optee_private.h 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422
  1. /* SPDX-License-Identifier: GPL-2.0-only */
  2. /*
  3. * Copyright (c) 2015-2021, 2023 Linaro Limited
  4. */
  5. #ifndef OPTEE_PRIVATE_H
  6. #define OPTEE_PRIVATE_H
  7. #include <linux/arm-smccc.h>
  8. #include <linux/notifier.h>
  9. #include <linux/rhashtable.h>
  10. #include <linux/rpmb.h>
  11. #include <linux/semaphore.h>
  12. #include <linux/tee_core.h>
  13. #include <linux/types.h>
  14. #include "optee_msg.h"
  15. #define DRIVER_NAME "optee"
  16. #define OPTEE_MAX_ARG_SIZE 1024
  17. /* Some Global Platform error codes used in this driver */
  18. #define TEEC_SUCCESS 0x00000000
  19. #define TEEC_ERROR_BAD_PARAMETERS 0xFFFF0006
  20. #define TEEC_ERROR_ITEM_NOT_FOUND 0xFFFF0008
  21. #define TEEC_ERROR_NOT_SUPPORTED 0xFFFF000A
  22. #define TEEC_ERROR_COMMUNICATION 0xFFFF000E
  23. #define TEEC_ERROR_OUT_OF_MEMORY 0xFFFF000C
  24. #define TEEC_ERROR_BUSY 0xFFFF000D
  25. #define TEEC_ERROR_SHORT_BUFFER 0xFFFF0010
  26. /* API Return Codes are from the GP TEE Internal Core API Specification */
  27. #define TEE_ERROR_TIMEOUT 0xFFFF3001
  28. #define TEE_ERROR_STORAGE_NOT_AVAILABLE 0xF0100003
  29. #define TEEC_ORIGIN_COMMS 0x00000002
  30. /*
  31. * This value should be larger than the number threads in secure world to
  32. * meet the need from secure world. The number of threads in secure world
  33. * are usually not even close to 255 so we should be safe for now.
  34. */
  35. #define OPTEE_DEFAULT_MAX_NOTIF_VALUE 255
  36. typedef void (optee_invoke_fn)(unsigned long, unsigned long, unsigned long,
  37. unsigned long, unsigned long, unsigned long,
  38. unsigned long, unsigned long,
  39. struct arm_smccc_res *);
  40. /*
  41. * struct optee_call_waiter - TEE entry may need to wait for a free TEE thread
  42. * @list_node Reference in waiters list
  43. * @c Waiting completion reference
  44. * @sys_thread True if waiter belongs to a system thread
  45. */
  46. struct optee_call_waiter {
  47. struct list_head list_node;
  48. struct completion c;
  49. bool sys_thread;
  50. };
  51. /*
  52. * struct optee_call_queue - OP-TEE call queue management
  53. * @mutex Serializes access to this struct
  54. * @waiters List of threads waiting to enter OP-TEE
  55. * @total_thread_count Overall number of thread context in OP-TEE or 0
  56. * @free_thread_count Number of threads context free in OP-TEE
  57. * @sys_thread_req_count Number of registered system thread sessions
  58. */
  59. struct optee_call_queue {
  60. /* Serializes access to this struct */
  61. struct mutex mutex;
  62. struct list_head waiters;
  63. int total_thread_count;
  64. int free_thread_count;
  65. int sys_thread_req_count;
  66. };
  67. struct optee_notif {
  68. u_int max_key;
  69. /* Serializes access to the elements below in this struct */
  70. spinlock_t lock;
  71. struct list_head db;
  72. u_long *bitmap;
  73. };
  74. #define OPTEE_SHM_ARG_ALLOC_PRIV BIT(0)
  75. #define OPTEE_SHM_ARG_SHARED BIT(1)
  76. struct optee_shm_arg_entry;
  77. struct optee_shm_arg_cache {
  78. u32 flags;
  79. /* Serializes access to this struct */
  80. struct mutex mutex;
  81. struct list_head shm_args;
  82. };
  83. /**
  84. * struct optee_supp - supplicant synchronization struct
  85. * @ctx the context of current connected supplicant.
  86. * if !NULL the supplicant device is available for use,
  87. * else busy
  88. * @mutex: held while accessing content of this struct
  89. * @req_id: current request id if supplicant is doing synchronous
  90. * communication, else -1
  91. * @reqs: queued request not yet retrieved by supplicant
  92. * @idr: IDR holding all requests currently being processed
  93. * by supplicant
  94. * @reqs_c: completion used by supplicant when waiting for a
  95. * request to be queued.
  96. */
  97. struct optee_supp {
  98. /* Serializes access to this struct */
  99. struct mutex mutex;
  100. struct tee_context *ctx;
  101. int req_id;
  102. struct list_head reqs;
  103. struct idr idr;
  104. struct completion reqs_c;
  105. };
  106. /*
  107. * struct optee_pcpu - per cpu notif private struct passed to work functions
  108. * @optee optee device reference
  109. */
  110. struct optee_pcpu {
  111. struct optee *optee;
  112. };
  113. /*
  114. * struct optee_smc - optee smc communication struct
  115. * @invoke_fn handler function to invoke secure monitor
  116. * @memremaped_shm virtual address of memory in shared memory pool
  117. * @sec_caps: secure world capabilities defined by
  118. * OPTEE_SMC_SEC_CAP_* in optee_smc.h
  119. * @notif_irq interrupt used as async notification by OP-TEE or 0
  120. * @optee_pcpu per_cpu optee instance for per cpu work or NULL
  121. * @notif_pcpu_wq workqueue for per cpu asynchronous notification or NULL
  122. * @notif_pcpu_work work for per cpu asynchronous notification
  123. * @notif_cpuhp_state CPU hotplug state assigned for pcpu interrupt management
  124. */
  125. struct optee_smc {
  126. optee_invoke_fn *invoke_fn;
  127. void *memremaped_shm;
  128. u32 sec_caps;
  129. unsigned int notif_irq;
  130. struct optee_pcpu __percpu *optee_pcpu;
  131. struct workqueue_struct *notif_pcpu_wq;
  132. struct work_struct notif_pcpu_work;
  133. unsigned int notif_cpuhp_state;
  134. };
  135. /**
  136. * struct optee_ffa_data - FFA communication struct
  137. * @ffa_dev FFA device, contains the destination id, the id of
  138. * OP-TEE in secure world
  139. * @bottom_half_value Notification ID used for bottom half signalling or
  140. * U32_MAX if unused
  141. * @mutex Serializes access to @global_ids
  142. * @global_ids FF-A shared memory global handle translation
  143. */
  144. struct optee_ffa {
  145. struct ffa_device *ffa_dev;
  146. u32 bottom_half_value;
  147. /* Serializes access to @global_ids */
  148. struct mutex mutex;
  149. struct rhashtable global_ids;
  150. struct workqueue_struct *notif_wq;
  151. struct work_struct notif_work;
  152. };
  153. struct optee;
  154. /**
  155. * struct optee_revision - OP-TEE OS revision reported by secure world
  156. * @os_major: OP-TEE OS major version
  157. * @os_minor: OP-TEE OS minor version
  158. * @os_build_id: OP-TEE OS build identifier (0 if unspecified)
  159. *
  160. * Values come from OPTEE_SMC_CALL_GET_OS_REVISION (SMC ABI) or
  161. * OPTEE_FFA_GET_OS_VERSION (FF-A ABI); this is the trusted OS revision, not an
  162. * FF-A ABI version.
  163. */
  164. struct optee_revision {
  165. u32 os_major;
  166. u32 os_minor;
  167. u64 os_build_id;
  168. };
  169. int optee_get_revision(struct tee_device *teedev, char *buf, size_t len);
  170. /**
  171. * struct optee_ops - OP-TEE driver internal operations
  172. * @do_call_with_arg: enters OP-TEE in secure world
  173. * @to_msg_param: converts from struct tee_param to OPTEE_MSG parameters
  174. * @from_msg_param: converts from OPTEE_MSG parameters to struct tee_param
  175. * @lend_protmem: lends physically contiguous memory as restricted
  176. * memory, inaccessible by the kernel
  177. * @reclaim_protmem: reclaims restricted memory previously lent with
  178. * @lend_protmem() and makes it accessible by the
  179. * kernel again
  180. *
  181. * These OPs are only supposed to be used internally in the OP-TEE driver
  182. * as a way of abstracting the different methods of entering OP-TEE in
  183. * secure world.
  184. */
  185. struct optee_ops {
  186. int (*do_call_with_arg)(struct tee_context *ctx,
  187. struct tee_shm *shm_arg, u_int offs,
  188. bool system_thread);
  189. int (*to_msg_param)(struct optee *optee,
  190. struct optee_msg_param *msg_params,
  191. size_t num_params, const struct tee_param *params);
  192. int (*from_msg_param)(struct optee *optee, struct tee_param *params,
  193. size_t num_params,
  194. const struct optee_msg_param *msg_params);
  195. int (*lend_protmem)(struct optee *optee, struct tee_shm *protmem,
  196. u32 *mem_attr, unsigned int ma_count,
  197. u32 use_case);
  198. int (*reclaim_protmem)(struct optee *optee, struct tee_shm *protmem);
  199. };
  200. /**
  201. * struct optee - main service struct
  202. * @supp_teedev: supplicant device
  203. * @teedev: client device
  204. * @ops: internal callbacks for different ways to reach secure
  205. * world
  206. * @ctx: driver internal TEE context
  207. * @smc: specific to SMC ABI
  208. * @ffa: specific to FF-A ABI
  209. * @call_queue: queue of threads waiting to call @invoke_fn
  210. * @notif: notification synchronization struct
  211. * @supp: supplicant synchronization struct for RPC to supplicant
  212. * @pool: shared memory pool
  213. * @mutex: mutex protecting @rpmb_dev
  214. * @rpmb_dev: current RPMB device or NULL
  215. * @rpmb_scan_bus_done flag if device registation of RPMB dependent devices
  216. * was already done
  217. * @rpmb_scan_bus_work workq to for an RPMB device and to scan optee bus
  218. * and register RPMB dependent optee drivers
  219. * @rpc_param_count: If > 0 number of RPC parameters to make room for
  220. * @scan_bus_done flag if device registation was already done.
  221. * @scan_bus_work workq to scan optee bus and register optee drivers
  222. */
  223. struct optee {
  224. struct tee_device *supp_teedev;
  225. struct tee_device *teedev;
  226. const struct optee_ops *ops;
  227. struct tee_context *ctx;
  228. union {
  229. struct optee_smc smc;
  230. struct optee_ffa ffa;
  231. };
  232. struct optee_shm_arg_cache shm_arg_cache;
  233. struct optee_call_queue call_queue;
  234. struct optee_notif notif;
  235. struct optee_supp supp;
  236. struct tee_shm_pool *pool;
  237. /* Protects rpmb_dev pointer */
  238. struct mutex rpmb_dev_mutex;
  239. struct rpmb_dev *rpmb_dev;
  240. struct notifier_block rpmb_intf;
  241. unsigned int rpc_param_count;
  242. bool scan_bus_done;
  243. bool rpmb_scan_bus_done;
  244. bool in_kernel_rpmb_routing;
  245. struct work_struct scan_bus_work;
  246. struct work_struct rpmb_scan_bus_work;
  247. struct optee_revision revision;
  248. };
  249. struct optee_session {
  250. struct list_head list_node;
  251. u32 session_id;
  252. bool use_sys_thread;
  253. };
  254. struct optee_context_data {
  255. /* Serializes access to this struct */
  256. struct mutex mutex;
  257. struct list_head sess_list;
  258. };
  259. struct optee_rpc_param {
  260. u32 a0;
  261. u32 a1;
  262. u32 a2;
  263. u32 a3;
  264. u32 a4;
  265. u32 a5;
  266. u32 a6;
  267. u32 a7;
  268. };
  269. /* Holds context that is preserved during one STD call */
  270. struct optee_call_ctx {
  271. /* information about pages list used in last allocation */
  272. void *pages_list;
  273. size_t num_entries;
  274. };
  275. extern struct blocking_notifier_head optee_rpmb_intf_added;
  276. int optee_set_dma_mask(struct optee *optee, u_int pa_width);
  277. int optee_notif_init(struct optee *optee, u_int max_key);
  278. void optee_notif_uninit(struct optee *optee);
  279. int optee_notif_wait(struct optee *optee, u_int key, u32 timeout);
  280. int optee_notif_send(struct optee *optee, u_int key);
  281. u32 optee_supp_thrd_req(struct tee_context *ctx, u32 func, size_t num_params,
  282. struct tee_param *param);
  283. void optee_supp_init(struct optee_supp *supp);
  284. void optee_supp_uninit(struct optee_supp *supp);
  285. void optee_supp_release(struct optee_supp *supp);
  286. struct tee_protmem_pool *optee_protmem_alloc_dyn_pool(struct optee *optee,
  287. enum tee_dma_heap_id id);
  288. int optee_supp_recv(struct tee_context *ctx, u32 *func, u32 *num_params,
  289. struct tee_param *param);
  290. int optee_supp_send(struct tee_context *ctx, u32 ret, u32 num_params,
  291. struct tee_param *param);
  292. int optee_open_session(struct tee_context *ctx,
  293. struct tee_ioctl_open_session_arg *arg,
  294. struct tee_param *param);
  295. int optee_system_session(struct tee_context *ctx, u32 session);
  296. int optee_close_session_helper(struct tee_context *ctx, u32 session,
  297. bool system_thread);
  298. int optee_close_session(struct tee_context *ctx, u32 session);
  299. int optee_invoke_func(struct tee_context *ctx, struct tee_ioctl_invoke_arg *arg,
  300. struct tee_param *param);
  301. int optee_cancel_req(struct tee_context *ctx, u32 cancel_id, u32 session);
  302. #define PTA_CMD_GET_DEVICES 0x0
  303. #define PTA_CMD_GET_DEVICES_SUPP 0x1
  304. #define PTA_CMD_GET_DEVICES_RPMB 0x2
  305. int optee_enumerate_devices(u32 func);
  306. void optee_unregister_devices(void);
  307. void optee_bus_scan_rpmb(struct work_struct *work);
  308. int optee_rpmb_intf_rdev(struct notifier_block *intf, unsigned long action,
  309. void *data);
  310. void optee_set_dev_group(struct optee *optee);
  311. void optee_remove_common(struct optee *optee);
  312. int optee_open(struct tee_context *ctx, bool cap_memref_null);
  313. void optee_release(struct tee_context *ctx);
  314. void optee_release_supp(struct tee_context *ctx);
  315. static inline void optee_from_msg_param_value(struct tee_param *p, u32 attr,
  316. const struct optee_msg_param *mp)
  317. {
  318. p->attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT +
  319. attr - OPTEE_MSG_ATTR_TYPE_VALUE_INPUT;
  320. p->u.value.a = mp->u.value.a;
  321. p->u.value.b = mp->u.value.b;
  322. p->u.value.c = mp->u.value.c;
  323. }
  324. static inline void optee_to_msg_param_value(struct optee_msg_param *mp,
  325. const struct tee_param *p)
  326. {
  327. mp->attr = OPTEE_MSG_ATTR_TYPE_VALUE_INPUT + p->attr -
  328. TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT;
  329. mp->u.value.a = p->u.value.a;
  330. mp->u.value.b = p->u.value.b;
  331. mp->u.value.c = p->u.value.c;
  332. }
  333. void optee_cq_init(struct optee_call_queue *cq, int thread_count);
  334. void optee_cq_wait_init(struct optee_call_queue *cq,
  335. struct optee_call_waiter *w, bool sys_thread);
  336. void optee_cq_wait_for_completion(struct optee_call_queue *cq,
  337. struct optee_call_waiter *w);
  338. void optee_cq_wait_final(struct optee_call_queue *cq,
  339. struct optee_call_waiter *w);
  340. int optee_check_mem_type(unsigned long start, size_t num_pages);
  341. void optee_shm_arg_cache_init(struct optee *optee, u32 flags);
  342. void optee_shm_arg_cache_uninit(struct optee *optee);
  343. struct optee_msg_arg *optee_get_msg_arg(struct tee_context *ctx,
  344. size_t num_params,
  345. struct optee_shm_arg_entry **entry,
  346. struct tee_shm **shm_ret,
  347. u_int *offs);
  348. void optee_free_msg_arg(struct tee_context *ctx,
  349. struct optee_shm_arg_entry *entry, u_int offs);
  350. size_t optee_msg_arg_size(size_t rpc_param_count);
  351. struct tee_shm *optee_rpc_cmd_alloc_suppl(struct tee_context *ctx, size_t sz);
  352. void optee_rpc_cmd_free_suppl(struct tee_context *ctx, struct tee_shm *shm);
  353. void optee_rpc_cmd(struct tee_context *ctx, struct optee *optee,
  354. struct optee_msg_arg *arg);
  355. int optee_do_bottom_half(struct tee_context *ctx);
  356. int optee_stop_async_notif(struct tee_context *ctx);
  357. /*
  358. * Small helpers
  359. */
  360. static inline void *reg_pair_to_ptr(u32 reg0, u32 reg1)
  361. {
  362. return (void *)(unsigned long)(((u64)reg0 << 32) | reg1);
  363. }
  364. static inline void reg_pair_from_64(u32 *reg0, u32 *reg1, u64 val)
  365. {
  366. *reg0 = val >> 32;
  367. *reg1 = val;
  368. }
  369. /* Registration of the ABIs */
  370. int optee_smc_abi_register(void);
  371. void optee_smc_abi_unregister(void);
  372. int optee_ffa_abi_register(void);
  373. void optee_ffa_abi_unregister(void);
  374. #endif /*OPTEE_PRIVATE_H*/