SMC: Update to AG01.06 production release

Last SMC update was to AG01.06 engineering release (see s_version.h)
this is the official patch to production AG01.06.

This update notably brings support for:
  * OMAP4 HW RNG - see new menuconfig option
  * GP devices are okay to be built with this SMC based on testing
      (even though it is not functional for GP devices, the SMC driver
      will no longer keep the device from entering suspend)

Change-Id: I974693ca73a038e2b547917e1a9556299a9bab11
Signed-off-by: Trusted Logic <smc_support@trusted-logic.com>
Signed-off-by: Jeremie Corbier <jeremie.corbier@trusted-logic.com>
Signed-off-by: Bryan Buckley <bryan.buckley@ti.com>

Conflicts:
	security/smc/Makefile

6 files changed, 204 insertions, 29 deletions

diff --git a/security/smc/Kconfig b/security/smc/Kconfig
index 16e74a3ac24..9e0a8aa879b 100644
--- a/security/smc/Kconfig
+++ b/security/smc/Kconfig
@@ -1,6 +1,16 @@
 config TF_ZEBRA
 	bool
 
+config TF_CRYPTO_RNG
+	tristate "Use OMAP4 HW RNG"
+	depends on ARCH_OMAP4 && m
+	select SECURITY_MIDDLEWARE_COMPONENT
+	default n
+	help
+	  This option enables OMAP4 HW RNG support.
+
+	  If you are unsure how to answer this question, answer N.
+
 config SECURITY_MIDDLEWARE_COMPONENT
 	tristate "Enable SMC Driver"
 	depends on ARCH_OMAP3 || ARCH_OMAP4
@@ -21,7 +31,7 @@ config SMC_KERNEL_CRYPTO
 	  This option enables crypto subsystem to use SMC and OMAP hardware
 	  accelerators.
 
-	  If you are unsure how to answer this question, answer Y.
+	  If you are unsure how to answer this question, answer N.
 
 config SECURE_TRACE
 	bool "Enable SMC secure traces"
@@ -31,6 +41,8 @@ config SECURE_TRACE
 	  This option enables traces from the SMC Protected Application to be
 	  displayed in kernel logs.
 
+	  If you are unsure how to answer this question, answer Y.
+
 config TF_DRIVER_DEBUG_SUPPORT
 	bool "Debug support"
 	depends on SECURITY_MIDDLEWARE_COMPONENT
@@ -38,6 +50,8 @@ config TF_DRIVER_DEBUG_SUPPORT
 	help
 	  This options enables debug traces in the driver.
 
+	  If you are unsure how to answer this question, answer N.
+
 config TF_DRIVER_CRYPTO_FIPS
 	bool "FIPS compliance support"
 	depends on SMC_KERNEL_CRYPTO && ARCH_OMAP4 && MODULE_EXTRA_COPY
@@ -47,7 +61,7 @@ config TF_DRIVER_CRYPTO_FIPS
           cryptographic driver: built-in test vectors for POST, and a
           device for user space programs to submit more test vectors.
 
-          If you are unsure how to answer this question, answer Y.
+          If you are unsure how to answer this question, answer N.
 
 config TF_DRIVER_FAULT_INJECTION
 	bool "Fault injection support"
@@ -57,4 +71,4 @@ config TF_DRIVER_FAULT_INJECTION
 	  This option allows forcing cryptographic operations in the SMC
 	  driver to fail.
 
-	  If you are unsure how to answer this question, answer Y.
+	  If you are unsure how to answer this question, answer N.
diff --git a/security/smc/Makefile b/security/smc/Makefile
index 8bb0c68352c..6ad55169766 100644..100755
--- a/security/smc/Makefile
+++ b/security/smc/Makefile
@@ -50,5 +50,7 @@ endif
 obj-$(CONFIG_SECURITY_MIDDLEWARE_COMPONENT) += tf_driver.o
 obj-$(CONFIG_SECURITY_MIDDLEWARE_COMPONENT) += rproc_drm.o
 
+obj-$(CONFIG_TF_CRYPTO_RNG) += tf_crypto_rng.o
+
 plus_sec := $(call as-instr,.arch_extension sec,+sec)
 AFLAGS_bridge_pub2sec.o :=-Wa,-march=armv7-a$(plus_sec)
diff --git a/security/smc/s_version.h b/security/smc/s_version.h
index 38a3f1ecbbd..016e5defe78 100644
--- a/security/smc/s_version.h
+++ b/security/smc/s_version.h
@@ -44,7 +44,7 @@
 * If this is a patch or engineering version use the following
 * defines to set the version number. Else set these values to 0.
 */
-#define S_VERSION_ENG 1
+#define S_VERSION_ENG 0
 #define S_VERSION_PATCH 0
 
 #ifdef S_VERSION_BUILD
diff --git a/security/smc/tf_comm.c b/security/smc/tf_comm.c
index af4cef608c5..59733f8458e 100644
--- a/security/smc/tf_comm.c
+++ b/security/smc/tf_comm.c
@@ -208,6 +208,7 @@ struct tf_coarse_page_table *tf_alloc_coarse_page_table(
 		}
 
 		array->type = type;
+		array->ref_count = 0;
 		INIT_LIST_HEAD(&(array->list));
 
 		/* now allocate the actual page the page descriptor describes */
@@ -499,7 +500,7 @@ inline struct page *tf_l2_page_descriptor_to_page(u32 l2_page_descriptor)
  */
 static void tf_get_l2_page_descriptor(
 	u32 *l2_page_descriptor,
-	u32 flags, struct mm_struct *mm, struct vm_area_struct *vmas)
+	u32 flags, struct mm_struct *mm)
 {
 	u32 descriptor;
 	struct page *page;
@@ -511,11 +512,6 @@ static void tf_get_l2_page_descriptor(
 	if (*l2_page_descriptor == L2_DESCRIPTOR_FAULT)
 		return;
 
-	if (vmas->vm_flags & VM_IO) {
-		*l2_page_descriptor = L2_DESCRIPTOR_FAULT;
-		dprintk(KERN_ERR "Memory mapped I/O or similar detected\n");
-		return;
-	}
 	page = (struct page *) (*l2_page_descriptor);
 
 	descriptor = TF_DEFAULT_COMMON_DESCRIPTORS;
@@ -797,8 +793,7 @@ int tf_fill_descriptor_table(
 				tf_get_l2_page_descriptor(
 					&coarse_pg_table->descriptors[j],
 					flags,
-					current->mm,
-					vmas[j]);
+					current->mm);
 				/*
 				 * Reject Strongly-Ordered or Device Memory
 				 */
@@ -821,18 +816,24 @@ int tf_fill_descriptor_table(
 					goto error;
 				}
 			}
-		} else if (is_vmalloc_addr((void *)buffer_offset_vaddr)) {
-			/* Kernel-space memory obtained through vmalloc */
+		} else {
+			/* Kernel-space memory */
 			dprintk(KERN_INFO
 				"tf_fill_descriptor_table: "
-				"vmalloc'ed buffer starting at %p\n",
+				"buffer starting at %p\n",
 			       (void *)buffer_offset_vaddr);
 			for (j = page_shift; j < pages_to_get; j++) {
 				struct page *page;
 				void *addr =
 					(void *)(buffer_offset_vaddr +
 						(j - page_shift) * PAGE_SIZE);
-				page = vmalloc_to_page(addr);
+
+				if (is_vmalloc_addr(
+						(void *) buffer_offset_vaddr))
+					page = vmalloc_to_page(addr);
+				else
+					page = virt_to_page(addr);
+
 				if (page == NULL) {
 					dprintk(KERN_ERR
 						"tf_fill_descriptor_table: "
@@ -849,20 +850,8 @@ int tf_fill_descriptor_table(
 				tf_get_l2_page_descriptor(
 					&coarse_pg_table->descriptors[j],
 					flags,
-					&init_mm,
-					vmas[j]);
+					&init_mm);
 			}
-		} else {
-			/* Other kernel-space memory */
-			dprintk(KERN_INFO
-				"tf_fill_descriptor_table: "
-				"buffer starting at virtual address %p\n",
-			       (void *)buffer_offset_vaddr);
-			dprintk(KERN_WARNING
-				"tf_fill_descriptor_table: "
-				"address type not supported\n");
-			ret = -ENOSYS;
-			goto error;
 		}
 
 		dmac_flush_range((void *)coarse_pg_table->descriptors,
diff --git a/security/smc/tf_crypto_aes.c b/security/smc/tf_crypto_aes.c
index 3457e7af3d0..cb340a354ee 100644
--- a/security/smc/tf_crypto_aes.c
+++ b/security/smc/tf_crypto_aes.c
@@ -900,6 +900,7 @@ static int aes_dma_stop(struct aes_hwa_ctx *ctx)
 	} else {
 		dma_unmap_sg(NULL, ctx->out_sg, 1, DMA_FROM_DEVICE);
 		dma_unmap_sg(NULL, ctx->in_sg, 1, DMA_TO_DEVICE);
+
 #ifdef CONFIG_TF_DRIVER_FAULT_INJECTION
 		tf_aes_fault_injection(paes_reg->AES_CTRL,
 			sg_virt(ctx->out_sg));
diff --git a/security/smc/tf_crypto_rng.c b/security/smc/tf_crypto_rng.c
new file mode 100644
index 00000000000..75f61ebe05e
--- /dev/null
+++ b/security/smc/tf_crypto_rng.c
@@ -0,0 +1,169 @@
+/**
+ * Copyright (c) 2011 Trusted Logic S.A.
+ * All Rights Reserved.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * version 2 as published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston,
+ * MA 02111-1307 USA
+ */
+
+/**
+ * File            : tf_crypto_rng.c
+ * Original-Author : Trusted Logic S.A. (Jeremie Corbier)
+ * Created         : 07-12-2011
+ */
+
+#include <linux/types.h>
+#include <linux/module.h>
+#include <linux/slab.h>
+#include <linux/hw_random.h>
+
+#include "tee_client_api.h"
+
+#define SERVICE_SYSTEM_UUID \
+	{ 0x56304b83, 0x5c4e, 0x4428, \
+		{ 0xb9, 0x9e, 0x60, 0x5c, 0x96, 0xae, 0x58, 0xd6 } }
+
+#define CKF_SERIAL_SESSION	0x00000004
+
+#define SERVICE_SYSTEM_PKCS11_C_GENERATERANDOM_COMMAND_ID	0x00000039
+#define SERVICE_SYSTEM_PKCS11_C_OPEN_SESSION_COMMAND_ID		0x00000042
+#define SERVICE_SYSTEM_PKCS11_C_CLOSE_SESSION_COMMAND_ID	0x00000043
+
+static struct hwrng tf_crypto_rng;
+
+static int tf_crypto_rng_read(struct hwrng *rng, void *data, size_t max,
+	bool wait)
+{
+	void *buf;
+	u32 cmd;
+	u32 crypto_session;
+	TEEC_Result ret;
+	TEEC_Operation op;
+	TEEC_Context teec_context;
+	TEEC_Session teec_session;
+	TEEC_UUID uuid = SERVICE_SYSTEM_UUID;
+	int err = 0;
+
+	buf = kmalloc(max, GFP_KERNEL);
+	if (buf == NULL)
+		return -ENOMEM;
+
+	ret = TEEC_InitializeContext(NULL, &teec_context);
+	if (ret != TEEC_SUCCESS) {
+		kfree(buf);
+		return -EFAULT;
+	}
+
+	/* Call C_OpenSession */
+	memset(&op, 0, sizeof(TEEC_Operation));
+
+	op.paramTypes = TEEC_PARAM_TYPES(TEEC_NONE, TEEC_NONE, TEEC_NONE,
+		TEEC_NONE);
+
+	ret = TEEC_OpenSession(&teec_context, &teec_session,
+		&uuid, TEEC_LOGIN_PUBLIC, NULL, &op, NULL);
+	if (ret != TEEC_SUCCESS) {
+		kfree(buf);
+		TEEC_FinalizeContext(&teec_context);
+		return -EFAULT;
+	}
+
+	memset(&op, 0, sizeof(TEEC_Operation));
+
+	op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INOUT, TEEC_NONE, TEEC_NONE,
+		TEEC_NONE);
+	op.params[0].value.a = 0;
+	op.params[0].value.b = CKF_SERIAL_SESSION;
+
+	cmd = SERVICE_SYSTEM_PKCS11_C_OPEN_SESSION_COMMAND_ID & 0x00007FFF;
+
+	ret = TEEC_InvokeCommand(&teec_session, cmd, &op, NULL);
+	if (ret != TEEC_SUCCESS) {
+		printk(KERN_ERR "%s: TEEC_InvokeCommand returned 0x%08x\n",
+			__func__, ret);
+		err = -EFAULT;
+		goto exit;
+	}
+
+	crypto_session = op.params[0].value.a;
+
+	/* Call C_GenerateRandom */
+	memset(&op, 0, sizeof(TEEC_Operation));
+
+	op.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_OUTPUT,
+		TEEC_NONE, TEEC_NONE, TEEC_NONE);
+	op.params[0].tmpref.buffer = (uint8_t *) buf;
+	op.params[0].tmpref.size = (uint32_t) max;
+
+	cmd = (crypto_session << 16) |
+		(SERVICE_SYSTEM_PKCS11_C_GENERATERANDOM_COMMAND_ID & 0x7fff);
+
+	ret = TEEC_InvokeCommand(&teec_session, cmd, &op, NULL);
+	if (ret != TEEC_SUCCESS) {
+		printk(KERN_ERR "%s: TEEC_InvokeCommand returned 0x%08x\n",
+			__func__, ret);
+		err = -EFAULT;
+	}
+
+	/* Call C_CloseSession */
+	memset(&op, 0, sizeof(TEEC_Operation));
+
+	op.paramTypes = TEEC_PARAM_TYPES(TEEC_NONE, TEEC_NONE, TEEC_NONE,
+		TEEC_NONE);
+
+	cmd = (crypto_session << 16) |
+		(SERVICE_SYSTEM_PKCS11_C_CLOSE_SESSION_COMMAND_ID & 0x7fff);
+
+	ret = TEEC_InvokeCommand(&teec_session, cmd, &op, NULL);
+	if (ret != TEEC_SUCCESS) {
+		printk(KERN_ERR "%s: TEEC_InvokeCommand returned 0x%08x\n",
+			__func__, ret);
+		err = -EFAULT;
+	}
+
+exit:
+	TEEC_CloseSession(&teec_session);
+	TEEC_FinalizeContext(&teec_context);
+
+	if (!err)
+		memcpy(data, buf, max);
+
+	kfree(buf);
+
+	if (err)
+		return err;
+	else
+		return max;
+}
+
+static int __init tf_crypto_rng_init(void)
+{
+	memset(&tf_crypto_rng, 0, sizeof(struct hwrng));
+
+	tf_crypto_rng.name = "rng-smc";
+	tf_crypto_rng.read = tf_crypto_rng_read;
+
+	return hwrng_register(&tf_crypto_rng);
+}
+module_init(tf_crypto_rng_init);
+
+static void __exit tf_crypto_rng_exit(void)
+{
+	hwrng_unregister(&tf_crypto_rng);
+}
+module_exit(tf_crypto_rng_exit);
+
+MODULE_LICENSE("GPL");
+MODULE_AUTHOR("Jeremie Corbier <jeremie.corbier@trusted-logic.com>");
+MODULE_DESCRIPTION("OMAP4 TRNG driver.");