- OP-TEE - lists.trustedfirmware.org

Linaro OP-TEE Contribution (LOC) monthly meeting April 2022

by Ruchika Gupta

Hi, OP-TEE Contributions (LOC) monthly meeting is planned for Thursday April 28 @17.00 (UTC + 2). We have following on the agenda - Fault Mitigation patterns in OP-TEE - Jens Wiklander If you have any more topics you'd like to discuss, please let us know and we can schedule them. Meeting details: --------------- Date/time: April 28(a)17.00 (UTC + 2) https://everytimezone.com/s/700b9d66 Connection details: https://www.trustedfirmware.org/meetings/ Meeting notes: http://bit.ly/loc-notes Regards, Ruchika on behalf of the Linaro OP-TEE team

4 years

1
1
0 0

[PATCH 1/2] tee: remove tee_shm_va2pa() and tee_shm_pa2va()

by Andrew Davis

We should not need to index into SHMs based on absolute VA/PA. These functions are not used and this kind of usage should not be encouraged anyway. Remove these functions. Signed-off-by: Andrew Davis <afd(a)ti.com> --- drivers/tee/tee_shm.c | 50 ----------------------------------------- include/linux/tee_drv.h | 18 --------------- 2 files changed, 68 deletions(-) diff --git a/drivers/tee/tee_shm.c b/drivers/tee/tee_shm.c index f31e29e8f1cac..b0c6d553d3a70 100644 --- a/drivers/tee/tee_shm.c +++ b/drivers/tee/tee_shm.c @@ -414,56 +414,6 @@ void tee_shm_free(struct tee_shm *shm) } EXPORT_SYMBOL_GPL(tee_shm_free); -/** - * tee_shm_va2pa() - Get physical address of a virtual address - * @shm: Shared memory handle - * @va: Virtual address to tranlsate - * @pa: Returned physical address - * @returns 0 on success and < 0 on failure - */ -int tee_shm_va2pa(struct tee_shm *shm, void *va, phys_addr_t *pa) -{ - if (!shm->kaddr) - return -EINVAL; - /* Check that we're in the range of the shm */ - if ((char *)va < (char *)shm->kaddr) - return -EINVAL; - if ((char *)va >= ((char *)shm->kaddr + shm->size)) - return -EINVAL; - - return tee_shm_get_pa( - shm, (unsigned long)va - (unsigned long)shm->kaddr, pa); -} -EXPORT_SYMBOL_GPL(tee_shm_va2pa); - -/** - * tee_shm_pa2va() - Get virtual address of a physical address - * @shm: Shared memory handle - * @pa: Physical address to tranlsate - * @va: Returned virtual address - * @returns 0 on success and < 0 on failure - */ -int tee_shm_pa2va(struct tee_shm *shm, phys_addr_t pa, void **va) -{ - if (!shm->kaddr) - return -EINVAL; - /* Check that we're in the range of the shm */ - if (pa < shm->paddr) - return -EINVAL; - if (pa >= (shm->paddr + shm->size)) - return -EINVAL; - - if (va) { - void *v = tee_shm_get_va(shm, pa - shm->paddr); - - if (IS_ERR(v)) - return PTR_ERR(v); - *va = v; - } - return 0; -} -EXPORT_SYMBOL_GPL(tee_shm_pa2va); - /** * tee_shm_get_va() - Get virtual address of a shared memory plus an offset * @shm: Shared memory handle diff --git a/include/linux/tee_drv.h b/include/linux/tee_drv.h index 911cad324acc7..17eb1c5205d34 100644 --- a/include/linux/tee_drv.h +++ b/include/linux/tee_drv.h @@ -298,24 +298,6 @@ void tee_shm_free(struct tee_shm *shm); */ void tee_shm_put(struct tee_shm *shm); -/** - * tee_shm_va2pa() - Get physical address of a virtual address - * @shm: Shared memory handle - * @va: Virtual address to tranlsate - * @pa: Returned physical address - * @returns 0 on success and < 0 on failure - */ -int tee_shm_va2pa(struct tee_shm *shm, void *va, phys_addr_t *pa); - -/** - * tee_shm_pa2va() - Get virtual address of a physical address - * @shm: Shared memory handle - * @pa: Physical address to tranlsate - * @va: Returned virtual address - * @returns 0 on success and < 0 on failure - */ -int tee_shm_pa2va(struct tee_shm *shm, phys_addr_t pa, void **va); - /** * tee_shm_get_va() - Get virtual address of a shared memory plus an offset * @shm: Shared memory handle -- 2.17.1

4 years

2
4
0 0

[PATCH v3 0/4] OP-TEE RPC argument cache

by Jens Wiklander

Hi all, This patchset optimizes handling of the argument struct passed to call_with_arg when doing a yielding call to OP-TEE. Prior to this was this struct allocated before the yielding call and then freed after it had returned. In case many calls are made in succession this results in quite a bit of unnecessary allocte/free and possibly also switching back and forth to secure work in order to register if needed. Another optimization handles the way the argument struct needed to do RPC is passed. Please see the patch "optee: add OPTEE_SMC_CALL_WITH_RPC_ARG and OPTEE_SMC_CALL_WITH_REGD_ARG" for details. Thanks, Jens v1->v2: * Split out a separate commit "optee: rename rpc_arg_count to rpc_param_count" * Check optee->rpc_param_count before calling optee_disable_shm_cache(). * Mention OPTEE_SMC_CALL_WITH_REGD_ARG in commit message. v2->v3: * Applied Sumit's R-B to "optee: rename rpc_arg_count to rpc_param_count" and "optee: add OPTEE_SMC_CALL_WITH_RPC_ARG and OPTEE_SMC_CALL_WITH_REGD_ARG" * Fixed some review comments to "optee: add OPTEE_SMC_CALL_WITH_RPC_ARG and OPTEE_SMC_CALL_WITH_REGD_ARG" * Rebased on v5.18-rc1 Jens Wiklander (4): optee: rename rpc_arg_count to rpc_param_count optee: add OPTEE_SMC_CALL_WITH_RPC_ARG and OPTEE_SMC_CALL_WITH_REGD_ARG optee: add FF-A capability OPTEE_FFA_SEC_CAP_ARG_OFFSET optee: cache argument shared memory structs drivers/tee/optee/call.c | 238 ++++++++++++++++++++++++------ drivers/tee/optee/core.c | 1 + drivers/tee/optee/ffa_abi.c | 36 +++-- drivers/tee/optee/optee_ffa.h | 12 +- drivers/tee/optee/optee_private.h | 31 +++- drivers/tee/optee/optee_smc.h | 48 +++++- drivers/tee/optee/smc_abi.c | 162 +++++++++++++++----- 7 files changed, 428 insertions(+), 100 deletions(-) -- 2.31.1

4 years, 1 month

1
5
0 0

OP-TEE 3.17.0 has been released

by Jerome Forissier

Hi, I'm pleased to announce that OP-TEE version 3.17.0 is now available. As usual, the list of changes can be found in the changelog [1]. A big thank you to everyone who participated with contributions and helping out with testing the release [2]. [1] https://github.com/OP-TEE/optee_os/blob/master/CHANGELOG.md [2] https://github.com/OP-TEE/optee_os/commit/db2e7fe5eea80be6c244da3bf131676eb… Regards, -- Jerome

4 years, 1 month

1
0
0 0

[[GIT PULL] OP-TEE fix for v5.18

by Jens Wiklander

Hello arm-soc maintainers, Please pull this small OP-TEE driver fix for the error handling path in the FF-A probe function. Thanks, Jens The following changes since commit 3123109284176b1532874591f7c81f3837bbdc17: Linux 5.18-rc1 (2022-04-03 14:08:21 -0700) are available in the Git repository at: git://git.linaro.org/people/jens.wiklander/linux-tee.git tags/optee-fix-for-v5.18 for you to fetch changes up to b5e22886839ae466fcf03295150094516c0fd8eb: tee: optee: add missing mutext_destroy in optee_ffa_probe (2022-04-05 08:56:26 +0200) ---------------------------------------------------------------- OP-TEE fix missing mutex_destroy in probe error handling path ---------------------------------------------------------------- Dongliang Mu (1): tee: optee: add missing mutext_destroy in optee_ffa_probe drivers/tee/optee/ffa_abi.c | 1 + 1 file changed, 1 insertion(+)

4 years, 1 month

1
0
0 0

[PATCH v2 0/4] OP-TEE RPC argument cache

by Jens Wiklander

Hi all, This patchset optimizes handling of the argument struct passed to call_with_arg when doing a yielding call to OP-TEE. Prior to this was this struct allocated before the yielding call and then freed after it had returned. In case many calls are made in succession this results in quite a bit of unnecessary allocte/free and possibly also switching back and forth to secure work in order to register if needed. Another optimization handles the way the argument struct needed to do RPC is passed. Please see the patch "optee: add OPTEE_SMC_CALL_WITH_RPC_ARG and OPTEE_SMC_CALL_WITH_REGD_ARG" for details. This patchset is based the next branch [1] in my kernel to avoid conflict with other recent patches. Thanks, Jens [1] https://git.linaro.org/people/jens.wiklander/linux-tee.git/log/?h=next v1->v2: * Split out a separate commit "optee: rename rpc_arg_count to rpc_param_count" * Check optee->rpc_param_count before calling optee_disable_shm_cache(). * Mention OPTEE_SMC_CALL_WITH_REGD_ARG in commit message. Jens Wiklander (4): optee: rename rpc_arg_count to rpc_param_count optee: add OPTEE_SMC_CALL_WITH_RPC_ARG and OPTEE_SMC_CALL_WITH_REGD_ARG optee: add FF-A capability OPTEE_FFA_SEC_CAP_ARG_OFFSET optee: cache argument shared memory structs drivers/tee/optee/call.c | 238 ++++++++++++++++++++++++------ drivers/tee/optee/core.c | 1 + drivers/tee/optee/ffa_abi.c | 36 +++-- drivers/tee/optee/optee_ffa.h | 12 +- drivers/tee/optee/optee_private.h | 31 +++- drivers/tee/optee/optee_smc.h | 47 +++++- drivers/tee/optee/smc_abi.c | 162 +++++++++++++++----- 7 files changed, 427 insertions(+), 100 deletions(-) -- 2.31.1

4 years, 1 month

2
6
0 0

Preparing for OP-TEE 3.17.0

by Jerome Forissier

[BCC all OP-TEE maintainers] Hi OP-TEE maintainers & contributors, OP-TEE v3.17.0 is scheduled to be released on 2022-04-22. So, now is a good time to start testing the master branch on the various platforms and report/fix any bugs. The GitHub pull request for collecting Tested-by tags or any other comments is https://github.com/OP-TEE/optee_os/pull/5229 As usual, we will create a release candidate tag one week before the release date for final testing. In addition to that you can find some additional information related to releases here: https://optee.readthedocs.io/en/latest/general/releases.html Thanks, -- Jerome

4 years, 1 month

2
1
0 0

[PATCH v4] tee: make tee_shm_register_kernel_buf vmalloc supported

by Phil Chang

In some low-memory devices, it's hard to aquire large-orders pages, this patch allowed user using scatter pages to register shm. Signed-off-by: Phil Chang <phil.chang(a)mediatek.com> Reviewed-by: Sumit Garg <sumit.garg(a)linaro.org> --- drivers/tee/optee/call.c | 2 +- drivers/tee/tee_shm.c | 35 +++++++++++++++++++++++++---------- 2 files changed, 26 insertions(+), 11 deletions(-) diff --git a/drivers/tee/optee/call.c b/drivers/tee/optee/call.c index bd49ec934060..2082e632adff 100644 --- a/drivers/tee/optee/call.c +++ b/drivers/tee/optee/call.c @@ -362,7 +362,7 @@ int optee_check_mem_type(unsigned long start, size_t num_pages) * Allow kernel address to register with OP-TEE as kernel * pages are configured as normal memory only. */ - if (virt_addr_valid(start)) + if (virt_addr_valid(start) || is_vmalloc_addr((void *)start)) return 0; mmap_read_lock(mm); diff --git a/drivers/tee/tee_shm.c b/drivers/tee/tee_shm.c index f31e29e8f1ca..836872467dc6 100644 --- a/drivers/tee/tee_shm.c +++ b/drivers/tee/tee_shm.c @@ -23,21 +23,36 @@ static void shm_put_kernel_pages(struct page **pages, size_t page_count) static int shm_get_kernel_pages(unsigned long start, size_t page_count, struct page **pages) { - struct kvec *kiov; size_t n; int rc; - kiov = kcalloc(page_count, sizeof(*kiov), GFP_KERNEL); - if (!kiov) - return -ENOMEM; + if (is_vmalloc_addr((void *)start)) { + struct page *page; - for (n = 0; n < page_count; n++) { - kiov[n].iov_base = (void *)(start + n * PAGE_SIZE); - kiov[n].iov_len = PAGE_SIZE; - } + for (n = 0; n < page_count; n++) { + page = vmalloc_to_page((void *)(start + PAGE_SIZE * n)); + if (!page) + return -ENOMEM; + + get_page(page); + pages[n] = page; + } + rc = page_count; + } else { + struct kvec *kiov; + + kiov = kcalloc(page_count, sizeof(*kiov), GFP_KERNEL); + if (!kiov) + return -ENOMEM; - rc = get_kernel_pages(kiov, page_count, 0, pages); - kfree(kiov); + for (n = 0; n < page_count; n++) { + kiov[n].iov_base = (void *)(start + n * PAGE_SIZE); + kiov[n].iov_len = PAGE_SIZE; + } + + rc = get_kernel_pages(kiov, page_count, 0, pages); + kfree(kiov); + } return rc; } -- 2.25.1

4 years, 1 month

2
3
0 0

[PATCH 0/3] OP-TEE RPC argument cache

by Jens Wiklander

Hi all, This patchset optimizes handling of the argument struction passed to call_with_arg when doing a yielding call to OP-TEE. Prior to this was this structure allocated before the yielding call and then freed after it had returned. In case many calls are made in succession this results in quite a bit of unncesary allocte/free and possibly also switching back and forth to secure work in order to register if needed. Another optimization handles the way the argument struct needed to do RPC is passed. Please see the patch "optee: add OPTEE_SMC_CALL_WITH_RPC_ARG" for details. This patchset is based the next branch [1] in my kernel to avoid conflict with other recent patches. Thanks, Jens [1] https://git.linaro.org/people/jens.wiklander/linux-tee.git/log/?h=next Jens Wiklander (3): optee: add OPTEE_SMC_CALL_WITH_RPC_ARG optee: add FF-A capability OPTEE_FFA_SEC_CAP_ARG_OFFSET optee: cache argument shared memory structs drivers/tee/optee/call.c | 238 ++++++++++++++++++++++++------ drivers/tee/optee/core.c | 1 + drivers/tee/optee/ffa_abi.c | 36 +++-- drivers/tee/optee/optee_ffa.h | 12 +- drivers/tee/optee/optee_private.h | 31 +++- drivers/tee/optee/optee_smc.h | 47 +++++- drivers/tee/optee/smc_abi.c | 151 +++++++++++++++---- 7 files changed, 419 insertions(+), 97 deletions(-) -- 2.31.1

4 years, 1 month

2
14
0 0

[PATCH] tee: optee: add missing mutext_destroy in optee_ffa_probe

by Dongliang Mu

From: Dongliang Mu <mudongliangabcd(a)gmail.com> The error handling code of optee_ffa_probe misses the mutex_destroy of ffa.mutex when mutext_init succeeds. Fix this by adding mutex_destory of ffa.mutex at the error handling part Fixes: aceeafefff73 ("optee: use driver internal tee_context for some rpc") Signed-off-by: Dongliang Mu <mudongliangabcd(a)gmail.com> --- drivers/tee/optee/ffa_abi.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/tee/optee/ffa_abi.c b/drivers/tee/optee/ffa_abi.c index f744ab15bf2c..30a6119a2b16 100644 --- a/drivers/tee/optee/ffa_abi.c +++ b/drivers/tee/optee/ffa_abi.c @@ -894,6 +894,7 @@ static int optee_ffa_probe(struct ffa_device *ffa_dev) rhashtable_free_and_destroy(&optee->ffa.global_ids, rh_free_fn, NULL); optee_supp_uninit(&optee->supp); mutex_destroy(&optee->call_queue.mutex); + mutex_destroy(&optee->ffa.mutex); err_unreg_supp_teedev: tee_device_unregister(optee->supp_teedev); err_unreg_teedev: -- 2.25.1

4 years, 1 month

3
4
0 0

Mbed TLS GitHub migration

by Dave Rodgman

Hi all, Please be advised that the Mbed TLS GitHub migration is complete. The new home for Mbed TLS is: https://github.com/Mbed-TLS We recommend updating your project, checkouts, etc to point at the new repository, but it's not urgent as everything will continue to work for some time via automatic redirection. Also please note that our project boards, which we use for planning upcoming work via epics, and tracking current activity, have moved. They are now available here: Epics board: https://github.com/orgs/Mbed-TLS/projects/1 Current activity: https://github.com/orgs/Mbed-TLS/projects/2 Thanks Dave Rodgman On 22/03/2022, 14:52, "Dave Rodgman via Mbed-tls-announce" <mbed-tls-announce(a)lists.trustedfirmware.org> wrote: Hi all, Please note that in the next couple of weeks, we will migrate Mbed TLS to a new GitHub organisation. Your existing scripts, links etc for accessing Mbed TLS on GitHub should not be affected. This will change the url from https://github.com/ARMmbed/mbedtls to https://github.com/Mbed-TLS/mbedtls . GitHub will redirect any accesses to the old URL for the foreseeable future, but we would recommend updating your links once the migration is complete. All of the Mbed TLS repositories will migrate to this new organisation, i.e.: mbedtls mbedtls-docs mbedtls-test Thanks Dave Rodgman -- Mbed-tls-announce mailing list -- mbed-tls-announce(a)lists.trustedfirmware.org To unsubscribe send an email to mbed-tls-announce-leave(a)lists.trustedfirmware.org

4 years, 1 month

1
0
0 0

About patch for ARM Spectre-BHB in OPTEE OS

by KL Huang (黃闞立)

Hi, Sir: ARM announced vulnerability about Spectre-BHB and patches are also available for Linux and TF-A. https://developer.arm.com/support/arm-security-updates/speculative-processo… May I know if OPTEE OS will have the patch in the upcoming version? Best regards, KL Huang

4 years, 1 month

2
1
0 0

[PATCH v4] rtc: optee: add RTC driver for OP-TEE RTC PTA

by Clément Léger

This drivers allows to communicate with a RTC PTA handled by OP-TEE [1]. This PTA allows to query RTC information, set/get time and set/get offset depending on the supported features. [1] https://github.com/OP-TEE/optee_os/pull/5179 Signed-off-by: Clément Léger <clement.leger(a)bootlin.com> --- Changes in v4: - Remove error prints except the ones in probe Changes in v3 (was resent as a second v2 due to a mistake); - Fix error messages to include ret value and fix wrong IOCTL names - Use 100 columns char limit Changes in v2: - Rebased over tee-shm-for-v5.18 - Switch to tee_shm_alloc_kernel_buf() - Use export_uuid() to copy uuid - Fix warnings reported by checkpatch - Free SHM in error exit path MAINTAINERS | 6 + drivers/rtc/Kconfig | 10 ++ drivers/rtc/Makefile | 1 + drivers/rtc/rtc-optee.c | 362 ++++++++++++++++++++++++++++++++++++++++ 4 files changed, 379 insertions(+) create mode 100644 drivers/rtc/rtc-optee.c diff --git a/MAINTAINERS b/MAINTAINERS index f41088418aae..b21375ad73d2 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -14361,6 +14361,12 @@ L: op-tee(a)lists.trustedfirmware.org S: Maintained F: drivers/char/hw_random/optee-rng.c +OP-TEE RTC DRIVER +M: Clément Léger <clement.leger(a)bootlin.com> +L: linux-rtc(a)vger.kernel.org +S: Maintained +F: drivers/rtc/rtc-optee.c + OPA-VNIC DRIVER M: Dennis Dalessandro <dennis.dalessandro(a)cornelisnetworks.com> M: Mike Marciniszyn <mike.marciniszyn(a)cornelisnetworks.com> diff --git a/drivers/rtc/Kconfig b/drivers/rtc/Kconfig index d85a3c31347c..cba5427f79b3 100644 --- a/drivers/rtc/Kconfig +++ b/drivers/rtc/Kconfig @@ -1293,6 +1293,16 @@ config RTC_DRV_OPAL This driver can also be built as a module. If so, the module will be called rtc-opal. +config RTC_DRV_OPTEE + tristate "OP-TEE based RTC driver" + depends on OPTEE + help + Select this to get support for OP-TEE based RTC control on SoCs where + RTC are not accessible to the normal world (Linux). + + This driver can also be built as a module. If so, the module + will be called rtc-optee. + config RTC_DRV_ZYNQMP tristate "Xilinx Zynq Ultrascale+ MPSoC RTC" depends on OF && HAS_IOMEM diff --git a/drivers/rtc/Makefile b/drivers/rtc/Makefile index e92f3e943245..2d827d8261d5 100644 --- a/drivers/rtc/Makefile +++ b/drivers/rtc/Makefile @@ -115,6 +115,7 @@ obj-$(CONFIG_RTC_DRV_GAMECUBE) += rtc-gamecube.o obj-$(CONFIG_RTC_DRV_NTXEC) += rtc-ntxec.o obj-$(CONFIG_RTC_DRV_OMAP) += rtc-omap.o obj-$(CONFIG_RTC_DRV_OPAL) += rtc-opal.o +obj-$(CONFIG_RTC_DRV_OPTEE) += rtc-optee.o obj-$(CONFIG_RTC_DRV_PALMAS) += rtc-palmas.o obj-$(CONFIG_RTC_DRV_PCAP) += rtc-pcap.o obj-$(CONFIG_RTC_DRV_PCF2123) += rtc-pcf2123.o diff --git a/drivers/rtc/rtc-optee.c b/drivers/rtc/rtc-optee.c new file mode 100644 index 000000000000..9f8b5d4a8f6b --- /dev/null +++ b/drivers/rtc/rtc-optee.c @@ -0,0 +1,362 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Copyright (C) 2022 Microchip. + */ + +#include <linux/device.h> +#include <linux/kernel.h> +#include <linux/module.h> +#include <linux/rtc.h> +#include <linux/tee_drv.h> + +#define RTC_INFO_VERSION 0x1 + +#define TA_CMD_RTC_GET_INFO 0x0 +#define TA_CMD_RTC_GET_TIME 0x1 +#define TA_CMD_RTC_SET_TIME 0x2 +#define TA_CMD_RTC_GET_OFFSET 0x3 +#define TA_CMD_RTC_SET_OFFSET 0x4 + +#define TA_RTC_FEATURE_CORRECTION BIT(0) + +struct optee_rtc_time { + u32 tm_sec; + u32 tm_min; + u32 tm_hour; + u32 tm_mday; + u32 tm_mon; + u32 tm_year; + u32 tm_wday; +}; + +struct optee_rtc_info { + u64 version; + u64 features; + struct optee_rtc_time range_min; + struct optee_rtc_time range_max; +}; + +/** + * struct optee_rtc - OP-TEE RTC private data + * @dev: OP-TEE based RTC device. + * @ctx: OP-TEE context handler. + * @session_id: RTC TA session identifier. + * @shm: Memory pool shared with RTC device. + * @features: Bitfield of RTC features + */ +struct optee_rtc { + struct device *dev; + struct tee_context *ctx; + u32 session_id; + struct tee_shm *shm; + u64 features; +}; + +static int optee_rtc_readtime(struct device *dev, struct rtc_time *tm) +{ + struct optee_rtc *priv = dev_get_drvdata(dev); + struct tee_ioctl_invoke_arg inv_arg = {0}; + struct optee_rtc_time *optee_tm; + struct tee_param param[4] = {0}; + int ret; + + inv_arg.func = TA_CMD_RTC_GET_TIME; + inv_arg.session = priv->session_id; + inv_arg.num_params = 4; + + /* Fill invoke cmd params */ + param[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT; + param[0].u.memref.shm = priv->shm; + param[0].u.memref.size = sizeof(struct optee_rtc_time); + + ret = tee_client_invoke_func(priv->ctx, &inv_arg, param); + if (ret < 0 || inv_arg.ret != 0) + return ret ? ret : -EPROTO; + + optee_tm = tee_shm_get_va(priv->shm, 0); + if (IS_ERR(optee_tm)) + return PTR_ERR(optee_tm); + + if (param[0].u.memref.size != sizeof(*optee_tm)) + return -EPROTO; + + tm->tm_sec = optee_tm->tm_sec; + tm->tm_min = optee_tm->tm_min; + tm->tm_hour = optee_tm->tm_hour; + tm->tm_mday = optee_tm->tm_mday; + tm->tm_mon = optee_tm->tm_mon; + tm->tm_year = optee_tm->tm_year - 1900; + tm->tm_wday = optee_tm->tm_wday; + tm->tm_yday = rtc_year_days(tm->tm_mday, tm->tm_mon, tm->tm_year); + + return 0; +} + +static int optee_rtc_settime(struct device *dev, struct rtc_time *tm) +{ + struct optee_rtc *priv = dev_get_drvdata(dev); + struct tee_ioctl_invoke_arg inv_arg = {0}; + struct tee_param param[4] = {0}; + struct optee_rtc_time optee_tm; + void *rtc_data; + int ret; + + optee_tm.tm_sec = tm->tm_sec; + optee_tm.tm_min = tm->tm_min; + optee_tm.tm_hour = tm->tm_hour; + optee_tm.tm_mday = tm->tm_mday; + optee_tm.tm_mon = tm->tm_mon; + optee_tm.tm_year = tm->tm_year + 1900; + optee_tm.tm_wday = tm->tm_wday; + + inv_arg.func = TA_CMD_RTC_SET_TIME; + inv_arg.session = priv->session_id; + inv_arg.num_params = 4; + + param[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INPUT; + param[0].u.memref.shm = priv->shm; + param[0].u.memref.size = sizeof(struct optee_rtc_time); + + rtc_data = tee_shm_get_va(priv->shm, 0); + if (IS_ERR(rtc_data)) + return PTR_ERR(rtc_data); + + memcpy(rtc_data, &optee_tm, sizeof(struct optee_rtc_time)); + + ret = tee_client_invoke_func(priv->ctx, &inv_arg, param); + if (ret < 0 || inv_arg.ret != 0) + return ret ? ret : -EPROTO; + + return 0; +} + +static int optee_rtc_readoffset(struct device *dev, long *offset) +{ + struct optee_rtc *priv = dev_get_drvdata(dev); + struct tee_ioctl_invoke_arg inv_arg = {0}; + struct tee_param param[4] = {0}; + int ret; + + if (!(priv->features & TA_RTC_FEATURE_CORRECTION)) + return -EOPNOTSUPP; + + inv_arg.func = TA_CMD_RTC_GET_OFFSET; + inv_arg.session = priv->session_id; + inv_arg.num_params = 4; + + param[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_OUTPUT; + + ret = tee_client_invoke_func(priv->ctx, &inv_arg, param); + if (ret < 0 || inv_arg.ret != 0) + return ret ? ret : -EPROTO; + + *offset = param[0].u.value.a; + + return 0; +} + +static int optee_rtc_setoffset(struct device *dev, long offset) +{ + struct optee_rtc *priv = dev_get_drvdata(dev); + struct tee_ioctl_invoke_arg inv_arg = {0}; + struct tee_param param[4] = {0}; + int ret; + + if (!(priv->features & TA_RTC_FEATURE_CORRECTION)) + return -EOPNOTSUPP; + + inv_arg.func = TA_CMD_RTC_SET_OFFSET; + inv_arg.session = priv->session_id; + inv_arg.num_params = 4; + + param[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; + param[0].u.value.a = offset; + + ret = tee_client_invoke_func(priv->ctx, &inv_arg, param); + if (ret < 0 || inv_arg.ret != 0) + return ret ? ret : -EPROTO; + + return 0; +} + +static const struct rtc_class_ops optee_rtc_ops = { + .read_time = optee_rtc_readtime, + .set_time = optee_rtc_settime, + .set_offset = optee_rtc_setoffset, + .read_offset = optee_rtc_readoffset, +}; + +static int optee_rtc_read_info(struct device *dev, struct rtc_device *rtc, + u64 *features) +{ + struct optee_rtc *priv = dev_get_drvdata(dev); + struct tee_ioctl_invoke_arg inv_arg = {0}; + struct tee_param param[4] = {0}; + struct optee_rtc_info *info; + struct optee_rtc_time *tm; + int ret; + + inv_arg.func = TA_CMD_RTC_GET_INFO; + inv_arg.session = priv->session_id; + inv_arg.num_params = 4; + + param[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT; + param[0].u.memref.shm = priv->shm; + param[0].u.memref.size = sizeof(*info); + + ret = tee_client_invoke_func(priv->ctx, &inv_arg, param); + if (ret < 0 || inv_arg.ret != 0) + return ret ? ret : -EPROTO; + + info = tee_shm_get_va(priv->shm, 0); + if (IS_ERR(info)) + return PTR_ERR(info); + + if (param[0].u.memref.size != sizeof(*info)) + return -EPROTO; + + if (info->version != RTC_INFO_VERSION) + return -EPROTO; + + *features = info->features; + + tm = &info->range_min; + rtc->range_min = mktime64(tm->tm_year, tm->tm_mon, tm->tm_mday, tm->tm_hour, tm->tm_min, + tm->tm_sec); + tm = &info->range_max; + rtc->range_max = mktime64(tm->tm_year, tm->tm_mon, tm->tm_mday, tm->tm_hour, tm->tm_min, + tm->tm_sec); + + return 0; +} + +static int optee_ctx_match(struct tee_ioctl_version_data *ver, const void *data) +{ + if (ver->impl_id == TEE_IMPL_ID_OPTEE) + return 1; + else + return 0; +} + +static int optee_rtc_probe(struct device *dev) +{ + struct tee_client_device *rtc_device = to_tee_client_device(dev); + struct tee_ioctl_open_session_arg sess_arg; + struct optee_rtc *priv; + struct rtc_device *rtc; + struct tee_shm *shm; + int ret, err; + + memset(&sess_arg, 0, sizeof(sess_arg)); + + priv = devm_kzalloc(dev, sizeof(*priv), GFP_KERNEL); + if (!priv) + return -ENOMEM; + + rtc = devm_rtc_allocate_device(dev); + if (IS_ERR(rtc)) + return PTR_ERR(rtc); + + /* Open context with TEE driver */ + priv->ctx = tee_client_open_context(NULL, optee_ctx_match, NULL, NULL); + if (IS_ERR(priv->ctx)) + return -ENODEV; + + /* Open session with rtc Trusted App */ + export_uuid(sess_arg.uuid, &rtc_device->id.uuid); + sess_arg.clnt_login = TEE_IOCTL_LOGIN_REE_KERNEL; + + ret = tee_client_open_session(priv->ctx, &sess_arg, NULL); + if (ret < 0 || sess_arg.ret != 0) { + dev_err(dev, "tee_client_open_session failed, err: %x\n", sess_arg.ret); + err = -EINVAL; + goto out_ctx; + } + priv->session_id = sess_arg.session; + + shm = tee_shm_alloc_kernel_buf(priv->ctx, sizeof(struct optee_rtc_info)); + if (IS_ERR(shm)) { + dev_err(priv->dev, "tee_shm_alloc_kernel_buf failed\n"); + err = PTR_ERR(shm); + goto out_sess; + } + + priv->shm = shm; + priv->dev = dev; + dev_set_drvdata(dev, priv); + + rtc->ops = &optee_rtc_ops; + + err = optee_rtc_read_info(dev, rtc, &priv->features); + if (err) { + dev_err(dev, "Failed to get RTC features from OP-TEE\n"); + goto out_shm; + } + + err = devm_rtc_register_device(rtc); + if (err) + goto out_shm; + + /* + * We must clear this bit after registering because rtc_register_device + * will set it if it sees that .set_offset is provided. + */ + if (!(priv->features & TA_RTC_FEATURE_CORRECTION)) + clear_bit(RTC_FEATURE_CORRECTION, rtc->features); + + return 0; + +out_shm: + tee_shm_free(priv->shm); +out_sess: + tee_client_close_session(priv->ctx, priv->session_id); +out_ctx: + tee_client_close_context(priv->ctx); + + return err; +} + +static int optee_rtc_remove(struct device *dev) +{ + struct optee_rtc *priv = dev_get_drvdata(dev); + + tee_client_close_session(priv->ctx, priv->session_id); + tee_client_close_context(priv->ctx); + + return 0; +} + +static const struct tee_client_device_id optee_rtc_id_table[] = { + {UUID_INIT(0xf389f8c8, 0x845f, 0x496c, + 0x8b, 0xbe, 0xd6, 0x4b, 0xd2, 0x4c, 0x92, 0xfd)}, + {} +}; + +MODULE_DEVICE_TABLE(tee, optee_rtc_id_table); + +static struct tee_client_driver optee_rtc_driver = { + .id_table = optee_rtc_id_table, + .driver = { + .name = "optee_rtc", + .bus = &tee_bus_type, + .probe = optee_rtc_probe, + .remove = optee_rtc_remove, + }, +}; + +static int __init optee_rtc_mod_init(void) +{ + return driver_register(&optee_rtc_driver.driver); +} + +static void __exit optee_rtc_mod_exit(void) +{ + driver_unregister(&optee_rtc_driver.driver); +} + +module_init(optee_rtc_mod_init); +module_exit(optee_rtc_mod_exit); + +MODULE_LICENSE("GPL v2"); +MODULE_AUTHOR("Clément Léger <clement.leger(a)bootlin.com>"); +MODULE_DESCRIPTION("OP-TEE based RTC driver"); -- 2.34.1

4 years, 1 month

3
2
0 0

TrustedFirmware Code of Conduct

by Don Harbin

Hi All, Please find the link to the TrustedFirmware Community Code of Conduct here: https://developer.trustedfirmware.org/w/collaboration/community_guidelines/… Trusted Firmware has a very diverse and global developer community. It is important that we adhere to the code of conduct in all our interactions. For some of you all this may be new and for others just a gentle reminder. In either case, if you have any questions, please feel free to reach out to me directly. And thanks to you all for your contributions to the TrustedFirmware community! Best regards, Don Harbin TrustedFirmware Community Manager don.harbin(a)linaro.org

4 years, 1 month

1
0
0 0

Linaro OP-TEE Contributions (LOC) monthly meeting - Mar 24 CANCELLED

by Ruchika Gupta

Hi, We don't have any topics for the meeting this month. Hence cancelling. Following topics related to OP-TEE will be presented in Linaro Connect Tech Day : Core Technologies <https://www.linaro.org/events/linaro-connect-tech-day-core-technologies/> on March 29. Feel free to join us there. - OP-TEE and FF-A evolution - OP-TEE Lightning Talk Regards, Ruchika (on behalf of OP-TEE team)

4 years, 1 month

1
0
0 0

[PATCH v2] rtc: optee: add RTC driver for OP-TEE RTC PTA

by Clément Léger

This drivers allows to communicate with a RTC PTA handled by OP-TEE [1]. This PTA allows to query RTC information, set/get time and set/get offset depending on the supported features. [1] https://github.com/OP-TEE/optee_os/pull/5179 Signed-off-by: Clément Léger <clement.leger(a)bootlin.com> --- Changes in v2: - Rebased over tee-shm-for-v5.18 - Switch to tee_shm_alloc_kernel_buf() - Use export_uuid() to copy uuid - Fix warnings reported by checkpatch - Free SHM in error exit path - Fix error messages to include ret value and fix wrong IOCTL names - Use 100 columns char limit MAINTAINERS | 6 + drivers/rtc/Kconfig | 10 ++ drivers/rtc/Makefile | 1 + drivers/rtc/rtc-optee.c | 386 ++++++++++++++++++++++++++++++++++++++++ 4 files changed, 403 insertions(+) create mode 100644 drivers/rtc/rtc-optee.c diff --git a/MAINTAINERS b/MAINTAINERS index f41088418aae..b21375ad73d2 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -14361,6 +14361,12 @@ L: op-tee(a)lists.trustedfirmware.org S: Maintained F: drivers/char/hw_random/optee-rng.c +OP-TEE RTC DRIVER +M: Clément Léger <clement.leger(a)bootlin.com> +L: linux-rtc(a)vger.kernel.org +S: Maintained +F: drivers/rtc/rtc-optee.c + OPA-VNIC DRIVER M: Dennis Dalessandro <dennis.dalessandro(a)cornelisnetworks.com> M: Mike Marciniszyn <mike.marciniszyn(a)cornelisnetworks.com> diff --git a/drivers/rtc/Kconfig b/drivers/rtc/Kconfig index d85a3c31347c..cba5427f79b3 100644 --- a/drivers/rtc/Kconfig +++ b/drivers/rtc/Kconfig @@ -1293,6 +1293,16 @@ config RTC_DRV_OPAL This driver can also be built as a module. If so, the module will be called rtc-opal. +config RTC_DRV_OPTEE + tristate "OP-TEE based RTC driver" + depends on OPTEE + help + Select this to get support for OP-TEE based RTC control on SoCs where + RTC are not accessible to the normal world (Linux). + + This driver can also be built as a module. If so, the module + will be called rtc-optee. + config RTC_DRV_ZYNQMP tristate "Xilinx Zynq Ultrascale+ MPSoC RTC" depends on OF && HAS_IOMEM diff --git a/drivers/rtc/Makefile b/drivers/rtc/Makefile index e92f3e943245..2d827d8261d5 100644 --- a/drivers/rtc/Makefile +++ b/drivers/rtc/Makefile @@ -115,6 +115,7 @@ obj-$(CONFIG_RTC_DRV_GAMECUBE) += rtc-gamecube.o obj-$(CONFIG_RTC_DRV_NTXEC) += rtc-ntxec.o obj-$(CONFIG_RTC_DRV_OMAP) += rtc-omap.o obj-$(CONFIG_RTC_DRV_OPAL) += rtc-opal.o +obj-$(CONFIG_RTC_DRV_OPTEE) += rtc-optee.o obj-$(CONFIG_RTC_DRV_PALMAS) += rtc-palmas.o obj-$(CONFIG_RTC_DRV_PCAP) += rtc-pcap.o obj-$(CONFIG_RTC_DRV_PCF2123) += rtc-pcf2123.o diff --git a/drivers/rtc/rtc-optee.c b/drivers/rtc/rtc-optee.c new file mode 100644 index 000000000000..a2865ed17cfc --- /dev/null +++ b/drivers/rtc/rtc-optee.c @@ -0,0 +1,386 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Copyright (C) 2022 Microchip. + */ + +#include <linux/device.h> +#include <linux/kernel.h> +#include <linux/module.h> +#include <linux/rtc.h> +#include <linux/tee_drv.h> + +#define RTC_INFO_VERSION 0x1 + +#define TA_CMD_RTC_GET_INFO 0x0 +#define TA_CMD_RTC_GET_TIME 0x1 +#define TA_CMD_RTC_SET_TIME 0x2 +#define TA_CMD_RTC_GET_OFFSET 0x3 +#define TA_CMD_RTC_SET_OFFSET 0x4 + +#define TA_RTC_FEATURE_CORRECTION BIT(0) + +struct optee_rtc_time { + u32 tm_sec; + u32 tm_min; + u32 tm_hour; + u32 tm_mday; + u32 tm_mon; + u32 tm_year; + u32 tm_wday; +}; + +struct optee_rtc_info { + u64 version; + u64 features; + struct optee_rtc_time range_min; + struct optee_rtc_time range_max; +}; + +/** + * struct optee_rtc - OP-TEE RTC private data + * @dev: OP-TEE based RTC device. + * @ctx: OP-TEE context handler. + * @session_id: RTC TA session identifier. + * @shm: Memory pool shared with RTC device. + * @features: Bitfield of RTC features + */ +struct optee_rtc { + struct device *dev; + struct tee_context *ctx; + u32 session_id; + struct tee_shm *shm; + u64 features; +}; + +static int optee_rtc_readtime(struct device *dev, struct rtc_time *tm) +{ + struct optee_rtc *priv = dev_get_drvdata(dev); + struct tee_ioctl_invoke_arg inv_arg = {0}; + struct optee_rtc_time *optee_tm; + struct tee_param param[4] = {0}; + int ret; + + inv_arg.func = TA_CMD_RTC_GET_TIME; + inv_arg.session = priv->session_id; + inv_arg.num_params = 4; + + /* Fill invoke cmd params */ + param[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT; + param[0].u.memref.shm = priv->shm; + param[0].u.memref.size = sizeof(struct optee_rtc_time); + + ret = tee_client_invoke_func(priv->ctx, &inv_arg, param); + if (ret < 0 || inv_arg.ret != 0) { + dev_err(dev, "TA_CMD_RTC_GET_TIME invoke ret: %d, tee ret: %x\n", ret, inv_arg.ret); + return ret ? ret : -EPROTO; + } + + optee_tm = tee_shm_get_va(priv->shm, 0); + if (IS_ERR(optee_tm)) { + dev_err(dev, "tee_shm_get_va failed\n"); + return PTR_ERR(optee_tm); + } + + if (param[0].u.memref.size != sizeof(*optee_tm)) { + dev_err(dev, "Invalid read size from OPTEE\n"); + return -EPROTO; + } + + tm->tm_sec = optee_tm->tm_sec; + tm->tm_min = optee_tm->tm_min; + tm->tm_hour = optee_tm->tm_hour; + tm->tm_mday = optee_tm->tm_mday; + tm->tm_mon = optee_tm->tm_mon; + tm->tm_year = optee_tm->tm_year - 1900; + tm->tm_wday = optee_tm->tm_wday; + tm->tm_yday = rtc_year_days(tm->tm_mday, tm->tm_mon, tm->tm_year); + + return 0; +} + +static int optee_rtc_settime(struct device *dev, struct rtc_time *tm) +{ + struct optee_rtc *priv = dev_get_drvdata(dev); + struct tee_ioctl_invoke_arg inv_arg = {0}; + struct tee_param param[4] = {0}; + struct optee_rtc_time optee_tm; + void *rtc_data; + int ret; + + optee_tm.tm_sec = tm->tm_sec; + optee_tm.tm_min = tm->tm_min; + optee_tm.tm_hour = tm->tm_hour; + optee_tm.tm_mday = tm->tm_mday; + optee_tm.tm_mon = tm->tm_mon; + optee_tm.tm_year = tm->tm_year + 1900; + optee_tm.tm_wday = tm->tm_wday; + + inv_arg.func = TA_CMD_RTC_SET_TIME; + inv_arg.session = priv->session_id; + inv_arg.num_params = 4; + + param[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INPUT; + param[0].u.memref.shm = priv->shm; + param[0].u.memref.size = sizeof(struct optee_rtc_time); + + rtc_data = tee_shm_get_va(priv->shm, 0); + if (IS_ERR(rtc_data)) { + dev_err(dev, "tee_shm_get_va failed\n"); + return PTR_ERR(rtc_data); + } + + memcpy(rtc_data, &optee_tm, sizeof(struct optee_rtc_time)); + + ret = tee_client_invoke_func(priv->ctx, &inv_arg, param); + if (ret < 0 || inv_arg.ret != 0) { + dev_err(dev, "TA_CMD_RTC_SET_TIME invoke ret: %d, tee ret: %x\n", ret, inv_arg.ret); + return ret ? ret : -EPROTO; + } + + return 0; +} + +static int optee_rtc_readoffset(struct device *dev, long *offset) +{ + struct optee_rtc *priv = dev_get_drvdata(dev); + struct tee_ioctl_invoke_arg inv_arg = {0}; + struct tee_param param[4] = {0}; + int ret; + + if (!(priv->features & TA_RTC_FEATURE_CORRECTION)) + return -EOPNOTSUPP; + + inv_arg.func = TA_CMD_RTC_GET_OFFSET; + inv_arg.session = priv->session_id; + inv_arg.num_params = 4; + + param[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_OUTPUT; + + ret = tee_client_invoke_func(priv->ctx, &inv_arg, param); + if (ret < 0 || inv_arg.ret != 0) { + dev_err(dev, "TA_CMD_RTC_GET_OFFSET invoke ret: %d, tee ret: %x\n", ret, + inv_arg.ret); + return ret ? ret : -EPROTO; + } + + *offset = param[0].u.value.a; + + return 0; +} + +static int optee_rtc_setoffset(struct device *dev, long offset) +{ + struct optee_rtc *priv = dev_get_drvdata(dev); + struct tee_ioctl_invoke_arg inv_arg = {0}; + struct tee_param param[4] = {0}; + int ret; + + if (!(priv->features & TA_RTC_FEATURE_CORRECTION)) + return -EOPNOTSUPP; + + inv_arg.func = TA_CMD_RTC_SET_OFFSET; + inv_arg.session = priv->session_id; + inv_arg.num_params = 4; + + param[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; + param[0].u.value.a = offset; + + ret = tee_client_invoke_func(priv->ctx, &inv_arg, param); + if (ret < 0 || inv_arg.ret != 0) { + dev_err(dev, "TA_CMD_RTC_SET_OFFSET invoke ret: %d, tee ret: %x\n", ret, + inv_arg.ret); + return ret ? ret : -EPROTO; + } + + return 0; +} + +static const struct rtc_class_ops optee_rtc_ops = { + .read_time = optee_rtc_readtime, + .set_time = optee_rtc_settime, + .set_offset = optee_rtc_setoffset, + .read_offset = optee_rtc_readoffset, +}; + +static int optee_rtc_read_info(struct device *dev, struct rtc_device *rtc, + u64 *features) +{ + struct optee_rtc *priv = dev_get_drvdata(dev); + struct tee_ioctl_invoke_arg inv_arg = {0}; + struct tee_param param[4] = {0}; + struct optee_rtc_info *info; + struct optee_rtc_time *tm; + int ret; + + inv_arg.func = TA_CMD_RTC_GET_INFO; + inv_arg.session = priv->session_id; + inv_arg.num_params = 4; + + param[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT; + param[0].u.memref.shm = priv->shm; + param[0].u.memref.size = sizeof(*info); + + ret = tee_client_invoke_func(priv->ctx, &inv_arg, param); + if (ret < 0 || inv_arg.ret != 0) { + dev_err(dev, "TA_CMD_RTC_GET_INFO invoke ret: %d, tee ret: %x\n", ret, inv_arg.ret); + return -EINVAL; + } + + info = tee_shm_get_va(priv->shm, 0); + if (IS_ERR(info)) { + dev_err(dev, "tee_shm_get_va failed\n"); + return PTR_ERR(info); + } + + if (param[0].u.memref.size != sizeof(*info)) { + dev_err(dev, "Invalid read size from OPTEE\n"); + return -EPROTO; + } + + if (info->version != RTC_INFO_VERSION) { + dev_err(dev, "Unsupported information version %llu\n", info->version); + return -EPROTO; + } + + *features = info->features; + + tm = &info->range_min; + rtc->range_min = mktime64(tm->tm_year, tm->tm_mon, tm->tm_mday, tm->tm_hour, tm->tm_min, + tm->tm_sec); + tm = &info->range_max; + rtc->range_max = mktime64(tm->tm_year, tm->tm_mon, tm->tm_mday, tm->tm_hour, tm->tm_min, + tm->tm_sec); + + return 0; +} + +static int optee_ctx_match(struct tee_ioctl_version_data *ver, const void *data) +{ + if (ver->impl_id == TEE_IMPL_ID_OPTEE) + return 1; + else + return 0; +} + +static int optee_rtc_probe(struct device *dev) +{ + struct tee_client_device *rtc_device = to_tee_client_device(dev); + struct tee_ioctl_open_session_arg sess_arg; + struct optee_rtc *priv; + struct rtc_device *rtc; + struct tee_shm *shm; + int ret, err; + + memset(&sess_arg, 0, sizeof(sess_arg)); + + priv = devm_kzalloc(dev, sizeof(*priv), GFP_KERNEL); + if (!priv) + return -ENOMEM; + + rtc = devm_rtc_allocate_device(dev); + if (IS_ERR(rtc)) + return PTR_ERR(rtc); + + /* Open context with TEE driver */ + priv->ctx = tee_client_open_context(NULL, optee_ctx_match, NULL, NULL); + if (IS_ERR(priv->ctx)) + return -ENODEV; + + /* Open session with rtc Trusted App */ + export_uuid(sess_arg.uuid, &rtc_device->id.uuid); + sess_arg.clnt_login = TEE_IOCTL_LOGIN_REE_KERNEL; + + ret = tee_client_open_session(priv->ctx, &sess_arg, NULL); + if (ret < 0 || sess_arg.ret != 0) { + dev_err(dev, "tee_client_open_session failed, err: %x\n", sess_arg.ret); + err = -EINVAL; + goto out_ctx; + } + priv->session_id = sess_arg.session; + + shm = tee_shm_alloc_kernel_buf(priv->ctx, sizeof(struct optee_rtc_info)); + if (IS_ERR(shm)) { + dev_err(priv->dev, "tee_shm_alloc_kernel_buf failed\n"); + err = PTR_ERR(shm); + goto out_sess; + } + + priv->shm = shm; + priv->dev = dev; + dev_set_drvdata(dev, priv); + + rtc->ops = &optee_rtc_ops; + + err = optee_rtc_read_info(dev, rtc, &priv->features); + if (err) { + dev_err(dev, "Failed to get RTC features from OP-TEE\n"); + goto out_shm; + } + + err = devm_rtc_register_device(rtc); + if (err) + goto out_shm; + + /* + * We must clear this bit after registering because rtc_register_device + * will set it if it sees that .set_offset is provided. + */ + if (!(priv->features & TA_RTC_FEATURE_CORRECTION)) + clear_bit(RTC_FEATURE_CORRECTION, rtc->features); + + return 0; + +out_shm: + tee_shm_free(priv->shm); +out_sess: + tee_client_close_session(priv->ctx, priv->session_id); +out_ctx: + tee_client_close_context(priv->ctx); + + return err; +} + +static int optee_rtc_remove(struct device *dev) +{ + struct optee_rtc *priv = dev_get_drvdata(dev); + + tee_client_close_session(priv->ctx, priv->session_id); + tee_client_close_context(priv->ctx); + + return 0; +} + +static const struct tee_client_device_id optee_rtc_id_table[] = { + {UUID_INIT(0xf389f8c8, 0x845f, 0x496c, + 0x8b, 0xbe, 0xd6, 0x4b, 0xd2, 0x4c, 0x92, 0xfd)}, + {} +}; + +MODULE_DEVICE_TABLE(tee, optee_rtc_id_table); + +static struct tee_client_driver optee_rtc_driver = { + .id_table = optee_rtc_id_table, + .driver = { + .name = "optee_rtc", + .bus = &tee_bus_type, + .probe = optee_rtc_probe, + .remove = optee_rtc_remove, + }, +}; + +static int __init optee_rtc_mod_init(void) +{ + return driver_register(&optee_rtc_driver.driver); +} + +static void __exit optee_rtc_mod_exit(void) +{ + driver_unregister(&optee_rtc_driver.driver); +} + +module_init(optee_rtc_mod_init); +module_exit(optee_rtc_mod_exit); + +MODULE_LICENSE("GPL v2"); +MODULE_AUTHOR("Clément Léger <clement.leger(a)bootlin.com>"); +MODULE_DESCRIPTION("OP-TEE based RTC driver"); -- 2.34.1

4 years, 2 months

2
3
0 0

[PATCH v2] rtc: optee: add RTC driver for OP-TEE RTC PTA

by Clément Léger

This drivers allows to communicate with a RTC PTA handled by OP-TEE [1]. This PTA allows to query RTC information, set/get time and set/get offset depending on the supported features. [1] https://github.com/OP-TEE/optee_os/pull/5179 Signed-off-by: Clément Léger <clement.leger(a)bootlin.com> --- Changes in v2: - Rebased over tee-shm-for-v5.18 - Switch to tee_shm_alloc_kernel_buf() - Use export_uuid() to copy uuid - Fix warnings reported by checkpatch - Free SHM in error exit path MAINTAINERS | 6 + drivers/rtc/Kconfig | 10 + drivers/rtc/Makefile | 1 + drivers/rtc/rtc-optee.c | 396 ++++++++++++++++++++++++++++++++++++++++ 4 files changed, 413 insertions(+) create mode 100644 drivers/rtc/rtc-optee.c diff --git a/MAINTAINERS b/MAINTAINERS index f41088418aae..b21375ad73d2 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -14361,6 +14361,12 @@ L: op-tee(a)lists.trustedfirmware.org S: Maintained F: drivers/char/hw_random/optee-rng.c +OP-TEE RTC DRIVER +M: Clément Léger <clement.leger(a)bootlin.com> +L: linux-rtc(a)vger.kernel.org +S: Maintained +F: drivers/rtc/rtc-optee.c + OPA-VNIC DRIVER M: Dennis Dalessandro <dennis.dalessandro(a)cornelisnetworks.com> M: Mike Marciniszyn <mike.marciniszyn(a)cornelisnetworks.com> diff --git a/drivers/rtc/Kconfig b/drivers/rtc/Kconfig index d85a3c31347c..b10d88db8e9c 100644 --- a/drivers/rtc/Kconfig +++ b/drivers/rtc/Kconfig @@ -1293,6 +1293,16 @@ config RTC_DRV_OPAL This driver can also be built as a module. If so, the module will be called rtc-opal. +config RTC_DRV_OPTEE + tristate "OP-TEE based RTC driver" + depends on OPTEE + help + Select this to get support for OP-TEE based RTC control on ARM SoCs + where RTC are not accessible to the normal world (Linux). + + This driver can also be built as a module. If so, the module + will be called rtc-optee. + config RTC_DRV_ZYNQMP tristate "Xilinx Zynq Ultrascale+ MPSoC RTC" depends on OF && HAS_IOMEM diff --git a/drivers/rtc/Makefile b/drivers/rtc/Makefile index e92f3e943245..2d827d8261d5 100644 --- a/drivers/rtc/Makefile +++ b/drivers/rtc/Makefile @@ -115,6 +115,7 @@ obj-$(CONFIG_RTC_DRV_GAMECUBE) += rtc-gamecube.o obj-$(CONFIG_RTC_DRV_NTXEC) += rtc-ntxec.o obj-$(CONFIG_RTC_DRV_OMAP) += rtc-omap.o obj-$(CONFIG_RTC_DRV_OPAL) += rtc-opal.o +obj-$(CONFIG_RTC_DRV_OPTEE) += rtc-optee.o obj-$(CONFIG_RTC_DRV_PALMAS) += rtc-palmas.o obj-$(CONFIG_RTC_DRV_PCAP) += rtc-pcap.o obj-$(CONFIG_RTC_DRV_PCF2123) += rtc-pcf2123.o diff --git a/drivers/rtc/rtc-optee.c b/drivers/rtc/rtc-optee.c new file mode 100644 index 000000000000..7177c9d4675a --- /dev/null +++ b/drivers/rtc/rtc-optee.c @@ -0,0 +1,396 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Copyright (C) 2022 Microchip. + */ + +#include <linux/device.h> +#include <linux/kernel.h> +#include <linux/module.h> +#include <linux/rtc.h> +#include <linux/tee_drv.h> + +#define RTC_INFO_VERSION 0x1 + +#define TA_CMD_RTC_GET_INFO 0x0 +#define TA_CMD_RTC_GET_TIME 0x1 +#define TA_CMD_RTC_SET_TIME 0x2 +#define TA_CMD_RTC_GET_OFFSET 0x3 +#define TA_CMD_RTC_SET_OFFSET 0x4 + +#define TA_RTC_FEATURE_CORRECTION BIT(0) + +struct optee_rtc_time { + u32 tm_sec; + u32 tm_min; + u32 tm_hour; + u32 tm_mday; + u32 tm_mon; + u32 tm_year; + u32 tm_wday; +}; + +struct optee_rtc_info { + u64 version; + u64 features; + struct optee_rtc_time range_min; + struct optee_rtc_time range_max; +}; + +/** + * struct optee_rtc - OP-TEE RTC private data + * @dev: OP-TEE based RTC device. + * @ctx: OP-TEE context handler. + * @session_id: RTC TA session identifier. + * @shm: Memory pool shared with RTC device. + * @features: Bitfield of RTC features + */ +struct optee_rtc { + struct device *dev; + struct tee_context *ctx; + u32 session_id; + struct tee_shm *shm; + u64 features; +}; + +static int optee_rtc_readtime(struct device *dev, struct rtc_time *tm) +{ + struct optee_rtc *priv = dev_get_drvdata(dev); + struct tee_ioctl_invoke_arg inv_arg = {0}; + struct optee_rtc_time *optee_tm; + struct tee_param param[4] = {0}; + int ret; + + inv_arg.func = TA_CMD_RTC_GET_TIME; + inv_arg.session = priv->session_id; + inv_arg.num_params = 4; + + /* Fill invoke cmd params */ + param[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT; + param[0].u.memref.shm = priv->shm; + param[0].u.memref.size = sizeof(struct optee_rtc_time); + param[0].u.memref.shm_offs = 0; + + ret = tee_client_invoke_func(priv->ctx, &inv_arg, param); + if (ret < 0 || inv_arg.ret != 0) { + dev_err(dev, "TA_CMD_RTC_GET_TIME invoke err: %x\n", + inv_arg.ret); + return ret; + } + + optee_tm = tee_shm_get_va(priv->shm, 0); + if (IS_ERR(optee_tm)) { + dev_err(dev, "tee_shm_get_va failed\n"); + return PTR_ERR(optee_tm); + } + + if (param[0].u.memref.size != sizeof(*optee_tm)) { + dev_err(dev, "Invalid read size from OPTEE\n"); + return -EINVAL; + } + + tm->tm_sec = optee_tm->tm_sec; + tm->tm_min = optee_tm->tm_min; + tm->tm_hour = optee_tm->tm_hour; + tm->tm_mday = optee_tm->tm_mday; + tm->tm_mon = optee_tm->tm_mon; + tm->tm_year = optee_tm->tm_year - 1900; + tm->tm_wday = optee_tm->tm_wday; + tm->tm_yday = rtc_year_days(tm->tm_mday, tm->tm_mon, tm->tm_year); + + return 0; +} + +static int optee_rtc_settime(struct device *dev, struct rtc_time *tm) +{ + struct optee_rtc *priv = dev_get_drvdata(dev); + struct tee_ioctl_invoke_arg inv_arg = {0}; + struct tee_param param[4] = {0}; + struct optee_rtc_time optee_tm; + void *rtc_data; + int ret; + + optee_tm.tm_sec = tm->tm_sec; + optee_tm.tm_min = tm->tm_min; + optee_tm.tm_hour = tm->tm_hour; + optee_tm.tm_mday = tm->tm_mday; + optee_tm.tm_mon = tm->tm_mon; + optee_tm.tm_year = tm->tm_year + 1900; + optee_tm.tm_wday = tm->tm_wday; + + inv_arg.func = TA_CMD_RTC_SET_TIME; + inv_arg.session = priv->session_id; + inv_arg.num_params = 4; + + param[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INPUT; + param[0].u.memref.shm = priv->shm; + param[0].u.memref.size = sizeof(struct optee_rtc_time); + param[0].u.memref.shm_offs = 0; + + rtc_data = tee_shm_get_va(priv->shm, 0); + if (IS_ERR(rtc_data)) { + dev_err(dev, "tee_shm_get_va failed\n"); + return PTR_ERR(rtc_data); + } + + memcpy(rtc_data, &optee_tm, sizeof(struct optee_rtc_time)); + + ret = tee_client_invoke_func(priv->ctx, &inv_arg, param); + if (ret < 0 || inv_arg.ret != 0) { + dev_err(dev, "TA_CMD_RTC_GET_TIME invoke err: %x\n", + inv_arg.ret); + return ret; + } + + return 0; +} + +static int optee_rtc_readoffset(struct device *dev, long *offset) +{ + struct optee_rtc *priv = dev_get_drvdata(dev); + struct tee_ioctl_invoke_arg inv_arg = {0}; + struct tee_param param[4] = {0}; + int ret; + + if (!(priv->features & TA_RTC_FEATURE_CORRECTION)) + return -EOPNOTSUPP; + + inv_arg.func = TA_CMD_RTC_GET_OFFSET; + inv_arg.session = priv->session_id; + inv_arg.num_params = 4; + + param[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_OUTPUT; + + ret = tee_client_invoke_func(priv->ctx, &inv_arg, param); + if (ret < 0 || inv_arg.ret != 0) { + dev_err(dev, "TA_CMD_RTC_GET_RNG_INFO invoke err: %x\n", + inv_arg.ret); + return -EINVAL; + } + + *offset = param[0].u.value.a; + + return 0; +} + +static int optee_rtc_setoffset(struct device *dev, long offset) +{ + struct optee_rtc *priv = dev_get_drvdata(dev); + struct tee_ioctl_invoke_arg inv_arg = {0}; + struct tee_param param[4] = {0}; + int ret; + + if (!(priv->features & TA_RTC_FEATURE_CORRECTION)) + return -EOPNOTSUPP; + + inv_arg.func = TA_CMD_RTC_SET_OFFSET; + inv_arg.session = priv->session_id; + inv_arg.num_params = 4; + + param[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; + param[0].u.value.a = offset; + + ret = tee_client_invoke_func(priv->ctx, &inv_arg, param); + if (ret < 0 || inv_arg.ret != 0) { + dev_err(dev, "TA_CMD_RTC_GET_RNG_INFO invoke err: %x\n", + inv_arg.ret); + return -EINVAL; + } + + return 0; +} + +static const struct rtc_class_ops optee_rtc_ops = { + .read_time = optee_rtc_readtime, + .set_time = optee_rtc_settime, + .set_offset = optee_rtc_setoffset, + .read_offset = optee_rtc_readoffset, +}; + +static int optee_rtc_read_info(struct device *dev, struct rtc_device *rtc, + u64 *features) +{ + struct optee_rtc *priv = dev_get_drvdata(dev); + struct tee_ioctl_invoke_arg inv_arg = {0}; + struct tee_param param[4] = {0}; + struct optee_rtc_info *info; + struct optee_rtc_time *tm; + int ret; + + inv_arg.func = TA_CMD_RTC_GET_INFO; + inv_arg.session = priv->session_id; + inv_arg.num_params = 4; + + param[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT; + param[0].u.memref.shm = priv->shm; + param[0].u.memref.size = sizeof(*info); + param[0].u.memref.shm_offs = 0; + + ret = tee_client_invoke_func(priv->ctx, &inv_arg, param); + if (ret < 0 || inv_arg.ret != 0) { + dev_err(dev, "TA_CMD_RTC_GET_RNG_INFO invoke err: %x\n", + inv_arg.ret); + return -EINVAL; + } + + info = tee_shm_get_va(priv->shm, 0); + if (IS_ERR(info)) { + dev_err(dev, "tee_shm_get_va failed\n"); + return PTR_ERR(info); + } + + if (param[0].u.memref.size != sizeof(*info)) { + dev_err(dev, "Invalid read size from OPTEE\n"); + return -EINVAL; + } + + if (info->version != RTC_INFO_VERSION) { + dev_err(dev, "Unsupported information version %llu\n", + info->version); + return -EINVAL; + } + + *features = info->features; + + tm = &info->range_min; + rtc->range_min = mktime64(tm->tm_year, tm->tm_mon, tm->tm_mday, + tm->tm_hour, tm->tm_min, tm->tm_sec); + tm = &info->range_max; + rtc->range_max = mktime64(tm->tm_year, tm->tm_mon, tm->tm_mday, + tm->tm_hour, tm->tm_min, tm->tm_sec); + + return 0; +} + +static int optee_ctx_match(struct tee_ioctl_version_data *ver, const void *data) +{ + if (ver->impl_id == TEE_IMPL_ID_OPTEE) + return 1; + else + return 0; +} + +static int optee_rtc_probe(struct device *dev) +{ + struct tee_client_device *rtc_device = to_tee_client_device(dev); + struct tee_ioctl_open_session_arg sess_arg; + struct optee_rtc *priv; + struct rtc_device *rtc; + struct tee_shm *shm; + int ret, err; + + memset(&sess_arg, 0, sizeof(sess_arg)); + + priv = devm_kzalloc(dev, sizeof(*priv), GFP_KERNEL); + if (!priv) + return -ENOMEM; + + rtc = devm_rtc_allocate_device(dev); + if (IS_ERR(rtc)) + return PTR_ERR(rtc); + + /* Open context with TEE driver */ + priv->ctx = tee_client_open_context(NULL, optee_ctx_match, NULL, NULL); + if (IS_ERR(priv->ctx)) + return -ENODEV; + + /* Open session with rtc Trusted App */ + export_uuid(sess_arg.uuid, &rtc_device->id.uuid); + sess_arg.clnt_login = TEE_IOCTL_LOGIN_REE_KERNEL; + sess_arg.num_params = 0; + + ret = tee_client_open_session(priv->ctx, &sess_arg, NULL); + if (ret < 0 || sess_arg.ret != 0) { + dev_err(dev, "tee_client_open_session failed, err: %x\n", + sess_arg.ret); + err = -EINVAL; + goto out_ctx; + } + priv->session_id = sess_arg.session; + + shm = tee_shm_alloc_kernel_buf(priv->ctx, + sizeof(struct optee_rtc_info)); + if (IS_ERR(shm)) { + dev_err(priv->dev, "tee_shm_alloc failed\n"); + err = PTR_ERR(shm); + goto out_sess; + } + + priv->shm = shm; + priv->dev = dev; + dev_set_drvdata(dev, priv); + + rtc->ops = &optee_rtc_ops; + + err = optee_rtc_read_info(dev, rtc, &priv->features); + if (err) { + dev_err(dev, "Failed to get RTC features from OP-TEE\n"); + goto out_shm; + } + + err = devm_rtc_register_device(rtc); + if (err) + goto out_shm; + + /* + * We must clear this bit after registering because rtc_register_device + * will set it if it sees that .set_offset is provided. + */ + if (!(priv->features & TA_RTC_FEATURE_CORRECTION)) + clear_bit(RTC_FEATURE_CORRECTION, rtc->features); + + return 0; + +out_shm: + tee_shm_free(priv->shm); +out_sess: + tee_client_close_session(priv->ctx, priv->session_id); +out_ctx: + tee_client_close_context(priv->ctx); + + return err; +} + +static int optee_rtc_remove(struct device *dev) +{ + struct optee_rtc *priv = dev_get_drvdata(dev); + + tee_client_close_session(priv->ctx, priv->session_id); + tee_client_close_context(priv->ctx); + + return 0; +} + +static const struct tee_client_device_id optee_rtc_id_table[] = { + {UUID_INIT(0xf389f8c8, 0x845f, 0x496c, + 0x8b, 0xbe, 0xd6, 0x4b, 0xd2, 0x4c, 0x92, 0xfd)}, + {} +}; + +MODULE_DEVICE_TABLE(tee, optee_rtc_id_table); + +static struct tee_client_driver optee_rtc_driver = { + .id_table = optee_rtc_id_table, + .driver = { + .name = "optee_rtc", + .bus = &tee_bus_type, + .probe = optee_rtc_probe, + .remove = optee_rtc_remove, + }, +}; + +static int __init optee_rtc_mod_init(void) +{ + return driver_register(&optee_rtc_driver.driver); +} + +static void __exit optee_rtc_mod_exit(void) +{ + driver_unregister(&optee_rtc_driver.driver); +} + +module_init(optee_rtc_mod_init); +module_exit(optee_rtc_mod_exit); + +MODULE_LICENSE("GPL v2"); +MODULE_AUTHOR("Clément Léger <clement.leger(a)bootlin.com>"); +MODULE_DESCRIPTION("OP-TEE based RTC driver"); -- 2.34.1

4 years, 2 months

1
0
0 0

Secure Storage Applications

by Manorit Chawdhry

Hi, I have been exploring secure storage in OP-TEE for a few days and I need some help in putting some files into it. I have been trying to find some tool which could help me put any files from Linux into secure storage and retrieve them back later so that I could see secure storage in action but haven't been able to find any yet. Is there any tool which you guys might know of which helps put files in secure storage and retrieve them back later? Best Regards, Manorit

4 years, 2 months

4
5
0 0

[PATCH v4 00/10] tee: shared memory updates

by Jens Wiklander

Hi all, This patchset is a general cleanup of shared memory handling in the TEE subsystem. Until now has the in-kernel tee clients used tee_shm_alloc() and tee_shm_register() to share memory with secure world. These two function exposes via a flags parameter a bit more of the internals of the TEE subsystem than one would like. So in order to make things easier are those two functions replaced by few functions which should provide better abstraction. Two in-kernel tee clients are updated to use these new functions. The shared memory pool handling is simplified, an internal matter for the two TEE drivers OP-TEE and AMDTEE. In the v3 review it was suggested [1] to break out "optee: add driver private tee_context" and "optee: use driver internal tee_contex for some rpc" into a separate patch to fix to allow those a faster path upstream as they fix reported problems. So this patchset is now rebased on top of those patches separated. This patchset is based on [2] and is also available at [3]. Thanks, Jens [1] https://lore.kernel.org/lkml/20220125162938.838382-1-jens.wiklander@linaro.… [2] https://git.linaro.org/people/jens.wiklander/linux-tee.git/log/?h=fixes [3] https://git.linaro.org/people/jens.wiklander/linux-tee.git/log/?h=tee_shm_v4 v3->v4: * Broke out "optee: add driver private tee_context" and "optee: use driver internal tee_contex for some rpc" into a separate patch as that fixes earlier reported issues and deserves a to go into v5.17 and stable trees. * Rebased on the recent fixes for the OP-TEE driver on top of v5.17-rc2 * All patches are now reviewed by Sumit Garg + some small fixes from the last review v2->v3: * Make tee_shm_alloc_user_buf() and tee_shm_register_user_buf() internal and don't export them to the drivers. * Rename tee_shm_alloc_priv_kernel_buf() to tee_shm_alloc_priv_buf() * Adressing comments on variable names and choice of types in "tee: replace tee_shm_register()" * Adding detailed explaination on alignment in "tee: simplify shm pool handling" * Added Sumits R-B on a few of the patches v1->v2: * The commits three "tee: add tee_shm_alloc_kernel_buf()", "tpm_ftpm_tee: use tee_shm_alloc_kernel_buf()" and "firmware: tee_bnxt: use tee_shm_alloc_kernel_buf()" has been merged some time ago as part of another patchset. * Another in-kernel tee client is updated with the commit "KEYS: trusted: tee: use tee_shm_register_kernel_buf()" * tee_shm_alloc_anon_kernel_buf() is replaced with an easier to use function tee_shm_alloc_priv_kernel_buf() and tee_shm_free_anon_kernel_buf() has been dropped. * A driver internal struct tee_context is used to when doing driver internal calls to secure world. * Adds patches to replace tee_shm_register() in a similar way as how tee_shm_alloc() is replaced. * A patch is added to clean up the TEE_SHM_* flags * Fixed a warning reported by kernel test robot <lkp(a)intel.com> Jens Wiklander (10): hwrng: optee-rng: use tee_shm_alloc_kernel_buf() tee: remove unused tee_shm_pool_alloc_res_mem() tee: add tee_shm_alloc_user_buf() tee: simplify shm pool handling tee: replace tee_shm_alloc() optee: add optee_pool_op_free_helper() tee: add tee_shm_register_{user,kernel}_buf() KEYS: trusted: tee: use tee_shm_register_kernel_buf() tee: replace tee_shm_register() tee: refactor TEE_SHM_* flags drivers/char/hw_random/optee-rng.c | 6 +- drivers/tee/amdtee/shm_pool.c | 55 ++-- drivers/tee/optee/Kconfig | 8 - drivers/tee/optee/call.c | 2 +- drivers/tee/optee/core.c | 21 +- drivers/tee/optee/device.c | 5 +- drivers/tee/optee/ffa_abi.c | 63 ++--- drivers/tee/optee/optee_private.h | 7 +- drivers/tee/optee/smc_abi.c | 125 +++------ drivers/tee/tee_core.c | 5 +- drivers/tee/tee_private.h | 15 +- drivers/tee/tee_shm.c | 320 +++++++++++++++-------- drivers/tee/tee_shm_pool.c | 162 +++--------- include/linux/tee_drv.h | 138 +++------- security/keys/trusted-keys/trusted_tee.c | 23 +- 15 files changed, 388 insertions(+), 567 deletions(-) -- 2.31.1

4 years, 2 months

2
15
0 0

OP-TEE S-EL1 SPMC status

by Jelle Sels

Hi all, As part of Trusted Services project we are extending OP-TEE to be a full complaint FF-A S-EL1 SPMC. This work is still on going but some of the Trusted Services applications are already compatible. We created https://developer.trustedfirmware.org/w/trusted-services/op-tee-spmc/ which gives the current status of the SPMC work and can be a starting point for everyone who wants to get started with the Trusted Services or OP-TEE as a S-EL1 SPMC. Please feel free to ask any questions on the Trusted Service and the OP-TEE mailing list. https://lists.trustedfirmware.org/mailman3/lists/trusted-services.lists.tru… https://lists.trustedfirmware.org/mailman3/lists/op-tee.lists.trustedfirmwa… Regards, Jelle

4 years, 2 months

1
0
0 0

Linaro OP-TEE Contribution (LOC) monthly meeting Feb 2022

by Ruchika Gupta

Hi, OP-TEE Contributions (LOC) monthly meeting is planned for Thursday Feb 24 @16.00 (UTC). We have following on the agenda - SDP DT Configuration, Olivier Masse, NXP If you have any more topics you'd like to discuss, please let us know and we can schedule them. Meeting details: --------------- Date/time: Feb 24(a)16.00 (UTC) https://everytimezone.com/s/fef76b1b Connection details: https://www.trustedfirmware.org/meetings/ Meeting notes: http://bit.ly/loc-notes Regards, Ruchika on behalf of the Linaro OP-TEE team

4 years, 2 months

1
1
0 0

[PATCH v3] tee: make tee_shm_register_kernel_buf vmalloc supported

by Phil Chang

In some low-memory devices, it's hard to aquire large-orders pages, this patch allowed user using scatter pages to register shm. Signed-off-by: Phil Chang <phil.chang(a)mediatek.com> --- Changelog v2 -> v3: use the "n" variable to walk through "page_count" drivers/tee/optee/call.c | 2 +- drivers/tee/tee_shm.c | 37 ++++++++++++++++++++++++++----------- 2 files changed, 27 insertions(+), 12 deletions(-) diff --git a/drivers/tee/optee/call.c b/drivers/tee/optee/call.c index bd49ec934060..2082e632adff 100644 --- a/drivers/tee/optee/call.c +++ b/drivers/tee/optee/call.c @@ -362,7 +362,7 @@ int optee_check_mem_type(unsigned long start, size_t num_pages) * Allow kernel address to register with OP-TEE as kernel * pages are configured as normal memory only. */ - if (virt_addr_valid(start)) + if (virt_addr_valid(start) || is_vmalloc_addr((void *)start)) return 0; mmap_read_lock(mm); diff --git a/drivers/tee/tee_shm.c b/drivers/tee/tee_shm.c index f31e29e8f1ca..1412adad9397 100644 --- a/drivers/tee/tee_shm.c +++ b/drivers/tee/tee_shm.c @@ -23,21 +23,36 @@ static void shm_put_kernel_pages(struct page **pages, size_t page_count) static int shm_get_kernel_pages(unsigned long start, size_t page_count, struct page **pages) { - struct kvec *kiov; - size_t n; int rc; + size_t n; - kiov = kcalloc(page_count, sizeof(*kiov), GFP_KERNEL); - if (!kiov) - return -ENOMEM; + if (is_vmalloc_addr((void *)start)) { + struct page *page; - for (n = 0; n < page_count; n++) { - kiov[n].iov_base = (void *)(start + n * PAGE_SIZE); - kiov[n].iov_len = PAGE_SIZE; - } + for (n = 0; n < page_count; n++) { + page = vmalloc_to_page((void *)(start + PAGE_SIZE * n)); + if (!page) + return -ENOMEM; + + get_page(page); + pages[n] = page; + } + rc = page_count; + } else { + struct kvec *kiov; - rc = get_kernel_pages(kiov, page_count, 0, pages); - kfree(kiov); + kiov = kcalloc(page_count, sizeof(*kiov), GFP_KERNEL); + if (!kiov) + return -ENOMEM; + + for (n = 0; n < page_count; n++) { + kiov[n].iov_base = (void *)(start + n * PAGE_SIZE); + kiov[n].iov_len = PAGE_SIZE; + } + + rc = get_kernel_pages(kiov, page_count, 0, pages); + kfree(kiov); + } return rc; } -- 2.25.1

4 years, 2 months

2
1
0 0

[GIT PULL] tee: shared memory updates for v5.18

by Jens Wiklander

Hello arm-soc maintainers, Please pull this TEE shared memory cleanup. Some kernel internal APIs are replaced with easier to use counter parts. The TEE shared memory pool is also simplified. Note that this pull request includes two patches which are outside the TEE subsystem: - 231b1fc5da09 ("KEYS: trusted: tee: use tee_shm_register_kernel_buf()") - e7ddab084740 ("hwrng: optee-rng: use tee_shm_alloc_kernel_buf()") Those patches are reviewed by their maintainer. I've also asked the maintainers that normally sends patches upstream for these modules if it's OK that I take these patches via my tree. As I got no answer I assume that it's OK. This pull request is on top of the patch, aceeafefff73 ("optee: use driver internal tee_context for some rpc"), I've already sent (and has since been merged) for the 5.17 kernel. That's why I'm not including it in the stat. Thanks, Jens The following changes since commit aceeafefff736057e8f93f19bbfbef26abd94604: optee: use driver internal tee_context for some rpc (2022-02-03 13:36:32 +0100) are available in the Git repository at: git://git.linaro.org:/people/jens.wiklander/linux-tee.git tags/tee-shm-for-v5.18 for you to fetch changes up to a45ea4efa358577c623d7353a6ba9af3c17f6ca0: tee: refactor TEE_SHM_* flags (2022-02-16 07:49:41 +0100) ---------------------------------------------------------------- TEE shared memory cleanup for v5.18 - The TEE shared memory pool based on two pools is replaced with a single somewhat more capable pool. - Replaces tee_shm_alloc() and tee_shm_register() with new functions easier to use and maintain. The TEE subsystem and the TEE drivers are updated to use the new functions instead. - The TEE based Trusted keys routines are updated to use the new simplified functions above. - The OP-TEE based rng driver is updated to use the new simplified functions above. - The TEE_SHM-flags are refactored to better match their usage ---------------------------------------------------------------- Jens Wiklander (10): hwrng: optee-rng: use tee_shm_alloc_kernel_buf() tee: remove unused tee_shm_pool_alloc_res_mem() tee: add tee_shm_alloc_user_buf() tee: simplify shm pool handling tee: replace tee_shm_alloc() optee: add optee_pool_op_free_helper() tee: add tee_shm_register_{user,kernel}_buf() KEYS: trusted: tee: use tee_shm_register_kernel_buf() tee: replace tee_shm_register() tee: refactor TEE_SHM_* flags drivers/char/hw_random/optee-rng.c | 6 +- drivers/tee/amdtee/shm_pool.c | 55 ++---- drivers/tee/optee/Kconfig | 8 - drivers/tee/optee/call.c | 2 +- drivers/tee/optee/core.c | 21 +- drivers/tee/optee/device.c | 5 +- drivers/tee/optee/ffa_abi.c | 63 ++---- drivers/tee/optee/optee_private.h | 7 +- drivers/tee/optee/smc_abi.c | 125 ++++-------- drivers/tee/tee_core.c | 5 +- drivers/tee/tee_private.h | 15 +- drivers/tee/tee_shm.c | 320 ++++++++++++++++++++----------- drivers/tee/tee_shm_pool.c | 162 ++++------------ include/linux/tee_drv.h | 138 +++---------- security/keys/trusted-keys/trusted_tee.c | 23 +-- 15 files changed, 388 insertions(+), 567 deletions(-)

4 years, 3 months

1
0
0 0

[GIT PULL] AMDTEE simplification for v5.18

by Jens Wiklander

Hello arm-soc maintainers, Please pull this small AMDTEE driver simplification to use the LIST_HEAD() macro instead for a global variable. Note that this isn't a usual Arm driver update. This targets AMD instead, but is part of the TEE subsystem. Thanks, Jens The following changes since commit 26291c54e111ff6ba87a164d85d4a4e134b7315c: Linux 5.17-rc2 (2022-01-30 15:37:07 +0200) are available in the Git repository at: git://git.linaro.org:/people/jens.wiklander/linux-tee.git tags/amdtee-for-v5.18 for you to fetch changes up to f7b67642dd98617dc569836cdcba041c7ff00cbb: tee: amdtee: Make use of the helper macro LIST_HEAD() (2022-02-14 10:57:55 +0100) ---------------------------------------------------------------- Small simplification in AMDTE driver ---------------------------------------------------------------- Cai Huoqing (1): tee: amdtee: Make use of the helper macro LIST_HEAD() drivers/tee/amdtee/call.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)

4 years, 3 months

1
0
0 0

[PATCH] tee: make tee_shm_register_kernel_buf vmalloc supported

by Phil Chang

In some low-memory devices, it's hard to aquire large-orders pages, this patch allowed user using scatter pages to register shm. Signed-off-by: Phil Chang <phil.chang(a)mediatek.com> --- drivers/tee/optee/call.c | 2 +- drivers/tee/tee_shm.c | 40 ++++++++++++++++++++++++++++------------ 2 files changed, 29 insertions(+), 13 deletions(-) diff --git a/drivers/tee/optee/call.c b/drivers/tee/optee/call.c index bd49ec934060..2082e632adff 100644 --- a/drivers/tee/optee/call.c +++ b/drivers/tee/optee/call.c @@ -362,7 +362,7 @@ int optee_check_mem_type(unsigned long start, size_t num_pages) * Allow kernel address to register with OP-TEE as kernel * pages are configured as normal memory only. */ - if (virt_addr_valid(start)) + if (virt_addr_valid(start) || is_vmalloc_addr((void *)start)) return 0; mmap_read_lock(mm); diff --git a/drivers/tee/tee_shm.c b/drivers/tee/tee_shm.c index f31e29e8f1ca..861403588485 100644 --- a/drivers/tee/tee_shm.c +++ b/drivers/tee/tee_shm.c @@ -23,22 +23,38 @@ static void shm_put_kernel_pages(struct page **pages, size_t page_count) static int shm_get_kernel_pages(unsigned long start, size_t page_count, struct page **pages) { - struct kvec *kiov; - size_t n; int rc; - kiov = kcalloc(page_count, sizeof(*kiov), GFP_KERNEL); - if (!kiov) - return -ENOMEM; - - for (n = 0; n < page_count; n++) { - kiov[n].iov_base = (void *)(start + n * PAGE_SIZE); - kiov[n].iov_len = PAGE_SIZE; + if (is_vmalloc_addr((void *)start)) { + struct page *page; + int i; + + for (i = 0; i < page_count; i++) { + page = vmalloc_to_page((void *)(start + PAGE_SIZE * i)); + if (!page) + return -ENOMEM; + + get_page(page); + pages[i] = page; + } + rc = page_count; + } else { + struct kvec *kiov; + size_t n; + + kiov = kcalloc(page_count, sizeof(*kiov), GFP_KERNEL); + if (!kiov) + return -ENOMEM; + + for (n = 0; n < page_count; n++) { + kiov[n].iov_base = (void *)(start + n * PAGE_SIZE); + kiov[n].iov_len = PAGE_SIZE; + } + + rc = get_kernel_pages(kiov, page_count, 0, pages); + kfree(kiov); } - rc = get_kernel_pages(kiov, page_count, 0, pages); - kfree(kiov); - return rc; } -- 2.25.1

4 years, 3 months

2
1
0 0

2026

2025

2024

2023

2022

2021

2020

OP-TEE