From patchwork Tue Jun 11 18:46:17 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Volodymyr Babchuk X-Patchwork-Id: 10988135 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 70FEB76 for ; Tue, 11 Jun 2019 18:47:55 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 60F8A28389 for ; Tue, 11 Jun 2019 18:47:55 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 52DAF286AD; Tue, 11 Jun 2019 18:47:55 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.0 required=2.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id E924F28389 for ; Tue, 11 Jun 2019 18:47:53 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1halmr-0006D7-Hk; Tue, 11 Jun 2019 18:46:25 +0000 Received: from us1-rack-dfw2.inumbo.com ([104.130.134.6]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1halmq-0006Cv-7n for xen-devel@lists.xenproject.org; Tue, 11 Jun 2019 18:46:24 +0000 X-Inumbo-ID: 34832f9a-8c79-11e9-8980-bc764e045a96 Received: from EUR02-AM5-obe.outbound.protection.outlook.com (unknown [2a01:111:f400:fe07::61d]) by us1-rack-dfw2.inumbo.com (Halon) with ESMTPS id 34832f9a-8c79-11e9-8980-bc764e045a96; Tue, 11 Jun 2019 18:46:22 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=epam.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=xA1o85fLZMBXh/pAJykyF1XLeB4cvtd12fLITquPZXU=; b=bx7S60+IFpmTBU50ypHIdUlMv+tUIZoJTXtkdgbPkV5PNAzMXmYl86mecDlqn1EAbINCTBz0tyjc0ZPXnQ5kcN/DpY20AccqAOUeMyTv55NFX8IuLwOJ2hFSDYDbZCTzJ7JWMAMidwN2/TonScDy8p3hPQ2KddzTqa4Xy4TLdguPDmsFrPfMTFj/58CnZOPc92Amwqrqjj2+sqdOO3xkkg82tcDl/iSuKMK7QnLPKxKHrdu1M3tmd3AjRyAuYsEv6kUI7/jOr74c8wSCMTz+pKch790IqQm48PxRmpqZ5ZNNkk3w/G6aqJ+v5d6fGCrxGytn2/qJ8NJLpH5cgwuyCw== Received: from AM0PR03MB4148.eurprd03.prod.outlook.com (20.176.214.210) by AM0PR03MB4020.eurprd03.prod.outlook.com (52.135.147.30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1965.17; Tue, 11 Jun 2019 18:46:18 +0000 Received: from AM0PR03MB4148.eurprd03.prod.outlook.com ([fe80::d09e:ef3:88b6:b1eb]) by AM0PR03MB4148.eurprd03.prod.outlook.com ([fe80::d09e:ef3:88b6:b1eb%7]) with mapi id 15.20.1965.011; Tue, 11 Jun 2019 18:46:18 +0000 From: Volodymyr Babchuk To: "xen-devel@lists.xenproject.org" Thread-Topic: [PATCH v6 01/10] xen/arm: add generic TEE mediator framework Thread-Index: AQHVIIX0LXYA4omseU2mhUqCE6syGw== Date: Tue, 11 Jun 2019 18:46:17 +0000 Message-ID: <20190611184541.7281-2-volodymyr_babchuk@epam.com> References: <20190611184541.7281-1-volodymyr_babchuk@epam.com> In-Reply-To: <20190611184541.7281-1-volodymyr_babchuk@epam.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: spf=none (sender IP is ) smtp.mailfrom=Volodymyr_Babchuk@epam.com; x-originating-ip: [85.223.209.22] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 3c6fd87e-c42e-4b42-4df5-08d6ee9d16df x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(7168020)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:AM0PR03MB4020; x-ms-traffictypediagnostic: AM0PR03MB4020: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:9508; x-forefront-prvs: 006546F32A x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(39860400002)(376002)(346002)(396003)(366004)(136003)(199004)(189003)(2351001)(14444005)(54906003)(86362001)(1076003)(256004)(7416002)(316002)(71200400001)(11346002)(6916009)(2616005)(476003)(71190400001)(486006)(446003)(30864003)(2501003)(5660300002)(6116002)(80792005)(7736002)(305945005)(99286004)(3846002)(26005)(53936002)(66946007)(4326008)(6436002)(6506007)(76116006)(76176011)(68736007)(8936002)(36756003)(73956011)(72206003)(25786009)(102836004)(186003)(6486002)(6512007)(55236004)(91956017)(8676002)(64756008)(66556008)(66476007)(66066001)(2906002)(14454004)(81156014)(81166006)(478600001)(66446008)(5640700003)(41533002)(21314003)(2004002)(6606295002); DIR:OUT; SFP:1101; SCL:1; SRVR:AM0PR03MB4020; H:AM0PR03MB4148.eurprd03.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: epam.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: UQb8y3ThXCI1gxXEV0pwNS3uGXcaRD6pwpNanrEgcqtyFQi+YX0zx+9O6nQyFtBNneAOMm1CvYJsur4043bMuKLV9oPJaBXxa5KPrFFEnmhAd0u236sx2fspgYBG9O5BCcwdhZak7kibzznVp4GmjMohCiUCZssE3WtY8qSlQ6QmUUDyzwvN6ev6r6CUCyxrLXESsHP54jhauNWzNUMEmlpFAjBlGXvFYUbgcjcSDgmTQ8ovJqXVtWWnTAvwphDZWLvG8ATNDZvBz58Rr7o5F6Fv2cAPV0pu7rCjT6Do+FJcfzNS/lmXnzOwZrjoc3hjYd1AnaqFq5h5kr7DnUmDvn3BcCUQO5VNFWNoQAa0IwFVZSZ5Ui7DZ3Cdp02HOjSgjlf98lUYVftg9FkUgVR5KTd5ufAaIyRdH2SxYISjTh4= MIME-Version: 1.0 X-OriginatorOrg: epam.com X-MS-Exchange-CrossTenant-Network-Message-Id: 3c6fd87e-c42e-4b42-4df5-08d6ee9d16df X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Jun 2019 18:46:17.9743 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: b41b72d0-4e9f-4c26-8a69-f949f367c91d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: Volodymyr_Babchuk@epam.com X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR03MB4020 Subject: [Xen-devel] [PATCH v6 01/10] xen/arm: add generic TEE mediator framework X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Stefano Stabellini , Wei Liu , Konrad Rzeszutek Wilk , George Dunlap , Andrew Cooper , Ian Jackson , Tim Deegan , "tee-dev@lists.linaro.org" , Julien Grall , Volodymyr Babchuk Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" X-Virus-Scanned: ClamAV using ClamSMTP This patch adds basic framework for TEE mediators. Guests can't talk to TEE directly, we need some entity that will intercept request and decide what to do with them. "TEE mediator" is a such entity. This is how it works: user can build XEN with multiple TEE mediators (see the next patches, where OP-TEE mediator is introduced). TEE mediator register self with REGISTER_TEE_MEDIATOR() macro in the same way, as device drivers use DT_DEVICE_START()/DT_DEVICE_END() macros. At run-time, during initialization, framework calls probe() function for each available mediator driver to find which TEE is installed on the platform. Then generic vSMC handler will call selected mediator when it intercept SMC/HVC that belongs to TEE OS or TEE application. Signed-off-by: Volodymyr Babchuk Reviewed-by: Julien Grall Acked-by: Stefano Stabellini --- Changes from v5: - Fixed bug, when XEN won't boot with CONFIG_TEE=n - Fixed coding style - Added __read_mostly attribute to *cur_mediator variable Changes from v4: - Added tee_get_type() function, which returns id of currently available TEE - Removed "dom0_tee_enabled" command line option. Dom0 now always uses currently available TEE. - Added TEE type sanity check in arch_sanitise_domain_config() - tee_domain_init() now internally checks if requested TEE type corresponds to available TEE - removed tee_domain_destroy() function because it is not used by anyone Changes from v3: - tee_enable() renamed to tee_domain_init() - Added tee_relinquish_resources() function along with changes to domain_relinquish_resources() - Added command-line parameter dom0_tee_enabled, which controls if tee is enabled for Dom0. It is disabled by default - Instead of boolean tee state (enabled/disabled) I introduced enumeration with two values: none or native. It is possible to add other types of tee in the future Changes from v2: - Removed empty tee/Kconfig file Changes from v1: - Removed tee_remove() function - CONFIG_TEE depends on EXPERT - tee_domain_created() converted to tee_enable() - tee_init() is called using initcall() mechanism - tee_handle_smc() renamed to tee_handle_call() Changes from "RFC" version: - renamed CONFIG_ARM_TEE to CONFIG_TEE - changed discovery mechanism: instead of UUID mathing, TEE-specific probing is used --- MAINTAINERS | 6 ++ xen/arch/arm/Kconfig | 7 +++ xen/arch/arm/Makefile | 1 + xen/arch/arm/domain.c | 18 ++++++ xen/arch/arm/setup.c | 2 + xen/arch/arm/tee/Makefile | 1 + xen/arch/arm/tee/tee.c | 98 +++++++++++++++++++++++++++++ xen/arch/arm/vsmc.c | 5 ++ xen/arch/arm/xen.lds.S | 7 +++ xen/include/asm-arm/domain.h | 1 + xen/include/asm-arm/tee/tee.h | 112 ++++++++++++++++++++++++++++++++++ xen/include/public/arch-arm.h | 5 ++ 12 files changed, 263 insertions(+) create mode 100644 xen/arch/arm/tee/Makefile create mode 100644 xen/arch/arm/tee/tee.c create mode 100644 xen/include/asm-arm/tee/tee.h diff --git a/MAINTAINERS b/MAINTAINERS index 6fbdc2bdcb..ab32e7f409 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -381,6 +381,12 @@ F: config/Stubdom.mk.in F: m4/stubdom.m4 F: stubdom/ +TEE MEDIATORS +M: Volodymyr Babchuk +S: Supported +F: xen/arch/arm/tee/ +F: xen/include/asm-arm/tee + TOOLSTACK M: Ian Jackson M: Wei Liu diff --git a/xen/arch/arm/Kconfig b/xen/arch/arm/Kconfig index 585b57f023..caaf377a33 100644 --- a/xen/arch/arm/Kconfig +++ b/xen/arch/arm/Kconfig @@ -106,6 +106,13 @@ config HARDEN_BRANCH_PREDICTOR If unsure, say Y. +config TEE + bool "Enable TEE mediators support" if EXPERT = "y" + default n + help + This option enables generic TEE mediators support. It allows guests + to access real TEE via one of TEE mediators implemented in XEN. + endmenu menu "ARM errata workaround via the alternative framework" diff --git a/xen/arch/arm/Makefile b/xen/arch/arm/Makefile index cb902cb6fe..5c2aa34557 100644 --- a/xen/arch/arm/Makefile +++ b/xen/arch/arm/Makefile @@ -5,6 +5,7 @@ subdir-$(CONFIG_ACPI) += acpi ifneq ($(CONFIG_NO_PLAT),y) subdir-y += platforms endif +subdir-$(CONFIG_TEE) += tee obj-$(CONFIG_HAS_ALTERNATIVE) += alternative.o obj-y += bootfdt.init.o diff --git a/xen/arch/arm/domain.c b/xen/arch/arm/domain.c index ad1b106bd7..d27a137f7a 100644 --- a/xen/arch/arm/domain.c +++ b/xen/arch/arm/domain.c @@ -32,6 +32,7 @@ #include #include #include +#include #include #include #include @@ -647,6 +648,12 @@ int arch_sanitise_domain_config(struct xen_domctl_createdomain *config) return -EINVAL; } + if ( config->arch.tee_type != XEN_DOMCTL_CONFIG_TEE_NONE ) + { + dprintk(XENLOG_INFO, "Unsupported TEE type\n"); + return -EINVAL; + } + return 0; } @@ -704,6 +711,9 @@ int arch_domain_create(struct domain *d, if ( (rc = domain_vtimer_init(d, &config->arch)) != 0 ) goto fail; + if ( (rc = tee_domain_init(d, config->arch.tee_type)) != 0 ) + goto fail; + update_domain_wallclock_time(d); /* @@ -948,6 +958,14 @@ int domain_relinquish_resources(struct domain *d) */ domain_vpl011_deinit(d); + d->arch.relmem = RELMEM_tee; + /* Fallthrough */ + + case RELMEM_tee: + ret = tee_relinquish_resources(d); + if (ret ) + return ret; + d->arch.relmem = RELMEM_xen; /* Fallthrough */ diff --git a/xen/arch/arm/setup.c b/xen/arch/arm/setup.c index 5af49c7a08..1643f91f1c 100644 --- a/xen/arch/arm/setup.c +++ b/xen/arch/arm/setup.c @@ -49,6 +49,7 @@ #include #include #include +#include #include #include @@ -894,6 +895,7 @@ void __init start_xen(unsigned long boot_phys_offset, dom0_cfg.arch.nr_spis = min(gic_number_lines(), (unsigned int) 992) - 32; if ( gic_number_lines() > 992 ) printk(XENLOG_WARNING "Maximum number of vGIC IRQs exceeded.\n"); + dom0_cfg.arch.tee_type = tee_get_type(); dom0_cfg.max_vcpus = dom0_max_vcpus(); dom0 = domain_create(0, &dom0_cfg, true); diff --git a/xen/arch/arm/tee/Makefile b/xen/arch/arm/tee/Makefile new file mode 100644 index 0000000000..c54d4796ff --- /dev/null +++ b/xen/arch/arm/tee/Makefile @@ -0,0 +1 @@ +obj-y += tee.o diff --git a/xen/arch/arm/tee/tee.c b/xen/arch/arm/tee/tee.c new file mode 100644 index 0000000000..3964a8a5cd --- /dev/null +++ b/xen/arch/arm/tee/tee.c @@ -0,0 +1,98 @@ +/* + * xen/arch/arm/tee/tee.c + * + * Generic part of TEE mediator subsystem + * + * Volodymyr Babchuk + * Copyright (c) 2018-2019 EPAM Systems. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#include +#include +#include + +#include + +extern const struct tee_mediator_desc _steemediator[], _eteemediator[]; +static const struct tee_mediator_desc __read_mostly *cur_mediator; + +/* + * TODO: Add function to alter Dom0 DTB, so we can properly describe + * present TEE. + */ + +bool tee_handle_call(struct cpu_user_regs *regs) +{ + if ( unlikely(!cur_mediator) ) + return false; + + return cur_mediator->ops->handle_call(regs); +} + +int tee_domain_init(struct domain *d, uint16_t tee_type) +{ + if ( tee_type == XEN_DOMCTL_CONFIG_TEE_NONE ) + return 0; + + if ( !cur_mediator ) + return -ENODEV; + + if ( cur_mediator->tee_type != tee_type ) + return -EINVAL; + + return cur_mediator->ops->domain_init(d); +} + +int tee_relinquish_resources(struct domain *d) +{ + if ( !cur_mediator ) + return 0; + + return cur_mediator->ops->relinquish_resources(d); +} + +uint16_t tee_get_type(void) +{ + if ( !cur_mediator ) + return XEN_DOMCTL_CONFIG_TEE_NONE; + + return cur_mediator->tee_type; +} + + +static int __init tee_init(void) +{ + const struct tee_mediator_desc *desc; + + for ( desc = _steemediator; desc != _eteemediator; desc++ ) + { + if ( desc->ops->probe() ) + { + printk(XENLOG_INFO "Using TEE mediator for %s\n", desc->name); + cur_mediator = desc; + return 0; + } + } + + return 0; +} + +__initcall(tee_init); + +/* + * Local variables: + * mode: C + * c-file-style: "BSD" + * c-basic-offset: 4 + * indent-tabs-mode: nil + * End: + */ diff --git a/xen/arch/arm/vsmc.c b/xen/arch/arm/vsmc.c index c72b9a04ff..f8e350311d 100644 --- a/xen/arch/arm/vsmc.c +++ b/xen/arch/arm/vsmc.c @@ -23,6 +23,7 @@ #include #include #include +#include #include #include #include @@ -276,6 +277,10 @@ static bool vsmccc_handle_call(struct cpu_user_regs *regs) case ARM_SMCCC_OWNER_SIP: handled = platform_smc(regs); break; + case ARM_SMCCC_OWNER_TRUSTED_APP ... ARM_SMCCC_OWNER_TRUSTED_APP_END: + case ARM_SMCCC_OWNER_TRUSTED_OS ... ARM_SMCCC_OWNER_TRUSTED_OS_END: + handled = tee_handle_call(regs); + break; } } diff --git a/xen/arch/arm/xen.lds.S b/xen/arch/arm/xen.lds.S index 1e72906477..e664c4441a 100644 --- a/xen/arch/arm/xen.lds.S +++ b/xen/arch/arm/xen.lds.S @@ -137,6 +137,13 @@ SECTIONS _aedevice = .; } :text + . = ALIGN(8); + .teemediator.info : { + _steemediator = .; + *(.teemediator.info) + _eteemediator = .; + } :text + . = ALIGN(PAGE_SIZE); /* Init code and data */ __init_begin = .; .init.text : { diff --git a/xen/include/asm-arm/domain.h b/xen/include/asm-arm/domain.h index 312fec8932..0f15372098 100644 --- a/xen/include/asm-arm/domain.h +++ b/xen/include/asm-arm/domain.h @@ -58,6 +58,7 @@ struct arch_domain /* Continuable domain_relinquish_resources(). */ enum { RELMEM_not_started, + RELMEM_tee, RELMEM_xen, RELMEM_page, RELMEM_mapping, diff --git a/xen/include/asm-arm/tee/tee.h b/xen/include/asm-arm/tee/tee.h new file mode 100644 index 0000000000..f483986385 --- /dev/null +++ b/xen/include/asm-arm/tee/tee.h @@ -0,0 +1,112 @@ +/* + * xen/include/asm-arm/tee/tee.h + * + * Generic part of TEE mediator subsystem + * + * Volodymyr Babchuk + * Copyright (c) 2018 EPAM Systems. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + */ + +#ifndef __ARCH_ARM_TEE_TEE_H__ +#define __ARCH_ARM_TEE_TEE_H__ + +#include +#include + +#include + +#ifdef CONFIG_TEE + +struct tee_mediator_ops { + /* + * Probe for TEE. Should return true if TEE found and + * mediator is initialized. + */ + bool (*probe)(void); + + /* + * Called during domain construction if toolstack requests to enable + * TEE support so mediator can inform TEE about new + * guest and create own structures for the new domain. + */ + int (*domain_init)(struct domain *d); + + /* + * Called during domain destruction to relinquish resources used + * by mediator itself. This function can return -ERESTART to indicate + * that it does not finished work and should be called again. + */ + int (*relinquish_resources)(struct domain *d); + + /* Handle SMCCC call for current domain. */ + bool (*handle_call)(struct cpu_user_regs *regs); +}; + +struct tee_mediator_desc { + /* Printable name of the TEE. */ + const char *name; + + /* Mediator callbacks as described above. */ + const struct tee_mediator_ops *ops; + + /* + * ID of TEE. Corresponds to xen_arch_domainconfig.tee_type. + * Should be one of XEN_DOMCTL_CONFIG_TEE_xxx + */ + uint16_t tee_type; +}; + +bool tee_handle_call(struct cpu_user_regs *regs); +int tee_domain_init(struct domain *d, uint16_t tee_type); +int tee_relinquish_resources(struct domain *d); +uint16_t tee_get_type(void); + +#define REGISTER_TEE_MEDIATOR(_name, _namestr, _type, _ops) \ +static const struct tee_mediator_desc __tee_desc_##_name __used \ +__section(".teemediator.info") = { \ + .name = _namestr, \ + .ops = _ops, \ + .tee_type = _type \ +} + +#else + +static inline bool tee_handle_call(struct cpu_user_regs *regs) +{ + return false; +} + +static inline int tee_domain_init(struct domain *d, uint16_t tee_type) +{ + if ( likely(tee_type == XEN_DOMCTL_CONFIG_TEE_NONE) ) + return 0; + + return -ENODEV; +} + +static inline int tee_relinquish_resources(struct domain *d) +{ + return 0; +} + +static inline uint16_t tee_get_type(void) +{ + return XEN_DOMCTL_CONFIG_TEE_NONE; +} + +#endif /* CONFIG_TEE */ + +#endif /* __ARCH_ARM_TEE_TEE_H__ */ + +/* + * Local variables: + * mode: C + * c-file-style: "BSD" + * c-basic-offset: 4 + * indent-tabs-mode: nil + * End: + */ diff --git a/xen/include/public/arch-arm.h b/xen/include/public/arch-arm.h index eb424e8286..bb69c380ec 100644 --- a/xen/include/public/arch-arm.h +++ b/xen/include/public/arch-arm.h @@ -304,10 +304,15 @@ DEFINE_XEN_GUEST_HANDLE(vcpu_guest_context_t); #define XEN_DOMCTL_CONFIG_GIC_NATIVE 0 #define XEN_DOMCTL_CONFIG_GIC_V2 1 #define XEN_DOMCTL_CONFIG_GIC_V3 2 + +#define XEN_DOMCTL_CONFIG_TEE_NONE 0 + struct xen_arch_domainconfig { /* IN/OUT */ uint8_t gic_version; /* IN */ + uint16_t tee_type; + /* IN */ uint32_t nr_spis; /* * OUT