qseecom.c 267 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205220622072208220922102211221222132214221522162217221822192220222122222223222422252226222722282229223022312232223322342235223622372238223922402241224222432244224522462247224822492250225122522253225422552256225722582259226022612262226322642265226622672268226922702271227222732274227522762277227822792280228122822283228422852286228722882289229022912292229322942295229622972298229923002301230223032304230523062307230823092310231123122313231423152316231723182319232023212322232323242325232623272328232923302331233223332334233523362337233823392340234123422343234423452346234723482349235023512352235323542355235623572358235923602361236223632364236523662367236823692370237123722373237423752376237723782379238023812382238323842385238623872388238923902391239223932394239523962397239823992400240124022403240424052406240724082409241024112412241324142415241624172418241924202421242224232424242524262427242824292430243124322433243424352436243724382439244024412442244324442445244624472448244924502451245224532454245524562457245824592460246124622463246424652466246724682469247024712472247324742475247624772478247924802481248224832484248524862487248824892490249124922493249424952496249724982499250025012502250325042505250625072508250925102511251225132514251525162517251825192520252125222523252425252526252725282529253025312532253325342535253625372538253925402541254225432544254525462547254825492550255125522553255425552556255725582559256025612562256325642565256625672568256925702571257225732574257525762577257825792580258125822583258425852586258725882589259025912592259325942595259625972598259926002601260226032604260526062607260826092610261126122613261426152616261726182619262026212622262326242625262626272628262926302631263226332634263526362637263826392640264126422643264426452646264726482649265026512652265326542655265626572658265926602661266226632664266526662667266826692670267126722673267426752676267726782679268026812682268326842685268626872688268926902691269226932694269526962697269826992700270127022703270427052706270727082709271027112712271327142715271627172718271927202721272227232724272527262727272827292730273127322733273427352736273727382739274027412742274327442745274627472748274927502751275227532754275527562757275827592760276127622763276427652766276727682769277027712772277327742775277627772778277927802781278227832784278527862787278827892790279127922793279427952796279727982799280028012802280328042805280628072808280928102811281228132814281528162817281828192820282128222823282428252826282728282829283028312832283328342835283628372838283928402841284228432844284528462847284828492850285128522853285428552856285728582859286028612862286328642865286628672868286928702871287228732874287528762877287828792880288128822883288428852886288728882889289028912892289328942895289628972898289929002901290229032904290529062907290829092910291129122913291429152916291729182919292029212922292329242925292629272928292929302931293229332934293529362937293829392940294129422943294429452946294729482949295029512952295329542955295629572958295929602961296229632964296529662967296829692970297129722973297429752976297729782979298029812982298329842985298629872988298929902991299229932994299529962997299829993000300130023003300430053006300730083009301030113012301330143015301630173018301930203021302230233024302530263027302830293030303130323033303430353036303730383039304030413042304330443045304630473048304930503051305230533054305530563057305830593060306130623063306430653066306730683069307030713072307330743075307630773078307930803081308230833084308530863087308830893090309130923093309430953096309730983099310031013102310331043105310631073108310931103111311231133114311531163117311831193120312131223123312431253126312731283129313031313132313331343135313631373138313931403141314231433144314531463147314831493150315131523153315431553156315731583159316031613162316331643165316631673168316931703171317231733174317531763177317831793180318131823183318431853186318731883189319031913192319331943195319631973198319932003201320232033204320532063207320832093210321132123213321432153216321732183219322032213222322332243225322632273228322932303231323232333234323532363237323832393240324132423243324432453246324732483249325032513252325332543255325632573258325932603261326232633264326532663267326832693270327132723273327432753276327732783279328032813282328332843285328632873288328932903291329232933294329532963297329832993300330133023303330433053306330733083309331033113312331333143315331633173318331933203321332233233324332533263327332833293330333133323333333433353336333733383339334033413342334333443345334633473348334933503351335233533354335533563357335833593360336133623363336433653366336733683369337033713372337333743375337633773378337933803381338233833384338533863387338833893390339133923393339433953396339733983399340034013402340334043405340634073408340934103411341234133414341534163417341834193420342134223423342434253426342734283429343034313432343334343435343634373438343934403441344234433444344534463447344834493450345134523453345434553456345734583459346034613462346334643465346634673468346934703471347234733474347534763477347834793480348134823483348434853486348734883489349034913492349334943495349634973498349935003501350235033504350535063507350835093510351135123513351435153516351735183519352035213522352335243525352635273528352935303531353235333534353535363537353835393540354135423543354435453546354735483549355035513552355335543555355635573558355935603561356235633564356535663567356835693570357135723573357435753576357735783579358035813582358335843585358635873588358935903591359235933594359535963597359835993600360136023603360436053606360736083609361036113612361336143615361636173618361936203621362236233624362536263627362836293630363136323633363436353636363736383639364036413642364336443645364636473648364936503651365236533654365536563657365836593660366136623663366436653666366736683669367036713672367336743675367636773678367936803681368236833684368536863687368836893690369136923693369436953696369736983699370037013702370337043705370637073708370937103711371237133714371537163717371837193720372137223723372437253726372737283729373037313732373337343735373637373738373937403741374237433744374537463747374837493750375137523753375437553756375737583759376037613762376337643765376637673768376937703771377237733774377537763777377837793780378137823783378437853786378737883789379037913792379337943795379637973798379938003801380238033804380538063807380838093810381138123813381438153816381738183819382038213822382338243825382638273828382938303831383238333834383538363837383838393840384138423843384438453846384738483849385038513852385338543855385638573858385938603861386238633864386538663867386838693870387138723873387438753876387738783879388038813882388338843885388638873888388938903891389238933894389538963897389838993900390139023903390439053906390739083909391039113912391339143915391639173918391939203921392239233924392539263927392839293930393139323933393439353936393739383939394039413942394339443945394639473948394939503951395239533954395539563957395839593960396139623963396439653966396739683969397039713972397339743975397639773978397939803981398239833984398539863987398839893990399139923993399439953996399739983999400040014002400340044005400640074008400940104011401240134014401540164017401840194020402140224023402440254026402740284029403040314032403340344035403640374038403940404041404240434044404540464047404840494050405140524053405440554056405740584059406040614062406340644065406640674068406940704071407240734074407540764077407840794080408140824083408440854086408740884089409040914092409340944095409640974098409941004101410241034104410541064107410841094110411141124113411441154116411741184119412041214122412341244125412641274128412941304131413241334134413541364137413841394140414141424143414441454146414741484149415041514152415341544155415641574158415941604161416241634164416541664167416841694170417141724173417441754176417741784179418041814182418341844185418641874188418941904191419241934194419541964197419841994200420142024203420442054206420742084209421042114212421342144215421642174218421942204221422242234224422542264227422842294230423142324233423442354236423742384239424042414242424342444245424642474248424942504251425242534254425542564257425842594260426142624263426442654266426742684269427042714272427342744275427642774278427942804281428242834284428542864287428842894290429142924293429442954296429742984299430043014302430343044305430643074308430943104311431243134314431543164317431843194320432143224323432443254326432743284329433043314332433343344335433643374338433943404341434243434344434543464347434843494350435143524353435443554356435743584359436043614362436343644365436643674368436943704371437243734374437543764377437843794380438143824383438443854386438743884389439043914392439343944395439643974398439944004401440244034404440544064407440844094410441144124413441444154416441744184419442044214422442344244425442644274428442944304431443244334434443544364437443844394440444144424443444444454446444744484449445044514452445344544455445644574458445944604461446244634464446544664467446844694470447144724473447444754476447744784479448044814482448344844485448644874488448944904491449244934494449544964497449844994500450145024503450445054506450745084509451045114512451345144515451645174518451945204521452245234524452545264527452845294530453145324533453445354536453745384539454045414542454345444545454645474548454945504551455245534554455545564557455845594560456145624563456445654566456745684569457045714572457345744575457645774578457945804581458245834584458545864587458845894590459145924593459445954596459745984599460046014602460346044605460646074608460946104611461246134614461546164617461846194620462146224623462446254626462746284629463046314632463346344635463646374638463946404641464246434644464546464647464846494650465146524653465446554656465746584659466046614662466346644665466646674668466946704671467246734674467546764677467846794680468146824683468446854686468746884689469046914692469346944695469646974698469947004701470247034704470547064707470847094710471147124713471447154716471747184719472047214722472347244725472647274728472947304731473247334734473547364737473847394740474147424743474447454746474747484749475047514752475347544755475647574758475947604761476247634764476547664767476847694770477147724773477447754776477747784779478047814782478347844785478647874788478947904791479247934794479547964797479847994800480148024803480448054806480748084809481048114812481348144815481648174818481948204821482248234824482548264827482848294830483148324833483448354836483748384839484048414842484348444845484648474848484948504851485248534854485548564857485848594860486148624863486448654866486748684869487048714872487348744875487648774878487948804881488248834884488548864887488848894890489148924893489448954896489748984899490049014902490349044905490649074908490949104911491249134914491549164917491849194920492149224923492449254926492749284929493049314932493349344935493649374938493949404941494249434944494549464947494849494950495149524953495449554956495749584959496049614962496349644965496649674968496949704971497249734974497549764977497849794980498149824983498449854986498749884989499049914992499349944995499649974998499950005001500250035004500550065007500850095010501150125013501450155016501750185019502050215022502350245025502650275028502950305031503250335034503550365037503850395040504150425043504450455046504750485049505050515052505350545055505650575058505950605061506250635064506550665067506850695070507150725073507450755076507750785079508050815082508350845085508650875088508950905091509250935094509550965097509850995100510151025103510451055106510751085109511051115112511351145115511651175118511951205121512251235124512551265127512851295130513151325133513451355136513751385139514051415142514351445145514651475148514951505151515251535154515551565157515851595160516151625163516451655166516751685169517051715172517351745175517651775178517951805181518251835184518551865187518851895190519151925193519451955196519751985199520052015202520352045205520652075208520952105211521252135214521552165217521852195220522152225223522452255226522752285229523052315232523352345235523652375238523952405241524252435244524552465247524852495250525152525253525452555256525752585259526052615262526352645265526652675268526952705271527252735274527552765277527852795280528152825283528452855286528752885289529052915292529352945295529652975298529953005301530253035304530553065307530853095310531153125313531453155316531753185319532053215322532353245325532653275328532953305331533253335334533553365337533853395340534153425343534453455346534753485349535053515352535353545355535653575358535953605361536253635364536553665367536853695370537153725373537453755376537753785379538053815382538353845385538653875388538953905391539253935394539553965397539853995400540154025403540454055406540754085409541054115412541354145415541654175418541954205421542254235424542554265427542854295430543154325433543454355436543754385439544054415442544354445445544654475448544954505451545254535454545554565457545854595460546154625463546454655466546754685469547054715472547354745475547654775478547954805481548254835484548554865487548854895490549154925493549454955496549754985499550055015502550355045505550655075508550955105511551255135514551555165517551855195520552155225523552455255526552755285529553055315532553355345535553655375538553955405541554255435544554555465547554855495550555155525553555455555556555755585559556055615562556355645565556655675568556955705571557255735574557555765577557855795580558155825583558455855586558755885589559055915592559355945595559655975598559956005601560256035604560556065607560856095610561156125613561456155616561756185619562056215622562356245625562656275628562956305631563256335634563556365637563856395640564156425643564456455646564756485649565056515652565356545655565656575658565956605661566256635664566556665667566856695670567156725673567456755676567756785679568056815682568356845685568656875688568956905691569256935694569556965697569856995700570157025703570457055706570757085709571057115712571357145715571657175718571957205721572257235724572557265727572857295730573157325733573457355736573757385739574057415742574357445745574657475748574957505751575257535754575557565757575857595760576157625763576457655766576757685769577057715772577357745775577657775778577957805781578257835784578557865787578857895790579157925793579457955796579757985799580058015802580358045805580658075808580958105811581258135814581558165817581858195820582158225823582458255826582758285829583058315832583358345835583658375838583958405841584258435844584558465847584858495850585158525853585458555856585758585859586058615862586358645865586658675868586958705871587258735874587558765877587858795880588158825883588458855886588758885889589058915892589358945895589658975898589959005901590259035904590559065907590859095910591159125913591459155916591759185919592059215922592359245925592659275928592959305931593259335934593559365937593859395940594159425943594459455946594759485949595059515952595359545955595659575958595959605961596259635964596559665967596859695970597159725973597459755976597759785979598059815982598359845985598659875988598959905991599259935994599559965997599859996000600160026003600460056006600760086009601060116012601360146015601660176018601960206021602260236024602560266027602860296030603160326033603460356036603760386039604060416042604360446045604660476048604960506051605260536054605560566057605860596060606160626063606460656066606760686069607060716072607360746075607660776078607960806081608260836084608560866087608860896090609160926093609460956096609760986099610061016102610361046105610661076108610961106111611261136114611561166117611861196120612161226123612461256126612761286129613061316132613361346135613661376138613961406141614261436144614561466147614861496150615161526153615461556156615761586159616061616162616361646165616661676168616961706171617261736174617561766177617861796180618161826183618461856186618761886189619061916192619361946195619661976198619962006201620262036204620562066207620862096210621162126213621462156216621762186219622062216222622362246225622662276228622962306231623262336234623562366237623862396240624162426243624462456246624762486249625062516252625362546255625662576258625962606261626262636264626562666267626862696270627162726273627462756276627762786279628062816282628362846285628662876288628962906291629262936294629562966297629862996300630163026303630463056306630763086309631063116312631363146315631663176318631963206321632263236324632563266327632863296330633163326333633463356336633763386339634063416342634363446345634663476348634963506351635263536354635563566357635863596360636163626363636463656366636763686369637063716372637363746375637663776378637963806381638263836384638563866387638863896390639163926393639463956396639763986399640064016402640364046405640664076408640964106411641264136414641564166417641864196420642164226423642464256426642764286429643064316432643364346435643664376438643964406441644264436444644564466447644864496450645164526453645464556456645764586459646064616462646364646465646664676468646964706471647264736474647564766477647864796480648164826483648464856486648764886489649064916492649364946495649664976498649965006501650265036504650565066507650865096510651165126513651465156516651765186519652065216522652365246525652665276528652965306531653265336534653565366537653865396540654165426543654465456546654765486549655065516552655365546555655665576558655965606561656265636564656565666567656865696570657165726573657465756576657765786579658065816582658365846585658665876588658965906591659265936594659565966597659865996600660166026603660466056606660766086609661066116612661366146615661666176618661966206621662266236624662566266627662866296630663166326633663466356636663766386639664066416642664366446645664666476648664966506651665266536654665566566657665866596660666166626663666466656666666766686669667066716672667366746675667666776678667966806681668266836684668566866687668866896690669166926693669466956696669766986699670067016702670367046705670667076708670967106711671267136714671567166717671867196720672167226723672467256726672767286729673067316732673367346735673667376738673967406741674267436744674567466747674867496750675167526753675467556756675767586759676067616762676367646765676667676768676967706771677267736774677567766777677867796780678167826783678467856786678767886789679067916792679367946795679667976798679968006801680268036804680568066807680868096810681168126813681468156816681768186819682068216822682368246825682668276828682968306831683268336834683568366837683868396840684168426843684468456846684768486849685068516852685368546855685668576858685968606861686268636864686568666867686868696870687168726873687468756876687768786879688068816882688368846885688668876888688968906891689268936894689568966897689868996900690169026903690469056906690769086909691069116912691369146915691669176918691969206921692269236924692569266927692869296930693169326933693469356936693769386939694069416942694369446945694669476948694969506951695269536954695569566957695869596960696169626963696469656966696769686969697069716972697369746975697669776978697969806981698269836984698569866987698869896990699169926993699469956996699769986999700070017002700370047005700670077008700970107011701270137014701570167017701870197020702170227023702470257026702770287029703070317032703370347035703670377038703970407041704270437044704570467047704870497050705170527053705470557056705770587059706070617062706370647065706670677068706970707071707270737074707570767077707870797080708170827083708470857086708770887089709070917092709370947095709670977098709971007101710271037104710571067107710871097110711171127113711471157116711771187119712071217122712371247125712671277128712971307131713271337134713571367137713871397140714171427143714471457146714771487149715071517152715371547155715671577158715971607161716271637164716571667167716871697170717171727173717471757176717771787179718071817182718371847185718671877188718971907191719271937194719571967197719871997200720172027203720472057206720772087209721072117212721372147215721672177218721972207221722272237224722572267227722872297230723172327233723472357236723772387239724072417242724372447245724672477248724972507251725272537254725572567257725872597260726172627263726472657266726772687269727072717272727372747275727672777278727972807281728272837284728572867287728872897290729172927293729472957296729772987299730073017302730373047305730673077308730973107311731273137314731573167317731873197320732173227323732473257326732773287329733073317332733373347335733673377338733973407341734273437344734573467347734873497350735173527353735473557356735773587359736073617362736373647365736673677368736973707371737273737374737573767377737873797380738173827383738473857386738773887389739073917392739373947395739673977398739974007401740274037404740574067407740874097410741174127413741474157416741774187419742074217422742374247425742674277428742974307431743274337434743574367437743874397440744174427443744474457446744774487449745074517452745374547455745674577458745974607461746274637464746574667467746874697470747174727473747474757476747774787479748074817482748374847485748674877488748974907491749274937494749574967497749874997500750175027503750475057506750775087509751075117512751375147515751675177518751975207521752275237524752575267527752875297530753175327533753475357536753775387539754075417542754375447545754675477548754975507551755275537554755575567557755875597560756175627563756475657566756775687569757075717572757375747575757675777578757975807581758275837584758575867587758875897590759175927593759475957596759775987599760076017602760376047605760676077608760976107611761276137614761576167617761876197620762176227623762476257626762776287629763076317632763376347635763676377638763976407641764276437644764576467647764876497650765176527653765476557656765776587659766076617662766376647665766676677668766976707671767276737674767576767677767876797680768176827683768476857686768776887689769076917692769376947695769676977698769977007701770277037704770577067707770877097710771177127713771477157716771777187719772077217722772377247725772677277728772977307731773277337734773577367737773877397740774177427743774477457746774777487749775077517752775377547755775677577758775977607761776277637764776577667767776877697770777177727773777477757776777777787779778077817782778377847785778677877788778977907791779277937794779577967797779877997800780178027803780478057806780778087809781078117812781378147815781678177818781978207821782278237824782578267827782878297830783178327833783478357836783778387839784078417842784378447845784678477848784978507851785278537854785578567857785878597860786178627863786478657866786778687869787078717872787378747875787678777878787978807881788278837884788578867887788878897890789178927893789478957896789778987899790079017902790379047905790679077908790979107911791279137914791579167917791879197920792179227923792479257926792779287929793079317932793379347935793679377938793979407941794279437944794579467947794879497950795179527953795479557956795779587959796079617962796379647965796679677968796979707971797279737974797579767977797879797980798179827983798479857986798779887989799079917992799379947995799679977998799980008001800280038004800580068007800880098010801180128013801480158016801780188019802080218022802380248025802680278028802980308031803280338034803580368037803880398040804180428043804480458046804780488049805080518052805380548055805680578058805980608061806280638064806580668067806880698070807180728073807480758076807780788079808080818082808380848085808680878088808980908091809280938094809580968097809880998100810181028103810481058106810781088109811081118112811381148115811681178118811981208121812281238124812581268127812881298130813181328133813481358136813781388139814081418142814381448145814681478148814981508151815281538154815581568157815881598160816181628163816481658166816781688169817081718172817381748175817681778178817981808181818281838184818581868187818881898190819181928193819481958196819781988199820082018202820382048205820682078208820982108211821282138214821582168217821882198220822182228223822482258226822782288229823082318232823382348235823682378238823982408241824282438244824582468247824882498250825182528253825482558256825782588259826082618262826382648265826682678268826982708271827282738274827582768277827882798280828182828283828482858286828782888289829082918292829382948295829682978298829983008301830283038304830583068307830883098310831183128313831483158316831783188319832083218322832383248325832683278328832983308331833283338334833583368337833883398340834183428343834483458346834783488349835083518352835383548355835683578358835983608361836283638364836583668367836883698370837183728373837483758376837783788379838083818382838383848385838683878388838983908391839283938394839583968397839883998400840184028403840484058406840784088409841084118412841384148415841684178418841984208421842284238424842584268427842884298430843184328433843484358436843784388439844084418442844384448445844684478448844984508451845284538454845584568457845884598460846184628463846484658466846784688469847084718472847384748475847684778478847984808481848284838484848584868487848884898490849184928493849484958496849784988499850085018502850385048505850685078508850985108511851285138514851585168517851885198520852185228523852485258526852785288529853085318532853385348535853685378538853985408541854285438544854585468547854885498550855185528553855485558556855785588559856085618562856385648565856685678568856985708571857285738574857585768577857885798580858185828583858485858586858785888589859085918592859385948595859685978598859986008601860286038604860586068607860886098610861186128613861486158616861786188619862086218622862386248625862686278628862986308631863286338634863586368637863886398640864186428643864486458646864786488649865086518652865386548655865686578658865986608661866286638664866586668667866886698670867186728673867486758676867786788679868086818682868386848685868686878688868986908691869286938694869586968697869886998700870187028703870487058706870787088709871087118712871387148715871687178718871987208721872287238724872587268727872887298730873187328733873487358736873787388739874087418742874387448745874687478748874987508751875287538754875587568757875887598760876187628763876487658766876787688769877087718772877387748775877687778778877987808781878287838784878587868787878887898790879187928793879487958796879787988799880088018802880388048805880688078808880988108811881288138814881588168817881888198820882188228823882488258826882788288829883088318832883388348835883688378838883988408841884288438844884588468847884888498850885188528853885488558856885788588859886088618862886388648865886688678868886988708871887288738874887588768877887888798880888188828883888488858886888788888889889088918892889388948895889688978898889989008901890289038904890589068907890889098910891189128913891489158916891789188919892089218922892389248925892689278928892989308931893289338934893589368937893889398940894189428943894489458946894789488949895089518952895389548955895689578958895989608961896289638964896589668967896889698970897189728973897489758976897789788979898089818982898389848985898689878988898989908991899289938994899589968997899889999000900190029003900490059006900790089009901090119012901390149015901690179018901990209021902290239024902590269027902890299030903190329033903490359036903790389039904090419042904390449045904690479048904990509051905290539054905590569057905890599060906190629063906490659066906790689069907090719072907390749075907690779078907990809081908290839084908590869087908890899090909190929093909490959096909790989099910091019102910391049105910691079108910991109111911291139114911591169117911891199120912191229123912491259126912791289129913091319132913391349135913691379138913991409141914291439144914591469147914891499150915191529153915491559156915791589159916091619162916391649165916691679168916991709171917291739174917591769177917891799180918191829183918491859186918791889189919091919192919391949195919691979198919992009201920292039204920592069207920892099210921192129213921492159216921792189219922092219222922392249225922692279228922992309231923292339234923592369237923892399240924192429243924492459246924792489249925092519252925392549255925692579258925992609261926292639264926592669267926892699270927192729273927492759276927792789279928092819282928392849285928692879288928992909291929292939294929592969297929892999300930193029303930493059306930793089309931093119312931393149315931693179318931993209321932293239324932593269327932893299330933193329333933493359336933793389339934093419342934393449345934693479348934993509351935293539354935593569357935893599360936193629363936493659366936793689369937093719372937393749375937693779378937993809381938293839384938593869387938893899390939193929393939493959396939793989399940094019402940394049405940694079408940994109411941294139414941594169417941894199420942194229423942494259426942794289429943094319432943394349435943694379438943994409441944294439444944594469447944894499450945194529453945494559456945794589459946094619462946394649465946694679468946994709471947294739474947594769477947894799480948194829483948494859486948794889489949094919492949394949495949694979498949995009501950295039504950595069507950895099510951195129513951495159516951795189519952095219522952395249525952695279528952995309531953295339534953595369537953895399540954195429543954495459546954795489549955095519552955395549555955695579558955995609561956295639564956595669567956895699570957195729573957495759576957795789579958095819582958395849585958695879588958995909591959295939594959595969597959895999600960196029603960496059606960796089609961096119612961396149615961696179618961996209621962296239624962596269627962896299630963196329633963496359636963796389639964096419642964396449645964696479648964996509651965296539654965596569657965896599660966196629663966496659666966796689669967096719672967396749675967696779678967996809681968296839684968596869687968896899690969196929693969496959696969796989699970097019702970397049705970697079708970997109711971297139714971597169717971897199720972197229723972497259726972797289729973097319732973397349735973697379738973997409741974297439744974597469747974897499750975197529753975497559756975797589759976097619762976397649765976697679768976997709771977297739774977597769777977897799780978197829783978497859786978797889789979097919792979397949795979697979798979998009801980298039804980598069807980898099810981198129813981498159816981798189819982098219822982398249825982698279828982998309831983298339834983598369837983898399840984198429843984498459846984798489849985098519852985398549855985698579858985998609861986298639864986598669867986898699870987198729873987498759876987798789879988098819882988398849885
  1. // SPDX-License-Identifier: GPL-2.0-only
  2. /*
  3. * QTI Secure Execution Environment Communicator (QSEECOM) driver
  4. *
  5. * Copyright (c) 2012-2021, The Linux Foundation. All rights reserved.
  6. * Copyright (c) 2022-2023 Qualcomm Innovation Center, Inc. All rights reserved.
  7. */
  8. #define pr_fmt(fmt) "QSEECOM: %s: " fmt, __func__
  9. #include <linux/kernel.h>
  10. #include <linux/slab.h>
  11. #include <linux/module.h>
  12. #include <linux/fs.h>
  13. #include <linux/reboot.h>
  14. #include <linux/platform_device.h>
  15. #include <linux/debugfs.h>
  16. #include <linux/cdev.h>
  17. #include <linux/uaccess.h>
  18. #include <linux/sched.h>
  19. #include <linux/list.h>
  20. #include <linux/mutex.h>
  21. #include <linux/io.h>
  22. #include <linux/dma-buf.h>
  23. #include <linux/msm_ion.h>
  24. #include <linux/types.h>
  25. #include <linux/clk.h>
  26. #include <linux/elf.h>
  27. #include <linux/firmware.h>
  28. #include <linux/freezer.h>
  29. #include <linux/scatterlist.h>
  30. #include <linux/regulator/consumer.h>
  31. #include <linux/dma-mapping.h>
  32. #include <soc/qcom/qseecom_scm.h>
  33. #include <asm/cacheflush.h>
  34. #include <linux/delay.h>
  35. #include <linux/signal.h>
  36. #include <linux/compat.h>
  37. #include <linux/kthread.h>
  38. #include <linux/dma-map-ops.h>
  39. #include <linux/cma.h>
  40. #include <linux/of_platform.h>
  41. #include <linux/interconnect.h>
  42. #include <linux/of_reserved_mem.h>
  43. #include <linux/qtee_shmbridge.h>
  44. #include <linux/mem-buf.h>
  45. #include <linux/version.h>
  46. #include "linux/qseecom_api.h"
  47. #include "ice.h"
  48. #if IS_ENABLED(CONFIG_QSEECOM_PROXY)
  49. #include <linux/qseecom_kernel.h>
  50. #include "misc/qseecom_priv.h"
  51. #else
  52. #include "misc/qseecom_kernel.h"
  53. #endif
  54. #include "misc/qseecomi.h"
  55. #if (LINUX_VERSION_CODE <= KERNEL_VERSION(6,0,0))
  56. #define KERNEL_VERSION_LEGACY
  57. #endif
  58. #define QSEECOM_DEV "qseecom"
  59. #define QSEOS_VERSION_14 0x14
  60. #define QSEEE_VERSION_00 0x400000
  61. #define QSEE_VERSION_01 0x401000
  62. #define QSEE_VERSION_02 0x402000
  63. #define QSEE_VERSION_03 0x403000
  64. #define QSEE_VERSION_04 0x404000
  65. #define QSEE_VERSION_05 0x405000
  66. #define QSEE_VERSION_20 0x800000
  67. #define QSEE_VERSION_40 0x1000000 /* TZ.BF.4.0 */
  68. #define QSEE_CE_CLK_100MHZ 100000000
  69. #define CE_CLK_DIV 1000000
  70. #define QSEECOM_MAX_SG_ENTRY 4096
  71. #define QSEECOM_SG_ENTRY_MSG_BUF_SZ_64BIT \
  72. (QSEECOM_MAX_SG_ENTRY * SG_ENTRY_SZ_64BIT)
  73. #define QSEECOM_INVALID_KEY_ID 0xff
  74. /* Save partition image hash for authentication check */
  75. #define SCM_SAVE_PARTITION_HASH_ID 0x01
  76. /* Check if enterprise security is activate */
  77. #define SCM_IS_ACTIVATED_ID 0x02
  78. /* Encrypt/Decrypt Data Integrity Partition (DIP) for MDTP */
  79. #define SCM_MDTP_CIPHER_DIP 0x01
  80. /* Maximum Allowed Size (128K) of Data Integrity Partition (DIP) for MDTP */
  81. #define MAX_DIP 0x20000
  82. #define RPMB_SERVICE 0x2000
  83. #define SSD_SERVICE 0x3000
  84. #define QSEECOM_SEND_CMD_CRYPTO_TIMEOUT 2000
  85. #define QSEECOM_LOAD_APP_CRYPTO_TIMEOUT 2000
  86. #define TWO 2
  87. #define QSEECOM_UFS_ICE_CE_NUM 10
  88. #define QSEECOM_SDCC_ICE_CE_NUM 20
  89. #define QSEECOM_ICE_FDE_KEY_INDEX 0
  90. #define PHY_ADDR_4G (1ULL<<32)
  91. #define QSEECOM_STATE_NOT_READY 0
  92. #define QSEECOM_STATE_SUSPEND 1
  93. #define QSEECOM_STATE_READY 2
  94. #define QSEECOM_ICE_FDE_KEY_SIZE_MASK 2
  95. /*
  96. * default ce info unit to 0 for
  97. * services which
  98. * support only single instance.
  99. * Most of services are in this category.
  100. */
  101. #define DEFAULT_CE_INFO_UNIT 0
  102. #define DEFAULT_NUM_CE_INFO_UNIT 1
  103. #define FDE_FLAG_POS 4
  104. #define ENABLE_KEY_WRAP_IN_KS (1 << FDE_FLAG_POS)
  105. /*
  106. * sg list buf format version
  107. * 1: Legacy format to support only 512 SG list entries
  108. * 2: new format to support > 512 entries
  109. */
  110. #define QSEECOM_SG_LIST_BUF_FORMAT_VERSION_1 1
  111. #define QSEECOM_SG_LIST_BUF_FORMAT_VERSION_2 2
  112. struct qseecom_sg_list_buf_hdr_64bit {
  113. struct qseecom_sg_entry_64bit blank_entry; /* must be all 0 */
  114. __u32 version; /* sg list buf format version */
  115. __u64 new_buf_phys_addr; /* PA of new buffer */
  116. __u32 nents_total; /* Total number of SG entries */
  117. } __packed;
  118. #define QSEECOM_SG_LIST_BUF_HDR_SZ_64BIT \
  119. sizeof(struct qseecom_sg_list_buf_hdr_64bit)
  120. #define MAX_CE_PIPE_PAIR_PER_UNIT 3
  121. #define INVALID_CE_INFO_UNIT_NUM 0xffffffff
  122. #define CE_PIPE_PAIR_USE_TYPE_FDE 0
  123. #define CE_PIPE_PAIR_USE_TYPE_PFE 1
  124. #define SG_ENTRY_SZ sizeof(struct qseecom_sg_entry)
  125. #define SG_ENTRY_SZ_64BIT sizeof(struct qseecom_sg_entry_64bit)
  126. enum qseecom_bandwidth_request_mode {
  127. INACTIVE = 0,
  128. LOW,
  129. MEDIUM,
  130. HIGH,
  131. };
  132. enum qseecom_clk_definitions {
  133. CLK_DFAB = 0,
  134. CLK_SFPB,
  135. };
  136. enum qseecom_ice_key_size_type {
  137. QSEECOM_ICE_FDE_KEY_SIZE_16_BYTE =
  138. (0 << QSEECOM_ICE_FDE_KEY_SIZE_MASK),
  139. QSEECOM_ICE_FDE_KEY_SIZE_32_BYTE =
  140. (1 << QSEECOM_ICE_FDE_KEY_SIZE_MASK),
  141. QSEE_ICE_FDE_KEY_SIZE_UNDEFINED =
  142. (0xF << QSEECOM_ICE_FDE_KEY_SIZE_MASK),
  143. };
  144. enum qseecom_client_handle_type {
  145. QSEECOM_CLIENT_APP = 1,
  146. QSEECOM_LISTENER_SERVICE,
  147. QSEECOM_SECURE_SERVICE,
  148. QSEECOM_GENERIC,
  149. QSEECOM_UNAVAILABLE_CLIENT_APP,
  150. };
  151. enum qseecom_ce_hw_instance {
  152. CLK_QSEE = 0,
  153. CLK_CE_DRV,
  154. CLK_INVALID,
  155. };
  156. enum qseecom_cache_ops {
  157. QSEECOM_CACHE_CLEAN,
  158. QSEECOM_CACHE_INVALIDATE,
  159. };
  160. enum qseecom_listener_unregister_kthread_state {
  161. LSNR_UNREG_KT_SLEEP = 0,
  162. LSNR_UNREG_KT_WAKEUP,
  163. };
  164. enum qseecom_unload_app_kthread_state {
  165. UNLOAD_APP_KT_SLEEP = 0,
  166. UNLOAD_APP_KT_WAKEUP,
  167. };
  168. static DEFINE_MUTEX(qsee_bw_mutex);
  169. static DEFINE_MUTEX(app_access_lock);
  170. static DEFINE_MUTEX(clk_access_lock);
  171. static DEFINE_MUTEX(listener_access_lock);
  172. static DEFINE_MUTEX(unload_app_pending_list_lock);
  173. struct sglist_info {
  174. uint32_t indexAndFlags;
  175. uint32_t sizeOrCount;
  176. };
  177. /*
  178. * The 31st bit indicates only one or multiple physical address inside
  179. * the request buffer. If it is set, the index locates a single physical addr
  180. * inside the request buffer, and `sizeOrCount` is the size of the memory being
  181. * shared at that physical address.
  182. * Otherwise, the index locates an array of {start, len} pairs (a
  183. * "scatter/gather list"), and `sizeOrCount` gives the number of entries in
  184. * that array.
  185. *
  186. * The 30th bit indicates 64 or 32bit address; when it is set, physical addr
  187. * and scatter gather entry sizes are 64-bit values. Otherwise, 32-bit values.
  188. *
  189. * The bits [0:29] of `indexAndFlags` hold an offset into the request buffer.
  190. */
  191. #define SGLISTINFO_SET_INDEX_FLAG(c, s, i) \
  192. ((uint32_t)(((c & 1) << 31) | ((s & 1) << 30) | (i & 0x3fffffff)))
  193. #define SGLISTINFO_TABLE_SIZE (sizeof(struct sglist_info) * MAX_ION_FD)
  194. #define FEATURE_ID_WHITELIST 15 /*whitelist feature id*/
  195. #define MAKE_WHITELIST_VERSION(major, minor, patch) \
  196. (((major & 0x3FF) << 22) | ((minor & 0x3FF) << 12) | (patch & 0xFFF))
  197. #define MAKE_NULL(sgt, attach, dmabuf) do {\
  198. sgt = NULL;\
  199. attach = NULL;\
  200. dmabuf = NULL;\
  201. } while (0)
  202. struct qseecom_registered_listener_list {
  203. struct list_head list;
  204. struct qseecom_register_listener_req svc;
  205. void *user_virt_sb_base;
  206. struct dma_buf *dmabuf;
  207. struct dma_buf_attachment *attach;
  208. struct sg_table *sgt;
  209. u8 *sb_virt;
  210. phys_addr_t sb_phys;
  211. size_t sb_length;
  212. wait_queue_head_t rcv_req_wq;
  213. /* rcv_req_flag: 0: ready and empty; 1: received req */
  214. int rcv_req_flag;
  215. int send_resp_flag;
  216. bool listener_in_use;
  217. /* wq for thread blocked on this listener*/
  218. wait_queue_head_t listener_block_app_wq;
  219. struct sglist_info *sglistinfo_ptr;
  220. struct qtee_shm sglistinfo_shm;
  221. uint32_t sglist_cnt;
  222. int abort;
  223. bool unregister_pending;
  224. };
  225. struct qseecom_unregister_pending_list {
  226. struct list_head list;
  227. struct qseecom_dev_handle *data;
  228. };
  229. struct qseecom_registered_app_list {
  230. struct list_head list;
  231. u32 app_id;
  232. u32 ref_cnt;
  233. char app_name[MAX_APP_NAME_SIZE];
  234. u32 app_arch;
  235. bool app_blocked;
  236. u32 check_block;
  237. u32 blocked_on_listener_id;
  238. };
  239. struct qseecom_registered_kclient_list {
  240. struct list_head list;
  241. struct qseecom_handle *handle;
  242. };
  243. struct qseecom_ce_info_use {
  244. unsigned char handle[MAX_CE_INFO_HANDLE_SIZE];
  245. unsigned int unit_num;
  246. unsigned int num_ce_pipe_entries;
  247. struct qseecom_ce_pipe_entry *ce_pipe_entry;
  248. bool alloc;
  249. uint32_t type;
  250. };
  251. struct ce_hw_usage_info {
  252. uint32_t qsee_ce_hw_instance;
  253. uint32_t num_fde;
  254. struct qseecom_ce_info_use *fde;
  255. uint32_t num_pfe;
  256. struct qseecom_ce_info_use *pfe;
  257. };
  258. struct qseecom_clk {
  259. enum qseecom_ce_hw_instance instance;
  260. struct clk *ce_core_clk;
  261. struct clk *ce_clk;
  262. struct clk *ce_core_src_clk;
  263. struct clk *ce_bus_clk;
  264. uint32_t clk_access_cnt;
  265. };
  266. struct qseecom_control {
  267. struct list_head registered_listener_list_head;
  268. struct list_head registered_app_list_head;
  269. spinlock_t registered_app_list_lock;
  270. struct list_head registered_kclient_list_head;
  271. spinlock_t registered_kclient_list_lock;
  272. wait_queue_head_t send_resp_wq;
  273. int send_resp_flag;
  274. uint32_t qseos_version;
  275. uint32_t qsee_version;
  276. struct device *pdev; /* class_dev */
  277. struct device *dev; /* platform_dev->dev */
  278. struct class *driver_class;
  279. dev_t qseecom_device_no;
  280. bool whitelist_support;
  281. bool commonlib_loaded;
  282. bool commonlib64_loaded;
  283. bool commonlib_loaded_by_hostvm;
  284. struct ce_hw_usage_info ce_info;
  285. int qsee_bw_count;
  286. int qsee_sfpb_bw_count;
  287. uint32_t qsee_perf_client;
  288. struct icc_path *icc_path;
  289. uint32_t avg_bw;
  290. uint32_t peak_bw;
  291. struct qseecom_clk qsee;
  292. struct qseecom_clk ce_drv;
  293. bool support_bus_scaling;
  294. bool support_fde;
  295. bool support_pfe;
  296. bool fde_key_size;
  297. uint32_t cumulative_mode;
  298. enum qseecom_bandwidth_request_mode current_mode;
  299. struct timer_list bw_scale_down_timer;
  300. struct work_struct bw_inactive_req_ws;
  301. struct cdev cdev;
  302. bool timer_running;
  303. bool no_clock_support;
  304. unsigned int ce_opp_freq_hz;
  305. bool appsbl_qseecom_support;
  306. uint32_t qsee_reentrancy_support;
  307. bool enable_key_wrap_in_ks;
  308. uint32_t app_block_ref_cnt;
  309. wait_queue_head_t app_block_wq;
  310. atomic_t qseecom_state;
  311. int is_apps_region_protected;
  312. bool smcinvoke_support;
  313. uint64_t qseecom_bridge_handle;
  314. uint64_t ta_bridge_handle;
  315. uint64_t user_contig_bridge_handle;
  316. struct list_head unregister_lsnr_pending_list_head;
  317. wait_queue_head_t register_lsnr_pending_wq;
  318. struct task_struct *unregister_lsnr_kthread_task;
  319. wait_queue_head_t unregister_lsnr_kthread_wq;
  320. atomic_t unregister_lsnr_kthread_state;
  321. struct list_head unload_app_pending_list_head;
  322. struct task_struct *unload_app_kthread_task;
  323. struct notifier_block reboot_nb;
  324. wait_queue_head_t unload_app_kthread_wq;
  325. atomic_t unload_app_kthread_state;
  326. bool no_user_contig_mem_support;
  327. };
  328. struct qseecom_unload_app_pending_list {
  329. struct list_head list;
  330. struct qseecom_dev_handle *data;
  331. };
  332. struct qseecom_sec_buf_fd_info {
  333. bool is_sec_buf_fd;
  334. size_t size;
  335. void *vbase;
  336. phys_addr_t pbase;
  337. struct qtee_shm shm;
  338. };
  339. struct qseecom_param_memref {
  340. uint32_t buffer;
  341. uint32_t size;
  342. };
  343. struct qseecom_client_handle {
  344. u32 app_id;
  345. struct dma_buf *dmabuf;
  346. struct dma_buf_attachment *attach;
  347. struct sg_table *sgt;
  348. u8 *sb_virt;
  349. phys_addr_t sb_phys;
  350. size_t sb_length;
  351. unsigned long user_virt_sb_base;
  352. char app_name[MAX_APP_NAME_SIZE];
  353. u32 app_arch;
  354. struct qseecom_sec_buf_fd_info sec_buf_fd[MAX_ION_FD];
  355. bool from_smcinvoke;
  356. struct qtee_shm shm; /* kernel client's shm for req/rsp buf */
  357. bool unload_pending;
  358. bool from_loadapp;
  359. };
  360. struct qseecom_listener_handle {
  361. u32 id;
  362. bool register_pending;
  363. bool release_called;
  364. };
  365. static struct qseecom_control qseecom;
  366. struct qseecom_dev_handle {
  367. enum qseecom_client_handle_type type;
  368. union {
  369. struct qseecom_client_handle client;
  370. struct qseecom_listener_handle listener;
  371. };
  372. bool released;
  373. int abort;
  374. wait_queue_head_t abort_wq;
  375. atomic_t ioctl_count;
  376. bool perf_enabled;
  377. bool fast_load_enabled;
  378. enum qseecom_bandwidth_request_mode mode;
  379. struct sglist_info *sglistinfo_ptr;
  380. struct qtee_shm sglistinfo_shm;
  381. uint32_t sglist_cnt;
  382. bool use_legacy_cmd;
  383. };
  384. struct qseecom_key_id_usage_desc {
  385. uint8_t desc[QSEECOM_KEY_ID_SIZE];
  386. };
  387. struct qseecom_crypto_info {
  388. unsigned int unit_num;
  389. unsigned int ce;
  390. unsigned int pipe_pair;
  391. };
  392. static struct qseecom_key_id_usage_desc key_id_array[] = {
  393. {
  394. .desc = "Undefined Usage Index",
  395. },
  396. {
  397. .desc = "Full Disk Encryption",
  398. },
  399. {
  400. .desc = "Per File Encryption",
  401. },
  402. {
  403. .desc = "UFS ICE Full Disk Encryption",
  404. },
  405. {
  406. .desc = "SDCC ICE Full Disk Encryption",
  407. },
  408. };
  409. /* Function proto types */
  410. static int qsee_vote_for_clock(struct qseecom_dev_handle *, int32_t);
  411. static void qsee_disable_clock_vote(struct qseecom_dev_handle *, int32_t);
  412. static int __qseecom_enable_clk(enum qseecom_ce_hw_instance ce);
  413. static void __qseecom_disable_clk(enum qseecom_ce_hw_instance ce);
  414. static int __qseecom_init_clk(enum qseecom_ce_hw_instance ce);
  415. static int qseecom_load_commonlib_image(struct qseecom_dev_handle *data,
  416. char *cmnlib_name);
  417. static int qseecom_enable_ice_setup(int usage);
  418. static int qseecom_disable_ice_setup(int usage);
  419. static void __qseecom_reentrancy_check_if_no_app_blocked(uint32_t smc_id);
  420. static int qseecom_get_ce_info(struct qseecom_dev_handle *data,
  421. void __user *argp);
  422. static int qseecom_free_ce_info(struct qseecom_dev_handle *data,
  423. void __user *argp);
  424. static int qseecom_query_ce_info(struct qseecom_dev_handle *data,
  425. void __user *argp);
  426. static int __qseecom_unload_app(struct qseecom_dev_handle *data,
  427. uint32_t app_id);
  428. static int __maybe_unused get_qseecom_keymaster_status(char *str)
  429. {
  430. get_option(&str, &qseecom.is_apps_region_protected);
  431. return 1;
  432. }
  433. __setup("androidboot.keymaster=", get_qseecom_keymaster_status);
  434. static int __qseecom_alloc_coherent_buf(
  435. uint32_t size, u8 **vaddr, phys_addr_t *paddr);
  436. static void __qseecom_free_coherent_buf(uint32_t size,
  437. u8 *vaddr, phys_addr_t paddr);
  438. #define QSEECOM_SCM_EBUSY_WAIT_MS 30
  439. #define QSEECOM_SCM_EBUSY_MAX_RETRY 67
  440. #define QSEE_RESULT_FAIL_APP_BUSY 315
  441. static int __qseecom_scm_call2_locked(uint32_t smc_id, struct qseecom_scm_desc *desc)
  442. {
  443. int ret = 0;
  444. int retry_count = 0;
  445. do {
  446. ret = qcom_scm_qseecom_call(smc_id, desc, false);
  447. if ((ret == -EBUSY) || (desc && (desc->ret[0] == -QSEE_RESULT_FAIL_APP_BUSY))) {
  448. mutex_unlock(&app_access_lock);
  449. msleep(QSEECOM_SCM_EBUSY_WAIT_MS);
  450. mutex_lock(&app_access_lock);
  451. }
  452. if (retry_count == 33)
  453. pr_warn("secure world has been busy for 1 second!\n");
  454. } while (((ret == -EBUSY) || (desc && (desc->ret[0] == -QSEE_RESULT_FAIL_APP_BUSY))) &&
  455. (retry_count++ < QSEECOM_SCM_EBUSY_MAX_RETRY));
  456. return ret;
  457. }
  458. static char *__qseecom_alloc_tzbuf(uint32_t size,
  459. phys_addr_t *pa, struct qtee_shm *shm)
  460. {
  461. char *tzbuf = NULL;
  462. int ret = qtee_shmbridge_allocate_shm(size, shm);
  463. if (ret)
  464. return NULL;
  465. tzbuf = shm->vaddr;
  466. memset(tzbuf, 0, size);
  467. *pa = shm->paddr;
  468. return tzbuf;
  469. }
  470. static void __qseecom_free_tzbuf(struct qtee_shm *shm)
  471. {
  472. qtee_shmbridge_free_shm(shm);
  473. }
  474. static int qseecom_scm_call2(uint32_t svc_id, uint32_t tz_cmd_id,
  475. const void *req_buf, void *resp_buf)
  476. {
  477. int ret = 0;
  478. uint32_t smc_id = 0;
  479. uint32_t qseos_cmd_id = 0;
  480. struct qseecom_scm_desc desc = {0};
  481. struct qseecom_command_scm_resp *scm_resp = NULL;
  482. struct qtee_shm shm = {0};
  483. phys_addr_t pa;
  484. if (!req_buf || !resp_buf) {
  485. pr_err("Invalid buffer pointer\n");
  486. return -EINVAL;
  487. }
  488. qseos_cmd_id = *(uint32_t *)req_buf;
  489. scm_resp = (struct qseecom_command_scm_resp *)resp_buf;
  490. switch (svc_id) {
  491. case SCM_SVC_INFO: {
  492. if (tz_cmd_id == 3) {
  493. smc_id = TZ_INFO_GET_FEATURE_VERSION_ID;
  494. desc.arginfo = TZ_INFO_GET_FEATURE_VERSION_ID_PARAM_ID;
  495. desc.args[0] = *(uint32_t *)req_buf;
  496. } else {
  497. pr_err("Unsupported svc_id %d, tz_cmd_id %d\n",
  498. svc_id, tz_cmd_id);
  499. return -EINVAL;
  500. }
  501. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  502. break;
  503. }
  504. case SCM_SVC_ES: {
  505. switch (tz_cmd_id) {
  506. case SCM_SAVE_PARTITION_HASH_ID: {
  507. u32 tzbuflen = PAGE_ALIGN(SHA256_DIGEST_LENGTH);
  508. struct qseecom_save_partition_hash_req *p_hash_req =
  509. (struct qseecom_save_partition_hash_req *)
  510. req_buf;
  511. char *tzbuf = __qseecom_alloc_tzbuf(
  512. tzbuflen, &pa, &shm);
  513. if (!tzbuf)
  514. return -ENOMEM;
  515. memset(tzbuf, 0, tzbuflen);
  516. memcpy(tzbuf, p_hash_req->digest,
  517. SHA256_DIGEST_LENGTH);
  518. qtee_shmbridge_flush_shm_buf(&shm);
  519. smc_id = TZ_ES_SAVE_PARTITION_HASH_ID;
  520. desc.arginfo = TZ_ES_SAVE_PARTITION_HASH_ID_PARAM_ID;
  521. desc.args[0] = p_hash_req->partition_id;
  522. desc.args[1] = pa;
  523. desc.args[2] = SHA256_DIGEST_LENGTH;
  524. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  525. __qseecom_free_tzbuf(&shm);
  526. break;
  527. }
  528. default: {
  529. pr_err("tz_cmd_id %d is not supported\n", tz_cmd_id);
  530. ret = -EINVAL;
  531. break;
  532. }
  533. } /* end of switch (tz_cmd_id) */
  534. break;
  535. } /* end of case SCM_SVC_ES */
  536. case SCM_SVC_TZSCHEDULER: {
  537. switch (qseos_cmd_id) {
  538. case QSEOS_APP_START_COMMAND: {
  539. struct qseecom_load_app_ireq *req;
  540. struct qseecom_load_app_64bit_ireq *req_64bit;
  541. smc_id = TZ_OS_APP_START_ID;
  542. desc.arginfo = TZ_OS_APP_START_ID_PARAM_ID;
  543. if (qseecom.qsee_version < QSEE_VERSION_40) {
  544. req = (struct qseecom_load_app_ireq *)req_buf;
  545. desc.args[0] = req->mdt_len;
  546. desc.args[1] = req->img_len;
  547. desc.args[2] = req->phy_addr;
  548. } else {
  549. req_64bit =
  550. (struct qseecom_load_app_64bit_ireq *)
  551. req_buf;
  552. desc.args[0] = req_64bit->mdt_len;
  553. desc.args[1] = req_64bit->img_len;
  554. desc.args[2] = req_64bit->phy_addr;
  555. }
  556. __qseecom_reentrancy_check_if_no_app_blocked(smc_id);
  557. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  558. break;
  559. }
  560. case QSEOS_APP_SHUTDOWN_COMMAND: {
  561. struct qseecom_unload_app_ireq *req;
  562. req = (struct qseecom_unload_app_ireq *)req_buf;
  563. smc_id = TZ_OS_APP_SHUTDOWN_ID;
  564. desc.arginfo = TZ_OS_APP_SHUTDOWN_ID_PARAM_ID;
  565. desc.args[0] = req->app_id;
  566. ret = qcom_scm_qseecom_call(smc_id, &desc, true);
  567. break;
  568. }
  569. case QSEOS_APP_LOOKUP_COMMAND: {
  570. struct qseecom_check_app_ireq *req;
  571. u32 tzbuflen = PAGE_ALIGN(sizeof(req->app_name));
  572. char *tzbuf = __qseecom_alloc_tzbuf(
  573. tzbuflen, &pa, &shm);
  574. if (!tzbuf)
  575. return -ENOMEM;
  576. req = (struct qseecom_check_app_ireq *)req_buf;
  577. pr_debug("Lookup app_name = %s\n", req->app_name);
  578. strlcpy(tzbuf, req->app_name, sizeof(req->app_name));
  579. qtee_shmbridge_flush_shm_buf(&shm);
  580. smc_id = TZ_OS_APP_LOOKUP_ID;
  581. desc.arginfo = TZ_OS_APP_LOOKUP_ID_PARAM_ID;
  582. desc.args[0] = pa;
  583. desc.args[1] = strlen(req->app_name);
  584. __qseecom_reentrancy_check_if_no_app_blocked(smc_id);
  585. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  586. __qseecom_free_tzbuf(&shm);
  587. break;
  588. }
  589. case QSEOS_APP_REGION_NOTIFICATION: {
  590. struct qsee_apps_region_info_ireq *req;
  591. struct qsee_apps_region_info_64bit_ireq *req_64bit;
  592. smc_id = TZ_OS_APP_REGION_NOTIFICATION_ID;
  593. desc.arginfo =
  594. TZ_OS_APP_REGION_NOTIFICATION_ID_PARAM_ID;
  595. if (qseecom.qsee_version < QSEE_VERSION_40) {
  596. req = (struct qsee_apps_region_info_ireq *)
  597. req_buf;
  598. desc.args[0] = req->addr;
  599. desc.args[1] = req->size;
  600. } else {
  601. req_64bit =
  602. (struct qsee_apps_region_info_64bit_ireq *)
  603. req_buf;
  604. desc.args[0] = req_64bit->addr;
  605. desc.args[1] = req_64bit->size;
  606. }
  607. __qseecom_reentrancy_check_if_no_app_blocked(smc_id);
  608. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  609. break;
  610. }
  611. case QSEOS_LOAD_SERV_IMAGE_COMMAND: {
  612. struct qseecom_load_lib_image_ireq *req;
  613. struct qseecom_load_lib_image_64bit_ireq *req_64bit;
  614. smc_id = TZ_OS_LOAD_SERVICES_IMAGE_ID;
  615. desc.arginfo = TZ_OS_LOAD_SERVICES_IMAGE_ID_PARAM_ID;
  616. if (qseecom.qsee_version < QSEE_VERSION_40) {
  617. req = (struct qseecom_load_lib_image_ireq *)
  618. req_buf;
  619. desc.args[0] = req->mdt_len;
  620. desc.args[1] = req->img_len;
  621. desc.args[2] = req->phy_addr;
  622. } else {
  623. req_64bit =
  624. (struct qseecom_load_lib_image_64bit_ireq *)
  625. req_buf;
  626. desc.args[0] = req_64bit->mdt_len;
  627. desc.args[1] = req_64bit->img_len;
  628. desc.args[2] = req_64bit->phy_addr;
  629. }
  630. __qseecom_reentrancy_check_if_no_app_blocked(smc_id);
  631. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  632. break;
  633. }
  634. case QSEOS_UNLOAD_SERV_IMAGE_COMMAND: {
  635. smc_id = TZ_OS_UNLOAD_SERVICES_IMAGE_ID;
  636. desc.arginfo = TZ_OS_UNLOAD_SERVICES_IMAGE_ID_PARAM_ID;
  637. __qseecom_reentrancy_check_if_no_app_blocked(smc_id);
  638. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  639. break;
  640. }
  641. case QSEOS_REGISTER_LISTENER: {
  642. struct qseecom_register_listener_ireq *req;
  643. struct qseecom_register_listener_64bit_ireq *req_64bit;
  644. desc.arginfo =
  645. TZ_OS_REGISTER_LISTENER_ID_PARAM_ID;
  646. if (qseecom.qsee_version < QSEE_VERSION_40) {
  647. req = (struct qseecom_register_listener_ireq *)
  648. req_buf;
  649. desc.args[0] = req->listener_id;
  650. desc.args[1] = req->sb_ptr;
  651. desc.args[2] = req->sb_len;
  652. } else {
  653. req_64bit =
  654. (struct qseecom_register_listener_64bit_ireq *)
  655. req_buf;
  656. desc.args[0] = req_64bit->listener_id;
  657. desc.args[1] = req_64bit->sb_ptr;
  658. desc.args[2] = req_64bit->sb_len;
  659. }
  660. qseecom.smcinvoke_support = true;
  661. smc_id = TZ_OS_REGISTER_LISTENER_SMCINVOKE_ID;
  662. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  663. if (ret == -EIO) {
  664. /* smcinvoke is not supported */
  665. qseecom.smcinvoke_support = false;
  666. smc_id = TZ_OS_REGISTER_LISTENER_ID;
  667. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  668. }
  669. break;
  670. }
  671. case QSEOS_DEREGISTER_LISTENER: {
  672. struct qseecom_unregister_listener_ireq *req;
  673. req = (struct qseecom_unregister_listener_ireq *)
  674. req_buf;
  675. smc_id = TZ_OS_DEREGISTER_LISTENER_ID;
  676. desc.arginfo = TZ_OS_DEREGISTER_LISTENER_ID_PARAM_ID;
  677. desc.args[0] = req->listener_id;
  678. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  679. break;
  680. }
  681. case QSEOS_LISTENER_DATA_RSP_COMMAND: {
  682. struct qseecom_client_listener_data_irsp *req;
  683. req = (struct qseecom_client_listener_data_irsp *)
  684. req_buf;
  685. smc_id = TZ_OS_LISTENER_RESPONSE_HANDLER_ID;
  686. desc.arginfo =
  687. TZ_OS_LISTENER_RESPONSE_HANDLER_ID_PARAM_ID;
  688. desc.args[0] = req->listener_id;
  689. desc.args[1] = req->status;
  690. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  691. break;
  692. }
  693. case QSEOS_LISTENER_DATA_RSP_COMMAND_WHITELIST: {
  694. struct qseecom_client_listener_data_irsp *req;
  695. struct qseecom_client_listener_data_64bit_irsp *req_64;
  696. smc_id =
  697. TZ_OS_LISTENER_RESPONSE_HANDLER_WITH_WHITELIST_ID;
  698. desc.arginfo =
  699. TZ_OS_LISTENER_RESPONSE_HANDLER_WITH_WHITELIST_PARAM_ID;
  700. if (qseecom.qsee_version < QSEE_VERSION_40) {
  701. req =
  702. (struct qseecom_client_listener_data_irsp *)
  703. req_buf;
  704. desc.args[0] = req->listener_id;
  705. desc.args[1] = req->status;
  706. desc.args[2] = req->sglistinfo_ptr;
  707. desc.args[3] = req->sglistinfo_len;
  708. } else {
  709. req_64 =
  710. (struct qseecom_client_listener_data_64bit_irsp *)
  711. req_buf;
  712. desc.args[0] = req_64->listener_id;
  713. desc.args[1] = req_64->status;
  714. desc.args[2] = req_64->sglistinfo_ptr;
  715. desc.args[3] = req_64->sglistinfo_len;
  716. }
  717. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  718. break;
  719. }
  720. case QSEOS_LOAD_EXTERNAL_ELF_COMMAND: {
  721. struct qseecom_load_app_ireq *req;
  722. struct qseecom_load_app_64bit_ireq *req_64bit;
  723. smc_id = TZ_OS_LOAD_EXTERNAL_IMAGE_ID;
  724. desc.arginfo = TZ_OS_LOAD_SERVICES_IMAGE_ID_PARAM_ID;
  725. if (qseecom.qsee_version < QSEE_VERSION_40) {
  726. req = (struct qseecom_load_app_ireq *)req_buf;
  727. desc.args[0] = req->mdt_len;
  728. desc.args[1] = req->img_len;
  729. desc.args[2] = req->phy_addr;
  730. } else {
  731. req_64bit =
  732. (struct qseecom_load_app_64bit_ireq *)req_buf;
  733. desc.args[0] = req_64bit->mdt_len;
  734. desc.args[1] = req_64bit->img_len;
  735. desc.args[2] = req_64bit->phy_addr;
  736. }
  737. __qseecom_reentrancy_check_if_no_app_blocked(smc_id);
  738. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  739. break;
  740. }
  741. case QSEOS_UNLOAD_EXTERNAL_ELF_COMMAND: {
  742. smc_id = TZ_OS_UNLOAD_EXTERNAL_IMAGE_ID;
  743. desc.arginfo = TZ_OS_UNLOAD_SERVICES_IMAGE_ID_PARAM_ID;
  744. __qseecom_reentrancy_check_if_no_app_blocked(smc_id);
  745. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  746. break;
  747. }
  748. case QSEOS_CLIENT_SEND_DATA_COMMAND: {
  749. struct qseecom_client_send_data_ireq *req;
  750. struct qseecom_client_send_data_64bit_ireq *req_64bit;
  751. smc_id = TZ_APP_QSAPP_SEND_DATA_ID;
  752. desc.arginfo = TZ_APP_QSAPP_SEND_DATA_ID_PARAM_ID;
  753. if (qseecom.qsee_version < QSEE_VERSION_40) {
  754. req = (struct qseecom_client_send_data_ireq *)
  755. req_buf;
  756. desc.args[0] = req->app_id;
  757. desc.args[1] = req->req_ptr;
  758. desc.args[2] = req->req_len;
  759. desc.args[3] = req->rsp_ptr;
  760. desc.args[4] = req->rsp_len;
  761. } else {
  762. req_64bit =
  763. (struct qseecom_client_send_data_64bit_ireq *)
  764. req_buf;
  765. desc.args[0] = req_64bit->app_id;
  766. desc.args[1] = req_64bit->req_ptr;
  767. desc.args[2] = req_64bit->req_len;
  768. desc.args[3] = req_64bit->rsp_ptr;
  769. desc.args[4] = req_64bit->rsp_len;
  770. }
  771. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  772. break;
  773. }
  774. case QSEOS_CLIENT_SEND_DATA_COMMAND_WHITELIST: {
  775. struct qseecom_client_send_data_ireq *req;
  776. struct qseecom_client_send_data_64bit_ireq *req_64bit;
  777. smc_id = TZ_APP_QSAPP_SEND_DATA_WITH_WHITELIST_ID;
  778. desc.arginfo =
  779. TZ_APP_QSAPP_SEND_DATA_WITH_WHITELIST_ID_PARAM_ID;
  780. if (qseecom.qsee_version < QSEE_VERSION_40) {
  781. req = (struct qseecom_client_send_data_ireq *)
  782. req_buf;
  783. desc.args[0] = req->app_id;
  784. desc.args[1] = req->req_ptr;
  785. desc.args[2] = req->req_len;
  786. desc.args[3] = req->rsp_ptr;
  787. desc.args[4] = req->rsp_len;
  788. desc.args[5] = req->sglistinfo_ptr;
  789. desc.args[6] = req->sglistinfo_len;
  790. } else {
  791. req_64bit =
  792. (struct qseecom_client_send_data_64bit_ireq *)
  793. req_buf;
  794. desc.args[0] = req_64bit->app_id;
  795. desc.args[1] = req_64bit->req_ptr;
  796. desc.args[2] = req_64bit->req_len;
  797. desc.args[3] = req_64bit->rsp_ptr;
  798. desc.args[4] = req_64bit->rsp_len;
  799. desc.args[5] = req_64bit->sglistinfo_ptr;
  800. desc.args[6] = req_64bit->sglistinfo_len;
  801. }
  802. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  803. break;
  804. }
  805. case QSEOS_RPMB_PROVISION_KEY_COMMAND: {
  806. struct qseecom_client_send_service_ireq *req;
  807. req = (struct qseecom_client_send_service_ireq *)
  808. req_buf;
  809. smc_id = TZ_OS_RPMB_PROVISION_KEY_ID;
  810. desc.arginfo = TZ_OS_RPMB_PROVISION_KEY_ID_PARAM_ID;
  811. desc.args[0] = req->key_type;
  812. __qseecom_reentrancy_check_if_no_app_blocked(smc_id);
  813. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  814. break;
  815. }
  816. case QSEOS_RPMB_ERASE_COMMAND: {
  817. smc_id = TZ_OS_RPMB_ERASE_ID;
  818. desc.arginfo = TZ_OS_RPMB_ERASE_ID_PARAM_ID;
  819. __qseecom_reentrancy_check_if_no_app_blocked(smc_id);
  820. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  821. break;
  822. }
  823. case QSEOS_RPMB_CHECK_PROV_STATUS_COMMAND: {
  824. smc_id = TZ_OS_RPMB_CHECK_PROV_STATUS_ID;
  825. desc.arginfo = TZ_OS_RPMB_CHECK_PROV_STATUS_ID_PARAM_ID;
  826. __qseecom_reentrancy_check_if_no_app_blocked(smc_id);
  827. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  828. break;
  829. }
  830. case QSEOS_DIAG_FUSE_REQ_CMD:
  831. case QSEOS_DIAG_FUSE_REQ_RSP_CMD: {
  832. struct qseecom_client_send_fsm_diag_req *req;
  833. smc_id = TZ_SECBOOT_GET_FUSE_INFO;
  834. desc.arginfo = TZ_SECBOOT_GET_FUSE_INFO_PARAM_ID;
  835. req = (struct qseecom_client_send_fsm_diag_req *) req_buf;
  836. desc.args[0] = req->req_ptr;
  837. desc.args[1] = req->req_len;
  838. desc.args[2] = req->rsp_ptr;
  839. desc.args[3] = req->rsp_len;
  840. __qseecom_reentrancy_check_if_no_app_blocked(smc_id);
  841. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  842. break;
  843. }
  844. case QSEOS_GENERATE_KEY: {
  845. u32 tzbuflen = PAGE_ALIGN(sizeof
  846. (struct qseecom_key_generate_ireq) -
  847. sizeof(uint32_t));
  848. char *tzbuf = __qseecom_alloc_tzbuf(
  849. tzbuflen, &pa, &shm);
  850. if (!tzbuf)
  851. return -ENOMEM;
  852. memset(tzbuf, 0, tzbuflen);
  853. memcpy(tzbuf, req_buf + sizeof(uint32_t),
  854. (sizeof(struct qseecom_key_generate_ireq) -
  855. sizeof(uint32_t)));
  856. qtee_shmbridge_flush_shm_buf(&shm);
  857. smc_id = TZ_OS_KS_GEN_KEY_ID;
  858. desc.arginfo = TZ_OS_KS_GEN_KEY_ID_PARAM_ID;
  859. desc.args[0] = pa;
  860. desc.args[1] = tzbuflen;
  861. __qseecom_reentrancy_check_if_no_app_blocked(smc_id);
  862. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  863. __qseecom_free_tzbuf(&shm);
  864. break;
  865. }
  866. case QSEOS_DELETE_KEY: {
  867. u32 tzbuflen = PAGE_ALIGN(sizeof
  868. (struct qseecom_key_delete_ireq) -
  869. sizeof(uint32_t));
  870. char *tzbuf = __qseecom_alloc_tzbuf(
  871. tzbuflen, &pa, &shm);
  872. if (!tzbuf)
  873. return -ENOMEM;
  874. memset(tzbuf, 0, tzbuflen);
  875. memcpy(tzbuf, req_buf + sizeof(uint32_t),
  876. (sizeof(struct qseecom_key_delete_ireq) -
  877. sizeof(uint32_t)));
  878. qtee_shmbridge_flush_shm_buf(&shm);
  879. smc_id = TZ_OS_KS_DEL_KEY_ID;
  880. desc.arginfo = TZ_OS_KS_DEL_KEY_ID_PARAM_ID;
  881. desc.args[0] = pa;
  882. desc.args[1] = tzbuflen;
  883. __qseecom_reentrancy_check_if_no_app_blocked(smc_id);
  884. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  885. __qseecom_free_tzbuf(&shm);
  886. break;
  887. }
  888. case QSEOS_SET_KEY: {
  889. u32 tzbuflen = PAGE_ALIGN(sizeof
  890. (struct qseecom_key_select_ireq) -
  891. sizeof(uint32_t));
  892. char *tzbuf = __qseecom_alloc_tzbuf(
  893. tzbuflen, &pa, &shm);
  894. if (!tzbuf)
  895. return -ENOMEM;
  896. memset(tzbuf, 0, tzbuflen);
  897. memcpy(tzbuf, req_buf + sizeof(uint32_t),
  898. (sizeof(struct qseecom_key_select_ireq) -
  899. sizeof(uint32_t)));
  900. qtee_shmbridge_flush_shm_buf(&shm);
  901. smc_id = TZ_OS_KS_SET_PIPE_KEY_ID;
  902. desc.arginfo = TZ_OS_KS_SET_PIPE_KEY_ID_PARAM_ID;
  903. desc.args[0] = pa;
  904. desc.args[1] = tzbuflen;
  905. __qseecom_reentrancy_check_if_no_app_blocked(smc_id);
  906. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  907. __qseecom_free_tzbuf(&shm);
  908. break;
  909. }
  910. case QSEOS_UPDATE_KEY_USERINFO: {
  911. u32 tzbuflen = PAGE_ALIGN(sizeof
  912. (struct qseecom_key_userinfo_update_ireq) -
  913. sizeof(uint32_t));
  914. char *tzbuf = __qseecom_alloc_tzbuf(
  915. tzbuflen, &pa, &shm);
  916. if (!tzbuf)
  917. return -ENOMEM;
  918. memset(tzbuf, 0, tzbuflen);
  919. memcpy(tzbuf, req_buf + sizeof(uint32_t), (sizeof
  920. (struct qseecom_key_userinfo_update_ireq) -
  921. sizeof(uint32_t)));
  922. qtee_shmbridge_flush_shm_buf(&shm);
  923. smc_id = TZ_OS_KS_UPDATE_KEY_ID;
  924. desc.arginfo = TZ_OS_KS_UPDATE_KEY_ID_PARAM_ID;
  925. desc.args[0] = pa;
  926. desc.args[1] = tzbuflen;
  927. __qseecom_reentrancy_check_if_no_app_blocked(smc_id);
  928. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  929. __qseecom_free_tzbuf(&shm);
  930. break;
  931. }
  932. case QSEOS_TEE_OPEN_SESSION: {
  933. struct qseecom_qteec_ireq *req;
  934. struct qseecom_qteec_64bit_ireq *req_64bit;
  935. smc_id = TZ_APP_GPAPP_OPEN_SESSION_ID;
  936. desc.arginfo = TZ_APP_GPAPP_OPEN_SESSION_ID_PARAM_ID;
  937. if (qseecom.qsee_version < QSEE_VERSION_40) {
  938. req = (struct qseecom_qteec_ireq *)req_buf;
  939. desc.args[0] = req->app_id;
  940. desc.args[1] = req->req_ptr;
  941. desc.args[2] = req->req_len;
  942. desc.args[3] = req->resp_ptr;
  943. desc.args[4] = req->resp_len;
  944. } else {
  945. req_64bit = (struct qseecom_qteec_64bit_ireq *)
  946. req_buf;
  947. desc.args[0] = req_64bit->app_id;
  948. desc.args[1] = req_64bit->req_ptr;
  949. desc.args[2] = req_64bit->req_len;
  950. desc.args[3] = req_64bit->resp_ptr;
  951. desc.args[4] = req_64bit->resp_len;
  952. }
  953. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  954. break;
  955. }
  956. case QSEOS_TEE_OPEN_SESSION_WHITELIST: {
  957. struct qseecom_qteec_ireq *req;
  958. struct qseecom_qteec_64bit_ireq *req_64bit;
  959. smc_id = TZ_APP_GPAPP_OPEN_SESSION_WITH_WHITELIST_ID;
  960. desc.arginfo =
  961. TZ_APP_GPAPP_OPEN_SESSION_WITH_WHITELIST_ID_PARAM_ID;
  962. if (qseecom.qsee_version < QSEE_VERSION_40) {
  963. req = (struct qseecom_qteec_ireq *)req_buf;
  964. desc.args[0] = req->app_id;
  965. desc.args[1] = req->req_ptr;
  966. desc.args[2] = req->req_len;
  967. desc.args[3] = req->resp_ptr;
  968. desc.args[4] = req->resp_len;
  969. desc.args[5] = req->sglistinfo_ptr;
  970. desc.args[6] = req->sglistinfo_len;
  971. } else {
  972. req_64bit = (struct qseecom_qteec_64bit_ireq *)
  973. req_buf;
  974. desc.args[0] = req_64bit->app_id;
  975. desc.args[1] = req_64bit->req_ptr;
  976. desc.args[2] = req_64bit->req_len;
  977. desc.args[3] = req_64bit->resp_ptr;
  978. desc.args[4] = req_64bit->resp_len;
  979. desc.args[5] = req_64bit->sglistinfo_ptr;
  980. desc.args[6] = req_64bit->sglistinfo_len;
  981. }
  982. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  983. break;
  984. }
  985. case QSEOS_TEE_INVOKE_COMMAND: {
  986. struct qseecom_qteec_ireq *req;
  987. struct qseecom_qteec_64bit_ireq *req_64bit;
  988. smc_id = TZ_APP_GPAPP_INVOKE_COMMAND_ID;
  989. desc.arginfo = TZ_APP_GPAPP_INVOKE_COMMAND_ID_PARAM_ID;
  990. if (qseecom.qsee_version < QSEE_VERSION_40) {
  991. req = (struct qseecom_qteec_ireq *)req_buf;
  992. desc.args[0] = req->app_id;
  993. desc.args[1] = req->req_ptr;
  994. desc.args[2] = req->req_len;
  995. desc.args[3] = req->resp_ptr;
  996. desc.args[4] = req->resp_len;
  997. } else {
  998. req_64bit = (struct qseecom_qteec_64bit_ireq *)
  999. req_buf;
  1000. desc.args[0] = req_64bit->app_id;
  1001. desc.args[1] = req_64bit->req_ptr;
  1002. desc.args[2] = req_64bit->req_len;
  1003. desc.args[3] = req_64bit->resp_ptr;
  1004. desc.args[4] = req_64bit->resp_len;
  1005. }
  1006. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  1007. break;
  1008. }
  1009. case QSEOS_TEE_INVOKE_COMMAND_WHITELIST: {
  1010. struct qseecom_qteec_ireq *req;
  1011. struct qseecom_qteec_64bit_ireq *req_64bit;
  1012. smc_id = TZ_APP_GPAPP_INVOKE_COMMAND_WITH_WHITELIST_ID;
  1013. desc.arginfo =
  1014. TZ_APP_GPAPP_INVOKE_COMMAND_WITH_WHITELIST_ID_PARAM_ID;
  1015. if (qseecom.qsee_version < QSEE_VERSION_40) {
  1016. req = (struct qseecom_qteec_ireq *)req_buf;
  1017. desc.args[0] = req->app_id;
  1018. desc.args[1] = req->req_ptr;
  1019. desc.args[2] = req->req_len;
  1020. desc.args[3] = req->resp_ptr;
  1021. desc.args[4] = req->resp_len;
  1022. desc.args[5] = req->sglistinfo_ptr;
  1023. desc.args[6] = req->sglistinfo_len;
  1024. } else {
  1025. req_64bit = (struct qseecom_qteec_64bit_ireq *)
  1026. req_buf;
  1027. desc.args[0] = req_64bit->app_id;
  1028. desc.args[1] = req_64bit->req_ptr;
  1029. desc.args[2] = req_64bit->req_len;
  1030. desc.args[3] = req_64bit->resp_ptr;
  1031. desc.args[4] = req_64bit->resp_len;
  1032. desc.args[5] = req_64bit->sglistinfo_ptr;
  1033. desc.args[6] = req_64bit->sglistinfo_len;
  1034. }
  1035. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  1036. break;
  1037. }
  1038. case QSEOS_TEE_CLOSE_SESSION: {
  1039. struct qseecom_qteec_ireq *req;
  1040. struct qseecom_qteec_64bit_ireq *req_64bit;
  1041. smc_id = TZ_APP_GPAPP_CLOSE_SESSION_ID;
  1042. desc.arginfo = TZ_APP_GPAPP_CLOSE_SESSION_ID_PARAM_ID;
  1043. if (qseecom.qsee_version < QSEE_VERSION_40) {
  1044. req = (struct qseecom_qteec_ireq *)req_buf;
  1045. desc.args[0] = req->app_id;
  1046. desc.args[1] = req->req_ptr;
  1047. desc.args[2] = req->req_len;
  1048. desc.args[3] = req->resp_ptr;
  1049. desc.args[4] = req->resp_len;
  1050. } else {
  1051. req_64bit = (struct qseecom_qteec_64bit_ireq *)
  1052. req_buf;
  1053. desc.args[0] = req_64bit->app_id;
  1054. desc.args[1] = req_64bit->req_ptr;
  1055. desc.args[2] = req_64bit->req_len;
  1056. desc.args[3] = req_64bit->resp_ptr;
  1057. desc.args[4] = req_64bit->resp_len;
  1058. }
  1059. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  1060. break;
  1061. }
  1062. case QSEOS_TEE_REQUEST_CANCELLATION: {
  1063. struct qseecom_qteec_ireq *req;
  1064. struct qseecom_qteec_64bit_ireq *req_64bit;
  1065. smc_id = TZ_APP_GPAPP_REQUEST_CANCELLATION_ID;
  1066. desc.arginfo =
  1067. TZ_APP_GPAPP_REQUEST_CANCELLATION_ID_PARAM_ID;
  1068. if (qseecom.qsee_version < QSEE_VERSION_40) {
  1069. req = (struct qseecom_qteec_ireq *)req_buf;
  1070. desc.args[0] = req->app_id;
  1071. desc.args[1] = req->req_ptr;
  1072. desc.args[2] = req->req_len;
  1073. desc.args[3] = req->resp_ptr;
  1074. desc.args[4] = req->resp_len;
  1075. } else {
  1076. req_64bit = (struct qseecom_qteec_64bit_ireq *)
  1077. req_buf;
  1078. desc.args[0] = req_64bit->app_id;
  1079. desc.args[1] = req_64bit->req_ptr;
  1080. desc.args[2] = req_64bit->req_len;
  1081. desc.args[3] = req_64bit->resp_ptr;
  1082. desc.args[4] = req_64bit->resp_len;
  1083. }
  1084. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  1085. break;
  1086. }
  1087. case QSEOS_CONTINUE_BLOCKED_REQ_COMMAND: {
  1088. struct qseecom_continue_blocked_request_ireq *req =
  1089. (struct qseecom_continue_blocked_request_ireq *)
  1090. req_buf;
  1091. if (qseecom.smcinvoke_support)
  1092. smc_id =
  1093. TZ_OS_CONTINUE_BLOCKED_REQUEST_SMCINVOKE_ID;
  1094. else
  1095. smc_id = TZ_OS_CONTINUE_BLOCKED_REQUEST_ID;
  1096. desc.arginfo =
  1097. TZ_OS_CONTINUE_BLOCKED_REQUEST_ID_PARAM_ID;
  1098. desc.args[0] = req->app_or_session_id;
  1099. ret = __qseecom_scm_call2_locked(smc_id, &desc);
  1100. break;
  1101. }
  1102. default: {
  1103. pr_err("qseos_cmd_id %d is not supported.\n",
  1104. qseos_cmd_id);
  1105. ret = -EINVAL;
  1106. break;
  1107. }
  1108. } /*end of switch (qsee_cmd_id) */
  1109. break;
  1110. } /*end of case SCM_SVC_TZSCHEDULER*/
  1111. default: {
  1112. pr_err("svc_id 0x%x is not supported.\n", svc_id);
  1113. ret = -EINVAL;
  1114. break;
  1115. }
  1116. } /*end of switch svc_id */
  1117. scm_resp->result = desc.ret[0];
  1118. scm_resp->resp_type = desc.ret[1];
  1119. scm_resp->data = desc.ret[2];
  1120. pr_debug("svc_id = 0x%x, tz_cmd_id = 0x%x, qseos_cmd_id = 0x%x, smc_id = 0x%x, param_id = 0x%x\n",
  1121. svc_id, tz_cmd_id, qseos_cmd_id, smc_id, desc.arginfo);
  1122. pr_debug("scm_resp->result = 0x%x, scm_resp->resp_type = 0x%x, scm_resp->data = 0x%x\n",
  1123. scm_resp->result, scm_resp->resp_type, scm_resp->data);
  1124. return ret;
  1125. }
  1126. static int qseecom_scm_call(u32 svc_id, u32 tz_cmd_id, const void *cmd_buf,
  1127. size_t cmd_len, void *resp_buf, size_t resp_len)
  1128. {
  1129. return qseecom_scm_call2(svc_id, tz_cmd_id, cmd_buf, resp_buf);
  1130. }
  1131. static struct qseecom_registered_listener_list *__qseecom_find_svc(
  1132. int32_t listener_id)
  1133. {
  1134. struct qseecom_registered_listener_list *entry = NULL;
  1135. list_for_each_entry(entry,
  1136. &qseecom.registered_listener_list_head, list) {
  1137. if (entry->svc.listener_id == listener_id)
  1138. break;
  1139. }
  1140. if ((entry != NULL) && (entry->svc.listener_id != listener_id)) {
  1141. pr_debug("Service id: %u is not found\n", listener_id);
  1142. return NULL;
  1143. }
  1144. return entry;
  1145. }
  1146. static int qseecom_dmabuf_cache_operations(struct dma_buf *dmabuf,
  1147. enum qseecom_cache_ops cache_op)
  1148. {
  1149. int ret = 0;
  1150. if (!dmabuf) {
  1151. pr_err("dmabuf is NULL\n");
  1152. ret = -EINVAL;
  1153. goto exit;
  1154. }
  1155. switch (cache_op) {
  1156. case QSEECOM_CACHE_CLEAN: /* Doing CLEAN and INVALIDATE */
  1157. dma_buf_end_cpu_access(dmabuf, DMA_BIDIRECTIONAL);
  1158. dma_buf_begin_cpu_access(dmabuf, DMA_BIDIRECTIONAL);
  1159. break;
  1160. case QSEECOM_CACHE_INVALIDATE:
  1161. dma_buf_begin_cpu_access(dmabuf, DMA_FROM_DEVICE);
  1162. break;
  1163. default:
  1164. pr_err("cache (%d) operation not supported\n",
  1165. cache_op);
  1166. ret = -EINVAL;
  1167. goto exit;
  1168. }
  1169. exit:
  1170. return ret;
  1171. }
  1172. static int qseecom_destroy_bridge_callback(void *dtor_data)
  1173. {
  1174. int ret = 0;
  1175. uint64_t handle = (uint64_t)dtor_data;
  1176. pr_debug("to destroy shm bridge %lld\n", handle);
  1177. ret = qtee_shmbridge_deregister(handle);
  1178. if (ret) {
  1179. pr_err("failed to destroy shm bridge %lld\n", handle);
  1180. return ret;
  1181. }
  1182. return ret;
  1183. }
  1184. static int qseecom_create_bridge_for_secbuf(int ion_fd, struct dma_buf *dmabuf,
  1185. struct sg_table *sgt)
  1186. {
  1187. int ret = 0;
  1188. phys_addr_t phys;
  1189. size_t size = 0;
  1190. uint64_t handle = 0;
  1191. int tz_perm = PERM_READ|PERM_WRITE;
  1192. uint32_t *vmid_list;
  1193. uint32_t *perms_list;
  1194. uint32_t nelems = 0;
  1195. struct scatterlist *sg = sgt->sgl;
  1196. if (!qtee_shmbridge_is_enabled())
  1197. return 0;
  1198. phys = sg_phys(sg);
  1199. size = sg->length;
  1200. ret = qtee_shmbridge_query(phys);
  1201. if (ret) {
  1202. pr_debug("bridge exists\n");
  1203. return 0;
  1204. }
  1205. if (mem_buf_dma_buf_exclusive_owner(dmabuf) || (sgt->nents != 1)) {
  1206. pr_debug("just create bridge for contiguous secure buf\n");
  1207. return 0;
  1208. }
  1209. ret = mem_buf_dma_buf_copy_vmperm(dmabuf, (int **)&vmid_list,
  1210. (int **)&perms_list, (int *)&nelems);
  1211. if (ret) {
  1212. pr_err("mem_buf_dma_buf_copy_vmperm failure, err=%d\n", ret);
  1213. return ret;
  1214. }
  1215. ret = qtee_shmbridge_register(phys, size, vmid_list, perms_list, nelems,
  1216. tz_perm, &handle);
  1217. if (ret && ret != -EEXIST) {
  1218. pr_err("creation of shm bridge failed with ret: %d\n",
  1219. ret);
  1220. goto exit;
  1221. }
  1222. pr_debug("created shm bridge %lld\n", handle);
  1223. mem_buf_dma_buf_set_destructor(dmabuf, qseecom_destroy_bridge_callback,
  1224. (void *)handle);
  1225. exit:
  1226. kfree(perms_list);
  1227. kfree(vmid_list);
  1228. return ret;
  1229. }
  1230. static int qseecom_dmabuf_map(int ion_fd, struct sg_table **sgt,
  1231. struct dma_buf_attachment **attach,
  1232. struct dma_buf **dmabuf)
  1233. {
  1234. struct dma_buf *new_dma_buf = NULL;
  1235. struct dma_buf_attachment *new_attach = NULL;
  1236. struct sg_table *new_sgt = NULL;
  1237. int ret = 0;
  1238. new_dma_buf = dma_buf_get(ion_fd);
  1239. if (IS_ERR_OR_NULL(new_dma_buf)) {
  1240. pr_err("dma_buf_get() for ion_fd %d failed\n", ion_fd);
  1241. ret = -ENOMEM;
  1242. goto err;
  1243. }
  1244. new_attach = dma_buf_attach(new_dma_buf, qseecom.dev);
  1245. if (IS_ERR_OR_NULL(new_attach)) {
  1246. pr_err("dma_buf_attach() for ion_fd %d failed\n", ion_fd);
  1247. ret = -ENOMEM;
  1248. goto err_put;
  1249. }
  1250. new_sgt = dma_buf_map_attachment(new_attach, DMA_BIDIRECTIONAL);
  1251. if (IS_ERR_OR_NULL(new_sgt)) {
  1252. ret = PTR_ERR(new_sgt);
  1253. pr_err("dma_buf_map_attachment for ion_fd %d failed ret = %d\n",
  1254. ion_fd, ret);
  1255. goto err_detach;
  1256. }
  1257. ret = qseecom_create_bridge_for_secbuf(ion_fd, new_dma_buf, new_sgt);
  1258. if (ret) {
  1259. pr_err("failed to create bridge for fd %d\n", ion_fd);
  1260. goto err_unmap_attachment;
  1261. }
  1262. *sgt = new_sgt;
  1263. *attach = new_attach;
  1264. *dmabuf = new_dma_buf;
  1265. return ret;
  1266. err_unmap_attachment:
  1267. dma_buf_unmap_attachment(new_attach, new_sgt, DMA_BIDIRECTIONAL);
  1268. err_detach:
  1269. dma_buf_detach(new_dma_buf, new_attach);
  1270. err_put:
  1271. dma_buf_put(new_dma_buf);
  1272. err:
  1273. return ret;
  1274. }
  1275. static void qseecom_dmabuf_unmap(struct sg_table *sgt,
  1276. struct dma_buf_attachment *attach,
  1277. struct dma_buf *dmabuf)
  1278. {
  1279. dma_buf_unmap_attachment(attach, sgt, DMA_BIDIRECTIONAL);
  1280. dma_buf_detach(dmabuf, attach);
  1281. dma_buf_put(dmabuf);
  1282. }
  1283. /* convert ion_fd to phys_adds and virt_addr*/
  1284. static int qseecom_vaddr_map(int ion_fd,
  1285. phys_addr_t *paddr, void **vaddr,
  1286. struct sg_table **sgt,
  1287. struct dma_buf_attachment **attach,
  1288. size_t *sb_length, struct dma_buf **dmabuf)
  1289. {
  1290. struct dma_buf *new_dma_buf = NULL;
  1291. struct dma_buf_attachment *new_attach = NULL;
  1292. #ifdef KERNEL_VERSION_LEGACY
  1293. struct dma_buf_map new_dma_buf_map = {0};
  1294. #else
  1295. struct iosys_map new_dma_buf_map = {0};
  1296. #endif
  1297. struct sg_table *new_sgt = NULL;
  1298. void *new_va = NULL;
  1299. int ret = 0;
  1300. ret = qseecom_dmabuf_map(ion_fd, &new_sgt, &new_attach, &new_dma_buf);
  1301. if (ret) {
  1302. pr_err("qseecom_dmabuf_map for ion_fd %d failed ret = %d\n",
  1303. ion_fd, ret);
  1304. goto err;
  1305. }
  1306. ret = 0;
  1307. *paddr = sg_dma_address(new_sgt->sgl);
  1308. *sb_length = new_sgt->sgl->length;
  1309. //Invalidate the Buffer
  1310. dma_buf_begin_cpu_access(new_dma_buf, DMA_BIDIRECTIONAL);
  1311. ret = dma_buf_vmap(new_dma_buf, &new_dma_buf_map);
  1312. new_va = ret ? NULL : new_dma_buf_map.vaddr;
  1313. if (!new_va) {
  1314. pr_err("dma_buf_vmap failed\n");
  1315. ret = -ENOMEM;
  1316. goto err_unmap;
  1317. }
  1318. *dmabuf = new_dma_buf;
  1319. *attach = new_attach;
  1320. *sgt = new_sgt;
  1321. *vaddr = new_va;
  1322. return ret;
  1323. err_unmap:
  1324. //Flush the buffer (i.e. Clean and invalidate)
  1325. dma_buf_end_cpu_access(new_dma_buf, DMA_BIDIRECTIONAL);
  1326. dma_buf_begin_cpu_access(new_dma_buf, DMA_BIDIRECTIONAL);
  1327. qseecom_dmabuf_unmap(new_sgt, new_attach, new_dma_buf);
  1328. MAKE_NULL(*sgt, *attach, *dmabuf);
  1329. err:
  1330. return ret;
  1331. }
  1332. static void qseecom_vaddr_unmap(void *vaddr, struct sg_table *sgt,
  1333. struct dma_buf_attachment *attach,
  1334. struct dma_buf *dmabuf)
  1335. {
  1336. #ifdef KERNEL_VERSION_LEGACY
  1337. struct dma_buf_map dmabufmap = DMA_BUF_MAP_INIT_VADDR(vaddr);
  1338. #else
  1339. struct iosys_map dmabufmap = IOSYS_MAP_INIT_VADDR(vaddr);
  1340. #endif
  1341. if (!dmabuf || !vaddr || !sgt || !attach)
  1342. return;
  1343. pr_err("Trying to unmap vaddr");
  1344. dma_buf_vunmap(dmabuf, &dmabufmap);
  1345. dma_buf_end_cpu_access(dmabuf, DMA_BIDIRECTIONAL);
  1346. qseecom_dmabuf_unmap(sgt, attach, dmabuf);
  1347. }
  1348. static int __qseecom_set_sb_memory(struct qseecom_registered_listener_list *svc,
  1349. struct qseecom_dev_handle *handle,
  1350. struct qseecom_register_listener_req *listener)
  1351. {
  1352. int ret = 0;
  1353. struct qseecom_register_listener_ireq req;
  1354. struct qseecom_register_listener_64bit_ireq req_64bit;
  1355. struct qseecom_command_scm_resp resp;
  1356. void *cmd_buf = NULL;
  1357. size_t cmd_len;
  1358. ret = qseecom_vaddr_map(listener->ifd_data_fd,
  1359. &svc->sb_phys, (void **)&svc->sb_virt,
  1360. &svc->sgt, &svc->attach,
  1361. &svc->sb_length, &svc->dmabuf);
  1362. if (ret) {
  1363. pr_err("failed to convert ion_fd %d for lsnr %d with err: %d\n",
  1364. listener->ifd_data_fd, svc->svc.listener_id, ret);
  1365. return -EINVAL;
  1366. }
  1367. if (qseecom.qsee_version < QSEE_VERSION_40) {
  1368. req.qsee_cmd_id = QSEOS_REGISTER_LISTENER;
  1369. req.listener_id = svc->svc.listener_id;
  1370. req.sb_len = svc->sb_length;
  1371. req.sb_ptr = (uint32_t)svc->sb_phys;
  1372. cmd_buf = (void *)&req;
  1373. cmd_len = sizeof(struct qseecom_register_listener_ireq);
  1374. } else {
  1375. req_64bit.qsee_cmd_id = QSEOS_REGISTER_LISTENER;
  1376. req_64bit.listener_id = svc->svc.listener_id;
  1377. req_64bit.sb_len = svc->sb_length;
  1378. req_64bit.sb_ptr = (uint64_t)svc->sb_phys;
  1379. cmd_buf = (void *)&req_64bit;
  1380. cmd_len = sizeof(struct qseecom_register_listener_64bit_ireq);
  1381. }
  1382. resp.result = QSEOS_RESULT_INCOMPLETE;
  1383. mutex_unlock(&listener_access_lock);
  1384. mutex_lock(&app_access_lock);
  1385. __qseecom_reentrancy_check_if_no_app_blocked(
  1386. TZ_OS_REGISTER_LISTENER_SMCINVOKE_ID);
  1387. ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1, cmd_buf, cmd_len,
  1388. &resp, sizeof(resp));
  1389. mutex_unlock(&app_access_lock);
  1390. mutex_lock(&listener_access_lock);
  1391. if (ret) {
  1392. pr_err("qseecom_scm_call failed with err: %d\n", ret);
  1393. ret = -EINVAL;
  1394. goto err;
  1395. }
  1396. if (resp.result != QSEOS_RESULT_SUCCESS) {
  1397. pr_err("Error SB registration req: resp.result = %d\n",
  1398. resp.result);
  1399. ret = -EPERM;
  1400. goto err;
  1401. }
  1402. return 0;
  1403. err:
  1404. if (svc->dmabuf) {
  1405. qseecom_vaddr_unmap(svc->sb_virt, svc->sgt, svc->attach,
  1406. svc->dmabuf);
  1407. MAKE_NULL(svc->sgt, svc->attach, svc->dmabuf);
  1408. }
  1409. return ret;
  1410. }
  1411. static int qseecom_register_listener(struct qseecom_dev_handle *data,
  1412. void __user *argp)
  1413. {
  1414. int ret = 0;
  1415. struct qseecom_register_listener_req rcvd_lstnr;
  1416. struct qseecom_registered_listener_list *new_entry;
  1417. struct qseecom_registered_listener_list *ptr_svc;
  1418. if (data->listener.register_pending) {
  1419. pr_err("Already a listner registration is in process on this FD\n");
  1420. return -EINVAL;
  1421. }
  1422. ret = copy_from_user(&rcvd_lstnr, argp, sizeof(rcvd_lstnr));
  1423. if (ret) {
  1424. pr_err("copy_from_user failed\n");
  1425. return ret;
  1426. }
  1427. if (!access_ok((void __user *)rcvd_lstnr.virt_sb_base,
  1428. rcvd_lstnr.sb_size))
  1429. return -EFAULT;
  1430. ptr_svc = __qseecom_find_svc(data->listener.id);
  1431. if (ptr_svc) {
  1432. pr_err("Already a listener registered on this data: lid=%d\n", data->listener.id);
  1433. return -EINVAL;
  1434. }
  1435. ptr_svc = __qseecom_find_svc(rcvd_lstnr.listener_id);
  1436. if (ptr_svc) {
  1437. if (!ptr_svc->unregister_pending) {
  1438. pr_err("Service %d is not unique\n",
  1439. rcvd_lstnr.listener_id);
  1440. data->released = true;
  1441. return -EBUSY;
  1442. } else {
  1443. /*wait until listener is unregistered*/
  1444. pr_debug("register %d has to wait\n",
  1445. rcvd_lstnr.listener_id);
  1446. mutex_unlock(&listener_access_lock);
  1447. ret = wait_event_interruptible(
  1448. qseecom.register_lsnr_pending_wq,
  1449. list_empty(
  1450. &qseecom.unregister_lsnr_pending_list_head));
  1451. if (ret) {
  1452. pr_err("interrupted register_pending_wq %d\n",
  1453. rcvd_lstnr.listener_id);
  1454. mutex_lock(&listener_access_lock);
  1455. return -ERESTARTSYS;
  1456. }
  1457. mutex_lock(&listener_access_lock);
  1458. }
  1459. }
  1460. new_entry = kzalloc(sizeof(*new_entry), GFP_KERNEL);
  1461. if (!new_entry)
  1462. return -ENOMEM;
  1463. memcpy(&new_entry->svc, &rcvd_lstnr, sizeof(rcvd_lstnr));
  1464. new_entry->rcv_req_flag = 0;
  1465. new_entry->sglistinfo_ptr =
  1466. (struct sglist_info *)__qseecom_alloc_tzbuf(
  1467. sizeof(struct sglist_info) * MAX_ION_FD,
  1468. &new_entry->sglistinfo_shm.paddr,
  1469. &new_entry->sglistinfo_shm);
  1470. if (!new_entry->sglistinfo_ptr) {
  1471. kfree(new_entry);
  1472. return -ENOMEM;
  1473. }
  1474. new_entry->svc.listener_id = rcvd_lstnr.listener_id;
  1475. new_entry->sb_length = rcvd_lstnr.sb_size;
  1476. new_entry->user_virt_sb_base = rcvd_lstnr.virt_sb_base;
  1477. data->listener.register_pending = true;
  1478. if (__qseecom_set_sb_memory(new_entry, data, &rcvd_lstnr)) {
  1479. pr_err("qseecom_set_sb_memory failed for listener %d, size %d\n",
  1480. rcvd_lstnr.listener_id, rcvd_lstnr.sb_size);
  1481. __qseecom_free_tzbuf(&new_entry->sglistinfo_shm);
  1482. kfree_sensitive(new_entry);
  1483. data->listener.register_pending = false;
  1484. return -ENOMEM;
  1485. }
  1486. data->listener.register_pending = false;
  1487. init_waitqueue_head(&new_entry->rcv_req_wq);
  1488. init_waitqueue_head(&new_entry->listener_block_app_wq);
  1489. new_entry->send_resp_flag = 0;
  1490. new_entry->listener_in_use = false;
  1491. list_add_tail(&new_entry->list, &qseecom.registered_listener_list_head);
  1492. data->listener.id = rcvd_lstnr.listener_id;
  1493. pr_debug("Service %d is registered\n", rcvd_lstnr.listener_id);
  1494. return ret;
  1495. }
  1496. static int __qseecom_unregister_listener(struct qseecom_dev_handle *data,
  1497. struct qseecom_registered_listener_list *ptr_svc)
  1498. {
  1499. int ret = 0;
  1500. struct qseecom_register_listener_ireq req;
  1501. struct qseecom_command_scm_resp resp;
  1502. req.qsee_cmd_id = QSEOS_DEREGISTER_LISTENER;
  1503. req.listener_id = data->listener.id;
  1504. resp.result = QSEOS_RESULT_INCOMPLETE;
  1505. mutex_unlock(&listener_access_lock);
  1506. mutex_lock(&app_access_lock);
  1507. __qseecom_reentrancy_check_if_no_app_blocked(
  1508. TZ_OS_DEREGISTER_LISTENER_ID);
  1509. ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1, &req,
  1510. sizeof(req), &resp, sizeof(resp));
  1511. mutex_unlock(&app_access_lock);
  1512. mutex_lock(&listener_access_lock);
  1513. if (ret) {
  1514. pr_err("scm_call() failed with err: %d (lstnr id=%d)\n",
  1515. ret, data->listener.id);
  1516. return ret;
  1517. }
  1518. if (resp.result != QSEOS_RESULT_SUCCESS) {
  1519. pr_err("Failed resp.result=%d,(lstnr id=%d)\n",
  1520. resp.result, data->listener.id);
  1521. ret = -EPERM;
  1522. goto exit;
  1523. }
  1524. while (atomic_read(&data->ioctl_count) > 1) {
  1525. if (wait_event_interruptible(data->abort_wq,
  1526. atomic_read(&data->ioctl_count) <= 1)) {
  1527. pr_err("Interrupted from abort\n");
  1528. ret = -ERESTARTSYS;
  1529. }
  1530. }
  1531. exit:
  1532. if (ptr_svc->dmabuf) {
  1533. qseecom_vaddr_unmap(ptr_svc->sb_virt,
  1534. ptr_svc->sgt, ptr_svc->attach, ptr_svc->dmabuf);
  1535. MAKE_NULL(ptr_svc->sgt, ptr_svc->attach, ptr_svc->dmabuf);
  1536. }
  1537. __qseecom_free_tzbuf(&ptr_svc->sglistinfo_shm);
  1538. list_del(&ptr_svc->list);
  1539. kfree_sensitive(ptr_svc);
  1540. data->released = true;
  1541. pr_debug("Service %d is unregistered\n", data->listener.id);
  1542. return ret;
  1543. }
  1544. static int qseecom_unregister_listener(struct qseecom_dev_handle *data)
  1545. {
  1546. struct qseecom_registered_listener_list *ptr_svc = NULL;
  1547. struct qseecom_unregister_pending_list *entry = NULL;
  1548. if (data->released) {
  1549. pr_err("Don't unregister lsnr %d\n", data->listener.id);
  1550. return -EINVAL;
  1551. }
  1552. ptr_svc = __qseecom_find_svc(data->listener.id);
  1553. if (!ptr_svc) {
  1554. pr_err("Unregiser invalid listener ID %d\n", data->listener.id);
  1555. return -ENODATA;
  1556. }
  1557. /* stop CA thread waiting for listener response */
  1558. ptr_svc->abort = 1;
  1559. wake_up_interruptible_all(&qseecom.send_resp_wq);
  1560. /* stop listener thread waiting for listener request */
  1561. data->abort = 1;
  1562. wake_up_all(&ptr_svc->rcv_req_wq);
  1563. /* return directly if pending*/
  1564. if (ptr_svc->unregister_pending)
  1565. return 0;
  1566. /*add unregistration into pending list*/
  1567. entry = kzalloc(sizeof(*entry), GFP_KERNEL);
  1568. if (!entry)
  1569. return -ENOMEM;
  1570. entry->data = data;
  1571. list_add_tail(&entry->list,
  1572. &qseecom.unregister_lsnr_pending_list_head);
  1573. ptr_svc->unregister_pending = true;
  1574. pr_debug("unregister %d pending\n", data->listener.id);
  1575. return 0;
  1576. }
  1577. static void __qseecom_processing_pending_lsnr_unregister(void)
  1578. {
  1579. struct qseecom_unregister_pending_list *entry = NULL;
  1580. struct qseecom_registered_listener_list *ptr_svc = NULL;
  1581. struct list_head *pos;
  1582. int ret = 0;
  1583. mutex_lock(&listener_access_lock);
  1584. while (!list_empty(&qseecom.unregister_lsnr_pending_list_head)) {
  1585. pos = qseecom.unregister_lsnr_pending_list_head.next;
  1586. entry = list_entry(pos,
  1587. struct qseecom_unregister_pending_list, list);
  1588. if (entry && entry->data) {
  1589. pr_debug("process pending unregister %d\n",
  1590. entry->data->listener.id);
  1591. /* don't process the entry if qseecom_release is not called*/
  1592. if (!entry->data->listener.release_called) {
  1593. list_del(pos);
  1594. list_add_tail(&entry->list,
  1595. &qseecom.unregister_lsnr_pending_list_head);
  1596. break;
  1597. }
  1598. ptr_svc = __qseecom_find_svc(
  1599. entry->data->listener.id);
  1600. if (ptr_svc) {
  1601. ret = __qseecom_unregister_listener(
  1602. entry->data, ptr_svc);
  1603. if (ret) {
  1604. pr_debug("unregister %d pending again\n",
  1605. entry->data->listener.id);
  1606. mutex_unlock(&listener_access_lock);
  1607. return;
  1608. }
  1609. } else
  1610. pr_err("invalid listener %d\n",
  1611. entry->data->listener.id);
  1612. __qseecom_free_tzbuf(&entry->data->sglistinfo_shm);
  1613. kfree_sensitive(entry->data);
  1614. }
  1615. list_del(pos);
  1616. kfree_sensitive(entry);
  1617. }
  1618. mutex_unlock(&listener_access_lock);
  1619. wake_up_interruptible(&qseecom.register_lsnr_pending_wq);
  1620. }
  1621. static void __wakeup_unregister_listener_kthread(void)
  1622. {
  1623. atomic_set(&qseecom.unregister_lsnr_kthread_state,
  1624. LSNR_UNREG_KT_WAKEUP);
  1625. wake_up_interruptible(&qseecom.unregister_lsnr_kthread_wq);
  1626. }
  1627. static int __qseecom_unregister_listener_kthread_func(void *data)
  1628. {
  1629. while (!kthread_should_stop()) {
  1630. wait_event_interruptible(
  1631. qseecom.unregister_lsnr_kthread_wq,
  1632. atomic_read(&qseecom.unregister_lsnr_kthread_state)
  1633. == LSNR_UNREG_KT_WAKEUP);
  1634. pr_debug("kthread to unregister listener is called %d\n",
  1635. atomic_read(&qseecom.unregister_lsnr_kthread_state));
  1636. __qseecom_processing_pending_lsnr_unregister();
  1637. atomic_set(&qseecom.unregister_lsnr_kthread_state,
  1638. LSNR_UNREG_KT_SLEEP);
  1639. }
  1640. pr_warn("kthread to unregister listener stopped\n");
  1641. return 0;
  1642. }
  1643. static int qseecom_bus_scale_update_request(
  1644. int client, int mode)
  1645. {
  1646. pr_debug("client %d, mode %d\n", client, mode);
  1647. /*TODO: get ab/ib from device tree for different mode*/
  1648. if (!mode)
  1649. return icc_set_bw(qseecom.icc_path, 0, 0);
  1650. else
  1651. return icc_set_bw(qseecom.icc_path,
  1652. qseecom.avg_bw, qseecom.peak_bw);
  1653. }
  1654. static int __qseecom_set_msm_bus_request(uint32_t mode)
  1655. {
  1656. int ret = 0;
  1657. struct qseecom_clk *qclk;
  1658. qclk = &qseecom.qsee;
  1659. if (qclk->ce_core_src_clk != NULL) {
  1660. if (mode == INACTIVE) {
  1661. __qseecom_disable_clk(CLK_QSEE);
  1662. } else {
  1663. ret = __qseecom_enable_clk(CLK_QSEE);
  1664. if (ret)
  1665. pr_err("CLK enabling failed (%d) MODE (%d)\n",
  1666. ret, mode);
  1667. }
  1668. }
  1669. if ((!ret) && (qseecom.current_mode != mode)) {
  1670. ret = qseecom_bus_scale_update_request(
  1671. qseecom.qsee_perf_client, mode);
  1672. if (ret) {
  1673. pr_err("Bandwidth req failed(%d) MODE (%d)\n",
  1674. ret, mode);
  1675. if (qclk->ce_core_src_clk != NULL) {
  1676. if (mode == INACTIVE) {
  1677. ret = __qseecom_enable_clk(CLK_QSEE);
  1678. if (ret)
  1679. pr_err("CLK enable failed\n");
  1680. } else
  1681. __qseecom_disable_clk(CLK_QSEE);
  1682. }
  1683. }
  1684. qseecom.current_mode = mode;
  1685. }
  1686. return ret;
  1687. }
  1688. static void qseecom_bw_inactive_req_work(struct work_struct *work)
  1689. {
  1690. mutex_lock(&app_access_lock);
  1691. mutex_lock(&qsee_bw_mutex);
  1692. if (qseecom.timer_running)
  1693. __qseecom_set_msm_bus_request(INACTIVE);
  1694. pr_debug("current_mode = %d, cumulative_mode = %d\n",
  1695. qseecom.current_mode, qseecom.cumulative_mode);
  1696. qseecom.timer_running = false;
  1697. mutex_unlock(&qsee_bw_mutex);
  1698. mutex_unlock(&app_access_lock);
  1699. }
  1700. static void qseecom_scale_bus_bandwidth_timer_callback(struct timer_list *data)
  1701. {
  1702. schedule_work(&qseecom.bw_inactive_req_ws);
  1703. }
  1704. static int __qseecom_decrease_clk_ref_count(enum qseecom_ce_hw_instance ce)
  1705. {
  1706. struct qseecom_clk *qclk;
  1707. int ret = 0;
  1708. mutex_lock(&clk_access_lock);
  1709. if (ce == CLK_QSEE)
  1710. qclk = &qseecom.qsee;
  1711. else
  1712. qclk = &qseecom.ce_drv;
  1713. if (qclk->clk_access_cnt > 0) {
  1714. qclk->clk_access_cnt--;
  1715. } else {
  1716. pr_err("Invalid clock ref count %d\n", qclk->clk_access_cnt);
  1717. ret = -EINVAL;
  1718. }
  1719. mutex_unlock(&clk_access_lock);
  1720. return ret;
  1721. }
  1722. static int qseecom_scale_bus_bandwidth_timer(uint32_t mode)
  1723. {
  1724. int32_t ret = 0;
  1725. int32_t request_mode = INACTIVE;
  1726. mutex_lock(&qsee_bw_mutex);
  1727. if (mode == 0) {
  1728. if (qseecom.cumulative_mode > MEDIUM)
  1729. request_mode = HIGH;
  1730. else
  1731. request_mode = qseecom.cumulative_mode;
  1732. } else {
  1733. request_mode = mode;
  1734. }
  1735. ret = __qseecom_set_msm_bus_request(request_mode);
  1736. if (ret) {
  1737. pr_err("set msm bus request failed (%d),request_mode (%d)\n",
  1738. ret, request_mode);
  1739. goto err_scale_timer;
  1740. }
  1741. if (qseecom.timer_running) {
  1742. ret = __qseecom_decrease_clk_ref_count(CLK_QSEE);
  1743. if (ret) {
  1744. pr_err("Failed to decrease clk ref count.\n");
  1745. goto err_scale_timer;
  1746. }
  1747. del_timer_sync(&(qseecom.bw_scale_down_timer));
  1748. qseecom.timer_running = false;
  1749. }
  1750. err_scale_timer:
  1751. mutex_unlock(&qsee_bw_mutex);
  1752. return ret;
  1753. }
  1754. static int qseecom_unregister_bus_bandwidth_needs(
  1755. struct qseecom_dev_handle *data)
  1756. {
  1757. qseecom.cumulative_mode -= data->mode;
  1758. data->mode = INACTIVE;
  1759. return 0;
  1760. }
  1761. static int __qseecom_register_bus_bandwidth_needs(
  1762. struct qseecom_dev_handle *data, uint32_t request_mode)
  1763. {
  1764. if (data->mode == INACTIVE) {
  1765. qseecom.cumulative_mode += request_mode;
  1766. data->mode = request_mode;
  1767. } else {
  1768. if (data->mode != request_mode) {
  1769. qseecom.cumulative_mode -= data->mode;
  1770. qseecom.cumulative_mode += request_mode;
  1771. data->mode = request_mode;
  1772. }
  1773. }
  1774. return 0;
  1775. }
  1776. static int qseecom_perf_enable(struct qseecom_dev_handle *data)
  1777. {
  1778. int ret = 0;
  1779. ret = qsee_vote_for_clock(data, CLK_DFAB);
  1780. if (ret) {
  1781. pr_err("Failed to vote for DFAB clock with err %d\n", ret);
  1782. goto perf_enable_exit;
  1783. }
  1784. ret = qsee_vote_for_clock(data, CLK_SFPB);
  1785. if (ret) {
  1786. qsee_disable_clock_vote(data, CLK_DFAB);
  1787. pr_err("Failed to vote for SFPB clock with err %d\n", ret);
  1788. goto perf_enable_exit;
  1789. }
  1790. perf_enable_exit:
  1791. return ret;
  1792. }
  1793. static void __qseecom_add_bw_scale_down_timer(uint32_t duration)
  1794. {
  1795. if (qseecom.no_clock_support)
  1796. return;
  1797. mutex_lock(&qsee_bw_mutex);
  1798. qseecom.bw_scale_down_timer.expires = jiffies +
  1799. msecs_to_jiffies(duration);
  1800. mod_timer(&(qseecom.bw_scale_down_timer),
  1801. qseecom.bw_scale_down_timer.expires);
  1802. qseecom.timer_running = true;
  1803. mutex_unlock(&qsee_bw_mutex);
  1804. }
  1805. static void __qseecom_disable_clk_scale_down(struct qseecom_dev_handle *data)
  1806. {
  1807. if (!qseecom.support_bus_scaling)
  1808. qsee_disable_clock_vote(data, CLK_SFPB);
  1809. else
  1810. __qseecom_add_bw_scale_down_timer(
  1811. QSEECOM_LOAD_APP_CRYPTO_TIMEOUT);
  1812. }
  1813. static int __qseecom_enable_clk_scale_up(struct qseecom_dev_handle *data)
  1814. {
  1815. int ret = 0;
  1816. if (qseecom.support_bus_scaling) {
  1817. ret = qseecom_scale_bus_bandwidth_timer(MEDIUM);
  1818. if (ret)
  1819. pr_err("Failed to set bw MEDIUM.\n");
  1820. } else {
  1821. ret = qsee_vote_for_clock(data, CLK_SFPB);
  1822. if (ret)
  1823. pr_err("Fail vote for clk SFPB ret %d\n", ret);
  1824. }
  1825. return ret;
  1826. }
  1827. static int qseecom_set_client_mem_param(struct qseecom_dev_handle *data,
  1828. void __user *argp)
  1829. {
  1830. int32_t ret;
  1831. struct qseecom_set_sb_mem_param_req req;
  1832. size_t len;
  1833. /* Copy the relevant information needed for loading the image */
  1834. if (copy_from_user(&req, (void __user *)argp, sizeof(req)))
  1835. return -EFAULT;
  1836. if ((req.ifd_data_fd <= 0) || (req.virt_sb_base == NULL) ||
  1837. (req.sb_len == 0)) {
  1838. pr_err("Invalid input(s)ion_fd(%d), sb_len(%d)\n",
  1839. req.ifd_data_fd, req.sb_len);
  1840. return -EFAULT;
  1841. }
  1842. if (!access_ok((void __user *)req.virt_sb_base,
  1843. req.sb_len))
  1844. return -EFAULT;
  1845. ret = qseecom_vaddr_map(req.ifd_data_fd, &data->client.sb_phys,
  1846. (void **)&data->client.sb_virt,
  1847. &data->client.sgt, &data->client.attach,
  1848. &len, &data->client.dmabuf);
  1849. if (ret) {
  1850. pr_err("failed to convert ion_fd %d for lsnr %d with err: %d\n",
  1851. req.ifd_data_fd, data->client.app_id, ret);
  1852. return -EINVAL;
  1853. }
  1854. if (len < req.sb_len) {
  1855. pr_err("Requested length (0x%x) is > allocated (%zu)\n",
  1856. req.sb_len, len);
  1857. ret = -EINVAL;
  1858. goto exit;
  1859. }
  1860. data->client.sb_length = req.sb_len;
  1861. data->client.user_virt_sb_base = (uintptr_t)req.virt_sb_base;
  1862. return ret;
  1863. exit:
  1864. if (data->client.dmabuf) {
  1865. qseecom_vaddr_unmap(data->client.sb_virt, data->client.sgt,
  1866. data->client.attach, data->client.dmabuf);
  1867. MAKE_NULL(data->client.sgt,
  1868. data->client.attach, data->client.dmabuf);
  1869. }
  1870. return ret;
  1871. }
  1872. static int __qseecom_listener_has_sent_rsp(struct qseecom_dev_handle *data,
  1873. struct qseecom_registered_listener_list *ptr_svc)
  1874. {
  1875. int ret;
  1876. ret = (qseecom.send_resp_flag != 0);
  1877. return ret || data->abort || ptr_svc->abort;
  1878. }
  1879. static int __qseecom_reentrancy_listener_has_sent_rsp(
  1880. struct qseecom_dev_handle *data,
  1881. struct qseecom_registered_listener_list *ptr_svc)
  1882. {
  1883. int ret;
  1884. ret = (ptr_svc->send_resp_flag != 0);
  1885. return ret || data->abort || ptr_svc->abort;
  1886. }
  1887. static void __qseecom_clean_listener_sglistinfo(
  1888. struct qseecom_registered_listener_list *ptr_svc)
  1889. {
  1890. if (ptr_svc->sglist_cnt) {
  1891. memset(ptr_svc->sglistinfo_ptr, 0,
  1892. SGLISTINFO_TABLE_SIZE);
  1893. ptr_svc->sglist_cnt = 0;
  1894. }
  1895. }
  1896. static int __qseecom_process_incomplete_cmd(struct qseecom_dev_handle *data,
  1897. struct qseecom_command_scm_resp *resp)
  1898. {
  1899. int ret = 0;
  1900. int rc = 0;
  1901. uint32_t lstnr;
  1902. struct qseecom_client_listener_data_irsp send_data_rsp = {0};
  1903. struct qseecom_client_listener_data_64bit_irsp send_data_rsp_64bit
  1904. = {0};
  1905. struct qseecom_registered_listener_list *ptr_svc = NULL;
  1906. sigset_t new_sigset;
  1907. uint32_t status;
  1908. void *cmd_buf = NULL;
  1909. size_t cmd_len;
  1910. struct sglist_info *table = NULL;
  1911. qseecom.app_block_ref_cnt++;
  1912. while (resp->result == QSEOS_RESULT_INCOMPLETE) {
  1913. lstnr = resp->data;
  1914. /*
  1915. * Wake up blocking lsitener service with the lstnr id
  1916. */
  1917. mutex_lock(&listener_access_lock);
  1918. list_for_each_entry(ptr_svc,
  1919. &qseecom.registered_listener_list_head, list) {
  1920. if (ptr_svc->svc.listener_id == lstnr) {
  1921. ptr_svc->listener_in_use = true;
  1922. ptr_svc->rcv_req_flag = 1;
  1923. ret = qseecom_dmabuf_cache_operations(
  1924. ptr_svc->dmabuf,
  1925. QSEECOM_CACHE_INVALIDATE);
  1926. if (ret) {
  1927. rc = -EINVAL;
  1928. status = QSEOS_RESULT_FAILURE;
  1929. goto err_resp;
  1930. }
  1931. wake_up_interruptible(&ptr_svc->rcv_req_wq);
  1932. break;
  1933. }
  1934. }
  1935. if (ptr_svc == NULL) {
  1936. pr_err("Listener Svc %d does not exist\n", lstnr);
  1937. rc = -EINVAL;
  1938. status = QSEOS_RESULT_FAILURE;
  1939. goto err_resp;
  1940. }
  1941. if (!ptr_svc->dmabuf) {
  1942. pr_err("Client dmabuf is not initialized\n");
  1943. rc = -EINVAL;
  1944. status = QSEOS_RESULT_FAILURE;
  1945. goto err_resp;
  1946. }
  1947. if (ptr_svc->svc.listener_id != lstnr) {
  1948. pr_err("Service %d does not exist\n",
  1949. lstnr);
  1950. rc = -ERESTARTSYS;
  1951. ptr_svc = NULL;
  1952. status = QSEOS_RESULT_FAILURE;
  1953. goto err_resp;
  1954. }
  1955. if (ptr_svc->abort == 1) {
  1956. pr_debug("Service %d abort %d\n",
  1957. lstnr, ptr_svc->abort);
  1958. rc = -ENODEV;
  1959. status = QSEOS_RESULT_FAILURE;
  1960. goto err_resp;
  1961. }
  1962. pr_debug("waking up rcv_req_wq and waiting for send_resp_wq\n");
  1963. /* initialize the new signal mask with all signals*/
  1964. sigfillset(&new_sigset);
  1965. /* block all signals */
  1966. mutex_unlock(&listener_access_lock);
  1967. do {
  1968. /*
  1969. * When reentrancy is not supported, check global
  1970. * send_resp_flag; otherwise, check this listener's
  1971. * send_resp_flag.
  1972. */
  1973. if (!qseecom.qsee_reentrancy_support &&
  1974. !wait_event_interruptible(qseecom.send_resp_wq,
  1975. __qseecom_listener_has_sent_rsp(
  1976. data, ptr_svc))) {
  1977. break;
  1978. }
  1979. if (qseecom.qsee_reentrancy_support &&
  1980. !wait_event_interruptible(qseecom.send_resp_wq,
  1981. __qseecom_reentrancy_listener_has_sent_rsp(
  1982. data, ptr_svc))) {
  1983. break;
  1984. }
  1985. } while (1);
  1986. mutex_lock(&listener_access_lock);
  1987. /* restore signal mask */
  1988. if (data->abort || ptr_svc->abort) {
  1989. pr_err("Abort clnt %d waiting on lstnr svc %d, ret %d\n",
  1990. data->client.app_id, lstnr, ret);
  1991. rc = -ENODEV;
  1992. status = QSEOS_RESULT_FAILURE;
  1993. } else {
  1994. status = QSEOS_RESULT_SUCCESS;
  1995. }
  1996. err_resp:
  1997. qseecom.send_resp_flag = 0;
  1998. if (ptr_svc) {
  1999. ptr_svc->send_resp_flag = 0;
  2000. table = ptr_svc->sglistinfo_ptr;
  2001. }
  2002. if (qseecom.qsee_version < QSEE_VERSION_40) {
  2003. send_data_rsp.listener_id = lstnr;
  2004. send_data_rsp.status = status;
  2005. if (table) {
  2006. send_data_rsp.sglistinfo_ptr =
  2007. (uint32_t)virt_to_phys(table);
  2008. send_data_rsp.sglistinfo_len =
  2009. SGLISTINFO_TABLE_SIZE;
  2010. qtee_shmbridge_flush_shm_buf(
  2011. &ptr_svc->sglistinfo_shm);
  2012. }
  2013. cmd_buf = (void *)&send_data_rsp;
  2014. cmd_len = sizeof(send_data_rsp);
  2015. } else {
  2016. send_data_rsp_64bit.listener_id = lstnr;
  2017. send_data_rsp_64bit.status = status;
  2018. if (table) {
  2019. send_data_rsp_64bit.sglistinfo_ptr =
  2020. virt_to_phys(table);
  2021. send_data_rsp_64bit.sglistinfo_len =
  2022. SGLISTINFO_TABLE_SIZE;
  2023. qtee_shmbridge_flush_shm_buf(
  2024. &ptr_svc->sglistinfo_shm);
  2025. }
  2026. cmd_buf = (void *)&send_data_rsp_64bit;
  2027. cmd_len = sizeof(send_data_rsp_64bit);
  2028. }
  2029. if (!qseecom.whitelist_support || table == NULL)
  2030. *(uint32_t *)cmd_buf = QSEOS_LISTENER_DATA_RSP_COMMAND;
  2031. else
  2032. *(uint32_t *)cmd_buf =
  2033. QSEOS_LISTENER_DATA_RSP_COMMAND_WHITELIST;
  2034. if ((lstnr == RPMB_SERVICE) || (lstnr == SSD_SERVICE)) {
  2035. ret = __qseecom_enable_clk(CLK_QSEE);
  2036. if (ret)
  2037. goto exit;
  2038. }
  2039. if (ptr_svc) {
  2040. ret = qseecom_dmabuf_cache_operations(ptr_svc->dmabuf,
  2041. QSEECOM_CACHE_CLEAN);
  2042. if (ret)
  2043. goto exit;
  2044. ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1,
  2045. cmd_buf, cmd_len, resp, sizeof(*resp));
  2046. ptr_svc->listener_in_use = false;
  2047. __qseecom_clean_listener_sglistinfo(ptr_svc);
  2048. if (ret) {
  2049. pr_err("scm_call() failed with err: %d (app_id = %d)\n",
  2050. ret, data->client.app_id);
  2051. goto exit;
  2052. }
  2053. } else {
  2054. ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1,
  2055. cmd_buf, cmd_len, resp, sizeof(*resp));
  2056. if (ret) {
  2057. pr_err("scm_call() failed with err: %d (app_id = %d)\n",
  2058. ret, data->client.app_id);
  2059. goto exit;
  2060. }
  2061. }
  2062. pr_debug("resp status %d, res= %d, app_id = %d, lstr = %d\n",
  2063. status, resp->result, data->client.app_id, lstnr);
  2064. if ((resp->result != QSEOS_RESULT_SUCCESS) &&
  2065. (resp->result != QSEOS_RESULT_INCOMPLETE)) {
  2066. pr_err("fail:resp res= %d,app_id = %d,lstr = %d\n",
  2067. resp->result, data->client.app_id, lstnr);
  2068. ret = -EINVAL;
  2069. }
  2070. exit:
  2071. mutex_unlock(&listener_access_lock);
  2072. if ((lstnr == RPMB_SERVICE) || (lstnr == SSD_SERVICE))
  2073. __qseecom_disable_clk(CLK_QSEE);
  2074. }
  2075. qseecom.app_block_ref_cnt--;
  2076. wake_up_interruptible_all(&qseecom.app_block_wq);
  2077. if (rc)
  2078. return rc;
  2079. return ret;
  2080. }
  2081. static int __qseecom_process_reentrancy_blocked_on_listener(
  2082. struct qseecom_command_scm_resp *resp,
  2083. struct qseecom_registered_app_list *ptr_app,
  2084. struct qseecom_dev_handle *data)
  2085. {
  2086. struct qseecom_registered_listener_list *list_ptr;
  2087. int ret = 0;
  2088. struct qseecom_continue_blocked_request_ireq ireq;
  2089. struct qseecom_command_scm_resp continue_resp;
  2090. unsigned int session_id;
  2091. sigset_t new_sigset;
  2092. unsigned long flags;
  2093. bool found_app = false;
  2094. struct qseecom_registered_app_list dummy_app_entry = { {NULL} };
  2095. if (!resp || !data) {
  2096. pr_err("invalid resp or data pointer\n");
  2097. ret = -EINVAL;
  2098. goto exit;
  2099. }
  2100. /* find app_id & img_name from list */
  2101. if (!ptr_app) {
  2102. if (data->client.from_smcinvoke || data->client.from_loadapp) {
  2103. pr_debug("This request is from %s\n",
  2104. (data->client.from_smcinvoke ? "smcinvoke" : "load_app"));
  2105. ptr_app = &dummy_app_entry;
  2106. ptr_app->app_id = data->client.app_id;
  2107. } else {
  2108. spin_lock_irqsave(&qseecom.registered_app_list_lock,
  2109. flags);
  2110. list_for_each_entry(ptr_app,
  2111. &qseecom.registered_app_list_head, list) {
  2112. if ((ptr_app->app_id == data->client.app_id) &&
  2113. (!strcmp(ptr_app->app_name,
  2114. data->client.app_name))) {
  2115. found_app = true;
  2116. break;
  2117. }
  2118. }
  2119. spin_unlock_irqrestore(
  2120. &qseecom.registered_app_list_lock, flags);
  2121. if (!found_app) {
  2122. pr_err("app_id %d (%s) is not found\n",
  2123. data->client.app_id,
  2124. (char *)data->client.app_name);
  2125. ret = -ENOENT;
  2126. goto exit;
  2127. }
  2128. }
  2129. }
  2130. do {
  2131. session_id = resp->resp_type;
  2132. mutex_lock(&listener_access_lock);
  2133. list_ptr = __qseecom_find_svc(resp->data);
  2134. if (!list_ptr) {
  2135. pr_err("Invalid listener ID %d\n", resp->data);
  2136. ret = -ENODATA;
  2137. mutex_unlock(&listener_access_lock);
  2138. goto exit;
  2139. }
  2140. ptr_app->blocked_on_listener_id = resp->data;
  2141. pr_warn("Lsntr %d in_use %d, block session(%d) app(%d)\n",
  2142. resp->data, list_ptr->listener_in_use,
  2143. session_id, data->client.app_id);
  2144. /* sleep until listener is available */
  2145. sigfillset(&new_sigset);
  2146. do {
  2147. qseecom.app_block_ref_cnt++;
  2148. ptr_app->app_blocked = true;
  2149. mutex_unlock(&listener_access_lock);
  2150. mutex_unlock(&app_access_lock);
  2151. wait_event_interruptible(
  2152. list_ptr->listener_block_app_wq,
  2153. !list_ptr->listener_in_use);
  2154. mutex_lock(&app_access_lock);
  2155. mutex_lock(&listener_access_lock);
  2156. ptr_app->app_blocked = false;
  2157. qseecom.app_block_ref_cnt--;
  2158. } while (list_ptr->listener_in_use);
  2159. ptr_app->blocked_on_listener_id = 0;
  2160. pr_warn("Lsntr %d is available, unblock session(%d) app(%d)\n",
  2161. resp->data, session_id, data->client.app_id);
  2162. /* notify TZ that listener is available */
  2163. ireq.qsee_cmd_id = QSEOS_CONTINUE_BLOCKED_REQ_COMMAND;
  2164. if (qseecom.smcinvoke_support)
  2165. ireq.app_or_session_id = session_id;
  2166. else
  2167. ireq.app_or_session_id = data->client.app_id;
  2168. ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1,
  2169. &ireq, sizeof(ireq),
  2170. &continue_resp, sizeof(continue_resp));
  2171. if (ret && qseecom.smcinvoke_support) {
  2172. /* retry with legacy cmd */
  2173. pr_warn("falling back to legacy method\n");
  2174. qseecom.smcinvoke_support = false;
  2175. ireq.app_or_session_id = data->client.app_id;
  2176. ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1,
  2177. &ireq, sizeof(ireq),
  2178. &continue_resp, sizeof(continue_resp));
  2179. qseecom.smcinvoke_support = true;
  2180. if (ret) {
  2181. pr_err("unblock app %d or session %d fail\n",
  2182. data->client.app_id, session_id);
  2183. mutex_unlock(&listener_access_lock);
  2184. goto exit;
  2185. }
  2186. }
  2187. mutex_unlock(&listener_access_lock);
  2188. resp->result = continue_resp.result;
  2189. resp->resp_type = continue_resp.resp_type;
  2190. resp->data = continue_resp.data;
  2191. pr_err("unblock resp = %d\n", resp->result);
  2192. } while (resp->result == QSEOS_RESULT_BLOCKED_ON_LISTENER);
  2193. if (resp->result != QSEOS_RESULT_INCOMPLETE) {
  2194. pr_err("Unexpected unblock resp %d\n", resp->result);
  2195. ret = -EINVAL;
  2196. }
  2197. exit:
  2198. return ret;
  2199. }
  2200. static int __qseecom_reentrancy_process_incomplete_cmd(
  2201. struct qseecom_dev_handle *data,
  2202. struct qseecom_command_scm_resp *resp)
  2203. {
  2204. int ret = 0;
  2205. int rc = 0;
  2206. uint32_t lstnr;
  2207. struct qseecom_client_listener_data_irsp send_data_rsp = {0};
  2208. struct qseecom_client_listener_data_64bit_irsp send_data_rsp_64bit
  2209. = {0};
  2210. struct qseecom_registered_listener_list *ptr_svc = NULL;
  2211. sigset_t new_sigset;
  2212. uint32_t status;
  2213. void *cmd_buf = NULL;
  2214. size_t cmd_len;
  2215. struct sglist_info *table = NULL;
  2216. while (ret == 0 && resp->result == QSEOS_RESULT_INCOMPLETE) {
  2217. lstnr = resp->data;
  2218. /*
  2219. * Wake up blocking lsitener service with the lstnr id
  2220. */
  2221. mutex_lock(&listener_access_lock);
  2222. list_for_each_entry(ptr_svc,
  2223. &qseecom.registered_listener_list_head, list) {
  2224. if (ptr_svc->svc.listener_id == lstnr) {
  2225. ptr_svc->listener_in_use = true;
  2226. ptr_svc->rcv_req_flag = 1;
  2227. ret = qseecom_dmabuf_cache_operations(
  2228. ptr_svc->dmabuf,
  2229. QSEECOM_CACHE_INVALIDATE);
  2230. if (ret) {
  2231. rc = -EINVAL;
  2232. status = QSEOS_RESULT_FAILURE;
  2233. goto err_resp;
  2234. }
  2235. wake_up_interruptible(&ptr_svc->rcv_req_wq);
  2236. break;
  2237. }
  2238. }
  2239. if (ptr_svc == NULL) {
  2240. pr_err("Listener Svc %d does not exist\n", lstnr);
  2241. rc = -EINVAL;
  2242. status = QSEOS_RESULT_FAILURE;
  2243. goto err_resp;
  2244. }
  2245. if (!ptr_svc->dmabuf) {
  2246. pr_err("Client dmabuf is not initialized\n");
  2247. rc = -EINVAL;
  2248. status = QSEOS_RESULT_FAILURE;
  2249. goto err_resp;
  2250. }
  2251. if (ptr_svc->svc.listener_id != lstnr) {
  2252. pr_err("Service %d does not exist\n",
  2253. lstnr);
  2254. rc = -ERESTARTSYS;
  2255. ptr_svc = NULL;
  2256. table = NULL;
  2257. status = QSEOS_RESULT_FAILURE;
  2258. goto err_resp;
  2259. }
  2260. if (ptr_svc->abort == 1) {
  2261. pr_debug("Service %d abort %d\n",
  2262. lstnr, ptr_svc->abort);
  2263. rc = -ENODEV;
  2264. status = QSEOS_RESULT_FAILURE;
  2265. goto err_resp;
  2266. }
  2267. pr_debug("waking up rcv_req_wq and waiting for send_resp_wq\n");
  2268. /* initialize the new signal mask with all signals*/
  2269. sigfillset(&new_sigset);
  2270. /* block all signals */
  2271. /* unlock mutex btw waking listener and sleep-wait */
  2272. mutex_unlock(&listener_access_lock);
  2273. mutex_unlock(&app_access_lock);
  2274. do {
  2275. if (!wait_event_interruptible(qseecom.send_resp_wq,
  2276. __qseecom_reentrancy_listener_has_sent_rsp(
  2277. data, ptr_svc))) {
  2278. break;
  2279. }
  2280. } while (1);
  2281. /* lock mutex again after resp sent */
  2282. mutex_lock(&app_access_lock);
  2283. mutex_lock(&listener_access_lock);
  2284. ptr_svc->send_resp_flag = 0;
  2285. qseecom.send_resp_flag = 0;
  2286. /* restore signal mask */
  2287. if (data->abort || ptr_svc->abort) {
  2288. pr_err("Abort clnt %d waiting on lstnr svc %d, ret %d\n",
  2289. data->client.app_id, lstnr, ret);
  2290. rc = -ENODEV;
  2291. status = QSEOS_RESULT_FAILURE;
  2292. } else {
  2293. status = QSEOS_RESULT_SUCCESS;
  2294. }
  2295. err_resp:
  2296. if (ptr_svc)
  2297. table = ptr_svc->sglistinfo_ptr;
  2298. if (qseecom.qsee_version < QSEE_VERSION_40) {
  2299. send_data_rsp.listener_id = lstnr;
  2300. send_data_rsp.status = status;
  2301. if (table) {
  2302. send_data_rsp.sglistinfo_ptr =
  2303. (uint32_t)virt_to_phys(table);
  2304. send_data_rsp.sglistinfo_len =
  2305. SGLISTINFO_TABLE_SIZE;
  2306. qtee_shmbridge_flush_shm_buf(
  2307. &ptr_svc->sglistinfo_shm);
  2308. }
  2309. cmd_buf = (void *)&send_data_rsp;
  2310. cmd_len = sizeof(send_data_rsp);
  2311. } else {
  2312. send_data_rsp_64bit.listener_id = lstnr;
  2313. send_data_rsp_64bit.status = status;
  2314. if (table) {
  2315. send_data_rsp_64bit.sglistinfo_ptr =
  2316. virt_to_phys(table);
  2317. send_data_rsp_64bit.sglistinfo_len =
  2318. SGLISTINFO_TABLE_SIZE;
  2319. qtee_shmbridge_flush_shm_buf(
  2320. &ptr_svc->sglistinfo_shm);
  2321. }
  2322. cmd_buf = (void *)&send_data_rsp_64bit;
  2323. cmd_len = sizeof(send_data_rsp_64bit);
  2324. }
  2325. if (!qseecom.whitelist_support || table == NULL)
  2326. *(uint32_t *)cmd_buf = QSEOS_LISTENER_DATA_RSP_COMMAND;
  2327. else
  2328. *(uint32_t *)cmd_buf =
  2329. QSEOS_LISTENER_DATA_RSP_COMMAND_WHITELIST;
  2330. if (lstnr == RPMB_SERVICE) {
  2331. ret = __qseecom_enable_clk(CLK_QSEE);
  2332. if (ret)
  2333. goto exit;
  2334. }
  2335. if (ptr_svc) {
  2336. ret = qseecom_dmabuf_cache_operations(ptr_svc->dmabuf,
  2337. QSEECOM_CACHE_CLEAN);
  2338. if (ret)
  2339. goto exit;
  2340. ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1,
  2341. cmd_buf, cmd_len, resp, sizeof(*resp));
  2342. ptr_svc->listener_in_use = false;
  2343. __qseecom_clean_listener_sglistinfo(ptr_svc);
  2344. wake_up_interruptible(&ptr_svc->listener_block_app_wq);
  2345. if (ret) {
  2346. pr_err("scm_call() failed with err: %d (app_id = %d)\n",
  2347. ret, data->client.app_id);
  2348. goto exit;
  2349. }
  2350. } else {
  2351. ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1,
  2352. cmd_buf, cmd_len, resp, sizeof(*resp));
  2353. if (ret) {
  2354. pr_err("scm_call() failed with err: %d (app_id = %d)\n",
  2355. ret, data->client.app_id);
  2356. goto exit;
  2357. }
  2358. }
  2359. switch (resp->result) {
  2360. case QSEOS_RESULT_BLOCKED_ON_LISTENER:
  2361. pr_warn("send lsr %d rsp, but app %d block on lsr %d\n",
  2362. lstnr, data->client.app_id, resp->data);
  2363. if (lstnr == resp->data) {
  2364. pr_err("lstnr %d should not be blocked!\n",
  2365. lstnr);
  2366. ret = -EINVAL;
  2367. goto exit;
  2368. }
  2369. mutex_unlock(&listener_access_lock);
  2370. ret = __qseecom_process_reentrancy_blocked_on_listener(
  2371. resp, NULL, data);
  2372. mutex_lock(&listener_access_lock);
  2373. if (ret) {
  2374. pr_err("failed to process App(%d) %s blocked on listener %d\n",
  2375. data->client.app_id,
  2376. data->client.app_name, resp->data);
  2377. goto exit;
  2378. }
  2379. fallthrough;
  2380. case QSEOS_RESULT_SUCCESS:
  2381. break;
  2382. case QSEOS_RESULT_INCOMPLETE:
  2383. break;
  2384. case QSEOS_RESULT_CBACK_REQUEST:
  2385. pr_warn("get cback req app_id = %d, resp->data = %d\n",
  2386. data->client.app_id, resp->data);
  2387. resp->resp_type = SMCINVOKE_RESULT_INBOUND_REQ_NEEDED;
  2388. break;
  2389. default:
  2390. pr_err("fail:resp res= %d,app_id = %d,lstr = %d\n",
  2391. resp->result, data->client.app_id, lstnr);
  2392. ret = -EINVAL;
  2393. goto exit;
  2394. }
  2395. exit:
  2396. mutex_unlock(&listener_access_lock);
  2397. if (lstnr == RPMB_SERVICE)
  2398. __qseecom_disable_clk(CLK_QSEE);
  2399. }
  2400. if (rc)
  2401. return rc;
  2402. return ret;
  2403. }
  2404. /*
  2405. * QSEE doesn't support OS level cmds reentrancy until RE phase-3,
  2406. * and QSEE OS level scm_call cmds will fail if there is any blocked TZ app.
  2407. * So, needs to first check if no app blocked before sending OS level scm call,
  2408. * then wait until all apps are unblocked.
  2409. */
  2410. static void __qseecom_reentrancy_check_if_no_app_blocked(uint32_t smc_id)
  2411. {
  2412. if (qseecom.qsee_reentrancy_support > QSEE_REENTRANCY_PHASE_0 &&
  2413. qseecom.qsee_reentrancy_support < QSEE_REENTRANCY_PHASE_3 &&
  2414. IS_OWNER_TRUSTED_OS(TZ_SYSCALL_OWNER_ID(smc_id))) {
  2415. /* thread sleep until this app unblocked */
  2416. while (qseecom.app_block_ref_cnt > 0) {
  2417. mutex_unlock(&app_access_lock);
  2418. wait_event_interruptible(qseecom.app_block_wq,
  2419. (!qseecom.app_block_ref_cnt));
  2420. mutex_lock(&app_access_lock);
  2421. }
  2422. }
  2423. }
  2424. /*
  2425. * scm_call of send data will fail if this TA is blocked or there are more
  2426. * than one TA requesting listener services; So, first check to see if need
  2427. * to wait.
  2428. */
  2429. static void __qseecom_reentrancy_check_if_this_app_blocked(
  2430. struct qseecom_registered_app_list *ptr_app)
  2431. {
  2432. if (qseecom.qsee_reentrancy_support) {
  2433. ptr_app->check_block++;
  2434. while (ptr_app->app_blocked || qseecom.app_block_ref_cnt > 1) {
  2435. /* thread sleep until this app unblocked */
  2436. mutex_unlock(&app_access_lock);
  2437. wait_event_interruptible(qseecom.app_block_wq,
  2438. (!ptr_app->app_blocked &&
  2439. qseecom.app_block_ref_cnt <= 1));
  2440. mutex_lock(&app_access_lock);
  2441. }
  2442. ptr_app->check_block--;
  2443. }
  2444. }
  2445. static int __qseecom_check_app_exists(struct qseecom_check_app_ireq req,
  2446. uint32_t *app_id)
  2447. {
  2448. int32_t ret;
  2449. struct qseecom_command_scm_resp resp;
  2450. bool found_app = false;
  2451. struct qseecom_registered_app_list *entry = NULL;
  2452. unsigned long flags = 0;
  2453. if (!app_id) {
  2454. pr_err("Null pointer to app_id\n");
  2455. return -EINVAL;
  2456. }
  2457. *app_id = 0;
  2458. /* check if app exists and has been registered locally */
  2459. spin_lock_irqsave(&qseecom.registered_app_list_lock, flags);
  2460. list_for_each_entry(entry,
  2461. &qseecom.registered_app_list_head, list) {
  2462. if (!strcmp(entry->app_name, req.app_name)) {
  2463. found_app = true;
  2464. break;
  2465. }
  2466. }
  2467. spin_unlock_irqrestore(&qseecom.registered_app_list_lock, flags);
  2468. if (found_app) {
  2469. pr_debug("Found app with id %d\n", entry->app_id);
  2470. *app_id = entry->app_id;
  2471. return 0;
  2472. }
  2473. memset((void *)&resp, 0, sizeof(resp));
  2474. /* SCM_CALL to check if app_id for the mentioned app exists */
  2475. ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1, &req,
  2476. sizeof(struct qseecom_check_app_ireq),
  2477. &resp, sizeof(resp));
  2478. if (ret) {
  2479. pr_err("scm_call to check if app is already loaded failed\n");
  2480. return -EINVAL;
  2481. }
  2482. if (resp.result == QSEOS_RESULT_FAILURE)
  2483. return 0;
  2484. switch (resp.resp_type) {
  2485. /*qsee returned listener type response */
  2486. case QSEOS_LISTENER_ID:
  2487. pr_err("resp type is of listener type instead of app\n");
  2488. return -EINVAL;
  2489. case QSEOS_APP_ID:
  2490. *app_id = resp.data;
  2491. return 0;
  2492. default:
  2493. pr_err("invalid resp type (%d) from qsee\n",
  2494. resp.resp_type);
  2495. return -ENODEV;
  2496. }
  2497. }
  2498. static int qseecom_load_app(struct qseecom_dev_handle *data, void __user *argp)
  2499. {
  2500. struct qseecom_registered_app_list *entry = NULL;
  2501. unsigned long flags = 0;
  2502. u32 app_id = 0;
  2503. struct qseecom_load_img_req load_img_req;
  2504. int32_t ret = 0;
  2505. phys_addr_t pa = 0;
  2506. void *vaddr = NULL;
  2507. struct dma_buf_attachment *attach = NULL;
  2508. struct dma_buf *dmabuf = NULL;
  2509. struct sg_table *sgt = NULL;
  2510. size_t len;
  2511. struct qseecom_command_scm_resp resp;
  2512. struct qseecom_check_app_ireq req;
  2513. struct qseecom_load_app_ireq load_req;
  2514. struct qseecom_load_app_64bit_ireq load_req_64bit;
  2515. void *cmd_buf = NULL;
  2516. size_t cmd_len;
  2517. bool first_time = false;
  2518. /* Copy the relevant information needed for loading the image */
  2519. if (copy_from_user(&load_img_req,
  2520. (void __user *)argp,
  2521. sizeof(struct qseecom_load_img_req))) {
  2522. pr_err("copy_from_user failed\n");
  2523. return -EFAULT;
  2524. }
  2525. /* Check and load cmnlib */
  2526. if (qseecom.qsee_version > QSEEE_VERSION_00) {
  2527. if (!(qseecom.commonlib_loaded ||
  2528. qseecom.commonlib_loaded_by_hostvm) &&
  2529. load_img_req.app_arch == ELFCLASS32) {
  2530. ret = qseecom_load_commonlib_image(data, "cmnlib");
  2531. if (ret) {
  2532. pr_err("failed to load cmnlib\n");
  2533. return -EIO;
  2534. }
  2535. qseecom.commonlib_loaded = true;
  2536. pr_debug("cmnlib is loaded\n");
  2537. }
  2538. if (!(qseecom.commonlib64_loaded ||
  2539. qseecom.commonlib_loaded_by_hostvm) &&
  2540. load_img_req.app_arch == ELFCLASS64) {
  2541. ret = qseecom_load_commonlib_image(data, "cmnlib64");
  2542. if (ret) {
  2543. pr_err("failed to load cmnlib64\n");
  2544. return -EIO;
  2545. }
  2546. qseecom.commonlib64_loaded = true;
  2547. pr_debug("cmnlib64 is loaded\n");
  2548. }
  2549. }
  2550. if (qseecom.support_bus_scaling) {
  2551. mutex_lock(&qsee_bw_mutex);
  2552. ret = __qseecom_register_bus_bandwidth_needs(data, MEDIUM);
  2553. mutex_unlock(&qsee_bw_mutex);
  2554. if (ret)
  2555. return ret;
  2556. }
  2557. /* Vote for the SFPB clock */
  2558. ret = __qseecom_enable_clk_scale_up(data);
  2559. if (ret)
  2560. goto enable_clk_err;
  2561. req.qsee_cmd_id = QSEOS_APP_LOOKUP_COMMAND;
  2562. load_img_req.img_name[MAX_APP_NAME_SIZE-1] = '\0';
  2563. strlcpy(req.app_name, load_img_req.img_name, MAX_APP_NAME_SIZE);
  2564. ret = __qseecom_check_app_exists(req, &app_id);
  2565. if (ret < 0)
  2566. goto checkapp_err;
  2567. if (app_id) {
  2568. pr_debug("App id %d (%s) already exists\n", app_id,
  2569. (char *)(req.app_name));
  2570. spin_lock_irqsave(&qseecom.registered_app_list_lock, flags);
  2571. list_for_each_entry(entry,
  2572. &qseecom.registered_app_list_head, list){
  2573. if (entry->app_id == app_id) {
  2574. if (entry->ref_cnt == U32_MAX) {
  2575. pr_err("App %d (%s) ref_cnt overflow\n",
  2576. app_id, req.app_name);
  2577. ret = -EINVAL;
  2578. goto loadapp_err;
  2579. }
  2580. entry->ref_cnt++;
  2581. break;
  2582. }
  2583. }
  2584. spin_unlock_irqrestore(
  2585. &qseecom.registered_app_list_lock, flags);
  2586. ret = 0;
  2587. } else {
  2588. first_time = true;
  2589. pr_warn("App (%s) does'nt exist, loading apps for first time\n",
  2590. (char *)(load_img_req.img_name));
  2591. ret = qseecom_vaddr_map(load_img_req.ifd_data_fd,
  2592. &pa, &vaddr, &sgt, &attach, &len, &dmabuf);
  2593. if (ret) {
  2594. pr_err("Ion client could not retrieve the handle\n");
  2595. ret = -ENOMEM;
  2596. goto loadapp_err;
  2597. }
  2598. if (load_img_req.mdt_len > len || load_img_req.img_len > len) {
  2599. pr_err("ion len %zu is smaller than mdt_len %u or img_len %u\n",
  2600. len, load_img_req.mdt_len,
  2601. load_img_req.img_len);
  2602. ret = -EINVAL;
  2603. goto loadapp_err;
  2604. }
  2605. /* Populate the structure for sending scm call to load image */
  2606. if (qseecom.qsee_version < QSEE_VERSION_40) {
  2607. load_req.qsee_cmd_id = QSEOS_APP_START_COMMAND;
  2608. load_req.mdt_len = load_img_req.mdt_len;
  2609. load_req.img_len = load_img_req.img_len;
  2610. strlcpy(load_req.app_name, load_img_req.img_name,
  2611. MAX_APP_NAME_SIZE);
  2612. load_req.phy_addr = (uint32_t)pa;
  2613. cmd_buf = (void *)&load_req;
  2614. cmd_len = sizeof(struct qseecom_load_app_ireq);
  2615. } else {
  2616. load_req_64bit.qsee_cmd_id = QSEOS_APP_START_COMMAND;
  2617. load_req_64bit.mdt_len = load_img_req.mdt_len;
  2618. load_req_64bit.img_len = load_img_req.img_len;
  2619. strlcpy(load_req_64bit.app_name, load_img_req.img_name,
  2620. MAX_APP_NAME_SIZE);
  2621. load_req_64bit.phy_addr = (uint64_t)pa;
  2622. cmd_buf = (void *)&load_req_64bit;
  2623. cmd_len = sizeof(struct qseecom_load_app_64bit_ireq);
  2624. }
  2625. ret = qseecom_dmabuf_cache_operations(dmabuf,
  2626. QSEECOM_CACHE_CLEAN);
  2627. if (ret) {
  2628. pr_err("cache operation failed %d\n", ret);
  2629. goto loadapp_err;
  2630. }
  2631. /* SCM_CALL to load the app and get the app_id back */
  2632. ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1, cmd_buf,
  2633. cmd_len, &resp, sizeof(resp));
  2634. if (ret) {
  2635. pr_err("scm_call to load app failed\n");
  2636. ret = -EINVAL;
  2637. goto loadapp_err;
  2638. }
  2639. ret = qseecom_dmabuf_cache_operations(dmabuf,
  2640. QSEECOM_CACHE_INVALIDATE);
  2641. if (ret) {
  2642. pr_err("cache operation failed %d\n", ret);
  2643. goto loadapp_err;
  2644. }
  2645. do {
  2646. if (resp.result == QSEOS_RESULT_FAILURE) {
  2647. pr_err("scm_call rsp.result is QSEOS_RESULT_FAILURE\n");
  2648. ret = -EFAULT;
  2649. goto loadapp_err;
  2650. }
  2651. if (resp.result == QSEOS_RESULT_INCOMPLETE) {
  2652. ret = __qseecom_process_incomplete_cmd(data, &resp);
  2653. if (ret) {
  2654. /* TZ has created app_id, need to unload it */
  2655. pr_err("incomp_cmd err %d, %d, unload %d %s\n",
  2656. ret, resp.result, resp.data,
  2657. load_img_req.img_name);
  2658. __qseecom_unload_app(data, resp.data);
  2659. ret = -EFAULT;
  2660. goto loadapp_err;
  2661. }
  2662. }
  2663. if (resp.result == QSEOS_RESULT_BLOCKED_ON_LISTENER) {
  2664. pr_err("load app blocked on listener\n");
  2665. data->client.app_id = resp.result;
  2666. data->client.from_loadapp = true;
  2667. ret = __qseecom_process_reentrancy_blocked_on_listener(&resp,
  2668. NULL, data);
  2669. if (ret) {
  2670. pr_err("load app fail proc block on listener,ret :%d\n",
  2671. ret);
  2672. ret = -EFAULT;
  2673. goto loadapp_err;
  2674. }
  2675. }
  2676. } while ((resp.result == QSEOS_RESULT_BLOCKED_ON_LISTENER) ||
  2677. (resp.result == QSEOS_RESULT_INCOMPLETE));
  2678. if (resp.result != QSEOS_RESULT_SUCCESS) {
  2679. pr_err("scm_call failed resp.result unknown, %d\n",
  2680. resp.result);
  2681. ret = -EFAULT;
  2682. goto loadapp_err;
  2683. }
  2684. app_id = resp.data;
  2685. entry = kmalloc(sizeof(*entry), GFP_KERNEL);
  2686. if (!entry) {
  2687. ret = -ENOMEM;
  2688. goto loadapp_err;
  2689. }
  2690. entry->app_id = app_id;
  2691. entry->ref_cnt = 1;
  2692. entry->app_arch = load_img_req.app_arch;
  2693. /*
  2694. * keymaster app may be first loaded as "keymaste" by qseecomd,
  2695. * and then used as "keymaster" on some targets. To avoid app
  2696. * name checking error, register "keymaster" into app_list and
  2697. * thread private data.
  2698. */
  2699. if (!strcmp(load_img_req.img_name, "keymaste"))
  2700. strlcpy(entry->app_name, "keymaster",
  2701. MAX_APP_NAME_SIZE);
  2702. else
  2703. strlcpy(entry->app_name, load_img_req.img_name,
  2704. MAX_APP_NAME_SIZE);
  2705. entry->app_blocked = false;
  2706. entry->blocked_on_listener_id = 0;
  2707. entry->check_block = 0;
  2708. spin_lock_irqsave(&qseecom.registered_app_list_lock, flags);
  2709. list_add_tail(&entry->list, &qseecom.registered_app_list_head);
  2710. spin_unlock_irqrestore(&qseecom.registered_app_list_lock,
  2711. flags);
  2712. pr_warn("App with id %u (%s) now loaded\n", app_id,
  2713. (char *)(load_img_req.img_name));
  2714. }
  2715. data->client.app_id = app_id;
  2716. data->client.app_arch = load_img_req.app_arch;
  2717. if (!strcmp(load_img_req.img_name, "keymaste"))
  2718. strlcpy(data->client.app_name, "keymaster", MAX_APP_NAME_SIZE);
  2719. else
  2720. strlcpy(data->client.app_name, load_img_req.img_name,
  2721. MAX_APP_NAME_SIZE);
  2722. load_img_req.app_id = app_id;
  2723. if (copy_to_user(argp, &load_img_req, sizeof(load_img_req))) {
  2724. pr_err("copy_to_user failed\n");
  2725. ret = -EFAULT;
  2726. if (first_time) {
  2727. spin_lock_irqsave(
  2728. &qseecom.registered_app_list_lock, flags);
  2729. list_del(&entry->list);
  2730. spin_unlock_irqrestore(
  2731. &qseecom.registered_app_list_lock, flags);
  2732. kfree_sensitive(entry);
  2733. }
  2734. }
  2735. loadapp_err:
  2736. if (dmabuf) {
  2737. qseecom_vaddr_unmap(vaddr, sgt, attach, dmabuf);
  2738. MAKE_NULL(sgt, attach, dmabuf);
  2739. }
  2740. checkapp_err:
  2741. __qseecom_disable_clk_scale_down(data);
  2742. enable_clk_err:
  2743. if (qseecom.support_bus_scaling) {
  2744. mutex_lock(&qsee_bw_mutex);
  2745. qseecom_unregister_bus_bandwidth_needs(data);
  2746. mutex_unlock(&qsee_bw_mutex);
  2747. }
  2748. return ret;
  2749. }
  2750. static int __qseecom_cleanup_app(struct qseecom_dev_handle *data)
  2751. {
  2752. int ret = 0; /* Set unload app */
  2753. wake_up_all(&qseecom.send_resp_wq);
  2754. if (qseecom.qsee_reentrancy_support)
  2755. mutex_unlock(&app_access_lock);
  2756. while (atomic_read(&data->ioctl_count) > 1) {
  2757. if (wait_event_interruptible(data->abort_wq,
  2758. atomic_read(&data->ioctl_count) <= 1)) {
  2759. pr_err("Interrupted from abort\n");
  2760. ret = -ERESTARTSYS;
  2761. break;
  2762. }
  2763. }
  2764. if (qseecom.qsee_reentrancy_support)
  2765. mutex_lock(&app_access_lock);
  2766. return ret;
  2767. }
  2768. static int __qseecom_unload_app(struct qseecom_dev_handle *data,
  2769. uint32_t app_id)
  2770. {
  2771. struct qseecom_unload_app_ireq req;
  2772. struct qseecom_command_scm_resp resp;
  2773. int ret = 0;
  2774. /* Populate the structure for sending scm call to load image */
  2775. req.qsee_cmd_id = QSEOS_APP_SHUTDOWN_COMMAND;
  2776. req.app_id = app_id;
  2777. /* SCM_CALL to unload the app */
  2778. ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1, &req,
  2779. sizeof(struct qseecom_unload_app_ireq),
  2780. &resp, sizeof(resp));
  2781. if (ret) {
  2782. pr_err("scm_call to unload app (id = %d) failed ret: %d\n",
  2783. app_id, ret);
  2784. return ret;
  2785. }
  2786. do {
  2787. switch (resp.result) {
  2788. case QSEOS_RESULT_SUCCESS:
  2789. pr_warn("App (%d) is unloaded\n", app_id);
  2790. break;
  2791. case QSEOS_RESULT_INCOMPLETE:
  2792. ret = __qseecom_process_incomplete_cmd(data, &resp);
  2793. if (ret)
  2794. pr_err("unload app %d fail proc incom cmd: %d,%d,%d\n",
  2795. app_id, ret, resp.result, resp.data);
  2796. else
  2797. pr_warn("App (%d) is unloaded\n", app_id);
  2798. break;
  2799. case QSEOS_RESULT_FAILURE:
  2800. pr_err("app (%d) unload_failed!!\n", app_id);
  2801. ret = -EFAULT;
  2802. break;
  2803. case QSEOS_RESULT_BLOCKED_ON_LISTENER:
  2804. pr_err("unload app (%d) blocked on listener\n", app_id);
  2805. ret = __qseecom_process_reentrancy_blocked_on_listener(&resp, NULL, data);
  2806. if (ret) {
  2807. pr_err("unload app fail proc block on listener cmd,ret :%d\n",
  2808. ret);
  2809. ret = -EFAULT;
  2810. }
  2811. break;
  2812. default:
  2813. pr_err("unload app %d get unknown resp.result %d\n",
  2814. app_id, resp.result);
  2815. ret = -EFAULT;
  2816. break;
  2817. }
  2818. } while ((resp.result == QSEOS_RESULT_INCOMPLETE) ||
  2819. (resp.result == QSEOS_RESULT_BLOCKED_ON_LISTENER));
  2820. return ret;
  2821. }
  2822. static int qseecom_unload_app(struct qseecom_dev_handle *data,
  2823. bool app_crash)
  2824. {
  2825. unsigned long flags;
  2826. int ret = 0;
  2827. struct qseecom_registered_app_list *ptr_app = NULL;
  2828. bool found_app = false;
  2829. if (!data) {
  2830. pr_err("Invalid/uninitialized device handle\n");
  2831. return -EINVAL;
  2832. }
  2833. pr_debug("unload app %d(%s), app_crash flag %d\n", data->client.app_id,
  2834. data->client.app_name, app_crash);
  2835. if (!memcmp(data->client.app_name, "keymaste", strlen("keymaste"))) {
  2836. pr_debug("Do not unload keymaster app from tz\n");
  2837. goto unload_exit;
  2838. }
  2839. ret = __qseecom_cleanup_app(data);
  2840. if (ret && !app_crash) {
  2841. pr_err("cleanup app failed, pending ioctl:%d\n", data->ioctl_count.counter);
  2842. return ret;
  2843. }
  2844. __qseecom_reentrancy_check_if_no_app_blocked(TZ_OS_APP_SHUTDOWN_ID);
  2845. /* ignore app_id 0, it happens when close qseecom_fd if load app fail*/
  2846. if (!data->client.app_id)
  2847. goto unload_exit;
  2848. spin_lock_irqsave(&qseecom.registered_app_list_lock, flags);
  2849. list_for_each_entry(ptr_app, &qseecom.registered_app_list_head,
  2850. list) {
  2851. if ((ptr_app->app_id == data->client.app_id) &&
  2852. (!strcmp(ptr_app->app_name, data->client.app_name))) {
  2853. pr_debug("unload app %d (%s), ref_cnt %d\n",
  2854. ptr_app->app_id, ptr_app->app_name,
  2855. ptr_app->ref_cnt);
  2856. ptr_app->ref_cnt--;
  2857. found_app = true;
  2858. break;
  2859. }
  2860. }
  2861. spin_unlock_irqrestore(&qseecom.registered_app_list_lock,
  2862. flags);
  2863. if (!found_app) {
  2864. pr_err("Cannot find app with id = %d (%s)\n",
  2865. data->client.app_id, data->client.app_name);
  2866. ret = -EINVAL;
  2867. goto unload_exit;
  2868. }
  2869. if (!ptr_app->ref_cnt) {
  2870. ret = __qseecom_unload_app(data, data->client.app_id);
  2871. if (ret == -EBUSY) {
  2872. /*
  2873. * If unload failed due to EBUSY, don't free mem
  2874. * just restore app ref_cnt and return -EBUSY
  2875. */
  2876. pr_warn("unload ta %d(%s) EBUSY\n",
  2877. data->client.app_id, data->client.app_name);
  2878. ptr_app->ref_cnt++;
  2879. return ret;
  2880. }
  2881. spin_lock_irqsave(&qseecom.registered_app_list_lock, flags);
  2882. list_del(&ptr_app->list);
  2883. spin_unlock_irqrestore(&qseecom.registered_app_list_lock,
  2884. flags);
  2885. kfree_sensitive(ptr_app);
  2886. }
  2887. unload_exit:
  2888. if (data->client.dmabuf) {
  2889. qseecom_vaddr_unmap(data->client.sb_virt, data->client.sgt,
  2890. data->client.attach, data->client.dmabuf);
  2891. MAKE_NULL(data->client.sgt,
  2892. data->client.attach, data->client.dmabuf);
  2893. }
  2894. data->released = true;
  2895. return ret;
  2896. }
  2897. static int qseecom_prepare_unload_app(struct qseecom_dev_handle *data)
  2898. {
  2899. struct qseecom_unload_app_pending_list *entry = NULL;
  2900. pr_debug("prepare to unload app(%d)(%s), pending %d\n",
  2901. data->client.app_id, data->client.app_name,
  2902. data->client.unload_pending);
  2903. if (data->client.unload_pending)
  2904. return 0;
  2905. entry = kzalloc(sizeof(*entry), GFP_KERNEL);
  2906. if (!entry)
  2907. return -ENOMEM;
  2908. entry->data = data;
  2909. list_add_tail(&entry->list,
  2910. &qseecom.unload_app_pending_list_head);
  2911. data->client.unload_pending = true;
  2912. pr_debug("unload ta %d pending\n", data->client.app_id);
  2913. return 0;
  2914. }
  2915. static void __wakeup_unload_app_kthread(void)
  2916. {
  2917. atomic_set(&qseecom.unload_app_kthread_state,
  2918. UNLOAD_APP_KT_WAKEUP);
  2919. wake_up_interruptible(&qseecom.unload_app_kthread_wq);
  2920. }
  2921. static bool __qseecom_find_pending_unload_app(uint32_t app_id, char *app_name)
  2922. {
  2923. struct qseecom_unload_app_pending_list *entry = NULL;
  2924. bool found = false;
  2925. mutex_lock(&unload_app_pending_list_lock);
  2926. list_for_each_entry(entry, &qseecom.unload_app_pending_list_head,
  2927. list) {
  2928. if ((entry->data->client.app_id == app_id) &&
  2929. (!strcmp(entry->data->client.app_name, app_name))) {
  2930. found = true;
  2931. break;
  2932. }
  2933. }
  2934. mutex_unlock(&unload_app_pending_list_lock);
  2935. return found;
  2936. }
  2937. static void __qseecom_processing_pending_unload_app(void)
  2938. {
  2939. struct qseecom_unload_app_pending_list *entry = NULL;
  2940. struct list_head *pos;
  2941. int ret = 0;
  2942. mutex_lock(&unload_app_pending_list_lock);
  2943. while (!list_empty(&qseecom.unload_app_pending_list_head)) {
  2944. pos = qseecom.unload_app_pending_list_head.next;
  2945. entry = list_entry(pos,
  2946. struct qseecom_unload_app_pending_list, list);
  2947. if (entry && entry->data) {
  2948. pr_debug("process pending unload app %d (%s)\n",
  2949. entry->data->client.app_id,
  2950. entry->data->client.app_name);
  2951. mutex_unlock(&unload_app_pending_list_lock);
  2952. mutex_lock(&app_access_lock);
  2953. ret = qseecom_unload_app(entry->data, true);
  2954. if (ret)
  2955. pr_err("unload app %d pending failed %d\n",
  2956. entry->data->client.app_id, ret);
  2957. mutex_unlock(&app_access_lock);
  2958. mutex_lock(&unload_app_pending_list_lock);
  2959. __qseecom_free_tzbuf(&entry->data->sglistinfo_shm);
  2960. kfree_sensitive(entry->data);
  2961. }
  2962. list_del(pos);
  2963. kfree_sensitive(entry);
  2964. }
  2965. mutex_unlock(&unload_app_pending_list_lock);
  2966. }
  2967. static int __qseecom_unload_app_kthread_func(void *data)
  2968. {
  2969. while (!kthread_should_stop()) {
  2970. wait_event_interruptible(
  2971. qseecom.unload_app_kthread_wq,
  2972. atomic_read(&qseecom.unload_app_kthread_state)
  2973. == UNLOAD_APP_KT_WAKEUP);
  2974. pr_debug("kthread to unload app is called, state %d\n",
  2975. atomic_read(&qseecom.unload_app_kthread_state));
  2976. __qseecom_processing_pending_unload_app();
  2977. atomic_set(&qseecom.unload_app_kthread_state,
  2978. UNLOAD_APP_KT_SLEEP);
  2979. }
  2980. pr_warn("kthread to unload app stopped\n");
  2981. return 0;
  2982. }
  2983. static phys_addr_t __qseecom_uvirt_to_kphys(struct qseecom_dev_handle *data,
  2984. unsigned long virt)
  2985. {
  2986. return data->client.sb_phys + (virt - data->client.user_virt_sb_base);
  2987. }
  2988. static uintptr_t __qseecom_uvirt_to_kvirt(struct qseecom_dev_handle *data,
  2989. unsigned long virt)
  2990. {
  2991. return (uintptr_t)data->client.sb_virt +
  2992. (virt - data->client.user_virt_sb_base);
  2993. }
  2994. static int __qseecom_process_rpmb_svc_cmd(struct qseecom_dev_handle *data_ptr,
  2995. struct qseecom_send_svc_cmd_req *req_ptr,
  2996. struct qseecom_client_send_service_ireq *send_svc_ireq_ptr)
  2997. {
  2998. int ret = 0;
  2999. void *req_buf = NULL;
  3000. if ((req_ptr == NULL) || (send_svc_ireq_ptr == NULL)) {
  3001. pr_err("Error with pointer: req_ptr = %pK, send_svc_ptr = %pK\n",
  3002. req_ptr, send_svc_ireq_ptr);
  3003. return -EINVAL;
  3004. }
  3005. /* Clients need to ensure req_buf is at base offset of shared buffer */
  3006. if ((uintptr_t)req_ptr->cmd_req_buf !=
  3007. data_ptr->client.user_virt_sb_base) {
  3008. pr_err("cmd buf not pointing to base offset of shared buffer\n");
  3009. return -EINVAL;
  3010. }
  3011. if (data_ptr->client.sb_length <
  3012. sizeof(struct qseecom_rpmb_provision_key)) {
  3013. pr_err("shared buffer is too small to hold key type\n");
  3014. return -EINVAL;
  3015. }
  3016. req_buf = data_ptr->client.sb_virt;
  3017. send_svc_ireq_ptr->qsee_cmd_id = req_ptr->cmd_id;
  3018. send_svc_ireq_ptr->key_type =
  3019. ((struct qseecom_rpmb_provision_key *)req_buf)->key_type;
  3020. send_svc_ireq_ptr->req_len = req_ptr->cmd_req_len;
  3021. send_svc_ireq_ptr->rsp_ptr = (uint32_t)(__qseecom_uvirt_to_kphys(
  3022. data_ptr, (uintptr_t)req_ptr->resp_buf));
  3023. send_svc_ireq_ptr->rsp_len = req_ptr->resp_len;
  3024. return ret;
  3025. }
  3026. static int __qseecom_process_fsm_key_svc_cmd(
  3027. struct qseecom_dev_handle *data_ptr,
  3028. struct qseecom_send_svc_cmd_req *req_ptr,
  3029. struct qseecom_client_send_fsm_diag_req *send_svc_ireq_ptr)
  3030. {
  3031. int ret = 0;
  3032. uint32_t reqd_len_sb_in = 0;
  3033. if ((req_ptr == NULL) || (send_svc_ireq_ptr == NULL)) {
  3034. pr_err("Error with pointer: req_ptr = %pK, send_svc_ptr = %pK\n",
  3035. req_ptr, send_svc_ireq_ptr);
  3036. return -EINVAL;
  3037. }
  3038. reqd_len_sb_in = req_ptr->cmd_req_len + req_ptr->resp_len;
  3039. if (reqd_len_sb_in > data_ptr->client.sb_length) {
  3040. pr_err("Not enough memory to fit cmd_buf and resp_buf.\n");
  3041. pr_err("Required: %u, Available: %zu\n",
  3042. reqd_len_sb_in, data_ptr->client.sb_length);
  3043. return -ENOMEM;
  3044. }
  3045. send_svc_ireq_ptr->qsee_cmd_id = req_ptr->cmd_id;
  3046. send_svc_ireq_ptr->req_len = req_ptr->cmd_req_len;
  3047. send_svc_ireq_ptr->rsp_ptr = (uint32_t)(__qseecom_uvirt_to_kphys(
  3048. data_ptr, (uintptr_t)req_ptr->resp_buf));
  3049. send_svc_ireq_ptr->rsp_len = req_ptr->resp_len;
  3050. send_svc_ireq_ptr->req_ptr = (uint32_t)(__qseecom_uvirt_to_kphys(
  3051. data_ptr, (uintptr_t)req_ptr->cmd_req_buf));
  3052. return ret;
  3053. }
  3054. static int __validate_send_service_cmd_inputs(struct qseecom_dev_handle *data,
  3055. struct qseecom_send_svc_cmd_req *req)
  3056. {
  3057. if (!req || !req->resp_buf || !req->cmd_req_buf) {
  3058. pr_err("req or cmd buffer or response buffer is null\n");
  3059. return -EINVAL;
  3060. }
  3061. if (!data || !data->client.sb_virt) {
  3062. pr_err("Client or client buf is not initialized\n");
  3063. return -EINVAL;
  3064. }
  3065. if (data->client.sb_virt == NULL) {
  3066. pr_err("sb_virt null\n");
  3067. return -EINVAL;
  3068. }
  3069. if (data->client.user_virt_sb_base == 0) {
  3070. pr_err("user_virt_sb_base is null\n");
  3071. return -EINVAL;
  3072. }
  3073. if (data->client.sb_length == 0) {
  3074. pr_err("sb_length is 0\n");
  3075. return -EINVAL;
  3076. }
  3077. if (((uintptr_t)req->cmd_req_buf <
  3078. data->client.user_virt_sb_base) ||
  3079. ((uintptr_t)req->cmd_req_buf >=
  3080. (data->client.user_virt_sb_base + data->client.sb_length))) {
  3081. pr_err("cmd buffer address not within shared bufffer\n");
  3082. return -EINVAL;
  3083. }
  3084. if (((uintptr_t)req->resp_buf <
  3085. data->client.user_virt_sb_base) ||
  3086. ((uintptr_t)req->resp_buf >=
  3087. (data->client.user_virt_sb_base + data->client.sb_length))) {
  3088. pr_err("response buffer address not within shared bufffer\n");
  3089. return -EINVAL;
  3090. }
  3091. if ((req->cmd_req_len == 0) || (req->resp_len == 0) ||
  3092. (req->cmd_req_len > data->client.sb_length) ||
  3093. (req->resp_len > data->client.sb_length)) {
  3094. pr_err("cmd buf length or response buf length not valid\n");
  3095. return -EINVAL;
  3096. }
  3097. if (req->cmd_req_len > UINT_MAX - req->resp_len) {
  3098. pr_err("Integer overflow detected in req_len & rsp_len\n");
  3099. return -EINVAL;
  3100. }
  3101. if ((req->cmd_req_len + req->resp_len) > data->client.sb_length) {
  3102. pr_debug("Not enough memory to fit cmd_buf.\n");
  3103. pr_debug("resp_buf. Required: %u, Available: %zu\n",
  3104. (req->cmd_req_len + req->resp_len),
  3105. data->client.sb_length);
  3106. return -ENOMEM;
  3107. }
  3108. if ((uintptr_t)req->cmd_req_buf > (ULONG_MAX - req->cmd_req_len)) {
  3109. pr_err("Integer overflow in req_len & cmd_req_buf\n");
  3110. return -EINVAL;
  3111. }
  3112. if ((uintptr_t)req->resp_buf > (ULONG_MAX - req->resp_len)) {
  3113. pr_err("Integer overflow in resp_len & resp_buf\n");
  3114. return -EINVAL;
  3115. }
  3116. if (data->client.user_virt_sb_base >
  3117. (ULONG_MAX - data->client.sb_length)) {
  3118. pr_err("Integer overflow in user_virt_sb_base & sb_length\n");
  3119. return -EINVAL;
  3120. }
  3121. if ((((uintptr_t)req->cmd_req_buf + req->cmd_req_len) >
  3122. ((uintptr_t)data->client.user_virt_sb_base +
  3123. data->client.sb_length)) ||
  3124. (((uintptr_t)req->resp_buf + req->resp_len) >
  3125. ((uintptr_t)data->client.user_virt_sb_base +
  3126. data->client.sb_length))) {
  3127. pr_err("cmd buf or resp buf is out of shared buffer region\n");
  3128. return -EINVAL;
  3129. }
  3130. return 0;
  3131. }
  3132. static int qseecom_send_service_cmd(struct qseecom_dev_handle *data,
  3133. void __user *argp)
  3134. {
  3135. int ret = 0;
  3136. struct qseecom_client_send_service_ireq send_svc_ireq;
  3137. struct qseecom_client_send_fsm_diag_req send_fsm_diag_svc_ireq;
  3138. struct qseecom_command_scm_resp resp;
  3139. struct qseecom_send_svc_cmd_req req;
  3140. void *send_req_ptr;
  3141. size_t req_buf_size;
  3142. /*struct qseecom_command_scm_resp resp;*/
  3143. if (copy_from_user(&req,
  3144. (void __user *)argp,
  3145. sizeof(req))) {
  3146. pr_err("copy_from_user failed\n");
  3147. return -EFAULT;
  3148. }
  3149. if (__validate_send_service_cmd_inputs(data, &req))
  3150. return -EINVAL;
  3151. data->type = QSEECOM_SECURE_SERVICE;
  3152. switch (req.cmd_id) {
  3153. case QSEOS_RPMB_PROVISION_KEY_COMMAND:
  3154. case QSEOS_RPMB_ERASE_COMMAND:
  3155. case QSEOS_RPMB_CHECK_PROV_STATUS_COMMAND:
  3156. send_req_ptr = &send_svc_ireq;
  3157. req_buf_size = sizeof(send_svc_ireq);
  3158. if (__qseecom_process_rpmb_svc_cmd(data, &req,
  3159. send_req_ptr))
  3160. return -EINVAL;
  3161. break;
  3162. case QSEOS_FSM_LTEOTA_REQ_CMD:
  3163. case QSEOS_FSM_LTEOTA_REQ_RSP_CMD:
  3164. case QSEOS_FSM_IKE_REQ_CMD:
  3165. case QSEOS_FSM_IKE_REQ_RSP_CMD:
  3166. case QSEOS_FSM_OEM_FUSE_WRITE_ROW:
  3167. case QSEOS_FSM_OEM_FUSE_READ_ROW:
  3168. case QSEOS_FSM_ENCFS_REQ_CMD:
  3169. case QSEOS_FSM_ENCFS_REQ_RSP_CMD:
  3170. case QSEOS_DIAG_FUSE_REQ_CMD:
  3171. case QSEOS_DIAG_FUSE_REQ_RSP_CMD:
  3172. send_req_ptr = &send_fsm_diag_svc_ireq;
  3173. req_buf_size = sizeof(send_fsm_diag_svc_ireq);
  3174. if (__qseecom_process_fsm_key_svc_cmd(data, &req,
  3175. send_req_ptr))
  3176. return -EINVAL;
  3177. break;
  3178. default:
  3179. pr_err("Unsupported cmd_id %d\n", req.cmd_id);
  3180. return -EINVAL;
  3181. }
  3182. ret = qseecom_dmabuf_cache_operations(data->client.dmabuf,
  3183. QSEECOM_CACHE_CLEAN);
  3184. if (ret) {
  3185. pr_err("cache operation failed %d\n", ret);
  3186. return ret;
  3187. }
  3188. if (qseecom.support_bus_scaling) {
  3189. ret = qseecom_scale_bus_bandwidth_timer(HIGH);
  3190. if (ret) {
  3191. pr_err("Fail to set bw HIGH\n");
  3192. return ret;
  3193. }
  3194. } else {
  3195. ret = qseecom_perf_enable(data);
  3196. if (ret) {
  3197. pr_err("Failed to vote for clocks with err %d\n", ret);
  3198. return ret;
  3199. }
  3200. }
  3201. ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1,
  3202. (const void *)send_req_ptr,
  3203. req_buf_size, &resp, sizeof(resp));
  3204. if (ret) {
  3205. pr_err("qseecom_scm_call failed with err: %d\n", ret);
  3206. goto exit;
  3207. }
  3208. ret = qseecom_dmabuf_cache_operations(data->client.dmabuf,
  3209. QSEECOM_CACHE_INVALIDATE);
  3210. if (ret) {
  3211. pr_err("cache operation failed %d\n", ret);
  3212. goto exit;
  3213. }
  3214. switch (resp.result) {
  3215. case QSEOS_RESULT_SUCCESS:
  3216. break;
  3217. case QSEOS_RESULT_INCOMPLETE:
  3218. pr_debug("qseos_result_incomplete\n");
  3219. ret = __qseecom_process_incomplete_cmd(data, &resp);
  3220. if (ret) {
  3221. pr_err("process_incomplete_cmd fail with result: %d\n",
  3222. resp.result);
  3223. }
  3224. if (req.cmd_id == QSEOS_RPMB_CHECK_PROV_STATUS_COMMAND) {
  3225. pr_warn("RPMB key status is 0x%x\n", resp.result);
  3226. if (put_user(resp.result,
  3227. (uint32_t __user *)req.resp_buf)) {
  3228. ret = -EINVAL;
  3229. goto exit;
  3230. }
  3231. ret = 0;
  3232. }
  3233. break;
  3234. case QSEOS_RESULT_FAILURE:
  3235. pr_err("scm call failed with resp.result: %d\n", resp.result);
  3236. ret = -EINVAL;
  3237. break;
  3238. default:
  3239. pr_err("Response result %d not supported\n",
  3240. resp.result);
  3241. ret = -EINVAL;
  3242. break;
  3243. }
  3244. exit:
  3245. if (!qseecom.support_bus_scaling) {
  3246. qsee_disable_clock_vote(data, CLK_DFAB);
  3247. qsee_disable_clock_vote(data, CLK_SFPB);
  3248. } else {
  3249. __qseecom_add_bw_scale_down_timer(
  3250. QSEECOM_SEND_CMD_CRYPTO_TIMEOUT);
  3251. }
  3252. return ret;
  3253. }
  3254. static int __validate_send_cmd_inputs(struct qseecom_dev_handle *data,
  3255. struct qseecom_send_cmd_req *req)
  3256. {
  3257. if (!data || !data->client.sb_virt) {
  3258. pr_err("Client or client buf is not initialized\n");
  3259. return -EINVAL;
  3260. }
  3261. if (((req->resp_buf == NULL) && (req->resp_len != 0)) ||
  3262. (req->cmd_req_buf == NULL)) {
  3263. pr_err("cmd buffer or response buffer is null\n");
  3264. return -EINVAL;
  3265. }
  3266. if (((uintptr_t)req->cmd_req_buf <
  3267. data->client.user_virt_sb_base) ||
  3268. ((uintptr_t)req->cmd_req_buf >=
  3269. (data->client.user_virt_sb_base + data->client.sb_length))) {
  3270. pr_err("cmd buffer address not within shared bufffer\n");
  3271. return -EINVAL;
  3272. }
  3273. if (((uintptr_t)req->resp_buf <
  3274. data->client.user_virt_sb_base) ||
  3275. ((uintptr_t)req->resp_buf >=
  3276. (data->client.user_virt_sb_base + data->client.sb_length))) {
  3277. pr_err("response buffer address not within shared bufffer\n");
  3278. return -EINVAL;
  3279. }
  3280. if ((req->cmd_req_len == 0) ||
  3281. (req->cmd_req_len > data->client.sb_length) ||
  3282. (req->resp_len > data->client.sb_length)) {
  3283. pr_err("cmd buf length or response buf length not valid\n");
  3284. return -EINVAL;
  3285. }
  3286. if (req->cmd_req_len > UINT_MAX - req->resp_len) {
  3287. pr_err("Integer overflow detected in req_len & rsp_len\n");
  3288. return -EINVAL;
  3289. }
  3290. if ((req->cmd_req_len + req->resp_len) > data->client.sb_length) {
  3291. pr_debug("Not enough memory to fit cmd_buf.\n");
  3292. pr_debug("resp_buf. Required: %u, Available: %zu\n",
  3293. (req->cmd_req_len + req->resp_len),
  3294. data->client.sb_length);
  3295. return -ENOMEM;
  3296. }
  3297. if ((uintptr_t)req->cmd_req_buf > (ULONG_MAX - req->cmd_req_len)) {
  3298. pr_err("Integer overflow in req_len & cmd_req_buf\n");
  3299. return -EINVAL;
  3300. }
  3301. if ((uintptr_t)req->resp_buf > (ULONG_MAX - req->resp_len)) {
  3302. pr_err("Integer overflow in resp_len & resp_buf\n");
  3303. return -EINVAL;
  3304. }
  3305. if (data->client.user_virt_sb_base >
  3306. (ULONG_MAX - data->client.sb_length)) {
  3307. pr_err("Integer overflow in user_virt_sb_base & sb_length\n");
  3308. return -EINVAL;
  3309. }
  3310. if ((((uintptr_t)req->cmd_req_buf + req->cmd_req_len) >
  3311. ((uintptr_t)data->client.user_virt_sb_base +
  3312. data->client.sb_length)) ||
  3313. (((uintptr_t)req->resp_buf + req->resp_len) >
  3314. ((uintptr_t)data->client.user_virt_sb_base +
  3315. data->client.sb_length))) {
  3316. pr_err("cmd buf or resp buf is out of shared buffer region\n");
  3317. return -EINVAL;
  3318. }
  3319. return 0;
  3320. }
  3321. static int __qseecom_process_reentrancy(struct qseecom_command_scm_resp *resp,
  3322. struct qseecom_registered_app_list *ptr_app,
  3323. struct qseecom_dev_handle *data)
  3324. {
  3325. int ret = 0;
  3326. switch (resp->result) {
  3327. case QSEOS_RESULT_BLOCKED_ON_LISTENER:
  3328. pr_warn("App(%d) %s is blocked on listener %d\n",
  3329. data->client.app_id, data->client.app_name,
  3330. resp->data);
  3331. ret = __qseecom_process_reentrancy_blocked_on_listener(
  3332. resp, ptr_app, data);
  3333. if (ret) {
  3334. pr_err("failed to process App(%d) %s is blocked on listener %d\n",
  3335. data->client.app_id, data->client.app_name, resp->data);
  3336. return ret;
  3337. }
  3338. fallthrough;
  3339. /* fall through to process incomplete request */
  3340. case QSEOS_RESULT_INCOMPLETE:
  3341. qseecom.app_block_ref_cnt++;
  3342. ptr_app->app_blocked = true;
  3343. ret = __qseecom_reentrancy_process_incomplete_cmd(data, resp);
  3344. ptr_app->app_blocked = false;
  3345. qseecom.app_block_ref_cnt--;
  3346. wake_up_interruptible_all(&qseecom.app_block_wq);
  3347. if (ret)
  3348. pr_err("process_incomplete_cmd failed err: %d\n",
  3349. ret);
  3350. return ret;
  3351. case QSEOS_RESULT_SUCCESS:
  3352. return ret;
  3353. default:
  3354. pr_err("Response result %d not supported\n",
  3355. resp->result);
  3356. return -EINVAL;
  3357. }
  3358. return ret;
  3359. }
  3360. static int __qseecom_send_cmd(struct qseecom_dev_handle *data,
  3361. struct qseecom_send_cmd_req *req,
  3362. bool is_phys_adr)
  3363. {
  3364. int ret = 0;
  3365. u32 reqd_len_sb_in = 0;
  3366. struct qseecom_client_send_data_ireq send_data_req = {0};
  3367. struct qseecom_client_send_data_64bit_ireq send_data_req_64bit = {0};
  3368. struct qseecom_command_scm_resp resp;
  3369. unsigned long flags;
  3370. struct qseecom_registered_app_list *ptr_app;
  3371. bool found_app = false;
  3372. void *cmd_buf = NULL;
  3373. size_t cmd_len;
  3374. reqd_len_sb_in = req->cmd_req_len + req->resp_len;
  3375. /* find app_id & img_name from list */
  3376. spin_lock_irqsave(&qseecom.registered_app_list_lock, flags);
  3377. list_for_each_entry(ptr_app, &qseecom.registered_app_list_head,
  3378. list) {
  3379. if ((ptr_app->app_id == data->client.app_id) &&
  3380. (!strcmp(ptr_app->app_name, data->client.app_name))) {
  3381. found_app = true;
  3382. break;
  3383. }
  3384. }
  3385. spin_unlock_irqrestore(&qseecom.registered_app_list_lock, flags);
  3386. if (!found_app) {
  3387. pr_err("app_id %d (%s) is not found\n", data->client.app_id,
  3388. (char *)data->client.app_name);
  3389. return -ENOENT;
  3390. }
  3391. if (__qseecom_find_pending_unload_app(data->client.app_id,
  3392. data->client.app_name)) {
  3393. pr_err("app %d (%s) unload is pending\n",
  3394. data->client.app_id, data->client.app_name);
  3395. return -ENOENT;
  3396. }
  3397. if (qseecom.qsee_version < QSEE_VERSION_40) {
  3398. send_data_req.app_id = data->client.app_id;
  3399. if (!is_phys_adr) {
  3400. send_data_req.req_ptr =
  3401. (uint32_t)(__qseecom_uvirt_to_kphys
  3402. (data, (uintptr_t)req->cmd_req_buf));
  3403. send_data_req.rsp_ptr =
  3404. (uint32_t)(__qseecom_uvirt_to_kphys(
  3405. data, (uintptr_t)req->resp_buf));
  3406. } else {
  3407. send_data_req.req_ptr = (uint32_t)(uintptr_t)req->cmd_req_buf;
  3408. send_data_req.rsp_ptr = (uint32_t)(uintptr_t)req->resp_buf;
  3409. }
  3410. send_data_req.req_len = req->cmd_req_len;
  3411. send_data_req.rsp_len = req->resp_len;
  3412. send_data_req.sglistinfo_ptr =
  3413. (uint32_t)data->sglistinfo_shm.paddr;
  3414. send_data_req.sglistinfo_len = SGLISTINFO_TABLE_SIZE;
  3415. qtee_shmbridge_flush_shm_buf(&data->sglistinfo_shm);
  3416. cmd_buf = (void *)&send_data_req;
  3417. cmd_len = sizeof(struct qseecom_client_send_data_ireq);
  3418. } else {
  3419. send_data_req_64bit.app_id = data->client.app_id;
  3420. if (!is_phys_adr) {
  3421. send_data_req_64bit.req_ptr =
  3422. __qseecom_uvirt_to_kphys(data,
  3423. (uintptr_t)req->cmd_req_buf);
  3424. send_data_req_64bit.rsp_ptr =
  3425. __qseecom_uvirt_to_kphys(data,
  3426. (uintptr_t)req->resp_buf);
  3427. } else {
  3428. send_data_req_64bit.req_ptr =
  3429. (uintptr_t)req->cmd_req_buf;
  3430. send_data_req_64bit.rsp_ptr =
  3431. (uintptr_t)req->resp_buf;
  3432. }
  3433. send_data_req_64bit.req_len = req->cmd_req_len;
  3434. send_data_req_64bit.rsp_len = req->resp_len;
  3435. /* check if 32bit app's phys_addr region is under 4GB.*/
  3436. if ((data->client.app_arch == ELFCLASS32) &&
  3437. ((send_data_req_64bit.req_ptr >=
  3438. PHY_ADDR_4G - send_data_req_64bit.req_len) ||
  3439. (send_data_req_64bit.rsp_ptr >=
  3440. PHY_ADDR_4G - send_data_req_64bit.rsp_len))){
  3441. pr_err("32bit app %s PA exceeds 4G: req_ptr=%llx, req_len=%x, rsp_ptr=%llx, rsp_len=%x\n",
  3442. data->client.app_name,
  3443. send_data_req_64bit.req_ptr,
  3444. send_data_req_64bit.req_len,
  3445. send_data_req_64bit.rsp_ptr,
  3446. send_data_req_64bit.rsp_len);
  3447. return -EFAULT;
  3448. }
  3449. send_data_req_64bit.sglistinfo_ptr =
  3450. (uint64_t)data->sglistinfo_shm.paddr;
  3451. send_data_req_64bit.sglistinfo_len = SGLISTINFO_TABLE_SIZE;
  3452. qtee_shmbridge_flush_shm_buf(&data->sglistinfo_shm);
  3453. cmd_buf = (void *)&send_data_req_64bit;
  3454. cmd_len = sizeof(struct qseecom_client_send_data_64bit_ireq);
  3455. }
  3456. if (!qseecom.whitelist_support || data->use_legacy_cmd)
  3457. *(uint32_t *)cmd_buf = QSEOS_CLIENT_SEND_DATA_COMMAND;
  3458. else
  3459. *(uint32_t *)cmd_buf = QSEOS_CLIENT_SEND_DATA_COMMAND_WHITELIST;
  3460. if (data->client.dmabuf) {
  3461. ret = qseecom_dmabuf_cache_operations(data->client.dmabuf,
  3462. QSEECOM_CACHE_CLEAN);
  3463. if (ret) {
  3464. pr_err("cache operation failed %d\n", ret);
  3465. return ret;
  3466. }
  3467. }
  3468. __qseecom_reentrancy_check_if_this_app_blocked(ptr_app);
  3469. ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1,
  3470. cmd_buf, cmd_len,
  3471. &resp, sizeof(resp));
  3472. if (ret) {
  3473. pr_err("scm_call() failed with err: %d (app_id = %d)\n",
  3474. ret, data->client.app_id);
  3475. goto exit;
  3476. }
  3477. if (qseecom.qsee_reentrancy_support) {
  3478. ret = __qseecom_process_reentrancy(&resp, ptr_app, data);
  3479. if (ret)
  3480. goto exit;
  3481. } else {
  3482. if (resp.result == QSEOS_RESULT_INCOMPLETE) {
  3483. ret = __qseecom_process_incomplete_cmd(data, &resp);
  3484. if (ret) {
  3485. pr_err("process_incomplete_cmd failed err: %d\n",
  3486. ret);
  3487. goto exit;
  3488. }
  3489. } else {
  3490. if (resp.result != QSEOS_RESULT_SUCCESS) {
  3491. pr_err("Response result %d not supported\n",
  3492. resp.result);
  3493. ret = -EINVAL;
  3494. goto exit;
  3495. }
  3496. }
  3497. }
  3498. if (data->client.dmabuf) {
  3499. ret = qseecom_dmabuf_cache_operations(data->client.dmabuf,
  3500. QSEECOM_CACHE_INVALIDATE);
  3501. if (ret) {
  3502. pr_err("cache operation failed %d\n", ret);
  3503. goto exit;
  3504. }
  3505. }
  3506. exit:
  3507. return ret;
  3508. }
  3509. static int qseecom_send_cmd(struct qseecom_dev_handle *data, void __user *argp)
  3510. {
  3511. int ret = 0;
  3512. struct qseecom_send_cmd_req req;
  3513. ret = copy_from_user(&req, argp, sizeof(req));
  3514. if (ret) {
  3515. pr_err("copy_from_user failed\n");
  3516. return ret;
  3517. }
  3518. if (__validate_send_cmd_inputs(data, &req))
  3519. return -EINVAL;
  3520. ret = __qseecom_send_cmd(data, &req, false);
  3521. return ret;
  3522. }
  3523. static int __boundary_checks_offset(struct qseecom_send_modfd_cmd_req *req,
  3524. struct qseecom_send_modfd_listener_resp *lstnr_resp,
  3525. struct qseecom_dev_handle *data, int i, size_t size)
  3526. {
  3527. char *curr_field = NULL;
  3528. char *temp_field = NULL;
  3529. int j = 0;
  3530. if ((data->type != QSEECOM_LISTENER_SERVICE) &&
  3531. (req->ifd_data[i].fd > 0)) {
  3532. if ((req->cmd_req_len < size) ||
  3533. (req->ifd_data[i].cmd_buf_offset >
  3534. req->cmd_req_len - size)) {
  3535. pr_err("Invalid offset (req len) 0x%x\n",
  3536. req->ifd_data[i].cmd_buf_offset);
  3537. return -EINVAL;
  3538. }
  3539. curr_field = (char *) (req->cmd_req_buf +
  3540. req->ifd_data[i].cmd_buf_offset);
  3541. for (j = 0; j < MAX_ION_FD; j++) {
  3542. if ((req->ifd_data[j].fd > 0) && i != j) {
  3543. temp_field = (char *) (req->cmd_req_buf +
  3544. req->ifd_data[j].cmd_buf_offset);
  3545. if (temp_field >= curr_field && temp_field <
  3546. (curr_field + size)) {
  3547. pr_err("Invalid field offset 0x%x\n",
  3548. req->ifd_data[i].cmd_buf_offset);
  3549. return -EINVAL;
  3550. }
  3551. }
  3552. }
  3553. } else if ((data->type == QSEECOM_LISTENER_SERVICE) &&
  3554. (lstnr_resp->ifd_data[i].fd > 0)) {
  3555. if ((lstnr_resp->resp_len < size) ||
  3556. (lstnr_resp->ifd_data[i].cmd_buf_offset >
  3557. lstnr_resp->resp_len - size)) {
  3558. pr_err("Invalid offset (lstnr resp len) 0x%x\n",
  3559. lstnr_resp->ifd_data[i].cmd_buf_offset);
  3560. return -EINVAL;
  3561. }
  3562. curr_field = (char *) (lstnr_resp->resp_buf_ptr +
  3563. lstnr_resp->ifd_data[i].cmd_buf_offset);
  3564. for (j = 0; j < MAX_ION_FD; j++) {
  3565. if ((lstnr_resp->ifd_data[j].fd > 0) && i != j) {
  3566. temp_field = (char *) lstnr_resp->resp_buf_ptr +
  3567. lstnr_resp->ifd_data[j].cmd_buf_offset;
  3568. if (temp_field >= curr_field && temp_field <
  3569. (curr_field + size)) {
  3570. pr_err("Invalid lstnr field offset 0x%x\n",
  3571. lstnr_resp->ifd_data[i].cmd_buf_offset);
  3572. return -EINVAL;
  3573. }
  3574. }
  3575. }
  3576. }
  3577. return 0;
  3578. }
  3579. static int __qseecom_update_cmd_buf(void *msg, bool cleanup,
  3580. struct qseecom_dev_handle *data)
  3581. {
  3582. char *field;
  3583. int ret = 0;
  3584. int i = 0;
  3585. uint32_t len = 0;
  3586. struct scatterlist *sg;
  3587. struct qseecom_send_modfd_cmd_req *req = NULL;
  3588. struct qseecom_send_modfd_listener_resp *lstnr_resp = NULL;
  3589. struct qseecom_registered_listener_list *this_lstnr = NULL;
  3590. uint32_t offset;
  3591. struct sg_table *sg_ptr = NULL;
  3592. int ion_fd = -1;
  3593. struct dma_buf *dmabuf = NULL;
  3594. struct dma_buf_attachment *attach = NULL;
  3595. if ((data->type != QSEECOM_LISTENER_SERVICE) &&
  3596. (data->type != QSEECOM_CLIENT_APP))
  3597. return -EFAULT;
  3598. if (msg == NULL) {
  3599. pr_err("Invalid address\n");
  3600. return -EINVAL;
  3601. }
  3602. if (data->type == QSEECOM_LISTENER_SERVICE) {
  3603. lstnr_resp = (struct qseecom_send_modfd_listener_resp *)msg;
  3604. this_lstnr = __qseecom_find_svc(data->listener.id);
  3605. if (IS_ERR_OR_NULL(this_lstnr)) {
  3606. pr_err("Invalid listener ID\n");
  3607. return -ENOMEM;
  3608. }
  3609. } else {
  3610. req = (struct qseecom_send_modfd_cmd_req *)msg;
  3611. }
  3612. for (i = 0; i < MAX_ION_FD; i++) {
  3613. if ((data->type != QSEECOM_LISTENER_SERVICE) &&
  3614. (req->ifd_data[i].fd > 0)) {
  3615. ion_fd = req->ifd_data[i].fd;
  3616. field = (char *) req->cmd_req_buf +
  3617. req->ifd_data[i].cmd_buf_offset;
  3618. } else if ((data->type == QSEECOM_LISTENER_SERVICE) &&
  3619. (lstnr_resp->ifd_data[i].fd > 0)) {
  3620. ion_fd = lstnr_resp->ifd_data[i].fd;
  3621. field = lstnr_resp->resp_buf_ptr +
  3622. lstnr_resp->ifd_data[i].cmd_buf_offset;
  3623. } else {
  3624. continue;
  3625. }
  3626. /* Populate the cmd data structure with the phys_addr */
  3627. ret = qseecom_dmabuf_map(ion_fd, &sg_ptr, &attach, &dmabuf);
  3628. if (ret) {
  3629. pr_err("IOn client could not retrieve sg table\n");
  3630. goto err;
  3631. }
  3632. if (sg_ptr->nents == 0) {
  3633. pr_err("Num of scattered entries is 0\n");
  3634. goto err;
  3635. }
  3636. if (sg_ptr->nents > QSEECOM_MAX_SG_ENTRY) {
  3637. pr_err("Num of scattered entries\n");
  3638. pr_err(" (%d) is greater than max supported %d\n",
  3639. sg_ptr->nents, QSEECOM_MAX_SG_ENTRY);
  3640. goto err;
  3641. }
  3642. sg = sg_ptr->sgl;
  3643. if (sg_ptr->nents == 1) {
  3644. uint32_t *update;
  3645. if (__boundary_checks_offset(req, lstnr_resp, data, i, sizeof(uint32_t)))
  3646. goto err;
  3647. if ((data->type == QSEECOM_CLIENT_APP &&
  3648. (data->client.app_arch == ELFCLASS32 ||
  3649. data->client.app_arch == ELFCLASS64)) ||
  3650. (data->type == QSEECOM_LISTENER_SERVICE)) {
  3651. /*
  3652. * Check if sg list phy add region is under 4GB
  3653. */
  3654. if ((qseecom.qsee_version >= QSEE_VERSION_40) &&
  3655. (!cleanup) &&
  3656. ((uint64_t)sg_dma_address(sg_ptr->sgl)
  3657. >= PHY_ADDR_4G - sg->length)) {
  3658. pr_err("App %s sgl PA exceeds 4G: phy_addr=%pKad, len=%x\n",
  3659. data->client.app_name,
  3660. &(sg_dma_address(sg_ptr->sgl)),
  3661. sg->length);
  3662. goto err;
  3663. }
  3664. update = (uint32_t *) field;
  3665. *update = cleanup ? 0 :
  3666. (uint32_t)sg_dma_address(sg_ptr->sgl);
  3667. } else {
  3668. pr_err("QSEE app arch %u is not supported\n",
  3669. data->client.app_arch);
  3670. goto err;
  3671. }
  3672. len += (uint32_t)sg->length;
  3673. } else {
  3674. struct qseecom_sg_entry *update;
  3675. int j = 0;
  3676. if (__boundary_checks_offset(req, lstnr_resp, data, i,
  3677. (SG_ENTRY_SZ * sg_ptr->nents)))
  3678. goto err;
  3679. if ((data->type == QSEECOM_CLIENT_APP &&
  3680. (data->client.app_arch == ELFCLASS32 ||
  3681. data->client.app_arch == ELFCLASS64)) ||
  3682. (data->type == QSEECOM_LISTENER_SERVICE)) {
  3683. update = (struct qseecom_sg_entry *)field;
  3684. for (j = 0; j < sg_ptr->nents; j++) {
  3685. /*
  3686. * Check if sg list PA is under 4GB
  3687. */
  3688. if ((qseecom.qsee_version >=
  3689. QSEE_VERSION_40) &&
  3690. (!cleanup) &&
  3691. ((uint64_t)(sg_dma_address(sg))
  3692. >= PHY_ADDR_4G - sg->length)) {
  3693. pr_err("App %s sgl PA exceeds 4G: phy_addr=%pKad, len=%x\n",
  3694. data->client.app_name,
  3695. &(sg_dma_address(sg)),
  3696. sg->length);
  3697. goto err;
  3698. }
  3699. update->phys_addr = cleanup ? 0 :
  3700. (uint32_t)sg_dma_address(sg);
  3701. update->len = cleanup ? 0 : sg->length;
  3702. update++;
  3703. len += sg->length;
  3704. sg = sg_next(sg);
  3705. }
  3706. } else {
  3707. pr_err("QSEE app arch %u is not supported\n",
  3708. data->client.app_arch);
  3709. goto err;
  3710. }
  3711. }
  3712. if (cleanup) {
  3713. ret = qseecom_dmabuf_cache_operations(dmabuf,
  3714. QSEECOM_CACHE_INVALIDATE);
  3715. if (ret) {
  3716. pr_err("cache operation failed %d\n", ret);
  3717. goto err;
  3718. }
  3719. } else {
  3720. ret = qseecom_dmabuf_cache_operations(dmabuf,
  3721. QSEECOM_CACHE_CLEAN);
  3722. if (ret) {
  3723. pr_err("cache operation failed %d\n", ret);
  3724. goto err;
  3725. }
  3726. if (data->type == QSEECOM_CLIENT_APP) {
  3727. offset = req->ifd_data[i].cmd_buf_offset;
  3728. data->sglistinfo_ptr[i].indexAndFlags =
  3729. SGLISTINFO_SET_INDEX_FLAG(
  3730. (sg_ptr->nents == 1), 0, offset);
  3731. data->sglistinfo_ptr[i].sizeOrCount =
  3732. (sg_ptr->nents == 1) ?
  3733. sg->length : sg_ptr->nents;
  3734. data->sglist_cnt = i + 1;
  3735. } else {
  3736. offset = (lstnr_resp->ifd_data[i].cmd_buf_offset
  3737. + (uintptr_t)lstnr_resp->resp_buf_ptr -
  3738. (uintptr_t)this_lstnr->sb_virt);
  3739. this_lstnr->sglistinfo_ptr[i].indexAndFlags =
  3740. SGLISTINFO_SET_INDEX_FLAG(
  3741. (sg_ptr->nents == 1), 0, offset);
  3742. this_lstnr->sglistinfo_ptr[i].sizeOrCount =
  3743. (sg_ptr->nents == 1) ?
  3744. sg->length : sg_ptr->nents;
  3745. this_lstnr->sglist_cnt = i + 1;
  3746. }
  3747. }
  3748. /* Deallocate the kbuf */
  3749. qseecom_dmabuf_unmap(sg_ptr, attach, dmabuf);
  3750. sg_ptr = NULL;
  3751. dmabuf = NULL;
  3752. attach = NULL;
  3753. }
  3754. return ret;
  3755. err:
  3756. if (!IS_ERR_OR_NULL(sg_ptr)) {
  3757. qseecom_dmabuf_unmap(sg_ptr, attach, dmabuf);
  3758. MAKE_NULL(sg_ptr, attach, dmabuf);
  3759. }
  3760. return -ENOMEM;
  3761. }
  3762. static int __qseecom_allocate_sg_list_buffer(struct qseecom_dev_handle *data,
  3763. char *field, uint32_t fd_idx, struct sg_table *sg_ptr)
  3764. {
  3765. struct scatterlist *sg = sg_ptr->sgl;
  3766. struct qseecom_sg_entry_64bit *sg_entry;
  3767. struct qseecom_sg_list_buf_hdr_64bit *buf_hdr;
  3768. void *buf;
  3769. uint i;
  3770. size_t size;
  3771. dma_addr_t coh_pmem;
  3772. if (fd_idx >= MAX_ION_FD) {
  3773. pr_err("fd_idx [%d] is invalid\n", fd_idx);
  3774. return -ENOMEM;
  3775. }
  3776. buf_hdr = (struct qseecom_sg_list_buf_hdr_64bit *)field;
  3777. memset((void *)buf_hdr, 0, QSEECOM_SG_LIST_BUF_HDR_SZ_64BIT);
  3778. /* Allocate a contiguous kernel buffer */
  3779. size = sg_ptr->nents * SG_ENTRY_SZ_64BIT;
  3780. size = (size + PAGE_SIZE) & PAGE_MASK;
  3781. buf = dma_alloc_coherent(qseecom.dev,
  3782. size, &coh_pmem, GFP_KERNEL);
  3783. if (buf == NULL)
  3784. return -ENOMEM;
  3785. /* update qseecom_sg_list_buf_hdr_64bit */
  3786. buf_hdr->version = QSEECOM_SG_LIST_BUF_FORMAT_VERSION_2;
  3787. buf_hdr->new_buf_phys_addr = coh_pmem;
  3788. buf_hdr->nents_total = sg_ptr->nents;
  3789. /* save the left sg entries into new allocated buf */
  3790. sg_entry = (struct qseecom_sg_entry_64bit *)buf;
  3791. for (i = 0; i < sg_ptr->nents; i++) {
  3792. sg_entry->phys_addr = (uint64_t)sg_dma_address(sg);
  3793. sg_entry->len = sg->length;
  3794. sg_entry++;
  3795. sg = sg_next(sg);
  3796. }
  3797. data->client.sec_buf_fd[fd_idx].is_sec_buf_fd = true;
  3798. data->client.sec_buf_fd[fd_idx].vbase = buf;
  3799. data->client.sec_buf_fd[fd_idx].pbase = coh_pmem;
  3800. data->client.sec_buf_fd[fd_idx].size = size;
  3801. return 0;
  3802. }
  3803. static int __qseecom_update_cmd_buf_64(void *msg, bool cleanup,
  3804. struct qseecom_dev_handle *data)
  3805. {
  3806. char *field;
  3807. int ret = 0;
  3808. int i = 0;
  3809. uint32_t len = 0;
  3810. struct scatterlist *sg;
  3811. struct qseecom_send_modfd_cmd_req *req = NULL;
  3812. struct qseecom_send_modfd_listener_resp *lstnr_resp = NULL;
  3813. struct qseecom_registered_listener_list *this_lstnr = NULL;
  3814. uint32_t offset;
  3815. struct sg_table *sg_ptr;
  3816. int ion_fd = -1;
  3817. struct dma_buf *dmabuf = NULL;
  3818. struct dma_buf_attachment *attach = NULL;
  3819. if ((data->type != QSEECOM_LISTENER_SERVICE) &&
  3820. (data->type != QSEECOM_CLIENT_APP))
  3821. return -EFAULT;
  3822. if (msg == NULL) {
  3823. pr_err("Invalid address\n");
  3824. return -EINVAL;
  3825. }
  3826. if (data->type == QSEECOM_LISTENER_SERVICE) {
  3827. lstnr_resp = (struct qseecom_send_modfd_listener_resp *)msg;
  3828. this_lstnr = __qseecom_find_svc(data->listener.id);
  3829. if (IS_ERR_OR_NULL(this_lstnr)) {
  3830. pr_err("Invalid listener ID\n");
  3831. return -ENOMEM;
  3832. }
  3833. } else {
  3834. req = (struct qseecom_send_modfd_cmd_req *)msg;
  3835. }
  3836. for (i = 0; i < MAX_ION_FD; i++) {
  3837. if ((data->type != QSEECOM_LISTENER_SERVICE) &&
  3838. (req->ifd_data[i].fd > 0)) {
  3839. ion_fd = req->ifd_data[i].fd;
  3840. field = (char *) req->cmd_req_buf +
  3841. req->ifd_data[i].cmd_buf_offset;
  3842. } else if ((data->type == QSEECOM_LISTENER_SERVICE) &&
  3843. (lstnr_resp->ifd_data[i].fd > 0)) {
  3844. ion_fd = lstnr_resp->ifd_data[i].fd;
  3845. field = lstnr_resp->resp_buf_ptr +
  3846. lstnr_resp->ifd_data[i].cmd_buf_offset;
  3847. } else {
  3848. continue;
  3849. }
  3850. /* Populate the cmd data structure with the phys_addr */
  3851. ret = qseecom_dmabuf_map(ion_fd, &sg_ptr, &attach, &dmabuf);
  3852. if (ret) {
  3853. pr_err("IOn client could not retrieve sg table\n");
  3854. goto err;
  3855. }
  3856. if (sg_ptr->nents == 0) {
  3857. pr_err("Num of scattered entries is 0\n");
  3858. goto err;
  3859. }
  3860. if (sg_ptr->nents > QSEECOM_MAX_SG_ENTRY) {
  3861. pr_warn("Num of scattered entries\n");
  3862. pr_warn(" (%d) is greater than %d\n",
  3863. sg_ptr->nents, QSEECOM_MAX_SG_ENTRY);
  3864. if (cleanup) {
  3865. if (data->client.sec_buf_fd[i].is_sec_buf_fd &&
  3866. data->client.sec_buf_fd[i].vbase)
  3867. dma_free_coherent(qseecom.dev,
  3868. data->client.sec_buf_fd[i].size,
  3869. data->client.sec_buf_fd[i].vbase,
  3870. data->client.sec_buf_fd[i].pbase);
  3871. } else {
  3872. ret = __qseecom_allocate_sg_list_buffer(data,
  3873. field, i, sg_ptr);
  3874. if (ret) {
  3875. pr_err("Failed to allocate sg list buffer\n");
  3876. goto err;
  3877. }
  3878. }
  3879. len = QSEECOM_SG_LIST_BUF_HDR_SZ_64BIT;
  3880. sg = sg_ptr->sgl;
  3881. goto cleanup;
  3882. }
  3883. sg = sg_ptr->sgl;
  3884. if (sg_ptr->nents == 1) {
  3885. uint64_t *update_64bit;
  3886. if (__boundary_checks_offset(req, lstnr_resp, data, i, sizeof(uint64_t)))
  3887. goto err;
  3888. /* 64bit app uses 64bit address */
  3889. update_64bit = (uint64_t *) field;
  3890. *update_64bit = cleanup ? 0 :
  3891. (uint64_t)sg_dma_address(sg_ptr->sgl);
  3892. len += (uint32_t)sg->length;
  3893. } else {
  3894. struct qseecom_sg_entry_64bit *update_64bit;
  3895. int j = 0;
  3896. if (__boundary_checks_offset(req, lstnr_resp, data, i,
  3897. (SG_ENTRY_SZ_64BIT * sg_ptr->nents)))
  3898. goto err;
  3899. /* 64bit app uses 64bit address */
  3900. update_64bit = (struct qseecom_sg_entry_64bit *)field;
  3901. for (j = 0; j < sg_ptr->nents; j++) {
  3902. update_64bit->phys_addr = cleanup ? 0 :
  3903. (uint64_t)sg_dma_address(sg);
  3904. update_64bit->len = cleanup ? 0 :
  3905. (uint32_t)sg->length;
  3906. update_64bit++;
  3907. len += sg->length;
  3908. sg = sg_next(sg);
  3909. }
  3910. }
  3911. cleanup:
  3912. if (cleanup) {
  3913. ret = qseecom_dmabuf_cache_operations(dmabuf,
  3914. QSEECOM_CACHE_INVALIDATE);
  3915. if (ret) {
  3916. pr_err("cache operation failed %d\n", ret);
  3917. goto err;
  3918. }
  3919. } else {
  3920. ret = qseecom_dmabuf_cache_operations(dmabuf,
  3921. QSEECOM_CACHE_CLEAN);
  3922. if (ret) {
  3923. pr_err("cache operation failed %d\n", ret);
  3924. goto err;
  3925. }
  3926. if (data->type == QSEECOM_CLIENT_APP) {
  3927. offset = req->ifd_data[i].cmd_buf_offset;
  3928. data->sglistinfo_ptr[i].indexAndFlags =
  3929. SGLISTINFO_SET_INDEX_FLAG(
  3930. (sg_ptr->nents == 1), 1, offset);
  3931. data->sglistinfo_ptr[i].sizeOrCount =
  3932. (sg_ptr->nents == 1) ?
  3933. sg->length : sg_ptr->nents;
  3934. data->sglist_cnt = i + 1;
  3935. } else {
  3936. offset = (lstnr_resp->ifd_data[i].cmd_buf_offset
  3937. + (uintptr_t)lstnr_resp->resp_buf_ptr -
  3938. (uintptr_t)this_lstnr->sb_virt);
  3939. this_lstnr->sglistinfo_ptr[i].indexAndFlags =
  3940. SGLISTINFO_SET_INDEX_FLAG(
  3941. (sg_ptr->nents == 1), 1, offset);
  3942. this_lstnr->sglistinfo_ptr[i].sizeOrCount =
  3943. (sg_ptr->nents == 1) ?
  3944. sg->length : sg_ptr->nents;
  3945. this_lstnr->sglist_cnt = i + 1;
  3946. }
  3947. }
  3948. /* unmap the dmabuf */
  3949. qseecom_dmabuf_unmap(sg_ptr, attach, dmabuf);
  3950. sg_ptr = NULL;
  3951. dmabuf = NULL;
  3952. attach = NULL;
  3953. }
  3954. return ret;
  3955. err:
  3956. for (i = 0; i < MAX_ION_FD; i++)
  3957. if (data->client.sec_buf_fd[i].is_sec_buf_fd &&
  3958. data->client.sec_buf_fd[i].vbase)
  3959. dma_free_coherent(qseecom.dev,
  3960. data->client.sec_buf_fd[i].size,
  3961. data->client.sec_buf_fd[i].vbase,
  3962. data->client.sec_buf_fd[i].pbase);
  3963. if (!IS_ERR_OR_NULL(sg_ptr)) {
  3964. qseecom_dmabuf_unmap(sg_ptr, attach, dmabuf);
  3965. MAKE_NULL(sg_ptr, attach, dmabuf);
  3966. }
  3967. return -ENOMEM;
  3968. }
  3969. static int __qseecom_send_modfd_cmd(struct qseecom_dev_handle *data,
  3970. void __user *argp,
  3971. bool is_64bit_addr)
  3972. {
  3973. int ret = 0;
  3974. int i;
  3975. struct qseecom_send_modfd_cmd_req req;
  3976. struct qseecom_send_cmd_req send_cmd_req;
  3977. void *origin_req_buf_kvirt, *origin_rsp_buf_kvirt;
  3978. phys_addr_t pa;
  3979. u8 *va = NULL;
  3980. ret = copy_from_user(&req, argp, sizeof(req));
  3981. if (ret) {
  3982. pr_err("copy_from_user failed\n");
  3983. return ret;
  3984. }
  3985. send_cmd_req.cmd_req_buf = req.cmd_req_buf;
  3986. send_cmd_req.cmd_req_len = req.cmd_req_len;
  3987. send_cmd_req.resp_buf = req.resp_buf;
  3988. send_cmd_req.resp_len = req.resp_len;
  3989. if (__validate_send_cmd_inputs(data, &send_cmd_req))
  3990. return -EINVAL;
  3991. /* validate offsets */
  3992. for (i = 0; i < MAX_ION_FD; i++) {
  3993. if (req.ifd_data[i].cmd_buf_offset >= req.cmd_req_len) {
  3994. pr_err("Invalid offset %d = 0x%x\n",
  3995. i, req.ifd_data[i].cmd_buf_offset);
  3996. return -EINVAL;
  3997. }
  3998. }
  3999. /*Back up original address */
  4000. origin_req_buf_kvirt = (void *)__qseecom_uvirt_to_kvirt(data,
  4001. (uintptr_t)req.cmd_req_buf);
  4002. origin_rsp_buf_kvirt = (void *)__qseecom_uvirt_to_kvirt(data,
  4003. (uintptr_t)req.resp_buf);
  4004. /* Allocate kernel buffer for request and response*/
  4005. ret = __qseecom_alloc_coherent_buf(req.cmd_req_len + req.resp_len,
  4006. &va, &pa);
  4007. if (ret) {
  4008. pr_err("Failed to allocate coherent buf, ret %d\n", ret);
  4009. return ret;
  4010. }
  4011. req.cmd_req_buf = va;
  4012. send_cmd_req.cmd_req_buf = (void *)pa;
  4013. req.resp_buf = va + req.cmd_req_len;
  4014. send_cmd_req.resp_buf = (void *)pa + req.cmd_req_len;
  4015. /* Copy the data to kernel request and response buffers*/
  4016. memcpy(req.cmd_req_buf, origin_req_buf_kvirt, req.cmd_req_len);
  4017. memcpy(req.resp_buf, origin_rsp_buf_kvirt, req.resp_len);
  4018. if (!is_64bit_addr) {
  4019. ret = __qseecom_update_cmd_buf(&req, false, data);
  4020. if (ret)
  4021. goto out;
  4022. ret = __qseecom_send_cmd(data, &send_cmd_req, true);
  4023. if (ret)
  4024. goto out;
  4025. ret = __qseecom_update_cmd_buf(&req, true, data);
  4026. if (ret)
  4027. goto out;
  4028. } else {
  4029. ret = __qseecom_update_cmd_buf_64(&req, false, data);
  4030. if (ret)
  4031. goto out;
  4032. ret = __qseecom_send_cmd(data, &send_cmd_req, true);
  4033. if (ret)
  4034. goto out;
  4035. ret = __qseecom_update_cmd_buf_64(&req, true, data);
  4036. if (ret)
  4037. goto out;
  4038. }
  4039. /*Copy the response back to the userspace buffer*/
  4040. memcpy(origin_rsp_buf_kvirt, req.resp_buf, req.resp_len);
  4041. memcpy(origin_req_buf_kvirt, req.cmd_req_buf, req.cmd_req_len);
  4042. out:
  4043. if (req.cmd_req_buf)
  4044. __qseecom_free_coherent_buf(req.cmd_req_len + req.resp_len,
  4045. req.cmd_req_buf, (phys_addr_t)send_cmd_req.cmd_req_buf);
  4046. return ret;
  4047. }
  4048. static int qseecom_send_modfd_cmd(struct qseecom_dev_handle *data,
  4049. void __user *argp)
  4050. {
  4051. return __qseecom_send_modfd_cmd(data, argp, false);
  4052. }
  4053. static int qseecom_send_modfd_cmd_64(struct qseecom_dev_handle *data,
  4054. void __user *argp)
  4055. {
  4056. return __qseecom_send_modfd_cmd(data, argp, true);
  4057. }
  4058. static int __qseecom_listener_has_rcvd_req(struct qseecom_dev_handle *data,
  4059. struct qseecom_registered_listener_list *svc)
  4060. {
  4061. int ret;
  4062. ret = (svc->rcv_req_flag == 1);
  4063. return ret || data->abort;
  4064. }
  4065. static int qseecom_receive_req(struct qseecom_dev_handle *data)
  4066. {
  4067. int ret = 0;
  4068. struct qseecom_registered_listener_list *this_lstnr;
  4069. mutex_lock(&listener_access_lock);
  4070. this_lstnr = __qseecom_find_svc(data->listener.id);
  4071. if (!this_lstnr) {
  4072. pr_err("Invalid listener ID\n");
  4073. mutex_unlock(&listener_access_lock);
  4074. return -ENODATA;
  4075. }
  4076. mutex_unlock(&listener_access_lock);
  4077. while (1) {
  4078. if (wait_event_interruptible(this_lstnr->rcv_req_wq,
  4079. __qseecom_listener_has_rcvd_req(data,
  4080. this_lstnr))) {
  4081. pr_debug("Interrupted: exiting Listener Service = %d\n",
  4082. (uint32_t)data->listener.id);
  4083. /* woken up for different reason */
  4084. return -ERESTARTSYS;
  4085. }
  4086. if (data->abort) {
  4087. pr_err("Aborting Listener Service = %d\n",
  4088. (uint32_t)data->listener.id);
  4089. return -ENODEV;
  4090. }
  4091. mutex_lock(&listener_access_lock);
  4092. this_lstnr->rcv_req_flag = 0;
  4093. mutex_unlock(&listener_access_lock);
  4094. break;
  4095. }
  4096. return ret;
  4097. }
  4098. static bool __qseecom_is_fw_image_valid(const struct firmware *fw_entry)
  4099. {
  4100. unsigned char app_arch = 0;
  4101. struct elf32_hdr *ehdr;
  4102. struct elf64_hdr *ehdr64;
  4103. app_arch = *(unsigned char *)(fw_entry->data + EI_CLASS);
  4104. switch (app_arch) {
  4105. case ELFCLASS32: {
  4106. ehdr = (struct elf32_hdr *)fw_entry->data;
  4107. if (fw_entry->size < sizeof(*ehdr)) {
  4108. pr_err("%s: Not big enough to be an elf32 header\n",
  4109. qseecom.pdev->init_name);
  4110. return false;
  4111. }
  4112. if (memcmp(ehdr->e_ident, ELFMAG, SELFMAG)) {
  4113. pr_err("%s: Not an elf32 header\n",
  4114. qseecom.pdev->init_name);
  4115. return false;
  4116. }
  4117. if (ehdr->e_phnum == 0) {
  4118. pr_err("%s: No loadable segments\n",
  4119. qseecom.pdev->init_name);
  4120. return false;
  4121. }
  4122. if (sizeof(struct elf32_phdr) * ehdr->e_phnum +
  4123. sizeof(struct elf32_hdr) > fw_entry->size) {
  4124. pr_err("%s: Program headers not within mdt\n",
  4125. qseecom.pdev->init_name);
  4126. return false;
  4127. }
  4128. break;
  4129. }
  4130. case ELFCLASS64: {
  4131. ehdr64 = (struct elf64_hdr *)fw_entry->data;
  4132. if (fw_entry->size < sizeof(*ehdr64)) {
  4133. pr_err("%s: Not big enough to be an elf64 header\n",
  4134. qseecom.pdev->init_name);
  4135. return false;
  4136. }
  4137. if (memcmp(ehdr64->e_ident, ELFMAG, SELFMAG)) {
  4138. pr_err("%s: Not an elf64 header\n",
  4139. qseecom.pdev->init_name);
  4140. return false;
  4141. }
  4142. if (ehdr64->e_phnum == 0) {
  4143. pr_err("%s: No loadable segments\n",
  4144. qseecom.pdev->init_name);
  4145. return false;
  4146. }
  4147. if (sizeof(struct elf64_phdr) * ehdr64->e_phnum +
  4148. sizeof(struct elf64_hdr) > fw_entry->size) {
  4149. pr_err("%s: Program headers not within mdt\n",
  4150. qseecom.pdev->init_name);
  4151. return false;
  4152. }
  4153. break;
  4154. }
  4155. default: {
  4156. pr_err("QSEE app arch %u is not supported\n", app_arch);
  4157. return false;
  4158. }
  4159. }
  4160. return true;
  4161. }
  4162. static int __qseecom_get_fw_size(const char *appname, uint32_t *fw_size,
  4163. uint32_t *app_arch)
  4164. {
  4165. int ret = -1;
  4166. int i = 0, rc = 0;
  4167. const struct firmware *fw_entry = NULL;
  4168. char fw_name[MAX_APP_NAME_SIZE];
  4169. struct elf32_hdr *ehdr;
  4170. struct elf64_hdr *ehdr64;
  4171. int num_images = 0;
  4172. snprintf(fw_name, sizeof(fw_name), "%s.mdt", appname);
  4173. rc = firmware_request_nowarn(&fw_entry, fw_name, qseecom.pdev);
  4174. if (rc) {
  4175. pr_err("error with firmware_request_nowarn, rc = %d\n", rc);
  4176. ret = -EIO;
  4177. goto err;
  4178. }
  4179. if (!__qseecom_is_fw_image_valid(fw_entry)) {
  4180. ret = -EIO;
  4181. goto err;
  4182. }
  4183. *app_arch = *(unsigned char *)(fw_entry->data + EI_CLASS);
  4184. *fw_size = fw_entry->size;
  4185. if (*app_arch == ELFCLASS32) {
  4186. ehdr = (struct elf32_hdr *)fw_entry->data;
  4187. num_images = ehdr->e_phnum;
  4188. } else if (*app_arch == ELFCLASS64) {
  4189. ehdr64 = (struct elf64_hdr *)fw_entry->data;
  4190. num_images = ehdr64->e_phnum;
  4191. } else {
  4192. pr_err("QSEE %s app, arch %u is not supported\n",
  4193. appname, *app_arch);
  4194. ret = -EIO;
  4195. goto err;
  4196. }
  4197. pr_debug("QSEE %s app, arch %u\n", appname, *app_arch);
  4198. release_firmware(fw_entry);
  4199. fw_entry = NULL;
  4200. for (i = 0; i < num_images; i++) {
  4201. memset(fw_name, 0, sizeof(fw_name));
  4202. snprintf(fw_name, ARRAY_SIZE(fw_name), "%s.b%02d", appname, i);
  4203. ret = firmware_request_nowarn(&fw_entry, fw_name, qseecom.pdev);
  4204. if (ret)
  4205. goto err;
  4206. if (*fw_size > U32_MAX - fw_entry->size) {
  4207. pr_err("QSEE %s app file size overflow\n", appname);
  4208. ret = -EINVAL;
  4209. goto err;
  4210. }
  4211. *fw_size += fw_entry->size;
  4212. release_firmware(fw_entry);
  4213. fw_entry = NULL;
  4214. }
  4215. return ret;
  4216. err:
  4217. if (fw_entry)
  4218. release_firmware(fw_entry);
  4219. *fw_size = 0;
  4220. return ret;
  4221. }
  4222. static int __qseecom_get_fw_data(const char *appname, u8 *img_data,
  4223. uint32_t fw_size,
  4224. struct qseecom_load_app_ireq *load_req)
  4225. {
  4226. int ret = -1;
  4227. int i = 0, rc = 0;
  4228. const struct firmware *fw_entry = NULL;
  4229. char fw_name[MAX_APP_NAME_SIZE];
  4230. u8 *img_data_ptr = img_data;
  4231. struct elf32_hdr *ehdr;
  4232. struct elf64_hdr *ehdr64;
  4233. int num_images = 0;
  4234. unsigned char app_arch = 0;
  4235. snprintf(fw_name, sizeof(fw_name), "%s.mdt", appname);
  4236. rc = firmware_request_nowarn(&fw_entry, fw_name, qseecom.pdev);
  4237. if (rc) {
  4238. ret = -EIO;
  4239. goto err;
  4240. }
  4241. load_req->img_len = fw_entry->size;
  4242. if (load_req->img_len > fw_size) {
  4243. pr_err("app %s size %zu is larger than buf size %u\n",
  4244. appname, fw_entry->size, fw_size);
  4245. ret = -EINVAL;
  4246. goto err;
  4247. }
  4248. memcpy(img_data_ptr, fw_entry->data, fw_entry->size);
  4249. img_data_ptr = img_data_ptr + fw_entry->size;
  4250. load_req->mdt_len = fw_entry->size; /*Get MDT LEN*/
  4251. app_arch = *(unsigned char *)(fw_entry->data + EI_CLASS);
  4252. if (app_arch == ELFCLASS32) {
  4253. ehdr = (struct elf32_hdr *)fw_entry->data;
  4254. num_images = ehdr->e_phnum;
  4255. } else if (app_arch == ELFCLASS64) {
  4256. ehdr64 = (struct elf64_hdr *)fw_entry->data;
  4257. num_images = ehdr64->e_phnum;
  4258. } else {
  4259. pr_err("QSEE %s app, arch %u is not supported\n",
  4260. appname, app_arch);
  4261. ret = -EIO;
  4262. goto err;
  4263. }
  4264. release_firmware(fw_entry);
  4265. fw_entry = NULL;
  4266. for (i = 0; i < num_images; i++) {
  4267. snprintf(fw_name, ARRAY_SIZE(fw_name), "%s.b%02d", appname, i);
  4268. ret = firmware_request_nowarn(&fw_entry, fw_name, qseecom.pdev);
  4269. if (ret) {
  4270. pr_err("Failed to locate blob %s\n", fw_name);
  4271. goto err;
  4272. }
  4273. if ((fw_entry->size > U32_MAX - load_req->img_len) ||
  4274. (fw_entry->size + load_req->img_len > fw_size)) {
  4275. pr_err("Invalid file size for %s\n", fw_name);
  4276. ret = -EINVAL;
  4277. goto err;
  4278. }
  4279. memcpy(img_data_ptr, fw_entry->data, fw_entry->size);
  4280. img_data_ptr = img_data_ptr + fw_entry->size;
  4281. load_req->img_len += fw_entry->size;
  4282. release_firmware(fw_entry);
  4283. fw_entry = NULL;
  4284. }
  4285. return ret;
  4286. err:
  4287. release_firmware(fw_entry);
  4288. return ret;
  4289. }
  4290. static int __qseecom_alloc_coherent_buf(
  4291. uint32_t size, u8 **vaddr, phys_addr_t *paddr)
  4292. {
  4293. dma_addr_t coh_pmem;
  4294. void *buf = NULL;
  4295. /* Allocate a contiguous kernel buffer */
  4296. size = (size + PAGE_SIZE) & PAGE_MASK;
  4297. buf = dma_alloc_coherent(qseecom.dev,
  4298. size, &coh_pmem, GFP_KERNEL);
  4299. if (buf == NULL)
  4300. return -ENOMEM;
  4301. *vaddr = buf;
  4302. *paddr = coh_pmem;
  4303. return 0;
  4304. }
  4305. static void __qseecom_free_coherent_buf(uint32_t size,
  4306. u8 *vaddr, phys_addr_t paddr)
  4307. {
  4308. if (!vaddr)
  4309. return;
  4310. size = (size + PAGE_SIZE) & PAGE_MASK;
  4311. dma_free_coherent(qseecom.dev, size, vaddr, paddr);
  4312. }
  4313. #if IS_ENABLED(CONFIG_QSEECOM)
  4314. static int __qseecom_load_fw(struct qseecom_dev_handle *data, char *appname,
  4315. uint32_t *app_id)
  4316. {
  4317. int ret = -1;
  4318. uint32_t fw_size = 0;
  4319. struct qseecom_load_app_ireq load_req = {0, 0, 0, 0};
  4320. struct qseecom_load_app_64bit_ireq load_req_64bit = {0, 0, 0, 0};
  4321. struct qseecom_command_scm_resp resp;
  4322. u8 *img_data = NULL;
  4323. phys_addr_t pa = 0;
  4324. void *cmd_buf = NULL;
  4325. size_t cmd_len;
  4326. uint32_t app_arch = 0;
  4327. if (!data || !appname || !app_id) {
  4328. pr_err("Null pointer to data or appname or appid\n");
  4329. return -EINVAL;
  4330. }
  4331. *app_id = 0;
  4332. if (__qseecom_get_fw_size(appname, &fw_size, &app_arch))
  4333. return -EIO;
  4334. data->client.app_arch = app_arch;
  4335. /* Check and load cmnlib */
  4336. if (qseecom.qsee_version > QSEEE_VERSION_00) {
  4337. if (!(qseecom.commonlib_loaded ||
  4338. qseecom.commonlib_loaded_by_hostvm) &&
  4339. app_arch == ELFCLASS32) {
  4340. ret = qseecom_load_commonlib_image(data, "cmnlib");
  4341. if (ret) {
  4342. pr_err("failed to load cmnlib\n");
  4343. return -EIO;
  4344. }
  4345. qseecom.commonlib_loaded = true;
  4346. pr_debug("cmnlib is loaded\n");
  4347. }
  4348. if (!(qseecom.commonlib64_loaded ||
  4349. qseecom.commonlib_loaded_by_hostvm) &&
  4350. app_arch == ELFCLASS64) {
  4351. ret = qseecom_load_commonlib_image(data, "cmnlib64");
  4352. if (ret) {
  4353. pr_err("failed to load cmnlib64\n");
  4354. return -EIO;
  4355. }
  4356. qseecom.commonlib64_loaded = true;
  4357. pr_debug("cmnlib64 is loaded\n");
  4358. }
  4359. }
  4360. ret = __qseecom_alloc_coherent_buf(fw_size, &img_data, &pa);
  4361. if (ret)
  4362. return ret;
  4363. ret = __qseecom_get_fw_data(appname, img_data, fw_size, &load_req);
  4364. if (ret) {
  4365. ret = -EIO;
  4366. goto exit_free_img_data;
  4367. }
  4368. /* Populate the load_req parameters */
  4369. if (qseecom.qsee_version < QSEE_VERSION_40) {
  4370. load_req.qsee_cmd_id = QSEOS_APP_START_COMMAND;
  4371. load_req.mdt_len = load_req.mdt_len;
  4372. load_req.img_len = load_req.img_len;
  4373. strlcpy(load_req.app_name, appname, MAX_APP_NAME_SIZE);
  4374. load_req.phy_addr = (uint32_t)pa;
  4375. cmd_buf = (void *)&load_req;
  4376. cmd_len = sizeof(struct qseecom_load_app_ireq);
  4377. } else {
  4378. load_req_64bit.qsee_cmd_id = QSEOS_APP_START_COMMAND;
  4379. load_req_64bit.mdt_len = load_req.mdt_len;
  4380. load_req_64bit.img_len = load_req.img_len;
  4381. strlcpy(load_req_64bit.app_name, appname, MAX_APP_NAME_SIZE);
  4382. load_req_64bit.phy_addr = (uint64_t)pa;
  4383. cmd_buf = (void *)&load_req_64bit;
  4384. cmd_len = sizeof(struct qseecom_load_app_64bit_ireq);
  4385. }
  4386. if (qseecom.support_bus_scaling) {
  4387. mutex_lock(&qsee_bw_mutex);
  4388. ret = __qseecom_register_bus_bandwidth_needs(data, MEDIUM);
  4389. mutex_unlock(&qsee_bw_mutex);
  4390. if (ret) {
  4391. ret = -EIO;
  4392. goto exit_free_img_data;
  4393. }
  4394. }
  4395. ret = __qseecom_enable_clk_scale_up(data);
  4396. if (ret) {
  4397. ret = -EIO;
  4398. goto exit_unregister_bus_bw_need;
  4399. }
  4400. /* SCM_CALL to load the image */
  4401. ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1, cmd_buf, cmd_len,
  4402. &resp, sizeof(resp));
  4403. if (ret) {
  4404. pr_err("scm_call to load failed : ret %d\n", ret);
  4405. ret = -EIO;
  4406. goto exit_disable_clk_vote;
  4407. }
  4408. switch (resp.result) {
  4409. case QSEOS_RESULT_SUCCESS:
  4410. *app_id = resp.data;
  4411. break;
  4412. case QSEOS_RESULT_INCOMPLETE:
  4413. ret = __qseecom_process_incomplete_cmd(data, &resp);
  4414. if (ret) {
  4415. pr_err("incomp_cmd err %d, %d, unload %d %s\n",
  4416. ret, resp.result, resp.data, appname);
  4417. __qseecom_unload_app(data, resp.data);
  4418. ret = -EFAULT;
  4419. } else {
  4420. *app_id = resp.data;
  4421. }
  4422. break;
  4423. case QSEOS_RESULT_FAILURE:
  4424. pr_err("scm call failed with response QSEOS_RESULT FAILURE\n");
  4425. break;
  4426. default:
  4427. pr_err("scm call return unknown response %d\n", resp.result);
  4428. ret = -EINVAL;
  4429. break;
  4430. }
  4431. exit_disable_clk_vote:
  4432. __qseecom_disable_clk_scale_down(data);
  4433. exit_unregister_bus_bw_need:
  4434. if (qseecom.support_bus_scaling) {
  4435. mutex_lock(&qsee_bw_mutex);
  4436. qseecom_unregister_bus_bandwidth_needs(data);
  4437. mutex_unlock(&qsee_bw_mutex);
  4438. }
  4439. exit_free_img_data:
  4440. if (img_data)
  4441. __qseecom_free_coherent_buf(fw_size, img_data, pa);
  4442. return ret;
  4443. }
  4444. #endif
  4445. static int qseecom_load_commonlib_image(struct qseecom_dev_handle *data,
  4446. char *cmnlib_name)
  4447. {
  4448. int ret = 0;
  4449. uint32_t fw_size = 0;
  4450. struct qseecom_load_app_ireq load_req = {0, 0, 0, 0};
  4451. struct qseecom_load_app_64bit_ireq load_req_64bit = {0, 0, 0, 0};
  4452. struct qseecom_command_scm_resp resp;
  4453. u8 *img_data = NULL;
  4454. phys_addr_t pa = 0;
  4455. void *cmd_buf = NULL;
  4456. size_t cmd_len;
  4457. uint32_t app_arch = 0;
  4458. if (!cmnlib_name) {
  4459. pr_err("cmnlib_name is NULL\n");
  4460. return -EINVAL;
  4461. }
  4462. if (strlen(cmnlib_name) >= MAX_APP_NAME_SIZE) {
  4463. pr_err("The cmnlib_name (%s) with length %zu is not valid\n",
  4464. cmnlib_name, strlen(cmnlib_name));
  4465. return -EINVAL;
  4466. }
  4467. if (__qseecom_get_fw_size(cmnlib_name, &fw_size, &app_arch))
  4468. return -EIO;
  4469. ret = __qseecom_alloc_coherent_buf(fw_size, &img_data, &pa);
  4470. if (ret)
  4471. return -EIO;
  4472. ret = __qseecom_get_fw_data(cmnlib_name, img_data, fw_size, &load_req);
  4473. if (ret) {
  4474. ret = -EIO;
  4475. goto exit_free_img_data;
  4476. }
  4477. if (qseecom.qsee_version < QSEE_VERSION_40) {
  4478. load_req.phy_addr = (uint32_t)pa;
  4479. load_req.qsee_cmd_id = QSEOS_LOAD_SERV_IMAGE_COMMAND;
  4480. cmd_buf = (void *)&load_req;
  4481. cmd_len = sizeof(struct qseecom_load_lib_image_ireq);
  4482. } else {
  4483. load_req_64bit.phy_addr = (uint64_t)pa;
  4484. load_req_64bit.qsee_cmd_id = QSEOS_LOAD_SERV_IMAGE_COMMAND;
  4485. load_req_64bit.img_len = load_req.img_len;
  4486. load_req_64bit.mdt_len = load_req.mdt_len;
  4487. cmd_buf = (void *)&load_req_64bit;
  4488. cmd_len = sizeof(struct qseecom_load_lib_image_64bit_ireq);
  4489. }
  4490. if (qseecom.support_bus_scaling) {
  4491. mutex_lock(&qsee_bw_mutex);
  4492. ret = __qseecom_register_bus_bandwidth_needs(data, MEDIUM);
  4493. mutex_unlock(&qsee_bw_mutex);
  4494. if (ret) {
  4495. ret = -EIO;
  4496. goto exit_free_img_data;
  4497. }
  4498. }
  4499. /* Vote for the SFPB clock */
  4500. ret = __qseecom_enable_clk_scale_up(data);
  4501. if (ret) {
  4502. ret = -EIO;
  4503. goto exit_unregister_bus_bw_need;
  4504. }
  4505. /* SCM_CALL to load the image */
  4506. ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1, cmd_buf, cmd_len,
  4507. &resp, sizeof(resp));
  4508. if (ret) {
  4509. pr_err("scm_call to load failed : ret %d\n", ret);
  4510. ret = -EIO;
  4511. goto exit_disable_clk_vote;
  4512. }
  4513. switch (resp.result) {
  4514. case QSEOS_RESULT_SUCCESS:
  4515. break;
  4516. case QSEOS_RESULT_FAILURE:
  4517. pr_err("scm call failed w/response result%d\n", resp.result);
  4518. ret = -EINVAL;
  4519. goto exit_disable_clk_vote;
  4520. case QSEOS_RESULT_INCOMPLETE:
  4521. ret = __qseecom_process_incomplete_cmd(data, &resp);
  4522. if (ret) {
  4523. pr_err("process_incomplete_cmd failed err: %d\n", ret);
  4524. goto exit_disable_clk_vote;
  4525. }
  4526. break;
  4527. default:
  4528. pr_err("scm call return unknown response %d\n", resp.result);
  4529. ret = -EINVAL;
  4530. goto exit_disable_clk_vote;
  4531. }
  4532. exit_disable_clk_vote:
  4533. __qseecom_disable_clk_scale_down(data);
  4534. exit_unregister_bus_bw_need:
  4535. if (qseecom.support_bus_scaling) {
  4536. mutex_lock(&qsee_bw_mutex);
  4537. qseecom_unregister_bus_bandwidth_needs(data);
  4538. mutex_unlock(&qsee_bw_mutex);
  4539. }
  4540. exit_free_img_data:
  4541. if (img_data)
  4542. __qseecom_free_coherent_buf(fw_size, img_data, pa);
  4543. return ret;
  4544. }
  4545. static int qseecom_unload_commonlib_image(void)
  4546. {
  4547. int ret = -EINVAL;
  4548. struct qseecom_unload_lib_image_ireq unload_req = {0};
  4549. struct qseecom_command_scm_resp resp;
  4550. /* Populate the remaining parameters */
  4551. unload_req.qsee_cmd_id = QSEOS_UNLOAD_SERV_IMAGE_COMMAND;
  4552. /* SCM_CALL to load the image */
  4553. ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1, &unload_req,
  4554. sizeof(struct qseecom_unload_lib_image_ireq),
  4555. &resp, sizeof(resp));
  4556. if (ret) {
  4557. pr_err("scm_call to unload lib failed : ret %d\n", ret);
  4558. ret = -EIO;
  4559. } else {
  4560. switch (resp.result) {
  4561. case QSEOS_RESULT_SUCCESS:
  4562. break;
  4563. case QSEOS_RESULT_FAILURE:
  4564. pr_err("scm fail resp.result QSEOS_RESULT FAILURE\n");
  4565. break;
  4566. default:
  4567. pr_err("scm call return unknown response %d\n",
  4568. resp.result);
  4569. ret = -EINVAL;
  4570. break;
  4571. }
  4572. }
  4573. return ret;
  4574. }
  4575. #if IS_ENABLED(CONFIG_QSEECOM)
  4576. static int __qseecom_start_app(struct qseecom_handle **handle,
  4577. char *app_name, uint32_t size)
  4578. {
  4579. int32_t ret = 0;
  4580. unsigned long flags = 0;
  4581. struct qseecom_dev_handle *data = NULL;
  4582. struct qseecom_check_app_ireq app_ireq;
  4583. struct qseecom_registered_app_list *entry = NULL;
  4584. struct qseecom_registered_kclient_list *kclient_entry = NULL;
  4585. bool found_app = false;
  4586. phys_addr_t pa = 0;
  4587. u8 *va = NULL;
  4588. uint32_t fw_size, app_arch;
  4589. uint32_t app_id = 0;
  4590. __wakeup_unregister_listener_kthread();
  4591. __wakeup_unload_app_kthread();
  4592. if (atomic_read(&qseecom.qseecom_state) != QSEECOM_STATE_READY) {
  4593. pr_err("Not allowed to be called in %d state\n",
  4594. atomic_read(&qseecom.qseecom_state));
  4595. return -EPERM;
  4596. }
  4597. if (!app_name) {
  4598. pr_err("failed to get the app name\n");
  4599. return -EINVAL;
  4600. }
  4601. if (strnlen(app_name, MAX_APP_NAME_SIZE) == MAX_APP_NAME_SIZE) {
  4602. pr_err("The app_name (%s) with length %zu is not valid\n",
  4603. app_name, strnlen(app_name, MAX_APP_NAME_SIZE));
  4604. return -EINVAL;
  4605. }
  4606. *handle = kzalloc(sizeof(struct qseecom_handle), GFP_KERNEL);
  4607. if (!(*handle))
  4608. return -ENOMEM;
  4609. data = kzalloc(sizeof(*data), GFP_KERNEL);
  4610. if (!data) {
  4611. kfree(*handle);
  4612. *handle = NULL;
  4613. return -ENOMEM;
  4614. }
  4615. mutex_lock(&app_access_lock);
  4616. data->abort = 0;
  4617. data->type = QSEECOM_CLIENT_APP;
  4618. data->released = false;
  4619. data->client.sb_length = size;
  4620. data->client.user_virt_sb_base = 0;
  4621. data->sglistinfo_ptr = (struct sglist_info *)__qseecom_alloc_tzbuf(
  4622. sizeof(struct sglist_info) * MAX_ION_FD,
  4623. &data->sglistinfo_shm.paddr,
  4624. &data->sglistinfo_shm);
  4625. if (!data->sglistinfo_ptr) {
  4626. ret = -ENOMEM;
  4627. goto err;
  4628. }
  4629. init_waitqueue_head(&data->abort_wq);
  4630. app_ireq.qsee_cmd_id = QSEOS_APP_LOOKUP_COMMAND;
  4631. strlcpy(app_ireq.app_name, app_name, MAX_APP_NAME_SIZE);
  4632. ret = __qseecom_check_app_exists(app_ireq, &app_id);
  4633. if (ret)
  4634. goto err;
  4635. strlcpy(data->client.app_name, app_name, MAX_APP_NAME_SIZE);
  4636. if (app_id) {
  4637. pr_warn("App id %d for [%s] app exists\n", app_id,
  4638. (char *)app_ireq.app_name);
  4639. spin_lock_irqsave(&qseecom.registered_app_list_lock, flags);
  4640. list_for_each_entry(entry,
  4641. &qseecom.registered_app_list_head, list){
  4642. if (entry->app_id == app_id) {
  4643. if (entry->ref_cnt == U32_MAX) {
  4644. pr_err("App %d (%s) ref_cnt overflow\n",
  4645. app_id, app_ireq.app_name);
  4646. ret = -EINVAL;
  4647. goto err;
  4648. }
  4649. entry->ref_cnt++;
  4650. found_app = true;
  4651. break;
  4652. }
  4653. }
  4654. spin_unlock_irqrestore(
  4655. &qseecom.registered_app_list_lock, flags);
  4656. if (!found_app)
  4657. pr_warn("App_id %d [%s] was loaded but not registered\n",
  4658. ret, (char *)app_ireq.app_name);
  4659. } else {
  4660. /* load the app and get the app_id */
  4661. pr_debug("%s: Loading app for the first time'\n",
  4662. qseecom.pdev->init_name);
  4663. ret = __qseecom_load_fw(data, app_name, &app_id);
  4664. if (ret < 0)
  4665. goto err;
  4666. }
  4667. data->client.app_id = app_id;
  4668. if (!found_app) {
  4669. entry = kmalloc(sizeof(*entry), GFP_KERNEL);
  4670. if (!entry) {
  4671. ret = -ENOMEM;
  4672. goto err;
  4673. }
  4674. entry->app_id = app_id;
  4675. entry->ref_cnt = 1;
  4676. strlcpy(entry->app_name, app_name, MAX_APP_NAME_SIZE);
  4677. if (__qseecom_get_fw_size(app_name, &fw_size, &app_arch)) {
  4678. ret = -EIO;
  4679. kfree(entry);
  4680. goto err;
  4681. }
  4682. entry->app_arch = app_arch;
  4683. entry->app_blocked = false;
  4684. entry->blocked_on_listener_id = 0;
  4685. entry->check_block = 0;
  4686. spin_lock_irqsave(&qseecom.registered_app_list_lock, flags);
  4687. list_add_tail(&entry->list, &qseecom.registered_app_list_head);
  4688. spin_unlock_irqrestore(&qseecom.registered_app_list_lock,
  4689. flags);
  4690. }
  4691. /* Get the physical address of the req/resp buffer */
  4692. ret = __qseecom_alloc_coherent_buf(size, &va, &pa);
  4693. if (ret) {
  4694. pr_err("Cannot get phys_addr for the Ion Client, ret = %d\n",
  4695. ret);
  4696. goto err;
  4697. }
  4698. /* Populate the structure for sending scm call to load image */
  4699. data->client.sb_virt = va;
  4700. data->client.user_virt_sb_base = (uintptr_t)data->client.sb_virt;
  4701. data->client.sb_phys = (phys_addr_t)pa;
  4702. (*handle)->dev = (void *)data;
  4703. (*handle)->sbuf = (unsigned char *)data->client.sb_virt;
  4704. (*handle)->sbuf_len = data->client.sb_length;
  4705. kclient_entry = kzalloc(sizeof(*kclient_entry), GFP_KERNEL);
  4706. if (!kclient_entry) {
  4707. ret = -ENOMEM;
  4708. goto err;
  4709. }
  4710. kclient_entry->handle = *handle;
  4711. spin_lock_irqsave(&qseecom.registered_kclient_list_lock, flags);
  4712. list_add_tail(&kclient_entry->list,
  4713. &qseecom.registered_kclient_list_head);
  4714. spin_unlock_irqrestore(&qseecom.registered_kclient_list_lock, flags);
  4715. mutex_unlock(&app_access_lock);
  4716. __wakeup_unload_app_kthread();
  4717. return 0;
  4718. err:
  4719. __qseecom_free_coherent_buf(size, va, pa);
  4720. __qseecom_free_tzbuf(&data->sglistinfo_shm);
  4721. kfree(data);
  4722. kfree(*handle);
  4723. *handle = NULL;
  4724. mutex_unlock(&app_access_lock);
  4725. __wakeup_unload_app_kthread();
  4726. return ret;
  4727. }
  4728. static int __qseecom_shutdown_app(struct qseecom_handle **handle)
  4729. {
  4730. int ret = -EINVAL;
  4731. struct qseecom_dev_handle *data;
  4732. struct qseecom_registered_kclient_list *kclient = NULL;
  4733. unsigned long flags = 0;
  4734. bool found_handle = false;
  4735. __wakeup_unregister_listener_kthread();
  4736. __wakeup_unload_app_kthread();
  4737. if (atomic_read(&qseecom.qseecom_state) != QSEECOM_STATE_READY) {
  4738. pr_err("Not allowed to be called in %d state\n",
  4739. atomic_read(&qseecom.qseecom_state));
  4740. return -EPERM;
  4741. }
  4742. if ((handle == NULL) || (*handle == NULL)) {
  4743. pr_err("Handle is not initialized\n");
  4744. return -EINVAL;
  4745. }
  4746. data = (struct qseecom_dev_handle *) ((*handle)->dev);
  4747. mutex_lock(&app_access_lock);
  4748. spin_lock_irqsave(&qseecom.registered_kclient_list_lock, flags);
  4749. list_for_each_entry(kclient, &qseecom.registered_kclient_list_head,
  4750. list) {
  4751. if (kclient->handle == (*handle)) {
  4752. list_del(&kclient->list);
  4753. found_handle = true;
  4754. break;
  4755. }
  4756. }
  4757. spin_unlock_irqrestore(&qseecom.registered_kclient_list_lock, flags);
  4758. if (!found_handle)
  4759. pr_err("Unable to find the handle, exiting\n");
  4760. else
  4761. ret = qseecom_unload_app(data, false);
  4762. mutex_unlock(&app_access_lock);
  4763. if (ret == 0) {
  4764. if (data->client.sb_virt)
  4765. __qseecom_free_coherent_buf(data->client.sb_length,
  4766. data->client.sb_virt, data->client.sb_phys);
  4767. __qseecom_free_tzbuf(&data->sglistinfo_shm);
  4768. kfree_sensitive(data);
  4769. kfree_sensitive(*handle);
  4770. kfree_sensitive(kclient);
  4771. *handle = NULL;
  4772. }
  4773. __wakeup_unload_app_kthread();
  4774. return ret;
  4775. }
  4776. static int __qseecom_send_command(struct qseecom_handle *handle, void *send_buf,
  4777. uint32_t sbuf_len, void *resp_buf, uint32_t rbuf_len)
  4778. {
  4779. int ret = 0;
  4780. struct qseecom_send_cmd_req req = {NULL, 0, NULL, 0};
  4781. struct qseecom_dev_handle *data;
  4782. bool perf_enabled = false;
  4783. __wakeup_unregister_listener_kthread();
  4784. __wakeup_unload_app_kthread();
  4785. if (atomic_read(&qseecom.qseecom_state) != QSEECOM_STATE_READY) {
  4786. pr_err("Not allowed to be called in %d state\n",
  4787. atomic_read(&qseecom.qseecom_state));
  4788. return -EPERM;
  4789. }
  4790. if (handle == NULL) {
  4791. pr_err("Handle is not initialized\n");
  4792. return -EINVAL;
  4793. }
  4794. data = handle->dev;
  4795. req.cmd_req_len = sbuf_len;
  4796. req.resp_len = rbuf_len;
  4797. req.cmd_req_buf = send_buf;
  4798. req.resp_buf = resp_buf;
  4799. if (__validate_send_cmd_inputs(data, &req))
  4800. return -EINVAL;
  4801. mutex_lock(&app_access_lock);
  4802. if (qseecom.support_bus_scaling) {
  4803. ret = qseecom_scale_bus_bandwidth_timer(INACTIVE);
  4804. if (ret) {
  4805. pr_err("Failed to set bw.\n");
  4806. mutex_unlock(&app_access_lock);
  4807. return ret;
  4808. }
  4809. }
  4810. /*
  4811. * On targets where crypto clock is handled by HLOS,
  4812. * if clk_access_cnt is zero and perf_enabled is false,
  4813. * then the crypto clock was not enabled before sending cmd
  4814. * to tz, qseecom will enable the clock to avoid service failure.
  4815. */
  4816. if (!qseecom.no_clock_support &&
  4817. !qseecom.qsee.clk_access_cnt && !data->perf_enabled) {
  4818. pr_debug("ce clock is not enabled!\n");
  4819. ret = qseecom_perf_enable(data);
  4820. if (ret) {
  4821. pr_err("Failed to vote for clock with err %d\n",
  4822. ret);
  4823. mutex_unlock(&app_access_lock);
  4824. return -EINVAL;
  4825. }
  4826. perf_enabled = true;
  4827. }
  4828. if (!strcmp(data->client.app_name, "securemm"))
  4829. data->use_legacy_cmd = true;
  4830. ret = __qseecom_send_cmd(data, &req, false);
  4831. data->use_legacy_cmd = false;
  4832. if (qseecom.support_bus_scaling)
  4833. __qseecom_add_bw_scale_down_timer(
  4834. QSEECOM_SEND_CMD_CRYPTO_TIMEOUT);
  4835. if (perf_enabled) {
  4836. qsee_disable_clock_vote(data, CLK_DFAB);
  4837. qsee_disable_clock_vote(data, CLK_SFPB);
  4838. }
  4839. mutex_unlock(&app_access_lock);
  4840. if (ret)
  4841. return ret;
  4842. pr_debug("sending cmd_req->rsp size: %u, ptr: 0x%pK\n",
  4843. req.resp_len, req.resp_buf);
  4844. return ret;
  4845. }
  4846. #if IS_ENABLED(CONFIG_QSEECOM)
  4847. #if IS_ENABLED(CONFIG_QSEECOM_PROXY)
  4848. const static struct qseecom_drv_ops qseecom_driver_ops = {
  4849. .qseecom_send_command = __qseecom_send_command,
  4850. .qseecom_start_app = __qseecom_start_app,
  4851. .qseecom_shutdown_app = __qseecom_shutdown_app,
  4852. };
  4853. int get_qseecom_kernel_fun_ops(void)
  4854. {
  4855. return provide_qseecom_kernel_fun_ops(&qseecom_driver_ops);
  4856. }
  4857. #else
  4858. int qseecom_start_app(struct qseecom_handle **handle,
  4859. char *app_name, uint32_t size)
  4860. {
  4861. return __qseecom_start_app(handle, app_name, size);
  4862. }
  4863. EXPORT_SYMBOL(qseecom_start_app);
  4864. int qseecom_shutdown_app(struct qseecom_handle **handle)
  4865. {
  4866. return __qseecom_shutdown_app(handle);
  4867. }
  4868. EXPORT_SYMBOL(qseecom_shutdown_app);
  4869. int qseecom_send_command(struct qseecom_handle *handle, void *send_buf,
  4870. uint32_t sbuf_len, void *resp_buf, uint32_t rbuf_len)
  4871. {
  4872. return __qseecom_send_command(handle, send_buf, sbuf_len,
  4873. resp_buf, rbuf_len);
  4874. }
  4875. EXPORT_SYMBOL(qseecom_send_command);
  4876. #endif
  4877. #endif
  4878. int qseecom_set_bandwidth(struct qseecom_handle *handle, bool high)
  4879. {
  4880. int ret = 0;
  4881. if ((handle == NULL) || (handle->dev == NULL)) {
  4882. pr_err("No valid kernel client\n");
  4883. return -EINVAL;
  4884. }
  4885. if (high) {
  4886. if (qseecom.support_bus_scaling) {
  4887. mutex_lock(&qsee_bw_mutex);
  4888. __qseecom_register_bus_bandwidth_needs(handle->dev,
  4889. HIGH);
  4890. mutex_unlock(&qsee_bw_mutex);
  4891. } else {
  4892. ret = qseecom_perf_enable(handle->dev);
  4893. if (ret)
  4894. pr_err("Failed to vote for clock with err %d\n",
  4895. ret);
  4896. }
  4897. } else {
  4898. if (!qseecom.support_bus_scaling) {
  4899. qsee_disable_clock_vote(handle->dev, CLK_DFAB);
  4900. qsee_disable_clock_vote(handle->dev, CLK_SFPB);
  4901. } else {
  4902. mutex_lock(&qsee_bw_mutex);
  4903. qseecom_unregister_bus_bandwidth_needs(handle->dev);
  4904. mutex_unlock(&qsee_bw_mutex);
  4905. }
  4906. }
  4907. return ret;
  4908. }
  4909. EXPORT_SYMBOL(qseecom_set_bandwidth);
  4910. int qseecom_process_listener_from_smcinvoke(uint32_t *result,
  4911. u64 *response_type, unsigned int *data)
  4912. {
  4913. struct qseecom_registered_app_list dummy_app_entry;
  4914. struct qseecom_dev_handle dummy_private_data = {0};
  4915. struct qseecom_command_scm_resp resp;
  4916. int ret = 0;
  4917. if (!result || !response_type || !data) {
  4918. pr_err("input parameter NULL\n");
  4919. return -EINVAL;
  4920. }
  4921. memset((void *)&dummy_app_entry, 0, sizeof(dummy_app_entry));
  4922. /*
  4923. * smcinvoke expects result in scm call resp.ret[1] and type in ret[0],
  4924. * while qseecom expects result in ret[0] and type in ret[1].
  4925. * To simplify API interface and code changes in smcinvoke, here
  4926. * internally switch result and resp_type to let qseecom work with
  4927. * smcinvoke and upstream scm driver protocol.
  4928. */
  4929. resp.result = *response_type;
  4930. resp.resp_type = *result;
  4931. resp.data = *data;
  4932. dummy_private_data.client.app_id = *response_type;
  4933. dummy_private_data.client.from_smcinvoke = true;
  4934. dummy_app_entry.app_id = *response_type;
  4935. mutex_lock(&app_access_lock);
  4936. if (qseecom.qsee_reentrancy_support)
  4937. ret = __qseecom_process_reentrancy(&resp, &dummy_app_entry,
  4938. &dummy_private_data);
  4939. else
  4940. ret = __qseecom_process_incomplete_cmd(&dummy_private_data,
  4941. &resp);
  4942. mutex_unlock(&app_access_lock);
  4943. if (ret)
  4944. pr_err("Failed on cmd %d for lsnr %d session %d, ret = %d\n",
  4945. resp.result, resp.data, resp.resp_type, ret);
  4946. *result = resp.resp_type;
  4947. *response_type = resp.result;
  4948. *data = resp.data;
  4949. return ret;
  4950. }
  4951. EXPORT_SYMBOL(qseecom_process_listener_from_smcinvoke);
  4952. #endif
  4953. static int qseecom_send_resp(void)
  4954. {
  4955. qseecom.send_resp_flag = 1;
  4956. wake_up_interruptible(&qseecom.send_resp_wq);
  4957. return 0;
  4958. }
  4959. static int qseecom_reentrancy_send_resp(struct qseecom_dev_handle *data)
  4960. {
  4961. struct qseecom_registered_listener_list *this_lstnr = NULL;
  4962. pr_debug("lstnr %d send resp, wakeup\n", data->listener.id);
  4963. this_lstnr = __qseecom_find_svc(data->listener.id);
  4964. if (this_lstnr == NULL)
  4965. return -EINVAL;
  4966. qseecom.send_resp_flag = 1;
  4967. this_lstnr->send_resp_flag = 1;
  4968. wake_up_interruptible(&qseecom.send_resp_wq);
  4969. return 0;
  4970. }
  4971. static int __validate_send_modfd_resp_inputs(struct qseecom_dev_handle *data,
  4972. struct qseecom_send_modfd_listener_resp *resp,
  4973. struct qseecom_registered_listener_list *this_lstnr)
  4974. {
  4975. int i;
  4976. if (!data || !resp || !this_lstnr) {
  4977. pr_err("listener handle or resp msg is null\n");
  4978. return -EINVAL;
  4979. }
  4980. if (resp->resp_buf_ptr == NULL) {
  4981. pr_err("resp buffer is null\n");
  4982. return -EINVAL;
  4983. }
  4984. /* validate resp buf length */
  4985. if ((resp->resp_len == 0) ||
  4986. (resp->resp_len > this_lstnr->sb_length)) {
  4987. pr_err("resp buf length %d not valid\n", resp->resp_len);
  4988. return -EINVAL;
  4989. }
  4990. if ((uintptr_t)resp->resp_buf_ptr > (ULONG_MAX - resp->resp_len)) {
  4991. pr_err("Integer overflow in resp_len & resp_buf\n");
  4992. return -EINVAL;
  4993. }
  4994. if ((uintptr_t)this_lstnr->user_virt_sb_base >
  4995. (ULONG_MAX - this_lstnr->sb_length)) {
  4996. pr_err("Integer overflow in user_virt_sb_base & sb_length\n");
  4997. return -EINVAL;
  4998. }
  4999. /* validate resp buf */
  5000. if (((uintptr_t)resp->resp_buf_ptr <
  5001. (uintptr_t)this_lstnr->user_virt_sb_base) ||
  5002. ((uintptr_t)resp->resp_buf_ptr >=
  5003. ((uintptr_t)this_lstnr->user_virt_sb_base +
  5004. this_lstnr->sb_length)) ||
  5005. (((uintptr_t)resp->resp_buf_ptr + resp->resp_len) >
  5006. ((uintptr_t)this_lstnr->user_virt_sb_base +
  5007. this_lstnr->sb_length))) {
  5008. pr_err("resp buf is out of shared buffer region\n");
  5009. return -EINVAL;
  5010. }
  5011. /* validate offsets */
  5012. for (i = 0; i < MAX_ION_FD; i++) {
  5013. if (resp->ifd_data[i].cmd_buf_offset >= resp->resp_len) {
  5014. pr_err("Invalid offset %d = 0x%x\n",
  5015. i, resp->ifd_data[i].cmd_buf_offset);
  5016. return -EINVAL;
  5017. }
  5018. }
  5019. return 0;
  5020. }
  5021. static int __qseecom_send_modfd_resp(struct qseecom_dev_handle *data,
  5022. void __user *argp, bool is_64bit_addr)
  5023. {
  5024. struct qseecom_send_modfd_listener_resp resp;
  5025. struct qseecom_registered_listener_list *this_lstnr = NULL;
  5026. if (copy_from_user(&resp, argp, sizeof(resp))) {
  5027. pr_err("copy_from_user failed\n");
  5028. return -EINVAL;
  5029. }
  5030. this_lstnr = __qseecom_find_svc(data->listener.id);
  5031. if (this_lstnr == NULL)
  5032. return -EINVAL;
  5033. if (__validate_send_modfd_resp_inputs(data, &resp, this_lstnr))
  5034. return -EINVAL;
  5035. resp.resp_buf_ptr = this_lstnr->sb_virt +
  5036. (uintptr_t)(resp.resp_buf_ptr - this_lstnr->user_virt_sb_base);
  5037. if (!is_64bit_addr)
  5038. __qseecom_update_cmd_buf(&resp, false, data);
  5039. else
  5040. __qseecom_update_cmd_buf_64(&resp, false, data);
  5041. qseecom.send_resp_flag = 1;
  5042. this_lstnr->send_resp_flag = 1;
  5043. wake_up_interruptible(&qseecom.send_resp_wq);
  5044. return 0;
  5045. }
  5046. static int qseecom_send_modfd_resp(struct qseecom_dev_handle *data,
  5047. void __user *argp)
  5048. {
  5049. return __qseecom_send_modfd_resp(data, argp, false);
  5050. }
  5051. static int qseecom_send_modfd_resp_64(struct qseecom_dev_handle *data,
  5052. void __user *argp)
  5053. {
  5054. return __qseecom_send_modfd_resp(data, argp, true);
  5055. }
  5056. static int qseecom_get_qseos_version(struct qseecom_dev_handle *data,
  5057. void __user *argp)
  5058. {
  5059. struct qseecom_qseos_version_req req;
  5060. if (copy_from_user(&req, argp, sizeof(req))) {
  5061. pr_err("copy_from_user failed\n");
  5062. return -EINVAL;
  5063. }
  5064. req.qseos_version = qseecom.qseos_version;
  5065. if (copy_to_user(argp, &req, sizeof(req))) {
  5066. pr_err("copy_to_user failed\n");
  5067. return -EINVAL;
  5068. }
  5069. return 0;
  5070. }
  5071. static int __qseecom_enable_clk(enum qseecom_ce_hw_instance ce)
  5072. {
  5073. int rc = 0;
  5074. struct qseecom_clk *qclk = NULL;
  5075. if (qseecom.no_clock_support)
  5076. return 0;
  5077. if (ce == CLK_QSEE)
  5078. qclk = &qseecom.qsee;
  5079. if (ce == CLK_CE_DRV)
  5080. qclk = &qseecom.ce_drv;
  5081. if (qclk == NULL) {
  5082. pr_err("CLK type not supported\n");
  5083. return -EINVAL;
  5084. }
  5085. mutex_lock(&clk_access_lock);
  5086. if (qclk->clk_access_cnt == ULONG_MAX) {
  5087. pr_err("clk_access_cnt beyond limitation\n");
  5088. goto err;
  5089. }
  5090. if (qclk->clk_access_cnt > 0) {
  5091. qclk->clk_access_cnt++;
  5092. mutex_unlock(&clk_access_lock);
  5093. return rc;
  5094. }
  5095. /* Enable CE core clk */
  5096. if (qclk->ce_core_clk != NULL) {
  5097. rc = clk_prepare_enable(qclk->ce_core_clk);
  5098. if (rc) {
  5099. pr_err("Unable to enable/prepare CE core clk\n");
  5100. goto err;
  5101. }
  5102. }
  5103. /* Enable CE clk */
  5104. if (qclk->ce_clk != NULL) {
  5105. rc = clk_prepare_enable(qclk->ce_clk);
  5106. if (rc) {
  5107. pr_err("Unable to enable/prepare CE iface clk\n");
  5108. goto ce_clk_err;
  5109. }
  5110. }
  5111. /* Enable AXI clk */
  5112. if (qclk->ce_bus_clk != NULL) {
  5113. rc = clk_prepare_enable(qclk->ce_bus_clk);
  5114. if (rc) {
  5115. pr_err("Unable to enable/prepare CE bus clk\n");
  5116. goto ce_bus_clk_err;
  5117. }
  5118. }
  5119. qclk->clk_access_cnt++;
  5120. mutex_unlock(&clk_access_lock);
  5121. return 0;
  5122. ce_bus_clk_err:
  5123. if (qclk->ce_clk != NULL)
  5124. clk_disable_unprepare(qclk->ce_clk);
  5125. ce_clk_err:
  5126. if (qclk->ce_core_clk != NULL)
  5127. clk_disable_unprepare(qclk->ce_core_clk);
  5128. err:
  5129. mutex_unlock(&clk_access_lock);
  5130. return -EIO;
  5131. }
  5132. static void __qseecom_disable_clk(enum qseecom_ce_hw_instance ce)
  5133. {
  5134. struct qseecom_clk *qclk;
  5135. if (qseecom.no_clock_support)
  5136. return;
  5137. if (ce == CLK_QSEE)
  5138. qclk = &qseecom.qsee;
  5139. else
  5140. qclk = &qseecom.ce_drv;
  5141. mutex_lock(&clk_access_lock);
  5142. if (qclk->clk_access_cnt == 0) {
  5143. mutex_unlock(&clk_access_lock);
  5144. return;
  5145. }
  5146. if (qclk->clk_access_cnt == 1) {
  5147. if (qclk->ce_clk != NULL)
  5148. clk_disable_unprepare(qclk->ce_clk);
  5149. if (qclk->ce_core_clk != NULL)
  5150. clk_disable_unprepare(qclk->ce_core_clk);
  5151. if (qclk->ce_bus_clk != NULL)
  5152. clk_disable_unprepare(qclk->ce_bus_clk);
  5153. }
  5154. qclk->clk_access_cnt--;
  5155. mutex_unlock(&clk_access_lock);
  5156. }
  5157. static int qsee_vote_for_clock(struct qseecom_dev_handle *data,
  5158. int32_t clk_type)
  5159. {
  5160. int ret = 0;
  5161. struct qseecom_clk *qclk;
  5162. if (qseecom.no_clock_support)
  5163. return 0;
  5164. qclk = &qseecom.qsee;
  5165. if (!qseecom.qsee_perf_client)
  5166. return ret;
  5167. switch (clk_type) {
  5168. case CLK_DFAB:
  5169. mutex_lock(&qsee_bw_mutex);
  5170. if (!qseecom.qsee_bw_count) {
  5171. if (qseecom.qsee_sfpb_bw_count > 0)
  5172. ret = qseecom_bus_scale_update_request(
  5173. qseecom.qsee_perf_client, 3);
  5174. else {
  5175. if (qclk->ce_core_src_clk != NULL)
  5176. ret = __qseecom_enable_clk(CLK_QSEE);
  5177. if (!ret) {
  5178. ret =
  5179. qseecom_bus_scale_update_request(
  5180. qseecom.qsee_perf_client, 1);
  5181. if ((ret) &&
  5182. (qclk->ce_core_src_clk != NULL))
  5183. __qseecom_disable_clk(CLK_QSEE);
  5184. }
  5185. }
  5186. if (ret)
  5187. pr_err("DFAB Bandwidth req failed (%d)\n",
  5188. ret);
  5189. else {
  5190. qseecom.qsee_bw_count++;
  5191. data->perf_enabled = true;
  5192. }
  5193. } else {
  5194. qseecom.qsee_bw_count++;
  5195. data->perf_enabled = true;
  5196. }
  5197. mutex_unlock(&qsee_bw_mutex);
  5198. break;
  5199. case CLK_SFPB:
  5200. mutex_lock(&qsee_bw_mutex);
  5201. if (!qseecom.qsee_sfpb_bw_count) {
  5202. if (qseecom.qsee_bw_count > 0)
  5203. ret = qseecom_bus_scale_update_request(
  5204. qseecom.qsee_perf_client, 3);
  5205. else {
  5206. if (qclk->ce_core_src_clk != NULL)
  5207. ret = __qseecom_enable_clk(CLK_QSEE);
  5208. if (!ret) {
  5209. ret =
  5210. qseecom_bus_scale_update_request(
  5211. qseecom.qsee_perf_client, 2);
  5212. if ((ret) &&
  5213. (qclk->ce_core_src_clk != NULL))
  5214. __qseecom_disable_clk(CLK_QSEE);
  5215. }
  5216. }
  5217. if (ret)
  5218. pr_err("SFPB Bandwidth req failed (%d)\n",
  5219. ret);
  5220. else {
  5221. qseecom.qsee_sfpb_bw_count++;
  5222. data->fast_load_enabled = true;
  5223. }
  5224. } else {
  5225. qseecom.qsee_sfpb_bw_count++;
  5226. data->fast_load_enabled = true;
  5227. }
  5228. mutex_unlock(&qsee_bw_mutex);
  5229. break;
  5230. default:
  5231. pr_err("Clock type not defined\n");
  5232. break;
  5233. }
  5234. return ret;
  5235. }
  5236. static void qsee_disable_clock_vote(struct qseecom_dev_handle *data,
  5237. int32_t clk_type)
  5238. {
  5239. int32_t ret = 0;
  5240. struct qseecom_clk *qclk;
  5241. qclk = &qseecom.qsee;
  5242. if (qseecom.no_clock_support)
  5243. return;
  5244. if (!qseecom.qsee_perf_client)
  5245. return;
  5246. switch (clk_type) {
  5247. case CLK_DFAB:
  5248. mutex_lock(&qsee_bw_mutex);
  5249. if (qseecom.qsee_bw_count == 0) {
  5250. pr_err("Client error.Extra call to disable DFAB clk\n");
  5251. mutex_unlock(&qsee_bw_mutex);
  5252. return;
  5253. }
  5254. if (qseecom.qsee_bw_count == 1) {
  5255. if (qseecom.qsee_sfpb_bw_count > 0)
  5256. ret = qseecom_bus_scale_update_request(
  5257. qseecom.qsee_perf_client, 2);
  5258. else {
  5259. ret = qseecom_bus_scale_update_request(
  5260. qseecom.qsee_perf_client, 0);
  5261. if ((!ret) && (qclk->ce_core_src_clk != NULL))
  5262. __qseecom_disable_clk(CLK_QSEE);
  5263. }
  5264. if (ret)
  5265. pr_err("SFPB Bandwidth req fail (%d)\n",
  5266. ret);
  5267. else {
  5268. qseecom.qsee_bw_count--;
  5269. data->perf_enabled = false;
  5270. }
  5271. } else {
  5272. qseecom.qsee_bw_count--;
  5273. data->perf_enabled = false;
  5274. }
  5275. mutex_unlock(&qsee_bw_mutex);
  5276. break;
  5277. case CLK_SFPB:
  5278. mutex_lock(&qsee_bw_mutex);
  5279. if (qseecom.qsee_sfpb_bw_count == 0) {
  5280. pr_err("Client error.Extra call to disable SFPB clk\n");
  5281. mutex_unlock(&qsee_bw_mutex);
  5282. return;
  5283. }
  5284. if (qseecom.qsee_sfpb_bw_count == 1) {
  5285. if (qseecom.qsee_bw_count > 0)
  5286. ret = qseecom_bus_scale_update_request(
  5287. qseecom.qsee_perf_client, 1);
  5288. else {
  5289. ret = qseecom_bus_scale_update_request(
  5290. qseecom.qsee_perf_client, 0);
  5291. if ((!ret) && (qclk->ce_core_src_clk != NULL))
  5292. __qseecom_disable_clk(CLK_QSEE);
  5293. }
  5294. if (ret)
  5295. pr_err("SFPB Bandwidth req fail (%d)\n",
  5296. ret);
  5297. else {
  5298. qseecom.qsee_sfpb_bw_count--;
  5299. data->fast_load_enabled = false;
  5300. }
  5301. } else {
  5302. qseecom.qsee_sfpb_bw_count--;
  5303. data->fast_load_enabled = false;
  5304. }
  5305. mutex_unlock(&qsee_bw_mutex);
  5306. break;
  5307. default:
  5308. pr_err("Clock type not defined\n");
  5309. break;
  5310. }
  5311. }
  5312. static int qseecom_load_external_elf(struct qseecom_dev_handle *data,
  5313. void __user *argp)
  5314. {
  5315. struct qseecom_load_img_req load_img_req;
  5316. int uret = 0;
  5317. int ret = 0;
  5318. phys_addr_t pa = 0;
  5319. size_t len;
  5320. struct qseecom_load_app_ireq load_req;
  5321. struct qseecom_load_app_64bit_ireq load_req_64bit;
  5322. struct qseecom_command_scm_resp resp;
  5323. void *cmd_buf = NULL;
  5324. size_t cmd_len;
  5325. struct sg_table *sgt = NULL;
  5326. struct dma_buf_attachment *attach = NULL;
  5327. struct dma_buf *dmabuf = NULL;
  5328. void *va = NULL;
  5329. /* Copy the relevant information needed for loading the image */
  5330. if (copy_from_user(&load_img_req,
  5331. (void __user *)argp,
  5332. sizeof(struct qseecom_load_img_req))) {
  5333. pr_err("copy_from_user failed\n");
  5334. return -EFAULT;
  5335. }
  5336. /* Get the handle of the shared fd */
  5337. ret = qseecom_vaddr_map(load_img_req.ifd_data_fd, &pa, &va,
  5338. &sgt, &attach, &len, &dmabuf);
  5339. if (ret) {
  5340. pr_err("Failed to map vaddr for ion_fd %d\n",
  5341. load_img_req.ifd_data_fd);
  5342. return -ENOMEM;
  5343. }
  5344. if (load_img_req.mdt_len > len || load_img_req.img_len > len) {
  5345. pr_err("ion len %zu is smaller than mdt_len %u or img_len %u\n",
  5346. len, load_img_req.mdt_len,
  5347. load_img_req.img_len);
  5348. ret = -EINVAL;
  5349. goto exit_cpu_restore;
  5350. }
  5351. /* Populate the structure for sending scm call to load image */
  5352. if (qseecom.qsee_version < QSEE_VERSION_40) {
  5353. load_req.qsee_cmd_id = QSEOS_LOAD_EXTERNAL_ELF_COMMAND;
  5354. load_req.mdt_len = load_img_req.mdt_len;
  5355. load_req.img_len = load_img_req.img_len;
  5356. load_req.phy_addr = (uint32_t)pa;
  5357. cmd_buf = (void *)&load_req;
  5358. cmd_len = sizeof(struct qseecom_load_app_ireq);
  5359. } else {
  5360. load_req_64bit.qsee_cmd_id = QSEOS_LOAD_EXTERNAL_ELF_COMMAND;
  5361. load_req_64bit.mdt_len = load_img_req.mdt_len;
  5362. load_req_64bit.img_len = load_img_req.img_len;
  5363. load_req_64bit.phy_addr = (uint64_t)pa;
  5364. cmd_buf = (void *)&load_req_64bit;
  5365. cmd_len = sizeof(struct qseecom_load_app_64bit_ireq);
  5366. }
  5367. if (qseecom.support_bus_scaling) {
  5368. mutex_lock(&qsee_bw_mutex);
  5369. ret = __qseecom_register_bus_bandwidth_needs(data, MEDIUM);
  5370. mutex_unlock(&qsee_bw_mutex);
  5371. if (ret) {
  5372. ret = -EIO;
  5373. goto exit_cpu_restore;
  5374. }
  5375. }
  5376. /* Vote for the SFPB clock */
  5377. ret = __qseecom_enable_clk_scale_up(data);
  5378. if (ret) {
  5379. ret = -EIO;
  5380. goto exit_register_bus_bandwidth_needs;
  5381. }
  5382. ret = qseecom_dmabuf_cache_operations(dmabuf,
  5383. QSEECOM_CACHE_CLEAN);
  5384. if (ret) {
  5385. pr_err("cache operation failed %d\n", ret);
  5386. goto exit_disable_clock;
  5387. }
  5388. /* SCM_CALL to load the external elf */
  5389. ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1, cmd_buf, cmd_len,
  5390. &resp, sizeof(resp));
  5391. if (ret) {
  5392. pr_err("scm_call to load failed : ret %d\n",
  5393. ret);
  5394. ret = -EFAULT;
  5395. goto exit_disable_clock;
  5396. }
  5397. ret = qseecom_dmabuf_cache_operations(dmabuf,
  5398. QSEECOM_CACHE_INVALIDATE);
  5399. if (ret) {
  5400. pr_err("cache operation failed %d\n", ret);
  5401. goto exit_disable_clock;
  5402. }
  5403. switch (resp.result) {
  5404. case QSEOS_RESULT_SUCCESS:
  5405. break;
  5406. case QSEOS_RESULT_INCOMPLETE:
  5407. pr_err("%s: qseos result incomplete\n", __func__);
  5408. ret = __qseecom_process_incomplete_cmd(data, &resp);
  5409. if (ret)
  5410. pr_err("process_incomplete_cmd failed: err: %d\n", ret);
  5411. break;
  5412. case QSEOS_RESULT_FAILURE:
  5413. pr_err("scm_call rsp.result is QSEOS_RESULT_FAILURE\n");
  5414. ret = -EFAULT;
  5415. break;
  5416. default:
  5417. pr_err("scm_call response result %d not supported\n",
  5418. resp.result);
  5419. ret = -EFAULT;
  5420. break;
  5421. }
  5422. exit_disable_clock:
  5423. __qseecom_disable_clk_scale_down(data);
  5424. exit_register_bus_bandwidth_needs:
  5425. if (qseecom.support_bus_scaling) {
  5426. mutex_lock(&qsee_bw_mutex);
  5427. uret = qseecom_unregister_bus_bandwidth_needs(data);
  5428. mutex_unlock(&qsee_bw_mutex);
  5429. if (uret)
  5430. pr_err("Failed to unregister bus bw needs %d, scm_call ret %d\n",
  5431. uret, ret);
  5432. }
  5433. exit_cpu_restore:
  5434. if (dmabuf) {
  5435. qseecom_vaddr_unmap(va, sgt, attach, dmabuf);
  5436. MAKE_NULL(sgt, attach, dmabuf);
  5437. }
  5438. return ret;
  5439. }
  5440. static int qseecom_unload_external_elf(struct qseecom_dev_handle *data)
  5441. {
  5442. int ret = 0;
  5443. struct qseecom_command_scm_resp resp;
  5444. struct qseecom_unload_app_ireq req;
  5445. /* unavailable client app */
  5446. data->type = QSEECOM_UNAVAILABLE_CLIENT_APP;
  5447. /* Populate the structure for sending scm call to unload image */
  5448. req.qsee_cmd_id = QSEOS_UNLOAD_EXTERNAL_ELF_COMMAND;
  5449. /* SCM_CALL to unload the external elf */
  5450. ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1, &req,
  5451. sizeof(struct qseecom_unload_app_ireq),
  5452. &resp, sizeof(resp));
  5453. if (ret) {
  5454. pr_err("scm_call to unload failed : ret %d\n",
  5455. ret);
  5456. ret = -EFAULT;
  5457. goto qseecom_unload_external_elf_scm_err;
  5458. }
  5459. if (resp.result == QSEOS_RESULT_INCOMPLETE) {
  5460. ret = __qseecom_process_incomplete_cmd(data, &resp);
  5461. if (ret)
  5462. pr_err("process_incomplete_cmd fail err: %d\n",
  5463. ret);
  5464. } else {
  5465. if (resp.result != QSEOS_RESULT_SUCCESS) {
  5466. pr_err("scm_call to unload image failed resp.result =%d\n",
  5467. resp.result);
  5468. ret = -EFAULT;
  5469. }
  5470. }
  5471. qseecom_unload_external_elf_scm_err:
  5472. return ret;
  5473. }
  5474. static int qseecom_query_app_loaded(struct qseecom_dev_handle *data,
  5475. void __user *argp)
  5476. {
  5477. int32_t ret = 0;
  5478. struct qseecom_qseos_app_load_query query_req = { {0} };
  5479. struct qseecom_check_app_ireq req;
  5480. struct qseecom_registered_app_list *entry = NULL;
  5481. unsigned long flags = 0;
  5482. uint32_t app_arch = 0, app_id = 0;
  5483. bool found_app = false;
  5484. /* Copy the relevant information needed for loading the image */
  5485. if (copy_from_user(&query_req, (void __user *)argp,
  5486. sizeof(struct qseecom_qseos_app_load_query))) {
  5487. pr_err("copy_from_user failed\n");
  5488. ret = -EFAULT;
  5489. goto exit_free;
  5490. }
  5491. req.qsee_cmd_id = QSEOS_APP_LOOKUP_COMMAND;
  5492. query_req.app_name[MAX_APP_NAME_SIZE-1] = '\0';
  5493. strlcpy(req.app_name, query_req.app_name, MAX_APP_NAME_SIZE);
  5494. ret = __qseecom_check_app_exists(req, &app_id);
  5495. if (ret) {
  5496. pr_err(" scm call to check if app is loaded failed\n");
  5497. goto exit_free;
  5498. }
  5499. if (app_id) {
  5500. pr_debug("App id %d (%s) already exists\n", app_id,
  5501. (char *)(req.app_name));
  5502. spin_lock_irqsave(&qseecom.registered_app_list_lock, flags);
  5503. list_for_each_entry(entry,
  5504. &qseecom.registered_app_list_head, list){
  5505. if (entry->app_id == app_id) {
  5506. app_arch = entry->app_arch;
  5507. if (entry->ref_cnt == U32_MAX) {
  5508. pr_err("App %d (%s) ref_cnt overflow\n",
  5509. app_id, req.app_name);
  5510. ret = -EINVAL;
  5511. spin_unlock_irqrestore(
  5512. &qseecom.registered_app_list_lock,
  5513. flags);
  5514. goto exit_free;
  5515. }
  5516. entry->ref_cnt++;
  5517. found_app = true;
  5518. break;
  5519. }
  5520. }
  5521. spin_unlock_irqrestore(
  5522. &qseecom.registered_app_list_lock, flags);
  5523. data->client.app_id = app_id;
  5524. query_req.app_id = app_id;
  5525. if (app_arch) {
  5526. data->client.app_arch = app_arch;
  5527. query_req.app_arch = app_arch;
  5528. } else {
  5529. data->client.app_arch = 0;
  5530. query_req.app_arch = 0;
  5531. }
  5532. strlcpy(data->client.app_name, query_req.app_name,
  5533. MAX_APP_NAME_SIZE);
  5534. /*
  5535. * If app was loaded by appsbl before and was not registered,
  5536. * regiser this app now.
  5537. */
  5538. if (!found_app) {
  5539. pr_debug("Register app %d [%s] which was loaded before\n",
  5540. ret, (char *)query_req.app_name);
  5541. entry = kmalloc(sizeof(*entry), GFP_KERNEL);
  5542. if (!entry) {
  5543. ret = -ENOMEM;
  5544. goto exit_free;
  5545. }
  5546. entry->app_id = app_id;
  5547. entry->ref_cnt = 1;
  5548. entry->app_arch = data->client.app_arch;
  5549. strlcpy(entry->app_name, data->client.app_name,
  5550. MAX_APP_NAME_SIZE);
  5551. entry->app_blocked = false;
  5552. entry->blocked_on_listener_id = 0;
  5553. entry->check_block = 0;
  5554. spin_lock_irqsave(&qseecom.registered_app_list_lock,
  5555. flags);
  5556. list_add_tail(&entry->list,
  5557. &qseecom.registered_app_list_head);
  5558. spin_unlock_irqrestore(
  5559. &qseecom.registered_app_list_lock, flags);
  5560. }
  5561. if (copy_to_user(argp, &query_req, sizeof(query_req))) {
  5562. pr_err("copy_to_user failed\n");
  5563. ret = -EFAULT;
  5564. goto exit_free;
  5565. }
  5566. ret = -EEXIST; /* app already loaded */
  5567. goto exit_free;
  5568. }
  5569. exit_free:
  5570. return ret; /* app not loaded */
  5571. }
  5572. static int __qseecom_get_ce_pipe_info(
  5573. enum qseecom_key_management_usage_type usage,
  5574. uint32_t *pipe, uint32_t **ce_hw, uint32_t unit)
  5575. {
  5576. int ret = -EINVAL;
  5577. int i, j;
  5578. struct qseecom_ce_info_use *p = NULL;
  5579. int total = 0;
  5580. struct qseecom_ce_pipe_entry *pcepipe;
  5581. switch (usage) {
  5582. case QSEOS_KM_USAGE_DISK_ENCRYPTION:
  5583. case QSEOS_KM_USAGE_UFS_ICE_DISK_ENCRYPTION:
  5584. case QSEOS_KM_USAGE_SDCC_ICE_DISK_ENCRYPTION:
  5585. if (qseecom.support_fde) {
  5586. p = qseecom.ce_info.fde;
  5587. total = qseecom.ce_info.num_fde;
  5588. } else {
  5589. pr_err("system does not support fde\n");
  5590. return -EINVAL;
  5591. }
  5592. break;
  5593. case QSEOS_KM_USAGE_FILE_ENCRYPTION:
  5594. if (qseecom.support_pfe) {
  5595. p = qseecom.ce_info.pfe;
  5596. total = qseecom.ce_info.num_pfe;
  5597. } else {
  5598. pr_err("system does not support pfe\n");
  5599. return -EINVAL;
  5600. }
  5601. break;
  5602. default:
  5603. pr_err("unsupported usage %d\n", usage);
  5604. return -EINVAL;
  5605. }
  5606. for (j = 0; j < total; j++) {
  5607. if (p->unit_num == unit) {
  5608. pcepipe = p->ce_pipe_entry;
  5609. for (i = 0; i < p->num_ce_pipe_entries; i++) {
  5610. (*ce_hw)[i] = pcepipe->ce_num;
  5611. *pipe = pcepipe->ce_pipe_pair;
  5612. pcepipe++;
  5613. }
  5614. ret = 0;
  5615. break;
  5616. }
  5617. p++;
  5618. }
  5619. return ret;
  5620. }
  5621. static int __qseecom_generate_and_save_key(struct qseecom_dev_handle *data,
  5622. enum qseecom_key_management_usage_type usage,
  5623. struct qseecom_key_generate_ireq *ireq)
  5624. {
  5625. struct qseecom_command_scm_resp resp;
  5626. int ret;
  5627. if (usage < QSEOS_KM_USAGE_DISK_ENCRYPTION ||
  5628. usage >= QSEOS_KM_USAGE_MAX) {
  5629. pr_err("Error:: unsupported usage %d\n", usage);
  5630. return -EFAULT;
  5631. }
  5632. ret = __qseecom_enable_clk(CLK_QSEE);
  5633. if (ret)
  5634. return ret;
  5635. ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1,
  5636. ireq, sizeof(struct qseecom_key_generate_ireq),
  5637. &resp, sizeof(resp));
  5638. if (ret) {
  5639. if (ret == -EINVAL &&
  5640. resp.result == QSEOS_RESULT_FAIL_KEY_ID_EXISTS) {
  5641. pr_debug("Key ID exists.\n");
  5642. ret = 0;
  5643. } else {
  5644. pr_err("scm call to generate key failed : %d\n", ret);
  5645. ret = -EFAULT;
  5646. }
  5647. goto generate_key_exit;
  5648. }
  5649. switch (resp.result) {
  5650. case QSEOS_RESULT_SUCCESS:
  5651. break;
  5652. case QSEOS_RESULT_FAIL_KEY_ID_EXISTS:
  5653. pr_debug("Key ID exists.\n");
  5654. break;
  5655. case QSEOS_RESULT_INCOMPLETE:
  5656. ret = __qseecom_process_incomplete_cmd(data, &resp);
  5657. if (ret) {
  5658. if (resp.result == QSEOS_RESULT_FAIL_KEY_ID_EXISTS) {
  5659. pr_debug("Key ID exists.\n");
  5660. ret = 0;
  5661. } else {
  5662. pr_err("process_incomplete_cmd FAILED, resp.result %d\n",
  5663. resp.result);
  5664. }
  5665. }
  5666. break;
  5667. case QSEOS_RESULT_FAILURE:
  5668. default:
  5669. pr_err("gen key scm call failed resp.result %d\n", resp.result);
  5670. ret = -EINVAL;
  5671. break;
  5672. }
  5673. generate_key_exit:
  5674. __qseecom_disable_clk(CLK_QSEE);
  5675. return ret;
  5676. }
  5677. static int __qseecom_delete_saved_key(struct qseecom_dev_handle *data,
  5678. enum qseecom_key_management_usage_type usage,
  5679. struct qseecom_key_delete_ireq *ireq)
  5680. {
  5681. struct qseecom_command_scm_resp resp;
  5682. int ret;
  5683. if (usage < QSEOS_KM_USAGE_DISK_ENCRYPTION ||
  5684. usage >= QSEOS_KM_USAGE_MAX) {
  5685. pr_err("Error:: unsupported usage %d\n", usage);
  5686. return -EFAULT;
  5687. }
  5688. ret = __qseecom_enable_clk(CLK_QSEE);
  5689. if (ret)
  5690. return ret;
  5691. ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1,
  5692. ireq, sizeof(struct qseecom_key_delete_ireq),
  5693. &resp, sizeof(struct qseecom_command_scm_resp));
  5694. if (ret) {
  5695. if (ret == -EINVAL &&
  5696. resp.result == QSEOS_RESULT_FAIL_MAX_ATTEMPT) {
  5697. pr_debug("Max attempts to input password reached.\n");
  5698. ret = -ERANGE;
  5699. } else {
  5700. pr_err("scm call to delete key failed : %d\n", ret);
  5701. ret = -EFAULT;
  5702. }
  5703. goto del_key_exit;
  5704. }
  5705. switch (resp.result) {
  5706. case QSEOS_RESULT_SUCCESS:
  5707. break;
  5708. case QSEOS_RESULT_INCOMPLETE:
  5709. ret = __qseecom_process_incomplete_cmd(data, &resp);
  5710. if (ret) {
  5711. pr_err("process_incomplete_cmd FAILED, resp.result %d\n",
  5712. resp.result);
  5713. if (resp.result == QSEOS_RESULT_FAIL_MAX_ATTEMPT) {
  5714. pr_debug("Max attempts to input password reached.\n");
  5715. ret = -ERANGE;
  5716. }
  5717. }
  5718. break;
  5719. case QSEOS_RESULT_FAIL_MAX_ATTEMPT:
  5720. pr_debug("Max attempts to input password reached.\n");
  5721. ret = -ERANGE;
  5722. break;
  5723. case QSEOS_RESULT_FAILURE:
  5724. default:
  5725. pr_err("Delete key scm call failed resp.result %d\n",
  5726. resp.result);
  5727. ret = -EINVAL;
  5728. break;
  5729. }
  5730. del_key_exit:
  5731. __qseecom_disable_clk(CLK_QSEE);
  5732. return ret;
  5733. }
  5734. static int __qseecom_set_clear_ce_key(struct qseecom_dev_handle *data,
  5735. enum qseecom_key_management_usage_type usage,
  5736. struct qseecom_key_select_ireq *ireq)
  5737. {
  5738. struct qseecom_command_scm_resp resp;
  5739. int ret;
  5740. if (usage < QSEOS_KM_USAGE_DISK_ENCRYPTION ||
  5741. usage >= QSEOS_KM_USAGE_MAX) {
  5742. pr_err("Error:: unsupported usage %d\n", usage);
  5743. return -EFAULT;
  5744. }
  5745. ret = __qseecom_enable_clk(CLK_QSEE);
  5746. if (ret)
  5747. return ret;
  5748. if (qseecom.qsee.instance != qseecom.ce_drv.instance) {
  5749. ret = __qseecom_enable_clk(CLK_CE_DRV);
  5750. if (ret)
  5751. return ret;
  5752. }
  5753. ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1,
  5754. ireq, sizeof(struct qseecom_key_select_ireq),
  5755. &resp, sizeof(struct qseecom_command_scm_resp));
  5756. if (ret) {
  5757. if (ret == -EINVAL &&
  5758. resp.result == QSEOS_RESULT_FAIL_MAX_ATTEMPT) {
  5759. pr_debug("Max attempts to input password reached.\n");
  5760. ret = -ERANGE;
  5761. } else if (ret == -EINVAL &&
  5762. resp.result == QSEOS_RESULT_FAIL_PENDING_OPERATION) {
  5763. pr_debug("Set Key operation under processing...\n");
  5764. ret = QSEOS_RESULT_FAIL_PENDING_OPERATION;
  5765. } else {
  5766. pr_err("scm call to set QSEOS_PIPE_ENC key failed : %d\n",
  5767. ret);
  5768. ret = -EFAULT;
  5769. }
  5770. goto set_key_exit;
  5771. }
  5772. switch (resp.result) {
  5773. case QSEOS_RESULT_SUCCESS:
  5774. break;
  5775. case QSEOS_RESULT_INCOMPLETE:
  5776. ret = __qseecom_process_incomplete_cmd(data, &resp);
  5777. if (ret) {
  5778. pr_err("process_incomplete_cmd FAILED, resp.result %d\n",
  5779. resp.result);
  5780. if (resp.result ==
  5781. QSEOS_RESULT_FAIL_PENDING_OPERATION) {
  5782. pr_debug("Set Key operation under processing...\n");
  5783. ret = QSEOS_RESULT_FAIL_PENDING_OPERATION;
  5784. }
  5785. if (resp.result == QSEOS_RESULT_FAIL_MAX_ATTEMPT) {
  5786. pr_debug("Max attempts to input password reached.\n");
  5787. ret = -ERANGE;
  5788. }
  5789. }
  5790. break;
  5791. case QSEOS_RESULT_FAIL_MAX_ATTEMPT:
  5792. pr_debug("Max attempts to input password reached.\n");
  5793. ret = -ERANGE;
  5794. break;
  5795. case QSEOS_RESULT_FAIL_PENDING_OPERATION:
  5796. pr_debug("Set Key operation under processing...\n");
  5797. ret = QSEOS_RESULT_FAIL_PENDING_OPERATION;
  5798. break;
  5799. case QSEOS_RESULT_FAILURE:
  5800. default:
  5801. pr_err("Set key scm call failed resp.result %d\n", resp.result);
  5802. ret = -EINVAL;
  5803. break;
  5804. }
  5805. set_key_exit:
  5806. __qseecom_disable_clk(CLK_QSEE);
  5807. if (qseecom.qsee.instance != qseecom.ce_drv.instance)
  5808. __qseecom_disable_clk(CLK_CE_DRV);
  5809. return ret;
  5810. }
  5811. static int __qseecom_update_current_key_user_info(
  5812. struct qseecom_dev_handle *data,
  5813. enum qseecom_key_management_usage_type usage,
  5814. struct qseecom_key_userinfo_update_ireq *ireq)
  5815. {
  5816. struct qseecom_command_scm_resp resp;
  5817. int ret;
  5818. if (usage < QSEOS_KM_USAGE_DISK_ENCRYPTION ||
  5819. usage >= QSEOS_KM_USAGE_MAX) {
  5820. pr_err("Error:: unsupported usage %d\n", usage);
  5821. return -EFAULT;
  5822. }
  5823. ret = __qseecom_enable_clk(CLK_QSEE);
  5824. if (ret)
  5825. return ret;
  5826. ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1,
  5827. ireq, sizeof(struct qseecom_key_userinfo_update_ireq),
  5828. &resp, sizeof(struct qseecom_command_scm_resp));
  5829. if (ret) {
  5830. if (ret == -EINVAL &&
  5831. resp.result == QSEOS_RESULT_FAIL_PENDING_OPERATION) {
  5832. pr_debug("Set Key operation under processing...\n");
  5833. ret = QSEOS_RESULT_FAIL_PENDING_OPERATION;
  5834. } else {
  5835. pr_err("scm call to update key userinfo failed: %d\n",
  5836. ret);
  5837. __qseecom_disable_clk(CLK_QSEE);
  5838. return -EFAULT;
  5839. }
  5840. }
  5841. switch (resp.result) {
  5842. case QSEOS_RESULT_SUCCESS:
  5843. break;
  5844. case QSEOS_RESULT_INCOMPLETE:
  5845. ret = __qseecom_process_incomplete_cmd(data, &resp);
  5846. if (resp.result ==
  5847. QSEOS_RESULT_FAIL_PENDING_OPERATION) {
  5848. pr_debug("Set Key operation under processing...\n");
  5849. ret = QSEOS_RESULT_FAIL_PENDING_OPERATION;
  5850. }
  5851. if (ret)
  5852. pr_err("process_incomplete_cmd FAILED, resp.result %d\n",
  5853. resp.result);
  5854. break;
  5855. case QSEOS_RESULT_FAIL_PENDING_OPERATION:
  5856. pr_debug("Update Key operation under processing...\n");
  5857. ret = QSEOS_RESULT_FAIL_PENDING_OPERATION;
  5858. break;
  5859. case QSEOS_RESULT_FAILURE:
  5860. default:
  5861. pr_err("Set key scm call failed resp.result %d\n", resp.result);
  5862. ret = -EINVAL;
  5863. break;
  5864. }
  5865. __qseecom_disable_clk(CLK_QSEE);
  5866. return ret;
  5867. }
  5868. static int qseecom_enable_ice_setup(int usage)
  5869. {
  5870. int ret = 0;
  5871. if (usage == QSEOS_KM_USAGE_UFS_ICE_DISK_ENCRYPTION)
  5872. ret = qcom_ice_setup_ice_hw("ufs", true);
  5873. else if (usage == QSEOS_KM_USAGE_SDCC_ICE_DISK_ENCRYPTION)
  5874. ret = qcom_ice_setup_ice_hw("sdcc", true);
  5875. return ret;
  5876. }
  5877. static int qseecom_disable_ice_setup(int usage)
  5878. {
  5879. int ret = 0;
  5880. if (usage == QSEOS_KM_USAGE_UFS_ICE_DISK_ENCRYPTION)
  5881. ret = qcom_ice_setup_ice_hw("ufs", false);
  5882. else if (usage == QSEOS_KM_USAGE_SDCC_ICE_DISK_ENCRYPTION)
  5883. ret = qcom_ice_setup_ice_hw("sdcc", false);
  5884. return ret;
  5885. }
  5886. static int qseecom_get_ce_hw_instance(uint32_t unit, uint32_t usage)
  5887. {
  5888. struct qseecom_ce_info_use *pce_info_use, *p;
  5889. int total = 0;
  5890. int i;
  5891. switch (usage) {
  5892. case QSEOS_KM_USAGE_DISK_ENCRYPTION:
  5893. case QSEOS_KM_USAGE_UFS_ICE_DISK_ENCRYPTION:
  5894. case QSEOS_KM_USAGE_SDCC_ICE_DISK_ENCRYPTION:
  5895. p = qseecom.ce_info.fde;
  5896. total = qseecom.ce_info.num_fde;
  5897. break;
  5898. case QSEOS_KM_USAGE_FILE_ENCRYPTION:
  5899. p = qseecom.ce_info.pfe;
  5900. total = qseecom.ce_info.num_pfe;
  5901. break;
  5902. default:
  5903. pr_err("unsupported usage %d\n", usage);
  5904. return -EINVAL;
  5905. }
  5906. pce_info_use = NULL;
  5907. for (i = 0; i < total; i++) {
  5908. if (p->unit_num == unit) {
  5909. pce_info_use = p;
  5910. break;
  5911. }
  5912. p++;
  5913. }
  5914. if (!pce_info_use) {
  5915. pr_err("can not find %d\n", unit);
  5916. return -EINVAL;
  5917. }
  5918. return pce_info_use->num_ce_pipe_entries;
  5919. }
  5920. static int qseecom_create_key(struct qseecom_dev_handle *data,
  5921. void __user *argp)
  5922. {
  5923. int i;
  5924. uint32_t *ce_hw = NULL;
  5925. uint32_t pipe = 0;
  5926. int ret = 0;
  5927. uint32_t flags = 0;
  5928. struct qseecom_create_key_req create_key_req;
  5929. struct qseecom_key_generate_ireq generate_key_ireq;
  5930. struct qseecom_key_select_ireq set_key_ireq;
  5931. int32_t entries = 0;
  5932. ret = copy_from_user(&create_key_req, argp, sizeof(create_key_req));
  5933. if (ret) {
  5934. pr_err("copy_from_user failed\n");
  5935. return ret;
  5936. }
  5937. if (create_key_req.usage < QSEOS_KM_USAGE_DISK_ENCRYPTION ||
  5938. create_key_req.usage >= QSEOS_KM_USAGE_MAX) {
  5939. pr_err("unsupported usage %d\n", create_key_req.usage);
  5940. ret = -EFAULT;
  5941. return ret;
  5942. }
  5943. entries = qseecom_get_ce_hw_instance(DEFAULT_CE_INFO_UNIT,
  5944. create_key_req.usage);
  5945. if (entries <= 0) {
  5946. pr_err("no ce instance for usage %d instance %d\n",
  5947. DEFAULT_CE_INFO_UNIT, create_key_req.usage);
  5948. ret = -EINVAL;
  5949. return ret;
  5950. }
  5951. ce_hw = kcalloc(entries, sizeof(*ce_hw), GFP_KERNEL);
  5952. if (!ce_hw) {
  5953. ret = -ENOMEM;
  5954. return ret;
  5955. }
  5956. ret = __qseecom_get_ce_pipe_info(create_key_req.usage, &pipe, &ce_hw,
  5957. DEFAULT_CE_INFO_UNIT);
  5958. if (ret) {
  5959. pr_err("Failed to retrieve pipe/ce_hw info: %d\n", ret);
  5960. ret = -EINVAL;
  5961. goto free_buf;
  5962. }
  5963. if (qseecom.fde_key_size)
  5964. flags |= QSEECOM_ICE_FDE_KEY_SIZE_32_BYTE;
  5965. else
  5966. flags |= QSEECOM_ICE_FDE_KEY_SIZE_16_BYTE;
  5967. if (qseecom.enable_key_wrap_in_ks)
  5968. flags |= ENABLE_KEY_WRAP_IN_KS;
  5969. generate_key_ireq.flags = flags;
  5970. generate_key_ireq.qsee_command_id = QSEOS_GENERATE_KEY;
  5971. memset((void *)generate_key_ireq.key_id,
  5972. 0, QSEECOM_KEY_ID_SIZE);
  5973. memset((void *)generate_key_ireq.hash32,
  5974. 0, QSEECOM_HASH_SIZE);
  5975. memcpy((void *)generate_key_ireq.key_id,
  5976. (void *)key_id_array[create_key_req.usage].desc,
  5977. QSEECOM_KEY_ID_SIZE);
  5978. memcpy((void *)generate_key_ireq.hash32,
  5979. (void *)create_key_req.hash32,
  5980. QSEECOM_HASH_SIZE);
  5981. ret = __qseecom_generate_and_save_key(data,
  5982. create_key_req.usage, &generate_key_ireq);
  5983. if (ret) {
  5984. pr_err("Failed to generate key on storage: %d\n", ret);
  5985. goto free_buf;
  5986. }
  5987. for (i = 0; i < entries; i++) {
  5988. set_key_ireq.qsee_command_id = QSEOS_SET_KEY;
  5989. if (create_key_req.usage ==
  5990. QSEOS_KM_USAGE_UFS_ICE_DISK_ENCRYPTION) {
  5991. set_key_ireq.ce = QSEECOM_UFS_ICE_CE_NUM;
  5992. set_key_ireq.pipe = QSEECOM_ICE_FDE_KEY_INDEX;
  5993. } else if (create_key_req.usage ==
  5994. QSEOS_KM_USAGE_SDCC_ICE_DISK_ENCRYPTION) {
  5995. set_key_ireq.ce = QSEECOM_SDCC_ICE_CE_NUM;
  5996. set_key_ireq.pipe = QSEECOM_ICE_FDE_KEY_INDEX;
  5997. } else {
  5998. set_key_ireq.ce = ce_hw[i];
  5999. set_key_ireq.pipe = pipe;
  6000. }
  6001. set_key_ireq.flags = flags;
  6002. /* set both PIPE_ENC and PIPE_ENC_XTS*/
  6003. set_key_ireq.pipe_type = QSEOS_PIPE_ENC|QSEOS_PIPE_ENC_XTS;
  6004. memset((void *)set_key_ireq.key_id, 0, QSEECOM_KEY_ID_SIZE);
  6005. memset((void *)set_key_ireq.hash32, 0, QSEECOM_HASH_SIZE);
  6006. memcpy((void *)set_key_ireq.key_id,
  6007. (void *)key_id_array[create_key_req.usage].desc,
  6008. QSEECOM_KEY_ID_SIZE);
  6009. memcpy((void *)set_key_ireq.hash32,
  6010. (void *)create_key_req.hash32,
  6011. QSEECOM_HASH_SIZE);
  6012. /*
  6013. * It will return false if it is GPCE based crypto instance or
  6014. * ICE is setup properly
  6015. */
  6016. ret = qseecom_enable_ice_setup(create_key_req.usage);
  6017. if (ret)
  6018. goto free_buf;
  6019. do {
  6020. ret = __qseecom_set_clear_ce_key(data,
  6021. create_key_req.usage,
  6022. &set_key_ireq);
  6023. /*
  6024. * wait a little before calling scm again to let other
  6025. * processes run
  6026. */
  6027. if (ret == QSEOS_RESULT_FAIL_PENDING_OPERATION)
  6028. msleep(50);
  6029. } while (ret == QSEOS_RESULT_FAIL_PENDING_OPERATION);
  6030. qseecom_disable_ice_setup(create_key_req.usage);
  6031. if (ret) {
  6032. pr_err("Failed to create key: pipe %d, ce %d: %d\n",
  6033. pipe, ce_hw[i], ret);
  6034. goto free_buf;
  6035. } else {
  6036. pr_err("Set the key successfully\n");
  6037. if ((create_key_req.usage ==
  6038. QSEOS_KM_USAGE_UFS_ICE_DISK_ENCRYPTION) ||
  6039. (create_key_req.usage ==
  6040. QSEOS_KM_USAGE_SDCC_ICE_DISK_ENCRYPTION))
  6041. goto free_buf;
  6042. }
  6043. }
  6044. free_buf:
  6045. kfree_sensitive(ce_hw);
  6046. return ret;
  6047. }
  6048. static int qseecom_wipe_key(struct qseecom_dev_handle *data,
  6049. void __user *argp)
  6050. {
  6051. uint32_t *ce_hw = NULL;
  6052. uint32_t pipe = 0;
  6053. int ret = 0;
  6054. uint32_t flags = 0;
  6055. int i, j;
  6056. struct qseecom_wipe_key_req wipe_key_req;
  6057. struct qseecom_key_delete_ireq delete_key_ireq;
  6058. struct qseecom_key_select_ireq clear_key_ireq;
  6059. int32_t entries = 0;
  6060. ret = copy_from_user(&wipe_key_req, argp, sizeof(wipe_key_req));
  6061. if (ret) {
  6062. pr_err("copy_from_user failed\n");
  6063. return ret;
  6064. }
  6065. if (wipe_key_req.usage < QSEOS_KM_USAGE_DISK_ENCRYPTION ||
  6066. wipe_key_req.usage >= QSEOS_KM_USAGE_MAX) {
  6067. pr_err("unsupported usage %d\n", wipe_key_req.usage);
  6068. ret = -EFAULT;
  6069. return ret;
  6070. }
  6071. entries = qseecom_get_ce_hw_instance(DEFAULT_CE_INFO_UNIT,
  6072. wipe_key_req.usage);
  6073. if (entries <= 0) {
  6074. pr_err("no ce instance for usage %d instance %d\n",
  6075. DEFAULT_CE_INFO_UNIT, wipe_key_req.usage);
  6076. ret = -EINVAL;
  6077. return ret;
  6078. }
  6079. ce_hw = kcalloc(entries, sizeof(*ce_hw), GFP_KERNEL);
  6080. if (!ce_hw) {
  6081. ret = -ENOMEM;
  6082. return ret;
  6083. }
  6084. ret = __qseecom_get_ce_pipe_info(wipe_key_req.usage, &pipe, &ce_hw,
  6085. DEFAULT_CE_INFO_UNIT);
  6086. if (ret) {
  6087. pr_err("Failed to retrieve pipe/ce_hw info: %d\n", ret);
  6088. ret = -EINVAL;
  6089. goto free_buf;
  6090. }
  6091. if (wipe_key_req.wipe_key_flag) {
  6092. delete_key_ireq.flags = flags;
  6093. delete_key_ireq.qsee_command_id = QSEOS_DELETE_KEY;
  6094. memset((void *)delete_key_ireq.key_id, 0, QSEECOM_KEY_ID_SIZE);
  6095. memcpy((void *)delete_key_ireq.key_id,
  6096. (void *)key_id_array[wipe_key_req.usage].desc,
  6097. QSEECOM_KEY_ID_SIZE);
  6098. memset((void *)delete_key_ireq.hash32, 0, QSEECOM_HASH_SIZE);
  6099. ret = __qseecom_delete_saved_key(data, wipe_key_req.usage,
  6100. &delete_key_ireq);
  6101. if (ret) {
  6102. pr_err("Failed to delete key from ssd storage: %d\n",
  6103. ret);
  6104. ret = -EFAULT;
  6105. goto free_buf;
  6106. }
  6107. }
  6108. for (j = 0; j < entries; j++) {
  6109. clear_key_ireq.qsee_command_id = QSEOS_SET_KEY;
  6110. if (wipe_key_req.usage ==
  6111. QSEOS_KM_USAGE_UFS_ICE_DISK_ENCRYPTION) {
  6112. clear_key_ireq.ce = QSEECOM_UFS_ICE_CE_NUM;
  6113. clear_key_ireq.pipe = QSEECOM_ICE_FDE_KEY_INDEX;
  6114. } else if (wipe_key_req.usage ==
  6115. QSEOS_KM_USAGE_SDCC_ICE_DISK_ENCRYPTION) {
  6116. clear_key_ireq.ce = QSEECOM_SDCC_ICE_CE_NUM;
  6117. clear_key_ireq.pipe = QSEECOM_ICE_FDE_KEY_INDEX;
  6118. } else {
  6119. clear_key_ireq.ce = ce_hw[j];
  6120. clear_key_ireq.pipe = pipe;
  6121. }
  6122. clear_key_ireq.flags = flags;
  6123. clear_key_ireq.pipe_type = QSEOS_PIPE_ENC|QSEOS_PIPE_ENC_XTS;
  6124. for (i = 0; i < QSEECOM_KEY_ID_SIZE; i++)
  6125. clear_key_ireq.key_id[i] = QSEECOM_INVALID_KEY_ID;
  6126. memset((void *)clear_key_ireq.hash32, 0, QSEECOM_HASH_SIZE);
  6127. /*
  6128. * It will return false if it is GPCE based crypto instance or
  6129. * ICE is setup properly
  6130. */
  6131. ret = qseecom_enable_ice_setup(wipe_key_req.usage);
  6132. if (ret)
  6133. goto free_buf;
  6134. ret = __qseecom_set_clear_ce_key(data, wipe_key_req.usage,
  6135. &clear_key_ireq);
  6136. qseecom_disable_ice_setup(wipe_key_req.usage);
  6137. if (ret) {
  6138. pr_err("Failed to wipe key: pipe %d, ce %d: %d\n",
  6139. pipe, ce_hw[j], ret);
  6140. ret = -EFAULT;
  6141. goto free_buf;
  6142. }
  6143. }
  6144. free_buf:
  6145. kfree_sensitive(ce_hw);
  6146. return ret;
  6147. }
  6148. static int qseecom_update_key_user_info(struct qseecom_dev_handle *data,
  6149. void __user *argp)
  6150. {
  6151. int ret = 0;
  6152. uint32_t flags = 0;
  6153. struct qseecom_update_key_userinfo_req update_key_req;
  6154. struct qseecom_key_userinfo_update_ireq ireq;
  6155. ret = copy_from_user(&update_key_req, argp, sizeof(update_key_req));
  6156. if (ret) {
  6157. pr_err("copy_from_user failed\n");
  6158. return ret;
  6159. }
  6160. if (update_key_req.usage < QSEOS_KM_USAGE_DISK_ENCRYPTION ||
  6161. update_key_req.usage >= QSEOS_KM_USAGE_MAX) {
  6162. pr_err("Error:: unsupported usage %d\n", update_key_req.usage);
  6163. return -EFAULT;
  6164. }
  6165. ireq.qsee_command_id = QSEOS_UPDATE_KEY_USERINFO;
  6166. if (qseecom.fde_key_size)
  6167. flags |= QSEECOM_ICE_FDE_KEY_SIZE_32_BYTE;
  6168. else
  6169. flags |= QSEECOM_ICE_FDE_KEY_SIZE_16_BYTE;
  6170. ireq.flags = flags;
  6171. memset(ireq.key_id, 0, QSEECOM_KEY_ID_SIZE);
  6172. memset((void *)ireq.current_hash32, 0, QSEECOM_HASH_SIZE);
  6173. memset((void *)ireq.new_hash32, 0, QSEECOM_HASH_SIZE);
  6174. memcpy((void *)ireq.key_id,
  6175. (void *)key_id_array[update_key_req.usage].desc,
  6176. QSEECOM_KEY_ID_SIZE);
  6177. memcpy((void *)ireq.current_hash32,
  6178. (void *)update_key_req.current_hash32, QSEECOM_HASH_SIZE);
  6179. memcpy((void *)ireq.new_hash32,
  6180. (void *)update_key_req.new_hash32, QSEECOM_HASH_SIZE);
  6181. do {
  6182. ret = __qseecom_update_current_key_user_info(data,
  6183. update_key_req.usage,
  6184. &ireq);
  6185. /*
  6186. * wait a little before calling scm again to let other
  6187. * processes run
  6188. */
  6189. if (ret == QSEOS_RESULT_FAIL_PENDING_OPERATION)
  6190. msleep(50);
  6191. } while (ret == QSEOS_RESULT_FAIL_PENDING_OPERATION);
  6192. if (ret) {
  6193. pr_err("Failed to update key info: %d\n", ret);
  6194. return ret;
  6195. }
  6196. return ret;
  6197. }
  6198. static int qseecom_is_es_activated(void __user *argp)
  6199. {
  6200. struct qseecom_is_es_activated_req req = {0};
  6201. struct qseecom_command_scm_resp resp;
  6202. int ret;
  6203. if (qseecom.qsee_version < QSEE_VERSION_04) {
  6204. pr_err("invalid qsee version\n");
  6205. return -ENODEV;
  6206. }
  6207. if (argp == NULL) {
  6208. pr_err("arg is null\n");
  6209. return -EINVAL;
  6210. }
  6211. ret = qseecom_scm_call(SCM_SVC_ES, SCM_IS_ACTIVATED_ID,
  6212. &req, sizeof(req), &resp, sizeof(resp));
  6213. if (ret) {
  6214. pr_err("scm_call failed\n");
  6215. return ret;
  6216. }
  6217. req.is_activated = resp.result;
  6218. ret = copy_to_user(argp, &req, sizeof(req));
  6219. if (ret) {
  6220. pr_err("copy_to_user failed\n");
  6221. return ret;
  6222. }
  6223. return 0;
  6224. }
  6225. static int qseecom_save_partition_hash(void __user *argp)
  6226. {
  6227. struct qseecom_save_partition_hash_req req;
  6228. struct qseecom_command_scm_resp resp;
  6229. int ret;
  6230. memset(&resp, 0x00, sizeof(resp));
  6231. if (qseecom.qsee_version < QSEE_VERSION_04) {
  6232. pr_err("invalid qsee version\n");
  6233. return -ENODEV;
  6234. }
  6235. if (argp == NULL) {
  6236. pr_err("arg is null\n");
  6237. return -EINVAL;
  6238. }
  6239. ret = copy_from_user(&req, argp, sizeof(req));
  6240. if (ret) {
  6241. pr_err("copy_from_user failed\n");
  6242. return ret;
  6243. }
  6244. ret = qseecom_scm_call(SCM_SVC_ES, SCM_SAVE_PARTITION_HASH_ID,
  6245. (void *)&req, sizeof(req), (void *)&resp, sizeof(resp));
  6246. if (ret) {
  6247. pr_err("qseecom_scm_call failed\n");
  6248. return ret;
  6249. }
  6250. return 0;
  6251. }
  6252. static int qseecom_mdtp_cipher_dip(void __user *argp)
  6253. {
  6254. struct qseecom_mdtp_cipher_dip_req req;
  6255. u32 tzbuflenin, tzbuflenout;
  6256. char *tzbufin = NULL, *tzbufout = NULL;
  6257. struct qseecom_scm_desc desc = {0};
  6258. int ret;
  6259. phys_addr_t pain, paout;
  6260. struct qtee_shm shmin = {0}, shmout = {0};
  6261. do {
  6262. /* Copy the parameters from userspace */
  6263. if (argp == NULL) {
  6264. pr_err("arg is null\n");
  6265. ret = -EINVAL;
  6266. break;
  6267. }
  6268. ret = copy_from_user(&req, argp, sizeof(req));
  6269. if (ret) {
  6270. pr_err("copy_from_user failed, ret= %d\n", ret);
  6271. break;
  6272. }
  6273. if (req.in_buf == NULL || req.out_buf == NULL ||
  6274. req.in_buf_size == 0 || req.in_buf_size > MAX_DIP ||
  6275. req.out_buf_size == 0 || req.out_buf_size > MAX_DIP ||
  6276. req.direction > 1) {
  6277. pr_err("invalid parameters\n");
  6278. ret = -EINVAL;
  6279. break;
  6280. }
  6281. /* Copy the input buffer from userspace to kernel space */
  6282. tzbuflenin = PAGE_ALIGN(req.in_buf_size);
  6283. tzbufin = __qseecom_alloc_tzbuf(tzbuflenin, &pain, &shmin);
  6284. if (!tzbufin) {
  6285. pr_err("error allocating in buffer\n");
  6286. ret = -ENOMEM;
  6287. break;
  6288. }
  6289. ret = copy_from_user(tzbufin, (void __user *)req.in_buf,
  6290. req.in_buf_size);
  6291. if (ret) {
  6292. pr_err("copy_from_user failed, ret=%d\n", ret);
  6293. break;
  6294. }
  6295. qtee_shmbridge_flush_shm_buf(&shmin);
  6296. /* Prepare the output buffer in kernel space */
  6297. tzbuflenout = PAGE_ALIGN(req.out_buf_size);
  6298. tzbufout = __qseecom_alloc_tzbuf(tzbuflenout, &paout, &shmout);
  6299. if (!tzbufout) {
  6300. pr_err("error allocating out buffer\n");
  6301. ret = -ENOMEM;
  6302. break;
  6303. }
  6304. qtee_shmbridge_flush_shm_buf(&shmout);
  6305. /* Send the command to TZ */
  6306. desc.arginfo = TZ_MDTP_CIPHER_DIP_ID_PARAM_ID;
  6307. desc.args[0] = pain;
  6308. desc.args[1] = req.in_buf_size;
  6309. desc.args[2] = paout;
  6310. desc.args[3] = req.out_buf_size;
  6311. desc.args[4] = req.direction;
  6312. ret = __qseecom_enable_clk(CLK_QSEE);
  6313. if (ret)
  6314. break;
  6315. ret = __qseecom_scm_call2_locked(TZ_MDTP_CIPHER_DIP_ID, &desc);
  6316. __qseecom_disable_clk(CLK_QSEE);
  6317. if (ret) {
  6318. pr_err("failed for SCM_SVC_MDTP, ret=%d\n",
  6319. ret);
  6320. break;
  6321. }
  6322. /* Copy the output buffer from kernel space to userspace */
  6323. qtee_shmbridge_flush_shm_buf(&shmout);
  6324. ret = copy_to_user((void __user *)req.out_buf,
  6325. tzbufout, req.out_buf_size);
  6326. if (ret) {
  6327. pr_err("copy_to_user failed, ret=%d\n", ret);
  6328. break;
  6329. }
  6330. } while (0);
  6331. __qseecom_free_tzbuf(&shmin);
  6332. __qseecom_free_tzbuf(&shmout);
  6333. return ret;
  6334. }
  6335. static int __qseecom_qteec_validate_msg(struct qseecom_dev_handle *data,
  6336. struct qseecom_qteec_req *req)
  6337. {
  6338. if (!data || !data->client.sb_virt) {
  6339. pr_err("Client or client buf is not initialized\n");
  6340. return -EINVAL;
  6341. }
  6342. if (data->type != QSEECOM_CLIENT_APP)
  6343. return -EFAULT;
  6344. if (req->req_len > UINT_MAX - req->resp_len) {
  6345. pr_err("Integer overflow detected in req_len & rsp_len\n");
  6346. return -EINVAL;
  6347. }
  6348. if (req->req_len + req->resp_len > data->client.sb_length) {
  6349. pr_debug("Not enough memory to fit cmd_buf.\n");
  6350. pr_debug("resp_buf. Required: %u, Available: %zu\n",
  6351. (req->req_len + req->resp_len), data->client.sb_length);
  6352. return -ENOMEM;
  6353. }
  6354. if (req->req_ptr == NULL || req->resp_ptr == NULL) {
  6355. pr_err("cmd buffer or response buffer is null\n");
  6356. return -EINVAL;
  6357. }
  6358. if (((uintptr_t)req->req_ptr <
  6359. data->client.user_virt_sb_base) ||
  6360. ((uintptr_t)req->req_ptr >=
  6361. (data->client.user_virt_sb_base + data->client.sb_length))) {
  6362. pr_err("cmd buffer address not within shared bufffer\n");
  6363. return -EINVAL;
  6364. }
  6365. if (((uintptr_t)req->resp_ptr <
  6366. data->client.user_virt_sb_base) ||
  6367. ((uintptr_t)req->resp_ptr >=
  6368. (data->client.user_virt_sb_base + data->client.sb_length))) {
  6369. pr_err("response buffer address not within shared bufffer\n");
  6370. return -EINVAL;
  6371. }
  6372. if ((req->req_len == 0) || (req->resp_len == 0)) {
  6373. pr_err("cmd buf lengtgh/response buf length not valid\n");
  6374. return -EINVAL;
  6375. }
  6376. if ((uintptr_t)req->req_ptr > (ULONG_MAX - req->req_len)) {
  6377. pr_err("Integer overflow in req_len & req_ptr\n");
  6378. return -EINVAL;
  6379. }
  6380. if ((uintptr_t)req->resp_ptr > (ULONG_MAX - req->resp_len)) {
  6381. pr_err("Integer overflow in resp_len & resp_ptr\n");
  6382. return -EINVAL;
  6383. }
  6384. if (data->client.user_virt_sb_base >
  6385. (ULONG_MAX - data->client.sb_length)) {
  6386. pr_err("Integer overflow in user_virt_sb_base & sb_length\n");
  6387. return -EINVAL;
  6388. }
  6389. if ((((uintptr_t)req->req_ptr + req->req_len) >
  6390. ((uintptr_t)data->client.user_virt_sb_base +
  6391. data->client.sb_length)) ||
  6392. (((uintptr_t)req->resp_ptr + req->resp_len) >
  6393. ((uintptr_t)data->client.user_virt_sb_base +
  6394. data->client.sb_length))) {
  6395. pr_err("cmd buf or resp buf is out of shared buffer region\n");
  6396. return -EINVAL;
  6397. }
  6398. return 0;
  6399. }
  6400. static int __qseecom_qteec_handle_pre_alc_fd(struct qseecom_dev_handle *data,
  6401. uint32_t fd_idx, struct sg_table *sg_ptr)
  6402. {
  6403. struct scatterlist *sg = sg_ptr->sgl;
  6404. struct qseecom_sg_entry *sg_entry;
  6405. void *buf;
  6406. uint i;
  6407. size_t size;
  6408. dma_addr_t coh_pmem;
  6409. if (fd_idx >= MAX_ION_FD) {
  6410. pr_err("fd_idx [%d] is invalid\n", fd_idx);
  6411. return -ENOMEM;
  6412. }
  6413. /*
  6414. * Allocate a buffer, populate it with number of entry plus
  6415. * each sg entry's phy addr and length; then return the
  6416. * phy_addr of the buffer.
  6417. */
  6418. size = sizeof(uint32_t) +
  6419. sizeof(struct qseecom_sg_entry) * sg_ptr->nents;
  6420. size = (size + PAGE_SIZE) & PAGE_MASK;
  6421. buf = dma_alloc_coherent(qseecom.dev,
  6422. size, &coh_pmem, GFP_KERNEL);
  6423. if (buf == NULL)
  6424. return -ENOMEM;
  6425. *(uint32_t *)buf = sg_ptr->nents;
  6426. sg_entry = (struct qseecom_sg_entry *) (buf + sizeof(uint32_t));
  6427. for (i = 0; i < sg_ptr->nents; i++) {
  6428. sg_entry->phys_addr = (uint32_t)sg_dma_address(sg);
  6429. sg_entry->len = sg->length;
  6430. sg_entry++;
  6431. sg = sg_next(sg);
  6432. }
  6433. data->client.sec_buf_fd[fd_idx].is_sec_buf_fd = true;
  6434. data->client.sec_buf_fd[fd_idx].vbase = buf;
  6435. data->client.sec_buf_fd[fd_idx].pbase = coh_pmem;
  6436. data->client.sec_buf_fd[fd_idx].size = size;
  6437. return 0;
  6438. }
  6439. static int __qseecom_update_qteec_req_buf(struct qseecom_qteec_modfd_req *req,
  6440. struct qseecom_dev_handle *data, bool cleanup)
  6441. {
  6442. int ret = 0;
  6443. int i = 0;
  6444. uint32_t *update;
  6445. struct sg_table *sg_ptr = NULL;
  6446. struct scatterlist *sg;
  6447. struct qseecom_param_memref *memref;
  6448. int ion_fd = -1;
  6449. struct dma_buf *dmabuf = NULL;
  6450. struct dma_buf_attachment *attach = NULL;
  6451. if (req == NULL) {
  6452. pr_err("Invalid address\n");
  6453. return -EINVAL;
  6454. }
  6455. for (i = 0; i < MAX_ION_FD; i++) {
  6456. if (req->ifd_data[i].fd > 0) {
  6457. ion_fd = req->ifd_data[i].fd;
  6458. if ((req->req_len <
  6459. sizeof(struct qseecom_param_memref)) ||
  6460. (req->ifd_data[i].cmd_buf_offset >
  6461. req->req_len -
  6462. sizeof(struct qseecom_param_memref))) {
  6463. pr_err("Invalid offset/req len 0x%x/0x%x\n",
  6464. req->req_len,
  6465. req->ifd_data[i].cmd_buf_offset);
  6466. return -EINVAL;
  6467. }
  6468. update = (uint32_t *)((char *) req->req_ptr +
  6469. req->ifd_data[i].cmd_buf_offset);
  6470. if (!update) {
  6471. pr_err("update pointer is NULL\n");
  6472. return -EINVAL;
  6473. }
  6474. } else {
  6475. continue;
  6476. }
  6477. /* Populate the cmd data structure with the phys_addr */
  6478. ret = qseecom_dmabuf_map(ion_fd, &sg_ptr, &attach, &dmabuf);
  6479. if (ret) {
  6480. pr_err("IOn client could not retrieve sg table\n");
  6481. goto err;
  6482. }
  6483. sg = sg_ptr->sgl;
  6484. if (sg == NULL) {
  6485. pr_err("sg is NULL\n");
  6486. goto err;
  6487. }
  6488. if ((sg_ptr->nents == 0) || (sg->length == 0)) {
  6489. pr_err("Num of scat entr (%d)or length(%d) invalid\n",
  6490. sg_ptr->nents, sg->length);
  6491. goto err;
  6492. }
  6493. /* clean up buf for pre-allocated fd */
  6494. if (cleanup && data->client.sec_buf_fd[i].is_sec_buf_fd &&
  6495. (*update)) {
  6496. if (data->client.sec_buf_fd[i].vbase)
  6497. dma_free_coherent(qseecom.dev,
  6498. data->client.sec_buf_fd[i].size,
  6499. data->client.sec_buf_fd[i].vbase,
  6500. data->client.sec_buf_fd[i].pbase);
  6501. memset((void *)update, 0,
  6502. sizeof(struct qseecom_param_memref));
  6503. memset(&(data->client.sec_buf_fd[i]), 0,
  6504. sizeof(struct qseecom_sec_buf_fd_info));
  6505. goto clean;
  6506. }
  6507. if (*update == 0) {
  6508. /* update buf for pre-allocated fd from secure heap*/
  6509. ret = __qseecom_qteec_handle_pre_alc_fd(data, i,
  6510. sg_ptr);
  6511. if (ret) {
  6512. pr_err("Failed to handle buf for fd[%d]\n", i);
  6513. goto err;
  6514. }
  6515. memref = (struct qseecom_param_memref *)update;
  6516. memref->buffer =
  6517. (uint32_t)(data->client.sec_buf_fd[i].pbase);
  6518. memref->size =
  6519. (uint32_t)(data->client.sec_buf_fd[i].size);
  6520. } else {
  6521. /* update buf for fd from non-secure qseecom heap */
  6522. if (sg_ptr->nents != 1) {
  6523. pr_err("Num of scat entr (%d) invalid\n",
  6524. sg_ptr->nents);
  6525. goto err;
  6526. }
  6527. if (cleanup)
  6528. *update = 0;
  6529. else
  6530. *update = (uint32_t)sg_dma_address(sg_ptr->sgl);
  6531. }
  6532. clean:
  6533. if (cleanup) {
  6534. ret = qseecom_dmabuf_cache_operations(dmabuf,
  6535. QSEECOM_CACHE_INVALIDATE);
  6536. if (ret) {
  6537. pr_err("cache operation failed %d\n", ret);
  6538. goto err;
  6539. }
  6540. } else {
  6541. ret = qseecom_dmabuf_cache_operations(dmabuf,
  6542. QSEECOM_CACHE_CLEAN);
  6543. if (ret) {
  6544. pr_err("cache operation failed %d\n", ret);
  6545. goto err;
  6546. }
  6547. data->sglistinfo_ptr[i].indexAndFlags =
  6548. SGLISTINFO_SET_INDEX_FLAG(
  6549. (sg_ptr->nents == 1), 0,
  6550. req->ifd_data[i].cmd_buf_offset);
  6551. data->sglistinfo_ptr[i].sizeOrCount =
  6552. (sg_ptr->nents == 1) ?
  6553. sg->length : sg_ptr->nents;
  6554. data->sglist_cnt = i + 1;
  6555. }
  6556. /* unmap the dmabuf */
  6557. qseecom_dmabuf_unmap(sg_ptr, attach, dmabuf);
  6558. sg_ptr = NULL;
  6559. dmabuf = NULL;
  6560. attach = NULL;
  6561. }
  6562. return ret;
  6563. err:
  6564. if (!IS_ERR_OR_NULL(sg_ptr)) {
  6565. qseecom_dmabuf_unmap(sg_ptr, attach, dmabuf);
  6566. MAKE_NULL(sg_ptr, attach, dmabuf);
  6567. }
  6568. return -ENOMEM;
  6569. }
  6570. static int __qseecom_qteec_issue_cmd(struct qseecom_dev_handle *data,
  6571. struct qseecom_qteec_req *req, uint32_t cmd_id)
  6572. {
  6573. struct qseecom_command_scm_resp resp;
  6574. struct qseecom_qteec_ireq ireq;
  6575. struct qseecom_qteec_64bit_ireq ireq_64bit;
  6576. struct qseecom_registered_app_list *ptr_app;
  6577. bool found_app = false;
  6578. unsigned long flags;
  6579. int ret = 0;
  6580. int ret2 = 0;
  6581. uint32_t reqd_len_sb_in = 0;
  6582. void *cmd_buf = NULL;
  6583. size_t cmd_len;
  6584. struct sglist_info *table = data->sglistinfo_ptr;
  6585. void *req_ptr = NULL;
  6586. void *resp_ptr = NULL;
  6587. ret = __qseecom_qteec_validate_msg(data, req);
  6588. if (ret)
  6589. return ret;
  6590. req_ptr = req->req_ptr;
  6591. resp_ptr = req->resp_ptr;
  6592. /* find app_id & img_name from list */
  6593. spin_lock_irqsave(&qseecom.registered_app_list_lock, flags);
  6594. list_for_each_entry(ptr_app, &qseecom.registered_app_list_head,
  6595. list) {
  6596. if ((ptr_app->app_id == data->client.app_id) &&
  6597. (!strcmp(ptr_app->app_name, data->client.app_name))) {
  6598. found_app = true;
  6599. break;
  6600. }
  6601. }
  6602. spin_unlock_irqrestore(&qseecom.registered_app_list_lock, flags);
  6603. if (!found_app) {
  6604. pr_err("app_id %d (%s) is not found\n", data->client.app_id,
  6605. (char *)data->client.app_name);
  6606. return -ENOENT;
  6607. }
  6608. if (__qseecom_find_pending_unload_app(data->client.app_id,
  6609. data->client.app_name)) {
  6610. pr_err("app %d (%s) unload is pending\n",
  6611. data->client.app_id, data->client.app_name);
  6612. return -ENOENT;
  6613. }
  6614. req->req_ptr = (void *)__qseecom_uvirt_to_kvirt(data,
  6615. (uintptr_t)req->req_ptr);
  6616. req->resp_ptr = (void *)__qseecom_uvirt_to_kvirt(data,
  6617. (uintptr_t)req->resp_ptr);
  6618. if ((cmd_id == QSEOS_TEE_OPEN_SESSION) ||
  6619. (cmd_id == QSEOS_TEE_REQUEST_CANCELLATION)) {
  6620. ret = __qseecom_update_qteec_req_buf(
  6621. (struct qseecom_qteec_modfd_req *)req, data, false);
  6622. if (ret)
  6623. return ret;
  6624. }
  6625. if (qseecom.qsee_version < QSEE_VERSION_40) {
  6626. ireq.app_id = data->client.app_id;
  6627. ireq.req_ptr = (uint32_t)__qseecom_uvirt_to_kphys(data,
  6628. (uintptr_t)req_ptr);
  6629. ireq.req_len = req->req_len;
  6630. ireq.resp_ptr = (uint32_t)__qseecom_uvirt_to_kphys(data,
  6631. (uintptr_t)resp_ptr);
  6632. ireq.resp_len = req->resp_len;
  6633. ireq.sglistinfo_ptr = (uint32_t)virt_to_phys(table);
  6634. ireq.sglistinfo_len = SGLISTINFO_TABLE_SIZE;
  6635. qtee_shmbridge_flush_shm_buf(&data->sglistinfo_shm);
  6636. cmd_buf = (void *)&ireq;
  6637. cmd_len = sizeof(struct qseecom_qteec_ireq);
  6638. } else {
  6639. ireq_64bit.app_id = data->client.app_id;
  6640. ireq_64bit.req_ptr = (uint64_t)__qseecom_uvirt_to_kphys(data,
  6641. (uintptr_t)req_ptr);
  6642. ireq_64bit.req_len = req->req_len;
  6643. ireq_64bit.resp_ptr = (uint64_t)__qseecom_uvirt_to_kphys(data,
  6644. (uintptr_t)resp_ptr);
  6645. ireq_64bit.resp_len = req->resp_len;
  6646. if ((data->client.app_arch == ELFCLASS32) &&
  6647. ((ireq_64bit.req_ptr >=
  6648. PHY_ADDR_4G - ireq_64bit.req_len) ||
  6649. (ireq_64bit.resp_ptr >=
  6650. PHY_ADDR_4G - ireq_64bit.resp_len))){
  6651. pr_err("32bit app %s (id: %d): phy_addr exceeds 4G\n",
  6652. data->client.app_name, data->client.app_id);
  6653. pr_err("req_ptr:%llx,req_len:%x,rsp_ptr:%llx,rsp_len:%x\n",
  6654. ireq_64bit.req_ptr, ireq_64bit.req_len,
  6655. ireq_64bit.resp_ptr, ireq_64bit.resp_len);
  6656. return -EFAULT;
  6657. }
  6658. ireq_64bit.sglistinfo_ptr = (uint64_t)virt_to_phys(table);
  6659. ireq_64bit.sglistinfo_len = SGLISTINFO_TABLE_SIZE;
  6660. qtee_shmbridge_flush_shm_buf(&data->sglistinfo_shm);
  6661. cmd_buf = (void *)&ireq_64bit;
  6662. cmd_len = sizeof(struct qseecom_qteec_64bit_ireq);
  6663. }
  6664. if (qseecom.whitelist_support
  6665. && cmd_id == QSEOS_TEE_OPEN_SESSION)
  6666. *(uint32_t *)cmd_buf = QSEOS_TEE_OPEN_SESSION_WHITELIST;
  6667. else
  6668. *(uint32_t *)cmd_buf = cmd_id;
  6669. reqd_len_sb_in = req->req_len + req->resp_len;
  6670. ret = qseecom_dmabuf_cache_operations(data->client.dmabuf,
  6671. QSEECOM_CACHE_CLEAN);
  6672. if (ret) {
  6673. pr_err("cache operation failed %d\n", ret);
  6674. return ret;
  6675. }
  6676. __qseecom_reentrancy_check_if_this_app_blocked(ptr_app);
  6677. ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1,
  6678. cmd_buf, cmd_len,
  6679. &resp, sizeof(resp));
  6680. if (ret) {
  6681. pr_err("scm_call() failed with err: %d (app_id = %d)\n",
  6682. ret, data->client.app_id);
  6683. goto exit;
  6684. }
  6685. ret = qseecom_dmabuf_cache_operations(data->client.dmabuf,
  6686. QSEECOM_CACHE_INVALIDATE);
  6687. if (ret) {
  6688. pr_err("cache operation failed %d\n", ret);
  6689. return ret;
  6690. }
  6691. if (qseecom.qsee_reentrancy_support) {
  6692. ret = __qseecom_process_reentrancy(&resp, ptr_app, data);
  6693. if (ret)
  6694. goto exit;
  6695. } else {
  6696. if (resp.result == QSEOS_RESULT_INCOMPLETE) {
  6697. ret = __qseecom_process_incomplete_cmd(data, &resp);
  6698. if (ret) {
  6699. pr_err("process_incomplete_cmd failed err: %d\n",
  6700. ret);
  6701. goto exit;
  6702. }
  6703. } else {
  6704. if (resp.result != QSEOS_RESULT_SUCCESS) {
  6705. pr_err("Response result %d not supported\n",
  6706. resp.result);
  6707. ret = -EINVAL;
  6708. goto exit;
  6709. }
  6710. }
  6711. }
  6712. exit:
  6713. if ((cmd_id == QSEOS_TEE_OPEN_SESSION) ||
  6714. (cmd_id == QSEOS_TEE_REQUEST_CANCELLATION)) {
  6715. ret2 = __qseecom_update_qteec_req_buf(
  6716. (struct qseecom_qteec_modfd_req *)req, data, true);
  6717. if (ret2)
  6718. return ret2;
  6719. }
  6720. return ret;
  6721. }
  6722. static int qseecom_qteec_open_session(struct qseecom_dev_handle *data,
  6723. void __user *argp)
  6724. {
  6725. struct qseecom_qteec_modfd_req req;
  6726. int ret = 0;
  6727. ret = copy_from_user(&req, argp,
  6728. sizeof(struct qseecom_qteec_modfd_req));
  6729. if (ret) {
  6730. pr_err("copy_from_user failed\n");
  6731. return ret;
  6732. }
  6733. ret = __qseecom_qteec_issue_cmd(data, (struct qseecom_qteec_req *)&req,
  6734. QSEOS_TEE_OPEN_SESSION);
  6735. return ret;
  6736. }
  6737. static int qseecom_qteec_close_session(struct qseecom_dev_handle *data,
  6738. void __user *argp)
  6739. {
  6740. struct qseecom_qteec_req req;
  6741. int ret = 0;
  6742. ret = copy_from_user(&req, argp, sizeof(struct qseecom_qteec_req));
  6743. if (ret) {
  6744. pr_err("copy_from_user failed\n");
  6745. return ret;
  6746. }
  6747. ret = __qseecom_qteec_issue_cmd(data, &req, QSEOS_TEE_CLOSE_SESSION);
  6748. return ret;
  6749. }
  6750. static int qseecom_qteec_invoke_modfd_cmd(struct qseecom_dev_handle *data,
  6751. void __user *argp)
  6752. {
  6753. struct qseecom_qteec_modfd_req req;
  6754. struct qseecom_command_scm_resp resp;
  6755. struct qseecom_qteec_ireq ireq;
  6756. struct qseecom_qteec_64bit_ireq ireq_64bit;
  6757. struct qseecom_registered_app_list *ptr_app;
  6758. bool found_app = false;
  6759. unsigned long flags;
  6760. int ret = 0;
  6761. int i = 0;
  6762. uint32_t reqd_len_sb_in = 0;
  6763. void *cmd_buf = NULL;
  6764. size_t cmd_len;
  6765. struct sglist_info *table = data->sglistinfo_ptr;
  6766. void *req_ptr = NULL;
  6767. void *resp_ptr = NULL;
  6768. ret = copy_from_user(&req, argp,
  6769. sizeof(struct qseecom_qteec_modfd_req));
  6770. if (ret) {
  6771. pr_err("copy_from_user failed\n");
  6772. return ret;
  6773. }
  6774. ret = __qseecom_qteec_validate_msg(data,
  6775. (struct qseecom_qteec_req *)(&req));
  6776. if (ret)
  6777. return ret;
  6778. req_ptr = req.req_ptr;
  6779. resp_ptr = req.resp_ptr;
  6780. /* find app_id & img_name from list */
  6781. spin_lock_irqsave(&qseecom.registered_app_list_lock, flags);
  6782. list_for_each_entry(ptr_app, &qseecom.registered_app_list_head,
  6783. list) {
  6784. if ((ptr_app->app_id == data->client.app_id) &&
  6785. (!strcmp(ptr_app->app_name, data->client.app_name))) {
  6786. found_app = true;
  6787. break;
  6788. }
  6789. }
  6790. spin_unlock_irqrestore(&qseecom.registered_app_list_lock, flags);
  6791. if (!found_app) {
  6792. pr_err("app_id %d (%s) is not found\n", data->client.app_id,
  6793. (char *)data->client.app_name);
  6794. return -ENOENT;
  6795. }
  6796. if (__qseecom_find_pending_unload_app(data->client.app_id,
  6797. data->client.app_name)) {
  6798. pr_err("app %d (%s) unload is pending\n",
  6799. data->client.app_id, data->client.app_name);
  6800. return -ENOENT;
  6801. }
  6802. /* validate offsets */
  6803. for (i = 0; i < MAX_ION_FD; i++) {
  6804. if (req.ifd_data[i].fd) {
  6805. if (req.ifd_data[i].cmd_buf_offset >= req.req_len)
  6806. return -EINVAL;
  6807. }
  6808. }
  6809. req.req_ptr = (void *)__qseecom_uvirt_to_kvirt(data,
  6810. (uintptr_t)req.req_ptr);
  6811. req.resp_ptr = (void *)__qseecom_uvirt_to_kvirt(data,
  6812. (uintptr_t)req.resp_ptr);
  6813. ret = __qseecom_update_qteec_req_buf(&req, data, false);
  6814. if (ret)
  6815. return ret;
  6816. if (qseecom.qsee_version < QSEE_VERSION_40) {
  6817. ireq.app_id = data->client.app_id;
  6818. ireq.req_ptr = (uint32_t)__qseecom_uvirt_to_kphys(data,
  6819. (uintptr_t)req_ptr);
  6820. ireq.req_len = req.req_len;
  6821. ireq.resp_ptr = (uint32_t)__qseecom_uvirt_to_kphys(data,
  6822. (uintptr_t)resp_ptr);
  6823. ireq.resp_len = req.resp_len;
  6824. cmd_buf = (void *)&ireq;
  6825. cmd_len = sizeof(struct qseecom_qteec_ireq);
  6826. ireq.sglistinfo_ptr = (uint32_t)virt_to_phys(table);
  6827. ireq.sglistinfo_len = SGLISTINFO_TABLE_SIZE;
  6828. qtee_shmbridge_flush_shm_buf(&data->sglistinfo_shm);
  6829. } else {
  6830. ireq_64bit.app_id = data->client.app_id;
  6831. ireq_64bit.req_ptr = (uint64_t)__qseecom_uvirt_to_kphys(data,
  6832. (uintptr_t)req_ptr);
  6833. ireq_64bit.req_len = req.req_len;
  6834. ireq_64bit.resp_ptr = (uint64_t)__qseecom_uvirt_to_kphys(data,
  6835. (uintptr_t)resp_ptr);
  6836. ireq_64bit.resp_len = req.resp_len;
  6837. cmd_buf = (void *)&ireq_64bit;
  6838. cmd_len = sizeof(struct qseecom_qteec_64bit_ireq);
  6839. ireq_64bit.sglistinfo_ptr = (uint64_t)virt_to_phys(table);
  6840. ireq_64bit.sglistinfo_len = SGLISTINFO_TABLE_SIZE;
  6841. qtee_shmbridge_flush_shm_buf(&data->sglistinfo_shm);
  6842. }
  6843. reqd_len_sb_in = req.req_len + req.resp_len;
  6844. if (qseecom.whitelist_support)
  6845. *(uint32_t *)cmd_buf = QSEOS_TEE_INVOKE_COMMAND_WHITELIST;
  6846. else
  6847. *(uint32_t *)cmd_buf = QSEOS_TEE_INVOKE_COMMAND;
  6848. ret = qseecom_dmabuf_cache_operations(data->client.dmabuf,
  6849. QSEECOM_CACHE_CLEAN);
  6850. if (ret) {
  6851. pr_err("cache operation failed %d\n", ret);
  6852. return ret;
  6853. }
  6854. __qseecom_reentrancy_check_if_this_app_blocked(ptr_app);
  6855. ret = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1,
  6856. cmd_buf, cmd_len,
  6857. &resp, sizeof(resp));
  6858. if (ret) {
  6859. pr_err("scm_call() failed with err: %d (app_id = %d)\n",
  6860. ret, data->client.app_id);
  6861. return ret;
  6862. }
  6863. ret = qseecom_dmabuf_cache_operations(data->client.dmabuf,
  6864. QSEECOM_CACHE_INVALIDATE);
  6865. if (ret) {
  6866. pr_err("cache operation failed %d\n", ret);
  6867. return ret;
  6868. }
  6869. if (qseecom.qsee_reentrancy_support) {
  6870. ret = __qseecom_process_reentrancy(&resp, ptr_app, data);
  6871. } else {
  6872. if (resp.result == QSEOS_RESULT_INCOMPLETE) {
  6873. ret = __qseecom_process_incomplete_cmd(data, &resp);
  6874. if (ret) {
  6875. pr_err("process_incomplete_cmd failed err: %d\n",
  6876. ret);
  6877. return ret;
  6878. }
  6879. } else {
  6880. if (resp.result != QSEOS_RESULT_SUCCESS) {
  6881. pr_err("Response result %d not supported\n",
  6882. resp.result);
  6883. ret = -EINVAL;
  6884. }
  6885. }
  6886. }
  6887. ret = __qseecom_update_qteec_req_buf(&req, data, true);
  6888. if (ret)
  6889. return ret;
  6890. return 0;
  6891. }
  6892. static int qseecom_qteec_request_cancellation(struct qseecom_dev_handle *data,
  6893. void __user *argp)
  6894. {
  6895. struct qseecom_qteec_modfd_req req;
  6896. int ret = 0;
  6897. ret = copy_from_user(&req, argp,
  6898. sizeof(struct qseecom_qteec_modfd_req));
  6899. if (ret) {
  6900. pr_err("copy_from_user failed\n");
  6901. return ret;
  6902. }
  6903. ret = __qseecom_qteec_issue_cmd(data, (struct qseecom_qteec_req *)&req,
  6904. QSEOS_TEE_REQUEST_CANCELLATION);
  6905. return ret;
  6906. }
  6907. static void __qseecom_clean_data_sglistinfo(struct qseecom_dev_handle *data)
  6908. {
  6909. if (data->sglist_cnt) {
  6910. memset(data->sglistinfo_ptr, 0,
  6911. SGLISTINFO_TABLE_SIZE);
  6912. data->sglist_cnt = 0;
  6913. }
  6914. }
  6915. long qseecom_ioctl(struct file *file,
  6916. unsigned int cmd, unsigned long arg)
  6917. {
  6918. int ret = 0;
  6919. struct qseecom_dev_handle *data = file->private_data;
  6920. void __user *argp = (void __user *) arg;
  6921. bool perf_enabled = false;
  6922. if (atomic_read(&qseecom.qseecom_state) != QSEECOM_STATE_READY) {
  6923. pr_err("Not allowed to be called in %d state\n",
  6924. atomic_read(&qseecom.qseecom_state));
  6925. /* since the state is not ready returning device not configured yet
  6926. * i.e operation can't be performed on device yet.
  6927. */
  6928. return -ENXIO;
  6929. }
  6930. if (!data) {
  6931. pr_err("Invalid/uninitialized device handle\n");
  6932. return -EINVAL;
  6933. }
  6934. if (data->abort) {
  6935. pr_err("Aborting qseecom driver\n");
  6936. return -ENODEV;
  6937. }
  6938. if (cmd != QSEECOM_IOCTL_RECEIVE_REQ &&
  6939. cmd != QSEECOM_IOCTL_SEND_RESP_REQ &&
  6940. cmd != QSEECOM_IOCTL_SEND_MODFD_RESP &&
  6941. cmd != QSEECOM_IOCTL_SEND_MODFD_RESP_64)
  6942. __wakeup_unregister_listener_kthread();
  6943. __wakeup_unload_app_kthread();
  6944. switch (cmd) {
  6945. case QSEECOM_IOCTL_REGISTER_LISTENER_REQ: {
  6946. if (data->type != QSEECOM_GENERIC) {
  6947. pr_err("reg lstnr req: invalid handle (%d)\n",
  6948. data->type);
  6949. ret = -EINVAL;
  6950. break;
  6951. }
  6952. pr_debug("ioctl register_listener_req()\n");
  6953. mutex_lock(&listener_access_lock);
  6954. atomic_inc(&data->ioctl_count);
  6955. data->type = QSEECOM_LISTENER_SERVICE;
  6956. ret = qseecom_register_listener(data, argp);
  6957. atomic_dec(&data->ioctl_count);
  6958. wake_up_all(&data->abort_wq);
  6959. mutex_unlock(&listener_access_lock);
  6960. if (ret)
  6961. pr_err("failed qseecom_register_listener: %d\n", ret);
  6962. break;
  6963. }
  6964. case QSEECOM_IOCTL_UNREGISTER_LISTENER_REQ: {
  6965. if ((data->listener.id == 0) ||
  6966. (data->type != QSEECOM_LISTENER_SERVICE)) {
  6967. pr_err("unreg lstnr req: invalid handle (%d) lid(%d)\n",
  6968. data->type, data->listener.id);
  6969. ret = -EINVAL;
  6970. break;
  6971. }
  6972. pr_debug("ioctl unregister_listener_req()\n");
  6973. mutex_lock(&listener_access_lock);
  6974. atomic_inc(&data->ioctl_count);
  6975. ret = qseecom_unregister_listener(data);
  6976. atomic_dec(&data->ioctl_count);
  6977. wake_up_all(&data->abort_wq);
  6978. mutex_unlock(&listener_access_lock);
  6979. if (ret)
  6980. pr_err("failed qseecom_unregister_listener: %d\n", ret);
  6981. break;
  6982. }
  6983. case QSEECOM_IOCTL_SEND_CMD_REQ: {
  6984. if ((data->client.app_id == 0) ||
  6985. (data->type != QSEECOM_CLIENT_APP)) {
  6986. pr_err("send cmd req: invalid handle (%d) app_id(%d)\n",
  6987. data->type, data->client.app_id);
  6988. ret = -EINVAL;
  6989. break;
  6990. }
  6991. /* Only one client allowed here at a time */
  6992. mutex_lock(&app_access_lock);
  6993. if (qseecom.support_bus_scaling) {
  6994. /* register bus bw in case the client doesn't do it */
  6995. if (!data->mode) {
  6996. mutex_lock(&qsee_bw_mutex);
  6997. __qseecom_register_bus_bandwidth_needs(
  6998. data, HIGH);
  6999. mutex_unlock(&qsee_bw_mutex);
  7000. }
  7001. ret = qseecom_scale_bus_bandwidth_timer(INACTIVE);
  7002. if (ret) {
  7003. pr_err("Failed to set bw.\n");
  7004. ret = -EINVAL;
  7005. mutex_unlock(&app_access_lock);
  7006. break;
  7007. }
  7008. }
  7009. /*
  7010. * On targets where crypto clock is handled by HLOS,
  7011. * if clk_access_cnt is zero and perf_enabled is false,
  7012. * then the crypto clock was not enabled before sending cmd to
  7013. * tz, qseecom will enable the clock to avoid service failure.
  7014. */
  7015. if (!qseecom.no_clock_support &&
  7016. !qseecom.qsee.clk_access_cnt && !data->perf_enabled) {
  7017. pr_debug("ce clock is not enabled!\n");
  7018. ret = qseecom_perf_enable(data);
  7019. if (ret) {
  7020. pr_err("Failed to vote for clock with err %d\n",
  7021. ret);
  7022. mutex_unlock(&app_access_lock);
  7023. ret = -EINVAL;
  7024. break;
  7025. }
  7026. perf_enabled = true;
  7027. }
  7028. atomic_inc(&data->ioctl_count);
  7029. ret = qseecom_send_cmd(data, argp);
  7030. if (qseecom.support_bus_scaling)
  7031. __qseecom_add_bw_scale_down_timer(
  7032. QSEECOM_SEND_CMD_CRYPTO_TIMEOUT);
  7033. if (perf_enabled) {
  7034. qsee_disable_clock_vote(data, CLK_DFAB);
  7035. qsee_disable_clock_vote(data, CLK_SFPB);
  7036. }
  7037. atomic_dec(&data->ioctl_count);
  7038. wake_up_all(&data->abort_wq);
  7039. mutex_unlock(&app_access_lock);
  7040. if (ret)
  7041. pr_err("failed qseecom_send_cmd: %d\n", ret);
  7042. break;
  7043. }
  7044. case QSEECOM_IOCTL_SEND_MODFD_CMD_REQ:
  7045. case QSEECOM_IOCTL_SEND_MODFD_CMD_64_REQ: {
  7046. if ((data->client.app_id == 0) ||
  7047. (data->type != QSEECOM_CLIENT_APP)) {
  7048. pr_err("send mdfd cmd: invalid handle (%d) appid(%d)\n",
  7049. data->type, data->client.app_id);
  7050. ret = -EINVAL;
  7051. break;
  7052. }
  7053. /* Only one client allowed here at a time */
  7054. mutex_lock(&app_access_lock);
  7055. if (qseecom.support_bus_scaling) {
  7056. if (!data->mode) {
  7057. mutex_lock(&qsee_bw_mutex);
  7058. __qseecom_register_bus_bandwidth_needs(
  7059. data, HIGH);
  7060. mutex_unlock(&qsee_bw_mutex);
  7061. }
  7062. ret = qseecom_scale_bus_bandwidth_timer(INACTIVE);
  7063. if (ret) {
  7064. pr_err("Failed to set bw.\n");
  7065. mutex_unlock(&app_access_lock);
  7066. ret = -EINVAL;
  7067. break;
  7068. }
  7069. }
  7070. /*
  7071. * On targets where crypto clock is handled by HLOS,
  7072. * if clk_access_cnt is zero and perf_enabled is false,
  7073. * then the crypto clock was not enabled before sending cmd to
  7074. * tz, qseecom will enable the clock to avoid service failure.
  7075. */
  7076. if (!qseecom.no_clock_support &&
  7077. !qseecom.qsee.clk_access_cnt && !data->perf_enabled) {
  7078. pr_debug("ce clock is not enabled!\n");
  7079. ret = qseecom_perf_enable(data);
  7080. if (ret) {
  7081. pr_err("Failed to vote for clock with err %d\n",
  7082. ret);
  7083. mutex_unlock(&app_access_lock);
  7084. ret = -EINVAL;
  7085. break;
  7086. }
  7087. perf_enabled = true;
  7088. }
  7089. atomic_inc(&data->ioctl_count);
  7090. if (cmd == QSEECOM_IOCTL_SEND_MODFD_CMD_REQ)
  7091. ret = qseecom_send_modfd_cmd(data, argp);
  7092. else
  7093. ret = qseecom_send_modfd_cmd_64(data, argp);
  7094. if (qseecom.support_bus_scaling)
  7095. __qseecom_add_bw_scale_down_timer(
  7096. QSEECOM_SEND_CMD_CRYPTO_TIMEOUT);
  7097. if (perf_enabled) {
  7098. qsee_disable_clock_vote(data, CLK_DFAB);
  7099. qsee_disable_clock_vote(data, CLK_SFPB);
  7100. }
  7101. atomic_dec(&data->ioctl_count);
  7102. wake_up_all(&data->abort_wq);
  7103. mutex_unlock(&app_access_lock);
  7104. if (ret)
  7105. pr_err("failed qseecom_send_cmd: %d\n", ret);
  7106. __qseecom_clean_data_sglistinfo(data);
  7107. break;
  7108. }
  7109. case QSEECOM_IOCTL_RECEIVE_REQ: {
  7110. if ((data->listener.id == 0) ||
  7111. (data->type != QSEECOM_LISTENER_SERVICE)) {
  7112. pr_err("receive req: invalid handle (%d), lid(%d)\n",
  7113. data->type, data->listener.id);
  7114. ret = -EINVAL;
  7115. break;
  7116. }
  7117. atomic_inc(&data->ioctl_count);
  7118. ret = qseecom_receive_req(data);
  7119. atomic_dec(&data->ioctl_count);
  7120. wake_up_all(&data->abort_wq);
  7121. if (ret && (ret != -ERESTARTSYS))
  7122. pr_err("failed qseecom_receive_req: %d\n", ret);
  7123. break;
  7124. }
  7125. case QSEECOM_IOCTL_SEND_RESP_REQ: {
  7126. if ((data->listener.id == 0) ||
  7127. (data->type != QSEECOM_LISTENER_SERVICE)) {
  7128. pr_err("send resp req: invalid handle (%d), lid(%d)\n",
  7129. data->type, data->listener.id);
  7130. ret = -EINVAL;
  7131. break;
  7132. }
  7133. mutex_lock(&listener_access_lock);
  7134. atomic_inc(&data->ioctl_count);
  7135. if (!qseecom.qsee_reentrancy_support)
  7136. ret = qseecom_send_resp();
  7137. else
  7138. ret = qseecom_reentrancy_send_resp(data);
  7139. atomic_dec(&data->ioctl_count);
  7140. wake_up_all(&data->abort_wq);
  7141. mutex_unlock(&listener_access_lock);
  7142. if (ret)
  7143. pr_err("failed qseecom_send_resp: %d\n", ret);
  7144. break;
  7145. }
  7146. case QSEECOM_IOCTL_SET_MEM_PARAM_REQ: {
  7147. if ((data->type != QSEECOM_CLIENT_APP) &&
  7148. (data->type != QSEECOM_GENERIC) &&
  7149. (data->type != QSEECOM_SECURE_SERVICE)) {
  7150. pr_err("set mem param req: invalid handle (%d)\n",
  7151. data->type);
  7152. ret = -EINVAL;
  7153. break;
  7154. }
  7155. pr_debug("SET_MEM_PARAM: qseecom addr = 0x%pK\n", data);
  7156. mutex_lock(&app_access_lock);
  7157. atomic_inc(&data->ioctl_count);
  7158. ret = qseecom_set_client_mem_param(data, argp);
  7159. atomic_dec(&data->ioctl_count);
  7160. mutex_unlock(&app_access_lock);
  7161. if (ret)
  7162. pr_err("failed Qqseecom_set_mem_param request: %d\n",
  7163. ret);
  7164. break;
  7165. }
  7166. case QSEECOM_IOCTL_LOAD_APP_REQ: {
  7167. if ((data->type != QSEECOM_GENERIC) &&
  7168. (data->type != QSEECOM_CLIENT_APP)) {
  7169. pr_err("load app req: invalid handle (%d)\n",
  7170. data->type);
  7171. ret = -EINVAL;
  7172. break;
  7173. }
  7174. data->type = QSEECOM_CLIENT_APP;
  7175. pr_debug("LOAD_APP_REQ: qseecom_addr = 0x%pK\n", data);
  7176. mutex_lock(&app_access_lock);
  7177. atomic_inc(&data->ioctl_count);
  7178. ret = qseecom_load_app(data, argp);
  7179. atomic_dec(&data->ioctl_count);
  7180. mutex_unlock(&app_access_lock);
  7181. if (ret)
  7182. pr_err("failed load_app request: %d\n", ret);
  7183. __wakeup_unload_app_kthread();
  7184. break;
  7185. }
  7186. case QSEECOM_IOCTL_UNLOAD_APP_REQ: {
  7187. if ((data->client.app_id == 0) ||
  7188. (data->type != QSEECOM_CLIENT_APP)) {
  7189. pr_err("unload app req:invalid handle(%d) app_id(%d)\n",
  7190. data->type, data->client.app_id);
  7191. ret = -EINVAL;
  7192. break;
  7193. }
  7194. pr_debug("UNLOAD_APP: qseecom_addr = 0x%pK\n", data);
  7195. mutex_lock(&app_access_lock);
  7196. atomic_inc(&data->ioctl_count);
  7197. ret = qseecom_unload_app(data, false);
  7198. atomic_dec(&data->ioctl_count);
  7199. mutex_unlock(&app_access_lock);
  7200. if (ret)
  7201. pr_err("failed unload_app request: %d\n", ret);
  7202. __wakeup_unload_app_kthread();
  7203. break;
  7204. }
  7205. case QSEECOM_IOCTL_GET_QSEOS_VERSION_REQ: {
  7206. atomic_inc(&data->ioctl_count);
  7207. ret = qseecom_get_qseos_version(data, argp);
  7208. if (ret)
  7209. pr_err("qseecom_get_qseos_version: %d\n", ret);
  7210. atomic_dec(&data->ioctl_count);
  7211. break;
  7212. }
  7213. case QSEECOM_IOCTL_LOAD_EXTERNAL_ELF_REQ: {
  7214. if (data->type != QSEECOM_GENERIC) {
  7215. pr_err("load ext elf req: invalid client handle (%d)\n",
  7216. data->type);
  7217. ret = -EINVAL;
  7218. break;
  7219. }
  7220. data->type = QSEECOM_UNAVAILABLE_CLIENT_APP;
  7221. data->released = true;
  7222. mutex_lock(&app_access_lock);
  7223. atomic_inc(&data->ioctl_count);
  7224. ret = qseecom_load_external_elf(data, argp);
  7225. atomic_dec(&data->ioctl_count);
  7226. mutex_unlock(&app_access_lock);
  7227. if (ret)
  7228. pr_err("failed load_external_elf request: %d\n", ret);
  7229. break;
  7230. }
  7231. case QSEECOM_IOCTL_UNLOAD_EXTERNAL_ELF_REQ: {
  7232. if (data->type != QSEECOM_UNAVAILABLE_CLIENT_APP) {
  7233. pr_err("unload ext elf req: invalid handle (%d)\n",
  7234. data->type);
  7235. ret = -EINVAL;
  7236. break;
  7237. }
  7238. data->released = true;
  7239. mutex_lock(&app_access_lock);
  7240. atomic_inc(&data->ioctl_count);
  7241. ret = qseecom_unload_external_elf(data);
  7242. atomic_dec(&data->ioctl_count);
  7243. mutex_unlock(&app_access_lock);
  7244. if (ret)
  7245. pr_err("failed unload_app request: %d\n", ret);
  7246. break;
  7247. }
  7248. case QSEECOM_IOCTL_APP_LOADED_QUERY_REQ: {
  7249. if ((data->type != QSEECOM_GENERIC) &&
  7250. (data->type != QSEECOM_CLIENT_APP)) {
  7251. pr_err("app loaded query req: invalid handle (%d)\n",
  7252. data->type);
  7253. ret = -EINVAL;
  7254. break;
  7255. }
  7256. data->type = QSEECOM_CLIENT_APP;
  7257. mutex_lock(&app_access_lock);
  7258. atomic_inc(&data->ioctl_count);
  7259. pr_debug("APP_LOAD_QUERY: qseecom_addr = 0x%pK\n", data);
  7260. ret = qseecom_query_app_loaded(data, argp);
  7261. atomic_dec(&data->ioctl_count);
  7262. mutex_unlock(&app_access_lock);
  7263. break;
  7264. }
  7265. case QSEECOM_IOCTL_SEND_CMD_SERVICE_REQ: {
  7266. if (data->type != QSEECOM_GENERIC) {
  7267. pr_err("send cmd svc req: invalid handle (%d)\n",
  7268. data->type);
  7269. ret = -EINVAL;
  7270. break;
  7271. }
  7272. data->type = QSEECOM_SECURE_SERVICE;
  7273. if (qseecom.qsee_version < QSEE_VERSION_03) {
  7274. pr_err("SEND_CMD_SERVICE_REQ: Invalid qsee ver %u\n",
  7275. qseecom.qsee_version);
  7276. return -EINVAL;
  7277. }
  7278. mutex_lock(&app_access_lock);
  7279. atomic_inc(&data->ioctl_count);
  7280. ret = qseecom_send_service_cmd(data, argp);
  7281. atomic_dec(&data->ioctl_count);
  7282. mutex_unlock(&app_access_lock);
  7283. break;
  7284. }
  7285. case QSEECOM_IOCTL_CREATE_KEY_REQ: {
  7286. if (!(qseecom.support_pfe || qseecom.support_fde))
  7287. pr_err("Features requiring key init not supported\n");
  7288. if (data->type != QSEECOM_GENERIC) {
  7289. pr_err("create key req: invalid handle (%d)\n",
  7290. data->type);
  7291. ret = -EINVAL;
  7292. break;
  7293. }
  7294. if (qseecom.qsee_version < QSEE_VERSION_05) {
  7295. pr_err("Create Key feature unsupported: qsee ver %u\n",
  7296. qseecom.qsee_version);
  7297. return -EINVAL;
  7298. }
  7299. data->released = true;
  7300. mutex_lock(&app_access_lock);
  7301. atomic_inc(&data->ioctl_count);
  7302. ret = qseecom_create_key(data, argp);
  7303. if (ret)
  7304. pr_err("failed to create encryption key: %d\n", ret);
  7305. atomic_dec(&data->ioctl_count);
  7306. mutex_unlock(&app_access_lock);
  7307. break;
  7308. }
  7309. case QSEECOM_IOCTL_WIPE_KEY_REQ: {
  7310. if (!(qseecom.support_pfe || qseecom.support_fde))
  7311. pr_err("Features requiring key init not supported\n");
  7312. if (data->type != QSEECOM_GENERIC) {
  7313. pr_err("wipe key req: invalid handle (%d)\n",
  7314. data->type);
  7315. ret = -EINVAL;
  7316. break;
  7317. }
  7318. if (qseecom.qsee_version < QSEE_VERSION_05) {
  7319. pr_err("Wipe Key feature unsupported in qsee ver %u\n",
  7320. qseecom.qsee_version);
  7321. return -EINVAL;
  7322. }
  7323. data->released = true;
  7324. mutex_lock(&app_access_lock);
  7325. atomic_inc(&data->ioctl_count);
  7326. ret = qseecom_wipe_key(data, argp);
  7327. if (ret)
  7328. pr_err("failed to wipe encryption key: %d\n", ret);
  7329. atomic_dec(&data->ioctl_count);
  7330. mutex_unlock(&app_access_lock);
  7331. break;
  7332. }
  7333. case QSEECOM_IOCTL_UPDATE_KEY_USER_INFO_REQ: {
  7334. if (!(qseecom.support_pfe || qseecom.support_fde))
  7335. pr_err("Features requiring key init not supported\n");
  7336. if (data->type != QSEECOM_GENERIC) {
  7337. pr_err("update key req: invalid handle (%d)\n",
  7338. data->type);
  7339. ret = -EINVAL;
  7340. break;
  7341. }
  7342. if (qseecom.qsee_version < QSEE_VERSION_05) {
  7343. pr_err("Update Key feature unsupported in qsee ver %u\n",
  7344. qseecom.qsee_version);
  7345. return -EINVAL;
  7346. }
  7347. data->released = true;
  7348. mutex_lock(&app_access_lock);
  7349. atomic_inc(&data->ioctl_count);
  7350. ret = qseecom_update_key_user_info(data, argp);
  7351. if (ret)
  7352. pr_err("failed to update key user info: %d\n", ret);
  7353. atomic_dec(&data->ioctl_count);
  7354. mutex_unlock(&app_access_lock);
  7355. break;
  7356. }
  7357. case QSEECOM_IOCTL_SAVE_PARTITION_HASH_REQ: {
  7358. if (data->type != QSEECOM_GENERIC) {
  7359. pr_err("save part hash req: invalid handle (%d)\n",
  7360. data->type);
  7361. ret = -EINVAL;
  7362. break;
  7363. }
  7364. data->released = true;
  7365. mutex_lock(&app_access_lock);
  7366. atomic_inc(&data->ioctl_count);
  7367. ret = qseecom_save_partition_hash(argp);
  7368. atomic_dec(&data->ioctl_count);
  7369. mutex_unlock(&app_access_lock);
  7370. break;
  7371. }
  7372. case QSEECOM_IOCTL_IS_ES_ACTIVATED_REQ: {
  7373. if (data->type != QSEECOM_GENERIC) {
  7374. pr_err("ES activated req: invalid handle (%d)\n",
  7375. data->type);
  7376. ret = -EINVAL;
  7377. break;
  7378. }
  7379. data->released = true;
  7380. mutex_lock(&app_access_lock);
  7381. atomic_inc(&data->ioctl_count);
  7382. ret = qseecom_is_es_activated(argp);
  7383. atomic_dec(&data->ioctl_count);
  7384. mutex_unlock(&app_access_lock);
  7385. break;
  7386. }
  7387. case QSEECOM_IOCTL_MDTP_CIPHER_DIP_REQ: {
  7388. if (data->type != QSEECOM_GENERIC) {
  7389. pr_err("MDTP cipher DIP req: invalid handle (%d)\n",
  7390. data->type);
  7391. ret = -EINVAL;
  7392. break;
  7393. }
  7394. data->released = true;
  7395. mutex_lock(&app_access_lock);
  7396. atomic_inc(&data->ioctl_count);
  7397. ret = qseecom_mdtp_cipher_dip(argp);
  7398. atomic_dec(&data->ioctl_count);
  7399. mutex_unlock(&app_access_lock);
  7400. break;
  7401. }
  7402. case QSEECOM_IOCTL_SEND_MODFD_RESP:
  7403. case QSEECOM_IOCTL_SEND_MODFD_RESP_64: {
  7404. if ((data->listener.id == 0) ||
  7405. (data->type != QSEECOM_LISTENER_SERVICE)) {
  7406. pr_err("receive req: invalid handle (%d), lid(%d)\n",
  7407. data->type, data->listener.id);
  7408. ret = -EINVAL;
  7409. break;
  7410. }
  7411. mutex_lock(&listener_access_lock);
  7412. atomic_inc(&data->ioctl_count);
  7413. if (cmd == QSEECOM_IOCTL_SEND_MODFD_RESP)
  7414. ret = qseecom_send_modfd_resp(data, argp);
  7415. else
  7416. ret = qseecom_send_modfd_resp_64(data, argp);
  7417. atomic_dec(&data->ioctl_count);
  7418. wake_up_all(&data->abort_wq);
  7419. mutex_unlock(&listener_access_lock);
  7420. if (ret)
  7421. pr_err("failed qseecom_send_mod_resp: %d\n", ret);
  7422. __qseecom_clean_data_sglistinfo(data);
  7423. break;
  7424. }
  7425. case QSEECOM_QTEEC_IOCTL_OPEN_SESSION_REQ: {
  7426. if ((data->client.app_id == 0) ||
  7427. (data->type != QSEECOM_CLIENT_APP)) {
  7428. pr_err("Open session: invalid handle (%d) appid(%d)\n",
  7429. data->type, data->client.app_id);
  7430. ret = -EINVAL;
  7431. break;
  7432. }
  7433. if (qseecom.qsee_version < QSEE_VERSION_40) {
  7434. pr_err("GP feature unsupported: qsee ver %u\n",
  7435. qseecom.qsee_version);
  7436. return -EINVAL;
  7437. }
  7438. /* Only one client allowed here at a time */
  7439. mutex_lock(&app_access_lock);
  7440. atomic_inc(&data->ioctl_count);
  7441. ret = qseecom_qteec_open_session(data, argp);
  7442. atomic_dec(&data->ioctl_count);
  7443. wake_up_all(&data->abort_wq);
  7444. mutex_unlock(&app_access_lock);
  7445. if (ret)
  7446. pr_err("failed open_session_cmd: %d\n", ret);
  7447. __qseecom_clean_data_sglistinfo(data);
  7448. break;
  7449. }
  7450. case QSEECOM_QTEEC_IOCTL_CLOSE_SESSION_REQ: {
  7451. if ((data->client.app_id == 0) ||
  7452. (data->type != QSEECOM_CLIENT_APP)) {
  7453. pr_err("Close session: invalid handle (%d) appid(%d)\n",
  7454. data->type, data->client.app_id);
  7455. ret = -EINVAL;
  7456. break;
  7457. }
  7458. if (qseecom.qsee_version < QSEE_VERSION_40) {
  7459. pr_err("GP feature unsupported: qsee ver %u\n",
  7460. qseecom.qsee_version);
  7461. return -EINVAL;
  7462. }
  7463. /* Only one client allowed here at a time */
  7464. mutex_lock(&app_access_lock);
  7465. atomic_inc(&data->ioctl_count);
  7466. ret = qseecom_qteec_close_session(data, argp);
  7467. atomic_dec(&data->ioctl_count);
  7468. wake_up_all(&data->abort_wq);
  7469. mutex_unlock(&app_access_lock);
  7470. if (ret)
  7471. pr_err("failed close_session_cmd: %d\n", ret);
  7472. break;
  7473. }
  7474. case QSEECOM_QTEEC_IOCTL_INVOKE_MODFD_CMD_REQ: {
  7475. if ((data->client.app_id == 0) ||
  7476. (data->type != QSEECOM_CLIENT_APP)) {
  7477. pr_err("Invoke cmd: invalid handle (%d) appid(%d)\n",
  7478. data->type, data->client.app_id);
  7479. ret = -EINVAL;
  7480. break;
  7481. }
  7482. if (qseecom.qsee_version < QSEE_VERSION_40) {
  7483. pr_err("GP feature unsupported: qsee ver %u\n",
  7484. qseecom.qsee_version);
  7485. return -EINVAL;
  7486. }
  7487. /* Only one client allowed here at a time */
  7488. mutex_lock(&app_access_lock);
  7489. atomic_inc(&data->ioctl_count);
  7490. ret = qseecom_qteec_invoke_modfd_cmd(data, argp);
  7491. atomic_dec(&data->ioctl_count);
  7492. wake_up_all(&data->abort_wq);
  7493. mutex_unlock(&app_access_lock);
  7494. if (ret)
  7495. pr_err("failed Invoke cmd: %d\n", ret);
  7496. __qseecom_clean_data_sglistinfo(data);
  7497. break;
  7498. }
  7499. case QSEECOM_QTEEC_IOCTL_REQUEST_CANCELLATION_REQ: {
  7500. if ((data->client.app_id == 0) ||
  7501. (data->type != QSEECOM_CLIENT_APP)) {
  7502. pr_err("Cancel req: invalid handle (%d) appid(%d)\n",
  7503. data->type, data->client.app_id);
  7504. ret = -EINVAL;
  7505. break;
  7506. }
  7507. if (qseecom.qsee_version < QSEE_VERSION_40) {
  7508. pr_err("GP feature unsupported: qsee ver %u\n",
  7509. qseecom.qsee_version);
  7510. return -EINVAL;
  7511. }
  7512. /* Only one client allowed here at a time */
  7513. mutex_lock(&app_access_lock);
  7514. atomic_inc(&data->ioctl_count);
  7515. ret = qseecom_qteec_request_cancellation(data, argp);
  7516. atomic_dec(&data->ioctl_count);
  7517. wake_up_all(&data->abort_wq);
  7518. mutex_unlock(&app_access_lock);
  7519. if (ret)
  7520. pr_err("failed request_cancellation: %d\n", ret);
  7521. break;
  7522. }
  7523. case QSEECOM_IOCTL_GET_CE_PIPE_INFO: {
  7524. atomic_inc(&data->ioctl_count);
  7525. ret = qseecom_get_ce_info(data, argp);
  7526. if (ret)
  7527. pr_err("failed get fde ce pipe info: %d\n", ret);
  7528. atomic_dec(&data->ioctl_count);
  7529. break;
  7530. }
  7531. case QSEECOM_IOCTL_FREE_CE_PIPE_INFO: {
  7532. atomic_inc(&data->ioctl_count);
  7533. ret = qseecom_free_ce_info(data, argp);
  7534. if (ret)
  7535. pr_err("failed get fde ce pipe info: %d\n", ret);
  7536. atomic_dec(&data->ioctl_count);
  7537. break;
  7538. }
  7539. case QSEECOM_IOCTL_QUERY_CE_PIPE_INFO: {
  7540. atomic_inc(&data->ioctl_count);
  7541. ret = qseecom_query_ce_info(data, argp);
  7542. if (ret)
  7543. pr_err("failed get fde ce pipe info: %d\n", ret);
  7544. atomic_dec(&data->ioctl_count);
  7545. break;
  7546. }
  7547. case QSEECOM_IOCTL_SET_ICE_INFO: {
  7548. struct qseecom_ice_data_t ice_data;
  7549. ret = copy_from_user(&ice_data, argp, sizeof(ice_data));
  7550. if (ret) {
  7551. pr_err("copy_from_user failed\n");
  7552. return -EFAULT;
  7553. }
  7554. qcom_ice_set_fde_flag(ice_data.flag);
  7555. break;
  7556. }
  7557. case QSEECOM_IOCTL_FBE_CLEAR_KEY: {
  7558. pr_err("QSEECOM_IOCTL_FBE_CLEAR_KEY IOCTL is deprecated\n");
  7559. return -EINVAL;
  7560. }
  7561. default:
  7562. pr_err("Invalid IOCTL: 0x%x\n", cmd);
  7563. return -ENOIOCTLCMD;
  7564. }
  7565. return ret;
  7566. }
  7567. static int qseecom_open(struct inode *inode, struct file *file)
  7568. {
  7569. int ret = 0;
  7570. struct qseecom_dev_handle *data;
  7571. data = kzalloc(sizeof(*data), GFP_KERNEL);
  7572. if (!data)
  7573. {
  7574. return -ENOMEM;
  7575. }
  7576. file->private_data = data;
  7577. data->abort = 0;
  7578. data->type = QSEECOM_GENERIC;
  7579. data->released = false;
  7580. memset((void *)data->client.app_name, 0, MAX_APP_NAME_SIZE);
  7581. data->mode = INACTIVE;
  7582. init_waitqueue_head(&data->abort_wq);
  7583. atomic_set(&data->ioctl_count, 0);
  7584. data->sglistinfo_ptr = (struct sglist_info *)__qseecom_alloc_tzbuf(
  7585. sizeof(struct sglist_info) * MAX_ION_FD,
  7586. &data->sglistinfo_shm.paddr,
  7587. &data->sglistinfo_shm);
  7588. if (!data->sglistinfo_ptr)
  7589. {
  7590. return -ENOMEM;
  7591. }
  7592. return ret;
  7593. }
  7594. static void __qseecom_release_disable_clk(struct qseecom_dev_handle *data)
  7595. {
  7596. if (qseecom.no_clock_support)
  7597. return;
  7598. if (qseecom.support_bus_scaling) {
  7599. mutex_lock(&qsee_bw_mutex);
  7600. if (data->mode != INACTIVE) {
  7601. qseecom_unregister_bus_bandwidth_needs(data);
  7602. if (qseecom.cumulative_mode == INACTIVE)
  7603. __qseecom_set_msm_bus_request(INACTIVE);
  7604. }
  7605. mutex_unlock(&qsee_bw_mutex);
  7606. } else {
  7607. if (data->fast_load_enabled)
  7608. qsee_disable_clock_vote(data, CLK_SFPB);
  7609. if (data->perf_enabled)
  7610. qsee_disable_clock_vote(data, CLK_DFAB);
  7611. }
  7612. }
  7613. static int qseecom_release(struct inode *inode, struct file *file)
  7614. {
  7615. struct qseecom_dev_handle *data = file->private_data;
  7616. int ret = 0;
  7617. bool free_private_data = true;
  7618. __qseecom_release_disable_clk(data);
  7619. if (!data->released) {
  7620. pr_debug("data: released=false, type=%d, mode=%d, data=0x%pK\n",
  7621. data->type, data->mode, data);
  7622. switch (data->type) {
  7623. case QSEECOM_LISTENER_SERVICE:
  7624. pr_debug("release lsnr svc %d\n", data->listener.id);
  7625. mutex_lock(&listener_access_lock);
  7626. ret = qseecom_unregister_listener(data);
  7627. if (!ret)
  7628. free_private_data = false;
  7629. data->listener.release_called = true;
  7630. mutex_unlock(&listener_access_lock);
  7631. __wakeup_unregister_listener_kthread();
  7632. break;
  7633. case QSEECOM_CLIENT_APP:
  7634. pr_debug("release app %d (%s)\n",
  7635. data->client.app_id, data->client.app_name);
  7636. if (data->client.app_id) {
  7637. free_private_data = false;
  7638. mutex_lock(&unload_app_pending_list_lock);
  7639. ret = qseecom_prepare_unload_app(data);
  7640. mutex_unlock(&unload_app_pending_list_lock);
  7641. __wakeup_unload_app_kthread();
  7642. }
  7643. break;
  7644. case QSEECOM_SECURE_SERVICE:
  7645. case QSEECOM_GENERIC:
  7646. if (data->client.dmabuf) {
  7647. qseecom_vaddr_unmap(data->client.sb_virt,
  7648. data->client.sgt, data->client.attach,
  7649. data->client.dmabuf);
  7650. MAKE_NULL(data->client.sgt, data->client.attach,
  7651. data->client.dmabuf);
  7652. }
  7653. break;
  7654. case QSEECOM_UNAVAILABLE_CLIENT_APP:
  7655. break;
  7656. default:
  7657. pr_err("Unsupported clnt_handle_type %d\n",
  7658. data->type);
  7659. break;
  7660. }
  7661. }
  7662. if (free_private_data) {
  7663. __qseecom_free_tzbuf(&data->sglistinfo_shm);
  7664. kfree(data);
  7665. }
  7666. return ret;
  7667. }
  7668. static const struct file_operations qseecom_fops = {
  7669. .owner = THIS_MODULE,
  7670. .unlocked_ioctl = qseecom_ioctl,
  7671. .open = qseecom_open,
  7672. .release = qseecom_release
  7673. };
  7674. static int __qseecom_init_clk(enum qseecom_ce_hw_instance ce)
  7675. {
  7676. int rc = 0;
  7677. struct device *pdev;
  7678. struct qseecom_clk *qclk;
  7679. char *core_clk_src = NULL;
  7680. char *core_clk = NULL;
  7681. char *iface_clk = NULL;
  7682. char *bus_clk = NULL;
  7683. switch (ce) {
  7684. case CLK_QSEE: {
  7685. core_clk_src = "core_clk_src";
  7686. core_clk = "core_clk";
  7687. iface_clk = "iface_clk";
  7688. bus_clk = "bus_clk";
  7689. qclk = &qseecom.qsee;
  7690. qclk->instance = CLK_QSEE;
  7691. break;
  7692. };
  7693. case CLK_CE_DRV: {
  7694. core_clk_src = "ce_drv_core_clk_src";
  7695. core_clk = "ce_drv_core_clk";
  7696. iface_clk = "ce_drv_iface_clk";
  7697. bus_clk = "ce_drv_bus_clk";
  7698. qclk = &qseecom.ce_drv;
  7699. qclk->instance = CLK_CE_DRV;
  7700. break;
  7701. };
  7702. default:
  7703. pr_err("Invalid ce hw instance: %d!\n", ce);
  7704. return -EIO;
  7705. }
  7706. if (qseecom.no_clock_support) {
  7707. qclk->ce_core_clk = NULL;
  7708. qclk->ce_clk = NULL;
  7709. qclk->ce_bus_clk = NULL;
  7710. qclk->ce_core_src_clk = NULL;
  7711. return 0;
  7712. }
  7713. pdev = qseecom.pdev;
  7714. /* Get CE3 src core clk. */
  7715. qclk->ce_core_src_clk = clk_get(pdev, core_clk_src);
  7716. if (!IS_ERR(qclk->ce_core_src_clk)) {
  7717. rc = clk_set_rate(qclk->ce_core_src_clk,
  7718. qseecom.ce_opp_freq_hz);
  7719. if (rc) {
  7720. clk_put(qclk->ce_core_src_clk);
  7721. qclk->ce_core_src_clk = NULL;
  7722. pr_err("Unable to set the core src clk @%uMhz.\n",
  7723. qseecom.ce_opp_freq_hz/CE_CLK_DIV);
  7724. return -EIO;
  7725. }
  7726. } else {
  7727. pr_warn("Unable to get CE core src clk, set to NULL\n");
  7728. qclk->ce_core_src_clk = NULL;
  7729. }
  7730. /* Get CE core clk */
  7731. qclk->ce_core_clk = clk_get(pdev, core_clk);
  7732. if (IS_ERR(qclk->ce_core_clk)) {
  7733. rc = PTR_ERR(qclk->ce_core_clk);
  7734. pr_err("Unable to get CE core clk\n");
  7735. if (qclk->ce_core_src_clk != NULL)
  7736. clk_put(qclk->ce_core_src_clk);
  7737. return -EIO;
  7738. }
  7739. /* Get CE Interface clk */
  7740. qclk->ce_clk = clk_get(pdev, iface_clk);
  7741. if (IS_ERR(qclk->ce_clk)) {
  7742. rc = PTR_ERR(qclk->ce_clk);
  7743. pr_err("Unable to get CE interface clk\n");
  7744. if (qclk->ce_core_src_clk != NULL)
  7745. clk_put(qclk->ce_core_src_clk);
  7746. clk_put(qclk->ce_core_clk);
  7747. return -EIO;
  7748. }
  7749. /* Get CE AXI clk */
  7750. qclk->ce_bus_clk = clk_get(pdev, bus_clk);
  7751. if (IS_ERR(qclk->ce_bus_clk)) {
  7752. rc = PTR_ERR(qclk->ce_bus_clk);
  7753. pr_err("Unable to get CE BUS interface clk\n");
  7754. if (qclk->ce_core_src_clk != NULL)
  7755. clk_put(qclk->ce_core_src_clk);
  7756. clk_put(qclk->ce_core_clk);
  7757. clk_put(qclk->ce_clk);
  7758. return -EIO;
  7759. }
  7760. return rc;
  7761. }
  7762. static void __qseecom_deinit_clk(enum qseecom_ce_hw_instance ce)
  7763. {
  7764. struct qseecom_clk *qclk;
  7765. if (ce == CLK_QSEE)
  7766. qclk = &qseecom.qsee;
  7767. else
  7768. qclk = &qseecom.ce_drv;
  7769. if (qclk->ce_clk != NULL) {
  7770. clk_put(qclk->ce_clk);
  7771. qclk->ce_clk = NULL;
  7772. }
  7773. if (qclk->ce_core_clk != NULL) {
  7774. clk_put(qclk->ce_core_clk);
  7775. qclk->ce_core_clk = NULL;
  7776. }
  7777. if (qclk->ce_bus_clk != NULL) {
  7778. clk_put(qclk->ce_bus_clk);
  7779. qclk->ce_bus_clk = NULL;
  7780. }
  7781. if (qclk->ce_core_src_clk != NULL) {
  7782. clk_put(qclk->ce_core_src_clk);
  7783. qclk->ce_core_src_clk = NULL;
  7784. }
  7785. qclk->instance = CLK_INVALID;
  7786. }
  7787. static int qseecom_retrieve_ce_data(struct platform_device *pdev)
  7788. {
  7789. int rc = 0;
  7790. uint32_t hlos_num_ce_hw_instances;
  7791. uint32_t disk_encrypt_pipe;
  7792. uint32_t file_encrypt_pipe;
  7793. uint32_t hlos_ce_hw_instance[MAX_CE_PIPE_PAIR_PER_UNIT] = {0};
  7794. int i;
  7795. const int *tbl;
  7796. int size;
  7797. int entry;
  7798. struct qseecom_crypto_info *pfde_tbl = NULL;
  7799. struct qseecom_crypto_info *p;
  7800. int tbl_size;
  7801. int j;
  7802. bool old_db = true;
  7803. struct qseecom_ce_info_use *pce_info_use;
  7804. uint32_t *unit_tbl = NULL;
  7805. int total_units = 0;
  7806. struct qseecom_ce_pipe_entry *pce_entry;
  7807. qseecom.ce_info.fde = qseecom.ce_info.pfe = NULL;
  7808. qseecom.ce_info.num_fde = qseecom.ce_info.num_pfe = 0;
  7809. if (of_property_read_u32((&pdev->dev)->of_node,
  7810. "qcom,qsee-ce-hw-instance",
  7811. &qseecom.ce_info.qsee_ce_hw_instance)) {
  7812. pr_err("Fail to get qsee ce hw instance information.\n");
  7813. rc = -EINVAL;
  7814. goto out;
  7815. } else {
  7816. pr_debug("qsee-ce-hw-instance=0x%x\n",
  7817. qseecom.ce_info.qsee_ce_hw_instance);
  7818. }
  7819. qseecom.support_fde = of_property_read_bool((&pdev->dev)->of_node,
  7820. "qcom,support-fde");
  7821. qseecom.support_pfe = of_property_read_bool((&pdev->dev)->of_node,
  7822. "qcom,support-pfe");
  7823. if (!qseecom.support_pfe && !qseecom.support_fde) {
  7824. pr_warn("Device does not support PFE/FDE\n");
  7825. goto out;
  7826. }
  7827. if (qseecom.support_fde)
  7828. tbl = of_get_property((&pdev->dev)->of_node,
  7829. "qcom,full-disk-encrypt-info", &size);
  7830. else
  7831. tbl = NULL;
  7832. if (tbl) {
  7833. old_db = false;
  7834. if (size % sizeof(struct qseecom_crypto_info)) {
  7835. pr_err("full-disk-encrypt-info tbl size(%d)\n",
  7836. size);
  7837. rc = -EINVAL;
  7838. goto out;
  7839. }
  7840. tbl_size = size / sizeof
  7841. (struct qseecom_crypto_info);
  7842. pfde_tbl = kzalloc(size, GFP_KERNEL);
  7843. unit_tbl = kcalloc(tbl_size, sizeof(int), GFP_KERNEL);
  7844. total_units = 0;
  7845. if (!pfde_tbl || !unit_tbl) {
  7846. rc = -ENOMEM;
  7847. goto out;
  7848. }
  7849. if (of_property_read_u32_array((&pdev->dev)->of_node,
  7850. "qcom,full-disk-encrypt-info",
  7851. (u32 *)pfde_tbl, size/sizeof(u32))) {
  7852. pr_err("failed to read full-disk-encrypt-info tbl\n");
  7853. rc = -EINVAL;
  7854. goto out;
  7855. }
  7856. for (i = 0, p = pfde_tbl; i < tbl_size; i++, p++) {
  7857. for (j = 0; j < total_units; j++) {
  7858. if (p->unit_num == *(unit_tbl + j))
  7859. break;
  7860. }
  7861. if (j == total_units) {
  7862. *(unit_tbl + total_units) = p->unit_num;
  7863. total_units++;
  7864. }
  7865. }
  7866. qseecom.ce_info.num_fde = total_units;
  7867. pce_info_use = qseecom.ce_info.fde = kcalloc(
  7868. total_units, sizeof(struct qseecom_ce_info_use),
  7869. GFP_KERNEL);
  7870. if (!pce_info_use) {
  7871. rc = -ENOMEM;
  7872. goto out;
  7873. }
  7874. for (j = 0; j < total_units; j++, pce_info_use++) {
  7875. pce_info_use->unit_num = *(unit_tbl + j);
  7876. pce_info_use->alloc = false;
  7877. pce_info_use->type = CE_PIPE_PAIR_USE_TYPE_FDE;
  7878. pce_info_use->num_ce_pipe_entries = 0;
  7879. pce_info_use->ce_pipe_entry = NULL;
  7880. for (i = 0, p = pfde_tbl; i < tbl_size; i++, p++) {
  7881. if (p->unit_num == pce_info_use->unit_num)
  7882. pce_info_use->num_ce_pipe_entries++;
  7883. }
  7884. entry = pce_info_use->num_ce_pipe_entries;
  7885. pce_entry = pce_info_use->ce_pipe_entry =
  7886. kcalloc(entry,
  7887. sizeof(struct qseecom_ce_pipe_entry),
  7888. GFP_KERNEL);
  7889. if (pce_entry == NULL) {
  7890. rc = -ENOMEM;
  7891. goto out;
  7892. }
  7893. for (i = 0, p = pfde_tbl; i < tbl_size; i++, p++) {
  7894. if (p->unit_num == pce_info_use->unit_num) {
  7895. pce_entry->ce_num = p->ce;
  7896. pce_entry->ce_pipe_pair =
  7897. p->pipe_pair;
  7898. pce_entry->valid = true;
  7899. pce_entry++;
  7900. }
  7901. }
  7902. }
  7903. kfree(unit_tbl);
  7904. unit_tbl = NULL;
  7905. kfree(pfde_tbl);
  7906. pfde_tbl = NULL;
  7907. }
  7908. if (qseecom.support_pfe)
  7909. tbl = of_get_property((&pdev->dev)->of_node,
  7910. "qcom,per-file-encrypt-info", &size);
  7911. else
  7912. tbl = NULL;
  7913. if (tbl) {
  7914. old_db = false;
  7915. if (size % sizeof(struct qseecom_crypto_info)) {
  7916. pr_err("per-file-encrypt-info tbl size(%d)\n",
  7917. size);
  7918. rc = -EINVAL;
  7919. goto out;
  7920. }
  7921. tbl_size = size / sizeof
  7922. (struct qseecom_crypto_info);
  7923. pfde_tbl = kzalloc(size, GFP_KERNEL);
  7924. unit_tbl = kcalloc(tbl_size, sizeof(int), GFP_KERNEL);
  7925. total_units = 0;
  7926. if (!pfde_tbl || !unit_tbl) {
  7927. rc = -ENOMEM;
  7928. goto out;
  7929. }
  7930. if (of_property_read_u32_array((&pdev->dev)->of_node,
  7931. "qcom,per-file-encrypt-info",
  7932. (u32 *)pfde_tbl, size/sizeof(u32))) {
  7933. pr_err("failed to read per-file-encrypt-info tbl\n");
  7934. rc = -EINVAL;
  7935. goto out;
  7936. }
  7937. for (i = 0, p = pfde_tbl; i < tbl_size; i++, p++) {
  7938. for (j = 0; j < total_units; j++) {
  7939. if (p->unit_num == *(unit_tbl + j))
  7940. break;
  7941. }
  7942. if (j == total_units) {
  7943. *(unit_tbl + total_units) = p->unit_num;
  7944. total_units++;
  7945. }
  7946. }
  7947. qseecom.ce_info.num_pfe = total_units;
  7948. pce_info_use = qseecom.ce_info.pfe = kcalloc(
  7949. total_units, sizeof(struct qseecom_ce_info_use),
  7950. GFP_KERNEL);
  7951. if (!pce_info_use) {
  7952. rc = -ENOMEM;
  7953. goto out;
  7954. }
  7955. for (j = 0; j < total_units; j++, pce_info_use++) {
  7956. pce_info_use->unit_num = *(unit_tbl + j);
  7957. pce_info_use->alloc = false;
  7958. pce_info_use->type = CE_PIPE_PAIR_USE_TYPE_PFE;
  7959. pce_info_use->num_ce_pipe_entries = 0;
  7960. pce_info_use->ce_pipe_entry = NULL;
  7961. for (i = 0, p = pfde_tbl; i < tbl_size; i++, p++) {
  7962. if (p->unit_num == pce_info_use->unit_num)
  7963. pce_info_use->num_ce_pipe_entries++;
  7964. }
  7965. entry = pce_info_use->num_ce_pipe_entries;
  7966. pce_entry = pce_info_use->ce_pipe_entry =
  7967. kcalloc(entry,
  7968. sizeof(struct qseecom_ce_pipe_entry),
  7969. GFP_KERNEL);
  7970. if (pce_entry == NULL) {
  7971. rc = -ENOMEM;
  7972. goto out;
  7973. }
  7974. for (i = 0, p = pfde_tbl; i < tbl_size; i++, p++) {
  7975. if (p->unit_num == pce_info_use->unit_num) {
  7976. pce_entry->ce_num = p->ce;
  7977. pce_entry->ce_pipe_pair =
  7978. p->pipe_pair;
  7979. pce_entry->valid = true;
  7980. pce_entry++;
  7981. }
  7982. }
  7983. }
  7984. kfree(unit_tbl);
  7985. unit_tbl = NULL;
  7986. kfree(pfde_tbl);
  7987. pfde_tbl = NULL;
  7988. }
  7989. if (!old_db)
  7990. goto out1;
  7991. if (of_property_read_bool((&pdev->dev)->of_node,
  7992. "qcom,support-multiple-ce-hw-instance")) {
  7993. if (of_property_read_u32((&pdev->dev)->of_node,
  7994. "qcom,hlos-num-ce-hw-instances",
  7995. &hlos_num_ce_hw_instances)) {
  7996. pr_err("Fail: get hlos number of ce hw instance\n");
  7997. rc = -EINVAL;
  7998. goto out;
  7999. }
  8000. } else {
  8001. hlos_num_ce_hw_instances = 1;
  8002. }
  8003. if (hlos_num_ce_hw_instances > MAX_CE_PIPE_PAIR_PER_UNIT) {
  8004. pr_err("Fail: hlos number of ce hw instance exceeds %d\n",
  8005. MAX_CE_PIPE_PAIR_PER_UNIT);
  8006. rc = -EINVAL;
  8007. goto out;
  8008. }
  8009. if (of_property_read_u32_array((&pdev->dev)->of_node,
  8010. "qcom,hlos-ce-hw-instance", hlos_ce_hw_instance,
  8011. hlos_num_ce_hw_instances)) {
  8012. pr_err("Fail: get hlos ce hw instance info\n");
  8013. rc = -EINVAL;
  8014. goto out;
  8015. }
  8016. if (qseecom.support_fde) {
  8017. pce_info_use = qseecom.ce_info.fde =
  8018. kzalloc(sizeof(struct qseecom_ce_info_use), GFP_KERNEL);
  8019. if (!pce_info_use) {
  8020. rc = -ENOMEM;
  8021. goto out;
  8022. }
  8023. /* by default for old db */
  8024. qseecom.ce_info.num_fde = DEFAULT_NUM_CE_INFO_UNIT;
  8025. pce_info_use->unit_num = DEFAULT_CE_INFO_UNIT;
  8026. pce_info_use->alloc = false;
  8027. pce_info_use->type = CE_PIPE_PAIR_USE_TYPE_FDE;
  8028. pce_info_use->ce_pipe_entry = NULL;
  8029. if (of_property_read_u32((&pdev->dev)->of_node,
  8030. "qcom,disk-encrypt-pipe-pair",
  8031. &disk_encrypt_pipe)) {
  8032. pr_err("Fail to get FDE pipe information.\n");
  8033. rc = -EINVAL;
  8034. goto out;
  8035. } else {
  8036. pr_debug("disk-encrypt-pipe-pair=0x%x\n",
  8037. disk_encrypt_pipe);
  8038. }
  8039. entry = pce_info_use->num_ce_pipe_entries =
  8040. hlos_num_ce_hw_instances;
  8041. pce_entry = pce_info_use->ce_pipe_entry =
  8042. kcalloc(entry,
  8043. sizeof(struct qseecom_ce_pipe_entry),
  8044. GFP_KERNEL);
  8045. if (pce_entry == NULL) {
  8046. rc = -ENOMEM;
  8047. goto out;
  8048. }
  8049. for (i = 0; i < entry; i++) {
  8050. pce_entry->ce_num = hlos_ce_hw_instance[i];
  8051. pce_entry->ce_pipe_pair = disk_encrypt_pipe;
  8052. pce_entry->valid = 1;
  8053. pce_entry++;
  8054. }
  8055. } else {
  8056. pr_warn("Device does not support FDE\n");
  8057. disk_encrypt_pipe = 0xff;
  8058. }
  8059. if (qseecom.support_pfe) {
  8060. pce_info_use = qseecom.ce_info.pfe =
  8061. kzalloc(sizeof(struct qseecom_ce_info_use), GFP_KERNEL);
  8062. if (!pce_info_use) {
  8063. rc = -ENOMEM;
  8064. goto out;
  8065. }
  8066. /* by default for old db */
  8067. qseecom.ce_info.num_pfe = DEFAULT_NUM_CE_INFO_UNIT;
  8068. pce_info_use->unit_num = DEFAULT_CE_INFO_UNIT;
  8069. pce_info_use->alloc = false;
  8070. pce_info_use->type = CE_PIPE_PAIR_USE_TYPE_PFE;
  8071. pce_info_use->ce_pipe_entry = NULL;
  8072. if (of_property_read_u32((&pdev->dev)->of_node,
  8073. "qcom,file-encrypt-pipe-pair",
  8074. &file_encrypt_pipe)) {
  8075. pr_err("Fail to get PFE pipe information.\n");
  8076. rc = -EINVAL;
  8077. goto out;
  8078. } else {
  8079. pr_debug("file-encrypt-pipe-pair=0x%x\n",
  8080. file_encrypt_pipe);
  8081. }
  8082. entry = pce_info_use->num_ce_pipe_entries =
  8083. hlos_num_ce_hw_instances;
  8084. pce_entry = pce_info_use->ce_pipe_entry =
  8085. kcalloc(entry,
  8086. sizeof(struct qseecom_ce_pipe_entry),
  8087. GFP_KERNEL);
  8088. if (pce_entry == NULL) {
  8089. rc = -ENOMEM;
  8090. goto out;
  8091. }
  8092. for (i = 0; i < entry; i++) {
  8093. pce_entry->ce_num = hlos_ce_hw_instance[i];
  8094. pce_entry->ce_pipe_pair = file_encrypt_pipe;
  8095. pce_entry->valid = 1;
  8096. pce_entry++;
  8097. }
  8098. } else {
  8099. pr_warn("Device does not support PFE\n");
  8100. file_encrypt_pipe = 0xff;
  8101. }
  8102. out1:
  8103. qseecom.qsee.instance = qseecom.ce_info.qsee_ce_hw_instance;
  8104. qseecom.ce_drv.instance = hlos_ce_hw_instance[0];
  8105. out:
  8106. if (rc) {
  8107. if (qseecom.ce_info.fde) {
  8108. pce_info_use = qseecom.ce_info.fde;
  8109. for (i = 0; i < qseecom.ce_info.num_fde; i++) {
  8110. pce_entry = pce_info_use->ce_pipe_entry;
  8111. kfree(pce_entry);
  8112. pce_info_use++;
  8113. }
  8114. }
  8115. kfree(qseecom.ce_info.fde);
  8116. qseecom.ce_info.fde = NULL;
  8117. if (qseecom.ce_info.pfe) {
  8118. pce_info_use = qseecom.ce_info.pfe;
  8119. for (i = 0; i < qseecom.ce_info.num_pfe; i++) {
  8120. pce_entry = pce_info_use->ce_pipe_entry;
  8121. kfree(pce_entry);
  8122. pce_info_use++;
  8123. }
  8124. }
  8125. kfree(qseecom.ce_info.pfe);
  8126. qseecom.ce_info.pfe = NULL;
  8127. }
  8128. kfree(unit_tbl);
  8129. kfree(pfde_tbl);
  8130. return rc;
  8131. }
  8132. static int qseecom_get_ce_info(struct qseecom_dev_handle *data,
  8133. void __user *argp)
  8134. {
  8135. struct qseecom_ce_info_req req;
  8136. struct qseecom_ce_info_req *pinfo = &req;
  8137. int ret = 0;
  8138. int i;
  8139. unsigned int entries;
  8140. struct qseecom_ce_info_use *pce_info_use, *p;
  8141. int total = 0;
  8142. bool found = false;
  8143. struct qseecom_ce_pipe_entry *pce_entry;
  8144. ret = copy_from_user(pinfo, argp,
  8145. sizeof(struct qseecom_ce_info_req));
  8146. if (ret) {
  8147. pr_err("copy_from_user failed\n");
  8148. return ret;
  8149. }
  8150. switch (pinfo->usage) {
  8151. case QSEOS_KM_USAGE_DISK_ENCRYPTION:
  8152. case QSEOS_KM_USAGE_UFS_ICE_DISK_ENCRYPTION:
  8153. case QSEOS_KM_USAGE_SDCC_ICE_DISK_ENCRYPTION:
  8154. if (qseecom.support_fde) {
  8155. p = qseecom.ce_info.fde;
  8156. total = qseecom.ce_info.num_fde;
  8157. } else {
  8158. pr_err("system does not support fde\n");
  8159. return -EINVAL;
  8160. }
  8161. break;
  8162. case QSEOS_KM_USAGE_FILE_ENCRYPTION:
  8163. if (qseecom.support_pfe) {
  8164. p = qseecom.ce_info.pfe;
  8165. total = qseecom.ce_info.num_pfe;
  8166. } else {
  8167. pr_err("system does not support pfe\n");
  8168. return -EINVAL;
  8169. }
  8170. break;
  8171. default:
  8172. pr_err("unsupported usage %d\n", pinfo->usage);
  8173. return -EINVAL;
  8174. }
  8175. pce_info_use = NULL;
  8176. for (i = 0; i < total; i++) {
  8177. if (!p->alloc)
  8178. pce_info_use = p;
  8179. else if (!memcmp(p->handle, pinfo->handle,
  8180. MAX_CE_INFO_HANDLE_SIZE)) {
  8181. pce_info_use = p;
  8182. found = true;
  8183. break;
  8184. }
  8185. p++;
  8186. }
  8187. if (pce_info_use == NULL)
  8188. return -EBUSY;
  8189. pinfo->unit_num = pce_info_use->unit_num;
  8190. if (!pce_info_use->alloc) {
  8191. pce_info_use->alloc = true;
  8192. memcpy(pce_info_use->handle,
  8193. pinfo->handle, MAX_CE_INFO_HANDLE_SIZE);
  8194. }
  8195. if (pce_info_use->num_ce_pipe_entries >
  8196. MAX_CE_PIPE_PAIR_PER_UNIT)
  8197. entries = MAX_CE_PIPE_PAIR_PER_UNIT;
  8198. else
  8199. entries = pce_info_use->num_ce_pipe_entries;
  8200. pinfo->num_ce_pipe_entries = entries;
  8201. pce_entry = pce_info_use->ce_pipe_entry;
  8202. for (i = 0; i < entries; i++, pce_entry++)
  8203. pinfo->ce_pipe_entry[i] = *pce_entry;
  8204. for (; i < MAX_CE_PIPE_PAIR_PER_UNIT; i++)
  8205. pinfo->ce_pipe_entry[i].valid = 0;
  8206. if (copy_to_user(argp, pinfo, sizeof(struct qseecom_ce_info_req))) {
  8207. pr_err("copy_to_user failed\n");
  8208. ret = -EFAULT;
  8209. }
  8210. return ret;
  8211. }
  8212. static int qseecom_free_ce_info(struct qseecom_dev_handle *data,
  8213. void __user *argp)
  8214. {
  8215. struct qseecom_ce_info_req req;
  8216. struct qseecom_ce_info_req *pinfo = &req;
  8217. int ret = 0;
  8218. struct qseecom_ce_info_use *p;
  8219. int total = 0;
  8220. int i;
  8221. bool found = false;
  8222. ret = copy_from_user(pinfo, argp,
  8223. sizeof(struct qseecom_ce_info_req));
  8224. if (ret)
  8225. return ret;
  8226. switch (pinfo->usage) {
  8227. case QSEOS_KM_USAGE_DISK_ENCRYPTION:
  8228. case QSEOS_KM_USAGE_UFS_ICE_DISK_ENCRYPTION:
  8229. case QSEOS_KM_USAGE_SDCC_ICE_DISK_ENCRYPTION:
  8230. if (qseecom.support_fde) {
  8231. p = qseecom.ce_info.fde;
  8232. total = qseecom.ce_info.num_fde;
  8233. } else {
  8234. pr_err("system does not support fde\n");
  8235. return -EINVAL;
  8236. }
  8237. break;
  8238. case QSEOS_KM_USAGE_FILE_ENCRYPTION:
  8239. if (qseecom.support_pfe) {
  8240. p = qseecom.ce_info.pfe;
  8241. total = qseecom.ce_info.num_pfe;
  8242. } else {
  8243. pr_err("system does not support pfe\n");
  8244. return -EINVAL;
  8245. }
  8246. break;
  8247. default:
  8248. pr_err("unsupported usage %d\n", pinfo->usage);
  8249. return -EINVAL;
  8250. }
  8251. for (i = 0; i < total; i++) {
  8252. if (p->alloc &&
  8253. !memcmp(p->handle, pinfo->handle,
  8254. MAX_CE_INFO_HANDLE_SIZE)) {
  8255. memset(p->handle, 0, MAX_CE_INFO_HANDLE_SIZE);
  8256. p->alloc = false;
  8257. found = true;
  8258. break;
  8259. }
  8260. p++;
  8261. }
  8262. return ret;
  8263. }
  8264. static int qseecom_query_ce_info(struct qseecom_dev_handle *data,
  8265. void __user *argp)
  8266. {
  8267. struct qseecom_ce_info_req req;
  8268. struct qseecom_ce_info_req *pinfo = &req;
  8269. int ret = 0;
  8270. int i;
  8271. unsigned int entries;
  8272. struct qseecom_ce_info_use *pce_info_use, *p;
  8273. int total = 0;
  8274. bool found = false;
  8275. struct qseecom_ce_pipe_entry *pce_entry;
  8276. ret = copy_from_user(pinfo, argp,
  8277. sizeof(struct qseecom_ce_info_req));
  8278. if (ret)
  8279. return ret;
  8280. switch (pinfo->usage) {
  8281. case QSEOS_KM_USAGE_DISK_ENCRYPTION:
  8282. case QSEOS_KM_USAGE_UFS_ICE_DISK_ENCRYPTION:
  8283. case QSEOS_KM_USAGE_SDCC_ICE_DISK_ENCRYPTION:
  8284. if (qseecom.support_fde) {
  8285. p = qseecom.ce_info.fde;
  8286. total = qseecom.ce_info.num_fde;
  8287. } else {
  8288. pr_err("system does not support fde\n");
  8289. return -EINVAL;
  8290. }
  8291. break;
  8292. case QSEOS_KM_USAGE_FILE_ENCRYPTION:
  8293. if (qseecom.support_pfe) {
  8294. p = qseecom.ce_info.pfe;
  8295. total = qseecom.ce_info.num_pfe;
  8296. } else {
  8297. pr_err("system does not support pfe\n");
  8298. return -EINVAL;
  8299. }
  8300. break;
  8301. default:
  8302. pr_err("unsupported usage %d\n", pinfo->usage);
  8303. return -EINVAL;
  8304. }
  8305. pce_info_use = NULL;
  8306. pinfo->unit_num = INVALID_CE_INFO_UNIT_NUM;
  8307. pinfo->num_ce_pipe_entries = 0;
  8308. for (i = 0; i < MAX_CE_PIPE_PAIR_PER_UNIT; i++)
  8309. pinfo->ce_pipe_entry[i].valid = 0;
  8310. for (i = 0; i < total; i++) {
  8311. if (p->alloc && !memcmp(p->handle,
  8312. pinfo->handle, MAX_CE_INFO_HANDLE_SIZE)) {
  8313. pce_info_use = p;
  8314. found = true;
  8315. break;
  8316. }
  8317. p++;
  8318. }
  8319. if (!pce_info_use)
  8320. goto out;
  8321. pinfo->unit_num = pce_info_use->unit_num;
  8322. if (pce_info_use->num_ce_pipe_entries >
  8323. MAX_CE_PIPE_PAIR_PER_UNIT)
  8324. entries = MAX_CE_PIPE_PAIR_PER_UNIT;
  8325. else
  8326. entries = pce_info_use->num_ce_pipe_entries;
  8327. pinfo->num_ce_pipe_entries = entries;
  8328. pce_entry = pce_info_use->ce_pipe_entry;
  8329. for (i = 0; i < entries; i++, pce_entry++)
  8330. pinfo->ce_pipe_entry[i] = *pce_entry;
  8331. for (; i < MAX_CE_PIPE_PAIR_PER_UNIT; i++)
  8332. pinfo->ce_pipe_entry[i].valid = 0;
  8333. out:
  8334. if (copy_to_user(argp, pinfo, sizeof(struct qseecom_ce_info_req))) {
  8335. pr_err("copy_to_user failed\n");
  8336. ret = -EFAULT;
  8337. }
  8338. return ret;
  8339. }
  8340. /*
  8341. * Check whitelist feature, and if TZ feature version is < 1.0.0,
  8342. * then whitelist feature is not supported.
  8343. */
  8344. #define GET_FEAT_VERSION_CMD 3
  8345. static int qseecom_check_whitelist_feature(void)
  8346. {
  8347. struct qseecom_scm_desc desc = {0};
  8348. int version = 0;
  8349. int ret = 0;
  8350. desc.args[0] = FEATURE_ID_WHITELIST;
  8351. desc.arginfo = SCM_ARGS(1);
  8352. mutex_lock(&app_access_lock);
  8353. ret = __qseecom_scm_call2_locked(SCM_SIP_FNID(SCM_SVC_INFO,
  8354. GET_FEAT_VERSION_CMD), &desc);
  8355. mutex_unlock(&app_access_lock);
  8356. if (!ret)
  8357. version = desc.ret[0];
  8358. return version >= MAKE_WHITELIST_VERSION(1, 0, 0);
  8359. }
  8360. static int qseecom_init_clk(void)
  8361. {
  8362. int rc;
  8363. if (qseecom.no_clock_support)
  8364. return 0;
  8365. rc = __qseecom_init_clk(CLK_QSEE);
  8366. if (rc)
  8367. return rc;
  8368. if ((qseecom.qsee.instance != qseecom.ce_drv.instance) &&
  8369. (qseecom.support_pfe || qseecom.support_fde)) {
  8370. rc = __qseecom_init_clk(CLK_CE_DRV);
  8371. if (rc) {
  8372. __qseecom_deinit_clk(CLK_QSEE);
  8373. return rc;
  8374. }
  8375. } else {
  8376. qseecom.ce_drv.ce_core_clk = qseecom.qsee.ce_core_clk;
  8377. qseecom.ce_drv.ce_clk = qseecom.qsee.ce_clk;
  8378. qseecom.ce_drv.ce_core_src_clk = qseecom.qsee.ce_core_src_clk;
  8379. qseecom.ce_drv.ce_bus_clk = qseecom.qsee.ce_bus_clk;
  8380. }
  8381. return rc;
  8382. }
  8383. static void qseecom_deinit_clk(void)
  8384. {
  8385. if (qseecom.no_clock_support)
  8386. return;
  8387. __qseecom_deinit_clk(CLK_QSEE);
  8388. if ((qseecom.qsee.instance != qseecom.ce_drv.instance) &&
  8389. (qseecom.support_pfe || qseecom.support_fde))
  8390. __qseecom_deinit_clk(CLK_CE_DRV);
  8391. }
  8392. static int qseecom_init_bus(struct platform_device *pdev)
  8393. {
  8394. int ret = 0;
  8395. if (!qseecom.support_bus_scaling)
  8396. return 0;
  8397. if (qseecom.no_clock_support) {
  8398. pr_err("Can not support bus_scalling if no clock support\n");
  8399. return -EINVAL;
  8400. }
  8401. timer_setup(&(qseecom.bw_scale_down_timer),
  8402. qseecom_scale_bus_bandwidth_timer_callback, 0);
  8403. INIT_WORK(&qseecom.bw_inactive_req_ws,
  8404. qseecom_bw_inactive_req_work);
  8405. qseecom.timer_running = false;
  8406. qseecom.icc_path = of_icc_get(&pdev->dev, "data_path");
  8407. if (IS_ERR(qseecom.icc_path)) {
  8408. ret = PTR_ERR(qseecom.icc_path);
  8409. if (ret != -EPROBE_DEFER)
  8410. pr_err("Unable to get Interconnect path\n");
  8411. return ret;
  8412. }
  8413. return 0;
  8414. }
  8415. static void qseecom_deinit_bus(void)
  8416. {
  8417. if (!qseecom.support_bus_scaling || qseecom.no_clock_support)
  8418. return;
  8419. qseecom_bus_scale_update_request(qseecom.qsee_perf_client, 0);
  8420. icc_put(qseecom.icc_path);
  8421. cancel_work_sync(&qseecom.bw_inactive_req_ws);
  8422. del_timer_sync(&qseecom.bw_scale_down_timer);
  8423. }
  8424. static int qseecom_send_app_region(struct platform_device *pdev)
  8425. {
  8426. struct resource *resource = NULL;
  8427. struct qsee_apps_region_info_64bit_ireq req_64bit;
  8428. struct qseecom_command_scm_resp resp;
  8429. void *cmd_buf = NULL;
  8430. size_t cmd_len;
  8431. int rc = 0;
  8432. if (qseecom.qsee_version < QSEE_VERSION_02 ||
  8433. qseecom.is_apps_region_protected ||
  8434. qseecom.appsbl_qseecom_support)
  8435. return 0;
  8436. resource = platform_get_resource_byname(pdev,
  8437. IORESOURCE_MEM, "secapp-region");
  8438. if (!resource) {
  8439. pr_err("Fail to get secure app region info\n");
  8440. return -ENOMEM;
  8441. }
  8442. req_64bit.qsee_cmd_id = QSEOS_APP_REGION_NOTIFICATION;
  8443. req_64bit.addr = resource->start;
  8444. req_64bit.size = resource_size(resource);
  8445. cmd_buf = (void *)&req_64bit;
  8446. cmd_len = sizeof(struct qsee_apps_region_info_64bit_ireq);
  8447. pr_warn("secure app region addr=0x%llx size=0x%x\n",
  8448. req_64bit.addr, req_64bit.size);
  8449. rc = __qseecom_enable_clk(CLK_QSEE);
  8450. if (rc) {
  8451. pr_err("CLK_QSEE enabling failed (%d)\n", rc);
  8452. return rc;
  8453. }
  8454. mutex_lock(&app_access_lock);
  8455. rc = qseecom_scm_call(SCM_SVC_TZSCHEDULER, 1,
  8456. cmd_buf, cmd_len,
  8457. &resp, sizeof(resp));
  8458. mutex_unlock(&app_access_lock);
  8459. __qseecom_disable_clk(CLK_QSEE);
  8460. if (rc || (resp.result != QSEOS_RESULT_SUCCESS)) {
  8461. pr_err("send secapp reg fail %d resp.res %d\n",
  8462. rc, resp.result);
  8463. return -EINVAL;
  8464. }
  8465. return rc;
  8466. }
  8467. static void qseecom_release_ce_data(void)
  8468. {
  8469. int i;
  8470. struct qseecom_ce_info_use *pce_info_use = NULL;
  8471. if (qseecom.ce_info.fde) {
  8472. pce_info_use = qseecom.ce_info.fde;
  8473. for (i = 0; i < qseecom.ce_info.num_fde; i++) {
  8474. kfree_sensitive(pce_info_use->ce_pipe_entry);
  8475. pce_info_use++;
  8476. }
  8477. kfree(qseecom.ce_info.fde);
  8478. }
  8479. if (qseecom.ce_info.pfe) {
  8480. pce_info_use = qseecom.ce_info.pfe;
  8481. for (i = 0; i < qseecom.ce_info.num_pfe; i++) {
  8482. kfree_sensitive(pce_info_use->ce_pipe_entry);
  8483. pce_info_use++;
  8484. }
  8485. kfree(qseecom.ce_info.pfe);
  8486. }
  8487. }
  8488. static int qseecom_reboot_worker(struct notifier_block *nb, unsigned long val, void *data)
  8489. {
  8490. struct qseecom_registered_listener_list *entry;
  8491. /* Mark all the listener as abort since system is going
  8492. * for a reboot so every pending listener request should
  8493. * be aborted.
  8494. */
  8495. list_for_each_entry(entry,
  8496. &qseecom.registered_listener_list_head, list) {
  8497. entry->abort = 1;
  8498. }
  8499. /* stop CA thread waiting for listener response */
  8500. wake_up_interruptible_all(&qseecom.send_resp_wq);
  8501. /* Assumption is system going in reboot
  8502. * every registered listener from userspace waiting
  8503. * on event interruptible will receive interrupt as
  8504. * TASK_INTERRUPTIBLE flag will be set for them
  8505. */
  8506. return 0;
  8507. }
  8508. static int qseecom_register_reboot_notifier(void)
  8509. {
  8510. int rc = 0;
  8511. /* Registering reboot notifier for resource cleanup at reboot.
  8512. * Current implementation is for listener use case,
  8513. * it can be extended to App also in case of any corner
  8514. * case issue found.
  8515. */
  8516. qseecom.reboot_nb.notifier_call = qseecom_reboot_worker;
  8517. rc = register_reboot_notifier(&(qseecom.reboot_nb));
  8518. if (rc)
  8519. pr_err("failed to register reboot notifier\n");
  8520. return rc;
  8521. }
  8522. static int qseecom_init_dev(struct platform_device *pdev)
  8523. {
  8524. int rc = 0;
  8525. rc = alloc_chrdev_region(&qseecom.qseecom_device_no,
  8526. 0, 1, QSEECOM_DEV);
  8527. if (rc < 0) {
  8528. pr_err("alloc_chrdev_region failed %d\n", rc);
  8529. return rc;
  8530. }
  8531. #if (KERNEL_VERSION(6, 3, 0) <= LINUX_VERSION_CODE)
  8532. qseecom.driver_class = class_create(QSEECOM_DEV);
  8533. #else
  8534. qseecom.driver_class = class_create(THIS_MODULE, QSEECOM_DEV);
  8535. #endif
  8536. if (IS_ERR(qseecom.driver_class)) {
  8537. rc = PTR_ERR(qseecom.driver_class);
  8538. pr_err("class_create failed %x\n", rc);
  8539. goto exit_unreg_chrdev_region;
  8540. }
  8541. qseecom.pdev = device_create(qseecom.driver_class, NULL,
  8542. qseecom.qseecom_device_no, NULL,
  8543. QSEECOM_DEV);
  8544. if (IS_ERR(qseecom.pdev)) {
  8545. pr_err("class_device_create failed %d\n", rc);
  8546. rc = PTR_ERR(qseecom.pdev);
  8547. goto exit_destroy_class;
  8548. }
  8549. cdev_init(&qseecom.cdev, &qseecom_fops);
  8550. qseecom.cdev.owner = THIS_MODULE;
  8551. rc = cdev_add(&qseecom.cdev,
  8552. MKDEV(MAJOR(qseecom.qseecom_device_no), 0), 1);
  8553. if (rc < 0) {
  8554. pr_err("cdev_add failed %d\n", rc);
  8555. goto exit_destroy_device;
  8556. }
  8557. qseecom.dev = &pdev->dev;
  8558. rc = dma_set_mask(qseecom.dev, DMA_BIT_MASK(64));
  8559. if (rc) {
  8560. pr_err("qseecom failed to set dma mask %d\n", rc);
  8561. goto exit_del_cdev;
  8562. }
  8563. if (!qseecom.dev->dma_parms) {
  8564. qseecom.dev->dma_parms =
  8565. kzalloc(sizeof(*qseecom.dev->dma_parms), GFP_KERNEL);
  8566. if (!qseecom.dev->dma_parms) {
  8567. rc = -ENOMEM;
  8568. goto exit_del_cdev;
  8569. }
  8570. }
  8571. dma_set_max_seg_size(qseecom.dev, DMA_BIT_MASK(32));
  8572. rc = of_reserved_mem_device_init_by_idx(&pdev->dev,
  8573. (&pdev->dev)->of_node, 0);
  8574. if (rc) {
  8575. pr_err("Failed to initialize reserved mem, ret %d\n", rc);
  8576. goto exit_del_cdev;
  8577. }
  8578. rc = qseecom_register_reboot_notifier();
  8579. if (rc) {
  8580. pr_err("failed in registering reboot notifier %d\n", rc);
  8581. /* exit even if notifier registration fail.
  8582. * Although, thats not a functional failure from qseecom
  8583. * driver prespective but this registration
  8584. * failure will cause more complex issue at the
  8585. * time of reboot or possibly halt the reboot.
  8586. */
  8587. goto exit_del_cdev;
  8588. }
  8589. return 0;
  8590. exit_del_cdev:
  8591. cdev_del(&qseecom.cdev);
  8592. exit_destroy_device:
  8593. device_destroy(qseecom.driver_class, qseecom.qseecom_device_no);
  8594. exit_destroy_class:
  8595. class_destroy(qseecom.driver_class);
  8596. exit_unreg_chrdev_region:
  8597. unregister_chrdev_region(qseecom.qseecom_device_no, 1);
  8598. return rc;
  8599. }
  8600. static void qseecom_deinit_dev(void)
  8601. {
  8602. kfree(qseecom.dev->dma_parms);
  8603. qseecom.dev->dma_parms = NULL;
  8604. unregister_reboot_notifier(&(qseecom.reboot_nb));
  8605. cdev_del(&qseecom.cdev);
  8606. device_destroy(qseecom.driver_class, qseecom.qseecom_device_no);
  8607. class_destroy(qseecom.driver_class);
  8608. unregister_chrdev_region(qseecom.qseecom_device_no, 1);
  8609. }
  8610. static int qseecom_init_control(void)
  8611. {
  8612. uint32_t feature = 10;
  8613. struct qseecom_command_scm_resp resp;
  8614. int rc = 0;
  8615. qseecom.qsee_version = QSEEE_VERSION_00;
  8616. mutex_lock(&app_access_lock);
  8617. rc = qseecom_scm_call(6, 3, &feature, sizeof(feature),
  8618. &resp, sizeof(resp));
  8619. mutex_unlock(&app_access_lock);
  8620. pr_info("qseecom.qsee_version = 0x%x\n", resp.result);
  8621. if (rc) {
  8622. pr_err("Failed to get QSEE version info %d\n", rc);
  8623. return rc;
  8624. }
  8625. qseecom.qsee_version = resp.result;
  8626. atomic_set(&qseecom.qseecom_state, QSEECOM_STATE_NOT_READY);
  8627. init_waitqueue_head(&qseecom.app_block_wq);
  8628. qseecom.whitelist_support = true;
  8629. INIT_LIST_HEAD(&qseecom.registered_listener_list_head);
  8630. INIT_LIST_HEAD(&qseecom.registered_app_list_head);
  8631. spin_lock_init(&qseecom.registered_app_list_lock);
  8632. INIT_LIST_HEAD(&qseecom.unregister_lsnr_pending_list_head);
  8633. INIT_LIST_HEAD(&qseecom.registered_kclient_list_head);
  8634. spin_lock_init(&qseecom.registered_kclient_list_lock);
  8635. init_waitqueue_head(&qseecom.send_resp_wq);
  8636. init_waitqueue_head(&qseecom.register_lsnr_pending_wq);
  8637. init_waitqueue_head(&qseecom.unregister_lsnr_kthread_wq);
  8638. INIT_LIST_HEAD(&qseecom.unload_app_pending_list_head);
  8639. init_waitqueue_head(&qseecom.unload_app_kthread_wq);
  8640. qseecom.send_resp_flag = 0;
  8641. qseecom.qseos_version = QSEOS_VERSION_14;
  8642. qseecom.commonlib_loaded = false;
  8643. qseecom.commonlib64_loaded = false;
  8644. qseecom.commonlib_loaded_by_hostvm = false;
  8645. qseecom.whitelist_support = qseecom_check_whitelist_feature();
  8646. return rc;
  8647. }
  8648. static int qseecom_parse_dt(struct platform_device *pdev)
  8649. {
  8650. if (!pdev->dev.of_node) {
  8651. pr_err("NULL of_node\n");
  8652. return -ENODEV;
  8653. }
  8654. qseecom.pdev->of_node = pdev->dev.of_node;
  8655. qseecom.support_bus_scaling =
  8656. of_property_read_bool((&pdev->dev)->of_node,
  8657. "qcom,support-bus-scaling");
  8658. qseecom.appsbl_qseecom_support =
  8659. of_property_read_bool((&pdev->dev)->of_node,
  8660. "qcom,appsbl-qseecom-support");
  8661. qseecom.commonlib64_loaded =
  8662. of_property_read_bool((&pdev->dev)->of_node,
  8663. "qcom,commonlib64-loaded-by-uefi");
  8664. qseecom.commonlib_loaded_by_hostvm =
  8665. of_property_read_bool((&pdev->dev)->of_node,
  8666. "qcom,commonlib-loaded-by-hostvm");
  8667. qseecom.fde_key_size =
  8668. of_property_read_bool((&pdev->dev)->of_node,
  8669. "qcom,fde-key-size");
  8670. qseecom.no_clock_support =
  8671. of_property_read_bool((&pdev->dev)->of_node,
  8672. "qcom,no-clock-support");
  8673. qseecom.enable_key_wrap_in_ks =
  8674. of_property_read_bool((&pdev->dev)->of_node,
  8675. "qcom,enable-key-wrap-in-ks");
  8676. if (of_property_read_u32((&pdev->dev)->of_node,
  8677. "qcom,qsee-reentrancy-support",
  8678. &qseecom.qsee_reentrancy_support)) {
  8679. pr_warn("qsee reentrancy support phase is not defined, setting to default 0\n");
  8680. qseecom.qsee_reentrancy_support = 0;
  8681. }
  8682. if (of_property_read_u32((&pdev->dev)->of_node,
  8683. "qcom,ce-opp-freq", &qseecom.ce_opp_freq_hz)) {
  8684. pr_debug("CE operating frequency is not defined, setting to default 100MHZ\n");
  8685. qseecom.ce_opp_freq_hz = QSEE_CE_CLK_100MHZ;
  8686. }
  8687. /*
  8688. * By default, appsbl only loads cmnlib. If OEM changes appsbl to
  8689. * load cmnlib64 too, while cmnlib64 img is not present in non_hlos.bin,
  8690. * Pls add "qseecom.commonlib64_loaded = true" here too.
  8691. */
  8692. if (qseecom.is_apps_region_protected ||
  8693. qseecom.appsbl_qseecom_support)
  8694. qseecom.commonlib_loaded = true;
  8695. return 0;
  8696. }
  8697. static int qseecom_create_kthreads(void)
  8698. {
  8699. int rc = 0;
  8700. qseecom.unregister_lsnr_kthread_task = kthread_run(
  8701. __qseecom_unregister_listener_kthread_func,
  8702. NULL, "qseecom-unreg-lsnr");
  8703. if (IS_ERR(qseecom.unregister_lsnr_kthread_task)) {
  8704. rc = PTR_ERR(qseecom.unregister_lsnr_kthread_task);
  8705. pr_err("fail to create kthread to unreg lsnr, rc = %x\n", rc);
  8706. return rc;
  8707. }
  8708. atomic_set(&qseecom.unregister_lsnr_kthread_state,
  8709. LSNR_UNREG_KT_SLEEP);
  8710. /*create a kthread to process pending ta unloading task */
  8711. qseecom.unload_app_kthread_task = kthread_run(
  8712. __qseecom_unload_app_kthread_func,
  8713. NULL, "qseecom-unload-ta");
  8714. if (IS_ERR(qseecom.unload_app_kthread_task)) {
  8715. rc = PTR_ERR(qseecom.unload_app_kthread_task);
  8716. pr_err("failed to create kthread to unload ta, rc = %x\n", rc);
  8717. kthread_stop(qseecom.unregister_lsnr_kthread_task);
  8718. return rc;
  8719. }
  8720. atomic_set(&qseecom.unload_app_kthread_state,
  8721. UNLOAD_APP_KT_SLEEP);
  8722. return 0;
  8723. }
  8724. static int qseecom_register_heap_shmbridge(struct platform_device *pdev,
  8725. char *heap_mem_region_name,
  8726. uint64_t *handle)
  8727. {
  8728. phys_addr_t heap_pa = 0;
  8729. size_t heap_size = 0;
  8730. struct device_node *node = NULL;
  8731. struct reserved_mem *rmem = NULL;
  8732. uint32_t ns_vmids[] = {VMID_HLOS};
  8733. uint32_t ns_vm_perms[] = {PERM_READ | PERM_WRITE};
  8734. node = of_parse_phandle(pdev->dev.of_node, heap_mem_region_name, 0);
  8735. if (!node) {
  8736. pr_err("unable to parse memory-region of heap %s\n", heap_mem_region_name);
  8737. return -EINVAL;
  8738. }
  8739. rmem = of_reserved_mem_lookup(node);
  8740. if (!rmem) {
  8741. pr_err("unable to acquire memory-region of heap %s\n", heap_mem_region_name);
  8742. return -EINVAL;
  8743. }
  8744. heap_pa = rmem->base;
  8745. heap_size = (size_t)rmem->size;
  8746. pr_debug("get heap %s info: shmbridge created\n", heap_mem_region_name);
  8747. return qtee_shmbridge_register(heap_pa,
  8748. heap_size, ns_vmids, ns_vm_perms, 1,
  8749. PERM_READ | PERM_WRITE, handle);
  8750. }
  8751. static int qseecom_register_shmbridge(struct platform_device *pdev)
  8752. {
  8753. int ret = 0;
  8754. if (!qtee_shmbridge_is_enabled())
  8755. return 0;
  8756. ret = qseecom_register_heap_shmbridge(pdev, "qseecom_ta_mem",
  8757. &qseecom.ta_bridge_handle);
  8758. if (ret)
  8759. return ret;
  8760. ret = qseecom_register_heap_shmbridge(pdev, "qseecom_mem",
  8761. &qseecom.qseecom_bridge_handle);
  8762. if (ret) {
  8763. qtee_shmbridge_deregister(qseecom.ta_bridge_handle);
  8764. return ret;
  8765. }
  8766. /* no-user-contig-mem is present in dtsi if user_contig_region is not needed*/
  8767. qseecom.no_user_contig_mem_support = of_property_read_bool((&pdev->dev)->of_node,
  8768. "qcom,no-user-contig-mem-support");
  8769. if (!qseecom.no_user_contig_mem_support) {
  8770. ret = qseecom_register_heap_shmbridge(pdev, "user_contig_mem",
  8771. &qseecom.user_contig_bridge_handle);
  8772. if (ret) {
  8773. qtee_shmbridge_deregister(qseecom.qseecom_bridge_handle);
  8774. qtee_shmbridge_deregister(qseecom.ta_bridge_handle);
  8775. return ret;
  8776. }
  8777. }
  8778. return 0;
  8779. }
  8780. static void qseecom_deregister_shmbridge(void)
  8781. {
  8782. qtee_shmbridge_deregister(qseecom.user_contig_bridge_handle);
  8783. qtee_shmbridge_deregister(qseecom.qseecom_bridge_handle);
  8784. qtee_shmbridge_deregister(qseecom.ta_bridge_handle);
  8785. }
  8786. static int qseecom_probe(struct platform_device *pdev)
  8787. {
  8788. int rc;
  8789. rc = qseecom_register_shmbridge(pdev);
  8790. if (rc)
  8791. return rc;
  8792. rc = qseecom_init_dev(pdev);
  8793. if (rc)
  8794. goto exit_unregister_bridge;
  8795. rc = qseecom_init_control();
  8796. if (rc)
  8797. goto exit_deinit_dev;
  8798. rc = qseecom_parse_dt(pdev);
  8799. if (rc)
  8800. goto exit_deinit_dev;
  8801. rc = qseecom_retrieve_ce_data(pdev);
  8802. if (rc)
  8803. goto exit_deinit_dev;
  8804. rc = qseecom_init_clk();
  8805. if (rc)
  8806. goto exit_release_ce_data;
  8807. rc = qseecom_init_bus(pdev);
  8808. if (rc)
  8809. goto exit_deinit_clock;
  8810. rc = qseecom_send_app_region(pdev);
  8811. if (rc)
  8812. goto exit_deinit_bus;
  8813. rc = qseecom_create_kthreads();
  8814. if (rc)
  8815. goto exit_deinit_bus;
  8816. #if IS_ENABLED(CONFIG_QSEECOM) && IS_ENABLED(CONFIG_QSEECOM_PROXY)
  8817. /*If the api fails to get the func ops, print the error and continue
  8818. * Do not treat it as fatal*/
  8819. rc = get_qseecom_kernel_fun_ops();
  8820. if (rc)
  8821. pr_err("failed to provide qseecom ops %d", rc);
  8822. #endif
  8823. atomic_set(&qseecom.qseecom_state, QSEECOM_STATE_READY);
  8824. return 0;
  8825. exit_deinit_bus:
  8826. qseecom_deinit_bus();
  8827. exit_deinit_clock:
  8828. qseecom_deinit_clk();
  8829. exit_release_ce_data:
  8830. qseecom_release_ce_data();
  8831. exit_deinit_dev:
  8832. qseecom_deinit_dev();
  8833. exit_unregister_bridge:
  8834. qseecom_deregister_shmbridge();
  8835. return rc;
  8836. }
  8837. static int qseecom_remove(struct platform_device *pdev)
  8838. {
  8839. struct qseecom_registered_kclient_list *kclient = NULL;
  8840. struct qseecom_registered_kclient_list *kclient_tmp = NULL;
  8841. unsigned long flags = 0;
  8842. int ret = 0;
  8843. atomic_set(&qseecom.qseecom_state, QSEECOM_STATE_NOT_READY);
  8844. spin_lock_irqsave(&qseecom.registered_kclient_list_lock, flags);
  8845. list_for_each_entry_safe(kclient, kclient_tmp,
  8846. &qseecom.registered_kclient_list_head, list) {
  8847. /* Break the loop if client handle is NULL */
  8848. if (!kclient->handle) {
  8849. list_del(&kclient->list);
  8850. kfree_sensitive(kclient);
  8851. break;
  8852. }
  8853. list_del(&kclient->list);
  8854. mutex_lock(&app_access_lock);
  8855. ret = qseecom_unload_app(kclient->handle->dev, false);
  8856. mutex_unlock(&app_access_lock);
  8857. if (!ret) {
  8858. kfree_sensitive(kclient->handle->dev);
  8859. kfree_sensitive(kclient->handle);
  8860. kfree_sensitive(kclient);
  8861. }
  8862. }
  8863. spin_unlock_irqrestore(&qseecom.registered_kclient_list_lock, flags);
  8864. if (qseecom.qseos_version > QSEEE_VERSION_00)
  8865. qseecom_unload_commonlib_image();
  8866. qseecom_deregister_shmbridge();
  8867. kthread_stop(qseecom.unload_app_kthread_task);
  8868. kthread_stop(qseecom.unregister_lsnr_kthread_task);
  8869. qseecom_deinit_bus();
  8870. qseecom_deinit_clk();
  8871. qseecom_release_ce_data();
  8872. qseecom_deinit_dev();
  8873. return ret;
  8874. }
  8875. static int qseecom_suspend(struct platform_device *pdev, pm_message_t state)
  8876. {
  8877. int ret = 0;
  8878. struct qseecom_clk *qclk;
  8879. qclk = &qseecom.qsee;
  8880. atomic_set(&qseecom.qseecom_state, QSEECOM_STATE_SUSPEND);
  8881. if (qseecom.no_clock_support)
  8882. return 0;
  8883. mutex_lock(&qsee_bw_mutex);
  8884. mutex_lock(&clk_access_lock);
  8885. if (qseecom.current_mode != INACTIVE) {
  8886. ret = qseecom_bus_scale_update_request(
  8887. qseecom.qsee_perf_client, INACTIVE);
  8888. if (ret)
  8889. pr_err("Fail to scale down bus\n");
  8890. else
  8891. qseecom.current_mode = INACTIVE;
  8892. }
  8893. if (qclk->clk_access_cnt) {
  8894. if (qclk->ce_clk != NULL)
  8895. clk_disable_unprepare(qclk->ce_clk);
  8896. if (qclk->ce_core_clk != NULL)
  8897. clk_disable_unprepare(qclk->ce_core_clk);
  8898. if (qclk->ce_bus_clk != NULL)
  8899. clk_disable_unprepare(qclk->ce_bus_clk);
  8900. }
  8901. del_timer_sync(&(qseecom.bw_scale_down_timer));
  8902. qseecom.timer_running = false;
  8903. mutex_unlock(&clk_access_lock);
  8904. mutex_unlock(&qsee_bw_mutex);
  8905. cancel_work_sync(&qseecom.bw_inactive_req_ws);
  8906. return 0;
  8907. }
  8908. static int qseecom_resume(struct platform_device *pdev)
  8909. {
  8910. int mode = 0;
  8911. int ret = 0;
  8912. struct qseecom_clk *qclk;
  8913. qclk = &qseecom.qsee;
  8914. if (qseecom.no_clock_support)
  8915. goto exit;
  8916. mutex_lock(&qsee_bw_mutex);
  8917. mutex_lock(&clk_access_lock);
  8918. if (qseecom.cumulative_mode >= HIGH)
  8919. mode = HIGH;
  8920. else
  8921. mode = qseecom.cumulative_mode;
  8922. if (qseecom.cumulative_mode != INACTIVE) {
  8923. ret = qseecom_bus_scale_update_request(
  8924. qseecom.qsee_perf_client, mode);
  8925. if (ret)
  8926. pr_err("Fail to scale up bus to %d\n", mode);
  8927. else
  8928. qseecom.current_mode = mode;
  8929. }
  8930. if (qclk->clk_access_cnt) {
  8931. if (qclk->ce_core_clk != NULL) {
  8932. ret = clk_prepare_enable(qclk->ce_core_clk);
  8933. if (ret) {
  8934. pr_err("Unable to enable/prep CE core clk\n");
  8935. qclk->clk_access_cnt = 0;
  8936. goto err;
  8937. }
  8938. }
  8939. if (qclk->ce_clk != NULL) {
  8940. ret = clk_prepare_enable(qclk->ce_clk);
  8941. if (ret) {
  8942. pr_err("Unable to enable/prep CE iface clk\n");
  8943. qclk->clk_access_cnt = 0;
  8944. goto ce_clk_err;
  8945. }
  8946. }
  8947. if (qclk->ce_bus_clk != NULL) {
  8948. ret = clk_prepare_enable(qclk->ce_bus_clk);
  8949. if (ret) {
  8950. pr_err("Unable to enable/prep CE bus clk\n");
  8951. qclk->clk_access_cnt = 0;
  8952. goto ce_bus_clk_err;
  8953. }
  8954. }
  8955. }
  8956. if (qclk->clk_access_cnt || qseecom.cumulative_mode) {
  8957. qseecom.bw_scale_down_timer.expires = jiffies +
  8958. msecs_to_jiffies(QSEECOM_SEND_CMD_CRYPTO_TIMEOUT);
  8959. mod_timer(&(qseecom.bw_scale_down_timer),
  8960. qseecom.bw_scale_down_timer.expires);
  8961. qseecom.timer_running = true;
  8962. }
  8963. mutex_unlock(&clk_access_lock);
  8964. mutex_unlock(&qsee_bw_mutex);
  8965. goto exit;
  8966. ce_bus_clk_err:
  8967. if (qclk->ce_clk)
  8968. clk_disable_unprepare(qclk->ce_clk);
  8969. ce_clk_err:
  8970. if (qclk->ce_core_clk)
  8971. clk_disable_unprepare(qclk->ce_core_clk);
  8972. err:
  8973. mutex_unlock(&clk_access_lock);
  8974. mutex_unlock(&qsee_bw_mutex);
  8975. ret = -EIO;
  8976. exit:
  8977. atomic_set(&qseecom.qseecom_state, QSEECOM_STATE_READY);
  8978. return ret;
  8979. }
  8980. static const struct of_device_id qseecom_match[] = {
  8981. {
  8982. .compatible = "qcom,qseecom",
  8983. },
  8984. {}
  8985. };
  8986. static struct platform_driver qseecom_plat_driver = {
  8987. .probe = qseecom_probe,
  8988. .remove = qseecom_remove,
  8989. .suspend = qseecom_suspend,
  8990. .resume = qseecom_resume,
  8991. .driver = {
  8992. .name = "qseecom",
  8993. .of_match_table = qseecom_match,
  8994. },
  8995. };
  8996. static int qseecom_init(void)
  8997. {
  8998. return platform_driver_register(&qseecom_plat_driver);
  8999. }
  9000. static void qseecom_exit(void)
  9001. {
  9002. platform_driver_unregister(&qseecom_plat_driver);
  9003. }
  9004. MODULE_LICENSE("GPL v2");
  9005. MODULE_DESCRIPTION("QTI Secure Execution Environment Communicator");
  9006. MODULE_IMPORT_NS(DMA_BUF);
  9007. module_init(qseecom_init);
  9008. module_exit(qseecom_exit);