diff options
Diffstat (limited to 'meta-arm/meta-arm/recipes-security/optee/optee-os-3.20.0/0007-core-spmc-handle-non-secure-interrupts.patch')
| -rw-r--r-- | meta-arm/meta-arm/recipes-security/optee/optee-os-3.20.0/0007-core-spmc-handle-non-secure-interrupts.patch | 279 |
1 files changed, 279 insertions, 0 deletions
diff --git a/meta-arm/meta-arm/recipes-security/optee/optee-os-3.20.0/0007-core-spmc-handle-non-secure-interrupts.patch b/meta-arm/meta-arm/recipes-security/optee/optee-os-3.20.0/0007-core-spmc-handle-non-secure-interrupts.patch new file mode 100644 index 0000000000..a0377abafe --- /dev/null +++ b/meta-arm/meta-arm/recipes-security/optee/optee-os-3.20.0/0007-core-spmc-handle-non-secure-interrupts.patch @@ -0,0 +1,279 @@ +From f4b4f5bccc1be9a709008cc8e6107302745796c8 Mon Sep 17 00:00:00 2001 +From: Imre Kis <imre.kis@arm.com> +Date: Tue, 18 Apr 2023 16:41:51 +0200 +Subject: [PATCH] core: spmc: handle non-secure interrupts + +Add FFA_INTERRUPT and FFA_RUN support for signaling non-secure +interrupts and for resuming to the secure world. If a secure partition +is preempted by a non-secure interrupt OP-TEE saves the SP's state and +sends an FFA_INTERRUPT to the normal world. After handling the interrupt +the normal world should send an FFA_RUN to OP-TEE so it can continue +running the SP. +If OP-TEE is the active FF-A endpoint (i.e. it is running TAs) the +non-secure interrupts are signaled by the existing +OPTEE_FFA_YIELDING_CALL_RETURN_INTERRUPT message instead of +FFA_INTERRUPT. + +Upstream-Status: Pending + +Signed-off-by: Imre Kis <imre.kis@arm.com> +Change-Id: I577ebe86d416ee494963216a66a3bfc8206921b4 + +--- + core/arch/arm/include/ffa.h | 2 +- + .../arch/arm/include/kernel/spmc_sp_handler.h | 11 +++++++ + core/arch/arm/kernel/secure_partition.c | 17 ++++++++++ + core/arch/arm/kernel/spmc_sp_handler.c | 26 ++++++++++++++++ + core/arch/arm/kernel/thread.c | 7 +++++ + core/arch/arm/kernel/thread_spmc.c | 31 ++++++++++++++++++- + core/arch/arm/kernel/thread_spmc_a64.S | 30 ++++++++++++++++++ + 7 files changed, 122 insertions(+), 2 deletions(-) + +diff --git a/core/arch/arm/include/ffa.h b/core/arch/arm/include/ffa.h +index 5a19fb0c..b3d1d354 100644 +--- a/core/arch/arm/include/ffa.h ++++ b/core/arch/arm/include/ffa.h +@@ -50,7 +50,7 @@ + #define FFA_ID_GET U(0x84000069) + #define FFA_MSG_WAIT U(0x8400006B) + #define FFA_MSG_YIELD U(0x8400006C) +-#define FFA_MSG_RUN U(0x8400006D) ++#define FFA_RUN U(0x8400006D) + #define FFA_MSG_SEND U(0x8400006E) + #define FFA_MSG_SEND_DIRECT_REQ_32 U(0x8400006F) + #define FFA_MSG_SEND_DIRECT_REQ_64 U(0xC400006F) +diff --git a/core/arch/arm/include/kernel/spmc_sp_handler.h b/core/arch/arm/include/kernel/spmc_sp_handler.h +index f5bda7bf..30c1e469 100644 +--- a/core/arch/arm/include/kernel/spmc_sp_handler.h ++++ b/core/arch/arm/include/kernel/spmc_sp_handler.h +@@ -25,6 +25,8 @@ void spmc_sp_start_thread(struct thread_smc_args *args); + int spmc_sp_add_share(struct ffa_rxtx *rxtx, + size_t blen, uint64_t *global_handle, + struct sp_session *owner_sp); ++void spmc_sp_set_to_preempted(struct ts_session *ts_sess); ++int spmc_sp_resume_from_preempted(uint16_t endpoint_id); + #else + static inline void spmc_sp_start_thread(struct thread_smc_args *args __unused) + { +@@ -37,6 +39,15 @@ static inline int spmc_sp_add_share(struct ffa_rxtx *rxtx __unused, + { + return FFA_NOT_SUPPORTED; + } ++ ++static inline void spmc_sp_set_to_preempted(struct ts_session *ts_sess __unused) ++{ ++} ++ ++static inline int spmc_sp_resume_from_preempted(uint16_t endpoint_id __unused) ++{ ++ return FFA_NOT_SUPPORTED; ++} + #endif + + #endif /* __KERNEL_SPMC_SP_HANDLER_H */ +diff --git a/core/arch/arm/kernel/secure_partition.c b/core/arch/arm/kernel/secure_partition.c +index 1d36e90b..6e351e43 100644 +--- a/core/arch/arm/kernel/secure_partition.c ++++ b/core/arch/arm/kernel/secure_partition.c +@@ -999,6 +999,8 @@ static TEE_Result sp_enter_invoke_cmd(struct ts_session *s, + struct sp_session *sp_s = to_sp_session(s); + struct ts_session *sess = NULL; + struct thread_ctx_regs *sp_regs = NULL; ++ uint32_t thread_id = THREAD_ID_INVALID; ++ uint32_t rpc_target_info = 0; + uint32_t panicked = false; + uint32_t panic_code = 0; + +@@ -1011,8 +1013,23 @@ static TEE_Result sp_enter_invoke_cmd(struct ts_session *s, + sp_regs->cpsr = read_daif() & (SPSR_64_DAIF_MASK << SPSR_64_DAIF_SHIFT); + + exceptions = thread_mask_exceptions(THREAD_EXCP_ALL); ++ ++ /* ++ * Store endpoint ID and thread ID in rpc_target_info. This will be used ++ * as w1 in FFA_INTERRUPT in case of a NWd interrupt. ++ */ ++ rpc_target_info = thread_get_tsd()->rpc_target_info; ++ thread_id = thread_get_id(); ++ assert((thread_id & ~0xffff) == 0); ++ thread_get_tsd()->rpc_target_info = (sp_s->endpoint_id << 16) | ++ (thread_id & 0xffff); ++ + __thread_enter_user_mode(sp_regs, &panicked, &panic_code); ++ + sp_regs->cpsr = cpsr; ++ /* Restore rpc_target_info */ ++ thread_get_tsd()->rpc_target_info = rpc_target_info; ++ + thread_unmask_exceptions(exceptions); + + thread_user_clear_vfp(&ctx->uctx); +diff --git a/core/arch/arm/kernel/spmc_sp_handler.c b/core/arch/arm/kernel/spmc_sp_handler.c +index 5d3326fc..f4c7ff81 100644 +--- a/core/arch/arm/kernel/spmc_sp_handler.c ++++ b/core/arch/arm/kernel/spmc_sp_handler.c +@@ -366,6 +366,32 @@ cleanup: + return res; + } + ++void spmc_sp_set_to_preempted(struct ts_session *ts_sess) ++{ ++ if (ts_sess && is_sp_ctx(ts_sess->ctx)) { ++ struct sp_session *sp_sess = to_sp_session(ts_sess); ++ ++ assert(sp_sess->state == sp_busy); ++ ++ sp_sess->state = sp_preempted; ++ } ++} ++ ++int spmc_sp_resume_from_preempted(uint16_t endpoint_id) ++{ ++ struct sp_session *sp_sess = sp_get_session(endpoint_id); ++ ++ if (!sp_sess) ++ return FFA_INVALID_PARAMETERS; ++ ++ if (sp_sess->state != sp_preempted) ++ return FFA_DENIED; ++ ++ sp_sess->state = sp_busy; ++ ++ return FFA_OK; ++} ++ + static bool check_rxtx(struct ffa_rxtx *rxtx) + { + return rxtx && rxtx->rx && rxtx->tx && rxtx->size > 0; +diff --git a/core/arch/arm/kernel/thread.c b/core/arch/arm/kernel/thread.c +index 1e7f9f96..8cd4dc96 100644 +--- a/core/arch/arm/kernel/thread.c ++++ b/core/arch/arm/kernel/thread.c +@@ -531,6 +531,13 @@ int thread_state_suspend(uint32_t flags, uint32_t cpsr, vaddr_t pc) + core_mmu_set_user_map(NULL); + } + ++ if (IS_ENABLED(CFG_SECURE_PARTITION)) { ++ struct ts_session *ts_sess = ++ TAILQ_FIRST(&threads[ct].tsd.sess_stack); ++ ++ spmc_sp_set_to_preempted(ts_sess); ++ } ++ + l->curr_thread = THREAD_ID_INVALID; + + if (IS_ENABLED(CFG_VIRTUALIZATION)) +diff --git a/core/arch/arm/kernel/thread_spmc.c b/core/arch/arm/kernel/thread_spmc.c +index 3b4ac0b4..bc4e7687 100644 +--- a/core/arch/arm/kernel/thread_spmc.c ++++ b/core/arch/arm/kernel/thread_spmc.c +@@ -45,7 +45,7 @@ struct mem_frag_state { + #endif + + /* Initialized in spmc_init() below */ +-static uint16_t my_endpoint_id; ++uint16_t my_endpoint_id; + + /* + * If struct ffa_rxtx::size is 0 RX/TX buffers are not mapped or initialized. +@@ -437,6 +437,32 @@ out: + FFA_PARAM_MBZ, FFA_PARAM_MBZ); + cpu_spin_unlock(&rxtx->spinlock); + } ++ ++static void spmc_handle_run(struct thread_smc_args *args) ++{ ++ uint16_t endpoint = (args->a1 >> 16) & 0xffff; ++ uint16_t thread_id = (args->a1 & 0xffff); ++ uint32_t rc = 0; ++ ++ if (endpoint != my_endpoint_id) { ++ /* ++ * The endpoint should be an SP, try to resume the SP from ++ * preempted into busy state. ++ */ ++ rc = spmc_sp_resume_from_preempted(endpoint); ++ if (rc) ++ goto out; ++ } ++ ++ thread_resume_from_rpc(thread_id, 0, 0, 0, 0); ++ ++ /* thread_resume_from_rpc return only of the thread_id is invalid */ ++ rc = FFA_INVALID_PARAMETERS; ++ ++out: ++ spmc_set_args(args, FFA_ERROR, FFA_PARAM_MBZ, rc, FFA_PARAM_MBZ, ++ FFA_PARAM_MBZ, FFA_PARAM_MBZ); ++} + #endif /*CFG_CORE_SEL1_SPMC*/ + + static void handle_yielding_call(struct thread_smc_args *args) +@@ -970,6 +996,9 @@ void thread_spmc_msg_recv(struct thread_smc_args *args) + case FFA_PARTITION_INFO_GET: + spmc_handle_partition_info_get(args, &nw_rxtx); + break; ++ case FFA_RUN: ++ spmc_handle_run(args); ++ break; + #endif /*CFG_CORE_SEL1_SPMC*/ + case FFA_INTERRUPT: + itr_core_handler(); +diff --git a/core/arch/arm/kernel/thread_spmc_a64.S b/core/arch/arm/kernel/thread_spmc_a64.S +index 21cb6251..7297005a 100644 +--- a/core/arch/arm/kernel/thread_spmc_a64.S ++++ b/core/arch/arm/kernel/thread_spmc_a64.S +@@ -14,6 +14,20 @@ + #include <kernel/thread.h> + #include <optee_ffa.h> + ++#if CFG_SECURE_PARTITION ++LOCAL_FUNC thread_ffa_interrupt , : ++ mov_imm x0, FFA_INTERRUPT /* FID */ ++ /* X1: Endpoint/vCPU IDs is set by caller */ ++ mov x2, #FFA_PARAM_MBZ /* Param MBZ */ ++ mov x3, #FFA_PARAM_MBZ /* Param MBZ */ ++ mov x4, #FFA_PARAM_MBZ /* Param MBZ */ ++ mov x5, #FFA_PARAM_MBZ /* Param MBZ */ ++ mov x6, #FFA_PARAM_MBZ /* Param MBZ */ ++ mov x7, #FFA_PARAM_MBZ /* Param MBZ */ ++ b .ffa_msg_loop ++END_FUNC thread_ffa_msg_wait ++#endif /* CFG_SECURE_PARTITION */ ++ + FUNC thread_ffa_msg_wait , : + mov_imm x0, FFA_MSG_WAIT /* FID */ + mov x1, #FFA_TARGET_INFO_MBZ /* Target info MBZ */ +@@ -171,6 +185,14 @@ END_FUNC thread_rpc + * The current thread as indicated by @thread_index has just been + * suspended. The job here is just to inform normal world the thread id to + * resume when returning. ++ * If the active FF-A endpoint is OP-TEE (or a TA) then an this function send an ++ * OPTEE_FFA_YIELDING_CALL_RETURN_INTERRUPT message to the normal world via the ++ * FFA_MSG_SEND_DIRECT_RESP interface. This is handled by the OP-TEE ++ * driver in Linux so it can schedule task to the thread. ++ * If the active endpoint is an SP the function sends an FFA_INTERRUPT. This is ++ * handled by the FF-A driver and after taking care of the NWd interrupts it ++ * returns via an FFA_RUN call. ++ * The active endpoint is determined by the upper 16 bits of rpc_target_info. + */ + FUNC thread_foreign_intr_exit , : + /* load threads[w0].tsd.rpc_target_info into w1 */ +@@ -178,6 +200,14 @@ FUNC thread_foreign_intr_exit , : + adr_l x2, threads + madd x1, x1, x0, x2 + ldr w1, [x1, #THREAD_CTX_TSD_RPC_TARGET_INFO] ++#if CFG_SECURE_PARTITION ++ adr_l x2, my_endpoint_id ++ ldrh w2, [x2] ++ lsr w3, w1, #16 ++ cmp w2, w3 ++ /* (threads[w0].tsd.rpc_target_info >> 16) != my_endpoint_id */ ++ bne thread_ffa_interrupt ++#endif /* CFG_SECURE_PARTITION */ + mov x2, #FFA_PARAM_MBZ + mov w3, #FFA_PARAM_MBZ + mov w4, #OPTEE_FFA_YIELDING_CALL_RETURN_INTERRUPT + +-- +2.17.1 |