From: "Vivi, Rodrigo" <rodrigo.vivi@intel.com>
To: "Huang, Sean Z" <sean.z.huang@intel.com>,
"Intel-gfx@lists.freedesktop.org"
<Intel-gfx@lists.freedesktop.org>
Cc: "Kondapally, Kalyan" <kalyan.kondapally@intel.com>,
"Bommu, Krishnaiah" <krishnaiah.bommu@intel.com>
Subject: Re: [Intel-gfx] [RFC-v19 12/13] drm/i915/pxp: User interface for Protected buffer
Date: Thu, 7 Jan 2021 15:58:18 +0000 [thread overview]
Message-ID: <6a770d9a7c2adad3a905d16022368f454a6d5ffb.camel@intel.com> (raw)
In-Reply-To: <20210106231223.8323-13-sean.z.huang@intel.com>
On Wed, 2021-01-06 at 15:12 -0800, Huang, Sean Z wrote:
> From: Bommu Krishnaiah <krishnaiah.bommu@intel.com>
>
> This api allow user mode to create Protected buffer and context
> creation.
>
> Signed-off-by: Bommu Krishnaiah <krishnaiah.bommu@intel.com>
> Cc: Telukuntla Sreedhar <sreedhar.telukuntla@intel.com>
> Cc: Kondapally Kalyan <kalyan.kondapally@intel.com>
> Cc: Gupta Anshuman <Anshuman.Gupta@intel.com>
> Cc: Huang Sean Z <sean.z.huang@intel.com>
> ---
> drivers/gpu/drm/i915/gem/i915_gem_context.c | 19 +++++++++++++--
> drivers/gpu/drm/i915/gem/i915_gem_context.h | 5 ++++
> .../gpu/drm/i915/gem/i915_gem_context_types.h | 2 +-
> .../gpu/drm/i915/gem/i915_gem_object_types.h | 5 ++++
> drivers/gpu/drm/i915/i915_gem.c | 23 +++++++++++++++--
> --
> include/uapi/drm/i915_drm.h | 19 +++++++++++++++
> 6 files changed, 66 insertions(+), 7 deletions(-)
>
> diff --git a/drivers/gpu/drm/i915/gem/i915_gem_context.c
> b/drivers/gpu/drm/i915/gem/i915_gem_context.c
> index 68f58762d5e3..00d7ca3071e7 100644
> --- a/drivers/gpu/drm/i915/gem/i915_gem_context.c
> +++ b/drivers/gpu/drm/i915/gem/i915_gem_context.c
> @@ -81,6 +81,8 @@
> #include "i915_trace.h"
> #include "i915_user_extensions.h"
>
> +#include "pxp/intel_pxp.h"
> +
> #define ALL_L3_SLICES(dev) (1 << NUM_L3_SLICES(dev)) - 1
>
> static struct i915_global_gem_context {
> @@ -2022,12 +2024,25 @@ static int ctx_setparam(struct
> drm_i915_file_private *fpriv,
> case I915_CONTEXT_PARAM_RECOVERABLE:
> if (args->size)
> ret = -EINVAL;
> - else if (args->value)
> - i915_gem_context_set_recoverable(ctx);
> + else if (args->value) {
> + if (!i915_gem_context_is_protected(ctx))
> + i915_gem_context_set_recoverable(ctx)
> ;
> + else
> + ret = -EPERM;
> + }
> else
> i915_gem_context_clear_recoverable(ctx);
> break;
>
> + case I915_CONTEXT_PARAM_PROTECTED_CONTENT:
remember that we also need to require recoverable flag to false. It
cannot be implicit.
> + if (args->size)
> + ret = -EINVAL;
> + else if (args->value)
> + ret =
> intel_pxp_gem_context_set_protected(ctx->i915,
> +
> &ctx->user_flags,
> +
> UCONTEXT_PROTECTED);
> + break;
> +
> case I915_CONTEXT_PARAM_PRIORITY:
> ret = set_priority(ctx, args);
> break;
> diff --git a/drivers/gpu/drm/i915/gem/i915_gem_context.h
> b/drivers/gpu/drm/i915/gem/i915_gem_context.h
> index b5c908f3f4f2..173154fdc311 100644
> --- a/drivers/gpu/drm/i915/gem/i915_gem_context.h
> +++ b/drivers/gpu/drm/i915/gem/i915_gem_context.h
> @@ -70,6 +70,11 @@ static inline void
> i915_gem_context_set_recoverable(struct i915_gem_context *ctx
> set_bit(UCONTEXT_RECOVERABLE, &ctx->user_flags);
> }
>
> +static inline bool i915_gem_context_is_protected(struct
> i915_gem_context *ctx)
> +{
> + return test_bit(UCONTEXT_PROTECTED, &ctx->user_flags);
> +}
> +
> static inline void i915_gem_context_clear_recoverable(struct
> i915_gem_context *ctx)
> {
> clear_bit(UCONTEXT_RECOVERABLE, &ctx->user_flags);
> diff --git a/drivers/gpu/drm/i915/gem/i915_gem_context_types.h
> b/drivers/gpu/drm/i915/gem/i915_gem_context_types.h
> index 1449f54924e0..0917c9431c65 100644
> --- a/drivers/gpu/drm/i915/gem/i915_gem_context_types.h
> +++ b/drivers/gpu/drm/i915/gem/i915_gem_context_types.h
> @@ -134,7 +134,7 @@ struct i915_gem_context {
> #define UCONTEXT_BANNABLE 2
> #define UCONTEXT_RECOVERABLE 3
> #define UCONTEXT_PERSISTENCE 4
> -
> +#define UCONTEXT_PROTECTED 5
> /**
> * @flags: small set of booleans
> */
> diff --git a/drivers/gpu/drm/i915/gem/i915_gem_object_types.h
> b/drivers/gpu/drm/i915/gem/i915_gem_object_types.h
> index e2d9b7e1e152..90ac955463f4 100644
> --- a/drivers/gpu/drm/i915/gem/i915_gem_object_types.h
> +++ b/drivers/gpu/drm/i915/gem/i915_gem_object_types.h
> @@ -161,6 +161,11 @@ struct drm_i915_gem_object {
> } mmo;
>
> I915_SELFTEST_DECLARE(struct list_head st_link);
> + /**
> + * @user_flags: small set of booleans set by the user
> + */
> + unsigned long user_flags;
> +#define I915_BO_PROTECTED BIT(0)
>
> unsigned long flags;
> #define I915_BO_ALLOC_CONTIGUOUS BIT(0)
> diff --git a/drivers/gpu/drm/i915/i915_gem.c
> b/drivers/gpu/drm/i915/i915_gem.c
> index c53b13c02e59..611a0b5ab51f 100644
> --- a/drivers/gpu/drm/i915/i915_gem.c
> +++ b/drivers/gpu/drm/i915/i915_gem.c
> @@ -184,7 +184,8 @@ static int
> i915_gem_create(struct drm_file *file,
> struct intel_memory_region *mr,
> u64 *size_p,
> - u32 *handle_p)
> + u32 *handle_p,
> + u64 user_flags)
> {
> struct drm_i915_gem_object *obj;
> u32 handle;
> @@ -204,6 +205,8 @@ i915_gem_create(struct drm_file *file,
> if (IS_ERR(obj))
> return PTR_ERR(obj);
>
> + obj->user_flags = user_flags;
> +
> ret = drm_gem_handle_create(file, &obj->base, &handle);
> /* drop reference from allocate - handle holds it now */
> i915_gem_object_put(obj);
> @@ -258,11 +261,12 @@ i915_gem_dumb_create(struct drm_file *file,
> return i915_gem_create(file,
>
> intel_memory_region_by_type(to_i915(dev),
> mem_type),
> - &args->size, &args->handle);
> + &args->size, &args->handle, 0);
> }
>
> struct create_ext {
> - struct drm_i915_private *i915;
> + struct drm_i915_private *i915;
> + unsigned long user_flags;
> };
>
> static int __create_setparam(struct drm_i915_gem_object_param *args,
> @@ -273,6 +277,17 @@ static int __create_setparam(struct
> drm_i915_gem_object_param *args,
> return -EINVAL;
> }
>
> + switch (lower_32_bits(args->param)) {
> + case I915_PARAM_PROTECTED_CONTENT:
> + if (args->size) {
> + return -EINVAL;
> + } else if (args->data) {
> + ext_data->user_flags = args->data;
> + return 0;
> + }
> + break;
> + }
> +
> return -EINVAL;
> }
>
> @@ -318,7 +333,7 @@ i915_gem_create_ioctl(struct drm_device *dev,
> void *data,
> return i915_gem_create(file,
> intel_memory_region_by_type(i915,
>
> INTEL_MEMORY_SYSTEM),
> - &args->size, &args->handle);
> + &args->size, &args->handle,
> ext_data.user_flags);
> }
>
> static int
> diff --git a/include/uapi/drm/i915_drm.h
> b/include/uapi/drm/i915_drm.h
> index f9a1d26824b6..6822f11814fa 100644
> --- a/include/uapi/drm/i915_drm.h
> +++ b/include/uapi/drm/i915_drm.h
> @@ -1716,6 +1716,15 @@ struct drm_i915_gem_context_param {
> * Default is 16 KiB.
> */
> #define I915_CONTEXT_PARAM_RINGSIZE 0xc
> +
> +/*
> + * I915_CONTEXT_PARAM_PROTECTED_CONTENT:
> + *
> + * If set to true (1) PAVP content protection is enabled.
> + * When enabled, the context is marked unrecoverable and may
> + * become invalid due to PAVP teardown event or other error.
> + */
> +#define I915_CONTEXT_PARAM_PROTECTED_CONTENT 0xd
> /* Must be kept compact -- no holes and well documented */
>
> __u64 value;
> @@ -1735,6 +1744,16 @@ struct drm_i915_gem_object_param {
> */
> #define I915_OBJECT_PARAM (1ull<<32)
>
> +/*
> + * I915_PARAM_PROTECTED_CONTENT:
> + *
> + * If set to true (1) buffer contents is expected to be protected by
> + * PAVP encryption and requires decryption for scan out and
> processing.
> + * Protected buffers can only be used in PAVP protected contexts.
> + * A protected buffer may become invalid as a result of PAVP
> teardown.
> + */
> +#define I915_PARAM_PROTECTED_CONTENT 0x1
> +
> __u64 param;
>
> /* Data value or pointer */
_______________________________________________
Intel-gfx mailing list
Intel-gfx@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/intel-gfx
next prev parent reply other threads:[~2021-01-07 15:58 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-06 23:12 [Intel-gfx] [RFC-v19 00/13] Introduce Intel PXP component - Mesa single session Huang, Sean Z
2021-01-06 23:12 ` [Intel-gfx] [RFC-v19 01/13] drm/i915/pxp: Introduce Intel PXP component Huang, Sean Z
2021-01-07 15:28 ` Vivi, Rodrigo
2021-01-11 22:06 ` Huang, Sean Z
2021-01-06 23:12 ` [Intel-gfx] [RFC-v19 02/13] drm/i915/pxp: set KCR reg init during the boot time Huang, Sean Z
2021-01-07 15:31 ` Vivi, Rodrigo
2021-01-08 11:30 ` Joonas Lahtinen
2021-01-11 21:38 ` Huang, Sean Z
2021-01-12 11:27 ` Vivi, Rodrigo
2021-01-12 15:36 ` Jani Nikula
2021-01-06 23:12 ` [Intel-gfx] [RFC-v19 03/13] drm/i915/pxp: Implement funcs to create the TEE channel Huang, Sean Z
2021-01-07 15:36 ` Vivi, Rodrigo
2021-01-11 22:47 ` Huang, Sean Z
2021-01-06 23:12 ` [Intel-gfx] [RFC-v19 04/13] drm/i915/pxp: Create the arbitrary session after boot Huang, Sean Z
2021-01-07 15:40 ` Vivi, Rodrigo
2021-01-11 23:48 ` Huang, Sean Z
2021-01-06 23:12 ` [Intel-gfx] [RFC-v19 05/13] drm/i915/pxp: Func to send hardware session termination Huang, Sean Z
2021-01-07 15:45 ` Vivi, Rodrigo
2021-01-12 18:53 ` Huang, Sean Z
2021-01-06 23:12 ` [Intel-gfx] [RFC-v19 06/13] drm/i915/pxp: Enable PXP irq worker and callback stub Huang, Sean Z
2021-01-06 23:12 ` [Intel-gfx] [RFC-v19 07/13] drm/i915/pxp: Destroy arb session upon teardown Huang, Sean Z
2021-01-06 23:12 ` [Intel-gfx] [RFC-v19 08/13] drm/i915/pxp: Enable PXP power management Huang, Sean Z
2021-01-07 15:52 ` Vivi, Rodrigo
2021-01-12 19:14 ` Huang, Sean Z
2021-01-06 23:12 ` [Intel-gfx] [RFC-v19 09/13] drm/i915/pxp: Expose session state for display protection flip Huang, Sean Z
2021-01-07 15:54 ` Vivi, Rodrigo
2021-01-18 8:23 ` Huang, Sean Z
2021-01-06 23:12 ` [Intel-gfx] [RFC-v19 10/13] mei: pxp: export pavp client to me client bus Huang, Sean Z
2021-01-06 23:12 ` [Intel-gfx] [RFC-v19 11/13] drm/i915/uapi: introduce drm_i915_gem_create_ext Huang, Sean Z
2021-01-06 23:12 ` [Intel-gfx] [RFC-v19 12/13] drm/i915/pxp: User interface for Protected buffer Huang, Sean Z
2021-01-07 15:58 ` Vivi, Rodrigo [this message]
2021-01-18 8:29 ` Huang, Sean Z
2021-01-06 23:12 ` [Intel-gfx] [RFC-v19 13/13] drm/i915/pxp: Add plane decryption support Huang, Sean Z
2021-01-06 23:47 ` [Intel-gfx] ✗ Fi.CI.CHECKPATCH: warning for Introduce Intel PXP component - Mesa single session (rev19) Patchwork
2021-01-07 16:02 ` Vivi, Rodrigo
2021-01-07 0:16 ` [Intel-gfx] ✓ Fi.CI.BAT: success " Patchwork
2021-01-07 10:22 ` [Intel-gfx] ✗ Fi.CI.IGT: failure " Patchwork
2021-01-07 15:42 ` [Intel-gfx] [RFC-v19 00/13] Introduce Intel PXP component - Mesa single session Vivi, Rodrigo
2021-01-08 11:38 ` Joonas Lahtinen
2021-01-12 20:07 ` [Intel-gfx] ✗ Fi.CI.BUILD: failure for Introduce Intel PXP component - Mesa single session (rev20) Patchwork
2021-01-17 6:45 ` [Intel-gfx] [RFC-v21 00/13] Introduce Intel PXP component - Mesa single session Huang, Sean Z
2021-01-17 6:45 ` [Intel-gfx] [RFC-v21 01/13] drm/i915/pxp: Introduce Intel PXP component Huang, Sean Z
2021-01-17 6:45 ` [Intel-gfx] [RFC-v21 02/13] drm/i915/pxp: set KCR reg init during the boot time Huang, Sean Z
2021-01-17 6:45 ` [Intel-gfx] [RFC-v21 03/13] drm/i915/pxp: Implement funcs to create the TEE channel Huang, Sean Z
2021-01-17 6:45 ` [Intel-gfx] [RFC-v21 04/13] drm/i915/pxp: Create the arbitrary session after boot Huang, Sean Z
2021-01-17 6:45 ` [Intel-gfx] [RFC-v21 05/13] drm/i915/pxp: Func to send hardware session termination Huang, Sean Z
2021-01-17 6:45 ` [Intel-gfx] [RFC-v21 06/13] drm/i915/pxp: Enable PXP irq worker and callback stub Huang, Sean Z
2021-01-17 6:45 ` [Intel-gfx] [RFC-v21 07/13] drm/i915/pxp: Destroy arb session upon teardown Huang, Sean Z
2021-01-17 6:45 ` [Intel-gfx] [RFC-v21 08/13] drm/i915/pxp: Enable PXP power management Huang, Sean Z
2021-01-17 6:45 ` [Intel-gfx] [RFC-v21 09/13] drm/i915/pxp: Expose session state for display protection flip Huang, Sean Z
2021-01-17 6:45 ` [Intel-gfx] [RFC-v21 10/13] mei: pxp: export pavp client to me client bus Huang, Sean Z
2021-01-17 6:45 ` [Intel-gfx] [RFC-v21 11/13] drm/i915/uapi: introduce drm_i915_gem_create_ext Huang, Sean Z
2021-01-17 6:45 ` [Intel-gfx] [RFC-v21 12/13] drm/i915/pxp: User interface for Protected buffer Huang, Sean Z
2021-01-17 6:45 ` [Intel-gfx] [RFC-v21 13/13] drm/i915/pxp: Add plane decryption support Huang, Sean Z
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6a770d9a7c2adad3a905d16022368f454a6d5ffb.camel@intel.com \
--to=rodrigo.vivi@intel.com \
--cc=Intel-gfx@lists.freedesktop.org \
--cc=kalyan.kondapally@intel.com \
--cc=krishnaiah.bommu@intel.com \
--cc=sean.z.huang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox