1ae8ec5e1SHisping Lin /* 2ae8ec5e1SHisping Lin * Copyright 2017, Rockchip Electronics Co., Ltd 3ae8ec5e1SHisping Lin * hisping lin, <hisping.lin@rock-chips.com> 4ae8ec5e1SHisping Lin * 5ae8ec5e1SHisping Lin * SPDX-License-Identifier: GPL-2.0+ 6ae8ec5e1SHisping Lin */ 7ae8ec5e1SHisping Lin 8ae8ec5e1SHisping Lin #include <common.h> 9bb1ba6acSHisping Lin #include <optee_include/OpteeClientInterface.h> 10ae8ec5e1SHisping Lin #include <optee_include/OpteeClientApiLib.h> 11ae8ec5e1SHisping Lin #include <optee_include/tee_client_api.h> 1278ef5fbdSqiujian #include <optee_include/tee_api_defines.h> 133251364cSHisping Lin #include <boot_rkimg.h> 14a7df4868Stony.xu #include <stdlib.h> 151e8c0e44STony Xu #include <attestation_key.h> 16a7df4868Stony.xu 17a7df4868Stony.xu #define BOOT_FROM_EMMC (1 << 1) 18c7de5349SHisping Lin #define STORAGE_CMD_READ_ATTRIBUTE_HASH 0 19c7de5349SHisping Lin #define STORAGE_CMD_WRITE_ATTRIBUTE_HASH 1 20c7de5349SHisping Lin #define STORAGE_CMD_UBOOT_END_OTP 2 21c7de5349SHisping Lin #define STORAGE_CMD_READ_VBOOTKEY_HASH 3 22c7de5349SHisping Lin #define STORAGE_CMD_WRITE_VBOOTKEY_HASH 4 23c7de5349SHisping Lin #define STORAGE_CMD_READ_ENABLE_FLAG 5 241ef63c75SHisping Lin #define STORAGE_CMD_WRITE_TA_ENCRYPTION_KEY 9 25fbf29bfbSHisping Lin #define STORAGE_CMD_CHECK_SECURITY_LEVEL_FLAG 10 26f39d4289SHisping Lin #define STORAGE_CMD_WRITE_OEM_HUK 11 27d5913350SHisping Lin #define STORAGE_CMD_WRITE_OEM_NS_OTP 12 28d5913350SHisping Lin #define STORAGE_CMD_READ_OEM_NS_OTP 13 2990e849a0Sxb.wang #define STORAGE_CMD_WRITE_OEM_OTP_KEY 14 30a405238aSHisping Lin #define STORAGE_CMD_SET_OEM_HR_OTP_READ_LOCK 15 31ae8ec5e1SHisping Lin 32*2f8c34bdSxb.wang #define CRYPTO_SERVICE_CMD_OEM_OTP_KEY_PHYS_CIPHER 0x00000002 33fc3694d6Sxb.wang 34fc3694d6Sxb.wang #define RK_CRYPTO_SERVICE_UUID { 0x0cacdb5d, 0x4fea, 0x466c, \ 35fc3694d6Sxb.wang { 0x97, 0x16, 0x3d, 0x54, 0x16, 0x52, 0x83, 0x0f } } 36fc3694d6Sxb.wang 37ae8ec5e1SHisping Lin static uint8_t b2hs_add_base(uint8_t in) 38ae8ec5e1SHisping Lin { 39ae8ec5e1SHisping Lin if (in > 9) 40ae8ec5e1SHisping Lin return in + 55; 41ae8ec5e1SHisping Lin else 42ae8ec5e1SHisping Lin return in + 48; 43ae8ec5e1SHisping Lin } 44ae8ec5e1SHisping Lin 45c7de5349SHisping Lin static uint32_t b2hs(uint8_t *b, uint8_t *hs, uint32_t blen, uint32_t hslen) 46ae8ec5e1SHisping Lin { 47ae8ec5e1SHisping Lin uint32_t i = 0; 48ae8ec5e1SHisping Lin 49ae8ec5e1SHisping Lin if (blen * 2 + 1 > hslen) 50ae8ec5e1SHisping Lin return 0; 51ae8ec5e1SHisping Lin 52ae8ec5e1SHisping Lin for (; i < blen; i++) { 53ae8ec5e1SHisping Lin hs[i * 2 + 1] = b2hs_add_base(b[i] & 0xf); 54ae8ec5e1SHisping Lin hs[i * 2] = b2hs_add_base(b[i] >> 4); 55ae8ec5e1SHisping Lin } 56ae8ec5e1SHisping Lin hs[blen * 2] = 0; 57ae8ec5e1SHisping Lin 58ae8ec5e1SHisping Lin return blen * 2; 59ae8ec5e1SHisping Lin } 60ae8ec5e1SHisping Lin 61*2f8c34bdSxb.wang static void crypto_flush_cacheline(uint32_t addr, uint32_t size) 62*2f8c34bdSxb.wang { 63*2f8c34bdSxb.wang ulong alignment = CONFIG_SYS_CACHELINE_SIZE; 64*2f8c34bdSxb.wang ulong aligned_input, aligned_len; 65*2f8c34bdSxb.wang 66*2f8c34bdSxb.wang if (!addr || !size) 67*2f8c34bdSxb.wang return; 68*2f8c34bdSxb.wang 69*2f8c34bdSxb.wang /* Must flush dcache before crypto DMA fetch data region */ 70*2f8c34bdSxb.wang aligned_input = round_down(addr, alignment); 71*2f8c34bdSxb.wang aligned_len = round_up(size + (addr - aligned_input), alignment); 72*2f8c34bdSxb.wang flush_cache(aligned_input, aligned_len); 73*2f8c34bdSxb.wang } 74*2f8c34bdSxb.wang 75c7de5349SHisping Lin static uint32_t trusty_base_write_security_data(char *filename, 76c7de5349SHisping Lin uint32_t filename_size, 77c7de5349SHisping Lin uint8_t *data, 78c7de5349SHisping Lin uint32_t data_size) 79ae8ec5e1SHisping Lin { 80ae8ec5e1SHisping Lin TEEC_Result TeecResult; 81ae8ec5e1SHisping Lin TEEC_Context TeecContext; 82ae8ec5e1SHisping Lin TEEC_Session TeecSession; 83ae8ec5e1SHisping Lin uint32_t ErrorOrigin; 84ae8ec5e1SHisping Lin TEEC_UUID tempuuid = { 0x1b484ea5, 0x698b, 0x4142, 85ae8ec5e1SHisping Lin { 0x82, 0xb8, 0x3a, 0xcf, 0x16, 0xe9, 0x9e, 0x2a } }; 86ae8ec5e1SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 87ae8ec5e1SHisping Lin TEEC_Operation TeecOperation = {0}; 883251364cSHisping Lin struct blk_desc *dev_desc; 893251364cSHisping Lin dev_desc = rockchip_get_bootdev(); 906651d4c0SJason Zhu if (!dev_desc) { 916651d4c0SJason Zhu printf("%s: dev_desc is NULL!\n", __func__); 926651d4c0SJason Zhu return -TEEC_ERROR_GENERIC; 936651d4c0SJason Zhu } 943251364cSHisping Lin 95f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 96f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 97f4e1db95SHisping Lin return TeecResult; 98ae8ec5e1SHisping Lin 99ae8ec5e1SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 100f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 101f4e1db95SHisping Lin return TeecResult; 102ae8ec5e1SHisping Lin 1033251364cSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 1043251364cSHisping Lin TEEC_NONE, 1053251364cSHisping Lin TEEC_NONE, 1063251364cSHisping Lin TEEC_NONE); 1073251364cSHisping Lin /*0 nand or emmc "security" partition , 1 rpmb*/ 108b9a7e756SHisping Lin if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 109b9a7e756SHisping Lin TeecOperation.params[0].value.a = 1; 110b9a7e756SHisping Lin else 111b9a7e756SHisping Lin TeecOperation.params[0].value.a = 0; 1123251364cSHisping Lin #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 1133251364cSHisping Lin TeecOperation.params[0].value.a = 0; 1143251364cSHisping Lin #endif 1153251364cSHisping Lin 116ae8ec5e1SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 117ae8ec5e1SHisping Lin &TeecSession, 118ae8ec5e1SHisping Lin TeecUuid, 119ae8ec5e1SHisping Lin TEEC_LOGIN_PUBLIC, 120ae8ec5e1SHisping Lin NULL, 1213251364cSHisping Lin &TeecOperation, 122ae8ec5e1SHisping Lin &ErrorOrigin); 123f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 124f4e1db95SHisping Lin return TeecResult; 125ae8ec5e1SHisping Lin 126ae8ec5e1SHisping Lin TEEC_SharedMemory SharedMem0 = {0}; 127ae8ec5e1SHisping Lin 128c7de5349SHisping Lin SharedMem0.size = filename_size; 129ae8ec5e1SHisping Lin SharedMem0.flags = 0; 130ae8ec5e1SHisping Lin 131ae8ec5e1SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 132f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 133f4e1db95SHisping Lin goto exit; 134ae8ec5e1SHisping Lin 135c7de5349SHisping Lin memcpy(SharedMem0.buffer, filename, SharedMem0.size); 136ae8ec5e1SHisping Lin 137ae8ec5e1SHisping Lin TEEC_SharedMemory SharedMem1 = {0}; 138ae8ec5e1SHisping Lin 139c7de5349SHisping Lin SharedMem1.size = data_size; 140c7de5349SHisping Lin SharedMem1.flags = 0; 141c7de5349SHisping Lin 142c7de5349SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem1); 143c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 144c7de5349SHisping Lin goto exit; 145c7de5349SHisping Lin 146c7de5349SHisping Lin memcpy(SharedMem1.buffer, data, SharedMem1.size); 147c7de5349SHisping Lin 148c7de5349SHisping Lin TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 149c7de5349SHisping Lin TeecOperation.params[0].tmpref.size = SharedMem0.size; 150c7de5349SHisping Lin 151c7de5349SHisping Lin TeecOperation.params[1].tmpref.buffer = SharedMem1.buffer; 152c7de5349SHisping Lin TeecOperation.params[1].tmpref.size = SharedMem1.size; 153c7de5349SHisping Lin 154c7de5349SHisping Lin 155c7de5349SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT, 156c7de5349SHisping Lin TEEC_MEMREF_TEMP_INOUT, 157c7de5349SHisping Lin TEEC_NONE, 158c7de5349SHisping Lin TEEC_NONE); 159c7de5349SHisping Lin 160c7de5349SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 161c7de5349SHisping Lin 1, 162c7de5349SHisping Lin &TeecOperation, 163c7de5349SHisping Lin &ErrorOrigin); 164c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 165c7de5349SHisping Lin goto exit; 166c7de5349SHisping Lin exit: 167c7de5349SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem0); 168c7de5349SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem1); 169c7de5349SHisping Lin TEEC_CloseSession(&TeecSession); 170c7de5349SHisping Lin TEEC_FinalizeContext(&TeecContext); 171c7de5349SHisping Lin 172c7de5349SHisping Lin return TeecResult; 173c7de5349SHisping Lin } 174c7de5349SHisping Lin 175c7de5349SHisping Lin static uint32_t trusty_base_read_security_data(char *filename, 176c7de5349SHisping Lin uint32_t filename_size, 177c7de5349SHisping Lin uint8_t *data, 178c7de5349SHisping Lin uint32_t data_size) 179c7de5349SHisping Lin { 180c7de5349SHisping Lin TEEC_Result TeecResult; 181c7de5349SHisping Lin TEEC_Context TeecContext; 182c7de5349SHisping Lin TEEC_Session TeecSession; 183c7de5349SHisping Lin uint32_t ErrorOrigin; 184c7de5349SHisping Lin TEEC_UUID tempuuid = { 0x1b484ea5, 0x698b, 0x4142, 185c7de5349SHisping Lin { 0x82, 0xb8, 0x3a, 0xcf, 0x16, 0xe9, 0x9e, 0x2a } }; 186c7de5349SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 187c7de5349SHisping Lin TEEC_Operation TeecOperation = {0}; 188c7de5349SHisping Lin 189c7de5349SHisping Lin struct blk_desc *dev_desc; 190c7de5349SHisping Lin dev_desc = rockchip_get_bootdev(); 191c7de5349SHisping Lin if (!dev_desc) { 192c7de5349SHisping Lin printf("%s: dev_desc is NULL!\n", __func__); 193c7de5349SHisping Lin return -TEEC_ERROR_GENERIC; 194c7de5349SHisping Lin } 195c7de5349SHisping Lin 196c7de5349SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 197c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 198c7de5349SHisping Lin return TeecResult; 199c7de5349SHisping Lin 200c7de5349SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 201c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 202c7de5349SHisping Lin return TeecResult; 203c7de5349SHisping Lin 204c7de5349SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 205c7de5349SHisping Lin TEEC_NONE, 206c7de5349SHisping Lin TEEC_NONE, 207c7de5349SHisping Lin TEEC_NONE); 208c7de5349SHisping Lin /*0 nand or emmc "security" partition , 1 rpmb*/ 209c7de5349SHisping Lin if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 210c7de5349SHisping Lin TeecOperation.params[0].value.a = 1; 211c7de5349SHisping Lin else 212c7de5349SHisping Lin TeecOperation.params[0].value.a = 0; 213c7de5349SHisping Lin #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 214c7de5349SHisping Lin TeecOperation.params[0].value.a = 0; 215c7de5349SHisping Lin #endif 216c7de5349SHisping Lin 217c7de5349SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 218c7de5349SHisping Lin &TeecSession, 219c7de5349SHisping Lin TeecUuid, 220c7de5349SHisping Lin TEEC_LOGIN_PUBLIC, 221c7de5349SHisping Lin NULL, 222c7de5349SHisping Lin &TeecOperation, 223c7de5349SHisping Lin &ErrorOrigin); 224c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 225c7de5349SHisping Lin return TeecResult; 226c7de5349SHisping Lin 227c7de5349SHisping Lin TEEC_SharedMemory SharedMem0 = {0}; 228c7de5349SHisping Lin 229c7de5349SHisping Lin SharedMem0.size = filename_size; 230c7de5349SHisping Lin SharedMem0.flags = 0; 231c7de5349SHisping Lin 232c7de5349SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 233c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 234c7de5349SHisping Lin goto exit; 235c7de5349SHisping Lin 236c7de5349SHisping Lin memcpy(SharedMem0.buffer, filename, SharedMem0.size); 237c7de5349SHisping Lin 238c7de5349SHisping Lin TEEC_SharedMemory SharedMem1 = {0}; 239c7de5349SHisping Lin 240c7de5349SHisping Lin SharedMem1.size = data_size; 241ae8ec5e1SHisping Lin SharedMem1.flags = 0; 242ae8ec5e1SHisping Lin 243ae8ec5e1SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem1); 244f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 245f4e1db95SHisping Lin goto exit; 246ae8ec5e1SHisping Lin 247ae8ec5e1SHisping Lin TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 248ae8ec5e1SHisping Lin TeecOperation.params[0].tmpref.size = SharedMem0.size; 249ae8ec5e1SHisping Lin 250ae8ec5e1SHisping Lin TeecOperation.params[1].tmpref.buffer = SharedMem1.buffer; 251ae8ec5e1SHisping Lin TeecOperation.params[1].tmpref.size = SharedMem1.size; 252ae8ec5e1SHisping Lin 253ae8ec5e1SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT, 254ae8ec5e1SHisping Lin TEEC_MEMREF_TEMP_INOUT, 255ae8ec5e1SHisping Lin TEEC_NONE, 256ae8ec5e1SHisping Lin TEEC_NONE); 257ae8ec5e1SHisping Lin 258ae8ec5e1SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 259ae8ec5e1SHisping Lin 0, 260ae8ec5e1SHisping Lin &TeecOperation, 261ae8ec5e1SHisping Lin &ErrorOrigin); 26246b2a054SHisping Lin if (TeecResult == TEEC_SUCCESS) 263c7de5349SHisping Lin memcpy(data, SharedMem1.buffer, SharedMem1.size); 264f4e1db95SHisping Lin exit: 265ae8ec5e1SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem0); 266ae8ec5e1SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem1); 267ae8ec5e1SHisping Lin TEEC_CloseSession(&TeecSession); 26846b2a054SHisping Lin TEEC_FinalizeContext(&TeecContext); 269ae8ec5e1SHisping Lin 270ae8ec5e1SHisping Lin return TeecResult; 271ae8ec5e1SHisping Lin } 272ae8ec5e1SHisping Lin 273c7de5349SHisping Lin static uint32_t trusty_base_end_security_data(void) 274c7de5349SHisping Lin { 275c7de5349SHisping Lin TEEC_Result TeecResult; 276c7de5349SHisping Lin TEEC_Context TeecContext; 277c7de5349SHisping Lin TEEC_Session TeecSession; 278c7de5349SHisping Lin uint32_t ErrorOrigin; 279c7de5349SHisping Lin TEEC_UUID tempuuid = { 0x1b484ea5, 0x698b, 0x4142, 280c7de5349SHisping Lin { 0x82, 0xb8, 0x3a, 0xcf, 0x16, 0xe9, 0x9e, 0x2a } }; 281c7de5349SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 282c7de5349SHisping Lin TEEC_Operation TeecOperation = {0}; 283c7de5349SHisping Lin 284c7de5349SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 285c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 286c7de5349SHisping Lin return TeecResult; 287c7de5349SHisping Lin 288c7de5349SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 289c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 290c7de5349SHisping Lin return TeecResult; 291c7de5349SHisping Lin 292c7de5349SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 293c7de5349SHisping Lin &TeecSession, 294c7de5349SHisping Lin TeecUuid, 295c7de5349SHisping Lin TEEC_LOGIN_PUBLIC, 296c7de5349SHisping Lin NULL, 297c7de5349SHisping Lin NULL, 298c7de5349SHisping Lin &ErrorOrigin); 299c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 300c7de5349SHisping Lin return TeecResult; 301c7de5349SHisping Lin 302c7de5349SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_NONE, 303c7de5349SHisping Lin TEEC_NONE, 304c7de5349SHisping Lin TEEC_NONE, 305c7de5349SHisping Lin TEEC_NONE); 306c7de5349SHisping Lin 307c7de5349SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 308c7de5349SHisping Lin 2, 309c7de5349SHisping Lin &TeecOperation, 310c7de5349SHisping Lin &ErrorOrigin); 311c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 312c7de5349SHisping Lin goto exit; 313c7de5349SHisping Lin exit: 314c7de5349SHisping Lin TEEC_CloseSession(&TeecSession); 315c7de5349SHisping Lin TEEC_FinalizeContext(&TeecContext); 316c7de5349SHisping Lin 317c7de5349SHisping Lin return TeecResult; 318c7de5349SHisping Lin } 319c7de5349SHisping Lin 320c7de5349SHisping Lin uint32_t trusty_read_rollback_index(uint32_t slot, uint64_t *value) 321c7de5349SHisping Lin { 322c7de5349SHisping Lin char hs[9]; 323c7de5349SHisping Lin 324c7de5349SHisping Lin b2hs((uint8_t *)&slot, (uint8_t *)hs, 4, 9); 325c7de5349SHisping Lin 326c7de5349SHisping Lin return trusty_base_read_security_data(hs, 8, (uint8_t *)value, 8); 327c7de5349SHisping Lin } 328c7de5349SHisping Lin 329ae8ec5e1SHisping Lin uint32_t trusty_write_rollback_index(uint32_t slot, uint64_t value) 330ae8ec5e1SHisping Lin { 331c7de5349SHisping Lin char hs[9]; 3323251364cSHisping Lin 333c7de5349SHisping Lin b2hs((uint8_t *)&slot, (uint8_t *)hs, 4, 9); 334ae8ec5e1SHisping Lin 335c7de5349SHisping Lin return trusty_base_write_security_data(hs, 8, (uint8_t *)&value, 8); 336ae8ec5e1SHisping Lin } 337ae8ec5e1SHisping Lin 338ae8ec5e1SHisping Lin uint32_t trusty_read_permanent_attributes(uint8_t *attributes, uint32_t size) 339ae8ec5e1SHisping Lin { 340c7de5349SHisping Lin return trusty_base_read_security_data("attributes", 341c7de5349SHisping Lin sizeof("attributes"), attributes, size); 342ae8ec5e1SHisping Lin } 343ae8ec5e1SHisping Lin 344ae8ec5e1SHisping Lin uint32_t trusty_write_permanent_attributes(uint8_t *attributes, uint32_t size) 345ae8ec5e1SHisping Lin { 346c7de5349SHisping Lin return trusty_base_write_security_data("attributes", 347c7de5349SHisping Lin sizeof("attributes"), attributes, size); 3486651d4c0SJason Zhu } 349ae8ec5e1SHisping Lin 350c7de5349SHisping Lin uint32_t trusty_read_permanent_attributes_flag(uint8_t *attributes) 351c7de5349SHisping Lin { 352c7de5349SHisping Lin return trusty_base_read_security_data("attributes_flag", 353c7de5349SHisping Lin sizeof("attributes_flag"), attributes, 1); 354c7de5349SHisping Lin } 355ae8ec5e1SHisping Lin 356c7de5349SHisping Lin uint32_t trusty_write_permanent_attributes_flag(uint8_t attributes) 357c7de5349SHisping Lin { 358c7de5349SHisping Lin return trusty_base_write_security_data("attributes_flag", 359c7de5349SHisping Lin sizeof("attributes_flag"), &attributes, 1); 360ae8ec5e1SHisping Lin } 361ae8ec5e1SHisping Lin 362564654ebSJason Zhu uint32_t trusty_read_permanent_attributes_cer(uint8_t *attributes, 363564654ebSJason Zhu uint32_t size) 364564654ebSJason Zhu { 365c7de5349SHisping Lin return trusty_base_read_security_data("rsacer", 366c7de5349SHisping Lin sizeof("rsacer"), attributes, size); 367564654ebSJason Zhu } 368564654ebSJason Zhu 369564654ebSJason Zhu uint32_t trusty_write_permanent_attributes_cer(uint8_t *attributes, 370564654ebSJason Zhu uint32_t size) 371564654ebSJason Zhu { 372c7de5349SHisping Lin return trusty_base_write_security_data("rsacer", 373c7de5349SHisping Lin sizeof("rsacer"), attributes, size); 374564654ebSJason Zhu } 375564654ebSJason Zhu 376ae8ec5e1SHisping Lin uint32_t trusty_read_lock_state(uint8_t *lock_state) 377ae8ec5e1SHisping Lin { 378c7de5349SHisping Lin return trusty_base_read_security_data("lock_state", 379c7de5349SHisping Lin sizeof("lock_state"), lock_state, 1); 380ae8ec5e1SHisping Lin } 381ae8ec5e1SHisping Lin 382ae8ec5e1SHisping Lin uint32_t trusty_write_lock_state(uint8_t lock_state) 383ae8ec5e1SHisping Lin { 384c7de5349SHisping Lin return trusty_base_write_security_data("lock_state", 385c7de5349SHisping Lin sizeof("lock_state"), &lock_state, 1); 386ae8ec5e1SHisping Lin } 387ae8ec5e1SHisping Lin 388ae8ec5e1SHisping Lin uint32_t trusty_read_flash_lock_state(uint8_t *flash_lock_state) 389ae8ec5e1SHisping Lin { 390c7de5349SHisping Lin return trusty_base_read_security_data("flash_lock_state", 391c7de5349SHisping Lin sizeof("flash_lock_state"), flash_lock_state, 1); 392c7de5349SHisping Lin } 393c7de5349SHisping Lin 394c7de5349SHisping Lin uint32_t trusty_write_flash_lock_state(uint8_t flash_lock_state) 395c7de5349SHisping Lin { 396c7de5349SHisping Lin return trusty_base_write_security_data("flash_lock_state", 397c7de5349SHisping Lin sizeof("flash_lock_state"), &flash_lock_state, 1); 398c7de5349SHisping Lin } 399c7de5349SHisping Lin 400c7de5349SHisping Lin static uint32_t trusty_base_end_efuse_or_otp(void) 401c7de5349SHisping Lin { 402ae8ec5e1SHisping Lin TEEC_Result TeecResult; 403ae8ec5e1SHisping Lin TEEC_Context TeecContext; 404ae8ec5e1SHisping Lin TEEC_Session TeecSession; 405ae8ec5e1SHisping Lin uint32_t ErrorOrigin; 406c7de5349SHisping Lin TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 407c7de5349SHisping Lin { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 408c7de5349SHisping Lin 409ae8ec5e1SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 410ae8ec5e1SHisping Lin TEEC_Operation TeecOperation = {0}; 411ae8ec5e1SHisping Lin 412f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 413f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 414f4e1db95SHisping Lin return TeecResult; 415ae8ec5e1SHisping Lin 416ae8ec5e1SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 417f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 418f4e1db95SHisping Lin return TeecResult; 419ae8ec5e1SHisping Lin 420ae8ec5e1SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 421ae8ec5e1SHisping Lin &TeecSession, 422ae8ec5e1SHisping Lin TeecUuid, 423ae8ec5e1SHisping Lin TEEC_LOGIN_PUBLIC, 424ae8ec5e1SHisping Lin NULL, 425c7de5349SHisping Lin NULL, 426ae8ec5e1SHisping Lin &ErrorOrigin); 427f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 428f4e1db95SHisping Lin return TeecResult; 429ae8ec5e1SHisping Lin 430c7de5349SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_NONE, 431c7de5349SHisping Lin TEEC_NONE, 432ae8ec5e1SHisping Lin TEEC_NONE, 433ae8ec5e1SHisping Lin TEEC_NONE); 434ae8ec5e1SHisping Lin 435ae8ec5e1SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 436c7de5349SHisping Lin STORAGE_CMD_UBOOT_END_OTP, 437ae8ec5e1SHisping Lin &TeecOperation, 438ae8ec5e1SHisping Lin &ErrorOrigin); 439c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 440c7de5349SHisping Lin goto exit; 441f4e1db95SHisping Lin exit: 442ae8ec5e1SHisping Lin TEEC_CloseSession(&TeecSession); 44346b2a054SHisping Lin TEEC_FinalizeContext(&TeecContext); 444ae8ec5e1SHisping Lin 445ae8ec5e1SHisping Lin return TeecResult; 446ae8ec5e1SHisping Lin } 447ae8ec5e1SHisping Lin 448c7de5349SHisping Lin static uint32_t trusty_base_efuse_or_otp_operation(uint32_t cmd, 449c7de5349SHisping Lin uint8_t is_write, 450c7de5349SHisping Lin uint32_t *buf, 451c7de5349SHisping Lin uint32_t length) 452ae8ec5e1SHisping Lin { 453ae8ec5e1SHisping Lin TEEC_Result TeecResult; 454ae8ec5e1SHisping Lin TEEC_Context TeecContext; 455ae8ec5e1SHisping Lin TEEC_Session TeecSession; 456ae8ec5e1SHisping Lin uint32_t ErrorOrigin; 457c7de5349SHisping Lin 458c7de5349SHisping Lin TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 459c7de5349SHisping Lin { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 460ae8ec5e1SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 461ae8ec5e1SHisping Lin TEEC_Operation TeecOperation = {0}; 462ae8ec5e1SHisping Lin 463f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 464f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 465f4e1db95SHisping Lin return TeecResult; 466ae8ec5e1SHisping Lin 467ae8ec5e1SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 468f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 469f4e1db95SHisping Lin return TeecResult; 470ae8ec5e1SHisping Lin 471ae8ec5e1SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 472ae8ec5e1SHisping Lin &TeecSession, 473ae8ec5e1SHisping Lin TeecUuid, 474ae8ec5e1SHisping Lin TEEC_LOGIN_PUBLIC, 475ae8ec5e1SHisping Lin NULL, 476c7de5349SHisping Lin NULL, 477ae8ec5e1SHisping Lin &ErrorOrigin); 478f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 479f4e1db95SHisping Lin return TeecResult; 480ae8ec5e1SHisping Lin 481ae8ec5e1SHisping Lin TEEC_SharedMemory SharedMem0 = {0}; 482ae8ec5e1SHisping Lin 483c7de5349SHisping Lin SharedMem0.size = length * sizeof(uint32_t); 484ae8ec5e1SHisping Lin SharedMem0.flags = 0; 485ae8ec5e1SHisping Lin 486ae8ec5e1SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 487f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 488f4e1db95SHisping Lin goto exit; 489ae8ec5e1SHisping Lin 490ae8ec5e1SHisping Lin TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 491ae8ec5e1SHisping Lin TeecOperation.params[0].tmpref.size = SharedMem0.size; 492ae8ec5e1SHisping Lin 493c7de5349SHisping Lin if (is_write) { 494c7de5349SHisping Lin memcpy(SharedMem0.buffer, buf, SharedMem0.size); 495ae8ec5e1SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT, 496c7de5349SHisping Lin TEEC_NONE, 497ae8ec5e1SHisping Lin TEEC_NONE, 498ae8ec5e1SHisping Lin TEEC_NONE); 499ae8ec5e1SHisping Lin 500c7de5349SHisping Lin } else { 501c7de5349SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_OUTPUT, 502c7de5349SHisping Lin TEEC_NONE, 503c7de5349SHisping Lin TEEC_NONE, 504c7de5349SHisping Lin TEEC_NONE); 505c7de5349SHisping Lin } 506c7de5349SHisping Lin 507ae8ec5e1SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 508c7de5349SHisping Lin cmd, 509ae8ec5e1SHisping Lin &TeecOperation, 510ae8ec5e1SHisping Lin &ErrorOrigin); 511f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 512f4e1db95SHisping Lin goto exit; 513c7de5349SHisping Lin 514c7de5349SHisping Lin if (!is_write) 515c7de5349SHisping Lin memcpy(buf, SharedMem0.buffer, SharedMem0.size); 516c7de5349SHisping Lin 517f4e1db95SHisping Lin exit: 518ae8ec5e1SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem0); 519ae8ec5e1SHisping Lin TEEC_CloseSession(&TeecSession); 52046b2a054SHisping Lin TEEC_FinalizeContext(&TeecContext); 521ae8ec5e1SHisping Lin 522ae8ec5e1SHisping Lin return TeecResult; 523ae8ec5e1SHisping Lin } 524ae8ec5e1SHisping Lin 5256ef445a4SHisping Lin uint32_t trusty_read_attribute_hash(uint32_t *buf, uint32_t length) 5266ef445a4SHisping Lin { 527c7de5349SHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_READ_ATTRIBUTE_HASH, 528c7de5349SHisping Lin false, buf, length); 5296ef445a4SHisping Lin } 5306ef445a4SHisping Lin 5316ef445a4SHisping Lin uint32_t trusty_write_attribute_hash(uint32_t *buf, uint32_t length) 5326ef445a4SHisping Lin { 533c7de5349SHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_ATTRIBUTE_HASH, 534c7de5349SHisping Lin true, buf, length); 53516539616SHisping Lin } 53616539616SHisping Lin 53716539616SHisping Lin uint32_t trusty_notify_optee_uboot_end(void) 53816539616SHisping Lin { 53916539616SHisping Lin TEEC_Result res; 540c7de5349SHisping Lin 541c7de5349SHisping Lin res = trusty_base_end_security_data(); 542c7de5349SHisping Lin res |= trusty_base_end_efuse_or_otp(); 54316539616SHisping Lin return res; 54416539616SHisping Lin } 5452cd27853SHisping Lin 5462cd27853SHisping Lin uint32_t trusty_read_vbootkey_hash(uint32_t *buf, uint32_t length) 5472cd27853SHisping Lin { 548c7de5349SHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_READ_VBOOTKEY_HASH, 549c7de5349SHisping Lin false, buf, length); 5502cd27853SHisping Lin } 551c7de5349SHisping Lin 5522cd27853SHisping Lin uint32_t trusty_write_vbootkey_hash(uint32_t *buf, uint32_t length) 5532cd27853SHisping Lin { 554c7de5349SHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_VBOOTKEY_HASH, 555c7de5349SHisping Lin true, buf, length); 5562cd27853SHisping Lin } 557095e2a82SHisping Lin 558468df3b2SHisping Lin uint32_t trusty_read_vbootkey_enable_flag(uint8_t *flag) 559468df3b2SHisping Lin { 560468df3b2SHisping Lin uint32_t bootflag; 561c7de5349SHisping Lin TEEC_Result TeecResult; 562468df3b2SHisping Lin 563f07e1686SHisping Lin *flag = 0; 564f07e1686SHisping Lin 565c7de5349SHisping Lin TeecResult = trusty_base_efuse_or_otp_operation(STORAGE_CMD_READ_ENABLE_FLAG, 566c7de5349SHisping Lin false, &bootflag, 1); 567468df3b2SHisping Lin 568468df3b2SHisping Lin if (TeecResult == TEEC_SUCCESS) { 5690202ee8aSHisping Lin #if defined(CONFIG_ROCKCHIP_RK3288) 5700202ee8aSHisping Lin if (bootflag == 0x00000001) 5710202ee8aSHisping Lin *flag = 1; 5720202ee8aSHisping Lin #else 573468df3b2SHisping Lin if (bootflag == 0x000000FF) 574468df3b2SHisping Lin *flag = 1; 5750202ee8aSHisping Lin #endif 576468df3b2SHisping Lin } 577095e2a82SHisping Lin return TeecResult; 578095e2a82SHisping Lin } 5794aa61755SAndy Ye 5801ef63c75SHisping Lin uint32_t trusty_write_ta_encryption_key(uint32_t *buf, uint32_t length) 5811ef63c75SHisping Lin { 5821ef63c75SHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_TA_ENCRYPTION_KEY, 5831ef63c75SHisping Lin true, buf, length); 5841ef63c75SHisping Lin } 5851ef63c75SHisping Lin 586fbf29bfbSHisping Lin uint32_t trusty_check_security_level_flag(uint8_t flag) 587fbf29bfbSHisping Lin { 588fbf29bfbSHisping Lin uint32_t levelflag; 589fbf29bfbSHisping Lin 590fbf29bfbSHisping Lin levelflag = flag; 591fbf29bfbSHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_CHECK_SECURITY_LEVEL_FLAG, 592fbf29bfbSHisping Lin true, &levelflag, 1); 593fbf29bfbSHisping Lin } 594fbf29bfbSHisping Lin 595f39d4289SHisping Lin uint32_t trusty_write_oem_huk(uint32_t *buf, uint32_t length) 596f39d4289SHisping Lin { 597f39d4289SHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_OEM_HUK, 598f39d4289SHisping Lin true, buf, length); 599f39d4289SHisping Lin } 600f39d4289SHisping Lin 6017504da74SHisping Lin void trusty_select_security_level(void) 6027504da74SHisping Lin { 6037504da74SHisping Lin #if (CONFIG_OPTEE_SECURITY_LEVEL > 0) 6047504da74SHisping Lin TEEC_Result TeecResult; 6057504da74SHisping Lin 6067504da74SHisping Lin TeecResult = trusty_check_security_level_flag(CONFIG_OPTEE_SECURITY_LEVEL); 6077504da74SHisping Lin if (TeecResult == TEE_ERROR_CANCEL) { 6087504da74SHisping Lin run_command("download", 0); 6097504da74SHisping Lin return; 6107504da74SHisping Lin } 6117504da74SHisping Lin 6127504da74SHisping Lin if (TeecResult == TEEC_SUCCESS) 6137504da74SHisping Lin debug("optee select security level success!"); 6147504da74SHisping Lin else 6157504da74SHisping Lin panic("optee select security level fail!"); 6167504da74SHisping Lin 6177504da74SHisping Lin return; 6187504da74SHisping Lin #endif 6197504da74SHisping Lin } 6207504da74SHisping Lin 621d5913350SHisping Lin uint32_t trusty_write_oem_ns_otp(uint32_t byte_off, uint8_t *byte_buf, uint32_t byte_len) 622d5913350SHisping Lin { 623d5913350SHisping Lin TEEC_Result TeecResult; 624d5913350SHisping Lin TEEC_Context TeecContext; 625d5913350SHisping Lin TEEC_Session TeecSession; 626d5913350SHisping Lin uint32_t ErrorOrigin; 627d5913350SHisping Lin 628d5913350SHisping Lin TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 629d5913350SHisping Lin { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 630d5913350SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 631d5913350SHisping Lin TEEC_Operation TeecOperation = {0}; 632d5913350SHisping Lin 633d5913350SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 634d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 635d5913350SHisping Lin return TeecResult; 636d5913350SHisping Lin 637d5913350SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 638d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 639d5913350SHisping Lin return TeecResult; 640d5913350SHisping Lin 641d5913350SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 642d5913350SHisping Lin &TeecSession, 643d5913350SHisping Lin TeecUuid, 644d5913350SHisping Lin TEEC_LOGIN_PUBLIC, 645d5913350SHisping Lin NULL, 646d5913350SHisping Lin NULL, 647d5913350SHisping Lin &ErrorOrigin); 648d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 649d5913350SHisping Lin return TeecResult; 650d5913350SHisping Lin 651d5913350SHisping Lin TeecOperation.params[0].value.a = byte_off; 652d5913350SHisping Lin 653d5913350SHisping Lin TEEC_SharedMemory SharedMem = {0}; 654d5913350SHisping Lin 655d5913350SHisping Lin SharedMem.size = byte_len; 656d5913350SHisping Lin SharedMem.flags = 0; 657d5913350SHisping Lin 658d5913350SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem); 659d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 660d5913350SHisping Lin goto exit; 661d5913350SHisping Lin 662d5913350SHisping Lin TeecOperation.params[1].tmpref.buffer = SharedMem.buffer; 663d5913350SHisping Lin TeecOperation.params[1].tmpref.size = SharedMem.size; 664d5913350SHisping Lin 665d5913350SHisping Lin memcpy(SharedMem.buffer, byte_buf, SharedMem.size); 666d5913350SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 667d5913350SHisping Lin TEEC_MEMREF_TEMP_INPUT, 668d5913350SHisping Lin TEEC_NONE, 669d5913350SHisping Lin TEEC_NONE); 670d5913350SHisping Lin 671d5913350SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 672d5913350SHisping Lin STORAGE_CMD_WRITE_OEM_NS_OTP, 673d5913350SHisping Lin &TeecOperation, 674d5913350SHisping Lin &ErrorOrigin); 675d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 676d5913350SHisping Lin goto exit; 677d5913350SHisping Lin 678d5913350SHisping Lin exit: 679d5913350SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem); 680d5913350SHisping Lin TEEC_CloseSession(&TeecSession); 681d5913350SHisping Lin TEEC_FinalizeContext(&TeecContext); 682d5913350SHisping Lin 683d5913350SHisping Lin return TeecResult; 684d5913350SHisping Lin } 685d5913350SHisping Lin 686d5913350SHisping Lin uint32_t trusty_read_oem_ns_otp(uint32_t byte_off, uint8_t *byte_buf, uint32_t byte_len) 687d5913350SHisping Lin { 688d5913350SHisping Lin TEEC_Result TeecResult; 689d5913350SHisping Lin TEEC_Context TeecContext; 690d5913350SHisping Lin TEEC_Session TeecSession; 691d5913350SHisping Lin uint32_t ErrorOrigin; 692d5913350SHisping Lin 693d5913350SHisping Lin TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 694d5913350SHisping Lin { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 695d5913350SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 696d5913350SHisping Lin TEEC_Operation TeecOperation = {0}; 697d5913350SHisping Lin 698d5913350SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 699d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 700d5913350SHisping Lin return TeecResult; 701d5913350SHisping Lin 702d5913350SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 703d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 704d5913350SHisping Lin return TeecResult; 705d5913350SHisping Lin 706d5913350SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 707d5913350SHisping Lin &TeecSession, 708d5913350SHisping Lin TeecUuid, 709d5913350SHisping Lin TEEC_LOGIN_PUBLIC, 710d5913350SHisping Lin NULL, 711d5913350SHisping Lin NULL, 712d5913350SHisping Lin &ErrorOrigin); 713d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 714d5913350SHisping Lin return TeecResult; 715d5913350SHisping Lin 716d5913350SHisping Lin TeecOperation.params[0].value.a = byte_off; 717d5913350SHisping Lin 718d5913350SHisping Lin TEEC_SharedMemory SharedMem = {0}; 719d5913350SHisping Lin 720d5913350SHisping Lin SharedMem.size = byte_len; 721d5913350SHisping Lin SharedMem.flags = 0; 722d5913350SHisping Lin 723d5913350SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem); 724d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 725d5913350SHisping Lin goto exit; 726d5913350SHisping Lin 727d5913350SHisping Lin TeecOperation.params[1].tmpref.buffer = SharedMem.buffer; 728d5913350SHisping Lin TeecOperation.params[1].tmpref.size = SharedMem.size; 729d5913350SHisping Lin 730d5913350SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 731d5913350SHisping Lin TEEC_MEMREF_TEMP_OUTPUT, 732d5913350SHisping Lin TEEC_NONE, 733d5913350SHisping Lin TEEC_NONE); 734d5913350SHisping Lin 735d5913350SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 736d5913350SHisping Lin STORAGE_CMD_READ_OEM_NS_OTP, 737d5913350SHisping Lin &TeecOperation, 738d5913350SHisping Lin &ErrorOrigin); 739d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 740d5913350SHisping Lin goto exit; 741d5913350SHisping Lin 742d5913350SHisping Lin memcpy(byte_buf, SharedMem.buffer, SharedMem.size); 743d5913350SHisping Lin 744d5913350SHisping Lin exit: 745d5913350SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem); 746d5913350SHisping Lin TEEC_CloseSession(&TeecSession); 747d5913350SHisping Lin TEEC_FinalizeContext(&TeecContext); 748d5913350SHisping Lin 749d5913350SHisping Lin return TeecResult; 750d5913350SHisping Lin } 751d5913350SHisping Lin 75290e849a0Sxb.wang uint32_t trusty_write_oem_otp_key(enum RK_OEM_OTP_KEYID key_id, 753bb1ba6acSHisping Lin uint8_t *byte_buf, uint32_t byte_len) 754bb1ba6acSHisping Lin { 755bb1ba6acSHisping Lin TEEC_Result TeecResult; 756bb1ba6acSHisping Lin TEEC_Context TeecContext; 757bb1ba6acSHisping Lin TEEC_Session TeecSession; 758bb1ba6acSHisping Lin uint32_t ErrorOrigin; 759bb1ba6acSHisping Lin 760bb1ba6acSHisping Lin TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 761bb1ba6acSHisping Lin { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 762bb1ba6acSHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 763bb1ba6acSHisping Lin TEEC_Operation TeecOperation = {0}; 764bb1ba6acSHisping Lin 765bb1ba6acSHisping Lin TeecResult = OpteeClientApiLibInitialize(); 766bb1ba6acSHisping Lin if (TeecResult != TEEC_SUCCESS) 767bb1ba6acSHisping Lin return TeecResult; 768bb1ba6acSHisping Lin 769bb1ba6acSHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 770bb1ba6acSHisping Lin if (TeecResult != TEEC_SUCCESS) 771bb1ba6acSHisping Lin return TeecResult; 772bb1ba6acSHisping Lin 773bb1ba6acSHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 774bb1ba6acSHisping Lin &TeecSession, 775bb1ba6acSHisping Lin TeecUuid, 776bb1ba6acSHisping Lin TEEC_LOGIN_PUBLIC, 777bb1ba6acSHisping Lin NULL, 778bb1ba6acSHisping Lin NULL, 779bb1ba6acSHisping Lin &ErrorOrigin); 780bb1ba6acSHisping Lin if (TeecResult != TEEC_SUCCESS) 781bb1ba6acSHisping Lin return TeecResult; 782bb1ba6acSHisping Lin 783bb1ba6acSHisping Lin TeecOperation.params[0].value.a = key_id; 784bb1ba6acSHisping Lin 785bb1ba6acSHisping Lin TEEC_SharedMemory SharedMem = {0}; 786bb1ba6acSHisping Lin 787bb1ba6acSHisping Lin SharedMem.size = byte_len; 788bb1ba6acSHisping Lin SharedMem.flags = 0; 789bb1ba6acSHisping Lin 790bb1ba6acSHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem); 791bb1ba6acSHisping Lin if (TeecResult != TEEC_SUCCESS) 792bb1ba6acSHisping Lin goto exit; 793bb1ba6acSHisping Lin 794bb1ba6acSHisping Lin TeecOperation.params[1].tmpref.buffer = SharedMem.buffer; 795bb1ba6acSHisping Lin TeecOperation.params[1].tmpref.size = SharedMem.size; 796bb1ba6acSHisping Lin 797bb1ba6acSHisping Lin memcpy(SharedMem.buffer, byte_buf, SharedMem.size); 798bb1ba6acSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 799bb1ba6acSHisping Lin TEEC_MEMREF_TEMP_INPUT, 800bb1ba6acSHisping Lin TEEC_NONE, 801bb1ba6acSHisping Lin TEEC_NONE); 802bb1ba6acSHisping Lin 803bb1ba6acSHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 80490e849a0Sxb.wang STORAGE_CMD_WRITE_OEM_OTP_KEY, 805bb1ba6acSHisping Lin &TeecOperation, 806bb1ba6acSHisping Lin &ErrorOrigin); 807bb1ba6acSHisping Lin if (TeecResult != TEEC_SUCCESS) 808bb1ba6acSHisping Lin goto exit; 809bb1ba6acSHisping Lin 810bb1ba6acSHisping Lin exit: 811bb1ba6acSHisping Lin TEEC_ReleaseSharedMemory(&SharedMem); 812bb1ba6acSHisping Lin TEEC_CloseSession(&TeecSession); 813bb1ba6acSHisping Lin TEEC_FinalizeContext(&TeecContext); 814bb1ba6acSHisping Lin 815bb1ba6acSHisping Lin return TeecResult; 816bb1ba6acSHisping Lin } 817bb1ba6acSHisping Lin 81890e849a0Sxb.wang uint32_t trusty_set_oem_hr_otp_read_lock(enum RK_OEM_OTP_KEYID key_id) 819a405238aSHisping Lin { 820a405238aSHisping Lin TEEC_Result TeecResult; 821a405238aSHisping Lin TEEC_Context TeecContext; 822a405238aSHisping Lin TEEC_Session TeecSession; 823a405238aSHisping Lin uint32_t ErrorOrigin; 824a405238aSHisping Lin 825a405238aSHisping Lin TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 826a405238aSHisping Lin { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 827a405238aSHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 828a405238aSHisping Lin TEEC_Operation TeecOperation = {0}; 829a405238aSHisping Lin 830a405238aSHisping Lin TeecResult = OpteeClientApiLibInitialize(); 831a405238aSHisping Lin if (TeecResult != TEEC_SUCCESS) 832a405238aSHisping Lin return TeecResult; 833a405238aSHisping Lin 834a405238aSHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 835a405238aSHisping Lin if (TeecResult != TEEC_SUCCESS) 836a405238aSHisping Lin return TeecResult; 837a405238aSHisping Lin 838a405238aSHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 839a405238aSHisping Lin &TeecSession, 840a405238aSHisping Lin TeecUuid, 841a405238aSHisping Lin TEEC_LOGIN_PUBLIC, 842a405238aSHisping Lin NULL, 843a405238aSHisping Lin NULL, 844a405238aSHisping Lin &ErrorOrigin); 845a405238aSHisping Lin if (TeecResult != TEEC_SUCCESS) 846a405238aSHisping Lin return TeecResult; 847a405238aSHisping Lin 848a405238aSHisping Lin TeecOperation.params[0].value.a = key_id; 849a405238aSHisping Lin 850a405238aSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 851a405238aSHisping Lin TEEC_NONE, 852a405238aSHisping Lin TEEC_NONE, 853a405238aSHisping Lin TEEC_NONE); 854a405238aSHisping Lin 855a405238aSHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 856a405238aSHisping Lin STORAGE_CMD_SET_OEM_HR_OTP_READ_LOCK, 857a405238aSHisping Lin &TeecOperation, 858a405238aSHisping Lin &ErrorOrigin); 859a405238aSHisping Lin if (TeecResult != TEEC_SUCCESS) 860a405238aSHisping Lin goto exit; 861a405238aSHisping Lin 862a405238aSHisping Lin exit: 863a405238aSHisping Lin TEEC_CloseSession(&TeecSession); 864a405238aSHisping Lin TEEC_FinalizeContext(&TeecContext); 865a405238aSHisping Lin 866a405238aSHisping Lin return TeecResult; 867a405238aSHisping Lin } 868a405238aSHisping Lin 869*2f8c34bdSxb.wang uint32_t trusty_oem_otp_key_cipher(enum RK_OEM_OTP_KEYID key_id, rk_cipher_config *config, 870*2f8c34bdSxb.wang uint32_t src_phys_addr, uint32_t dst_phys_addr, 871*2f8c34bdSxb.wang uint32_t len) 872fc3694d6Sxb.wang { 873fc3694d6Sxb.wang TEEC_Result TeecResult; 874fc3694d6Sxb.wang TEEC_Context TeecContext; 875fc3694d6Sxb.wang TEEC_Session TeecSession; 876fc3694d6Sxb.wang TEEC_Operation TeecOperation = {0}; 877fc3694d6Sxb.wang uint32_t ErrorOrigin; 878fc3694d6Sxb.wang TEEC_UUID uuid = RK_CRYPTO_SERVICE_UUID; 879fc3694d6Sxb.wang TEEC_SharedMemory SharedMem_config = {0}; 880fc3694d6Sxb.wang 881*2f8c34bdSxb.wang if (key_id != RK_OEM_OTP_KEY0 && 882*2f8c34bdSxb.wang key_id != RK_OEM_OTP_KEY1 && 883*2f8c34bdSxb.wang key_id != RK_OEM_OTP_KEY2 && 884*2f8c34bdSxb.wang key_id != RK_OEM_OTP_KEY3 && 885*2f8c34bdSxb.wang key_id != RK_OEM_OTP_KEY_FW) 886fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 887fc3694d6Sxb.wang 888*2f8c34bdSxb.wang if (!config) 889fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 890fc3694d6Sxb.wang 891fc3694d6Sxb.wang if (config->algo != RK_ALGO_AES && config->algo != RK_ALGO_SM4) 892fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 893fc3694d6Sxb.wang 894fc3694d6Sxb.wang if (config->mode >= RK_CIPHER_MODE_XTS) 895fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 896fc3694d6Sxb.wang 897fc3694d6Sxb.wang if (config->operation != RK_MODE_ENCRYPT && 898fc3694d6Sxb.wang config->operation != RK_MODE_DECRYPT) 899fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 900fc3694d6Sxb.wang 901fc3694d6Sxb.wang if (config->key_len != 16 && 902fc3694d6Sxb.wang config->key_len != 24 && 903fc3694d6Sxb.wang config->key_len != 32) 904fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 905fc3694d6Sxb.wang 906*2f8c34bdSxb.wang if (key_id == RK_OEM_OTP_KEY_FW && config->key_len != 16) 907*2f8c34bdSxb.wang return TEEC_ERROR_BAD_PARAMETERS; 908*2f8c34bdSxb.wang 909*2f8c34bdSxb.wang #if defined(CONFIG_ROCKCHIP_RV1126) 910*2f8c34bdSxb.wang if (config->key_len == 24) 911*2f8c34bdSxb.wang return TEEC_ERROR_BAD_PARAMETERS; 912*2f8c34bdSxb.wang #endif 913*2f8c34bdSxb.wang 914fc3694d6Sxb.wang if (len % AES_BLOCK_SIZE || 915fc3694d6Sxb.wang len == 0) 916fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 917fc3694d6Sxb.wang 918*2f8c34bdSxb.wang if (!src_phys_addr || !dst_phys_addr) 919*2f8c34bdSxb.wang return TEEC_ERROR_BAD_PARAMETERS; 920*2f8c34bdSxb.wang 921fc3694d6Sxb.wang TeecResult = OpteeClientApiLibInitialize(); 922fc3694d6Sxb.wang if (TeecResult != TEEC_SUCCESS) 923fc3694d6Sxb.wang return TeecResult; 924fc3694d6Sxb.wang 925fc3694d6Sxb.wang TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 926fc3694d6Sxb.wang if (TeecResult != TEEC_SUCCESS) 927fc3694d6Sxb.wang return TeecResult; 928fc3694d6Sxb.wang 929fc3694d6Sxb.wang TeecResult = TEEC_OpenSession(&TeecContext, 930fc3694d6Sxb.wang &TeecSession, 931fc3694d6Sxb.wang &uuid, 932fc3694d6Sxb.wang TEEC_LOGIN_PUBLIC, 933fc3694d6Sxb.wang NULL, 934fc3694d6Sxb.wang NULL, 935fc3694d6Sxb.wang &ErrorOrigin); 936fc3694d6Sxb.wang if (TeecResult != TEEC_SUCCESS) 937fc3694d6Sxb.wang goto exit; 938fc3694d6Sxb.wang 939fc3694d6Sxb.wang SharedMem_config.size = sizeof(rk_cipher_config); 940fc3694d6Sxb.wang TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem_config); 941fc3694d6Sxb.wang if (TeecResult != TEEC_SUCCESS) 942fc3694d6Sxb.wang goto exit; 943fc3694d6Sxb.wang 944fc3694d6Sxb.wang memcpy(SharedMem_config.buffer, config, sizeof(rk_cipher_config)); 945fc3694d6Sxb.wang TeecOperation.params[0].value.a = key_id; 946fc3694d6Sxb.wang TeecOperation.params[1].tmpref.buffer = SharedMem_config.buffer; 947fc3694d6Sxb.wang TeecOperation.params[1].tmpref.size = SharedMem_config.size; 948*2f8c34bdSxb.wang TeecOperation.params[2].value.a = src_phys_addr; 949*2f8c34bdSxb.wang TeecOperation.params[2].value.b = len; 950*2f8c34bdSxb.wang TeecOperation.params[3].value.a = dst_phys_addr; 951fc3694d6Sxb.wang TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 952fc3694d6Sxb.wang TEEC_MEMREF_TEMP_INPUT, 953*2f8c34bdSxb.wang TEEC_VALUE_INPUT, 954*2f8c34bdSxb.wang TEEC_VALUE_INPUT); 955*2f8c34bdSxb.wang 956*2f8c34bdSxb.wang crypto_flush_cacheline(src_phys_addr, len); 957*2f8c34bdSxb.wang crypto_flush_cacheline(dst_phys_addr, len); 958*2f8c34bdSxb.wang 959fc3694d6Sxb.wang TeecResult = TEEC_InvokeCommand(&TeecSession, 960*2f8c34bdSxb.wang CRYPTO_SERVICE_CMD_OEM_OTP_KEY_PHYS_CIPHER, 961fc3694d6Sxb.wang &TeecOperation, 962fc3694d6Sxb.wang &ErrorOrigin); 963fc3694d6Sxb.wang 964fc3694d6Sxb.wang exit: 965fc3694d6Sxb.wang TEEC_ReleaseSharedMemory(&SharedMem_config); 966fc3694d6Sxb.wang TEEC_CloseSession(&TeecSession); 967fc3694d6Sxb.wang TEEC_FinalizeContext(&TeecContext); 968fc3694d6Sxb.wang return TeecResult; 969fc3694d6Sxb.wang } 970fc3694d6Sxb.wang 9714aa61755SAndy Ye uint32_t trusty_attest_dh(uint8_t *dh, uint32_t *dh_size) 9724aa61755SAndy Ye { 9734aa61755SAndy Ye TEEC_Result TeecResult; 9744aa61755SAndy Ye TEEC_Context TeecContext; 9754aa61755SAndy Ye TEEC_Session TeecSession; 9764aa61755SAndy Ye uint32_t ErrorOrigin; 9774aa61755SAndy Ye TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 9784aa61755SAndy Ye { 0xa8, 0x69, 0x9c, 0xe6, 9794aa61755SAndy Ye 0x88, 0x6c, 0x5d, 0x5d 9804aa61755SAndy Ye } 9814aa61755SAndy Ye }; 9824aa61755SAndy Ye TEEC_UUID *TeecUuid = &tempuuid; 9834aa61755SAndy Ye TEEC_Operation TeecOperation = {0}; 9843251364cSHisping Lin struct blk_desc *dev_desc; 9853251364cSHisping Lin dev_desc = rockchip_get_bootdev(); 9866651d4c0SJason Zhu if (!dev_desc) { 9876651d4c0SJason Zhu printf("%s: dev_desc is NULL!\n", __func__); 9886651d4c0SJason Zhu return -TEEC_ERROR_GENERIC; 9896651d4c0SJason Zhu } 9904aa61755SAndy Ye 991f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 992f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 993f4e1db95SHisping Lin return TeecResult; 9944aa61755SAndy Ye 9954aa61755SAndy Ye TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 996f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 997f4e1db95SHisping Lin return TeecResult; 9984aa61755SAndy Ye 9993251364cSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 10003251364cSHisping Lin TEEC_NONE, 10013251364cSHisping Lin TEEC_NONE, 10023251364cSHisping Lin TEEC_NONE); 10033251364cSHisping Lin /*0 nand or emmc "security" partition , 1 rpmb*/ 1004b9a7e756SHisping Lin if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 1005b9a7e756SHisping Lin TeecOperation.params[0].value.a = 1; 1006b9a7e756SHisping Lin else 1007b9a7e756SHisping Lin TeecOperation.params[0].value.a = 0; 1008b9a7e756SHisping Lin 10093251364cSHisping Lin #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 10103251364cSHisping Lin TeecOperation.params[0].value.a = 0; 10113251364cSHisping Lin #endif 10123251364cSHisping Lin 10134aa61755SAndy Ye TeecResult = TEEC_OpenSession(&TeecContext, 10144aa61755SAndy Ye &TeecSession, 10154aa61755SAndy Ye TeecUuid, 10164aa61755SAndy Ye TEEC_LOGIN_PUBLIC, 10174aa61755SAndy Ye NULL, 10183251364cSHisping Lin &TeecOperation, 10194aa61755SAndy Ye &ErrorOrigin); 1020f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1021f4e1db95SHisping Lin return TeecResult; 10224aa61755SAndy Ye 10234aa61755SAndy Ye TEEC_SharedMemory SharedMem0 = {0}; 10244aa61755SAndy Ye 10254aa61755SAndy Ye SharedMem0.size = *dh_size; 10264aa61755SAndy Ye SharedMem0.flags = 0; 10274aa61755SAndy Ye 10284aa61755SAndy Ye TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1029f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1030f4e1db95SHisping Lin goto exit; 10314aa61755SAndy Ye 10324aa61755SAndy Ye TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 10334aa61755SAndy Ye TeecOperation.params[0].tmpref.size = SharedMem0.size; 10344aa61755SAndy Ye 10354aa61755SAndy Ye TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 10364aa61755SAndy Ye TEEC_NONE, 10374aa61755SAndy Ye TEEC_NONE, 10384aa61755SAndy Ye TEEC_NONE); 10394aa61755SAndy Ye 10404aa61755SAndy Ye TeecResult = TEEC_InvokeCommand(&TeecSession, 10414aa61755SAndy Ye 143, 10424aa61755SAndy Ye &TeecOperation, 10434aa61755SAndy Ye &ErrorOrigin); 1044f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1045f4e1db95SHisping Lin goto exit; 10464aa61755SAndy Ye 10474aa61755SAndy Ye *dh_size = TeecOperation.params[0].tmpref.size; 10484aa61755SAndy Ye memcpy(dh, SharedMem0.buffer, SharedMem0.size); 1049f4e1db95SHisping Lin exit: 10504aa61755SAndy Ye TEEC_ReleaseSharedMemory(&SharedMem0); 10514aa61755SAndy Ye TEEC_CloseSession(&TeecSession); 1052f4e1db95SHisping Lin TEEC_FinalizeContext(&TeecContext); 10534aa61755SAndy Ye 10544aa61755SAndy Ye return TeecResult; 10554aa61755SAndy Ye } 10564aa61755SAndy Ye 10574aa61755SAndy Ye uint32_t trusty_attest_uuid(uint8_t *uuid, uint32_t *uuid_size) 10584aa61755SAndy Ye { 10594aa61755SAndy Ye TEEC_Result TeecResult; 10604aa61755SAndy Ye TEEC_Context TeecContext; 10614aa61755SAndy Ye TEEC_Session TeecSession; 10624aa61755SAndy Ye uint32_t ErrorOrigin; 10634aa61755SAndy Ye TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 10644aa61755SAndy Ye { 0xa8, 0x69, 0x9c, 0xe6, 10654aa61755SAndy Ye 0x88, 0x6c, 0x5d, 0x5d 10664aa61755SAndy Ye } 10674aa61755SAndy Ye }; 10684aa61755SAndy Ye TEEC_UUID *TeecUuid = &tempuuid; 10694aa61755SAndy Ye TEEC_Operation TeecOperation = {0}; 10703251364cSHisping Lin struct blk_desc *dev_desc; 10713251364cSHisping Lin dev_desc = rockchip_get_bootdev(); 10726651d4c0SJason Zhu if (!dev_desc) { 10736651d4c0SJason Zhu printf("%s: dev_desc is NULL!\n", __func__); 10746651d4c0SJason Zhu return -TEEC_ERROR_GENERIC; 10756651d4c0SJason Zhu } 10764aa61755SAndy Ye 1077f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 1078f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1079f4e1db95SHisping Lin return TeecResult; 10804aa61755SAndy Ye 10814aa61755SAndy Ye TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 1082f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1083f4e1db95SHisping Lin return TeecResult; 10844aa61755SAndy Ye 10853251364cSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 10863251364cSHisping Lin TEEC_NONE, 10873251364cSHisping Lin TEEC_NONE, 10883251364cSHisping Lin TEEC_NONE); 10893251364cSHisping Lin /*0 nand or emmc "security" partition , 1 rpmb*/ 1090b9a7e756SHisping Lin if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 1091b9a7e756SHisping Lin TeecOperation.params[0].value.a = 1; 1092b9a7e756SHisping Lin else 1093b9a7e756SHisping Lin TeecOperation.params[0].value.a = 0; 1094b9a7e756SHisping Lin 10953251364cSHisping Lin #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 10963251364cSHisping Lin TeecOperation.params[0].value.a = 0; 10973251364cSHisping Lin #endif 10983251364cSHisping Lin 10994aa61755SAndy Ye TeecResult = TEEC_OpenSession(&TeecContext, 11004aa61755SAndy Ye &TeecSession, 11014aa61755SAndy Ye TeecUuid, 11024aa61755SAndy Ye TEEC_LOGIN_PUBLIC, 11034aa61755SAndy Ye NULL, 11043251364cSHisping Lin &TeecOperation, 11054aa61755SAndy Ye &ErrorOrigin); 1106f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1107f4e1db95SHisping Lin return TeecResult; 11084aa61755SAndy Ye 11094aa61755SAndy Ye TEEC_SharedMemory SharedMem0 = {0}; 11104aa61755SAndy Ye 11114aa61755SAndy Ye SharedMem0.size = *uuid_size; 11124aa61755SAndy Ye SharedMem0.flags = 0; 11134aa61755SAndy Ye 11144aa61755SAndy Ye TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1115f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1116f4e1db95SHisping Lin goto exit; 11174aa61755SAndy Ye 11184aa61755SAndy Ye TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 11194aa61755SAndy Ye TeecOperation.params[0].tmpref.size = SharedMem0.size; 11204aa61755SAndy Ye 11214aa61755SAndy Ye TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 11224aa61755SAndy Ye TEEC_NONE, 11234aa61755SAndy Ye TEEC_NONE, 11244aa61755SAndy Ye TEEC_NONE); 11254aa61755SAndy Ye 11264aa61755SAndy Ye TeecResult = TEEC_InvokeCommand(&TeecSession, 11274aa61755SAndy Ye 144, 11284aa61755SAndy Ye &TeecOperation, 11294aa61755SAndy Ye &ErrorOrigin); 1130f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1131f4e1db95SHisping Lin goto exit; 11324aa61755SAndy Ye 11334aa61755SAndy Ye *uuid_size = TeecOperation.params[0].tmpref.size; 11344aa61755SAndy Ye memcpy(uuid, SharedMem0.buffer, SharedMem0.size); 1135f4e1db95SHisping Lin exit: 11364aa61755SAndy Ye TEEC_ReleaseSharedMemory(&SharedMem0); 11374aa61755SAndy Ye TEEC_CloseSession(&TeecSession); 1138f4e1db95SHisping Lin TEEC_FinalizeContext(&TeecContext); 11394aa61755SAndy Ye 11404aa61755SAndy Ye return TeecResult; 11414aa61755SAndy Ye } 11424aa61755SAndy Ye 11434aa61755SAndy Ye uint32_t trusty_attest_get_ca(uint8_t *operation_start, 11444aa61755SAndy Ye uint32_t *operation_size, 11454aa61755SAndy Ye uint8_t *out, 11464aa61755SAndy Ye uint32_t *out_len) 11474aa61755SAndy Ye { 11484aa61755SAndy Ye TEEC_Result TeecResult; 11494aa61755SAndy Ye TEEC_Context TeecContext; 11504aa61755SAndy Ye TEEC_Session TeecSession; 11514aa61755SAndy Ye uint32_t ErrorOrigin; 11524aa61755SAndy Ye 11534aa61755SAndy Ye TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 11544aa61755SAndy Ye { 0xa8, 0x69, 0x9c, 0xe6, 11554aa61755SAndy Ye 0x88, 0x6c, 0x5d, 0x5d 11564aa61755SAndy Ye } 11574aa61755SAndy Ye }; 11584aa61755SAndy Ye 11594aa61755SAndy Ye TEEC_UUID *TeecUuid = &tempuuid; 11604aa61755SAndy Ye TEEC_Operation TeecOperation = {0}; 11613251364cSHisping Lin struct blk_desc *dev_desc; 11623251364cSHisping Lin dev_desc = rockchip_get_bootdev(); 11636651d4c0SJason Zhu if (!dev_desc) { 11646651d4c0SJason Zhu printf("%s: dev_desc is NULL!\n", __func__); 11656651d4c0SJason Zhu return -TEEC_ERROR_GENERIC; 11666651d4c0SJason Zhu } 11674aa61755SAndy Ye 1168f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 1169f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1170f4e1db95SHisping Lin return TeecResult; 11714aa61755SAndy Ye 11724aa61755SAndy Ye TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 1173f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1174f4e1db95SHisping Lin return TeecResult; 11754aa61755SAndy Ye 11763251364cSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 11773251364cSHisping Lin TEEC_NONE, 11783251364cSHisping Lin TEEC_NONE, 11793251364cSHisping Lin TEEC_NONE); 11803251364cSHisping Lin /*0 nand or emmc "security" partition , 1 rpmb*/ 1181b9a7e756SHisping Lin if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 1182b9a7e756SHisping Lin TeecOperation.params[0].value.a = 1; 1183b9a7e756SHisping Lin else 1184b9a7e756SHisping Lin TeecOperation.params[0].value.a = 0; 1185b9a7e756SHisping Lin 11863251364cSHisping Lin #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 11873251364cSHisping Lin TeecOperation.params[0].value.a = 0; 11883251364cSHisping Lin #endif 11893251364cSHisping Lin 11904aa61755SAndy Ye TeecResult = TEEC_OpenSession(&TeecContext, 11914aa61755SAndy Ye &TeecSession, 11924aa61755SAndy Ye TeecUuid, 11934aa61755SAndy Ye TEEC_LOGIN_PUBLIC, 11944aa61755SAndy Ye NULL, 11953251364cSHisping Lin &TeecOperation, 11964aa61755SAndy Ye &ErrorOrigin); 1197f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1198f4e1db95SHisping Lin return TeecResult; 11994aa61755SAndy Ye 12004aa61755SAndy Ye TEEC_SharedMemory SharedMem0 = {0}; 12014aa61755SAndy Ye 12024aa61755SAndy Ye SharedMem0.size = *operation_size; 12034aa61755SAndy Ye SharedMem0.flags = 0; 12044aa61755SAndy Ye 12054aa61755SAndy Ye TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1206f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1207f4e1db95SHisping Lin goto exit; 12084aa61755SAndy Ye 12094aa61755SAndy Ye memcpy(SharedMem0.buffer, operation_start, SharedMem0.size); 12104aa61755SAndy Ye 12114aa61755SAndy Ye TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 12124aa61755SAndy Ye TeecOperation.params[0].tmpref.size = SharedMem0.size; 12134aa61755SAndy Ye 12144aa61755SAndy Ye TEEC_SharedMemory SharedMem1 = {0}; 12154aa61755SAndy Ye 12164aa61755SAndy Ye SharedMem1.size = *out_len; 12174aa61755SAndy Ye SharedMem1.flags = 0; 12184aa61755SAndy Ye 12194aa61755SAndy Ye TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem1); 1220f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1221f4e1db95SHisping Lin goto exit; 12224aa61755SAndy Ye 12234aa61755SAndy Ye TeecOperation.params[1].tmpref.buffer = SharedMem1.buffer; 12244aa61755SAndy Ye TeecOperation.params[1].tmpref.size = SharedMem1.size; 12254aa61755SAndy Ye 12264aa61755SAndy Ye TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 12274aa61755SAndy Ye TEEC_MEMREF_TEMP_INOUT, 12284aa61755SAndy Ye TEEC_NONE, 12294aa61755SAndy Ye TEEC_NONE); 12304aa61755SAndy Ye 12314aa61755SAndy Ye TeecResult = TEEC_InvokeCommand(&TeecSession, 12324aa61755SAndy Ye 145, 12334aa61755SAndy Ye &TeecOperation, 12344aa61755SAndy Ye &ErrorOrigin); 1235f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1236f4e1db95SHisping Lin goto exit; 12374aa61755SAndy Ye 12384aa61755SAndy Ye *out_len = TeecOperation.params[1].tmpref.size; 12394aa61755SAndy Ye memcpy(out, SharedMem1.buffer, SharedMem1.size); 1240f4e1db95SHisping Lin exit: 12414aa61755SAndy Ye TEEC_ReleaseSharedMemory(&SharedMem0); 12424aa61755SAndy Ye TEEC_ReleaseSharedMemory(&SharedMem1); 1243f4e1db95SHisping Lin TEEC_CloseSession(&TeecSession); 1244f4e1db95SHisping Lin TEEC_FinalizeContext(&TeecContext); 12454aa61755SAndy Ye 12464aa61755SAndy Ye return TeecResult; 12474aa61755SAndy Ye } 12484aa61755SAndy Ye 12494aa61755SAndy Ye uint32_t trusty_attest_set_ca(uint8_t *ca_response, uint32_t *ca_response_size) 12504aa61755SAndy Ye { 12514aa61755SAndy Ye TEEC_Result TeecResult; 12524aa61755SAndy Ye TEEC_Context TeecContext; 12534aa61755SAndy Ye TEEC_Session TeecSession; 12544aa61755SAndy Ye uint32_t ErrorOrigin; 12554aa61755SAndy Ye TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 12564aa61755SAndy Ye { 0xa8, 0x69, 0x9c, 0xe6, 12574aa61755SAndy Ye 0x88, 0x6c, 0x5d, 0x5d 12584aa61755SAndy Ye } 12594aa61755SAndy Ye }; 12604aa61755SAndy Ye TEEC_UUID *TeecUuid = &tempuuid; 12614aa61755SAndy Ye TEEC_Operation TeecOperation = {0}; 12623251364cSHisping Lin struct blk_desc *dev_desc; 12633251364cSHisping Lin dev_desc = rockchip_get_bootdev(); 12646651d4c0SJason Zhu if (!dev_desc) { 12656651d4c0SJason Zhu printf("%s: dev_desc is NULL!\n", __func__); 12666651d4c0SJason Zhu return -TEEC_ERROR_GENERIC; 12676651d4c0SJason Zhu } 1268f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 1269f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1270f4e1db95SHisping Lin return TeecResult; 12714aa61755SAndy Ye 12724aa61755SAndy Ye TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 1273f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1274f4e1db95SHisping Lin return TeecResult; 12754aa61755SAndy Ye 12763251364cSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 12773251364cSHisping Lin TEEC_NONE, 12783251364cSHisping Lin TEEC_NONE, 12793251364cSHisping Lin TEEC_NONE); 12803251364cSHisping Lin /*0 nand or emmc "security" partition , 1 rpmb*/ 1281b9a7e756SHisping Lin if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 1282b9a7e756SHisping Lin TeecOperation.params[0].value.a = 1; 1283b9a7e756SHisping Lin else 1284b9a7e756SHisping Lin TeecOperation.params[0].value.a = 0; 1285b9a7e756SHisping Lin 12863251364cSHisping Lin #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 12873251364cSHisping Lin TeecOperation.params[0].value.a = 0; 12883251364cSHisping Lin #endif 12893251364cSHisping Lin 12904aa61755SAndy Ye TeecResult = TEEC_OpenSession(&TeecContext, 12914aa61755SAndy Ye &TeecSession, 12924aa61755SAndy Ye TeecUuid, 12934aa61755SAndy Ye TEEC_LOGIN_PUBLIC, 12944aa61755SAndy Ye NULL, 12953251364cSHisping Lin &TeecOperation, 12964aa61755SAndy Ye &ErrorOrigin); 1297f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1298f4e1db95SHisping Lin return TeecResult; 12994aa61755SAndy Ye 13004aa61755SAndy Ye TEEC_SharedMemory SharedMem0 = {0}; 13014aa61755SAndy Ye 13024aa61755SAndy Ye SharedMem0.size = *ca_response_size; 13034aa61755SAndy Ye SharedMem0.flags = 0; 13044aa61755SAndy Ye 13054aa61755SAndy Ye TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1306f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1307f4e1db95SHisping Lin goto exit; 13084aa61755SAndy Ye 13094aa61755SAndy Ye memcpy(SharedMem0.buffer, ca_response, SharedMem0.size); 13104aa61755SAndy Ye 13114aa61755SAndy Ye TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 13124aa61755SAndy Ye TeecOperation.params[0].tmpref.size = SharedMem0.size; 13134aa61755SAndy Ye 13144aa61755SAndy Ye TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 13154aa61755SAndy Ye TEEC_NONE, 13164aa61755SAndy Ye TEEC_NONE, 13174aa61755SAndy Ye TEEC_NONE); 13184aa61755SAndy Ye 13194aa61755SAndy Ye TeecResult = TEEC_InvokeCommand(&TeecSession, 13204aa61755SAndy Ye 146, 13214aa61755SAndy Ye &TeecOperation, 13224aa61755SAndy Ye &ErrorOrigin); 1323f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1324f4e1db95SHisping Lin goto exit; 1325f4e1db95SHisping Lin exit: 13264aa61755SAndy Ye TEEC_ReleaseSharedMemory(&SharedMem0); 13274aa61755SAndy Ye TEEC_CloseSession(&TeecSession); 1328f4e1db95SHisping Lin TEEC_FinalizeContext(&TeecContext); 13294aa61755SAndy Ye 13304aa61755SAndy Ye return TeecResult; 13314aa61755SAndy Ye } 1332