1 // SPDX-License-Identifier: BSD-2-Clause 2 /* 3 * Copyright (c) 2017, Linaro Limited 4 */ 5 6 #include <bitstring.h> 7 #include <crypto/crypto.h> 8 #include <kernel/msg_param.h> 9 #include <kernel/mutex.h> 10 #include <kernel/refcount.h> 11 #include <kernel/thread.h> 12 #include <optee_msg_supplicant.h> 13 #include <string.h> 14 #include <tee_api_defines_extensions.h> 15 #include <tee/tadb.h> 16 #include <tee/tee_fs.h> 17 #include <tee/tee_fs_rpc.h> 18 #include <tee/tee_pobj.h> 19 #include <tee/tee_svc_storage.h> 20 #include <utee_defines.h> 21 22 #define TADB_MAX_BUFFER_SIZE (64U * 1024) 23 24 #define TADB_AUTH_ENC_ALG TEE_ALG_AES_GCM 25 #define TADB_IV_SIZE TEE_AES_BLOCK_SIZE 26 #define TADB_TAG_SIZE TEE_AES_BLOCK_SIZE 27 #define TADB_KEY_SIZE TEE_AES_MAX_KEY_SIZE 28 29 struct tee_tadb_dir { 30 const struct tee_file_operations *ops; 31 struct tee_file_handle *fh; 32 int nbits; 33 bitstr_t *files; 34 }; 35 36 struct tadb_entry { 37 struct tee_tadb_property prop; 38 uint32_t file_number; 39 uint8_t iv[TADB_IV_SIZE]; 40 uint8_t tag[TADB_TAG_SIZE]; 41 uint8_t key[TADB_KEY_SIZE]; 42 }; 43 44 struct tadb_header { 45 uint32_t opaque_len; 46 uint8_t opaque[]; 47 }; 48 49 struct tee_tadb_ta_write { 50 struct tee_tadb_dir *db; 51 int fd; 52 struct tadb_entry entry; 53 size_t pos; 54 void *ctx; 55 }; 56 57 struct tee_tadb_ta_read { 58 struct tee_tadb_dir *db; 59 int fd; 60 struct tadb_entry entry; 61 size_t pos; 62 void *ctx; 63 uint64_t ta_cookie; 64 struct mobj *ta_mobj; 65 uint8_t *ta_buf; 66 }; 67 68 static const char tadb_obj_id[] = "ta.db"; 69 static struct tee_tadb_dir *tadb_db; 70 static struct refcount tadb_db_refc; 71 static struct mutex tadb_mutex = MUTEX_INITIALIZER; 72 73 static void file_num_to_str(char *buf, size_t blen, uint32_t file_number) 74 { 75 snprintf(buf, blen, "%" PRIu32 ".ta", file_number); 76 } 77 78 static bool is_null_uuid(const TEE_UUID *uuid) 79 { 80 const TEE_UUID null_uuid = { 0 }; 81 82 return !memcmp(uuid, &null_uuid, sizeof(*uuid)); 83 } 84 85 static TEE_Result ta_operation_open(unsigned int cmd, uint32_t file_number, 86 int *fd) 87 { 88 struct mobj *mobj; 89 TEE_Result res; 90 void *va; 91 uint64_t cookie; 92 struct optee_msg_param params[] = { 93 [0] = { .attr = OPTEE_MSG_ATTR_TYPE_VALUE_INPUT, 94 .u.value.a = cmd }, 95 [2] = { .attr = OPTEE_MSG_ATTR_TYPE_VALUE_OUTPUT } 96 }; 97 98 va = tee_fs_rpc_cache_alloc(TEE_FS_NAME_MAX, &mobj, &cookie); 99 if (!va) 100 return TEE_ERROR_OUT_OF_MEMORY; 101 102 if (!msg_param_init_memparam(params + 1, mobj, 0, TEE_FS_NAME_MAX, 103 cookie, MSG_PARAM_MEM_DIR_IN)) 104 return TEE_ERROR_BAD_STATE; 105 106 file_num_to_str(va, TEE_FS_NAME_MAX, file_number); 107 108 res = thread_rpc_cmd(OPTEE_MSG_RPC_CMD_FS, ARRAY_SIZE(params), params); 109 if (!res) 110 *fd = params[2].u.value.a; 111 112 return res; 113 } 114 115 static TEE_Result ta_operation_remove(uint32_t file_number) 116 { 117 struct mobj *mobj; 118 void *va; 119 uint64_t cookie; 120 struct optee_msg_param params[2] = { 121 [0] = { .attr = OPTEE_MSG_ATTR_TYPE_VALUE_INPUT, 122 .u.value.a = OPTEE_MRF_REMOVE }, 123 }; 124 125 va = tee_fs_rpc_cache_alloc(TEE_FS_NAME_MAX, &mobj, &cookie); 126 if (!va) 127 return TEE_ERROR_OUT_OF_MEMORY; 128 129 if (!msg_param_init_memparam(params + 1, mobj, 0, TEE_FS_NAME_MAX, 130 cookie, MSG_PARAM_MEM_DIR_IN)) 131 return TEE_ERROR_BAD_STATE; 132 133 file_num_to_str(va, TEE_FS_NAME_MAX, file_number); 134 135 return thread_rpc_cmd(OPTEE_MSG_RPC_CMD_FS, ARRAY_SIZE(params), params); 136 } 137 138 static TEE_Result maybe_grow_files(struct tee_tadb_dir *db, int idx) 139 { 140 void *p; 141 142 if (idx < db->nbits) 143 return TEE_SUCCESS; 144 145 p = realloc(db->files, bitstr_size(idx + 1)); 146 if (!p) 147 return TEE_ERROR_OUT_OF_MEMORY; 148 db->files = p; 149 150 bit_nclear(db->files, db->nbits, idx); 151 db->nbits = idx + 1; 152 153 return TEE_SUCCESS; 154 } 155 156 static TEE_Result set_file(struct tee_tadb_dir *db, int idx) 157 { 158 TEE_Result res = maybe_grow_files(db, idx); 159 160 if (!res) 161 bit_set(db->files, idx); 162 163 return res; 164 } 165 166 static void clear_file(struct tee_tadb_dir *db, int idx) 167 { 168 if (idx < db->nbits) 169 bit_clear(db->files, idx); 170 } 171 172 static bool test_file(struct tee_tadb_dir *db, int idx) 173 { 174 if (idx < db->nbits) 175 return bit_test(db->files, idx); 176 177 return false; 178 } 179 180 static TEE_Result read_ent(struct tee_tadb_dir *db, size_t idx, 181 struct tadb_entry *entry) 182 { 183 size_t l = sizeof(*entry); 184 TEE_Result res = db->ops->read(db->fh, idx * l, entry, &l); 185 186 if (!res && l != sizeof(*entry)) 187 return TEE_ERROR_ITEM_NOT_FOUND; 188 189 return res; 190 } 191 192 static TEE_Result write_ent(struct tee_tadb_dir *db, size_t idx, 193 const struct tadb_entry *entry) 194 { 195 const size_t l = sizeof(*entry); 196 197 return db->ops->write(db->fh, idx * l, entry, l); 198 } 199 200 static TEE_Result tadb_open(struct tee_tadb_dir **db_ret) 201 { 202 TEE_Result res; 203 struct tee_tadb_dir *db = calloc(1, sizeof(*db)); 204 struct tee_pobj po = { 205 .obj_id = (void *)tadb_obj_id, 206 .obj_id_len = sizeof(tadb_obj_id) 207 }; 208 209 if (!db) 210 return TEE_ERROR_OUT_OF_MEMORY; 211 212 db->ops = tee_svc_storage_file_ops(TEE_STORAGE_PRIVATE); 213 214 res = db->ops->open(&po, NULL, &db->fh); 215 if (res == TEE_ERROR_ITEM_NOT_FOUND) 216 res = db->ops->create(&po, false, NULL, 0, NULL, 0, NULL, 0, 217 &db->fh); 218 219 if (res) 220 free(db); 221 else 222 *db_ret = db; 223 224 return res; 225 } 226 227 static TEE_Result tee_tadb_open(struct tee_tadb_dir **db) 228 { 229 if (!refcount_inc(&tadb_db_refc)) { 230 TEE_Result res; 231 232 mutex_lock(&tadb_mutex); 233 res = tadb_open(&tadb_db); 234 if (!res) 235 refcount_set(&tadb_db_refc, 1); 236 mutex_unlock(&tadb_mutex); 237 if (res) 238 return res; 239 } 240 241 *db = tadb_db; 242 return TEE_SUCCESS; 243 } 244 245 static void tadb_put(struct tee_tadb_dir *db) 246 { 247 if (refcount_dec(&tadb_db_refc)) { 248 mutex_lock(&tadb_mutex); 249 if (!refcount_val(&tadb_db_refc) && tadb_db) { 250 db->ops->close(&db->fh); 251 free(db->files); 252 free(db); 253 tadb_db = NULL; 254 } 255 mutex_unlock(&tadb_mutex); 256 } 257 } 258 259 static void tee_tadb_close(struct tee_tadb_dir *db) 260 { 261 tadb_put(db); 262 } 263 264 static TEE_Result tadb_authenc_init(TEE_OperationMode mode, 265 const struct tadb_entry *entry, 266 void **ctx_ret) 267 { 268 TEE_Result res; 269 void *ctx; 270 const size_t enc_size = entry->prop.custom_size + entry->prop.bin_size; 271 272 res = crypto_authenc_alloc_ctx(&ctx, TADB_AUTH_ENC_ALG); 273 if (res) 274 return res; 275 276 res = crypto_authenc_init(ctx, TADB_AUTH_ENC_ALG, mode, 277 entry->key, sizeof(entry->key), 278 entry->iv, sizeof(entry->iv), 279 sizeof(entry->tag), 0, enc_size); 280 if (res) 281 crypto_authenc_free_ctx(ctx, TADB_AUTH_ENC_ALG); 282 else 283 *ctx_ret = ctx; 284 285 return res; 286 } 287 288 static TEE_Result tadb_update_payload(void *ctx, TEE_OperationMode mode, 289 const void *src, size_t len, void *dst) 290 { 291 TEE_Result res; 292 size_t sz = len; 293 294 res = crypto_authenc_update_payload(ctx, TADB_AUTH_ENC_ALG, mode, 295 (const uint8_t *)src, len, dst, 296 &sz); 297 assert(res || sz == len); 298 return res; 299 } 300 301 static TEE_Result populate_files(struct tee_tadb_dir *db) 302 { 303 TEE_Result res; 304 size_t idx; 305 306 /* 307 * If db->files isn't NULL the bitfield is already populated and 308 * there's nothing left to do here for now. 309 */ 310 if (db->files) 311 return TEE_SUCCESS; 312 313 /* 314 * Iterate over the TA database and set the bits in the bit field 315 * for used file numbers. Note that set_file() will allocate and 316 * grow the bitfield as needed. 317 * 318 * At the same time clean out duplicate file numbers, the first 319 * entry with the file number has precedence. Duplicate entries is 320 * not supposed to be able to happen, but if it still does better 321 * to clean it out here instead of letting the error spread with 322 * unexpected side effects. 323 */ 324 for (idx = 0;; idx++) { 325 struct tadb_entry entry; 326 327 res = read_ent(db, idx, &entry); 328 if (res) { 329 if (res == TEE_ERROR_ITEM_NOT_FOUND) 330 return TEE_SUCCESS; 331 goto err; 332 } 333 334 if (is_null_uuid(&entry.prop.uuid)) 335 continue; 336 337 if (test_file(db, entry.file_number)) { 338 IMSG("Clearing duplicate file number %" PRIu32, 339 entry.file_number); 340 memset(&entry, 0, sizeof(entry)); 341 res = write_ent(db, idx, &entry); 342 if (res) 343 goto err; 344 continue; 345 } 346 347 res = set_file(db, entry.file_number); 348 if (res) 349 goto err; 350 } 351 352 err: 353 free(db->files); 354 db->files = NULL; 355 db->nbits = 0; 356 357 return res; 358 } 359 360 TEE_Result tee_tadb_ta_create(const struct tee_tadb_property *property, 361 struct tee_tadb_ta_write **ta_ret) 362 { 363 TEE_Result res; 364 struct tee_tadb_ta_write *ta; 365 int i = 0; 366 367 if (is_null_uuid(&property->uuid)) 368 return TEE_ERROR_GENERIC; 369 370 ta = calloc(1, sizeof(*ta)); 371 if (!ta) 372 return TEE_ERROR_OUT_OF_MEMORY; 373 374 res = tee_tadb_open(&ta->db); 375 if (res) 376 goto err; 377 378 mutex_lock(&tadb_mutex); 379 380 /* 381 * Since we're going to search for next free file number below we 382 * need to populate the bitfield holding used file numbers. 383 */ 384 res = populate_files(ta->db); 385 if (res) 386 goto err_mutex; 387 388 if (ta->db->files) { 389 bit_ffc(ta->db->files, ta->db->nbits, &i); 390 if (i == -1) 391 i = ta->db->nbits; 392 } 393 394 res = set_file(ta->db, i); 395 if (res) 396 goto err_mutex; 397 398 mutex_unlock(&tadb_mutex); 399 400 ta->entry.file_number = i; 401 ta->entry.prop = *property; 402 403 res = crypto_rng_read(ta->entry.iv, sizeof(ta->entry.iv)); 404 if (res) 405 goto err; 406 407 res = crypto_rng_read(ta->entry.key, sizeof(ta->entry.key)); 408 if (res) 409 goto err; 410 411 res = ta_operation_open(OPTEE_MRF_CREATE, ta->entry.file_number, 412 &ta->fd); 413 if (res) 414 goto err; 415 416 res = tadb_authenc_init(TEE_MODE_ENCRYPT, &ta->entry, &ta->ctx); 417 if (res) 418 goto err; 419 420 *ta_ret = ta; 421 422 return TEE_SUCCESS; 423 424 err_mutex: 425 mutex_unlock(&tadb_mutex); 426 err: 427 tadb_put(ta->db); 428 free(ta); 429 430 return res; 431 } 432 433 TEE_Result tee_tadb_ta_write(struct tee_tadb_ta_write *ta, const void *buf, 434 size_t len) 435 { 436 TEE_Result res; 437 const uint8_t *rb = buf; 438 size_t rl = len; 439 struct tee_fs_rpc_operation op; 440 441 while (rl) { 442 size_t wl = MIN(rl, TADB_MAX_BUFFER_SIZE); 443 void *wb; 444 445 res = tee_fs_rpc_write_init(&op, OPTEE_MSG_RPC_CMD_FS, ta->fd, 446 ta->pos, wl, &wb); 447 if (res) 448 return res; 449 450 res = tadb_update_payload(ta->ctx, TEE_MODE_ENCRYPT, 451 rb, wl, wb); 452 if (res) 453 return res; 454 455 res = tee_fs_rpc_write_final(&op); 456 if (res) 457 return res; 458 459 rl -= wl; 460 rb += wl; 461 ta->pos += wl; 462 } 463 464 return TEE_SUCCESS; 465 } 466 467 void tee_tadb_ta_close_and_delete(struct tee_tadb_ta_write *ta) 468 { 469 crypto_authenc_final(ta->ctx, TADB_AUTH_ENC_ALG); 470 crypto_authenc_free_ctx(ta->ctx, TADB_AUTH_ENC_ALG); 471 tee_fs_rpc_close(OPTEE_MSG_RPC_CMD_FS, ta->fd); 472 ta_operation_remove(ta->entry.file_number); 473 474 mutex_lock(&tadb_mutex); 475 clear_file(ta->db, ta->entry.file_number); 476 mutex_unlock(&tadb_mutex); 477 478 tadb_put(ta->db); 479 free(ta); 480 } 481 482 static TEE_Result find_ent(struct tee_tadb_dir *db, const TEE_UUID *uuid, 483 size_t *idx_ret, struct tadb_entry *entry_ret) 484 { 485 TEE_Result res; 486 size_t idx; 487 488 /* 489 * Search for the provided uuid, if it's found return the index it 490 * has together with TEE_SUCCESS. 491 * 492 * If the uuid can't be found return the number indexes together 493 * with TEE_ERROR_ITEM_NOT_FOUND. 494 */ 495 for (idx = 0;; idx++) { 496 struct tadb_entry entry; 497 498 res = read_ent(db, idx, &entry); 499 if (res) { 500 if (res == TEE_ERROR_ITEM_NOT_FOUND) 501 break; 502 return res; 503 } 504 505 if (!memcmp(&entry.prop.uuid, uuid, sizeof(*uuid))) { 506 if (entry_ret) 507 *entry_ret = entry; 508 break; 509 } 510 } 511 512 *idx_ret = idx; 513 return res; 514 } 515 516 static TEE_Result find_free_ent_idx(struct tee_tadb_dir *db, size_t *idx) 517 { 518 const TEE_UUID null_uuid = { 0 }; 519 TEE_Result res = find_ent(db, &null_uuid, idx, NULL); 520 521 /* 522 * Note that *idx is set to the number of entries on 523 * TEE_ERROR_ITEM_NOT_FOUND. 524 */ 525 if (res == TEE_ERROR_ITEM_NOT_FOUND) 526 return TEE_SUCCESS; 527 return res; 528 } 529 530 TEE_Result tee_tadb_ta_close_and_commit(struct tee_tadb_ta_write *ta) 531 { 532 TEE_Result res; 533 size_t dsz = 0; 534 size_t sz = sizeof(ta->entry.tag); 535 size_t idx; 536 struct tadb_entry old_ent; 537 bool have_old_ent = false; 538 539 res = crypto_authenc_enc_final(ta->ctx, TADB_AUTH_ENC_ALG, 540 NULL, 0, NULL, &dsz, 541 ta->entry.tag, &sz); 542 if (res) 543 goto err; 544 545 tee_fs_rpc_close(OPTEE_MSG_RPC_CMD_FS, ta->fd); 546 547 mutex_lock(&tadb_mutex); 548 /* 549 * First try to find an existing TA to replace. If there's one 550 * we'll use the entry, but we should also remove the old encrypted 551 * file. 552 * 553 * If there isn't an existing TA to replace, grab a new entry. 554 */ 555 res = find_ent(ta->db, &ta->entry.prop.uuid, &idx, &old_ent); 556 if (!res) { 557 have_old_ent = true; 558 } else { 559 res = find_free_ent_idx(ta->db, &idx); 560 if (res) 561 goto err_mutex; 562 } 563 res = write_ent(ta->db, idx, &ta->entry); 564 if (res) 565 goto err_mutex; 566 if (have_old_ent) 567 clear_file(ta->db, old_ent.file_number); 568 mutex_unlock(&tadb_mutex); 569 570 crypto_authenc_final(ta->ctx, TADB_AUTH_ENC_ALG); 571 crypto_authenc_free_ctx(ta->ctx, TADB_AUTH_ENC_ALG); 572 tadb_put(ta->db); 573 free(ta); 574 if (have_old_ent) 575 ta_operation_remove(old_ent.file_number); 576 return TEE_SUCCESS; 577 578 err_mutex: 579 mutex_unlock(&tadb_mutex); 580 err: 581 tee_tadb_ta_close_and_delete(ta); 582 return res; 583 } 584 585 TEE_Result tee_tadb_ta_delete(const TEE_UUID *uuid) 586 { 587 const struct tadb_entry null_entry = { { { 0 } } }; 588 struct tee_tadb_dir *db; 589 struct tadb_entry entry; 590 size_t idx; 591 TEE_Result res; 592 593 if (is_null_uuid(uuid)) 594 return TEE_ERROR_GENERIC; 595 596 res = tee_tadb_open(&db); 597 if (res) 598 return res; 599 600 mutex_lock(&tadb_mutex); 601 res = find_ent(db, uuid, &idx, &entry); 602 if (res) { 603 mutex_unlock(&tadb_mutex); 604 tee_tadb_close(db); 605 return res; 606 } 607 608 clear_file(db, entry.file_number); 609 res = write_ent(db, idx, &null_entry); 610 mutex_unlock(&tadb_mutex); 611 612 tee_tadb_close(db); 613 if (res) 614 return res; 615 616 ta_operation_remove(entry.file_number); 617 return TEE_SUCCESS; 618 } 619 620 TEE_Result tee_tadb_ta_open(const TEE_UUID *uuid, 621 struct tee_tadb_ta_read **ta_ret) 622 { 623 TEE_Result res; 624 size_t idx; 625 struct tee_tadb_ta_read *ta; 626 static struct tadb_entry last_entry; 627 628 if (is_null_uuid(uuid)) 629 return TEE_ERROR_GENERIC; 630 631 ta = calloc(1, sizeof(*ta)); 632 if (!ta) 633 return TEE_ERROR_OUT_OF_MEMORY; 634 635 if (!memcmp(uuid, &last_entry.prop.uuid, sizeof(*uuid))) { 636 ta->entry = last_entry; 637 } else { 638 res = tee_tadb_open(&ta->db); 639 if (res) 640 goto err_free; /* Mustn't all tadb_put() */ 641 642 mutex_read_lock(&tadb_mutex); 643 res = find_ent(ta->db, uuid, &idx, &ta->entry); 644 mutex_read_unlock(&tadb_mutex); 645 if (res) 646 goto err; 647 } 648 649 res = ta_operation_open(OPTEE_MRF_OPEN, ta->entry.file_number, &ta->fd); 650 if (res) 651 goto err; 652 653 res = tadb_authenc_init(TEE_MODE_DECRYPT, &ta->entry, &ta->ctx); 654 if (res) 655 goto err; 656 657 *ta_ret = ta; 658 659 return TEE_SUCCESS; 660 err: 661 tadb_put(ta->db); 662 err_free: 663 free(ta); 664 return res; 665 } 666 667 const struct tee_tadb_property * 668 tee_tadb_ta_get_property(struct tee_tadb_ta_read *ta) 669 { 670 return &ta->entry.prop; 671 } 672 673 static TEE_Result ta_load(struct tee_tadb_ta_read *ta) 674 { 675 TEE_Result res; 676 const size_t sz = ta->entry.prop.custom_size + ta->entry.prop.bin_size; 677 struct optee_msg_param params[2] = { 678 [0] = { .attr = OPTEE_MSG_ATTR_TYPE_VALUE_INPUT, 679 .u.value.a = OPTEE_MRF_READ, 680 .u.value.b = ta->fd, 681 .u.value.c = 0 }, 682 }; 683 684 if (ta->ta_mobj) 685 return TEE_SUCCESS; 686 687 ta->ta_mobj = thread_rpc_alloc_payload(sz, &ta->ta_cookie); 688 if (!ta->ta_mobj) 689 return TEE_ERROR_OUT_OF_MEMORY; 690 691 ta->ta_buf = mobj_get_va(ta->ta_mobj, 0); 692 assert(ta->ta_buf); 693 694 if (!msg_param_init_memparam(params + 1, ta->ta_mobj, 0, sz, 695 ta->ta_cookie, MSG_PARAM_MEM_DIR_OUT)) 696 return TEE_ERROR_BAD_STATE; 697 698 res = thread_rpc_cmd(OPTEE_MSG_RPC_CMD_FS, ARRAY_SIZE(params), params); 699 if (res) { 700 thread_rpc_free_payload(ta->ta_cookie, ta->ta_mobj); 701 ta->ta_mobj = NULL; 702 } 703 return res; 704 } 705 706 TEE_Result tee_tadb_ta_read(struct tee_tadb_ta_read *ta, void *buf, size_t *len) 707 { 708 TEE_Result res; 709 const size_t sz = ta->entry.prop.custom_size + ta->entry.prop.bin_size; 710 size_t l = MIN(*len, sz - ta->pos); 711 712 res = ta_load(ta); 713 if (res) 714 return res; 715 716 if (buf) { 717 res = tadb_update_payload(ta->ctx, TEE_MODE_DECRYPT, 718 ta->ta_buf + ta->pos, l, buf); 719 if (res) 720 return res; 721 } else { 722 size_t num_bytes = 0; 723 size_t b_size = MIN(SIZE_4K, l); 724 uint8_t *b = malloc(b_size); 725 726 if (!b) 727 return TEE_ERROR_OUT_OF_MEMORY; 728 729 while (num_bytes < l) { 730 size_t n = MIN(b_size, l - num_bytes); 731 732 res = tadb_update_payload(ta->ctx, TEE_MODE_DECRYPT, 733 ta->ta_buf + ta->pos, n, b); 734 if (res) 735 break; 736 num_bytes += n; 737 } 738 739 free(b); 740 if (res) 741 return res; 742 } 743 744 ta->pos += l; 745 *len = l; 746 return TEE_SUCCESS; 747 } 748 749 void tee_tadb_ta_close(struct tee_tadb_ta_read *ta) 750 { 751 crypto_authenc_final(ta->ctx, TADB_AUTH_ENC_ALG); 752 crypto_authenc_free_ctx(ta->ctx, TADB_AUTH_ENC_ALG); 753 if (ta->ta_mobj) 754 thread_rpc_free_payload(ta->ta_cookie, ta->ta_mobj); 755 tee_fs_rpc_close(OPTEE_MSG_RPC_CMD_FS, ta->fd); 756 tadb_put(ta->db); 757 free(ta); 758 } 759