linux-arm-kernel.lists.infradead.org archive mirror
 help / color / mirror / Atom feed
From: jgunthorpe@obsidianresearch.com (Jason Gunthorpe)
To: linux-arm-kernel@lists.infradead.org
Subject: [tpmdd-devel] [RFC PATCH 1/2] tee: generic TEE subsystem
Date: Mon, 20 Apr 2015 12:20:52 -0600	[thread overview]
Message-ID: <20150420182052.GA32299@obsidianresearch.com> (raw)
In-Reply-To: <20150420062044.GA7767@ermac>

On Mon, Apr 20, 2015 at 08:20:44AM +0200, Jens Wiklander wrote:

> I'm not sure I understand what you mean. This function is a building
> block for the TEE driver to supply whatever interface is needed for user
> space. For a Global Platform like TEE it will typically have support for
> TEEC_OpenSession(), TEEC_InvokeCommand(), TEEC_RequestCancellation() and
> TEEC_CloseSession(). But how that's done is depending on how the
> interface towards the TEE (in secure world) looks like. From what I've
> heard so far those interfaces diverges a lot so we've compromised with
> this function.

The goal of the mid layer is to bring all these differences into a
common abstraction, not punt on them to higher layers.

The goal if the driver is to translate and transport the common
abstraction to the hardware.

It is an absolute failure if each TEE driver implements a different
TEEC_OpenSession() ioctl. They must be the same, the common code
must de-marshal the request from user space and then call
ops->open_session()

Driver specific ioctls are a terrible way to start a new mid layer.

> > What is the typical and maximum allocation size here?
> It depends on the design of the Trusted Application in secure world and
> the client in user space.  A few KiB could be the typical allocation
> size, with a maximum at perhaps 512 KiB (for instance when loading a
> very large Trusted Application).

So this TEE stuff also encompasses a 'firmware' loader (to the secure
world, presumably)?

That is probably your base level of 'ops' functionality, plus the
shared memroy stuff.

How does this work if two userspace things run concurrently with
different firmwares? Is there some locking or something? What is the
lifetime of this firmware tied to?

> I agree that we can drop least one of the _version fields probably both,
> but something is needed for user space to be able to know which TEE (in
> secure world) it's communicating with. The uuid will let the client know
> how how to format the commands passed to TEE_IOC_CMD below.

So you load the firmare, learn what command set it supports then use
TEE_IOC_CMD to shuttle firmware-specific data to and from?

> I've touched on this above, this function the essential when
> communicating with the driver and secure world. Different TEEs (running
> in some secure environment) provides different interfaces. By providing
> an opaque channel we don't have to force something on the TEE.  The
> problem is moved to the user space library which is used when talking to
> the TEE. The assumption here is that the interface provided the TEE is
> stable or something that the specific TEE driver can handle with a glue
> layer.

I would use read/write for this, not ioctl. read/write can work with
select/poll so you can send your command then go into a polling loop
waiting for the reply from the firmware.

Jason

  reply	other threads:[~2015-04-20 18:20 UTC|newest]

Thread overview: 35+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-04-17  7:50 [RFC PATCH 0/2] generic TEE subsystem Jens Wiklander
2015-04-17  7:50 ` [RFC PATCH 1/2] tee: " Jens Wiklander
2015-04-17 16:30   ` [tpmdd-devel] " Jason Gunthorpe
2015-04-18  9:01     ` Russell King - ARM Linux
2015-04-18 17:29       ` Jason Gunthorpe
2015-04-18 21:57         ` Russell King - ARM Linux
2015-04-20  5:08           ` Jason Gunthorpe
2015-04-20 14:54             ` Greg Kroah-Hartman
2015-04-20 15:56               ` Jason Gunthorpe
2015-04-20 16:05                 ` Greg Kroah-Hartman
2015-04-20 13:02         ` Jens Wiklander
2015-04-20 17:55           ` Jason Gunthorpe
2015-04-21  5:59             ` Jens Wiklander
2015-04-17 20:07   ` Arnd Bergmann
2015-04-18  7:20     ` Paul Bolle
2015-04-20  6:20     ` Jens Wiklander
2015-04-20 18:20       ` Jason Gunthorpe [this message]
2015-04-21 10:45         ` [tpmdd-devel] " Jens Wiklander
2015-04-18  8:55   ` Greg Kroah-Hartman
2015-04-18  8:57   ` Greg Kroah-Hartman
2015-04-18  9:04     ` Russell King - ARM Linux
2015-04-18 18:47       ` Greg Kroah-Hartman
2015-04-18 19:02         ` Russell King - ARM Linux
2015-04-18 20:37           ` Greg Kroah-Hartman
2015-04-18 20:50             ` Russell King - ARM Linux
2015-04-19  7:00               ` Greg Kroah-Hartman
2015-04-17  7:50 ` [RFC PATCH 2/2] tee: add OP-TEE driver Jens Wiklander
2015-04-18  8:57   ` Greg Kroah-Hartman
2015-04-18  9:36     ` Javier González
2015-04-18 18:49       ` Greg Kroah-Hartman
2015-04-18 19:01         ` Arnd Bergmann
2015-04-19 11:17           ` Javier González
2015-04-19 19:47             ` Arnd Bergmann
2015-04-20  7:05               ` Javier González
2015-04-20  6:42     ` Jens Wiklander

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20150420182052.GA32299@obsidianresearch.com \
    --to=jgunthorpe@obsidianresearch.com \
    --cc=linux-arm-kernel@lists.infradead.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).