lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAGXv+5FN9m7fp8tXkzEqkwZ33BCW8GZSJ2iNm+gXpHXQ7xevuw@mail.gmail.com>
Date: Mon, 27 May 2024 16:19:18 +0800
From: Chen-Yu Tsai <wenst@...omium.org>
To: Yunfei Dong <yunfei.dong@...iatek.com>
Cc: Jeffrey Kardatzke <jkardatzke@...gle.com>, 
	Nícolas F . R . A . Prado <nfraprado@...labora.com>, 
	Nathan Hebert <nhebert@...omium.org>, Nicolas Dufresne <nicolas.dufresne@...labora.com>, 
	Hans Verkuil <hverkuil-cisco@...all.nl>, 
	AngeloGioacchino Del Regno <angelogioacchino.delregno@...labora.com>, 
	Benjamin Gaignard <benjamin.gaignard@...labora.com>, 
	Sebastian Fricke <sebastian.fricke@...labora.com>, Tomasz Figa <tfiga@...omium.org>, 
	Mauro Carvalho Chehab <mchehab@...nel.org>, Marek Szyprowski <m.szyprowski@...sung.com>, 
	Yong Wu <yong.wu@...iatek.com>, Hsin-Yi Wang <hsinyi@...omium.org>, 
	Fritz Koenig <frkoenig@...omium.org>, Daniel Vetter <daniel@...ll.ch>, 
	Steve Cho <stevecho@...omium.org>, Sumit Semwal <sumit.semwal@...aro.org>, 
	Brian Starkey <Brian.Starkey@....com>, John Stultz <jstultz@...gle.com>, 
	"T . J . Mercier" <tjmercier@...gle.com>, Christian König <christian.koenig@....com>, 
	Matthias Brugger <matthias.bgg@...il.com>, linux-media@...r.kernel.org, 
	dri-devel@...ts.freedesktop.org, linux-kernel@...r.kernel.org, 
	linux-arm-kernel@...ts.infradead.org, linux-mediatek@...ts.infradead.org, 
	Project_Global_Chrome_Upstream_Group@...iatek.com
Subject: Re: [PATCH v6,08/24] media: mediatek: vcodec: add tee client
 interface to communiate with optee-os

Hi,

On Thu, May 16, 2024 at 8:21 PM Yunfei Dong <yunfei.dong@...iatek.com> wrote:
>
> Open tee context to initialize the environment in order to communication
> with optee-os, then open tee session as the communication pipeline for
> lat and core to send data for hardware decode.
>
> Signed-off-by: Yunfei Dong <yunfei.dong@...iatek.com>
> ---
>  .../platform/mediatek/vcodec/decoder/Makefile |   1 +
>  .../vcodec/decoder/mtk_vcodec_dec_drv.h       |   5 +
>  .../vcodec/decoder/mtk_vcodec_dec_optee.c     | 165 ++++++++++++++++++
>  .../vcodec/decoder/mtk_vcodec_dec_optee.h     |  73 ++++++++
>  4 files changed, 244 insertions(+)
>  create mode 100644 drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_optee.c
>  create mode 100644 drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_optee.h
>
> diff --git a/drivers/media/platform/mediatek/vcodec/decoder/Makefile b/drivers/media/platform/mediatek/vcodec/decoder/Makefile
> index 904cd22def84..1624933dfd5e 100644
> --- a/drivers/media/platform/mediatek/vcodec/decoder/Makefile
> +++ b/drivers/media/platform/mediatek/vcodec/decoder/Makefile
> @@ -21,5 +21,6 @@ mtk-vcodec-dec-y := vdec/vdec_h264_if.o \
>                 mtk_vcodec_dec_stateful.o \
>                 mtk_vcodec_dec_stateless.o \
>                 mtk_vcodec_dec_pm.o \
> +               mtk_vcodec_dec_optee.o \
>
>  mtk-vcodec-dec-hw-y := mtk_vcodec_dec_hw.o
> diff --git a/drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_drv.h b/drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_drvh
> index f975db4293da..76a0323f993c 100644
> --- a/drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_drv.h
> +++ b/drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_drv.h
> @@ -11,6 +11,7 @@
>  #include "../common/mtk_vcodec_dbgfs.h"
>  #include "../common/mtk_vcodec_fw_priv.h"
>  #include "../common/mtk_vcodec_util.h"
> +#include "mtk_vcodec_dec_optee.h"
>  #include "vdec_msg_queue.h"
>
>  #define MTK_VCODEC_DEC_NAME    "mtk-vcodec-dec"
> @@ -261,6 +262,8 @@ struct mtk_vcodec_dec_ctx {
>   * @dbgfs: debug log related information
>   *
>   * @chip_name: used to distinguish platforms and select the correct codec configuration values
> + *
> + * @optee_private: optee private data
>   */
>  struct mtk_vcodec_dec_dev {
>         struct v4l2_device v4l2_dev;
> @@ -303,6 +306,8 @@ struct mtk_vcodec_dec_dev {
>         struct mtk_vcodec_dbgfs dbgfs;
>
>         enum mtk_vcodec_dec_chip_name chip_name;
> +
> +       struct mtk_vdec_optee_private *optee_private;
>  };
>
>  static inline struct mtk_vcodec_dec_ctx *fh_to_dec_ctx(struct v4l2_fh *fh)
> diff --git a/drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_optee.c b/drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_optee.c
> new file mode 100644
> index 000000000000..38d9c1c1785a
> --- /dev/null
> +++ b/drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_opteec
> @@ -0,0 +1,165 @@
> +// SPDX-License-Identifier: GPL-2.0
> +/*
> + * Copyright (c) 2023 MediaTek Inc.
> + * Author: Yunfei Dong <yunfei.dong@...iatek.com>
> + */
> +
> +#include "mtk_vcodec_dec_drv.h"
> +#include "mtk_vcodec_dec_optee.h"
> +
> +/*
> + * Randomly generated, and must correspond to the GUID on the TA side.
> + */
> +static const uuid_t mtk_vdec_lat_uuid =
> +       UUID_INIT(0xBC50D971, 0xD4C9, 0x42C4,
> +                 0x82, 0xCB, 0x34, 0x3F, 0xB7, 0xF3, 0x78, 0x90);
> +
> +static const uuid_t mtk_vdec_core_uuid =
> +       UUID_INIT(0xBC50D971, 0xD4C9, 0x42C4,
> +                 0x82, 0xCB, 0x34, 0x3F, 0xB7, 0xF3, 0x78, 0x91);
> +
> +/*
> + * Check whether this driver supports decoder TA in the TEE instance,
> + * represented by the params (ver/data) of this function.
> + */
> +static int mtk_vcodec_dec_optee_match(struct tee_ioctl_version_data *ver_data, const void *not_used)
> +{
> +       if (ver_data->impl_id == TEE_IMPL_ID_OPTEE)
> +               return 1;
> +       else
> +               return 0;
> +}
> +
> +int mtk_vcodec_dec_optee_private_init(struct mtk_vcodec_dec_dev *vcodec_dev)
> +{
> +       vcodec_dev->optee_private = devm_kzalloc(&vcodec_dev->plat_dev->dev,
> +                                                sizeof(*vcodec_dev->optee_private),
> +                                                GFP_KERNEL);
> +       if (!vcodec_dev->optee_private)
> +               return -ENOMEM;
> +
> +       vcodec_dev->optee_private->vcodec_dev = vcodec_dev;
> +
> +       atomic_set(&vcodec_dev->optee_private->tee_active_cnt, 0);
> +       mutex_init(&vcodec_dev->optee_private->tee_mutex);
> +
> +       return 0;
> +}
> +EXPORT_SYMBOL_GPL(mtk_vcodec_dec_optee_private_init);
> +
> +static int mtk_vcodec_dec_optee_init_hw_info(struct mtk_vdec_optee_private *optee_private,
> +                                            enum mtk_vdec_hw_id hardware_index)
> +{
> +       struct device *dev = &optee_private->vcodec_dev->plat_dev->dev;
> +       struct tee_ioctl_open_session_arg session_arg;
> +       struct mtk_vdec_optee_ca_info *ca_info;
> +       int err = 0, session_func;
> +
> +       /* Open lat and core session with vdec TA. */
> +       switch (hardware_index) {
> +       case MTK_VDEC_LAT0:
> +               export_uuid(session_arg.uuid, &mtk_vdec_lat_uuid);
> +               session_func = MTK_VDEC_OPTEE_TA_LAT_SUBMIT_COMMAND;
> +               ca_info = &optee_private->lat_ca;
> +               break;
> +       case MTK_VDEC_CORE:
> +               export_uuid(session_arg.uuid, &mtk_vdec_core_uuid);
> +               session_func = MTK_VDEC_OPTEE_TA_CORE_SUBMIT_COMMAND;
> +               ca_info = &optee_private->core_ca;
> +               break;
> +       default:
> +               return -EINVAL;
> +       }
> +
> +       session_arg.clnt_login = TEE_IOCTL_LOGIN_PUBLIC;
> +       session_arg.num_params = 0;
> +
> +       err = tee_client_open_session(optee_private->tee_vdec_ctx, &session_arg, NULL);
> +       if (err < 0 || session_arg.ret != 0) {
> +               dev_err(dev, MTK_DBG_VCODEC_STR "open vdec tee session fail hw_id:%d err:%x.\n",
> +                       hardware_index, session_arg.ret);
> +               return -EINVAL;
> +       }
> +       ca_info->vdec_session_id = session_arg.session;
> +       ca_info->hw_id = hardware_index;
> +       ca_info->vdec_session_func = session_func;
> +
> +       dev_dbg(dev, MTK_DBG_VCODEC_STR "open vdec tee session hw_id:%d session_id=%x.\n",
> +               hardware_index, ca_info->vdec_session_id);
> +
> +       return err;
> +}
> +
> +static void mtk_vcodec_dec_optee_deinit_hw_info(struct mtk_vdec_optee_private *optee_private,
> +                                               enum mtk_vdec_hw_id hw_id)
> +{
> +       struct mtk_vdec_optee_ca_info *ca_info;
> +
> +       if (hw_id == MTK_VDEC_LAT0)
> +               ca_info = &optee_private->lat_ca;
> +       else
> +               ca_info = &optee_private->core_ca;
> +
> +       tee_client_close_session(optee_private->tee_vdec_ctx, ca_info->vdec_session_id);

All the tee_* function calls make the driver depend on the TEE driver.
Either you need to make the whole vcodec driver depend on CONFIG_TEE
(which is probably not that good an idea), or isolate this OPTEE client
into a separate module, and make it depend on CONFIG_TEE. You then need
to add stub functions for the mtk_vcodec_dec_optee_* and
mtk_vcodec_dec_get_shm_* functions for when CONFIG_TEE=n and thus your
VIDEO_MEDIATEK_VCODEC_TEE=n.

Otherwise it's possible to build this driver with  CONFIG_TEE=n, and the
kernel will fail to link together, or if built as a module, modpost will
fail.


ChenYu

> +}
> +
> +int mtk_vcodec_dec_optee_open(struct mtk_vdec_optee_private *optee_private)
> +{
> +       struct device *dev = &optee_private->vcodec_dev->plat_dev->dev;
> +       int ret;
> +
> +       mutex_lock(&optee_private->tee_mutex);
> +       if (atomic_inc_return(&optee_private->tee_active_cnt) > 1) {
> +               mutex_unlock(&optee_private->tee_mutex);
> +               dev_dbg(dev, MTK_DBG_VCODEC_STR "already init vdec optee private data!\n");
> +               return 0;
> +       }
> +
> +       /* Open context with TEE driver */
> +       optee_private->tee_vdec_ctx = tee_client_open_context(NULL, mtk_vcodec_dec_optee_match,
> +                                                             NULL, NULL);
> +       if (IS_ERR(optee_private->tee_vdec_ctx)) {
> +               dev_err(dev, MTK_DBG_VCODEC_STR "optee vdec tee context failed.\n");
> +               ret = PTR_ERR(optee_private->tee_vdec_ctx);
> +               goto err_ctx_open;
> +       }
> +
> +       ret = mtk_vcodec_dec_optee_init_hw_info(optee_private, MTK_VDEC_LAT0);
> +       if (ret < 0)
> +               goto err_lat_init;
> +
> +       if (IS_VDEC_LAT_ARCH(optee_private->vcodec_dev->vdec_pdata->hw_arch)) {
> +               ret = mtk_vcodec_dec_optee_init_hw_info(optee_private, MTK_VDEC_CORE);
> +               if (ret < 0)
> +                       goto err_core_init;
> +       }
> +
> +       mutex_unlock(&optee_private->tee_mutex);
> +       return 0;
> +err_core_init:
> +       mtk_vcodec_dec_optee_deinit_hw_info(optee_private, MTK_VDEC_LAT0);
> +err_lat_init:
> +       tee_client_close_context(optee_private->tee_vdec_ctx);
> +err_ctx_open:
> +
> +       mutex_unlock(&optee_private->tee_mutex);
> +       return ret;
> +}
> +EXPORT_SYMBOL_GPL(mtk_vcodec_dec_optee_open);
> +
> +void mtk_vcodec_dec_optee_release(struct mtk_vdec_optee_private *optee_private)
> +{
> +       mutex_lock(&optee_private->tee_mutex);
> +       if (!atomic_dec_and_test(&optee_private->tee_active_cnt)) {
> +               mutex_unlock(&optee_private->tee_mutex);
> +               return;
> +       }
> +
> +       mtk_vcodec_dec_optee_deinit_hw_info(optee_private, MTK_VDEC_LAT0);
> +       if (IS_VDEC_LAT_ARCH(optee_private->vcodec_dev->vdec_pdata->hw_arch))
> +               mtk_vcodec_dec_optee_deinit_hw_info(optee_private, MTK_VDEC_CORE);
> +
> +       tee_client_close_context(optee_private->tee_vdec_ctx);
> +       mutex_unlock(&optee_private->tee_mutex);
> +}
> +EXPORT_SYMBOL_GPL(mtk_vcodec_dec_optee_release);
> diff --git a/drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_optee.h b/drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_optee.h
> new file mode 100644
> index 000000000000..8b1dca49331e
> --- /dev/null
> +++ b/drivers/media/platform/mediatek/vcodec/decoder/mtk_vcodec_dec_opteeh
> @@ -0,0 +1,73 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +/*
> + * Copyright (c) 2023 MediaTek Inc.
> + * Author: Yunfei Dong <yunfei.dong@...iatek.com>
> + */
> +
> +#ifndef _MTK_VCODEC_DEC_OPTEE_H_
> +#define _MTK_VCODEC_DEC_OPTEE_H_
> +
> +#include <linux/tee_drv.h>
> +#include <linux/uuid.h>
> +
> +#include "mtk_vcodec_dec_drv.h"
> +
> +/* The TA ID implemented in this TA */
> +#define MTK_VDEC_OPTEE_TA_LAT_SUBMIT_COMMAND  (0x10)
> +#define MTK_VDEC_OPTEE_TA_CORE_SUBMIT_COMMAND  (0x20)
> +
> +#define MTK_OPTEE_MAX_TEE_PARAMS 4
> +
> +/**
> + * struct mtk_vdec_optee_ca_info - ca related param
> + * @vdec_session_id:   optee TA session identifier.
> + * @hw_id:             hardware index.
> + * @vdec_session_func: trusted application function id used specific to the TA.
> + */
> +struct mtk_vdec_optee_ca_info {
> +       u32 vdec_session_id;
> +       enum mtk_vdec_hw_id hw_id;
> +       u32 vdec_session_func;
> +};
> +
> +/**
> + * struct mtk_vdec_optee_private - optee private data
> + * @vcodec_dev:     pointer to the mtk_vcodec_dev of the device
> + * @tee_vdec_ctx:   decoder TEE context handler.
> + * @lat_ca:         lat hardware information used to communicate with TA.
> + * @core_ca:        core hardware information used to communicate with TA.
> + *
> + * @tee_active_cnt: used to mark whether need to init optee
> + * @tee_mutex:      mutex lock used for optee
> + */
> +struct mtk_vdec_optee_private {
> +       struct mtk_vcodec_dec_dev *vcodec_dev;
> +       struct tee_context *tee_vdec_ctx;
> +
> +       struct mtk_vdec_optee_ca_info lat_ca;
> +       struct mtk_vdec_optee_ca_info core_ca;
> +
> +       atomic_t tee_active_cnt;
> +       /* mutext used to lock optee open and release information. */
> +       struct mutex tee_mutex;
> +};
> +
> +/**
> + * mtk_vcodec_dec_optee_open - setup the communication channels with TA.
> + * @optee_private: optee private context
> + */
> +int mtk_vcodec_dec_optee_open(struct mtk_vdec_optee_private *optee_private);
> +
> +/**
> + * mtk_vcodec_dec_optee_private_init - init optee parameters.
> + * @vcodec_dev: pointer to the mtk_vcodec_dev of the device
> + */
> +int mtk_vcodec_dec_optee_private_init(struct mtk_vcodec_dec_dev *vcodec_dev);
> +
> +/**
> + * mtk_vcodec_dec_optee_release - close the communication channels with TA.
> + * @optee_private: optee private context
> + */
> +void mtk_vcodec_dec_optee_release(struct mtk_vdec_optee_private *optee_private);
> +
> +#endif /* _MTK_VCODEC_FW_OPTEE_H_ */
> --
> 2.25.1
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ