Re: [PATCH v9 10/39] drm/i915: Implement HDCP2.2 receiver authentication

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Dec 13, 2018 at 09:31:12AM +0530, Ramalingam C wrote:
> Implements HDCP2.2 authentication for hdcp2.2 receivers, with
> following steps:
> 	Authentication and Key exchange (AKE).
> 	Locality Check (LC).
> 	Session Key Exchange(SKE).
> 	DP Errata for stream type configuration for receivers.
> 
> At AKE, the HDCP Receiver’s public key certificate is verified by the
> HDCP Transmitter. A Master Key k m is exchanged.
> 
> At LC, the HDCP Transmitter enforces locality on the content by
> requiring that the Round Trip Time (RTT) between a pair of messages
> is not more than 20 ms.
> 
> At SKE, The HDCP Transmitter exchanges Session Key ks with
> the HDCP Receiver.
> 
> In DP HDCP2.2 encryption and decryption logics use the stream type as
> one of the parameter. So Before enabling the Encryption DP HDCP2.2
> receiver needs to be communicated with stream type. This is added to
> spec as ERRATA.
> 
> This generic implementation is complete only with the hdcp2 specific
> functions defined at hdcp_shim.
> 
> v2: Rebased.
> v3:
>   %s/PARING/PAIRING
>   Coding style fixing [Uma]
> v4:
>   Rebased as part of patch reordering.
>   Defined the functions for mei services. [Daniel]
> v5:
>   Redefined the mei service functions as per comp redesign.
>   Required intel_hdcp members are defined [Sean Paul]
> v6:
>   Typo of cipher is Fixed [Uma]
>   %s/uintxx_t/uxx
>   Check for comp_master is removed.
> v7:
>   Adjust to the new interface.
>   Avoid using bool structure members. [Tomas]
> v8: Rebased.
> 
> Signed-off-by: Ramalingam C <ramalingam.c@xxxxxxxxx>
> ---
>  drivers/gpu/drm/i915/intel_drv.h  |  34 ++++++
>  drivers/gpu/drm/i915/intel_hdcp.c | 211 +++++++++++++++++++++++++++++++++++---
>  2 files changed, 230 insertions(+), 15 deletions(-)
> 
> diff --git a/drivers/gpu/drm/i915/intel_drv.h b/drivers/gpu/drm/i915/intel_drv.h
> index 6d5361616ca3..a6b632d71490 100644
> --- a/drivers/gpu/drm/i915/intel_drv.h
> +++ b/drivers/gpu/drm/i915/intel_drv.h
> @@ -387,6 +387,22 @@ struct intel_hdcp_shim {
>  	/* Detects whether Panel is HDCP2.2 capable */
>  	int (*hdcp_2_2_capable)(struct intel_digital_port *intel_dig_port,
>  				bool *capable);
> +
> +	/* Write HDCP2.2 messages */
> +	int (*write_2_2_msg)(struct intel_digital_port *intel_dig_port,
> +			     void *buf, size_t size);
> +
> +	/* Read HDCP2.2 messages */
> +	int (*read_2_2_msg)(struct intel_digital_port *intel_dig_port,
> +			    u8 msg_id, void *buf, size_t size);
> +
> +	/*
> +	 * Implementation of DP HDCP2.2 Errata for the communication of stream
> +	 * type to Receivers. In DP HDCP2.2 Stream type is one of the input to
> +	 * the HDCP2.2 Cipher for En/De-Cryption. Not applicable for HDMI.
> +	 */
> +	int (*config_stream_type)(struct intel_digital_port *intel_dig_port,
> +				  void *buf, size_t size);
>  };
>  
>  struct intel_hdcp {
> @@ -414,6 +430,24 @@ struct intel_hdcp {
>  	 */
>  	u8 content_type;
>  	struct hdcp_port_data port_data;
> +
> +	u8 is_paired;
> +	u8 is_repeater;

Make these two bool, will simplify the code a bunch.

> +
> +	/*
> +	 * Count of ReceiverID_List received. Initialized to 0 at AKE_INIT.
> +	 * Incremented after processing the RepeaterAuth_Send_ReceiverID_List.
> +	 * When it rolls over re-auth has to be triggered.
> +	 */
> +	u32 seq_num_v;
> +
> +	/*
> +	 * Count of RepeaterAuth_Stream_Manage msg propagated.
> +	 * Initialized to 0 on AKE_INIT. Incremented after every successful
> +	 * transmission of RepeaterAuth_Stream_Manage message. When it rolls
> +	 * over re-Auth has to be triggered.
> +	 */
> +	u32 seq_num_m;
>  };
>  
>  struct intel_connector {
> diff --git a/drivers/gpu/drm/i915/intel_hdcp.c b/drivers/gpu/drm/i915/intel_hdcp.c
> index f0ee448e6546..f1f0ef294e20 100644
> --- a/drivers/gpu/drm/i915/intel_hdcp.c
> +++ b/drivers/gpu/drm/i915/intel_hdcp.c
> @@ -18,6 +18,7 @@
>  
>  #define KEY_LOAD_TRIES	5
>  #define ENCRYPT_STATUS_CHANGE_TIMEOUT_MS	50
> +#define HDCP2_LC_RETRY_CNT			3
>  
>  static
>  bool intel_hdcp_is_ksv_valid(u8 *ksv)
> @@ -854,7 +855,7 @@ bool is_hdcp_supported(struct drm_i915_private *dev_priv, enum port port)
>  	return INTEL_GEN(dev_priv) >= 9 && port < PORT_E;
>  }
>  
> -static __attribute__((unused)) int
> +static int
>  hdcp2_prepare_ake_init(struct intel_connector *connector,
>  		       struct hdcp2_ake_init *ake_data)
>  {
> @@ -875,7 +876,7 @@ hdcp2_prepare_ake_init(struct intel_connector *connector,
>  	return ret;
>  }
>  
> -static __attribute__((unused)) int
> +static int
>  hdcp2_verify_rx_cert_prepare_km(struct intel_connector *connector,
>  				struct hdcp2_ake_send_cert *rx_cert,
>  				bool *paired,
> @@ -897,9 +898,8 @@ hdcp2_verify_rx_cert_prepare_km(struct intel_connector *connector,
>  	return ret;
>  }
>  
> -static __attribute__((unused)) int
> -hdcp2_verify_hprime(struct intel_connector *connector,
> -		    struct hdcp2_ake_send_hprime *rx_hprime)
> +static int hdcp2_verify_hprime(struct intel_connector *connector,
> +			       struct hdcp2_ake_send_hprime *rx_hprime)
>  {
>  	struct hdcp_port_data *data = &connector->hdcp.port_data;
>  	struct drm_i915_private *dev_priv = to_i915(connector->base.dev);
> @@ -913,7 +913,7 @@ hdcp2_verify_hprime(struct intel_connector *connector,
>  	return ret;
>  }
>  
> -static __attribute__((unused)) int
> +static int
>  hdcp2_store_pairing_info(struct intel_connector *connector,
>  			 struct hdcp2_ake_send_pairing_info *pairing_info)
>  {
> @@ -930,7 +930,7 @@ hdcp2_store_pairing_info(struct intel_connector *connector,
>  	return ret;
>  }
>  
> -static __attribute__((unused)) int
> +static int
>  hdcp2_prepare_lc_init(struct intel_connector *connector,
>  		      struct hdcp2_lc_init *lc_init)
>  {
> @@ -947,7 +947,7 @@ hdcp2_prepare_lc_init(struct intel_connector *connector,
>  	return ret;
>  }
>  
> -static __attribute__((unused)) int
> +static int
>  hdcp2_verify_lprime(struct intel_connector *connector,
>  		    struct hdcp2_lc_send_lprime *rx_lprime)
>  {
> @@ -963,9 +963,8 @@ hdcp2_verify_lprime(struct intel_connector *connector,
>  	return ret;
>  }
>  
> -static __attribute__((unused))
> -int hdcp2_prepare_skey(struct intel_connector *connector,
> -		       struct hdcp2_ske_send_eks *ske_data)
> +static int hdcp2_prepare_skey(struct intel_connector *connector,
> +			      struct hdcp2_ske_send_eks *ske_data)
>  {
>  	struct hdcp_port_data *data = &connector->hdcp.port_data;
>  	struct drm_i915_private *dev_priv = to_i915(connector->base.dev);
> @@ -1016,8 +1015,7 @@ hdcp2_verify_mprime(struct intel_connector *connector,
>  	return ret;
>  }
>  
> -static __attribute__((unused))
> -int hdcp2_authenticate_port(struct intel_connector *connector)
> +static int hdcp2_authenticate_port(struct intel_connector *connector)
>  {
>  	struct hdcp_port_data *data = &connector->hdcp.port_data;
>  	struct drm_i915_private *dev_priv = to_i915(connector->base.dev);
> @@ -1045,11 +1043,194 @@ static int hdcp2_deauthenticate_port(struct intel_connector *connector)
>  	return hdcp2_close_mei_session(connector);
>  }
>  
> +/* Authentication flow starts from here */
> +static int hdcp2_authentication_key_exchange(struct intel_connector *connector)
> +{
> +	struct intel_digital_port *intel_dig_port = conn_to_dig_port(connector);
> +	struct intel_hdcp *hdcp = &connector->hdcp;
> +	union {
> +		struct hdcp2_ake_init ake_init;
> +		struct hdcp2_ake_send_cert send_cert;
> +		struct hdcp2_ake_no_stored_km no_stored_km;
> +		struct hdcp2_ake_send_hprime send_hprime;
> +		struct hdcp2_ake_send_pairing_info pairing_info;
> +	} msgs;
> +	const struct intel_hdcp_shim *shim = hdcp->shim;
> +	size_t size;
> +	int ret;
> +	bool is_paired;
> +
> +	/* Init for seq_num */
> +	hdcp->seq_num_v = 0;
> +	hdcp->seq_num_m = 0;
> +
> +	ret = hdcp2_prepare_ake_init(connector, &msgs.ake_init);
> +	if (ret < 0)
> +		return ret;
> +
> +	ret = shim->write_2_2_msg(intel_dig_port, &msgs.ake_init,
> +				  sizeof(msgs.ake_init));
> +	if (ret < 0)
> +		return ret;
> +
> +	ret = shim->read_2_2_msg(intel_dig_port, HDCP_2_2_AKE_SEND_CERT,
> +				 &msgs.send_cert, sizeof(msgs.send_cert));
> +	if (ret < 0)
> +		return ret;

sink should give us the initial key with 100ms. I guess there's going to
be a patch later on to check that?

> +
> +	if (msgs.send_cert.rx_caps[0] != HDCP_2_2_RX_CAPS_VERSION_VAL)
> +		return -EINVAL;
> +
> +	hdcp->is_repeater = HDCP_2_2_RX_REPEATER(msgs.send_cert.rx_caps[2]) ?
> +			    1 : 0;

If you make is_repeater of type bool you can simplify this.

> +
> +	/*
> +	 * Here msgs.no_stored_km will hold msgs corresponding to the km
> +	 * stored also.
> +	 */
> +	ret = hdcp2_verify_rx_cert_prepare_km(connector, &msgs.send_cert,
> +					      &is_paired,
> +					      &msgs.no_stored_km, &size);
> +	if (ret < 0)
> +		return ret;
> +
> +	hdcp->is_paired = is_paired ? 1 : 0;

The ? 1 : 0 is redundant if you make is_paired type bool.
> +
> +	ret = shim->write_2_2_msg(intel_dig_port, &msgs.no_stored_km, size);
> +	if (ret < 0)
> +		return ret;
> +
> +	ret = shim->read_2_2_msg(intel_dig_port, HDCP_2_2_AKE_SEND_HPRIME,
> +				 &msgs.send_hprime, sizeof(msgs.send_hprime));
> +	if (ret < 0)
> +		return ret;
> +
> +	ret = hdcp2_verify_hprime(connector, &msgs.send_hprime);
> +	if (ret < 0)
> +		return ret;
> +
> +	if (!hdcp->is_paired) {
> +		/* Pairing is required */
> +		ret = shim->read_2_2_msg(intel_dig_port,
> +					 HDCP_2_2_AKE_SEND_PAIRING_INFO,
> +					 &msgs.pairing_info,
> +					 sizeof(msgs.pairing_info));
> +		if (ret < 0)
> +			return ret;
> +
> +		ret = hdcp2_store_pairing_info(connector, &msgs.pairing_info);
> +		if (ret < 0)
> +			return ret;
> +		hdcp->is_paired = 1;

s/1/true/

> +	}
> +
> +	return 0;
> +}
> +
> +static int hdcp2_locality_check(struct intel_connector *connector)
> +{
> +	struct intel_digital_port *intel_dig_port = conn_to_dig_port(connector);
> +	struct intel_hdcp *hdcp = &connector->hdcp;
> +	union {
> +		struct hdcp2_lc_init lc_init;
> +		struct hdcp2_lc_send_lprime send_lprime;
> +	} msgs;
> +	const struct intel_hdcp_shim *shim = hdcp->shim;
> +	int tries = HDCP2_LC_RETRY_CNT, ret, i;
> +
> +	for (i = 0; i < tries; i++) {
> +		ret = hdcp2_prepare_lc_init(connector, &msgs.lc_init);
> +		if (ret < 0)
> +			continue;
> +
> +		ret = shim->write_2_2_msg(intel_dig_port, &msgs.lc_init,
> +				      sizeof(msgs.lc_init));
> +		if (ret < 0)
> +			continue;
> +
> +		ret = shim->read_2_2_msg(intel_dig_port,
> +					 HDCP_2_2_LC_SEND_LPRIME,
> +					 &msgs.send_lprime,
> +					 sizeof(msgs.send_lprime));
> +		if (ret < 0)
> +			continue;
> +
> +		ret = hdcp2_verify_lprime(connector, &msgs.send_lprime);
> +		if (!ret)
> +			break;

We're not checking that the sink replies quickly enough here. Sink needs
to reply in 20ms. Can be a followup I guess.

Also just noticed that we seem to lack all these timing checks for hdcp1
too, at least we don't fail auth if the sink takes too long.

> +	}
> +
> +	return ret;
> +}
> +
> +static int hdcp2_session_key_exchange(struct intel_connector *connector)
> +{
> +	struct intel_digital_port *intel_dig_port = conn_to_dig_port(connector);
> +	struct intel_hdcp *hdcp = &connector->hdcp;
> +	struct hdcp2_ske_send_eks send_eks;
> +	int ret;
> +
> +	ret = hdcp2_prepare_skey(connector, &send_eks);
> +	if (ret < 0)
> +		return ret;
> +
> +	ret = hdcp->shim->write_2_2_msg(intel_dig_port, &send_eks,
> +					sizeof(send_eks));
> +	if (ret < 0)
> +		return ret;
> +
> +	return 0;
> +}
> +
>  static int hdcp2_authenticate_sink(struct intel_connector *connector)
>  {
> -	DRM_ERROR("Sink authentication is done in subsequent patches\n");
> +	struct intel_digital_port *intel_dig_port = conn_to_dig_port(connector);
> +	struct intel_hdcp *hdcp = &connector->hdcp;
> +	const struct intel_hdcp_shim *shim = hdcp->shim;
> +	struct hdcp2_dp_errata_stream_type stream_type_msg;
> +	int ret;
>  
> -	return -EINVAL;
> +	ret = hdcp2_authentication_key_exchange(connector);
> +	if (ret < 0) {
> +		DRM_DEBUG_KMS("AKE Failed. Err : %d\n", ret);
> +		return ret;
> +	}
> +
> +	ret = hdcp2_locality_check(connector);
> +	if (ret < 0) {
> +		DRM_DEBUG_KMS("Locality Check failed. Err : %d\n", ret);
> +		return ret;
> +	}
> +
> +	ret = hdcp2_session_key_exchange(connector);
> +	if (ret < 0) {
> +		DRM_DEBUG_KMS("SKE Failed. Err : %d\n", ret);
> +		return ret;
> +	}
> +
> +	if (!hdcp->is_repeater && shim->config_stream_type) {
> +		/*
> +		 * Errata for DP: As Stream type is used for encryption,
> +		 * Receiver should be communicated with stream type for the
> +		 * decryption of the content.
> +		 * Repeater will be communicated with stream type as a
> +		 * part of it's auth later in time.
> +		 */

I'm not following what you want to say with this comment, and haven't
found anything in the hdcp2 dp spec about this either.

> +		stream_type_msg.msg_id = HDCP_2_2_ERRATA_DP_STREAM_TYP:E;
> +		stream_type_msg.stream_type = hdcp->content_type;
> +
> +		ret = shim->config_stream_type(intel_dig_port, &stream_type_msg,
> +					       sizeof(stream_type_msg));
> +		if (ret < 0)
> +			return ret;
> +	}
> +
> +	hdcp->port_data.streams[0].stream_type = hdcp->content_type;
> +	ret = hdcp2_authenticate_port(connector);
> +	if (ret < 0)
> +		return ret;
> +
> +	return ret;
>  }

With thy types changed to bool and the dp errata cleared up somehow:

Reviewed-by: Daniel Vetter <daniel.vetter@xxxxxxxx>

>  
>  static int hdcp2_enable_encryption(struct intel_connector *connector)
> -- 
> 2.7.4
> 

-- 
Daniel Vetter
Software Engineer, Intel Corporation
http://blog.ffwll.ch
_______________________________________________
dri-devel mailing list
dri-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/dri-devel




[Index of Archives]     [Linux DRI Users]     [Linux Intel Graphics]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [XFree86]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [XFree86]
  Powered by Linux