[PATCH v7 04/11] drm: revocation check at drm subsystem
Ramalingam C
ramalingam.c at intel.com
Thu Sep 12 06:54:55 UTC 2019
On 2019-09-12 at 00:15:32 +0000, Harry Wentland wrote:
> Adding a couple AMD guys.
>
> I know this is already merged but I have a few questions after some
> internal discussions.
>
> On 2019-05-07 12:27 p.m., Ramalingam C wrote:
> > On every hdcp revocation check request SRM is read from fw file
> > /lib/firmware/display_hdcp_srm.bin
> >
>
> According to section 5 of the HDCP 2.3 spec [1] a device compliant with
> HDCP 2.0 and higher must be capable of storing and updating the SRM in
> non-volatile memory. Section 5.2 describes how this SRM needs to be
> updated when a new version is served alongside protected content.
>
> Isn't /lib/firmware intended for static firmware making updates to the
> folder problematic for anyone but the system's package maintainer? I've
> heard /lib might even be treated as read-only in certain environments.
> This would mean it'd be impossible to support HDCP 2.x on those systems.
>
> Wouldn't it be easier to provide a sysfs entry for SRM that allows
> userspace (e.g. system startup/shutdown scripts) to (a) retrieve the SRM
> from the HDCP implementation for non-volatile storage and (b) to pass
> the SRM to the HDCP implementation for revocation checking?
This uAPI is decided considering below points:
userspace will handle the non-volatile storage of the SRM table and it's upgrade
with latest versions received from content providers etc.
Prior to any HDCP auth request userspace will write the latest SRM into
the /lib/firmware.
And regarding the interface, binary sysfs based implementation [1] was opposed by Greg KH.
And after the discussion on different alternate i/fs [2] request
firmware is choosen.
[1]. https://patchwork.freedesktop.org/patch/296442/?series=57232&rev=5uAPI
[2]. https://patchwork.freedesktop.org/patch/296439/?series=57232&rev=5
I hope this addresses the questions above.
-Ram
>
> [1]
> https://www.digital-cp.com/sites/default/files/HDCP%20on%20HDMI%20Specification%20Rev2_3.pdf
>
> Thanks,
> Harry
>
> > SRM table is parsed and stored at drm_hdcp.c, with functions exported
> > for the services for revocation check from drivers (which
> > implements the HDCP authentication)
> >
> > This patch handles the HDCP1.4 and 2.2 versions of SRM table.
> >
> > v2:
> > moved the uAPI to request_firmware_direct() [Daniel]
> > v3:
> > kdoc added. [Daniel]
> > srm_header unified and bit field definitions are removed. [Daniel]
> > locking improved. [Daniel]
> > vrl length violation is fixed. [Daniel]
> > v4:
> > s/__swab16/be16_to_cpu [Daniel]
> > be24_to_cpu is done through a global func [Daniel]
> > Unused variables are removed. [Daniel]
> > unchecked return values are dropped from static funcs [Daniel]
> >
> > Signed-off-by: Ramalingam C <ramalingam.c at intel.com>
> > Acked-by: Satyeshwar Singh <satyeshwar.singh at intel.com>
> > Reviewed-by: Daniel Vetter <daniel at ffwll.ch>
> > ---
> > Documentation/gpu/drm-kms-helpers.rst | 6 +
> > drivers/gpu/drm/Makefile | 2 +-
> > drivers/gpu/drm/drm_hdcp.c | 333 ++++++++++++++++++++++++++
> > drivers/gpu/drm/drm_internal.h | 4 +
> > drivers/gpu/drm/drm_sysfs.c | 2 +
> > include/drm/drm_hdcp.h | 24 ++
> > 6 files changed, 370 insertions(+), 1 deletion(-)
> > create mode 100644 drivers/gpu/drm/drm_hdcp.c
> >
> > diff --git a/Documentation/gpu/drm-kms-helpers.rst b/Documentation/gpu/drm-kms-helpers.rst
> > index 14102ae035dc..0fe726a6ee67 100644
> > --- a/Documentation/gpu/drm-kms-helpers.rst
> > +++ b/Documentation/gpu/drm-kms-helpers.rst
> > @@ -181,6 +181,12 @@ Panel Helper Reference
> > .. kernel-doc:: drivers/gpu/drm/drm_panel_orientation_quirks.c
> > :export:
> >
> > +HDCP Helper Functions Reference
> > +===============================
> > +
> > +.. kernel-doc:: drivers/gpu/drm/drm_hdcp.c
> > + :export:
> > +
> > Display Port Helper Functions Reference
> > =======================================
> >
> > diff --git a/drivers/gpu/drm/Makefile b/drivers/gpu/drm/Makefile
> > index 72f5036d9bfa..dd02e9dec810 100644
> > --- a/drivers/gpu/drm/Makefile
> > +++ b/drivers/gpu/drm/Makefile
> > @@ -17,7 +17,7 @@ drm-y := drm_auth.o drm_cache.o \
> > drm_plane.o drm_color_mgmt.o drm_print.o \
> > drm_dumb_buffers.o drm_mode_config.o drm_vblank.o \
> > drm_syncobj.o drm_lease.o drm_writeback.o drm_client.o \
> > - drm_atomic_uapi.o
> > + drm_atomic_uapi.o drm_hdcp.o
> >
> > drm-$(CONFIG_DRM_LEGACY) += drm_legacy_misc.o drm_bufs.o drm_context.o drm_dma.o drm_scatter.o drm_lock.o
> > drm-$(CONFIG_DRM_LIB_RANDOM) += lib/drm_random.o
> > diff --git a/drivers/gpu/drm/drm_hdcp.c b/drivers/gpu/drm/drm_hdcp.c
> > new file mode 100644
> > index 000000000000..5e5409505c31
> > --- /dev/null
> > +++ b/drivers/gpu/drm/drm_hdcp.c
> > @@ -0,0 +1,333 @@
> > +// SPDX-License-Identifier: GPL-2.0
> > +/*
> > + * Copyright (C) 2019 Intel Corporation.
> > + *
> > + * Authors:
> > + * Ramalingam C <ramalingam.c at intel.com>
> > + */
> > +
> > +#include <linux/device.h>
> > +#include <linux/err.h>
> > +#include <linux/gfp.h>
> > +#include <linux/export.h>
> > +#include <linux/slab.h>
> > +#include <linux/firmware.h>
> > +
> > +#include <drm/drm_hdcp.h>
> > +#include <drm/drm_sysfs.h>
> > +#include <drm/drm_print.h>
> > +#include <drm/drm_device.h>
> > +
> > +struct hdcp_srm {
> > + u32 revoked_ksv_cnt;
> > + u8 *revoked_ksv_list;
> > +
> > + /* Mutex to protect above struct member */
> > + struct mutex mutex;
> > +} *srm_data;
> > +
> > +static inline void drm_hdcp_print_ksv(const u8 *ksv)
> > +{
> > + DRM_DEBUG("\t%#02x, %#02x, %#02x, %#02x, %#02x\n",
> > + ksv[0], ksv[1], ksv[2], ksv[3], ksv[4]);
> > +}
> > +
> > +static u32 drm_hdcp_get_revoked_ksv_count(const u8 *buf, u32 vrls_length)
> > +{
> > + u32 parsed_bytes = 0, ksv_count = 0, vrl_ksv_cnt, vrl_sz;
> > +
> > + while (parsed_bytes < vrls_length) {
> > + vrl_ksv_cnt = *buf;
> > + ksv_count += vrl_ksv_cnt;
> > +
> > + vrl_sz = (vrl_ksv_cnt * DRM_HDCP_KSV_LEN) + 1;
> > + buf += vrl_sz;
> > + parsed_bytes += vrl_sz;
> > + }
> > +
> > + /*
> > + * When vrls are not valid, ksvs are not considered.
> > + * Hence SRM will be discarded.
> > + */
> > + if (parsed_bytes != vrls_length)
> > + ksv_count = 0;
> > +
> > + return ksv_count;
> > +}
> > +
> > +static u32 drm_hdcp_get_revoked_ksvs(const u8 *buf, u8 *revoked_ksv_list,
> > + u32 vrls_length)
> > +{
> > + u32 parsed_bytes = 0, ksv_count = 0;
> > + u32 vrl_ksv_cnt, vrl_ksv_sz, vrl_idx = 0;
> > +
> > + do {
> > + vrl_ksv_cnt = *buf;
> > + vrl_ksv_sz = vrl_ksv_cnt * DRM_HDCP_KSV_LEN;
> > +
> > + buf++;
> > +
> > + DRM_DEBUG("vrl: %d, Revoked KSVs: %d\n", vrl_idx++,
> > + vrl_ksv_cnt);
> > + memcpy(revoked_ksv_list, buf, vrl_ksv_sz);
> > +
> > + ksv_count += vrl_ksv_cnt;
> > + revoked_ksv_list += vrl_ksv_sz;
> > + buf += vrl_ksv_sz;
> > +
> > + parsed_bytes += (vrl_ksv_sz + 1);
> > + } while (parsed_bytes < vrls_length);
> > +
> > + return ksv_count;
> > +}
> > +
> > +static inline u32 get_vrl_length(const u8 *buf)
> > +{
> > + return drm_hdcp_be24_to_cpu(buf);
> > +}
> > +
> > +static int drm_hdcp_parse_hdcp1_srm(const u8 *buf, size_t count)
> > +{
> > + struct hdcp_srm_header *header;
> > + u32 vrl_length, ksv_count;
> > +
> > + if (count < (sizeof(struct hdcp_srm_header) +
> > + DRM_HDCP_1_4_VRL_LENGTH_SIZE + DRM_HDCP_1_4_DCP_SIG_SIZE)) {
> > + DRM_ERROR("Invalid blob length\n");
> > + return -EINVAL;
> > + }
> > +
> > + header = (struct hdcp_srm_header *)buf;
> > + DRM_DEBUG("SRM ID: 0x%x, SRM Ver: 0x%x, SRM Gen No: 0x%x\n",
> > + header->srm_id,
> > + be16_to_cpu(header->srm_version), header->srm_gen_no);
> > +
> > + WARN_ON(header->reserved);
> > +
> > + buf = buf + sizeof(*header);
> > + vrl_length = get_vrl_length(buf);
> > + if (count < (sizeof(struct hdcp_srm_header) + vrl_length) ||
> > + vrl_length < (DRM_HDCP_1_4_VRL_LENGTH_SIZE +
> > + DRM_HDCP_1_4_DCP_SIG_SIZE)) {
> > + DRM_ERROR("Invalid blob length or vrl length\n");
> > + return -EINVAL;
> > + }
> > +
> > + /* Length of the all vrls combined */
> > + vrl_length -= (DRM_HDCP_1_4_VRL_LENGTH_SIZE +
> > + DRM_HDCP_1_4_DCP_SIG_SIZE);
> > +
> > + if (!vrl_length) {
> > + DRM_ERROR("No vrl found\n");
> > + return -EINVAL;
> > + }
> > +
> > + buf += DRM_HDCP_1_4_VRL_LENGTH_SIZE;
> > + ksv_count = drm_hdcp_get_revoked_ksv_count(buf, vrl_length);
> > + if (!ksv_count) {
> > + DRM_DEBUG("Revoked KSV count is 0\n");
> > + return count;
> > + }
> > +
> > + kfree(srm_data->revoked_ksv_list);
> > + srm_data->revoked_ksv_list = kcalloc(ksv_count, DRM_HDCP_KSV_LEN,
> > + GFP_KERNEL);
> > + if (!srm_data->revoked_ksv_list) {
> > + DRM_ERROR("Out of Memory\n");
> > + return -ENOMEM;
> > + }
> > +
> > + if (drm_hdcp_get_revoked_ksvs(buf, srm_data->revoked_ksv_list,
> > + vrl_length) != ksv_count) {
> > + srm_data->revoked_ksv_cnt = 0;
> > + kfree(srm_data->revoked_ksv_list);
> > + return -EINVAL;
> > + }
> > +
> > + srm_data->revoked_ksv_cnt = ksv_count;
> > + return count;
> > +}
> > +
> > +static int drm_hdcp_parse_hdcp2_srm(const u8 *buf, size_t count)
> > +{
> > + struct hdcp_srm_header *header;
> > + u32 vrl_length, ksv_count, ksv_sz;
> > +
> > + if (count < (sizeof(struct hdcp_srm_header) +
> > + DRM_HDCP_2_VRL_LENGTH_SIZE + DRM_HDCP_2_DCP_SIG_SIZE)) {
> > + DRM_ERROR("Invalid blob length\n");
> > + return -EINVAL;
> > + }
> > +
> > + header = (struct hdcp_srm_header *)buf;
> > + DRM_DEBUG("SRM ID: 0x%x, SRM Ver: 0x%x, SRM Gen No: 0x%x\n",
> > + header->srm_id & DRM_HDCP_SRM_ID_MASK,
> > + be16_to_cpu(header->srm_version), header->srm_gen_no);
> > +
> > + if (header->reserved)
> > + return -EINVAL;
> > +
> > + buf = buf + sizeof(*header);
> > + vrl_length = get_vrl_length(buf);
> > +
> > + if (count < (sizeof(struct hdcp_srm_header) + vrl_length) ||
> > + vrl_length < (DRM_HDCP_2_VRL_LENGTH_SIZE +
> > + DRM_HDCP_2_DCP_SIG_SIZE)) {
> > + DRM_ERROR("Invalid blob length or vrl length\n");
> > + return -EINVAL;
> > + }
> > +
> > + /* Length of the all vrls combined */
> > + vrl_length -= (DRM_HDCP_2_VRL_LENGTH_SIZE +
> > + DRM_HDCP_2_DCP_SIG_SIZE);
> > +
> > + if (!vrl_length) {
> > + DRM_ERROR("No vrl found\n");
> > + return -EINVAL;
> > + }
> > +
> > + buf += DRM_HDCP_2_VRL_LENGTH_SIZE;
> > + ksv_count = (*buf << 2) | DRM_HDCP_2_KSV_COUNT_2_LSBITS(*(buf + 1));
> > + if (!ksv_count) {
> > + DRM_DEBUG("Revoked KSV count is 0\n");
> > + return count;
> > + }
> > +
> > + kfree(srm_data->revoked_ksv_list);
> > + srm_data->revoked_ksv_list = kcalloc(ksv_count, DRM_HDCP_KSV_LEN,
> > + GFP_KERNEL);
> > + if (!srm_data->revoked_ksv_list) {
> > + DRM_ERROR("Out of Memory\n");
> > + return -ENOMEM;
> > + }
> > +
> > + ksv_sz = ksv_count * DRM_HDCP_KSV_LEN;
> > + buf += DRM_HDCP_2_NO_OF_DEV_PLUS_RESERVED_SZ;
> > +
> > + DRM_DEBUG("Revoked KSVs: %d\n", ksv_count);
> > + memcpy(srm_data->revoked_ksv_list, buf, ksv_sz);
> > +
> > + srm_data->revoked_ksv_cnt = ksv_count;
> > + return count;
> > +}
> > +
> > +static inline bool is_srm_version_hdcp1(const u8 *buf)
> > +{
> > + return *buf == (u8)(DRM_HDCP_1_4_SRM_ID << 4);
> > +}
> > +
> > +static inline bool is_srm_version_hdcp2(const u8 *buf)
> > +{
> > + return *buf == (u8)(DRM_HDCP_2_SRM_ID << 4 | DRM_HDCP_2_INDICATOR);
> > +}
> > +
> > +static void drm_hdcp_srm_update(const u8 *buf, size_t count)
> > +{
> > + if (count < sizeof(struct hdcp_srm_header))
> > + return;
> > +
> > + if (is_srm_version_hdcp1(buf))
> > + drm_hdcp_parse_hdcp1_srm(buf, count);
> > + else if (is_srm_version_hdcp2(buf))
> > + drm_hdcp_parse_hdcp2_srm(buf, count);
> > +}
> > +
> > +void drm_hdcp_request_srm(struct drm_device *drm_dev)
> > +{
> > + char fw_name[36] = "display_hdcp_srm.bin";
> > + const struct firmware *fw;
> > +
> > + int ret;
> > +
> > + ret = request_firmware_direct(&fw, (const char *)fw_name,
> > + drm_dev->dev);
> > + if (ret < 0)
> > + goto exit;
> > +
> > + if (fw->size && fw->data)
> > + drm_hdcp_srm_update(fw->data, fw->size);
> > +
> > +exit:
> > + release_firmware(fw);
> > +}
> > +
> > +/**
> > + * drm_hdcp_check_ksvs_revoked - Check the revoked status of the IDs
> > + *
> > + * @drm_dev: drm_device for which HDCP revocation check is requested
> > + * @ksvs: List of KSVs (HDCP receiver IDs)
> > + * @ksv_count: KSV count passed in through @ksvs
> > + *
> > + * This function reads the HDCP System renewability Message(SRM Table)
> > + * from userspace as a firmware and parses it for the revoked HDCP
> > + * KSVs(Receiver IDs) detected by DCP LLC. Once the revoked KSVs are known,
> > + * revoked state of the KSVs in the list passed in by display drivers are
> > + * decided and response is sent.
> > + *
> > + * SRM should be presented in the name of "display_hdcp_srm.bin".
> > + *
> > + * Returns:
> > + * TRUE on any of the KSV is revoked, else FALSE.
> > + */
> > +bool drm_hdcp_check_ksvs_revoked(struct drm_device *drm_dev, u8 *ksvs,
> > + u32 ksv_count)
> > +{
> > + u32 rev_ksv_cnt, cnt, i, j;
> > + u8 *rev_ksv_list;
> > +
> > + if (!srm_data)
> > + return false;
> > +
> > + mutex_lock(&srm_data->mutex);
> > + drm_hdcp_request_srm(drm_dev);
> > +
> > + rev_ksv_cnt = srm_data->revoked_ksv_cnt;
> > + rev_ksv_list = srm_data->revoked_ksv_list;
> > +
> > + /* If the Revoked ksv list is empty */
> > + if (!rev_ksv_cnt || !rev_ksv_list) {
> > + mutex_unlock(&srm_data->mutex);
> > + return false;
> > + }
> > +
> > + for (cnt = 0; cnt < ksv_count; cnt++) {
> > + rev_ksv_list = srm_data->revoked_ksv_list;
> > + for (i = 0; i < rev_ksv_cnt; i++) {
> > + for (j = 0; j < DRM_HDCP_KSV_LEN; j++)
> > + if (ksvs[j] != rev_ksv_list[j]) {
> > + break;
> > + } else if (j == (DRM_HDCP_KSV_LEN - 1)) {
> > + DRM_DEBUG("Revoked KSV is ");
> > + drm_hdcp_print_ksv(ksvs);
> > + mutex_unlock(&srm_data->mutex);
> > + return true;
> > + }
> > + /* Move the offset to next KSV in the revoked list */
> > + rev_ksv_list += DRM_HDCP_KSV_LEN;
> > + }
> > +
> > + /* Iterate to next ksv_offset */
> > + ksvs += DRM_HDCP_KSV_LEN;
> > + }
> > + mutex_unlock(&srm_data->mutex);
> > + return false;
> > +}
> > +EXPORT_SYMBOL_GPL(drm_hdcp_check_ksvs_revoked);
> > +
> > +int drm_setup_hdcp_srm(struct class *drm_class)
> > +{
> > + srm_data = kzalloc(sizeof(*srm_data), GFP_KERNEL);
> > + if (!srm_data)
> > + return -ENOMEM;
> > + mutex_init(&srm_data->mutex);
> > +
> > + return 0;
> > +}
> > +
> > +void drm_teardown_hdcp_srm(struct class *drm_class)
> > +{
> > + if (srm_data) {
> > + kfree(srm_data->revoked_ksv_list);
> > + kfree(srm_data);
> > + }
> > +}
> > diff --git a/drivers/gpu/drm/drm_internal.h b/drivers/gpu/drm/drm_internal.h
> > index e19ac7ca602d..476a422414f6 100644
> > --- a/drivers/gpu/drm/drm_internal.h
> > +++ b/drivers/gpu/drm/drm_internal.h
> > @@ -201,3 +201,7 @@ int drm_syncobj_query_ioctl(struct drm_device *dev, void *data,
> > void drm_framebuffer_print_info(struct drm_printer *p, unsigned int indent,
> > const struct drm_framebuffer *fb);
> > int drm_framebuffer_debugfs_init(struct drm_minor *minor);
> > +
> > +/* drm_hdcp.c */
> > +int drm_setup_hdcp_srm(struct class *drm_class);
> > +void drm_teardown_hdcp_srm(struct class *drm_class);
> > diff --git a/drivers/gpu/drm/drm_sysfs.c b/drivers/gpu/drm/drm_sysfs.c
> > index ecb7b33002bb..18b1ac442997 100644
> > --- a/drivers/gpu/drm/drm_sysfs.c
> > +++ b/drivers/gpu/drm/drm_sysfs.c
> > @@ -78,6 +78,7 @@ int drm_sysfs_init(void)
> > }
> >
> > drm_class->devnode = drm_devnode;
> > + drm_setup_hdcp_srm(drm_class);
> > return 0;
> > }
> >
> > @@ -90,6 +91,7 @@ void drm_sysfs_destroy(void)
> > {
> > if (IS_ERR_OR_NULL(drm_class))
> > return;
> > + drm_teardown_hdcp_srm(drm_class);
> > class_remove_file(drm_class, &class_attr_version.attr);
> > class_destroy(drm_class);
> > drm_class = NULL;
> > diff --git a/include/drm/drm_hdcp.h b/include/drm/drm_hdcp.h
> > index 1cc66df05a43..2f0335d0a50f 100644
> > --- a/include/drm/drm_hdcp.h
> > +++ b/include/drm/drm_hdcp.h
> > @@ -265,4 +265,28 @@ void drm_hdcp_cpu_to_be24(u8 seq_num[HDCP_2_2_SEQ_NUM_LEN], u32 val)
> > seq_num[2] = val;
> > }
> >
> > +#define DRM_HDCP_SRM_GEN1_MAX_BYTES (5 * 1024)
> > +#define DRM_HDCP_1_4_SRM_ID 0x8
> > +#define DRM_HDCP_SRM_ID_MASK (0xF << 4)
> > +#define DRM_HDCP_1_4_VRL_LENGTH_SIZE 3
> > +#define DRM_HDCP_1_4_DCP_SIG_SIZE 40
> > +#define DRM_HDCP_2_SRM_ID 0x9
> > +#define DRM_HDCP_2_INDICATOR 0x1
> > +#define DRM_HDCP_2_INDICATOR_MASK 0xF
> > +#define DRM_HDCP_2_VRL_LENGTH_SIZE 3
> > +#define DRM_HDCP_2_DCP_SIG_SIZE 384
> > +#define DRM_HDCP_2_NO_OF_DEV_PLUS_RESERVED_SZ 4
> > +#define DRM_HDCP_2_KSV_COUNT_2_LSBITS(byte) (((byte) & 0xC) >> 6)
> > +
> > +struct hdcp_srm_header {
> > + u8 srm_id;
> > + u8 reserved;
> > + __be16 srm_version;
> > + u8 srm_gen_no;
> > +} __packed;
> > +
> > +struct drm_device;
> > +
> > +bool drm_hdcp_check_ksvs_revoked(struct drm_device *dev,
> > + u8 *ksvs, u32 ksv_count);
> > #endif
> > --
> > 2.19.1
> >
> > _______________________________________________
> > dri-devel mailing list
> > dri-devel at lists.freedesktop.org
> > https://lists.freedesktop.org/mailman/listinfo/dri-devel
> >
More information about the dri-devel
mailing list