1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  * Copyright (C) 2015-2018 Etnaviv Project
4  */
5 
6 #include <linux/kernel.h>
7 
8 #include "etnaviv_gem.h"
9 #include "etnaviv_gpu.h"
10 
11 #include "cmdstream.xml.h"
12 
13 #define EXTRACT(val, field) (((val) & field##__MASK) >> field##__SHIFT)
14 
15 struct etna_validation_state {
16 	struct etnaviv_gpu *gpu;
17 	const struct drm_etnaviv_gem_submit_reloc *relocs;
18 	unsigned int num_relocs;
19 	u32 *start;
20 };
21 
22 static const struct {
23 	u16 offset;
24 	u16 size;
25 } etnaviv_sensitive_states[] __initconst = {
26 #define ST(start, num) { (start) >> 2, (num) }
27 	/* 2D */
28 	ST(0x1200, 1),
29 	ST(0x1228, 1),
30 	ST(0x1238, 1),
31 	ST(0x1284, 1),
32 	ST(0x128c, 1),
33 	ST(0x1304, 1),
34 	ST(0x1310, 1),
35 	ST(0x1318, 1),
36 	ST(0x12800, 4),
37 	ST(0x128a0, 4),
38 	ST(0x128c0, 4),
39 	ST(0x12970, 4),
40 	ST(0x12a00, 8),
41 	ST(0x12b40, 8),
42 	ST(0x12b80, 8),
43 	ST(0x12ce0, 8),
44 	/* 3D */
45 	ST(0x0644, 1),
46 	ST(0x064c, 1),
47 	ST(0x0680, 8),
48 	ST(0x086c, 1),
49 	ST(0x1028, 1),
50 	ST(0x1410, 1),
51 	ST(0x1430, 1),
52 	ST(0x1458, 1),
53 	ST(0x1460, 8),
54 	ST(0x1480, 8),
55 	ST(0x1500, 8),
56 	ST(0x1520, 8),
57 	ST(0x1608, 1),
58 	ST(0x1610, 1),
59 	ST(0x1658, 1),
60 	ST(0x165c, 1),
61 	ST(0x1664, 1),
62 	ST(0x1668, 1),
63 	ST(0x16a4, 1),
64 	ST(0x16c0, 8),
65 	ST(0x16e0, 8),
66 	ST(0x1740, 8),
67 	ST(0x17c0, 8),
68 	ST(0x17e0, 8),
69 	ST(0x2400, 14 * 16),
70 	ST(0x3824, 1),
71 	ST(0x10800, 32 * 16),
72 	ST(0x14600, 16),
73 	ST(0x14800, 8 * 8),
74 #undef ST
75 };
76 
77 #define ETNAVIV_STATES_SIZE (VIV_FE_LOAD_STATE_HEADER_OFFSET__MASK + 1u)
78 static DECLARE_BITMAP(etnaviv_states, ETNAVIV_STATES_SIZE);
79 
etnaviv_validate_init(void)80 void __init etnaviv_validate_init(void)
81 {
82 	unsigned int i;
83 
84 	for (i = 0; i < ARRAY_SIZE(etnaviv_sensitive_states); i++)
85 		bitmap_set(etnaviv_states, etnaviv_sensitive_states[i].offset,
86 			   etnaviv_sensitive_states[i].size);
87 }
88 
etnaviv_warn_if_non_sensitive(struct etna_validation_state * state,unsigned int buf_offset,unsigned int state_addr)89 static void etnaviv_warn_if_non_sensitive(struct etna_validation_state *state,
90 	unsigned int buf_offset, unsigned int state_addr)
91 {
92 	if (state->num_relocs && state->relocs->submit_offset < buf_offset) {
93 		dev_warn_once(state->gpu->dev,
94 			      "%s: relocation for non-sensitive state 0x%x at offset %u\n",
95 			      __func__, state_addr,
96 			      state->relocs->submit_offset);
97 		while (state->num_relocs &&
98 		       state->relocs->submit_offset < buf_offset) {
99 			state->relocs++;
100 			state->num_relocs--;
101 		}
102 	}
103 }
104 
etnaviv_validate_load_state(struct etna_validation_state * state,u32 * ptr,unsigned int state_offset,unsigned int num)105 static bool etnaviv_validate_load_state(struct etna_validation_state *state,
106 	u32 *ptr, unsigned int state_offset, unsigned int num)
107 {
108 	unsigned int size = min(ETNAVIV_STATES_SIZE, state_offset + num);
109 	unsigned int st_offset = state_offset, buf_offset;
110 
111 	for_each_set_bit_from(st_offset, etnaviv_states, size) {
112 		buf_offset = (ptr - state->start +
113 			      st_offset - state_offset) * 4;
114 
115 		etnaviv_warn_if_non_sensitive(state, buf_offset, st_offset * 4);
116 		if (state->num_relocs &&
117 		    state->relocs->submit_offset == buf_offset) {
118 			state->relocs++;
119 			state->num_relocs--;
120 			continue;
121 		}
122 
123 		dev_warn_ratelimited(state->gpu->dev,
124 				     "%s: load state touches restricted state 0x%x at offset %u\n",
125 				     __func__, st_offset * 4, buf_offset);
126 		return false;
127 	}
128 
129 	if (state->num_relocs) {
130 		buf_offset = (ptr - state->start + num) * 4;
131 		etnaviv_warn_if_non_sensitive(state, buf_offset, st_offset * 4 +
132 					      state->relocs->submit_offset -
133 					      buf_offset);
134 	}
135 
136 	return true;
137 }
138 
139 static uint8_t cmd_length[32] = {
140 	[FE_OPCODE_DRAW_PRIMITIVES] = 4,
141 	[FE_OPCODE_DRAW_INDEXED_PRIMITIVES] = 6,
142 	[FE_OPCODE_DRAW_INSTANCED] = 4,
143 	[FE_OPCODE_NOP] = 2,
144 	[FE_OPCODE_STALL] = 2,
145 };
146 
etnaviv_cmd_validate_one(struct etnaviv_gpu * gpu,u32 * stream,unsigned int size,struct drm_etnaviv_gem_submit_reloc * relocs,unsigned int reloc_size)147 bool etnaviv_cmd_validate_one(struct etnaviv_gpu *gpu, u32 *stream,
148 			      unsigned int size,
149 			      struct drm_etnaviv_gem_submit_reloc *relocs,
150 			      unsigned int reloc_size)
151 {
152 	struct etna_validation_state state;
153 	u32 *buf = stream;
154 	u32 *end = buf + size;
155 
156 	state.gpu = gpu;
157 	state.relocs = relocs;
158 	state.num_relocs = reloc_size;
159 	state.start = stream;
160 
161 	while (buf < end) {
162 		u32 cmd = *buf;
163 		unsigned int len, n, off;
164 		unsigned int op = cmd >> 27;
165 
166 		switch (op) {
167 		case FE_OPCODE_LOAD_STATE:
168 			n = EXTRACT(cmd, VIV_FE_LOAD_STATE_HEADER_COUNT);
169 			len = ALIGN(1 + n, 2);
170 			if (buf + len > end)
171 				break;
172 
173 			off = EXTRACT(cmd, VIV_FE_LOAD_STATE_HEADER_OFFSET);
174 			if (!etnaviv_validate_load_state(&state, buf + 1,
175 							 off, n))
176 				return false;
177 			break;
178 
179 		case FE_OPCODE_DRAW_2D:
180 			n = EXTRACT(cmd, VIV_FE_DRAW_2D_HEADER_COUNT);
181 			if (n == 0)
182 				n = 256;
183 			len = 2 + n * 2;
184 			break;
185 
186 		default:
187 			len = cmd_length[op];
188 			if (len == 0) {
189 				dev_err(gpu->dev, "%s: op %u not permitted at offset %tu\n",
190 					__func__, op, buf - state.start);
191 				return false;
192 			}
193 			break;
194 		}
195 
196 		buf += len;
197 	}
198 
199 	if (buf > end) {
200 		dev_err(gpu->dev, "%s: commands overflow end of buffer: %tu > %u\n",
201 			__func__, buf - state.start, size);
202 		return false;
203 	}
204 
205 	return true;
206 }
207