1
2
3
4
5
6#include <common.h>
7#include <dm.h>
8#include <dm/device_compat.h>
9#include <log.h>
10#include <malloc.h>
11#include <tee.h>
12#include <linux/arm-smccc.h>
13#include <linux/err.h>
14#include <linux/io.h>
15
16#include "optee_smc.h"
17#include "optee_msg.h"
18#include "optee_private.h"
19
20#define PAGELIST_ENTRIES_PER_PAGE \
21 ((OPTEE_MSG_NONCONTIG_PAGE_SIZE / sizeof(u64)) - 1)
22
23typedef void (optee_invoke_fn)(unsigned long, unsigned long, unsigned long,
24 unsigned long, unsigned long, unsigned long,
25 unsigned long, unsigned long,
26 struct arm_smccc_res *);
27
28struct optee_pdata {
29 optee_invoke_fn *invoke_fn;
30};
31
32struct rpc_param {
33 u32 a0;
34 u32 a1;
35 u32 a2;
36 u32 a3;
37 u32 a4;
38 u32 a5;
39 u32 a6;
40 u32 a7;
41};
42
43
44
45
46
47
48
49
50
51static void *reg_pair_to_ptr(u32 reg0, u32 reg1)
52{
53 return (void *)(ulong)(((u64)reg0 << 32) | reg1);
54}
55
56
57
58
59
60
61
62static void reg_pair_from_64(u32 *reg0, u32 *reg1, u64 val)
63{
64 *reg0 = val >> 32;
65 *reg1 = val;
66}
67
68
69
70
71
72
73
74
75
76
77
78
79void *optee_alloc_and_init_page_list(void *buf, ulong len, u64 *phys_buf_ptr)
80{
81 const unsigned int page_size = OPTEE_MSG_NONCONTIG_PAGE_SIZE;
82 const phys_addr_t page_mask = page_size - 1;
83 u8 *buf_base;
84 unsigned int page_offset;
85 unsigned int num_pages;
86 unsigned int list_size;
87 unsigned int n;
88 void *page_list;
89 struct {
90 u64 pages_list[PAGELIST_ENTRIES_PER_PAGE];
91 u64 next_page_data;
92 } *pages_data;
93
94
95
96
97
98
99
100
101
102
103
104 page_offset = (ulong)buf & page_mask;
105 num_pages = roundup(page_offset + len, page_size) / page_size;
106 list_size = DIV_ROUND_UP(num_pages, PAGELIST_ENTRIES_PER_PAGE) *
107 page_size;
108 page_list = memalign(page_size, list_size);
109 if (!page_list)
110 return NULL;
111
112 pages_data = page_list;
113 buf_base = (u8 *)rounddown((ulong)buf, page_size);
114 n = 0;
115 while (num_pages) {
116 pages_data->pages_list[n] = virt_to_phys(buf_base);
117 n++;
118 buf_base += page_size;
119 num_pages--;
120
121 if (n == PAGELIST_ENTRIES_PER_PAGE) {
122 pages_data->next_page_data =
123 virt_to_phys(pages_data + 1);
124 pages_data++;
125 n = 0;
126 }
127 }
128
129 *phys_buf_ptr = virt_to_phys(page_list) | page_offset;
130 return page_list;
131}
132
133static void optee_get_version(struct udevice *dev,
134 struct tee_version_data *vers)
135{
136 struct tee_version_data v = {
137 .gen_caps = TEE_GEN_CAP_GP | TEE_GEN_CAP_REG_MEM,
138 };
139
140 *vers = v;
141}
142
143static int get_msg_arg(struct udevice *dev, uint num_params,
144 struct tee_shm **shmp, struct optee_msg_arg **msg_arg)
145{
146 int rc;
147 struct optee_msg_arg *ma;
148
149 rc = __tee_shm_add(dev, OPTEE_MSG_NONCONTIG_PAGE_SIZE, NULL,
150 OPTEE_MSG_GET_ARG_SIZE(num_params), TEE_SHM_ALLOC,
151 shmp);
152 if (rc)
153 return rc;
154
155 ma = (*shmp)->addr;
156 memset(ma, 0, OPTEE_MSG_GET_ARG_SIZE(num_params));
157 ma->num_params = num_params;
158 *msg_arg = ma;
159
160 return 0;
161}
162
163static int to_msg_param(struct optee_msg_param *msg_params, uint num_params,
164 const struct tee_param *params)
165{
166 uint n;
167
168 for (n = 0; n < num_params; n++) {
169 const struct tee_param *p = params + n;
170 struct optee_msg_param *mp = msg_params + n;
171
172 switch (p->attr) {
173 case TEE_PARAM_ATTR_TYPE_NONE:
174 mp->attr = OPTEE_MSG_ATTR_TYPE_NONE;
175 memset(&mp->u, 0, sizeof(mp->u));
176 break;
177 case TEE_PARAM_ATTR_TYPE_VALUE_INPUT:
178 case TEE_PARAM_ATTR_TYPE_VALUE_OUTPUT:
179 case TEE_PARAM_ATTR_TYPE_VALUE_INOUT:
180 mp->attr = OPTEE_MSG_ATTR_TYPE_VALUE_INPUT + p->attr -
181 TEE_PARAM_ATTR_TYPE_VALUE_INPUT;
182 mp->u.value.a = p->u.value.a;
183 mp->u.value.b = p->u.value.b;
184 mp->u.value.c = p->u.value.c;
185 break;
186 case TEE_PARAM_ATTR_TYPE_MEMREF_INPUT:
187 case TEE_PARAM_ATTR_TYPE_MEMREF_OUTPUT:
188 case TEE_PARAM_ATTR_TYPE_MEMREF_INOUT:
189 mp->attr = OPTEE_MSG_ATTR_TYPE_RMEM_INPUT + p->attr -
190 TEE_PARAM_ATTR_TYPE_MEMREF_INPUT;
191 mp->u.rmem.shm_ref = (ulong)p->u.memref.shm;
192 mp->u.rmem.size = p->u.memref.size;
193 mp->u.rmem.offs = p->u.memref.shm_offs;
194 break;
195 default:
196 return -EINVAL;
197 }
198 }
199 return 0;
200}
201
202static int from_msg_param(struct tee_param *params, uint num_params,
203 const struct optee_msg_param *msg_params)
204{
205 uint n;
206 struct tee_shm *shm;
207
208 for (n = 0; n < num_params; n++) {
209 struct tee_param *p = params + n;
210 const struct optee_msg_param *mp = msg_params + n;
211 u32 attr = mp->attr & OPTEE_MSG_ATTR_TYPE_MASK;
212
213 switch (attr) {
214 case OPTEE_MSG_ATTR_TYPE_NONE:
215 p->attr = TEE_PARAM_ATTR_TYPE_NONE;
216 memset(&p->u, 0, sizeof(p->u));
217 break;
218 case OPTEE_MSG_ATTR_TYPE_VALUE_INPUT:
219 case OPTEE_MSG_ATTR_TYPE_VALUE_OUTPUT:
220 case OPTEE_MSG_ATTR_TYPE_VALUE_INOUT:
221 p->attr = TEE_PARAM_ATTR_TYPE_VALUE_INPUT + attr -
222 OPTEE_MSG_ATTR_TYPE_VALUE_INPUT;
223 p->u.value.a = mp->u.value.a;
224 p->u.value.b = mp->u.value.b;
225 p->u.value.c = mp->u.value.c;
226 break;
227 case OPTEE_MSG_ATTR_TYPE_RMEM_INPUT:
228 case OPTEE_MSG_ATTR_TYPE_RMEM_OUTPUT:
229 case OPTEE_MSG_ATTR_TYPE_RMEM_INOUT:
230 p->attr = TEE_PARAM_ATTR_TYPE_MEMREF_INPUT + attr -
231 OPTEE_MSG_ATTR_TYPE_RMEM_INPUT;
232 p->u.memref.size = mp->u.rmem.size;
233 shm = (struct tee_shm *)(ulong)mp->u.rmem.shm_ref;
234
235 if (!shm) {
236 p->u.memref.shm_offs = 0;
237 p->u.memref.shm = NULL;
238 break;
239 }
240 p->u.memref.shm_offs = mp->u.rmem.offs;
241 p->u.memref.shm = shm;
242 break;
243 default:
244 return -EINVAL;
245 }
246 }
247 return 0;
248}
249
250static void handle_rpc(struct udevice *dev, struct rpc_param *param,
251 void *page_list)
252{
253 struct tee_shm *shm;
254
255 switch (OPTEE_SMC_RETURN_GET_RPC_FUNC(param->a0)) {
256 case OPTEE_SMC_RPC_FUNC_ALLOC:
257 if (!__tee_shm_add(dev, OPTEE_MSG_NONCONTIG_PAGE_SIZE, NULL,
258 param->a1, TEE_SHM_ALLOC | TEE_SHM_REGISTER,
259 &shm)) {
260 reg_pair_from_64(¶m->a1, ¶m->a2,
261 virt_to_phys(shm->addr));
262
263 reg_pair_from_64(¶m->a4, ¶m->a5, (ulong)shm);
264 } else {
265 param->a1 = 0;
266 param->a2 = 0;
267 param->a4 = 0;
268 param->a5 = 0;
269 }
270 break;
271 case OPTEE_SMC_RPC_FUNC_FREE:
272 shm = reg_pair_to_ptr(param->a1, param->a2);
273 tee_shm_free(shm);
274 break;
275 case OPTEE_SMC_RPC_FUNC_FOREIGN_INTR:
276 break;
277 case OPTEE_SMC_RPC_FUNC_CMD:
278 shm = reg_pair_to_ptr(param->a1, param->a2);
279 optee_suppl_cmd(dev, shm, page_list);
280 break;
281 default:
282 break;
283 }
284
285 param->a0 = OPTEE_SMC_CALL_RETURN_FROM_RPC;
286}
287
288static u32 call_err_to_res(u32 call_err)
289{
290 switch (call_err) {
291 case OPTEE_SMC_RETURN_OK:
292 return TEE_SUCCESS;
293 default:
294 return TEE_ERROR_BAD_PARAMETERS;
295 }
296}
297
298static u32 do_call_with_arg(struct udevice *dev, struct optee_msg_arg *arg)
299{
300 struct optee_pdata *pdata = dev_get_plat(dev);
301 struct rpc_param param = { .a0 = OPTEE_SMC_CALL_WITH_ARG };
302 void *page_list = NULL;
303
304 reg_pair_from_64(¶m.a1, ¶m.a2, virt_to_phys(arg));
305 while (true) {
306 struct arm_smccc_res res;
307
308 pdata->invoke_fn(param.a0, param.a1, param.a2, param.a3,
309 param.a4, param.a5, param.a6, param.a7, &res);
310
311 free(page_list);
312 page_list = NULL;
313
314 if (OPTEE_SMC_RETURN_IS_RPC(res.a0)) {
315 param.a0 = res.a0;
316 param.a1 = res.a1;
317 param.a2 = res.a2;
318 param.a3 = res.a3;
319 handle_rpc(dev, ¶m, &page_list);
320 } else {
321
322
323
324
325
326
327 optee_suppl_rpmb_release(dev);
328 return call_err_to_res(res.a0);
329 }
330 }
331}
332
333static int optee_close_session(struct udevice *dev, u32 session)
334{
335 int rc;
336 struct tee_shm *shm;
337 struct optee_msg_arg *msg_arg;
338
339 rc = get_msg_arg(dev, 0, &shm, &msg_arg);
340 if (rc)
341 return rc;
342
343 msg_arg->cmd = OPTEE_MSG_CMD_CLOSE_SESSION;
344 msg_arg->session = session;
345 do_call_with_arg(dev, msg_arg);
346
347 tee_shm_free(shm);
348
349 return 0;
350}
351
352static int optee_open_session(struct udevice *dev,
353 struct tee_open_session_arg *arg,
354 uint num_params, struct tee_param *params)
355{
356 int rc;
357 struct tee_shm *shm;
358 struct optee_msg_arg *msg_arg;
359
360 rc = get_msg_arg(dev, num_params + 2, &shm, &msg_arg);
361 if (rc)
362 return rc;
363
364 msg_arg->cmd = OPTEE_MSG_CMD_OPEN_SESSION;
365
366
367
368
369 msg_arg->params[0].attr = OPTEE_MSG_ATTR_TYPE_VALUE_INPUT |
370 OPTEE_MSG_ATTR_META;
371 msg_arg->params[1].attr = OPTEE_MSG_ATTR_TYPE_VALUE_INPUT |
372 OPTEE_MSG_ATTR_META;
373 memcpy(&msg_arg->params[0].u.value, arg->uuid, sizeof(arg->uuid));
374 memcpy(&msg_arg->params[1].u.value, arg->uuid, sizeof(arg->clnt_uuid));
375 msg_arg->params[1].u.value.c = arg->clnt_login;
376
377 rc = to_msg_param(msg_arg->params + 2, num_params, params);
378 if (rc)
379 goto out;
380
381 arg->ret = do_call_with_arg(dev, msg_arg);
382 if (arg->ret) {
383 arg->ret_origin = TEE_ORIGIN_COMMS;
384 goto out;
385 }
386
387 if (from_msg_param(params, num_params, msg_arg->params + 2)) {
388 arg->ret = TEE_ERROR_COMMUNICATION;
389 arg->ret_origin = TEE_ORIGIN_COMMS;
390
391 optee_close_session(dev, msg_arg->session);
392 goto out;
393 }
394
395 arg->session = msg_arg->session;
396 arg->ret = msg_arg->ret;
397 arg->ret_origin = msg_arg->ret_origin;
398out:
399 tee_shm_free(shm);
400
401 return rc;
402}
403
404static int optee_invoke_func(struct udevice *dev, struct tee_invoke_arg *arg,
405 uint num_params, struct tee_param *params)
406{
407 struct tee_shm *shm;
408 struct optee_msg_arg *msg_arg;
409 int rc;
410
411 rc = get_msg_arg(dev, num_params, &shm, &msg_arg);
412 if (rc)
413 return rc;
414 msg_arg->cmd = OPTEE_MSG_CMD_INVOKE_COMMAND;
415 msg_arg->func = arg->func;
416 msg_arg->session = arg->session;
417
418 rc = to_msg_param(msg_arg->params, num_params, params);
419 if (rc)
420 goto out;
421
422 arg->ret = do_call_with_arg(dev, msg_arg);
423 if (arg->ret) {
424 arg->ret_origin = TEE_ORIGIN_COMMS;
425 goto out;
426 }
427
428 if (from_msg_param(params, num_params, msg_arg->params)) {
429 arg->ret = TEE_ERROR_COMMUNICATION;
430 arg->ret_origin = TEE_ORIGIN_COMMS;
431 goto out;
432 }
433
434 arg->ret = msg_arg->ret;
435 arg->ret_origin = msg_arg->ret_origin;
436out:
437 tee_shm_free(shm);
438 return rc;
439}
440
441static int optee_shm_register(struct udevice *dev, struct tee_shm *shm)
442{
443 struct tee_shm *shm_arg;
444 struct optee_msg_arg *msg_arg;
445 void *pl;
446 u64 ph_ptr;
447 int rc;
448
449 rc = get_msg_arg(dev, 1, &shm_arg, &msg_arg);
450 if (rc)
451 return rc;
452
453 pl = optee_alloc_and_init_page_list(shm->addr, shm->size, &ph_ptr);
454 if (!pl) {
455 rc = -ENOMEM;
456 goto out;
457 }
458
459 msg_arg->cmd = OPTEE_MSG_CMD_REGISTER_SHM;
460 msg_arg->params->attr = OPTEE_MSG_ATTR_TYPE_TMEM_OUTPUT |
461 OPTEE_MSG_ATTR_NONCONTIG;
462 msg_arg->params->u.tmem.buf_ptr = ph_ptr;
463 msg_arg->params->u.tmem.shm_ref = (ulong)shm;
464 msg_arg->params->u.tmem.size = shm->size;
465
466 if (do_call_with_arg(dev, msg_arg) || msg_arg->ret)
467 rc = -EINVAL;
468
469 free(pl);
470out:
471 tee_shm_free(shm_arg);
472
473 return rc;
474}
475
476static int optee_shm_unregister(struct udevice *dev, struct tee_shm *shm)
477{
478 struct tee_shm *shm_arg;
479 struct optee_msg_arg *msg_arg;
480 int rc;
481
482 rc = get_msg_arg(dev, 1, &shm_arg, &msg_arg);
483 if (rc)
484 return rc;
485
486 msg_arg->cmd = OPTEE_MSG_CMD_UNREGISTER_SHM;
487 msg_arg->params[0].attr = OPTEE_MSG_ATTR_TYPE_RMEM_INPUT;
488 msg_arg->params[0].u.rmem.shm_ref = (ulong)shm;
489
490 if (do_call_with_arg(dev, msg_arg) || msg_arg->ret)
491 rc = -EINVAL;
492 tee_shm_free(shm_arg);
493
494 return rc;
495}
496
497static const struct tee_driver_ops optee_ops = {
498 .get_version = optee_get_version,
499 .open_session = optee_open_session,
500 .close_session = optee_close_session,
501 .invoke_func = optee_invoke_func,
502 .shm_register = optee_shm_register,
503 .shm_unregister = optee_shm_unregister,
504};
505
506static bool is_optee_api(optee_invoke_fn *invoke_fn)
507{
508 struct arm_smccc_res res;
509
510 invoke_fn(OPTEE_SMC_CALLS_UID, 0, 0, 0, 0, 0, 0, 0, &res);
511
512 return res.a0 == OPTEE_MSG_UID_0 && res.a1 == OPTEE_MSG_UID_1 &&
513 res.a2 == OPTEE_MSG_UID_2 && res.a3 == OPTEE_MSG_UID_3;
514}
515
516static void print_os_revision(struct udevice *dev, optee_invoke_fn *invoke_fn)
517{
518 union {
519 struct arm_smccc_res smccc;
520 struct optee_smc_call_get_os_revision_result result;
521 } res = {
522 .result = {
523 .build_id = 0
524 }
525 };
526
527 invoke_fn(OPTEE_SMC_CALL_GET_OS_REVISION, 0, 0, 0, 0, 0, 0, 0,
528 &res.smccc);
529
530 if (res.result.build_id)
531 dev_info(dev, "OP-TEE: revision %lu.%lu (%08lx)\n",
532 res.result.major, res.result.minor,
533 res.result.build_id);
534 else
535 dev_info(dev, "OP-TEE: revision %lu.%lu\n",
536 res.result.major, res.result.minor);
537}
538
539static bool api_revision_is_compatible(optee_invoke_fn *invoke_fn)
540{
541 union {
542 struct arm_smccc_res smccc;
543 struct optee_smc_calls_revision_result result;
544 } res;
545
546 invoke_fn(OPTEE_SMC_CALLS_REVISION, 0, 0, 0, 0, 0, 0, 0, &res.smccc);
547
548 return res.result.major == OPTEE_MSG_REVISION_MAJOR &&
549 (int)res.result.minor >= OPTEE_MSG_REVISION_MINOR;
550}
551
552static bool exchange_capabilities(optee_invoke_fn *invoke_fn, u32 *sec_caps)
553{
554 union {
555 struct arm_smccc_res smccc;
556 struct optee_smc_exchange_capabilities_result result;
557 } res;
558
559 invoke_fn(OPTEE_SMC_EXCHANGE_CAPABILITIES,
560 OPTEE_SMC_NSEC_CAP_UNIPROCESSOR, 0, 0, 0, 0, 0, 0,
561 &res.smccc);
562
563 if (res.result.status != OPTEE_SMC_RETURN_OK)
564 return false;
565
566 *sec_caps = res.result.capabilities;
567
568 return true;
569}
570
571
572static void optee_smccc_smc(unsigned long a0, unsigned long a1,
573 unsigned long a2, unsigned long a3,
574 unsigned long a4, unsigned long a5,
575 unsigned long a6, unsigned long a7,
576 struct arm_smccc_res *res)
577{
578 arm_smccc_smc(a0, a1, a2, a3, a4, a5, a6, a7, res);
579}
580
581static void optee_smccc_hvc(unsigned long a0, unsigned long a1,
582 unsigned long a2, unsigned long a3,
583 unsigned long a4, unsigned long a5,
584 unsigned long a6, unsigned long a7,
585 struct arm_smccc_res *res)
586{
587 arm_smccc_hvc(a0, a1, a2, a3, a4, a5, a6, a7, res);
588}
589
590static optee_invoke_fn *get_invoke_func(struct udevice *dev)
591{
592 const char *method;
593
594 debug("optee: looking for conduit method in DT.\n");
595 method = ofnode_get_property(dev_ofnode(dev), "method", NULL);
596 if (!method) {
597 debug("optee: missing \"method\" property\n");
598 return ERR_PTR(-ENXIO);
599 }
600
601 if (!strcmp("hvc", method))
602 return optee_smccc_hvc;
603 else if (!strcmp("smc", method))
604 return optee_smccc_smc;
605
606 debug("optee: invalid \"method\" property: %s\n", method);
607 return ERR_PTR(-EINVAL);
608}
609
610static int optee_of_to_plat(struct udevice *dev)
611{
612 struct optee_pdata *pdata = dev_get_plat(dev);
613
614 pdata->invoke_fn = get_invoke_func(dev);
615 if (IS_ERR(pdata->invoke_fn))
616 return PTR_ERR(pdata->invoke_fn);
617
618 return 0;
619}
620
621static int optee_probe(struct udevice *dev)
622{
623 struct optee_pdata *pdata = dev_get_plat(dev);
624 u32 sec_caps;
625
626 if (!is_optee_api(pdata->invoke_fn)) {
627 debug("%s: OP-TEE api uid mismatch\n", __func__);
628 return -ENOENT;
629 }
630
631 print_os_revision(dev, pdata->invoke_fn);
632
633 if (!api_revision_is_compatible(pdata->invoke_fn)) {
634 debug("%s: OP-TEE api revision mismatch\n", __func__);
635 return -ENOENT;
636 }
637
638
639
640
641
642
643 if (!exchange_capabilities(pdata->invoke_fn, &sec_caps) ||
644 !(sec_caps & OPTEE_SMC_SEC_CAP_DYNAMIC_SHM)) {
645 debug("%s: OP-TEE capabilities mismatch\n", __func__);
646 return -ENOENT;
647 }
648
649 return 0;
650}
651
652static const struct udevice_id optee_match[] = {
653 { .compatible = "linaro,optee-tz" },
654 {},
655};
656
657U_BOOT_DRIVER(optee) = {
658 .name = "optee",
659 .id = UCLASS_TEE,
660 .of_match = optee_match,
661 .of_to_plat = optee_of_to_plat,
662 .probe = optee_probe,
663 .ops = &optee_ops,
664 .plat_auto = sizeof(struct optee_pdata),
665 .priv_auto = sizeof(struct optee_private),
666};
667
