1 // SPDX-License-Identifier: MIT 2 /* 3 * Copyright(c) 2020 Intel Corporation. 4 */ 5 6 #include <linux/component.h> 7 8 #include <drm/i915_pxp_tee_interface.h> 9 #include <drm/i915_component.h> 10 11 #include "gem/i915_gem_lmem.h" 12 13 #include "i915_drv.h" 14 15 #include "intel_pxp.h" 16 #include "intel_pxp_cmd_interface_42.h" 17 #include "intel_pxp_huc.h" 18 #include "intel_pxp_session.h" 19 #include "intel_pxp_tee.h" 20 #include "intel_pxp_types.h" 21 22 static int intel_pxp_tee_io_message(struct intel_pxp *pxp, 23 void *msg_in, u32 msg_in_size, 24 void *msg_out, u32 msg_out_max_size, 25 u32 *msg_out_rcv_size) 26 { 27 struct drm_i915_private *i915 = pxp->ctrl_gt->i915; 28 struct i915_pxp_component *pxp_component = pxp->pxp_component; 29 int ret = 0; 30 31 mutex_lock(&pxp->tee_mutex); 32 33 /* 34 * The binding of the component is asynchronous from i915 probe, so we 35 * can't be sure it has happened. 36 */ 37 if (!pxp_component) { 38 ret = -ENODEV; 39 goto unlock; 40 } 41 42 ret = pxp_component->ops->send(pxp_component->tee_dev, msg_in, msg_in_size); 43 if (ret) { 44 drm_err(&i915->drm, "Failed to send PXP TEE message\n"); 45 goto unlock; 46 } 47 48 ret = pxp_component->ops->recv(pxp_component->tee_dev, msg_out, msg_out_max_size); 49 if (ret < 0) { 50 drm_err(&i915->drm, "Failed to receive PXP TEE message\n"); 51 goto unlock; 52 } 53 54 if (ret > msg_out_max_size) { 55 drm_err(&i915->drm, 56 "Failed to receive PXP TEE message due to unexpected output size\n"); 57 ret = -ENOSPC; 58 goto unlock; 59 } 60 61 if (msg_out_rcv_size) 62 *msg_out_rcv_size = ret; 63 64 ret = 0; 65 unlock: 66 mutex_unlock(&pxp->tee_mutex); 67 return ret; 68 } 69 70 int intel_pxp_tee_stream_message(struct intel_pxp *pxp, 71 u8 client_id, u32 fence_id, 72 void *msg_in, size_t msg_in_len, 73 void *msg_out, size_t msg_out_len) 74 { 75 /* TODO: for bigger objects we need to use a sg of 4k pages */ 76 const size_t max_msg_size = PAGE_SIZE; 77 struct drm_i915_private *i915 = pxp->ctrl_gt->i915; 78 struct i915_pxp_component *pxp_component = pxp->pxp_component; 79 unsigned int offset = 0; 80 struct scatterlist *sg; 81 int ret; 82 83 if (msg_in_len > max_msg_size || msg_out_len > max_msg_size) 84 return -ENOSPC; 85 86 mutex_lock(&pxp->tee_mutex); 87 88 if (unlikely(!pxp_component || !pxp_component->ops->gsc_command)) { 89 ret = -ENODEV; 90 goto unlock; 91 } 92 93 GEM_BUG_ON(!pxp->stream_cmd.obj); 94 95 sg = i915_gem_object_get_sg_dma(pxp->stream_cmd.obj, 0, &offset); 96 97 memcpy(pxp->stream_cmd.vaddr, msg_in, msg_in_len); 98 99 ret = pxp_component->ops->gsc_command(pxp_component->tee_dev, client_id, 100 fence_id, sg, msg_in_len, sg); 101 if (ret < 0) 102 drm_err(&i915->drm, "Failed to send PXP TEE gsc command\n"); 103 else 104 memcpy(msg_out, pxp->stream_cmd.vaddr, msg_out_len); 105 106 unlock: 107 mutex_unlock(&pxp->tee_mutex); 108 return ret; 109 } 110 111 /** 112 * i915_pxp_tee_component_bind - bind function to pass the function pointers to pxp_tee 113 * @i915_kdev: pointer to i915 kernel device 114 * @tee_kdev: pointer to tee kernel device 115 * @data: pointer to pxp_tee_master containing the function pointers 116 * 117 * This bind function is called during the system boot or resume from system sleep. 118 * 119 * Return: return 0 if successful. 120 */ 121 static int i915_pxp_tee_component_bind(struct device *i915_kdev, 122 struct device *tee_kdev, void *data) 123 { 124 struct drm_i915_private *i915 = kdev_to_i915(i915_kdev); 125 struct intel_pxp *pxp = i915->pxp; 126 struct intel_uc *uc = &pxp->ctrl_gt->uc; 127 intel_wakeref_t wakeref; 128 int ret = 0; 129 130 if (!HAS_HECI_PXP(i915)) { 131 pxp->dev_link = device_link_add(i915_kdev, tee_kdev, DL_FLAG_STATELESS); 132 if (drm_WARN_ON(&i915->drm, !pxp->dev_link)) 133 return -ENODEV; 134 } 135 136 mutex_lock(&pxp->tee_mutex); 137 pxp->pxp_component = data; 138 pxp->pxp_component->tee_dev = tee_kdev; 139 mutex_unlock(&pxp->tee_mutex); 140 141 if (intel_uc_uses_huc(uc) && intel_huc_is_loaded_by_gsc(&uc->huc)) { 142 with_intel_runtime_pm(&i915->runtime_pm, wakeref) { 143 /* load huc via pxp */ 144 ret = intel_huc_fw_load_and_auth_via_gsc(&uc->huc); 145 if (ret < 0) 146 drm_err(&i915->drm, "failed to load huc via gsc %d\n", ret); 147 } 148 } 149 150 /* if we are suspended, the HW will be re-initialized on resume */ 151 wakeref = intel_runtime_pm_get_if_in_use(&i915->runtime_pm); 152 if (!wakeref) 153 return 0; 154 155 /* the component is required to fully start the PXP HW */ 156 if (intel_pxp_is_enabled(pxp)) 157 intel_pxp_init_hw(pxp); 158 159 intel_runtime_pm_put(&i915->runtime_pm, wakeref); 160 161 return ret; 162 } 163 164 static void i915_pxp_tee_component_unbind(struct device *i915_kdev, 165 struct device *tee_kdev, void *data) 166 { 167 struct drm_i915_private *i915 = kdev_to_i915(i915_kdev); 168 struct intel_pxp *pxp = i915->pxp; 169 intel_wakeref_t wakeref; 170 171 if (intel_pxp_is_enabled(pxp)) 172 with_intel_runtime_pm_if_in_use(&i915->runtime_pm, wakeref) 173 intel_pxp_fini_hw(pxp); 174 175 mutex_lock(&pxp->tee_mutex); 176 pxp->pxp_component = NULL; 177 mutex_unlock(&pxp->tee_mutex); 178 179 if (pxp->dev_link) { 180 device_link_del(pxp->dev_link); 181 pxp->dev_link = NULL; 182 } 183 } 184 185 static const struct component_ops i915_pxp_tee_component_ops = { 186 .bind = i915_pxp_tee_component_bind, 187 .unbind = i915_pxp_tee_component_unbind, 188 }; 189 190 static int alloc_streaming_command(struct intel_pxp *pxp) 191 { 192 struct drm_i915_private *i915 = pxp->ctrl_gt->i915; 193 struct drm_i915_gem_object *obj = NULL; 194 void *cmd; 195 int err; 196 197 pxp->stream_cmd.obj = NULL; 198 pxp->stream_cmd.vaddr = NULL; 199 200 if (!IS_DGFX(i915)) 201 return 0; 202 203 /* allocate lmem object of one page for PXP command memory and store it */ 204 obj = i915_gem_object_create_lmem(i915, PAGE_SIZE, I915_BO_ALLOC_CONTIGUOUS); 205 if (IS_ERR(obj)) { 206 drm_err(&i915->drm, "Failed to allocate pxp streaming command!\n"); 207 return PTR_ERR(obj); 208 } 209 210 err = i915_gem_object_pin_pages_unlocked(obj); 211 if (err) { 212 drm_err(&i915->drm, "Failed to pin gsc message page!\n"); 213 goto out_put; 214 } 215 216 /* map the lmem into the virtual memory pointer */ 217 cmd = i915_gem_object_pin_map_unlocked(obj, i915_coherent_map_type(i915, obj, true)); 218 if (IS_ERR(cmd)) { 219 drm_err(&i915->drm, "Failed to map gsc message page!\n"); 220 err = PTR_ERR(cmd); 221 goto out_unpin; 222 } 223 224 memset(cmd, 0, obj->base.size); 225 226 pxp->stream_cmd.obj = obj; 227 pxp->stream_cmd.vaddr = cmd; 228 229 return 0; 230 231 out_unpin: 232 i915_gem_object_unpin_pages(obj); 233 out_put: 234 i915_gem_object_put(obj); 235 return err; 236 } 237 238 static void free_streaming_command(struct intel_pxp *pxp) 239 { 240 struct drm_i915_gem_object *obj = fetch_and_zero(&pxp->stream_cmd.obj); 241 242 if (!obj) 243 return; 244 245 i915_gem_object_unpin_map(obj); 246 i915_gem_object_unpin_pages(obj); 247 i915_gem_object_put(obj); 248 } 249 250 int intel_pxp_tee_component_init(struct intel_pxp *pxp) 251 { 252 int ret; 253 struct intel_gt *gt = pxp->ctrl_gt; 254 struct drm_i915_private *i915 = gt->i915; 255 256 mutex_init(&pxp->tee_mutex); 257 258 ret = alloc_streaming_command(pxp); 259 if (ret) 260 return ret; 261 262 ret = component_add_typed(i915->drm.dev, &i915_pxp_tee_component_ops, 263 I915_COMPONENT_PXP); 264 if (ret < 0) { 265 drm_err(&i915->drm, "Failed to add PXP component (%d)\n", ret); 266 goto out_free; 267 } 268 269 pxp->pxp_component_added = true; 270 271 return 0; 272 273 out_free: 274 free_streaming_command(pxp); 275 return ret; 276 } 277 278 void intel_pxp_tee_component_fini(struct intel_pxp *pxp) 279 { 280 struct drm_i915_private *i915 = pxp->ctrl_gt->i915; 281 282 if (!pxp->pxp_component_added) 283 return; 284 285 component_del(i915->drm.dev, &i915_pxp_tee_component_ops); 286 pxp->pxp_component_added = false; 287 288 free_streaming_command(pxp); 289 } 290 291 int intel_pxp_tee_cmd_create_arb_session(struct intel_pxp *pxp, 292 int arb_session_id) 293 { 294 struct drm_i915_private *i915 = pxp->ctrl_gt->i915; 295 struct pxp42_create_arb_in msg_in = {0}; 296 struct pxp42_create_arb_out msg_out = {0}; 297 int ret; 298 299 msg_in.header.api_version = PXP_APIVER(4, 2); 300 msg_in.header.command_id = PXP42_CMDID_INIT_SESSION; 301 msg_in.header.buffer_len = sizeof(msg_in) - sizeof(msg_in.header); 302 msg_in.protection_mode = PXP42_ARB_SESSION_MODE_HEAVY; 303 msg_in.session_id = arb_session_id; 304 305 ret = intel_pxp_tee_io_message(pxp, 306 &msg_in, sizeof(msg_in), 307 &msg_out, sizeof(msg_out), 308 NULL); 309 310 if (ret) 311 drm_err(&i915->drm, "Failed to send tee msg ret=[%d]\n", ret); 312 else if (msg_out.header.status == PXP_STATUS_ERROR_API_VERSION) 313 drm_dbg(&i915->drm, "PXP firmware version unsupported, requested: " 314 "CMD-ID-[0x%08x] on API-Ver-[0x%08x]\n", 315 msg_in.header.command_id, msg_in.header.api_version); 316 else if (msg_out.header.status != 0x0) 317 drm_warn(&i915->drm, "PXP firmware failed arb session init request ret=[0x%08x]\n", 318 msg_out.header.status); 319 320 return ret; 321 } 322 323 void intel_pxp_tee_end_arb_fw_session(struct intel_pxp *pxp, u32 session_id) 324 { 325 struct drm_i915_private *i915 = pxp->ctrl_gt->i915; 326 struct pxp42_inv_stream_key_in msg_in = {0}; 327 struct pxp42_inv_stream_key_out msg_out = {0}; 328 int ret, trials = 0; 329 330 try_again: 331 memset(&msg_in, 0, sizeof(msg_in)); 332 memset(&msg_out, 0, sizeof(msg_out)); 333 msg_in.header.api_version = PXP_APIVER(4, 2); 334 msg_in.header.command_id = PXP42_CMDID_INVALIDATE_STREAM_KEY; 335 msg_in.header.buffer_len = sizeof(msg_in) - sizeof(msg_in.header); 336 337 msg_in.header.stream_id = FIELD_PREP(PXP_CMDHDR_EXTDATA_SESSION_VALID, 1); 338 msg_in.header.stream_id |= FIELD_PREP(PXP_CMDHDR_EXTDATA_APP_TYPE, 0); 339 msg_in.header.stream_id |= FIELD_PREP(PXP_CMDHDR_EXTDATA_SESSION_ID, session_id); 340 341 ret = intel_pxp_tee_io_message(pxp, 342 &msg_in, sizeof(msg_in), 343 &msg_out, sizeof(msg_out), 344 NULL); 345 346 /* Cleanup coherency between GT and Firmware is critical, so try again if it fails */ 347 if ((ret || msg_out.header.status != 0x0) && ++trials < 3) 348 goto try_again; 349 350 if (ret) 351 drm_err(&i915->drm, "Failed to send tee msg for inv-stream-key-%d, ret=[%d]\n", 352 session_id, ret); 353 else if (msg_out.header.status != 0x0) 354 drm_warn(&i915->drm, "PXP firmware failed inv-stream-key-%d with status 0x%08x\n", 355 session_id, msg_out.header.status); 356 } 357