From: Jens Wiklander <jens.wiklander@linaro.org>
To: linux-kernel@vger.kernel.org, linux-mmc@vger.kernel.org,
op-tee@lists.trustedfirmware.org
Cc: Shyam Saini <shyamsaini@linux.microsoft.com>,
Ulf Hansson <ulf.hansson@linaro.org>,
Jerome Forissier <jerome.forissier@linaro.org>,
Sumit Garg <sumit.garg@linaro.org>,
Ilias Apalodimas <ilias.apalodimas@linaro.org>,
Bart Van Assche <bvanassche@acm.org>,
Randy Dunlap <rdunlap@infradead.org>,
Ard Biesheuvel <ardb@kernel.org>, Arnd Bergmann <arnd@arndb.de>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Jens Wiklander <jens.wiklander@linaro.org>
Subject: [PATCH v3 0/3] Replay Protected Memory Block (RPMB) subsystem
Date: Tue, 27 Feb 2024 16:31:29 +0100 [thread overview]
Message-ID: <20240227153132.2611499-1-jens.wiklander@linaro.org> (raw)
Hi,
This patch set introduces a new RPMB subsystem, based on patches from [1],
[2], and [3]. The RPMB subsystem aims at providing access to RPMB
partitions to other kernel drivers, in particular the OP-TEE driver. A new
user space ABI isn't needed, we can instead continue using the already
present ABI when writing the RPMB key during production.
I've added and removed things to keep only what is needed by the OP-TEE
driver. Since the posting of [3], there has been major changes in the MMC
subsystem so "mmc: block: register RPMB partition with the RPMB subsystem"
is in practice completely rewritten.
With this OP-TEE can access RPMB during early boot instead of having to
wait for user space to become available as in the current design [4].
This will benefit the efi variables [5] since we wont rely on userspace as
well as some TPM issues [6] that were solved.
The OP-TEE driver finds the correct RPMB device to interact with by
iterating over available devices until one is found with a programmed
authentication matching the one OP-TEE is using. This enables coexisting
users of other RPMBs since the owner can be determined by who knows the
authentication key.
I've put myself as a maintainer for the RPMB subsystem as I have an
interest in the OP-TEE driver to keep this in good shape. However, if you'd
rather see someone else taking the maintainership that's fine too. I'll
help keep the subsystem updated regardless.
[1] https://lore.kernel.org/lkml/20230722014037.42647-1-shyamsaini@linux.microsoft.com/
[2] https://lore.kernel.org/lkml/20220405093759.1126835-2-alex.bennee@linaro.org/
[3] https://lore.kernel.org/linux-mmc/1478548394-8184-2-git-send-email-tomas.winkler@intel.com/
[4] https://optee.readthedocs.io/en/latest/architecture/secure_storage.html#rpmb-secure-storage
[5] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c44b6be62e8dd4ee0a308c36a70620613e6fc55f
[6] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7269cba53d906cf257c139d3b3a53ad272176bca
Thanks,
Jens
Changes since v2:
* "rpmb: add Replay Protected Memory Block (RPMB) subsystem"
- Fixing documentation issues
- Adding a "depends on MMC" in the Kconfig
- Removed the class-device and the embedded device, struct rpmb_dev now
relies on the parent device for reference counting as requested
- Removed the now unneeded rpmb_ops get_resources() and put_resources()
since references are already taken in mmc_blk_alloc_rpmb_part() before
rpmb_dev_register() is called
- Added rpmb_interface_{,un}register() now that
class_interface_{,un}register() can't be used ay longer
* "mmc: block: register RPMB partition with the RPMB subsystem"
- Adding the missing error cleanup in alloc_idata()
- Taking the needed reference to md->disk in mmc_blk_alloc_rpmb_part()
instead of in mmc_rpmb_chrdev_open() and rpmb_op_mmc_get_resources()
* "optee: probe RPMB device using RPMB subsystem"
- Registering to get a notification when an RPMB device comes online
- Probes for RPMB devices each time an RPMB device comes online, until
a usable device is found
- When a usable RPMB device is found, call
optee_enumerate_devices(PTA_CMD_GET_DEVICES_RPMB)
- Pass type of rpmb in return value from OPTEE_RPC_CMD_RPMB_PROBE_NEXT
Changes since Shyam's RFC:
* Removed the remaining leftover rpmb_cdev_*() function calls
* Refactored the struct rpmb_ops with all the previous ops replaced, in
some sense closer to [3] with the route_frames() op
* Added rpmb_route_frames()
* Added struct rpmb_frame, enum rpmb_op_result, and enum rpmb_type from [3]
* Removed all functions not needed in the OP-TEE use case
* Added "mmc: block: register RPMB partition with the RPMB subsystem", based
on the commit with the same name in [3]
* Added "optee: probe RPMB device using RPMB subsystem" for integration
with OP-TEE
* Moved the RPMB driver into drivers/misc/rpmb-core.c
* Added my name to MODULE_AUTHOR() in rpmb-core.c
* Added an rpmb_mutex to serialize access to the IDA
* Removed the target parameter from all rpmb_*() functions since it's
currently unused
Jens Wiklander (3):
rpmb: add Replay Protected Memory Block (RPMB) subsystem
mmc: block: register RPMB partition with the RPMB subsystem
optee: probe RPMB device using RPMB subsystem
MAINTAINERS | 7 +
drivers/misc/Kconfig | 10 ++
drivers/misc/Makefile | 1 +
drivers/misc/rpmb-core.c | 258 ++++++++++++++++++++++++++++++
drivers/mmc/core/block.c | 153 +++++++++++++++++-
drivers/tee/optee/core.c | 55 +++++++
drivers/tee/optee/ffa_abi.c | 7 +
drivers/tee/optee/optee_private.h | 16 ++
drivers/tee/optee/optee_rpc_cmd.h | 35 ++++
drivers/tee/optee/rpc.c | 233 +++++++++++++++++++++++++++
drivers/tee/optee/smc_abi.c | 6 +
include/linux/rpmb.h | 195 ++++++++++++++++++++++
12 files changed, 974 insertions(+), 2 deletions(-)
create mode 100644 drivers/misc/rpmb-core.c
create mode 100644 include/linux/rpmb.h
base-commit: 41bccc98fb7931d63d03f326a746ac4d429c1dd3
--
2.34.1
next reply other threads:[~2024-02-27 15:31 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-27 15:31 Jens Wiklander [this message]
2024-02-27 15:31 ` [PATCH v3 1/3] rpmb: add Replay Protected Memory Block (RPMB) subsystem Jens Wiklander
2024-03-05 12:24 ` Linus Walleij
2024-03-05 12:55 ` Winkler, Tomas
2024-03-05 15:30 ` Jens Wiklander
2024-03-05 16:33 ` Avri Altman
2024-03-05 16:37 ` Arnd Bergmann
2024-03-05 16:42 ` Avri Altman
2024-04-03 8:54 ` Jens Wiklander
2024-03-05 12:29 ` Linus Walleij
2024-03-05 12:54 ` Winkler, Tomas
2024-03-05 14:16 ` Linus Walleij
2024-03-22 16:25 ` Ulf Hansson
2024-03-25 8:07 ` Avri Altman
2024-03-25 8:22 ` Winkler, Tomas
2024-03-25 13:33 ` Ulf Hansson
2024-03-25 13:44 ` Jens Wiklander
2024-03-28 6:58 ` Jens Wiklander
2024-02-27 15:31 ` [PATCH v3 2/3] mmc: block: register RPMB partition with the RPMB subsystem Jens Wiklander
2024-02-27 15:31 ` [PATCH v3 3/3] optee: probe RPMB device using " Jens Wiklander
2024-03-01 10:28 ` Sumit Garg
2024-03-28 16:09 ` Jens Wiklander
2024-04-03 12:58 ` Sumit Garg
2024-04-03 14:41 ` Jens Wiklander
2024-04-05 7:15 ` Sumit Garg
2024-04-05 11:39 ` Jens Wiklander
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240227153132.2611499-1-jens.wiklander@linaro.org \
--to=jens.wiklander@linaro.org \
--cc=ardb@kernel.org \
--cc=arnd@arndb.de \
--cc=bvanassche@acm.org \
--cc=gregkh@linuxfoundation.org \
--cc=ilias.apalodimas@linaro.org \
--cc=jerome.forissier@linaro.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mmc@vger.kernel.org \
--cc=op-tee@lists.trustedfirmware.org \
--cc=rdunlap@infradead.org \
--cc=shyamsaini@linux.microsoft.com \
--cc=sumit.garg@linaro.org \
--cc=ulf.hansson@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).