[PATCH v3 0/4] firmware: Add support for Qualcomm UEFI Secure Application

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This series adds basic support for the QSEECOM interface used to
communicate with secure applications running in the TrustZone on certain
Qualcomm devices. In addition to that, it also provides a driver for
"uefisecapp", the secure application managing access to UEFI variables
on such platforms.

For a more detailed description, see the blurb of v1.

Previous versions:

 - V2: https://lore.kernel.org/lkml/20230127184650.756795-1-luzmaximilian@xxxxxxxxx/
 - V1: https://lore.kernel.org/lkml/20220723224949.1089973-1-luzmaximilian@xxxxxxxxx/


This series depends on the following series:

 - "efi: efivars: drop kobject from efivars_register()"
   (https://lore.kernel.org/lkml/20230117124310.16594-1-johan+linaro@xxxxxxxxxx/)

 - "efi: verify that variable services are supported"
   (https://lore.kernel.org/lkml/20230119164255.28091-1-johan+linaro@xxxxxxxxxx/)

   with subsequent fix

   "efivarfs: fix NULL-deref on mount when no efivars"
   (https://lore.kernel.org/lkml/20230126112129.4602-1-johan+linaro@xxxxxxxxxx/)

which have all been included in the "next" branch of

  https://git.kernel.org/pub/scm/linux/kernel/git/efi/efi.git


Changes in v3:

 - Fix doc comment in qcom_scm.c
 - Rebase on top of latest changes to qcom_scm.

Changes in v2:

 - Bind the qseecom interface to a device.

 - Establish a device link between the new qseecom device and the SCM
   device to ensure proper PM and remove ordering.

 - Remove the compatible for uefisecapp. Instead, introduce a compatible
   for the qseecom device. This directly reflects ACPI tables and the
   QCOM0476 device described therein, which is responsible for the
   secure app / qseecom interface (i.e., the same purpose).

   Client devices representing apps handled by the kernel (such as
   uefisecapp) are now directly instantiated by the qseecom driver,
   based on the respective platform-specific compatible.

 - Rename the base name (qctree -> qseecom) to allow differentiation
   between old (qseecom) and new (smcinvoke) interfaces to the trusted
   execution environment. This directly reflects downstream naming by
   Qualcomm.


Maximilian Luz (4):
  firmware: qcom_scm: Export SCM call functions
  firmware: Add support for Qualcomm Secure Execution Environment SCM
    interface
  dt-bindings: firmware: Add Qualcomm QSEECOM interface
  firmware: Add support for Qualcomm UEFI Secure Application

 .../bindings/firmware/qcom,qseecom.yaml       |  49 ++
 MAINTAINERS                                   |  14 +
 drivers/firmware/Kconfig                      |  31 +
 drivers/firmware/Makefile                     |   2 +
 drivers/firmware/qcom_qseecom.c               | 323 ++++++++
 drivers/firmware/qcom_qseecom_uefisecapp.c    | 746 ++++++++++++++++++
 drivers/firmware/qcom_scm.c                   | 120 ++-
 drivers/firmware/qcom_scm.h                   |  47 --
 include/linux/firmware/qcom/qcom_qseecom.h    | 190 +++++
 include/linux/firmware/qcom/qcom_scm.h        |  49 ++
 10 files changed, 1484 insertions(+), 87 deletions(-)
 create mode 100644 Documentation/devicetree/bindings/firmware/qcom,qseecom.yaml
 create mode 100644 drivers/firmware/qcom_qseecom.c
 create mode 100644 drivers/firmware/qcom_qseecom_uefisecapp.c
 create mode 100644 include/linux/firmware/qcom/qcom_qseecom.h

-- 
2.39.2




[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [Linux for Sparc]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux