From patchwork Tue Sep 25 14:40:04 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jens Wiklander X-Patchwork-Id: 147465 Delivered-To: patches@linaro.org Received: by 2002:a2e:8595:0:0:0:0:0 with SMTP id b21-v6csp812339lji; Tue, 25 Sep 2018 07:40:31 -0700 (PDT) X-Received: by 2002:a2e:4619:: with SMTP id t25-v6mr1239340lja.96.1537886431566; Tue, 25 Sep 2018 07:40:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1537886431; cv=none; d=google.com; s=arc-20160816; b=u6hVfJgOu0J3ilHVjulRdKBx1LfvaBkl4lzhZfW6B6GJ80cg6x2hIHDFunimCyi7W6 DbEfK118NKA4UOCrDO8mlCMB3Q1I6qVpOFXM78CQV1iWW1k90YoCr41ew78MT1HjU79o IGvbzc71lTsruPpyiosJVWj+zXhKneLs3tDyLoRrRMMUR4/5AJflzpHiby9J37H55M6W E4vgEolIOcSByJvKF9AJvLcY8XavWZoCvDhaOa1W781APvpkiXIIP2GVbOUMg0obrNpZ uuDXRXtlawusmsQFiPwwfwtSwLX15pg6IyM8aiAsNCBr4/sckzDqbWrPtIpHtEQLi6j3 eLtA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=message-id:date:subject:cc:to:from:dkim-signature; bh=o+w9g8SWiCySHT2qV297yGP7Np1jIhY4Fa9lcqSmdU0=; b=J1IlGCJFcxuI3kcN+nhn3qRu3Q/zQOVtuDg+WAqU77uBzObw4K+9PXNh7FdJ94Y9qN 0tEq/TTaB4SZO+Qmgzl/VDXK5fd3oPmT6F3QmzwROTFTS9KTYDCa78pl/9mypvwPfuqP GZEpbBbDzqojuiN3MS6r2ZY8anoLWjsIrmmrzgr2Qu9lmMMeXy539gadqEytUn/tX5QE F9Q9Zl0ueRq/J09bspqaW/Q13+yt+MvawTouT2PjAaybm9u2DlxKjhOQXlLWhOp/k+N1 T0RdqojgT5aqG8ajUNq70b13QQJVKWTWxKs7q8g4avJdmU7A7WNdLmkVp+FSYGspIxDA HhZw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=YT2LHDol; spf=pass (google.com: domain of jens.wiklander@linaro.org designates 209.85.220.65 as permitted sender) smtp.mailfrom=jens.wiklander@linaro.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from mail-sor-f65.google.com (mail-sor-f65.google.com. [209.85.220.65]) by mx.google.com with SMTPS id x83-v6sor1167424lff.2.2018.09.25.07.40.31 for (Google Transport Security); Tue, 25 Sep 2018 07:40:31 -0700 (PDT) Received-SPF: pass (google.com: domain of jens.wiklander@linaro.org designates 209.85.220.65 as permitted sender) client-ip=209.85.220.65; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=YT2LHDol; spf=pass (google.com: domain of jens.wiklander@linaro.org designates 209.85.220.65 as permitted sender) smtp.mailfrom=jens.wiklander@linaro.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id; bh=o+w9g8SWiCySHT2qV297yGP7Np1jIhY4Fa9lcqSmdU0=; b=YT2LHDolq6NADlzgG4BPLrBOaGCIoCFkSNYDT6OTsVHYXx/08lzG538dt5EaWHzXju LFhJKhzeQdo/sBWqzvZqNnYiGgFbxjXBGBLQGjGvncArxNNhBZPDHtYEqKW/RVhskxR8 YKEkaz8Mhf5qbvZE1qzBrn7iaFSw9LvbD/zrU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=o+w9g8SWiCySHT2qV297yGP7Np1jIhY4Fa9lcqSmdU0=; b=Q5LlZY8lHM64uQT3HmqdllXRJydxpSNFk+OWI1DWFuNwk7ni+Z8F5uRkl0QnIxWusR ZKw5VfHGPoidorCVtgY8oHwuRp9HmZ7ZKNsnMJJWSRvyXZXB2a1AvrfD1Jl1Sj3qWXVT sFyWtVyJKI6QcpzE+8bZpKeRvabntwgdkD7nEFt8IDv/HOEJdIlUnJ5ICTRiJWsX6MXY A094MMVp4DlZcdmhcDD5yrxkDkPJpmNGEBJe1cKmhXqo7+1L6MvYE7KI8i4IbfeQz1OB 7oabBO8y3m0CYyCNzwWPjRagOFECApHZ/XSJa6MxIzMKWOsavcjfTl1XdBmKk8mv33Cw aVKQ== X-Gm-Message-State: ABuFfoiuKPPQhUY+mS6vuAvjUu82YThaBqTH5u6W5e6ILUulwa01Dbst sOBH6TtztREB3/SDOR1EvUmXgrIG X-Google-Smtp-Source: ACcGV61Kb0vbEuiIU1mRvT3Udrq3CcV1ctpaDV8b5ExO9yrAB7U7yw36VPqwAPceBzPSn0ZNS2H3Mg== X-Received: by 2002:a19:a715:: with SMTP id q21-v6mr1070481lfe.146.1537886430996; Tue, 25 Sep 2018 07:40:30 -0700 (PDT) Return-Path: Received: from jax.urgonet (h-84-105.A175.priv.bahnhof.se. [79.136.84.105]) by smtp.gmail.com with ESMTPSA id g14-v6sm14483lja.96.2018.09.25.07.40.29 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 25 Sep 2018 07:40:30 -0700 (PDT) From: Jens Wiklander To: u-boot@lists.denx.de Cc: Simon Glass , Igor Opaniuk , Tom Rini , Jaehoon Chung , Pierre Aubert , Albert Aribaud , Peter Griffin , Michal Simek , Jens Wiklander Subject: [PATCH v4 00/19] AVB using OP-TEE Date: Tue, 25 Sep 2018 16:40:04 +0200 Message-Id: <20180925144023.24555-1-jens.wiklander@linaro.org> X-Mailer: git-send-email 2.17.1 Hi, This adds support for storing AVB rollback indexes in the RPMB partition. The RPMB partition (content and key) is managed by OP-TEE (https://www.op-tee.org/) which is a secure OS leveraging ARM TrustZone. The Linux kernel can already support OP-TEE with reading and updating rollback indexes in the RPMB partition, the catch is that this is needed before the kernel has booted. The design here is the same as what is in the Linux kernel, with the exception that the user space daemon tee-supplicant is integrated in the OP-TEE driver here (drivers/tee/optee/supplicant.c) instead. A new uclass (UCLASS_TEE) is introduced to provide an abstraction for interfacing with a Trusted Execution Environment (TEE). There's also the OP-TEE driver using UCLASS_TEE for registration. A Trusted Application (TA) interface is added to be used by the AVB verify functions which are updated accordingly. The TA is managed by OP-TEE and is executed in a secure TrustZone protected environment. The header files drivers/tee/optee/optee_{msg,msg_supplicant,smc}.h and include/tee/optee_ta_avb.h are copied from https://github.com/OP-TEE/optee_os/tree/master more or less unmodified. They may need to be updated from time to time in order to support new features. In MMC there's a new function, mmc_rpmb_route_frames(), which as the name suggests is used to route RPMB frames to/from the MMC. This saves OP-TEE from implementing an MMC driver which would need to share resources with its counterpart here in U-Boot. This was tested on a Hikey (Kirin 620) board. I've added myself as maintainer of the TEE stuff. changes in v4: * Addressed review comments from Simon Glass * Rebased on v2018.09 * "avb_verify: bugfix avb_ops_free() skipping free" removed due to the rebase * Commits "dt/bindings: add bindings for optee", "sandbox: imply CONFIG_TEE (TEE uclass)", "tee: add sandbox driver", "avb_verify: support using OP-TEE TA AVB", "test_avb: Update pymark.buildconfigspec information for the AVB tests", "Kconfig: sandbox: enable cmd_avb and dependencies", Reviewed-by: Simon Glass * Added descriptions of additional structs and functions * In commit "avb_verify: support sandbox configuration" avoid the #ifdef CONFIG_SANDBOX in get_sector_buf() as suggested by Simon. changes in v3: * Addressed review comments from Simon Glass * A few new patches - "avb_verify: bugfix avb_ops_free() skipping free" - "tee: add sandbox driver" - "test_avb: Update pymark.buildconfigspec information for the AVB tests" - "avb_verify: support sandbox configuration" - "Kconfig: sandbox: enable cmd_avb and dependencies" * "sandbox: imply CONFIG_TEE (TEE uclass)", replacing "configs: sandbox: enable CONFIG_TEE (TEE uclass)" * Moved sandbox driver to drivers/tee and added code to emulate the AVB TA * Enabled a few AVB tests (test/py/tests/test_avb.py) for sandbox * Bugfix tee_find_device() * Commits "dm: fdt: scan for devices under /firmware too", "cmd: avb read_rb: print rb_idx in hexadecimal", "cmd: avb: print error message if command fails", "Add UCLASS_TEE for Trusted Execution Environment", "tee: add OP-TEE driver", "Documentation: tee uclass and op-tee driver", "test: tee: test TEE uclass", "arm: dt: hikey: Add optee node" and "sandbox: dt: add sandbox_tee node" Reviewed-by: Simon Glass changes in v2: * Added sandbox driver and a test in test/dm for the new TEE uclass: Commit ("test: tee: test TEE uclass") and the enabling commits ("sandbox: dt: add sandbox_tee node") and ("configs: sandbox: enable CONFIG_TEE (TEE uclass)") * Added descriptions of exported structs and functions * Added documentation for the TEE uclass and the OP-TEE driver with the new commit ("Documentation: tee uclass and op-tee driver") * Added documentation for the changes in avb_verify * Addressed review comments from Simon Glass * Added the commit ("cmd: avb: print error message if command fails") * Made a few functions static in the OP-TEE driver * Commit ("cmd: avb read_rb: print rb_idx in hexadecimal") and ("tee: optee: support AVB trusted application"); Reviewed-by: Igor Opaniuk Thanks, Jens Jens Wiklander (19): dm: fdt: scan for devices under /firmware too cmd: avb read_rb: print rb_idx in hexadecimal cmd: avb: print error message if command fails mmc: rpmb: add mmc_rpmb_route_frames() Add UCLASS_TEE for Trusted Execution Environment dt/bindings: add bindings for optee tee: add OP-TEE driver Documentation: tee uclass and op-tee driver arm: dt: hikey: Add optee node optee: support routing of rpmb data frames to mmc tee: optee: support AVB trusted application sandbox: dt: add sandbox_tee node sandbox: imply CONFIG_TEE (TEE uclass) tee: add sandbox driver test: tee: test TEE uclass avb_verify: support using OP-TEE TA AVB test_avb: Update pymark.buildconfigspec information for the AVB tests avb_verify: support sandbox configuration Kconfig: sandbox: enable cmd_avb and dependencies MAINTAINERS | 7 + arch/Kconfig | 5 + arch/arm/dts/hi6220-hikey.dts | 7 + arch/sandbox/dts/sandbox.dts | 4 + arch/sandbox/dts/sandbox64.dts | 4 + arch/sandbox/dts/test.dts | 4 + cmd/avb.c | 19 +- common/avb_verify.c | 118 +++- doc/README.avb2 | 13 + doc/README.tee | 112 +++ .../firmware/linaro,optee-tz.txt | 31 + drivers/Kconfig | 2 + drivers/Makefile | 1 + drivers/core/root.c | 15 +- drivers/fastboot/Kconfig | 2 + drivers/mmc/rpmb.c | 160 +++++ drivers/tee/Kconfig | 35 + drivers/tee/Makefile | 5 + drivers/tee/optee/Kconfig | 27 + drivers/tee/optee/Makefile | 5 + drivers/tee/optee/core.c | 662 ++++++++++++++++++ drivers/tee/optee/optee_msg.h | 425 +++++++++++ drivers/tee/optee/optee_msg_supplicant.h | 240 +++++++ drivers/tee/optee/optee_private.h | 65 ++ drivers/tee/optee/optee_smc.h | 450 ++++++++++++ drivers/tee/optee/rpmb.c | 181 +++++ drivers/tee/optee/supplicant.c | 96 +++ drivers/tee/sandbox.c | 308 ++++++++ drivers/tee/tee-uclass.c | 233 ++++++ include/avb_verify.h | 7 +- include/dm/uclass-id.h | 1 + include/mmc.h | 19 + include/sandboxtee.h | 21 + include/tee.h | 374 ++++++++++ include/tee/optee_ta_avb.h | 48 ++ test/dm/Makefile | 1 + test/dm/tee.c | 98 +++ test/py/tests/test_avb.py | 8 +- 38 files changed, 3802 insertions(+), 11 deletions(-) create mode 100644 doc/README.tee create mode 100644 doc/device-tree-bindings/firmware/linaro,optee-tz.txt create mode 100644 drivers/tee/Kconfig create mode 100644 drivers/tee/Makefile create mode 100644 drivers/tee/optee/Kconfig create mode 100644 drivers/tee/optee/Makefile create mode 100644 drivers/tee/optee/core.c create mode 100644 drivers/tee/optee/optee_msg.h create mode 100644 drivers/tee/optee/optee_msg_supplicant.h create mode 100644 drivers/tee/optee/optee_private.h create mode 100644 drivers/tee/optee/optee_smc.h create mode 100644 drivers/tee/optee/rpmb.c create mode 100644 drivers/tee/optee/supplicant.c create mode 100644 drivers/tee/sandbox.c create mode 100644 drivers/tee/tee-uclass.c create mode 100644 include/sandboxtee.h create mode 100644 include/tee.h create mode 100644 include/tee/optee_ta_avb.h create mode 100644 test/dm/tee.c -- 2.17.1