- OP-TEE - lists.trustedfirmware.org

[PATCH] optee: Add __init/__exit annotations to module init/exit funcs

by Xiu Jianfeng

Add missing __init/__exit annotations to module init/exit funcs. Signed-off-by: Xiu Jianfeng <xiujianfeng(a)huawei.com> --- drivers/tee/optee/core.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/tee/optee/core.c b/drivers/tee/optee/core.c index daf07737c4fd..2a258bd3b6b5 100644 --- a/drivers/tee/optee/core.c +++ b/drivers/tee/optee/core.c @@ -188,7 +188,7 @@ void optee_remove_common(struct optee *optee) static int smc_abi_rc; static int ffa_abi_rc; -static int optee_core_init(void) +static int __init optee_core_init(void) { /* * The kernel may have crashed at the same time that all available @@ -210,7 +210,7 @@ static int optee_core_init(void) } module_init(optee_core_init); -static void optee_core_exit(void) +static void __exit optee_core_exit(void) { if (!smc_abi_rc) optee_smc_abi_unregister(); -- 2.17.1

3 years, 8 months

3
2
0 0

Preparing for OP-TEE 3.19.0

by Jérôme Forissier

[BCC all OP-TEE maintainers] Hi OP-TEE maintainers & contributors, OP-TEE v3.19.0 is scheduled to be released on 2022-10-14. So, now is a good time to start testing the master branch on the various platforms and report/fix any bugs. The GitHub pull request for collecting Tested-by tags or any other comments is https://github.com/OP-TEE/optee_os/pull/5550 As usual, we will create a release candidate tag one week before the release date for final testing. In addition to that you can find some additional information related to releases here: https://optee.readthedocs.io/en/latest/general/releases.html Thanks, -- Jerome

3 years, 8 months

1
1
0 0

Linaro OP-TEE Contributions (LOC) monthly meeting

by Jens Wiklander

Hi, We don't have any topics for the meeting today, so let's cancel it. The time slot we've allocated for this meeting is either bad or worse for me so I'd like to try and find a new time slot. Please use the doodle link [1] below to record your preferences. The doodle poll is public so feel free to email me directly instead in case you're more comfortable with that. This is my first time creating a doodle poll, so apologies if I've made a mess of it. As noted in the poll we're looking for a day and time in the fourth week of the month. We're using the CET time zone as many of us are in the time zone. If you can't find any time that works for you please send me a mail with more suitable times and I'll try to work out something. Let's give this a week or so to possibly settle on a new time slot. [1] https://doodle.com/meeting/participate/id/dJqR4Eyb Thanks, Jens

3 years, 8 months

1
2
0 0

[PATCH 0/4] Remove get_kernel_pages()

by ira.weiny＠intel.com

From: Ira Weiny <ira.weiny(a)intel.com> get_kernel_pages() only had one caller [shm_get_kernel_pages()] which did not need the functionality it provided. Furthermore, it called kmap_to_page() which we are looking to removed. Alter shm_get_kernel_pages() to no longer call get_kernel_pages() and remove get_kernel_pages(). Along the way it was noted that shm_get_kernel_pages() does not have any need to support vmalloc'ed addresses either. Remove that functionality to clean up the logic. This series also fixes and uses is_kmap_addr(). Ira Weiny (4): highmem: Enhance is_kmap_addr() to check kmap_local_page() mappings tee: Remove vmalloc page support tee: Remove call to get_kernel_pages() mm: Remove get_kernel_pages() drivers/tee/tee_shm.c | 41 ++++++++++++-------------------- include/linux/highmem-internal.h | 5 +++- include/linux/mm.h | 2 -- mm/swap.c | 30 ----------------------- 4 files changed, 19 insertions(+), 59 deletions(-) base-commit: 274d7803837da78dfc911bcda0d593412676fc20 -- 2.37.2

3 years, 8 months

7
14
0 0

[PATCH v3 00/10] firmware: arm_ffa: Refactoring and initial/minor v1.1 update

by Sudeep Holla

Hi All, This series is just some refactoring in preparation to add FF-A v1.1 support. It doesn't have any memory layout or notification changes supported in v1.1 yet. Regards, Sudeep v2[2]->v3: - Fixed the logic to set 32bit mode which was wrong. - Ensured that we advance each partition info size by returned size even if the size is greater than the partition_info structure, we will still just copy the right size. v1[1]->v2[2]: - Merged dropping of ffa_ops in optee_ffa structure and using ffa_dev->ops into single patch - Added separate patch(didn't fit any patch strictly to fit in) to rename ffa_dev_ops as ffa_ops as suggested by Sumit - Fixed some minor comments, handling size > structure size in partition_info_get and added extra parameter to ffa_features to get both possible output/interface properties. [1] https://lore.kernel.org/all/20220830100700.344594-1-sudeep.holla@arm.com [2] https://lore.kernel.org/all/20220902124032.788488-1-sudeep.holla@arm.com Sudeep Holla (10): firmware: arm_ffa: Add pointer to the ffa_dev_ops in struct ffa_dev tee: optee: Drop ffa_ops in optee_ffa structure using ffa_dev->ops directly firmware: arm_ffa: Remove ffa_dev_ops_get() firmware: arm_ffa: Add support for querying FF-A features firmware: arm_ffa: Use FFA_FEATURES to detect if native versions are supported firmware: arm_ffa: Make memory apis ffa_device independent firmware: arm_ffa: Rename ffa_dev_ops as ffa_ops firmware: arm_ffa: Add v1.1 get_partition_info support firmware: arm_ffa: Set up 32bit execution mode flag using partiion property firmware: arm_ffa: Split up ffa_ops into info, message and memory operations drivers/firmware/arm_ffa/bus.c | 4 +- drivers/firmware/arm_ffa/driver.c | 131 +++++++++++++++++++++++------- drivers/tee/optee/ffa_abi.c | 46 +++++------ drivers/tee/optee/optee_private.h | 1 - include/linux/arm_ffa.h | 36 +++++--- 5 files changed, 151 insertions(+), 67 deletions(-) -- 2.37.3

3 years, 9 months

2
14
0 0

[PATCH v2 00/10] firmware: arm_ffa: Refactoring and initial/minor v1.1 update

by Sudeep Holla

Hi All, This series is just some refactoring in preparation to add FF-A v1.1 support. It doesn't have any memory layout or notification changes supported in v1.1 yet. Regards, Sudeep v1[1]->v2: - Merged dropping of ffa_ops in optee_ffa structure and using ffa_dev->ops into single patch - Added separate patch(didn't fit any patch strictly to fit in) to rename ffa_dev_ops as ffa_ops as suggested by Sumit - Fixed some minor comments, handling size > structure size in partition_info_get and added extra parameter to ffa_features to get both possible output/interface properties. [1] https://lore.kernel.org/all/20220830100700.344594-1-sudeep.holla@arm.com/ Sudeep Holla (10): firmware: arm_ffa: Add pointer to the ffa_dev_ops in struct ffa_dev tee: optee: Drop ffa_ops in optee_ffa structure using ffa_dev->ops directly firmware: arm_ffa: Remove ffa_dev_ops_get() firmware: arm_ffa: Add support for querying FF-A features firmware: arm_ffa: Use FFA_FEATURES to detect if native versions are supported firmware: arm_ffa: Make memory apis ffa_device independent firmware: arm_ffa: Rename ffa_dev_ops as ffa_ops firmware: arm_ffa: Add v1.1 get_partition_info support firmware: arm_ffa: Set up 32bit execution mode flag using partiion property firmware: arm_ffa: Split up ffa_ops into info, message and memory operations drivers/firmware/arm_ffa/bus.c | 4 +- drivers/firmware/arm_ffa/driver.c | 130 +++++++++++++++++++++++------- drivers/tee/optee/ffa_abi.c | 46 +++++------ drivers/tee/optee/optee_private.h | 1 - include/linux/arm_ffa.h | 36 ++++++--- 5 files changed, 150 insertions(+), 67 deletions(-) -- 2.37.3

3 years, 9 months

3
19
0 0

Re: [PATCH 0/4] firmware: Add support for Qualcomm UEFI Secure Application

by Sumit Garg

+ TEE ML On Fri, 2 Sept 2022 at 18:48, Maximilian Luz <luzmaximilian(a)gmail.com> wrote: > > Hi, > > On 9/2/22 09:26, Sumit Garg wrote: > > Hi Maximilian, > > > > On 02/08/22 18:52, Maximilian Luz wrote: > > [...] > > >> Thanks for this information! So as far as I understand it, this is currently an > >> interface to user-space only, i.e. does not allow in-kernel drivers for apps? > > > > The Linux TEE framework already provides an in-kernel interface to TEE as well via TEE bus [1]. There are already multiple kernel drivers [2] [3] [4] [5] [6] [7] using it. So an EFI driver can be an addition to that. > > > > Now coming on to TEE implementations, the drivers I mentioned are based on OP-TEE where devices are queried/enumerated during OP-TEE probe here [8]. So in similar manner QTEE smcinvoke driver should be able to register devices on the TEE bus. > > > > [1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Doc… > > > > [2] drivers/char/tpm/tpm_ftpm_tee.c > > > > [3] drivers/char/hw_random/optee-rng.c > > > > [4] drivers/firmware/arm_scmi/optee.c > > > > [5] security/keys/trusted-keys/trusted_tee.c > > > > [6] drivers/firmware/broadcom/tee_bnxt_fw.c > > > > [7] drivers/rtc/rtc-optee.c > > > > [8] drivers/tee/optee/device.c > > Thanks for those links! > > I think it would indeed be good if we could make it work via that > interface and I guess that should generally be possible. As far as I can > see, the biggest problem might be that the current firmware doesn't seem > to use UUIDs, so I guess we might need to emulate them somehow. > Okay, so I had a brief look at your driver to get an idea how QTEE identifies its trusted/secure applications. AFAIU, it uses constant strings as follows: #define QCTEE_UEFISEC_APP_NAME "qcom.tz.uefisecapp" I think we should be able to extend the TEE bus concept to accept constant strings as device IDs as well. So if a driver wants to support both OP-TEE and QTEE based apps then it can put corresponding identifiers (UUID or a constant string) in the TEE device match ID table. This way we should be able to support other TEE implementations as I think any other identifier apart from UUID can be represented as a constant string. If anyone else has any better then feel free to discuss. -Sumit > It would be great if someone with some actual knowledge of the firmware > used on those devices could have a look at this and provide some > insights. > > My plan for now is to hold off on the UEFI variable driver until we have > a (proper) TEE driver, which unfortunately might be a bit out of my > depth. I'm happy to help out in any way I can though. > > Regards, > Max

3 years, 9 months

1
0
0 0

[PATCH 0/9] firmware: arm_ffa: Refactoring and initial/minor v1.1 update

by Sudeep Holla

Hi All, This series is just some refactoring in preparation to add FF-A v1.1 support. It doesn't have any memory layout or notification changes supported in v1.1 yet. Regards, Sudeep Sudeep Holla (9): firmware: arm_ffa: Add pointer to the ffa_dev_ops in struct ffa_dev tee: optee: Use ffa_dev->ops directly firmware: arm_ffa: Remove ffa_dev_ops_get() firmware: arm_ffa: Add support for querying FF-A features firmware: arm_ffa: Use FFA_FEATURES to detect if native versions are supported firmware: arm_ffa: Make memory apis ffa_device independent firmware: arm_ffa: Add v1.1 get_partition_info support tee: optee: Drop ffa_ops in optee_ffa structure firmware: arm_ffa: Split up ffa_dev_ops into info, message and memory operations drivers/firmware/arm_ffa/bus.c | 4 +- drivers/firmware/arm_ffa/driver.c | 111 ++++++++++++++++++++++-------- drivers/tee/optee/ffa_abi.c | 40 +++++------ drivers/tee/optee/optee_private.h | 1 - include/linux/arm_ffa.h | 34 +++++---- 5 files changed, 127 insertions(+), 63 deletions(-) -- 2.37.2

3 years, 9 months

3
27
0 0

LOC meetings today

by Jérôme Forissier

Hi, The LOC meeting will start shortly. Sorry for the late notice. https://bit.ly/loc-notes -- Jerome

3 years, 10 months

1
0
0 0

[GIT PULL] Fix TEE system compiler warning fo4r v6.0

by Jens Wiklander

Hello arm-soc maintainers, Please pull this small patch which fixes a recently introduced compiler warning the TEE subsystem. Thanks, Jens The following changes since commit 1c23f9e627a7b412978b4e852793c5e3c3efc555: Linux 6.0-rc2 (2022-08-21 17:32:54 -0700) are available in the Git repository at: https://git.linaro.org/people/jens.wiklander/linux-tee.git tags/tee-fix-for-v6.0 for you to fetch changes up to eccd7439709810127563e7e3e49b8b44c7b2791d: tee: fix compiler warning in tee_shm_register() (2022-08-25 11:40:06 +0200) ---------------------------------------------------------------- Add a missing include in the TEE subsystem ---------------------------------------------------------------- Jens Wiklander (1): tee: fix compiler warning in tee_shm_register() drivers/tee/tee_shm.c | 1 + 1 file changed, 1 insertion(+)

3 years, 10 months

1
0
0 0

[PATCH] tee: fix compiler warning in tee_shm_register()

by Jens Wiklander

Include <linux/uaccess.h> to avoid the warning: drivers/tee/tee_shm.c: In function 'tee_shm_register': >> drivers/tee/tee_shm.c:242:14: error: implicit declaration of function 'access_ok' [-Werror=implicit-function-declaration] 242 | if (!access_ok((void __user *)addr, length)) | ^~~~~~~~~ cc1: some warnings being treated as errors Fixes: 573ae4f13f63 ("tee: add overflow check in register_shm_helper()") Reported-by: kernel test robot <lkp(a)intel.com> Signed-off-by: Jens Wiklander <jens.wiklander(a)linaro.org> --- drivers/tee/tee_shm.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/tee/tee_shm.c b/drivers/tee/tee_shm.c index 1175f3a46859..27295bda3e0b 100644 --- a/drivers/tee/tee_shm.c +++ b/drivers/tee/tee_shm.c @@ -9,6 +9,7 @@ #include <linux/sched.h> #include <linux/slab.h> #include <linux/tee_drv.h> +#include <linux/uaccess.h> #include <linux/uio.h> #include "tee_private.h" -- 2.31.1

3 years, 10 months

2
2
0 0

[PATCH v3] tee: add overflow check in register_shm_helper()

by Jens Wiklander

With special lengths supplied by user space, register_shm_helper() has an integer overflow when calculating the number of pages covered by a supplied user space memory region. This causes internal_get_user_pages_fast() a helper function of pin_user_pages_fast() to do a NULL pointer dereference. [ 14.141620] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000010 [ 14.142556] Mem abort info: [ 14.142829] ESR = 0x0000000096000044 [ 14.143237] EC = 0x25: DABT (current EL), IL = 32 bits [ 14.143742] SET = 0, FnV = 0 [ 14.144052] EA = 0, S1PTW = 0 [ 14.144348] FSC = 0x04: level 0 translation fault [ 14.144767] Data abort info: [ 14.145053] ISV = 0, ISS = 0x00000044 [ 14.145394] CM = 0, WnR = 1 [ 14.145766] user pgtable: 4k pages, 48-bit VAs, pgdp=000000004278e000 [ 14.146279] [0000000000000010] pgd=0000000000000000, p4d=0000000000000000 [ 14.147435] Internal error: Oops: 96000044 [#1] PREEMPT SMP [ 14.148026] Modules linked in: [ 14.148595] CPU: 1 PID: 173 Comm: optee_example_a Not tainted 5.19.0 #11 [ 14.149204] Hardware name: QEMU QEMU Virtual Machine, BIOS 0.0.0 02/06/2015 [ 14.149832] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 14.150481] pc : internal_get_user_pages_fast+0x474/0xa80 [ 14.151640] lr : internal_get_user_pages_fast+0x404/0xa80 [ 14.152408] sp : ffff80000a88bb30 [ 14.152711] x29: ffff80000a88bb30 x28: 0000fffff836d000 x27: 0000fffff836e000 [ 14.153580] x26: fffffc0000000000 x25: fffffc0000f4a1c0 x24: ffff00000289fb70 [ 14.154634] x23: ffff000002702e08 x22: 0000000000040001 x21: ffff8000097eec60 [ 14.155378] x20: 0000000000f4a1c0 x19: 00e800007d287f43 x18: 0000000000000000 [ 14.156215] x17: 0000000000000000 x16: 0000000000000000 x15: 0000fffff836cfb0 [ 14.157068] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000 [ 14.157747] x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000 [ 14.158576] x8 : ffff00000276ec80 x7 : 0000000000000000 x6 : 000000000000003f [ 14.159243] x5 : 0000000000000000 x4 : ffff000041ec4eac x3 : ffff000002774cb8 [ 14.159977] x2 : 0000000000000004 x1 : 0000000000000010 x0 : 0000000000000000 [ 14.160883] Call trace: [ 14.161166] internal_get_user_pages_fast+0x474/0xa80 [ 14.161763] pin_user_pages_fast+0x24/0x4c [ 14.162227] register_shm_helper+0x194/0x330 [ 14.162734] tee_shm_register_user_buf+0x78/0x120 [ 14.163290] tee_ioctl+0xd0/0x11a0 [ 14.163739] __arm64_sys_ioctl+0xa8/0xec [ 14.164227] invoke_syscall+0x48/0x114 [ 14.164653] el0_svc_common.constprop.0+0x44/0xec [ 14.165130] do_el0_svc+0x2c/0xc0 [ 14.165498] el0_svc+0x2c/0x84 [ 14.165847] el0t_64_sync_handler+0x1ac/0x1b0 [ 14.166258] el0t_64_sync+0x18c/0x190 [ 14.166878] Code: 91002318 11000401 b900f7e1 f9403be1 (f820d839) [ 14.167666] ---[ end trace 0000000000000000 ]--- Fix this by adding an overflow check when calculating the end of the memory range. Also add an explicit call to access_ok() in tee_shm_register_user_buf() to catch an invalid user space address early. Fixes: 033ddf12bcf5 ("tee: add register user memory") Cc: stable(a)vger.kernel.org Reported-by: Nimish Mishra <neelam.nimish(a)gmail.com> Reported-by: Anirban Chakraborty <ch.anirban00727(a)gmail.com> Reported-by: Debdeep Mukhopadhyay <debdeep.mukhopadhyay(a)gmail.com> Suggested-by: Linus Torvalds <torvalds(a)linuxfoundation.org> Signed-off-by: Jens Wiklander <jens.wiklander(a)linaro.org> --- v2 -> v3: - Public review - Relies entirely on access_ok() for overflow checks as suggested - Check against zero registersted pages is kept - Replaced Suggested-by tag v1 -> v2: - Non-public review - Added access_ok() and overflow check with roundup() drivers/tee/tee_shm.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/drivers/tee/tee_shm.c b/drivers/tee/tee_shm.c index f2b1bcefcadd..a88669d6ea68 100644 --- a/drivers/tee/tee_shm.c +++ b/drivers/tee/tee_shm.c @@ -240,6 +240,14 @@ register_shm_helper(struct tee_context *ctx, unsigned long addr, void *ret; int rc; + addr = untagged_addr(addr); + start = rounddown(addr, PAGE_SIZE); + num_pages = (roundup(addr + length, PAGE_SIZE) - start) / PAGE_SIZE; + + /* Error out early if no pages are to be registered */ + if (!num_pages) + return ERR_PTR(-EINVAL); + if (!tee_device_get(teedev)) return ERR_PTR(-EINVAL); @@ -261,11 +269,8 @@ register_shm_helper(struct tee_context *ctx, unsigned long addr, shm->flags = flags; shm->ctx = ctx; shm->id = id; - addr = untagged_addr(addr); - start = rounddown(addr, PAGE_SIZE); shm->offset = addr - start; shm->size = length; - num_pages = (roundup(addr + length, PAGE_SIZE) - start) / PAGE_SIZE; shm->pages = kcalloc(num_pages, sizeof(*shm->pages), GFP_KERNEL); if (!shm->pages) { ret = ERR_PTR(-ENOMEM); @@ -326,6 +331,9 @@ struct tee_shm *tee_shm_register_user_buf(struct tee_context *ctx, void *ret; int id; + if (!access_ok((void __user *)addr, length)) + return ERR_PTR(-EFAULT); + mutex_lock(&teedev->mutex); id = idr_alloc(&teedev->idr, NULL, 1, 0, GFP_KERNEL); mutex_unlock(&teedev->mutex); -- 2.31.1

3 years, 10 months

3
3
0 0

[PATCH v2] tee: add overflow check in register_shm_helper()

by Jens Wiklander

With special lengths supplied by user space, register_shm_helper() has an integer overflow when calculating the number of pages covered by a supplied user space memory region. This causes internal_get_user_pages_fast() a helper function of pin_user_pages_fast() to do a NULL pointer dereference. [ 14.141620] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000010 [ 14.142556] Mem abort info: [ 14.142829] ESR = 0x0000000096000044 [ 14.143237] EC = 0x25: DABT (current EL), IL = 32 bits [ 14.143742] SET = 0, FnV = 0 [ 14.144052] EA = 0, S1PTW = 0 [ 14.144348] FSC = 0x04: level 0 translation fault [ 14.144767] Data abort info: [ 14.145053] ISV = 0, ISS = 0x00000044 [ 14.145394] CM = 0, WnR = 1 [ 14.145766] user pgtable: 4k pages, 48-bit VAs, pgdp=000000004278e000 [ 14.146279] [0000000000000010] pgd=0000000000000000, p4d=0000000000000000 [ 14.147435] Internal error: Oops: 96000044 [#1] PREEMPT SMP [ 14.148026] Modules linked in: [ 14.148595] CPU: 1 PID: 173 Comm: optee_example_a Not tainted 5.19.0 #11 [ 14.149204] Hardware name: QEMU QEMU Virtual Machine, BIOS 0.0.0 02/06/2015 [ 14.149832] pstate: 604000c5 (nZCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--) [ 14.150481] pc : internal_get_user_pages_fast+0x474/0xa80 [ 14.151640] lr : internal_get_user_pages_fast+0x404/0xa80 [ 14.152408] sp : ffff80000a88bb30 [ 14.152711] x29: ffff80000a88bb30 x28: 0000fffff836d000 x27: 0000fffff836e000 [ 14.153580] x26: fffffc0000000000 x25: fffffc0000f4a1c0 x24: ffff00000289fb70 [ 14.154634] x23: ffff000002702e08 x22: 0000000000040001 x21: ffff8000097eec60 [ 14.155378] x20: 0000000000f4a1c0 x19: 00e800007d287f43 x18: 0000000000000000 [ 14.156215] x17: 0000000000000000 x16: 0000000000000000 x15: 0000fffff836cfb0 [ 14.157068] x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000000 [ 14.157747] x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000 [ 14.158576] x8 : ffff00000276ec80 x7 : 0000000000000000 x6 : 000000000000003f [ 14.159243] x5 : 0000000000000000 x4 : ffff000041ec4eac x3 : ffff000002774cb8 [ 14.159977] x2 : 0000000000000004 x1 : 0000000000000010 x0 : 0000000000000000 [ 14.160883] Call trace: [ 14.161166] internal_get_user_pages_fast+0x474/0xa80 [ 14.161763] pin_user_pages_fast+0x24/0x4c [ 14.162227] register_shm_helper+0x194/0x330 [ 14.162734] tee_shm_register_user_buf+0x78/0x120 [ 14.163290] tee_ioctl+0xd0/0x11a0 [ 14.163739] __arm64_sys_ioctl+0xa8/0xec [ 14.164227] invoke_syscall+0x48/0x114 [ 14.164653] el0_svc_common.constprop.0+0x44/0xec [ 14.165130] do_el0_svc+0x2c/0xc0 [ 14.165498] el0_svc+0x2c/0x84 [ 14.165847] el0t_64_sync_handler+0x1ac/0x1b0 [ 14.166258] el0t_64_sync+0x18c/0x190 [ 14.166878] Code: 91002318 11000401 b900f7e1 f9403be1 (f820d839) [ 14.167666] ---[ end trace 0000000000000000 ]--- Fix this by adding an overflow check when calculating the end of the memory range. Also add an explicit call to access_ok() in tee_shm_register_user_buf() to catch an invalid user space address early. Fixes: 033ddf12bcf5 ("tee: add register user memory") Cc: stable(a)vger.kernel.org Reported-by: Nimish Mishra <neelam.nimish(a)gmail.com> Reported-by: Anirban Chakraborty <ch.anirban00727(a)gmail.com> Reported-by: Debdeep Mukhopadhyay <debdeep.mukhopadhyay(a)gmail.com> Suggested-by: Jerome Forissier <jerome.forissier(a)linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander(a)linaro.org> --- drivers/tee/tee_shm.c | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/drivers/tee/tee_shm.c b/drivers/tee/tee_shm.c index f2b1bcefcadd..f71651021c8d 100644 --- a/drivers/tee/tee_shm.c +++ b/drivers/tee/tee_shm.c @@ -231,15 +231,30 @@ EXPORT_SYMBOL_GPL(tee_shm_alloc_priv_buf); static struct tee_shm * register_shm_helper(struct tee_context *ctx, unsigned long addr, - size_t length, u32 flags, int id) + unsigned long length, u32 flags, int id) { struct tee_device *teedev = ctx->teedev; + unsigned long end_addr; struct tee_shm *shm; unsigned long start; size_t num_pages; void *ret; int rc; + /* Check for overflows, this may be input from user space */ + addr = untagged_addr(addr); + start = rounddown(addr, PAGE_SIZE); + if (check_add_overflow(addr, length, &end_addr)) + return ERR_PTR(-EINVAL); + end_addr = roundup(end_addr, PAGE_SIZE); + if (end_addr < start) + return ERR_PTR(-EINVAL); + num_pages = (end_addr - start) / PAGE_SIZE; + + /* Error out early if no pages are to be registered */ + if (!num_pages) + return ERR_PTR(-EINVAL); + if (!tee_device_get(teedev)) return ERR_PTR(-EINVAL); @@ -261,11 +276,8 @@ register_shm_helper(struct tee_context *ctx, unsigned long addr, shm->flags = flags; shm->ctx = ctx; shm->id = id; - addr = untagged_addr(addr); - start = rounddown(addr, PAGE_SIZE); shm->offset = addr - start; shm->size = length; - num_pages = (roundup(addr + length, PAGE_SIZE) - start) / PAGE_SIZE; shm->pages = kcalloc(num_pages, sizeof(*shm->pages), GFP_KERNEL); if (!shm->pages) { ret = ERR_PTR(-ENOMEM); @@ -326,6 +338,9 @@ struct tee_shm *tee_shm_register_user_buf(struct tee_context *ctx, void *ret; int id; + if (!access_ok((void __user *)addr, length)) + return ERR_PTR(-EFAULT); + mutex_lock(&teedev->mutex); id = idr_alloc(&teedev->idr, NULL, 1, 0, GFP_KERNEL); mutex_unlock(&teedev->mutex); -- 2.31.1

3 years, 10 months

3
5
0 0

[PATCH 0/1] tee: Add tee_shm_register_fd

by Olivier Masse

Add a new ioctl called TEE_IOC_SHM_REGISTER_FD to register a shared memory from a dmabuf file descriptor. Etienne Carriere (1): tee: new ioctl to a register tee_shm from a dmabuf file descriptor drivers/tee/tee_core.c | 38 +++++++++++++++ drivers/tee/tee_shm.c | 99 +++++++++++++++++++++++++++++++++++++++- include/linux/tee_drv.h | 11 +++++ include/uapi/linux/tee.h | 29 ++++++++++++ 4 files changed, 175 insertions(+), 2 deletions(-) -- 2.25.0

3 years, 10 months

4
7
0 0

Current design of tee-supplicant can't support ftpm requests during kernel space bootup

by Judy Wang

Hi Jens, As we are developing platforms to enable RPMB secure storage + fTPM TA, we realize that the current design of optee-os relying on a user space daemon tee-supplicant to serve requests cannot meet requirements of another open source linux kernel, IMA(Integrity Measurement Architecture). This module will try to collect data from TPM devices, which in our case, is fTPM TA. It has to collect data when kernel space is booting up, so we cannot delay these requests further until user space is up. With RPMB as our secure storage, some requests will be sent back to kernel space, but tee-supplicant context is not yet initialized, which results in IMA detection of TPM devices failed. Therefore, failed on the measurements we need. I am wondering if we have related discussion on how modify the design to serve optee-os requests during kernel bootup. I can't find related topics in LKML archive. Thank you. Judy. Cat from /Documentation/ABI/testing/sysfs-bus-optee-devices What: /sys/bus/tee/devices/optee-ta-<uuid>/ Date: May 2020 KernelVersion 5.8 Contact: op-tee(a)lists.trustedfirmware.org<mailto:op-tee@lists.trustedfirmware.org> Description: OP-TEE bus provides reference to registered drivers under this directory. The <uuid> matches Trusted Application (TA) driver and corresponding TA in secure OS. Drivers are free to create needed API under optee-ta-<uuid> directory. Reference: fTPM TA: microsoft/MSRSec: Security and Privacy Research at Microsoft (github.com)<https://github.com/microsoft/MSRSec> IMA enabling: https://sourceforge.net/p/linux-ima/wiki/Home/#enabling-ima-measurement:~:t…

3 years, 10 months

4
9
0 0

Issue related to mempool allocation

by ramakanth varala

Hi All, I want to generate a rsa key pair with 4096 bits. Using below mbedTLS api , inside my TEE server side implementation. ret = mbedtls_rsa_gen_key( mbedtls_pk_rsa( key ), mbedtls_ctr_drbg_random, &ctr_drbg, 4096, 65537 ); This is resulting in the below error. mempool_alloc:197Failed to allocate 288 bytes, please tune the pool size failed Mines is arm64 infrastructure, with kernel 4.19.183 and optee_os 3.7.0 We tried doing below change (courtesy: https://github.com/OP-TEE/optee_os/issues/3328) and recompiling tomcrypt library In core/lib/libtomcrypt/mpi_desc.c, we changed MPI_MEMPOOL_SIZE #define MPI_MEMPOOL_SIZE (42 * 1024) to #define MPI_MEMPOOL_SIZE (82 * 1024) This didn’t help, kindly provide your inputs. Thanks

3 years, 10 months

2
2
0 0

OP-TEE BTI support

by Olivier Deprez

Hi, (in context of testing BTI support when OP-TEE is loaded as a secure partition on top of SEL2/Hafnium) I read through the OP-TEE documentation, and would like to confirm: CFG_CORE_BTI=y seems mandatorily required to support BTI in TAs. It means we cannot enable independently BTI for TAs and 'disable' for TEE core, is this correct? Interestingly I noticed I can build with CFG_CORE_BTI=n and CTG_TA_BTI=y but I appreciate the end result is that the TA get BTI landpads but is not effectively leveraging the arch extension because code page aren't guarde if TEE core option isn't enabled. I was investigating a way to omit building a specific toolchain as it appears to be required when CFG_CORE_BTI=y, but I'll go ahead if there's no way round. Out of curiosity is OP-TEE core pulling gcc libraries? And if yes, which kind? I naively thought OP-TEE core would be freestanding or be independent from toolchain libs. Thanks & Regards, Olivier.

3 years, 10 months

2
3
0 0

Linaro OP-TEE Contributions (LOC) monthly meeting - July 28 CANCELLED

by Jens Wiklander

Hi, We don't have any topics for the meeting this month. Hence canceling. Regards, Jens on behalf of OP-TEE team

3 years, 11 months

1
0
0 0

OP-TEE 3.18 SPMC status

by Balint Dobszay

Hi All, This is a follow-up email to the OP-TEE 3.18 release, highlighting the updates to the SPMC and related components. Short summary of introduced changes: - optee_os: Added support to the SPMC to process memory regions described in the SP manifest. This enables running the Trusted Services smm-gateway SP. - manifest: Added new manifest (derived from the fvp manifest) which includes Trusted Services and related kernel modules [1]. - build: Added new top level Makefile to configure optee_os as S-EL1 SPMC, build Trusted Services SPs and test apps [2]. For more details on how to get, build and test the SPMC, please see [3]. Regards, Balint [1]: https://github.com/OP-TEE/manifest/blob/3.18.0/fvp-ts.xml [2]: https://github.com/OP-TEE/build/blob/3.18.0/fvp-psa-sp.mk [3]: https://developer.trustedfirmware.org/w/trusted-services/op-tee-spmc

3 years, 11 months

1
0
0 0

OP-TEE 3.18.0 has been released

by Jens Wiklander

Hi, I'm pleased to announce that OP-TEE version 3.18.0 is now available. The list of changes can be found in the changelog [1]. A big thank you to everyone who participated with contributions and helping out with testing the release [2]. [1] https://github.com/OP-TEE/optee_os/blob/master/CHANGELOG.md [2] https://github.com/OP-TEE/optee_os/commit/1ee647035939e073a2e8dddb727c0f019… Regards, Jens

3 years, 11 months

1
0
0 0

[PATCH] optee: smc_abi.c: fix wrong pointer passed to IS_ERR/PTR_ERR()

by Yang Yingliang

It should be 'rpc_arg' pass to IS_ERR/PTR_ERR(). Fixes: ed8faf6c8f8c ("optee: add OPTEE_SMC_CALL_WITH_RPC_ARG and OPTEE_SMC_CALL_WITH_REGD_ARG") Reported-by: Hulk Robot <hulkci(a)huawei.com> Signed-off-by: Yang Yingliang <yangyingliang(a)huawei.com> --- drivers/tee/optee/smc_abi.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/tee/optee/smc_abi.c b/drivers/tee/optee/smc_abi.c index 385cb0aee610..a1c1fa1a9c28 100644 --- a/drivers/tee/optee/smc_abi.c +++ b/drivers/tee/optee/smc_abi.c @@ -884,8 +884,8 @@ static int optee_smc_do_call_with_arg(struct tee_context *ctx, rpc_arg_offs = OPTEE_MSG_GET_ARG_SIZE(arg->num_params); rpc_arg = tee_shm_get_va(shm, offs + rpc_arg_offs); - if (IS_ERR(arg)) - return PTR_ERR(arg); + if (IS_ERR(rpc_arg)) + return PTR_ERR(rpc_arg); } if (rpc_arg && tee_shm_is_dynamic(shm)) { -- 2.25.1

3 years, 11 months

2
1
0 0

[PATCH] optee: Remove duplicate 'of' in two places.

by Jiang Jian

file: ./drivers/tee/optee/optee_smc.h line: 192 * a2 Size of of SHM chanegd to * a2 Size of SHM Signed-off-by: Jiang Jian <jiangjian(a)cdjrlc.com> --- drivers/tee/optee/optee_smc.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/tee/optee/optee_smc.h b/drivers/tee/optee/optee_smc.h index c60896cf71cb..73b5e7760d10 100644 --- a/drivers/tee/optee/optee_smc.h +++ b/drivers/tee/optee/optee_smc.h @@ -189,7 +189,7 @@ struct optee_smc_call_get_os_revision_result { * Have config return register usage: * a0 OPTEE_SMC_RETURN_OK * a1 Physical address of start of SHM - * a2 Size of of SHM + * a2 Size of SHM * a3 Cache settings of memory, as defined by the * OPTEE_SMC_SHM_* values above * a4-7 Preserved -- 2.17.1

3 years, 11 months

2
1
0 0

[PATCH] tee: tee_get_drvdata(): fix description of return value

by Marc Kleine-Budde

This patch fixes the description of tee_get_drvdata()'s return value. It actually returns the driver_data pointer supplied to tee_device_alloc() since the TEE subsystem was added to the kernel. Fixes: 967c9cca2cc5 ("tee: generic TEE subsystem") Cc: Jens Wiklander <jens.wiklander(a)linaro.org> Signed-off-by: Marc Kleine-Budde <mkl(a)pengutronix.de> --- drivers/tee/tee_core.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/tee/tee_core.c b/drivers/tee/tee_core.c index 8aa1a4836b92..cebe4963ad87 100644 --- a/drivers/tee/tee_core.c +++ b/drivers/tee/tee_core.c @@ -1075,7 +1075,7 @@ EXPORT_SYMBOL_GPL(tee_device_unregister); /** * tee_get_drvdata() - Return driver_data pointer * @teedev: Device containing the driver_data pointer - * @returns the driver_data pointer supplied to tee_register(). + * @returns the driver_data pointer supplied to tee_device_alloc(). */ void *tee_get_drvdata(struct tee_device *teedev) { -- 2.35.1

3 years, 11 months

2
1
0 0

[GIT PULL] TEE Fixes for v5.19

by Jens Wiklander

Hello arm-soc maintainers, Please pull these small fixes in the TEE subssytem. The OP-TEE driver patch fixes an error which was introduced during the merge window. I'm not sure if the error really can be triggered, but it would be nice to have it fixed before the release. Thanks, Jens The following changes since commit b13baccc3850ca8b8cccbf8ed9912dbaa0fdf7f3: Linux 5.19-rc2 (2022-06-12 16:11:37 -0700) are available in the Git repository at: https://git.linaro.org/people/jens.wiklander/linux-tee.git/ tags/tee-fixes-for-v5.19 for you to fetch changes up to e5ce073c8a1e01b215a5eb32ba48f8d17ded3bd5: tee: tee_get_drvdata(): fix description of return value (2022-07-08 10:51:24 +0200) ---------------------------------------------------------------- Fixes for TEE subsystem A fix for the recently merged commit ed8faf6c8f8c ("optee: add OPTEE_SMC_CALL_WITH_RPC_ARG and OPTEE_SMC_CALL_WITH_REGD_ARG"). Two small fixes in comment, repeated words etc. ---------------------------------------------------------------- Jiang Jian (1): optee: Remove duplicate 'of' in two places. Marc Kleine-Budde (1): tee: tee_get_drvdata(): fix description of return value Yang Yingliang (1): optee: smc_abi.c: fix wrong pointer passed to IS_ERR/PTR_ERR() drivers/tee/optee/optee_smc.h | 2 +- drivers/tee/optee/smc_abi.c | 4 ++-- drivers/tee/tee_core.c | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-)

3 years, 11 months

1
0
0 0

Preparing for OP-TEE 3.18.0

by Jens Wiklander

[BCC all OP-TEE maintainers] Hi OP-TEE maintainers & contributors, OP-TEE v3.17.0 is scheduled to be released on 2022-07-15. So, now is a good time to start testing the master branch on the various platforms and report/fix any bugs. The GitHub pull request for collecting Tested-by tags or any other comments is https://github.com/OP-TEE/optee_os/pull/5395 As usual, we will create a release candidate tag one week before the release date for final testing. In addition to that you can find some additional information related to releases here: https://optee.readthedocs.io/en/latest/general/releases.html Thanks, Jens

3 years, 11 months

1
1
0 0

Linaro OP-TEE Contributions (LOC) monthly meeting - June 23 CANCELLED

by Jens Wiklander

Hi, We don't have any topics for the meeting this month. Hence cancelling. Regards, Jens on behalf of OP-TEE team

4 years

1
0
0 0

[PATCH] tee: Add Arm FF-A TEE driver

by Sudeep Holla

The Arm FF-A provides mechanism for Linux kernel and modules to communicate with the secure partitions. This is useful for some Trusted-OS driver that are kernel resident or modules. We would also like to avoid adding kernel drivers to communicate with each and every service provided by these secure partitions. In order to achieve the same with FF-A, it would be better to provide user-space interface to access the FF-A functionalities. TEE subsystem seems to be the best suited to meet those requirements without having to create a new solution custom to FF-A alone. All FF-A partitions that user-space access can be associated with this new FF-A TEE driver and represented by a single TEE device. Though the various secure services are generally distributed across multiple secure partitions, all of these can be made accessible through this single FF-A TEE device. The minimal functionality needed by the user space application is implemented, namely: - Query all partition IDs for a specific FF-A UUID - Sending synchronous message to a partition - Share/unshare buffer with the partition Cc: Jens Wiklander <jens.wiklander(a)linaro.org> Cc: Sumit Garg <sumit.garg(a)linaro.org> Co-developed-by: Balint Dobszay <balint.dobszay(a)arm.com> Signed-off-by: Balint Dobszay <balint.dobszay(a)arm.com> Signed-off-by: Sudeep Holla <sudeep.holla(a)arm.com> --- drivers/tee/Kconfig | 1 + drivers/tee/Makefile | 1 + drivers/tee/arm_ffa_tee/Kconfig | 15 + drivers/tee/arm_ffa_tee/Makefile | 6 + drivers/tee/arm_ffa_tee/core.c | 460 ++++++++++++++++++++++ drivers/tee/arm_ffa_tee/ffa_tee_private.h | 39 ++ drivers/tee/arm_ffa_tee/shm_pool.c | 94 +++++ drivers/tee/arm_ffa_tee/ts_msg.c | 133 +++++++ drivers/tee/arm_ffa_tee/ts_msg.h | 75 ++++ include/uapi/linux/arm_ffa_tee.h | 116 ++++++ include/uapi/linux/tee.h | 1 + 11 files changed, 941 insertions(+) create mode 100644 drivers/tee/arm_ffa_tee/Kconfig create mode 100644 drivers/tee/arm_ffa_tee/Makefile create mode 100644 drivers/tee/arm_ffa_tee/core.c create mode 100644 drivers/tee/arm_ffa_tee/ffa_tee_private.h create mode 100644 drivers/tee/arm_ffa_tee/shm_pool.c create mode 100644 drivers/tee/arm_ffa_tee/ts_msg.c create mode 100644 drivers/tee/arm_ffa_tee/ts_msg.h create mode 100644 include/uapi/linux/arm_ffa_tee.h Hi All, This is the initial version of FF-A TEE driver to get the feedback on the overall design/approach. Few TODOs I plan to do before we finalise: 1. Need to decouple the driver from few Trusted Service protocols currently implemented. I have WIP, but couldn't get all the tests working(yet to figure out whether the issue is in driver or tests themselves). Just posting it as is to get initial feedback on other areas. 2. Based on the way FF-A spec changes/discussions, does it make sense to make search based on UUID + partitionID instead of just partitionID or leave that for userspace. 3. While I definitely want to move the protocol specifics from the driver (as mentioned in (1)), do we even try to remove adding UUID of each service we would like to use this driver. I haven't thought through that yet, but the idea I have is to just have a blocked UUID list which can contain UUID for OPTEE and other in-kernel users. That may need changes in FF-A bus match but something to consider ? Regards, Sudeep diff --git a/drivers/tee/Kconfig b/drivers/tee/Kconfig index e99d840c2511..385f46b66bd4 100644 --- a/drivers/tee/Kconfig +++ b/drivers/tee/Kconfig @@ -17,6 +17,7 @@ menu "TEE drivers" source "drivers/tee/optee/Kconfig" source "drivers/tee/amdtee/Kconfig" +source "drivers/tee/arm_ffa_tee/Kconfig" endmenu endif diff --git a/drivers/tee/Makefile b/drivers/tee/Makefile index 68da044afbfa..fb7a961665cd 100644 --- a/drivers/tee/Makefile +++ b/drivers/tee/Makefile @@ -5,3 +5,4 @@ tee-objs += tee_shm.o tee-objs += tee_shm_pool.o obj-$(CONFIG_OPTEE) += optee/ obj-$(CONFIG_AMDTEE) += amdtee/ +obj-$(CONFIG_ARM_FFA_TEE) += arm_ffa_tee/ diff --git a/drivers/tee/arm_ffa_tee/Kconfig b/drivers/tee/arm_ffa_tee/Kconfig new file mode 100644 index 000000000000..52e3051c48e0 --- /dev/null +++ b/drivers/tee/arm_ffa_tee/Kconfig @@ -0,0 +1,15 @@ +# SPDX-License-Identifier: GPL-2.0-only +# Arm FF-A Trusted Execution Environment Configuration +config ARM_FFA_TEE + tristate "ARM FFA TEE" + depends on MMU + depends on ARM_FFA_TRANSPORT + default ARM_FFA_TRANSPORT + help + This implements the Trusted Execution Environment (TEE) driver + based on ARM FF-A. + + This driver provides user space access to Trusted/Secure services. + The implementation extends the TEE subsystem using FF-A compliant + messaging between the normal/non-secure and trusted/secure worlds. + diff --git a/drivers/tee/arm_ffa_tee/Makefile b/drivers/tee/arm_ffa_tee/Makefile new file mode 100644 index 000000000000..e49c6a5927fe --- /dev/null +++ b/drivers/tee/arm_ffa_tee/Makefile @@ -0,0 +1,6 @@ +# SPDX-License-Identifier: GPL-2.0-only + +obj-$(CONFIG_ARM_FFA_TEE) += arm-ffa-tee.o +arm-ffa-tee-objs += core.o +arm-ffa-tee-objs += shm_pool.o +arm-ffa-tee-objs += ts_msg.o diff --git a/drivers/tee/arm_ffa_tee/core.c b/drivers/tee/arm_ffa_tee/core.c new file mode 100644 index 000000000000..87150d7cd7a7 --- /dev/null +++ b/drivers/tee/arm_ffa_tee/core.c @@ -0,0 +1,460 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * Copyright (c) 2022, Arm Limited + * + * This module implements a TEE driver to enable user space applications to + * invoke services deployed in FF-A Secure Partitions. + */ + +#include <linux/arm_ffa.h> +#include <linux/err.h> +#include <linux/errno.h> +#include <linux/kernel.h> +#include <linux/list.h> +#include <linux/mm.h> +#include <linux/module.h> +#include <linux/moduleparam.h> +#include <linux/scatterlist.h> +#include <linux/slab.h> +#include <linux/stat.h> +#include <linux/tee_drv.h> +#include <linux/types.h> +#include <linux/uaccess.h> +#include <uapi/linux/arm_ffa_tee.h> + +#include "ffa_tee_private.h" +#include "ts_msg.h" + +struct ffa_dev_list { + struct ffa_device *ffa_dev; + const struct ffa_dev_ops *ffa_ops; + struct list_head list_node; +}; + +static LIST_HEAD(ffa_devs); +/* Protection for the entire list */ +static DEFINE_MUTEX(ffatee_list_mutex); + +static struct ffa_dev_list *ffa_tee_get_bound_dev(u16 part_id) +{ + struct ffa_dev_list *tdev, *dev = NULL; + + mutex_lock(&ffatee_list_mutex); + list_for_each_entry(tdev, &ffa_devs, list_node) { + if (tdev->ffa_dev->vm_id == part_id) { + dev = tdev; + break; + } + } + mutex_unlock(&ffatee_list_mutex); + + return dev; +} + +static void ffa_tee_get_version(struct tee_device *teedev __always_unused, + struct tee_ioctl_version_data *vers) +{ + struct tee_ioctl_version_data v = { + .impl_id = TEE_IMPL_ID_FFATEE, + .impl_caps = 0, + .gen_caps = 0, + }; + + *vers = v; +} + +static int ffa_tee_open(struct tee_context *ctx) +{ + struct ffa_tee_context_data *ctxdata; + + ctxdata = kzalloc(sizeof(*ctxdata), GFP_KERNEL); + if (!ctxdata) + return -ENOMEM; + ctx->data = ctxdata; + + return 0; +} + +static void ffa_tee_release(struct tee_context *ctx) +{ + struct ffa_tee_context_data *ctxdata = ctx->data; + + kfree(ctxdata); + ctx->data = NULL; +} + +static int ffa_tee_open_session(struct tee_context *ctx, + struct tee_ioctl_open_session_arg *arg, + struct tee_param *param) +{ + struct ffa_tee_context_data *ctxdata = ctx->data; + struct ffa_dev_list *dev; + u16 part_id; + + /* + * If any of these is set, it means a session is already open in this + * context. Return an error because only a single session per context is + * allowed, see arm_ffa_tee.h for details. + */ + if (ctxdata->ffa_dev || ctxdata->ffa_ops) + return -EBUSY; + + if (arg->num_params != 1) + return -EINVAL; + + part_id = lower_16_bits(param[0].u.value.a); + + dev = ffa_tee_get_bound_dev(part_id); + if (!dev) + return -ENODEV; + + ctxdata->ffa_dev = dev->ffa_dev; + ctxdata->ffa_ops = dev->ffa_ops; + + return 0; +} + +static int ffa_tee_close_session(struct tee_context *ctx, + u32 session __always_unused) +{ + struct ffa_tee_context_data *ctxdata = ctx->data; + + ctxdata->ffa_dev = NULL; + ctxdata->ffa_ops = NULL; + + return 0; +} + +static int ffa_tee_list_part(struct tee_context *ctx __always_unused, + struct tee_ioctl_invoke_arg *arg, + struct tee_param *param) +{ + const struct ffa_dev_list *dev = NULL; + u8 uuid_buf[UUID_SIZE] = {}; + uuid_t uuid; + u16 __user *ubuf; + size_t ubuf_max_cnt, cnt = 0; + u16 part_id; + + if (arg->num_params != 2) + return -EINVAL; + + memcpy(&uuid_buf[0], &param[0].u.value.a, 8); + memcpy(&uuid_buf[8], &param[0].u.value.b, 8); + import_uuid(&uuid, uuid_buf); + + ubuf = u64_to_user_ptr(param[1].u.value.a); + ubuf_max_cnt = (size_t)param[1].u.value.b; + + if (!ubuf || !ubuf_max_cnt || !IS_ALIGNED((uintptr_t)ubuf, sizeof(u16))) + return -EINVAL; + + /* + * Copy partition IDs to user space buffer until the buffer is full or + * all IDs have been copied. + */ + mutex_lock(&ffatee_list_mutex); + list_for_each_entry(dev, &ffa_devs, list_node) { + if (uuid_equal(&uuid, &dev->ffa_dev->uuid)) { + part_id = lower_16_bits(dev->ffa_dev->vm_id); + if (put_user(part_id, ubuf)) { + mutex_unlock(&ffatee_list_mutex); + return -EFAULT; + } + + ubuf++; + cnt++; + + if (cnt >= ubuf_max_cnt) { + /* Buffer too short, there might be more IDs */ + param[1].u.value.b = 1; + goto out; + } + } + } + /* No more IDs, buffer was long enough */ + param[1].u.value.b = 0; + +out: + param[1].u.value.a = cnt; + mutex_unlock(&ffatee_list_mutex); + return 0; +} + +static int ffa_tee_invoke_func(struct tee_context *ctx, + struct tee_ioctl_invoke_arg *arg, + struct tee_param *param) +{ + struct ffa_tee_context_data *ctxdata = ctx->data; + int rc; + + switch (arg->func) { + case CMD_GET_PARTITION_LIST: + rc = ffa_tee_list_part(ctx, arg, param); + break; + case CMD_SEND_MSG: + /* Check that a session has been opened */ + if (!ctxdata->ffa_dev || !ctxdata->ffa_ops) + return -EINVAL; + + if (is_ts_protocol(&ctxdata->ffa_dev->uuid)) { + rc = ts_msg_sync_send_recv(ctx, arg, param); + } else { + pr_err("%s protocol not implemented for UUID: %pUb\n", + __func__, &ctxdata->ffa_dev->uuid); + rc = -EINVAL; + } + break; + default: + rc = -EINVAL; + break; + } + + return rc; +} + +static int ffa_tee_cancel_req(struct tee_context *ctx __always_unused, + u32 cancel_id __always_unused, + u32 session __always_unused) +{ + return -EINVAL; +} + +int ffa_tee_shm_register(struct tee_context *ctx, struct tee_shm *shm, + struct page **pages, size_t num_pages, + unsigned long start __always_unused) +{ + struct ffa_tee_context_data *ctxdata = ctx->data; + struct ffa_mem_region_attributes mem_attr = { + .attrs = FFA_MEM_RW, + .flag = 0, + }; + struct ffa_mem_ops_args args = { + .attrs = &mem_attr, + .flags = 0, + .nattrs = 1, + .use_txbuf = true, + }; + struct sg_table sgt; + int rc; + + /* Check that a session has been opened */ + if (!ctxdata->ffa_dev || !ctxdata->ffa_ops) + return -EINVAL; + + mem_attr.receiver = ctxdata->ffa_dev->vm_id; + + rc = sg_alloc_table_from_pages(&sgt, pages, num_pages, 0, + num_pages * PAGE_SIZE, GFP_KERNEL); + if (rc) + return rc; + + args.sg = sgt.sgl; + rc = ctxdata->ffa_ops->memory_share(ctxdata->ffa_dev, &args); + sg_free_table(&sgt); + if (rc) + return rc; + + shm->sec_world_id = args.g_handle; + + if (is_ts_protocol(&ctxdata->ffa_dev->uuid)) { + rc = ts_msg_shm_share(ctx, shm); + } else { + pr_err("%s: protocol not implemented for UUID: %pUb\n", + __func__, &ctxdata->ffa_dev->uuid); + rc = -EINVAL; + } + + if (rc) + ctxdata->ffa_ops->memory_reclaim(shm->sec_world_id, 0); + + return rc; +} + +int ffa_tee_shm_unregister(struct tee_context *ctx, struct tee_shm *shm) +{ + struct ffa_tee_context_data *ctxdata = ctx->data; + int rc; + + /* Check that a session has been opened */ + if (!ctxdata->ffa_dev || !ctxdata->ffa_ops) + return -EINVAL; + + if (is_ts_protocol(&ctxdata->ffa_dev->uuid)) { + rc = ts_msg_shm_reclaim(ctx, shm); + } else { + pr_err("%s: protocol not implemented for UUID: %pUb\n", + __func__, &ctxdata->ffa_dev->uuid); + rc = -EINVAL; + } + + if (rc) + return rc; + + rc = ctxdata->ffa_ops->memory_reclaim(shm->sec_world_id, 0); + + return rc; +} + +static const struct tee_driver_ops ffa_tee_ops = { + .get_version = ffa_tee_get_version, + .open = ffa_tee_open, + .release = ffa_tee_release, + .open_session = ffa_tee_open_session, + .close_session = ffa_tee_close_session, + .invoke_func = ffa_tee_invoke_func, + .cancel_req = ffa_tee_cancel_req, + .shm_register = ffa_tee_shm_register, + .shm_unregister = ffa_tee_shm_unregister, +}; + +static const struct tee_desc ffa_tee_desc = { + .name = "ffa-tee-client", + .ops = &ffa_tee_ops, + .owner = THIS_MODULE, +}; + +static struct ffa_tee *ffa_tee; + +static void ffa_tee_deinit_common(void) +{ + tee_device_unregister(ffa_tee->teedev); + if (ffa_tee->pool) + tee_shm_pool_free(ffa_tee->pool); + kfree(ffa_tee); +} + +static int ffa_tee_init(void) +{ + int rc; + + ffa_tee = kzalloc(sizeof(*ffa_tee), GFP_KERNEL); + if (!ffa_tee) + return -ENOMEM; + + ffa_tee->pool = ffa_tee_create_shm_pool(); + if (IS_ERR(ffa_tee->pool)) { + rc = PTR_ERR(ffa_tee->pool); + ffa_tee->pool = NULL; + goto err; + } + + ffa_tee->teedev = tee_device_alloc(&ffa_tee_desc, NULL, ffa_tee->pool, + ffa_tee); + if (IS_ERR(ffa_tee->teedev)) { + rc = PTR_ERR(ffa_tee->teedev); + ffa_tee->teedev = NULL; + goto err; + } + + rc = tee_device_register(ffa_tee->teedev); + if (rc) + goto err; + + return 0; + +err: + ffa_tee_deinit_common(); + return rc; +} + +static void ffa_tee_deinit(void) +{ + if (ffa_tee) + ffa_tee_deinit_common(); +} + +/* FF-A client driver initialization */ +static int ffa_tee_probe(struct ffa_device *ffa_dev) +{ + struct ffa_dev_list *dev; + + dev = kzalloc(sizeof(*dev), GFP_KERNEL); + if (!dev) + return -ENOMEM; + + dev->ffa_dev = ffa_dev; + dev->ffa_ops = ffa_dev_ops_get(ffa_dev); + + /* Trusted Services SPs use 32-bit direct messaging */ + if (is_ts_protocol(&ffa_dev->uuid)) + dev->ffa_ops->mode_32bit_set(ffa_dev); + + mutex_lock(&ffatee_list_mutex); + list_add(&dev->list_node, &ffa_devs); + mutex_unlock(&ffatee_list_mutex); + + return 0; +} + +static void ffa_tee_remove(struct ffa_device *ffa_dev) +{ + struct ffa_dev_list *dev, *dev_tmp; + + mutex_lock(&ffatee_list_mutex); + list_for_each_entry_safe(dev, dev_tmp, &ffa_devs, list_node) { + if (dev->ffa_dev == ffa_dev) { + list_del(&dev->list_node); + kfree(dev); + } + } + mutex_unlock(&ffatee_list_mutex); +} + +static const struct ffa_device_id ffa_tee_device_ids[] = { + /* TS RPC protocol UUID: bdcd76d7-825e-4751-963b-86d4f84943ac */ + { TS_RPC_UUID }, + /* PSA Crypto SP UUID: d9df52d5-16a2-4bb2-9aa4-d26d3b84e8c0 */ + { PSA_CRYPTO_SP_UUID }, + /* PSA ITS SP UUID: dc1eef48-b17a-4ccf-ac8b-dfcff7711b14 */ + { PSA_ITS_SP_UUID }, + /* PSA PS SP UUID: 751bf801-3dde-4768-a514-0f10aeed1790 */ + { PSA_PS_SP_UUID }, + /* PSA Attestation SP UUID: a1baf155-8876-4695-8f7c-54955e8db974 */ + { PSA_IAT_SP_UUID }, + {} +}; + +static struct ffa_driver ffa_tee_driver = { + .name = "arm_ffa_tee", + .probe = ffa_tee_probe, + .remove = ffa_tee_remove, + .id_table = ffa_tee_device_ids, +}; + +static int __init ffa_tee_mod_init(void) +{ + int rc; + + if (!IS_REACHABLE(CONFIG_TEE) || + !IS_REACHABLE(CONFIG_ARM_FFA_TRANSPORT)) + return -EOPNOTSUPP; + + rc = ffa_register(&ffa_tee_driver); + if (rc) + return rc; + + rc = ffa_tee_init(); + if (rc) + ffa_unregister(&ffa_tee_driver); + + return rc; +} +module_init(ffa_tee_mod_init) + +static void __exit ffa_tee_mod_exit(void) +{ + if (IS_REACHABLE(CONFIG_TEE)) + ffa_tee_deinit(); + + if (IS_REACHABLE(CONFIG_ARM_FFA_TRANSPORT)) + ffa_unregister(&ffa_tee_driver); +} +module_exit(ffa_tee_mod_exit) + +MODULE_ALIAS("arm-ffa-tee"); +MODULE_AUTHOR("Balint Dobszay <balint.dobszay(a)arm.com>"); +MODULE_AUTHOR("Sudeep Holla <sudeep.holla(a)arm.com>"); +MODULE_DESCRIPTION("Arm FF-A TEE driver"); +MODULE_LICENSE("GPL"); +MODULE_VERSION("1.0.0"); diff --git a/drivers/tee/arm_ffa_tee/ffa_tee_private.h b/drivers/tee/arm_ffa_tee/ffa_tee_private.h new file mode 100644 index 000000000000..e37fe51adb8d --- /dev/null +++ b/drivers/tee/arm_ffa_tee/ffa_tee_private.h @@ -0,0 +1,39 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * Copyright (c) 2022, Arm Limited + */ + +#ifndef FFA_TEE_PRIVATE_H +#define FFA_TEE_PRIVATE_H + +#include <linux/arm_ffa.h> +#include <linux/tee_drv.h> + +/** + * struct ffa_tee - Main struct describing this TEE driver + * @teedev TEE device allocated and registered by the driver + * @pool Dynamic shared memory pool for the TEE device + */ +struct ffa_tee { + struct tee_device *teedev; + struct tee_shm_pool *pool; +}; + +/** + * struct ffa_tee_context_data - Context information + * @ffa_dev FF-A device selected for this context + * @ffa_ops FF-A operations of the device + */ +struct ffa_tee_context_data { + struct ffa_device *ffa_dev; + const struct ffa_dev_ops *ffa_ops; +}; + +int ffa_tee_shm_register(struct tee_context *ctx, struct tee_shm *shm, + struct page **pages, size_t num_pages, + unsigned long start); +int ffa_tee_shm_unregister(struct tee_context *ctx, struct tee_shm *shm); + +struct tee_shm_pool *ffa_tee_create_shm_pool(void); + +#endif /* FFA_TEE_PRIVATE_H */ diff --git a/drivers/tee/arm_ffa_tee/shm_pool.c b/drivers/tee/arm_ffa_tee/shm_pool.c new file mode 100644 index 000000000000..7c3a20ea07d3 --- /dev/null +++ b/drivers/tee/arm_ffa_tee/shm_pool.c @@ -0,0 +1,94 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * Copyright (c) 2022, Arm Limited + */ + +#include <linux/arm_ffa.h> +#include <linux/device.h> +#include <linux/dma-buf.h> +#include <linux/genalloc.h> +#include <linux/slab.h> +#include <linux/tee_drv.h> + +#include "ffa_tee_private.h" + +/* + * This file implements a dynamic shared memory pool. It's used by the TEE + * subsystem to allocate kernel memory to be shared with the SWd as part of the + * TEE_IOC_SHM_ALLOC call. + */ + +static int pool_op_alloc(struct tee_shm_pool *pool __always_unused, + struct tee_shm *shm, size_t size, size_t align) +{ + unsigned int order, nr_pages, i; + struct page *page, **pages; + int rc; + + if (size == 0) + return -EINVAL; + + order = get_order(size); + nr_pages = 1 << order; + + page = alloc_pages(GFP_KERNEL | __GFP_ZERO, order); + if (!page) + return -ENOMEM; + + shm->kaddr = page_address(page); + shm->paddr = page_to_phys(page); + shm->size = PAGE_SIZE << order; + + pages = kcalloc(nr_pages, sizeof(*pages), GFP_KERNEL); + if (!pages) { + rc = -ENOMEM; + goto err; + } + + for (i = 0; i < nr_pages; i++) + pages[i] = page + i; + + shm->flags |= TEE_SHM_DYNAMIC; + rc = ffa_tee_shm_register(shm->ctx, shm, pages, nr_pages, + (unsigned long)shm->kaddr); + kfree(pages); + if (rc) + goto err; + + return 0; + +err: + __free_pages(page, order); + return rc; +} + +static void pool_op_free(struct tee_shm_pool *pool __always_unused, + struct tee_shm *shm) +{ + ffa_tee_shm_unregister(shm->ctx, shm); + free_pages((unsigned long)shm->kaddr, get_order(shm->size)); + shm->kaddr = NULL; +} + +static void pool_op_destroy_pool(struct tee_shm_pool *pool) +{ + kfree(pool); +} + +static const struct tee_shm_pool_ops pool_ops = { + .alloc = pool_op_alloc, + .free = pool_op_free, + .destroy_pool = pool_op_destroy_pool, +}; + +struct tee_shm_pool *ffa_tee_create_shm_pool(void) +{ + struct tee_shm_pool *pool = kzalloc(sizeof(*pool), GFP_KERNEL); + + if (!pool) + return ERR_PTR(-ENOMEM); + + pool->ops = &pool_ops; + + return pool; +} diff --git a/drivers/tee/arm_ffa_tee/ts_msg.c b/drivers/tee/arm_ffa_tee/ts_msg.c new file mode 100644 index 000000000000..c8f8e6292cd6 --- /dev/null +++ b/drivers/tee/arm_ffa_tee/ts_msg.c @@ -0,0 +1,133 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * Copyright (c) 2022, Arm Limited + */ + +#include <linux/arm_ffa.h> +#include <linux/kernel.h> +#include <linux/tee_drv.h> +#include <linux/types.h> +#include <linux/uuid.h> + +#include "ffa_tee_private.h" +#include "ts_msg.h" + +/* + * This file implements the message sending and shared memory handling callbacks + * using the Trusted Services RPC protocol. + */ + +bool is_ts_protocol(uuid_t *uuid) +{ + return (uuid_equal(uuid, &TS_RPC_UUID) || + uuid_equal(uuid, &PSA_CRYPTO_SP_UUID) || + uuid_equal(uuid, &PSA_ITS_SP_UUID) || + uuid_equal(uuid, &PSA_PS_SP_UUID) || + uuid_equal(uuid, &PSA_IAT_SP_UUID)); +} + +static void arg_list_to_ffa_data(const u32 *args, + struct ffa_send_direct_data *data) +{ + data->data0 = args[0]; + data->data1 = args[1]; + data->data2 = args[2]; + data->data3 = args[3]; + data->data4 = args[4]; +} + +static void arg_list_from_ffa_data(const struct ffa_send_direct_data *data, + u32 *args) +{ + args[0] = lower_32_bits(data->data0); + args[1] = lower_32_bits(data->data1); + args[2] = lower_32_bits(data->data2); + args[3] = lower_32_bits(data->data3); + args[4] = lower_32_bits(data->data4); +} + +int ts_msg_sync_send_recv(struct tee_context *ctx, + struct tee_ioctl_invoke_arg *arg, + struct tee_param *param) +{ + struct ffa_tee_context_data *ctxdata = ctx->data; + struct ffa_send_direct_data data; + u16 iface, opcode; + u32 args[5] = {}; + int rc; + + if (arg->num_params != 1) + return -EINVAL; + + iface = upper_16_bits(param[0].u.value.a); + opcode = lower_16_bits(param[0].u.value.a); + + args[TS_MSG_IFACE_ID_OPCODE] = TS_MSG_ADD_IFACE_OPCODE(iface, opcode); + args[TS_MSG_REQ_DATA_LEN] = param[0].u.value.b; + args[TS_MSG_ENCODING] = param[0].u.value.c; + args[TS_MSG_CALLER_ID] = 0; + + arg_list_to_ffa_data(args, &data); + rc = ctxdata->ffa_ops->sync_send_receive(ctxdata->ffa_dev, &data); + if (rc) + return rc; + arg_list_from_ffa_data(&data, args); + + param[0].u.value.a = args[TS_MSG_RESP_DATA_LEN]; + param[0].u.value.b = (u64)args[TS_MSG_RESP_RPC_STATUS] << 32; + param[0].u.value.b |= args[TS_MSG_RESP_OP_STATUS]; + param[0].u.value.c = 0; + + return 0; +} + +int ts_msg_shm_share(struct tee_context *ctx, struct tee_shm *shm) +{ + struct ffa_tee_context_data *ctxdata = ctx->data; + struct ffa_send_direct_data data; + u32 args[5] = {}; + int rc; + + args[TS_MSG_IFACE_ID_OPCODE] = + TS_MSG_ADD_IFACE_OPCODE(TS_MSG_MGMT_IFACE_ID, TS_MSG_OPCODE_SHARE_MEM); + args[TS_MSG_SHARE_MEM_HANDLE_LSW] = lower_32_bits(shm->sec_world_id); + args[TS_MSG_SHARE_MEM_HANDLE_MSW] = upper_32_bits(shm->sec_world_id); + args[TS_MSG_SHARE_MEM_SIZE] = shm->size; + + arg_list_to_ffa_data(args, &data); + rc = ctxdata->ffa_ops->sync_send_receive(ctxdata->ffa_dev, &data); + if (rc) + return rc; + arg_list_from_ffa_data(&data, args); + + /* Management call response only sets RPC status field */ + if (args[TS_MSG_RESP_RPC_STATUS] != 0) + return (int)args[TS_MSG_RESP_RPC_STATUS]; + + return 0; +} + +int ts_msg_shm_reclaim(struct tee_context *ctx, struct tee_shm *shm) +{ + struct ffa_tee_context_data *ctxdata = ctx->data; + struct ffa_send_direct_data data; + u32 args[5] = {}; + int rc; + + args[TS_MSG_IFACE_ID_OPCODE] = + TS_MSG_ADD_IFACE_OPCODE(TS_MSG_MGMT_IFACE_ID, TS_MSG_OPCODE_UNSHARE_MEM); + args[TS_MSG_SHARE_MEM_HANDLE_LSW] = lower_32_bits(shm->sec_world_id); + args[TS_MSG_SHARE_MEM_HANDLE_MSW] = upper_32_bits(shm->sec_world_id); + + arg_list_to_ffa_data(args, &data); + rc = ctxdata->ffa_ops->sync_send_receive(ctxdata->ffa_dev, &data); + if (rc) + return rc; + arg_list_from_ffa_data(&data, args); + + /* Management call response only sets RPC status field */ + if (args[TS_MSG_RESP_RPC_STATUS] != 0) + return (int)args[TS_MSG_RESP_RPC_STATUS]; + + return 0; +} diff --git a/drivers/tee/arm_ffa_tee/ts_msg.h b/drivers/tee/arm_ffa_tee/ts_msg.h new file mode 100644 index 000000000000..de5c9218a790 --- /dev/null +++ b/drivers/tee/arm_ffa_tee/ts_msg.h @@ -0,0 +1,75 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * Copyright (c) 2022, Arm Limited + */ + +#ifndef TS_MSG_H +#define TS_MSG_H + +/* + * Defines convention for use of FF-A direct call arguments by Trusted Services. + */ + +/* UUID of this protocol */ +#define TS_RPC_UUID UUID_INIT(0xbdcd76d7, 0x825e, 0x4751, \ + 0x96, 0x3b, 0x86, 0xd4, 0xf8, 0x49, 0x43, 0xac) + +/* Macros for parameters carried in a single register */ +#define TS_MSG_ADD_IFACE_OPCODE(i, o) (((i) << 16) | ((o) & 0xffff)) +#define TS_MSG_EXTRACT_IFACE(reg) ((reg) >> 16) +#define TS_MSG_EXTRACT_OPCODE(reg) ((reg) & 0xffff) + +/* + * If SPs are built with FF-A Routing Extension enabled, this should be 1. + * Otherwise it should be 0. + */ +#define FFARE_OFFSET (1) + +/* Common req & resp arg offests */ +#define TS_MSG_IFACE_ID_OPCODE (0 + FFARE_OFFSET) + +/* Req arg offsets */ +#define TS_MSG_REQ_DATA_LEN (1 + FFARE_OFFSET) +#define TS_MSG_CALLER_ID (2 + FFARE_OFFSET) +#define TS_MSG_ENCODING (3 + FFARE_OFFSET) + +/* Resp arg offsets */ +#define TS_MSG_RESP_DATA_LEN (1 + FFARE_OFFSET) +#define TS_MSG_RESP_RPC_STATUS (2 + FFARE_OFFSET) +#define TS_MSG_RESP_OP_STATUS (3 + FFARE_OFFSET) + +/* Share/unshare buffer offsets */ +#define TS_MSG_SHARE_MEM_HANDLE_LSW (1 + FFARE_OFFSET) +#define TS_MSG_SHARE_MEM_HANDLE_MSW (2 + FFARE_OFFSET) +#define TS_MSG_SHARE_MEM_SIZE (3 + FFARE_OFFSET) + +/* Interface ID for the FF-A based RPC layer for management operations */ +#define TS_MSG_MGMT_IFACE_ID (0x1000) + +/* Common opcodes used by the FF-A based RPC layer for management operations */ +#define TS_MSG_OPCODE_SHARE_MEM (0) +#define TS_MSG_OPCODE_UNSHARE_MEM (1) + +/* + * Currently all PSA SPs use the same protocol, but have dedicated UUIDs instead + * of using the common protocol UUID. All UUIDs listed here should be treated as + * having the same protocol. These will be removed later when the rest of the + * components are updated. + */ +#define PSA_CRYPTO_SP_UUID UUID_INIT(0xd9df52d5, 0x16a2, 0x4bb2, \ + 0x9a, 0xa4, 0xd2, 0x6d, 0x3b, 0x84, 0xe8, 0xc0) +#define PSA_ITS_SP_UUID UUID_INIT(0xdc1eef48, 0xb17a, 0x4ccf, \ + 0xac, 0x8b, 0xdf, 0xcf, 0xf7, 0x71, 0x1b, 0x14) +#define PSA_PS_SP_UUID UUID_INIT(0x751bf801, 0x3dde, 0x4768, \ + 0xa5, 0x14, 0x0f, 0x10, 0xae, 0xed, 0x17, 0x90) +#define PSA_IAT_SP_UUID UUID_INIT(0xa1baf155, 0x8876, 0x4695, \ + 0x8f, 0x7c, 0x54, 0x95, 0x5e, 0x8d, 0xb9, 0x74) + +bool is_ts_protocol(uuid_t *uuid); +int ts_msg_sync_send_recv(struct tee_context *ctx, + struct tee_ioctl_invoke_arg *arg, + struct tee_param *param); +int ts_msg_shm_share(struct tee_context *ctx, struct tee_shm *shm); +int ts_msg_shm_reclaim(struct tee_context *ctx, struct tee_shm *shm); + +#endif /* TS_MSG_H */ diff --git a/include/uapi/linux/arm_ffa_tee.h b/include/uapi/linux/arm_ffa_tee.h new file mode 100644 index 000000000000..c2ce1360a190 --- /dev/null +++ b/include/uapi/linux/arm_ffa_tee.h @@ -0,0 +1,116 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * Copyright (c) 2020-2021, Arm Limited + */ + +#ifndef ARM_FFA_TEE_H +#define ARM_FFA_TEE_H + +#include <linux/types.h> + +/* + * Some of the TEE ioctl calls don't have a parameter where the destination + * partition ID could be passed. To workaround this, first the partition ID has + * to be set in the context. This can be done using the open session ioctl. + * Currently this call doesn't invoke the SWd, i.e. there is no "real" session + * opened that should be registered in the SWd. It's only used to store the + * destination partition ID so subsequent calls can use it. + * + * Prior to calling open session, only one type of call is allowed: + * CMD_GET_PARTITION_LIST, because this doesn't invoke the SWd. + * + * For TEE_IOC_OPEN_SESSION. In tee_ioctl_open_session_arg: + * - num_params is 1, + * - rest of the fields is empty. + * + * Parameter encoding: + * param[0]: + * - attr: TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT + * - a: destination partition ID (u16) + * - b: 0 + * - c: 0 + */ + +/* + * This command is for querying the list of partitions with a matching UUID. + * + * This is not the same as a generic FF-A discovery call. The PARTITION_INFO_GET + * call is done by the FF-A driver and only the devices compatible with this + * driver (i.e. listed in this module's .id_table) are bound to this driver. + * This command searches the list of these bound devices looking for matching + * UUIDs and writes the corresponding partition IDs into the supplied buffer. + * It can (should) be called before TEE_IOC_OPEN_SESSION, to find the desired + * destination partition ID. + * + * Use with TEE_IOC_INVOKE. In tee_ioctl_invoke_arg: + * - func is CMD_GET_PARTITION_LIST, + * - num_params is 2, + * - rest of the fields is empty. + * + * Parameter encoding: + * param[0]: + * - attr: TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT + * - a: first 8 bytes of the FF-A UUID (big-endian) + * - b: last 8 bytes of the FF-A UUID (big-endian) + * - c: 0 + * + * param[1]: + * - attr: TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INOUT + * - a: address of partition ID list (array of u16) + * - b: max number of partition IDs in list (number of elements in array) + * - c: 0 + * + * Return parameter encoding: + * param[0]: input only + * + * param[1]: + * - a: number of IDs returned in the list + * - b: 0 if all possible IDs are returned + * 1 if there might be more (buffer was too short) + * - c: 0 + */ +#define CMD_GET_PARTITION_LIST (1) + +/* + * This command is for sending a message to a Secure Partition. + * + * The parameter encoding and implementation of this command depends on the ABI + * implemented by the SP (i.e. how it interprets the arguments of an FF-A direct + * request message). Currently the only implementation available in the driver + * is the Trusted Services RPC protocol, but other protocols can be added in the + * future. + * The following description is specific to the Trusted Services RPC protocol. + * + * Use with TEE_IOC_INVOKE. In tee_ioctl_invoke_arg: + * - func is CMD_SEND_MSG, + * - num_params is 1, + * - rest of the fields is empty. + * + * Parameter encoding: + * param[0]: + * - attr: TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INOUT + * - a: interface ID | opcode + * - b: request length + * - c: encoding + * + * Return parameter encoding: + * param[0]: + * - a: response length + * - b: RPC status | operation status + * - c: 0 + */ +#define CMD_SEND_MSG (2) + +#define CMD_SEND_MSG_PARAM_A(iface, opcode) ((__u64)( \ + (((__u32)(iface) & (__u32)0x0000ffffUL) << 16) | \ + ((__u32)(opcode) & (__u32)0x0000ffffUL))) +#define CMD_SEND_MSG_PARAM_B(req_len) ((__u32)(req_len)) +#define CMD_SEND_MSG_PARAM_C(encoding) ((__u32)(encoding)) + +#define CMD_SEND_MSG_RESP_LEN(param_a) ((__u32)(param_a)) +#define CMD_SEND_MSG_RPC_STATUS(param_b) \ + ((__s32)(((param_b) >> 32) & (__u32)0xffffffffUL)) +#define CMD_SEND_MSG_OP_STATUS(param_b) \ + ((__s32)((param_b) & (__u32)0xffffffffUL)) + +#endif /* ARM_FFA_TEE_H */ diff --git a/include/uapi/linux/tee.h b/include/uapi/linux/tee.h index 25a6c534beb1..4455a5b1a923 100644 --- a/include/uapi/linux/tee.h +++ b/include/uapi/linux/tee.h @@ -60,6 +60,7 @@ */ #define TEE_IMPL_ID_OPTEE 1 #define TEE_IMPL_ID_AMDTEE 2 +#define TEE_IMPL_ID_FFATEE 3 /* * OP-TEE specific capabilities -- 2.35.1

4 years

4
7
0 0

[PATCH v2 1/2] tee: remove tee_shm_va2pa() and tee_shm_pa2va()

by Andrew Davis

We should not need to index into SHMs based on absolute VA/PA. These functions are not used and this kind of usage should not be encouraged anyway. Remove these functions. Signed-off-by: Andrew Davis <afd(a)ti.com> Reviewed-by: Sumit Garg <sumit.garg(a)linaro.org> --- drivers/tee/tee_shm.c | 50 ----------------------------------------- include/linux/tee_drv.h | 18 --------------- 2 files changed, 68 deletions(-) diff --git a/drivers/tee/tee_shm.c b/drivers/tee/tee_shm.c index f31e29e8f1cac..b0c6d553d3a70 100644 --- a/drivers/tee/tee_shm.c +++ b/drivers/tee/tee_shm.c @@ -414,56 +414,6 @@ void tee_shm_free(struct tee_shm *shm) } EXPORT_SYMBOL_GPL(tee_shm_free); -/** - * tee_shm_va2pa() - Get physical address of a virtual address - * @shm: Shared memory handle - * @va: Virtual address to tranlsate - * @pa: Returned physical address - * @returns 0 on success and < 0 on failure - */ -int tee_shm_va2pa(struct tee_shm *shm, void *va, phys_addr_t *pa) -{ - if (!shm->kaddr) - return -EINVAL; - /* Check that we're in the range of the shm */ - if ((char *)va < (char *)shm->kaddr) - return -EINVAL; - if ((char *)va >= ((char *)shm->kaddr + shm->size)) - return -EINVAL; - - return tee_shm_get_pa( - shm, (unsigned long)va - (unsigned long)shm->kaddr, pa); -} -EXPORT_SYMBOL_GPL(tee_shm_va2pa); - -/** - * tee_shm_pa2va() - Get virtual address of a physical address - * @shm: Shared memory handle - * @pa: Physical address to tranlsate - * @va: Returned virtual address - * @returns 0 on success and < 0 on failure - */ -int tee_shm_pa2va(struct tee_shm *shm, phys_addr_t pa, void **va) -{ - if (!shm->kaddr) - return -EINVAL; - /* Check that we're in the range of the shm */ - if (pa < shm->paddr) - return -EINVAL; - if (pa >= (shm->paddr + shm->size)) - return -EINVAL; - - if (va) { - void *v = tee_shm_get_va(shm, pa - shm->paddr); - - if (IS_ERR(v)) - return PTR_ERR(v); - *va = v; - } - return 0; -} -EXPORT_SYMBOL_GPL(tee_shm_pa2va); - /** * tee_shm_get_va() - Get virtual address of a shared memory plus an offset * @shm: Shared memory handle diff --git a/include/linux/tee_drv.h b/include/linux/tee_drv.h index 911cad324acc7..17eb1c5205d34 100644 --- a/include/linux/tee_drv.h +++ b/include/linux/tee_drv.h @@ -298,24 +298,6 @@ void tee_shm_free(struct tee_shm *shm); */ void tee_shm_put(struct tee_shm *shm); -/** - * tee_shm_va2pa() - Get physical address of a virtual address - * @shm: Shared memory handle - * @va: Virtual address to tranlsate - * @pa: Returned physical address - * @returns 0 on success and < 0 on failure - */ -int tee_shm_va2pa(struct tee_shm *shm, void *va, phys_addr_t *pa); - -/** - * tee_shm_pa2va() - Get virtual address of a physical address - * @shm: Shared memory handle - * @pa: Physical address to tranlsate - * @va: Returned virtual address - * @returns 0 on success and < 0 on failure - */ -int tee_shm_pa2va(struct tee_shm *shm, phys_addr_t pa, void **va); - /** * tee_shm_get_va() - Get virtual address of a shared memory plus an offset * @shm: Shared memory handle -- 2.17.1

4 years

4
6
0 0

[GIT PULL] Fix OP-TEE compiler warning for v5.19

by Jens Wiklander

Hello arm-soc maintainers, Please pull this small patch which fixes a compiler warning in the OP-TEE driver. Note that this pull request is on top of and earlier accepted/applied [1] pull request in order to avoid a merge conflict. Thanks, Jens [1] https://lore.kernel.org/lkml/20220503192916.GA3288817@jade/ The following changes since commit 3e47235eaee09488c7e467b9aaccb7c93c862c6b: tee: make tee_shm_register_kernel_buf vmalloc supported (2022-04-05 08:04:16 +0200) are available in the Git repository at: https://git.linaro.org/people/jens.wiklander/linux-tee.git/ tags/optee-warning-for-v5.19 for you to fetch changes up to a3b9ecc805e9131476c719111fe347c7dbc0d1d1: tee: optee: Pass a pointer to virt_addr_valid() (2022-05-30 08:06:45 +0200) ---------------------------------------------------------------- Fix a compiler warning in OP-TEE driver ---------------------------------------------------------------- Linus Walleij (1): tee: optee: Pass a pointer to virt_addr_valid() drivers/tee/optee/call.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)

4 years

1
0
0 0

[PATCH] tee: optee: Pass a pointer to virt_addr_valid()

by Linus Walleij

A pointer into virtual memory is represented by a (void *) not an u32, so the compiler warns: drivers/tee/optee/call.c:365:29: warning: passing argument 1 of 'virt_to_pfn' makes pointer from integer without a cast [-Wint-conversion] Fix this with an explicit cast. Cc: Sumit Garg <sumit.garg(a)linaro.org> Signed-off-by: Linus Walleij <linus.walleij(a)linaro.org> --- drivers/tee/optee/call.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/tee/optee/call.c b/drivers/tee/optee/call.c index bd49ec934060..51275d77ec84 100644 --- a/drivers/tee/optee/call.c +++ b/drivers/tee/optee/call.c @@ -362,7 +362,7 @@ int optee_check_mem_type(unsigned long start, size_t num_pages) * Allow kernel address to register with OP-TEE as kernel * pages are configured as normal memory only. */ - if (virt_addr_valid(start)) + if (virt_addr_valid((void *)start)) return 0; mmap_read_lock(mm); -- 2.35.1

4 years

3
2
0 0

OP-TEE v3.17 S-EL1 SPMC status

by Balint Dobszay

Hi All, This is a follow-up email to the OP-TEE v3.17 release, highlighting the updates to the SPMC component. As you might know there is a forked version living at [1], and we are continuously working on moving all features to upstream. This version enables all PSA Secure Partitions implemented by Trusted Services to work with the upstream SPMC. For more information about the PSA SPs, please see [2]. Short summary of introduced changes: - Added support to process the SP manifests in the SPMC. The device MMIO regions described in the SP manifest are mapped into the SP's translation regime, as requested by FF-A. - Added support for the FF-A v1.0 partition boot protocol. The SPMC will pass information to the S-EL0 SPs about the device regions mapped. The boot information is passed in device tree format, using the same bindings as the SP manifest [3]. - Forward TPM Event Log to S-EL0 SPs. For more details on how to get, build and test the SPMC, please see [4]. If you have any questions, please do not hesitate to reach out to us via [5] or [6]. Regards, Balint on behalf of the Trusted Services team [1] https://git.trustedfirmware.org/OP-TEE/optee_os.git/log/?h=psa-development [2] https://trusted-services.readthedocs.io/en/integration [3] https://trustedfirmware-a.readthedocs.io/en/latest/components/ffa-manifest-… [4] https://developer.trustedfirmware.org/w/trusted-services/op-tee-spmc [5] https://lists.trustedfirmware.org/mailman3/lists/op-tee.lists.trustedfirmwa… [6] https://lists.trustedfirmware.org/mailman3/lists/trusted-services.lists.tru…

4 years, 1 month

2
1
0 0

[GIT PULL] TEE Cleanup for v5.19

by Jens Wiklander

Hello arm-soc maintainers, Please pull these small cleanup patches which removes two unused and outdated TEE_IOCTL_SHM_* flags and two unused pa2va and va2pa functions for tee_shm's. Thanks, Jens The following changes since commit 3123109284176b1532874591f7c81f3837bbdc17: Linux 5.18-rc1 (2022-04-03 14:08:21 -0700) are available in the Git repository at: https://git.linaro.org/people/jens.wiklander/linux-tee.git tags/tee-cleanup-for-v5.19 for you to fetch changes up to d8fc1c7c4c9b705ce5f5bba772ad66a0137c685d: tee: remove flags TEE_IOCTL_SHM_MAPPED and TEE_IOCTL_SHM_DMA_BUF (2022-04-26 10:17:03 +0200) ---------------------------------------------------------------- TEE cleanup Removes the old and unused TEE_IOCTL_SHM_* flags Removes unused the unused tee_shm_va2pa() and tee_shm_pa2va() functions ---------------------------------------------------------------- Andrew Davis (2): tee: remove tee_shm_va2pa() and tee_shm_pa2va() tee: remove flags TEE_IOCTL_SHM_MAPPED and TEE_IOCTL_SHM_DMA_BUF drivers/tee/tee_core.c | 2 -- drivers/tee/tee_shm.c | 50 ------------------------------------------------ include/linux/tee_drv.h | 18 ----------------- include/uapi/linux/tee.h | 4 ---- 4 files changed, 74 deletions(-)

4 years, 1 month

1
0
0 0

[PATCH v4 0/4] OP-TEE RPC argument cache

by Jens Wiklander

Hi all, This patchset optimizes handling of the argument struct passed to call_with_arg when doing a yielding call to OP-TEE. Prior to this was this struct allocated before the yielding call and then freed after it had returned. In case many calls are made in succession this results in quite a bit of unnecessary allocte/free and possibly also switching back and forth to secure work in order to register if needed. Another optimization handles the way the argument struct needed to do RPC is passed. Please see the patch "optee: add OPTEE_SMC_CALL_WITH_RPC_ARG and OPTEE_SMC_CALL_WITH_REGD_ARG" for details. Thanks, Jens v1->v2: * Split out a separate commit "optee: rename rpc_arg_count to rpc_param_count" * Check optee->rpc_param_count before calling optee_disable_shm_cache(). * Mention OPTEE_SMC_CALL_WITH_REGD_ARG in commit message. v2->v3: * Applied Sumit's R-B to "optee: rename rpc_arg_count to rpc_param_count" and "optee: add OPTEE_SMC_CALL_WITH_RPC_ARG and OPTEE_SMC_CALL_WITH_REGD_ARG" * Fixed some review comments to "optee: add OPTEE_SMC_CALL_WITH_RPC_ARG and OPTEE_SMC_CALL_WITH_REGD_ARG" * Rebased on v5.18-rc1 v3->v4: * Updated "optee: cache argument shared memory structs" to work with older versions of the SMC-ABI when using dynamic shared memory. Jens Wiklander (4): optee: rename rpc_arg_count to rpc_param_count optee: add OPTEE_SMC_CALL_WITH_RPC_ARG and OPTEE_SMC_CALL_WITH_REGD_ARG optee: add FF-A capability OPTEE_FFA_SEC_CAP_ARG_OFFSET optee: cache argument shared memory structs drivers/tee/optee/call.c | 238 ++++++++++++++++++++++++------ drivers/tee/optee/core.c | 1 + drivers/tee/optee/ffa_abi.c | 36 +++-- drivers/tee/optee/optee_ffa.h | 12 +- drivers/tee/optee/optee_private.h | 31 +++- drivers/tee/optee/optee_smc.h | 48 +++++- drivers/tee/optee/smc_abi.c | 197 ++++++++++++++++++++----- 7 files changed, 461 insertions(+), 102 deletions(-) -- 2.31.1

4 years, 1 month

1
5
0 0

[GIT PULL] OP-TEE RPC arg for v5.19

by Jens Wiklander

Hello arm-soc maintainers, Please pull these patches which improves performance when communicating with OP-TEE in the secure world. A cache of argument structs is implemented to minimize the number of alloc/free and possibly also register/unregister of these buffers in the secure world. This boosts the performance in particular in a FF-A configuration. It should also save a bit of shared memory since each multiple a physical page now can hold multiple argument structs, instead of one page per struct as it was before. The OP-TEE SMC ABI is also extended to pass an argument struct needed for RPC together with the primary argument struct, in a manner similar the OP-TEE FF-A ABI. Thanks, Jens The following changes since commit 3123109284176b1532874591f7c81f3837bbdc17: Linux 5.18-rc1 (2022-04-03 14:08:21 -0700) are available in the Git repository at: https://git.linaro.org/people/jens.wiklander/linux-tee.git tags/optee-rpc-arg-for-v5.19 for you to fetch changes up to 5b4018b959149eb5b5f3004fc0339674af67516b: optee: cache argument shared memory structs (2022-04-25 21:13:05 +0200) ---------------------------------------------------------------- OP-TEE RPC argument cache Adds caching of the OP-TEE argument structure used to pass request to secure world. This reduces quite a bit of unnecessary alloc/free and possibly switching back and forth to secure work in order to register the buffers in some configurations, most notably FF-A. ---------------------------------------------------------------- Jens Wiklander (4): optee: rename rpc_arg_count to rpc_param_count optee: add OPTEE_SMC_CALL_WITH_RPC_ARG and OPTEE_SMC_CALL_WITH_REGD_ARG optee: add FF-A capability OPTEE_FFA_SEC_CAP_ARG_OFFSET optee: cache argument shared memory structs drivers/tee/optee/call.c | 238 +++++++++++++++++++++++++++++++------- drivers/tee/optee/core.c | 1 + drivers/tee/optee/ffa_abi.c | 36 ++++-- drivers/tee/optee/optee_ffa.h | 12 +- drivers/tee/optee/optee_private.h | 31 ++++- drivers/tee/optee/optee_smc.h | 48 +++++++- drivers/tee/optee/smc_abi.c | 197 +++++++++++++++++++++++++------ 7 files changed, 461 insertions(+), 102 deletions(-)

4 years, 1 month

1
0
0 0

[GIT PULL] firmware: arm_ffa: Updates for v5.19

by Sudeep Holla

Hi ARM SoC Team, Please pull ! Regards, Sudeep -->8 The following changes since commit 3123109284176b1532874591f7c81f3837bbdc17: Linux 5.18-rc1 (2022-04-03 14:08:21 -0700) are available in the Git repository at: git://git.kernel.org/pub/scm/linux/kernel/git/sudeep.holla/linux.git tags/ffa-updates-5.19 for you to fetch changes up to f3f3bdbd58cea4fdd088075fdc8864fc47ecd419: tee: optee: Use ffa_dev_get_drvdata to fetch driver_data (2022-04-29 14:51:46 +0100) ---------------------------------------------------------------- Arm FF-A firmware driver updates/fixes for v5.19 Couple of fixes to handle fragmented memory descriptors and incorrect UUID parameter passed to ffa_partition_probe. Another fix deals with the incorrect use of ffa_device's driver_data by the core driver. Apart from these fixes, there is an addition of ffa_dev_get_drvdata helper function and its use in optee driver. ---------------------------------------------------------------- Marc Bonnici (1): firmware: arm_ffa: Fix handling of fragmented memory descriptors Sudeep Holla (4): firmware: arm_ffa: Fix uuid parameter to ffa_partition_probe firmware: arm_ffa: Remove incorrect assignment of driver_data firmware: arm_ffa: Add ffa_dev_get_drvdata helper function tee: optee: Use ffa_dev_get_drvdata to fetch driver_data drivers/firmware/arm_ffa/driver.c | 24 ++++++++++++++---------- drivers/tee/optee/ffa_abi.c | 2 +- include/linux/arm_ffa.h | 7 ++++++- 3 files changed, 21 insertions(+), 12 deletions(-)

4 years, 1 month

1
0
0 0

[GIT PULL] TEE SHM vmalloc for v5.19

by Jens Wiklander

Hello arm-soc maintainers, Please pull this patch which enables tee_shm_register_kernel_buf() to accept vmalloc()ed buffers. Thanks, Jens The following changes since commit 3123109284176b1532874591f7c81f3837bbdc17: Linux 5.18-rc1 (2022-04-03 14:08:21 -0700) are available in the Git repository at: https://git.linaro.org/people/jens.wiklander/linux-tee.git tags/tee-shm-vmalloc-for-v5.19 for you to fetch changes up to 3e47235eaee09488c7e467b9aaccb7c93c862c6b: tee: make tee_shm_register_kernel_buf vmalloc supported (2022-04-05 08:04:16 +0200) ---------------------------------------------------------------- TEE accept vmalloc()ed buffers for tee_shm_register_kernel_buf() ---------------------------------------------------------------- Phil Chang (1): tee: make tee_shm_register_kernel_buf vmalloc supported drivers/tee/optee/call.c | 2 +- drivers/tee/tee_shm.c | 35 +++++++++++++++++++++++++---------- 2 files changed, 26 insertions(+), 11 deletions(-)

4 years, 1 month

1
0
0 0

[GIT PULL] TEE menu for v5.19

by Jens Wiklander

Hello arm-soc maintainers, Please pull this small patch which combines the config and menu for TEE's menuconfig into one line. Thanks, Jens The following changes since commit 3123109284176b1532874591f7c81f3837bbdc17: Linux 5.18-rc1 (2022-04-03 14:08:21 -0700) are available in the Git repository at: https://git.linaro.org/people/jens.wiklander/linux-tee.git tags/tee-menu-for-v5.19 for you to fetch changes up to a4b75fe8e1c15c96c4eb083e211ccbbfd56599f9: tee: combine "config" and "menu" for TEE's menuconfig (2022-04-05 07:32:23 +0200) ---------------------------------------------------------------- Combine TEE config and menu in one line ---------------------------------------------------------------- Jan Engelhardt (1): tee: combine "config" and "menu" for TEE's menuconfig drivers/tee/Kconfig | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-)

4 years, 1 month

1
0
0 0

[PATCH 1/4] firmware: arm_ffa: Fix uuid parameter to ffa_partition_probe

by Sudeep Holla

While we pass uuid_null intentionally to ffa_partition_probe in ffa_setup_partitions to get the count of the partitions, it must not be uuid_null in ffa_partition_info_get which is used by the ffa_drivers to fetch the specific partition info passing the UUID of the partition. Fix ffa_partition_info_get by passing the received uuid down to ffa_partition_probe so that the correct partition information is fetched. Fixes: d0c0bce83122 ("firmware: arm_ffa: Setup in-kernel users of FFA partitions") Reported-by: Arunachalam Ganapathy <arunachalam.ganapathy(a)arm.com> Signed-off-by: Sudeep Holla <sudeep.holla(a)arm.com> --- drivers/firmware/arm_ffa/driver.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/firmware/arm_ffa/driver.c b/drivers/firmware/arm_ffa/driver.c index ccccecae615f..6a913ac91e8e 100644 --- a/drivers/firmware/arm_ffa/driver.c +++ b/drivers/firmware/arm_ffa/driver.c @@ -588,7 +588,7 @@ static int ffa_partition_info_get(const char *uuid_str, return -ENODEV; } - count = ffa_partition_probe(&uuid_null, &pbuf); + count = ffa_partition_probe(&uuid, &pbuf); if (count <= 0) return -ENOENT; -- 2.36.0

4 years, 1 month

1
4
0 0

[PATCH] hwrng: optee-rng: remove redundant initialization to variable rng_size

by Colin Ian King

Variable rng_size is being initialized with a value that is never read, the variable is being re-assigned later on. The initialization is redundant and can be removed. Cleans up cppcheck warning: Variable 'rng_size' is assigned a value that is never used. Signed-off-by: Colin Ian King <colin.i.king(a)gmail.com> --- drivers/char/hw_random/optee-rng.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/char/hw_random/optee-rng.c b/drivers/char/hw_random/optee-rng.c index a948c0727b2b..96b5d546d136 100644 --- a/drivers/char/hw_random/optee-rng.c +++ b/drivers/char/hw_random/optee-rng.c @@ -115,7 +115,7 @@ static size_t get_optee_rng_data(struct optee_rng_private *pvt_data, static int optee_rng_read(struct hwrng *rng, void *buf, size_t max, bool wait) { struct optee_rng_private *pvt_data = to_optee_rng_private(rng); - size_t read = 0, rng_size = 0; + size_t read = 0, rng_size; int timeout = 1; u8 *data = buf; -- 2.35.1

4 years, 1 month

3
2
0 0

Linaro OP-TEE Contribution (LOC) monthly meeting April 2022

by Ruchika Gupta

Hi, OP-TEE Contributions (LOC) monthly meeting is planned for Thursday April 28 @17.00 (UTC + 2). We have following on the agenda - Fault Mitigation patterns in OP-TEE - Jens Wiklander If you have any more topics you'd like to discuss, please let us know and we can schedule them. Meeting details: --------------- Date/time: April 28(a)17.00 (UTC + 2) https://everytimezone.com/s/700b9d66 Connection details: https://www.trustedfirmware.org/meetings/ Meeting notes: http://bit.ly/loc-notes Regards, Ruchika on behalf of the Linaro OP-TEE team

4 years, 1 month

1
1
0 0

[PATCH 1/2] tee: remove tee_shm_va2pa() and tee_shm_pa2va()

by Andrew Davis

We should not need to index into SHMs based on absolute VA/PA. These functions are not used and this kind of usage should not be encouraged anyway. Remove these functions. Signed-off-by: Andrew Davis <afd(a)ti.com> --- drivers/tee/tee_shm.c | 50 ----------------------------------------- include/linux/tee_drv.h | 18 --------------- 2 files changed, 68 deletions(-) diff --git a/drivers/tee/tee_shm.c b/drivers/tee/tee_shm.c index f31e29e8f1cac..b0c6d553d3a70 100644 --- a/drivers/tee/tee_shm.c +++ b/drivers/tee/tee_shm.c @@ -414,56 +414,6 @@ void tee_shm_free(struct tee_shm *shm) } EXPORT_SYMBOL_GPL(tee_shm_free); -/** - * tee_shm_va2pa() - Get physical address of a virtual address - * @shm: Shared memory handle - * @va: Virtual address to tranlsate - * @pa: Returned physical address - * @returns 0 on success and < 0 on failure - */ -int tee_shm_va2pa(struct tee_shm *shm, void *va, phys_addr_t *pa) -{ - if (!shm->kaddr) - return -EINVAL; - /* Check that we're in the range of the shm */ - if ((char *)va < (char *)shm->kaddr) - return -EINVAL; - if ((char *)va >= ((char *)shm->kaddr + shm->size)) - return -EINVAL; - - return tee_shm_get_pa( - shm, (unsigned long)va - (unsigned long)shm->kaddr, pa); -} -EXPORT_SYMBOL_GPL(tee_shm_va2pa); - -/** - * tee_shm_pa2va() - Get virtual address of a physical address - * @shm: Shared memory handle - * @pa: Physical address to tranlsate - * @va: Returned virtual address - * @returns 0 on success and < 0 on failure - */ -int tee_shm_pa2va(struct tee_shm *shm, phys_addr_t pa, void **va) -{ - if (!shm->kaddr) - return -EINVAL; - /* Check that we're in the range of the shm */ - if (pa < shm->paddr) - return -EINVAL; - if (pa >= (shm->paddr + shm->size)) - return -EINVAL; - - if (va) { - void *v = tee_shm_get_va(shm, pa - shm->paddr); - - if (IS_ERR(v)) - return PTR_ERR(v); - *va = v; - } - return 0; -} -EXPORT_SYMBOL_GPL(tee_shm_pa2va); - /** * tee_shm_get_va() - Get virtual address of a shared memory plus an offset * @shm: Shared memory handle diff --git a/include/linux/tee_drv.h b/include/linux/tee_drv.h index 911cad324acc7..17eb1c5205d34 100644 --- a/include/linux/tee_drv.h +++ b/include/linux/tee_drv.h @@ -298,24 +298,6 @@ void tee_shm_free(struct tee_shm *shm); */ void tee_shm_put(struct tee_shm *shm); -/** - * tee_shm_va2pa() - Get physical address of a virtual address - * @shm: Shared memory handle - * @va: Virtual address to tranlsate - * @pa: Returned physical address - * @returns 0 on success and < 0 on failure - */ -int tee_shm_va2pa(struct tee_shm *shm, void *va, phys_addr_t *pa); - -/** - * tee_shm_pa2va() - Get virtual address of a physical address - * @shm: Shared memory handle - * @pa: Physical address to tranlsate - * @va: Returned virtual address - * @returns 0 on success and < 0 on failure - */ -int tee_shm_pa2va(struct tee_shm *shm, phys_addr_t pa, void **va); - /** * tee_shm_get_va() - Get virtual address of a shared memory plus an offset * @shm: Shared memory handle -- 2.17.1

4 years, 1 month

2
4
0 0

[PATCH v3 0/4] OP-TEE RPC argument cache

by Jens Wiklander

Hi all, This patchset optimizes handling of the argument struct passed to call_with_arg when doing a yielding call to OP-TEE. Prior to this was this struct allocated before the yielding call and then freed after it had returned. In case many calls are made in succession this results in quite a bit of unnecessary allocte/free and possibly also switching back and forth to secure work in order to register if needed. Another optimization handles the way the argument struct needed to do RPC is passed. Please see the patch "optee: add OPTEE_SMC_CALL_WITH_RPC_ARG and OPTEE_SMC_CALL_WITH_REGD_ARG" for details. Thanks, Jens v1->v2: * Split out a separate commit "optee: rename rpc_arg_count to rpc_param_count" * Check optee->rpc_param_count before calling optee_disable_shm_cache(). * Mention OPTEE_SMC_CALL_WITH_REGD_ARG in commit message. v2->v3: * Applied Sumit's R-B to "optee: rename rpc_arg_count to rpc_param_count" and "optee: add OPTEE_SMC_CALL_WITH_RPC_ARG and OPTEE_SMC_CALL_WITH_REGD_ARG" * Fixed some review comments to "optee: add OPTEE_SMC_CALL_WITH_RPC_ARG and OPTEE_SMC_CALL_WITH_REGD_ARG" * Rebased on v5.18-rc1 Jens Wiklander (4): optee: rename rpc_arg_count to rpc_param_count optee: add OPTEE_SMC_CALL_WITH_RPC_ARG and OPTEE_SMC_CALL_WITH_REGD_ARG optee: add FF-A capability OPTEE_FFA_SEC_CAP_ARG_OFFSET optee: cache argument shared memory structs drivers/tee/optee/call.c | 238 ++++++++++++++++++++++++------ drivers/tee/optee/core.c | 1 + drivers/tee/optee/ffa_abi.c | 36 +++-- drivers/tee/optee/optee_ffa.h | 12 +- drivers/tee/optee/optee_private.h | 31 +++- drivers/tee/optee/optee_smc.h | 48 +++++- drivers/tee/optee/smc_abi.c | 162 +++++++++++++++----- 7 files changed, 428 insertions(+), 100 deletions(-) -- 2.31.1

4 years, 2 months

1
5
0 0

OP-TEE 3.17.0 has been released

by Jerome Forissier

Hi, I'm pleased to announce that OP-TEE version 3.17.0 is now available. As usual, the list of changes can be found in the changelog [1]. A big thank you to everyone who participated with contributions and helping out with testing the release [2]. [1] https://github.com/OP-TEE/optee_os/blob/master/CHANGELOG.md [2] https://github.com/OP-TEE/optee_os/commit/db2e7fe5eea80be6c244da3bf131676eb… Regards, -- Jerome

4 years, 2 months

1
0
0 0

[[GIT PULL] OP-TEE fix for v5.18

by Jens Wiklander

Hello arm-soc maintainers, Please pull this small OP-TEE driver fix for the error handling path in the FF-A probe function. Thanks, Jens The following changes since commit 3123109284176b1532874591f7c81f3837bbdc17: Linux 5.18-rc1 (2022-04-03 14:08:21 -0700) are available in the Git repository at: git://git.linaro.org/people/jens.wiklander/linux-tee.git tags/optee-fix-for-v5.18 for you to fetch changes up to b5e22886839ae466fcf03295150094516c0fd8eb: tee: optee: add missing mutext_destroy in optee_ffa_probe (2022-04-05 08:56:26 +0200) ---------------------------------------------------------------- OP-TEE fix missing mutex_destroy in probe error handling path ---------------------------------------------------------------- Dongliang Mu (1): tee: optee: add missing mutext_destroy in optee_ffa_probe drivers/tee/optee/ffa_abi.c | 1 + 1 file changed, 1 insertion(+)

4 years, 2 months

1
0
0 0

[PATCH v2 0/4] OP-TEE RPC argument cache

by Jens Wiklander

Hi all, This patchset optimizes handling of the argument struct passed to call_with_arg when doing a yielding call to OP-TEE. Prior to this was this struct allocated before the yielding call and then freed after it had returned. In case many calls are made in succession this results in quite a bit of unnecessary allocte/free and possibly also switching back and forth to secure work in order to register if needed. Another optimization handles the way the argument struct needed to do RPC is passed. Please see the patch "optee: add OPTEE_SMC_CALL_WITH_RPC_ARG and OPTEE_SMC_CALL_WITH_REGD_ARG" for details. This patchset is based the next branch [1] in my kernel to avoid conflict with other recent patches. Thanks, Jens [1] https://git.linaro.org/people/jens.wiklander/linux-tee.git/log/?h=next v1->v2: * Split out a separate commit "optee: rename rpc_arg_count to rpc_param_count" * Check optee->rpc_param_count before calling optee_disable_shm_cache(). * Mention OPTEE_SMC_CALL_WITH_REGD_ARG in commit message. Jens Wiklander (4): optee: rename rpc_arg_count to rpc_param_count optee: add OPTEE_SMC_CALL_WITH_RPC_ARG and OPTEE_SMC_CALL_WITH_REGD_ARG optee: add FF-A capability OPTEE_FFA_SEC_CAP_ARG_OFFSET optee: cache argument shared memory structs drivers/tee/optee/call.c | 238 ++++++++++++++++++++++++------ drivers/tee/optee/core.c | 1 + drivers/tee/optee/ffa_abi.c | 36 +++-- drivers/tee/optee/optee_ffa.h | 12 +- drivers/tee/optee/optee_private.h | 31 +++- drivers/tee/optee/optee_smc.h | 47 +++++- drivers/tee/optee/smc_abi.c | 162 +++++++++++++++----- 7 files changed, 427 insertions(+), 100 deletions(-) -- 2.31.1

4 years, 2 months

2
6
0 0

Preparing for OP-TEE 3.17.0

by Jerome Forissier

[BCC all OP-TEE maintainers] Hi OP-TEE maintainers & contributors, OP-TEE v3.17.0 is scheduled to be released on 2022-04-22. So, now is a good time to start testing the master branch on the various platforms and report/fix any bugs. The GitHub pull request for collecting Tested-by tags or any other comments is https://github.com/OP-TEE/optee_os/pull/5229 As usual, we will create a release candidate tag one week before the release date for final testing. In addition to that you can find some additional information related to releases here: https://optee.readthedocs.io/en/latest/general/releases.html Thanks, -- Jerome

4 years, 2 months

2
1
0 0

[PATCH v4] tee: make tee_shm_register_kernel_buf vmalloc supported

by Phil Chang

In some low-memory devices, it's hard to aquire large-orders pages, this patch allowed user using scatter pages to register shm. Signed-off-by: Phil Chang <phil.chang(a)mediatek.com> Reviewed-by: Sumit Garg <sumit.garg(a)linaro.org> --- drivers/tee/optee/call.c | 2 +- drivers/tee/tee_shm.c | 35 +++++++++++++++++++++++++---------- 2 files changed, 26 insertions(+), 11 deletions(-) diff --git a/drivers/tee/optee/call.c b/drivers/tee/optee/call.c index bd49ec934060..2082e632adff 100644 --- a/drivers/tee/optee/call.c +++ b/drivers/tee/optee/call.c @@ -362,7 +362,7 @@ int optee_check_mem_type(unsigned long start, size_t num_pages) * Allow kernel address to register with OP-TEE as kernel * pages are configured as normal memory only. */ - if (virt_addr_valid(start)) + if (virt_addr_valid(start) || is_vmalloc_addr((void *)start)) return 0; mmap_read_lock(mm); diff --git a/drivers/tee/tee_shm.c b/drivers/tee/tee_shm.c index f31e29e8f1ca..836872467dc6 100644 --- a/drivers/tee/tee_shm.c +++ b/drivers/tee/tee_shm.c @@ -23,21 +23,36 @@ static void shm_put_kernel_pages(struct page **pages, size_t page_count) static int shm_get_kernel_pages(unsigned long start, size_t page_count, struct page **pages) { - struct kvec *kiov; size_t n; int rc; - kiov = kcalloc(page_count, sizeof(*kiov), GFP_KERNEL); - if (!kiov) - return -ENOMEM; + if (is_vmalloc_addr((void *)start)) { + struct page *page; - for (n = 0; n < page_count; n++) { - kiov[n].iov_base = (void *)(start + n * PAGE_SIZE); - kiov[n].iov_len = PAGE_SIZE; - } + for (n = 0; n < page_count; n++) { + page = vmalloc_to_page((void *)(start + PAGE_SIZE * n)); + if (!page) + return -ENOMEM; + + get_page(page); + pages[n] = page; + } + rc = page_count; + } else { + struct kvec *kiov; + + kiov = kcalloc(page_count, sizeof(*kiov), GFP_KERNEL); + if (!kiov) + return -ENOMEM; - rc = get_kernel_pages(kiov, page_count, 0, pages); - kfree(kiov); + for (n = 0; n < page_count; n++) { + kiov[n].iov_base = (void *)(start + n * PAGE_SIZE); + kiov[n].iov_len = PAGE_SIZE; + } + + rc = get_kernel_pages(kiov, page_count, 0, pages); + kfree(kiov); + } return rc; } -- 2.25.1

4 years, 2 months

2
3
0 0

[PATCH 0/3] OP-TEE RPC argument cache

by Jens Wiklander

Hi all, This patchset optimizes handling of the argument struction passed to call_with_arg when doing a yielding call to OP-TEE. Prior to this was this structure allocated before the yielding call and then freed after it had returned. In case many calls are made in succession this results in quite a bit of unncesary allocte/free and possibly also switching back and forth to secure work in order to register if needed. Another optimization handles the way the argument struct needed to do RPC is passed. Please see the patch "optee: add OPTEE_SMC_CALL_WITH_RPC_ARG" for details. This patchset is based the next branch [1] in my kernel to avoid conflict with other recent patches. Thanks, Jens [1] https://git.linaro.org/people/jens.wiklander/linux-tee.git/log/?h=next Jens Wiklander (3): optee: add OPTEE_SMC_CALL_WITH_RPC_ARG optee: add FF-A capability OPTEE_FFA_SEC_CAP_ARG_OFFSET optee: cache argument shared memory structs drivers/tee/optee/call.c | 238 ++++++++++++++++++++++++------ drivers/tee/optee/core.c | 1 + drivers/tee/optee/ffa_abi.c | 36 +++-- drivers/tee/optee/optee_ffa.h | 12 +- drivers/tee/optee/optee_private.h | 31 +++- drivers/tee/optee/optee_smc.h | 47 +++++- drivers/tee/optee/smc_abi.c | 151 +++++++++++++++---- 7 files changed, 419 insertions(+), 97 deletions(-) -- 2.31.1

4 years, 2 months

2
14
0 0

[PATCH] tee: optee: add missing mutext_destroy in optee_ffa_probe

by Dongliang Mu

From: Dongliang Mu <mudongliangabcd(a)gmail.com> The error handling code of optee_ffa_probe misses the mutex_destroy of ffa.mutex when mutext_init succeeds. Fix this by adding mutex_destory of ffa.mutex at the error handling part Fixes: aceeafefff73 ("optee: use driver internal tee_context for some rpc") Signed-off-by: Dongliang Mu <mudongliangabcd(a)gmail.com> --- drivers/tee/optee/ffa_abi.c | 1 + 1 file changed, 1 insertion(+) diff --git a/drivers/tee/optee/ffa_abi.c b/drivers/tee/optee/ffa_abi.c index f744ab15bf2c..30a6119a2b16 100644 --- a/drivers/tee/optee/ffa_abi.c +++ b/drivers/tee/optee/ffa_abi.c @@ -894,6 +894,7 @@ static int optee_ffa_probe(struct ffa_device *ffa_dev) rhashtable_free_and_destroy(&optee->ffa.global_ids, rh_free_fn, NULL); optee_supp_uninit(&optee->supp); mutex_destroy(&optee->call_queue.mutex); + mutex_destroy(&optee->ffa.mutex); err_unreg_supp_teedev: tee_device_unregister(optee->supp_teedev); err_unreg_teedev: -- 2.25.1

4 years, 2 months

3
4
0 0

Mbed TLS GitHub migration

by Dave Rodgman

Hi all, Please be advised that the Mbed TLS GitHub migration is complete. The new home for Mbed TLS is: https://github.com/Mbed-TLS We recommend updating your project, checkouts, etc to point at the new repository, but it's not urgent as everything will continue to work for some time via automatic redirection. Also please note that our project boards, which we use for planning upcoming work via epics, and tracking current activity, have moved. They are now available here: Epics board: https://github.com/orgs/Mbed-TLS/projects/1 Current activity: https://github.com/orgs/Mbed-TLS/projects/2 Thanks Dave Rodgman On 22/03/2022, 14:52, "Dave Rodgman via Mbed-tls-announce" <mbed-tls-announce(a)lists.trustedfirmware.org> wrote: Hi all, Please note that in the next couple of weeks, we will migrate Mbed TLS to a new GitHub organisation. Your existing scripts, links etc for accessing Mbed TLS on GitHub should not be affected. This will change the url from https://github.com/ARMmbed/mbedtls to https://github.com/Mbed-TLS/mbedtls . GitHub will redirect any accesses to the old URL for the foreseeable future, but we would recommend updating your links once the migration is complete. All of the Mbed TLS repositories will migrate to this new organisation, i.e.: mbedtls mbedtls-docs mbedtls-test Thanks Dave Rodgman -- Mbed-tls-announce mailing list -- mbed-tls-announce(a)lists.trustedfirmware.org To unsubscribe send an email to mbed-tls-announce-leave(a)lists.trustedfirmware.org

4 years, 2 months

1
0
0 0

2026

2025

2024

2023

2022

2021

2020

OP-TEE