2014-02-19 01:15:46 +07:00
|
|
|
/*
|
|
|
|
* Copyright © 2013 Intel Corporation
|
|
|
|
*
|
|
|
|
* Permission is hereby granted, free of charge, to any person obtaining a
|
|
|
|
* copy of this software and associated documentation files (the "Software"),
|
|
|
|
* to deal in the Software without restriction, including without limitation
|
|
|
|
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
|
|
|
|
* and/or sell copies of the Software, and to permit persons to whom the
|
|
|
|
* Software is furnished to do so, subject to the following conditions:
|
|
|
|
*
|
|
|
|
* The above copyright notice and this permission notice (including the next
|
|
|
|
* paragraph) shall be included in all copies or substantial portions of the
|
|
|
|
* Software.
|
|
|
|
*
|
|
|
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
|
|
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
|
|
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
|
|
|
|
* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
|
|
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
|
|
|
|
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
|
|
|
|
* IN THE SOFTWARE.
|
|
|
|
*
|
|
|
|
* Authors:
|
|
|
|
* Brad Volkin <bradley.d.volkin@intel.com>
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
2019-04-25 00:48:39 +07:00
|
|
|
#include "gt/intel_engine.h"
|
|
|
|
|
2014-02-19 01:15:46 +07:00
|
|
|
#include "i915_drv.h"
|
2019-08-08 20:42:47 +07:00
|
|
|
#include "i915_memcpy.h"
|
2014-02-19 01:15:46 +07:00
|
|
|
|
|
|
|
/**
|
2014-04-25 21:59:00 +07:00
|
|
|
* DOC: batch buffer command parser
|
2014-02-19 01:15:46 +07:00
|
|
|
*
|
|
|
|
* Motivation:
|
|
|
|
* Certain OpenGL features (e.g. transform feedback, performance monitoring)
|
|
|
|
* require userspace code to submit batches containing commands such as
|
|
|
|
* MI_LOAD_REGISTER_IMM to access various registers. Unfortunately, some
|
|
|
|
* generations of the hardware will noop these commands in "unsecure" batches
|
|
|
|
* (which includes all userspace batches submitted via i915) even though the
|
|
|
|
* commands may be safe and represent the intended programming model of the
|
|
|
|
* device.
|
|
|
|
*
|
|
|
|
* The software command parser is similar in operation to the command parsing
|
|
|
|
* done in hardware for unsecure batches. However, the software parser allows
|
|
|
|
* some operations that would be noop'd by hardware, if the parser determines
|
|
|
|
* the operation is safe, and submits the batch as "secure" to prevent hardware
|
|
|
|
* parsing.
|
|
|
|
*
|
|
|
|
* Threats:
|
|
|
|
* At a high level, the hardware (and software) checks attempt to prevent
|
|
|
|
* granting userspace undue privileges. There are three categories of privilege.
|
|
|
|
*
|
|
|
|
* First, commands which are explicitly defined as privileged or which should
|
2018-06-09 00:05:26 +07:00
|
|
|
* only be used by the kernel driver. The parser rejects such commands
|
2014-02-19 01:15:46 +07:00
|
|
|
*
|
|
|
|
* Second, commands which access registers. To support correct/enhanced
|
|
|
|
* userspace functionality, particularly certain OpenGL extensions, the parser
|
2018-06-09 00:05:26 +07:00
|
|
|
* provides a whitelist of registers which userspace may safely access
|
2014-02-19 01:15:46 +07:00
|
|
|
*
|
|
|
|
* Third, commands which access privileged memory (i.e. GGTT, HWS page, etc).
|
|
|
|
* The parser always rejects such commands.
|
|
|
|
*
|
|
|
|
* The majority of the problematic commands fall in the MI_* range, with only a
|
2016-07-27 15:07:26 +07:00
|
|
|
* few specific commands on each engine (e.g. PIPE_CONTROL and MI_FLUSH_DW).
|
2014-02-19 01:15:46 +07:00
|
|
|
*
|
|
|
|
* Implementation:
|
2016-07-27 15:07:26 +07:00
|
|
|
* Each engine maintains tables of commands and registers which the parser
|
|
|
|
* uses in scanning batch buffers submitted to that engine.
|
2014-02-19 01:15:46 +07:00
|
|
|
*
|
|
|
|
* Since the set of commands that the parser must check for is significantly
|
|
|
|
* smaller than the number of commands supported, the parser tables contain only
|
|
|
|
* those commands required by the parser. This generally works because command
|
|
|
|
* opcode ranges have standard command length encodings. So for commands that
|
|
|
|
* the parser does not need to check, it can easily skip them. This is
|
2016-07-27 15:07:26 +07:00
|
|
|
* implemented via a per-engine length decoding vfunc.
|
2014-02-19 01:15:46 +07:00
|
|
|
*
|
|
|
|
* Unfortunately, there are a number of commands that do not follow the standard
|
|
|
|
* length encoding for their opcode range, primarily amongst the MI_* commands.
|
|
|
|
* To handle this, the parser provides a way to define explicit "skip" entries
|
2016-07-27 15:07:26 +07:00
|
|
|
* in the per-engine command tables.
|
2014-02-19 01:15:46 +07:00
|
|
|
*
|
|
|
|
* Other command table entries map fairly directly to high level categories
|
2018-06-09 00:05:26 +07:00
|
|
|
* mentioned above: rejected, register whitelist. The parser implements a number
|
|
|
|
* of checks, including the privileged memory checks, via a general bitmasking
|
|
|
|
* mechanism.
|
2014-02-19 01:15:46 +07:00
|
|
|
*/
|
|
|
|
|
2016-11-24 06:02:27 +07:00
|
|
|
/*
|
|
|
|
* A command that requires special handling by the command parser.
|
|
|
|
*/
|
|
|
|
struct drm_i915_cmd_descriptor {
|
|
|
|
/*
|
|
|
|
* Flags describing how the command parser processes the command.
|
|
|
|
*
|
|
|
|
* CMD_DESC_FIXED: The command has a fixed length if this is set,
|
|
|
|
* a length mask if not set
|
|
|
|
* CMD_DESC_SKIP: The command is allowed but does not follow the
|
|
|
|
* standard length encoding for the opcode range in
|
|
|
|
* which it falls
|
|
|
|
* CMD_DESC_REJECT: The command is never allowed
|
|
|
|
* CMD_DESC_REGISTER: The command should be checked against the
|
|
|
|
* register whitelist for the appropriate ring
|
|
|
|
*/
|
|
|
|
u32 flags;
|
|
|
|
#define CMD_DESC_FIXED (1<<0)
|
|
|
|
#define CMD_DESC_SKIP (1<<1)
|
|
|
|
#define CMD_DESC_REJECT (1<<2)
|
|
|
|
#define CMD_DESC_REGISTER (1<<3)
|
|
|
|
#define CMD_DESC_BITMASK (1<<4)
|
|
|
|
|
|
|
|
/*
|
|
|
|
* The command's unique identification bits and the bitmask to get them.
|
|
|
|
* This isn't strictly the opcode field as defined in the spec and may
|
|
|
|
* also include type, subtype, and/or subop fields.
|
|
|
|
*/
|
|
|
|
struct {
|
|
|
|
u32 value;
|
|
|
|
u32 mask;
|
|
|
|
} cmd;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* The command's length. The command is either fixed length (i.e. does
|
|
|
|
* not include a length field) or has a length field mask. The flag
|
|
|
|
* CMD_DESC_FIXED indicates a fixed length. Otherwise, the command has
|
|
|
|
* a length mask. All command entries in a command table must include
|
|
|
|
* length information.
|
|
|
|
*/
|
|
|
|
union {
|
|
|
|
u32 fixed;
|
|
|
|
u32 mask;
|
|
|
|
} length;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Describes where to find a register address in the command to check
|
|
|
|
* against the ring's register whitelist. Only valid if flags has the
|
|
|
|
* CMD_DESC_REGISTER bit set.
|
|
|
|
*
|
|
|
|
* A non-zero step value implies that the command may access multiple
|
|
|
|
* registers in sequence (e.g. LRI), in that case step gives the
|
|
|
|
* distance in dwords between individual offset fields.
|
|
|
|
*/
|
|
|
|
struct {
|
|
|
|
u32 offset;
|
|
|
|
u32 mask;
|
|
|
|
u32 step;
|
|
|
|
} reg;
|
|
|
|
|
|
|
|
#define MAX_CMD_DESC_BITMASKS 3
|
|
|
|
/*
|
|
|
|
* Describes command checks where a particular dword is masked and
|
|
|
|
* compared against an expected value. If the command does not match
|
|
|
|
* the expected value, the parser rejects it. Only valid if flags has
|
|
|
|
* the CMD_DESC_BITMASK bit set. Only entries where mask is non-zero
|
|
|
|
* are valid.
|
|
|
|
*
|
|
|
|
* If the check specifies a non-zero condition_mask then the parser
|
|
|
|
* only performs the check when the bits specified by condition_mask
|
|
|
|
* are non-zero.
|
|
|
|
*/
|
|
|
|
struct {
|
|
|
|
u32 offset;
|
|
|
|
u32 mask;
|
|
|
|
u32 expected;
|
|
|
|
u32 condition_offset;
|
|
|
|
u32 condition_mask;
|
|
|
|
} bits[MAX_CMD_DESC_BITMASKS];
|
|
|
|
};
|
|
|
|
|
|
|
|
/*
|
|
|
|
* A table of commands requiring special handling by the command parser.
|
|
|
|
*
|
|
|
|
* Each engine has an array of tables. Each table consists of an array of
|
|
|
|
* command descriptors, which must be sorted with command opcodes in
|
|
|
|
* ascending order.
|
|
|
|
*/
|
|
|
|
struct drm_i915_cmd_table {
|
|
|
|
const struct drm_i915_cmd_descriptor *table;
|
|
|
|
int count;
|
|
|
|
};
|
|
|
|
|
2016-08-18 23:17:14 +07:00
|
|
|
#define STD_MI_OPCODE_SHIFT (32 - 9)
|
|
|
|
#define STD_3D_OPCODE_SHIFT (32 - 16)
|
|
|
|
#define STD_2D_OPCODE_SHIFT (32 - 10)
|
|
|
|
#define STD_MFX_OPCODE_SHIFT (32 - 16)
|
2016-08-18 23:17:15 +07:00
|
|
|
#define MIN_OPCODE_SHIFT 16
|
2014-02-19 01:15:47 +07:00
|
|
|
|
|
|
|
#define CMD(op, opm, f, lm, fl, ...) \
|
|
|
|
{ \
|
|
|
|
.flags = (fl) | ((f) ? CMD_DESC_FIXED : 0), \
|
2018-09-20 23:45:10 +07:00
|
|
|
.cmd = { (op & ~0u << (opm)), ~0u << (opm) }, \
|
2014-02-19 01:15:47 +07:00
|
|
|
.length = { (lm) }, \
|
|
|
|
__VA_ARGS__ \
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Convenience macros to compress the tables */
|
2016-08-18 23:17:14 +07:00
|
|
|
#define SMI STD_MI_OPCODE_SHIFT
|
|
|
|
#define S3D STD_3D_OPCODE_SHIFT
|
|
|
|
#define S2D STD_2D_OPCODE_SHIFT
|
|
|
|
#define SMFX STD_MFX_OPCODE_SHIFT
|
2014-02-19 01:15:47 +07:00
|
|
|
#define F true
|
|
|
|
#define S CMD_DESC_SKIP
|
|
|
|
#define R CMD_DESC_REJECT
|
|
|
|
#define W CMD_DESC_REGISTER
|
|
|
|
#define B CMD_DESC_BITMASK
|
|
|
|
|
|
|
|
/* Command Mask Fixed Len Action
|
|
|
|
---------------------------------------------------------- */
|
2018-04-21 04:26:01 +07:00
|
|
|
static const struct drm_i915_cmd_descriptor gen7_common_cmds[] = {
|
2014-02-19 01:15:47 +07:00
|
|
|
CMD( MI_NOOP, SMI, F, 1, S ),
|
2014-02-19 01:15:53 +07:00
|
|
|
CMD( MI_USER_INTERRUPT, SMI, F, 1, R ),
|
2018-06-09 00:05:26 +07:00
|
|
|
CMD( MI_WAIT_FOR_EVENT, SMI, F, 1, R ),
|
2014-02-19 01:15:47 +07:00
|
|
|
CMD( MI_ARB_CHECK, SMI, F, 1, S ),
|
|
|
|
CMD( MI_REPORT_HEAD, SMI, F, 1, S ),
|
|
|
|
CMD( MI_SUSPEND_FLUSH, SMI, F, 1, S ),
|
2014-02-19 01:15:48 +07:00
|
|
|
CMD( MI_SEMAPHORE_MBOX, SMI, !F, 0xFF, R ),
|
|
|
|
CMD( MI_STORE_DWORD_INDEX, SMI, !F, 0xFF, R ),
|
2014-02-19 01:15:52 +07:00
|
|
|
CMD( MI_LOAD_REGISTER_IMM(1), SMI, !F, 0xFF, W,
|
2015-05-29 20:44:13 +07:00
|
|
|
.reg = { .offset = 1, .mask = 0x007FFFFC, .step = 2 } ),
|
2015-09-02 18:29:40 +07:00
|
|
|
CMD( MI_STORE_REGISTER_MEM, SMI, F, 3, W | B,
|
2014-02-19 01:15:54 +07:00
|
|
|
.reg = { .offset = 1, .mask = 0x007FFFFC },
|
|
|
|
.bits = {{
|
|
|
|
.offset = 0,
|
|
|
|
.mask = MI_GLOBAL_GTT,
|
|
|
|
.expected = 0,
|
|
|
|
}}, ),
|
2015-09-02 18:29:40 +07:00
|
|
|
CMD( MI_LOAD_REGISTER_MEM, SMI, F, 3, W | B,
|
2014-02-19 01:15:54 +07:00
|
|
|
.reg = { .offset = 1, .mask = 0x007FFFFC },
|
|
|
|
.bits = {{
|
|
|
|
.offset = 0,
|
|
|
|
.mask = MI_GLOBAL_GTT,
|
|
|
|
.expected = 0,
|
|
|
|
}}, ),
|
2014-10-17 02:24:42 +07:00
|
|
|
/*
|
|
|
|
* MI_BATCH_BUFFER_START requires some special handling. It's not
|
|
|
|
* really a 'skip' action but it doesn't seem like it's worth adding
|
2019-12-13 17:26:30 +07:00
|
|
|
* a new action. See intel_engine_cmd_parser().
|
2014-10-17 02:24:42 +07:00
|
|
|
*/
|
2014-02-19 01:15:47 +07:00
|
|
|
CMD( MI_BATCH_BUFFER_START, SMI, !F, 0xFF, S ),
|
|
|
|
};
|
|
|
|
|
2018-04-21 04:26:01 +07:00
|
|
|
static const struct drm_i915_cmd_descriptor gen7_render_cmds[] = {
|
2014-02-19 01:15:47 +07:00
|
|
|
CMD( MI_FLUSH, SMI, F, 1, S ),
|
2014-02-19 01:15:48 +07:00
|
|
|
CMD( MI_ARB_ON_OFF, SMI, F, 1, R ),
|
2014-02-19 01:15:47 +07:00
|
|
|
CMD( MI_PREDICATE, SMI, F, 1, S ),
|
|
|
|
CMD( MI_TOPOLOGY_FILTER, SMI, F, 1, S ),
|
2014-11-22 00:35:36 +07:00
|
|
|
CMD( MI_SET_APPID, SMI, F, 1, S ),
|
2015-07-29 15:29:58 +07:00
|
|
|
CMD( MI_DISPLAY_FLIP, SMI, !F, 0xFF, R ),
|
2014-02-19 01:15:48 +07:00
|
|
|
CMD( MI_SET_CONTEXT, SMI, !F, 0xFF, R ),
|
2014-02-19 01:15:47 +07:00
|
|
|
CMD( MI_URB_CLEAR, SMI, !F, 0xFF, S ),
|
2014-02-19 01:15:54 +07:00
|
|
|
CMD( MI_STORE_DWORD_IMM, SMI, !F, 0x3F, B,
|
|
|
|
.bits = {{
|
|
|
|
.offset = 0,
|
|
|
|
.mask = MI_GLOBAL_GTT,
|
|
|
|
.expected = 0,
|
|
|
|
}}, ),
|
2014-02-19 01:15:48 +07:00
|
|
|
CMD( MI_UPDATE_GTT, SMI, !F, 0xFF, R ),
|
2014-02-19 01:15:54 +07:00
|
|
|
CMD( MI_CLFLUSH, SMI, !F, 0x3FF, B,
|
|
|
|
.bits = {{
|
|
|
|
.offset = 0,
|
|
|
|
.mask = MI_GLOBAL_GTT,
|
|
|
|
.expected = 0,
|
|
|
|
}}, ),
|
|
|
|
CMD( MI_REPORT_PERF_COUNT, SMI, !F, 0x3F, B,
|
|
|
|
.bits = {{
|
|
|
|
.offset = 1,
|
|
|
|
.mask = MI_REPORT_PERF_COUNT_GGTT,
|
|
|
|
.expected = 0,
|
|
|
|
}}, ),
|
|
|
|
CMD( MI_CONDITIONAL_BATCH_BUFFER_END, SMI, !F, 0xFF, B,
|
|
|
|
.bits = {{
|
|
|
|
.offset = 0,
|
|
|
|
.mask = MI_GLOBAL_GTT,
|
|
|
|
.expected = 0,
|
|
|
|
}}, ),
|
2014-02-19 01:15:47 +07:00
|
|
|
CMD( GFX_OP_3DSTATE_VF_STATISTICS, S3D, F, 1, S ),
|
|
|
|
CMD( PIPELINE_SELECT, S3D, F, 1, S ),
|
2014-02-19 01:15:52 +07:00
|
|
|
CMD( MEDIA_VFE_STATE, S3D, !F, 0xFFFF, B,
|
|
|
|
.bits = {{
|
|
|
|
.offset = 2,
|
|
|
|
.mask = MEDIA_VFE_STATE_MMIO_ACCESS_MASK,
|
|
|
|
.expected = 0,
|
|
|
|
}}, ),
|
2014-02-19 01:15:47 +07:00
|
|
|
CMD( GPGPU_OBJECT, S3D, !F, 0xFF, S ),
|
|
|
|
CMD( GPGPU_WALKER, S3D, !F, 0xFF, S ),
|
|
|
|
CMD( GFX_OP_3DSTATE_SO_DECL_LIST, S3D, !F, 0x1FF, S ),
|
2014-02-19 01:15:52 +07:00
|
|
|
CMD( GFX_OP_PIPE_CONTROL(5), S3D, !F, 0xFF, B,
|
|
|
|
.bits = {{
|
|
|
|
.offset = 1,
|
2014-02-19 01:15:53 +07:00
|
|
|
.mask = (PIPE_CONTROL_MMIO_WRITE | PIPE_CONTROL_NOTIFY),
|
2014-02-19 01:15:52 +07:00
|
|
|
.expected = 0,
|
2014-02-19 01:15:54 +07:00
|
|
|
},
|
|
|
|
{
|
|
|
|
.offset = 1,
|
2014-02-19 01:15:55 +07:00
|
|
|
.mask = (PIPE_CONTROL_GLOBAL_GTT_IVB |
|
|
|
|
PIPE_CONTROL_STORE_DATA_INDEX),
|
2014-02-19 01:15:54 +07:00
|
|
|
.expected = 0,
|
|
|
|
.condition_offset = 1,
|
|
|
|
.condition_mask = PIPE_CONTROL_POST_SYNC_OP_MASK,
|
2014-02-19 01:15:52 +07:00
|
|
|
}}, ),
|
2014-02-19 01:15:47 +07:00
|
|
|
};
|
|
|
|
|
|
|
|
static const struct drm_i915_cmd_descriptor hsw_render_cmds[] = {
|
|
|
|
CMD( MI_SET_PREDICATE, SMI, F, 1, S ),
|
|
|
|
CMD( MI_RS_CONTROL, SMI, F, 1, S ),
|
|
|
|
CMD( MI_URB_ATOMIC_ALLOC, SMI, F, 1, S ),
|
2014-11-22 00:35:36 +07:00
|
|
|
CMD( MI_SET_APPID, SMI, F, 1, S ),
|
2014-02-19 01:15:47 +07:00
|
|
|
CMD( MI_RS_CONTEXT, SMI, F, 1, S ),
|
2018-06-09 00:05:26 +07:00
|
|
|
CMD( MI_LOAD_SCAN_LINES_INCL, SMI, !F, 0x3F, R ),
|
2014-02-19 01:15:48 +07:00
|
|
|
CMD( MI_LOAD_SCAN_LINES_EXCL, SMI, !F, 0x3F, R ),
|
2016-05-06 14:50:14 +07:00
|
|
|
CMD( MI_LOAD_REGISTER_REG, SMI, !F, 0xFF, W,
|
|
|
|
.reg = { .offset = 1, .mask = 0x007FFFFC, .step = 1 } ),
|
2014-02-19 01:15:47 +07:00
|
|
|
CMD( MI_RS_STORE_DATA_IMM, SMI, !F, 0xFF, S ),
|
|
|
|
CMD( MI_LOAD_URB_MEM, SMI, !F, 0xFF, S ),
|
|
|
|
CMD( MI_STORE_URB_MEM, SMI, !F, 0xFF, S ),
|
|
|
|
CMD( GFX_OP_3DSTATE_DX9_CONSTANTF_VS, S3D, !F, 0x7FF, S ),
|
|
|
|
CMD( GFX_OP_3DSTATE_DX9_CONSTANTF_PS, S3D, !F, 0x7FF, S ),
|
|
|
|
|
|
|
|
CMD( GFX_OP_3DSTATE_BINDING_TABLE_EDIT_VS, S3D, !F, 0x1FF, S ),
|
|
|
|
CMD( GFX_OP_3DSTATE_BINDING_TABLE_EDIT_GS, S3D, !F, 0x1FF, S ),
|
|
|
|
CMD( GFX_OP_3DSTATE_BINDING_TABLE_EDIT_HS, S3D, !F, 0x1FF, S ),
|
|
|
|
CMD( GFX_OP_3DSTATE_BINDING_TABLE_EDIT_DS, S3D, !F, 0x1FF, S ),
|
|
|
|
CMD( GFX_OP_3DSTATE_BINDING_TABLE_EDIT_PS, S3D, !F, 0x1FF, S ),
|
|
|
|
};
|
|
|
|
|
2018-04-21 04:26:01 +07:00
|
|
|
static const struct drm_i915_cmd_descriptor gen7_video_cmds[] = {
|
2014-02-19 01:15:48 +07:00
|
|
|
CMD( MI_ARB_ON_OFF, SMI, F, 1, R ),
|
2014-11-22 00:35:36 +07:00
|
|
|
CMD( MI_SET_APPID, SMI, F, 1, S ),
|
2014-02-19 01:15:54 +07:00
|
|
|
CMD( MI_STORE_DWORD_IMM, SMI, !F, 0xFF, B,
|
|
|
|
.bits = {{
|
|
|
|
.offset = 0,
|
|
|
|
.mask = MI_GLOBAL_GTT,
|
|
|
|
.expected = 0,
|
|
|
|
}}, ),
|
2014-02-19 01:15:48 +07:00
|
|
|
CMD( MI_UPDATE_GTT, SMI, !F, 0x3F, R ),
|
2014-02-19 01:15:53 +07:00
|
|
|
CMD( MI_FLUSH_DW, SMI, !F, 0x3F, B,
|
|
|
|
.bits = {{
|
|
|
|
.offset = 0,
|
|
|
|
.mask = MI_FLUSH_DW_NOTIFY,
|
|
|
|
.expected = 0,
|
2014-02-19 01:15:54 +07:00
|
|
|
},
|
|
|
|
{
|
|
|
|
.offset = 1,
|
|
|
|
.mask = MI_FLUSH_DW_USE_GTT,
|
|
|
|
.expected = 0,
|
|
|
|
.condition_offset = 0,
|
|
|
|
.condition_mask = MI_FLUSH_DW_OP_MASK,
|
2014-02-19 01:15:55 +07:00
|
|
|
},
|
|
|
|
{
|
|
|
|
.offset = 0,
|
|
|
|
.mask = MI_FLUSH_DW_STORE_INDEX,
|
|
|
|
.expected = 0,
|
|
|
|
.condition_offset = 0,
|
|
|
|
.condition_mask = MI_FLUSH_DW_OP_MASK,
|
2014-02-19 01:15:54 +07:00
|
|
|
}}, ),
|
|
|
|
CMD( MI_CONDITIONAL_BATCH_BUFFER_END, SMI, !F, 0xFF, B,
|
|
|
|
.bits = {{
|
|
|
|
.offset = 0,
|
|
|
|
.mask = MI_GLOBAL_GTT,
|
|
|
|
.expected = 0,
|
2014-02-19 01:15:53 +07:00
|
|
|
}}, ),
|
2014-02-19 01:15:47 +07:00
|
|
|
/*
|
|
|
|
* MFX_WAIT doesn't fit the way we handle length for most commands.
|
|
|
|
* It has a length field but it uses a non-standard length bias.
|
|
|
|
* It is always 1 dword though, so just treat it as fixed length.
|
|
|
|
*/
|
|
|
|
CMD( MFX_WAIT, SMFX, F, 1, S ),
|
|
|
|
};
|
|
|
|
|
2018-04-21 04:26:01 +07:00
|
|
|
static const struct drm_i915_cmd_descriptor gen7_vecs_cmds[] = {
|
2014-02-19 01:15:48 +07:00
|
|
|
CMD( MI_ARB_ON_OFF, SMI, F, 1, R ),
|
2014-11-22 00:35:36 +07:00
|
|
|
CMD( MI_SET_APPID, SMI, F, 1, S ),
|
2014-02-19 01:15:54 +07:00
|
|
|
CMD( MI_STORE_DWORD_IMM, SMI, !F, 0xFF, B,
|
|
|
|
.bits = {{
|
|
|
|
.offset = 0,
|
|
|
|
.mask = MI_GLOBAL_GTT,
|
|
|
|
.expected = 0,
|
|
|
|
}}, ),
|
2014-02-19 01:15:48 +07:00
|
|
|
CMD( MI_UPDATE_GTT, SMI, !F, 0x3F, R ),
|
2014-02-19 01:15:53 +07:00
|
|
|
CMD( MI_FLUSH_DW, SMI, !F, 0x3F, B,
|
|
|
|
.bits = {{
|
|
|
|
.offset = 0,
|
|
|
|
.mask = MI_FLUSH_DW_NOTIFY,
|
|
|
|
.expected = 0,
|
2014-02-19 01:15:54 +07:00
|
|
|
},
|
|
|
|
{
|
|
|
|
.offset = 1,
|
|
|
|
.mask = MI_FLUSH_DW_USE_GTT,
|
|
|
|
.expected = 0,
|
|
|
|
.condition_offset = 0,
|
|
|
|
.condition_mask = MI_FLUSH_DW_OP_MASK,
|
2014-02-19 01:15:55 +07:00
|
|
|
},
|
|
|
|
{
|
|
|
|
.offset = 0,
|
|
|
|
.mask = MI_FLUSH_DW_STORE_INDEX,
|
|
|
|
.expected = 0,
|
|
|
|
.condition_offset = 0,
|
|
|
|
.condition_mask = MI_FLUSH_DW_OP_MASK,
|
2014-02-19 01:15:54 +07:00
|
|
|
}}, ),
|
|
|
|
CMD( MI_CONDITIONAL_BATCH_BUFFER_END, SMI, !F, 0xFF, B,
|
|
|
|
.bits = {{
|
|
|
|
.offset = 0,
|
|
|
|
.mask = MI_GLOBAL_GTT,
|
|
|
|
.expected = 0,
|
2014-02-19 01:15:53 +07:00
|
|
|
}}, ),
|
2014-02-19 01:15:47 +07:00
|
|
|
};
|
|
|
|
|
2018-04-21 04:26:01 +07:00
|
|
|
static const struct drm_i915_cmd_descriptor gen7_blt_cmds[] = {
|
2014-02-19 01:15:48 +07:00
|
|
|
CMD( MI_DISPLAY_FLIP, SMI, !F, 0xFF, R ),
|
2014-02-19 01:15:54 +07:00
|
|
|
CMD( MI_STORE_DWORD_IMM, SMI, !F, 0x3FF, B,
|
|
|
|
.bits = {{
|
|
|
|
.offset = 0,
|
|
|
|
.mask = MI_GLOBAL_GTT,
|
|
|
|
.expected = 0,
|
|
|
|
}}, ),
|
2014-02-19 01:15:48 +07:00
|
|
|
CMD( MI_UPDATE_GTT, SMI, !F, 0x3F, R ),
|
2014-02-19 01:15:53 +07:00
|
|
|
CMD( MI_FLUSH_DW, SMI, !F, 0x3F, B,
|
|
|
|
.bits = {{
|
|
|
|
.offset = 0,
|
|
|
|
.mask = MI_FLUSH_DW_NOTIFY,
|
|
|
|
.expected = 0,
|
2014-02-19 01:15:54 +07:00
|
|
|
},
|
|
|
|
{
|
|
|
|
.offset = 1,
|
|
|
|
.mask = MI_FLUSH_DW_USE_GTT,
|
|
|
|
.expected = 0,
|
|
|
|
.condition_offset = 0,
|
|
|
|
.condition_mask = MI_FLUSH_DW_OP_MASK,
|
2014-02-19 01:15:55 +07:00
|
|
|
},
|
|
|
|
{
|
|
|
|
.offset = 0,
|
|
|
|
.mask = MI_FLUSH_DW_STORE_INDEX,
|
|
|
|
.expected = 0,
|
|
|
|
.condition_offset = 0,
|
|
|
|
.condition_mask = MI_FLUSH_DW_OP_MASK,
|
2014-02-19 01:15:53 +07:00
|
|
|
}}, ),
|
2014-02-19 01:15:47 +07:00
|
|
|
CMD( COLOR_BLT, S2D, !F, 0x3F, S ),
|
|
|
|
CMD( SRC_COPY_BLT, S2D, !F, 0x3F, S ),
|
|
|
|
};
|
|
|
|
|
2014-02-19 01:15:48 +07:00
|
|
|
static const struct drm_i915_cmd_descriptor hsw_blt_cmds[] = {
|
2018-06-09 00:05:26 +07:00
|
|
|
CMD( MI_LOAD_SCAN_LINES_INCL, SMI, !F, 0x3F, R ),
|
2014-02-19 01:15:48 +07:00
|
|
|
CMD( MI_LOAD_SCAN_LINES_EXCL, SMI, !F, 0x3F, R ),
|
|
|
|
};
|
|
|
|
|
2018-04-24 01:12:15 +07:00
|
|
|
/*
|
|
|
|
* For Gen9 we can still rely on the h/w to enforce cmd security, and only
|
|
|
|
* need to re-enforce the register access checks. We therefore only need to
|
|
|
|
* teach the cmdparser how to find the end of each command, and identify
|
|
|
|
* register accesses. The table doesn't need to reject any commands, and so
|
|
|
|
* the only commands listed here are:
|
|
|
|
* 1) Those that touch registers
|
|
|
|
* 2) Those that do not have the default 8-bit length
|
|
|
|
*
|
|
|
|
* Note that the default MI length mask chosen for this table is 0xFF, not
|
|
|
|
* the 0x3F used on older devices. This is because the vast majority of MI
|
|
|
|
* cmds on Gen9 use a standard 8-bit Length field.
|
|
|
|
* All the Gen9 blitter instructions are standard 0xFF length mask, and
|
|
|
|
* none allow access to non-general registers, so in fact no BLT cmds are
|
|
|
|
* included in the table at all.
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
static const struct drm_i915_cmd_descriptor gen9_blt_cmds[] = {
|
|
|
|
CMD( MI_NOOP, SMI, F, 1, S ),
|
|
|
|
CMD( MI_USER_INTERRUPT, SMI, F, 1, S ),
|
|
|
|
CMD( MI_WAIT_FOR_EVENT, SMI, F, 1, S ),
|
|
|
|
CMD( MI_FLUSH, SMI, F, 1, S ),
|
|
|
|
CMD( MI_ARB_CHECK, SMI, F, 1, S ),
|
|
|
|
CMD( MI_REPORT_HEAD, SMI, F, 1, S ),
|
|
|
|
CMD( MI_ARB_ON_OFF, SMI, F, 1, S ),
|
|
|
|
CMD( MI_SUSPEND_FLUSH, SMI, F, 1, S ),
|
|
|
|
CMD( MI_LOAD_SCAN_LINES_INCL, SMI, !F, 0x3F, S ),
|
|
|
|
CMD( MI_LOAD_SCAN_LINES_EXCL, SMI, !F, 0x3F, S ),
|
|
|
|
CMD( MI_STORE_DWORD_IMM, SMI, !F, 0x3FF, S ),
|
|
|
|
CMD( MI_LOAD_REGISTER_IMM(1), SMI, !F, 0xFF, W,
|
|
|
|
.reg = { .offset = 1, .mask = 0x007FFFFC, .step = 2 } ),
|
|
|
|
CMD( MI_UPDATE_GTT, SMI, !F, 0x3FF, S ),
|
|
|
|
CMD( MI_STORE_REGISTER_MEM_GEN8, SMI, F, 4, W,
|
|
|
|
.reg = { .offset = 1, .mask = 0x007FFFFC } ),
|
|
|
|
CMD( MI_FLUSH_DW, SMI, !F, 0x3F, S ),
|
|
|
|
CMD( MI_LOAD_REGISTER_MEM_GEN8, SMI, F, 4, W,
|
|
|
|
.reg = { .offset = 1, .mask = 0x007FFFFC } ),
|
|
|
|
CMD( MI_LOAD_REGISTER_REG, SMI, !F, 0xFF, W,
|
|
|
|
.reg = { .offset = 1, .mask = 0x007FFFFC, .step = 1 } ),
|
drm/i915/cmdparser: Add support for backward jumps
To keep things manageable, the pre-gen9 cmdparser does not
attempt to track any form of nested BB_START's. This did not
prevent usermode from using nested starts, or even chained
batches because the cmdparser is not strictly enforced pre gen9.
Instead, the existence of a nested BB_START would cause the batch
to be emitted in insecure mode, and any privileged capabilities
would not be available.
For Gen9, the cmdparser becomes mandatory (for BCS at least), and
so not providing any form of nested BB_START support becomes
overly restrictive. Any such batch will simply not run.
We make heavy use of backward jumps in igt, and it is much easier
to add support for this restricted subset of nested jumps, than to
rewrite the whole of our test suite to avoid them.
Add the required logic to support limited backward jumps, to
instructions that have already been validated by the parser.
Note that it's not sufficient to simply approve any BB_START
that jumps backwards in the buffer because this would allow an
attacker to embed a rogue instruction sequence within the
operand words of a harmless instruction (say LRI) and jump to
that.
We introduce a bit array to track every instr offset successfully
validated, and test the target of BB_START against this. If the
target offset hits, it is re-written to the same offset in the
shadow buffer and the BB_START cmd is allowed.
Note: This patch deliberately ignores checkpatch issues in the
cmdtables, in order to match the style of the surrounding code.
We'll correct the entire file in one go in a later patch.
v2: set dispatch secure late (Mika)
v3: rebase (Mika)
v4: Clear whitelist on each parse
Minor review updates (Chris)
v5: Correct backward jump batching
v6: fix compilation error due to struct eb shuffle (Mika)
Cc: Tony Luck <tony.luck@intel.com>
Cc: Dave Airlie <airlied@redhat.com>
Cc: Takashi Iwai <tiwai@suse.de>
Cc: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Jon Bloomfield <jon.bloomfield@intel.com>
Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com>
Reviewed-by: Chris Wilson <chris.p.wilson@intel.com>
2018-09-20 23:58:36 +07:00
|
|
|
|
|
|
|
/*
|
|
|
|
* We allow BB_START but apply further checks. We just sanitize the
|
|
|
|
* basic fields here.
|
|
|
|
*/
|
|
|
|
#define MI_BB_START_OPERAND_MASK GENMASK(SMI-1, 0)
|
|
|
|
#define MI_BB_START_OPERAND_EXPECT (MI_BATCH_PPGTT_HSW | 1)
|
|
|
|
CMD( MI_BATCH_BUFFER_START_GEN8, SMI, !F, 0xFF, B,
|
|
|
|
.bits = {{
|
|
|
|
.offset = 0,
|
|
|
|
.mask = MI_BB_START_OPERAND_MASK,
|
|
|
|
.expected = MI_BB_START_OPERAND_EXPECT,
|
|
|
|
}}, ),
|
2018-04-24 01:12:15 +07:00
|
|
|
};
|
|
|
|
|
2016-08-18 23:17:15 +07:00
|
|
|
static const struct drm_i915_cmd_descriptor noop_desc =
|
|
|
|
CMD(MI_NOOP, SMI, F, 1, S);
|
|
|
|
|
2014-02-19 01:15:47 +07:00
|
|
|
#undef CMD
|
|
|
|
#undef SMI
|
|
|
|
#undef S3D
|
|
|
|
#undef S2D
|
|
|
|
#undef SMFX
|
|
|
|
#undef F
|
|
|
|
#undef S
|
|
|
|
#undef R
|
|
|
|
#undef W
|
|
|
|
#undef B
|
|
|
|
|
2018-04-21 04:26:01 +07:00
|
|
|
static const struct drm_i915_cmd_table gen7_render_cmd_table[] = {
|
|
|
|
{ gen7_common_cmds, ARRAY_SIZE(gen7_common_cmds) },
|
|
|
|
{ gen7_render_cmds, ARRAY_SIZE(gen7_render_cmds) },
|
2014-02-19 01:15:47 +07:00
|
|
|
};
|
|
|
|
|
2018-04-21 04:26:01 +07:00
|
|
|
static const struct drm_i915_cmd_table hsw_render_ring_cmd_table[] = {
|
|
|
|
{ gen7_common_cmds, ARRAY_SIZE(gen7_common_cmds) },
|
|
|
|
{ gen7_render_cmds, ARRAY_SIZE(gen7_render_cmds) },
|
2014-02-19 01:15:47 +07:00
|
|
|
{ hsw_render_cmds, ARRAY_SIZE(hsw_render_cmds) },
|
|
|
|
};
|
|
|
|
|
2018-04-21 04:26:01 +07:00
|
|
|
static const struct drm_i915_cmd_table gen7_video_cmd_table[] = {
|
|
|
|
{ gen7_common_cmds, ARRAY_SIZE(gen7_common_cmds) },
|
|
|
|
{ gen7_video_cmds, ARRAY_SIZE(gen7_video_cmds) },
|
2014-02-19 01:15:47 +07:00
|
|
|
};
|
|
|
|
|
2018-04-21 04:26:01 +07:00
|
|
|
static const struct drm_i915_cmd_table hsw_vebox_cmd_table[] = {
|
|
|
|
{ gen7_common_cmds, ARRAY_SIZE(gen7_common_cmds) },
|
|
|
|
{ gen7_vecs_cmds, ARRAY_SIZE(gen7_vecs_cmds) },
|
2014-02-19 01:15:47 +07:00
|
|
|
};
|
|
|
|
|
2018-04-21 04:26:01 +07:00
|
|
|
static const struct drm_i915_cmd_table gen7_blt_cmd_table[] = {
|
|
|
|
{ gen7_common_cmds, ARRAY_SIZE(gen7_common_cmds) },
|
|
|
|
{ gen7_blt_cmds, ARRAY_SIZE(gen7_blt_cmds) },
|
2014-02-19 01:15:47 +07:00
|
|
|
};
|
|
|
|
|
2018-04-21 04:26:01 +07:00
|
|
|
static const struct drm_i915_cmd_table hsw_blt_ring_cmd_table[] = {
|
|
|
|
{ gen7_common_cmds, ARRAY_SIZE(gen7_common_cmds) },
|
|
|
|
{ gen7_blt_cmds, ARRAY_SIZE(gen7_blt_cmds) },
|
2014-02-19 01:15:48 +07:00
|
|
|
{ hsw_blt_cmds, ARRAY_SIZE(hsw_blt_cmds) },
|
|
|
|
};
|
|
|
|
|
2018-04-24 01:12:15 +07:00
|
|
|
static const struct drm_i915_cmd_table gen9_blt_cmd_table[] = {
|
|
|
|
{ gen9_blt_cmds, ARRAY_SIZE(gen9_blt_cmds) },
|
|
|
|
};
|
|
|
|
|
|
|
|
|
2014-02-19 01:15:50 +07:00
|
|
|
/*
|
|
|
|
* Register whitelists, sorted by increasing register offset.
|
2015-05-29 20:44:14 +07:00
|
|
|
*/
|
|
|
|
|
|
|
|
/*
|
|
|
|
* An individual whitelist entry granting access to register addr. If
|
|
|
|
* mask is non-zero the argument of immediate register writes will be
|
|
|
|
* AND-ed with mask, and the command will be rejected if the result
|
|
|
|
* doesn't match value.
|
|
|
|
*
|
|
|
|
* Registers with non-zero mask are only allowed to be written using
|
|
|
|
* LRI.
|
|
|
|
*/
|
|
|
|
struct drm_i915_reg_descriptor {
|
drm/i915: Type safe register read/write
Make I915_READ and I915_WRITE more type safe by wrapping the register
offset in a struct. This should eliminate most of the fumbles we've had
with misplaced parens.
This only takes care of normal mmio registers. We could extend the idea
to other register types and define each with its own struct. That way
you wouldn't be able to accidentally pass the wrong thing to a specific
register access function.
The gpio_reg setup is probably the ugliest thing left. But I figure I'd
just leave it for now, and wait for some divine inspiration to strike
before making it nice.
As for the generated code, it's actually a bit better sometimes. Eg.
looking at i915_irq_handler(), we can see the following change:
lea 0x70024(%rdx,%rax,1),%r9d
mov $0x1,%edx
- movslq %r9d,%r9
- mov %r9,%rsi
- mov %r9,-0x58(%rbp)
- callq *0xd8(%rbx)
+ mov %r9d,%esi
+ mov %r9d,-0x48(%rbp)
callq *0xd8(%rbx)
So previously gcc thought the register offset might be signed and
decided to sign extend it, just in case. The rest appears to be
mostly just minor shuffling of instructions.
v2: i915_mmio_reg_{offset,equal,valid}() helpers added
s/_REG/_MMIO/ in the register defines
mo more switch statements left to worry about
ring_emit stuff got sorted in a prep patch
cmd parser, lrc context and w/a batch buildup also in prep patch
vgpu stuff cleaned up and moved to a prep patch
all other unrelated changes split out
v3: Rebased due to BXT DSI/BLC, MOCS, etc.
v4: Rebased due to churn, s/i915_mmio_reg_t/i915_reg_t/
Signed-off-by: Ville Syrjälä <ville.syrjala@linux.intel.com>
Reviewed-by: Chris Wilson <chris@chris-wilson.co.uk>
Link: http://patchwork.freedesktop.org/patch/msgid/1447853606-2751-1-git-send-email-ville.syrjala@linux.intel.com
2015-11-18 20:33:26 +07:00
|
|
|
i915_reg_t addr;
|
2015-05-29 20:44:14 +07:00
|
|
|
u32 mask;
|
|
|
|
u32 value;
|
|
|
|
};
|
|
|
|
|
|
|
|
/* Convenience macro for adding 32-bit registers. */
|
2015-11-07 02:44:40 +07:00
|
|
|
#define REG32(_reg, ...) \
|
|
|
|
{ .addr = (_reg), __VA_ARGS__ }
|
2015-05-29 20:44:14 +07:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Convenience macro for adding 64-bit registers.
|
2014-02-19 01:15:50 +07:00
|
|
|
*
|
|
|
|
* Some registers that userspace accesses are 64 bits. The register
|
|
|
|
* access commands only allow 32-bit accesses. Hence, we have to include
|
|
|
|
* entries for both halves of the 64-bit registers.
|
|
|
|
*/
|
2015-11-07 02:44:40 +07:00
|
|
|
#define REG64(_reg) \
|
|
|
|
{ .addr = _reg }, \
|
|
|
|
{ .addr = _reg ## _UDW }
|
|
|
|
|
|
|
|
#define REG64_IDX(_reg, idx) \
|
|
|
|
{ .addr = _reg(idx) }, \
|
|
|
|
{ .addr = _reg ## _UDW(idx) }
|
2014-02-19 01:15:50 +07:00
|
|
|
|
2015-05-29 20:44:14 +07:00
|
|
|
static const struct drm_i915_reg_descriptor gen7_render_regs[] = {
|
2014-12-12 04:28:09 +07:00
|
|
|
REG64(GPGPU_THREADS_DISPATCHED),
|
2014-02-19 01:15:50 +07:00
|
|
|
REG64(HS_INVOCATION_COUNT),
|
|
|
|
REG64(DS_INVOCATION_COUNT),
|
|
|
|
REG64(IA_VERTICES_COUNT),
|
|
|
|
REG64(IA_PRIMITIVES_COUNT),
|
|
|
|
REG64(VS_INVOCATION_COUNT),
|
|
|
|
REG64(GS_INVOCATION_COUNT),
|
|
|
|
REG64(GS_PRIMITIVES_COUNT),
|
|
|
|
REG64(CL_INVOCATION_COUNT),
|
|
|
|
REG64(CL_PRIMITIVES_COUNT),
|
|
|
|
REG64(PS_INVOCATION_COUNT),
|
|
|
|
REG64(PS_DEPTH_COUNT),
|
2016-03-07 14:30:26 +07:00
|
|
|
REG64_IDX(RING_TIMESTAMP, RENDER_RING_BASE),
|
2014-11-08 02:00:26 +07:00
|
|
|
REG64(MI_PREDICATE_SRC0),
|
|
|
|
REG64(MI_PREDICATE_SRC1),
|
2015-05-29 20:44:14 +07:00
|
|
|
REG32(GEN7_3DPRIM_END_OFFSET),
|
|
|
|
REG32(GEN7_3DPRIM_START_VERTEX),
|
|
|
|
REG32(GEN7_3DPRIM_VERTEX_COUNT),
|
|
|
|
REG32(GEN7_3DPRIM_INSTANCE_COUNT),
|
|
|
|
REG32(GEN7_3DPRIM_START_INSTANCE),
|
|
|
|
REG32(GEN7_3DPRIM_BASE_VERTEX),
|
2015-10-02 13:09:58 +07:00
|
|
|
REG32(GEN7_GPGPU_DISPATCHDIMX),
|
|
|
|
REG32(GEN7_GPGPU_DISPATCHDIMY),
|
|
|
|
REG32(GEN7_GPGPU_DISPATCHDIMZ),
|
2016-08-18 23:17:11 +07:00
|
|
|
REG64_IDX(RING_TIMESTAMP, BSD_RING_BASE),
|
2015-11-07 02:44:40 +07:00
|
|
|
REG64_IDX(GEN7_SO_NUM_PRIMS_WRITTEN, 0),
|
|
|
|
REG64_IDX(GEN7_SO_NUM_PRIMS_WRITTEN, 1),
|
|
|
|
REG64_IDX(GEN7_SO_NUM_PRIMS_WRITTEN, 2),
|
|
|
|
REG64_IDX(GEN7_SO_NUM_PRIMS_WRITTEN, 3),
|
|
|
|
REG64_IDX(GEN7_SO_PRIM_STORAGE_NEEDED, 0),
|
|
|
|
REG64_IDX(GEN7_SO_PRIM_STORAGE_NEEDED, 1),
|
|
|
|
REG64_IDX(GEN7_SO_PRIM_STORAGE_NEEDED, 2),
|
|
|
|
REG64_IDX(GEN7_SO_PRIM_STORAGE_NEEDED, 3),
|
2015-05-29 20:44:14 +07:00
|
|
|
REG32(GEN7_SO_WRITE_OFFSET(0)),
|
|
|
|
REG32(GEN7_SO_WRITE_OFFSET(1)),
|
|
|
|
REG32(GEN7_SO_WRITE_OFFSET(2)),
|
|
|
|
REG32(GEN7_SO_WRITE_OFFSET(3)),
|
|
|
|
REG32(GEN7_L3SQCREG1),
|
|
|
|
REG32(GEN7_L3CNTLREG2),
|
|
|
|
REG32(GEN7_L3CNTLREG3),
|
2016-08-18 23:17:11 +07:00
|
|
|
REG64_IDX(RING_TIMESTAMP, BLT_RING_BASE),
|
2016-03-07 14:30:28 +07:00
|
|
|
};
|
|
|
|
|
|
|
|
static const struct drm_i915_reg_descriptor hsw_render_regs[] = {
|
2016-03-07 14:30:29 +07:00
|
|
|
REG64_IDX(HSW_CS_GPR, 0),
|
|
|
|
REG64_IDX(HSW_CS_GPR, 1),
|
|
|
|
REG64_IDX(HSW_CS_GPR, 2),
|
|
|
|
REG64_IDX(HSW_CS_GPR, 3),
|
|
|
|
REG64_IDX(HSW_CS_GPR, 4),
|
|
|
|
REG64_IDX(HSW_CS_GPR, 5),
|
|
|
|
REG64_IDX(HSW_CS_GPR, 6),
|
|
|
|
REG64_IDX(HSW_CS_GPR, 7),
|
|
|
|
REG64_IDX(HSW_CS_GPR, 8),
|
|
|
|
REG64_IDX(HSW_CS_GPR, 9),
|
|
|
|
REG64_IDX(HSW_CS_GPR, 10),
|
|
|
|
REG64_IDX(HSW_CS_GPR, 11),
|
|
|
|
REG64_IDX(HSW_CS_GPR, 12),
|
|
|
|
REG64_IDX(HSW_CS_GPR, 13),
|
|
|
|
REG64_IDX(HSW_CS_GPR, 14),
|
|
|
|
REG64_IDX(HSW_CS_GPR, 15),
|
2015-05-29 20:44:15 +07:00
|
|
|
REG32(HSW_SCRATCH1,
|
|
|
|
.mask = ~HSW_SCRATCH1_L3_DATA_ATOMICS_DISABLE,
|
|
|
|
.value = 0),
|
|
|
|
REG32(HSW_ROW_CHICKEN3,
|
|
|
|
.mask = ~(HSW_ROW_CHICKEN3_L3_GLOBAL_ATOMICS_DISABLE << 16 |
|
|
|
|
HSW_ROW_CHICKEN3_L3_GLOBAL_ATOMICS_DISABLE),
|
|
|
|
.value = 0),
|
2014-02-19 01:15:50 +07:00
|
|
|
};
|
|
|
|
|
2015-05-29 20:44:14 +07:00
|
|
|
static const struct drm_i915_reg_descriptor gen7_blt_regs[] = {
|
2016-08-18 23:17:11 +07:00
|
|
|
REG64_IDX(RING_TIMESTAMP, RENDER_RING_BASE),
|
|
|
|
REG64_IDX(RING_TIMESTAMP, BSD_RING_BASE),
|
2015-05-29 20:44:14 +07:00
|
|
|
REG32(BCS_SWCTRL),
|
2016-08-18 23:17:11 +07:00
|
|
|
REG64_IDX(RING_TIMESTAMP, BLT_RING_BASE),
|
2014-02-19 01:15:50 +07:00
|
|
|
};
|
|
|
|
|
2018-04-24 01:12:15 +07:00
|
|
|
static const struct drm_i915_reg_descriptor gen9_blt_regs[] = {
|
|
|
|
REG64_IDX(RING_TIMESTAMP, RENDER_RING_BASE),
|
|
|
|
REG64_IDX(RING_TIMESTAMP, BSD_RING_BASE),
|
|
|
|
REG32(BCS_SWCTRL),
|
|
|
|
REG64_IDX(RING_TIMESTAMP, BLT_RING_BASE),
|
|
|
|
REG64_IDX(BCS_GPR, 0),
|
|
|
|
REG64_IDX(BCS_GPR, 1),
|
|
|
|
REG64_IDX(BCS_GPR, 2),
|
|
|
|
REG64_IDX(BCS_GPR, 3),
|
|
|
|
REG64_IDX(BCS_GPR, 4),
|
|
|
|
REG64_IDX(BCS_GPR, 5),
|
|
|
|
REG64_IDX(BCS_GPR, 6),
|
|
|
|
REG64_IDX(BCS_GPR, 7),
|
|
|
|
REG64_IDX(BCS_GPR, 8),
|
|
|
|
REG64_IDX(BCS_GPR, 9),
|
|
|
|
REG64_IDX(BCS_GPR, 10),
|
|
|
|
REG64_IDX(BCS_GPR, 11),
|
|
|
|
REG64_IDX(BCS_GPR, 12),
|
|
|
|
REG64_IDX(BCS_GPR, 13),
|
|
|
|
REG64_IDX(BCS_GPR, 14),
|
|
|
|
REG64_IDX(BCS_GPR, 15),
|
|
|
|
};
|
|
|
|
|
2014-02-19 01:15:50 +07:00
|
|
|
#undef REG64
|
2015-05-29 20:44:14 +07:00
|
|
|
#undef REG32
|
2014-02-19 01:15:50 +07:00
|
|
|
|
2016-03-07 14:30:27 +07:00
|
|
|
struct drm_i915_reg_table {
|
|
|
|
const struct drm_i915_reg_descriptor *regs;
|
|
|
|
int num_regs;
|
|
|
|
};
|
|
|
|
|
|
|
|
static const struct drm_i915_reg_table ivb_render_reg_tables[] = {
|
2018-06-09 00:05:26 +07:00
|
|
|
{ gen7_render_regs, ARRAY_SIZE(gen7_render_regs) },
|
2016-03-07 14:30:27 +07:00
|
|
|
};
|
|
|
|
|
|
|
|
static const struct drm_i915_reg_table ivb_blt_reg_tables[] = {
|
2018-06-09 00:05:26 +07:00
|
|
|
{ gen7_blt_regs, ARRAY_SIZE(gen7_blt_regs) },
|
2016-03-07 14:30:27 +07:00
|
|
|
};
|
|
|
|
|
|
|
|
static const struct drm_i915_reg_table hsw_render_reg_tables[] = {
|
2018-06-09 00:05:26 +07:00
|
|
|
{ gen7_render_regs, ARRAY_SIZE(gen7_render_regs) },
|
|
|
|
{ hsw_render_regs, ARRAY_SIZE(hsw_render_regs) },
|
2016-03-07 14:30:27 +07:00
|
|
|
};
|
|
|
|
|
|
|
|
static const struct drm_i915_reg_table hsw_blt_reg_tables[] = {
|
2018-06-09 00:05:26 +07:00
|
|
|
{ gen7_blt_regs, ARRAY_SIZE(gen7_blt_regs) },
|
2016-03-07 14:30:27 +07:00
|
|
|
};
|
|
|
|
|
2018-04-24 01:12:15 +07:00
|
|
|
static const struct drm_i915_reg_table gen9_blt_reg_tables[] = {
|
|
|
|
{ gen9_blt_regs, ARRAY_SIZE(gen9_blt_regs) },
|
|
|
|
};
|
|
|
|
|
2014-02-19 01:15:46 +07:00
|
|
|
static u32 gen7_render_get_cmd_length_mask(u32 cmd_header)
|
|
|
|
{
|
2016-11-15 05:39:34 +07:00
|
|
|
u32 client = cmd_header >> INSTR_CLIENT_SHIFT;
|
2014-02-19 01:15:46 +07:00
|
|
|
u32 subclient =
|
|
|
|
(cmd_header & INSTR_SUBCLIENT_MASK) >> INSTR_SUBCLIENT_SHIFT;
|
|
|
|
|
|
|
|
if (client == INSTR_MI_CLIENT)
|
|
|
|
return 0x3F;
|
|
|
|
else if (client == INSTR_RC_CLIENT) {
|
|
|
|
if (subclient == INSTR_MEDIA_SUBCLIENT)
|
|
|
|
return 0xFFFF;
|
|
|
|
else
|
|
|
|
return 0xFF;
|
|
|
|
}
|
|
|
|
|
2019-12-11 18:04:33 +07:00
|
|
|
DRM_DEBUG("CMD: Abnormal rcs cmd length! 0x%08X\n", cmd_header);
|
2014-02-19 01:15:46 +07:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static u32 gen7_bsd_get_cmd_length_mask(u32 cmd_header)
|
|
|
|
{
|
2016-11-15 05:39:34 +07:00
|
|
|
u32 client = cmd_header >> INSTR_CLIENT_SHIFT;
|
2014-02-19 01:15:46 +07:00
|
|
|
u32 subclient =
|
|
|
|
(cmd_header & INSTR_SUBCLIENT_MASK) >> INSTR_SUBCLIENT_SHIFT;
|
2014-11-22 00:35:36 +07:00
|
|
|
u32 op = (cmd_header & INSTR_26_TO_24_MASK) >> INSTR_26_TO_24_SHIFT;
|
2014-02-19 01:15:46 +07:00
|
|
|
|
|
|
|
if (client == INSTR_MI_CLIENT)
|
|
|
|
return 0x3F;
|
|
|
|
else if (client == INSTR_RC_CLIENT) {
|
2014-11-22 00:35:36 +07:00
|
|
|
if (subclient == INSTR_MEDIA_SUBCLIENT) {
|
|
|
|
if (op == 6)
|
|
|
|
return 0xFFFF;
|
|
|
|
else
|
|
|
|
return 0xFFF;
|
|
|
|
} else
|
2014-02-19 01:15:46 +07:00
|
|
|
return 0xFF;
|
|
|
|
}
|
|
|
|
|
2019-12-11 18:04:33 +07:00
|
|
|
DRM_DEBUG("CMD: Abnormal bsd cmd length! 0x%08X\n", cmd_header);
|
2014-02-19 01:15:46 +07:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static u32 gen7_blt_get_cmd_length_mask(u32 cmd_header)
|
|
|
|
{
|
2016-11-15 05:39:34 +07:00
|
|
|
u32 client = cmd_header >> INSTR_CLIENT_SHIFT;
|
2014-02-19 01:15:46 +07:00
|
|
|
|
|
|
|
if (client == INSTR_MI_CLIENT)
|
|
|
|
return 0x3F;
|
|
|
|
else if (client == INSTR_BC_CLIENT)
|
|
|
|
return 0xFF;
|
|
|
|
|
2019-12-11 18:04:33 +07:00
|
|
|
DRM_DEBUG("CMD: Abnormal blt cmd length! 0x%08X\n", cmd_header);
|
2014-02-19 01:15:46 +07:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2018-04-24 01:12:15 +07:00
|
|
|
static u32 gen9_blt_get_cmd_length_mask(u32 cmd_header)
|
|
|
|
{
|
|
|
|
u32 client = cmd_header >> INSTR_CLIENT_SHIFT;
|
|
|
|
|
|
|
|
if (client == INSTR_MI_CLIENT || client == INSTR_BC_CLIENT)
|
|
|
|
return 0xFF;
|
|
|
|
|
2019-12-11 18:04:33 +07:00
|
|
|
DRM_DEBUG("CMD: Abnormal blt cmd length! 0x%08X\n", cmd_header);
|
2018-04-24 01:12:15 +07:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2016-07-27 15:07:26 +07:00
|
|
|
static bool validate_cmds_sorted(const struct intel_engine_cs *engine,
|
2014-05-11 04:10:43 +07:00
|
|
|
const struct drm_i915_cmd_table *cmd_tables,
|
|
|
|
int cmd_table_count)
|
2014-02-19 01:15:46 +07:00
|
|
|
{
|
|
|
|
int i;
|
2014-03-28 01:43:38 +07:00
|
|
|
bool ret = true;
|
2014-02-19 01:15:46 +07:00
|
|
|
|
2014-05-11 04:10:43 +07:00
|
|
|
if (!cmd_tables || cmd_table_count == 0)
|
2014-03-28 01:43:38 +07:00
|
|
|
return true;
|
2014-02-19 01:15:46 +07:00
|
|
|
|
2014-05-11 04:10:43 +07:00
|
|
|
for (i = 0; i < cmd_table_count; i++) {
|
|
|
|
const struct drm_i915_cmd_table *table = &cmd_tables[i];
|
2014-02-19 01:15:46 +07:00
|
|
|
u32 previous = 0;
|
|
|
|
int j;
|
|
|
|
|
|
|
|
for (j = 0; j < table->count; j++) {
|
|
|
|
const struct drm_i915_cmd_descriptor *desc =
|
2015-07-29 15:31:04 +07:00
|
|
|
&table->table[j];
|
2014-02-19 01:15:46 +07:00
|
|
|
u32 curr = desc->cmd.value & desc->cmd.mask;
|
|
|
|
|
2014-03-28 01:43:38 +07:00
|
|
|
if (curr < previous) {
|
2020-01-31 16:34:14 +07:00
|
|
|
drm_err(&engine->i915->drm,
|
|
|
|
"CMD: %s [%d] command table not sorted: "
|
|
|
|
"table=%d entry=%d cmd=0x%08X prev=0x%08X\n",
|
|
|
|
engine->name, engine->id,
|
|
|
|
i, j, curr, previous);
|
2014-03-28 01:43:38 +07:00
|
|
|
ret = false;
|
|
|
|
}
|
2014-02-19 01:15:46 +07:00
|
|
|
|
|
|
|
previous = curr;
|
|
|
|
}
|
|
|
|
}
|
2014-03-28 01:43:38 +07:00
|
|
|
|
|
|
|
return ret;
|
2014-02-19 01:15:46 +07:00
|
|
|
}
|
|
|
|
|
2016-07-27 15:07:26 +07:00
|
|
|
static bool check_sorted(const struct intel_engine_cs *engine,
|
2015-05-29 20:44:14 +07:00
|
|
|
const struct drm_i915_reg_descriptor *reg_table,
|
|
|
|
int reg_count)
|
2014-02-19 01:15:46 +07:00
|
|
|
{
|
|
|
|
int i;
|
|
|
|
u32 previous = 0;
|
2014-03-28 01:43:38 +07:00
|
|
|
bool ret = true;
|
2014-02-19 01:15:46 +07:00
|
|
|
|
|
|
|
for (i = 0; i < reg_count; i++) {
|
drm/i915: Type safe register read/write
Make I915_READ and I915_WRITE more type safe by wrapping the register
offset in a struct. This should eliminate most of the fumbles we've had
with misplaced parens.
This only takes care of normal mmio registers. We could extend the idea
to other register types and define each with its own struct. That way
you wouldn't be able to accidentally pass the wrong thing to a specific
register access function.
The gpio_reg setup is probably the ugliest thing left. But I figure I'd
just leave it for now, and wait for some divine inspiration to strike
before making it nice.
As for the generated code, it's actually a bit better sometimes. Eg.
looking at i915_irq_handler(), we can see the following change:
lea 0x70024(%rdx,%rax,1),%r9d
mov $0x1,%edx
- movslq %r9d,%r9
- mov %r9,%rsi
- mov %r9,-0x58(%rbp)
- callq *0xd8(%rbx)
+ mov %r9d,%esi
+ mov %r9d,-0x48(%rbp)
callq *0xd8(%rbx)
So previously gcc thought the register offset might be signed and
decided to sign extend it, just in case. The rest appears to be
mostly just minor shuffling of instructions.
v2: i915_mmio_reg_{offset,equal,valid}() helpers added
s/_REG/_MMIO/ in the register defines
mo more switch statements left to worry about
ring_emit stuff got sorted in a prep patch
cmd parser, lrc context and w/a batch buildup also in prep patch
vgpu stuff cleaned up and moved to a prep patch
all other unrelated changes split out
v3: Rebased due to BXT DSI/BLC, MOCS, etc.
v4: Rebased due to churn, s/i915_mmio_reg_t/i915_reg_t/
Signed-off-by: Ville Syrjälä <ville.syrjala@linux.intel.com>
Reviewed-by: Chris Wilson <chris@chris-wilson.co.uk>
Link: http://patchwork.freedesktop.org/patch/msgid/1447853606-2751-1-git-send-email-ville.syrjala@linux.intel.com
2015-11-18 20:33:26 +07:00
|
|
|
u32 curr = i915_mmio_reg_offset(reg_table[i].addr);
|
2014-02-19 01:15:46 +07:00
|
|
|
|
2014-03-28 01:43:38 +07:00
|
|
|
if (curr < previous) {
|
2020-01-31 16:34:14 +07:00
|
|
|
drm_err(&engine->i915->drm,
|
|
|
|
"CMD: %s [%d] register table not sorted: "
|
|
|
|
"entry=%d reg=0x%08X prev=0x%08X\n",
|
|
|
|
engine->name, engine->id,
|
|
|
|
i, curr, previous);
|
2014-03-28 01:43:38 +07:00
|
|
|
ret = false;
|
|
|
|
}
|
2014-02-19 01:15:46 +07:00
|
|
|
|
|
|
|
previous = curr;
|
|
|
|
}
|
2014-03-28 01:43:38 +07:00
|
|
|
|
|
|
|
return ret;
|
2014-02-19 01:15:46 +07:00
|
|
|
}
|
|
|
|
|
2016-03-16 18:00:37 +07:00
|
|
|
static bool validate_regs_sorted(struct intel_engine_cs *engine)
|
2014-02-19 01:15:46 +07:00
|
|
|
{
|
2016-03-07 14:30:27 +07:00
|
|
|
int i;
|
|
|
|
const struct drm_i915_reg_table *table;
|
|
|
|
|
|
|
|
for (i = 0; i < engine->reg_table_count; i++) {
|
|
|
|
table = &engine->reg_tables[i];
|
2016-07-27 15:07:26 +07:00
|
|
|
if (!check_sorted(engine, table->regs, table->num_regs))
|
2016-03-07 14:30:27 +07:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
2014-02-19 01:15:46 +07:00
|
|
|
}
|
|
|
|
|
2014-05-11 04:10:43 +07:00
|
|
|
struct cmd_node {
|
|
|
|
const struct drm_i915_cmd_descriptor *desc;
|
|
|
|
struct hlist_node node;
|
|
|
|
};
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Different command ranges have different numbers of bits for the opcode. For
|
|
|
|
* example, MI commands use bits 31:23 while 3D commands use bits 31:16. The
|
|
|
|
* problem is that, for example, MI commands use bits 22:16 for other fields
|
|
|
|
* such as GGTT vs PPGTT bits. If we include those bits in the mask then when
|
|
|
|
* we mask a command from a batch it could hash to the wrong bucket due to
|
|
|
|
* non-opcode bits being set. But if we don't include those bits, some 3D
|
|
|
|
* commands may hash to the same bucket due to not including opcode bits that
|
|
|
|
* make the command unique. For now, we will risk hashing to the same bucket.
|
|
|
|
*/
|
2016-08-18 23:17:14 +07:00
|
|
|
static inline u32 cmd_header_key(u32 x)
|
|
|
|
{
|
|
|
|
switch (x >> INSTR_CLIENT_SHIFT) {
|
|
|
|
default:
|
|
|
|
case INSTR_MI_CLIENT:
|
2017-11-07 22:40:55 +07:00
|
|
|
return x >> STD_MI_OPCODE_SHIFT;
|
2016-08-18 23:17:14 +07:00
|
|
|
case INSTR_RC_CLIENT:
|
2017-11-07 22:40:55 +07:00
|
|
|
return x >> STD_3D_OPCODE_SHIFT;
|
2016-08-18 23:17:14 +07:00
|
|
|
case INSTR_BC_CLIENT:
|
2017-11-07 22:40:55 +07:00
|
|
|
return x >> STD_2D_OPCODE_SHIFT;
|
2016-08-18 23:17:14 +07:00
|
|
|
}
|
|
|
|
}
|
2014-05-11 04:10:43 +07:00
|
|
|
|
2016-03-16 18:00:37 +07:00
|
|
|
static int init_hash_table(struct intel_engine_cs *engine,
|
2014-05-11 04:10:43 +07:00
|
|
|
const struct drm_i915_cmd_table *cmd_tables,
|
|
|
|
int cmd_table_count)
|
|
|
|
{
|
|
|
|
int i, j;
|
|
|
|
|
2016-03-16 18:00:37 +07:00
|
|
|
hash_init(engine->cmd_hash);
|
2014-05-11 04:10:43 +07:00
|
|
|
|
|
|
|
for (i = 0; i < cmd_table_count; i++) {
|
|
|
|
const struct drm_i915_cmd_table *table = &cmd_tables[i];
|
|
|
|
|
|
|
|
for (j = 0; j < table->count; j++) {
|
|
|
|
const struct drm_i915_cmd_descriptor *desc =
|
|
|
|
&table->table[j];
|
|
|
|
struct cmd_node *desc_node =
|
|
|
|
kmalloc(sizeof(*desc_node), GFP_KERNEL);
|
|
|
|
|
|
|
|
if (!desc_node)
|
|
|
|
return -ENOMEM;
|
|
|
|
|
|
|
|
desc_node->desc = desc;
|
2016-03-16 18:00:37 +07:00
|
|
|
hash_add(engine->cmd_hash, &desc_node->node,
|
2016-08-18 23:17:14 +07:00
|
|
|
cmd_header_key(desc->cmd.value));
|
2014-05-11 04:10:43 +07:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2016-03-16 18:00:37 +07:00
|
|
|
static void fini_hash_table(struct intel_engine_cs *engine)
|
2014-05-11 04:10:43 +07:00
|
|
|
{
|
|
|
|
struct hlist_node *tmp;
|
|
|
|
struct cmd_node *desc_node;
|
|
|
|
int i;
|
|
|
|
|
2016-03-16 18:00:37 +07:00
|
|
|
hash_for_each_safe(engine->cmd_hash, i, tmp, desc_node, node) {
|
2014-05-11 04:10:43 +07:00
|
|
|
hash_del(&desc_node->node);
|
|
|
|
kfree(desc_node);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-02-19 01:15:46 +07:00
|
|
|
/**
|
2016-07-27 15:07:26 +07:00
|
|
|
* intel_engine_init_cmd_parser() - set cmd parser related fields for an engine
|
2016-06-03 20:02:17 +07:00
|
|
|
* @engine: the engine to initialize
|
2014-02-19 01:15:46 +07:00
|
|
|
*
|
|
|
|
* Optionally initializes fields related to batch buffer command parsing in the
|
2014-05-22 20:13:33 +07:00
|
|
|
* struct intel_engine_cs based on whether the platform requires software
|
2014-02-19 01:15:46 +07:00
|
|
|
* command parsing.
|
|
|
|
*/
|
2016-08-18 23:17:10 +07:00
|
|
|
void intel_engine_init_cmd_parser(struct intel_engine_cs *engine)
|
2014-02-19 01:15:46 +07:00
|
|
|
{
|
2014-05-11 04:10:43 +07:00
|
|
|
const struct drm_i915_cmd_table *cmd_tables;
|
|
|
|
int cmd_table_count;
|
|
|
|
int ret;
|
|
|
|
|
2018-04-24 01:12:15 +07:00
|
|
|
if (!IS_GEN(engine->i915, 7) && !(IS_GEN(engine->i915, 9) &&
|
|
|
|
engine->class == COPY_ENGINE_CLASS))
|
2016-08-18 23:17:10 +07:00
|
|
|
return;
|
2014-02-19 01:15:46 +07:00
|
|
|
|
2019-03-06 01:03:30 +07:00
|
|
|
switch (engine->class) {
|
|
|
|
case RENDER_CLASS:
|
2016-05-06 21:40:21 +07:00
|
|
|
if (IS_HASWELL(engine->i915)) {
|
2018-04-21 04:26:01 +07:00
|
|
|
cmd_tables = hsw_render_ring_cmd_table;
|
2014-05-11 04:10:43 +07:00
|
|
|
cmd_table_count =
|
2018-04-21 04:26:01 +07:00
|
|
|
ARRAY_SIZE(hsw_render_ring_cmd_table);
|
2014-02-19 01:15:47 +07:00
|
|
|
} else {
|
2018-04-21 04:26:01 +07:00
|
|
|
cmd_tables = gen7_render_cmd_table;
|
|
|
|
cmd_table_count = ARRAY_SIZE(gen7_render_cmd_table);
|
2014-02-19 01:15:47 +07:00
|
|
|
}
|
|
|
|
|
2016-05-06 21:40:21 +07:00
|
|
|
if (IS_HASWELL(engine->i915)) {
|
2016-03-07 14:30:27 +07:00
|
|
|
engine->reg_tables = hsw_render_reg_tables;
|
|
|
|
engine->reg_table_count = ARRAY_SIZE(hsw_render_reg_tables);
|
2014-02-19 01:15:51 +07:00
|
|
|
} else {
|
2016-03-07 14:30:27 +07:00
|
|
|
engine->reg_tables = ivb_render_reg_tables;
|
|
|
|
engine->reg_table_count = ARRAY_SIZE(ivb_render_reg_tables);
|
2014-02-19 01:15:51 +07:00
|
|
|
}
|
2016-03-16 18:00:37 +07:00
|
|
|
engine->get_cmd_length_mask = gen7_render_get_cmd_length_mask;
|
2014-02-19 01:15:46 +07:00
|
|
|
break;
|
2019-03-06 01:03:30 +07:00
|
|
|
case VIDEO_DECODE_CLASS:
|
2018-04-21 04:26:01 +07:00
|
|
|
cmd_tables = gen7_video_cmd_table;
|
|
|
|
cmd_table_count = ARRAY_SIZE(gen7_video_cmd_table);
|
2016-03-16 18:00:37 +07:00
|
|
|
engine->get_cmd_length_mask = gen7_bsd_get_cmd_length_mask;
|
2014-02-19 01:15:46 +07:00
|
|
|
break;
|
2019-03-06 01:03:30 +07:00
|
|
|
case COPY_ENGINE_CLASS:
|
2018-04-24 01:12:15 +07:00
|
|
|
engine->get_cmd_length_mask = gen7_blt_get_cmd_length_mask;
|
|
|
|
if (IS_GEN(engine->i915, 9)) {
|
|
|
|
cmd_tables = gen9_blt_cmd_table;
|
|
|
|
cmd_table_count = ARRAY_SIZE(gen9_blt_cmd_table);
|
|
|
|
engine->get_cmd_length_mask =
|
|
|
|
gen9_blt_get_cmd_length_mask;
|
|
|
|
|
|
|
|
/* BCS Engine unsafe without parser */
|
|
|
|
engine->flags |= I915_ENGINE_REQUIRES_CMD_PARSER;
|
|
|
|
} else if (IS_HASWELL(engine->i915)) {
|
2018-04-21 04:26:01 +07:00
|
|
|
cmd_tables = hsw_blt_ring_cmd_table;
|
|
|
|
cmd_table_count = ARRAY_SIZE(hsw_blt_ring_cmd_table);
|
2014-02-19 01:15:48 +07:00
|
|
|
} else {
|
2018-04-21 04:26:01 +07:00
|
|
|
cmd_tables = gen7_blt_cmd_table;
|
|
|
|
cmd_table_count = ARRAY_SIZE(gen7_blt_cmd_table);
|
2014-02-19 01:15:48 +07:00
|
|
|
}
|
|
|
|
|
2018-04-24 01:12:15 +07:00
|
|
|
if (IS_GEN(engine->i915, 9)) {
|
|
|
|
engine->reg_tables = gen9_blt_reg_tables;
|
|
|
|
engine->reg_table_count =
|
|
|
|
ARRAY_SIZE(gen9_blt_reg_tables);
|
|
|
|
} else if (IS_HASWELL(engine->i915)) {
|
2016-03-07 14:30:27 +07:00
|
|
|
engine->reg_tables = hsw_blt_reg_tables;
|
|
|
|
engine->reg_table_count = ARRAY_SIZE(hsw_blt_reg_tables);
|
2014-02-19 01:15:51 +07:00
|
|
|
} else {
|
2016-03-07 14:30:27 +07:00
|
|
|
engine->reg_tables = ivb_blt_reg_tables;
|
|
|
|
engine->reg_table_count = ARRAY_SIZE(ivb_blt_reg_tables);
|
2014-02-19 01:15:51 +07:00
|
|
|
}
|
2014-02-19 01:15:46 +07:00
|
|
|
break;
|
2019-03-06 01:03:30 +07:00
|
|
|
case VIDEO_ENHANCEMENT_CLASS:
|
2018-04-21 04:26:01 +07:00
|
|
|
cmd_tables = hsw_vebox_cmd_table;
|
|
|
|
cmd_table_count = ARRAY_SIZE(hsw_vebox_cmd_table);
|
2014-02-19 01:15:46 +07:00
|
|
|
/* VECS can use the same length_mask function as VCS */
|
2016-03-16 18:00:37 +07:00
|
|
|
engine->get_cmd_length_mask = gen7_bsd_get_cmd_length_mask;
|
2014-02-19 01:15:46 +07:00
|
|
|
break;
|
|
|
|
default:
|
2019-03-06 01:03:30 +07:00
|
|
|
MISSING_CASE(engine->class);
|
2016-08-18 23:17:10 +07:00
|
|
|
return;
|
2014-02-19 01:15:46 +07:00
|
|
|
}
|
|
|
|
|
2016-08-18 23:17:10 +07:00
|
|
|
if (!validate_cmds_sorted(engine, cmd_tables, cmd_table_count)) {
|
2020-01-31 16:34:14 +07:00
|
|
|
drm_err(&engine->i915->drm,
|
|
|
|
"%s: command descriptions are not sorted\n",
|
|
|
|
engine->name);
|
2016-08-18 23:17:10 +07:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
if (!validate_regs_sorted(engine)) {
|
2020-01-31 16:34:14 +07:00
|
|
|
drm_err(&engine->i915->drm,
|
|
|
|
"%s: registers are not sorted\n", engine->name);
|
2016-08-18 23:17:10 +07:00
|
|
|
return;
|
|
|
|
}
|
2014-11-20 06:33:08 +07:00
|
|
|
|
2016-03-16 18:00:37 +07:00
|
|
|
ret = init_hash_table(engine, cmd_tables, cmd_table_count);
|
2014-11-20 06:33:08 +07:00
|
|
|
if (ret) {
|
2020-01-31 16:34:14 +07:00
|
|
|
drm_err(&engine->i915->drm,
|
|
|
|
"%s: initialised failed!\n", engine->name);
|
2016-03-16 18:00:37 +07:00
|
|
|
fini_hash_table(engine);
|
2016-08-18 23:17:10 +07:00
|
|
|
return;
|
2014-05-11 04:10:43 +07:00
|
|
|
}
|
|
|
|
|
2018-08-01 23:33:59 +07:00
|
|
|
engine->flags |= I915_ENGINE_USING_CMD_PARSER;
|
2014-05-11 04:10:43 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2016-07-27 15:07:26 +07:00
|
|
|
* intel_engine_cleanup_cmd_parser() - clean up cmd parser related fields
|
2016-06-03 20:02:17 +07:00
|
|
|
* @engine: the engine to clean up
|
2014-05-11 04:10:43 +07:00
|
|
|
*
|
|
|
|
* Releases any resources related to command parsing that may have been
|
2016-07-27 15:07:26 +07:00
|
|
|
* initialized for the specified engine.
|
2014-05-11 04:10:43 +07:00
|
|
|
*/
|
2016-07-27 15:07:26 +07:00
|
|
|
void intel_engine_cleanup_cmd_parser(struct intel_engine_cs *engine)
|
2014-05-11 04:10:43 +07:00
|
|
|
{
|
2018-08-01 23:33:59 +07:00
|
|
|
if (!intel_engine_using_cmd_parser(engine))
|
2014-05-11 04:10:43 +07:00
|
|
|
return;
|
|
|
|
|
2016-03-16 18:00:37 +07:00
|
|
|
fini_hash_table(engine);
|
2014-02-19 01:15:46 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
static const struct drm_i915_cmd_descriptor*
|
2016-03-16 18:00:37 +07:00
|
|
|
find_cmd_in_table(struct intel_engine_cs *engine,
|
2014-02-19 01:15:46 +07:00
|
|
|
u32 cmd_header)
|
|
|
|
{
|
2014-05-11 04:10:43 +07:00
|
|
|
struct cmd_node *desc_node;
|
2014-02-19 01:15:46 +07:00
|
|
|
|
2016-03-16 18:00:37 +07:00
|
|
|
hash_for_each_possible(engine->cmd_hash, desc_node, node,
|
2016-08-18 23:17:14 +07:00
|
|
|
cmd_header_key(cmd_header)) {
|
2014-05-11 04:10:43 +07:00
|
|
|
const struct drm_i915_cmd_descriptor *desc = desc_node->desc;
|
2016-08-18 23:17:14 +07:00
|
|
|
if (((cmd_header ^ desc->cmd.value) & desc->cmd.mask) == 0)
|
2014-02-19 01:15:46 +07:00
|
|
|
return desc;
|
|
|
|
}
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Returns a pointer to a descriptor for the command specified by cmd_header.
|
|
|
|
*
|
|
|
|
* The caller must supply space for a default descriptor via the default_desc
|
2016-07-27 15:07:26 +07:00
|
|
|
* parameter. If no descriptor for the specified command exists in the engine's
|
2014-02-19 01:15:46 +07:00
|
|
|
* command parser tables, this function fills in default_desc based on the
|
2016-07-27 15:07:26 +07:00
|
|
|
* engine's default length encoding and returns default_desc.
|
2014-02-19 01:15:46 +07:00
|
|
|
*/
|
|
|
|
static const struct drm_i915_cmd_descriptor*
|
2016-03-16 18:00:37 +07:00
|
|
|
find_cmd(struct intel_engine_cs *engine,
|
2014-02-19 01:15:46 +07:00
|
|
|
u32 cmd_header,
|
2016-08-18 23:17:15 +07:00
|
|
|
const struct drm_i915_cmd_descriptor *desc,
|
2014-02-19 01:15:46 +07:00
|
|
|
struct drm_i915_cmd_descriptor *default_desc)
|
|
|
|
{
|
|
|
|
u32 mask;
|
|
|
|
|
2016-08-18 23:17:15 +07:00
|
|
|
if (((cmd_header ^ desc->cmd.value) & desc->cmd.mask) == 0)
|
|
|
|
return desc;
|
|
|
|
|
2016-03-16 18:00:37 +07:00
|
|
|
desc = find_cmd_in_table(engine, cmd_header);
|
2014-05-11 04:10:43 +07:00
|
|
|
if (desc)
|
|
|
|
return desc;
|
2014-02-19 01:15:46 +07:00
|
|
|
|
2016-03-16 18:00:37 +07:00
|
|
|
mask = engine->get_cmd_length_mask(cmd_header);
|
2014-02-19 01:15:46 +07:00
|
|
|
if (!mask)
|
|
|
|
return NULL;
|
|
|
|
|
2016-08-18 23:17:15 +07:00
|
|
|
default_desc->cmd.value = cmd_header;
|
|
|
|
default_desc->cmd.mask = ~0u << MIN_OPCODE_SHIFT;
|
2014-02-19 01:15:46 +07:00
|
|
|
default_desc->length.mask = mask;
|
2016-08-18 23:17:15 +07:00
|
|
|
default_desc->flags = CMD_DESC_SKIP;
|
2014-02-19 01:15:46 +07:00
|
|
|
return default_desc;
|
|
|
|
}
|
|
|
|
|
2015-05-29 20:44:14 +07:00
|
|
|
static const struct drm_i915_reg_descriptor *
|
2016-08-18 23:17:17 +07:00
|
|
|
__find_reg(const struct drm_i915_reg_descriptor *table, int count, u32 addr)
|
2014-02-19 01:15:46 +07:00
|
|
|
{
|
2016-08-18 23:17:17 +07:00
|
|
|
int start = 0, end = count;
|
|
|
|
while (start < end) {
|
|
|
|
int mid = start + (end - start) / 2;
|
|
|
|
int ret = addr - i915_mmio_reg_offset(table[mid].addr);
|
|
|
|
if (ret < 0)
|
|
|
|
end = mid;
|
|
|
|
else if (ret > 0)
|
|
|
|
start = mid + 1;
|
|
|
|
else
|
|
|
|
return &table[mid];
|
2016-03-07 14:30:27 +07:00
|
|
|
}
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
static const struct drm_i915_reg_descriptor *
|
2018-06-09 00:05:26 +07:00
|
|
|
find_reg(const struct intel_engine_cs *engine, u32 addr)
|
2016-03-07 14:30:27 +07:00
|
|
|
{
|
2016-08-18 23:17:17 +07:00
|
|
|
const struct drm_i915_reg_table *table = engine->reg_tables;
|
2018-06-09 00:05:26 +07:00
|
|
|
const struct drm_i915_reg_descriptor *reg = NULL;
|
2016-08-18 23:17:17 +07:00
|
|
|
int count = engine->reg_table_count;
|
2016-03-07 14:30:27 +07:00
|
|
|
|
2018-06-09 00:05:26 +07:00
|
|
|
for (; !reg && (count > 0); ++table, --count)
|
|
|
|
reg = __find_reg(table->regs, table->num_regs, addr);
|
2016-08-18 23:17:17 +07:00
|
|
|
|
2018-06-09 00:05:26 +07:00
|
|
|
return reg;
|
2014-02-19 01:15:46 +07:00
|
|
|
}
|
|
|
|
|
2016-08-18 23:17:12 +07:00
|
|
|
/* Returns a vmap'd pointer to dst_obj, which the caller must unmap */
|
|
|
|
static u32 *copy_batch(struct drm_i915_gem_object *dst_obj,
|
2014-12-12 03:13:10 +07:00
|
|
|
struct drm_i915_gem_object *src_obj,
|
2019-12-12 06:08:57 +07:00
|
|
|
u32 offset, u32 length)
|
2014-12-12 03:13:09 +07:00
|
|
|
{
|
2019-12-12 06:08:57 +07:00
|
|
|
bool needs_clflush;
|
2016-08-18 23:17:18 +07:00
|
|
|
void *dst, *src;
|
2015-01-14 18:20:57 +07:00
|
|
|
int ret;
|
2014-12-12 03:13:10 +07:00
|
|
|
|
2017-08-28 17:46:31 +07:00
|
|
|
dst = i915_gem_object_pin_map(dst_obj, I915_MAP_FORCE_WB);
|
2016-08-18 23:17:12 +07:00
|
|
|
if (IS_ERR(dst))
|
2019-05-28 16:29:51 +07:00
|
|
|
return dst;
|
|
|
|
|
2019-12-12 06:08:57 +07:00
|
|
|
ret = i915_gem_object_pin_pages(src_obj);
|
2019-05-28 16:29:51 +07:00
|
|
|
if (ret) {
|
|
|
|
i915_gem_object_unpin_map(dst_obj);
|
|
|
|
return ERR_PTR(ret);
|
|
|
|
}
|
2014-12-12 03:13:09 +07:00
|
|
|
|
2019-12-12 06:08:57 +07:00
|
|
|
needs_clflush =
|
|
|
|
!(src_obj->cache_coherent & I915_BO_CACHE_COHERENT_FOR_READ);
|
|
|
|
|
2016-08-18 23:17:18 +07:00
|
|
|
src = ERR_PTR(-ENODEV);
|
2019-12-12 06:08:57 +07:00
|
|
|
if (needs_clflush && i915_has_memcpy_from_wc()) {
|
2016-08-18 23:17:18 +07:00
|
|
|
src = i915_gem_object_pin_map(src_obj, I915_MAP_WC);
|
|
|
|
if (!IS_ERR(src)) {
|
2019-12-11 18:04:37 +07:00
|
|
|
i915_unaligned_memcpy_from_wc(dst,
|
|
|
|
src + offset,
|
|
|
|
length);
|
2016-08-18 23:17:18 +07:00
|
|
|
i915_gem_object_unpin_map(src_obj);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (IS_ERR(src)) {
|
|
|
|
void *ptr;
|
2019-12-11 18:04:34 +07:00
|
|
|
int x, n;
|
2016-08-18 23:17:18 +07:00
|
|
|
|
2019-12-11 18:04:34 +07:00
|
|
|
/*
|
|
|
|
* We can avoid clflushing partial cachelines before the write
|
2016-08-18 23:17:18 +07:00
|
|
|
* if we only every write full cache-lines. Since we know that
|
|
|
|
* both the source and destination are in multiples of
|
|
|
|
* PAGE_SIZE, we can simply round up to the next cacheline.
|
|
|
|
* We don't care about copying too much here as we only
|
|
|
|
* validate up to the end of the batch.
|
|
|
|
*/
|
2019-12-12 06:08:57 +07:00
|
|
|
if (!(dst_obj->cache_coherent & I915_BO_CACHE_COHERENT_FOR_READ))
|
2019-12-11 18:04:34 +07:00
|
|
|
length = round_up(length,
|
|
|
|
boot_cpu_data.x86_clflush_size);
|
2016-08-18 23:17:18 +07:00
|
|
|
|
|
|
|
ptr = dst;
|
2019-12-11 18:04:34 +07:00
|
|
|
x = offset_in_page(offset);
|
|
|
|
for (n = offset >> PAGE_SHIFT; length; n++) {
|
|
|
|
int len = min_t(int, length, PAGE_SIZE - x);
|
2016-08-18 23:17:18 +07:00
|
|
|
|
|
|
|
src = kmap_atomic(i915_gem_object_get_page(src_obj, n));
|
2019-12-12 06:08:57 +07:00
|
|
|
if (needs_clflush)
|
2019-12-11 18:04:34 +07:00
|
|
|
drm_clflush_virt_range(src + x, len);
|
|
|
|
memcpy(ptr, src + x, len);
|
2016-08-18 23:17:18 +07:00
|
|
|
kunmap_atomic(src);
|
|
|
|
|
|
|
|
ptr += len;
|
2019-12-11 18:04:34 +07:00
|
|
|
length -= len;
|
|
|
|
x = 0;
|
2016-08-18 23:17:18 +07:00
|
|
|
}
|
2016-08-18 23:17:13 +07:00
|
|
|
}
|
2014-12-12 03:13:09 +07:00
|
|
|
|
2019-12-12 06:08:57 +07:00
|
|
|
i915_gem_object_unpin_pages(src_obj);
|
2019-05-28 16:29:51 +07:00
|
|
|
|
2016-08-18 23:17:12 +07:00
|
|
|
/* dst_obj is returned with vmap pinned */
|
|
|
|
return dst;
|
2014-12-12 03:13:09 +07:00
|
|
|
}
|
|
|
|
|
2016-03-16 18:00:37 +07:00
|
|
|
static bool check_cmd(const struct intel_engine_cs *engine,
|
2014-03-28 01:43:39 +07:00
|
|
|
const struct drm_i915_cmd_descriptor *desc,
|
2018-06-09 00:05:26 +07:00
|
|
|
const u32 *cmd, u32 length)
|
2014-03-28 01:43:39 +07:00
|
|
|
{
|
2016-08-18 23:17:16 +07:00
|
|
|
if (desc->flags & CMD_DESC_SKIP)
|
|
|
|
return true;
|
|
|
|
|
2014-03-28 01:43:39 +07:00
|
|
|
if (desc->flags & CMD_DESC_REJECT) {
|
2019-12-11 18:04:33 +07:00
|
|
|
DRM_DEBUG("CMD: Rejected command: 0x%08X\n", *cmd);
|
2014-03-28 01:43:39 +07:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (desc->flags & CMD_DESC_REGISTER) {
|
2014-03-29 00:21:50 +07:00
|
|
|
/*
|
2015-05-29 20:44:13 +07:00
|
|
|
* Get the distance between individual register offset
|
|
|
|
* fields if the command can perform more than one
|
|
|
|
* access at a time.
|
2014-03-29 00:21:50 +07:00
|
|
|
*/
|
2015-05-29 20:44:13 +07:00
|
|
|
const u32 step = desc->reg.step ? desc->reg.step : length;
|
|
|
|
u32 offset;
|
|
|
|
|
|
|
|
for (offset = desc->reg.offset; offset < length;
|
|
|
|
offset += step) {
|
|
|
|
const u32 reg_addr = cmd[offset] & desc->reg.mask;
|
2015-05-29 20:44:14 +07:00
|
|
|
const struct drm_i915_reg_descriptor *reg =
|
2018-06-09 00:05:26 +07:00
|
|
|
find_reg(engine, reg_addr);
|
2015-05-29 20:44:14 +07:00
|
|
|
|
|
|
|
if (!reg) {
|
2019-12-11 18:04:33 +07:00
|
|
|
DRM_DEBUG("CMD: Rejected register 0x%08X in command: 0x%08X (%s)\n",
|
|
|
|
reg_addr, *cmd, engine->name);
|
2015-05-29 20:44:14 +07:00
|
|
|
return false;
|
|
|
|
}
|
2015-05-29 20:44:13 +07:00
|
|
|
|
2015-05-29 20:44:14 +07:00
|
|
|
/*
|
|
|
|
* Check the value written to the register against the
|
|
|
|
* allowed mask/value pair given in the whitelist entry.
|
|
|
|
*/
|
|
|
|
if (reg->mask) {
|
2015-08-04 22:22:20 +07:00
|
|
|
if (desc->cmd.value == MI_LOAD_REGISTER_MEM) {
|
2019-12-11 18:04:33 +07:00
|
|
|
DRM_DEBUG("CMD: Rejected LRM to masked register 0x%08X\n",
|
|
|
|
reg_addr);
|
2015-05-29 20:44:14 +07:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2016-05-06 14:50:14 +07:00
|
|
|
if (desc->cmd.value == MI_LOAD_REGISTER_REG) {
|
2019-12-11 18:04:33 +07:00
|
|
|
DRM_DEBUG("CMD: Rejected LRR to masked register 0x%08X\n",
|
|
|
|
reg_addr);
|
2016-05-06 14:50:14 +07:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2015-05-29 20:44:14 +07:00
|
|
|
if (desc->cmd.value == MI_LOAD_REGISTER_IMM(1) &&
|
|
|
|
(offset + 2 > length ||
|
|
|
|
(cmd[offset + 1] & reg->mask) != reg->value)) {
|
2019-12-11 18:04:33 +07:00
|
|
|
DRM_DEBUG("CMD: Rejected LRI to masked register 0x%08X\n",
|
|
|
|
reg_addr);
|
2015-05-29 20:44:13 +07:00
|
|
|
return false;
|
|
|
|
}
|
2014-03-28 01:43:39 +07:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (desc->flags & CMD_DESC_BITMASK) {
|
|
|
|
int i;
|
|
|
|
|
|
|
|
for (i = 0; i < MAX_CMD_DESC_BITMASKS; i++) {
|
|
|
|
u32 dword;
|
|
|
|
|
|
|
|
if (desc->bits[i].mask == 0)
|
|
|
|
break;
|
|
|
|
|
|
|
|
if (desc->bits[i].condition_mask != 0) {
|
|
|
|
u32 offset =
|
|
|
|
desc->bits[i].condition_offset;
|
|
|
|
u32 condition = cmd[offset] &
|
|
|
|
desc->bits[i].condition_mask;
|
|
|
|
|
|
|
|
if (condition == 0)
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
|
2018-02-05 23:04:38 +07:00
|
|
|
if (desc->bits[i].offset >= length) {
|
2019-12-11 18:04:33 +07:00
|
|
|
DRM_DEBUG("CMD: Rejected command 0x%08X, too short to check bitmask (%s)\n",
|
|
|
|
*cmd, engine->name);
|
2018-02-05 23:04:38 +07:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2014-03-28 01:43:39 +07:00
|
|
|
dword = cmd[desc->bits[i].offset] &
|
|
|
|
desc->bits[i].mask;
|
|
|
|
|
|
|
|
if (dword != desc->bits[i].expected) {
|
2019-12-11 18:04:33 +07:00
|
|
|
DRM_DEBUG("CMD: Rejected command 0x%08X for bitmask 0x%08X (exp=0x%08X act=0x%08X) (%s)\n",
|
|
|
|
*cmd,
|
|
|
|
desc->bits[i].mask,
|
|
|
|
desc->bits[i].expected,
|
|
|
|
dword, engine->name);
|
2014-03-28 01:43:39 +07:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2019-12-05 06:26:16 +07:00
|
|
|
static int check_bbstart(u32 *cmd, u32 offset, u32 length,
|
2019-12-11 18:04:34 +07:00
|
|
|
u32 batch_length,
|
|
|
|
u64 batch_addr,
|
|
|
|
u64 shadow_addr,
|
2019-11-28 18:34:24 +07:00
|
|
|
const unsigned long *jump_whitelist)
|
drm/i915/cmdparser: Add support for backward jumps
To keep things manageable, the pre-gen9 cmdparser does not
attempt to track any form of nested BB_START's. This did not
prevent usermode from using nested starts, or even chained
batches because the cmdparser is not strictly enforced pre gen9.
Instead, the existence of a nested BB_START would cause the batch
to be emitted in insecure mode, and any privileged capabilities
would not be available.
For Gen9, the cmdparser becomes mandatory (for BCS at least), and
so not providing any form of nested BB_START support becomes
overly restrictive. Any such batch will simply not run.
We make heavy use of backward jumps in igt, and it is much easier
to add support for this restricted subset of nested jumps, than to
rewrite the whole of our test suite to avoid them.
Add the required logic to support limited backward jumps, to
instructions that have already been validated by the parser.
Note that it's not sufficient to simply approve any BB_START
that jumps backwards in the buffer because this would allow an
attacker to embed a rogue instruction sequence within the
operand words of a harmless instruction (say LRI) and jump to
that.
We introduce a bit array to track every instr offset successfully
validated, and test the target of BB_START against this. If the
target offset hits, it is re-written to the same offset in the
shadow buffer and the BB_START cmd is allowed.
Note: This patch deliberately ignores checkpatch issues in the
cmdtables, in order to match the style of the surrounding code.
We'll correct the entire file in one go in a later patch.
v2: set dispatch secure late (Mika)
v3: rebase (Mika)
v4: Clear whitelist on each parse
Minor review updates (Chris)
v5: Correct backward jump batching
v6: fix compilation error due to struct eb shuffle (Mika)
Cc: Tony Luck <tony.luck@intel.com>
Cc: Dave Airlie <airlied@redhat.com>
Cc: Takashi Iwai <tiwai@suse.de>
Cc: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Jon Bloomfield <jon.bloomfield@intel.com>
Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com>
Reviewed-by: Chris Wilson <chris.p.wilson@intel.com>
2018-09-20 23:58:36 +07:00
|
|
|
{
|
|
|
|
u64 jump_offset, jump_target;
|
|
|
|
u32 target_cmd_offset, target_cmd_index;
|
|
|
|
|
|
|
|
/* For igt compatibility on older platforms */
|
2019-11-28 18:34:24 +07:00
|
|
|
if (!jump_whitelist) {
|
drm/i915/cmdparser: Add support for backward jumps
To keep things manageable, the pre-gen9 cmdparser does not
attempt to track any form of nested BB_START's. This did not
prevent usermode from using nested starts, or even chained
batches because the cmdparser is not strictly enforced pre gen9.
Instead, the existence of a nested BB_START would cause the batch
to be emitted in insecure mode, and any privileged capabilities
would not be available.
For Gen9, the cmdparser becomes mandatory (for BCS at least), and
so not providing any form of nested BB_START support becomes
overly restrictive. Any such batch will simply not run.
We make heavy use of backward jumps in igt, and it is much easier
to add support for this restricted subset of nested jumps, than to
rewrite the whole of our test suite to avoid them.
Add the required logic to support limited backward jumps, to
instructions that have already been validated by the parser.
Note that it's not sufficient to simply approve any BB_START
that jumps backwards in the buffer because this would allow an
attacker to embed a rogue instruction sequence within the
operand words of a harmless instruction (say LRI) and jump to
that.
We introduce a bit array to track every instr offset successfully
validated, and test the target of BB_START against this. If the
target offset hits, it is re-written to the same offset in the
shadow buffer and the BB_START cmd is allowed.
Note: This patch deliberately ignores checkpatch issues in the
cmdtables, in order to match the style of the surrounding code.
We'll correct the entire file in one go in a later patch.
v2: set dispatch secure late (Mika)
v3: rebase (Mika)
v4: Clear whitelist on each parse
Minor review updates (Chris)
v5: Correct backward jump batching
v6: fix compilation error due to struct eb shuffle (Mika)
Cc: Tony Luck <tony.luck@intel.com>
Cc: Dave Airlie <airlied@redhat.com>
Cc: Takashi Iwai <tiwai@suse.de>
Cc: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Jon Bloomfield <jon.bloomfield@intel.com>
Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com>
Reviewed-by: Chris Wilson <chris.p.wilson@intel.com>
2018-09-20 23:58:36 +07:00
|
|
|
DRM_DEBUG("CMD: Rejecting BB_START for ggtt based submission\n");
|
|
|
|
return -EACCES;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (length != 3) {
|
|
|
|
DRM_DEBUG("CMD: Recursive BB_START with bad length(%u)\n",
|
|
|
|
length);
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
2019-12-11 18:04:34 +07:00
|
|
|
jump_target = *(u64 *)(cmd + 1);
|
|
|
|
jump_offset = jump_target - batch_addr;
|
drm/i915/cmdparser: Add support for backward jumps
To keep things manageable, the pre-gen9 cmdparser does not
attempt to track any form of nested BB_START's. This did not
prevent usermode from using nested starts, or even chained
batches because the cmdparser is not strictly enforced pre gen9.
Instead, the existence of a nested BB_START would cause the batch
to be emitted in insecure mode, and any privileged capabilities
would not be available.
For Gen9, the cmdparser becomes mandatory (for BCS at least), and
so not providing any form of nested BB_START support becomes
overly restrictive. Any such batch will simply not run.
We make heavy use of backward jumps in igt, and it is much easier
to add support for this restricted subset of nested jumps, than to
rewrite the whole of our test suite to avoid them.
Add the required logic to support limited backward jumps, to
instructions that have already been validated by the parser.
Note that it's not sufficient to simply approve any BB_START
that jumps backwards in the buffer because this would allow an
attacker to embed a rogue instruction sequence within the
operand words of a harmless instruction (say LRI) and jump to
that.
We introduce a bit array to track every instr offset successfully
validated, and test the target of BB_START against this. If the
target offset hits, it is re-written to the same offset in the
shadow buffer and the BB_START cmd is allowed.
Note: This patch deliberately ignores checkpatch issues in the
cmdtables, in order to match the style of the surrounding code.
We'll correct the entire file in one go in a later patch.
v2: set dispatch secure late (Mika)
v3: rebase (Mika)
v4: Clear whitelist on each parse
Minor review updates (Chris)
v5: Correct backward jump batching
v6: fix compilation error due to struct eb shuffle (Mika)
Cc: Tony Luck <tony.luck@intel.com>
Cc: Dave Airlie <airlied@redhat.com>
Cc: Takashi Iwai <tiwai@suse.de>
Cc: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Jon Bloomfield <jon.bloomfield@intel.com>
Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com>
Reviewed-by: Chris Wilson <chris.p.wilson@intel.com>
2018-09-20 23:58:36 +07:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Any underflow of jump_target is guaranteed to be outside the range
|
|
|
|
* of a u32, so >= test catches both too large and too small
|
|
|
|
*/
|
2019-12-11 18:04:34 +07:00
|
|
|
if (jump_offset >= batch_length) {
|
drm/i915/cmdparser: Add support for backward jumps
To keep things manageable, the pre-gen9 cmdparser does not
attempt to track any form of nested BB_START's. This did not
prevent usermode from using nested starts, or even chained
batches because the cmdparser is not strictly enforced pre gen9.
Instead, the existence of a nested BB_START would cause the batch
to be emitted in insecure mode, and any privileged capabilities
would not be available.
For Gen9, the cmdparser becomes mandatory (for BCS at least), and
so not providing any form of nested BB_START support becomes
overly restrictive. Any such batch will simply not run.
We make heavy use of backward jumps in igt, and it is much easier
to add support for this restricted subset of nested jumps, than to
rewrite the whole of our test suite to avoid them.
Add the required logic to support limited backward jumps, to
instructions that have already been validated by the parser.
Note that it's not sufficient to simply approve any BB_START
that jumps backwards in the buffer because this would allow an
attacker to embed a rogue instruction sequence within the
operand words of a harmless instruction (say LRI) and jump to
that.
We introduce a bit array to track every instr offset successfully
validated, and test the target of BB_START against this. If the
target offset hits, it is re-written to the same offset in the
shadow buffer and the BB_START cmd is allowed.
Note: This patch deliberately ignores checkpatch issues in the
cmdtables, in order to match the style of the surrounding code.
We'll correct the entire file in one go in a later patch.
v2: set dispatch secure late (Mika)
v3: rebase (Mika)
v4: Clear whitelist on each parse
Minor review updates (Chris)
v5: Correct backward jump batching
v6: fix compilation error due to struct eb shuffle (Mika)
Cc: Tony Luck <tony.luck@intel.com>
Cc: Dave Airlie <airlied@redhat.com>
Cc: Takashi Iwai <tiwai@suse.de>
Cc: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Jon Bloomfield <jon.bloomfield@intel.com>
Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com>
Reviewed-by: Chris Wilson <chris.p.wilson@intel.com>
2018-09-20 23:58:36 +07:00
|
|
|
DRM_DEBUG("CMD: BB_START to 0x%llx jumps out of BB\n",
|
|
|
|
jump_target);
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* This cannot overflow a u32 because we already checked jump_offset
|
2019-12-11 18:04:34 +07:00
|
|
|
* is within the BB, and the batch_length is a u32
|
drm/i915/cmdparser: Add support for backward jumps
To keep things manageable, the pre-gen9 cmdparser does not
attempt to track any form of nested BB_START's. This did not
prevent usermode from using nested starts, or even chained
batches because the cmdparser is not strictly enforced pre gen9.
Instead, the existence of a nested BB_START would cause the batch
to be emitted in insecure mode, and any privileged capabilities
would not be available.
For Gen9, the cmdparser becomes mandatory (for BCS at least), and
so not providing any form of nested BB_START support becomes
overly restrictive. Any such batch will simply not run.
We make heavy use of backward jumps in igt, and it is much easier
to add support for this restricted subset of nested jumps, than to
rewrite the whole of our test suite to avoid them.
Add the required logic to support limited backward jumps, to
instructions that have already been validated by the parser.
Note that it's not sufficient to simply approve any BB_START
that jumps backwards in the buffer because this would allow an
attacker to embed a rogue instruction sequence within the
operand words of a harmless instruction (say LRI) and jump to
that.
We introduce a bit array to track every instr offset successfully
validated, and test the target of BB_START against this. If the
target offset hits, it is re-written to the same offset in the
shadow buffer and the BB_START cmd is allowed.
Note: This patch deliberately ignores checkpatch issues in the
cmdtables, in order to match the style of the surrounding code.
We'll correct the entire file in one go in a later patch.
v2: set dispatch secure late (Mika)
v3: rebase (Mika)
v4: Clear whitelist on each parse
Minor review updates (Chris)
v5: Correct backward jump batching
v6: fix compilation error due to struct eb shuffle (Mika)
Cc: Tony Luck <tony.luck@intel.com>
Cc: Dave Airlie <airlied@redhat.com>
Cc: Takashi Iwai <tiwai@suse.de>
Cc: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Jon Bloomfield <jon.bloomfield@intel.com>
Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com>
Reviewed-by: Chris Wilson <chris.p.wilson@intel.com>
2018-09-20 23:58:36 +07:00
|
|
|
*/
|
|
|
|
target_cmd_offset = lower_32_bits(jump_offset);
|
|
|
|
target_cmd_index = target_cmd_offset / sizeof(u32);
|
|
|
|
|
2019-12-11 18:04:34 +07:00
|
|
|
*(u64 *)(cmd + 1) = shadow_addr + target_cmd_offset;
|
drm/i915/cmdparser: Add support for backward jumps
To keep things manageable, the pre-gen9 cmdparser does not
attempt to track any form of nested BB_START's. This did not
prevent usermode from using nested starts, or even chained
batches because the cmdparser is not strictly enforced pre gen9.
Instead, the existence of a nested BB_START would cause the batch
to be emitted in insecure mode, and any privileged capabilities
would not be available.
For Gen9, the cmdparser becomes mandatory (for BCS at least), and
so not providing any form of nested BB_START support becomes
overly restrictive. Any such batch will simply not run.
We make heavy use of backward jumps in igt, and it is much easier
to add support for this restricted subset of nested jumps, than to
rewrite the whole of our test suite to avoid them.
Add the required logic to support limited backward jumps, to
instructions that have already been validated by the parser.
Note that it's not sufficient to simply approve any BB_START
that jumps backwards in the buffer because this would allow an
attacker to embed a rogue instruction sequence within the
operand words of a harmless instruction (say LRI) and jump to
that.
We introduce a bit array to track every instr offset successfully
validated, and test the target of BB_START against this. If the
target offset hits, it is re-written to the same offset in the
shadow buffer and the BB_START cmd is allowed.
Note: This patch deliberately ignores checkpatch issues in the
cmdtables, in order to match the style of the surrounding code.
We'll correct the entire file in one go in a later patch.
v2: set dispatch secure late (Mika)
v3: rebase (Mika)
v4: Clear whitelist on each parse
Minor review updates (Chris)
v5: Correct backward jump batching
v6: fix compilation error due to struct eb shuffle (Mika)
Cc: Tony Luck <tony.luck@intel.com>
Cc: Dave Airlie <airlied@redhat.com>
Cc: Takashi Iwai <tiwai@suse.de>
Cc: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Jon Bloomfield <jon.bloomfield@intel.com>
Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com>
Reviewed-by: Chris Wilson <chris.p.wilson@intel.com>
2018-09-20 23:58:36 +07:00
|
|
|
|
|
|
|
if (target_cmd_index == offset)
|
|
|
|
return 0;
|
|
|
|
|
2019-11-28 18:34:24 +07:00
|
|
|
if (IS_ERR(jump_whitelist))
|
|
|
|
return PTR_ERR(jump_whitelist);
|
|
|
|
|
|
|
|
if (!test_bit(target_cmd_index, jump_whitelist)) {
|
drm/i915/cmdparser: Add support for backward jumps
To keep things manageable, the pre-gen9 cmdparser does not
attempt to track any form of nested BB_START's. This did not
prevent usermode from using nested starts, or even chained
batches because the cmdparser is not strictly enforced pre gen9.
Instead, the existence of a nested BB_START would cause the batch
to be emitted in insecure mode, and any privileged capabilities
would not be available.
For Gen9, the cmdparser becomes mandatory (for BCS at least), and
so not providing any form of nested BB_START support becomes
overly restrictive. Any such batch will simply not run.
We make heavy use of backward jumps in igt, and it is much easier
to add support for this restricted subset of nested jumps, than to
rewrite the whole of our test suite to avoid them.
Add the required logic to support limited backward jumps, to
instructions that have already been validated by the parser.
Note that it's not sufficient to simply approve any BB_START
that jumps backwards in the buffer because this would allow an
attacker to embed a rogue instruction sequence within the
operand words of a harmless instruction (say LRI) and jump to
that.
We introduce a bit array to track every instr offset successfully
validated, and test the target of BB_START against this. If the
target offset hits, it is re-written to the same offset in the
shadow buffer and the BB_START cmd is allowed.
Note: This patch deliberately ignores checkpatch issues in the
cmdtables, in order to match the style of the surrounding code.
We'll correct the entire file in one go in a later patch.
v2: set dispatch secure late (Mika)
v3: rebase (Mika)
v4: Clear whitelist on each parse
Minor review updates (Chris)
v5: Correct backward jump batching
v6: fix compilation error due to struct eb shuffle (Mika)
Cc: Tony Luck <tony.luck@intel.com>
Cc: Dave Airlie <airlied@redhat.com>
Cc: Takashi Iwai <tiwai@suse.de>
Cc: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Jon Bloomfield <jon.bloomfield@intel.com>
Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com>
Reviewed-by: Chris Wilson <chris.p.wilson@intel.com>
2018-09-20 23:58:36 +07:00
|
|
|
DRM_DEBUG("CMD: BB_START to 0x%llx not a previously executed cmd\n",
|
|
|
|
jump_target);
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2019-12-12 06:08:56 +07:00
|
|
|
static unsigned long *alloc_whitelist(u32 batch_length)
|
drm/i915/cmdparser: Add support for backward jumps
To keep things manageable, the pre-gen9 cmdparser does not
attempt to track any form of nested BB_START's. This did not
prevent usermode from using nested starts, or even chained
batches because the cmdparser is not strictly enforced pre gen9.
Instead, the existence of a nested BB_START would cause the batch
to be emitted in insecure mode, and any privileged capabilities
would not be available.
For Gen9, the cmdparser becomes mandatory (for BCS at least), and
so not providing any form of nested BB_START support becomes
overly restrictive. Any such batch will simply not run.
We make heavy use of backward jumps in igt, and it is much easier
to add support for this restricted subset of nested jumps, than to
rewrite the whole of our test suite to avoid them.
Add the required logic to support limited backward jumps, to
instructions that have already been validated by the parser.
Note that it's not sufficient to simply approve any BB_START
that jumps backwards in the buffer because this would allow an
attacker to embed a rogue instruction sequence within the
operand words of a harmless instruction (say LRI) and jump to
that.
We introduce a bit array to track every instr offset successfully
validated, and test the target of BB_START against this. If the
target offset hits, it is re-written to the same offset in the
shadow buffer and the BB_START cmd is allowed.
Note: This patch deliberately ignores checkpatch issues in the
cmdtables, in order to match the style of the surrounding code.
We'll correct the entire file in one go in a later patch.
v2: set dispatch secure late (Mika)
v3: rebase (Mika)
v4: Clear whitelist on each parse
Minor review updates (Chris)
v5: Correct backward jump batching
v6: fix compilation error due to struct eb shuffle (Mika)
Cc: Tony Luck <tony.luck@intel.com>
Cc: Dave Airlie <airlied@redhat.com>
Cc: Takashi Iwai <tiwai@suse.de>
Cc: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Jon Bloomfield <jon.bloomfield@intel.com>
Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com>
Reviewed-by: Chris Wilson <chris.p.wilson@intel.com>
2018-09-20 23:58:36 +07:00
|
|
|
{
|
2019-11-28 18:34:24 +07:00
|
|
|
unsigned long *jmp;
|
drm/i915/cmdparser: Add support for backward jumps
To keep things manageable, the pre-gen9 cmdparser does not
attempt to track any form of nested BB_START's. This did not
prevent usermode from using nested starts, or even chained
batches because the cmdparser is not strictly enforced pre gen9.
Instead, the existence of a nested BB_START would cause the batch
to be emitted in insecure mode, and any privileged capabilities
would not be available.
For Gen9, the cmdparser becomes mandatory (for BCS at least), and
so not providing any form of nested BB_START support becomes
overly restrictive. Any such batch will simply not run.
We make heavy use of backward jumps in igt, and it is much easier
to add support for this restricted subset of nested jumps, than to
rewrite the whole of our test suite to avoid them.
Add the required logic to support limited backward jumps, to
instructions that have already been validated by the parser.
Note that it's not sufficient to simply approve any BB_START
that jumps backwards in the buffer because this would allow an
attacker to embed a rogue instruction sequence within the
operand words of a harmless instruction (say LRI) and jump to
that.
We introduce a bit array to track every instr offset successfully
validated, and test the target of BB_START against this. If the
target offset hits, it is re-written to the same offset in the
shadow buffer and the BB_START cmd is allowed.
Note: This patch deliberately ignores checkpatch issues in the
cmdtables, in order to match the style of the surrounding code.
We'll correct the entire file in one go in a later patch.
v2: set dispatch secure late (Mika)
v3: rebase (Mika)
v4: Clear whitelist on each parse
Minor review updates (Chris)
v5: Correct backward jump batching
v6: fix compilation error due to struct eb shuffle (Mika)
Cc: Tony Luck <tony.luck@intel.com>
Cc: Dave Airlie <airlied@redhat.com>
Cc: Takashi Iwai <tiwai@suse.de>
Cc: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Jon Bloomfield <jon.bloomfield@intel.com>
Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com>
Reviewed-by: Chris Wilson <chris.p.wilson@intel.com>
2018-09-20 23:58:36 +07:00
|
|
|
|
2019-11-28 18:34:24 +07:00
|
|
|
/*
|
2019-12-11 18:04:34 +07:00
|
|
|
* We expect batch_length to be less than 256KiB for known users,
|
2019-11-28 18:34:24 +07:00
|
|
|
* i.e. we need at most an 8KiB bitmap allocation which should be
|
|
|
|
* reasonably cheap due to kmalloc caches.
|
|
|
|
*/
|
drm/i915/cmdparser: Add support for backward jumps
To keep things manageable, the pre-gen9 cmdparser does not
attempt to track any form of nested BB_START's. This did not
prevent usermode from using nested starts, or even chained
batches because the cmdparser is not strictly enforced pre gen9.
Instead, the existence of a nested BB_START would cause the batch
to be emitted in insecure mode, and any privileged capabilities
would not be available.
For Gen9, the cmdparser becomes mandatory (for BCS at least), and
so not providing any form of nested BB_START support becomes
overly restrictive. Any such batch will simply not run.
We make heavy use of backward jumps in igt, and it is much easier
to add support for this restricted subset of nested jumps, than to
rewrite the whole of our test suite to avoid them.
Add the required logic to support limited backward jumps, to
instructions that have already been validated by the parser.
Note that it's not sufficient to simply approve any BB_START
that jumps backwards in the buffer because this would allow an
attacker to embed a rogue instruction sequence within the
operand words of a harmless instruction (say LRI) and jump to
that.
We introduce a bit array to track every instr offset successfully
validated, and test the target of BB_START against this. If the
target offset hits, it is re-written to the same offset in the
shadow buffer and the BB_START cmd is allowed.
Note: This patch deliberately ignores checkpatch issues in the
cmdtables, in order to match the style of the surrounding code.
We'll correct the entire file in one go in a later patch.
v2: set dispatch secure late (Mika)
v3: rebase (Mika)
v4: Clear whitelist on each parse
Minor review updates (Chris)
v5: Correct backward jump batching
v6: fix compilation error due to struct eb shuffle (Mika)
Cc: Tony Luck <tony.luck@intel.com>
Cc: Dave Airlie <airlied@redhat.com>
Cc: Takashi Iwai <tiwai@suse.de>
Cc: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Jon Bloomfield <jon.bloomfield@intel.com>
Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com>
Reviewed-by: Chris Wilson <chris.p.wilson@intel.com>
2018-09-20 23:58:36 +07:00
|
|
|
|
2019-11-28 18:34:24 +07:00
|
|
|
/* Prefer to report transient allocation failure rather than hit oom */
|
2019-12-11 18:04:34 +07:00
|
|
|
jmp = bitmap_zalloc(DIV_ROUND_UP(batch_length, sizeof(u32)),
|
2019-11-28 18:34:24 +07:00
|
|
|
GFP_KERNEL | __GFP_RETRY_MAYFAIL | __GFP_NOWARN);
|
|
|
|
if (!jmp)
|
|
|
|
return ERR_PTR(-ENOMEM);
|
drm/i915/cmdparser: Add support for backward jumps
To keep things manageable, the pre-gen9 cmdparser does not
attempt to track any form of nested BB_START's. This did not
prevent usermode from using nested starts, or even chained
batches because the cmdparser is not strictly enforced pre gen9.
Instead, the existence of a nested BB_START would cause the batch
to be emitted in insecure mode, and any privileged capabilities
would not be available.
For Gen9, the cmdparser becomes mandatory (for BCS at least), and
so not providing any form of nested BB_START support becomes
overly restrictive. Any such batch will simply not run.
We make heavy use of backward jumps in igt, and it is much easier
to add support for this restricted subset of nested jumps, than to
rewrite the whole of our test suite to avoid them.
Add the required logic to support limited backward jumps, to
instructions that have already been validated by the parser.
Note that it's not sufficient to simply approve any BB_START
that jumps backwards in the buffer because this would allow an
attacker to embed a rogue instruction sequence within the
operand words of a harmless instruction (say LRI) and jump to
that.
We introduce a bit array to track every instr offset successfully
validated, and test the target of BB_START against this. If the
target offset hits, it is re-written to the same offset in the
shadow buffer and the BB_START cmd is allowed.
Note: This patch deliberately ignores checkpatch issues in the
cmdtables, in order to match the style of the surrounding code.
We'll correct the entire file in one go in a later patch.
v2: set dispatch secure late (Mika)
v3: rebase (Mika)
v4: Clear whitelist on each parse
Minor review updates (Chris)
v5: Correct backward jump batching
v6: fix compilation error due to struct eb shuffle (Mika)
Cc: Tony Luck <tony.luck@intel.com>
Cc: Dave Airlie <airlied@redhat.com>
Cc: Takashi Iwai <tiwai@suse.de>
Cc: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Jon Bloomfield <jon.bloomfield@intel.com>
Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com>
Reviewed-by: Chris Wilson <chris.p.wilson@intel.com>
2018-09-20 23:58:36 +07:00
|
|
|
|
2019-11-28 18:34:24 +07:00
|
|
|
return jmp;
|
drm/i915/cmdparser: Add support for backward jumps
To keep things manageable, the pre-gen9 cmdparser does not
attempt to track any form of nested BB_START's. This did not
prevent usermode from using nested starts, or even chained
batches because the cmdparser is not strictly enforced pre gen9.
Instead, the existence of a nested BB_START would cause the batch
to be emitted in insecure mode, and any privileged capabilities
would not be available.
For Gen9, the cmdparser becomes mandatory (for BCS at least), and
so not providing any form of nested BB_START support becomes
overly restrictive. Any such batch will simply not run.
We make heavy use of backward jumps in igt, and it is much easier
to add support for this restricted subset of nested jumps, than to
rewrite the whole of our test suite to avoid them.
Add the required logic to support limited backward jumps, to
instructions that have already been validated by the parser.
Note that it's not sufficient to simply approve any BB_START
that jumps backwards in the buffer because this would allow an
attacker to embed a rogue instruction sequence within the
operand words of a harmless instruction (say LRI) and jump to
that.
We introduce a bit array to track every instr offset successfully
validated, and test the target of BB_START against this. If the
target offset hits, it is re-written to the same offset in the
shadow buffer and the BB_START cmd is allowed.
Note: This patch deliberately ignores checkpatch issues in the
cmdtables, in order to match the style of the surrounding code.
We'll correct the entire file in one go in a later patch.
v2: set dispatch secure late (Mika)
v3: rebase (Mika)
v4: Clear whitelist on each parse
Minor review updates (Chris)
v5: Correct backward jump batching
v6: fix compilation error due to struct eb shuffle (Mika)
Cc: Tony Luck <tony.luck@intel.com>
Cc: Dave Airlie <airlied@redhat.com>
Cc: Takashi Iwai <tiwai@suse.de>
Cc: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Jon Bloomfield <jon.bloomfield@intel.com>
Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com>
Reviewed-by: Chris Wilson <chris.p.wilson@intel.com>
2018-09-20 23:58:36 +07:00
|
|
|
}
|
|
|
|
|
2014-02-19 01:15:46 +07:00
|
|
|
#define LENGTH_BIAS 2
|
|
|
|
|
2019-12-12 06:08:57 +07:00
|
|
|
static bool shadow_needs_clflush(struct drm_i915_gem_object *obj)
|
|
|
|
{
|
|
|
|
return !(obj->cache_coherent & I915_BO_CACHE_COHERENT_FOR_WRITE);
|
|
|
|
}
|
|
|
|
|
2014-02-19 01:15:46 +07:00
|
|
|
/**
|
2019-12-11 18:04:34 +07:00
|
|
|
* intel_engine_cmd_parser() - parse a batch buffer for privilege violations
|
2016-06-03 20:02:17 +07:00
|
|
|
* @engine: the engine on which the batch is to execute
|
2019-12-11 18:04:34 +07:00
|
|
|
* @batch: the batch buffer in question
|
|
|
|
* @batch_offset: byte offset in the batch at which execution starts
|
|
|
|
* @batch_length: length of the commands in batch_obj
|
|
|
|
* @shadow: validated copy of the batch buffer in question
|
2019-12-12 06:08:56 +07:00
|
|
|
* @trampoline: whether to emit a conditional trampoline at the end of the batch
|
2014-02-19 01:15:46 +07:00
|
|
|
*
|
|
|
|
* Parses the specified batch buffer looking for privilege violations as
|
|
|
|
* described in the overview.
|
|
|
|
*
|
2014-10-17 02:24:42 +07:00
|
|
|
* Return: non-zero if the parser finds violations or otherwise fails; -EACCES
|
|
|
|
* if the batch appears legal but should use hardware parsing
|
2014-02-19 01:15:46 +07:00
|
|
|
*/
|
2019-12-05 06:26:16 +07:00
|
|
|
int intel_engine_cmd_parser(struct intel_engine_cs *engine,
|
2019-12-11 18:04:34 +07:00
|
|
|
struct i915_vma *batch,
|
|
|
|
u32 batch_offset,
|
|
|
|
u32 batch_length,
|
2019-12-12 06:08:56 +07:00
|
|
|
struct i915_vma *shadow,
|
|
|
|
bool trampoline)
|
2014-02-19 01:15:46 +07:00
|
|
|
{
|
drm/i915/cmdparser: Add support for backward jumps
To keep things manageable, the pre-gen9 cmdparser does not
attempt to track any form of nested BB_START's. This did not
prevent usermode from using nested starts, or even chained
batches because the cmdparser is not strictly enforced pre gen9.
Instead, the existence of a nested BB_START would cause the batch
to be emitted in insecure mode, and any privileged capabilities
would not be available.
For Gen9, the cmdparser becomes mandatory (for BCS at least), and
so not providing any form of nested BB_START support becomes
overly restrictive. Any such batch will simply not run.
We make heavy use of backward jumps in igt, and it is much easier
to add support for this restricted subset of nested jumps, than to
rewrite the whole of our test suite to avoid them.
Add the required logic to support limited backward jumps, to
instructions that have already been validated by the parser.
Note that it's not sufficient to simply approve any BB_START
that jumps backwards in the buffer because this would allow an
attacker to embed a rogue instruction sequence within the
operand words of a harmless instruction (say LRI) and jump to
that.
We introduce a bit array to track every instr offset successfully
validated, and test the target of BB_START against this. If the
target offset hits, it is re-written to the same offset in the
shadow buffer and the BB_START cmd is allowed.
Note: This patch deliberately ignores checkpatch issues in the
cmdtables, in order to match the style of the surrounding code.
We'll correct the entire file in one go in a later patch.
v2: set dispatch secure late (Mika)
v3: rebase (Mika)
v4: Clear whitelist on each parse
Minor review updates (Chris)
v5: Correct backward jump batching
v6: fix compilation error due to struct eb shuffle (Mika)
Cc: Tony Luck <tony.luck@intel.com>
Cc: Dave Airlie <airlied@redhat.com>
Cc: Takashi Iwai <tiwai@suse.de>
Cc: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Jon Bloomfield <jon.bloomfield@intel.com>
Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com>
Reviewed-by: Chris Wilson <chris.p.wilson@intel.com>
2018-09-20 23:58:36 +07:00
|
|
|
u32 *cmd, *batch_end, offset = 0;
|
2016-08-18 23:17:15 +07:00
|
|
|
struct drm_i915_cmd_descriptor default_desc = noop_desc;
|
|
|
|
const struct drm_i915_cmd_descriptor *desc = &default_desc;
|
2019-11-28 18:34:24 +07:00
|
|
|
unsigned long *jump_whitelist;
|
2019-12-11 18:04:34 +07:00
|
|
|
u64 batch_addr, shadow_addr;
|
2015-01-14 18:20:57 +07:00
|
|
|
int ret = 0;
|
2014-12-12 03:13:12 +07:00
|
|
|
|
2019-12-11 18:04:34 +07:00
|
|
|
GEM_BUG_ON(!IS_ALIGNED(batch_offset, sizeof(*cmd)));
|
|
|
|
GEM_BUG_ON(!IS_ALIGNED(batch_length, sizeof(*cmd)));
|
|
|
|
GEM_BUG_ON(range_overflows_t(u64, batch_offset, batch_length,
|
|
|
|
batch->size));
|
|
|
|
GEM_BUG_ON(!batch_length);
|
|
|
|
|
2019-12-12 06:08:57 +07:00
|
|
|
cmd = copy_batch(shadow->obj, batch->obj, batch_offset, batch_length);
|
2016-08-18 23:17:12 +07:00
|
|
|
if (IS_ERR(cmd)) {
|
2019-12-11 18:04:33 +07:00
|
|
|
DRM_DEBUG("CMD: Failed to copy batch\n");
|
2016-08-18 23:17:12 +07:00
|
|
|
return PTR_ERR(cmd);
|
2014-02-19 01:15:46 +07:00
|
|
|
}
|
|
|
|
|
2019-12-12 06:08:56 +07:00
|
|
|
jump_whitelist = NULL;
|
|
|
|
if (!trampoline)
|
|
|
|
/* Defer failure until attempted use */
|
|
|
|
jump_whitelist = alloc_whitelist(batch_length);
|
2019-12-11 18:04:34 +07:00
|
|
|
|
|
|
|
shadow_addr = gen8_canonical_addr(shadow->node.start);
|
|
|
|
batch_addr = gen8_canonical_addr(batch->node.start + batch_offset);
|
drm/i915/cmdparser: Add support for backward jumps
To keep things manageable, the pre-gen9 cmdparser does not
attempt to track any form of nested BB_START's. This did not
prevent usermode from using nested starts, or even chained
batches because the cmdparser is not strictly enforced pre gen9.
Instead, the existence of a nested BB_START would cause the batch
to be emitted in insecure mode, and any privileged capabilities
would not be available.
For Gen9, the cmdparser becomes mandatory (for BCS at least), and
so not providing any form of nested BB_START support becomes
overly restrictive. Any such batch will simply not run.
We make heavy use of backward jumps in igt, and it is much easier
to add support for this restricted subset of nested jumps, than to
rewrite the whole of our test suite to avoid them.
Add the required logic to support limited backward jumps, to
instructions that have already been validated by the parser.
Note that it's not sufficient to simply approve any BB_START
that jumps backwards in the buffer because this would allow an
attacker to embed a rogue instruction sequence within the
operand words of a harmless instruction (say LRI) and jump to
that.
We introduce a bit array to track every instr offset successfully
validated, and test the target of BB_START against this. If the
target offset hits, it is re-written to the same offset in the
shadow buffer and the BB_START cmd is allowed.
Note: This patch deliberately ignores checkpatch issues in the
cmdtables, in order to match the style of the surrounding code.
We'll correct the entire file in one go in a later patch.
v2: set dispatch secure late (Mika)
v3: rebase (Mika)
v4: Clear whitelist on each parse
Minor review updates (Chris)
v5: Correct backward jump batching
v6: fix compilation error due to struct eb shuffle (Mika)
Cc: Tony Luck <tony.luck@intel.com>
Cc: Dave Airlie <airlied@redhat.com>
Cc: Takashi Iwai <tiwai@suse.de>
Cc: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Jon Bloomfield <jon.bloomfield@intel.com>
Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com>
Reviewed-by: Chris Wilson <chris.p.wilson@intel.com>
2018-09-20 23:58:36 +07:00
|
|
|
|
2014-12-12 03:13:09 +07:00
|
|
|
/*
|
2014-12-12 03:13:10 +07:00
|
|
|
* We use the batch length as size because the shadow object is as
|
2014-12-12 03:13:09 +07:00
|
|
|
* large or larger and copy_batch() will write MI_NOPs to the extra
|
|
|
|
* space. Parsing should be faster in some cases this way.
|
|
|
|
*/
|
2019-12-11 18:04:34 +07:00
|
|
|
batch_end = cmd + batch_length / sizeof(*batch_end);
|
2017-03-10 18:55:18 +07:00
|
|
|
do {
|
2014-02-19 01:15:46 +07:00
|
|
|
u32 length;
|
|
|
|
|
2018-09-28 00:23:17 +07:00
|
|
|
if (*cmd == MI_BATCH_BUFFER_END)
|
2014-02-19 01:15:46 +07:00
|
|
|
break;
|
|
|
|
|
2016-08-18 23:17:15 +07:00
|
|
|
desc = find_cmd(engine, *cmd, desc, &default_desc);
|
2014-02-19 01:15:46 +07:00
|
|
|
if (!desc) {
|
2019-12-11 18:04:33 +07:00
|
|
|
DRM_DEBUG("CMD: Unrecognized command: 0x%08X\n", *cmd);
|
2014-02-19 01:15:46 +07:00
|
|
|
ret = -EINVAL;
|
2019-12-11 18:04:35 +07:00
|
|
|
break;
|
2014-02-19 01:15:46 +07:00
|
|
|
}
|
|
|
|
|
|
|
|
if (desc->flags & CMD_DESC_FIXED)
|
|
|
|
length = desc->length.fixed;
|
|
|
|
else
|
2019-12-11 18:04:34 +07:00
|
|
|
length = (*cmd & desc->length.mask) + LENGTH_BIAS;
|
2014-02-19 01:15:46 +07:00
|
|
|
|
|
|
|
if ((batch_end - cmd) < length) {
|
2019-12-11 18:04:33 +07:00
|
|
|
DRM_DEBUG("CMD: Command length exceeds batch length: 0x%08X length=%u batchlen=%td\n",
|
|
|
|
*cmd,
|
|
|
|
length,
|
|
|
|
batch_end - cmd);
|
2014-02-19 01:15:46 +07:00
|
|
|
ret = -EINVAL;
|
2019-12-11 18:04:35 +07:00
|
|
|
break;
|
2014-02-19 01:15:46 +07:00
|
|
|
}
|
|
|
|
|
2018-06-09 00:05:26 +07:00
|
|
|
if (!check_cmd(engine, desc, cmd, length)) {
|
2016-11-08 02:49:49 +07:00
|
|
|
ret = -EACCES;
|
2019-12-11 18:04:35 +07:00
|
|
|
break;
|
2014-02-19 01:15:46 +07:00
|
|
|
}
|
|
|
|
|
drm/i915/cmdparser: Add support for backward jumps
To keep things manageable, the pre-gen9 cmdparser does not
attempt to track any form of nested BB_START's. This did not
prevent usermode from using nested starts, or even chained
batches because the cmdparser is not strictly enforced pre gen9.
Instead, the existence of a nested BB_START would cause the batch
to be emitted in insecure mode, and any privileged capabilities
would not be available.
For Gen9, the cmdparser becomes mandatory (for BCS at least), and
so not providing any form of nested BB_START support becomes
overly restrictive. Any such batch will simply not run.
We make heavy use of backward jumps in igt, and it is much easier
to add support for this restricted subset of nested jumps, than to
rewrite the whole of our test suite to avoid them.
Add the required logic to support limited backward jumps, to
instructions that have already been validated by the parser.
Note that it's not sufficient to simply approve any BB_START
that jumps backwards in the buffer because this would allow an
attacker to embed a rogue instruction sequence within the
operand words of a harmless instruction (say LRI) and jump to
that.
We introduce a bit array to track every instr offset successfully
validated, and test the target of BB_START against this. If the
target offset hits, it is re-written to the same offset in the
shadow buffer and the BB_START cmd is allowed.
Note: This patch deliberately ignores checkpatch issues in the
cmdtables, in order to match the style of the surrounding code.
We'll correct the entire file in one go in a later patch.
v2: set dispatch secure late (Mika)
v3: rebase (Mika)
v4: Clear whitelist on each parse
Minor review updates (Chris)
v5: Correct backward jump batching
v6: fix compilation error due to struct eb shuffle (Mika)
Cc: Tony Luck <tony.luck@intel.com>
Cc: Dave Airlie <airlied@redhat.com>
Cc: Takashi Iwai <tiwai@suse.de>
Cc: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Jon Bloomfield <jon.bloomfield@intel.com>
Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com>
Reviewed-by: Chris Wilson <chris.p.wilson@intel.com>
2018-09-20 23:58:36 +07:00
|
|
|
if (desc->cmd.value == MI_BATCH_BUFFER_START) {
|
2019-12-11 18:04:34 +07:00
|
|
|
ret = check_bbstart(cmd, offset, length, batch_length,
|
|
|
|
batch_addr, shadow_addr,
|
2019-11-28 18:34:24 +07:00
|
|
|
jump_whitelist);
|
drm/i915/cmdparser: Add support for backward jumps
To keep things manageable, the pre-gen9 cmdparser does not
attempt to track any form of nested BB_START's. This did not
prevent usermode from using nested starts, or even chained
batches because the cmdparser is not strictly enforced pre gen9.
Instead, the existence of a nested BB_START would cause the batch
to be emitted in insecure mode, and any privileged capabilities
would not be available.
For Gen9, the cmdparser becomes mandatory (for BCS at least), and
so not providing any form of nested BB_START support becomes
overly restrictive. Any such batch will simply not run.
We make heavy use of backward jumps in igt, and it is much easier
to add support for this restricted subset of nested jumps, than to
rewrite the whole of our test suite to avoid them.
Add the required logic to support limited backward jumps, to
instructions that have already been validated by the parser.
Note that it's not sufficient to simply approve any BB_START
that jumps backwards in the buffer because this would allow an
attacker to embed a rogue instruction sequence within the
operand words of a harmless instruction (say LRI) and jump to
that.
We introduce a bit array to track every instr offset successfully
validated, and test the target of BB_START against this. If the
target offset hits, it is re-written to the same offset in the
shadow buffer and the BB_START cmd is allowed.
Note: This patch deliberately ignores checkpatch issues in the
cmdtables, in order to match the style of the surrounding code.
We'll correct the entire file in one go in a later patch.
v2: set dispatch secure late (Mika)
v3: rebase (Mika)
v4: Clear whitelist on each parse
Minor review updates (Chris)
v5: Correct backward jump batching
v6: fix compilation error due to struct eb shuffle (Mika)
Cc: Tony Luck <tony.luck@intel.com>
Cc: Dave Airlie <airlied@redhat.com>
Cc: Takashi Iwai <tiwai@suse.de>
Cc: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Jon Bloomfield <jon.bloomfield@intel.com>
Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com>
Reviewed-by: Chris Wilson <chris.p.wilson@intel.com>
2018-09-20 23:58:36 +07:00
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
2019-11-28 18:34:24 +07:00
|
|
|
if (!IS_ERR_OR_NULL(jump_whitelist))
|
|
|
|
__set_bit(offset, jump_whitelist);
|
drm/i915/cmdparser: Add support for backward jumps
To keep things manageable, the pre-gen9 cmdparser does not
attempt to track any form of nested BB_START's. This did not
prevent usermode from using nested starts, or even chained
batches because the cmdparser is not strictly enforced pre gen9.
Instead, the existence of a nested BB_START would cause the batch
to be emitted in insecure mode, and any privileged capabilities
would not be available.
For Gen9, the cmdparser becomes mandatory (for BCS at least), and
so not providing any form of nested BB_START support becomes
overly restrictive. Any such batch will simply not run.
We make heavy use of backward jumps in igt, and it is much easier
to add support for this restricted subset of nested jumps, than to
rewrite the whole of our test suite to avoid them.
Add the required logic to support limited backward jumps, to
instructions that have already been validated by the parser.
Note that it's not sufficient to simply approve any BB_START
that jumps backwards in the buffer because this would allow an
attacker to embed a rogue instruction sequence within the
operand words of a harmless instruction (say LRI) and jump to
that.
We introduce a bit array to track every instr offset successfully
validated, and test the target of BB_START against this. If the
target offset hits, it is re-written to the same offset in the
shadow buffer and the BB_START cmd is allowed.
Note: This patch deliberately ignores checkpatch issues in the
cmdtables, in order to match the style of the surrounding code.
We'll correct the entire file in one go in a later patch.
v2: set dispatch secure late (Mika)
v3: rebase (Mika)
v4: Clear whitelist on each parse
Minor review updates (Chris)
v5: Correct backward jump batching
v6: fix compilation error due to struct eb shuffle (Mika)
Cc: Tony Luck <tony.luck@intel.com>
Cc: Dave Airlie <airlied@redhat.com>
Cc: Takashi Iwai <tiwai@suse.de>
Cc: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Jon Bloomfield <jon.bloomfield@intel.com>
Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com>
Reviewed-by: Chris Wilson <chris.p.wilson@intel.com>
2018-09-20 23:58:36 +07:00
|
|
|
|
2014-02-19 01:15:46 +07:00
|
|
|
cmd += length;
|
drm/i915/cmdparser: Add support for backward jumps
To keep things manageable, the pre-gen9 cmdparser does not
attempt to track any form of nested BB_START's. This did not
prevent usermode from using nested starts, or even chained
batches because the cmdparser is not strictly enforced pre gen9.
Instead, the existence of a nested BB_START would cause the batch
to be emitted in insecure mode, and any privileged capabilities
would not be available.
For Gen9, the cmdparser becomes mandatory (for BCS at least), and
so not providing any form of nested BB_START support becomes
overly restrictive. Any such batch will simply not run.
We make heavy use of backward jumps in igt, and it is much easier
to add support for this restricted subset of nested jumps, than to
rewrite the whole of our test suite to avoid them.
Add the required logic to support limited backward jumps, to
instructions that have already been validated by the parser.
Note that it's not sufficient to simply approve any BB_START
that jumps backwards in the buffer because this would allow an
attacker to embed a rogue instruction sequence within the
operand words of a harmless instruction (say LRI) and jump to
that.
We introduce a bit array to track every instr offset successfully
validated, and test the target of BB_START against this. If the
target offset hits, it is re-written to the same offset in the
shadow buffer and the BB_START cmd is allowed.
Note: This patch deliberately ignores checkpatch issues in the
cmdtables, in order to match the style of the surrounding code.
We'll correct the entire file in one go in a later patch.
v2: set dispatch secure late (Mika)
v3: rebase (Mika)
v4: Clear whitelist on each parse
Minor review updates (Chris)
v5: Correct backward jump batching
v6: fix compilation error due to struct eb shuffle (Mika)
Cc: Tony Luck <tony.luck@intel.com>
Cc: Dave Airlie <airlied@redhat.com>
Cc: Takashi Iwai <tiwai@suse.de>
Cc: Tyler Hicks <tyhicks@canonical.com>
Signed-off-by: Jon Bloomfield <jon.bloomfield@intel.com>
Signed-off-by: Mika Kuoppala <mika.kuoppala@linux.intel.com>
Reviewed-by: Chris Wilson <chris.p.wilson@intel.com>
2018-09-20 23:58:36 +07:00
|
|
|
offset += length;
|
2017-03-10 18:55:18 +07:00
|
|
|
if (cmd >= batch_end) {
|
2019-12-11 18:04:33 +07:00
|
|
|
DRM_DEBUG("CMD: Got to the end of the buffer w/o a BBE cmd!\n");
|
2017-03-10 18:55:18 +07:00
|
|
|
ret = -EINVAL;
|
2019-12-11 18:04:35 +07:00
|
|
|
break;
|
2017-03-10 18:55:18 +07:00
|
|
|
}
|
|
|
|
} while (1);
|
2014-02-19 01:15:46 +07:00
|
|
|
|
2019-12-12 06:08:56 +07:00
|
|
|
if (trampoline) {
|
|
|
|
/*
|
|
|
|
* With the trampoline, the shadow is executed twice.
|
|
|
|
*
|
|
|
|
* 1 - starting at offset 0, in privileged mode
|
|
|
|
* 2 - starting at offset batch_len, as non-privileged
|
|
|
|
*
|
|
|
|
* Only if the batch is valid and safe to execute, do we
|
|
|
|
* allow the first privileged execution to proceed. If not,
|
|
|
|
* we terminate the first batch and use the second batchbuffer
|
|
|
|
* entry to chain to the original unsafe non-privileged batch,
|
|
|
|
* leaving it to the HW to validate.
|
|
|
|
*/
|
|
|
|
*batch_end = MI_BATCH_BUFFER_END;
|
|
|
|
|
|
|
|
if (ret) {
|
|
|
|
/* Batch unsafe to execute with privileges, cancel! */
|
|
|
|
cmd = page_mask_bits(shadow->obj->mm.mapping);
|
|
|
|
*cmd = MI_BATCH_BUFFER_END;
|
|
|
|
|
|
|
|
/* If batch is unsafe but valid, jump to the original */
|
|
|
|
if (ret == -EACCES) {
|
|
|
|
unsigned int flags;
|
|
|
|
|
|
|
|
flags = MI_BATCH_NON_SECURE_I965;
|
|
|
|
if (IS_HASWELL(engine->i915))
|
|
|
|
flags = MI_BATCH_NON_SECURE_HSW;
|
|
|
|
|
|
|
|
GEM_BUG_ON(!IS_GEN_RANGE(engine->i915, 6, 7));
|
|
|
|
__gen6_emit_bb_start(batch_end,
|
|
|
|
batch_addr,
|
|
|
|
flags);
|
|
|
|
|
|
|
|
ret = 0; /* allow execution */
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-12-12 06:08:57 +07:00
|
|
|
if (shadow_needs_clflush(shadow->obj))
|
2019-12-12 06:08:56 +07:00
|
|
|
drm_clflush_virt_range(batch_end, 8);
|
|
|
|
}
|
|
|
|
|
2019-12-12 06:08:57 +07:00
|
|
|
if (shadow_needs_clflush(shadow->obj)) {
|
2019-12-11 18:04:34 +07:00
|
|
|
void *ptr = page_mask_bits(shadow->obj->mm.mapping);
|
2018-09-28 00:23:17 +07:00
|
|
|
|
|
|
|
drm_clflush_virt_range(ptr, (void *)(cmd + 1) - ptr);
|
|
|
|
}
|
|
|
|
|
2019-11-28 18:34:24 +07:00
|
|
|
if (!IS_ERR_OR_NULL(jump_whitelist))
|
|
|
|
kfree(jump_whitelist);
|
2019-12-11 18:04:34 +07:00
|
|
|
i915_gem_object_unpin_map(shadow->obj);
|
2014-02-19 01:15:46 +07:00
|
|
|
return ret;
|
|
|
|
}
|
2014-02-19 01:15:56 +07:00
|
|
|
|
|
|
|
/**
|
|
|
|
* i915_cmd_parser_get_version() - get the cmd parser version number
|
2016-06-03 20:02:17 +07:00
|
|
|
* @dev_priv: i915 device private
|
2014-02-19 01:15:56 +07:00
|
|
|
*
|
|
|
|
* The cmd parser maintains a simple increasing integer version number suitable
|
|
|
|
* for passing to userspace clients to determine what operations are permitted.
|
|
|
|
*
|
|
|
|
* Return: the current version number of the cmd parser
|
|
|
|
*/
|
2016-05-04 20:25:36 +07:00
|
|
|
int i915_cmd_parser_get_version(struct drm_i915_private *dev_priv)
|
2014-02-19 01:15:56 +07:00
|
|
|
{
|
2016-05-04 20:25:36 +07:00
|
|
|
struct intel_engine_cs *engine;
|
|
|
|
bool active = false;
|
|
|
|
|
|
|
|
/* If the command parser is not enabled, report 0 - unsupported */
|
2019-08-06 19:43:00 +07:00
|
|
|
for_each_uabi_engine(engine, dev_priv) {
|
2018-08-01 23:33:59 +07:00
|
|
|
if (intel_engine_using_cmd_parser(engine)) {
|
2016-05-04 20:25:36 +07:00
|
|
|
active = true;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (!active)
|
|
|
|
return 0;
|
|
|
|
|
2014-02-19 01:15:56 +07:00
|
|
|
/*
|
|
|
|
* Command parser version history
|
|
|
|
*
|
|
|
|
* 1. Initial version. Checks batches and reports violations, but leaves
|
|
|
|
* hardware parsing enabled (so does not allow new use cases).
|
2014-11-08 02:00:26 +07:00
|
|
|
* 2. Allow access to the MI_PREDICATE_SRC0 and
|
|
|
|
* MI_PREDICATE_SRC1 registers.
|
2014-12-12 04:28:09 +07:00
|
|
|
* 3. Allow access to the GPGPU_THREADS_DISPATCHED register.
|
2015-06-15 18:03:29 +07:00
|
|
|
* 4. L3 atomic chicken bits of HSW_SCRATCH1 and HSW_ROW_CHICKEN3.
|
2015-10-02 13:09:58 +07:00
|
|
|
* 5. GPGPU dispatch compute indirect registers.
|
2016-03-07 14:30:30 +07:00
|
|
|
* 6. TIMESTAMP register and Haswell CS GPR registers
|
2016-05-06 14:50:14 +07:00
|
|
|
* 7. Allow MI_LOAD_REGISTER_REG between whitelisted registers.
|
2016-11-08 02:49:49 +07:00
|
|
|
* 8. Don't report cmd_check() failures as EINVAL errors to userspace;
|
|
|
|
* rely on the HW to NOOP disallowed commands as it would without
|
|
|
|
* the parser enabled.
|
2016-11-08 19:51:48 +07:00
|
|
|
* 9. Don't whitelist or handle oacontrol specially, as ownership
|
|
|
|
* for oacontrol state is moving to i915-perf.
|
2018-04-24 01:12:15 +07:00
|
|
|
* 10. Support for Gen9 BCS Parsing
|
2014-02-19 01:15:56 +07:00
|
|
|
*/
|
2018-04-24 01:12:15 +07:00
|
|
|
return 10;
|
2014-02-19 01:15:56 +07:00
|
|
|
}
|