kernel_samsung_a34x-permissive/drivers/misc/mediatek/geniezone/public/kree/mem.h
2024-04-28 15:49:01 +02:00

352 lines
11 KiB
C
Executable file

/* SPDX-License-Identifier: GPL-2.0 */
/*
* Copyright (c) 2019 MediaTek Inc.
*/
/*
* GenieZone (hypervisor-based seucrity platform) enables hardware protected
* and isolated security execution environment, includes
* 1. GZ hypervisor
* 2. Hypervisor-TEE OS (built-in Trusty OS)
* 3. Drivers (ex: debug, communication and interrupt) for GZ and
* hypervisor-TEE OS
* 4. GZ and hypervisor-TEE and GZ framework (supporting multiple TEE
* ecosystem, ex: M-TEE, Trusty, GlobalPlatform, ...)
*/
/*
* Mediatek GenieZone v1.2.0127
* Header files for KREE memory related functions.
*/
#ifndef __KREE_MEM_H__
#define __KREE_MEM_H__
#if IS_ENABLED(CONFIG_MTK_IN_HOUSE_TEE_SUPPORT) \
|| IS_ENABLED(CONFIG_MTK_ENABLE_GENIEZONE)
#include <tz_cross/trustzone.h>
#include <tz_cross/gz_version.h>
#define KREE_SESSION_HANDLE_NULL ((KREE_SESSION_HANDLE)0)
#define KREE_SESSION_HANDLE_FAIL ((KREE_SESSION_HANDLE)-1)
/**
* Memory handle define
*
* Handle is used to communicate with normal world:
* 1. Memory information can not expose to normal world. (Major, important!)
* 2. Too much information, and thet can be grouped by handle.
*
* All kinds of memory use the same handle define.
* According to their different purpose, they are redefined to specific name.
* Just for easy programming.
*/
/* / KREE session handle type. */
typedef int32_t KREE_SESSION_HANDLE;
/* Shared memory handle define */
typedef uint32_t KREE_SHAREDMEM_HANDLE;
/* Secure memory handle define */
typedef uint32_t KREE_SECUREMEM_HANDLE;
/* Secure chunk memory handle define */
typedef uint32_t KREE_SECURECM_HANDLE;
/* Release Secure chunk memory handle define */
typedef uint32_t KREE_RELEASECM_HANDLE;
/* ION memory handle define */
typedef uint32_t KREE_ION_HANDLE;
typedef uint32_t *KREE_ION_HANDLE_PTR;
/**
* Shared memory parameter
*
* It defines the types for shared memory.
*
* @param buffer A pointer to shared memory buffer
* @param size shared memory size in bytes
*/
struct kree_shared_mem_param {
uint32_t size;
uint32_t region_id;
void *buffer;
void *mapAry;
};
#define KREE_SHAREDMEM_PARAM struct kree_shared_mem_param
/**
* compress a PA array by run-length coding
*
* It defines the types for shared memory.
*
* @param high high bit of start PA address
* @param low low bit of start PA address
* @param size run length size
*/
struct KREE_SHM_RUNLENGTH_ENTRY {
uint32_t high; /* (uint64_t) start PA address = high | low */
uint32_t low;
uint32_t size;
};
struct KREE_SHM_RUNLENGTH_LIST {
struct KREE_SHM_RUNLENGTH_ENTRY entry;
struct KREE_SHM_RUNLENGTH_LIST *next;
};
/**
* Shared memory
*
* A shared memory is normal memory, which can be seen by Normal world and
* Secure world.
* It is used to create the comminicattion between two worlds.
* Currently, zero-copy data transfer is supportted, for simple and efficient
* design.
*
* The shared memory lifetime:
* 1. CA (Client Application at REE) prepares memory
* 2. CA registers it to TEE scope.
* 3. A handle is returned. CA can use it to communicate with TEE.
* 4. If shared memory is not used, CA unregisters it.
* 5. CA frees memory.
*
* Because it is zero-copy shared memory, the memory characteritics is
* inherited. If the shared memory will be used for HW, CA must allocate
* physical continuous memory.
*
* Note: Because shared memory can be seen by both Normal and Secure world.
* It is a possible weakpoint to bed attacked or leak secure data.
*
* Note: ONLY support memory allocated by kmalloc!!!
*/
/**
* Register shared memory
*
* @param session The session handle.
* @param shm_handle [out] A pointer to shared memory handle.
* @param param A pointer to shared memory parameters.
* @return return code.
*/
TZ_RESULT KREE_RegisterSharedmem(KREE_SESSION_HANDLE session,
KREE_SHAREDMEM_HANDLE *shm_handle,
KREE_SHAREDMEM_PARAM *param);
/**
* Unregister shared memory
*
* @param session The session handle.
* @param shm_handle The shared memory handle.
* @return return code.
*/
TZ_RESULT KREE_UnregisterSharedmem(KREE_SESSION_HANDLE session,
KREE_SHAREDMEM_HANDLE shm_handle);
/**
* Secure memory
*
* A secure memory can be seen only in Secure world.
* Secure memory, here, is defined as external memory (ex: DRAM) protected
* by trustzone.
* It can protect from software attack very well, but can not protect from
* physical attack, like memory probe.
* CA (Client Application at REE) can ask TEE for a secure buffer, then
* control it:
* to reference, or to free...etc.
*
* Secure memory spec.:
* 1. Protected by trustzone (NS = 0).
* 2. External memory (ex: external DRAM).
* 3. With cache.
*/
/**
* Secure memory allocation
*
* Allocate one memory.
* If memory is allocated successfully, a handle will be provided.
*
* Memory lifetime:
* 1. Allocate memory, and get the handle.
* 2. If other process wants to use the same memory, reference it.
* 3. If they stop to use it, unreference it.
* 4. Free it (by unreference), if it is not used.
*
* Simple rules:
* 1. start by allocate, end by unreference (for free).
* 2. start by reference, end by unreference.
*
* @param session The session handle.
* @param mem_handle [out] A pointer to secure memory handle.
* @param alignment Memory alignment in bytes.
* @param size The size of the buffer to be allocated in bytes.
* @return return code.
*/
TZ_RESULT KREE_AllocSecuremem(KREE_SESSION_HANDLE session,
KREE_SECUREMEM_HANDLE *mem_handle,
uint32_t alignment, uint32_t size);
/**
* Zeroed secure memory allocation
*
* Same as KREE_AllocSecuremem() but the content is initialized as zero.
*
* @param session The session handle.
* @param mem_handle [out] A pointer to secure memory handle.
* @param alignment Memory alignment in bytes.
* @param size The size of the buffer to be allocated in bytes.
* @return return code.
*/
TZ_RESULT KREE_ZallocSecuremem(KREE_SESSION_HANDLE session,
KREE_SECUREMEM_HANDLE *mem_handle,
uint32_t alignment, uint32_t size);
/**
* Secure memory allocation With Tag
*
* Same as KREE_AllocSecuremem() but with one additional tag for debugging.
*
* @param session The session handle.
* @param mem_handle [out] A pointer to secure memory handle.
* @param alignment Memory alignment in bytes.
* @param size The size of the buffer to be allocated in bytes.
& @param tag The string for marking the allocation
* @return return code.
*/
/*fix mtee sync*/
TZ_RESULT KREE_AllocSecurememWithTag(KREE_SESSION_HANDLE session,
KREE_SECUREMEM_HANDLE *mem_handle,
uint32_t alignment, uint32_t size,
const char *tag);
/**
* Zeroed secure memory allocation with tag
*
* Same as KREE_AllocSecurememWithTag() but the content is initialized as zero.
*
* @param session The session handle.
* @param mem_handle [out] A pointer to secure memory handle.
* @param alignment Memory alignment in bytes.
* @param size The size of the buffer to be allocated in bytes.
* @return return code.
*/
TZ_RESULT KREE_ZallocSecurememWithTag(KREE_SESSION_HANDLE session,
KREE_SECUREMEM_HANDLE *mem_handle,
uint32_t alignment, uint32_t size,
const char *tag);
/**
* Secure memory reference
*
* Reference memory.
* Referen count will be increased by 1 after reference.
*
* Reference lifetime:
* 1. Reference the memory before using it, if the memory is allocated by
* other process.
* 2. Unreference it if it is not used.
*
* @param session The session handle.
* @param mem_handle The secure memory handle.
* @param return return code.
*/
TZ_RESULT KREE_ReferenceSecuremem(KREE_SESSION_HANDLE session,
KREE_SECUREMEM_HANDLE mem_handle);
/**
* Secure memory unreference
*
* Unreference memory.
* Reference count will be decreased by 1 after unreference.
* Once reference count is zero, memory will be freed.
*
* @param session The session handle.
* @param mem_handle The secure memory handle.
* @param return return code.
*/
TZ_RESULT KREE_UnreferenceSecuremem(KREE_SESSION_HANDLE session,
KREE_SECUREMEM_HANDLE mem_handle);
/**
* Secure chunk memory release
*
* Release secure chunk memory for normal world usage.
*
* @param session The session handle.
* @param size [out] The pointer to released size in bytes.
* @param return return code.
*/
TZ_RESULT KREE_ReleaseSecureMultichunkmem(KREE_SESSION_HANDLE session,
KREE_SHAREDMEM_HANDLE cm_handle);
TZ_RESULT KREE_ReleaseSecureMultichunkmem_basic(KREE_SESSION_HANDLE session,
KREE_SHAREDMEM_HANDLE cm_handle);
/**
* Secure chunk memory append
*
* Append secure chunk memory back to secure world.
*
* @param session The session handle.
* @param return return code.
*/
TZ_RESULT KREE_AppendSecureMultichunkmem(KREE_SESSION_HANDLE session,
KREE_SHAREDMEM_HANDLE *cm_handle,
KREE_SHAREDMEM_PARAM *param);
TZ_RESULT KREE_AppendSecureMultichunkmem_basic(KREE_SESSION_HANDLE session,
KREE_SHAREDMEM_HANDLE *cm_handle,
KREE_SHAREDMEM_PARAM *param);
TZ_RESULT KREE_AllocSecureMultichunkmem(KREE_SESSION_HANDLE session,
KREE_SHAREDMEM_HANDLE chm_handle,
KREE_SECUREMEM_HANDLE *mem_handle,
uint32_t alignment, uint32_t size);
TZ_RESULT KREE_ZallocSecureMultichunkmem(KREE_SESSION_HANDLE session,
KREE_SHAREDMEM_HANDLE chm_handle,
KREE_SECUREMEM_HANDLE *mem_handle,
uint32_t alignment, uint32_t size);
TZ_RESULT KREE_ReferenceSecureMultichunkmem(KREE_SESSION_HANDLE session,
KREE_SECUREMEM_HANDLE mem_handle);
TZ_RESULT KREE_UnreferenceSecureMultichunkmem(KREE_SESSION_HANDLE session,
KREE_SECUREMEM_HANDLE mem_handle, uint32_t *count);
TZ_RESULT KREE_ION_AllocChunkmem(KREE_SESSION_HANDLE session,
KREE_SHAREDMEM_HANDLE chm_handle,
KREE_SECUREMEM_HANDLE *secmHandle,
uint32_t alignment,
uint32_t size);
TZ_RESULT KREE_ION_ZallocChunkmem(KREE_SESSION_HANDLE session,
KREE_SHAREDMEM_HANDLE chm_handle,
KREE_SECUREMEM_HANDLE *secmHandle,
uint32_t alignment, uint32_t size);
TZ_RESULT KREE_ION_ReferenceChunkmem(KREE_SESSION_HANDLE session,
KREE_SECUREMEM_HANDLE secmHandle);
TZ_RESULT KREE_ION_UnreferenceChunkmem(KREE_SESSION_HANDLE session,
KREE_SECUREMEM_HANDLE secmHandle);
/*only for test*/
TZ_RESULT KREE_QueryChunkmem_TEST(KREE_SESSION_HANDLE session,
KREE_SECUREMEM_HANDLE secmHandle, uint32_t cmd);
TZ_RESULT KREE_ION_QueryChunkmem_TEST(KREE_SESSION_HANDLE session,
KREE_SECUREMEM_HANDLE secmHandle, uint32_t cmd);
TZ_RESULT KREE_ConfigSecureMultiChunkMemInfo(KREE_SESSION_HANDLE session,
uint64_t pa, uint32_t size,
uint32_t region_id);
#endif /* CONFIG_MTK_IN_HOUSE_TEE_SUPPORT || CONFIG_MTK_ENABLE_GENIEZONE*/
#endif /* __KREE_MEM_H__ */