| /* |
| * QTI Secure Execution Environment Communicator (QSEECOM) driver |
| * |
| * Copyright (c) 2012-2019, The Linux Foundation. All rights reserved. |
| * |
| * This program is free software; you can redistribute it and/or modify |
| * it under the terms of the GNU General Public License version 2 and |
| * only version 2 as published by the Free Software Foundation. |
| * |
| * This program is distributed in the hope that it will be useful, |
| * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| * GNU General Public License for more details. |
| */ |
| |
| #define pr_fmt(fmt) "QSEECOM: %s: " fmt, __func__ |
| |
| #include <linux/kernel.h> |
| #include <linux/slab.h> |
| #include <linux/module.h> |
| #include <linux/fs.h> |
| #include <linux/platform_device.h> |
| #include <linux/debugfs.h> |
| #include <linux/cdev.h> |
| #include <linux/uaccess.h> |
| #include <linux/sched.h> |
| #include <linux/list.h> |
| #include <linux/mutex.h> |
| #include <linux/io.h> |
| #include <linux/msm_ion.h> |
| #include <linux/types.h> |
| #include <linux/clk.h> |
| #include <linux/qseecom.h> |
| #include <linux/elf.h> |
| #include <linux/firmware.h> |
| #include <linux/freezer.h> |
| #include <linux/scatterlist.h> |
| #include <linux/regulator/consumer.h> |
| #include <linux/dma-mapping.h> |
| #include <soc/qcom/subsystem_restart.h> |
| #include <soc/qcom/scm.h> |
| #include <soc/qcom/socinfo.h> |
| #include <linux/msm-bus.h> |
| #include <linux/msm-bus-board.h> |
| #include <soc/qcom/qseecomi.h> |
| #include <asm/cacheflush.h> |
| #include "qseecom_kernel.h" |
| #include <crypto/ice.h> |
| #include <linux/delay.h> |
| |
| #include <linux/compat.h> |
| #include "compat_qseecom.h" |
| #include <linux/kthread.h> |
| |
| #define QSEECOM_DEV "qseecom" |
| #define QSEOS_VERSION_14 0x14 |
| #define QSEEE_VERSION_00 0x400000 |
| #define QSEE_VERSION_01 0x401000 |
| #define QSEE_VERSION_02 0x402000 |
| #define QSEE_VERSION_03 0x403000 |
| #define QSEE_VERSION_04 0x404000 |
| #define QSEE_VERSION_05 0x405000 |
| #define QSEE_VERSION_20 0x800000 |
| #define QSEE_VERSION_40 0x1000000 /* TZ.BF.4.0 */ |
| |
| #define QSEE_CE_CLK_100MHZ 100000000 |
| #define CE_CLK_DIV 1000000 |
| |
| #define QSEECOM_MAX_SG_ENTRY 512 |
| #define QSEECOM_SG_ENTRY_MSG_BUF_SZ_64BIT \ |
| (QSEECOM_MAX_SG_ENTRY * SG_ENTRY_SZ_64BIT) |
| |
| #define QSEECOM_INVALID_KEY_ID 0xff |
| |
| /* Save partition image hash for authentication check */ |
| #define SCM_SAVE_PARTITION_HASH_ID 0x01 |
| |
| /* Check if enterprise security is activate */ |
| #define SCM_IS_ACTIVATED_ID 0x02 |
| |
| /* Encrypt/Decrypt Data Integrity Partition (DIP) for MDTP */ |
| #define SCM_MDTP_CIPHER_DIP 0x01 |
| |
| /* Maximum Allowed Size (128K) of Data Integrity Partition (DIP) for MDTP */ |
| #define MAX_DIP 0x20000 |
| |
| #define RPMB_SERVICE 0x2000 |
| #define SSD_SERVICE 0x3000 |
| |
| #define QSEECOM_SEND_CMD_CRYPTO_TIMEOUT 2000 |
| #define QSEECOM_LOAD_APP_CRYPTO_TIMEOUT 2000 |
| #define TWO 2 |
| #define QSEECOM_UFS_ICE_CE_NUM 10 |
| #define QSEECOM_SDCC_ICE_CE_NUM 20 |
| #define QSEECOM_ICE_FDE_KEY_INDEX 0 |
| |
| #define PHY_ADDR_4G (1ULL<<32) |
| |
| #define QSEECOM_STATE_NOT_READY 0 |
| #define QSEECOM_STATE_SUSPEND 1 |
| #define QSEECOM_STATE_READY 2 |
| #define QSEECOM_ICE_FDE_KEY_SIZE_MASK 2 |
| |
| /* |
| * default ce info unit to 0 for |
| * services which |
| * support only single instance. |
| * Most of services are in this category. |
| */ |
| #define DEFAULT_CE_INFO_UNIT 0 |
| #define DEFAULT_NUM_CE_INFO_UNIT 1 |
| |
| enum qseecom_clk_definitions { |
| CLK_DFAB = 0, |
| CLK_SFPB, |
| }; |
| |
| enum qseecom_ice_key_size_type { |
| QSEECOM_ICE_FDE_KEY_SIZE_16_BYTE = |
| (0 << QSEECOM_ICE_FDE_KEY_SIZE_MASK), |
| QSEECOM_ICE_FDE_KEY_SIZE_32_BYTE = |
| (1 << QSEECOM_ICE_FDE_KEY_SIZE_MASK), |
| QSEE_ICE_FDE_KEY_SIZE_UNDEFINED = |
| (0xF << QSEECOM_ICE_FDE_KEY_SIZE_MASK), |
| }; |
| |
| enum qseecom_client_handle_type { |
| QSEECOM_CLIENT_APP = 1, |
| QSEECOM_LISTENER_SERVICE, |
| QSEECOM_SECURE_SERVICE, |
| QSEECOM_GENERIC, |
| QSEECOM_UNAVAILABLE_CLIENT_APP, |
| }; |
| |
| enum qseecom_ce_hw_instance { |
| CLK_QSEE = 0, |
| CLK_CE_DRV, |
| CLK_INVALID, |
| }; |
| |
| enum qseecom_listener_unregister_kthread_state { |
| LSNR_UNREG_KT_SLEEP = 0, |
| LSNR_UNREG_KT_WAKEUP, |
| }; |
| |
| static struct class *driver_class; |
| static dev_t qseecom_device_no; |
| |
| static DEFINE_MUTEX(qsee_bw_mutex); |
| static DEFINE_MUTEX(app_access_lock); |
| static DEFINE_MUTEX(clk_access_lock); |
| static DEFINE_MUTEX(listener_access_lock); |
| |
| |
| struct sglist_info { |
| uint32_t indexAndFlags; |
| uint32_t sizeOrCount; |
| }; |
| |
| /* |
| * The 31th bit indicates only one or multiple physical address inside |
| * the request buffer. If it is set, the index locates a single physical addr |
| * inside the request buffer, and `sizeOrCount` is the size of the memory being |
| * shared at that physical address. |
| * Otherwise, the index locates an array of {start, len} pairs (a |
| * "scatter/gather list"), and `sizeOrCount` gives the number of entries in |
| * that array. |
| * |
| * The 30th bit indicates 64 or 32bit address; when it is set, physical addr |
| * and scatter gather entry sizes are 64-bit values. Otherwise, 32-bit values. |
| * |
| * The bits [0:29] of `indexAndFlags` hold an offset into the request buffer. |
| */ |
| #define SGLISTINFO_SET_INDEX_FLAG(c, s, i) \ |
| ((uint32_t)(((c & 1) << 31) | ((s & 1) << 30) | (i & 0x3fffffff))) |
| |
| #define SGLISTINFO_TABLE_SIZE (sizeof(struct sglist_info) * MAX_ION_FD) |
| |
| #define FEATURE_ID_WHITELIST 15 /*whitelist feature id*/ |
| |
| #define MAKE_WHITELIST_VERSION(major, minor, patch) \ |
| (((major & 0x3FF) << 22) | ((minor & 0x3FF) << 12) | (patch & 0xFFF)) |
| |
| struct qseecom_registered_listener_list { |
| struct list_head list; |
| struct qseecom_register_listener_req svc; |
| void *user_virt_sb_base; |
| u8 *sb_virt; |
| phys_addr_t sb_phys; |
| size_t sb_length; |
| struct ion_handle *ihandle; /* Retrieve phy addr */ |
| wait_queue_head_t rcv_req_wq; |
| /* rcv_req_flag: 0: ready and empty; 1: received req */ |
| int rcv_req_flag; |
| int send_resp_flag; |
| bool listener_in_use; |
| /* wq for thread blocked on this listener*/ |
| wait_queue_head_t listener_block_app_wq; |
| struct sglist_info sglistinfo_ptr[MAX_ION_FD]; |
| uint32_t sglist_cnt; |
| int abort; |
| bool unregister_pending; |
| }; |
| |
| struct qseecom_unregister_pending_list { |
| struct list_head list; |
| struct qseecom_dev_handle *data; |
| }; |
| |
| struct qseecom_registered_app_list { |
| struct list_head list; |
| u32 app_id; |
| u32 ref_cnt; |
| char app_name[MAX_APP_NAME_SIZE]; |
| u32 app_arch; |
| bool app_blocked; |
| u32 check_block; |
| u32 blocked_on_listener_id; |
| }; |
| |
| struct qseecom_registered_kclient_list { |
| struct list_head list; |
| struct qseecom_handle *handle; |
| }; |
| |
| struct qseecom_ce_info_use { |
| unsigned char handle[MAX_CE_INFO_HANDLE_SIZE]; |
| unsigned int unit_num; |
| unsigned int num_ce_pipe_entries; |
| struct qseecom_ce_pipe_entry *ce_pipe_entry; |
| bool alloc; |
| uint32_t type; |
| }; |
| |
| struct ce_hw_usage_info { |
| uint32_t qsee_ce_hw_instance; |
| uint32_t num_fde; |
| struct qseecom_ce_info_use *fde; |
| uint32_t num_pfe; |
| struct qseecom_ce_info_use *pfe; |
| }; |
| |
| struct qseecom_clk { |
| enum qseecom_ce_hw_instance instance; |
| struct clk *ce_core_clk; |
| struct clk *ce_clk; |
| struct clk *ce_core_src_clk; |
| struct clk *ce_bus_clk; |
| uint32_t clk_access_cnt; |
| }; |
| |
| struct qseecom_control { |
| struct ion_client *ion_clnt; /* Ion client */ |
| struct list_head registered_listener_list_head; |
| |
| struct list_head registered_app_list_head; |
| spinlock_t registered_app_list_lock; |
| |
| struct list_head registered_kclient_list_head; |
| spinlock_t registered_kclient_list_lock; |
| |
| wait_queue_head_t send_resp_wq; |
| int send_resp_flag; |
| |
| uint32_t qseos_version; |
| uint32_t qsee_version; |
| struct device *pdev; |
| bool whitelist_support; |
| bool commonlib_loaded; |
| bool commonlib64_loaded; |
| struct ce_hw_usage_info ce_info; |
| |
| int qsee_bw_count; |
| int qsee_sfpb_bw_count; |
| |
| uint32_t qsee_perf_client; |
| struct qseecom_clk qsee; |
| struct qseecom_clk ce_drv; |
| |
| bool support_bus_scaling; |
| bool support_fde; |
| bool support_pfe; |
| bool fde_key_size; |
| uint32_t cumulative_mode; |
| enum qseecom_bandwidth_request_mode current_mode; |
| struct timer_list bw_scale_down_timer; |
| struct work_struct bw_inactive_req_ws; |
| struct cdev cdev; |
| bool timer_running; |
| bool no_clock_support; |
| unsigned int ce_opp_freq_hz; |
| bool appsbl_qseecom_support; |
| uint32_t qsee_reentrancy_support; |
| |
| uint32_t app_block_ref_cnt; |
| wait_queue_head_t app_block_wq; |
| atomic_t qseecom_state; |
| int is_apps_region_protected; |
| bool smcinvoke_support; |
| |
| struct list_head unregister_lsnr_pending_list_head; |
| wait_queue_head_t register_lsnr_pending_wq; |
| struct task_struct *unregister_lsnr_kthread_task; |
| wait_queue_head_t unregister_lsnr_kthread_wq; |
| atomic_t unregister_lsnr_kthread_state; |
| }; |
| |
| struct qseecom_sec_buf_fd_info { |
| bool is_sec_buf_fd; |
| size_t size; |
| void *vbase; |
| dma_addr_t pbase; |
| }; |
| |
| struct qseecom_param_memref { |
| uint32_t buffer; |
| uint32_t size; |
| }; |
| |
| struct qseecom_client_handle { |
| u32 app_id; |
| u8 *sb_virt; |
| phys_addr_t sb_phys; |
| unsigned long user_virt_sb_base; |
| size_t sb_length; |
| struct ion_handle *ihandle; /* Retrieve phy addr */ |
| char app_name[MAX_APP_NAME_SIZE]; |
| u32 app_arch; |
| struct qseecom_sec_buf_fd_info sec_buf_fd[MAX_ION_FD]; |
| }; |
| |
| struct qseecom_listener_handle { |
| u32 id; |
| bool unregister_pending; |
| bool release_called; |
| }; |
| |
| static struct qseecom_control qseecom; |
| |
| struct qseecom_dev_handle { |
| enum qseecom_client_handle_type type; |
| union { |
| struct qseecom_client_handle client; |
| struct qseecom_listener_handle listener; |
| }; |
| bool released; |
| int abort; |
| wait_queue_head_t abort_wq; |
| atomic_t ioctl_count; |
| bool perf_enabled; |
| bool fast_load_enabled; |
| enum qseecom_bandwidth_request_mode mode; |
| struct sglist_info sglistinfo_ptr[MAX_ION_FD]; |
| uint32_t sglist_cnt; |
| bool use_legacy_cmd; |
| }; |
| |
| struct qseecom_key_id_usage_desc { |
| uint8_t desc[QSEECOM_KEY_ID_SIZE]; |
| }; |
| |
| struct qseecom_crypto_info { |
| unsigned int unit_num; |
| unsigned int ce; |
| unsigned int pipe_pair; |
| }; |
| |
| static struct qseecom_key_id_usage_desc key_id_array[] = { |
| { |
| .desc = "Undefined Usage Index", |
| }, |
| |
| { |
| .desc = "Full Disk Encryption", |
| }, |
| |
| { |
| .desc = "Per File Encryption", |
| }, |
| |
| { |
| .desc = "UFS ICE Full Disk Encryption", |
| }, |
| |
| { |
| .desc = "SDCC ICE Full Disk Encryption", |
| }, |
| }; |
| |
| /* Function proto types */ |
| static int qsee_vote_for_clock(struct qseecom_dev_handle *, int32_t); |
| static void qsee_disable_clock_vote(struct qseecom_dev_handle *, int32_t); |
| static int __qseecom_enable_clk(enum qseecom_ce_hw_instance ce); |
| static void __qseecom_disable_clk(enum qseecom_ce_hw_instance ce); |
| static int __qseecom_init_clk(enum qseecom_ce_hw_instance ce); |
| static int qseecom_load_commonlib_image(struct qseecom_dev_handle *data, |
| char *cmnlib_name); |
| static int qseecom_enable_ice_setup(int usage); |
| static int qseecom_disable_ice_setup(int usage); |
| static void __qseecom_reentrancy_check_if_no_app_blocked(uint32_t smc_id); |
| static int qseecom_get_ce_info(struct qseecom_dev_handle *data, |
| void __user *argp); |
| static int qseecom_free_ce_info(struct qseecom_dev_handle *data, |
| void __user *argp); |
| static int qseecom_query_ce_info(struct qseecom_dev_handle *data, |
| void __user *argp); |
| |
| static int get_qseecom_keymaster_status(char *str) |
| { |
| get_option(&str, &qseecom.is_apps_region_protected); |
| return 1; |
| } |
| __setup("androidboot.keymaster=", get_qseecom_keymaster_status); |
| |
| |
| #define QSEECOM_SCM_EBUSY_WAIT_MS 30 |
| #define QSEECOM_SCM_EBUSY_MAX_RETRY 67 |
| |
| static int __qseecom_scm_call2_locked(uint32_t smc_id, struct scm_desc *desc) |
| { |
| int ret = 0; |
| int retry_count = 0; |
| |
| do { |
| ret = scm_call2_noretry(smc_id, desc); |
| if (ret == -EBUSY) { |
| mutex_unlock(&app_access_lock); |
| msleep(QSEECOM_SCM_EBUSY_WAIT_MS); |
| mutex_lock(&app_access_lock); |
| } |
| if (retry_count == 33) |
| pr_warn("secure world has been busy for 1 second!\n"); |
| } while (ret == -EBUSY && |
| (retry_count++ < QSEECOM_SCM_EBUSY_MAX_RETRY)); |
| return ret; |
| } |
| |
| static int qseecom_scm_call2(uint32_t svc_id, uint32_t tz_cmd_id, |
| const void *req_buf, void *resp_buf) |
| { |
| int ret = 0; |
| uint32_t smc_id = 0; |
| uint32_t qseos_cmd_id = 0; |
| struct scm_desc desc = {0}; |
| struct qseecom_command_scm_resp *scm_resp = NULL; |
| |
| if (!req_buf || !resp_buf) { |
| pr_err("Invalid buffer pointer\n"); |
| return -EINVAL; |
| } |
| qseos_cmd_id = *(uint32_t *)req_buf; |
| scm_resp = (struct qseecom_command_scm_resp *)resp_buf; |
| |
| switch (svc_id) { |
| case 6: { |
| if (tz_cmd_id == 3) { |
| smc_id = TZ_INFO_GET_FEATURE_VERSION_ID; |
| desc.arginfo = TZ_INFO_GET_FEATURE_VERSION_ID_PARAM_ID; |
| desc.args[0] = *(uint32_t *)req_buf; |
| } else { |
| pr_err("Unsupported svc_id %d, tz_cmd_id %d\n", |
| svc_id, tz_cmd_id); |
| return -EINVAL; |
| } |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| break; |
| } |
| case SCM_SVC_ES: { |
| switch (tz_cmd_id) { |
| case SCM_SAVE_PARTITION_HASH_ID: { |
| u32 tzbuflen = PAGE_ALIGN(SHA256_DIGEST_LENGTH); |
| struct qseecom_save_partition_hash_req *p_hash_req = |
| (struct qseecom_save_partition_hash_req *) |
| req_buf; |
| char *tzbuf = kzalloc(tzbuflen, GFP_KERNEL); |
| |
| if (!tzbuf) |
| return -ENOMEM; |
| memset(tzbuf, 0, tzbuflen); |
| memcpy(tzbuf, p_hash_req->digest, |
| SHA256_DIGEST_LENGTH); |
| dmac_flush_range(tzbuf, tzbuf + tzbuflen); |
| smc_id = TZ_ES_SAVE_PARTITION_HASH_ID; |
| desc.arginfo = TZ_ES_SAVE_PARTITION_HASH_ID_PARAM_ID; |
| desc.args[0] = p_hash_req->partition_id; |
| desc.args[1] = virt_to_phys(tzbuf); |
| desc.args[2] = SHA256_DIGEST_LENGTH; |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| kzfree(tzbuf); |
| break; |
| } |
| default: { |
| pr_err("tz_cmd_id %d is not supported by scm_call2\n", |
| tz_cmd_id); |
| ret = -EINVAL; |
| break; |
| } |
| } /* end of switch (tz_cmd_id) */ |
| break; |
| } /* end of case SCM_SVC_ES */ |
| case SCM_SVC_TZSCHEDULER: { |
| switch (qseos_cmd_id) { |
| case QSEOS_APP_START_COMMAND: { |
| struct qseecom_load_app_ireq *req; |
| struct qseecom_load_app_64bit_ireq *req_64bit; |
| |
| smc_id = TZ_OS_APP_START_ID; |
| desc.arginfo = TZ_OS_APP_START_ID_PARAM_ID; |
| if (qseecom.qsee_version < QSEE_VERSION_40) { |
| req = (struct qseecom_load_app_ireq *)req_buf; |
| desc.args[0] = req->mdt_len; |
| desc.args[1] = req->img_len; |
| desc.args[2] = req->phy_addr; |
| } else { |
| req_64bit = |
| (struct qseecom_load_app_64bit_ireq *) |
| req_buf; |
| desc.args[0] = req_64bit->mdt_len; |
| desc.args[1] = req_64bit->img_len; |
| desc.args[2] = req_64bit->phy_addr; |
| } |
| __qseecom_reentrancy_check_if_no_app_blocked(smc_id); |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| break; |
| } |
| case QSEOS_APP_SHUTDOWN_COMMAND: { |
| struct qseecom_unload_app_ireq *req; |
| |
| req = (struct qseecom_unload_app_ireq *)req_buf; |
| smc_id = TZ_OS_APP_SHUTDOWN_ID; |
| desc.arginfo = TZ_OS_APP_SHUTDOWN_ID_PARAM_ID; |
| desc.args[0] = req->app_id; |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| break; |
| } |
| case QSEOS_APP_LOOKUP_COMMAND: { |
| struct qseecom_check_app_ireq *req; |
| u32 tzbuflen = PAGE_ALIGN(sizeof(req->app_name)); |
| char *tzbuf = kzalloc(tzbuflen, GFP_KERNEL); |
| |
| if (!tzbuf) |
| return -ENOMEM; |
| req = (struct qseecom_check_app_ireq *)req_buf; |
| pr_debug("Lookup app_name = %s\n", req->app_name); |
| strlcpy(tzbuf, req->app_name, sizeof(req->app_name)); |
| dmac_flush_range(tzbuf, tzbuf + tzbuflen); |
| smc_id = TZ_OS_APP_LOOKUP_ID; |
| desc.arginfo = TZ_OS_APP_LOOKUP_ID_PARAM_ID; |
| desc.args[0] = virt_to_phys(tzbuf); |
| desc.args[1] = strlen(req->app_name); |
| __qseecom_reentrancy_check_if_no_app_blocked(smc_id); |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| kzfree(tzbuf); |
| break; |
| } |
| case QSEOS_APP_REGION_NOTIFICATION: { |
| struct qsee_apps_region_info_ireq *req; |
| struct qsee_apps_region_info_64bit_ireq *req_64bit; |
| |
| smc_id = TZ_OS_APP_REGION_NOTIFICATION_ID; |
| desc.arginfo = |
| TZ_OS_APP_REGION_NOTIFICATION_ID_PARAM_ID; |
| if (qseecom.qsee_version < QSEE_VERSION_40) { |
| req = (struct qsee_apps_region_info_ireq *) |
| req_buf; |
| desc.args[0] = req->addr; |
| desc.args[1] = req->size; |
| } else { |
| req_64bit = |
| (struct qsee_apps_region_info_64bit_ireq *) |
| req_buf; |
| desc.args[0] = req_64bit->addr; |
| desc.args[1] = req_64bit->size; |
| } |
| __qseecom_reentrancy_check_if_no_app_blocked(smc_id); |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| break; |
| } |
| case QSEOS_LOAD_SERV_IMAGE_COMMAND: { |
| struct qseecom_load_lib_image_ireq *req; |
| struct qseecom_load_lib_image_64bit_ireq *req_64bit; |
| |
| smc_id = TZ_OS_LOAD_SERVICES_IMAGE_ID; |
| desc.arginfo = TZ_OS_LOAD_SERVICES_IMAGE_ID_PARAM_ID; |
| if (qseecom.qsee_version < QSEE_VERSION_40) { |
| req = (struct qseecom_load_lib_image_ireq *) |
| req_buf; |
| desc.args[0] = req->mdt_len; |
| desc.args[1] = req->img_len; |
| desc.args[2] = req->phy_addr; |
| } else { |
| req_64bit = |
| (struct qseecom_load_lib_image_64bit_ireq *) |
| req_buf; |
| desc.args[0] = req_64bit->mdt_len; |
| desc.args[1] = req_64bit->img_len; |
| desc.args[2] = req_64bit->phy_addr; |
| } |
| __qseecom_reentrancy_check_if_no_app_blocked(smc_id); |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| break; |
| } |
| case QSEOS_UNLOAD_SERV_IMAGE_COMMAND: { |
| smc_id = TZ_OS_UNLOAD_SERVICES_IMAGE_ID; |
| desc.arginfo = TZ_OS_UNLOAD_SERVICES_IMAGE_ID_PARAM_ID; |
| __qseecom_reentrancy_check_if_no_app_blocked(smc_id); |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| break; |
| } |
| case QSEOS_REGISTER_LISTENER: { |
| struct qseecom_register_listener_ireq *req; |
| struct qseecom_register_listener_64bit_ireq *req_64bit; |
| |
| desc.arginfo = |
| TZ_OS_REGISTER_LISTENER_ID_PARAM_ID; |
| if (qseecom.qsee_version < QSEE_VERSION_40) { |
| req = (struct qseecom_register_listener_ireq *) |
| req_buf; |
| desc.args[0] = req->listener_id; |
| desc.args[1] = req->sb_ptr; |
| desc.args[2] = req->sb_len; |
| } else { |
| req_64bit = |
| (struct qseecom_register_listener_64bit_ireq *) |
| req_buf; |
| desc.args[0] = req_64bit->listener_id; |
| desc.args[1] = req_64bit->sb_ptr; |
| desc.args[2] = req_64bit->sb_len; |
| } |
| qseecom.smcinvoke_support = true; |
| smc_id = TZ_OS_REGISTER_LISTENER_SMCINVOKE_ID; |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| if (ret == -EIO) { |
| /* smcinvoke is not supported */ |
| qseecom.smcinvoke_support = false; |
| smc_id = TZ_OS_REGISTER_LISTENER_ID; |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| } |
| break; |
| } |
| case QSEOS_DEREGISTER_LISTENER: { |
| struct qseecom_unregister_listener_ireq *req; |
| |
| req = (struct qseecom_unregister_listener_ireq *) |
| req_buf; |
| smc_id = TZ_OS_DEREGISTER_LISTENER_ID; |
| desc.arginfo = TZ_OS_DEREGISTER_LISTENER_ID_PARAM_ID; |
| desc.args[0] = req->listener_id; |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| break; |
| } |
| case QSEOS_LISTENER_DATA_RSP_COMMAND: { |
| struct qseecom_client_listener_data_irsp *req; |
| |
| req = (struct qseecom_client_listener_data_irsp *) |
| req_buf; |
| smc_id = TZ_OS_LISTENER_RESPONSE_HANDLER_ID; |
| desc.arginfo = |
| TZ_OS_LISTENER_RESPONSE_HANDLER_ID_PARAM_ID; |
| desc.args[0] = req->listener_id; |
| desc.args[1] = req->status; |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| break; |
| } |
| case QSEOS_LISTENER_DATA_RSP_COMMAND_WHITELIST: { |
| struct qseecom_client_listener_data_irsp *req; |
| struct qseecom_client_listener_data_64bit_irsp *req_64; |
| |
| smc_id = |
| TZ_OS_LISTENER_RESPONSE_HANDLER_WITH_WHITELIST_ID; |
| desc.arginfo = |
| TZ_OS_LISTENER_RESPONSE_HANDLER_WITH_WHITELIST_PARAM_ID; |
| if (qseecom.qsee_version < QSEE_VERSION_40) { |
| req = |
| (struct qseecom_client_listener_data_irsp *) |
| req_buf; |
| desc.args[0] = req->listener_id; |
| desc.args[1] = req->status; |
| desc.args[2] = req->sglistinfo_ptr; |
| desc.args[3] = req->sglistinfo_len; |
| } else { |
| req_64 = |
| (struct qseecom_client_listener_data_64bit_irsp *) |
| req_buf; |
| desc.args[0] = req_64->listener_id; |
| desc.args[1] = req_64->status; |
| desc.args[2] = req_64->sglistinfo_ptr; |
| desc.args[3] = req_64->sglistinfo_len; |
| } |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| break; |
| } |
| case QSEOS_LOAD_EXTERNAL_ELF_COMMAND: { |
| struct qseecom_load_app_ireq *req; |
| struct qseecom_load_app_64bit_ireq *req_64bit; |
| |
| smc_id = TZ_OS_LOAD_EXTERNAL_IMAGE_ID; |
| desc.arginfo = TZ_OS_LOAD_SERVICES_IMAGE_ID_PARAM_ID; |
| if (qseecom.qsee_version < QSEE_VERSION_40) { |
| req = (struct qseecom_load_app_ireq *)req_buf; |
| desc.args[0] = req->mdt_len; |
| desc.args[1] = req->img_len; |
| desc.args[2] = req->phy_addr; |
| } else { |
| req_64bit = |
| (struct qseecom_load_app_64bit_ireq *)req_buf; |
| desc.args[0] = req_64bit->mdt_len; |
| desc.args[1] = req_64bit->img_len; |
| desc.args[2] = req_64bit->phy_addr; |
| } |
| __qseecom_reentrancy_check_if_no_app_blocked(smc_id); |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| break; |
| } |
| case QSEOS_UNLOAD_EXTERNAL_ELF_COMMAND: { |
| smc_id = TZ_OS_UNLOAD_EXTERNAL_IMAGE_ID; |
| desc.arginfo = TZ_OS_UNLOAD_SERVICES_IMAGE_ID_PARAM_ID; |
| __qseecom_reentrancy_check_if_no_app_blocked(smc_id); |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| break; |
| } |
| |
| case QSEOS_CLIENT_SEND_DATA_COMMAND: { |
| struct qseecom_client_send_data_ireq *req; |
| struct qseecom_client_send_data_64bit_ireq *req_64bit; |
| |
| smc_id = TZ_APP_QSAPP_SEND_DATA_ID; |
| desc.arginfo = TZ_APP_QSAPP_SEND_DATA_ID_PARAM_ID; |
| if (qseecom.qsee_version < QSEE_VERSION_40) { |
| req = (struct qseecom_client_send_data_ireq *) |
| req_buf; |
| desc.args[0] = req->app_id; |
| desc.args[1] = req->req_ptr; |
| desc.args[2] = req->req_len; |
| desc.args[3] = req->rsp_ptr; |
| desc.args[4] = req->rsp_len; |
| } else { |
| req_64bit = |
| (struct qseecom_client_send_data_64bit_ireq *) |
| req_buf; |
| desc.args[0] = req_64bit->app_id; |
| desc.args[1] = req_64bit->req_ptr; |
| desc.args[2] = req_64bit->req_len; |
| desc.args[3] = req_64bit->rsp_ptr; |
| desc.args[4] = req_64bit->rsp_len; |
| } |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| break; |
| } |
| case QSEOS_CLIENT_SEND_DATA_COMMAND_WHITELIST: { |
| struct qseecom_client_send_data_ireq *req; |
| struct qseecom_client_send_data_64bit_ireq *req_64bit; |
| |
| smc_id = TZ_APP_QSAPP_SEND_DATA_WITH_WHITELIST_ID; |
| desc.arginfo = |
| TZ_APP_QSAPP_SEND_DATA_WITH_WHITELIST_ID_PARAM_ID; |
| if (qseecom.qsee_version < QSEE_VERSION_40) { |
| req = (struct qseecom_client_send_data_ireq *) |
| req_buf; |
| desc.args[0] = req->app_id; |
| desc.args[1] = req->req_ptr; |
| desc.args[2] = req->req_len; |
| desc.args[3] = req->rsp_ptr; |
| desc.args[4] = req->rsp_len; |
| desc.args[5] = req->sglistinfo_ptr; |
| desc.args[6] = req->sglistinfo_len; |
| } else { |
| req_64bit = |
| (struct qseecom_client_send_data_64bit_ireq *) |
| req_buf; |
| desc.args[0] = req_64bit->app_id; |
| desc.args[1] = req_64bit->req_ptr; |
| desc.args[2] = req_64bit->req_len; |
| desc.args[3] = req_64bit->rsp_ptr; |
| desc.args[4] = req_64bit->rsp_len; |
| desc.args[5] = req_64bit->sglistinfo_ptr; |
| desc.args[6] = req_64bit->sglistinfo_len; |
| } |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| break; |
| } |
| case QSEOS_RPMB_PROVISION_KEY_COMMAND: { |
| struct qseecom_client_send_service_ireq *req; |
| |
| req = (struct qseecom_client_send_service_ireq *) |
| req_buf; |
| smc_id = TZ_OS_RPMB_PROVISION_KEY_ID; |
| desc.arginfo = TZ_OS_RPMB_PROVISION_KEY_ID_PARAM_ID; |
| desc.args[0] = req->key_type; |
| __qseecom_reentrancy_check_if_no_app_blocked(smc_id); |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| break; |
| } |
| case QSEOS_RPMB_ERASE_COMMAND: { |
| smc_id = TZ_OS_RPMB_ERASE_ID; |
| desc.arginfo = TZ_OS_RPMB_ERASE_ID_PARAM_ID; |
| __qseecom_reentrancy_check_if_no_app_blocked(smc_id); |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| break; |
| } |
| case QSEOS_RPMB_CHECK_PROV_STATUS_COMMAND: { |
| smc_id = TZ_OS_RPMB_CHECK_PROV_STATUS_ID; |
| desc.arginfo = TZ_OS_RPMB_CHECK_PROV_STATUS_ID_PARAM_ID; |
| __qseecom_reentrancy_check_if_no_app_blocked(smc_id); |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| break; |
| } |
| case QSEOS_GENERATE_KEY: { |
| u32 tzbuflen = PAGE_ALIGN(sizeof |
| (struct qseecom_key_generate_ireq) - |
| sizeof(uint32_t)); |
| char *tzbuf = kzalloc(tzbuflen, GFP_KERNEL); |
| |
| if (!tzbuf) |
| return -ENOMEM; |
| memset(tzbuf, 0, tzbuflen); |
| memcpy(tzbuf, req_buf + sizeof(uint32_t), |
| (sizeof(struct qseecom_key_generate_ireq) - |
| sizeof(uint32_t))); |
| dmac_flush_range(tzbuf, tzbuf + tzbuflen); |
| smc_id = TZ_OS_KS_GEN_KEY_ID; |
| desc.arginfo = TZ_OS_KS_GEN_KEY_ID_PARAM_ID; |
| desc.args[0] = virt_to_phys(tzbuf); |
| desc.args[1] = tzbuflen; |
| __qseecom_reentrancy_check_if_no_app_blocked(smc_id); |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| kzfree(tzbuf); |
| break; |
| } |
| case QSEOS_DELETE_KEY: { |
| u32 tzbuflen = PAGE_ALIGN(sizeof |
| (struct qseecom_key_delete_ireq) - |
| sizeof(uint32_t)); |
| char *tzbuf = kzalloc(tzbuflen, GFP_KERNEL); |
| |
| if (!tzbuf) |
| return -ENOMEM; |
| memset(tzbuf, 0, tzbuflen); |
| memcpy(tzbuf, req_buf + sizeof(uint32_t), |
| (sizeof(struct qseecom_key_delete_ireq) - |
| sizeof(uint32_t))); |
| dmac_flush_range(tzbuf, tzbuf + tzbuflen); |
| smc_id = TZ_OS_KS_DEL_KEY_ID; |
| desc.arginfo = TZ_OS_KS_DEL_KEY_ID_PARAM_ID; |
| desc.args[0] = virt_to_phys(tzbuf); |
| desc.args[1] = tzbuflen; |
| __qseecom_reentrancy_check_if_no_app_blocked(smc_id); |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| kzfree(tzbuf); |
| break; |
| } |
| case QSEOS_SET_KEY: { |
| u32 tzbuflen = PAGE_ALIGN(sizeof |
| (struct qseecom_key_select_ireq) - |
| sizeof(uint32_t)); |
| char *tzbuf = kzalloc(tzbuflen, GFP_KERNEL); |
| |
| if (!tzbuf) |
| return -ENOMEM; |
| memset(tzbuf, 0, tzbuflen); |
| memcpy(tzbuf, req_buf + sizeof(uint32_t), |
| (sizeof(struct qseecom_key_select_ireq) - |
| sizeof(uint32_t))); |
| dmac_flush_range(tzbuf, tzbuf + tzbuflen); |
| smc_id = TZ_OS_KS_SET_PIPE_KEY_ID; |
| desc.arginfo = TZ_OS_KS_SET_PIPE_KEY_ID_PARAM_ID; |
| desc.args[0] = virt_to_phys(tzbuf); |
| desc.args[1] = tzbuflen; |
| __qseecom_reentrancy_check_if_no_app_blocked(smc_id); |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| kzfree(tzbuf); |
| break; |
| } |
| case QSEOS_UPDATE_KEY_USERINFO: { |
| u32 tzbuflen = PAGE_ALIGN(sizeof |
| (struct qseecom_key_userinfo_update_ireq) - |
| sizeof(uint32_t)); |
| char *tzbuf = kzalloc(tzbuflen, GFP_KERNEL); |
| |
| if (!tzbuf) |
| return -ENOMEM; |
| memset(tzbuf, 0, tzbuflen); |
| memcpy(tzbuf, req_buf + sizeof(uint32_t), (sizeof |
| (struct qseecom_key_userinfo_update_ireq) - |
| sizeof(uint32_t))); |
| dmac_flush_range(tzbuf, tzbuf + tzbuflen); |
| smc_id = TZ_OS_KS_UPDATE_KEY_ID; |
| desc.arginfo = TZ_OS_KS_UPDATE_KEY_ID_PARAM_ID; |
| desc.args[0] = virt_to_phys(tzbuf); |
| desc.args[1] = tzbuflen; |
| __qseecom_reentrancy_check_if_no_app_blocked(smc_id); |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| kzfree(tzbuf); |
| break; |
| } |
| case QSEOS_TEE_OPEN_SESSION: { |
| struct qseecom_qteec_ireq *req; |
| struct qseecom_qteec_64bit_ireq *req_64bit; |
| |
| smc_id = TZ_APP_GPAPP_OPEN_SESSION_ID; |
| desc.arginfo = TZ_APP_GPAPP_OPEN_SESSION_ID_PARAM_ID; |
| if (qseecom.qsee_version < QSEE_VERSION_40) { |
| req = (struct qseecom_qteec_ireq *)req_buf; |
| desc.args[0] = req->app_id; |
| desc.args[1] = req->req_ptr; |
| desc.args[2] = req->req_len; |
| desc.args[3] = req->resp_ptr; |
| desc.args[4] = req->resp_len; |
| } else { |
| req_64bit = (struct qseecom_qteec_64bit_ireq *) |
| req_buf; |
| desc.args[0] = req_64bit->app_id; |
| desc.args[1] = req_64bit->req_ptr; |
| desc.args[2] = req_64bit->req_len; |
| desc.args[3] = req_64bit->resp_ptr; |
| desc.args[4] = req_64bit->resp_len; |
| } |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| break; |
| } |
| case QSEOS_TEE_OPEN_SESSION_WHITELIST: { |
| struct qseecom_qteec_ireq *req; |
| struct qseecom_qteec_64bit_ireq *req_64bit; |
| |
| smc_id = TZ_APP_GPAPP_OPEN_SESSION_WITH_WHITELIST_ID; |
| desc.arginfo = |
| TZ_APP_GPAPP_OPEN_SESSION_WITH_WHITELIST_ID_PARAM_ID; |
| if (qseecom.qsee_version < QSEE_VERSION_40) { |
| req = (struct qseecom_qteec_ireq *)req_buf; |
| desc.args[0] = req->app_id; |
| desc.args[1] = req->req_ptr; |
| desc.args[2] = req->req_len; |
| desc.args[3] = req->resp_ptr; |
| desc.args[4] = req->resp_len; |
| desc.args[5] = req->sglistinfo_ptr; |
| desc.args[6] = req->sglistinfo_len; |
| } else { |
| req_64bit = (struct qseecom_qteec_64bit_ireq *) |
| req_buf; |
| desc.args[0] = req_64bit->app_id; |
| desc.args[1] = req_64bit->req_ptr; |
| desc.args[2] = req_64bit->req_len; |
| desc.args[3] = req_64bit->resp_ptr; |
| desc.args[4] = req_64bit->resp_len; |
| desc.args[5] = req_64bit->sglistinfo_ptr; |
| desc.args[6] = req_64bit->sglistinfo_len; |
| } |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| break; |
| } |
| case QSEOS_TEE_INVOKE_COMMAND: { |
| struct qseecom_qteec_ireq *req; |
| struct qseecom_qteec_64bit_ireq *req_64bit; |
| |
| smc_id = TZ_APP_GPAPP_INVOKE_COMMAND_ID; |
| desc.arginfo = TZ_APP_GPAPP_INVOKE_COMMAND_ID_PARAM_ID; |
| if (qseecom.qsee_version < QSEE_VERSION_40) { |
| req = (struct qseecom_qteec_ireq *)req_buf; |
| desc.args[0] = req->app_id; |
| desc.args[1] = req->req_ptr; |
| desc.args[2] = req->req_len; |
| desc.args[3] = req->resp_ptr; |
| desc.args[4] = req->resp_len; |
| } else { |
| req_64bit = (struct qseecom_qteec_64bit_ireq *) |
| req_buf; |
| desc.args[0] = req_64bit->app_id; |
| desc.args[1] = req_64bit->req_ptr; |
| desc.args[2] = req_64bit->req_len; |
| desc.args[3] = req_64bit->resp_ptr; |
| desc.args[4] = req_64bit->resp_len; |
| } |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| break; |
| } |
| case QSEOS_TEE_INVOKE_COMMAND_WHITELIST: { |
| struct qseecom_qteec_ireq *req; |
| struct qseecom_qteec_64bit_ireq *req_64bit; |
| |
| smc_id = TZ_APP_GPAPP_INVOKE_COMMAND_WITH_WHITELIST_ID; |
| desc.arginfo = |
| TZ_APP_GPAPP_INVOKE_COMMAND_WITH_WHITELIST_ID_PARAM_ID; |
| if (qseecom.qsee_version < QSEE_VERSION_40) { |
| req = (struct qseecom_qteec_ireq *)req_buf; |
| desc.args[0] = req->app_id; |
| desc.args[1] = req->req_ptr; |
| desc.args[2] = req->req_len; |
| desc.args[3] = req->resp_ptr; |
| desc.args[4] = req->resp_len; |
| desc.args[5] = req->sglistinfo_ptr; |
| desc.args[6] = req->sglistinfo_len; |
| } else { |
| req_64bit = (struct qseecom_qteec_64bit_ireq *) |
| req_buf; |
| desc.args[0] = req_64bit->app_id; |
| desc.args[1] = req_64bit->req_ptr; |
| desc.args[2] = req_64bit->req_len; |
| desc.args[3] = req_64bit->resp_ptr; |
| desc.args[4] = req_64bit->resp_len; |
| desc.args[5] = req_64bit->sglistinfo_ptr; |
| desc.args[6] = req_64bit->sglistinfo_len; |
| } |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| break; |
| } |
| case QSEOS_TEE_CLOSE_SESSION: { |
| struct qseecom_qteec_ireq *req; |
| struct qseecom_qteec_64bit_ireq *req_64bit; |
| |
| smc_id = TZ_APP_GPAPP_CLOSE_SESSION_ID; |
| desc.arginfo = TZ_APP_GPAPP_CLOSE_SESSION_ID_PARAM_ID; |
| if (qseecom.qsee_version < QSEE_VERSION_40) { |
| req = (struct qseecom_qteec_ireq *)req_buf; |
| desc.args[0] = req->app_id; |
| desc.args[1] = req->req_ptr; |
| desc.args[2] = req->req_len; |
| desc.args[3] = req->resp_ptr; |
| desc.args[4] = req->resp_len; |
| } else { |
| req_64bit = (struct qseecom_qteec_64bit_ireq *) |
| req_buf; |
| desc.args[0] = req_64bit->app_id; |
| desc.args[1] = req_64bit->req_ptr; |
| desc.args[2] = req_64bit->req_len; |
| desc.args[3] = req_64bit->resp_ptr; |
| desc.args[4] = req_64bit->resp_len; |
| } |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| break; |
| } |
| case QSEOS_TEE_REQUEST_CANCELLATION: { |
| struct qseecom_qteec_ireq *req; |
| struct qseecom_qteec_64bit_ireq *req_64bit; |
| |
| smc_id = TZ_APP_GPAPP_REQUEST_CANCELLATION_ID; |
| desc.arginfo = |
| TZ_APP_GPAPP_REQUEST_CANCELLATION_ID_PARAM_ID; |
| if (qseecom.qsee_version < QSEE_VERSION_40) { |
| req = (struct qseecom_qteec_ireq *)req_buf; |
| desc.args[0] = req->app_id; |
| desc.args[1] = req->req_ptr; |
| desc.args[2] = req->req_len; |
| desc.args[3] = req->resp_ptr; |
| desc.args[4] = req->resp_len; |
| } else { |
| req_64bit = (struct qseecom_qteec_64bit_ireq *) |
| req_buf; |
| desc.args[0] = req_64bit->app_id; |
| desc.args[1] = req_64bit->req_ptr; |
| desc.args[2] = req_64bit->req_len; |
| desc.args[3] = req_64bit->resp_ptr; |
| desc.args[4] = req_64bit->resp_len; |
| } |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| break; |
| } |
| case QSEOS_CONTINUE_BLOCKED_REQ_COMMAND: { |
| struct qseecom_continue_blocked_request_ireq *req = |
| (struct qseecom_continue_blocked_request_ireq *) |
| req_buf; |
| if (qseecom.smcinvoke_support) |
| smc_id = |
| TZ_OS_CONTINUE_BLOCKED_REQUEST_SMCINVOKE_ID; |
| else |
| smc_id = TZ_OS_CONTINUE_BLOCKED_REQUEST_ID; |
| desc.arginfo = |
| TZ_OS_CONTINUE_BLOCKED_REQUEST_ID_PARAM_ID; |
| desc.args[0] = req->app_or_session_id; |
| ret = __qseecom_scm_call2_locked(smc_id, &desc); |
| break; |
| } |
| default: { |
| pr_err("qseos_cmd_id %d is not supported by armv8 scm_call2.\n", |
| qseos_cmd_id); |
| ret = -EINVAL; |
| break; |
| } |
| } /*end of switch (qsee_cmd_id) */ |
| break; |
| } /*end of case SCM_SVC_TZSCHEDULER*/ |
| default: { |
| pr_err("svc_id 0x%x is not supported by armv8 scm_call2.\n", |
| svc_id); |
| ret = -EINVAL; |
| break; |
| } |
| } /*end of switch svc_id */ |
| scm_resp->result = desc.ret[0]; |
| scm_resp->resp_type = desc.ret[1]; |
| scm_resp->data = desc.ret[2]; |
| pr_debug("svc_id = 0x%x, tz_cmd_id = 0x%x, qseos_cmd_id = 0x%x, smc_id = 0x%x, param_id = 0x%x\n", |
| svc_id, tz_cmd_id, qseos_cmd_id, smc_id, desc.arginfo); |
| pr_debug("scm_resp->result = 0x%x, scm_resp->resp_type = 0x%x, scm_resp->data = 0x%x\n", |
| scm_resp->result, scm_resp->resp_type, scm_resp->data); |
| return ret; |
| } |
| |
| |
| static int qseecom_scm_call(u32 svc_id, u32 tz_cmd_id, const void *cmd_buf, |
| size_t cmd_len, void *resp_buf, size_t resp_len) |
| { |
| if (!is_scm_armv8()) |
| return scm_call(svc_id, tz_cmd_id, cmd_buf, cmd_len, |
| resp_buf, resp_len); |
| else |
| return qseecom_scm_call2(svc_id, tz_cmd_id, cmd_buf, resp_buf); |
| } |
| |
| static struct qseecom_registered_listener_list *__qseecom_find_svc( |
| int32_t listener_id) |
| { |
| struct qseecom_registered_listener_list *entry = NULL; |
| |
| list_for_each_entry(entry, |
| &qseecom.registered_listener_list_head, list) { |
| if (entry->svc.listener_id == listener_id) |
| break; |
| } |
| if ((entry != NULL) && (entry->svc.listener_id != listener_id)) { |
| pr_debug("Service id: %u is not found\n", listener_id); |
| return NULL; |
| } |
| |
| return entry; |
| } |
| |
| static int __qseecom_set_sb_memory(struct qseecom_registered_listener_list *svc, |
| struct qseecom_dev_handle *handle, |
| struct qseecom_register_listener_req *listener) |
| { |
| int ret = 0; |
| struct qseecom_register_listener_ireq req; |
| struct qseecom_register_listener_64bit_ireq req_64bit; |
| struct qseecom_command_scm_resp resp; |
| ion_phys_addr_t pa; |
| void *cmd_buf = NULL; |
| size_t cmd_len; |
| |
| /* Get the handle of the shared fd */ |
| svc->ihandle = ion_import_dma_buf_fd(qseecom.ion_clnt, |
| listener->ifd_data_fd); |
| if (IS_ERR_OR_NULL(svc->ihandle)) { |
| pr_err("Ion client could not retrieve the handle\n"); |
| return -ENOMEM; |
| } |
| |
| /* Get the physical address of the ION BUF */ |
| ret = ion_phys(qseecom.ion_clnt, svc->ihandle, &pa, &svc->sb_length); |
| if (ret) { |
| pr_err("Cannot get phys_addr for the Ion Client, ret = %d\n", |
| ret); |
| return ret; |
| } |
| /* Populate the structure for sending scm call to load image */ |
| svc->sb_virt = (char *) ion_map_kernel(qseecom.ion_clnt, svc->ihandle); |
| if (IS_ERR_OR_NULL(svc->sb_virt)) { |
| pr_err("ION memory mapping for listener shared buffer failed\n"); |
| return -ENOMEM; |
| } |
| svc->sb_phys = (phys_addr_t)pa; |
| |
| if (qseecom.qsee_version < QSEE_VERSION_40) { |
| req.qsee_cmd_id = QSEOS_REGISTER_LISTENER; |
| req.listener_id = svc->svc.listener_id; |
| req.sb_len = svc->sb_length; |
| req.sb_ptr = (uint32_t)svc->sb_phys; |
| cmd_buf = (void *)&req; |
| cmd_len = sizeof(struct qseecom_register_listener_ireq); |
| } else { |
| req_64bit.qsee_cmd_id = QSEOS_REGISTER_LISTENER; |
| req_64bit.listener_id = svc->svc.listener_id; |
| req_64bit.sb_len = svc->sb_length; |
| req_64bit.sb_ptr = (uint64_t)svc->sb_phys; |
| cmd_buf = (void *)&req_64bit; |
| cmd_len = sizeof(struct qseecom_register_listener_64bit_ireq); |
| } |
| |
| resp.result = QSEOS_RESULT_INCOMPLETE; |
| |
| mutex_unlock(&listener_access_lock); |
| mutex_lock(&app_access_lock); |
| __qseecom_reentrancy_check_if_no_app_blocked( |
| TZ_OS_REGISTER_LISTENER_SMCINVOKE_ID); |
| ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1, cmd_buf, cmd_len, |
| &resp, sizeof(resp)); |
| mutex_unlock(&app_access_lock); |
| mutex_lock(&listener_access_lock); |
| if (ret) { |
| pr_err("qseecom_scm_call failed with err: %d\n", ret); |
| return -EINVAL; |
| } |
| |
| if (resp.result != QSEOS_RESULT_SUCCESS) { |
| pr_err("Error SB registration req: resp.result = %d\n", |
| resp.result); |
| return -EPERM; |
| } |
| return 0; |
| } |
| |
| static int qseecom_register_listener(struct qseecom_dev_handle *data, |
| void __user *argp) |
| { |
| int ret = 0; |
| struct qseecom_register_listener_req rcvd_lstnr; |
| struct qseecom_registered_listener_list *new_entry; |
| struct qseecom_registered_listener_list *ptr_svc; |
| |
| ret = copy_from_user(&rcvd_lstnr, argp, sizeof(rcvd_lstnr)); |
| if (ret) { |
| pr_err("copy_from_user failed\n"); |
| return ret; |
| } |
| if (!access_ok(VERIFY_WRITE, (void __user *)rcvd_lstnr.virt_sb_base, |
| rcvd_lstnr.sb_size)) |
| return -EFAULT; |
| |
| data->listener.id = rcvd_lstnr.listener_id; |
| |
| ptr_svc = __qseecom_find_svc(rcvd_lstnr.listener_id); |
| if (ptr_svc) { |
| if (ptr_svc->unregister_pending == false) { |
| pr_err("Service %d is not unique\n", |
| rcvd_lstnr.listener_id); |
| data->released = true; |
| return -EBUSY; |
| } else { |
| /*wait until listener is unregistered*/ |
| pr_debug("register %d has to wait\n", |
| rcvd_lstnr.listener_id); |
| mutex_unlock(&listener_access_lock); |
| ret = wait_event_interruptible( |
| qseecom.register_lsnr_pending_wq, |
| list_empty( |
| &qseecom.unregister_lsnr_pending_list_head)); |
| if (ret) { |
| pr_err("interrupted register_pending_wq %d\n", |
| rcvd_lstnr.listener_id); |
| mutex_lock(&listener_access_lock); |
| return -ERESTARTSYS; |
| } |
| mutex_lock(&listener_access_lock); |
| } |
| } |
| new_entry = kzalloc(sizeof(*new_entry), GFP_KERNEL); |
| if (!new_entry) |
| return -ENOMEM; |
| memcpy(&new_entry->svc, &rcvd_lstnr, sizeof(rcvd_lstnr)); |
| new_entry->rcv_req_flag = 0; |
| |
| new_entry->svc.listener_id = rcvd_lstnr.listener_id; |
| new_entry->sb_length = rcvd_lstnr.sb_size; |
| new_entry->user_virt_sb_base = rcvd_lstnr.virt_sb_base; |
| if (__qseecom_set_sb_memory(new_entry, data, &rcvd_lstnr)) { |
| pr_err("qseecom_set_sb_memory failed for listener %d, size %d\n", |
| rcvd_lstnr.listener_id, rcvd_lstnr.sb_size); |
| kzfree(new_entry); |
| return -ENOMEM; |
| } |
| |
| init_waitqueue_head(&new_entry->rcv_req_wq); |
| init_waitqueue_head(&new_entry->listener_block_app_wq); |
| new_entry->send_resp_flag = 0; |
| new_entry->listener_in_use = false; |
| list_add_tail(&new_entry->list, &qseecom.registered_listener_list_head); |
| |
| pr_warn("Service %d is registered\n", rcvd_lstnr.listener_id); |
| return ret; |
| } |
| |
| static int __qseecom_unregister_listener(struct qseecom_dev_handle *data, |
| struct qseecom_registered_listener_list *ptr_svc) |
| { |
| int ret = 0; |
| struct qseecom_register_listener_ireq req; |
| struct qseecom_command_scm_resp resp; |
| struct ion_handle *ihandle = NULL; /* Retrieve phy addr */ |
| |
| req.qsee_cmd_id = QSEOS_DEREGISTER_LISTENER; |
| req.listener_id = data->listener.id; |
| resp.result = QSEOS_RESULT_INCOMPLETE; |
| |
| mutex_unlock(&listener_access_lock); |
| mutex_lock(&app_access_lock); |
| __qseecom_reentrancy_check_if_no_app_blocked( |
| TZ_OS_DEREGISTER_LISTENER_ID); |
| ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1, &req, |
| sizeof(req), &resp, sizeof(resp)); |
| mutex_unlock(&app_access_lock); |
| mutex_lock(&listener_access_lock); |
| if (ret) { |
| pr_err("scm_call() failed with err: %d (lstnr id=%d)\n", |
| ret, data->listener.id); |
| if (ret == -EBUSY) |
| return ret; |
| goto exit; |
| } |
| |
| if (resp.result != QSEOS_RESULT_SUCCESS) { |
| pr_err("Failed resp.result=%d,(lstnr id=%d)\n", |
| resp.result, data->listener.id); |
| ret = -EPERM; |
| goto exit; |
| } |
| |
| while (atomic_read(&data->ioctl_count) > 1) { |
| if (wait_event_interruptible(data->abort_wq, |
| atomic_read(&data->ioctl_count) <= 1)) { |
| pr_err("Interrupted from abort\n"); |
| ret = -ERESTARTSYS; |
| } |
| } |
| |
| exit: |
| if (ptr_svc->sb_virt) { |
| ihandle = ptr_svc->ihandle; |
| if (!IS_ERR_OR_NULL(ihandle)) { |
| ion_unmap_kernel(qseecom.ion_clnt, ihandle); |
| ion_free(qseecom.ion_clnt, ihandle); |
| } |
| } |
| list_del(&ptr_svc->list); |
| kzfree(ptr_svc); |
| |
| data->released = true; |
| pr_warn("Service %d is unregistered\n", data->listener.id); |
| return ret; |
| } |
| |
| static int qseecom_unregister_listener(struct qseecom_dev_handle *data) |
| { |
| struct qseecom_registered_listener_list *ptr_svc = NULL; |
| struct qseecom_unregister_pending_list *entry = NULL; |
| |
| ptr_svc = __qseecom_find_svc(data->listener.id); |
| if (!ptr_svc) { |
| pr_err("Unregiser invalid listener ID %d\n", data->listener.id); |
| return -ENODATA; |
| } |
| /* stop CA thread waiting for listener response */ |
| ptr_svc->abort = 1; |
| wake_up_interruptible_all(&qseecom.send_resp_wq); |
| |
| /* stop listener thread waiting for listener request */ |
| data->abort = 1; |
| wake_up_all(&ptr_svc->rcv_req_wq); |
| |
| /* return directly if pending*/ |
| if (ptr_svc->unregister_pending) |
| return 0; |
| |
| /*add unregistration into pending list*/ |
| entry = kzalloc(sizeof(*entry), GFP_KERNEL); |
| if (!entry) |
| return -ENOMEM; |
| entry->data = data; |
| list_add_tail(&entry->list, |
| &qseecom.unregister_lsnr_pending_list_head); |
| ptr_svc->unregister_pending = true; |
| pr_debug("unregister %d pending\n", data->listener.id); |
| return 0; |
| } |
| |
| static void __qseecom_processing_pending_lsnr_unregister(void) |
| { |
| struct qseecom_unregister_pending_list *entry = NULL; |
| struct qseecom_registered_listener_list *ptr_svc = NULL; |
| struct list_head *pos; |
| int ret = 0; |
| |
| mutex_lock(&listener_access_lock); |
| while (!list_empty(&qseecom.unregister_lsnr_pending_list_head)) { |
| pos = qseecom.unregister_lsnr_pending_list_head.next; |
| entry = list_entry(pos, |
| struct qseecom_unregister_pending_list, list); |
| if (entry && entry->data) { |
| pr_debug("process pending unregister %d\n", |
| entry->data->listener.id); |
| /* don't process if qseecom_release is not called*/ |
| if (!entry->data->listener.release_called) |
| break; |
| ptr_svc = __qseecom_find_svc( |
| entry->data->listener.id); |
| if (ptr_svc) { |
| ret = __qseecom_unregister_listener( |
| entry->data, ptr_svc); |
| if (ret == -EBUSY) { |
| pr_debug("unregister %d pending again\n", |
| entry->data->listener.id); |
| mutex_unlock(&listener_access_lock); |
| return; |
| } |
| } else |
| pr_err("invalid listener %d\n", |
| entry->data->listener.id); |
| kzfree(entry->data); |
| } |
| list_del(pos); |
| kzfree(entry); |
| } |
| mutex_unlock(&listener_access_lock); |
| wake_up_interruptible(&qseecom.register_lsnr_pending_wq); |
| } |
| |
| static void __wakeup_unregister_listener_kthread(void) |
| { |
| atomic_set(&qseecom.unregister_lsnr_kthread_state, |
| LSNR_UNREG_KT_WAKEUP); |
| wake_up_interruptible(&qseecom.unregister_lsnr_kthread_wq); |
| } |
| |
| static int __qseecom_unregister_listener_kthread_func(void *data) |
| { |
| while (!kthread_should_stop()) { |
| wait_event_interruptible( |
| qseecom.unregister_lsnr_kthread_wq, |
| atomic_read(&qseecom.unregister_lsnr_kthread_state) |
| == LSNR_UNREG_KT_WAKEUP); |
| pr_debug("kthread to unregister listener is called %d\n", |
| atomic_read(&qseecom.unregister_lsnr_kthread_state)); |
| __qseecom_processing_pending_lsnr_unregister(); |
| atomic_set(&qseecom.unregister_lsnr_kthread_state, |
| LSNR_UNREG_KT_SLEEP); |
| } |
| pr_warn("kthread to unregister listener stopped\n"); |
| return 0; |
| } |
| |
| static int __qseecom_set_msm_bus_request(uint32_t mode) |
| { |
| int ret = 0; |
| struct qseecom_clk *qclk; |
| |
| qclk = &qseecom.qsee; |
| if (qclk->ce_core_src_clk != NULL) { |
| if (mode == INACTIVE) { |
| __qseecom_disable_clk(CLK_QSEE); |
| } else { |
| ret = __qseecom_enable_clk(CLK_QSEE); |
| if (ret) |
| pr_err("CLK enabling failed (%d) MODE (%d)\n", |
| ret, mode); |
| } |
| } |
| |
| if ((!ret) && (qseecom.current_mode != mode)) { |
| ret = msm_bus_scale_client_update_request( |
| qseecom.qsee_perf_client, mode); |
| if (ret) { |
| pr_err("Bandwidth req failed(%d) MODE (%d)\n", |
| ret, mode); |
| if (qclk->ce_core_src_clk != NULL) { |
| if (mode == INACTIVE) { |
| ret = __qseecom_enable_clk(CLK_QSEE); |
| if (ret) |
| pr_err("CLK enable failed\n"); |
| } else |
| __qseecom_disable_clk(CLK_QSEE); |
| } |
| } |
| qseecom.current_mode = mode; |
| } |
| return ret; |
| } |
| |
| static void qseecom_bw_inactive_req_work(struct work_struct *work) |
| { |
| mutex_lock(&app_access_lock); |
| mutex_lock(&qsee_bw_mutex); |
| if (qseecom.timer_running) |
| __qseecom_set_msm_bus_request(INACTIVE); |
| pr_debug("current_mode = %d, cumulative_mode = %d\n", |
| qseecom.current_mode, qseecom.cumulative_mode); |
| qseecom.timer_running = false; |
| mutex_unlock(&qsee_bw_mutex); |
| mutex_unlock(&app_access_lock); |
| } |
| |
| static void qseecom_scale_bus_bandwidth_timer_callback(unsigned long data) |
| { |
| schedule_work(&qseecom.bw_inactive_req_ws); |
| } |
| |
| static int __qseecom_decrease_clk_ref_count(enum qseecom_ce_hw_instance ce) |
| { |
| struct qseecom_clk *qclk; |
| int ret = 0; |
| |
| mutex_lock(&clk_access_lock); |
| if (ce == CLK_QSEE) |
| qclk = &qseecom.qsee; |
| else |
| qclk = &qseecom.ce_drv; |
| |
| if (qclk->clk_access_cnt > 2) { |
| pr_err("Invalid clock ref count %d\n", qclk->clk_access_cnt); |
| ret = -EINVAL; |
| goto err_dec_ref_cnt; |
| } |
| if (qclk->clk_access_cnt == 2) |
| qclk->clk_access_cnt--; |
| |
| err_dec_ref_cnt: |
| mutex_unlock(&clk_access_lock); |
| return ret; |
| } |
| |
| |
| static int qseecom_scale_bus_bandwidth_timer(uint32_t mode) |
| { |
| int32_t ret = 0; |
| int32_t request_mode = INACTIVE; |
| |
| mutex_lock(&qsee_bw_mutex); |
| if (mode == 0) { |
| if (qseecom.cumulative_mode > MEDIUM) |
| request_mode = HIGH; |
| else |
| request_mode = qseecom.cumulative_mode; |
| } else { |
| request_mode = mode; |
| } |
| |
| ret = __qseecom_set_msm_bus_request(request_mode); |
| if (ret) { |
| pr_err("set msm bus request failed (%d),request_mode (%d)\n", |
| ret, request_mode); |
| goto err_scale_timer; |
| } |
| |
| if (qseecom.timer_running) { |
| ret = __qseecom_decrease_clk_ref_count(CLK_QSEE); |
| if (ret) { |
| pr_err("Failed to decrease clk ref count.\n"); |
| goto err_scale_timer; |
| } |
| del_timer_sync(&(qseecom.bw_scale_down_timer)); |
| qseecom.timer_running = false; |
| } |
| err_scale_timer: |
| mutex_unlock(&qsee_bw_mutex); |
| return ret; |
| } |
| |
| |
| static int qseecom_unregister_bus_bandwidth_needs( |
| struct qseecom_dev_handle *data) |
| { |
| int32_t ret = 0; |
| |
| qseecom.cumulative_mode -= data->mode; |
| data->mode = INACTIVE; |
| |
| return ret; |
| } |
| |
| static int __qseecom_register_bus_bandwidth_needs( |
| struct qseecom_dev_handle *data, uint32_t request_mode) |
| { |
| int32_t ret = 0; |
| |
| if (data->mode == INACTIVE) { |
| qseecom.cumulative_mode += request_mode; |
| data->mode = request_mode; |
| } else { |
| if (data->mode != request_mode) { |
| qseecom.cumulative_mode -= data->mode; |
| qseecom.cumulative_mode += request_mode; |
| data->mode = request_mode; |
| } |
| } |
| return ret; |
| } |
| |
| static int qseecom_perf_enable(struct qseecom_dev_handle *data) |
| { |
| int ret = 0; |
| |
| ret = qsee_vote_for_clock(data, CLK_DFAB); |
| if (ret) { |
| pr_err("Failed to vote for DFAB clock with err %d\n", ret); |
| goto perf_enable_exit; |
| } |
| ret = qsee_vote_for_clock(data, CLK_SFPB); |
| if (ret) { |
| qsee_disable_clock_vote(data, CLK_DFAB); |
| pr_err("Failed to vote for SFPB clock with err %d\n", ret); |
| goto perf_enable_exit; |
| } |
| |
| perf_enable_exit: |
| return ret; |
| } |
| |
| static int qseecom_scale_bus_bandwidth(struct qseecom_dev_handle *data, |
| void __user *argp) |
| { |
| int32_t ret = 0; |
| int32_t req_mode; |
| |
| if (qseecom.no_clock_support) |
| return 0; |
| |
| ret = copy_from_user(&req_mode, argp, sizeof(req_mode)); |
| if (ret) { |
| pr_err("copy_from_user failed\n"); |
| return ret; |
| } |
| if (req_mode > HIGH) { |
| pr_err("Invalid bandwidth mode (%d)\n", req_mode); |
| return -EINVAL; |
| } |
| |
| /* |
| * Register bus bandwidth needs if bus scaling feature is enabled; |
| * otherwise, qseecom enable/disable clocks for the client directly. |
| */ |
| if (qseecom.support_bus_scaling) { |
| mutex_lock(&qsee_bw_mutex); |
| ret = __qseecom_register_bus_bandwidth_needs(data, req_mode); |
| mutex_unlock(&qsee_bw_mutex); |
| } else { |
| pr_debug("Bus scaling feature is NOT enabled\n"); |
| pr_debug("request bandwidth mode %d for the client\n", |
| req_mode); |
| if (req_mode != INACTIVE) { |
| ret = qseecom_perf_enable(data); |
| if (ret) |
| pr_err("Failed to vote for clock with err %d\n", |
| ret); |
| } else { |
| qsee_disable_clock_vote(data, CLK_DFAB); |
| qsee_disable_clock_vote(data, CLK_SFPB); |
| } |
| } |
| return ret; |
| } |
| |
| static void __qseecom_add_bw_scale_down_timer(uint32_t duration) |
| { |
| if (qseecom.no_clock_support) |
| return; |
| |
| mutex_lock(&qsee_bw_mutex); |
| qseecom.bw_scale_down_timer.expires = jiffies + |
| msecs_to_jiffies(duration); |
| mod_timer(&(qseecom.bw_scale_down_timer), |
| qseecom.bw_scale_down_timer.expires); |
| qseecom.timer_running = true; |
| mutex_unlock(&qsee_bw_mutex); |
| } |
| |
| static void __qseecom_disable_clk_scale_down(struct qseecom_dev_handle *data) |
| { |
| if (!qseecom.support_bus_scaling) |
| qsee_disable_clock_vote(data, CLK_SFPB); |
| else |
| __qseecom_add_bw_scale_down_timer( |
| QSEECOM_LOAD_APP_CRYPTO_TIMEOUT); |
| } |
| |
| static int __qseecom_enable_clk_scale_up(struct qseecom_dev_handle *data) |
| { |
| int ret = 0; |
| |
| if (qseecom.support_bus_scaling) { |
| ret = qseecom_scale_bus_bandwidth_timer(MEDIUM); |
| if (ret) |
| pr_err("Failed to set bw MEDIUM.\n"); |
| } else { |
| ret = qsee_vote_for_clock(data, CLK_SFPB); |
| if (ret) |
| pr_err("Fail vote for clk SFPB ret %d\n", ret); |
| } |
| return ret; |
| } |
| |
| static int qseecom_set_client_mem_param(struct qseecom_dev_handle *data, |
| void __user *argp) |
| { |
| ion_phys_addr_t pa; |
| int32_t ret; |
| struct qseecom_set_sb_mem_param_req req; |
| size_t len; |
| |
| /* Copy the relevant information needed for loading the image */ |
| if (copy_from_user(&req, (void __user *)argp, sizeof(req))) |
| return -EFAULT; |
| |
| if ((req.ifd_data_fd <= 0) || (req.virt_sb_base == NULL) || |
| (req.sb_len == 0)) { |
| pr_err("Inavlid input(s)ion_fd(%d), sb_len(%d), vaddr(0x%pK)\n", |
| req.ifd_data_fd, req.sb_len, req.virt_sb_base); |
| return -EFAULT; |
| } |
| if (!access_ok(VERIFY_WRITE, (void __user *)req.virt_sb_base, |
| req.sb_len)) |
| return -EFAULT; |
| |
| /* Get the handle of the shared fd */ |
| data->client.ihandle = ion_import_dma_buf_fd(qseecom.ion_clnt, |
| req.ifd_data_fd); |
| if (IS_ERR_OR_NULL(data->client.ihandle)) { |
| pr_err("Ion client could not retrieve the handle\n"); |
| return -ENOMEM; |
| } |
| /* Get the physical address of the ION BUF */ |
| ret = ion_phys(qseecom.ion_clnt, data->client.ihandle, &pa, &len); |
| if (ret) { |
| |
| pr_err("Cannot get phys_addr for the Ion Client, ret = %d\n", |
| ret); |
| return ret; |
| } |
| |
| if (len < req.sb_len) { |
| pr_err("Requested length (0x%x) is > allocated (%zu)\n", |
| req.sb_len, len); |
| return -EINVAL; |
| } |
| /* Populate the structure for sending scm call to load image */ |
| data->client.sb_virt = (char *) ion_map_kernel(qseecom.ion_clnt, |
| data->client.ihandle); |
| if (IS_ERR_OR_NULL(data->client.sb_virt)) { |
| pr_err("ION memory mapping for client shared buf failed\n"); |
| return -ENOMEM; |
| } |
| data->client.sb_phys = (phys_addr_t)pa; |
| data->client.sb_length = req.sb_len; |
| data->client.user_virt_sb_base = (uintptr_t)req.virt_sb_base; |
| return 0; |
| } |
| |
| static int __qseecom_listener_has_sent_rsp(struct qseecom_dev_handle *data, |
| struct qseecom_registered_listener_list *ptr_svc) |
| { |
| int ret; |
| |
| ret = (qseecom.send_resp_flag != 0); |
| return ret || data->abort || ptr_svc->abort; |
| } |
| |
| static int __qseecom_reentrancy_listener_has_sent_rsp( |
| struct qseecom_dev_handle *data, |
| struct qseecom_registered_listener_list *ptr_svc) |
| { |
| int ret; |
| |
| ret = (ptr_svc->send_resp_flag != 0); |
| return ret || data->abort || ptr_svc->abort; |
| } |
| |
| static void __qseecom_clean_listener_sglistinfo( |
| struct qseecom_registered_listener_list *ptr_svc) |
| { |
| if (ptr_svc->sglist_cnt) { |
| memset(ptr_svc->sglistinfo_ptr, 0, |
| SGLISTINFO_TABLE_SIZE); |
| ptr_svc->sglist_cnt = 0; |
| } |
| } |
| |
| static int __qseecom_process_incomplete_cmd(struct qseecom_dev_handle *data, |
| struct qseecom_command_scm_resp *resp) |
| { |
| int ret = 0; |
| int rc = 0; |
| uint32_t lstnr; |
| struct qseecom_client_listener_data_irsp send_data_rsp = {0}; |
| struct qseecom_client_listener_data_64bit_irsp send_data_rsp_64bit |
| = {0}; |
| struct qseecom_registered_listener_list *ptr_svc = NULL; |
| sigset_t new_sigset; |
| sigset_t old_sigset; |
| uint32_t status; |
| void *cmd_buf = NULL; |
| size_t cmd_len; |
| struct sglist_info *table = NULL; |
| |
| qseecom.app_block_ref_cnt++; |
| while (resp->result == QSEOS_RESULT_INCOMPLETE) { |
| lstnr = resp->data; |
| /* |
| * Wake up blocking lsitener service with the lstnr id |
| */ |
| mutex_lock(&listener_access_lock); |
| list_for_each_entry(ptr_svc, |
| &qseecom.registered_listener_list_head, list) { |
| if (ptr_svc->svc.listener_id == lstnr) { |
| ptr_svc->listener_in_use = true; |
| ptr_svc->rcv_req_flag = 1; |
| wake_up_interruptible(&ptr_svc->rcv_req_wq); |
| break; |
| } |
| } |
| |
| if (ptr_svc == NULL) { |
| pr_err("Listener Svc %d does not exist\n", lstnr); |
| rc = -EINVAL; |
| status = QSEOS_RESULT_FAILURE; |
| goto err_resp; |
| } |
| |
| if (!ptr_svc->ihandle) { |
| pr_err("Client handle is not initialized\n"); |
| rc = -EINVAL; |
| status = QSEOS_RESULT_FAILURE; |
| goto err_resp; |
| } |
| |
| if (ptr_svc->svc.listener_id != lstnr) { |
| pr_err("Service %d does not exist\n", |
| lstnr); |
| rc = -ERESTARTSYS; |
| ptr_svc = NULL; |
| status = QSEOS_RESULT_FAILURE; |
| goto err_resp; |
| } |
| |
| if (ptr_svc->abort == 1) { |
| pr_debug("Service %d abort %d\n", |
| lstnr, ptr_svc->abort); |
| rc = -ENODEV; |
| status = QSEOS_RESULT_FAILURE; |
| goto err_resp; |
| } |
| |
| pr_debug("waking up rcv_req_wq and waiting for send_resp_wq\n"); |
| |
| /* initialize the new signal mask with all signals*/ |
| sigfillset(&new_sigset); |
| /* block all signals */ |
| sigprocmask(SIG_SETMASK, &new_sigset, &old_sigset); |
| |
| mutex_unlock(&listener_access_lock); |
| do { |
| /* |
| * When reentrancy is not supported, check global |
| * send_resp_flag; otherwise, check this listener's |
| * send_resp_flag. |
| */ |
| if (!qseecom.qsee_reentrancy_support && |
| !wait_event_interruptible(qseecom.send_resp_wq, |
| __qseecom_listener_has_sent_rsp( |
| data, ptr_svc))) { |
| break; |
| } |
| |
| if (qseecom.qsee_reentrancy_support && |
| !wait_event_interruptible(qseecom.send_resp_wq, |
| __qseecom_reentrancy_listener_has_sent_rsp( |
| data, ptr_svc))) { |
| break; |
| } |
| } while (1); |
| mutex_lock(&listener_access_lock); |
| /* restore signal mask */ |
| sigprocmask(SIG_SETMASK, &old_sigset, NULL); |
| if (data->abort || ptr_svc->abort) { |
| pr_err("Abort clnt %d waiting on lstnr svc %d, ret %d", |
| data->client.app_id, lstnr, ret); |
| rc = -ENODEV; |
| status = QSEOS_RESULT_FAILURE; |
| } else { |
| status = QSEOS_RESULT_SUCCESS; |
| } |
| err_resp: |
| qseecom.send_resp_flag = 0; |
| if (ptr_svc) { |
| ptr_svc->send_resp_flag = 0; |
| table = ptr_svc->sglistinfo_ptr; |
| } |
| if (qseecom.qsee_version < QSEE_VERSION_40) { |
| send_data_rsp.listener_id = lstnr; |
| send_data_rsp.status = status; |
| if (table) { |
| send_data_rsp.sglistinfo_ptr = |
| (uint32_t)virt_to_phys(table); |
| send_data_rsp.sglistinfo_len = |
| SGLISTINFO_TABLE_SIZE; |
| dmac_flush_range((void *)table, |
| (void *)table + SGLISTINFO_TABLE_SIZE); |
| } |
| cmd_buf = (void *)&send_data_rsp; |
| cmd_len = sizeof(send_data_rsp); |
| } else { |
| send_data_rsp_64bit.listener_id = lstnr; |
| send_data_rsp_64bit.status = status; |
| if (table) { |
| send_data_rsp_64bit.sglistinfo_ptr = |
| virt_to_phys(table); |
| send_data_rsp_64bit.sglistinfo_len = |
| SGLISTINFO_TABLE_SIZE; |
| dmac_flush_range((void *)table, |
| (void *)table + SGLISTINFO_TABLE_SIZE); |
| } |
| cmd_buf = (void *)&send_data_rsp_64bit; |
| cmd_len = sizeof(send_data_rsp_64bit); |
| } |
| if (qseecom.whitelist_support == false || table == NULL) |
| *(uint32_t *)cmd_buf = QSEOS_LISTENER_DATA_RSP_COMMAND; |
| else |
| *(uint32_t *)cmd_buf = |
| QSEOS_LISTENER_DATA_RSP_COMMAND_WHITELIST; |
| if (ptr_svc) { |
| ret = msm_ion_do_cache_op(qseecom.ion_clnt, |
| ptr_svc->ihandle, |
| ptr_svc->sb_virt, ptr_svc->sb_length, |
| ION_IOC_CLEAN_INV_CACHES); |
| if (ret) { |
| pr_err("cache operation failed %d\n", ret); |
| goto exit; |
| } |
| } |
| |
| if ((lstnr == RPMB_SERVICE) || (lstnr == SSD_SERVICE)) { |
| ret = __qseecom_enable_clk(CLK_QSEE); |
| if (ret) |
| goto exit; |
| } |
| |
| ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1, |
| cmd_buf, cmd_len, resp, sizeof(*resp)); |
| if (ptr_svc) { |
| ptr_svc->listener_in_use = false; |
| __qseecom_clean_listener_sglistinfo(ptr_svc); |
| } |
| if (ret) { |
| pr_err("scm_call() failed with err: %d (app_id = %d)\n", |
| ret, data->client.app_id); |
| if ((lstnr == RPMB_SERVICE) || (lstnr == SSD_SERVICE)) |
| __qseecom_disable_clk(CLK_QSEE); |
| goto exit; |
| } |
| pr_debug("resp status %d, res= %d, app_id = %d, lstr = %d\n", |
| status, resp->result, data->client.app_id, lstnr); |
| if ((resp->result != QSEOS_RESULT_SUCCESS) && |
| (resp->result != QSEOS_RESULT_INCOMPLETE)) { |
| pr_err("fail:resp res= %d,app_id = %d,lstr = %d\n", |
| resp->result, data->client.app_id, lstnr); |
| ret = -EINVAL; |
| goto exit; |
| } |
| exit: |
| mutex_unlock(&listener_access_lock); |
| if ((lstnr == RPMB_SERVICE) || (lstnr == SSD_SERVICE)) |
| __qseecom_disable_clk(CLK_QSEE); |
| |
| } |
| qseecom.app_block_ref_cnt--; |
| wake_up_interruptible_all(&qseecom.app_block_wq); |
| if (rc) |
| return rc; |
| |
| return ret; |
| } |
| |
| static int __qseecom_process_reentrancy_blocked_on_listener( |
| struct qseecom_command_scm_resp *resp, |
| struct qseecom_registered_app_list *ptr_app, |
| struct qseecom_dev_handle *data) |
| { |
| struct qseecom_registered_listener_list *list_ptr; |
| int ret = 0; |
| struct qseecom_continue_blocked_request_ireq ireq; |
| struct qseecom_command_scm_resp continue_resp; |
| unsigned int session_id; |
| sigset_t new_sigset; |
| sigset_t old_sigset; |
| unsigned long flags; |
| bool found_app = false; |
| |
| if (!resp || !data) { |
| pr_err("invalid resp or data pointer\n"); |
| ret = -EINVAL; |
| goto exit; |
| } |
| |
| /* find app_id & img_name from list */ |
| if (!ptr_app && data->client.app_arch != ELFCLASSNONE) { |
| spin_lock_irqsave(&qseecom.registered_app_list_lock, flags); |
| list_for_each_entry(ptr_app, &qseecom.registered_app_list_head, |
| list) { |
| if ((ptr_app->app_id == data->client.app_id) && |
| (!strcmp(ptr_app->app_name, |
| data->client.app_name))) { |
| found_app = true; |
| break; |
| } |
| } |
| spin_unlock_irqrestore(&qseecom.registered_app_list_lock, |
| flags); |
| if (!found_app) { |
| pr_err("app_id %d (%s) is not found\n", |
| data->client.app_id, |
| (char *)data->client.app_name); |
| ret = -ENOENT; |
| goto exit; |
| } |
| } |
| |
| do { |
| session_id = resp->resp_type; |
| mutex_lock(&listener_access_lock); |
| list_ptr = __qseecom_find_svc(resp->data); |
| if (!list_ptr) { |
| pr_err("Invalid listener ID %d\n", resp->data); |
| ret = -ENODATA; |
| mutex_unlock(&listener_access_lock); |
| goto exit; |
| } |
| ptr_app->blocked_on_listener_id = resp->data; |
| |
| pr_warn("Lsntr %d in_use %d, block session(%d) app(%d)\n", |
| resp->data, list_ptr->listener_in_use, |
| session_id, data->client.app_id); |
| |
| /* sleep until listener is available */ |
| sigfillset(&new_sigset); |
| sigprocmask(SIG_SETMASK, &new_sigset, &old_sigset); |
| |
| do { |
| qseecom.app_block_ref_cnt++; |
| ptr_app->app_blocked = true; |
| mutex_unlock(&listener_access_lock); |
| mutex_unlock(&app_access_lock); |
| wait_event_interruptible( |
| list_ptr->listener_block_app_wq, |
| !list_ptr->listener_in_use); |
| mutex_lock(&app_access_lock); |
| mutex_lock(&listener_access_lock); |
| ptr_app->app_blocked = false; |
| qseecom.app_block_ref_cnt--; |
| } while (list_ptr->listener_in_use); |
| |
| sigprocmask(SIG_SETMASK, &old_sigset, NULL); |
| |
| ptr_app->blocked_on_listener_id = 0; |
| pr_warn("Lsntr %d is available, unblock session(%d) app(%d)\n", |
| resp->data, session_id, data->client.app_id); |
| |
| /* notify TZ that listener is available */ |
| ireq.qsee_cmd_id = QSEOS_CONTINUE_BLOCKED_REQ_COMMAND; |
| |
| if (qseecom.smcinvoke_support) |
| ireq.app_or_session_id = session_id; |
| else |
| ireq.app_or_session_id = data->client.app_id; |
| |
| ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1, |
| &ireq, sizeof(ireq), |
| &continue_resp, sizeof(continue_resp)); |
| if (ret && qseecom.smcinvoke_support) { |
| /* retry with legacy cmd */ |
| qseecom.smcinvoke_support = false; |
| ireq.app_or_session_id = data->client.app_id; |
| ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1, |
| &ireq, sizeof(ireq), |
| &continue_resp, sizeof(continue_resp)); |
| qseecom.smcinvoke_support = true; |
| if (ret) { |
| pr_err("unblock app %d or session %d fail\n", |
| data->client.app_id, session_id); |
| mutex_unlock(&listener_access_lock); |
| goto exit; |
| } |
| } |
| mutex_unlock(&listener_access_lock); |
| resp->result = continue_resp.result; |
| resp->resp_type = continue_resp.resp_type; |
| resp->data = continue_resp.data; |
| pr_debug("unblock resp = %d\n", resp->result); |
| } while (resp->result == QSEOS_RESULT_BLOCKED_ON_LISTENER); |
| |
| if (resp->result != QSEOS_RESULT_INCOMPLETE) { |
| pr_err("Unexpected unblock resp %d\n", resp->result); |
| ret = -EINVAL; |
| } |
| exit: |
| return ret; |
| } |
| |
| static int __qseecom_reentrancy_process_incomplete_cmd( |
| struct qseecom_dev_handle *data, |
| struct qseecom_command_scm_resp *resp) |
| { |
| int ret = 0; |
| int rc = 0; |
| uint32_t lstnr; |
| struct qseecom_client_listener_data_irsp send_data_rsp = {0}; |
| struct qseecom_client_listener_data_64bit_irsp send_data_rsp_64bit |
| = {0}; |
| struct qseecom_registered_listener_list *ptr_svc = NULL; |
| sigset_t new_sigset; |
| sigset_t old_sigset; |
| uint32_t status; |
| void *cmd_buf = NULL; |
| size_t cmd_len; |
| struct sglist_info *table = NULL; |
| |
| while (ret == 0 && resp->result == QSEOS_RESULT_INCOMPLETE) { |
| lstnr = resp->data; |
| /* |
| * Wake up blocking lsitener service with the lstnr id |
| */ |
| mutex_lock(&listener_access_lock); |
| list_for_each_entry(ptr_svc, |
| &qseecom.registered_listener_list_head, list) { |
| if (ptr_svc->svc.listener_id == lstnr) { |
| ptr_svc->listener_in_use = true; |
| ptr_svc->rcv_req_flag = 1; |
| wake_up_interruptible(&ptr_svc->rcv_req_wq); |
| break; |
| } |
| } |
| |
| if (ptr_svc == NULL) { |
| pr_err("Listener Svc %d does not exist\n", lstnr); |
| rc = -EINVAL; |
| status = QSEOS_RESULT_FAILURE; |
| goto err_resp; |
| } |
| |
| if (!ptr_svc->ihandle) { |
| pr_err("Client handle is not initialized\n"); |
| rc = -EINVAL; |
| status = QSEOS_RESULT_FAILURE; |
| goto err_resp; |
| } |
| |
| if (ptr_svc->svc.listener_id != lstnr) { |
| pr_err("Service %d does not exist\n", |
| lstnr); |
| rc = -ERESTARTSYS; |
| ptr_svc = NULL; |
| status = QSEOS_RESULT_FAILURE; |
| goto err_resp; |
| } |
| |
| if (ptr_svc->abort == 1) { |
| pr_debug("Service %d abort %d\n", |
| lstnr, ptr_svc->abort); |
| rc = -ENODEV; |
| status = QSEOS_RESULT_FAILURE; |
| goto err_resp; |
| } |
| |
| pr_debug("waking up rcv_req_wq and waiting for send_resp_wq\n"); |
| |
| /* initialize the new signal mask with all signals*/ |
| sigfillset(&new_sigset); |
| |
| /* block all signals */ |
| sigprocmask(SIG_SETMASK, &new_sigset, &old_sigset); |
| |
| /* unlock mutex btw waking listener and sleep-wait */ |
| mutex_unlock(&listener_access_lock); |
| mutex_unlock(&app_access_lock); |
| do { |
| if (!wait_event_interruptible(qseecom.send_resp_wq, |
| __qseecom_reentrancy_listener_has_sent_rsp( |
| data, ptr_svc))) { |
| break; |
| } |
| } while (1); |
| /* lock mutex again after resp sent */ |
| mutex_lock(&app_access_lock); |
| mutex_lock(&listener_access_lock); |
| ptr_svc->send_resp_flag = 0; |
| qseecom.send_resp_flag = 0; |
| |
| /* restore signal mask */ |
| sigprocmask(SIG_SETMASK, &old_sigset, NULL); |
| if (data->abort || ptr_svc->abort) { |
| pr_err("Abort clnt %d waiting on lstnr svc %d, ret %d", |
| data->client.app_id, lstnr, ret); |
| rc = -ENODEV; |
| status = QSEOS_RESULT_FAILURE; |
| } else { |
| status = QSEOS_RESULT_SUCCESS; |
| } |
| err_resp: |
| if (ptr_svc) |
| table = ptr_svc->sglistinfo_ptr; |
| if (qseecom.qsee_version < QSEE_VERSION_40) { |
| send_data_rsp.listener_id = lstnr; |
| send_data_rsp.status = status; |
| if (table) { |
| send_data_rsp.sglistinfo_ptr = |
| (uint32_t)virt_to_phys(table); |
| send_data_rsp.sglistinfo_len = |
| SGLISTINFO_TABLE_SIZE; |
| dmac_flush_range((void *)table, |
| (void *)table + SGLISTINFO_TABLE_SIZE); |
| } |
| cmd_buf = (void *)&send_data_rsp; |
| cmd_len = sizeof(send_data_rsp); |
| } else { |
| send_data_rsp_64bit.listener_id = lstnr; |
| send_data_rsp_64bit.status = status; |
| if (table) { |
| send_data_rsp_64bit.sglistinfo_ptr = |
| virt_to_phys(table); |
| send_data_rsp_64bit.sglistinfo_len = |
| SGLISTINFO_TABLE_SIZE; |
| dmac_flush_range((void *)table, |
| (void *)table + SGLISTINFO_TABLE_SIZE); |
| } |
| cmd_buf = (void *)&send_data_rsp_64bit; |
| cmd_len = sizeof(send_data_rsp_64bit); |
| } |
| if (qseecom.whitelist_support == false || table == NULL) |
| *(uint32_t *)cmd_buf = QSEOS_LISTENER_DATA_RSP_COMMAND; |
| else |
| *(uint32_t *)cmd_buf = |
| QSEOS_LISTENER_DATA_RSP_COMMAND_WHITELIST; |
| if (ptr_svc) { |
| ret = msm_ion_do_cache_op(qseecom.ion_clnt, |
| ptr_svc->ihandle, |
| ptr_svc->sb_virt, ptr_svc->sb_length, |
| ION_IOC_CLEAN_INV_CACHES); |
| if (ret) { |
| pr_err("cache operation failed %d\n", ret); |
| return ret; |
| } |
| } |
| if (lstnr == RPMB_SERVICE) { |
| ret = __qseecom_enable_clk(CLK_QSEE); |
| if (ret) |
| goto exit; |
| } |
| |
| ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1, |
| cmd_buf, cmd_len, resp, sizeof(*resp)); |
| if (ptr_svc) { |
| ptr_svc->listener_in_use = false; |
| __qseecom_clean_listener_sglistinfo(ptr_svc); |
| wake_up_interruptible(&ptr_svc->listener_block_app_wq); |
| } |
| |
| if (ret) { |
| pr_err("scm_call() failed with err: %d (app_id = %d)\n", |
| ret, data->client.app_id); |
| goto exit; |
| } |
| |
| switch (resp->result) { |
| case QSEOS_RESULT_BLOCKED_ON_LISTENER: |
| pr_warn("send lsr %d rsp, but app %d block on lsr %d\n", |
| lstnr, data->client.app_id, resp->data); |
| if (lstnr == resp->data) { |
| pr_err("lstnr %d should not be blocked!\n", |
| lstnr); |
| ret = -EINVAL; |
| goto exit; |
| } |
| mutex_unlock(&listener_access_lock); |
| ret = __qseecom_process_reentrancy_blocked_on_listener( |
| resp, NULL, data); |
| mutex_lock(&listener_access_lock); |
| if (ret) { |
| pr_err("failed to process App(%d) %s blocked on listener %d\n", |
| data->client.app_id, |
| data->client.app_name, resp->data); |
| goto exit; |
| } |
| case QSEOS_RESULT_SUCCESS: |
| case QSEOS_RESULT_INCOMPLETE: |
| break; |
| default: |
| pr_err("fail:resp res= %d,app_id = %d,lstr = %d\n", |
| resp->result, data->client.app_id, lstnr); |
| ret = -EINVAL; |
| goto exit; |
| } |
| exit: |
| mutex_unlock(&listener_access_lock); |
| if (lstnr == RPMB_SERVICE) |
| __qseecom_disable_clk(CLK_QSEE); |
| |
| } |
| if (rc) |
| return rc; |
| |
| return ret; |
| } |
| |
| /* |
| * QSEE doesn't support OS level cmds reentrancy until RE phase-3, |
| * and QSEE OS level scm_call cmds will fail if there is any blocked TZ app. |
| * So, needs to first check if no app blocked before sending OS level scm call, |
| * then wait until all apps are unblocked. |
| */ |
| static void __qseecom_reentrancy_check_if_no_app_blocked(uint32_t smc_id) |
| { |
| if (qseecom.qsee_reentrancy_support > QSEE_REENTRANCY_PHASE_0 && |
| qseecom.qsee_reentrancy_support < QSEE_REENTRANCY_PHASE_3 && |
| IS_OWNER_TRUSTED_OS(TZ_SYSCALL_OWNER_ID(smc_id))) { |
| /* thread sleep until this app unblocked */ |
| while (qseecom.app_block_ref_cnt > 0) { |
| mutex_unlock(&app_access_lock); |
| wait_event_interruptible(qseecom.app_block_wq, |
| (!qseecom.app_block_ref_cnt)); |
| mutex_lock(&app_access_lock); |
| } |
| } |
| } |
| |
| /* |
| * scm_call of send data will fail if this TA is blocked or there are more |
| * than one TA requesting listener services; So, first check to see if need |
| * to wait. |
| */ |
| static void __qseecom_reentrancy_check_if_this_app_blocked( |
| struct qseecom_registered_app_list *ptr_app) |
| { |
| if (qseecom.qsee_reentrancy_support) { |
| ptr_app->check_block++; |
| while (ptr_app->app_blocked || qseecom.app_block_ref_cnt > 1) { |
| /* thread sleep until this app unblocked */ |
| mutex_unlock(&app_access_lock); |
| wait_event_interruptible(qseecom.app_block_wq, |
| (!ptr_app->app_blocked && |
| qseecom.app_block_ref_cnt <= 1)); |
| mutex_lock(&app_access_lock); |
| } |
| ptr_app->check_block--; |
| } |
| } |
| |
| static int __qseecom_check_app_exists(struct qseecom_check_app_ireq req, |
| uint32_t *app_id) |
| { |
| int32_t ret; |
| struct qseecom_command_scm_resp resp; |
| bool found_app = false; |
| struct qseecom_registered_app_list *entry = NULL; |
| unsigned long flags = 0; |
| |
| if (!app_id) { |
| pr_err("Null pointer to app_id\n"); |
| return -EINVAL; |
| } |
| *app_id = 0; |
| |
| /* check if app exists and has been registered locally */ |
| spin_lock_irqsave(&qseecom.registered_app_list_lock, flags); |
| list_for_each_entry(entry, |
| &qseecom.registered_app_list_head, list) { |
| if (!strcmp(entry->app_name, req.app_name)) { |
| found_app = true; |
| break; |
| } |
| } |
| spin_unlock_irqrestore(&qseecom.registered_app_list_lock, flags); |
| if (found_app) { |
| pr_debug("Found app with id %d\n", entry->app_id); |
| *app_id = entry->app_id; |
| return 0; |
| } |
| |
| memset((void *)&resp, 0, sizeof(resp)); |
| |
| /* SCM_CALL to check if app_id for the mentioned app exists */ |
| ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1, &req, |
| sizeof(struct qseecom_check_app_ireq), |
| &resp, sizeof(resp)); |
| if (ret) { |
| pr_err("scm_call to check if app is already loaded failed\n"); |
| return -EINVAL; |
| } |
| |
| if (resp.result == QSEOS_RESULT_FAILURE) |
| return 0; |
| |
| switch (resp.resp_type) { |
| /*qsee returned listener type response */ |
| case QSEOS_LISTENER_ID: |
| pr_err("resp type is of listener type instead of app"); |
| return -EINVAL; |
| case QSEOS_APP_ID: |
| *app_id = resp.data; |
| return 0; |
| default: |
| pr_err("invalid resp type (%d) from qsee", |
| resp.resp_type); |
| return -ENODEV; |
| } |
| } |
| |
| static int qseecom_load_app(struct qseecom_dev_handle *data, void __user *argp) |
| { |
| struct qseecom_registered_app_list *entry = NULL; |
| unsigned long flags = 0; |
| u32 app_id = 0; |
| struct ion_handle *ihandle; /* Ion handle */ |
| struct qseecom_load_img_req load_img_req; |
| int32_t ret = 0; |
| ion_phys_addr_t pa = 0; |
| size_t len; |
| struct qseecom_command_scm_resp resp; |
| struct qseecom_check_app_ireq req; |
| struct qseecom_load_app_ireq load_req; |
| struct qseecom_load_app_64bit_ireq load_req_64bit; |
| void *cmd_buf = NULL; |
| size_t cmd_len; |
| bool first_time = false; |
| |
| /* Copy the relevant information needed for loading the image */ |
| if (copy_from_user(&load_img_req, |
| (void __user *)argp, |
| sizeof(struct qseecom_load_img_req))) { |
| pr_err("copy_from_user failed\n"); |
| return -EFAULT; |
| } |
| |
| /* Check and load cmnlib */ |
| if (qseecom.qsee_version > QSEEE_VERSION_00) { |
| if (!qseecom.commonlib_loaded && |
| load_img_req.app_arch == ELFCLASS32) { |
| ret = qseecom_load_commonlib_image(data, "cmnlib"); |
| if (ret) { |
| pr_err("failed to load cmnlib\n"); |
| return -EIO; |
| } |
| qseecom.commonlib_loaded = true; |
| pr_debug("cmnlib is loaded\n"); |
| } |
| |
| if (!qseecom.commonlib64_loaded && |
| load_img_req.app_arch == ELFCLASS64) { |
| ret = qseecom_load_commonlib_image(data, "cmnlib64"); |
| if (ret) { |
| pr_err("failed to load cmnlib64\n"); |
| return -EIO; |
| } |
| qseecom.commonlib64_loaded = true; |
| pr_debug("cmnlib64 is loaded\n"); |
| } |
| } |
| |
| if (qseecom.support_bus_scaling) { |
| mutex_lock(&qsee_bw_mutex); |
| ret = __qseecom_register_bus_bandwidth_needs(data, MEDIUM); |
| mutex_unlock(&qsee_bw_mutex); |
| if (ret) |
| return ret; |
| } |
| |
| /* Vote for the SFPB clock */ |
| ret = __qseecom_enable_clk_scale_up(data); |
| if (ret) |
| goto enable_clk_err; |
| |
| req.qsee_cmd_id = QSEOS_APP_LOOKUP_COMMAND; |
| load_img_req.img_name[MAX_APP_NAME_SIZE-1] = '\0'; |
| strlcpy(req.app_name, load_img_req.img_name, MAX_APP_NAME_SIZE); |
| |
| ret = __qseecom_check_app_exists(req, &app_id); |
| if (ret < 0) |
| goto loadapp_err; |
| |
| if (app_id) { |
| pr_debug("App id %d (%s) already exists\n", app_id, |
| (char *)(req.app_name)); |
| spin_lock_irqsave(&qseecom.registered_app_list_lock, flags); |
| list_for_each_entry(entry, |
| &qseecom.registered_app_list_head, list){ |
| if (entry->app_id == app_id) { |
| entry->ref_cnt++; |
| break; |
| } |
| } |
| spin_unlock_irqrestore( |
| &qseecom.registered_app_list_lock, flags); |
| ret = 0; |
| } else { |
| first_time = true; |
| pr_warn("App (%s) does'nt exist, loading apps for first time\n", |
| (char *)(load_img_req.img_name)); |
| /* Get the handle of the shared fd */ |
| ihandle = ion_import_dma_buf_fd(qseecom.ion_clnt, |
| load_img_req.ifd_data_fd); |
| if (IS_ERR_OR_NULL(ihandle)) { |
| pr_err("Ion client could not retrieve the handle\n"); |
| ret = -ENOMEM; |
| goto loadapp_err; |
| } |
| |
| /* Get the physical address of the ION BUF */ |
| ret = ion_phys(qseecom.ion_clnt, ihandle, &pa, &len); |
| if (ret) { |
| pr_err("Cannot get phys_addr for the Ion Client, ret = %d\n", |
| ret); |
| goto loadapp_err; |
| } |
| if (load_img_req.mdt_len > len || load_img_req.img_len > len) { |
| pr_err("ion len %zu is smaller than mdt_len %u or img_len %u\n", |
| len, load_img_req.mdt_len, |
| load_img_req.img_len); |
| ret = -EINVAL; |
| goto loadapp_err; |
| } |
| /* Populate the structure for sending scm call to load image */ |
| if (qseecom.qsee_version < QSEE_VERSION_40) { |
| load_req.qsee_cmd_id = QSEOS_APP_START_COMMAND; |
| load_req.mdt_len = load_img_req.mdt_len; |
| load_req.img_len = load_img_req.img_len; |
| strlcpy(load_req.app_name, load_img_req.img_name, |
| MAX_APP_NAME_SIZE); |
| load_req.phy_addr = (uint32_t)pa; |
| cmd_buf = (void *)&load_req; |
| cmd_len = sizeof(struct qseecom_load_app_ireq); |
| } else { |
| load_req_64bit.qsee_cmd_id = QSEOS_APP_START_COMMAND; |
| load_req_64bit.mdt_len = load_img_req.mdt_len; |
| load_req_64bit.img_len = load_img_req.img_len; |
| strlcpy(load_req_64bit.app_name, load_img_req.img_name, |
| MAX_APP_NAME_SIZE); |
| load_req_64bit.phy_addr = (uint64_t)pa; |
| cmd_buf = (void *)&load_req_64bit; |
| cmd_len = sizeof(struct qseecom_load_app_64bit_ireq); |
| } |
| |
| ret = msm_ion_do_cache_op(qseecom.ion_clnt, ihandle, NULL, len, |
| ION_IOC_CLEAN_INV_CACHES); |
| if (ret) { |
| pr_err("cache operation failed %d\n", ret); |
| goto loadapp_err; |
| } |
| |
| /* SCM_CALL to load the app and get the app_id back */ |
| ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1, cmd_buf, |
| cmd_len, &resp, sizeof(resp)); |
| if (ret) { |
| pr_err("scm_call to load app failed\n"); |
| if (!IS_ERR_OR_NULL(ihandle)) |
| ion_free(qseecom.ion_clnt, ihandle); |
| ret = -EINVAL; |
| goto loadapp_err; |
| } |
| |
| if (resp.result == QSEOS_RESULT_FAILURE) { |
| pr_err("scm_call rsp.result is QSEOS_RESULT_FAILURE\n"); |
| if (!IS_ERR_OR_NULL(ihandle)) |
| ion_free(qseecom.ion_clnt, ihandle); |
| ret = -EFAULT; |
| goto loadapp_err; |
| } |
| |
| if (resp.result == QSEOS_RESULT_INCOMPLETE) { |
| ret = __qseecom_process_incomplete_cmd(data, &resp); |
| if (ret) { |
| pr_err("process_incomplete_cmd failed err: %d\n", |
| ret); |
| if (!IS_ERR_OR_NULL(ihandle)) |
| ion_free(qseecom.ion_clnt, ihandle); |
| ret = -EFAULT; |
| goto loadapp_err; |
| } |
| } |
| |
| if (resp.result != QSEOS_RESULT_SUCCESS) { |
| pr_err("scm_call failed resp.result unknown, %d\n", |
| resp.result); |
| if (!IS_ERR_OR_NULL(ihandle)) |
| ion_free(qseecom.ion_clnt, ihandle); |
| ret = -EFAULT; |
| goto loadapp_err; |
| } |
| |
| app_id = resp.data; |
| |
| entry = kmalloc(sizeof(*entry), GFP_KERNEL); |
| if (!entry) { |
| ret = -ENOMEM; |
| goto loadapp_err; |
| } |
| entry->app_id = app_id; |
| entry->ref_cnt = 1; |
| entry->app_arch = load_img_req.app_arch; |
| /* |
| * keymaster app may be first loaded as "keymaste" by qseecomd, |
| * and then used as "keymaster" on some targets. To avoid app |
| * name checking error, register "keymaster" into app_list and |
| * thread private data. |
| */ |
| if (!strcmp(load_img_req.img_name, "keymaste")) |
| strlcpy(entry->app_name, "keymaster", |
| MAX_APP_NAME_SIZE); |
| else |
| strlcpy(entry->app_name, load_img_req.img_name, |
| MAX_APP_NAME_SIZE); |
| entry->app_blocked = false; |
| entry->blocked_on_listener_id = 0; |
| entry->check_block = 0; |
| |
| /* Deallocate the handle */ |
| if (!IS_ERR_OR_NULL(ihandle)) |
| ion_free(qseecom.ion_clnt, ihandle); |
| |
| spin_lock_irqsave(&qseecom.registered_app_list_lock, flags); |
| list_add_tail(&entry->list, &qseecom.registered_app_list_head); |
| spin_unlock_irqrestore(&qseecom.registered_app_list_lock, |
| flags); |
| |
| pr_warn("App with id %u (%s) now loaded\n", app_id, |
| (char *)(load_img_req.img_name)); |
| } |
| data->client.app_id = app_id; |
| data->client.app_arch = load_img_req.app_arch; |
| if (!strcmp(load_img_req.img_name, "keymaste")) |
| strlcpy(data->client.app_name, "keymaster", MAX_APP_NAME_SIZE); |
| else |
| strlcpy(data->client.app_name, load_img_req.img_name, |
| MAX_APP_NAME_SIZE); |
| load_img_req.app_id = app_id; |
| if (copy_to_user(argp, &load_img_req, sizeof(load_img_req))) { |
| pr_err("copy_to_user failed\n"); |
| ret = -EFAULT; |
| if (first_time == true) { |
| spin_lock_irqsave( |
| &qseecom.registered_app_list_lock, flags); |
| list_del(&entry->list); |
| spin_unlock_irqrestore( |
| &qseecom.registered_app_list_lock, flags); |
| kzfree(entry); |
| } |
| } |
| |
| loadapp_err: |
| __qseecom_disable_clk_scale_down(data); |
| enable_clk_err: |
| if (qseecom.support_bus_scaling) { |
| mutex_lock(&qsee_bw_mutex); |
| qseecom_unregister_bus_bandwidth_needs(data); |
| mutex_unlock(&qsee_bw_mutex); |
| } |
| return ret; |
| } |
| |
| static int __qseecom_cleanup_app(struct qseecom_dev_handle *data) |
| { |
| int ret = 1; /* Set unload app */ |
| |
| wake_up_all(&qseecom.send_resp_wq); |
| if (qseecom.qsee_reentrancy_support) |
| mutex_unlock(&app_access_lock); |
| while (atomic_read(&data->ioctl_count) > 1) { |
| if (wait_event_interruptible(data->abort_wq, |
| atomic_read(&data->ioctl_count) <= 1)) { |
| pr_err("Interrupted from abort\n"); |
| ret = -ERESTARTSYS; |
| break; |
| } |
| } |
| if (qseecom.qsee_reentrancy_support) |
| mutex_lock(&app_access_lock); |
| return ret; |
| } |
| |
| static int qseecom_unmap_ion_allocated_memory(struct qseecom_dev_handle *data) |
| { |
| int ret = 0; |
| |
| if (!IS_ERR_OR_NULL(data->client.ihandle)) { |
| ion_unmap_kernel(qseecom.ion_clnt, data->client.ihandle); |
| ion_free(qseecom.ion_clnt, data->client.ihandle); |
| data->client.ihandle = NULL; |
| } |
| return ret; |
| } |
| |
| static int qseecom_unload_app(struct qseecom_dev_handle *data, |
| bool app_crash) |
| { |
| unsigned long flags; |
| unsigned long flags1; |
| int ret = 0; |
| struct qseecom_command_scm_resp resp; |
| struct qseecom_registered_app_list *ptr_app = NULL; |
| bool unload = false; |
| bool found_app = false; |
| bool found_dead_app = false; |
| bool scm_called = false; |
| |
| if (!data) { |
| pr_err("Invalid/uninitialized device handle\n"); |
| return -EINVAL; |
| } |
| |
| if (!memcmp(data->client.app_name, "keymaste", strlen("keymaste"))) { |
| pr_debug("Do not unload keymaster app from tz\n"); |
| goto unload_exit; |
| } |
| |
| __qseecom_cleanup_app(data); |
| __qseecom_reentrancy_check_if_no_app_blocked(TZ_OS_APP_SHUTDOWN_ID); |
| |
| if (data->client.app_id > 0) { |
| spin_lock_irqsave(&qseecom.registered_app_list_lock, flags); |
| list_for_each_entry(ptr_app, &qseecom.registered_app_list_head, |
| list) { |
| if (ptr_app->app_id == data->client.app_id) { |
| if (!strcmp((void *)ptr_app->app_name, |
| (void *)data->client.app_name)) { |
| found_app = true; |
| if (ptr_app->app_blocked || |
| ptr_app->check_block) |
| app_crash = false; |
| if (app_crash || ptr_app->ref_cnt == 1) |
| unload = true; |
| break; |
| } |
| found_dead_app = true; |
| break; |
| } |
| } |
| spin_unlock_irqrestore(&qseecom.registered_app_list_lock, |
| flags); |
| if (found_app == false && found_dead_app == false) { |
| pr_err("Cannot find app with id = %d (%s)\n", |
| data->client.app_id, |
| (char *)data->client.app_name); |
| ret = -EINVAL; |
| goto unload_exit; |
| } |
| } |
| |
| if (found_dead_app) |
| pr_warn("cleanup app_id %d(%s)\n", data->client.app_id, |
| (char *)data->client.app_name); |
| |
| if (unload) { |
| struct qseecom_unload_app_ireq req; |
| /* Populate the structure for sending scm call to load image */ |
| req.qsee_cmd_id = QSEOS_APP_SHUTDOWN_COMMAND; |
| req.app_id = data->client.app_id; |
| |
| /* SCM_CALL to unload the app */ |
| ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1, &req, |
| sizeof(struct qseecom_unload_app_ireq), |
| &resp, sizeof(resp)); |
| scm_called = true; |
| if (ret) { |
| pr_err("scm_call to unload app (id = %d) failed\n", |
| req.app_id); |
| ret = -EFAULT; |
| goto scm_exit; |
| } else { |
| pr_warn("App id %d now unloaded\n", req.app_id); |
| } |
| if (resp.result == QSEOS_RESULT_FAILURE) { |
| pr_err("app (%d) unload_failed!!\n", |
| data->client.app_id); |
| ret = -EFAULT; |
| goto scm_exit; |
| } |
| if (resp.result == QSEOS_RESULT_SUCCESS) |
| pr_debug("App (%d) is unloaded!!\n", |
| data->client.app_id); |
| if (resp.result == QSEOS_RESULT_INCOMPLETE) { |
| ret = __qseecom_process_incomplete_cmd(data, &resp); |
| if (ret) { |
| pr_err("process_incomplete_cmd fail err: %d\n", |
| ret); |
| goto scm_exit; |
| } |
| } |
| } |
| |
| scm_exit: |
| if (scm_called) { |
| /* double check if this app_entry still exists */ |
| bool doublecheck = false; |
| |
| spin_lock_irqsave(&qseecom.registered_app_list_lock, flags1); |
| list_for_each_entry(ptr_app, |
| &qseecom.registered_app_list_head, list) { |
| if ((ptr_app->app_id == data->client.app_id) && |
| (!strcmp((void *)ptr_app->app_name, |
| (void *)data->client.app_name))) { |
| doublecheck = true; |
| break; |
| } |
| } |
| spin_unlock_irqrestore(&qseecom.registered_app_list_lock, |
| flags1); |
| if (!doublecheck) { |
| pr_warn("app %d(%s) entry is already removed\n", |
| data->client.app_id, |
| (char *)data->client.app_name); |
| found_app = false; |
| } |
| } |
| unload_exit: |
| if (found_app) { |
| spin_lock_irqsave(&qseecom.registered_app_list_lock, flags1); |
| if (app_crash) { |
| ptr_app->ref_cnt = 0; |
| pr_debug("app_crash: ref_count = 0\n"); |
| } else { |
| if (ptr_app->ref_cnt == 1) { |
| ptr_app->ref_cnt = 0; |
| pr_debug("ref_count set to 0\n"); |
| } else { |
| ptr_app->ref_cnt--; |
| pr_debug("Can't unload app(%d) inuse\n", |
| ptr_app->app_id); |
| } |
| } |
| if (unload) { |
| list_del(&ptr_app->list); |
| kzfree(ptr_app); |
| } |
| spin_unlock_irqrestore(&qseecom.registered_app_list_lock, |
| flags1); |
| } |
| qseecom_unmap_ion_allocated_memory(data); |
| data->released = true; |
| return ret; |
| } |
| |
| static phys_addr_t __qseecom_uvirt_to_kphys(struct qseecom_dev_handle *data, |
| unsigned long virt) |
| { |
| return data->client.sb_phys + (virt - data->client.user_virt_sb_base); |
| } |
| |
| static uintptr_t __qseecom_uvirt_to_kvirt(struct qseecom_dev_handle *data, |
| unsigned long virt) |
| { |
| return (uintptr_t)data->client.sb_virt + |
| (virt - data->client.user_virt_sb_base); |
| } |
| |
| int __qseecom_process_rpmb_svc_cmd(struct qseecom_dev_handle *data_ptr, |
| struct qseecom_send_svc_cmd_req *req_ptr, |
| struct qseecom_client_send_service_ireq *send_svc_ireq_ptr) |
| { |
| int ret = 0; |
| void *req_buf = NULL; |
| |
| if ((req_ptr == NULL) || (send_svc_ireq_ptr == NULL)) { |
| pr_err("Error with pointer: req_ptr = %pK, send_svc_ptr = %pK\n", |
| req_ptr, send_svc_ireq_ptr); |
| return -EINVAL; |
| } |
| |
| /* Clients need to ensure req_buf is at base offset of shared buffer */ |
| if ((uintptr_t)req_ptr->cmd_req_buf != |
| data_ptr->client.user_virt_sb_base) { |
| pr_err("cmd buf not pointing to base offset of shared buffer\n"); |
| return -EINVAL; |
| } |
| |
| if (data_ptr->client.sb_length < |
| sizeof(struct qseecom_rpmb_provision_key)) { |
| pr_err("shared buffer is too small to hold key type\n"); |
| return -EINVAL; |
| } |
| req_buf = data_ptr->client.sb_virt; |
| |
| send_svc_ireq_ptr->qsee_cmd_id = req_ptr->cmd_id; |
| send_svc_ireq_ptr->key_type = |
| ((struct qseecom_rpmb_provision_key *)req_buf)->key_type; |
| send_svc_ireq_ptr->req_len = req_ptr->cmd_req_len; |
| send_svc_ireq_ptr->rsp_ptr = (uint32_t)(__qseecom_uvirt_to_kphys( |
| data_ptr, (uintptr_t)req_ptr->resp_buf)); |
| send_svc_ireq_ptr->rsp_len = req_ptr->resp_len; |
| |
| return ret; |
| } |
| |
| int __qseecom_process_fsm_key_svc_cmd(struct qseecom_dev_handle *data_ptr, |
| struct qseecom_send_svc_cmd_req *req_ptr, |
| struct qseecom_client_send_fsm_key_req *send_svc_ireq_ptr) |
| { |
| int ret = 0; |
| uint32_t reqd_len_sb_in = 0; |
| |
| if ((req_ptr == NULL) || (send_svc_ireq_ptr == NULL)) { |
| pr_err("Error with pointer: req_ptr = %pK, send_svc_ptr = %pK\n", |
| req_ptr, send_svc_ireq_ptr); |
| return -EINVAL; |
| } |
| |
| reqd_len_sb_in = req_ptr->cmd_req_len + req_ptr->resp_len; |
| if (reqd_len_sb_in > data_ptr->client.sb_length) { |
| pr_err("Not enough memory to fit cmd_buf and resp_buf. "); |
| pr_err("Required: %u, Available: %zu\n", |
| reqd_len_sb_in, data_ptr->client.sb_length); |
| return -ENOMEM; |
| } |
| |
| send_svc_ireq_ptr->qsee_cmd_id = req_ptr->cmd_id; |
| send_svc_ireq_ptr->req_len = req_ptr->cmd_req_len; |
| send_svc_ireq_ptr->rsp_ptr = (uint32_t)(__qseecom_uvirt_to_kphys( |
| data_ptr, (uintptr_t)req_ptr->resp_buf)); |
| send_svc_ireq_ptr->rsp_len = req_ptr->resp_len; |
| |
| send_svc_ireq_ptr->req_ptr = (uint32_t)(__qseecom_uvirt_to_kphys( |
| data_ptr, (uintptr_t)req_ptr->cmd_req_buf)); |
| |
| |
| return ret; |
| } |
| |
| static int __validate_send_service_cmd_inputs(struct qseecom_dev_handle *data, |
| struct qseecom_send_svc_cmd_req *req) |
| { |
| if (!req || !req->resp_buf || !req->cmd_req_buf) { |
| pr_err("req or cmd buffer or response buffer is null\n"); |
| return -EINVAL; |
| } |
| |
| if (!data || !data->client.ihandle) { |
| pr_err("Client or client handle is not initialized\n"); |
| return -EINVAL; |
| } |
| |
| if (data->client.sb_virt == NULL) { |
| pr_err("sb_virt null\n"); |
| return -EINVAL; |
| } |
| |
| if (data->client.user_virt_sb_base == 0) { |
| pr_err("user_virt_sb_base is null\n"); |
| return -EINVAL; |
| } |
| |
| if (data->client.sb_length == 0) { |
| pr_err("sb_length is 0\n"); |
| return -EINVAL; |
| } |
| |
| if (((uintptr_t)req->cmd_req_buf < |
| data->client.user_virt_sb_base) || |
| ((uintptr_t)req->cmd_req_buf >= |
| (data->client.user_virt_sb_base + data->client.sb_length))) { |
| pr_err("cmd buffer address not within shared bufffer\n"); |
| return -EINVAL; |
| } |
| if (((uintptr_t)req->resp_buf < |
| data->client.user_virt_sb_base) || |
| ((uintptr_t)req->resp_buf >= |
| (data->client.user_virt_sb_base + data->client.sb_length))) { |
| pr_err("response buffer address not within shared bufffer\n"); |
| return -EINVAL; |
| } |
| if ((req->cmd_req_len == 0) || (req->resp_len == 0) || |
| (req->cmd_req_len > data->client.sb_length) || |
| (req->resp_len > data->client.sb_length)) { |
| pr_err("cmd buf length or response buf length not valid\n"); |
| return -EINVAL; |
| } |
| if (req->cmd_req_len > UINT_MAX - req->resp_len) { |
| pr_err("Integer overflow detected in req_len & rsp_len\n"); |
| return -EINVAL; |
| } |
| |
| if ((req->cmd_req_len + req->resp_len) > data->client.sb_length) { |
| pr_debug("Not enough memory to fit cmd_buf.\n"); |
| pr_debug("resp_buf. Required: %u, Available: %zu\n", |
| (req->cmd_req_len + req->resp_len), |
| data->client.sb_length); |
| return -ENOMEM; |
| } |
| if ((uintptr_t)req->cmd_req_buf > (ULONG_MAX - req->cmd_req_len)) { |
| pr_err("Integer overflow in req_len & cmd_req_buf\n"); |
| return -EINVAL; |
| } |
| if ((uintptr_t)req->resp_buf > (ULONG_MAX - req->resp_len)) { |
| pr_err("Integer overflow in resp_len & resp_buf\n"); |
| return -EINVAL; |
| } |
| if (data->client.user_virt_sb_base > |
| (ULONG_MAX - data->client.sb_length)) { |
| pr_err("Integer overflow in user_virt_sb_base & sb_length\n"); |
| return -EINVAL; |
| } |
| if ((((uintptr_t)req->cmd_req_buf + req->cmd_req_len) > |
| ((uintptr_t)data->client |