blob: 7f870f2f735d15975ba806c12c22cff8bb0d50e5 [file] [log] [blame]
Jens Wiklander2b7216b2018-09-25 16:40:11 +02001// SPDX-License-Identifier: GPL-2.0+
2/*
3 * Copyright (c) 2018 Linaro Limited
4 */
5
6#include <common.h>
7#include <dm.h>
8#include <log.h>
9#include <tee.h>
10#include <linux/arm-smccc.h>
11#include <linux/io.h>
12
13#include "optee_smc.h"
14#include "optee_msg.h"
15#include "optee_private.h"
16
17#define PAGELIST_ENTRIES_PER_PAGE \
18 ((OPTEE_MSG_NONCONTIG_PAGE_SIZE / sizeof(u64)) - 1)
19
20typedef void (optee_invoke_fn)(unsigned long, unsigned long, unsigned long,
21 unsigned long, unsigned long, unsigned long,
22 unsigned long, unsigned long,
23 struct arm_smccc_res *);
24
25struct optee_pdata {
26 optee_invoke_fn *invoke_fn;
27};
28
29struct rpc_param {
30 u32 a0;
31 u32 a1;
32 u32 a2;
33 u32 a3;
34 u32 a4;
35 u32 a5;
36 u32 a6;
37 u32 a7;
38};
39
40/**
41 * reg_pair_to_ptr() - Make a pointer of 2 32-bit values
42 * @reg0: High bits of the pointer
43 * @reg1: Low bits of the pointer
44 *
45 * Returns the combined result, note that if a pointer is 32-bit wide @reg0
46 * will be discarded.
47 */
48static void *reg_pair_to_ptr(u32 reg0, u32 reg1)
49{
50 return (void *)(ulong)(((u64)reg0 << 32) | reg1);
51}
52
53/**
54 * reg_pair_from_64() - Split a 64-bit value into two 32-bit values
55 * @reg0: High bits of @val
56 * @reg1: Low bits of @val
57 * @val: The value to split
58 */
59static void reg_pair_from_64(u32 *reg0, u32 *reg1, u64 val)
60{
61 *reg0 = val >> 32;
62 *reg1 = val;
63}
64
65/**
66 * optee_alloc_and_init_page_list() - Provide page list of memory buffer
67 * @buf: Start of buffer
68 * @len: Length of buffer
69 * @phys_buf_ptr Physical pointer with coded offset to page list
70 *
71 * Secure world doesn't share mapping with Normal world (U-Boot in this case)
72 * so physical pointers are needed when sharing pointers.
73 *
74 * Returns a pointer page list on success or NULL on failure
75 */
76void *optee_alloc_and_init_page_list(void *buf, ulong len, u64 *phys_buf_ptr)
77{
78 const unsigned int page_size = OPTEE_MSG_NONCONTIG_PAGE_SIZE;
79 const phys_addr_t page_mask = page_size - 1;
80 u8 *buf_base;
81 unsigned int page_offset;
82 unsigned int num_pages;
83 unsigned int list_size;
84 unsigned int n;
85 void *page_list;
86 struct {
87 u64 pages_list[PAGELIST_ENTRIES_PER_PAGE];
88 u64 next_page_data;
89 } *pages_data;
90
91 /*
92 * A Memory buffer is described in chunks of 4k. The list of
93 * physical addresses has to be represented by a physical pointer
94 * too and a single list has to start at a 4k page and fit into
95 * that page. In order to be able to describe large memory buffers
96 * these 4k pages carrying physical addresses are linked together
97 * in a list. See OPTEE_MSG_ATTR_NONCONTIG in
98 * drivers/tee/optee/optee_msg.h for more information.
99 */
100
101 page_offset = (ulong)buf & page_mask;
102 num_pages = roundup(page_offset + len, page_size) / page_size;
103 list_size = DIV_ROUND_UP(num_pages, PAGELIST_ENTRIES_PER_PAGE) *
104 page_size;
105 page_list = memalign(page_size, list_size);
106 if (!page_list)
107 return NULL;
108
109 pages_data = page_list;
110 buf_base = (u8 *)rounddown((ulong)buf, page_size);
111 n = 0;
112 while (num_pages) {
113 pages_data->pages_list[n] = virt_to_phys(buf_base);
114 n++;
115 buf_base += page_size;
116 num_pages--;
117
118 if (n == PAGELIST_ENTRIES_PER_PAGE) {
119 pages_data->next_page_data =
120 virt_to_phys(pages_data + 1);
121 pages_data++;
122 n = 0;
123 }
124 }
125
126 *phys_buf_ptr = virt_to_phys(page_list) | page_offset;
127 return page_list;
128}
129
130static void optee_get_version(struct udevice *dev,
131 struct tee_version_data *vers)
132{
133 struct tee_version_data v = {
134 .gen_caps = TEE_GEN_CAP_GP | TEE_GEN_CAP_REG_MEM,
135 };
136
137 *vers = v;
138}
139
140static int get_msg_arg(struct udevice *dev, uint num_params,
141 struct tee_shm **shmp, struct optee_msg_arg **msg_arg)
142{
143 int rc;
144 struct optee_msg_arg *ma;
145
146 rc = __tee_shm_add(dev, OPTEE_MSG_NONCONTIG_PAGE_SIZE, NULL,
147 OPTEE_MSG_GET_ARG_SIZE(num_params), TEE_SHM_ALLOC,
148 shmp);
149 if (rc)
150 return rc;
151
152 ma = (*shmp)->addr;
153 memset(ma, 0, OPTEE_MSG_GET_ARG_SIZE(num_params));
154 ma->num_params = num_params;
155 *msg_arg = ma;
156
157 return 0;
158}
159
160static int to_msg_param(struct optee_msg_param *msg_params, uint num_params,
161 const struct tee_param *params)
162{
163 uint n;
164
165 for (n = 0; n < num_params; n++) {
166 const struct tee_param *p = params + n;
167 struct optee_msg_param *mp = msg_params + n;
168
169 switch (p->attr) {
170 case TEE_PARAM_ATTR_TYPE_NONE:
171 mp->attr = OPTEE_MSG_ATTR_TYPE_NONE;
172 memset(&mp->u, 0, sizeof(mp->u));
173 break;
174 case TEE_PARAM_ATTR_TYPE_VALUE_INPUT:
175 case TEE_PARAM_ATTR_TYPE_VALUE_OUTPUT:
176 case TEE_PARAM_ATTR_TYPE_VALUE_INOUT:
177 mp->attr = OPTEE_MSG_ATTR_TYPE_VALUE_INPUT + p->attr -
178 TEE_PARAM_ATTR_TYPE_VALUE_INPUT;
179 mp->u.value.a = p->u.value.a;
180 mp->u.value.b = p->u.value.b;
181 mp->u.value.c = p->u.value.c;
182 break;
183 case TEE_PARAM_ATTR_TYPE_MEMREF_INPUT:
184 case TEE_PARAM_ATTR_TYPE_MEMREF_OUTPUT:
185 case TEE_PARAM_ATTR_TYPE_MEMREF_INOUT:
186 mp->attr = OPTEE_MSG_ATTR_TYPE_RMEM_INPUT + p->attr -
187 TEE_PARAM_ATTR_TYPE_MEMREF_INPUT;
188 mp->u.rmem.shm_ref = (ulong)p->u.memref.shm;
189 mp->u.rmem.size = p->u.memref.size;
190 mp->u.rmem.offs = p->u.memref.shm_offs;
191 break;
192 default:
193 return -EINVAL;
194 }
195 }
196 return 0;
197}
198
199static int from_msg_param(struct tee_param *params, uint num_params,
200 const struct optee_msg_param *msg_params)
201{
202 uint n;
203 struct tee_shm *shm;
204
205 for (n = 0; n < num_params; n++) {
206 struct tee_param *p = params + n;
207 const struct optee_msg_param *mp = msg_params + n;
208 u32 attr = mp->attr & OPTEE_MSG_ATTR_TYPE_MASK;
209
210 switch (attr) {
211 case OPTEE_MSG_ATTR_TYPE_NONE:
212 p->attr = TEE_PARAM_ATTR_TYPE_NONE;
213 memset(&p->u, 0, sizeof(p->u));
214 break;
215 case OPTEE_MSG_ATTR_TYPE_VALUE_INPUT:
216 case OPTEE_MSG_ATTR_TYPE_VALUE_OUTPUT:
217 case OPTEE_MSG_ATTR_TYPE_VALUE_INOUT:
218 p->attr = TEE_PARAM_ATTR_TYPE_VALUE_INPUT + attr -
219 OPTEE_MSG_ATTR_TYPE_VALUE_INPUT;
220 p->u.value.a = mp->u.value.a;
221 p->u.value.b = mp->u.value.b;
222 p->u.value.c = mp->u.value.c;
223 break;
224 case OPTEE_MSG_ATTR_TYPE_RMEM_INPUT:
225 case OPTEE_MSG_ATTR_TYPE_RMEM_OUTPUT:
226 case OPTEE_MSG_ATTR_TYPE_RMEM_INOUT:
227 p->attr = TEE_PARAM_ATTR_TYPE_MEMREF_INPUT + attr -
228 OPTEE_MSG_ATTR_TYPE_RMEM_INPUT;
229 p->u.memref.size = mp->u.rmem.size;
230 shm = (struct tee_shm *)(ulong)mp->u.rmem.shm_ref;
231
232 if (!shm) {
233 p->u.memref.shm_offs = 0;
234 p->u.memref.shm = NULL;
235 break;
236 }
237 p->u.memref.shm_offs = mp->u.rmem.offs;
238 p->u.memref.shm = shm;
239 break;
240 default:
241 return -EINVAL;
242 }
243 }
244 return 0;
245}
246
247static void handle_rpc(struct udevice *dev, struct rpc_param *param,
248 void *page_list)
249{
250 struct tee_shm *shm;
251
252 switch (OPTEE_SMC_RETURN_GET_RPC_FUNC(param->a0)) {
253 case OPTEE_SMC_RPC_FUNC_ALLOC:
254 if (!__tee_shm_add(dev, OPTEE_MSG_NONCONTIG_PAGE_SIZE, NULL,
255 param->a1, TEE_SHM_ALLOC | TEE_SHM_REGISTER,
256 &shm)) {
257 reg_pair_from_64(&param->a1, &param->a2,
258 virt_to_phys(shm->addr));
259 /* "cookie" */
260 reg_pair_from_64(&param->a4, &param->a5, (ulong)shm);
261 } else {
262 param->a1 = 0;
263 param->a2 = 0;
264 param->a4 = 0;
265 param->a5 = 0;
266 }
267 break;
268 case OPTEE_SMC_RPC_FUNC_FREE:
269 shm = reg_pair_to_ptr(param->a1, param->a2);
270 tee_shm_free(shm);
271 break;
272 case OPTEE_SMC_RPC_FUNC_FOREIGN_INTR:
273 break;
274 case OPTEE_SMC_RPC_FUNC_CMD:
275 shm = reg_pair_to_ptr(param->a1, param->a2);
276 optee_suppl_cmd(dev, shm, page_list);
277 break;
278 default:
279 break;
280 }
281
282 param->a0 = OPTEE_SMC_CALL_RETURN_FROM_RPC;
283}
284
285static u32 call_err_to_res(u32 call_err)
286{
287 switch (call_err) {
288 case OPTEE_SMC_RETURN_OK:
289 return TEE_SUCCESS;
290 default:
291 return TEE_ERROR_BAD_PARAMETERS;
292 }
293}
294
295static u32 do_call_with_arg(struct udevice *dev, struct optee_msg_arg *arg)
296{
297 struct optee_pdata *pdata = dev_get_platdata(dev);
298 struct rpc_param param = { .a0 = OPTEE_SMC_CALL_WITH_ARG };
299 void *page_list = NULL;
300
301 reg_pair_from_64(&param.a1, &param.a2, virt_to_phys(arg));
302 while (true) {
303 struct arm_smccc_res res;
304
305 pdata->invoke_fn(param.a0, param.a1, param.a2, param.a3,
306 param.a4, param.a5, param.a6, param.a7, &res);
307
308 free(page_list);
309 page_list = NULL;
310
311 if (OPTEE_SMC_RETURN_IS_RPC(res.a0)) {
312 param.a0 = res.a0;
313 param.a1 = res.a1;
314 param.a2 = res.a2;
315 param.a3 = res.a3;
316 handle_rpc(dev, &param, &page_list);
317 } else {
Jens Wiklanderf1420dd2018-09-25 16:40:14 +0200318 /*
319 * In case we've accessed RPMB to serve an RPC
320 * request we need to restore the previously
321 * selected partition as the caller may expect it
322 * to remain unchanged.
323 */
324 optee_suppl_rpmb_release(dev);
Jens Wiklander2b7216b2018-09-25 16:40:11 +0200325 return call_err_to_res(res.a0);
326 }
327 }
328}
329
330static int optee_close_session(struct udevice *dev, u32 session)
331{
332 int rc;
333 struct tee_shm *shm;
334 struct optee_msg_arg *msg_arg;
335
336 rc = get_msg_arg(dev, 0, &shm, &msg_arg);
337 if (rc)
338 return rc;
339
340 msg_arg->cmd = OPTEE_MSG_CMD_CLOSE_SESSION;
341 msg_arg->session = session;
342 do_call_with_arg(dev, msg_arg);
343
344 tee_shm_free(shm);
345
346 return 0;
347}
348
349static int optee_open_session(struct udevice *dev,
350 struct tee_open_session_arg *arg,
351 uint num_params, struct tee_param *params)
352{
353 int rc;
354 struct tee_shm *shm;
355 struct optee_msg_arg *msg_arg;
356
357 rc = get_msg_arg(dev, num_params + 2, &shm, &msg_arg);
358 if (rc)
359 return rc;
360
361 msg_arg->cmd = OPTEE_MSG_CMD_OPEN_SESSION;
362 /*
363 * Initialize and add the meta parameters needed when opening a
364 * session.
365 */
366 msg_arg->params[0].attr = OPTEE_MSG_ATTR_TYPE_VALUE_INPUT |
367 OPTEE_MSG_ATTR_META;
368 msg_arg->params[1].attr = OPTEE_MSG_ATTR_TYPE_VALUE_INPUT |
369 OPTEE_MSG_ATTR_META;
370 memcpy(&msg_arg->params[0].u.value, arg->uuid, sizeof(arg->uuid));
371 memcpy(&msg_arg->params[1].u.value, arg->uuid, sizeof(arg->clnt_uuid));
372 msg_arg->params[1].u.value.c = arg->clnt_login;
373
374 rc = to_msg_param(msg_arg->params + 2, num_params, params);
375 if (rc)
376 goto out;
377
378 arg->ret = do_call_with_arg(dev, msg_arg);
379 if (arg->ret) {
380 arg->ret_origin = TEE_ORIGIN_COMMS;
381 goto out;
382 }
383
384 if (from_msg_param(params, num_params, msg_arg->params + 2)) {
385 arg->ret = TEE_ERROR_COMMUNICATION;
386 arg->ret_origin = TEE_ORIGIN_COMMS;
387 /* Close session again to avoid leakage */
388 optee_close_session(dev, msg_arg->session);
389 goto out;
390 }
391
392 arg->session = msg_arg->session;
393 arg->ret = msg_arg->ret;
394 arg->ret_origin = msg_arg->ret_origin;
395out:
396 tee_shm_free(shm);
397
398 return rc;
399}
400
401static int optee_invoke_func(struct udevice *dev, struct tee_invoke_arg *arg,
402 uint num_params, struct tee_param *params)
403{
404 struct tee_shm *shm;
405 struct optee_msg_arg *msg_arg;
406 int rc;
407
408 rc = get_msg_arg(dev, num_params, &shm, &msg_arg);
409 if (rc)
410 return rc;
411 msg_arg->cmd = OPTEE_MSG_CMD_INVOKE_COMMAND;
412 msg_arg->func = arg->func;
413 msg_arg->session = arg->session;
414
415 rc = to_msg_param(msg_arg->params, num_params, params);
416 if (rc)
417 goto out;
418
419 arg->ret = do_call_with_arg(dev, msg_arg);
420 if (arg->ret) {
421 arg->ret_origin = TEE_ORIGIN_COMMS;
422 goto out;
423 }
424
425 if (from_msg_param(params, num_params, msg_arg->params)) {
426 arg->ret = TEE_ERROR_COMMUNICATION;
427 arg->ret_origin = TEE_ORIGIN_COMMS;
428 goto out;
429 }
430
431 arg->ret = msg_arg->ret;
432 arg->ret_origin = msg_arg->ret_origin;
433out:
434 tee_shm_free(shm);
435 return rc;
436}
437
438static int optee_shm_register(struct udevice *dev, struct tee_shm *shm)
439{
440 struct tee_shm *shm_arg;
441 struct optee_msg_arg *msg_arg;
442 void *pl;
443 u64 ph_ptr;
444 int rc;
445
446 rc = get_msg_arg(dev, 1, &shm_arg, &msg_arg);
447 if (rc)
448 return rc;
449
450 pl = optee_alloc_and_init_page_list(shm->addr, shm->size, &ph_ptr);
451 if (!pl) {
452 rc = -ENOMEM;
453 goto out;
454 }
455
456 msg_arg->cmd = OPTEE_MSG_CMD_REGISTER_SHM;
457 msg_arg->params->attr = OPTEE_MSG_ATTR_TYPE_TMEM_OUTPUT |
458 OPTEE_MSG_ATTR_NONCONTIG;
459 msg_arg->params->u.tmem.buf_ptr = ph_ptr;
460 msg_arg->params->u.tmem.shm_ref = (ulong)shm;
461 msg_arg->params->u.tmem.size = shm->size;
462
463 if (do_call_with_arg(dev, msg_arg) || msg_arg->ret)
464 rc = -EINVAL;
465
466 free(pl);
467out:
468 tee_shm_free(shm_arg);
469
470 return rc;
471}
472
473static int optee_shm_unregister(struct udevice *dev, struct tee_shm *shm)
474{
475 struct tee_shm *shm_arg;
476 struct optee_msg_arg *msg_arg;
477 int rc;
478
479 rc = get_msg_arg(dev, 1, &shm_arg, &msg_arg);
480 if (rc)
481 return rc;
482
483 msg_arg->cmd = OPTEE_MSG_CMD_UNREGISTER_SHM;
484 msg_arg->params[0].attr = OPTEE_MSG_ATTR_TYPE_RMEM_INPUT;
485 msg_arg->params[0].u.rmem.shm_ref = (ulong)shm;
486
487 if (do_call_with_arg(dev, msg_arg) || msg_arg->ret)
488 rc = -EINVAL;
489 tee_shm_free(shm_arg);
490
491 return rc;
492}
493
494static const struct tee_driver_ops optee_ops = {
495 .get_version = optee_get_version,
496 .open_session = optee_open_session,
497 .close_session = optee_close_session,
498 .invoke_func = optee_invoke_func,
499 .shm_register = optee_shm_register,
500 .shm_unregister = optee_shm_unregister,
501};
502
503static bool is_optee_api(optee_invoke_fn *invoke_fn)
504{
505 struct arm_smccc_res res;
506
507 invoke_fn(OPTEE_SMC_CALLS_UID, 0, 0, 0, 0, 0, 0, 0, &res);
508
509 return res.a0 == OPTEE_MSG_UID_0 && res.a1 == OPTEE_MSG_UID_1 &&
510 res.a2 == OPTEE_MSG_UID_2 && res.a3 == OPTEE_MSG_UID_3;
511}
512
513static void print_os_revision(optee_invoke_fn *invoke_fn)
514{
515 union {
516 struct arm_smccc_res smccc;
517 struct optee_smc_call_get_os_revision_result result;
518 } res = {
519 .result = {
520 .build_id = 0
521 }
522 };
523
524 invoke_fn(OPTEE_SMC_CALL_GET_OS_REVISION, 0, 0, 0, 0, 0, 0, 0,
525 &res.smccc);
526
527 if (res.result.build_id)
528 debug("OP-TEE revision %lu.%lu (%08lx)\n", res.result.major,
529 res.result.minor, res.result.build_id);
530 else
531 debug("OP-TEE revision %lu.%lu\n", res.result.major,
532 res.result.minor);
533}
534
535static bool api_revision_is_compatible(optee_invoke_fn *invoke_fn)
536{
537 union {
538 struct arm_smccc_res smccc;
539 struct optee_smc_calls_revision_result result;
540 } res;
541
542 invoke_fn(OPTEE_SMC_CALLS_REVISION, 0, 0, 0, 0, 0, 0, 0, &res.smccc);
543
544 return res.result.major == OPTEE_MSG_REVISION_MAJOR &&
545 (int)res.result.minor >= OPTEE_MSG_REVISION_MINOR;
546}
547
548static bool exchange_capabilities(optee_invoke_fn *invoke_fn, u32 *sec_caps)
549{
550 union {
551 struct arm_smccc_res smccc;
552 struct optee_smc_exchange_capabilities_result result;
553 } res;
554
555 invoke_fn(OPTEE_SMC_EXCHANGE_CAPABILITIES,
556 OPTEE_SMC_NSEC_CAP_UNIPROCESSOR, 0, 0, 0, 0, 0, 0,
557 &res.smccc);
558
559 if (res.result.status != OPTEE_SMC_RETURN_OK)
560 return false;
561
562 *sec_caps = res.result.capabilities;
563
564 return true;
565}
566
567/* Simple wrapper functions to be able to use a function pointer */
568static void optee_smccc_smc(unsigned long a0, unsigned long a1,
569 unsigned long a2, unsigned long a3,
570 unsigned long a4, unsigned long a5,
571 unsigned long a6, unsigned long a7,
572 struct arm_smccc_res *res)
573{
574 arm_smccc_smc(a0, a1, a2, a3, a4, a5, a6, a7, res);
575}
576
577static void optee_smccc_hvc(unsigned long a0, unsigned long a1,
578 unsigned long a2, unsigned long a3,
579 unsigned long a4, unsigned long a5,
580 unsigned long a6, unsigned long a7,
581 struct arm_smccc_res *res)
582{
583 arm_smccc_hvc(a0, a1, a2, a3, a4, a5, a6, a7, res);
584}
585
586static optee_invoke_fn *get_invoke_func(struct udevice *dev)
587{
588 const char *method;
589
590 debug("optee: looking for conduit method in DT.\n");
591 method = ofnode_get_property(dev->node, "method", NULL);
592 if (!method) {
593 debug("optee: missing \"method\" property\n");
594 return ERR_PTR(-ENXIO);
595 }
596
597 if (!strcmp("hvc", method))
598 return optee_smccc_hvc;
599 else if (!strcmp("smc", method))
600 return optee_smccc_smc;
601
602 debug("optee: invalid \"method\" property: %s\n", method);
603 return ERR_PTR(-EINVAL);
604}
605
606static int optee_ofdata_to_platdata(struct udevice *dev)
607{
608 struct optee_pdata *pdata = dev_get_platdata(dev);
609
610 pdata->invoke_fn = get_invoke_func(dev);
611 if (IS_ERR(pdata->invoke_fn))
612 return PTR_ERR(pdata->invoke_fn);
613
614 return 0;
615}
616
617static int optee_probe(struct udevice *dev)
618{
619 struct optee_pdata *pdata = dev_get_platdata(dev);
620 u32 sec_caps;
621
622 if (!is_optee_api(pdata->invoke_fn)) {
623 debug("%s: OP-TEE api uid mismatch\n", __func__);
624 return -ENOENT;
625 }
626
627 print_os_revision(pdata->invoke_fn);
628
629 if (!api_revision_is_compatible(pdata->invoke_fn)) {
630 debug("%s: OP-TEE api revision mismatch\n", __func__);
631 return -ENOENT;
632 }
633
634 /*
635 * OP-TEE can use both shared memory via predefined pool or as
636 * dynamic shared memory provided by normal world. To keep things
637 * simple we're only using dynamic shared memory in this driver.
638 */
639 if (!exchange_capabilities(pdata->invoke_fn, &sec_caps) ||
640 !(sec_caps & OPTEE_SMC_SEC_CAP_DYNAMIC_SHM)) {
641 debug("%s: OP-TEE capabilities mismatch\n", __func__);
642 return -ENOENT;
643 }
644
645 return 0;
646}
647
648static const struct udevice_id optee_match[] = {
649 { .compatible = "linaro,optee-tz" },
650 {},
651};
652
653U_BOOT_DRIVER(optee) = {
654 .name = "optee",
655 .id = UCLASS_TEE,
656 .of_match = optee_match,
657 .ofdata_to_platdata = optee_ofdata_to_platdata,
658 .probe = optee_probe,
659 .ops = &optee_ops,
660 .platdata_auto_alloc_size = sizeof(struct optee_pdata),
Jens Wiklanderf1420dd2018-09-25 16:40:14 +0200661 .priv_auto_alloc_size = sizeof(struct optee_private),
Jens Wiklander2b7216b2018-09-25 16:40:11 +0200662};