On Mon, Feb 12, 2018 at 05:37:56PM +0000, Chris Wilson wrote:
> Quoting Ville Syrjälä (2018-02-12 17:30:52)
> > On Sat, Feb 10, 2018 at 09:43:38PM +0000, Chris Wilson wrote:
> > > On ctg/ilk, for whatever reason, MI_STORE_DWORD is a privileged operation
> > > so we must request a SECURE batch.
> > IIRC ctg supposedly introduced some form of ppgtt. Isn't that the
> > reason?
> > Hmm. Now I wonder how anything works on these platforms. Should the
> > batch itself be executed via ppgtt if it's non-secure? Maybe the hw
> > has a fallback mechanism of some sort to execute via ggtt if ppgtt
> > isn't enabled...
> > ppgtt enable bit:
> > "When this bit is clear, all memory accesses will be completed using the
> > GGTT. Privileged memory protections will not be enforced (it is
> > acceptable for a non-secure batch buffer to access GGTT space)"
> > OK. That seems to confirm that part of the theory.
> > For pre-ctg the spec says:
> > "Although Buffer Security Indicator is implemented, there is no usage
> > model for it and it need not be validated."
> > So I'm thinking we should never set the non-secure bit on these old
> > platforms.
> That does open a large can of worms with the ability to write any
> register from userspace or manipulate the pagetables; i.e. requires the
> cmdparser. The usage model has been such that very few commands are
> affected; certainly no one [else] has noticed (afaik).
I suppose. I can't find any notes about this being wrong in the gen2/3
docs. And the gen4 quote just says "need not be validated" after all so
I suppose it doesn't necessarily mean it wasn't validated. And I guess
we should have found out long ago if it's hopelessly broken.
Reviewed-by: Ville Syrjälä <ville.syrj...@linux.intel.com>
Intel-gfx mailing list