From: Chris Wilson <chris@chris-wilson.co.uk>
To: "Huang, Sean Z" <sean.z.huang@intel.com>,
Intel-gfx@lists.freedesktop.org
Cc: kumar.gaurav@intel.com
Subject: Re: [Intel-gfx] [RFC-v23 01/13] drm/i915/pxp: Introduce Intel PXP component
Date: Thu, 21 Jan 2021 16:08:52 +0000 [thread overview]
Message-ID: <161124533227.3166.9812914686571768459@build.alporthouse.com> (raw)
In-Reply-To: <20210119074320.28768-2-sean.z.huang@intel.com>
Quoting Huang, Sean Z (2021-01-19 07:43:08)
> PXP (Protected Xe Path) is an i915 componment, available on GEN12+,
> that helps to establish the hardware protected session and manage
> the status of the alive software session, as well as its life cycle.
>
> This patch series is to allow the kernel space to create and
> manage a single hardware session (a.k.a default session or
> arbitrary session). So Mesa can allocate the protected buffer,
> which is encrypted with the leverage of the arbitrary hardware
> session.
>
> rev21:
> - Remove the term "Mesa" from the help description of Kconfig
> - Remove unnecessary "select INTEL_MEI_TXE" from DRM_I915_PXP
> in Kconfig
>
> Signed-off-by: Huang, Sean Z <sean.z.huang@intel.com>
> ---
> drivers/gpu/drm/i915/Kconfig | 21 ++++++++++++++
> drivers/gpu/drm/i915/Makefile | 5 ++++
> drivers/gpu/drm/i915/gt/intel_gt.c | 5 ++++
> drivers/gpu/drm/i915/gt/intel_gt_types.h | 3 ++
> drivers/gpu/drm/i915/pxp/intel_pxp.c | 29 ++++++++++++++++++++
> drivers/gpu/drm/i915/pxp/intel_pxp.h | 25 +++++++++++++++++
> drivers/gpu/drm/i915/pxp/intel_pxp_context.c | 25 +++++++++++++++++
> drivers/gpu/drm/i915/pxp/intel_pxp_context.h | 15 ++++++++++
> drivers/gpu/drm/i915/pxp/intel_pxp_types.h | 23 ++++++++++++++++
> 9 files changed, 151 insertions(+)
> create mode 100644 drivers/gpu/drm/i915/pxp/intel_pxp.c
> create mode 100644 drivers/gpu/drm/i915/pxp/intel_pxp.h
> create mode 100644 drivers/gpu/drm/i915/pxp/intel_pxp_context.c
> create mode 100644 drivers/gpu/drm/i915/pxp/intel_pxp_context.h
> create mode 100644 drivers/gpu/drm/i915/pxp/intel_pxp_types.h
>
> diff --git a/drivers/gpu/drm/i915/Kconfig b/drivers/gpu/drm/i915/Kconfig
> index 1e1cb245fca7..f0a8c46126d8 100644
> --- a/drivers/gpu/drm/i915/Kconfig
> +++ b/drivers/gpu/drm/i915/Kconfig
> @@ -130,6 +130,27 @@ config DRM_I915_GVT_KVMGT
> Choose this option if you want to enable KVMGT support for
> Intel GVT-g.
>
> +config DRM_I915_PXP
> + bool "Enable Intel PXP support for Intel Gen12+ platform"
> + depends on DRM_I915
> + select INTEL_MEI
> + select INTEL_MEI_ME
> + select INTEL_MEI_PXP
> + default y
That's a bitter pill to swallow. Note that
INTEL_MEI depends on x86 && PCI
so we really should only be
depends on INTEL_MEI if X86 && PCI
> + help
> + This option selects INTEL_MEI_ME if it isn't already selected to
> + enabled full PXP Services on Intel platforms.
> +
> + PXP (Protected Xe Path) is an i915 componment, available on GEN12+,
GEN12+ GPUs
We have to be careful to distinguish GPU generation from processor
generation. Too easy for the reader to confuse.
> + that helps to establish the hardware protected session and manage
> + the status of the alive software session, as well as its life cycle.
> +
> + This patch series is to allow the kernel space to create and
> + manage a single hardware session (a.k.a default session or
> + arbitrary session). So user space can allocate the protected buffer,
> + which is encrypted with the leverage of the arbitrary hardware
> + session.
Patch series in a user help message? This paragraph looks like it
doesn't belong here.
> +
> menu "drm/i915 Debugging"
> depends on DRM_I915
> depends on EXPERT
> diff --git a/drivers/gpu/drm/i915/Makefile b/drivers/gpu/drm/i915/Makefile
> index 006dec54408d..9d27e2d8decc 100644
> --- a/drivers/gpu/drm/i915/Makefile
> +++ b/drivers/gpu/drm/i915/Makefile
> @@ -265,6 +265,11 @@ i915-y += \
>
> i915-y += i915_perf.o
>
> +# Protected execution platform (PXP) support
> +i915-$(CONFIG_DRM_I915_PXP) += \
> + pxp/intel_pxp.o \
> + pxp/intel_pxp_context.o
> +
> # Post-mortem debug and GPU hang state capture
> i915-$(CONFIG_DRM_I915_CAPTURE_ERROR) += i915_gpu_error.o
> i915-$(CONFIG_DRM_I915_SELFTEST) += \
> diff --git a/drivers/gpu/drm/i915/gt/intel_gt.c b/drivers/gpu/drm/i915/gt/intel_gt.c
> index d8e1ab412634..336ad7deae06 100644
> --- a/drivers/gpu/drm/i915/gt/intel_gt.c
> +++ b/drivers/gpu/drm/i915/gt/intel_gt.c
> @@ -18,6 +18,7 @@
> #include "intel_uncore.h"
> #include "intel_pm.h"
> #include "shmem_utils.h"
> +#include "pxp/intel_pxp.h"
>
> void intel_gt_init_early(struct intel_gt *gt, struct drm_i915_private *i915)
> {
> @@ -584,6 +585,8 @@ int intel_gt_init(struct intel_gt *gt)
> if (err)
> goto err_gt;
>
> + intel_pxp_init(>->pxp);
> +
> goto out_fw;
> err_gt:
> __intel_gt_disable(gt);
> @@ -607,6 +610,8 @@ void intel_gt_driver_remove(struct intel_gt *gt)
> {
> __intel_gt_disable(gt);
>
> + intel_pxp_fini(>->pxp);
> +
> intel_uc_driver_remove(>->uc);
>
> intel_engines_release(gt);
> diff --git a/drivers/gpu/drm/i915/gt/intel_gt_types.h b/drivers/gpu/drm/i915/gt/intel_gt_types.h
> index a83d3e18254d..c4760e2722fd 100644
> --- a/drivers/gpu/drm/i915/gt/intel_gt_types.h
> +++ b/drivers/gpu/drm/i915/gt/intel_gt_types.h
> @@ -23,6 +23,7 @@
> #include "intel_rc6_types.h"
> #include "intel_rps_types.h"
> #include "intel_wakeref.h"
> +#include "pxp/intel_pxp_types.h"
>
> struct drm_i915_private;
> struct i915_ggtt;
> @@ -145,6 +146,8 @@ struct intel_gt {
> /* Slice/subslice/EU info */
> struct sseu_dev_info sseu;
> } info;
> +
> + struct intel_pxp pxp;
> };
>
> enum intel_gt_scratch_field {
> diff --git a/drivers/gpu/drm/i915/pxp/intel_pxp.c b/drivers/gpu/drm/i915/pxp/intel_pxp.c
> new file mode 100644
> index 000000000000..9bc3c7e30654
> --- /dev/null
> +++ b/drivers/gpu/drm/i915/pxp/intel_pxp.c
> @@ -0,0 +1,29 @@
> +// SPDX-License-Identifier: MIT
> +/*
> + * Copyright(c) 2020 Intel Corporation.
> + */
> +#include "i915_drv.h"
> +#include "intel_pxp.h"
> +#include "intel_pxp_context.h"
> +
> +void intel_pxp_init(struct intel_pxp *pxp)
> +{
> + struct intel_gt *gt = container_of(pxp, struct intel_gt, pxp);
> +
> + if (INTEL_GEN(gt->i915) < 12)
> + return;
> +
> + intel_pxp_ctx_init(&pxp->ctx);
> +
> + drm_info(>->i915->drm, "Protected Xe Path (PXP) protected content support initialized\n");
> +}
> +
> +void intel_pxp_fini(struct intel_pxp *pxp)
> +{
> + struct intel_gt *gt = container_of(pxp, struct intel_gt, pxp);
> +
> + if (INTEL_GEN(gt->i915) < 12)
> + return;
> +
> + intel_pxp_ctx_fini(&pxp->ctx);
> +}
> diff --git a/drivers/gpu/drm/i915/pxp/intel_pxp.h b/drivers/gpu/drm/i915/pxp/intel_pxp.h
> new file mode 100644
> index 000000000000..f47bc6bea34f
> --- /dev/null
> +++ b/drivers/gpu/drm/i915/pxp/intel_pxp.h
> @@ -0,0 +1,25 @@
> +/* SPDX-License-Identifier: MIT */
> +/*
> + * Copyright(c) 2020, Intel Corporation. All rights reserved.
> + */
> +
> +#ifndef __INTEL_PXP_H__
> +#define __INTEL_PXP_H__
> +
> +#include "intel_pxp_types.h"
> +
> +#ifdef CONFIG_DRM_I915_PXP
> +void intel_pxp_init(struct intel_pxp *pxp);
> +void intel_pxp_fini(struct intel_pxp *pxp);
> +#else
> +static inline void intel_pxp_init(struct intel_pxp *pxp)
> +{
> + return 0;
> +}
> +
> +static inline void intel_pxp_fini(struct intel_pxp *pxp)
> +{
> +}
> +#endif
> +
> +#endif /* __INTEL_PXP_H__ */
> diff --git a/drivers/gpu/drm/i915/pxp/intel_pxp_context.c b/drivers/gpu/drm/i915/pxp/intel_pxp_context.c
> new file mode 100644
> index 000000000000..2be6bf2f0d0f
> --- /dev/null
> +++ b/drivers/gpu/drm/i915/pxp/intel_pxp_context.c
> @@ -0,0 +1,25 @@
> +// SPDX-License-Identifier: MIT
> +/*
> + * Copyright(c) 2020, Intel Corporation. All rights reserved.
> + */
> +
> +#include "intel_pxp_context.h"
> +
> +/**
> + * intel_pxp_ctx_init - To init a pxp context.
> + * @ctx: pointer to ctx structure.
> + */
> +void intel_pxp_ctx_init(struct pxp_context *ctx)
> +{
> + mutex_init(&ctx->mutex);
> + ctx->inited = true;
> +}
> +
> +/**
> + * intel_pxp_ctx_fini - To finish the pxp context.
> + * @ctx: pointer to ctx structure.
> + */
> +void intel_pxp_ctx_fini(struct pxp_context *ctx)
> +{
> + ctx->inited = false;
Is something wrong with the setup code? What has access to PXP beyond
your control?
-Chris
_______________________________________________
Intel-gfx mailing list
Intel-gfx@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/intel-gfx
next prev parent reply other threads:[~2021-01-21 16:09 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-19 7:43 [Intel-gfx] [RFC-v23 00/13] Introduce Intel PXP component - Mesa single session Huang, Sean Z
2021-01-19 7:43 ` [Intel-gfx] [RFC-v23 01/13] drm/i915/pxp: Introduce Intel PXP component Huang, Sean Z
2021-01-21 16:08 ` Chris Wilson [this message]
2021-01-19 7:43 ` [Intel-gfx] [RFC-v23 02/13] drm/i915/pxp: set KCR reg init during the boot time Huang, Sean Z
2021-01-21 17:04 ` Chris Wilson
2021-01-19 7:43 ` [Intel-gfx] [RFC-v23 03/13] drm/i915/pxp: Implement funcs to create the TEE channel Huang, Sean Z
2021-01-19 7:43 ` [Intel-gfx] [RFC-v23 04/13] drm/i915/pxp: Create the arbitrary session after boot Huang, Sean Z
2021-01-19 7:43 ` [Intel-gfx] [RFC-v23 05/13] drm/i915/pxp: Func to send hardware session termination Huang, Sean Z
2021-01-19 7:43 ` [Intel-gfx] [RFC-v23 06/13] drm/i915/pxp: Enable PXP irq worker and callback stub Huang, Sean Z
2021-01-19 7:43 ` [Intel-gfx] [RFC-v23 07/13] drm/i915/pxp: Destroy arb session upon teardown Huang, Sean Z
2021-01-19 7:43 ` [Intel-gfx] [RFC-v23 08/13] drm/i915/pxp: Enable PXP power management Huang, Sean Z
2021-01-19 7:43 ` [Intel-gfx] [RFC-v23 09/13] drm/i915/pxp: Expose session state for display protection flip Huang, Sean Z
2021-01-21 19:47 ` Rodrigo Vivi
2021-01-19 7:43 ` [Intel-gfx] [RFC-v23 10/13] mei: pxp: export pavp client to me client bus Huang, Sean Z
2021-01-19 7:43 ` [Intel-gfx] [RFC-v23 11/13] drm/i915/uapi: introduce drm_i915_gem_create_ext Huang, Sean Z
2021-01-19 7:43 ` [Intel-gfx] [RFC-v23 12/13] drm/i915/pxp: User interface for Protected buffer Huang, Sean Z
2021-01-19 7:43 ` [Intel-gfx] [RFC-v23 13/13] drm/i915/pxp: Add plane decryption support Huang, Sean Z
2021-01-19 9:35 ` Gupta, Anshuman
2021-01-21 20:30 ` Ville Syrjälä
2021-01-21 20:50 ` Gaurav, Kumar
2021-01-21 21:00 ` Ville Syrjälä
2021-01-21 21:34 ` Gaurav, Kumar
2021-01-22 11:58 ` Ville Syrjälä
2021-01-22 17:25 ` Gaurav, Kumar
2021-01-19 12:33 ` [Intel-gfx] ✗ Fi.CI.CHECKPATCH: warning for Introduce Intel PXP component - Mesa single session (rev23) Patchwork
2021-01-19 13:03 ` [Intel-gfx] ✗ Fi.CI.BAT: failure " Patchwork
2021-01-23 14:18 ` [Intel-gfx] [RFC-v23 00/13] Introduce Intel PXP component - Mesa single session Lionel Landwerlin
2021-01-23 21:47 ` Gaurav, Kumar
2021-01-25 15:38 ` Lionel Landwerlin
2021-01-25 16:22 ` Gaurav, Kumar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=161124533227.3166.9812914686571768459@build.alporthouse.com \
--to=chris@chris-wilson.co.uk \
--cc=Intel-gfx@lists.freedesktop.org \
--cc=kumar.gaurav@intel.com \
--cc=sean.z.huang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).