From patchwork Mon Jan 15 13:52:46 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arnaud POULIQUEN X-Patchwork-Id: 762808 Received: from mx07-00178001.pphosted.com (mx07-00178001.pphosted.com [185.132.182.106]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3524D17550; Mon, 15 Jan 2024 13:54:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=foss.st.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=foss.st.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=foss.st.com header.i=@foss.st.com header.b="ySLLIzKs" Received: from pps.filterd (m0241204.ppops.net [127.0.0.1]) by mx07-00178001.pphosted.com (8.17.1.24/8.17.1.24) with ESMTP id 40FDNWdj001257; Mon, 15 Jan 2024 14:53:58 +0100 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=foss.st.com; h= from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding:content-type; s= selector1; bh=OgCELuVFO6l7+GmqvmsGfv3d0brsEPOycdRNQDOksnU=; b=yS LLIzKsqc7ldBxPvk2cCYhfsWNbMRxioygB3e/Mb2g6h/Qm3GwHP+2OErY62XmHYK a8iWb+gpwK1X+3zO5nBU1zjEzYfzD0Zf41kWjJS58g7HZupO9RCSbBaf+HyWMaid zmF5lPQSffOpJqATdPcXEqgLnwLhgCPqFETj7kT2dOCqZAFfk/PLQ99GCmRTdnKP y2tuCyCBFR2fq8AE9+kKUhI8++ijR3iLBZB0xCzRVoB9V8dOMTFFakFu0/ozTbNO 0sg4Tc7XSKOj9N47JBN3ZNQwbyXGfn6yFMZ6HjAdQ2mi7IcEtifwoDauQRjnOGY/ DJw44jzZxfCIuOtMramw== Received: from beta.dmz-eu.st.com (beta.dmz-eu.st.com [164.129.1.35]) by mx07-00178001.pphosted.com (PPS) with ESMTPS id 3vkma5rwhc-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 15 Jan 2024 14:53:58 +0100 (CET) Received: from euls16034.sgp.st.com (euls16034.sgp.st.com [10.75.44.20]) by beta.dmz-eu.st.com (STMicroelectronics) with ESMTP id 49AD5100057; Mon, 15 Jan 2024 14:53:58 +0100 (CET) Received: from Webmail-eu.st.com (shfdag1node2.st.com [10.75.129.70]) by euls16034.sgp.st.com (STMicroelectronics) with ESMTP id 3C8E228EF7F; Mon, 15 Jan 2024 14:53:58 +0100 (CET) Received: from localhost (10.201.20.75) by SHFDAG1NODE2.st.com (10.75.129.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 15 Jan 2024 14:53:57 +0100 From: Arnaud Pouliquen To: Bjorn Andersson , Mathieu Poirier , Jens Wiklander , Rob Herring , Krzysztof Kozlowski , Conor Dooley CC: , , , , , , Arnaud Pouliquen Subject: [PATCH 1/4] remoteproc: Add TEE support Date: Mon, 15 Jan 2024 14:52:46 +0100 Message-ID: <20240115135249.296822-2-arnaud.pouliquen@foss.st.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240115135249.296822-1-arnaud.pouliquen@foss.st.com> References: <20240115135249.296822-1-arnaud.pouliquen@foss.st.com> Precedence: bulk X-Mailing-List: devicetree@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: EQNCAS1NODE3.st.com (10.75.129.80) To SHFDAG1NODE2.st.com (10.75.129.70) X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-01-05_08,2024-01-05_01,2023-05-22_02 From: Arnaud Pouliquen Add a remoteproc TEE (Trusted Execution Environment) device that will be probed by the TEE bus. If the associated Trusted application is supported on secure part this device offers a client interface to load a firmware in the secure part. This firmware could be authenticated and decrypted by the secure trusted application. Signed-off-by: Arnaud Pouliquen --- drivers/remoteproc/Kconfig | 9 + drivers/remoteproc/Makefile | 1 + drivers/remoteproc/tee_remoteproc.c | 393 ++++++++++++++++++++++++++++ include/linux/tee_remoteproc.h | 99 +++++++ 4 files changed, 502 insertions(+) create mode 100644 drivers/remoteproc/tee_remoteproc.c create mode 100644 include/linux/tee_remoteproc.h diff --git a/drivers/remoteproc/Kconfig b/drivers/remoteproc/Kconfig index 48845dc8fa85..85299606806c 100644 --- a/drivers/remoteproc/Kconfig +++ b/drivers/remoteproc/Kconfig @@ -365,6 +365,15 @@ config XLNX_R5_REMOTEPROC It's safe to say N if not interested in using RPU r5f cores. + +config TEE_REMOTEPROC + tristate "trusted firmware support by a TEE application" + depends on OPTEE + help + Support for trusted remote processors firmware. The firmware + authentication and/or decryption are managed by a trusted application. + This can be either built-in or a loadable module. + endif # REMOTEPROC endmenu diff --git a/drivers/remoteproc/Makefile b/drivers/remoteproc/Makefile index 91314a9b43ce..fa8daebce277 100644 --- a/drivers/remoteproc/Makefile +++ b/drivers/remoteproc/Makefile @@ -36,6 +36,7 @@ obj-$(CONFIG_RCAR_REMOTEPROC) += rcar_rproc.o obj-$(CONFIG_ST_REMOTEPROC) += st_remoteproc.o obj-$(CONFIG_ST_SLIM_REMOTEPROC) += st_slim_rproc.o obj-$(CONFIG_STM32_RPROC) += stm32_rproc.o +obj-$(CONFIG_TEE_REMOTEPROC) += tee_remoteproc.o obj-$(CONFIG_TI_K3_DSP_REMOTEPROC) += ti_k3_dsp_remoteproc.o obj-$(CONFIG_TI_K3_R5_REMOTEPROC) += ti_k3_r5_remoteproc.o obj-$(CONFIG_XLNX_R5_REMOTEPROC) += xlnx_r5_remoteproc.o diff --git a/drivers/remoteproc/tee_remoteproc.c b/drivers/remoteproc/tee_remoteproc.c new file mode 100644 index 000000000000..d089087eb1f6 --- /dev/null +++ b/drivers/remoteproc/tee_remoteproc.c @@ -0,0 +1,393 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * Copyright (C) STMicroelectronics 2023 - All Rights Reserved + * Author: Arnaud Pouliquen + */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include "remoteproc_internal.h" + +#define MAX_TEE_PARAM_ARRY_MEMBER 4 + +/* + * Authentication of the firmware and load in the remote processor memory + * + * [in] params[0].value.a: unique 32bit identifier of the remote processor + * [in] params[1].memref: buffer containing the image of the buffer + */ +#define TA_RPROC_FW_CMD_LOAD_FW 1 + +/* + * Start the remote processor + * + * [in] params[0].value.a: unique 32bit identifier of the remote processor + */ +#define TA_RPROC_FW_CMD_START_FW 2 + +/* + * Stop the remote processor + * + * [in] params[0].value.a: unique 32bit identifier of the remote processor + */ +#define TA_RPROC_FW_CMD_STOP_FW 3 + +/* + * Return the address of the resource table, or 0 if not found + * No check is done to verify that the address returned is accessible by + * the non secure context. If the resource table is loaded in a protected + * memory the access by the non secure context will lead to a data abort. + * + * [in] params[0].value.a: unique 32bit identifier of the remote processor + * [out] params[1].value.a: 32bit LSB resource table memory address + * [out] params[1].value.b: 32bit MSB resource table memory address + * [out] params[2].value.a: 32bit LSB resource table memory size + * [out] params[2].value.b: 32bit MSB resource table memory size + */ +#define TA_RPROC_FW_CMD_GET_RSC_TABLE 4 + +/* + * Return the address of the core dump + * + * [in] params[0].value.a: unique 32bit identifier of the remote processor + * [out] params[1].memref: address of the core dump image if exist, + * else return Null + */ +#define TA_RPROC_FW_CMD_GET_COREDUMP 5 + +struct tee_rproc_mem { + char name[20]; + void __iomem *cpu_addr; + phys_addr_t bus_addr; + u32 dev_addr; + size_t size; +}; + +struct tee_rproc_context { + struct list_head sessions; + struct tee_context *tee_ctx; + struct device *dev; +}; + +struct tee_rproc_context *tee_rproc_ctx; + +static void prepare_args(struct tee_rproc *trproc, int cmd, struct tee_ioctl_invoke_arg *arg, + struct tee_param *param, unsigned int num_params) +{ + memset(arg, 0, sizeof(*arg)); + memset(param, 0, MAX_TEE_PARAM_ARRY_MEMBER * sizeof(*param)); + + arg->func = cmd; + arg->session = trproc->session_id; + arg->num_params = num_params + 1; + + param[0] = (struct tee_param) { + .attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT, + .u.value.a = trproc->rproc_id, + }; +} + +int tee_rproc_load_fw(struct tee_rproc *trproc, const struct firmware *fw) +{ + struct tee_ioctl_invoke_arg arg; + struct tee_param param[MAX_TEE_PARAM_ARRY_MEMBER]; + struct tee_shm *fw_shm; + int ret; + + fw_shm = tee_shm_register_kernel_buf(tee_rproc_ctx->tee_ctx, (void *)fw->data, fw->size); + if (IS_ERR(fw_shm)) + return PTR_ERR(fw_shm); + + prepare_args(trproc, TA_RPROC_FW_CMD_LOAD_FW, &arg, param, 1); + + /* Provide the address of the firmware image */ + param[1] = (struct tee_param) { + .attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INPUT, + .u.memref = { + .shm = fw_shm, + .size = fw->size, + .shm_offs = 0, + }, + }; + + ret = tee_client_invoke_func(tee_rproc_ctx->tee_ctx, &arg, param); + if (ret < 0 || arg.ret != 0) { + dev_err(tee_rproc_ctx->dev, + "TA_RPROC_FW_CMD_LOAD_FW invoke failed TEE err: %x, ret:%x\n", + arg.ret, ret); + if (!ret) + ret = -EIO; + } + + tee_shm_free(fw_shm); + + return ret; +} +EXPORT_SYMBOL_GPL(tee_rproc_load_fw); + +int rproc_tee_get_rsc_table(struct tee_rproc *trproc) +{ + struct tee_ioctl_invoke_arg arg; + struct tee_param param[MAX_TEE_PARAM_ARRY_MEMBER]; + struct rproc *rproc = trproc->rproc; + size_t rsc_size; + int ret; + + prepare_args(trproc, TA_RPROC_FW_CMD_GET_RSC_TABLE, &arg, param, 2); + + param[1].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_OUTPUT; + param[2].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_OUTPUT; + + ret = tee_client_invoke_func(tee_rproc_ctx->tee_ctx, &arg, param); + if (ret < 0 || arg.ret != 0) { + dev_err(tee_rproc_ctx->dev, + "TA_RPROC_FW_CMD_GET_RSC_TABLE invoke failed TEE err: %x, ret:%x\n", + arg.ret, ret); + return -EIO; + } + + rsc_size = param[2].u.value.a; + + /* If the size is null no resource table defined in the image */ + if (!rsc_size) + return 0; + + /* Store the resource table address that would be updated by the remote core . */ + trproc->rsc_va = ioremap_wc(param[1].u.value.a, rsc_size); + if (IS_ERR_OR_NULL(trproc->rsc_va)) { + dev_err(tee_rproc_ctx->dev, "Unable to map memory region: %lld+%zx\n", + param[1].u.value.a, rsc_size); + trproc->rsc_va = NULL; + return -ENOMEM; + } + + /* + * A cached table is requested as the physical address is not mapped yet + * but remoteproc needs to parse the table for resources. + */ + rproc->cached_table = kmemdup(trproc->rsc_va, rsc_size, GFP_KERNEL); + if (!rproc->cached_table) + return -ENOMEM; + + rproc->table_ptr = rproc->cached_table; + rproc->table_sz = rsc_size; + + return 0; +} +EXPORT_SYMBOL_GPL(rproc_tee_get_rsc_table); + +struct resource_table *tee_rproc_get_loaded_rsc_table(struct tee_rproc *trproc) +{ + return (struct resource_table *)trproc->rsc_va; +} +EXPORT_SYMBOL_GPL(tee_rproc_get_loaded_rsc_table); + +int tee_rproc_start(struct tee_rproc *trproc) +{ + struct tee_ioctl_invoke_arg arg; + struct tee_param param[MAX_TEE_PARAM_ARRY_MEMBER]; + int ret; + + prepare_args(trproc, TA_RPROC_FW_CMD_START_FW, &arg, param, 0); + + ret = tee_client_invoke_func(tee_rproc_ctx->tee_ctx, &arg, param); + if (ret < 0 || arg.ret != 0) { + dev_err(tee_rproc_ctx->dev, + "TA_RPROC_FW_CMD_START_FW invoke failed TEE err: %x, ret:%x\n", + arg.ret, ret); + if (!ret) + ret = -EIO; + } + + return ret; +} +EXPORT_SYMBOL_GPL(tee_rproc_start); + +int tee_rproc_stop(struct tee_rproc *trproc) +{ + struct tee_ioctl_invoke_arg arg; + struct tee_param param[MAX_TEE_PARAM_ARRY_MEMBER]; + int ret; + + prepare_args(trproc, TA_RPROC_FW_CMD_STOP_FW, &arg, param, 0); + + ret = tee_client_invoke_func(tee_rproc_ctx->tee_ctx, &arg, param); + if (ret < 0 || arg.ret != 0) { + dev_err(tee_rproc_ctx->dev, + "TA_RPROC_FW_CMD_STOP_FW invoke failed TEE err: %x, ret:%x\n", + arg.ret, ret); + if (!ret) + ret = -EIO; + } + if (trproc->rsc_va) + iounmap(trproc->rsc_va); + trproc->rsc_va = NULL; + + return ret; +} +EXPORT_SYMBOL_GPL(tee_rproc_stop); + +static const struct tee_client_device_id stm32_tee_rproc_id_table[] = { + {UUID_INIT(0x80a4c275, 0x0a47, 0x4905, + 0x82, 0x85, 0x14, 0x86, 0xa9, 0x77, 0x1a, 0x08)}, + {} +}; + +struct tee_rproc *tee_rproc_register(struct device *dev, unsigned int rproc_id) +{ + struct tee_client_device *rproc_tee_device; + struct tee_ioctl_open_session_arg sess_arg; + struct tee_param param[MAX_TEE_PARAM_ARRY_MEMBER]; + struct tee_rproc *trproc; + int ret; + + /* + * The device is not probed by the TEE bus. We ignore the reason (bus could be not yet + * probed or service not available in the secure firmware) + * Assumption here is that the TEE bus is not probed. + */ + if (!tee_rproc_ctx) + return ERR_PTR(-EPROBE_DEFER); + + trproc = devm_kzalloc(dev, sizeof(*trproc), GFP_KERNEL); + if (!trproc) + return ERR_PTR(-ENOMEM); + + rproc_tee_device = to_tee_client_device(tee_rproc_ctx->dev); + memset(&sess_arg, 0, sizeof(sess_arg)); + + /* Open session with rproc_tee load the OP-TEE Trusted Application */ + memcpy(sess_arg.uuid, rproc_tee_device->id.uuid.b, TEE_IOCTL_UUID_LEN); + + sess_arg.clnt_login = TEE_IOCTL_LOGIN_REE_KERNEL; + sess_arg.num_params = 1; + + param[0] = (struct tee_param) { + .attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT, + .u.value.a = rproc_id, + }; + + ret = tee_client_open_session(tee_rproc_ctx->tee_ctx, &sess_arg, param); + if (ret < 0 || sess_arg.ret != 0) { + dev_err(dev, "tee_client_open_session failed, err: %x\n", sess_arg.ret); + return ERR_PTR(-EINVAL); + } + + trproc->parent = dev; + trproc->rproc_id = rproc_id; + trproc->session_id = sess_arg.session; + + list_add_tail(&trproc->node, &tee_rproc_ctx->sessions); + + return trproc; +} +EXPORT_SYMBOL_GPL(tee_rproc_register); + +int tee_rproc_unregister(struct tee_rproc *trproc) +{ + int ret; + + if (!tee_rproc_ctx) + return -ENODEV; + + ret = tee_client_close_session(tee_rproc_ctx->tee_ctx, trproc->session_id); + if (ret < 0) + dev_err(trproc->parent, "tee_client_close_session failed, err: %x\n", ret); + + list_del(&trproc->node); + + return ret; +} +EXPORT_SYMBOL_GPL(tee_rproc_unregister); + +static int tee_ctx_match(struct tee_ioctl_version_data *ver, const void *data) +{ + /* Today we support only the OP-TEE, could be extend to other tees */ + return (ver->impl_id == TEE_IMPL_ID_OPTEE); +} + +static int tee_rproc_probe(struct device *dev) +{ + struct tee_context *tee_ctx; + int ret; + + /* Only one RPROC OP-TEE device allowed */ + if (tee_rproc_ctx) { + dev_err(dev, "An RPROC OP-TEE device was already initialized: only one allowed\n"); + return -EBUSY; + } + + /* Open context with TEE driver */ + tee_ctx = tee_client_open_context(NULL, tee_ctx_match, NULL, NULL); + if (IS_ERR(tee_ctx)) + return PTR_ERR(tee_ctx); + + tee_rproc_ctx = devm_kzalloc(dev, sizeof(*tee_ctx), GFP_KERNEL); + if (!tee_ctx) { + ret = -ENOMEM; + goto err; + } + + tee_rproc_ctx->dev = dev; + tee_rproc_ctx->tee_ctx = tee_ctx; + INIT_LIST_HEAD(&tee_rproc_ctx->sessions); + + return 0; +err: + tee_client_close_context(tee_ctx); + + return ret; +} + +static int tee_rproc_remove(struct device *dev) +{ + struct tee_rproc *entry, *tmp; + + list_for_each_entry_safe(entry, tmp, &tee_rproc_ctx->sessions, node) { + tee_client_close_session(tee_rproc_ctx->tee_ctx, entry->session_id); + list_del(&entry->node); + kfree(entry); + } + + tee_client_close_context(tee_rproc_ctx->tee_ctx); + + return 0; +} + +MODULE_DEVICE_TABLE(tee, stm32_tee_rproc_id_table); + +static struct tee_client_driver tee_rproc_fw_driver = { + .id_table = stm32_tee_rproc_id_table, + .driver = { + .name = KBUILD_MODNAME, + .bus = &tee_bus_type, + .probe = tee_rproc_probe, + .remove = tee_rproc_remove, + }, +}; + +static int __init tee_rproc_fw_mod_init(void) +{ + return driver_register(&tee_rproc_fw_driver.driver); +} + +static void __exit tee_rproc_fw_mod_exit(void) +{ + driver_unregister(&tee_rproc_fw_driver.driver); +} + +module_init(tee_rproc_fw_mod_init); +module_exit(tee_rproc_fw_mod_exit); + +MODULE_DESCRIPTION(" TEE remote processor control driver"); +MODULE_LICENSE("GPL"); diff --git a/include/linux/tee_remoteproc.h b/include/linux/tee_remoteproc.h new file mode 100644 index 000000000000..0e11e5b8b524 --- /dev/null +++ b/include/linux/tee_remoteproc.h @@ -0,0 +1,99 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ +/* + * Copyright(c) 2023 STMicroelectronics - All Rights Reserved + */ + +#ifndef TEE_REMOTEPROC_H +#define TEE_REMOTEPROC_H + +#include +#include + +/** + * struct tee_rproc - TEE remoteproc structure + * @node: Reference in list + * @rproc: Remoteproc reference + * @parent: Parent device + * @rproc_id: Identifier of the target firmware + * @session_id: TEE session identifier + * @rsc_va: Resource table virtual address. + */ +struct tee_rproc { + struct list_head node; + struct rproc *rproc; + struct device *parent; + u32 rproc_id; + u32 session_id; + void *rsc_va; +}; + +#if IS_ENABLED(CONFIG_TEE_REMOTEPROC) + +struct tee_rproc *tee_rproc_register(struct device *dev, unsigned int rproc_id); +int tee_rproc_unregister(struct tee_rproc *trproc); + +int tee_rproc_load_fw(struct tee_rproc *trproc, const struct firmware *fw); +int rproc_tee_get_rsc_table(struct tee_rproc *trproc); +struct resource_table *tee_rproc_get_loaded_rsc_table(struct tee_rproc *trproc); +int tee_rproc_start(struct tee_rproc *trproc); +int tee_rproc_stop(struct tee_rproc *trproc); + +#else + +static inline struct tee_rproc *tee_rproc_register(struct device *dev, unsigned int rproc_id) +{ + return ERR_PTR(-ENODEV); +} + +static inline int tee_rproc_unregister(struct tee_rproc *trproc) +{ + /* This shouldn't be possible */ + WARN_ON(1); + + return 0; +} + +static inline int tee_rproc_load_fw(struct tee_rproc *trproc, + const struct firmware *fw) +{ + /* This shouldn't be possible */ + WARN_ON(1); + + return 0; +} + +static inline int tee_rproc_start(struct tee_rproc *trproc) +{ + /* This shouldn't be possible */ + WARN_ON(1); + + return 0; +} + +static inline int tee_rproc_stop(struct tee_rproc *trproc) +{ + /* This shouldn't be possible */ + WARN_ON(1); + + return 0; +} + +static inline int rproc_tee_get_rsc_table(struct tee_rproc *trproc) +{ + /* This shouldn't be possible */ + WARN_ON(1); + + return 0; +} + +static inline struct resource_table * + tee_rproc_get_loaded_rsc_table(struct tee_rproc *trproc) +{ + /* This shouldn't be possible */ + WARN_ON(1); + + return NULL; +} + +#endif /* CONFIG_TEE_REMOTEPROC */ +#endif /* TEE_REMOTEPROC_H */ From patchwork Mon Jan 15 13:52:47 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arnaud POULIQUEN X-Patchwork-Id: 763451 Received: from mx07-00178001.pphosted.com (mx08-00178001.pphosted.com [91.207.212.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B769817543; Mon, 15 Jan 2024 13:54:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=foss.st.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=foss.st.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=foss.st.com header.i=@foss.st.com header.b="1iVouvkt" Received: from pps.filterd (m0046660.ppops.net [127.0.0.1]) by mx07-00178001.pphosted.com (8.17.1.24/8.17.1.24) with ESMTP id 40FDQbYZ022593; Mon, 15 Jan 2024 14:53:59 +0100 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=foss.st.com; h= from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding:content-type; s= selector1; bh=sxQobYGUiCH3u40trshtn0GkDMW94xPV+Pu/7IQRPbM=; b=1i VouvktE8O1Jap+NVWRSLMClxDqeqrMGNQw3t6I4SmPk1oaLDSvLuMGKK98GzjfeO F6HFF1cOypBfkIhSW14qq6p6BUkxSBMQY8jXLZF2HtTjf7NPysJoIkmBcSfwmqFn E0KdM+M8XQNG3mHCXteB8DuddIvNH0tQXEBP0pxys38cjk9LnN37jn2cwtIFWnBR o5ucVKuAdvADFW63sLR3hfYsj/dGklo3plo6Z0i8RkUhs951nxbkfeQ2B26vi0Vf 5O6Wp9XCkLx6dSEVtV2J2SN7wiAt40VsT5g3hwMHECMVduv/gR/SM+m32a2UChck wyICAUDCvQn69SRdPpmA== Received: from beta.dmz-eu.st.com (beta.dmz-eu.st.com [164.129.1.35]) by mx07-00178001.pphosted.com (PPS) with ESMTPS id 3vkmbh0se3-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 15 Jan 2024 14:53:59 +0100 (CET) Received: from euls16034.sgp.st.com (euls16034.sgp.st.com [10.75.44.20]) by beta.dmz-eu.st.com (STMicroelectronics) with ESMTP id 13E68100058; Mon, 15 Jan 2024 14:53:59 +0100 (CET) Received: from Webmail-eu.st.com (shfdag1node2.st.com [10.75.129.70]) by euls16034.sgp.st.com (STMicroelectronics) with ESMTP id 0B95228EF81; Mon, 15 Jan 2024 14:53:59 +0100 (CET) Received: from localhost (10.201.20.75) by SHFDAG1NODE2.st.com (10.75.129.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 15 Jan 2024 14:53:58 +0100 From: Arnaud Pouliquen To: Bjorn Andersson , Mathieu Poirier , Jens Wiklander , Rob Herring , Krzysztof Kozlowski , Conor Dooley CC: , , , , , , Arnaud Pouliquen Subject: [PATCH 2/4] dt-bindings: remoteproc: add compatibility for TEE support Date: Mon, 15 Jan 2024 14:52:47 +0100 Message-ID: <20240115135249.296822-3-arnaud.pouliquen@foss.st.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240115135249.296822-1-arnaud.pouliquen@foss.st.com> References: <20240115135249.296822-1-arnaud.pouliquen@foss.st.com> Precedence: bulk X-Mailing-List: devicetree@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: EQNCAS1NODE3.st.com (10.75.129.80) To SHFDAG1NODE2.st.com (10.75.129.70) X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-01-05_08,2024-01-05_01,2023-05-22_02 The "st,stm32mp1-m4-tee" compatible is utilized in a system configuration where the Cortex-M4 firmware is loaded by the Trusted execution Environment (TEE). This compatible is used in both the Linux and OP-TEE device-tree. - In OP-TEE, a node is defined in the device tree with the st,stm32mp1-m4-tee to support signed remoteproc firmware. Based on DT properties, OP-TEE authenticates, loads, starts, and stops the firmware. - On Linux, when the compatibility is set, the Cortex-M resets should not be declared in the device tree. Signed-off-by: Arnaud Pouliquen --- .../bindings/remoteproc/st,stm32-rproc.yaml | 53 +++++++++++++++---- 1 file changed, 44 insertions(+), 9 deletions(-) diff --git a/Documentation/devicetree/bindings/remoteproc/st,stm32-rproc.yaml b/Documentation/devicetree/bindings/remoteproc/st,stm32-rproc.yaml index 370af61d8f28..9fdfa30eff20 100644 --- a/Documentation/devicetree/bindings/remoteproc/st,stm32-rproc.yaml +++ b/Documentation/devicetree/bindings/remoteproc/st,stm32-rproc.yaml @@ -16,7 +16,12 @@ maintainers: properties: compatible: - const: st,stm32mp1-m4 + enum: + - st,stm32mp1-m4 + - st,stm32mp1-m4-tee + description: + Use "st,stm32mp1-m4" for the Cortex-M4 coprocessor management by Linux + Use "st,stm32mp1-m4-tee" for the Cortex-M4 coprocessor management by secure context reg: description: @@ -142,21 +147,41 @@ properties: required: - compatible - reg - - resets allOf: - if: properties: - reset-names: - not: - contains: - const: hold_boot + compatible: + contains: + const: st,stm32mp1-m4 + then: + if: + properties: + reset-names: + not: + contains: + const: hold_boot + then: + required: + - st,syscfg-holdboot + - resets + else: + properties: + st,syscfg-holdboot: false + required: + - reset-names + - resets + + - if: + properties: + compatible: + contains: + const: st,stm32mp1-m4-tee then: - required: - - st,syscfg-holdboot - else: properties: st,syscfg-holdboot: false + reset-names: false + resets: false additionalProperties: false @@ -188,5 +213,15 @@ examples: st,syscfg-rsc-tbl = <&tamp 0x144 0xFFFFFFFF>; st,syscfg-m4-state = <&tamp 0x148 0xFFFFFFFF>; }; + - | + #include + m4@10000000 { + compatible = "st,stm32mp1-m4-tee"; + reg = <0x10000000 0x40000>, + <0x30000000 0x40000>, + <0x38000000 0x10000>; + st,syscfg-rsc-tbl = <&tamp 0x144 0xFFFFFFFF>; + st,syscfg-m4-state = <&tamp 0x148 0xFFFFFFFF>; + }; ... From patchwork Mon Jan 15 13:52:48 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arnaud POULIQUEN X-Patchwork-Id: 763450 Received: from mx07-00178001.pphosted.com (mx07-00178001.pphosted.com [185.132.182.106]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D4DCC1754F; Mon, 15 Jan 2024 13:54:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=foss.st.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=foss.st.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=foss.st.com header.i=@foss.st.com header.b="D9FrRzYm" Received: from pps.filterd (m0288072.ppops.net [127.0.0.1]) by mx07-00178001.pphosted.com (8.17.1.24/8.17.1.24) with ESMTP id 40FD9OnB009290; Mon, 15 Jan 2024 14:54:02 +0100 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=foss.st.com; h= from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding:content-type; s= selector1; bh=JgTqkog598RbC204zCHUiytINQsebXi6rfWzdONWWfk=; b=D9 FrRzYm0JDUdFDfvftiNJO8KroHy7qrDoBca/+lhkZQYV/aCzOkZUk6iDM5KiTPrY KHBUgNTw7zE02ms0shdVytXy8mHfz37hpqI5OMsXkvBn0WXGuJdqPfYfgjP+fEuZ 7apOftYeq7pCRBhkoMU1d+V8Bdlp/1eX9gCk3IRGFbk0e5o5RMOGkX5ut0x1sPPh i7+BbPUwwsyT3vKWer5FPXoOPGXi9vDul0xrnY+gVIPxzsKmOeqSgknsTE0scpjW 8OvBEJFN4AJmGnJ3WC+AQ8KfTWrxjFKknpnZTgVqVH2feTU5hGZHmnkbyC0C+f8M RymqkLaH2HbSoI0qxqFA== Received: from beta.dmz-eu.st.com (beta.dmz-eu.st.com [164.129.1.35]) by mx07-00178001.pphosted.com (PPS) with ESMTPS id 3vkmfy8xer-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 15 Jan 2024 14:54:02 +0100 (CET) Received: from euls16034.sgp.st.com (euls16034.sgp.st.com [10.75.44.20]) by beta.dmz-eu.st.com (STMicroelectronics) with ESMTP id E7680100057; Mon, 15 Jan 2024 14:54:01 +0100 (CET) Received: from Webmail-eu.st.com (shfdag1node2.st.com [10.75.129.70]) by euls16034.sgp.st.com (STMicroelectronics) with ESMTP id DC90228EF7F; Mon, 15 Jan 2024 14:54:01 +0100 (CET) Received: from localhost (10.201.20.75) by SHFDAG1NODE2.st.com (10.75.129.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 15 Jan 2024 14:53:58 +0100 From: Arnaud Pouliquen To: Bjorn Andersson , Mathieu Poirier , Jens Wiklander , Rob Herring , Krzysztof Kozlowski , Conor Dooley CC: , , , , , , Arnaud Pouliquen Subject: [PATCH 3/4] remoteproc: stm32: create sub-functions to request shutdown and release Date: Mon, 15 Jan 2024 14:52:48 +0100 Message-ID: <20240115135249.296822-4-arnaud.pouliquen@foss.st.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240115135249.296822-1-arnaud.pouliquen@foss.st.com> References: <20240115135249.296822-1-arnaud.pouliquen@foss.st.com> Precedence: bulk X-Mailing-List: devicetree@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: EQNCAS1NODE3.st.com (10.75.129.80) To SHFDAG1NODE2.st.com (10.75.129.70) X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-01-05_08,2024-01-05_01,2023-05-22_02 To prepare for the support of TEE remoteproc, create sub-functions that can be used in both cases, with and without TEE support. Signed-off-by: Arnaud Pouliquen --- drivers/remoteproc/stm32_rproc.c | 84 +++++++++++++++++++------------- 1 file changed, 51 insertions(+), 33 deletions(-) diff --git a/drivers/remoteproc/stm32_rproc.c b/drivers/remoteproc/stm32_rproc.c index 4f469f0bcf8b..fcc0001e2657 100644 --- a/drivers/remoteproc/stm32_rproc.c +++ b/drivers/remoteproc/stm32_rproc.c @@ -209,6 +209,54 @@ static int stm32_rproc_mbox_idx(struct rproc *rproc, const unsigned char *name) return -EINVAL; } +static void stm32_rproc_request_shutdown(struct rproc *rproc) +{ + struct stm32_rproc *ddata = rproc->priv; + int err, dummy_data, idx; + + /* Request shutdown of the remote processor */ + if (rproc->state != RPROC_OFFLINE && rproc->state != RPROC_CRASHED) { + idx = stm32_rproc_mbox_idx(rproc, STM32_MBX_SHUTDOWN); + if (idx >= 0 && ddata->mb[idx].chan) { + /* A dummy data is sent to allow to block on transmit. */ + err = mbox_send_message(ddata->mb[idx].chan, + &dummy_data); + if (err < 0) + dev_warn(&rproc->dev, "warning: remote FW shutdown without ack\n"); + } + } +} + +static int stm32_rproc_release(struct rproc *rproc) +{ + struct stm32_rproc *ddata = rproc->priv; + unsigned int err = 0; + + /* To allow platform Standby power mode, set remote proc Deep Sleep. */ + if (ddata->pdds.map) { + err = regmap_update_bits(ddata->pdds.map, ddata->pdds.reg, + ddata->pdds.mask, 1); + if (err) { + dev_err(&rproc->dev, "failed to set pdds\n"); + return err; + } + } + + /* Update coprocessor state to OFF if available. */ + if (ddata->m4_state.map) { + err = regmap_update_bits(ddata->m4_state.map, + ddata->m4_state.reg, + ddata->m4_state.mask, + M4_STATE_OFF); + if (err) { + dev_err(&rproc->dev, "failed to set copro state\n"); + return err; + } + } + + return err; +} + static int stm32_rproc_prepare(struct rproc *rproc) { struct device *dev = rproc->dev.parent; @@ -519,17 +567,9 @@ static int stm32_rproc_detach(struct rproc *rproc) static int stm32_rproc_stop(struct rproc *rproc) { struct stm32_rproc *ddata = rproc->priv; - int err, idx; + int err; - /* request shutdown of the remote processor */ - if (rproc->state != RPROC_OFFLINE && rproc->state != RPROC_CRASHED) { - idx = stm32_rproc_mbox_idx(rproc, STM32_MBX_SHUTDOWN); - if (idx >= 0 && ddata->mb[idx].chan) { - err = mbox_send_message(ddata->mb[idx].chan, "detach"); - if (err < 0) - dev_warn(&rproc->dev, "warning: remote FW shutdown without ack\n"); - } - } + stm32_rproc_request_shutdown(rproc); err = stm32_rproc_set_hold_boot(rproc, true); if (err) @@ -541,29 +581,7 @@ static int stm32_rproc_stop(struct rproc *rproc) return err; } - /* to allow platform Standby power mode, set remote proc Deep Sleep */ - if (ddata->pdds.map) { - err = regmap_update_bits(ddata->pdds.map, ddata->pdds.reg, - ddata->pdds.mask, 1); - if (err) { - dev_err(&rproc->dev, "failed to set pdds\n"); - return err; - } - } - - /* update coprocessor state to OFF if available */ - if (ddata->m4_state.map) { - err = regmap_update_bits(ddata->m4_state.map, - ddata->m4_state.reg, - ddata->m4_state.mask, - M4_STATE_OFF); - if (err) { - dev_err(&rproc->dev, "failed to set copro state\n"); - return err; - } - } - - return 0; + return stm32_rproc_release(rproc); } static void stm32_rproc_kick(struct rproc *rproc, int vqid) From patchwork Mon Jan 15 13:52:49 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arnaud POULIQUEN X-Patchwork-Id: 762809 Received: from mx08-00178001.pphosted.com (mx08-00178001.pphosted.com [91.207.212.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7150B17547; Mon, 15 Jan 2024 13:54:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=foss.st.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=foss.st.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=foss.st.com header.i=@foss.st.com header.b="Zm8yQleP" Received: from pps.filterd (m0369457.ppops.net [127.0.0.1]) by mx07-00178001.pphosted.com (8.17.1.24/8.17.1.24) with ESMTP id 40FDrut4016506; Mon, 15 Jan 2024 14:54:01 +0100 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=foss.st.com; h= from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding:content-type; s= selector1; bh=0PSMMS3Epy211SgFxqxEWr8MrpTb+Oy9K28Jyjmop1g=; b=Zm 8yQleP7o/+NMgtYtF8h0wc3z3PADD3L/6SIkmS+ZXYkG4Z5wpn1zeLC5V+cnEOWx SM1/bwm2G8yUjdmsJyR7K4BTd+QulWGo75umuaZK1fL3YI8d8HI57CdvtzXCGyfp jwpjYQEWiO7N19a5sR0H/IahKXlxLm+8WX0OWW+TiD6UbJSHiU3q+zhl+YBA/p6S 0hOQpKi1RqmGUtQZ3n06fU58jf6qyAnusODhg8RVBxGqc7IZb3UQAJ3TUPIrnAEv e8iUoBwsQNF/8weETHp2YGoJ8vIf3UrEMjwh15ua/0fgQ+OKrtiAQQclVUERBG9y YpB4LlSimmTOId5CaLyg== Received: from beta.dmz-eu.st.com (beta.dmz-eu.st.com [164.129.1.35]) by mx07-00178001.pphosted.com (PPS) with ESMTPS id 3vm6bnx8mn-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 15 Jan 2024 14:54:01 +0100 (CET) Received: from euls16034.sgp.st.com (euls16034.sgp.st.com [10.75.44.20]) by beta.dmz-eu.st.com (STMicroelectronics) with ESMTP id BC455100058; Mon, 15 Jan 2024 14:54:00 +0100 (CET) Received: from Webmail-eu.st.com (shfdag1node2.st.com [10.75.129.70]) by euls16034.sgp.st.com (STMicroelectronics) with ESMTP id B136828EF7F; Mon, 15 Jan 2024 14:54:00 +0100 (CET) Received: from localhost (10.201.20.75) by SHFDAG1NODE2.st.com (10.75.129.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.27; Mon, 15 Jan 2024 14:53:59 +0100 From: Arnaud Pouliquen To: Bjorn Andersson , Mathieu Poirier , Jens Wiklander , Rob Herring , Krzysztof Kozlowski , Conor Dooley CC: , , , , , , Arnaud Pouliquen Subject: [PATCH 4/4] remoteproc: stm32: Add support of an OP-TEE TA to load the firmware Date: Mon, 15 Jan 2024 14:52:49 +0100 Message-ID: <20240115135249.296822-5-arnaud.pouliquen@foss.st.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20240115135249.296822-1-arnaud.pouliquen@foss.st.com> References: <20240115135249.296822-1-arnaud.pouliquen@foss.st.com> Precedence: bulk X-Mailing-List: devicetree@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: EQNCAS1NODE3.st.com (10.75.129.80) To SHFDAG1NODE2.st.com (10.75.129.70) X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26 definitions=2024-01-05_08,2024-01-05_01,2023-05-22_02 The new TEE remoteproc device is used to manage remote firmware in a secure, trusted context. The 'st,stm32mp1-m4-tee' compatibility is introduced to delegate the loading of the firmware to the trusted execution context. In such cases, the firmware should be signed and adhere to the image format defined by the TEE. Signed-off-by: Arnaud Pouliquen --- drivers/remoteproc/Kconfig | 3 +- drivers/remoteproc/stm32_rproc.c | 149 +++++++++++++++++++++++++++++-- 2 files changed, 146 insertions(+), 6 deletions(-) diff --git a/drivers/remoteproc/Kconfig b/drivers/remoteproc/Kconfig index 85299606806c..e5bb675b5fc5 100644 --- a/drivers/remoteproc/Kconfig +++ b/drivers/remoteproc/Kconfig @@ -316,6 +316,7 @@ config STM32_RPROC depends on ARCH_STM32 || COMPILE_TEST depends on REMOTEPROC select MAILBOX + select TEE_REMOTEPROC help Say y here to support STM32 MCU processors via the remote processor framework. @@ -367,7 +368,7 @@ config XLNX_R5_REMOTEPROC config TEE_REMOTEPROC - tristate "trusted firmware support by a TEE application" + tristate "trusted firmware support by a trusted application" depends on OPTEE help Support for trusted remote processors firmware. The firmware diff --git a/drivers/remoteproc/stm32_rproc.c b/drivers/remoteproc/stm32_rproc.c index fcc0001e2657..16dcf36ceeb6 100644 --- a/drivers/remoteproc/stm32_rproc.c +++ b/drivers/remoteproc/stm32_rproc.c @@ -20,6 +20,7 @@ #include #include #include +#include #include #include "remoteproc_internal.h" @@ -49,6 +50,9 @@ #define M4_STATE_STANDBY 4 #define M4_STATE_CRASH 5 +/* Remote processor unique identifier aligned with the Trusted Execution Environment definitions */ +#define STM32_MP1_M4_PROC_ID 0 + struct stm32_syscon { struct regmap *map; u32 reg; @@ -90,6 +94,8 @@ struct stm32_rproc { struct stm32_mbox mb[MBOX_NB_MBX]; struct workqueue_struct *workqueue; bool hold_boot_smc; + bool fw_loaded; + struct tee_rproc *trproc; void __iomem *rsc_va; }; @@ -257,6 +263,91 @@ static int stm32_rproc_release(struct rproc *rproc) return err; } +static int stm32_rproc_tee_elf_sanity_check(struct rproc *rproc, + const struct firmware *fw) +{ + struct stm32_rproc *ddata = rproc->priv; + unsigned int ret = 0; + + if (rproc->state == RPROC_DETACHED) + return 0; + + ret = tee_rproc_load_fw(ddata->trproc, fw); + if (!ret) + ddata->fw_loaded = true; + + return ret; +} + +static int stm32_rproc_tee_elf_load(struct rproc *rproc, + const struct firmware *fw) +{ + struct stm32_rproc *ddata = rproc->priv; + unsigned int ret; + + /* + * This function can be called by remote proc for recovery + * without the sanity check. In this case we need to load the firmware + * else nothing done here as the firmware has been preloaded for the + * sanity check to be able to parse it for the resource table. + */ + if (ddata->fw_loaded) + return 0; + + ret = tee_rproc_load_fw(ddata->trproc, fw); + if (ret) + return ret; + ddata->fw_loaded = true; + + /* Update the resource table parameters. */ + if (rproc_tee_get_rsc_table(ddata->trproc)) { + /* No resource table: reset the related fields. */ + rproc->cached_table = NULL; + rproc->table_ptr = NULL; + rproc->table_sz = 0; + } + + return 0; +} + +static struct resource_table * +stm32_rproc_tee_elf_find_loaded_rsc_table(struct rproc *rproc, + const struct firmware *fw) +{ + struct stm32_rproc *ddata = rproc->priv; + + return tee_rproc_get_loaded_rsc_table(ddata->trproc); +} + +static int stm32_rproc_tee_start(struct rproc *rproc) +{ + struct stm32_rproc *ddata = rproc->priv; + + return tee_rproc_start(ddata->trproc); +} + +static int stm32_rproc_tee_attach(struct rproc *rproc) +{ + /* Nothing to do, remote proc already started by the secured context. */ + return 0; +} + +static int stm32_rproc_tee_stop(struct rproc *rproc) +{ + struct stm32_rproc *ddata = rproc->priv; + int err; + + stm32_rproc_request_shutdown(rproc); + + err = tee_rproc_stop(ddata->trproc); + if (err) + return err; + + ddata->fw_loaded = false; + + return stm32_rproc_release(rproc); +} + static int stm32_rproc_prepare(struct rproc *rproc) { struct device *dev = rproc->dev.parent; @@ -319,7 +410,14 @@ static int stm32_rproc_prepare(struct rproc *rproc) static int stm32_rproc_parse_fw(struct rproc *rproc, const struct firmware *fw) { - if (rproc_elf_load_rsc_table(rproc, fw)) + struct stm32_rproc *ddata = rproc->priv; + int ret; + + if (ddata->trproc) + ret = rproc_tee_get_rsc_table(ddata->trproc); + else + ret = rproc_elf_load_rsc_table(rproc, fw); + if (ret) dev_warn(&rproc->dev, "no resource table found for this firmware\n"); return 0; @@ -693,8 +791,22 @@ static const struct rproc_ops st_rproc_ops = { .get_boot_addr = rproc_elf_get_boot_addr, }; +static const struct rproc_ops st_rproc_tee_ops = { + .prepare = stm32_rproc_prepare, + .start = stm32_rproc_tee_start, + .stop = stm32_rproc_tee_stop, + .attach = stm32_rproc_tee_attach, + .kick = stm32_rproc_kick, + .parse_fw = stm32_rproc_parse_fw, + .find_loaded_rsc_table = stm32_rproc_tee_elf_find_loaded_rsc_table, + .get_loaded_rsc_table = stm32_rproc_get_loaded_rsc_table, + .sanity_check = stm32_rproc_tee_elf_sanity_check, + .load = stm32_rproc_tee_elf_load, +}; + static const struct of_device_id stm32_rproc_match[] = { - { .compatible = "st,stm32mp1-m4" }, + {.compatible = "st,stm32mp1-m4",}, + {.compatible = "st,stm32mp1-m4-tee",}, {}, }; MODULE_DEVICE_TABLE(of, stm32_rproc_match); @@ -853,6 +965,7 @@ static int stm32_rproc_probe(struct platform_device *pdev) struct device *dev = &pdev->dev; struct stm32_rproc *ddata; struct device_node *np = dev->of_node; + struct tee_rproc *trproc; struct rproc *rproc; unsigned int state; int ret; @@ -861,11 +974,31 @@ static int stm32_rproc_probe(struct platform_device *pdev) if (ret) return ret; - rproc = rproc_alloc(dev, np->name, &st_rproc_ops, NULL, sizeof(*ddata)); - if (!rproc) - return -ENOMEM; + if (of_device_is_compatible(np, "st,stm32mp1-m4-tee")) { + trproc = tee_rproc_register(dev, STM32_MP1_M4_PROC_ID); + if (IS_ERR(trproc)) { + dev_err_probe(dev, PTR_ERR(trproc), + "signed firmware not supported by TEE\n"); + return PTR_ERR(trproc); + } + /* + * Delegate the firmware management to the secure context. + * The firmware loaded has to be signed. + */ + dev_info(dev, "Support of signed firmware only\n"); + } + rproc = rproc_alloc(dev, np->name, + trproc ? &st_rproc_tee_ops : &st_rproc_ops, + NULL, sizeof(*ddata)); + if (!rproc) { + ret = -ENOMEM; + goto free_tee; + } ddata = rproc->priv; + ddata->trproc = trproc; + if (trproc) + trproc->rproc = rproc; rproc_coredump_set_elf_info(rproc, ELFCLASS32, EM_NONE); @@ -916,6 +1049,10 @@ static int stm32_rproc_probe(struct platform_device *pdev) device_init_wakeup(dev, false); } rproc_free(rproc); +free_tee: + if (trproc) + tee_rproc_unregister(trproc); + return ret; } @@ -937,6 +1074,8 @@ static void stm32_rproc_remove(struct platform_device *pdev) device_init_wakeup(dev, false); } rproc_free(rproc); + if (ddata->trproc) + tee_rproc_unregister(ddata->trproc); } static int stm32_rproc_suspend(struct device *dev)