OP-TEE meditor needs to store per-domain context, as will be seen in the next patches. At this moment it stores only reference to domain.
This allows us to filter out calls from domains that are not allowed to work with OP-TEE.
Signed-off-by: Volodymyr Babchuk volodymyr_babchuk@epam.com --- xen/arch/arm/tee/optee.c | 66 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 66 insertions(+)
diff --git a/xen/arch/arm/tee/optee.c b/xen/arch/arm/tee/optee.c index 48bff5d..c895a99 100644 --- a/xen/arch/arm/tee/optee.c +++ b/xen/arch/arm/tee/optee.c @@ -19,6 +19,14 @@ #include <asm/tee/optee_msg.h> #include <asm/tee/optee_smc.h>
+struct domain_ctx { + struct list_head list; + struct domain *domain; +}; + +static LIST_HEAD(domain_ctx_list); +static DEFINE_SPINLOCK(domain_ctx_list_lock); + static bool optee_probe(void) { struct dt_device_node *node; @@ -41,18 +49,49 @@ static bool optee_probe(void) return true; }
+static struct domain_ctx *find_domain_ctx(struct domain* d) +{ + struct domain_ctx *ctx; + + spin_lock(&domain_ctx_list_lock); + + list_for_each_entry( ctx, &domain_ctx_list, list ) + { + if ( ctx->domain == d ) + { + spin_unlock(&domain_ctx_list_lock); + return ctx; + } + } + + spin_unlock(&domain_ctx_list_lock); + return NULL; +} + static int optee_enable(struct domain *d) { struct arm_smccc_res resp; + struct domain_ctx *ctx; + + ctx = xzalloc(struct domain_ctx); + if ( !ctx ) + return -ENOMEM;
arm_smccc_smc(OPTEE_SMC_VM_CREATED, d->domain_id + 1, 0, 0, 0, 0, 0, 0, &resp); if ( resp.a0 != OPTEE_SMC_RETURN_OK ) { gprintk(XENLOG_WARNING, "OP-TEE don't want to support domain: %d\n", (uint32_t)resp.a0); + xfree(ctx); return -ENODEV; }
+ ctx->domain = d; + + spin_lock(&domain_ctx_list_lock); + list_add_tail(&ctx->list, &domain_ctx_list); + spin_unlock(&domain_ctx_list_lock); + return 0; }
@@ -95,15 +134,36 @@ static void set_return(struct cpu_user_regs *regs, uint32_t ret) set_user_reg(regs, 7, 0); }
+ static void optee_domain_destroy(struct domain *d) { struct arm_smccc_res resp; + struct domain_ctx *ctx; + bool found = false;
/* At this time all domain VCPUs should be stopped */
/* Inform OP-TEE that domain is shutting down */ arm_smccc_smc(OPTEE_SMC_VM_DESTROYED, d->domain_id + 1, 0, 0, 0, 0, 0, 0, &resp); + + /* Remove context from the list */ + spin_lock(&domain_ctx_list_lock); + list_for_each_entry( ctx, &domain_ctx_list, list ) + { + if ( ctx->domain == d ) + { + found = true; + list_del(&ctx->list); + break; + } + } + spin_unlock(&domain_ctx_list_lock); + + if ( !found ) + return; + + xfree(ctx); }
static bool handle_exchange_capabilities(struct cpu_user_regs *regs) @@ -141,6 +201,12 @@ static bool handle_exchange_capabilities(struct cpu_user_regs *regs)
static bool optee_handle_call(struct cpu_user_regs *regs) { + struct domain_ctx *ctx; + + ctx = find_domain_ctx(current->domain); + if ( !ctx ) + return false; + switch ( get_user_reg(regs, 0) ) { case OPTEE_SMC_CALLS_COUNT: