From d78809632f58da1a34c23ccfd4456cb889276f39 Mon Sep 17 00:00:00 2001
From: Bas Nieuwenhuizen <bas@basnieuwenhuizen.nl>
Date: Wed, 30 Oct 2019 02:54:37 +0100
Subject: [PATCH] radv: Compute hashes in secure process for secure
 compilation.

To prevent poisoning arbitrary cache entries.

Reviewed-by: Timothy Arceri <tarceri@itsqueeze.com>
---
 src/amd/vulkan/radv_pipeline.c | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/src/amd/vulkan/radv_pipeline.c b/src/amd/vulkan/radv_pipeline.c
index 9c7d5dc32ee..422b0771a79 100644
--- a/src/amd/vulkan/radv_pipeline.c
+++ b/src/amd/vulkan/radv_pipeline.c
@@ -4629,6 +4629,21 @@ radv_secure_compile(struct radv_pipeline *pipeline,
 		    const VkPipelineCreateFlags flags,
 		    unsigned num_stages)
 {
+	uint8_t allowed_pipeline_hashes[2][20];
+	radv_hash_shaders(allowed_pipeline_hashes[0], pStages,
+	                  pipeline->layout, key, get_hash_flags(device));
+
+	/* Generate the GC copy hash */
+	memcpy(allowed_pipeline_hashes[1], allowed_pipeline_hashes[0], 20);
+	allowed_pipeline_hashes[1][0] ^= 1;
+
+	uint8_t allowed_hashes[2][20];
+	for (unsigned i = 0; i < 2; ++i) {
+		disk_cache_compute_key(device->physical_device->disk_cache,
+		                       allowed_pipeline_hashes[i], 20,
+		                       allowed_hashes[i]);
+	}
+
 	unsigned process = 0;
 	uint8_t sc_threads = device->instance->num_sc_threads;
 	while (true) {
@@ -4718,6 +4733,10 @@ radv_secure_compile(struct radv_pipeline *pipeline,
 			if (!radv_sc_read(fd_secure_output, disk_sha1, sizeof(uint8_t) * 20, true))
 				return VK_ERROR_DEVICE_LOST;
 
+			if (memcmp(disk_sha1, allowed_hashes[0], 20) &&
+			    memcmp(disk_sha1, allowed_hashes[1], 20))
+				return VK_ERROR_DEVICE_LOST;
+
 			uint32_t entry_size;
 			if (!radv_sc_read(fd_secure_output, &entry_size, sizeof(uint32_t), true))
 				return VK_ERROR_DEVICE_LOST;
@@ -4736,6 +4755,10 @@ radv_secure_compile(struct radv_pipeline *pipeline,
 			if (!radv_sc_read(fd_secure_output, disk_sha1, sizeof(uint8_t) * 20, true))
 				return VK_ERROR_DEVICE_LOST;
 
+			if (memcmp(disk_sha1, allowed_hashes[0], 20) &&
+			    memcmp(disk_sha1, allowed_hashes[1], 20))
+				return VK_ERROR_DEVICE_LOST;
+
 			size_t size;
 			struct cache_entry *entry = (struct cache_entry *)
 				disk_cache_get(device->physical_device->disk_cache,
-- 
2.30.2