kernel/drivers/tee/optee/core.c, branch linux-rolling-stableHosts the 0x221E linux distro kernel.https://universe.0xinfinity.dev/distro/kernel/atom?h=linux-rolling-stable2025-09-15T14:16:25ZMerge tag 'tee-prot-dma-buf-for-v6.18' of git://git.kernel.org/pub/scm/linux/kernel/git/jenswi/linux-tee into soc/drivers2025-09-15T14:16:25ZArnd Bergmannarnd@arndb.de2025-09-15T14:05:04Zurn:sha1:820429d53bd7c8b19beb5686540f372be2a18eea
TEE protected DMA-bufs for v6.18
- Allocates protected DMA-bufs from a DMA-heap instantiated from the TEE
subsystem.
- The DMA-heap uses a protected memory pool provided by the backend TEE
driver, allowing it to choose how to allocate the protected physical
memory.
- Three use-cases (Secure Video Playback, Trusted UI, and Secure Video
Recording) have been identified so far to serve as examples of what
can be expected.
- The use-cases have predefined DMA-heap names,
"protected,secure-video", "protected,trusted-ui", and
"protected,secure-video-record". The backend driver registers protected
memory pools for the use-cases it supports.
* tag 'tee-prot-dma-buf-for-v6.18' of git://git.kernel.org/pub/scm/linux/kernel/git/jenswi/linux-tee:
optee: smc abi: dynamic protected memory allocation
optee: FF-A: dynamic protected memory allocation
optee: support protected memory allocation
tee: add tee_shm_alloc_dma_mem()
tee: new ioctl to a register tee_shm from a dmabuf file descriptor
tee: refactor params_from_user()
tee: implement protected DMA-heap
dma-buf: dma-heap: export declared functions
optee: sync secure world ABI headers
Link: https://lore.kernel.org/r/20250912101752.GA1453408@rayden
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
optee: support protected memory allocation2025-09-11T09:22:36ZJens Wiklanderjens.wiklander@linaro.org2025-08-13T06:02:56Zurn:sha1:0e32abef9fc8a418fbe64d4372c6791e02b5c386
Add support in the OP-TEE backend driver for protected memory
allocation. The support is limited to only the SMC ABI and for secure
video buffers.
OP-TEE is probed for the range of protected physical memory and a
memory pool allocator is initialized if OP-TEE have support for such
memory.
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
drivers: tee: improve sysfs interface by using sysfs_emit()2025-08-04T09:05:23ZAkhilesh Patilakhilesh@ee.iitb.ac.in2025-07-18T15:30:13Zurn:sha1:1faa0d62a19bb8a4b9022b603472e7127974cb55
Replace scnprintf() with sysfs_emit() while formatting buffer that is
passed to userspace as per the recommendation in
Documentation/filesystems/sysfs.rst. sysfs _show() callbacks should use
sysfs_emit() or sysfs_emit_at() while returning values to the userspace.
This change does not impact functionality, but aligns with sysfs
interface usage guidelines for the tee driver.
Signed-off-by: Akhilesh Patil <akhilesh@ee.iitb.ac.in>
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
optee: probe RPMB device using RPMB subsystem2024-08-26T11:16:20ZJens Wiklanderjens.wiklander@linaro.org2024-08-14T15:35:58Zurn:sha1:f0c8431568eedee7705c92f5c341bdc4567e3ad5
Adds support in the OP-TEE drivers (both SMC and FF-A ABIs) to probe and
use an RPMB device via the RPMB subsystem instead of passing the RPMB
frames via tee-supplicant in user space. A fallback mechanism is kept to
route RPMB frames via tee-supplicant if the RPMB subsystem isn't
available.
The OP-TEE RPC ABI is extended to support iterating over all RPMB
devices until one is found with the expected RPMB key already
programmed.
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Manuel Traut <manut@mecka.net>
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Link: https://lore.kernel.org/r/20240814153558.708365-5-jens.wiklander@linaro.org
Signed-off-by: Ulf Hansson <ulf.hansson@linaro.org>
tee: optee: Move pool_op helper functions2024-04-03T11:58:20ZBalint Dobszaybalint.dobszay@arm.com2024-03-25T15:11:02Zurn:sha1:cf4441503e20a0c0a36e0a98dcf57de3d3844c91
Move the pool alloc and free helper functions from the OP-TEE driver to
the TEE subsystem, since these could be reused in other TEE drivers.
This patch is not supposed to change behavior, it's only reorganizing
the code.
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Suggested-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
tee: Refactor TEE subsystem header files2024-04-03T07:19:31ZSumit Gargsumit.garg@linaro.org2024-03-25T15:11:01Zurn:sha1:0439fcff304acdedfc493dbf900dce86922fd31f
Since commit 25559c22cef8 ("tee: add kernel internal client interface"),
it has been a common include/linux/tee_drv.h header file which is shared
to hold TEE subsystem internal bits along with the APIs exposed to the
TEE client drivers. However, this practice is prone to TEE subsystem
internal APIs abuse and especially so with the new TEE implementation
drivers being added to reuse existing functionality.
In order to address this split TEE subsystem internal bits as a separate
header file: include/linux/tee_core.h which should be the one used by
TEE implementation drivers. With that include/linux/tee_drv.h lists only
APIs exposed by TEE subsystem to the TEE client drivers.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Merge tag 'optee-cleanup-for-v6.8' of https://git.linaro.org/people/jens.wiklander/linux-tee into soc/drivers2023-12-22T11:37:09ZArnd Bergmannarnd@arndb.de2023-12-22T11:37:09Zurn:sha1:3408005e304ee276ff1adf4169ac7c4345386cfa
OP-TEE cleanup
- Remove a redundant custom workqueue in the OP-TEE driver.
- Fix a missing description of an argument to optee_handle_rpc().
* tag 'optee-cleanup-for-v6.8' of https://git.linaro.org/people/jens.wiklander/linux-tee:
optee: add missing description of RPC argument reference
tee: optee: Remove redundant custom workqueue
tee: optee: Fix supplicant based device enumeration
Link: https://lore.kernel.org/r/20231214132237.GA3092763@rayden
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Merge tag 'kern-priv-shm-for-v6.8' of https://git.linaro.org/people/jens.wiklander/linux-tee into soc/drivers2023-12-22T10:44:16ZArnd Bergmannarnd@arndb.de2023-12-22T10:44:16Zurn:sha1:daa554ab044b8f6ff0f1f3345326ce3ec0c6a272
OP-TEE kernel private shared memory optimizations
Optimize OP-TEE driver private shared memory allocated as dynamic shared
memory. Both to handle larger than one page allocations and for more
efficient memory usage.
* tag 'kern-priv-shm-for-v6.8' of https://git.linaro.org/people/jens.wiklander/linux-tee:
optee: allocate shared memory with alloc_pages_exact()
optee: add page list to kernel private shared memory
Link: https://lore.kernel.org/r/20231211115815.GA616539@rayden
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
optee: allocate shared memory with alloc_pages_exact()2023-12-04T13:48:42ZJens Wiklanderjens.wiklander@linaro.org2023-11-14T09:52:17Zurn:sha1:225a36b96359aceaa9a6399f2dff99627397e637
Allocate memory to share with the secure world using alloc_pages_exact()
instead of alloc_pages() for more efficient memory usage.
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
optee: add page list to kernel private shared memory2023-12-04T13:47:17ZJens Wiklanderjens.wiklander@linaro.org2023-11-14T09:52:16Zurn:sha1:69724b3eac9894853e9b044b65e0add009fc88b5
Until now has kernel private shared memory allocated as dynamic shared
memory (not from the static shared memory pool) been returned without a
list of physical pages on allocations via RPC. To support allocations
larger than one page add a list of physical pages.
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>