Received: by 2002:a05:7412:37c9:b0:e2:908c:2ebd with SMTP id jz9csp1773826rdb; Wed, 20 Sep 2023 21:30:17 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEpVlKKBWcVbnXbS170ipGM2BYrSgQPMAfa2hNyYdGqIjEJoGKZ82ZNT+KSYryrkczLPnFr X-Received: by 2002:a05:6358:9924:b0:139:c82c:46dd with SMTP id w36-20020a056358992400b00139c82c46ddmr5307416rwa.10.1695270617466; Wed, 20 Sep 2023 21:30:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695270617; cv=none; d=google.com; s=arc-20160816; b=SVK6wmLgBpOUHSEBDvRZEs30BbARPIIdoPwAaAQiN6UWaKZ9ENtyAmYmEKWHNIP7Ty Xiy2PH0zq3K+RmmbJKwb0PLKh+vhfqpYwvPAdZHi1nO6v6rhkn/tgks1/BIJyhagCECQ T6KBDH4YU5Se5VP3T6qrmvU5x8lq9065kQOsAV6AlrD/AbL7OdQSQAEPLSzz29aydZPf nAgeHmO/nFY4luVNZvOoQMfKxQurnKy2dnPLyf18+e6yieyJ/eOpJg379Oyq51Qyda7J 1ZbvU8GD5vQitRMBb2CF4CCPazOkvKc20ZBa8WZ5avHSSNyYZM1vybXyEWD7K2z4fwSF Bo0A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=VpTkUTk2dzioZKLIBTQ18yG7YDnHVOKB4Sat59PHtOs=; fh=fqpahZrXw+4iCWbrsl2C+XgoODfnitPUobNljCEmGF8=; b=o7MjbUBQS6qwCiyYEk2XlhN3eRm1TRFdU/Zn4/Ps0CbG9ozIi6AtLmwc6nSp52cqJ7 NcVDufnC2rzgOukpGplRCpdfZOSM3Q5e42PBgF/uCb+Z7XHS4YUEpEnP//h5Pdtv75a6 IdEI6hLe6BjrUGSziFpyCEs4WqMNKTQDLkrWIgPcdWFyuuN2OIRgCt+SJFcIWEUsNsWZ bBGAIW+lKFNVjyU3iPDJhD6x7LNiD7g+AyfEp+jKSZPB9z1iY/tljmS33jBKW29o7Mm4 DBpbMPSAPgKNCZJr4z8mY/9xUQAU2oQNNdf80Wq91ekpwUPnmMdtzqLCsTQv/CqwK/nj BsCg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=nVeEYHb+; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from howler.vger.email (howler.vger.email. [2620:137:e000::3:4]) by mx.google.com with ESMTPS id y7-20020a636407000000b0055b43079642si567468pgb.120.2023.09.20.21.30.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 20 Sep 2023 21:30:17 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) client-ip=2620:137:e000::3:4; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=nVeEYHb+; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:4 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by howler.vger.email (Postfix) with ESMTP id C7EDD808577F; Wed, 20 Sep 2023 11:25:28 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at howler.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229790AbjITSZ0 (ORCPT + 99 others); Wed, 20 Sep 2023 14:25:26 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38924 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229654AbjITSZX (ORCPT ); Wed, 20 Sep 2023 14:25:23 -0400 Received: from mail-wm1-x32e.google.com (mail-wm1-x32e.google.com [IPv6:2a00:1450:4864:20::32e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A430DCF for ; Wed, 20 Sep 2023 11:25:14 -0700 (PDT) Received: by mail-wm1-x32e.google.com with SMTP id 5b1f17b1804b1-4051039701eso12985e9.1 for ; Wed, 20 Sep 2023 11:25:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1695234313; x=1695839113; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=VpTkUTk2dzioZKLIBTQ18yG7YDnHVOKB4Sat59PHtOs=; b=nVeEYHb+sNLe6KMaQ99EDehZu/e3Bz1WrJRrYpAxUbERaiJyzkimW9ncv9J5jQuF8c 7J5ia5eIRIAyXGmUiKPBdSb43Rr7fY/Hm/tyswefQPEFwd4+CRZaJoG+RtfDfpw+64mm M3yYjV+9J6gI83FOUNAOiaiXt8/xFvXuVdaXJw3G6aBmZDykU/GKTHisbIsrZZr4vVCW qMqkxfJRheQt8g5KtUpmKPBaa34SHBMj1lezhbEW2Bs/rWEjiYhliLyMxCO9AVL6yP7R MOVsQzBR6GWVq6qqdSR9t4hn/Jspr5hjDEAvjlMOb2vSXzztQ/gdAbaRoClM2Cx0DVof JCBw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1695234313; x=1695839113; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=VpTkUTk2dzioZKLIBTQ18yG7YDnHVOKB4Sat59PHtOs=; b=m3FM0yMQbsH9gH1QTcoAPdTH/gL0LLXTiWRdv8481KuXy1iZzQaWnp8NF8PAlwpGDu 7ke8JC2rvNYyDzj+tCjsGtHrjUZZMz8snzUBtv5dUqLYxyyHKCeuCvPVt2hX4wx6Mljq c31x+eJH3GeJnwg0VdeIyEOuUOR5MpfRWk4/lBcxjLyV5cea67MpUC0q0ELTEAo/GCmi YISD9+gv/8/jpEIHm16RxAsekLgMmJP7b/pHeiYmnDcyZHDP+Q3cGWQoZYKuG9ZhB31O Ct4WAUU2v7hokkVGctZnYV3W+w1SBd940YTtnCfUx+gFNpIi24dReiSRJGrsc/EWQqIu jEnQ== X-Gm-Message-State: AOJu0YxOB1Saz9Hs+buzp1udIq+GYsIXruB3hGko/aA8aie3tqVTHPtf BjmZDm9KMuzPZ1L3aaML7JkWnmW1vUGuLK2F/ksf X-Received: by 2002:a05:600c:4e43:b0:401:c94d:d6de with SMTP id e3-20020a05600c4e4300b00401c94dd6demr7385wmq.2.1695234312781; Wed, 20 Sep 2023 11:25:12 -0700 (PDT) MIME-Version: 1.0 References: <20230919030345.8629-1-jason-jh.lin@mediatek.com> In-Reply-To: From: Jeffrey Kardatzke Date: Wed, 20 Sep 2023 11:25:00 -0700 Message-ID: Subject: Re: [PATCH 00/10] Add mediate-drm secure flow for SVP To: =?UTF-8?B?Q0sgSHUgKOiDoeS/iuWFiSk=?= Cc: "matthias.bgg@gmail.com" , =?UTF-8?B?SmFzb24tSkggTGluICjmnpfnnb/npaUp?= , "angelogioacchino.delregno@collabora.com" , "robh+dt@kernel.org" , "krzysztof.kozlowski+dt@linaro.org" , "chunkuang.hu@kernel.org" , "linux-kernel@vger.kernel.org" , "linux-mediatek@lists.infradead.org" , =?UTF-8?B?U2luZ28gQ2hhbmcgKOW8teiIiOWciyk=?= , =?UTF-8?B?Sm9obnNvbiBXYW5nICjnjovogZbpkasp?= , "linaro-mm-sig@lists.linaro.org" , "linux-media@vger.kernel.org" , "devicetree@vger.kernel.org" , =?UTF-8?B?SmFzb24tY2ggQ2hlbiAo6Zmz5bu66LGqKQ==?= , =?UTF-8?B?U2hhd24gU3VuZyAo5a6L5a2d6KyZKQ==?= , =?UTF-8?B?TmFuY3kgTGluICjmnpfmrKPonqIp?= , "dri-devel@lists.freedesktop.org" , "conor+dt@kernel.org" , Project_Global_Chrome_Upstream_Group , "linux-arm-kernel@lists.infradead.org" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (howler.vger.email [0.0.0.0]); Wed, 20 Sep 2023 11:25:29 -0700 (PDT) On Tue, Sep 19, 2023 at 10:26=E2=80=AFPM CK Hu (=E8=83=A1=E4=BF=8A=E5=85=89= ) wrote: > > Hi, Jason: > > On Tue, 2023-09-19 at 11:03 +0800, Jason-JH.Lin wrote: > > The patch series provides drm driver support for enabling secure > > video > > path (SVP) playback on MediaiTek hardware in the Linux kernel. > > > > Memory Definitions: > > secure memory - Memory allocated in the TEE (Trusted Execution > > Environment) which is inaccessible in the REE (Rich Execution > > Environment, i.e. linux kernel/userspace). > > secure handle - Integer value which acts as reference to 'secure > > memory'. Used in communication between TEE and REE to reference > > 'secure memory'. > > secure buffer - 'secure memory' that is used to store decrypted, > > compressed video or for other general purposes in the TEE. > > secure surface - 'secure memory' that is used to store graphic > > buffers. > > > > Memory Usage in SVP: > > The overall flow of SVP starts with encrypted video coming in from an > > outside source into the REE. The REE will then allocate a 'secure > > buffer' and send the corresponding 'secure handle' along with the > > encrypted, compressed video data to the TEE. The TEE will then > > decrypt > > the video and store the result in the 'secure buffer'. The REE will > > then allocate a 'secure surface'. The REE will pass the 'secure > > handles' for both the 'secure buffer' and 'secure surface' into the > > TEE for video decoding. The video decoder HW will then decode the > > contents of the 'secure buffer' and place the result in the 'secure > > surface'. The REE will then attach the 'secure surface' to the > > overlay > > plane for rendering of the video. > > > > Everything relating to ensuring security of the actual contents of > > the > > 'secure buffer' and 'secure surface' is out of scope for the REE and > > is the responsibility of the TEE. > > > > DRM driver handles allocation of gem objects that are backed by a > > 'secure > > surface' and for displaying a 'secure surface' on the overlay plane. > > This introduces a new flag for object creation called > > DRM_MTK_GEM_CREATE_ENCRYPTED which indicates it should be a 'secure > > surface'. All changes here are in MediaTek specific code. > > How do you define SVP? Is there standard requirement we could refer to? > If the secure video buffer is read by display hardware and output to > HDMI without any protection and user could capture HDMI signal, is this > secure? SVP (Secure Video Path) is essentially the video being completed isolated from the kernel/userspace. The specific requirements for it vary between implementations. Regarding HDMI/HDCP output; it's the responsibility of the TEE to enforce that. Nothing on the kernel/userspace side needs to be concerned about enforcing HDCP. The only thing userspace is involved in there is actually turning on HDCP via the kernel drivers; and then the TEE ensures that it is active if the policy for the encrypted content requires it. > > Regards, > CK > > > > > --- > > Based on 2 series: > > [1] Add CMDQ secure driver for SVP > > - > > https://urldefense.com/v3/__https://patchwork.kernel.org/project/linux-= mediatek/list/?series=3D785332__;!!CTRNKA9wMg0ARbw!mPocbQwZ4-25DmidvAgd9K5e= XjNEhSyIKpvvYHPpdrq2PgS-hkYyHohzDvoJydD45UZp5JvY9DuDVFj1ltVnhGY$ > > > > > > [2] dma-buf: heaps: Add MediaTek secure heap > > - > > https://urldefense.com/v3/__https://patchwork.kernel.org/project/linux-= mediatek/list/?series=3D782776__;!!CTRNKA9wMg0ARbw!mPocbQwZ4-25DmidvAgd9K5e= XjNEhSyIKpvvYHPpdrq2PgS-hkYyHohzDvoJydD45UZp5JvY9DuDVFj10sD4kHE$ > > > > --- > > > > CK Hu (1): > > drm/mediatek: Add interface to allocate MediaTek GEM buffer. > > > > Jason-JH.Lin (9): > > drm/mediatek/uapi: Add DRM_MTK_GEM_CREATED_ENCRYPTTED flag > > drm/mediatek: Add secure buffer control flow to mtk_drm_gem > > drm/mediatek: Add secure identify flag and funcution to > > mtk_drm_plane > > drm/mediatek: Add mtk_ddp_sec_write to config secure buffer info > > drm/mediatek: Add get_sec_port interface to mtk_ddp_comp > > drm/mediatek: Add secure layer config support for ovl > > drm/mediatek: Add secure layer config support for ovl_adaptor > > drm/mediatek: Add secure flow support to mediatek-drm > > arm64: dts: mt8195-cherry: Add secure mbox settings for vdosys > > > > .../boot/dts/mediatek/mt8195-cherry.dtsi | 10 + > > drivers/gpu/drm/mediatek/mtk_disp_drv.h | 3 + > > drivers/gpu/drm/mediatek/mtk_disp_ovl.c | 31 +- > > .../gpu/drm/mediatek/mtk_disp_ovl_adaptor.c | 15 + > > drivers/gpu/drm/mediatek/mtk_drm_crtc.c | 271 > > +++++++++++++++++- > > drivers/gpu/drm/mediatek/mtk_drm_crtc.h | 1 + > > drivers/gpu/drm/mediatek/mtk_drm_ddp_comp.c | 14 + > > drivers/gpu/drm/mediatek/mtk_drm_ddp_comp.h | 13 + > > drivers/gpu/drm/mediatek/mtk_drm_drv.c | 16 +- > > drivers/gpu/drm/mediatek/mtk_drm_gem.c | 121 ++++++++ > > drivers/gpu/drm/mediatek/mtk_drm_gem.h | 16 ++ > > drivers/gpu/drm/mediatek/mtk_drm_plane.c | 7 + > > drivers/gpu/drm/mediatek/mtk_drm_plane.h | 2 + > > drivers/gpu/drm/mediatek/mtk_mdp_rdma.c | 11 +- > > drivers/gpu/drm/mediatek/mtk_mdp_rdma.h | 2 + > > include/uapi/drm/mediatek_drm.h | 59 ++++ > > 16 files changed, 575 insertions(+), 17 deletions(-) > > create mode 100644 include/uapi/drm/mediatek_drm.h > >