[Xen-devel] [PATCH v6 00/10] TEE mediator (and OP-TEE) support in XEN

[Volodymyr Babchuk <Volodymyr_Babchuk@epam.com>]

Hello community,

This is the next version of OP-TEE support series.

In case of any issues with mail (Julien Grall had some troubles with =20
sequences in the patches, thanks to our corporate Exchange, I assume),
this series can be pulled from [4].

Note: I deliberately removed Jan Beulich from CC list, because he
explicitly indicated that he is not interested in this series ([5]).

List of changes is below. More specific changes are described along
with the corresponding patches.

===
v5:
 - Series rebased to staging branch instead of master one.
 - OP-TEE protocol headers was taken from OP-TEE tree instead of
   Linux one
 - Added acked-by tags
 - Fixed (and tested) issue when XEN would not boot if it is build
   with CONFIG_TEE=n

====
v4:
 - Substantial rework of OP-TEE mediator. Now it tries to return meaningful
   error codes back to the guest.
 - OP-TEE mediator does not use struct cpu_user_regs as a storage for
   parameters and return values when calling OP-TEE. This makes it
   compatbile with requirement from SMCCC.
 - tee=native option replaced with tee=optee
 - Authorship and s-o-b tag reset to my EPAM mail address

====
v3:
 - Patch "arm: add tee_enabled flag to xen_arch_domainconfig" was
   squashed into "xen/arm: add generic TEE mediator framework"
 - I implemented more elaborate error repoting to a guest. Now guest
   will get meaningful error codes instead of generic
   ARM_SMCCC_ERR_UNKNOWN_FUNCTION.

====
v2:
 - Use domain flags insted of domctl interface to enable optee for guests
 - Remove patch "libxc: add xc_dom_tee_enable(...) function" because
   of previous change
 - Mediator now stores own context in arch part of struct domain, so
   I removed patch "optee: add domain contexts"

Per-patch changes are described in corresponding emails.

====
v2:

This is v2 of patch series for OP-TEE mediator support in XEN. Changes from v1:

 - Added domctl interface, so now xl decides what domain should work with TEE
 - Removed XSM support due to change described above
 - Patch with OP-TEE mediator was splited to 7 separate patches
 - Removed patch with call_smccc() function. Now this series depend on
   Julien Grall's series "xen/arm: SMCCC fixup and improvement" [3]

=====
v1:

This is follow for patch series [1]. There was lots of discussions
for that series and I tried to address all of them in this new patchset.

Currently, I had a working solution for OP-TEE virtualization and it is being
upstreamed right now ([2]). So, I think it is a good time to introduce support
in XEN as well.

This series include generic TEE mediator framework and full-scale OP-TEE mediator
which is working with mentioned chages in OP-TEE. So, multiple domains can
work simultaneously with OP-TEE.

I added XSM support, so now it is possible to control which domains can work
with TEEs. Also I changed way how TEE discovery is done. Now  it is very
generic and should support any platform.

[1] https://lists.xenproject.org/archives/html/xen-devel/2017-10/msg01451.html
[2] https://github.com/OP-TEE/optee_os/pull/2370
[3] https://lists.xenproject.org/archives/html/xen-devel/2018-08/msg02138.html
[4] https://github.com/lorc/xen/tree/optee_v6
[5] https://lists.xenproject.org/archives/html/xen-devel/2019-05/msg01805.html

Volodymyr Babchuk (10):
  xen/arm: add generic TEE mediator framework
  xen/arm: optee: add OP-TEE header files
  xen/arm: optee: add OP-TEE mediator skeleton
  xen/arm: optee: add fast calls handling
  xen/arm: optee: add std call handling
  xen/arm: optee: add support for RPC SHM buffers
  xen/arm: optee: add support for arbitrary shared memory
  xen/arm: optee: add support for RPC commands
  tools/arm: tee: add "tee" option for xl.cfg
  tools/arm: optee: create optee firmware node in DT if tee=optee

 MAINTAINERS                             |    6 +
 docs/man/xl.cfg.5.pod.in                |   21 +
 tools/libxl/libxl.h                     |    5 +
 tools/libxl/libxl_arm.c                 |   42 +
 tools/libxl/libxl_types.idl             |    6 +
 tools/xl/xl_parse.c                     |    9 +
 xen/arch/arm/Kconfig                    |    9 +
 xen/arch/arm/Makefile                   |    1 +
 xen/arch/arm/domain.c                   |   19 +
 xen/arch/arm/setup.c                    |    2 +
 xen/arch/arm/tee/Kconfig                |    4 +
 xen/arch/arm/tee/Makefile               |    2 +
 xen/arch/arm/tee/optee.c                | 1540 +++++++++++++++++++++++
 xen/arch/arm/tee/tee.c                  |   98 ++
 xen/arch/arm/vsmc.c                     |    5 +
 xen/arch/arm/xen.lds.S                  |    7 +
 xen/include/asm-arm/domain.h            |    4 +
 xen/include/asm-arm/tee/optee_msg.h     |  310 +++++
 xen/include/asm-arm/tee/optee_rpc_cmd.h |  318 +++++
 xen/include/asm-arm/tee/optee_smc.h     |  564 +++++++++
 xen/include/asm-arm/tee/tee.h           |  112 ++
 xen/include/public/arch-arm.h           |    6 +
 22 files changed, 3090 insertions(+)
 create mode 100644 xen/arch/arm/tee/Kconfig
 create mode 100644 xen/arch/arm/tee/Makefile
 create mode 100644 xen/arch/arm/tee/optee.c
 create mode 100644 xen/arch/arm/tee/tee.c
 create mode 100644 xen/include/asm-arm/tee/optee_msg.h
 create mode 100644 xen/include/asm-arm/tee/optee_rpc_cmd.h
 create mode 100644 xen/include/asm-arm/tee/optee_smc.h
 create mode 100644 xen/include/asm-arm/tee/tee.h

-- 
2.21.0

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel