[Linaro-mm-sig] Re: [PATCH v2 1/8] dma-buf: heaps: Initialize a secure heap

On Sat, Nov 11, 2023 at 3:16 AM Yong Wu yong.wu@mediatek.com wrote:

Initialize a secure heap. Currently just add a null heap, Prepare for the later patches.

Signed-off-by: Yong Wu yong.wu@mediatek.com

drivers/dma-buf/heaps/Kconfig | 7 +++ drivers/dma-buf/heaps/Makefile | 1 + drivers/dma-buf/heaps/secure_heap.c | 98 +++++++++++++++++++++++++++++ 3 files changed, 106 insertions(+) create mode 100644 drivers/dma-buf/heaps/secure_heap.c

diff --git a/drivers/dma-buf/heaps/Kconfig b/drivers/dma-buf/heaps/Kconfig index a5eef06c4226..e358bf711145 100644 --- a/drivers/dma-buf/heaps/Kconfig +++ b/drivers/dma-buf/heaps/Kconfig @@ -12,3 +12,10 @@ config DMABUF_HEAPS_CMA Choose this option to enable dma-buf CMA heap. This heap is backed by the Contiguous Memory Allocator (CMA). If your system has these regions, you should say Y here.

+config DMABUF_HEAPS_SECURE

•   bool "DMA-BUF Secure Heap"
  

•   depends on DMABUF_HEAPS && TEE
  

•   help
  

•     Choose this option to enable dma-buf secure heap. This heap is backed by
  

•     TEE client interfaces or CMA. If in doubt, say N.
  

Remove the mention of TEE and CMA from this.

You should probably add two KConfig options. One is for DMABUF_HEAPS_SECURE which is for the framework for secure heaps. The other one should be:

config MTK_DMABUF_HEAPS_SECURE bool "Mediatek DMA-BUF Secure Heap" depends on DMABUF_HEAPS_SECURE && TEE help Enables secure dma-buf heaps for Mediatek platforms.

diff --git a/drivers/dma-buf/heaps/Makefile b/drivers/dma-buf/heaps/Makefile index 974467791032..b1ad9d1f2fbe 100644 --- a/drivers/dma-buf/heaps/Makefile +++ b/drivers/dma-buf/heaps/Makefile @@ -1,3 +1,4 @@ # SPDX-License-Identifier: GPL-2.0 +obj-$(CONFIG_DMABUF_HEAPS_SECURE) += secure_heap.o obj-$(CONFIG_DMABUF_HEAPS_SYSTEM) += system_heap.o obj-$(CONFIG_DMABUF_HEAPS_CMA) += cma_heap.o diff --git a/drivers/dma-buf/heaps/secure_heap.c b/drivers/dma-buf/heaps/secure_heap.c new file mode 100644 index 000000000000..a634051a0a67 --- /dev/null +++ b/drivers/dma-buf/heaps/secure_heap.c @@ -0,0 +1,98 @@ +// SPDX-License-Identifier: GPL-2.0 +/*

• • DMABUF secure heap exporter
• • Copyright (C) 2023 MediaTek Inc.
• */

+#include <linux/dma-buf.h> +#include <linux/dma-heap.h> +#include <linux/err.h> +#include <linux/module.h> +#include <linux/slab.h>

+enum secure_memory_type {

•   /*
  

•    * MediaTek static chunk memory carved out for TrustZone. The memory
  

•    * management is inside the TEE.
  

•    */
  

•   SECURE_MEMORY_TYPE_MTK_CM_TZ    = 1,
  

Mediatek specific code for secure dma heaps should go into a new file (maybe secure_heap_mtk.c which the MTK_DMABUF_HEAPS_SECURE option enables).

+};

+struct secure_buffer {

•   struct dma_heap                 *heap;
  

•   size_t                          size;
  

+};

+struct secure_heap {

•   const char                      *name;
  

•   const enum secure_memory_type   mem_type;
  

secure_memory_type is going to be in the vendor specific implementation, I don't think you need it in the framework.

+};

You should probably move these to a <linux/dma-heap-secure.h> file so they can be shared by the framework and the specific implementation (in this case vendor specific).

+static struct dma_buf * +secure_heap_allocate(struct dma_heap *heap, unsigned long size,

•                unsigned long fd_flags, unsigned long heap_flags)
  

+{

•   struct secure_buffer *sec_buf;
  

•   DEFINE_DMA_BUF_EXPORT_INFO(exp_info);
  

•   struct dma_buf *dmabuf;
  

•   int ret;
  

•   sec_buf = kzalloc(sizeof(*sec_buf), GFP_KERNEL);
  

•   if (!sec_buf)
  

•           return ERR_PTR(-ENOMEM);
  

•   sec_buf->size = ALIGN(size, PAGE_SIZE);
  

•   sec_buf->heap = heap;
  

•   exp_info.exp_name = dma_heap_get_name(heap);
  

•   exp_info.size = sec_buf->size;
  

•   exp_info.flags = fd_flags;
  

•   exp_info.priv = sec_buf;
  

•   dmabuf = dma_buf_export(&exp_info);
  

•   if (IS_ERR(dmabuf)) {
  

•           ret = PTR_ERR(dmabuf);
  

•           goto err_free_buf;
  

•   }
  

•   return dmabuf;
  

+err_free_buf:

•   kfree(sec_buf);
  

•   return ERR_PTR(ret);
  

+}

+static const struct dma_heap_ops sec_heap_ops = {

•   .allocate = secure_heap_allocate,
  

+};

+static struct secure_heap secure_heaps[] = {

•   {
  

•           .name           = "secure_mtk_cm",
  

•           .mem_type       = SECURE_MEMORY_TYPE_MTK_CM_TZ,
  

•   },
  

+};

Move this to the vendor specific implementation.

+static int secure_heap_init(void) +{

•   struct secure_heap *sec_heap = secure_heaps;
  

•   struct dma_heap_export_info exp_info;
  

•   struct dma_heap *heap;
  

•   unsigned int i;
  

•   for (i = 0; i < ARRAY_SIZE(secure_heaps); i++, sec_heap++) {
  

•           exp_info.name = sec_heap->name;
  

•           exp_info.ops = &sec_heap_ops;
  

•           exp_info.priv = (void *)sec_heap;
  

•           heap = dma_heap_add(&exp_info);
  

•           if (IS_ERR(heap))
  

•                   return PTR_ERR(heap);
  

•   }
  

•   return 0;
  

+}

secure_heap_init should take a 'struct secure_heap*' as an argument and be defined in dma-heap-secure.h.

+module_init(secure_heap_init); +MODULE_DESCRIPTION("Secure Heap Driver"); +MODULE_LICENSE("GPL");

Remove from this file, it should go in the specific implementations.

-- 2.25.1