From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BA8AB23ED4A; Tue, 10 Dec 2024 21:24:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1733865846; cv=none; b=q69WpWaQ1wgF5Vwdqp2NUNexN/mtwl7Cc/i1qyw6n8upB/AkId/rp4yXEZ3UjDYqyr5agCfaHHdLdo81ah5M0EIbyxeBjBdUyr5AvmJBRS082Z8rR5+4a/cLj86KmuS4mfNeU/GA0+sVhSydpOwZZibeuPEibx4Chusuw/6dYs4= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1733865846; c=relaxed/simple; bh=Z5QvjqXjt7nt1q0SyE0Y+TbsCeMskbC5KMAyiIhNWlM=; h=Date:Message-ID:From:To:Cc:Subject:In-Reply-To:References: MIME-Version:Content-Type; b=g0RNfekqGpRhFzG/vKLHnXyVTTb408dOkFyMNonCxkrzshGrPtAJw0L2oUyOtbzne4kHm1liPEXPoyqRoSfmcvkoHW/y2r6gvx63Pqku+j9DJ6Cuu906Wol+B4G3Koi871BdoxaFHUKCr4JOFcWDmTAWB8Wx6U061ddSEeGBRz4= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=BqNi3BmZ; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="BqNi3BmZ" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 4674DC4CED6; Tue, 10 Dec 2024 21:24:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1733865846; bh=Z5QvjqXjt7nt1q0SyE0Y+TbsCeMskbC5KMAyiIhNWlM=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=BqNi3BmZUbZUW6Zfk5jruHxc91Vc4ndIr/HQATGRfe4AEuzMXIuAGGUZM02wiCxcU BeyzmRVUEOWnu6w7P25Q3tNM6A5L7XIqjGQnbHR1Gh8i1sI/UNVYTxfvF/uFg7uBMq 3bXhLuQF1VVtz5EtLDVeBpv1Mms4q3OVr21jfz+lABscBw7b1+N63WhnyUFDq8/6Md j9D8ka0190Ef4Bkbk5+KViXESKdYnWegZS3OIB2elS7T/8Dlesll/WZRpfygMKbR42 hFjSfqkMPqCqor/LGEx1gO52loRWGpwHIWlgdTlszXXSCH9Ibrc0MwtdQ6O4+8rVlb uEL4n4cfioiIQ== Received: from sofa.misterjones.org ([185.219.108.64] helo=wait-a-minute.misterjones.org) by disco-boy.misterjones.org with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1tL7i7-002QNJ-Ry; Tue, 10 Dec 2024 21:24:03 +0000 Date: Tue, 10 Dec 2024 21:24:03 +0000 Message-ID: <87ed2fs03w.wl-maz@kernel.org> From: Marc Zyngier To: Akhil P Oommen Cc: Rob Clark , Sean Paul , "Konrad\ Dybcio" , Abhinav Kumar , Dmitry Baryshkov , Marijn Suijten , David Airlie , "Simona\ Vetter" , Elliot Berman , "Pavan\ Kondeti" , , , , , Subject: Re: [PATCH] drm/msm/a6xx: Skip gpu secure fw load in EL2 mode In-Reply-To: <20241209-drm-msm-kvm-support-v1-1-1c983a8a8087@quicinc.com> References: <20241209-drm-msm-kvm-support-v1-1-1c983a8a8087@quicinc.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM-LB/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL-LB/10.8 EasyPG/1.0.0 Emacs/29.4 (x86_64-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-SA-Exim-Connect-IP: 185.219.108.64 X-SA-Exim-Rcpt-To: quic_akhilpo@quicinc.com, robdclark@gmail.com, sean@poorly.run, konradybcio@kernel.org, quic_abhinavk@quicinc.com, dmitry.baryshkov@linaro.org, marijn.suijten@somainline.org, airlied@gmail.com, simona@ffwll.ch, quic_eberman@quicinc.com, quic_pkondeti@quicinc.com, linux-arm-msm@vger.kernel.org, dri-devel@lists.freedesktop.org, freedreno@lists.freedesktop.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false On Mon, 09 Dec 2024 08:19:15 +0000, Akhil P Oommen wrote: > > When kernel is booted in EL2, SECVID registers are accessible to the > KMD. So we can use that to switch GPU's secure mode to avoid dependency > on Zap firmware. Also, we can't load a secure firmware without a > hypervisor that supports it. > > Tested following configurations on sa8775p chipset (Adreno 663 gpu): > > 1. Gunyah (No KVM) - Loads zap shader based on DT > 2. KVM in VHE - Skips zap shader load and programs SECVID register > 3. KVM in nVHE - Loads zap shader based on DT > 4. Kernel in EL2 with CONFIG_KVM=n - Skips zap shader load and > programs SECVID register > > For (1) and (3) configuration, this patch doesn't have any impact. > Driver loads secure firmware based on other existing hints. The moment the kernel is entered at EL2, this is a bare metal situation, and everything is accessible. So your distinction between VHE and nVHE (which would equally apply to hVHE and pKVM) makes no sense at all. Same thing for KVM being disabled, which has no bearing on what can be accessed. > > Signed-off-by: Akhil P Oommen > --- > --- > drivers/gpu/drm/msm/adreno/a6xx_gpu.c | 82 +++++++++++++++++++++++------------ > 1 file changed, 54 insertions(+), 28 deletions(-) > > diff --git a/drivers/gpu/drm/msm/adreno/a6xx_gpu.c b/drivers/gpu/drm/msm/adreno/a6xx_gpu.c > index 019610341df1..9dcaa8472430 100644 > --- a/drivers/gpu/drm/msm/adreno/a6xx_gpu.c > +++ b/drivers/gpu/drm/msm/adreno/a6xx_gpu.c > @@ -14,6 +14,10 @@ > #include > #include > > +#ifdef CONFIG_ARM64 > +#include > +#endif How about 32bit ARM? > + > #define GPU_PAS_ID 13 > > static inline bool _a6xx_check_idle(struct msm_gpu *gpu) > @@ -998,6 +1002,54 @@ static int a6xx_zap_shader_init(struct msm_gpu *gpu) > return ret; > } > > +static int a6xx_switch_secure_mode(struct msm_gpu *gpu) > +{ > + int ret; > + > +#ifdef CONFIG_ARM64 > + /* > + * We can access SECVID_TRUST_CNTL register when kernel is booted in EL2 mode. So, use it > + * to switch the secure mode to avoid the dependency on zap shader. > + */ > + if (is_kernel_in_hyp_mode()) > + goto direct_switch; No, please. To check whether you are *booted* at EL2, you need to check for is_hyp_available(). Whether the kernel runs at EL1 or EL2 is none of the driver's business, really. This is still absolutely disgusting from an abstraction perspective, but I guess we don't have much choice here. In the future, for anything involving KVM, please Cc the maintainers, reviewers and mailing list listed in the MAINTAINERS file. Thanks, M. -- Without deviation from the norm, progress is not possible.