[v2,2/2] drm: Add Content Protection properties to drm

Message ID	1417719824-26499-1-git-send-email-seanpaul@chromium.org (mailing list archive)
State	New, archived
Headers	show Return-Path: <dri-devel-bounces@lists.freedesktop.org> From: Sean Paul <seanpaul@chromium.org> To: ville.syrjala@linux.intel.com, daniel@ffwll.ch, robdclark@gmail.com, dri-devel@lists.freedesktop.org Subject: [PATCH v2 2/2] drm: Add Content Protection properties to drm Date: Thu, 4 Dec 2014 11:03:44 -0800 Message-Id: <1417719824-26499-1-git-send-email-seanpaul@chromium.org> In-Reply-To: <20141204100310.GH32117@phenom.ffwll.local> References: <20141204100310.GH32117@phenom.ffwll.local> MIME-Version: 1.0 Precedence: list Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: dri-devel-bounces@lists.freedesktop.org Sender: "dri-devel" <dri-devel-bounces@lists.freedesktop.org>

Message ID

1417719824-26499-1-git-send-email-seanpaul@chromium.org (mailing list archive)

State

New, archived

Headers

From: Sean Paul <seanpaul@chromium.org>
To: ville.syrjala@linux.intel.com, daniel@ffwll.ch, robdclark@gmail.com,
	dri-devel@lists.freedesktop.org
Subject: [PATCH v2 2/2] drm: Add Content Protection properties to drm
Date: Thu,  4 Dec 2014 11:03:44 -0800
Message-Id: <1417719824-26499-1-git-send-email-seanpaul@chromium.org>
In-Reply-To: <20141204100310.GH32117@phenom.ffwll.local>
References: <20141204100310.GH32117@phenom.ffwll.local>
MIME-Version: 1.0
Precedence: list
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Errors-To: dri-devel-bounces@lists.freedesktop.org
Sender: "dri-devel" <dri-devel-bounces@lists.freedesktop.org>

Commit Message

Sean Paul Dec. 4, 2014, 7:03 p.m. UTC

Add new standard connector properties to track whether content protection
(ex: hdcp) is desired by userspace. There are two properties involved,
"Content Protection" and "Content Protection KSV".

The "Content Protection" property allows userspace to request protection
on a connector. Set "Desired" to enable, "Undesired" to disable.

The "Content Protection KSV" property reflects the current state of
protection. If the KSV is 0, the connection is not protected. Once the
driver has enabled protection, it will update the the value with the KSV
(or similarly unique identifier, if not using HDCP) of the first-hop
device (sink or repeater).

Signed-off-by: Sean Paul <seanpaul@chromium.org>
---

Changes in v2:
	- Split property into 2
		- one for desired/undesired
		- one for disabled/ksv

 Documentation/DocBook/drm.tmpl | 27 ++++++++++++++++++++++++--
 drivers/gpu/drm/drm_crtc.c     | 18 +++++++++++++++++
 drivers/gpu/drm/drm_sysfs.c    | 44 ++++++++++++++++++++++++++++++++++++++++++
 include/drm/drm_crtc.h         |  3 +++
 include/uapi/drm/drm_mode.h    |  4 ++++
 5 files changed, 94 insertions(+), 2 deletions(-)

Comments

Daniel Vetter Dec. 20, 2016, 6:36 p.m. UTC | #1

On Thu, Dec 4, 2014 at 8:03 PM, Sean Paul <seanpaul@chromium.org> wrote:
> Add new standard connector properties to track whether content protection
> (ex: hdcp) is desired by userspace. There are two properties involved,
> "Content Protection" and "Content Protection KSV".
>
> The "Content Protection" property allows userspace to request protection
> on a connector. Set "Desired" to enable, "Undesired" to disable.
>
> The "Content Protection KSV" property reflects the current state of
> protection. If the KSV is 0, the connection is not protected. Once the
> driver has enabled protection, it will update the the value with the KSV
> (or similarly unique identifier, if not using HDCP) of the first-hop
> device (sink or repeater).
>
> Signed-off-by: Sean Paul <seanpaul@chromium.org>
> ---
>
> Changes in v2:
>         - Split property into 2
>                 - one for desired/undesired
>                 - one for disabled/ksv

So this came up again, and I have a slightly less abritrary opinion on
the split vs. non-split property topic. My assumption was that we want
to tell userspace the ksv so that it can do the blacklisting. But it
sounds like at least all the designs with some kind of secure
processor (maybe that's a hdcp2.x thing only) will do the blacklisting
in that special processor and fail to set up encryption if the sink is
blacklisted. So for those cases I think just the tri-state property +
maybe some way to update the SRM (system renewability message iirc,
aka The Blacklist) would be the better interface.

We might still need the split approach that exposes the the ksv in a
separate property. And for that probably still need a tri-state to
lock down the ksv to a specific one, to allow userspace to blacklist
it. But I think we should only add that once we have hw that needs it
(doesn't seem the case for now after a quick irc chat).

tldr; I'm leaning back to v1 ;-)

Patch itself needs updating since properties are a bit more formal
nowadays - we haz real docs, and we expect some core support for
standardized props - something along the lines of the recently floated
"link status" stuff is imo the new gold standard. Wrt naming bikeshed:
I think we can just go with this since it's shipping in cros, makes
the entire userspace thing much easier ;-)
-Daniel

diff --git a/Documentation/DocBook/drm.tmpl b/Documentation/DocBook/drm.tmpl
index 85287cb..8aa6828 100644
--- a/Documentation/DocBook/drm.tmpl
+++ b/Documentation/DocBook/drm.tmpl
@@ -2546,8 +2546,8 @@  void intel_crt_init(struct drm_device *dev)
 	<td valign="top" >Description/Restrictions</td>
 	</tr>
 	<tr>
-	<td rowspan="24" valign="top" >DRM</td>
-	<td rowspan="3" valign="top" >Generic</td>
+	<td rowspan="26" valign="top" >DRM</td>
+	<td rowspan="5" valign="top" >Generic</td>
 	<td valign="top" >“EDID”</td>
 	<td valign="top" >BLOB | IMMUTABLE</td>
 	<td valign="top" >0</td>
@@ -2562,6 +2562,29 @@  void intel_crt_init(struct drm_device *dev)
 	<td valign="top" >Contains DPMS operation mode value.</td>
 	</tr>
 	<tr>
+	<td valign="top" >“Content Protection”</td>
+	<td valign="top" >ENUM</td>
+	<td valign="top" >{ “Undesired”, “Desired” }</td>
+	<td valign="top" >Connector</td>
+	<td valign="top" >Contains the current request state of content
+		protection from userspace. If "Desired", the driver shall
+		attempt to encrypt the connection, retrying as appropriate. If
+		"Undesired", userspace does not need the connection to be
+		protected.
+	</td>
+	</tr>
+	<tr>
+	<td valign="top" >“Content Protection KSV”</td>
+	<td valign="top" >RANGE | IMMUTABLE</td>
+	<td valign="top" >40-bit Receiver/Repeater KSV</td>
+	<td valign="top" >Connector</td>
+	<td valign="top" >Contains the 40-bit KSV (or similarly unique sink
+		identifier, if not using HDCP) of the first hop device connected
+		to the connector if content protection is enabled. If content
+		protection is disabled, this value should be set to 0.
+	</td>
+	</tr>
+	<tr>
 	<td valign="top" >“PATH”</td>
 	<td valign="top" >BLOB | IMMUTABLE</td>
 	<td valign="top" >0</td>
diff --git a/drivers/gpu/drm/drm_crtc.c b/drivers/gpu/drm/drm_crtc.c
index de79283..ba78837 100644
--- a/drivers/gpu/drm/drm_crtc.c
+++ b/drivers/gpu/drm/drm_crtc.c
@@ -77,6 +77,13 @@  static const struct drm_prop_enum_list drm_plane_type_enum_list[] =
 	{ DRM_PLANE_TYPE_CURSOR, "Cursor" },
 };
 
+static struct drm_prop_enum_list drm_cp_enum_list[] = {
+	{ DRM_MODE_CONTENT_PROTECTION_UNDESIRED, "Undesired" },
+	{ DRM_MODE_CONTENT_PROTECTION_DESIRED, "Desired" },
+};
+
+DRM_ENUM_NAME_FN(drm_get_content_protection_name, drm_cp_enum_list)
+
 /*
  * Optional properties
  */
@@ -1319,6 +1326,8 @@  static int drm_mode_create_standard_connector_properties(struct drm_device *dev)
 	struct drm_property *edid;
 	struct drm_property *dpms;
 	struct drm_property *dev_path;
+	struct drm_property *cp;
+	struct drm_property *cp_ksv;
 
 	/*
 	 * Standard properties (apply to all connectors)
@@ -1339,6 +1348,15 @@  static int drm_mode_create_standard_connector_properties(struct drm_device *dev)
 				       "PATH", 0);
 	dev->mode_config.path_property = dev_path;
 
+	cp = drm_property_create_enum(dev, 0,
+				      "Content Protection", drm_cp_enum_list,
+				      ARRAY_SIZE(drm_cp_enum_list));
+	dev->mode_config.content_protection_property = cp;
+
+	cp_ksv = drm_property_create_range(dev, DRM_MODE_PROP_IMMUTABLE,
+				     "Content Protection KSV", 0, 0xFFFFFFFFFF);
+	dev->mode_config.content_protection_ksv_property = cp_ksv;
+
 	return 0;
 }
 
diff --git a/drivers/gpu/drm/drm_sysfs.c b/drivers/gpu/drm/drm_sysfs.c
index cc3d6d6..c3550f1 100644
--- a/drivers/gpu/drm/drm_sysfs.c
+++ b/drivers/gpu/drm/drm_sysfs.c
@@ -214,6 +214,48 @@  static ssize_t enabled_show(struct device *device,
 			"disabled");
 }
 
+static ssize_t content_protection_show(struct device *device,
+				       struct device_attribute *attr, char *buf)
+{
+	struct drm_connector *connector = to_drm_connector(device);
+	struct drm_device *dev = connector->dev;
+	struct drm_property *prop;
+	uint64_t cp;
+	int ret;
+
+	prop = dev->mode_config.content_protection_property;
+	if (!prop)
+		return 0;
+
+	ret = drm_object_property_get_value(&connector->base, prop, &cp);
+	if (ret)
+		return 0;
+
+	return snprintf(buf, PAGE_SIZE, "%s\n",
+			drm_get_content_protection_name((int)cp));
+}
+
+static ssize_t content_protection_ksv_show(struct device *device,
+					   struct device_attribute *attr,
+					   char *buf)
+{
+	struct drm_connector *connector = to_drm_connector(device);
+	struct drm_device *dev = connector->dev;
+	struct drm_property *prop;
+	uint64_t ksv;
+	int ret;
+
+	prop = dev->mode_config.content_protection_ksv_property;
+	if (!prop)
+		return 0;
+
+	ret = drm_object_property_get_value(&connector->base, prop, &ksv);
+	if (ret)
+		return 0;
+
+	return snprintf(buf, PAGE_SIZE, "%llx\n", ksv);
+}
+
 static ssize_t edid_show(struct file *filp, struct kobject *kobj,
 			 struct bin_attribute *attr, char *buf, loff_t off,
 			 size_t count)
@@ -344,6 +386,8 @@  static struct device_attribute connector_attrs[] = {
 	__ATTR_RO(enabled),
 	__ATTR_RO(dpms),
 	__ATTR_RO(modes),
+	__ATTR_RO(content_protection),
+	__ATTR_RO(content_protection_ksv),
 };
 
 /* These attributes are for both DVI-I connectors and all types of tv-out. */
diff --git a/include/drm/drm_crtc.h b/include/drm/drm_crtc.h
index dd2c16e..3fc0643 100644
--- a/include/drm/drm_crtc.h
+++ b/include/drm/drm_crtc.h
@@ -1023,6 +1023,8 @@  struct drm_mode_config {
 	struct drm_property *path_property;
 	struct drm_property *plane_type_property;
 	struct drm_property *rotation_property;
+	struct drm_property *content_protection_property;
+	struct drm_property *content_protection_ksv_property;
 
 	/* DVI-I properties */
 	struct drm_property *dvi_i_subconnector_property;
@@ -1171,6 +1173,7 @@  extern void drm_encoder_cleanup(struct drm_encoder *encoder);
 extern const char *drm_get_connector_status_name(enum drm_connector_status status);
 extern const char *drm_get_subpixel_order_name(enum subpixel_order order);
 extern const char *drm_get_dpms_name(int val);
+extern const char *drm_get_content_protection_name(int val);
 extern const char *drm_get_dvi_i_subconnector_name(int val);
 extern const char *drm_get_dvi_i_select_name(int val);
 extern const char *drm_get_tv_subconnector_name(int val);
diff --git a/include/uapi/drm/drm_mode.h b/include/uapi/drm/drm_mode.h
index 86574b0..e2904f5 100644
--- a/include/uapi/drm/drm_mode.h
+++ b/include/uapi/drm/drm_mode.h
@@ -81,6 +81,10 @@ 
 #define DRM_MODE_DPMS_SUSPEND	2
 #define DRM_MODE_DPMS_OFF	3
 
+/* Content Protection Flags */
+#define DRM_MODE_CONTENT_PROTECTION_UNDESIRED   0
+#define DRM_MODE_CONTENT_PROTECTION_DESIRED     1
+
 /* Scaling mode options */
 #define DRM_MODE_SCALE_NONE		0 /* Unmodified timing (display or
 					     software can still scale) */