Hi all,
First, thanks Jens for giving the first step with this patchset :)
A few comments on the interface; I wanted to write before sending a patch with what I propose.
I think that the ioctl is clean and reflects what we discussed. However, the fact that ioctls directly map to the specific drivers defeats the purpose of enabling kernel submodules to access TEE trusted services; user space applications use the ioctls, but they are inaccessible to kernel submodules.
I propose that the ioctl, after taking user space parameters calls an internal set of operations that are also available to the rest of the kernel. You can see how I implemented this in branch “tz_driver_first”; this is what I originally sent to LKLM. Note that here I only have internal operations (tz_open, tz_transmit, etc.), not the ioctls.
There are a couple of challenges in terms of how to maintain a generic session and send generic commands, since each TEE can use different internal structures. The way I chose to solve it is in this patchset too.
I will work on porting what I did on top of Jens’ patches and send something over the day.
Best,
Javier
On 25 Mar 2015, at 12:01, Jens Wiklander jens.wiklander@linaro.org wrote:
Hi,
Here's version 4 of the generic TEE subsystem patch set.
Changes in V4:
- Broken out the stubbed OP-TEE driver into a separate patch
- Addressed review comments
- Added a few more functions to tee_drv.h
- Updated tee.h
Changes in V3:
- Some small changes in the "tee: add user space interface"
- New patch for the subsystem implementation
Jens Wiklander (3): tee: add user space interface tee: generic TEE subsystem tee: add OP-TEE driver
Documentation/ioctl/ioctl-number.txt | 1 + drivers/Kconfig | 2 + drivers/Makefile | 1 + drivers/sec-hw/Kconfig | 33 +++ drivers/sec-hw/Makefile | 3 + drivers/sec-hw/optee/Kconfig | 22 ++ drivers/sec-hw/optee/Makefile | 1 + drivers/sec-hw/optee/optee.c | 201 +++++++++++++++++ drivers/sec-hw/tee.c | 243 +++++++++++++++++++++ drivers/sec-hw/tee_private.h | 42 ++++ drivers/sec-hw/tee_shm.c | 403 +++++++++++++++++++++++++++++++++++ include/linux/sec-hw/tee.h | 180 ++++++++++++++++ include/linux/sec-hw/tee_drv.h | 214 +++++++++++++++++++ 13 files changed, 1346 insertions(+) create mode 100644 drivers/sec-hw/Kconfig create mode 100644 drivers/sec-hw/Makefile create mode 100644 drivers/sec-hw/optee/Kconfig create mode 100644 drivers/sec-hw/optee/Makefile create mode 100644 drivers/sec-hw/optee/optee.c create mode 100644 drivers/sec-hw/tee.c create mode 100644 drivers/sec-hw/tee_private.h create mode 100644 drivers/sec-hw/tee_shm.c create mode 100644 include/linux/sec-hw/tee.h create mode 100644 include/linux/sec-hw/tee_drv.h
-- 1.9.1
Tee-dev mailing list Tee-dev@lists.linaro.org http://lists.linaro.org/mailman/listinfo/tee-dev
Javier