From nobody Mon Feb 9 15:08:46 2026 Received: from mail-ej1-f54.google.com (mail-ej1-f54.google.com [209.85.218.54]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A8B6F1B5ED1 for ; Thu, 28 Nov 2024 15:09:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.218.54 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1732806584; cv=none; b=kNWIM40RBbTfQBVNJnWcAeRzB4d3JM+eLX0hJ7bF0e/n70h94vnfpwm1ZvFFaZH/9MWZT5d8AHOpgrXAN4HLqX6hOAlr/ZpdZLiGCnvW4I97IkDffvrfa2NvyPWadnGu6OLA8DFIOWJxXpD4CHdroRJkb7I+v7K6VO2rEY//mm0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1732806584; c=relaxed/simple; bh=3FEZ7sowzg9uDi+LIZSZPww9G4HJwNhYBLznokWWB2Y=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=kab6fHHpTJqZfq2gL+97g9xM9UGkNxo41SFwicCudgWzFHctP43Sbw50H5av6gJ3Hw6PTpSDPN9AqO2Qx4ETCZv/prkgQmBaK13l0zCMDwvUbDHakhMH/ttrn33f/N5qCUKeph1Xqkdnwfef34+l1Taw258DzBY7DMLg1PQn+rM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linaro.org; spf=pass smtp.mailfrom=linaro.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b=nPvSH26Q; arc=none smtp.client-ip=209.85.218.54 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linaro.org Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b="nPvSH26Q" Received: by mail-ej1-f54.google.com with SMTP id a640c23a62f3a-aa530a94c0eso127270866b.2 for ; Thu, 28 Nov 2024 07:09:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1732806580; x=1733411380; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=MmMsps2a0l2wKhx4347cCjPz4/otCC32n4EKpoY/KOs=; b=nPvSH26QHWlk05vkXQVZ6WzY5Wf2N3Npewhgptrp27W816WWUkRA0JJeMsRIAg5avj KOlGDMGTnFw3Z3DzJmm+0d41G/bPOdz87DSyGabsptseK2XBaPIFMD9qk1rPTiuxhUJb IHRjgd8mGS+FUhMmhQHiXlR0B0rv/W572oK2Np2NxARDHS6iu5Oq4QbZutX4AzAJJblk bohED9k01wZXeRcbpjr7Z93pz88gAB5skvfwgIhNSIsa0kYx7SWBFGdBW2tXKFlYOgxe 9xaiSnks0FkXwcxtbeZI1Sk9mv8LhWKDkSPYNjod1h2FSgdTtVw6p4DoOWnB3P8NWkm0 eLvw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1732806580; x=1733411380; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=MmMsps2a0l2wKhx4347cCjPz4/otCC32n4EKpoY/KOs=; b=XroghjcTbY5BVnp+aISKg//AMKHF68C1Q/m5F2v7Yen7qLbNDuw0nOPGAiY2dXnYEw N0QvQrdWYCZMFNvzrQhQwqQRle1RWyeLutsxLR/uLnF3FV9H/jCIgF1eYmKELcPqUPs0 jKNZY003Inzu2AzZMDdqXwhsUYir90qAYHT7eUeSgZEzqCjDQ1jK1bZ0ZgoU6pEYeoqK bJHAVUO5/uAnbcM8MN6vBbY2RwXC+Mws08JaEK1afB5+H+Vdiq5JjWKYVmiu4p2Ck3JN klZUkVIq/cfi0SiFTnSo9sQbp8zBFSixxheZ7F+oRc8VhBLzZi6QDyVCREmWSMFpUdwa 4rag== X-Gm-Message-State: AOJu0Yy+qqA42Sk39pt73IUgD/vD/DgoW5SH10zQ6wyvEqgPnZ8Tu1tx IM0SCAsbspweuxaQNJjVipA0BPQav93g8JAUw2N3lb7QuEXHXDdaefsAWq/Da25+QUj3IhFvxAc m X-Gm-Gg: ASbGnctogXAWdfbx/3UN7+Y2x5RuJ/mW/tANh8spnXiNyGeR9x2rAeTOPIqa20JOKZi S5HO/0iBd/58Fm6gcymCwyz/UzYHgBASk6S9uMu26KQL5m8sSQNLwt5rXPDa2CJYs+k70ZINN6P j1kt2diODNBIsCDGW1a6Xj+/8EG1MzgvY25zGsJIqHzAoYF86dJOCJY5VlX+sfhZZoA6BASJ2cw Q0kodeajrM/FJLCWwDPIpVr5Lh1xEuvPHKR55tGqb+nTwrb233FIV63f/YikxlygbC99l+bI+cN iKys4VyBd+KWMNt6BWvdXblZ X-Google-Smtp-Source: AGHT+IES2MtTRBxvc0ImdVkolULDQZqUzfq0vhrhjdNBPGjibKiOg02J5C/pGcR4+fvQjdSZxsPxfA== X-Received: by 2002:a17:907:8d7:b0:aa5:4edb:6456 with SMTP id a640c23a62f3a-aa58108047bmr554927866b.49.1732806580523; Thu, 28 Nov 2024 07:09:40 -0800 (PST) Received: from rayden.urgonet (h-79-136-84-141.A175.priv.bahnhof.se. [79.136.84.141]) by smtp.gmail.com with ESMTPSA id a640c23a62f3a-aa59990a78esm75711366b.163.2024.11.28.07.09.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 28 Nov 2024 07:09:39 -0800 (PST) From: Jens Wiklander To: linux-kernel@vger.kernel.org, linux-media@vger.kernel.org, dri-devel@lists.freedesktop.org, linaro-mm-sig@lists.linaro.org, op-tee@lists.trustedfirmware.org, linux-arm-kernel@lists.infradead.org Cc: Olivier Masse , Thierry Reding , Yong Wu , Sumit Semwal , Benjamin Gaignard , Brian Starkey , John Stultz , "T . J . Mercier" , =?UTF-8?q?Christian=20K=C3=B6nig?= , Sumit Garg , Matthias Brugger , AngeloGioacchino Del Regno , azarrabi@qti.qualcomm.com, Jens Wiklander Subject: [PATCH v3 1/4] tee: add restricted memory allocation Date: Thu, 28 Nov 2024 16:09:01 +0100 Message-ID: <20241128150927.1377981-2-jens.wiklander@linaro.org> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20241128150927.1377981-1-jens.wiklander@linaro.org> References: <20241128150927.1377981-1-jens.wiklander@linaro.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Add restricted memory allocation to the TEE subsystem. Restricted memory is not be accessible by kernel during normal circumstances. A new ioctl TEE_IOC_RSTMEM_ALLOC is added to allocate these restricted memory buffers. The restricted memory is allocated for a specific use-case, like Secure Video Playback, Trusted UI, or Secure Video Recording where certain hardware devices can access the memory. More use-cases can be added in userspace ABI, but it's up to the backend drivers to provide the implementation. Signed-off-by: Jens Wiklander --- drivers/tee/Makefile | 1 + drivers/tee/tee_core.c | 37 ++++++- drivers/tee/tee_private.h | 2 + drivers/tee/tee_rstmem.c | 201 +++++++++++++++++++++++++++++++++++++ drivers/tee/tee_shm.c | 2 + drivers/tee/tee_shm_pool.c | 69 ++++++++++++- include/linux/tee_core.h | 15 +++ include/linux/tee_drv.h | 4 +- include/uapi/linux/tee.h | 37 ++++++- 9 files changed, 363 insertions(+), 5 deletions(-) create mode 100644 drivers/tee/tee_rstmem.c diff --git a/drivers/tee/Makefile b/drivers/tee/Makefile index 5488cba30bd2..a4c6b55444b9 100644 --- a/drivers/tee/Makefile +++ b/drivers/tee/Makefile @@ -3,6 +3,7 @@ obj-$(CONFIG_TEE) +=3D tee.o tee-objs +=3D tee_core.o tee-objs +=3D tee_shm.o tee-objs +=3D tee_shm_pool.o +tee-objs +=3D tee_rstmem.o obj-$(CONFIG_OPTEE) +=3D optee/ obj-$(CONFIG_AMDTEE) +=3D amdtee/ obj-$(CONFIG_ARM_TSTEE) +=3D tstee/ diff --git a/drivers/tee/tee_core.c b/drivers/tee/tee_core.c index d113679b1e2d..e81167826002 100644 --- a/drivers/tee/tee_core.c +++ b/drivers/tee/tee_core.c @@ -1,12 +1,13 @@ // SPDX-License-Identifier: GPL-2.0-only /* - * Copyright (c) 2015-2016, Linaro Limited + * Copyright (c) 2015-2022, 2024, Linaro Limited */ =20 #define pr_fmt(fmt) "%s: " fmt, __func__ =20 #include #include +#include #include #include #include @@ -815,6 +816,38 @@ static int tee_ioctl_supp_send(struct tee_context *ctx, return rc; } =20 +static int +tee_ioctl_rstmem_alloc(struct tee_context *ctx, + struct tee_ioctl_rstmem_alloc_data __user *udata) +{ + struct tee_ioctl_rstmem_alloc_data data; + struct dma_buf *dmabuf; + int id; + int fd; + + if (copy_from_user(&data, udata, sizeof(data))) + return -EFAULT; + + if (data.use_case =3D=3D TEE_IOC_UC_RESERVED) + return -EINVAL; + + dmabuf =3D tee_rstmem_alloc(ctx, data.flags, data.use_case, data.size, + &id); + if (IS_ERR(dmabuf)) + return PTR_ERR(dmabuf); + if (put_user(id, &udata->id)) { + fd =3D -EFAULT; + goto err; + } + fd =3D dma_buf_fd(dmabuf, O_CLOEXEC); + if (fd < 0) + goto err; + return fd; +err: + dma_buf_put(dmabuf); + return fd; +} + static long tee_ioctl(struct file *filp, unsigned int cmd, unsigned long a= rg) { struct tee_context *ctx =3D filp->private_data; @@ -839,6 +872,8 @@ static long tee_ioctl(struct file *filp, unsigned int c= md, unsigned long arg) return tee_ioctl_supp_recv(ctx, uarg); case TEE_IOC_SUPPL_SEND: return tee_ioctl_supp_send(ctx, uarg); + case TEE_IOC_RSTMEM_ALLOC: + return tee_ioctl_rstmem_alloc(ctx, uarg); default: return -EINVAL; } diff --git a/drivers/tee/tee_private.h b/drivers/tee/tee_private.h index 9bc50605227c..bf97796909c0 100644 --- a/drivers/tee/tee_private.h +++ b/drivers/tee/tee_private.h @@ -23,5 +23,7 @@ void teedev_ctx_put(struct tee_context *ctx); struct tee_shm *tee_shm_alloc_user_buf(struct tee_context *ctx, size_t siz= e); struct tee_shm *tee_shm_register_user_buf(struct tee_context *ctx, unsigned long addr, size_t length); +struct dma_buf *tee_rstmem_alloc(struct tee_context *ctx, u32 flags, + u32 use_case, size_t size, int *shm_id); =20 #endif /*TEE_PRIVATE_H*/ diff --git a/drivers/tee/tee_rstmem.c b/drivers/tee/tee_rstmem.c new file mode 100644 index 000000000000..536bca2901e2 --- /dev/null +++ b/drivers/tee/tee_rstmem.c @@ -0,0 +1,201 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* + * Copyright (c) 2024 Linaro Limited + */ +#include +#include +#include +#include +#include +#include +#include "tee_private.h" + +struct tee_rstmem_attachment { + struct sg_table table; + struct device *dev; +}; + +static int rstmem_dma_attach(struct dma_buf *dmabuf, + struct dma_buf_attachment *attachment) +{ + struct tee_shm *shm =3D dmabuf->priv; + struct tee_rstmem_attachment *a; + int rc; + + a =3D kzalloc(sizeof(*a), GFP_KERNEL); + if (!a) + return -ENOMEM; + + if (shm->pages) { + rc =3D sg_alloc_table_from_pages(&a->table, shm->pages, + shm->num_pages, 0, + shm->num_pages * PAGE_SIZE, + GFP_KERNEL); + if (rc) + goto err; + } else { + rc =3D sg_alloc_table(&a->table, 1, GFP_KERNEL); + if (rc) + goto err; + sg_set_page(a->table.sgl, phys_to_page(shm->paddr), shm->size, + 0); + } + + a->dev =3D attachment->dev; + attachment->priv =3D a; + + return 0; +err: + kfree(a); + return rc; +} + +static void rstmem_dma_detach(struct dma_buf *dmabuf, + struct dma_buf_attachment *attachment) +{ + struct tee_rstmem_attachment *a =3D attachment->priv; + + sg_free_table(&a->table); + kfree(a); +} + +static struct sg_table * +rstmem_dma_map_dma_buf(struct dma_buf_attachment *attachment, + enum dma_data_direction direction) +{ + struct tee_rstmem_attachment *a =3D attachment->priv; + int ret; + + ret =3D dma_map_sgtable(attachment->dev, &a->table, direction, + DMA_ATTR_SKIP_CPU_SYNC); + if (ret) + return ERR_PTR(ret); + + return &a->table; +} + +static void rstmem_dma_unmap_dma_buf(struct dma_buf_attachment *attachment, + struct sg_table *table, + enum dma_data_direction direction) +{ + struct tee_rstmem_attachment *a =3D attachment->priv; + + WARN_ON(&a->table !=3D table); + + dma_unmap_sgtable(attachment->dev, table, direction, + DMA_ATTR_SKIP_CPU_SYNC); +} + +static int rstmem_dma_buf_begin_cpu_access(struct dma_buf *dmabuf, + enum dma_data_direction direction) +{ + return -EPERM; +} + +static int rstmem_dma_buf_end_cpu_access(struct dma_buf *dmabuf, + enum dma_data_direction direction) +{ + return -EPERM; +} + +static int rstmem_dma_buf_mmap(struct dma_buf *dmabuf, + struct vm_area_struct *vma) +{ + return -EPERM; +} + +static void rstmem_dma_buf_free(struct dma_buf *dmabuf) +{ + struct tee_shm *shm =3D dmabuf->priv; + + tee_shm_put(shm); +} + +static const struct dma_buf_ops rstmem_generic_buf_ops =3D { + .attach =3D rstmem_dma_attach, + .detach =3D rstmem_dma_detach, + .map_dma_buf =3D rstmem_dma_map_dma_buf, + .unmap_dma_buf =3D rstmem_dma_unmap_dma_buf, + .begin_cpu_access =3D rstmem_dma_buf_begin_cpu_access, + .end_cpu_access =3D rstmem_dma_buf_end_cpu_access, + .mmap =3D rstmem_dma_buf_mmap, + .release =3D rstmem_dma_buf_free, +}; + +struct dma_buf *tee_rstmem_alloc(struct tee_context *ctx, u32 flags, + u32 use_case, size_t size, int *shm_id) +{ + struct tee_device *teedev =3D ctx->teedev; + DEFINE_DMA_BUF_EXPORT_INFO(exp_info); + struct dma_buf *dmabuf; + struct tee_shm *shm; + void *ret; + int rc; + + if (!tee_device_get(teedev)) + return ERR_PTR(-EINVAL); + + if (!teedev->desc->ops->rstmem_alloc || + !teedev->desc->ops->rstmem_free) { + dmabuf =3D ERR_PTR(-EINVAL); + goto err; + } + + shm =3D kzalloc(sizeof(*shm), GFP_KERNEL); + if (!shm) { + dmabuf =3D ERR_PTR(-ENOMEM); + goto err; + } + + refcount_set(&shm->refcount, 1); + shm->flags =3D TEE_SHM_RESTRICTED; + shm->use_case =3D use_case; + shm->ctx =3D ctx; + + mutex_lock(&teedev->mutex); + shm->id =3D idr_alloc(&teedev->idr, NULL, 1, 0, GFP_KERNEL); + mutex_unlock(&teedev->mutex); + if (shm->id < 0) { + dmabuf =3D ERR_PTR(shm->id); + goto err_kfree; + } + + rc =3D teedev->desc->ops->rstmem_alloc(ctx, shm, flags, use_case, size); + if (rc) { + dmabuf =3D ERR_PTR(rc); + goto err_idr_remove; + } + + mutex_lock(&teedev->mutex); + ret =3D idr_replace(&teedev->idr, shm, shm->id); + mutex_unlock(&teedev->mutex); + if (IS_ERR(ret)) { + dmabuf =3D ret; + goto err_rstmem_free; + } + teedev_ctx_get(ctx); + + exp_info.ops =3D &rstmem_generic_buf_ops; + exp_info.size =3D shm->size; + exp_info.priv =3D shm; + dmabuf =3D dma_buf_export(&exp_info); + if (IS_ERR(dmabuf)) { + tee_shm_put(shm); + return dmabuf; + } + + *shm_id =3D shm->id; + return dmabuf; + +err_rstmem_free: + teedev->desc->ops->rstmem_free(ctx, shm); +err_idr_remove: + mutex_lock(&teedev->mutex); + idr_remove(&teedev->idr, shm->id); + mutex_unlock(&teedev->mutex); +err_kfree: + kfree(shm); +err: + tee_device_put(teedev); + return dmabuf; +} diff --git a/drivers/tee/tee_shm.c b/drivers/tee/tee_shm.c index daf6e5cfd59a..416f7f25d885 100644 --- a/drivers/tee/tee_shm.c +++ b/drivers/tee/tee_shm.c @@ -55,6 +55,8 @@ static void tee_shm_release(struct tee_device *teedev, st= ruct tee_shm *shm) "unregister shm %p failed: %d", shm, rc); =20 release_registered_pages(shm); + } else if (shm->flags & TEE_SHM_RESTRICTED) { + teedev->desc->ops->rstmem_free(shm->ctx, shm); } =20 teedev_ctx_put(shm->ctx); diff --git a/drivers/tee/tee_shm_pool.c b/drivers/tee/tee_shm_pool.c index 80004b55628d..ee57ef157a77 100644 --- a/drivers/tee/tee_shm_pool.c +++ b/drivers/tee/tee_shm_pool.c @@ -1,9 +1,8 @@ // SPDX-License-Identifier: GPL-2.0-only /* - * Copyright (c) 2015, 2017, 2022 Linaro Limited + * Copyright (c) 2015, 2017, 2022, 2024 Linaro Limited */ #include -#include #include #include #include @@ -90,3 +89,69 @@ struct tee_shm_pool *tee_shm_pool_alloc_res_mem(unsigned= long vaddr, return ERR_PTR(rc); } EXPORT_SYMBOL_GPL(tee_shm_pool_alloc_res_mem); + +static int rstmem_pool_op_gen_alloc(struct tee_shm_pool *pool, + struct tee_shm *shm, size_t size, + size_t align) +{ + size_t sz =3D ALIGN(size, PAGE_SIZE); + phys_addr_t pa; + + pa =3D gen_pool_alloc(pool->private_data, sz); + if (!pa) + return -ENOMEM; + + shm->size =3D sz; + shm->paddr =3D pa; + + return 0; +} + +static void rstmem_pool_op_gen_free(struct tee_shm_pool *pool, + struct tee_shm *shm) +{ + gen_pool_free(pool->private_data, shm->paddr, shm->size); + shm->paddr =3D 0; +} + +static struct tee_shm_pool_ops rstmem_pool_ops_generic =3D { + .alloc =3D rstmem_pool_op_gen_alloc, + .free =3D rstmem_pool_op_gen_free, + .destroy_pool =3D pool_op_gen_destroy_pool, +}; + +struct tee_shm_pool *tee_rstmem_gen_pool_alloc(phys_addr_t paddr, size_t s= ize) +{ + const size_t page_mask =3D PAGE_SIZE - 1; + struct tee_shm_pool *pool; + int rc; + + /* Check it's page aligned */ + if ((paddr | size) & page_mask) + return ERR_PTR(-EINVAL); + + pool =3D kzalloc(sizeof(*pool), GFP_KERNEL); + if (!pool) + return ERR_PTR(-ENOMEM); + + pool->private_data =3D gen_pool_create(PAGE_SHIFT, -1); + if (!pool->private_data) { + rc =3D -ENOMEM; + goto err_free; + } + + rc =3D gen_pool_add(pool->private_data, paddr, size, -1); + if (rc) + goto err_free_pool; + + pool->ops =3D &rstmem_pool_ops_generic; + return pool; + +err_free_pool: + gen_pool_destroy(pool->private_data); +err_free: + kfree(pool); + + return ERR_PTR(rc); +} +EXPORT_SYMBOL_GPL(tee_rstmem_gen_pool_alloc); diff --git a/include/linux/tee_core.h b/include/linux/tee_core.h index a38494d6b5f4..608302f494fe 100644 --- a/include/linux/tee_core.h +++ b/include/linux/tee_core.h @@ -26,6 +26,7 @@ #define TEE_SHM_USER_MAPPED BIT(1) /* Memory mapped in user space */ #define TEE_SHM_POOL BIT(2) /* Memory allocated from pool */ #define TEE_SHM_PRIV BIT(3) /* Memory private to TEE driver */ +#define TEE_SHM_RESTRICTED BIT(4) /* Restricted memory */ =20 #define TEE_DEVICE_FLAG_REGISTERED 0x1 #define TEE_MAX_DEV_NAME_LEN 32 @@ -76,6 +77,8 @@ struct tee_device { * @supp_send: called for supplicant to send a response * @shm_register: register shared memory buffer in TEE * @shm_unregister: unregister shared memory buffer in TEE + * @rstmem_alloc: allocate restricted memory + * @rstmem_free: free restricted memory */ struct tee_driver_ops { void (*get_version)(struct tee_device *teedev, @@ -99,6 +102,9 @@ struct tee_driver_ops { struct page **pages, size_t num_pages, unsigned long start); int (*shm_unregister)(struct tee_context *ctx, struct tee_shm *shm); + int (*rstmem_alloc)(struct tee_context *ctx, struct tee_shm *shm, + u32 flags, u32 use_case, size_t size); + void (*rstmem_free)(struct tee_context *ctx, struct tee_shm *shm); }; =20 /** @@ -229,6 +235,15 @@ static inline void tee_shm_pool_free(struct tee_shm_po= ol *pool) pool->ops->destroy_pool(pool); } =20 +/** + * tee_rstmem_gen_pool_alloc() - Create a restricted memory manager + * @paddr: Physical address of start of pool + * @size: Size in bytes of the pool + * + * @returns pointer to a 'struct tee_shm_pool' or an ERR_PTR on failure. + */ +struct tee_shm_pool *tee_rstmem_gen_pool_alloc(phys_addr_t paddr, size_t s= ize); + /** * tee_get_drvdata() - Return driver_data pointer * @returns the driver_data pointer supplied to tee_register(). diff --git a/include/linux/tee_drv.h b/include/linux/tee_drv.h index a54c203000ed..b7ee346e5e44 100644 --- a/include/linux/tee_drv.h +++ b/include/linux/tee_drv.h @@ -55,6 +55,7 @@ struct tee_context { * @pages: locked pages from userspace * @num_pages: number of locked pages * @refcount: reference counter + * @use_case: defined by TEE_IOC_UC_* in tee.h * @flags: defined by TEE_SHM_* in tee_core.h * @id: unique id of a shared memory object on this device, shared * with user space @@ -71,7 +72,8 @@ struct tee_shm { struct page **pages; size_t num_pages; refcount_t refcount; - u32 flags; + u16 use_case; + u16 flags; int id; u64 sec_world_id; }; diff --git a/include/uapi/linux/tee.h b/include/uapi/linux/tee.h index d0430bee8292..cdc8c82c9a38 100644 --- a/include/uapi/linux/tee.h +++ b/include/uapi/linux/tee.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2016, Linaro Limited + * Copyright (c) 2015-2017, 2020, 2024, Linaro Limited * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -48,6 +48,7 @@ #define TEE_GEN_CAP_PRIVILEGED (1 << 1)/* Privileged device (for supplican= t) */ #define TEE_GEN_CAP_REG_MEM (1 << 2)/* Supports registering shared memory = */ #define TEE_GEN_CAP_MEMREF_NULL (1 << 3)/* NULL MemRef support */ +#define TEE_GEN_CAP_RSTMEM (1 << 4)/* Supports restricted memory */ =20 #define TEE_MEMREF_NULL (__u64)(-1) /* NULL MemRef Buffer */ =20 @@ -389,6 +390,40 @@ struct tee_ioctl_shm_register_data { */ #define TEE_IOC_SHM_REGISTER _IOWR(TEE_IOC_MAGIC, TEE_IOC_BASE + 9, \ struct tee_ioctl_shm_register_data) + +#define TEE_IOC_UC_RESERVED 0 +#define TEE_IOC_UC_SECURE_VIDEO_PLAY 1 +#define TEE_IOC_UC_TRUSTED_UI 2 +#define TEE_IOC_UC_SECURE_VIDEO_RECORD 3 + +/** + * struct tee_ioctl_rstmem_alloc_data - Restricted memory allocate argument + * @size: [in/out] Size of restricted memory to allocate + * @flags: [in/out] Flags to/from allocate + * @use_case [in] Restricted memory use case, TEE_IOC_UC_* + * @id: [out] Identifier of the restricted memory + */ +struct tee_ioctl_rstmem_alloc_data { + __u64 size; + __u32 flags; + __u32 use_case; + __s32 id; +}; + +/** + * TEE_IOC_RSTMEM_ALLOC - allocate restricted memory + * + * Allocates restricted physically memory normally not accessible by the + * kernel. + * + * Returns a file descriptor on success or < 0 on failure + * + * The returned file descriptor is a dma-buf that can be attached and + * mapped for device with permission to access the physical memory. + */ +#define TEE_IOC_RSTMEM_ALLOC _IOWR(TEE_IOC_MAGIC, TEE_IOC_BASE + 10, \ + struct tee_ioctl_rstmem_alloc_data) + /* * Five syscalls are used when communicating with the TEE driver. * open(): opens the device associated with the driver --=20 2.43.0