From patchwork Sat Nov 11 11:15:53 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?b?WW9uZyBXdSAo5ZC05YuHKQ==?= X-Patchwork-Id: 743193 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5A9A012B9E; Sat, 11 Nov 2023 11:16:49 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=mediatek.com header.i=@mediatek.com header.b="Aca1ymKX" Received: from mailgw01.mediatek.com (unknown [60.244.123.138]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 307B544BF; Sat, 11 Nov 2023 03:16:47 -0800 (PST) X-UUID: ca80bfce808311eea33bb35ae8d461a2-20231111 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=mediatek.com; s=dk; h=Content-Type:Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:CC:To:From; bh=VE6GZfuzzSGdF7z/E1jtU6vKI/4GFs1fIexqiuUOd+g=; b=Aca1ymKXmrmk3qUnJmqsdfHn0820KQjYWuioZavR8cvxjc7poUvrCV0KR7kLA3aE/PwIJhI1nFxj4cFQmvrVJG27Yr2JLUzaKfzI2fd6xeGgVCjsaxZEPtFVX6tDeBT+48Gm1RTyN1lAYDiINS8xBMWC1GviTSy7qcPJUmMKCHY=; X-CID-P-RULE: Release_Ham X-CID-O-INFO: VERSION:1.1.33, REQID:ecaffbfc-27e8-4d33-b765-a7264e9a70cd, IP:0, U RL:0,TC:0,Content:0,EDM:0,RT:0,SF:0,FILE:0,BULK:0,RULE:Release_Ham,ACTION: release,TS:0 X-CID-META: VersionHash:364b77b, CLOUDID:39174695-10ce-4e4b-85c2-c9b5229ff92b, B ulkID:nil,BulkQuantity:0,Recheck:0,SF:102,TC:nil,Content:0,EDM:-3,IP:nil,U RL:0,File:nil,Bulk:nil,QS:nil,BEC:nil,COL:0,OSI:0,OSA:0,AV:0,LES:1,SPR:NO, DKR:0,DKP:0,BRR:0,BRE:0 X-CID-BVR: 0,NGT X-CID-BAS: 0,NGT,0,_ X-CID-FACTOR: TF_CID_SPAM_SNR X-UUID: ca80bfce808311eea33bb35ae8d461a2-20231111 Received: from mtkmbs10n2.mediatek.inc [(172.21.101.183)] by mailgw01.mediatek.com (envelope-from ) (Generic MTA with TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 256/256) with ESMTP id 2039734294; Sat, 11 Nov 2023 19:16:42 +0800 Received: from mtkmbs11n1.mediatek.inc (172.21.101.185) by MTKMBS14N2.mediatek.inc (172.21.101.76) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.26; Sat, 11 Nov 2023 19:16:40 +0800 Received: from mhfsdcap04.gcn.mediatek.inc (10.17.3.154) by mtkmbs11n1.mediatek.inc (172.21.101.73) with Microsoft SMTP Server id 15.2.1118.26 via Frontend Transport; Sat, 11 Nov 2023 19:16:39 +0800 From: Yong Wu To: Rob Herring , Sumit Semwal , , Matthias Brugger CC: Krzysztof Kozlowski , Conor Dooley , Benjamin Gaignard , Brian Starkey , John Stultz , , AngeloGioacchino Del Regno , Yong Wu , , , , , , , , , , Vijayanand Jitta , Joakim Bech , Jeffrey Kardatzke , Nicolas Dufresne , Subject: [PATCH v2 2/8] dma-buf: heaps: secure_heap: Add private heap ops Date: Sat, 11 Nov 2023 19:15:53 +0800 Message-ID: <20231111111559.8218-3-yong.wu@mediatek.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231111111559.8218-1-yong.wu@mediatek.com> References: <20231111111559.8218-1-yong.wu@mediatek.com> Precedence: bulk X-Mailing-List: devicetree@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-14.0.0.3152-9.1.1006-23728.005 X-TM-AS-Result: No-10--2.256700-8.000000 X-TMASE-MatchedRID: PQ2N/OmJeX7YfPOPCpnfAhlckvO1m+Jc2D/7bUIJlF05mHVw4i4YQBMG tPkUyFbdIV4u8YKdeKsWHIQM6TbbE40GdWKgGbBh4T0EFRcNxxTEoDEGChh7CQqiCYa6w8tveKL mRI5Hi0abuQcHZubU2nATsg8MODVIHxPMjOKY7A8LbigRnpKlKSBuGJWwgxArX1upngn1Gyell7 LwyCJ0+7K63CMI769Dwsv6gGdF/4S1typ2+c7FWpwJZ1Nrcojum9GQN90avfrr6k+nXg4S3WS1e oi1doD5Xy/9ftq4Z/Jpp55fZDlsr34cY/B7JqXaYZ1R7NXn0MdBmmCXcKyFFJ6oP1a0mRIj X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--2.256700-8.000000 X-TMASE-Version: SMEX-14.0.0.3152-9.1.1006-23728.005 X-TM-SNTS-SMTP: 94200BC56EA00A3F690E907892C59CF2C7B8A2B0F75DB0AA7E49E585E508D63C2000:8 X-MTK: N For the secure memory, there are two steps: a) Allocate buffers in kernel side; b) Secure that buffer. Different heaps may have different buffer allocation methods and different memory protection methods. Here abstract the memory allocation and securing operations. Signed-off-by: Yong Wu --- drivers/dma-buf/heaps/secure_heap.c | 58 ++++++++++++++++++++++++++++- 1 file changed, 57 insertions(+), 1 deletion(-) diff --git a/drivers/dma-buf/heaps/secure_heap.c b/drivers/dma-buf/heaps/secure_heap.c index a634051a0a67..87ac23072e9e 100644 --- a/drivers/dma-buf/heaps/secure_heap.c +++ b/drivers/dma-buf/heaps/secure_heap.c @@ -24,15 +24,66 @@ struct secure_buffer { size_t size; }; +struct secure_heap; + +struct secure_heap_prv_data { + int (*memory_alloc)(struct secure_heap *sec_heap, struct secure_buffer *sec_buf); + void (*memory_free)(struct secure_heap *sec_heap, struct secure_buffer *sec_buf); + + /* Protect/unprotect the memory */ + int (*secure_the_memory)(struct secure_heap *sec_heap, struct secure_buffer *sec_buf); + void (*unsecure_the_memory)(struct secure_heap *sec_heap, struct secure_buffer *sec_buf); +}; + struct secure_heap { const char *name; const enum secure_memory_type mem_type; + + const struct secure_heap_prv_data *data; }; +static int secure_heap_secure_memory_allocate(struct secure_heap *sec_heap, + struct secure_buffer *sec_buf) +{ + const struct secure_heap_prv_data *data = sec_heap->data; + int ret; + + if (data->memory_alloc) { + ret = data->memory_alloc(sec_heap, sec_buf); + if (ret) + return ret; + } + + if (data->secure_the_memory) { + ret = data->secure_the_memory(sec_heap, sec_buf); + if (ret) + goto sec_memory_free; + } + return 0; + +sec_memory_free: + if (data->memory_free) + data->memory_free(sec_heap, sec_buf); + return ret; +} + +static void secure_heap_secure_memory_free(struct secure_heap *sec_heap, + struct secure_buffer *sec_buf) +{ + const struct secure_heap_prv_data *data = sec_heap->data; + + if (data->unsecure_the_memory) + data->unsecure_the_memory(sec_heap, sec_buf); + + if (data->memory_free) + data->memory_free(sec_heap, sec_buf); +} + static struct dma_buf * secure_heap_allocate(struct dma_heap *heap, unsigned long size, unsigned long fd_flags, unsigned long heap_flags) { + struct secure_heap *sec_heap = dma_heap_get_drvdata(heap); struct secure_buffer *sec_buf; DEFINE_DMA_BUF_EXPORT_INFO(exp_info); struct dma_buf *dmabuf; @@ -45,6 +96,9 @@ secure_heap_allocate(struct dma_heap *heap, unsigned long size, sec_buf->size = ALIGN(size, PAGE_SIZE); sec_buf->heap = heap; + ret = secure_heap_secure_memory_allocate(sec_heap, sec_buf); + if (ret) + goto err_free_buf; exp_info.exp_name = dma_heap_get_name(heap); exp_info.size = sec_buf->size; exp_info.flags = fd_flags; @@ -53,11 +107,13 @@ secure_heap_allocate(struct dma_heap *heap, unsigned long size, dmabuf = dma_buf_export(&exp_info); if (IS_ERR(dmabuf)) { ret = PTR_ERR(dmabuf); - goto err_free_buf; + goto err_free_sec_mem; } return dmabuf; +err_free_sec_mem: + secure_heap_secure_memory_free(sec_heap, sec_buf); err_free_buf: kfree(sec_buf); return ERR_PTR(ret); From patchwork Sat Nov 11 11:15:55 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?b?WW9uZyBXdSAo5ZC05YuHKQ==?= X-Patchwork-Id: 743192 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 909F712B9E; Sat, 11 Nov 2023 11:17:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=mediatek.com header.i=@mediatek.com header.b="LXW7OYXS" Received: from mailgw02.mediatek.com (unknown [210.61.82.184]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AF49A46B1; Sat, 11 Nov 2023 03:17:15 -0800 (PST) X-UUID: dba1a6a6808311ee8051498923ad61e6-20231111 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=mediatek.com; s=dk; h=Content-Type:Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:CC:To:From; bh=5VceEHrWW4xF0qWAxq1lZVUm8zHVqfc1sG68VwumEXs=; b=LXW7OYXShHLR3/j3iX2WWRINwoN3rkQx/OXCkNP34l/r61vzXI+eCqSxOBqgwdSrdNMGABZXT9wBg+v5SQrX1gEgBFbmlqGP8rUEWw9ip4xPFebtwouAA4A3OvJjuXLCslxLT4FDOdiJ6jz80YgFf3f36nkFNRqgsPksefQ0P8E=; X-CID-P-RULE: Release_Ham X-CID-O-INFO: VERSION:1.1.33, REQID:a8444074-65ac-47e0-abae-b64387e65fe6, IP:0, U RL:0,TC:0,Content:0,EDM:0,RT:0,SF:0,FILE:0,BULK:0,RULE:Release_Ham,ACTION: release,TS:0 X-CID-META: VersionHash:364b77b, CLOUDID:e36669fc-4a48-46e2-b946-12f04f20af8c, B ulkID:nil,BulkQuantity:0,Recheck:0,SF:102,TC:nil,Content:0,EDM:-3,IP:nil,U RL:0,File:nil,Bulk:nil,QS:nil,BEC:nil,COL:0,OSI:0,OSA:0,AV:0,LES:1,SPR:NO, DKR:0,DKP:0,BRR:0,BRE:0 X-CID-BVR: 0 X-CID-BAS: 0,_,0,_ X-CID-FACTOR: TF_CID_SPAM_SNR X-UUID: dba1a6a6808311ee8051498923ad61e6-20231111 Received: from mtkmbs10n2.mediatek.inc [(172.21.101.183)] by mailgw02.mediatek.com (envelope-from ) (Generic MTA with TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 256/256) with ESMTP id 1409411873; Sat, 11 Nov 2023 19:17:10 +0800 Received: from mtkmbs11n1.mediatek.inc (172.21.101.185) by MTKMBS14N1.mediatek.inc (172.21.101.75) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.26; Sat, 11 Nov 2023 19:17:09 +0800 Received: from mhfsdcap04.gcn.mediatek.inc (10.17.3.154) by mtkmbs11n1.mediatek.inc (172.21.101.73) with Microsoft SMTP Server id 15.2.1118.26 via Frontend Transport; Sat, 11 Nov 2023 19:17:08 +0800 From: Yong Wu To: Rob Herring , Sumit Semwal , , Matthias Brugger CC: Krzysztof Kozlowski , Conor Dooley , Benjamin Gaignard , Brian Starkey , John Stultz , , AngeloGioacchino Del Regno , Yong Wu , , , , , , , , , , Vijayanand Jitta , Joakim Bech , Jeffrey Kardatzke , Nicolas Dufresne , Subject: [PATCH v2 4/8] dma-buf: heaps: secure_heap: Add tee memory service call Date: Sat, 11 Nov 2023 19:15:55 +0800 Message-ID: <20231111111559.8218-5-yong.wu@mediatek.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231111111559.8218-1-yong.wu@mediatek.com> References: <20231111111559.8218-1-yong.wu@mediatek.com> Precedence: bulk X-Mailing-List: devicetree@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-14.0.0.3152-9.1.1006-23728.005 X-TM-AS-Result: No-10--5.577000-8.000000 X-TMASE-MatchedRID: KsUleRp513GtGUuyWCB/Khes/RxhysDbKVrLOZD1BXT3bBqxmjinTZof RcYVW70wHe8TeWB2elHPSWjlIpmzz+sY/baZcXtauIwLnB3Aqp1MkOX0UoduuXFH8OB0gvDrXRA pulKqWOoxSr1crztQZqd+CRua4GWATO484ojiGzezI1v7J4hECrbs3LV+r2cPmyiLZetSf8mfop 0ytGwvXiq2rl3dzGQ1DBbGvtcMofzzJQ3QZM2AXdTUUwxNqpWapu5UIlqFDjxTG/UYQVOcoRH9P sM259V/QwymtxuJ6y0= X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--5.577000-8.000000 X-TMASE-Version: SMEX-14.0.0.3152-9.1.1006-23728.005 X-TM-SNTS-SMTP: 8F6BE4C4383201E0A49BA3C18587545943F4DDC800A1C38C7286CE5F1C651A4F2000:8 X-MTK: N Add TEE service call. In the case of MediaTek, secure memory management is located within the TEE. The kernel just needs to tell TEE what size it needs and the TEE will return a "security handle" to kernel. To be consistent with the cma heap later, we put the tee ops into the ops of secure_the_memory. It seems that secure_heap_tee_service_call could be a more general interface, but it could be a new topic. Signed-off-by: Yong Wu --- drivers/dma-buf/heaps/secure_heap.c | 97 +++++++++++++++++++++++++++++ 1 file changed, 97 insertions(+) diff --git a/drivers/dma-buf/heaps/secure_heap.c b/drivers/dma-buf/heaps/secure_heap.c index 2a037fc54004..05062c14e7c7 100644 --- a/drivers/dma-buf/heaps/secure_heap.c +++ b/drivers/dma-buf/heaps/secure_heap.c @@ -17,6 +17,27 @@ #define TEE_PARAM_NUM 4 +enum secure_buffer_tee_cmd { /* PARAM NUM always is 4. */ + /* + * TZCMD_SECMEM_ZALLOC: Allocate the zeroed secure memory from TEE. + * + * [in] value[0].a: The buffer size. + * value[0].b: alignment. + * [in] value[1].a: enum secure_memory_type. + * [out] value[3].a: The secure handle. + */ + TZCMD_SECMEM_ZALLOC = 0, + + /* + * TZCMD_SECMEM_FREE: Free secure memory. + * + * [in] value[0].a: The secure handle of this buffer, It's value[3].a of + * TZCMD_SECMEM_ZALLOC. + * [out] value[1].a: return value, 0 means successful, otherwise fail. + */ + TZCMD_SECMEM_FREE = 1, +}; + enum secure_memory_type { /* * MediaTek static chunk memory carved out for TrustZone. The memory @@ -28,13 +49,25 @@ enum secure_memory_type { struct secure_buffer { struct dma_heap *heap; size_t size; + /* + * The secure handle is a reference to a buffer within the TEE, this is + * a value got from TEE. + */ + u32 sec_handle; }; +#define TEE_MEM_COMMAND_ID_BASE_MTK 0x10000 + struct secure_heap; struct secure_heap_prv_data { const char *uuid; const int tee_impl_id; + /* + * Different TEEs may implement different commands, and this provides an opportunity + * for TEEs to use the same enum secure_buffer_tee_cmd. + */ + const int tee_command_id_base; int (*memory_alloc)(struct secure_heap *sec_heap, struct secure_buffer *sec_buf); void (*memory_free)(struct secure_heap *sec_heap, struct secure_buffer *sec_buf); @@ -98,10 +131,74 @@ static int secure_heap_tee_session_init(struct secure_heap *sec_heap) return ret; } +static int +secure_heap_tee_service_call(struct tee_context *tee_ctx, u32 session, + unsigned int command, struct tee_param *params) +{ + struct tee_ioctl_invoke_arg arg = {0}; + int ret; + + arg.num_params = TEE_PARAM_NUM; + arg.session = session; + arg.func = command; + + ret = tee_client_invoke_func(tee_ctx, &arg, params); + if (ret < 0 || arg.ret) { + pr_err("%s: cmd %d ret %d:%x.\n", __func__, command, ret, arg.ret); + ret = -EOPNOTSUPP; + } + return ret; +} + +static int secure_heap_tee_secure_memory(struct secure_heap *sec_heap, + struct secure_buffer *sec_buf) +{ + const struct secure_heap_prv_data *data = sec_heap->data; + struct tee_param params[TEE_PARAM_NUM] = {0}; + int ret; + + params[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; + params[0].u.value.a = sec_buf->size; + params[0].u.value.b = PAGE_SIZE; + params[1].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; + params[1].u.value.a = sec_heap->mem_type; + params[2].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; + + params[3].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_OUTPUT; + ret = secure_heap_tee_service_call(sec_heap->tee_ctx, sec_heap->tee_session, + data->tee_command_id_base + TZCMD_SECMEM_ZALLOC, + params); + if (ret) + return -ENOMEM; + + sec_buf->sec_handle = params[3].u.value.a; + return 0; +} + +static void secure_heap_tee_unsecure_memory(struct secure_heap *sec_heap, + struct secure_buffer *sec_buf) +{ + struct tee_param params[TEE_PARAM_NUM] = {0}; + + params[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; + params[0].u.value.a = sec_buf->sec_handle; + params[1].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_OUTPUT; + + secure_heap_tee_service_call(sec_heap->tee_ctx, sec_heap->tee_session, + sec_heap->data->tee_command_id_base + TZCMD_SECMEM_FREE, + params); + if (params[1].u.value.a) + pr_err("%s, free buffer(0x%x) return fail(%lld) from TEE.\n", + sec_heap->name, sec_buf->sec_handle, params[1].u.value.a); +} + /* The memory allocating is within the TEE. */ const struct secure_heap_prv_data mtk_sec_mem_data = { .uuid = TZ_TA_MEM_UUID_MTK, .tee_impl_id = TEE_IMPL_ID_OPTEE, + .tee_command_id_base = TEE_MEM_COMMAND_ID_BASE_MTK, + .secure_the_memory = secure_heap_tee_secure_memory, + .unsecure_the_memory = secure_heap_tee_unsecure_memory, }; static int secure_heap_secure_memory_allocate(struct secure_heap *sec_heap, From patchwork Sat Nov 11 11:15:57 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?b?WW9uZyBXdSAo5ZC05YuHKQ==?= X-Patchwork-Id: 743191 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8B01612B9B; Sat, 11 Nov 2023 11:17:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=mediatek.com header.i=@mediatek.com header.b="M3Pyx07E" Received: from mailgw01.mediatek.com (unknown [60.244.123.138]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1D385469A; Sat, 11 Nov 2023 03:17:45 -0800 (PST) X-UUID: ed1ba80a808311eea33bb35ae8d461a2-20231111 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=mediatek.com; s=dk; h=Content-Type:Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:CC:To:From; bh=h0jwM9zWwa5D3l5JQgrd0AZPHaBGPLCLDPqIefNNn9w=; b=M3Pyx07EbPyVhoaPt7nZ/FX16J/WlhF9ReDp2DytfLanRl1hkcg6DJdyygoeHF2cbwXDCfRX82H8qu2ioElOiHgeLvmHJGj2MW1aJeNBT/qKTxMah3Qdlug+Tmq7Xql32hK/AcLwgauDx1jtXqluSjT8HK/5nO3HQAQUqaFm+do=; X-CID-P-RULE: Release_Ham X-CID-O-INFO: VERSION:1.1.33, REQID:eeace6ff-da5e-403e-a8d4-6413bef47f5d, IP:0, U RL:25,TC:0,Content:0,EDM:0,RT:0,SF:0,FILE:0,BULK:0,RULE:Release_Ham,ACTION :release,TS:25 X-CID-META: VersionHash:364b77b, CLOUDID:7ff2f05f-c89d-4129-91cb-8ebfae4653fc, B ulkID:nil,BulkQuantity:0,Recheck:0,SF:102,TC:nil,Content:1,EDM:-3,IP:nil,U RL:11|1,File:nil,Bulk:nil,QS:nil,BEC:nil,COL:0,OSI:0,OSA:0,AV:0,LES:1,SPR: NO,DKR:0,DKP:0,BRR:0,BRE:0 X-CID-BVR: 0 X-CID-BAS: 0,_,0,_ X-CID-FACTOR: TF_CID_SPAM_SNR,TF_CID_SPAM_ULN X-UUID: ed1ba80a808311eea33bb35ae8d461a2-20231111 Received: from mtkmbs13n2.mediatek.inc [(172.21.101.108)] by mailgw01.mediatek.com (envelope-from ) (Generic MTA with TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 256/256) with ESMTP id 769761032; Sat, 11 Nov 2023 19:17:40 +0800 Received: from mtkmbs11n1.mediatek.inc (172.21.101.185) by MTKMBS14N1.mediatek.inc (172.21.101.75) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.26; Sat, 11 Nov 2023 19:17:37 +0800 Received: from mhfsdcap04.gcn.mediatek.inc (10.17.3.154) by mtkmbs11n1.mediatek.inc (172.21.101.73) with Microsoft SMTP Server id 15.2.1118.26 via Frontend Transport; Sat, 11 Nov 2023 19:17:36 +0800 From: Yong Wu To: Rob Herring , Sumit Semwal , , Matthias Brugger CC: Krzysztof Kozlowski , Conor Dooley , Benjamin Gaignard , Brian Starkey , John Stultz , , AngeloGioacchino Del Regno , Yong Wu , , , , , , , , , , Vijayanand Jitta , Joakim Bech , Jeffrey Kardatzke , Nicolas Dufresne , Subject: [PATCH v2 6/8] dt-bindings: reserved-memory: Add secure CMA reserved memory range Date: Sat, 11 Nov 2023 19:15:57 +0800 Message-ID: <20231111111559.8218-7-yong.wu@mediatek.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231111111559.8218-1-yong.wu@mediatek.com> References: <20231111111559.8218-1-yong.wu@mediatek.com> Precedence: bulk X-Mailing-List: devicetree@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-14.0.0.3152-9.1.1006-23728.005 X-TM-AS-Result: No-10--3.888000-8.000000 X-TMASE-MatchedRID: y64C6oV0e4cXSulpnju2H8LPXKYZysJRecvjbu/xDjpMOjKUxCZwrxVq ALLbOC6VBRj5e39v/eGsMR/ATxTHjSWvhQBtQUwTyeVujmXuYYX+yhO1yCoLfDP3WYNhkszluHQ 5SWRKq/0I49goOhQ2+ItfNuTBizUEQF24kZp9Ww+eAiCmPx4NwGmRqNBHmBvejvEeq6gAkYbfaY 87m2dqx9934/rDAK3zCaXr04pRMJA1yGL4+nAmxJD/HwNezREOO8fzLmP53G+oHvd3pfFwUF+/A KUOIHlXyFVWUnr9FwsfFdcY8tD7GQ6w2+Ixe72XP1JC+7l10KltUY6LqdlQnFr3vnlc+D6eVZOb rZkNVZRlRd/nfa56MV7IEEqsePYG X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--3.888000-8.000000 X-TMASE-Version: SMEX-14.0.0.3152-9.1.1006-23728.005 X-TM-SNTS-SMTP: C04951FF99BF27E30025E22F729504596E746D2DEA39644EF37717C76995E8582000:8 X-MTK: N Add a binding for describing the secure CMA reserved memory range. The memory range also will be defined in the TEE firmware. It means the TEE will be configured with the same address/size that is being set in this DT node. Signed-off-by: Yong Wu --- .../reserved-memory/secure_cma_region.yaml | 44 +++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100644 Documentation/devicetree/bindings/reserved-memory/secure_cma_region.yaml diff --git a/Documentation/devicetree/bindings/reserved-memory/secure_cma_region.yaml b/Documentation/devicetree/bindings/reserved-memory/secure_cma_region.yaml new file mode 100644 index 000000000000..8ab559595fbe --- /dev/null +++ b/Documentation/devicetree/bindings/reserved-memory/secure_cma_region.yaml @@ -0,0 +1,44 @@ +# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause) +%YAML 1.2 +--- +$id: http://devicetree.org/schemas/reserved-memory/secure_cma_region.yaml# +$schema: http://devicetree.org/meta-schemas/core.yaml# + +title: Secure Reserved CMA Region + +description: + This binding describes a CMA region that can dynamically transition +between secure and non-secure states that a TEE can allocate memory +from. + +maintainers: + - Yong Wu + +allOf: + - $ref: reserved-memory.yaml + +properties: + compatible: + const: secure_cma_region + +required: + - compatible + - reg + - reusable + +unevaluatedProperties: false + +examples: + - | + + reserved-memory { + #address-cells = <1>; + #size-cells = <1>; + ranges; + + reserved-memory@80000000 { + compatible = "secure_cma_region"; + reusable; + reg = <0x80000000 0x18000000>; + }; + }; From patchwork Sat Nov 11 11:15:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?b?WW9uZyBXdSAo5ZC05YuHKQ==?= X-Patchwork-Id: 743190 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6C010134CE; Sat, 11 Nov 2023 11:18:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=mediatek.com header.i=@mediatek.com header.b="g0D6tp7h" Received: from mailgw02.mediatek.com (unknown [210.61.82.184]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D402446B3; Sat, 11 Nov 2023 03:18:09 -0800 (PST) X-UUID: fadfc61a808311ee8051498923ad61e6-20231111 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=mediatek.com; s=dk; h=Content-Type:Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:CC:To:From; bh=PTkJwhlG295J7Fq7DBG9f0P0y9BIpK10DHJxLIVe19g=; b=g0D6tp7hVsbc7lPPx2KqtJoCZpLVTtmSCZk1Pmvnw7riV943Zn8C5G9rv4nIT2Dl28iH4vQhTMxZ+W3Jck88BlyMmYMPqKrE92Dwb+aPBxeGP0OnTBN3oT3v7IRS1+RM2T+VwBTVHkaIfX20fUObAzyfiwuoX/IcNhplQfjKmSc=; X-CID-P-RULE: Release_Ham X-CID-O-INFO: VERSION:1.1.33, REQID:5c67a7ac-e03b-4394-9eb9-398b44ce7acd, IP:0, U RL:0,TC:0,Content:0,EDM:0,RT:0,SF:0,FILE:0,BULK:0,RULE:Release_Ham,ACTION: release,TS:0 X-CID-META: VersionHash:364b77b, CLOUDID:79184695-10ce-4e4b-85c2-c9b5229ff92b, B ulkID:nil,BulkQuantity:0,Recheck:0,SF:102,TC:nil,Content:0,EDM:-3,IP:nil,U RL:0,File:nil,Bulk:nil,QS:nil,BEC:nil,COL:0,OSI:0,OSA:0,AV:0,LES:1,SPR:NO, DKR:0,DKP:0,BRR:0,BRE:0 X-CID-BVR: 0 X-CID-BAS: 0,_,0,_ X-CID-FACTOR: TF_CID_SPAM_SNR X-UUID: fadfc61a808311ee8051498923ad61e6-20231111 Received: from mtkmbs13n1.mediatek.inc [(172.21.101.193)] by mailgw02.mediatek.com (envelope-from ) (Generic MTA with TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 256/256) with ESMTP id 339753797; Sat, 11 Nov 2023 19:18:03 +0800 Received: from mtkmbs11n1.mediatek.inc (172.21.101.185) by MTKMBS14N1.mediatek.inc (172.21.101.75) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.26; Sat, 11 Nov 2023 19:18:01 +0800 Received: from mhfsdcap04.gcn.mediatek.inc (10.17.3.154) by mtkmbs11n1.mediatek.inc (172.21.101.73) with Microsoft SMTP Server id 15.2.1118.26 via Frontend Transport; Sat, 11 Nov 2023 19:18:00 +0800 From: Yong Wu To: Rob Herring , Sumit Semwal , , Matthias Brugger CC: Krzysztof Kozlowski , Conor Dooley , Benjamin Gaignard , Brian Starkey , John Stultz , , AngeloGioacchino Del Regno , Yong Wu , , , , , , , , , , Vijayanand Jitta , Joakim Bech , Jeffrey Kardatzke , Nicolas Dufresne , Subject: [PATCH v2 8/8] dma-buf: heaps: secure_heap: Add normal CMA heap Date: Sat, 11 Nov 2023 19:15:59 +0800 Message-ID: <20231111111559.8218-9-yong.wu@mediatek.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231111111559.8218-1-yong.wu@mediatek.com> References: <20231111111559.8218-1-yong.wu@mediatek.com> Precedence: bulk X-Mailing-List: devicetree@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-14.0.0.3152-9.1.1006-23728.005 X-TM-AS-Result: No-10--8.713600-8.000000 X-TMASE-MatchedRID: XAa2d/45j8QtJMbDWD8p3pEbNXwHGDRxqQ9UezeTkTjb6Y+fnTZULzAg xTloju5/Xt8ERZJyv5z+zbn+OlN0IkPbYPqd/GaJwCZxkTHxccnWSrKtwxqWpaj5v7I4/SgYU7g EPucszGeVMlcqqHWd7WAecQuhpQq2v94QsDvR6NwbmaDSnOqZfofsPVs/8Vw6RY/QCO8+EY40ZG lGdzy556HPibXQz0iw3BTxUdcaKkIfE8yM4pjsDwtuKBGekqUpIG4YlbCDECsYpN+2ZkfdFw5Eg x2RURWzOX6Gf/YkVyO2bMkQ2ubJ+3p46hvecdNTC8XKjsVbJjU= X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--8.713600-8.000000 X-TMASE-Version: SMEX-14.0.0.3152-9.1.1006-23728.005 X-TM-SNTS-SMTP: C57F37D27EAEC8D1A7ABBC4D4778A4F2275F843CCD29DDAD8C5D302DE4BE19C92000:8 X-MTK: N Add a normal CMA heap which use the standard cma allocate. Signed-off-by: Yong Wu --- Hi Vijay and Jaskaran, For this heap, 1) It uses sec_heap_buf_ops currently. I guess we cann't use the cma_heap_buf_ops. since if it is secure buffer, some operations such as mmap should not be allowed. 2) I didn't add how to protect/secure the buffer. Please feel free to change to meet your requirements. Thanks. --- drivers/dma-buf/heaps/secure_heap.c | 38 ++++++++++++++++++++++++++++- 1 file changed, 37 insertions(+), 1 deletion(-) diff --git a/drivers/dma-buf/heaps/secure_heap.c b/drivers/dma-buf/heaps/secure_heap.c index f8b84fd16288..8989ad5d03e9 100644 --- a/drivers/dma-buf/heaps/secure_heap.c +++ b/drivers/dma-buf/heaps/secure_heap.c @@ -43,6 +43,8 @@ enum secure_buffer_tee_cmd { /* PARAM NUM always is 4. */ }; enum secure_memory_type { + /* CMA for the secure memory, Use the normal cma ops to alloc/free. */ + SECURE_MEMORY_TYPE_CMA = 0, /* * MediaTek static chunk memory carved out for TrustZone. The memory * management is inside the TEE. @@ -65,6 +67,7 @@ struct secure_buffer { * a value got from TEE. */ u32 sec_handle; + struct page *cma_page; }; #define TEE_MEM_COMMAND_ID_BASE_MTK 0x10000 @@ -287,6 +290,33 @@ const struct secure_heap_prv_data mtk_sec_mem_data = { .unsecure_the_memory = secure_heap_tee_unsecure_memory, }; +static int cma_secure_memory_allocate(struct secure_heap *sec_heap, + struct secure_buffer *sec_buf) +{ + if (!sec_heap->cma) + return -EINVAL; + + sec_buf->cma_page = cma_alloc(sec_heap->cma, sec_buf->size >> PAGE_SHIFT, + get_order(PAGE_SIZE), false); + if (!sec_buf->cma_page) + return -ENOMEM; + + memset(page_address(sec_buf->cma_page), 0, sec_buf->size); + return 0; +} + +static void cma_secure_memory_free(struct secure_heap *sec_heap, + struct secure_buffer *sec_buf) +{ + cma_release(sec_heap->cma, sec_buf->cma_page, sec_buf->size >> PAGE_SHIFT); +} + +const struct secure_heap_prv_data cma_sec_mem_data = { + .memory_alloc = cma_secure_memory_allocate, + .memory_free = cma_secure_memory_free, + /* TODO : secure the buffer. */ +}; + static int secure_heap_secure_memory_allocate(struct secure_heap *sec_heap, struct secure_buffer *sec_buf) { @@ -496,6 +526,11 @@ static const struct dma_heap_ops sec_heap_ops = { }; static struct secure_heap secure_heaps[] = { + { + .name = "secure_cma", + .mem_type = SECURE_MEMORY_TYPE_CMA, + .data = &cma_sec_mem_data, + }, { .name = "secure_mtk_cm", .mem_type = SECURE_MEMORY_TYPE_MTK_CM_TZ, @@ -522,7 +557,8 @@ static int __init secure_cma_init(struct reserved_mem *rmem) } for (i = 0; i < ARRAY_SIZE(secure_heaps); i++, sec_heap++) { - if (sec_heap->mem_type != SECURE_MEMORY_TYPE_MTK_CM_CMA) + if (sec_heap->mem_type != SECURE_MEMORY_TYPE_MTK_CM_CMA && + sec_heap->mem_type != SECURE_MEMORY_TYPE_CMA) continue; sec_heap->cma = sec_cma;