Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp1554354rwb; Mon, 7 Nov 2022 03:04:39 -0800 (PST) X-Google-Smtp-Source: AMsMyM4MexHClSGwRsUAnXEHqxwdUTP/l47dPL9ByucSeGcB+rgZLUe3YhVdFALHE7I4GvDCaqKi X-Received: by 2002:a17:907:1c88:b0:7ad:8f76:699e with SMTP id nb8-20020a1709071c8800b007ad8f76699emr46610161ejc.114.1667819079396; Mon, 07 Nov 2022 03:04:39 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1667819079; cv=none; d=google.com; s=arc-20160816; b=rxg3Bu78KH/0DPgHvtISprjdbI01DPZBdvGGBqlYqyTehFuZyHgdqAqqCaU6FP8JRN 9URQLrRszlkE6kAKS/qVU3xWhIdSCNFeqvDaLMCXO+2smjmpfZafUML7FvD2Lu7a3QUb twqaA3RyjBx+tk5JoXDKJlmQcIUX26uyyPjSg0ur8b402cAsc9NapT+/owemgixIMrb+ 06F6SGySG8UdjuyEtmqDNCVnPk3j9/fSDQ5syniOIy81OD2xJUisq/gZzqJEz7ORWPYC maiGqYzF8jSaccASa/2stsl6LV7LclLzGDytBrh9t0zu/+CTq6oylrdEbLMuNGD1MEjy wHtw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :content-language:references:cc:to:subject:user-agent:mime-version :date:message-id:dkim-signature; bh=JfmW17rjDPXDDCqnl530unsvCqOm00I9JQihJhKhGa4=; b=tOdyojOI+WKzVYs07blWcUGdCaeZgUP++GAOiYup92Hss4eLTdfEORHqFeK1MWb5a3 HxWbon0gZDfg2m6h0RQzXt6JP8rS0h3YlW5L7CTNuzSTsX14NqvA65gKckK8ckEyjrWw O1RXNqFOnT23YZvVmoly5yU2/P5sYiSGCuEE4Red7lzDxgPMpT1/muXPryVEyhjg5UOa GWlqrFyTGXrQuMhIdTUzpwGQ7Fr5m01cRLdfKaZipPC57IjwE4jpy3tXAk6BLkwZ5H5Z zAlprHSf7UI78QSswVRscaIaCZyQYmC0hCXqbPZRSn0LsN7jkYa2987bV1Sg4iMeuJkm GdIQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@foss.st.com header.s=selector1 header.b=Yv4O6MHz; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=foss.st.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id y1-20020a1709060bc100b0072a6c18f1fasi6023737ejg.639.2022.11.07.03.04.16; Mon, 07 Nov 2022 03:04:39 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@foss.st.com header.s=selector1 header.b=Yv4O6MHz; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=foss.st.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230466AbiKGKTL (ORCPT + 93 others); Mon, 7 Nov 2022 05:19:11 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60258 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229979AbiKGKTK (ORCPT ); Mon, 7 Nov 2022 05:19:10 -0500 Received: from mx07-00178001.pphosted.com (mx08-00178001.pphosted.com [91.207.212.93]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5982314034 for ; Mon, 7 Nov 2022 02:19:04 -0800 (PST) Received: from pps.filterd (m0046661.ppops.net [127.0.0.1]) by mx07-00178001.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 2A79cwxH024988; Mon, 7 Nov 2022 11:18:50 +0100 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=foss.st.com; h=message-id : date : mime-version : subject : to : cc : references : from : in-reply-to : content-type : content-transfer-encoding; s=selector1; bh=JfmW17rjDPXDDCqnl530unsvCqOm00I9JQihJhKhGa4=; b=Yv4O6MHzoclV3Oes57V8PWZbMX96Wl3GDzmJeBl8gtONtMRLiCou8cHNjMP8HnQcUz6l qDwK+yJgmUVUA+pkoTqhR1lsP0ZJmwd5z7P8EErnO5QoGfDWVYakA+bErpIUDfuifZD7 7pc5o3TmvPIvrzZ+J90d40ewxFK02hvH3Fl63dqKNEQ2y06J0a8RhmwdczL0e3ekbAa6 U8Y7+D98v9+udMrCjkDLKXHpwII6S7P7nYMEMialkoIuHGbT3t0u5XtyPQR1sJKBNXuU aMvktj/CFD6D6P04kG8CjB73KeTHsZmAv+Ha5gbKYV8oT4t6X0sbjo/LhstM1gpXqFIN ig== Received: from beta.dmz-eu.st.com (beta.dmz-eu.st.com [164.129.1.35]) by mx07-00178001.pphosted.com (PPS) with ESMTPS id 3kpyjq0c2a-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 07 Nov 2022 11:18:50 +0100 Received: from euls16034.sgp.st.com (euls16034.sgp.st.com [10.75.44.20]) by beta.dmz-eu.st.com (STMicroelectronics) with ESMTP id 6D9F410002A; Mon, 7 Nov 2022 11:18:45 +0100 (CET) Received: from Webmail-eu.st.com (shfdag1node3.st.com [10.75.129.71]) by euls16034.sgp.st.com (STMicroelectronics) with ESMTP id 6805C218636; Mon, 7 Nov 2022 11:18:45 +0100 (CET) Received: from [10.48.0.157] (10.48.0.157) by SHFDAG1NODE3.st.com (10.75.129.71) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.32; Mon, 7 Nov 2022 11:18:44 +0100 Message-ID: Date: Mon, 7 Nov 2022 11:18:44 +0100 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.2.2 Subject: Re: [Linux-stm32] [PATCH 3/3] nvmem: stm32: add OP-TEE support for STM32MP13x To: Fabrice Gasnier , Alexandre TORGUE , Srinivas Kandagatla , Maxime Coquelin CC: Etienne CARRIERE , , , References: <20221028145252.2115933-1-patrick.delaunay@foss.st.com> <20221028165150.3.Ibc43aa73f865090affeb1751af0cc260c7f1dd07@changeid> <4d03910e-fc87-47f7-6ba3-71eb7e55f0b8@foss.st.com> Content-Language: en-US From: Patrick DELAUNAY In-Reply-To: <4d03910e-fc87-47f7-6ba3-71eb7e55f0b8@foss.st.com> Content-Type: text/plain; charset="UTF-8"; format=flowed Content-Transfer-Encoding: 7bit X-Originating-IP: [10.48.0.157] X-ClientProxiedBy: SHFCAS1NODE2.st.com (10.75.129.73) To SHFDAG1NODE3.st.com (10.75.129.71) X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.219,Aquarius:18.0.895,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-11-07_02,2022-11-03_01,2022-06-22_01 X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,NICE_REPLY_A,RCVD_IN_DNSWL_LOW,SPF_HELO_NONE, SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Fabrice, Thanks for the review, I am preparing a V2 with your remarks. Patrick On 11/3/22 14:18, Fabrice Gasnier wrote: > On 10/28/22 16:52, Patrick Delaunay wrote: >> For boot with OP-TEE on STM32MP13, the communication with the secure >> world no more use STMicroelectronics SMC but communication with the >> BSEC TA, for data access (read/write) or lock operation: >> - all the request are sent to OP-TEE trusted application, >> - for upper OTP with ECC protection and with word programming only >> each OTP are permanently locked when programmed to avoid ECC error >> on the second write operation >> >> Signed-off-by: Patrick Delaunay >> --- >> >> drivers/nvmem/stm32-romem.c | 450 +++++++++++++++++++++++++++++++++++- >> 1 file changed, 446 insertions(+), 4 deletions(-) >> >> diff --git a/drivers/nvmem/stm32-romem.c b/drivers/nvmem/stm32-romem.c >> index 6de565639d5f..dfdedbcca9b9 100644 >> --- a/drivers/nvmem/stm32-romem.c >> +++ b/drivers/nvmem/stm32-romem.c >> @@ -11,6 +11,7 @@ >> #include >> #include >> #include >> +#include >> >> /* BSEC secure service access from non-secure */ >> #define STM32_SMC_BSEC 0x82001003 >> @@ -25,14 +26,22 @@ >> struct stm32_romem_cfg { >> int size; >> u8 lower; >> + bool ta; >> }; >> >> struct stm32_romem_priv { >> void __iomem *base; >> struct nvmem_config cfg; >> u8 lower; >> + struct device *ta; >> }; >> >> +struct device *stm32_bsec_pta_find(struct device *dev); >> +static int stm32_bsec_pta_read(void *context, unsigned int offset, void *buf, >> + size_t bytes); >> +static int stm32_bsec_pta_write(void *context, unsigned int offset, void *buf, >> + size_t bytes); >> + > Hi Patrick, > > Please find some suggestions and few remarks here below. > > Adding prototypes could be avoided, by moving these new routines: > - stm32_bsec_pta_find > - stm32_bsec_pta_read > - stm32_bsec_pta_write ok > >> static int stm32_romem_read(void *context, unsigned int offset, void *buf, >> size_t bytes) >> { >> @@ -173,15 +182,25 @@ static int stm32_romem_probe(struct platform_device *pdev) >> } else { >> priv->cfg.size = cfg->size; >> priv->lower = cfg->lower; >> - priv->cfg.reg_read = stm32_bsec_read; >> - priv->cfg.reg_write = stm32_bsec_write; >> + if (cfg->ta) { >> + priv->ta = stm32_bsec_pta_find(dev); >> + /* wait for OP-TEE client driver to be up and ready */ >> + if (!priv->ta) >> + return -EPROBE_DEFER; >> + >> + priv->cfg.reg_read = stm32_bsec_pta_read; >> + priv->cfg.reg_write = stm32_bsec_pta_write; >> + } else { >> + priv->cfg.reg_read = stm32_bsec_read; >> + priv->cfg.reg_write = stm32_bsec_write; >> + } >> } >> >> return PTR_ERR_OR_ZERO(devm_nvmem_register(dev, &priv->cfg)); >> } >> >> /* >> - * STM32MP15 BSEC OTP regions: 4096 OTP bits (with 3072 effective bits) >> + * STM32MP15/13 BSEC OTP regions: 4096 OTP bits (with 3072 effective bits) >> * => 96 x 32-bits data words >> * - Lower: 1K bits, 2:1 redundancy, incremental bit programming >> * => 32 (x 32-bits) lower shadow registers = words 0 to 31 >> @@ -191,6 +210,13 @@ static int stm32_romem_probe(struct platform_device *pdev) >> static const struct stm32_romem_cfg stm32mp15_bsec_cfg = { >> .size = 384, >> .lower = 32, >> + .ta = false, >> +}; >> + >> +static const struct stm32_romem_cfg stm32mp13_bsec_cfg = { >> + .size = 384, >> + .lower = 32, >> + .ta = true, >> }; >> >> static const struct of_device_id stm32_romem_of_match[] = { >> @@ -198,6 +224,8 @@ static const struct of_device_id stm32_romem_of_match[] = { >> .compatible = "st,stm32mp15-bsec", >> .data = (void *)&stm32mp15_bsec_cfg, >> }, { >> + .compatible = "st,stm32mp13-bsec", >> + .data = (void *)&stm32mp13_bsec_cfg, >> }, >> }; >> MODULE_DEVICE_TABLE(of, stm32_romem_of_match); >> @@ -209,7 +237,421 @@ static struct platform_driver stm32_romem_driver = { >> .of_match_table = of_match_ptr(stm32_romem_of_match), >> }, >> }; >> -module_platform_driver(stm32_romem_driver); >> + >> +#if IS_ENABLED(CONFIG_OPTEE) >> +/************************************************************************* >> + * BSEC PTA : OP-TEE client driver to pseudo trusted application >> + *************************************************************************/ > Just suggesting: could improve readability on above comment ? > (mutli-line comment starting with an emtpy /*. But here there's a single > line. I remove this comment (not needed). > >> + >> +/* >> + * Read OTP memory >> + * >> + * [in] value[0].a OTP start offset in byte >> + * [in] value[0].b Access type (0 : shadow, >> + * 1 : fuse, 2 : lock) > Suggestion: fits into 100 chars line done > >> + * [out] memref[1].buffer Output buffer to store read values >> + * [out] memref[1].size Size of OTP to be read >> + * >> + * Return codes: >> + * TEE_SUCCESS - Invoke command success >> + * TEE_ERROR_BAD_PARAMETERS - Incorrect input param >> + */ >> +#define PTA_BSEC_READ_MEM 0x0 /* Read OTP */ >> + >> +/* >> + * Write OTP memory >> + * >> + * [in] value[0].a OTP start offset in byte >> + * [in] value[0].b Access type (0 : shadow, >> + * 1 : fuse, 2 : lock) > same here done > >> + * [in] memref[1].buffer Input buffer to read values >> + * [in] memref[1].size Size of OTP to be written >> + * >> + * Return codes: >> + * TEE_SUCCESS - Invoke command success >> + * TEE_ERROR_BAD_PARAMETERS - Incorrect input param >> + */ >> +#define PTA_BSEC_WRITE_MEM 0x1 /* Write OTP */ >> + >> +/* value of PTA_BSEC access type = value[in] b */ >> +#define SHADOW_ACCESS 0 >> +#define FUSE_ACCESS 1 >> +#define LOCK_ACCESS 2 >> + >> +/* Bitfield definition for LOCK status */ >> +#define LOCK_PERM BIT(30) >> + >> +/** >> + * struct stm32_bsec_pta_priv - OP-TEE BSEC TA private data >> + * @ctx: OP-TEE context handler. >> + * @session_id: TA session identifier. >> + */ >> +struct stm32_bsec_pta_priv { >> + struct tee_context *ctx; >> + u32 session_id; >> +}; >> + >> +/* >> + * Check whether this driver supports the BSEC TA in the TEE instance >> + * represented by the params (ver/data) to this function. >> + */ >> +static int stm32_bsec_pta_match(struct tee_ioctl_version_data *ver, const void *data) >> +{ >> + /* >> + * Currently this driver only supports GP compliant, OP-TEE based TA >> + */ > /* suggestion: single line comment */ done > >> + if ((ver->impl_id == TEE_IMPL_ID_OPTEE) && >> + (ver->gen_caps & TEE_GEN_CAP_GP)) >> + return 1; >> + else >> + return 0; >> +} >> + >> +/** >> + * stm32_bsec_pta_probe() - initialize the PTA BSEC >> + * @dev: the platform_device description. >> + * >> + * Return: >> + * On success, 0. On failure, -errno. >> + */ >> +static int stm32_bsec_pta_probe(struct device *dev) >> +{ >> + int rc; >> + struct tee_ioctl_open_session_arg sess_arg; >> + struct tee_client_device *tee_device = to_tee_client_device(dev); >> + struct stm32_bsec_pta_priv *priv; >> + >> + priv = devm_kzalloc(dev, sizeof(*priv), GFP_KERNEL); >> + if (!priv) >> + return -ENOMEM; >> + >> + /* Open context with TEE driver */ >> + priv->ctx = tee_client_open_context(NULL, stm32_bsec_pta_match, NULL, NULL); >> + if (IS_ERR(priv->ctx)) { >> + if (PTR_ERR(priv->ctx) == -ENOENT) >> + return -EPROBE_DEFER; >> + dev_err(dev, "%s: tee_client_open_context failed\n", __func__); >> + return PTR_ERR(priv->ctx); >> + } >> + >> + /* Open a session with BSEC TA */ >> + memset(&sess_arg, 0, sizeof(sess_arg)); >> + export_uuid(sess_arg.uuid, &tee_device->id.uuid); >> + sess_arg.clnt_login = TEE_IOCTL_LOGIN_REE_KERNEL; >> + sess_arg.num_params = 0; >> + >> + rc = tee_client_open_session(priv->ctx, &sess_arg, NULL); >> + if ((rc < 0) || (sess_arg.ret != 0)) { >> + dev_err(dev, "%s: tee_client_open_session failed, err=%x\n", >> + __func__, sess_arg.ret); >> + rc = -EINVAL; >> + goto out_tee_session; >> + } >> + priv->session_id = sess_arg.session; >> + dev_set_drvdata(dev, priv); >> + >> + return 0; >> + >> +out_tee_session: >> + tee_client_close_context(priv->ctx); >> + priv->ctx = NULL; >> + >> + return rc; >> +} >> + >> +/** >> + * stm32_bsec_pta_remove() - remove the BSEC TEE device >> + * @dev: the platform_device description. >> + * >> + * Return: >> + * 0 always. >> + */ >> +static int stm32_bsec_pta_remove(struct device *dev) >> +{ >> + struct stm32_bsec_pta_priv *priv = dev_get_drvdata(dev); >> + >> + if (!IS_ERR_OR_NULL(priv->ctx)) { >> + tee_client_close_session(priv->ctx, priv->session_id); >> + tee_client_close_context(priv->ctx); >> + } >> + >> + return 0; >> +} >> + >> +/** >> + * stm32_bsec_pta_read() - nvmem read access using PTA client driver >> + * @context: nvmem context => romem privdate data >> + * @offset: nvmem offset >> + * @buf: buffer to fill with nvem values >> + * @bytes: number of bytes to read >> + * >> + * Return: >> + * On success, 0. On failure, -errno. >> + */ >> +static int stm32_bsec_pta_read(void *context, unsigned int offset, void *buf, >> + size_t bytes) >> +{ >> + struct stm32_romem_priv *romem_priv = context; >> + struct device *dev; >> + struct stm32_bsec_pta_priv *priv; >> + struct tee_shm *shm; >> + struct tee_ioctl_invoke_arg arg; >> + struct tee_param param[2]; >> + u8 *shm_buf; >> + u32 start, num_bytes; >> + int ret; >> + >> + dev = romem_priv->ta; >> + if (!dev) { >> + pr_err("TA_BSEC invoke with driver\n"); >> + return -ENXIO; >> + } >> + >> + priv = dev_get_drvdata(dev); >> + >> + memset(&arg, 0, sizeof(arg)); >> + memset(¶m, 0, sizeof(param)); >> + >> + arg.func = PTA_BSEC_READ_MEM; >> + arg.session = priv->session_id; >> + arg.num_params = 2; >> + >> + /* align access on 32bits */ >> + start = ALIGN_DOWN(offset, 4); >> + num_bytes = round_up(offset + bytes - start, 4); >> + param[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; >> + param[0].u.value.a = start; >> + param[0].u.value.b = SHADOW_ACCESS; >> + >> + shm = tee_shm_alloc_kernel_buf(priv->ctx, num_bytes); >> + if (IS_ERR(shm)) >> + return PTR_ERR(shm); >> + >> + param[1].attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_OUTPUT; >> + param[1].u.memref.shm = shm; >> + param[1].u.memref.size = num_bytes; >> + >> + ret = tee_client_invoke_func(priv->ctx, &arg, param); >> + if (ret < 0 || arg.ret != 0) { >> + dev_err(dev, "TA_BSEC invoke failed TEE err: %x, ret:%x\n", >> + arg.ret, ret); >> + if (!ret) >> + ret = -EIO; >> + } >> + if (!ret) { >> + shm_buf = tee_shm_get_va(shm, 0); >> + if (IS_ERR(shm_buf)) { >> + dev_err(dev, "tee_shm_get_va failed for transmit\n"); >> + ret = PTR_ERR(shm_buf); >> + } else { >> + ret = 0; > ret = 0; maybe removed ? (ret is already 0 here) yes => line removed > >> + /* read data from 32 bits aligned buffer */ >> + memcpy(buf, &shm_buf[offset % 4], bytes); >> + } >> + } >> + >> + tee_shm_free(shm); >> + >> + return ret; >> +} >> + >> +/** >> + * stm32_bsec_pta_write() - nvmem write access using PTA client driver >> + * @context: nvmem context => romem privdate data >> + * @offset: nvmem offset >> + * @buf: buffer with nvem values >> + * @bytes: number of bytes to write >> + * >> + * Return: >> + * On success, 0. On failure, -errno. >> + */ >> +static int stm32_bsec_pta_write(void *context, unsigned int offset, void *buf, >> + size_t bytes) >> +{ >> + struct stm32_romem_priv *romem_priv = context; >> + struct device *dev; >> + struct stm32_bsec_pta_priv *priv; >> + struct tee_shm *shm; >> + struct tee_ioctl_invoke_arg arg; >> + struct tee_param param[2]; >> + u8 *shm_buf; >> + int ret; >> + >> + dev = romem_priv->ta; >> + if (!dev) { >> + pr_err("TA_BSEC invoke with driver\n"); >> + return -ENXIO; >> + } >> + >> + /* Allow only writing complete 32-bits aligned words */ >> + if ((bytes % 4) || (offset % 4)) >> + return -EINVAL; >> + >> + priv = dev_get_drvdata(dev); >> + >> + memset(&arg, 0, sizeof(arg)); >> + memset(¶m, 0, sizeof(param)); >> + >> + arg.func = PTA_BSEC_WRITE_MEM; >> + arg.session = priv->session_id; >> + arg.num_params = 2; >> + >> + param[0].attr = TEE_IOCTL_PARAM_ATTR_TYPE_VALUE_INPUT; >> + param[0].u.value.a = offset; >> + param[0].u.value.b = FUSE_ACCESS; >> + >> + shm = tee_shm_alloc_kernel_buf(priv->ctx, bytes); >> + if (IS_ERR(shm)) >> + return PTR_ERR(shm); >> + >> + param[1].attr = TEE_IOCTL_PARAM_ATTR_TYPE_MEMREF_INPUT; >> + param[1].u.memref.shm = shm; >> + param[1].u.memref.size = bytes; >> + >> + shm_buf = tee_shm_get_va(shm, 0); >> + if (IS_ERR(shm_buf)) { >> + dev_err(dev, "tee_shm_get_va failed for transmit\n"); > Need to add error handling: tee_shm_free(shm); done => line added > >> + return PTR_ERR(shm_buf); >> + } >> + >> + memcpy(shm_buf, buf, bytes); >> + >> + ret = tee_client_invoke_func(priv->ctx, &arg, param); >> + if (ret < 0 || arg.ret != 0) { >> + dev_err(dev, "TA_BSEC invoke failed TEE err: %x, ret:%x\n", >> + arg.ret, ret); >> + if (!ret) >> + ret = -EIO; >> + } >> + dev_dbg(dev, "Write OTPs %d to %d, ret=%d\n", >> + offset / 4, (offset + bytes) / 4, ret); >> + >> + /* Lock the upper OTPs with ECC protection, word programming only */ >> + if (!ret && ((offset + bytes) >= (romem_priv->lower * 4))) { >> + u32 start, nb_lock; >> + u32 *lock = (u32 *)shm_buf; >> + int i; >> + >> + /* >> + * don't lock the lower OTPs, no ECC protection and incremental >> + * bit programming, a second write is allowed >> + */ >> + start = max_t(u32, offset, romem_priv->lower * 4); >> + nb_lock = (offset + bytes - start) / 4; >> + >> + param[0].u.value.a = start; >> + param[0].u.value.b = LOCK_ACCESS; >> + param[1].u.memref.size = nb_lock * 4; >> + >> + for (i = 0; i < nb_lock; i++) >> + lock[i] = LOCK_PERM; >> + >> + ret = tee_client_invoke_func(priv->ctx, &arg, param); >> + if (ret < 0 || arg.ret != 0) { >> + dev_err(dev, "TA_BSEC invoke failed TEE err: %x, ret:%x\n", >> + arg.ret, ret); >> + if (!ret) >> + ret = -EIO; >> + } >> + dev_dbg(dev, "Lock upper OTPs %d to %d, ret=%d\n", >> + start / 4, start / 4 + nb_lock, ret); >> + } >> + >> + tee_shm_free(shm); >> + >> + return ret; >> +} >> + >> +static const struct tee_client_device_id stm32_bsec_id_table[] = { >> + { >> + UUID_INIT(0x94cf71ad, 0x80e6, 0x40b5, >> + 0xa7, 0xc6, 0x3d, 0xc5, 0x01, 0xeb, 0x28, 0x03) >> + }, >> + { } >> +}; >> + >> +MODULE_DEVICE_TABLE(tee, stm32_bsec_id_table); >> + >> +static struct tee_client_driver stm32_bsec_pta_driver = { >> + .id_table = stm32_bsec_id_table, >> + .driver = { >> + .name = "stm32-bsec-pta", >> + .bus = &tee_bus_type, >> + .probe = stm32_bsec_pta_probe, >> + .remove = stm32_bsec_pta_remove, >> + }, >> +}; >> + >> +static void stm32_bsec_put_device(void *data) >> +{ >> + put_device(data); >> +} >> + >> +struct device *stm32_bsec_pta_find(struct device *dev) >> +{ >> + struct device *pta_dev; >> + >> + pta_dev = driver_find_next_device(&stm32_bsec_pta_driver.driver, NULL); >> + >> + if (pta_dev && devm_add_action_or_reset(dev, stm32_bsec_put_device, pta_dev)) { >> + dev_err(dev, "unable to register cleanup action\n"); > I suggest to improve the error message here, to make it more explicit, > and also propagate the error code to the caller. > Something like: > ret = devm_add_action_or_reset() > if (ret) { > dev_err(dev, "devm_add_action_or_reset() failed (%d)\n", ret ); > return ret; > } > This may avoid turning a real error here, into a EPROBE_DEFER at the > caller side, e.g.: > if (!priv->ta) > return -EPROBE_DEFER; Yes: no need to probe defer if a error is detected: staticstructdevice *stm32_bsec_pta_find(structdevice *dev) { structdevice *pta_dev; intret; pta_dev = driver_find_next_device(&stm32_bsec_pta_driver.driver, NULL); if(pta_dev) { ret = devm_add_action_or_reset(dev, stm32_bsec_put_device, pta_dev); if(ret) dev_err(dev, "devm_add_action_or_reset() failed (%d)\n", ret ); returnERR_PTR(ret); } returnpta_dev; } and for caller side: priv->ta= stm32_bsec_pta_find(dev); /* wait for OP-TEE client driver to be up and ready */ if(!priv->ta) return-EPROBE_DEFER; if(IS_ERR(priv->ta)) returnPTR_ERR(priv->ta); > > Thanks & Best Regards, > Fabrice > >> + >> + return NULL; >> + } >> + >> + return pta_dev; >> +} >> + >> +#else >> +static int stm32_bsec_pta_read(void *context, unsigned int offset, void *buf, >> + size_t bytes) >> +{ >> + pr_debug("%s: TA BSEC request without OPTEE support\n", __func__); >> + >> + return -ENXIO; >> +} >> + >> +static int stm32_bsec_pta_write(void *context, unsigned int offset, void *buf, >> + size_t bytes) >> +{ >> + pr_debug("%s: TA BSEC request without OPTEE support\n", __func__); >> + >> + return -ENXIO; >> +} >> + >> +struct device *stm32_bsec_pta_find(struct device *dev) >> +{ >> + pr_debug("%s: TA BSEC request without OPTEE support\n", __func__); >> + >> + return NULL; >> +} >> +#endif >> + >> +static int __init stm32_romem_init(void) >> +{ >> + int rc; >> + >> + rc = platform_driver_register(&stm32_romem_driver); >> + if (rc) >> + return rc; >> + >> +#if IS_ENABLED(CONFIG_OPTEE) >> + rc = driver_register(&stm32_bsec_pta_driver.driver); >> +#endif >> + >> + return rc; >> +} >> + >> +static void __exit stm32_romem_exit(void) >> +{ >> + platform_driver_unregister(&stm32_romem_driver); >> +#if IS_ENABLED(CONFIG_OPTEE) >> + driver_unregister(&stm32_bsec_pta_driver.driver); >> +#endif >> +} >> + >> +module_init(stm32_romem_init); >> +module_exit(stm32_romem_exit); >> >> MODULE_AUTHOR("Fabrice Gasnier "); >> MODULE_DESCRIPTION("STMicroelectronics STM32 RO-MEM");