lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <20220502152219.216758-2-clement.leger@bootlin.com>
Date:   Mon,  2 May 2022 17:22:18 +0200
From:   Clément Léger <clement.leger@...tlin.com>
To:     Russell King <linux@...linux.org.uk>,
        Nicolas Ferre <nicolas.ferre@...rochip.com>,
        Alexandre Belloni <alexandre.belloni@...tlin.com>,
        Ludovic Desroches <ludovic.desroches@...rochip.com>
Cc:     Clément Léger <clement.leger@...tlin.com>,
        linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org,
        Thomas Petazzoni <thomas.petazzoni@...tlin.com>
Subject: [PATCH v3 1/2] ARM: at91: add code to handle secure calls

Since OP-TEE now has a more complete support for sama5d2, add necessary
code to perform SMC calls. The detection of OP-TEE is based on a
specific device-tree node path (/firmware/optee) such has done by some
other SoC. A check is added to avoid doing SMC calls without having
OP-TEE.

Signed-off-by: Clément Léger <clement.leger@...tlin.com>
---
 arch/arm/mach-at91/Makefile     |  2 +-
 arch/arm/mach-at91/sam_secure.c | 46 +++++++++++++++++++++++++++++++++
 arch/arm/mach-at91/sam_secure.h | 14 ++++++++++
 arch/arm/mach-at91/sama5.c      |  2 ++
 4 files changed, 63 insertions(+), 1 deletion(-)
 create mode 100644 arch/arm/mach-at91/sam_secure.c
 create mode 100644 arch/arm/mach-at91/sam_secure.h

diff --git a/arch/arm/mach-at91/Makefile b/arch/arm/mach-at91/Makefile
index 522b680b6446..0dcc37180588 100644
--- a/arch/arm/mach-at91/Makefile
+++ b/arch/arm/mach-at91/Makefile
@@ -7,7 +7,7 @@
 obj-$(CONFIG_SOC_AT91RM9200)	+= at91rm9200.o
 obj-$(CONFIG_SOC_AT91SAM9)	+= at91sam9.o
 obj-$(CONFIG_SOC_SAM9X60)	+= sam9x60.o
-obj-$(CONFIG_SOC_SAMA5)		+= sama5.o
+obj-$(CONFIG_SOC_SAMA5)		+= sama5.o sam_secure.o
 obj-$(CONFIG_SOC_SAMA7)		+= sama7.o
 obj-$(CONFIG_SOC_SAMV7)		+= samv7.o
 
diff --git a/arch/arm/mach-at91/sam_secure.c b/arch/arm/mach-at91/sam_secure.c
new file mode 100644
index 000000000000..2a01f7a7d13f
--- /dev/null
+++ b/arch/arm/mach-at91/sam_secure.c
@@ -0,0 +1,46 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright (C) 2022, Microchip
+ */
+
+#include <linux/arm-smccc.h>
+#include <linux/of.h>
+
+#include "sam_secure.h"
+
+static bool optee_available;
+
+#define SAM_SIP_SMC_STD_CALL_VAL(func_num) \
+	ARM_SMCCC_CALL_VAL(ARM_SMCCC_STD_CALL, ARM_SMCCC_SMC_32, \
+	ARM_SMCCC_OWNER_SIP, (func_num))
+
+struct arm_smccc_res sam_smccc_call(u32 fn, u32 arg0, u32 arg1)
+{
+	struct arm_smccc_res res = {.a0 = -1};
+
+	if (WARN_ON(!optee_available))
+		return res;
+
+	arm_smccc_smc(SAM_SIP_SMC_STD_CALL_VAL(fn), arg0, arg1, 0, 0, 0, 0, 0,
+		      &res);
+
+	return res;
+}
+
+void __init sam_secure_init(void)
+{
+	struct device_node *np;
+
+	/*
+	 * We only check that the OP-TEE node is present and available. The
+	 * OP-TEE kernel driver is not needed for the type of interaction made
+	 * with OP-TEE here so the driver's status is not checked.
+	 */
+	np = of_find_node_by_path("/firmware/optee");
+	if (np && of_device_is_available(np))
+		optee_available = true;
+	of_node_put(np);
+
+	if (optee_available)
+		pr_info("Running under OP-TEE firmware\n");
+}
diff --git a/arch/arm/mach-at91/sam_secure.h b/arch/arm/mach-at91/sam_secure.h
new file mode 100644
index 000000000000..360036672f52
--- /dev/null
+++ b/arch/arm/mach-at91/sam_secure.h
@@ -0,0 +1,14 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+/*
+ * Copyright (C) 2022, Microchip
+ */
+
+#ifndef SAM_SECURE_H
+#define SAM_SECURE_H
+
+#include <linux/arm-smccc.h>
+
+void __init sam_secure_init(void);
+struct arm_smccc_res sam_smccc_call(u32 fn, u32 arg0, u32 arg1);
+
+#endif /* SAM_SECURE_H */
diff --git a/arch/arm/mach-at91/sama5.c b/arch/arm/mach-at91/sama5.c
index 89dab7cf01e8..de5dd28b392e 100644
--- a/arch/arm/mach-at91/sama5.c
+++ b/arch/arm/mach-at91/sama5.c
@@ -14,6 +14,7 @@
 #include <asm/system_misc.h>
 
 #include "generic.h"
+#include "sam_secure.h"
 
 static void __init sama5_dt_device_init(void)
 {
@@ -47,6 +48,7 @@ MACHINE_END
 static void __init sama5d2_init(void)
 {
 	of_platform_default_populate(NULL, NULL, NULL);
+	sam_secure_init();
 	sama5d2_pm_init();
 }
 
-- 
2.34.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ