search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
drm: add modifiers for MediaTek tiled formats
[drm/drm-misc.git] / drivers / tee / optee / call.c
blob16eb953e14bb686d7f0afbe5f795fd61c1c2b04e
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * Copyright (c) 2015-2021, 2023 Linaro Limited
4 */
5 #include <linux/device.h>
6 #include <linux/err.h>
7 #include <linux/errno.h>
8 #include <linux/mm.h>
9 #include <linux/slab.h>
10 #include <linux/tee_core.h>
11 #include <linux/types.h>
12 #include "optee_private.h"
13
14 #define MAX_ARG_PARAM_COUNT 6
15
16 /*
17 * How much memory we allocate for each entry. This doesn't have to be a
18 * single page, but it makes sense to keep at least keep it as multiples of
19 * the page size.
20 */
21 #define SHM_ENTRY_SIZE PAGE_SIZE
22
23 /*
24 * We need to have a compile time constant to be able to determine the
25 * maximum needed size of the bit field.
26 */
27 #define MIN_ARG_SIZE OPTEE_MSG_GET_ARG_SIZE(MAX_ARG_PARAM_COUNT)
28 #define MAX_ARG_COUNT_PER_ENTRY (SHM_ENTRY_SIZE / MIN_ARG_SIZE)
29
30 /*
31 * Shared memory for argument structs are cached here. The number of
32 * arguments structs that can fit is determined at runtime depending on the
33 * needed RPC parameter count reported by secure world
34 * (optee->rpc_param_count).
35 */
36 struct optee_shm_arg_entry {
37 struct list_head list_node;
38 struct tee_shm *shm;
39 DECLARE_BITMAP(map, MAX_ARG_COUNT_PER_ENTRY);
40 };
41
42 void optee_cq_init(struct optee_call_queue *cq, int thread_count)
43 {
44 mutex_init(&cq->mutex);
45 INIT_LIST_HEAD(&cq->waiters);
46
47 /*
48 * If cq->total_thread_count is 0 then we're not trying to keep
49 * track of how many free threads we have, instead we're relying on
50 * the secure world to tell us when we're out of thread and have to
51 * wait for another thread to become available.
52 */
53 cq->total_thread_count = thread_count;
54 cq->free_thread_count = thread_count;
55 }
56
57 void optee_cq_wait_init(struct optee_call_queue *cq,
58 struct optee_call_waiter *w, bool sys_thread)
59 {
60 unsigned int free_thread_threshold;
61 bool need_wait = false;
62
63 memset(w, 0, sizeof(*w));
64
65 /*
66 * We're preparing to make a call to secure world. In case we can't
67 * allocate a thread in secure world we'll end up waiting in
68 * optee_cq_wait_for_completion().
69 *
70 * Normally if there's no contention in secure world the call will
71 * complete and we can cleanup directly with optee_cq_wait_final().
72 */
73 mutex_lock(&cq->mutex);
74
75 /*
76 * We add ourselves to the queue, but we don't wait. This
77 * guarantees that we don't lose a completion if secure world
78 * returns busy and another thread just exited and try to complete
79 * someone.
80 */
81 init_completion(&w->c);
82 list_add_tail(&w->list_node, &cq->waiters);
83 w->sys_thread = sys_thread;
84
85 if (cq->total_thread_count) {
86 if (sys_thread || !cq->sys_thread_req_count)
87 free_thread_threshold = 0;
88 else
89 free_thread_threshold = 1;
90
91 if (cq->free_thread_count > free_thread_threshold)
92 cq->free_thread_count--;
93 else
94 need_wait = true;
95 }
96
97 mutex_unlock(&cq->mutex);
98
99 while (need_wait) {
100 optee_cq_wait_for_completion(cq, w);
101 mutex_lock(&cq->mutex);
102
103 if (sys_thread || !cq->sys_thread_req_count)
104 free_thread_threshold = 0;
105 else
106 free_thread_threshold = 1;
107
108 if (cq->free_thread_count > free_thread_threshold) {
109 cq->free_thread_count--;
110 need_wait = false;
111 }
112
113 mutex_unlock(&cq->mutex);
114 }
115 }
116
117 void optee_cq_wait_for_completion(struct optee_call_queue *cq,
118 struct optee_call_waiter *w)
119 {
120 wait_for_completion(&w->c);
121
122 mutex_lock(&cq->mutex);
123
124 /* Move to end of list to get out of the way for other waiters */
125 list_del(&w->list_node);
126 reinit_completion(&w->c);
127 list_add_tail(&w->list_node, &cq->waiters);
128
129 mutex_unlock(&cq->mutex);
130 }
131
132 static void optee_cq_complete_one(struct optee_call_queue *cq)
133 {
134 struct optee_call_waiter *w;
135
136 /* Wake a waiting system session if any, prior to a normal session */
137 list_for_each_entry(w, &cq->waiters, list_node) {
138 if (w->sys_thread && !completion_done(&w->c)) {
139 complete(&w->c);
140 return;
141 }
142 }
143
144 list_for_each_entry(w, &cq->waiters, list_node) {
145 if (!completion_done(&w->c)) {
146 complete(&w->c);
147 break;
148 }
149 }
150 }
151
152 void optee_cq_wait_final(struct optee_call_queue *cq,
153 struct optee_call_waiter *w)
154 {
155 /*
156 * We're done with the call to secure world. The thread in secure
157 * world that was used for this call is now available for some
158 * other task to use.
159 */
160 mutex_lock(&cq->mutex);
161
162 /* Get out of the list */
163 list_del(&w->list_node);
164
165 cq->free_thread_count++;
166
167 /* Wake up one eventual waiting task */
168 optee_cq_complete_one(cq);
169
170 /*
171 * If we're completed we've got a completion from another task that
172 * was just done with its call to secure world. Since yet another
173 * thread now is available in secure world wake up another eventual
174 * waiting task.
175 */
176 if (completion_done(&w->c))
177 optee_cq_complete_one(cq);
178
179 mutex_unlock(&cq->mutex);
180 }
181
182 /* Count registered system sessions to reserved a system thread or not */
183 static bool optee_cq_incr_sys_thread_count(struct optee_call_queue *cq)
184 {
185 if (cq->total_thread_count <= 1)
186 return false;
187
188 mutex_lock(&cq->mutex);
189 cq->sys_thread_req_count++;
190 mutex_unlock(&cq->mutex);
191
192 return true;
193 }
194
195 static void optee_cq_decr_sys_thread_count(struct optee_call_queue *cq)
196 {
197 mutex_lock(&cq->mutex);
198 cq->sys_thread_req_count--;
199 /* If there's someone waiting, let it resume */
200 optee_cq_complete_one(cq);
201 mutex_unlock(&cq->mutex);
202 }
203
204 /* Requires the filpstate mutex to be held */
205 static struct optee_session *find_session(struct optee_context_data *ctxdata,
206 u32 session_id)
207 {
208 struct optee_session *sess;
209
210 list_for_each_entry(sess, &ctxdata->sess_list, list_node)
211 if (sess->session_id == session_id)
212 return sess;
213
214 return NULL;
215 }
216
217 void optee_shm_arg_cache_init(struct optee *optee, u32 flags)
218 {
219 INIT_LIST_HEAD(&optee->shm_arg_cache.shm_args);
220 mutex_init(&optee->shm_arg_cache.mutex);
221 optee->shm_arg_cache.flags = flags;
222 }
223
224 void optee_shm_arg_cache_uninit(struct optee *optee)
225 {
226 struct list_head *head = &optee->shm_arg_cache.shm_args;
227 struct optee_shm_arg_entry *entry;
228
229 mutex_destroy(&optee->shm_arg_cache.mutex);
230 while (!list_empty(head)) {
231 entry = list_first_entry(head, struct optee_shm_arg_entry,
232 list_node);
233 list_del(&entry->list_node);
234 if (find_first_bit(entry->map, MAX_ARG_COUNT_PER_ENTRY) !=
235 MAX_ARG_COUNT_PER_ENTRY) {
236 pr_err("Freeing non-free entry\n");
237 }
238 tee_shm_free(entry->shm);
239 kfree(entry);
240 }
241 }
242
243 size_t optee_msg_arg_size(size_t rpc_param_count)
244 {
245 size_t sz = OPTEE_MSG_GET_ARG_SIZE(MAX_ARG_PARAM_COUNT);
246
247 if (rpc_param_count)
248 sz += OPTEE_MSG_GET_ARG_SIZE(rpc_param_count);
249
250 return sz;
251 }
252
253 /**
254 * optee_get_msg_arg() - Provide shared memory for argument struct
255 * @ctx: Caller TEE context
256 * @num_params: Number of parameter to store
257 * @entry_ret: Entry pointer, needed when freeing the buffer
258 * @shm_ret: Shared memory buffer
259 * @offs_ret: Offset of argument strut in shared memory buffer
260 *
261 * @returns a pointer to the argument struct in memory, else an ERR_PTR
262 */
263 struct optee_msg_arg *optee_get_msg_arg(struct tee_context *ctx,
264 size_t num_params,
265 struct optee_shm_arg_entry **entry_ret,
266 struct tee_shm **shm_ret,
267 u_int *offs_ret)
268 {
269 struct optee *optee = tee_get_drvdata(ctx->teedev);
270 size_t sz = optee_msg_arg_size(optee->rpc_param_count);
271 struct optee_shm_arg_entry *entry;
272 struct optee_msg_arg *ma;
273 size_t args_per_entry;
274 u_long bit;
275 u_int offs;
276 void *res;
277
278 if (num_params > MAX_ARG_PARAM_COUNT)
279 return ERR_PTR(-EINVAL);
280
281 if (optee->shm_arg_cache.flags & OPTEE_SHM_ARG_SHARED)
282 args_per_entry = SHM_ENTRY_SIZE / sz;
283 else
284 args_per_entry = 1;
285
286 mutex_lock(&optee->shm_arg_cache.mutex);
287 list_for_each_entry(entry, &optee->shm_arg_cache.shm_args, list_node) {
288 bit = find_first_zero_bit(entry->map, MAX_ARG_COUNT_PER_ENTRY);
289 if (bit < args_per_entry)
290 goto have_entry;
291 }
292
293 /*
294 * No entry was found, let's allocate a new.
295 */
296 entry = kzalloc(sizeof(*entry), GFP_KERNEL);
297 if (!entry) {
298 res = ERR_PTR(-ENOMEM);
299 goto out;
300 }
301
302 if (optee->shm_arg_cache.flags & OPTEE_SHM_ARG_ALLOC_PRIV)
303 res = tee_shm_alloc_priv_buf(ctx, SHM_ENTRY_SIZE);
304 else
305 res = tee_shm_alloc_kernel_buf(ctx, SHM_ENTRY_SIZE);
306
307 if (IS_ERR(res)) {
308 kfree(entry);
309 goto out;
310 }
311 entry->shm = res;
312 list_add(&entry->list_node, &optee->shm_arg_cache.shm_args);
313 bit = 0;
314
315 have_entry:
316 offs = bit * sz;
317 res = tee_shm_get_va(entry->shm, offs);
318 if (IS_ERR(res))
319 goto out;
320 ma = res;
321 set_bit(bit, entry->map);
322 memset(ma, 0, sz);
323 ma->num_params = num_params;
324 *entry_ret = entry;
325 *shm_ret = entry->shm;
326 *offs_ret = offs;
327 out:
328 mutex_unlock(&optee->shm_arg_cache.mutex);
329 return res;
330 }
331
332 /**
333 * optee_free_msg_arg() - Free previsouly obtained shared memory
334 * @ctx: Caller TEE context
335 * @entry: Pointer returned when the shared memory was obtained
336 * @offs: Offset of shared memory buffer to free
337 *
338 * This function frees the shared memory obtained with optee_get_msg_arg().
339 */
340 void optee_free_msg_arg(struct tee_context *ctx,
341 struct optee_shm_arg_entry *entry, u_int offs)
342 {
343 struct optee *optee = tee_get_drvdata(ctx->teedev);
344 size_t sz = optee_msg_arg_size(optee->rpc_param_count);
345 u_long bit;
346
347 if (offs > SHM_ENTRY_SIZE || offs % sz) {
348 pr_err("Invalid offs %u\n", offs);
349 return;
350 }
351 bit = offs / sz;
352
353 mutex_lock(&optee->shm_arg_cache.mutex);
354
355 if (!test_bit(bit, entry->map))
356 pr_err("Bit pos %lu is already free\n", bit);
357 clear_bit(bit, entry->map);
358
359 mutex_unlock(&optee->shm_arg_cache.mutex);
360 }
361
362 int optee_open_session(struct tee_context *ctx,
363 struct tee_ioctl_open_session_arg *arg,
364 struct tee_param *param)
365 {
366 struct optee *optee = tee_get_drvdata(ctx->teedev);
367 struct optee_context_data *ctxdata = ctx->data;
368 struct optee_shm_arg_entry *entry;
369 struct tee_shm *shm;
370 struct optee_msg_arg *msg_arg;
371 struct optee_session *sess = NULL;
372 uuid_t client_uuid;
373 u_int offs;
374 int rc;
375
376 /* +2 for the meta parameters added below */
377 msg_arg = optee_get_msg_arg(ctx, arg->num_params + 2,
378 &entry, &shm, &offs);
379 if (IS_ERR(msg_arg))
380 return PTR_ERR(msg_arg);
381
382 msg_arg->cmd = OPTEE_MSG_CMD_OPEN_SESSION;
383 msg_arg->cancel_id = arg->cancel_id;
384
385 /*
386 * Initialize and add the meta parameters needed when opening a
387 * session.
388 */
389 msg_arg->params[0].attr = OPTEE_MSG_ATTR_TYPE_VALUE_INPUT |
390 OPTEE_MSG_ATTR_META;
391 msg_arg->params[1].attr = OPTEE_MSG_ATTR_TYPE_VALUE_INPUT |
392 OPTEE_MSG_ATTR_META;
393 memcpy(&msg_arg->params[0].u.value, arg->uuid, sizeof(arg->uuid));
394 msg_arg->params[1].u.value.c = arg->clnt_login;
395
396 rc = tee_session_calc_client_uuid(&client_uuid, arg->clnt_login,
397 arg->clnt_uuid);
398 if (rc)
399 goto out;
400 export_uuid(msg_arg->params[1].u.octets, &client_uuid);
401
402 rc = optee->ops->to_msg_param(optee, msg_arg->params + 2,
403 arg->num_params, param);
404 if (rc)
405 goto out;
406
407 sess = kzalloc(sizeof(*sess), GFP_KERNEL);
408 if (!sess) {
409 rc = -ENOMEM;
410 goto out;
411 }
412
413 if (optee->ops->do_call_with_arg(ctx, shm, offs,
414 sess->use_sys_thread)) {
415 msg_arg->ret = TEEC_ERROR_COMMUNICATION;
416 msg_arg->ret_origin = TEEC_ORIGIN_COMMS;
417 }
418
419 if (msg_arg->ret == TEEC_SUCCESS) {
420 /* A new session has been created, add it to the list. */
421 sess->session_id = msg_arg->session;
422 mutex_lock(&ctxdata->mutex);
423 list_add(&sess->list_node, &ctxdata->sess_list);
424 mutex_unlock(&ctxdata->mutex);
425 } else {
426 kfree(sess);
427 }
428
429 if (optee->ops->from_msg_param(optee, param, arg->num_params,
430 msg_arg->params + 2)) {
431 arg->ret = TEEC_ERROR_COMMUNICATION;
432 arg->ret_origin = TEEC_ORIGIN_COMMS;
433 /* Close session again to avoid leakage */
434 optee_close_session(ctx, msg_arg->session);
435 } else {
436 arg->session = msg_arg->session;
437 arg->ret = msg_arg->ret;
438 arg->ret_origin = msg_arg->ret_origin;
439 }
440 out:
441 optee_free_msg_arg(ctx, entry, offs);
442
443 return rc;
444 }
445
446 int optee_system_session(struct tee_context *ctx, u32 session)
447 {
448 struct optee *optee = tee_get_drvdata(ctx->teedev);
449 struct optee_context_data *ctxdata = ctx->data;
450 struct optee_session *sess;
451 int rc = -EINVAL;
452
453 mutex_lock(&ctxdata->mutex);
454
455 sess = find_session(ctxdata, session);
456 if (sess && (sess->use_sys_thread ||
457 optee_cq_incr_sys_thread_count(&optee->call_queue))) {
458 sess->use_sys_thread = true;
459 rc = 0;
460 }
461
462 mutex_unlock(&ctxdata->mutex);
463
464 return rc;
465 }
466
467 int optee_close_session_helper(struct tee_context *ctx, u32 session,
468 bool system_thread)
469 {
470 struct optee *optee = tee_get_drvdata(ctx->teedev);
471 struct optee_shm_arg_entry *entry;
472 struct optee_msg_arg *msg_arg;
473 struct tee_shm *shm;
474 u_int offs;
475
476 msg_arg = optee_get_msg_arg(ctx, 0, &entry, &shm, &offs);
477 if (IS_ERR(msg_arg))
478 return PTR_ERR(msg_arg);
479
480 msg_arg->cmd = OPTEE_MSG_CMD_CLOSE_SESSION;
481 msg_arg->session = session;
482 optee->ops->do_call_with_arg(ctx, shm, offs, system_thread);
483
484 optee_free_msg_arg(ctx, entry, offs);
485
486 if (system_thread)
487 optee_cq_decr_sys_thread_count(&optee->call_queue);
488
489 return 0;
490 }
491
492 int optee_close_session(struct tee_context *ctx, u32 session)
493 {
494 struct optee_context_data *ctxdata = ctx->data;
495 struct optee_session *sess;
496 bool system_thread;
497
498 /* Check that the session is valid and remove it from the list */
499 mutex_lock(&ctxdata->mutex);
500 sess = find_session(ctxdata, session);
501 if (sess)
502 list_del(&sess->list_node);
503 mutex_unlock(&ctxdata->mutex);
504 if (!sess)
505 return -EINVAL;
506 system_thread = sess->use_sys_thread;
507 kfree(sess);
508
509 return optee_close_session_helper(ctx, session, system_thread);
510 }
511
512 int optee_invoke_func(struct tee_context *ctx, struct tee_ioctl_invoke_arg *arg,
513 struct tee_param *param)
514 {
515 struct optee *optee = tee_get_drvdata(ctx->teedev);
516 struct optee_context_data *ctxdata = ctx->data;
517 struct optee_shm_arg_entry *entry;
518 struct optee_msg_arg *msg_arg;
519 struct optee_session *sess;
520 struct tee_shm *shm;
521 bool system_thread;
522 u_int offs;
523 int rc;
524
525 /* Check that the session is valid */
526 mutex_lock(&ctxdata->mutex);
527 sess = find_session(ctxdata, arg->session);
528 if (sess)
529 system_thread = sess->use_sys_thread;
530 mutex_unlock(&ctxdata->mutex);
531 if (!sess)
532 return -EINVAL;
533
534 msg_arg = optee_get_msg_arg(ctx, arg->num_params,
535 &entry, &shm, &offs);
536 if (IS_ERR(msg_arg))
537 return PTR_ERR(msg_arg);
538 msg_arg->cmd = OPTEE_MSG_CMD_INVOKE_COMMAND;
539 msg_arg->func = arg->func;
540 msg_arg->session = arg->session;
541 msg_arg->cancel_id = arg->cancel_id;
542
543 rc = optee->ops->to_msg_param(optee, msg_arg->params, arg->num_params,
544 param);
545 if (rc)
546 goto out;
547
548 if (optee->ops->do_call_with_arg(ctx, shm, offs, system_thread)) {
549 msg_arg->ret = TEEC_ERROR_COMMUNICATION;
550 msg_arg->ret_origin = TEEC_ORIGIN_COMMS;
551 }
552
553 if (optee->ops->from_msg_param(optee, param, arg->num_params,
554 msg_arg->params)) {
555 msg_arg->ret = TEEC_ERROR_COMMUNICATION;
556 msg_arg->ret_origin = TEEC_ORIGIN_COMMS;
557 }
558
559 arg->ret = msg_arg->ret;
560 arg->ret_origin = msg_arg->ret_origin;
561 out:
562 optee_free_msg_arg(ctx, entry, offs);
563 return rc;
564 }
565
566 int optee_cancel_req(struct tee_context *ctx, u32 cancel_id, u32 session)
567 {
568 struct optee *optee = tee_get_drvdata(ctx->teedev);
569 struct optee_context_data *ctxdata = ctx->data;
570 struct optee_shm_arg_entry *entry;
571 struct optee_msg_arg *msg_arg;
572 struct optee_session *sess;
573 bool system_thread;
574 struct tee_shm *shm;
575 u_int offs;
576
577 /* Check that the session is valid */
578 mutex_lock(&ctxdata->mutex);
579 sess = find_session(ctxdata, session);
580 if (sess)
581 system_thread = sess->use_sys_thread;
582 mutex_unlock(&ctxdata->mutex);
583 if (!sess)
584 return -EINVAL;
585
586 msg_arg = optee_get_msg_arg(ctx, 0, &entry, &shm, &offs);
587 if (IS_ERR(msg_arg))
588 return PTR_ERR(msg_arg);
589
590 msg_arg->cmd = OPTEE_MSG_CMD_CANCEL;
591 msg_arg->session = session;
592 msg_arg->cancel_id = cancel_id;
593 optee->ops->do_call_with_arg(ctx, shm, offs, system_thread);
594
595 optee_free_msg_arg(ctx, entry, offs);
596 return 0;
597 }
598
599 static bool is_normal_memory(pgprot_t p)
600 {
601 #if defined(CONFIG_ARM)
602 return (((pgprot_val(p) & L_PTE_MT_MASK) == L_PTE_MT_WRITEALLOC) ||
603 ((pgprot_val(p) & L_PTE_MT_MASK) == L_PTE_MT_WRITEBACK));
604 #elif defined(CONFIG_ARM64)
605 return (pgprot_val(p) & PTE_ATTRINDX_MASK) == PTE_ATTRINDX(MT_NORMAL);
606 #else
607 #error "Unsupported architecture"
608 #endif
609 }
610
611 static int __check_mem_type(struct mm_struct *mm, unsigned long start,
612 unsigned long end)
613 {
614 struct vm_area_struct *vma;
615 VMA_ITERATOR(vmi, mm, start);
616
617 for_each_vma_range(vmi, vma, end) {
618 if (!is_normal_memory(vma->vm_page_prot))
619 return -EINVAL;
620 }
621
622 return 0;
623 }
624
625 int optee_check_mem_type(unsigned long start, size_t num_pages)
626 {
627 struct mm_struct *mm = current->mm;
628 int rc;
629
630 /*
631 * Allow kernel address to register with OP-TEE as kernel
632 * pages are configured as normal memory only.
633 */
634 if (virt_addr_valid((void *)start) || is_vmalloc_addr((void *)start))
635 return 0;
636
637 mmap_read_lock(mm);
638 rc = __check_mem_type(mm, start, start + num_pages * PAGE_SIZE);
639 mmap_read_unlock(mm);
640
641 return rc;
642 }
643
644 static int simple_call_with_arg(struct tee_context *ctx, u32 cmd)
645 {
646 struct optee *optee = tee_get_drvdata(ctx->teedev);
647 struct optee_shm_arg_entry *entry;
648 struct optee_msg_arg *msg_arg;
649 struct tee_shm *shm;
650 u_int offs;
651
652 msg_arg = optee_get_msg_arg(ctx, 0, &entry, &shm, &offs);
653 if (IS_ERR(msg_arg))
654 return PTR_ERR(msg_arg);
655
656 msg_arg->cmd = cmd;
657 optee->ops->do_call_with_arg(ctx, shm, offs, false);
658
659 optee_free_msg_arg(ctx, entry, offs);
660 return 0;
661 }
662
663 int optee_do_bottom_half(struct tee_context *ctx)
664 {
665 return simple_call_with_arg(ctx, OPTEE_MSG_CMD_DO_BOTTOM_HALF);
666 }
667
668 int optee_stop_async_notif(struct tee_context *ctx)
669 {
670 return simple_call_with_arg(ctx, OPTEE_MSG_CMD_STOP_ASYNC_NOTIF);
671 }
Kernel DRM miscellaneous fixes and cross-tree changes