mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-01 14:44:12 +00:00
Code Issues Releases Wiki Activity

optee: support asynchronous supplicant requests

Browse source 
Adds support for asynchronous supplicant requests, meaning that the
supplicant can process several requests in parallel or block in a
request for some time.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Etienne Carriere <etienne.carriere@linaro.org> (b2260 pager=y/n)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
This commit is contained in:
Jens Wiklander 2016-12-23 13:13:39 +01:00
parent f2aa97240c
commit 1647a5ac17
4 changed files with 245 additions and 175 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
drivers/tee/optee/core.c
View file

@ -187,12 +187,12 @@ static int optee_open(struct tee_context *ctx)
if (teedev == optee->supp_teedev) { if (teedev == optee->supp_teedev) {
bool busy = true; bool busy = true;
mutex_lock(&optee->supp.ctx_mutex); mutex_lock(&optee->supp.mutex);
if (!optee->supp.ctx) { if (!optee->supp.ctx) {
busy = false; busy = false;
optee->supp.ctx = ctx; optee->supp.ctx = ctx;
} }
mutex_unlock(&optee->supp.ctx_mutex); mutex_unlock(&optee->supp.mutex);
if (busy) { if (busy) {
kfree(ctxdata); kfree(ctxdata);
return -EBUSY; return -EBUSY;
@ -252,11 +252,8 @@ static void optee_release(struct tee_context *ctx)
ctx->data = NULL; ctx->data = NULL;
if (teedev == optee->supp_teedev) { if (teedev == optee->supp_teedev)
mutex_lock(&optee->supp.ctx_mutex); optee_supp_release(&optee->supp);
optee->supp.ctx = NULL;
mutex_unlock(&optee->supp.ctx_mutex);
}
} }
static const struct tee_driver_ops optee_ops = { static const struct tee_driver_ops optee_ops = {

41
drivers/tee/optee/optee_private.h
View file

@ -53,36 +53,24 @@ struct optee_wait_queue {
* @ctx the context of current connected supplicant. * @ctx the context of current connected supplicant.
* if !NULL the supplicant device is available for use, * if !NULL the supplicant device is available for use,
* else busy * else busy
* @ctx_mutex: held while accessing @ctx * @mutex: held while accessing content of this struct
* @func: supplicant function id to call * @req_id: current request id if supplicant is doing synchronous
* @ret: call return value * communication, else -1
* @num_params: number of elements in @param * @reqs: queued request not yet retrieved by supplicant
* @param: parameters for @func * @idr: IDR holding all requests currently being processed
* @req_posted: if true, a request has been posted to the supplicant * by supplicant
* @supp_next_send: if true, next step is for supplicant to send response * @reqs_c: completion used by supplicant when waiting for a
* @thrd_mutex: held by the thread doing a request to supplicant * request to be queued.
* @supp_mutex: held by supplicant while operating on this struct
* @data_to_supp: supplicant is waiting on this for next request
* @data_from_supp: requesting thread is waiting on this to get the result
*/ */
struct optee_supp { struct optee_supp {
/* Serializes access to this struct */
struct mutex mutex;
struct tee_context *ctx; struct tee_context *ctx;
/* Serializes access of ctx */
struct mutex ctx_mutex;
u32 func; int req_id;
u32 ret; struct list_head reqs;
size_t num_params; struct idr idr;
struct tee_param *param; struct completion reqs_c;
bool req_posted;
bool supp_next_send;
/* Serializes access to this struct for requesting thread */
struct mutex thrd_mutex;
/* Serializes access to this struct for supplicant threads */
struct mutex supp_mutex;
struct completion data_to_supp;
struct completion data_from_supp;
}; };
/** /**
@ -142,6 +130,7 @@ int optee_supp_read(struct tee_context *ctx, void __user *buf, size_t len);
int optee_supp_write(struct tee_context *ctx, void __user *buf, size_t len); int optee_supp_write(struct tee_context *ctx, void __user *buf, size_t len);
void optee_supp_init(struct optee_supp *supp); void optee_supp_init(struct optee_supp *supp);
void optee_supp_uninit(struct optee_supp *supp); void optee_supp_uninit(struct optee_supp *supp);
void optee_supp_release(struct optee_supp *supp);
int optee_supp_recv(struct tee_context *ctx, u32 *func, u32 *num_params, int optee_supp_recv(struct tee_context *ctx, u32 *func, u32 *num_params,
struct tee_param *param); struct tee_param *param);

4
drivers/tee/optee/rpc.c
View file

@ -192,10 +192,10 @@ static struct tee_shm *cmd_alloc_suppl(struct tee_context *ctx, size_t sz)
if (ret) if (ret)
return ERR_PTR(-ENOMEM); return ERR_PTR(-ENOMEM);
mutex_lock(&optee->supp.ctx_mutex); mutex_lock(&optee->supp.mutex);
/* Increases count as secure world doesn't have a reference */ /* Increases count as secure world doesn't have a reference */
shm = tee_shm_get_from_id(optee->supp.ctx, param.u.value.c); shm = tee_shm_get_from_id(optee->supp.ctx, param.u.value.c);
mutex_unlock(&optee->supp.ctx_mutex); mutex_unlock(&optee->supp.mutex);
return shm; return shm;
} }

364
drivers/tee/optee/supp.c
View file

@ -16,21 +16,61 @@
#include <linux/uaccess.h> #include <linux/uaccess.h>
#include "optee_private.h" #include "optee_private.h"
struct optee_supp_req {
struct list_head link;
bool busy;
u32 func;
u32 ret;
size_t num_params;
struct tee_param *param;
struct completion c;
};
void optee_supp_init(struct optee_supp *supp) void optee_supp_init(struct optee_supp *supp)
{ {
memset(supp, 0, sizeof(*supp)); memset(supp, 0, sizeof(*supp));
mutex_init(&supp->ctx_mutex); mutex_init(&supp->mutex);
mutex_init(&supp->thrd_mutex); init_completion(&supp->reqs_c);
mutex_init(&supp->supp_mutex); idr_init(&supp->idr);
init_completion(&supp->data_to_supp); INIT_LIST_HEAD(&supp->reqs);
init_completion(&supp->data_from_supp); supp->req_id = -1;
} }
void optee_supp_uninit(struct optee_supp *supp) void optee_supp_uninit(struct optee_supp *supp)
{ {
mutex_destroy(&supp->ctx_mutex); mutex_destroy(&supp->mutex);
mutex_destroy(&supp->thrd_mutex); idr_destroy(&supp->idr);
mutex_destroy(&supp->supp_mutex); }
void optee_supp_release(struct optee_supp *supp)
{
int id;
struct optee_supp_req *req;
struct optee_supp_req *req_tmp;
mutex_lock(&supp->mutex);
/* Abort all request retrieved by supplicant */
idr_for_each_entry(&supp->idr, req, id) {
req->busy = false;
idr_remove(&supp->idr, id);
req->ret = TEEC_ERROR_COMMUNICATION;
complete(&req->c);
}
/* Abort all queued requests */
list_for_each_entry_safe(req, req_tmp, &supp->reqs, link) {
list_del(&req->link);
req->ret = TEEC_ERROR_COMMUNICATION;
complete(&req->c);
}
supp->ctx = NULL;
supp->req_id = -1;
mutex_unlock(&supp->mutex);
} }
/** /**
@ -44,53 +84,42 @@ void optee_supp_uninit(struct optee_supp *supp)
*/ */
u32 optee_supp_thrd_req(struct tee_context *ctx, u32 func, size_t num_params, u32 optee_supp_thrd_req(struct tee_context *ctx, u32 func, size_t num_params,
struct tee_param *param) struct tee_param *param)
{ {
bool interruptable;
struct optee *optee = tee_get_drvdata(ctx->teedev); struct optee *optee = tee_get_drvdata(ctx->teedev);
struct optee_supp *supp = &optee->supp; struct optee_supp *supp = &optee->supp;
struct optee_supp_req *req = kzalloc(sizeof(*req), GFP_KERNEL);
bool interruptable;
u32 ret; u32 ret;
/* if (!req)
* Other threads blocks here until we've copied our answer from return TEEC_ERROR_OUT_OF_MEMORY;
* supplicant.
*/
while (mutex_lock_interruptible(&supp->thrd_mutex)) {
/* See comment below on when the RPC can be interrupted. */
mutex_lock(&supp->ctx_mutex);
interruptable = !supp->ctx;
mutex_unlock(&supp->ctx_mutex);
if (interruptable)
return TEEC_ERROR_COMMUNICATION;
}
/* init_completion(&req->c);
* We have exclusive access now since the supplicant at this req->func = func;
* point is either doing a req->num_params = num_params;
* wait_for_completion_interruptible(&supp->data_to_supp) or is in req->param = param;
* userspace still about to do the ioctl() to enter
* optee_supp_recv() below.
*/
supp->func = func; /* Insert the request in the request list */
supp->num_params = num_params; mutex_lock(&supp->mutex);
supp->param = param; list_add_tail(&req->link, &supp->reqs);
supp->req_posted = true; mutex_unlock(&supp->mutex);
/* Let supplicant get the data */ /* Tell an eventual waiter there's a new request */
complete(&supp->data_to_supp); complete(&supp->reqs_c);
/* /*
* Wait for supplicant to process and return result, once we've * Wait for supplicant to process and return result, once we've
* returned from wait_for_completion(data_from_supp) we have * returned from wait_for_completion(&req->c) successfully we have
* exclusive access again. * exclusive access again.
*/ */
while (wait_for_completion_interruptible(&supp->data_from_supp)) { while (wait_for_completion_interruptible(&req->c)) {
mutex_lock(&supp->ctx_mutex); mutex_lock(&supp->mutex);
interruptable = !supp->ctx; interruptable = !supp->ctx;
if (interruptable) { if (interruptable) {
/* /*
* There's no supplicant available and since the * There's no supplicant available and since the
* supp->ctx_mutex currently is held none can * supp->mutex currently is held none can
* become available until the mutex released * become available until the mutex released
* again. * again.
* *
@ -101,28 +130,65 @@ u32 optee_supp_thrd_req(struct tee_context *ctx, u32 func, size_t num_params,
* will serve all requests in a timely manner and * will serve all requests in a timely manner and
* interrupting then wouldn't make sense. * interrupting then wouldn't make sense.
*/ */
supp->ret = TEEC_ERROR_COMMUNICATION; interruptable = !req->busy;
init_completion(&supp->data_to_supp); if (!req->busy)
list_del(&req->link);
} }
mutex_unlock(&supp->ctx_mutex); mutex_unlock(&supp->mutex);
if (interruptable)
if (interruptable) {
req->ret = TEEC_ERROR_COMMUNICATION;
break; break;
}
} }
ret = supp->ret; ret = req->ret;
supp->param = NULL; kfree(req);
supp->req_posted = false;
/* We're done, let someone else talk to the supplicant now. */
mutex_unlock(&supp->thrd_mutex);
return ret; return ret;
} }
static int supp_check_recv_params(size_t num_params, struct tee_param *params) static struct optee_supp_req *supp_pop_entry(struct optee_supp *supp,
int num_params, int *id)
{
struct optee_supp_req *req;
if (supp->req_id != -1) {
/*
* Supplicant should not mix synchronous and asnynchronous
* requests.
*/
return ERR_PTR(-EINVAL);
}
if (list_empty(&supp->reqs))
return NULL;
req = list_first_entry(&supp->reqs, struct optee_supp_req, link);
if (num_params < req->num_params) {
/* Not enough room for parameters */
return ERR_PTR(-EINVAL);
}
*id = idr_alloc(&supp->idr, req, 1, 0, GFP_KERNEL);
if (*id < 0)
return ERR_PTR(-ENOMEM);
list_del(&req->link);
req->busy = true;
return req;
}
static int supp_check_recv_params(size_t num_params, struct tee_param *params,
size_t *num_meta)
{ {
size_t n; size_t n;
if (!num_params)
return -EINVAL;
/* /*
* If there's memrefs we need to decrease those as they where * If there's memrefs we need to decrease those as they where
* increased earlier and we'll even refuse to accept any below. * increased earlier and we'll even refuse to accept any below.
@ -132,11 +198,20 @@ static int supp_check_recv_params(size_t num_params, struct tee_param *params)
tee_shm_put(params[n].u.memref.shm); tee_shm_put(params[n].u.memref.shm);
/* /*
* We only expect parameters as TEE_IOCTL_PARAM_ATTR_TYPE_NONE (0). * We only expect parameters as TEE_IOCTL_PARAM_ATTR_TYPE_NONE with
* or without the TEE_IOCTL_PARAM_ATTR_META bit set.
*/ */
for (n = 0; n < num_params; n++) for (n = 0; n < num_params; n++)
if (params[n].attr) if (params[n].attr &&
params[n].attr != TEE_IOCTL_PARAM_ATTR_META)
return -EINVAL; return -EINVAL;
/* At most we'll need one meta parameter so no need to check for more */
if (params->attr == TEE_IOCTL_PARAM_ATTR_META)
*num_meta = 1;
else
*num_meta = 0;
return 0; return 0;
} }
@ -156,69 +231,99 @@ int optee_supp_recv(struct tee_context *ctx, u32 *func, u32 *num_params,
struct tee_device *teedev = ctx->teedev; struct tee_device *teedev = ctx->teedev;
struct optee *optee = tee_get_drvdata(teedev); struct optee *optee = tee_get_drvdata(teedev);
struct optee_supp *supp = &optee->supp; struct optee_supp *supp = &optee->supp;
struct optee_supp_req *req = NULL;
int id;
size_t num_meta;
int rc; int rc;
rc = supp_check_recv_params(*num_params, param); rc = supp_check_recv_params(*num_params, param, &num_meta);
if (rc) if (rc)
return rc; return rc;
/* while (true) {
* In case two threads in one supplicant is calling this function mutex_lock(&supp->mutex);
* simultaneously we need to protect the data with a mutex which req = supp_pop_entry(supp, *num_params - num_meta, &id);
* we'll release before returning. mutex_unlock(&supp->mutex);
*/
mutex_lock(&supp->supp_mutex);
if (supp->supp_next_send) { if (req) {
/* if (IS_ERR(req))
* optee_supp_recv() has been called again without return PTR_ERR(req);
* a optee_supp_send() in between. Supplicant has break;
* probably been restarted before it was able to
* write back last result. Abort last request and
* wait for a new.
*/
if (supp->req_posted) {
supp->ret = TEEC_ERROR_COMMUNICATION;
supp->supp_next_send = false;
complete(&supp->data_from_supp);
} }
}
/*
* This is where supplicant will be hanging most of the
* time, let's make this interruptable so we can easily
* restart supplicant if needed.
*/
if (wait_for_completion_interruptible(&supp->data_to_supp)) {
rc = -ERESTARTSYS;
goto out;
}
/* We have exlusive access to the data */
if (*num_params < supp->num_params) {
/* /*
* Not enough room for parameters, tell supplicant * If we didn't get a request we'll block in
* it failed and abort last request. * wait_for_completion() to avoid needless spinning.
*
* This is where supplicant will be hanging most of
* the time, let's make this interruptable so we
* can easily restart supplicant if needed.
*/ */
supp->ret = TEEC_ERROR_COMMUNICATION; if (wait_for_completion_interruptible(&supp->reqs_c))
rc = -EINVAL; return -ERESTARTSYS;
complete(&supp->data_from_supp);
goto out;
} }
*func = supp->func; if (num_meta) {
*num_params = supp->num_params; /*
memcpy(param, supp->param, * tee-supplicant support meta parameters -> requsts can be
sizeof(struct tee_param) * supp->num_params); * processed asynchronously.
*/
param->attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INOUT |
TEE_IOCTL_PARAM_ATTR_META;
param->u.value.a = id;
param->u.value.b = 0;
param->u.value.c = 0;
} else {
mutex_lock(&supp->mutex);
supp->req_id = id;
mutex_unlock(&supp->mutex);
}
/* Allow optee_supp_send() below to do its work */ *func = req->func;
supp->supp_next_send = true; *num_params = req->num_params + num_meta;
memcpy(param + num_meta, req->param,
sizeof(struct tee_param) * req->num_params);
rc = 0; return 0;
out: }
mutex_unlock(&supp->supp_mutex);
return rc; static struct optee_supp_req *supp_pop_req(struct optee_supp *supp,
size_t num_params,
struct tee_param *param,
size_t *num_meta)
{
struct optee_supp_req *req;
int id;
size_t nm;
const u32 attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INOUT |
TEE_IOCTL_PARAM_ATTR_META;
if (!num_params)
return ERR_PTR(-EINVAL);
if (supp->req_id == -1) {
if (param->attr != attr)
return ERR_PTR(-EINVAL);
id = param->u.value.a;
nm = 1;
} else {
id = supp->req_id;
nm = 0;
}
req = idr_find(&supp->idr, id);
if (!req)
return ERR_PTR(-ENOENT);
if ((num_params - nm) != req->num_params)
return ERR_PTR(-EINVAL);
req->busy = false;
idr_remove(&supp->idr, id);
supp->req_id = -1;
*num_meta = nm;
return req;
} }
/** /**
@ -236,63 +341,42 @@ int optee_supp_send(struct tee_context *ctx, u32 ret, u32 num_params,
struct tee_device *teedev = ctx->teedev; struct tee_device *teedev = ctx->teedev;
struct optee *optee = tee_get_drvdata(teedev); struct optee *optee = tee_get_drvdata(teedev);
struct optee_supp *supp = &optee->supp; struct optee_supp *supp = &optee->supp;
struct optee_supp_req *req;
size_t n; size_t n;
int rc = 0; size_t num_meta;
/* mutex_lock(&supp->mutex);
* We still have exclusive access to the data since that's how we req = supp_pop_req(supp, num_params, param, &num_meta);
* left it when returning from optee_supp_read(). mutex_unlock(&supp->mutex);
*/
/* See comment on mutex in optee_supp_read() above */ if (IS_ERR(req)) {
mutex_lock(&supp->supp_mutex); /* Something is wrong, let supplicant restart. */
return PTR_ERR(req);
if (!supp->supp_next_send) {
/*
* Something strange is going on, supplicant shouldn't
* enter optee_supp_send() in this state
*/
rc = -ENOENT;
goto out;
}
if (num_params != supp->num_params) {
/*
* Something is wrong, let supplicant restart. Next call to
* optee_supp_recv() will give an error to the requesting
* thread and release it.
*/
rc = -EINVAL;
goto out;
} }
/* Update out and in/out parameters */ /* Update out and in/out parameters */
for (n = 0; n < num_params; n++) { for (n = 0; n < req->num_params; n++) {
struct tee_param *p = supp->param + n; struct tee_param *p = req->param + n;
switch (p->attr) { switch (p->attr & TEE_IOCTL_PARAM_ATTR_TYPE_MASK) {
case TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_OUTPUT: case TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_OUTPUT:
case TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INOUT: case TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INOUT:
p->u.value.a = param[n].u.value.a; p->u.value.a = param[n + num_meta].u.value.a;
p->u.value.b = param[n].u.value.b; p->u.value.b = param[n + num_meta].u.value.b;
p->u.value.c = param[n].u.value.c; p->u.value.c = param[n + num_meta].u.value.c;
break; break;
case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT: case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT:
case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INOUT: case TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INOUT:
p->u.memref.size = param[n].u.memref.size; p->u.memref.size = param[n + num_meta].u.memref.size;
break; break;
default: default:
break; break;
} }
} }
supp->ret = ret; req->ret = ret;
/* Allow optee_supp_recv() above to do its work */
supp->supp_next_send = false;
/* Let the requesting thread continue */ /* Let the requesting thread continue */
complete(&supp->data_from_supp); complete(&req->c);
out:
mutex_unlock(&supp->supp_mutex); return 0;
return rc;
} }