1b0104773SPascal Brand /* 2b0104773SPascal Brand * Copyright (c) 2014, STMicroelectronics International N.V. 3b0104773SPascal Brand * All rights reserved. 4b0104773SPascal Brand * 5b0104773SPascal Brand * Redistribution and use in source and binary forms, with or without 6b0104773SPascal Brand * modification, are permitted provided that the following conditions are met: 7b0104773SPascal Brand * 8b0104773SPascal Brand * 1. Redistributions of source code must retain the above copyright notice, 9b0104773SPascal Brand * this list of conditions and the following disclaimer. 10b0104773SPascal Brand * 11b0104773SPascal Brand * 2. Redistributions in binary form must reproduce the above copyright notice, 12b0104773SPascal Brand * this list of conditions and the following disclaimer in the documentation 13b0104773SPascal Brand * and/or other materials provided with the distribution. 14b0104773SPascal Brand * 15b0104773SPascal Brand * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 16b0104773SPascal Brand * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17b0104773SPascal Brand * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18b0104773SPascal Brand * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE 19b0104773SPascal Brand * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 20b0104773SPascal Brand * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 21b0104773SPascal Brand * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 22b0104773SPascal Brand * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 23b0104773SPascal Brand * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 24b0104773SPascal Brand * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 25b0104773SPascal Brand * POSSIBILITY OF SUCH DAMAGE. 26b0104773SPascal Brand */ 27b0104773SPascal Brand 28b0104773SPascal Brand /* Based on GP TEE Internal API Specification Version 0.22 */ 29b0104773SPascal Brand #ifndef TEE_TA_API_H 30b0104773SPascal Brand #define TEE_TA_API_H 31b0104773SPascal Brand 32b0104773SPascal Brand #include <tee_api_defines.h> 33b0104773SPascal Brand #include <tee_api_types.h> 34b0104773SPascal Brand 35b0104773SPascal Brand /* This is a null define in STE TEE environment */ 36b0104773SPascal Brand #define TA_EXPORT 37b0104773SPascal Brand 38b0104773SPascal Brand /* 39b0104773SPascal Brand * TA Interface 40b0104773SPascal Brand * 41b0104773SPascal Brand * Each Trusted Application must provide the Implementation with a number 42b0104773SPascal Brand * of functions, collectively called the “TA interface”. These functions 43b0104773SPascal Brand * are the entry points called by the Trusted Core Framework to create the 44b0104773SPascal Brand * instance, notify the instance that a new client is connecting, notify 45b0104773SPascal Brand * the instance when the client invokes a command, etc. 46b0104773SPascal Brand * 47b0104773SPascal Brand * Trusted Application Entry Points: 48b0104773SPascal Brand */ 49b0104773SPascal Brand 50b0104773SPascal Brand /* 51b0104773SPascal Brand * The function TA_CreateEntryPoint is the Trusted Application's 52b0104773SPascal Brand * constructor, which the Framework calls when it creates a new instance of 53b0104773SPascal Brand * the Trusted Application. To register instance data, the implementation 54b0104773SPascal Brand * of this constructor can use either global variables or the function 55b0104773SPascal Brand * TEE_InstanceSetData. 56b0104773SPascal Brand * 57b0104773SPascal Brand * Return Value: 58b0104773SPascal Brand * - TEE_SUCCESS: if the instance is successfully created, the function 59b0104773SPascal Brand * must return TEE_SUCCESS. 60b0104773SPascal Brand * - Any other value: if any other code is returned the instance is not 61b0104773SPascal Brand * created, and no other entry points of this instance will be called. 62b0104773SPascal Brand * The Framework MUST reclaim all resources and dereference all objects 63b0104773SPascal Brand * related to the creation of the instance. 64b0104773SPascal Brand * 65b0104773SPascal Brand * If this entry point was called as a result of a client opening a 66b0104773SPascal Brand * session, the error code is returned to the client and the session is 67b0104773SPascal Brand * not opened. 68b0104773SPascal Brand */ 69b0104773SPascal Brand TEE_Result TA_EXPORT TA_CreateEntryPoint(void); 70b0104773SPascal Brand 71b0104773SPascal Brand /* 72b0104773SPascal Brand * The function TA_DestroyEntryPoint is the Trusted Application‟s 73b0104773SPascal Brand * destructor, which the Framework calls when the instance is being 74b0104773SPascal Brand * destroyed. 75b0104773SPascal Brand * 76b0104773SPascal Brand * When the function TA_DestroyEntryPoint is called, the Framework 77b0104773SPascal Brand * guarantees that no client session is currently open. Once the call to 78b0104773SPascal Brand * TA_DestroyEntryPoint has been completed, no other entry point of this 79b0104773SPascal Brand * instance will ever be called. 80b0104773SPascal Brand * 81b0104773SPascal Brand * Note that when this function is called, all resources opened by the 82b0104773SPascal Brand * instance are still available. It is only after the function returns that 83b0104773SPascal Brand * the Implementation MUST start automatically reclaiming resources left 84b0104773SPascal Brand * opened. 85b0104773SPascal Brand * 86b0104773SPascal Brand * Return Value: 87b0104773SPascal Brand * This function can return no success or error code. After this function 88b0104773SPascal Brand * returns the Implementation MUST consider the instance destroyed and 89b0104773SPascal Brand * reclaims all resources left open by the instance. 90b0104773SPascal Brand */ 91b0104773SPascal Brand void TA_EXPORT TA_DestroyEntryPoint(void); 92b0104773SPascal Brand 93b0104773SPascal Brand /* 94b0104773SPascal Brand * The Framework calls the function TA_OpenSessionEntryPoint when a client 95b0104773SPascal Brand * requests to open a session with the Trusted Application. The open 96b0104773SPascal Brand * session request may result in a new Trusted Application instance being 97b0104773SPascal Brand * created as defined in section 4.5. 98b0104773SPascal Brand * 99b0104773SPascal Brand * The client can specify parameters in an open operation which are passed 100b0104773SPascal Brand * to the Trusted Application instance in the arguments paramTypes and 101b0104773SPascal Brand * params. These arguments can also be used by the Trusted Application 102b0104773SPascal Brand * instance to transfer response data back to the client. See section 4.3.6 103b0104773SPascal Brand * for a specification of how to handle the operation parameters. 104b0104773SPascal Brand * 105b0104773SPascal Brand * If this function returns TEE_SUCCESS, the client is connected to a 106b0104773SPascal Brand * Trusted Application instance and can invoke Trusted Application 107b0104773SPascal Brand * commands. When the client disconnects, the Framework will eventually 108b0104773SPascal Brand * call the TA_CloseSessionEntryPoint entry point. 109b0104773SPascal Brand * 110b0104773SPascal Brand * If the function returns any error, the Framework rejects the connection 111b0104773SPascal Brand * and returns the error code and the current content of the parameters the 112b0104773SPascal Brand * client. The return origin is then set to TEE_ORIGIN_TRUSTED_APP. 113b0104773SPascal Brand * 114b0104773SPascal Brand * The Trusted Application instance can register a session data pointer by 115b0104773SPascal Brand * setting *psessionContext. The value of this pointer is not interpreted 116b0104773SPascal Brand * by the Framework, and is simply passed back to other TA_ functions 117b0104773SPascal Brand * within this session. Note that *sessionContext may be set with a pointer 118b0104773SPascal Brand * to a memory allocated by the Trusted Application instance or with 119b0104773SPascal Brand * anything else, like an integer, a handle etc. The Framework will not 120b0104773SPascal Brand * automatically free *sessionContext when the session is closed; the 121b0104773SPascal Brand * Trusted Application instance is responsible for freeing memory if 122b0104773SPascal Brand * required. 123b0104773SPascal Brand * 124b0104773SPascal Brand * During the call to TA_OpenSessionEntryPoint the client may request to 125b0104773SPascal Brand * cancel the operation. See section 4.10 for more details on 126b0104773SPascal Brand * cancellations. If the call to TA_OpenSessionEntryPoint returns 127b0104773SPascal Brand * TEE_SUCCESS, the client must consider the session as successfully opened 128b0104773SPascal Brand * and explicitly close it if necessary. 129b0104773SPascal Brand * 130b0104773SPascal Brand * Parameters: 131b0104773SPascal Brand * - paramTypes: the types of the four parameters. 132b0104773SPascal Brand * - params: a pointer to an array of four parameters. 133b0104773SPascal Brand * - sessionContext: A pointer to a variable that can be filled by the 134b0104773SPascal Brand * Trusted Application instance with an opaque void* data pointer 135b0104773SPascal Brand * 136b0104773SPascal Brand * Return Value: 137b0104773SPascal Brand * - TEE_SUCCESS if the session is successfully opened. 138b0104773SPascal Brand * - Any other value if the session could not be open. 139b0104773SPascal Brand * o The error code may be one of the pre-defined codes, or may be a new 140b0104773SPascal Brand * error code defined by the Trusted Application implementation itself. 141b0104773SPascal Brand */ 142b0104773SPascal Brand TEE_Result TA_EXPORT TA_OpenSessionEntryPoint(uint32_t paramTypes, 143*68540524SIgor Opaniuk TEE_Param params[TEE_NUM_PARAMS], 144b0104773SPascal Brand void **sessionContext); 145b0104773SPascal Brand 146b0104773SPascal Brand /* 147b0104773SPascal Brand * The Framework calls this function to close a client session. During the 148b0104773SPascal Brand * call to this function the implementation can use any session functions. 149b0104773SPascal Brand * 150b0104773SPascal Brand * The Trusted Application implementation is responsible for freeing any 151b0104773SPascal Brand * resources consumed by the session being closed. Note that the Trusted 152b0104773SPascal Brand * Application cannot refuse to close a session, but can hold the closing 153b0104773SPascal Brand * until it returns from TA_CloseSessionEntryPoint. This is why this 154b0104773SPascal Brand * function cannot return an error code. 155b0104773SPascal Brand * 156b0104773SPascal Brand * Parameters: 157b0104773SPascal Brand * - sessionContext: The value of the void* opaque data pointer set by the 158b0104773SPascal Brand * Trusted Application in the function TA_OpenSessionEntryPoint for this 159b0104773SPascal Brand * session. 160b0104773SPascal Brand */ 161b0104773SPascal Brand void TA_EXPORT TA_CloseSessionEntryPoint(void *sessionContext); 162b0104773SPascal Brand 163b0104773SPascal Brand /* 164b0104773SPascal Brand * The Framework calls this function when the client invokes a command 165b0104773SPascal Brand * within the given session. 166b0104773SPascal Brand * 167b0104773SPascal Brand * The Trusted Application can access the parameters sent by the client 168b0104773SPascal Brand * through the paramTypes and params arguments. It can also use these 169b0104773SPascal Brand * arguments to transfer response data back to the client. 170b0104773SPascal Brand * 171b0104773SPascal Brand * During the call to TA_InvokeCommandEntryPoint the client may request to 172b0104773SPascal Brand * cancel the operation. 173b0104773SPascal Brand * 174b0104773SPascal Brand * A command is always invoked within the context of a client session. 175b0104773SPascal Brand * Thus, any session function can be called by the command implementation. 176b0104773SPascal Brand * 177b0104773SPascal Brand * Parameter: 178b0104773SPascal Brand * - sessionContext: The value of the void* opaque data pointer set by the 179b0104773SPascal Brand * Trusted Application in the function TA_OpenSessionEntryPoint. 180b0104773SPascal Brand * - commandID: A Trusted Application-specific code that identifies the 181b0104773SPascal Brand * command to be invoked. 182b0104773SPascal Brand * - paramTypes: the types of the four parameters. 183b0104773SPascal Brand * - params: a pointer to an array of four parameters. 184b0104773SPascal Brand * 185b0104773SPascal Brand * Return Value: 186b0104773SPascal Brand * - TEE_SUCCESS: if the command is successfully executed, the function 187b0104773SPascal Brand * must return this value. 188b0104773SPascal Brand * - Any other value: if the invocation of the command fails for any 189b0104773SPascal Brand * reason. 190b0104773SPascal Brand * o The error code may be one of the pre-defined codes, or may be a new 191b0104773SPascal Brand * error code defined by the Trusted Application implementation itself. 192b0104773SPascal Brand */ 193b0104773SPascal Brand 194b0104773SPascal Brand TEE_Result TA_EXPORT TA_InvokeCommandEntryPoint(void *sessionContext, 195b0104773SPascal Brand uint32_t commandID, 196b0104773SPascal Brand uint32_t paramTypes, 197*68540524SIgor Opaniuk TEE_Param params[TEE_NUM_PARAMS]); 198b0104773SPascal Brand 199b0104773SPascal Brand /* 200b0104773SPascal Brand * Correspondance Client Functions <--> TA Functions 201b0104773SPascal Brand * 202b0104773SPascal Brand * TEE_OpenSession or TEE_OpenTASession: 203b0104773SPascal Brand * If a new Trusted Application instance is needed to handle the session, 204b0104773SPascal Brand * TA_CreateEntryPoint is called. 205b0104773SPascal Brand * Then, TA_OpenSessionEntryPoint is called. 206b0104773SPascal Brand * 207b0104773SPascal Brand * 208b0104773SPascal Brand * TEE_InvokeCommand or TEE_InvokeTACommand: 209b0104773SPascal Brand * TA_InvokeCommandEntryPoint is called. 210b0104773SPascal Brand * 211b0104773SPascal Brand * 212b0104773SPascal Brand * TEE_CloseSession or TEE_CloseTASession: 213b0104773SPascal Brand * TA_CloseSessionEntryPoint is called. 214b0104773SPascal Brand * For a multi-instance TA or for a single-instance, non keep-alive TA, if 215b0104773SPascal Brand * the session closed was the last session on the instance, then 216b0104773SPascal Brand * TA_DestroyEntryPoint is called. Otherwise, the instance is kept until 217b0104773SPascal Brand * the TEE shuts down. 218b0104773SPascal Brand * 219b0104773SPascal Brand */ 220b0104773SPascal Brand 221b0104773SPascal Brand #endif 222