* [GIT PULL] TEE driver infrastructure and OP-TEE drivers
@ 2017-05-09 19:05 Arnd Bergmann
2017-05-10 18:22 ` Linus Torvalds
2017-05-10 18:55 ` Linus Torvalds
0 siblings, 2 replies; 4+ messages in thread
From: Arnd Bergmann @ 2017-05-09 19:05 UTC (permalink / raw)
To: Linus Torvalds, arm-soc, Linux ARM, Linux Kernel Mailing List,
Jens Wiklander
The following changes since commit 97da3854c526d3a6ee05c849c96e48d21527606c:
Linux 4.11-rc3 (2017-03-19 19:09:39 -0700)
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc.git tags/armsoc-tee
for you to fetch changes up to 414d06ace9cca3725b6c2072e1951e1e03807f63:
Merge tag 'tee-drv-for-4.12' of
git://git.linaro.org:/people/jens.wiklander/linux-tee into next/tee
(2017-03-30 16:16:28 +0200)
----------------------------------------------------------------
TEE driver infrastructure and OP-TEE drivers
This branch introduces a generic TEE framework in the kernel, to handle
trusted environemtns (security coprocessor or software implementations
such as OP-TEE/TrustZone). I'm sending it separately from the other
arm-soc driver changes to give it a little more visibility, once
the subsystem is merged, we will likely keep this in the arm₋soc
drivers branch or have the maintainers submit pull requests directly,
depending on the patch volume.
I have reviewed earlier versions in the past, and have reviewed
the latest version in person during Linaro Connect BUD17.
Here is my overall assessment of the subsystem:
* There is clearly demand for this, both for the generic
infrastructure and the specific OP-TEE implementation.
* The code has gone through a large number of reviews,
and the review comments have all been addressed, but
the reviews were not coming up with serious issues any more
and nobody volunteered to vouch for the quality.
* The user space ioctl interface is sufficient to work with the
OP-TEE driver, and it should in principle work with other
TEE implementations that follow the GlobalPlatform[1] standards,
but it might need to be extended in minor ways depending on
specific requirements of future TEE implementations
* The main downside of the API to me is how the user space
is tied to the TEE implementation in hardware or firmware,
but uses a generic way to communicate with it. This seems
to be an inherent problem with what it is trying to do,
and I could not come up with any better solution than what
is implemented here.
For a detailed history of the patch series, see
https://lkml.org/lkml/2017/3/10/1277
Conflicts: needs a fixup after the drm tree was merged, see
https://patchwork.kernel.org/patch/9691679/
----------------------------------------------------------------
Arnd Bergmann (1):
Merge tag 'tee-drv-for-4.12' of
git://git.linaro.org:/people/jens.wiklander/linux-tee into next/tee
Jens Wiklander (4):
dt/bindings: add bindings for optee
tee: generic TEE subsystem
tee: add OP-TEE driver
Documentation: tee subsystem and op-tee driver
Jerome Forissier (1):
arm64: dt: hikey: Add optee node
Documentation/00-INDEX | 2 +
.../bindings/arm/firmware/linaro,optee-tz.txt | 31 +
.../devicetree/bindings/vendor-prefixes.txt | 1 +
Documentation/ioctl/ioctl-number.txt | 1 +
Documentation/tee.txt | 118 +++
MAINTAINERS | 13 +
arch/arm64/boot/dts/hisilicon/hi6220-hikey.dts | 7 +
drivers/Kconfig | 2 +
drivers/Makefile | 1 +
drivers/tee/Kconfig | 18 +
drivers/tee/Makefile | 5 +
drivers/tee/optee/Kconfig | 7 +
drivers/tee/optee/Makefile | 5 +
drivers/tee/optee/call.c | 444 ++++++++++
drivers/tee/optee/core.c | 622 ++++++++++++++
drivers/tee/optee/optee_msg.h | 418 ++++++++++
drivers/tee/optee/optee_private.h | 183 +++++
drivers/tee/optee/optee_smc.h | 450 +++++++++++
drivers/tee/optee/rpc.c | 396 +++++++++
drivers/tee/optee/supp.c | 273 +++++++
drivers/tee/tee_core.c | 893 +++++++++++++++++++++
drivers/tee/tee_private.h | 129 +++
drivers/tee/tee_shm.c | 358 +++++++++
drivers/tee/tee_shm_pool.c | 156 ++++
include/linux/tee_drv.h | 277 +++++++
include/uapi/linux/tee.h | 346 ++++++++
26 files changed, 5156 insertions(+)
create mode 100644
Documentation/devicetree/bindings/arm/firmware/linaro,optee-tz.txt
create mode 100644 Documentation/tee.txt
create mode 100644 drivers/tee/Kconfig
create mode 100644 drivers/tee/Makefile
create mode 100644 drivers/tee/optee/Kconfig
create mode 100644 drivers/tee/optee/Makefile
create mode 100644 drivers/tee/optee/call.c
create mode 100644 drivers/tee/optee/core.c
create mode 100644 drivers/tee/optee/optee_msg.h
create mode 100644 drivers/tee/optee/optee_private.h
create mode 100644 drivers/tee/optee/optee_smc.h
create mode 100644 drivers/tee/optee/rpc.c
create mode 100644 drivers/tee/optee/supp.c
create mode 100644 drivers/tee/tee_core.c
create mode 100644 drivers/tee/tee_private.h
create mode 100644 drivers/tee/tee_shm.c
create mode 100644 drivers/tee/tee_shm_pool.c
create mode 100644 include/linux/tee_drv.h
create mode 100644 include/uapi/linux/tee.h
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [GIT PULL] TEE driver infrastructure and OP-TEE drivers
2017-05-09 19:05 [GIT PULL] TEE driver infrastructure and OP-TEE drivers Arnd Bergmann
@ 2017-05-10 18:22 ` Linus Torvalds
2017-05-10 18:55 ` Linus Torvalds
1 sibling, 0 replies; 4+ messages in thread
From: Linus Torvalds @ 2017-05-10 18:22 UTC (permalink / raw)
To: Arnd Bergmann
Cc: arm-soc, Linux ARM, Linux Kernel Mailing List, Jens Wiklander
On Tue, May 9, 2017 at 12:05 PM, Arnd Bergmann <arnd@arndb.de> wrote:
>
> For a detailed history of the patch series, see
> https://lkml.org/lkml/2017/3/10/1277
Oh well, that wasn't very useful right now..
Linus
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [GIT PULL] TEE driver infrastructure and OP-TEE drivers
2017-05-09 19:05 [GIT PULL] TEE driver infrastructure and OP-TEE drivers Arnd Bergmann
2017-05-10 18:22 ` Linus Torvalds
@ 2017-05-10 18:55 ` Linus Torvalds
2017-05-10 19:11 ` Arnd Bergmann
1 sibling, 1 reply; 4+ messages in thread
From: Linus Torvalds @ 2017-05-10 18:55 UTC (permalink / raw)
To: Arnd Bergmann
Cc: arm-soc, Linux ARM, Linux Kernel Mailing List, Jens Wiklander
On Tue, May 9, 2017 at 12:05 PM, Arnd Bergmann <arnd@arndb.de> wrote:
>
> TEE driver infrastructure and OP-TEE drivers
Another note: right now this adds a config question for TEE support,
but the only actual TEE driver has a
depends on HAVE_ARM_SMCCC
on it.
Until we get more TEE drivers, might I suggest that we perhaps make
the TEE config option have
depends on HAVE_ARM_SMCCC || COMPILE_TEST
so that the generic tee code still gets the compile test coverage, but
we don't confuse people by asking about infrastructure that they can't
possibly use..
Hmm?
Linus
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [GIT PULL] TEE driver infrastructure and OP-TEE drivers
2017-05-10 18:55 ` Linus Torvalds
@ 2017-05-10 19:11 ` Arnd Bergmann
0 siblings, 0 replies; 4+ messages in thread
From: Arnd Bergmann @ 2017-05-10 19:11 UTC (permalink / raw)
To: Linus Torvalds
Cc: arm-soc, Linux ARM, Linux Kernel Mailing List, Jens Wiklander
On Wed, May 10, 2017 at 8:55 PM, Linus Torvalds
<torvalds@linux-foundation.org> wrote:
> On Tue, May 9, 2017 at 12:05 PM, Arnd Bergmann <arnd@arndb.de> wrote:
> > https://lkml.org/lkml/2017/3/10/1277
>
> Oh well, that wasn't very useful right now..
Hopefully it comes back eventually. For now, the same contents are also at
https://lwn.net/Articles/716737/
>> TEE driver infrastructure and OP-TEE drivers
>
> Another note: right now this adds a config question for TEE support,
> but the only actual TEE driver has a
>
> depends on HAVE_ARM_SMCCC
>
> on it.
>
> Until we get more TEE drivers, might I suggest that we perhaps make
> the TEE config option have
>
> depends on HAVE_ARM_SMCCC || COMPILE_TEST
>
> so that the generic tee code still gets the compile test coverage, but
> we don't confuse people by asking about infrastructure that they can't
> possibly use..
>
> Hmm?
Yes, good idea. I've added this patch to the arm-soc fixes branch that
already contains a couple of other things you will get in a few days:
>From efd467ff4f611d67e9009de2391ce484f9436054 Mon Sep 17 00:00:00 2001
From: Arnd Bergmann <arnd@arndb.de>
Date: Wed, 10 May 2017 21:05:16 +0200
Subject: [PATCH] tee: add ARM_SMCCC dependency
For the moment, the tee subsystem only makes sense in combination with
the op-tee driver that depends on ARM_SMCCC, so let's hide the subsystem
from users that can't select that.
Suggested-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
diff --git a/drivers/tee/Kconfig b/drivers/tee/Kconfig
index 2330a4eb4e8b..2824398fc5d6 100644
--- a/drivers/tee/Kconfig
+++ b/drivers/tee/Kconfig
@@ -1,6 +1,7 @@
# Generic Trusted Execution Environment Configuration
config TEE
tristate "Trusted Execution Environment support"
+ depends on HAVE_ARM_SMCCC || COMPILE_TEST # until we have more than one driver
select DMA_SHARED_BUFFER
select GENERIC_ALLOCATOR
help
^ permalink raw reply related [flat|nested] 4+ messages in thread
end of thread, other threads:[~2017-05-10 19:11 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-05-09 19:05 [GIT PULL] TEE driver infrastructure and OP-TEE drivers Arnd Bergmann
2017-05-10 18:22 ` Linus Torvalds
2017-05-10 18:55 ` Linus Torvalds
2017-05-10 19:11 ` Arnd Bergmann
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).