| Message ID | 20231206081538.17056-4-yunfei.dong@mediatek.com |
|---|---|
| State | New |
| Headers | show |
| Series | [v3,01/21] v4l2: add secure memory flags | expand |
On Mon, Dec 11, 2023 at 2:58 AM Hans Verkuil <hverkuil-cisco@xs4all.nl> wrote: > > On 06/12/2023 09:15, Yunfei Dong wrote: > > From: Jeffrey Kardatzke <jkardatzke@google.com> > > > > Verfies in the dmabuf implementations that if the secure memory flag is > > Verfies -> Verifies Thanks. Yunfei, change that please. > > > set for a queue that the dmabuf submitted to the queue is unmappable. > > > > Signed-off-by: Jeffrey Kardatzke <jkardatzke@google.com> > > Signed-off-by: Yunfei Dong <yunfei.dong@mediatek.com> > > --- > > drivers/media/common/videobuf2/videobuf2-dma-contig.c | 6 ++++++ > > drivers/media/common/videobuf2/videobuf2-dma-sg.c | 6 ++++++ > > 2 files changed, 12 insertions(+) > > > > diff --git a/drivers/media/common/videobuf2/videobuf2-dma-contig.c b/drivers/media/common/videobuf2/videobuf2-dma-contig.c > > index 3d4fd4ef5310..ad58ef8dc231 100644 > > --- a/drivers/media/common/videobuf2/videobuf2-dma-contig.c > > +++ b/drivers/media/common/videobuf2/videobuf2-dma-contig.c > > @@ -710,6 +710,12 @@ static int vb2_dc_map_dmabuf(void *mem_priv) > > return -EINVAL; > > } > > > > + /* verify the dmabuf is secure if we are in secure mode */ > > + if (buf->vb->vb2_queue->secure_mem && sg_page(sgt->sgl)) { > > This needs a bit more explanation. I guess that for secure memory > sg_page returns NULL? How about if we change it to: /* verify the dmabuf is secure if we are in secure mode, this is done by validating there is no page entry for the dmabuf */ > > > + pr_err("secure queue requires secure dma_buf"); > > + return -EINVAL; > > + } > > + > > /* checking if dmabuf is big enough to store contiguous chunk */ > > contig_size = vb2_dc_get_contiguous_size(sgt); > > if (contig_size < buf->size) { > > diff --git a/drivers/media/common/videobuf2/videobuf2-dma-sg.c b/drivers/media/common/videobuf2/videobuf2-dma-sg.c > > index 28f3fdfe23a2..55428c73c380 100644 > > --- a/drivers/media/common/videobuf2/videobuf2-dma-sg.c > > +++ b/drivers/media/common/videobuf2/videobuf2-dma-sg.c > > @@ -564,6 +564,12 @@ static int vb2_dma_sg_map_dmabuf(void *mem_priv) > > return -EINVAL; > > } > > > > + /* verify the dmabuf is secure if we are in secure mode */ > > + if (buf->vb->vb2_queue->secure_mem && !sg_dma_secure(sgt->sgl)) { > > I can't find the sg_dma_secure function. I suspect this patch series > depends on another series? That was an oversight, it should be the same as in videobuf2-dma-contig.c. Yunfei, can you change this to match what's in videobuf2-dma-contig.c after the comment is reworded? > > > + pr_err("secure queue requires secure dma_buf"); > > + return -EINVAL; > > + } > > + > > buf->dma_sgt = sgt; > > buf->vaddr = NULL; > > > > Regards, > > Hans
diff --git a/drivers/media/common/videobuf2/videobuf2-dma-contig.c b/drivers/media/common/videobuf2/videobuf2-dma-contig.c index 3d4fd4ef5310..ad58ef8dc231 100644 --- a/drivers/media/common/videobuf2/videobuf2-dma-contig.c +++ b/drivers/media/common/videobuf2/videobuf2-dma-contig.c @@ -710,6 +710,12 @@ static int vb2_dc_map_dmabuf(void *mem_priv) return -EINVAL; } + /* verify the dmabuf is secure if we are in secure mode */ + if (buf->vb->vb2_queue->secure_mem && sg_page(sgt->sgl)) { + pr_err("secure queue requires secure dma_buf"); + return -EINVAL; + } + /* checking if dmabuf is big enough to store contiguous chunk */ contig_size = vb2_dc_get_contiguous_size(sgt); if (contig_size < buf->size) { diff --git a/drivers/media/common/videobuf2/videobuf2-dma-sg.c b/drivers/media/common/videobuf2/videobuf2-dma-sg.c index 28f3fdfe23a2..55428c73c380 100644 --- a/drivers/media/common/videobuf2/videobuf2-dma-sg.c +++ b/drivers/media/common/videobuf2/videobuf2-dma-sg.c @@ -564,6 +564,12 @@ static int vb2_dma_sg_map_dmabuf(void *mem_priv) return -EINVAL; } + /* verify the dmabuf is secure if we are in secure mode */ + if (buf->vb->vb2_queue->secure_mem && !sg_dma_secure(sgt->sgl)) { + pr_err("secure queue requires secure dma_buf"); + return -EINVAL; + } + buf->dma_sgt = sgt; buf->vaddr = NULL;