From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 43E7AE7717F for ; Tue, 10 Dec 2024 21:25:25 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:List-Subscribe:List-Help :List-Post:List-Archive:List-Unsubscribe:List-Id:Content-Type:MIME-Version: References:In-Reply-To:Subject:Cc:To:From:Message-ID:Date:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=Q2qoFLdR/xIP85ix2Li0D4PJ+5Rd5stMHYwiWRLqhAI=; b=0C9vQrO1zhfJ6J5WAfWasQSQvw qvygQMIGDE8+1lJJnOdbIvC4R+eaHxTRwQpkrvcP/5cOv04TlDLWksajrrJ+RYlSVrkUoBPiFMuxQ xMdnbLD8UKBI7NmWr5xtiTpMnGBpQcUy8VLLBSTtxC3Z7aVliAhe32GG+gfaa2vOdaRfp8DRvItXT ksIONLJj5lndRbavKq6EmdywGEKMzACp9pRcwWtMEm7ouYKmRMYyVr3Pwyt1swM3AhgaoI3YlwyBl gU6plWzr2JQLywWqUYFFYy5qVm8TebgTW+doh3zLACQE0Dvi+Do6Hl0GlSv3rZmz7nqkUayzhfxrG k0iNedBg==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.98 #2 (Red Hat Linux)) id 1tL7jE-0000000CnpB-3rXo; Tue, 10 Dec 2024 21:25:12 +0000 Received: from dfw.source.kernel.org ([139.178.84.217]) by bombadil.infradead.org with esmtps (Exim 4.98 #2 (Red Hat Linux)) id 1tL7iB-0000000Cnik-27Ap for linux-arm-kernel@lists.infradead.org; Tue, 10 Dec 2024 21:24:08 +0000 Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by dfw.source.kernel.org (Postfix) with ESMTP id 245B25C59DF; Tue, 10 Dec 2024 21:23:24 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 4674DC4CED6; Tue, 10 Dec 2024 21:24:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1733865846; bh=Z5QvjqXjt7nt1q0SyE0Y+TbsCeMskbC5KMAyiIhNWlM=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=BqNi3BmZUbZUW6Zfk5jruHxc91Vc4ndIr/HQATGRfe4AEuzMXIuAGGUZM02wiCxcU BeyzmRVUEOWnu6w7P25Q3tNM6A5L7XIqjGQnbHR1Gh8i1sI/UNVYTxfvF/uFg7uBMq 3bXhLuQF1VVtz5EtLDVeBpv1Mms4q3OVr21jfz+lABscBw7b1+N63WhnyUFDq8/6Md j9D8ka0190Ef4Bkbk5+KViXESKdYnWegZS3OIB2elS7T/8Dlesll/WZRpfygMKbR42 hFjSfqkMPqCqor/LGEx1gO52loRWGpwHIWlgdTlszXXSCH9Ibrc0MwtdQ6O4+8rVlb uEL4n4cfioiIQ== Received: from sofa.misterjones.org ([185.219.108.64] helo=wait-a-minute.misterjones.org) by disco-boy.misterjones.org with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1tL7i7-002QNJ-Ry; Tue, 10 Dec 2024 21:24:03 +0000 Date: Tue, 10 Dec 2024 21:24:03 +0000 Message-ID: <87ed2fs03w.wl-maz@kernel.org> From: Marc Zyngier To: Akhil P Oommen Cc: Rob Clark , Sean Paul , "Konrad\ Dybcio" , Abhinav Kumar , Dmitry Baryshkov , Marijn Suijten , David Airlie , "Simona\ Vetter" , Elliot Berman , "Pavan\ Kondeti" , , , , , Subject: Re: [PATCH] drm/msm/a6xx: Skip gpu secure fw load in EL2 mode In-Reply-To: <20241209-drm-msm-kvm-support-v1-1-1c983a8a8087@quicinc.com> References: <20241209-drm-msm-kvm-support-v1-1-1c983a8a8087@quicinc.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM-LB/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL-LB/10.8 EasyPG/1.0.0 Emacs/29.4 (x86_64-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO) MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-SA-Exim-Connect-IP: 185.219.108.64 X-SA-Exim-Rcpt-To: quic_akhilpo@quicinc.com, robdclark@gmail.com, sean@poorly.run, konradybcio@kernel.org, quic_abhinavk@quicinc.com, dmitry.baryshkov@linaro.org, marijn.suijten@somainline.org, airlied@gmail.com, simona@ffwll.ch, quic_eberman@quicinc.com, quic_pkondeti@quicinc.com, linux-arm-msm@vger.kernel.org, dri-devel@lists.freedesktop.org, freedreno@lists.freedesktop.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20241210_132407_630750_20DB250F X-CRM114-Status: GOOD ( 28.56 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Mon, 09 Dec 2024 08:19:15 +0000, Akhil P Oommen wrote: > > When kernel is booted in EL2, SECVID registers are accessible to the > KMD. So we can use that to switch GPU's secure mode to avoid dependency > on Zap firmware. Also, we can't load a secure firmware without a > hypervisor that supports it. > > Tested following configurations on sa8775p chipset (Adreno 663 gpu): > > 1. Gunyah (No KVM) - Loads zap shader based on DT > 2. KVM in VHE - Skips zap shader load and programs SECVID register > 3. KVM in nVHE - Loads zap shader based on DT > 4. Kernel in EL2 with CONFIG_KVM=n - Skips zap shader load and > programs SECVID register > > For (1) and (3) configuration, this patch doesn't have any impact. > Driver loads secure firmware based on other existing hints. The moment the kernel is entered at EL2, this is a bare metal situation, and everything is accessible. So your distinction between VHE and nVHE (which would equally apply to hVHE and pKVM) makes no sense at all. Same thing for KVM being disabled, which has no bearing on what can be accessed. > > Signed-off-by: Akhil P Oommen > --- > --- > drivers/gpu/drm/msm/adreno/a6xx_gpu.c | 82 +++++++++++++++++++++++------------ > 1 file changed, 54 insertions(+), 28 deletions(-) > > diff --git a/drivers/gpu/drm/msm/adreno/a6xx_gpu.c b/drivers/gpu/drm/msm/adreno/a6xx_gpu.c > index 019610341df1..9dcaa8472430 100644 > --- a/drivers/gpu/drm/msm/adreno/a6xx_gpu.c > +++ b/drivers/gpu/drm/msm/adreno/a6xx_gpu.c > @@ -14,6 +14,10 @@ > #include > #include > > +#ifdef CONFIG_ARM64 > +#include > +#endif How about 32bit ARM? > + > #define GPU_PAS_ID 13 > > static inline bool _a6xx_check_idle(struct msm_gpu *gpu) > @@ -998,6 +1002,54 @@ static int a6xx_zap_shader_init(struct msm_gpu *gpu) > return ret; > } > > +static int a6xx_switch_secure_mode(struct msm_gpu *gpu) > +{ > + int ret; > + > +#ifdef CONFIG_ARM64 > + /* > + * We can access SECVID_TRUST_CNTL register when kernel is booted in EL2 mode. So, use it > + * to switch the secure mode to avoid the dependency on zap shader. > + */ > + if (is_kernel_in_hyp_mode()) > + goto direct_switch; No, please. To check whether you are *booted* at EL2, you need to check for is_hyp_available(). Whether the kernel runs at EL1 or EL2 is none of the driver's business, really. This is still absolutely disgusting from an abstraction perspective, but I guess we don't have much choice here. In the future, for anything involving KVM, please Cc the maintainers, reviewers and mailing list listed in the MAINTAINERS file. Thanks, M. -- Without deviation from the norm, progress is not possible.