On Fri, Jun 21, 2024 at 04:37:59PM +0200, Arnaud Pouliquen wrote: > The new TEE remoteproc device is used to manage remote firmware in a Device or driver? > secure, trusted context. The 'st,stm32mp1-m4-tee' compatibility is > introduced to delegate the loading of the firmware to the trusted > execution context. In such cases, the firmware should be signed and > adhere to the image format defined by the TEE. > > Signed-off-by: Arnaud Pouliquen <arnaud.pouliquen@xxxxxxxxxxx> > --- > drivers/remoteproc/stm32_rproc.c | 63 ++++++++++++++++++++++++++++++-- > 1 file changed, 60 insertions(+), 3 deletions(-) > > diff --git a/drivers/remoteproc/stm32_rproc.c b/drivers/remoteproc/stm32_rproc.c > index 8cd838df4e92..fd905b3cf206 100644 > --- a/drivers/remoteproc/stm32_rproc.c > +++ b/drivers/remoteproc/stm32_rproc.c > @@ -18,6 +18,7 @@ > #include <linux/pm_wakeirq.h> > #include <linux/regmap.h> > #include <linux/remoteproc.h> > +#include <linux/remoteproc_tee.h> > #include <linux/reset.h> > #include <linux/slab.h> > #include <linux/workqueue.h> > @@ -257,6 +258,19 @@ static int stm32_rproc_release(struct rproc *rproc) > return 0; > } > > +static int stm32_rproc_tee_stop(struct rproc *rproc) > +{ > + int err; > + > + stm32_rproc_request_shutdown(rproc); > + > + err = tee_rproc_stop(rproc); > + if (err) > + return err; > + > + return stm32_rproc_release(rproc); > +} > + > static int stm32_rproc_prepare(struct rproc *rproc) > { > struct device *dev = rproc->dev.parent; > @@ -693,8 +707,20 @@ static const struct rproc_ops st_rproc_ops = { > .get_boot_addr = rproc_elf_get_boot_addr, > }; > > +static const struct rproc_ops st_rproc_tee_ops = { > + .prepare = stm32_rproc_prepare, > + .start = tee_rproc_start, > + .stop = stm32_rproc_tee_stop, > + .kick = stm32_rproc_kick, > + .load = tee_rproc_load_fw, > + .parse_fw = tee_rproc_parse_fw, > + .find_loaded_rsc_table = tee_rproc_find_loaded_rsc_table, > + > +}; > + > static const struct of_device_id stm32_rproc_match[] = { > { .compatible = "st,stm32mp1-m4" }, > + { .compatible = "st,stm32mp1-m4-tee" }, > {}, > }; > MODULE_DEVICE_TABLE(of, stm32_rproc_match); > @@ -853,17 +879,42 @@ static int stm32_rproc_probe(struct platform_device *pdev) > struct device *dev = &pdev->dev; > struct stm32_rproc *ddata; > struct device_node *np = dev->of_node; > + struct tee_rproc *trproc = NULL; > struct rproc *rproc; > unsigned int state; > + u32 proc_id; > int ret; > > ret = dma_coerce_mask_and_coherent(dev, DMA_BIT_MASK(32)); > if (ret) > return ret; > > - rproc = devm_rproc_alloc(dev, np->name, &st_rproc_ops, NULL, sizeof(*ddata)); > - if (!rproc) > - return -ENOMEM; > + if (of_device_is_compatible(np, "st,stm32mp1-m4-tee")) { > + /* > + * Delegate the firmware management to the secure context. > + * The firmware loaded has to be signed. > + */ > + ret = of_property_read_u32(np, "st,proc-id", &proc_id); > + if (ret) { > + dev_err(dev, "failed to read st,rproc-id property\n"); > + return ret; > + } > + > + rproc = devm_rproc_alloc(dev, np->name, &st_rproc_tee_ops, NULL, sizeof(*ddata)); > + if (!rproc) > + return -ENOMEM; > + > + trproc = tee_rproc_register(dev, rproc, proc_id); > + if (IS_ERR(trproc)) { > + dev_err_probe(dev, PTR_ERR(trproc), > + "signed firmware not supported by TEE\n"); > + return PTR_ERR(trproc); > + } > + } else { > + rproc = devm_rproc_alloc(dev, np->name, &st_rproc_ops, NULL, sizeof(*ddata)); > + if (!rproc) > + return -ENOMEM; > + } > > ddata = rproc->priv; > > @@ -915,6 +966,9 @@ static int stm32_rproc_probe(struct platform_device *pdev) > dev_pm_clear_wake_irq(dev); > device_init_wakeup(dev, false); > } > + if (trproc) > + tee_rproc_unregister(trproc); > + > return ret; > } > > @@ -935,6 +989,9 @@ static void stm32_rproc_remove(struct platform_device *pdev) > dev_pm_clear_wake_irq(dev); > device_init_wakeup(dev, false); > } > + if (rproc->tee_interface) > + tee_rproc_unregister(rproc->tee_interface); > + > } > > static int stm32_rproc_suspend(struct device *dev) > -- > 2.25.1 >