xref: /optee_os/lib/libutee/include/pta_system.h (revision b5b6225f9bad5274c53db3786539a2fd0c121b11) 
1 /* SPDX-License-Identifier: BSD-2-Clause */
2 /*
3  * Copyright (c) 2018-2019, Linaro Limited
4  */
5 #ifndef __PTA_SYSTEM_H
6 #define __PTA_SYSTEM_H
7 
8 #include <util.h>
9 
10 /*
11  * Interface to the pseudo TA, which is provides misc. auxiliary services,
12  * extending existing GlobalPlatform Core API
13  */
14 
15 #define PTA_SYSTEM_UUID { 0x3a2f8978, 0x5dc0, 0x11e8, { \
16 			 0x9c, 0x2d, 0xfa, 0x7a, 0xe0, 0x1b, 0xbe, 0xbc } }
17 
18 /*
19  * Having keys with too few bits impose a potential security risk, hence set a
20  * lower bound of 128 bits.
21  */
22 #define TA_DERIVED_KEY_MIN_SIZE		16
23 
24 /* Same value as max in huk_subkey_derive */
25 #define TA_DERIVED_KEY_MAX_SIZE		32
26 
27 #define TA_DERIVED_EXTRA_DATA_MAX_SIZE	1024
28 
29 /*
30  * Add (re-seed) caller-provided entropy to the RNG pool. Keymaster
31  * implementations need to securely mix the provided entropy into their pool,
32  * which also must contain internally-generated entropy from a hardware random
33  * number generator.
34  *
35  * [in]     memref[0]: entropy input data
36  */
37 #define PTA_SYSTEM_ADD_RNG_ENTROPY	0
38 
39 /*
40  * Derives a device and TA unique key. The caller can also provide extra data
41  * that will be mixed together with existing device unique properties. If no
42  * extra data is provided, then the derived key will only use device unique
43  * properties and caller TA UUID.
44  *
45  * [in]  params[0].memref.buffer     Buffer for extra data
46  * [in]  params[0].memref.size       Size of extra data (max 1024 bytes)
47  * [out] params[1].memref.buffer     Buffer for the derived key
48  * [out] params[1].memref.size       Size of the derived key (16 to 32 bytes)
49  */
50 #define PTA_SYSTEM_DERIVE_TA_UNIQUE_KEY 1
51 
52 /* Memory can be shared with other TAs */
53 #define PTA_SYSTEM_MAP_FLAG_SHAREABLE	BIT32(0)
54 
55 /*
56  * Map zero initialized memory
57  *
58  * [in]	    value[0].a: Number of bytes
59  * [in]	    value[0].b: Flags, 0 or PTA_SYSTEM_MAP_FLAG_SHAREABLE
60  * [out]    value[1].a: Address upper 32-bits
61  * [out]    value[1].b: Address lower 32-bits
62  * [in]     value[2].a: Extra pad before memory range
63  * [in]     value[2].b: Extra pad after memory range
64  */
65 #define PTA_SYSTEM_MAP_ZI		2
66 
67 /*
68  * Unmap memory
69  *
70  * [in]	    value[0].a: Number of bytes
71  * [in]	    value[0].b: Must be 0
72  * [in]	    value[1].a: Address upper 32-bits
73  * [in]	    value[1].b: Address lower 32-bits
74  */
75 #define PTA_SYSTEM_UNMAP		3
76 
77 #endif /* __PTA_SYSTEM_H */
78