| Message ID | 1568202584-14471-1-git-send-email-ray.huang@amd.com (mailing list archive) |
|---|---|
| Headers | show |
| Series | drm/amdgpu: introduce secure buffer object support (trusted memory zone) | expand |
Patches #1-#4, #8, #9 are Reviewed-by: Christian König <christian.koenig@amd.com> Patches #10, #11 are Acked-by: Christian König <christian.koenig@amd.com> Patches #7 and the resulting workaround in patch #13 are a clear NAK. The ttm_mem_reg can't be used like this to get back to the ttm_bo object. Going to reply separately on patch #14 regarding this. Regards, Christian. Am 11.09.19 um 13:50 schrieb Huang, Ray: > Hi all, > > These series of patches introduce a feature to support secure buffer object. > The Trusted Memory Zone (TMZ) is a method to protect the contents being written > to and read from memory. We use TMZ hardware memory protection scheme to > implement the secure buffer object support. > > TMZ is the page-level protection that hardware will detect the TMZ bit in the > page table entry to set the current page is encrypted. With this hardware > feature, we design a BO-level protection in kernel driver to provide a new flag > AMDGPU_GEM_CREATE_ENCRYPTED to gem create ioctl to libdrm for the secure buffer > allocation. And also provide the AMDGPU_CTX_ALLOC_FLAGS_SECURE to indicate the > context is trusted or not. If the BO is secure, then the data is encrypted, only > the trusted IP blocks such as gfx, sdma, vcn are able to decrypt. CPU as the > un-trusted IP are unable to read the secure buffer. > > We will submit the new secure context interface later for libdrm, and create a > new test suite to verify the security feature in the libdrm unit tests. > > Suite id = 11: Name 'Security Tests status: ENABLED' > Test id 1: Name: 'allocate secure buffer test status: ENABLED' > Test id 2: Name: 'graphics command submission under secure context status: ENABLED' > > Thanks, > Ray > > Alex Deucher (4): > drm/amdgpu: add UAPI for creating encrypted buffers > drm/amdgpu: add UAPI for creating secure contexts (v2) > drm/amdgpu: define the TMZ bit for the PTE > drm/amdgpu: set TMZ bits in PTEs for secure bo (v2) > > Huang Rui (10): > drm/amdgpu: add tmz feature parameter (v2) > drm/amdgpu: add amdgpu_tmz data structure > drm/amdgpu: add function to check tmz capability (v4) > drm/ttm: add helper to get buffer object with ttm_mem_reg > drm/amdgpu: revise the function to allocate secure context (v2) > drm/amdgpu: add tmz bit in frame control packet > drm/amdgpu: expand the emit tmz interface with trusted flag > drm/amdgpu: expand the context control interface with trust flag > drm/amdgpu: set trusted mode while the job is under secure context > (v2) > drm/amdgpu: modify the method to use mem under buffer object for > amdgpu_ttm_tt_pte_flags > > drivers/gpu/drm/amd/amdgpu/Makefile | 2 +- > drivers/gpu/drm/amd/amdgpu/amdgpu.h | 7 ++++- > drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c | 1 + > drivers/gpu/drm/amd/amdgpu/amdgpu_ctx.c | 19 +++++++++--- > drivers/gpu/drm/amd/amdgpu/amdgpu_ctx.h | 1 + > drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 3 ++ > drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | 11 +++++++ > drivers/gpu/drm/amd/amdgpu/amdgpu_gem.c | 12 +++++++- > drivers/gpu/drm/amd/amdgpu/amdgpu_ib.c | 4 +-- > drivers/gpu/drm/amd/amdgpu/amdgpu_job.h | 2 ++ > drivers/gpu/drm/amd/amdgpu/amdgpu_object.h | 10 ++++++ > drivers/gpu/drm/amd/amdgpu/amdgpu_ring.h | 9 +++--- > drivers/gpu/drm/amd/amdgpu/amdgpu_tmz.c | 49 ++++++++++++++++++++++++++++++ > drivers/gpu/drm/amd/amdgpu/amdgpu_tmz.h | 39 ++++++++++++++++++++++++ > drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c | 23 +++++++++----- > drivers/gpu/drm/amd/amdgpu/amdgpu_vm.h | 3 ++ > drivers/gpu/drm/amd/amdgpu/gfx_v10_0.c | 20 +++++++++--- > drivers/gpu/drm/amd/amdgpu/gfx_v6_0.c | 3 +- > drivers/gpu/drm/amd/amdgpu/gfx_v7_0.c | 3 +- > drivers/gpu/drm/amd/amdgpu/gfx_v8_0.c | 3 +- > drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c | 16 +++++++--- > drivers/gpu/drm/amd/amdgpu/nvd.h | 1 + > drivers/gpu/drm/amd/amdgpu/soc15d.h | 1 + > include/drm/ttm/ttm_bo_driver.h | 13 ++++++++ > include/uapi/drm/amdgpu_drm.h | 9 +++++- > 25 files changed, 230 insertions(+), 34 deletions(-) > create mode 100644 drivers/gpu/drm/amd/amdgpu/amdgpu_tmz.c > create mode 100644 drivers/gpu/drm/amd/amdgpu/amdgpu_tmz.h >
Hi all, These series of patches introduce a feature to support secure buffer object. The Trusted Memory Zone (TMZ) is a method to protect the contents being written to and read from memory. We use TMZ hardware memory protection scheme to implement the secure buffer object support. TMZ is the page-level protection that hardware will detect the TMZ bit in the page table entry to set the current page is encrypted. With this hardware feature, we design a BO-level protection in kernel driver to provide a new flag AMDGPU_GEM_CREATE_ENCRYPTED to gem create ioctl to libdrm for the secure buffer allocation. And also provide the AMDGPU_CTX_ALLOC_FLAGS_SECURE to indicate the context is trusted or not. If the BO is secure, then the data is encrypted, only the trusted IP blocks such as gfx, sdma, vcn are able to decrypt. CPU as the un-trusted IP are unable to read the secure buffer. We will submit the new secure context interface later for libdrm, and create a new test suite to verify the security feature in the libdrm unit tests. Suite id = 11: Name 'Security Tests status: ENABLED' Test id 1: Name: 'allocate secure buffer test status: ENABLED' Test id 2: Name: 'graphics command submission under secure context status: ENABLED' Thanks, Ray Alex Deucher (4): drm/amdgpu: add UAPI for creating encrypted buffers drm/amdgpu: add UAPI for creating secure contexts (v2) drm/amdgpu: define the TMZ bit for the PTE drm/amdgpu: set TMZ bits in PTEs for secure bo (v2) Huang Rui (10): drm/amdgpu: add tmz feature parameter (v2) drm/amdgpu: add amdgpu_tmz data structure drm/amdgpu: add function to check tmz capability (v4) drm/ttm: add helper to get buffer object with ttm_mem_reg drm/amdgpu: revise the function to allocate secure context (v2) drm/amdgpu: add tmz bit in frame control packet drm/amdgpu: expand the emit tmz interface with trusted flag drm/amdgpu: expand the context control interface with trust flag drm/amdgpu: set trusted mode while the job is under secure context (v2) drm/amdgpu: modify the method to use mem under buffer object for amdgpu_ttm_tt_pte_flags drivers/gpu/drm/amd/amdgpu/Makefile | 2 +- drivers/gpu/drm/amd/amdgpu/amdgpu.h | 7 ++++- drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c | 1 + drivers/gpu/drm/amd/amdgpu/amdgpu_ctx.c | 19 +++++++++--- drivers/gpu/drm/amd/amdgpu/amdgpu_ctx.h | 1 + drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | 3 ++ drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | 11 +++++++ drivers/gpu/drm/amd/amdgpu/amdgpu_gem.c | 12 +++++++- drivers/gpu/drm/amd/amdgpu/amdgpu_ib.c | 4 +-- drivers/gpu/drm/amd/amdgpu/amdgpu_job.h | 2 ++ drivers/gpu/drm/amd/amdgpu/amdgpu_object.h | 10 ++++++ drivers/gpu/drm/amd/amdgpu/amdgpu_ring.h | 9 +++--- drivers/gpu/drm/amd/amdgpu/amdgpu_tmz.c | 49 ++++++++++++++++++++++++++++++ drivers/gpu/drm/amd/amdgpu/amdgpu_tmz.h | 39 ++++++++++++++++++++++++ drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c | 23 +++++++++----- drivers/gpu/drm/amd/amdgpu/amdgpu_vm.h | 3 ++ drivers/gpu/drm/amd/amdgpu/gfx_v10_0.c | 20 +++++++++--- drivers/gpu/drm/amd/amdgpu/gfx_v6_0.c | 3 +- drivers/gpu/drm/amd/amdgpu/gfx_v7_0.c | 3 +- drivers/gpu/drm/amd/amdgpu/gfx_v8_0.c | 3 +- drivers/gpu/drm/amd/amdgpu/gfx_v9_0.c | 16 +++++++--- drivers/gpu/drm/amd/amdgpu/nvd.h | 1 + drivers/gpu/drm/amd/amdgpu/soc15d.h | 1 + include/drm/ttm/ttm_bo_driver.h | 13 ++++++++ include/uapi/drm/amdgpu_drm.h | 9 +++++- 25 files changed, 230 insertions(+), 34 deletions(-) create mode 100644 drivers/gpu/drm/amd/amdgpu/amdgpu_tmz.c create mode 100644 drivers/gpu/drm/amd/amdgpu/amdgpu_tmz.h