| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
git://git.linaro.org:/people/jens.wiklander/linux-tee into arm/drivers
Make sure I2C functions used in OP-TEE are reachable with IS_REACHABLE()
* tag 'optee-i2c-fix-for-v5.10' of git://git.linaro.org:/people/jens.wiklander/linux-tee:
drivers: optee: fix i2c build issue
Link: https://lore.kernel.org/r/20200901101806.GA3286324@jade
Signed-off-by: Olof Johansson <olof@lixom.net>
|
|
When the optee driver is compiled into the kernel while the i2c core
is configured as a module, the i2c symbols are not available.
This commit addresses the situation by disabling the i2c support for
this use case while allowing it in all other scenarios:
i2c=y, optee=y
i2c=m, optee=m
i2c=y, optee=m
i2c=m, optee=y (not supported)
Fixes: c05210ab9757 ("drivers: optee: allow op-tee to access devices on the i2c bus")
Reported-by: kernel test robot <lkp@intel.com>
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
git://git.linaro.org/people/jens.wiklander/linux-tee into arm/drivers
Handle NULL pointer indication from tee client
Adds support to indicate NULL pointers instead of a valid buffer when
querying the needed size of a buffer.
* tag 'tee-memref-null-for-v5.10' of git://git.linaro.org/people/jens.wiklander/linux-tee:
driver: tee: Handle NULL pointer indication from client
Link: https://lore.kernel.org/r/20200821102535.GA1872111@jade
Signed-off-by: Olof Johansson <olof@lixom.net>
|
|
Some secure elements like NXP's SE050 sit on I2C buses. For OP-TEE to
control this type of cryptographic devices it needs coordinated access
to the bus, so collisions and RUNTIME_PM dont get in the way.
This trampoline driver allow OP-TEE to access them.
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
TEE Client introduce a new capability "TEE_GEN_CAP_MEMREF_NULL"
to handle the support of the shared memory buffer with a NULL pointer.
This capability depends on TEE Capabilities and driver support.
Driver and TEE exchange capabilities at driver initialization.
Signed-off-by: Michael Whitfield <michael.whitfield@nxp.com>
Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Joakim Bech <joakim.bech@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
git://git.linaro.org/people/jens.wiklander/linux-tee into arm/drivers
Enable multi-stage OP-TEE bus enumeration
Probes drivers on the OP-TEE bus in two steps. First for drivers which
do not depend on tee-supplicant. After tee-supplicant has been started
probe the devices which do depend on tee-supplicant.
Also introduces driver which uses an OP-TEE based fTPM Trusted
Application depends on tee-supplicant NV RAM implementation based on
RPMB secure storage.
* tag 'optee-bus-for-v5.9' of git://git.linaro.org/people/jens.wiklander/linux-tee:
tpm_ftpm_tee: register driver on TEE bus
optee: enable support for multi-stage bus enumeration
optee: use uuid for sysfs driver entry
Link: https://lore.kernel.org/r/20200710085230.GA1312913@jade
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
|
|
Some drivers (like ftpm) can operate only after tee-supplicant
runs because of tee-supplicant provides things like storage
services (rpmb, shm). This patch splits probe of non tee-supplicant
dependable drivers to the early stage, and after tee-supplicant run
probe other drivers.
Signed-off-by: Maxim Uvarov <maxim.uvarov@linaro.org>
Suggested-by: Sumit Garg <sumit.garg@linaro.org>
Suggested-by: Arnd Bergmann <arnd@linaro.org>
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Acked-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
With the evolving use-cases for TEE bus, now it's required to support
multi-stage enumeration process. But using a simple index doesn't
suffice this requirement and instead leads to duplicate sysfs entries.
So instead switch to use more informative device UUID for sysfs entry
like:
/sys/bus/tee/devices/optee-ta-<uuid>
Signed-off-by: Maxim Uvarov <maxim.uvarov@linaro.org>
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
This change converts the existing mmap_sem rwsem calls to use the new mmap
locking API instead.
The change is generated using coccinelle with the following rule:
// spatch --sp-file mmap_lock_api.cocci --in-place --include-headers --dir .
@@
expression mm;
@@
(
-init_rwsem
+mmap_init_lock
|
-down_write
+mmap_write_lock
|
-down_write_killable
+mmap_write_lock_killable
|
-down_write_trylock
+mmap_write_trylock
|
-up_write
+mmap_write_unlock
|
-downgrade_write
+mmap_write_downgrade
|
-down_read
+mmap_read_lock
|
-down_read_killable
+mmap_read_lock_killable
|
-down_read_trylock
+mmap_read_trylock
|
-up_read
+mmap_read_unlock
)
-(&mm->mmap_sem)
+(mm)
Signed-off-by: Michel Lespinasse <walken@google.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Reviewed-by: Daniel Jordan <daniel.m.jordan@oracle.com>
Reviewed-by: Laurent Dufour <ldufour@linux.ibm.com>
Reviewed-by: Vlastimil Babka <vbabka@suse.cz>
Cc: Davidlohr Bueso <dbueso@suse.de>
Cc: David Rientjes <rientjes@google.com>
Cc: Hugh Dickins <hughd@google.com>
Cc: Jason Gunthorpe <jgg@ziepe.ca>
Cc: Jerome Glisse <jglisse@redhat.com>
Cc: John Hubbard <jhubbard@nvidia.com>
Cc: Liam Howlett <Liam.Howlett@oracle.com>
Cc: Matthew Wilcox <willy@infradead.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Ying Han <yinghan@google.com>
Link: http://lkml.kernel.org/r/20200520052908.204642-5-walken@google.com
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
|
Adds support for client UUID generation for OP-TEE. For group based session
logins membership is verified.
Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc
Pull ARM SoC-related driver updates from Olof Johansson:
"Various driver updates for platforms:
- Nvidia: Fuse support for Tegra194, continued memory controller
pieces for Tegra30
- NXP/FSL: Refactorings of QuickEngine drivers to support
ARM/ARM64/PPC
- NXP/FSL: i.MX8MP SoC driver pieces
- TI Keystone: ring accelerator driver
- Qualcomm: SCM driver cleanup/refactoring + support for new SoCs.
- Xilinx ZynqMP: feature checking interface for firmware. Mailbox
communication for power management
- Overall support patch set for cpuidle on more complex hierarchies
(PSCI-based)
and misc cleanups, refactorings of Marvell, TI, other platforms"
* tag 'armsoc-drivers' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: (166 commits)
drivers: soc: xilinx: Use mailbox IPI callback
dt-bindings: power: reset: xilinx: Add bindings for ipi mailbox
drivers: soc: ti: knav_qmss_queue: Pass lockdep expression to RCU lists
MAINTAINERS: Add brcmstb PCIe controller entry
soc/tegra: fuse: Unmap registers once they are not needed anymore
soc/tegra: fuse: Correct straps' address for older Tegra124 device trees
soc/tegra: fuse: Warn if straps are not ready
soc/tegra: fuse: Cache values of straps and Chip ID registers
memory: tegra30-emc: Correct error message for timed out auto calibration
memory: tegra30-emc: Firm up hardware programming sequence
memory: tegra30-emc: Firm up suspend/resume sequence
soc/tegra: regulators: Do nothing if voltage is unchanged
memory: tegra: Correct reset value of xusb_hostr
soc/tegra: fuse: Add APB DMA dependency for Tegra20
bus: tegra-aconnect: Remove PM_CLK dependency
dt-bindings: mediatek: add MT6765 power dt-bindings
soc: mediatek: cmdq: delete not used define
memory: tegra: Add support for the Tegra194 memory controller
memory: tegra: Only include support for enabled SoCs
memory: tegra: Support DVFS on Tegra186 and later
...
|
|
https://git.linaro.org:/people/jens.wiklander/linux-tee into arm/fixes
Fix OP-TEE compile error with nommu
* tag 'tee-optee-fix2-for-5.5' of https://git.linaro.org:/people/jens.wiklander/linux-tee:
tee: optee: Fix compilation issue with nommu
Link: https://lore.kernel.org/r/20200123101310.GA10320@jax
Signed-off-by: Olof Johansson <olof@lixom.net>
|
|
The optee driver uses specific page table types to verify if a memory
region is normal. These types are not defined in nommu systems. Trying
to compile the driver in these systems results in a build error:
linux/drivers/tee/optee/call.c: In function ‘is_normal_memory’:
linux/drivers/tee/optee/call.c:533:26: error: ‘L_PTE_MT_MASK’ undeclared
(first use in this function); did you mean ‘PREEMPT_MASK’?
return (pgprot_val(p) & L_PTE_MT_MASK) == L_PTE_MT_WRITEALLOC;
^~~~~~~~~~~~~
PREEMPT_MASK
linux/drivers/tee/optee/call.c:533:26: note: each undeclared identifier is
reported only once for each function it appears in
linux/drivers/tee/optee/call.c:533:44: error: ‘L_PTE_MT_WRITEALLOC’ undeclared
(first use in this function)
return (pgprot_val(p) & L_PTE_MT_MASK) == L_PTE_MT_WRITEALLOC;
^~~~~~~~~~~~~~~~~~~
Make the optee driver depend on MMU to fix the compilation issue.
Signed-off-by: Vincenzo Frascino <vincenzo.frascino@arm.com>
[jw: update commit title]
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
optee_shm_register() expected pages to be passed as an array of page
pointers rather than as an array of contiguous pages. So fix that via
correctly passing pages as per expectation.
Fixes: a249dd200d03 ("tee: optee: Fix dynamic shm pool allocations")
Reported-by: Vincent Cao <vincent.t.cao@intel.com>
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Tested-by: Vincent Cao <vincent.t.cao@intel.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
To simplify adding ACPI support to the OP-TEE driver, model it as
a platform driver. This will permit us to use the generic device
property layer for parsing additional properties, regardless of
whether DT or ACPI is being used.
Note that this change will result in the OP-TEE driver to be loaded
automatically on systems that advertise the presence of OP-TEE via
the device tree.
Acked-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Prior to this patch in optee_probe() when optee_enumerate_devices() was
called the struct optee was fully initialized. If
optee_enumerate_devices() returns an error optee_probe() is supposed to
clean up and free the struct optee completely, but will at this late
stage need to call optee_remove() instead. This isn't done and thus
freeing the struct optee prematurely.
With this patch the call to optee_enumerate_devices() is done after
optee_probe() has returned successfully and in case
optee_enumerate_devices() fails everything is cleaned up with a call to
optee_remove().
Fixes: c3fa24af9244 ("tee: optee: add TEE bus device enumeration support")
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
In case of dynamic shared memory pool, kernel memory allocated using
dmabuf_mgr pool needs to be registered with OP-TEE prior to its usage
during optee_open_session() or optee_invoke_func().
So fix dmabuf_mgr pool allocations via an additional call to
optee_shm_register().
Also, allow kernel pages to be registered as shared memory with OP-TEE.
Fixes: 9733b072a12a ("optee: allow to work without static shared memory")
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
If the kernel is compiled with CONFIG_PREEMPT_VOLUNTARY and OP-TEE is
executing a long running workload, the following errors are raised:
[ 1705.971228] rcu: INFO: rcu_sched detected stalls on CPUs/tasks:
[ 1705.977195] rcu: (detected by 0, t=2102 jiffies, g=51977, q=3)
[ 1705.983152] rcu: All QSes seen, last rcu_sched kthread activity 2102 (140596-138494), jiffies_till_next_fqs=1, root ->qsmask 0x0
[ 1705.994729] optee-xtest R running task 0 169 157 0x00000002
While OP-TEE is returning regularly to the kernel due to timer
interrupts, the OPTEE_SMC_FUNC_FOREIGN_INTR case does not contain an
explicit rescheduling point. Add a might_sleep() to the RPC request case
to ensure that the kernel can reschedule another task if OP-TEE requests
RPC handling.
Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Based on 1 normalized pattern(s):
this software is licensed under the terms of the gnu general public
license version 2 as published by the free software foundation and
may be copied distributed and modified under those terms this
program is distributed in the hope that it will be useful but
without any warranty without even the implied warranty of
merchantability or fitness for a particular purpose see the gnu
general public license for more details
extracted by the scancode license scanner the SPDX license identifier
GPL-2.0-only
has been chosen to replace the boilerplate/reference in 285 file(s).
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Reviewed-by: Alexios Zavras <alexios.zavras@intel.com>
Reviewed-by: Allison Randal <allison@lohutok.net>
Cc: linux-spdx@vger.kernel.org
Link: https://lkml.kernel.org/r/20190529141900.642774971@linutronix.de
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
Add SPDX license identifiers to all Make/Kconfig files which:
- Have no license information of any form
These files fall under the project license, GPL v2 only. The resulting SPDX
license identifier is:
GPL-2.0-only
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
|
http://git.linaro.org:/people/jens.wiklander/linux-tee into arm/drivers
Allow OP-TEE driver to work without static shared memory
* tag 'tee-optee-for-5.2' of http://git.linaro.org:/people/jens.wiklander/linux-tee:
optee: allow to work without static shared memory
Signed-off-by: Olof Johansson <olof@lixom.net>
|
|
On virtualized systems it is possible that OP-TEE will provide
only dynamic shared memory support. So it is fine to boot
without static SHM enabled if dymanic one is supported.
Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc
Pull ARM SoC driver updates from Arnd Bergmann:
"As usual, the drivers/tee and drivers/reset subsystems get merged
here, with the expected set of smaller updates and some new hardware
support. The tee subsystem now supports device drivers to be attached
to a tee, the first example here is a random number driver with its
implementation in the secure world.
Three new power domain drivers get added for specific chip families:
- Broadcom BCM283x chips (used in Raspberry Pi)
- Qualcomm Snapdragon phone chips
- Xilinx ZynqMP FPGA SoCs
One new driver is added to talk to the BPMP firmware on NVIDIA
Tegra210
Existing drivers are extended for new SoC variants from NXP, NVIDIA,
Amlogic and Qualcomm"
* tag 'armsoc-drivers' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: (113 commits)
tee: optee: update optee_msg.h and optee_smc.h to dual license
tee: add cancellation support to client interface
dpaa2-eth: configure the cache stashing amount on a queue
soc: fsl: dpio: configure cache stashing destination
soc: fsl: dpio: enable frame data cache stashing per software portal
soc: fsl: guts: make fsl_guts_get_svr() static
hwrng: make symbol 'optee_rng_id_table' static
tee: optee: Fix unsigned comparison with less than zero
hwrng: Fix unsigned comparison with less than zero
tee: fix possible error pointer ctx dereferencing
hwrng: optee: Initialize some structs using memset instead of braces
tee: optee: Initialize some structs using memset instead of braces
soc: fsl: dpio: fix memory leak of a struct qbman on error exit path
clk: tegra: dfll: Make symbol 'tegra210_cpu_cvb_tables' static
soc: qcom: llcc-slice: Fix typos
qcom: soc: llcc-slice: Consolidate some code
qcom: soc: llcc-slice: Clear the global drv_data pointer on error
drivers: soc: xilinx: Add ZynqMP power domain driver
firmware: xilinx: Add APIs to control node status/power
dt-bindings: power: Add ZynqMP power domain bindings
...
|
|
https://git.linaro.org/people/jens.wiklander/linux-tee into arm/drivers
OP-TEE driver
- dual license for optee_msg.h and optee_smc.h
Generic
- add cancellation support to client interface
* tag 'tee-misc-for-v5.1' of https://git.linaro.org/people/jens.wiklander/linux-tee:
tee: optee: update optee_msg.h and optee_smc.h to dual license
tee: add cancellation support to client interface
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
|
|
The files optee_msg.h and optee_smc.h (under drivers/tee/optee) contain
information originating from the OP-TEE OS project [1] [2], where the
licensing terms are BSD 2-Clause. Therefore, apply a dual license to
those files.
Link: [1] https://github.com/OP-TEE/optee_os/blob/master/core/include/optee_msg.h
Link: [2] https://github.com/OP-TEE/optee_os/blob/master/core/arch/arm/include/sm/optee_smc.h
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Add an of_node_put when a tested device node is not available.
The semantic patch that fixes this problem is as follows
(http://coccinelle.lip6.fr):
// <smpl>
@@
identifier f;
local idexpression e;
expression x;
@@
e = f(...);
... when != of_node_put(e)
when != x = e
when != e = x
when any
if (<+...of_device_is_available(e)...+>) {
... when != of_node_put(e)
(
return e;
|
+ of_node_put(e);
return ...;
)
}
// </smpl>
Fixes: db878f76b9ff ("tee: optee: take DT status property into account")
Signed-off-by: Julia Lawall <Julia.Lawall@lip6.fr>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
The return from the call to tee_client_invoke_func can be a
negative error code however this is being assigned to an
unsigned variable 'ret' hence the check is always false.
Fix this by making 'ret' an int.
Detected by Coccinelle ("Unsigned expression compared with zero:
ret < 0")
Fixes: c3fa24af9244 ("tee: optee: add TEE bus device enumeration support")
Signed-off-by: YueHaibing <yuehaibing@huawei.com>
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
|
|
Clang warns:
drivers/tee/optee/device.c:39:31: warning: suggest braces around
initialization of subobject [-Wmissing-braces]
struct tee_param param[4] = {0};
^
{}
drivers/tee/optee/device.c:92:48: warning: suggest braces around
initialization of subobject [-Wmissing-braces]
struct tee_ioctl_open_session_arg sess_arg = {0};
^
{}
2 warnings generated.
One way to fix these warnings is to add additional braces like Clang
suggests; however, there has been a bit of push back from some
maintainers, who just prefer memset as it is unambiguous, doesn't
depend on a particular compiler version, and properly initializes all
subobjects [1][2]. Do that here so there are no more warnings.
[1]: https://lore.kernel.org/lkml/022e41c0-8465-dc7a-a45c-64187ecd9684@amd.com/
[2]: https://lore.kernel.org/lkml/20181128.215241.702406654469517539.davem@davemloft.net/
Fixes: c3fa24af9244 ("tee: optee: add TEE bus device enumeration support")
Link: https://github.com/ClangBuiltLinux/linux/issues/370
Signed-off-by: Nathan Chancellor <natechancellor@gmail.com>
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
|
|
OP-TEE provides a pseudo TA to enumerate TAs which can act as devices/
services for TEE bus. So implement device enumeration using invoke
function: PTA_CMD_GET_DEVICES provided by pseudo TA to fetch array of
device UUIDs. Also register these enumerated devices with TEE bus as
"optee-clntX" device.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Daniel Thompson <daniel.thompson@linaro.org>
[jw: fix optee_enumerate_devices() with no devices found]
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
This flag indicates that requests in this context should not wait for
tee-supplicant daemon to be started if not present and just return
with an error code. It is needed for requests which should be
non-blocking in nature like ones arising from TEE based kernel drivers
or any in kernel api that uses TEE internal client interface.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Daniel Thompson <daniel.thompson@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
https://git.linaro.org/people/jens.wiklander/linux-tee into next/late
OP-TEE dynamic shm log message
Adds a log message in the OP-TEE driver to inform that dynamic shared
memory is enabled.
* tag 'tee-subsys-optee-for-4.21' of https://git.linaro.org/people/jens.wiklander/linux-tee:
tee: optee: log message if dynamic shm is enabled
Signed-off-by: Olof Johansson <olof@lixom.net>
|
|
When dynamic shared memory support is enabled in the OP-TEE Trusted
OS, it doesn't mean that the driver supports it, which can confuse
users during debugging. Log a message when dynamic shared memory is
enabled in the driver, to let users know for sure.
Suggested-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
This bug occurs when:
- a new request arrives, one thread(let's call it A) is pending in
optee_supp_req() with req->busy is initial value false.
- tee-supplicant is killed, then optee_supp_release() is called, this
function calls list_del(&req->link), and set supp->ctx to NULL. And
it also wake up process A.
- process A continues, it firstly checks supp->ctx which is NULL,
then checks req->busy which is false, at last run list_del(&req->link).
This triggers double list_del() and results kernel panic.
For solve this problem, we rename req->busy to req->in_queue, and
associate it with state of whether req is linked to supp->reqs. So we
can just only check req->in_queue to make decision calling list_del()
or not.
Signed-off-by: Zhizhou Zhang <zhizhouzhang@asrmicro.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
git://git.linaro.org/people/jens.wiklander/linux-tee into next/drivers
Misc enhancement for tee driver subsystem
* Adds a kernel internal tee client interface allowing other drivers
etc to access a TEE
* OP-TEE driver takes DT status property into account
* tag 'tee-drv-for-4.20' of git://git.linaro.org/people/jens.wiklander/linux-tee:
tee: add kernel internal client interface
tee: optee: take DT status property into account
Signed-off-by: Olof Johansson <olof@lixom.net>
|
|
DT nodes may have a 'status' property which, if set to anything other
than 'ok' or 'okay', indicates to the OS that the DT node should be
treated as if it was not present. So add that missing logic to the
OP-TEE driver.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
This change adds KCONFIG option to set number of pages out of
whole shared memory to be used for OP-TEE driver private data
structures.
Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
[jw: fixing trivial merge conflict]
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
The two do the same thing, but we want to have a consistent
naming in the kernel.
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
When the driver initializes, report the following information
about the OP-TEE OS:
- major and minor version,
- build identifier (if available).
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Matthias Brugger <mbruger@suse.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
In the OPTEE_SMC_CALL_GET_OS_REVISION request, the previously reserved
parameter a2 is now documented as being an optional build identifier
(such as an SCM revision or commit ID, for instance).
A new structure optee_smc_call_get_os_revision_result is introduced to
be used when querying the secure OS version, instead of re-using the
struct defined for OPTEE_SMC_CALLS_REVISION.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Matthias Brugger <mbruger@suse.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
https://git.linaro.org/people/jens.wiklander/linux-tee into next/drivers
This pull request updates the previous tee-drv-dynamic-shm-for-v4.16 pull
request with five new patches fixing review comments and errors.
Apart from three small fixes there's two larger patches that in the end
checks that memory to be registered really is normal cached memory.
* tag 'tee-drv-dynamic-shm+fixes-for-v4.16' of https://git.linaro.org/people/jens.wiklander/linux-tee:
tee: shm: Potential NULL dereference calling tee_shm_register()
tee: shm: don't put_page on null shm->pages
tee: shm: make function __tee_shm_alloc static
tee: optee: check type of registered shared memory
tee: add start argument to shm_register callback
Signed-off-by: Olof Johansson <olof@lixom.net>
|
|
Checks the memory type of the pages to be registered as shared memory.
Only normal cached memory is allowed.
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Adds a start argument to the shm_register callback to allow the callback
to check memory type of the passed pages.
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
The optee driver includes the header files in an unusual order,
with asm/pgtable.h before the linux/*.h headers. For some reason
this seems to trigger a build failure:
drivers/tee/optee/call.c: In function 'optee_fill_pages_list':
include/asm-generic/memory_model.h:64:14: error: implicit declaration of function 'page_to_section'; did you mean '__nr_to_section'? [-Werror=implicit-function-declaration]
int __sec = page_to_section(__pg); \
drivers/tee/optee/call.c:494:15: note: in expansion of macro 'page_to_phys'
optee_page = page_to_phys(*pages) +
Let's just include linux/mm.h, which will then get the other
header implicitly.
Fixes: 3bb48ba5cd60 ("tee: optee: add page list manipulation functions")
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
|
|
https://git.linaro.org/people/jens.wiklander/linux-tee into next/drivers
Pull "tee dynamic shm for v4.16" from Jens Wiklander:
This pull request enables dynamic shared memory support in the TEE
subsystem as a whole and in OP-TEE in particular.
Global Platform TEE specification [1] allows client applications
to register part of own memory as a shared buffer between
application and TEE. This allows fast zero-copy communication between
TEE and REE. But current implementation of TEE in Linux does not support
this feature.
Also, current implementation of OP-TEE transport uses fixed size
pre-shared buffer for all communications with OP-TEE OS. This is okay
in the most use cases. But this prevents use of OP-TEE in virtualized
environments, because:
a) We can't share the same buffer between different virtual machines
b) Physically contiguous memory as seen by VM can be non-contiguous
in reality (and as seen by OP-TEE OS) due to second stage of
MMU translation.
c) Size of this pre-shared buffer is limited.
So, first part of this pull request adds generic register/unregister
interface to tee subsystem. The second part adds necessary features into
OP-TEE driver, so it can use not only static pre-shared buffer, but
whole RAM to communicate with OP-TEE OS.
This change is backwards compatible allowing older secure world or
user space to work with newer kernels and vice versa.
[1] https://www.globalplatform.org/specificationsdevice.asp
* tag 'tee-drv-dynamic-shm-for-v4.16' of https://git.linaro.org/people/jens.wiklander/linux-tee:
tee: shm: inline tee_shm_get_id()
tee: use reference counting for tee_context
tee: optee: enable dynamic SHM support
tee: optee: add optee-specific shared pool implementation
tee: optee: store OP-TEE capabilities in private data
tee: optee: add registered buffers handling into RPC calls
tee: optee: add registered shared parameters handling
tee: optee: add shared buffer registration functions
tee: optee: add page list manipulation functions
tee: optee: Update protocol definitions
tee: shm: add page accessor functions
tee: shm: add accessors for buffer size and page offset
tee: add register user memory
tee: flexible shared memory pool creation
|
|
https://git.linaro.org/people/jens.wiklander/linux-tee into next/drivers
Pull "Enable async communication with tee supplicant" from Jens Wiklander:
This pull request enables asynchronous communication with TEE supplicant
by introducing meta parameters in the user space API. The meta
parameters can be used to tag requests with an id that can be matched
against an asynchronous response as is done here in the OP-TEE driver.
Asynchronous supplicant communication is needed by OP-TEE to implement
GlobalPlatforms TEE Sockets API Specification v1.0.1. The specification
is available at https://www.globalplatform.org/specificationsdevice.asp.
This change is backwards compatible allowing older supplicants to work
with newer kernels and vice versa.
* tag 'tee-drv-async-supplicant-for-v4.16' of https://git.linaro.org/people/jens.wiklander/linux-tee:
optee: support asynchronous supplicant requests
tee: add TEE_IOCTL_PARAM_ATTR_META
tee: add tee_param_is_memref() for driver use
|
|
Previous patches added various features that are needed for dynamic SHM.
Dynamic SHM allows Normal World to share any buffers with OP-TEE.
While original design suggested to use pre-allocated region (usually of
1M to 2M of size), this new approach allows to use all non-secure RAM for
command buffers, RPC allocations and TA parameters.
This patch checks capability OPTEE_SMC_SEC_CAP_DYNAMIC_SHM. If it was set
by OP-TEE, then kernel part of OP-TEE will use kernel page allocator
to allocate command buffers. Also it will set TEE_GEN_CAP_REG_MEM
capability to tell userspace that it supports shared memory registration.
Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
This is simple pool that uses kernel page allocator. This pool can be
used in case OP-TEE supports dynamic shared memory.
Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Those capabilities will be used in subsequent patches.
Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
With latest changes to OP-TEE we can use any buffers as a shared memory.
Thus, it is possible for supplicant to provide part of own memory
when OP-TEE asks to allocate a shared buffer.
This patch adds support for such feature into RPC handling code.
Now when OP-TEE asks supplicant to allocate shared buffer, supplicant
can use TEE_IOC_SHM_REGISTER to provide such buffer. RPC handler is
aware of this, so it will pass list of allocated pages to OP-TEE.
Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
[jw: fix parenthesis alignment in free_pages_list()]
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Now, when client applications can register own shared buffers in OP-TEE,
we need to extend ABI for parameter passing to/from OP-TEE.
So, if OP-TEE core detects that parameter belongs to registered shared
memory, it will use corresponding parameter attribute.
Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
