diff --git a/include/uapi/linux/nvgpu-ctrl.h b/include/uapi/linux/nvgpu-ctrl.h index f0420a2f1..5ef43986b 100644 --- a/include/uapi/linux/nvgpu-ctrl.h +++ b/include/uapi/linux/nvgpu-ctrl.h @@ -434,9 +434,55 @@ struct nvgpu_alloc_as_args { __u32 padding[6]; }; +/* + * NVGPU_GPU_IOCTL_OPEN_TSG - create/share TSG ioctl. + * + * This IOCTL allocates one of the available TSG for user when called + * without share token specified. When called with share token specified, + * fd is created for already allocated TSG for sharing the TSG under + * different device/CTRL object hierarchies in different processes. + * + * Source device is specified in the arguments and target device is + * implied from the caller. Share token is unique for a TSG. + * + * When the TSG is successfully created first time or is opened with share + * token, the device instance id associated with the CTRL fd will be added + * to the TSG private data structure as authorized device instance ids. + * This is used for a security check when creating a TSG share token with + * nvgpu_tsg_get_share_token. + * + * return 0 on success, -1 on error. + * retval EINVAL if invalid parameters are specified (if TSG_FLAGS_SHARE + * is set but source_device_instance_id and/or share token + * are zero or TSG_FLAGS_SHARE is not set but other + * arguments are non-zero). + * retval EINVAL if share token doesn't exist or is expired. + */ + +/* + * Specify that the newly created TSG fd will map to existing hardware + * TSG resources. + */ +#define NVGPU_GPU_IOCTL_OPEN_TSG_FLAGS_SHARE ((__u32)1U << 0U) + +/* Arguments for NVGPU_GPU_IOCTL_OPEN_TSG */ struct nvgpu_gpu_open_tsg_args { - __u32 tsg_fd; /* out, tsg fd */ - __u32 reserved; /* must be zero */ + __u32 tsg_fd; /* out: tsg fd */ + __u32 flags; /* in: NVGPU_GPU_IOCTL_OPEN_TSG_FLAGS_* */ + + __u64 source_device_instance_id; /* + * in: source device instance id + * that created the token. Ignored when + * NVGPU_GPU_IOCTL_OPEN_TSG_FLAGS_SHARE + * is unset. + */ + + __u64 share_token; /* + * in: share token obtained from + * NVGPU_TSG_IOCTL_GET_SHARE_TOKEN. Ignored when + * NVGPU_GPU_IOCTL_OPEN_TSG_FLAGS_SHARE + * is unset. + */ }; struct nvgpu_gpu_get_tpc_masks_args { diff --git a/include/uapi/linux/nvgpu.h b/include/uapi/linux/nvgpu.h index 0ed7da4d7..8caf991e6 100644 --- a/include/uapi/linux/nvgpu.h +++ b/include/uapi/linux/nvgpu.h @@ -193,6 +193,77 @@ struct nvgpu_tsg_delete_subcontext_args { __u32 reserved; }; +/* + * NVGPU_TSG_IOCTL_GET_SHARE_TOKEN - get TSG share token ioctl. + * + * This IOCTL creates a TSG share token. The TSG share token may be + * specified when opening new TSG fds with NVGPU_GPU_IOCTL_OPEN_TSG. + * In this case, the underlying HW TSG will be shared. + * + * The source_device_instance_id is checked to be authorized while + * creating share token. + * + * TBD: TSG share tokens have an expiration time. This is controlled + * by /sys/kernel/debug//tsg_share_token_timeout_ms. The default + * timeout is 30000 ms on silicon platforms and 0 (= no timeout) on + * pre-silicon platforms. + * + * When the TSG is closed, all share tokens on the TSG will be + * invalidated. Share token can also be invalidated by calling + * the ioctl NVGPU_TSG_IOCTL_REVOKE_SHARE_TOKEN. + * + * When creating a TSG fd with share token, it is ensured that + * target_device_instance_id specified here matches with the + * device instance id that is used to call the ioctl + * NVGPU_GPU_IOCTL_OPEN_TSG. This will secure the sharing of + * the TSG within trusted parties. + * + * Note: share token is unique in the context of the source and + * target device instance ids for a TSG. + * + * return 0 on success, -1 on error. + * retval EINVAL if invalid parameters are specified. + * (if any of the device id argument is zero or + * unauthorized device). + */ + +/* Arguments for NVGPU_TSG_IOCTL_GET_SHARE_TOKEN */ +struct nvgpu_tsg_get_share_token_args { + /* in: Source (exporter) device id */ + __u64 source_device_instance_id; + + /* in: Target (importer) device id */ + __u64 target_device_instance_id; + + /* out: Share token */ + __u64 share_token; +}; + +/* + * NVGPU_TSG_IOCTL_REVOKE_SHARE_TOKEN - revoke TSG share token ioctl. + * + * This IOCTL revokes a TSG share token. It is intended to be called + * whe the share token data exchange with the other end point is + * unsuccessful. + * + * return 0 on success, -1 on error. + * retval EINVAL if invalid parameters are specified. + * (if any of the argument is zero or unauthorized device). + * retval EINVAL if share token doesn't exist or is expired. + */ + +/* Arguments for NVGPU_TSG_IOCTL_REVOKE_SHARE_TOKEN */ +struct nvgpu_tsg_revoke_share_token_args { + /* in: Source (exporter) device id */ + __u64 source_device_instance_id; + + /* in: Target (importer) device id */ + __u64 target_device_instance_id; + + /* in: Share token */ + __u64 share_token; +}; + #define NVGPU_TSG_IOCTL_BIND_CHANNEL \ _IOW(NVGPU_TSG_IOCTL_MAGIC, 1, int) #define NVGPU_TSG_IOCTL_UNBIND_CHANNEL \ @@ -237,11 +308,17 @@ struct nvgpu_tsg_delete_subcontext_args { #define NVGPU_TSG_IOCTL_DELETE_SUBCONTEXT \ _IOW(NVGPU_TSG_IOCTL_MAGIC, 19, \ struct nvgpu_tsg_delete_subcontext_args) +#define NVGPU_TSG_IOCTL_GET_SHARE_TOKEN \ + _IOWR(NVGPU_TSG_IOCTL_MAGIC, 20, \ + struct nvgpu_tsg_get_share_token_args) +#define NVGPU_TSG_IOCTL_REVOKE_SHARE_TOKEN \ + _IOW(NVGPU_TSG_IOCTL_MAGIC, 21, \ + struct nvgpu_tsg_revoke_share_token_args) #define NVGPU_TSG_IOCTL_MAX_ARG_SIZE \ sizeof(struct nvgpu_tsg_bind_scheduling_domain_args) #define NVGPU_TSG_IOCTL_LAST \ - _IOC_NR(NVGPU_TSG_IOCTL_DELETE_SUBCONTEXT) + _IOC_NR(NVGPU_TSG_IOCTL_REVOKE_SHARE_TOKEN) /* * /dev/nvhost-dbg-gpu device