system/dev/tee/optee/optee-controller.h - zircon/ - Git at Google

 // Copyright 2018 The Fuchsia Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #pragma once

 #include <ddk/protocol/platform-device-lib.h>
 #include <ddk/protocol/platform/device.h>
 #include <ddktl/device.h>
 #include <ddktl/protocol/empty-protocol.h>
 #include <fbl/function.h>
 #include <fbl/intrusive_double_list.h>
 #include <fbl/mutex.h>
 #include <fbl/unique_ptr.h>
 #include <fuchsia/hardware/tee/c/fidl.h>
 #include <zircon/thread_annotations.h>

 #include "optee-message.h"
 #include "optee-smc.h"
 #include "shared-memory.h"

 namespace optee {

 class OpteeClient;

 class OpteeController;
 using OpteeControllerBase = ddk::Device<OpteeController, ddk::Openable, ddk::Unbindable>;
 using OpteeControllerProtocol = ddk::EmptyProtocol<ZX_PROTOCOL_TEE>;
 class OpteeController : public OpteeControllerBase,
                         public OpteeControllerProtocol {
 public:
     using RpcHandler = fbl::Function<zx_status_t(const RpcFunctionArgs&, RpcFunctionResult*)>;

     explicit OpteeController(zx_device_t* parent)
         : OpteeControllerBase(parent) {}

     OpteeController(const OpteeController&) = delete;
     OpteeController& operator=(const OpteeController&) = delete;

     zx_status_t Bind();

     zx_status_t DdkOpen(zx_device_t** out_dev, uint32_t flags);
     void DdkUnbind();
     void DdkRelease();

     // Client FIDL commands
     zx_status_t GetOsInfo(fidl_txn_t* txn) const;

     void RemoveClient(OpteeClient* client);

     uint32_t CallWithMessage(const Message& message, RpcHandler rpc_handler);

     SharedMemoryManager::DriverMemoryPool* driver_pool() const {
         return shared_memory_manager_->driver_pool();
     }

     SharedMemoryManager::ClientMemoryPool* client_pool() const {
         return shared_memory_manager_->client_pool();
     }

 private:
     zx_status_t ValidateApiUid() const;
     zx_status_t ValidateApiRevision() const;
     zx_status_t GetOsRevision();
     zx_status_t ExchangeCapabilities();
     void AddClient(OpteeClient* client);
     void CloseClients();
     zx_status_t InitializeSharedMemory();
     zx_status_t DiscoverSharedMemoryConfig(zx_paddr_t* out_start_addr, size_t* out_size);

     pdev_protocol_t pdev_proto_ = {};
     // TODO(rjascani): Eventually, the secure_monitor_ object should be an owned resource object
     // created and provided to us by our parent. For now, we're simply stashing a copy of the
     // root resource so that we can make zx_smc_calls. We can make that switch when we can properly
     // craft a resource object dedicated only to secure monitor calls targetting the Trusted OS.
     zx_handle_t secure_monitor_ = ZX_HANDLE_INVALID;
     uint32_t secure_world_capabilities_ = 0;
     fuchsia_hardware_tee_OsRevision os_revision_ = {};
     fbl::Mutex clients_lock_;
     fbl::DoublyLinkedList<OpteeClient*> clients_ TA_GUARDED(clients_lock_);
     fbl::unique_ptr<SharedMemoryManager> shared_memory_manager_;
 };

 } // namespace optee
	// Copyright 2018 The Fuchsia Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#pragma once

	#include <ddk/protocol/platform-device-lib.h>
	#include <ddk/protocol/platform/device.h>
	#include <ddktl/device.h>
	#include <ddktl/protocol/empty-protocol.h>
	#include <fbl/function.h>
	#include <fbl/intrusive_double_list.h>
	#include <fbl/mutex.h>
	#include <fbl/unique_ptr.h>
	#include <fuchsia/hardware/tee/c/fidl.h>
	#include <zircon/thread_annotations.h>

	#include "optee-message.h"
	#include "optee-smc.h"
	#include "shared-memory.h"

	namespace optee {

	class OpteeClient;

	class OpteeController;
	using OpteeControllerBase = ddk::Device<OpteeController, ddk::Openable, ddk::Unbindable>;
	using OpteeControllerProtocol = ddk::EmptyProtocol<ZX_PROTOCOL_TEE>;
	class OpteeController : public OpteeControllerBase,
	public OpteeControllerProtocol {
	public:
	using RpcHandler = fbl::Function<zx_status_t(const RpcFunctionArgs&, RpcFunctionResult*)>;

	explicit OpteeController(zx_device_t* parent)
	: OpteeControllerBase(parent) {}

	OpteeController(const OpteeController&) = delete;
	OpteeController& operator=(const OpteeController&) = delete;

	zx_status_t Bind();

	zx_status_t DdkOpen(zx_device_t** out_dev, uint32_t flags);
	void DdkUnbind();
	void DdkRelease();

	// Client FIDL commands
	zx_status_t GetOsInfo(fidl_txn_t* txn) const;

	void RemoveClient(OpteeClient* client);

	uint32_t CallWithMessage(const Message& message, RpcHandler rpc_handler);

	SharedMemoryManager::DriverMemoryPool* driver_pool() const {
	return shared_memory_manager_->driver_pool();
	}

	SharedMemoryManager::ClientMemoryPool* client_pool() const {
	return shared_memory_manager_->client_pool();
	}

	private:
	zx_status_t ValidateApiUid() const;
	zx_status_t ValidateApiRevision() const;
	zx_status_t GetOsRevision();
	zx_status_t ExchangeCapabilities();
	void AddClient(OpteeClient* client);
	void CloseClients();
	zx_status_t InitializeSharedMemory();
	zx_status_t DiscoverSharedMemoryConfig(zx_paddr_t* out_start_addr, size_t* out_size);

	pdev_protocol_t pdev_proto_ = {};
	// TODO(rjascani): Eventually, the secure_monitor_ object should be an owned resource object
	// created and provided to us by our parent. For now, we're simply stashing a copy of the
	// root resource so that we can make zx_smc_calls. We can make that switch when we can properly
	// craft a resource object dedicated only to secure monitor calls targetting the Trusted OS.
	zx_handle_t secure_monitor_ = ZX_HANDLE_INVALID;
	uint32_t secure_world_capabilities_ = 0;
	fuchsia_hardware_tee_OsRevision os_revision_ = {};
	fbl::Mutex clients_lock_;
	fbl::DoublyLinkedList<OpteeClient*> clients_ TA_GUARDED(clients_lock_);
	fbl::unique_ptr<SharedMemoryManager> shared_memory_manager_;
	};

	} // namespace optee