summaryrefslogtreecommitdiff
path: root/include/linux/tee_core.h
diff options
context:
space:
mode:
Diffstat (limited to 'include/linux/tee_core.h')
-rw-r--r--include/linux/tee_core.h150
1 files changed, 135 insertions, 15 deletions
diff --git a/include/linux/tee_core.h b/include/linux/tee_core.h
index a38494d6b5f4..f993d5118edd 100644
--- a/include/linux/tee_core.h
+++ b/include/linux/tee_core.h
@@ -8,9 +8,11 @@
#include <linux/cdev.h>
#include <linux/device.h>
+#include <linux/dma-buf.h>
#include <linux/idr.h>
#include <linux/kref.h>
#include <linux/list.h>
+#include <linux/scatterlist.h>
#include <linux/tee.h>
#include <linux/tee_drv.h>
#include <linux/types.h>
@@ -26,10 +28,19 @@
#define TEE_SHM_USER_MAPPED BIT(1) /* Memory mapped in user space */
#define TEE_SHM_POOL BIT(2) /* Memory allocated from pool */
#define TEE_SHM_PRIV BIT(3) /* Memory private to TEE driver */
+#define TEE_SHM_DMA_BUF BIT(4) /* Memory with dma-buf handle */
+#define TEE_SHM_DMA_MEM BIT(5) /* Memory allocated with */
+ /* dma_alloc_pages() */
#define TEE_DEVICE_FLAG_REGISTERED 0x1
#define TEE_MAX_DEV_NAME_LEN 32
+enum tee_dma_heap_id {
+ TEE_DMA_HEAP_SECURE_VIDEO_PLAY = 1,
+ TEE_DMA_HEAP_TRUSTED_UI,
+ TEE_DMA_HEAP_SECURE_VIDEO_RECORD,
+};
+
/**
* struct tee_device - TEE Device representation
* @name: name of device
@@ -39,7 +50,7 @@
* @dev: embedded basic device structure
* @cdev: embedded cdev
* @num_users: number of active users of this device
- * @c_no_user: completion used when unregistering the device
+ * @c_no_users: completion used when unregistering the device
* @mutex: mutex protecting @num_users and @idr
* @idr: register of user space shared memory objects allocated or
* registered on this device
@@ -65,22 +76,36 @@ struct tee_device {
/**
* struct tee_driver_ops - driver operations vtable
* @get_version: returns version of driver
- * @open: called when the device file is opened
- * @release: release this open file
+ * @get_tee_revision: returns revision string (diagnostic only);
+ * do not infer feature support from this, use
+ * TEE_IOC_VERSION instead
+ * @open: called for a context when the device file is opened
+ * @close_context: called when the device file is closed
+ * @release: called to release the context
* @open_session: open a new session
* @close_session: close a session
* @system_session: declare session as a system session
* @invoke_func: invoke a trusted function
+ * @object_invoke_func: invoke a TEE object
* @cancel_req: request cancel of an ongoing invoke or open
* @supp_recv: called for supplicant to get a command
* @supp_send: called for supplicant to send a response
* @shm_register: register shared memory buffer in TEE
* @shm_unregister: unregister shared memory buffer in TEE
+ *
+ * The context given to @open might last longer than the device file if it is
+ * tied to other resources in the TEE driver. @close_context is called when the
+ * client closes the device file, even if there are existing references to the
+ * context. The TEE driver can use @close_context to start cleaning up.
*/
+
struct tee_driver_ops {
void (*get_version)(struct tee_device *teedev,
struct tee_ioctl_version_data *vers);
+ int (*get_tee_revision)(struct tee_device *teedev,
+ char *buf, size_t len);
int (*open)(struct tee_context *ctx);
+ void (*close_context)(struct tee_context *ctx);
void (*release)(struct tee_context *ctx);
int (*open_session)(struct tee_context *ctx,
struct tee_ioctl_open_session_arg *arg,
@@ -90,6 +115,9 @@ struct tee_driver_ops {
int (*invoke_func)(struct tee_context *ctx,
struct tee_ioctl_invoke_arg *arg,
struct tee_param *param);
+ int (*object_invoke_func)(struct tee_context *ctx,
+ struct tee_ioctl_object_invoke_arg *arg,
+ struct tee_param *param);
int (*cancel_req)(struct tee_context *ctx, u32 cancel_id, u32 session);
int (*supp_recv)(struct tee_context *ctx, u32 *func, u32 *num_params,
struct tee_param *param);
@@ -101,6 +129,10 @@ struct tee_driver_ops {
int (*shm_unregister)(struct tee_context *ctx, struct tee_shm *shm);
};
+/* Size for TEE revision string buffer used by get_tee_revision(). */
+#define TEE_REVISION_STR_SIZE 128
+
+#define TEE_DESC_PRIVILEGED 0x1
/**
* struct tee_desc - Describes the TEE driver to the subsystem
* @name: name of driver
@@ -108,7 +140,6 @@ struct tee_driver_ops {
* @owner: module providing the driver
* @flags: Extra properties of driver, defined by TEE_DESC_* below
*/
-#define TEE_DESC_PRIVILEGED 0x1
struct tee_desc {
const char *name;
const struct tee_driver_ops *ops;
@@ -117,6 +148,36 @@ struct tee_desc {
};
/**
+ * struct tee_protmem_pool - protected memory pool
+ * @ops: operations
+ *
+ * This is an abstract interface where this struct is expected to be
+ * embedded in another struct specific to the implementation.
+ */
+struct tee_protmem_pool {
+ const struct tee_protmem_pool_ops *ops;
+};
+
+/**
+ * struct tee_protmem_pool_ops - protected memory pool operations
+ * @alloc: called when allocating protected memory
+ * @free: called when freeing protected memory
+ * @update_shm: called when registering a dma-buf to update the @shm
+ * with physical address of the buffer or to return the
+ * @parent_shm of the memory pool
+ * @destroy_pool: called when destroying the pool
+ */
+struct tee_protmem_pool_ops {
+ int (*alloc)(struct tee_protmem_pool *pool, struct sg_table *sgt,
+ size_t size, size_t *offs);
+ void (*free)(struct tee_protmem_pool *pool, struct sg_table *sgt);
+ int (*update_shm)(struct tee_protmem_pool *pool, struct sg_table *sgt,
+ size_t offs, struct tee_shm *shm,
+ struct tee_shm **parent_shm);
+ void (*destroy_pool)(struct tee_protmem_pool *pool);
+};
+
+/**
* tee_device_alloc() - Allocate a new struct tee_device instance
* @teedesc: Descriptor for this driver
* @dev: Parent device for this device
@@ -126,7 +187,7 @@ struct tee_desc {
* Allocates a new struct tee_device instance. The device is
* removed by tee_device_unregister().
*
- * @returns a pointer to a 'struct tee_device' or an ERR_PTR on failure
+ * @returns: a pointer to a 'struct tee_device' or an ERR_PTR on failure
*/
struct tee_device *tee_device_alloc(const struct tee_desc *teedesc,
struct device *dev,
@@ -140,7 +201,7 @@ struct tee_device *tee_device_alloc(const struct tee_desc *teedesc,
* tee_device_unregister() need to be called to remove the @teedev if
* this function fails.
*
- * @returns < 0 on failure
+ * @returns: < 0 on failure
*/
int tee_device_register(struct tee_device *teedev);
@@ -154,6 +215,29 @@ int tee_device_register(struct tee_device *teedev);
*/
void tee_device_unregister(struct tee_device *teedev);
+int tee_device_register_dma_heap(struct tee_device *teedev,
+ enum tee_dma_heap_id id,
+ struct tee_protmem_pool *pool);
+void tee_device_put_all_dma_heaps(struct tee_device *teedev);
+
+/**
+ * tee_device_get() - Increment the user count for a tee_device
+ * @teedev: Pointer to the tee_device
+ *
+ * If tee_device_unregister() has been called and the final user of @teedev
+ * has already released the device, this function will fail to prevent new users
+ * from accessing the device during the unregistration process.
+ *
+ * Returns: true if @teedev remains valid, otherwise false
+ */
+bool tee_device_get(struct tee_device *teedev);
+
+/**
+ * tee_device_put() - Decrease the user count for a tee_device
+ * @teedev: pointer to the tee_device
+ */
+void tee_device_put(struct tee_device *teedev);
+
/**
* tee_device_set_dev_groups() - Set device attribute groups
* @teedev: Device to register
@@ -170,14 +254,14 @@ void tee_device_set_dev_groups(struct tee_device *teedev,
* tee_session_calc_client_uuid() - Calculates client UUID for session
* @uuid: Resulting UUID
* @connection_method: Connection method for session (TEE_IOCTL_LOGIN_*)
- * @connectuon_data: Connection data for opening session
+ * @connection_data: Connection data for opening session
*
* Based on connection method calculates UUIDv5 based client UUID.
*
* For group based logins verifies that calling process has specified
* credentials.
*
- * @return < 0 on failure
+ * @returns: < 0 on failure
*/
int tee_session_calc_client_uuid(uuid_t *uuid, u32 connection_method,
const u8 connection_data[TEE_IOCTL_UUID_LEN]);
@@ -211,7 +295,7 @@ struct tee_shm_pool_ops {
* @paddr: Physical address of start of pool
* @size: Size in bytes of the pool
*
- * @returns pointer to a 'struct tee_shm_pool' or an ERR_PTR on failure.
+ * @returns: pointer to a 'struct tee_shm_pool' or an ERR_PTR on failure.
*/
struct tee_shm_pool *tee_shm_pool_alloc_res_mem(unsigned long vaddr,
phys_addr_t paddr, size_t size,
@@ -230,8 +314,20 @@ static inline void tee_shm_pool_free(struct tee_shm_pool *pool)
}
/**
+ * tee_protmem_static_pool_alloc() - Create a protected memory manager
+ * @paddr: Physical address of start of pool
+ * @size: Size in bytes of the pool
+ *
+ * @returns: pointer to a 'struct tee_protmem_pool' or an ERR_PTR on failure.
+ */
+struct tee_protmem_pool *tee_protmem_static_pool_alloc(phys_addr_t paddr,
+ size_t size);
+
+/**
* tee_get_drvdata() - Return driver_data pointer
- * @returns the driver_data pointer supplied to tee_register().
+ * @teedev: Pointer to the tee_device
+ *
+ * @returns: the driver_data pointer supplied to tee_register().
*/
void *tee_get_drvdata(struct tee_device *teedev);
@@ -240,10 +336,13 @@ void *tee_get_drvdata(struct tee_device *teedev);
* TEE driver
* @ctx: The TEE context for shared memory allocation
* @size: Shared memory allocation size
- * @returns a pointer to 'struct tee_shm' on success or an ERR_PTR on failure
+ * @returns: a pointer to 'struct tee_shm' on success or an ERR_PTR on failure
*/
struct tee_shm *tee_shm_alloc_priv_buf(struct tee_context *ctx, size_t size);
+struct tee_shm *tee_shm_alloc_dma_mem(struct tee_context *ctx,
+ size_t page_count);
+
int tee_dyn_shm_alloc_helper(struct tee_shm *shm, size_t size, size_t align,
int (*shm_register)(struct tee_context *ctx,
struct tee_shm *shm,
@@ -257,7 +356,7 @@ void tee_dyn_shm_free_helper(struct tee_shm *shm,
/**
* tee_shm_is_dynamic() - Check if shared memory object is of the dynamic kind
* @shm: Shared memory handle
- * @returns true if object is dynamic shared memory
+ * @returns: true if object is dynamic shared memory
*/
static inline bool tee_shm_is_dynamic(struct tee_shm *shm)
{
@@ -273,7 +372,7 @@ void tee_shm_put(struct tee_shm *shm);
/**
* tee_shm_get_id() - Get id of a shared memory object
* @shm: Shared memory handle
- * @returns id
+ * @returns: id
*/
static inline int tee_shm_get_id(struct tee_shm *shm)
{
@@ -285,7 +384,7 @@ static inline int tee_shm_get_id(struct tee_shm *shm)
* count
* @ctx: Context owning the shared memory
* @id: Id of shared memory object
- * @returns a pointer to 'struct tee_shm' on success or an ERR_PTR on failure
+ * @returns: a pointer to 'struct tee_shm' on success or an ERR_PTR on failure
*/
struct tee_shm *tee_shm_get_from_id(struct tee_context *ctx, int id);
@@ -305,7 +404,7 @@ static inline bool tee_param_is_memref(struct tee_param *param)
* teedev_open() - Open a struct tee_device
* @teedev: Device to open
*
- * @return a pointer to struct tee_context on success or an ERR_PTR on failure.
+ * @returns: pointer to struct tee_context on success or an ERR_PTR on failure.
*/
struct tee_context *teedev_open(struct tee_device *teedev);
@@ -315,4 +414,25 @@ struct tee_context *teedev_open(struct tee_device *teedev);
*/
void teedev_close_context(struct tee_context *ctx);
+/**
+ * teedev_ctx_get() - Increment the reference count of a context
+ * @ctx: Pointer to the context
+ *
+ * This function increases the refcount of the context, which is tied to
+ * resources shared by the same tee_device. During the unregistration process,
+ * the context may remain valid even after tee_device_unregister() has returned.
+ *
+ * Users should ensure that the context's refcount is properly decreased before
+ * calling tee_device_put(), typically within the context's release() function.
+ * Alternatively, users can call tee_device_get() and teedev_ctx_get() together
+ * and release them simultaneously (see shm_alloc_helper()).
+ */
+void teedev_ctx_get(struct tee_context *ctx);
+
+/**
+ * teedev_ctx_put() - Decrease reference count on a context
+ * @ctx: pointer to the context
+ */
+void teedev_ctx_put(struct tee_context *ctx);
+
#endif /*__TEE_CORE_H*/