From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S934094AbdC3OeD (ORCPT ); Thu, 30 Mar 2017 10:34:03 -0400 Received: from mout.kundenserver.de ([212.227.17.10]:55827 "EHLO mout.kundenserver.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933426AbdC3OeB (ORCPT ); Thu, 30 Mar 2017 10:34:01 -0400 From: Arnd Bergmann To: Jens Wiklander Cc: arm@kernel.org, Olof Johansson , Greg Kroah-Hartman , Andrew Morton , linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, devicetree@vger.kernel.org, Al Viro , jean-michel.delorme@st.com, emmanuel.michel@st.com, javier@javigon.com, Jason Gunthorpe , Mark Rutland , Michal Simek , Rob Herring , Will Deacon , Nishanth Menon , "Andrew F. Davis" , broonie@kernel.org, scott.branden@broadcom.com, Loic PALLARDY , Etienne CARRIERE , Benjamin GAIGNARD , Patrice CHOTARD , Christophe PRIOUZEAU , Eric FINCO , Franck ALBESA , Wei Xu , torvalds@linux-foundation.org Subject: Re: [GIT PULL] generic TEE subsystem for v4.12 Date: Thu, 30 Mar 2017 16:32:49 +0200 Message-ID: <8981963.xoBUojTFOS@wuerfel> User-Agent: KMail/5.1.3 (Linux/4.8.0-34-generic; KDE/5.18.0; x86_64; ; ) In-Reply-To: <20170314145305.GA12937@jax> References: <20170314145305.GA12937@jax> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" X-Provags-ID: V03:K0:gom4ihxdfrQEEyS0IrfaBGAo/GsCvzimi3iniVcwP8Cz0fK+WEi yQssdCAbXEVs0ZlrEqrv7lY/RJgmBDRrXFW1SyXFNgaBzfROI4ElTXjc7v6G2ZWuGLzhZZC f31BLUGJxUFphWtE0sffLqa+/ScpG4rXEDXj6Pald3JALOkzZR9diz5l1gQ9itGhSix/13i oxDpQqHCIAcJxh6RD85SA== X-UI-Out-Filterresults: notjunk:1;V01:K0:KLYWMU6VeEE=:/RIp0AW7d8jKswAQBppFJA ul7WPdu11+rKT22LtkByywY9kkwxHDTd9ixwlZ4SnfMf6Bpkq/5+bRVVFji8lixxYEorXpMUz EPwzthlG1hhiMvq8FcYYa2BEjs7NNyacHMdPclZRhYZsgOgt52T5olkxQqhMNIcB+diGMiDcZ SeMkOeMLLHGPq5zuwzMTWB91caxVOqUnR0Tdo4hSKJ6QxDfM68aopiScS1iSrhCq9cpbMHsuH ixxYFCJULPq5IkLpo5TRFEfAy7Ij5WAdp/9zQszmVI7+DeCTdJ7P+hKwvww/2MdMFWtLCpsDu xIDb9ivnZKOg82e/vTjpsa3c5qC1BRKjwkDMz4dlx3WBDT2v2X7Z1qo84lHQvetY+D7rpg3/r SRqjKHip30Eq1lBNRNqkNa2NSlPRKPqf4aM8f7MxJeeBCAoZtSkMPVfDXeQ8l1Y4aHw7r/IoH N++0ruVzn2CYpRooUCHua4gKC/3aLmInh6D4pHLd15QDo0QkaEp46dUoH0UxghcjLFnv8eyWU RI6P5s6KUU6gyuoN1lGmE22tJ73Zn2lwC4PV+r0BLkgvtarMU4UygBHdmhJ/BnwrzIhhc2MRv wCuA9CAd783Sb08jMypGqXm161UcoLI54SyHu0mfdZgtYYmmbgNbkIm22Z+lbAtSk3Fne8yyt VQT6dic3Ms28AgTAesZymN5tiM9yjNUPSFFD2Ayz8dqbrsolOMVkMlreom2/ya2/cf3e/CVF7 qt8T2sw1xBztrra/ Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tuesday, March 14, 2017 3:57:34 PM CEST Jens Wiklander wrote: > Hi arm-soc maintainers, > > Please consider this pull request for v4.12 > > This pull request contains version 16 of the generic TEE driver. > > The TEE subsystem will contain drivers for various TEE implementations. > A TEE (Trusted Execution Environment) is a trusted OS running in some > secure environment, for example, TrustZone on ARM CPUs, or a separate > secure co-processor etc. > > The patch set has been reviewed by different people during the different > versions. Now I think this has reached a state where it's mature enough > to merge. > > The v16 cover letter containing detailed revision history can be found at > https://lkml.org/lkml/2017/3/10/1277 > > Thanks, > Jens > > The following changes since commit c1ae3cfa0e89fa1a7ecc4c99031f5e9ae99d9201: > > Linux 4.11-rc1 (2017-03-05 12:59:56 -0800) > > are available in the git repository at: > > git://git.linaro.org:/people/jens.wiklander/linux-tee.git tags/tee-drv-for-4.12 > > for you to fetch changes up to 14e21cb8f811100a2104e952b8f5bc0326a5e213: > > arm64: dt: hikey: Add optee node (2017-03-10 14:51:58 +0100) > > ---------------------------------------------------------------- > Introduce generic TEE subsystem: > - the TEE subsystem itself > - an OP-TEE driver using the subsystem > - optee bindings > - optee node for hi6220-hikey.dts (+Linus, FYI) I've put this into a separate next/tee branch in arm-soc, which means we will send this separately to Linus in the next merge window for the introduction of a new kernel subsystem, and I expect that future updates will get handled through the next/drivers branch in arm-soc, like we do for reset controllers. I have reviewed earlier versions in the past, and have reviewed the latest version in person during Linaro Connect BUD17. Here is my overall assessment of the subsystem: * There is clearly demand for this, both for the generic infrastructure and the specific OP-TEE implementation. * The code has gone through a large number of reviews, and the review comments have all been addressed, but the reviews were not coming up with serious issues any more and nobody volunteered to vouch for the quality. * The user space ioctl interface is sufficient to work with the OP-TEE driver, and it should in principle work with other TEE implementations that follow the GlobalPlatform[1] standards, but it might need to be extended in minor ways depending on specific requirements of future TEE implementations * The main downside of the API to me is how the user space is tied to the TEE implementation in hardware or firmware, but uses a generic way to communicate with it. This seems to be an inherent problem with what it is trying to do, and I could not come up with any better solution than what is implemented here. Arnd [1] https://www.globalplatform.org/mediaguidetee.asp