On Tue, Jun 10, 2025 at 03:13:53PM +0200, Jens Wiklander wrote:
> Add support in the OP-TEE backend driver for dynamic protected memory
> allocation using the SMC ABI.
>
> Signed-off-by: Jens Wiklander <jens.wiklan...@linaro.org>
> ---
> drivers/tee/optee/smc_abi.c | 78 +++++++++++++++++++++++++++++++++++--
> 1 file changed, 75 insertions(+), 3 deletions(-)
Reviewed-by: Sumit Garg <sumit.g...@oss.qualcomm.com>
-Sumit
>
> diff --git a/drivers/tee/optee/smc_abi.c b/drivers/tee/optee/smc_abi.c
> index cf106d15e64e..fd1d873de941 100644
> --- a/drivers/tee/optee/smc_abi.c
> +++ b/drivers/tee/optee/smc_abi.c
> @@ -965,6 +965,70 @@ static int optee_smc_do_call_with_arg(struct tee_context
> *ctx,
> return rc;
> }
>
> +static int optee_smc_lend_protmem(struct optee *optee, struct tee_shm
> *protmem,
> + u16 *end_points, unsigned int ep_count,
> + u32 use_case)
> +{
> + struct optee_shm_arg_entry *entry;
> + struct optee_msg_arg *msg_arg;
> + struct tee_shm *shm;
> + u_int offs;
> + int rc;
> +
> + msg_arg = optee_get_msg_arg(optee->ctx, 2, &entry, &shm, &offs);
> + if (IS_ERR(msg_arg))
> + return PTR_ERR(msg_arg);
> +
> + msg_arg->cmd = OPTEE_MSG_CMD_LEND_PROTMEM;
> + msg_arg->params[0].attr = OPTEE_MSG_ATTR_TYPE_VALUE_INPUT;
> + msg_arg->params[0].u.value.a = use_case;
> + msg_arg->params[1].attr = OPTEE_MSG_ATTR_TYPE_TMEM_INPUT;
> + msg_arg->params[1].u.tmem.buf_ptr = protmem->paddr;
> + msg_arg->params[1].u.tmem.size = protmem->size;
> + msg_arg->params[1].u.tmem.shm_ref = (u_long)protmem;
> +
> + rc = optee->ops->do_call_with_arg(optee->ctx, shm, offs, false);
> + if (rc)
> + goto out;
> + if (msg_arg->ret != TEEC_SUCCESS) {
> + rc = -EINVAL;
> + goto out;
> + }
> + protmem->sec_world_id = (u_long)protmem;
> +
> +out:
> + optee_free_msg_arg(optee->ctx, entry, offs);
> + return rc;
> +}
> +
> +static int optee_smc_reclaim_protmem(struct optee *optee,
> + struct tee_shm *protmem)
> +{
> + struct optee_shm_arg_entry *entry;
> + struct optee_msg_arg *msg_arg;
> + struct tee_shm *shm;
> + u_int offs;
> + int rc;
> +
> + msg_arg = optee_get_msg_arg(optee->ctx, 1, &entry, &shm, &offs);
> + if (IS_ERR(msg_arg))
> + return PTR_ERR(msg_arg);
> +
> + msg_arg->cmd = OPTEE_MSG_CMD_RECLAIM_PROTMEM;
> + msg_arg->params[0].attr = OPTEE_MSG_ATTR_TYPE_RMEM_INPUT;
> + msg_arg->params[0].u.rmem.shm_ref = (u_long)protmem;
> +
> + rc = optee->ops->do_call_with_arg(optee->ctx, shm, offs, false);
> + if (rc)
> + goto out;
> + if (msg_arg->ret != TEEC_SUCCESS)
> + rc = -EINVAL;
> +
> +out:
> + optee_free_msg_arg(optee->ctx, entry, offs);
> + return rc;
> +}
> +
> /*
> * 5. Asynchronous notification
> */
> @@ -1216,6 +1280,8 @@ static const struct optee_ops optee_ops = {
> .do_call_with_arg = optee_smc_do_call_with_arg,
> .to_msg_param = optee_to_msg_param,
> .from_msg_param = optee_from_msg_param,
> + .lend_protmem = optee_smc_lend_protmem,
> + .reclaim_protmem = optee_smc_reclaim_protmem,
> };
>
> static int enable_async_notif(optee_invoke_fn *invoke_fn)
> @@ -1628,14 +1694,20 @@ static struct tee_protmem_pool
> *static_protmem_pool_init(struct optee *optee)
>
> static int optee_protmem_pool_init(struct optee *optee)
> {
> + bool protm = optee->smc.sec_caps & OPTEE_SMC_SEC_CAP_PROTMEM;
> + bool dyn_protm = optee->smc.sec_caps &
> + OPTEE_SMC_SEC_CAP_DYNAMIC_PROTMEM;
> enum tee_dma_heap_id heap_id = TEE_DMA_HEAP_SECURE_VIDEO_PLAY;
> struct tee_protmem_pool *pool = ERR_PTR(-EINVAL);
> - int rc;
> + int rc = -EINVAL;
>
> - if (!(optee->smc.sec_caps & OPTEE_SMC_SEC_CAP_PROTMEM))
> + if (!protm && !dyn_protm)
> return 0;
>
> - pool = static_protmem_pool_init(optee);
> + if (protm)
> + pool = static_protmem_pool_init(optee);
> + if (dyn_protm && IS_ERR(pool))
> + pool = optee_protmem_alloc_dyn_pool(optee, heap_id);
> if (IS_ERR(pool))
> return PTR_ERR(pool);
>
> --
> 2.43.0
>
