From: Jeffrey Kardatzke <jkardatzke@google.com>
To: Yong Wu <yong.wu@mediatek.com>
Cc: Rob Herring <robh+dt@kernel.org>,
Sumit Semwal <sumit.semwal@linaro.org>,
christian.koenig@amd.com,
Matthias Brugger <matthias.bgg@gmail.com>,
Krzysztof Kozlowski <krzysztof.kozlowski+dt@linaro.org>,
Conor Dooley <conor+dt@kernel.org>,
Benjamin Gaignard <benjamin.gaignard@collabora.com>,
Brian Starkey <Brian.Starkey@arm.com>,
John Stultz <jstultz@google.com>,
tjmercier@google.com,
AngeloGioacchino Del Regno
<angelogioacchino.delregno@collabora.com>,
devicetree@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-media@vger.kernel.org, dri-devel@lists.freedesktop.org,
linaro-mm-sig@lists.linaro.org,
linux-arm-kernel@lists.infradead.org,
linux-mediatek@lists.infradead.org, jianjiao.zeng@mediatek.com,
kuohong.wang@mediatek.com,
Vijayanand Jitta <quic_vjitta@quicinc.com>,
Joakim Bech <joakim.bech@linaro.org>,
Nicolas Dufresne <nicolas@ndufresne.ca>,
ckoenig.leichtzumerken@gmail.com
Subject: Re: [PATCH v2 4/8] dma-buf: heaps: secure_heap: Add tee memory service call
Date: Wed, 15 Nov 2023 15:26:11 -0800 [thread overview]
Message-ID: <CA+ddPcNDBSESjJSKiTwEpf_GydThrdh+KGnnXmTnYVmmnwZ83w@mail.gmail.com> (raw)
In-Reply-To: <20231111111559.8218-5-yong.wu@mediatek.com>
On Sat, Nov 11, 2023 at 3:17 AM Yong Wu <yong.wu@mediatek.com> wrote:
>
> Add TEE service call. In the case of MediaTek, secure memory management is
> located within the TEE. The kernel just needs to tell TEE what size it
> needs and the TEE will return a "security handle" to kernel.
>
> To be consistent with the cma heap later, we put the tee ops into the ops
> of secure_the_memory.
>
> It seems that secure_heap_tee_service_call could be a more general
> interface, but it could be a new topic.
>
> Signed-off-by: Yong Wu <yong.wu@mediatek.com>
> ---
> drivers/dma-buf/heaps/secure_heap.c | 97 +++++++++++++++++++++++++++++
> 1 file changed, 97 insertions(+)
>
> diff --git a/drivers/dma-buf/heaps/secure_heap.c b/drivers/dma-buf/heaps/secure_heap.c
> index 2a037fc54004..05062c14e7c7 100644
> --- a/drivers/dma-buf/heaps/secure_heap.c
> +++ b/drivers/dma-buf/heaps/secure_heap.c
> @@ -17,6 +17,27 @@
>
> #define TEE_PARAM_NUM 4
>
> +enum secure_buffer_tee_cmd { /* PARAM NUM always is 4. */
> + /*
> + * TZCMD_SECMEM_ZALLOC: Allocate the zeroed secure memory from TEE.
> + *
> + * [in] value[0].a: The buffer size.
> + * value[0].b: alignment.
> + * [in] value[1].a: enum secure_memory_type.
> + * [out] value[3].a: The secure handle.
> + */
> + TZCMD_SECMEM_ZALLOC = 0,
> +
> + /*
> + * TZCMD_SECMEM_FREE: Free secure memory.
> + *
> + * [in] value[0].a: The secure handle of this buffer, It's value[3].a of
> + * TZCMD_SECMEM_ZALLOC.
> + * [out] value[1].a: return value, 0 means successful, otherwise fail.
> + */
> + TZCMD_SECMEM_FREE = 1,
> +};
> +
This should go in the MTK specific implementation.
> enum secure_memory_type {
> /*
> * MediaTek static chunk memory carved out for TrustZone. The memory
> @@ -28,13 +49,25 @@ enum secure_memory_type {
> struct secure_buffer {
> struct dma_heap *heap;
> size_t size;
> + /*
> + * The secure handle is a reference to a buffer within the TEE, this is
> + * a value got from TEE.
> + */
> + u32 sec_handle;
> };
Change this to a u64 and rename it to 'secure_address', it's up to the
specific implementation what that would actually mean.
>
> +#define TEE_MEM_COMMAND_ID_BASE_MTK 0x10000
> +
Move this into the MTK specific implementation.
> struct secure_heap;
>
> struct secure_heap_prv_data {
> const char *uuid;
> const int tee_impl_id;
> + /*
> + * Different TEEs may implement different commands, and this provides an opportunity
> + * for TEEs to use the same enum secure_buffer_tee_cmd.
> + */
> + const int tee_command_id_base;
Remove this, it can be handled in the MTK specific implementation.
>
> int (*memory_alloc)(struct secure_heap *sec_heap, struct secure_buffer *sec_buf);
> void (*memory_free)(struct secure_heap *sec_heap, struct secure_buffer *sec_buf);
> @@ -98,10 +131,74 @@ static int secure_heap_tee_session_init(struct secure_heap *sec_heap)
> return ret;
> }
>
> +static int
> +secure_heap_tee_service_call(struct tee_context *tee_ctx, u32 session,
> + unsigned int command, struct tee_param *params)
> +{
> + struct tee_ioctl_invoke_arg arg = {0};
> + int ret;
> +
> + arg.num_params = TEE_PARAM_NUM;
> + arg.session = session;
> + arg.func = command;
> +
> + ret = tee_client_invoke_func(tee_ctx, &arg, params);
> + if (ret < 0 || arg.ret) {
> + pr_err("%s: cmd %d ret %d:%x.\n", __func__, command, ret, arg.ret);
> + ret = -EOPNOTSUPP;
> + }
> + return ret;
> +}
> +
> +static int secure_heap_tee_secure_memory(struct secure_heap *sec_heap,
> + struct secure_buffer *sec_buf)
> +{
> + const struct secure_heap_prv_data *data = sec_heap->data;
> + struct tee_param params[TEE_PARAM_NUM] = {0};
> + int ret;
> +
> + params[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT;
> + params[0].u.value.a = sec_buf->size;
> + params[0].u.value.b = PAGE_SIZE;
> + params[1].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT;
> + params[1].u.value.a = sec_heap->mem_type;
> + params[2].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT;
> +
> + params[3].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_OUTPUT;
> + ret = secure_heap_tee_service_call(sec_heap->tee_ctx, sec_heap->tee_session,
> + data->tee_command_id_base + TZCMD_SECMEM_ZALLOC,
> + params);
> + if (ret)
> + return -ENOMEM;
> +
> + sec_buf->sec_handle = params[3].u.value.a;
> + return 0;
> +}
> +
> +static void secure_heap_tee_unsecure_memory(struct secure_heap *sec_heap,
> + struct secure_buffer *sec_buf)
> +{
> + struct tee_param params[TEE_PARAM_NUM] = {0};
> +
> + params[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT;
> + params[0].u.value.a = sec_buf->sec_handle;
> + params[1].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_OUTPUT;
> +
> + secure_heap_tee_service_call(sec_heap->tee_ctx, sec_heap->tee_session,
> + sec_heap->data->tee_command_id_base + TZCMD_SECMEM_FREE,
> + params);
> + if (params[1].u.value.a)
> + pr_err("%s, free buffer(0x%x) return fail(%lld) from TEE.\n",
> + sec_heap->name, sec_buf->sec_handle, params[1].u.value.a);
> +}
> +
These are entirely MTK specific, so move them into the MTK specific
implementation.
> /* The memory allocating is within the TEE. */
> const struct secure_heap_prv_data mtk_sec_mem_data = {
> .uuid = TZ_TA_MEM_UUID_MTK,
> .tee_impl_id = TEE_IMPL_ID_OPTEE,
> + .tee_command_id_base = TEE_MEM_COMMAND_ID_BASE_MTK,
> + .secure_the_memory = secure_heap_tee_secure_memory,
> + .unsecure_the_memory = secure_heap_tee_unsecure_memory,
> };
This should also go into the MTK specific implementation, and to be
clear, that's where module_init should be as well.
>
> static int secure_heap_secure_memory_allocate(struct secure_heap *sec_heap,
> --
> 2.25.1
>
next prev parent reply other threads:[~2023-11-15 23:26 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-11 11:15 [PATCH v2 0/8] dma-buf: heaps: Add secure heap Yong Wu
2023-11-11 11:15 ` [PATCH v2 1/8] dma-buf: heaps: Initialize a " Yong Wu
2023-11-15 23:18 ` Jeffrey Kardatzke
2023-11-11 11:15 ` [PATCH v2 2/8] dma-buf: heaps: secure_heap: Add private heap ops Yong Wu
2023-11-15 23:21 ` Jeffrey Kardatzke
2023-11-11 11:15 ` [PATCH v2 3/8] dma-buf: heaps: secure_heap: Initialize tee session Yong Wu
2023-11-11 16:55 ` kernel test robot
2023-11-11 17:44 ` kernel test robot
2023-11-15 23:23 ` Jeffrey Kardatzke
2023-11-11 11:15 ` [PATCH v2 4/8] dma-buf: heaps: secure_heap: Add tee memory service call Yong Wu
2023-11-11 23:28 ` kernel test robot
2023-11-15 23:26 ` Jeffrey Kardatzke [this message]
2023-11-11 11:15 ` [PATCH v2 5/8] dma-buf: heaps: secure_heap: Add dma_ops Yong Wu
2023-11-11 11:15 ` [PATCH v2 6/8] dt-bindings: reserved-memory: Add secure CMA reserved memory range Yong Wu
2023-11-11 12:48 ` Krzysztof Kozlowski
2023-11-13 6:37 ` Yong Wu (吴勇)
2023-11-14 13:18 ` Robin Murphy
2023-11-15 23:35 ` Jeffrey Kardatzke
2023-11-13 20:40 ` Rob Herring
2023-11-11 11:15 ` [PATCH v2 7/8] dma_buf: heaps: secure_heap: Add a new MediaTek CMA heap Yong Wu
2023-11-15 23:44 ` Jeffrey Kardatzke
2023-11-11 11:15 ` [PATCH v2 8/8] dma-buf: heaps: secure_heap: Add normal " Yong Wu
2023-11-15 23:45 ` Jeffrey Kardatzke
2023-11-13 11:38 ` [PATCH v2 0/8] dma-buf: heaps: Add secure heap Pavel Machek
2023-11-15 22:02 ` Jeffrey Kardatzke
2023-11-22 16:48 ` Pratyush Brahma
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CA+ddPcNDBSESjJSKiTwEpf_GydThrdh+KGnnXmTnYVmmnwZ83w@mail.gmail.com \
--to=jkardatzke@google.com \
--cc=Brian.Starkey@arm.com \
--cc=angelogioacchino.delregno@collabora.com \
--cc=benjamin.gaignard@collabora.com \
--cc=christian.koenig@amd.com \
--cc=ckoenig.leichtzumerken@gmail.com \
--cc=conor+dt@kernel.org \
--cc=devicetree@vger.kernel.org \
--cc=dri-devel@lists.freedesktop.org \
--cc=jianjiao.zeng@mediatek.com \
--cc=joakim.bech@linaro.org \
--cc=jstultz@google.com \
--cc=krzysztof.kozlowski+dt@linaro.org \
--cc=kuohong.wang@mediatek.com \
--cc=linaro-mm-sig@lists.linaro.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-media@vger.kernel.org \
--cc=linux-mediatek@lists.infradead.org \
--cc=matthias.bgg@gmail.com \
--cc=nicolas@ndufresne.ca \
--cc=quic_vjitta@quicinc.com \
--cc=robh+dt@kernel.org \
--cc=sumit.semwal@linaro.org \
--cc=tjmercier@google.com \
--cc=yong.wu@mediatek.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).