[6/9] dma-buf: heaps: mtk_sec_heap: Add tee service call for buffer allocating/freeing
| Message ID | 20230911023038.30649-7-yong.wu@mediatek.com (mailing list archive) |
|---|---|
| State | Not Applicable |
| Headers |
Received: from vger.kernel.org ([23.128.96.18])
by www.linuxtv.org with esmtp (Exim 4.92)
(envelope-from <linux-media-owner@vger.kernel.org>)
id 1qfWiy-001oFP-Cn; Mon, 11 Sep 2023 02:32:28 +0000
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S231245AbjIKCc3 (ORCPT <rfc822;mkrufky@linuxtv.org> + 1 other);
Sun, 10 Sep 2023 22:32:29 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:53002 "EHLO
lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
with ESMTP id S231716AbjIKCc2 (ORCPT
<rfc822;linux-media@vger.kernel.org>);
Sun, 10 Sep 2023 22:32:28 -0400
Received: from mailgw02.mediatek.com (unknown [210.61.82.184])
by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E4DCD19AB;
Sun, 10 Sep 2023 19:31:47 -0700 (PDT)
X-UUID: 5738bc82504b11ee8051498923ad61e6-20230911
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=mediatek.com; s=dk;
h=Content-Type:Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:CC:To:From;
bh=tMh5czTlXeLunU6sQyq8tkPZ3p5euo92ArNQwmCGL9o=;
b=lIejvzNmqM53jcptvfpuIic/CQ08Mkqf+bk1n3aRFJGC5OEZamM+TQf+J6K0g236eFm44lJV8hxyQxQaC6nAc4x5U+nlaRVfETHw/jagUtTb0xeBLWQRqYU2g9t5FZgHRZt6pIvzqtgY4ty7ELmyQj38G7xt6gRCZf60zewosCc=;
X-CID-P-RULE: Release_Ham
X-CID-O-INFO: VERSION:1.1.31,REQID:4d99d4c7-62f9-4699-ba57-fadb528e93b3,IP:0,U
RL:0,TC:0,Content:-5,EDM:0,RT:0,SF:0,FILE:0,BULK:0,RULE:Release_Ham,ACTION
:release,TS:-5
X-CID-META: VersionHash:0ad78a4,CLOUDID:0c0bdec2-1e57-4345-9d31-31ad9818b39f,B
ulkID:nil,BulkQuantity:0,Recheck:0,SF:102,TC:nil,Content:0,EDM:-3,IP:nil,U
RL:0,File:nil,Bulk:nil,QS:nil,BEC:nil,COL:0,OSI:0,OSA:0,AV:0,LES:1,SPR:NO,
DKR:0,DKP:0,BRR:0,BRE:0
X-CID-BVR: 0,NGT
X-CID-BAS: 0,NGT,0,_
X-CID-FACTOR: TF_CID_SPAM_SNR
X-UUID: 5738bc82504b11ee8051498923ad61e6-20230911
Received: from mtkmbs10n2.mediatek.inc [(172.21.101.183)] by
mailgw02.mediatek.com
(envelope-from <yong.wu@mediatek.com>)
(Generic MTA with TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 256/256)
with ESMTP id 1344026967; Mon, 11 Sep 2023 10:31:41 +0800
Received: from mtkmbs13n2.mediatek.inc (172.21.101.194) by
mtkmbs11n2.mediatek.inc (172.21.101.187) with Microsoft SMTP Server
(version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
15.2.1118.26; Mon, 11 Sep 2023 10:31:39 +0800
Received: from mhfsdcap04.gcn.mediatek.inc (10.17.3.154) by
mtkmbs13n2.mediatek.inc (172.21.101.73) with Microsoft SMTP Server id
15.2.1118.26 via Frontend Transport; Mon, 11 Sep 2023 10:31:38 +0800
From: Yong Wu <yong.wu@mediatek.com>
To: Rob Herring <robh+dt@kernel.org>,
Sumit Semwal <sumit.semwal@linaro.org>,
<christian.koenig@amd.com>,
Matthias Brugger <matthias.bgg@gmail.com>
CC: Krzysztof Kozlowski <krzysztof.kozlowski+dt@linaro.org>,
Conor Dooley <conor+dt@kernel.org>,
Benjamin Gaignard <benjamin.gaignard@collabora.com>,
Brian Starkey <Brian.Starkey@arm.com>,
John Stultz <jstultz@google.com>, <tjmercier@google.com>,
AngeloGioacchino Del Regno
<angelogioacchino.delregno@collabora.com>,
Yong Wu <yong.wu@mediatek.com>, <devicetree@vger.kernel.org>,
<linux-kernel@vger.kernel.org>, <linux-media@vger.kernel.org>,
<dri-devel@lists.freedesktop.org>,
<linaro-mm-sig@lists.linaro.org>,
<linux-arm-kernel@lists.infradead.org>,
<linux-mediatek@lists.infradead.org>, <jianjiao.zeng@mediatek.com>,
<kuohong.wang@mediatek.com>, Anan Sun <anan.sun@mediatek.com>
Subject: [PATCH 6/9] dma-buf: heaps: mtk_sec_heap: Add tee service call for
buffer allocating/freeing
Date: Mon, 11 Sep 2023 10:30:35 +0800
Message-ID: <20230911023038.30649-7-yong.wu@mediatek.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20230911023038.30649-1-yong.wu@mediatek.com>
References: <20230911023038.30649-1-yong.wu@mediatek.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
X-MTK: N
X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_BLOCKED,RDNS_NONE,
SPF_HELO_PASS,SPF_PASS,UNPARSEABLE_RELAY autolearn=no
autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-media.vger.kernel.org>
X-Mailing-List: linux-media@vger.kernel.org
X-LSpam-Score: -2.5 (--)
X-LSpam-Report: No,
score=-2.5 required=5.0 tests=BAYES_00=-1.9,DKIM_SIGNED=0.1,DKIM_VALID=-0.1,DKIM_VALID_AU=-0.1,HEADER_FROM_DIFFERENT_DOMAINS=0.5,MAILING_LIST_MULTI=-1,UNPARSEABLE_RELAY=0.001
autolearn=ham autolearn_force=no
|
| Series |
dma-buf: heaps: Add MediaTek secure heap
|
|
Commit Message
Yong Wu (吴勇)
Sept. 11, 2023, 2:30 a.m. UTC
Add TEE service call for secure memory allocating/freeing. Signed-off-by: Anan Sun <anan.sun@mediatek.com> Signed-off-by: Yong Wu <yong.wu@mediatek.com> --- drivers/dma-buf/heaps/mtk_secure_heap.c | 69 ++++++++++++++++++++++++- 1 file changed, 68 insertions(+), 1 deletion(-)
Comments
Hi Yong,
kernel test robot noticed the following build errors:
[auto build test ERROR on drm-misc/drm-misc-next]
[also build test ERROR on robh/for-next linus/master v6.6-rc1 next-20230914]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch#_base_tree_information]
url: https://github.com/intel-lab-lkp/linux/commits/Yong-Wu/dma-buf-heaps-Deduplicate-docs-and-adopt-common-format/20230911-103308
base: git://anongit.freedesktop.org/drm/drm-misc drm-misc-next
patch link: https://lore.kernel.org/r/20230911023038.30649-7-yong.wu%40mediatek.com
patch subject: [PATCH 6/9] dma-buf: heaps: mtk_sec_heap: Add tee service call for buffer allocating/freeing
config: loongarch-allmodconfig (https://download.01.org/0day-ci/archive/20230914/202309141707.zdT0yuMT-lkp@intel.com/config)
compiler: loongarch64-linux-gcc (GCC) 13.2.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20230914/202309141707.zdT0yuMT-lkp@intel.com/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202309141707.zdT0yuMT-lkp@intel.com/
All errors (new ones prefixed by >>):
loongarch64-linux-ld: drivers/dma-buf/heaps/mtk_secure_heap.o: in function `mtk_kree_secure_session_init':
mtk_secure_heap.c:(.text+0x130): undefined reference to `tee_client_open_context'
loongarch64-linux-ld: drivers/dma-buf/heaps/mtk_secure_heap.o: in function `.L10':
mtk_secure_heap.c:(.text+0x19c): undefined reference to `tee_client_open_session'
loongarch64-linux-ld: drivers/dma-buf/heaps/mtk_secure_heap.o: in function `.L12':
mtk_secure_heap.c:(.text+0x1dc): undefined reference to `tee_client_close_context'
loongarch64-linux-ld: drivers/dma-buf/heaps/mtk_secure_heap.o: in function `mtk_sec_mem_tee_service_call.constprop.0':
>> mtk_secure_heap.c:(.text+0x274): undefined reference to `tee_client_invoke_func'
loongarch64-linux-ld: drivers/dma-buf/heaps/mtk_secure_heap.o: in function `mtk_sec_mem_release.isra.0':
mtk_secure_heap.c:(.text+0x464): undefined reference to `tee_client_invoke_func'
On Mon, Sep 11, 2023 at 10:30:35AM +0800, Yong Wu wrote: > Add TEE service call for secure memory allocating/freeing. > > Signed-off-by: Anan Sun <anan.sun@mediatek.com> > Signed-off-by: Yong Wu <yong.wu@mediatek.com> > --- > drivers/dma-buf/heaps/mtk_secure_heap.c | 69 ++++++++++++++++++++++++- > 1 file changed, 68 insertions(+), 1 deletion(-) > > diff --git a/drivers/dma-buf/heaps/mtk_secure_heap.c b/drivers/dma-buf/heaps/mtk_secure_heap.c > index e3da33a3d083..14c2a16a7164 100644 > --- a/drivers/dma-buf/heaps/mtk_secure_heap.c > +++ b/drivers/dma-buf/heaps/mtk_secure_heap.c > @@ -17,6 +17,9 @@ > > #define MTK_TEE_PARAM_NUM 4 > > +#define TZCMD_MEM_SECURECM_UNREF 7 > +#define TZCMD_MEM_SECURECM_ZALLOC 15 This is related to the discussion around UUID as well. These numbers here are specific to the MediaTek TA. If we could make things more generic, then these should probably be 0 and 1. I also find the naming a bit heavy, I think I'd suggest something like: # define TEE_CMD_SECURE_HEAP_ZALLOC ... and so on. > + > /* > * MediaTek secure (chunk) memory type > * > @@ -29,6 +32,8 @@ enum kree_mem_type { The "kree" here, is that meant to indicate kernel REE? If yes, then I guess that could be dropped since we know we're already in the kernel context, perhaps instead name it something with "secure_heap_type"? > struct mtk_secure_heap_buffer { > struct dma_heap *heap; > size_t size; > + > + u32 sec_handle; > }; > > struct mtk_secure_heap { > @@ -80,6 +85,63 @@ static int mtk_kree_secure_session_init(struct mtk_secure_heap *sec_heap) > return ret; > } > > +static int > +mtk_sec_mem_tee_service_call(struct tee_context *tee_ctx, u32 session, > + unsigned int command, struct tee_param *params) > +{ > + struct tee_ioctl_invoke_arg arg = {0}; > + int ret; > + > + arg.num_params = MTK_TEE_PARAM_NUM; > + arg.session = session; > + arg.func = command; > + > + ret = tee_client_invoke_func(tee_ctx, &arg, params); > + if (ret < 0 || arg.ret) { > + pr_err("%s: cmd %d ret %d:%x.\n", __func__, command, ret, arg.ret); > + ret = -EOPNOTSUPP; > + } > + return ret; > +} Perhaps not relevant for this patch set, but since this function is just a pure TEE call, I'm inclined to suggest that this could even be moved out as a generic TEE function. I.e., something that could be used elsewhere in the Linux kernel. > + > +static int mtk_sec_mem_allocate(struct mtk_secure_heap *sec_heap, > + struct mtk_secure_heap_buffer *sec_buf) > +{ > + struct tee_param params[MTK_TEE_PARAM_NUM] = {0}; > + u32 mem_session = sec_heap->mem_session; How about name it tee_session? Alternative ta_session? I think that would better explain what it actually is. > + int ret; > + > + params[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; > + params[0].u.value.a = SZ_4K; /* alignment */ > + params[0].u.value.b = sec_heap->mem_type; /* memory type */ > + params[1].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; > + params[1].u.value.a = sec_buf->size; > + params[2].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INOUT; > + > + /* Always request zeroed buffer */ > + ret = mtk_sec_mem_tee_service_call(sec_heap->tee_ctx, mem_session, > + TZCMD_MEM_SECURECM_ZALLOC, params); > + if (ret) > + return -ENOMEM; > + > + sec_buf->sec_handle = params[2].u.value.a; > + return 0; > +} > + > +static void mtk_sec_mem_release(struct mtk_secure_heap *sec_heap, > + struct mtk_secure_heap_buffer *sec_buf) > +{ > + struct tee_param params[MTK_TEE_PARAM_NUM] = {0}; > + u32 mem_session = sec_heap->mem_session; > + > + params[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; > + params[0].u.value.a = sec_buf->sec_handle; > + params[1].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_OUTPUT; Perhaps worth having a comment for params[1] explain why we need the VALUE_OUTPUT here?
Hi Joakim, Thanks very much for the reviewing. On Wed, 2023-09-27 at 16:37 +0200, Joakim Bech wrote: > > External email : Please do not click links or open attachments until > you have verified the sender or the content. > On Mon, Sep 11, 2023 at 10:30:35AM +0800, Yong Wu wrote: > > Add TEE service call for secure memory allocating/freeing. > > > > Signed-off-by: Anan Sun <anan.sun@mediatek.com> > > Signed-off-by: Yong Wu <yong.wu@mediatek.com> > > --- > > drivers/dma-buf/heaps/mtk_secure_heap.c | 69 > ++++++++++++++++++++++++- > > 1 file changed, 68 insertions(+), 1 deletion(-) > > > > diff --git a/drivers/dma-buf/heaps/mtk_secure_heap.c b/drivers/dma- > buf/heaps/mtk_secure_heap.c > > index e3da33a3d083..14c2a16a7164 100644 > > --- a/drivers/dma-buf/heaps/mtk_secure_heap.c > > +++ b/drivers/dma-buf/heaps/mtk_secure_heap.c > > @@ -17,6 +17,9 @@ > > > > #define MTK_TEE_PARAM_NUM4 > > > > +#define TZCMD_MEM_SECURECM_UNREF7 > > +#define TZCMD_MEM_SECURECM_ZALLOC15 > This is related to the discussion around UUID as well. These numbers > here are specific to the MediaTek TA. If we could make things more > generic, then these should probably be 0 and 1. > > I also find the naming a bit heavy, I think I'd suggest something > like: > # define TEE_CMD_SECURE_HEAP_ZALLOC ... > and so on. I will check internally and try to follow this. If we can not follow, I'll give feedback here. > > > + > > /* > > * MediaTek secure (chunk) memory type > > * > > @@ -29,6 +32,8 @@ enum kree_mem_type { > The "kree" here, is that meant to indicate kernel REE? If yes, then I > guess that could be dropped since we know we're already in the kernel > context, perhaps instead name it something with "secure_heap_type"? > > > struct mtk_secure_heap_buffer { > > struct dma_heap*heap; > > size_tsize; > > + > > +u32sec_handle; > > }; > > > > struct mtk_secure_heap { > > @@ -80,6 +85,63 @@ static int mtk_kree_secure_session_init(struct > mtk_secure_heap *sec_heap) > > return ret; > > } > > > > +static int > > +mtk_sec_mem_tee_service_call(struct tee_context *tee_ctx, u32 > session, > > + unsigned int command, struct tee_param *params) > > +{ > > +struct tee_ioctl_invoke_arg arg = {0}; > > +int ret; > > + > > +arg.num_params = MTK_TEE_PARAM_NUM; > > +arg.session = session; > > +arg.func = command; > > + > > +ret = tee_client_invoke_func(tee_ctx, &arg, params); > > +if (ret < 0 || arg.ret) { > > +pr_err("%s: cmd %d ret %d:%x.\n", __func__, command, ret, > arg.ret); > > +ret = -EOPNOTSUPP; > > +} > > +return ret; > > +} > Perhaps not relevant for this patch set, but since this function is > just > a pure TEE call, I'm inclined to suggest that this could even be > moved > out as a generic TEE function. I.e., something that could be used > elsewhere in the Linux kernel. Good Suggestion. I've seen many places call this, and they are basically similar. Do you mean we create a simple wrap for this? something like this: int tee_client_invoke_func_wrap(struct tee_context *ctx, u32 session, u32 func_id, unsigned int num_params, struct tee_param *param, int *invoke_arg_ret/* OUT */) If this makes sense, it should be done in a separate patchset. > > > + > > +static int mtk_sec_mem_allocate(struct mtk_secure_heap *sec_heap, > > +struct mtk_secure_heap_buffer *sec_buf) > > +{ > > +struct tee_param params[MTK_TEE_PARAM_NUM] = {0}; > > +u32 mem_session = sec_heap->mem_session; > How about name it tee_session? Alternative ta_session? I think that > would better explain what it actually is. Thanks for the renaming. Will change. > > > +int ret; > > + > > +params[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; > > +params[0].u.value.a = SZ_4K;/* alignment */ > > +params[0].u.value.b = sec_heap->mem_type;/* memory type */ > > +params[1].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; > > +params[1].u.value.a = sec_buf->size; > > +params[2].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INOUT; > > + > > +/* Always request zeroed buffer */ > > +ret = mtk_sec_mem_tee_service_call(sec_heap->tee_ctx, mem_session, > > + TZCMD_MEM_SECURECM_ZALLOC, params); > > +if (ret) > > +return -ENOMEM; > > + > > +sec_buf->sec_handle = params[2].u.value.a; > > +return 0; > > +} > > + > > +static void mtk_sec_mem_release(struct mtk_secure_heap *sec_heap, > > +struct mtk_secure_heap_buffer *sec_buf) > > +{ > > +struct tee_param params[MTK_TEE_PARAM_NUM] = {0}; > > +u32 mem_session = sec_heap->mem_session; > > + > > +params[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; > > +params[0].u.value.a = sec_buf->sec_handle; > > +params[1].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_OUTPUT; > Perhaps worth having a comment for params[1] explain why we need the > VALUE_OUTPUT here? Will do. > > -- > // Regards > Joakim > > > + > > +mtk_sec_mem_tee_service_call(sec_heap->tee_ctx, mem_session, > > + TZCMD_MEM_SECURECM_UNREF, params); > > +} > > + > > static struct dma_buf * > > mtk_sec_heap_allocate(struct dma_heap *heap, size_t size, > > unsigned long fd_flags, unsigned long heap_flags) > > @@ -107,6 +169,9 @@ mtk_sec_heap_allocate(struct dma_heap *heap, > size_t size, > > sec_buf->size = size; > > sec_buf->heap = heap; > > > > +ret = mtk_sec_mem_allocate(sec_heap, sec_buf); > > +if (ret) > > +goto err_free_buf; > > exp_info.exp_name = dma_heap_get_name(heap); > > exp_info.size = sec_buf->size; > > exp_info.flags = fd_flags; > > @@ -115,11 +180,13 @@ mtk_sec_heap_allocate(struct dma_heap *heap, > size_t size, > > dmabuf = dma_buf_export(&exp_info); > > if (IS_ERR(dmabuf)) { > > ret = PTR_ERR(dmabuf); > > -goto err_free_buf; > > +goto err_free_sec_mem; > > } > > > > return dmabuf; > > > > +err_free_sec_mem: > > +mtk_sec_mem_release(sec_heap, sec_buf); > > err_free_buf: > > kfree(sec_buf); > > return ERR_PTR(ret); > > -- > > 2.25.1 > >
On 9/11/2023 8:00 AM, Yong Wu wrote: > Add TEE service call for secure memory allocating/freeing. > > Signed-off-by: Anan Sun <anan.sun@mediatek.com> > Signed-off-by: Yong Wu <yong.wu@mediatek.com> > --- > drivers/dma-buf/heaps/mtk_secure_heap.c | 69 ++++++++++++++++++++++++- > 1 file changed, 68 insertions(+), 1 deletion(-) > > diff --git a/drivers/dma-buf/heaps/mtk_secure_heap.c b/drivers/dma-buf/heaps/mtk_secure_heap.c > index e3da33a3d083..14c2a16a7164 100644 > --- a/drivers/dma-buf/heaps/mtk_secure_heap.c > +++ b/drivers/dma-buf/heaps/mtk_secure_heap.c > @@ -17,6 +17,9 @@ > > #define MTK_TEE_PARAM_NUM 4 > > +#define TZCMD_MEM_SECURECM_UNREF 7 > +#define TZCMD_MEM_SECURECM_ZALLOC 15 > + > /* > * MediaTek secure (chunk) memory type > * > @@ -29,6 +32,8 @@ enum kree_mem_type { > struct mtk_secure_heap_buffer { > struct dma_heap *heap; > size_t size; > + > + u32 sec_handle; > }; > > struct mtk_secure_heap { > @@ -80,6 +85,63 @@ static int mtk_kree_secure_session_init(struct mtk_secure_heap *sec_heap) > return ret; > } > > +static int > +mtk_sec_mem_tee_service_call(struct tee_context *tee_ctx, u32 session, > + unsigned int command, struct tee_param *params) > +{ > + struct tee_ioctl_invoke_arg arg = {0}; > + int ret; > + > + arg.num_params = MTK_TEE_PARAM_NUM; > + arg.session = session; > + arg.func = command; > + > + ret = tee_client_invoke_func(tee_ctx, &arg, params); > + if (ret < 0 || arg.ret) { > + pr_err("%s: cmd %d ret %d:%x.\n", __func__, command, ret, arg.ret); > + ret = -EOPNOTSUPP; > + } > + return ret; > +} > + > +static int mtk_sec_mem_allocate(struct mtk_secure_heap *sec_heap, > + struct mtk_secure_heap_buffer *sec_buf) > +{ > + struct tee_param params[MTK_TEE_PARAM_NUM] = {0}; > + u32 mem_session = sec_heap->mem_session; > + int ret; > + > + params[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; > + params[0].u.value.a = SZ_4K; /* alignment */ > + params[0].u.value.b = sec_heap->mem_type; /* memory type */ > + params[1].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; > + params[1].u.value.a = sec_buf->size; > + params[2].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INOUT; > + > + /* Always request zeroed buffer */ > + ret = mtk_sec_mem_tee_service_call(sec_heap->tee_ctx, mem_session, > + TZCMD_MEM_SECURECM_ZALLOC, params); I see here optee calls are being used to secure memory. For a secure heap, there can be multiple ways on how we want to secure memory, for eg : by using qcom_scm_assign_mem. This interface restricts securing memory to only optee calls. can we have a way to choose ops that we want to secure memory ? Thanks, Vijay > + if (ret) > + return -ENOMEM; > + > + sec_buf->sec_handle = params[2].u.value.a; > + return 0; > +} > + > +static void mtk_sec_mem_release(struct mtk_secure_heap *sec_heap, > + struct mtk_secure_heap_buffer *sec_buf) > +{ > + struct tee_param params[MTK_TEE_PARAM_NUM] = {0}; > + u32 mem_session = sec_heap->mem_session; > + > + params[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; > + params[0].u.value.a = sec_buf->sec_handle; > + params[1].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_OUTPUT; > + > + mtk_sec_mem_tee_service_call(sec_heap->tee_ctx, mem_session, > + TZCMD_MEM_SECURECM_UNREF, params); > +} > + > static struct dma_buf * > mtk_sec_heap_allocate(struct dma_heap *heap, size_t size, > unsigned long fd_flags, unsigned long heap_flags) > @@ -107,6 +169,9 @@ mtk_sec_heap_allocate(struct dma_heap *heap, size_t size, > sec_buf->size = size; > sec_buf->heap = heap; > > + ret = mtk_sec_mem_allocate(sec_heap, sec_buf); > + if (ret) > + goto err_free_buf; > exp_info.exp_name = dma_heap_get_name(heap); > exp_info.size = sec_buf->size; > exp_info.flags = fd_flags; > @@ -115,11 +180,13 @@ mtk_sec_heap_allocate(struct dma_heap *heap, size_t size, > dmabuf = dma_buf_export(&exp_info); > if (IS_ERR(dmabuf)) { > ret = PTR_ERR(dmabuf); > - goto err_free_buf; > + goto err_free_sec_mem; > } > > return dmabuf; > > +err_free_sec_mem: > + mtk_sec_mem_release(sec_heap, sec_buf); > err_free_buf: > kfree(sec_buf); > return ERR_PTR(ret);
Hi Vijayanand, Thanks very much for your review. On Thu, 2023-10-19 at 10:15 +0530, Vijayanand Jitta wrote: > > External email : Please do not click links or open attachments until > you have verified the sender or the content. > > > On 9/11/2023 8:00 AM, Yong Wu wrote: > > Add TEE service call for secure memory allocating/freeing. > > > > Signed-off-by: Anan Sun <anan.sun@mediatek.com> > > Signed-off-by: Yong Wu <yong.wu@mediatek.com> > > --- > > drivers/dma-buf/heaps/mtk_secure_heap.c | 69 > ++++++++++++++++++++++++- > > 1 file changed, 68 insertions(+), 1 deletion(-) > > > > diff --git a/drivers/dma-buf/heaps/mtk_secure_heap.c b/drivers/dma- > buf/heaps/mtk_secure_heap.c > > index e3da33a3d083..14c2a16a7164 100644 > > --- a/drivers/dma-buf/heaps/mtk_secure_heap.c > > +++ b/drivers/dma-buf/heaps/mtk_secure_heap.c > > @@ -17,6 +17,9 @@ > > > > #define MTK_TEE_PARAM_NUM4 > > > > +#define TZCMD_MEM_SECURECM_UNREF7 > > +#define TZCMD_MEM_SECURECM_ZALLOC15 > > + > > /* > > * MediaTek secure (chunk) memory type > > * > > @@ -29,6 +32,8 @@ enum kree_mem_type { > > struct mtk_secure_heap_buffer { > > struct dma_heap*heap; > > size_tsize; > > + > > +u32sec_handle; > > }; > > > > struct mtk_secure_heap { > > @@ -80,6 +85,63 @@ static int mtk_kree_secure_session_init(struct > mtk_secure_heap *sec_heap) > > return ret; > > } > > > > +static int > > +mtk_sec_mem_tee_service_call(struct tee_context *tee_ctx, u32 > session, > > + unsigned int command, struct tee_param *params) > > +{ > > +struct tee_ioctl_invoke_arg arg = {0}; > > +int ret; > > + > > +arg.num_params = MTK_TEE_PARAM_NUM; > > +arg.session = session; > > +arg.func = command; > > + > > +ret = tee_client_invoke_func(tee_ctx, &arg, params); > > +if (ret < 0 || arg.ret) { > > +pr_err("%s: cmd %d ret %d:%x.\n", __func__, command, ret, > arg.ret); > > +ret = -EOPNOTSUPP; > > +} > > +return ret; > > +} > > + > > +static int mtk_sec_mem_allocate(struct mtk_secure_heap *sec_heap, > > +struct mtk_secure_heap_buffer *sec_buf) > > +{ > > +struct tee_param params[MTK_TEE_PARAM_NUM] = {0}; > > +u32 mem_session = sec_heap->mem_session; > > +int ret; > > + > > +params[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; > > +params[0].u.value.a = SZ_4K;/* alignment */ > > +params[0].u.value.b = sec_heap->mem_type;/* memory type */ > > +params[1].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; > > +params[1].u.value.a = sec_buf->size; > > +params[2].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INOUT; > > + > > +/* Always request zeroed buffer */ > > +ret = mtk_sec_mem_tee_service_call(sec_heap->tee_ctx, mem_session, > > + TZCMD_MEM_SECURECM_ZALLOC, params); > > I see here optee calls are being used to secure memory. > > For a secure heap, there can be multiple ways on how we want to > secure memory, > for eg : by using qcom_scm_assign_mem. > > This interface restricts securing memory to only optee calls. > can we have a way to choose ops that we want to secure memory ? Thanks for this suggestion. So it looks like there are four operations in the abstract ops. Something like this? struct sec_memory_ops { int (*sec_memory_init)() //we need initialise tee session here. int (*sec_memory_alloc)() int (*sec_memory_free)() void (*sec_memory_uninit)() } Do you also need tee operation like tee_client_open_session and tee_client_invoke_func? if so, your UUID and TEE command ID value are also different, right? We may also need new macros on how to choose different sec_memory_ops since we don't have different bindings. > > Thanks, > Vijay
diff --git a/drivers/dma-buf/heaps/mtk_secure_heap.c b/drivers/dma-buf/heaps/mtk_secure_heap.c index e3da33a3d083..14c2a16a7164 100644 --- a/drivers/dma-buf/heaps/mtk_secure_heap.c +++ b/drivers/dma-buf/heaps/mtk_secure_heap.c @@ -17,6 +17,9 @@ #define MTK_TEE_PARAM_NUM 4 +#define TZCMD_MEM_SECURECM_UNREF 7 +#define TZCMD_MEM_SECURECM_ZALLOC 15 + /* * MediaTek secure (chunk) memory type * @@ -29,6 +32,8 @@ enum kree_mem_type { struct mtk_secure_heap_buffer { struct dma_heap *heap; size_t size; + + u32 sec_handle; }; struct mtk_secure_heap { @@ -80,6 +85,63 @@ static int mtk_kree_secure_session_init(struct mtk_secure_heap *sec_heap) return ret; } +static int +mtk_sec_mem_tee_service_call(struct tee_context *tee_ctx, u32 session, + unsigned int command, struct tee_param *params) +{ + struct tee_ioctl_invoke_arg arg = {0}; + int ret; + + arg.num_params = MTK_TEE_PARAM_NUM; + arg.session = session; + arg.func = command; + + ret = tee_client_invoke_func(tee_ctx, &arg, params); + if (ret < 0 || arg.ret) { + pr_err("%s: cmd %d ret %d:%x.\n", __func__, command, ret, arg.ret); + ret = -EOPNOTSUPP; + } + return ret; +} + +static int mtk_sec_mem_allocate(struct mtk_secure_heap *sec_heap, + struct mtk_secure_heap_buffer *sec_buf) +{ + struct tee_param params[MTK_TEE_PARAM_NUM] = {0}; + u32 mem_session = sec_heap->mem_session; + int ret; + + params[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; + params[0].u.value.a = SZ_4K; /* alignment */ + params[0].u.value.b = sec_heap->mem_type; /* memory type */ + params[1].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; + params[1].u.value.a = sec_buf->size; + params[2].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INOUT; + + /* Always request zeroed buffer */ + ret = mtk_sec_mem_tee_service_call(sec_heap->tee_ctx, mem_session, + TZCMD_MEM_SECURECM_ZALLOC, params); + if (ret) + return -ENOMEM; + + sec_buf->sec_handle = params[2].u.value.a; + return 0; +} + +static void mtk_sec_mem_release(struct mtk_secure_heap *sec_heap, + struct mtk_secure_heap_buffer *sec_buf) +{ + struct tee_param params[MTK_TEE_PARAM_NUM] = {0}; + u32 mem_session = sec_heap->mem_session; + + params[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; + params[0].u.value.a = sec_buf->sec_handle; + params[1].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_OUTPUT; + + mtk_sec_mem_tee_service_call(sec_heap->tee_ctx, mem_session, + TZCMD_MEM_SECURECM_UNREF, params); +} + static struct dma_buf * mtk_sec_heap_allocate(struct dma_heap *heap, size_t size, unsigned long fd_flags, unsigned long heap_flags) @@ -107,6 +169,9 @@ mtk_sec_heap_allocate(struct dma_heap *heap, size_t size, sec_buf->size = size; sec_buf->heap = heap; + ret = mtk_sec_mem_allocate(sec_heap, sec_buf); + if (ret) + goto err_free_buf; exp_info.exp_name = dma_heap_get_name(heap); exp_info.size = sec_buf->size; exp_info.flags = fd_flags; @@ -115,11 +180,13 @@ mtk_sec_heap_allocate(struct dma_heap *heap, size_t size, dmabuf = dma_buf_export(&exp_info); if (IS_ERR(dmabuf)) { ret = PTR_ERR(dmabuf); - goto err_free_buf; + goto err_free_sec_mem; } return dmabuf; +err_free_sec_mem: + mtk_sec_mem_release(sec_heap, sec_buf); err_free_buf: kfree(sec_buf); return ERR_PTR(ret);