Re: [PATCH v2] drm: Fix HDCP failures when SRM fw is missing

From: Sean Paul <sean@poorly.run>
To: Ramalingam C <ramalingam.c@intel.com>
Cc: dri-devel <dri-devel@lists.freedesktop.org>,
	David Airlie <airlied@linux.ie>,
	Intel Graphics Development <intel-gfx@lists.freedesktop.org>,
	Sean Paul <seanpaul@chromium.org>,
	stable <stable@vger.kernel.org>,
	Thomas Zimmermann <tzimmermann@suse.de>
Subject: Re: [PATCH v2] drm: Fix HDCP failures when SRM fw is missing
Date: Wed, 29 Apr 2020 10:46:29 -0400	[thread overview]
Message-ID: <CAMavQKJJ5h+v0_RQVh6Yanjsz=ZbDyo=5AFVgfrkJcTVjynz9A@mail.gmail.com> (raw)
In-Reply-To: <20200429142221.GG22816@intel.com>

On Wed, Apr 29, 2020 at 10:22 AM Ramalingam C <ramalingam.c@intel.com> wrote:
>
> On 2020-04-29 at 09:58:16 -0400, Sean Paul wrote:
> > On Wed, Apr 29, 2020 at 9:50 AM Ramalingam C <ramalingam.c@intel.com> wrote:
> > >
> > > On 2020-04-14 at 15:02:55 -0400, Sean Paul wrote:
> > > > From: Sean Paul <seanpaul@chromium.org>
> > > >
> > > > The SRM cleanup in 79643fddd6eb2 ("drm/hdcp: optimizing the srm
> > > > handling") inadvertently altered the behavior of HDCP auth when
> > > > the SRM firmware is missing. Before that patch, missing SRM was
> > > > interpreted as the device having no revoked keys. With that patch,
> > > > if the SRM fw file is missing we reject _all_ keys.
> > > >
> > > > This patch fixes that regression by returning success if the file
> > > > cannot be found. It also checks the return value from request_srm such
> > > > that we won't end up trying to parse the ksv list if there is an error
> > > > fetching it.
> > > >
> > > > Fixes: 79643fddd6eb ("drm/hdcp: optimizing the srm handling")
> > > > Cc: stable@vger.kernel.org
> > > > Cc: Ramalingam C <ramalingam.c@intel.com>
> > > > Cc: Sean Paul <sean@poorly.run>
> > > > Cc: Maarten Lankhorst <maarten.lankhorst@linux.intel.com>
> > > > Cc: Maxime Ripard <mripard@kernel.org>
> > > > Cc: Thomas Zimmermann <tzimmermann@suse.de>
> > > > Cc: David Airlie <airlied@linux.ie>
> > > > Cc: Daniel Vetter <daniel@ffwll.ch>
> > > > Cc: dri-devel@lists.freedesktop.org
> > > > Signed-off-by: Sean Paul <seanpaul@chromium.org>
> > > >
> > > > Changes in v2:
> > > > -Noticed a couple other things to clean up
> > > > ---
> > > >
> > > > Sorry for the quick rev, noticed a couple other loose ends that should
> > > > be cleaned up.
> > > >
> > > >  drivers/gpu/drm/drm_hdcp.c | 8 +++++++-
> > > >  1 file changed, 7 insertions(+), 1 deletion(-)
> > > >
> > > > diff --git a/drivers/gpu/drm/drm_hdcp.c b/drivers/gpu/drm/drm_hdcp.c
> > > > index 7f386adcf872..910108ccaae1 100644
> > > > --- a/drivers/gpu/drm/drm_hdcp.c
> > > > +++ b/drivers/gpu/drm/drm_hdcp.c
> > > > @@ -241,8 +241,12 @@ static int drm_hdcp_request_srm(struct drm_device *drm_dev,
> > > >
> > > >       ret = request_firmware_direct(&fw, (const char *)fw_name,
> > > >                                     drm_dev->dev);
> > > > -     if (ret < 0)
> > > > +     if (ret < 0) {
> > > > +             *revoked_ksv_cnt = 0;
> > > > +             *revoked_ksv_list = NULL;
> > > These two variables are already initialized by the caller.
> >
> > Right now it is, but that's not guaranteed. In the ret == 0 case, it's
> > pretty common for a caller to assume the called function has
> > validated/assigned all the function output.
> Ok.
> >
> > > > +             ret = 0;
> > > Missing of this should have been caught by CI. May be CI system always
> > > having the SRM file from previous execution. Never been removed. IGT
> > > need a fix to clean the prior SRM files before execution.
> > >
> > > CI fix shouldn't block this fix.
> > > >               goto exit;
> > > > +     }
> > > >
> > > >       if (fw->size && fw->data)
> > > >               ret = drm_hdcp_srm_update(fw->data, fw->size, revoked_ksv_list,
> > > > @@ -287,6 +291,8 @@ int drm_hdcp_check_ksvs_revoked(struct drm_device *drm_dev, u8 *ksvs,
> > > >
> > > >       ret = drm_hdcp_request_srm(drm_dev, &revoked_ksv_list,
> > > >                                  &revoked_ksv_cnt);
> > > > +     if (ret)
> > > > +             return ret;
> > > This error code also shouldn't effect the caller(i915)
> >
> > Why not? I'd assume an invalid SRM revocation list should probably be
> > treated as failure?
> IMHO invalid SRM revocation need not be treated as HDCP authentication
> failure.
>
> First of all SRM need not supplied by all players. and incase, supplied
> SRM is not as per the spec, then we dont have any list of revoked ID.
> with this I dont think we need to fail the HDCP authentication. Until we
> have valid list of revoked IDs from SRM, and the receiver ID is matching
> to one of the revoked IDs, I wouldn't want to fail the HDCP
> authentication.
>

Ok, thanks for the explanation. This all seems reasonable to me.

Looks like this can be applied as-is, right? I'll review the patch you
posted so we can ignore the -ve return values.

Thanks for the review!

Sean

> -Ram
> >
> >
> > > hence pushed a
> > > change https://patchwork.freedesktop.org/series/76730/
> > >
> > > With these addresed.
> > >
> > > LGTM.
> > >
> > > Reviewed-by: Ramalingam C <ramalingam.c@intel.com>
> > > >
> > > >       /* revoked_ksv_cnt will be zero when above function failed */
> > > >       for (i = 0; i < revoked_ksv_cnt; i++)
> > > > --
> > > > Sean Paul, Software Engineer, Google / Chromium OS
> > > >
_______________________________________________
dri-devel mailing list
dri-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/dri-devel