1// SPDX-License-Identifier: GPL-2.0-only 2/* 3 * Copyright (c) 2015, Linaro Limited 4 */ 5 6#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 7 8#include <linux/arm-smccc.h> 9#include <linux/crash_dump.h> 10#include <linux/errno.h> 11#include <linux/io.h> 12#include <linux/module.h> 13#include <linux/of.h> 14#include <linux/of_platform.h> 15#include <linux/platform_device.h> 16#include <linux/slab.h> 17#include <linux/string.h> 18#include <linux/tee_drv.h> 19#include <linux/types.h> 20#include <linux/uaccess.h> 21#include <linux/workqueue.h> 22#include "optee_private.h" 23#include "optee_smc.h" 24#include "shm_pool.h" 25 26#define DRIVER_NAME "optee" 27 28#define OPTEE_SHM_NUM_PRIV_PAGES CONFIG_OPTEE_SHM_NUM_PRIV_PAGES 29 30/** 31 * optee_from_msg_param() - convert from OPTEE_MSG parameters to 32 * struct tee_param 33 * @params: subsystem internal parameter representation 34 * @num_params: number of elements in the parameter arrays 35 * @msg_params: OPTEE_MSG parameters 36 * Returns 0 on success or <0 on failure 37 */ 38int optee_from_msg_param(struct tee_param *params, size_t num_params, 39 const struct optee_msg_param *msg_params) 40{ 41 int rc; 42 size_t n; 43 struct tee_shm *shm; 44 phys_addr_t pa; 45 46 for (n = 0; n < num_params; n++) { 47 struct tee_param *p = params + n; 48 const struct optee_msg_param *mp = msg_params + n; 49 u32 attr = mp->attr & OPTEE_MSG_ATTR_TYPE_MASK; 50 51 switch (attr) { 52 case OPTEE_MSG_ATTR_TYPE_NONE: 53 p->attr = TEE_IOCTL_PARAM_ATTR_TYPE_NONE; 54 memset(&p->u, 0, sizeof(p->u)); 55 break; 56 case OPTEE_MSG_ATTR_TYPE_VALUE_INPUT: 57 case OPTEE_MSG_ATTR_TYPE_VALUE_OUTPUT: 58 case OPTEE_MSG_ATTR_TYPE_VALUE_INOUT: 59 p->attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT + 60 attr - OPTEE_MSG_ATTR_TYPE_VALUE_INPUT; 61 p->u.value.a = mp->u.value.a; 62 p->u.value.b = mp->u.value.b; 63 p->u.value.c = mp->u.value.c; 64 break; 65 case OPTEE_MSG_ATTR_TYPE_TMEM_INPUT: 66 case OPTEE_MSG_ATTR_TYPE_TMEM_OUTPUT: 67 case OPTEE_MSG_ATTR_TYPE_TMEM_INOUT: 68 p->attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INPUT + 69 attr - OPTEE_MSG_ATTR_TYPE_TMEM_INPUT; 70 p->u.memref.size = mp->u.tmem.size; 71 shm = (struct tee_shm *)(unsigned long) 72 mp->u.tmem.shm_ref; 73 if (!shm) { 74 p->u.memref.shm_offs = 0; 75 p->u.memref.shm = NULL; 76 break; 77 } 78 rc = tee_shm_get_pa(shm, 0, &pa); 79 if (rc) 80 return rc; 81 p->u.memref.shm_offs = mp->u.tmem.buf_ptr - pa; 82 p->u.memref.shm = shm; 83 break; 84 case OPTEE_MSG_ATTR_TYPE_RMEM_INPUT: 85 case OPTEE_MSG_ATTR_TYPE_RMEM_OUTPUT: 86 case OPTEE_MSG_ATTR_TYPE_RMEM_INOUT: 87 p->attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INPUT + 88 attr - OPTEE_MSG_ATTR_TYPE_RMEM_INPUT; 89 p->u.memref.size = mp->u.rmem.size; 90 shm = (struct tee_shm *)(unsigned long) 91 mp->u.rmem.shm_ref; 92 93 if (!shm) { 94 p->u.memref.shm_offs = 0; 95 p->u.memref.shm = NULL; 96 break; 97 } 98 p->u.memref.shm_offs = mp->u.rmem.offs; 99 p->u.memref.shm = shm; 100 101 break; 102 103 default: 104 return -EINVAL; 105 } 106 } 107 return 0; 108} 109 110static int to_msg_param_tmp_mem(struct optee_msg_param *mp, 111 const struct tee_param *p) 112{ 113 int rc; 114 phys_addr_t pa; 115 116 mp->attr = OPTEE_MSG_ATTR_TYPE_TMEM_INPUT + p->attr - 117 TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INPUT; 118 119 mp->u.tmem.shm_ref = (unsigned long)p->u.memref.shm; 120 mp->u.tmem.size = p->u.memref.size; 121 122 if (!p->u.memref.shm) { 123 mp->u.tmem.buf_ptr = 0; 124 return 0; 125 } 126 127 rc = tee_shm_get_pa(p->u.memref.shm, p->u.memref.shm_offs, &pa); 128 if (rc) 129 return rc; 130 131 mp->u.tmem.buf_ptr = pa; 132 mp->attr |= OPTEE_MSG_ATTR_CACHE_PREDEFINED << 133 OPTEE_MSG_ATTR_CACHE_SHIFT; 134 135 return 0; 136} 137 138static int to_msg_param_reg_mem(struct optee_msg_param *mp, 139 const struct tee_param *p) 140{ 141 mp->attr = OPTEE_MSG_ATTR_TYPE_RMEM_INPUT + p->attr - 142 TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INPUT; 143 144 mp->u.rmem.shm_ref = (unsigned long)p->u.memref.shm; 145 mp->u.rmem.size = p->u.memref.size; 146 mp->u.rmem.offs = p->u.memref.shm_offs; 147 return 0; 148} 149 150/** 151 * optee_to_msg_param() - convert from struct tee_params to OPTEE_MSG parameters 152 * @msg_params: OPTEE_MSG parameters 153 * @num_params: number of elements in the parameter arrays 154 * @params: subsystem itnernal parameter representation 155 * Returns 0 on success or <0 on failure 156 */ 157int optee_to_msg_param(struct optee_msg_param *msg_params, size_t num_params, 158 const struct tee_param *params) 159{ 160 int rc; 161 size_t n; 162 163 for (n = 0; n < num_params; n++) { 164 const struct tee_param *p = params + n; 165 struct optee_msg_param *mp = msg_params + n; 166 167 switch (p->attr) { 168 case TEE_IOCTL_PARAM_ATTR_TYPE_NONE: 169 mp->attr = TEE_IOCTL_PARAM_ATTR_TYPE_NONE; 170 memset(&mp->u, 0, sizeof(mp->u)); 171 break; 172 case TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT: 173 case TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_OUTPUT: 174 case TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INOUT: 175 mp->attr = OPTEE_MSG_ATTR_TYPE_VALUE_INPUT + p->attr - 176 TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; 177 mp->u.value.a = p->u.value.a; 178 mp->u.value.b = p->u.value.b; 179 mp->u.value.c = p->u.value.c; 180 break; 181 case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INPUT: 182 case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT: 183 case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INOUT: 184 if (tee_shm_is_registered(p->u.memref.shm)) 185 rc = to_msg_param_reg_mem(mp, p); 186 else 187 rc = to_msg_param_tmp_mem(mp, p); 188 if (rc) 189 return rc; 190 break; 191 default: 192 return -EINVAL; 193 } 194 } 195 return 0; 196} 197 198static void optee_get_version(struct tee_device *teedev, 199 struct tee_ioctl_version_data *vers) 200{ 201 struct tee_ioctl_version_data v = { 202 .impl_id = TEE_IMPL_ID_OPTEE, 203 .impl_caps = TEE_OPTEE_CAP_TZ, 204 .gen_caps = TEE_GEN_CAP_GP, 205 }; 206 struct optee *optee = tee_get_drvdata(teedev); 207 208 if (optee->sec_caps & OPTEE_SMC_SEC_CAP_DYNAMIC_SHM) 209 v.gen_caps |= TEE_GEN_CAP_REG_MEM; 210 if (optee->sec_caps & OPTEE_SMC_SEC_CAP_MEMREF_NULL) 211 v.gen_caps |= TEE_GEN_CAP_MEMREF_NULL; 212 *vers = v; 213} 214 215static void optee_bus_scan(struct work_struct *work) 216{ 217 WARN_ON(optee_enumerate_devices(PTA_CMD_GET_DEVICES_SUPP)); 218} 219 220static int optee_open(struct tee_context *ctx) 221{ 222 struct optee_context_data *ctxdata; 223 struct tee_device *teedev = ctx->teedev; 224 struct optee *optee = tee_get_drvdata(teedev); 225 226 ctxdata = kzalloc(sizeof(*ctxdata), GFP_KERNEL); 227 if (!ctxdata) 228 return -ENOMEM; 229 230 if (teedev == optee->supp_teedev) { 231 bool busy = true; 232 233 mutex_lock(&optee->supp.mutex); 234 if (!optee->supp.ctx) { 235 busy = false; 236 optee->supp.ctx = ctx; 237 } 238 mutex_unlock(&optee->supp.mutex); 239 if (busy) { 240 kfree(ctxdata); 241 return -EBUSY; 242 } 243 244 if (!optee->scan_bus_done) { 245 INIT_WORK(&optee->scan_bus_work, optee_bus_scan); 246 optee->scan_bus_wq = create_workqueue("optee_bus_scan"); 247 if (!optee->scan_bus_wq) { 248 kfree(ctxdata); 249 return -ECHILD; 250 } 251 queue_work(optee->scan_bus_wq, &optee->scan_bus_work); 252 optee->scan_bus_done = true; 253 } 254 } 255 mutex_init(&ctxdata->mutex); 256 INIT_LIST_HEAD(&ctxdata->sess_list); 257 258 if (optee->sec_caps & OPTEE_SMC_SEC_CAP_MEMREF_NULL) 259 ctx->cap_memref_null = true; 260 else 261 ctx->cap_memref_null = false; 262 263 ctx->data = ctxdata; 264 return 0; 265} 266 267static void optee_release(struct tee_context *ctx) 268{ 269 struct optee_context_data *ctxdata = ctx->data; 270 struct tee_device *teedev = ctx->teedev; 271 struct optee *optee = tee_get_drvdata(teedev); 272 struct tee_shm *shm; 273 struct optee_msg_arg *arg = NULL; 274 phys_addr_t parg; 275 struct optee_session *sess; 276 struct optee_session *sess_tmp; 277 278 if (!ctxdata) 279 return; 280 281 shm = tee_shm_alloc(ctx, sizeof(struct optee_msg_arg), 282 TEE_SHM_MAPPED | TEE_SHM_PRIV); 283 if (!IS_ERR(shm)) { 284 arg = tee_shm_get_va(shm, 0); 285 /* 286 * If va2pa fails for some reason, we can't call into 287 * secure world, only free the memory. Secure OS will leak 288 * sessions and finally refuse more sessions, but we will 289 * at least let normal world reclaim its memory. 290 */ 291 if (!IS_ERR(arg)) 292 if (tee_shm_va2pa(shm, arg, &parg)) 293 arg = NULL; /* prevent usage of parg below */ 294 } 295 296 list_for_each_entry_safe(sess, sess_tmp, &ctxdata->sess_list, 297 list_node) { 298 list_del(&sess->list_node); 299 if (!IS_ERR_OR_NULL(arg)) { 300 memset(arg, 0, sizeof(*arg)); 301 arg->cmd = OPTEE_MSG_CMD_CLOSE_SESSION; 302 arg->session = sess->session_id; 303 optee_do_call_with_arg(ctx, parg); 304 } 305 kfree(sess); 306 } 307 kfree(ctxdata); 308 309 if (!IS_ERR(shm)) 310 tee_shm_free(shm); 311 312 ctx->data = NULL; 313 314 if (teedev == optee->supp_teedev) { 315 if (optee->scan_bus_wq) { 316 destroy_workqueue(optee->scan_bus_wq); 317 optee->scan_bus_wq = NULL; 318 } 319 optee_supp_release(&optee->supp); 320 } 321} 322 323static const struct tee_driver_ops optee_ops = { 324 .get_version = optee_get_version, 325 .open = optee_open, 326 .release = optee_release, 327 .open_session = optee_open_session, 328 .close_session = optee_close_session, 329 .invoke_func = optee_invoke_func, 330 .cancel_req = optee_cancel_req, 331 .shm_register = optee_shm_register, 332 .shm_unregister = optee_shm_unregister, 333}; 334 335static const struct tee_desc optee_desc = { 336 .name = DRIVER_NAME "-clnt", 337 .ops = &optee_ops, 338 .owner = THIS_MODULE, 339}; 340 341static const struct tee_driver_ops optee_supp_ops = { 342 .get_version = optee_get_version, 343 .open = optee_open, 344 .release = optee_release, 345 .supp_recv = optee_supp_recv, 346 .supp_send = optee_supp_send, 347 .shm_register = optee_shm_register_supp, 348 .shm_unregister = optee_shm_unregister_supp, 349}; 350 351static const struct tee_desc optee_supp_desc = { 352 .name = DRIVER_NAME "-supp", 353 .ops = &optee_supp_ops, 354 .owner = THIS_MODULE, 355 .flags = TEE_DESC_PRIVILEGED, 356}; 357 358static bool optee_msg_api_uid_is_optee_api(optee_invoke_fn *invoke_fn) 359{ 360 struct arm_smccc_res res; 361 362 invoke_fn(OPTEE_SMC_CALLS_UID, 0, 0, 0, 0, 0, 0, 0, &res); 363 364 if (res.a0 == OPTEE_MSG_UID_0 && res.a1 == OPTEE_MSG_UID_1 && 365 res.a2 == OPTEE_MSG_UID_2 && res.a3 == OPTEE_MSG_UID_3) 366 return true; 367 return false; 368} 369 370static void optee_msg_get_os_revision(optee_invoke_fn *invoke_fn) 371{ 372 union { 373 struct arm_smccc_res smccc; 374 struct optee_smc_call_get_os_revision_result result; 375 } res = { 376 .result = { 377 .build_id = 0 378 } 379 }; 380 381 invoke_fn(OPTEE_SMC_CALL_GET_OS_REVISION, 0, 0, 0, 0, 0, 0, 0, 382 &res.smccc); 383 384 if (res.result.build_id) 385 pr_info("revision %lu.%lu (%08lx)", res.result.major, 386 res.result.minor, res.result.build_id); 387 else 388 pr_info("revision %lu.%lu", res.result.major, res.result.minor); 389} 390 391static bool optee_msg_api_revision_is_compatible(optee_invoke_fn *invoke_fn) 392{ 393 union { 394 struct arm_smccc_res smccc; 395 struct optee_smc_calls_revision_result result; 396 } res; 397 398 invoke_fn(OPTEE_SMC_CALLS_REVISION, 0, 0, 0, 0, 0, 0, 0, &res.smccc); 399 400 if (res.result.major == OPTEE_MSG_REVISION_MAJOR && 401 (int)res.result.minor >= OPTEE_MSG_REVISION_MINOR) 402 return true; 403 return false; 404} 405 406static bool optee_msg_exchange_capabilities(optee_invoke_fn *invoke_fn, 407 u32 *sec_caps) 408{ 409 union { 410 struct arm_smccc_res smccc; 411 struct optee_smc_exchange_capabilities_result result; 412 } res; 413 u32 a1 = 0; 414 415 /* 416 * TODO This isn't enough to tell if it's UP system (from kernel 417 * point of view) or not, is_smp() returns the the information 418 * needed, but can't be called directly from here. 419 */ 420 if (!IS_ENABLED(CONFIG_SMP) || nr_cpu_ids == 1) 421 a1 |= OPTEE_SMC_NSEC_CAP_UNIPROCESSOR; 422 423 invoke_fn(OPTEE_SMC_EXCHANGE_CAPABILITIES, a1, 0, 0, 0, 0, 0, 0, 424 &res.smccc); 425 426 if (res.result.status != OPTEE_SMC_RETURN_OK) 427 return false; 428 429 *sec_caps = res.result.capabilities; 430 return true; 431} 432 433static struct tee_shm_pool *optee_config_dyn_shm(void) 434{ 435 struct tee_shm_pool_mgr *priv_mgr; 436 struct tee_shm_pool_mgr *dmabuf_mgr; 437 void *rc; 438 439 rc = optee_shm_pool_alloc_pages(); 440 if (IS_ERR(rc)) 441 return rc; 442 priv_mgr = rc; 443 444 rc = optee_shm_pool_alloc_pages(); 445 if (IS_ERR(rc)) { 446 tee_shm_pool_mgr_destroy(priv_mgr); 447 return rc; 448 } 449 dmabuf_mgr = rc; 450 451 rc = tee_shm_pool_alloc(priv_mgr, dmabuf_mgr); 452 if (IS_ERR(rc)) { 453 tee_shm_pool_mgr_destroy(priv_mgr); 454 tee_shm_pool_mgr_destroy(dmabuf_mgr); 455 } 456 457 return rc; 458} 459 460static struct tee_shm_pool * 461optee_config_shm_memremap(optee_invoke_fn *invoke_fn, void **memremaped_shm) 462{ 463 union { 464 struct arm_smccc_res smccc; 465 struct optee_smc_get_shm_config_result result; 466 } res; 467 unsigned long vaddr; 468 phys_addr_t paddr; 469 size_t size; 470 phys_addr_t begin; 471 phys_addr_t end; 472 void *va; 473 struct tee_shm_pool_mgr *priv_mgr; 474 struct tee_shm_pool_mgr *dmabuf_mgr; 475 void *rc; 476 const int sz = OPTEE_SHM_NUM_PRIV_PAGES * PAGE_SIZE; 477 478 invoke_fn(OPTEE_SMC_GET_SHM_CONFIG, 0, 0, 0, 0, 0, 0, 0, &res.smccc); 479 if (res.result.status != OPTEE_SMC_RETURN_OK) { 480 pr_err("static shm service not available\n"); 481 return ERR_PTR(-ENOENT); 482 } 483 484 if (res.result.settings != OPTEE_SMC_SHM_CACHED) { 485 pr_err("only normal cached shared memory supported\n"); 486 return ERR_PTR(-EINVAL); 487 } 488 489 begin = roundup(res.result.start, PAGE_SIZE); 490 end = rounddown(res.result.start + res.result.size, PAGE_SIZE); 491 paddr = begin; 492 size = end - begin; 493 494 if (size < 2 * OPTEE_SHM_NUM_PRIV_PAGES * PAGE_SIZE) { 495 pr_err("too small shared memory area\n"); 496 return ERR_PTR(-EINVAL); 497 } 498 499 va = memremap(paddr, size, MEMREMAP_WB); 500 if (!va) { 501 pr_err("shared memory ioremap failed\n"); 502 return ERR_PTR(-EINVAL); 503 } 504 vaddr = (unsigned long)va; 505 506 rc = tee_shm_pool_mgr_alloc_res_mem(vaddr, paddr, sz, 507 3 /* 8 bytes aligned */); 508 if (IS_ERR(rc)) 509 goto err_memunmap; 510 priv_mgr = rc; 511 512 vaddr += sz; 513 paddr += sz; 514 size -= sz; 515 516 rc = tee_shm_pool_mgr_alloc_res_mem(vaddr, paddr, size, PAGE_SHIFT); 517 if (IS_ERR(rc)) 518 goto err_free_priv_mgr; 519 dmabuf_mgr = rc; 520 521 rc = tee_shm_pool_alloc(priv_mgr, dmabuf_mgr); 522 if (IS_ERR(rc)) 523 goto err_free_dmabuf_mgr; 524 525 *memremaped_shm = va; 526 527 return rc; 528 529err_free_dmabuf_mgr: 530 tee_shm_pool_mgr_destroy(dmabuf_mgr); 531err_free_priv_mgr: 532 tee_shm_pool_mgr_destroy(priv_mgr); 533err_memunmap: 534 memunmap(va); 535 return rc; 536} 537 538/* Simple wrapper functions to be able to use a function pointer */ 539static void optee_smccc_smc(unsigned long a0, unsigned long a1, 540 unsigned long a2, unsigned long a3, 541 unsigned long a4, unsigned long a5, 542 unsigned long a6, unsigned long a7, 543 struct arm_smccc_res *res) 544{ 545 arm_smccc_smc(a0, a1, a2, a3, a4, a5, a6, a7, res); 546} 547 548static void optee_smccc_hvc(unsigned long a0, unsigned long a1, 549 unsigned long a2, unsigned long a3, 550 unsigned long a4, unsigned long a5, 551 unsigned long a6, unsigned long a7, 552 struct arm_smccc_res *res) 553{ 554 arm_smccc_hvc(a0, a1, a2, a3, a4, a5, a6, a7, res); 555} 556 557static optee_invoke_fn *get_invoke_func(struct device *dev) 558{ 559 const char *method; 560 561 pr_info("probing for conduit method.\n"); 562 563 if (device_property_read_string(dev, "method", &method)) { 564 pr_warn("missing \"method\" property\n"); 565 return ERR_PTR(-ENXIO); 566 } 567 568 if (!strcmp("hvc", method)) 569 return optee_smccc_hvc; 570 else if (!strcmp("smc", method)) 571 return optee_smccc_smc; 572 573 pr_warn("invalid \"method\" property: %s\n", method); 574 return ERR_PTR(-EINVAL); 575} 576 577/* optee_remove - Device Removal Routine 578 * @pdev: platform device information struct 579 * 580 * optee_remove is called by platform subsystem to alert the driver 581 * that it should release the device 582 */ 583 584static int optee_remove(struct platform_device *pdev) 585{ 586 struct optee *optee = platform_get_drvdata(pdev); 587 588 /* Unregister OP-TEE specific client devices on TEE bus */ 589 optee_unregister_devices(); 590 591 teedev_close_context(optee->ctx); 592 /* 593 * Ask OP-TEE to free all cached shared memory objects to decrease 594 * reference counters and also avoid wild pointers in secure world 595 * into the old shared memory range. 596 */ 597 optee_disable_shm_cache(optee); 598 599 /* 600 * The two devices have to be unregistered before we can free the 601 * other resources. 602 */ 603 tee_device_unregister(optee->supp_teedev); 604 tee_device_unregister(optee->teedev); 605 606 tee_shm_pool_free(optee->pool); 607 if (optee->memremaped_shm) 608 memunmap(optee->memremaped_shm); 609 optee_wait_queue_exit(&optee->wait_queue); 610 optee_supp_uninit(&optee->supp); 611 mutex_destroy(&optee->call_queue.mutex); 612 613 kfree(optee); 614 615 return 0; 616} 617 618/* optee_shutdown - Device Removal Routine 619 * @pdev: platform device information struct 620 * 621 * platform_shutdown is called by the platform subsystem to alert 622 * the driver that a shutdown, reboot, or kexec is happening and 623 * device must be disabled. 624 */ 625static void optee_shutdown(struct platform_device *pdev) 626{ 627 optee_disable_shm_cache(platform_get_drvdata(pdev)); 628} 629 630static int optee_probe(struct platform_device *pdev) 631{ 632 optee_invoke_fn *invoke_fn; 633 struct tee_shm_pool *pool = ERR_PTR(-EINVAL); 634 struct optee *optee = NULL; 635 void *memremaped_shm = NULL; 636 struct tee_device *teedev; 637 struct tee_context *ctx; 638 u32 sec_caps; 639 int rc; 640 641 /* 642 * The kernel may have crashed at the same time that all available 643 * secure world threads were suspended and we cannot reschedule the 644 * suspended threads without access to the crashed kernel's wait_queue. 645 * Therefore, we cannot reliably initialize the OP-TEE driver in the 646 * kdump kernel. 647 */ 648 if (is_kdump_kernel()) 649 return -ENODEV; 650 651 invoke_fn = get_invoke_func(&pdev->dev); 652 if (IS_ERR(invoke_fn)) 653 return PTR_ERR(invoke_fn); 654 655 if (!optee_msg_api_uid_is_optee_api(invoke_fn)) { 656 pr_warn("api uid mismatch\n"); 657 return -EINVAL; 658 } 659 660 optee_msg_get_os_revision(invoke_fn); 661 662 if (!optee_msg_api_revision_is_compatible(invoke_fn)) { 663 pr_warn("api revision mismatch\n"); 664 return -EINVAL; 665 } 666 667 if (!optee_msg_exchange_capabilities(invoke_fn, &sec_caps)) { 668 pr_warn("capabilities mismatch\n"); 669 return -EINVAL; 670 } 671 672 /* 673 * Try to use dynamic shared memory if possible 674 */ 675 if (sec_caps & OPTEE_SMC_SEC_CAP_DYNAMIC_SHM) 676 pool = optee_config_dyn_shm(); 677 678 /* 679 * If dynamic shared memory is not available or failed - try static one 680 */ 681 if (IS_ERR(pool) && (sec_caps & OPTEE_SMC_SEC_CAP_HAVE_RESERVED_SHM)) 682 pool = optee_config_shm_memremap(invoke_fn, &memremaped_shm); 683 684 if (IS_ERR(pool)) 685 return PTR_ERR(pool); 686 687 optee = kzalloc(sizeof(*optee), GFP_KERNEL); 688 if (!optee) { 689 rc = -ENOMEM; 690 goto err; 691 } 692 693 optee->invoke_fn = invoke_fn; 694 optee->sec_caps = sec_caps; 695 696 teedev = tee_device_alloc(&optee_desc, NULL, pool, optee); 697 if (IS_ERR(teedev)) { 698 rc = PTR_ERR(teedev); 699 goto err; 700 } 701 optee->teedev = teedev; 702 703 teedev = tee_device_alloc(&optee_supp_desc, NULL, pool, optee); 704 if (IS_ERR(teedev)) { 705 rc = PTR_ERR(teedev); 706 goto err; 707 } 708 optee->supp_teedev = teedev; 709 710 rc = tee_device_register(optee->teedev); 711 if (rc) 712 goto err; 713 714 rc = tee_device_register(optee->supp_teedev); 715 if (rc) 716 goto err; 717 718 mutex_init(&optee->call_queue.mutex); 719 INIT_LIST_HEAD(&optee->call_queue.waiters); 720 optee_wait_queue_init(&optee->wait_queue); 721 optee_supp_init(&optee->supp); 722 optee->memremaped_shm = memremaped_shm; 723 optee->pool = pool; 724 ctx = teedev_open(optee->teedev); 725 if (IS_ERR(ctx)) { 726 rc = PTR_ERR(ctx); 727 goto err; 728 } 729 optee->ctx = ctx; 730 731 /* 732 * Ensure that there are no pre-existing shm objects before enabling 733 * the shm cache so that there's no chance of receiving an invalid 734 * address during shutdown. This could occur, for example, if we're 735 * kexec booting from an older kernel that did not properly cleanup the 736 * shm cache. 737 */ 738 optee_disable_unmapped_shm_cache(optee); 739 740 optee_enable_shm_cache(optee); 741 742 if (optee->sec_caps & OPTEE_SMC_SEC_CAP_DYNAMIC_SHM) 743 pr_info("dynamic shared memory is enabled\n"); 744 745 platform_set_drvdata(pdev, optee); 746 747 rc = optee_enumerate_devices(PTA_CMD_GET_DEVICES); 748 if (rc) { 749 optee_remove(pdev); 750 return rc; 751 } 752 753 pr_info("initialized driver\n"); 754 return 0; 755err: 756 if (optee) { 757 /* 758 * tee_device_unregister() is safe to call even if the 759 * devices hasn't been registered with 760 * tee_device_register() yet. 761 */ 762 tee_device_unregister(optee->supp_teedev); 763 tee_device_unregister(optee->teedev); 764 kfree(optee); 765 } 766 if (pool) 767 tee_shm_pool_free(pool); 768 if (memremaped_shm) 769 memunmap(memremaped_shm); 770 return rc; 771} 772 773static const struct of_device_id optee_dt_match[] = { 774 { .compatible = "linaro,optee-tz" }, 775 {}, 776}; 777MODULE_DEVICE_TABLE(of, optee_dt_match); 778 779static struct platform_driver optee_driver = { 780 .probe = optee_probe, 781 .remove = optee_remove, 782 .shutdown = optee_shutdown, 783 .driver = { 784 .name = "optee", 785 .of_match_table = optee_dt_match, 786 }, 787}; 788module_platform_driver(optee_driver); 789 790MODULE_AUTHOR("Linaro"); 791MODULE_DESCRIPTION("OP-TEE driver"); 792MODULE_SUPPORTED_DEVICE(""); 793MODULE_VERSION("1.0"); 794MODULE_LICENSE("GPL v2"); 795MODULE_ALIAS("platform:optee"); 796