From: CK Hu ck.hu@mediatek.com

Add an interface to allocate MediaTek GEM buffers, allow the IOCTLs to be used by render nodes. This patch also sets the RENDER driver feature.

Signed-off-by: CK Hu ck.hu@mediatek.com Signed-off-by: Nicolas Boichat drinkcat@chromium.org Signed-off-by: Philipp Zabel p.zabel@pengutronix.de Signed-off-by: Jason-JH.Lin jason-jh.lin@mediatek.com Reviewed-by: Daniel Kurtz djkurtz@chromium.org Reviewed-by: Nicolas Boichat drinkcat@chromium.org Tested-by: Daniel Kurtz djkurtz@chromium.org Tested-by: Pi-Hsun Shih pihsun@chromium.org --- drivers/gpu/drm/mediatek/mtk_drm_drv.c | 13 ++++++ drivers/gpu/drm/mediatek/mtk_drm_gem.c | 39 +++++++++++++++++ drivers/gpu/drm/mediatek/mtk_drm_gem.h | 12 ++++++ include/uapi/drm/mediatek_drm.h | 58 ++++++++++++++++++++++++++ 4 files changed, 122 insertions(+) create mode 100644 include/uapi/drm/mediatek_drm.h

diff --git a/drivers/gpu/drm/mediatek/mtk_drm_drv.c b/drivers/gpu/drm/mediatek/mtk_drm_drv.c index 2b0c35cacbc6..5d2a39e491aa 100644 --- a/drivers/gpu/drm/mediatek/mtk_drm_drv.c +++ b/drivers/gpu/drm/mediatek/mtk_drm_drv.c @@ -24,6 +24,7 @@ #include <drm/drm_of.h> #include <drm/drm_probe_helper.h> #include <drm/drm_vblank.h> +#include <drm/mediatek_drm.h>

#include "mtk_drm_crtc.h" #include "mtk_drm_ddp_comp.h" @@ -569,6 +570,14 @@ static void mtk_drm_kms_deinit(struct drm_device *drm) component_unbind_all(drm->dev, drm); }

+static const struct drm_ioctl_desc mtk_ioctls[] = { + DRM_IOCTL_DEF_DRV(MTK_GEM_CREATE, mtk_gem_create_ioctl, + DRM_UNLOCKED | DRM_AUTH | DRM_RENDER_ALLOW), + DRM_IOCTL_DEF_DRV(MTK_GEM_MAP_OFFSET, + mtk_gem_map_offset_ioctl, + DRM_UNLOCKED | DRM_AUTH | DRM_RENDER_ALLOW), +}; + DEFINE_DRM_GEM_FOPS(mtk_drm_fops);

/* @@ -590,6 +599,10 @@ static const struct drm_driver mtk_drm_driver = {

.gem_prime_import = mtk_drm_gem_prime_import, .gem_prime_import_sg_table = mtk_gem_prime_import_sg_table, + + .ioctls = mtk_ioctls, + .num_ioctls = ARRAY_SIZE(mtk_ioctls), + .fops = &mtk_drm_fops,

.name = DRIVER_NAME, diff --git a/drivers/gpu/drm/mediatek/mtk_drm_gem.c b/drivers/gpu/drm/mediatek/mtk_drm_gem.c index 4f2e3feabc0f..30e347adcbe9 100644 --- a/drivers/gpu/drm/mediatek/mtk_drm_gem.c +++ b/drivers/gpu/drm/mediatek/mtk_drm_gem.c @@ -4,6 +4,7 @@ */

#include <linux/dma-buf.h> +#include <drm/mediatek_drm.h>

#include <drm/drm.h> #include <drm/drm_device.h> @@ -283,3 +284,41 @@ void mtk_drm_gem_prime_vunmap(struct drm_gem_object *obj, mtk_gem->kvaddr = NULL; kfree(mtk_gem->pages); } + +int mtk_gem_map_offset_ioctl(struct drm_device *drm, void *data, + struct drm_file *file_priv) +{ + struct drm_mtk_gem_map_off *args = data; + + return drm_gem_dumb_map_offset(file_priv, drm, args->handle, + &args->offset); +} + +int mtk_gem_create_ioctl(struct drm_device *dev, void *data, + struct drm_file *file_priv) +{ + struct mtk_drm_gem_obj *mtk_gem; + struct drm_mtk_gem_create *args = data; + int ret; + + mtk_gem = mtk_drm_gem_create(dev, args->size, false); + if (IS_ERR(mtk_gem)) + return PTR_ERR(mtk_gem); + + /* + * allocate a id of idr table where the obj is registered + * and handle has the id what user can see. + */ + ret = drm_gem_handle_create(file_priv, &mtk_gem->base, &args->handle); + if (ret) + goto err_handle_create; + + /* drop reference from allocate - handle holds it now. */ + drm_gem_object_put(&mtk_gem->base); + + return 0; + +err_handle_create: + mtk_drm_gem_free_object(&mtk_gem->base); + return ret; +} diff --git a/drivers/gpu/drm/mediatek/mtk_drm_gem.h b/drivers/gpu/drm/mediatek/mtk_drm_gem.h index 78f23b07a02e..90f3d2916ec5 100644 --- a/drivers/gpu/drm/mediatek/mtk_drm_gem.h +++ b/drivers/gpu/drm/mediatek/mtk_drm_gem.h @@ -46,4 +46,16 @@ int mtk_drm_gem_prime_vmap(struct drm_gem_object *obj, struct iosys_map *map); void mtk_drm_gem_prime_vunmap(struct drm_gem_object *obj, struct iosys_map *map);

+/* + * request gem object creation and buffer allocation as the size + * that it is calculated with framebuffer information such as width, + * height and bpp. + */ +int mtk_gem_create_ioctl(struct drm_device *dev, void *data, + struct drm_file *file_priv); + +/* get buffer offset to map to user space. */ +int mtk_gem_map_offset_ioctl(struct drm_device *dev, void *data, + struct drm_file *file_priv); + #endif diff --git a/include/uapi/drm/mediatek_drm.h b/include/uapi/drm/mediatek_drm.h new file mode 100644 index 000000000000..f4d47577c94e --- /dev/null +++ b/include/uapi/drm/mediatek_drm.h @@ -0,0 +1,58 @@ +/* SPDX-License-Identifier: GPL-2.0+ WITH Linux-syscall-note */ +/* + * Copyright (c) 2015 MediaTek Inc. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#ifndef _UAPI_MEDIATEK_DRM_H +#define _UAPI_MEDIATEK_DRM_H + +#include <drm/drm.h> + +/** + * struct drm_mtk_gem_create - User-desired buffer creation information structure. + * + * @size: user-desired memory allocation size. + * - this size value would be page-aligned internally. + * @flags: user request for setting memory type or cache attributes. + * @handle: returned a handle to created gem object. + * - this handle will be set by gem module of kernel side. + */ +struct drm_mtk_gem_create { + uint64_t size; + uint32_t flags; + uint32_t handle; +}; + +/** + * struct drm_mtk_gem_map_off - A structure for getting buffer offset. + * + * @handle: a pointer to gem object created. + * @pad: just padding to be 64-bit aligned. + * @offset: relatived offset value of the memory region allocated. + * - this value should be set by user. + */ +struct drm_mtk_gem_map_off { + uint32_t handle; + uint32_t pad; + uint64_t offset; +}; + +#define DRM_MTK_GEM_CREATE 0x00 +#define DRM_MTK_GEM_MAP_OFFSET 0x01 + +#define DRM_IOCTL_MTK_GEM_CREATE DRM_IOWR(DRM_COMMAND_BASE + \ + DRM_MTK_GEM_CREATE, struct drm_mtk_gem_create) + +#define DRM_IOCTL_MTK_GEM_MAP_OFFSET DRM_IOWR(DRM_COMMAND_BASE + \ + DRM_MTK_GEM_MAP_OFFSET, struct drm_mtk_gem_map_off) + +#endif /* _UAPI_MEDIATEK_DRM_H */

Add secure buffer control flow to mtk_drm_gem.

When user space takes DRM_MTK_GEM_CREATE_ENCRYPTED flag and size to create a mtk_drm_gem object, mtk_drm_gem will find a matched size dma buffer from secure dma-heap and bind it to mtk_drm_gem object.

Signed-off-by: Jason-JH.Lin jason-jh.lin@mediatek.com --- drivers/gpu/drm/mediatek/mtk_drm_gem.c | 85 +++++++++++++++++++++++++- drivers/gpu/drm/mediatek/mtk_drm_gem.h | 4 ++ 2 files changed, 88 insertions(+), 1 deletion(-)

diff --git a/drivers/gpu/drm/mediatek/mtk_drm_gem.c b/drivers/gpu/drm/mediatek/mtk_drm_gem.c index 30e347adcbe9..858f34a735f8 100644 --- a/drivers/gpu/drm/mediatek/mtk_drm_gem.c +++ b/drivers/gpu/drm/mediatek/mtk_drm_gem.c @@ -4,6 +4,8 @@ */

#include <linux/dma-buf.h> +#include <linux/dma-heap.h> +#include <uapi/linux/dma-heap.h> #include <drm/mediatek_drm.h>

#include <drm/drm.h> @@ -55,6 +57,81 @@ static struct mtk_drm_gem_obj *mtk_drm_gem_init(struct drm_device *dev, return mtk_gem_obj; }

+struct mtk_drm_gem_obj *mtk_drm_gem_create_from_heap(struct drm_device *dev, + const char *heap, size_t size) +{ + struct mtk_drm_private *priv = dev->dev_private; + struct mtk_drm_gem_obj *mtk_gem; + struct drm_gem_object *obj; + struct dma_heap *dma_heap; + struct dma_buf *dma_buf; + struct dma_buf_attachment *attach; + struct sg_table *sgt; + struct iosys_map map = {}; + int ret; + + mtk_gem = mtk_drm_gem_init(dev, size); + if (IS_ERR(mtk_gem)) + return ERR_CAST(mtk_gem); + + obj = &mtk_gem->base; + + dma_heap = dma_heap_find(heap); + if (!dma_heap) { + DRM_ERROR("heap find fail\n"); + goto err_gem_free; + } + dma_buf = dma_heap_buffer_alloc(dma_heap, size, + O_RDWR | O_CLOEXEC, DMA_HEAP_VALID_HEAP_FLAGS); + if (IS_ERR(dma_buf)) { + DRM_ERROR("buffer alloc fail\n"); + dma_heap_put(dma_heap); + goto err_gem_free; + } + dma_heap_put(dma_heap); + + attach = dma_buf_attach(dma_buf, priv->dma_dev); + if (IS_ERR(attach)) { + DRM_ERROR("attach fail, return\n"); + dma_buf_put(dma_buf); + goto err_gem_free; + } + + sgt = dma_buf_map_attachment(attach, DMA_BIDIRECTIONAL); + if (IS_ERR(sgt)) { + DRM_ERROR("map failed, detach and return\n"); + dma_buf_detach(dma_buf, attach); + dma_buf_put(dma_buf); + goto err_gem_free; + } + obj->import_attach = attach; + mtk_gem->dma_addr = sg_dma_address(sgt->sgl); + mtk_gem->sg = sgt; + mtk_gem->size = dma_buf->size; + + if (!strcmp(heap, "mtk_svp") || !strcmp(heap, "mtk_svp_cma")) { + /* secure buffer can not be mapped */ + mtk_gem->secure = true; + } else { + ret = dma_buf_vmap(dma_buf, &map); + mtk_gem->kvaddr = map.vaddr; + if (ret) { + DRM_ERROR("map failed, ret=%d\n", ret); + dma_buf_unmap_attachment(attach, sgt, DMA_BIDIRECTIONAL); + dma_buf_detach(dma_buf, attach); + dma_buf_put(dma_buf); + mtk_gem->kvaddr = NULL; + } + } + + return mtk_gem; + +err_gem_free: + drm_gem_object_release(obj); + kfree(mtk_gem); + return ERR_PTR(-ENOMEM); +} + struct mtk_drm_gem_obj *mtk_drm_gem_create(struct drm_device *dev, size_t size, bool alloc_kmap) { @@ -225,7 +302,9 @@ struct drm_gem_object *mtk_gem_prime_import_sg_table(struct drm_device *dev, if (IS_ERR(mtk_gem)) return ERR_CAST(mtk_gem);

+ mtk_gem->secure = !sg_page(sg->sgl); mtk_gem->dma_addr = sg_dma_address(sg->sgl); + mtk_gem->size = attach->dmabuf->size; mtk_gem->sg = sg;

return &mtk_gem->base; @@ -301,7 +380,11 @@ int mtk_gem_create_ioctl(struct drm_device *dev, void *data, struct drm_mtk_gem_create *args = data; int ret;

- mtk_gem = mtk_drm_gem_create(dev, args->size, false); + if (args->flags & DRM_MTK_GEM_CREATE_ENCRYPTED) + mtk_gem = mtk_drm_gem_create_from_heap(dev, "mtk_svp_cma", args->size); + else + mtk_gem = mtk_drm_gem_create(dev, args->size, false); + if (IS_ERR(mtk_gem)) return PTR_ERR(mtk_gem);

diff --git a/drivers/gpu/drm/mediatek/mtk_drm_gem.h b/drivers/gpu/drm/mediatek/mtk_drm_gem.h index 90f3d2916ec5..8fd5ce827d4f 100644 --- a/drivers/gpu/drm/mediatek/mtk_drm_gem.h +++ b/drivers/gpu/drm/mediatek/mtk_drm_gem.h @@ -27,9 +27,11 @@ struct mtk_drm_gem_obj { void *cookie; void *kvaddr; dma_addr_t dma_addr; + size_t size; unsigned long dma_attrs; struct sg_table *sg; struct page **pages; + bool secure; };

#define to_mtk_gem_obj(x) container_of(x, struct mtk_drm_gem_obj, base) @@ -37,6 +39,8 @@ struct mtk_drm_gem_obj { void mtk_drm_gem_free_object(struct drm_gem_object *gem); struct mtk_drm_gem_obj *mtk_drm_gem_create(struct drm_device *dev, size_t size, bool alloc_kmap); +struct mtk_drm_gem_obj *mtk_drm_gem_create_from_heap(struct drm_device *dev, + const char *heap, size_t size); int mtk_drm_gem_dumb_create(struct drm_file *file_priv, struct drm_device *dev, struct drm_mode_create_dumb *args); struct sg_table *mtk_gem_prime_get_sg_table(struct drm_gem_object *obj);

Add mtk_ddp_sec_write to configure secure buffer information to cmdq secure packet data. Then secure cmdq driver will use these information to configure curresponding secure DRAM address to HW overlay in secure world.

Signed-off-by: Jason-JH.Lin jason-jh.lin@mediatek.com --- drivers/gpu/drm/mediatek/mtk_drm_ddp_comp.h | 5 +++++ 1 file changed, 5 insertions(+)

diff --git a/drivers/gpu/drm/mediatek/mtk_drm_ddp_comp.h b/drivers/gpu/drm/mediatek/mtk_drm_ddp_comp.h index 4bae55bdb034..b5a05ca3a385 100644 --- a/drivers/gpu/drm/mediatek/mtk_drm_ddp_comp.h +++ b/drivers/gpu/drm/mediatek/mtk_drm_ddp_comp.h @@ -7,6 +7,8 @@ #define MTK_DRM_DDP_COMP_H

#include <linux/io.h> +#include <linux/pm_runtime.h> +#include <linux/mailbox/mtk-cmdq-sec-mailbox.h> #include <linux/soc/mediatek/mtk-cmdq.h> #include <linux/soc/mediatek/mtk-mmsys.h> #include <linux/soc/mediatek/mtk-mutex.h> @@ -308,4 +310,7 @@ void mtk_ddp_write_relaxed(struct cmdq_pkt *cmdq_pkt, unsigned int value, void mtk_ddp_write_mask(struct cmdq_pkt *cmdq_pkt, unsigned int value, struct cmdq_client_reg *cmdq_reg, void __iomem *regs, unsigned int offset, unsigned int mask); +void mtk_ddp_sec_write(struct cmdq_pkt *cmdq_pkt, u32 addr, u64 base, + const enum cmdq_iwc_addr_metadata_type type, + const u32 offset, const u32 size, const u32 port); #endif /* MTK_DRM_DDP_COMP_H */

Add secure layer config support for ovl.

TODO: 1. Move DISP_REG_OVL_SECURE setting to secure world. 2. Change the parameter register address in mtk_ddp_sec_write() from "u32 addr" to "struct cmdq_client_reg *cmdq_reg".

Signed-off-by: Jason-JH.Lin jason-jh.lin@mediatek.com --- drivers/gpu/drm/mediatek/mtk_disp_drv.h | 2 ++ drivers/gpu/drm/mediatek/mtk_disp_ovl.c | 31 +++++++++++++++++++-- drivers/gpu/drm/mediatek/mtk_drm_ddp_comp.c | 29 +++++++++++++++++++ 3 files changed, 60 insertions(+), 2 deletions(-)

diff --git a/drivers/gpu/drm/mediatek/mtk_disp_drv.h b/drivers/gpu/drm/mediatek/mtk_disp_drv.h index 1311562d25cc..77054adcd9cf 100644 --- a/drivers/gpu/drm/mediatek/mtk_disp_drv.h +++ b/drivers/gpu/drm/mediatek/mtk_disp_drv.h @@ -9,6 +9,7 @@ #include <linux/soc/mediatek/mtk-cmdq.h> #include <linux/soc/mediatek/mtk-mmsys.h> #include <linux/soc/mediatek/mtk-mutex.h> +#include "mtk_drm_ddp_comp.h" #include "mtk_drm_plane.h" #include "mtk_mdp_rdma.h"

@@ -82,6 +83,7 @@ void mtk_ovl_clk_disable(struct device *dev); void mtk_ovl_config(struct device *dev, unsigned int w, unsigned int h, unsigned int vrefresh, unsigned int bpc, struct cmdq_pkt *cmdq_pkt); +u64 mtk_ovl_get_sec_port(struct mtk_ddp_comp *comp, unsigned int idx); int mtk_ovl_layer_check(struct device *dev, unsigned int idx, struct mtk_plane_state *mtk_state); void mtk_ovl_layer_config(struct device *dev, unsigned int idx, diff --git a/drivers/gpu/drm/mediatek/mtk_disp_ovl.c b/drivers/gpu/drm/mediatek/mtk_disp_ovl.c index 2bffe4245466..c18f76412a2e 100644 --- a/drivers/gpu/drm/mediatek/mtk_disp_ovl.c +++ b/drivers/gpu/drm/mediatek/mtk_disp_ovl.c @@ -46,6 +46,7 @@ #define DISP_REG_OVL_ADDR(ovl, n) ((ovl)->data->addr + 0x20 * (n)) #define DISP_REG_OVL_HDR_ADDR(ovl, n) ((ovl)->data->addr + 0x20 * (n) + 0x04) #define DISP_REG_OVL_HDR_PITCH(ovl, n) ((ovl)->data->addr + 0x20 * (n) + 0x08) +#define DISP_REG_OVL_SECURE 0x0fc0

#define GMC_THRESHOLD_BITS 16 #define GMC_THRESHOLD_HIGH ((1 << GMC_THRESHOLD_BITS) / 4) @@ -126,8 +127,19 @@ struct mtk_disp_ovl { const struct mtk_disp_ovl_data *data; void (*vblank_cb)(void *data); void *vblank_cb_data; + resource_size_t regs_pa; };

+u64 mtk_ovl_get_sec_port(struct mtk_ddp_comp *comp, unsigned int idx) +{ + if (comp->id == DDP_COMPONENT_OVL0) + return BIT_ULL(CMDQ_SEC_DISP_OVL0); + else if (comp->id == DDP_COMPONENT_OVL1) + return BIT_ULL(CMDQ_SEC_DISP_OVL1); + + return 0; +} + static irqreturn_t mtk_disp_ovl_irq_handler(int irq, void *dev_id) { struct mtk_disp_ovl *priv = dev_id; @@ -449,8 +461,22 @@ void mtk_ovl_layer_config(struct device *dev, unsigned int idx, DISP_REG_OVL_SRC_SIZE(idx)); mtk_ddp_write_relaxed(cmdq_pkt, offset, &ovl->cmdq_reg, ovl->regs, DISP_REG_OVL_OFFSET(idx)); - mtk_ddp_write_relaxed(cmdq_pkt, addr, &ovl->cmdq_reg, ovl->regs, - DISP_REG_OVL_ADDR(ovl, idx)); + + if (state->pending.is_secure) { + const struct drm_format_info *fmt_info = drm_format_info(fmt); + unsigned int buf_size = (pending->height - 1) * pending->pitch + + pending->width * fmt_info->cpp[0]; + + mtk_ddp_write_mask(cmdq_pkt, BIT(idx), &ovl->cmdq_reg, ovl->regs, + DISP_REG_OVL_SECURE, BIT(idx)); + mtk_ddp_sec_write(cmdq_pkt, ovl->regs_pa + DISP_REG_OVL_ADDR(ovl, idx), + pending->addr, CMDQ_IWC_H_2_MVA, 0, buf_size, 0); + } else { + mtk_ddp_write_mask(cmdq_pkt, 0, &ovl->cmdq_reg, ovl->regs, + DISP_REG_OVL_SECURE, BIT(idx)); + mtk_ddp_write_relaxed(cmdq_pkt, addr, &ovl->cmdq_reg, ovl->regs, + DISP_REG_OVL_ADDR(ovl, idx)); + }

if (is_afbc) { mtk_ddp_write_relaxed(cmdq_pkt, hdr_addr, &ovl->cmdq_reg, ovl->regs, @@ -529,6 +555,7 @@ static int mtk_disp_ovl_probe(struct platform_device *pdev) }

res = platform_get_resource(pdev, IORESOURCE_MEM, 0); + priv->regs_pa = res->start; priv->regs = devm_ioremap_resource(dev, res); if (IS_ERR(priv->regs)) { dev_err(dev, "failed to ioremap ovl\n"); diff --git a/drivers/gpu/drm/mediatek/mtk_drm_ddp_comp.c b/drivers/gpu/drm/mediatek/mtk_drm_ddp_comp.c index 3046c0409353..6aed7647dfc0 100644 --- a/drivers/gpu/drm/mediatek/mtk_drm_ddp_comp.c +++ b/drivers/gpu/drm/mediatek/mtk_drm_ddp_comp.c @@ -111,6 +111,34 @@ void mtk_ddp_write_mask(struct cmdq_pkt *cmdq_pkt, unsigned int value, #endif }

+void mtk_ddp_sec_write(struct cmdq_pkt *cmdq_pkt, u32 addr, u64 base, + const enum cmdq_iwc_addr_metadata_type type, + const u32 offset, const u32 size, const u32 port) +{ +#if IS_REACHABLE(CONFIG_MTK_CMDQ) + if (!cmdq_pkt) + return; + + /* secure buffer will be 4K alignment */ + cmdq_sec_pkt_write(cmdq_pkt, addr, base, type, + offset, ALIGN(size, PAGE_SIZE), port); +#endif +} + +void mtk_ddp_sec_write(struct cmdq_pkt *cmdq_pkt, u32 addr, u64 base, + const enum cmdq_iwc_addr_metadata_type type, + const u32 offset, const u32 size, const u32 port) +{ +#if IS_REACHABLE(CONFIG_MTK_CMDQ) + if (!cmdq_pkt) + return; + + /* secure buffer will be 4K alignment */ + cmdq_sec_pkt_write(cmdq_pkt, addr, base, type, + offset, ALIGN(size, PAGE_SIZE), port); +#endif +} + static int mtk_ddp_clk_enable(struct device *dev) { struct mtk_ddp_comp_dev *priv = dev_get_drvdata(dev); @@ -365,6 +393,7 @@ static const struct mtk_ddp_comp_funcs ddp_ovl = { .bgclr_in_off = mtk_ovl_bgclr_in_off, .get_formats = mtk_ovl_get_formats, .get_num_formats = mtk_ovl_get_num_formats, + .get_sec_port = mtk_ovl_get_sec_port, };

static const struct mtk_ddp_comp_funcs ddp_postmask = {

To add secure flow support for mediatek-drm, each crtc have to create a secure cmdq mailbox channel. Then cmdq packets with display HW configuration will be sent to secure cmdq mailbox channel and configured in the secure world.

Each crtc have to use secure cmdq interface to configure some secure settings for display HW before sending cmdq packets to secure cmdq mailbox channel.

If any of fb get from current drm_atomic_state is secure, then crtc will switch to the secure flow to configure display HW. If all fbs are not secure in current drm_atomic_state, then crtc will switch to the normal flow.

TODO: 1. Remove get sec larb port interface in ddp_comp, ovl and ovl_adaptor. 2. Verify instruction for enabling/disabling dapc and larb port in TEE drop the sec_engine flags in normal world.

Signed-off-by: Jason-JH.Lin jason-jh.lin@mediatek.com --- drivers/gpu/drm/mediatek/mtk_drm_crtc.c | 272 ++++++++++++++++++++++- drivers/gpu/drm/mediatek/mtk_drm_crtc.h | 1 + drivers/gpu/drm/mediatek/mtk_drm_plane.c | 7 + 3 files changed, 269 insertions(+), 11 deletions(-)

diff --git a/drivers/gpu/drm/mediatek/mtk_drm_crtc.c b/drivers/gpu/drm/mediatek/mtk_drm_crtc.c index db43f9dff912..79617c0f016d 100644 --- a/drivers/gpu/drm/mediatek/mtk_drm_crtc.c +++ b/drivers/gpu/drm/mediatek/mtk_drm_crtc.c @@ -56,6 +56,11 @@ struct mtk_drm_crtc { u32 cmdq_event; u32 cmdq_vblank_cnt; wait_queue_head_t cb_blocking_queue; + + struct cmdq_client sec_cmdq_client; + struct cmdq_pkt sec_cmdq_handle; + bool sec_cmdq_working; + wait_queue_head_t sec_cb_blocking_queue; #endif

struct device *mmsys_dev; @@ -69,6 +74,7 @@ struct mtk_drm_crtc { /* lock for display hardware access */ struct mutex hw_lock; bool config_updating; + bool sec_on; };

struct mtk_crtc_state { @@ -111,6 +117,154 @@ static void mtk_drm_finish_page_flip(struct mtk_drm_crtc *mtk_crtc) } }

+void mtk_crtc_disable_secure_state(struct drm_crtc *crtc) +{ +#if IS_REACHABLE(CONFIG_MTK_CMDQ) + enum cmdq_sec_scenario sec_scn = CMDQ_SEC_SCNR_MAX; + int i; + struct mtk_ddp_comp *ddp_first_comp; + struct mtk_drm_crtc *mtk_crtc = to_mtk_crtc(crtc); + u64 sec_engine = 0; /* for hw engine write output secure fb */ + u64 sec_port = 0; /* for larb port read input secure fb */ + + mutex_lock(&mtk_crtc->hw_lock); + + if (!mtk_crtc->sec_cmdq_client.chan) { + pr_err("crtc-%d secure mbox channel is NULL\n", drm_crtc_index(crtc)); + goto err; + } + + if (!mtk_crtc->sec_on) { + pr_debug("crtc-%d is already disabled!\n", drm_crtc_index(crtc)); + goto err; + } + + mbox_flush(mtk_crtc->sec_cmdq_client.chan, 0); + mtk_crtc->sec_cmdq_handle.cmd_buf_size = 0; + + if (mtk_crtc->sec_cmdq_handle.sec_data) { + struct cmdq_sec_data *sec_data; + + sec_data = mtk_crtc->sec_cmdq_handle.sec_data; + sec_data->addr_metadata_cnt = 0; + sec_data->addr_metadatas = (uintptr_t)NULL; + } + + /* + * Secure path only support DL mode, so we just wait + * the first path frame done here + */ + cmdq_pkt_wfe(&mtk_crtc->sec_cmdq_handle, mtk_crtc->cmdq_event, false); + + ddp_first_comp = mtk_crtc->ddp_comp[0]; + for (i = 0; i < mtk_crtc->layer_nr; i++) { + struct drm_plane *plane = &mtk_crtc->planes[i]; + + sec_port |= mtk_ddp_comp_layer_get_sec_port(ddp_first_comp, i); + + /* make sure secure layer off before switching secure state */ + if (!mtk_plane_fb_is_secure(plane->state->fb)) { + struct mtk_plane_state *plane_state = to_mtk_plane_state(plane->state); + + plane_state->pending.enable = false; + mtk_ddp_comp_layer_config(ddp_first_comp, i, plane_state, + &mtk_crtc->sec_cmdq_handle); + } + } + + /* Disable secure path */ + if (drm_crtc_index(crtc) == 0) + sec_scn = CMDQ_SEC_SCNR_PRIMARY_DISP_DISABLE; + else if (drm_crtc_index(crtc) == 1) + sec_scn = CMDQ_SEC_SCNR_SUB_DISP_DISABLE; + + cmdq_sec_pkt_set_data(&mtk_crtc->sec_cmdq_handle, sec_engine, sec_engine, sec_scn); + + cmdq_pkt_finalize(&mtk_crtc->sec_cmdq_handle); + dma_sync_single_for_device(mtk_crtc->sec_cmdq_client.chan->mbox->dev, + mtk_crtc->sec_cmdq_handle.pa_base, + mtk_crtc->sec_cmdq_handle.cmd_buf_size, + DMA_TO_DEVICE); + + mtk_crtc->sec_cmdq_working = true; + mbox_send_message(mtk_crtc->sec_cmdq_client.chan, &mtk_crtc->sec_cmdq_handle); + mbox_client_txdone(mtk_crtc->sec_cmdq_client.chan, 0); + + // Wait for sec state to be disabled by cmdq + wait_event_timeout(mtk_crtc->sec_cb_blocking_queue, + !mtk_crtc->sec_cmdq_working, + msecs_to_jiffies(500)); + + mtk_crtc->sec_on = false; + pr_debug("crtc-%d disable secure plane!\n", drm_crtc_index(crtc)); + +err: + mutex_unlock(&mtk_crtc->hw_lock); +#endif +} + +#if IS_REACHABLE(CONFIG_MTK_CMDQ) +static void mtk_crtc_enable_secure_state(struct drm_crtc *crtc) +{ + enum cmdq_sec_scenario sec_scn = CMDQ_SEC_SCNR_MAX; + int i; + struct mtk_ddp_comp *ddp_first_comp; + struct mtk_drm_crtc *mtk_crtc = to_mtk_crtc(crtc); + u64 sec_engine = 0; /* for hw engine write output secure fb */ + u64 sec_port = 0; /* for larb port read input secure fb */ + + cmdq_pkt_wfe(&mtk_crtc->sec_cmdq_handle, mtk_crtc->cmdq_event, false); + + ddp_first_comp = mtk_crtc->ddp_comp[0]; + for (i = 0; i < mtk_crtc->layer_nr; i++) + if (mtk_crtc->planes[i].type == DRM_PLANE_TYPE_CURSOR) + sec_port |= mtk_ddp_comp_layer_get_sec_port(ddp_first_comp, i); + + if (drm_crtc_index(crtc) == 0) + sec_scn = CMDQ_SEC_SCNR_PRIMARY_DISP; + else if (drm_crtc_index(crtc) == 1) + sec_scn = CMDQ_SEC_SCNR_SUB_DISP; + + cmdq_sec_pkt_set_data(&mtk_crtc->sec_cmdq_handle, sec_engine, sec_port, sec_scn); + + pr_debug("crtc-%d enable secure plane!\n", drm_crtc_index(crtc)); +} +#endif + +static void mtk_drm_crtc_plane_switch_sec_state(struct drm_crtc *crtc, + struct drm_atomic_state *state) +{ +#if IS_REACHABLE(CONFIG_MTK_CMDQ) + bool sec_on[MAX_CRTC] = {0}; + int i; + struct drm_crtc_state *crtc_state; + struct mtk_drm_crtc *mtk_crtc = to_mtk_crtc(crtc); + struct drm_plane *plane; + struct drm_plane_state *old_plane_state; + + for_each_old_plane_in_state(state, plane, old_plane_state, i) { + if (!plane->state->crtc) + continue; + + if (plane->state->fb && + mtk_plane_fb_is_secure(plane->state->fb) && + mtk_crtc->sec_cmdq_client.chan) + sec_on[drm_crtc_index(plane->state->crtc)] = true; + } + + for_each_old_crtc_in_state(state, crtc, crtc_state, i) { + mtk_crtc = to_mtk_crtc(crtc); + + if (!sec_on[i]) + mtk_crtc_disable_secure_state(crtc); + + mutex_lock(&mtk_crtc->hw_lock); + mtk_crtc->sec_on = true; + mutex_unlock(&mtk_crtc->hw_lock); + } +#endif +} + #if IS_REACHABLE(CONFIG_MTK_CMDQ) static int mtk_drm_cmdq_pkt_create(struct cmdq_client *client, struct cmdq_pkt *pkt, size_t size) @@ -146,22 +300,33 @@ static void mtk_drm_cmdq_pkt_destroy(struct cmdq_pkt *pkt) dma_unmap_single(client->chan->mbox->dev, pkt->pa_base, pkt->buf_size, DMA_TO_DEVICE); kfree(pkt->va_base); + kfree(pkt->sec_data); } #endif

static void mtk_drm_crtc_destroy(struct drm_crtc *crtc) { struct mtk_drm_crtc *mtk_crtc = to_mtk_crtc(crtc); + struct mtk_drm_private *priv = crtc->dev->dev_private; int i;

+ priv = priv->all_drm_private[drm_crtc_index(crtc)]; + mtk_mutex_put(mtk_crtc->mutex); #if IS_REACHABLE(CONFIG_MTK_CMDQ) mtk_drm_cmdq_pkt_destroy(&mtk_crtc->cmdq_handle); + mtk_drm_cmdq_pkt_destroy(&mtk_crtc->sec_cmdq_handle);

if (mtk_crtc->cmdq_client.chan) { mbox_free_channel(mtk_crtc->cmdq_client.chan); mtk_crtc->cmdq_client.chan = NULL; } + + if (mtk_crtc->sec_cmdq_client.chan) { + device_link_remove(priv->dev, mtk_crtc->sec_cmdq_client.chan->mbox->dev); + mbox_free_channel(mtk_crtc->sec_cmdq_client.chan); + mtk_crtc->sec_cmdq_client.chan = NULL; + } #endif

for (i = 0; i < mtk_crtc->ddp_comp_nr; i++) { @@ -288,13 +453,18 @@ static void ddp_cmdq_cb(struct mbox_client *cl, void *mssg) { struct cmdq_cb_data *data = mssg; struct cmdq_client *cmdq_cl = container_of(cl, struct cmdq_client, client); - struct mtk_drm_crtc *mtk_crtc = container_of(cmdq_cl, struct mtk_drm_crtc, cmdq_client); + struct mtk_drm_crtc *mtk_crtc; struct mtk_crtc_state *state; unsigned int i;

if (data->sta < 0) return;

+ if (!data->pkt || !data->pkt->sec_data) + mtk_crtc = container_of(cmdq_cl, struct mtk_drm_crtc, cmdq_client); + else + mtk_crtc = container_of(cmdq_cl, struct mtk_drm_crtc, sec_cmdq_client); + state = to_mtk_crtc_state(mtk_crtc->base.state);

state->pending_config = false; @@ -323,6 +493,11 @@ static void ddp_cmdq_cb(struct mbox_client *cl, void *mssg) mtk_crtc->pending_async_planes = false; }

+ if (mtk_crtc->sec_cmdq_working) { + mtk_crtc->sec_cmdq_working = false; + wake_up(&mtk_crtc->sec_cb_blocking_queue); + } + mtk_crtc->cmdq_vblank_cnt = 0; wake_up(&mtk_crtc->cb_blocking_queue); } @@ -549,7 +724,8 @@ static void mtk_drm_crtc_update_config(struct mtk_drm_crtc *mtk_crtc, bool needs_vblank) { #if IS_REACHABLE(CONFIG_MTK_CMDQ) - struct cmdq_pkt *cmdq_handle = &mtk_crtc->cmdq_handle; + struct cmdq_client cmdq_client; + struct cmdq_pkt *cmdq_handle; #endif struct drm_crtc *crtc = &mtk_crtc->base; struct mtk_drm_private *priv = crtc->dev->dev_private; @@ -587,14 +763,36 @@ static void mtk_drm_crtc_update_config(struct mtk_drm_crtc *mtk_crtc, mtk_mutex_release(mtk_crtc->mutex); } #if IS_REACHABLE(CONFIG_MTK_CMDQ) - if (mtk_crtc->cmdq_client.chan) { + if (mtk_crtc->sec_on) { + mbox_flush(mtk_crtc->sec_cmdq_client.chan, 0); + mtk_crtc->sec_cmdq_handle.cmd_buf_size = 0; + + if (mtk_crtc->sec_cmdq_handle.sec_data) { + struct cmdq_sec_data *sec_data; + + sec_data = mtk_crtc->sec_cmdq_handle.sec_data; + sec_data->addr_metadata_cnt = 0; + sec_data->addr_metadatas = (uintptr_t)NULL; + } + + mtk_crtc_enable_secure_state(crtc); + + cmdq_client = mtk_crtc->sec_cmdq_client; + cmdq_handle = &mtk_crtc->sec_cmdq_handle; + } else if (mtk_crtc->cmdq_client.chan) { mbox_flush(mtk_crtc->cmdq_client.chan, 2000); - cmdq_handle->cmd_buf_size = 0; + mtk_crtc->cmdq_handle.cmd_buf_size = 0; + + cmdq_client = mtk_crtc->cmdq_client; + cmdq_handle = &mtk_crtc->cmdq_handle; + } + + if (cmdq_client.chan) { cmdq_pkt_clear_event(cmdq_handle, mtk_crtc->cmdq_event); cmdq_pkt_wfe(cmdq_handle, mtk_crtc->cmdq_event, false); mtk_crtc_ddp_config(crtc, cmdq_handle); cmdq_pkt_finalize(cmdq_handle); - dma_sync_single_for_device(mtk_crtc->cmdq_client.chan->mbox->dev, + dma_sync_single_for_device(cmdq_client.chan->mbox->dev, cmdq_handle->pa_base, cmdq_handle->cmd_buf_size, DMA_TO_DEVICE); @@ -607,8 +805,8 @@ static void mtk_drm_crtc_update_config(struct mtk_drm_crtc *mtk_crtc, */ mtk_crtc->cmdq_vblank_cnt = 3;

- mbox_send_message(mtk_crtc->cmdq_client.chan, cmdq_handle); - mbox_client_txdone(mtk_crtc->cmdq_client.chan, 0); + mbox_send_message(cmdq_client.chan, cmdq_handle); + mbox_client_txdone(cmdq_client.chan, 0); } #endif mtk_crtc->config_updating = false; @@ -750,6 +948,8 @@ static void mtk_drm_crtc_atomic_disable(struct drm_crtc *crtc, if (!mtk_crtc->enabled) return;

+ mtk_crtc_disable_secure_state(crtc); + /* Set all pending plane state to disabled */ for (i = 0; i < mtk_crtc->layer_nr; i++) { struct drm_plane *plane = &mtk_crtc->planes[i]; @@ -790,6 +990,8 @@ static void mtk_drm_crtc_atomic_begin(struct drm_crtc *crtc, struct mtk_drm_crtc *mtk_crtc = to_mtk_crtc(crtc); unsigned long flags;

+ mtk_drm_crtc_plane_switch_sec_state(crtc, state); + if (mtk_crtc->event && mtk_crtc_state->base.event) DRM_ERROR("new event while there is still a pending event\n");

@@ -1082,8 +1284,7 @@ int mtk_drm_crtc_create(struct drm_device *drm_dev, if (ret) { dev_dbg(dev, "mtk_crtc %d failed to get mediatek,gce-events property\n", drm_crtc_index(&mtk_crtc->base)); - mbox_free_channel(mtk_crtc->cmdq_client.chan); - mtk_crtc->cmdq_client.chan = NULL; + goto cmdq_err; } else { ret = mtk_drm_cmdq_pkt_create(&mtk_crtc->cmdq_client, &mtk_crtc->cmdq_handle, @@ -1091,14 +1292,63 @@ int mtk_drm_crtc_create(struct drm_device *drm_dev, if (ret) { dev_dbg(dev, "mtk_crtc %d failed to create cmdq packet\n", drm_crtc_index(&mtk_crtc->base)); - mbox_free_channel(mtk_crtc->cmdq_client.chan); - mtk_crtc->cmdq_client.chan = NULL; + goto cmdq_err; } }

/* for sending blocking cmd in crtc disable */ init_waitqueue_head(&mtk_crtc->cb_blocking_queue); } + + mtk_crtc->sec_cmdq_client.client.dev = mtk_crtc->mmsys_dev; + mtk_crtc->sec_cmdq_client.client.tx_block = false; + mtk_crtc->sec_cmdq_client.client.knows_txdone = true; + mtk_crtc->sec_cmdq_client.client.rx_callback = ddp_cmdq_cb; + mtk_crtc->sec_cmdq_client.chan = + mbox_request_channel(&mtk_crtc->sec_cmdq_client.client, i + 1); + if (IS_ERR(mtk_crtc->sec_cmdq_client.chan)) { + dev_err(dev, "mtk_crtc %d failed to create sec mailbox client\n", + drm_crtc_index(&mtk_crtc->base)); + mtk_crtc->sec_cmdq_client.chan = NULL; + } + + if (mtk_crtc->sec_cmdq_client.chan) { + struct device_link *link; + + /* add devlink to cmdq dev to make sure suspend/resume order is correct */ + link = device_link_add(priv->dev, mtk_crtc->sec_cmdq_client.chan->mbox->dev, + DL_FLAG_PM_RUNTIME | DL_FLAG_STATELESS); + if (!link) { + dev_err(priv->dev, "Unable to link dev=%s\n", + dev_name(mtk_crtc->sec_cmdq_client.chan->mbox->dev)); + ret = -ENODEV; + goto cmdq_err; + } + + ret = mtk_drm_cmdq_pkt_create(&mtk_crtc->sec_cmdq_client, + &mtk_crtc->sec_cmdq_handle, + PAGE_SIZE); + if (ret) { + dev_dbg(dev, "mtk_crtc %d failed to create cmdq secure packet\n", + drm_crtc_index(&mtk_crtc->base)); + goto cmdq_err; + } + + /* for sending blocking cmd in crtc disable */ + init_waitqueue_head(&mtk_crtc->sec_cb_blocking_queue); + } + +cmdq_err: + if (ret) { + if (mtk_crtc->cmdq_client.chan) { + mbox_free_channel(mtk_crtc->cmdq_client.chan); + mtk_crtc->cmdq_client.chan = NULL; + } + if (mtk_crtc->sec_cmdq_client.chan) { + mbox_free_channel(mtk_crtc->sec_cmdq_client.chan); + mtk_crtc->sec_cmdq_client.chan = NULL; + } + } #endif

if (conn_routes) { diff --git a/drivers/gpu/drm/mediatek/mtk_drm_crtc.h b/drivers/gpu/drm/mediatek/mtk_drm_crtc.h index 1f988ff1bf9f..cf8433846108 100644 --- a/drivers/gpu/drm/mediatek/mtk_drm_crtc.h +++ b/drivers/gpu/drm/mediatek/mtk_drm_crtc.h @@ -21,6 +21,7 @@ int mtk_drm_crtc_create(struct drm_device *drm_dev, int priv_data_index, const struct mtk_drm_route *conn_routes, unsigned int num_conn_routes); +void mtk_crtc_disable_secure_state(struct drm_crtc *crtc); int mtk_drm_crtc_plane_check(struct drm_crtc *crtc, struct drm_plane *plane, struct mtk_plane_state *state); void mtk_drm_crtc_async_update(struct drm_crtc *crtc, struct drm_plane *plane, diff --git a/drivers/gpu/drm/mediatek/mtk_drm_plane.c b/drivers/gpu/drm/mediatek/mtk_drm_plane.c index d4d515627ca4..96293c632d67 100644 --- a/drivers/gpu/drm/mediatek/mtk_drm_plane.c +++ b/drivers/gpu/drm/mediatek/mtk_drm_plane.c @@ -287,6 +287,13 @@ static void mtk_plane_atomic_disable(struct drm_plane *plane, mtk_plane_state->pending.enable = false; wmb(); /* Make sure the above parameter is set before update */ mtk_plane_state->pending.dirty = true; + + if (mtk_plane_state->pending.is_secure) { + struct drm_plane_state *old_state = drm_atomic_get_old_plane_state(state, plane); + + if (old_state->crtc) + mtk_crtc_disable_secure_state(old_state->crtc); + } }

static void mtk_plane_atomic_update(struct drm_plane *plane,

Add a secure mailbox channel to support secure video path on vdosys0 and vdosys1.

Signed-off-by: Jason-JH.Lin jason-jh.lin@mediatek.com --- arch/arm64/boot/dts/mediatek/mt8195.dtsi | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/arch/arm64/boot/dts/mediatek/mt8195.dtsi b/arch/arm64/boot/dts/mediatek/mt8195.dtsi index e0ac2e9f5b72..416d575be123 100644 --- a/arch/arm64/boot/dts/mediatek/mt8195.dtsi +++ b/arch/arm64/boot/dts/mediatek/mt8195.dtsi @@ -2621,7 +2621,8 @@ vdosys0: syscon@1c01a000 { compatible = "mediatek,mt8195-vdosys0", "mediatek,mt8195-mmsys", "syscon"; reg = <0 0x1c01a000 0 0x1000>; - mboxes = <&gce0 0 CMDQ_THR_PRIO_4>; + mboxes = <&gce0 0 CMDQ_THR_PRIO_4>, + <&gce0 8 CMDQ_THR_PRIO_4>; /* secure mbox */ #clock-cells = <1>; };

@@ -2806,7 +2807,8 @@ vdosys1: syscon@1c100000 { compatible = "mediatek,mt8195-vdosys1", "syscon"; reg = <0 0x1c100000 0 0x1000>; - mboxes = <&gce0 1 CMDQ_THR_PRIO_4>; + mboxes = <&gce0 1 CMDQ_THR_PRIO_4>, + <&gce0 9 CMDQ_THR_PRIO_4>; /* secure mbox */; mediatek,gce-client-reg = <&gce0 SUBSYS_1c10XXXX 0x0000 0x1000>; #clock-cells = <1>; #reset-cells = <1>;