tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Documentation: tee: Add Qualcomm TEE driver

Add documentation for the Qualcomm TEE driver.

Acked-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Signed-off-by: Amirreza Zarrabi <amirreza.zarrabi@oss.qualcomm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

authored by

Amirreza Zarrabi and committed by
Jens Wiklander dcc7a571 87ab676d

+98
+1
Documentation/tee/index.rst
··· 11 11 op-tee 12 12 amd-tee 13 13 ts-tee 14 + qtee 14 15 15 16 .. only:: subproject and html 16 17
+96
Documentation/tee/qtee.rst
··· 1 + .. SPDX-License-Identifier: GPL-2.0 2 + 3 + ============================================= 4 + QTEE (Qualcomm Trusted Execution Environment) 5 + ============================================= 6 + 7 + The QTEE driver handles communication with Qualcomm TEE [1]. 8 + 9 + The lowest level of communication with QTEE builds on the ARM SMC Calling 10 + Convention (SMCCC) [2], which is the foundation for QTEE's Secure Channel 11 + Manager (SCM) [3] used internally by the driver. 12 + 13 + In a QTEE-based system, services are represented as objects with a series of 14 + operations that can be called to produce results, including other objects. 15 + 16 + When an object is hosted within QTEE, executing its operations is referred 17 + to as "direct invocation". QTEE can also invoke objects hosted in the non-secure 18 + world using a method known as "callback request". 19 + 20 + The SCM provides two functions to support direct invocation and callback requests: 21 + 22 + - QCOM_SCM_SMCINVOKE_INVOKE: Used for direct invocation. It can return either 23 + a result or initiate a callback request. 24 + - QCOM_SCM_SMCINVOKE_CB_RSP: Used to submit a response to a callback request 25 + triggered by a previous direct invocation. 26 + 27 + The QTEE Transport Message [4] is stacked on top of the SCM driver functions. 28 + 29 + A message consists of two buffers shared with QTEE: inbound and outbound 30 + buffers. The inbound buffer is used for direct invocation, and the outbound 31 + buffer is used to make callback requests. This picture shows the contents of 32 + a QTEE transport message:: 33 + 34 + +---------------------+ 35 + | v 36 + +-----------------+-------+-------+------+--------------------------+ 37 + | qcomtee_msg_ |object | buffer | | 38 + | object_invoke | id | offset, size | | (inbound buffer) 39 + +-----------------+-------+--------------+--------------------------+ 40 + <---- header -----><---- arguments ------><- in/out buffer payload -> 41 + 42 + +-----------+ 43 + | v 44 + +-----------------+-------+-------+------+----------------------+ 45 + | qcomtee_msg_ |object | buffer | | 46 + | callback | id | offset, size | | (outbound buffer) 47 + +-----------------+-------+--------------+----------------------+ 48 + 49 + Each buffer is started with a header and array of arguments. 50 + 51 + QTEE Transport Message supports four types of arguments: 52 + 53 + - Input Object (IO) is an object parameter to the current invocation 54 + or callback request. 55 + - Output Object (OO) is an object parameter from the current invocation 56 + or callback request. 57 + - Input Buffer (IB) is (offset, size) pair to the inbound or outbound region 58 + to store parameter to the current invocation or callback request. 59 + - Output Buffer (OB) is (offset, size) pair to the inbound or outbound region 60 + to store parameter from the current invocation or callback request. 61 + 62 + Picture of the relationship between the different components in the QTEE 63 + architecture:: 64 + 65 + User space Kernel Secure world 66 + ~~~~~~~~~~ ~~~~~~ ~~~~~~~~~~~~ 67 + +--------+ +----------+ +--------------+ 68 + | Client | |callback | | Trusted | 69 + +--------+ |server | | Application | 70 + /\ +----------+ +--------------+ 71 + || +----------+ /\ /\ 72 + || |callback | || || 73 + || |server | || \/ 74 + || +----------+ || +--------------+ 75 + || /\ || | TEE Internal | 76 + || || || | API | 77 + \/ \/ \/ +--------+--------+ +--------------+ 78 + +---------------------+ | TEE | QTEE | | QTEE | 79 + | libqcomtee [5] | | subsys | driver | | Trusted OS | 80 + +-------+-------------+--+----+-------+----+-------------+--------------+ 81 + | Generic TEE API | | QTEE MSG | 82 + | IOCTL (TEE_IOC_*) | | SMCCC (QCOM_SCM_SMCINVOKE_*) | 83 + +-----------------------------+ +---------------------------------+ 84 + 85 + References 86 + ========== 87 + 88 + [1] https://docs.qualcomm.com/bundle/publicresource/topics/80-70015-11/qualcomm-trusted-execution-environment.html 89 + 90 + [2] http://infocenter.arm.com/help/topic/com.arm.doc.den0028a/index.html 91 + 92 + [3] drivers/firmware/qcom/qcom_scm.c 93 + 94 + [4] drivers/tee/qcomtee/qcomtee_msg.h 95 + 96 + [5] https://github.com/quic/quic-teec
+1
MAINTAINERS
··· 20860 20860 M: Amirreza Zarrabi <amirreza.zarrabi@oss.qualcomm.com> 20861 20861 L: linux-arm-msm@vger.kernel.org 20862 20862 S: Maintained 20863 + F: Documentation/tee/qtee.rst 20863 20864 F: drivers/tee/qcomtee/ 20864 20865 20865 20866 QUALCOMM TRUST ZONE MEMORY ALLOCATOR