From nobody Fri Oct 31 04:31:07 2025 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org; dmarc=fail(p=none dis=none) header.from=arm.com Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1752754314688488.62824676670607; Thu, 17 Jul 2025 05:11:54 -0700 (PDT) Received: from list by lists.xenproject.org with outflank-mailman.1046722.1417135 (Exim 4.92) (envelope-from ) id 1ucNSa-00048q-71; Thu, 17 Jul 2025 12:11:36 +0000 Received: by outflank-mailman (output) from mailman id 1046722.1417135; Thu, 17 Jul 2025 12:11:36 +0000 Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1ucNSa-00048g-4C; Thu, 17 Jul 2025 12:11:36 +0000 Received: by outflank-mailman (input) for mailman id 1046722; Thu, 17 Jul 2025 12:11:35 +0000 Received: from se1-gles-flk1-in.inumbo.com ([94.247.172.50] helo=se1-gles-flk1.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1ucNSZ-0003K1-37 for xen-devel@lists.xenproject.org; Thu, 17 Jul 2025 12:11:35 +0000 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by se1-gles-flk1.inumbo.com (Halon) with ESMTP id 2bd44f43-6307-11f0-b894-0df219b8e170; Thu, 17 Jul 2025 14:11:30 +0200 (CEST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id AB8921596; Thu, 17 Jul 2025 05:11:21 -0700 (PDT) Received: from C3HXLD123V.arm.com (unknown [10.57.51.215]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 8C1493F6A8; Thu, 17 Jul 2025 05:11:27 -0700 (PDT) X-Outflank-Mailman: Message body and most headers restored to incoming version X-BeenThere: xen-devel@lists.xenproject.org List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Precedence: list Sender: "Xen-devel" X-Inumbo-ID: 2bd44f43-6307-11f0-b894-0df219b8e170 From: Bertrand Marquis To: xen-devel@lists.xenproject.org Cc: jens.wiklander@linaro.org, Andrew Cooper , Anthony PERARD , Michal Orzel , Jan Beulich , Julien Grall , =?UTF-8?q?Roger=20Pau=20Monn=C3=A9?= , Stefano Stabellini , Volodymyr Babchuk , Julien Grall Subject: [PATCH v7 1/6] xen/arm: Create tee command line parameter Date: Thu, 17 Jul 2025 14:11:02 +0200 Message-ID: <16aefe82c3dcee0039a7492def637c01a13bfcb9.1752754016.git.bertrand.marquis@arm.com> X-Mailer: git-send-email 2.47.1 In-Reply-To: References: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ZM-MESSAGEID: 1752754315272116600 Content-Type: text/plain; charset="utf-8" Add a new command line parameter "tee=3D" to be used to explicitly select what tee mediator is to be used by Xen and fail if it does not exist or the probe function for it failed. Without specifying which tee is to be used, Xen will use the first one for which the probe function succeeds which depends on the order of the mediator list which depends on the compiler. Using the command line argument, it is now possible to explicit request a specific TEE mediator and panic on boot if it is not available. Signed-off-by: Bertrand Marquis Reviewed-by: Jens Wiklander Acked-by: Julien Grall --- Changes in v7: - Add Julien A-b Changes in v6: - Add Jens R-b Changes in v5: - Typo fix and rewording in command line doc (Julien) - fix include order in tee.c (Julien) - use a local bool instead of retesting the string each time in tee_init (Julien) Changes in v4: - None Changes in v3: - Properly classify tee as arm specific (Jan) Changes in v2: - Patch introduced to add a command line selection of the TEE --- docs/misc/xen-command-line.pandoc | 14 +++++++++++++ xen/arch/arm/include/asm/tee/tee.h | 4 ++++ xen/arch/arm/tee/tee.c | 32 ++++++++++++++++++++++++++++++ 3 files changed, 50 insertions(+) diff --git a/docs/misc/xen-command-line.pandoc b/docs/misc/xen-command-line= .pandoc index 6865a61220ca..ad5800ac45a8 100644 --- a/docs/misc/xen-command-line.pandoc +++ b/docs/misc/xen-command-line.pandoc @@ -2655,6 +2655,20 @@ Specify the per-cpu trace buffer size in pages. =20 Flag to enable TSC deadline as the APIC timer mode. =20 +### tee (arm) +> `=3D ` + +Specify the TEE mediator to be probed and use. + +The default behaviour is to probe all TEEs supported by Xen and use +the first one successfully probed. When this parameter is passed, Xen will +probe only the TEE mediator passed as argument and boot will fail if this +mediator is not properly probed or if the requested TEE is not supported by +Xen. + +This parameter can be set to `optee` or `ffa` if the corresponding mediato= rs +are compiled in. + ### tevt_mask > `=3D ` =20 diff --git a/xen/arch/arm/include/asm/tee/tee.h b/xen/arch/arm/include/asm/= tee/tee.h index 0169fd746bcd..15d664e28dce 100644 --- a/xen/arch/arm/include/asm/tee/tee.h +++ b/xen/arch/arm/include/asm/tee/tee.h @@ -55,6 +55,9 @@ struct tee_mediator_desc { /* Printable name of the TEE. */ const char *name; =20 + /* Command line name of the TEE (to be used with tee=3D cmdline option= ) */ + const char *cmdline_name; + /* Mediator callbacks as described above. */ const struct tee_mediator_ops *ops; =20 @@ -77,6 +80,7 @@ void tee_free_domain_ctx(struct domain *d); static const struct tee_mediator_desc __tee_desc_##_name __used \ __section(".teemediator.info") =3D { \ .name =3D _namestr, \ + .cmdline_name =3D #_name, \ .ops =3D _ops, \ .tee_type =3D _type \ } diff --git a/xen/arch/arm/tee/tee.c b/xen/arch/arm/tee/tee.c index 3f65e45a7892..8501443c8e57 100644 --- a/xen/arch/arm/tee/tee.c +++ b/xen/arch/arm/tee/tee.c @@ -18,6 +18,7 @@ =20 #include #include +#include #include =20 #include @@ -25,6 +26,10 @@ extern const struct tee_mediator_desc _steemediator[], _eteemediator[]; static const struct tee_mediator_desc __read_mostly *cur_mediator; =20 +/* Select the TEE mediator using a name on command line. */ +static char __initdata opt_mediator[16] =3D ""; +string_param("tee", opt_mediator); + /* * TODO: Add function to alter Dom0 DTB, so we can properly describe * present TEE. @@ -80,15 +85,42 @@ uint16_t tee_get_type(void) static int __init tee_init(void) { const struct tee_mediator_desc *desc; + bool select_mediator =3D strcmp(opt_mediator, ""); + + if ( select_mediator ) + printk(XENLOG_INFO "TEE Mediator %s selected from command line\n", + opt_mediator); =20 + /* + * When a specific TEE is selected using the 'tee=3D' command line + * argument, we panic if the probe fails or if the requested TEE is not + * supported. + */ for ( desc =3D _steemediator; desc !=3D _eteemediator; desc++ ) { + if ( select_mediator && + strncmp(opt_mediator, desc->cmdline_name, sizeof(opt_mediator= )) ) + continue; + if ( desc->ops->probe() ) { printk(XENLOG_INFO "Using TEE mediator for %s\n", desc->name); cur_mediator =3D desc; return 0; } + else if ( select_mediator ) + { + panic("TEE mediator %s from command line probe failed\n", + opt_mediator); + return -EFAULT; + } + } + + if ( select_mediator ) + { + panic("TEE Mediator %s from command line not supported\n", + opt_mediator); + return -EINVAL; } =20 return 0; --=20 2.47.1