[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v1 4/6] optee: add OP-TEE mediator

To: Volodymyr Babchuk <volodymyr_babchuk@xxxxxxxx>, xen-devel@xxxxxxxxxxxxx, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, George Dunlap <George.Dunlap@xxxxxxxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Tim Deegan <tim@xxxxxxx>, Wei Liu <wei.liu2@xxxxxxxxxx>, Jens Wiklander <jens.wiklander@xxxxxxxxxx>
From: Julien Grall <julien.grall@xxxxxxx>
Date: Wed, 22 Aug 2018 18:28:47 +0100
Cc: tee-dev@xxxxxxxxxxxxxxxx
Delivery-date: Wed, 22 Aug 2018 17:29:11 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Hi,

Please only CC relevant people to the patches. This could be done easilyusing the new script add_maintainers.pl.


On 22/08/18 15:11, Volodymyr Babchuk wrote:

Add OP-TEE mediator, so guests can access OP-TEE services.

OP-TEE mediator support address translation for DomUs.
It tracks execution of STD calls, correctly handles memory-related RPC
requests, tracks buffer allocated for RPCs.

With this patch OP-TEE sucessfully passes own tests, while client is
running in DomU.

Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@xxxxxxxx>
---

  Changes from "RFC":
  - Removed special case for Dom0/HwDOM
  - No more support for plain OP-TEE (only OP-TEE with virtualization
    config enabled is supported)
  - Multiple domains is now supported
  - Pages that are shared between OP-TEE and domain are now pinned
  - Renamed CONFIG_ARM_OPTEE to CONFIG_OPTEE
  - Command buffers from domain are now shadowed by XEN
  - Mediator now filters out unknown capabilities and requests
  - call contexts, shared memory object now stored per-domain

  xen/arch/arm/tee/Kconfig            |   4 +
  xen/arch/arm/tee/Makefile           |   1 +
  xen/arch/arm/tee/optee.c            | 972 ++++++++++++++++++++++++++++++++++++

This patch is far to big to get a proper review with understanding ofthe code. Can you split it in smaller ones with appropriate commit message?

From a quick look at it, I would like to understand how the memoryallocated in Xen is bounded for a given guest? Same question for the time.

I am interested in a normal case but also in the case where someonemalicious is using that API. How much damage can it do to the hypervisor?


I will give a proper look when it is split.

Cheers,

--
Julien Grall

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH v1 4/6] optee: add OP-TEE mediator
  - From: Volodymyr Babchuk

References:
- [Xen-devel] [PATCH v1 0/6] TEE mediator (and OP-TEE) support in XEN
  - From: Volodymyr Babchuk
- [Xen-devel] [PATCH v1 4/6] optee: add OP-TEE mediator
  - From: Volodymyr Babchuk

Prev by Date: Re: [Xen-devel] [PATCH 12/34] x86/pt: only call some functions for HVM guests
Next by Date: Re: [Xen-devel] [PATCH v1 5/6] libxl: create DTS node for OP-TEE if it is enabled
Previous by thread: [Xen-devel] [PATCH v1 4/6] optee: add OP-TEE mediator
Next by thread: Re: [Xen-devel] [PATCH v1 4/6] optee: add OP-TEE mediator
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.