qcomtee_object.h 10 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316
  1. /* SPDX-License-Identifier: GPL-2.0-only */
  2. /*
  3. * Copyright (c) Qualcomm Technologies, Inc. and/or its subsidiaries.
  4. */
  5. #ifndef QCOMTEE_OBJECT_H
  6. #define QCOMTEE_OBJECT_H
  7. #include <linux/completion.h>
  8. #include <linux/kref.h>
  9. #include <linux/slab.h>
  10. #include <linux/workqueue.h>
  11. struct qcomtee_object;
  12. /**
  13. * DOC: Overview
  14. *
  15. * qcomtee_object provides object refcounting, ID allocation for objects hosted
  16. * in the kernel, and necessary message marshaling for Qualcomm TEE (QTEE).
  17. *
  18. * To invoke an object in QTEE, the user calls qcomtee_object_do_invoke()
  19. * while passing an instance of &struct qcomtee_object and the requested
  20. * operation + arguments.
  21. *
  22. * After boot, QTEE provides a static object %ROOT_QCOMTEE_OBJECT (type of
  23. * %QCOMTEE_OBJECT_TYPE_ROOT). The root object is invoked to pass the user's
  24. * credentials and obtain other instances of &struct qcomtee_object (type of
  25. * %QCOMTEE_OBJECT_TYPE_TEE) that represent services and TAs in QTEE;
  26. * see &enum qcomtee_object_type.
  27. *
  28. * The objects received from QTEE are refcounted. So the owner of these objects
  29. * can issue qcomtee_object_get() to increase the refcount and pass objects
  30. * to other clients, or issue qcomtee_object_put() to decrease the refcount
  31. * and release the resources in QTEE.
  32. *
  33. * The kernel can host services accessible to QTEE. A driver should embed
  34. * an instance of &struct qcomtee_object in the struct it wants to export to
  35. * QTEE (this is called a callback object). It issues qcomtee_object_user_init()
  36. * to set the dispatch() operation for the callback object and set its type
  37. * to %QCOMTEE_OBJECT_TYPE_CB.
  38. *
  39. * core.c holds an object table for callback objects. An object ID is assigned
  40. * to each callback object, which is an index to the object table. QTEE uses
  41. * these IDs to reference or invoke callback objects.
  42. *
  43. * If QTEE invokes a callback object in the kernel, the dispatch() operation is
  44. * called in the context of the thread that originally called
  45. * qcomtee_object_do_invoke().
  46. */
  47. /**
  48. * enum qcomtee_object_type - Object types.
  49. * @QCOMTEE_OBJECT_TYPE_TEE: object hosted on QTEE.
  50. * @QCOMTEE_OBJECT_TYPE_CB: object hosted on kernel.
  51. * @QCOMTEE_OBJECT_TYPE_ROOT: 'primordial' object.
  52. * @QCOMTEE_OBJECT_TYPE_NULL: NULL object.
  53. *
  54. * The primordial object is used for bootstrapping the IPC connection between
  55. * the kernel and QTEE. It is invoked by the kernel when it wants to get a
  56. * 'client env'.
  57. */
  58. enum qcomtee_object_type {
  59. QCOMTEE_OBJECT_TYPE_TEE,
  60. QCOMTEE_OBJECT_TYPE_CB,
  61. QCOMTEE_OBJECT_TYPE_ROOT,
  62. QCOMTEE_OBJECT_TYPE_NULL,
  63. };
  64. /**
  65. * enum qcomtee_arg_type - Type of QTEE argument.
  66. * @QCOMTEE_ARG_TYPE_INV: invalid type.
  67. * @QCOMTEE_ARG_TYPE_OB: output buffer (OB).
  68. * @QCOMTEE_ARG_TYPE_OO: output object (OO).
  69. * @QCOMTEE_ARG_TYPE_IB: input buffer (IB).
  70. * @QCOMTEE_ARG_TYPE_IO: input object (IO).
  71. *
  72. * Use the invalid type to specify the end of the argument array.
  73. */
  74. enum qcomtee_arg_type {
  75. QCOMTEE_ARG_TYPE_INV = 0,
  76. QCOMTEE_ARG_TYPE_OB,
  77. QCOMTEE_ARG_TYPE_OO,
  78. QCOMTEE_ARG_TYPE_IB,
  79. QCOMTEE_ARG_TYPE_IO,
  80. QCOMTEE_ARG_TYPE_NR,
  81. };
  82. /**
  83. * define QCOMTEE_ARGS_PER_TYPE - Maximum arguments of a specific type.
  84. *
  85. * The QTEE transport protocol limits the maximum number of arguments of
  86. * a specific type (i.e., IB, OB, IO, and OO).
  87. */
  88. #define QCOMTEE_ARGS_PER_TYPE 16
  89. /* Maximum arguments that can fit in a QTEE message, ignoring the type. */
  90. #define QCOMTEE_ARGS_MAX (QCOMTEE_ARGS_PER_TYPE * (QCOMTEE_ARG_TYPE_NR - 1))
  91. struct qcomtee_buffer {
  92. union {
  93. void *addr;
  94. void __user *uaddr;
  95. };
  96. size_t size;
  97. };
  98. /**
  99. * struct qcomtee_arg - Argument for QTEE object invocation.
  100. * @type: type of argument as &enum qcomtee_arg_type.
  101. * @flags: extra flags.
  102. * @b: address and size if the type of argument is a buffer.
  103. * @o: object instance if the type of argument is an object.
  104. *
  105. * &qcomtee_arg.flags only accepts %QCOMTEE_ARG_FLAGS_UADDR for now, which
  106. * states that &qcomtee_arg.b contains a userspace address in uaddr.
  107. */
  108. struct qcomtee_arg {
  109. enum qcomtee_arg_type type;
  110. /* 'b.uaddr' holds a __user address. */
  111. #define QCOMTEE_ARG_FLAGS_UADDR BIT(0)
  112. unsigned int flags;
  113. union {
  114. struct qcomtee_buffer b;
  115. struct qcomtee_object *o;
  116. };
  117. };
  118. static inline int qcomtee_args_len(struct qcomtee_arg *args)
  119. {
  120. int i = 0;
  121. while (args[i].type != QCOMTEE_ARG_TYPE_INV)
  122. i++;
  123. return i;
  124. }
  125. /* Context is busy (callback is in progress). */
  126. #define QCOMTEE_OIC_FLAG_BUSY BIT(1)
  127. /* Context needs to notify the current object. */
  128. #define QCOMTEE_OIC_FLAG_NOTIFY BIT(2)
  129. /* Context has shared state with QTEE. */
  130. #define QCOMTEE_OIC_FLAG_SHARED BIT(3)
  131. /**
  132. * struct qcomtee_object_invoke_ctx - QTEE context for object invocation.
  133. * @ctx: TEE context for this invocation.
  134. * @flags: flags for the invocation context.
  135. * @errno: error code for the invocation.
  136. * @object: current object invoked in this callback context.
  137. * @u: array of arguments for the current invocation (+1 for ending arg).
  138. * @in_msg: inbound buffer shared with QTEE.
  139. * @out_msg: outbound buffer shared with QTEE.
  140. * @in_shm: TEE shm allocated for inbound buffer.
  141. * @out_shm: TEE shm allocated for outbound buffer.
  142. * @data: extra data attached to this context.
  143. */
  144. struct qcomtee_object_invoke_ctx {
  145. struct tee_context *ctx;
  146. unsigned long flags;
  147. int errno;
  148. struct qcomtee_object *object;
  149. struct qcomtee_arg u[QCOMTEE_ARGS_MAX + 1];
  150. struct qcomtee_buffer in_msg;
  151. struct qcomtee_buffer out_msg;
  152. struct tee_shm *in_shm;
  153. struct tee_shm *out_shm;
  154. void *data;
  155. };
  156. static inline struct qcomtee_object_invoke_ctx *
  157. qcomtee_object_invoke_ctx_alloc(struct tee_context *ctx)
  158. {
  159. struct qcomtee_object_invoke_ctx *oic;
  160. oic = kzalloc_obj(*oic);
  161. if (oic)
  162. oic->ctx = ctx;
  163. return oic;
  164. }
  165. /**
  166. * qcomtee_object_do_invoke() - Submit an invocation for an object.
  167. * @oic: context to use for the current invocation.
  168. * @object: object being invoked.
  169. * @op: requested operation on the object.
  170. * @u: array of arguments for the current invocation.
  171. * @result: result returned from QTEE.
  172. *
  173. * The caller is responsible for keeping track of the refcount for each object,
  174. * including @object. On return, the caller loses ownership of all input
  175. * objects of type %QCOMTEE_OBJECT_TYPE_CB.
  176. *
  177. * @object can be of %QCOMTEE_OBJECT_TYPE_ROOT or %QCOMTEE_OBJECT_TYPE_TEE.
  178. *
  179. * Return: On success, returns 0; on failure, returns < 0.
  180. */
  181. int qcomtee_object_do_invoke(struct qcomtee_object_invoke_ctx *oic,
  182. struct qcomtee_object *object, u32 op,
  183. struct qcomtee_arg *u, int *result);
  184. /**
  185. * struct qcomtee_object_operations - Callback object operations.
  186. * @release: release the object if QTEE is not using it.
  187. * @dispatch: dispatch the operation requested by QTEE.
  188. * @notify: report the status of any pending response submitted by @dispatch.
  189. */
  190. struct qcomtee_object_operations {
  191. void (*release)(struct qcomtee_object *object);
  192. int (*dispatch)(struct qcomtee_object_invoke_ctx *oic,
  193. struct qcomtee_object *object, u32 op,
  194. struct qcomtee_arg *args);
  195. void (*notify)(struct qcomtee_object_invoke_ctx *oic,
  196. struct qcomtee_object *object, int err);
  197. };
  198. /**
  199. * struct qcomtee_object - QTEE or kernel object.
  200. * @name: object name.
  201. * @refcount: reference counter.
  202. * @object_type: object type as &enum qcomtee_object_type.
  203. * @info: extra information for the object.
  204. * @ops: callback operations for objects of type %QCOMTEE_OBJECT_TYPE_CB.
  205. * @work: work for async operations on the object.
  206. *
  207. * @work is used for releasing objects of %QCOMTEE_OBJECT_TYPE_TEE type.
  208. */
  209. struct qcomtee_object {
  210. const char *name;
  211. struct kref refcount;
  212. enum qcomtee_object_type object_type;
  213. struct object_info {
  214. unsigned long qtee_id;
  215. /* TEE context for QTEE object async requests. */
  216. struct tee_context *qcomtee_async_ctx;
  217. } info;
  218. struct qcomtee_object_operations *ops;
  219. struct work_struct work;
  220. };
  221. /* Static instances of qcomtee_object objects. */
  222. #define NULL_QCOMTEE_OBJECT ((struct qcomtee_object *)(0))
  223. extern struct qcomtee_object qcomtee_object_root;
  224. #define ROOT_QCOMTEE_OBJECT (&qcomtee_object_root)
  225. static inline enum qcomtee_object_type
  226. typeof_qcomtee_object(struct qcomtee_object *object)
  227. {
  228. if (object == NULL_QCOMTEE_OBJECT)
  229. return QCOMTEE_OBJECT_TYPE_NULL;
  230. return object->object_type;
  231. }
  232. static inline const char *qcomtee_object_name(struct qcomtee_object *object)
  233. {
  234. if (object == NULL_QCOMTEE_OBJECT)
  235. return "null";
  236. if (!object->name)
  237. return "no-name";
  238. return object->name;
  239. }
  240. /**
  241. * qcomtee_object_user_init() - Initialize an object for the user.
  242. * @object: object to initialize.
  243. * @ot: type of object as &enum qcomtee_object_type.
  244. * @ops: instance of callbacks.
  245. * @fmt: name assigned to the object.
  246. *
  247. * Return: On success, returns 0; on failure, returns < 0.
  248. */
  249. int qcomtee_object_user_init(struct qcomtee_object *object,
  250. enum qcomtee_object_type ot,
  251. struct qcomtee_object_operations *ops,
  252. const char *fmt, ...) __printf(4, 5);
  253. /* Object release is RCU protected. */
  254. int qcomtee_object_get(struct qcomtee_object *object);
  255. void qcomtee_object_put(struct qcomtee_object *object);
  256. #define qcomtee_arg_for_each(i, args) \
  257. for (i = 0; args[i].type != QCOMTEE_ARG_TYPE_INV; i++)
  258. /* Next argument of type @type after index @i. */
  259. int qcomtee_next_arg_type(struct qcomtee_arg *u, int i,
  260. enum qcomtee_arg_type type);
  261. /* Iterate over argument of given type. */
  262. #define qcomtee_arg_for_each_type(i, args, at) \
  263. for (i = qcomtee_next_arg_type(args, 0, at); \
  264. args[i].type != QCOMTEE_ARG_TYPE_INV; \
  265. i = qcomtee_next_arg_type(args, i + 1, at))
  266. #define qcomtee_arg_for_each_input_buffer(i, args) \
  267. qcomtee_arg_for_each_type(i, args, QCOMTEE_ARG_TYPE_IB)
  268. #define qcomtee_arg_for_each_output_buffer(i, args) \
  269. qcomtee_arg_for_each_type(i, args, QCOMTEE_ARG_TYPE_OB)
  270. #define qcomtee_arg_for_each_input_object(i, args) \
  271. qcomtee_arg_for_each_type(i, args, QCOMTEE_ARG_TYPE_IO)
  272. #define qcomtee_arg_for_each_output_object(i, args) \
  273. qcomtee_arg_for_each_type(i, args, QCOMTEE_ARG_TYPE_OO)
  274. struct qcomtee_object *
  275. qcomtee_object_get_client_env(struct qcomtee_object_invoke_ctx *oic);
  276. struct qcomtee_object *
  277. qcomtee_object_get_service(struct qcomtee_object_invoke_ctx *oic,
  278. struct qcomtee_object *client_env, u32 uid);
  279. #endif /* QCOMTEE_OBJECT_H */