1. Patchew
  2. linux
  3. [PATCH v2 0/4] introduce tee-based EFI Runtime Variable Service
  4. View patch

[PATCH v2 3/4] tee: expose tee efivar register function

Masahisa Kojima posted 4 patches 2 years, 11 months ago
There is a newer version of this series
[PATCH v2 3/4] tee: expose tee efivar register function
Posted by Masahisa Kojima 2 years, 11 months ago 
This commit adds the functions to register/unregister
the tee-based EFI variable driver.

Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
---
 drivers/tee/tee_core.c  | 23 +++++++++++++++++++++++
 include/linux/tee_drv.h | 23 +++++++++++++++++++++++
 2 files changed, 46 insertions(+)

diff --git a/drivers/tee/tee_core.c b/drivers/tee/tee_core.c
index 98da206cd761..0dce5b135d2c 100644
--- a/drivers/tee/tee_core.c
+++ b/drivers/tee/tee_core.c
@@ -7,6 +7,7 @@
 
 #include <linux/cdev.h>
 #include <linux/cred.h>
+#include <linux/efi.h>
 #include <linux/fs.h>
 #include <linux/idr.h>
 #include <linux/module.h>
@@ -1263,6 +1264,28 @@ static void __exit tee_exit(void)
 	tee_class = NULL;
 }
 
+void tee_register_efivar_ops(struct efivars *tee_efivars,
+			     struct efivar_operations *ops)
+{
+	/*
+	 * If the firmware EFI runtime services support SetVariable(),
+	 * tee-based EFI variable services are not used.
+	 */
+	if (!efivar_supports_writes()) {
+		efivars_generic_ops_unregister();
+		pr_info("Use tee-based EFI runtime variable services\n");
+		efivars_register(tee_efivars, ops);
+	}
+}
+EXPORT_SYMBOL_GPL(tee_register_efivar_ops);
+
+void tee_unregister_efivar_ops(struct efivars *tee_efivars)
+{
+	efivars_unregister(tee_efivars);
+	efivars_generic_ops_register();
+}
+EXPORT_SYMBOL_GPL(tee_unregister_efivar_ops);
+
 subsys_initcall(tee_init);
 module_exit(tee_exit);
 
diff --git a/include/linux/tee_drv.h b/include/linux/tee_drv.h
index 17eb1c5205d3..def4ea6212ee 100644
--- a/include/linux/tee_drv.h
+++ b/include/linux/tee_drv.h
@@ -7,6 +7,7 @@
 #define __TEE_DRV_H
 
 #include <linux/device.h>
+#include <linux/efi.h>
 #include <linux/idr.h>
 #include <linux/kref.h>
 #include <linux/list.h>
@@ -507,4 +508,26 @@ struct tee_context *teedev_open(struct tee_device *teedev);
  */
 void teedev_close_context(struct tee_context *ctx);
 
+/**
+ * tee_register_efivar_ops() - register the efivar ops
+ * @tee_efivars:	pointer to efivars structure
+ * @ops:		pointer to contain the efivar operation
+ *
+ * This function registers the tee-based efivar operation as an
+ * EFI Runtime Service.
+ *
+ */
+void tee_register_efivar_ops(struct efivars *tee_efivars,
+			     struct efivar_operations *ops);
+
+/**
+ * tee_unregister_efivar_ops() - unregister the efivar ops
+ * @tee_efivars:	pointer to efivars structure
+ *
+ * This function unregisters the tee-based efivar operation
+ * and reverts to the generic operation.
+ *
+ */
+void tee_unregister_efivar_ops(struct efivars *tee_efivars);
+
 #endif /*__TEE_DRV_H*/
-- 
2.30.2
Re: [PATCH v2 3/4] tee: expose tee efivar register function
Posted by Sumit Garg 2 years, 11 months ago 
Hi Masahisa,

On Mon, 20 Feb 2023 at 10:47, Masahisa Kojima
<masahisa.kojima@linaro.org> wrote:
>
> This commit adds the functions to register/unregister
> the tee-based EFI variable driver.
>

I am unsure if this commit adds any value now since the TEE StMM EFI
driver should be able to directly use efivars_{register/unregister}()
APIs. Do you expect any other TEE kernel driver to use these?

-Sumit

> Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
> ---
>  drivers/tee/tee_core.c  | 23 +++++++++++++++++++++++
>  include/linux/tee_drv.h | 23 +++++++++++++++++++++++
>  2 files changed, 46 insertions(+)
>
> diff --git a/drivers/tee/tee_core.c b/drivers/tee/tee_core.c
> index 98da206cd761..0dce5b135d2c 100644
> --- a/drivers/tee/tee_core.c
> +++ b/drivers/tee/tee_core.c
> @@ -7,6 +7,7 @@
>
>  #include <linux/cdev.h>
>  #include <linux/cred.h>
> +#include <linux/efi.h>
>  #include <linux/fs.h>
>  #include <linux/idr.h>
>  #include <linux/module.h>
> @@ -1263,6 +1264,28 @@ static void __exit tee_exit(void)
>         tee_class = NULL;
>  }
>
> +void tee_register_efivar_ops(struct efivars *tee_efivars,
> +                            struct efivar_operations *ops)
> +{
> +       /*
> +        * If the firmware EFI runtime services support SetVariable(),
> +        * tee-based EFI variable services are not used.
> +        */
> +       if (!efivar_supports_writes()) {
> +               efivars_generic_ops_unregister();
> +               pr_info("Use tee-based EFI runtime variable services\n");
> +               efivars_register(tee_efivars, ops);
> +       }
> +}
> +EXPORT_SYMBOL_GPL(tee_register_efivar_ops);
> +
> +void tee_unregister_efivar_ops(struct efivars *tee_efivars)
> +{
> +       efivars_unregister(tee_efivars);
> +       efivars_generic_ops_register();
> +}
> +EXPORT_SYMBOL_GPL(tee_unregister_efivar_ops);
> +
>  subsys_initcall(tee_init);
>  module_exit(tee_exit);
>
> diff --git a/include/linux/tee_drv.h b/include/linux/tee_drv.h
> index 17eb1c5205d3..def4ea6212ee 100644
> --- a/include/linux/tee_drv.h
> +++ b/include/linux/tee_drv.h
> @@ -7,6 +7,7 @@
>  #define __TEE_DRV_H
>
>  #include <linux/device.h>
> +#include <linux/efi.h>
>  #include <linux/idr.h>
>  #include <linux/kref.h>
>  #include <linux/list.h>
> @@ -507,4 +508,26 @@ struct tee_context *teedev_open(struct tee_device *teedev);
>   */
>  void teedev_close_context(struct tee_context *ctx);
>
> +/**
> + * tee_register_efivar_ops() - register the efivar ops
> + * @tee_efivars:       pointer to efivars structure
> + * @ops:               pointer to contain the efivar operation
> + *
> + * This function registers the tee-based efivar operation as an
> + * EFI Runtime Service.
> + *
> + */
> +void tee_register_efivar_ops(struct efivars *tee_efivars,
> +                            struct efivar_operations *ops);
> +
> +/**
> + * tee_unregister_efivar_ops() - unregister the efivar ops
> + * @tee_efivars:       pointer to efivars structure
> + *
> + * This function unregisters the tee-based efivar operation
> + * and reverts to the generic operation.
> + *
> + */
> +void tee_unregister_efivar_ops(struct efivars *tee_efivars);
> +
>  #endif /*__TEE_DRV_H*/
> --
> 2.30.2
>
Re: [PATCH v2 3/4] tee: expose tee efivar register function
Posted by Masahisa Kojima 2 years, 11 months ago 
Hi Sumit,

On Mon, 20 Feb 2023 at 18:17, Sumit Garg <sumit.garg@linaro.org> wrote:
>
> Hi Masahisa,
>
> On Mon, 20 Feb 2023 at 10:47, Masahisa Kojima
> <masahisa.kojima@linaro.org> wrote:
> >
> > This commit adds the functions to register/unregister
> > the tee-based EFI variable driver.
> >
>
> I am unsure if this commit adds any value now since the TEE StMM EFI
> driver should be able to directly use efivars_{register/unregister}()
> APIs. Do you expect any other TEE kernel driver to use these?

You are correct.
Now this patch is not required and the StMM EFI driver should directly
register efivars ops. I will remove this patch in the next version.

Thanks,
Masahisa Kojima

>
> -Sumit
>
> > Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
> > Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
> > Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
> > ---
> >  drivers/tee/tee_core.c  | 23 +++++++++++++++++++++++
> >  include/linux/tee_drv.h | 23 +++++++++++++++++++++++
> >  2 files changed, 46 insertions(+)
> >
> > diff --git a/drivers/tee/tee_core.c b/drivers/tee/tee_core.c
> > index 98da206cd761..0dce5b135d2c 100644
> > --- a/drivers/tee/tee_core.c
> > +++ b/drivers/tee/tee_core.c
> > @@ -7,6 +7,7 @@
> >
> >  #include <linux/cdev.h>
> >  #include <linux/cred.h>
> > +#include <linux/efi.h>
> >  #include <linux/fs.h>
> >  #include <linux/idr.h>
> >  #include <linux/module.h>
> > @@ -1263,6 +1264,28 @@ static void __exit tee_exit(void)
> >         tee_class = NULL;
> >  }
> >
> > +void tee_register_efivar_ops(struct efivars *tee_efivars,
> > +                            struct efivar_operations *ops)
> > +{
> > +       /*
> > +        * If the firmware EFI runtime services support SetVariable(),
> > +        * tee-based EFI variable services are not used.
> > +        */
> > +       if (!efivar_supports_writes()) {
> > +               efivars_generic_ops_unregister();
> > +               pr_info("Use tee-based EFI runtime variable services\n");
> > +               efivars_register(tee_efivars, ops);
> > +       }
> > +}
> > +EXPORT_SYMBOL_GPL(tee_register_efivar_ops);
> > +
> > +void tee_unregister_efivar_ops(struct efivars *tee_efivars)
> > +{
> > +       efivars_unregister(tee_efivars);
> > +       efivars_generic_ops_register();
> > +}
> > +EXPORT_SYMBOL_GPL(tee_unregister_efivar_ops);
> > +
> >  subsys_initcall(tee_init);
> >  module_exit(tee_exit);
> >
> > diff --git a/include/linux/tee_drv.h b/include/linux/tee_drv.h
> > index 17eb1c5205d3..def4ea6212ee 100644
> > --- a/include/linux/tee_drv.h
> > +++ b/include/linux/tee_drv.h
> > @@ -7,6 +7,7 @@
> >  #define __TEE_DRV_H
> >
> >  #include <linux/device.h>
> > +#include <linux/efi.h>
> >  #include <linux/idr.h>
> >  #include <linux/kref.h>
> >  #include <linux/list.h>
> > @@ -507,4 +508,26 @@ struct tee_context *teedev_open(struct tee_device *teedev);
> >   */
> >  void teedev_close_context(struct tee_context *ctx);
> >
> > +/**
> > + * tee_register_efivar_ops() - register the efivar ops
> > + * @tee_efivars:       pointer to efivars structure
> > + * @ops:               pointer to contain the efivar operation
> > + *
> > + * This function registers the tee-based efivar operation as an
> > + * EFI Runtime Service.
> > + *
> > + */
> > +void tee_register_efivar_ops(struct efivars *tee_efivars,
> > +                            struct efivar_operations *ops);
> > +
> > +/**
> > + * tee_unregister_efivar_ops() - unregister the efivar ops
> > + * @tee_efivars:       pointer to efivars structure
> > + *
> > + * This function unregisters the tee-based efivar operation
> > + * and reverts to the generic operation.
> > + *
> > + */
> > +void tee_unregister_efivar_ops(struct efivars *tee_efivars);
> > +
> >  #endif /*__TEE_DRV_H*/
> > --
> > 2.30.2
> >
Re: [PATCH v2 3/4] tee: expose tee efivar register function
Posted by kernel test robot 2 years, 11 months ago 
Hi Masahisa,

I love your patch! Yet something to improve:

[auto build test ERROR on efi/next]
[also build test ERROR on next-20230217]
[cannot apply to linus/master v6.2]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch#_base_tree_information]

url:    https://github.com/intel-lab-lkp/linux/commits/Masahisa-Kojima/efi-expose-efivar-generic-ops-register-function/20230220-132235
base:   https://git.kernel.org/pub/scm/linux/kernel/git/efi/efi.git next
patch link:    https://lore.kernel.org/r/20230220051723.1257-4-masahisa.kojima%40linaro.org
patch subject: [PATCH v2 3/4] tee: expose tee efivar register function
config: arm64-randconfig-r034-20230220 (https://download.01.org/0day-ci/archive/20230220/202302201500.w7nKUwV7-lkp@intel.com/config)
compiler: aarch64-linux-gcc (GCC) 12.1.0
reproduce (this is a W=1 build):
        wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
        chmod +x ~/bin/make.cross
        # https://github.com/intel-lab-lkp/linux/commit/c9bb47729e4c5c9999ce523e6c72785e897d9ae6
        git remote add linux-review https://github.com/intel-lab-lkp/linux
        git fetch --no-tags linux-review Masahisa-Kojima/efi-expose-efivar-generic-ops-register-function/20230220-132235
        git checkout c9bb47729e4c5c9999ce523e6c72785e897d9ae6
        # save the config file
        mkdir build_dir && cp config build_dir/.config
        COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-12.1.0 make.cross W=1 O=build_dir ARCH=arm64 olddefconfig
        COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-12.1.0 make.cross W=1 O=build_dir ARCH=arm64 SHELL=/bin/bash

If you fix the issue, kindly add following tag where applicable
| Reported-by: kernel test robot <lkp@intel.com>
| Link: https://lore.kernel.org/oe-kbuild-all/202302201500.w7nKUwV7-lkp@intel.com/

All errors (new ones prefixed by >>, old ones prefixed by <<):

>> ERROR: modpost: "efivar_supports_writes" [drivers/tee/tee.ko] undefined!
>> ERROR: modpost: "efivars_register" [drivers/tee/tee.ko] undefined!
>> ERROR: modpost: "efivars_generic_ops_register" [drivers/tee/tee.ko] undefined!
>> ERROR: modpost: "efivars_unregister" [drivers/tee/tee.ko] undefined!
>> ERROR: modpost: "efivars_generic_ops_unregister" [drivers/tee/tee.ko] undefined!

-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests
Re: [PATCH v2 3/4] tee: expose tee efivar register function
Posted by kernel test robot 2 years, 11 months ago 
Hi Masahisa,

I love your patch! Yet something to improve:

[auto build test ERROR on efi/next]
[also build test ERROR on next-20230217]
[cannot apply to linus/master v6.2]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch#_base_tree_information]

url:    https://github.com/intel-lab-lkp/linux/commits/Masahisa-Kojima/efi-expose-efivar-generic-ops-register-function/20230220-132235
base:   https://git.kernel.org/pub/scm/linux/kernel/git/efi/efi.git next
patch link:    https://lore.kernel.org/r/20230220051723.1257-4-masahisa.kojima%40linaro.org
patch subject: [PATCH v2 3/4] tee: expose tee efivar register function
config: nios2-randconfig-r036-20230220 (https://download.01.org/0day-ci/archive/20230220/202302201500.rOtaNOWt-lkp@intel.com/config)
compiler: nios2-linux-gcc (GCC) 12.1.0
reproduce (this is a W=1 build):
        wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
        chmod +x ~/bin/make.cross
        # https://github.com/intel-lab-lkp/linux/commit/c9bb47729e4c5c9999ce523e6c72785e897d9ae6
        git remote add linux-review https://github.com/intel-lab-lkp/linux
        git fetch --no-tags linux-review Masahisa-Kojima/efi-expose-efivar-generic-ops-register-function/20230220-132235
        git checkout c9bb47729e4c5c9999ce523e6c72785e897d9ae6
        # save the config file
        mkdir build_dir && cp config build_dir/.config
        COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-12.1.0 make.cross W=1 O=build_dir ARCH=nios2 olddefconfig
        COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-12.1.0 make.cross W=1 O=build_dir ARCH=nios2 SHELL=/bin/bash

If you fix the issue, kindly add following tag where applicable
| Reported-by: kernel test robot <lkp@intel.com>
| Link: https://lore.kernel.org/oe-kbuild-all/202302201500.rOtaNOWt-lkp@intel.com/

All errors (new ones prefixed by >>):

   nios2-linux-ld: drivers/tee/tee_core.o: in function `tee_register_efivar_ops':
>> tee_core.c:(.text+0x2634): undefined reference to `efivar_supports_writes'
   tee_core.c:(.text+0x2634): relocation truncated to fit: R_NIOS2_CALL26 against `efivar_supports_writes'
>> nios2-linux-ld: tee_core.c:(.text+0x2654): undefined reference to `efivars_generic_ops_unregister'
   tee_core.c:(.text+0x2654): relocation truncated to fit: R_NIOS2_CALL26 against `efivars_generic_ops_unregister'
>> nios2-linux-ld: tee_core.c:(.text+0x2674): undefined reference to `efivars_register'
   tee_core.c:(.text+0x2674): relocation truncated to fit: R_NIOS2_CALL26 against `efivars_register'
   nios2-linux-ld: drivers/tee/tee_core.o: in function `tee_unregister_efivar_ops':
>> tee_core.c:(.text+0x2684): undefined reference to `efivars_unregister'
   tee_core.c:(.text+0x2684): relocation truncated to fit: R_NIOS2_CALL26 against `efivars_unregister'
>> nios2-linux-ld: tee_core.c:(.text+0x2688): undefined reference to `efivars_generic_ops_register'
   tee_core.c:(.text+0x2688): relocation truncated to fit: R_NIOS2_CALL26 against `efivars_generic_ops_register'

-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.