Received: by 2002:a6b:fb09:0:0:0:0:0 with SMTP id h9csp4519373iog; Tue, 21 Jun 2022 23:43:42 -0700 (PDT) X-Google-Smtp-Source: AGRyM1sv95AKaQ8sQiCKthTRJMzTUVNR2LY//HWTnbkzYHDl0JeHg3+v2bS+q9ZhmbdRehDoLyqk X-Received: by 2002:a63:4f22:0:b0:403:7c60:adae with SMTP id d34-20020a634f22000000b004037c60adaemr1658541pgb.225.1655880221946; Tue, 21 Jun 2022 23:43:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1655880221; cv=none; d=google.com; s=arc-20160816; b=yqrIU5/25OtR+7LBrv+UcIkqUflDMa8bE456PVe3RoHMP0jLB89USLxqEqP02dv5H4 Maub60Pgmg5peuSX3ns+FzpgZhlChN7o37rSmwsUnhk+fV2hnG0BWk78PJ0HQ0FocsBr d9E3X2w6/pKVPzyGC0N3goofsCEobiS/c/0et245WVtJ8nCu/8ZniAFHFKLyzAa8sWDk EfxXo4QanSF8hu4OW4dXqzGzzULL1v+RLRTNNWYMwPZn+jEmco7qUCdvrGpAm3rOuCcr V8rsxcEXHEsfnE+DAH8QreD/vdYcDHYoibuLXyzz25Q7+gHYK1ChPKeDDJKDSRbJMVYT Tw4A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=9kvUcY+we9Ghh5Zfg41yBh9CQRNciqCTAx9iAGacmdo=; b=lMWZW8xbAsWrtxc9txAM/GsTotyhGnjaFjABp5lxTl29QznBSloURRrHGDOqvO917u UM4J8DZL4Xem1GEOs4vPdwzGBjse1CHoeO/acGzFbjxco/D4sek65DHw/XBn4hM+1C0F rWv8mDQZ0QJwe1pg98BbEIeGhVzRFX2KiDQ+qtMaJoTtw8yOCuBlxrPYS++s1plxgYRH 2PxJ8ewsGhIXMHelfX5JvoBSPoMBIlT5M/hIr+K7qLMyfJVDAv5xba3pOKgpSIcDiDft RccbTDBad/AjkLLT37UkiuGUXGJ7FGq5sB3E9y7TaMzHIOsAyfRWINIYcWJ2bgoISDjI RvOQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id t11-20020a170902b20b00b00161f1941a63si13842930plr.357.2022.06.21.23.43.29; Tue, 21 Jun 2022 23:43:41 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1349840AbiFVGhP (ORCPT + 99 others); Wed, 22 Jun 2022 02:37:15 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49554 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230252AbiFVGhN (ORCPT ); Wed, 22 Jun 2022 02:37:13 -0400 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 36F84344D1 for ; Tue, 21 Jun 2022 23:37:12 -0700 (PDT) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 112A113D5; Tue, 21 Jun 2022 23:37:12 -0700 (PDT) Received: from bogus (unknown [10.57.36.82]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 867C13F66F; Tue, 21 Jun 2022 23:37:10 -0700 (PDT) Date: Wed, 22 Jun 2022 07:35:58 +0100 From: Sudeep Holla To: linux-kernel@vger.kernel.org, op-tee@lists.trustedfirmware.org Cc: Sumit Garg , Jens Wiklander , Balint Dobszay Subject: Re: [PATCH] tee: Add Arm FF-A TEE driver Message-ID: <20220622063558.ckehnri5ipiftxka@bogus> References: <20220408134144.1532704-1-sudeep.holla@arm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi All, Sorry for the responding to the thread so late. I thought I will try to trigger the discussion such a user interface requires to get merged. On Fri, Apr 22, 2022 at 12:29:26PM +0530, Sumit Garg wrote: > Hi Sudeep, > > On Fri, 8 Apr 2022 at 19:11, Sudeep Holla wrote: > > > > The Arm FF-A provides mechanism for Linux kernel and modules to > > communicate with the secure partitions. This is useful for some > > Trusted-OS driver that are kernel resident or modules. > > > > We would also like to avoid adding kernel drivers to communicate with > > each and every service provided by these secure partitions. In order to > > achieve the same with FF-A, it would be better to provide user-space > > interface to access the FF-A functionalities. TEE subsystem seems to be > > the best suited to meet those requirements without having to create a > > new solution custom to FF-A alone. > > Yeah, this interface sounds interesting. > Yes, and I was told there are quite a few interested parties. I was expecting them to get involved in the discussion if you would like to see such a interface get merged any sooner. While it is interesting, I am afraid it is not getting required attention and review by few if not all interested parties. > > > > All FF-A partitions that user-space access can be associated with this > > new FF-A TEE driver and represented by a single TEE device. Though the > > various secure services are generally distributed across multiple secure > > partitions, all of these can be made accessible through this single FF-A > > TEE device. > > > > The minimal functionality needed by the user space application is > > implemented, namely: > > - Query all partition IDs for a specific FF-A UUID > > - Sending synchronous message to a partition > > - Share/unshare buffer with the partition > > > > Are there any corresponding user-space applications/libraries > available to get hands-on with this interface? > This is one of the reason I want more people to get involved in the discussion and review of the interface. All we have using this interface is some simple demo quality applications. We would like to see people migrating to FF-A and currently using some custom interface(basically in absence of OPTEE) to communicate with the secure world. > > Cc: Jens Wiklander > > Cc: Sumit Garg > > Co-developed-by: Balint Dobszay > > Signed-off-by: Balint Dobszay > > Signed-off-by: Sudeep Holla > > --- > > drivers/tee/Kconfig | 1 + > > drivers/tee/Makefile | 1 + > > drivers/tee/arm_ffa_tee/Kconfig | 15 + > > drivers/tee/arm_ffa_tee/Makefile | 6 + > > drivers/tee/arm_ffa_tee/core.c | 460 ++++++++++++++++++++++ > > drivers/tee/arm_ffa_tee/ffa_tee_private.h | 39 ++ > > drivers/tee/arm_ffa_tee/shm_pool.c | 94 +++++ > > drivers/tee/arm_ffa_tee/ts_msg.c | 133 +++++++ > > drivers/tee/arm_ffa_tee/ts_msg.h | 75 ++++ > > include/uapi/linux/arm_ffa_tee.h | 116 ++++++ > > include/uapi/linux/tee.h | 1 + > > 11 files changed, 941 insertions(+) > > create mode 100644 drivers/tee/arm_ffa_tee/Kconfig > > create mode 100644 drivers/tee/arm_ffa_tee/Makefile > > create mode 100644 drivers/tee/arm_ffa_tee/core.c > > create mode 100644 drivers/tee/arm_ffa_tee/ffa_tee_private.h > > create mode 100644 drivers/tee/arm_ffa_tee/shm_pool.c > > create mode 100644 drivers/tee/arm_ffa_tee/ts_msg.c > > create mode 100644 drivers/tee/arm_ffa_tee/ts_msg.h > > create mode 100644 include/uapi/linux/arm_ffa_tee.h > > > > Hi All, > > > > This is the initial version of FF-A TEE driver to get the feedback on the > > overall design/approach. > > > > Few TODOs I plan to do before we finalise: > > 1. Need to decouple the driver from few Trusted Service protocols currently > > implemented. I have WIP, but couldn't get all the tests working(yet to > > figure out whether the issue is in driver or tests themselves). Just > > posting it as is to get initial feedback on other areas. > > Yes I would be in favor of this. > Balint had some concerns, but I may have swayed him towards this. But I have asked him to present his reasoning so that everything gets discussed. I just don't want to give people a chance to hear those reasons. I am sure I had few other points to make, but I have forgotten them as it was at-least couple of months back that me and Balint had a chat on this and I completely forgot to follow up on this. Balint, feel free to add you views on this. I will add things as they pop up in my mind later. -- Regards, Sudeep