- OP-TEE - lists.trustedfirmware.org

[PATCH] tee: optee: Fix kernel panic caused by incorrect error handling

by Sumit Garg

The error path while failing to register devices on the TEE bus has a bug leading to kernel panic as follows: [ 15.398930] Unable to handle kernel paging request at virtual address ffff07ed00626d7c [ 15.406913] Mem abort info: [ 15.409722] ESR = 0x0000000096000005 [ 15.413490] EC = 0x25: DABT (current EL), IL = 32 bits [ 15.418814] SET = 0, FnV = 0 [ 15.421878] EA = 0, S1PTW = 0 [ 15.425031] FSC = 0x05: level 1 translation fault [ 15.429922] Data abort info: [ 15.432813] ISV = 0, ISS = 0x00000005, ISS2 = 0x00000000 [ 15.438310] CM = 0, WnR = 0, TnD = 0, TagAccess = 0 [ 15.443372] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0 [ 15.448697] swapper pgtable: 4k pages, 48-bit VAs, pgdp=00000000d9e3e000 [ 15.455413] [ffff07ed00626d7c] pgd=1800000bffdf9003, p4d=1800000bffdf9003, pud=0000000000000000 [ 15.464146] Internal error: Oops: 0000000096000005 [#1] PREEMPT SMP Commit 7269cba53d90 ("tee: optee: Fix supplicant based device enumeration") lead to the introduction of this bug. So fix it appropriately. Reported-by: Mikko Rapeli <mikko.rapeli(a)linaro.org> Closes: https://bugzilla.kernel.org/show_bug.cgi?id=218542 Fixes: 7269cba53d90 ("tee: optee: Fix supplicant based device enumeration") Cc: stable(a)vger.kernel.org Signed-off-by: Sumit Garg <sumit.garg(a)linaro.org> --- drivers/tee/optee/device.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/tee/optee/device.c b/drivers/tee/optee/device.c index 9d2afac96acc..d296c70ddfdc 100644 --- a/drivers/tee/optee/device.c +++ b/drivers/tee/optee/device.c @@ -90,13 +90,14 @@ static int optee_register_device(const uuid_t *device_uuid, u32 func) if (rc) { pr_err("device registration failed, err: %d\n", rc); put_device(&optee_device->dev); + return rc; } if (func == PTA_CMD_GET_DEVICES_SUPP) device_create_file(&optee_device->dev, &dev_attr_need_supplicant); - return rc; + return 0; } static int __optee_enumerate_devices(u32 func) -- 2.34.1

2 years

3
4
0 0

[GIT PULL] Make tee_bus_type const for v6.9

by Jens Wiklander

Hello arm-soc maitainers, Please pull this small patch making tee_bus_type const. Thanks, Jens The following changes since commit 41bccc98fb7931d63d03f326a746ac4d429c1dd3: Linux 6.8-rc2 (2024-01-28 17:01:12 -0800) are available in the Git repository at: https://git.linaro.org/people/jens.wiklander/linux-tee.git/ tags/tee-bus-type-for-v6.9 for you to fetch changes up to 1d044941d53855ca06e4fa34936ff7273c8641dd: tee: make tee_bus_type const (2024-02-15 08:28:24 +0100) ---------------------------------------------------------------- tee: make tee_bus_type const ---------------------------------------------------------------- Ricardo B. Marliere (1): tee: make tee_bus_type const drivers/tee/tee_core.c | 2 +- include/linux/tee_drv.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-)

2 years

2
1
0 0

[GIT PULL] OP-TEE fix for 6.8

by Jens Wiklander

Hello arm-soc maintainers, Please pull this small fix for a panic in the OP-TEE driver that can occur in the error path when registering devices on the TEE bus. Thanks, Jens The following changes since commit 41bccc98fb7931d63d03f326a746ac4d429c1dd3: Linux 6.8-rc2 (2024-01-28 17:01:12 -0800) are available in the Git repository at: https://git.linaro.org/people/jens.wiklander/linux-tee.git tags/optee-fix-for-v6.8 for you to fetch changes up to 95915ba4b987cf2b222b0f251280228a1ff977ac: tee: optee: Fix kernel panic caused by incorrect error handling (2024-03-04 09:49:03 +0100) ---------------------------------------------------------------- Fix kernel panic in OP-TEE driver ---------------------------------------------------------------- Sumit Garg (1): tee: optee: Fix kernel panic caused by incorrect error handling drivers/tee/optee/device.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)

2 years

1
0
0 0

[PATCH v3 0/7] Introduction of a remoteproc tee to load signed firmware

by Arnaud Pouliquen

Updates from the previous version [1]: This version proposes another approach based on an alternate load and boot of the coprocessor. Therefore, the constraint introduced by tee_remoteproc is that the firmware has to be authenticated and loaded before the resource table can be obtained. The existing boot sequence is: 1) Get the resource table and store it in a cache, calling rproc->ops->parse_fw(). 2) Parse the resource table and handle resources, calling rproc_handle_resources. 3) Load the firmware, calling rproc->ops->load(). 4) Start the firmware, calling rproc->ops->start(). => Steps 1 and 2 are executed in rproc_fw_boot(), while steps 3 and 4 are executed in rproc_start(). => the use of rproc->ops->load() ops is mandatory The boot sequence needed for TEE boot is: 1) Load the firmware. 2) Get the loaded resource, no cache. 3) Parse the resource table and handle resources. 4) Start the firmware. Then the crash recovery also has to be managed.For recovery, the cache is used to temporarily save the resource table and then reapply it on restart: 1) Stop the remote processor, calling rproc->ops->stop(). 2) Load the firmware, calling rproc->ops->load(). 3) Copy cached resource table. 4) Start the remote processor, calling rproc->ops->start(). => This sequence is also needed when TEE manages the boot of the remote processor. => The rproc->ops->load() is also used in recovery sequence. Based on the sequences described above, the proposal is to: - Rework tee_rproc API to better match the rproc_ops structure. This allows to simply map the function to implement the load ops, which is not optional. The tee_rproc_load_fw() is updated in consequence. - Remove the call of rproc_load_segments from rproc_start() to dissociate the load and the start. This is necessary to implement the boot sequence requested for the TEE remote proc support. - Introduce an rproc_alt_fw_boot() function that is an alternative boot sequence, which implements the sequence requested for the TEE remoteproc support. [1] https://lore.kernel.org/lkml/20240118100433.3984196-1-arnaud.pouliquen@foss… Description of the feature: This series proposes the implementation of a remoteproc tee driver to communicate with a TEE trusted application responsible for authenticating and loading the remoteproc firmware image in an Arm secure context. 1) Principle: The remoteproc tee driver provides services to communicate with the OP-TEE trusted application running on the Trusted Execution Context (TEE). The trusted application in TEE manages the remote processor lifecycle: - authenticating and loading firmware images, - isolating and securing the remote processor memories, - supporting multi-firmware (e.g., TF-M + Zephyr on a Cortex-M33), - managing the start and stop of the firmware by the TEE. 2) Format of the signed image: Refer to: https://github.com/OP-TEE/optee_os/blob/master/ta/remoteproc/src/remoteproc… 3) OP-TEE trusted application API: Refer to: https://github.com/OP-TEE/optee_os/blob/master/ta/remoteproc/include/ta_rem… 4) OP-TEE signature script Refer to: https://github.com/OP-TEE/optee_os/blob/master/scripts/sign_rproc_fw.py Example of usage: sign_rproc_fw.py --in <fw1.elf> --in <fw2.elf> --out <signed_fw.sign> --key ${OP-TEE_PATH}/keys/default.pem 5) Impact on User space Application No sysfs impact.the user only needs to provide the signed firmware image instead of the ELF image. For more information about the implementation, a presentation is available here (note that the format of the signed image has evolved between the presentation and the integration in OP-TEE). https://resources.linaro.org/en/resource/6c5bGvZwUAjX56fvxthxds Arnaud Pouliquen (7): remoteproc: Add TEE support remoteproc: Extract the firmware load from the start remoteproc: core: Add check on cached_table pointer remoteproc: core: Implement the support of an alternative boot dt-bindings: remoteproc: Add compatibility for TEE support remoteproc: stm32: Create sub-functions to request shutdown and release remoteproc: stm32: Add support of an OP-TEE TA to load the firmware .../bindings/remoteproc/st,stm32-rproc.yaml | 51 ++- drivers/remoteproc/Kconfig | 9 + drivers/remoteproc/Makefile | 1 + drivers/remoteproc/remoteproc_core.c | 109 ++++- drivers/remoteproc/stm32_rproc.c | 169 ++++++-- drivers/remoteproc/tee_remoteproc.c | 397 ++++++++++++++++++ include/linux/remoteproc.h | 2 + include/linux/tee_remoteproc.h | 102 +++++ 8 files changed, 784 insertions(+), 56 deletions(-) create mode 100644 drivers/remoteproc/tee_remoteproc.c create mode 100644 include/linux/tee_remoteproc.h -- 2.25.1

2 years

5
24
0 0

[PATCH] tee: Refactor TEE subsystem header files

by Sumit Garg

Since commit 25559c22cef8 ("tee: add kernel internal client interface"), it has been a common include/linux/tee_drv.h header file which is shared to hold TEE subsystem internal bits along with the APIs exposed to the TEE client drivers. However, this practice is prone to TEE subsystem internal APIs abuse and especially so with the new TEE implementation drivers being added to reuse existing functionality. In order to address this split TEE subsystem internal bits as a separate header file: include/linux/tee_core.h which should be the one used by TEE implementation drivers. With that include/linux/tee_drv.h lists only APIs exposed by TEE subsystem to the TEE client drivers. Signed-off-by: Sumit Garg <sumit.garg(a)linaro.org> --- MAINTAINERS | 1 + drivers/tee/amdtee/amdtee_private.h | 2 +- drivers/tee/amdtee/call.c | 2 +- drivers/tee/amdtee/core.c | 3 +- drivers/tee/amdtee/shm_pool.c | 2 +- drivers/tee/optee/call.c | 2 +- drivers/tee/optee/core.c | 2 +- drivers/tee/optee/device.c | 2 +- drivers/tee/optee/ffa_abi.c | 2 +- drivers/tee/optee/notif.c | 2 +- drivers/tee/optee/optee_private.h | 2 +- drivers/tee/optee/rpc.c | 2 +- drivers/tee/optee/smc_abi.c | 2 +- drivers/tee/tee_core.c | 2 +- drivers/tee/tee_private.h | 35 ---- drivers/tee/tee_shm.c | 2 +- drivers/tee/tee_shm_pool.c | 2 +- include/linux/tee_core.h | 296 ++++++++++++++++++++++++++++ include/linux/tee_drv.h | 285 +++----------------------- 19 files changed, 343 insertions(+), 305 deletions(-) create mode 100644 include/linux/tee_core.h diff --git a/MAINTAINERS b/MAINTAINERS index 716b2e22598c..b5f4a28648d0 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -21575,6 +21575,7 @@ F: Documentation/driver-api/tee.rst F: Documentation/tee/ F: Documentation/userspace-api/tee.rst F: drivers/tee/ +F: include/linux/tee_core.h F: include/linux/tee_drv.h F: include/uapi/linux/tee.h diff --git a/drivers/tee/amdtee/amdtee_private.h b/drivers/tee/amdtee/amdtee_private.h index 6d0f7062bb87..d87050033894 100644 --- a/drivers/tee/amdtee/amdtee_private.h +++ b/drivers/tee/amdtee/amdtee_private.h @@ -9,7 +9,7 @@ #include <linux/mutex.h> #include <linux/spinlock.h> -#include <linux/tee_drv.h> +#include <linux/tee_core.h> #include <linux/kref.h> #include <linux/types.h> #include "amdtee_if.h" diff --git a/drivers/tee/amdtee/call.c b/drivers/tee/amdtee/call.c index e9b63dcb3194..4c21b02be4af 100644 --- a/drivers/tee/amdtee/call.c +++ b/drivers/tee/amdtee/call.c @@ -5,7 +5,7 @@ #include <linux/device.h> #include <linux/tee.h> -#include <linux/tee_drv.h> +#include <linux/tee_core.h> #include <linux/psp-tee.h> #include <linux/slab.h> #include <linux/psp.h> diff --git a/drivers/tee/amdtee/core.c b/drivers/tee/amdtee/core.c index 3c15f6a9e91c..e487231d25dc 100644 --- a/drivers/tee/amdtee/core.c +++ b/drivers/tee/amdtee/core.c @@ -9,13 +9,12 @@ #include <linux/slab.h> #include <linux/string.h> #include <linux/device.h> -#include <linux/tee_drv.h> +#include <linux/tee_core.h> #include <linux/types.h> #include <linux/mm.h> #include <linux/uaccess.h> #include <linux/firmware.h> #include "amdtee_private.h" -#include "../tee_private.h" #include <linux/psp-tee.h> static struct amdtee_driver_data *drv_data; diff --git a/drivers/tee/amdtee/shm_pool.c b/drivers/tee/amdtee/shm_pool.c index f0303126f199..6346e0bc8a64 100644 --- a/drivers/tee/amdtee/shm_pool.c +++ b/drivers/tee/amdtee/shm_pool.c @@ -4,7 +4,7 @@ */ #include <linux/slab.h> -#include <linux/tee_drv.h> +#include <linux/tee_core.h> #include <linux/psp.h> #include "amdtee_private.h" diff --git a/drivers/tee/optee/call.c b/drivers/tee/optee/call.c index a91e50be11be..16eb953e14bb 100644 --- a/drivers/tee/optee/call.c +++ b/drivers/tee/optee/call.c @@ -7,7 +7,7 @@ #include <linux/errno.h> #include <linux/mm.h> #include <linux/slab.h> -#include <linux/tee_drv.h> +#include <linux/tee_core.h> #include <linux/types.h> #include "optee_private.h" diff --git a/drivers/tee/optee/core.c b/drivers/tee/optee/core.c index 3aed554bc8d8..f762e3a25119 100644 --- a/drivers/tee/optee/core.c +++ b/drivers/tee/optee/core.c @@ -13,7 +13,7 @@ #include <linux/module.h> #include <linux/slab.h> #include <linux/string.h> -#include <linux/tee_drv.h> +#include <linux/tee_core.h> #include <linux/types.h> #include "optee_private.h" diff --git a/drivers/tee/optee/device.c b/drivers/tee/optee/device.c index 4b1092127694..9d2afac96acc 100644 --- a/drivers/tee/optee/device.c +++ b/drivers/tee/optee/device.c @@ -7,7 +7,7 @@ #include <linux/kernel.h> #include <linux/slab.h> -#include <linux/tee_drv.h> +#include <linux/tee_core.h> #include <linux/uuid.h> #include "optee_private.h" diff --git a/drivers/tee/optee/ffa_abi.c b/drivers/tee/optee/ffa_abi.c index ecb5eb079408..cee8ccb84cb8 100644 --- a/drivers/tee/optee/ffa_abi.c +++ b/drivers/tee/optee/ffa_abi.c @@ -11,7 +11,7 @@ #include <linux/sched.h> #include <linux/slab.h> #include <linux/string.h> -#include <linux/tee_drv.h> +#include <linux/tee_core.h> #include <linux/types.h> #include "optee_private.h" #include "optee_ffa.h" diff --git a/drivers/tee/optee/notif.c b/drivers/tee/optee/notif.c index 05212842b0a5..0d7878e770cd 100644 --- a/drivers/tee/optee/notif.c +++ b/drivers/tee/optee/notif.c @@ -9,7 +9,7 @@ #include <linux/errno.h> #include <linux/slab.h> #include <linux/spinlock.h> -#include <linux/tee_drv.h> +#include <linux/tee_core.h> #include "optee_private.h" struct notif_entry { diff --git a/drivers/tee/optee/optee_private.h b/drivers/tee/optee/optee_private.h index 7a5243c78b55..a0698ac18993 100644 --- a/drivers/tee/optee/optee_private.h +++ b/drivers/tee/optee/optee_private.h @@ -9,7 +9,7 @@ #include <linux/arm-smccc.h> #include <linux/rhashtable.h> #include <linux/semaphore.h> -#include <linux/tee_drv.h> +#include <linux/tee_core.h> #include <linux/types.h> #include "optee_msg.h" diff --git a/drivers/tee/optee/rpc.c b/drivers/tee/optee/rpc.c index e69bc6380683..f086812f1179 100644 --- a/drivers/tee/optee/rpc.c +++ b/drivers/tee/optee/rpc.c @@ -8,7 +8,7 @@ #include <linux/delay.h> #include <linux/i2c.h> #include <linux/slab.h> -#include <linux/tee_drv.h> +#include <linux/tee_core.h> #include "optee_private.h" #include "optee_rpc_cmd.h" diff --git a/drivers/tee/optee/smc_abi.c b/drivers/tee/optee/smc_abi.c index a37f87087e5c..9c296b887dc1 100644 --- a/drivers/tee/optee/smc_abi.c +++ b/drivers/tee/optee/smc_abi.c @@ -23,7 +23,7 @@ #include <linux/sched.h> #include <linux/slab.h> #include <linux/string.h> -#include <linux/tee_drv.h> +#include <linux/tee_core.h> #include <linux/types.h> #include <linux/workqueue.h> #include "optee_private.h" diff --git a/drivers/tee/tee_core.c b/drivers/tee/tee_core.c index 792d6fae4354..dd6e4ad4dceb 100644 --- a/drivers/tee/tee_core.c +++ b/drivers/tee/tee_core.c @@ -11,7 +11,7 @@ #include <linux/idr.h> #include <linux/module.h> #include <linux/slab.h> -#include <linux/tee_drv.h> +#include <linux/tee_core.h> #include <linux/uaccess.h> #include <crypto/hash.h> #include <crypto/sha1.h> diff --git a/drivers/tee/tee_private.h b/drivers/tee/tee_private.h index 754e11dcb240..9bc50605227c 100644 --- a/drivers/tee/tee_private.h +++ b/drivers/tee/tee_private.h @@ -12,41 +12,6 @@ #include <linux/mutex.h> #include <linux/types.h> -#define TEE_DEVICE_FLAG_REGISTERED 0x1 -#define TEE_MAX_DEV_NAME_LEN 32 - -/** - * struct tee_device - TEE Device representation - * @name: name of device - * @desc: description of device - * @id: unique id of device - * @flags: represented by TEE_DEVICE_FLAG_REGISTERED above - * @dev: embedded basic device structure - * @cdev: embedded cdev - * @num_users: number of active users of this device - * @c_no_user: completion used when unregistering the device - * @mutex: mutex protecting @num_users and @idr - * @idr: register of user space shared memory objects allocated or - * registered on this device - * @pool: shared memory pool - */ -struct tee_device { - char name[TEE_MAX_DEV_NAME_LEN]; - const struct tee_desc *desc; - int id; - unsigned int flags; - - struct device dev; - struct cdev cdev; - - size_t num_users; - struct completion c_no_users; - struct mutex mutex; /* protects num_users and idr */ - - struct idr idr; - struct tee_shm_pool *pool; -}; - int tee_shm_get_fd(struct tee_shm *shm); bool tee_device_get(struct tee_device *teedev); diff --git a/drivers/tee/tee_shm.c b/drivers/tee/tee_shm.c index 731d9028b67f..96a45c817427 100644 --- a/drivers/tee/tee_shm.c +++ b/drivers/tee/tee_shm.c @@ -8,7 +8,7 @@ #include <linux/mm.h> #include <linux/sched.h> #include <linux/slab.h> -#include <linux/tee_drv.h> +#include <linux/tee_core.h> #include <linux/uaccess.h> #include <linux/uio.h> #include <linux/highmem.h> diff --git a/drivers/tee/tee_shm_pool.c b/drivers/tee/tee_shm_pool.c index 058bfbac657a..80004b55628d 100644 --- a/drivers/tee/tee_shm_pool.c +++ b/drivers/tee/tee_shm_pool.c @@ -6,7 +6,7 @@ #include <linux/dma-buf.h> #include <linux/genalloc.h> #include <linux/slab.h> -#include <linux/tee_drv.h> +#include <linux/tee_core.h> #include "tee_private.h" static int pool_op_gen_alloc(struct tee_shm_pool *pool, struct tee_shm *shm, diff --git a/include/linux/tee_core.h b/include/linux/tee_core.h new file mode 100644 index 000000000000..d9b3ba8e8fa9 --- /dev/null +++ b/include/linux/tee_core.h @@ -0,0 +1,296 @@ +/* SPDX-License-Identifier: GPL-2.0-only */ +/* + * Copyright (c) 2024 Linaro Limited + */ + +#ifndef __TEE_CORE_H +#define __TEE_CORE_H + +#include <linux/cdev.h> +#include <linux/device.h> +#include <linux/idr.h> +#include <linux/kref.h> +#include <linux/list.h> +#include <linux/tee.h> +#include <linux/tee_drv.h> +#include <linux/types.h> +#include <linux/uuid.h> + +/* + * The file describes the API provided by the generic TEE driver to the + * specific TEE driver. + */ + +#define TEE_SHM_DYNAMIC BIT(0) /* Dynamic shared memory registered */ + /* in secure world */ +#define TEE_SHM_USER_MAPPED BIT(1) /* Memory mapped in user space */ +#define TEE_SHM_POOL BIT(2) /* Memory allocated from pool */ +#define TEE_SHM_PRIV BIT(3) /* Memory private to TEE driver */ + +#define TEE_DEVICE_FLAG_REGISTERED 0x1 +#define TEE_MAX_DEV_NAME_LEN 32 + +/** + * struct tee_device - TEE Device representation + * @name: name of device + * @desc: description of device + * @id: unique id of device + * @flags: represented by TEE_DEVICE_FLAG_REGISTERED above + * @dev: embedded basic device structure + * @cdev: embedded cdev + * @num_users: number of active users of this device + * @c_no_user: completion used when unregistering the device + * @mutex: mutex protecting @num_users and @idr + * @idr: register of user space shared memory objects allocated or + * registered on this device + * @pool: shared memory pool + */ +struct tee_device { + char name[TEE_MAX_DEV_NAME_LEN]; + const struct tee_desc *desc; + int id; + unsigned int flags; + + struct device dev; + struct cdev cdev; + + size_t num_users; + struct completion c_no_users; + struct mutex mutex; /* protects num_users and idr */ + + struct idr idr; + struct tee_shm_pool *pool; +}; + +/** + * struct tee_driver_ops - driver operations vtable + * @get_version: returns version of driver + * @open: called when the device file is opened + * @release: release this open file + * @open_session: open a new session + * @close_session: close a session + * @system_session: declare session as a system session + * @invoke_func: invoke a trusted function + * @cancel_req: request cancel of an ongoing invoke or open + * @supp_recv: called for supplicant to get a command + * @supp_send: called for supplicant to send a response + * @shm_register: register shared memory buffer in TEE + * @shm_unregister: unregister shared memory buffer in TEE + */ +struct tee_driver_ops { + void (*get_version)(struct tee_device *teedev, + struct tee_ioctl_version_data *vers); + int (*open)(struct tee_context *ctx); + void (*release)(struct tee_context *ctx); + int (*open_session)(struct tee_context *ctx, + struct tee_ioctl_open_session_arg *arg, + struct tee_param *param); + int (*close_session)(struct tee_context *ctx, u32 session); + int (*system_session)(struct tee_context *ctx, u32 session); + int (*invoke_func)(struct tee_context *ctx, + struct tee_ioctl_invoke_arg *arg, + struct tee_param *param); + int (*cancel_req)(struct tee_context *ctx, u32 cancel_id, u32 session); + int (*supp_recv)(struct tee_context *ctx, u32 *func, u32 *num_params, + struct tee_param *param); + int (*supp_send)(struct tee_context *ctx, u32 ret, u32 num_params, + struct tee_param *param); + int (*shm_register)(struct tee_context *ctx, struct tee_shm *shm, + struct page **pages, size_t num_pages, + unsigned long start); + int (*shm_unregister)(struct tee_context *ctx, struct tee_shm *shm); +}; + +/** + * struct tee_desc - Describes the TEE driver to the subsystem + * @name: name of driver + * @ops: driver operations vtable + * @owner: module providing the driver + * @flags: Extra properties of driver, defined by TEE_DESC_* below + */ +#define TEE_DESC_PRIVILEGED 0x1 +struct tee_desc { + const char *name; + const struct tee_driver_ops *ops; + struct module *owner; + u32 flags; +}; + +/** + * tee_device_alloc() - Allocate a new struct tee_device instance + * @teedesc: Descriptor for this driver + * @dev: Parent device for this device + * @pool: Shared memory pool, NULL if not used + * @driver_data: Private driver data for this device + * + * Allocates a new struct tee_device instance. The device is + * removed by tee_device_unregister(). + * + * @returns a pointer to a 'struct tee_device' or an ERR_PTR on failure + */ +struct tee_device *tee_device_alloc(const struct tee_desc *teedesc, + struct device *dev, + struct tee_shm_pool *pool, + void *driver_data); + +/** + * tee_device_register() - Registers a TEE device + * @teedev: Device to register + * + * tee_device_unregister() need to be called to remove the @teedev if + * this function fails. + * + * @returns < 0 on failure + */ +int tee_device_register(struct tee_device *teedev); + +/** + * tee_device_unregister() - Removes a TEE device + * @teedev: Device to unregister + * + * This function should be called to remove the @teedev even if + * tee_device_register() hasn't been called yet. Does nothing if + * @teedev is NULL. + */ +void tee_device_unregister(struct tee_device *teedev); + +/** + * tee_session_calc_client_uuid() - Calculates client UUID for session + * @uuid: Resulting UUID + * @connection_method: Connection method for session (TEE_IOCTL_LOGIN_*) + * @connectuon_data: Connection data for opening session + * + * Based on connection method calculates UUIDv5 based client UUID. + * + * For group based logins verifies that calling process has specified + * credentials. + * + * @return < 0 on failure + */ +int tee_session_calc_client_uuid(uuid_t *uuid, u32 connection_method, + const u8 connection_data[TEE_IOCTL_UUID_LEN]); + +/** + * struct tee_shm_pool - shared memory pool + * @ops: operations + * @private_data: private data for the shared memory manager + */ +struct tee_shm_pool { + const struct tee_shm_pool_ops *ops; + void *private_data; +}; + +/** + * struct tee_shm_pool_ops - shared memory pool operations + * @alloc: called when allocating shared memory + * @free: called when freeing shared memory + * @destroy_pool: called when destroying the pool + */ +struct tee_shm_pool_ops { + int (*alloc)(struct tee_shm_pool *pool, struct tee_shm *shm, + size_t size, size_t align); + void (*free)(struct tee_shm_pool *pool, struct tee_shm *shm); + void (*destroy_pool)(struct tee_shm_pool *pool); +}; + +/* + * tee_shm_pool_alloc_res_mem() - Create a shm manager for reserved memory + * @vaddr: Virtual address of start of pool + * @paddr: Physical address of start of pool + * @size: Size in bytes of the pool + * + * @returns pointer to a 'struct tee_shm_pool' or an ERR_PTR on failure. + */ +struct tee_shm_pool *tee_shm_pool_alloc_res_mem(unsigned long vaddr, + phys_addr_t paddr, size_t size, + int min_alloc_order); + +/** + * tee_shm_pool_free() - Free a shared memory pool + * @pool: The shared memory pool to free + * + * The must be no remaining shared memory allocated from this pool when + * this function is called. + */ +static inline void tee_shm_pool_free(struct tee_shm_pool *pool) +{ + pool->ops->destroy_pool(pool); +} + +/** + * tee_get_drvdata() - Return driver_data pointer + * @returns the driver_data pointer supplied to tee_register(). + */ +void *tee_get_drvdata(struct tee_device *teedev); + +/** + * tee_shm_alloc_priv_buf() - Allocate shared memory for private use by specific + * TEE driver + * @ctx: The TEE context for shared memory allocation + * @size: Shared memory allocation size + * @returns a pointer to 'struct tee_shm' on success or an ERR_PTR on failure + */ +struct tee_shm *tee_shm_alloc_priv_buf(struct tee_context *ctx, size_t size); + +/** + * tee_shm_is_dynamic() - Check if shared memory object is of the dynamic kind + * @shm: Shared memory handle + * @returns true if object is dynamic shared memory + */ +static inline bool tee_shm_is_dynamic(struct tee_shm *shm) +{ + return shm && (shm->flags & TEE_SHM_DYNAMIC); +} + +/** + * tee_shm_put() - Decrease reference count on a shared memory handle + * @shm: Shared memory handle + */ +void tee_shm_put(struct tee_shm *shm); + +/** + * tee_shm_get_id() - Get id of a shared memory object + * @shm: Shared memory handle + * @returns id + */ +static inline int tee_shm_get_id(struct tee_shm *shm) +{ + return shm->id; +} + +/** + * tee_shm_get_from_id() - Find shared memory object and increase reference + * count + * @ctx: Context owning the shared memory + * @id: Id of shared memory object + * @returns a pointer to 'struct tee_shm' on success or an ERR_PTR on failure + */ +struct tee_shm *tee_shm_get_from_id(struct tee_context *ctx, int id); + +static inline bool tee_param_is_memref(struct tee_param *param) +{ + switch (param->attr & TEE_IOCTL_PARAM_ATTR_TYPE_MASK) { + case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INPUT: + case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT: + case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INOUT: + return true; + default: + return false; + } +} + +/** + * teedev_open() - Open a struct tee_device + * @teedev: Device to open + * + * @return a pointer to struct tee_context on success or an ERR_PTR on failure. + */ +struct tee_context *teedev_open(struct tee_device *teedev); + +/** + * teedev_close_context() - closes a struct tee_context + * @ctx: The struct tee_context to close + */ +void teedev_close_context(struct tee_context *ctx); + +#endif /*__TEE_CORE_H*/ diff --git a/include/linux/tee_drv.h b/include/linux/tee_drv.h index 911ddf92dcee..1fa2fa99e5e1 100644 --- a/include/linux/tee_drv.h +++ b/include/linux/tee_drv.h @@ -1,40 +1,28 @@ /* SPDX-License-Identifier: GPL-2.0-only */ /* - * Copyright (c) 2015-2022 Linaro Limited + * Copyright (c) 2015-2024 Linaro Limited */ #ifndef __TEE_DRV_H #define __TEE_DRV_H #include <linux/device.h> -#include <linux/idr.h> #include <linux/kref.h> #include <linux/list.h> #include <linux/mod_devicetable.h> #include <linux/tee.h> #include <linux/types.h> -#include <linux/uuid.h> /* - * The file describes the API provided by the generic TEE driver to the - * specific TEE driver. + * The file describes the API provided by the TEE subsystem to the + * TEE client drivers. */ -#define TEE_SHM_DYNAMIC BIT(0) /* Dynamic shared memory registered */ - /* in secure world */ -#define TEE_SHM_USER_MAPPED BIT(1) /* Memory mapped in user space */ -#define TEE_SHM_POOL BIT(2) /* Memory allocated from pool */ -#define TEE_SHM_PRIV BIT(3) /* Memory private to TEE driver */ - -struct device; struct tee_device; -struct tee_shm; -struct tee_shm_pool; /** * struct tee_context - driver specific context on file pointer data * @teedev: pointer to this drivers struct tee_device - * @list_shm: List of shared memory object owned by this context * @data: driver specific context data, managed by the driver * @refcount: reference counter for this structure * @releasing: flag that indicates if context is being released right now. @@ -57,134 +45,6 @@ struct tee_context { bool cap_memref_null; }; -struct tee_param_memref { - size_t shm_offs; - size_t size; - struct tee_shm *shm; -}; - -struct tee_param_value { - u64 a; - u64 b; - u64 c; -}; - -struct tee_param { - u64 attr; - union { - struct tee_param_memref memref; - struct tee_param_value value; - } u; -}; - -/** - * struct tee_driver_ops - driver operations vtable - * @get_version: returns version of driver - * @open: called when the device file is opened - * @release: release this open file - * @open_session: open a new session - * @close_session: close a session - * @system_session: declare session as a system session - * @invoke_func: invoke a trusted function - * @cancel_req: request cancel of an ongoing invoke or open - * @supp_recv: called for supplicant to get a command - * @supp_send: called for supplicant to send a response - * @shm_register: register shared memory buffer in TEE - * @shm_unregister: unregister shared memory buffer in TEE - */ -struct tee_driver_ops { - void (*get_version)(struct tee_device *teedev, - struct tee_ioctl_version_data *vers); - int (*open)(struct tee_context *ctx); - void (*release)(struct tee_context *ctx); - int (*open_session)(struct tee_context *ctx, - struct tee_ioctl_open_session_arg *arg, - struct tee_param *param); - int (*close_session)(struct tee_context *ctx, u32 session); - int (*system_session)(struct tee_context *ctx, u32 session); - int (*invoke_func)(struct tee_context *ctx, - struct tee_ioctl_invoke_arg *arg, - struct tee_param *param); - int (*cancel_req)(struct tee_context *ctx, u32 cancel_id, u32 session); - int (*supp_recv)(struct tee_context *ctx, u32 *func, u32 *num_params, - struct tee_param *param); - int (*supp_send)(struct tee_context *ctx, u32 ret, u32 num_params, - struct tee_param *param); - int (*shm_register)(struct tee_context *ctx, struct tee_shm *shm, - struct page **pages, size_t num_pages, - unsigned long start); - int (*shm_unregister)(struct tee_context *ctx, struct tee_shm *shm); -}; - -/** - * struct tee_desc - Describes the TEE driver to the subsystem - * @name: name of driver - * @ops: driver operations vtable - * @owner: module providing the driver - * @flags: Extra properties of driver, defined by TEE_DESC_* below - */ -#define TEE_DESC_PRIVILEGED 0x1 -struct tee_desc { - const char *name; - const struct tee_driver_ops *ops; - struct module *owner; - u32 flags; -}; - -/** - * tee_device_alloc() - Allocate a new struct tee_device instance - * @teedesc: Descriptor for this driver - * @dev: Parent device for this device - * @pool: Shared memory pool, NULL if not used - * @driver_data: Private driver data for this device - * - * Allocates a new struct tee_device instance. The device is - * removed by tee_device_unregister(). - * - * @returns a pointer to a 'struct tee_device' or an ERR_PTR on failure - */ -struct tee_device *tee_device_alloc(const struct tee_desc *teedesc, - struct device *dev, - struct tee_shm_pool *pool, - void *driver_data); - -/** - * tee_device_register() - Registers a TEE device - * @teedev: Device to register - * - * tee_device_unregister() need to be called to remove the @teedev if - * this function fails. - * - * @returns < 0 on failure - */ -int tee_device_register(struct tee_device *teedev); - -/** - * tee_device_unregister() - Removes a TEE device - * @teedev: Device to unregister - * - * This function should be called to remove the @teedev even if - * tee_device_register() hasn't been called yet. Does nothing if - * @teedev is NULL. - */ -void tee_device_unregister(struct tee_device *teedev); - -/** - * tee_session_calc_client_uuid() - Calculates client UUID for session - * @uuid: Resulting UUID - * @connection_method: Connection method for session (TEE_IOCTL_LOGIN_*) - * @connectuon_data: Connection data for opening session - * - * Based on connection method calculates UUIDv5 based client UUID. - * - * For group based logins verifies that calling process has specified - * credentials. - * - * @return < 0 on failure - */ -int tee_session_calc_client_uuid(uuid_t *uuid, u32 connection_method, - const u8 connection_data[TEE_IOCTL_UUID_LEN]); - /** * struct tee_shm - shared memory object * @ctx: context using the object @@ -195,15 +55,12 @@ int tee_session_calc_client_uuid(uuid_t *uuid, u32 connection_method, * @pages: locked pages from userspace * @num_pages: number of locked pages * @refcount: reference counter - * @flags: defined by TEE_SHM_* in tee_drv.h + * @flags: defined by TEE_SHM_* in tee_core.h * @id: unique id of a shared memory object on this device, shared * with user space * @sec_world_id: * secure world assigned id of this shared memory object, not * used by all drivers - * - * This pool is only supposed to be accessed directly from the TEE - * subsystem and from drivers that implements their own shm pool manager. */ struct tee_shm { struct tee_context *ctx; @@ -219,87 +76,52 @@ struct tee_shm { u64 sec_world_id; }; -/** - * struct tee_shm_pool - shared memory pool - * @ops: operations - * @private_data: private data for the shared memory manager - */ -struct tee_shm_pool { - const struct tee_shm_pool_ops *ops; - void *private_data; +struct tee_param_memref { + size_t shm_offs; + size_t size; + struct tee_shm *shm; }; -/** - * struct tee_shm_pool_ops - shared memory pool operations - * @alloc: called when allocating shared memory - * @free: called when freeing shared memory - * @destroy_pool: called when destroying the pool - */ -struct tee_shm_pool_ops { - int (*alloc)(struct tee_shm_pool *pool, struct tee_shm *shm, - size_t size, size_t align); - void (*free)(struct tee_shm_pool *pool, struct tee_shm *shm); - void (*destroy_pool)(struct tee_shm_pool *pool); +struct tee_param_value { + u64 a; + u64 b; + u64 c; }; -/* - * tee_shm_pool_alloc_res_mem() - Create a shm manager for reserved memory - * @vaddr: Virtual address of start of pool - * @paddr: Physical address of start of pool - * @size: Size in bytes of the pool - * - * @returns pointer to a 'struct tee_shm_pool' or an ERR_PTR on failure. - */ -struct tee_shm_pool *tee_shm_pool_alloc_res_mem(unsigned long vaddr, - phys_addr_t paddr, size_t size, - int min_alloc_order); +struct tee_param { + u64 attr; + union { + struct tee_param_memref memref; + struct tee_param_value value; + } u; +}; /** - * tee_shm_pool_free() - Free a shared memory pool - * @pool: The shared memory pool to free - * - * The must be no remaining shared memory allocated from this pool when - * this function is called. + * tee_shm_alloc_kernel_buf() - Allocate kernel shared memory for a + * particular TEE client driver + * @ctx: The TEE context for shared memory allocation + * @size: Shared memory allocation size + * @returns a pointer to 'struct tee_shm' on success or an ERR_PTR on failure */ -static inline void tee_shm_pool_free(struct tee_shm_pool *pool) -{ - pool->ops->destroy_pool(pool); -} +struct tee_shm *tee_shm_alloc_kernel_buf(struct tee_context *ctx, size_t size); /** - * tee_get_drvdata() - Return driver_data pointer - * @returns the driver_data pointer supplied to tee_register(). + * tee_shm_register_kernel_buf() - Register kernel shared memory for a + * particular TEE client driver + * @ctx: The TEE context for shared memory registration + * @addr: Kernel buffer address + * @length: Kernel buffer length + * @returns a pointer to 'struct tee_shm' on success or an ERR_PTR on failure */ -void *tee_get_drvdata(struct tee_device *teedev); - -struct tee_shm *tee_shm_alloc_priv_buf(struct tee_context *ctx, size_t size); -struct tee_shm *tee_shm_alloc_kernel_buf(struct tee_context *ctx, size_t size); - struct tee_shm *tee_shm_register_kernel_buf(struct tee_context *ctx, void *addr, size_t length); -/** - * tee_shm_is_dynamic() - Check if shared memory object is of the dynamic kind - * @shm: Shared memory handle - * @returns true if object is dynamic shared memory - */ -static inline bool tee_shm_is_dynamic(struct tee_shm *shm) -{ - return shm && (shm->flags & TEE_SHM_DYNAMIC); -} - /** * tee_shm_free() - Free shared memory * @shm: Handle to shared memory to free */ void tee_shm_free(struct tee_shm *shm); -/** - * tee_shm_put() - Decrease reference count on a shared memory handle - * @shm: Shared memory handle - */ -void tee_shm_put(struct tee_shm *shm); - /** * tee_shm_get_va() - Get virtual address of a shared memory plus an offset * @shm: Shared memory handle @@ -352,25 +174,6 @@ static inline size_t tee_shm_get_page_offset(struct tee_shm *shm) return shm->offset; } -/** - * tee_shm_get_id() - Get id of a shared memory object - * @shm: Shared memory handle - * @returns id - */ -static inline int tee_shm_get_id(struct tee_shm *shm) -{ - return shm->id; -} - -/** - * tee_shm_get_from_id() - Find shared memory object and increase reference - * count - * @ctx: Context owning the shared memory - * @id: Id of shared memory object - * @returns a pointer to 'struct tee_shm' on success or an ERR_PTR on failure - */ -struct tee_shm *tee_shm_get_from_id(struct tee_context *ctx, int id); - /** * tee_client_open_context() - Open a TEE context * @start: if not NULL, continue search after this context @@ -470,18 +273,6 @@ int tee_client_invoke_func(struct tee_context *ctx, int tee_client_cancel_req(struct tee_context *ctx, struct tee_ioctl_cancel_arg *arg); -static inline bool tee_param_is_memref(struct tee_param *param) -{ - switch (param->attr & TEE_IOCTL_PARAM_ATTR_TYPE_MASK) { - case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INPUT: - case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT: - case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INOUT: - return true; - default: - return false; - } -} - extern struct bus_type tee_bus_type; /** @@ -509,18 +300,4 @@ struct tee_client_driver { #define to_tee_client_driver(d) \ container_of(d, struct tee_client_driver, driver) -/** - * teedev_open() - Open a struct tee_device - * @teedev: Device to open - * - * @return a pointer to struct tee_context on success or an ERR_PTR on failure. - */ -struct tee_context *teedev_open(struct tee_device *teedev); - -/** - * teedev_close_context() - closes a struct tee_context - * @ctx: The struct tee_context to close - */ -void teedev_close_context(struct tee_context *ctx); - #endif /*__TEE_DRV_H*/ -- 2.34.1

2 years

2
1
0 0

Linaro OP-TEE Contribution, LOC, monthly meeting February 27

by Jens Wiklander

Hi, Tomorrow, Tuesday, February 27 it's time for another LOC monthly meeting. For time and connection details see the calendar at https://www.trustedfirmware.org/meetings/ Moving the RPMB part of tee-supplicant processing into the kernel is making progress. The last patchset [1] got some constructive feedback and I'm preparing a new version based on that. [1] https://lore.kernel.org/lkml/20240131174347.510961-1-jens.wiklander@linaro.… Any other topics? Thanks, Jens

2 years

1
0
0 0

[PATCH 0/3] TEE driver for Trusted Services

by Balint Dobszay

This series introduces a TEE driver for Trusted Services [1]. Trusted Services is a TrustedFirmware.org project that provides a framework for developing and deploying device Root of Trust services in FF-A [2] Secure Partitions. The project hosts the reference implementation of Arm Platform Security Architecture [3] for Arm A-profile devices. The FF-A Secure Partitions are accessible through the FF-A driver in Linux. However, the FF-A driver doesn't have a user space interface so user space clients currently cannot access Trusted Services. The goal of this TEE driver is to bridge this gap and make Trusted Services functionality accessible from user space. Changelog: RFC[4] -> v1: - Add patch for moving pool_op helper functions to the TEE subsystem, as suggested by Jens - Address comments from Sumit, add patch for documentation [1] https://www.trustedfirmware.org/projects/trusted-services/ [2] https://developer.arm.com/documentation/den0077/ [3] https://www.arm.com/architecture/security-features/platform-security [4] https://lore.kernel.org/linux-arm-kernel/20230927152145.111777-1-balint.dob… Balint Dobszay (3): tee: optee: Move pool_op helper functions tee: tstee: Add Trusted Services TEE driver Documentation: tee: Add TS-TEE driver Documentation/tee/index.rst | 1 + Documentation/tee/ts-tee.rst | 70 +++++ drivers/tee/Kconfig | 1 + drivers/tee/Makefile | 1 + drivers/tee/optee/core.c | 64 ---- drivers/tee/optee/ffa_abi.c | 6 +- drivers/tee/optee/optee_private.h | 12 - drivers/tee/optee/smc_abi.c | 10 +- drivers/tee/tee_shm.c | 65 ++++ drivers/tee/tstee/Kconfig | 11 + drivers/tee/tstee/Makefile | 3 + drivers/tee/tstee/core.c | 501 ++++++++++++++++++++++++++++++ drivers/tee/tstee/tstee_private.h | 92 ++++++ include/linux/tee_drv.h | 11 + include/uapi/linux/tee.h | 1 + 15 files changed, 765 insertions(+), 84 deletions(-) create mode 100644 Documentation/tee/ts-tee.rst create mode 100644 drivers/tee/tstee/Kconfig create mode 100644 drivers/tee/tstee/Makefile create mode 100644 drivers/tee/tstee/core.c create mode 100644 drivers/tee/tstee/tstee_private.h -- 2.34.1

2 years

5
12
0 0

Calling OPTEE_SMC_CALL_GET_OS_UUID from driver code

by Marc Gonzalez

Hello, The driver code I'm working on hard-codes #define TEE_SMC_FAST_CALL_VAL(func_num) \ ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL, ARM_SMCCC_SMC_32, \ ARM_SMCCC_OWNER_TRUSTED_OS, (func_num)) #define TEE_SMC_FUNCID_CALLS_UID 0xFF01 #define TEE_SMC_CALLS_UID \ ARM_SMCCC_CALL_VAL(ARM_SMCCC_FAST_CALL, ARM_SMCCC_SMC_32, \ ARM_SMCCC_OWNER_TRUSTED_OS_END, \ TEE_SMC_FUNCID_CALLS_UID) arm_smccc_smc(TEE_SMC_CALLS_UID, 0, 0, 0/*is_swap*/, 0, 0, 0, 0, &res); dev_err(dev, "TEE UID %x %x %x %x\n", res.a0, res.a1, res.a2, res.a3); but it seems I would be required to somehow use OPTEE_SMC_CALL_GET_OS_UUID But it's not exported, and no code seems to use it...? $ git grep OPTEE_SMC_CALL_GET_OS_UUID Documentation/tee/op-tee.rst:- OPTEE_SMC_CALL_GET_OS_UUID returns the particular OP-TEE implementation, used drivers/tee/optee/optee_smc.h:#define OPTEE_SMC_CALL_GET_OS_UUID \ How do I make calls to OP-TEE from driver code? Regards, Marc Gonzalez

2 years

2
3
0 0

Re: TEE on RPI4

by murali selvaraj

On Sun, Feb 18, 2024 at 12:24 PM murali selvaraj < muraliselvaraj2020(a)gmail.com> wrote: > Hi Team, > > We would like to know the support of OP-TEE support for RPI4. > If we have the support, can you please share the details. > > Thankx > Murali.S >

2 years

2
1
0 0

[PATCH] tee: make tee_bus_type const

by Ricardo B. Marliere

Since commit d492cc2573a0 ("driver core: device.h: make struct bus_type a const *"), the driver core can properly handle constant struct bus_type, move the tee_bus_type variable to be a constant structure as well, placing it into read-only memory which can not be modified at runtime. Cc: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Suggested-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Signed-off-by: Ricardo B. Marliere <ricardo(a)marliere.net> --- drivers/tee/tee_core.c | 2 +- include/linux/tee_drv.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/tee/tee_core.c b/drivers/tee/tee_core.c index 792d6fae4354..e59c20d74b36 100644 --- a/drivers/tee/tee_core.c +++ b/drivers/tee/tee_core.c @@ -1226,7 +1226,7 @@ static int tee_client_device_uevent(const struct device *dev, return add_uevent_var(env, "MODALIAS=tee:%pUb", dev_id); } -struct bus_type tee_bus_type = { +const struct bus_type tee_bus_type = { .name = "tee", .match = tee_client_device_match, .uevent = tee_client_device_uevent, diff --git a/include/linux/tee_drv.h b/include/linux/tee_drv.h index 911ddf92dcee..71632e3c5f18 100644 --- a/include/linux/tee_drv.h +++ b/include/linux/tee_drv.h @@ -482,7 +482,7 @@ static inline bool tee_param_is_memref(struct tee_param *param) } } -extern struct bus_type tee_bus_type; +extern const struct bus_type tee_bus_type; /** * struct tee_client_device - tee based device --- base-commit: 716f4aaa7b48a55c73d632d0657b35342b1fefd7 change-id: 20240213-bus_cleanup-tee-c25729bbcd7f Best regards, -- Ricardo B. Marliere <ricardo(a)marliere.net>

2 years

4
3
0 0

2026

2025

2024

2023

2022

2021

2020

OP-TEE