From: Daniele Ceraolo Spurio <daniele.ceraolospurio@intel.com>
To: intel-gfx@lists.freedesktop.org
Cc: Tomas Winkler <tomas.winkler@intel.com>,
Daniele Ceraolo Spurio <daniele.ceraolospurio@intel.com>,
Alan Previn <alan.previn.teres.alexis@intel.com>,
Vitaly Lubart <vitaly.lubart@intel.com>,
dri-devel@lists.freedesktop.org
Subject: [PATCH v4 09/15] drm/i915/pxp: add huc authentication and loading command
Date: Thu, 8 Sep 2022 17:16:06 -0700 [thread overview]
Message-ID: <20220909001612.728451-10-daniele.ceraolospurio@intel.com> (raw)
In-Reply-To: <20220909001612.728451-1-daniele.ceraolospurio@intel.com>
From: Tomas Winkler <tomas.winkler@intel.com>
Add support for loading HuC via a pxp stream command.
V4:
1. Remove unnecessary include in intel_pxp_huc.h (Jani)
2. Adjust copyright year to 2022
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
Signed-off-by: Vitaly Lubart <vitaly.lubart@intel.com>
Signed-off-by: Daniele Ceraolo Spurio <daniele.ceraolospurio@intel.com>
Cc: Alan Previn <alan.previn.teres.alexis@intel.com>
Reviewed-by: Alan Previn <alan.previn.teres.alexis@intel.com>
---
drivers/gpu/drm/i915/Makefile | 3 +-
drivers/gpu/drm/i915/pxp/intel_pxp_huc.c | 69 +++++++++++++++++++
drivers/gpu/drm/i915/pxp/intel_pxp_huc.h | 13 ++++
.../drm/i915/pxp/intel_pxp_tee_interface.h | 23 ++++++-
4 files changed, 106 insertions(+), 2 deletions(-)
create mode 100644 drivers/gpu/drm/i915/pxp/intel_pxp_huc.c
create mode 100644 drivers/gpu/drm/i915/pxp/intel_pxp_huc.h
diff --git a/drivers/gpu/drm/i915/Makefile b/drivers/gpu/drm/i915/Makefile
index 589823ad62ed..5bee787d3c2a 100644
--- a/drivers/gpu/drm/i915/Makefile
+++ b/drivers/gpu/drm/i915/Makefile
@@ -310,7 +310,8 @@ i915-y += i915_perf.o
# Protected execution platform (PXP) support. Base support is required for HuC
i915-y += \
pxp/intel_pxp.o \
- pxp/intel_pxp_tee.o
+ pxp/intel_pxp_tee.o \
+ pxp/intel_pxp_huc.o
i915-$(CONFIG_DRM_I915_PXP) += \
pxp/intel_pxp_cmd.o \
diff --git a/drivers/gpu/drm/i915/pxp/intel_pxp_huc.c b/drivers/gpu/drm/i915/pxp/intel_pxp_huc.c
new file mode 100644
index 000000000000..7ec36d94e758
--- /dev/null
+++ b/drivers/gpu/drm/i915/pxp/intel_pxp_huc.c
@@ -0,0 +1,69 @@
+// SPDX-License-Identifier: MIT
+/*
+ * Copyright(c) 2021-2022, Intel Corporation. All rights reserved.
+ */
+
+#include "drm/i915_drm.h"
+#include "i915_drv.h"
+
+#include "gem/i915_gem_region.h"
+#include "gt/intel_gt.h"
+
+#include "intel_pxp.h"
+#include "intel_pxp_huc.h"
+#include "intel_pxp_tee.h"
+#include "intel_pxp_types.h"
+#include "intel_pxp_tee_interface.h"
+
+int intel_pxp_huc_load_and_auth(struct intel_pxp *pxp)
+{
+ struct intel_gt *gt = pxp_to_gt(pxp);
+ struct intel_huc *huc = >->uc.huc;
+ struct pxp_tee_start_huc_auth_in huc_in = {0};
+ struct pxp_tee_start_huc_auth_out huc_out = {0};
+ dma_addr_t huc_phys_addr;
+ u8 client_id = 0;
+ u8 fence_id = 0;
+ int err;
+
+ if (!pxp->pxp_component)
+ return -ENODEV;
+
+ huc_phys_addr = i915_gem_object_get_dma_address(huc->fw.obj, 0);
+
+ /* write the PXP message into the lmem (the sg list) */
+ huc_in.header.api_version = PXP_TEE_43_APIVER;
+ huc_in.header.command_id = PXP_TEE_43_START_HUC_AUTH;
+ huc_in.header.status = 0;
+ huc_in.header.buffer_len = sizeof(huc_in.huc_base_address);
+ huc_in.huc_base_address = huc_phys_addr;
+
+ err = intel_pxp_tee_stream_message(pxp, client_id, fence_id,
+ &huc_in, sizeof(huc_in),
+ &huc_out, sizeof(huc_out));
+ if (err < 0) {
+ drm_err(>->i915->drm,
+ "Failed to send HuC load and auth command to GSC [%d]!\n",
+ err);
+ return err;
+ }
+
+ /*
+ * HuC does sometimes survive suspend/resume (it depends on how "deep"
+ * a sleep state the device reaches) so we can end up here on resume
+ * with HuC already loaded, in which case the GSC will return
+ * PXP_STATUS_OP_NOT_PERMITTED. We can therefore consider the GuC
+ * correctly transferred in this scenario; if the same error is ever
+ * returned with HuC not loaded we'll still catch it when we check the
+ * authentication bit later.
+ */
+ if (huc_out.header.status != PXP_STATUS_SUCCESS &&
+ huc_out.header.status != PXP_STATUS_OP_NOT_PERMITTED) {
+ drm_err(>->i915->drm,
+ "HuC load failed with GSC error = 0x%x\n",
+ huc_out.header.status);
+ return -EPROTO;
+ }
+
+ return 0;
+}
diff --git a/drivers/gpu/drm/i915/pxp/intel_pxp_huc.h b/drivers/gpu/drm/i915/pxp/intel_pxp_huc.h
new file mode 100644
index 000000000000..e40847a91c39
--- /dev/null
+++ b/drivers/gpu/drm/i915/pxp/intel_pxp_huc.h
@@ -0,0 +1,13 @@
+/* SPDX-License-Identifier: MIT */
+/*
+ * Copyright(c) 2021-2022, Intel Corporation. All rights reserved.
+ */
+
+#ifndef __INTEL_PXP_HUC_H__
+#define __INTEL_PXP_HUC_H__
+
+struct intel_pxp;
+
+int intel_pxp_huc_load_and_auth(struct intel_pxp *pxp);
+
+#endif /* __INTEL_PXP_HUC_H__ */
diff --git a/drivers/gpu/drm/i915/pxp/intel_pxp_tee_interface.h b/drivers/gpu/drm/i915/pxp/intel_pxp_tee_interface.h
index 36e9b0868f5c..7edc1760f142 100644
--- a/drivers/gpu/drm/i915/pxp/intel_pxp_tee_interface.h
+++ b/drivers/gpu/drm/i915/pxp/intel_pxp_tee_interface.h
@@ -1,6 +1,6 @@
/* SPDX-License-Identifier: MIT */
/*
- * Copyright(c) 2020, Intel Corporation. All rights reserved.
+ * Copyright(c) 2020-2022, Intel Corporation. All rights reserved.
*/
#ifndef __INTEL_PXP_TEE_INTERFACE_H__
@@ -9,8 +9,20 @@
#include <linux/types.h>
#define PXP_TEE_APIVER 0x40002
+#define PXP_TEE_43_APIVER 0x00040003
#define PXP_TEE_ARB_CMDID 0x1e
#define PXP_TEE_ARB_PROTECTION_MODE 0x2
+#define PXP_TEE_43_START_HUC_AUTH 0x0000003A
+
+/*
+ * there are a lot of status codes for PXP, but we only define the ones we
+ * actually can handle in the driver. other failure codes will be printed to
+ * error msg for debug.
+ */
+enum pxp_status {
+ PXP_STATUS_SUCCESS = 0x0,
+ PXP_STATUS_OP_NOT_PERMITTED = 0x4013
+};
/* PXP TEE message header */
struct pxp_tee_cmd_header {
@@ -33,4 +45,13 @@ struct pxp_tee_create_arb_out {
struct pxp_tee_cmd_header header;
} __packed;
+struct pxp_tee_start_huc_auth_in {
+ struct pxp_tee_cmd_header header;
+ __le64 huc_base_address;
+};
+
+struct pxp_tee_start_huc_auth_out {
+ struct pxp_tee_cmd_header header;
+};
+
#endif /* __INTEL_PXP_TEE_INTERFACE_H__ */
--
2.37.2
next prev parent reply other threads:[~2022-09-09 0:18 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-09-09 0:15 [PATCH v4 00/15] drm/i915: HuC loading for DG2 Daniele Ceraolo Spurio
2022-09-09 0:15 ` [PATCH v4 01/15] mei: add support to GSC extended header Daniele Ceraolo Spurio
2022-09-09 6:11 ` Greg Kroah-Hartman
2022-09-09 6:29 ` Winkler, Tomas
2022-09-09 0:15 ` [PATCH v4 02/15] mei: bus: enable sending gsc commands Daniele Ceraolo Spurio
2022-09-09 0:16 ` [PATCH v4 03/15] mei: adjust extended header kdocs Daniele Ceraolo Spurio
2022-09-09 6:12 ` Greg Kroah-Hartman
2022-09-09 0:16 ` [PATCH v4 04/15] mei: bus: extend bus API to support command streamer API Daniele Ceraolo Spurio
2022-09-09 0:16 ` [PATCH v4 05/15] mei: pxp: add command streamer API to the PXP driver Daniele Ceraolo Spurio
2022-09-09 6:14 ` Greg Kroah-Hartman
2022-09-09 6:38 ` Winkler, Tomas
2022-09-09 6:42 ` Greg Kroah-Hartman
2022-09-12 9:59 ` Winkler, Tomas
2022-09-12 14:25 ` Greg Kroah-Hartman
2022-09-09 0:16 ` [PATCH v4 06/15] mei: pxp: support matching with a gfx discrete card Daniele Ceraolo Spurio
2022-09-09 6:16 ` Greg Kroah-Hartman
2022-09-09 6:51 ` Winkler, Tomas
2022-09-09 6:59 ` Greg Kroah-Hartman
2022-09-09 9:21 ` Winkler, Tomas
2022-09-09 10:19 ` Greg Kroah-Hartman
2022-09-12 10:05 ` Winkler, Tomas
2022-09-09 0:16 ` [PATCH v4 07/15] drm/i915/pxp: load the pxp module when we have a gsc-loaded huc Daniele Ceraolo Spurio
2022-09-09 0:16 ` [PATCH v4 08/15] drm/i915/pxp: implement function for sending tee stream command Daniele Ceraolo Spurio
2022-09-09 0:16 ` Daniele Ceraolo Spurio [this message]
2022-09-09 0:16 ` [PATCH v4 10/15] drm/i915/dg2: setup HuC loading via GSC Daniele Ceraolo Spurio
2022-09-09 20:54 ` Teres Alexis, Alan Previn
2022-09-09 0:16 ` [PATCH v4 11/15] drm/i915/huc: track delayed HuC load with a fence Daniele Ceraolo Spurio
2022-09-09 21:10 ` Teres Alexis, Alan Previn
2022-09-09 0:16 ` [PATCH v4 12/15] drm/i915/huc: stall media submission until HuC is loaded Daniele Ceraolo Spurio
2022-09-09 21:20 ` Ye, Tony
2022-09-09 0:16 ` [PATCH v4 13/15] drm/i915/huc: better define HuC status getparam possible return values Daniele Ceraolo Spurio
2022-09-09 0:16 ` [PATCH v4 14/15] drm/i915/huc: define gsc-compatible HuC fw for DG2 Daniele Ceraolo Spurio
2022-09-09 21:20 ` Ye, Tony
2022-09-10 0:18 ` Teres Alexis, Alan Previn
2022-09-09 0:16 ` [PATCH v4 15/15] HAX: drm/i915: force INTEL_MEI_GSC and INTEL_MEI_PXP on for CI Daniele Ceraolo Spurio
2022-09-09 0:22 ` Ceraolo Spurio, Daniele
2022-09-09 6:01 ` [PATCH v4 00/15] drm/i915: HuC loading for DG2 Winkler, Tomas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220909001612.728451-10-daniele.ceraolospurio@intel.com \
--to=daniele.ceraolospurio@intel.com \
--cc=alan.previn.teres.alexis@intel.com \
--cc=dri-devel@lists.freedesktop.org \
--cc=intel-gfx@lists.freedesktop.org \
--cc=tomas.winkler@intel.com \
--cc=vitaly.lubart@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).