#
f3040daa |
|
31-Mar-2023 |
Jeffrey Kardatzke <jkardatzke@chromium.org> |
tee: optee: Add SMC for loading OP-TEE image Adds an SMC call that will pass an OP-TEE binary image to EL3 and instruct it to load it as the BL32 payload. This works in conjunction with a feature added to Trusted Firmware for ARMv8 and above architectures that supports this. The main purpose of this change is to facilitate updating the OP-TEE component on devices via a rootfs change rather than having to do a firmware update. Further details are linked to in the Kconfig file. Signed-off-by: Jeffrey Kardatzke <jkardatzke@chromium.org> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jeffrey Kardatzke <jkardatzke@google.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
#
6749e69c |
|
15-Jun-2021 |
Jens Wiklander <jens.wiklander@linaro.org> |
optee: add asynchronous notifications Adds support for asynchronous notifications from secure world to normal world. This allows a design with a top half and bottom half type of driver where the top half runs in secure interrupt context and a notifications tells normal world to schedule a yielding call to do the bottom half processing. The protocol is defined in optee_msg.h optee_rpc_cmd.h and optee_smc.h. A notification consists of a 32-bit value which normal world can retrieve using a fastcall into secure world. The value OPTEE_SMC_ASYNC_NOTIF_VALUE_DO_BOTTOM_HALF (0) has a special meaning. When this value is sent it means that normal world is supposed to make a yielding call OPTEE_MSG_CMD_DO_BOTTOM_HALF. Notification capability is negotiated while the driver is initialized. If both sides supports these notifications then they are enabled. An interrupt is used to notify the driver that there are asynchronous notifications pending. The maximum needed notification value is communicated at this stage. This allows scaling up when needed. Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Acked-by: Ard Biesheuvel <ardb@kernel.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
#
4615e5a3 |
|
21-Jul-2021 |
Jens Wiklander <jens.wiklander@linaro.org> |
optee: add FF-A support Adds support for using FF-A [1] as transport to the OP-TEE driver. Introduces struct optee_msg_param_fmem which carries all information needed when OP-TEE is calling FFA_MEM_RETRIEVE_REQ to get the shared memory reference mapped by the hypervisor in S-EL2. Register usage is also updated to include the information needed. The FF-A part of this driver is enabled if CONFIG_ARM_FFA_TRANSPORT is enabled. [1] https://developer.arm.com/documentation/den0077/latest Acked-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
#
673c7aa2 |
|
19-Apr-2021 |
Jens Wiklander <jens.wiklander@linaro.org> |
optee: use export_uuid() to copy client UUID Prior to this patch optee_open_session() was making assumptions about the internal format of uuid_t by casting a memory location in a parameter struct to uuid_t *. Fix this using export_uuid() to get a well defined binary representation and also add an octets field in struct optee_msg_param in order to avoid casting. Fixes: c5b4312bea5d ("tee: optee: Add support for session login client UUID generation") Suggested-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
#
617d8e8b |
|
20-Jan-2021 |
Jens Wiklander <jens.wiklander@linaro.org> |
optee: sync OP-TEE headers Pulls in updates in the internal headers from OP-TEE OS [1]. A few defines has been shortened, hence the changes in rpc.c. Defines not used by the driver in tee_rpc_cmd.h has been filtered out. Note that this does not change the ABI. Link: [1] https://github.com/OP-TEE/optee_os Reviewed-by: Sumit Garg <sumit.garg@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
#
fda90b29 |
|
31-Dec-2020 |
Tian Tao <tiantao6@hisilicon.com> |
drivers: optee: use flexible-array member instead of zero-length array Use flexible-array member introduced in C99 instead of zero-length array. Most of zero-length array was already taken care in previous patch [1]. Now modified few more cases which were not handled earlier. [1]. https://patchwork.kernel.org/patch/11394197/ Signed-off-by: Tian Tao <tiantao6@hisilicon.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
#
c05210ab |
|
14-Aug-2020 |
Jorge Ramirez-Ortiz <jorge@foundries.io> |
drivers: optee: allow op-tee to access devices on the i2c bus Some secure elements like NXP's SE050 sit on I2C buses. For OP-TEE to control this type of cryptographic devices it needs coordinated access to the bus, so collisions and RUNTIME_PM dont get in the way. This trampoline driver allow OP-TEE to access them. Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
#
32356d30 |
|
08-Feb-2019 |
Jerome Forissier <jerome.forissier@linaro.org> |
tee: optee: update optee_msg.h and optee_smc.h to dual license The files optee_msg.h and optee_smc.h (under drivers/tee/optee) contain information originating from the OP-TEE OS project [1] [2], where the licensing terms are BSD 2-Clause. Therefore, apply a dual license to those files. Link: [1] https://github.com/OP-TEE/optee_os/blob/master/core/include/optee_msg.h Link: [2] https://github.com/OP-TEE/optee_os/blob/master/core/arch/arm/include/sm/optee_smc.h Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
#
de5c6dfc |
|
29-Nov-2017 |
Volodymyr Babchuk <vlad.babchuk@gmail.com> |
tee: optee: Update protocol definitions There were changes in REE<->OP-TEE ABI recently. Now ABI allows us to pass non-contiguous memory buffers as list of pages to OP-TEE. This can be achieved by using new parameter attribute OPTEE_MSG_ATTR_NONCONTIG. OP-TEE also is able to use all non-secure RAM for shared buffers. This new capability is enabled with OPTEE_SMC_SEC_CAP_DYNAMIC_SHM flag. This patch adds necessary definitions to the protocol definition files at Linux side. Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
#
4fb0a5eb |
|
14-Apr-2015 |
Jens Wiklander <jens.wiklander@linaro.org> |
tee: add OP-TEE driver Adds a OP-TEE driver which also can be compiled as a loadable module. * Targets ARM and ARM64 * Supports using reserved memory from OP-TEE as shared memory * Probes OP-TEE version using SMCs * Accepts requests on privileged and unprivileged device * Uses OPTEE message protocol version 2 to communicate with secure world Acked-by: Andreas Dannenberg <dannenberg@ti.com> Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey) Tested-by: Volodymyr Babchuk <vlad.babchuk@gmail.com> (RCAR H3) Tested-by: Scott Branden <scott.branden@broadcom.com> Reviewed-by: Javier González <javier@javigon.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|