14bca302aSIgor Opaniuk /* SPDX-License-Identifier: BSD-2-Clause */ 24bca302aSIgor Opaniuk /* 3b5b6225fSJens Wiklander * Copyright (c) 2018-2019, Linaro Limited 44bca302aSIgor Opaniuk */ 54bca302aSIgor Opaniuk #ifndef __PTA_SYSTEM_H 64bca302aSIgor Opaniuk #define __PTA_SYSTEM_H 74bca302aSIgor Opaniuk 8b5b6225fSJens Wiklander #include <util.h> 9b5b6225fSJens Wiklander 104bca302aSIgor Opaniuk /* 114bca302aSIgor Opaniuk * Interface to the pseudo TA, which is provides misc. auxiliary services, 124bca302aSIgor Opaniuk * extending existing GlobalPlatform Core API 134bca302aSIgor Opaniuk */ 144bca302aSIgor Opaniuk 154bca302aSIgor Opaniuk #define PTA_SYSTEM_UUID { 0x3a2f8978, 0x5dc0, 0x11e8, { \ 164bca302aSIgor Opaniuk 0x9c, 0x2d, 0xfa, 0x7a, 0xe0, 0x1b, 0xbe, 0xbc } } 174bca302aSIgor Opaniuk 184bca302aSIgor Opaniuk /* 19a30ddda9SJoakim Bech * Having keys with too few bits impose a potential security risk, hence set a 20a30ddda9SJoakim Bech * lower bound of 128 bits. 21a30ddda9SJoakim Bech */ 22a30ddda9SJoakim Bech #define TA_DERIVED_KEY_MIN_SIZE 16 23a30ddda9SJoakim Bech 24a30ddda9SJoakim Bech /* Same value as max in huk_subkey_derive */ 25a30ddda9SJoakim Bech #define TA_DERIVED_KEY_MAX_SIZE 32 26a30ddda9SJoakim Bech 27a30ddda9SJoakim Bech #define TA_DERIVED_EXTRA_DATA_MAX_SIZE 1024 28a30ddda9SJoakim Bech 29a30ddda9SJoakim Bech /* 304bca302aSIgor Opaniuk * Add (re-seed) caller-provided entropy to the RNG pool. Keymaster 314bca302aSIgor Opaniuk * implementations need to securely mix the provided entropy into their pool, 324bca302aSIgor Opaniuk * which also must contain internally-generated entropy from a hardware random 334bca302aSIgor Opaniuk * number generator. 344bca302aSIgor Opaniuk * 354bca302aSIgor Opaniuk * [in] memref[0]: entropy input data 364bca302aSIgor Opaniuk */ 374bca302aSIgor Opaniuk #define PTA_SYSTEM_ADD_RNG_ENTROPY 0 384bca302aSIgor Opaniuk 39a30ddda9SJoakim Bech /* 40a30ddda9SJoakim Bech * Derives a device and TA unique key. The caller can also provide extra data 41a30ddda9SJoakim Bech * that will be mixed together with existing device unique properties. If no 42a30ddda9SJoakim Bech * extra data is provided, then the derived key will only use device unique 43a30ddda9SJoakim Bech * properties and caller TA UUID. 44a30ddda9SJoakim Bech * 45a30ddda9SJoakim Bech * [in] params[0].memref.buffer Buffer for extra data 46a30ddda9SJoakim Bech * [in] params[0].memref.size Size of extra data (max 1024 bytes) 47a30ddda9SJoakim Bech * [out] params[1].memref.buffer Buffer for the derived key 48a30ddda9SJoakim Bech * [out] params[1].memref.size Size of the derived key (16 to 32 bytes) 49a30ddda9SJoakim Bech */ 50a30ddda9SJoakim Bech #define PTA_SYSTEM_DERIVE_TA_UNIQUE_KEY 1 51a30ddda9SJoakim Bech 52b5b6225fSJens Wiklander /* Memory can be shared with other TAs */ 53b5b6225fSJens Wiklander #define PTA_SYSTEM_MAP_FLAG_SHAREABLE BIT32(0) 540b414d3fSJens Wiklander /* Read/write memory */ 550b414d3fSJens Wiklander #define PTA_SYSTEM_MAP_FLAG_WRITEABLE BIT32(1) 560b414d3fSJens Wiklander /* Executable memory */ 570b414d3fSJens Wiklander #define PTA_SYSTEM_MAP_FLAG_EXECUTABLE BIT32(2) 58b5b6225fSJens Wiklander 59b5b6225fSJens Wiklander /* 60b5b6225fSJens Wiklander * Map zero initialized memory 61b5b6225fSJens Wiklander * 62b5b6225fSJens Wiklander * [in] value[0].a: Number of bytes 63b5b6225fSJens Wiklander * [in] value[0].b: Flags, 0 or PTA_SYSTEM_MAP_FLAG_SHAREABLE 64b5b6225fSJens Wiklander * [out] value[1].a: Address upper 32-bits 65b5b6225fSJens Wiklander * [out] value[1].b: Address lower 32-bits 66b5b6225fSJens Wiklander * [in] value[2].a: Extra pad before memory range 67b5b6225fSJens Wiklander * [in] value[2].b: Extra pad after memory range 68b5b6225fSJens Wiklander */ 69b5b6225fSJens Wiklander #define PTA_SYSTEM_MAP_ZI 2 70b5b6225fSJens Wiklander 71b5b6225fSJens Wiklander /* 72b5b6225fSJens Wiklander * Unmap memory 73b5b6225fSJens Wiklander * 74b5b6225fSJens Wiklander * [in] value[0].a: Number of bytes 75b5b6225fSJens Wiklander * [in] value[0].b: Must be 0 76b5b6225fSJens Wiklander * [in] value[1].a: Address upper 32-bits 77b5b6225fSJens Wiklander * [in] value[1].b: Address lower 32-bits 78b5b6225fSJens Wiklander */ 79b5b6225fSJens Wiklander #define PTA_SYSTEM_UNMAP 3 80b5b6225fSJens Wiklander 810b414d3fSJens Wiklander /* 820b414d3fSJens Wiklander * Find and opens an TA binary and return a handle 830b414d3fSJens Wiklander * 840b414d3fSJens Wiklander * [in] memref[0]: UUID of TA binary 850b414d3fSJens Wiklander * [out] value[1].a: Handle to TA binary 860b414d3fSJens Wiklander * [out] value[1].b: 0 870b414d3fSJens Wiklander */ 880b414d3fSJens Wiklander #define PTA_SYSTEM_OPEN_TA_BINARY 4 890b414d3fSJens Wiklander 900b414d3fSJens Wiklander /* 910b414d3fSJens Wiklander * Close an TA binary handle 920b414d3fSJens Wiklander * 930b414d3fSJens Wiklander * When a TA is done mapping new parts of an TA binary it closes the handle 940b414d3fSJens Wiklander * to free resources, established mappings remains. 950b414d3fSJens Wiklander * 960b414d3fSJens Wiklander * [in] value[1].a: Handle to TA binary 970b414d3fSJens Wiklander * [in] value[1].b: Must be 0 980b414d3fSJens Wiklander * 990b414d3fSJens Wiklander * Returns TEE_SUCCESS if the TA binary was verified successfully. 1000b414d3fSJens Wiklander */ 1010b414d3fSJens Wiklander #define PTA_SYSTEM_CLOSE_TA_BINARY 5 1020b414d3fSJens Wiklander 1030b414d3fSJens Wiklander /* 1040b414d3fSJens Wiklander * Map segment of TA binary 1050b414d3fSJens Wiklander * 1060b414d3fSJens Wiklander * Different parts of an TA binary file needs different permissions. 1070b414d3fSJens Wiklander * Read-write mapped parts are private to the TA, while read-only (which 1080b414d3fSJens Wiklander * includes execute) mapped parts are shared with other TAs. This is 1090b414d3fSJens Wiklander * transparent to the TA. If the supplied address in value[3] is 0 a 1100b414d3fSJens Wiklander * suitable address is selected, else it will either be mapped at that 1110b414d3fSJens Wiklander * address of an error is returned. 1120b414d3fSJens Wiklander * 1130b414d3fSJens Wiklander * [in] value[0].a: Handle to TA binary 1140b414d3fSJens Wiklander * [in] value[0].b: Flags, PTA_SYSTEM_MAP_FLAG_* 1150b414d3fSJens Wiklander * [in] value[1].a: Offset into TA binary, must be page aligned 1160b414d3fSJens Wiklander * [in] value[1].b: Number of bytes, the last page will be zero 1170b414d3fSJens Wiklander * extended if not page aligned 1180b414d3fSJens Wiklander * [in/out] value[2].a: Address upper 32-bits 1190b414d3fSJens Wiklander * [in/out] value[2].b: Address lower 32-bits 1200b414d3fSJens Wiklander * [in] value[3].a: Extra pad before memory range 1210b414d3fSJens Wiklander * [in] value[3].b: Extra pad after memory range 1220b414d3fSJens Wiklander */ 1230b414d3fSJens Wiklander #define PTA_SYSTEM_MAP_TA_BINARY 6 1240b414d3fSJens Wiklander 1250b414d3fSJens Wiklander /* 1260b414d3fSJens Wiklander * Copy a memory range from TA binary 1270b414d3fSJens Wiklander * 1280b414d3fSJens Wiklander * [in] value[0].a: Handle to TA binary 1290b414d3fSJens Wiklander * [in] value[0].b: Offset into TA binary 1300b414d3fSJens Wiklander * [out] memref[1]: Destination 1310b414d3fSJens Wiklander */ 1320b414d3fSJens Wiklander #define PTA_SYSTEM_COPY_FROM_TA_BINARY 7 1330b414d3fSJens Wiklander 1340a563c6fSJens Wiklander /* 1350a563c6fSJens Wiklander * Set memory protection 1360a563c6fSJens Wiklander * 1370a563c6fSJens Wiklander * [in] value[0].a: Number of bytes 1380a563c6fSJens Wiklander * [in] value[0].b: Flags, PTA_SYSTEM_MAP_FLAG_* 1390a563c6fSJens Wiklander * [in] value[1].a: Address upper 32-bits 1400a563c6fSJens Wiklander * [in] value[1].b: Address lower 32-bits 1410a563c6fSJens Wiklander */ 1420a563c6fSJens Wiklander #define PTA_SYSTEM_SET_PROT 8 1430a563c6fSJens Wiklander 144*34db7172SJens Wiklander /* 145*34db7172SJens Wiklander * Remap a segment of a TA mapping 146*34db7172SJens Wiklander * 147*34db7172SJens Wiklander * Moves an already mapped segment of a TA to a new address. If the 148*34db7172SJens Wiklander * supplied new address is 0 a suitable address is selected, else it will 149*34db7172SJens Wiklander * either be mapped at that address or an error is returned. 150*34db7172SJens Wiklander * 151*34db7172SJens Wiklander * [in] value[0].a: Number of bytes, must match length rounded up to 152*34db7172SJens Wiklander * closest page of original mapping 153*34db7172SJens Wiklander * [in] value[0].b: Must be 0 154*34db7172SJens Wiklander * [in] value[1].a: Old address upper 32-bits 155*34db7172SJens Wiklander * [in] value[1].b: Old address lower 32-bits 156*34db7172SJens Wiklander * [in/out] value[2].a: New address upper 32-bits 157*34db7172SJens Wiklander * [in/out] value[2].b: New address lower 32-bits 158*34db7172SJens Wiklander * [in] value[3].a: Extra pad before memory range 159*34db7172SJens Wiklander * [in] value[3].b: Extra pad after memory range 160*34db7172SJens Wiklander */ 161*34db7172SJens Wiklander #define PTA_SYSTEM_REMAP 9 162*34db7172SJens Wiklander 1634bca302aSIgor Opaniuk #endif /* __PTA_SYSTEM_H */ 164