Received: by 2002:a05:7412:2a8c:b0:e2:908c:2ebd with SMTP id u12csp1760106rdh; Tue, 26 Sep 2023 02:44:24 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHc1AVm1PboSRQZzNCPvS3nok7M+jKc9UeaqH4A61Rq/wKhConU7WrI2+YbXpC/1I5SNxly X-Received: by 2002:a17:902:d483:b0:1c5:cebd:ee83 with SMTP id c3-20020a170902d48300b001c5cebdee83mr7112992plg.54.1695721464502; Tue, 26 Sep 2023 02:44:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695721464; cv=none; d=google.com; s=arc-20160816; b=Ju/oe27HeGOaZ1D3t/eNYe6aOmeLrIgHq0+zAuDlYWjdA0/uuI20qFFNZlTyF9lNoP Vk+47QanttoPzCxjkdf/ECABepCRD48l5DUpCiq7nXhfsEegQls5KBLZ3wmypQqpgYrG jRELX/UbaRsH3T7F51/eKgz/mMyGJV+HnaWNih51mHu+n+UgrY4fS20Ak0YH/hD/f3bs +HDmXtIKFni4pO54apXwjoBGDngPFgSRgYSFDhKOaO4o05s8OAKyQqK+N3mP3Ru+HbUe susbSPKqYBVC1GGCt2GG29SziZlVyIlvXFoSo3c9zmaT7QWZJJOS88h0lj6wSxIjdfNQ 0c7g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version:reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=vGJDsOc10DhRLUT1LCzQuo2Pm74I51KbtwVLKRFGf78=; fh=u4lXiNNICir2VL8WZ0msDCMjNTfLAJlheWXzE6i9hvU=; b=Gh/vjHO0uJBUt8OXTj7ZcFCQmTkFQMS2tg5pCBvdQkJRanp4iZWZeiXOeZXIlgP3I6 VpxhkFk4QTmaBeENynBULLEpwfcZcznOBo1D+SjlH9+PD1l1W7G3B59P8dpZsZEGCYLU FVJffXyDr4I7GKtM13pctSlrxcKqMQbFwGAA2QmAhzyLPLQOsiBy5axTLTf8E6k7UGF8 mYA4qTQilxG10JmcmX0aaHyxqOb8/gHu38rxjzDVCa6vEskCw8tBtCSn5lRRJrAYlLdw jkBBJaHwpvvH4GHHu5M9Cv8+D+F6v9olZ4OEk5Hj+tIuYjA0tp9dV0Nf65EL5VuPBF8s CvWQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kde.org header.s=users header.b=g7betDjI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from groat.vger.email (groat.vger.email. [2620:137:e000::3:5]) by mx.google.com with ESMTPS id d18-20020a170902ced200b001b8a3a8d707si13492126plg.573.2023.09.26.02.44.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 26 Sep 2023 02:44:24 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) client-ip=2620:137:e000::3:5; Authentication-Results: mx.google.com; dkim=pass header.i=@kde.org header.s=users header.b=g7betDjI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by groat.vger.email (Postfix) with ESMTP id 622E8806D7F3; Mon, 25 Sep 2023 21:11:37 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at groat.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233231AbjIZELf (ORCPT + 99 others); Tue, 26 Sep 2023 00:11:35 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33926 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232910AbjIZELb (ORCPT ); Tue, 26 Sep 2023 00:11:31 -0400 X-Greylist: delayed 411 seconds by postgrey-1.37 at lindbergh.monkeyblade.net; Mon, 25 Sep 2023 21:11:00 PDT Received: from letterbox.kde.org (letterbox.kde.org [46.43.1.242]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id ACAF5CCC; Mon, 25 Sep 2023 21:11:00 -0700 (PDT) Received: from vertex.vmware.com (pool-173-49-113-140.phlapa.fios.verizon.net [173.49.113.140]) (Authenticated sender: zack) by letterbox.kde.org (Postfix) with ESMTPSA id 913153262C3; Tue, 26 Sep 2023 05:04:05 +0100 (BST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kde.org; s=users; t=1695701046; bh=vGJDsOc10DhRLUT1LCzQuo2Pm74I51KbtwVLKRFGf78=; h=From:To:Cc:Subject:Date:From; b=g7betDjIE59Rr/k9uisX4CM8+ddlEDQTEmxIvnlT2vrz4VJ/U19OV2tPaQsyDnYs0 0mVgqS9/RxycOJe5tCjkVpRX5tJ6XATRn6e/Ae/pjyPyUKPnWuU7jNgYMFazgXjwAz L8fmUAT3aIjexX1dzqBQYhR6nnqY/P9mG/rs/EhutlnsZdsXsYSI1JXUV4w7f1nA/M Z8PnSI0Grjr5Uqp6xzfHRoeWKQrvoCITGN1rMNxb/1qwaJBGo2zzWhVPcViqkwYJAG utctrFIZ3z93XMiLflbw/MhO9SOOnuUtkNkbEBJHh563/b4UiOiLza4OytfQYuMTM6 W4zJWne5gTavQ== From: Zack Rusin To: dri-devel@lists.freedesktop.org Cc: Zack Rusin , =?UTF-8?q?Christian=20K=C3=B6nig?= , =?UTF-8?q?Thomas=20Hellstr=C3=B6m?= , Huang Rui , linux-kernel@vger.kernel.org, stable@vger.kernel.org Subject: [PATCH] drm/ttm: Make sure the mapped tt pages are decrypted when needed Date: Tue, 26 Sep 2023 00:03:59 -0400 Message-Id: <20230926040359.3040017-1-zack@kde.org> X-Mailer: git-send-email 2.39.2 Reply-To: Zack Rusin MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]); Mon, 25 Sep 2023 21:11:37 -0700 (PDT) From: Zack Rusin Some drivers require the mapped tt pages to be decrypted. In an ideal world this would have been handled by the dma layer, but the TTM page fault handling would have to be rewritten to able to do that. A side-effect of the TTM page fault handling is using a dma allocation per order (via ttm_pool_alloc_page) which makes it impossible to just trivially use dma_mmap_attrs. As a result ttm has to be very careful about trying to make its pgprot for the mapped tt pages match what the dma layer thinks it is. At the ttm layer it's possible to deduce the requirement to have tt pages decrypted by checking whether coherent dma allocations have been requested and the system is running with confidential computing technologies. This approach isn't ideal but keeping TTM matching DMAs expectations for the page properties is in general fragile, unfortunately proper fix would require a rewrite of TTM's page fault handling. Fixes vmwgfx with SEV enabled. Signed-off-by: Zack Rusin Fixes: 3bf3710e3718 ("drm/ttm: Add a generic TTM memcpy move for page-based iomem") Cc: Christian König Cc: Thomas Hellström Cc: Huang Rui Cc: dri-devel@lists.freedesktop.org Cc: linux-kernel@vger.kernel.org Cc: # v5.14+ --- drivers/gpu/drm/ttm/ttm_bo_util.c | 13 +++++++++++-- drivers/gpu/drm/ttm/ttm_tt.c | 7 +++++++ include/drm/ttm/ttm_tt.h | 9 ++++++++- 3 files changed, 26 insertions(+), 3 deletions(-) diff --git a/drivers/gpu/drm/ttm/ttm_bo_util.c b/drivers/gpu/drm/ttm/ttm_bo_util.c index fd9fd3d15101..0b3f4267130c 100644 --- a/drivers/gpu/drm/ttm/ttm_bo_util.c +++ b/drivers/gpu/drm/ttm/ttm_bo_util.c @@ -294,7 +294,13 @@ pgprot_t ttm_io_prot(struct ttm_buffer_object *bo, struct ttm_resource *res, enum ttm_caching caching; man = ttm_manager_type(bo->bdev, res->mem_type); - caching = man->use_tt ? bo->ttm->caching : res->bus.caching; + if (man->use_tt) { + caching = bo->ttm->caching; + if (bo->ttm->page_flags & TTM_TT_FLAG_DECRYPTED) + tmp = pgprot_decrypted(tmp); + } else { + caching = res->bus.caching; + } return ttm_prot_from_caching(caching, tmp); } @@ -337,6 +343,8 @@ static int ttm_bo_kmap_ttm(struct ttm_buffer_object *bo, .no_wait_gpu = false }; struct ttm_tt *ttm = bo->ttm; + struct ttm_resource_manager *man = + ttm_manager_type(bo->bdev, bo->resource->mem_type); pgprot_t prot; int ret; @@ -346,7 +354,8 @@ static int ttm_bo_kmap_ttm(struct ttm_buffer_object *bo, if (ret) return ret; - if (num_pages == 1 && ttm->caching == ttm_cached) { + if (num_pages == 1 && ttm->caching == ttm_cached && + !(man->use_tt && (ttm->page_flags & TTM_TT_FLAG_DECRYPTED))) { /* * We're mapping a single page, and the desired * page protection is consistent with the bo. diff --git a/drivers/gpu/drm/ttm/ttm_tt.c b/drivers/gpu/drm/ttm/ttm_tt.c index e0a77671edd6..02dcb728e29c 100644 --- a/drivers/gpu/drm/ttm/ttm_tt.c +++ b/drivers/gpu/drm/ttm/ttm_tt.c @@ -81,6 +81,13 @@ int ttm_tt_create(struct ttm_buffer_object *bo, bool zero_alloc) pr_err("Illegal buffer object type\n"); return -EINVAL; } + /* + * When using dma_alloc_coherent with memory encryption the + * mapped TT pages need to be decrypted or otherwise the drivers + * will end up sending encrypted mem to the gpu. + */ + if (bdev->pool.use_dma_alloc && cc_platform_has(CC_ATTR_MEM_ENCRYPT)) + page_flags |= TTM_TT_FLAG_DECRYPTED; bo->ttm = bdev->funcs->ttm_tt_create(bo, page_flags); if (unlikely(bo->ttm == NULL)) diff --git a/include/drm/ttm/ttm_tt.h b/include/drm/ttm/ttm_tt.h index a4eff85b1f44..2b9d856ff388 100644 --- a/include/drm/ttm/ttm_tt.h +++ b/include/drm/ttm/ttm_tt.h @@ -79,6 +79,12 @@ struct ttm_tt { * page_flags = TTM_TT_FLAG_EXTERNAL | * TTM_TT_FLAG_EXTERNAL_MAPPABLE; * + * TTM_TT_FLAG_DECRYPTED: The mapped ttm pages should be marked as + * not encrypted. The framework will try to match what the dma layer + * is doing, but note that it is a little fragile because ttm page + * fault handling abuses the DMA api a bit and dma_map_attrs can't be + * used to assure pgprot always matches. + * * TTM_TT_FLAG_PRIV_POPULATED: TTM internal only. DO NOT USE. This is * set by TTM after ttm_tt_populate() has successfully returned, and is * then unset when TTM calls ttm_tt_unpopulate(). @@ -87,8 +93,9 @@ struct ttm_tt { #define TTM_TT_FLAG_ZERO_ALLOC BIT(1) #define TTM_TT_FLAG_EXTERNAL BIT(2) #define TTM_TT_FLAG_EXTERNAL_MAPPABLE BIT(3) +#define TTM_TT_FLAG_DECRYPTED BIT(4) -#define TTM_TT_FLAG_PRIV_POPULATED BIT(4) +#define TTM_TT_FLAG_PRIV_POPULATED BIT(5) uint32_t page_flags; /** @num_pages: Number of pages in the page array. */ uint32_t num_pages; -- 2.39.2