summaryrefslogtreecommitdiff
path: root/drivers/tee/optee
AgeCommit message (Collapse)Author
2022-09-08firmware: arm_ffa: Make memory apis ffa_device independentSudeep Holla
There is a requirement to make memory APIs independent of the ffa_device. One of the use-case is to have a common memory driver that manages the memory for all the ffa_devices. That common memory driver won't be a ffa_driver or won't have any ffa_device associated with it. So having these memory APIs accessible without a ffa_device is needed and should be possible as most of these are handled by the partition manager(SPM or hypervisor). Drop the ffa_device argument to the memory APIs and make them ffa_device independent. Link: https://lore.kernel.org/r/20220907145240.1683088-7-sudeep.holla@arm.com Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
2022-09-08tee: optee: Drop ffa_ops in optee_ffa structure using ffa_dev->ops directlySudeep Holla
Now that the ffa_device structure holds the pointer to ffa_dev_ops, there is no need to obtain the same through ffa_dev_ops_get(). Just use the ffa_dev->ops directly. Since the ffa_device itself carries ffa_dev_ops now, there is no need to keep a copy in optee_ffa structure. Drop ffa_ops in the optee_ffa structure as it is not needed anymore. Link: https://lore.kernel.org/r/20220907145240.1683088-3-sudeep.holla@arm.com Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
2022-07-08optee: Remove duplicate 'of' in two places.Jiang Jian
file: ./drivers/tee/optee/optee_smc.h line: 192 * a2 Size of of SHM chanegd to * a2 Size of SHM Signed-off-by: Jiang Jian <jiangjian@cdjrlc.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2022-07-08optee: smc_abi.c: fix wrong pointer passed to IS_ERR/PTR_ERR()Yang Yingliang
In optee_smc_do_call_with_arg() there is a code path when the argument struct for RPC is passed appended to the primary argument struct. When the address of the RPC struct is retrieved there's an invalid check for success. It should be 'rpc_arg' pass to IS_ERR/PTR_ERR(). Fixes: ed8faf6c8f8c ("optee: add OPTEE_SMC_CALL_WITH_RPC_ARG and OPTEE_SMC_CALL_WITH_REGD_ARG") Reported-by: Hulk Robot <hulkci@huawei.com> Signed-off-by: Yang Yingliang <yangyingliang@huawei.com> [jw: added background to the problem] Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2022-05-30Merge tag 'optee-warning-for-v5.19' of ↵Arnd Bergmann
https://git.linaro.org/people/jens.wiklander/linux-tee into arm/late Fix a compiler warning in OP-TEE driver * tag 'optee-warning-for-v5.19' of https://git.linaro.org/people/jens.wiklander/linux-tee: tee: optee: Pass a pointer to virt_addr_valid() Link: https://lore.kernel.org/r/20220530112612.GA1511426@jade Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2022-05-30tee: optee: Pass a pointer to virt_addr_valid()Linus Walleij
A pointer into virtual memory is represented by a (void *) not an u32, so the compiler warns: drivers/tee/optee/call.c:365:29: warning: passing argument 1 of 'virt_to_pfn' makes pointer from integer without a cast [-Wint-conversion] Fix this with an explicit cast. Cc: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Linus Walleij <linus.walleij@linaro.org> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> [jw: fixed merge conflict] Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2022-05-26Merge tag 'arm-drivers-5.19' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc Pull ARM driver updates from Arnd Bergmann: "There are minor updates to SoC specific drivers for chips by Rockchip, Samsung, NVIDIA, TI, NXP, i.MX, Qualcomm, and Broadcom. Noteworthy driver changes include: - Several conversions of DT bindings to yaml format. - Renesas adds driver support for R-Car V4H, RZ/V2M and RZ/G2UL SoCs. - Qualcomm adds a bus driver for the SSC (Snapdragon Sensor Core), and support for more chips in the RPMh power domains and the soc-id. - NXP has a new driver for the HDMI blk-ctrl on i.MX8MP. - Apple M1 gains support for the on-chip NVMe controller, making it possible to finally use the internal disks. This also includes SoC drivers for their RTKit IPC and for the SART DMA address filter. For other subsystems that merge their drivers through the SoC tree, we have - Firmware drivers for the ARM firmware stack including TEE, OP-TEE, SCMI and FF-A get a number of smaller updates and cleanups. OP-TEE now has a cache for firmware argument structures as an optimization, and SCMI now supports the 3.1 version of the specification. - Reset controller updates to Amlogic, ASpeed, Renesas and ACPI drivers - Memory controller updates for Tegra, and a few updates for other platforms" * tag 'arm-drivers-5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: (159 commits) memory: tegra: Add MC error logging on Tegra186 onward memory: tegra: Add memory controller channels support memory: tegra: Add APE memory clients for Tegra234 memory: tegra: Add Tegra234 support nvme-apple: fix sparse endianess warnings soc/tegra: pmc: Document core domain fields soc: qcom: pdr: use static for servreg_* variables soc: imx: fix semicolon.cocci warnings soc: renesas: R-Car V3U is R-Car Gen4 soc: imx: add i.MX8MP HDMI blk-ctrl soc: imx: imx8m-blk-ctrl: Add i.MX8MP media blk-ctrl soc: imx: add i.MX8MP HSIO blk-ctrl soc: imx: imx8m-blk-ctrl: set power device name soc: qcom: llcc: Add sc8180x and sc8280xp configurations dt-bindings: arm: msm: Add sc8180x and sc8280xp LLCC compatibles soc/tegra: pmc: Select REGMAP dt-bindings: reset: st,sti-powerdown: Convert to yaml dt-bindings: reset: st,sti-picophyreset: Convert to yaml dt-bindings: reset: socfpga: Convert to yaml dt-bindings: reset: snps,axs10x-reset: Convert to yaml ...
2022-05-05Merge tag 'optee-rpc-arg-for-v5.19' of ↵Arnd Bergmann
https://git.linaro.org/people/jens.wiklander/linux-tee into arm/drivers OP-TEE RPC argument cache Adds caching of the OP-TEE argument structure used to pass request to secure world. This reduces quite a bit of unnecessary alloc/free and possibly switching back and forth to secure work in order to register the buffers in some configurations, most notably FF-A. * tag 'optee-rpc-arg-for-v5.19' of https://git.linaro.org/people/jens.wiklander/linux-tee: optee: cache argument shared memory structs optee: add FF-A capability OPTEE_FFA_SEC_CAP_ARG_OFFSET optee: add OPTEE_SMC_CALL_WITH_RPC_ARG and OPTEE_SMC_CALL_WITH_REGD_ARG optee: rename rpc_arg_count to rpc_param_count Link: https://lore.kernel.org/r/20220504201759.GA180315@jade Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2022-05-05Merge tag 'ffa-updates-5.19' of ↵Arnd Bergmann
git://git.kernel.org/pub/scm/linux/kernel/git/sudeep.holla/linux into arm/drivers Arm FF-A firmware driver updates/fixes for v5.19 Couple of fixes to handle fragmented memory descriptors and incorrect UUID parameter passed to ffa_partition_probe. Another fix deals with the incorrect use of ffa_device's driver_data by the core driver. Apart from these fixes, there is an addition of ffa_dev_get_drvdata helper function and its use in optee driver. * tag 'ffa-updates-5.19' of git://git.kernel.org/pub/scm/linux/kernel/git/sudeep.holla/linux: tee: optee: Use ffa_dev_get_drvdata to fetch driver_data firmware: arm_ffa: Add ffa_dev_get_drvdata helper function firmware: arm_ffa: Remove incorrect assignment of driver_data firmware: arm_ffa: Fix uuid parameter to ffa_partition_probe firmware: arm_ffa: Fix handling of fragmented memory descriptors Link: https://lore.kernel.org/r/20220504112853.3491961-1-sudeep.holla@arm.com Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2022-04-29tee: optee: Use ffa_dev_get_drvdata to fetch driver_dataSudeep Holla
Due to lack of an helper like ffa_dev_get_drvdata, this driver was fetching driver_data directly accessing the structure member. Now that we have added an helper, just use the same instead. Link: https://lore.kernel.org/r/20220429113946.2087145-4-sudeep.holla@arm.com Signed-off-by: Sudeep Holla <sudeep.holla@arm.com>
2022-04-25optee: cache argument shared memory structsJens Wiklander
Implements a cache to handle shared memory used to pass the argument struct needed when doing a normal yielding call into secure world. Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2022-04-13optee: add FF-A capability OPTEE_FFA_SEC_CAP_ARG_OFFSETJens Wiklander
Adds the secure capability OPTEE_FFA_SEC_CAP_ARG_OFFSET to indicate that OP-TEE with FF-A can support an argument struct at a non-zero offset into a passed shared memory object. Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2022-04-13optee: add OPTEE_SMC_CALL_WITH_RPC_ARG and OPTEE_SMC_CALL_WITH_REGD_ARGJens Wiklander
Adds OPTEE_SMC_CALL_WITH_RPC_ARG and OPTEE_SMC_CALL_WITH_REGD_ARG where the struct optee_msg_arg to be used for RPC is appended in the memory following the normal argument struct optee_msg_arg. This is an optimization to avoid caching the RPC argument struct while still maintaining similar performance as if it was cached. OPTEE_SMC_CALL_WITH_REGD_ARG optimized one step further by using a registered shared memory object instead. It's in other aspects identical to OPTEE_SMC_CALL_WITH_RPC_ARG. The presence of OPTEE_SMC_CALL_WITH_RPC_ARG and OPTEE_SMC_CALL_WITH_REGD_ARG is indicated by the new OPTEE_SMC_SEC_CAP_RPC_ARG bit returned by OPTEE_SMC_EXCHANGE_CAPABILITIES. OPTEE_SMC_EXCHANGE_CAPABILITIES also reports the number of arguments that the RPC argument struct must have room for. OPTEE_SMC_CALL_WITH_RPC_ARG and OPTEE_SMC_CALL_WITH_ARG can be used interleaved with difference that when OPTEE_SMC_CALL_WITH_RPC_ARG is used the RPC argument struct to be used is the one appended to the normal argument struct. The same is true for OPTEE_SMC_CALL_WITH_REGD_ARG. Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2022-04-13optee: rename rpc_arg_count to rpc_param_countJens Wiklander
Renames the field rpc_arg_count in struct optee to rpc_param_count. Function parameter names and local variables are also renamed to match. Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2022-04-05tee: optee: add missing mutext_destroy in optee_ffa_probeDongliang Mu
The error handling code of optee_ffa_probe misses the mutex_destroy of ffa.mutex when mutext_init succeeds. Fix this by adding mutex_destory of ffa.mutex at the error handling part Fixes: aceeafefff73 ("optee: use driver internal tee_context for some rpc") Signed-off-by: Dongliang Mu <mudongliangabcd@gmail.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2022-04-05tee: make tee_shm_register_kernel_buf vmalloc supportedPhil Chang
In some low-memory devices, it's hard to aquire large-orders pages, this patch allowed user using scatter pages to register shm. Signed-off-by: Phil Chang <phil.chang@mediatek.com> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2022-03-23Merge tag 'arm-drivers-5.18' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc Pull ARM driver updates from Arnd Bergmann: "There are a few separately maintained driver subsystems that we merge through the SoC tree, notable changes are: - Memory controller updates, mainly for Tegra and Mediatek SoCs, and clarifications for the memory controller DT bindings - SCMI firmware interface updates, in particular a new transport based on OPTEE and support for atomic operations. - Cleanups to the TEE subsystem, refactoring its memory management For SoC specific drivers without a separate subsystem, changes include - Smaller updates and fixes for TI, AT91/SAMA5, Qualcomm and NXP Layerscape SoCs. - Driver support for Microchip SAMA5D29, Tesla FSD, Renesas RZ/G2L, and Qualcomm SM8450. - Better power management on Mediatek MT81xx, NXP i.MX8MQ and older NVIDIA Tegra chips" * tag 'arm-drivers-5.18' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: (154 commits) ARM: spear: fix typos in comments soc/microchip: fix invalid free in mpfs_sys_controller_delete soc: s4: Add support for power domains controller dt-bindings: power: add Amlogic s4 power domains bindings ARM: at91: add support in soc driver for new SAMA5D29 soc: mediatek: mmsys: add sw0_rst_offset in mmsys driver data dt-bindings: memory: renesas,rpc-if: Document RZ/V2L SoC memory: emif: check the pointer temp in get_device_details() memory: emif: Add check for setup_interrupts dt-bindings: arm: mediatek: mmsys: add support for MT8186 dt-bindings: mediatek: add compatible for MT8186 pwrap soc: mediatek: pwrap: add pwrap driver for MT8186 SoC soc: mediatek: mmsys: add mmsys reset control for MT8186 soc: mediatek: mtk-infracfg: Disable ACP on MT8192 soc: ti: k3-socinfo: Add AM62x JTAG ID soc: mediatek: add MTK mutex support for MT8186 soc: mediatek: mmsys: add mt8186 mmsys routing table soc: mediatek: pm-domains: Add support for mt8186 dt-bindings: power: Add MT8186 power domains soc: mediatek: pm-domains: Add support for mt8195 ...
2022-02-18Merge tag 'optee-fix2-for-v5.17' of ↵Arnd Bergmann
git://git.linaro.org/people/jens.wiklander/linux-tee into arm/fixes OP-TEE fix error return code in probe functions * tag 'optee-fix2-for-v5.17' of git://git.linaro.org/people/jens.wiklander/linux-tee: tee: optee: fix error return code in probe function Link: https://lore.kernel.org/r/20220214125931.GA1332792@jade Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2022-02-16tee: refactor TEE_SHM_* flagsJens Wiklander
Removes the redundant TEE_SHM_DMA_BUF, TEE_SHM_EXT_DMA_BUF, TEE_SHM_MAPPED and TEE_SHM_KERNEL_MAPPED flags. TEE_SHM_REGISTER is renamed to TEE_SHM_DYNAMIC in order to better match its usage. Assigns new values to the remaining flags to void gaps. Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2022-02-16optee: add optee_pool_op_free_helper()Jens Wiklander
Adds a common helper function to free a tee_shm allocated using the helper function optee_pool_op_alloc_helper(). Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2022-02-16tee: replace tee_shm_alloc()Jens Wiklander
tee_shm_alloc() is replaced by three new functions, tee_shm_alloc_user_buf() - for user mode allocations, replacing passing the flags TEE_SHM_MAPPED | TEE_SHM_DMA_BUF tee_shm_alloc_kernel_buf() - for kernel mode allocations, slightly optimized compared to using the flags TEE_SHM_MAPPED | TEE_SHM_DMA_BUF. tee_shm_alloc_priv_buf() - primarily for TEE driver internal use. This also makes the interface easier to use as we can get rid of the somewhat hard to use flags parameter. The TEE subsystem and the TEE drivers are updated to use the new functions instead. Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2022-02-16tee: simplify shm pool handlingJens Wiklander
Replaces the shared memory pool based on two pools with a single pool. The alloc() function pointer in struct tee_shm_pool_ops gets another parameter, align. This makes it possible to make less than page aligned allocations from the optional reserved shared memory pool while still making user space allocations page aligned. With in practice unchanged behaviour using only a single pool for bookkeeping. The allocation algorithm in the static OP-TEE shared memory pool is changed from best-fit to first-fit since only the latter supports an alignment parameter. The best-fit algorithm was previously the default choice and not a conscious one. The optee and amdtee drivers are updated as needed to work with this changed pool handling. This also removes OPTEE_SHM_NUM_PRIV_PAGES which becomes obsolete with this change as the private pages can be mixed with the payload pages. The OP-TEE driver changes minimum alignment for argument struct from 8 bytes to 512 bytes. A typical OP-TEE private shm allocation is 224 bytes (argument struct with 6 parameters, needed for open session). So with an alignment of 512 well waste a bit more than 50%. Before this we had a single page reserved for this so worst case usage compared to that would be 3 pages instead of 1 page. However, this worst case only occurs if there is a high pressure from multiple threads on secure world. All in all this should scale up and down better than fixed boundaries. Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2022-02-14tee: optee: fix error return code in probe functionYang Yingliang
If teedev_open() fails, probe function need return error code. Fixes: aceeafefff73 ("optee: use driver internal tee_context for some rpc") Reported-by: Hulk Robot <hulkci@huawei.com> Signed-off-by: Yang Yingliang <yangyingliang@huawei.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2022-02-08Merge tag 'optee-fixes-for-v5.17' of ↵Arnd Bergmann
git://git.linaro.org/people/jens.wiklander/linux-tee into arm/fixes OP-TE fixes for v5.17 - Adds error checking in optee_ffa_do_call_with_arg() - Reintroduces an accidentally lost fix for a memref size check - Uses bitmap_free() to free memory obtained with bitmap_zalloc() * tag 'optee-fixes-for-v5.17' of git://git.linaro.org/people/jens.wiklander/linux-tee: optee: add error checks in optee_ffa_do_call_with_arg() tee: optee: do not check memref size on return from Secure World optee: Use bitmap_free() to free bitmap Link: https://lore.kernel.org/r/20220126102609.GA1516258@jade Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2022-02-03optee: use driver internal tee_context for some rpcJens Wiklander
Adds a driver private tee_context by moving the tee_context in struct optee_notif to struct optee. This tee_context was previously used when doing internal calls to secure world to deliver notification. The new driver internal tee_context is now also when allocating driver private shared memory. This decouples the shared memory object from its original tee_context. This is needed when the life time of such a memory allocation outlives the client tee_context. This patch fixes the problem described below: The addition of a shutdown hook by commit f25889f93184 ("optee: fix tee out of memory failure seen during kexec reboot") introduced a kernel shutdown regression that can be triggered after running the OP-TEE xtest suites. Once the shutdown hook is called it is not possible to communicate any more with the supplicant process because the system is not scheduling task any longer. Thus if the optee driver shutdown path receives a supplicant RPC request from the OP-TEE we will deadlock the kernel's shutdown. Fixes: f25889f93184 ("optee: fix tee out of memory failure seen during kexec reboot") Fixes: 217e0250cccb ("tee: use reference counting for tee_context") Reported-by: Lars Persson <larper@axis.com> Cc: stable@vger.kernel.org Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2022-01-24optee: add error checks in optee_ffa_do_call_with_arg()Jens Wiklander
Adds error checking in optee_ffa_do_call_with_arg() for correctness. Fixes: 4615e5a34b95 ("optee: add FF-A support") Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2022-01-24tee: optee: do not check memref size on return from Secure WorldJerome Forissier
Commit c650b8dc7a79 ("tee: optee: do not check memref size on return from Secure World") was mistakenly lost in commit 4602c5842f64 ("optee: refactor driver with internal callbacks"). Remove the unwanted code again. Fixes: 4602c5842f64 ("optee: refactor driver with internal callbacks") Signed-off-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2022-01-24optee: Use bitmap_free() to free bitmapChristophe JAILLET
kfree() and bitmap_free() are the same. But using the latter is more consistent when freeing memory allocated with bitmap_zalloc(). Signed-off-by: Christophe JAILLET <christophe.jaillet@wanadoo.fr> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2022-01-10Merge tag 'drivers-5.17' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc Pull ARM SoC driver updates from Arnd Bergmann: "There are cleanups and minor bugfixes across several SoC specific drivers, for Qualcomm, Samsung, NXP i.MX, AT91, Tegra, Keystone, Renesas, ZynqMP Noteworthy new features are: - The op-tee firmware driver gains support for asynchronous notifications from secure-world firmware. - Qualcomm platforms gain support for new SoC types in various drivers: power domain, cache controller, RPM sleep, soc-info - Samsung SoC drivers gain support for new SoCs in ChipID and PMU, as well as a new USIv2 driver that handles various types of serial communiction (uart, i2c, spi) - Renesas adds support for R-Car S4-8 (R8A779F0) in multiple drivers, as well as memory controller support for RZ/G2L (R9A07G044). - Apple M1 gains support for the PMGR power management driver" * tag 'drivers-5.17' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: (94 commits) soc: qcom: rpmh-rsc: Fix typo in a comment soc: qcom: socinfo: Add SM6350 and SM7225 dt-bindings: arm: msm: Don't mark LLCC interrupt as required dt-bindings: firmware: scm: Add SM6350 compatible dt-bindings: arm: msm: Add LLCC for SM6350 soc: qcom: rpmhpd: Sort power-domain definitions and lists soc: qcom: rpmhpd: Remove mx/cx relationship on sc7280 soc: qcom: rpmhpd: Rename rpmhpd struct names soc: qcom: rpmhpd: sm8450: Add the missing .peer for sm8450_cx_ao soc: qcom: socinfo: add SM8450 ID soc: qcom: rpmhpd: Add SM8450 power domains dt-bindings: power: rpmpd: Add SM8450 to rpmpd binding soc: qcom: smem: Update max processor count dt-bindings: arm: qcom: Document SM8450 SoC and boards dt-bindings: firmware: scm: Add SM8450 compatible dt-bindings: arm: cpus: Add kryo780 compatible soc: qcom: rpmpd: Add support for sm6125 dt-bindings: qcom-rpmpd: Add sm6125 power domains soc: qcom: aoss: constify static struct thermal_cooling_device_ops PM: AVS: qcom-cpr: Use div64_ul instead of do_div ...
2021-12-16optee: Suppress false positive kmemleak report in optee_handle_rpc()Xiaolei Wang
We observed the following kmemleak report: unreferenced object 0xffff000007904500 (size 128): comm "swapper/0", pid 1, jiffies 4294892671 (age 44.036s) hex dump (first 32 bytes): 00 47 90 07 00 00 ff ff 60 00 c0 ff 00 00 00 00 .G......`....... 60 00 80 13 00 80 ff ff a0 00 00 00 00 00 00 00 `............... backtrace: [<000000004c12b1c7>] kmem_cache_alloc+0x1ac/0x2f4 [<000000005d23eb4f>] tee_shm_alloc+0x78/0x230 [<00000000794dd22c>] optee_handle_rpc+0x60/0x6f0 [<00000000d9f7c52d>] optee_do_call_with_arg+0x17c/0x1dc [<00000000c35884da>] optee_open_session+0x128/0x1ec [<000000001748f2ff>] tee_client_open_session+0x28/0x40 [<00000000aecb5389>] optee_enumerate_devices+0x84/0x2a0 [<000000003df18bf1>] optee_probe+0x674/0x6cc [<000000003a4a534a>] platform_drv_probe+0x54/0xb0 [<000000000c51ce7d>] really_probe+0xe4/0x4d0 [<000000002f04c865>] driver_probe_device+0x58/0xc0 [<00000000b485397d>] device_driver_attach+0xc0/0xd0 [<00000000c835f0df>] __driver_attach+0x84/0x124 [<000000008e5a429c>] bus_for_each_dev+0x70/0xc0 [<000000001735e8a8>] driver_attach+0x24/0x30 [<000000006d94b04f>] bus_add_driver+0x104/0x1ec This is not a memory leak because we pass the share memory pointer to secure world and would get it from secure world before releasing it. Signed-off-by: Xiaolei Wang <xiaolei.wang@windriver.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-12-16tee: optee: Fix incorrect page free bugSumit Garg
Pointer to the allocated pages (struct page *page) has already progressed towards the end of allocation. It is incorrect to perform __free_pages(page, order) using this pointer as we would free any arbitrary pages. Fix this by stop modifying the page pointer. Fixes: ec185dd3ab25 ("optee: Fix memory leak when failing to register shm pages") Cc: stable@vger.kernel.org Reported-by: Patrik Lantz <patrik.lantz@axis.com> Signed-off-by: Sumit Garg <sumit.garg@linaro.org> Reviewed-by: Tyler Hicks <tyhicks@linux.microsoft.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-11-29optee: Fix NULL but dereferenced coccicheck errorYang Li
Eliminate the following coccicheck warning: ./drivers/tee/optee/smc_abi.c:1508:12-15: ERROR: optee is NULL but dereferenced. Reported-by: Abaci Robot <abaci@linux.alibaba.com> Fixes: 6749e69c4dad ("optee: add asynchronous notifications") Signed-off-by: Yang Li <yang.lee@linux.alibaba.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-11-17optee: add asynchronous notificationsJens Wiklander
Adds support for asynchronous notifications from secure world to normal world. This allows a design with a top half and bottom half type of driver where the top half runs in secure interrupt context and a notifications tells normal world to schedule a yielding call to do the bottom half processing. The protocol is defined in optee_msg.h optee_rpc_cmd.h and optee_smc.h. A notification consists of a 32-bit value which normal world can retrieve using a fastcall into secure world. The value OPTEE_SMC_ASYNC_NOTIF_VALUE_DO_BOTTOM_HALF (0) has a special meaning. When this value is sent it means that normal world is supposed to make a yielding call OPTEE_MSG_CMD_DO_BOTTOM_HALF. Notification capability is negotiated while the driver is initialized. If both sides supports these notifications then they are enabled. An interrupt is used to notify the driver that there are asynchronous notifications pending. The maximum needed notification value is communicated at this stage. This allows scaling up when needed. Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-11-17optee: separate notification functionsJens Wiklander
Renames struct optee_wait_queue to struct optee_notif and all related functions to optee_notif_*(). The implementation is changed to allow sending a notification from an atomic state, that is from the top half of an interrupt handler. Waiting for keys is currently only used when secure world is waiting for a mutex or condition variable. The old implementation could handle any 32-bit key while this new implementation is restricted to only 8 bits or the maximum value 255. A upper value is needed since a bitmap is allocated to allow an interrupt handler to only set a bit in case the waiter hasn't had the time yet to allocate and register a completion. The keys are currently only representing secure world threads which number usually are never even close to 255 so it should be safe for now. In future ABI updates the maximum value of the key will be communicated while the driver is initializing. Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-11-16optee: fix kfree NULL pointerLv Ruyi
This patch fixes the following Coccinelle error: drivers/tee/optee/ffa_abi.c: 877: ERROR optee is NULL but dereferenced. If memory allocation fails, optee is null pointer. the code will goto err and release optee. Fixes: 4615e5a34b95 ("optee: add FF-A support") Reported-by: Zeal Robot <zealci@zte.com.cn> Signed-off-by: Lv Ruyi <lv.ruyi@zte.com.cn> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> [jw: removed the redundant braces] Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-11-02Merge tag 'optee-ffa-fix-for-v5.16' of ↵Arnd Bergmann
git://git.linaro.org/people/jens.wiklander/linux-tee into arm/drivers Fix spell errors in OP-TEE FF-A driver log messages * tag 'optee-ffa-fix-for-v5.16' of git://git.linaro.org/people/jens.wiklander/linux-tee: optee: Fix spelling mistake "reclain" -> "reclaim" Link: https://lore.kernel.org/r/20211028185142.GA2489375@jade Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2021-10-28optee: Fix spelling mistake "reclain" -> "reclaim"Colin Ian King
There are spelling mistakes in pr_err error messages. Fix them. Fixes: 4615e5a34b95 ("optee: add FF-A support") Signed-off-by: Colin Ian King <colin.i.king@gmail.com> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> [jw: added a fixes] Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-10-21optee: smc_abi.c: add missing #include <linux/mm.h>Jens Wiklander
Adds missing #include <linux/mm.h> drivers/tee/optee/smc_abi.c to fix compile errors like: drivers/tee/optee/smc_abi.c:405:15: error: implicit declaration of function 'page_to_section' [-Werror,-Wimplicit-function-declaration] optee_page = page_to_phys(*pages) + ^ arch/arm/include/asm/memory.h:148:43: note: expanded from macro 'page_to_phys' ^ include/asm-generic/memory_model.h:52:21: note: expanded from macro 'page_to_pfn' ^ include/asm-generic/memory_model.h:35:14: note: expanded from macro '__page_to_pfn' int __sec = page_to_section(__pg); \ ^ drivers/tee/optee/smc_abi.c:405:15: note: did you mean '__nr_to_section'? arch/arm/include/asm/memory.h:148:43: note: expanded from macro 'page_to_phys' ^ include/asm-generic/memory_model.h:52:21: note: expanded from macro 'page_to_pfn' ^ include/asm-generic/memory_model.h:35:14: note: expanded from macro '__page_to_pfn' int __sec = page_to_section(__pg); \ ^ include/linux/mmzone.h:1365:35: note: '__nr_to_section' declared here static inline struct mem_section *__nr_to_section(unsigned long nr) Fixes: c51a564a5b48 ("optee: isolate smc abi") Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> Link: https://lore.kernel.org/r/20211021125539.3858495-1-jens.wiklander@linaro.org' Signed-off-by: Arnd Bergmann <arnd@arndb.de>
2021-10-18optee: add FF-A supportJens Wiklander
Adds support for using FF-A [1] as transport to the OP-TEE driver. Introduces struct optee_msg_param_fmem which carries all information needed when OP-TEE is calling FFA_MEM_RETRIEVE_REQ to get the shared memory reference mapped by the hypervisor in S-EL2. Register usage is also updated to include the information needed. The FF-A part of this driver is enabled if CONFIG_ARM_FFA_TRANSPORT is enabled. [1] https://developer.arm.com/documentation/den0077/latest Acked-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-10-18optee: isolate smc abiJens Wiklander
Isolate the ABI based on raw SMCs. Code specific to the raw SMC ABI is moved into smc_abi.c. This makes room for other ABIs with a clear separation. The driver changes to use module_init()/module_exit() instead of module_platform_driver(). The platform_driver_register() and platform_driver_unregister() functions called directly to keep the same behavior. This is needed because module_platform_driver() is based on module_driver() which can only be used once in a module. A function optee_rpc_cmd() is factored out from the function handle_rpc_func_cmd() to handle the ABI independent part of RPC processing. This patch is not supposed to change the driver behavior, it's only a matter of reorganizing the code. Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-10-15optee: refactor driver with internal callbacksJens Wiklander
The OP-TEE driver is refactored with three internal callbacks replacing direct calls to optee_from_msg_param(), optee_to_msg_param() and optee_do_call_with_arg(). These functions a central to communicating with OP-TEE in secure world by using the SMC Calling Convention directly. This refactoring makes room for using other primitives to communicate with OP-TEE in secure world while being able to reuse as much as possible from the present driver. Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-10-15optee: simplify optee_release()Jens Wiklander
Simplifies optee_release() with a new helper function, optee_close_session_helper() which has been factored out from optee_close_session(). A separate optee_release_supp() is added for the supplicant device. Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-10-12tee: optee: Fix missing devices unregister during optee_removeSumit Garg
When OP-TEE driver is built as a module, OP-TEE client devices registered on TEE bus during probe should be unregistered during optee_remove. So implement optee_unregister_devices() accordingly. Fixes: c3fa24af9244 ("tee: optee: add TEE bus device enumeration support") Reported-by: Sudeep Holla <sudeep.holla@arm.com> Signed-off-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-09-14tee/optee/shm_pool: fix application of sizeof to pointerjing yangyang
sizeof when applied to a pointer typed expression gives the size of the pointer. ./drivers/tee/optee/shm_pool.c:38:28-34: ERROR application of sizeof to pointer This issue was detected with the help of Coccinelle. Reviewed-by: Daniel Thompson <daniel.thompson@linaro.org> Reported-by: Zeal Robot <zealci@zte.com.cn> Signed-off-by: jing yangyang <jing.yangyang@zte.com.cn> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-07-21tee: Correct inappropriate usage of TEE_SHM_DMA_BUF flagSumit Garg
Currently TEE_SHM_DMA_BUF flag has been inappropriately used to not register shared memory allocated for private usage by underlying TEE driver: OP-TEE in this case. So rather add a new flag as TEE_SHM_PRIV that can be utilized by underlying TEE drivers for private allocation and usage of shared memory. With this corrected, allow tee_shm_alloc_kernel_buf() to allocate a shared memory region without the backing of dma-buf. Cc: stable@vger.kernel.org Signed-off-by: Sumit Garg <sumit.garg@linaro.org> Co-developed-by: Tyler Hicks <tyhicks@linux.microsoft.com> Signed-off-by: Tyler Hicks <tyhicks@linux.microsoft.com> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-07-21optee: Clear stale cache entries during initializationTyler Hicks
The shm cache could contain invalid addresses if optee_disable_shm_cache() was not called from the .shutdown hook of the previous kernel before a kexec. These addresses could be unmapped or they could point to mapped but unintended locations in memory. Clear the shared memory cache, while being careful to not translate the addresses returned from OPTEE_SMC_DISABLE_SHM_CACHE, during driver initialization. Once all pre-cache shm objects are removed, proceed with enabling the cache so that we know that we can handle cached shm objects with confidence later in the .shutdown hook. Cc: stable@vger.kernel.org Signed-off-by: Tyler Hicks <tyhicks@linux.microsoft.com> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-07-21optee: fix tee out of memory failure seen during kexec rebootAllen Pais
The following out of memory errors are seen on kexec reboot from the optee core. [ 0.368428] tee_bnxt_fw optee-clnt0: tee_shm_alloc failed [ 0.368461] tee_bnxt_fw: probe of optee-clnt0 failed with error -22 tee_shm_release() is not invoked on dma shm buffer. Implement .shutdown() method to handle the release of the buffers correctly. More info: https://github.com/OP-TEE/optee_os/issues/3637 Cc: stable@vger.kernel.org Signed-off-by: Allen Pais <apais@linux.microsoft.com> Reviewed-by: Tyler Hicks <tyhicks@linux.microsoft.com> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-07-21optee: Refuse to load the driver under the kdump kernelTyler Hicks
Fix a hung task issue, seen when booting the kdump kernel, that is caused by all of the secure world threads being in a permanent suspended state: INFO: task swapper/0:1 blocked for more than 120 seconds. Not tainted 5.4.83 #1 "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. swapper/0 D 0 1 0 0x00000028 Call trace: __switch_to+0xc8/0x118 __schedule+0x2e0/0x700 schedule+0x38/0xb8 schedule_timeout+0x258/0x388 wait_for_completion+0x16c/0x4b8 optee_cq_wait_for_completion+0x28/0xa8 optee_disable_shm_cache+0xb8/0xf8 optee_probe+0x560/0x61c platform_drv_probe+0x58/0xa8 really_probe+0xe0/0x338 driver_probe_device+0x5c/0xf0 device_driver_attach+0x74/0x80 __driver_attach+0x64/0xe0 bus_for_each_dev+0x84/0xd8 driver_attach+0x30/0x40 bus_add_driver+0x188/0x1e8 driver_register+0x64/0x110 __platform_driver_register+0x54/0x60 optee_driver_init+0x20/0x28 do_one_initcall+0x54/0x24c kernel_init_freeable+0x1e8/0x2c0 kernel_init+0x18/0x118 ret_from_fork+0x10/0x18 The invoke_fn hook returned OPTEE_SMC_RETURN_ETHREAD_LIMIT, indicating that the secure world threads were all in a suspended state at the time of the kernel crash. This intermittently prevented the kdump kernel from booting, resulting in a failure to collect the kernel dump. Make kernel dump collection more reliable on systems utilizing OP-TEE by refusing to load the driver under the kdump kernel. Cc: stable@vger.kernel.org Signed-off-by: Tyler Hicks <tyhicks@linux.microsoft.com> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-07-21optee: Fix memory leak when failing to register shm pagesTyler Hicks
Free the previously allocated pages when we encounter an error condition while attempting to register the pages with the secure world. Fixes: a249dd200d03 ("tee: optee: Fix dynamic shm pool allocations") Fixes: 5a769f6ff439 ("optee: Fix multi page dynamic shm pool alloc") Cc: stable@vger.kernel.org Signed-off-by: Tyler Hicks <tyhicks@linux.microsoft.com> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
2021-05-18optee: use export_uuid() to copy client UUIDJens Wiklander
Prior to this patch optee_open_session() was making assumptions about the internal format of uuid_t by casting a memory location in a parameter struct to uuid_t *. Fix this using export_uuid() to get a well defined binary representation and also add an octets field in struct optee_msg_param in order to avoid casting. Fixes: c5b4312bea5d ("tee: optee: Add support for session login client UUID generation") Suggested-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>