op-tee patch set: Enable OP-TEE #59

Reviewed-by: Etienne Carriere <[email protected]> Signed-off-by: Jens Wiklander <[email protected]>

Adds TEE_IOCTL_PARAM_ATTR_META which can be used to indicate meta parameters when communicating with user space. These meta parameters can be used by supplicant support multiple parallel requests at a time. Reviewed-by: Etienne Carriere <[email protected]> Signed-off-by: Jens Wiklander <[email protected]>

Adds support for asynchronous supplicant requests, meaning that the supplicant can process several requests in parallel or block in a request for some time. Acked-by: Etienne Carriere <[email protected]> Tested-by: Etienne Carriere <[email protected]> (b2260 pager=y/n) Signed-off-by: Jens Wiklander <[email protected]>

Makes creation of shm pools more flexible by adding new more primitive functions to allocate a shm pool. This makes it easier to add driver specific shm pool management. Signed-off-by: Jens Wiklander <[email protected]> Signed-off-by: Volodymyr Babchuk <[email protected]>

Added new ioctl to allow users register own buffers as a shared memory. Signed-off-by: Volodymyr Babchuk <[email protected]> [jw: moved tee_shm_is_registered() declaration] [jw: added space after __tee_shm_alloc() implementation] Signed-off-by: Jens Wiklander <[email protected]>

There were changes in REE<->OP-TEE ABI recently. Now ABI allows us to pass non-contiguous memory buffers as list of pages to OP-TEE. This can be achieved by using new parameter attribute OPTEE_MSG_ATTR_NONCONTIG. OP-TEE also is able to use all non-secure RAM for shared buffers. This new capability is enabled with OPTEE_SMC_SEC_CAP_DYNAMIC_SHM flag. This patch adds necessary definitions to the protocol definition files at Linux side. Signed-off-by: Volodymyr Babchuk <[email protected]> Signed-off-by: Jens Wiklander <[email protected]>

These functions will be used to pass information about shared buffers to OP-TEE. ABI between Linux and OP-TEE is defined in optee_msg.h and optee_smc.h. optee_msg.h defines OPTEE_MSG_ATTR_NONCONTIG attribute for shared memory references and describes how such references should be passed. Note that it uses 64-bit page addresses even on 32 bit systems. This is done to support LPAE and to unify interface. Signed-off-by: Volodymyr Babchuk <[email protected]> [jw: replacing uint64_t with u64 in optee_fill_pages_list()] Signed-off-by: Jens Wiklander <[email protected]>

This change adds ops for shm_(un)register functions in tee interface. Client application can use these functions to (un)register an own shared buffer in OP-TEE address space. This allows zero copy data sharing between Normal and Secure Worlds. Please note that while those functions were added to optee code, it does not report to userspace that those functions are available. OP-TEE code does not set TEE_GEN_CAP_REG_MEM flag. This flag will be enabled only after all other features of dynamic shared memory will be implemented in subsequent patches. Of course user can ignore presence of TEE_GEN_CAP_REG_MEM flag and try do call those functions. This is okay, driver will register shared buffer in OP-TEE, but any attempts to use this shared buffer will fail. Signed-off-by: Volodymyr Babchuk <[email protected]> Signed-off-by: Jens Wiklander <[email protected]>

Now, when client applications can register own shared buffers in OP-TEE, we need to extend ABI for parameter passing to/from OP-TEE. So, if OP-TEE core detects that parameter belongs to registered shared memory, it will use corresponding parameter attribute. Signed-off-by: Volodymyr Babchuk <[email protected]> Signed-off-by: Jens Wiklander <[email protected]>

With latest changes to OP-TEE we can use any buffers as a shared memory. Thus, it is possible for supplicant to provide part of own memory when OP-TEE asks to allocate a shared buffer. This patch adds support for such feature into RPC handling code. Now when OP-TEE asks supplicant to allocate shared buffer, supplicant can use TEE_IOC_SHM_REGISTER to provide such buffer. RPC handler is aware of this, so it will pass list of allocated pages to OP-TEE. Signed-off-by: Volodymyr Babchuk <[email protected]> [jw: fix parenthesis alignment in free_pages_list()] Signed-off-by: Jens Wiklander <[email protected]>

Those capabilities will be used in subsequent patches. Signed-off-by: Volodymyr Babchuk <[email protected]> Signed-off-by: Jens Wiklander <[email protected]>

This is simple pool that uses kernel page allocator. This pool can be used in case OP-TEE supports dynamic shared memory. Signed-off-by: Volodymyr Babchuk <[email protected]> Signed-off-by: Jens Wiklander <[email protected]>

Previous patches added various features that are needed for dynamic SHM. Dynamic SHM allows Normal World to share any buffers with OP-TEE. While original design suggested to use pre-allocated region (usually of 1M to 2M of size), this new approach allows to use all non-secure RAM for command buffers, RPC allocations and TA parameters. This patch checks capability OPTEE_SMC_SEC_CAP_DYNAMIC_SHM. If it was set by OP-TEE, then kernel part of OP-TEE will use kernel page allocator to allocate command buffers. Also it will set TEE_GEN_CAP_REG_MEM capability to tell userspace that it supports shared memory registration. Signed-off-by: Volodymyr Babchuk <[email protected]> Signed-off-by: Jens Wiklander <[email protected]>

We need to ensure that tee_context is present until last shared buffer will be freed. Signed-off-by: Volodymyr Babchuk <[email protected]> Signed-off-by: Jens Wiklander <[email protected]>

Now, when struct tee_shm is defined in public header, we can inline small getter functions like this one. Signed-off-by: Volodymyr Babchuk <[email protected]> Signed-off-by: Jens Wiklander <[email protected]>

The optee driver includes the header files in an unusual order, with asm/pgtable.h before the linux/*.h headers. For some reason this seems to trigger a build failure: drivers/tee/optee/call.c: In function 'optee_fill_pages_list': include/asm-generic/memory_model.h:64:14: error: implicit declaration of function 'page_to_section'; did you mean '__nr_to_section'? [-Werror=implicit-function-declaration] int __sec = page_to_section(__pg); \ drivers/tee/optee/call.c:494:15: note: in expansion of macro 'page_to_phys' optee_page = page_to_phys(*pages) + Let's just include linux/mm.h, which will then get the other header implicitly. Fixes: 3bb48ba ("tee: optee: add page list manipulation functions") Signed-off-by: Arnd Bergmann <[email protected]>

Adds a start argument to the shm_register callback to allow the callback to check memory type of the passed pages. Signed-off-by: Jens Wiklander <[email protected]>

Checks the memory type of the pages to be registered as shared memory. Only normal cached memory is allowed. Signed-off-by: Jens Wiklander <[email protected]>

The function __tee_shm_alloc is local to the source and does not need to be in global scope, so make it static. Cleans up sparse warning: symbol '__tee_shm_alloc' was not declared. Should it be static? Signed-off-by: Colin Ian King <[email protected]> Signed-off-by: Jens Wiklander <[email protected]>

In the case that shm->pages fails to allocate, the current exit error path will try to put_page on a null shm->pages and cause a null pointer dereference when accessing shm->pages[n]. Fix this by only performing the put_page and kfree on shm->pages if it is not null. Detected by CoverityScan, CID#1463283 ("Dereference after null check") Fixes: 033ddf1 ("tee: add register user memory") Signed-off-by: Colin Ian King <[email protected]> Signed-off-by: Jens Wiklander <[email protected]>

get_user_pages_fast() can return zero in certain error paths. We should handle that or else it means we accidentally return ERR_PTR(0) which is NULL instead of an error pointer. The callers are not expecting that and will crash with a NULL dereference. Fixes: 033ddf1 ("tee: add register user memory") Signed-off-by: Dan Carpenter <[email protected]> Signed-off-by: Jens Wiklander <[email protected]>

The privileged dev id range is [TEE_NUM_DEVICES / 2, TEE_NUM_DEVICES). The non-privileged dev id range is [0, TEE_NUM_DEVICES / 2). So when finding a slot for them, need to use different max value. Signed-off-by: Peng Fan <[email protected]> Signed-off-by: Jens Wiklander <[email protected]>

In the OPTEE_SMC_CALL_GET_OS_REVISION request, the previously reserved parameter a2 is now documented as being an optional build identifier (such as an SCM revision or commit ID, for instance). A new structure optee_smc_call_get_os_revision_result is introduced to be used when querying the secure OS version, instead of re-using the struct defined for OPTEE_SMC_CALLS_REVISION. Signed-off-by: Jerome Forissier <[email protected]> Reviewed-by: Matthias Brugger <[email protected]> Signed-off-by: Jens Wiklander <[email protected]>

When the driver initializes, report the following information about the OP-TEE OS: - major and minor version, - build identifier (if available). Signed-off-by: Jerome Forissier <[email protected]> Reviewed-by: Matthias Brugger <[email protected]> Signed-off-by: Jens Wiklander <[email protected]>

The two do the same thing, but we want to have a consistent naming in the kernel. Signed-off-by: Arnd Bergmann <[email protected]> Signed-off-by: Jens Wiklander <[email protected]>

This change adds KCONFIG option to set number of pages out of whole shared memory to be used for OP-TEE driver private data structures. Signed-off-by: Sahil Malhotra <[email protected]> [jw: fixing trivial merge conflict] Signed-off-by: Jens Wiklander <[email protected]>

Adds a kernel internal TEE client interface to be used by other drivers. Signed-off-by: Jens Wiklander <[email protected]>

This change allows userland to create a tee_shm object that refers to a dmabuf reference. Userland provides a dmabuf file descriptor as buffer reference. The created tee_shm object exported as a brand new dmabuf reference used to provide a clean fd to userland. Userland shall closed this new fd to release the tee_shm object resources. The initial dmabuf resources are tracked independently through original dmabuf file descriptor. Once the buffer is registered and until it is released, TEE driver keeps a refcount on the registered dmabuf structure. This change only support dmabuf references that relates to physically contiguous memory buffers. New tee_shm flag to identify tee_shm objects built from a registered dmabuf: TEE_SHM_EXT_DMA_BUF. Such tee_shm structures are flagged both TEE_SHM_DMA_BUF and TEE_SHM_EXT_DMA_BUF. Signed-off-by: Etienne Carriere <[email protected]> Reviewed-by: Jens Wiklander <[email protected]>

Add Benchmark support Reviewed-by: Joakim Bech <[email protected]> Signed-off-by: Igor Opaniuk <[email protected]>

<linux/tee_drv.h> is not used by the benchmark code and happens to introduce a compile warning if it is included without <linux/platform_device.h> (or, more exactly, <linux/device.h>). In file included from drivers/tee/optee/optee_bench.h:19:0, from drivers/tee/optee/bench.c:15: ./include/linux/tee_drv.h:127:16: warning: 'struct device' declared inside parameter list will not be visible outside of this definition or declaration struct device *dev, ^~~~~~ Fixes: 4867f93 ("OP-TEE Benchmark **not for mainline**") Signed-off-by: Jerome Forissier <[email protected]> Reviewed-by: Joakim Bech <[email protected]> Acked-by: Jens Wiklander <[email protected]>

Suggested-by: Jerome Forissier <[email protected]> Signed-off-by: Victor Chong <[email protected]> Reviewed-by: Jerome Forissier <[email protected]>

Successful registration of a memory reference in the scope of a TEE content must increase the context refcount. This change adds this missing refcount increase. The context refcount is already decremented when such shm reference is freed by its owner, in tee_shm_release(), hence current unbalance refcount before this path is applied. Fixes: 02b91c7 ("tee: new ioctl to a register tee_shm from a dmabuf file descriptor") Signed-off-by: Etienne Carriere <[email protected]> Tested-by: Etienne Carriere <[email protected]> (Qemu armv7/v8) Acked-by: Jens Wiklander <[email protected]> [jf: update SHA-1 of commit in Fixes: tag after rebasing onto v4.18] Signed-off-by: Jerome Forissier <[email protected]>

Add support of allocating DMA shared buffers via RPC calls. The main difference with OPTEE_MSG_RPC_SHM_TYPE_KERNEL is that SHM pool manager for shared memory exported to user space is explicitly chosen. As dma-buf is used for exporting buffers to userspace, it provides a possiblity to mmap an allocated SHM buffer into multiple TEE client applications (unlike OPTEE_MSG_RPC_SHM_TYPE_APPL, which leverages tee-supplicant for private allocations). Such buffers should be used only for internal purposes, when there is a need to share meta data between different OP-TEE components (for debugging/profiling purposes). Signed-off-by: Igor Opaniuk <[email protected]>

Fix compilation issue: drivers/tee/optee/rpc.c: In function 'handle_rpc_func_cmd_shm_alloc': drivers/tee/optee/rpc.c:236:7: error: 'OPTEE_MSG_RPC_SHM_TYPE_KERNEL_GLOBAL' undeclared (first use in this function) case OPTEE_MSG_RPC_SHM_TYPE_KERNEL_GLOBAL: Fixes: 0c23453 ("tee: support of allocating DMA shared buffers **not for mainline**") Signed-off-by: Igor Opaniuk <[email protected]>

DT nodes may have a 'status' property which, if set to anything other than 'ok' or 'okay', indicates to the OS that the DT node should be treated as if it was not present. So add that missing logic to the OP-TEE driver. Signed-off-by: Ard Biesheuvel <[email protected]> Signed-off-by: Jens Wiklander <[email protected]>

On virtualized systems it is possible that OP-TEE will provide only dynamic shared memory support. So it is fine to boot without static SHM enabled if dymanic one is supported. Signed-off-by: Volodymyr Babchuk <[email protected]>

These two function will be needed for shared memory registration in OP-TEE Signed-off-by: Volodymyr Babchuk <[email protected]> Signed-off-by: Jens Wiklander <[email protected]>

In order to register a shared buffer in TEE, we need accessor function that return list of pages for that buffer. Signed-off-by: Volodymyr Babchuk <[email protected]> Signed-off-by: Jens Wiklander <[email protected]>

Suggested-by: Volodymyr Babchuk <[email protected]> Signed-off-by: Ruslan Shymkevych <[email protected]>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

op-tee patch set: Enable OP-TEE #59

op-tee patch set: Enable OP-TEE #59

Commits on Apr 8, 2019