libutee/include/pta_system.h

/* SPDX-License-Identifier: BSD-2-Clause */
/*
 * Copyright (c) 2018-2019, Linaro Limited
 */
#ifndef __PTA_SYSTEM_H
#define __PTA_SYSTEM_H

#include <util.h>

/*
 * Interface to the pseudo TA, which is provides misc. auxiliary services,
 * extending existing GlobalPlatform Core API
 */

#define PTA_SYSTEM_UUID { 0x3a2f8978, 0x5dc0, 0x11e8, { \
			 0x9c, 0x2d, 0xfa, 0x7a, 0xe0, 0x1b, 0xbe, 0xbc } }

/*
 * Having keys with too few bits impose a potential security risk, hence set a
 * lower bound of 128 bits.
 */
#define TA_DERIVED_KEY_MIN_SIZE		16

/* Same value as max in huk_subkey_derive */
#define TA_DERIVED_KEY_MAX_SIZE		32

#define TA_DERIVED_EXTRA_DATA_MAX_SIZE	1024

/*
 * Add (re-seed) caller-provided entropy to the RNG pool. Keymaster
 * implementations need to securely mix the provided entropy into their pool,
 * which also must contain internally-generated entropy from a hardware random
 * number generator.
 *
 * [in]     memref[0]: entropy input data
 */
#define PTA_SYSTEM_ADD_RNG_ENTROPY	0

/*
 * Derives a device and TA unique key. The caller can also provide extra data
 * that will be mixed together with existing device unique properties. If no
 * extra data is provided, then the derived key will only use device unique
 * properties and caller TA UUID.
 *
 * [in]  params[0].memref.buffer     Buffer for extra data
 * [in]  params[0].memref.size       Size of extra data (max 1024 bytes)
 * [out] params[1].memref.buffer     Buffer for the derived key
 * [out] params[1].memref.size       Size of the derived key (16 to 32 bytes)
 */
#define PTA_SYSTEM_DERIVE_TA_UNIQUE_KEY 1

/* Memory can be shared with other TAs */
#define PTA_SYSTEM_MAP_FLAG_SHAREABLE	BIT32(0)
/* Read/write memory */
#define PTA_SYSTEM_MAP_FLAG_WRITEABLE	BIT32(1)
/* Executable memory */
#define PTA_SYSTEM_MAP_FLAG_EXECUTABLE	BIT32(2)

/*
 * Map zero initialized memory
 *
 * [in]	    value[0].a: Number of bytes
 * [in]	    value[0].b: Flags, 0 or PTA_SYSTEM_MAP_FLAG_SHAREABLE
 * [out]    value[1].a: Address upper 32-bits
 * [out]    value[1].b: Address lower 32-bits
 * [in]     value[2].a: Extra pad before memory range
 * [in]     value[2].b: Extra pad after memory range
 */
#define PTA_SYSTEM_MAP_ZI		2

/*
 * Unmap memory
 *
 * [in]	    value[0].a: Number of bytes
 * [in]	    value[0].b: Must be 0
 * [in]	    value[1].a: Address upper 32-bits
 * [in]	    value[1].b: Address lower 32-bits
 */
#define PTA_SYSTEM_UNMAP		3

/*
 * Find and opens an TA binary and return a handle
 *
 * [in]	    memref[0]:	UUID of TA binary
 * [out]    value[1].a:	Handle to TA binary
 * [out]    value[1].b:	0
 */
#define PTA_SYSTEM_OPEN_TA_BINARY	4

/*
 * Close an TA binary handle
 *
 * When a TA is done mapping new parts of an TA binary it closes the handle
 * to free resources, established mappings remains.
 *
 * [in]     value[1].a:	Handle to TA binary
 * [in]     value[1].b:	Must be 0
 *
 * Returns TEE_SUCCESS if the TA binary was verified successfully.
 */
#define PTA_SYSTEM_CLOSE_TA_BINARY	5

/*
 * Map segment of TA binary
 *
 * Different parts of an TA binary file needs different permissions.
 * Read-write mapped parts are private to the TA, while read-only (which
 * includes execute) mapped parts are shared with other TAs. This is
 * transparent to the TA. If the supplied address in value[3] is 0 a
 * suitable address is selected, else it will either be mapped at that
 * address of an error is returned.
 *
 * [in]     value[0].a:	Handle to TA binary
 * [in]     value[0].b:	Flags, PTA_SYSTEM_MAP_FLAG_*
 * [in]     value[1].a:	Offset into TA binary, must be page aligned
 * [in]     value[1].b:	Number of bytes, the last page will be zero
 *			extended if not page aligned
 * [in/out] value[2].a:	Address upper 32-bits
 * [in/out] value[2].b:	Address lower 32-bits
 * [in]     value[3].a: Extra pad before memory range
 * [in]     value[3].b: Extra pad after memory range
 */
#define PTA_SYSTEM_MAP_TA_BINARY	6

/*
 * Copy a memory range from TA binary
 *
 * [in]     value[0].a:	Handle to TA binary
 * [in]     value[0].b:	Offset into TA binary
 * [out]    memref[1]:	Destination
 */
#define PTA_SYSTEM_COPY_FROM_TA_BINARY	7

/*
 * Set memory protection
 *
 * [in]	    value[0].a: Number of bytes
 * [in]     value[0].b:	Flags, PTA_SYSTEM_MAP_FLAG_*
 * [in]	    value[1].a: Address upper 32-bits
 * [in]	    value[1].b: Address lower 32-bits
 */
#define PTA_SYSTEM_SET_PROT		8

/*
 * Remap a segment of a TA mapping
 *
 * Moves an already mapped segment of a TA to a new address. If the
 * supplied new address is 0 a suitable address is selected, else it will
 * either be mapped at that address or an error is returned.
 *
 * [in]	    value[0].a: Number of bytes, must match length rounded up to
 *			closest page of original mapping
 * [in]     value[0].b:	Must be 0
 * [in]	    value[1].a:	Old address upper 32-bits
 * [in]     value[1].b:	Old address lower 32-bits
 * [in/out] value[2].a:	New address upper 32-bits
 * [in/out] value[2].b:	New address lower 32-bits
 * [in]     value[3].a: Extra pad before memory range
 * [in]     value[3].b: Extra pad after memory range
 */
#define PTA_SYSTEM_REMAP		9

/*
 * Load a shared library
 *
 * [in]     memref[0]: the UUID of the shared library (@filename)
 * [in]     value[1].a: @flags, must be (RTLD_NOW | RTLD_GLOBAL | RTLD_NODELETE)
 *
 * Used by: (libdl) dlopen(const char *filename, int flags)
 */
#define PTA_SYSTEM_DLOPEN               10

/*
 * Resolve a symbol in a previously loaded shared library or in the whole TA
 *
 * [in]     memref[0]: the UUID of the shared library, or the nil UUID to
 *                     search the whole TA
 * [in]     memref[1]: symbol name (@symbol)
 * [out]    value[2]: address of the symbol or NULL
 *
 * Used by: (libdl) dlsym(void *handle, const char *symbol)
 */
#define PTA_SYSTEM_DLSYM                11

/*
 * Retrieves a copy of the TPM Event log held in secure memory.
 *
 * [out]    memref[0]: Pointer to the buffer where to store the event log.
 */
#define PTA_SYSTEM_GET_TPM_EVENT_LOG	12

#endif /* __PTA_SYSTEM_H */