[v2,10/11] drm/amdgpu: job is secure iff CS is secure (v3)

Submitted by Huang, Ray on Sept. 25, 2019, 1:45 p.m.

Details

Message ID 1569419090-5304-11-git-send-email-ray.huang@amd.com
State New
Headers show
Series "drm/amdgpu: introduce secure buffer object support (trusted memory zone)" ( rev: 2 ) in AMD X.Org drivers

Not browsing as part of any series.

Commit Message

Huang, Ray Sept. 25, 2019, 1:45 p.m.
Mark a job as secure, if and only if the command
submission flag has the secure flag set.

v2: fix the null job pointer while in vmid 0
submission.
v3: Context --> Command submission.

Signed-off-by: Huang Rui <ray.huang@amd.com>
Co-developed-by: Luben Tuikov <luben.tuikov@amd.com>
Signed-off-by: Luben Tuikov <luben.tuikov@amd.com>
Reviewed-by: Alex Deucher <alexander.deucher@amd.com>
---
 drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c  | 8 +++++++-
 drivers/gpu/drm/amd/amdgpu/amdgpu_ib.c  | 4 ++--
 drivers/gpu/drm/amd/amdgpu/amdgpu_job.h | 2 ++
 3 files changed, 11 insertions(+), 3 deletions(-)

Patch hide | download patch | download mbox

diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c
index 51f3db0..0077bb3 100644
--- a/drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c
+++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c
@@ -1252,8 +1252,14 @@  static int amdgpu_cs_submit(struct amdgpu_cs_parser *p,
 		p->ctx->preamble_presented = true;
 	}
 
-	cs->out.handle = seq;
+	/* The command submission (cs) is a union, so an assignment to
+	 * 'out' is destructive to the cs (at least the first 8
+	 * bytes). For this reason, inquire about the flags before the
+	 * assignment to 'out'.
+	 */
+	job->secure = cs->in.flags & AMDGPU_CS_FLAGS_SECURE;
 	job->uf_sequence = seq;
+	cs->out.handle = seq;
 
 	amdgpu_job_free_resources(job);
 
diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_ib.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_ib.c
index e1dc229..cb9b650 100644
--- a/drivers/gpu/drm/amd/amdgpu/amdgpu_ib.c
+++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_ib.c
@@ -210,7 +210,7 @@  int amdgpu_ib_schedule(struct amdgpu_ring *ring, unsigned num_ibs,
 	if (job && ring->funcs->emit_cntxcntl) {
 		status |= job->preamble_status;
 		status |= job->preemption_status;
-		amdgpu_ring_emit_cntxcntl(ring, status, false);
+		amdgpu_ring_emit_cntxcntl(ring, status, job->secure);
 	}
 
 	for (i = 0; i < num_ibs; ++i) {
@@ -229,7 +229,7 @@  int amdgpu_ib_schedule(struct amdgpu_ring *ring, unsigned num_ibs,
 	}
 
 	if (ring->funcs->emit_tmz)
-		amdgpu_ring_emit_tmz(ring, false, false);
+		amdgpu_ring_emit_tmz(ring, false, job ? job->secure : false);
 
 #ifdef CONFIG_X86_64
 	if (!(adev->flags & AMD_IS_APU))
diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_job.h b/drivers/gpu/drm/amd/amdgpu/amdgpu_job.h
index dc7ee93..aa0e375 100644
--- a/drivers/gpu/drm/amd/amdgpu/amdgpu_job.h
+++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_job.h
@@ -63,6 +63,8 @@  struct amdgpu_job {
 	uint64_t		uf_addr;
 	uint64_t		uf_sequence;
 
+	/* the job is due to a secure command submission */
+	bool			secure;
 };
 
 int amdgpu_job_alloc(struct amdgpu_device *adev, unsigned num_ibs,

Comments

Am 25.09.19 um 15:45 schrieb Huang, Ray:
> Mark a job as secure, if and only if the command

> submission flag has the secure flag set.

>

> v2: fix the null job pointer while in vmid 0

> submission.

> v3: Context --> Command submission.

>

> Signed-off-by: Huang Rui <ray.huang@amd.com>

> Co-developed-by: Luben Tuikov <luben.tuikov@amd.com>

> Signed-off-by: Luben Tuikov <luben.tuikov@amd.com>

> Reviewed-by: Alex Deucher <alexander.deucher@amd.com>

> ---

>   drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c  | 8 +++++++-

>   drivers/gpu/drm/amd/amdgpu/amdgpu_ib.c  | 4 ++--

>   drivers/gpu/drm/amd/amdgpu/amdgpu_job.h | 2 ++

>   3 files changed, 11 insertions(+), 3 deletions(-)

>

> diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c

> index 51f3db0..0077bb3 100644

> --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c

> +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c

> @@ -1252,8 +1252,14 @@ static int amdgpu_cs_submit(struct amdgpu_cs_parser *p,

>   		p->ctx->preamble_presented = true;

>   	}

>   

> -	cs->out.handle = seq;

> +	/* The command submission (cs) is a union, so an assignment to

> +	 * 'out' is destructive to the cs (at least the first 8

> +	 * bytes). For this reason, inquire about the flags before the

> +	 * assignment to 'out'.

> +	 */

> +	job->secure = cs->in.flags & AMDGPU_CS_FLAGS_SECURE;


NAK accessing cs->in.flags in the submission function is a no-go here.

You need to fill those things up during job creation, see 
amdgpu_cs_parser_init().

Regards,
Christian.

>   	job->uf_sequence = seq;

> +	cs->out.handle = seq;

>   

>   	amdgpu_job_free_resources(job);

>   

> diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_ib.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_ib.c

> index e1dc229..cb9b650 100644

> --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_ib.c

> +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_ib.c

> @@ -210,7 +210,7 @@ int amdgpu_ib_schedule(struct amdgpu_ring *ring, unsigned num_ibs,

>   	if (job && ring->funcs->emit_cntxcntl) {

>   		status |= job->preamble_status;

>   		status |= job->preemption_status;

> -		amdgpu_ring_emit_cntxcntl(ring, status, false);

> +		amdgpu_ring_emit_cntxcntl(ring, status, job->secure);

>   	}

>   

>   	for (i = 0; i < num_ibs; ++i) {

> @@ -229,7 +229,7 @@ int amdgpu_ib_schedule(struct amdgpu_ring *ring, unsigned num_ibs,

>   	}

>   

>   	if (ring->funcs->emit_tmz)

> -		amdgpu_ring_emit_tmz(ring, false, false);

> +		amdgpu_ring_emit_tmz(ring, false, job ? job->secure : false);

>   

>   #ifdef CONFIG_X86_64

>   	if (!(adev->flags & AMD_IS_APU))

> diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_job.h b/drivers/gpu/drm/amd/amdgpu/amdgpu_job.h

> index dc7ee93..aa0e375 100644

> --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_job.h

> +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_job.h

> @@ -63,6 +63,8 @@ struct amdgpu_job {

>   	uint64_t		uf_addr;

>   	uint64_t		uf_sequence;

>   

> +	/* the job is due to a secure command submission */

> +	bool			secure;

>   };

>   

>   int amdgpu_job_alloc(struct amdgpu_device *adev, unsigned num_ibs,