1 // SPDX-License-Identifier: MIT 2 /* 3 * Copyright(c) 2020 Intel Corporation. 4 */ 5 6 #include <linux/component.h> 7 8 #include <drm/i915_pxp_tee_interface.h> 9 #include <drm/i915_component.h> 10 11 #include "gem/i915_gem_lmem.h" 12 #include "gt/intel_gt_print.h" 13 14 #include "i915_drv.h" 15 #include "gt/intel_gt.h" 16 17 #include "intel_pxp.h" 18 #include "intel_pxp_cmd_interface_42.h" 19 #include "intel_pxp_huc.h" 20 #include "intel_pxp_session.h" 21 #include "intel_pxp_tee.h" 22 #include "intel_pxp_types.h" 23 24 static bool 25 is_fw_err_platform_config(struct intel_pxp *pxp, u32 type) 26 { 27 switch (type) { 28 case PXP_STATUS_ERROR_API_VERSION: 29 case PXP_STATUS_PLATFCONFIG_KF1_NOVERIF: 30 case PXP_STATUS_PLATFCONFIG_KF1_BAD: 31 pxp->platform_cfg_is_bad = true; 32 return true; 33 default: 34 break; 35 } 36 return false; 37 } 38 39 static const char * 40 fw_err_to_string(u32 type) 41 { 42 switch (type) { 43 case PXP_STATUS_ERROR_API_VERSION: 44 return "ERR_API_VERSION"; 45 case PXP_STATUS_NOT_READY: 46 return "ERR_NOT_READY"; 47 case PXP_STATUS_PLATFCONFIG_KF1_NOVERIF: 48 case PXP_STATUS_PLATFCONFIG_KF1_BAD: 49 return "ERR_PLATFORM_CONFIG"; 50 default: 51 break; 52 } 53 return NULL; 54 } 55 56 static int intel_pxp_tee_io_message(struct intel_pxp *pxp, 57 void *msg_in, u32 msg_in_size, 58 void *msg_out, u32 msg_out_max_size, 59 u32 *msg_out_rcv_size) 60 { 61 struct drm_i915_private *i915 = pxp->ctrl_gt->i915; 62 struct i915_pxp_component *pxp_component = pxp->pxp_component; 63 int ret = 0; 64 65 mutex_lock(&pxp->tee_mutex); 66 67 /* 68 * The binding of the component is asynchronous from i915 probe, so we 69 * can't be sure it has happened. 70 */ 71 if (!pxp_component) { 72 ret = -ENODEV; 73 goto unlock; 74 } 75 76 ret = pxp_component->ops->send(pxp_component->tee_dev, msg_in, msg_in_size); 77 if (ret) { 78 drm_err(&i915->drm, "Failed to send PXP TEE message\n"); 79 goto unlock; 80 } 81 82 ret = pxp_component->ops->recv(pxp_component->tee_dev, msg_out, msg_out_max_size); 83 if (ret < 0) { 84 drm_err(&i915->drm, "Failed to receive PXP TEE message\n"); 85 goto unlock; 86 } 87 88 if (ret > msg_out_max_size) { 89 drm_err(&i915->drm, 90 "Failed to receive PXP TEE message due to unexpected output size\n"); 91 ret = -ENOSPC; 92 goto unlock; 93 } 94 95 if (msg_out_rcv_size) 96 *msg_out_rcv_size = ret; 97 98 ret = 0; 99 unlock: 100 mutex_unlock(&pxp->tee_mutex); 101 return ret; 102 } 103 104 int intel_pxp_tee_stream_message(struct intel_pxp *pxp, 105 u8 client_id, u32 fence_id, 106 void *msg_in, size_t msg_in_len, 107 void *msg_out, size_t msg_out_len) 108 { 109 /* TODO: for bigger objects we need to use a sg of 4k pages */ 110 const size_t max_msg_size = PAGE_SIZE; 111 struct drm_i915_private *i915 = pxp->ctrl_gt->i915; 112 struct i915_pxp_component *pxp_component = pxp->pxp_component; 113 unsigned int offset = 0; 114 struct scatterlist *sg; 115 int ret; 116 117 if (msg_in_len > max_msg_size || msg_out_len > max_msg_size) 118 return -ENOSPC; 119 120 mutex_lock(&pxp->tee_mutex); 121 122 if (unlikely(!pxp_component || !pxp_component->ops->gsc_command)) { 123 ret = -ENODEV; 124 goto unlock; 125 } 126 127 GEM_BUG_ON(!pxp->stream_cmd.obj); 128 129 sg = i915_gem_object_get_sg_dma(pxp->stream_cmd.obj, 0, &offset); 130 131 memcpy(pxp->stream_cmd.vaddr, msg_in, msg_in_len); 132 133 ret = pxp_component->ops->gsc_command(pxp_component->tee_dev, client_id, 134 fence_id, sg, msg_in_len, sg); 135 if (ret < 0) 136 drm_err(&i915->drm, "Failed to send PXP TEE gsc command\n"); 137 else 138 memcpy(msg_out, pxp->stream_cmd.vaddr, msg_out_len); 139 140 unlock: 141 mutex_unlock(&pxp->tee_mutex); 142 return ret; 143 } 144 145 /** 146 * i915_pxp_tee_component_bind - bind function to pass the function pointers to pxp_tee 147 * @i915_kdev: pointer to i915 kernel device 148 * @tee_kdev: pointer to tee kernel device 149 * @data: pointer to pxp_tee_master containing the function pointers 150 * 151 * This bind function is called during the system boot or resume from system sleep. 152 * 153 * Return: return 0 if successful. 154 */ 155 static int i915_pxp_tee_component_bind(struct device *i915_kdev, 156 struct device *tee_kdev, void *data) 157 { 158 struct drm_i915_private *i915 = kdev_to_i915(i915_kdev); 159 struct intel_pxp *pxp = i915->pxp; 160 struct intel_gt *gt = pxp->ctrl_gt; 161 struct intel_uc *uc = >->uc; 162 intel_wakeref_t wakeref; 163 int ret = 0; 164 165 if (!HAS_HECI_PXP(i915)) { 166 pxp->dev_link = device_link_add(i915_kdev, tee_kdev, DL_FLAG_STATELESS); 167 if (drm_WARN_ON(&i915->drm, !pxp->dev_link)) 168 return -ENODEV; 169 } 170 171 mutex_lock(&pxp->tee_mutex); 172 pxp->pxp_component = data; 173 pxp->pxp_component->tee_dev = tee_kdev; 174 mutex_unlock(&pxp->tee_mutex); 175 176 if (intel_uc_uses_huc(uc) && intel_huc_is_loaded_by_gsc(&uc->huc)) { 177 with_intel_runtime_pm(&i915->runtime_pm, wakeref) { 178 /* load huc via pxp */ 179 ret = intel_huc_fw_load_and_auth_via_gsc(&uc->huc); 180 if (ret < 0) 181 gt_probe_error(gt, "failed to load huc via gsc %d\n", ret); 182 } 183 } 184 185 /* if we are suspended, the HW will be re-initialized on resume */ 186 wakeref = intel_runtime_pm_get_if_in_use(&i915->runtime_pm); 187 if (!wakeref) 188 return 0; 189 190 /* the component is required to fully start the PXP HW */ 191 if (intel_pxp_is_enabled(pxp)) 192 intel_pxp_init_hw(pxp); 193 194 intel_runtime_pm_put(&i915->runtime_pm, wakeref); 195 196 return ret; 197 } 198 199 static void i915_pxp_tee_component_unbind(struct device *i915_kdev, 200 struct device *tee_kdev, void *data) 201 { 202 struct drm_i915_private *i915 = kdev_to_i915(i915_kdev); 203 struct intel_pxp *pxp = i915->pxp; 204 intel_wakeref_t wakeref; 205 206 if (intel_pxp_is_enabled(pxp)) 207 with_intel_runtime_pm_if_in_use(&i915->runtime_pm, wakeref) 208 intel_pxp_fini_hw(pxp); 209 210 mutex_lock(&pxp->tee_mutex); 211 pxp->pxp_component = NULL; 212 mutex_unlock(&pxp->tee_mutex); 213 214 if (pxp->dev_link) { 215 device_link_del(pxp->dev_link); 216 pxp->dev_link = NULL; 217 } 218 } 219 220 static const struct component_ops i915_pxp_tee_component_ops = { 221 .bind = i915_pxp_tee_component_bind, 222 .unbind = i915_pxp_tee_component_unbind, 223 }; 224 225 static int alloc_streaming_command(struct intel_pxp *pxp) 226 { 227 struct drm_i915_private *i915 = pxp->ctrl_gt->i915; 228 struct drm_i915_gem_object *obj = NULL; 229 void *cmd; 230 int err; 231 232 pxp->stream_cmd.obj = NULL; 233 pxp->stream_cmd.vaddr = NULL; 234 235 if (!IS_DGFX(i915)) 236 return 0; 237 238 /* allocate lmem object of one page for PXP command memory and store it */ 239 obj = i915_gem_object_create_lmem(i915, PAGE_SIZE, I915_BO_ALLOC_CONTIGUOUS); 240 if (IS_ERR(obj)) { 241 drm_err(&i915->drm, "Failed to allocate pxp streaming command!\n"); 242 return PTR_ERR(obj); 243 } 244 245 err = i915_gem_object_pin_pages_unlocked(obj); 246 if (err) { 247 drm_err(&i915->drm, "Failed to pin gsc message page!\n"); 248 goto out_put; 249 } 250 251 /* map the lmem into the virtual memory pointer */ 252 cmd = i915_gem_object_pin_map_unlocked(obj, 253 intel_gt_coherent_map_type(pxp->ctrl_gt, 254 obj, true)); 255 if (IS_ERR(cmd)) { 256 drm_err(&i915->drm, "Failed to map gsc message page!\n"); 257 err = PTR_ERR(cmd); 258 goto out_unpin; 259 } 260 261 memset(cmd, 0, obj->base.size); 262 263 pxp->stream_cmd.obj = obj; 264 pxp->stream_cmd.vaddr = cmd; 265 266 return 0; 267 268 out_unpin: 269 i915_gem_object_unpin_pages(obj); 270 out_put: 271 i915_gem_object_put(obj); 272 return err; 273 } 274 275 static void free_streaming_command(struct intel_pxp *pxp) 276 { 277 struct drm_i915_gem_object *obj = fetch_and_zero(&pxp->stream_cmd.obj); 278 279 if (!obj) 280 return; 281 282 i915_gem_object_unpin_map(obj); 283 i915_gem_object_unpin_pages(obj); 284 i915_gem_object_put(obj); 285 } 286 287 int intel_pxp_tee_component_init(struct intel_pxp *pxp) 288 { 289 int ret; 290 struct intel_gt *gt = pxp->ctrl_gt; 291 struct drm_i915_private *i915 = gt->i915; 292 293 ret = alloc_streaming_command(pxp); 294 if (ret) 295 return ret; 296 297 ret = component_add_typed(i915->drm.dev, &i915_pxp_tee_component_ops, 298 I915_COMPONENT_PXP); 299 if (ret < 0) { 300 drm_err(&i915->drm, "Failed to add PXP component (%d)\n", ret); 301 goto out_free; 302 } 303 304 pxp->pxp_component_added = true; 305 306 return 0; 307 308 out_free: 309 free_streaming_command(pxp); 310 return ret; 311 } 312 313 void intel_pxp_tee_component_fini(struct intel_pxp *pxp) 314 { 315 struct drm_i915_private *i915 = pxp->ctrl_gt->i915; 316 317 if (!pxp->pxp_component_added) 318 return; 319 320 component_del(i915->drm.dev, &i915_pxp_tee_component_ops); 321 pxp->pxp_component_added = false; 322 323 free_streaming_command(pxp); 324 } 325 326 int intel_pxp_tee_cmd_create_arb_session(struct intel_pxp *pxp, 327 int arb_session_id) 328 { 329 struct drm_i915_private *i915 = pxp->ctrl_gt->i915; 330 struct pxp42_create_arb_in msg_in = {}; 331 struct pxp42_create_arb_out msg_out = {}; 332 int ret; 333 334 msg_in.header.api_version = PXP_APIVER(4, 2); 335 msg_in.header.command_id = PXP42_CMDID_INIT_SESSION; 336 msg_in.header.buffer_len = sizeof(msg_in) - sizeof(msg_in.header); 337 msg_in.protection_mode = PXP42_ARB_SESSION_MODE_HEAVY; 338 msg_in.session_id = arb_session_id; 339 340 ret = intel_pxp_tee_io_message(pxp, 341 &msg_in, sizeof(msg_in), 342 &msg_out, sizeof(msg_out), 343 NULL); 344 345 if (ret) { 346 drm_err(&i915->drm, "Failed to send tee msg init arb session, ret=[%d]\n", ret); 347 } else if (msg_out.header.status != 0) { 348 if (is_fw_err_platform_config(pxp, msg_out.header.status)) { 349 drm_info_once(&i915->drm, 350 "PXP init-arb-session-%d failed due to BIOS/SOC:0x%08x:%s\n", 351 arb_session_id, msg_out.header.status, 352 fw_err_to_string(msg_out.header.status)); 353 } else { 354 drm_dbg(&i915->drm, "PXP init-arb-session--%d failed 0x%08x:%st:\n", 355 arb_session_id, msg_out.header.status, 356 fw_err_to_string(msg_out.header.status)); 357 drm_dbg(&i915->drm, " cmd-detail: ID=[0x%08x],API-Ver-[0x%08x]\n", 358 msg_in.header.command_id, msg_in.header.api_version); 359 } 360 } 361 362 return ret; 363 } 364 365 void intel_pxp_tee_end_arb_fw_session(struct intel_pxp *pxp, u32 session_id) 366 { 367 struct drm_i915_private *i915 = pxp->ctrl_gt->i915; 368 struct pxp42_inv_stream_key_in msg_in = {}; 369 struct pxp42_inv_stream_key_out msg_out = {}; 370 int ret, trials = 0; 371 372 try_again: 373 memset(&msg_in, 0, sizeof(msg_in)); 374 memset(&msg_out, 0, sizeof(msg_out)); 375 msg_in.header.api_version = PXP_APIVER(4, 2); 376 msg_in.header.command_id = PXP42_CMDID_INVALIDATE_STREAM_KEY; 377 msg_in.header.buffer_len = sizeof(msg_in) - sizeof(msg_in.header); 378 379 msg_in.header.stream_id = FIELD_PREP(PXP_CMDHDR_EXTDATA_SESSION_VALID, 1); 380 msg_in.header.stream_id |= FIELD_PREP(PXP_CMDHDR_EXTDATA_APP_TYPE, 0); 381 msg_in.header.stream_id |= FIELD_PREP(PXP_CMDHDR_EXTDATA_SESSION_ID, session_id); 382 383 ret = intel_pxp_tee_io_message(pxp, 384 &msg_in, sizeof(msg_in), 385 &msg_out, sizeof(msg_out), 386 NULL); 387 388 /* Cleanup coherency between GT and Firmware is critical, so try again if it fails */ 389 if ((ret || msg_out.header.status != 0x0) && ++trials < 3) 390 goto try_again; 391 392 if (ret) { 393 drm_err(&i915->drm, "Failed to send tee msg for inv-stream-key-%u, ret=[%d]\n", 394 session_id, ret); 395 } else if (msg_out.header.status != 0) { 396 if (is_fw_err_platform_config(pxp, msg_out.header.status)) { 397 drm_info_once(&i915->drm, 398 "PXP inv-stream-key-%u failed due to BIOS/SOC :0x%08x:%s\n", 399 session_id, msg_out.header.status, 400 fw_err_to_string(msg_out.header.status)); 401 } else { 402 drm_dbg(&i915->drm, "PXP inv-stream-key-%u failed 0x%08x:%s:\n", 403 session_id, msg_out.header.status, 404 fw_err_to_string(msg_out.header.status)); 405 drm_dbg(&i915->drm, " cmd-detail: ID=[0x%08x],API-Ver-[0x%08x]\n", 406 msg_in.header.command_id, msg_in.header.api_version); 407 } 408 } 409 } 410