[PATCH v7 04/11] drm: revocation check at drm subsystem

Harry Wentland hwentlan at amd.com
Thu Sep 12 00:15:32 UTC 2019


Adding a couple AMD guys.

I know this is already merged but I have a few questions after some
internal discussions.

On 2019-05-07 12:27 p.m., Ramalingam C wrote:
> On every hdcp revocation check request SRM is read from fw file
> /lib/firmware/display_hdcp_srm.bin
> 

According to section 5 of the HDCP 2.3 spec [1] a device compliant with
HDCP 2.0 and higher must be capable of storing and updating the SRM in
non-volatile memory. Section 5.2 describes how this SRM needs to be
updated when a new version is served alongside protected content.

Isn't /lib/firmware intended for static firmware making updates to the
folder problematic for anyone but the system's package maintainer? I've
heard /lib might even be treated as read-only in certain environments.
This would mean it'd be impossible to support HDCP 2.x on those systems.

Wouldn't it be easier to provide a sysfs entry for SRM that allows
userspace (e.g. system startup/shutdown scripts) to (a) retrieve the SRM
from the HDCP implementation for non-volatile storage and (b) to pass
the SRM to the HDCP implementation for revocation checking?

[1]
https://www.digital-cp.com/sites/default/files/HDCP%20on%20HDMI%20Specification%20Rev2_3.pdf

Thanks,
Harry

> SRM table is parsed and stored at drm_hdcp.c, with functions exported
> for the services for revocation check from drivers (which
> implements the HDCP authentication)
> 
> This patch handles the HDCP1.4 and 2.2 versions of SRM table.
> 
> v2:
>   moved the uAPI to request_firmware_direct() [Daniel]
> v3:
>   kdoc added. [Daniel]
>   srm_header unified and bit field definitions are removed. [Daniel]
>   locking improved. [Daniel]
>   vrl length violation is fixed. [Daniel]
> v4:
>   s/__swab16/be16_to_cpu [Daniel]
>   be24_to_cpu is done through a global func [Daniel]
>   Unused variables are removed. [Daniel]
>   unchecked return values are dropped from static funcs [Daniel]
> 
> Signed-off-by: Ramalingam C <ramalingam.c at intel.com>
> Acked-by: Satyeshwar Singh <satyeshwar.singh at intel.com>
> Reviewed-by: Daniel Vetter <daniel at ffwll.ch>
> ---
>  Documentation/gpu/drm-kms-helpers.rst |   6 +
>  drivers/gpu/drm/Makefile              |   2 +-
>  drivers/gpu/drm/drm_hdcp.c            | 333 ++++++++++++++++++++++++++
>  drivers/gpu/drm/drm_internal.h        |   4 +
>  drivers/gpu/drm/drm_sysfs.c           |   2 +
>  include/drm/drm_hdcp.h                |  24 ++
>  6 files changed, 370 insertions(+), 1 deletion(-)
>  create mode 100644 drivers/gpu/drm/drm_hdcp.c
> 
> diff --git a/Documentation/gpu/drm-kms-helpers.rst b/Documentation/gpu/drm-kms-helpers.rst
> index 14102ae035dc..0fe726a6ee67 100644
> --- a/Documentation/gpu/drm-kms-helpers.rst
> +++ b/Documentation/gpu/drm-kms-helpers.rst
> @@ -181,6 +181,12 @@ Panel Helper Reference
>  .. kernel-doc:: drivers/gpu/drm/drm_panel_orientation_quirks.c
>     :export:
> 
> +HDCP Helper Functions Reference
> +===============================
> +
> +.. kernel-doc:: drivers/gpu/drm/drm_hdcp.c
> +   :export:
> +
>  Display Port Helper Functions Reference
>  =======================================
> 
> diff --git a/drivers/gpu/drm/Makefile b/drivers/gpu/drm/Makefile
> index 72f5036d9bfa..dd02e9dec810 100644
> --- a/drivers/gpu/drm/Makefile
> +++ b/drivers/gpu/drm/Makefile
> @@ -17,7 +17,7 @@ drm-y       :=        drm_auth.o drm_cache.o \
>                 drm_plane.o drm_color_mgmt.o drm_print.o \
>                 drm_dumb_buffers.o drm_mode_config.o drm_vblank.o \
>                 drm_syncobj.o drm_lease.o drm_writeback.o drm_client.o \
> -               drm_atomic_uapi.o
> +               drm_atomic_uapi.o drm_hdcp.o
> 
>  drm-$(CONFIG_DRM_LEGACY) += drm_legacy_misc.o drm_bufs.o drm_context.o drm_dma.o drm_scatter.o drm_lock.o
>  drm-$(CONFIG_DRM_LIB_RANDOM) += lib/drm_random.o
> diff --git a/drivers/gpu/drm/drm_hdcp.c b/drivers/gpu/drm/drm_hdcp.c
> new file mode 100644
> index 000000000000..5e5409505c31
> --- /dev/null
> +++ b/drivers/gpu/drm/drm_hdcp.c
> @@ -0,0 +1,333 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * Copyright (C) 2019 Intel Corporation.
> + *
> + * Authors:
> + * Ramalingam C <ramalingam.c at intel.com>
> + */
> +
> +#include <linux/device.h>
> +#include <linux/err.h>
> +#include <linux/gfp.h>
> +#include <linux/export.h>
> +#include <linux/slab.h>
> +#include <linux/firmware.h>
> +
> +#include <drm/drm_hdcp.h>
> +#include <drm/drm_sysfs.h>
> +#include <drm/drm_print.h>
> +#include <drm/drm_device.h>
> +
> +struct hdcp_srm {
> +       u32 revoked_ksv_cnt;
> +       u8 *revoked_ksv_list;
> +
> +       /* Mutex to protect above struct member */
> +       struct mutex mutex;
> +} *srm_data;
> +
> +static inline void drm_hdcp_print_ksv(const u8 *ksv)
> +{
> +       DRM_DEBUG("\t%#02x, %#02x, %#02x, %#02x, %#02x\n",
> +                 ksv[0], ksv[1], ksv[2], ksv[3], ksv[4]);
> +}
> +
> +static u32 drm_hdcp_get_revoked_ksv_count(const u8 *buf, u32 vrls_length)
> +{
> +       u32 parsed_bytes = 0, ksv_count = 0, vrl_ksv_cnt, vrl_sz;
> +
> +       while (parsed_bytes < vrls_length) {
> +               vrl_ksv_cnt = *buf;
> +               ksv_count += vrl_ksv_cnt;
> +
> +               vrl_sz = (vrl_ksv_cnt * DRM_HDCP_KSV_LEN) + 1;
> +               buf += vrl_sz;
> +               parsed_bytes += vrl_sz;
> +       }
> +
> +       /*
> +        * When vrls are not valid, ksvs are not considered.
> +        * Hence SRM will be discarded.
> +        */
> +       if (parsed_bytes != vrls_length)
> +               ksv_count = 0;
> +
> +       return ksv_count;
> +}
> +
> +static u32 drm_hdcp_get_revoked_ksvs(const u8 *buf, u8 *revoked_ksv_list,
> +                                    u32 vrls_length)
> +{
> +       u32 parsed_bytes = 0, ksv_count = 0;
> +       u32 vrl_ksv_cnt, vrl_ksv_sz, vrl_idx = 0;
> +
> +       do {
> +               vrl_ksv_cnt = *buf;
> +               vrl_ksv_sz = vrl_ksv_cnt * DRM_HDCP_KSV_LEN;
> +
> +               buf++;
> +
> +               DRM_DEBUG("vrl: %d, Revoked KSVs: %d\n", vrl_idx++,
> +                         vrl_ksv_cnt);
> +               memcpy(revoked_ksv_list, buf, vrl_ksv_sz);
> +
> +               ksv_count += vrl_ksv_cnt;
> +               revoked_ksv_list += vrl_ksv_sz;
> +               buf += vrl_ksv_sz;
> +
> +               parsed_bytes += (vrl_ksv_sz + 1);
> +       } while (parsed_bytes < vrls_length);
> +
> +       return ksv_count;
> +}
> +
> +static inline u32 get_vrl_length(const u8 *buf)
> +{
> +       return drm_hdcp_be24_to_cpu(buf);
> +}
> +
> +static int drm_hdcp_parse_hdcp1_srm(const u8 *buf, size_t count)
> +{
> +       struct hdcp_srm_header *header;
> +       u32 vrl_length, ksv_count;
> +
> +       if (count < (sizeof(struct hdcp_srm_header) +
> +           DRM_HDCP_1_4_VRL_LENGTH_SIZE + DRM_HDCP_1_4_DCP_SIG_SIZE)) {
> +               DRM_ERROR("Invalid blob length\n");
> +               return -EINVAL;
> +       }
> +
> +       header = (struct hdcp_srm_header *)buf;
> +       DRM_DEBUG("SRM ID: 0x%x, SRM Ver: 0x%x, SRM Gen No: 0x%x\n",
> +                 header->srm_id,
> +                 be16_to_cpu(header->srm_version), header->srm_gen_no);
> +
> +       WARN_ON(header->reserved);
> +
> +       buf = buf + sizeof(*header);
> +       vrl_length = get_vrl_length(buf);
> +       if (count < (sizeof(struct hdcp_srm_header) + vrl_length) ||
> +           vrl_length < (DRM_HDCP_1_4_VRL_LENGTH_SIZE +
> +                         DRM_HDCP_1_4_DCP_SIG_SIZE)) {
> +               DRM_ERROR("Invalid blob length or vrl length\n");
> +               return -EINVAL;
> +       }
> +
> +       /* Length of the all vrls combined */
> +       vrl_length -= (DRM_HDCP_1_4_VRL_LENGTH_SIZE +
> +                      DRM_HDCP_1_4_DCP_SIG_SIZE);
> +
> +       if (!vrl_length) {
> +               DRM_ERROR("No vrl found\n");
> +               return -EINVAL;
> +       }
> +
> +       buf += DRM_HDCP_1_4_VRL_LENGTH_SIZE;
> +       ksv_count = drm_hdcp_get_revoked_ksv_count(buf, vrl_length);
> +       if (!ksv_count) {
> +               DRM_DEBUG("Revoked KSV count is 0\n");
> +               return count;
> +       }
> +
> +       kfree(srm_data->revoked_ksv_list);
> +       srm_data->revoked_ksv_list = kcalloc(ksv_count, DRM_HDCP_KSV_LEN,
> +                                            GFP_KERNEL);
> +       if (!srm_data->revoked_ksv_list) {
> +               DRM_ERROR("Out of Memory\n");
> +               return -ENOMEM;
> +       }
> +
> +       if (drm_hdcp_get_revoked_ksvs(buf, srm_data->revoked_ksv_list,
> +                                     vrl_length) != ksv_count) {
> +               srm_data->revoked_ksv_cnt = 0;
> +               kfree(srm_data->revoked_ksv_list);
> +               return -EINVAL;
> +       }
> +
> +       srm_data->revoked_ksv_cnt = ksv_count;
> +       return count;
> +}
> +
> +static int drm_hdcp_parse_hdcp2_srm(const u8 *buf, size_t count)
> +{
> +       struct hdcp_srm_header *header;
> +       u32 vrl_length, ksv_count, ksv_sz;
> +
> +       if (count < (sizeof(struct hdcp_srm_header) +
> +           DRM_HDCP_2_VRL_LENGTH_SIZE + DRM_HDCP_2_DCP_SIG_SIZE)) {
> +               DRM_ERROR("Invalid blob length\n");
> +               return -EINVAL;
> +       }
> +
> +       header = (struct hdcp_srm_header *)buf;
> +       DRM_DEBUG("SRM ID: 0x%x, SRM Ver: 0x%x, SRM Gen No: 0x%x\n",
> +                 header->srm_id & DRM_HDCP_SRM_ID_MASK,
> +                 be16_to_cpu(header->srm_version), header->srm_gen_no);
> +
> +       if (header->reserved)
> +               return -EINVAL;
> +
> +       buf = buf + sizeof(*header);
> +       vrl_length = get_vrl_length(buf);
> +
> +       if (count < (sizeof(struct hdcp_srm_header) + vrl_length) ||
> +           vrl_length < (DRM_HDCP_2_VRL_LENGTH_SIZE +
> +           DRM_HDCP_2_DCP_SIG_SIZE)) {
> +               DRM_ERROR("Invalid blob length or vrl length\n");
> +               return -EINVAL;
> +       }
> +
> +       /* Length of the all vrls combined */
> +       vrl_length -= (DRM_HDCP_2_VRL_LENGTH_SIZE +
> +                      DRM_HDCP_2_DCP_SIG_SIZE);
> +
> +       if (!vrl_length) {
> +               DRM_ERROR("No vrl found\n");
> +               return -EINVAL;
> +       }
> +
> +       buf += DRM_HDCP_2_VRL_LENGTH_SIZE;
> +       ksv_count = (*buf << 2) | DRM_HDCP_2_KSV_COUNT_2_LSBITS(*(buf + 1));
> +       if (!ksv_count) {
> +               DRM_DEBUG("Revoked KSV count is 0\n");
> +               return count;
> +       }
> +
> +       kfree(srm_data->revoked_ksv_list);
> +       srm_data->revoked_ksv_list = kcalloc(ksv_count, DRM_HDCP_KSV_LEN,
> +                                            GFP_KERNEL);
> +       if (!srm_data->revoked_ksv_list) {
> +               DRM_ERROR("Out of Memory\n");
> +               return -ENOMEM;
> +       }
> +
> +       ksv_sz = ksv_count * DRM_HDCP_KSV_LEN;
> +       buf += DRM_HDCP_2_NO_OF_DEV_PLUS_RESERVED_SZ;
> +
> +       DRM_DEBUG("Revoked KSVs: %d\n", ksv_count);
> +       memcpy(srm_data->revoked_ksv_list, buf, ksv_sz);
> +
> +       srm_data->revoked_ksv_cnt = ksv_count;
> +       return count;
> +}
> +
> +static inline bool is_srm_version_hdcp1(const u8 *buf)
> +{
> +       return *buf == (u8)(DRM_HDCP_1_4_SRM_ID << 4);
> +}
> +
> +static inline bool is_srm_version_hdcp2(const u8 *buf)
> +{
> +       return *buf == (u8)(DRM_HDCP_2_SRM_ID << 4 | DRM_HDCP_2_INDICATOR);
> +}
> +
> +static void drm_hdcp_srm_update(const u8 *buf, size_t count)
> +{
> +       if (count < sizeof(struct hdcp_srm_header))
> +               return;
> +
> +       if (is_srm_version_hdcp1(buf))
> +               drm_hdcp_parse_hdcp1_srm(buf, count);
> +       else if (is_srm_version_hdcp2(buf))
> +               drm_hdcp_parse_hdcp2_srm(buf, count);
> +}
> +
> +void drm_hdcp_request_srm(struct drm_device *drm_dev)
> +{
> +       char fw_name[36] = "display_hdcp_srm.bin";
> +       const struct firmware *fw;
> +
> +       int ret;
> +
> +       ret = request_firmware_direct(&fw, (const char *)fw_name,
> +                                     drm_dev->dev);
> +       if (ret < 0)
> +               goto exit;
> +
> +       if (fw->size && fw->data)
> +               drm_hdcp_srm_update(fw->data, fw->size);
> +
> +exit:
> +       release_firmware(fw);
> +}
> +
> +/**
> + * drm_hdcp_check_ksvs_revoked - Check the revoked status of the IDs
> + *
> + * @drm_dev: drm_device for which HDCP revocation check is requested
> + * @ksvs: List of KSVs (HDCP receiver IDs)
> + * @ksv_count: KSV count passed in through @ksvs
> + *
> + * This function reads the HDCP System renewability Message(SRM Table)
> + * from userspace as a firmware and parses it for the revoked HDCP
> + * KSVs(Receiver IDs) detected by DCP LLC. Once the revoked KSVs are known,
> + * revoked state of the KSVs in the list passed in by display drivers are
> + * decided and response is sent.
> + *
> + * SRM should be presented in the name of "display_hdcp_srm.bin".
> + *
> + * Returns:
> + * TRUE on any of the KSV is revoked, else FALSE.
> + */
> +bool drm_hdcp_check_ksvs_revoked(struct drm_device *drm_dev, u8 *ksvs,
> +                                u32 ksv_count)
> +{
> +       u32 rev_ksv_cnt, cnt, i, j;
> +       u8 *rev_ksv_list;
> +
> +       if (!srm_data)
> +               return false;
> +
> +       mutex_lock(&srm_data->mutex);
> +       drm_hdcp_request_srm(drm_dev);
> +
> +       rev_ksv_cnt = srm_data->revoked_ksv_cnt;
> +       rev_ksv_list = srm_data->revoked_ksv_list;
> +
> +       /* If the Revoked ksv list is empty */
> +       if (!rev_ksv_cnt || !rev_ksv_list) {
> +               mutex_unlock(&srm_data->mutex);
> +               return false;
> +       }
> +
> +       for  (cnt = 0; cnt < ksv_count; cnt++) {
> +               rev_ksv_list = srm_data->revoked_ksv_list;
> +               for (i = 0; i < rev_ksv_cnt; i++) {
> +                       for (j = 0; j < DRM_HDCP_KSV_LEN; j++)
> +                               if (ksvs[j] != rev_ksv_list[j]) {
> +                                       break;
> +                               } else if (j == (DRM_HDCP_KSV_LEN - 1)) {
> +                                       DRM_DEBUG("Revoked KSV is ");
> +                                       drm_hdcp_print_ksv(ksvs);
> +                                       mutex_unlock(&srm_data->mutex);
> +                                       return true;
> +                               }
> +                       /* Move the offset to next KSV in the revoked list */
> +                       rev_ksv_list += DRM_HDCP_KSV_LEN;
> +               }
> +
> +               /* Iterate to next ksv_offset */
> +               ksvs += DRM_HDCP_KSV_LEN;
> +       }
> +       mutex_unlock(&srm_data->mutex);
> +       return false;
> +}
> +EXPORT_SYMBOL_GPL(drm_hdcp_check_ksvs_revoked);
> +
> +int drm_setup_hdcp_srm(struct class *drm_class)
> +{
> +       srm_data = kzalloc(sizeof(*srm_data), GFP_KERNEL);
> +       if (!srm_data)
> +               return -ENOMEM;
> +       mutex_init(&srm_data->mutex);
> +
> +       return 0;
> +}
> +
> +void drm_teardown_hdcp_srm(struct class *drm_class)
> +{
> +       if (srm_data) {
> +               kfree(srm_data->revoked_ksv_list);
> +               kfree(srm_data);
> +       }
> +}
> diff --git a/drivers/gpu/drm/drm_internal.h b/drivers/gpu/drm/drm_internal.h
> index e19ac7ca602d..476a422414f6 100644
> --- a/drivers/gpu/drm/drm_internal.h
> +++ b/drivers/gpu/drm/drm_internal.h
> @@ -201,3 +201,7 @@ int drm_syncobj_query_ioctl(struct drm_device *dev, void *data,
>  void drm_framebuffer_print_info(struct drm_printer *p, unsigned int indent,
>                                 const struct drm_framebuffer *fb);
>  int drm_framebuffer_debugfs_init(struct drm_minor *minor);
> +
> +/* drm_hdcp.c */
> +int drm_setup_hdcp_srm(struct class *drm_class);
> +void drm_teardown_hdcp_srm(struct class *drm_class);
> diff --git a/drivers/gpu/drm/drm_sysfs.c b/drivers/gpu/drm/drm_sysfs.c
> index ecb7b33002bb..18b1ac442997 100644
> --- a/drivers/gpu/drm/drm_sysfs.c
> +++ b/drivers/gpu/drm/drm_sysfs.c
> @@ -78,6 +78,7 @@ int drm_sysfs_init(void)
>         }
> 
>         drm_class->devnode = drm_devnode;
> +       drm_setup_hdcp_srm(drm_class);
>         return 0;
>  }
> 
> @@ -90,6 +91,7 @@ void drm_sysfs_destroy(void)
>  {
>         if (IS_ERR_OR_NULL(drm_class))
>                 return;
> +       drm_teardown_hdcp_srm(drm_class);
>         class_remove_file(drm_class, &class_attr_version.attr);
>         class_destroy(drm_class);
>         drm_class = NULL;
> diff --git a/include/drm/drm_hdcp.h b/include/drm/drm_hdcp.h
> index 1cc66df05a43..2f0335d0a50f 100644
> --- a/include/drm/drm_hdcp.h
> +++ b/include/drm/drm_hdcp.h
> @@ -265,4 +265,28 @@ void drm_hdcp_cpu_to_be24(u8 seq_num[HDCP_2_2_SEQ_NUM_LEN], u32 val)
>         seq_num[2] = val;
>  }
> 
> +#define DRM_HDCP_SRM_GEN1_MAX_BYTES            (5 * 1024)
> +#define DRM_HDCP_1_4_SRM_ID                    0x8
> +#define DRM_HDCP_SRM_ID_MASK                   (0xF << 4)
> +#define DRM_HDCP_1_4_VRL_LENGTH_SIZE           3
> +#define DRM_HDCP_1_4_DCP_SIG_SIZE              40
> +#define DRM_HDCP_2_SRM_ID                      0x9
> +#define DRM_HDCP_2_INDICATOR                   0x1
> +#define DRM_HDCP_2_INDICATOR_MASK              0xF
> +#define DRM_HDCP_2_VRL_LENGTH_SIZE             3
> +#define DRM_HDCP_2_DCP_SIG_SIZE                        384
> +#define DRM_HDCP_2_NO_OF_DEV_PLUS_RESERVED_SZ  4
> +#define DRM_HDCP_2_KSV_COUNT_2_LSBITS(byte)    (((byte) & 0xC) >> 6)
> +
> +struct hdcp_srm_header {
> +       u8 srm_id;
> +       u8 reserved;
> +       __be16 srm_version;
> +       u8 srm_gen_no;
> +} __packed;
> +
> +struct drm_device;
> +
> +bool drm_hdcp_check_ksvs_revoked(struct drm_device *dev,
> +                                u8 *ksvs, u32 ksv_count);
>  #endif
> --
> 2.19.1
> 
> _______________________________________________
> dri-devel mailing list
> dri-devel at lists.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/dri-devel
> 


More information about the dri-devel mailing list