From patchwork Tue Feb 27 15:31:30 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Jens Wiklander X-Patchwork-Id: 207285 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:a81b:b0:108:e6aa:91d0 with SMTP id bq27csp2773892dyb; Tue, 27 Feb 2024 07:32:34 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCUuXC+dVS6yzm/RtWedZqd5YvvWJISw2RL7N/jMxSdsDJmOyGeETd6ADyeBW2ZkabZNg7uprFhHvqLYNFwGk9Lb+Fy6nA== X-Google-Smtp-Source: AGHT+IHO2BGZLzw37Oi8ZR+Ty8oWC7q8ujm4/gOkW4cFInrGpkyjYUuKYgIh8biPboxptxK2xYv0 X-Received: by 2002:a05:620a:40d3:b0:787:768a:db6 with SMTP id g19-20020a05620a40d300b00787768a0db6mr3137542qko.16.1709047954358; Tue, 27 Feb 2024 07:32:34 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709047954; cv=pass; d=google.com; s=arc-20160816; b=CldslazbLf+ktavgX9WOltzBeUEtOJsM9VTYyVgHSzNkrRJf5issHktNLZcf9tjysC Iu9UaPRC/9U8IJHpeuzC98L9uJK4YaRtXAZOXYlLS8yg4HoiKVwASgS+4oZ60cm1h2sl aMkFShv6PEU2WrzVOiYLCv9nAfVVXzHO9CVg0oEf8Kqy58mIcHvHNBeJQ8Uax7VrFlNn aXdDZFxpgulw0hd4bHz0ZZ9DPLvwa4oW5sLs4FvJfOhVVUHOjreD8OIt91bxJsYrOmV/ mtbX06DcjtVJfvX5UJY+KOGxSPKA+Wr63xzly9pov9T53r+sEoznkSSGYanvrWUEbjg4 M8Jw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=+dYQ25wm3dbT15Vm3VFxEMhYinQk55qyc79JzeugeO0=; fh=O6LKMXhlLFScmn+GbRUqvtC6093e3qPboug8fegrf+4=; b=v7ftqb+/WYTZanGxJE3u1QBTWX3w5P/t+PRYAYdEx/f9e81iKEc4bwEZnWvMhQvtMv e4xs6e0PmtJ1Wln4n7Z1o6oathIYj/3OI65TOZxVjeRJOweVm7N0eZUzKfZK8CKHJM7o KexVYbbbw1M06Oe1CEXqI3k63/Cs0KN2zl/Up3jT5kgDZGlDIIdGUCxoqPwUjI6q5zQ2 yGeHwZUryworYOidNt6rjBu99ZD6OhlCn0KgOb9+iZvdkCRpVumQqgegHZShnplbOl9F lakxB41sil4DGMe772FuMbh0cgNsQuzZTi+bjX0sHn49SddWEMowXd258bzL9dRb4CXL QqzA==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=bSgxG3Fe; arc=pass (i=1 spf=pass spfdomain=linaro.org dkim=pass dkdomain=linaro.org dmarc=pass fromdomain=linaro.org); spf=pass (google.com: domain of linux-kernel+bounces-83507-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-83507-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id t14-20020a05620a004e00b00787bd3388a2si7416485qkt.565.2024.02.27.07.32.34 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 27 Feb 2024 07:32:34 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-83507-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=bSgxG3Fe; arc=pass (i=1 spf=pass spfdomain=linaro.org dkim=pass dkdomain=linaro.org dmarc=pass fromdomain=linaro.org); spf=pass (google.com: domain of linux-kernel+bounces-83507-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-83507-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 128441C22482 for ; Tue, 27 Feb 2024 15:32:34 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id F37961474DC; Tue, 27 Feb 2024 15:31:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b="bSgxG3Fe" Received: from mail-lf1-f54.google.com (mail-lf1-f54.google.com [209.85.167.54]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 219EC145351 for ; Tue, 27 Feb 2024 15:31:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.167.54 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709047907; cv=none; b=OhdlrgtVbBw9kBOH0ItzEW81MjDUE/tXgsH7Yc64Zy/P+ZAzBWRhTKDOUEzPiNkE0qboMxh7/lmD7lkGnZSKlUIakxoeCjA/RiSxjTdJpGXyx+dPoixv6ar+viV0nY6Mkl341zAIegwDs497tHVaeUL8KHXF1DMuj3iia3vM4+w= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709047907; c=relaxed/simple; bh=oMSihfIj6FVmvPDkRomrwbKv5TGKvQOpMPNohnzgfc8=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version:Content-Type; b=pnALbGWBSDqE4o4IJkW2wNpn/VRXY7jlWV3H2MMJs0joa83A2l3A0SELxxfbonzgN4bFy6GTFRFtrqhIM4cZr1i8ARnfcEPnz8JdndWbtUEKLmYNKpsseWgTw9AQdU+W29uyyxRxrKaL8tfkhjh88qXlL792G5fzEFhwhpjplVY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linaro.org; spf=pass smtp.mailfrom=linaro.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b=bSgxG3Fe; arc=none smtp.client-ip=209.85.167.54 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linaro.org Received: by mail-lf1-f54.google.com with SMTP id 2adb3069b0e04-513031cff23so1082850e87.1 for ; Tue, 27 Feb 2024 07:31:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1709047903; x=1709652703; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=+dYQ25wm3dbT15Vm3VFxEMhYinQk55qyc79JzeugeO0=; b=bSgxG3FePRzcFFhMjnN3afi0RkwZ+1Q6wV1nHkcberk5jSf9RLKM9maMaIzVAqpK9o rqhQekEPDY9stlGOaGCERiPfJhUGXa8r6Ei7N9O+OPFp0Joeoo0c+4Pl1FDUyyrLhmP1 1wrSjCW3+aOgIeRuHG8nFPv0xSSPJTDK23xDHy4xmeBe2E9/LOY8HWhMhQl8zLG8sI81 AeoaudO9j4stQRlPTPwCYAKp1FrckKIvBeK6MWcSGOg6jhrC90CvimdbAbzE02XwsvLs HjmfMkXrFbDYbjL8ndEFDe+DaihQT9hzoYSESKXnfw+KLQ3qYuhYr4FOkbOUKEOBRuIx JUpg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709047903; x=1709652703; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=+dYQ25wm3dbT15Vm3VFxEMhYinQk55qyc79JzeugeO0=; b=bd7uCoV1N21h1AXXv9iOLtCemD4U5VRAeFzl7ULUXhcm623V4oKtE7xF877V/NGDq/ pxqZrejAFqOzwNItWckU3YiWtwbh+qdbeb6Iu5O3OkARbUmcK7qnOaYxw4DOv75DVto0 XTE2JjCVb8a3oO3mlmm5Z9mR4TtwEYZUymIkfHQGFZdw308VEsxypUr/svbNpmFomgp8 QHGeGAf05e28DxPLNR0uXF/6i93WaEzISwLfrPuo4PfVlyCHNmavA117EMPbv5YOIDry bOC7sFoXwwfJ4l33laU35h0RxvkHsFnPY3K2PBiPBCCrsjRFzI13Cnt0lIALJfqW6d7d wjJQ== X-Gm-Message-State: AOJu0YxiIz7bfdqFoNnzwjPW3tQF27reNUErE6c3evG538iqQ4CukJYD hgfviGkHdeZ/DBpCqBG4Yk4dVdJviIoqxp6WFl3mlYE/XPE7KCTyl0vE+/TnkNBk8rWpp8lu+D0 j X-Received: by 2002:a05:6512:2096:b0:513:1332:ddc7 with SMTP id t22-20020a056512209600b005131332ddc7mr493630lfr.25.1709047903009; Tue, 27 Feb 2024 07:31:43 -0800 (PST) Received: from localhost.localdomain (h-217-31-164-171.A175.priv.bahnhof.se. [217.31.164.171]) by smtp.gmail.com with ESMTPSA id h18-20020a19ca52000000b00513003b8ebesm586969lfj.135.2024.02.27.07.31.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 27 Feb 2024 07:31:42 -0800 (PST) From: Jens Wiklander To: linux-kernel@vger.kernel.org, linux-mmc@vger.kernel.org, op-tee@lists.trustedfirmware.org Cc: Shyam Saini , Ulf Hansson , Jerome Forissier , Sumit Garg , Ilias Apalodimas , Bart Van Assche , Randy Dunlap , Ard Biesheuvel , Arnd Bergmann , Greg Kroah-Hartman , Jens Wiklander , Tomas Winkler , =?utf-8?q?Alex_Benn=C3=A9e?= Subject: [PATCH v3 1/3] rpmb: add Replay Protected Memory Block (RPMB) subsystem Date: Tue, 27 Feb 2024 16:31:30 +0100 Message-Id: <20240227153132.2611499-2-jens.wiklander@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240227153132.2611499-1-jens.wiklander@linaro.org> References: <20240227153132.2611499-1-jens.wiklander@linaro.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1792066667447803477 X-GMAIL-MSGID: 1792066667447803477 A number of storage technologies support a specialised hardware partition designed to be resistant to replay attacks. The underlying HW protocols differ but the operations are common. The RPMB partition cannot be accessed via standard block layer, but by a set of specific RPMB commands: WRITE, READ, GET_WRITE_COUNTER, and PROGRAM_KEY. Such a partition provides authenticated and replay protected access, hence suitable as a secure storage. The initial aim of this patch is to provide a simple RPMB driver interface which can be accessed by the optee driver to facilitate early RPMB access to OP-TEE OS (secure OS) during the boot time. A TEE device driver can claim the RPMB interface, for example, via rpmb_interface_register() or rpmb_dev_find_device(). The RPMB driver provides a callback to route RPMB frames to the RPMB device accessible via rpmb_route_frames(). The detailed operation of implementing the access is left to the TEE device driver itself. Signed-off-by: Tomas Winkler Signed-off-by: Alex BennĂ©e Signed-off-by: Shyam Saini Signed-off-by: Jens Wiklander --- MAINTAINERS | 7 ++ drivers/misc/Kconfig | 10 ++ drivers/misc/Makefile | 1 + drivers/misc/rpmb-core.c | 258 +++++++++++++++++++++++++++++++++++++++ include/linux/rpmb.h | 195 +++++++++++++++++++++++++++++ 5 files changed, 471 insertions(+) create mode 100644 drivers/misc/rpmb-core.c create mode 100644 include/linux/rpmb.h diff --git a/MAINTAINERS b/MAINTAINERS index 8999497011a2..e83152c42499 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -19012,6 +19012,13 @@ T: git git://linuxtv.org/media_tree.git F: Documentation/devicetree/bindings/media/allwinner,sun8i-a83t-de2-rotate.yaml F: drivers/media/platform/sunxi/sun8i-rotate/ +RPMB SUBSYSTEM +M: Jens Wiklander +L: linux-kernel@vger.kernel.org +S: Supported +F: drivers/misc/rpmb-core.c +F: include/linux/rpmb.h + RPMSG TTY DRIVER M: Arnaud Pouliquen L: linux-remoteproc@vger.kernel.org diff --git a/drivers/misc/Kconfig b/drivers/misc/Kconfig index 4fb291f0bf7c..dbff9e8c3a03 100644 --- a/drivers/misc/Kconfig +++ b/drivers/misc/Kconfig @@ -104,6 +104,16 @@ config PHANTOM If you choose to build module, its name will be phantom. If unsure, say N here. +config RPMB + tristate "RPMB partition interface" + depends on MMC + help + Unified RPMB unit interface for RPMB capable devices such as eMMC and + UFS. Provides interface for in-kernel security controllers to access + RPMB unit. + + If unsure, select N. + config TIFM_CORE tristate "TI Flash Media interface support" depends on PCI diff --git a/drivers/misc/Makefile b/drivers/misc/Makefile index ea6ea5bbbc9c..8af058ad1df4 100644 --- a/drivers/misc/Makefile +++ b/drivers/misc/Makefile @@ -15,6 +15,7 @@ obj-$(CONFIG_LKDTM) += lkdtm/ obj-$(CONFIG_TIFM_CORE) += tifm_core.o obj-$(CONFIG_TIFM_7XX1) += tifm_7xx1.o obj-$(CONFIG_PHANTOM) += phantom.o +obj-$(CONFIG_RPMB) += rpmb-core.o obj-$(CONFIG_QCOM_COINCELL) += qcom-coincell.o obj-$(CONFIG_QCOM_FASTRPC) += fastrpc.o obj-$(CONFIG_SENSORS_BH1770) += bh1770glc.o diff --git a/drivers/misc/rpmb-core.c b/drivers/misc/rpmb-core.c new file mode 100644 index 000000000000..e0003b039e9f --- /dev/null +++ b/drivers/misc/rpmb-core.c @@ -0,0 +1,258 @@ +// SPDX-License-Identifier: GPL-2.0 +/* + * Copyright(c) 2015 - 2019 Intel Corporation. All rights reserved. + * Copyright(c) 2021 - 2024 Linaro Ltd. + */ +#include +#include +#include +#include +#include +#include +#include +#include + +static struct list_head rpmb_dev_list; +static struct list_head rpmb_intf_list; +static DEFINE_MUTEX(rpmb_mutex); + +/** + * rpmb_dev_get() - increase rpmb device ref counter + * @rdev: rpmb device + */ +struct rpmb_dev *rpmb_dev_get(struct rpmb_dev *rdev) +{ + if (rdev) + get_device(rdev->parent_dev); + return rdev; +} +EXPORT_SYMBOL_GPL(rpmb_dev_get); + +/** + * rpmb_dev_put() - decrease rpmb device ref counter + * @rdev: rpmb device + */ +void rpmb_dev_put(struct rpmb_dev *rdev) +{ + if (rdev) + put_device(rdev->parent_dev); +} +EXPORT_SYMBOL_GPL(rpmb_dev_put); + +/** + * rpmb_route_frames() - route rpmb frames to rpmb device + * @rdev: rpmb device + * @req: rpmb request frames + * @req_len: length of rpmb request frames in bytes + * @rsp: rpmb response frames + * @rsp_len: length of rpmb response frames in bytes + * + * Returns: < 0 on failure + */ +int rpmb_route_frames(struct rpmb_dev *rdev, u8 *req, + unsigned int req_len, u8 *rsp, unsigned int rsp_len) +{ + struct rpmb_frame *frm = (struct rpmb_frame *)req; + u16 req_type; + bool write; + + if (!req || req_len < sizeof(*frm) || !rsp || !rsp_len) + return -EINVAL; + + req_type = be16_to_cpu(frm->req_resp); + switch (req_type) { + case RPMB_PROGRAM_KEY: + if (req_len != sizeof(struct rpmb_frame) || + rsp_len != sizeof(struct rpmb_frame)) + return -EINVAL; + write = true; + break; + case RPMB_GET_WRITE_COUNTER: + if (req_len != sizeof(struct rpmb_frame) || + rsp_len != sizeof(struct rpmb_frame)) + return -EINVAL; + write = false; + break; + case RPMB_WRITE_DATA: + if (req_len % sizeof(struct rpmb_frame) || + rsp_len != sizeof(struct rpmb_frame)) + return -EINVAL; + write = true; + break; + case RPMB_READ_DATA: + if (req_len != sizeof(struct rpmb_frame) || + rsp_len % sizeof(struct rpmb_frame)) + return -EINVAL; + write = false; + break; + default: + return -EINVAL; + } + + return rdev->ops->route_frames(rdev->parent_dev, write, + req, req_len, rsp, rsp_len); +} +EXPORT_SYMBOL_GPL(rpmb_route_frames); + +/** + * rpmb_dev_find_device() - return first matching rpmb device + * @data: data for the match function + * @match: the matching function + * + * Returns: a matching rpmb device or NULL on failure + */ +struct rpmb_dev *rpmb_dev_find_device(const void *data, + const struct rpmb_dev *start, + int (*match)(struct rpmb_dev *rdev, + const void *data)) +{ + struct rpmb_dev *rdev; + struct list_head *pos; + + mutex_lock(&rpmb_mutex); + if (start) + pos = start->list_node.next; + else + pos = rpmb_dev_list.next; + + while (pos != &rpmb_dev_list) { + rdev = container_of(pos, struct rpmb_dev, list_node); + if (match(rdev, data)) { + rpmb_dev_get(rdev); + goto out; + } + pos = pos->next; + } + rdev = NULL; + +out: + mutex_unlock(&rpmb_mutex); + + return rdev; +} + +/** + * rpmb_dev_unregister() - unregister RPMB partition from the RPMB subsystem + * @rdev: the rpmb device to unregister + * + * Returns: < 0 on failure + */ +int rpmb_dev_unregister(struct rpmb_dev *rdev) +{ + if (!rdev) + return -EINVAL; + + mutex_lock(&rpmb_mutex); + list_del(&rdev->list_node); + mutex_unlock(&rpmb_mutex); + kfree(rdev->dev_id); + kfree(rdev); + + return 0; +} +EXPORT_SYMBOL_GPL(rpmb_dev_unregister); + +/** + * rpmb_dev_register - register RPMB partition with the RPMB subsystem + * @dev: storage device of the rpmb device + * @ops: device specific operations + * + * While registering the RPMB partition extract needed device information + * while needed resources are available. + * + * Returns: a pointer to a 'struct rpmb_dev' or an ERR_PTR on failure + */ +struct rpmb_dev *rpmb_dev_register(struct device *dev, + const struct rpmb_ops *ops) +{ + struct rpmb_dev *rdev; + struct rpmb_interface *intf; + int ret; + + if (!dev || !ops || !ops->route_frames || !ops->set_dev_info) + return ERR_PTR(-EINVAL); + + rdev = kzalloc(sizeof(*rdev), GFP_KERNEL); + if (!rdev) + return ERR_PTR(-ENOMEM); + + mutex_lock(&rpmb_mutex); + list_add_tail(&rdev->list_node, &rpmb_dev_list); + mutex_unlock(&rpmb_mutex); + + rdev->ops = ops; + + rdev->parent_dev = dev; + + ret = ops->set_dev_info(dev, rdev); + if (ret) + goto exit; + + dev_dbg(rdev->parent_dev, "registered device\n"); + + mutex_lock(&rpmb_mutex); + list_for_each_entry(intf, &rpmb_intf_list, list_node) + if (intf->add_rdev) + intf->add_rdev(intf, rdev); + mutex_unlock(&rpmb_mutex); + + return rdev; + +exit: + mutex_lock(&rpmb_mutex); + list_del(&rdev->list_node); + mutex_unlock(&rpmb_mutex); + kfree(rdev); + return ERR_PTR(ret); +} +EXPORT_SYMBOL_GPL(rpmb_dev_register); + +/** + * rpmb_interface_register() - register for new device notifications + * + * @intf : pointer to interface struct with a notification callback + */ +void rpmb_interface_register(struct rpmb_interface *intf) +{ + struct rpmb_dev *rdev; + + mutex_lock(&rpmb_mutex); + list_add_tail(&intf->list_node, &rpmb_intf_list); + if (intf->add_rdev) + list_for_each_entry(rdev, &rpmb_dev_list, list_node) + intf->add_rdev(intf, rdev); + mutex_unlock(&rpmb_mutex); +} +EXPORT_SYMBOL_GPL(rpmb_interface_register); + +/** + * rpmb_interface_unregister() - unregister from new device notifications + * + * @intf : pointer to previously registered interface struct + */ +void rpmb_interface_unregister(struct rpmb_interface *intf) +{ + mutex_lock(&rpmb_mutex); + list_del(&intf->list_node); + mutex_unlock(&rpmb_mutex); +} +EXPORT_SYMBOL_GPL(rpmb_interface_unregister); + +static int __init rpmb_init(void) +{ + INIT_LIST_HEAD(&rpmb_dev_list); + INIT_LIST_HEAD(&rpmb_intf_list); + return 0; +} + +static void __exit rpmb_exit(void) +{ + mutex_destroy(&rpmb_mutex); +} + +subsys_initcall(rpmb_init); +module_exit(rpmb_exit); + +MODULE_AUTHOR("Jens Wiklander "); +MODULE_DESCRIPTION("RPMB class"); +MODULE_LICENSE("GPL"); diff --git a/include/linux/rpmb.h b/include/linux/rpmb.h new file mode 100644 index 000000000000..c4b13dad10c4 --- /dev/null +++ b/include/linux/rpmb.h @@ -0,0 +1,195 @@ +/* SPDX-License-Identifier: BSD-3-Clause OR GPL-2.0 */ +/* + * Copyright (C) 2015-2019 Intel Corp. All rights reserved + * Copyright (C) 2021-2022 Linaro Ltd + */ +#ifndef __RPMB_H__ +#define __RPMB_H__ + +#include +#include + +/** + * struct rpmb_frame - rpmb frame as defined by specs + * + * @stuff : stuff bytes + * @key_mac : The authentication key or the message authentication + * code (MAC) depending on the request/response type. + * The MAC will be delivered in the last (or the only) + * block of data. + * @data : Data to be written or read by signed access. + * @nonce : Random number generated by the host for the requests + * and copied to the response by the RPMB engine. + * @write_counter: Counter value for the total amount of the successful + * authenticated data write requests made by the host. + * @addr : Address of the data to be programmed to or read + * from the RPMB. Address is the serial number of + * the accessed block (half sector 256B). + * @block_count : Number of blocks (half sectors, 256B) requested to be + * read/programmed. + * @result : Includes information about the status of the write counter + * (valid, expired) and result of the access made to the RPMB. + * @req_resp : Defines the type of request and response to/from the memory. + */ +struct rpmb_frame { + u8 stuff[196]; + u8 key_mac[32]; + u8 data[256]; + u8 nonce[16]; + __be32 write_counter; + __be16 addr; + __be16 block_count; + __be16 result; + __be16 req_resp; +} __packed; + +#define RPMB_PROGRAM_KEY 0x1 /* Program RPMB Authentication Key */ +#define RPMB_GET_WRITE_COUNTER 0x2 /* Read RPMB write counter */ +#define RPMB_WRITE_DATA 0x3 /* Write data to RPMB partition */ +#define RPMB_READ_DATA 0x4 /* Read data from RPMB partition */ +#define RPMB_RESULT_READ 0x5 /* Read result request (Internal) */ + +#define RPMB_REQ2RESP(_OP) ((_OP) << 8) +#define RPMB_RESP2REQ(_OP) ((_OP) >> 8) + +/** + * enum rpmb_op_result - rpmb operation results + * + * @RPMB_ERR_OK : operation successful + * @RPMB_ERR_GENERAL : general failure + * @RPMB_ERR_AUTH : mac doesn't match or ac calculation failure + * @RPMB_ERR_COUNTER : counter doesn't match or counter increment failure + * @RPMB_ERR_ADDRESS : address out of range or wrong address alignment + * @RPMB_ERR_WRITE : data, counter, or result write failure + * @RPMB_ERR_READ : data, counter, or result read failure + * @RPMB_ERR_NO_KEY : authentication key not yet programmed + * + * @RPMB_ERR_COUNTER_EXPIRED: counter expired + */ +enum rpmb_op_result { + RPMB_ERR_OK = 0x0000, + RPMB_ERR_GENERAL = 0x0001, + RPMB_ERR_AUTH = 0x0002, + RPMB_ERR_COUNTER = 0x0003, + RPMB_ERR_ADDRESS = 0x0004, + RPMB_ERR_WRITE = 0x0005, + RPMB_ERR_READ = 0x0006, + RPMB_ERR_NO_KEY = 0x0007, + + RPMB_ERR_COUNTER_EXPIRED = 0x0080 +}; + +/** + * enum rpmb_type - type of underlying storage technology + * + * @RPMB_TYPE_EMMC : emmc (JESD84-B50.1) + * @RPMB_TYPE_UFS : UFS (JESD220) + * @RPMB_TYPE_NVME : NVM Express + */ +enum rpmb_type { + RPMB_TYPE_EMMC, + RPMB_TYPE_UFS, + RPMB_TYPE_NVME, +}; + +/** + * struct rpmb_dev - device which can support RPMB partition + * + * @parent_dev : parent device + * @list_node : linked list node + * @ops : operation exported by rpmb + * @dev_id : unique device identifier read from the hardware + * @dev_id_len : length of unique device identifier + * @reliable_wr_count: number of sectors that can be written in one access + * @capacity : capacity of the device in units of 128K + */ +struct rpmb_dev { + struct device *parent_dev; + struct list_head list_node; + const struct rpmb_ops *ops; + u8 *dev_id; + size_t dev_id_len; + u16 reliable_wr_count; + u16 capacity; +}; + +/** + * struct rpmb_ops - RPMB ops to be implemented by underlying block device + * + * @type : block device type + * @route_frames : routes frames to and from the RPMB device + * @set_dev_info : extracts device info from the RPMB device + */ +struct rpmb_ops { + enum rpmb_type type; + int (*set_dev_info)(struct device *dev, struct rpmb_dev *rdev); + int (*route_frames)(struct device *dev, bool write, + u8 *req, unsigned int req_len, + u8 *resp, unsigned int resp_len); +}; + +/** + * struct rpmb_interface - subscribe to new RPMB devices + * + * @list_node : linked list node + * @add_rdev : notifies that a new RPMB device has been found + */ +struct rpmb_interface { + struct list_head list_node; + void (*add_rdev)(struct rpmb_interface *intf, struct rpmb_dev *rdev); +}; + +#if IS_ENABLED(CONFIG_RPMB) +struct rpmb_dev *rpmb_dev_get(struct rpmb_dev *rdev); +void rpmb_dev_put(struct rpmb_dev *rdev); +struct rpmb_dev *rpmb_dev_find_device(const void *data, + const struct rpmb_dev *start, + int (*match)(struct rpmb_dev *rdev, + const void *data)); +struct rpmb_dev *rpmb_dev_register(struct device *dev, + const struct rpmb_ops *ops); +int rpmb_dev_unregister(struct rpmb_dev *rdev); + +int rpmb_route_frames(struct rpmb_dev *rdev, u8 *req, + unsigned int req_len, u8 *resp, unsigned int resp_len); + +void rpmb_interface_register(struct rpmb_interface *intf); +void rpmb_interface_unregister(struct rpmb_interface *intf); +#else +static inline struct rpmb_dev *rpmb_dev_get(struct rpmb_dev *rdev) +{ + return NULL; +} + +static inline void rpmb_dev_put(struct rpmb_dev *rdev) { } + +static inline struct rpmb_dev * +rpmb_dev_find_device(const void *data, const struct rpmb_dev *start, + int (*match)(struct rpmb_dev *rdev, const void *data)) +{ + return NULL; +} + +static inline struct rpmb_dev * +rpmb_dev_register(struct device *dev, const struct rpmb_ops *ops) +{ + return NULL; +} + +static inline int rpmb_dev_unregister(struct rpmb_dev *dev) +{ + return 0; +} + +static inline int rpmb_route_frames(struct rpmb_dev *rdev, u8 *req, + unsigned int req_len, u8 *resp, + unsigned int resp_len) +{ + return -EOPNOTSUPP; +} + +static inline void rpmb_interface_register(struct rpmb_interface *intf) { } +static inline void rpmb_interface_unregister(struct rpmb_interface *intf) { } +#endif /* CONFIG_RPMB */ + +#endif /* __RPMB_H__ */ From patchwork Tue Feb 27 15:31:31 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jens Wiklander X-Patchwork-Id: 207284 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:a81b:b0:108:e6aa:91d0 with SMTP id bq27csp2773867dyb; Tue, 27 Feb 2024 07:32:31 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCVjqj/jdZ8QpYfKlePghmA1OLtaJaeaWR5HMV4eH5OT28p1MIFO6YfCh45aFZ+fXbm1GDAiBVOkUDLby3Oq5UTJmlmYMg== X-Google-Smtp-Source: AGHT+IGzs/zsXJxT4uf0GYB6RAXVlItOI6Iv4OVBWbiZs0SrDbrWLBsUSKSXpBmmFxXfClG94lhK X-Received: by 2002:a05:6358:6386:b0:17b:57fd:ec5d with SMTP id k6-20020a056358638600b0017b57fdec5dmr14464939rwh.24.1709047951552; Tue, 27 Feb 2024 07:32:31 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709047951; cv=pass; d=google.com; s=arc-20160816; b=pR8ngJyRTB5+kvrbI+ws2Q5l9NbG9zElKpIBDA/8c9hyrOMpTpcPYOcsLb1tW+QNoQ Snz0AtYl8qqYr/yh9IGkFnko9tp2/11Zr18JTey+YFbEDCh37nIeHY5ddYf51YbIqAsZ 3pSuf9CIvBI+uwL2ijRbTaPxJIXLGq3o4rIjnn//oIi0sh/IvgmYM6JTkFKPniakjfYz dLTOlX+pVjCXcJc1fqsN/MmJKjB4OUsVDScsA6FEJJR4snpbngXVhM68XLoLBA4gkhQr aMVxL9uq6LmuGbFPIEOiUCceL7cLSXPWGtmOfp4k2wrBp/JOSSbeUmM3xEhYqVuxA/km rSqw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=Wv9SZmk5WjM4EeRmP21EiIvOKib0FvHdz7yfzOH1038=; fh=HSwdK3EBqyXJUP7yN49lYZAR5SVrPmfpoeHXK2nFlgw=; b=AghCaj+GEbwP4e9w0tCk0kvPqO3rE97a1yYCSQE3GBu2u313KSPVCKxhgteAR/e9K3 M/e81MV0yn6vLatkremBYeiiSFRPHbJeQh3ishEagRr4/VYmlexsFOR0ntiZ+50pE8QF 2ArppENDLdY9LU7GV5TPGUZrp4byROnaTq2Kc7H/Qx2xmDu7MGRSSjPXaK2X8LC+R+V2 fZujrzGecx0hk6SwNjc2q/BRXpfU21vuUiwRM1/8SZ3HavvYxAoW7MWRk/X9qJUCJ7Ay n2BO+tTUGwz4P/nq+Icem1puwJGBH9g0tZBnXT8AlXrS54vivk+wB6gsPJx8xu9DYQYL lVhw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=uBLgjC1d; arc=pass (i=1 spf=pass spfdomain=linaro.org dkim=pass dkdomain=linaro.org dmarc=pass fromdomain=linaro.org); spf=pass (google.com: domain of linux-kernel+bounces-83508-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-83508-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id u23-20020a05620a023700b00787aae4d19esi7379256qkm.781.2024.02.27.07.32.31 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 27 Feb 2024 07:32:31 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-83508-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=uBLgjC1d; arc=pass (i=1 spf=pass spfdomain=linaro.org dkim=pass dkdomain=linaro.org dmarc=pass fromdomain=linaro.org); spf=pass (google.com: domain of linux-kernel+bounces-83508-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-83508-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 44C2C1C21EC3 for ; Tue, 27 Feb 2024 15:32:31 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id A25BE145B07; Tue, 27 Feb 2024 15:31:52 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b="uBLgjC1d" Received: from mail-lf1-f44.google.com (mail-lf1-f44.google.com [209.85.167.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DCF47145B1D for ; Tue, 27 Feb 2024 15:31:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.167.44 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709047908; cv=none; b=Xs7h+KZtruHnBkxspM1oAs7QNhBGtrEn9uUjcSGUQ0VMo5V82zFVpFIp+HDD8XpXH4rCHXHn0+0iqFKHbcKR9TdpTr8EHI/3Yonb1cCt5wbx05y/ngLgsnwVMnLOsSEUZXyF5JVtw3M4kKJLGSkzZ9fhL3c8Ga86lSdisQTm/pw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709047908; c=relaxed/simple; bh=1dJ5KMO115zjWy3uSjyJd8Z3pSKqxO7u/Ndcu01pUro=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=gvOxWxcnjrat1hxqfyj8+mgSq6MSM+h66wuIzTkizkzMsqBkoUMPBT32Sns2HS/ILESRyqx0nEwdYr4ZidGl9CXQ3VgAf2mKne1aeDoPlwoixmL5x6+QGgArN24steU/wZgLxIQiJtOuFozNWvWXf6sKSqwTqGE1dT1xUDtYTck= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linaro.org; spf=pass smtp.mailfrom=linaro.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b=uBLgjC1d; arc=none smtp.client-ip=209.85.167.44 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linaro.org Received: by mail-lf1-f44.google.com with SMTP id 2adb3069b0e04-51316d6e026so196380e87.1 for ; Tue, 27 Feb 2024 07:31:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1709047905; x=1709652705; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Wv9SZmk5WjM4EeRmP21EiIvOKib0FvHdz7yfzOH1038=; b=uBLgjC1dF9G+iWKmNFJRKgz8tVPRZNOE2nbgWSvYxIJDYJCFDSCGnRAChykoCIzlQ1 mG5hfbMRyfLH48U0CR160y1+koqFMSvUSiHpFVE/DG/zwn78MW8dwH63UdyC+fYL+WBU HDSizMkDTblfxbOkR73mLUI0OM79jlnbJHx2q7k08RPVanH+2PNnRyDf1FHXZ87rtCgq MiiMMDzZ2cd4JNb7fdszL57pWZs1BdbUO+oW6OvTDZbuQ1xZhVX+ouS9JXOwKJ06746g EsmXaGZozePHIcmDFmfUgEB6ak9cOG+WefcvCEPWHg/clzXzpCLCY011iDz/A5btbN1O fbFQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709047905; x=1709652705; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Wv9SZmk5WjM4EeRmP21EiIvOKib0FvHdz7yfzOH1038=; b=ZKMD6K0n1QrpwrToVdA7kh4UwMkmNUaY7G4mHD8rBkwOr4YturSX9R47B+fIzV4Vxd rjs7S+sWi3+jKk9K711OKE+WDIC3Th4YL1961TVpi/LvroTxfCz22LjwHbX4K8uAzraV wVdf7uT7KQ2zQ5c4rm0Raul3WNsfNBYJZDhXHyiheAPHcC0eNURdtyFy5ZYxGOP1zyop 4fmesFvzF8DZAsVcb/uVOlvRyTn6tjkujwWZHy5Bs4BXOnCk9D0V6U1/HgdXYLJavUw6 8QLzrxXWtddRPd5ikNN6l9Npt0GJEttXNCK5J3NExpShDnl7UDT/zkU5DAPQPPU7T/QR ZOlA== X-Gm-Message-State: AOJu0YzzrNOKSNXtq9PlflHBUTnG966sEGXR+21tRghqpamBZNaw20Pj 95p8LM151uIofMmY1mHKAuyaVDbja48d6/RZVZwf6Gpb+g0rihspf/B872Nm2tIigrrT5fstNZT Z X-Received: by 2002:a05:6512:2820:b0:512:ba41:51f with SMTP id cf32-20020a056512282000b00512ba41051fmr7593969lfb.50.1709047904687; Tue, 27 Feb 2024 07:31:44 -0800 (PST) Received: from localhost.localdomain (h-217-31-164-171.A175.priv.bahnhof.se. [217.31.164.171]) by smtp.gmail.com with ESMTPSA id h18-20020a19ca52000000b00513003b8ebesm586969lfj.135.2024.02.27.07.31.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 27 Feb 2024 07:31:44 -0800 (PST) From: Jens Wiklander To: linux-kernel@vger.kernel.org, linux-mmc@vger.kernel.org, op-tee@lists.trustedfirmware.org Cc: Shyam Saini , Ulf Hansson , Jerome Forissier , Sumit Garg , Ilias Apalodimas , Bart Van Assche , Randy Dunlap , Ard Biesheuvel , Arnd Bergmann , Greg Kroah-Hartman , Jens Wiklander , Tomas Winkler , Alexander Usyskin Subject: [PATCH v3 2/3] mmc: block: register RPMB partition with the RPMB subsystem Date: Tue, 27 Feb 2024 16:31:31 +0100 Message-Id: <20240227153132.2611499-3-jens.wiklander@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240227153132.2611499-1-jens.wiklander@linaro.org> References: <20240227153132.2611499-1-jens.wiklander@linaro.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1792066664958142597 X-GMAIL-MSGID: 1792066664958142597 Register eMMC RPMB partition with the RPMB subsystem and provide an implementation for the RPMB access operations abstracting the actual multi step process. Add a callback to extract the needed device information at registration to avoid accessing the struct mmc_card at a later stage as we're not holding a reference counter for this struct. Taking the needed reference to md->disk in mmc_blk_alloc_rpmb_part() instead of in mmc_rpmb_chrdev_open(). This is needed by the route_frames() function pointer in struct rpmb_ops. Signed-off-by: Tomas Winkler Signed-off-by: Alexander Usyskin Signed-off-by: Jens Wiklander --- drivers/mmc/core/block.c | 153 ++++++++++++++++++++++++++++++++++++++- 1 file changed, 151 insertions(+), 2 deletions(-) diff --git a/drivers/mmc/core/block.c b/drivers/mmc/core/block.c index 32d49100dff5..f35c99638eb2 100644 --- a/drivers/mmc/core/block.c +++ b/drivers/mmc/core/block.c @@ -33,6 +33,7 @@ #include #include #include +#include #include #include #include @@ -40,6 +41,7 @@ #include #include #include +#include #include #include @@ -163,6 +165,7 @@ struct mmc_rpmb_data { int id; unsigned int part_index; struct mmc_blk_data *md; + struct rpmb_dev *rdev; struct list_head node; }; @@ -2672,7 +2675,6 @@ static int mmc_rpmb_chrdev_open(struct inode *inode, struct file *filp) get_device(&rpmb->dev); filp->private_data = rpmb; - mmc_blk_get(rpmb->md->disk); return nonseekable_open(inode, filp); } @@ -2682,7 +2684,6 @@ static int mmc_rpmb_chrdev_release(struct inode *inode, struct file *filp) struct mmc_rpmb_data *rpmb = container_of(inode->i_cdev, struct mmc_rpmb_data, chrdev); - mmc_blk_put(rpmb->md); put_device(&rpmb->dev); return 0; @@ -2703,10 +2704,147 @@ static void mmc_blk_rpmb_device_release(struct device *dev) { struct mmc_rpmb_data *rpmb = dev_get_drvdata(dev); + rpmb_dev_unregister(rpmb->rdev); + mmc_blk_put(rpmb->md); ida_simple_remove(&mmc_rpmb_ida, rpmb->id); kfree(rpmb); } +static void free_idata(struct mmc_blk_ioc_data **idata, unsigned int cmd_count) +{ + unsigned int n; + + for (n = 0; n < cmd_count; n++) + kfree(idata[n]); + kfree(idata); +} + +static struct mmc_blk_ioc_data **alloc_idata(struct mmc_rpmb_data *rpmb, + unsigned int cmd_count) +{ + struct mmc_blk_ioc_data **idata; + unsigned int n; + + idata = kcalloc(cmd_count, sizeof(*idata), GFP_KERNEL); + if (!idata) + return NULL; + + for (n = 0; n < cmd_count; n++) { + idata[n] = kcalloc(1, sizeof(**idata), GFP_KERNEL); + if (!idata[n]) { + free_idata(idata, n); + return NULL; + } + idata[n]->rpmb = rpmb; + } + + return idata; +} + +static void set_idata(struct mmc_blk_ioc_data *idata, u32 opcode, + int write_flag, u8 *buf, unsigned int buf_bytes) +{ + idata->ic.opcode = opcode; + idata->ic.flags = MMC_RSP_R1 | MMC_CMD_ADTC; + idata->ic.write_flag = write_flag; + idata->ic.blksz = sizeof(struct rpmb_frame); + idata->ic.blocks = buf_bytes / idata->ic.blksz; + idata->buf = buf; + idata->buf_bytes = buf_bytes; +} + +static int rpmb_op_mmc_route_frames(struct device *dev, bool write, u8 *req, + unsigned int req_len, u8 *resp, + unsigned int resp_len) +{ + struct mmc_rpmb_data *rpmb = dev_get_drvdata(dev); + struct mmc_blk_data *md = rpmb->md; + struct mmc_blk_ioc_data **idata; + unsigned int cmd_count; + struct request *rq; + int ret; + + if (write) + cmd_count = 3; + else + cmd_count = 2; + + if (IS_ERR(md->queue.card)) + return PTR_ERR(md->queue.card); + + idata = alloc_idata(rpmb, cmd_count); + if (!idata) + return -ENOMEM; + + if (write) { + struct rpmb_frame *frm = (struct rpmb_frame *)resp; + + /* Send write request frame(s) */ + set_idata(idata[0], MMC_WRITE_MULTIPLE_BLOCK, + 1 | MMC_CMD23_ARG_REL_WR, req, req_len); + + /* Send result request frame */ + memset(frm, 0, sizeof(*frm)); + frm->req_resp = cpu_to_be16(RPMB_RESULT_READ); + set_idata(idata[1], MMC_WRITE_MULTIPLE_BLOCK, 1, resp, + resp_len); + + /* Read response frame */ + set_idata(idata[2], MMC_READ_MULTIPLE_BLOCK, 0, resp, resp_len); + } else { + /* Send write request frame(s) */ + set_idata(idata[0], MMC_WRITE_MULTIPLE_BLOCK, 1, req, req_len); + + /* Read response frame */ + set_idata(idata[1], MMC_READ_MULTIPLE_BLOCK, 0, resp, resp_len); + } + + rq = blk_mq_alloc_request(md->queue.queue, REQ_OP_DRV_OUT, 0); + if (IS_ERR(rq)) { + ret = PTR_ERR(rq); + goto out; + } + + req_to_mmc_queue_req(rq)->drv_op = MMC_DRV_OP_IOCTL_RPMB; + req_to_mmc_queue_req(rq)->drv_op_result = -EIO; + req_to_mmc_queue_req(rq)->drv_op_data = idata; + req_to_mmc_queue_req(rq)->ioc_count = cmd_count; + blk_execute_rq(rq, false); + ret = req_to_mmc_queue_req(rq)->drv_op_result; + + blk_mq_free_request(rq); + +out: + free_idata(idata, cmd_count); + return ret; +} + +static int rpmb_op_mmc_set_dev_info(struct device *dev, struct rpmb_dev *rdev) +{ + struct mmc_rpmb_data *rpmb = dev_get_drvdata(dev); + struct mmc_card *card = rpmb->md->queue.card; + unsigned int n; + u32 cid[4]; + + for (n = 0; n < 4; n++) + cid[n] = be32_to_cpu(card->raw_cid[n]); + + rdev->dev_id = kmemdup(cid, sizeof(cid), GFP_KERNEL); + if (!rdev->dev_id) + return -ENOMEM; + rdev->dev_id_len = sizeof(cid); + rdev->reliable_wr_count = card->ext_csd.raw_rpmb_size_mult; + rdev->capacity = card->ext_csd.rel_sectors; + + return 0; +} + +static struct rpmb_ops rpmb_mmc_ops = { + .type = RPMB_TYPE_EMMC, + .route_frames = rpmb_op_mmc_route_frames, + .set_dev_info = rpmb_op_mmc_set_dev_info, +}; + static int mmc_blk_alloc_rpmb_part(struct mmc_card *card, struct mmc_blk_data *md, unsigned int part_index, @@ -2741,6 +2879,7 @@ static int mmc_blk_alloc_rpmb_part(struct mmc_card *card, rpmb->dev.release = mmc_blk_rpmb_device_release; device_initialize(&rpmb->dev); dev_set_drvdata(&rpmb->dev, rpmb); + mmc_blk_get(md->disk); rpmb->md = md; cdev_init(&rpmb->chrdev, &mmc_rpmb_fileops); @@ -2751,6 +2890,14 @@ static int mmc_blk_alloc_rpmb_part(struct mmc_card *card, goto out_put_device; } + rpmb->rdev = rpmb_dev_register(&rpmb->dev, &rpmb_mmc_ops); + if (IS_ERR(rpmb->rdev)) { + pr_err("%s: could not register RPMB device\n", rpmb_name); + ret = PTR_ERR(rpmb->rdev); + rpmb->rdev = NULL; + goto out_cdev_device_del; + } + list_add(&rpmb->node, &md->rpmbs); string_get_size((u64)size, 512, STRING_UNITS_2, @@ -2762,6 +2909,8 @@ static int mmc_blk_alloc_rpmb_part(struct mmc_card *card, return 0; +out_cdev_device_del: + cdev_device_del(&rpmb->chrdev, &rpmb->dev); out_put_device: put_device(&rpmb->dev); return ret; From patchwork Tue Feb 27 15:31:32 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jens Wiklander X-Patchwork-Id: 207286 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:7300:a81b:b0:108:e6aa:91d0 with SMTP id bq27csp2774031dyb; Tue, 27 Feb 2024 07:32:47 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCX9ueu8pS7J9TMitS135p2RZvUf2uEgCIAXH1qviJbnp3rEblySct2gELb9sYlHEEGQMa3a5kwPBG1P237q3lH0O/Tapw== X-Google-Smtp-Source: AGHT+IEm7SwJp4uxryPLPOPnlOwwB1RsWTNg4LVStKBOZ6XHH1cmLTUY5PwPsO/cuRHMxkuBgXgl X-Received: by 2002:a05:622a:2c7:b0:42e:9922:7140 with SMTP id a7-20020a05622a02c700b0042e99227140mr2581959qtx.45.1709047966833; Tue, 27 Feb 2024 07:32:46 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1709047966; cv=pass; d=google.com; s=arc-20160816; b=JiqXC3A++armTxD9zD4jB70Blc1M+ZQQMODNnNuiRAKvXdIx0AbGkT0QPbWTd23g/b MzKzihz+Qny7iyPSkMYwq7smp4RTIPjyUVDqi3/aKh+Hy/nM1MDxxWidp6JPs1nxZoYM i03GWUfiQXnSahmnkBtPOd4ZpGB+98BldPpa5Eg51Ui58k1eO6SRb3Vxv/WCegumRDCg IIDr1pfWpRlyh/UGRt2JkfcNdRhzy7UZqIh1qG6OSoSpkGOil2vI+Wq78/OpEWDE5wsF bb0FIyNmeoiRpr6x+mWR3cPc7e8d2cKQvB9CBhe8hBni2NcxOkJGXcAmUZkECOggIL6f Snlw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=suU2ebEyw3xXlVKWbCLt3I5PCGWr42q4ZsNUvAvwawk=; fh=sQsBLDqGcW6+57svg53TnZLTGKlnH+b7OgEYIkNFisg=; b=OHEt7VZes2fAnPO4Zdv8bUmQzS3OMkAJoAfKQttL2Uya5c8VtcH28ZC32qwVHxOzcn WeMxeaAgy55XQ1T6pIxfVYWVl4Ka1ZO4z4ilzXMK1xATc6iYUCkKKOnGEm7Jhi6WWM6z BUObHhCXzIXBgsVWSYXlSnWs03K7h0mPexGTXiAo7cXv4CMoo0/DmZCwhUaZRXj7E0tk Z/tr+qnWevRSAmPV6O9msQ4IubA/GAPmBgxwn7hV2BlPtzUnmMPwU0BKpJEN2ECD//kK Rv76dh5OUyHhhwbCypnxFLsVC6w2bNSR9wVMqizzcwW8pm4K2nPnmKVFna4BqsNQ9KqL TH6A==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=RyHN7Aeo; arc=pass (i=1 spf=pass spfdomain=linaro.org dkim=pass dkdomain=linaro.org dmarc=pass fromdomain=linaro.org); spf=pass (google.com: domain of linux-kernel+bounces-83509-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-83509-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [2604:1380:45d1:ec00::1]) by mx.google.com with ESMTPS id u23-20020a05620a023700b00787aae4d19esi7379256qkm.781.2024.02.27.07.32.46 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 27 Feb 2024 07:32:46 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-83509-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) client-ip=2604:1380:45d1:ec00::1; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=RyHN7Aeo; arc=pass (i=1 spf=pass spfdomain=linaro.org dkim=pass dkdomain=linaro.org dmarc=pass fromdomain=linaro.org); spf=pass (google.com: domain of linux-kernel+bounces-83509-ouuuleilei=gmail.com@vger.kernel.org designates 2604:1380:45d1:ec00::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-83509-ouuuleilei=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ny.mirrors.kernel.org (Postfix) with ESMTPS id 8B97C1C223F1 for ; Tue, 27 Feb 2024 15:32:46 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 54DA3148303; Tue, 27 Feb 2024 15:31:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b="RyHN7Aeo" Received: from mail-lf1-f41.google.com (mail-lf1-f41.google.com [209.85.167.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7D25E146012 for ; Tue, 27 Feb 2024 15:31:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.167.41 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709047910; cv=none; b=pzeM5AR2JKNQ1CozPHCOsB07CZ7kO3m5Tugl+3b7MP3Rpdvhen9TREd6hAO+v3KEh2c3UL5C6YVBMko00sqcaKA6qLfI7oT5sS62DcKIcrxrcyr6VTQYuChjKGAWYfItgsR30oW88Q+IhB+/Uhx66ReBSGsHCNyJnLO2TFv8jCQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709047910; c=relaxed/simple; bh=zLcF/AONIH/HjNAqQzf41Ni8Aqwi/34Hf4FgQAq9R4E=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=AHup4azZ8GAbuUf2FXTjLz+JbnTu0adaV0kxnXXxOjjScc5tEUc3Di0fqDqukzPAwD8SHF6hWddqgzpkZo+PNaIEvJASZRfaoAZCr5/x48tHjvSR5bMlTthMGXYLbhd5bKv8zY5gDL+1Mr6uQzfguBcC6Pl4O2e56lY27p4x1Ds= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linaro.org; spf=pass smtp.mailfrom=linaro.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b=RyHN7Aeo; arc=none smtp.client-ip=209.85.167.41 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linaro.org Received: by mail-lf1-f41.google.com with SMTP id 2adb3069b0e04-512a65cd2c7so6069918e87.0 for ; Tue, 27 Feb 2024 07:31:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1709047906; x=1709652706; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=suU2ebEyw3xXlVKWbCLt3I5PCGWr42q4ZsNUvAvwawk=; b=RyHN7AeoyzlzRMhKnJRiFPKi5kXzfNA+YgGK5VN914VmRMGui8P0E+Hp84QuhWhXhV vHV41DQGQTd46ssaYPHHRnrSWJqNJk+SbkgZVyoozF2iziYDUTRw6y0PSk4a9Bj53a0t 4HJ+zeoE5wICVa2sTndhKvqVvugG2EAUYQ9BnCymPbAjNxdxSXh2nhe7xEa3/9byC2LT adtunHjYlmgOpSLRZE+fWsesR5dVJ/13IOl1bOI1T3h2EpBIzTfao54ctX2aw+Ql61xd yr+QqiMwduUqLRXxb8504d/59kmk+KZycJjgoOfzftzY+OwKh32b93Q+LWRH3auEz+WU VLMg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1709047906; x=1709652706; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=suU2ebEyw3xXlVKWbCLt3I5PCGWr42q4ZsNUvAvwawk=; b=p18zxHOMlOjZ1CY4TF9gzat0wUYEhq4MBxlQWc/YK4xIuy4Er6neWwccyxd91KkHdm fQIi5rxCyaa1HxWOLr/dDH3Tj/NmGGpKyr82LfmELV9BwG5y72g2t4ilWyLjd319k5a0 ULIO20C7TH/Vm4UmiIvF/NtL5aaVdIKCgw4SP2ORsAAvIZWnZxq3O98VVHi+yB8wxs+m P8OwTkHFVrjlg4q8BRJpa9POB5fz/DfeMOyB4fPmEuB3ZzBmqNev8VAZ6sT6gLh6xNbr B2atJWjKsu/smPu5WcPuOzXNJykmN/O6Wu+KbjPwG4uT1NZM6ZcHBQbMrCfY3lpmN6DY gpTQ== X-Gm-Message-State: AOJu0YxzIy2YmJQQTGhyPfTJccauFNynys5qbnHtsjVLFkvtK6W37jct Yh8rkFmjxqU4+ll0n2YIyBaJt5YnK8S+hd4nBTAqcDfk68C2hPxgTyn4v+hxmDoRvWeyThbSEIP 6 X-Received: by 2002:a05:6512:3dac:b0:512:ed33:c16 with SMTP id k44-20020a0565123dac00b00512ed330c16mr8378083lfv.8.1709047906331; Tue, 27 Feb 2024 07:31:46 -0800 (PST) Received: from localhost.localdomain (h-217-31-164-171.A175.priv.bahnhof.se. [217.31.164.171]) by smtp.gmail.com with ESMTPSA id h18-20020a19ca52000000b00513003b8ebesm586969lfj.135.2024.02.27.07.31.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 27 Feb 2024 07:31:45 -0800 (PST) From: Jens Wiklander To: linux-kernel@vger.kernel.org, linux-mmc@vger.kernel.org, op-tee@lists.trustedfirmware.org Cc: Shyam Saini , Ulf Hansson , Jerome Forissier , Sumit Garg , Ilias Apalodimas , Bart Van Assche , Randy Dunlap , Ard Biesheuvel , Arnd Bergmann , Greg Kroah-Hartman , Jens Wiklander Subject: [PATCH v3 3/3] optee: probe RPMB device using RPMB subsystem Date: Tue, 27 Feb 2024 16:31:32 +0100 Message-Id: <20240227153132.2611499-4-jens.wiklander@linaro.org> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20240227153132.2611499-1-jens.wiklander@linaro.org> References: <20240227153132.2611499-1-jens.wiklander@linaro.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1792066681117913503 X-GMAIL-MSGID: 1792066681117913503 Adds support in the OP-TEE drivers (both SMC and FF-A ABIs) to probe and use an RPMB device via the RPBM subsystem instead of passing the RPMB frames via tee-supplicant in user space. A fallback mechanism is kept to route RPMB frames via tee-supplicant if the RPMB subsystem isn't available. The OP-TEE RPC ABI is extended to support iterating over all RPMB devices until one is found with the expected RPMB key already programmed. Signed-off-by: Jens Wiklander --- drivers/tee/optee/core.c | 55 +++++++ drivers/tee/optee/ffa_abi.c | 7 + drivers/tee/optee/optee_private.h | 16 ++ drivers/tee/optee/optee_rpc_cmd.h | 35 +++++ drivers/tee/optee/rpc.c | 233 ++++++++++++++++++++++++++++++ drivers/tee/optee/smc_abi.c | 6 + 6 files changed, 352 insertions(+) diff --git a/drivers/tee/optee/core.c b/drivers/tee/optee/core.c index 3aed554bc8d8..6b32d3e7865b 100644 --- a/drivers/tee/optee/core.c +++ b/drivers/tee/optee/core.c @@ -11,6 +11,7 @@ #include #include #include +#include #include #include #include @@ -80,6 +81,57 @@ void optee_pool_op_free_helper(struct tee_shm_pool *pool, struct tee_shm *shm, shm->pages = NULL; } +static void optee_rpmb_scan(struct work_struct *work) +{ + struct optee *optee = container_of(work, struct optee, scan_rpmb_work); + bool scan_done = false; + u32 res; + + do { + mutex_lock(&optee->rpmb_dev_mutex); + /* No need to rescan if we haven't started scanning yet */ + optee->rpmb_dev_request_rescan = false; + mutex_unlock(&optee->rpmb_dev_mutex); + + res = optee_enumerate_devices(PTA_CMD_GET_DEVICES_RPMB); + if (res && res != TEE_ERROR_STORAGE_NOT_AVAILABLE) + pr_info("Scanning for RPMB device: res %#x\n", res); + + mutex_lock(&optee->rpmb_dev_mutex); + /* + * If another RPMB device came online while scanning, scan one + * more time, unless we have already found an RPBM device. + */ + scan_done = (optee->rpmb_dev || + !optee->rpmb_dev_request_rescan); + optee->rpmb_dev_request_rescan = false; + optee->rpmb_dev_scan_in_progress = !scan_done; + mutex_unlock(&optee->rpmb_dev_mutex); + } while (!scan_done); +} + +void optee_rpmb_intf_add_rdev(struct rpmb_interface *intf, + struct rpmb_dev *rdev) +{ + struct optee *optee = container_of(intf, struct optee, rpmb_intf); + bool queue_work = true; + + mutex_lock(&optee->rpmb_dev_mutex); + if (optee->rpmb_dev || optee->rpmb_dev_scan_in_progress) { + queue_work = false; + if (optee->rpmb_dev_scan_in_progress) + optee->rpmb_dev_request_rescan = true; + } + if (queue_work) + optee->rpmb_dev_scan_in_progress = true; + mutex_unlock(&optee->rpmb_dev_mutex); + + if (queue_work) { + INIT_WORK(&optee->scan_rpmb_work, optee_rpmb_scan); + schedule_work(&optee->scan_rpmb_work); + } +} + static void optee_bus_scan(struct work_struct *work) { WARN_ON(optee_enumerate_devices(PTA_CMD_GET_DEVICES_SUPP)); @@ -161,6 +213,7 @@ void optee_release_supp(struct tee_context *ctx) void optee_remove_common(struct optee *optee) { + rpmb_interface_unregister(&optee->rpmb_intf); /* Unregister OP-TEE specific client devices on TEE bus */ optee_unregister_devices(); @@ -177,6 +230,8 @@ void optee_remove_common(struct optee *optee) tee_shm_pool_free(optee->pool); optee_supp_uninit(&optee->supp); mutex_destroy(&optee->call_queue.mutex); + rpmb_dev_put(optee->rpmb_dev); + mutex_destroy(&optee->rpmb_dev_mutex); } static int smc_abi_rc; diff --git a/drivers/tee/optee/ffa_abi.c b/drivers/tee/optee/ffa_abi.c index ecb5eb079408..befe19ecc30a 100644 --- a/drivers/tee/optee/ffa_abi.c +++ b/drivers/tee/optee/ffa_abi.c @@ -7,6 +7,7 @@ #include #include +#include #include #include #include @@ -934,6 +935,7 @@ static int optee_ffa_probe(struct ffa_device *ffa_dev) optee_cq_init(&optee->call_queue, 0); optee_supp_init(&optee->supp); optee_shm_arg_cache_init(optee, arg_cache_flags); + mutex_init(&optee->rpmb_dev_mutex); ffa_dev_set_drvdata(ffa_dev, optee); ctx = teedev_open(optee->teedev); if (IS_ERR(ctx)) { @@ -955,6 +957,8 @@ static int optee_ffa_probe(struct ffa_device *ffa_dev) if (rc) goto err_unregister_devices; + optee->rpmb_intf.add_rdev = optee_rpmb_intf_add_rdev; + rpmb_interface_register(&optee->rpmb_intf); pr_info("initialized driver\n"); return 0; @@ -968,6 +972,9 @@ static int optee_ffa_probe(struct ffa_device *ffa_dev) teedev_close_context(ctx); err_rhashtable_free: rhashtable_free_and_destroy(&optee->ffa.global_ids, rh_free_fn, NULL); + rpmb_dev_put(optee->rpmb_dev); + mutex_destroy(&optee->rpmb_dev_mutex); + rpmb_interface_unregister(&optee->rpmb_intf); optee_supp_uninit(&optee->supp); mutex_destroy(&optee->call_queue.mutex); mutex_destroy(&optee->ffa.mutex); diff --git a/drivers/tee/optee/optee_private.h b/drivers/tee/optee/optee_private.h index 7a5243c78b55..1e4c33baef43 100644 --- a/drivers/tee/optee/optee_private.h +++ b/drivers/tee/optee/optee_private.h @@ -8,6 +8,7 @@ #include #include +#include #include #include #include @@ -20,11 +21,13 @@ /* Some Global Platform error codes used in this driver */ #define TEEC_SUCCESS 0x00000000 #define TEEC_ERROR_BAD_PARAMETERS 0xFFFF0006 +#define TEEC_ERROR_ITEM_NOT_FOUND 0xFFFF0008 #define TEEC_ERROR_NOT_SUPPORTED 0xFFFF000A #define TEEC_ERROR_COMMUNICATION 0xFFFF000E #define TEEC_ERROR_OUT_OF_MEMORY 0xFFFF000C #define TEEC_ERROR_BUSY 0xFFFF000D #define TEEC_ERROR_SHORT_BUFFER 0xFFFF0010 +#define TEE_ERROR_STORAGE_NOT_AVAILABLE 0xF0100003 #define TEEC_ORIGIN_COMMS 0x00000002 @@ -197,6 +200,8 @@ struct optee_ops { * @notif: notification synchronization struct * @supp: supplicant synchronization struct for RPC to supplicant * @pool: shared memory pool + * @mutex: mutex protecting @rpmb_dev + * @rpmb_dev: current RPMB device or NULL * @rpc_param_count: If > 0 number of RPC parameters to make room for * @scan_bus_done flag if device registation was already done. * @scan_bus_work workq to scan optee bus and register optee drivers @@ -215,9 +220,17 @@ struct optee { struct optee_notif notif; struct optee_supp supp; struct tee_shm_pool *pool; + /* Protects rpmb_dev pointer and rpmb_dev_* */ + struct mutex rpmb_dev_mutex; + struct rpmb_dev *rpmb_dev; + bool rpmb_dev_scan_in_progress; + bool rpmb_dev_request_rescan; + bool rpmb_dev_scan_done; + struct rpmb_interface rpmb_intf; unsigned int rpc_param_count; bool scan_bus_done; struct work_struct scan_bus_work; + struct work_struct scan_rpmb_work; }; struct optee_session { @@ -280,8 +293,11 @@ int optee_cancel_req(struct tee_context *ctx, u32 cancel_id, u32 session); #define PTA_CMD_GET_DEVICES 0x0 #define PTA_CMD_GET_DEVICES_SUPP 0x1 +#define PTA_CMD_GET_DEVICES_RPMB 0x2 int optee_enumerate_devices(u32 func); void optee_unregister_devices(void); +void optee_rpmb_intf_add_rdev(struct rpmb_interface *intf, + struct rpmb_dev *rdev); int optee_pool_op_alloc_helper(struct tee_shm_pool *pool, struct tee_shm *shm, size_t size, size_t align, diff --git a/drivers/tee/optee/optee_rpc_cmd.h b/drivers/tee/optee/optee_rpc_cmd.h index f3f06e0994a7..f351a8ac69fc 100644 --- a/drivers/tee/optee/optee_rpc_cmd.h +++ b/drivers/tee/optee/optee_rpc_cmd.h @@ -16,6 +16,14 @@ * and sends responses. */ +/* + * Replay Protected Memory Block access + * + * [in] memref[0] Frames to device + * [out] memref[1] Frames from device + */ +#define OPTEE_RPC_CMD_RPMB 1 + /* * Get time * @@ -103,4 +111,31 @@ /* I2C master control flags */ #define OPTEE_RPC_I2C_FLAGS_TEN_BIT BIT(0) +/* + * Reset RPMB probing + * + * Releases an eventually already used RPMB devices and starts over searching + * for RPMB devices. Returns the kind of shared memory to use in subsequent + * OPTEE_RPC_CMD_RPMB_PROBE_NEXT and OPTEE_RPC_CMD_RPMB calls. + * + * [out] value[0].a OPTEE_RPC_SHM_TYPE_*, the parameter for + * OPTEE_RPC_CMD_SHM_ALLOC + */ +#define OPTEE_RPC_CMD_RPMB_PROBE_RESET 22 + +/* + * Probe next RPMB device + * + * [out] value[0].a Type of RPMB device, OPTEE_RPC_RPMB_* + * [out] value[0].b EXT CSD-slice 168 "RPMB Size" + * [out] value[0].c EXT CSD-slice 222 "Reliable Write Sector Count" + * [out] memref[1] Buffer with the raw CID + */ +#define OPTEE_RPC_CMD_RPMB_PROBE_NEXT 23 + +/* Type of RPMB device */ +#define OPTEE_RPC_RPMB_EMMC 0 +#define OPTEE_RPC_RPMB_UFS 1 +#define OPTEE_RPC_RPMB_NVME 2 + #endif /*__OPTEE_RPC_CMD_H*/ diff --git a/drivers/tee/optee/rpc.c b/drivers/tee/optee/rpc.c index e69bc6380683..97f69a108f61 100644 --- a/drivers/tee/optee/rpc.c +++ b/drivers/tee/optee/rpc.c @@ -7,6 +7,7 @@ #include #include +#include #include #include #include "optee_private.h" @@ -255,6 +256,229 @@ void optee_rpc_cmd_free_suppl(struct tee_context *ctx, struct tee_shm *shm) optee_supp_thrd_req(ctx, OPTEE_RPC_CMD_SHM_FREE, 1, ¶m); } +static void handle_rpc_func_rpmb_probe_reset(struct tee_context *ctx, + struct optee *optee, + struct optee_msg_arg *arg) +{ + struct tee_param params[1]; + + if (!IS_ENABLED(CONFIG_RPMB)) { + handle_rpc_supp_cmd(ctx, optee, arg); + return; + } + + if (arg->num_params != ARRAY_SIZE(params) || + optee->ops->from_msg_param(optee, params, arg->num_params, + arg->params) || + params[0].attr != TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_OUTPUT) { + arg->ret = TEEC_ERROR_BAD_PARAMETERS; + return; + } + + params[0].u.value.a = OPTEE_RPC_SHM_TYPE_KERNEL; + params[0].u.value.b = 0; + params[0].u.value.c = 0; + if (optee->ops->to_msg_param(optee, arg->params, + arg->num_params, params)) { + arg->ret = TEEC_ERROR_BAD_PARAMETERS; + return; + } + + mutex_lock(&optee->rpmb_dev_mutex); + rpmb_dev_put(optee->rpmb_dev); + optee->rpmb_dev = NULL; + mutex_unlock(&optee->rpmb_dev_mutex); + + arg->ret = TEEC_SUCCESS; +} + +static int rpmb_type_to_rpc_type(enum rpmb_type rtype) +{ + switch (rtype) { + case RPMB_TYPE_EMMC: + return OPTEE_RPC_RPMB_EMMC; + case RPMB_TYPE_UFS: + return OPTEE_RPC_RPMB_UFS; + case RPMB_TYPE_NVME: + return OPTEE_RPC_RPMB_NVME; + default: + return -1; + } +} + +static int rpc_rpmb_match(struct rpmb_dev *rdev, const void *data) +{ + return rpmb_type_to_rpc_type(rdev->ops->type) >= 0; +} + +static void handle_rpc_func_rpmb_probe_next(struct tee_context *ctx, + struct optee *optee, + struct optee_msg_arg *arg) +{ + struct rpmb_dev *rdev; + struct tee_param params[2]; + void *buf; + + if (!IS_ENABLED(CONFIG_RPMB)) { + handle_rpc_supp_cmd(ctx, optee, arg); + return; + } + + if (arg->num_params != ARRAY_SIZE(params) || + optee->ops->from_msg_param(optee, params, arg->num_params, + arg->params) || + params[0].attr != TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_OUTPUT || + params[1].attr != TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT) { + arg->ret = TEEC_ERROR_BAD_PARAMETERS; + return; + } + buf = tee_shm_get_va(params[1].u.memref.shm, + params[1].u.memref.shm_offs); + if (!buf) { + arg->ret = TEEC_ERROR_BAD_PARAMETERS; + return; + } + + mutex_lock(&optee->rpmb_dev_mutex); + rdev = rpmb_dev_find_device(NULL, optee->rpmb_dev, rpc_rpmb_match); + rpmb_dev_put(optee->rpmb_dev); + optee->rpmb_dev = rdev; + mutex_unlock(&optee->rpmb_dev_mutex); + + if (!rdev) { + arg->ret = TEEC_ERROR_ITEM_NOT_FOUND; + return; + } + + if (params[1].u.memref.size < rdev->dev_id_len) { + arg->ret = TEEC_ERROR_SHORT_BUFFER; + return; + } + memcpy(buf, rdev->dev_id, rdev->dev_id_len); + params[1].u.memref.size = rdev->dev_id_len; + params[0].u.value.a = rpmb_type_to_rpc_type(rdev->ops->type); + params[0].u.value.b = rdev->capacity; + params[0].u.value.c = rdev->reliable_wr_count; + if (optee->ops->to_msg_param(optee, arg->params, + arg->num_params, params)) { + arg->ret = TEEC_ERROR_BAD_PARAMETERS; + return; + } + + arg->ret = TEEC_SUCCESS; +} + +/* Request */ +struct rpmb_req { + u16 cmd; +#define RPMB_CMD_DATA_REQ 0x00 +#define RPMB_CMD_GET_DEV_INFO 0x01 + u16 dev_id; + u16 block_count; + /* Optional data frames (rpmb_data_frame) follow */ +}; + +#define RPMB_REQ_DATA(req) ((void *)((struct rpmb_req *)(req) + 1)) + +#define RPMB_CID_SZ 16 + +/* Response to device info request */ +struct rpmb_dev_info { + u8 cid[RPMB_CID_SZ]; + u8 rpmb_size_mult; /* EXT CSD-slice 168: RPMB Size */ + u8 rel_wr_sec_c; /* EXT CSD-slice 222: Reliable Write Sector */ + /* Count */ + u8 ret_code; +#define RPMB_CMD_GET_DEV_INFO_RET_OK 0x00 +#define RPMB_CMD_GET_DEV_INFO_RET_ERROR 0x01 +}; + +static int get_dev_info(struct rpmb_dev *rdev, void *rsp, size_t rsp_size) +{ + struct rpmb_dev_info *dev_info; + + if (rsp_size != sizeof(*dev_info)) + return TEEC_ERROR_BAD_PARAMETERS; + + dev_info = rsp; + memcpy(dev_info->cid, rdev->dev_id, sizeof(dev_info->cid)); + dev_info->rpmb_size_mult = rdev->capacity; + dev_info->rel_wr_sec_c = rdev->reliable_wr_count; + dev_info->ret_code = RPMB_CMD_GET_DEV_INFO_RET_OK; + + return TEEC_SUCCESS; +} + +/* + * req is one struct rpmb_req followed by one or more struct rpmb_data_frame + * rsp is either one struct rpmb_dev_info or one or more struct rpmb_data_frame + */ +static u32 rpmb_process_request(struct optee *optee, struct rpmb_dev *rdev, + void *req, size_t req_size, + void *rsp, size_t rsp_size) +{ + struct rpmb_req *sreq = req; + int rc; + + if (req_size < sizeof(*sreq)) + return TEEC_ERROR_BAD_PARAMETERS; + + switch (sreq->cmd) { + case RPMB_CMD_DATA_REQ: + rc = rpmb_route_frames(rdev, RPMB_REQ_DATA(req), + req_size - sizeof(struct rpmb_req), + rsp, rsp_size); + if (rc) + return TEEC_ERROR_BAD_PARAMETERS; + return TEEC_SUCCESS; + case RPMB_CMD_GET_DEV_INFO: + return get_dev_info(rdev, rsp, rsp_size); + default: + return TEEC_ERROR_BAD_PARAMETERS; + } +} + +static void handle_rpc_func_rpmb(struct tee_context *ctx, struct optee *optee, + struct optee_msg_arg *arg) +{ + struct tee_param params[2]; + struct rpmb_dev *rdev; + void *p0, *p1; + + mutex_lock(&optee->rpmb_dev_mutex); + rdev = rpmb_dev_get(optee->rpmb_dev); + mutex_unlock(&optee->rpmb_dev_mutex); + if (!rdev) { + handle_rpc_supp_cmd(ctx, optee, arg); + return; + } + + if (arg->num_params != ARRAY_SIZE(params) || + optee->ops->from_msg_param(optee, params, arg->num_params, + arg->params) || + params[0].attr != TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INPUT || + params[1].attr != TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT) { + arg->ret = TEEC_ERROR_BAD_PARAMETERS; + goto out; + } + + p0 = tee_shm_get_va(params[0].u.memref.shm, + params[0].u.memref.shm_offs); + p1 = tee_shm_get_va(params[1].u.memref.shm, + params[1].u.memref.shm_offs); + arg->ret = rpmb_process_request(optee, rdev, p0, + params[0].u.memref.size, + p1, params[1].u.memref.size); + if (arg->ret) + goto out; + + if (optee->ops->to_msg_param(optee, arg->params, + arg->num_params, params)) + arg->ret = TEEC_ERROR_BAD_PARAMETERS; +out: + rpmb_dev_put(rdev); +} + void optee_rpc_cmd(struct tee_context *ctx, struct optee *optee, struct optee_msg_arg *arg) { @@ -271,6 +495,15 @@ void optee_rpc_cmd(struct tee_context *ctx, struct optee *optee, case OPTEE_RPC_CMD_I2C_TRANSFER: handle_rpc_func_cmd_i2c_transfer(ctx, arg); break; + case OPTEE_RPC_CMD_RPMB_PROBE_RESET: + handle_rpc_func_rpmb_probe_reset(ctx, optee, arg); + break; + case OPTEE_RPC_CMD_RPMB_PROBE_NEXT: + handle_rpc_func_rpmb_probe_next(ctx, optee, arg); + break; + case OPTEE_RPC_CMD_RPMB: + handle_rpc_func_rpmb(ctx, optee, arg); + break; default: handle_rpc_supp_cmd(ctx, optee, arg); } diff --git a/drivers/tee/optee/smc_abi.c b/drivers/tee/optee/smc_abi.c index a37f87087e5c..8da53f41b052 100644 --- a/drivers/tee/optee/smc_abi.c +++ b/drivers/tee/optee/smc_abi.c @@ -20,6 +20,7 @@ #include #include #include +#include #include #include #include @@ -1715,6 +1716,7 @@ static int optee_probe(struct platform_device *pdev) optee->smc.memremaped_shm = memremaped_shm; optee->pool = pool; optee_shm_arg_cache_init(optee, arg_cache_flags); + mutex_init(&optee->rpmb_dev_mutex); platform_set_drvdata(pdev, optee); ctx = teedev_open(optee->teedev); @@ -1769,6 +1771,8 @@ static int optee_probe(struct platform_device *pdev) if (rc) goto err_disable_shm_cache; + optee->rpmb_intf.add_rdev = optee_rpmb_intf_add_rdev; + rpmb_interface_register(&optee->rpmb_intf); pr_info("initialized driver\n"); return 0; @@ -1782,6 +1786,8 @@ static int optee_probe(struct platform_device *pdev) err_close_ctx: teedev_close_context(ctx); err_supp_uninit: + rpmb_dev_put(optee->rpmb_dev); + mutex_destroy(&optee->rpmb_dev_mutex); optee_shm_arg_cache_uninit(optee); optee_supp_uninit(&optee->supp); mutex_destroy(&optee->call_queue.mutex);