From: jens.wiklander@linaro.org (Jens Wiklander)
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH v6 3/6] dt/bindings: add bindings for optee
Date: Thu, 19 Nov 2015 10:18:11 +0100 [thread overview]
Message-ID: <20151119091810.GA15974@ermac> (raw)
In-Reply-To: <20151116170109.GA20076@rob-hp-laptop>
On Mon, Nov 16, 2015 at 11:01:10AM -0600, Rob Herring wrote:
> On Thu, Oct 29, 2015 at 09:21:25AM +0100, Jens Wiklander wrote:
> > Introduces optee prefix and adds bindings for ARM TrustZone based OP-TEE
> > implementation.
> >
> > Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
> > ---
> > .../bindings/arm/firmware/optee,optee-tz.txt | 29 ++++++++++++++++++++++
> > .../devicetree/bindings/vendor-prefixes.txt | 1 +
> > 2 files changed, 30 insertions(+)
> > create mode 100644 Documentation/devicetree/bindings/arm/firmware/optee,optee-tz.txt
> >
> > diff --git a/Documentation/devicetree/bindings/arm/firmware/optee,optee-tz.txt b/Documentation/devicetree/bindings/arm/firmware/optee,optee-tz.txt
> > new file mode 100644
> > index 0000000..0a8ed0d
> > --- /dev/null
> > +++ b/Documentation/devicetree/bindings/arm/firmware/optee,optee-tz.txt
> > @@ -0,0 +1,29 @@
> > +OP-TEE Device Tree Bindings
> > +
> > +OP-TEE is a piece of software using hardware features to provide a Trusted
> > +Execution Environment. The security can be provided with ARM TrustZone, but
> > +also by virtualization or a separate chip. As there's no single OP-TEE
> > +vendor we're using "optee" as the first part of compatible property,
> > +indicating the OP-TEE protocol is used when communicating with the secure
> > +world.
> > +
> > +* OP-TEE based on ARM TrustZone required properties:
> > +
> > +- compatible : should contain "optee,optee-tz"
>
> I would leave off optee as a vendor. Different implementations by
> vendors should then add their vendor prefix as they all have the chance
> to screw-up something. I suppose we could do "linaro" as the reference
> implementation.
OK, I'll use "linaro" then.
>
> > +
> > +- method : The method of calling the OP-TEE Trusted OS. Permitted
> > + values are:
> > +
> > + "smc" : SMC #0, with the register assignments specified
> > + in drivers/tee/optee/optee_smc.h
> > +
> > + "hvc" : HVC #0, with the register assignments specified
> > + in drivers/tee/optee/optee_smc.h
>
> The use here would be a guest VM calling thru to hypervisor and then
> hypervisor calling optee?
Yes, the hypervisor needs to be involved (translating IPA to PA etc)
when invoking secure world.
>
> > +
> > +
> > +
> > +Example:
> > + optee {
>
> This should go under a /firmware node similar to
> Documentation/devicetree/bindings/arm/firmware/tlm,trusted-foundations.txt.
I tried that and discovered that a
compatible = "simple-bus";
is needed for the firmware node for optee to get probed. Is it OK to write
the example as:
firmware {
compatible = "simple-bus";
optee {
...
Thanks,
Jens
WARNING: multiple messages have this Message-ID (diff)
From: Jens Wiklander <jens.wiklander-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>
To: Rob Herring <robh-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
Cc: linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-arm-kernel-IAPFreCvJWM7uuMidbF8XUB+6BGkLq7r@public.gmane.org,
devicetree-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
Arnd Bergmann <arnd-r2nGTMty4D4@public.gmane.org>,
Greg Kroah-Hartman
<gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org>,
Kees Cook <keescook-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>,
valentin.manea-hv44wF8Li93QT0dZR+AlfA@public.gmane.org,
jean-michel.delorme-qxv4g6HH51o@public.gmane.org,
emmanuel.michel-qxv4g6HH51o@public.gmane.org,
javier-5MUHepqpBA1BDgjK7y7TUQ@public.gmane.org,
Jason Gunthorpe
<jgunthorpe-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>,
Mark Rutland <mark.rutland-5wv7dgnIgG8@public.gmane.org>,
Michal Simek
<michal.simek-gjFFaj9aHVfQT0dZR+AlfA@public.gmane.org>,
Will Deacon <will.deacon-5wv7dgnIgG8@public.gmane.org>
Subject: Re: [PATCH v6 3/6] dt/bindings: add bindings for optee
Date: Thu, 19 Nov 2015 10:18:11 +0100 [thread overview]
Message-ID: <20151119091810.GA15974@ermac> (raw)
In-Reply-To: <20151116170109.GA20076@rob-hp-laptop>
On Mon, Nov 16, 2015 at 11:01:10AM -0600, Rob Herring wrote:
> On Thu, Oct 29, 2015 at 09:21:25AM +0100, Jens Wiklander wrote:
> > Introduces optee prefix and adds bindings for ARM TrustZone based OP-TEE
> > implementation.
> >
> > Signed-off-by: Jens Wiklander <jens.wiklander-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>
> > ---
> > .../bindings/arm/firmware/optee,optee-tz.txt | 29 ++++++++++++++++++++++
> > .../devicetree/bindings/vendor-prefixes.txt | 1 +
> > 2 files changed, 30 insertions(+)
> > create mode 100644 Documentation/devicetree/bindings/arm/firmware/optee,optee-tz.txt
> >
> > diff --git a/Documentation/devicetree/bindings/arm/firmware/optee,optee-tz.txt b/Documentation/devicetree/bindings/arm/firmware/optee,optee-tz.txt
> > new file mode 100644
> > index 0000000..0a8ed0d
> > --- /dev/null
> > +++ b/Documentation/devicetree/bindings/arm/firmware/optee,optee-tz.txt
> > @@ -0,0 +1,29 @@
> > +OP-TEE Device Tree Bindings
> > +
> > +OP-TEE is a piece of software using hardware features to provide a Trusted
> > +Execution Environment. The security can be provided with ARM TrustZone, but
> > +also by virtualization or a separate chip. As there's no single OP-TEE
> > +vendor we're using "optee" as the first part of compatible property,
> > +indicating the OP-TEE protocol is used when communicating with the secure
> > +world.
> > +
> > +* OP-TEE based on ARM TrustZone required properties:
> > +
> > +- compatible : should contain "optee,optee-tz"
>
> I would leave off optee as a vendor. Different implementations by
> vendors should then add their vendor prefix as they all have the chance
> to screw-up something. I suppose we could do "linaro" as the reference
> implementation.
OK, I'll use "linaro" then.
>
> > +
> > +- method : The method of calling the OP-TEE Trusted OS. Permitted
> > + values are:
> > +
> > + "smc" : SMC #0, with the register assignments specified
> > + in drivers/tee/optee/optee_smc.h
> > +
> > + "hvc" : HVC #0, with the register assignments specified
> > + in drivers/tee/optee/optee_smc.h
>
> The use here would be a guest VM calling thru to hypervisor and then
> hypervisor calling optee?
Yes, the hypervisor needs to be involved (translating IPA to PA etc)
when invoking secure world.
>
> > +
> > +
> > +
> > +Example:
> > + optee {
>
> This should go under a /firmware node similar to
> Documentation/devicetree/bindings/arm/firmware/tlm,trusted-foundations.txt.
I tried that and discovered that a
compatible = "simple-bus";
is needed for the firmware node for optee to get probed. Is it OK to write
the example as:
firmware {
compatible = "simple-bus";
optee {
...
Thanks,
Jens
--
To unsubscribe from this list: send the line "unsubscribe devicetree" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
WARNING: multiple messages have this Message-ID (diff)
From: Jens Wiklander <jens.wiklander@linaro.org>
To: Rob Herring <robh@kernel.org>
Cc: linux-kernel@vger.kernel.org,
linux-arm-kernel@lists.infradead.org, devicetree@vger.kernel.org,
Arnd Bergmann <arnd@arndb.de>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Kees Cook <keescook@chromium.org>,
valentin.manea@huawei.com, jean-michel.delorme@st.com,
emmanuel.michel@st.com, javier@javigon.com,
Jason Gunthorpe <jgunthorpe@obsidianresearch.com>,
Mark Rutland <mark.rutland@arm.com>,
Michal Simek <michal.simek@xilinx.com>,
Will Deacon <will.deacon@arm.com>
Subject: Re: [PATCH v6 3/6] dt/bindings: add bindings for optee
Date: Thu, 19 Nov 2015 10:18:11 +0100 [thread overview]
Message-ID: <20151119091810.GA15974@ermac> (raw)
In-Reply-To: <20151116170109.GA20076@rob-hp-laptop>
On Mon, Nov 16, 2015 at 11:01:10AM -0600, Rob Herring wrote:
> On Thu, Oct 29, 2015 at 09:21:25AM +0100, Jens Wiklander wrote:
> > Introduces optee prefix and adds bindings for ARM TrustZone based OP-TEE
> > implementation.
> >
> > Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
> > ---
> > .../bindings/arm/firmware/optee,optee-tz.txt | 29 ++++++++++++++++++++++
> > .../devicetree/bindings/vendor-prefixes.txt | 1 +
> > 2 files changed, 30 insertions(+)
> > create mode 100644 Documentation/devicetree/bindings/arm/firmware/optee,optee-tz.txt
> >
> > diff --git a/Documentation/devicetree/bindings/arm/firmware/optee,optee-tz.txt b/Documentation/devicetree/bindings/arm/firmware/optee,optee-tz.txt
> > new file mode 100644
> > index 0000000..0a8ed0d
> > --- /dev/null
> > +++ b/Documentation/devicetree/bindings/arm/firmware/optee,optee-tz.txt
> > @@ -0,0 +1,29 @@
> > +OP-TEE Device Tree Bindings
> > +
> > +OP-TEE is a piece of software using hardware features to provide a Trusted
> > +Execution Environment. The security can be provided with ARM TrustZone, but
> > +also by virtualization or a separate chip. As there's no single OP-TEE
> > +vendor we're using "optee" as the first part of compatible property,
> > +indicating the OP-TEE protocol is used when communicating with the secure
> > +world.
> > +
> > +* OP-TEE based on ARM TrustZone required properties:
> > +
> > +- compatible : should contain "optee,optee-tz"
>
> I would leave off optee as a vendor. Different implementations by
> vendors should then add their vendor prefix as they all have the chance
> to screw-up something. I suppose we could do "linaro" as the reference
> implementation.
OK, I'll use "linaro" then.
>
> > +
> > +- method : The method of calling the OP-TEE Trusted OS. Permitted
> > + values are:
> > +
> > + "smc" : SMC #0, with the register assignments specified
> > + in drivers/tee/optee/optee_smc.h
> > +
> > + "hvc" : HVC #0, with the register assignments specified
> > + in drivers/tee/optee/optee_smc.h
>
> The use here would be a guest VM calling thru to hypervisor and then
> hypervisor calling optee?
Yes, the hypervisor needs to be involved (translating IPA to PA etc)
when invoking secure world.
>
> > +
> > +
> > +
> > +Example:
> > + optee {
>
> This should go under a /firmware node similar to
> Documentation/devicetree/bindings/arm/firmware/tlm,trusted-foundations.txt.
I tried that and discovered that a
compatible = "simple-bus";
is needed for the firmware node for optee to get probed. Is it OK to write
the example as:
firmware {
compatible = "simple-bus";
optee {
...
Thanks,
Jens
next prev parent reply other threads:[~2015-11-19 9:18 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-10-29 8:21 [PATCH v6 0/6] generic TEE subsystem Jens Wiklander
2015-10-29 8:21 ` Jens Wiklander
2015-10-29 8:21 ` Jens Wiklander
2015-10-29 8:21 ` [PATCH v6 1/6] arm/arm64: add smccc Jens Wiklander
2015-10-29 8:21 ` Jens Wiklander
2015-10-29 8:21 ` Jens Wiklander
2015-11-02 11:51 ` Will Deacon
2015-11-02 11:51 ` Will Deacon
2015-11-02 11:51 ` Will Deacon
2015-11-02 13:56 ` Jens Wiklander
2015-11-02 13:56 ` Jens Wiklander
2015-11-02 14:03 ` Mark Rutland
2015-11-02 14:03 ` Mark Rutland
2015-11-02 14:03 ` Mark Rutland
2015-11-02 14:45 ` Will Deacon
2015-11-02 14:45 ` Will Deacon
2015-11-02 14:45 ` Will Deacon
2015-10-29 8:21 ` [PATCH v6 2/6] drivers: psci: replace psci firmware calls Jens Wiklander
2015-10-29 8:21 ` Jens Wiklander
2015-10-29 8:21 ` Jens Wiklander
2015-11-02 11:55 ` Will Deacon
2015-11-02 11:55 ` Will Deacon
2015-11-02 11:55 ` Will Deacon
2015-11-02 13:08 ` Jens Wiklander
2015-11-02 13:08 ` Jens Wiklander
2015-11-02 13:08 ` Jens Wiklander
2015-11-02 13:46 ` Will Deacon
2015-11-02 13:46 ` Will Deacon
2015-11-02 13:46 ` Will Deacon
2015-10-29 8:21 ` [PATCH v6 3/6] dt/bindings: add bindings for optee Jens Wiklander
2015-10-29 8:21 ` Jens Wiklander
2015-11-16 17:01 ` Rob Herring
2015-11-16 17:01 ` Rob Herring
2015-11-19 9:18 ` Jens Wiklander [this message]
2015-11-19 9:18 ` Jens Wiklander
2015-11-19 9:18 ` Jens Wiklander
2015-11-19 14:30 ` Rob Herring
2015-11-19 14:30 ` Rob Herring
2015-10-29 8:21 ` [PATCH v6 4/6] tee: generic TEE subsystem Jens Wiklander
2015-10-29 8:21 ` Jens Wiklander
2015-10-29 8:21 ` Jens Wiklander
2015-10-29 8:21 ` [PATCH v6 5/6] tee: add OP-TEE driver Jens Wiklander
2015-10-29 8:21 ` Jens Wiklander
2015-10-29 8:21 ` [PATCH v6 6/6] Documentation: tee subsystem and op-tee driver Jens Wiklander
2015-10-29 8:21 ` Jens Wiklander
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20151119091810.GA15974@ermac \
--to=jens.wiklander@linaro.org \
--cc=linux-arm-kernel@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.