d0a4d79cb7ab7ea7bfd9c78a64a72ca53925115f
[tegra/ote_partner/tlk_driver.git] / security / tlk_driver / ote_device.c
1 /*
2  * Copyright (c) 2013-2014 NVIDIA Corporation. All rights reserved.
3  *
4  * This program is free software; you can redistribute it and/or modify
5  * it under the terms of the GNU General Public License as published by
6  * the Free Software Foundation; either version 2 of the License, or
7  * (at your option) any later version.
8  *
9  * This program is distributed in the hope that it will be useful, but WITHOUT
10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
12  * more details.
13  *
14  * You should have received a copy of the GNU General Public License along
15  * with this program; if not, write to the Free Software Foundation, Inc.,
16  * 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
17  */
18
19 #include <linux/atomic.h>
20 #include <linux/uaccess.h>
21 #include <linux/module.h>
22 #include <linux/slab.h>
23 #include <linux/fs.h>
24 #include <linux/printk.h>
25 #include <linux/ioctl.h>
26 #include <linux/miscdevice.h>
27 #include <linux/mm.h>
28 #include <asm/cacheflush.h>
29 #include <asm/outercache.h>
30 #include <linux/list.h>
31 #include <linux/dma-mapping.h>
32 #include <linux/of.h>
33
34 #include "ote_protocol.h"
35
36 #define SET_ANSWER(a, r, ro)    { a.result = r; a.result_origin = ro; }
37
38 struct tlk_device tlk_dev;
39 DEFINE_MUTEX(smc_lock);
40
41 static int te_create_free_cmd_list(struct tlk_device *dev)
42 {
43         int cmd_desc_count, ret = 0;
44         struct te_cmd_req_desc *req_desc;
45         int bitmap_size;
46         bool use_reqbuf;
47
48         /*
49          * Check if new shared req/param register SMC is supported.
50          *
51          * If it is, TLK can map in the shared req/param buffers and do_smc
52          * only needs to send the offsets within each (with cache coherency
53          * being maintained by HW through an NS mapping).
54          *
55          * If the SMC support is not yet present, then fallback to the old
56          * mode of writing to an uncached buffer to maintain coherency (and
57          * phys addresses are passed in do_smc).
58          */
59         dev->req_param_buf = NULL;
60         use_reqbuf = !send_smc(TE_SMC_REGISTER_REQ_BUF, 0, 0);
61
62         if (use_reqbuf) {
63                 dev->req_param_buf = kmalloc((2 * PAGE_SIZE), GFP_KERNEL);
64
65                 /* requests in the first page, params in the second */
66                 dev->req_addr   = (struct te_request *) dev->req_param_buf;
67                 dev->param_addr = (struct te_oper_param *)
68                                         (dev->req_param_buf + PAGE_SIZE);
69
70                 send_smc(TE_SMC_REGISTER_REQ_BUF,
71                                 (uintptr_t)dev->req_addr, (2 * PAGE_SIZE));
72         } else {
73                 dev->req_addr = dma_alloc_coherent(NULL, PAGE_SIZE,
74                                         &dev->req_addr_phys, GFP_KERNEL);
75                 dev->param_addr = dma_alloc_coherent(NULL, PAGE_SIZE,
76                                         &dev->param_addr_phys, GFP_KERNEL);
77         }
78
79         if (!dev->req_addr || !dev->param_addr || !dev->req_param_buf) {
80                 ret = -ENOMEM;
81                 goto error;
82         }
83
84         /* alloc param bitmap allocator */
85         bitmap_size = BITS_TO_LONGS(TE_PARAM_MAX) * sizeof(long);
86         dev->param_bitmap = kzalloc(bitmap_size, GFP_KERNEL);
87
88         for (cmd_desc_count = 0;
89                 cmd_desc_count < TE_CMD_DESC_MAX; cmd_desc_count++) {
90
91                 req_desc = kzalloc(sizeof(struct te_cmd_req_desc), GFP_KERNEL);
92                 if (req_desc == NULL) {
93                         pr_err("Failed to allocate cmd req descriptor\n");
94                         ret = -ENOMEM;
95                         goto error;
96                 }
97                 req_desc->req_addr = dev->req_addr + cmd_desc_count;
98                 INIT_LIST_HEAD(&(req_desc->list));
99
100                 /* Add the cmd param descriptor to free list */
101                 list_add_tail(&req_desc->list, &(dev->free_cmd_list));
102         }
103
104 error:
105         return ret;
106 }
107
108 static struct te_oper_param *te_get_free_params(struct tlk_device *dev,
109         unsigned int nparams)
110 {
111         struct te_oper_param *params = NULL;
112         int idx, nbits;
113
114         if (nparams) {
115                 nbits = get_count_order(nparams);
116                 idx = bitmap_find_free_region(dev->param_bitmap,
117                                 TE_PARAM_MAX, nbits);
118                 if (idx >= 0)
119                         params = dev->param_addr + idx;
120         }
121         return params;
122 }
123
124 static void te_put_free_params(struct tlk_device *dev,
125         struct te_oper_param *params, uint32_t nparams)
126 {
127         int idx, nbits;
128
129         idx = (params - dev->param_addr);
130         nbits = get_count_order(nparams);
131         bitmap_release_region(dev->param_bitmap, idx, nbits);
132 }
133
134 static struct te_cmd_req_desc *te_get_free_cmd_desc(struct tlk_device *dev)
135 {
136         struct te_cmd_req_desc *cmd_desc = NULL;
137
138         if (!(list_empty(&(dev->free_cmd_list)))) {
139                 cmd_desc = list_first_entry(&(dev->free_cmd_list),
140                                 struct te_cmd_req_desc, list);
141                 list_del(&(cmd_desc->list));
142                 list_add_tail(&cmd_desc->list, &(dev->used_cmd_list));
143         }
144         return cmd_desc;
145 }
146
147 static void te_put_used_cmd_desc(struct tlk_device *dev,
148         struct te_cmd_req_desc *cmd_desc)
149 {
150         struct te_cmd_req_desc *param_desc, *tmp_param_desc;
151
152         if (cmd_desc) {
153                 list_for_each_entry_safe(param_desc, tmp_param_desc,
154                                 &(dev->used_cmd_list), list) {
155                         if (cmd_desc->req_addr == param_desc->req_addr) {
156                                 list_del(&param_desc->list);
157                                 list_add_tail(&param_desc->list,
158                                         &(dev->free_cmd_list));
159                         }
160                 }
161         }
162 }
163
164 static void __attribute__((unused)) te_print_cmd_list(
165         struct tlk_device *dev, int used_list)
166 {
167         struct te_cmd_req_desc *param_desc;
168
169         if (!used_list) {
170                 pr_info("Printing free cmd list\n");
171                 if (!(list_empty(&(dev->free_cmd_list)))) {
172                         list_for_each_entry(param_desc, &(dev->free_cmd_list),
173                                         list)
174                                 pr_info("Phys addr for cmd req desc (%p)\n",
175                                         param_desc->req_addr);
176                 }
177         } else {
178                 pr_info("Printing used cmd list\n");
179                 if (!(list_empty(&(dev->used_cmd_list)))) {
180                         list_for_each_entry(param_desc, &(dev->used_cmd_list),
181                                         list)
182                                 pr_info("Phys addr for cmd req desc (%p)\n",
183                                         param_desc->req_addr);
184                 }
185         }
186 }
187
188
189 static void te_close_sessions(struct tlk_context *context)
190 {
191         struct tlk_device *dev = context->dev;
192         union te_cmd cmd;
193         struct te_cmd_req_desc *cmd_desc = NULL;
194         struct te_request *request;
195         struct te_session *session, *tmp_session;
196
197         if (list_empty(&context->session_list))
198                 return;
199
200         cmd_desc = te_get_free_cmd_desc(dev);
201         if (!cmd_desc) {
202                 pr_err("%s: failed to get cmd_desc\n", __func__);
203                 return;
204         }
205
206         request = cmd_desc->req_addr;
207
208         list_for_each_entry_safe(session, tmp_session,
209                 &context->session_list, list) {
210
211                 memset(request, 0, sizeof(struct te_request));
212
213                 cmd.closesession.session_id = session->session_id;
214
215                 te_close_session(&cmd.closesession, request, context);
216         }
217
218         te_put_used_cmd_desc(dev, cmd_desc);
219 }
220
221 static int tlk_device_open(struct inode *inode, struct file *file)
222 {
223         struct tlk_context *context;
224         int ret = 0;
225
226         context = kzalloc(sizeof(struct tlk_context), GFP_KERNEL);
227         if (!context) {
228                 ret = -ENOMEM;
229                 goto error;
230         }
231         context->dev = &tlk_dev;
232         INIT_LIST_HEAD(&context->session_list);
233
234         file->private_data = context;
235         return 0;
236 error:
237         return ret;
238 }
239
240 static int tlk_device_release(struct inode *inode, struct file *file)
241 {
242         struct tlk_context *context = file->private_data;
243
244         /* close any open sessions */
245         te_close_sessions(context);
246
247         kfree(file->private_data);
248         file->private_data = NULL;
249         return 0;
250 }
251
252 static int copy_params_from_user(struct te_request *req,
253         struct te_operation *operation)
254 {
255         struct te_oper_param *param_array;
256         struct te_oper_param *user_param;
257         uint32_t i;
258
259         if (operation->list_count == 0)
260                 return 0;
261
262         param_array = (struct te_oper_param *)(uintptr_t)req->params;
263         if (param_array == NULL) {
264                 pr_err("param_array empty\n");
265                 return 1;
266         }
267
268         user_param = (struct te_oper_param *)(uintptr_t)operation->list_head;
269         for (i = 0; i < operation->list_count && user_param != NULL; i++) {
270                 if (copy_from_user(param_array + i, user_param,
271                                         sizeof(struct te_oper_param))) {
272                         pr_err("Failed to copy operation parameter:%d, %p, " \
273                                         "list_count: %d\n",
274                                         i, user_param, operation->list_count);
275                         return 1;
276                 }
277                 user_param = (struct te_oper_param *)(uintptr_t)
278                         param_array[i].next_ptr_user;
279         }
280         return 0;
281 }
282
283 static int copy_params_to_user(struct te_request *req,
284         struct te_operation *operation)
285 {
286         struct te_oper_param *param_array;
287         struct te_oper_param *user_param;
288         uint32_t i;
289
290         if (operation->list_count == 0)
291                 return 0;
292
293         param_array = (struct te_oper_param *)(uintptr_t)req->params;
294         if (param_array == NULL) {
295                 pr_err("param_array empty\n");
296                 return 1;
297         }
298
299         user_param =
300                 (struct te_oper_param *)(uintptr_t)operation->list_head;
301         for (i = 0; i < req->params_size; i++) {
302                 if (copy_to_user(user_param, param_array + i,
303                                         sizeof(struct te_oper_param))) {
304                         pr_err("Failed to copy back parameter:%d %p\n", i,
305                                         user_param);
306                         return 1;
307                 }
308                 user_param = (struct te_oper_param *)(uintptr_t)
309                         param_array[i].next_ptr_user;
310         }
311         return 0;
312 }
313
314 static long te_handle_trustedapp_ioctl(struct file *file,
315         unsigned int ioctl_num, unsigned long ioctl_param)
316 {
317         long err = 0;
318         union te_cmd cmd;
319         struct te_operation *operation = NULL;
320         struct te_oper_param *params = NULL;
321         struct te_request *request;
322         void __user *ptr_user_answer = NULL;
323         struct te_answer answer;
324         struct te_cmd_req_desc *cmd_desc = NULL;
325         struct tlk_context *context = file->private_data;
326         struct tlk_device *dev = context->dev;
327
328         if (copy_from_user(&cmd, (void __user *)ioctl_param,
329                                 sizeof(union te_cmd))) {
330                 pr_err("Failed to copy command request\n");
331                 err = -EFAULT;
332                 goto error;
333         }
334
335         memset(&answer, 0, sizeof(struct te_answer));
336
337         switch (ioctl_num) {
338         case TE_IOCTL_OPEN_CLIENT_SESSION:
339                 operation = &cmd.opensession.operation;
340                 ptr_user_answer = (void *)(uintptr_t)cmd.opensession.answer;
341
342                 cmd_desc = te_get_free_cmd_desc(dev);
343                 params = te_get_free_params(dev, operation->list_count);
344
345                 if (!cmd_desc || (operation->list_count && !params)) {
346                         SET_ANSWER(answer,
347                                    OTE_ERROR_OUT_OF_MEMORY,
348                                    OTE_RESULT_ORIGIN_COMMS);
349                         pr_err("failed to get cmd_desc/params\n");
350                         goto error;
351                 }
352
353                 request = cmd_desc->req_addr;
354                 memset(request, 0, sizeof(struct te_request));
355
356                 request->params = (uintptr_t)params;
357                 request->params_size = operation->list_count;
358
359                 if (copy_params_from_user(request, operation)) {
360                         err = -EFAULT;
361                         pr_info("failed to copy params from user\n");
362                         goto error;
363                 }
364
365                 te_open_session(&cmd.opensession, request, context);
366
367                 SET_ANSWER(answer, request->result, request->result_origin);
368                 answer.session_id = request->session_id;
369                 break;
370
371         case TE_IOCTL_CLOSE_CLIENT_SESSION:
372                 ptr_user_answer = (void *)(uintptr_t)cmd.closesession.answer;
373                 cmd_desc = te_get_free_cmd_desc(dev);
374                 if (!cmd_desc) {
375                         SET_ANSWER(answer,
376                                    OTE_ERROR_OUT_OF_MEMORY,
377                                    OTE_RESULT_ORIGIN_COMMS);
378                         pr_err("failed to get cmd_desc\n");
379                         goto error;
380                 }
381
382                 request = cmd_desc->req_addr;
383                 memset(request, 0, sizeof(struct te_request));
384
385                 /* close session cannot fail */
386                 te_close_session(&cmd.closesession, request, context);
387                 break;
388
389         case TE_IOCTL_LAUNCH_OPERATION:
390                 operation = &cmd.launchop.operation;
391                 ptr_user_answer = (void *)(uintptr_t)cmd.launchop.answer;
392
393                 cmd_desc = te_get_free_cmd_desc(dev);
394                 params = te_get_free_params(dev, operation->list_count);
395
396                 if (!cmd_desc || (operation->list_count && !params)) {
397                         SET_ANSWER(answer,
398                                    OTE_ERROR_OUT_OF_MEMORY,
399                                    OTE_RESULT_ORIGIN_COMMS);
400                         pr_err("failed to get cmd_desc/params\n");
401                         goto error;
402                 }
403
404                 request = cmd_desc->req_addr;
405                 memset(request, 0, sizeof(struct te_request));
406
407                 request->params = (uintptr_t)params;
408                 request->params_size = operation->list_count;
409
410                 if (copy_params_from_user(request, operation)) {
411                         err = -EFAULT;
412                         pr_info("failed to copy params from user\n");
413                         goto error;
414                 }
415
416                 te_launch_operation(&cmd.launchop, request, context);
417
418                 SET_ANSWER(answer, request->result, request->result_origin);
419                 break;
420
421         default:
422                 pr_err("Invalid IOCTL Cmd\n");
423                 err = -EINVAL;
424                 goto error;
425         }
426         if (ptr_user_answer && !err) {
427                 if (copy_to_user(ptr_user_answer, &answer,
428                         sizeof(struct te_answer))) {
429                         pr_err("Failed to copy answer\n");
430                         err = -EFAULT;
431                 }
432         }
433         if (request->params && !err) {
434                 if (copy_params_to_user(request, operation)) {
435                         pr_err("Failed to copy return params\n");
436                         err = -EFAULT;
437                 }
438         }
439
440 error:
441         if (cmd_desc)
442                 te_put_used_cmd_desc(dev, cmd_desc);
443         if (params)
444                 te_put_free_params(dev, params, operation->list_count);
445         return err;
446 }
447
448 static long tlk_device_ioctl(struct file *file, unsigned int ioctl_num,
449         unsigned long ioctl_param)
450 {
451         int err;
452
453         switch (ioctl_num) {
454         case TE_IOCTL_OPEN_CLIENT_SESSION:
455         case TE_IOCTL_CLOSE_CLIENT_SESSION:
456         case TE_IOCTL_LAUNCH_OPERATION:
457                 mutex_lock(&smc_lock);
458                 err = te_handle_trustedapp_ioctl(file, ioctl_num, ioctl_param);
459                 mutex_unlock(&smc_lock);
460                 break;
461
462         case TE_IOCTL_SS_CMD:
463                 err = te_handle_ss_ioctl(file, ioctl_num, ioctl_param);
464                 break;
465
466         default:
467                 pr_err("%s: Invalid IOCTL (0x%x) id 0x%x max 0x%lx\n",
468                         __func__, ioctl_num, _IOC_NR(ioctl_num),
469                         (unsigned long)TE_IOCTL_MAX_NR);
470                 err = -EINVAL;
471                 break;
472         }
473
474         return err;
475 }
476
477 /*
478  * tlk_driver function definitions.
479  */
480 static const struct file_operations tlk_device_fops = {
481         .owner = THIS_MODULE,
482         .open = tlk_device_open,
483         .release = tlk_device_release,
484         .unlocked_ioctl = tlk_device_ioctl,
485 #ifdef CONFIG_COMPAT
486         .compat_ioctl = tlk_device_ioctl,
487 #endif
488 };
489
490 struct miscdevice tlk_misc_device = {
491         .minor = MISC_DYNAMIC_MINOR,
492         .name = "tlk_device",
493         .fops = &tlk_device_fops,
494 };
495
496 static struct device_node *get_tlk_device_node(void)
497 {
498         struct device_node *node;
499
500         node = of_find_compatible_node(NULL, NULL,
501                         "nvidia,trusted-little-kernel");
502         if (!node)
503                 pr_info("TLK node not present in the FDT\n");
504
505         return node;
506 }
507
508 static int __init tlk_init(void)
509 {
510         int ret;
511
512         /* check if the driver node is present in the device tree */
513         if (get_tlk_device_node() == NULL) {
514                 pr_err("%s: fail\n", __func__);
515                 return -ENODEV;
516         }
517
518         INIT_LIST_HEAD(&(tlk_dev.used_cmd_list));
519         INIT_LIST_HEAD(&(tlk_dev.free_cmd_list));
520
521         ret = te_create_free_cmd_list(&tlk_dev);
522         if (ret != 0)
523                 return ret;
524
525         return misc_register(&tlk_misc_device);
526 }
527
528 module_init(tlk_init);
529
530 int ote_property_is_disabled(const char *str)
531 {
532         struct device_node *tlk;
533         const char *prop;
534
535         /* check if the driver node is present in the device tree */
536         tlk = get_tlk_device_node();
537         if (!tlk) {
538                 pr_err("%s: fail\n", __func__);
539                 return -ENODEV;
540         }
541
542         if (of_property_read_string(tlk, str, &prop)) {
543                 pr_warn("missing \"%s\" property\n", str);
544                 return -ENXIO;
545         }
546
547         if (strcmp("enabled", prop))
548                 return -ENOTSUPP;
549
550         return 0;
551 }