tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
optee: sync secure world ABI headers
Update the header files describing the secure world ABI, both with and
without FF-A. The ABI is extended to deal with protected memory, but as
usual backward compatible.
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
+131
-19
+23
-6
drivers/tee/optee/optee_ffa.h
+23
-6
drivers/tee/optee/optee_ffa.h
···
81
81
* as the second MSG arg struct for
82
82
* OPTEE_FFA_YIELDING_CALL_WITH_ARG.
83
83
* Bit[31:8]: Reserved (MBZ)
84
-
* w5: Bitfield of secure world capabilities OPTEE_FFA_SEC_CAP_* below,
84
+
* w5: Bitfield of OP-TEE capabilities OPTEE_FFA_SEC_CAP_*
85
85
* w6: The maximum secure world notification number
86
86
* w7: Not used (MBZ)
87
87
*/
···
94
94
#define OPTEE_FFA_SEC_CAP_ASYNC_NOTIF BIT(1)
95
95
/* OP-TEE supports probing for RPMB device if needed */
96
96
#define OPTEE_FFA_SEC_CAP_RPMB_PROBE BIT(2)
97
+
/* OP-TEE supports Protected Memory for secure data path */
98
+
#define OPTEE_FFA_SEC_CAP_PROTMEM BIT(3)
97
99
98
100
#define OPTEE_FFA_EXCHANGE_CAPABILITIES OPTEE_FFA_BLOCKING_CALL(2)
99
101
···
110
108
*
111
109
* Return register usage:
112
110
* w3: Error code, 0 on success
113
-
* w4-w7: Note used (MBZ)
111
+
* w4-w7: Not used (MBZ)
114
112
*/
115
113
#define OPTEE_FFA_UNREGISTER_SHM OPTEE_FFA_BLOCKING_CALL(3)
116
114
···
121
119
* Call register usage:
122
120
* w3: Service ID, OPTEE_FFA_ENABLE_ASYNC_NOTIF
123
121
* w4: Notification value to request bottom half processing, should be
124
-
* less than OPTEE_FFA_MAX_ASYNC_NOTIF_VALUE.
122
+
* less than OPTEE_FFA_MAX_ASYNC_NOTIF_VALUE
125
123
* w5-w7: Not used (MBZ)
124
+
*
125
+
* Return register usage:
126
+
* w3: Error code, 0 on success
127
+
* w4-w7: Not used (MBZ)
128
+
*/
129
+
#define OPTEE_FFA_ENABLE_ASYNC_NOTIF OPTEE_FFA_BLOCKING_CALL(5)
130
+
131
+
#define OPTEE_FFA_MAX_ASYNC_NOTIF_VALUE 64
132
+
133
+
/*
134
+
* Release Protected memory
135
+
*
136
+
* Call register usage:
137
+
* w3: Service ID, OPTEE_FFA_RECLAIM_PROTMEM
138
+
* w4: Shared memory handle, lower bits
139
+
* w5: Shared memory handle, higher bits
140
+
* w6-w7: Not used (MBZ)
126
141
*
127
142
* Return register usage:
128
143
* w3: Error code, 0 on success
129
144
* w4-w7: Note used (MBZ)
130
145
*/
131
-
#define OPTEE_FFA_ENABLE_ASYNC_NOTIF OPTEE_FFA_BLOCKING_CALL(5)
132
-
133
-
#define OPTEE_FFA_MAX_ASYNC_NOTIF_VALUE 64
146
+
#define OPTEE_FFA_RELEASE_PROTMEM OPTEE_FFA_BLOCKING_CALL(8)
134
147
135
148
/*
136
149
* Call with struct optee_msg_arg as argument in the supplied shared memory
+72
-12
drivers/tee/optee/optee_msg.h
+72
-12
drivers/tee/optee/optee_msg.h
···
133
133
};
134
134
135
135
/**
136
-
* struct optee_msg_param_fmem - ffa memory reference parameter
136
+
* struct optee_msg_param_fmem - FF-A memory reference parameter
137
137
* @offs_lower: Lower bits of offset into shared memory reference
138
138
* @offs_upper: Upper bits of offset into shared memory reference
139
139
* @internal_offs: Internal offset into the first page of shared memory
140
140
* reference
141
141
* @size: Size of the buffer
142
-
* @global_id: Global identifier of Shared memory
142
+
* @global_id: Global identifier of the shared memory
143
143
*/
144
144
struct optee_msg_param_fmem {
145
145
u32 offs_low;
···
165
165
* @attr: attributes
166
166
* @tmem: parameter by temporary memory reference
167
167
* @rmem: parameter by registered memory reference
168
-
* @fmem: parameter by ffa registered memory reference
168
+
* @fmem: parameter by FF-A registered memory reference
169
169
* @value: parameter by opaque value
170
170
* @octets: parameter by octet string
171
171
*
···
297
297
#define OPTEE_MSG_FUNCID_GET_OS_REVISION 0x0001
298
298
299
299
/*
300
+
* Values used in OPTEE_MSG_CMD_LEND_PROTMEM below
301
+
* OPTEE_MSG_PROTMEM_RESERVED Reserved
302
+
* OPTEE_MSG_PROTMEM_SECURE_VIDEO_PLAY Secure Video Playback
303
+
* OPTEE_MSG_PROTMEM_TRUSTED_UI Trused UI
304
+
* OPTEE_MSG_PROTMEM_SECURE_VIDEO_RECORD Secure Video Recording
305
+
*/
306
+
#define OPTEE_MSG_PROTMEM_RESERVED 0
307
+
#define OPTEE_MSG_PROTMEM_SECURE_VIDEO_PLAY 1
308
+
#define OPTEE_MSG_PROTMEM_TRUSTED_UI 2
309
+
#define OPTEE_MSG_PROTMEM_SECURE_VIDEO_RECORD 3
310
+
311
+
/*
300
312
* Do a secure call with struct optee_msg_arg as argument
301
313
* The OPTEE_MSG_CMD_* below defines what goes in struct optee_msg_arg::cmd
302
314
*
···
349
337
* OPTEE_MSG_CMD_STOP_ASYNC_NOTIF informs secure world that from now is
350
338
* normal world unable to process asynchronous notifications. Typically
351
339
* used when the driver is shut down.
340
+
*
341
+
* OPTEE_MSG_CMD_LEND_PROTMEM lends protected memory. The passed normal
342
+
* physical memory is protected from normal world access. The memory
343
+
* should be unmapped prior to this call since it becomes inaccessible
344
+
* during the request.
345
+
* Parameters are passed as:
346
+
* [in] param[0].attr OPTEE_MSG_ATTR_TYPE_VALUE_INPUT
347
+
* [in] param[0].u.value.a OPTEE_MSG_PROTMEM_* defined above
348
+
* [in] param[1].attr OPTEE_MSG_ATTR_TYPE_TMEM_INPUT
349
+
* [in] param[1].u.tmem.buf_ptr physical address
350
+
* [in] param[1].u.tmem.size size
351
+
* [in] param[1].u.tmem.shm_ref holds protected memory reference
352
+
*
353
+
* OPTEE_MSG_CMD_RECLAIM_PROTMEM reclaims a previously lent protected
354
+
* memory reference. The physical memory is accessible by the normal world
355
+
* after this function has return and can be mapped again. The information
356
+
* is passed as:
357
+
* [in] param[0].attr OPTEE_MSG_ATTR_TYPE_VALUE_INPUT
358
+
* [in] param[0].u.value.a holds protected memory cookie
359
+
*
360
+
* OPTEE_MSG_CMD_GET_PROTMEM_CONFIG get configuration for a specific
361
+
* protected memory use case. Parameters are passed as:
362
+
* [in] param[0].attr OPTEE_MSG_ATTR_TYPE_VALUE_INOUT
363
+
* [in] param[0].value.a OPTEE_MSG_PROTMEM_*
364
+
* [in] param[1].attr OPTEE_MSG_ATTR_TYPE_{R,F}MEM_OUTPUT
365
+
* [in] param[1].u.{r,f}mem Buffer or NULL
366
+
* [in] param[1].u.{r,f}mem.size Provided size of buffer or 0 for query
367
+
* output for the protected use case:
368
+
* [out] param[0].value.a Minimal size of protected memory
369
+
* [out] param[0].value.b Required alignment of size and start of
370
+
* protected memory
371
+
* [out] param[0].value.c PA width, max 64
372
+
* [out] param[1].{r,f}mem.size Size of output data
373
+
* [out] param[1].{r,f}mem If non-NULL, contains an array of
374
+
* uint32_t memory attributes that must be
375
+
* included when lending memory for this
376
+
* use case
377
+
*
378
+
* OPTEE_MSG_CMD_ASSIGN_PROTMEM assigns use-case to protected memory
379
+
* previously lent using the FFA_LEND framework ABI. Parameters are passed
380
+
* as:
381
+
* [in] param[0].attr OPTEE_MSG_ATTR_TYPE_VALUE_INPUT
382
+
* [in] param[0].u.value.a holds protected memory cookie
383
+
* [in] param[0].u.value.b OPTEE_MSG_PROTMEM_* defined above
352
384
*/
353
-
#define OPTEE_MSG_CMD_OPEN_SESSION 0
354
-
#define OPTEE_MSG_CMD_INVOKE_COMMAND 1
355
-
#define OPTEE_MSG_CMD_CLOSE_SESSION 2
356
-
#define OPTEE_MSG_CMD_CANCEL 3
357
-
#define OPTEE_MSG_CMD_REGISTER_SHM 4
358
-
#define OPTEE_MSG_CMD_UNREGISTER_SHM 5
359
-
#define OPTEE_MSG_CMD_DO_BOTTOM_HALF 6
360
-
#define OPTEE_MSG_CMD_STOP_ASYNC_NOTIF 7
361
-
#define OPTEE_MSG_FUNCID_CALL_WITH_ARG 0x0004
385
+
#define OPTEE_MSG_CMD_OPEN_SESSION 0
386
+
#define OPTEE_MSG_CMD_INVOKE_COMMAND 1
387
+
#define OPTEE_MSG_CMD_CLOSE_SESSION 2
388
+
#define OPTEE_MSG_CMD_CANCEL 3
389
+
#define OPTEE_MSG_CMD_REGISTER_SHM 4
390
+
#define OPTEE_MSG_CMD_UNREGISTER_SHM 5
391
+
#define OPTEE_MSG_CMD_DO_BOTTOM_HALF 6
392
+
#define OPTEE_MSG_CMD_STOP_ASYNC_NOTIF 7
393
+
#define OPTEE_MSG_CMD_LEND_PROTMEM 8
394
+
#define OPTEE_MSG_CMD_RECLAIM_PROTMEM 9
395
+
#define OPTEE_MSG_CMD_GET_PROTMEM_CONFIG 10
396
+
#define OPTEE_MSG_CMD_ASSIGN_PROTMEM 11
397
+
#define OPTEE_MSG_FUNCID_CALL_WITH_ARG 0x0004
362
398
363
399
#endif /* _OPTEE_MSG_H */
+36
-1
drivers/tee/optee/optee_smc.h
+36
-1
drivers/tee/optee/optee_smc.h
···
264
264
#define OPTEE_SMC_SEC_CAP_HAVE_RESERVED_SHM BIT(0)
265
265
/* Secure world can communicate via previously unregistered shared memory */
266
266
#define OPTEE_SMC_SEC_CAP_UNREGISTERED_SHM BIT(1)
267
-
268
267
/*
269
268
* Secure world supports commands "register/unregister shared memory",
270
269
* secure world accepts command buffers located in any parts of non-secure RAM
···
279
280
#define OPTEE_SMC_SEC_CAP_RPC_ARG BIT(6)
280
281
/* Secure world supports probing for RPMB device if needed */
281
282
#define OPTEE_SMC_SEC_CAP_RPMB_PROBE BIT(7)
283
+
/* Secure world supports protected memory */
284
+
#define OPTEE_SMC_SEC_CAP_PROTMEM BIT(8)
285
+
/* Secure world supports dynamic protected memory */
286
+
#define OPTEE_SMC_SEC_CAP_DYNAMIC_PROTMEM BIT(9)
282
287
283
288
#define OPTEE_SMC_FUNCID_EXCHANGE_CAPABILITIES 9
284
289
#define OPTEE_SMC_EXCHANGE_CAPABILITIES \
···
454
451
455
452
/* See OPTEE_SMC_CALL_WITH_REGD_ARG above */
456
453
#define OPTEE_SMC_FUNCID_CALL_WITH_REGD_ARG 19
454
+
/*
455
+
* Get protected memory config
456
+
*
457
+
* Returns the protected memory config.
458
+
*
459
+
* Call register usage:
460
+
* a0 SMC Function ID, OPTEE_SMC_GET_PROTMEM_CONFIG
461
+
* a2-6 Not used, must be zero
462
+
* a7 Hypervisor Client ID register
463
+
*
464
+
* Have config return register usage:
465
+
* a0 OPTEE_SMC_RETURN_OK
466
+
* a1 Physical address of start of protected memory
467
+
* a2 Size of protected memory
468
+
* a3 PA width, max 64
469
+
* a4-7 Preserved
470
+
*
471
+
* Not available register usage:
472
+
* a0 OPTEE_SMC_RETURN_ENOTAVAIL
473
+
* a1-3 Not used
474
+
* a4-7 Preserved
475
+
*/
476
+
#define OPTEE_SMC_FUNCID_GET_PROTMEM_CONFIG 20
477
+
#define OPTEE_SMC_GET_PROTMEM_CONFIG \
478
+
OPTEE_SMC_FAST_CALL_VAL(OPTEE_SMC_FUNCID_GET_PROTMEM_CONFIG)
479
+
480
+
struct optee_smc_get_protmem_config_result {
481
+
unsigned long status;
482
+
unsigned long start;
483
+
unsigned long size;
484
+
unsigned long pa_width;
485
+
};
457
486
458
487
/*
459
488
* Resume from RPC (for example after processing a foreign interrupt)