[PATCH v2 1/2] create SMAF module

[Benjamin Gaignard]

I will change the ident in the macro.

Thanks,

Benjamin

2015-07-07 9:59 GMT+02:00 Paul Bolle :

> A nit only, I'm afraid: a license mismatch.
>
> On ma, 2015-07-06 at 13:40 +0200, Benjamin Gaignard wrote:
> > --- /dev/null
> > +++ b/drivers/smaf/smaf-core.c
>
> > + * License terms:  GNU General Public License (GPL), version 2
>
> > +MODULE_LICENSE("GPL");
>
> The comment at the top of this file states, succinctly, that the license
> is GPL v2. And, according to include/linux/module.h, the
> MODULE_LICENSE() macro here states that the license is GPL v2 or later.
> So I think that either that comment or the ident used in that macro
> needs to change.
>
> Ditto for 2/2.
>
> Thanks,
>
>
> Paul Bolle
>



-- 

Benjamin Gaignard

Graphic Working Group

Linaro.org  *│ *Open source software for ARM SoCs

Follow *Linaro: *Facebook  | Twitter
 | Blog

-- next part --
An HTML attachment was scrubbed...
URL: 

[PATCH v2 1/2] create SMAF module

[Paul Bolle]

A nit only, I'm afraid: a license mismatch.

On ma, 2015-07-06 at 13:40 +0200, Benjamin Gaignard wrote:
> --- /dev/null
> +++ b/drivers/smaf/smaf-core.c

> + * License terms:  GNU General Public License (GPL), version 2

> +MODULE_LICENSE("GPL");

The comment at the top of this file states, succinctly, that the license
is GPL v2. And, according to include/linux/module.h, the
MODULE_LICENSE() macro here states that the license is GPL v2 or later.
So I think that either that comment or the ident used in that macro
needs to change.

Ditto for 2/2.

Thanks,


Paul Bolle

[PATCH v2 1/2] create SMAF module

[Benjamin Gaignard]

Secure Memory Allocation Framework goal is to be able
to allocate memory that can be securing.
There is so much ways to allocate and securing memory that SMAF
doesn't do it by itself but need help of additional modules.
To be sure to use the correct allocation method SMAF implement
deferred allocation (i.e. allocate memory when only really needed)

Allocation modules (smaf-alloctor.h):
SMAF could manage with multiple allocation modules at same time.
To select the good one SMAF call match() to be sure that a module
can allocate memory for a given list of devices. It is to the module
to check if the devices are compatible or not with it allocation
method.

Securing module (smaf-secure.h):
The way of how securing memory it is done is platform specific.
Secure module is responsible of grant/revoke memory access.

Signed-off-by: Benjamin Gaignard 
---
 drivers/Kconfig|   2 +
 drivers/Makefile   |   1 +
 drivers/smaf/Kconfig   |   5 +
 drivers/smaf/Makefile  |   1 +
 drivers/smaf/smaf-core.c   | 751 +
 include/linux/smaf-allocator.h |  54 +++
 include/linux/smaf-secure.h|  62 
 include/uapi/linux/smaf.h  |  61 
 8 files changed, 937 insertions(+)
 create mode 100644 drivers/smaf/Kconfig
 create mode 100644 drivers/smaf/Makefile
 create mode 100644 drivers/smaf/smaf-core.c
 create mode 100644 include/linux/smaf-allocator.h
 create mode 100644 include/linux/smaf-secure.h
 create mode 100644 include/uapi/linux/smaf.h

diff --git a/drivers/Kconfig b/drivers/Kconfig
index c0cc96b..2421fcb 100644
--- a/drivers/Kconfig
+++ b/drivers/Kconfig
@@ -182,4 +182,6 @@ source "drivers/thunderbolt/Kconfig"

 source "drivers/android/Kconfig"

+source "drivers/smaf/Kconfig"
+
 endmenu
diff --git a/drivers/Makefile b/drivers/Makefile
index 46d2554..0cca66e 100644
--- a/drivers/Makefile
+++ b/drivers/Makefile
@@ -165,3 +165,4 @@ obj-$(CONFIG_RAS)   += ras/
 obj-$(CONFIG_THUNDERBOLT)  += thunderbolt/
 obj-$(CONFIG_CORESIGHT)+= hwtracing/coresight/
 obj-$(CONFIG_ANDROID)  += android/
+obj-$(CONFIG_SMAF) += smaf/
diff --git a/drivers/smaf/Kconfig b/drivers/smaf/Kconfig
new file mode 100644
index 000..d36651a
--- /dev/null
+++ b/drivers/smaf/Kconfig
@@ -0,0 +1,5 @@
+config SMAF
+   tristate "Secure Memory Allocation Framework"
+   depends on DMA_SHARED_BUFFER
+   help
+ Choose this option to enable Secure Memory Allocation Framework
diff --git a/drivers/smaf/Makefile b/drivers/smaf/Makefile
new file mode 100644
index 000..40cd882
--- /dev/null
+++ b/drivers/smaf/Makefile
@@ -0,0 +1 @@
+obj-$(CONFIG_SMAF) += smaf-core.o
diff --git a/drivers/smaf/smaf-core.c b/drivers/smaf/smaf-core.c
new file mode 100644
index 000..38dc822
--- /dev/null
+++ b/drivers/smaf/smaf-core.c
@@ -0,0 +1,751 @@
+/*
+ * smaf.c
+ *
+ * Copyright (C) Linaro SA 2015
+ * Author: Benjamin Gaignard  for Linaro.
+ * License terms:  GNU General Public License (GPL), version 2
+ */
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+struct smaf_handle {
+   struct dma_buf *dmabuf;
+   struct smaf_allocator *allocator;
+   struct dma_buf *db_alloc;
+   size_t length;
+   unsigned int flags;
+   int fd;
+   bool is_secure;
+   void *secure_ctx;
+};
+
+/**
+ * struct smaf_device - smaf device node private data
+ * @misc_dev:  the misc device
+ * @head:  list of allocator
+ * @lock:  list and secure pointer mutex
+ * @secure:pointer to secure functions helpers
+ */
+struct smaf_device {
+   struct miscdevice misc_dev;
+   struct list_head head;
+   /* list and secure pointer lock*/
+   struct mutex lock;
+   struct smaf_secure *secure;
+};
+
+static struct smaf_device smaf_dev;
+
+/**
+ * smaf_allow_cpu_access return true if CPU can access to memory
+ * if their is no secure module associated to SMAF assume that CPU can get
+ * access to the memory.
+ */
+static bool smaf_allow_cpu_access(struct smaf_handle *handle,
+ unsigned long flags)
+{
+   if (!handle->is_secure)
+   return true;
+
+   if (!smaf_dev.secure)
+   return true;
+
+   if (!smaf_dev.secure->allow_cpu_access)
+   return true;
+
+   return smaf_dev.secure->allow_cpu_access(handle->secure_ctx, flags);
+}
+
+static int smaf_grant_access(struct smaf_handle *handle, struct device *dev,
+dma_addr_t addr, size_t size,
+enum dma_data_direction dir)
+{
+   if (!handle->is_secure)
+   return 0;
+
+   if (!smaf_dev.secure)
+   return -EINVAL;
+
+   if (!smaf_dev.secure->grant_access)
+   return -EINVAL;
+
+   return smaf_dev.secure->grant_access(handle->secure_ctx,
+