tee: optee: implement OCALL support

Enable Trusted Applications (TAs) to invoke functions on their
corresponding Client Application (CA).

The fundamental mechanism is one whereby upon a function invocation from
the CA to the TA, OP-TEE returns prematurely from the invocation with an
RPC. This RPC is generated after a TA calls the TEEC_InvokeCommand
equivalent function in secure world. The RPC carries information describing
the OCALL as well as its parameters. When this happens, the driver saves
the state of the current call and returns to user-mode.

The TEE Client API will have invoked the TEE_IOC_INVOKE IOCTL with a
special parameter that carries OCALL information. When the IOCTL returns
prematurely, this parameter includes information about what the CA is
expected to do on behalf of the TA along with data to be used to reply to
the request. The TEE Client API dispatches the request accordingly to the
CA proper.

Once that is done, the TEE Client API calls the TEE_IOC_INVOKE IOCTL again
with the modified OCALL parameter and associated information (such as the
result of the OCALL, and the parameters, as requested by the TA). The
driver notices that this invocation is in fact a resumption as opposed to a
brand-new invocation, and resumes the secure world thread that sent the RPC
in the first place.

Signed-off-by: Hernan Gatta <[email protected]>

Author: Hernan Gatta

drivers/tee/optee/Makefile

@@ -3,6 +3,7 @@ obj-$(CONFIG_OPTEE) += optee.o
 optee-objs += core.o
 optee-objs += cq.o
 optee-objs += call.o
+optee-objs += ocall.o
 optee-objs += rpc.o
 optee-objs += supp.o
 optee-objs += shm_pool.o