etnaviv_cmd_parser.c (4709B)
1// SPDX-License-Identifier: GPL-2.0 2/* 3 * Copyright (C) 2015-2018 Etnaviv Project 4 */ 5 6#include <linux/kernel.h> 7 8#include "etnaviv_gem.h" 9#include "etnaviv_gpu.h" 10 11#include "cmdstream.xml.h" 12 13#define EXTRACT(val, field) (((val) & field##__MASK) >> field##__SHIFT) 14 15struct etna_validation_state { 16 struct etnaviv_gpu *gpu; 17 const struct drm_etnaviv_gem_submit_reloc *relocs; 18 unsigned int num_relocs; 19 u32 *start; 20}; 21 22static const struct { 23 u16 offset; 24 u16 size; 25} etnaviv_sensitive_states[] __initconst = { 26#define ST(start, num) { (start) >> 2, (num) } 27 /* 2D */ 28 ST(0x1200, 1), 29 ST(0x1228, 1), 30 ST(0x1238, 1), 31 ST(0x1284, 1), 32 ST(0x128c, 1), 33 ST(0x1304, 1), 34 ST(0x1310, 1), 35 ST(0x1318, 1), 36 ST(0x12800, 4), 37 ST(0x128a0, 4), 38 ST(0x128c0, 4), 39 ST(0x12970, 4), 40 ST(0x12a00, 8), 41 ST(0x12b40, 8), 42 ST(0x12b80, 8), 43 ST(0x12ce0, 8), 44 /* 3D */ 45 ST(0x0644, 1), 46 ST(0x064c, 1), 47 ST(0x0680, 8), 48 ST(0x086c, 1), 49 ST(0x1028, 1), 50 ST(0x1410, 1), 51 ST(0x1430, 1), 52 ST(0x1458, 1), 53 ST(0x1460, 8), 54 ST(0x1480, 8), 55 ST(0x1500, 8), 56 ST(0x1520, 8), 57 ST(0x1608, 1), 58 ST(0x1610, 1), 59 ST(0x1658, 1), 60 ST(0x165c, 1), 61 ST(0x1664, 1), 62 ST(0x1668, 1), 63 ST(0x16a4, 1), 64 ST(0x16c0, 8), 65 ST(0x16e0, 8), 66 ST(0x1740, 8), 67 ST(0x17c0, 8), 68 ST(0x17e0, 8), 69 ST(0x2400, 14 * 16), 70 ST(0x3824, 1), 71 ST(0x10800, 32 * 16), 72 ST(0x14600, 16), 73 ST(0x14800, 8 * 8), 74#undef ST 75}; 76 77#define ETNAVIV_STATES_SIZE (VIV_FE_LOAD_STATE_HEADER_OFFSET__MASK + 1u) 78static DECLARE_BITMAP(etnaviv_states, ETNAVIV_STATES_SIZE); 79 80void __init etnaviv_validate_init(void) 81{ 82 unsigned int i; 83 84 for (i = 0; i < ARRAY_SIZE(etnaviv_sensitive_states); i++) 85 bitmap_set(etnaviv_states, etnaviv_sensitive_states[i].offset, 86 etnaviv_sensitive_states[i].size); 87} 88 89static void etnaviv_warn_if_non_sensitive(struct etna_validation_state *state, 90 unsigned int buf_offset, unsigned int state_addr) 91{ 92 if (state->num_relocs && state->relocs->submit_offset < buf_offset) { 93 dev_warn_once(state->gpu->dev, 94 "%s: relocation for non-sensitive state 0x%x at offset %u\n", 95 __func__, state_addr, 96 state->relocs->submit_offset); 97 while (state->num_relocs && 98 state->relocs->submit_offset < buf_offset) { 99 state->relocs++; 100 state->num_relocs--; 101 } 102 } 103} 104 105static bool etnaviv_validate_load_state(struct etna_validation_state *state, 106 u32 *ptr, unsigned int state_offset, unsigned int num) 107{ 108 unsigned int size = min(ETNAVIV_STATES_SIZE, state_offset + num); 109 unsigned int st_offset = state_offset, buf_offset; 110 111 for_each_set_bit_from(st_offset, etnaviv_states, size) { 112 buf_offset = (ptr - state->start + 113 st_offset - state_offset) * 4; 114 115 etnaviv_warn_if_non_sensitive(state, buf_offset, st_offset * 4); 116 if (state->num_relocs && 117 state->relocs->submit_offset == buf_offset) { 118 state->relocs++; 119 state->num_relocs--; 120 continue; 121 } 122 123 dev_warn_ratelimited(state->gpu->dev, 124 "%s: load state touches restricted state 0x%x at offset %u\n", 125 __func__, st_offset * 4, buf_offset); 126 return false; 127 } 128 129 if (state->num_relocs) { 130 buf_offset = (ptr - state->start + num) * 4; 131 etnaviv_warn_if_non_sensitive(state, buf_offset, st_offset * 4 + 132 state->relocs->submit_offset - 133 buf_offset); 134 } 135 136 return true; 137} 138 139static uint8_t cmd_length[32] = { 140 [FE_OPCODE_DRAW_PRIMITIVES] = 4, 141 [FE_OPCODE_DRAW_INDEXED_PRIMITIVES] = 6, 142 [FE_OPCODE_DRAW_INSTANCED] = 4, 143 [FE_OPCODE_NOP] = 2, 144 [FE_OPCODE_STALL] = 2, 145}; 146 147bool etnaviv_cmd_validate_one(struct etnaviv_gpu *gpu, u32 *stream, 148 unsigned int size, 149 struct drm_etnaviv_gem_submit_reloc *relocs, 150 unsigned int reloc_size) 151{ 152 struct etna_validation_state state; 153 u32 *buf = stream; 154 u32 *end = buf + size; 155 156 state.gpu = gpu; 157 state.relocs = relocs; 158 state.num_relocs = reloc_size; 159 state.start = stream; 160 161 while (buf < end) { 162 u32 cmd = *buf; 163 unsigned int len, n, off; 164 unsigned int op = cmd >> 27; 165 166 switch (op) { 167 case FE_OPCODE_LOAD_STATE: 168 n = EXTRACT(cmd, VIV_FE_LOAD_STATE_HEADER_COUNT); 169 len = ALIGN(1 + n, 2); 170 if (buf + len > end) 171 break; 172 173 off = EXTRACT(cmd, VIV_FE_LOAD_STATE_HEADER_OFFSET); 174 if (!etnaviv_validate_load_state(&state, buf + 1, 175 off, n)) 176 return false; 177 break; 178 179 case FE_OPCODE_DRAW_2D: 180 n = EXTRACT(cmd, VIV_FE_DRAW_2D_HEADER_COUNT); 181 if (n == 0) 182 n = 256; 183 len = 2 + n * 2; 184 break; 185 186 default: 187 len = cmd_length[op]; 188 if (len == 0) { 189 dev_err(gpu->dev, "%s: op %u not permitted at offset %tu\n", 190 __func__, op, buf - state.start); 191 return false; 192 } 193 break; 194 } 195 196 buf += len; 197 } 198 199 if (buf > end) { 200 dev_err(gpu->dev, "%s: commands overflow end of buffer: %tu > %u\n", 201 __func__, buf - state.start, size); 202 return false; 203 } 204 205 return true; 206}