From: "Teres Alexis, Alan Previn" <alan.previn.teres.alexis@intel.com>
To: "Ceraolo Spurio, Daniele" <daniele.ceraolospurio@intel.com>,
"intel-gfx@lists.freedesktop.org"
<intel-gfx@lists.freedesktop.org>
Cc: "Winkler, Tomas" <tomas.winkler@intel.com>,
"Lubart, Vitaly" <vitaly.lubart@intel.com>
Subject: Re: [Intel-gfx] [PATCH 09/15] drm/i915/pxp: add huc authentication and loading command
Date: Mon, 20 Jun 2022 23:33:12 -0700 [thread overview]
Message-ID: <f3d140aa-bfd6-4ff3-192a-7e6046cd328b@intel.com> (raw)
In-Reply-To: <20220609231955.3632596-10-daniele.ceraolospurio@intel.com>
Reviewed-by: Alan Previn <alan.previn.teres.alexis@intel.com>
On 6/9/2022 4:19 PM, Ceraolo Spurio, Daniele wrote:
> From: Tomas Winkler <tomas.winkler@intel.com>
>
> Add support for loading HuC via a pxp stream command.
>
> Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
> Signed-off-by: Vitaly Lubart <vitaly.lubart@intel.com>
> Signed-off-by: Daniele Ceraolo Spurio <daniele.ceraolospurio@intel.com>
> Cc: Alan Previn <alan.previn.teres.alexis@intel.com>
> ---
> drivers/gpu/drm/i915/Makefile | 3 +-
> drivers/gpu/drm/i915/pxp/intel_pxp_huc.c | 69 +++++++++++++++++++
> drivers/gpu/drm/i915/pxp/intel_pxp_huc.h | 15 ++++
> .../drm/i915/pxp/intel_pxp_tee_interface.h | 21 ++++++
> 4 files changed, 107 insertions(+), 1 deletion(-)
> create mode 100644 drivers/gpu/drm/i915/pxp/intel_pxp_huc.c
> create mode 100644 drivers/gpu/drm/i915/pxp/intel_pxp_huc.h
>
> diff --git a/drivers/gpu/drm/i915/Makefile b/drivers/gpu/drm/i915/Makefile
> index 5d3aa4807def..8d90e653958c 100644
> --- a/drivers/gpu/drm/i915/Makefile
> +++ b/drivers/gpu/drm/i915/Makefile
> @@ -306,7 +306,8 @@ i915-y += i915_perf.o
> # Protected execution platform (PXP) support. Base support is required for HuC
> i915-y += \
> pxp/intel_pxp.o \
> - pxp/intel_pxp_tee.o
> + pxp/intel_pxp_tee.o \
> + pxp/intel_pxp_huc.o
>
> i915-$(CONFIG_DRM_I915_PXP) += \
> pxp/intel_pxp_cmd.o \
> diff --git a/drivers/gpu/drm/i915/pxp/intel_pxp_huc.c b/drivers/gpu/drm/i915/pxp/intel_pxp_huc.c
> new file mode 100644
> index 000000000000..6d25f436f329
> --- /dev/null
> +++ b/drivers/gpu/drm/i915/pxp/intel_pxp_huc.c
> @@ -0,0 +1,69 @@
> +// SPDX-License-Identifier: MIT
> +/*
> + * Copyright(c) 2021, Intel Corporation. All rights reserved.
> + */
> +
> +#include "drm/i915_drm.h"
> +#include "i915_drv.h"
> +
> +#include "gem/i915_gem_region.h"
> +#include "gt/intel_gt.h"
> +
> +#include "intel_pxp.h"
> +#include "intel_pxp_huc.h"
> +#include "intel_pxp_tee.h"
> +#include "intel_pxp_types.h"
> +#include "intel_pxp_tee_interface.h"
> +
> +int intel_pxp_huc_load_and_auth(struct intel_pxp *pxp)
> +{
> + struct intel_gt *gt = pxp_to_gt(pxp);
> + struct intel_huc *huc = >->uc.huc;
> + struct pxp_tee_start_huc_auth_in huc_in = {0};
> + struct pxp_tee_start_huc_auth_out huc_out = {0};
> + dma_addr_t huc_phys_addr;
> + u8 client_id = 0;
> + u8 fence_id = 0;
> + int err;
> +
> + if (!pxp->pxp_component)
> + return -ENODEV;
> +
> + huc_phys_addr = i915_gem_object_get_dma_address(huc->fw.obj, 0);
> +
> + /* write the PXP message into the lmem (the sg list) */
> + huc_in.header.api_version = PXP_TEE_43_APIVER;
> + huc_in.header.command_id = PXP_TEE_43_START_HUC_AUTH;
> + huc_in.header.status = 0;
> + huc_in.header.buffer_len = sizeof(huc_in.huc_base_address);
> + huc_in.huc_base_address = huc_phys_addr;
> +
> + err = intel_pxp_tee_stream_message(pxp, client_id, fence_id,
> + &huc_in, sizeof(huc_in),
> + &huc_out, sizeof(huc_out));
> + if (err < 0) {
> + drm_err(>->i915->drm,
> + "Failed to send HuC load and auth command to GSC [%d]!\n",
> + err);
> + return err;
> + }
> +
> + /*
> + * HuC does sometimes survive suspend/resume (it depends on how "deep"
> + * a sleep state the device reaches) so we can end up here on resume
> + * with HuC already loaded, in which case the GSC will return
> + * PXP_STATUS_OP_NOT_PERMITTED. We can therefore consider the GuC
> + * correctly transferred in this scenario; if the same error is ever
> + * returned with HuC not loaded we'll still catch it when we check the
> + * authentication bit later.
> + */
> + if (huc_out.header.status != PXP_STATUS_SUCCESS &&
> + huc_out.header.status != PXP_STATUS_OP_NOT_PERMITTED) {
> + drm_err(>->i915->drm,
> + "HuC load failed with GSC error = 0x%x\n",
> + huc_out.header.status);
> + return -EPROTO;
> + }
> +
> + return 0;
> +}
> diff --git a/drivers/gpu/drm/i915/pxp/intel_pxp_huc.h b/drivers/gpu/drm/i915/pxp/intel_pxp_huc.h
> new file mode 100644
> index 000000000000..6cf2d00548c0
> --- /dev/null
> +++ b/drivers/gpu/drm/i915/pxp/intel_pxp_huc.h
> @@ -0,0 +1,15 @@
> +/* SPDX-License-Identifier: MIT */
> +/*
> + * Copyright(c) 2021, Intel Corporation. All rights reserved.
> + */
> +
> +#ifndef __INTEL_PXP_HUC_H__
> +#define __INTEL_PXP_HUC_H__
> +
> +#include <linux/types.h>
> +
> +struct intel_pxp;
> +
> +int intel_pxp_huc_load_and_auth(struct intel_pxp *pxp);
> +
> +#endif /* __INTEL_PXP_HUC_H__ */
> diff --git a/drivers/gpu/drm/i915/pxp/intel_pxp_tee_interface.h b/drivers/gpu/drm/i915/pxp/intel_pxp_tee_interface.h
> index 36e9b0868f5c..1de98959a89d 100644
> --- a/drivers/gpu/drm/i915/pxp/intel_pxp_tee_interface.h
> +++ b/drivers/gpu/drm/i915/pxp/intel_pxp_tee_interface.h
> @@ -9,8 +9,20 @@
> #include <linux/types.h>
>
> #define PXP_TEE_APIVER 0x40002
> +#define PXP_TEE_43_APIVER 0x00040003
> #define PXP_TEE_ARB_CMDID 0x1e
> #define PXP_TEE_ARB_PROTECTION_MODE 0x2
> +#define PXP_TEE_43_START_HUC_AUTH 0x0000003A
> +
> +/*
> + * there are a lot of status codes for PXP, but we only define the ones we
> + * actually can handle in the driver. other failure codes will be printed to
> + * error msg for debug.
> + */
> +enum pxp_status {
> + PXP_STATUS_SUCCESS = 0x0,
> + PXP_STATUS_OP_NOT_PERMITTED = 0x4013
> +};
>
> /* PXP TEE message header */
> struct pxp_tee_cmd_header {
> @@ -33,4 +45,13 @@ struct pxp_tee_create_arb_out {
> struct pxp_tee_cmd_header header;
> } __packed;
>
> +struct pxp_tee_start_huc_auth_in {
> + struct pxp_tee_cmd_header header;
> + __le64 huc_base_address;
> +};
> +
> +struct pxp_tee_start_huc_auth_out {
> + struct pxp_tee_cmd_header header;
> +};
> +
> #endif /* __INTEL_PXP_TEE_INTERFACE_H__ */
next prev parent reply other threads:[~2022-06-21 6:33 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-09 23:19 [Intel-gfx] [PATCH 00/15] HuC loading for DG2 Daniele Ceraolo Spurio
2022-06-09 23:19 ` [Intel-gfx] [PATCH 01/15] HAX: mei: GSC support for XeHP SDV and DG2 platform Daniele Ceraolo Spurio
2022-06-09 23:19 ` [Intel-gfx] [PATCH 02/15] mei: add support to GSC extended header Daniele Ceraolo Spurio
2022-08-03 22:07 ` Teres Alexis, Alan Previn
2022-08-16 20:49 ` Winkler, Tomas
2022-06-09 23:19 ` [Intel-gfx] [PATCH 03/15] mei: bus: enable sending gsc commands Daniele Ceraolo Spurio
2022-06-09 23:19 ` [Intel-gfx] [PATCH 04/15] mei: bus: extend bus API to support command streamer API Daniele Ceraolo Spurio
2022-06-09 23:19 ` [Intel-gfx] [PATCH 05/15] mei: pxp: add command streamer API to the PXP driver Daniele Ceraolo Spurio
2022-07-27 1:42 ` Teres Alexis, Alan Previn
2022-06-09 23:19 ` [Intel-gfx] [PATCH 06/15] mei: pxp: support matching with a gfx discrete card Daniele Ceraolo Spurio
2022-07-27 1:01 ` Teres Alexis, Alan Previn
2022-06-09 23:19 ` [Intel-gfx] [PATCH 07/15] drm/i915/pxp: load the pxp module when we have a gsc-loaded huc Daniele Ceraolo Spurio
2022-06-18 7:27 ` Teres Alexis, Alan Previn
2022-06-09 23:19 ` [Intel-gfx] [PATCH 08/15] drm/i915/pxp: implement function for sending tee stream command Daniele Ceraolo Spurio
2022-06-18 8:07 ` Teres Alexis, Alan Previn
2022-06-09 23:19 ` [Intel-gfx] [PATCH 09/15] drm/i915/pxp: add huc authentication and loading command Daniele Ceraolo Spurio
2022-06-21 6:33 ` Teres Alexis, Alan Previn [this message]
2022-06-09 23:19 ` [Intel-gfx] [PATCH 10/15] drm/i915/dg2: setup HuC loading via GSC Daniele Ceraolo Spurio
2022-07-05 22:35 ` Teres Alexis, Alan Previn
2022-06-09 23:19 ` [Intel-gfx] [PATCH 11/15] drm/i915/huc: track delayed HuC load with a fence Daniele Ceraolo Spurio
2022-07-06 4:42 ` Teres Alexis, Alan Previn
2022-06-09 23:19 ` [Intel-gfx] [PATCH 12/15] drm/i915/huc: stall media submission until HuC is loaded Daniele Ceraolo Spurio
2022-07-27 0:33 ` Teres Alexis, Alan Previn
2022-06-09 23:19 ` [Intel-gfx] [PATCH 13/15] drm/i915/huc: report HuC as loaded even if load still in progress Daniele Ceraolo Spurio
2022-07-06 4:49 ` Teres Alexis, Alan Previn
2022-06-09 23:19 ` [Intel-gfx] [PATCH 14/15] drm/i915/huc: define gsc-compatible HuC fw for DG2 Daniele Ceraolo Spurio
2022-06-22 17:55 ` Teres Alexis, Alan Previn
2022-06-22 18:16 ` Teres Alexis, Alan Previn
2022-06-09 23:19 ` [Intel-gfx] [PATCH 15/15] HAX: drm/i915: force INTEL_MEI_GSC and INTEL_MEI_PXP on for CI Daniele Ceraolo Spurio
2022-06-10 0:07 ` [Intel-gfx] ✗ Fi.CI.CHECKPATCH: warning for HuC loading for DG2 Patchwork
2022-06-10 0:07 ` [Intel-gfx] ✗ Fi.CI.SPARSE: " Patchwork
2022-06-10 8:01 ` [Intel-gfx] ✓ Fi.CI.BAT: success " Patchwork
2022-06-11 8:01 ` [Intel-gfx] ✗ Fi.CI.IGT: failure " Patchwork
2022-06-13 8:16 ` [Intel-gfx] [PATCH 00/15] " Tvrtko Ursulin
2022-06-13 15:39 ` Ceraolo Spurio, Daniele
2022-06-13 16:31 ` Tvrtko Ursulin
2022-06-13 16:41 ` Ceraolo Spurio, Daniele
2022-06-13 16:56 ` Tvrtko Ursulin
2022-06-13 17:06 ` Ceraolo Spurio, Daniele
2022-06-13 17:39 ` Tvrtko Ursulin
2022-06-13 18:13 ` Ceraolo Spurio, Daniele
2022-06-14 7:44 ` Tvrtko Ursulin
2022-06-14 15:30 ` Ceraolo Spurio, Daniele
2022-06-14 23:15 ` Ye, Tony
2022-06-15 10:13 ` Tvrtko Ursulin
2022-06-15 14:35 ` Ceraolo Spurio, Daniele
2022-06-15 14:53 ` Tvrtko Ursulin
2022-06-15 16:14 ` Ye, Tony
2022-06-16 2:28 ` Zhang, Carl
2022-07-05 23:30 ` Ceraolo Spurio, Daniele
2022-07-06 17:26 ` Ye, Tony
2022-07-06 19:29 ` Ceraolo Spurio, Daniele
2022-07-06 20:11 ` Ye, Tony
2022-06-16 7:10 ` Tvrtko Ursulin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f3d140aa-bfd6-4ff3-192a-7e6046cd328b@intel.com \
--to=alan.previn.teres.alexis@intel.com \
--cc=daniele.ceraolospurio@intel.com \
--cc=intel-gfx@lists.freedesktop.org \
--cc=tomas.winkler@intel.com \
--cc=vitaly.lubart@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.