Re: [PATCH v6 3/6] dt/bindings: add bindings for optee

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On Mon, Nov 16, 2015 at 11:01:10AM -0600, Rob Herring wrote:
> On Thu, Oct 29, 2015 at 09:21:25AM +0100, Jens Wiklander wrote:
> > Introduces optee prefix and adds bindings for ARM TrustZone based OP-TEE
> > implementation.
> > 
> > Signed-off-by: Jens Wiklander <jens.wiklander@xxxxxxxxxx>
> > ---
> >  .../bindings/arm/firmware/optee,optee-tz.txt       | 29 ++++++++++++++++++++++
> >  .../devicetree/bindings/vendor-prefixes.txt        |  1 +
> >  2 files changed, 30 insertions(+)
> >  create mode 100644 Documentation/devicetree/bindings/arm/firmware/optee,optee-tz.txt
> > 
> > diff --git a/Documentation/devicetree/bindings/arm/firmware/optee,optee-tz.txt b/Documentation/devicetree/bindings/arm/firmware/optee,optee-tz.txt
> > new file mode 100644
> > index 0000000..0a8ed0d
> > --- /dev/null
> > +++ b/Documentation/devicetree/bindings/arm/firmware/optee,optee-tz.txt
> > @@ -0,0 +1,29 @@
> > +OP-TEE Device Tree Bindings
> > +
> > +OP-TEE is a piece of software using hardware features to provide a Trusted
> > +Execution Environment. The security can be provided with ARM TrustZone, but
> > +also by virtualization or a separate chip. As there's no single OP-TEE
> > +vendor we're using "optee" as the first part of compatible property,
> > +indicating the OP-TEE protocol is used when communicating with the secure
> > +world.
> > +
> > +* OP-TEE based on ARM TrustZone required properties:
> > +
> > +- compatible     : should contain "optee,optee-tz"
> 
> I would leave off optee as a vendor. Different implementations by 
> vendors should then add their vendor prefix as they all have the chance 
> to screw-up something. I suppose we could do "linaro" as the reference 
> implementation.

OK, I'll use "linaro" then.

> 
> > +
> > +- method         : The method of calling the OP-TEE Trusted OS. Permitted
> > +                   values are:
> > +
> > +                   "smc" : SMC #0, with the register assignments specified
> > +		           in drivers/tee/optee/optee_smc.h
> > +
> > +                   "hvc" : HVC #0, with the register assignments specified
> > +		           in drivers/tee/optee/optee_smc.h
> 
> The use here would be a guest VM calling thru to hypervisor and then 
> hypervisor calling optee?

Yes, the hypervisor needs to be involved (translating IPA to PA etc)
when invoking secure world.

> 
> > +
> > +
> > +
> > +Example:
> > +	optee {
> 
> This should go under a /firmware node similar to 
> Documentation/devicetree/bindings/arm/firmware/tlm,trusted-foundations.txt.

I tried that and discovered that a
compatible = "simple-bus";
is needed for the firmware node for optee to get probed. Is it OK to write
the example as:

firmware {
        compatible = "simple-bus";

        optee {
...

Thanks,
Jens
--
To unsubscribe from this list: send the line "unsubscribe devicetree" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Device Tree Compilter]     [Device Tree Spec]     [Linux Driver Backports]     [Video for Linux]     [Linux USB Devel]     [Linux PCI Devel]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [XFree86]     [Yosemite Backpacking]
  Powered by Linux