+ return create_prop_with_flags(fd, 0);
+}
+
static int
destroy_prop(int fd, uint32_t prop_id)
{
@@ -223,6 +231,29 @@ test_multiple(int fd)
igt_assert_eq(validate_prop(fd, prop_ids[i]), ENOENT);
}
+/* Create 2 blobs, a write-only and a read-write blob.
+ The only difference is the flag.
+ Check that we can't read the value of the blob with the write-only flag.
+*/
+static void
+test_write_only(int fd) {
+ uint32_t rw_blob_id, wo_blob_id;
+ int wo_ret = 0;
+
+ rw_blob_id = create_prop_with_flags(fd, 0);
+ wo_blob_id = create_prop_with_flags(fd, DRM_MODE_CREATE_BLOB_WRITE_ONLY);
+
+ igt_assert_eq(validate_prop(fd, rw_blob_id), 0);
+
+ wo_ret = validate_prop(fd, wo_blob_id);
+ /* The correct length should be copied to the length field. */
+ igt_assert_neq(wo_ret, ENOMEM);
+ igt_assert_eq(wo_ret, EINVAL);
+
+ igt_assert_eq(destroy_prop(fd, rw_blob_id), 0);
+ igt_assert_eq(destroy_prop(fd, wo_blob_id), 0);
+}
+
static void
test_core(int fd)
{
@@ -335,6 +366,10 @@ igt_main
igt_subtest("blob-multiple")
test_multiple(fd);
+ igt_describe("Test validates Write-only blobs can't be read back by user space.");
+ igt_subtest("blob-write-only")
+ test_write_only(fd);
+
prop_tests(fd);
igt_fixture
--
2.36.1.124.g0e6072fb45-goog
next reply other threads:[~2022-05-25 19:18 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-25 19:18 Mark Yacoub [this message]
2022-05-25 21:47 ` [igt-dev] ✓ Fi.CI.BAT: success for kms_prop_blob: Add new subtest for write-only blobs Patchwork
2022-05-26 12:45 ` [igt-dev] ✓ Fi.CI.IGT: " Patchwork
2022-05-31 9:11 ` [igt-dev] [PATCH] " Petri Latvala
2022-05-31 14:24 ` Petri Latvala
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220525191801.2746592-1-markyacoub@chromium.org \
--to=markyacoub@chromium.org \
--cc=igt-dev@lists.freedesktop.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.