From: "Ville Syrjälä" <ville.syrjala@linux.intel.com>
To: Chris Wilson <chris@chris-wilson.co.uk>
Cc: igt-dev@lists.freedesktop.org, intel-gfx@lists.freedesktop.org
Subject: Re: [igt-dev] [PATCH igt] igt/gem_exec_capture: MI_STORE_DWORD requires EXEC_SECURE + DRM_MASTER on ctg/ilk
Date: Mon, 12 Feb 2018 20:35:39 +0200 [thread overview]
Message-ID: <20180212183539.GY5453@intel.com> (raw)
In-Reply-To: <151845707613.18923.14072985212441718378@mail.alporthouse.com>
On Mon, Feb 12, 2018 at 05:37:56PM +0000, Chris Wilson wrote:
> Quoting Ville Syrjälä (2018-02-12 17:30:52)
> > On Sat, Feb 10, 2018 at 09:43:38PM +0000, Chris Wilson wrote:
> > > On ctg/ilk, for whatever reason, MI_STORE_DWORD is a privileged operation
> > > so we must request a SECURE batch.
> >
> > IIRC ctg supposedly introduced some form of ppgtt. Isn't that the
> > reason?
> >
> > Hmm. Now I wonder how anything works on these platforms. Should the
> > batch itself be executed via ppgtt if it's non-secure? Maybe the hw
> > has a fallback mechanism of some sort to execute via ggtt if ppgtt
> > isn't enabled...
> >
> > ppgtt enable bit:
> > "When this bit is clear, all memory accesses will be completed using the
> > GGTT. Privileged memory protections will not be enforced (it is
> > acceptable for a non-secure batch buffer to access GGTT space)"
> >
> > OK. That seems to confirm that part of the theory.
> >
> > For pre-ctg the spec says:
> > "Although Buffer Security Indicator is implemented, there is no usage
> > model for it and it need not be validated."
> >
> > So I'm thinking we should never set the non-secure bit on these old
> > platforms.
>
> That does open a large can of worms with the ability to write any
> register from userspace or manipulate the pagetables; i.e. requires the
> cmdparser. The usage model has been such that very few commands are
> affected; certainly no one [else] has noticed (afaik).
I suppose. I can't find any notes about this being wrong in the gen2/3
docs. And the gen4 quote just says "need not be validated" after all so
I suppose it doesn't necessarily mean it wasn't validated. And I guess
we should have found out long ago if it's hopelessly broken.
Patch is
Reviewed-by: Ville Syrjälä <ville.syrjala@linux.intel.com>
--
Ville Syrjälä
Intel OTC
_______________________________________________
igt-dev mailing list
igt-dev@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/igt-dev
WARNING: multiple messages have this Message-ID (diff)
From: "Ville Syrjälä" <ville.syrjala@linux.intel.com>
To: Chris Wilson <chris@chris-wilson.co.uk>
Cc: igt-dev@lists.freedesktop.org, intel-gfx@lists.freedesktop.org
Subject: Re: [igt-dev] [PATCH igt] igt/gem_exec_capture: MI_STORE_DWORD requires EXEC_SECURE + DRM_MASTER on ctg/ilk
Date: Mon, 12 Feb 2018 20:35:39 +0200 [thread overview]
Message-ID: <20180212183539.GY5453@intel.com> (raw)
In-Reply-To: <151845707613.18923.14072985212441718378@mail.alporthouse.com>
On Mon, Feb 12, 2018 at 05:37:56PM +0000, Chris Wilson wrote:
> Quoting Ville Syrjälä (2018-02-12 17:30:52)
> > On Sat, Feb 10, 2018 at 09:43:38PM +0000, Chris Wilson wrote:
> > > On ctg/ilk, for whatever reason, MI_STORE_DWORD is a privileged operation
> > > so we must request a SECURE batch.
> >
> > IIRC ctg supposedly introduced some form of ppgtt. Isn't that the
> > reason?
> >
> > Hmm. Now I wonder how anything works on these platforms. Should the
> > batch itself be executed via ppgtt if it's non-secure? Maybe the hw
> > has a fallback mechanism of some sort to execute via ggtt if ppgtt
> > isn't enabled...
> >
> > ppgtt enable bit:
> > "When this bit is clear, all memory accesses will be completed using the
> > GGTT. Privileged memory protections will not be enforced (it is
> > acceptable for a non-secure batch buffer to access GGTT space)"
> >
> > OK. That seems to confirm that part of the theory.
> >
> > For pre-ctg the spec says:
> > "Although Buffer Security Indicator is implemented, there is no usage
> > model for it and it need not be validated."
> >
> > So I'm thinking we should never set the non-secure bit on these old
> > platforms.
>
> That does open a large can of worms with the ability to write any
> register from userspace or manipulate the pagetables; i.e. requires the
> cmdparser. The usage model has been such that very few commands are
> affected; certainly no one [else] has noticed (afaik).
I suppose. I can't find any notes about this being wrong in the gen2/3
docs. And the gen4 quote just says "need not be validated" after all so
I suppose it doesn't necessarily mean it wasn't validated. And I guess
we should have found out long ago if it's hopelessly broken.
Patch is
Reviewed-by: Ville Syrjälä <ville.syrjala@linux.intel.com>
--
Ville Syrjälä
Intel OTC
_______________________________________________
Intel-gfx mailing list
Intel-gfx@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/intel-gfx
next prev parent reply other threads:[~2018-02-12 18:35 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-02-10 21:43 [igt-dev] [PATCH igt] igt/gem_exec_capture: MI_STORE_DWORD requires EXEC_SECURE + DRM_MASTER on ctg/ilk Chris Wilson
2018-02-10 21:43 ` Chris Wilson
2018-02-10 22:03 ` [igt-dev] ✗ Fi.CI.BAT: failure for " Patchwork
2018-02-12 17:30 ` [igt-dev] [PATCH igt] " Ville Syrjälä
2018-02-12 17:30 ` Ville Syrjälä
2018-02-12 17:37 ` [Intel-gfx] " Chris Wilson
2018-02-12 17:37 ` Chris Wilson
2018-02-12 18:35 ` Ville Syrjälä [this message]
2018-02-12 18:35 ` Ville Syrjälä
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180212183539.GY5453@intel.com \
--to=ville.syrjala@linux.intel.com \
--cc=chris@chris-wilson.co.uk \
--cc=igt-dev@lists.freedesktop.org \
--cc=intel-gfx@lists.freedesktop.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.