Commit Graph

38 Commits

Author SHA1 Message Date
Arnd Bergmann
3473b71e21 OP-TEE driver
- dual license for optee_msg.h and optee_smc.h
 Generic
 - add cancellation support to client interface
 -----BEGIN PGP SIGNATURE-----
 
 iQJOBAABCgA4FiEEcK3MsDvGvFp6zV9ztbC4QZeP7NMFAlx32w8aHGplbnMud2lr
 bGFuZGVyQGxpbmFyby5vcmcACgkQtbC4QZeP7NNr9g//czpqt3B7e2pUF46+rjLF
 MZZAQwJw1KGjAH8YcUXXWlRI6HRIWKRMohZp4ixC4Xe/OQOpl7grwcWg6j69yI+k
 EWdV/SJf6yKmxf9MwgMmh7U2bijIvQAYNd11ODZL+PZfetDLJ6U8kcNlrAGLFTAP
 MtxM+wXcmnIT/CHD0wz8hH2B8ApYTCv4E5vkPXSfZEQ2mUU7Lns0MeUzXs74zPQU
 yJgCMZnLA2JFJ3xhdi1e2gdyI4NGtAomHAQ9oIzD6rO1OU1H51L2+yFHK1G+eu6I
 uMy/bSF0RBJfM0NN9k1XPssHtgg7JrJ6kHZh9Z2knuCi0KUf75bdZE1qC+9N9uu9
 9+Qpt6IyxsRPwCgtVuKNl4KEIsxwGALG0oUwe9sBPIL1dOqZtc/bPDNME7LTAoN5
 0JWxbz0YLgNKPpkIUfs48vzVrRqHhVBbZ/SuXmOLx9w+3wY/V1xH8pHmsqKJ/0b6
 rdWXByt4Vv4YTYXVUz7ChS0ax+ZrDqocxvPFATRYXCNVlE/in/GHmR+QJkpEZnN9
 IXhvvYyv582NVYBRAVf7DZBrUIgKT8SnT66PWhiCiP2z0rK5a3CFohV6Vdl/aqyE
 1hppXuREuCbxdRTRu563yJL+v4MBfzItRp7v5xW/R8dAMPVtUMIlUyn11a4DGeWz
 WYgNf9Po3M2JT7GEvNA2VKA=
 =h0Es
 -----END PGP SIGNATURE-----

Merge tag 'tee-misc-for-v5.1' of https://git.linaro.org/people/jens.wiklander/linux-tee into arm/drivers

OP-TEE driver
- dual license for optee_msg.h and optee_smc.h
Generic
- add cancellation support to client interface

* tag 'tee-misc-for-v5.1' of https://git.linaro.org/people/jens.wiklander/linux-tee:
  tee: optee: update optee_msg.h and optee_smc.h to dual license
  tee: add cancellation support to client interface

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2019-03-01 15:01:16 +01:00
Jerome Forissier
32356d309c tee: optee: update optee_msg.h and optee_smc.h to dual license
The files optee_msg.h and optee_smc.h (under drivers/tee/optee) contain
information originating from the OP-TEE OS project [1] [2], where the
licensing terms are BSD 2-Clause. Therefore, apply a dual license to
those files.

Link: [1] https://github.com/OP-TEE/optee_os/blob/master/core/include/optee_msg.h
Link: [2] https://github.com/OP-TEE/optee_os/blob/master/core/arch/arm/include/sm/optee_smc.h
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2019-02-28 13:49:29 +01:00
YueHaibing
62ade1bed2 tee: optee: Fix unsigned comparison with less than zero
The return from the call to tee_client_invoke_func can be a
negative error code however this is being assigned to an
unsigned variable 'ret' hence the check is always false.
Fix this by making 'ret' an int.

Detected by Coccinelle ("Unsigned expression compared with zero:
ret < 0")

Fixes: c3fa24af92 ("tee: optee: add TEE bus device enumeration support")
Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2019-02-20 17:57:47 +01:00
Nathan Chancellor
50ceca6894 tee: optee: Initialize some structs using memset instead of braces
Clang warns:

drivers/tee/optee/device.c:39:31: warning: suggest braces around
initialization of subobject [-Wmissing-braces]
        struct tee_param param[4] = {0};
                                     ^
                                     {}
drivers/tee/optee/device.c:92:48: warning: suggest braces around
initialization of subobject [-Wmissing-braces]
        struct tee_ioctl_open_session_arg sess_arg = {0};
                                                      ^
                                                      {}
2 warnings generated.

One way to fix these warnings is to add additional braces like Clang
suggests; however, there has been a bit of push back from some
maintainers, who just prefer memset as it is unambiguous, doesn't
depend on a particular compiler version, and properly initializes all
subobjects [1][2]. Do that here so there are no more warnings.

[1]: https://lore.kernel.org/lkml/022e41c0-8465-dc7a-a45c-64187ecd9684@amd.com/
[2]: https://lore.kernel.org/lkml/20181128.215241.702406654469517539.davem@davemloft.net/

Fixes: c3fa24af92 ("tee: optee: add TEE bus device enumeration support")
Link: https://github.com/ClangBuiltLinux/linux/issues/370
Signed-off-by: Nathan Chancellor <natechancellor@gmail.com>
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2019-02-20 16:24:09 +01:00
Sumit Garg
c3fa24af92 tee: optee: add TEE bus device enumeration support
OP-TEE provides a pseudo TA to enumerate TAs which can act as devices/
services for TEE bus. So implement device enumeration using invoke
function: PTA_CMD_GET_DEVICES provided by pseudo TA to fetch array of
device UUIDs. Also register these enumerated devices with TEE bus as
"optee-clntX" device.

Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Daniel Thompson <daniel.thompson@linaro.org>
[jw: fix optee_enumerate_devices() with no devices found]
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2019-02-01 15:12:46 +01:00
Sumit Garg
42bf4152d8 tee: add supp_nowait flag in tee_context struct
This flag indicates that requests in this context should not wait for
tee-supplicant daemon to be started if not present and just return
with an error code. It is needed for requests which should be
non-blocking in nature like ones arising from TEE based kernel drivers
or any in kernel api that uses TEE internal client interface.

Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Daniel Thompson <daniel.thompson@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2019-02-01 15:12:46 +01:00
Olof Johansson
5e0bd98f8c OP-TEE dynamic shm log message
Adds a log message in the OP-TEE driver to inform that dynamic shared
 memory is enabled.
 -----BEGIN PGP SIGNATURE-----
 
 iQJOBAABCgA4FiEEcK3MsDvGvFp6zV9ztbC4QZeP7NMFAlwPxtcaHGplbnMud2lr
 bGFuZGVyQGxpbmFyby5vcmcACgkQtbC4QZeP7NOSWBAAgBTBOCGM28NeUPLh4xfX
 R7GdWF7XAyepWvAUCMNjbE5F5hsME4j/e+yhRiNjy14e0TKlpW4S/u0JkEyUwOPN
 dwyPicS5+6zHd5HC/bUhsLk6zhXo0W9NTq/fWUCyclCI6A0HMRQaDUgAARYjf6l0
 7A63gwudCIBRLFHdPiXd7Q79sdxmjwXUxy80Eu8kK+ZPPZfmdxue7Hm2ZZVry9Vx
 0mGUR8WreuBc6ls7CNJBSO0x0+RHkqDQCqCXI8NtNH7MQQYPutllII7pcSAzb5kS
 8VrXWjXF5o5tsdhpZ9PVjhCkpmvQg/OihaEirTGuy5U0hfO+bp2hOpX5piSzGHUT
 wf/GYgYagFyvH10ArEdgp0I4LeyqS21DuDFUGgR2I/RJg6gV4WPyj1RwOgRkW28r
 jS24UN6vEQQ+RNcle2xc7yTJEGzhJCuU4NNDOykBMUu+S1+Tg9lFrfdw4VyYxFdK
 YenbhxLbTdSIUCzHYI83nxATWfYAFjj61cA/ljRR5gIpAm1TU0bJ8/b6MVk86wiy
 SEW0xLm5FTRzybE7h1v72paWfmCxoejDItsBNlso4GCE9IbQO16UiNsqLD3p6il5
 /h1WefaRIkWfKTJ4iqjOx8dj/zWa3iYFH+LMG5H4Jo51wWl8J2UFh+doI1SfcFE7
 2NkVXBvbqhcHl9xP+LZl20Q=
 =NJ/O
 -----END PGP SIGNATURE-----

Merge tag 'tee-subsys-optee-for-4.21' of https://git.linaro.org/people/jens.wiklander/linux-tee into next/late

OP-TEE dynamic shm log message

Adds a log message in the OP-TEE driver to inform that dynamic shared
memory is enabled.

* tag 'tee-subsys-optee-for-4.21' of https://git.linaro.org/people/jens.wiklander/linux-tee:
  tee: optee: log message if dynamic shm is enabled

Signed-off-by: Olof Johansson <olof@lixom.net>
2018-12-31 13:06:30 -08:00
Victor Chong
3c15ddb97c tee: optee: log message if dynamic shm is enabled
When dynamic shared memory support is enabled in the OP-TEE Trusted
OS, it doesn't mean that the driver supports it, which can confuse
users during debugging. Log a message when dynamic shared memory is
enabled in the driver, to let users know for sure.

Suggested-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2018-12-11 14:38:40 +01:00
Zhizhou Zhang
b2d102bd01 tee: optee: avoid possible double list_del()
This bug occurs when:

- a new request arrives, one thread(let's call it A) is pending in
  optee_supp_req() with req->busy is initial value false.

- tee-supplicant is killed, then optee_supp_release() is called, this
  function calls list_del(&req->link), and set supp->ctx to NULL. And
  it also wake up process A.

- process A continues, it firstly checks supp->ctx which is NULL,
  then checks req->busy which is false, at last run list_del(&req->link).
  This triggers double list_del() and results kernel panic.

For solve this problem, we rename req->busy to req->in_queue, and
associate it with state of whether req is linked to supp->reqs. So we
can just only check req->in_queue to make decision calling list_del()
or not.

Signed-off-by: Zhizhou Zhang <zhizhouzhang@asrmicro.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2018-12-11 14:38:21 +01:00
Olof Johansson
63c65b8725 Misc enhancement for tee driver subsystem
* Adds a kernel internal tee client interface allowing other drivers
   etc to access a TEE
 * OP-TEE driver takes DT status property into account
 -----BEGIN PGP SIGNATURE-----
 
 iQJOBAABCgA4FiEEcK3MsDvGvFp6zV9ztbC4QZeP7NMFAlt/3XIaHGplbnMud2lr
 bGFuZGVyQGxpbmFyby5vcmcACgkQtbC4QZeP7NPyoQ//bWUWyySBW6Mo5yyDcsvT
 uLJWsJV8DC7ZlM8JbCR3FjOBvw1sNbf+F1tYuRZSOMQUA+gdXMObmy3bpr/yAI4r
 Ow0uYoOTmCa5aLGpE37KG8Cw2ELMRD3GWdM9ZHjyDds4u/CTROuTaC9D2EtkXCv4
 U/Yv7dQxHdDPQefu8NR3OB1SqitOr2a4bYTFmz4Rp8S3ML5YwbgBRIuG7Feb4euQ
 7Pq7PrIFsajVFgaUHGAv+/UDYFlwjn5BZk5Z6ttpBaRKUpO7qDn8O4WKxRKzyc+w
 SIrm2DWNRyNPSMzQdGXCqrYTBt+QjIUf/ILzTvwt8npb9MHBTvnJS3EPjDzz2oIU
 VurJyV3jtveC9uVlHKlNvfFOmqUj2nldHvHTz9opKimaO+3U75gSM8t50qI5CxB5
 62wdyoo+bFSTm7NBBHx6SfI6mS4rP+aFN1MIqtn8j1A7SOgjug+11sx3u4jHEUw6
 JNzGl8PPLTZQ4VtRrww1v1F/YZcS88iaoeRbRYAOGpCaOYymHfjuMRA4LrTbELOV
 1hdlMkXApUtXr0eojrzHmiqrcVihzdKUMOs4lo/2kMk05FV/tstQWG6wwq5IbBAF
 ltAMkQ4lDvSPO3B3eFbTrI0LDFLmL8PvnesVfSzm9trw+uxnfGXGncqMN6whA/B5
 41iAlZNo9Q8QW/jh34uDhXg=
 =E7jv
 -----END PGP SIGNATURE-----

Merge tag 'tee-drv-for-4.20' of git://git.linaro.org/people/jens.wiklander/linux-tee into next/drivers

Misc enhancement for tee driver subsystem

* Adds a kernel internal tee client interface allowing other drivers
  etc to access a TEE
* OP-TEE driver takes DT status property into account

* tag 'tee-drv-for-4.20' of git://git.linaro.org/people/jens.wiklander/linux-tee:
  tee: add kernel internal client interface
  tee: optee: take DT status property into account

Signed-off-by: Olof Johansson <olof@lixom.net>
2018-08-26 16:27:32 -07:00
Ard Biesheuvel
db878f76b9 tee: optee: take DT status property into account
DT nodes may have a 'status' property which, if set to anything other
than 'ok' or 'okay', indicates to the OS that the DT node should be
treated as if it was not present. So add that missing logic to the
OP-TEE driver.

Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2018-08-24 11:55:18 +02:00
Sahil Malhotra
3249527f19 tee: optee: making OPTEE_SHM_NUM_PRIV_PAGES configurable via Kconfig
This change adds KCONFIG option to set number of pages out of
whole shared memory to be used for OP-TEE driver private data
structures.

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
[jw: fixing trivial merge conflict]
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2018-06-20 11:20:36 +02:00
Arnd Bergmann
cf89fe88a6 tee: replace getnstimeofday64() with ktime_get_real_ts64()
The two do the same thing, but we want to have a consistent
naming in the kernel.

Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2018-06-19 16:37:14 +02:00
Jérôme Forissier
5c5f80307a tee: optee: report OP-TEE revision information
When the driver initializes, report the following information
about the OP-TEE OS:
- major and minor version,
- build identifier (if available).

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Matthias Brugger <mbruger@suse.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2018-03-06 11:03:55 +01:00
Jérôme Forissier
6e112de042 tee: optee: GET_OS_REVISION: document a2 as a build identifier
In the OPTEE_SMC_CALL_GET_OS_REVISION request, the previously reserved
parameter a2 is now documented as being an optional build identifier
(such as an SCM revision or commit ID, for instance).

A new structure optee_smc_call_get_os_revision_result is introduced to
be used when querying the secure OS version, instead of re-using the
struct defined for OPTEE_SMC_CALLS_REVISION.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Matthias Brugger <mbruger@suse.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2018-03-06 11:03:55 +01:00
Olof Johansson
ffdc98c4f2 This pull request updates the previous tee-drv-dynamic-shm-for-v4.16 pull
request with five new patches fixing review comments and errors.
 
 Apart from three small fixes there's two larger patches that in the end
 checks that memory to be registered really is normal cached memory.
 -----BEGIN PGP SIGNATURE-----
 
 iQI3BAABCgAhBQJaVzZeGhxqZW5zLndpa2xhbmRlckBsaW5hcm8ub3JnAAoJELWw
 uEGXj+zTbVMQAOK22g34O1EouTBpFvw/Ch4aZ7AFr+NoXxyphhIeg/4RpWwCpiCY
 +xDBv4aHk6Opv0uhWGJJHMzRgE6eNYjLVVd8tGpDtRdqQWJP0MYVH2sHu5bnfJZS
 LfDUk+t2ULxgzVvIBvyccslTSAGqc5K0mnzW3DXrwkKtRmpfl27tg/OFph08lHni
 dhAOeW4m6PGWcWlQklDlpykTt8KUHMaIx5eNx+IBCYDcfQkev3Te49EwDK05ObjU
 MC6M1rZJmzb28UumkUC1B8nyS/PqxB8xrkyqYqehic6eBH9WIAn+paaLgSjocvqc
 gXwScaTNyniUPBMR73sNyARzpYgI0CvcqJ9R0uIGlSmwj9LQqrc0vtiJAR0YDeir
 FzweH8uhkU2qhZjH3WSoLGS4CSm2scIhEE3jbHpRjDdqvajoQBbOxPKusQnIjs/p
 iDZwYKuvH2f7TQtdwigT36k7KP0688LRSUrp7CeY7sIlzj0M3CLEzU/5OORBgqIl
 5KyOt6R8aVbQtABDBnzqIn1BYqA05KWzZFqwlDPckCNfBjgHd45rz4HGvwqCf9JI
 dKZ3VZDtBOeQIpBRj02mbEn0mUhDyztd7we+WkzTz0AxmEAw8r8yn1035WhZILGw
 ntXMk4PX9uVwQxReE0n1Gyv5UxCP1u+RMGE7G3hQoDBGNdhGxHw9bDqV
 =0+NS
 -----END PGP SIGNATURE-----

Merge tag 'tee-drv-dynamic-shm+fixes-for-v4.16' of https://git.linaro.org/people/jens.wiklander/linux-tee into next/drivers

This pull request updates the previous tee-drv-dynamic-shm-for-v4.16 pull
request with five new patches fixing review comments and errors.

Apart from three small fixes there's two larger patches that in the end
checks that memory to be registered really is normal cached memory.

* tag 'tee-drv-dynamic-shm+fixes-for-v4.16' of https://git.linaro.org/people/jens.wiklander/linux-tee:
  tee: shm: Potential NULL dereference calling tee_shm_register()
  tee: shm: don't put_page on null shm->pages
  tee: shm: make function __tee_shm_alloc static
  tee: optee: check type of registered shared memory
  tee: add start argument to shm_register callback

Signed-off-by: Olof Johansson <olof@lixom.net>
2018-01-11 18:05:06 -08:00
Jens Wiklander
cdbcf83d29 tee: optee: check type of registered shared memory
Checks the memory type of the pages to be registered as shared memory.
Only normal cached memory is allowed.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2017-12-28 13:21:27 +01:00
Jens Wiklander
95ffe4ca43 tee: add start argument to shm_register callback
Adds a start argument to the shm_register callback to allow the callback
to check memory type of the passed pages.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2017-12-28 10:08:00 +01:00
Arnd Bergmann
f681e08f67 tee: optee: fix header dependencies
The optee driver includes the header files in an unusual order,
with asm/pgtable.h before the linux/*.h headers. For some reason
this seems to trigger a build failure:

drivers/tee/optee/call.c: In function 'optee_fill_pages_list':
include/asm-generic/memory_model.h:64:14: error: implicit declaration of function 'page_to_section'; did you mean '__nr_to_section'? [-Werror=implicit-function-declaration]
  int __sec = page_to_section(__pg);   \
drivers/tee/optee/call.c:494:15: note: in expansion of macro 'page_to_phys'
  optee_page = page_to_phys(*pages) +

Let's just include linux/mm.h, which will then get the other
header implicitly.

Fixes: 3bb48ba5cd ("tee: optee: add page list manipulation functions")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2017-12-21 21:18:25 +01:00
Arnd Bergmann
bad19e0d04 This pull request enables dynamic shared memory support in the TEE
subsystem as a whole and in OP-TEE in particular.
 
 Global Platform TEE specification [1] allows client applications
 to register part of own memory as a shared buffer between
 application and TEE. This allows fast zero-copy communication between
 TEE and REE. But current implementation of TEE in Linux does not support
 this feature.
 
 Also, current implementation of OP-TEE transport uses fixed size
 pre-shared buffer for all communications with OP-TEE OS. This is okay
 in the most use cases. But this prevents use of OP-TEE in virtualized
 environments, because:
  a) We can't share the same buffer between different virtual machines
  b) Physically contiguous memory as seen by VM can be non-contiguous
     in reality (and as seen by OP-TEE OS) due to second stage of
     MMU translation.
  c) Size of this pre-shared buffer is limited.
 
 So, first part of this pull request adds generic register/unregister
 interface to tee subsystem. The second part adds necessary features into
 OP-TEE driver, so it can use not only static pre-shared buffer, but
 whole RAM to communicate with OP-TEE OS.
 
 This change is backwards compatible allowing older secure world or
 user space to work with newer kernels and vice versa.
 
 [1] https://www.globalplatform.org/specificationsdevice.asp
 -----BEGIN PGP SIGNATURE-----
 
 iQI3BAABCgAhBQJaM8X7GhxqZW5zLndpa2xhbmRlckBsaW5hcm8ub3JnAAoJELWw
 uEGXj+zThYsQAMPsMwvV977gLCnFxSZuIh1qnK5sXabpe4ITVOaUaxyCIoKAcROX
 exFdo1l+4UrOaEA9o06IROnHczCEz7IvGcPVYCB13tHwyfPsuicrdM0b/hm2Mehx
 MGYDsm3ZjnUTcZxGMNHYvCunNi84Rt1yOC8Mdx4kPhCI8ZCDqb9pV/Bb5wNLnkXS
 lXP/+EAkF0ECj88JUhgunkvL96QyK/PROCNUMWansB1RwglvyWy7IS/r03BW9Cpi
 4Mtiywmj/KZO9To4LvWhPiX5xvdxe+VxXUD6BW9hVVOxmXGSTEwr9YYr0f7qWH5q
 HeTLzkOsRQ+uHkaSLZOJ1HkIsP0sYQ7tR6OaipAEMJIN87ktGr45uuxaMnJCV1Z/
 tiKkGKJq9VISa7LA0Fv3nLhfYo8/jHiV/dV77FTreHhWimtVl3aiIkon+P/VSA7W
 Qstkq/v+djZXSmJ+dAcaRdukufWLUB4xhl27isnmaVjToFUHJH36wM9smtgXFygv
 DL8+5UBgsWPOlpJkIsTD/dwiQK+CeG4/SASgfe5DV7GVh+Z+71E2V40UQ9JoUROa
 Y33tPFWg07gG3cHAZYugKG2ucf4Yy3GXh5xZnjIq0Ye1U3/TnbK543V1y2N45vx0
 xBWJFFh2blKD04QPynBFqKPKNc5d//OgeK3m4PBTYk2GoGIvnc5YxPTq
 =3iwl
 -----END PGP SIGNATURE-----

Merge tag 'tee-drv-dynamic-shm-for-v4.16' of https://git.linaro.org/people/jens.wiklander/linux-tee into next/drivers

Pull "tee dynamic shm for v4.16" from Jens Wiklander:

This pull request enables dynamic shared memory support in the TEE
subsystem as a whole and in OP-TEE in particular.

Global Platform TEE specification [1] allows client applications
to register part of own memory as a shared buffer between
application and TEE. This allows fast zero-copy communication between
TEE and REE. But current implementation of TEE in Linux does not support
this feature.

Also, current implementation of OP-TEE transport uses fixed size
pre-shared buffer for all communications with OP-TEE OS. This is okay
in the most use cases. But this prevents use of OP-TEE in virtualized
environments, because:
 a) We can't share the same buffer between different virtual machines
 b) Physically contiguous memory as seen by VM can be non-contiguous
    in reality (and as seen by OP-TEE OS) due to second stage of
    MMU translation.
 c) Size of this pre-shared buffer is limited.

So, first part of this pull request adds generic register/unregister
interface to tee subsystem. The second part adds necessary features into
OP-TEE driver, so it can use not only static pre-shared buffer, but
whole RAM to communicate with OP-TEE OS.

This change is backwards compatible allowing older secure world or
user space to work with newer kernels and vice versa.

[1] https://www.globalplatform.org/specificationsdevice.asp

* tag 'tee-drv-dynamic-shm-for-v4.16' of https://git.linaro.org/people/jens.wiklander/linux-tee:
  tee: shm: inline tee_shm_get_id()
  tee: use reference counting for tee_context
  tee: optee: enable dynamic SHM support
  tee: optee: add optee-specific shared pool implementation
  tee: optee: store OP-TEE capabilities in private data
  tee: optee: add registered buffers handling into RPC calls
  tee: optee: add registered shared parameters handling
  tee: optee: add shared buffer registration functions
  tee: optee: add page list manipulation functions
  tee: optee: Update protocol definitions
  tee: shm: add page accessor functions
  tee: shm: add accessors for buffer size and page offset
  tee: add register user memory
  tee: flexible shared memory pool creation
2017-12-21 17:23:52 +01:00
Arnd Bergmann
a8e9f5f672 Enable async communication with tee supplicant
This pull request enables asynchronous communication with TEE supplicant
 by introducing meta parameters in the user space API. The meta
 parameters can be used to tag requests with an id that can be matched
 against an asynchronous response as is done here in the OP-TEE driver.
 
 Asynchronous supplicant communication is needed by OP-TEE to implement
 GlobalPlatforms TEE Sockets API Specification v1.0.1. The specification
 is available at https://www.globalplatform.org/specificationsdevice.asp.
 
 This change is backwards compatible allowing older supplicants to work
 with newer kernels and vice versa.
 -----BEGIN PGP SIGNATURE-----
 
 iQI3BAABCgAhBQJaHoIkGhxqZW5zLndpa2xhbmRlckBsaW5hcm8ub3JnAAoJELWw
 uEGXj+zTdtoP/2/Og5YP0Xad0oRINgWJO/YnXT+kTHTHf35RuFA7LFbHdMNl4ZYx
 h7vTiHdgA1Bper+2ljLZdu2R36/za6LLVnof4p9WPDLueSJgH71jDMC3jVO0r1C7
 SydYuCUtcdNTNObSSy3SJVdMZtCyXA+p3Z1VLdP9E3fSVYg/36JH9clqkB/LrTC+
 NTC1w/g3cBcNIGj6kToPDwyXtKOk/9fMK7e4ylinscX0LyDmWTZyYRGrzB2gaek0
 Xk1fSEprX5jor99GdU1WtYuO/6hk1T1LglD/L0ROO++7RQYZiAyO6Lgfyi6mvlMi
 3oxuZRI3JZRR5hdzBzwxTpQGVVxj8ukYD/PFX0pBbw1XA9W9+gK7Du5OLmp4WZ+b
 t2Eg18pWivcRCmglpoS+VsirQkXT36ElCpHAK0QZ4gB2gVPFvNBjlFPD4xa5FsLw
 urO35ZLlj7b9VuEQQSJjif5FDc3sCyBlRuFQ1XCMXOeBULel8gnuWwyJRwwYhxIJ
 /moFkylFqOwewZui1oC1gmXCo/ud4xIw79+8HPN7ISves/bfJtDaMRK+YAFbPshl
 MbYCqRsr+B5o0MrFZbx+ofUNeJeh3Wwk/zdYoxTfRDGJ9ILBixBKCtPEmjX2MJGi
 Y66jiw73Yo0RsVTS3IO6sxFxsBi1mfGlpkUg4/pclr8Ijw71lc5msHkv
 =jsDo
 -----END PGP SIGNATURE-----

Merge tag 'tee-drv-async-supplicant-for-v4.16' of https://git.linaro.org/people/jens.wiklander/linux-tee into next/drivers

Pull "Enable async communication with tee supplicant" from Jens Wiklander:

This pull request enables asynchronous communication with TEE supplicant
by introducing meta parameters in the user space API. The meta
parameters can be used to tag requests with an id that can be matched
against an asynchronous response as is done here in the OP-TEE driver.

Asynchronous supplicant communication is needed by OP-TEE to implement
GlobalPlatforms TEE Sockets API Specification v1.0.1. The specification
is available at https://www.globalplatform.org/specificationsdevice.asp.

This change is backwards compatible allowing older supplicants to work
with newer kernels and vice versa.

* tag 'tee-drv-async-supplicant-for-v4.16' of https://git.linaro.org/people/jens.wiklander/linux-tee:
  optee: support asynchronous supplicant requests
  tee: add TEE_IOCTL_PARAM_ATTR_META
  tee: add tee_param_is_memref() for driver use
2017-12-21 16:02:07 +01:00
Volodymyr Babchuk
f58e236c9d tee: optee: enable dynamic SHM support
Previous patches added various features that are needed for dynamic SHM.
Dynamic SHM allows Normal World to share any buffers with OP-TEE.
While original design suggested to use pre-allocated region (usually of
1M to 2M of size), this new approach allows to use all non-secure RAM for
command buffers, RPC allocations and TA parameters.

This patch checks capability OPTEE_SMC_SEC_CAP_DYNAMIC_SHM. If it was set
by OP-TEE, then kernel part of OP-TEE will use kernel page allocator
to allocate command buffers. Also it will set TEE_GEN_CAP_REG_MEM
capability to tell userspace that it supports shared memory registration.

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2017-12-15 13:36:17 +01:00
Volodymyr Babchuk
abd135ba21 tee: optee: add optee-specific shared pool implementation
This is simple pool that uses kernel page allocator. This pool can be
used in case OP-TEE supports dynamic shared memory.

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2017-12-15 13:36:17 +01:00
Volodymyr Babchuk
d885cc5e07 tee: optee: store OP-TEE capabilities in private data
Those capabilities will be used in subsequent patches.

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2017-12-15 13:36:16 +01:00
Volodymyr Babchuk
53a107c812 tee: optee: add registered buffers handling into RPC calls
With latest changes to OP-TEE we can use any buffers as a shared memory.
Thus, it is possible for supplicant to provide part of own memory
when OP-TEE asks to allocate a shared buffer.

This patch adds support for such feature into RPC handling code.
Now when OP-TEE asks supplicant to allocate shared buffer, supplicant
can use TEE_IOC_SHM_REGISTER to provide such buffer. RPC handler is
aware of this, so it will pass list of allocated pages to OP-TEE.

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
[jw: fix parenthesis alignment in free_pages_list()]
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2017-12-15 13:35:37 +01:00
Volodymyr Babchuk
64cf9d8a67 tee: optee: add registered shared parameters handling
Now, when client applications can register own shared buffers in OP-TEE,
we need to extend ABI for parameter passing to/from OP-TEE.

So, if OP-TEE core detects that parameter belongs to registered shared
memory, it will use corresponding parameter attribute.

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2017-12-15 13:32:32 +01:00
Volodymyr Babchuk
06ca79179c tee: optee: add shared buffer registration functions
This change adds ops for shm_(un)register functions in tee interface.
Client application can use these functions to (un)register an own shared
buffer in OP-TEE address space. This allows zero copy data sharing between
Normal and Secure Worlds.

Please note that while those functions were added to optee code,
it does not report to userspace that those functions are available.
OP-TEE code does not set TEE_GEN_CAP_REG_MEM flag. This flag will be
enabled only after all other features of dynamic shared memory will be
implemented in subsequent patches. Of course user can ignore presence of
TEE_GEN_CAP_REG_MEM flag and try do call those functions. This is okay,
driver will register shared buffer in OP-TEE, but any attempts to use
this shared buffer will fail.

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2017-12-15 13:32:32 +01:00
Volodymyr Babchuk
3bb48ba5cd tee: optee: add page list manipulation functions
These functions will be used to pass information about shared
buffers to OP-TEE. ABI between Linux and OP-TEE is defined
in optee_msg.h and optee_smc.h.

optee_msg.h defines OPTEE_MSG_ATTR_NONCONTIG attribute
for shared memory references and describes how such references
should be passed. Note that it uses 64-bit page addresses even
on 32 bit systems. This is done to support LPAE and to unify
interface.

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
[jw: replacing uint64_t with u64 in optee_fill_pages_list()]
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2017-12-15 13:32:31 +01:00
Volodymyr Babchuk
de5c6dfc43 tee: optee: Update protocol definitions
There were changes in REE<->OP-TEE ABI recently.
Now ABI allows us to pass non-contiguous memory buffers as list of
pages to OP-TEE. This can be achieved by using new parameter attribute
OPTEE_MSG_ATTR_NONCONTIG.

OP-TEE also is able to use all non-secure RAM for shared buffers. This
new capability is enabled with OPTEE_SMC_SEC_CAP_DYNAMIC_SHM flag.

This patch adds necessary definitions to the protocol definition files at
Linux side.

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2017-12-15 13:32:31 +01:00
Jens Wiklander
1647a5ac17 optee: support asynchronous supplicant requests
Adds support for asynchronous supplicant requests, meaning that the
supplicant can process several requests in parallel or block in a
request for some time.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Etienne Carriere <etienne.carriere@linaro.org> (b2260 pager=y/n)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2017-11-29 10:37:13 +01:00
Jens Wiklander
f2aa97240c tee: add TEE_IOCTL_PARAM_ATTR_META
Adds TEE_IOCTL_PARAM_ATTR_META which can be used to indicate meta
parameters when communicating with user space. These meta parameters can
be used by supplicant support multiple parallel requests at a time.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2017-11-29 10:37:13 +01:00
Jens Wiklander
f044113113 optee: fix invalid of_node_put() in optee_driver_init()
The first node supplied to of_find_matching_node() has its reference
counter decreased as part of call to that function. In optee_driver_init()
after calling of_find_matching_node() it's invalid to call of_node_put() on
the supplied node again.

So remove the invalid call to of_node_put().

Reported-by: Alex Shi <alex.shi@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2017-11-29 10:24:57 +01:00
Greg Kroah-Hartman
b24413180f License cleanup: add SPDX GPL-2.0 license identifier to files with no license
Many source files in the tree are missing licensing information, which
makes it harder for compliance tools to determine the correct license.

By default all files without license information are under the default
license of the kernel, which is GPL version 2.

Update the files which contain no license information with the 'GPL-2.0'
SPDX license identifier.  The SPDX identifier is a legally binding
shorthand, which can be used instead of the full boiler plate text.

This patch is based on work done by Thomas Gleixner and Kate Stewart and
Philippe Ombredanne.

How this work was done:

Patches were generated and checked against linux-4.14-rc6 for a subset of
the use cases:
 - file had no licensing information it it.
 - file was a */uapi/* one with no licensing information in it,
 - file was a */uapi/* one with existing licensing information,

Further patches will be generated in subsequent months to fix up cases
where non-standard license headers were used, and references to license
had to be inferred by heuristics based on keywords.

The analysis to determine which SPDX License Identifier to be applied to
a file was done in a spreadsheet of side by side results from of the
output of two independent scanners (ScanCode & Windriver) producing SPDX
tag:value files created by Philippe Ombredanne.  Philippe prepared the
base worksheet, and did an initial spot review of a few 1000 files.

The 4.13 kernel was the starting point of the analysis with 60,537 files
assessed.  Kate Stewart did a file by file comparison of the scanner
results in the spreadsheet to determine which SPDX license identifier(s)
to be applied to the file. She confirmed any determination that was not
immediately clear with lawyers working with the Linux Foundation.

Criteria used to select files for SPDX license identifier tagging was:
 - Files considered eligible had to be source code files.
 - Make and config files were included as candidates if they contained >5
   lines of source
 - File already had some variant of a license header in it (even if <5
   lines).

All documentation files were explicitly excluded.

The following heuristics were used to determine which SPDX license
identifiers to apply.

 - when both scanners couldn't find any license traces, file was
   considered to have no license information in it, and the top level
   COPYING file license applied.

   For non */uapi/* files that summary was:

   SPDX license identifier                            # files
   ---------------------------------------------------|-------
   GPL-2.0                                              11139

   and resulted in the first patch in this series.

   If that file was a */uapi/* path one, it was "GPL-2.0 WITH
   Linux-syscall-note" otherwise it was "GPL-2.0".  Results of that was:

   SPDX license identifier                            # files
   ---------------------------------------------------|-------
   GPL-2.0 WITH Linux-syscall-note                        930

   and resulted in the second patch in this series.

 - if a file had some form of licensing information in it, and was one
   of the */uapi/* ones, it was denoted with the Linux-syscall-note if
   any GPL family license was found in the file or had no licensing in
   it (per prior point).  Results summary:

   SPDX license identifier                            # files
   ---------------------------------------------------|------
   GPL-2.0 WITH Linux-syscall-note                       270
   GPL-2.0+ WITH Linux-syscall-note                      169
   ((GPL-2.0 WITH Linux-syscall-note) OR BSD-2-Clause)    21
   ((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause)    17
   LGPL-2.1+ WITH Linux-syscall-note                      15
   GPL-1.0+ WITH Linux-syscall-note                       14
   ((GPL-2.0+ WITH Linux-syscall-note) OR BSD-3-Clause)    5
   LGPL-2.0+ WITH Linux-syscall-note                       4
   LGPL-2.1 WITH Linux-syscall-note                        3
   ((GPL-2.0 WITH Linux-syscall-note) OR MIT)              3
   ((GPL-2.0 WITH Linux-syscall-note) AND MIT)             1

   and that resulted in the third patch in this series.

 - when the two scanners agreed on the detected license(s), that became
   the concluded license(s).

 - when there was disagreement between the two scanners (one detected a
   license but the other didn't, or they both detected different
   licenses) a manual inspection of the file occurred.

 - In most cases a manual inspection of the information in the file
   resulted in a clear resolution of the license that should apply (and
   which scanner probably needed to revisit its heuristics).

 - When it was not immediately clear, the license identifier was
   confirmed with lawyers working with the Linux Foundation.

 - If there was any question as to the appropriate license identifier,
   the file was flagged for further research and to be revisited later
   in time.

In total, over 70 hours of logged manual review was done on the
spreadsheet to determine the SPDX license identifiers to apply to the
source files by Kate, Philippe, Thomas and, in some cases, confirmation
by lawyers working with the Linux Foundation.

Kate also obtained a third independent scan of the 4.13 code base from
FOSSology, and compared selected files where the other two scanners
disagreed against that SPDX file, to see if there was new insights.  The
Windriver scanner is based on an older version of FOSSology in part, so
they are related.

Thomas did random spot checks in about 500 files from the spreadsheets
for the uapi headers and agreed with SPDX license identifier in the
files he inspected. For the non-uapi files Thomas did random spot checks
in about 15000 files.

In initial set of patches against 4.14-rc6, 3 files were found to have
copy/paste license identifier errors, and have been fixed to reflect the
correct identifier.

Additionally Philippe spent 10 hours this week doing a detailed manual
inspection and review of the 12,461 patched files from the initial patch
version early this week with:
 - a full scancode scan run, collecting the matched texts, detected
   license ids and scores
 - reviewing anything where there was a license detected (about 500+
   files) to ensure that the applied SPDX license was correct
 - reviewing anything where there was no detection but the patch license
   was not GPL-2.0 WITH Linux-syscall-note to ensure that the applied
   SPDX license was correct

This produced a worksheet with 20 files needing minor correction.  This
worksheet was then exported into 3 different .csv files for the
different types of files to be modified.

These .csv files were then reviewed by Greg.  Thomas wrote a script to
parse the csv files and add the proper SPDX tag to the file, in the
format that the file expected.  This script was further refined by Greg
based on the output to detect more types of files automatically and to
distinguish between header and source .c files (which need different
comment types.)  Finally Greg ran the script using the .csv files to
generate the patches.

Reviewed-by: Kate Stewart <kstewart@linuxfoundation.org>
Reviewed-by: Philippe Ombredanne <pombredanne@nexb.com>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-11-02 11:10:55 +01:00
David Wang
39e6519a3f tee: optee: sync with new naming of interrupts
In the latest changes of optee_os, the interrupts' names are
changed to "native" and "foreign" interrupts.

Signed-off-by: David Wang <david.wang@arm.com>
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2017-08-04 10:30:27 +02:00
tiger-yu99
a9980e947e tee: optee: interruptible RPC sleep
Prior to this patch RPC sleep was uninterruptible since msleep() is
uninterruptible. Change to use msleep_interruptible() instead.

Signed-off-by: Tiger Yu <tigeryu99@hotmail.com>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2017-08-04 10:30:27 +02:00
Bhumika Goyal
96e72ddeec tee: optee: add const to tee_driver_ops and tee_desc structures
Add const to tee_desc structures as they are only passed as an argument
to the function tee_device_alloc. This argument is of type const, so
declare these structures as const too.
Add const to tee_driver_ops structures as they are only stored in the
ops field of a tee_desc structure. This field is of type const, so
declare these structure types as const.

Signed-off-by: Bhumika Goyal <bhumirks@gmail.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2017-08-04 10:30:27 +02:00
Jens Wiklander
efb14036bd tee: optee: fix uninitialized symbol 'parg'
Fixes the static checker warning in optee_release().
error: uninitialized symbol 'parg'.

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2017-08-04 10:30:27 +02:00
Jens Wiklander
4fb0a5eb36 tee: add OP-TEE driver
Adds a OP-TEE driver which also can be compiled as a loadable module.

* Targets ARM and ARM64
* Supports using reserved memory from OP-TEE as shared memory
* Probes OP-TEE version using SMCs
* Accepts requests on privileged and unprivileged device
* Uses OPTEE message protocol version 2 to communicate with secure world

Acked-by: Andreas Dannenberg <dannenberg@ti.com>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey)
Tested-by: Volodymyr Babchuk <vlad.babchuk@gmail.com> (RCAR H3)
Tested-by: Scott Branden <scott.branden@broadcom.com>
Reviewed-by: Javier González <javier@javigon.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2017-03-10 14:51:52 +01:00