1 // SPDX-License-Identifier: MIT
2 /*
3 * Copyright(c) 2020 Intel Corporation.
4 */
5
6 #include <linux/component.h>
7
8 #include <drm/i915_pxp_tee_interface.h>
9 #include <drm/i915_component.h>
10
11 #include "gem/i915_gem_lmem.h"
12
13 #include "i915_drv.h"
14 #include "gt/intel_gt.h"
15
16 #include "intel_pxp.h"
17 #include "intel_pxp_cmd_interface_42.h"
18 #include "intel_pxp_huc.h"
19 #include "intel_pxp_session.h"
20 #include "intel_pxp_tee.h"
21 #include "intel_pxp_types.h"
22
23 static bool
is_fw_err_platform_config(u32 type)24 is_fw_err_platform_config(u32 type)
25 {
26 switch (type) {
27 case PXP_STATUS_ERROR_API_VERSION:
28 case PXP_STATUS_PLATFCONFIG_KF1_NOVERIF:
29 case PXP_STATUS_PLATFCONFIG_KF1_BAD:
30 return true;
31 default:
32 break;
33 }
34 return false;
35 }
36
37 static const char *
fw_err_to_string(u32 type)38 fw_err_to_string(u32 type)
39 {
40 switch (type) {
41 case PXP_STATUS_ERROR_API_VERSION:
42 return "ERR_API_VERSION";
43 case PXP_STATUS_NOT_READY:
44 return "ERR_NOT_READY";
45 case PXP_STATUS_PLATFCONFIG_KF1_NOVERIF:
46 case PXP_STATUS_PLATFCONFIG_KF1_BAD:
47 return "ERR_PLATFORM_CONFIG";
48 default:
49 break;
50 }
51 return NULL;
52 }
53
intel_pxp_tee_io_message(struct intel_pxp * pxp,void * msg_in,u32 msg_in_size,void * msg_out,u32 msg_out_max_size,u32 * msg_out_rcv_size)54 static int intel_pxp_tee_io_message(struct intel_pxp *pxp,
55 void *msg_in, u32 msg_in_size,
56 void *msg_out, u32 msg_out_max_size,
57 u32 *msg_out_rcv_size)
58 {
59 struct drm_i915_private *i915 = pxp->ctrl_gt->i915;
60 struct i915_pxp_component *pxp_component = pxp->pxp_component;
61 int ret = 0;
62
63 mutex_lock(&pxp->tee_mutex);
64
65 /*
66 * The binding of the component is asynchronous from i915 probe, so we
67 * can't be sure it has happened.
68 */
69 if (!pxp_component) {
70 ret = -ENODEV;
71 goto unlock;
72 }
73
74 ret = pxp_component->ops->send(pxp_component->tee_dev, msg_in, msg_in_size);
75 if (ret) {
76 drm_err(&i915->drm, "Failed to send PXP TEE message\n");
77 goto unlock;
78 }
79
80 ret = pxp_component->ops->recv(pxp_component->tee_dev, msg_out, msg_out_max_size);
81 if (ret < 0) {
82 drm_err(&i915->drm, "Failed to receive PXP TEE message\n");
83 goto unlock;
84 }
85
86 if (ret > msg_out_max_size) {
87 drm_err(&i915->drm,
88 "Failed to receive PXP TEE message due to unexpected output size\n");
89 ret = -ENOSPC;
90 goto unlock;
91 }
92
93 if (msg_out_rcv_size)
94 *msg_out_rcv_size = ret;
95
96 ret = 0;
97 unlock:
98 mutex_unlock(&pxp->tee_mutex);
99 return ret;
100 }
101
intel_pxp_tee_stream_message(struct intel_pxp * pxp,u8 client_id,u32 fence_id,void * msg_in,size_t msg_in_len,void * msg_out,size_t msg_out_len)102 int intel_pxp_tee_stream_message(struct intel_pxp *pxp,
103 u8 client_id, u32 fence_id,
104 void *msg_in, size_t msg_in_len,
105 void *msg_out, size_t msg_out_len)
106 {
107 /* TODO: for bigger objects we need to use a sg of 4k pages */
108 const size_t max_msg_size = PAGE_SIZE;
109 struct drm_i915_private *i915 = pxp->ctrl_gt->i915;
110 struct i915_pxp_component *pxp_component = pxp->pxp_component;
111 unsigned int offset = 0;
112 struct scatterlist *sg;
113 int ret;
114
115 if (msg_in_len > max_msg_size || msg_out_len > max_msg_size)
116 return -ENOSPC;
117
118 mutex_lock(&pxp->tee_mutex);
119
120 if (unlikely(!pxp_component || !pxp_component->ops->gsc_command)) {
121 ret = -ENODEV;
122 goto unlock;
123 }
124
125 GEM_BUG_ON(!pxp->stream_cmd.obj);
126
127 sg = i915_gem_object_get_sg_dma(pxp->stream_cmd.obj, 0, &offset);
128
129 memcpy(pxp->stream_cmd.vaddr, msg_in, msg_in_len);
130
131 ret = pxp_component->ops->gsc_command(pxp_component->tee_dev, client_id,
132 fence_id, sg, msg_in_len, sg);
133 if (ret < 0)
134 drm_err(&i915->drm, "Failed to send PXP TEE gsc command\n");
135 else
136 memcpy(msg_out, pxp->stream_cmd.vaddr, msg_out_len);
137
138 unlock:
139 mutex_unlock(&pxp->tee_mutex);
140 return ret;
141 }
142
143 /**
144 * i915_pxp_tee_component_bind - bind function to pass the function pointers to pxp_tee
145 * @i915_kdev: pointer to i915 kernel device
146 * @tee_kdev: pointer to tee kernel device
147 * @data: pointer to pxp_tee_master containing the function pointers
148 *
149 * This bind function is called during the system boot or resume from system sleep.
150 *
151 * Return: return 0 if successful.
152 */
i915_pxp_tee_component_bind(struct device * i915_kdev,struct device * tee_kdev,void * data)153 static int i915_pxp_tee_component_bind(struct device *i915_kdev,
154 struct device *tee_kdev, void *data)
155 {
156 struct drm_i915_private *i915 = kdev_to_i915(i915_kdev);
157 struct intel_pxp *pxp = i915->pxp;
158 struct intel_uc *uc = &pxp->ctrl_gt->uc;
159 intel_wakeref_t wakeref;
160 int ret = 0;
161
162 if (!HAS_HECI_PXP(i915)) {
163 pxp->dev_link = device_link_add(i915_kdev, tee_kdev, DL_FLAG_STATELESS);
164 if (drm_WARN_ON(&i915->drm, !pxp->dev_link))
165 return -ENODEV;
166 }
167
168 mutex_lock(&pxp->tee_mutex);
169 pxp->pxp_component = data;
170 pxp->pxp_component->tee_dev = tee_kdev;
171 mutex_unlock(&pxp->tee_mutex);
172
173 if (intel_uc_uses_huc(uc) && intel_huc_is_loaded_by_gsc(&uc->huc)) {
174 with_intel_runtime_pm(&i915->runtime_pm, wakeref) {
175 /* load huc via pxp */
176 ret = intel_huc_fw_load_and_auth_via_gsc(&uc->huc);
177 if (ret < 0)
178 drm_err(&i915->drm, "failed to load huc via gsc %d\n", ret);
179 }
180 }
181
182 /* if we are suspended, the HW will be re-initialized on resume */
183 wakeref = intel_runtime_pm_get_if_in_use(&i915->runtime_pm);
184 if (!wakeref)
185 return 0;
186
187 /* the component is required to fully start the PXP HW */
188 if (intel_pxp_is_enabled(pxp))
189 intel_pxp_init_hw(pxp);
190
191 intel_runtime_pm_put(&i915->runtime_pm, wakeref);
192
193 return ret;
194 }
195
i915_pxp_tee_component_unbind(struct device * i915_kdev,struct device * tee_kdev,void * data)196 static void i915_pxp_tee_component_unbind(struct device *i915_kdev,
197 struct device *tee_kdev, void *data)
198 {
199 struct drm_i915_private *i915 = kdev_to_i915(i915_kdev);
200 struct intel_pxp *pxp = i915->pxp;
201 intel_wakeref_t wakeref;
202
203 if (intel_pxp_is_enabled(pxp))
204 with_intel_runtime_pm_if_in_use(&i915->runtime_pm, wakeref)
205 intel_pxp_fini_hw(pxp);
206
207 mutex_lock(&pxp->tee_mutex);
208 pxp->pxp_component = NULL;
209 mutex_unlock(&pxp->tee_mutex);
210
211 if (pxp->dev_link) {
212 device_link_del(pxp->dev_link);
213 pxp->dev_link = NULL;
214 }
215 }
216
217 static const struct component_ops i915_pxp_tee_component_ops = {
218 .bind = i915_pxp_tee_component_bind,
219 .unbind = i915_pxp_tee_component_unbind,
220 };
221
alloc_streaming_command(struct intel_pxp * pxp)222 static int alloc_streaming_command(struct intel_pxp *pxp)
223 {
224 struct drm_i915_private *i915 = pxp->ctrl_gt->i915;
225 struct drm_i915_gem_object *obj = NULL;
226 void *cmd;
227 int err;
228
229 pxp->stream_cmd.obj = NULL;
230 pxp->stream_cmd.vaddr = NULL;
231
232 if (!IS_DGFX(i915))
233 return 0;
234
235 /* allocate lmem object of one page for PXP command memory and store it */
236 obj = i915_gem_object_create_lmem(i915, PAGE_SIZE, I915_BO_ALLOC_CONTIGUOUS);
237 if (IS_ERR(obj)) {
238 drm_err(&i915->drm, "Failed to allocate pxp streaming command!\n");
239 return PTR_ERR(obj);
240 }
241
242 err = i915_gem_object_pin_pages_unlocked(obj);
243 if (err) {
244 drm_err(&i915->drm, "Failed to pin gsc message page!\n");
245 goto out_put;
246 }
247
248 /* map the lmem into the virtual memory pointer */
249 cmd = i915_gem_object_pin_map_unlocked(obj,
250 intel_gt_coherent_map_type(pxp->ctrl_gt,
251 obj, true));
252 if (IS_ERR(cmd)) {
253 drm_err(&i915->drm, "Failed to map gsc message page!\n");
254 err = PTR_ERR(cmd);
255 goto out_unpin;
256 }
257
258 memset(cmd, 0, obj->base.size);
259
260 pxp->stream_cmd.obj = obj;
261 pxp->stream_cmd.vaddr = cmd;
262
263 return 0;
264
265 out_unpin:
266 i915_gem_object_unpin_pages(obj);
267 out_put:
268 i915_gem_object_put(obj);
269 return err;
270 }
271
free_streaming_command(struct intel_pxp * pxp)272 static void free_streaming_command(struct intel_pxp *pxp)
273 {
274 struct drm_i915_gem_object *obj = fetch_and_zero(&pxp->stream_cmd.obj);
275
276 if (!obj)
277 return;
278
279 i915_gem_object_unpin_map(obj);
280 i915_gem_object_unpin_pages(obj);
281 i915_gem_object_put(obj);
282 }
283
intel_pxp_tee_component_init(struct intel_pxp * pxp)284 int intel_pxp_tee_component_init(struct intel_pxp *pxp)
285 {
286 int ret;
287 struct intel_gt *gt = pxp->ctrl_gt;
288 struct drm_i915_private *i915 = gt->i915;
289
290 ret = alloc_streaming_command(pxp);
291 if (ret)
292 return ret;
293
294 ret = component_add_typed(i915->drm.dev, &i915_pxp_tee_component_ops,
295 I915_COMPONENT_PXP);
296 if (ret < 0) {
297 drm_err(&i915->drm, "Failed to add PXP component (%d)\n", ret);
298 goto out_free;
299 }
300
301 pxp->pxp_component_added = true;
302
303 return 0;
304
305 out_free:
306 free_streaming_command(pxp);
307 return ret;
308 }
309
intel_pxp_tee_component_fini(struct intel_pxp * pxp)310 void intel_pxp_tee_component_fini(struct intel_pxp *pxp)
311 {
312 struct drm_i915_private *i915 = pxp->ctrl_gt->i915;
313
314 if (!pxp->pxp_component_added)
315 return;
316
317 component_del(i915->drm.dev, &i915_pxp_tee_component_ops);
318 pxp->pxp_component_added = false;
319
320 free_streaming_command(pxp);
321 }
322
intel_pxp_tee_cmd_create_arb_session(struct intel_pxp * pxp,int arb_session_id)323 int intel_pxp_tee_cmd_create_arb_session(struct intel_pxp *pxp,
324 int arb_session_id)
325 {
326 struct drm_i915_private *i915 = pxp->ctrl_gt->i915;
327 struct pxp42_create_arb_in msg_in = {0};
328 struct pxp42_create_arb_out msg_out = {0};
329 int ret;
330
331 msg_in.header.api_version = PXP_APIVER(4, 2);
332 msg_in.header.command_id = PXP42_CMDID_INIT_SESSION;
333 msg_in.header.buffer_len = sizeof(msg_in) - sizeof(msg_in.header);
334 msg_in.protection_mode = PXP42_ARB_SESSION_MODE_HEAVY;
335 msg_in.session_id = arb_session_id;
336
337 ret = intel_pxp_tee_io_message(pxp,
338 &msg_in, sizeof(msg_in),
339 &msg_out, sizeof(msg_out),
340 NULL);
341
342 if (ret) {
343 drm_err(&i915->drm, "Failed to send tee msg init arb session, ret=[%d]\n", ret);
344 } else if (msg_out.header.status != 0) {
345 if (is_fw_err_platform_config(msg_out.header.status)) {
346 drm_info_once(&i915->drm,
347 "PXP init-arb-session-%d failed due to BIOS/SOC:0x%08x:%s\n",
348 arb_session_id, msg_out.header.status,
349 fw_err_to_string(msg_out.header.status));
350 } else {
351 drm_dbg(&i915->drm, "PXP init-arb-session--%d failed 0x%08x:%st:\n",
352 arb_session_id, msg_out.header.status,
353 fw_err_to_string(msg_out.header.status));
354 drm_dbg(&i915->drm, " cmd-detail: ID=[0x%08x],API-Ver-[0x%08x]\n",
355 msg_in.header.command_id, msg_in.header.api_version);
356 }
357 }
358
359 return ret;
360 }
361
intel_pxp_tee_end_arb_fw_session(struct intel_pxp * pxp,u32 session_id)362 void intel_pxp_tee_end_arb_fw_session(struct intel_pxp *pxp, u32 session_id)
363 {
364 struct drm_i915_private *i915 = pxp->ctrl_gt->i915;
365 struct pxp42_inv_stream_key_in msg_in = {0};
366 struct pxp42_inv_stream_key_out msg_out = {0};
367 int ret, trials = 0;
368
369 try_again:
370 memset(&msg_in, 0, sizeof(msg_in));
371 memset(&msg_out, 0, sizeof(msg_out));
372 msg_in.header.api_version = PXP_APIVER(4, 2);
373 msg_in.header.command_id = PXP42_CMDID_INVALIDATE_STREAM_KEY;
374 msg_in.header.buffer_len = sizeof(msg_in) - sizeof(msg_in.header);
375
376 msg_in.header.stream_id = FIELD_PREP(PXP_CMDHDR_EXTDATA_SESSION_VALID, 1);
377 msg_in.header.stream_id |= FIELD_PREP(PXP_CMDHDR_EXTDATA_APP_TYPE, 0);
378 msg_in.header.stream_id |= FIELD_PREP(PXP_CMDHDR_EXTDATA_SESSION_ID, session_id);
379
380 ret = intel_pxp_tee_io_message(pxp,
381 &msg_in, sizeof(msg_in),
382 &msg_out, sizeof(msg_out),
383 NULL);
384
385 /* Cleanup coherency between GT and Firmware is critical, so try again if it fails */
386 if ((ret || msg_out.header.status != 0x0) && ++trials < 3)
387 goto try_again;
388
389 if (ret) {
390 drm_err(&i915->drm, "Failed to send tee msg for inv-stream-key-%u, ret=[%d]\n",
391 session_id, ret);
392 } else if (msg_out.header.status != 0) {
393 if (is_fw_err_platform_config(msg_out.header.status)) {
394 drm_info_once(&i915->drm,
395 "PXP inv-stream-key-%u failed due to BIOS/SOC :0x%08x:%s\n",
396 session_id, msg_out.header.status,
397 fw_err_to_string(msg_out.header.status));
398 } else {
399 drm_dbg(&i915->drm, "PXP inv-stream-key-%u failed 0x%08x:%s:\n",
400 session_id, msg_out.header.status,
401 fw_err_to_string(msg_out.header.status));
402 drm_dbg(&i915->drm, " cmd-detail: ID=[0x%08x],API-Ver-[0x%08x]\n",
403 msg_in.header.command_id, msg_in.header.api_version);
404 }
405 }
406 }
407