[Intel-gfx] [RFC-v7 17/21] drm/i915/pxp: Implement ioctl action to send TEE commands
Huang, Sean Z
sean.z.huang at intel.com
Fri Dec 11 07:29:07 UTC 2020
Implement the ioctl action to allow userspace driver sends TEE
commands via PXP ioctl, instead of TEE iotcl. So we can
centralize those protection operations at PXP.
Signed-off-by: Huang, Sean Z <sean.z.huang at intel.com>
---
drivers/gpu/drm/i915/pxp/intel_pxp.c | 48 +++++++++++++++++---
drivers/gpu/drm/i915/pxp/intel_pxp_tee.c | 57 ++++++++++++++++++++++++
drivers/gpu/drm/i915/pxp/intel_pxp_tee.h | 5 +++
3 files changed, 105 insertions(+), 5 deletions(-)
diff --git a/drivers/gpu/drm/i915/pxp/intel_pxp.c b/drivers/gpu/drm/i915/pxp/intel_pxp.c
index c35011b84f5a..2445af5f763c 100644
--- a/drivers/gpu/drm/i915/pxp/intel_pxp.c
+++ b/drivers/gpu/drm/i915/pxp/intel_pxp.c
@@ -16,7 +16,10 @@
/* Setting KCR Init bit is required after system boot */
#define KCR_INIT_ALLOW_DISPLAY_ME_WRITES (BIT(14) | (BIT(14) << KCR_INIT_MASK_SHIFT))
-#define PXP_ACTION_SET_SESSION_STATUS 1
+enum pxp_ioctl_action {
+ PXP_ACTION_SET_SESSION_STATUS = 1,
+ PXP_ACTION_TEE_IO_MESSAGE = 4,
+};
enum pxp_session_req {
/* Request KMD to allocate session id and move it to IN INIT */
@@ -38,13 +41,28 @@ struct pxp_set_session_status_params {
u32 req_session_state; /* in, new session state */
};
+/*
+ * struct pxp_tee_io_message_params - Params to send/receive message to/from TEE.
+ */
+struct pxp_tee_io_message_params {
+ u8 __user *msg_in; /* in - message input */
+ u32 msg_in_size; /* in - message input size */
+ u8 __user *msg_out; /* in - message output buffer */
+ u32 msg_out_size; /* out- message output size from TEE */
+ u32 msg_out_buf_size; /* in - message output buffer size */
+};
+
/* struct pxp_info - Params for PXP operation. */
struct pxp_info {
u32 action; /* in - specified action of this operation */
u32 sm_status; /* out - status output for this operation */
- /* in - action params to set the PXP session state */
- struct pxp_set_session_status_params set_session_status;
+ union {
+ /* in - action params to set the PXP session state */
+ struct pxp_set_session_status_params set_session_status;
+ /* in - action params to send TEE commands */
+ struct pxp_tee_io_message_params tee_io_message;
+ };
} __attribute__((packed));
struct drm_i915_pxp_ops {
@@ -228,7 +246,9 @@ int i915_pxp_ops_ioctl(struct drm_device *dev, void *data, struct drm_file *drmf
goto end;
}
- if (pxp_info.action == PXP_ACTION_SET_SESSION_STATUS) {
+ switch (pxp_info.action) {
+ case PXP_ACTION_SET_SESSION_STATUS:
+ {
struct pxp_set_session_status_params *params = &pxp_info.set_session_status;
if (params->req_session_state == PXP_REQ_SESSION_ID_INIT) {
@@ -250,8 +270,26 @@ int i915_pxp_ops_ioctl(struct drm_device *dev, void *data, struct drm_file *drmf
} else {
ret = -EINVAL;
}
- } else {
+ break;
+ }
+ case PXP_ACTION_TEE_IO_MESSAGE:
+ {
+ struct pxp_tee_io_message_params *params = &pxp_info.tee_io_message;
+
+ ret = intel_pxp_tee_ioctl_io_message(pxp,
+ params->msg_in, params->msg_in_size,
+ params->msg_out, ¶ms->msg_out_size,
+ params->msg_out_buf_size);
+ if (ret) {
+ drm_err(&i915->drm, "Failed to send TEE IO message\n");
+ ret = -EFAULT;
+ }
+ break;
+ }
+ default:
+ drm_err(&i915->drm, "Failed to %s due to bad params\n", __func__);
ret = -EINVAL;
+ break;
}
end:
diff --git a/drivers/gpu/drm/i915/pxp/intel_pxp_tee.c b/drivers/gpu/drm/i915/pxp/intel_pxp_tee.c
index 816a6d5a54e4..e0815b2ee9ab 100644
--- a/drivers/gpu/drm/i915/pxp/intel_pxp_tee.c
+++ b/drivers/gpu/drm/i915/pxp/intel_pxp_tee.c
@@ -168,3 +168,60 @@ int intel_pxp_tee_cmd_create_arb_session(struct intel_pxp *pxp)
return ret;
}
+
+int intel_pxp_tee_ioctl_io_message(struct intel_pxp *pxp,
+ void __user *msg_in_user_ptr, u32 msg_in_size,
+ void __user *msg_out_user_ptr, u32 *msg_out_size_ptr,
+ u32 msg_out_buf_size)
+{
+ int ret;
+ void *msg_in = NULL;
+ void *msg_out = NULL;
+ struct intel_gt *gt = container_of(pxp, typeof(*gt), pxp);
+ struct drm_i915_private *i915 = gt->i915;
+
+ if (!msg_in_user_ptr || !msg_out_user_ptr || msg_out_buf_size == 0 ||
+ msg_in_size == 0 || !msg_out_size_ptr)
+ return -EINVAL;
+
+ msg_in = kzalloc(msg_in_size, GFP_KERNEL);
+ if (!msg_in)
+ return -ENOMEM;
+
+ msg_out = kzalloc(msg_out_buf_size, GFP_KERNEL);
+ if (!msg_out) {
+ ret = -ENOMEM;
+ goto end;
+ }
+
+ if (copy_from_user(msg_in, msg_in_user_ptr, msg_in_size) != 0) {
+ ret = -EFAULT;
+ drm_err(&i915->drm, "Failed to copy_from_user for TEE message\n");
+ goto end;
+ }
+
+ mutex_lock(&i915->pxp_tee_comp_mutex);
+
+ ret = intel_pxp_tee_io_message(pxp,
+ msg_in, msg_in_size,
+ msg_out, msg_out_size_ptr,
+ msg_out_buf_size);
+
+ mutex_unlock(&i915->pxp_tee_comp_mutex);
+
+ if (ret) {
+ drm_err(&i915->drm, "Failed to send/receive tee message\n");
+ goto end;
+ }
+
+ if (copy_to_user(msg_out_user_ptr, msg_out, *msg_out_size_ptr) != 0) {
+ ret = -EFAULT;
+ drm_err(&i915->drm, "Failed to copy_to_user for TEE message\n");
+ goto end;
+ }
+
+end:
+ kfree(msg_in);
+ kfree(msg_out);
+ return ret;
+}
diff --git a/drivers/gpu/drm/i915/pxp/intel_pxp_tee.h b/drivers/gpu/drm/i915/pxp/intel_pxp_tee.h
index 757a54208a4d..d3129786758f 100644
--- a/drivers/gpu/drm/i915/pxp/intel_pxp_tee.h
+++ b/drivers/gpu/drm/i915/pxp/intel_pxp_tee.h
@@ -13,6 +13,11 @@ void intel_pxp_tee_component_fini(struct intel_pxp *pxp);
int intel_pxp_tee_cmd_create_arb_session(struct intel_pxp *pxp);
+int intel_pxp_tee_ioctl_io_message(struct intel_pxp *pxp,
+ void __user *msg_in_user_ptr, u32 msg_in_size,
+ void __user *msg_out_user_ptr, u32 *msg_out_size_ptr,
+ u32 msg_out_buf_size);
+
/* TEE command to create the arbitrary session */
#define PXP_TEE_ARB_CMD_BIN {0x00040000, 0x0000001e, 0x00000000, 0x00000008, 0x00000002, 0x0000000f}
#define PXP_TEE_ARB_CMD_DW_LEN (6)
--
2.17.1
More information about the Intel-gfx
mailing list