summaryrefslogtreecommitdiffstats
path: root/drivers/tee (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Merge tag 'v4.12-rc1' into fixesOlof Johansson2017-05-191-4/+4
|\ | | | | | | | | | | | | | | We've received a few fixes branches with -rc1 as base, but our contents was still at pre-rc1. Merge it in expliticly to make 'git merge --log' clear on hat was actually merged. Signed-off-by: Olof Johansson <olof@lixom.net>
| * Merge tag 'armsoc-tee' of ↵Linus Torvalds2017-05-101-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc Pull TEE driver infrastructure and OP-TEE drivers from Arnd Bergmann: "This introduces a generic TEE framework in the kernel, to handle trusted environemtns (security coprocessor or software implementations such as OP-TEE/TrustZone). I'm sending it separately from the other arm-soc driver changes to give it a little more visibility, once the subsystem is merged, we will likely keep this in the arm₋soc drivers branch or have the maintainers submit pull requests directly, depending on the patch volume. I have reviewed earlier versions in the past, and have reviewed the latest version in person during Linaro Connect BUD17. Here is my overall assessment of the subsystem: - There is clearly demand for this, both for the generic infrastructure and the specific OP-TEE implementation. - The code has gone through a large number of reviews, and the review comments have all been addressed, but the reviews were not coming up with serious issues any more and nobody volunteered to vouch for the quality. - The user space ioctl interface is sufficient to work with the OP-TEE driver, and it should in principle work with other TEE implementations that follow the GlobalPlatform[1] standards, but it might need to be extended in minor ways depending on specific requirements of future TEE implementations - The main downside of the API to me is how the user space is tied to the TEE implementation in hardware or firmware, but uses a generic way to communicate with it. This seems to be an inherent problem with what it is trying to do, and I could not come up with any better solution than what is implemented here. For a detailed history of the patch series, see https://lkml.org/lkml/2017/3/10/1277" * tag 'armsoc-tee' of git://git.kernel.org/pub/scm/linux/kernel/git/arm/arm-soc: arm64: dt: hikey: Add optee node Documentation: tee subsystem and op-tee driver tee: add OP-TEE driver tee: generic TEE subsystem dt/bindings: add bindings for optee
* | tee: add ARM_SMCCC dependencyArnd Bergmann2017-05-101-0/+1
|/ | | | | | | | | For the moment, the tee subsystem only makes sense in combination with the op-tee driver that depends on ARM_SMCCC, so let's hide the subsystem from users that can't select that. Suggested-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Arnd Bergmann <arnd@arndb.de>
* tee: add OP-TEE driverJens Wiklander2017-03-1011-0/+2809
| | | | | | | | | | | | | | | | | Adds a OP-TEE driver which also can be compiled as a loadable module. * Targets ARM and ARM64 * Supports using reserved memory from OP-TEE as shared memory * Probes OP-TEE version using SMCs * Accepts requests on privileged and unprivileged device * Uses OPTEE message protocol version 2 to communicate with secure world Acked-by: Andreas Dannenberg <dannenberg@ti.com> Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey) Tested-by: Volodymyr Babchuk <vlad.babchuk@gmail.com> (RCAR H3) Tested-by: Scott Branden <scott.branden@broadcom.com> Reviewed-by: Javier González <javier@javigon.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
* tee: generic TEE subsystemJens Wiklander2017-03-096-0/+1548
Initial patch for generic TEE subsystem. This subsystem provides: * Registration/un-registration of TEE drivers. * Shared memory between normal world and secure world. * Ioctl interface for interaction with user space. * Sysfs implementation_id of TEE driver A TEE (Trusted Execution Environment) driver is a driver that interfaces with a trusted OS running in some secure environment, for example, TrustZone on ARM cpus, or a separate secure co-processor etc. The TEE subsystem can serve a TEE driver for a Global Platform compliant TEE, but it's not limited to only Global Platform TEEs. This patch builds on other similar implementations trying to solve the same problem: * "optee_linuxdriver" by among others Jean-michel DELORME<jean-michel.delorme@st.com> and Emmanuel MICHEL <emmanuel.michel@st.com> * "Generic TrustZone Driver" by Javier González <javier@javigon.com> Acked-by: Andreas Dannenberg <dannenberg@ti.com> Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey) Tested-by: Volodymyr Babchuk <vlad.babchuk@gmail.com> (RCAR H3) Tested-by: Scott Branden <scott.branden@broadcom.com> Reviewed-by: Javier González <javier@javigon.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>