From patchwork Sat Nov 11 11:15:52 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?b?WW9uZyBXdSAo5ZC05YuHKQ==?= X-Patchwork-Id: 743230 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D47FD11706; Sat, 11 Nov 2023 11:16:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=mediatek.com header.i=@mediatek.com header.b="c+mim2i6" Received: from mailgw02.mediatek.com (unknown [210.61.82.184]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C0F583C07; Sat, 11 Nov 2023 03:16:36 -0800 (PST) X-UUID: c4339024808311ee8051498923ad61e6-20231111 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=mediatek.com; s=dk; h=Content-Type:Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:CC:To:From; bh=5pqE+DYe4rnOPGFUkj/FPYZIcGvVBO4Lr5b8DvLKJBo=; b=c+mim2i6dEexF8Tnh9YJuu5YBWMcFMpL2rAsq/tNPDLiNWqkuQ3KhXiaxqmbntCQRBU3OTfH7FrRNEhjriffZDOtyEUikX9t1O0wPDB9NNXvej/t7BSre+zUywVow9GlVRPibkYzxdi4xl4HziIpBgVW3xRTKmguuzPUzuDPo1A=; X-CID-P-RULE: Release_Ham X-CID-O-INFO: VERSION:1.1.33, REQID:d1206b75-2855-4af6-8b3e-693319a057c2, IP:0, U RL:0,TC:0,Content:-25,EDM:0,RT:0,SF:0,FILE:0,BULK:0,RULE:Release_Ham,ACTIO N:release,TS:-25 X-CID-META: VersionHash:364b77b, CLOUDID:356669fc-4a48-46e2-b946-12f04f20af8c, B ulkID:nil,BulkQuantity:0,Recheck:0,SF:102,TC:nil,Content:0,EDM:-3,IP:nil,U RL:11|1,File:nil,Bulk:nil,QS:nil,BEC:nil,COL:0,OSI:0,OSA:0,AV:0,LES:1,SPR: NO,DKR:0,DKP:0,BRR:0,BRE:0 X-CID-BVR: 0,NGT X-CID-BAS: 0,NGT,0,_ X-CID-FACTOR: TF_CID_SPAM_ULN,TF_CID_SPAM_SNR X-UUID: c4339024808311ee8051498923ad61e6-20231111 Received: from mtkmbs11n2.mediatek.inc [(172.21.101.187)] by mailgw02.mediatek.com (envelope-from ) (Generic MTA with TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 256/256) with ESMTP id 1528022555; Sat, 11 Nov 2023 19:16:31 +0800 Received: from mtkmbs11n1.mediatek.inc (172.21.101.185) by mtkmbs10n2.mediatek.inc (172.21.101.183) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.26; Sat, 11 Nov 2023 19:16:29 +0800 Received: from mhfsdcap04.gcn.mediatek.inc (10.17.3.154) by mtkmbs11n1.mediatek.inc (172.21.101.73) with Microsoft SMTP Server id 15.2.1118.26 via Frontend Transport; Sat, 11 Nov 2023 19:16:28 +0800 From: Yong Wu To: Rob Herring , Sumit Semwal , , Matthias Brugger CC: Krzysztof Kozlowski , Conor Dooley , Benjamin Gaignard , Brian Starkey , John Stultz , , AngeloGioacchino Del Regno , Yong Wu , , , , , , , , , , Vijayanand Jitta , Joakim Bech , Jeffrey Kardatzke , Nicolas Dufresne , Subject: [PATCH v2 1/8] dma-buf: heaps: Initialize a secure heap Date: Sat, 11 Nov 2023 19:15:52 +0800 Message-ID: <20231111111559.8218-2-yong.wu@mediatek.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231111111559.8218-1-yong.wu@mediatek.com> References: <20231111111559.8218-1-yong.wu@mediatek.com> Precedence: bulk X-Mailing-List: linux-media@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-14.0.0.3152-9.1.1006-23728.005 X-TM-AS-Result: No-10--0.102500-8.000000 X-TMASE-MatchedRID: R/IVBg3SNBztAxjyNphE0lz+axQLnAVB5Y0kb0hqatw1LB46LFAAkpkC erFMaabiXQS0szagh4NSeVWfRpnv1OG0fWP55EEGma6DzXaohvPJ5SXtoJPLyCfO9H6Y/dy+Ogm GgL3Bwl0o7OCuyuJ1PmqR4nX2iz2+28kC8Kr7Asnil2r2x2PwtYfsPVs/8Vw6wDR44lliPu14ou ZEjkeLRr1/tzoqsVtZ7u6XJjV0Px9vrBnHW6XSnLrbxxduc6FPfrTt+hmA5bLczkKO5k4APoHP3 u3XDM5D4vM1YF6AJbbCCfuIMF6xLd934/rDAK3zlGdyD+QE2h9stf3gH1DFfDLh2YhC+ssg+n7K vjpDA2q2eoE4McoveEfJyHP7nZLkRo7PQ4TnmqaIqXjHhHSOrf0wV9qYAdsBye5hsD33dxxtUY6 LqdlQnFr3vnlc+D6eVZObrZkNVZRlRd/nfa56MaSPBBRGVW4o X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--0.102500-8.000000 X-TMASE-Version: SMEX-14.0.0.3152-9.1.1006-23728.005 X-TM-SNTS-SMTP: B1A63D69B5B3FF16385E0990BF5DBBB8142FEFB549F5713A3389450CC12E462B2000:8 X-MTK: N Initialize a secure heap. Currently just add a null heap, Prepare for the later patches. Signed-off-by: Yong Wu --- drivers/dma-buf/heaps/Kconfig | 7 +++ drivers/dma-buf/heaps/Makefile | 1 + drivers/dma-buf/heaps/secure_heap.c | 98 +++++++++++++++++++++++++++++ 3 files changed, 106 insertions(+) create mode 100644 drivers/dma-buf/heaps/secure_heap.c diff --git a/drivers/dma-buf/heaps/Kconfig b/drivers/dma-buf/heaps/Kconfig index a5eef06c4226..e358bf711145 100644 --- a/drivers/dma-buf/heaps/Kconfig +++ b/drivers/dma-buf/heaps/Kconfig @@ -12,3 +12,10 @@ config DMABUF_HEAPS_CMA Choose this option to enable dma-buf CMA heap. This heap is backed by the Contiguous Memory Allocator (CMA). If your system has these regions, you should say Y here. + +config DMABUF_HEAPS_SECURE + bool "DMA-BUF Secure Heap" + depends on DMABUF_HEAPS && TEE + help + Choose this option to enable dma-buf secure heap. This heap is backed by + TEE client interfaces or CMA. If in doubt, say N. diff --git a/drivers/dma-buf/heaps/Makefile b/drivers/dma-buf/heaps/Makefile index 974467791032..b1ad9d1f2fbe 100644 --- a/drivers/dma-buf/heaps/Makefile +++ b/drivers/dma-buf/heaps/Makefile @@ -1,3 +1,4 @@ # SPDX-License-Identifier: GPL-2.0 +obj-$(CONFIG_DMABUF_HEAPS_SECURE) += secure_heap.o obj-$(CONFIG_DMABUF_HEAPS_SYSTEM) += system_heap.o obj-$(CONFIG_DMABUF_HEAPS_CMA) += cma_heap.o diff --git a/drivers/dma-buf/heaps/secure_heap.c b/drivers/dma-buf/heaps/secure_heap.c new file mode 100644 index 000000000000..a634051a0a67 --- /dev/null +++ b/drivers/dma-buf/heaps/secure_heap.c @@ -0,0 +1,98 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * DMABUF secure heap exporter + * + * Copyright (C) 2023 MediaTek Inc. + */ + +#include +#include +#include +#include +#include + +enum secure_memory_type { + /* + * MediaTek static chunk memory carved out for TrustZone. The memory + * management is inside the TEE. + */ + SECURE_MEMORY_TYPE_MTK_CM_TZ = 1, +}; + +struct secure_buffer { + struct dma_heap *heap; + size_t size; +}; + +struct secure_heap { + const char *name; + const enum secure_memory_type mem_type; +}; + +static struct dma_buf * +secure_heap_allocate(struct dma_heap *heap, unsigned long size, + unsigned long fd_flags, unsigned long heap_flags) +{ + struct secure_buffer *sec_buf; + DEFINE_DMA_BUF_EXPORT_INFO(exp_info); + struct dma_buf *dmabuf; + int ret; + + sec_buf = kzalloc(sizeof(*sec_buf), GFP_KERNEL); + if (!sec_buf) + return ERR_PTR(-ENOMEM); + + sec_buf->size = ALIGN(size, PAGE_SIZE); + sec_buf->heap = heap; + + exp_info.exp_name = dma_heap_get_name(heap); + exp_info.size = sec_buf->size; + exp_info.flags = fd_flags; + exp_info.priv = sec_buf; + + dmabuf = dma_buf_export(&exp_info); + if (IS_ERR(dmabuf)) { + ret = PTR_ERR(dmabuf); + goto err_free_buf; + } + + return dmabuf; + +err_free_buf: + kfree(sec_buf); + return ERR_PTR(ret); +} + +static const struct dma_heap_ops sec_heap_ops = { + .allocate = secure_heap_allocate, +}; + +static struct secure_heap secure_heaps[] = { + { + .name = "secure_mtk_cm", + .mem_type = SECURE_MEMORY_TYPE_MTK_CM_TZ, + }, +}; + +static int secure_heap_init(void) +{ + struct secure_heap *sec_heap = secure_heaps; + struct dma_heap_export_info exp_info; + struct dma_heap *heap; + unsigned int i; + + for (i = 0; i < ARRAY_SIZE(secure_heaps); i++, sec_heap++) { + exp_info.name = sec_heap->name; + exp_info.ops = &sec_heap_ops; + exp_info.priv = (void *)sec_heap; + + heap = dma_heap_add(&exp_info); + if (IS_ERR(heap)) + return PTR_ERR(heap); + } + return 0; +} + +module_init(secure_heap_init); +MODULE_DESCRIPTION("Secure Heap Driver"); +MODULE_LICENSE("GPL"); From patchwork Sat Nov 11 11:15:53 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?b?WW9uZyBXdSAo5ZC05YuHKQ==?= X-Patchwork-Id: 743432 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5A9A012B9E; Sat, 11 Nov 2023 11:16:49 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=mediatek.com header.i=@mediatek.com header.b="Aca1ymKX" Received: from mailgw01.mediatek.com (unknown [60.244.123.138]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 307B544BF; Sat, 11 Nov 2023 03:16:47 -0800 (PST) X-UUID: ca80bfce808311eea33bb35ae8d461a2-20231111 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=mediatek.com; s=dk; h=Content-Type:Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:CC:To:From; bh=VE6GZfuzzSGdF7z/E1jtU6vKI/4GFs1fIexqiuUOd+g=; b=Aca1ymKXmrmk3qUnJmqsdfHn0820KQjYWuioZavR8cvxjc7poUvrCV0KR7kLA3aE/PwIJhI1nFxj4cFQmvrVJG27Yr2JLUzaKfzI2fd6xeGgVCjsaxZEPtFVX6tDeBT+48Gm1RTyN1lAYDiINS8xBMWC1GviTSy7qcPJUmMKCHY=; X-CID-P-RULE: Release_Ham X-CID-O-INFO: VERSION:1.1.33, REQID:ecaffbfc-27e8-4d33-b765-a7264e9a70cd, IP:0, U RL:0,TC:0,Content:0,EDM:0,RT:0,SF:0,FILE:0,BULK:0,RULE:Release_Ham,ACTION: release,TS:0 X-CID-META: VersionHash:364b77b, CLOUDID:39174695-10ce-4e4b-85c2-c9b5229ff92b, B ulkID:nil,BulkQuantity:0,Recheck:0,SF:102,TC:nil,Content:0,EDM:-3,IP:nil,U RL:0,File:nil,Bulk:nil,QS:nil,BEC:nil,COL:0,OSI:0,OSA:0,AV:0,LES:1,SPR:NO, DKR:0,DKP:0,BRR:0,BRE:0 X-CID-BVR: 0,NGT X-CID-BAS: 0,NGT,0,_ X-CID-FACTOR: TF_CID_SPAM_SNR X-UUID: ca80bfce808311eea33bb35ae8d461a2-20231111 Received: from mtkmbs10n2.mediatek.inc [(172.21.101.183)] by mailgw01.mediatek.com (envelope-from ) (Generic MTA with TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 256/256) with ESMTP id 2039734294; Sat, 11 Nov 2023 19:16:42 +0800 Received: from mtkmbs11n1.mediatek.inc (172.21.101.185) by MTKMBS14N2.mediatek.inc (172.21.101.76) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.26; Sat, 11 Nov 2023 19:16:40 +0800 Received: from mhfsdcap04.gcn.mediatek.inc (10.17.3.154) by mtkmbs11n1.mediatek.inc (172.21.101.73) with Microsoft SMTP Server id 15.2.1118.26 via Frontend Transport; Sat, 11 Nov 2023 19:16:39 +0800 From: Yong Wu To: Rob Herring , Sumit Semwal , , Matthias Brugger CC: Krzysztof Kozlowski , Conor Dooley , Benjamin Gaignard , Brian Starkey , John Stultz , , AngeloGioacchino Del Regno , Yong Wu , , , , , , , , , , Vijayanand Jitta , Joakim Bech , Jeffrey Kardatzke , Nicolas Dufresne , Subject: [PATCH v2 2/8] dma-buf: heaps: secure_heap: Add private heap ops Date: Sat, 11 Nov 2023 19:15:53 +0800 Message-ID: <20231111111559.8218-3-yong.wu@mediatek.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231111111559.8218-1-yong.wu@mediatek.com> References: <20231111111559.8218-1-yong.wu@mediatek.com> Precedence: bulk X-Mailing-List: linux-media@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-14.0.0.3152-9.1.1006-23728.005 X-TM-AS-Result: No-10--2.256700-8.000000 X-TMASE-MatchedRID: PQ2N/OmJeX7YfPOPCpnfAhlckvO1m+Jc2D/7bUIJlF05mHVw4i4YQBMG tPkUyFbdIV4u8YKdeKsWHIQM6TbbE40GdWKgGbBh4T0EFRcNxxTEoDEGChh7CQqiCYa6w8tveKL mRI5Hi0abuQcHZubU2nATsg8MODVIHxPMjOKY7A8LbigRnpKlKSBuGJWwgxArX1upngn1Gyell7 LwyCJ0+7K63CMI769Dwsv6gGdF/4S1typ2+c7FWpwJZ1Nrcojum9GQN90avfrr6k+nXg4S3WS1e oi1doD5Xy/9ftq4Z/Jpp55fZDlsr34cY/B7JqXaYZ1R7NXn0MdBmmCXcKyFFJ6oP1a0mRIj X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--2.256700-8.000000 X-TMASE-Version: SMEX-14.0.0.3152-9.1.1006-23728.005 X-TM-SNTS-SMTP: 94200BC56EA00A3F690E907892C59CF2C7B8A2B0F75DB0AA7E49E585E508D63C2000:8 X-MTK: N For the secure memory, there are two steps: a) Allocate buffers in kernel side; b) Secure that buffer. Different heaps may have different buffer allocation methods and different memory protection methods. Here abstract the memory allocation and securing operations. Signed-off-by: Yong Wu --- drivers/dma-buf/heaps/secure_heap.c | 58 ++++++++++++++++++++++++++++- 1 file changed, 57 insertions(+), 1 deletion(-) diff --git a/drivers/dma-buf/heaps/secure_heap.c b/drivers/dma-buf/heaps/secure_heap.c index a634051a0a67..87ac23072e9e 100644 --- a/drivers/dma-buf/heaps/secure_heap.c +++ b/drivers/dma-buf/heaps/secure_heap.c @@ -24,15 +24,66 @@ struct secure_buffer { size_t size; }; +struct secure_heap; + +struct secure_heap_prv_data { + int (*memory_alloc)(struct secure_heap *sec_heap, struct secure_buffer *sec_buf); + void (*memory_free)(struct secure_heap *sec_heap, struct secure_buffer *sec_buf); + + /* Protect/unprotect the memory */ + int (*secure_the_memory)(struct secure_heap *sec_heap, struct secure_buffer *sec_buf); + void (*unsecure_the_memory)(struct secure_heap *sec_heap, struct secure_buffer *sec_buf); +}; + struct secure_heap { const char *name; const enum secure_memory_type mem_type; + + const struct secure_heap_prv_data *data; }; +static int secure_heap_secure_memory_allocate(struct secure_heap *sec_heap, + struct secure_buffer *sec_buf) +{ + const struct secure_heap_prv_data *data = sec_heap->data; + int ret; + + if (data->memory_alloc) { + ret = data->memory_alloc(sec_heap, sec_buf); + if (ret) + return ret; + } + + if (data->secure_the_memory) { + ret = data->secure_the_memory(sec_heap, sec_buf); + if (ret) + goto sec_memory_free; + } + return 0; + +sec_memory_free: + if (data->memory_free) + data->memory_free(sec_heap, sec_buf); + return ret; +} + +static void secure_heap_secure_memory_free(struct secure_heap *sec_heap, + struct secure_buffer *sec_buf) +{ + const struct secure_heap_prv_data *data = sec_heap->data; + + if (data->unsecure_the_memory) + data->unsecure_the_memory(sec_heap, sec_buf); + + if (data->memory_free) + data->memory_free(sec_heap, sec_buf); +} + static struct dma_buf * secure_heap_allocate(struct dma_heap *heap, unsigned long size, unsigned long fd_flags, unsigned long heap_flags) { + struct secure_heap *sec_heap = dma_heap_get_drvdata(heap); struct secure_buffer *sec_buf; DEFINE_DMA_BUF_EXPORT_INFO(exp_info); struct dma_buf *dmabuf; @@ -45,6 +96,9 @@ secure_heap_allocate(struct dma_heap *heap, unsigned long size, sec_buf->size = ALIGN(size, PAGE_SIZE); sec_buf->heap = heap; + ret = secure_heap_secure_memory_allocate(sec_heap, sec_buf); + if (ret) + goto err_free_buf; exp_info.exp_name = dma_heap_get_name(heap); exp_info.size = sec_buf->size; exp_info.flags = fd_flags; @@ -53,11 +107,13 @@ secure_heap_allocate(struct dma_heap *heap, unsigned long size, dmabuf = dma_buf_export(&exp_info); if (IS_ERR(dmabuf)) { ret = PTR_ERR(dmabuf); - goto err_free_buf; + goto err_free_sec_mem; } return dmabuf; +err_free_sec_mem: + secure_heap_secure_memory_free(sec_heap, sec_buf); err_free_buf: kfree(sec_buf); return ERR_PTR(ret); From patchwork Sat Nov 11 11:15:54 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?b?WW9uZyBXdSAo5ZC05YuHKQ==?= X-Patchwork-Id: 743229 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 50F16125B0; Sat, 11 Nov 2023 11:17:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=mediatek.com header.i=@mediatek.com header.b="GTzNDTYK" Received: from mailgw01.mediatek.com (unknown [60.244.123.138]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E69684784; Sat, 11 Nov 2023 03:17:01 -0800 (PST) X-UUID: d36690e6808311eea33bb35ae8d461a2-20231111 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=mediatek.com; s=dk; h=Content-Type:Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:CC:To:From; bh=roR8Vq3ha/ba4tX960IysHiPrj6jd3ZptOPgK0s/rp4=; b=GTzNDTYKhRWPyXeIfVZ00SyFJYVeDngGXk2UQl35JPSXie+ZcxUV70k380xGp+q0xvn5W0Y6Au3NyDRNBIeXweW1ZQX05CEmi+3ZfGWEQYUwhYeD4nsVg4h3pRCU9NF3CimidaU5+BwUJztyucU1Wx3GE8G6k1FMHNXW4gU3QMs=; X-CID-P-RULE: Release_Ham X-CID-O-INFO: VERSION:1.1.33, REQID:c0f4393c-1bd7-4d10-b3d4-b4e40bacf213, IP:0, U RL:0,TC:0,Content:-5,EDM:0,RT:0,SF:0,FILE:0,BULK:0,RULE:Release_Ham,ACTION :release,TS:-5 X-CID-META: VersionHash:364b77b, CLOUDID:ccf1f05f-c89d-4129-91cb-8ebfae4653fc, B ulkID:nil,BulkQuantity:0,Recheck:0,SF:102,TC:nil,Content:0,EDM:-3,IP:nil,U RL:0,File:nil,Bulk:nil,QS:nil,BEC:nil,COL:0,OSI:0,OSA:0,AV:0,LES:1,SPR:NO, DKR:0,DKP:0,BRR:0,BRE:0 X-CID-BVR: 0 X-CID-BAS: 0,_,0,_ X-CID-FACTOR: TF_CID_SPAM_SNR X-UUID: d36690e6808311eea33bb35ae8d461a2-20231111 Received: from mtkmbs13n2.mediatek.inc [(172.21.101.108)] by mailgw01.mediatek.com (envelope-from ) (Generic MTA with TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 256/256) with ESMTP id 1451347898; Sat, 11 Nov 2023 19:16:57 +0800 Received: from mtkmbs11n1.mediatek.inc (172.21.101.185) by mtkmbs11n2.mediatek.inc (172.21.101.187) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.26; Sat, 11 Nov 2023 19:16:55 +0800 Received: from mhfsdcap04.gcn.mediatek.inc (10.17.3.154) by mtkmbs11n1.mediatek.inc (172.21.101.73) with Microsoft SMTP Server id 15.2.1118.26 via Frontend Transport; Sat, 11 Nov 2023 19:16:54 +0800 From: Yong Wu To: Rob Herring , Sumit Semwal , , Matthias Brugger CC: Krzysztof Kozlowski , Conor Dooley , Benjamin Gaignard , Brian Starkey , John Stultz , , AngeloGioacchino Del Regno , Yong Wu , , , , , , , , , , Vijayanand Jitta , Joakim Bech , Jeffrey Kardatzke , Nicolas Dufresne , Subject: [PATCH v2 3/8] dma-buf: heaps: secure_heap: Initialize tee session Date: Sat, 11 Nov 2023 19:15:54 +0800 Message-ID: <20231111111559.8218-4-yong.wu@mediatek.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231111111559.8218-1-yong.wu@mediatek.com> References: <20231111111559.8218-1-yong.wu@mediatek.com> Precedence: bulk X-Mailing-List: linux-media@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MTK: N The TEE probe later than dma-buf heap, and PROBE_DEDER doesn't work here since this is not a platform driver, therefore initialize the TEE context/session while we allocate the first secure buffer. Add our special UUID and tee type in the private data. If the uuid is zero, it means that it doesn't enter TEE to protect the buffer, there may be other ways to protect the buffer. All the MTK chrome projects use this UUID. The UUID is only used in the kernelspace while userspace never use it. The userspace could allocate the secure memory via the existing dma-buf ioctl. Signed-off-by: Yong Wu --- drivers/dma-buf/heaps/secure_heap.c | 75 +++++++++++++++++++++++++++++ 1 file changed, 75 insertions(+) diff --git a/drivers/dma-buf/heaps/secure_heap.c b/drivers/dma-buf/heaps/secure_heap.c index 87ac23072e9e..2a037fc54004 100644 --- a/drivers/dma-buf/heaps/secure_heap.c +++ b/drivers/dma-buf/heaps/secure_heap.c @@ -10,6 +10,12 @@ #include #include #include +#include +#include + +#define TZ_TA_MEM_UUID_MTK "4477588a-8476-11e2-ad15-e41f1390d676" + +#define TEE_PARAM_NUM 4 enum secure_memory_type { /* @@ -27,6 +33,9 @@ struct secure_buffer { struct secure_heap; struct secure_heap_prv_data { + const char *uuid; + const int tee_impl_id; + int (*memory_alloc)(struct secure_heap *sec_heap, struct secure_buffer *sec_buf); void (*memory_free)(struct secure_heap *sec_heap, struct secure_buffer *sec_buf); @@ -39,9 +48,62 @@ struct secure_heap { const char *name; const enum secure_memory_type mem_type; + struct tee_context *tee_ctx; + u32 tee_session; + const struct secure_heap_prv_data *data; }; +static int tee_ctx_match(struct tee_ioctl_version_data *ver, const void *data) +{ + const struct secure_heap_prv_data *d = data; + + return ver->impl_id == d->tee_impl_id; +} + +static int secure_heap_tee_session_init(struct secure_heap *sec_heap) +{ + struct tee_param t_param[TEE_PARAM_NUM] = {0}; + struct tee_ioctl_open_session_arg arg = {0}; + const struct secure_heap_prv_data *data = sec_heap->data; + uuid_t ta_mem_uuid; + int ret; + + sec_heap->tee_ctx = tee_client_open_context(NULL, tee_ctx_match, data, NULL); + if (IS_ERR(sec_heap->tee_ctx)) { + pr_err_once("%s: open context failed, ret=%ld\n", sec_heap->name, + PTR_ERR(sec_heap->tee_ctx)); + return -ENODEV; + } + + arg.num_params = TEE_PARAM_NUM; + arg.clnt_login = TEE_IOCTL_LOGIN_PUBLIC; + ret = uuid_parse(data->uuid, &ta_mem_uuid); + if (ret) + goto close_context; + memcpy(&arg.uuid, &ta_mem_uuid.b, sizeof(ta_mem_uuid)); + + ret = tee_client_open_session(sec_heap->tee_ctx, &arg, t_param); + if (ret < 0 || arg.ret) { + pr_err_once("%s: open session failed, ret=%d:%d\n", + sec_heap->name, ret, arg.ret); + ret = -EINVAL; + goto close_context; + } + sec_heap->tee_session = arg.session; + return 0; + +close_context: + tee_client_close_context(sec_heap->tee_ctx); + return ret; +} + +/* The memory allocating is within the TEE. */ +const struct secure_heap_prv_data mtk_sec_mem_data = { + .uuid = TZ_TA_MEM_UUID_MTK, + .tee_impl_id = TEE_IMPL_ID_OPTEE, +}; + static int secure_heap_secure_memory_allocate(struct secure_heap *sec_heap, struct secure_buffer *sec_buf) { @@ -84,11 +146,23 @@ secure_heap_allocate(struct dma_heap *heap, unsigned long size, unsigned long fd_flags, unsigned long heap_flags) { struct secure_heap *sec_heap = dma_heap_get_drvdata(heap); + const struct secure_heap_prv_data *data = sec_heap->data; struct secure_buffer *sec_buf; DEFINE_DMA_BUF_EXPORT_INFO(exp_info); struct dma_buf *dmabuf; int ret; + /* + * If uuid is valid, It requires enter TEE to protect buffers. However + * TEE probe may be late. Initialize the secure session the first time + * we request the secure buffer. + */ + if (data->uuid && !sec_heap->tee_session) { + ret = secure_heap_tee_session_init(sec_heap); + if (ret) + return ERR_PTR(ret); + } + sec_buf = kzalloc(sizeof(*sec_buf), GFP_KERNEL); if (!sec_buf) return ERR_PTR(-ENOMEM); @@ -127,6 +201,7 @@ static struct secure_heap secure_heaps[] = { { .name = "secure_mtk_cm", .mem_type = SECURE_MEMORY_TYPE_MTK_CM_TZ, + .data = &mtk_sec_mem_data, }, }; From patchwork Sat Nov 11 11:15:55 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?b?WW9uZyBXdSAo5ZC05YuHKQ==?= X-Patchwork-Id: 743431 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 909F712B9E; Sat, 11 Nov 2023 11:17:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=mediatek.com header.i=@mediatek.com header.b="LXW7OYXS" Received: from mailgw02.mediatek.com (unknown [210.61.82.184]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AF49A46B1; Sat, 11 Nov 2023 03:17:15 -0800 (PST) X-UUID: dba1a6a6808311ee8051498923ad61e6-20231111 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=mediatek.com; s=dk; h=Content-Type:Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:CC:To:From; bh=5VceEHrWW4xF0qWAxq1lZVUm8zHVqfc1sG68VwumEXs=; b=LXW7OYXShHLR3/j3iX2WWRINwoN3rkQx/OXCkNP34l/r61vzXI+eCqSxOBqgwdSrdNMGABZXT9wBg+v5SQrX1gEgBFbmlqGP8rUEWw9ip4xPFebtwouAA4A3OvJjuXLCslxLT4FDOdiJ6jz80YgFf3f36nkFNRqgsPksefQ0P8E=; X-CID-P-RULE: Release_Ham X-CID-O-INFO: VERSION:1.1.33, REQID:a8444074-65ac-47e0-abae-b64387e65fe6, IP:0, U RL:0,TC:0,Content:0,EDM:0,RT:0,SF:0,FILE:0,BULK:0,RULE:Release_Ham,ACTION: release,TS:0 X-CID-META: VersionHash:364b77b, CLOUDID:e36669fc-4a48-46e2-b946-12f04f20af8c, B ulkID:nil,BulkQuantity:0,Recheck:0,SF:102,TC:nil,Content:0,EDM:-3,IP:nil,U RL:0,File:nil,Bulk:nil,QS:nil,BEC:nil,COL:0,OSI:0,OSA:0,AV:0,LES:1,SPR:NO, DKR:0,DKP:0,BRR:0,BRE:0 X-CID-BVR: 0 X-CID-BAS: 0,_,0,_ X-CID-FACTOR: TF_CID_SPAM_SNR X-UUID: dba1a6a6808311ee8051498923ad61e6-20231111 Received: from mtkmbs10n2.mediatek.inc [(172.21.101.183)] by mailgw02.mediatek.com (envelope-from ) (Generic MTA with TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 256/256) with ESMTP id 1409411873; Sat, 11 Nov 2023 19:17:10 +0800 Received: from mtkmbs11n1.mediatek.inc (172.21.101.185) by MTKMBS14N1.mediatek.inc (172.21.101.75) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.26; Sat, 11 Nov 2023 19:17:09 +0800 Received: from mhfsdcap04.gcn.mediatek.inc (10.17.3.154) by mtkmbs11n1.mediatek.inc (172.21.101.73) with Microsoft SMTP Server id 15.2.1118.26 via Frontend Transport; Sat, 11 Nov 2023 19:17:08 +0800 From: Yong Wu To: Rob Herring , Sumit Semwal , , Matthias Brugger CC: Krzysztof Kozlowski , Conor Dooley , Benjamin Gaignard , Brian Starkey , John Stultz , , AngeloGioacchino Del Regno , Yong Wu , , , , , , , , , , Vijayanand Jitta , Joakim Bech , Jeffrey Kardatzke , Nicolas Dufresne , Subject: [PATCH v2 4/8] dma-buf: heaps: secure_heap: Add tee memory service call Date: Sat, 11 Nov 2023 19:15:55 +0800 Message-ID: <20231111111559.8218-5-yong.wu@mediatek.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231111111559.8218-1-yong.wu@mediatek.com> References: <20231111111559.8218-1-yong.wu@mediatek.com> Precedence: bulk X-Mailing-List: linux-media@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-14.0.0.3152-9.1.1006-23728.005 X-TM-AS-Result: No-10--5.577000-8.000000 X-TMASE-MatchedRID: KsUleRp513GtGUuyWCB/Khes/RxhysDbKVrLOZD1BXT3bBqxmjinTZof RcYVW70wHe8TeWB2elHPSWjlIpmzz+sY/baZcXtauIwLnB3Aqp1MkOX0UoduuXFH8OB0gvDrXRA pulKqWOoxSr1crztQZqd+CRua4GWATO484ojiGzezI1v7J4hECrbs3LV+r2cPmyiLZetSf8mfop 0ytGwvXiq2rl3dzGQ1DBbGvtcMofzzJQ3QZM2AXdTUUwxNqpWapu5UIlqFDjxTG/UYQVOcoRH9P sM259V/QwymtxuJ6y0= X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--5.577000-8.000000 X-TMASE-Version: SMEX-14.0.0.3152-9.1.1006-23728.005 X-TM-SNTS-SMTP: 8F6BE4C4383201E0A49BA3C18587545943F4DDC800A1C38C7286CE5F1C651A4F2000:8 X-MTK: N Add TEE service call. In the case of MediaTek, secure memory management is located within the TEE. The kernel just needs to tell TEE what size it needs and the TEE will return a "security handle" to kernel. To be consistent with the cma heap later, we put the tee ops into the ops of secure_the_memory. It seems that secure_heap_tee_service_call could be a more general interface, but it could be a new topic. Signed-off-by: Yong Wu --- drivers/dma-buf/heaps/secure_heap.c | 97 +++++++++++++++++++++++++++++ 1 file changed, 97 insertions(+) diff --git a/drivers/dma-buf/heaps/secure_heap.c b/drivers/dma-buf/heaps/secure_heap.c index 2a037fc54004..05062c14e7c7 100644 --- a/drivers/dma-buf/heaps/secure_heap.c +++ b/drivers/dma-buf/heaps/secure_heap.c @@ -17,6 +17,27 @@ #define TEE_PARAM_NUM 4 +enum secure_buffer_tee_cmd { /* PARAM NUM always is 4. */ + /* + * TZCMD_SECMEM_ZALLOC: Allocate the zeroed secure memory from TEE. + * + * [in] value[0].a: The buffer size. + * value[0].b: alignment. + * [in] value[1].a: enum secure_memory_type. + * [out] value[3].a: The secure handle. + */ + TZCMD_SECMEM_ZALLOC = 0, + + /* + * TZCMD_SECMEM_FREE: Free secure memory. + * + * [in] value[0].a: The secure handle of this buffer, It's value[3].a of + * TZCMD_SECMEM_ZALLOC. + * [out] value[1].a: return value, 0 means successful, otherwise fail. + */ + TZCMD_SECMEM_FREE = 1, +}; + enum secure_memory_type { /* * MediaTek static chunk memory carved out for TrustZone. The memory @@ -28,13 +49,25 @@ enum secure_memory_type { struct secure_buffer { struct dma_heap *heap; size_t size; + /* + * The secure handle is a reference to a buffer within the TEE, this is + * a value got from TEE. + */ + u32 sec_handle; }; +#define TEE_MEM_COMMAND_ID_BASE_MTK 0x10000 + struct secure_heap; struct secure_heap_prv_data { const char *uuid; const int tee_impl_id; + /* + * Different TEEs may implement different commands, and this provides an opportunity + * for TEEs to use the same enum secure_buffer_tee_cmd. + */ + const int tee_command_id_base; int (*memory_alloc)(struct secure_heap *sec_heap, struct secure_buffer *sec_buf); void (*memory_free)(struct secure_heap *sec_heap, struct secure_buffer *sec_buf); @@ -98,10 +131,74 @@ static int secure_heap_tee_session_init(struct secure_heap *sec_heap) return ret; } +static int +secure_heap_tee_service_call(struct tee_context *tee_ctx, u32 session, + unsigned int command, struct tee_param *params) +{ + struct tee_ioctl_invoke_arg arg = {0}; + int ret; + + arg.num_params = TEE_PARAM_NUM; + arg.session = session; + arg.func = command; + + ret = tee_client_invoke_func(tee_ctx, &arg, params); + if (ret < 0 || arg.ret) { + pr_err("%s: cmd %d ret %d:%x.\n", __func__, command, ret, arg.ret); + ret = -EOPNOTSUPP; + } + return ret; +} + +static int secure_heap_tee_secure_memory(struct secure_heap *sec_heap, + struct secure_buffer *sec_buf) +{ + const struct secure_heap_prv_data *data = sec_heap->data; + struct tee_param params[TEE_PARAM_NUM] = {0}; + int ret; + + params[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; + params[0].u.value.a = sec_buf->size; + params[0].u.value.b = PAGE_SIZE; + params[1].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; + params[1].u.value.a = sec_heap->mem_type; + params[2].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; + + params[3].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_OUTPUT; + ret = secure_heap_tee_service_call(sec_heap->tee_ctx, sec_heap->tee_session, + data->tee_command_id_base + TZCMD_SECMEM_ZALLOC, + params); + if (ret) + return -ENOMEM; + + sec_buf->sec_handle = params[3].u.value.a; + return 0; +} + +static void secure_heap_tee_unsecure_memory(struct secure_heap *sec_heap, + struct secure_buffer *sec_buf) +{ + struct tee_param params[TEE_PARAM_NUM] = {0}; + + params[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; + params[0].u.value.a = sec_buf->sec_handle; + params[1].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_OUTPUT; + + secure_heap_tee_service_call(sec_heap->tee_ctx, sec_heap->tee_session, + sec_heap->data->tee_command_id_base + TZCMD_SECMEM_FREE, + params); + if (params[1].u.value.a) + pr_err("%s, free buffer(0x%x) return fail(%lld) from TEE.\n", + sec_heap->name, sec_buf->sec_handle, params[1].u.value.a); +} + /* The memory allocating is within the TEE. */ const struct secure_heap_prv_data mtk_sec_mem_data = { .uuid = TZ_TA_MEM_UUID_MTK, .tee_impl_id = TEE_IMPL_ID_OPTEE, + .tee_command_id_base = TEE_MEM_COMMAND_ID_BASE_MTK, + .secure_the_memory = secure_heap_tee_secure_memory, + .unsecure_the_memory = secure_heap_tee_unsecure_memory, }; static int secure_heap_secure_memory_allocate(struct secure_heap *sec_heap, From patchwork Sat Nov 11 11:15:56 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?b?WW9uZyBXdSAo5ZC05YuHKQ==?= X-Patchwork-Id: 743228 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4428511706; Sat, 11 Nov 2023 11:17:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=mediatek.com header.i=@mediatek.com header.b="XUuyYYiY" Received: from mailgw02.mediatek.com (unknown [210.61.82.184]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A7EFA3AA8; Sat, 11 Nov 2023 03:17:30 -0800 (PST) X-UUID: e4737822808311ee8051498923ad61e6-20231111 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=mediatek.com; s=dk; h=Content-Type:Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:CC:To:From; bh=X8JOOUTp0NTHKO7GSOSzEB0gVa+VyTzE5X5bnBxrEY8=; b=XUuyYYiYt5xMcUzBEJBnVk2Wda+9Ihp7ekvPPrNZJ9bSysdas5EGtMwCOgp/HdlEPeqym4FggrmL9nFZZPWfGFieQ5+y2NvBtAwed5vJl6lWaTwg1AWccpLsmXrYdcqZ07yxuDqcaOTkpP/eg5s0gfA37P9SbuwrJQPxgi2tWU4=; X-CID-P-RULE: Release_Ham X-CID-O-INFO: VERSION:1.1.33, REQID:44f3e6ea-67db-49ba-b801-0f42751aafc0, IP:0, U RL:0,TC:0,Content:-25,EDM:0,RT:0,SF:0,FILE:0,BULK:0,RULE:Release_Ham,ACTIO N:release,TS:-25 X-CID-META: VersionHash:364b77b, CLOUDID:1c6769fc-4a48-46e2-b946-12f04f20af8c, B ulkID:nil,BulkQuantity:0,Recheck:0,SF:102,TC:nil,Content:0,EDM:-3,IP:nil,U RL:0,File:nil,Bulk:nil,QS:nil,BEC:nil,COL:0,OSI:0,OSA:0,AV:0,LES:1,SPR:NO, DKR:0,DKP:0,BRR:0,BRE:0 X-CID-BVR: 0 X-CID-BAS: 0,_,0,_ X-CID-FACTOR: TF_CID_SPAM_SNR X-UUID: e4737822808311ee8051498923ad61e6-20231111 Received: from mtkmbs11n1.mediatek.inc [(172.21.101.185)] by mailgw02.mediatek.com (envelope-from ) (Generic MTA with TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 256/256) with ESMTP id 1633324757; Sat, 11 Nov 2023 19:17:25 +0800 Received: from mtkmbs11n1.mediatek.inc (172.21.101.185) by mtkmbs11n2.mediatek.inc (172.21.101.187) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.26; Sat, 11 Nov 2023 19:17:24 +0800 Received: from mhfsdcap04.gcn.mediatek.inc (10.17.3.154) by mtkmbs11n1.mediatek.inc (172.21.101.73) with Microsoft SMTP Server id 15.2.1118.26 via Frontend Transport; Sat, 11 Nov 2023 19:17:23 +0800 From: Yong Wu To: Rob Herring , Sumit Semwal , , Matthias Brugger CC: Krzysztof Kozlowski , Conor Dooley , Benjamin Gaignard , Brian Starkey , John Stultz , , AngeloGioacchino Del Regno , Yong Wu , , , , , , , , , , Vijayanand Jitta , Joakim Bech , Jeffrey Kardatzke , Nicolas Dufresne , Subject: [PATCH v2 5/8] dma-buf: heaps: secure_heap: Add dma_ops Date: Sat, 11 Nov 2023 19:15:56 +0800 Message-ID: <20231111111559.8218-6-yong.wu@mediatek.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231111111559.8218-1-yong.wu@mediatek.com> References: <20231111111559.8218-1-yong.wu@mediatek.com> Precedence: bulk X-Mailing-List: linux-media@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MTK: N Add the dma_ops for this secure heap. a) For secure buffer, cache_ops/mmap are not allowed, thus return EPERM for them. b) The secure buffer can't be accessed in kernel, thus it doesn't have va/dma_address for it. Use the dma_address property to save the "secure handle". Signed-off-by: Yong Wu --- drivers/dma-buf/heaps/secure_heap.c | 120 ++++++++++++++++++++++++++++ 1 file changed, 120 insertions(+) diff --git a/drivers/dma-buf/heaps/secure_heap.c b/drivers/dma-buf/heaps/secure_heap.c index 05062c14e7c7..25cc95442c56 100644 --- a/drivers/dma-buf/heaps/secure_heap.c +++ b/drivers/dma-buf/heaps/secure_heap.c @@ -9,6 +9,7 @@ #include #include #include +#include #include #include #include @@ -87,6 +88,10 @@ struct secure_heap { const struct secure_heap_prv_data *data; }; +struct secure_heap_attachment { + struct sg_table *table; +}; + static int tee_ctx_match(struct tee_ioctl_version_data *ver, const void *data) { const struct secure_heap_prv_data *d = data; @@ -238,6 +243,120 @@ static void secure_heap_secure_memory_free(struct secure_heap *sec_heap, data->memory_free(sec_heap, sec_buf); } +static int secure_heap_attach(struct dma_buf *dmabuf, struct dma_buf_attachment *attachment) +{ + struct secure_buffer *sec_buf = dmabuf->priv; + struct secure_heap_attachment *a; + struct sg_table *table; + int ret; + + a = kzalloc(sizeof(*a), GFP_KERNEL); + if (!a) + return -ENOMEM; + + table = kzalloc(sizeof(*table), GFP_KERNEL); + if (!table) { + ret = -ENOMEM; + goto err_free_attach; + } + + ret = sg_alloc_table(table, 1, GFP_KERNEL); + if (ret) + goto err_free_sgt; + sg_set_page(table->sgl, 0, sec_buf->size, 0); + + a->table = table; + attachment->priv = a; + + return 0; + +err_free_sgt: + kfree(table); +err_free_attach: + kfree(a); + return ret; +} + +static void secure_heap_detach(struct dma_buf *dmabuf, struct dma_buf_attachment *attachment) +{ + struct secure_heap_attachment *a = attachment->priv; + + sg_free_table(a->table); + kfree(a->table); + kfree(a); +} + +static struct sg_table * +secure_heap_map_dma_buf(struct dma_buf_attachment *attachment, enum dma_data_direction direction) +{ + struct secure_heap_attachment *a = attachment->priv; + struct dma_buf *dmabuf = attachment->dmabuf; + struct secure_buffer *sec_buf = dmabuf->priv; + struct sg_table *table = a->table; + + /* + * Technically dma_address refers to the address used by HW, But for secure buffer + * we don't know its dma_address in kernel, Instead, we only know its "secure handle". + * Thus use this property to save the "secure handle", and the user will use it to + * obtain the real address in secure world. + * + * Note: CONFIG_DMA_API_DEBUG requires it to be aligned with PAGE_SIZE. + */ + if (sec_buf->sec_handle) { + sg_dma_address(table->sgl) = sec_buf->sec_handle; + sg_dma_len(table->sgl) = sec_buf->size; + } + return table; +} + +static void +secure_heap_unmap_dma_buf(struct dma_buf_attachment *attachment, struct sg_table *table, + enum dma_data_direction direction) +{ + struct secure_heap_attachment *a = attachment->priv; + + WARN_ON(a->table != table); + sg_dma_address(table->sgl) = 0; + sg_dma_len(table->sgl) = 0; +} + +static int +secure_heap_dma_buf_begin_cpu_access(struct dma_buf *dmabuf, enum dma_data_direction direction) +{ + return -EPERM; +} + +static int +secure_heap_dma_buf_end_cpu_access(struct dma_buf *dmabuf, enum dma_data_direction direction) +{ + return -EPERM; +} + +static int secure_heap_dma_buf_mmap(struct dma_buf *dmabuf, struct vm_area_struct *vma) +{ + return -EPERM; +} + +static void secure_heap_free(struct dma_buf *dmabuf) +{ + struct secure_buffer *sec_buf = dmabuf->priv; + struct secure_heap *sec_heap = dma_heap_get_drvdata(sec_buf->heap); + + secure_heap_secure_memory_free(sec_heap, sec_buf); + kfree(sec_buf); +} + +static const struct dma_buf_ops sec_heap_buf_ops = { + .attach = secure_heap_attach, + .detach = secure_heap_detach, + .map_dma_buf = secure_heap_map_dma_buf, + .unmap_dma_buf = secure_heap_unmap_dma_buf, + .begin_cpu_access = secure_heap_dma_buf_begin_cpu_access, + .end_cpu_access = secure_heap_dma_buf_end_cpu_access, + .mmap = secure_heap_dma_buf_mmap, + .release = secure_heap_free, +}; + static struct dma_buf * secure_heap_allocate(struct dma_heap *heap, unsigned long size, unsigned long fd_flags, unsigned long heap_flags) @@ -271,6 +390,7 @@ secure_heap_allocate(struct dma_heap *heap, unsigned long size, if (ret) goto err_free_buf; exp_info.exp_name = dma_heap_get_name(heap); + exp_info.ops = &sec_heap_buf_ops; exp_info.size = sec_buf->size; exp_info.flags = fd_flags; exp_info.priv = sec_buf; From patchwork Sat Nov 11 11:15:57 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?b?WW9uZyBXdSAo5ZC05YuHKQ==?= X-Patchwork-Id: 743430 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8B01612B9B; Sat, 11 Nov 2023 11:17:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=mediatek.com header.i=@mediatek.com header.b="M3Pyx07E" Received: from mailgw01.mediatek.com (unknown [60.244.123.138]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 1D385469A; Sat, 11 Nov 2023 03:17:45 -0800 (PST) X-UUID: ed1ba80a808311eea33bb35ae8d461a2-20231111 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=mediatek.com; s=dk; h=Content-Type:Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:CC:To:From; bh=h0jwM9zWwa5D3l5JQgrd0AZPHaBGPLCLDPqIefNNn9w=; b=M3Pyx07EbPyVhoaPt7nZ/FX16J/WlhF9ReDp2DytfLanRl1hkcg6DJdyygoeHF2cbwXDCfRX82H8qu2ioElOiHgeLvmHJGj2MW1aJeNBT/qKTxMah3Qdlug+Tmq7Xql32hK/AcLwgauDx1jtXqluSjT8HK/5nO3HQAQUqaFm+do=; X-CID-P-RULE: Release_Ham X-CID-O-INFO: VERSION:1.1.33, REQID:eeace6ff-da5e-403e-a8d4-6413bef47f5d, IP:0, U RL:25,TC:0,Content:0,EDM:0,RT:0,SF:0,FILE:0,BULK:0,RULE:Release_Ham,ACTION :release,TS:25 X-CID-META: VersionHash:364b77b, CLOUDID:7ff2f05f-c89d-4129-91cb-8ebfae4653fc, B ulkID:nil,BulkQuantity:0,Recheck:0,SF:102,TC:nil,Content:1,EDM:-3,IP:nil,U RL:11|1,File:nil,Bulk:nil,QS:nil,BEC:nil,COL:0,OSI:0,OSA:0,AV:0,LES:1,SPR: NO,DKR:0,DKP:0,BRR:0,BRE:0 X-CID-BVR: 0 X-CID-BAS: 0,_,0,_ X-CID-FACTOR: TF_CID_SPAM_SNR,TF_CID_SPAM_ULN X-UUID: ed1ba80a808311eea33bb35ae8d461a2-20231111 Received: from mtkmbs13n2.mediatek.inc [(172.21.101.108)] by mailgw01.mediatek.com (envelope-from ) (Generic MTA with TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 256/256) with ESMTP id 769761032; Sat, 11 Nov 2023 19:17:40 +0800 Received: from mtkmbs11n1.mediatek.inc (172.21.101.185) by MTKMBS14N1.mediatek.inc (172.21.101.75) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.26; Sat, 11 Nov 2023 19:17:37 +0800 Received: from mhfsdcap04.gcn.mediatek.inc (10.17.3.154) by mtkmbs11n1.mediatek.inc (172.21.101.73) with Microsoft SMTP Server id 15.2.1118.26 via Frontend Transport; Sat, 11 Nov 2023 19:17:36 +0800 From: Yong Wu To: Rob Herring , Sumit Semwal , , Matthias Brugger CC: Krzysztof Kozlowski , Conor Dooley , Benjamin Gaignard , Brian Starkey , John Stultz , , AngeloGioacchino Del Regno , Yong Wu , , , , , , , , , , Vijayanand Jitta , Joakim Bech , Jeffrey Kardatzke , Nicolas Dufresne , Subject: [PATCH v2 6/8] dt-bindings: reserved-memory: Add secure CMA reserved memory range Date: Sat, 11 Nov 2023 19:15:57 +0800 Message-ID: <20231111111559.8218-7-yong.wu@mediatek.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231111111559.8218-1-yong.wu@mediatek.com> References: <20231111111559.8218-1-yong.wu@mediatek.com> Precedence: bulk X-Mailing-List: linux-media@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-14.0.0.3152-9.1.1006-23728.005 X-TM-AS-Result: No-10--3.888000-8.000000 X-TMASE-MatchedRID: y64C6oV0e4cXSulpnju2H8LPXKYZysJRecvjbu/xDjpMOjKUxCZwrxVq ALLbOC6VBRj5e39v/eGsMR/ATxTHjSWvhQBtQUwTyeVujmXuYYX+yhO1yCoLfDP3WYNhkszluHQ 5SWRKq/0I49goOhQ2+ItfNuTBizUEQF24kZp9Ww+eAiCmPx4NwGmRqNBHmBvejvEeq6gAkYbfaY 87m2dqx9934/rDAK3zCaXr04pRMJA1yGL4+nAmxJD/HwNezREOO8fzLmP53G+oHvd3pfFwUF+/A KUOIHlXyFVWUnr9FwsfFdcY8tD7GQ6w2+Ixe72XP1JC+7l10KltUY6LqdlQnFr3vnlc+D6eVZOb rZkNVZRlRd/nfa56MV7IEEqsePYG X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--3.888000-8.000000 X-TMASE-Version: SMEX-14.0.0.3152-9.1.1006-23728.005 X-TM-SNTS-SMTP: C04951FF99BF27E30025E22F729504596E746D2DEA39644EF37717C76995E8582000:8 X-MTK: N Add a binding for describing the secure CMA reserved memory range. The memory range also will be defined in the TEE firmware. It means the TEE will be configured with the same address/size that is being set in this DT node. Signed-off-by: Yong Wu --- .../reserved-memory/secure_cma_region.yaml | 44 +++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100644 Documentation/devicetree/bindings/reserved-memory/secure_cma_region.yaml diff --git a/Documentation/devicetree/bindings/reserved-memory/secure_cma_region.yaml b/Documentation/devicetree/bindings/reserved-memory/secure_cma_region.yaml new file mode 100644 index 000000000000..8ab559595fbe --- /dev/null +++ b/Documentation/devicetree/bindings/reserved-memory/secure_cma_region.yaml @@ -0,0 +1,44 @@ +# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause) +%YAML 1.2 +--- +$id: http://devicetree.org/schemas/reserved-memory/secure_cma_region.yaml# +$schema: http://devicetree.org/meta-schemas/core.yaml# + +title: Secure Reserved CMA Region + +description: + This binding describes a CMA region that can dynamically transition +between secure and non-secure states that a TEE can allocate memory +from. + +maintainers: + - Yong Wu + +allOf: + - $ref: reserved-memory.yaml + +properties: + compatible: + const: secure_cma_region + +required: + - compatible + - reg + - reusable + +unevaluatedProperties: false + +examples: + - | + + reserved-memory { + #address-cells = <1>; + #size-cells = <1>; + ranges; + + reserved-memory@80000000 { + compatible = "secure_cma_region"; + reusable; + reg = <0x80000000 0x18000000>; + }; + }; From patchwork Sat Nov 11 11:15:58 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?b?WW9uZyBXdSAo5ZC05YuHKQ==?= X-Patchwork-Id: 743227 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C81F7134A7; Sat, 11 Nov 2023 11:18:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=mediatek.com header.i=@mediatek.com header.b="WfnvWHTN" Received: from mailgw02.mediatek.com (unknown [210.61.82.184]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A405C4781; Sat, 11 Nov 2023 03:17:54 -0800 (PST) X-UUID: f30d6d48808311ee8051498923ad61e6-20231111 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=mediatek.com; s=dk; h=Content-Type:Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:CC:To:From; bh=Gy+M2bUMx+CYFsdXG/I6G6ZzW4z/qv5O5Hu3jt5CWYo=; b=WfnvWHTN2aurvacg/7XEX6uvVC+RGTiN4mmoR87heZXvASEEJPNfp25bWlmGd7fFZwp5Arac/vWAzLqpYzbacOS0nUaaudgQpQ4nStYVNIXhY6dwE+ZARbSpPFcZy3KUpMxNamHEWs7bdObG/AYUVoX7GjVg5x4DVVIlx76ecrE=; X-CID-P-RULE: Release_Ham X-CID-O-INFO: VERSION:1.1.33, REQID:6176c338-03f7-488b-8ac7-e16a80234da0, IP:0, U RL:0,TC:0,Content:0,EDM:0,RT:0,SF:0,FILE:0,BULK:0,RULE:Release_Ham,ACTION: release,TS:0 X-CID-META: VersionHash:364b77b, CLOUDID:12838872-1bd3-4f48-b671-ada88705968c, B ulkID:nil,BulkQuantity:0,Recheck:0,SF:102,TC:nil,Content:0,EDM:-3,IP:nil,U RL:11|1,File:nil,Bulk:nil,QS:nil,BEC:nil,COL:0,OSI:0,OSA:0,AV:0,LES:1,SPR: NO,DKR:0,DKP:0,BRR:0,BRE:0 X-CID-BVR: 0 X-CID-BAS: 0,_,0,_ X-CID-FACTOR: TF_CID_SPAM_SNR,TF_CID_SPAM_ULN X-UUID: f30d6d48808311ee8051498923ad61e6-20231111 Received: from mtkmbs13n2.mediatek.inc [(172.21.101.108)] by mailgw02.mediatek.com (envelope-from ) (Generic MTA with TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 256/256) with ESMTP id 1772081158; Sat, 11 Nov 2023 19:17:50 +0800 Received: from mtkmbs11n1.mediatek.inc (172.21.101.185) by mtkmbs11n1.mediatek.inc (172.21.101.185) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.26; Sat, 11 Nov 2023 19:17:49 +0800 Received: from mhfsdcap04.gcn.mediatek.inc (10.17.3.154) by mtkmbs11n1.mediatek.inc (172.21.101.73) with Microsoft SMTP Server id 15.2.1118.26 via Frontend Transport; Sat, 11 Nov 2023 19:17:47 +0800 From: Yong Wu To: Rob Herring , Sumit Semwal , , Matthias Brugger CC: Krzysztof Kozlowski , Conor Dooley , Benjamin Gaignard , Brian Starkey , John Stultz , , AngeloGioacchino Del Regno , Yong Wu , , , , , , , , , , Vijayanand Jitta , Joakim Bech , Jeffrey Kardatzke , Nicolas Dufresne , Subject: [PATCH v2 7/8] dma_buf: heaps: secure_heap: Add a new MediaTek CMA heap Date: Sat, 11 Nov 2023 19:15:58 +0800 Message-ID: <20231111111559.8218-8-yong.wu@mediatek.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231111111559.8218-1-yong.wu@mediatek.com> References: <20231111111559.8218-1-yong.wu@mediatek.com> Precedence: bulk X-Mailing-List: linux-media@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MTK: N Create a new MediaTek CMA heap from the CMA reserved buffer. In this heap, When the first allocating buffer, use cma_alloc to prepare whole the CMA range, then send its range to TEE to protect and manage. For the later allocating, we just adds the cma_used_size_mtk. This CMA flow may be different with the normal CMA heap of next patch. So I named the variable with _mtk suffix like cma_page_mtk/ cma_used_size_mtk. This is also to distinguish it from the cma_page of the buffer structure in the next patch. When SVP done, cma_release will release the buffer, then kernel may reuse it. Meanwhile, this patch adds a "heap_init" pointer, while allows some heap initialization operations. This case also checks if the CMA range is ready. Signed-off-by: Yong Wu --- drivers/dma-buf/heaps/secure_heap.c | 124 +++++++++++++++++++++++++++- 1 file changed, 122 insertions(+), 2 deletions(-) diff --git a/drivers/dma-buf/heaps/secure_heap.c b/drivers/dma-buf/heaps/secure_heap.c index 25cc95442c56..f8b84fd16288 100644 --- a/drivers/dma-buf/heaps/secure_heap.c +++ b/drivers/dma-buf/heaps/secure_heap.c @@ -4,11 +4,12 @@ * * Copyright (C) 2023 MediaTek Inc. */ - +#include #include #include #include #include +#include #include #include #include @@ -25,6 +26,8 @@ enum secure_buffer_tee_cmd { /* PARAM NUM always is 4. */ * [in] value[0].a: The buffer size. * value[0].b: alignment. * [in] value[1].a: enum secure_memory_type. + * [in] value[2].a: pa base in cma case. + * value[2].b: The buffer size in cma case. * [out] value[3].a: The secure handle. */ TZCMD_SECMEM_ZALLOC = 0, @@ -45,6 +48,13 @@ enum secure_memory_type { * management is inside the TEE. */ SECURE_MEMORY_TYPE_MTK_CM_TZ = 1, + /* + * MediaTek dynamic chunk memory carved out from CMA. + * In normal case, the CMA could be used in kernel; When SVP start, we will + * allocate whole this CMA and pass whole the CMA PA and size into TEE to + * protect it, then the detail memory management also is inside the TEE. + */ + SECURE_MEMORY_TYPE_MTK_CM_CMA = 2, }; struct secure_buffer { @@ -70,6 +80,7 @@ struct secure_heap_prv_data { */ const int tee_command_id_base; + int (*heap_init)(struct secure_heap *sec_heap); int (*memory_alloc)(struct secure_heap *sec_heap, struct secure_buffer *sec_buf); void (*memory_free)(struct secure_heap *sec_heap, struct secure_buffer *sec_buf); @@ -86,6 +97,13 @@ struct secure_heap { u32 tee_session; const struct secure_heap_prv_data *data; + + struct cma *cma; + struct page *cma_page_mtk; + unsigned long cma_paddr; + unsigned long cma_size; + unsigned long cma_used_size_mtk; + struct mutex lock; /* lock for cma_used_size_mtk */ }; struct secure_heap_attachment { @@ -168,7 +186,10 @@ static int secure_heap_tee_secure_memory(struct secure_heap *sec_heap, params[1].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; params[1].u.value.a = sec_heap->mem_type; params[2].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; - + if (sec_heap->cma && sec_heap->mem_type == SECURE_MEMORY_TYPE_MTK_CM_CMA) { + params[2].u.value.a = sec_heap->cma_paddr; + params[2].u.value.b = sec_heap->cma_size; + } params[3].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_OUTPUT; ret = secure_heap_tee_service_call(sec_heap->tee_ctx, sec_heap->tee_session, data->tee_command_id_base + TZCMD_SECMEM_ZALLOC, @@ -197,6 +218,66 @@ static void secure_heap_tee_unsecure_memory(struct secure_heap *sec_heap, sec_heap->name, sec_buf->sec_handle, params[1].u.value.a); } +static int mtk_secure_memory_cma_allocate(struct secure_heap *sec_heap, + struct secure_buffer *sec_buf) +{ + /* + * Allocate CMA only when allocating buffer for the first time, and just + * increase cma_used_size_mtk at the other time. + */ + mutex_lock(&sec_heap->lock); + if (sec_heap->cma_used_size_mtk) + goto add_size; + + mutex_unlock(&sec_heap->lock); + sec_heap->cma_page_mtk = cma_alloc(sec_heap->cma, sec_heap->cma_size >> PAGE_SHIFT, + get_order(PAGE_SIZE), false); + if (!sec_heap->cma_page_mtk) + return -ENOMEM; + + mutex_lock(&sec_heap->lock); +add_size: + sec_heap->cma_used_size_mtk += sec_buf->size; + mutex_unlock(&sec_heap->lock); + + return 0; +} + +static void mtk_secure_memory_cma_free(struct secure_heap *sec_heap, + struct secure_buffer *sec_buf) +{ + bool cma_is_empty; + + mutex_lock(&sec_heap->lock); + sec_heap->cma_used_size_mtk -= sec_buf->size; + cma_is_empty = !sec_heap->cma_used_size_mtk; + mutex_unlock(&sec_heap->lock); + + if (cma_is_empty) + cma_release(sec_heap->cma, sec_heap->cma_page_mtk, + sec_heap->cma_size >> PAGE_SHIFT); +} + +static int mtk_secure_heap_cma_init(struct secure_heap *sec_heap) +{ + if (!sec_heap->cma) + return -EINVAL; + mutex_init(&sec_heap->lock); + return 0; +} + +/* Use CMA to prepare the buffer and the memory allocating is within the TEE. */ +const struct secure_heap_prv_data mtk_sec_mem_data_cma = { + .uuid = TZ_TA_MEM_UUID_MTK, + .tee_impl_id = TEE_IMPL_ID_OPTEE, + .tee_command_id_base = TEE_MEM_COMMAND_ID_BASE_MTK, + .heap_init = mtk_secure_heap_cma_init, + .memory_alloc = mtk_secure_memory_cma_allocate, + .memory_free = mtk_secure_memory_cma_free, + .secure_the_memory = secure_heap_tee_secure_memory, + .unsecure_the_memory = secure_heap_tee_unsecure_memory, +}; + /* The memory allocating is within the TEE. */ const struct secure_heap_prv_data mtk_sec_mem_data = { .uuid = TZ_TA_MEM_UUID_MTK, @@ -420,20 +501,59 @@ static struct secure_heap secure_heaps[] = { .mem_type = SECURE_MEMORY_TYPE_MTK_CM_TZ, .data = &mtk_sec_mem_data, }, + { + .name = "secure_mtk_cma", + .mem_type = SECURE_MEMORY_TYPE_MTK_CM_CMA, + .data = &mtk_sec_mem_data_cma, + }, }; +static int __init secure_cma_init(struct reserved_mem *rmem) +{ + struct secure_heap *sec_heap = secure_heaps; + struct cma *sec_cma; + int ret, i; + + ret = cma_init_reserved_mem(rmem->base, rmem->size, 0, rmem->name, + &sec_cma); + if (ret) { + pr_err("%s: %s set up CMA fail\n", __func__, rmem->name); + return ret; + } + + for (i = 0; i < ARRAY_SIZE(secure_heaps); i++, sec_heap++) { + if (sec_heap->mem_type != SECURE_MEMORY_TYPE_MTK_CM_CMA) + continue; + + sec_heap->cma = sec_cma; + sec_heap->cma_paddr = rmem->base; + sec_heap->cma_size = rmem->size; + } + return 0; +} + +RESERVEDMEM_OF_DECLARE(secure_cma, "secure_cma_region", secure_cma_init); + static int secure_heap_init(void) { struct secure_heap *sec_heap = secure_heaps; struct dma_heap_export_info exp_info; struct dma_heap *heap; unsigned int i; + int ret; for (i = 0; i < ARRAY_SIZE(secure_heaps); i++, sec_heap++) { exp_info.name = sec_heap->name; exp_info.ops = &sec_heap_ops; exp_info.priv = (void *)sec_heap; + if (sec_heap->data && sec_heap->data->heap_init) { + ret = sec_heap->data->heap_init(sec_heap); + if (ret) { + pr_err("sec_heap %s init fail %d.\n", sec_heap->name, ret); + continue; + } + } heap = dma_heap_add(&exp_info); if (IS_ERR(heap)) return PTR_ERR(heap); From patchwork Sat Nov 11 11:15:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?b?WW9uZyBXdSAo5ZC05YuHKQ==?= X-Patchwork-Id: 743429 Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6C010134CE; Sat, 11 Nov 2023 11:18:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=mediatek.com header.i=@mediatek.com header.b="g0D6tp7h" Received: from mailgw02.mediatek.com (unknown [210.61.82.184]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D402446B3; Sat, 11 Nov 2023 03:18:09 -0800 (PST) X-UUID: fadfc61a808311ee8051498923ad61e6-20231111 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=mediatek.com; s=dk; h=Content-Type:Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-ID:Date:Subject:CC:To:From; bh=PTkJwhlG295J7Fq7DBG9f0P0y9BIpK10DHJxLIVe19g=; b=g0D6tp7hVsbc7lPPx2KqtJoCZpLVTtmSCZk1Pmvnw7riV943Zn8C5G9rv4nIT2Dl28iH4vQhTMxZ+W3Jck88BlyMmYMPqKrE92Dwb+aPBxeGP0OnTBN3oT3v7IRS1+RM2T+VwBTVHkaIfX20fUObAzyfiwuoX/IcNhplQfjKmSc=; X-CID-P-RULE: Release_Ham X-CID-O-INFO: VERSION:1.1.33, REQID:5c67a7ac-e03b-4394-9eb9-398b44ce7acd, IP:0, U RL:0,TC:0,Content:0,EDM:0,RT:0,SF:0,FILE:0,BULK:0,RULE:Release_Ham,ACTION: release,TS:0 X-CID-META: VersionHash:364b77b, CLOUDID:79184695-10ce-4e4b-85c2-c9b5229ff92b, B ulkID:nil,BulkQuantity:0,Recheck:0,SF:102,TC:nil,Content:0,EDM:-3,IP:nil,U RL:0,File:nil,Bulk:nil,QS:nil,BEC:nil,COL:0,OSI:0,OSA:0,AV:0,LES:1,SPR:NO, DKR:0,DKP:0,BRR:0,BRE:0 X-CID-BVR: 0 X-CID-BAS: 0,_,0,_ X-CID-FACTOR: TF_CID_SPAM_SNR X-UUID: fadfc61a808311ee8051498923ad61e6-20231111 Received: from mtkmbs13n1.mediatek.inc [(172.21.101.193)] by mailgw02.mediatek.com (envelope-from ) (Generic MTA with TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 256/256) with ESMTP id 339753797; Sat, 11 Nov 2023 19:18:03 +0800 Received: from mtkmbs11n1.mediatek.inc (172.21.101.185) by MTKMBS14N1.mediatek.inc (172.21.101.75) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.26; Sat, 11 Nov 2023 19:18:01 +0800 Received: from mhfsdcap04.gcn.mediatek.inc (10.17.3.154) by mtkmbs11n1.mediatek.inc (172.21.101.73) with Microsoft SMTP Server id 15.2.1118.26 via Frontend Transport; Sat, 11 Nov 2023 19:18:00 +0800 From: Yong Wu To: Rob Herring , Sumit Semwal , , Matthias Brugger CC: Krzysztof Kozlowski , Conor Dooley , Benjamin Gaignard , Brian Starkey , John Stultz , , AngeloGioacchino Del Regno , Yong Wu , , , , , , , , , , Vijayanand Jitta , Joakim Bech , Jeffrey Kardatzke , Nicolas Dufresne , Subject: [PATCH v2 8/8] dma-buf: heaps: secure_heap: Add normal CMA heap Date: Sat, 11 Nov 2023 19:15:59 +0800 Message-ID: <20231111111559.8218-9-yong.wu@mediatek.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20231111111559.8218-1-yong.wu@mediatek.com> References: <20231111111559.8218-1-yong.wu@mediatek.com> Precedence: bulk X-Mailing-List: linux-media@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-TM-AS-Product-Ver: SMEX-14.0.0.3152-9.1.1006-23728.005 X-TM-AS-Result: No-10--8.713600-8.000000 X-TMASE-MatchedRID: XAa2d/45j8QtJMbDWD8p3pEbNXwHGDRxqQ9UezeTkTjb6Y+fnTZULzAg xTloju5/Xt8ERZJyv5z+zbn+OlN0IkPbYPqd/GaJwCZxkTHxccnWSrKtwxqWpaj5v7I4/SgYU7g EPucszGeVMlcqqHWd7WAecQuhpQq2v94QsDvR6NwbmaDSnOqZfofsPVs/8Vw6RY/QCO8+EY40ZG lGdzy556HPibXQz0iw3BTxUdcaKkIfE8yM4pjsDwtuKBGekqUpIG4YlbCDECsYpN+2ZkfdFw5Eg x2RURWzOX6Gf/YkVyO2bMkQ2ubJ+3p46hvecdNTC8XKjsVbJjU= X-TM-AS-User-Approved-Sender: No X-TM-AS-User-Blocked-Sender: No X-TMASE-Result: 10--8.713600-8.000000 X-TMASE-Version: SMEX-14.0.0.3152-9.1.1006-23728.005 X-TM-SNTS-SMTP: C57F37D27EAEC8D1A7ABBC4D4778A4F2275F843CCD29DDAD8C5D302DE4BE19C92000:8 X-MTK: N Add a normal CMA heap which use the standard cma allocate. Signed-off-by: Yong Wu --- Hi Vijay and Jaskaran, For this heap, 1) It uses sec_heap_buf_ops currently. I guess we cann't use the cma_heap_buf_ops. since if it is secure buffer, some operations such as mmap should not be allowed. 2) I didn't add how to protect/secure the buffer. Please feel free to change to meet your requirements. Thanks. --- drivers/dma-buf/heaps/secure_heap.c | 38 ++++++++++++++++++++++++++++- 1 file changed, 37 insertions(+), 1 deletion(-) diff --git a/drivers/dma-buf/heaps/secure_heap.c b/drivers/dma-buf/heaps/secure_heap.c index f8b84fd16288..8989ad5d03e9 100644 --- a/drivers/dma-buf/heaps/secure_heap.c +++ b/drivers/dma-buf/heaps/secure_heap.c @@ -43,6 +43,8 @@ enum secure_buffer_tee_cmd { /* PARAM NUM always is 4. */ }; enum secure_memory_type { + /* CMA for the secure memory, Use the normal cma ops to alloc/free. */ + SECURE_MEMORY_TYPE_CMA = 0, /* * MediaTek static chunk memory carved out for TrustZone. The memory * management is inside the TEE. @@ -65,6 +67,7 @@ struct secure_buffer { * a value got from TEE. */ u32 sec_handle; + struct page *cma_page; }; #define TEE_MEM_COMMAND_ID_BASE_MTK 0x10000 @@ -287,6 +290,33 @@ const struct secure_heap_prv_data mtk_sec_mem_data = { .unsecure_the_memory = secure_heap_tee_unsecure_memory, }; +static int cma_secure_memory_allocate(struct secure_heap *sec_heap, + struct secure_buffer *sec_buf) +{ + if (!sec_heap->cma) + return -EINVAL; + + sec_buf->cma_page = cma_alloc(sec_heap->cma, sec_buf->size >> PAGE_SHIFT, + get_order(PAGE_SIZE), false); + if (!sec_buf->cma_page) + return -ENOMEM; + + memset(page_address(sec_buf->cma_page), 0, sec_buf->size); + return 0; +} + +static void cma_secure_memory_free(struct secure_heap *sec_heap, + struct secure_buffer *sec_buf) +{ + cma_release(sec_heap->cma, sec_buf->cma_page, sec_buf->size >> PAGE_SHIFT); +} + +const struct secure_heap_prv_data cma_sec_mem_data = { + .memory_alloc = cma_secure_memory_allocate, + .memory_free = cma_secure_memory_free, + /* TODO : secure the buffer. */ +}; + static int secure_heap_secure_memory_allocate(struct secure_heap *sec_heap, struct secure_buffer *sec_buf) { @@ -496,6 +526,11 @@ static const struct dma_heap_ops sec_heap_ops = { }; static struct secure_heap secure_heaps[] = { + { + .name = "secure_cma", + .mem_type = SECURE_MEMORY_TYPE_CMA, + .data = &cma_sec_mem_data, + }, { .name = "secure_mtk_cm", .mem_type = SECURE_MEMORY_TYPE_MTK_CM_TZ, @@ -522,7 +557,8 @@ static int __init secure_cma_init(struct reserved_mem *rmem) } for (i = 0; i < ARRAY_SIZE(secure_heaps); i++, sec_heap++) { - if (sec_heap->mem_type != SECURE_MEMORY_TYPE_MTK_CM_CMA) + if (sec_heap->mem_type != SECURE_MEMORY_TYPE_MTK_CM_CMA && + sec_heap->mem_type != SECURE_MEMORY_TYPE_CMA) continue; sec_heap->cma = sec_cma;