[PATCH v2 1/3] Subject: [PATCH] drm/mediatek/dp: Add tee client application for HDCP feature
AngeloGioacchino Del Regno
angelogioacchino.delregno at collabora.com
Tue Feb 6 15:34:29 UTC 2024
Il 05/02/24 06:50, mac.shen ha scritto:
> Add tee client application which will be used for
> HDCP 1.x and 2.x authentication in DisplayPort.
>
> Changes in v2:
> - remove ca folder, and change file name with lower case
> - refine the tci_t structure to make the data to tee can
> through this structure
> - remove aux and regs from mtk_hdcp_info structure
> - remove some definitions, and use the definitions in
> include/drm/drm_hdcp.h
> - remove useless code
> per suggestion from the previous thread:
> https://lore.kernel.org/all/8fff59b5567449d8201dd1138c8fa
> 9218a545c46.camel at mediatek.com/
>
> Signed-off-by: mac.shen <mac.shen at mediatek.com>
> ---
> drivers/gpu/drm/mediatek/Makefile | 5 +-
> drivers/gpu/drm/mediatek/tci.h | 156 +++++++
> drivers/gpu/drm/mediatek/tlc_dp_hdcp.c | 598 +++++++++++++++++++++++++
> drivers/gpu/drm/mediatek/tlc_dp_hdcp.h | 414 +++++++++++++++++
> 4 files changed, 1172 insertions(+), 1 deletion(-)
> create mode 100644 drivers/gpu/drm/mediatek/tci.h
> create mode 100644 drivers/gpu/drm/mediatek/tlc_dp_hdcp.c
> create mode 100644 drivers/gpu/drm/mediatek/tlc_dp_hdcp.h
>
> diff --git a/drivers/gpu/drm/mediatek/Makefile b/drivers/gpu/drm/mediatek/Makefile
> index d4d193f60271..c80e6c2f9336 100644
> --- a/drivers/gpu/drm/mediatek/Makefile
> +++ b/drivers/gpu/drm/mediatek/Makefile
> @@ -26,4 +26,7 @@ mediatek-drm-hdmi-objs := mtk_cec.o \
>
> obj-$(CONFIG_DRM_MEDIATEK_HDMI) += mediatek-drm-hdmi.o
>
> -obj-$(CONFIG_DRM_MEDIATEK_DP) += mtk_dp.o
> +mtk-dp-objs := tlc_dp_hdcp.o \
> + mtk_dp.o
> +
> +obj-$(CONFIG_DRM_MEDIATEK_DP) += mtk-dp.o
> diff --git a/drivers/gpu/drm/mediatek/tci.h b/drivers/gpu/drm/mediatek/tci.h
> new file mode 100644
> index 000000000000..f2239ea3ffbf
> --- /dev/null
> +++ b/drivers/gpu/drm/mediatek/tci.h
> @@ -0,0 +1,156 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +/*
> + * Copyright (c) 2019-2024 MediaTek Inc.
> + */
> +
> +#ifndef _TCI_H_
> +#define _TCI_H_
> +
> +#include <drm/display/drm_hdcp.h>
> +
> +#define CMD_DEVICE_ADDED 1
> +#define CMD_DEVICE_REMOVE 2
> +#define CMD_WRITE_VAL 3
> +#define CMD_DEVICE_CLEAN 4
> +#define CMD_ENABLE_ENCRYPT 5
> +
> +/* V1.3 */
> +#define CMD_CALCULATE_LM 11
> +#define CMD_COMPARE_R0 12
> +#define CMD_COMPARE_V1 13
> +#define CMD_GET_AKSV 14
> +
> +/* V2.2 */
> +#define CMD_AKE_CERTIFICATE 20
> +#define CMD_ENC_KM 21
> +#define CMD_AKE_H_PRIME 22
> +#define CMD_AKE_PARING 23
> +#define CMD_LC_L_PRIME 24
> +#define CMD_COMPARE_L 25
> +#define CMD_SKE_CAL_EKS 26
> +
> +#define CMD_COMPARE_V2 27
> +#define CMD_COMPARE_M 28
> +
> +/* Need remove in furture */
> +#define CMD_LOAD_KEY 50
> +
> +#define RET_COMPARE_PASS 0
> +#define RET_COMPARE_FAIL 1
> +#define RET_NEW_DEVICE 2
> +#define RET_STORED_DEVICE 3
> +
> +#define TYPE_HDCP_PARAM_AN 10
> +#define TYPE_HDCP_PARAM_RST_1 11
> +#define TYPE_HDCP_PARAM_RST_2 12
> +#define TYPE_HDCP_ENABLE_ENCRYPT 13
> +#define TYPE_HDCP_DISABLE_ENCRYPT 14
> +
> +#define TYPE_HDCP13_KEY 20
> +#define TYPE_HDCP22_KEY 21
> +
> +// reserved:2
Please, C-style comments only.
> +#define HDCP2_CERTRX_LEN (HDCP_2_2_RECEIVER_ID_LEN + HDCP_2_2_K_PUB_RX_LEN + \
> + 2 + HDCP_2_2_DCP_LLC_SIG_LEN)
> +// version:1
> +#define HDCP_2_2_TXCAPS_LEN (HDCP_2_2_TXCAP_MASK_LEN + 1)
> +#define PARAM_LEN 1024
> +
> +#define TCI_LENGTH sizeof(struct tci_t)
> +
> +struct cmd_hdcp_init_for_verion_t {
> + u32 version;
> + bool need_load_key;
> +};
> +
> +struct cmd_hdcp_write_val_t {
> + u8 type;
> + u8 len;
> + u8 val[DRM_HDCP_AN_LEN];
> +};
> +
> +struct cmd_hdcp_calculate_lm_t {
> + u8 bksv[DRM_HDCP_KSV_LEN];
> +};
> +
> +struct cmd_hdcp_get_aksv_t {
> + u8 aksv[DRM_HDCP_KSV_LEN];
> +};
> +
> +struct cmd_hdcp_ake_certificate_t {
> + u8 certification[HDCP2_CERTRX_LEN];
> + bool stored;
> + u8 m[HDCP_2_2_E_KH_KM_M_LEN - HDCP_2_2_E_KH_KM_LEN];
> + u8 ekm[HDCP_2_2_E_KH_KM_LEN];
> +};
> +
> +struct cmd_hdcp_ake_paring_t {
> + u8 ekm[HDCP_2_2_E_KH_KM_LEN];
> +};
> +
> +struct cmd_hdcp_enc_km_t {
> + u8 enc_km[HDCP_2_2_E_KPUB_KM_LEN];
> +};
> +
> +struct cmd_hdcp_ake_h_prime_t {
> + u8 rtx[HDCP_2_2_RTX_LEN];
> + u8 rrx[HDCP_2_2_RRX_LEN];
> + u8 rx_caps[HDCP_2_2_RXCAPS_LEN];
> + u8 tx_caps[HDCP_2_2_TXCAPS_LEN];
> + u32 rx_h_len;
> + u8 rx_h[HDCP_2_2_H_PRIME_LEN];
> +};
> +
> +struct cmd_hdcp_lc_l_prime_t {
> + u8 rn[HDCP_2_2_RN_LEN];
> + u32 rx_l_len;
> + u8 rx_l[HDCP_2_2_L_PRIME_LEN];
> +};
> +
> +struct cmd_hdcp_ske_eks_t {
> + u8 riv[HDCP_2_2_RIV_LEN];
> + u32 eks_len;
> + u32 eks;
> +};
> +
> +struct cmd_hdcp_compare_t {
> + u32 rx_val_len;
> + u8 rx_val[HDCP_2_2_MPRIME_LEN];
> + u32 param_len;
> + u8 param[PARAM_LEN];
> + u32 out_len;
> + u32 out;
> +};
> +
> +union tci_cmd_body_t {
> + /* Init with special HDCP version */
> + struct cmd_hdcp_init_for_verion_t cmd_hdcp_init_for_verion;
> + /* Write uint32 data to hw */
> + struct cmd_hdcp_write_val_t cmd_hdcp_write_val;
> + /* Get aksv */
> + struct cmd_hdcp_get_aksv_t cmd_hdcp_get_aksv;
> + /* Calculate r0 */
> + struct cmd_hdcp_calculate_lm_t cmd_hdcp_calculate_lm;
> + /* Generate signature for certificate */
> + struct cmd_hdcp_ake_certificate_t cmd_hdcp_ake_certificate;
> + /* To store ekm */
> + struct cmd_hdcp_ake_paring_t cmd_hdcp_ake_paring;
> + /* Encrypt km for V2.2 */
> + struct cmd_hdcp_enc_km_t cmd_hdcp_enc_km;
> + /* Compute H prime */
> + struct cmd_hdcp_ake_h_prime_t cmd_hdcp_ake_h_prime;
> + /* Compute L prime */
> + struct cmd_hdcp_lc_l_prime_t cmd_hdcp_lc_l_prime;
> + /* Compute eks */
> + struct cmd_hdcp_ske_eks_t cmd_hdcp_ske_eks;
> + /* Compare */
> + struct cmd_hdcp_compare_t cmd_hdcp_compare;
> +} __packed;
> +
> +struct tci_t {
> + u32 command_id;
> + u32 return_code;
> + union tci_cmd_body_t cmd_body;
> +};
> +
> +#endif /* _TCI_H_ */
> diff --git a/drivers/gpu/drm/mediatek/tlc_dp_hdcp.c b/drivers/gpu/drm/mediatek/tlc_dp_hdcp.c
> new file mode 100644
> index 000000000000..147329324648
> --- /dev/null
> +++ b/drivers/gpu/drm/mediatek/tlc_dp_hdcp.c
> @@ -0,0 +1,598 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * Copyright (c) 2019-2024 MediaTek Inc.
> + */
> +
> +#include <linux/types.h>
> +#include <linux/string.h>
> +#include <linux/slab.h>
> +#include "tlc_dp_hdcp.h"
> +
> +#define DEFAULT_WRITE_VAL_LEN 1
> +#define DEFAULT_WRITE_VAL 0
> +
> +/*
> + * TA_FTPM_UUID: 99975014-3c7c-54ea-8487-a80d215ea92c
> + *
> + * Randomly generated, and must correspond to the GUID on the TA side.
> + * Defined here in the reference implementation:
> + * https://github.com/microsoft/ms-tpm-20-ref/blob/master/Samples/ARM32-FirmwareTPM/optee_ta/fTPM/include/fTPM.h#L42
> + */
> +static const uuid_t dp_ta_uuid =
> + UUID_INIT(0x99975014, 0x3c7c, 0x54ea,
> + 0x84, 0x87, 0xa8, 0x0d, 0x21, 0x5e, 0xa9, 0x2c);
> +
> +/**
> + * dp_tee_op_send() - send dp commands through the TEE shared memory.
> + * @len: the number of bytes to send.
> + *
> + * Return:
> + * In case of success, returns 0.
> + * On failure, -errno
I think that's not what you want as final format, please check the documentation.
https://docs.kernel.org/doc-guide/kernel-doc.html#return-values
> + */
> +static int dp_tee_op_send(struct dp_tee_private *dp_tee_priv, size_t len, u32 cmd_id)
> +{
> + int rc;
> + u8 *temp_buf;
> + struct tee_ioctl_invoke_arg transceive_args;
> + struct tee_param command_params[4];
> + struct tee_shm *shm = dp_tee_priv->shm;
Please reorder:
struct tee_ioctl_invoke_arg transceive_args;
struct tee_shm *shm = dp_tee_priv->shm;
struct tee_param command_params[4];
u8 *temp_buf;
int rc;
> +
> + if (len > MAX_COMMAND_SIZE) {
> + TLCERR("%s: len=%zd exceeds MAX_COMMAND_SIZE supported by dp TA\n", __func__, len);
> + return -EIO;
> + }
> +
> + memset(&transceive_args, 0, sizeof(transceive_args));
> + memset(command_params, 0, sizeof(command_params));
> + dp_tee_priv->resp_len = 0;
> +
> + /* Invoke FTPM_OPTEE_TA_SUBMIT_COMMAND function of dp TA */
> + transceive_args = (struct tee_ioctl_invoke_arg) {
> + .func = cmd_id,
> + .session = dp_tee_priv->session,
> + .num_params = 4,
> + };
> +
> + /* Fill FTPM_OPTEE_TA_SUBMIT_COMMAND parameters */
> + command_params[0] = (struct tee_param) {
> + .attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INPUT,
> + .u.memref = {
> + .shm = shm,
> + .size = len,
> + .shm_offs = 0,
> + },
> + };
> +
> + command_params[1] = (struct tee_param) {
> + .attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INOUT,
> + .u.memref = {
> + .shm = shm,
> + .size = MAX_RESPONSE_SIZE,
> + .shm_offs = MAX_COMMAND_SIZE,
> + },
> + };
> +
> + rc = tee_client_invoke_func(dp_tee_priv->ctx, &transceive_args, command_params);
> + if (rc < 0 || transceive_args.ret != 0) {
> + TLCERR("%s: invoke error: 0x%x\n", __func__, transceive_args.ret);
> + return (rc < 0) ? rc : transceive_args.ret;
> + }
> +
> + temp_buf = tee_shm_get_va(shm, command_params[1].u.memref.shm_offs);
> + if (IS_ERR(temp_buf)) {
> + TLCERR("%s: tee_shm_get_va failed for receive\n", __func__);
> + return PTR_ERR(temp_buf);
> + }
> +
> + /* Sanity checks look good, cache the response */
> + memcpy(dp_tee_priv->resp_buf, temp_buf, MAX_RESPONSE_SIZE / 2);
> + dp_tee_priv->resp_len = MAX_RESPONSE_SIZE / 2;
> +
> + return 0;
> +}
> +
> +/*
> + * Check whether this driver supports the dp TA in the TEE instance
> + * represented by the params (ver/data) to this function.
> + */
> +static int dp_tee_match(struct tee_ioctl_version_data *ver, const void *data)
> +{
> + /*
> + * Currently this driver only support GP Complaint OPTEE based dp TA
> + */
> + if (ver->impl_id == TEE_IMPL_ID_OPTEE && ver->gen_caps & TEE_GEN_CAP_GP)
> + return 1;
> + else
> + return 0;
/*
* Check whether this driver supports the dp TA in the TEE instance
* represented by the params (ver/data) to this function.
*
* Note that currently this driver only supports GP Compliant OPTEE
* based dp TA.
*/
static int dp_tee_match(struct tee_ioctl_version_data *ver, const void *data)
{
return ver->impl_id == TEE_IMPL_ID_OPTEE &&
ver->gen_caps & TEE_GEN_CAP_GP
}
That's shorter :-)
> +}
> +
> +int tee_add_device(struct mtk_hdcp_info *hdcp_info, u32 version)
> +{
> + int rc;
> + struct dp_tee_private *dp_tee_priv = NULL;
You don't need this NULL assignment...
> + struct tee_ioctl_open_session_arg sess_arg;
> + struct tci_t *tci;
struct tee_ioctl_open_session_arg sess_arg;
struct dp_tee_private *dp_tee_priv;
struct tci_t *tci;
int rc;
> +
> + if (hdcp_info->g_init)
> + tee_remove_device(hdcp_info);
> +
> + dp_tee_priv = kzalloc(sizeof(*dp_tee_priv), GFP_KERNEL);
> + if (!dp_tee_priv) {
> + kfree(dp_tee_priv);
There's no need to kfree something that couldn't be allocated.
> + TLCERR("%s: tee_alloc_memory failed\n", __func__);
> + return -ENOMEM;
> + }
> + hdcp_info->g_dp_tee_priv = dp_tee_priv;
> +
> + /* Open context with TEE driver */
> + dp_tee_priv->ctx = tee_client_open_context(NULL, dp_tee_match, NULL, NULL);
> + if (IS_ERR(dp_tee_priv->ctx)) {
/* We return -EPROBE_DEFER because ... why?!
* does it even make any sense to override this
* return value? I don't think so.
*/
if (PTR_ERR(dp_tee_priv->ctx) == -ENOENT)
rc = -EPROBE_DEFER;
else
rc = PTR_ERR(dp_tee_priv->ctx);
goto free_priv;
}
> + if (PTR_ERR(dp_tee_priv->ctx) == -ENOENT) {
> + kfree(dp_tee_priv);
> + return -EPROBE_DEFER;
> + }
> + kfree(dp_tee_priv);
> + TLCERR("%s: tee_client_open_context failed\n", __func__);
> + return PTR_ERR(dp_tee_priv->ctx);
> + }
> +
> + /* Open a session with dp TA */
> + memset(&sess_arg, 0, sizeof(sess_arg));
> + export_uuid(sess_arg.uuid, &dp_ta_uuid);
> + sess_arg.clnt_login = TEE_IOCTL_LOGIN_PUBLIC;
> + sess_arg.num_params = 0;
> +
> + rc = tee_client_open_session(dp_tee_priv->ctx, &sess_arg, NULL);
> + if (rc < 0 || sess_arg.ret != 0) {
> + kfree(dp_tee_priv);
We don't kfree here because the goto will take care of that already...
P.S.: same for the other instances
> + TLCERR("tee_client_open_session failed, err=%x\n", sess_arg.ret);
> + rc = -EINVAL;
> + goto out_tee_session;
> + }
> + dp_tee_priv->session = sess_arg.session;
> +
> + /* Allocate dynamic shared memory with dp TA */
> + dp_tee_priv->shm = tee_shm_alloc_kernel_buf(dp_tee_priv->ctx, MAX_COMMAND_SIZE
> + + MAX_RESPONSE_SIZE);
> + if (IS_ERR(dp_tee_priv->shm)) {
> + kfree(dp_tee_priv);
> + TLCERR("%s: tee_shm_alloc_kernel_buf failed\n", __func__);
> + rc = -ENOMEM;
> + goto out_shm_alloc;
> + }
> + TLCINFO("Register 8k share memory successfully, (%p)",
> + dp_tee_priv->shm->kaddr);
Don't print pointer addresses, it won't mean anything for most people as there will
be randomization and - if not - could be used for a vulnerability.
Please, just don't.
> +
> + /* Copy parameter for add new device */
> + tci = (struct tci_t *)dp_tee_priv->shm->kaddr;
> + memset(tci, 0, TCI_LENGTH);
> + tci->command_id = CMD_DEVICE_ADDED;
> + tci->cmd_body.cmd_hdcp_init_for_verion.version = version;
> + tci->cmd_body.cmd_hdcp_init_for_verion.need_load_key = true;
> +
> + rc = dp_tee_op_send(dp_tee_priv, TCI_LENGTH, CMD_DEVICE_ADDED);
> + if (rc != 0) {
> + TLCERR("tee_op_send failed, error=%x\n", rc);
> + tee_remove_device(hdcp_info);
> + return rc;
> + }
> +
> + hdcp_info->g_init = true;
> +
> + return rc;
If you intend to pass on a result of dp_tee_op_send, then pass that to a pointer
in the function param.
Here, you shall return 0.
> +
> +out_shm_alloc:
> + tee_client_close_session(dp_tee_priv->ctx, dp_tee_priv->session);
> +out_tee_session:
> + tee_client_close_context(dp_tee_priv->ctx);
free_priv:
kfree(dp_tee_priv);
> +
> + return rc;
> +}
> +
> +void tee_remove_device(struct mtk_hdcp_info *hdcp_info)
> +{
> + int rc;
> + struct dp_tee_private *dp_tee_priv = hdcp_info->g_dp_tee_priv;
> + struct tci_t *tci = (struct tci_t *)dp_tee_priv->shm->kaddr;
int rc goes here
> +
> + if (!hdcp_info->g_init)
> + return;
> +
> + hdcp_info->g_init = false;
> + memset(tci, 0, TCI_LENGTH);
> + tci->command_id = CMD_DEVICE_REMOVE;
> + rc = dp_tee_op_send(dp_tee_priv, TCI_LENGTH, CMD_DEVICE_REMOVE);
> + if (rc != 0)
> + TLCERR("tee_op_send failed, error=%x\n", rc);
> +
> + /* Free the shared memory pool */
> + tee_shm_free(dp_tee_priv->shm);
> +
> + /* Close the existing session with fTPM TA */
> + tee_client_close_session(dp_tee_priv->ctx, dp_tee_priv->session);
> +
> + /* Close the context with TEE driver */
> + tee_client_close_context(dp_tee_priv->ctx);
> +
> + /* Free the memory */
> + kfree(dp_tee_priv);
> +}
> +
> +int tee_clear_paring(struct mtk_hdcp_info *hdcp_info)
> +{
> + int rc;
> + struct dp_tee_private *dp_tee_priv = hdcp_info->g_dp_tee_priv;
> + struct tci_t *tci = (struct tci_t *)dp_tee_priv->shm->kaddr;
int rc goes here
> +
> + /* Copy parameters */
> + memset(tci, 0, TCI_LENGTH);
> + tci->command_id = CMD_DEVICE_CLEAN;
> + rc = dp_tee_op_send(dp_tee_priv, TCI_LENGTH, CMD_DEVICE_CLEAN);
> + if (rc != 0) {
> + TLCERR("tee_op_send failed, error=%x\n", rc);
> + return rc;
> + }
> +
> + return rc;
return 0;
> +}
> +
> +int tee_hdcp1x_set_tx_an(struct mtk_hdcp_info *hdcp_info, u8 *an_code)
> +{
> + int rc;
> + struct dp_tee_private *dp_tee_priv = hdcp_info->g_dp_tee_priv;
> + struct tci_t *tci = (struct tci_t *)dp_tee_priv->shm->kaddr;
> +
> + /* Copy parameters */
> + tci->command_id = CMD_WRITE_VAL;
> + tci->cmd_body.cmd_hdcp_write_val.len = DRM_HDCP_AN_LEN;
> + tci->cmd_body.cmd_hdcp_write_val.type = TYPE_HDCP_PARAM_AN;
> + memcpy(tci->cmd_body.cmd_hdcp_write_val.val, an_code, DRM_HDCP_AN_LEN);
> +
> + rc = dp_tee_op_send(dp_tee_priv, TCI_LENGTH, CMD_WRITE_VAL);
> + if (rc != 0) {
> + TLCERR("tee_op_send failed, error=%x\n", rc);
> + return rc;
> + }
> +
> + return rc;
> +}
> +
> +int tee_hdcp_enable_encrypt(struct mtk_hdcp_info *hdcp_info, bool enable, u8 version)
> +{
> + int rc;
> + struct dp_tee_private *dp_tee_priv = hdcp_info->g_dp_tee_priv;
> + struct tci_t *tci = (struct tci_t *)dp_tee_priv->shm->kaddr;
> +
> + /* Copy parameters */
> + tci->command_id = CMD_ENABLE_ENCRYPT;
tci->cmd_body.cmd_hdcp_write_val.type = enable ? TYPE_HDCP_ENABLE_ENCRYPT :
TYPE_HDCP_DISABLE_ENCRYPT;
> + if (enable)
> + tci->cmd_body.cmd_hdcp_write_val.type = TYPE_HDCP_ENABLE_ENCRYPT;
> + else
> + tci->cmd_body.cmd_hdcp_write_val.type = TYPE_HDCP_DISABLE_ENCRYPT;
> +
> + /* Set HDCP version supportted by device */
> + tci->cmd_body.cmd_hdcp_write_val.len = 1;
> + tci->cmd_body.cmd_hdcp_write_val.val[0] = version;
> +
> + rc = dp_tee_op_send(dp_tee_priv, TCI_LENGTH, CMD_ENABLE_ENCRYPT);
> + if (rc != 0) {
> + TLCERR("tee_op_send failed, error=%x\n", rc);
> + return rc;
> + }
> +
return 0.... here and everywhere else.
> + return rc;
> +}
> +
> +int tee_hdcp1x_soft_rst(struct mtk_hdcp_info *hdcp_info)
> +{
> + int rc;
> + struct dp_tee_private *dp_tee_priv = hdcp_info->g_dp_tee_priv;
> + struct tci_t *tci = (struct tci_t *)dp_tee_priv->shm->kaddr;
> +
> + /* Copy parameters */
> + tci->command_id = CMD_WRITE_VAL;
> + tci->cmd_body.cmd_hdcp_write_val.type = TYPE_HDCP_PARAM_RST_1;
> + /* No need input. Set default value 0 for check */
> + tci->cmd_body.cmd_hdcp_write_val.len = DEFAULT_WRITE_VAL_LEN;
> + memset(tci->cmd_body.cmd_hdcp_write_val.val, DEFAULT_WRITE_VAL, DEFAULT_WRITE_VAL_LEN);
> +
> + rc = dp_tee_op_send(dp_tee_priv, TCI_LENGTH, CMD_WRITE_VAL);
> + if (rc != 0) {
> + TLCERR("tee_op_send failed, error=%x\n", rc);
> + return rc;
> + }
> +
> + return rc;
> +}
> +
> +int tee_hdcp2_soft_rst(struct mtk_hdcp_info *hdcp_info)
> +{
> + int rc;
> + struct dp_tee_private *dp_tee_priv = hdcp_info->g_dp_tee_priv;
> + struct tci_t *tci = (struct tci_t *)dp_tee_priv->shm->kaddr;
> +
> + tci->command_id = CMD_WRITE_VAL;
> + tci->cmd_body.cmd_hdcp_write_val.type = TYPE_HDCP_PARAM_RST_2;
> + /* No need input. Set default value 0 for check */
> + tci->cmd_body.cmd_hdcp_write_val.len =
> + DEFAULT_WRITE_VAL_LEN;
Fits in one line.
> + memset(tci->cmd_body.cmd_hdcp_write_val.val, DEFAULT_WRITE_VAL, DEFAULT_WRITE_VAL_LEN);
> +
> + rc = dp_tee_op_send(dp_tee_priv, TCI_LENGTH, CMD_WRITE_VAL);
> + if (rc != 0) {
> + TLCERR("tee_op_send failed, error=%x\n", rc);
> + return rc;
> + }
> +
> + return rc;
> +}
> +
> +/** V1.X **/
> +int tee_get_aksv(struct mtk_hdcp_info *hdcp_info, u8 *aksv)
> +{
Reorder the variables, here and everywhere else.
> + int rc;
> + struct dp_tee_private *dp_tee_priv = hdcp_info->g_dp_tee_priv;
> + struct tci_t *tci = (struct tci_t *)dp_tee_priv->shm->kaddr;
> +
> + /* Copy parameters */
> + tci->command_id = CMD_GET_AKSV;
> +
> + rc = dp_tee_op_send(dp_tee_priv, TCI_LENGTH, CMD_GET_AKSV);
> + if (rc != 0) {
> + TLCERR("tee_op_send failed, error=%x\n", rc);
> + return rc;
> + }
> +
> + tci = (struct tci_t *)dp_tee_priv->resp_buf;
Use a different variable, otherwise this adds up confusion.
> + memcpy(aksv, tci->cmd_body.cmd_hdcp_get_aksv.aksv, DRM_HDCP_KSV_LEN);
> +
> + return rc;
> +}
> +
> +int tee_calculate_lm(struct mtk_hdcp_info *hdcp_info, u8 *bksv)
> +{
> + int rc;
> + struct dp_tee_private *dp_tee_priv = hdcp_info->g_dp_tee_priv;
> + struct tci_t *tci = (struct tci_t *)dp_tee_priv->shm->kaddr;
> +
> + /* Copy parameters */
> + tci->command_id = CMD_CALCULATE_LM;
> + memcpy(tci->cmd_body.cmd_hdcp_calculate_lm.bksv, bksv, DRM_HDCP_KSV_LEN);
> +
> + rc = dp_tee_op_send(dp_tee_priv, TCI_LENGTH, CMD_CALCULATE_LM);
> + if (rc != 0) {
> + TLCERR("tee_op_send failed, error=%x\n", rc);
> + return rc;
> + }
> +
> + return rc;
> +}
> +
> +int tee_compare_r0(struct mtk_hdcp_info *hdcp_info, u8 *r0, u32 len)
> +{
> + int rc;
> + struct dp_tee_private *dp_tee_priv = hdcp_info->g_dp_tee_priv;
> + struct tci_t *tci = (struct tci_t *)dp_tee_priv->shm->kaddr;
> +
> + /* Copy parameters */
> + tci->command_id = CMD_COMPARE_R0;
> + tci->cmd_body.cmd_hdcp_compare.rx_val_len = len;
> + memcpy(tci->cmd_body.cmd_hdcp_compare.rx_val, r0, len);
> +
> + rc = dp_tee_op_send(dp_tee_priv, TCI_LENGTH, CMD_COMPARE_R0);
> + if (rc != 0) {
> + TLCERR("tee_op_send failed, error=%x\n", rc);
> + return rc;
> + }
> +
> + return rc;
> +}
> +
> +int tee_hdcp1x_compute_compare_v(struct mtk_hdcp_info *hdcp_info,
> + u8 *crypto_param, u32 param_len, u8 *rx_v)
> +{
> + int rc;
> + struct dp_tee_private *dp_tee_priv = hdcp_info->g_dp_tee_priv;
> + struct tci_t *tci = (struct tci_t *)dp_tee_priv->shm->kaddr;
> +
> + /* Copy parameters */
> + tci->command_id = CMD_COMPARE_V1;
> + tci->cmd_body.cmd_hdcp_compare.rx_val_len = 20;
> + tci->cmd_body.cmd_hdcp_compare.param_len = param_len;
> + memcpy(tci->cmd_body.cmd_hdcp_compare.rx_val, rx_v, 20);
> + memcpy(tci->cmd_body.cmd_hdcp_compare.param, crypto_param, param_len);
> +
> + rc = dp_tee_op_send(dp_tee_priv, TCI_LENGTH, CMD_COMPARE_V1);
> + if (rc != 0) {
> + TLCERR("tee_op_send failed, error=%x\n", rc);
> + return rc;
> + }
> +
> + return rc;
> +}
> +
> +/** V2.X **/
> +int tee_ake_certificate(struct mtk_hdcp_info *hdcp_info,
> + u8 *certificate, bool *stored, u8 *out_m, u8 *out_ekm)
> +{
> + int rc;
> + struct dp_tee_private *dp_tee_priv = hdcp_info->g_dp_tee_priv;
> + struct tci_t *tci = (struct tci_t *)dp_tee_priv->shm->kaddr;
> +
> + /* Copy parameters */
> + tci->command_id = CMD_AKE_CERTIFICATE;
> + memcpy(tci->cmd_body.cmd_hdcp_ake_certificate.certification,
> + certificate, HDCP2_CERTRX_LEN);
> +
> + rc = dp_tee_op_send(dp_tee_priv, TCI_LENGTH, CMD_AKE_CERTIFICATE);
> + if (rc != 0) {
> + TLCERR("tee_op_send failed, error=%x\n", rc);
> + return rc;
> + }
> +
> + TLCINFO("verify signature: result %d", rc);
> + tci = (struct tci_t *)dp_tee_priv->resp_buf;
> + *stored = tci->cmd_body.cmd_hdcp_ake_certificate.stored;
> + memcpy(out_m, tci->cmd_body.cmd_hdcp_ake_certificate.m,
> + HDCP_2_2_E_KH_KM_M_LEN - HDCP_2_2_E_KH_KM_LEN);
> + memcpy(out_ekm, tci->cmd_body.cmd_hdcp_ake_certificate.ekm, HDCP_2_2_E_KH_KM_LEN);
> +
> + return rc;
> +}
> +
> +int tee_enc_rsaes_oaep(struct mtk_hdcp_info *hdcp_info, u8 *ekm)
> +{
> + int rc;
> + struct dp_tee_private *dp_tee_priv = hdcp_info->g_dp_tee_priv;
> + struct tci_t *tci = (struct tci_t *)dp_tee_priv->shm->kaddr;
> +
> + /* Copy parameters */
> + tci->command_id = CMD_ENC_KM;
> +
> + rc = dp_tee_op_send(dp_tee_priv, TCI_LENGTH, CMD_ENC_KM);
> + if (rc != 0) {
> + TLCERR("tee_op_send failed, error=%x\n", rc);
> + return rc;
> + }
> +
> + tci = (struct tci_t *)dp_tee_priv->resp_buf;
> + memcpy(ekm, tci->cmd_body.cmd_hdcp_enc_km.enc_km, HDCP_2_2_E_KPUB_KM_LEN);
> +
> + return rc;
> +}
> +
> +int tee_ake_h_prime(struct mtk_hdcp_info *hdcp_info,
> + u8 *rtx, u8 *rrx, u8 *rx_caps, u8 *tx_caps, u8 *rx_h, u32 rx_h_len)
> +{
> + int rc;
> + struct dp_tee_private *dp_tee_priv = hdcp_info->g_dp_tee_priv;
> + struct tci_t *tci = (struct tci_t *)dp_tee_priv->shm->kaddr;
> +
> + /* Copy parameters */
> + tci->command_id = CMD_AKE_H_PRIME;
> + tci->cmd_body.cmd_hdcp_ake_h_prime.rx_h_len = rx_h_len;
> +
> + memcpy(tci->cmd_body.cmd_hdcp_ake_h_prime.rtx, rtx, HDCP_2_2_RTX_LEN);
> + memcpy(tci->cmd_body.cmd_hdcp_ake_h_prime.rrx, rrx, HDCP_2_2_RRX_LEN);
> + memcpy(tci->cmd_body.cmd_hdcp_ake_h_prime.rx_caps, rx_caps, HDCP_2_2_RXCAPS_LEN);
> + memcpy(tci->cmd_body.cmd_hdcp_ake_h_prime.tx_caps, tx_caps, HDCP_2_2_TXCAPS_LEN);
> + memcpy(tci->cmd_body.cmd_hdcp_ake_h_prime.rx_h, rx_h, rx_h_len);
> +
> + rc = dp_tee_op_send(dp_tee_priv, TCI_LENGTH, CMD_AKE_H_PRIME);
> + if (rc != 0) {
> + TLCERR("tee_op_send failed, error=%x\n", rc);
> + return rc;
> + }
> +
> + tci = (struct tci_t *)dp_tee_priv->resp_buf;
> + return tci->return_code;
> +}
> +
> +int tee_ake_paring(struct mtk_hdcp_info *hdcp_info, u8 *rx_ekm)
> +{
> + int rc;
> + struct dp_tee_private *dp_tee_priv = hdcp_info->g_dp_tee_priv;
> + struct tci_t *tci = (struct tci_t *)dp_tee_priv->shm->kaddr;
> +
> + /* Copy parameters */
> + tci->command_id = CMD_AKE_PARING;
> + memcpy(tci->cmd_body.cmd_hdcp_ake_paring.ekm, rx_ekm, HDCP_2_2_E_KH_KM_LEN);
> +
> + rc = dp_tee_op_send(dp_tee_priv, TCI_LENGTH, CMD_AKE_PARING);
> + if (rc != 0)
> + TLCERR("tee_op_send failed, error=%x\n", rc);
> +
> + return rc;
> +}
> +
> +int tee_lc_l_prime(struct mtk_hdcp_info *hdcp_info, u8 *rn, u8 *rx_l, u32 len)
> +{
> + int rc;
> + struct dp_tee_private *dp_tee_priv = hdcp_info->g_dp_tee_priv;
> + struct tci_t *tci = (struct tci_t *)dp_tee_priv->shm->kaddr;
> +
> + /* Copy parameters */
> + tci->command_id = CMD_LC_L_PRIME;
> + memcpy(tci->cmd_body.cmd_hdcp_lc_l_prime.rn, rn, HDCP_2_2_RN_LEN);
> + tci->cmd_body.cmd_hdcp_lc_l_prime.rx_l_len = len;
> + memcpy(tci->cmd_body.cmd_hdcp_lc_l_prime.rx_l, rx_l, len);
> +
> + rc = dp_tee_op_send(dp_tee_priv, TCI_LENGTH, CMD_LC_L_PRIME);
> + if (rc != 0) {
> + TLCERR("tee_op_send failed, error=%x\n", rc);
> + return rc;
> + }
> +
> + tci = (struct tci_t *)dp_tee_priv->resp_buf;
> + return tci->return_code;
> +}
> +
> +int tee_ske_enc_ks(struct mtk_hdcp_info *hdcp_info, u8 *riv, u8 *eks)
> +{
> + int rc;
> + struct dp_tee_private *dp_tee_priv = hdcp_info->g_dp_tee_priv;
> + struct tci_t *tci = (struct tci_t *)dp_tee_priv->shm->kaddr;
> + u8 *share_buffer = NULL;
> +
> + /* Copy parameters */
> + tci->command_id = CMD_SKE_CAL_EKS;
> + memcpy(tci->cmd_body.cmd_hdcp_ske_eks.riv, riv, HDCP_2_2_RIV_LEN);
> +
> + rc = dp_tee_op_send(dp_tee_priv, TCI_LENGTH + 16, CMD_SKE_CAL_EKS);
> + if (rc != 0)
> + TLCERR("tee_op_send failed, error=%x\n", rc);
> +
> + share_buffer = (u8 *)dp_tee_priv->resp_buf;
> + memcpy(eks, share_buffer + TCI_LENGTH, 16);
> +
> + return rc;
> +}
> +
> +int tee_hdcp2_compute_compare_v(struct mtk_hdcp_info *hdcp_info,
> + u8 *crypto_param, u32 param_len, u8 *rx_v, u8 *tx_v)
> +{
> + int rc;
> + struct dp_tee_private *dp_tee_priv = hdcp_info->g_dp_tee_priv;
> + struct tci_t *tci = (struct tci_t *)dp_tee_priv->shm->kaddr;
> + u8 *share_buffer = NULL;
> +
> + /* Copy parameters */
> + tci->command_id = CMD_COMPARE_V2;
> + tci->cmd_body.cmd_hdcp_compare.rx_val_len = 16;
> + tci->cmd_body.cmd_hdcp_compare.param_len = param_len;
> + memcpy(tci->cmd_body.cmd_hdcp_compare.rx_val, rx_v, 16);
> + memcpy(tci->cmd_body.cmd_hdcp_compare.param, crypto_param, param_len);
> +
> + rc = dp_tee_op_send(dp_tee_priv, TCI_LENGTH, CMD_COMPARE_V2);
> + if (rc != 0) {
> + TLCERR("tee_op_send failed, error=%x\n", rc);
> + return rc;
> + }
> +
> + share_buffer = (u8 *)dp_tee_priv->resp_buf;
> + memcpy(tx_v, share_buffer + TCI_LENGTH, 16);
> +
> + return rc;
> +}
> +
> +int tee_hdcp2_compute_compare_m(struct mtk_hdcp_info *hdcp_info,
> + u8 *crypto_param, u32 param_len, u8 *rx_m)
> +{
> + int rc;
> + struct dp_tee_private *dp_tee_priv = hdcp_info->g_dp_tee_priv;
> + struct tci_t *tci = (struct tci_t *)dp_tee_priv->shm->kaddr;
> +
> + /* Copy parameters */
> + tci->command_id = CMD_COMPARE_M;
> + tci->cmd_body.cmd_hdcp_compare.rx_val_len = HDCP_2_2_MPRIME_LEN;
> + tci->cmd_body.cmd_hdcp_compare.param_len = param_len;
> + memcpy(tci->cmd_body.cmd_hdcp_compare.rx_val, rx_m, HDCP_2_2_MPRIME_LEN);
> + memcpy(tci->cmd_body.cmd_hdcp_compare.param, crypto_param, param_len);
> +
> + rc = dp_tee_op_send(dp_tee_priv, TCI_LENGTH, CMD_COMPARE_M);
> + if (rc != 0)
> + TLCERR("tee_op_send failed, error=%x\n", rc);
> +
> + return rc;
> +}
> diff --git a/drivers/gpu/drm/mediatek/tlc_dp_hdcp.h b/drivers/gpu/drm/mediatek/tlc_dp_hdcp.h
> new file mode 100644
> index 000000000000..493d3c51a7a0
> --- /dev/null
> +++ b/drivers/gpu/drm/mediatek/tlc_dp_hdcp.h
> @@ -0,0 +1,414 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +/*
> + * Copyright (c) 2019-2024 MediaTek Inc.
> + */
> +
> +#ifndef _TLC_DP_HDCP_H_
> +#define _TLC_DP_HDCP_H_
> +
> +#include <linux/printk.h>
> +#include <linux/tee_drv.h>
> +#include <linux/uuid.h>
> +#include <linux/types.h>
> +#include <linux/sched/clock.h>
> +#include <drm/display/drm_dp_helper.h>
> +#include "tci.h"
> +
> +#define TLCINFO(string, args...) pr_info("[TLC_HDCP]info: "string, ##args)
> +#define TLCERR(string, args...) pr_info("[TLC_HDCP]line:%d,err:%s:"string,\
> + __LINE__, __func__, ##args)
> +
> +#define DPTXHDCPFUNC(fmt, arg...) \
> + pr_info("[DPTXHDCP][%s line:%d]"pr_fmt(fmt), __func__, __LINE__, ##arg)
> +#define DPTXHDCPMSG(fmt, arg...) \
> + pr_info("[DPTXHDCP]"pr_fmt(fmt), ##arg)
> +#define DPTXHDCPERR(fmt, arg...) \
> + pr_err("[DPTXHDCP]"pr_fmt(fmt), ##arg)
You don't need those print wrappers and you can just use pr_{info,err} where
needed in the code.
Also, dev_info/dev_err would be preferred.
> +
> +#define RET_SUCCESS 0
Unused (and anyway unneeded) definition: please remove.
> +
> +/**
> + * hdcp version definitions
> + */
> +#define HDCP_NONE 0x0 // No HDCP supported, no secure data path
> +#define HDCP_V1 0x1 // HDCP version 1.0
> +#define HDCP_V2 0x2 // HDCP version 2.0 Type 1
> +#define HDCP_V2_1 0x3 // HDCP version 2.1 Type 1
> +#define HDCP_V2_2 0x4 // HDCP version 2.2 Type 1
> +#define HDCP_V2_3 0x5 // HDCP version 2.3 Type 1
Please introduce definitions in the same commits where you use them.
Also, C-style comments please.
> +
> +/* Local display only(content required version use only) */
> +#define HDCP_LOCAL_DISPLAY_ONLY 0xf
> +#define HDCP_NO_DIGITAL_OUTPUT 0xff // No digital output
> +#define HDCP_DEFAULT HDCP_NO_DIGITAL_OUTPUT // Default value
> +
> +#define HDCP_VERSION_1X 1
> +#define HDCP_VERSION_2X 2
> +
> +/* max. buffer size supported by dp */
> +#define MAX_COMMAND_SIZE 4096
> +#define MAX_RESPONSE_SIZE 4096
> +
> +#define HDCP1X_REP_MAXDEVS 128
> +#define HDCP1X_V_LEN 20
> +#define HDCP1X_B_INFO_LEN 2
> +
> +#define HDCP2_K_LEN 2
> +#define HDCP2_STREAMID_TYPE_LEN 2
> +
> +enum HDCP_RESULT {
> + AUTH_ZERO = 0,
> + AUTH_PREPARE = 1,
> + AUTH_INIT = 2,
> + AUTH_PASS = 3,
> + AUTH_FAIL = 4,
> +};
> +
> +struct dp_header {
> + __be16 tag;
> + __be32 length;
> + union {
> + __be32 ordinal;
> + __be32 return_code;
> + };
> +} __packed;
> +
> +/**
> + * struct dp_tee_private - fTPM's private data
> + * @session: dp TA session identifier.
> + * @resp_len: cached response buffer length.
> + * @resp_buf: cached response buffer.
> + * @ctx: TEE context handler.
> + * @shm: Memory pool shared with fTPM TA in TEE.
> + */
> +struct dp_tee_private {
> + u32 session;
> + size_t resp_len;
> + u8 resp_buf[MAX_RESPONSE_SIZE];
> + struct tee_context *ctx;
> + struct tee_shm *shm;
> +};
> +
> +struct hdcp2_info_tx {
> + struct hdcp2_ake_init ake_init;
> + struct hdcp2_ake_no_stored_km no_stored_km;
> + struct hdcp2_ske_send_eks send_eks;
> + struct hdcp2_lc_init lc_init;
> + struct hdcp2_rep_stream_manage stream_manage;
> + struct hdcp2_rep_send_ack send_ack;
> + struct hdcp2_tx_caps tx_caps;
> + u8 k[HDCP2_K_LEN];
> + u8 stream_id_type[HDCP2_STREAMID_TYPE_LEN];
> +};
> +
> +struct hdcp2_info_rx {
> + struct hdcp2_cert_rx cert_rx;
> + struct hdcp2_ake_send_cert send_cert;
> + struct hdcp2_rep_send_receiverid_list receiverid_list;
> + struct hdcp2_ake_send_pairing_info pairing_info;
> + struct hdcp2_rep_stream_ready stream_ready;
> + struct hdcp2_ake_send_hprime send_hprime;
> + struct hdcp2_lc_send_lprime send_lprime;
> +};
> +
> +struct hdcp2_handler {
> + u8 main_state;
> + u8 sub_state;
> + u8 down_stream_dev_cnt;
> + u8 hdcp_rx_ver;
> + bool send_ake_init:1;
> + bool get_recv_id_list:1;
> + bool stored_km:1;
> + bool send_lc_init:1;
> + bool send_ack:1;
> + bool sink_is_repeater:1;
> + bool recv_msg:1;
> + bool send_pair:1;
> + u32 seq_num_v_cnt;
> + u32 retry_cnt;
> +};
> +
> +struct hdcp1x_info {
> + bool enable;
> + bool repeater;
> + bool r0_read;
> + bool ksv_ready;
> + bool max_cascade;
> + bool max_devs;
> + u8 b_status;
> + u8 b_ksv[DRM_HDCP_KSV_LEN];
> + u8 a_ksv[DRM_HDCP_KSV_LEN];
> + u8 v[HDCP1X_V_LEN];
> + u8 b_info[HDCP1X_B_INFO_LEN];
> + u8 ksvfifo[DRM_HDCP_KSV_LEN * (HDCP1X_REP_MAXDEVS - 1)];
> + u8 device_count;
> + u8 retry_count;
> + int main_states;
> + int sub_states;
> +};
> +
> +struct hdcp2_info {
> + struct hdcp2_info_tx hdcp_tx;
> + struct hdcp2_info_rx hdcp_rx;
> + struct hdcp2_ake_stored_km ake_stored_km;
> + struct hdcp2_handler hdcp_handler;
> + bool enable;
> + bool repeater;
> + bool read_certrx;
> + bool read_h_prime;
> + bool read_pairing;
> + bool read_l_prime;
> + bool ks_exchange_done;
> + bool read_v_prime;
> + u8 retry_count;
> + u8 device_count;
> + u8 stream_id_type;
> +};
> +
> +struct mtk_hdcp_info {
> + u8 auth_status;
> + bool g_init;
> + u32 hdcp_content_type;
> + u32 content_protection;
> + struct dp_tee_private *g_dp_tee_priv;
> + struct hdcp1x_info hdcp1x_info;
> + struct hdcp2_info hdcp2_info;
> +};
> +
> +#ifdef __cplusplus
> +extern "C"
cplusplus?! This is the kernel, this is not a UAPI header and will never be, and
you don't need this ifdef at all.
> +{
> +#endif
> +
> +/*
Please use valid kerneldoc; here and everywhere else.
> + *Description:
> + * A device connect and do some initializations.
> + *
> + *Input:
> + * version: HDCP version
> + *
> + *Returns:
> + * TEEC_SUCCESS success*
> + */
> +int tee_add_device(struct mtk_hdcp_info *hdcp_info, u32 version);
> +
Regards,
Angelo
More information about the dri-devel
mailing list