core: OCALL support

Adds the ability for TAs to perform "Out Calls", or OCALLs. OCALLs allow
TAs to invoke commands on their corresponding CA in the same way that CAs
can invoke commands on TAs. Also, adds a new capability that reports
whether OP-TEE was built with OCALL support.

Signed-off-by: Hernan Gatta <hegatta@microsoft.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

core/arch/arm/include/kernel/thread.h

@@ -19,7 +19,7 @@
 #define THREAD_ID_0		0
 #define THREAD_ID_INVALID	-1
 
-#define THREAD_RPC_MAX_NUM_PARAMS	4
+#define THREAD_RPC_MAX_NUM_PARAMS	6
 
 #ifndef __ASSEMBLER__
 
@@ -721,6 +721,24 @@ struct mobj *thread_rpc_alloc_global_payload(size_t size);
  */
 void thread_rpc_free_global_payload(struct mobj *mobj);
 
+/**
+ * Request that the Client Application allocate shared memory for OCALL payload
+ * buffers.
+ *
+ * @size:	size in bytes of payload buffer
+ *
+ * @returns	mobj that describes allocated buffer or NULL on error
+ */
+struct mobj *thread_rpc_alloc_client_app_payload(size_t size);
+
+/**
+ * Free physical memory previously allocated with
+ * thread_rpc_alloc_client_app_payload()
+ *
+ * @mobj:	mobj that describes the buffer
+ */
+void thread_rpc_free_client_app_payload(struct mobj *mobj);
+
 /*
  * enum thread_shm_type - type of non-secure shared memory
  * @THREAD_SHM_TYPE_APPLICATION - user space application shared memory

core/arch/arm/include/sm/optee_smc.h

@@ -280,6 +280,8 @@
 #define OPTEE_SMC_SEC_CAP_VIRTUALIZATION	BIT(3)
 /* Secure world supports Shared Memory with a NULL reference */
 #define OPTEE_SMC_SEC_CAP_MEMREF_NULL		BIT(4)
+/* Secure world is built with OCALL support */
+#define OPTEE_SMC_SEC_CAP_OCALL			BIT(5)
 
 #define OPTEE_SMC_FUNCID_EXCHANGE_CAPABILITIES	9
 #define OPTEE_SMC_EXCHANGE_CAPABILITIES \

core/arch/arm/kernel/thread_optee_smc.c

@@ -611,3 +611,14 @@ void thread_rpc_free_global_payload(struct mobj *mobj)
 	thread_rpc_free(OPTEE_RPC_SHM_TYPE_GLOBAL, mobj_get_cookie(mobj),
 			mobj);
 }
+
+struct mobj *thread_rpc_alloc_client_app_payload(size_t size)
+{
+	return thread_rpc_alloc(size, 8, OPTEE_RPC_SHM_TYPE_CLIENT_APP);
+}
+
+void thread_rpc_free_client_app_payload(struct mobj *mobj)
+{
+	thread_rpc_free(OPTEE_RPC_SHM_TYPE_CLIENT_APP, mobj_get_cookie(mobj),
+			mobj);
+}

core/arch/arm/tee/entry_fast.c

@@ -92,6 +92,9 @@ static void tee_entry_exchange_capabilities(struct thread_smc_args *args)
 	args->a1 |= OPTEE_SMC_SEC_CAP_VIRTUALIZATION;
 #endif
 	args->a1 |= OPTEE_SMC_SEC_CAP_MEMREF_NULL;
+#if defined(CFG_OCALL)
+	args->a1 |= OPTEE_SMC_SEC_CAP_OCALL;
+#endif
 
 #if defined(CFG_CORE_DYN_SHM)
 	dyn_shm_en = core_mmu_nsec_ddr_is_defined();

core/include/optee_rpc_cmd.h

@@ -97,6 +97,12 @@
  * space application
  */
 #define OPTEE_RPC_SHM_TYPE_GLOBAL	2
+/*
+ * Memory shared with the non-secure application that is the client of the TA
+ * that requests shared memory of this type; the client could be running in
+ * non-secure user-mode or in non-secure kernel-mode
+ */
+#define OPTEE_RPC_SHM_TYPE_CLIENT_APP	3
 
 /*
  * Free shared memory previously allocated with OPTEE_RPC_CMD_SHM_ALLOC
@@ -170,6 +176,18 @@
 /* I2C master control flags */
 #define OPTEE_MSG_RPC_CMD_I2C_FLAGS_TEN_BIT	BIT(0)
 
+/*
+ * Send an OCALL to the Client Application
+ *
+ * [in]     value[0].a	    CA Command ID (i.e., OCALL# for the CA to execute)
+ * [out]    value[0].b	    OCALL return value
+ * [out]    value[0].c	    OCALL return value origin
+ * [in]     value[1].a	    UUID of TA whence OCALL originated (HI bits)
+ * [out]    value[1].b	    UUID of TA whence OCALL originated (LO bits)
+ * [in/out] any[2..5].*	    OCALL parameters as specified by the TA, if any
+ */
+#define OPTEE_RPC_CMD_OCALL		22
+
 /*
  * Definition of protocol for command OPTEE_RPC_CMD_FS
  */