From patchwork Mon Feb 5 18:27:59 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Bartosz Golaszewski X-Patchwork-Id: 13546018 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from bombadil.infradead.org (bombadil.infradead.org [198.137.202.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 5956CC48292 for ; Mon, 5 Feb 2024 18:28:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=VY+rEBTVmWhIYBs8CjgYGPuR8LT7qD/YpsmvztpvHc0=; b=aFyDxo6EME0004 ij1dRzq++ReViUr9Z5UoVeh26SpHrNN7H6744XuBP7cp5hfaRSKjczyn51WAlnNJ9yeKmK7lJfJm9 Lb3hmwVMDiHAiAXQrNI69a4DvJtVZoNgPqnBH7Ex/DLYMjOnS89RtRVLmn7t1b/t1qm50TvUBGrBf CIpgQDVqwozZrHqfZB5txdORekNbYGnhA1dBNVPM9JTZSYnsokwEKGL0SCLSXn0F+nosvnhGARDTd 0vLKQXcCvsYo/vbQCTRHJc5thLXla5vMqNuy+6nEXKD30MY3CFdmnf3/BnZN8+W/tILdP1vVWy/cu 8yIK6bmOjqxndoBotJKA==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.97.1 #2 (Red Hat Linux)) id 1rX3hk-00000004Mrd-1EXf; Mon, 05 Feb 2024 18:28:28 +0000 Received: from mail-wr1-x434.google.com ([2a00:1450:4864:20::434]) by bombadil.infradead.org with esmtps (Exim 4.97.1 #2 (Red Hat Linux)) id 1rX3he-00000004MoK-1UUf for linux-arm-kernel@lists.infradead.org; Mon, 05 Feb 2024 18:28:23 +0000 Received: by mail-wr1-x434.google.com with SMTP id ffacd0b85a97d-337cc8e72f5so3535533f8f.1 for ; Mon, 05 Feb 2024 10:28:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bgdev-pl.20230601.gappssmtp.com; s=20230601; t=1707157701; x=1707762501; darn=lists.infradead.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=iXLMoacnXZApMvDAtKdNFyHpWYhZ3+I4GQHq7nHbfbw=; b=J18cMN5KfjIvZ39pMtno0/6i5KopDb5qAwZRwilzz27pxX7WuHYZzNpDKJQOuAPk74 aLW86mZBmeR/c+iMd8rdTp4UYTP6mQJutei5tkWG4FDiYjgua9HsQeliztOxdg7dwq1e zwoacG9Wc17Y8cUmVUQTn9SXKFQljEpw6tj31Qxq2slXxsJxZTowDn1ZBEQgojiErt7Y FsXKwpYTLuLPPH5oEZXCFxun+BUxqofkNc21vP8MnOZsddS88l60OO7WxF6ZdZpx/mq2 g7ZXN61aLk2wc6fG7e197U4rHabVc2qVJGscNgsg2fCXS2Aq8nqobBtSHjx06PnE4a6J Xc6Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707157701; x=1707762501; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=iXLMoacnXZApMvDAtKdNFyHpWYhZ3+I4GQHq7nHbfbw=; b=TjMdXE5dM17Vh/Rw3TpQoT0cyDH7C8BjFBQQ/io9BA/mcBsyZEHTGRXaT7viNKrAMz +jWIvxhsGFHg9zUfEoIcRkdeix1lx/9gGIKix3Ljt0LBzQSfpr7+glUEIU8IghpMWZF6 /HzEKfTDGRtwmvppSV8j/XIbEhE2o+/3Gyhrj6VPXd+68RvWrahZwWBTiBQvgtQh81+l nBLX8hgxCYS+9egMhjemrczaHZR5npBJpB8k8Xvi2cs8nbUG7wt8AOrw5Rkm9QQtMR+5 ocF8kcxXFTTP/jLyD2gCBLldvEOePYSgryc9V5dXSDjJ4LnhudSOwGFuX4Rs6Y5V21nu OgOw== X-Gm-Message-State: AOJu0YxQ/TocpkpIZd0qaQKUz16v9SuwTEgbFxP2Q2hRId6CNDWxVjz0 y511cC8zT4w1Qp73AJgfT2UeZBhBLHWbSv/kMZgZPgnAjRV5VQB/1FJsOQITu5k= X-Google-Smtp-Source: AGHT+IFt2xWb248CMzd0tVsYdO1z3HpkWrhZu4JbOOb+GE29aqJN5LB2OQLOqwcQCVxiCFNyrXf/WA== X-Received: by 2002:a5d:5143:0:b0:33a:e6dc:2e98 with SMTP id u3-20020a5d5143000000b0033ae6dc2e98mr261820wrt.5.1707157700856; Mon, 05 Feb 2024 10:28:20 -0800 (PST) X-Forwarded-Encrypted: i=0; AJvYcCWle0SsMQhI3023C9IJ2oTQxhymUUr/4GmLVDp8wYsTs9MQ/1WfNrJKlz38Sdt3Y5iMXZ/4zq01maxkAUfZr+Db5sDk1JHIfJXQof8jGWxqmbC9b2e4WMW/zlXMms6oKyQv5XqK1c82IFQGxRN0x6FidE/K5YCmDhu7Kgl5JQR/y/jGhIbXcuESxymosAAWVdlupmCMdOQKAFtyY7vWT1uRHHb4uBNNY1i+eTTJPaA7IKGCvtkt0F/ky2IXT9fIU/6PxpAeyuiV6qdqZSnVCztq6D2OHm8gVWpWWzZi0x89v2S6JtRz7UrWBp5cUZKbGI9AERL3aIxRGJlbGEYRlI1/bFGMLo+0C6uGXp8UEt0EpFJQu/nKQ1GnflDQfaNSksBwUJpiuZKBD1W9llit2vkieh0rKFkn2ihbkeRNdK61kmcptvSsmFlvB8eBXZVDFw0Apio4gD5x66OdWlh2S+wYCBNbvh5TlGlZbP5abuy1oEWO0u7Fx/SEBKPxdHEDpU5zMzsv8xRzLv7PNXIOgk1Z5Ej6UgRA51tllutDnJb0Fl8TwwB32AoonscMXVcLstU= Received: from brgl-uxlite.home ([2a01:cb1d:334:ac00:d929:10db:5b5c:b49d]) by smtp.gmail.com with ESMTPSA id v15-20020a5d678f000000b0033b17e18df8sm203229wru.12.2024.02.05.10.28.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 05 Feb 2024 10:28:20 -0800 (PST) From: Bartosz Golaszewski To: Andy Gross , Bjorn Andersson , Konrad Dybcio , Elliot Berman , Krzysztof Kozlowski , Guru Das Srinagesh , Andrew Halaney , Maximilian Luz , Alex Elder , Srini Kandagatla , Arnd Bergmann Cc: linux-arm-msm@vger.kernel.org, linux-kernel@vger.kernel.org, linux-arm-kernel@lists.infradead.org, kernel@quicinc.com, Bartosz Golaszewski , Deepti Jaggi Subject: [PATCH v7 01/12] firmware: qcom: add a dedicated TrustZone buffer allocator Date: Mon, 5 Feb 2024 19:27:59 +0100 Message-Id: <20240205182810.58382-2-brgl@bgdev.pl> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20240205182810.58382-1-brgl@bgdev.pl> References: <20240205182810.58382-1-brgl@bgdev.pl> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20240205_102822_567565_9056B974 X-CRM114-Status: GOOD ( 26.87 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org From: Bartosz Golaszewski We have several SCM calls that require passing buffers to the TrustZone on top of the SMC core which allocates memory for calls that require more than 4 arguments. Currently every user does their own thing which leads to code duplication. Many users call dma_alloc_coherent() for every call which is terribly unperformant (speed- and size-wise). Provide a set of library functions for creating and managing pool of memory which is suitable for sharing with the TrustZone, that is: page-aligned, contiguous and non-cachable as well as provides a way of mapping of kernel virtual addresses to physical space. Signed-off-by: Bartosz Golaszewski Reviewed-by: Andrew Halaney Tested-by: Andrew Halaney # sc8280xp-lenovo-thinkpad-x13s Tested-by: Deepti Jaggi #sa8775p-ride Reviewed-by: Elliot Berman --- MAINTAINERS | 8 + drivers/firmware/qcom/Kconfig | 20 ++ drivers/firmware/qcom/Makefile | 1 + drivers/firmware/qcom/qcom_tzmem.c | 302 +++++++++++++++++++++++ drivers/firmware/qcom/qcom_tzmem.h | 13 + include/linux/firmware/qcom/qcom_tzmem.h | 28 +++ 6 files changed, 372 insertions(+) create mode 100644 drivers/firmware/qcom/qcom_tzmem.c create mode 100644 drivers/firmware/qcom/qcom_tzmem.h create mode 100644 include/linux/firmware/qcom/qcom_tzmem.h diff --git a/MAINTAINERS b/MAINTAINERS index ff059e870a44..0c82625de50d 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -18231,6 +18231,14 @@ L: linux-arm-msm@vger.kernel.org S: Maintained F: drivers/firmware/qcom/qcom_qseecom.c +QUALCOMM TRUST ZONE MEMORY ALLOCATOR +M: Bartosz Golaszewski +L: linux-arm-msm@vger.kernel.org +S: Maintained +F: drivers/firmware/qcom/qcom_tzmem.c +F: drivers/firmware/qcom/qcom_tzmem.h +F: include/linux/firmware/qcom/qcom_tzmem.h + QUALCOMM QSEECOM UEFISECAPP DRIVER M: Maximilian Luz L: linux-arm-msm@vger.kernel.org diff --git a/drivers/firmware/qcom/Kconfig b/drivers/firmware/qcom/Kconfig index 3f05d9854ddf..f18686edf415 100644 --- a/drivers/firmware/qcom/Kconfig +++ b/drivers/firmware/qcom/Kconfig @@ -9,6 +9,26 @@ menu "Qualcomm firmware drivers" config QCOM_SCM tristate +config QCOM_TZMEM + tristate + select GENERIC_ALLOCATOR + +choice + prompt "TrustZone interface memory allocator mode" + default QCOM_TZMEM_MODE_DEFAULT + help + Selects the mode of the memory allocator providing memory buffers of + suitable format for sharing with the TrustZone. If in doubt, select + 'Default'. + +config QCOM_TZMEM_MODE_DEFAULT + bool "Default" + help + Use the default allocator mode. The memory is page-aligned, non-cachable + and contiguous. + +endchoice + config QCOM_SCM_DOWNLOAD_MODE_DEFAULT bool "Qualcomm download mode enabled by default" depends on QCOM_SCM diff --git a/drivers/firmware/qcom/Makefile b/drivers/firmware/qcom/Makefile index c9f12ee8224a..0be40a1abc13 100644 --- a/drivers/firmware/qcom/Makefile +++ b/drivers/firmware/qcom/Makefile @@ -5,5 +5,6 @@ obj-$(CONFIG_QCOM_SCM) += qcom-scm.o qcom-scm-objs += qcom_scm.o qcom_scm-smc.o qcom_scm-legacy.o +obj-$(CONFIG_QCOM_TZMEM) += qcom_tzmem.o obj-$(CONFIG_QCOM_QSEECOM) += qcom_qseecom.o obj-$(CONFIG_QCOM_QSEECOM_UEFISECAPP) += qcom_qseecom_uefisecapp.o diff --git a/drivers/firmware/qcom/qcom_tzmem.c b/drivers/firmware/qcom/qcom_tzmem.c new file mode 100644 index 000000000000..44a062f2abd4 --- /dev/null +++ b/drivers/firmware/qcom/qcom_tzmem.c @@ -0,0 +1,302 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * Memory allocator for buffers shared with the TrustZone. + * + * Copyright (C) 2023 Linaro Ltd. + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "qcom_tzmem.h" + +struct qcom_tzmem_pool { + void *vbase; + dma_addr_t pbase; + size_t size; + struct gen_pool *pool; + void *priv; +}; + +struct qcom_tzmem_chunk { + phys_addr_t paddr; + size_t size; + struct qcom_tzmem_pool *owner; +}; + +static struct device *qcom_tzmem_dev; +static RADIX_TREE(qcom_tzmem_chunks, GFP_ATOMIC); +static DEFINE_SPINLOCK(qcom_tzmem_chunks_lock); + +#if IS_ENABLED(CONFIG_QCOM_TZMEM_MODE_DEFAULT) + +static int qcom_tzmem_init(void) +{ + return 0; +} + +static int qcom_tzmem_init_pool(struct qcom_tzmem_pool *pool) +{ + return 0; +} + +static void qcom_tzmem_cleanup_pool(struct qcom_tzmem_pool *pool) +{ + +} + +#endif /* CONFIG_QCOM_TZMEM_MODE_DEFAULT */ + +/** + * qcom_tzmem_pool_new() - Create a new TZ memory pool. + * @size: Size of the new pool in bytes. + * + * Create a new pool of memory suitable for sharing with the TrustZone. + * + * Must not be used in atomic context. + * + * Returns: + * New memory pool address or ERR_PTR() on error. + */ +struct qcom_tzmem_pool *qcom_tzmem_pool_new(size_t size) +{ + struct qcom_tzmem_pool *pool; + int ret = -ENOMEM; + + if (!size) + return ERR_PTR(-EINVAL); + + size = PAGE_ALIGN(size); + + pool = kzalloc(sizeof(*pool), GFP_KERNEL); + if (!pool) + return ERR_PTR(-ENOMEM); + + pool->size = size; + + pool->vbase = dma_alloc_coherent(qcom_tzmem_dev, size, &pool->pbase, + GFP_KERNEL); + if (!pool->vbase) + goto err_kfree_pool; + + pool->pool = gen_pool_create(PAGE_SHIFT, -1); + if (!pool) + goto err_dma_free; + + gen_pool_set_algo(pool->pool, gen_pool_best_fit, NULL); + + ret = gen_pool_add_virt(pool->pool, (unsigned long)pool->vbase, + (phys_addr_t)pool->pbase, size, -1); + if (ret) + goto err_destroy_genpool; + + ret = qcom_tzmem_init_pool(pool); + if (ret) + goto err_destroy_genpool; + + return pool; + +err_destroy_genpool: + gen_pool_destroy(pool->pool); +err_dma_free: + dma_free_coherent(qcom_tzmem_dev, size, pool->vbase, pool->pbase); +err_kfree_pool: + kfree(pool); + return ERR_PTR(ret); +} +EXPORT_SYMBOL_GPL(qcom_tzmem_pool_new); + +/** + * qcom_tzmem_pool_free() - Destroy a TZ memory pool and free all resources. + * @pool: Memory pool to free. + * + * Must not be called if any of the allocated chunks has not been freed. + * Must not be used in atomic context. + */ +void qcom_tzmem_pool_free(struct qcom_tzmem_pool *pool) +{ + struct qcom_tzmem_chunk *chunk; + struct radix_tree_iter iter; + bool non_empty = false; + void __rcu **slot; + + if (!pool) + return; + + qcom_tzmem_cleanup_pool(pool); + + scoped_guard(spinlock_irqsave, &qcom_tzmem_chunks_lock) { + radix_tree_for_each_slot(slot, &qcom_tzmem_chunks, &iter, 0) { + chunk = radix_tree_deref_slot_protected(slot, + &qcom_tzmem_chunks_lock); + + if (chunk->owner == pool) + non_empty = true; + } + } + + WARN(non_empty, "Freeing TZ memory pool with memory still allocated"); + + gen_pool_destroy(pool->pool); + dma_free_coherent(qcom_tzmem_dev, pool->size, pool->vbase, pool->pbase); + kfree(pool); +} +EXPORT_SYMBOL_GPL(qcom_tzmem_pool_free); + +static void devm_qcom_tzmem_pool_free(void *data) +{ + struct qcom_tzmem_pool *pool = data; + + qcom_tzmem_pool_free(pool); +} + +/** + * devm_qcom_tzmem_pool_new() - Managed variant of qcom_tzmem_pool_new(). + * @dev: Device managing this resource. + * @size: Size of the pool in bytes. + * + * Must not be used in atomic context. + * + * Returns: + * Address of the managed pool or ERR_PTR() on failure. + */ +struct qcom_tzmem_pool * +devm_qcom_tzmem_pool_new(struct device *dev, size_t size) +{ + struct qcom_tzmem_pool *pool; + int ret; + + pool = qcom_tzmem_pool_new(size); + if (IS_ERR(pool)) + return pool; + + ret = devm_add_action_or_reset(dev, devm_qcom_tzmem_pool_free, pool); + if (ret) + return ERR_PTR(ret); + + return pool; +} + +/** + * qcom_tzmem_alloc() - Allocate a memory chunk suitable for sharing with TZ. + * @pool: TZ memory pool from which to allocate memory. + * @size: Number of bytes to allocate. + * @gfp: GFP flags. + * + * Can be used in any context. + * + * Returns: + * Address of the allocated buffer or NULL if no more memory can be allocated. + * The buffer must be released using qcom_tzmem_free(). + */ +void *qcom_tzmem_alloc(struct qcom_tzmem_pool *pool, size_t size, gfp_t gfp) +{ + struct qcom_tzmem_chunk *chunk; + unsigned long vaddr; + int ret; + + if (!size) + return NULL; + + size = PAGE_ALIGN(size); + + chunk = kzalloc(sizeof(*chunk), gfp); + if (!chunk) + return NULL; + + vaddr = gen_pool_alloc(pool->pool, size); + if (!vaddr) { + kfree(chunk); + return NULL; + } + + chunk->paddr = gen_pool_virt_to_phys(pool->pool, vaddr); + chunk->size = size; + chunk->owner = pool; + + scoped_guard(spinlock_irqsave, &qcom_tzmem_chunks_lock) { + ret = radix_tree_insert(&qcom_tzmem_chunks, vaddr, chunk); + if (ret) { + gen_pool_free(pool->pool, vaddr, size); + kfree(chunk); + return NULL; + } + } + + return (void *)vaddr; +} +EXPORT_SYMBOL_GPL(qcom_tzmem_alloc); + +/** + * qcom_tzmem_free() - Release a buffer allocated from a TZ memory pool. + * @vaddr: Virtual address of the buffer. + * + * Can be used in any context. + */ +void qcom_tzmem_free(void *vaddr) +{ + struct qcom_tzmem_chunk *chunk; + + scoped_guard(spinlock_irqsave, &qcom_tzmem_chunks_lock) + chunk = radix_tree_delete_item(&qcom_tzmem_chunks, + (unsigned long)vaddr, NULL); + + if (!chunk) { + WARN(1, "Virtual address %p not owned by TZ memory allocator", + vaddr); + return; + } + + gen_pool_free(chunk->owner->pool, (unsigned long)vaddr, chunk->size); + kfree(chunk); +} +EXPORT_SYMBOL_GPL(qcom_tzmem_free); + +/** + * qcom_tzmem_to_phys() - Map the virtual address of a TZ buffer to physical. + * @vaddr: Virtual address of the buffer allocated from a TZ memory pool. + * + * Can be used in any context. The address must have been returned by a call + * to qcom_tzmem_alloc(). + * + * Returns: + * Physical address of the buffer. + */ +phys_addr_t qcom_tzmem_to_phys(void *vaddr) +{ + struct qcom_tzmem_chunk *chunk; + + guard(spinlock_irqsave)(&qcom_tzmem_chunks_lock); + + chunk = radix_tree_lookup(&qcom_tzmem_chunks, (unsigned long)vaddr); + if (!chunk) + return 0; + + return chunk->paddr; +} +EXPORT_SYMBOL_GPL(qcom_tzmem_to_phys); + +int qcom_tzmem_enable(struct device *dev) +{ + if (qcom_tzmem_dev) + return -EBUSY; + + qcom_tzmem_dev = dev; + + return qcom_tzmem_init(); +} +EXPORT_SYMBOL_GPL(qcom_tzmem_enable); + +MODULE_DESCRIPTION("TrustZone memory allocator for Qualcomm firmware drivers"); +MODULE_AUTHOR("Bartosz Golaszewski "); +MODULE_LICENSE("GPL"); diff --git a/drivers/firmware/qcom/qcom_tzmem.h b/drivers/firmware/qcom/qcom_tzmem.h new file mode 100644 index 000000000000..f82f5dc5b7b1 --- /dev/null +++ b/drivers/firmware/qcom/qcom_tzmem.h @@ -0,0 +1,13 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ +/* + * Copyright (C) 2023 Linaro Ltd. + */ + +#ifndef __QCOM_TZMEM_PRIV_H +#define __QCOM_TZMEM_PRIV_H + +struct device; + +int qcom_tzmem_enable(struct device *dev); + +#endif /* __QCOM_TZMEM_PRIV_H */ diff --git a/include/linux/firmware/qcom/qcom_tzmem.h b/include/linux/firmware/qcom/qcom_tzmem.h new file mode 100644 index 000000000000..8e7fddab8cb4 --- /dev/null +++ b/include/linux/firmware/qcom/qcom_tzmem.h @@ -0,0 +1,28 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ +/* + * Copyright (C) 2023 Linaro Ltd. + */ + +#ifndef __QCOM_TZMEM_H +#define __QCOM_TZMEM_H + +#include +#include +#include + +struct device; +struct qcom_tzmem_pool; + +struct qcom_tzmem_pool *qcom_tzmem_pool_new(size_t size); +void qcom_tzmem_pool_free(struct qcom_tzmem_pool *pool); +struct qcom_tzmem_pool * +devm_qcom_tzmem_pool_new(struct device *dev, size_t size); + +void *qcom_tzmem_alloc(struct qcom_tzmem_pool *pool, size_t size, gfp_t gfp); +void qcom_tzmem_free(void *ptr); + +DEFINE_FREE(qcom_tzmem, void *, if (_T) qcom_tzmem_free(_T)); + +phys_addr_t qcom_tzmem_to_phys(void *ptr); + +#endif /* __QCOM_TZMEM */