From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mx0a-0031df01.pphosted.com (mx0a-0031df01.pphosted.com [205.220.168.131]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4828F233134 for ; Tue, 5 May 2026 17:32:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=205.220.168.131 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1778002373; cv=none; b=EDQEItd7pAY7nGR/pq6qaEfz6ZTNAVoTK3bQVpGmjAqHoTg6/zzcq+FvbrnFdfyvOICIKIeDgO+y2hIzN809U79STJH2gOptid84SuDcoitpvAqWZXxK7nbHj8+HybeGll0BWDgdoLCihPS13MAts3Et80Oy9oyYo6zWdf9ffzs= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1778002373; c=relaxed/simple; bh=1XDWE6ATqSyHs0VObzq/IhCFzSnOOqXQttYbSW7p+8I=; h=Date:From:To:Cc:Subject:Message-ID:References:MIME-Version: Content-Type:Content-Disposition:In-Reply-To; b=NtQ9XuJTWosUuU/gWi6rOcnRBIXHwkBdh/H7NR72aSeVvm3KJsFmuYnIFsalUM6hzUYmbLZhdYmEqKSdSpJXhNFytRYPGecfioqez5CdlW0AdpEAw6RtMsOMlOzzamHhGwUjXGcEWLr/Ku8GIs00XVylmS9p9TozQakuq95EvO8= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oss.qualcomm.com; spf=pass smtp.mailfrom=oss.qualcomm.com; dkim=pass (2048-bit key) header.d=qualcomm.com header.i=@qualcomm.com header.b=bymI5B2f; dkim=pass (2048-bit key) header.d=oss.qualcomm.com header.i=@oss.qualcomm.com header.b=f6wqxUB2; arc=none smtp.client-ip=205.220.168.131 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=oss.qualcomm.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=oss.qualcomm.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=qualcomm.com header.i=@qualcomm.com header.b="bymI5B2f"; dkim=pass (2048-bit key) header.d=oss.qualcomm.com header.i=@oss.qualcomm.com header.b="f6wqxUB2" Received: from pps.filterd (m0279865.ppops.net [127.0.0.1]) by mx0a-0031df01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 645FUPn14028251 for ; Tue, 5 May 2026 17:32:50 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=qualcomm.com; h= cc:content-type:date:from:in-reply-to:message-id:mime-version :references:subject:to; s=qcppdkim1; bh=NktNNT+blem0C8DB93BySTft eXu91gdwwaZsrQR4k2s=; b=bymI5B2fLLzns/GkH6H2wcDxIwbGdyD2Y9jW0dC3 AqLuVpoRQ5rhtwz+GMcmrpUNaWgUPh84wPSnhdtH957NJ0aytiKtxKGEOOLDgBJU cjL1FwOUYZlFv7DlWWiV/cLXjJyJxefWON860T9KyXrTwFPSuRgAjH58gIUjQLvi Hl4JlYTw/aLXdkXcPPMsyP1hmpq3p95Rrj5JeAM5ZiEu8mx4w4z4ZE6bmDvRBKfj MS8YALfHQlnbcyCv/d1aFFnOdsCDg+weY+OdQSMcIeT9IX1jYm36/yPQBlCCpmbo KdLn98K0VMh+1Sshjc8XML/QYu/aRItlaGIzXJICVRhj+w== Received: from mail-pl1-f198.google.com (mail-pl1-f198.google.com [209.85.214.198]) by mx0a-0031df01.pphosted.com (PPS) with ESMTPS id 4dydm6t338-1 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NOT) for ; Tue, 05 May 2026 17:32:50 +0000 (GMT) Received: by mail-pl1-f198.google.com with SMTP id d9443c01a7336-2ba6fe41283so3234705ad.1 for ; Tue, 05 May 2026 10:32:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oss.qualcomm.com; s=google; t=1778002370; x=1778607170; darn=vger.kernel.org; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to; bh=NktNNT+blem0C8DB93BySTfteXu91gdwwaZsrQR4k2s=; b=f6wqxUB2pSK+As5ZFYfwTjZ3KX1ODdt0XHl1XqlhBRoMOMaT3whKfF3aaVRSjAIdrI zBF6D4WZRiX0kHyiVB8800uN/3zJyXR6zWyghs2ty9YrqBF3H8XuIkGq17q8PxbUnhYH s9v71jhWs7GWVMVV46ek70M3AVdHmAQ1XQ18acAVi5CK9lOvnsHbhiY5jhInsYgFvHX5 rcn67aWzb1qh1WSYtQ7KqfNYd2YdPC3BFWAcWA17woocmBosvUdg3a3HmOUO3/k9ETBm GzKPczQnEqMWOZhRhuCJNJ0gmZekHDVC/T/iW2E3xV3Fif5bq/rsYAb9C+npQyJ3WBFr Haww== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1778002370; x=1778607170; h=in-reply-to:content-disposition:mime-version:references:message-id :subject:cc:to:from:date:x-gm-gg:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=NktNNT+blem0C8DB93BySTfteXu91gdwwaZsrQR4k2s=; b=KriBwqaRr5UlXKsk6f8jLsCqdZGMNIg6UWldpmn1ZvPRZPXahpxv38cY4Qxt03D1UL oayqmhfRfa76boYuxCdNKXCZj9ala/qiN04+FjlR+9LjCITQ2YtX8lqlt4UNfxix+5wY hVK7kQQmHFQPs/ZXvwE/5fqATJH2aYkhLnYQOryEgQ0AWmmiJEIKgRo2oKj6wdoEr4r1 9pqcv4U61TuoD42z1w0tdVz6kewq2MQNju9MDI8RkrUW634mvlWzCNViCLYSHv8N6qB2 8eqQoiXU6/jfVzlDM6LC4eCytSy9WL+hs0rkRnOnQK43sbXPg8lpNPE1zNtybwEF7LnM 03TQ== X-Forwarded-Encrypted: i=1; AFNElJ+Vs3vF80iEKLqOmJBb1SIRTFb6AM+Tvkp/slf4vUv7RKoqHpek3hO47eLMIFtJZq6Sc8pBmiI=@vger.kernel.org X-Gm-Message-State: AOJu0Yx93TIaEq7w8HiOmO+1p2hH9WZMpqDPt5iFPtIxx/yYkY9gnWff 7GPfNp+tK8cE8He7oNODnXY6EEr5hJ4wpvdmaJKXW5SF7WLOJH2kEF6F1p4oZ4rpScfjQbPqhvH APfGRFbMyQlo3k9OiigfSB0Tx4DIBh+tz/3YNq0WdT3YsL9d45yYkq4/VKO0= X-Gm-Gg: AeBDietUJJ8cx5Fc8daly+U3n5kAxTLM77vIRl2sZ1bIzVHt3SkPw73vK5i23aZg0QX uCwxyn96LU4YE2LSY2N4u71k2jKP/EqTf37S1T7FI8Ffmipqw4dqXvwP80M4dW/1MOMRYnlVs2D vHTO/sMjAUvWeNhAHez37DjRSu82QEuAxrmXLhyaDt0FoHMiTtJqTOZ25KEL0Dkr+nKjzNuBiow 1CcM+8eaaMH86Fu/bqR0OxVCmzGdmvXykdd4l3HWqhOdVJqp75gOvHSfScRiGintB6dDklHTkvM 5i6nACG55YfzueOjGe4Z/TtWxE6HitUPrLOVSF/DHPOUsM59cZH0B1xbpoMU5o6dSzs9IW8jOc3 feaHqN+d2hpH+kdxwJaq9yp5K1wqR3whx06yENtGtpmuaxU0HfiOy1xVdhkQ= X-Received: by 2002:a17:902:f54c:b0:2b4:5e7e:34ce with SMTP id d9443c01a7336-2b9f285cc57mr141238015ad.39.1778002369384; Tue, 05 May 2026 10:32:49 -0700 (PDT) X-Received: by 2002:a17:902:f54c:b0:2b4:5e7e:34ce with SMTP id d9443c01a7336-2b9f285cc57mr141237075ad.39.1778002368437; Tue, 05 May 2026 10:32:48 -0700 (PDT) Received: from hu-mojha-hyd.qualcomm.com ([202.46.23.25]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-2b9caaaec82sm146854565ad.24.2026.05.05.10.32.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 05 May 2026 10:32:47 -0700 (PDT) Date: Tue, 5 May 2026 23:02:32 +0530 From: Mukesh Ojha To: Sumit Garg Cc: andersson@kernel.org, konradybcio@kernel.org, linux-arm-msm@vger.kernel.org, devicetree@vger.kernel.org, dri-devel@lists.freedesktop.org, freedreno@lists.freedesktop.org, linux-media@vger.kernel.org, netdev@vger.kernel.org, linux-wireless@vger.kernel.org, ath12k@lists.infradead.org, linux-remoteproc@vger.kernel.org, robh@kernel.org, krzk+dt@kernel.org, conor+dt@kernel.org, robin.clark@oss.qualcomm.com, sean@poorly.run, akhilpo@oss.qualcomm.com, lumag@kernel.org, abhinav.kumar@linux.dev, jesszhan0024@gmail.com, marijn.suijten@somainline.org, airlied@gmail.com, simona@ffwll.ch, vikash.garodia@oss.qualcomm.com, dikshita.agarwal@oss.qualcomm.com, bod@kernel.org, mchehab@kernel.org, elder@kernel.org, andrew+netdev@lunn.ch, davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, jjohnson@kernel.org, mathieu.poirier@linaro.org, trilokkumar.soni@oss.qualcomm.com, pavan.kondeti@oss.qualcomm.com, jorge.ramirez@oss.qualcomm.com, tonyh@qti.qualcomm.com, vignesh.viswanathan@oss.qualcomm.com, srinivas.kandagatla@oss.qualcomm.com, amirreza.zarrabi@oss.qualcomm.com, jens.wiklander@linaro.org, op-tee@lists.trustedfirmware.org, apurupa@qti.qualcomm.com, skare@qti.qualcomm.com, linux-kernel@vger.kernel.org, Sumit Garg , Harshal Dev Subject: Re: [PATCH v5 02/16] firmware: qcom: Add a generic PAS service Message-ID: <20260505173232.6bvtccowckwsatb4@hu-mojha-hyd.qualcomm.com> References: <20260504130603.1474043-1-sumit.garg@kernel.org> <20260504130603.1474043-3-sumit.garg@kernel.org> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20260504130603.1474043-3-sumit.garg@kernel.org> X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwNTA1MDE3MCBTYWx0ZWRfX9mfQLR/GjVqP 6i/I4901Fm5HKvgcuCF5wA94yC20ad8KANn1aa/xJvFKCQ/56h6a+ZVMg4Cdi/3P3gc+mfCO+E3 5yyObhl7v0LY6vFmZPaz+KiSqZSf9F/HWprK8uyOKZr0naCVou6XwfLr6NDYFW7ACCSyyGf/o0D 4ps47eYLUHokXqD3Zsx8jAZnlWEJGVyDFEepjmEh2JZNjblOR6kv0n7J0QqCOGytwzn6PF/ZAdx Ksei61XiQIUlfaoNIXo0kuElD/D3NnGDfcgUqHQEg4IywFPTcHHyqLXmeZhtTpyt1uQqNV5xccD 5JG8cKbQCmBt2daHJ/fr8fSNFukI9CYt+AJCiJiCxbo65SY6DTBL27ggxV2d0v+Dz6ottrkLj1c F5I1J4HZArAUleQapIgsSegZ+AHinRdArQCrheFj6jZX5ot1eH/+4GP8xr3K8shtCjw0YpqGwUt jSKnlYRTkyzjJ8s6fEw== X-Authority-Analysis: v=2.4 cv=K4AS2SWI c=1 sm=1 tr=0 ts=69fa29c2 cx=c_pps a=MTSHoo12Qbhz2p7MsH1ifg==:117 a=ZePRamnt/+rB5gQjfz0u9A==:17 a=kj9zAlcOel0A:10 a=NGcC8JguVDcA:10 a=s4-Qcg_JpJYA:10 a=VkNPw1HP01LnGYTKEx00:22 a=u7WPNUs3qKkmUXheDGA7:22 a=Um2Pa8k9VHT-vaBCBUpS:22 a=EUspDBNiAAAA:8 a=B9m6UvTZno2CEb395rQA:9 a=CjuIK1q_8ugA:10 a=GvdueXVYPmCkWapjIL-Q:22 X-Proofpoint-GUID: juqaf0BH2SDiHlwTgXdlL_wZgoPeMG-E X-Proofpoint-ORIG-GUID: juqaf0BH2SDiHlwTgXdlL_wZgoPeMG-E X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.51,FMLib:17.12.100.49 definitions=2026-05-05_02,2026-04-30_02,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 bulkscore=0 malwarescore=0 phishscore=0 suspectscore=0 lowpriorityscore=0 adultscore=0 impostorscore=0 spamscore=0 clxscore=1015 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2604200000 definitions=main-2605050170 On Mon, May 04, 2026 at 06:35:49PM +0530, Sumit Garg wrote: > From: Sumit Garg > > Qcom platforms has the legacy of using non-standard SCM calls > splintered over the various kernel drivers. These SCM calls aren't > compliant with the standard SMC calling conventions which is a > prerequisite to enable migration to the FF-A specifications from Arm. > > OP-TEE as an alternative trusted OS to Qualcomm TEE (QTEE) can't > support these non-standard SCM calls. And even for newer architectures > using S-EL2 with Hafnium support, QTEE won't be able to support SCM > calls either with FF-A requirements coming in. And with both OP-TEE > and QTEE drivers well integrated in the TEE subsystem, it makes further > sense to reuse the TEE bus client drivers infrastructure. > > The added benefit of TEE bus infrastructure is that there is support > for discoverable/enumerable services. With that client drivers don't > have to manually invoke a special SCM call to know the service status. > > So enable the generic Peripheral Authentication Service (PAS) provided > by the firmware. It acts as the common layer with different TZ > backends plugged in whether it's an SCM implementation or a proper > TEE bus based PAS service implementation. > > Reviewed-by: Mukesh Ojha > Tested-by: Mukesh Ojha # Lemans > Reviewed-by: Harshal Dev > Signed-off-by: Sumit Garg > --- > drivers/firmware/qcom/Kconfig | 8 + > drivers/firmware/qcom/Makefile | 1 + > drivers/firmware/qcom/qcom_pas.c | 291 +++++++++++++++++++++++++ > drivers/firmware/qcom/qcom_pas.h | 50 +++++ > include/linux/firmware/qcom/qcom_pas.h | 43 ++++ > 5 files changed, 393 insertions(+) > create mode 100644 drivers/firmware/qcom/qcom_pas.c > create mode 100644 drivers/firmware/qcom/qcom_pas.h > create mode 100644 include/linux/firmware/qcom/qcom_pas.h > > diff --git a/drivers/firmware/qcom/Kconfig b/drivers/firmware/qcom/Kconfig > index b477d54b495a..8653639d06db 100644 > --- a/drivers/firmware/qcom/Kconfig > +++ b/drivers/firmware/qcom/Kconfig > @@ -6,6 +6,14 @@ > > menu "Qualcomm firmware drivers" > > +config QCOM_PAS > + tristate > + help > + Enable the generic Peripheral Authentication Service (PAS) provided > + by the firmware. It acts as the common layer with different TZ > + backends plugged in whether it's an SCM implementation or a proper > + TEE bus based PAS service implementation. > + > config QCOM_SCM > select QCOM_TZMEM > tristate > diff --git a/drivers/firmware/qcom/Makefile b/drivers/firmware/qcom/Makefile > index 0be40a1abc13..dc5ab45f906a 100644 > --- a/drivers/firmware/qcom/Makefile > +++ b/drivers/firmware/qcom/Makefile > @@ -8,3 +8,4 @@ qcom-scm-objs += qcom_scm.o qcom_scm-smc.o qcom_scm-legacy.o > obj-$(CONFIG_QCOM_TZMEM) += qcom_tzmem.o > obj-$(CONFIG_QCOM_QSEECOM) += qcom_qseecom.o > obj-$(CONFIG_QCOM_QSEECOM_UEFISECAPP) += qcom_qseecom_uefisecapp.o > +obj-$(CONFIG_QCOM_PAS) += qcom_pas.o > diff --git a/drivers/firmware/qcom/qcom_pas.c b/drivers/firmware/qcom/qcom_pas.c > new file mode 100644 > index 000000000000..025308adf553 > --- /dev/null > +++ b/drivers/firmware/qcom/qcom_pas.c > @@ -0,0 +1,291 @@ > +// SPDX-License-Identifier: GPL-2.0 > +/* > + * Copyright (c) 2010,2015,2019 The Linux Foundation. All rights reserved. > + * Copyright (C) 2015 Linaro Ltd. > + * Copyright (c) Qualcomm Technologies, Inc. and/or its subsidiaries. > + */ > + > +#include > +#include > +#include > +#include > + > +#include "qcom_pas.h" > + > +static struct qcom_pas_ops *ops_ptr; > + > +/** > + * devm_qcom_pas_context_alloc() - Allocate peripheral authentication service > + * context for a given peripheral > + * > + * PAS context is device-resource managed, so the caller does not need > + * to worry about freeing the context memory. > + * > + * @dev: PAS firmware device > + * @pas_id: peripheral authentication service id > + * @mem_phys: Subsystem reserve memory start address > + * @mem_size: Subsystem reserve memory size > + * > + * Return: The new PAS context, or ERR_PTR() on failure. > + */ > +struct qcom_pas_context *devm_qcom_pas_context_alloc(struct device *dev, > + u32 pas_id, > + phys_addr_t mem_phys, > + size_t mem_size) > +{ > + struct qcom_pas_context *ctx; > + > + ctx = devm_kzalloc(dev, sizeof(*ctx), GFP_KERNEL); > + if (!ctx) > + return ERR_PTR(-ENOMEM); > + > + ctx->dev = dev; > + ctx->pas_id = pas_id; > + ctx->mem_phys = mem_phys; > + ctx->mem_size = mem_size; > + > + return ctx; > +} > +EXPORT_SYMBOL_GPL(devm_qcom_pas_context_alloc); > + > +/** > + * qcom_pas_init_image() - Initialize peripheral authentication service state > + * machine for a given peripheral, using the metadata > + * @pas_id: peripheral authentication service id > + * @metadata: pointer to memory containing ELF header, program header table > + * and optional blob of data used for authenticating the metadata > + * and the rest of the firmware > + * @size: size of the metadata > + * @ctx: optional pas context > + * > + * Return: 0 on success. > + * > + * Upon successful return, the PAS metadata context (@ctx) will be used to > + * track the metadata allocation, this needs to be released by invoking > + * qcom_pas_metadata_release() by the caller. > + */ > +int qcom_pas_init_image(u32 pas_id, const void *metadata, size_t size, > + struct qcom_pas_context *ctx) > +{ > + if (!ops_ptr) > + return -ENODEV; > + > + return ops_ptr->init_image(ops_ptr->dev, pas_id, metadata, size, ctx); > +} > +EXPORT_SYMBOL_GPL(qcom_pas_init_image); > + > +/** > + * qcom_pas_metadata_release() - release metadata context > + * @ctx: pas context > + */ > +void qcom_pas_metadata_release(struct qcom_pas_context *ctx) > +{ > + if (!ops_ptr || !ctx || !ctx->ptr) > + return; > + > + ops_ptr->metadata_release(ops_ptr->dev, ctx); > +} > +EXPORT_SYMBOL_GPL(qcom_pas_metadata_release); > + > +/** > + * qcom_pas_mem_setup() - Prepare the memory related to a given peripheral > + * for firmware loading > + * @pas_id: peripheral authentication service id > + * @addr: start address of memory area to prepare > + * @size: size of the memory area to prepare > + * > + * Return: 0 on success. > + */ > +int qcom_pas_mem_setup(u32 pas_id, phys_addr_t addr, phys_addr_t size) > +{ > + if (!ops_ptr) > + return -ENODEV; > + > + return ops_ptr->mem_setup(ops_ptr->dev, pas_id, addr, size); > +} > +EXPORT_SYMBOL_GPL(qcom_pas_mem_setup); > + > +/** > + * qcom_pas_get_rsc_table() - Retrieve the resource table in passed output buffer > + * for a given peripheral. > + * > + * Qualcomm remote processor may rely on both static and dynamic resources for > + * its functionality. Static resources typically refer to memory-mapped > + * addresses required by the subsystem and are often embedded within the > + * firmware binary and dynamic resources, such as shared memory in DDR etc., > + * are determined at runtime during the boot process. > + * > + * On Qualcomm Technologies devices, it's possible that static resources are > + * not embedded in the firmware binary and instead are provided by TrustZone. > + * However, dynamic resources are always expected to come from TrustZone. This > + * indicates that for Qualcomm devices, all resources (static and dynamic) will > + * be provided by TrustZone PAS service. > + * > + * If the remote processor firmware binary does contain static resources, they > + * should be passed in input_rt. These will be forwarded to TrustZone for > + * authentication. TrustZone will then append the dynamic resources and return > + * the complete resource table in output_rt_tzm. > + * > + * If the remote processor firmware binary does not include a resource table, > + * the caller of this function should set input_rt as NULL and input_rt_size > + * as zero respectively. > + * > + * More about documentation on resource table data structures can be found in > + * include/linux/remoteproc.h > + * > + * @ctx: PAS context > + * @pas_id: peripheral authentication service id > + * @input_rt: resource table buffer which is present in firmware binary > + * @input_rt_size: size of the resource table present in firmware binary > + * @output_rt_size: TrustZone expects caller should pass worst case size for > + * the output_rt_tzm. > + * > + * Return: > + * On success, returns a pointer to the allocated buffer containing the final > + * resource table and output_rt_size will have actual resource table size from > + * TrustZone. The caller is responsible for freeing the buffer. On failure, > + * returns ERR_PTR(-errno). > + */ > +struct resource_table *qcom_pas_get_rsc_table(struct qcom_pas_context *ctx, > + void *input_rt, > + size_t input_rt_size, > + size_t *output_rt_size) > +{ > + if (!ops_ptr) > + return ERR_PTR(-ENODEV); > + if (!ctx) > + return ERR_PTR(-EINVAL); > + > + return ops_ptr->get_rsc_table(ops_ptr->dev, ctx, input_rt, > + input_rt_size, output_rt_size); > +} > +EXPORT_SYMBOL_GPL(qcom_pas_get_rsc_table); > + > +/** > + * qcom_pas_auth_and_reset() - Authenticate the given peripheral firmware > + * and reset the remote processor > + * @pas_id: peripheral authentication service id > + * > + * Return: 0 on success. > + */ > +int qcom_pas_auth_and_reset(u32 pas_id) > +{ > + if (!ops_ptr) > + return -ENODEV; > + > + return ops_ptr->auth_and_reset(ops_ptr->dev, pas_id); > +} > +EXPORT_SYMBOL_GPL(qcom_pas_auth_and_reset); > + > +/** > + * qcom_pas_prepare_and_auth_reset() - Prepare, authenticate, and reset the > + * remote processor > + * > + * @ctx: Context saved during call to qcom_scm_pas_context_init() devm_qcom_pas_context_alloc() > + * > + * This function performs the necessary steps to prepare a PAS subsystem, > + * authenticate it using the provided metadata, and initiate a reset sequence. > + * > + * It should be used when Linux is in control setting up the IOMMU hardware > + * for remote subsystem during secure firmware loading processes. The > + * preparation step sets up a shmbridge over the firmware memory before > + * TrustZone accesses the firmware memory region for authentication. The > + * authentication step verifies the integrity and authenticity of the firmware > + * or configuration using secure metadata. Finally, the reset step ensures the > + * subsystem starts in a clean and sane state. > + * > + * Return: 0 on success, negative errno on failure. > + */ > +int qcom_pas_prepare_and_auth_reset(struct qcom_pas_context *ctx) > +{ > + if (!ops_ptr) > + return -ENODEV; > + if (!ctx) > + return -EINVAL; > + > + return ops_ptr->prepare_and_auth_reset(ops_ptr->dev, ctx); > +} > +EXPORT_SYMBOL_GPL(qcom_pas_prepare_and_auth_reset); > + > +/** > + * qcom_pas_set_remote_state() - Set the remote processor state > + * @state: peripheral state > + * @pas_id: peripheral authentication service id > + * > + * Return: 0 on success. > + */ > +int qcom_pas_set_remote_state(u32 state, u32 pas_id) > +{ > + if (!ops_ptr) > + return -ENODEV; > + > + return ops_ptr->set_remote_state(ops_ptr->dev, state, pas_id); > +} > +EXPORT_SYMBOL_GPL(qcom_pas_set_remote_state); > + > +/** > + * qcom_pas_shutdown() - Shut down the remote processor > + * @pas_id: peripheral authentication service id > + * > + * Return: 0 on success. > + */ > +int qcom_pas_shutdown(u32 pas_id) > +{ > + if (!ops_ptr) > + return -ENODEV; > + > + return ops_ptr->shutdown(ops_ptr->dev, pas_id); > +} > +EXPORT_SYMBOL_GPL(qcom_pas_shutdown); > + > +/** > + * qcom_pas_supported() - Check if the peripheral authentication service is > + * available for the given peripheral > + * @pas_id: peripheral authentication service id > + * > + * Return: true if PAS is supported for this peripheral, otherwise false. > + */ > +bool qcom_pas_supported(u32 pas_id) > +{ > + if (!ops_ptr) > + return false; > + > + return ops_ptr->supported(ops_ptr->dev, pas_id); > +} > +EXPORT_SYMBOL_GPL(qcom_pas_supported); > + > +bool qcom_pas_is_available(void) > +{ > + /* > + * The barrier for ops_ptr is intended to synchronize the data stores > + * for the ops data structure when client drivers are in parallel > + * checking for PAS service availability. > + * > + * Once the PAS backend becomes available, it is allowed for multiple > + * threads to enter TZ for parallel bringup of co-processors during > + * boot. > + */ > + return !!smp_load_acquire(&ops_ptr); > +} > +EXPORT_SYMBOL_GPL(qcom_pas_is_available); > + > +void qcom_pas_ops_register(struct qcom_pas_ops *ops) > +{ > + if (!qcom_pas_is_available()) > + /* Paired with smp_load_acquire() in qcom_pas_is_available() */ > + smp_store_release(&ops_ptr, ops); > + else > + pr_err("qcom_pas: ops already registered by %s\n", > + ops_ptr->drv_name); > +} > +EXPORT_SYMBOL_GPL(qcom_pas_ops_register); > + > +void qcom_pas_ops_unregister(void) > +{ > + /* Paired with smp_load_acquire() in qcom_pas_is_available() */ > + smp_store_release(&ops_ptr, NULL); > +} > +EXPORT_SYMBOL_GPL(qcom_pas_ops_unregister); > + > +MODULE_LICENSE("GPL"); > +MODULE_DESCRIPTION("Qualcomm generic TZ PAS driver"); > diff --git a/drivers/firmware/qcom/qcom_pas.h b/drivers/firmware/qcom/qcom_pas.h > new file mode 100644 > index 000000000000..8643e2760602 > --- /dev/null > +++ b/drivers/firmware/qcom/qcom_pas.h > @@ -0,0 +1,50 @@ > +/* SPDX-License-Identifier: GPL-2.0 */ > +/* > + * Copyright (c) Qualcomm Technologies, Inc. and/or its subsidiaries. > + */ > + > +#ifndef __QCOM_PAS_INT_H > +#define __QCOM_PAS_INT_H > + > +struct device; > + > +/** > + * struct qcom_pas_ops - Qcom Peripheral Authentication Service (PAS) ops > + * @drv_name: PAS driver name. > + * @dev: PAS device pointer. > + * @supported: Peripheral supported callback. > + * @init_image: Peripheral image initialization callback. > + * @mem_setup: Peripheral memory setup callback. > + * @get_rsc_table: Peripheral get resource table callback. > + * @prepare_and_auth_reset: Peripheral prepare firmware authentication and > + * reset callback. > + * @auth_and_reset: Peripheral firmware authentication and reset > + * callback. > + * @set_remote_state: Peripheral set remote state callback. > + * @shutdown: Peripheral shutdown callback. > + * @metadata_release: Image metadata release callback. > + */ > +struct qcom_pas_ops { > + const char *drv_name; > + struct device *dev; > + bool (*supported)(struct device *dev, u32 pas_id); > + int (*init_image)(struct device *dev, u32 pas_id, const void *metadata, > + size_t size, struct qcom_pas_context *ctx); > + int (*mem_setup)(struct device *dev, u32 pas_id, phys_addr_t addr, > + phys_addr_t size); > + void *(*get_rsc_table)(struct device *dev, struct qcom_pas_context *ctx, > + void *input_rt, size_t input_rt_size, > + size_t *output_rt_size); > + int (*prepare_and_auth_reset)(struct device *dev, > + struct qcom_pas_context *ctx); > + int (*auth_and_reset)(struct device *dev, u32 pas_id); > + int (*set_remote_state)(struct device *dev, u32 state, u32 pas_id); > + int (*shutdown)(struct device *dev, u32 pas_id); > + void (*metadata_release)(struct device *dev, > + struct qcom_pas_context *ctx); > +}; > + > +void qcom_pas_ops_register(struct qcom_pas_ops *ops); > +void qcom_pas_ops_unregister(void); > + > +#endif /* __QCOM_PAS_INT_H */ > diff --git a/include/linux/firmware/qcom/qcom_pas.h b/include/linux/firmware/qcom/qcom_pas.h > new file mode 100644 > index 000000000000..65b1c9564458 > --- /dev/null > +++ b/include/linux/firmware/qcom/qcom_pas.h > @@ -0,0 +1,43 @@ > +/* SPDX-License-Identifier: GPL-2.0-only */ > +/* > + * Copyright (c) 2010-2015, 2018-2019 The Linux Foundation. All rights reserved. > + * Copyright (C) 2015 Linaro Ltd. > + * Copyright (c) Qualcomm Technologies, Inc. and/or its subsidiaries. > + */ > + > +#ifndef __QCOM_PAS_H > +#define __QCOM_PAS_H > + > +#include > +#include > + > +struct qcom_pas_context { > + struct device *dev; > + u32 pas_id; > + phys_addr_t mem_phys; > + size_t mem_size; > + void *ptr; > + dma_addr_t phys; > + ssize_t size; > + bool use_tzmem; > +}; > + > +bool qcom_pas_is_available(void); > +struct qcom_pas_context *devm_qcom_pas_context_alloc(struct device *dev, > + u32 pas_id, > + phys_addr_t mem_phys, > + size_t mem_size); > +int qcom_pas_init_image(u32 pas_id, const void *metadata, size_t size, > + struct qcom_pas_context *ctx); > +struct resource_table *qcom_pas_get_rsc_table(struct qcom_pas_context *ctx, > + void *input_rt, size_t input_rt_size, > + size_t *output_rt_size); > +int qcom_pas_mem_setup(u32 pas_id, phys_addr_t addr, phys_addr_t size); > +int qcom_pas_auth_and_reset(u32 pas_id); > +int qcom_pas_prepare_and_auth_reset(struct qcom_pas_context *ctx); > +int qcom_pas_set_remote_state(u32 state, u32 pas_id); > +int qcom_pas_shutdown(u32 pas_id); > +bool qcom_pas_supported(u32 pas_id); > +void qcom_pas_metadata_release(struct qcom_pas_context *ctx); > + > +#endif /* __QCOM_PAS_H */ > -- > 2.51.0 > -- -Mukesh Ojha