From: Nicolas Dufresne <nicolas@ndufresne.ca>
To: "mripard@kernel.org" <mripard@kernel.org>,
"Christian König" <christian.koenig@amd.com>
Cc: "Jason-JH Lin (林睿祥)" <Jason-JH.Lin@mediatek.com>,
"daniel@ffwll.ch" <daniel@ffwll.ch>,
"quic_vjitta@quicinc.com" <quic_vjitta@quicinc.com>,
"angelogioacchino.delregno@collabora.com"
<angelogioacchino.delregno@collabora.com>,
"sumit.semwal@linaro.org" <sumit.semwal@linaro.org>,
"conor+dt@kernel.org" <conor+dt@kernel.org>,
"jkardatzke@google.com" <jkardatzke@google.com>,
"krzysztof.kozlowski+dt@linaro.org"
<krzysztof.kozlowski+dt@linaro.org>,
"joakim.bech@linaro.org" <joakim.bech@linaro.org>,
"Youlin Pei (裴友林)" <youlin.pei@mediatek.com>,
"logang@deltatee.com" <logang@deltatee.com>,
"dri-devel@lists.freedesktop.org"
<dri-devel@lists.freedesktop.org>,
"Kuohong Wang (王國鴻)" <kuohong.wang@mediatek.com>,
"Jianjiao Zeng (曾健姣)" <Jianjiao.Zeng@mediatek.com>,
"contact@emersion.fr" <contact@emersion.fr>,
"benjamin.gaignard@collabora.com"
<benjamin.gaignard@collabora.com>,
"matthias.bgg@gmail.com" <matthias.bgg@gmail.com>,
"linux-mediatek@lists.infradead.org"
<linux-mediatek@lists.infradead.org>,
"linaro-mm-sig@lists.linaro.org" <linaro-mm-sig@lists.linaro.org>,
"willy@infradead.org" <willy@infradead.org>,
"pavel@ucw.cz" <pavel@ucw.cz>,
"akpm@linux-foundation.org" <akpm@linux-foundation.org>,
"Brian.Starkey@arm.com" <Brian.Starkey@arm.com>,
"robh+dt@kernel.org" <robh+dt@kernel.org>,
"linux-media@vger.kernel.org" <linux-media@vger.kernel.org>,
"devicetree@vger.kernel.org" <devicetree@vger.kernel.org>,
"tjmercier@google.com" <tjmercier@google.com>,
"jstultz@google.com" <jstultz@google.com>,
"linux-arm-kernel@lists.infradead.org"
<linux-arm-kernel@lists.infradead.org>,
"robin.murphy@arm.com" <robin.murphy@arm.com>,
"Yong Wu (吴勇)" <Yong.Wu@mediatek.com>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"ppaalanen@gmail.com" <ppaalanen@gmail.com>
Subject: Re: [PATCH v5 2/9] scatterlist: Add a flag for the restricted memory
Date: Fri, 28 Jun 2024 16:23:25 -0400 [thread overview]
Message-ID: <ee405147d5e9826f1b2ad7d7c3bdb2fb745de420.camel@ndufresne.ca> (raw)
In-Reply-To: <20240627-impetuous-aboriginal-cougar-cdcbbf@houat>
Hi,
Le jeudi 27 juin 2024 à 16:40 +0200, mripard@kernel.org a écrit :
> > You can trivially say during use hey this buffer is encrypted.
> >
> > At least that's my 10 mile high view, maybe I'm missing some extensive key
> > exchange or something like that.
>
> That doesn't work in all cases, unfortunately.
>
> If you're doing secure video playback, the firmware is typically in
> charge of the frame decryption/decoding, and you'd get dma-buf back that
> aren't accessible by the CPU (or at least, not at the execution level
> Linux runs with).
>
> So nobody can map that buffer, and the firmware driver is the one who
> knows that this buffer cannot be accessed by anyone. Putting this on the
> userspace to know would be pretty weird, and wouldn't solve the case
> where the kernel would try to map it.
Userspace will be the one calling into the CDM TF-A to get the bitstream buffer
to be decrypted, not the firmware. The encrypted buffers are not using
restricted memory. Userspace is also responsible for calling into the MTK
restricted heap to allocate the destination buffer (on other platform it could
be CMA heaps + TF-A call to restrict the allocated memory, I've seen some
discussions related to this, but its not possible on Mediatek HW).
I think its fair to assume that userspace always know which buffers are
restricted or not in the SVP process.
Nicolas
next prev parent reply other threads:[~2024-06-28 20:23 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-05-15 11:22 [PATCH v5 0/9] dma-buf: heaps: Add restricted heap Yong Wu
2024-05-15 11:23 ` [PATCH v5 1/9] dt-bindings: reserved-memory: Add mediatek,dynamic-restricted-region Yong Wu
2024-05-15 11:23 ` [PATCH v5 2/9] scatterlist: Add a flag for the restricted memory Yong Wu
2024-05-16 8:17 ` Christian König
2024-05-20 7:58 ` Yong Wu (吴勇)
2024-05-21 18:36 ` Christian König
2024-06-25 11:02 ` Jason-JH Lin (林睿祥)
[not found] ` <3104b765-5666-44e4-8788-f1b1b296fe17@amd.com>
2024-06-26 8:05 ` Jason-JH Lin (林睿祥)
[not found] ` <75dc1136-7751-4772-9fa7-dd9124684cd2@amd.com>
2024-06-26 17:56 ` Daniel Vetter
2024-06-27 3:21 ` Jason-JH Lin (林睿祥)
2024-06-27 6:57 ` Christian König
2024-06-27 14:40 ` mripard
2024-06-28 11:47 ` Thierry Reding
2024-06-28 13:21 ` mripard
2024-06-28 14:11 ` Thierry Reding
2024-06-28 20:34 ` Nicolas Dufresne
[not found] ` <c96f82e3-bbd6-407e-a71b-3a794a56585b@amd.com>
2024-06-28 13:57 ` Thierry Reding
2024-06-28 17:52 ` Daniel Vetter
[not found] ` <304c9faa-5a9c-4520-a3d8-0818f76dd7c9@amd.com>
2024-06-28 13:40 ` mripard
[not found] ` <18c6ab56-1d43-4646-914b-6de793811040@amd.com>
2024-07-10 9:56 ` Jason-JH Lin (林睿祥)
2024-06-28 20:23 ` Nicolas Dufresne [this message]
2024-06-28 20:16 ` Nicolas Dufresne
2024-06-27 3:17 ` Jason-JH Lin (林睿祥)
2024-05-16 9:59 ` AngeloGioacchino Del Regno
2024-05-20 9:53 ` Yong Wu (吴勇)
2024-05-15 11:23 ` [PATCH v5 3/9] lib/scatterlist: Add sg_dup_table Yong Wu
2024-05-15 11:23 ` [PATCH v5 4/9] dma-buf: heaps: Initialize a restricted heap Yong Wu
2024-05-15 11:23 ` [PATCH v5 5/9] dma-buf: heaps: restricted_heap: Add private heap ops Yong Wu
2024-06-28 12:26 ` Thierry Reding
2024-05-15 11:23 ` [PATCH v5 6/9] dma-buf: heaps: restricted_heap: Add dma_ops Yong Wu
2024-05-15 11:23 ` [PATCH v5 7/9] dma-buf: heaps: restricted_heap: Add MediaTek restricted heap and heap_init Yong Wu
2024-06-28 12:38 ` Thierry Reding
2024-08-22 15:11 ` Jens Wiklander
2024-05-15 11:23 ` [PATCH v5 8/9] dma-buf: heaps: restricted_heap_mtk: Add TEE memory service call Yong Wu
2024-05-15 11:23 ` [PATCH v5 9/9] dma_buf: heaps: restricted_heap_mtk: Add a new CMA heap Yong Wu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ee405147d5e9826f1b2ad7d7c3bdb2fb745de420.camel@ndufresne.ca \
--to=nicolas@ndufresne.ca \
--cc=Brian.Starkey@arm.com \
--cc=Jason-JH.Lin@mediatek.com \
--cc=Jianjiao.Zeng@mediatek.com \
--cc=Yong.Wu@mediatek.com \
--cc=akpm@linux-foundation.org \
--cc=angelogioacchino.delregno@collabora.com \
--cc=benjamin.gaignard@collabora.com \
--cc=christian.koenig@amd.com \
--cc=conor+dt@kernel.org \
--cc=contact@emersion.fr \
--cc=daniel@ffwll.ch \
--cc=devicetree@vger.kernel.org \
--cc=dri-devel@lists.freedesktop.org \
--cc=jkardatzke@google.com \
--cc=joakim.bech@linaro.org \
--cc=jstultz@google.com \
--cc=krzysztof.kozlowski+dt@linaro.org \
--cc=kuohong.wang@mediatek.com \
--cc=linaro-mm-sig@lists.linaro.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-media@vger.kernel.org \
--cc=linux-mediatek@lists.infradead.org \
--cc=logang@deltatee.com \
--cc=matthias.bgg@gmail.com \
--cc=mripard@kernel.org \
--cc=pavel@ucw.cz \
--cc=ppaalanen@gmail.com \
--cc=quic_vjitta@quicinc.com \
--cc=robh+dt@kernel.org \
--cc=robin.murphy@arm.com \
--cc=sumit.semwal@linaro.org \
--cc=tjmercier@google.com \
--cc=willy@infradead.org \
--cc=youlin.pei@mediatek.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox