]> git.dujemihanovic.xyz Git - u-boot.git/commitdiff
drivers: tee: optee: discover OP-TEE services
authorEtienne Carriere <etienne.carriere@linaro.org>
Tue, 26 Jul 2022 14:21:42 +0000 (16:21 +0200)
committerTom Rini <trini@konsulko.com>
Wed, 14 Sep 2022 19:23:03 +0000 (15:23 -0400)
This change defines resources for OP-TEE service drivers to register
themselves for being bound to when OP-TEE firmware reports the related
service is supported. OP-TEE services are discovered during optee
driver probe sequence which mandates optee driver is always probe once
bound.

Discovery of optee services and binding to related U-Boot drivers is
embedded upon configuration switch CONFIG_OPTEE_SERVICE_DISCOVERY.

Cc: Jens Wiklander <jens.wiklander@linaro.org>
Cc: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
drivers/tee/optee/Kconfig
drivers/tee/optee/core.c
include/tee/optee_service.h [new file with mode: 0644]

index d03028070b92fa1c80bfff2a91fbcf36f5078bc8..9dc65b0501e28fa44ed7775dc943da280a1d4c6d 100644 (file)
@@ -37,6 +37,14 @@ config OPTEE_TA_SCP03
        help
          Enables support for controlling (enabling, provisioning) the
          Secure Channel Protocol 03 operation in the OP-TEE SCP03 TA.
+
+config OPTEE_SERVICE_DISCOVERY
+       bool "OP-TEE service discovery"
+       default y
+       help
+         This implements automated driver binding of OP-TEE service drivers by
+         requesting OP-TEE firmware to enumerate its hosted services.
+
 endmenu
 
 endif
index c1f5fc4c7a1236e6cdb8d1f4dce27a427f5f4cf4..9240277579be31fcbc0281cca1fac0cf504ca83d 100644 (file)
@@ -14,6 +14,7 @@
 #include <linux/arm-smccc.h>
 #include <linux/err.h>
 #include <linux/io.h>
+#include <tee/optee_service.h>
 
 #include "optee_smc.h"
 #include "optee_msg.h"
 #define PAGELIST_ENTRIES_PER_PAGE \
        ((OPTEE_MSG_NONCONTIG_PAGE_SIZE / sizeof(u64)) - 1)
 
+/*
+ * PTA_DEVICE_ENUM interface exposed by OP-TEE to discover enumerated services
+ */
+#define PTA_DEVICE_ENUM                { 0x7011a688, 0xddde, 0x4053, \
+                                 { 0xa5, 0xa9, 0x7b, 0x3c, 0x4d, 0xdf, 0x13, 0xb8 } }
+/*
+ * PTA_CMD_GET_DEVICES - List services without supplicant dependencies
+ *
+ * [out]    memref[0]: List of the UUIDs of service enumerated by OP-TEE
+ */
+#define PTA_CMD_GET_DEVICES            0x0
+
+/*
+ * PTA_CMD_GET_DEVICES_SUPP - List services depending on tee supplicant
+ *
+ * [out]    memref[0]: List of the UUIDs of service enumerated by OP-TEE
+ */
+#define PTA_CMD_GET_DEVICES_SUPP       0x1
+
 typedef void (optee_invoke_fn)(unsigned long, unsigned long, unsigned long,
                               unsigned long, unsigned long, unsigned long,
                               unsigned long, unsigned long,
@@ -42,6 +62,134 @@ struct rpc_param {
        u32     a7;
 };
 
+static struct optee_service *find_service_driver(const struct tee_optee_ta_uuid *uuid)
+{
+       struct optee_service *service;
+       u8 loc_uuid[TEE_UUID_LEN];
+       size_t service_cnt, idx;
+
+       service_cnt = ll_entry_count(struct optee_service, optee_service);
+       service = ll_entry_start(struct optee_service, optee_service);
+
+       for (idx = 0; idx < service_cnt; idx++, service++) {
+               tee_optee_ta_uuid_to_octets(loc_uuid, &service->uuid);
+               if (!memcmp(uuid, loc_uuid, sizeof(uuid)))
+                       return service;
+       }
+
+       return NULL;
+}
+
+static int bind_service_list(struct udevice *dev, struct tee_shm *service_list, size_t count)
+{
+       const struct tee_optee_ta_uuid *service_uuid = (const void *)service_list->addr;
+       struct optee_service *service;
+       size_t idx;
+       int ret;
+
+       for (idx = 0; idx < count; idx++) {
+               service = find_service_driver(service_uuid + idx);
+               if (!service)
+                       continue;
+
+               ret = device_bind_driver(dev, service->driver_name, service->driver_name, NULL);
+               if (ret) {
+                       dev_warn(dev, "%s was not bound: %d, ignored\n", service->driver_name, ret);
+                       continue;
+               }
+       }
+
+       return 0;
+}
+
+static int __enum_services(struct udevice *dev, struct tee_shm *shm, size_t *shm_size, u32 tee_sess)
+{
+       struct tee_invoke_arg arg = { };
+       struct tee_param param = { };
+       int ret = 0;
+
+       arg.func = PTA_CMD_GET_DEVICES;
+       arg.session = tee_sess;
+
+       /* Fill invoke cmd params */
+       param.attr = TEE_PARAM_ATTR_TYPE_MEMREF_OUTPUT;
+       param.u.memref.shm = shm;
+       param.u.memref.size = *shm_size;
+
+       ret = tee_invoke_func(dev, &arg, 1, &param);
+       if (ret || (arg.ret && arg.ret != TEE_ERROR_SHORT_BUFFER)) {
+               dev_err(dev, "PTA_CMD_GET_DEVICES invoke function err: 0x%x\n", arg.ret);
+               return -EINVAL;
+       }
+
+       *shm_size = param.u.memref.size;
+
+       return 0;
+}
+
+static int enum_services(struct udevice *dev, struct tee_shm **shm, size_t *count, u32 tee_sess)
+{
+       size_t shm_size = 0;
+       int ret;
+
+       ret = __enum_services(dev, NULL, &shm_size, tee_sess);
+       if (ret)
+               return ret;
+
+       ret = tee_shm_alloc(dev, shm_size, 0, shm);
+       if (ret) {
+               dev_err(dev, "Failed to allocated shared memory: %d\n", ret);
+               return ret;
+       }
+
+       ret = __enum_services(dev, *shm, &shm_size, tee_sess);
+       if (!ret)
+               *count = shm_size / sizeof(struct tee_optee_ta_uuid);
+
+       return ret;
+}
+
+static int open_enum_session(struct udevice *dev, u32 *tee_sess)
+{
+       const struct tee_optee_ta_uuid pta_uuid = PTA_DEVICE_ENUM;
+       struct tee_open_session_arg arg = { };
+       int ret;
+
+       tee_optee_ta_uuid_to_octets(arg.uuid, &pta_uuid);
+
+       ret = tee_open_session(dev, &arg, 0, NULL);
+       if (ret || arg.ret) {
+               if (!ret)
+                       ret = -EIO;
+               return ret;
+       }
+
+       *tee_sess = arg.session;
+
+       return 0;
+}
+
+static int bind_service_drivers(struct udevice *dev)
+{
+       struct tee_shm *service_list = NULL;
+       size_t service_count;
+       u32 tee_sess;
+       int ret;
+
+       ret = open_enum_session(dev, &tee_sess);
+       if (ret)
+               return ret;
+
+       ret = enum_services(dev, &service_list, &service_count, tee_sess);
+       if (!ret)
+               ret = bind_service_list(dev, service_list, service_count);
+
+       tee_shm_free(service_list);
+       tee_close_session(dev, tee_sess);
+
+       return ret;
+}
+
 /**
  * reg_pair_to_ptr() - Make a pointer of 2 32-bit values
  * @reg0:      High bits of the pointer
@@ -638,6 +786,14 @@ static int optee_of_to_plat(struct udevice *dev)
        return 0;
 }
 
+static int optee_bind(struct udevice *dev)
+{
+       if (IS_ENABLED(CONFIG_OPTEE_SERVICE_DISCOVERY))
+               dev_or_flags(dev, DM_FLAG_PROBE_AFTER_BIND);
+
+       return 0;
+}
+
 static int optee_probe(struct udevice *dev)
 {
        struct optee_pdata *pdata = dev_get_plat(dev);
@@ -667,11 +823,15 @@ static int optee_probe(struct udevice *dev)
                return -ENOENT;
        }
 
-       /*
-        * in U-Boot, the discovery of TA on the TEE bus is not supported:
-        * only bind the drivers associated to the supported OP-TEE TA
-        */
-       if (IS_ENABLED(CONFIG_RNG_OPTEE)) {
+       if (IS_ENABLED(CONFIG_OPTEE_SERVICE_DISCOVERY)) {
+               ret = bind_service_drivers(dev);
+               if (ret)
+                       return ret;
+       } else if (IS_ENABLED(CONFIG_RNG_OPTEE)) {
+               /*
+                * Discovery of TAs on the TEE bus is not supported in U-Boot:
+                * only bind the drivers associated to the supported OP-TEE TA
+                */
                ret = device_bind_driver(dev, "optee-rng", "optee-rng", NULL);
                if (ret)
                        return ret;
@@ -691,6 +851,7 @@ U_BOOT_DRIVER(optee) = {
        .of_match = optee_match,
        .of_to_plat = optee_of_to_plat,
        .probe = optee_probe,
+       .bind = optee_bind,
        .ops = &optee_ops,
        .plat_auto      = sizeof(struct optee_pdata),
        .priv_auto      = sizeof(struct optee_private),
diff --git a/include/tee/optee_service.h b/include/tee/optee_service.h
new file mode 100644 (file)
index 0000000..fca468a
--- /dev/null
@@ -0,0 +1,34 @@
+/* SPDX-License-Identifier: BSD-2-Clause */
+/*
+ * (C) Copyright 2022 Linaro Limited
+ */
+
+#ifndef _OPTEE_SERVICE_H
+#define _OPTEE_SERVICE_H
+
+/*
+ * struct optee_service - Discoverable OP-TEE service
+ *
+ * @driver_name - Name of the related driver
+ * @uuid - UUID of the OP-TEE service related to the driver
+ *
+ * Use macro OPTEE_SERVICE_DRIVER() to register a driver related to an
+ * OP-TEE service discovered when driver asks OP-TEE services enumaration.
+ */
+struct optee_service {
+       const char *driver_name;
+       const struct tee_optee_ta_uuid uuid;
+};
+
+#ifdef CONFIG_OPTEE_SERVICE_DISCOVERY
+#define OPTEE_SERVICE_DRIVER(__name, __uuid, __drv_name) \
+       ll_entry_declare(struct optee_service, __name, optee_service) = { \
+               .uuid = __uuid, \
+               .driver_name = __drv_name, \
+       }
+#else
+#define OPTEE_SERVICE_DRIVER(__name, __uuid, __drv_name) \
+       static int __name##__COUNTER__ __always_unused
+#endif
+
+#endif /* _OPTEE_SERVICE_H */