From: "Huang, Sean Z" <sean.z.huang@intel.com>
To: Intel-gfx@lists.freedesktop.org
Cc: Bommu Krishnaiah <krishnaiah.bommu@intel.com>,
Huang Sean Z <sean.z.huang@intel.com>,
Kondapally Kalyan <kalyan.kondapally@intel.com>
Subject: [Intel-gfx] [RFC-v1 15/16] drm/i915/pxp: User interface for Protected buffer
Date: Sun, 6 Dec 2020 16:21:33 -0800 [thread overview]
Message-ID: <20201207002134.13731-16-sean.z.huang@intel.com> (raw)
In-Reply-To: <20201207002134.13731-1-sean.z.huang@intel.com>
From: Bommu Krishnaiah <krishnaiah.bommu@intel.com>
This api allow user mode to create Protected buffer and context creation.
Signed-off-by: Bommu Krishnaiah <krishnaiah.bommu@intel.com>
Cc: Telukuntla Sreedhar <sreedhar.telukuntla@intel.com>
Cc: Kondapally Kalyan <kalyan.kondapally@intel.com>
Cc: Gupta Anshuman <Anshuman.Gupta@intel.com>
Cc: Huang Sean Z <sean.z.huang@intel.com>
---
drivers/gpu/drm/i915/gem/i915_gem_context.c | 15 ++++++++++--
drivers/gpu/drm/i915/gem/i915_gem_context.h | 10 ++++++++
.../gpu/drm/i915/gem/i915_gem_context_types.h | 2 +-
.../gpu/drm/i915/gem/i915_gem_object_types.h | 5 ++++
drivers/gpu/drm/i915/i915_gem.c | 23 +++++++++++++++----
include/uapi/drm/i915_drm.h | 19 +++++++++++++++
6 files changed, 67 insertions(+), 7 deletions(-)
diff --git a/drivers/gpu/drm/i915/gem/i915_gem_context.c b/drivers/gpu/drm/i915/gem/i915_gem_context.c
index a6299da64de4..dd5d24a13cb9 100644
--- a/drivers/gpu/drm/i915/gem/i915_gem_context.c
+++ b/drivers/gpu/drm/i915/gem/i915_gem_context.c
@@ -2060,12 +2060,23 @@ static int ctx_setparam(struct drm_i915_file_private *fpriv,
case I915_CONTEXT_PARAM_RECOVERABLE:
if (args->size)
ret = -EINVAL;
- else if (args->value)
- i915_gem_context_set_recoverable(ctx);
+ else if (args->value) {
+ if (!i915_gem_context_is_protected(ctx))
+ i915_gem_context_set_recoverable(ctx);
+ else
+ ret = -EPERM;
+ }
else
i915_gem_context_clear_recoverable(ctx);
break;
+ case I915_CONTEXT_PARAM_PROTECTED_CONTENT:
+ if (args->size)
+ ret = -EINVAL;
+ else if (args->value)
+ i915_gem_context_set_protected(ctx);
+ break;
+
case I915_CONTEXT_PARAM_PRIORITY:
ret = set_priority(ctx, args);
break;
diff --git a/drivers/gpu/drm/i915/gem/i915_gem_context.h b/drivers/gpu/drm/i915/gem/i915_gem_context.h
index a133f92bbedb..5897e7ca11a8 100644
--- a/drivers/gpu/drm/i915/gem/i915_gem_context.h
+++ b/drivers/gpu/drm/i915/gem/i915_gem_context.h
@@ -70,6 +70,16 @@ static inline void i915_gem_context_set_recoverable(struct i915_gem_context *ctx
set_bit(UCONTEXT_RECOVERABLE, &ctx->user_flags);
}
+static inline void i915_gem_context_set_protected(struct i915_gem_context *ctx)
+{
+ set_bit(UCONTEXT_PROTECTED, &ctx->user_flags);
+}
+
+static inline bool i915_gem_context_is_protected(struct i915_gem_context *ctx)
+{
+ return test_bit(UCONTEXT_PROTECTED, &ctx->user_flags);
+}
+
static inline void i915_gem_context_clear_recoverable(struct i915_gem_context *ctx)
{
clear_bit(UCONTEXT_RECOVERABLE, &ctx->user_flags);
diff --git a/drivers/gpu/drm/i915/gem/i915_gem_context_types.h b/drivers/gpu/drm/i915/gem/i915_gem_context_types.h
index ae14ca24a11f..81ae94c2be86 100644
--- a/drivers/gpu/drm/i915/gem/i915_gem_context_types.h
+++ b/drivers/gpu/drm/i915/gem/i915_gem_context_types.h
@@ -135,7 +135,7 @@ struct i915_gem_context {
#define UCONTEXT_BANNABLE 2
#define UCONTEXT_RECOVERABLE 3
#define UCONTEXT_PERSISTENCE 4
-
+#define UCONTEXT_PROTECTED 5
/**
* @flags: small set of booleans
*/
diff --git a/drivers/gpu/drm/i915/gem/i915_gem_object_types.h b/drivers/gpu/drm/i915/gem/i915_gem_object_types.h
index e2d9b7e1e152..90ac955463f4 100644
--- a/drivers/gpu/drm/i915/gem/i915_gem_object_types.h
+++ b/drivers/gpu/drm/i915/gem/i915_gem_object_types.h
@@ -161,6 +161,11 @@ struct drm_i915_gem_object {
} mmo;
I915_SELFTEST_DECLARE(struct list_head st_link);
+ /**
+ * @user_flags: small set of booleans set by the user
+ */
+ unsigned long user_flags;
+#define I915_BO_PROTECTED BIT(0)
unsigned long flags;
#define I915_BO_ALLOC_CONTIGUOUS BIT(0)
diff --git a/drivers/gpu/drm/i915/i915_gem.c b/drivers/gpu/drm/i915/i915_gem.c
index 41698a823737..6a791fd24eaa 100644
--- a/drivers/gpu/drm/i915/i915_gem.c
+++ b/drivers/gpu/drm/i915/i915_gem.c
@@ -184,7 +184,8 @@ static int
i915_gem_create(struct drm_file *file,
struct intel_memory_region *mr,
u64 *size_p,
- u32 *handle_p)
+ u32 *handle_p,
+ u64 user_flags)
{
struct drm_i915_gem_object *obj;
u32 handle;
@@ -204,6 +205,8 @@ i915_gem_create(struct drm_file *file,
if (IS_ERR(obj))
return PTR_ERR(obj);
+ obj->user_flags = user_flags;
+
ret = drm_gem_handle_create(file, &obj->base, &handle);
/* drop reference from allocate - handle holds it now */
i915_gem_object_put(obj);
@@ -258,11 +261,12 @@ i915_gem_dumb_create(struct drm_file *file,
return i915_gem_create(file,
intel_memory_region_by_type(to_i915(dev),
mem_type),
- &args->size, &args->handle);
+ &args->size, &args->handle, 0);
}
struct create_ext {
- struct drm_i915_private *i915;
+ struct drm_i915_private *i915;
+ unsigned long user_flags;
};
static int __create_setparam(struct drm_i915_gem_object_param *args,
@@ -273,6 +277,17 @@ static int __create_setparam(struct drm_i915_gem_object_param *args,
return -EINVAL;
}
+ switch (lower_32_bits(args->param)) {
+ case I915_PARAM_PROTECTED_CONTENT:
+ if (args->size) {
+ return -EINVAL;
+ } else if (args->data) {
+ ext_data->user_flags = args->data;
+ return 0;
+ }
+ break;
+ }
+
return -EINVAL;
}
@@ -318,7 +333,7 @@ i915_gem_create_ioctl(struct drm_device *dev, void *data,
return i915_gem_create(file,
intel_memory_region_by_type(i915,
INTEL_MEMORY_SYSTEM),
- &args->size, &args->handle);
+ &args->size, &args->handle, ext_data.user_flags);
}
static int
diff --git a/include/uapi/drm/i915_drm.h b/include/uapi/drm/i915_drm.h
index 2c1ce2761d55..fab00bfbbdee 100644
--- a/include/uapi/drm/i915_drm.h
+++ b/include/uapi/drm/i915_drm.h
@@ -1715,6 +1715,15 @@ struct drm_i915_gem_context_param {
* Default is 16 KiB.
*/
#define I915_CONTEXT_PARAM_RINGSIZE 0xc
+
+/*
+ * I915_CONTEXT_PARAM_PROTECTED_CONTENT:
+ *
+ * If set to true (1) PAVP content protection is enabled.
+ * When enabled, the context is marked unrecoverable and may
+ * become invalid due to PAVP teardown event or other error.
+ */
+#define I915_CONTEXT_PARAM_PROTECTED_CONTENT 0xd
/* Must be kept compact -- no holes and well documented */
__u64 value;
@@ -1734,6 +1743,16 @@ struct drm_i915_gem_object_param {
*/
#define I915_OBJECT_PARAM (1ull<<32)
+/*
+ * I915_PARAM_PROTECTED_CONTENT:
+ *
+ * If set to true (1) buffer contents is expected to be protected by
+ * PAVP encryption and requires decryption for scan out and processing.
+ * Protected buffers can only be used in PAVP protected contexts.
+ * A protected buffer may become invalid as a result of PAVP teardown.
+ */
+#define I915_PARAM_PROTECTED_CONTENT 0x1
+
__u64 param;
/* Data value or pointer */
--
2.17.1
_______________________________________________
Intel-gfx mailing list
Intel-gfx@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/intel-gfx
next prev parent reply other threads:[~2020-12-07 0:22 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-07 0:21 [Intel-gfx] [RFC-v1 00/16] Introduce Intel PXP component - Mesa single session Huang, Sean Z
2020-12-07 0:21 ` [Intel-gfx] [RFC-v1 01/16] drm/i915/pxp: Introduce Intel PXP component Huang, Sean Z
2020-12-07 10:01 ` Joonas Lahtinen
2020-12-07 18:25 ` Huang, Sean Z
2020-12-07 18:48 ` Huang, Sean Z
2020-12-10 9:02 ` Joonas Lahtinen
2020-12-07 0:21 ` [Intel-gfx] [RFC-v1 02/16] drm/i915/pxp: Enable PXP irq worker and callback stub Huang, Sean Z
2020-12-07 10:21 ` Joonas Lahtinen
2020-12-08 0:34 ` Huang, Sean Z
2020-12-07 0:21 ` [Intel-gfx] [RFC-v1 03/16] drm/i915/pxp: Add PXP context for logical hardware states Huang, Sean Z
2020-12-07 10:50 ` Joonas Lahtinen
2020-12-08 20:11 ` Huang, Sean Z
2020-12-07 0:21 ` [Intel-gfx] [RFC-v1 04/16] drm/i915/pxp: set KCR reg init during the boot time Huang, Sean Z
2020-12-07 11:10 ` Joonas Lahtinen
2020-12-09 4:01 ` Huang, Sean Z
2020-12-07 0:21 ` [Intel-gfx] [RFC-v1 05/16] drm/i915/pxp: Read register to check hardware session state Huang, Sean Z
2020-12-07 11:44 ` Joonas Lahtinen
2020-12-07 0:21 ` [Intel-gfx] [RFC-v1 06/16] drm/i915/pxp: Implement funcs to get/set PXP tag Huang, Sean Z
2020-12-07 11:52 ` Joonas Lahtinen
2020-12-09 2:57 ` Huang, Sean Z
2020-12-07 0:21 ` [Intel-gfx] [RFC-v1 07/16] drm/i915/pxp: Implement funcs to create the TEE channel Huang, Sean Z
2020-12-07 11:55 ` Joonas Lahtinen
2020-12-09 5:10 ` Huang, Sean Z
2020-12-07 0:21 ` [Intel-gfx] [RFC-v1 08/16] drm/i915/pxp: Create the arbitrary session after boot Huang, Sean Z
2020-12-07 12:00 ` Joonas Lahtinen
2020-12-09 5:11 ` Huang, Sean Z
2020-12-07 0:21 ` [Intel-gfx] [RFC-v1 09/16] drm/i915/pxp: Func to send hardware session termination Huang, Sean Z
2020-12-07 12:21 ` Joonas Lahtinen
2020-12-09 5:16 ` Huang, Sean Z
2020-12-07 0:21 ` [Intel-gfx] [RFC-v1 10/16] drm/i915/pxp: Destroy arb session upon teardown Huang, Sean Z
2020-12-07 0:21 ` [Intel-gfx] [RFC-v1 11/16] drm/i915/pxp: Enable PXP power management Huang, Sean Z
2020-12-07 0:21 ` [Intel-gfx] [RFC-v1 12/16] drm/i915/pxp: Expose session state for display protection flip Huang, Sean Z
2020-12-07 0:21 ` [Intel-gfx] [RFC-v1 13/16] mei: pxp: export pavp client to me client bus Huang, Sean Z
2020-12-07 0:21 ` [Intel-gfx] [RFC-v1 14/16] drm/i915/uapi: introduce drm_i915_gem_create_ext Huang, Sean Z
2020-12-07 0:21 ` Huang, Sean Z [this message]
2020-12-07 0:21 ` [Intel-gfx] [RFC-v1 16/16] drm/i915/pxp: Add plane decryption support Huang, Sean Z
2020-12-07 6:21 ` Anshuman Gupta
2020-12-07 0:42 ` [Intel-gfx] ✗ Fi.CI.CHECKPATCH: warning for Introduce Intel PXP component - Mesa single session Patchwork
2020-12-07 1:15 ` [Intel-gfx] ✓ Fi.CI.BAT: success " Patchwork
2020-12-07 4:01 ` [Intel-gfx] ✗ Fi.CI.IGT: failure " Patchwork
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201207002134.13731-16-sean.z.huang@intel.com \
--to=sean.z.huang@intel.com \
--cc=Intel-gfx@lists.freedesktop.org \
--cc=kalyan.kondapally@intel.com \
--cc=krishnaiah.bommu@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).