Re: [Intel-gfx] [PATCH 09/15] drm/i915/pxp: add huc authentication and loading command

public inbox for intel-gfx@lists.freedesktop.org
 help / color / mirror / Atom feed

From: "Teres Alexis, Alan Previn" <alan.previn.teres.alexis@intel.com>
To: "Ceraolo Spurio, Daniele" <daniele.ceraolospurio@intel.com>,
	"intel-gfx@lists.freedesktop.org"
	<intel-gfx@lists.freedesktop.org>
Cc: "Winkler, Tomas" <tomas.winkler@intel.com>,
	"Lubart, Vitaly" <vitaly.lubart@intel.com>
Subject: Re: [Intel-gfx] [PATCH 09/15] drm/i915/pxp: add huc authentication and loading command
Date: Mon, 20 Jun 2022 23:33:12 -0700	[thread overview]
Message-ID: <f3d140aa-bfd6-4ff3-192a-7e6046cd328b@intel.com> (raw)
In-Reply-To: <20220609231955.3632596-10-daniele.ceraolospurio@intel.com>

Reviewed-by: Alan Previn <alan.previn.teres.alexis@intel.com>

On 6/9/2022 4:19 PM, Ceraolo Spurio, Daniele wrote:
> From: Tomas Winkler <tomas.winkler@intel.com>
>
> Add support for loading HuC via a pxp stream command.
>
> Signed-off-by: Tomas Winkler <tomas.winkler@intel.com>
> Signed-off-by: Vitaly Lubart <vitaly.lubart@intel.com>
> Signed-off-by: Daniele Ceraolo Spurio <daniele.ceraolospurio@intel.com>
> Cc: Alan Previn <alan.previn.teres.alexis@intel.com>
> ---
>   drivers/gpu/drm/i915/Makefile                 |  3 +-
>   drivers/gpu/drm/i915/pxp/intel_pxp_huc.c      | 69 +++++++++++++++++++
>   drivers/gpu/drm/i915/pxp/intel_pxp_huc.h      | 15 ++++
>   .../drm/i915/pxp/intel_pxp_tee_interface.h    | 21 ++++++
>   4 files changed, 107 insertions(+), 1 deletion(-)
>   create mode 100644 drivers/gpu/drm/i915/pxp/intel_pxp_huc.c
>   create mode 100644 drivers/gpu/drm/i915/pxp/intel_pxp_huc.h
>
> diff --git a/drivers/gpu/drm/i915/Makefile b/drivers/gpu/drm/i915/Makefile
> index 5d3aa4807def..8d90e653958c 100644
> --- a/drivers/gpu/drm/i915/Makefile
> +++ b/drivers/gpu/drm/i915/Makefile
> @@ -306,7 +306,8 @@ i915-y += i915_perf.o
>   # Protected execution platform (PXP) support. Base support is required for HuC
>   i915-y += \
>   	pxp/intel_pxp.o \
> -	pxp/intel_pxp_tee.o
> +	pxp/intel_pxp_tee.o \
> +	pxp/intel_pxp_huc.o
>   
>   i915-$(CONFIG_DRM_I915_PXP) += \
>   	pxp/intel_pxp_cmd.o \
> diff --git a/drivers/gpu/drm/i915/pxp/intel_pxp_huc.c b/drivers/gpu/drm/i915/pxp/intel_pxp_huc.c
> new file mode 100644
> index 000000000000..6d25f436f329
> --- /dev/null
> +++ b/drivers/gpu/drm/i915/pxp/intel_pxp_huc.c
> @@ -0,0 +1,69 @@
> +// SPDX-License-Identifier: MIT
> +/*
> + * Copyright(c) 2021, Intel Corporation. All rights reserved.
> + */
> +
> +#include "drm/i915_drm.h"
> +#include "i915_drv.h"
> +
> +#include "gem/i915_gem_region.h"
> +#include "gt/intel_gt.h"
> +
> +#include "intel_pxp.h"
> +#include "intel_pxp_huc.h"
> +#include "intel_pxp_tee.h"
> +#include "intel_pxp_types.h"
> +#include "intel_pxp_tee_interface.h"
> +
> +int intel_pxp_huc_load_and_auth(struct intel_pxp *pxp)
> +{
> +	struct intel_gt *gt = pxp_to_gt(pxp);
> +	struct intel_huc *huc = &gt->uc.huc;
> +	struct pxp_tee_start_huc_auth_in huc_in = {0};
> +	struct pxp_tee_start_huc_auth_out huc_out = {0};
> +	dma_addr_t huc_phys_addr;
> +	u8 client_id = 0;
> +	u8 fence_id = 0;
> +	int err;
> +
> +	if (!pxp->pxp_component)
> +		return -ENODEV;
> +
> +	huc_phys_addr = i915_gem_object_get_dma_address(huc->fw.obj, 0);
> +
> +	/* write the PXP message into the lmem (the sg list) */
> +	huc_in.header.api_version = PXP_TEE_43_APIVER;
> +	huc_in.header.command_id  = PXP_TEE_43_START_HUC_AUTH;
> +	huc_in.header.status      = 0;
> +	huc_in.header.buffer_len  = sizeof(huc_in.huc_base_address);
> +	huc_in.huc_base_address   = huc_phys_addr;
> +
> +	err = intel_pxp_tee_stream_message(pxp, client_id, fence_id,
> +					   &huc_in, sizeof(huc_in),
> +					   &huc_out, sizeof(huc_out));
> +	if (err < 0) {
> +		drm_err(&gt->i915->drm,
> +			"Failed to send HuC load and auth command to GSC [%d]!\n",
> +			err);
> +		return err;
> +	}
> +
> +	/*
> +	 * HuC does sometimes survive suspend/resume (it depends on how "deep"
> +	 * a sleep state the device reaches) so we can end up here on resume
> +	 * with HuC already loaded, in which case the GSC will return
> +	 * PXP_STATUS_OP_NOT_PERMITTED. We can therefore consider the GuC
> +	 * correctly transferred in this scenario; if the same error is ever
> +	 * returned with HuC not loaded we'll still catch it when we check the
> +	 * authentication bit later.
> +	 */
> +	if (huc_out.header.status != PXP_STATUS_SUCCESS &&
> +	    huc_out.header.status != PXP_STATUS_OP_NOT_PERMITTED) {
> +		drm_err(&gt->i915->drm,
> +			"HuC load failed with GSC error = 0x%x\n",
> +			huc_out.header.status);
> +		return -EPROTO;
> +	}
> +
> +	return 0;
> +}
> diff --git a/drivers/gpu/drm/i915/pxp/intel_pxp_huc.h b/drivers/gpu/drm/i915/pxp/intel_pxp_huc.h
> new file mode 100644
> index 000000000000..6cf2d00548c0
> --- /dev/null
> +++ b/drivers/gpu/drm/i915/pxp/intel_pxp_huc.h
> @@ -0,0 +1,15 @@
> +/* SPDX-License-Identifier: MIT */
> +/*
> + * Copyright(c) 2021, Intel Corporation. All rights reserved.
> + */
> +
> +#ifndef __INTEL_PXP_HUC_H__
> +#define __INTEL_PXP_HUC_H__
> +
> +#include <linux/types.h>
> +
> +struct intel_pxp;
> +
> +int intel_pxp_huc_load_and_auth(struct intel_pxp *pxp);
> +
> +#endif /* __INTEL_PXP_HUC_H__ */
> diff --git a/drivers/gpu/drm/i915/pxp/intel_pxp_tee_interface.h b/drivers/gpu/drm/i915/pxp/intel_pxp_tee_interface.h
> index 36e9b0868f5c..1de98959a89d 100644
> --- a/drivers/gpu/drm/i915/pxp/intel_pxp_tee_interface.h
> +++ b/drivers/gpu/drm/i915/pxp/intel_pxp_tee_interface.h
> @@ -9,8 +9,20 @@
>   #include <linux/types.h>
>   
>   #define PXP_TEE_APIVER 0x40002
> +#define PXP_TEE_43_APIVER 0x00040003
>   #define PXP_TEE_ARB_CMDID 0x1e
>   #define PXP_TEE_ARB_PROTECTION_MODE 0x2
> +#define PXP_TEE_43_START_HUC_AUTH   0x0000003A
> +
> +/*
> + * there are a lot of status codes for PXP, but we only define the ones we
> + * actually can handle in the driver. other failure codes will be printed to
> + * error msg for debug.
> + */
> +enum pxp_status {
> +	PXP_STATUS_SUCCESS = 0x0,
> +	PXP_STATUS_OP_NOT_PERMITTED = 0x4013
> +};
>   
>   /* PXP TEE message header */
>   struct pxp_tee_cmd_header {
> @@ -33,4 +45,13 @@ struct pxp_tee_create_arb_out {
>   	struct pxp_tee_cmd_header header;
>   } __packed;
>   
> +struct pxp_tee_start_huc_auth_in {
> +	struct pxp_tee_cmd_header header;
> +	__le64                    huc_base_address;
> +};
> +
> +struct pxp_tee_start_huc_auth_out {
> +	struct pxp_tee_cmd_header header;
> +};
> +
>   #endif /* __INTEL_PXP_TEE_INTERFACE_H__ */

next prev parent reply	other threads:[~2022-06-21  6:33 UTC|newest]

Thread overview: 54+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-06-09 23:19 [Intel-gfx] [PATCH 00/15] HuC loading for DG2 Daniele Ceraolo Spurio
2022-06-09 23:19 ` [Intel-gfx] [PATCH 01/15] HAX: mei: GSC support for XeHP SDV and DG2 platform Daniele Ceraolo Spurio
2022-06-09 23:19 ` [Intel-gfx] [PATCH 02/15] mei: add support to GSC extended header Daniele Ceraolo Spurio
2022-08-03 22:07   ` Teres Alexis, Alan Previn
2022-08-16 20:49     ` Winkler, Tomas
2022-06-09 23:19 ` [Intel-gfx] [PATCH 03/15] mei: bus: enable sending gsc commands Daniele Ceraolo Spurio
2022-06-09 23:19 ` [Intel-gfx] [PATCH 04/15] mei: bus: extend bus API to support command streamer API Daniele Ceraolo Spurio
2022-06-09 23:19 ` [Intel-gfx] [PATCH 05/15] mei: pxp: add command streamer API to the PXP driver Daniele Ceraolo Spurio
2022-07-27  1:42   ` Teres Alexis, Alan Previn
2022-06-09 23:19 ` [Intel-gfx] [PATCH 06/15] mei: pxp: support matching with a gfx discrete card Daniele Ceraolo Spurio
2022-07-27  1:01   ` Teres Alexis, Alan Previn
2022-06-09 23:19 ` [Intel-gfx] [PATCH 07/15] drm/i915/pxp: load the pxp module when we have a gsc-loaded huc Daniele Ceraolo Spurio
2022-06-18  7:27   ` Teres Alexis, Alan Previn
2022-06-09 23:19 ` [Intel-gfx] [PATCH 08/15] drm/i915/pxp: implement function for sending tee stream command Daniele Ceraolo Spurio
2022-06-18  8:07   ` Teres Alexis, Alan Previn
2022-06-09 23:19 ` [Intel-gfx] [PATCH 09/15] drm/i915/pxp: add huc authentication and loading command Daniele Ceraolo Spurio
2022-06-21  6:33   ` Teres Alexis, Alan Previn [this message]
2022-06-09 23:19 ` [Intel-gfx] [PATCH 10/15] drm/i915/dg2: setup HuC loading via GSC Daniele Ceraolo Spurio
2022-07-05 22:35   ` Teres Alexis, Alan Previn
2022-06-09 23:19 ` [Intel-gfx] [PATCH 11/15] drm/i915/huc: track delayed HuC load with a fence Daniele Ceraolo Spurio
2022-07-06  4:42   ` Teres Alexis, Alan Previn
2022-06-09 23:19 ` [Intel-gfx] [PATCH 12/15] drm/i915/huc: stall media submission until HuC is loaded Daniele Ceraolo Spurio
2022-07-27  0:33   ` Teres Alexis, Alan Previn
2022-06-09 23:19 ` [Intel-gfx] [PATCH 13/15] drm/i915/huc: report HuC as loaded even if load still in progress Daniele Ceraolo Spurio
2022-07-06  4:49   ` Teres Alexis, Alan Previn
2022-06-09 23:19 ` [Intel-gfx] [PATCH 14/15] drm/i915/huc: define gsc-compatible HuC fw for DG2 Daniele Ceraolo Spurio
2022-06-22 17:55   ` Teres Alexis, Alan Previn
2022-06-22 18:16   ` Teres Alexis, Alan Previn
2022-06-09 23:19 ` [Intel-gfx] [PATCH 15/15] HAX: drm/i915: force INTEL_MEI_GSC and INTEL_MEI_PXP on for CI Daniele Ceraolo Spurio
2022-06-10  0:07 ` [Intel-gfx] ✗ Fi.CI.CHECKPATCH: warning for HuC loading for DG2 Patchwork
2022-06-10  0:07 ` [Intel-gfx] ✗ Fi.CI.SPARSE: " Patchwork
2022-06-10  8:01 ` [Intel-gfx] ✓ Fi.CI.BAT: success " Patchwork
2022-06-11  8:01 ` [Intel-gfx] ✗ Fi.CI.IGT: failure " Patchwork
2022-06-13  8:16 ` [Intel-gfx] [PATCH 00/15] " Tvrtko Ursulin
2022-06-13 15:39   ` Ceraolo Spurio, Daniele
2022-06-13 16:31     ` Tvrtko Ursulin
2022-06-13 16:41       ` Ceraolo Spurio, Daniele
2022-06-13 16:56         ` Tvrtko Ursulin
2022-06-13 17:06           ` Ceraolo Spurio, Daniele
2022-06-13 17:39             ` Tvrtko Ursulin
2022-06-13 18:13               ` Ceraolo Spurio, Daniele
2022-06-14  7:44                 ` Tvrtko Ursulin
2022-06-14 15:30                   ` Ceraolo Spurio, Daniele
2022-06-14 23:15                     ` Ye, Tony
2022-06-15 10:13                       ` Tvrtko Ursulin
2022-06-15 14:35                         ` Ceraolo Spurio, Daniele
2022-06-15 14:53                           ` Tvrtko Ursulin
2022-06-15 16:14                         ` Ye, Tony
2022-06-16  2:28                           ` Zhang, Carl
2022-07-05 23:30                             ` Ceraolo Spurio, Daniele
2022-07-06 17:26                               ` Ye, Tony
2022-07-06 19:29                                 ` Ceraolo Spurio, Daniele
2022-07-06 20:11                                   ` Ye, Tony
2022-06-16  7:10                           ` Tvrtko Ursulin

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=f3d140aa-bfd6-4ff3-192a-7e6046cd328b@intel.com \
    --to=alan.previn.teres.alexis@intel.com \
    --cc=daniele.ceraolospurio@intel.com \
    --cc=intel-gfx@lists.freedesktop.org \
    --cc=tomas.winkler@intel.com \
    --cc=vitaly.lubart@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox