<html><body><p>
<pre>
Hi Maxime,

[snip]

> > > > > ---
> > > > > TODO:
> > > > > 1) Drop MTK_DRM_IOCTL_GEM_CREATE and use DMA_HEAP_IOCTL_ALLOC
> > > > > in
> > > > > userspace
> > > > > 2) DRM driver use secure mailbox channel to handle normal and
> > > > > secure flow
> > > > > 3) Implement setting mmsys routing table in the secure world
> > > > > series
> > > >
> > > > I'm not sure what you mean here. Why are you trying to upstream
> > > > something that still needs to be removed from your patch
> > > > series?
> > > >
> > >
> > > Because their is too much patches need to be fixed in this
> > > series,
> > > so I
> > > list down the remaining TODO items and send to review for the
> > > other
> > > patches.
> > >
> > > Sorry for the bothering, I'll drop this at the next version.
> >
> > If you don't intend to use it, we just shouldn't add it. Removing
> > the
> > TODO item doesn't make sense, even more so if heaps should be the
> > way
> > you handle this.
> >
>
> Sorry for this misunderstanding.
>
> I mean I'll remove the DRM_IOCTL_GEM_CREATE patch and then change
> user
> space calling DMA_HEAP_IOCTL_ALLOC to allocate buffer from secure
> heap.
>

I have changed user space to use DMA_HEAP_IOCTL_ALLOC to allocate
secure buffer, but I still encounter the problem of determining whether
the buffer is secure in mediatek-drm driver to add some secure
configure for hardware.


As the comment in [1], dma driver won't provide API for use.
[1]:
https://patchwork.kernel.org/project/linux-mediatek/patch/20240515112308.10171-3-yong.wu@mediatek.com/#25857255


So I use name checking at [PATCH v6 3/7] like this currently:

struct drm_gem_object *mtk_gem_prime_import_sg_table(struct drm_device
*dev,
struct dma_buf_attachment *attach, struct sg_table *sg)
{
struct mtk_gem_obj *mtk_gem;

/* check if the entries in the sg_table are contiguous */
if (drm_prime_get_contiguous_size(sg) < attach->dmabuf->size) {
DRM_ERROR("sg_table is not contiguous");
return ERR_PTR(-EINVAL);
}

mtk_gem = mtk_gem_init(dev, attach->dmabuf->size);
if (IS_ERR(mtk_gem))
return ERR_CAST(mtk_gem);

+ mtk_gem->secure = (!strncmp(attach->dmabuf->exp_name, "restricted",
10));
mtk_gem->dma_addr = sg_dma_address(sg->sgl);
+ mtk_gem->size = attach->dmabuf->size;
mtk_gem->sg = sg;

return &mtk_gem->base;
}

But I want to change this name checking to the information brought from
user space.
I tried to use arg->flags to append the secure flag in user space and
call drmPrimeHandleToFD() to pass it to DRM driver, but it will be
blocked by at the beginning of the drm_prime_handle_to_fd_ioctl().

I can't find any other existing ioctl to pass such private information.
Do you have any idea? Or should we open a new ioctl for that?

Regards,
Jason-JH.Lin

> > > > Also, I made some comments on the previous version that have
> > > > been
> > > > entirely ignored and still apply on this version:
> > > >
> > >
> > >
>
>
https://lore.kernel.org/dri-devel/20240415-guppy-of-perpetual-current-3a7974@houat/
> > > >
> > >
> > > I lost that mail in my mailbox, so I didn't reply at that time.
> > > I have imported that mail and replied to you. Hope you don't mind
> > > :)
> >
> > I haven't received that answer
>
> I don't know why it doesn't show up at your link.
>
> Could you see it here?
>
>
https://patchwork.kernel.org/project/linux-mediatek/patch/20240403102701.369-3-shawn.sung@mediatek.com/
>
>
>
> Regards,
> Jason-JH.Lin
> >
> > Maxime

</pre>
</p></body></html><!--type:text--><!--{--><pre>************* MEDIATEK Confidentiality Notice
 ********************
The information contained in this e-mail message (including any 
attachments) may be confidential, proprietary, privileged, or otherwise
exempt from disclosure under applicable laws. It is intended to be 
conveyed only to the designated recipient(s). Any use, dissemination, 
distribution, printing, retaining or copying of this e-mail (including its 
attachments) by unintended recipient(s) is strictly prohibited and may 
be unlawful. If you are not an intended recipient of this e-mail, or believe
 
that you have received this e-mail in error, please notify the sender 
immediately (by replying to this e-mail), delete any and all copies of 
this e-mail (including any attachments) from your system, and do not
disclose the content of this e-mail to any other person. Thank you!
</pre><!--}-->