drivers/platform/msm/ssm.c - kernel/msm - Git at Google

 /* Copyright (c) 2013-2014, The Linux Foundation. All rights reserved.
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License version 2 and
  * only version 2 as published by the Free Software Foundation.
  *
  * This program is distributed in the hope that it will be useful,
  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  * GNU General Public License for more details.
  */
 /*
  * Qualcomm Secure Service Module(SSM) driver
  */

 #include <linux/kernel.h>
 #include <linux/module.h>
 #include <linux/slab.h>
 #include <linux/fs.h>
 #include <linux/of.h>
 #include <linux/cdev.h>
 #include <linux/uaccess.h>
 #include <linux/mutex.h>
 #include <linux/ion.h>
 #include <linux/types.h>
 #include <linux/elf.h>
 #include <linux/platform_device.h>
 #include <linux/msm_ion.h>
 #include <linux/platform_data/qcom_ssm.h>
 #include <soc/qcom/scm.h>
 #include <soc/qcom/smd.h>

 #include "qseecom_kernel.h"
 #include "ssm.h"

 /* Macros */
 #define SSM_DEV_NAME			"ssm"
 #define MPSS_SUBSYS			0
 #define SSM_INFO_CMD_ID			1
 #define MAX_APP_NAME_SIZE		32
 #define SSM_MSG_LEN			200
 #define SSM_MSG_FIELD_LEN		11
 #define ATOM_MSG_LEN			(SSM_MSG_FIELD_LEN + SSM_MSG_LEN + 40)

 #define TZAPP_NAME			"SsmApp"
 #define CHANNEL_NAME			"SSM_RTR_MODEM_APPS"

 /* SSM driver structure.*/
 struct ssm_driver {
 	int32_t app_status;
 	int32_t update_status;
 	unsigned char *channel_name;
 	unsigned char *smd_buffer;
 	struct device *dev;
 	smd_channel_t *ch;
 	struct work_struct ipc_work;
 	struct mutex mutex;
 	struct qseecom_handle *qseecom_handle;
 	struct tzapp_get_mode_info_rsp *resp;
 	bool key_status;
 	bool ready;
 };

 static struct ssm_driver *ssm_drv;

 static unsigned int getint(char *buff, unsigned long *res)
 {
 	char value[SSM_MSG_FIELD_LEN];

 	memcpy(value, buff, SSM_MSG_FIELD_LEN);
 	value[SSM_MSG_FIELD_LEN - 1] = '\0';

 	return kstrtoul(skip_spaces(value), 10, res);
 }

 /*
  * Setup CMD/RSP pointers.
  */
 static void setup_cmd_rsp_buffers(struct qseecom_handle *handle, void **cmd,
 		int *cmd_len, void **resp, int *resp_len)
 {
 	*cmd = handle->sbuf;
 	if (*cmd_len & QSEECOM_ALIGN_MASK)
 		*cmd_len = QSEECOM_ALIGN(*cmd_len);

 	*resp = handle->sbuf + *cmd_len;
 	if (*resp_len & QSEECOM_ALIGN_MASK)
 		*resp_len = QSEECOM_ALIGN(*resp_len);
 }

 /*
  * Send packet to modem over SMD channel.
  */
 static int update_modem(enum ssm_ipc_req ipc_req, struct ssm_driver *ssm,
 		int length, char *data)
 {
 	unsigned int packet_len = length + SSM_MSG_FIELD_LEN;
 	int rc = 0, count;

 	snprintf(ssm->smd_buffer, SSM_MSG_FIELD_LEN + 1, "%10u|", ipc_req);
 	memcpy(ssm->smd_buffer + SSM_MSG_FIELD_LEN, data, length);

 	if (smd_write_avail(ssm->ch) < packet_len) {
 		dev_err(ssm->dev, "Not enough space dropping request\n");
 		rc = -ENOSPC;
 		goto out;
 	}

 	count = smd_write(ssm->ch, ssm->smd_buffer, packet_len);
 	if (count < packet_len) {
 		dev_err(ssm->dev, "smd_write failed for %d\n", ipc_req);
 		rc = -EIO;
 	}

 out:
 	return rc;
 }

 /*
  * Header Format
  * Each member of header is of 10 byte (ASCII).
  * Each entry is separated by '|' delimiter.
  * |<-10 bytes->|<-10 bytes->|
  * |-------------------------|
  * | IPC code   | error code |
  * |-------------------------|
  *
  */
 static int decode_packet(char *buffer, struct ssm_common_msg *pkt)
 {
 	int rc;

 	rc =  getint(buffer, (unsigned long *)&pkt->ipc_req);
 	if (rc < 0)
 		return -EINVAL;

 	buffer += SSM_MSG_FIELD_LEN;
 	rc =  getint(buffer, (unsigned long *)&pkt->err_code);
 	if (rc < 0)
 		return -EINVAL;

 	dev_dbg(ssm_drv->dev, "req %d error code %d\n",
 			pkt->ipc_req, pkt->err_code);
 	return 0;
 }

 static void process_message(struct ssm_common_msg pkt, struct ssm_driver *ssm)
 {

 	switch (pkt.ipc_req) {

 	case SSM_MTOA_MODE_UPDATE_STATUS:
 		if (pkt.err_code) {
 			dev_err(ssm->dev, "Modem mode update failed\n");
 			ssm->update_status = FAILED;
 		} else
 			ssm->update_status = SUCCESS;

 		dev_dbg(ssm->dev, "Modem mode update status %d\n",
 								pkt.err_code);
 		break;

 	default:
 		dev_dbg(ssm->dev, "Invalid message\n");
 		break;
 	};
 }

 /*
  * Work function to handle and process packets coming from modem.
  */
 static void ssm_app_modem_work_fn(struct work_struct *work)
 {
 	int sz, rc;
 	struct ssm_common_msg pkt;
 	struct ssm_driver *ssm;

 	ssm = container_of(work, struct ssm_driver, ipc_work);

 	mutex_lock(&ssm->mutex);
 	sz = smd_cur_packet_size(ssm->ch);
 	if ((sz < SSM_MSG_FIELD_LEN) || (sz > ATOM_MSG_LEN)) {
 		dev_dbg(ssm_drv->dev, "Garbled message size\n");
 		goto unlock;
 	}

 	if (smd_read_avail(ssm->ch) < sz) {
 		dev_err(ssm_drv->dev, "SMD error data in channel\n");
 		goto unlock;
 	}

 	if (smd_read(ssm->ch, ssm->smd_buffer, sz) != sz) {
 		dev_err(ssm_drv->dev, "Incomplete data\n");
 		goto unlock;
 	}

 	rc = decode_packet(ssm->smd_buffer, &pkt);
 	if (rc < 0) {
 		dev_err(ssm_drv->dev, "Corrupted header\n");
 		goto unlock;
 	}

 	process_message(pkt, ssm);

 unlock:
 	mutex_unlock(&ssm->mutex);
 }

 /*
  * MODEM-APPS smd channel callback function.
  */
 static void modem_request(void *ctxt, unsigned event)
 {
 	struct ssm_driver *ssm;

 	ssm = (struct ssm_driver *)ctxt;

 	switch (event) {
 	case SMD_EVENT_OPEN:
 	case SMD_EVENT_CLOSE:
 		dev_dbg(ssm->dev, "SMD port status changed\n");
 		break;
 	case SMD_EVENT_DATA:
 		if (smd_read_avail(ssm->ch) > 0)
 			schedule_work(&ssm->ipc_work);
 		break;
 	};
 }

 /*
  * Load SSM application in TZ and start application:
  */
 static int ssm_load_app(struct ssm_driver *ssm)
 {
 	int rc;

 	/* Load the APP */
 	rc = qseecom_start_app(&ssm->qseecom_handle, TZAPP_NAME, SZ_4K);
 	if (rc < 0) {
 		dev_err(ssm->dev, "Unable to load SSM app\n");
 		ssm->app_status = FAILED;
 		return -EIO;
 	}

 	ssm->app_status = SUCCESS;
 	return 0;
 }

 static struct ssm_platform_data *populate_ssm_pdata(struct device *dev)
 {
 	struct ssm_platform_data *pdata;

 	pdata = devm_kzalloc(dev, sizeof(struct ssm_platform_data),
 								GFP_KERNEL);
 	if (!pdata)
 		return NULL;

 	pdata->need_key_exchg =
 		of_property_read_bool(dev->of_node, "qcom,need-keyexhg");

 	pdata->channel_name = CHANNEL_NAME;

 	return pdata;
 }

 static int ssm_probe(struct platform_device *pdev)
 {
 	int rc;
 	struct ssm_platform_data *pdata;
 	struct ssm_driver *drv;

 	if (pdev->dev.of_node)
 		pdata = populate_ssm_pdata(&pdev->dev);
 	else
 		pdata = pdev->dev.platform_data;

 	if (!pdata) {
 		dev_err(&pdev->dev, "Empty platform data\n");
 		return -ENOMEM;
 	}

 	drv = devm_kzalloc(&pdev->dev, sizeof(struct ssm_driver),
 								GFP_KERNEL);
 	if (!drv) {
 		dev_err(&pdev->dev, "Unable to allocate memory\n");
 		return -ENOMEM;
 	}

 	/* Allocate response buffer */
 	drv->resp = devm_kzalloc(&pdev->dev,
 			sizeof(struct tzapp_get_mode_info_rsp),
 			GFP_KERNEL);
 	if (!drv->resp) {
 		rc = -ENOMEM;
 		goto exit;
 	}

 	/* Initialize the driver structure */
 	drv->app_status = RETRY;
 	drv->ready = false;
 	drv->update_status = FAILED;
 	mutex_init(&drv->mutex);
 	drv->key_status = !pdata->need_key_exchg;
 	drv->channel_name = (char *)pdata->channel_name;
 	INIT_WORK(&drv->ipc_work, ssm_app_modem_work_fn);

 	/* Allocate memory for smd buffer */
 	drv->smd_buffer = devm_kzalloc(&pdev->dev,
 			(sizeof(char) * ATOM_MSG_LEN), GFP_KERNEL);
 	if (!drv->smd_buffer) {
 		rc = -ENOMEM;
 		goto exit;
 	}

 	drv->dev = &pdev->dev;
 	ssm_drv = drv;
 	platform_set_drvdata(pdev, ssm_drv);

 	dev_dbg(&pdev->dev, "probe success\n");
 	return 0;

 exit:
 	mutex_destroy(&drv->mutex);
 	platform_set_drvdata(pdev, NULL);
 	return rc;

 }

 static int ssm_remove(struct platform_device *pdev)
 {

 	if (!ssm_drv)
 		return 0;
 	/*
 	 * Step to exit
 	 * 1. set ready to 0 (oem access closed).
 	 * 2. Close SMD modem connection closed.
 	 * 3. cleanup ion.
 	 */
 	ssm_drv->ready = false;
 	smd_close(ssm_drv->ch);
 	flush_work(&ssm_drv->ipc_work);

 	/* Shutdown tzapp */
 	dev_dbg(&pdev->dev, "Shutting down TZapp\n");
 	qseecom_shutdown_app(&ssm_drv->qseecom_handle);

 	return 0;
 }

 static struct of_device_id ssm_match_table[] = {
 	{
 		.compatible = "qcom,ssm",
 	},
 	{}
 };

 static struct platform_driver ssm_pdriver = {
 	.probe          = ssm_probe,
 	.remove         = ssm_remove,
 	.driver = {
 		.name   = SSM_DEV_NAME,
 		.owner  = THIS_MODULE,
 		.of_match_table = ssm_match_table,
 	},
 };
 module_platform_driver(ssm_pdriver);

 /*
  * Interface for external OEM driver.
  * This interface supports following functionalities:
  * 1. Set mode (encrypted mode and it's length is passed as parameter).
  * 2. Set mode from TZ (read encrypted mode from TZ)
  * 3. Get status of mode update.
  *
  */
 int ssm_oem_driver_intf(int cmd, char *mode, int len)
 {
 	int rc, req_len, resp_len;
 	struct tzapp_get_mode_info_req *get_mode_req;
 	struct tzapp_get_mode_info_rsp *get_mode_resp;

 	/* If ssm_drv is NULL, probe failed */
 	if (!ssm_drv)
 		return -ENODEV;

 	mutex_lock(&ssm_drv->mutex);

 	if (ssm_drv->app_status == RETRY) {
 		/* Load TZAPP */
 		rc = ssm_load_app(ssm_drv);
 		if (rc) {
 			rc = -ENODEV;
 			goto unlock;
 		}
 	} else if (ssm_drv->app_status == FAILED) {
 		rc = -ENODEV;
 		goto unlock;
 	}

 	/* Open modem SMD interface */
 	if (!ssm_drv->ready) {
 		rc = smd_named_open_on_edge(ssm_drv->channel_name,
 							SMD_APPS_MODEM,
 							&ssm_drv->ch,
 							ssm_drv,
 							modem_request);
 		if (rc) {
 			rc = -EAGAIN;
 			goto unlock;
 		} else
 			ssm_drv->ready = true;
 	}

 	/* Try again modem key-exchange not yet done.*/
 	if (!ssm_drv->key_status) {
 		rc = -EAGAIN;
 		goto unlock;
 	}

 	/* Set return status to success */
 	rc = 0;

 	switch (cmd) {
 	case SSM_READY:
 		break;

 	case SSM_MODE_INFO_READY:
 		ssm_drv->update_status = RETRY;
 		/* Fill command structure */
 		req_len = sizeof(struct tzapp_get_mode_info_req);
 		resp_len = sizeof(struct tzapp_get_mode_info_rsp);
 		setup_cmd_rsp_buffers(ssm_drv->qseecom_handle,
 				(void **)&get_mode_req, &req_len,
 				(void **)&get_mode_resp, &resp_len);
 		get_mode_req->tzapp_ssm_cmd = GET_ENC_MODE;

 		rc = qseecom_set_bandwidth(ssm_drv->qseecom_handle, 1);
 		if (rc) {
 			ssm_drv->update_status = FAILED;
 			dev_err(ssm_drv->dev, "set bandwidth failed\n");
 			rc = -EIO;
 			break;
 		}
 		rc = qseecom_send_command(ssm_drv->qseecom_handle,
 				(void *)get_mode_req, req_len,
 				(void *)get_mode_resp, resp_len);
 		if (rc || get_mode_resp->status) {
 			ssm_drv->update_status = FAILED;
 			break;
 		}
 		rc = qseecom_set_bandwidth(ssm_drv->qseecom_handle, 0);
 		if (rc) {
 			ssm_drv->update_status = FAILED;
 			dev_err(ssm_drv->dev, "clear bandwidth failed\n");
 			rc = -EIO;
 			break;
 		}

 		if (get_mode_resp->enc_mode_len > ENC_MODE_MAX_SIZE) {
 			ssm_drv->update_status = FAILED;
 			rc = -EINVAL;
 			break;
 		}
 		/* Send mode_info to modem */
 		rc = update_modem(SSM_ATOM_MODE_UPDATE, ssm_drv,
 				get_mode_resp->enc_mode_len,
 				get_mode_resp->enc_mode_info);
 		if (rc)
 			ssm_drv->update_status = FAILED;
 		break;

 	case SSM_SET_MODE:
 		ssm_drv->update_status = RETRY;

 		if (len > ENC_MODE_MAX_SIZE) {
 			ssm_drv->update_status = FAILED;
 			rc = -EINVAL;
 			break;
 		}
 		memcpy(ssm_drv->resp->enc_mode_info, mode, len);
 		ssm_drv->resp->enc_mode_len = len;

 		/* Send mode_info to modem */
 		rc = update_modem(SSM_ATOM_MODE_UPDATE, ssm_drv,
 				ssm_drv->resp->enc_mode_len,
 				ssm_drv->resp->enc_mode_info);
 		if (rc)
 			ssm_drv->update_status = FAILED;
 		break;

 	case SSM_GET_MODE_STATUS:
 		rc = ssm_drv->update_status;
 		break;

 	default:
 		rc = -EINVAL;
 		dev_err(ssm_drv->dev, "Invalid command\n");
 		break;
 	};

 unlock:
 	mutex_unlock(&ssm_drv->mutex);
 	return rc;
 }
 EXPORT_SYMBOL_GPL(ssm_oem_driver_intf);

 MODULE_LICENSE("GPL v2");
 MODULE_DESCRIPTION("Qualcomm Secure Service Module");
	/* Copyright (c) 2013-2014, The Linux Foundation. All rights reserved.
	*
	* This program is free software; you can redistribute it and/or modify
	* it under the terms of the GNU General Public License version 2 and
	* only version 2 as published by the Free Software Foundation.
	*
	* This program is distributed in the hope that it will be useful,
	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	* GNU General Public License for more details.
	*/
	/*
	* Qualcomm Secure Service Module(SSM) driver
	*/

	#include <linux/kernel.h>
	#include <linux/module.h>
	#include <linux/slab.h>
	#include <linux/fs.h>
	#include <linux/of.h>
	#include <linux/cdev.h>
	#include <linux/uaccess.h>
	#include <linux/mutex.h>
	#include <linux/ion.h>
	#include <linux/types.h>
	#include <linux/elf.h>
	#include <linux/platform_device.h>
	#include <linux/msm_ion.h>
	#include <linux/platform_data/qcom_ssm.h>
	#include <soc/qcom/scm.h>
	#include <soc/qcom/smd.h>

	#include "qseecom_kernel.h"
	#include "ssm.h"

	/* Macros */
	#define SSM_DEV_NAME "ssm"
	#define MPSS_SUBSYS 0
	#define SSM_INFO_CMD_ID 1
	#define MAX_APP_NAME_SIZE 32
	#define SSM_MSG_LEN 200
	#define SSM_MSG_FIELD_LEN 11
	#define ATOM_MSG_LEN (SSM_MSG_FIELD_LEN + SSM_MSG_LEN + 40)

	#define TZAPP_NAME "SsmApp"
	#define CHANNEL_NAME "SSM_RTR_MODEM_APPS"

	/* SSM driver structure.*/
	struct ssm_driver {
	int32_t app_status;
	int32_t update_status;
	unsigned char *channel_name;
	unsigned char *smd_buffer;
	struct device *dev;
	smd_channel_t *ch;
	struct work_struct ipc_work;
	struct mutex mutex;
	struct qseecom_handle *qseecom_handle;
	struct tzapp_get_mode_info_rsp *resp;
	bool key_status;
	bool ready;
	};

	static struct ssm_driver *ssm_drv;

	static unsigned int getint(char buff, unsigned long res)
	{
	char value[SSM_MSG_FIELD_LEN];

	memcpy(value, buff, SSM_MSG_FIELD_LEN);
	value[SSM_MSG_FIELD_LEN - 1] = '\0';

	return kstrtoul(skip_spaces(value), 10, res);
	}

	/*
	* Setup CMD/RSP pointers.
	*/
	static void setup_cmd_rsp_buffers(struct qseecom_handle handle, void *cmd,
	int cmd_len, void resp, int resp_len)
	{
	*cmd = handle->sbuf;
	if (*cmd_len & QSEECOM_ALIGN_MASK)
	cmd_len = QSEECOM_ALIGN(cmd_len);

	resp = handle->sbuf + cmd_len;
	if (*resp_len & QSEECOM_ALIGN_MASK)
	resp_len = QSEECOM_ALIGN(resp_len);
	}

	/*
	* Send packet to modem over SMD channel.
	*/
	static int update_modem(enum ssm_ipc_req ipc_req, struct ssm_driver *ssm,
	int length, char *data)
	{
	unsigned int packet_len = length + SSM_MSG_FIELD_LEN;
	int rc = 0, count;

	snprintf(ssm->smd_buffer, SSM_MSG_FIELD_LEN + 1, "%10u\|", ipc_req);
	memcpy(ssm->smd_buffer + SSM_MSG_FIELD_LEN, data, length);

	if (smd_write_avail(ssm->ch) < packet_len) {
	dev_err(ssm->dev, "Not enough space dropping request\n");
	rc = -ENOSPC;
	goto out;
	}

	count = smd_write(ssm->ch, ssm->smd_buffer, packet_len);
	if (count < packet_len) {
	dev_err(ssm->dev, "smd_write failed for %d\n", ipc_req);
	rc = -EIO;
	}

	out:
	return rc;
	}

	/*
	* Header Format
	* Each member of header is of 10 byte (ASCII).
	* Each entry is separated by '\|' delimiter.
	* \|<-10 bytes->\|<-10 bytes->\|
	* \|-------------------------\|
	* \| IPC code \| error code \|
	* \|-------------------------\|
	*
	*/
	static int decode_packet(char buffer, struct ssm_common_msg pkt)
	{
	int rc;

	rc = getint(buffer, (unsigned long *)&pkt->ipc_req);
	if (rc < 0)
	return -EINVAL;

	buffer += SSM_MSG_FIELD_LEN;
	rc = getint(buffer, (unsigned long *)&pkt->err_code);
	if (rc < 0)
	return -EINVAL;

	dev_dbg(ssm_drv->dev, "req %d error code %d\n",
	pkt->ipc_req, pkt->err_code);
	return 0;
	}

	static void process_message(struct ssm_common_msg pkt, struct ssm_driver *ssm)
	{

	switch (pkt.ipc_req) {

	case SSM_MTOA_MODE_UPDATE_STATUS:
	if (pkt.err_code) {
	dev_err(ssm->dev, "Modem mode update failed\n");
	ssm->update_status = FAILED;
	} else
	ssm->update_status = SUCCESS;

	dev_dbg(ssm->dev, "Modem mode update status %d\n",
	pkt.err_code);
	break;

	default:
	dev_dbg(ssm->dev, "Invalid message\n");
	break;
	};
	}

	/*
	* Work function to handle and process packets coming from modem.
	*/
	static void ssm_app_modem_work_fn(struct work_struct *work)
	{
	int sz, rc;
	struct ssm_common_msg pkt;
	struct ssm_driver *ssm;

	ssm = container_of(work, struct ssm_driver, ipc_work);

	mutex_lock(&ssm->mutex);
	sz = smd_cur_packet_size(ssm->ch);
	if ((sz < SSM_MSG_FIELD_LEN) \|\| (sz > ATOM_MSG_LEN)) {
	dev_dbg(ssm_drv->dev, "Garbled message size\n");
	goto unlock;
	}

	if (smd_read_avail(ssm->ch) < sz) {
	dev_err(ssm_drv->dev, "SMD error data in channel\n");
	goto unlock;
	}

	if (smd_read(ssm->ch, ssm->smd_buffer, sz) != sz) {
	dev_err(ssm_drv->dev, "Incomplete data\n");
	goto unlock;
	}

	rc = decode_packet(ssm->smd_buffer, &pkt);
	if (rc < 0) {
	dev_err(ssm_drv->dev, "Corrupted header\n");
	goto unlock;
	}

	process_message(pkt, ssm);

	unlock:
	mutex_unlock(&ssm->mutex);
	}

	/*
	* MODEM-APPS smd channel callback function.
	*/
	static void modem_request(void *ctxt, unsigned event)
	{
	struct ssm_driver *ssm;

	ssm = (struct ssm_driver *)ctxt;

	switch (event) {
	case SMD_EVENT_OPEN:
	case SMD_EVENT_CLOSE:
	dev_dbg(ssm->dev, "SMD port status changed\n");
	break;
	case SMD_EVENT_DATA:
	if (smd_read_avail(ssm->ch) > 0)
	schedule_work(&ssm->ipc_work);
	break;
	};
	}

	/*
	* Load SSM application in TZ and start application:
	*/
	static int ssm_load_app(struct ssm_driver *ssm)
	{
	int rc;

	/* Load the APP */
	rc = qseecom_start_app(&ssm->qseecom_handle, TZAPP_NAME, SZ_4K);
	if (rc < 0) {
	dev_err(ssm->dev, "Unable to load SSM app\n");
	ssm->app_status = FAILED;
	return -EIO;
	}

	ssm->app_status = SUCCESS;
	return 0;
	}

	static struct ssm_platform_data populate_ssm_pdata(struct device dev)
	{
	struct ssm_platform_data *pdata;

	pdata = devm_kzalloc(dev, sizeof(struct ssm_platform_data),
	GFP_KERNEL);
	if (!pdata)
	return NULL;

	pdata->need_key_exchg =
	of_property_read_bool(dev->of_node, "qcom,need-keyexhg");

	pdata->channel_name = CHANNEL_NAME;

	return pdata;
	}

	static int ssm_probe(struct platform_device *pdev)
	{
	int rc;
	struct ssm_platform_data *pdata;
	struct ssm_driver *drv;

	if (pdev->dev.of_node)
	pdata = populate_ssm_pdata(&pdev->dev);
	else
	pdata = pdev->dev.platform_data;

	if (!pdata) {
	dev_err(&pdev->dev, "Empty platform data\n");
	return -ENOMEM;
	}

	drv = devm_kzalloc(&pdev->dev, sizeof(struct ssm_driver),
	GFP_KERNEL);
	if (!drv) {
	dev_err(&pdev->dev, "Unable to allocate memory\n");
	return -ENOMEM;
	}

	/* Allocate response buffer */
	drv->resp = devm_kzalloc(&pdev->dev,
	sizeof(struct tzapp_get_mode_info_rsp),
	GFP_KERNEL);
	if (!drv->resp) {
	rc = -ENOMEM;
	goto exit;
	}

	/* Initialize the driver structure */
	drv->app_status = RETRY;
	drv->ready = false;
	drv->update_status = FAILED;
	mutex_init(&drv->mutex);
	drv->key_status = !pdata->need_key_exchg;
	drv->channel_name = (char *)pdata->channel_name;
	INIT_WORK(&drv->ipc_work, ssm_app_modem_work_fn);

	/* Allocate memory for smd buffer */
	drv->smd_buffer = devm_kzalloc(&pdev->dev,
	(sizeof(char) * ATOM_MSG_LEN), GFP_KERNEL);
	if (!drv->smd_buffer) {
	rc = -ENOMEM;
	goto exit;
	}

	drv->dev = &pdev->dev;
	ssm_drv = drv;
	platform_set_drvdata(pdev, ssm_drv);

	dev_dbg(&pdev->dev, "probe success\n");
	return 0;

	exit:
	mutex_destroy(&drv->mutex);
	platform_set_drvdata(pdev, NULL);
	return rc;

	}

	static int ssm_remove(struct platform_device *pdev)
	{

	if (!ssm_drv)
	return 0;
	/*
	* Step to exit
	* 1. set ready to 0 (oem access closed).
	* 2. Close SMD modem connection closed.
	* 3. cleanup ion.
	*/
	ssm_drv->ready = false;
	smd_close(ssm_drv->ch);
	flush_work(&ssm_drv->ipc_work);

	/* Shutdown tzapp */
	dev_dbg(&pdev->dev, "Shutting down TZapp\n");
	qseecom_shutdown_app(&ssm_drv->qseecom_handle);

	return 0;
	}

	static struct of_device_id ssm_match_table[] = {
	{
	.compatible = "qcom,ssm",
	},
	{}
	};

	static struct platform_driver ssm_pdriver = {
	.probe = ssm_probe,
	.remove = ssm_remove,
	.driver = {
	.name = SSM_DEV_NAME,
	.owner = THIS_MODULE,
	.of_match_table = ssm_match_table,
	},
	};
	module_platform_driver(ssm_pdriver);

	/*
	* Interface for external OEM driver.
	* This interface supports following functionalities:
	* 1. Set mode (encrypted mode and it's length is passed as parameter).
	* 2. Set mode from TZ (read encrypted mode from TZ)
	* 3. Get status of mode update.
	*
	*/
	int ssm_oem_driver_intf(int cmd, char *mode, int len)
	{
	int rc, req_len, resp_len;
	struct tzapp_get_mode_info_req *get_mode_req;
	struct tzapp_get_mode_info_rsp *get_mode_resp;

	/* If ssm_drv is NULL, probe failed */
	if (!ssm_drv)
	return -ENODEV;

	mutex_lock(&ssm_drv->mutex);

	if (ssm_drv->app_status == RETRY) {
	/* Load TZAPP */
	rc = ssm_load_app(ssm_drv);
	if (rc) {
	rc = -ENODEV;
	goto unlock;
	}
	} else if (ssm_drv->app_status == FAILED) {
	rc = -ENODEV;
	goto unlock;
	}

	/* Open modem SMD interface */
	if (!ssm_drv->ready) {
	rc = smd_named_open_on_edge(ssm_drv->channel_name,
	SMD_APPS_MODEM,
	&ssm_drv->ch,
	ssm_drv,
	modem_request);
	if (rc) {
	rc = -EAGAIN;
	goto unlock;
	} else
	ssm_drv->ready = true;
	}

	/* Try again modem key-exchange not yet done.*/
	if (!ssm_drv->key_status) {
	rc = -EAGAIN;
	goto unlock;
	}

	/* Set return status to success */
	rc = 0;

	switch (cmd) {
	case SSM_READY:
	break;

	case SSM_MODE_INFO_READY:
	ssm_drv->update_status = RETRY;
	/* Fill command structure */
	req_len = sizeof(struct tzapp_get_mode_info_req);
	resp_len = sizeof(struct tzapp_get_mode_info_rsp);
	setup_cmd_rsp_buffers(ssm_drv->qseecom_handle,
	(void **)&get_mode_req, &req_len,
	(void **)&get_mode_resp, &resp_len);
	get_mode_req->tzapp_ssm_cmd = GET_ENC_MODE;

	rc = qseecom_set_bandwidth(ssm_drv->qseecom_handle, 1);
	if (rc) {
	ssm_drv->update_status = FAILED;
	dev_err(ssm_drv->dev, "set bandwidth failed\n");
	rc = -EIO;
	break;
	}
	rc = qseecom_send_command(ssm_drv->qseecom_handle,
	(void *)get_mode_req, req_len,
	(void *)get_mode_resp, resp_len);
	if (rc \|\| get_mode_resp->status) {
	ssm_drv->update_status = FAILED;
	break;
	}
	rc = qseecom_set_bandwidth(ssm_drv->qseecom_handle, 0);
	if (rc) {
	ssm_drv->update_status = FAILED;
	dev_err(ssm_drv->dev, "clear bandwidth failed\n");
	rc = -EIO;
	break;
	}

	if (get_mode_resp->enc_mode_len > ENC_MODE_MAX_SIZE) {
	ssm_drv->update_status = FAILED;
	rc = -EINVAL;
	break;
	}
	/* Send mode_info to modem */
	rc = update_modem(SSM_ATOM_MODE_UPDATE, ssm_drv,
	get_mode_resp->enc_mode_len,
	get_mode_resp->enc_mode_info);
	if (rc)
	ssm_drv->update_status = FAILED;
	break;

	case SSM_SET_MODE:
	ssm_drv->update_status = RETRY;

	if (len > ENC_MODE_MAX_SIZE) {
	ssm_drv->update_status = FAILED;
	rc = -EINVAL;
	break;
	}
	memcpy(ssm_drv->resp->enc_mode_info, mode, len);
	ssm_drv->resp->enc_mode_len = len;

	/* Send mode_info to modem */
	rc = update_modem(SSM_ATOM_MODE_UPDATE, ssm_drv,
	ssm_drv->resp->enc_mode_len,
	ssm_drv->resp->enc_mode_info);
	if (rc)
	ssm_drv->update_status = FAILED;
	break;

	case SSM_GET_MODE_STATUS:
	rc = ssm_drv->update_status;
	break;

	default:
	rc = -EINVAL;
	dev_err(ssm_drv->dev, "Invalid command\n");
	break;
	};

	unlock:
	mutex_unlock(&ssm_drv->mutex);
	return rc;
	}
	EXPORT_SYMBOL_GPL(ssm_oem_driver_intf);

	MODULE_LICENSE("GPL v2");
	MODULE_DESCRIPTION("Qualcomm Secure Service Module");