[v6,04/10] xen/arm: optee: add fast calls handling

Message ID	20190611184541.7281-5-volodymyr_babchuk@epam.com (mailing list archive)
State	Superseded
Headers	show Return-Path: <xen-devel-bounces@lists.xenproject.org> From: Volodymyr Babchuk <Volodymyr_Babchuk@epam.com> To: "xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org> Thread-Topic: [PATCH v6 04/10] xen/arm: optee: add fast calls handling Thread-Index: AQHVIIX72lCMo2UwcEWPIdWg/KmYYQ== Date: Tue, 11 Jun 2019 18:46:30 +0000 Message-ID: <20190611184541.7281-5-volodymyr_babchuk@epam.com> References: <20190611184541.7281-1-volodymyr_babchuk@epam.com> In-Reply-To: <20190611184541.7281-1-volodymyr_babchuk@epam.com> Accept-Language: en-US Content-Language: en-US received-spf: None (protection.outlook.com: epam.com does not designate permitted sender hosts) MIME-Version: 1.0 Subject: [Xen-devel] [PATCH v6 04/10] xen/arm: optee: add fast calls handling Precedence: list Cc: "tee-dev@lists.linaro.org" <tee-dev@lists.linaro.org>, Julien Grall <julien.grall@arm.com>, Stefano Stabellini <sstabellini@kernel.org>, Volodymyr Babchuk <Volodymyr_Babchuk@epam.com> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
Series	TEE mediator (and OP-TEE) support in XEN \| expand [v6,00/10] TEE mediator (and OP-TEE) support in XEN [v6,01/10] xen/arm: add generic TEE mediator framework [v6,02/10] xen/arm: optee: add OP-TEE header files [v6,03/10] xen/arm: optee: add OP-TEE mediator skeleton [v6,04/10] xen/arm: optee: add fast calls handling [v6,05/10] xen/arm: optee: add std call handling [v6,06/10] xen/arm: optee: add support for RPC SHM buffers [v6,07/10] xen/arm: optee: add support for arbitrary shared memory [v6,08/10] xen/arm: optee: add support for RPC commands [v6,09/10] tools/arm: tee: add "tee" option for xl.cfg [v6,10/10] tools/arm: optee: create optee firmware node in DT if tee=optee

Message ID

20190611184541.7281-5-volodymyr_babchuk@epam.com (mailing list archive)

State

Superseded

Headers

From: Volodymyr Babchuk <Volodymyr_Babchuk@epam.com>
To: "xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org>
Thread-Topic: [PATCH v6 04/10] xen/arm: optee: add fast calls handling
Thread-Index: AQHVIIX72lCMo2UwcEWPIdWg/KmYYQ==
Date: Tue, 11 Jun 2019 18:46:30 +0000
Message-ID: <20190611184541.7281-5-volodymyr_babchuk@epam.com>
References: <20190611184541.7281-1-volodymyr_babchuk@epam.com>
In-Reply-To: <20190611184541.7281-1-volodymyr_babchuk@epam.com>
Accept-Language: en-US
Content-Language: en-US
received-spf: None (protection.outlook.com: epam.com does not designate
 permitted sender hosts)
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 c0be3608-ada3-4686-8c0c-08d6ee9d1e73
X-MS-Exchange-CrossTenant-originalarrivaltime: 11 Jun 2019 18:46:30.7209 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: b41b72d0-4e9f-4c26-8a69-f949f367c91d
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: Volodymyr_Babchuk@epam.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM0PR03MB3795
Subject: [Xen-devel] [PATCH v6 04/10] xen/arm: optee: add fast calls handling
X-BeenThere: xen-devel@lists.xenproject.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: Xen developer discussion <xen-devel.lists.xenproject.org>
List-Unsubscribe: <https://lists.xenproject.org/mailman/options/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xenproject.org>
List-Help: <mailto:xen-devel-request@lists.xenproject.org?subject=help>
List-Subscribe: <https://lists.xenproject.org/mailman/listinfo/xen-devel>,
 <mailto:xen-devel-request@lists.xenproject.org?subject=subscribe>
Cc: "tee-dev@lists.linaro.org" <tee-dev@lists.linaro.org>,
 Julien Grall <julien.grall@arm.com>,
 Stefano Stabellini <sstabellini@kernel.org>,
 Volodymyr Babchuk <Volodymyr_Babchuk@epam.com>
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
Errors-To: xen-devel-bounces@lists.xenproject.org
Sender: "Xen-devel" <xen-devel-bounces@lists.xenproject.org>
X-Virus-Scanned: ClamAV using ClamSMTP

Series

TEE mediator (and OP-TEE) support in XEN | expand

Commit Message

Volodymyr Babchuk June 11, 2019, 6:46 p.m. UTC

This patch adds handling for the fast SMCs. As name suggests, those
calls can't be preempted and are used for auxiliary tasks such as
information retrieval. Most handlers are quite trivial, with exception
for capabilities information.

Capabilities exchange should be filtered out, so only caps
known to mediator are used. Also mediator disables static SHM
memory capability, because it can't share OP-TEE memory with a domain.
Only domain can share memory with OP-TEE, so it ensures that OP-TEE
supports dynamic SHM.

Basically, static SHM is a reserved memory region which is always
mapped into OP-TEE address space. It belongs to OP-TEE. Normally,
NW is allowed to access there, so it can communicate with OP-TEE.

On other hand, dynamic SHM is NW's own memory, which it can share
with OP-TEE. OP-TEE maps this memory dynamically, when it wants to
access it.

Because mediator can't share one static SHM region with all guests, it
just disables it for all of them. It is possible to make exception for
Dom0, but it requires separate handling for buffers allocated from
that region. Thus, it is not implemented yet.

Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
Acked-by: Julien Gral <julien.grall@arm.com>

---
 All the patches to optee.c should be merged together. They were
 split to ease up review. But they depend heavily on each other.

Changes from v4:
  - Handler does not use forward_call(). Instead it calls OP-TEE
    directly with arm_smccc_smc().
  - Handler modifies only those guest registers that are should
    be touched according to OP-TEE protocol specification.
  - Added OPTEE_MEDIATOR_SMC_COUNT definition.

Changes from v2:
  - Defined known capabilities explicitly
  - Fixed code style
---
 xen/arch/arm/tee/optee.c | 97 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 97 insertions(+)

diff --git a/xen/arch/arm/tee/optee.c b/xen/arch/arm/tee/optee.c
index e9b69bd2d2..6c51caa41a 100644
--- a/xen/arch/arm/tee/optee.c
+++ b/xen/arch/arm/tee/optee.c
@@ -32,9 +32,17 @@ 
 #include <asm/tee/optee_msg.h>
 #include <asm/tee/optee_smc.h>
 
+/* Number of SMCs known to the mediator */
+#define OPTEE_MEDIATOR_SMC_COUNT   11
+
 /* Client ID 0 is reserved for the hypervisor itself */
 #define OPTEE_CLIENT_ID(domain) ((domain)->domain_id + 1)
 
+#define OPTEE_KNOWN_NSEC_CAPS OPTEE_SMC_NSEC_CAP_UNIPROCESSOR
+#define OPTEE_KNOWN_SEC_CAPS (OPTEE_SMC_SEC_CAP_HAVE_RESERVED_SHM | \
+                              OPTEE_SMC_SEC_CAP_UNREGISTERED_SHM | \
+                              OPTEE_SMC_SEC_CAP_DYNAMIC_SHM)
+
 /* Domain context */
 struct optee_domain {
 };
@@ -120,22 +128,111 @@  static int optee_relinquish_resources(struct domain *d)
     return 0;
 }
 
+static void handle_exchange_capabilities(struct cpu_user_regs *regs)
+{
+    struct arm_smccc_res resp;
+    uint32_t caps;
+
+    /* Filter out unknown guest caps */
+    caps = get_user_reg(regs, 1);
+    caps &= OPTEE_KNOWN_NSEC_CAPS;
+
+    arm_smccc_smc(OPTEE_SMC_EXCHANGE_CAPABILITIES, caps, 0, 0, 0, 0, 0,
+                  OPTEE_CLIENT_ID(current->domain), &resp);
+    if ( resp.a0 != OPTEE_SMC_RETURN_OK ) {
+        set_user_reg(regs, 0, resp.a0);
+        return;
+    }
+
+    caps = resp.a1;
+
+    /* Filter out unknown OP-TEE caps */
+    caps &= OPTEE_KNOWN_SEC_CAPS;
+
+    /* Drop static SHM_RPC cap */
+    caps &= ~OPTEE_SMC_SEC_CAP_HAVE_RESERVED_SHM;
+
+    /* Don't allow guests to work without dynamic SHM */
+    if ( !(caps & OPTEE_SMC_SEC_CAP_DYNAMIC_SHM) )
+    {
+        set_user_reg(regs, 0, OPTEE_SMC_RETURN_ENOTAVAIL);
+        return;
+    }
+
+    set_user_reg(regs, 0, OPTEE_SMC_RETURN_OK);
+    set_user_reg(regs, 1, caps);
+}
+
 static bool optee_handle_call(struct cpu_user_regs *regs)
 {
+    struct arm_smccc_res resp;
+
     if ( !current->domain->arch.tee )
         return false;
 
     switch ( get_user_reg(regs, 0) )
     {
     case OPTEE_SMC_CALLS_COUNT:
+        set_user_reg(regs, 0, OPTEE_MEDIATOR_SMC_COUNT);
+        return true;
+
     case OPTEE_SMC_CALLS_UID:
+        arm_smccc_smc(OPTEE_SMC_CALLS_UID, 0, 0, 0, 0, 0, 0,
+                      OPTEE_CLIENT_ID(current->domain), &resp);
+        set_user_reg(regs, 0, resp.a0);
+        set_user_reg(regs, 1, resp.a1);
+        set_user_reg(regs, 2, resp.a2);
+        set_user_reg(regs, 3, resp.a3);
+        return true;
+
     case OPTEE_SMC_CALLS_REVISION:
+        arm_smccc_smc(OPTEE_SMC_CALLS_REVISION, 0, 0, 0, 0, 0, 0,
+                      OPTEE_CLIENT_ID(current->domain), &resp);
+        set_user_reg(regs, 0, resp.a0);
+        set_user_reg(regs, 1, resp.a1);
+        return true;
+
     case OPTEE_SMC_CALL_GET_OS_UUID:
+        arm_smccc_smc(OPTEE_SMC_CALL_GET_OS_UUID, 0, 0, 0, 0, 0, 0,
+                      OPTEE_CLIENT_ID(current->domain),&resp);
+        set_user_reg(regs, 0, resp.a0);
+        set_user_reg(regs, 1, resp.a1);
+        set_user_reg(regs, 2, resp.a2);
+        set_user_reg(regs, 3, resp.a3);
+        return true;
+
     case OPTEE_SMC_CALL_GET_OS_REVISION:
+        arm_smccc_smc(OPTEE_SMC_CALL_GET_OS_REVISION, 0, 0, 0, 0, 0, 0,
+                      OPTEE_CLIENT_ID(current->domain), &resp);
+        set_user_reg(regs, 0, resp.a0);
+        set_user_reg(regs, 1, resp.a1);
+        return true;
+
     case OPTEE_SMC_ENABLE_SHM_CACHE:
+        arm_smccc_smc(OPTEE_SMC_ENABLE_SHM_CACHE, 0, 0, 0, 0, 0, 0,
+                      OPTEE_CLIENT_ID(current->domain), &resp);
+        set_user_reg(regs, 0, resp.a0);
+        return true;
+
     case OPTEE_SMC_DISABLE_SHM_CACHE:
+        arm_smccc_smc(OPTEE_SMC_ENABLE_SHM_CACHE, 0, 0, 0, 0, 0, 0,
+                      OPTEE_CLIENT_ID(current->domain), &resp);
+        set_user_reg(regs, 0, resp.a0);
+        if ( resp.a0 == OPTEE_SMC_RETURN_OK ) {
+            set_user_reg(regs, 1, resp.a1);
+            set_user_reg(regs, 2, resp.a2);
+        }
+        return true;
+
     case OPTEE_SMC_GET_SHM_CONFIG:
+        /* No static SHM available for guests */
+        set_user_reg(regs, 0, OPTEE_SMC_RETURN_ENOTAVAIL);
+        return true;
+
     case OPTEE_SMC_EXCHANGE_CAPABILITIES:
+        handle_exchange_capabilities(regs);
+        return true;
+
     case OPTEE_SMC_CALL_WITH_ARG:
     case OPTEE_SMC_CALL_RETURN_FROM_RPC:
         set_user_reg(regs, 0, OPTEE_SMC_RETURN_ENOTAVAIL);

[v6,04/10] xen/arm: optee: add fast calls handling

Commit Message

Patch