This converts some of the visually simpler cases that have been split
over multiple lines. I only did the ones that are easy to verify the
resulting diff by having just that final GFP_KERNEL argument on the next
line.
Somebody should probably do a proper coccinelle script for this, but for
me the trivial script actually resulted in an assertion failure in the
middle of the script. I probably had made it a bit _too_ trivial.
So after fighting that far a while I decided to just do some of the
syntactically simpler cases with variations of the previous 'sed'
scripts.
The more syntactically complex multi-line cases would mostly really want
whitespace cleanup anyway.
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This was done entirely with mindless brute force, using
git grep -l '\<k[vmz]*alloc_objs*(.*, GFP_KERNEL)' |
xargs sed -i 's/\(alloc_objs*(.*\), GFP_KERNEL)/\1)/'
to convert the new alloc_obj() users that had a simple GFP_KERNEL
argument to just drop that argument.
Note that due to the extreme simplicity of the scripting, any slightly
more complex cases spread over multiple lines would not be triggered:
they definitely exist, but this covers the vast bulk of the cases, and
the resulting diff is also then easier to check automatically.
For the same reason the 'flex' versions will be done as a separate
conversion.
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This is the result of running the Coccinelle script from
scripts/coccinelle/api/kmalloc_objs.cocci. The script is designed to
avoid scalar types (which need careful case-by-case checking), and
instead replace kmalloc-family calls that allocate struct or union
object instances:
Single allocations: kmalloc(sizeof(TYPE), ...)
are replaced with: kmalloc_obj(TYPE, ...)
Array allocations: kmalloc_array(COUNT, sizeof(TYPE), ...)
are replaced with: kmalloc_objs(TYPE, COUNT, ...)
Flex array allocations: kmalloc(struct_size(PTR, FAM, COUNT), ...)
are replaced with: kmalloc_flex(*PTR, FAM, COUNT, ...)
(where TYPE may also be *VAR)
The resulting allocations no longer return "void *", instead returning
"TYPE *".
Signed-off-by: Kees Cook <kees@kernel.org>
- Add an optional generic sysfs attribute for TEE revision
- Implement revision reporting for OP-TEE using both SMC and FF-A ABIs
-----BEGIN PGP SIGNATURE-----
iQJOBAABCgA4FiEE0qerISgy2SKkqO79Wr/6JGat8H4FAmlrgt0aHGplbnMud2lr
bGFuZGVyQGxpbmFyby5vcmcACgkQWr/6JGat8H7ieA/+LWgQ6n9yUUxZ4hnK2538
lSg9vkBuGYeMcObNyKwtehB3+ivjtQB6ZTdV8OCVhduKFXLBb/6Iedf1zHrVrEi2
qXTZutfzPNFD4wfD+VvpfY3ydxbvB+xBOKwNEI+2mUnyxe7RiDWkMKKg6dS2p9uy
dvs1+H9yYyL/jMecNbjrBaUFQ80YzHUakQ2ExHWRUZtUHKKVcELlbWzvNxfTa+Xo
lyuhWFr9/u6loJ+kyMcq4vaesM8fdfq6ESaeoWGumFyviy3Ds/k9HNyTSwqHn/9S
CfcG3souXA/9WUaH9q3pM8pb9VZHfYLIIPZ9LB0qePdJL82Fh16KGWnSEyQyEehJ
fpOPui8LAP9siyR9Ett8i1vvXf2qquZxx5Ep+07u+Vx1ho6CfGL30hpzQTBJrHRI
GfLyjfZYiR2sOkUE0sfFMxZDy6F5OOJL3/NIAXC4C7MLOFbeFChsbkd9Cz0K4kGA
InPBVDVfIANBTGxsZT2YizLPar8Ui1X6L3o1nrb75qEJn86QUdzVgr20XuCfnRi1
W7QIa97QJGA8sBVHLEoZFRSDJjVJP+7vWK2hn6qW6iJiLMkuBoKY741WmEM1wEdW
sgZ0D014Oxc7EstWPfbgkX5K/2ABsrtg6Lb1/X39N3uMkvaxRzwhyuCSjeVzlczv
AoFdyelBnTLCWemZ/fI8goo=
=8kDV
-----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEo6/YBQwIrVS28WGKmmx57+YAGNkFAmlw8S0ACgkQmmx57+YA
GNm68A//auSP2t30O+WMO4biHofoKhkgeoj4IkuQKCReKeCukjCRy0Sh+S7XJkbv
UYfPhUg44b9p3xjD+jugTv2FqCMV9ivdGAGOLIekEeknIKgHJ0sqCGpKgahL7w17
aWV2eGVe1tnA0RKx51ixHe9m38/esQsxCTFT3dS8RiKvfljhM+KXgH8pNy+aT+QO
hazk0uWRsM5rYCbAL5vbt+zjt2lTO34cCp2+OM/18S1x4lgfW2kDQBYYtgAZvZJF
MclDCvXP06SOakGmr5sAnRN943fH5zmEGbw1buoXjStsiJX4EHuccHtAmjvOwPD/
p7MKPiSn8WEdhNiLVk9XV/SSs+aYtT69c3uGjV+1MnhsB7RVjqA+xfhK8LZajseb
r0ZSReUJF+KpguHqJfNj+bVQQm1KFRsIqurB0Cn7J+fwRAiS5D9Mqku/OGYso2GE
RGPavlndN8ytZWJiYKyzsBOkAiYR0jejJbwMH8OA72/mcDsxibLafSr5DSeYpmmS
AfXPGkZEluNYW0UccrsFov+rZ6AHiGCuElNVZ2W1l1QKc641aS1y1Ar987ysq1PC
KrpSHDihrzbBcIgTKCQoL19vaqusOyDk6RB263zOLrgEWnelxVSLcQWEDTPjX9dV
4Ys/DE+O1dZIZ0Waq88InzpIZlUcLlVMJEEiXSRxIGskFYNgaZM=
=lDdi
-----END PGP SIGNATURE-----
Merge tag 'tee-sysfs-for-6.20' of git://git.kernel.org/pub/scm/linux/kernel/git/jenswi/linux-tee into soc/drivers
TEE sysfs for 6.20
- Add an optional generic sysfs attribute for TEE revision
- Implement revision reporting for OP-TEE using both SMC and FF-A ABIs
* tag 'tee-sysfs-for-6.20' of git://git.kernel.org/pub/scm/linux/kernel/git/jenswi/linux-tee:
tee: optee: store OS revision for TEE core
tee: add revision sysfs attribute
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
- Move from generic device_driver to TEE bus-specific callbacks
- Add module_tee_client_driver() and registration helpers to reduce
boilerplate
- Convert several client drivers (TPM, KEYS, firmware, EFI, hwrng,
and RTC)
- Update documentation and fix kernel-doc warnings
-----BEGIN PGP SIGNATURE-----
iQJOBAABCgA4FiEE0qerISgy2SKkqO79Wr/6JGat8H4FAmlrfQ0aHGplbnMud2lr
bGFuZGVyQGxpbmFyby5vcmcACgkQWr/6JGat8H6RShAAmh3/5z4pOV2i9zq6CAkY
nbt8BLkf6BcNA06I+uAISpESuIaRBXd89pZBVKoh1axlncPSpG2rth7IViGqvB5w
9KtZmzGvQbGZLYMtmctdaz10SqKNG0l3w/v3kN8wfjBAr9eP+Ztfp/R9SwLTQVik
Y8xHBdHQf6zJoZmE5GDcPQIkLSYr/BnH4ksxdQSUPi6bVkJZQkw5IyVd2tPOqozT
dsUBQlEBmgdogQ3ZGp/iKi4gMZ9ehU0ZW+hiLx1KXpbUqJHQoEhQc7ZKEggbzdP1
kpETTcjTmqUejoodtBzOo9EiW3ji4HLkaiBru3ZL895w3IMjYN+sPm4FiwZcUJDC
+M4pKflpqVE/hnSaacBnM3WMt98fQe1Fb1DHibMPvG4hS0jMeTJF9DPIQp9KQgIl
56eS9T6fqr6EGoqK1IVhcqnzp8TWcCkskSu1CzRngRQcbRPXZtFDht1a+sjVYbBZ
RKEQ9ghmLTR1jU+4ezMXDmpVzWZaiCX+2NqlzFSIoeJetxUXhaU6zls8NIEDmzCk
jRCV6L0TBQ2flRktUkidFwlJkhejNLbIBH0XHwi9y8zr48azFiuiYCcdeWqZmS88
Hg6hYKs4QJJe5XBCdgt1Iyn5H+9qSm7lRuQ+VTAPDAXxMdlNaDVw7YtuFshRd3rW
C/2xpgj0ZdjuERSfE1qNqHU=
=Ix8s
-----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEo6/YBQwIrVS28WGKmmx57+YAGNkFAmlw8KAACgkQmmx57+YA
GNncfBAAoH3BKSbWu7gF29MnAUBd3qqSK/0JojGloKV5K6agDwbnpqsAjrVHvr90
JYLIuTZz2oP1JKhXH/HLlDdbJPUgPwSa0+og6RLEDUqUq8nQaL3UqKclIdynUqrq
KmWob7BA0GH0DfrYy9PH5i5V77n6r3oLYa2G65G4wPcmiI1RQ6X+KqDu4Sf5cwAf
6QYLGIylAjNA0RWAj8NahxcJO+IximPpdBusYuMwqUma1fzy/2XkDuIs8TR/FnNQ
6V83SUCZBuH9V49WcWYJlvtSHpQFzdxsgo5IoZm+mDXTfnlFk2OO9iByfxD0kbGH
sdBxsT1ZFcrT9WZS9XvR9MvjYJcsT1uYdXn2wkWZ9hw9Ck52gZ/dOZvbpoJflPQe
yEXXnK0ebnhRQ69TTvjnz4Ss0r4IP48UaVZjEvCXwJhTN5/c36YJjQzWZHKc/8C5
tfuY3rZBMxeqsUkbg1Z5mDHHvYm2FnnByGYEEOvR0pD2B2M0A1uaons2WLUG0w/A
aJV7JCdrWw7RXOumYFS3TmxCGha5Gf05QlIGF8Bq9zdGNDkBHw2KUoIntPjD8FB7
rLO3MOBT6gGCz3oEHb75LUEd0YvHtLIkRvkIUjPgENFZ7ejJ2Zoot9ISxNYje/Tv
bEyV/IUvqV26Evj2F0I/85r+SQKVacTBngJkC2rr+lU3ayRTxrQ=
=DwU/
-----END PGP SIGNATURE-----
Merge tag 'tee-bus-callback-for-6.20' of git://git.kernel.org/pub/scm/linux/kernel/git/jenswi/linux-tee into soc/drivers
TEE bus callback for 6.20
- Move from generic device_driver to TEE bus-specific callbacks
- Add module_tee_client_driver() and registration helpers to reduce
boilerplate
- Convert several client drivers (TPM, KEYS, firmware, EFI, hwrng,
and RTC)
- Update documentation and fix kernel-doc warnings
* tag 'tee-bus-callback-for-6.20' of git://git.kernel.org/pub/scm/linux/kernel/git/jenswi/linux-tee:
tpm/tpm_ftpm_tee: Fix kdoc after function renames
tpm/tpm_ftpm_tee: Make use of tee bus methods
tpm/tpm_ftpm_tee: Make use of tee specific driver registration
KEYS: trusted: Make use of tee bus methods
KEYS: trusted: Migrate to use tee specific driver registration function
firmware: tee_bnxt: Make use of tee bus methods
firmware: tee_bnxt: Make use of module_tee_client_driver()
firmware: arm_scmi: Make use of tee bus methods
firmware: arm_scmi: optee: Make use of module_tee_client_driver()
efi: stmm: Make use of tee bus methods
efi: stmm: Make use of module_tee_client_driver()
hwrng: optee - Make use of tee bus methods
hwrng: optee - Make use of module_tee_client_driver()
rtc: optee: Make use of tee bus methods
rtc: optee: Migrate to use tee specific driver registration function
tee: Adapt documentation to cover recent additions
tee: Add probe, remove and shutdown bus callbacks to tee_client_driver
tee: Add some helpers to reduce boilerplate for tee client drivers
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
- A micro optimization by making a local array static const
- Update OP-TEE mailing list as moderated
- Update an outdated comment for cmd_alloc_suppl()
-----BEGIN PGP SIGNATURE-----
iQJOBAABCgA4FiEE0qerISgy2SKkqO79Wr/6JGat8H4FAmlredUaHGplbnMud2lr
bGFuZGVyQGxpbmFyby5vcmcACgkQWr/6JGat8H4xChAAhUG/QPAPPCyG3m8mLQ5e
drjiKMa20TE31r+tNUJGuUCxa9JPPFZEoX+6ucYaOUZhGaUW8qYhbAl+kMmsu/O3
pZay6bjp/Dpbo9QKn94Gl7JtvPXZD3RV9SZb9Hdzb4OdH/A9+/CQcnWzufgccoTD
rXEwtJhTn972aXkbLAZY9dL9DcMA+dvBdzhc5Y8F9zH6+BLfV/duCmb8EHUlT528
zTqGrTTdL11IcpimvdJ1LG4UMAjEZe1nIedJ3Fqxg6nhxQD7lv+10kY2QFonqhsF
drgukflh7K5Y9ROOATekzt3SJINpkvlQOq0baXVOJhHBjAhB5hzOFfArx2mkMW9g
Z9wyj45n5U6aIKUzXhrprBiZ8miSut0Mtjp35hsc6a1WWbfBKJ6nranCeMMSh0ff
hnhUGL8iG1fbzbTkyIT0jDN6vS2dFxJx4zNoN5v8HPXs64IPgJihI7hzriJkxAbh
mcEhZ1FXx16sumqNw79AC25GBkI0+QkkIyTO1GhsvnLcRpbfnotY/AKABAD1uWKt
Erql3++GKjx0t9DFpzPsttyLJqVa3GHe9ImsX5gCGzfUO7vB54Gie/GKNxOPbDrL
Wcmhj0mHPNznySqBupM5dUSBP/9Fs+XDUhW8wz1QctfoRYeERmKn1HjqpCVSJlOa
DB/UCdiA4+UcfV5k7oGvr9I=
=iY48
-----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEo6/YBQwIrVS28WGKmmx57+YAGNkFAmlw8GEACgkQmmx57+YA
GNmLxw//aEhs8ucwR+MzIwmgIIJOv2KBNSYZnQLGB3xTGKPFHXdRKPlBkIBTzuP8
kWJKJs6hBn7XPZb9AsQceNaOhfDqtHFVIrj9fWKfoROj6+0BWMY7M//67KheOSO6
JO5kDFgVyW53yj9msRc/LuxVjrHnBoT/CVxVu9gRdHkV8JUoFL5iE7+5lrbzKIKE
QpOFhCNiOq+xmNl1oUcsP2V+F30XpOrrZ48HBjWhUz3jbweXHvKVWlB5oQweIsdV
QznvdMymtALncJy/KvYnA5bXT2zE3Dox1h6ExgBGuvRHTEcOUuR7BaM06efMbCN1
7iENA5evIpSSMcw9NMXdN4Dkbr3Y3505HbPQrmFZyuVJdfMuCgPy6AJe3jb0qxr1
EYmqU3NibvH6rLidI/k/eCpGdzyASM9hN3Z7A2hTvlKRzL0ms3C8R1YBG08Jthg8
89Lexux9Cask7+HHYJ/ZM5tIJ6/vkIwda9UTbng4BTaVc+J6LqFqadgQcWSd8fGb
kbXJ3+4CeqV2V+/1LXj2is/HfXvPFBU1xpE93p6xXo554yKrNIoA5xueWpVKKI4B
8gqBRbvrVpvgryj0oGtdb3zBPs8YBmhXpU48bRoihYyR5dKJOPkTEB7X6Nf4lG3Y
nRHr/Ghg71nIyrPX+jJMrZllnp6PTEKzayJyCZTomf8t5STaB78=
=diWz
-----END PGP SIGNATURE-----
Merge tag 'optee-update-for-6.20' of git://git.kernel.org/pub/scm/linux/kernel/git/jenswi/linux-tee into soc/drivers
OP-TEE update for 6.20
- A micro optimization by making a local array static const
- Update OP-TEE mailing list as moderated
- Update an outdated comment for cmd_alloc_suppl()
* tag 'optee-update-for-6.20' of git://git.kernel.org/pub/scm/linux/kernel/git/jenswi/linux-tee:
optee: make read-only array attr static const
MAINTAINERS: Mark the OP-TEE mailing list moderated
optee: update outdated comment
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Don't populate the read-only array attr on the stack at run
time, instead make it static const.
Signed-off-by: Colin Ian King <coking@nvidia.com>
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Collect OP-TEE OS revision from secure world for both SMC and FF-A
ABIs, store it in the OP-TEE driver, and expose it through the
generic get_tee_revision() callback.
Signed-off-by: Aristo Chen <aristo.chen@canonical.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Add a generic TEE revision sysfs attribute backed by a new
optional get_tee_revision() callback. The revision string is
diagnostic-only and must not be used to infer feature support.
Signed-off-by: Aristo Chen <aristo.chen@canonical.com>
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
The function cmd_alloc_suppl() was renamed as
optee_rpc_cmd_alloc_suppl() in commit c51a564a5b
("optee: isolate smc abi"). Update the comment
accordingly.
Signed-off-by: Julia Lawall <Julia.Lawall@inria.fr>
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Initializing automatic __free variables to NULL without need (e.g.
branches with different allocations), followed by actual allocation is
in contrary to explicit coding rules guiding cleanup.h:
"Given that the "__free(...) = NULL" pattern for variables defined at
the top of the function poses this potential interdependency problem the
recommendation is to always define and assign variables in one statement
and not group variable definitions at the top of the function when
__free() is used."
Code does not have a bug, but is less readable and uses discouraged
coding practice, so fix that by moving declaration to the place of
assignment.
Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@oss.qualcomm.com>
Reviewed-by: Amirreza Zarrabi <amirreza.zarrabi@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Initializing automatic __free variables to NULL without need (e.g.
branches with different allocations), followed by actual allocation is
in contrary to explicit coding rules guiding cleanup.h:
"Given that the "__free(...) = NULL" pattern for variables defined at
the top of the function poses this potential interdependency problem the
recommendation is to always define and assign variables in one statement
and not group variable definitions at the top of the function when
__free() is used."
Code does not have a bug, but is less readable and uses discouraged
coding practice, so fix that by moving declaration to the place of
assignment.
Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@oss.qualcomm.com>
Reviewed-by: Amirreza Zarrabi <amirreza.zarrabi@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Initializing automatic __free variables to NULL without need (e.g.
branches with different allocations), followed by actual allocation is
in contrary to explicit coding rules guiding cleanup.h:
"Given that the "__free(...) = NULL" pattern for variables defined at
the top of the function poses this potential interdependency problem the
recommendation is to always define and assign variables in one statement
and not group variable definitions at the top of the function when
__free() is used."
Code does not have a bug, but is less readable and uses discouraged
coding practice, so fix that by moving declaration to the place of
assignment.
Signed-off-by: Krzysztof Kozlowski <krzysztof.kozlowski@oss.qualcomm.com>
Reviewed-by: Amirreza Zarrabi <amirreza.zarrabi@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Introduce a bus specific probe, remove and shutdown function. For now
this only allows to get rid of a cast of the generic device to a
tee_client device in the drivers and changes the remove prototype to
return void---a non-zero return value is ignored anyhow.
The objective is to get rid of users of struct device_driver callbacks
.probe(), .remove() and .shutdown() to eventually remove these. Until
all tee_client drivers are converted this results in a runtime warning
about the drivers needing an update because there is a bus probe
function and a driver probe function.
Signed-off-by: Uwe Kleine-König <u.kleine-koenig@baylibre.com>
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Similar to platform drivers (and others) create dedicated register and
unregister functions and a macro to simplify modules that only need to
handle driver registration in their init and exit handlers.
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Signed-off-by: Uwe Kleine-König <u.kleine-koenig@baylibre.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
- initialize result before use in in error path
- fix uninitialized pointers with free attribute
-----BEGIN PGP SIGNATURE-----
iQJOBAABCgA4FiEE0qerISgy2SKkqO79Wr/6JGat8H4FAmka6uoaHGplbnMud2lr
bGFuZGVyQGxpbmFyby5vcmcACgkQWr/6JGat8H625hAAkeOfInc+UE3Y7KAuQ/o4
hbZE1wEQVJmCu1X7ugMowR7PWkntgOotUQPvGzgo8041UFpHCKSX+0y3yKud92yh
imiy7Gx9OxKYHUEC8J7SIuZpqJ2x87NPpLafA3+qLcYBAguY/aibpfhbDi9oi2qk
VZwisQuz5Gc5K2WJ5WUgj9Hxh9AlQQ6K8/oFl9QDZZv1H3GSYgiQJbVOJDVwjGir
4Ttm5b1NKMd8Jpa+sFkHOwQgOSvWujcUBRA+osopkz3JRRohgUrFQ+ShDc4/+ioe
NaQr6tJEiuBHihkSexPVyKRO7WyrIB/g33K5vB1GVwx/9MD8rWm/gU69jIMQn9PL
sNt6AMZx4A8MTL56slM9d9GYHQelFSS4alXgQW4C+iVzVcRMp0fiwDbxoe2Q7goy
MNX2Ic+ffYJJNkkBFye+udlmdH9Wqzz+NqIyb/9AEDx8TA1Fvl6sd19P+JedWH2q
dnbYVt4/N4l/8YJrh/T8/kJwvFheOC1Y5nlugf3wImcZgY3T9hhDOjYxMaCbZyCS
hcYzbylrMgzz2VP51xuClvI5OILKCA9fqR7nxVJo1a6fVTrT24jDELzE/hCkkPRS
Hra1yd/ZflIysuut7B8Yb2m0eSDhcyVtuf/kTFBndzduyxYq7Zza3J/UvrQUCHKy
0aACyNlFB4amfaRFfWHc21I=
=+IKZ
-----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEo6/YBQwIrVS28WGKmmx57+YAGNkFAmkgyywACgkQmmx57+YA
GNmIMw/9F1n6uAP0J0uVGLiDKSvxwN93oIYSoR3ToW/W4NUa67kJ/ScTO/ac+Mze
C2XAb4tY7rW3Ts34GWcW7G5sbV96HW8h81x9LsYGDdyNOzaLgESgvmsaObLH5RkY
K4DhgIyBTSpZf3QAqOd47BI2IkgHgcnjoyrCYMdC1b/wjrScwyvBxC7hbxS8Z4nu
mD2Cfdj/l41P09miemeLCXIcOHRJShtVRzZdszTmKqi3YEESAYSw57OKfE4flcuR
NhxLRwnZfetvuqW6wqNZBeoRLgTenpG5Qj2nPxJXpXG+gVw8EMvo87U/oq3bYNgu
+04EjN2Ulc3BPuupfq5K4x3Pmf0olkDJ/qyaeUc//R6ouwH/4hQvqRWUewhJ+1MF
wbfj/fPfOlhqPa5TiwwGWC9XK0ovq7bdcbEsVkJXJ7b4Do16zWa57dIS+heN4A/Z
UlXBvjEWgYd0H9+AGkWii3iFFy86FGRxflGYDfti6iRMeo3h+RbiNx3w8KbOgLg2
il6ne2TLvLg1pFqm67suPDXfyRRIKmkvIZtEyH8cdXmJ2zKYcrfoskd2Q9nd5bZE
Bzy0KrO18mXNTjcnd3ht+6hkYcAcQFetk6DgU7aKg0WDNOeWFPlnxr7BBASVSZjI
oiCcLW8GqCqJubMBjydso3q85AW8ig5phRCxuTP3kEbZPb71hMU=
=r+Hg
-----END PGP SIGNATURE-----
Merge tag 'qcomtee-fixes2-for-6.18' of git://git.kernel.org/pub/scm/linux/kernel/git/jenswi/linux-tee into arm/fixes
QCOMTEE fixes2 for v6.18
- initialize result before use in in error path
- fix uninitialized pointers with free attribute
* tag 'qcomtee-fixes2-for-6.18' of git://git.kernel.org/pub/scm/linux/kernel/git/jenswi/linux-tee:
tee: qcomtee: initialize result before use in release worker
tee: qcomtee: fix uninitialized pointers with free attribute
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Initialize result to 0 so the error path doesn't read it
uninitialized when the invoke fails. Fixes a Smatch warning.
Reported-by: Dan Carpenter <dan.carpenter@linaro.org>
Closes: https://lore.kernel.org/op-tee/7c1e0de2-7d42-4c6b-92fe-0e4fe5d650b5@oss.qualcomm.com/
Fixes: d6e290837e ("tee: add Qualcomm TEE driver")
Signed-off-by: Amirreza Zarrabi <amirreza.zarrabi@oss.qualcomm.com>
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Reviewed-by: Konrad Dybcio <konrad.dybcio@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Uninitialized pointers with `__free` attribute can cause undefined
behavior as the memory assigned randomly to the pointer is freed
automatically when the pointer goes out of scope.
qcomtee doesn't have any bugs related to this as of now, but
it is better to initialize and assign pointers with `__free`
attribute in one statement to ensure proper scope-based cleanup
Reported-by: Dan Carpenter <dan.carpenter@linaro.org>
Closes: https://lore.kernel.org/all/aPiG_F5EBQUjZqsl@stanley.mountain/
Signed-off-by: Ally Heev <allyheev@gmail.com>
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
- Adds ARCH_QCOM dependency for the QTEE driver
- Fixing return values for copy_from_user() failures
- Guarding against potential off by one read
-----BEGIN PGP SIGNATURE-----
iQJOBAABCgA4FiEE0qerISgy2SKkqO79Wr/6JGat8H4FAmjfv58aHGplbnMud2lr
bGFuZGVyQGxpbmFyby5vcmcACgkQWr/6JGat8H6uxA/+NFregDoinXbAYFzEjoTM
g2tVAEe/6+1XWN37DngvWvV4ndnbq49n9EYqR4mWRz1KH5sCmTjpzolOpLvLmKd3
woZeqPP6gpbmiKQQ08cK34axhfi0xAPAK9B9qiat5ARBN1CoT0E+OLp4u9B4RX7/
zf2jU8PI2JrqqbABmUIkfqbHgP5Hh9TIzE3RH4oI/wLQl+F2goKBx+p2X8BEqmlw
xRpD4nKMk8Hui/oIDwe9BJ5AzVb4hG/PY9O9UQRaW/WCifcIyWYWbE3cnnN1YtmO
yRcGlalBa/wpRQR94pUUyrb1qhbb/PcdSa46SQ2nL8yQ1C11+kr6BEW1KTV6RRBU
guKK8D41ZLSUKDVvtiJD7nszhwrGdHafw/V9Kqu9KGbhba3gUJhClpDRS/1boyZ8
UlDpWz4GAQ6Ky1QZrq7yPJ2qrrTq6GVDPVRt7DLqnupkF9ASa5Ii96IEqK4IZZB5
5VRlpFLTKdPjmxvBvAtcvBp3ryOG2JOlwCkUlzfAmjeHdNY7duaNHy+XxwqzhiLY
KREZD7c3H3ghJbrC6UY+anBRsP0uIAn1C3wDTNgprVTsjF6IZOy82ZJmUqxT+yU5
QEgXjGj9g1LvydujhPfQ0O+t8D5h0guEbw4iHSHCAL7fYL0iK1ua3+52sQXbs79L
vJu6+0DSqUdju5wlgta0kao=
=z/ma
-----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEo6/YBQwIrVS28WGKmmx57+YAGNkFAmjyRB0ACgkQmmx57+YA
GNmszQ/7BEPFQZmUCW26t8krpaE4MBJpJNsXT3GG3CMK2fmu/rdUf2iB0cXbEi9S
XYwNng5qYPw1BcqbJR4PbUDpOa6td5Byucq6h+A2dDnBqiguOwtC8rpi1kz2y6Gx
N0laWR8UUYd7Oh9aFZheX0ye01GzHXsNYZTuCqSE1XIpzVLFJFYHYSVFE/YEhQ+5
YjDQebJVpgGlacdHZy/UywwPQqUiL67WrGFhwyvep1iAxQh8gltVPfBNqnD9QzdC
zKIWL/XmlPHXxDsbB1ZvD8pYkPIZh3pqd+8kpkQzElEErJYLHpHTcHbNQxGzsUxC
9A5mlexBIQUg5hyFMzoulFwb44JCEa59SoSbXKDzbHZAkQwKPztg4TGTMdsbuXQv
Lyr+3fJ1fO1O44OXFcLh6WpKmaFna9kyVcbsW9FSRU5RWYOerfBgyk6NlQ8vSn6U
IDPXccpxbvG2jWMWdW/H5YtJ3WJjue5gm/wKN3K2Mzwimj57AHQEHvTxc9zzSYD4
A3yNdgcfwIipLVWFNqY+HDpKDzjaay0GEaGgNLEj/syuK0GfaRm9sKeS05B3weOb
kipNi6jf/0ZEg3vl5tMBA687Y+cx0J4VuS5cCMwoExpl0RzZCriXA0uMfOE7ovdp
b8134JCTLxhSdONUX2jK9mAXNOK0ovmwjuWqaVvlNb4w0YCQPAw=
=G+xF
-----END PGP SIGNATURE-----
Merge tag 'tee-qcomtee-fixes-for-v6.18' of git://git.kernel.org/pub/scm/linux/kernel/git/jenswi/linux-tee into arm/fixes
TEE QTEE fixes for v6.18
- Adds ARCH_QCOM dependency for the QTEE driver
- Fixing return values for copy_from_user() failures
- Guarding against potential off by one read
* tag 'tee-qcomtee-fixes-for-v6.18' of git://git.kernel.org/pub/scm/linux/kernel/git/jenswi/linux-tee:
tee: QCOMTEE should depend on ARCH_QCOM
tee: qcom: return -EFAULT instead of -EINVAL if copy_from_user() fails
tee: qcom: prevent potential off by one read
The Qualcomm Trusted Execution Environment (QTEE) is only available on
Qualcomm SoCs. Hence add a dependency on ARCH_QCOM, to prevent asking
the user about this driver when configuring a kernel without Qualcomm
platform support.
Fixes: d6e290837e ("tee: add Qualcomm TEE driver")
Signed-off-by: Geert Uytterhoeven <geert+renesas@glider.be>
Reviewed-by: Konrad Dybcio <konrad.dybcio@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Lots of platform specific updates for Qualcomm SoCs, including a
new TEE subsystem driver for the Qualcomm QTEE firmware interface.
Added support for the Apple A11 SoC in drivers that are shared with the
M1/M2 series, among more updates for those.
Smaller platform specific driver updates for Renesas, ASpeed, Broadcom,
Nvidia, Mediatek, Amlogic, TI, Allwinner, and Freescale SoCs.
Driver updates in the cache controller, memory controller and reset
controller subsystems.
SCMI firmware updates to add more features and improve robustness.
This includes support for having multiple SCMI providers in a single
system.
TEE subsystem support for protected DMA-bufs, allowing hardware to
access memory areas that managed by the kernel but remain inaccessible
from the CPU in EL1/EL0.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEo6/YBQwIrVS28WGKmmx57+YAGNkFAmjdpaoACgkQmmx57+YA
GNnBXA//QgmFXYGG7QfB825mt0orKZxpfpLcwvqO7hkWgbXtl7Gokw2lGYN6bwLu
zvY4MQ/bVoZ8R5uTVmuaSHBRsttSen8mBf+V0vzsBM/DRRVxvIN/7TESrY3J7Dtx
J5syHKIBiUtdkDebWWC6jIElczIBItsd03Ln4Xjjt8Vas5YOO4n44zFrPo+FwlN/
I6D2K86AiNZTtUCDMtB6VfJ6YtjYBWcWnJm7FXw/vE8FAXdZUnNWnZ8hbdQ5GaME
JZGepUhONaOMUoGNZNaDGw511RdPhYzPjj9rCsIx2qdsRO9/4tJ8ccpW2aUMYh8c
nA6w8Hj8jCwco6aYYrDUDV9uRtURDrmyJgTJBNLU05e/L+MuJ3IZNlzHFWlsxIAE
vhyTdmg/P04ClQyixCl67IH/66F/0smX9C+1761LrD7GTdfR92KPl5W6q+DPBg/x
yf+s2p3+f7ItV5XobKOrbf3w0xazeDb5o/EK8BufMx9vSe9bpzJ0gOf0CmNXEpyZ
owAhbh6wXX1YwPcyA9LHv6gthyJwc/3fLu49ggMZP2rU01ccKOYn9H0cr7C8NVmy
wEpJR0lp5aSw2oRkPkxB6sFmUohcpr8/OXGGJuvCXkYsUY1BEup4lewvbIWK4WoE
c84kbbaHsjgFhe3IRlQw3G4KLYQT3jRtF7fH+gPx556BcI6K+lg=
=mcZR
-----END PGP SIGNATURE-----
Merge tag 'soc-drivers-6.18' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc
Pull SoC driver updates from Arnd Bergmann:
"Lots of platform specific updates for Qualcomm SoCs, including a new
TEE subsystem driver for the Qualcomm QTEE firmware interface.
Added support for the Apple A11 SoC in drivers that are shared with
the M1/M2 series, among more updates for those.
Smaller platform specific driver updates for Renesas, ASpeed,
Broadcom, Nvidia, Mediatek, Amlogic, TI, Allwinner, and Freescale
SoCs.
Driver updates in the cache controller, memory controller and reset
controller subsystems.
SCMI firmware updates to add more features and improve robustness.
This includes support for having multiple SCMI providers in a single
system.
TEE subsystem support for protected DMA-bufs, allowing hardware to
access memory areas that managed by the kernel but remain inaccessible
from the CPU in EL1/EL0"
* tag 'soc-drivers-6.18' of git://git.kernel.org/pub/scm/linux/kernel/git/soc/soc: (139 commits)
soc/fsl/qbman: Use for_each_online_cpu() instead of for_each_cpu()
soc: fsl: qe: Drop legacy-of-mm-gpiochip.h header from GPIO driver
soc: fsl: qe: Change GPIO driver to a proper platform driver
tee: fix register_shm_helper()
pmdomain: apple: Add "apple,t8103-pmgr-pwrstate"
dt-bindings: spmi: Add Apple A11 and T2 compatible
serial: qcom-geni: Load UART qup Firmware from linux side
spi: geni-qcom: Load spi qup Firmware from linux side
i2c: qcom-geni: Load i2c qup Firmware from linux side
soc: qcom: geni-se: Add support to load QUP SE Firmware via Linux subsystem
soc: qcom: geni-se: Cleanup register defines and update copyright
dt-bindings: qcom: se-common: Add QUP Peripheral-specific properties for I2C, SPI, and SERIAL bus
Documentation: tee: Add Qualcomm TEE driver
tee: qcom: enable TEE_IOC_SHM_ALLOC ioctl
tee: qcom: add primordial object
tee: add Qualcomm TEE driver
tee: increase TEE_MAX_ARG_SIZE to 4096
tee: add TEE_IOCTL_PARAM_ATTR_TYPE_OBJREF
tee: add TEE_IOCTL_PARAM_ATTR_TYPE_UBUF
tee: add close_context to TEE driver operation
...
This introduces a Trusted Execution Environment (TEE) driver for
Qualcomm TEE (QTEE).
QTEE enables Trusted Applications (TAs) and services to run securely. It
uses an object-based interface, where each service is an object with
sets of operations.
Kernel and userspace services are also available to QTEE through a
similar approach. QTEE makes callback requests that are converted into
object invocations. These objects can represent services within the
kernel or userspace process.
We extend the TEE subsystem to understand object parameters and an ioctl
call so client can invoke objects in QTEE:
- TEE_IOCTL_PARAM_ATTR_TYPE_OBJREF_*
- TEE_IOC_OBJECT_INVOKE
The existing ioctl calls TEE_IOC_SUPPL_RECV and TEE_IOC_SUPPL_SEND are
used for invoking services in the userspace process by QTEE.
The TEE backend driver uses the QTEE Transport Message to communicate
with QTEE. Interactions through the object INVOKE interface are
translated into QTEE messages. Likewise, object invocations from QTEE
for userspace objects are converted into SEND/RECV ioctl calls to
supplicants.
-----BEGIN PGP SIGNATURE-----
iQJOBAABCgA4FiEE0qerISgy2SKkqO79Wr/6JGat8H4FAmjIS8AaHGplbnMud2lr
bGFuZGVyQGxpbmFyby5vcmcACgkQWr/6JGat8H4Wzg/+KnIx5XCYpj1QmL2H8vz5
dkqB5+QEHfaUIKxUrbk7X/Gow7ZTO8IuDPaiWPSIaGhOosio7fr9J6SdGWySSvBw
qXazPLgRP7tvhhUA8H1zGO6J9GSGIGENtzRyeK9QzglmkBQcoK9fLRH7StGiwFdP
f3NKPIx3YZKKL5+I4Xe8J0jvLZmiJW59cSj7m1sfDbPobuLLEKff4VFd4NSv8ufc
JKpxlxwa3xCtpjNsDJFNlpRwtO0YvF10V3xlDtRGZQs7Gq/dbOA48koA0EqZtTc9
Yhigl+F4gjleQcrpVT2QM7qJt8fdmuR77FI67YQCmr1cqY1pT/gT3l3Fri0Ok3XU
Yl+EBI32QLFTjJeGvoEehaEhhpJsWJaLDNDgOV9gDJfZoJK3UgYVjUFwWlVF8Xju
6iplkDBGpexogjDXoBo8vZEP+/EGwr+cGhWvokLymZCe8R8tfmbA4KkU1mhxo3ma
eHleGKKghC78xQzUc7gwt0pVJm4FY+uoCzbdV/S/i5j5Kn6l4un5lkUOzXH6D7lj
HBLExWqL8nxc7mC0Zxtvcd58FiVbLgjEmgMQEGOTliuO8/BXxKU1OJeyNGd4D9vz
8F2vwBSgyCcrpkx1MmDC2NxYPzUOQ58ct6z07UxlpUCcBgCXlnrRBMjX1k8CwJpn
BkiizW+aj53HRTQlWlBZLp0=
=+Jqo
-----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEo6/YBQwIrVS28WGKmmx57+YAGNkFAmjTDEkACgkQmmx57+YA
GNk5ww//TTwhmt8/XMNbozvUHYvz2/BsJJ9jVlFZUp9nuf7nVkDESGiNAvj439Fy
xSwnFKjplRxDwLWixsi92QSF60VfhTm3pQ7ggsga/5IoHr+R2l0L2aMzkZUl4jKX
y6pCg9A/FE1D87AfOh4dzuagddkwzOf1CEcJlE95t7NH9uome3QdsIzmc7/yg/MV
01xq+30YaSRNbGxiQkmIqChU8bJBFqaH+ygPWZVyAX0gzk9nQHhzNgvbsi8v0Otv
iFNO3/VF7uzsv2Q8Qx0unIBq6kJIxhHC3K3M1TXHJKRtax8N/8M6UVVkdfshes5+
reg0CIsOEQ9FqevyabEkirtiwvCF61knmhkKJjCnysd+18PCzLjxnNEVtY+tUomH
sFI++U5MLuybfCAx4jqjW9dEUrLNiGF8sbJTkQ4ToBjRJR1YihT9aBHeoH7OCKfb
izS03PlJqDAK7qGH7PTjabi/YmYujizxVrh29CsP3Lk0FfB5m2h2dsX1gr9Z9V5d
hq0z8nAsh6UJt26Nfq2+hhMaC4AiBn4foc+YaCx/Z8pf9pejzEu/NxRNox05LZem
EThVNRF1zTtI+0SCHGDAwV3Tuj/uuvrOl9FkcdPbP0kFErsW8b5zwZWIDvzqc2FT
L39E/C91Ptoe9ZpmCAfnyzKcfI6FeEfXwtMsLcagHsm6pcVbfyc=
=BBL5
-----END PGP SIGNATURE-----
Merge tag 'tee-qcomtee-for-v6.18' of git://git.kernel.org/pub/scm/linux/kernel/git/jenswi/linux-tee into soc/drivers
Add Qualcomm TEE driver (QTEE)
This introduces a Trusted Execution Environment (TEE) driver for
Qualcomm TEE (QTEE).
QTEE enables Trusted Applications (TAs) and services to run securely. It
uses an object-based interface, where each service is an object with
sets of operations.
Kernel and userspace services are also available to QTEE through a
similar approach. QTEE makes callback requests that are converted into
object invocations. These objects can represent services within the
kernel or userspace process.
We extend the TEE subsystem to understand object parameters and an ioctl
call so client can invoke objects in QTEE:
- TEE_IOCTL_PARAM_ATTR_TYPE_OBJREF_*
- TEE_IOC_OBJECT_INVOKE
The existing ioctl calls TEE_IOC_SUPPL_RECV and TEE_IOC_SUPPL_SEND are
used for invoking services in the userspace process by QTEE.
The TEE backend driver uses the QTEE Transport Message to communicate
with QTEE. Interactions through the object INVOKE interface are
translated into QTEE messages. Likewise, object invocations from QTEE
for userspace objects are converted into SEND/RECV ioctl calls to
supplicants.
* tag 'tee-qcomtee-for-v6.18' of git://git.kernel.org/pub/scm/linux/kernel/git/jenswi/linux-tee:
Documentation: tee: Add Qualcomm TEE driver
tee: qcom: enable TEE_IOC_SHM_ALLOC ioctl
tee: qcom: add primordial object
tee: add Qualcomm TEE driver
tee: increase TEE_MAX_ARG_SIZE to 4096
tee: add TEE_IOCTL_PARAM_ATTR_TYPE_OBJREF
tee: add TEE_IOCTL_PARAM_ATTR_TYPE_UBUF
tee: add close_context to TEE driver operation
tee: allow a driver to allocate a tee_device without a pool
Link: https://lore.kernel.org/r/20250915174957.GA2040478@rayden
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
In register_shm_helper(), fix incorrect error handling for a call to
iov_iter_extract_pages(). A case is missing for when
iov_iter_extract_pages() only got some pages and return a number larger
than 0, but not the requested amount.
This fixes a possible NULL pointer dereference following a bad input from
ioctl(TEE_IOC_SHM_REGISTER) where parts of the buffer isn't mapped.
Cc: stable@vger.kernel.org
Reported-by: Masami Ichikawa <masami256@gmail.com>
Closes: https://lore.kernel.org/op-tee/CACOXgS-Bo2W72Nj1_44c7bntyNYOavnTjJAvUbEiQfq=u9W+-g@mail.gmail.com/
Tested-by: Masami Ichikawa <masami256@gmail.com>
Fixes: 7bdee41575 ("tee: Use iov_iter to better support shared buffer registration")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
If copy_from_user() fails, the correct error code is -EFAULT, not
-EINVAL.
Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Re-order these checks to check if "i" is a valid array index before using
it. This prevents a potential off by one read access.
Fixes: d6e290837e ("tee: add Qualcomm TEE driver")
Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Enable userspace to allocate shared memory with QTEE. Since
QTEE handles shared memory as object, a wrapper is implemented
to represent tee_shm as an object. The shared memory identifier,
obtained through TEE_IOC_SHM_ALLOC, is transferred to the driver using
TEE_IOCTL_PARAM_ATTR_TYPE_OBJREF_INPUT/OUTPUT.
Tested-by: Neil Armstrong <neil.armstrong@linaro.org>
Acked-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Tested-by: Harshal Dev <quic_hdev@quicinc.com>
Signed-off-by: Amirreza Zarrabi <amirreza.zarrabi@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
After booting, the kernel provides a static object known as the
primordial object. This object is utilized by QTEE for native
kernel services such as yield or privileged operations.
Acked-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Tested-by: Neil Armstrong <neil.armstrong@linaro.org>
Tested-by: Harshal Dev <quic_hdev@quicinc.com>
Signed-off-by: Amirreza Zarrabi <amirreza.zarrabi@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Introduce qcomtee_object, which represents an object in both QTEE and
the kernel. QTEE clients can invoke an instance of qcomtee_object to
access QTEE services. If this invocation produces a new object in QTEE,
an instance of qcomtee_object will be returned.
Similarly, QTEE can request services from by issuing a callback
request, which invokes an instance of qcomtee_object.
Implement initial support for exporting qcomtee_object to userspace
and QTEE, enabling the invocation of objects hosted in QTEE and userspace
through the TEE subsystem.
Tested-by: Neil Armstrong <neil.armstrong@linaro.org>
Tested-by: Harshal Dev <quic_hdev@quicinc.com>
Acked-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Signed-off-by: Amirreza Zarrabi <amirreza.zarrabi@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
The TEE subsystem allows session-based access to trusted services,
requiring a session to be established to receive a service. This
is not suitable for an environment that represents services as objects.
An object supports various operations that a client can invoke,
potentially generating a result or a new object that can be invoked
independently of the original object.
Add TEE_IOCTL_PARAM_ATTR_TYPE_OBJREF_INPUT/OUTPUT/INOUT to represent an
object. Objects may reside in either TEE or userspace. To invoke an
object in TEE, introduce a new ioctl. Use the existing SUPPL_RECV and
SUPPL_SEND to invoke an object in userspace.
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Tested-by: Neil Armstrong <neil.armstrong@linaro.org>
Tested-by: Harshal Dev <quic_hdev@quicinc.com>
Signed-off-by: Amirreza Zarrabi <amirreza.zarrabi@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
For drivers that can transfer data to the TEE without using shared
memory from client, it is necessary to receive the user address
directly, bypassing any processing by the TEE subsystem. Introduce
TEE_IOCTL_PARAM_ATTR_TYPE_UBUF_INPUT/OUTPUT/INOUT to represent
userspace buffers.
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Tested-by: Neil Armstrong <neil.armstrong@linaro.org>
Tested-by: Harshal Dev <quic_hdev@quicinc.com>
Signed-off-by: Amirreza Zarrabi <amirreza.zarrabi@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
The tee_context can be used to manage TEE user resources, including
those allocated by the driver for the TEE on behalf of the user.
The release() callback is invoked only when all resources, such as
tee_shm, are released and there are no references to the tee_context.
When a user closes the device file, the driver should notify the
TEE to release any resources it may hold and drop the context
references. To achieve this, a close_context() callback is
introduced to initiate resource release in the TEE driver when
the device file is closed.
Relocate teedev_ctx_get, teedev_ctx_put, tee_device_get, and
tee_device_get functions to tee_core.h to make them accessible
outside the TEE subsystem.
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Tested-by: Neil Armstrong <neil.armstrong@linaro.org>
Tested-by: Harshal Dev <quic_hdev@quicinc.com>
Signed-off-by: Amirreza Zarrabi <amirreza.zarrabi@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
A TEE driver doesn't always need to provide a pool if it doesn't
support memory sharing ioctls and can allocate memory for TEE
messages in another way. Although this is mentioned in the
documentation for tee_device_alloc(), it is not handled correctly.
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Signed-off-by: Amirreza Zarrabi <amirreza.zarrabi@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
- Allocates protected DMA-bufs from a DMA-heap instantiated from the TEE
subsystem.
- The DMA-heap uses a protected memory pool provided by the backend TEE
driver, allowing it to choose how to allocate the protected physical
memory.
- Three use-cases (Secure Video Playback, Trusted UI, and Secure Video
Recording) have been identified so far to serve as examples of what
can be expected.
- The use-cases have predefined DMA-heap names,
"protected,secure-video", "protected,trusted-ui", and
"protected,secure-video-record". The backend driver registers protected
memory pools for the use-cases it supports.
-----BEGIN PGP SIGNATURE-----
iQJOBAABCgA4FiEE0qerISgy2SKkqO79Wr/6JGat8H4FAmjD5vIaHGplbnMud2lr
bGFuZGVyQGxpbmFyby5vcmcACgkQWr/6JGat8H7nMQ//afmnhAZKFnHjCfhSuk8e
u7mOCcL32+SY2R2i/OSvXzLNo6zAfpqKPjyBT5h/DEYK+bAgHSNeCNCgmmxvrKkg
3Zptyi4+kW+XPcUvAY4yT82JwhpZoR2YTnmGjDQzhLBcIlHRDHUmVblK7XUkBHUV
YrCqc6HicqcqCKZT8ZWTWa/K1lfe0xvQWOJYVFN8yF867ThHimyp7XJglEsRjUUQ
ygPLRZHZmMNq3Paoz3WQk4v4RDEC+VNVS8DxAvYvN75dSAn7b0v72i2Y64Ox+0BO
2RQcN+PTeHCvGBng3r6PP8gW/nbPQhtu0pCAkARK8xWkTUamWP5H/DvhgzdgO45T
em9F+K4NnWtep9VtfE1dYLoe4ktyyqjmojaE+izCXOX/xtQ2V9xKyDHuPZccmLXV
p9/fXLSyVEy2NUD9W4x6tkfNdnLMINLfPJzNRT8VCFqu9ebc+ldq3Gg1zCoHaFWx
VaOQ9KtelfuNcRLauFy2f5mXkkzf7GKMTgvj636WZBk5fqCCnMF55JJhucV2hD28
I5vKJkfLGDPAXaEuPJut86MZ2bXXEVxhT9i05hb2qVSGocfPuLqwdrOYYJ253wL7
xUmVxWnwEMMK+JKfiMOOW5wdPxrzee6idUBUWZe3y3xqXkTnwFY8KP/CsXV2a7SE
Zsm9/kcU2N7xBzHwocvCUys=
=l0SR
-----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEo6/YBQwIrVS28WGKmmx57+YAGNkFAmjIH7kACgkQmmx57+YA
GNl8kg/9Gy9WbDLCvfu6CKOT5g7Z58jF0z1RetGA92684rCDW3hZuyiAy3nHp3h5
aSkGpJd8hcbJ6S89de7XXY4u0cvFzW8bxX9Zsb7XlKilGdzR5aNs02AHqeJ1BHkV
UcVH+zTB/qrg5JIH68RBD2CLDr7ScnlCa/1IgjU0rIuyilPDC/hsoGjazHV9mG0u
s9ieaHedVgzruNPtAy7MZyJyehuhgGTZh8mJ6O+AN8qWVSu0EIDYNVaT3dZiG0M+
M1N7C2Hxe0RMWd95+xotnz+o/3ifuqkK5BdsuomZT5X4A2oR7rxYb3En+Wsq7/aq
7x4Gdn+8W4eULKepr3l0wLQYVKCYKxbm1R7rKnfYFDOJFZwOyH/h9H56ouO2bekE
h2MsgV7lhKmMhrcAGIN9OsIz9DdPqj4n+z6lqyrCvSsWXGcKtTyTONsrzS3eKTv9
GdfpIkG9pPSlJFH1sO8OegRsolAkxUOx5P/PgdSmiGazKhnBtmFHlXXn+X56fcia
kdwNEBZxiynOkGZjgvqtQWYYr2yXD2YOp00eQHI9rzj8tL38zM49aSO8DlG41rhT
BK5Q1Qsr+dyCpb0/AUdz71LCAz4cKfIYGRavOpZXoNMi+9/+k+2/natLBOA4jetr
wDp3LH8av435LRj/g87zI8n9d7G1NMHaRWJZzOfXquFdTlH3kYk=
=z4o4
-----END PGP SIGNATURE-----
Merge tag 'tee-prot-dma-buf-for-v6.18' of git://git.kernel.org/pub/scm/linux/kernel/git/jenswi/linux-tee into soc/drivers
TEE protected DMA-bufs for v6.18
- Allocates protected DMA-bufs from a DMA-heap instantiated from the TEE
subsystem.
- The DMA-heap uses a protected memory pool provided by the backend TEE
driver, allowing it to choose how to allocate the protected physical
memory.
- Three use-cases (Secure Video Playback, Trusted UI, and Secure Video
Recording) have been identified so far to serve as examples of what
can be expected.
- The use-cases have predefined DMA-heap names,
"protected,secure-video", "protected,trusted-ui", and
"protected,secure-video-record". The backend driver registers protected
memory pools for the use-cases it supports.
* tag 'tee-prot-dma-buf-for-v6.18' of git://git.kernel.org/pub/scm/linux/kernel/git/jenswi/linux-tee:
optee: smc abi: dynamic protected memory allocation
optee: FF-A: dynamic protected memory allocation
optee: support protected memory allocation
tee: add tee_shm_alloc_dma_mem()
tee: new ioctl to a register tee_shm from a dmabuf file descriptor
tee: refactor params_from_user()
tee: implement protected DMA-heap
dma-buf: dma-heap: export declared functions
optee: sync secure world ABI headers
Link: https://lore.kernel.org/r/20250912101752.GA1453408@rayden
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Add support in the OP-TEE backend driver for dynamic protected memory
allocation using the SMC ABI.
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Add support in the OP-TEE backend driver dynamic protected memory
allocation with FF-A.
The protected memory pools for dynamically allocated protected memory
are instantiated when requested by user-space. This instantiation can
fail if OP-TEE doesn't support the requested use-case of protected
memory.
Restricted memory pools based on a static carveout or dynamic allocation
can coexist for different use-cases. We use only dynamic allocation with
FF-A.
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Add support in the OP-TEE backend driver for protected memory
allocation. The support is limited to only the SMC ABI and for secure
video buffers.
OP-TEE is probed for the range of protected physical memory and a
memory pool allocator is initialized if OP-TEE have support for such
memory.
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Add tee_shm_alloc_dma_mem() to allocate DMA memory. The memory is
represented by a tee_shm object using the new flag TEE_SHM_DMA_MEM to
identify it as DMA memory. The allocated memory will later be lent to
the TEE to be used as protected memory.
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Add a userspace API to create a tee_shm object that refers to a dmabuf
reference.
Userspace registers the dmabuf file descriptor as in a tee_shm object.
The registration is completed with a tee_shm returned file descriptor.
Userspace is free to close the dmabuf file descriptor after it has been
registered since all the resources are now held via the new tee_shm
object.
Closing the tee_shm file descriptor will eventually release all
resources used by the tee_shm object when all references are released.
The new IOCTL, TEE_IOC_SHM_REGISTER_FD, supports dmabuf references to
physically contiguous memory buffers. Dmabuf references acquired from
the TEE DMA-heap can be used as protected memory for Secure Video Path
and such use cases. It depends on the TEE and the TEE driver if dmabuf
references acquired by other means can be used.
A new tee_shm flag is added to identify tee_shm objects built from a
registered dmabuf, TEE_SHM_DMA_BUF.
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Olivier Masse <olivier.masse@nxp.com>
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Break out the memref handling into a separate helper function.
No change in behavior.
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Implement DMA heap for protected DMA-buf allocation in the TEE
subsystem.
Protected memory refers to memory buffers behind a hardware enforced
firewall. It is not accessible to the kernel during normal circumstances
but rather only accessible to certain hardware IPs or CPUs executing in
higher or differently privileged mode than the kernel itself. This
interface allows to allocate and manage such protected memory buffers
via interaction with a TEE implementation.
The protected memory is allocated for a specific use-case, like Secure
Video Playback, Trusted UI, or Secure Video Recording where certain
hardware devices can access the memory.
The DMA-heaps are enabled explicitly by the TEE backend driver. The TEE
backend drivers needs to implement protected memory pool to manage the
protected memory.
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Update the header files describing the secure world ABI, both with and
without FF-A. The ABI is extended to deal with protected memory, but as
usual backward compatible.
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Use the SHA-1 library functions instead of crypto_shash. This is
simpler and faster.
Change uuid_v5() to return void, since it can no longer fail.
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
