On 03/07/2024 07:57, Amirreza Zarrabi wrote:
Qualcomm TEE hosts Trusted Applications and Services that run in the secure world. Access to these resources is provided using object capabilities. A TEE client with access to the capability can invoke the object and request a service. Similarly, TEE can request a service from nonsecure world with object capabilities that are exported to secure world.
We provide qcom_tee_object which represents an object in both secure and nonsecure world. TEE clients can invoke an instance of qcom_tee_object to access TEE. TEE can issue a callback request to nonsecure world by invoking an instance of qcom_tee_object in nonsecure world.
Any driver in nonsecure world that is interested to export a struct (or a service object) to TEE, requires to embed an instance of qcom_tee_object in the relevant struct and implements the dispatcher function which is called when TEE invoked the service object.
We also provids simplified API which implements the Qualcomm TEE transport protocol. The implementation is independent from any services that may reside in nonsecure world.
Signed-off-by: Amirreza Zarrabi quic_azarrabi@quicinc.com
drivers/firmware/qcom/Kconfig | 14 + drivers/firmware/qcom/Makefile | 2 + drivers/firmware/qcom/qcom_object_invoke/Makefile | 4 + drivers/firmware/qcom/qcom_object_invoke/async.c | 142 +++ drivers/firmware/qcom/qcom_object_invoke/core.c | 1139 ++++++++++++++++++++ drivers/firmware/qcom/qcom_object_invoke/core.h | 186 ++++ .../qcom/qcom_object_invoke/qcom_scm_invoke.c | 22 + .../firmware/qcom/qcom_object_invoke/release_wq.c | 90 ++ include/linux/firmware/qcom/qcom_object_invoke.h | 233 ++++ 9 files changed, 1832 insertions(+)
diff --git a/drivers/firmware/qcom/Kconfig b/drivers/firmware/qcom/Kconfig index 7f6eb4174734..103ab82bae9f 100644 --- a/drivers/firmware/qcom/Kconfig +++ b/drivers/firmware/qcom/Kconfig @@ -84,4 +84,18 @@ config QCOM_QSEECOM_UEFISECAPP Select Y here to provide access to EFI variables on the aforementioned platforms. +config QCOM_OBJECT_INVOKE_CORE
Let's avoid another rant from Linus and add here either proper defaults or dependencies.
- bool "Secure TEE Communication Support"
- help
Various Qualcomm SoCs have a Trusted Execution Environment (TEE) runningin the Trust Zone. This module provides an interface to that via thecapability based object invocation, using SMC calls.OBJECT_INVOKE_CORE allows capability based secure communication betweenTEE and VMs. Using OBJECT_INVOKE_CORE, kernel can issue calls to TEE orTAs to request a service or exposes services to TEE and TAs. It implementsthe necessary marshaling of messages with TEE.Select Y here to provide access to TEE.endmenu diff --git a/drivers/firmware/qcom/Makefile b/drivers/firmware/qc
...
} else {/* TEE obtained the ownership of QCOM_TEE_OBJECT_TYPE_CB_OBJECT* input objects in 'u'. On further failure, TEE is responsible* to release them.*/oic->flags |= OIC_FLAG_QCOM_TEE;}/* Is it a callback request?! */if (response_type != QCOM_TEE_RESULT_INBOUND_REQ_NEEDED) {if (!*result) {ret = update_args(u, oic);if (ret) {arg_for_each_output_object(i, u)put_qcom_tee_object(u[i].o);}}break;} else {oic->flags |= OIC_FLAG_BUSY;/* Before dispatching the request, handle any pending async requests. */__fetch__async_reqs(oic);qcom_tee_object_invoke(oic, cb_msg);}- }
- __fetch__async_reqs(oic);
+out:
- qcom_tee_object_invoke_ctx_uninit(oic);
- return ret;
+} +EXPORT_SYMBOL_GPL(qcom_tee_object_do_invoke);
+/* Primordial Object. */ +/* It is invoked by TEE for kernel services. */
+static struct qcom_tee_object *primordial_object = NULL_QCOM_TEE_OBJECT; +static DEFINE_MUTEX(primordial_object_lock);
Oh my... except that it looks like undocumented ABI, please avoid file-scope variables.
Best regards, Krzysztof
linaro-mm-sig@lists.linaro.org
-
Krzysztof Kozlowski