Received: by 2002:a89:d88:0:b0:1fa:5c73:8e2d with SMTP id eb8csp2514190lqb; Tue, 28 May 2024 02:08:43 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCVeVKb3QwBXIkwq4dwFrDg4HuMvCLnjJhyYHalqQIRWsQ6CrjrL4JcKsCzgEF5br/x1DKfkbXoaP0vhzvx52Syh/H+KMWBoM6Qbgr9Xiw== X-Google-Smtp-Source: AGHT+IGaEuBNVkhyRuV7XPD+ThikXZe1O4/jOR37HvHguhOXwlMXVLVXXmLG4J+VFya6XWVeLY4u X-Received: by 2002:a17:902:c20c:b0:1f4:93e3:9d5f with SMTP id d9443c01a7336-1f493f2e2f3mr44134625ad.17.1716887323367; Tue, 28 May 2024 02:08:43 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1716887323; cv=pass; d=google.com; s=arc-20160816; b=q9JRhSZifqwhNUrdQibjar5/OYtk3fHiToarDMsPWeOh6n1P8bzsRV6xA8ABQCxMc6 hIeqA4VzCaYap1MPKgZ0TSbx6t3Aw4k45R0xjzG5rI0GcZkvPN3gK2qHZlvzxdF9BK+N MpV+MGIoVrSXJvT/9MxAMbE5ivyBeCG/ekSsHVrSYvUIMGnG1NHwyb2+WJeIRj6dw6mZ xxGH3cR+/SBuKLyX7tnJ8TMg8TCf0U5oTVA9hkDbpLOgNIv9iRBS0XlcS+7OFm3/YAAH JonVoUUMazeJ4RVyh1rvwRe5sZBNBBCN9uWsUVNK2z9rrh/vwzo2BWTK85HGSL2rv7d6 40bQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:list-unsubscribe:list-subscribe :list-id:precedence:dkim-signature; bh=BW6Z82a5eWQhMt5GNGN6HAPnjLOfnWk1Amc7xa31Bv8=; fh=Gh8kDKhWTmfpX1u9tQLOvm9F6qJ+yuIVwc7kL8mB+ms=; b=ArbQWMbdJP4P7+Sg0vH1HyJPaQOEY8lB9q1eGlhGrSB3bPIqradmDMFjC4ibMnK5Jl /V/FxSqXN6IMg/TEpf3avIp42eURdxCFMppQxjRNf0Jc/3GfCAVLQGSrurVJk8+ckLAL efuRk1zurY8gJysWrJmggvoVq771XVJNQcjpsiAneQ1iNjd/0309vfUQVHKaHR+0MW+9 qlaQiZZQhS8D9g9dOexo/qGq46owaod+IjCHuQGwSkicKX01hz+xZoDItxnO1uDmxI1N KDJMzwRgH/i8gMioOIF9bISld8vf56Cnut1znq5pu6fMncjc6yM1Jf0dpYXQ7zmec2dc HlUQ==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=eqW1abJD; arc=pass (i=1 spf=pass spfdomain=linaro.org dkim=pass dkdomain=linaro.org dmarc=pass fromdomain=linaro.org); spf=pass (google.com: domain of linux-kernel+bounces-191988-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-191988-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id d9443c01a7336-1f44c970cbfsi56498985ad.205.2024.05.28.02.08.43 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 28 May 2024 02:08:43 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-191988-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=eqW1abJD; arc=pass (i=1 spf=pass spfdomain=linaro.org dkim=pass dkdomain=linaro.org dmarc=pass fromdomain=linaro.org); spf=pass (google.com: domain of linux-kernel+bounces-191988-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-191988-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 03D6A283807 for ; Tue, 28 May 2024 09:08:43 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id B340F13D2A2; Tue, 28 May 2024 09:08:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b="eqW1abJD" Received: from mail-oo1-f44.google.com (mail-oo1-f44.google.com [209.85.161.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 599AC13CF9C for ; Tue, 28 May 2024 09:08:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.161.44 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716887315; cv=none; b=GZevIVjHbLprd24Pnx3i5UlDXa13bFUvwIX49FsG1N+e+Xmg4SixxO8/hRRQ07pF8uRhUq0ZWHtkh1hLHwD4ioAP8bXTCq2D3sExX3sUngk0h2i8vcPnDh1+v49RMaGRnKmGs7j30FvsZIP/xlFNdNkFTf2fnsZc7AszRpmRnVM= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1716887315; c=relaxed/simple; bh=ntOVcrm0U2ktplnaHFH3LL9yRcNdoXc5wQu4I+sJCvc=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=LeDOra6jV8kGNPXqEvGC4n62LNdB8fmi/DOfQa6R1Uu3Q6bZOQOtc5NxwhzRUTneM2ibWG1xESME3NJX8FUMVk7Jc+0ur8X4eqs1cQ+GELzR4NdvYPRGAUbEtUzCYZnlQ8sBLw+VkCazvVSmHt9lQ77rIY7RS12Takbb7/sPAxc= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linaro.org; spf=pass smtp.mailfrom=linaro.org; dkim=pass (2048-bit key) header.d=linaro.org header.i=@linaro.org header.b=eqW1abJD; arc=none smtp.client-ip=209.85.161.44 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linaro.org Received: by mail-oo1-f44.google.com with SMTP id 006d021491bc7-5b96a95c5e8so328024eaf.3 for ; Tue, 28 May 2024 02:08:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1716887313; x=1717492113; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=BW6Z82a5eWQhMt5GNGN6HAPnjLOfnWk1Amc7xa31Bv8=; b=eqW1abJDeLNrfODLXcUJPj87IuuUuIbvr24/JgPw5aUu6BZY8rnv3QAk5JIp415W6n tZmjPCPBktGJjeUkwTRuKSExMlNO6XZzY4Z4Z/piatQX+7FOFyeCMlYw3TES5rZaB9SJ V0u/HZwLKLfPWWzJvovcxyTWCkgvP55LLu9jpG7TW0XRZNf9gD0blBhUwvdOFc+5iC10 o5zolGxXrI1YdRJ/G4T2OwfQY1W2kLFwLvg4eMAoZNT1bBS/8qqmO5L5MkOuZwUPWnh2 p4EbkuCZaRQL2280eEmn56ge1Xm2ztVIyGqtqUFXm7tso1YlPZWXBXuYJkOwrDoa6VIA naOg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1716887313; x=1717492113; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=BW6Z82a5eWQhMt5GNGN6HAPnjLOfnWk1Amc7xa31Bv8=; b=QV7ghQcyAlVnrpQqXMPsVDi4lJJhQiC4GqZpbu62J4TdVK15/p3YS/shW+6Gy9NNnx OWvoIU4SNZO/8HPXqNWXaqosSZZq0hvOj+19KQmPcz0b25H5RvklKZHjAVDZA+/tRla9 T/UYQcyEF/oQvAiK6seofFRF0lS0mQtmPYHLzarr4Wu9dd5W7Ug9xoIMEkc1J4KHDAhJ a73kdRgLjvGxbgqX1Ry+Y2tFaPIjoiymlSD6LndvwosJh2ZMyEnDzpkyvrbCajnGEAgb uICkOkIJcvbnZ6laCLwTdf34jCse4mbRyNatuRBbGRg5UdUhI8+Wg2bpy30IdNxqy9/K 80UQ== X-Gm-Message-State: AOJu0YwG6p7LPPZZ0F9AswmnIvkjakl6OEPTLsDF9wJmihzdIBKsfV06 h1tkmdndBXrFjckzya2IaED7Pd7JBGhMoQs5eN3UJBsqWhDISHm5aRtXZtlNzoLFFIznyAsj3FG 7pMBzZ6DwmHXr9oktYoszAgIgEQR7pz8wvmVO/w== X-Received: by 2002:a05:6820:222a:b0:5b9:8a06:5451 with SMTP id 006d021491bc7-5b98a0655c6mr7962705eaf.8.1716887313327; Tue, 28 May 2024 02:08:33 -0700 (PDT) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240527121340.3931987-1-jens.wiklander@linaro.org> <20240527121340.3931987-5-jens.wiklander@linaro.org> In-Reply-To: From: Jens Wiklander Date: Tue, 28 May 2024 11:08:21 +0200 Message-ID: Subject: Re: [PATCH v7 4/4] optee: probe RPMB device using RPMB subsystem To: Sumit Garg Cc: linux-kernel@vger.kernel.org, linux-mmc@vger.kernel.org, op-tee@lists.trustedfirmware.org, Shyam Saini , Ulf Hansson , Linus Walleij , Jerome Forissier , Ilias Apalodimas , Bart Van Assche , Randy Dunlap , Ard Biesheuvel , Arnd Bergmann , Greg Kroah-Hartman , Manuel Traut , Mikko Rapeli Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi Sumit, On Mon, May 27, 2024 at 4:38=E2=80=AFPM Sumit Garg = wrote: > > On Mon, 27 May 2024 at 17:44, Jens Wiklander = wrote: > > > > Adds support in the OP-TEE drivers (both SMC and FF-A ABIs) to probe an= d > > use an RPMB device via the RPMB subsystem instead of passing the RPMB > > frames via tee-supplicant in user space. A fallback mechanism is kept t= o > > route RPMB frames via tee-supplicant if the RPMB subsystem isn't > > available. > > > > The OP-TEE RPC ABI is extended to support iterating over all RPMB > > devices until one is found with the expected RPMB key already > > programmed. > > > > Signed-off-by: Jens Wiklander > > Tested-by: Manuel Traut > > --- > > Documentation/ABI/testing/sysfs-class-tee | 15 ++ > > MAINTAINERS | 1 + > > drivers/tee/optee/core.c | 96 +++++++++++- > > drivers/tee/optee/device.c | 7 + > > drivers/tee/optee/ffa_abi.c | 14 ++ > > drivers/tee/optee/optee_ffa.h | 2 + > > drivers/tee/optee/optee_private.h | 26 +++- > > drivers/tee/optee/optee_rpc_cmd.h | 35 +++++ > > drivers/tee/optee/optee_smc.h | 2 + > > drivers/tee/optee/rpc.c | 177 ++++++++++++++++++++++ > > drivers/tee/optee/smc_abi.c | 14 ++ > > 11 files changed, 387 insertions(+), 2 deletions(-) > > create mode 100644 Documentation/ABI/testing/sysfs-class-tee > > > > diff --git a/Documentation/ABI/testing/sysfs-class-tee b/Documentation/= ABI/testing/sysfs-class-tee > > new file mode 100644 > > index 000000000000..c9144d16003e > > --- /dev/null > > +++ b/Documentation/ABI/testing/sysfs-class-tee > > @@ -0,0 +1,15 @@ > > +What: /sys/class/tee/tee{,priv}X/rpmb_routing_model > > +Date: May 2024 > > +KernelVersion: 6.10 > > +Contact: op-tee@lists.trustedfirmware.org > > +Description: > > + RPMB frames can be routed to the RPMB device via the > > + user-space daemon tee-supplicant or the RPMB subsystem > > + in the kernel. The value "user" means that the driver > > + will route the RPMB frames via user space. Conversely, > > + "kernel" means that the frames are routed via the RPMB > > + subsystem without assistance from tee-supplicant. It > > + should be assumed that RPMB frames are routed via user > > + space if the variable is absent. The primary purpose > > + of this variable is to let systemd know whether > > + tee-supplicant is needed in the early boot with initram= fs. > > Why do we need this if we already have [1] [2]? AFAICS, whichever > devices like fTPM etc. systemd depends upon, it can be easily known > via existing sysfs property. > > [1] https://docs.kernel.org/admin-guide/abi-testing.html?highlight=3Dopte= e#abi-sys-bus-tee-devices-optee-ta-uuid-need-supplicant > [2] Documentation/ABI/testing/sysfs-bus-optee-devices The dependency is reversed. A TA depending on tee-supplicant will not be loaded until tee-supplicant is ready. rpmb_routing_model is used as one of the inputs to determine if tee-supplicant must be started early or if it can wait until the real rootfs is available. Thanks, Jens