1 // SPDX-License-Identifier: MIT
2 /*
3  * Copyright(c) 2020 Intel Corporation.
4  */
5 
6 #include <linux/component.h>
7 
8 #include <drm/i915_pxp_tee_interface.h>
9 #include <drm/i915_component.h>
10 
11 #include "gem/i915_gem_lmem.h"
12 
13 #include "i915_drv.h"
14 
15 #include "intel_pxp.h"
16 #include "intel_pxp_cmd_interface_42.h"
17 #include "intel_pxp_huc.h"
18 #include "intel_pxp_session.h"
19 #include "intel_pxp_tee.h"
20 #include "intel_pxp_types.h"
21 
22 static bool
23 is_fw_err_platform_config(u32 type)
24 {
25 	switch (type) {
26 	case PXP_STATUS_ERROR_API_VERSION:
27 	case PXP_STATUS_PLATFCONFIG_KF1_NOVERIF:
28 	case PXP_STATUS_PLATFCONFIG_KF1_BAD:
29 		return true;
30 	default:
31 		break;
32 	}
33 	return false;
34 }
35 
36 static const char *
37 fw_err_to_string(u32 type)
38 {
39 	switch (type) {
40 	case PXP_STATUS_ERROR_API_VERSION:
41 		return "ERR_API_VERSION";
42 	case PXP_STATUS_NOT_READY:
43 		return "ERR_NOT_READY";
44 	case PXP_STATUS_PLATFCONFIG_KF1_NOVERIF:
45 	case PXP_STATUS_PLATFCONFIG_KF1_BAD:
46 		return "ERR_PLATFORM_CONFIG";
47 	default:
48 		break;
49 	}
50 	return NULL;
51 }
52 
53 static int intel_pxp_tee_io_message(struct intel_pxp *pxp,
54 				    void *msg_in, u32 msg_in_size,
55 				    void *msg_out, u32 msg_out_max_size,
56 				    u32 *msg_out_rcv_size)
57 {
58 	struct drm_i915_private *i915 = pxp->ctrl_gt->i915;
59 	struct i915_pxp_component *pxp_component = pxp->pxp_component;
60 	int ret = 0;
61 
62 	mutex_lock(&pxp->tee_mutex);
63 
64 	/*
65 	 * The binding of the component is asynchronous from i915 probe, so we
66 	 * can't be sure it has happened.
67 	 */
68 	if (!pxp_component) {
69 		ret = -ENODEV;
70 		goto unlock;
71 	}
72 
73 	ret = pxp_component->ops->send(pxp_component->tee_dev, msg_in, msg_in_size);
74 	if (ret) {
75 		drm_err(&i915->drm, "Failed to send PXP TEE message\n");
76 		goto unlock;
77 	}
78 
79 	ret = pxp_component->ops->recv(pxp_component->tee_dev, msg_out, msg_out_max_size);
80 	if (ret < 0) {
81 		drm_err(&i915->drm, "Failed to receive PXP TEE message\n");
82 		goto unlock;
83 	}
84 
85 	if (ret > msg_out_max_size) {
86 		drm_err(&i915->drm,
87 			"Failed to receive PXP TEE message due to unexpected output size\n");
88 		ret = -ENOSPC;
89 		goto unlock;
90 	}
91 
92 	if (msg_out_rcv_size)
93 		*msg_out_rcv_size = ret;
94 
95 	ret = 0;
96 unlock:
97 	mutex_unlock(&pxp->tee_mutex);
98 	return ret;
99 }
100 
101 int intel_pxp_tee_stream_message(struct intel_pxp *pxp,
102 				 u8 client_id, u32 fence_id,
103 				 void *msg_in, size_t msg_in_len,
104 				 void *msg_out, size_t msg_out_len)
105 {
106 	/* TODO: for bigger objects we need to use a sg of 4k pages */
107 	const size_t max_msg_size = PAGE_SIZE;
108 	struct drm_i915_private *i915 = pxp->ctrl_gt->i915;
109 	struct i915_pxp_component *pxp_component = pxp->pxp_component;
110 	unsigned int offset = 0;
111 	struct scatterlist *sg;
112 	int ret;
113 
114 	if (msg_in_len > max_msg_size || msg_out_len > max_msg_size)
115 		return -ENOSPC;
116 
117 	mutex_lock(&pxp->tee_mutex);
118 
119 	if (unlikely(!pxp_component || !pxp_component->ops->gsc_command)) {
120 		ret = -ENODEV;
121 		goto unlock;
122 	}
123 
124 	GEM_BUG_ON(!pxp->stream_cmd.obj);
125 
126 	sg = i915_gem_object_get_sg_dma(pxp->stream_cmd.obj, 0, &offset);
127 
128 	memcpy(pxp->stream_cmd.vaddr, msg_in, msg_in_len);
129 
130 	ret = pxp_component->ops->gsc_command(pxp_component->tee_dev, client_id,
131 					      fence_id, sg, msg_in_len, sg);
132 	if (ret < 0)
133 		drm_err(&i915->drm, "Failed to send PXP TEE gsc command\n");
134 	else
135 		memcpy(msg_out, pxp->stream_cmd.vaddr, msg_out_len);
136 
137 unlock:
138 	mutex_unlock(&pxp->tee_mutex);
139 	return ret;
140 }
141 
142 /**
143  * i915_pxp_tee_component_bind - bind function to pass the function pointers to pxp_tee
144  * @i915_kdev: pointer to i915 kernel device
145  * @tee_kdev: pointer to tee kernel device
146  * @data: pointer to pxp_tee_master containing the function pointers
147  *
148  * This bind function is called during the system boot or resume from system sleep.
149  *
150  * Return: return 0 if successful.
151  */
152 static int i915_pxp_tee_component_bind(struct device *i915_kdev,
153 				       struct device *tee_kdev, void *data)
154 {
155 	struct drm_i915_private *i915 = kdev_to_i915(i915_kdev);
156 	struct intel_pxp *pxp = i915->pxp;
157 	struct intel_uc *uc = &pxp->ctrl_gt->uc;
158 	intel_wakeref_t wakeref;
159 	int ret = 0;
160 
161 	if (!HAS_HECI_PXP(i915)) {
162 		pxp->dev_link = device_link_add(i915_kdev, tee_kdev, DL_FLAG_STATELESS);
163 		if (drm_WARN_ON(&i915->drm, !pxp->dev_link))
164 			return -ENODEV;
165 	}
166 
167 	mutex_lock(&pxp->tee_mutex);
168 	pxp->pxp_component = data;
169 	pxp->pxp_component->tee_dev = tee_kdev;
170 	mutex_unlock(&pxp->tee_mutex);
171 
172 	if (intel_uc_uses_huc(uc) && intel_huc_is_loaded_by_gsc(&uc->huc)) {
173 		with_intel_runtime_pm(&i915->runtime_pm, wakeref) {
174 			/* load huc via pxp */
175 			ret = intel_huc_fw_load_and_auth_via_gsc(&uc->huc);
176 			if (ret < 0)
177 				drm_err(&i915->drm, "failed to load huc via gsc %d\n", ret);
178 		}
179 	}
180 
181 	/* if we are suspended, the HW will be re-initialized on resume */
182 	wakeref = intel_runtime_pm_get_if_in_use(&i915->runtime_pm);
183 	if (!wakeref)
184 		return 0;
185 
186 	/* the component is required to fully start the PXP HW */
187 	if (intel_pxp_is_enabled(pxp))
188 		intel_pxp_init_hw(pxp);
189 
190 	intel_runtime_pm_put(&i915->runtime_pm, wakeref);
191 
192 	return ret;
193 }
194 
195 static void i915_pxp_tee_component_unbind(struct device *i915_kdev,
196 					  struct device *tee_kdev, void *data)
197 {
198 	struct drm_i915_private *i915 = kdev_to_i915(i915_kdev);
199 	struct intel_pxp *pxp = i915->pxp;
200 	intel_wakeref_t wakeref;
201 
202 	if (intel_pxp_is_enabled(pxp))
203 		with_intel_runtime_pm_if_in_use(&i915->runtime_pm, wakeref)
204 			intel_pxp_fini_hw(pxp);
205 
206 	mutex_lock(&pxp->tee_mutex);
207 	pxp->pxp_component = NULL;
208 	mutex_unlock(&pxp->tee_mutex);
209 
210 	if (pxp->dev_link) {
211 		device_link_del(pxp->dev_link);
212 		pxp->dev_link = NULL;
213 	}
214 }
215 
216 static const struct component_ops i915_pxp_tee_component_ops = {
217 	.bind   = i915_pxp_tee_component_bind,
218 	.unbind = i915_pxp_tee_component_unbind,
219 };
220 
221 static int alloc_streaming_command(struct intel_pxp *pxp)
222 {
223 	struct drm_i915_private *i915 = pxp->ctrl_gt->i915;
224 	struct drm_i915_gem_object *obj = NULL;
225 	void *cmd;
226 	int err;
227 
228 	pxp->stream_cmd.obj = NULL;
229 	pxp->stream_cmd.vaddr = NULL;
230 
231 	if (!IS_DGFX(i915))
232 		return 0;
233 
234 	/* allocate lmem object of one page for PXP command memory and store it */
235 	obj = i915_gem_object_create_lmem(i915, PAGE_SIZE, I915_BO_ALLOC_CONTIGUOUS);
236 	if (IS_ERR(obj)) {
237 		drm_err(&i915->drm, "Failed to allocate pxp streaming command!\n");
238 		return PTR_ERR(obj);
239 	}
240 
241 	err = i915_gem_object_pin_pages_unlocked(obj);
242 	if (err) {
243 		drm_err(&i915->drm, "Failed to pin gsc message page!\n");
244 		goto out_put;
245 	}
246 
247 	/* map the lmem into the virtual memory pointer */
248 	cmd = i915_gem_object_pin_map_unlocked(obj, i915_coherent_map_type(i915, obj, true));
249 	if (IS_ERR(cmd)) {
250 		drm_err(&i915->drm, "Failed to map gsc message page!\n");
251 		err = PTR_ERR(cmd);
252 		goto out_unpin;
253 	}
254 
255 	memset(cmd, 0, obj->base.size);
256 
257 	pxp->stream_cmd.obj = obj;
258 	pxp->stream_cmd.vaddr = cmd;
259 
260 	return 0;
261 
262 out_unpin:
263 	i915_gem_object_unpin_pages(obj);
264 out_put:
265 	i915_gem_object_put(obj);
266 	return err;
267 }
268 
269 static void free_streaming_command(struct intel_pxp *pxp)
270 {
271 	struct drm_i915_gem_object *obj = fetch_and_zero(&pxp->stream_cmd.obj);
272 
273 	if (!obj)
274 		return;
275 
276 	i915_gem_object_unpin_map(obj);
277 	i915_gem_object_unpin_pages(obj);
278 	i915_gem_object_put(obj);
279 }
280 
281 int intel_pxp_tee_component_init(struct intel_pxp *pxp)
282 {
283 	int ret;
284 	struct intel_gt *gt = pxp->ctrl_gt;
285 	struct drm_i915_private *i915 = gt->i915;
286 
287 	ret = alloc_streaming_command(pxp);
288 	if (ret)
289 		return ret;
290 
291 	ret = component_add_typed(i915->drm.dev, &i915_pxp_tee_component_ops,
292 				  I915_COMPONENT_PXP);
293 	if (ret < 0) {
294 		drm_err(&i915->drm, "Failed to add PXP component (%d)\n", ret);
295 		goto out_free;
296 	}
297 
298 	pxp->pxp_component_added = true;
299 
300 	return 0;
301 
302 out_free:
303 	free_streaming_command(pxp);
304 	return ret;
305 }
306 
307 void intel_pxp_tee_component_fini(struct intel_pxp *pxp)
308 {
309 	struct drm_i915_private *i915 = pxp->ctrl_gt->i915;
310 
311 	if (!pxp->pxp_component_added)
312 		return;
313 
314 	component_del(i915->drm.dev, &i915_pxp_tee_component_ops);
315 	pxp->pxp_component_added = false;
316 
317 	free_streaming_command(pxp);
318 }
319 
320 int intel_pxp_tee_cmd_create_arb_session(struct intel_pxp *pxp,
321 					 int arb_session_id)
322 {
323 	struct drm_i915_private *i915 = pxp->ctrl_gt->i915;
324 	struct pxp42_create_arb_in msg_in = {0};
325 	struct pxp42_create_arb_out msg_out = {0};
326 	int ret;
327 
328 	msg_in.header.api_version = PXP_APIVER(4, 2);
329 	msg_in.header.command_id = PXP42_CMDID_INIT_SESSION;
330 	msg_in.header.buffer_len = sizeof(msg_in) - sizeof(msg_in.header);
331 	msg_in.protection_mode = PXP42_ARB_SESSION_MODE_HEAVY;
332 	msg_in.session_id = arb_session_id;
333 
334 	ret = intel_pxp_tee_io_message(pxp,
335 				       &msg_in, sizeof(msg_in),
336 				       &msg_out, sizeof(msg_out),
337 				       NULL);
338 
339 	if (ret) {
340 		drm_err(&i915->drm, "Failed to send tee msg init arb session, ret=[%d]\n", ret);
341 	} else if (msg_out.header.status != 0) {
342 		if (is_fw_err_platform_config(msg_out.header.status)) {
343 			drm_info_once(&i915->drm,
344 				      "PXP init-arb-session-%d failed due to BIOS/SOC:0x%08x:%s\n",
345 				      arb_session_id, msg_out.header.status,
346 				      fw_err_to_string(msg_out.header.status));
347 		} else {
348 			drm_dbg(&i915->drm, "PXP init-arb-session--%d failed 0x%08x:%st:\n",
349 				arb_session_id, msg_out.header.status,
350 				fw_err_to_string(msg_out.header.status));
351 			drm_dbg(&i915->drm, "     cmd-detail: ID=[0x%08x],API-Ver-[0x%08x]\n",
352 				msg_in.header.command_id, msg_in.header.api_version);
353 		}
354 	}
355 
356 	return ret;
357 }
358 
359 void intel_pxp_tee_end_arb_fw_session(struct intel_pxp *pxp, u32 session_id)
360 {
361 	struct drm_i915_private *i915 = pxp->ctrl_gt->i915;
362 	struct pxp42_inv_stream_key_in msg_in = {0};
363 	struct pxp42_inv_stream_key_out msg_out = {0};
364 	int ret, trials = 0;
365 
366 try_again:
367 	memset(&msg_in, 0, sizeof(msg_in));
368 	memset(&msg_out, 0, sizeof(msg_out));
369 	msg_in.header.api_version = PXP_APIVER(4, 2);
370 	msg_in.header.command_id = PXP42_CMDID_INVALIDATE_STREAM_KEY;
371 	msg_in.header.buffer_len = sizeof(msg_in) - sizeof(msg_in.header);
372 
373 	msg_in.header.stream_id = FIELD_PREP(PXP_CMDHDR_EXTDATA_SESSION_VALID, 1);
374 	msg_in.header.stream_id |= FIELD_PREP(PXP_CMDHDR_EXTDATA_APP_TYPE, 0);
375 	msg_in.header.stream_id |= FIELD_PREP(PXP_CMDHDR_EXTDATA_SESSION_ID, session_id);
376 
377 	ret = intel_pxp_tee_io_message(pxp,
378 				       &msg_in, sizeof(msg_in),
379 				       &msg_out, sizeof(msg_out),
380 				       NULL);
381 
382 	/* Cleanup coherency between GT and Firmware is critical, so try again if it fails */
383 	if ((ret || msg_out.header.status != 0x0) && ++trials < 3)
384 		goto try_again;
385 
386 	if (ret) {
387 		drm_err(&i915->drm, "Failed to send tee msg for inv-stream-key-%u, ret=[%d]\n",
388 			session_id, ret);
389 	} else if (msg_out.header.status != 0) {
390 		if (is_fw_err_platform_config(msg_out.header.status)) {
391 			drm_info_once(&i915->drm,
392 				      "PXP inv-stream-key-%u failed due to BIOS/SOC :0x%08x:%s\n",
393 				      session_id, msg_out.header.status,
394 				      fw_err_to_string(msg_out.header.status));
395 		} else {
396 			drm_dbg(&i915->drm, "PXP inv-stream-key-%u failed 0x%08x:%s:\n",
397 				session_id, msg_out.header.status,
398 				fw_err_to_string(msg_out.header.status));
399 			drm_dbg(&i915->drm, "     cmd-detail: ID=[0x%08x],API-Ver-[0x%08x]\n",
400 				msg_in.header.command_id, msg_in.header.api_version);
401 		}
402 	}
403 }
404