From patchwork Mon Aug 27 11:50:19 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sumit Garg X-Patchwork-Id: 145182 Delivered-To: patch@linaro.org Received: by 2002:a2e:1648:0:0:0:0:0 with SMTP id 8-v6csp4090929ljw; Mon, 27 Aug 2018 04:51:12 -0700 (PDT) X-Google-Smtp-Source: ANB0VdY1lEViLbt5mcIA8O8JwxOFWIDzZDJMdSJVRCbnhvzo9fBGqGv8XvCPJH3LK+GziHlS/BOK X-Received: by 2002:a17:902:7c8e:: with SMTP id y14-v6mr12946783pll.259.1535370672324; Mon, 27 Aug 2018 04:51:12 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1535370672; cv=none; d=google.com; s=arc-20160816; b=lzjQ1/iSw8ddhw4UYkckVeXrs8e1n3q7hp/HW3as4NpHjWm2VPNHKUKxkO1F3heK7b Lc+uydyCBrp3rW0/wtVPjeJAObNCLgZ49CjzLu/I2N3gGjUyLpDaCLvrtSScSFO9VBWm WwfMyOw7EQqdZFNnJZEJzXToCkRAY0LGSQ/s6ehBMFvxDX63sghvWl1XQe9O3F4/6Tyx B557bO6JsPieJ8bXHPTbc7Xs8WZ+1Xnc62OHHXFI97UXs+4ordStThQiQW2zGQpcmRIp qC7+AD0ItR5j3IYqe4VcM7/xHf/5CmK4L/EtYfXb2NeBiSMsQKHYDc4sqnxgmT7VNSQF advw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:references:in-reply-to:message-id:date :to:from:dkim-signature:delivered-to:arc-authentication-results; bh=HNDBIL3f2xFAO1YN7Y2GuFI7VCsibhF2KtGHh6t4h+U=; b=moPWOjvBmMMV1ViLu4cQLlc1HnkmyKzKoW6Nggm3RkBuTuPJE0TvEAfoxYC68gqJFC MPIlEqivWBe0lXq0T3e6zoTxFTJ7sDbpb6aZWK1UMIPu3GpNyxdBEtbukni3soLwy2MN lpJVnV4VndRFCaRO2C8bQzjUOmr2IHgqpDsRi2Wx9Bkhw3wCDcJmr1lU5y/2ycqL1yM0 C7L5MkwWmenop71gxlLLgq/0VivVQlFMJc4ymv7B+aFhf8+Sij358RYxZtW1tQnQJogt gXX8Gwn/o5GoxPe/h9I9UD0MbouMN+7CcZzlOT/Z3InCrNY4EXWTkJeaAKcbBr/skfhJ ZCSA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=MZRwyoJG; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 2001:19d0:306:5::1 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from ml01.01.org (ml01.01.org. [2001:19d0:306:5::1]) by mx.google.com with ESMTPS id t32-v6si1719780pgl.484.2018.08.27.04.51.12 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 27 Aug 2018 04:51:12 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 2001:19d0:306:5::1 as permitted sender) client-ip=2001:19d0:306:5::1; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=MZRwyoJG; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 2001:19d0:306:5::1 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id D8934210FC0C3; Mon, 27 Aug 2018 04:51:11 -0700 (PDT) X-Original-To: edk2-devel@lists.01.org Delivered-To: edk2-devel@lists.01.org Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2607:f8b0:4864:20::542; helo=mail-pg1-x542.google.com; envelope-from=sumit.garg@linaro.org; receiver=edk2-devel@lists.01.org Received: from mail-pg1-x542.google.com (mail-pg1-x542.google.com [IPv6:2607:f8b0:4864:20::542]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 87DB0210FB9FA for ; Mon, 27 Aug 2018 04:51:10 -0700 (PDT) Received: by mail-pg1-x542.google.com with SMTP id r1-v6so7321932pgp.11 for ; Mon, 27 Aug 2018 04:51:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=VfmNJ5cKj+eRblHamSpHnEa1qLSW0dGOIsRM+RLXAdE=; b=MZRwyoJGvmnJN+McqLLMC6oQS9yqrqFgGN+cp2DKHeLuxArx5FNwunPreeotM7qpfc azMj8BPseWd7uCjQ3xVCMn1kTSWlze/fmhDbjEGoWBEA8EspE/IO18QiWfn1M64VqXTE pYaDj0LaJSPCOIku4LeAREsg01X5kPfNzFHLY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=VfmNJ5cKj+eRblHamSpHnEa1qLSW0dGOIsRM+RLXAdE=; b=d98J4PdE1h2jjh99CtTv+FAwCHOel1yOImdLtlD9VINoVya0pVhglaHIcV0ZePoJuU eKg1DS+/vDMg+V9xIac1A4jzSKHmoA3R5Z7pUKGog/EB26DQtBw8IxYRDZI7QfhOPdSa 9gPE6O9u8ucOBiHBaHVzevlR22PJ/1R5T4Mqszg+T1HBbnqC5zNI5ybpBjJk45VVZoE9 a3VZ1rbqxnkE9i2SCJ4O05fK2b0BNz8BLO3IF8UxwyptcgrRYUDEJJ+8hPEbC6lmWG0N Q329C5dV6Slb/dowo9Q38/IGgEQjX1datrchb4tpfEwP1XEifDvD8NQaanZtfHIAUV+V DOgQ== X-Gm-Message-State: APzg51ClaOD/By6wptH6DLDHS6fBFn2HX7Kkht28Gp5Hd4podfIZJQgl IscnXUuU+9cohupiHaF+mVjeJtWbIw8= X-Received: by 2002:a63:e647:: with SMTP id p7-v6mr11601163pgj.218.1535370669950; Mon, 27 Aug 2018 04:51:09 -0700 (PDT) Received: from localhost.localdomain ([117.212.89.101]) by smtp.gmail.com with ESMTPSA id p11-v6sm26927249pfj.72.2018.08.27.04.51.05 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 27 Aug 2018 04:51:09 -0700 (PDT) From: Sumit Garg To: edk2-devel@lists.01.org Date: Mon, 27 Aug 2018 17:20:19 +0530 Message-Id: <1535370620-10032-2-git-send-email-sumit.garg@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1535370620-10032-1-git-send-email-sumit.garg@linaro.org> References: <1535370620-10032-1-git-send-email-sumit.garg@linaro.org> Subject: [edk2] [PATCH v2 1/2] MdePkg/IndustryStandard: Add Global Plaform header file X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: daniel.thompson@linaro.org, tee-dev@lists.linaro.org, Liming Gao , Michael D Kinney MIME-Version: 1.0 Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" Add Global Plaform header file specific to TEE Client API Specification v1 . Cc: Michael D Kinney Cc: Liming Gao Cc: Ard Biesheuvel Cc: Leif Lindholm Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Sumit Garg --- MdePkg/Include/IndustryStandard/GlobalPlatform.h | 27 ++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 MdePkg/Include/IndustryStandard/GlobalPlatform.h -- 2.7.4 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel Acked-by: Ard Biesheuvel diff --git a/MdePkg/Include/IndustryStandard/GlobalPlatform.h b/MdePkg/Include/IndustryStandard/GlobalPlatform.h new file mode 100644 index 000000000000..72c5af4ef588 --- /dev/null +++ b/MdePkg/Include/IndustryStandard/GlobalPlatform.h @@ -0,0 +1,27 @@ +/** @file + Standardized Global Platform header file. GlobalPlatform TEE Client API + Specification v1.0: + + Copyright (c) 2018, Linaro Ltd. All rights reserved.
+ + This program and the accompanying materials + are licensed and made available under the terms and conditions of the BSD License + which accompanies this distribution. The full text of the license may be found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#ifndef _GLOBAL_PLATFORM_H_ +#define _GLOBAL_PLATFORM_H_ + +#define TEEC_ORIGIN_COMMS 0x00000002 + +#define TEEC_SUCCESS 0x00000000 +#define TEEC_ERROR_BAD_PARAMETERS 0xFFFF0006 +#define TEEC_ERROR_OUT_OF_MEMORY 0xFFFF000C +#define TEEC_ERROR_COMMUNICATION 0xFFFF000E + +#endif From patchwork Mon Aug 27 11:50:20 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sumit Garg X-Patchwork-Id: 145183 Delivered-To: patch@linaro.org Received: by 2002:a2e:1648:0:0:0:0:0 with SMTP id 8-v6csp4091098ljw; Mon, 27 Aug 2018 04:51:23 -0700 (PDT) X-Google-Smtp-Source: ANB0VdbxzgZpDJhR7tz87YO/3xWQ7sJOOZo6Bom/X1lQlt8IyrhRfVaJBOnTmhbX3xnJTvTk38zR X-Received: by 2002:a63:fc05:: with SMTP id j5-v6mr12034498pgi.1.1535370683478; Mon, 27 Aug 2018 04:51:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1535370683; cv=none; d=google.com; s=arc-20160816; b=hbpbHINYgNbASAzAQ7ihaHPmX5pKslEx1XvIwXVI6G0ApTGlx271MvhWhMsT4sR3Sv bhNPseJqMzEj7CjjH5TEo5obgrCQtYzZkq9Pz2hcAxM/1X5xJzTfCjcnMLYsYGGngQQC ZTuqPB+FCNuknHN55mywssa4O/TWw9crF3L3NtzVms6n4MTu3fjq44dLdQseW8OyOoyN nl2Cvbs9lsbBYz+UXYrRrAN0sakvg+crLu6Nh+dCw3lFaFMa5xBDwKoEh6xPSq3eGuQZ 9cKajn9wUdKE6/j/xYMBphvPZMK/WEJF/i5V3kzEeFxHsXnBhi4aI1bxFFKAO3MmJiDe V/1w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:references:in-reply-to:message-id:date :to:from:dkim-signature:delivered-to:arc-authentication-results; bh=/aXF31s4UfrQ83qXG5altOyBpFLP8rx5l6dJO3PEZRc=; b=GfEhVMeT8M3tR72ciLAPqvPTG+DEQ3aI9jqgmcxErfqbe86bdZwddAJnGcwOq3JeKi UDXqHu8ZmRvhtjIo2tc4aHnQRUZU5EG0Js/JPRufpHEU6TY0G66TZgPbcqKBZevx4Q00 H6YMEAd/aPNaCsW1GQwav8dPLe6Wbmk2l69GWezU+PSsMKP+JNPGtYQH2kfUquDUbxP+ TCF71fCVRqgxTvHItkqLL1t42VdLH6dLIdfPYf9u1K+wI8cx8gVORj7vU29tUqcyR2kg YRhb2ne6VtgQ1tf7LjqOSVQ4bKbSHSAZQeUyYbDIhsMZ/txJ6ltlfWAktLugdtensr7X ZUfA== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b="NmtZdZ/v"; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 2001:19d0:306:5::1 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from ml01.01.org (ml01.01.org. [2001:19d0:306:5::1]) by mx.google.com with ESMTPS id j65-v6si13581390pge.45.2018.08.27.04.51.23 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 27 Aug 2018 04:51:23 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 2001:19d0:306:5::1 as permitted sender) client-ip=2001:19d0:306:5::1; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b="NmtZdZ/v"; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 2001:19d0:306:5::1 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 1A11A210FC384; Mon, 27 Aug 2018 04:51:23 -0700 (PDT) X-Original-To: edk2-devel@lists.01.org Delivered-To: edk2-devel@lists.01.org Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2607:f8b0:4864:20::641; helo=mail-pl1-x641.google.com; envelope-from=sumit.garg@linaro.org; receiver=edk2-devel@lists.01.org Received: from mail-pl1-x641.google.com (mail-pl1-x641.google.com [IPv6:2607:f8b0:4864:20::641]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 441F9210FB9FA for ; Mon, 27 Aug 2018 04:51:21 -0700 (PDT) Received: by mail-pl1-x641.google.com with SMTP id ba4-v6so4070298plb.11 for ; Mon, 27 Aug 2018 04:51:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=X9ZuRE3ftP5/qfYpRacs9RZJ+fCuxzb7mjMIxoREZNE=; b=NmtZdZ/vHTyuExd4v9ec5/oV8j+J3dMkSeopykeC9pRpkGfKMYcwtFmoQcvja1A6hp E4R3DFS6uCM25civapzbVNKED2VLVD7d7H8DCGE+j2V9GoD0NmddOxGRw2N/fq5eFNHs RlaTNKAsD6wddGXXsvSZTeKwvcE1IIT5wQVnU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=X9ZuRE3ftP5/qfYpRacs9RZJ+fCuxzb7mjMIxoREZNE=; b=miqo2wI8w0HpZUhi6Eu/k4zuiRnAEU1jAVJhXUMbeHtvjJAg6Ao3Sd/iRc+A7JxEw+ N4uVb9AAWiLexqlQUqwXLT9yhJQ2cQ1a9GnTsJwM6zV4MwQvyVWm1XTfhgu8fs5wyQpc UqAs+/l3CLx+f6tSoD1HfcTqHNuwjQ01Wj/KNwruSnEymbeA7p9aZ9PT3xTZ2/YUpkt/ /91VDOqfEAUbrZBo1T6mDDT4DSKGt8Y1o9rA4lyDTGBbwWEiYaCa+iTB7Bc6Wj+Kwl/u ulrH1ZuKObTwtFlqQd5JL3bKQZbaGH9he/LREy/aH5r8GuRhItuDLDSLMkYeTAKbcvOn t6eg== X-Gm-Message-State: APzg51AHV7tP8OiCCCX66mxlhOgKy8oJBtLOOanJRqzYqgligwvFrpzD rIIZktTTF8uA6qYU8XcNDJg2u8FdxVc= X-Received: by 2002:a17:902:710c:: with SMTP id a12-v6mr12961686pll.28.1535370680400; Mon, 27 Aug 2018 04:51:20 -0700 (PDT) Received: from localhost.localdomain ([117.212.89.101]) by smtp.gmail.com with ESMTPSA id p11-v6sm26927249pfj.72.2018.08.27.04.51.16 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 27 Aug 2018 04:51:19 -0700 (PDT) From: Sumit Garg To: edk2-devel@lists.01.org Date: Mon, 27 Aug 2018 17:20:20 +0530 Message-Id: <1535370620-10032-3-git-send-email-sumit.garg@linaro.org> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1535370620-10032-1-git-send-email-sumit.garg@linaro.org> References: <1535370620-10032-1-git-send-email-sumit.garg@linaro.org> Subject: [edk2] [PATCH v2 2/2] ArmPkg/OpteeLib: Add APIs to communicate with OP-TEE X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: daniel.thompson@linaro.org, tee-dev@lists.linaro.org MIME-Version: 1.0 Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" Add following APIs to communicate with OP-TEE pseudo/early TAs: 1. OpteeInit 2. OpteeOpenSession 3. OpteeCloseSession 4. OpteeInvokeFunc Cc: Ard Biesheuvel Cc: Leif Lindholm Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Sumit Garg --- ArmPkg/Include/Library/OpteeLib.h | 87 +++++++++ ArmPkg/Library/OpteeLib/Optee.c | 358 +++++++++++++++++++++++++++++++++++ ArmPkg/Library/OpteeLib/OpteeLib.inf | 2 + ArmPkg/Library/OpteeLib/OpteeSmc.h | 43 +++++ 4 files changed, 490 insertions(+) create mode 100644 ArmPkg/Library/OpteeLib/OpteeSmc.h -- 2.7.4 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel diff --git a/ArmPkg/Include/Library/OpteeLib.h b/ArmPkg/Include/Library/OpteeLib.h index f65d8674d9b8..89d6b5a7b34f 100644 --- a/ArmPkg/Include/Library/OpteeLib.h +++ b/ArmPkg/Include/Library/OpteeLib.h @@ -25,10 +25,97 @@ #define OPTEE_OS_UID2 0xaf630002 #define OPTEE_OS_UID3 0xa5d5c51b +#define OPTEE_MSG_ATTR_TYPE_NONE 0x0 +#define OPTEE_MSG_ATTR_TYPE_VALUE_INPUT 0x1 +#define OPTEE_MSG_ATTR_TYPE_VALUE_OUTPUT 0x2 +#define OPTEE_MSG_ATTR_TYPE_VALUE_INOUT 0x3 +#define OPTEE_MSG_ATTR_TYPE_MEM_INPUT 0x9 +#define OPTEE_MSG_ATTR_TYPE_MEM_OUTPUT 0xa +#define OPTEE_MSG_ATTR_TYPE_MEM_INOUT 0xb + +#define OPTEE_MSG_ATTR_TYPE_MASK 0xff + +typedef struct { + UINT64 BufPtr; + UINT64 Size; + UINT64 ShmRef; +} OPTEE_MSG_PARAM_MEM; + +typedef struct { + UINT64 A; + UINT64 B; + UINT64 C; +} OPTEE_MSG_PARAM_VALUE; + +typedef struct { + UINT64 Attr; + union { + OPTEE_MSG_PARAM_MEM Mem; + OPTEE_MSG_PARAM_VALUE Value; + } U; +} OPTEE_MSG_PARAM; + +#define MAX_PARAMS 4 + +typedef struct { + UINT32 Cmd; + UINT32 Func; + UINT32 Session; + UINT32 CancelId; + UINT32 Pad; + UINT32 Ret; + UINT32 RetOrigin; + UINT32 NumParams; + + // NumParams tells the actual number of element in Params + OPTEE_MSG_PARAM Params[MAX_PARAMS]; +} OPTEE_MSG_ARG; + +#define OPTEE_UUID_LEN 16 + +typedef struct { + UINT8 Uuid[OPTEE_UUID_LEN]; // [in] UUID of the Trusted Application + UINT32 Session; // [out] Session id + UINT32 Ret; // [out] Return value + UINT32 RetOrigin; // [out] Origin of the return value +} OPTEE_OPEN_SESSION_ARG; + +typedef struct { + UINT32 Func; // [in] Trusted App func, specific to the TA + UINT32 Session; // [in] Session id + UINT32 Ret; // [out] Return value + UINT32 RetOrigin; // [out] Origin of the return value + OPTEE_MSG_PARAM Params[MAX_PARAMS]; // Params for func to be invoked +} OPTEE_INVOKE_FUNC_ARG; + BOOLEAN EFIAPI IsOpteePresent ( VOID ); +EFI_STATUS +EFIAPI +OpteeInit ( + VOID + ); + +EFI_STATUS +EFIAPI +OpteeOpenSession ( + IN OUT OPTEE_OPEN_SESSION_ARG *OpenSessionArg + ); + +EFI_STATUS +EFIAPI +OpteeCloseSession ( + IN UINT32 Session + ); + +EFI_STATUS +EFIAPI +OpteeInvokeFunc ( + IN OUT OPTEE_INVOKE_FUNC_ARG *InvokeFuncArg + ); + #endif diff --git a/ArmPkg/Library/OpteeLib/Optee.c b/ArmPkg/Library/OpteeLib/Optee.c index 574527f8b5ea..2111022d3662 100644 --- a/ArmPkg/Library/OpteeLib/Optee.c +++ b/ArmPkg/Library/OpteeLib/Optee.c @@ -14,11 +14,19 @@ **/ +#include #include +#include #include +#include #include #include +#include +#include +#include + +STATIC OPTEE_SHARED_MEMORY_INFO OpteeShmInfo = { 0 }; /** Check for OP-TEE presence. @@ -31,6 +39,7 @@ IsOpteePresent ( { ARM_SMC_ARGS ArmSmcArgs; + ZeroMem (&ArmSmcArgs, sizeof (ARM_SMC_ARGS)); // Send a Trusted OS Calls UID command ArmSmcArgs.Arg0 = ARM_SMC_ID_TOS_UID; ArmCallSmc (&ArmSmcArgs); @@ -44,3 +53,352 @@ IsOpteePresent ( return FALSE; } } + +STATIC +EFI_STATUS +OpteeShmMemRemap ( + VOID + ) +{ + ARM_SMC_ARGS ArmSmcArgs; + EFI_PHYSICAL_ADDRESS Paddr; + EFI_PHYSICAL_ADDRESS Start; + EFI_PHYSICAL_ADDRESS End; + EFI_STATUS Status; + UINTN Size; + + ZeroMem (&ArmSmcArgs, sizeof (ARM_SMC_ARGS)); + ArmSmcArgs.Arg0 = OPTEE_SMC_GET_SHM_CONFIG; + + ArmCallSmc (&ArmSmcArgs); + if (ArmSmcArgs.Arg0 != OPTEE_SMC_RETURN_OK) { + DEBUG ((DEBUG_WARN, "OP-TEE shared memory not supported\n")); + return EFI_UNSUPPORTED; + } + + if (ArmSmcArgs.Arg3 != OPTEE_SMC_SHM_CACHED) { + DEBUG ((DEBUG_WARN, "OP-TEE: Only normal cached shared memory supported\n")); + return EFI_UNSUPPORTED; + } + + Start = (ArmSmcArgs.Arg1 + SIZE_4KB - 1) & ~(SIZE_4KB - 1); + End = (ArmSmcArgs.Arg1 + ArmSmcArgs.Arg2) & ~(SIZE_4KB - 1); + Paddr = Start; + Size = End - Start; + + if (Size < SIZE_4KB) { + DEBUG ((DEBUG_WARN, "OP-TEE shared memory too small\n")); + return EFI_BUFFER_TOO_SMALL; + } + + Status = ArmSetMemoryAttributes (Paddr, Size, EFI_MEMORY_WB); + if (EFI_ERROR (Status)) { + return Status; + } + + OpteeShmInfo.Base = (UINTN)Paddr; + OpteeShmInfo.Size = Size; + + return EFI_SUCCESS; +} + +EFI_STATUS +EFIAPI +OpteeInit ( + VOID + ) +{ + EFI_STATUS Status; + + if (!IsOpteePresent ()) { + DEBUG ((DEBUG_WARN, "OP-TEE not present\n")); + return EFI_UNSUPPORTED; + } + + Status = OpteeShmMemRemap (); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_WARN, "OP-TEE shared memory remap failed\n")); + return Status; + } + + return EFI_SUCCESS; +} + +/** + Does Standard SMC to OP-TEE in secure world. + + @param[in] Parg Physical address of message to pass to secure world + + @return 0 on success, secure world return code otherwise + +**/ +STATIC +UINT32 +OpteeCallWithArg ( + IN EFI_PHYSICAL_ADDRESS Parg + ) +{ + ARM_SMC_ARGS ArmSmcArgs; + + ZeroMem (&ArmSmcArgs, sizeof (ARM_SMC_ARGS)); + ArmSmcArgs.Arg0 = OPTEE_SMC_CALL_WITH_ARG; + ArmSmcArgs.Arg1 = (UINT32)(Parg >> 32); + ArmSmcArgs.Arg2 = (UINT32)Parg; + + while (TRUE) { + ArmCallSmc (&ArmSmcArgs); + + if (ArmSmcArgs.Arg0 == OPTEE_SMC_RETURN_RPC_FOREIGN_INTR) { + // + // A foreign interrupt was raised while secure world was + // executing, since they are handled in UEFI a dummy RPC is + // performed to let UEFI take the interrupt through the normal + // vector. + // + ArmSmcArgs.Arg0 = OPTEE_SMC_RETURN_FROM_RPC; + } else { + break; + } + } + + return ArmSmcArgs.Arg0; +} + +EFI_STATUS +EFIAPI +OpteeOpenSession ( + IN OUT OPTEE_OPEN_SESSION_ARG *OpenSessionArg + ) +{ + OPTEE_MSG_ARG *MsgArg; + + MsgArg = NULL; + + if (OpteeShmInfo.Base == 0) { + DEBUG ((DEBUG_WARN, "OP-TEE not initialized\n")); + return EFI_NOT_STARTED; + } + + MsgArg = (OPTEE_MSG_ARG *)OpteeShmInfo.Base; + ZeroMem (MsgArg, sizeof (OPTEE_MSG_ARG)); + + MsgArg->Cmd = OPTEE_MSG_CMD_OPEN_SESSION; + + // + // Initialize and add the meta parameters needed when opening a + // session. + // + MsgArg->Params[0].Attr = OPTEE_MSG_ATTR_TYPE_VALUE_INPUT | + OPTEE_MSG_ATTR_META; + MsgArg->Params[1].Attr = OPTEE_MSG_ATTR_TYPE_VALUE_INPUT | + OPTEE_MSG_ATTR_META; + CopyMem (&MsgArg->Params[0].U.Value, OpenSessionArg->Uuid, OPTEE_UUID_LEN); + ZeroMem (&MsgArg->Params[1].U.Value, OPTEE_UUID_LEN); + MsgArg->Params[1].U.Value.C = TEE_LOGIN_PUBLIC; + + MsgArg->NumParams = 2; + + if (OpteeCallWithArg ((EFI_PHYSICAL_ADDRESS)MsgArg)) { + MsgArg->Ret = TEEC_ERROR_COMMUNICATION; + MsgArg->RetOrigin = TEEC_ORIGIN_COMMS; + } + + OpenSessionArg->Session = MsgArg->Session; + OpenSessionArg->Ret = MsgArg->Ret; + OpenSessionArg->RetOrigin = MsgArg->RetOrigin; + + return EFI_SUCCESS; +} + +EFI_STATUS +EFIAPI +OpteeCloseSession ( + IN UINT32 Session + ) +{ + OPTEE_MSG_ARG *MsgArg; + + MsgArg = NULL; + + if (OpteeShmInfo.Base == 0) { + DEBUG ((DEBUG_WARN, "OP-TEE not initialized\n")); + return EFI_NOT_STARTED; + } + + MsgArg = (OPTEE_MSG_ARG *)OpteeShmInfo.Base; + ZeroMem (MsgArg, sizeof (OPTEE_MSG_ARG)); + + MsgArg->Cmd = OPTEE_MSG_CMD_CLOSE_SESSION; + MsgArg->Session = Session; + + OpteeCallWithArg ((EFI_PHYSICAL_ADDRESS)MsgArg); + + return EFI_SUCCESS; +} + +STATIC +EFI_STATUS +OpteeToMsgParam ( + OUT OPTEE_MSG_PARAM *MsgParams, + IN UINT32 NumParams, + IN OPTEE_MSG_PARAM *InParams + ) +{ + UINT32 Idx; + UINTN ParamShmAddr; + UINTN ShmSize; + UINTN Size; + + Size = (sizeof (OPTEE_MSG_ARG) + sizeof (UINT64) - 1) & ~(sizeof (UINT64) - 1); + ParamShmAddr = OpteeShmInfo.Base + Size; + ShmSize = OpteeShmInfo.Size - Size; + + for (Idx = 0; Idx < NumParams; Idx++) { + CONST OPTEE_MSG_PARAM *Ip; + OPTEE_MSG_PARAM *Mp; + UINT32 Attr; + + Ip = InParams + Idx; + Mp = MsgParams + Idx; + Attr = Ip->Attr & OPTEE_MSG_ATTR_TYPE_MASK; + + switch (Attr) { + case OPTEE_MSG_ATTR_TYPE_NONE: + Mp->Attr = OPTEE_MSG_ATTR_TYPE_NONE; + ZeroMem (&Mp->U, sizeof (Mp->U)); + break; + + case OPTEE_MSG_ATTR_TYPE_VALUE_INPUT: + case OPTEE_MSG_ATTR_TYPE_VALUE_OUTPUT: + case OPTEE_MSG_ATTR_TYPE_VALUE_INOUT: + Mp->Attr = Attr; + Mp->U.Value.A = Ip->U.Value.A; + Mp->U.Value.B = Ip->U.Value.B; + Mp->U.Value.C = Ip->U.Value.C; + break; + + case OPTEE_MSG_ATTR_TYPE_MEM_INPUT: + case OPTEE_MSG_ATTR_TYPE_MEM_OUTPUT: + case OPTEE_MSG_ATTR_TYPE_MEM_INOUT: + Mp->Attr = Attr; + + if (Ip->U.Mem.Size > ShmSize) { + return EFI_OUT_OF_RESOURCES; + } + + CopyMem ((VOID *)ParamShmAddr, (VOID *)Ip->U.Mem.BufPtr, Ip->U.Mem.Size); + Mp->U.Mem.BufPtr = (UINT64)ParamShmAddr; + Mp->U.Mem.Size = Ip->U.Mem.Size; + + Size = (Ip->U.Mem.Size + sizeof (UINT64) - 1) & ~(sizeof (UINT64) - 1); + ParamShmAddr += Size; + ShmSize -= Size; + break; + + default: + return EFI_INVALID_PARAMETER; + } + } + + return EFI_SUCCESS; +} + +STATIC +EFI_STATUS +OpteeFromMsgParam ( + OUT OPTEE_MSG_PARAM *OutParams, + IN UINT32 NumParams, + IN OPTEE_MSG_PARAM *MsgParams + ) +{ + UINT32 Idx; + + for (Idx = 0; Idx < NumParams; Idx++) { + OPTEE_MSG_PARAM *Op; + CONST OPTEE_MSG_PARAM *Mp; + UINT32 Attr; + + Op = OutParams + Idx; + Mp = MsgParams + Idx; + Attr = Mp->Attr & OPTEE_MSG_ATTR_TYPE_MASK; + + switch (Attr) { + case OPTEE_MSG_ATTR_TYPE_NONE: + Op->Attr = OPTEE_MSG_ATTR_TYPE_NONE; + ZeroMem (&Op->U, sizeof (Op->U)); + break; + + case OPTEE_MSG_ATTR_TYPE_VALUE_INPUT: + case OPTEE_MSG_ATTR_TYPE_VALUE_OUTPUT: + case OPTEE_MSG_ATTR_TYPE_VALUE_INOUT: + Op->Attr = Attr; + Op->U.Value.A = Mp->U.Value.A; + Op->U.Value.B = Mp->U.Value.B; + Op->U.Value.C = Mp->U.Value.C; + break; + + case OPTEE_MSG_ATTR_TYPE_MEM_INPUT: + case OPTEE_MSG_ATTR_TYPE_MEM_OUTPUT: + case OPTEE_MSG_ATTR_TYPE_MEM_INOUT: + Op->Attr = Attr; + + if (Mp->U.Mem.Size > Op->U.Mem.Size) { + return EFI_BAD_BUFFER_SIZE; + } + + CopyMem ((VOID *)Op->U.Mem.BufPtr, (VOID *)Mp->U.Mem.BufPtr, Mp->U.Mem.Size); + Op->U.Mem.Size = Mp->U.Mem.Size; + break; + + default: + return EFI_INVALID_PARAMETER; + } + } + + return EFI_SUCCESS; +} + +EFI_STATUS +EFIAPI +OpteeInvokeFunc ( + IN OUT OPTEE_INVOKE_FUNC_ARG *InvokeFuncArg + ) +{ + EFI_STATUS Status; + OPTEE_MSG_ARG *MsgArg; + + MsgArg = NULL; + + if (OpteeShmInfo.Base == 0) { + DEBUG ((DEBUG_WARN, "OP-TEE not initialized\n")); + return EFI_NOT_STARTED; + } + + MsgArg = (OPTEE_MSG_ARG *)OpteeShmInfo.Base; + ZeroMem (MsgArg, sizeof (OPTEE_MSG_ARG)); + + MsgArg->Cmd = OPTEE_MSG_CMD_INVOKE_COMMAND; + MsgArg->Func = InvokeFuncArg->Func; + MsgArg->Session = InvokeFuncArg->Session; + + Status = OpteeToMsgParam (MsgArg->Params, MAX_PARAMS, InvokeFuncArg->Params); + if (Status) + return Status; + + MsgArg->NumParams = MAX_PARAMS; + + if (OpteeCallWithArg ((EFI_PHYSICAL_ADDRESS)MsgArg)) { + MsgArg->Ret = TEEC_ERROR_COMMUNICATION; + MsgArg->RetOrigin = TEEC_ORIGIN_COMMS; + } + + if (OpteeFromMsgParam (InvokeFuncArg->Params, MAX_PARAMS, MsgArg->Params)) { + MsgArg->Ret = TEEC_ERROR_COMMUNICATION; + MsgArg->RetOrigin = TEEC_ORIGIN_COMMS; + } + + InvokeFuncArg->Ret = MsgArg->Ret; + InvokeFuncArg->RetOrigin = MsgArg->RetOrigin; + + return EFI_SUCCESS; +} diff --git a/ArmPkg/Library/OpteeLib/OpteeLib.inf b/ArmPkg/Library/OpteeLib/OpteeLib.inf index 5abd427379cc..e03054a7167d 100644 --- a/ArmPkg/Library/OpteeLib/OpteeLib.inf +++ b/ArmPkg/Library/OpteeLib/OpteeLib.inf @@ -23,11 +23,13 @@ [Defines] [Sources] Optee.c + OpteeSmc.h [Packages] ArmPkg/ArmPkg.dec MdePkg/MdePkg.dec [LibraryClasses] + ArmMmuLib ArmSmcLib BaseLib diff --git a/ArmPkg/Library/OpteeLib/OpteeSmc.h b/ArmPkg/Library/OpteeLib/OpteeSmc.h new file mode 100644 index 000000000000..e2ea35784a0a --- /dev/null +++ b/ArmPkg/Library/OpteeLib/OpteeSmc.h @@ -0,0 +1,43 @@ +/** @file + OP-TEE SMC header file. + + Copyright (c) 2018, Linaro Ltd. All rights reserved.
+ + This program and the accompanying materials + are licensed and made available under the terms and conditions of the BSD License + which accompanies this distribution. The full text of the license may be found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#ifndef _OPTEE_SMC_H_ +#define _OPTEE_SMC_H_ + +/* Returned in Arg0 only from Trusted OS functions */ +#define OPTEE_SMC_RETURN_OK 0x0 + +#define OPTEE_SMC_RETURN_FROM_RPC 0x32000003 +#define OPTEE_SMC_CALL_WITH_ARG 0x32000004 +#define OPTEE_SMC_GET_SHM_CONFIG 0xb2000007 + +#define OPTEE_SMC_SHM_CACHED 1 + +#define OPTEE_SMC_RETURN_RPC_FOREIGN_INTR 0xffff0004 + +#define OPTEE_MSG_CMD_OPEN_SESSION 0 +#define OPTEE_MSG_CMD_INVOKE_COMMAND 1 +#define OPTEE_MSG_CMD_CLOSE_SESSION 2 + +#define OPTEE_MSG_ATTR_META 0x100 + +#define TEE_LOGIN_PUBLIC 0x0 + +typedef struct { + UINTN Base; + UINTN Size; +} OPTEE_SHARED_MEMORY_INFO; + +#endif