When comparing UUIDs for discovered services we only compare up to the
ptr size instead of the entire UUID
Fixes: 94ccfb78a4 ("drivers: tee: optee: discover OP-TEE services")
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
If we fail to probe the optee-rng device, we print a wrong message
referring to the firmware tpm.
Fixes: 476a3d58df ("tee: optee: don't fail probe because of optee-rng")
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
In U-Boot driver model the devices can be referenced by
phandle in the U-Boot configuration nodes.
Without a valid node provided during the bind, the driver
associated to OP-TEE TA can't be referenced.
For example to force the sequence number with alias
(.flags = DM_UC_FLAG_SEQ_ALIAS)
aliases {
rng0 = &optee;
};
or other configuration:
board-sysinfo {
compatible = "vendor,sysinfo-board";
ramdom = <&optee>;
}
With this patch all drivers bound from OP-TEE service
discovery are now associated are associated to OP-TEE
node, allowing to identify by phandle the driver
provided by the TA for one UCLASS without modifying
device tree.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Makes OP-TEE to enumerate also services depending on tee-supplicant
support in U-Boot. This change allows OP-TEE services like fTPM TA
to be discovered and get a TPM device registered in U-Boot.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Fixes optee-rng driver bind sequence in optee driver to print a warning
message but not report an error status when a optee-rng service driver
fails to be bound as the optee driver itself is still fully functional.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
We currently have an if_type (interface type) and a uclass id. These are
closely related and we don't need to have both.
Drop the if_type values and use the uclass ones instead.
Maintain the existing, subtle, one-way conversion between UCLASS_USB and
UCLASS_MASS_STORAGE for now, and add a comment.
Signed-off-by: Simon Glass <sjg@chromium.org>
This change defines resources for OP-TEE service drivers to register
themselves for being bound to when OP-TEE firmware reports the related
service is supported. OP-TEE services are discovered during optee
driver probe sequence which mandates optee driver is always probe once
bound.
Discovery of optee services and binding to related U-Boot drivers is
embedded upon configuration switch CONFIG_OPTEE_SERVICE_DISCOVERY.
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Cc: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Removes local variable child in optee_probe() that is not used.
Cc: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
CONFIG_MMC only initializes drivers for devices in UCLASS_MMC, we need
to initialize drivers for devices of type IF_TYPE_MMC in UCLASS_BLK as
well because they are the child devices of devices in UCLASS_MMC. This
is required for feature RPMB since it will access eMMC in optee-os.
Signed-off-by: Judy Wang <wangjudy@microsoft.com>
[trini: Add my SoB line and adjust Judy's name in git, having emailed
off-list]
Signed-off-by: Tom Rini <trini@konsulko.com>
In U-Boot, the discovery of TA based on its UUID on the TEE bus is
not supported.
This patch only binds the driver associated to the new supported
OP-TEE TA = TA_HWRNG when this driver is enable.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Remove unused OPTEE_MSG_LOGIN_* ID macros as suitable TEE_LOGIN_* ID
macros are already defined tee.h.
Cc: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
This change ensures both U-Boot and OP-TEE see the same content
from shared memory when OP-TEE is invoked prior U-Boot relocation.
This change is required since U-Boot may execute with data cache off
while OP-TEE always enables cache on memory shared with U-Boot.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Define LOG_CATEGORY for all uclass to allow filtering with
log command.
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Right now the error messages when optee has a version mismatch or shared
memory is not configured are done with a debug().
That's not very convenient since you have to enable debugging to figure
out what's going on, although this is an actual error.
So let's switch the debug() -> dev_err() and report those explicitly.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Adds support for a working SCP03 emulation. Input parameters are
validated however the commands (enable, provision) executed by the TEE
are assumed to always succeed.
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Simon Glass <sjg@chromium.org>
This adds support for RPC test trusted application emulation, which
permits to test reverse RPC calls to TEE supplicant. Currently it covers
requests to the I2C bus from TEE.
Signed-off-by: Igor Opaniuk <igor.opaniuk@foundries.io>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
This commit gives the secure world access to the I2C bus so it can
communicate with I2C slaves (typically those would be secure elements
like the NXP SE050).
A similar service implementation has been merged in linux:
c05210ab ("drivers: optee: allow op-tee to access devices on the i2c
bus")
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
At present ofnode is present in the device even if it is never used. With
of-platdata this field is not used, so can be removed. In preparation for
this, change the access to go through inline functions.
Signed-off-by: Simon Glass <sjg@chromium.org>
This name is far too long. Rename it to remove the 'data' bits. This makes
it consistent with the platdata->plat rename.
Signed-off-by: Simon Glass <sjg@chromium.org>
We use 'priv' for private data but often use 'platdata' for platform data.
We can't really use 'pdata' since that is ambiguous (it could mean private
or platform data).
Rename some of the latter variables to end with 'plat' for consistency.
Signed-off-by: Simon Glass <sjg@chromium.org>
This construct is quite long-winded. In earlier days it made some sense
since auto-allocation was a strange concept. But with driver model now
used pretty universally, we can shorten this to 'auto'. This reduces
verbosity and makes it easier to read.
Coincidentally it also ensures that every declaration is on one line,
thus making dtoc's job easier.
Signed-off-by: Simon Glass <sjg@chromium.org>
Add optee based bnxt fw load driver.
bnxt is Broadcom NetXtreme controller Ethernet card.
This driver is used to load bnxt firmware binary using OpTEE.
Signed-off-by: Vikas Gupta <vikas.gupta@broadcom.com>
Signed-off-by: Rayagonda Kokatanur <rayagonda.kokatanur@broadcom.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Display TEE version at information level; this patch replaces
debug() call to dev_info() in print_os_revision() function.
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
At present dm/device.h includes the linux-compatible features. This
requires including linux/compat.h which in turn includes a lot of headers.
One of these is malloc.h which we thus end up including in every file in
U-Boot. Apart from the inefficiency of this, it is problematic for sandbox
which needs to use the system malloc() in some files.
Move the compatibility features into a separate header file.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present devres.h is included in all files that include dm.h but few
make use of it. Also this pulls in linux/compat which adds several more
headers. Drop the automatic inclusion and require files to include devres
themselves. This provides a good indication of which files use devres.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Anatolij Gustschin <agust@denx.de>
The mmc CID value is one of the input parameters used to provision the
RPMB key. The trusted execution environment expects this value to be
specified in big endian format.
Before this fix, on little endian systems, the value returned by the
linux kernel mmc driver differed from the one returned by u-boot.
This meant that if linux provisioned the RPMB key, u-boot would not
have access to the partition (and the other way around).
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Avoid using a typedef here which is unnecessary. Add an 'env_' prefix to
both the enum and its members to make it clear that these are related to
the environment.
Add an ENV prefix to these two flags so that it is clear what they relate
to. Also move them to env.h since they are part of the public API. Use an
enum rather than a #define to tie them together.
Signed-off-by: Simon Glass <sjg@chromium.org>
U-Boot is not supposed to use typedef for structs anymore. Also this name
is the same as the ENTRY() macro used in assembler files, and 'entry'
itself is widely used in U-Boot (>8k matches).
Drop the typedef and rename the struct to env_entry to reduce confusion.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Fix test_avb_persistent_values() pytest, which was failing because of
wrong size value provided from tee sandbox driver.
Reported-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Igor Opaniuk <igor.opaniuk@gmail.com>
AVB 2.0 spec. revision 1.1 introduces support for named persistent values
that must be tamper evident and allows AVB to store arbitrary key-value
pairs [1].
Introduce implementation of two additional AVB operations
read_persistent_value()/write_persistent_value() for retrieving/storing
named persistent values.
Correspondent pull request in the OP-TEE OS project repo [2].
[1]: https://android.googlesource.com/platform/external/avb/+/android-9.0.0_r22
[2]: https://github.com/OP-TEE/optee_os/pull/2699
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Sam Protsenko <semen.protsenko@linaro.org>
Signed-off-by: Igor Opaniuk <igor.opaniuk@gmail.com>
If OP-TEE core is compiled with support of REE FS and RPMB
at the same time (CFG_RPMB_FS ?= y; CFG_RPMB_FS ?= y), and persistent
storage API is used with TEE_STORAGE_PRIVATE storage id, it will
lead to TA panic.
E/TC:? 0 TA panicked with code 0xffff0009
.....
E/TC:? 0 Call stack:
E/TC:? 0 0x000000004002f2f8 TEE_OpenPersistentObject at
lib/libutee/tee_api_objects.c:422
In this particular case TEE_ERROR_STORAGE_NOT_AVAILABLE is more suitable
than TEE_ERROR_NOT_IMPLEMENTED, as it provides to a TA a possibility
to handle this error code [1].
>From GPD TEE Internal Core specification [2]:
TEE_ERROR_STORAGE_NOT_AVAILABLE - if the persistent object is stored in a
storage area which is currently inaccessible. It may be associated with
the device but unplugged, busy, or inaccessible for some other reason.
[1]: 94db01ef44/lib/libutee/tee_api_objects.c (L419)
[2]: https://globalplatform.org/wp-content/uploads/2018/06/GPD_TEE_Internal_Core_API_Specification_v1.1.2.50_PublicReview.pdf
Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Adds a sandbox tee driver which emulates a generic TEE with the OP-TEE
AVB TA.
Reviewed-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
[trini: Fix printf warnings in ta_avb_invoke_func, slots is uint]
Signed-off-by: Tom Rini <trini@konsulko.com>
Adds configuration option OPTEE_TA_AVB and a header file describing the
interface to the Android Verified Boot 2.0 (AVB) trusted application
provided by OP-TEE.
Tested-by: Igor Opaniuk <igor.opaniuk@linaro.org>
Reviewed-by: Igor Opaniuk <igor.opaniuk@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Adds support in optee supplicant to route signed (MACed) RPMB frames
from OP-TEE Secure OS to MMC and vice versa to manipulate the RPMB
partition.
Tested-by: Igor Opaniuk <igor.opaniuk@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
Adds a OP-TEE driver.
* Targets ARM and ARM64
* Supports using any U-Boot memory as shared memory
* Probes OP-TEE version using SMCs
* Uses OPTEE message protocol version 2 to communicate with secure world
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Igor Opaniuk <igor.opaniuk@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Adds a uclass to interface with a TEE (Trusted Execution Environment).
A TEE driver is a driver that interfaces with a trusted OS running in
some secure environment, for example, TrustZone on ARM cpus, or a
separate secure co-processor etc.
The TEE subsystem can serve a TEE driver for a Global Platform compliant
TEE, but it's not limited to only Global Platform TEEs.
The over all design is based on the TEE subsystem in the Linux kernel,
tailored for U-Boot.
Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Igor Opaniuk <igor.opaniuk@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
