There are cases in a virtualized environment where a privileged guest needs to communicate with OP-TEE OS without the presence of a hypervisor (eg system recovery). As OP-TEE OS with virtualization support requires all guests to be announced and requests to be tagged with vm id, the above task would require reflashing OP-TEE OS with a build that disables virtualization support.
The following patches introduce compatibilty between a natively running OS (ie without a hypervisor) and OP-TEE OS configured with virtualization support. This is achieved by the driver announcing itself to OP-TEE, and tagging subsequent requests with a predetermined vm id.
For this change to be interoperable with virtualized environments, a hypervisor has the following options:
1. Filter out the OPTEE_SMC_SEC_CAP_VIRTUALIZATION capability, so that the driver is not aware of executing in a virtualized setup. In that case, the driver will not announce itself or update the vm id parameter.
2. Gracefully handle the announcement of addition / removal of guests from the driver (OPTEE_SMC_VM_CREATED / OPTEE_SMC_VM_DESTROYED), and overwrite the vm id parameter as normal.
Enabling this option does not have an impact on OP-TEE OS configured without virtualization support.
Please notice that this patch depends on 9733b072a12a from mainline Linux, which is not available in Linaro's tree.
Michalis Pappas (2): tee: optee: Add protocol definitions for virtualization tee: optee: Allow native systems to interact with virtualization-enabled OP-TEE
drivers/tee/optee/Kconfig | 23 +++++++++++++++ drivers/tee/optee/core.c | 43 ++++++++++++++++++++++++++++ drivers/tee/optee/optee_smc.h | 54 +++++++++++++++++++++++++++++++++++ 3 files changed, 120 insertions(+)
-- 2.17.1
Please mind our privacy noticehttps://www.opensynergy.com/datenschutzerklaerung/privacy-notice-for-business-partners-pursuant-to-article-13-of-the-general-data-protection-regulation-gdpr/ pursuant to Art. 13 GDPR. // Unsere Hinweise zum Datenschutz gem. Art. 13 DSGVO finden Sie hier.https://www.opensynergy.com/de/datenschutzerklaerung/datenschutzhinweise-fuer-geschaeftspartner-gem-art-13-dsgvo/
Signed-off-by: Michalis Pappas mpp@opensynergy.com --- drivers/tee/optee/optee_smc.h | 54 +++++++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+)
diff --git a/drivers/tee/optee/optee_smc.h b/drivers/tee/optee/optee_smc.h index c72122d9c997..8643b24e0386 100644 --- a/drivers/tee/optee/optee_smc.h +++ b/drivers/tee/optee/optee_smc.h @@ -214,6 +214,8 @@ struct optee_smc_get_shm_config_result { * secure world accepts command buffers located in any parts of non-secure RAM */ #define OPTEE_SMC_SEC_CAP_DYNAMIC_SHM BIT(2) +/* Secure world is built with virtualization support */ +#define OPTEE_SMC_SEC_CAP_VIRTUALIZATION BIT(3)
#define OPTEE_SMC_FUNCID_EXCHANGE_CAPABILITIES 9 #define OPTEE_SMC_EXCHANGE_CAPABILITIES \ @@ -290,6 +292,58 @@ struct optee_smc_disable_shm_cache_result { #define OPTEE_SMC_ENABLE_SHM_CACHE \ OPTEE_SMC_FAST_CALL_VAL(OPTEE_SMC_FUNCID_ENABLE_SHM_CACHE)
+/* + * Inform OP-TEE about a new virtual machine + * + * Hypervisor issues this call during virtual machine (guest) creation. + * OP-TEE records client id of new virtual machine and prepares + * to receive requests from it. This call is available only if OP-TEE + * was built with virtualization support. + * + * Call requests usage: + * a0 SMC Function ID, OPTEE_SMC_VM_CREATED + * a1 Hypervisor Client ID of newly created virtual machine + * a2-6 Not used + * a7 Hypervisor Client ID register. Must be 0, because only hypervisor + * can issue this call + * + * Normal return register usage: + * a0 OPTEE_SMC_RETURN_OK + * a1-7 Preserved + * + * Error return: + * a0 OPTEE_SMC_RETURN_ENOTAVAIL OP-TEE have no resources for + * another VM + * a1-7 Preserved + * + */ +#define OPTEE_SMC_FUNCID_VM_CREATED 13 +#define OPTEE_SMC_VM_CREATED \ + OPTEE_SMC_FAST_CALL_VAL(OPTEE_SMC_FUNCID_VM_CREATED) + +/* + * Inform OP-TEE about shutdown of a virtual machine + * + * Hypervisor issues this call during virtual machine (guest) destruction. + * OP-TEE will clean up all resources associated with this VM. This call is + * available only if OP-TEE was built with virtualization support. + * + * Call requests usage: + * a0 SMC Function ID, OPTEE_SMC_VM_DESTROYED + * a1 Hypervisor Client ID of virtual machine being shut down + * a2-6 Not used + * a7 Hypervisor Client ID register. Must be 0, because only hypervisor + * can issue this call + * + * Normal return register usage: + * a0 OPTEE_SMC_RETURN_OK + * a1-7 Preserved + * + */ +#define OPTEE_SMC_FUNCID_VM_DESTROYED 14 +#define OPTEE_SMC_VM_DESTROYED \ + OPTEE_SMC_FAST_CALL_VAL(OPTEE_SMC_FUNCID_VM_DESTROYED) + /* * Resume from RPC (for example after processing a foreign interrupt) * -- 2.17.1
Please mind our privacy noticehttps://www.opensynergy.com/datenschutzerklaerung/privacy-notice-for-business-partners-pursuant-to-article-13-of-the-general-data-protection-regulation-gdpr/ pursuant to Art. 13 GDPR. // Unsere Hinweise zum Datenschutz gem. Art. 13 DSGVO finden Sie hier.https://www.opensynergy.com/de/datenschutzerklaerung/datenschutzhinweise-fuer-geschaeftspartner-gem-art-13-dsgvo/
This patch introduces a new configuration parameter that allows the optee driver to announce itself as a guest (CONFIG_OPTEE_VIRT_COMPAT) and tag subsequent requests with a predefined vm id. A second configuration option (CONFIG_OPTEE_VIRT_COMPAT_VM_ID) allows specifying the vm id the driver will use.
This feature is useful for setups where a privileged guest needs to interact with OP-TEE OS, without the presence of a hypervisor (eg system recovery).
Enabling this option has no impact on OP-TEE OS builds that are configured without virtualization support.
Signed-off-by: Michalis Pappas mpp@opensynergy.com --- drivers/tee/optee/Kconfig | 23 +++++++++++++++++++++ drivers/tee/optee/core.c | 43 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 66 insertions(+)
diff --git a/drivers/tee/optee/Kconfig b/drivers/tee/optee/Kconfig index 4728b591afd1..031dbe0ff467 100644 --- a/drivers/tee/optee/Kconfig +++ b/drivers/tee/optee/Kconfig @@ -20,3 +20,26 @@ config OPTEE_BENCHMARK help This enables benchmarking feature in the OP-TEE Trusted Execution Environment (TEE) driver. + +config OPTEE_VIRT_COMPAT + bool "Virtualization compatibility" + default n + depends on OPTEE + help + Makes the optee driver to announce itself as a guest, and tag + requests with a predefined vm id. + + This task is normally performed by the hypervisor. Enabling this + option allows interoperability between a system running natively + (ie without a hypervisor), and a virtualization-enabled build of + OP-TEE OS. + + If unsure, say N. + +config OPTEE_VIRT_COMPAT_VM_ID + int "Virtualization Compatibility VM ID" + default 1 + depends on OPTEE_VIRT_COMPAT + help + This sets the value of vm id that the driver will use when presenting + itself as a guest to a virtualization-enabled build of OP-TEE OS. diff --git a/drivers/tee/optee/core.c b/drivers/tee/optee/core.c index 7c6de0bc3823..2237e35f49af 100644 --- a/drivers/tee/optee/core.c +++ b/drivers/tee/optee/core.c @@ -33,8 +33,15 @@
#define DRIVER_NAME "optee"
+#define OPTEE_SMC_HV_ID 0x00 +#define OPTEE_SMC_VM_ID CONFIG_OPTEE_VIRT_COMPAT_VM_ID + #define OPTEE_SHM_NUM_PRIV_PAGES CONFIG_OPTEE_SHM_NUM_PRIV_PAGES
+#if defined(CONFIG_OPTEE_VIRT_COMPAT) + static unsigned long smc_vm_id = OPTEE_SMC_HV_ID; +#endif + /** * optee_from_msg_param() - convert from OPTEE_MSG parameters to * struct tee_param @@ -532,6 +539,9 @@ static void optee_smccc_smc(unsigned long a0, unsigned long a1, unsigned long a6, unsigned long a7, struct arm_smccc_res *res) { +#if defined(CONFIG_OPTEE_VIRT_COMPAT) + a7 = smc_vm_id; +#endif arm_smccc_smc(a0, a1, a2, a3, a4, a5, a6, a7, res); }
@@ -541,9 +551,30 @@ static void optee_smccc_hvc(unsigned long a0, unsigned long a1, unsigned long a6, unsigned long a7, struct arm_smccc_res *res) { +#if defined(CONFIG_OPTEE_VIRT_COMPAT) + a7 = smc_vm_id; +#endif arm_smccc_hvc(a0, a1, a2, a3, a4, a5, a6, a7, res); }
+#if defined(CONFIG_OPTEE_VIRT_COMPAT) +static void announce_guest_created(optee_invoke_fn *invoke_fn) +{ + struct arm_smccc_res res; + + invoke_fn(OPTEE_SMC_VM_CREATED, OPTEE_SMC_VM_ID, 0, 0, 0, 0, 0, + OPTEE_SMC_HV_ID, &res); +} + +static void announce_guest_destroyed(optee_invoke_fn *invoke_fn) +{ + struct arm_smccc_res res; + + invoke_fn(OPTEE_SMC_VM_DESTROYED, OPTEE_SMC_VM_ID, 0, 0, 0, 0, 0, + OPTEE_SMC_HV_ID, &res); +} +#endif + static optee_invoke_fn *get_invoke_func(struct device_node *np) { const char *method; @@ -648,6 +679,15 @@ static struct optee *optee_probe(struct device_node *np) optee->memremaped_shm = memremaped_shm; optee->pool = pool;
+#if defined(CONFIG_OPTEE_VIRT_COMPAT) + if (sec_caps & OPTEE_SMC_SEC_CAP_VIRTUALIZATION) { + pr_info("virtualization compatibility is enabled\n"); + announce_guest_created(invoke_fn); + /* All requests from now on should be tagged with vm id */ + smc_vm_id = OPTEE_SMC_VM_ID; + } +#endif + optee_enable_shm_cache(optee);
if (optee->sec_caps & OPTEE_SMC_SEC_CAP_DYNAMIC_SHM) @@ -686,6 +726,9 @@ static void optee_remove(struct optee *optee) */ optee_disable_shm_cache(optee);
+#if defined(CONFIG_OPTEE_VIRT_COMPAT) + announce_guest_destroyed(optee->invoke_fn); +#endif /* * The two devices has to be unregistered before we can free the * other resources. -- 2.17.1
Please mind our privacy noticehttps://www.opensynergy.com/datenschutzerklaerung/privacy-notice-for-business-partners-pursuant-to-article-13-of-the-general-data-protection-regulation-gdpr/ pursuant to Art. 13 GDPR. // Unsere Hinweise zum Datenschutz gem. Art. 13 DSGVO finden Sie hier.https://www.opensynergy.com/de/datenschutzerklaerung/datenschutzhinweise-fuer-geschaeftspartner-gem-art-13-dsgvo/
Hi Michalis,
On Tue, Oct 29, 2019 at 11:04:03AM +0100, Michalis Pappas wrote:
This patch introduces a new configuration parameter that allows the optee driver to announce itself as a guest (CONFIG_OPTEE_VIRT_COMPAT) and tag subsequent requests with a predefined vm id. A second configuration option (CONFIG_OPTEE_VIRT_COMPAT_VM_ID) allows specifying the vm id the driver will use.
This feature is useful for setups where a privileged guest needs to interact with OP-TEE OS, without the presence of a hypervisor (eg system recovery).
Enabling this option has no impact on OP-TEE OS builds that are configured without virtualization support.
Signed-off-by: Michalis Pappas mpp@opensynergy.com
drivers/tee/optee/Kconfig | 23 +++++++++++++++++++++ drivers/tee/optee/core.c | 43 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 66 insertions(+)
diff --git a/drivers/tee/optee/Kconfig b/drivers/tee/optee/Kconfig index 4728b591afd1..031dbe0ff467 100644 --- a/drivers/tee/optee/Kconfig +++ b/drivers/tee/optee/Kconfig @@ -20,3 +20,26 @@ config OPTEE_BENCHMARK help This enables benchmarking feature in the OP-TEE Trusted Execution Environment (TEE) driver.
+config OPTEE_VIRT_COMPAT
bool "Virtualization compatibility"
default n
depends on OPTEE
help
Makes the optee driver to announce itself as a guest, and tag
requests with a predefined vm id.
This task is normally performed by the hypervisor. Enabling this
option allows interoperability between a system running natively
(ie without a hypervisor), and a virtualization-enabled build of
OP-TEE OS.
If unsure, say N.
+config OPTEE_VIRT_COMPAT_VM_ID
int "Virtualization Compatibility VM ID"
default 1
depends on OPTEE_VIRT_COMPAT
help
This sets the value of vm id that the driver will use when presenting
itself as a guest to a virtualization-enabled build of OP-TEE OS.
diff --git a/drivers/tee/optee/core.c b/drivers/tee/optee/core.c index 7c6de0bc3823..2237e35f49af 100644 --- a/drivers/tee/optee/core.c +++ b/drivers/tee/optee/core.c @@ -33,8 +33,15 @@
#define DRIVER_NAME "optee"
+#define OPTEE_SMC_HV_ID 0x00
0 will do.
+#define OPTEE_SMC_VM_ID CONFIG_OPTEE_VIRT_COMPAT_VM_ID
#define OPTEE_SHM_NUM_PRIV_PAGES CONFIG_OPTEE_SHM_NUM_PRIV_PAGES
+#if defined(CONFIG_OPTEE_VIRT_COMPAT)
static unsigned long smc_vm_id = OPTEE_SMC_HV_ID;
+#endif
I'd rather not have this as a global variable. I understand that it will make this patch a bit more complicated. Perhaps optee->invoke_fn can be assigned a special callback function instead.
/**
- optee_from_msg_param() - convert from OPTEE_MSG parameters to
struct tee_param
@@ -532,6 +539,9 @@ static void optee_smccc_smc(unsigned long a0, unsigned long a1, unsigned long a6, unsigned long a7, struct arm_smccc_res *res) { +#if defined(CONFIG_OPTEE_VIRT_COMPAT)
a7 = smc_vm_id;
+#endif arm_smccc_smc(a0, a1, a2, a3, a4, a5, a6, a7, res); }
@@ -541,9 +551,30 @@ static void optee_smccc_hvc(unsigned long a0, unsigned long a1, unsigned long a6, unsigned long a7, struct arm_smccc_res *res) { +#if defined(CONFIG_OPTEE_VIRT_COMPAT)
a7 = smc_vm_id;
+#endif arm_smccc_hvc(a0, a1, a2, a3, a4, a5, a6, a7, res); }
+#if defined(CONFIG_OPTEE_VIRT_COMPAT) +static void announce_guest_created(optee_invoke_fn *invoke_fn) +{
struct arm_smccc_res res;
invoke_fn(OPTEE_SMC_VM_CREATED, OPTEE_SMC_VM_ID, 0, 0, 0, 0, 0,
OPTEE_SMC_HV_ID, &res);
+}
+static void announce_guest_destroyed(optee_invoke_fn *invoke_fn) +{
struct arm_smccc_res res;
invoke_fn(OPTEE_SMC_VM_DESTROYED, OPTEE_SMC_VM_ID, 0, 0, 0, 0, 0,
OPTEE_SMC_HV_ID, &res);
+} +#endif
static optee_invoke_fn *get_invoke_func(struct device_node *np) { const char *method; @@ -648,6 +679,15 @@ static struct optee *optee_probe(struct device_node *np) optee->memremaped_shm = memremaped_shm; optee->pool = pool;
+#if defined(CONFIG_OPTEE_VIRT_COMPAT)
if (sec_caps & OPTEE_SMC_SEC_CAP_VIRTUALIZATION) {
pr_info("virtualization compatibility is enabled\n");
announce_guest_created(invoke_fn);
/* All requests from now on should be tagged with vm id */
smc_vm_id = OPTEE_SMC_VM_ID;
}
+#endif
How is DTB handled in the recovery case? A special recovery DTB? If not there could be trouble with "method" set to "hvc". I think we need a comment in the code explaining how this should work too.
Cheers, Jens
optee_enable_shm_cache(optee); if (optee->sec_caps & OPTEE_SMC_SEC_CAP_DYNAMIC_SHM)
@@ -686,6 +726,9 @@ static void optee_remove(struct optee *optee) */ optee_disable_shm_cache(optee);
+#if defined(CONFIG_OPTEE_VIRT_COMPAT)
announce_guest_destroyed(optee->invoke_fn);
+#endif /* * The two devices has to be unregistered before we can free the * other resources. -- 2.17.1
Please mind our privacy noticehttps://www.opensynergy.com/datenschutzerklaerung/privacy-notice-for-business-partners-pursuant-to-article-13-of-the-general-data-protection-regulation-gdpr/ pursuant to Art. 13 GDPR. // Unsere Hinweise zum Datenschutz gem. Art. 13 DSGVO finden Sie hier.https://www.opensynergy.com/de/datenschutzerklaerung/datenschutzhinweise-fuer-geschaeftspartner-gem-art-13-dsgvo/
On 06.11.19 18:38, Jens Wiklander wrote:
Hi Michalis,
On Tue, Oct 29, 2019 at 11:04:03AM +0100, Michalis Pappas wrote:
This patch introduces a new configuration parameter that allows the optee driver to announce itself as a guest (CONFIG_OPTEE_VIRT_COMPAT) and tag subsequent requests with a predefined vm id. A second configuration option (CONFIG_OPTEE_VIRT_COMPAT_VM_ID) allows specifying the vm id the driver will use.
This feature is useful for setups where a privileged guest needs to interact with OP-TEE OS, without the presence of a hypervisor (eg system recovery).
Enabling this option has no impact on OP-TEE OS builds that are configured without virtualization support.
Signed-off-by: Michalis Pappas mpp@opensynergy.commailto:mpp@opensynergy.com --- drivers/tee/optee/Kconfig | 23 +++++++++++++++++++++ drivers/tee/optee/core.c | 43 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 66 insertions(+)
diff --git a/drivers/tee/optee/Kconfig b/drivers/tee/optee/Kconfig index 4728b591afd1..031dbe0ff467 100644 --- a/drivers/tee/optee/Kconfig +++ b/drivers/tee/optee/Kconfig @@ -20,3 +20,26 @@ config OPTEE_BENCHMARK help This enables benchmarking feature in the OP-TEE Trusted Execution Environment (TEE) driver. + +config OPTEE_VIRT_COMPAT + bool "Virtualization compatibility" + default n + depends on OPTEE + help + Makes the optee driver to announce itself as a guest, and tag + requests with a predefined vm id. + + This task is normally performed by the hypervisor. Enabling this + option allows interoperability between a system running natively + (ie without a hypervisor), and a virtualization-enabled build of + OP-TEE OS. + + If unsure, say N. + +config OPTEE_VIRT_COMPAT_VM_ID + int "Virtualization Compatibility VM ID" + default 1 + depends on OPTEE_VIRT_COMPAT + help + This sets the value of vm id that the driver will use when presenting + itself as a guest to a virtualization-enabled build of OP-TEE OS. diff --git a/drivers/tee/optee/core.c b/drivers/tee/optee/core.c index 7c6de0bc3823..2237e35f49af 100644 --- a/drivers/tee/optee/core.c +++ b/drivers/tee/optee/core.c @@ -33,8 +33,15 @@
#define DRIVER_NAME "optee"
+#define OPTEE_SMC_HV_ID 0x00
0 will do.
Okay, I'll update this.
+#define OPTEE_SMC_VM_ID CONFIG_OPTEE_VIRT_COMPAT_VM_ID + #define OPTEE_SHM_NUM_PRIV_PAGES CONFIG_OPTEE_SHM_NUM_PRIV_PAGES
+#if defined(CONFIG_OPTEE_VIRT_COMPAT) + static unsigned long smc_vm_id = OPTEE_SMC_HV_ID; +#endif
I'd rather not have this as a global variable. I understand that it will make this patch a bit more complicated. Perhaps optee->invoke_fn can be assigned a special callback function instead.
Okay. I assume you mean something identical to optee_smccc_smc(), that fixes arg7 to OPTEE_SMC_VM_ID.
+ /** * optee_from_msg_param() - convert from OPTEE_MSG parameters to * struct tee_param @@ -532,6 +539,9 @@ static void optee_smccc_smc(unsigned long a0, unsigned long a1, unsigned long a6, unsigned long a7, struct arm_smccc_res *res) { +#if defined(CONFIG_OPTEE_VIRT_COMPAT) + a7 = smc_vm_id; +#endif arm_smccc_smc(a0, a1, a2, a3, a4, a5, a6, a7, res); }
@@ -541,9 +551,30 @@ static void optee_smccc_hvc(unsigned long a0, unsigned long a1, unsigned long a6, unsigned long a7, struct arm_smccc_res *res) { +#if defined(CONFIG_OPTEE_VIRT_COMPAT) + a7 = smc_vm_id; +#endif arm_smccc_hvc(a0, a1, a2, a3, a4, a5, a6, a7, res); }
+#if defined(CONFIG_OPTEE_VIRT_COMPAT) +static void announce_guest_created(optee_invoke_fn *invoke_fn) +{ + struct arm_smccc_res res; + + invoke_fn(OPTEE_SMC_VM_CREATED, OPTEE_SMC_VM_ID, 0, 0, 0, 0, 0, + OPTEE_SMC_HV_ID, &res); +} + +static void announce_guest_destroyed(optee_invoke_fn *invoke_fn) +{ + struct arm_smccc_res res; + + invoke_fn(OPTEE_SMC_VM_DESTROYED, OPTEE_SMC_VM_ID, 0, 0, 0, 0, 0, + OPTEE_SMC_HV_ID, &res); +} +#endif + static optee_invoke_fn *get_invoke_func(struct device_node *np) { const char *method; @@ -648,6 +679,15 @@ static struct optee *optee_probe(struct device_node *np) optee->memremaped_shm = memremaped_shm; optee->pool = pool;
+#if defined(CONFIG_OPTEE_VIRT_COMPAT) + if (sec_caps & OPTEE_SMC_SEC_CAP_VIRTUALIZATION) { + pr_info("virtualization compatibility is enabled\n"); + announce_guest_created(invoke_fn); + /* All requests from now on should be tagged with vm id */ + smc_vm_id = OPTEE_SMC_VM_ID; + } +#endif +
How is DTB handled in the recovery case? A special recovery DTB? If not there could be trouble with "method" set to "hvc". I think we need a comment in the code explaining how this should work too.
Yes, so one could use a different DTB, or get the bootloader to update the conduit method in place, before booting the system into upgrade / recovery.
And as you mention above, there will be trouble if one sets the conduit method to HVC when booting into compatibility (ie recovery / upgrade) mode, as there is no hypervisor to handle the HVC on the other side. So the only option for the callback is to issue an SMC.
Notice that, we can only switch to the callback discussed earlier after we announce the guest. All calls prior to that will use whatever method happens to be configured in the DTB. Moreover, during the execution of optee_probe(), we don't know whether we are running with or without a hypervisor.
These two combined, introduce the following complexities:
1. When booting into compatibility mode, we cannot explicitly handle the case of a misconfigured DTB (ie one that uses HVC). 2. When booting with a hypervisor, if the system is configured to use HVC, we cannot switch to our special callback.
Possible ways to mitigate these are:
- Make stripping OPTEE_SMC_SEC_CAP_VIRTUALIZATION a requirement of the OP-TEE mediator in the hypervisor. Then, we can use its presence to detect whether we are running on top of a hypervisor or not. The downside here is that this deprives the driver side from future use of the virtualization capability. In theory this should be okay, as guests should not be aware they are running in a virtualized environment anyway.
- Mandate the use of SMC when CONFIG_OPTEE_VIRT_COMPAT is set, whether a hypervisor is present or not. Clearly this imposes a hard requirement on the hypervisor's configuration, but personally I don't see why would anyone use HVC for this. Calls to the TEE are targeting the Secure Monitor, and as such they should be issuing an SMC. Hypervisors can always to trap them, if they wish to do so.
Clearly the most flexible way is to leave it as is, add some documentation, and let adopters debug any misconfigurations.
Cheers, Jens
optee_enable_shm_cache(optee);
if (optee->sec_caps & OPTEE_SMC_SEC_CAP_DYNAMIC_SHM) @@ -686,6 +726,9 @@ static void optee_remove(struct optee *optee) */ optee_disable_shm_cache(optee);
+#if defined(CONFIG_OPTEE_VIRT_COMPAT) + announce_guest_destroyed(optee->invoke_fn); +#endif /* * The two devices has to be unregistered before we can free the * other resources. -- 2.17.1
Please mind our privacy noticehttps://www.opensynergy.com/datenschutzerklaerung/privacy-notice-for-business-partners-pursuant-to-article-13-of-the-general-data-protection-regulation-gdpr/https://www.opensynergy.com/datenschutzerklaerung/privacy-notice-for-business-partners-pursuant-to-article-13-of-the-general-data-protection-regulation-gdpr/ pursuant to Art. 13 GDPR. // Unsere Hinweise zum Datenschutz gem. Art. 13 DSGVO finden Sie hier.https://www.opensynergy.com/de/datenschutzerklaerung/datenschutzhinweise-fuer-geschaeftspartner-gem-art-13-dsgvo/https://www.opensynergy.com/de/datenschutzerklaerung/datenschutzhinweise-fuer-geschaeftspartner-gem-art-13-dsgvo/
-- Michalis Pappas Senior Software Engineer
OpenSynergy GmbH Rotherstr. 20, 10245 Berlin
p: +49 (30) 60 98 54 0 - 0 f: +49 (30) 60 98 54 0 - 99
e: michalis.pappas@opensynergy.commailto:michalis.pappas@opensynergy.com
w: www.opensynergy.comhttp://www.opensynergy.com
registered: Amtsgericht Charlottenburg, HRB 108616B
Handelsregister: Amtsgericht Charlottenburg, HRB 108616B Geschäftsführer/Managing Director: Regis Adjamah
Please mind our privacy noticehttps://www.opensynergy.com/datenschutzerklaerung/privacy-notice-for-business-partners-pursuant-to-article-13-of-the-general-data-protection-regulation-gdpr/ pursuant to Art. 13 GDPR. // Unsere Hinweise zum Datenschutz gem. Art. 13 DSGVO finden Sie hier.https://www.opensynergy.com/de/datenschutzerklaerung/datenschutzhinweise-fuer-geschaeftspartner-gem-art-13-dsgvo/