search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
drm/i915/dsi: Control panel and backlight enable GPIOs on BYT
[linux/fpc-iii.git] / drivers / tee / tee_core.c
blob37d22e39fd8d21ea282f8cdf17da1dd5775b6ecb
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * Copyright (c) 2015-2016, Linaro Limited
4 */
5
6 #define pr_fmt(fmt) "%s: " fmt, __func__
7
8 #include <linux/cdev.h>
9 #include <linux/fs.h>
10 #include <linux/idr.h>
11 #include <linux/module.h>
12 #include <linux/slab.h>
13 #include <linux/tee_drv.h>
14 #include <linux/uaccess.h>
15 #include "tee_private.h"
16
17 #define TEE_NUM_DEVICES 32
18
19 #define TEE_IOCTL_PARAM_SIZE(x) (sizeof(struct tee_param) * (x))
20
21 /*
22 * Unprivileged devices in the lower half range and privileged devices in
23 * the upper half range.
24 */
25 static DECLARE_BITMAP(dev_mask, TEE_NUM_DEVICES);
26 static DEFINE_SPINLOCK(driver_lock);
27
28 static struct class *tee_class;
29 static dev_t tee_devt;
30
31 static struct tee_context *teedev_open(struct tee_device *teedev)
32 {
33 int rc;
34 struct tee_context *ctx;
35
36 if (!tee_device_get(teedev))
37 return ERR_PTR(-EINVAL);
38
39 ctx = kzalloc(sizeof(*ctx), GFP_KERNEL);
40 if (!ctx) {
41 rc = -ENOMEM;
42 goto err;
43 }
44
45 kref_init(&ctx->refcount);
46 ctx->teedev = teedev;
47 INIT_LIST_HEAD(&ctx->list_shm);
48 rc = teedev->desc->ops->open(ctx);
49 if (rc)
50 goto err;
51
52 return ctx;
53 err:
54 kfree(ctx);
55 tee_device_put(teedev);
56 return ERR_PTR(rc);
57
58 }
59
60 void teedev_ctx_get(struct tee_context *ctx)
61 {
62 if (ctx->releasing)
63 return;
64
65 kref_get(&ctx->refcount);
66 }
67
68 static void teedev_ctx_release(struct kref *ref)
69 {
70 struct tee_context *ctx = container_of(ref, struct tee_context,
71 refcount);
72 ctx->releasing = true;
73 ctx->teedev->desc->ops->release(ctx);
74 kfree(ctx);
75 }
76
77 void teedev_ctx_put(struct tee_context *ctx)
78 {
79 if (ctx->releasing)
80 return;
81
82 kref_put(&ctx->refcount, teedev_ctx_release);
83 }
84
85 static void teedev_close_context(struct tee_context *ctx)
86 {
87 tee_device_put(ctx->teedev);
88 teedev_ctx_put(ctx);
89 }
90
91 static int tee_open(struct inode *inode, struct file *filp)
92 {
93 struct tee_context *ctx;
94
95 ctx = teedev_open(container_of(inode->i_cdev, struct tee_device, cdev));
96 if (IS_ERR(ctx))
97 return PTR_ERR(ctx);
98
99 /*
100 * Default user-space behaviour is to wait for tee-supplicant
101 * if not present for any requests in this context.
102 */
103 ctx->supp_nowait = false;
104 filp->private_data = ctx;
105 return 0;
106 }
107
108 static int tee_release(struct inode *inode, struct file *filp)
109 {
110 teedev_close_context(filp->private_data);
111 return 0;
112 }
113
114 static int tee_ioctl_version(struct tee_context *ctx,
115 struct tee_ioctl_version_data __user *uvers)
116 {
117 struct tee_ioctl_version_data vers;
118
119 ctx->teedev->desc->ops->get_version(ctx->teedev, &vers);
120
121 if (ctx->teedev->desc->flags & TEE_DESC_PRIVILEGED)
122 vers.gen_caps |= TEE_GEN_CAP_PRIVILEGED;
123
124 if (copy_to_user(uvers, &vers, sizeof(vers)))
125 return -EFAULT;
126
127 return 0;
128 }
129
130 static int tee_ioctl_shm_alloc(struct tee_context *ctx,
131 struct tee_ioctl_shm_alloc_data __user *udata)
132 {
133 long ret;
134 struct tee_ioctl_shm_alloc_data data;
135 struct tee_shm *shm;
136
137 if (copy_from_user(&data, udata, sizeof(data)))
138 return -EFAULT;
139
140 /* Currently no input flags are supported */
141 if (data.flags)
142 return -EINVAL;
143
144 shm = tee_shm_alloc(ctx, data.size, TEE_SHM_MAPPED | TEE_SHM_DMA_BUF);
145 if (IS_ERR(shm))
146 return PTR_ERR(shm);
147
148 data.id = shm->id;
149 data.flags = shm->flags;
150 data.size = shm->size;
151
152 if (copy_to_user(udata, &data, sizeof(data)))
153 ret = -EFAULT;
154 else
155 ret = tee_shm_get_fd(shm);
156
157 /*
158 * When user space closes the file descriptor the shared memory
159 * should be freed or if tee_shm_get_fd() failed then it will
160 * be freed immediately.
161 */
162 tee_shm_put(shm);
163 return ret;
164 }
165
166 static int
167 tee_ioctl_shm_register(struct tee_context *ctx,
168 struct tee_ioctl_shm_register_data __user *udata)
169 {
170 long ret;
171 struct tee_ioctl_shm_register_data data;
172 struct tee_shm *shm;
173
174 if (copy_from_user(&data, udata, sizeof(data)))
175 return -EFAULT;
176
177 /* Currently no input flags are supported */
178 if (data.flags)
179 return -EINVAL;
180
181 shm = tee_shm_register(ctx, data.addr, data.length,
182 TEE_SHM_DMA_BUF | TEE_SHM_USER_MAPPED);
183 if (IS_ERR(shm))
184 return PTR_ERR(shm);
185
186 data.id = shm->id;
187 data.flags = shm->flags;
188 data.length = shm->size;
189
190 if (copy_to_user(udata, &data, sizeof(data)))
191 ret = -EFAULT;
192 else
193 ret = tee_shm_get_fd(shm);
194 /*
195 * When user space closes the file descriptor the shared memory
196 * should be freed or if tee_shm_get_fd() failed then it will
197 * be freed immediately.
198 */
199 tee_shm_put(shm);
200 return ret;
201 }
202
203 static int params_from_user(struct tee_context *ctx, struct tee_param *params,
204 size_t num_params,
205 struct tee_ioctl_param __user *uparams)
206 {
207 size_t n;
208
209 for (n = 0; n < num_params; n++) {
210 struct tee_shm *shm;
211 struct tee_ioctl_param ip;
212
213 if (copy_from_user(&ip, uparams + n, sizeof(ip)))
214 return -EFAULT;
215
216 /* All unused attribute bits has to be zero */
217 if (ip.attr & ~TEE_IOCTL_PARAM_ATTR_MASK)
218 return -EINVAL;
219
220 params[n].attr = ip.attr;
221 switch (ip.attr & TEE_IOCTL_PARAM_ATTR_TYPE_MASK) {
222 case TEE_IOCTL_PARAM_ATTR_TYPE_NONE:
223 case TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_OUTPUT:
224 break;
225 case TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT:
226 case TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INOUT:
227 params[n].u.value.a = ip.a;
228 params[n].u.value.b = ip.b;
229 params[n].u.value.c = ip.c;
230 break;
231 case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INPUT:
232 case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT:
233 case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INOUT:
234 /*
235 * If we fail to get a pointer to a shared memory
236 * object (and increase the ref count) from an
237 * identifier we return an error. All pointers that
238 * has been added in params have an increased ref
239 * count. It's the callers responibility to do
240 * tee_shm_put() on all resolved pointers.
241 */
242 shm = tee_shm_get_from_id(ctx, ip.c);
243 if (IS_ERR(shm))
244 return PTR_ERR(shm);
245
246 /*
247 * Ensure offset + size does not overflow offset
248 * and does not overflow the size of the referred
249 * shared memory object.
250 */
251 if ((ip.a + ip.b) < ip.a ||
252 (ip.a + ip.b) > shm->size) {
253 tee_shm_put(shm);
254 return -EINVAL;
255 }
256
257 params[n].u.memref.shm_offs = ip.a;
258 params[n].u.memref.size = ip.b;
259 params[n].u.memref.shm = shm;
260 break;
261 default:
262 /* Unknown attribute */
263 return -EINVAL;
264 }
265 }
266 return 0;
267 }
268
269 static int params_to_user(struct tee_ioctl_param __user *uparams,
270 size_t num_params, struct tee_param *params)
271 {
272 size_t n;
273
274 for (n = 0; n < num_params; n++) {
275 struct tee_ioctl_param __user *up = uparams + n;
276 struct tee_param *p = params + n;
277
278 switch (p->attr) {
279 case TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_OUTPUT:
280 case TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INOUT:
281 if (put_user(p->u.value.a, &up->a) ||
282 put_user(p->u.value.b, &up->b) ||
283 put_user(p->u.value.c, &up->c))
284 return -EFAULT;
285 break;
286 case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT:
287 case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INOUT:
288 if (put_user((u64)p->u.memref.size, &up->b))
289 return -EFAULT;
290 default:
291 break;
292 }
293 }
294 return 0;
295 }
296
297 static int tee_ioctl_open_session(struct tee_context *ctx,
298 struct tee_ioctl_buf_data __user *ubuf)
299 {
300 int rc;
301 size_t n;
302 struct tee_ioctl_buf_data buf;
303 struct tee_ioctl_open_session_arg __user *uarg;
304 struct tee_ioctl_open_session_arg arg;
305 struct tee_ioctl_param __user *uparams = NULL;
306 struct tee_param *params = NULL;
307 bool have_session = false;
308
309 if (!ctx->teedev->desc->ops->open_session)
310 return -EINVAL;
311
312 if (copy_from_user(&buf, ubuf, sizeof(buf)))
313 return -EFAULT;
314
315 if (buf.buf_len > TEE_MAX_ARG_SIZE ||
316 buf.buf_len < sizeof(struct tee_ioctl_open_session_arg))
317 return -EINVAL;
318
319 uarg = u64_to_user_ptr(buf.buf_ptr);
320 if (copy_from_user(&arg, uarg, sizeof(arg)))
321 return -EFAULT;
322
323 if (sizeof(arg) + TEE_IOCTL_PARAM_SIZE(arg.num_params) != buf.buf_len)
324 return -EINVAL;
325
326 if (arg.num_params) {
327 params = kcalloc(arg.num_params, sizeof(struct tee_param),
328 GFP_KERNEL);
329 if (!params)
330 return -ENOMEM;
331 uparams = uarg->params;
332 rc = params_from_user(ctx, params, arg.num_params, uparams);
333 if (rc)
334 goto out;
335 }
336
337 rc = ctx->teedev->desc->ops->open_session(ctx, &arg, params);
338 if (rc)
339 goto out;
340 have_session = true;
341
342 if (put_user(arg.session, &uarg->session) ||
343 put_user(arg.ret, &uarg->ret) ||
344 put_user(arg.ret_origin, &uarg->ret_origin)) {
345 rc = -EFAULT;
346 goto out;
347 }
348 rc = params_to_user(uparams, arg.num_params, params);
349 out:
350 /*
351 * If we've succeeded to open the session but failed to communicate
352 * it back to user space, close the session again to avoid leakage.
353 */
354 if (rc && have_session && ctx->teedev->desc->ops->close_session)
355 ctx->teedev->desc->ops->close_session(ctx, arg.session);
356
357 if (params) {
358 /* Decrease ref count for all valid shared memory pointers */
359 for (n = 0; n < arg.num_params; n++)
360 if (tee_param_is_memref(params + n) &&
361 params[n].u.memref.shm)
362 tee_shm_put(params[n].u.memref.shm);
363 kfree(params);
364 }
365
366 return rc;
367 }
368
369 static int tee_ioctl_invoke(struct tee_context *ctx,
370 struct tee_ioctl_buf_data __user *ubuf)
371 {
372 int rc;
373 size_t n;
374 struct tee_ioctl_buf_data buf;
375 struct tee_ioctl_invoke_arg __user *uarg;
376 struct tee_ioctl_invoke_arg arg;
377 struct tee_ioctl_param __user *uparams = NULL;
378 struct tee_param *params = NULL;
379
380 if (!ctx->teedev->desc->ops->invoke_func)
381 return -EINVAL;
382
383 if (copy_from_user(&buf, ubuf, sizeof(buf)))
384 return -EFAULT;
385
386 if (buf.buf_len > TEE_MAX_ARG_SIZE ||
387 buf.buf_len < sizeof(struct tee_ioctl_invoke_arg))
388 return -EINVAL;
389
390 uarg = u64_to_user_ptr(buf.buf_ptr);
391 if (copy_from_user(&arg, uarg, sizeof(arg)))
392 return -EFAULT;
393
394 if (sizeof(arg) + TEE_IOCTL_PARAM_SIZE(arg.num_params) != buf.buf_len)
395 return -EINVAL;
396
397 if (arg.num_params) {
398 params = kcalloc(arg.num_params, sizeof(struct tee_param),
399 GFP_KERNEL);
400 if (!params)
401 return -ENOMEM;
402 uparams = uarg->params;
403 rc = params_from_user(ctx, params, arg.num_params, uparams);
404 if (rc)
405 goto out;
406 }
407
408 rc = ctx->teedev->desc->ops->invoke_func(ctx, &arg, params);
409 if (rc)
410 goto out;
411
412 if (put_user(arg.ret, &uarg->ret) ||
413 put_user(arg.ret_origin, &uarg->ret_origin)) {
414 rc = -EFAULT;
415 goto out;
416 }
417 rc = params_to_user(uparams, arg.num_params, params);
418 out:
419 if (params) {
420 /* Decrease ref count for all valid shared memory pointers */
421 for (n = 0; n < arg.num_params; n++)
422 if (tee_param_is_memref(params + n) &&
423 params[n].u.memref.shm)
424 tee_shm_put(params[n].u.memref.shm);
425 kfree(params);
426 }
427 return rc;
428 }
429
430 static int tee_ioctl_cancel(struct tee_context *ctx,
431 struct tee_ioctl_cancel_arg __user *uarg)
432 {
433 struct tee_ioctl_cancel_arg arg;
434
435 if (!ctx->teedev->desc->ops->cancel_req)
436 return -EINVAL;
437
438 if (copy_from_user(&arg, uarg, sizeof(arg)))
439 return -EFAULT;
440
441 return ctx->teedev->desc->ops->cancel_req(ctx, arg.cancel_id,
442 arg.session);
443 }
444
445 static int
446 tee_ioctl_close_session(struct tee_context *ctx,
447 struct tee_ioctl_close_session_arg __user *uarg)
448 {
449 struct tee_ioctl_close_session_arg arg;
450
451 if (!ctx->teedev->desc->ops->close_session)
452 return -EINVAL;
453
454 if (copy_from_user(&arg, uarg, sizeof(arg)))
455 return -EFAULT;
456
457 return ctx->teedev->desc->ops->close_session(ctx, arg.session);
458 }
459
460 static int params_to_supp(struct tee_context *ctx,
461 struct tee_ioctl_param __user *uparams,
462 size_t num_params, struct tee_param *params)
463 {
464 size_t n;
465
466 for (n = 0; n < num_params; n++) {
467 struct tee_ioctl_param ip;
468 struct tee_param *p = params + n;
469
470 ip.attr = p->attr;
471 switch (p->attr & TEE_IOCTL_PARAM_ATTR_TYPE_MASK) {
472 case TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT:
473 case TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INOUT:
474 ip.a = p->u.value.a;
475 ip.b = p->u.value.b;
476 ip.c = p->u.value.c;
477 break;
478 case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INPUT:
479 case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT:
480 case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INOUT:
481 ip.b = p->u.memref.size;
482 if (!p->u.memref.shm) {
483 ip.a = 0;
484 ip.c = (u64)-1; /* invalid shm id */
485 break;
486 }
487 ip.a = p->u.memref.shm_offs;
488 ip.c = p->u.memref.shm->id;
489 break;
490 default:
491 ip.a = 0;
492 ip.b = 0;
493 ip.c = 0;
494 break;
495 }
496
497 if (copy_to_user(uparams + n, &ip, sizeof(ip)))
498 return -EFAULT;
499 }
500
501 return 0;
502 }
503
504 static int tee_ioctl_supp_recv(struct tee_context *ctx,
505 struct tee_ioctl_buf_data __user *ubuf)
506 {
507 int rc;
508 struct tee_ioctl_buf_data buf;
509 struct tee_iocl_supp_recv_arg __user *uarg;
510 struct tee_param *params;
511 u32 num_params;
512 u32 func;
513
514 if (!ctx->teedev->desc->ops->supp_recv)
515 return -EINVAL;
516
517 if (copy_from_user(&buf, ubuf, sizeof(buf)))
518 return -EFAULT;
519
520 if (buf.buf_len > TEE_MAX_ARG_SIZE ||
521 buf.buf_len < sizeof(struct tee_iocl_supp_recv_arg))
522 return -EINVAL;
523
524 uarg = u64_to_user_ptr(buf.buf_ptr);
525 if (get_user(num_params, &uarg->num_params))
526 return -EFAULT;
527
528 if (sizeof(*uarg) + TEE_IOCTL_PARAM_SIZE(num_params) != buf.buf_len)
529 return -EINVAL;
530
531 params = kcalloc(num_params, sizeof(struct tee_param), GFP_KERNEL);
532 if (!params)
533 return -ENOMEM;
534
535 rc = params_from_user(ctx, params, num_params, uarg->params);
536 if (rc)
537 goto out;
538
539 rc = ctx->teedev->desc->ops->supp_recv(ctx, &func, &num_params, params);
540 if (rc)
541 goto out;
542
543 if (put_user(func, &uarg->func) ||
544 put_user(num_params, &uarg->num_params)) {
545 rc = -EFAULT;
546 goto out;
547 }
548
549 rc = params_to_supp(ctx, uarg->params, num_params, params);
550 out:
551 kfree(params);
552 return rc;
553 }
554
555 static int params_from_supp(struct tee_param *params, size_t num_params,
556 struct tee_ioctl_param __user *uparams)
557 {
558 size_t n;
559
560 for (n = 0; n < num_params; n++) {
561 struct tee_param *p = params + n;
562 struct tee_ioctl_param ip;
563
564 if (copy_from_user(&ip, uparams + n, sizeof(ip)))
565 return -EFAULT;
566
567 /* All unused attribute bits has to be zero */
568 if (ip.attr & ~TEE_IOCTL_PARAM_ATTR_MASK)
569 return -EINVAL;
570
571 p->attr = ip.attr;
572 switch (ip.attr & TEE_IOCTL_PARAM_ATTR_TYPE_MASK) {
573 case TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_OUTPUT:
574 case TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INOUT:
575 /* Only out and in/out values can be updated */
576 p->u.value.a = ip.a;
577 p->u.value.b = ip.b;
578 p->u.value.c = ip.c;
579 break;
580 case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT:
581 case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INOUT:
582 /*
583 * Only the size of the memref can be updated.
584 * Since we don't have access to the original
585 * parameters here, only store the supplied size.
586 * The driver will copy the updated size into the
587 * original parameters.
588 */
589 p->u.memref.shm = NULL;
590 p->u.memref.shm_offs = 0;
591 p->u.memref.size = ip.b;
592 break;
593 default:
594 memset(&p->u, 0, sizeof(p->u));
595 break;
596 }
597 }
598 return 0;
599 }
600
601 static int tee_ioctl_supp_send(struct tee_context *ctx,
602 struct tee_ioctl_buf_data __user *ubuf)
603 {
604 long rc;
605 struct tee_ioctl_buf_data buf;
606 struct tee_iocl_supp_send_arg __user *uarg;
607 struct tee_param *params;
608 u32 num_params;
609 u32 ret;
610
611 /* Not valid for this driver */
612 if (!ctx->teedev->desc->ops->supp_send)
613 return -EINVAL;
614
615 if (copy_from_user(&buf, ubuf, sizeof(buf)))
616 return -EFAULT;
617
618 if (buf.buf_len > TEE_MAX_ARG_SIZE ||
619 buf.buf_len < sizeof(struct tee_iocl_supp_send_arg))
620 return -EINVAL;
621
622 uarg = u64_to_user_ptr(buf.buf_ptr);
623 if (get_user(ret, &uarg->ret) ||
624 get_user(num_params, &uarg->num_params))
625 return -EFAULT;
626
627 if (sizeof(*uarg) + TEE_IOCTL_PARAM_SIZE(num_params) > buf.buf_len)
628 return -EINVAL;
629
630 params = kcalloc(num_params, sizeof(struct tee_param), GFP_KERNEL);
631 if (!params)
632 return -ENOMEM;
633
634 rc = params_from_supp(params, num_params, uarg->params);
635 if (rc)
636 goto out;
637
638 rc = ctx->teedev->desc->ops->supp_send(ctx, ret, num_params, params);
639 out:
640 kfree(params);
641 return rc;
642 }
643
644 static long tee_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
645 {
646 struct tee_context *ctx = filp->private_data;
647 void __user *uarg = (void __user *)arg;
648
649 switch (cmd) {
650 case TEE_IOC_VERSION:
651 return tee_ioctl_version(ctx, uarg);
652 case TEE_IOC_SHM_ALLOC:
653 return tee_ioctl_shm_alloc(ctx, uarg);
654 case TEE_IOC_SHM_REGISTER:
655 return tee_ioctl_shm_register(ctx, uarg);
656 case TEE_IOC_OPEN_SESSION:
657 return tee_ioctl_open_session(ctx, uarg);
658 case TEE_IOC_INVOKE:
659 return tee_ioctl_invoke(ctx, uarg);
660 case TEE_IOC_CANCEL:
661 return tee_ioctl_cancel(ctx, uarg);
662 case TEE_IOC_CLOSE_SESSION:
663 return tee_ioctl_close_session(ctx, uarg);
664 case TEE_IOC_SUPPL_RECV:
665 return tee_ioctl_supp_recv(ctx, uarg);
666 case TEE_IOC_SUPPL_SEND:
667 return tee_ioctl_supp_send(ctx, uarg);
668 default:
669 return -EINVAL;
670 }
671 }
672
673 static const struct file_operations tee_fops = {
674 .owner = THIS_MODULE,
675 .open = tee_open,
676 .release = tee_release,
677 .unlocked_ioctl = tee_ioctl,
678 .compat_ioctl = compat_ptr_ioctl,
679 };
680
681 static void tee_release_device(struct device *dev)
682 {
683 struct tee_device *teedev = container_of(dev, struct tee_device, dev);
684
685 spin_lock(&driver_lock);
686 clear_bit(teedev->id, dev_mask);
687 spin_unlock(&driver_lock);
688 mutex_destroy(&teedev->mutex);
689 idr_destroy(&teedev->idr);
690 kfree(teedev);
691 }
692
693 /**
694 * tee_device_alloc() - Allocate a new struct tee_device instance
695 * @teedesc: Descriptor for this driver
696 * @dev: Parent device for this device
697 * @pool: Shared memory pool, NULL if not used
698 * @driver_data: Private driver data for this device
699 *
700 * Allocates a new struct tee_device instance. The device is
701 * removed by tee_device_unregister().
702 *
703 * @returns a pointer to a 'struct tee_device' or an ERR_PTR on failure
704 */
705 struct tee_device *tee_device_alloc(const struct tee_desc *teedesc,
706 struct device *dev,
707 struct tee_shm_pool *pool,
708 void *driver_data)
709 {
710 struct tee_device *teedev;
711 void *ret;
712 int rc, max_id;
713 int offs = 0;
714
715 if (!teedesc || !teedesc->name || !teedesc->ops ||
716 !teedesc->ops->get_version || !teedesc->ops->open ||
717 !teedesc->ops->release || !pool)
718 return ERR_PTR(-EINVAL);
719
720 teedev = kzalloc(sizeof(*teedev), GFP_KERNEL);
721 if (!teedev) {
722 ret = ERR_PTR(-ENOMEM);
723 goto err;
724 }
725
726 max_id = TEE_NUM_DEVICES / 2;
727
728 if (teedesc->flags & TEE_DESC_PRIVILEGED) {
729 offs = TEE_NUM_DEVICES / 2;
730 max_id = TEE_NUM_DEVICES;
731 }
732
733 spin_lock(&driver_lock);
734 teedev->id = find_next_zero_bit(dev_mask, max_id, offs);
735 if (teedev->id < max_id)
736 set_bit(teedev->id, dev_mask);
737 spin_unlock(&driver_lock);
738
739 if (teedev->id >= max_id) {
740 ret = ERR_PTR(-ENOMEM);
741 goto err;
742 }
743
744 snprintf(teedev->name, sizeof(teedev->name), "tee%s%d",
745 teedesc->flags & TEE_DESC_PRIVILEGED ? "priv" : "",
746 teedev->id - offs);
747
748 teedev->dev.class = tee_class;
749 teedev->dev.release = tee_release_device;
750 teedev->dev.parent = dev;
751
752 teedev->dev.devt = MKDEV(MAJOR(tee_devt), teedev->id);
753
754 rc = dev_set_name(&teedev->dev, "%s", teedev->name);
755 if (rc) {
756 ret = ERR_PTR(rc);
757 goto err_devt;
758 }
759
760 cdev_init(&teedev->cdev, &tee_fops);
761 teedev->cdev.owner = teedesc->owner;
762 teedev->cdev.kobj.parent = &teedev->dev.kobj;
763
764 dev_set_drvdata(&teedev->dev, driver_data);
765 device_initialize(&teedev->dev);
766
767 /* 1 as tee_device_unregister() does one final tee_device_put() */
768 teedev->num_users = 1;
769 init_completion(&teedev->c_no_users);
770 mutex_init(&teedev->mutex);
771 idr_init(&teedev->idr);
772
773 teedev->desc = teedesc;
774 teedev->pool = pool;
775
776 return teedev;
777 err_devt:
778 unregister_chrdev_region(teedev->dev.devt, 1);
779 err:
780 pr_err("could not register %s driver\n",
781 teedesc->flags & TEE_DESC_PRIVILEGED ? "privileged" : "client");
782 if (teedev && teedev->id < TEE_NUM_DEVICES) {
783 spin_lock(&driver_lock);
784 clear_bit(teedev->id, dev_mask);
785 spin_unlock(&driver_lock);
786 }
787 kfree(teedev);
788 return ret;
789 }
790 EXPORT_SYMBOL_GPL(tee_device_alloc);
791
792 static ssize_t implementation_id_show(struct device *dev,
793 struct device_attribute *attr, char *buf)
794 {
795 struct tee_device *teedev = container_of(dev, struct tee_device, dev);
796 struct tee_ioctl_version_data vers;
797
798 teedev->desc->ops->get_version(teedev, &vers);
799 return scnprintf(buf, PAGE_SIZE, "%d\n", vers.impl_id);
800 }
801 static DEVICE_ATTR_RO(implementation_id);
802
803 static struct attribute *tee_dev_attrs[] = {
804 &dev_attr_implementation_id.attr,
805 NULL
806 };
807
808 static const struct attribute_group tee_dev_group = {
809 .attrs = tee_dev_attrs,
810 };
811
812 /**
813 * tee_device_register() - Registers a TEE device
814 * @teedev: Device to register
815 *
816 * tee_device_unregister() need to be called to remove the @teedev if
817 * this function fails.
818 *
819 * @returns < 0 on failure
820 */
821 int tee_device_register(struct tee_device *teedev)
822 {
823 int rc;
824
825 if (teedev->flags & TEE_DEVICE_FLAG_REGISTERED) {
826 dev_err(&teedev->dev, "attempt to register twice\n");
827 return -EINVAL;
828 }
829
830 rc = cdev_add(&teedev->cdev, teedev->dev.devt, 1);
831 if (rc) {
832 dev_err(&teedev->dev,
833 "unable to cdev_add() %s, major %d, minor %d, err=%d\n",
834 teedev->name, MAJOR(teedev->dev.devt),
835 MINOR(teedev->dev.devt), rc);
836 return rc;
837 }
838
839 rc = device_add(&teedev->dev);
840 if (rc) {
841 dev_err(&teedev->dev,
842 "unable to device_add() %s, major %d, minor %d, err=%d\n",
843 teedev->name, MAJOR(teedev->dev.devt),
844 MINOR(teedev->dev.devt), rc);
845 goto err_device_add;
846 }
847
848 rc = sysfs_create_group(&teedev->dev.kobj, &tee_dev_group);
849 if (rc) {
850 dev_err(&teedev->dev,
851 "failed to create sysfs attributes, err=%d\n", rc);
852 goto err_sysfs_create_group;
853 }
854
855 teedev->flags |= TEE_DEVICE_FLAG_REGISTERED;
856 return 0;
857
858 err_sysfs_create_group:
859 device_del(&teedev->dev);
860 err_device_add:
861 cdev_del(&teedev->cdev);
862 return rc;
863 }
864 EXPORT_SYMBOL_GPL(tee_device_register);
865
866 void tee_device_put(struct tee_device *teedev)
867 {
868 mutex_lock(&teedev->mutex);
869 /* Shouldn't put in this state */
870 if (!WARN_ON(!teedev->desc)) {
871 teedev->num_users--;
872 if (!teedev->num_users) {
873 teedev->desc = NULL;
874 complete(&teedev->c_no_users);
875 }
876 }
877 mutex_unlock(&teedev->mutex);
878 }
879
880 bool tee_device_get(struct tee_device *teedev)
881 {
882 mutex_lock(&teedev->mutex);
883 if (!teedev->desc) {
884 mutex_unlock(&teedev->mutex);
885 return false;
886 }
887 teedev->num_users++;
888 mutex_unlock(&teedev->mutex);
889 return true;
890 }
891
892 /**
893 * tee_device_unregister() - Removes a TEE device
894 * @teedev: Device to unregister
895 *
896 * This function should be called to remove the @teedev even if
897 * tee_device_register() hasn't been called yet. Does nothing if
898 * @teedev is NULL.
899 */
900 void tee_device_unregister(struct tee_device *teedev)
901 {
902 if (!teedev)
903 return;
904
905 if (teedev->flags & TEE_DEVICE_FLAG_REGISTERED) {
906 sysfs_remove_group(&teedev->dev.kobj, &tee_dev_group);
907 cdev_del(&teedev->cdev);
908 device_del(&teedev->dev);
909 }
910
911 tee_device_put(teedev);
912 wait_for_completion(&teedev->c_no_users);
913
914 /*
915 * No need to take a mutex any longer now since teedev->desc was
916 * set to NULL before teedev->c_no_users was completed.
917 */
918
919 teedev->pool = NULL;
920
921 put_device(&teedev->dev);
922 }
923 EXPORT_SYMBOL_GPL(tee_device_unregister);
924
925 /**
926 * tee_get_drvdata() - Return driver_data pointer
927 * @teedev: Device containing the driver_data pointer
928 * @returns the driver_data pointer supplied to tee_register().
929 */
930 void *tee_get_drvdata(struct tee_device *teedev)
931 {
932 return dev_get_drvdata(&teedev->dev);
933 }
934 EXPORT_SYMBOL_GPL(tee_get_drvdata);
935
936 struct match_dev_data {
937 struct tee_ioctl_version_data *vers;
938 const void *data;
939 int (*match)(struct tee_ioctl_version_data *, const void *);
940 };
941
942 static int match_dev(struct device *dev, const void *data)
943 {
944 const struct match_dev_data *match_data = data;
945 struct tee_device *teedev = container_of(dev, struct tee_device, dev);
946
947 teedev->desc->ops->get_version(teedev, match_data->vers);
948 return match_data->match(match_data->vers, match_data->data);
949 }
950
951 struct tee_context *
952 tee_client_open_context(struct tee_context *start,
953 int (*match)(struct tee_ioctl_version_data *,
954 const void *),
955 const void *data, struct tee_ioctl_version_data *vers)
956 {
957 struct device *dev = NULL;
958 struct device *put_dev = NULL;
959 struct tee_context *ctx = NULL;
960 struct tee_ioctl_version_data v;
961 struct match_dev_data match_data = { vers ? vers : &v, data, match };
962
963 if (start)
964 dev = &start->teedev->dev;
965
966 do {
967 dev = class_find_device(tee_class, dev, &match_data, match_dev);
968 if (!dev) {
969 ctx = ERR_PTR(-ENOENT);
970 break;
971 }
972
973 put_device(put_dev);
974 put_dev = dev;
975
976 ctx = teedev_open(container_of(dev, struct tee_device, dev));
977 } while (IS_ERR(ctx) && PTR_ERR(ctx) != -ENOMEM);
978
979 put_device(put_dev);
980 /*
981 * Default behaviour for in kernel client is to not wait for
982 * tee-supplicant if not present for any requests in this context.
983 * Also this flag could be configured again before call to
984 * tee_client_open_session() if any in kernel client requires
985 * different behaviour.
986 */
987 if (!IS_ERR(ctx))
988 ctx->supp_nowait = true;
989
990 return ctx;
991 }
992 EXPORT_SYMBOL_GPL(tee_client_open_context);
993
994 void tee_client_close_context(struct tee_context *ctx)
995 {
996 teedev_close_context(ctx);
997 }
998 EXPORT_SYMBOL_GPL(tee_client_close_context);
999
1000 void tee_client_get_version(struct tee_context *ctx,
1001 struct tee_ioctl_version_data *vers)
1002 {
1003 ctx->teedev->desc->ops->get_version(ctx->teedev, vers);
1004 }
1005 EXPORT_SYMBOL_GPL(tee_client_get_version);
1006
1007 int tee_client_open_session(struct tee_context *ctx,
1008 struct tee_ioctl_open_session_arg *arg,
1009 struct tee_param *param)
1010 {
1011 if (!ctx->teedev->desc->ops->open_session)
1012 return -EINVAL;
1013 return ctx->teedev->desc->ops->open_session(ctx, arg, param);
1014 }
1015 EXPORT_SYMBOL_GPL(tee_client_open_session);
1016
1017 int tee_client_close_session(struct tee_context *ctx, u32 session)
1018 {
1019 if (!ctx->teedev->desc->ops->close_session)
1020 return -EINVAL;
1021 return ctx->teedev->desc->ops->close_session(ctx, session);
1022 }
1023 EXPORT_SYMBOL_GPL(tee_client_close_session);
1024
1025 int tee_client_invoke_func(struct tee_context *ctx,
1026 struct tee_ioctl_invoke_arg *arg,
1027 struct tee_param *param)
1028 {
1029 if (!ctx->teedev->desc->ops->invoke_func)
1030 return -EINVAL;
1031 return ctx->teedev->desc->ops->invoke_func(ctx, arg, param);
1032 }
1033 EXPORT_SYMBOL_GPL(tee_client_invoke_func);
1034
1035 int tee_client_cancel_req(struct tee_context *ctx,
1036 struct tee_ioctl_cancel_arg *arg)
1037 {
1038 if (!ctx->teedev->desc->ops->cancel_req)
1039 return -EINVAL;
1040 return ctx->teedev->desc->ops->cancel_req(ctx, arg->cancel_id,
1041 arg->session);
1042 }
1043
1044 static int tee_client_device_match(struct device *dev,
1045 struct device_driver *drv)
1046 {
1047 const struct tee_client_device_id *id_table;
1048 struct tee_client_device *tee_device;
1049
1050 id_table = to_tee_client_driver(drv)->id_table;
1051 tee_device = to_tee_client_device(dev);
1052
1053 while (!uuid_is_null(&id_table->uuid)) {
1054 if (uuid_equal(&tee_device->id.uuid, &id_table->uuid))
1055 return 1;
1056 id_table++;
1057 }
1058
1059 return 0;
1060 }
1061
1062 static int tee_client_device_uevent(struct device *dev,
1063 struct kobj_uevent_env *env)
1064 {
1065 uuid_t *dev_id = &to_tee_client_device(dev)->id.uuid;
1066
1067 return add_uevent_var(env, "MODALIAS=tee:%pUb", dev_id);
1068 }
1069
1070 struct bus_type tee_bus_type = {
1071 .name = "tee",
1072 .match = tee_client_device_match,
1073 .uevent = tee_client_device_uevent,
1074 };
1075 EXPORT_SYMBOL_GPL(tee_bus_type);
1076
1077 static int __init tee_init(void)
1078 {
1079 int rc;
1080
1081 tee_class = class_create(THIS_MODULE, "tee");
1082 if (IS_ERR(tee_class)) {
1083 pr_err("couldn't create class\n");
1084 return PTR_ERR(tee_class);
1085 }
1086
1087 rc = alloc_chrdev_region(&tee_devt, 0, TEE_NUM_DEVICES, "tee");
1088 if (rc) {
1089 pr_err("failed to allocate char dev region\n");
1090 goto out_unreg_class;
1091 }
1092
1093 rc = bus_register(&tee_bus_type);
1094 if (rc) {
1095 pr_err("failed to register tee bus\n");
1096 goto out_unreg_chrdev;
1097 }
1098
1099 return 0;
1100
1101 out_unreg_chrdev:
1102 unregister_chrdev_region(tee_devt, TEE_NUM_DEVICES);
1103 out_unreg_class:
1104 class_destroy(tee_class);
1105 tee_class = NULL;
1106
1107 return rc;
1108 }
1109
1110 static void __exit tee_exit(void)
1111 {
1112 bus_unregister(&tee_bus_type);
1113 unregister_chrdev_region(tee_devt, TEE_NUM_DEVICES);
1114 class_destroy(tee_class);
1115 tee_class = NULL;
1116 }
1117
1118 subsys_initcall(tee_init);
1119 module_exit(tee_exit);
1120
1121 MODULE_AUTHOR("Linaro");
1122 MODULE_DESCRIPTION("TEE Driver");
1123 MODULE_VERSION("1.0");
1124 MODULE_LICENSE("GPL v2");
Linux with added FPC-III support