This adds support for asynchronous notifications from OP-TEE in secure
world to the OP-TEE driver. This allows a design with a top half and bottom
half type of driver where the top half runs in secure interrupt context and
a notifications tells normal world to schedule a yielding call to do the
bottom half processing.
An interrupt is used to notify the driver that there are asynchronous
* Rebased on v5.14-rc2 which made the patch "dt-bindings: arm: Convert
optee binding to json-schema" from the V2 patch set obsolete.
* Applied Ard's Acked-by on "optee: add asynchronous notifications"
* Added documentation
* Converted optee bindings to json-schema and added interrupt property
* Configure notification interrupt from DT instead of getting it
from secure world, suggested by Ard Biesheuvel <ardb(a)kernel.org>.
Jens Wiklander (6):
docs: staging/tee.rst: add a section on OP-TEE notifications
dt-bindings: arm: optee: add interrupt property
tee: fix put order in teedev_close_context()
tee: add tee_dev_open_helper() primitive
optee: separate notification functions
optee: add asynchronous notifications
.../arm/firmware/linaro,optee-tz.yaml | 4 +
Documentation/staging/tee.rst | 27 +++
drivers/tee/optee/Makefile | 1 +
drivers/tee/optee/call.c | 27 +++
drivers/tee/optee/core.c | 87 +++++--
drivers/tee/optee/notif.c | 226 ++++++++++++++++++
drivers/tee/optee/optee_msg.h | 9 +
drivers/tee/optee/optee_private.h | 23 +-
drivers/tee/optee/optee_rpc_cmd.h | 31 +--
drivers/tee/optee/optee_smc.h | 75 +++++-
drivers/tee/optee/rpc.c | 73 +-----
drivers/tee/tee_core.c | 37 ++-
include/linux/tee_drv.h | 27 +++
13 files changed, 523 insertions(+), 124 deletions(-)
create mode 100644 drivers/tee/optee/notif.c
[BCC all OP-TEE maintainers]
Hi OP-TEE maintainers & contributors,
OP-TEE v3.15.0 is scheduled to be released on 2021-10-15. So, now is
a good time to start testing the master branch on the various platforms
and report/fix any bugs.
The GitHub pull request for collecting Tested-by tags or any other
comments is https://github.com/OP-TEE/optee_os/pull/4880
As usual, we will create a release candidate tag one week before the
release date for final testing.
In addition to that you can find some additional information related to
releases here: https://optee.readthedocs.io/en/latest/general/releases.html
Hello arm-soc maintainers,
Please pull this small OP-TEE driver fix for the shared memory pool
handler. The fix doesn't change the generated code, but it's still relevant
since the problem obviously triggers warnings with some tools.
The following changes since commit 7d2a07b769330c34b4deabeed939325c77a7ec2f:
Linux 5.14 (2021-08-29 15:04:50 -0700)
are available in the Git repository at:
for you to fetch changes up to 88a3856c0a8c03188db7913f4d49379432fe1f93:
tee/optee/shm_pool: fix application of sizeof to pointer (2021-09-14 07:54:56 +0200)
Fix OP-TEE shm_pool lint warning
jing yangyang (1):
tee/optee/shm_pool: fix application of sizeof to pointer
drivers/tee/optee/shm_pool.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
This adds supports for the OP-TEE driver to communicate with secure world
using FF-A  as transport.
There is one change to the TEE subsystem with "tee: add sec_world_id to
struct tee_shm" to add support for holding globally unique handle assigned
by the FF-A. This is a field that I believe could useful for the AMDTEE
For communication the OP-TEE message protocol is still used, but with a new
type of memory reference, struct optee_msg_param_fmem, to carry the
information needed by FF-A. The OP-TEE driver is refactored internally with
to sets of callbacks, one for the old SMC based communication and another
set with FF-A as transport. The functions relating to the SMC based ABI
are moved to smc_abi.c while the FF-A based ABI is added in a ffa_abi.c.
There is also a difference in how the drivers are instantiated. With the
SMC based transport we have a platform driver, module_platform_driver(),
today which we're keeping as is for this configuration. In a FF-A system we
have a FF-A driver, module_ffa_driver(), instead.
The OP-TEE driver can be compiled for both targets at the same time and
it's up to runtime configuration (device tree or ACPI) to decide how it's
initialized. Note that it's only the old SMC based driver instance that
need device tree or ACPI to initialize. The FF-A based driver relies on the
FF-A bus instead.
This can be tested QEMU
The repo for SPMC at S-EL1 retrieved by
repo init -u https://github.com/jenswi-linaro/manifest.git -m
qemu_v8.xml -b ffav4_spmc
# Then checkout the branch optee_ffa_v5 from
# in the linux directory
To build do:
Test with xtest, perhaps only with the command "xtest 1004" in case you're
not interested in too many tests.
- Rebased on v5.14, tricky conflicts primarily between "optee: isolate smc
abi" and mostly 376e4199e327 "tee: Correct inappropriate usage of
TEE_SHM_DMA_BUF flag" but also with the other kexec fixes that went into
- Addressing comments from Sumit and applying
Reviewed-by: Sumit Garg <sumit.garg(a)linaro.org> on "optee: isolate smc abi"
- Addressing comments from Sumit and applying
Acked-by: Sumit Garg <sumit.garg(a)linaro.org> on "optee: add FF-A support"
- Made a bit more RPC code common between the SMC and FF-A ABIs as
requested by Sumit.
- Replaced module_platform_driver() with module_init()/module_exit() as
described in the commit "optee: isolate smc abi".
- Applied Sumit's R-B for the commits "tee: add sec_world_id to struct
tee_shm", "optee: simplify optee_release()", and "optee: refactor driver
with internal callbacks"
- Rebased on 5.14-rc2 which now have the FF-A patches merged
- Fixed a couple bugs in optee_shm_register() and optee_shm_unregister()
which where introduced in "optee: refactor driver with internal callbacks"
in previous the version.
- Separated SMC ABI specifics into smc_abi.c to keep it separated from
the FF-A ABI functions as requested by Sumit.
- Added the FF-A specifics in ffa_abi.c
- Provided an implementation for optee_ffa_remove()
- Rebased to the FF-A v7 patch
- Fixed a couple of reports from kernel test robot <lkp(a)intel.com>
Jens Wiklander (5):
tee: add sec_world_id to struct tee_shm
optee: simplify optee_release()
optee: refactor driver with internal callbacks
optee: isolate smc abi
optee: add FF-A support
drivers/tee/optee/Makefile | 7 +-
drivers/tee/optee/call.c | 445 ++--------
drivers/tee/optee/core.c | 719 ++-------------
drivers/tee/optee/ffa_abi.c | 907 +++++++++++++++++++
drivers/tee/optee/optee_ffa.h | 153 ++++
drivers/tee/optee/optee_msg.h | 27 +-
drivers/tee/optee/optee_private.h | 163 +++-
drivers/tee/optee/rpc.c | 237 +----
drivers/tee/optee/shm_pool.c | 101 ---
drivers/tee/optee/shm_pool.h | 14 -
drivers/tee/optee/smc_abi.c | 1360 +++++++++++++++++++++++++++++
include/linux/tee_drv.h | 7 +-
12 files changed, 2732 insertions(+), 1408 deletions(-)
create mode 100644 drivers/tee/optee/ffa_abi.c
create mode 100644 drivers/tee/optee/optee_ffa.h
delete mode 100644 drivers/tee/optee/shm_pool.c
delete mode 100644 drivers/tee/optee/shm_pool.h
create mode 100644 drivers/tee/optee/smc_abi.c
I met an issue when testing OP-TEE with the latest released kernel
(v5.14). The kernel won't boot when virtualization is enabled. More
precisely, the boot hangs as the optee driver is probed. The last line
on the console is:
[xxx] optee: probing for conduit method.
The issue can easily be reproduced in the QEMU OP-TEE environment as
documented in :
$ repo init -u https://github.com/OP-TEE/manifest.git -m qemu_v8.xml
$ repo sync -j10
$ cd linux
$ git fetch github --unshallow
$ git checkout v5.14
$ cd ../build
$ make -j2 toolchains
$ make -j10 XEN_BOOT=y run
[Note, if you switch between XEN_BOOT=y and the default build, you need
to "make arm-tf-clean"]
git bisect points at commit b5c10dd04b74 ("optee: Clear stale cache
entries during initialization") and reverting this commit on top of
v5.14 does resolve the issue.
Any idea what's wrong?
Commit ef30482b4ad6 ("plat-vexpress: FF-A: update secondary core init")
updated secondary core init for the vexpress platform. In the process,
it used FFA_SECONDARY_EP_REGISTER with FID 0xC4000084 based on the ALP0
ABI of the spec and the TF-A upstream implementation at the time with a
note that the function ID needs to updated to the one finalied in the
spec and the TF-A implementation.
Assuming it is all finalised now, let us update the same with correct/
updated FID 0xC4000087.
Cc: Jens Wiklander <jens.wiklander(a)linaro.org>
Cc: Olivier Deprez <olivier.deprez(a)arm.com>
Cc: Balint Dobszay <balint.dobszay(a)arm.com>
Signed-off-by: Sudeep Holla <sudeep.holla(a)arm.com>
core/arch/arm/include/ffa.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/core/arch/arm/include/ffa.h b/core/arch/arm/include/ffa.h
index 20a009cacabd..b0d68173bf80 100644
@@ -69,7 +69,7 @@
#define FFA_MEM_RECLAIM U(0x84000077)
#define FFA_MEM_FRAG_RX U(0x8400007A)
#define FFA_MEM_FRAG_TX U(0x8400007B)
-#define FFA_SECONDARY_EP_REGISTER_64 U(0xC4000084)
+#define FFA_SECONDARY_EP_REGISTER_64 U(0xC4000087)
/* Special value for traffic targeted to the Hypervisor or SPM */
#define FFA_TARGET_INFO_MBZ U(0x0)
Linaro OP-TEE Contributions (LOC) monthly meeting is planned to take place
on Thursday Sep 23(a)17.00 (UTC+2).
Following topics are on the agenda:
- OP-TEE Linaro Contribution - Current status and Roadmap - Ruchika
- FF-A based mediator in XEN - Jens
If you have any other topics you'd like to discuss, please let us know.
Date/time: Thursday Sep 23(a)17.00 (UTC+2)
Connection details: https://www.trustedfirmware.org/meetings/
Meeting notes: http://bit.ly/loc-notes
Ruchika on behalf of the Linaro OP-TEE team