From patchwork Wed Jan 31 17:43:45 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Jens Wiklander X-Patchwork-Id: 194885 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2087:b0:106:209c:c626 with SMTP id gs7csp2053379dyb; Wed, 31 Jan 2024 09:45:05 -0800 (PST) X-Google-Smtp-Source: AGHT+IED9/wb/IDjPdeLoWQI8Ocm8KUJtCGCFpKrMHkpOPOTCCuFsTVCuhsQWHrofBfY4TZZSPmW X-Received: by 2002:a05:6a00:2f4e:b0:6dd:c332:d585 with SMTP id ff14-20020a056a002f4e00b006ddc332d585mr1761847pfb.34.1706723105340; Wed, 31 Jan 2024 09:45:05 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706723105; cv=pass; d=google.com; s=arc-20160816; b=PnSdxDZHeBlSkhININT3EkUMAFNIDeZw9g+aScgYkCcqiw0TObyTTPs3hS6J9tRWjv gfPLfcy1PC5zTDNlZJLt5FIv0rChPYyxqfCTUBnqLcNM9nAYFc/n+SfS6d/z1eRQ9c9G ndqLGs9JZJA5/UVRjonMFZaBZ96j3XpNgcH39CG9Xs0zwYVn8gFDTtLQfvdVU9mi4EoY rJQsZ0w+VZikO8TqF69X0dkAuAHznw0HMdZyJu1WZ3kV1ZsgMJcttUl3EfGtaW6QTApg abNTMfGPEc50w+4Csc1iY4nOHX17RiofmtVQkMuSsIsVfVUqF3j19eO0/0WBBf+pmFJZ WpuQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=8WcHu0BYfrrt6l6mr9lRenbRkMitnIQPl7dRpqtgNOc=; fh=B24NxkaXhbGmjQAgrJhdI8fQ3mpXlfaE3bgeceEsbTA=; b=tCVt0DL+SaHIb7iZbqE48yWwgqdhkYkWghMkGvEfM1+iBZdMP5IwLiBdmGoMliJ9/n HUF/iykVuZ8ANYVQljxFLaJIeeoiupNBimr1Gt5kjZGVLAIFY9urI3p9syh8IbZvRhga RZrq7BeXzjDu5EGFRQP7yTHMNHNyUPz/yWzEvlTA7dVZRSBL6RYwZxP6q1qR6Cj4K6ph co/oA3biDrIcvR/zpMN8qID+CH83ED/BFzoCeYea5+5V6Xgr785LHN94JJ/BQxV2Lz4I +6CNqfDvRYeG8QqLCh+U/n66RgcybaKRRZCy4q04PRVU5pJxPEUDWnmfj77/vVNLohT4 hTmg==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=DGcTu6Tl; arc=pass (i=1 spf=pass spfdomain=linaro.org dkim=pass dkdomain=linaro.org dmarc=pass fromdomain=linaro.org); spf=pass (google.com: domain of linux-kernel+bounces-46922-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-46922-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org X-Forwarded-Encrypted: i=1; AJvYcCXok8cxaC1ddfi08jkptfjnVQ9YgARdNCCqnlSXbkUvs7bvOOxE/e+T6boHwg2LXAKM4ZR0r03/Wc5zwBZ1DvuhciqSjA== Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id l12-20020a65680c000000b005d8e0d44d86si3901973pgt.553.2024.01.31.09.45.05 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 31 Jan 2024 09:45:05 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-46922-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=DGcTu6Tl; arc=pass (i=1 spf=pass spfdomain=linaro.org dkim=pass dkdomain=linaro.org dmarc=pass fromdomain=linaro.org); spf=pass (google.com: domain of linux-kernel+bounces-46922-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-46922-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 1DC0D285F5E for ; Wed, 31 Jan 2024 17:45:05 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id D4D9512FF91; Wed, 31 Jan 2024 17:44:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b="DGcTu6Tl" Received: from mail-ed1-f43.google.com (mail-ed1-f43.google.com [209.85.208.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CBA0412DDB9 for ; Wed, 31 Jan 2024 17:44:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.43 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706723049; cv=none; b=hruSEhmcV/TtJrAHcZFIymSoTVWm3VrbKJbRpJ88rOuEDTsdfGOS1/0QRvWFF8d7s25LEAGiOj5LHkBJeoQKpZEFGeFiUKqQSPtkgJ1IXxSqa850McEJPMsuMz6aZFKvfddQiYbzyv4kfgSi6/r9dUSTWCTv/NGV3RIem9ArW3o= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706723049; c=relaxed/simple; bh=/DSW7L5OGPzDoGMA8pPtVJvjUJ9Qv0Fcto0wMyEt2mY=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version:Content-Type; b=beqL63jg9RwdbSZyoRzPq7rP8aZrm69U7cnkypLg6AwSoK2pSon1wX0Fg0DB/AfgHB9PNybADXaEnQb7/Ns0OaRMQGtWrjWbZ3vr93Sq6TQ/jQtEC6VjoxNG7Fw3ZIxLXfo/RiWWkkL9syl9/2GVyx5azeO2DXafd2bamghPtlI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linaro.org; spf=pass smtp.mailfrom=linaro.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b=DGcTu6Tl; arc=none smtp.client-ip=209.85.208.43 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linaro.org Received: by mail-ed1-f43.google.com with SMTP id 4fb4d7f45d1cf-55f15762840so29190a12.0 for ; Wed, 31 Jan 2024 09:44:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1706723045; x=1707327845; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=8WcHu0BYfrrt6l6mr9lRenbRkMitnIQPl7dRpqtgNOc=; b=DGcTu6TlBbDveqT1lPOYXMciX8PlBskyZUmhCz8xFTvZpLy034e1Mu9ZZ8FcO1hzsM RFvYsKCAuuscnoWVRYlSfBbfBuA37A1FDYpJylBakYWd5j7OImLAKjFjqljamdFngBRw VNbTZjrKuJcSgvKN7lvE6j5i2AxXq4cQYG9+PebwkI8ns2wmF4WN+6Skx59CFEwZeVNZ DqIsg02KqQ9zQeKWxCzj1NPRAA65XsjnrTjMpddrPJy1SVPolEffiOsoJMcIyWD9i1kJ cYwziir2R5ndDufP9PjNhD8Dk9Pe7tLN8MY2uLtQwdWJRuEFMiRQrR4XEufYXKNZ/CqK GHmQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706723045; x=1707327845; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=8WcHu0BYfrrt6l6mr9lRenbRkMitnIQPl7dRpqtgNOc=; b=VgHd6z8qxFbijD6emYa0E1vKuSUZYoiyn268WZmgyct6/dHDph1PoEV87CEGaHkD2P 6Y2yF56tVOLqp7k75qCgD4b/Gm5q/b+HkHqO3R1kUA2LYQYN/fgKs3BYEkndU8W7iSCf e6H3MX+xqdpC1r2iYr09tKBYiLHKPpc+gyYiTQzjMC4/jYxS2TVuuD0lwp1vsEoHVN/r y3fr1b2kOaN04A3S2M03S0cXsb/qf3SU9cDt7WfqKX2OZ73NF68kMninKDj9RnBvC25p ASlhQ/3n7TJlMQPi9a3nkLy8amYTiWKbl5Qm5JKWUmtqEegXw5GqGUVED3NB3g8d1u6C f3TA== X-Gm-Message-State: AOJu0Ywb9szDbpZf0VBk3vTIQHojDiDSnxO+zOv9Vy4P8OAkkymdPgA6 ZEeUq2IBS9rfJB5Y64rclz0A6L5C38Ab7hVEcFr0R9GFkLUcNwk5pAbifdxyjqSOEWOnN9LoGlC s X-Received: by 2002:a05:6402:1850:b0:55e:e838:a20e with SMTP id v16-20020a056402185000b0055ee838a20emr1622696edy.25.1706723044579; Wed, 31 Jan 2024 09:44:04 -0800 (PST) Received: from localhost.localdomain (h-217-31-164-171.A175.priv.bahnhof.se. [217.31.164.171]) by smtp.gmail.com with ESMTPSA id o11-20020a056402444b00b0055d3d1653b3sm5712985edb.31.2024.01.31.09.44.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 31 Jan 2024 09:44:04 -0800 (PST) From: Jens Wiklander To: linux-kernel@vger.kernel.org, linux-mmc@vger.kernel.org, op-tee@lists.trustedfirmware.org Cc: Shyam Saini , Ulf Hansson , Jerome Forissier , Sumit Garg , Ilias Apalodimas , Bart Van Assche , Randy Dunlap , Ard Biesheuvel , Arnd Bergmann , Greg Kroah-Hartman , Jens Wiklander , Tomas Winkler , =?utf-8?q?Alex_Benn=C3=A9e?= Subject: [PATCH v2 1/3] rpmb: add Replay Protected Memory Block (RPMB) subsystem Date: Wed, 31 Jan 2024 18:43:45 +0100 Message-Id: <20240131174347.510961-2-jens.wiklander@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240131174347.510961-1-jens.wiklander@linaro.org> References: <20240131174347.510961-1-jens.wiklander@linaro.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1789628887316065906 X-GMAIL-MSGID: 1789628887316065906 A number of storage technologies support a specialised hardware partition designed to be resistant to replay attacks. The underlying HW protocols differ but the operations are common. The RPMB partition cannot be accessed via standard block layer, but by a set of specific RPMB commands: WRITE, READ, GET_WRITE_COUNTER, and PROGRAM_KEY. Such a partition provides authenticated and replay protected access, hence suitable as a secure storage. The initial aim of this patch is to provide a simple RPMB Driver which can be accessed by the optee driver to facilitate early RPMB access to OP-TEE OS (secure OS) during the boot time. A TEE device driver can claim the RPMB interface, for example, via class_interface_register() or rpmb_dev_find_device(). The RPMB driver provides a callback to route RPMB frames to the RPMB device accessible via rpmb_route_frames(). The detailed operation of implementing the access is left to the TEE device driver itself. Signed-off-by: Tomas Winkler Signed-off-by: Alex BennĂ©e Signed-off-by: Shyam Saini Signed-off-by: Jens Wiklander --- MAINTAINERS | 7 ++ drivers/misc/Kconfig | 9 ++ drivers/misc/Makefile | 1 + drivers/misc/rpmb-core.c | 247 +++++++++++++++++++++++++++++++++++++++ include/linux/rpmb.h | 184 +++++++++++++++++++++++++++++ 5 files changed, 448 insertions(+) create mode 100644 drivers/misc/rpmb-core.c create mode 100644 include/linux/rpmb.h diff --git a/MAINTAINERS b/MAINTAINERS index 8999497011a2..e83152c42499 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -19012,6 +19012,13 @@ T: git git://linuxtv.org/media_tree.git F: Documentation/devicetree/bindings/media/allwinner,sun8i-a83t-de2-rotate.yaml F: drivers/media/platform/sunxi/sun8i-rotate/ +RPMB SUBSYSTEM +M: Jens Wiklander +L: linux-kernel@vger.kernel.org +S: Supported +F: drivers/misc/rpmb-core.c +F: include/linux/rpmb.h + RPMSG TTY DRIVER M: Arnaud Pouliquen L: linux-remoteproc@vger.kernel.org diff --git a/drivers/misc/Kconfig b/drivers/misc/Kconfig index 4fb291f0bf7c..891aa5763666 100644 --- a/drivers/misc/Kconfig +++ b/drivers/misc/Kconfig @@ -104,6 +104,15 @@ config PHANTOM If you choose to build module, its name will be phantom. If unsure, say N here. +config RPMB + tristate "RPMB partition interface" + help + Unified RPMB unit interface for RPMB capable devices such as eMMC and + UFS. Provides interface for in kernel security controllers to access + RPMB unit. + + If unsure, select N. + config TIFM_CORE tristate "TI Flash Media interface support" depends on PCI diff --git a/drivers/misc/Makefile b/drivers/misc/Makefile index ea6ea5bbbc9c..8af058ad1df4 100644 --- a/drivers/misc/Makefile +++ b/drivers/misc/Makefile @@ -15,6 +15,7 @@ obj-$(CONFIG_LKDTM) += lkdtm/ obj-$(CONFIG_TIFM_CORE) += tifm_core.o obj-$(CONFIG_TIFM_7XX1) += tifm_7xx1.o obj-$(CONFIG_PHANTOM) += phantom.o +obj-$(CONFIG_RPMB) += rpmb-core.o obj-$(CONFIG_QCOM_COINCELL) += qcom-coincell.o obj-$(CONFIG_QCOM_FASTRPC) += fastrpc.o obj-$(CONFIG_SENSORS_BH1770) += bh1770glc.o diff --git a/drivers/misc/rpmb-core.c b/drivers/misc/rpmb-core.c new file mode 100644 index 000000000000..a3c289051687 --- /dev/null +++ b/drivers/misc/rpmb-core.c @@ -0,0 +1,247 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Copyright(c) 2015 - 2019 Intel Corporation. All rights reserved. + * Copyright(c) 2021 - 2024 Linaro Ltd. + */ +#include +#include +#include +#include +#include +#include +#include +#include + +static DEFINE_IDA(rpmb_ida); +static DEFINE_MUTEX(rpmb_mutex); + +/** + * rpmb_dev_get() - increase rpmb device ref counter + * @rdev: rpmb device + */ +struct rpmb_dev *rpmb_dev_get(struct rpmb_dev *rdev) +{ + if (rdev) + get_device(&rdev->dev); + return rdev; +} +EXPORT_SYMBOL_GPL(rpmb_dev_get); + +/** + * rpmb_dev_put() - decrease rpmb device ref counter + * @rdev: rpmb device + */ +void rpmb_dev_put(struct rpmb_dev *rdev) +{ + if (rdev) + put_device(&rdev->dev); +} +EXPORT_SYMBOL_GPL(rpmb_dev_put); + +/** + * rpmb_route_frames() - route rpmb frames to rpmb device + * @rdev: rpmb device + * @req: rpmb request frames + * @req_len: length of rpmb request frames in bytes + * @rsp: rpmb response frames + * @rsp_len: length of rpmb response frames in bytes + * + * @return < 0 on failure + */ +int rpmb_route_frames(struct rpmb_dev *rdev, u8 *req, + unsigned int req_len, u8 *rsp, unsigned int rsp_len) +{ + struct rpmb_frame *frm = (struct rpmb_frame *)req; + u16 req_type; + bool write; + + if (!req || req_len < sizeof(*frm) || !rsp || !rsp_len) + return -EINVAL; + + req_type = be16_to_cpu(frm->req_resp); + switch (req_type) { + case RPMB_PROGRAM_KEY: + if (req_len != sizeof(struct rpmb_frame) || + rsp_len != sizeof(struct rpmb_frame)) + return -EINVAL; + write = true; + break; + case RPMB_GET_WRITE_COUNTER: + if (req_len != sizeof(struct rpmb_frame) || + rsp_len != sizeof(struct rpmb_frame)) + return -EINVAL; + write = false; + break; + case RPMB_WRITE_DATA: + if (req_len % sizeof(struct rpmb_frame) || + rsp_len != sizeof(struct rpmb_frame)) + return -EINVAL; + write = true; + break; + case RPMB_READ_DATA: + if (req_len != sizeof(struct rpmb_frame) || + rsp_len % sizeof(struct rpmb_frame)) + return -EINVAL; + write = false; + break; + default: + return -EINVAL; + } + + return rdev->ops->route_frames(rdev->dev.parent, write, + req, req_len, rsp, rsp_len); +} +EXPORT_SYMBOL_GPL(rpmb_route_frames); + +static void rpmb_dev_release(struct device *dev) +{ + struct rpmb_dev *rdev = to_rpmb_dev(dev); + + rdev->ops->put_resources(rdev->dev.parent); + mutex_lock(&rpmb_mutex); + ida_simple_remove(&rpmb_ida, rdev->id); + mutex_unlock(&rpmb_mutex); + kfree(rdev->dev_id); + kfree(rdev); +} + +struct class rpmb_class = { + .name = "rpmb", + .dev_release = rpmb_dev_release, +}; +EXPORT_SYMBOL(rpmb_class); + +/** + * rpmb_dev_find_device() - return first matching rpmb device + * @data: data for the match function + * @match: the matching function + * + * @returns a matching rpmb device or NULL on failure + */ +struct rpmb_dev *rpmb_dev_find_device(const void *data, + const struct rpmb_dev *start, + int (*match)(struct device *dev, + const void *data)) +{ + struct device *dev; + const struct device *start_dev = NULL; + + if (start) + start_dev = &start->dev; + dev = class_find_device(&rpmb_class, start_dev, data, match); + + return dev ? to_rpmb_dev(dev) : NULL; +} + +/** + * rpmb_dev_unregister() - unregister RPMB partition from the RPMB subsystem + * @rdev: the rpmb device to unregister + * + * @returns < 0 on failure + */ +int rpmb_dev_unregister(struct rpmb_dev *rdev) +{ + if (!rdev) + return -EINVAL; + + device_del(&rdev->dev); + + rpmb_dev_put(rdev); + + return 0; +} +EXPORT_SYMBOL_GPL(rpmb_dev_unregister); + +/** + * rpmb_dev_register - register RPMB partition with the RPMB subsystem + * @dev: storage device of the rpmb device + * @target: RPMB target/region within the physical device + * @ops: device specific operations + * + * While registering the RPMB partition get references to needed resources + * with the @ops->get_resources() callback and extracts needed devices + * information while needed resources are available. + * + * @returns a pointer to a 'struct rpmb_dev' or an ERR_PTR on failure + */ +struct rpmb_dev *rpmb_dev_register(struct device *dev, + const struct rpmb_ops *ops) +{ + struct rpmb_dev *rdev; + int id; + int ret; + + if (!dev || !ops || !ops->get_resources || + !ops->put_resources || !ops->route_frames || + !ops->set_dev_info) + return ERR_PTR(-EINVAL); + + rdev = kzalloc(sizeof(*rdev), GFP_KERNEL); + if (!rdev) + return ERR_PTR(-ENOMEM); + + mutex_lock(&rpmb_mutex); + id = ida_simple_get(&rpmb_ida, 0, 0, GFP_KERNEL); + mutex_unlock(&rpmb_mutex); + if (id < 0) { + ret = id; + goto exit; + } + + rdev->ops = ops; + rdev->id = id; + + dev_set_name(&rdev->dev, "rpmb%d", id); + rdev->dev.class = &rpmb_class; + rdev->dev.parent = dev; + + ret = ops->set_dev_info(dev, rdev); + if (ret) + goto exit; + + ret = device_register(&rdev->dev); + if (ret) + goto exit; + + ops->get_resources(rdev->dev.parent); + + dev_dbg(&rdev->dev, "registered device\n"); + + return rdev; + +exit: + if (id >= 0) { + mutex_lock(&rpmb_mutex); + ida_simple_remove(&rpmb_ida, id); + mutex_unlock(&rpmb_mutex); + } + kfree(rdev); + return ERR_PTR(ret); +} +EXPORT_SYMBOL_GPL(rpmb_dev_register); + +static int __init rpmb_init(void) +{ + int rc; + + rc = class_register(&rpmb_class); + if (rc) { + pr_err("couldn't create class\n"); + return rc; + } + ida_init(&rpmb_ida); + return 0; +} + +static void __exit rpmb_exit(void) +{ + ida_destroy(&rpmb_ida); + class_unregister(&rpmb_class); +} + +subsys_initcall(rpmb_init); +module_exit(rpmb_exit); + +MODULE_AUTHOR("Jens Wiklander "); +MODULE_DESCRIPTION("RPMB class"); +MODULE_LICENSE("GPL"); diff --git a/include/linux/rpmb.h b/include/linux/rpmb.h new file mode 100644 index 000000000000..45073513264a --- /dev/null +++ b/include/linux/rpmb.h @@ -0,0 +1,184 @@ +/* SPDX-License-Identifier: BSD-3-Clause OR GPL-2.0 */ +/* + * Copyright (C) 2015-2019 Intel Corp. All rights reserved + * Copyright (C) 2021-2022 Linaro Ltd + */ +#ifndef __RPMB_H__ +#define __RPMB_H__ + +#include +#include + +/** + * struct rpmb_frame - rpmb frame as defined by specs + * + * @stuff : stuff bytes + * @key_mac : The authentication key or the message authentication + * code (MAC) depending on the request/response type. + * The MAC will be delivered in the last (or the only) + * block of data. + * @data : Data to be written or read by signed access. + * @nonce : Random number generated by the host for the requests + * and copied to the response by the RPMB engine. + * @write_counter: Counter value for the total amount of the successful + * authenticated data write requests made by the host. + * @addr : Address of the data to be programmed to or read + * from the RPMB. Address is the serial number of + * the accessed block (half sector 256B). + * @block_count : Number of blocks (half sectors, 256B) requested to be + * read/programmed. + * @result : Includes information about the status of the write counter + * (valid, expired) and result of the access made to the RPMB. + * @req_resp : Defines the type of request and response to/from the memory. + */ +struct rpmb_frame { + u8 stuff[196]; + u8 key_mac[32]; + u8 data[256]; + u8 nonce[16]; + __be32 write_counter; + __be16 addr; + __be16 block_count; + __be16 result; + __be16 req_resp; +} __packed; + +#define RPMB_PROGRAM_KEY 0x1 /* Program RPMB Authentication Key */ +#define RPMB_GET_WRITE_COUNTER 0x2 /* Read RPMB write counter */ +#define RPMB_WRITE_DATA 0x3 /* Write data to RPMB partition */ +#define RPMB_READ_DATA 0x4 /* Read data from RPMB partition */ +#define RPMB_RESULT_READ 0x5 /* Read result request (Internal) */ + +#define RPMB_REQ2RESP(_OP) ((_OP) << 8) +#define RPMB_RESP2REQ(_OP) ((_OP) >> 8) + +/** + * enum rpmb_op_result - rpmb operation results + * + * @RPMB_ERR_OK : operation successful + * @RPMB_ERR_GENERAL : general failure + * @RPMB_ERR_AUTH : mac doesn't match or ac calculation failure + * @RPMB_ERR_COUNTER : counter doesn't match or counter increment failure + * @RPMB_ERR_ADDRESS : address out of range or wrong address alignment + * @RPMB_ERR_WRITE : data, counter, or result write failure + * @RPMB_ERR_READ : data, counter, or result read failure + * @RPMB_ERR_NO_KEY : authentication key not yet programmed + * + * @RPMB_ERR_COUNTER_EXPIRED: counter expired + */ +enum rpmb_op_result { + RPMB_ERR_OK = 0x0000, + RPMB_ERR_GENERAL = 0x0001, + RPMB_ERR_AUTH = 0x0002, + RPMB_ERR_COUNTER = 0x0003, + RPMB_ERR_ADDRESS = 0x0004, + RPMB_ERR_WRITE = 0x0005, + RPMB_ERR_READ = 0x0006, + RPMB_ERR_NO_KEY = 0x0007, + + RPMB_ERR_COUNTER_EXPIRED = 0x0080 +}; + +/** + * enum rpmb_type - type of underlaying storage technology + * + * @RPMB_TYPE_EMMC : emmc (JESD84-B50.1) + * @RPMB_TYPE_UFS : UFS (JESD220) + * @RPMB_TYPE_NVME : NVM Express + */ +enum rpmb_type { + RPMB_TYPE_EMMC, + RPMB_TYPE_UFS, + RPMB_TYPE_NVME, +}; + +/** + * struct rpmb_dev - device which can support RPMB partition + * + * @dev : device + * @id : device id; + * @ops : operation exported by rpmb + * @dev_id : unique device identifier read from the hardware + * @dev_id_len : length of unique device identifier + * @reliable_wr_count: number of sectors that can be written in one access + * @capacity : capacity of the device in units of 128K + */ +struct rpmb_dev { + struct device dev; + int id; + const struct rpmb_ops *ops; + u8 *dev_id; + size_t dev_id_len; + u16 reliable_wr_count; + u16 capacity; +}; + +#define to_rpmb_dev(x) container_of((x), struct rpmb_dev, dev) + +/** + * struct rpmb_ops - RPMB ops to be implemented by underlying block device + * + * @type : block device type + * @get_resources : gets references to needed resources in rpmb_dev_register() + * @put_resources : puts references from resources in rpmb_dev_release() + * @route_frames : routes frames to and from the RPMB device + * @get_dev_info : extracts device info from the RPMB device + */ +struct rpmb_ops { + enum rpmb_type type; + void (*get_resources)(struct device *dev); + void (*put_resources)(struct device *dev); + int (*set_dev_info)(struct device *dev, struct rpmb_dev *rdev); + int (*route_frames)(struct device *dev, bool write, + u8 *req, unsigned int req_len, + u8 *resp, unsigned int resp_len); +}; + +#if IS_ENABLED(CONFIG_RPMB) +struct rpmb_dev *rpmb_dev_get(struct rpmb_dev *rdev); +void rpmb_dev_put(struct rpmb_dev *rdev); +struct rpmb_dev *rpmb_dev_find_device(const void *data, + const struct rpmb_dev *start, + int (*match)(struct device *dev, + const void *data)); +struct rpmb_dev *rpmb_dev_register(struct device *dev, + const struct rpmb_ops *ops); +int rpmb_dev_unregister(struct rpmb_dev *rdev); + +int rpmb_route_frames(struct rpmb_dev *rdev, u8 *req, + unsigned int req_len, u8 *resp, unsigned int resp_len); +#else +static inline struct rpmb_dev *rpmb_dev_get(struct rpmb_dev *rdev) +{ + return NULL; +} + +static inline void rpmb_dev_put(struct rpmb_dev *rdev) { } + +static inline struct rpmb_dev * +rpmb_dev_find_device(const void *data, const struct rpmb_dev *start, + int (*match)(struct device *dev, const void *data)) +{ + return NULL; +} + +static inline struct rpmb_dev * +rpmb_dev_register(struct device *dev, const struct rpmb_ops *ops) +{ + return NULL; +} + +static inline int rpmb_dev_unregister(struct rpmb_dev *dev) +{ + return 0; +} + +static inline int rpmb_route_frames(struct rpmb_dev *rdev, u8 *req, + unsigned int req_len, u8 *resp, + unsigned int resp_len) +{ + return -EOPNOTSUPP; +} +#endif /* CONFIG_RPMB */ + +#endif /* __RPMB_H__ */ From patchwork Wed Jan 31 17:43:46 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jens Wiklander X-Patchwork-Id: 194884 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2087:b0:106:209c:c626 with SMTP id gs7csp2053301dyb; Wed, 31 Jan 2024 09:44:57 -0800 (PST) X-Google-Smtp-Source: AGHT+IG2bkIQGdXRWO6oHV9kKOWgxriZYDvnxJCDr4DIR7AnDjpxZ8Zsu6bz29eqQv0Ee7ExeXJO X-Received: by 2002:a05:620a:a59:b0:783:d0ef:49ba with SMTP id j25-20020a05620a0a5900b00783d0ef49bamr133878qka.18.1706723096841; Wed, 31 Jan 2024 09:44:56 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706723096; cv=pass; d=google.com; s=arc-20160816; b=Xg8r8axRn0pQ0rVpjKTxhRl1nQuH1dlHJZ8D2VQ4/2ALTkq0ubOQ9yX7c6QJKmMkIv bDJ43GtqG/uM0uK6GvEp8fEne6cQtlsUfKgp3XA47dNbJhQwK/YwnBQB0reVsSdPQ3ix kEO3JoUYeBIyURQaj4zNHeBu7v+XSwe7CNpSMXkzIgB+RDuxRIf1i4H2YTe5TGDweQN4 beZ8S0BUUXd3i6YUPBgabndy9gvJABxzTQUj95ADyUda2abWlbTjjvBlDqrRYpp2hg3V EwxTmFHEI1XVvgm5+MHP46sQl88LyQZ8YiwkL6s4d3F25ilXaaxJWiSs0M2AnHoFweM4 ETxA== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=cHCmvQ4HM3HYtffO/xIE+CYy/jMxpzrFI5HM00j5Odk=; fh=AOhpejl7BNo03dypZw2nxxw/SgorbkQ/IO9SNGGL57w=; b=m5LdezBH7tMGdPux8+zZgP7MlxUXpkJs7yQ2F3+vZHaSnq8Z/Jtu4lleRtdwajJ3WO sjNkdwZjIteVxGXvAoEu88fKXl3eU2IO8Lm9ehXiTy0xayyNo/g6sv4Mw0Lp83+Ej2zS noYrnExRsAg0sD/v3KgCJB72AV5JkLrHokOUSGPe/yGbzZiBxMRDJwAFrLOYWddzRUrM INr7gpHWiGY1poAZU25baPikCmYcwaBy0EtS/vRkjTAZYTAxoA/0razDe8oPfuQOTxqu +PrCr/2V15FBtFE04JZwa4iJ05APRqzO/I3saOoJ9mA9z9O06TMU67Y7bb8XB2H9jpc5 QtTQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=VrNEXOcW; arc=pass (i=1 spf=pass spfdomain=linaro.org dkim=pass dkdomain=linaro.org dmarc=pass fromdomain=linaro.org); spf=pass (google.com: domain of linux-kernel+bounces-46923-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-46923-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org X-Forwarded-Encrypted: i=1; AJvYcCW59z7IV8BUIq2qKVGs/XVMdQb4gkadNsxzZxj9WVCx/egLn5EaZjRk4NWCo+YW9iJ7iLLLrFu4yREMYWsNf8XabhpOdg== Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id j21-20020a05620a147500b007812e5a9151si6167159qkl.549.2024.01.31.09.44.56 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 31 Jan 2024 09:44:56 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-46923-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=VrNEXOcW; arc=pass (i=1 spf=pass spfdomain=linaro.org dkim=pass dkdomain=linaro.org dmarc=pass fromdomain=linaro.org); spf=pass (google.com: domain of linux-kernel+bounces-46923-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-46923-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 924F11C2549C for ; Wed, 31 Jan 2024 17:44:56 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id DC9C412FF79; Wed, 31 Jan 2024 17:44:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b="VrNEXOcW" Received: from mail-ed1-f44.google.com (mail-ed1-f44.google.com [209.85.208.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 12A7D12F580 for ; Wed, 31 Jan 2024 17:44:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.44 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706723050; cv=none; b=ndghu8HNautfNfZtr8FGgX7KJ9OYjthQNQ1iCQ8LwpuJ5eXf7u6wY24t+M9ckAARUxzkFJbPBF+Bg66CF50NeG5n3VmCEzfcXsXYpA8ZqCwxVVJ86kPdO+MfwbT546Qi75QiQgQ1a9l33/jP4sGPpxBE1cbxo2WlpuQPYsfC7Us= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706723050; c=relaxed/simple; bh=VSk1r76xIi4SMeq0I2cI7qMzmqTAXAADCa74sT2EN4w=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=Ug+42roZFmyDq9BXhVJLOn4i/qO+ToNwfZMyeXPFYHASfDhAQhiu3csDtJ7qiyJLqCQVoMr+9jzP87LLqd6Bh69coz7p1EU/wrpQuCyvsSbZFVpulR3MtEz304WQhSTjvtwaZJB4hhjMBa0vy0hrjPy3BLkV7WtjRXXHucgTS2Y= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linaro.org; spf=pass smtp.mailfrom=linaro.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b=VrNEXOcW; arc=none smtp.client-ip=209.85.208.44 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linaro.org Received: by mail-ed1-f44.google.com with SMTP id 4fb4d7f45d1cf-55817a12ad8so1805a12.2 for ; Wed, 31 Jan 2024 09:44:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1706723046; x=1707327846; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=cHCmvQ4HM3HYtffO/xIE+CYy/jMxpzrFI5HM00j5Odk=; b=VrNEXOcWoaLkqto0DOZcoCS01+0CziPzB66kE9b3hyUICZto7bDQpgFBjpx1enpgAW YlrUBmBemYK8SQmOYClBNyRDAqjzf71O05BnMgmSrkQbA73Bt/q0HuPd3e5zR4gTv9n+ DjhXRJ9CwTbxmuJ6og+8T025w8xapZ6/9FqRcm0+AVYWKJAt3inS/OHOvdgBaGroaNDX 0cGQS3AI2aM8cualcUT1u5ECXLa6OSh0nTNaLYC4FyXT055nHbJz4IP68wlFx0KB0XUu UvPYUm8Tf3LJtlyKk9LvSpkAkIQek14inAUiqJP9Mgh29YvNfRHqkEy+qGLD0zr//WqD kmVQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706723046; x=1707327846; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=cHCmvQ4HM3HYtffO/xIE+CYy/jMxpzrFI5HM00j5Odk=; b=mELmJ3asO2ffE1jLBBMgJwCK+SsGsAgsk27mskHPI1fStFsEj57WQUL4pgCV23aez9 VXCry54IQVNIv/mJHLaERa/qX8u8u8tY007WHEiUlLrgOI6daJtPVrut8QkF43uORziP o/bE81zLLTx+KDpHKbrSQKQB9768W1fhJktJFd1KvULduhFM9wMo11ifp7hsDW1S5YNK GCAKOTtL1bQatUO8YP1g+XXGLWPlvQ+FIXARXI3u9pynDMGZBaejOZ3oBKEvVZZioGv+ /VrwIeu51X0SFBTjvYwSsHmIEhf4/6m1h8lqio/WXVjWscN1FHVwUjq4Vgn8GnbnAfDH Pvew== X-Gm-Message-State: AOJu0YyatuCDddZsgE+3OwNBY899biKdq7oX+j0XbnDWP30f4UkyqiWX fp7qmaebbEkVO7kqeYp1QHZamuZoICkY1PDqZRiX7HPufHo1r982fndVGqa8DDTWgG829mXl4SD u X-Received: by 2002:a50:cd4b:0:b0:55f:6b8:b2fc with SMTP id d11-20020a50cd4b000000b0055f06b8b2fcmr1807622edj.2.1706723045922; Wed, 31 Jan 2024 09:44:05 -0800 (PST) Received: from localhost.localdomain (h-217-31-164-171.A175.priv.bahnhof.se. [217.31.164.171]) by smtp.gmail.com with ESMTPSA id o11-20020a056402444b00b0055d3d1653b3sm5712985edb.31.2024.01.31.09.44.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 31 Jan 2024 09:44:05 -0800 (PST) From: Jens Wiklander To: linux-kernel@vger.kernel.org, linux-mmc@vger.kernel.org, op-tee@lists.trustedfirmware.org Cc: Shyam Saini , Ulf Hansson , Jerome Forissier , Sumit Garg , Ilias Apalodimas , Bart Van Assche , Randy Dunlap , Ard Biesheuvel , Arnd Bergmann , Greg Kroah-Hartman , Jens Wiklander , Tomas Winkler , Alexander Usyskin Subject: [PATCH v2 2/3] mmc: block: register RPMB partition with the RPMB subsystem Date: Wed, 31 Jan 2024 18:43:46 +0100 Message-Id: <20240131174347.510961-3-jens.wiklander@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240131174347.510961-1-jens.wiklander@linaro.org> References: <20240131174347.510961-1-jens.wiklander@linaro.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1789628877865015311 X-GMAIL-MSGID: 1789628877865015311 Register eMMC RPMB partition with the RPMB subsystem and provide an implementation for the RPMB access operations abstracting the actual multi step process. Add callbacks for getting and putting the needed resources, that is, the RPMB data and the RPMB disk. Add a callback to extract the needed device information at registration to avoid accessing the struct mmc_card at a later stage as we're not holding a reference counter for this struct. Signed-off-by: Tomas Winkler Signed-off-by: Alexander Usyskin Signed-off-by: Jens Wiklander --- drivers/mmc/core/block.c | 177 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 177 insertions(+) diff --git a/drivers/mmc/core/block.c b/drivers/mmc/core/block.c index 32d49100dff5..5286e0b3a5a2 100644 --- a/drivers/mmc/core/block.c +++ b/drivers/mmc/core/block.c @@ -33,6 +33,7 @@ #include #include #include +#include #include #include #include @@ -40,6 +41,7 @@ #include #include #include +#include #include #include @@ -163,6 +165,7 @@ struct mmc_rpmb_data { int id; unsigned int part_index; struct mmc_blk_data *md; + struct rpmb_dev *rdev; struct list_head node; }; @@ -2707,6 +2710,169 @@ static void mmc_blk_rpmb_device_release(struct device *dev) kfree(rpmb); } +static void rpmb_op_mmc_get_resources(struct device *dev) +{ + struct mmc_rpmb_data *rpmb = dev_get_drvdata(dev); + + /* + * When the MMC card is removed rpmb_dev_unregister() is called + * from mmc_blk_remove_rpmb_part(). That removes references to the + * devices in struct mmc_rpmb_data and rpmb->md. Since struct + * rpmb_dev can still reach those structs we must hold a reference + * until struct rpmb_dev also is released. + * + * This is analogous to what's done in mmc_rpmb_chrdev_open() and + * mmc_rpmb_chrdev_release() below. + */ + get_device(dev); + mmc_blk_get(rpmb->md->disk); +} + +static void rpmb_op_mmc_put_resources(struct device *dev) +{ + struct mmc_rpmb_data *rpmb = dev_get_drvdata(dev); + + mmc_blk_put(rpmb->md); + put_device(dev); +} + +static struct mmc_blk_ioc_data **alloc_idata(struct mmc_rpmb_data *rpmb, + unsigned int cmd_count) +{ + struct mmc_blk_ioc_data **idata; + unsigned int n; + + idata = kcalloc(cmd_count, sizeof(*idata), GFP_KERNEL); + if (!idata) + return NULL; + + for (n = 0; n < cmd_count; n++) { + idata[n] = kcalloc(1, sizeof(**idata), GFP_KERNEL); + if (!idata[n]) { + kfree(idata); + return NULL; + } + idata[n]->rpmb = rpmb; + } + + return idata; +} + +static void set_idata(struct mmc_blk_ioc_data *idata, u32 opcode, + int write_flag, u8 *buf, unsigned int buf_bytes) +{ + idata->ic.opcode = opcode; + idata->ic.flags = MMC_RSP_R1 | MMC_CMD_ADTC; + idata->ic.write_flag = write_flag; + idata->ic.blksz = sizeof(struct rpmb_frame); + idata->ic.blocks = buf_bytes / idata->ic.blksz; + idata->buf = buf; + idata->buf_bytes = buf_bytes; +} + +static void free_idata(struct mmc_blk_ioc_data **idata, unsigned int cmd_count) +{ + unsigned int n; + + for (n = 0; n < cmd_count; n++) + kfree(idata[n]); + kfree(idata); +} + +static int rpmb_op_mmc_route_frames(struct device *dev, bool write, u8 *req, + unsigned int req_len, u8 *resp, + unsigned int resp_len) +{ + struct mmc_rpmb_data *rpmb = dev_get_drvdata(dev); + struct mmc_blk_data *md = rpmb->md; + struct mmc_blk_ioc_data **idata; + unsigned int cmd_count; + struct request *rq; + int ret; + + if (write) + cmd_count = 3; + else + cmd_count = 2; + + if (IS_ERR(md->queue.card)) + return PTR_ERR(md->queue.card); + + idata = alloc_idata(rpmb, cmd_count); + if (!idata) + return -ENOMEM; + + if (write) { + struct rpmb_frame *frm = (struct rpmb_frame *)resp; + + /* Send write request frame(s) */ + set_idata(idata[0], MMC_WRITE_MULTIPLE_BLOCK, + 1 | MMC_CMD23_ARG_REL_WR, req, req_len); + + /* Send result request frame */ + memset(frm, 0, sizeof(*frm)); + frm->req_resp = cpu_to_be16(RPMB_RESULT_READ); + set_idata(idata[1], MMC_WRITE_MULTIPLE_BLOCK, 1, resp, + resp_len); + + /* Read response frame */ + set_idata(idata[2], MMC_READ_MULTIPLE_BLOCK, 0, resp, resp_len); + } else { + /* Send write request frame(s) */ + set_idata(idata[0], MMC_WRITE_MULTIPLE_BLOCK, 1, req, req_len); + + /* Read response frame */ + set_idata(idata[1], MMC_READ_MULTIPLE_BLOCK, 0, resp, resp_len); + } + + rq = blk_mq_alloc_request(md->queue.queue, REQ_OP_DRV_OUT, 0); + if (IS_ERR(rq)) { + ret = PTR_ERR(rq); + goto out; + } + + req_to_mmc_queue_req(rq)->drv_op = MMC_DRV_OP_IOCTL_RPMB; + req_to_mmc_queue_req(rq)->drv_op_result = -EIO; + req_to_mmc_queue_req(rq)->drv_op_data = idata; + req_to_mmc_queue_req(rq)->ioc_count = cmd_count; + blk_execute_rq(rq, false); + ret = req_to_mmc_queue_req(rq)->drv_op_result; + + blk_mq_free_request(rq); + +out: + free_idata(idata, cmd_count); + return ret; +} + +static int rpmb_op_mmc_set_dev_info(struct device *dev, struct rpmb_dev *rdev) +{ + struct mmc_rpmb_data *rpmb = dev_get_drvdata(dev); + struct mmc_card *card = rpmb->md->queue.card; + unsigned int n; + u32 cid[4]; + + for (n = 0; n < 4; n++) + cid[n] = be32_to_cpu(card->raw_cid[n]); + + rdev->dev_id = kmemdup(cid, sizeof(cid), GFP_KERNEL); + if (!rdev->dev_id) + return -ENOMEM; + rdev->dev_id_len = sizeof(cid); + rdev->reliable_wr_count = card->ext_csd.raw_rpmb_size_mult; + rdev->capacity = card->ext_csd.rel_sectors; + + return 0; +} + +static struct rpmb_ops rpmb_mmc_ops = { + .type = RPMB_TYPE_EMMC, + .get_resources = rpmb_op_mmc_get_resources, + .put_resources = rpmb_op_mmc_put_resources, + .route_frames = rpmb_op_mmc_route_frames, + .set_dev_info = rpmb_op_mmc_set_dev_info, +}; + static int mmc_blk_alloc_rpmb_part(struct mmc_card *card, struct mmc_blk_data *md, unsigned int part_index, @@ -2751,6 +2917,14 @@ static int mmc_blk_alloc_rpmb_part(struct mmc_card *card, goto out_put_device; } + rpmb->rdev = rpmb_dev_register(&rpmb->dev, &rpmb_mmc_ops); + if (IS_ERR(rpmb->rdev)) { + pr_err("%s: could not register RPMB device\n", rpmb_name); + ret = PTR_ERR(rpmb->rdev); + rpmb->rdev = NULL; + goto out_cdev_device_del; + } + list_add(&rpmb->node, &md->rpmbs); string_get_size((u64)size, 512, STRING_UNITS_2, @@ -2762,6 +2936,8 @@ static int mmc_blk_alloc_rpmb_part(struct mmc_card *card, return 0; +out_cdev_device_del: + cdev_device_del(&rpmb->chrdev, &rpmb->dev); out_put_device: put_device(&rpmb->dev); return ret; @@ -2770,6 +2946,7 @@ static int mmc_blk_alloc_rpmb_part(struct mmc_card *card, static void mmc_blk_remove_rpmb_part(struct mmc_rpmb_data *rpmb) { + rpmb_dev_unregister(rpmb->rdev); cdev_device_del(&rpmb->chrdev, &rpmb->dev); put_device(&rpmb->dev); } From patchwork Wed Jan 31 17:43:47 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jens Wiklander X-Patchwork-Id: 194886 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7301:2087:b0:106:209c:c626 with SMTP id gs7csp2053672dyb; Wed, 31 Jan 2024 09:45:33 -0800 (PST) X-Google-Smtp-Source: AGHT+IG1LEix7h4WWmlToQj8guAcNCUGg3TfMd+ECPfjvIaIXLR0jmdaUY3yLNbAeeRB+pjOc5KA X-Received: by 2002:a05:6402:b12:b0:55f:8054:93fb with SMTP id bm18-20020a0564020b1200b0055f805493fbmr1812567edb.29.1706723132811; Wed, 31 Jan 2024 09:45:32 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706723132; cv=pass; d=google.com; s=arc-20160816; b=IZMu1z4qlnsJAXlTklg814h131Bc7uFrYHCRFjMGlsF87oIz6MCmJNimTLzkGKiEjs mtfvRGwgUTNCwP2UZ1MHZbOY+Bn9KdCdfssLOVhXw8M1NpAfzvlBWpytD/guYA+lr+tD XR8AwKpDXNOTJyFs8BBpYUv/zqW6AGZsMEf4CXEzNtBT7gz/eCrB3mECHUozBhghrbMb MmQtIb/bc6LxlWL8RxgT3jmLjqT4l6rJxQy4mZnVrZNLgZra8rvmiMU4ScadqYOPyCQH fKUrV1VG/w0e5x1KLn7rxamkHmWwv1v8Vxnbu+48qKSNh6B6WdlWsIruJbt9AXxmw75p NcAQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=tzkbYm+QNBarDFTAEygQAzW00yxG3QhrDwb5ZAwnheg=; fh=P1aeN5qzDhPjTmuDCT5Dlhgq9ti0kXhQiVDuTkxNPmk=; b=x0yznNj0qNCmULshQ1k388BDcfMCvoK+YnqhAd2Fohke/1vI0ChKUQxOA3jwOoDSE2 +h8NKqwGzDs0hdlQHjwLdbG4/r/AeqE+M1faNgPYjVHTSFrHc0oiymw+YHIzVW8kig1i cYBrlBIbKIsDhBVCbs651f14zLVEmpmPUhLeLby7fDoaY0PJT/smAtwpJJYv3Wk7LQmg U/gSUZu4p8PO9IyGwKiY5n6+8vpyd2u5NetXtc0XsthhqWeHlDUjMFEt7MoMft9L5dKH dnqR8Z5X3MXnvLyheHO9QrdQt23s/+YmW7saYQrmdRzTe6L7FEwV6qw5TlHR/lVfiRRp o/kw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=nF8IWGl3; arc=pass (i=1 spf=pass spfdomain=linaro.org dkim=pass dkdomain=linaro.org dmarc=pass fromdomain=linaro.org); spf=pass (google.com: domain of linux-kernel+bounces-46924-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-46924-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org X-Forwarded-Encrypted: i=1; AJvYcCXN19sh4XbuxCW7LzN+llsLUQk0TVoCyEscCJm2j8vQmcdjIwDvWcGDMImTh419Db11FHyoIplIGbyhdD3/qUVDjHUFMA== Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id cn3-20020a0564020ca300b0055f85fc145bsi776882edb.388.2024.01.31.09.45.32 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 31 Jan 2024 09:45:32 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-46924-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=nF8IWGl3; arc=pass (i=1 spf=pass spfdomain=linaro.org dkim=pass dkdomain=linaro.org dmarc=pass fromdomain=linaro.org); spf=pass (google.com: domain of linux-kernel+bounces-46924-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-46924-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 431091F21F2D for ; Wed, 31 Jan 2024 17:45:32 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id AF6591350CF; Wed, 31 Jan 2024 17:44:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b="nF8IWGl3" Received: from mail-ed1-f50.google.com (mail-ed1-f50.google.com [209.85.208.50]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8F6B912DDBA for ; Wed, 31 Jan 2024 17:44:10 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.50 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706723053; cv=none; b=PmD5+2x1vkXlizjeRRthdpptHQV3Tk3vKueTO+u6Eot6srAvClv8/oDdjly/MmoIymd/jfEkyJGu8BJ1tlJyMup2LZFM51UMXqC2zo466KdWgsavJdHw6Hes++blB9SobhK1woxy00oIahfnvnDbsaq5hDjgY1PVGoUCQXAGht0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706723053; c=relaxed/simple; bh=jCOBfg47EMuaiLegOBtkN6SbnPHINmajuBTTV/h8CDs=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=rPFLzpZWTT+qJ+sg4C3TJYFZJc9NJ6V27DIlxslQxXv+1Cqjn0wGyG7v+15QIb3tt1rOTqW1Vao0bgTDJ1a/0cQlQ4pmS3Hpz4X20gD74pHaHtrQW2bz70jKKPFgDaF83LK2ILhy7WMuUT9XLYnnWsHdFHCXODj5WClMAccEqLg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linaro.org; spf=pass smtp.mailfrom=linaro.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b=nF8IWGl3; arc=none smtp.client-ip=209.85.208.50 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linaro.org Received: by mail-ed1-f50.google.com with SMTP id 4fb4d7f45d1cf-558f523c072so3969a12.2 for ; Wed, 31 Jan 2024 09:44:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1706723049; x=1707327849; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=tzkbYm+QNBarDFTAEygQAzW00yxG3QhrDwb5ZAwnheg=; b=nF8IWGl3HCJcL/tYCeO6hwThyN+PfZIrgfnuQkTpRBuzMamHwxsu+WoUAKTnYiEPn3 IcbxPSEVWIeIQYEbDne5BzFOinKaagd4vkIAQl2rTGzHvdJZthmsq+C+uHReD2q6eP6H cYxnTdwmTOSDrA745F91oMQ4UolFipdzxsSRff0hXbNsIsfdfuzh8K4UFABxhgegHl4Y mWoz741XRlH/Cv5FbPWXHhS+4gxcYGs15aq9pA8unp653I80HGL/x0RYZZ1+Rawn9SUD TQYmh25XkeGhnmPz6UJiyWZsTtCaId6QWjFZ9Ipi9kGU44fo3BRxwCp9WNNw2dTiJXkZ iZFw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706723049; x=1707327849; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=tzkbYm+QNBarDFTAEygQAzW00yxG3QhrDwb5ZAwnheg=; b=aEcuz1wUkmd9LdZthdpk/J+eSg3D1aq/wDHLSP3K+M4kEuVea4PCv73Ap07EQCG+gf INw7u0D+h5Wc3a9+ncgqTzIYdcB3gqTkUVS+K0qi/H4fQPptQptgkWkEeenRvUOyaFhR H65k4OQ4f4OhAO7tWFQVlMrSEMi+oLUDV+t1jbbYzyNAxU05QkqfphThIznLjpslGkIq pE0Z1Fe71owwmCtoSxUSSANrgsGFC5ILFfCh4S9L9dQ2kkSYok5PpkPsDe2rHbrwixms 94jgoSzhr1l9rjktZE1vmwxseXhcsTSc5hZOnS7Lf1Tu7yW5SFXBlq3vNW7wqXhKFQEO VVKA== X-Gm-Message-State: AOJu0YywngyRJiSiITgPNahtgcI45PtmqBo+pnqkyc3VRa2ry7eAInvq 4a5GmByH2Tt6qM3xRzrt7jsn8bo94LeVE742NeOe0ogXsS0uUTW7bTv41ioXtASDb+k5WAm+4+X 8 X-Received: by 2002:aa7:d6d1:0:b0:55f:80a:3006 with SMTP id x17-20020aa7d6d1000000b0055f080a3006mr1752372edr.2.1706723047272; Wed, 31 Jan 2024 09:44:07 -0800 (PST) Received: from localhost.localdomain (h-217-31-164-171.A175.priv.bahnhof.se. [217.31.164.171]) by smtp.gmail.com with ESMTPSA id o11-20020a056402444b00b0055d3d1653b3sm5712985edb.31.2024.01.31.09.44.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 31 Jan 2024 09:44:06 -0800 (PST) From: Jens Wiklander To: linux-kernel@vger.kernel.org, linux-mmc@vger.kernel.org, op-tee@lists.trustedfirmware.org Cc: Shyam Saini , Ulf Hansson , Jerome Forissier , Sumit Garg , Ilias Apalodimas , Bart Van Assche , Randy Dunlap , Ard Biesheuvel , Arnd Bergmann , Greg Kroah-Hartman , Jens Wiklander Subject: [PATCH v2 3/3] optee: probe RPMB device using RPMB subsystem Date: Wed, 31 Jan 2024 18:43:47 +0100 Message-Id: <20240131174347.510961-4-jens.wiklander@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240131174347.510961-1-jens.wiklander@linaro.org> References: <20240131174347.510961-1-jens.wiklander@linaro.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1789628915387897301 X-GMAIL-MSGID: 1789628915387897301 Adds support in the OP-TEE drivers (both SMC and FF-A ABIs) to probe and use an RPMB device via the RPBM subsystem instead of passing the RPMB frames via tee-supplicant in user space. A fallback mechanism is kept to route RPMB frames via tee-supplicant if the RPMB subsystem isn't available. The OP-TEE RPC ABI is extended to support iterating over all RPMB devices until one is found with the expected RPMB key already programmed. Signed-off-by: Jens Wiklander --- drivers/tee/optee/core.c | 1 + drivers/tee/optee/ffa_abi.c | 2 + drivers/tee/optee/optee_private.h | 6 + drivers/tee/optee/optee_rpc_cmd.h | 33 +++++ drivers/tee/optee/rpc.c | 221 ++++++++++++++++++++++++++++++ drivers/tee/optee/smc_abi.c | 2 + 6 files changed, 265 insertions(+) diff --git a/drivers/tee/optee/core.c b/drivers/tee/optee/core.c index 3aed554bc8d8..21bcccbe2207 100644 --- a/drivers/tee/optee/core.c +++ b/drivers/tee/optee/core.c @@ -177,6 +177,7 @@ void optee_remove_common(struct optee *optee) tee_shm_pool_free(optee->pool); optee_supp_uninit(&optee->supp); mutex_destroy(&optee->call_queue.mutex); + mutex_destroy(&optee->rpmb_dev_mutex); } static int smc_abi_rc; diff --git a/drivers/tee/optee/ffa_abi.c b/drivers/tee/optee/ffa_abi.c index ecb5eb079408..1d207a9d4f3b 100644 --- a/drivers/tee/optee/ffa_abi.c +++ b/drivers/tee/optee/ffa_abi.c @@ -934,6 +934,7 @@ static int optee_ffa_probe(struct ffa_device *ffa_dev) optee_cq_init(&optee->call_queue, 0); optee_supp_init(&optee->supp); optee_shm_arg_cache_init(optee, arg_cache_flags); + mutex_init(&optee->rpmb_dev_mutex); ffa_dev_set_drvdata(ffa_dev, optee); ctx = teedev_open(optee->teedev); if (IS_ERR(ctx)) { @@ -968,6 +969,7 @@ static int optee_ffa_probe(struct ffa_device *ffa_dev) teedev_close_context(ctx); err_rhashtable_free: rhashtable_free_and_destroy(&optee->ffa.global_ids, rh_free_fn, NULL); + mutex_destroy(&optee->rpmb_dev_mutex); optee_supp_uninit(&optee->supp); mutex_destroy(&optee->call_queue.mutex); mutex_destroy(&optee->ffa.mutex); diff --git a/drivers/tee/optee/optee_private.h b/drivers/tee/optee/optee_private.h index 7a5243c78b55..3a87ad4ef1e2 100644 --- a/drivers/tee/optee/optee_private.h +++ b/drivers/tee/optee/optee_private.h @@ -20,6 +20,7 @@ /* Some Global Platform error codes used in this driver */ #define TEEC_SUCCESS 0x00000000 #define TEEC_ERROR_BAD_PARAMETERS 0xFFFF0006 +#define TEEC_ERROR_ITEM_NOT_FOUND 0xFFFF0008 #define TEEC_ERROR_NOT_SUPPORTED 0xFFFF000A #define TEEC_ERROR_COMMUNICATION 0xFFFF000E #define TEEC_ERROR_OUT_OF_MEMORY 0xFFFF000C @@ -197,6 +198,8 @@ struct optee_ops { * @notif: notification synchronization struct * @supp: supplicant synchronization struct for RPC to supplicant * @pool: shared memory pool + * @mutex: mutex protecting @rpmb_dev + * @rpmb_dev: current RPMB device or NULL * @rpc_param_count: If > 0 number of RPC parameters to make room for * @scan_bus_done flag if device registation was already done. * @scan_bus_work workq to scan optee bus and register optee drivers @@ -215,6 +218,9 @@ struct optee { struct optee_notif notif; struct optee_supp supp; struct tee_shm_pool *pool; + /* Protects rpmb_dev pointer */ + struct mutex rpmb_dev_mutex; + struct rpmb_dev *rpmb_dev; unsigned int rpc_param_count; bool scan_bus_done; struct work_struct scan_bus_work; diff --git a/drivers/tee/optee/optee_rpc_cmd.h b/drivers/tee/optee/optee_rpc_cmd.h index f3f06e0994a7..672e5dcdf041 100644 --- a/drivers/tee/optee/optee_rpc_cmd.h +++ b/drivers/tee/optee/optee_rpc_cmd.h @@ -16,6 +16,14 @@ * and sends responses. */ +/* + * Replay Protected Memory Block access + * + * [in] memref[0] Frames to device + * [out] memref[1] Frames from device + */ +#define OPTEE_RPC_CMD_RPMB 1 + /* * Get time * @@ -103,4 +111,29 @@ /* I2C master control flags */ #define OPTEE_RPC_I2C_FLAGS_TEN_BIT BIT(0) +/* + * Reset RPMB probing + * + * Releases an eventually already used RPMB devices and starts over searching + * for RPMB devices. Returns the kind of shared memory to use in subsequent + * OPTEE_RPC_CMD_RPMB_PROBE_NEXT and OPTEE_RPC_CMD_RPMB calls. + * + * [out] value[0].a OPTEE_RPC_SHM_TYPE_*, the parameter for + * OPTEE_RPC_CMD_SHM_ALLOC + */ +#define OPTEE_RPC_CMD_RPMB_PROBE_RESET 22 + +/* + * Probe next RPMB device + * + * [out] value[0].a Must be OPTEE_RPC_RPMB_EMMC + * [out] value[0].b EXT CSD-slice 168 "RPMB Size" + * [out] value[0].c EXT CSD-slice 222 "Reliable Write Sector Count" + * [out] memref[1] Buffer with the raw CID + */ +#define OPTEE_RPC_CMD_RPMB_PROBE_NEXT 23 + +/* Type of RPMB device */ +#define OPTEE_RPC_RPMB_EMMC 0 + #endif /*__OPTEE_RPC_CMD_H*/ diff --git a/drivers/tee/optee/rpc.c b/drivers/tee/optee/rpc.c index e69bc6380683..6fd6f99dafab 100644 --- a/drivers/tee/optee/rpc.c +++ b/drivers/tee/optee/rpc.c @@ -7,6 +7,7 @@ #include #include +#include #include #include #include "optee_private.h" @@ -255,6 +256,217 @@ void optee_rpc_cmd_free_suppl(struct tee_context *ctx, struct tee_shm *shm) optee_supp_thrd_req(ctx, OPTEE_RPC_CMD_SHM_FREE, 1, ¶m); } +static void handle_rpc_func_rpmb_probe_reset(struct tee_context *ctx, + struct optee *optee, + struct optee_msg_arg *arg) +{ + struct tee_param params[1]; + + if (!IS_ENABLED(CONFIG_RPMB)) { + handle_rpc_supp_cmd(ctx, optee, arg); + return; + } + + if (arg->num_params != ARRAY_SIZE(params) || + optee->ops->from_msg_param(optee, params, arg->num_params, + arg->params) || + params[0].attr != TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_OUTPUT) { + arg->ret = TEEC_ERROR_BAD_PARAMETERS; + return; + } + + params[0].u.value.a = OPTEE_RPC_SHM_TYPE_KERNEL; + params[0].u.value.b = 0; + params[0].u.value.c = 0; + if (optee->ops->to_msg_param(optee, arg->params, + arg->num_params, params)) { + arg->ret = TEEC_ERROR_BAD_PARAMETERS; + return; + } + + mutex_lock(&optee->rpmb_dev_mutex); + rpmb_dev_put(optee->rpmb_dev); + optee->rpmb_dev = NULL; + mutex_unlock(&optee->rpmb_dev_mutex); + + arg->ret = TEEC_SUCCESS; +} + +static int rpc_rpmb_match(struct device *dev, const void *data) +{ + return 1; +} + +static void handle_rpc_func_rpmb_probe_next(struct tee_context *ctx, + struct optee *optee, + struct optee_msg_arg *arg) +{ + struct rpmb_dev *start_rdev; + struct rpmb_dev *rdev; + struct tee_param params[2]; + void *buf; + + if (!IS_ENABLED(CONFIG_RPMB)) { + handle_rpc_supp_cmd(ctx, optee, arg); + return; + } + + if (arg->num_params != ARRAY_SIZE(params) || + optee->ops->from_msg_param(optee, params, arg->num_params, + arg->params) || + params[0].attr != TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_OUTPUT || + params[1].attr != TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT) { + arg->ret = TEEC_ERROR_BAD_PARAMETERS; + return; + } + buf = tee_shm_get_va(params[1].u.memref.shm, + params[1].u.memref.shm_offs); + if (!buf) { + arg->ret = TEEC_ERROR_BAD_PARAMETERS; + return; + } + + mutex_lock(&optee->rpmb_dev_mutex); + start_rdev = optee->rpmb_dev; + rdev = rpmb_dev_find_device(NULL, start_rdev, rpc_rpmb_match); + rpmb_dev_put(start_rdev); + optee->rpmb_dev = rdev; + mutex_unlock(&optee->rpmb_dev_mutex); + + if (!rdev) { + arg->ret = TEEC_ERROR_ITEM_NOT_FOUND; + return; + } + + if (params[1].u.memref.size < rdev->dev_id_len) { + arg->ret = TEEC_ERROR_SHORT_BUFFER; + return; + } + memcpy(buf, rdev->dev_id, rdev->dev_id_len); + params[1].u.memref.size = rdev->dev_id_len; + params[0].u.value.a = OPTEE_RPC_RPMB_EMMC; + params[0].u.value.b = rdev->capacity; + params[0].u.value.c = rdev->reliable_wr_count; + if (optee->ops->to_msg_param(optee, arg->params, + arg->num_params, params)) { + arg->ret = TEEC_ERROR_BAD_PARAMETERS; + return; + } + + arg->ret = TEEC_SUCCESS; +} + +/* Request */ +struct rpmb_req { + u16 cmd; +#define RPMB_CMD_DATA_REQ 0x00 +#define RPMB_CMD_GET_DEV_INFO 0x01 + u16 dev_id; + u16 block_count; + /* Optional data frames (rpmb_data_frame) follow */ +}; + +#define RPMB_REQ_DATA(req) ((void *)((struct rpmb_req *)(req) + 1)) + +#define RPMB_CID_SZ 16 + +/* Response to device info request */ +struct rpmb_dev_info { + u8 cid[RPMB_CID_SZ]; + u8 rpmb_size_mult; /* EXT CSD-slice 168: RPMB Size */ + u8 rel_wr_sec_c; /* EXT CSD-slice 222: Reliable Write Sector */ + /* Count */ + u8 ret_code; +#define RPMB_CMD_GET_DEV_INFO_RET_OK 0x00 +#define RPMB_CMD_GET_DEV_INFO_RET_ERROR 0x01 +}; + +static int get_dev_info(struct rpmb_dev *rdev, void *rsp, size_t rsp_size) +{ + struct rpmb_dev_info *dev_info; + + if (rsp_size != sizeof(*dev_info)) + return TEEC_ERROR_BAD_PARAMETERS; + + dev_info = rsp; + memcpy(dev_info->cid, rdev->dev_id, sizeof(dev_info->cid)); + dev_info->rpmb_size_mult = rdev->capacity; + dev_info->rel_wr_sec_c = rdev->reliable_wr_count; + dev_info->ret_code = RPMB_CMD_GET_DEV_INFO_RET_OK; + + return TEEC_SUCCESS; +} + +/* + * req is one struct rpmb_req followed by one or more struct rpmb_data_frame + * rsp is either one struct rpmb_dev_info or one or more struct rpmb_data_frame + */ +static u32 rpmb_process_request(struct optee *optee, struct rpmb_dev *rdev, + void *req, size_t req_size, + void *rsp, size_t rsp_size) +{ + struct rpmb_req *sreq = req; + int rc; + + if (req_size < sizeof(*sreq)) + return TEEC_ERROR_BAD_PARAMETERS; + + switch (sreq->cmd) { + case RPMB_CMD_DATA_REQ: + rc = rpmb_route_frames(rdev, RPMB_REQ_DATA(req), + req_size - sizeof(struct rpmb_req), + rsp, rsp_size); + if (rc) // TODO translate error code + return TEEC_ERROR_BAD_PARAMETERS; + return TEEC_SUCCESS; + case RPMB_CMD_GET_DEV_INFO: + return get_dev_info(rdev, rsp, rsp_size); + default: + return TEEC_ERROR_BAD_PARAMETERS; + } +} + +static void handle_rpc_func_rpmb(struct tee_context *ctx, struct optee *optee, + struct optee_msg_arg *arg) +{ + struct tee_param params[2]; + struct rpmb_dev *rdev; + void *p0, *p1; + + mutex_lock(&optee->rpmb_dev_mutex); + rdev = rpmb_dev_get(optee->rpmb_dev); + mutex_unlock(&optee->rpmb_dev_mutex); + if (!rdev) { + handle_rpc_supp_cmd(ctx, optee, arg); + return; + } + + if (arg->num_params != ARRAY_SIZE(params) || + optee->ops->from_msg_param(optee, params, arg->num_params, + arg->params) || + params[0].attr != TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INPUT || + params[1].attr != TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT) { + arg->ret = TEEC_ERROR_BAD_PARAMETERS; + goto out; + } + + p0 = tee_shm_get_va(params[0].u.memref.shm, + params[0].u.memref.shm_offs); + p1 = tee_shm_get_va(params[1].u.memref.shm, + params[1].u.memref.shm_offs); + arg->ret = rpmb_process_request(optee, rdev, p0, + params[0].u.memref.size, + p1, params[1].u.memref.size); + if (arg->ret) + goto out; + + if (optee->ops->to_msg_param(optee, arg->params, + arg->num_params, params)) + arg->ret = TEEC_ERROR_BAD_PARAMETERS; +out: + rpmb_dev_put(rdev); +} + void optee_rpc_cmd(struct tee_context *ctx, struct optee *optee, struct optee_msg_arg *arg) { @@ -271,6 +483,15 @@ void optee_rpc_cmd(struct tee_context *ctx, struct optee *optee, case OPTEE_RPC_CMD_I2C_TRANSFER: handle_rpc_func_cmd_i2c_transfer(ctx, arg); break; + case OPTEE_RPC_CMD_RPMB_PROBE_RESET: + handle_rpc_func_rpmb_probe_reset(ctx, optee, arg); + break; + case OPTEE_RPC_CMD_RPMB_PROBE_NEXT: + handle_rpc_func_rpmb_probe_next(ctx, optee, arg); + break; + case OPTEE_RPC_CMD_RPMB: + handle_rpc_func_rpmb(ctx, optee, arg); + break; default: handle_rpc_supp_cmd(ctx, optee, arg); } diff --git a/drivers/tee/optee/smc_abi.c b/drivers/tee/optee/smc_abi.c index a37f87087e5c..8c85c3b8dbb4 100644 --- a/drivers/tee/optee/smc_abi.c +++ b/drivers/tee/optee/smc_abi.c @@ -1715,6 +1715,7 @@ static int optee_probe(struct platform_device *pdev) optee->smc.memremaped_shm = memremaped_shm; optee->pool = pool; optee_shm_arg_cache_init(optee, arg_cache_flags); + mutex_init(&optee->rpmb_dev_mutex); platform_set_drvdata(pdev, optee); ctx = teedev_open(optee->teedev); @@ -1782,6 +1783,7 @@ static int optee_probe(struct platform_device *pdev) err_close_ctx: teedev_close_context(ctx); err_supp_uninit: + mutex_destroy(&optee->rpmb_dev_mutex); optee_shm_arg_cache_uninit(optee); optee_supp_uninit(&optee->supp); mutex_destroy(&optee->call_queue.mutex);