From: Alexey Romanov Date: Thu, 21 Sep 2023 08:13:34 +0000 (+0300) Subject: drivers: introduce Secure Monitor uclass X-Git-Tag: v2025.01-rc5-pxa1908~823^2~7 X-Git-Url: http://git.dujemihanovic.xyz/img/static/%7B%7B%20%28.OutputFormats.Get?a=commitdiff_plain;h=c52cd07407af6467d68f1ed9dd180fb72bbf0313;p=u-boot.git drivers: introduce Secure Monitor uclass At the moment, we don't have a common API for working with SM, only the smc_call() function. This approach is not generic and difficult to configure and maintain. This patch adds UCLASS_SM with the generic API: - sm_call() - sm_call_write() - sm_call_read() These functions operate with struct pt_regs, which describes Secure Monitor arguments. Signed-off-by: Alexey Romanov Reviewed-by: Simon Glass Link: https://lore.kernel.org/r/20230921081346.22157-2-avromanov@salutedevices.com Signed-off-by: Neil Armstrong --- diff --git a/drivers/Kconfig b/drivers/Kconfig index a25f6ae02f..a073230c26 100644 --- a/drivers/Kconfig +++ b/drivers/Kconfig @@ -118,6 +118,8 @@ source "drivers/scsi/Kconfig" source "drivers/serial/Kconfig" +source "drivers/sm/Kconfig" + source "drivers/smem/Kconfig" source "drivers/sound/Kconfig" diff --git a/drivers/Makefile b/drivers/Makefile index efc2a4afb2..74f940a57d 100644 --- a/drivers/Makefile +++ b/drivers/Makefile @@ -35,6 +35,7 @@ obj-$(CONFIG_$(SPL_TPL_)VIRTIO) += virtio/ obj-$(CONFIG_$(SPL_)DM_MAILBOX) += mailbox/ obj-$(CONFIG_$(SPL_)REMOTEPROC) += remoteproc/ obj-$(CONFIG_$(SPL_)SYSINFO) += sysinfo/ +obj-$(CONFIG_$(SPL_TPL_)SM) += sm/ obj-$(CONFIG_$(SPL_TPL_)TPM) += tpm/ obj-$(CONFIG_$(SPL_)NVME) += nvme/ obj-$(CONFIG_XEN) += xen/ diff --git a/drivers/sm/Kconfig b/drivers/sm/Kconfig new file mode 100644 index 0000000000..6cc6d55578 --- /dev/null +++ b/drivers/sm/Kconfig @@ -0,0 +1,2 @@ +config SM + bool "Enable Secure Monitor driver support" diff --git a/drivers/sm/Makefile b/drivers/sm/Makefile new file mode 100644 index 0000000000..9f4683ba06 --- /dev/null +++ b/drivers/sm/Makefile @@ -0,0 +1,3 @@ +# SPDX-License-Identifier: GPL-2.0-only + +obj-y += sm-uclass.o diff --git a/drivers/sm/sm-uclass.c b/drivers/sm/sm-uclass.c new file mode 100644 index 0000000000..6a8b702629 --- /dev/null +++ b/drivers/sm/sm-uclass.c @@ -0,0 +1,55 @@ +// SPDX-License-Identifier: GPL-2.0+ +/* + * Copyright (c) 2023 SberDevices, Inc. + * + * Author: Alexey Romanov + */ + +#include +#include +#include +#include + +static const struct sm_ops *get_sm_ops(struct udevice *dev) +{ + return (const struct sm_ops *)dev->driver->ops; +} + +int sm_call(struct udevice *dev, u32 cmd, s32 *ret, struct pt_regs *args) +{ + const struct sm_ops *ops = get_sm_ops(dev); + + if (ops->sm_call) + return ops->sm_call(dev, cmd, ret, args); + + return -ENOSYS; +} + +int sm_call_read(struct udevice *dev, void *buffer, size_t size, + u32 cmd, struct pt_regs *args) +{ + const struct sm_ops *ops = get_sm_ops(dev); + + if (ops->sm_call_read) + return ops->sm_call_read(dev, buffer, size, cmd, + args); + + return -ENOSYS; +} + +int sm_call_write(struct udevice *dev, void *buffer, size_t size, + u32 cmd, struct pt_regs *args) +{ + const struct sm_ops *ops = get_sm_ops(dev); + + if (ops->sm_call_write) + return ops->sm_call_write(dev, buffer, size, cmd, + args); + + return -ENOSYS; +} + +UCLASS_DRIVER(sm) = { + .name = "sm", + .id = UCLASS_SM, +}; diff --git a/include/dm/uclass-id.h b/include/dm/uclass-id.h index 0432c95c9e..d2c5288c8b 100644 --- a/include/dm/uclass-id.h +++ b/include/dm/uclass-id.h @@ -89,6 +89,7 @@ enum uclass_id { UCLASS_MDIO, /* MDIO bus */ UCLASS_MDIO_MUX, /* MDIO MUX/switch */ UCLASS_MEMORY, /* Memory Controller device */ + UCLASS_SM, /* Secure Monitor driver */ UCLASS_MISC, /* Miscellaneous device */ UCLASS_MMC, /* SD / MMC card or chip */ UCLASS_MOD_EXP, /* RSA Mod Exp device */ diff --git a/include/sm-uclass.h b/include/sm-uclass.h new file mode 100644 index 0000000000..c114484044 --- /dev/null +++ b/include/sm-uclass.h @@ -0,0 +1,72 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ +/* + * Copyright (c) 2023 SberDevices, Inc. + * + * Author: Alexey Romanov + */ + +#ifndef __SM_UCLASS_H__ +#define __SM_UCLASS_H__ + +#include +#include + +struct udevice; + +/** + * struct sm_ops - The functions that a SM driver must implement. + * + * @sm_call: Request a secure monitor call with specified command. + * + * @sm_call_read: Request a secure monitor call and retrieve data + * from secure-monitor (depends on specified command). + * + * @sm_call_write: Request a secure monitor call and send data + * to secure-monitor (depends on specified command). + * + * The individual methods are described more fully below. + */ +struct sm_ops { + /** + * sm_call - generic SMC call to the secure-monitor + * + * @dev: Pointer to UCLASS_SM device + * @cmd_index: Index of the SMC function ID + * @smc_ret: Returned value from secure world + * @args: SMC arguments + * + * @return: 0 on success, a negative value on error + */ + int (*sm_call)(struct udevice *dev, u32 cmd, s32 *smc_ret, + struct pt_regs *args); + + /** + * sm_call_write - send data to secure-monitor + * + * @dev: Pointer to UCLASS_SM device + * @buffer: Buffer containing data to send + * @size: Size of the buffer + * @cmd: Index of the SMC function ID + * @args: SMC arguments + * + * @return: size of sent data on success, a negative value on error + */ + int (*sm_call_write)(struct udevice *dev, void *buffer, + size_t size, u32 cmd, struct pt_regs *args); + + /** + * sm_call_read - retrieve data from secure-monitor + * + * @dev: Pointer to UCLASS_SM device + * @buffer: Buffer to store the retrieved data + * @size: Size of the buffer + * @cmd: Index of the SMC function ID + * @args: SMC arguments + * + * @return: size of read data on success, a negative value on error + */ + int (*sm_call_read)(struct udevice *dev, void *buffer, + size_t size, u32 cmd, struct pt_regs *args); +}; + +#endif /* __SM_UCLASS_H__ */ diff --git a/include/sm.h b/include/sm.h new file mode 100644 index 0000000000..afa9c89055 --- /dev/null +++ b/include/sm.h @@ -0,0 +1,67 @@ +/* SPDX-License-Identifier: GPL-2.0+ */ +/* + * Copyright (c) 2023 SberDevices, Inc. + * + * Author: Alexey Romanov + */ + +#ifndef __SM_H__ +#define __SM_H__ + +/* + * NOTE: UCLASS_SM is designed with the idea that + * each driver should convert @cmd to some raw + * value, which is known only for driver, and set this + * value to the first element of the @args->regs array. + * Therefore, it is necessary to pass the remaining + * arguments starting at index = 1. Anyway, driver + * implementation may vary, so, please, check the specific + * implementation of the driver you are using. + */ + +#include +#include + +struct udevice; + +/** + * sm_call - generic SMC call to the secure-monitor + * + * @dev: Pointer to UCLASS_SM device + * @cmd_index: Index of the SMC function ID + * @smc_ret: Returned value from secure world + * @args: SMC arguments + * + * @return: 0 on success, a negative value on error + */ +int sm_call(struct udevice *dev, u32 cmd, s32 *ret, struct pt_regs *args); + +/** + * sm_call_read - retrieve data from secure-monitor + * + * @dev: Pointer to UCLASS_MESON_SM device + * @buffer: Buffer to store the retrieved data + * @size: Size of the buffer + * @cmd: Index of the SMC function ID + * @args: SMC arguments + * + * @return: size of read data on success, a negative value on error + */ +int sm_call_read(struct udevice *dev, void *buffer, size_t size, + u32 cmd, struct pt_regs *args); + +/** + * sm_call_write - send data to secure-monitor + * + * @dev: Pointer to UCLASS_SM device + * @buffer: Buffer containing data to send + * @size: Size of the buffer + * @cmd: Index of the SMC function ID + * @args: SMC arguments + * + * @return: size of sent data on success, a negative value on error + */ +int sm_call_write(struct udevice *dev, void *buffer, size_t size, + u32 cmd, struct pt_regs *args); + +#endif /* __SM_H__ */