Mesa (master): radv: Compute hashes in secure process for secure compilation.
GitLab Mirror
gitlab-mirror at kemper.freedesktop.org
Wed Oct 30 10:57:57 UTC 2019
Module: Mesa
Branch: master
Commit: d78809632f58da1a34c23ccfd4456cb889276f39
URL: http://cgit.freedesktop.org/mesa/mesa/commit/?id=d78809632f58da1a34c23ccfd4456cb889276f39
Author: Bas Nieuwenhuizen <bas at basnieuwenhuizen.nl>
Date: Wed Oct 30 02:54:37 2019 +0100
radv: Compute hashes in secure process for secure compilation.
To prevent poisoning arbitrary cache entries.
Reviewed-by: Timothy Arceri <tarceri at itsqueeze.com>
---
src/amd/vulkan/radv_pipeline.c | 23 +++++++++++++++++++++++
1 file changed, 23 insertions(+)
diff --git a/src/amd/vulkan/radv_pipeline.c b/src/amd/vulkan/radv_pipeline.c
index 9c7d5dc32ee..422b0771a79 100644
--- a/src/amd/vulkan/radv_pipeline.c
+++ b/src/amd/vulkan/radv_pipeline.c
@@ -4629,6 +4629,21 @@ radv_secure_compile(struct radv_pipeline *pipeline,
const VkPipelineCreateFlags flags,
unsigned num_stages)
{
+ uint8_t allowed_pipeline_hashes[2][20];
+ radv_hash_shaders(allowed_pipeline_hashes[0], pStages,
+ pipeline->layout, key, get_hash_flags(device));
+
+ /* Generate the GC copy hash */
+ memcpy(allowed_pipeline_hashes[1], allowed_pipeline_hashes[0], 20);
+ allowed_pipeline_hashes[1][0] ^= 1;
+
+ uint8_t allowed_hashes[2][20];
+ for (unsigned i = 0; i < 2; ++i) {
+ disk_cache_compute_key(device->physical_device->disk_cache,
+ allowed_pipeline_hashes[i], 20,
+ allowed_hashes[i]);
+ }
+
unsigned process = 0;
uint8_t sc_threads = device->instance->num_sc_threads;
while (true) {
@@ -4718,6 +4733,10 @@ radv_secure_compile(struct radv_pipeline *pipeline,
if (!radv_sc_read(fd_secure_output, disk_sha1, sizeof(uint8_t) * 20, true))
return VK_ERROR_DEVICE_LOST;
+ if (memcmp(disk_sha1, allowed_hashes[0], 20) &&
+ memcmp(disk_sha1, allowed_hashes[1], 20))
+ return VK_ERROR_DEVICE_LOST;
+
uint32_t entry_size;
if (!radv_sc_read(fd_secure_output, &entry_size, sizeof(uint32_t), true))
return VK_ERROR_DEVICE_LOST;
@@ -4736,6 +4755,10 @@ radv_secure_compile(struct radv_pipeline *pipeline,
if (!radv_sc_read(fd_secure_output, disk_sha1, sizeof(uint8_t) * 20, true))
return VK_ERROR_DEVICE_LOST;
+ if (memcmp(disk_sha1, allowed_hashes[0], 20) &&
+ memcmp(disk_sha1, allowed_hashes[1], 20))
+ return VK_ERROR_DEVICE_LOST;
+
size_t size;
struct cache_entry *entry = (struct cache_entry *)
disk_cache_get(device->physical_device->disk_cache,
More information about the mesa-commit
mailing list