add trusted execution environment (tee) driver

TEE working now for Android, tested ok with COPS!

* Updated according to review comments
- Added ST-Ericsson copyright headers to all tee files.
- Fixed problem with not using readl/writel when using ioremap.
- Fixed problem with forgetting to do iounmap on special case.
- Fixed incorrect usage when doing copy_to_user when writing to the device.
- Added architecture dependent file for the tee service that calls the secure world.
- Added support for more several inputs (sharedmemory buffers) for tee.
- Added dummy macro to map MT_MEMORY device.
- Fixed memory leak in secure world due to not closing a TEE session correctly from the kernel.
- Now we only copies input buffer from user space for tee.
- Documented structures in tee.h.
- Moved SVP implementation into arch/arm/mach-ux500 folder.
- Added new config flags for ux500 and SVP regarding TEE driver.
- Update mach-ux500/Kconfig:
  - Enable TEE_UX500 by default when using target hardware.
  - Enabel TEE_SVP by default when building simulator.
- Fix the cache sync problem: not request ROM code to clean cache
- ioremap for ICN_BASE, remove static mapping in cpu-db8500.c.
- Fix ioremap of ICN_BASE and do iounmap after use.

ST-Ericsson ID: WP269815

Change-Id: Ie861a90ec790e95fb3992e560512661693548a43
Reviewed-on: http://gerrit.lud.stericsson.com/gerrit/4168
Reviewed-by: Shujuan CHEN <shujuan.chen@stericsson.com>
Tested-by: Shujuan CHEN <shujuan.chen@stericsson.com>
Signed-off-by: Lee Jones <lee.jones@linaro.org>

1 files changed, 143 insertions, 0 deletions

diff --git a/include/linux/tee.h b/include/linux/tee.h
new file mode 100644
index 00000000000..0cdec2d254a
--- /dev/null
+++ b/include/linux/tee.h
@@ -0,0 +1,143 @@
+/*
+ * Trusted Execution Environment (TEE) interface for TrustZone enabled ARM CPUs.
+ *
+ * Copyright (C) ST-Ericsson SA 2010
+ * Author: Shujuan Chen <shujuan.chen@stericsson.com>
+ * Author: Martin Hovang <martin.xm.hovang@stericsson.com
+ * Author: Joakim Bech <joakim.xx.bech@stericsson.com>
+ * License terms: GNU General Public License (GPL) version 2
+ */
+
+#ifndef TEE_H
+#define TEE_H
+
+/* tee_cmd id values */
+#define TEED_OPEN_SESSION    0x00000000U
+#define TEED_CLOSE_SESSION   0x00000001U
+#define TEED_INVOKE          0x00000002U
+
+/* tee_retval id values */
+#define TEED_SUCCESS                0x00000000U
+#define TEED_ERROR_GENERIC          0xFFFF0000U
+#define TEED_ERROR_ACCESS_DENIED    0xFFFF0001U
+#define TEED_ERROR_CANCEL           0xFFFF0002U
+#define TEED_ERROR_ACCESS_CONFLICT  0xFFFF0003U
+#define TEED_ERROR_EXCESS_DATA      0xFFFF0004U
+#define TEED_ERROR_BAD_FORMAT       0xFFFF0005U
+#define TEED_ERROR_BAD_PARAMETERS   0xFFFF0006U
+#define TEED_ERROR_BAD_STATE        0xFFFF0007U
+#define TEED_ERROR_ITEM_NOT_FOUND   0xFFFF0008U
+#define TEED_ERROR_NOT_IMPLEMENTED  0xFFFF0009U
+#define TEED_ERROR_NOT_SUPPORTED    0xFFFF000AU
+#define TEED_ERROR_NO_DATA          0xFFFF000BU
+#define TEED_ERROR_OUT_OF_MEMORY    0xFFFF000CU
+#define TEED_ERROR_BUSY             0xFFFF000DU
+#define TEED_ERROR_COMMUNICATION    0xFFFF000EU
+#define TEED_ERROR_SECURITY         0xFFFF000FU
+#define TEED_ERROR_SHORT_BUFFER     0xFFFF0010U
+
+/* TEE origin codes */
+#define TEED_ORIGIN_DRIVER          0x00000002U
+#define TEED_ORIGIN_TEE             0x00000003U
+#define TEED_ORIGIN_TEE_APPLICATION 0x00000004U
+
+#define TEE_UUID_CLOCK_SIZE 8
+
+#define TEEC_CONFIG_PAYLOAD_REF_COUNT 4
+
+/**
+ * struct tee_uuid - Structure that represent an uuid.
+ * @timeLow: The low field of the time stamp.
+ * @timeMid: The middle field of the time stamp.
+ * @timeHiAndVersion: The high field of the timestamp multiplexed
+ *                    with the version number.
+ * @clockSeqAndNode: The clock sequence and the node.
+ *
+ * This structure have different naming (camel case) to comply with Global
+ * Platforms TEE Client API spec. This type is defined in RFC4122.
+ */
+struct tee_uuid {
+	uint32_t timeLow;
+	uint16_t timeMid;
+	uint16_t timeHiAndVersion;
+	uint8_t clockSeqAndNode[TEE_UUID_CLOCK_SIZE];
+};
+
+/**
+ * struct tee_sharedmemory - Shared memory block for TEE.
+ * @buffer: The in/out data to TEE.
+ * @size: The size of the data.
+ * @flags: Variable telling whether it is a in, out or in/out parameter.
+ */
+struct tee_sharedmemory {
+	void *buffer;
+	size_t size;
+	uint32_t flags;
+};
+
+/**
+ * struct tee_operation - Payload for sessions or invoke operation.
+ * @shm: Array containing the shared memory buffers.
+ * @flags: Tells which if memory buffers that are in use.
+ */
+struct tee_operation {
+	struct tee_sharedmemory shm[TEEC_CONFIG_PAYLOAD_REF_COUNT];
+	uint32_t flags;
+};
+
+/**
+ * struct tee_session - The session of an open tee device.
+ * @state: The current state in the linux kernel.
+ * @err: Error code (as in Global Platform TEE Client API spec)
+ * @origin: Origin for the error code (also from spec).
+ * @id: Implementation defined type, 0 if not used.
+ * @ta: The trusted application.
+ * @uuid: The uuid for the trusted application.
+ * @cmd: The command to be executed in the trusted application.
+ * @driver_cmd: The command type in the driver. This is used from a client (user
+ *              space to tell the Linux kernel whether it's a open-,
+ *              close-session or if it is an invoke command.
+ * @ta_size: The size of the trusted application.
+ * @op: The payload for the trusted application.
+ * @sync: Mutex to handle multiple use of clients.
+ *
+ * This structure is mainly used in the Linux kernel as a session context for
+ * ongoing operations. Other than that it is also used in the communication with
+ * the user space.
+ */
+struct tee_session {
+	uint32_t state;
+	uint32_t err;
+	uint32_t origin;
+	uint32_t id;
+	void *ta;
+	struct tee_uuid *uuid;
+	unsigned int cmd;
+	unsigned int driver_cmd;
+	unsigned int ta_size;
+	struct tee_operation *op;
+	struct mutex *sync;
+};
+
+/**
+ * struct tee_read - Contains the error message and the origin.
+ * @err: Error code (as in Global Platform TEE Client API spec)
+ * @origin: Origin for the error code (also from spec).
+ *
+ * This is used by user space when a user space application wants to get more
+ * information about an error.
+ */
+struct tee_read {
+	unsigned int err; /* return value */
+	unsigned int origin; /* error origin */
+};
+
+/**
+ * Function that handles the function calls to trusted applications.
+ * @param ts: The session of a operation to be executed.
+ * @param sec_cmd: The type of command to be executed, open-, close-session,
+ *                 invoke command.
+ */
+int call_sec_world(struct tee_session *ts, int sec_cmd);
+
+#endif