1ae8ec5e1SHisping Lin /* 2ae8ec5e1SHisping Lin * Copyright 2017, Rockchip Electronics Co., Ltd 3ae8ec5e1SHisping Lin * hisping lin, <hisping.lin@rock-chips.com> 4ae8ec5e1SHisping Lin * 5ae8ec5e1SHisping Lin * SPDX-License-Identifier: GPL-2.0+ 6ae8ec5e1SHisping Lin */ 7ae8ec5e1SHisping Lin 8ae8ec5e1SHisping Lin #include <common.h> 9bb1ba6acSHisping Lin #include <optee_include/OpteeClientInterface.h> 10ae8ec5e1SHisping Lin #include <optee_include/OpteeClientApiLib.h> 11ae8ec5e1SHisping Lin #include <optee_include/tee_client_api.h> 1278ef5fbdSqiujian #include <optee_include/tee_api_defines.h> 133251364cSHisping Lin #include <boot_rkimg.h> 14a7df4868Stony.xu #include <stdlib.h> 151e8c0e44STony Xu #include <attestation_key.h> 16a7df4868Stony.xu 17a7df4868Stony.xu #define BOOT_FROM_EMMC (1 << 1) 18c7de5349SHisping Lin #define STORAGE_CMD_READ_ATTRIBUTE_HASH 0 19c7de5349SHisping Lin #define STORAGE_CMD_WRITE_ATTRIBUTE_HASH 1 20c7de5349SHisping Lin #define STORAGE_CMD_UBOOT_END_OTP 2 21c7de5349SHisping Lin #define STORAGE_CMD_READ_VBOOTKEY_HASH 3 22c7de5349SHisping Lin #define STORAGE_CMD_WRITE_VBOOTKEY_HASH 4 23c7de5349SHisping Lin #define STORAGE_CMD_READ_ENABLE_FLAG 5 241ef63c75SHisping Lin #define STORAGE_CMD_WRITE_TA_ENCRYPTION_KEY 9 25fbf29bfbSHisping Lin #define STORAGE_CMD_CHECK_SECURITY_LEVEL_FLAG 10 26f39d4289SHisping Lin #define STORAGE_CMD_WRITE_OEM_HUK 11 27d5913350SHisping Lin #define STORAGE_CMD_WRITE_OEM_NS_OTP 12 28d5913350SHisping Lin #define STORAGE_CMD_READ_OEM_NS_OTP 13 29*90e849a0Sxb.wang #define STORAGE_CMD_WRITE_OEM_OTP_KEY 14 30a405238aSHisping Lin #define STORAGE_CMD_SET_OEM_HR_OTP_READ_LOCK 15 31ae8ec5e1SHisping Lin 32*90e849a0Sxb.wang #define CRYPTO_SERVICE_CMD_OEM_OTP_KEY_CIPHER 0x00000001 33fc3694d6Sxb.wang 34fc3694d6Sxb.wang #define RK_CRYPTO_SERVICE_UUID { 0x0cacdb5d, 0x4fea, 0x466c, \ 35fc3694d6Sxb.wang { 0x97, 0x16, 0x3d, 0x54, 0x16, 0x52, 0x83, 0x0f } } 36fc3694d6Sxb.wang 37ae8ec5e1SHisping Lin static uint8_t b2hs_add_base(uint8_t in) 38ae8ec5e1SHisping Lin { 39ae8ec5e1SHisping Lin if (in > 9) 40ae8ec5e1SHisping Lin return in + 55; 41ae8ec5e1SHisping Lin else 42ae8ec5e1SHisping Lin return in + 48; 43ae8ec5e1SHisping Lin } 44ae8ec5e1SHisping Lin 45c7de5349SHisping Lin static uint32_t b2hs(uint8_t *b, uint8_t *hs, uint32_t blen, uint32_t hslen) 46ae8ec5e1SHisping Lin { 47ae8ec5e1SHisping Lin uint32_t i = 0; 48ae8ec5e1SHisping Lin 49ae8ec5e1SHisping Lin if (blen * 2 + 1 > hslen) 50ae8ec5e1SHisping Lin return 0; 51ae8ec5e1SHisping Lin 52ae8ec5e1SHisping Lin for (; i < blen; i++) { 53ae8ec5e1SHisping Lin hs[i * 2 + 1] = b2hs_add_base(b[i] & 0xf); 54ae8ec5e1SHisping Lin hs[i * 2] = b2hs_add_base(b[i] >> 4); 55ae8ec5e1SHisping Lin } 56ae8ec5e1SHisping Lin hs[blen * 2] = 0; 57ae8ec5e1SHisping Lin 58ae8ec5e1SHisping Lin return blen * 2; 59ae8ec5e1SHisping Lin } 60ae8ec5e1SHisping Lin 61c7de5349SHisping Lin static uint32_t trusty_base_write_security_data(char *filename, 62c7de5349SHisping Lin uint32_t filename_size, 63c7de5349SHisping Lin uint8_t *data, 64c7de5349SHisping Lin uint32_t data_size) 65ae8ec5e1SHisping Lin { 66ae8ec5e1SHisping Lin TEEC_Result TeecResult; 67ae8ec5e1SHisping Lin TEEC_Context TeecContext; 68ae8ec5e1SHisping Lin TEEC_Session TeecSession; 69ae8ec5e1SHisping Lin uint32_t ErrorOrigin; 70ae8ec5e1SHisping Lin TEEC_UUID tempuuid = { 0x1b484ea5, 0x698b, 0x4142, 71ae8ec5e1SHisping Lin { 0x82, 0xb8, 0x3a, 0xcf, 0x16, 0xe9, 0x9e, 0x2a } }; 72ae8ec5e1SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 73ae8ec5e1SHisping Lin TEEC_Operation TeecOperation = {0}; 743251364cSHisping Lin struct blk_desc *dev_desc; 753251364cSHisping Lin dev_desc = rockchip_get_bootdev(); 766651d4c0SJason Zhu if (!dev_desc) { 776651d4c0SJason Zhu printf("%s: dev_desc is NULL!\n", __func__); 786651d4c0SJason Zhu return -TEEC_ERROR_GENERIC; 796651d4c0SJason Zhu } 803251364cSHisping Lin 81f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 82f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 83f4e1db95SHisping Lin return TeecResult; 84ae8ec5e1SHisping Lin 85ae8ec5e1SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 86f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 87f4e1db95SHisping Lin return TeecResult; 88ae8ec5e1SHisping Lin 893251364cSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 903251364cSHisping Lin TEEC_NONE, 913251364cSHisping Lin TEEC_NONE, 923251364cSHisping Lin TEEC_NONE); 933251364cSHisping Lin /*0 nand or emmc "security" partition , 1 rpmb*/ 94b9a7e756SHisping Lin if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 95b9a7e756SHisping Lin TeecOperation.params[0].value.a = 1; 96b9a7e756SHisping Lin else 97b9a7e756SHisping Lin TeecOperation.params[0].value.a = 0; 983251364cSHisping Lin #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 993251364cSHisping Lin TeecOperation.params[0].value.a = 0; 1003251364cSHisping Lin #endif 1013251364cSHisping Lin 102ae8ec5e1SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 103ae8ec5e1SHisping Lin &TeecSession, 104ae8ec5e1SHisping Lin TeecUuid, 105ae8ec5e1SHisping Lin TEEC_LOGIN_PUBLIC, 106ae8ec5e1SHisping Lin NULL, 1073251364cSHisping Lin &TeecOperation, 108ae8ec5e1SHisping Lin &ErrorOrigin); 109f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 110f4e1db95SHisping Lin return TeecResult; 111ae8ec5e1SHisping Lin 112ae8ec5e1SHisping Lin TEEC_SharedMemory SharedMem0 = {0}; 113ae8ec5e1SHisping Lin 114c7de5349SHisping Lin SharedMem0.size = filename_size; 115ae8ec5e1SHisping Lin SharedMem0.flags = 0; 116ae8ec5e1SHisping Lin 117ae8ec5e1SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 118f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 119f4e1db95SHisping Lin goto exit; 120ae8ec5e1SHisping Lin 121c7de5349SHisping Lin memcpy(SharedMem0.buffer, filename, SharedMem0.size); 122ae8ec5e1SHisping Lin 123ae8ec5e1SHisping Lin TEEC_SharedMemory SharedMem1 = {0}; 124ae8ec5e1SHisping Lin 125c7de5349SHisping Lin SharedMem1.size = data_size; 126c7de5349SHisping Lin SharedMem1.flags = 0; 127c7de5349SHisping Lin 128c7de5349SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem1); 129c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 130c7de5349SHisping Lin goto exit; 131c7de5349SHisping Lin 132c7de5349SHisping Lin memcpy(SharedMem1.buffer, data, SharedMem1.size); 133c7de5349SHisping Lin 134c7de5349SHisping Lin TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 135c7de5349SHisping Lin TeecOperation.params[0].tmpref.size = SharedMem0.size; 136c7de5349SHisping Lin 137c7de5349SHisping Lin TeecOperation.params[1].tmpref.buffer = SharedMem1.buffer; 138c7de5349SHisping Lin TeecOperation.params[1].tmpref.size = SharedMem1.size; 139c7de5349SHisping Lin 140c7de5349SHisping Lin 141c7de5349SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT, 142c7de5349SHisping Lin TEEC_MEMREF_TEMP_INOUT, 143c7de5349SHisping Lin TEEC_NONE, 144c7de5349SHisping Lin TEEC_NONE); 145c7de5349SHisping Lin 146c7de5349SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 147c7de5349SHisping Lin 1, 148c7de5349SHisping Lin &TeecOperation, 149c7de5349SHisping Lin &ErrorOrigin); 150c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 151c7de5349SHisping Lin goto exit; 152c7de5349SHisping Lin exit: 153c7de5349SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem0); 154c7de5349SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem1); 155c7de5349SHisping Lin TEEC_CloseSession(&TeecSession); 156c7de5349SHisping Lin TEEC_FinalizeContext(&TeecContext); 157c7de5349SHisping Lin 158c7de5349SHisping Lin return TeecResult; 159c7de5349SHisping Lin } 160c7de5349SHisping Lin 161c7de5349SHisping Lin static uint32_t trusty_base_read_security_data(char *filename, 162c7de5349SHisping Lin uint32_t filename_size, 163c7de5349SHisping Lin uint8_t *data, 164c7de5349SHisping Lin uint32_t data_size) 165c7de5349SHisping Lin { 166c7de5349SHisping Lin TEEC_Result TeecResult; 167c7de5349SHisping Lin TEEC_Context TeecContext; 168c7de5349SHisping Lin TEEC_Session TeecSession; 169c7de5349SHisping Lin uint32_t ErrorOrigin; 170c7de5349SHisping Lin TEEC_UUID tempuuid = { 0x1b484ea5, 0x698b, 0x4142, 171c7de5349SHisping Lin { 0x82, 0xb8, 0x3a, 0xcf, 0x16, 0xe9, 0x9e, 0x2a } }; 172c7de5349SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 173c7de5349SHisping Lin TEEC_Operation TeecOperation = {0}; 174c7de5349SHisping Lin 175c7de5349SHisping Lin struct blk_desc *dev_desc; 176c7de5349SHisping Lin dev_desc = rockchip_get_bootdev(); 177c7de5349SHisping Lin if (!dev_desc) { 178c7de5349SHisping Lin printf("%s: dev_desc is NULL!\n", __func__); 179c7de5349SHisping Lin return -TEEC_ERROR_GENERIC; 180c7de5349SHisping Lin } 181c7de5349SHisping Lin 182c7de5349SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 183c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 184c7de5349SHisping Lin return TeecResult; 185c7de5349SHisping Lin 186c7de5349SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 187c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 188c7de5349SHisping Lin return TeecResult; 189c7de5349SHisping Lin 190c7de5349SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 191c7de5349SHisping Lin TEEC_NONE, 192c7de5349SHisping Lin TEEC_NONE, 193c7de5349SHisping Lin TEEC_NONE); 194c7de5349SHisping Lin /*0 nand or emmc "security" partition , 1 rpmb*/ 195c7de5349SHisping Lin if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 196c7de5349SHisping Lin TeecOperation.params[0].value.a = 1; 197c7de5349SHisping Lin else 198c7de5349SHisping Lin TeecOperation.params[0].value.a = 0; 199c7de5349SHisping Lin #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 200c7de5349SHisping Lin TeecOperation.params[0].value.a = 0; 201c7de5349SHisping Lin #endif 202c7de5349SHisping Lin 203c7de5349SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 204c7de5349SHisping Lin &TeecSession, 205c7de5349SHisping Lin TeecUuid, 206c7de5349SHisping Lin TEEC_LOGIN_PUBLIC, 207c7de5349SHisping Lin NULL, 208c7de5349SHisping Lin &TeecOperation, 209c7de5349SHisping Lin &ErrorOrigin); 210c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 211c7de5349SHisping Lin return TeecResult; 212c7de5349SHisping Lin 213c7de5349SHisping Lin TEEC_SharedMemory SharedMem0 = {0}; 214c7de5349SHisping Lin 215c7de5349SHisping Lin SharedMem0.size = filename_size; 216c7de5349SHisping Lin SharedMem0.flags = 0; 217c7de5349SHisping Lin 218c7de5349SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 219c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 220c7de5349SHisping Lin goto exit; 221c7de5349SHisping Lin 222c7de5349SHisping Lin memcpy(SharedMem0.buffer, filename, SharedMem0.size); 223c7de5349SHisping Lin 224c7de5349SHisping Lin TEEC_SharedMemory SharedMem1 = {0}; 225c7de5349SHisping Lin 226c7de5349SHisping Lin SharedMem1.size = data_size; 227ae8ec5e1SHisping Lin SharedMem1.flags = 0; 228ae8ec5e1SHisping Lin 229ae8ec5e1SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem1); 230f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 231f4e1db95SHisping Lin goto exit; 232ae8ec5e1SHisping Lin 233ae8ec5e1SHisping Lin TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 234ae8ec5e1SHisping Lin TeecOperation.params[0].tmpref.size = SharedMem0.size; 235ae8ec5e1SHisping Lin 236ae8ec5e1SHisping Lin TeecOperation.params[1].tmpref.buffer = SharedMem1.buffer; 237ae8ec5e1SHisping Lin TeecOperation.params[1].tmpref.size = SharedMem1.size; 238ae8ec5e1SHisping Lin 239ae8ec5e1SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT, 240ae8ec5e1SHisping Lin TEEC_MEMREF_TEMP_INOUT, 241ae8ec5e1SHisping Lin TEEC_NONE, 242ae8ec5e1SHisping Lin TEEC_NONE); 243ae8ec5e1SHisping Lin 244ae8ec5e1SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 245ae8ec5e1SHisping Lin 0, 246ae8ec5e1SHisping Lin &TeecOperation, 247ae8ec5e1SHisping Lin &ErrorOrigin); 24846b2a054SHisping Lin if (TeecResult == TEEC_SUCCESS) 249c7de5349SHisping Lin memcpy(data, SharedMem1.buffer, SharedMem1.size); 250f4e1db95SHisping Lin exit: 251ae8ec5e1SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem0); 252ae8ec5e1SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem1); 253ae8ec5e1SHisping Lin TEEC_CloseSession(&TeecSession); 25446b2a054SHisping Lin TEEC_FinalizeContext(&TeecContext); 255ae8ec5e1SHisping Lin 256ae8ec5e1SHisping Lin return TeecResult; 257ae8ec5e1SHisping Lin } 258ae8ec5e1SHisping Lin 259c7de5349SHisping Lin static uint32_t trusty_base_end_security_data(void) 260c7de5349SHisping Lin { 261c7de5349SHisping Lin TEEC_Result TeecResult; 262c7de5349SHisping Lin TEEC_Context TeecContext; 263c7de5349SHisping Lin TEEC_Session TeecSession; 264c7de5349SHisping Lin uint32_t ErrorOrigin; 265c7de5349SHisping Lin TEEC_UUID tempuuid = { 0x1b484ea5, 0x698b, 0x4142, 266c7de5349SHisping Lin { 0x82, 0xb8, 0x3a, 0xcf, 0x16, 0xe9, 0x9e, 0x2a } }; 267c7de5349SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 268c7de5349SHisping Lin TEEC_Operation TeecOperation = {0}; 269c7de5349SHisping Lin 270c7de5349SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 271c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 272c7de5349SHisping Lin return TeecResult; 273c7de5349SHisping Lin 274c7de5349SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 275c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 276c7de5349SHisping Lin return TeecResult; 277c7de5349SHisping Lin 278c7de5349SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 279c7de5349SHisping Lin &TeecSession, 280c7de5349SHisping Lin TeecUuid, 281c7de5349SHisping Lin TEEC_LOGIN_PUBLIC, 282c7de5349SHisping Lin NULL, 283c7de5349SHisping Lin NULL, 284c7de5349SHisping Lin &ErrorOrigin); 285c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 286c7de5349SHisping Lin return TeecResult; 287c7de5349SHisping Lin 288c7de5349SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_NONE, 289c7de5349SHisping Lin TEEC_NONE, 290c7de5349SHisping Lin TEEC_NONE, 291c7de5349SHisping Lin TEEC_NONE); 292c7de5349SHisping Lin 293c7de5349SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 294c7de5349SHisping Lin 2, 295c7de5349SHisping Lin &TeecOperation, 296c7de5349SHisping Lin &ErrorOrigin); 297c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 298c7de5349SHisping Lin goto exit; 299c7de5349SHisping Lin exit: 300c7de5349SHisping Lin TEEC_CloseSession(&TeecSession); 301c7de5349SHisping Lin TEEC_FinalizeContext(&TeecContext); 302c7de5349SHisping Lin 303c7de5349SHisping Lin return TeecResult; 304c7de5349SHisping Lin } 305c7de5349SHisping Lin 306c7de5349SHisping Lin uint32_t trusty_read_rollback_index(uint32_t slot, uint64_t *value) 307c7de5349SHisping Lin { 308c7de5349SHisping Lin char hs[9]; 309c7de5349SHisping Lin 310c7de5349SHisping Lin b2hs((uint8_t *)&slot, (uint8_t *)hs, 4, 9); 311c7de5349SHisping Lin 312c7de5349SHisping Lin return trusty_base_read_security_data(hs, 8, (uint8_t *)value, 8); 313c7de5349SHisping Lin } 314c7de5349SHisping Lin 315ae8ec5e1SHisping Lin uint32_t trusty_write_rollback_index(uint32_t slot, uint64_t value) 316ae8ec5e1SHisping Lin { 317c7de5349SHisping Lin char hs[9]; 3183251364cSHisping Lin 319c7de5349SHisping Lin b2hs((uint8_t *)&slot, (uint8_t *)hs, 4, 9); 320ae8ec5e1SHisping Lin 321c7de5349SHisping Lin return trusty_base_write_security_data(hs, 8, (uint8_t *)&value, 8); 322ae8ec5e1SHisping Lin } 323ae8ec5e1SHisping Lin 324ae8ec5e1SHisping Lin uint32_t trusty_read_permanent_attributes(uint8_t *attributes, uint32_t size) 325ae8ec5e1SHisping Lin { 326c7de5349SHisping Lin return trusty_base_read_security_data("attributes", 327c7de5349SHisping Lin sizeof("attributes"), attributes, size); 328ae8ec5e1SHisping Lin } 329ae8ec5e1SHisping Lin 330ae8ec5e1SHisping Lin uint32_t trusty_write_permanent_attributes(uint8_t *attributes, uint32_t size) 331ae8ec5e1SHisping Lin { 332c7de5349SHisping Lin return trusty_base_write_security_data("attributes", 333c7de5349SHisping Lin sizeof("attributes"), attributes, size); 3346651d4c0SJason Zhu } 335ae8ec5e1SHisping Lin 336c7de5349SHisping Lin uint32_t trusty_read_permanent_attributes_flag(uint8_t *attributes) 337c7de5349SHisping Lin { 338c7de5349SHisping Lin return trusty_base_read_security_data("attributes_flag", 339c7de5349SHisping Lin sizeof("attributes_flag"), attributes, 1); 340c7de5349SHisping Lin } 341ae8ec5e1SHisping Lin 342c7de5349SHisping Lin uint32_t trusty_write_permanent_attributes_flag(uint8_t attributes) 343c7de5349SHisping Lin { 344c7de5349SHisping Lin return trusty_base_write_security_data("attributes_flag", 345c7de5349SHisping Lin sizeof("attributes_flag"), &attributes, 1); 346ae8ec5e1SHisping Lin } 347ae8ec5e1SHisping Lin 348564654ebSJason Zhu uint32_t trusty_read_permanent_attributes_cer(uint8_t *attributes, 349564654ebSJason Zhu uint32_t size) 350564654ebSJason Zhu { 351c7de5349SHisping Lin return trusty_base_read_security_data("rsacer", 352c7de5349SHisping Lin sizeof("rsacer"), attributes, size); 353564654ebSJason Zhu } 354564654ebSJason Zhu 355564654ebSJason Zhu uint32_t trusty_write_permanent_attributes_cer(uint8_t *attributes, 356564654ebSJason Zhu uint32_t size) 357564654ebSJason Zhu { 358c7de5349SHisping Lin return trusty_base_write_security_data("rsacer", 359c7de5349SHisping Lin sizeof("rsacer"), attributes, size); 360564654ebSJason Zhu } 361564654ebSJason Zhu 362ae8ec5e1SHisping Lin uint32_t trusty_read_lock_state(uint8_t *lock_state) 363ae8ec5e1SHisping Lin { 364c7de5349SHisping Lin return trusty_base_read_security_data("lock_state", 365c7de5349SHisping Lin sizeof("lock_state"), lock_state, 1); 366ae8ec5e1SHisping Lin } 367ae8ec5e1SHisping Lin 368ae8ec5e1SHisping Lin uint32_t trusty_write_lock_state(uint8_t lock_state) 369ae8ec5e1SHisping Lin { 370c7de5349SHisping Lin return trusty_base_write_security_data("lock_state", 371c7de5349SHisping Lin sizeof("lock_state"), &lock_state, 1); 372ae8ec5e1SHisping Lin } 373ae8ec5e1SHisping Lin 374ae8ec5e1SHisping Lin uint32_t trusty_read_flash_lock_state(uint8_t *flash_lock_state) 375ae8ec5e1SHisping Lin { 376c7de5349SHisping Lin return trusty_base_read_security_data("flash_lock_state", 377c7de5349SHisping Lin sizeof("flash_lock_state"), flash_lock_state, 1); 378c7de5349SHisping Lin } 379c7de5349SHisping Lin 380c7de5349SHisping Lin uint32_t trusty_write_flash_lock_state(uint8_t flash_lock_state) 381c7de5349SHisping Lin { 382c7de5349SHisping Lin return trusty_base_write_security_data("flash_lock_state", 383c7de5349SHisping Lin sizeof("flash_lock_state"), &flash_lock_state, 1); 384c7de5349SHisping Lin } 385c7de5349SHisping Lin 386c7de5349SHisping Lin static uint32_t trusty_base_end_efuse_or_otp(void) 387c7de5349SHisping Lin { 388ae8ec5e1SHisping Lin TEEC_Result TeecResult; 389ae8ec5e1SHisping Lin TEEC_Context TeecContext; 390ae8ec5e1SHisping Lin TEEC_Session TeecSession; 391ae8ec5e1SHisping Lin uint32_t ErrorOrigin; 392c7de5349SHisping Lin TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 393c7de5349SHisping Lin { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 394c7de5349SHisping Lin 395ae8ec5e1SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 396ae8ec5e1SHisping Lin TEEC_Operation TeecOperation = {0}; 397ae8ec5e1SHisping Lin 398f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 399f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 400f4e1db95SHisping Lin return TeecResult; 401ae8ec5e1SHisping Lin 402ae8ec5e1SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 403f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 404f4e1db95SHisping Lin return TeecResult; 405ae8ec5e1SHisping Lin 406ae8ec5e1SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 407ae8ec5e1SHisping Lin &TeecSession, 408ae8ec5e1SHisping Lin TeecUuid, 409ae8ec5e1SHisping Lin TEEC_LOGIN_PUBLIC, 410ae8ec5e1SHisping Lin NULL, 411c7de5349SHisping Lin NULL, 412ae8ec5e1SHisping Lin &ErrorOrigin); 413f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 414f4e1db95SHisping Lin return TeecResult; 415ae8ec5e1SHisping Lin 416c7de5349SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_NONE, 417c7de5349SHisping Lin TEEC_NONE, 418ae8ec5e1SHisping Lin TEEC_NONE, 419ae8ec5e1SHisping Lin TEEC_NONE); 420ae8ec5e1SHisping Lin 421ae8ec5e1SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 422c7de5349SHisping Lin STORAGE_CMD_UBOOT_END_OTP, 423ae8ec5e1SHisping Lin &TeecOperation, 424ae8ec5e1SHisping Lin &ErrorOrigin); 425c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 426c7de5349SHisping Lin goto exit; 427f4e1db95SHisping Lin exit: 428ae8ec5e1SHisping Lin TEEC_CloseSession(&TeecSession); 42946b2a054SHisping Lin TEEC_FinalizeContext(&TeecContext); 430ae8ec5e1SHisping Lin 431ae8ec5e1SHisping Lin return TeecResult; 432ae8ec5e1SHisping Lin } 433ae8ec5e1SHisping Lin 434c7de5349SHisping Lin static uint32_t trusty_base_efuse_or_otp_operation(uint32_t cmd, 435c7de5349SHisping Lin uint8_t is_write, 436c7de5349SHisping Lin uint32_t *buf, 437c7de5349SHisping Lin uint32_t length) 438ae8ec5e1SHisping Lin { 439ae8ec5e1SHisping Lin TEEC_Result TeecResult; 440ae8ec5e1SHisping Lin TEEC_Context TeecContext; 441ae8ec5e1SHisping Lin TEEC_Session TeecSession; 442ae8ec5e1SHisping Lin uint32_t ErrorOrigin; 443c7de5349SHisping Lin 444c7de5349SHisping Lin TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 445c7de5349SHisping Lin { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 446ae8ec5e1SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 447ae8ec5e1SHisping Lin TEEC_Operation TeecOperation = {0}; 448ae8ec5e1SHisping Lin 449f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 450f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 451f4e1db95SHisping Lin return TeecResult; 452ae8ec5e1SHisping Lin 453ae8ec5e1SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 454f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 455f4e1db95SHisping Lin return TeecResult; 456ae8ec5e1SHisping Lin 457ae8ec5e1SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 458ae8ec5e1SHisping Lin &TeecSession, 459ae8ec5e1SHisping Lin TeecUuid, 460ae8ec5e1SHisping Lin TEEC_LOGIN_PUBLIC, 461ae8ec5e1SHisping Lin NULL, 462c7de5349SHisping Lin NULL, 463ae8ec5e1SHisping Lin &ErrorOrigin); 464f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 465f4e1db95SHisping Lin return TeecResult; 466ae8ec5e1SHisping Lin 467ae8ec5e1SHisping Lin TEEC_SharedMemory SharedMem0 = {0}; 468ae8ec5e1SHisping Lin 469c7de5349SHisping Lin SharedMem0.size = length * sizeof(uint32_t); 470ae8ec5e1SHisping Lin SharedMem0.flags = 0; 471ae8ec5e1SHisping Lin 472ae8ec5e1SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 473f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 474f4e1db95SHisping Lin goto exit; 475ae8ec5e1SHisping Lin 476ae8ec5e1SHisping Lin TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 477ae8ec5e1SHisping Lin TeecOperation.params[0].tmpref.size = SharedMem0.size; 478ae8ec5e1SHisping Lin 479c7de5349SHisping Lin if (is_write) { 480c7de5349SHisping Lin memcpy(SharedMem0.buffer, buf, SharedMem0.size); 481ae8ec5e1SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT, 482c7de5349SHisping Lin TEEC_NONE, 483ae8ec5e1SHisping Lin TEEC_NONE, 484ae8ec5e1SHisping Lin TEEC_NONE); 485ae8ec5e1SHisping Lin 486c7de5349SHisping Lin } else { 487c7de5349SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_OUTPUT, 488c7de5349SHisping Lin TEEC_NONE, 489c7de5349SHisping Lin TEEC_NONE, 490c7de5349SHisping Lin TEEC_NONE); 491c7de5349SHisping Lin } 492c7de5349SHisping Lin 493ae8ec5e1SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 494c7de5349SHisping Lin cmd, 495ae8ec5e1SHisping Lin &TeecOperation, 496ae8ec5e1SHisping Lin &ErrorOrigin); 497f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 498f4e1db95SHisping Lin goto exit; 499c7de5349SHisping Lin 500c7de5349SHisping Lin if (!is_write) 501c7de5349SHisping Lin memcpy(buf, SharedMem0.buffer, SharedMem0.size); 502c7de5349SHisping Lin 503f4e1db95SHisping Lin exit: 504ae8ec5e1SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem0); 505ae8ec5e1SHisping Lin TEEC_CloseSession(&TeecSession); 50646b2a054SHisping Lin TEEC_FinalizeContext(&TeecContext); 507ae8ec5e1SHisping Lin 508ae8ec5e1SHisping Lin return TeecResult; 509ae8ec5e1SHisping Lin } 510ae8ec5e1SHisping Lin 5116ef445a4SHisping Lin uint32_t trusty_read_attribute_hash(uint32_t *buf, uint32_t length) 5126ef445a4SHisping Lin { 513c7de5349SHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_READ_ATTRIBUTE_HASH, 514c7de5349SHisping Lin false, buf, length); 5156ef445a4SHisping Lin } 5166ef445a4SHisping Lin 5176ef445a4SHisping Lin uint32_t trusty_write_attribute_hash(uint32_t *buf, uint32_t length) 5186ef445a4SHisping Lin { 519c7de5349SHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_ATTRIBUTE_HASH, 520c7de5349SHisping Lin true, buf, length); 52116539616SHisping Lin } 52216539616SHisping Lin 52316539616SHisping Lin uint32_t trusty_notify_optee_uboot_end(void) 52416539616SHisping Lin { 52516539616SHisping Lin TEEC_Result res; 526c7de5349SHisping Lin 527c7de5349SHisping Lin res = trusty_base_end_security_data(); 528c7de5349SHisping Lin res |= trusty_base_end_efuse_or_otp(); 52916539616SHisping Lin return res; 53016539616SHisping Lin } 5312cd27853SHisping Lin 5322cd27853SHisping Lin uint32_t trusty_read_vbootkey_hash(uint32_t *buf, uint32_t length) 5332cd27853SHisping Lin { 534c7de5349SHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_READ_VBOOTKEY_HASH, 535c7de5349SHisping Lin false, buf, length); 5362cd27853SHisping Lin } 537c7de5349SHisping Lin 5382cd27853SHisping Lin uint32_t trusty_write_vbootkey_hash(uint32_t *buf, uint32_t length) 5392cd27853SHisping Lin { 540c7de5349SHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_VBOOTKEY_HASH, 541c7de5349SHisping Lin true, buf, length); 5422cd27853SHisping Lin } 543095e2a82SHisping Lin 544468df3b2SHisping Lin uint32_t trusty_read_vbootkey_enable_flag(uint8_t *flag) 545468df3b2SHisping Lin { 546468df3b2SHisping Lin uint32_t bootflag; 547c7de5349SHisping Lin TEEC_Result TeecResult; 548468df3b2SHisping Lin 549f07e1686SHisping Lin *flag = 0; 550f07e1686SHisping Lin 551c7de5349SHisping Lin TeecResult = trusty_base_efuse_or_otp_operation(STORAGE_CMD_READ_ENABLE_FLAG, 552c7de5349SHisping Lin false, &bootflag, 1); 553468df3b2SHisping Lin 554468df3b2SHisping Lin if (TeecResult == TEEC_SUCCESS) { 5550202ee8aSHisping Lin #if defined(CONFIG_ROCKCHIP_RK3288) 5560202ee8aSHisping Lin if (bootflag == 0x00000001) 5570202ee8aSHisping Lin *flag = 1; 5580202ee8aSHisping Lin #else 559468df3b2SHisping Lin if (bootflag == 0x000000FF) 560468df3b2SHisping Lin *flag = 1; 5610202ee8aSHisping Lin #endif 562468df3b2SHisping Lin } 563095e2a82SHisping Lin return TeecResult; 564095e2a82SHisping Lin } 5654aa61755SAndy Ye 5661ef63c75SHisping Lin uint32_t trusty_write_ta_encryption_key(uint32_t *buf, uint32_t length) 5671ef63c75SHisping Lin { 5681ef63c75SHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_TA_ENCRYPTION_KEY, 5691ef63c75SHisping Lin true, buf, length); 5701ef63c75SHisping Lin } 5711ef63c75SHisping Lin 572fbf29bfbSHisping Lin uint32_t trusty_check_security_level_flag(uint8_t flag) 573fbf29bfbSHisping Lin { 574fbf29bfbSHisping Lin uint32_t levelflag; 575fbf29bfbSHisping Lin 576fbf29bfbSHisping Lin levelflag = flag; 577fbf29bfbSHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_CHECK_SECURITY_LEVEL_FLAG, 578fbf29bfbSHisping Lin true, &levelflag, 1); 579fbf29bfbSHisping Lin } 580fbf29bfbSHisping Lin 581f39d4289SHisping Lin uint32_t trusty_write_oem_huk(uint32_t *buf, uint32_t length) 582f39d4289SHisping Lin { 583f39d4289SHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_OEM_HUK, 584f39d4289SHisping Lin true, buf, length); 585f39d4289SHisping Lin } 586f39d4289SHisping Lin 5877504da74SHisping Lin void trusty_select_security_level(void) 5887504da74SHisping Lin { 5897504da74SHisping Lin #if (CONFIG_OPTEE_SECURITY_LEVEL > 0) 5907504da74SHisping Lin TEEC_Result TeecResult; 5917504da74SHisping Lin 5927504da74SHisping Lin TeecResult = trusty_check_security_level_flag(CONFIG_OPTEE_SECURITY_LEVEL); 5937504da74SHisping Lin if (TeecResult == TEE_ERROR_CANCEL) { 5947504da74SHisping Lin run_command("download", 0); 5957504da74SHisping Lin return; 5967504da74SHisping Lin } 5977504da74SHisping Lin 5987504da74SHisping Lin if (TeecResult == TEEC_SUCCESS) 5997504da74SHisping Lin debug("optee select security level success!"); 6007504da74SHisping Lin else 6017504da74SHisping Lin panic("optee select security level fail!"); 6027504da74SHisping Lin 6037504da74SHisping Lin return; 6047504da74SHisping Lin #endif 6057504da74SHisping Lin } 6067504da74SHisping Lin 607d5913350SHisping Lin uint32_t trusty_write_oem_ns_otp(uint32_t byte_off, uint8_t *byte_buf, uint32_t byte_len) 608d5913350SHisping Lin { 609d5913350SHisping Lin TEEC_Result TeecResult; 610d5913350SHisping Lin TEEC_Context TeecContext; 611d5913350SHisping Lin TEEC_Session TeecSession; 612d5913350SHisping Lin uint32_t ErrorOrigin; 613d5913350SHisping Lin 614d5913350SHisping Lin TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 615d5913350SHisping Lin { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 616d5913350SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 617d5913350SHisping Lin TEEC_Operation TeecOperation = {0}; 618d5913350SHisping Lin 619d5913350SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 620d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 621d5913350SHisping Lin return TeecResult; 622d5913350SHisping Lin 623d5913350SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 624d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 625d5913350SHisping Lin return TeecResult; 626d5913350SHisping Lin 627d5913350SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 628d5913350SHisping Lin &TeecSession, 629d5913350SHisping Lin TeecUuid, 630d5913350SHisping Lin TEEC_LOGIN_PUBLIC, 631d5913350SHisping Lin NULL, 632d5913350SHisping Lin NULL, 633d5913350SHisping Lin &ErrorOrigin); 634d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 635d5913350SHisping Lin return TeecResult; 636d5913350SHisping Lin 637d5913350SHisping Lin TeecOperation.params[0].value.a = byte_off; 638d5913350SHisping Lin 639d5913350SHisping Lin TEEC_SharedMemory SharedMem = {0}; 640d5913350SHisping Lin 641d5913350SHisping Lin SharedMem.size = byte_len; 642d5913350SHisping Lin SharedMem.flags = 0; 643d5913350SHisping Lin 644d5913350SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem); 645d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 646d5913350SHisping Lin goto exit; 647d5913350SHisping Lin 648d5913350SHisping Lin TeecOperation.params[1].tmpref.buffer = SharedMem.buffer; 649d5913350SHisping Lin TeecOperation.params[1].tmpref.size = SharedMem.size; 650d5913350SHisping Lin 651d5913350SHisping Lin memcpy(SharedMem.buffer, byte_buf, SharedMem.size); 652d5913350SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 653d5913350SHisping Lin TEEC_MEMREF_TEMP_INPUT, 654d5913350SHisping Lin TEEC_NONE, 655d5913350SHisping Lin TEEC_NONE); 656d5913350SHisping Lin 657d5913350SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 658d5913350SHisping Lin STORAGE_CMD_WRITE_OEM_NS_OTP, 659d5913350SHisping Lin &TeecOperation, 660d5913350SHisping Lin &ErrorOrigin); 661d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 662d5913350SHisping Lin goto exit; 663d5913350SHisping Lin 664d5913350SHisping Lin exit: 665d5913350SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem); 666d5913350SHisping Lin TEEC_CloseSession(&TeecSession); 667d5913350SHisping Lin TEEC_FinalizeContext(&TeecContext); 668d5913350SHisping Lin 669d5913350SHisping Lin return TeecResult; 670d5913350SHisping Lin } 671d5913350SHisping Lin 672d5913350SHisping Lin uint32_t trusty_read_oem_ns_otp(uint32_t byte_off, uint8_t *byte_buf, uint32_t byte_len) 673d5913350SHisping Lin { 674d5913350SHisping Lin TEEC_Result TeecResult; 675d5913350SHisping Lin TEEC_Context TeecContext; 676d5913350SHisping Lin TEEC_Session TeecSession; 677d5913350SHisping Lin uint32_t ErrorOrigin; 678d5913350SHisping Lin 679d5913350SHisping Lin TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 680d5913350SHisping Lin { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 681d5913350SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 682d5913350SHisping Lin TEEC_Operation TeecOperation = {0}; 683d5913350SHisping Lin 684d5913350SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 685d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 686d5913350SHisping Lin return TeecResult; 687d5913350SHisping Lin 688d5913350SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 689d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 690d5913350SHisping Lin return TeecResult; 691d5913350SHisping Lin 692d5913350SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 693d5913350SHisping Lin &TeecSession, 694d5913350SHisping Lin TeecUuid, 695d5913350SHisping Lin TEEC_LOGIN_PUBLIC, 696d5913350SHisping Lin NULL, 697d5913350SHisping Lin NULL, 698d5913350SHisping Lin &ErrorOrigin); 699d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 700d5913350SHisping Lin return TeecResult; 701d5913350SHisping Lin 702d5913350SHisping Lin TeecOperation.params[0].value.a = byte_off; 703d5913350SHisping Lin 704d5913350SHisping Lin TEEC_SharedMemory SharedMem = {0}; 705d5913350SHisping Lin 706d5913350SHisping Lin SharedMem.size = byte_len; 707d5913350SHisping Lin SharedMem.flags = 0; 708d5913350SHisping Lin 709d5913350SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem); 710d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 711d5913350SHisping Lin goto exit; 712d5913350SHisping Lin 713d5913350SHisping Lin TeecOperation.params[1].tmpref.buffer = SharedMem.buffer; 714d5913350SHisping Lin TeecOperation.params[1].tmpref.size = SharedMem.size; 715d5913350SHisping Lin 716d5913350SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 717d5913350SHisping Lin TEEC_MEMREF_TEMP_OUTPUT, 718d5913350SHisping Lin TEEC_NONE, 719d5913350SHisping Lin TEEC_NONE); 720d5913350SHisping Lin 721d5913350SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 722d5913350SHisping Lin STORAGE_CMD_READ_OEM_NS_OTP, 723d5913350SHisping Lin &TeecOperation, 724d5913350SHisping Lin &ErrorOrigin); 725d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 726d5913350SHisping Lin goto exit; 727d5913350SHisping Lin 728d5913350SHisping Lin memcpy(byte_buf, SharedMem.buffer, SharedMem.size); 729d5913350SHisping Lin 730d5913350SHisping Lin exit: 731d5913350SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem); 732d5913350SHisping Lin TEEC_CloseSession(&TeecSession); 733d5913350SHisping Lin TEEC_FinalizeContext(&TeecContext); 734d5913350SHisping Lin 735d5913350SHisping Lin return TeecResult; 736d5913350SHisping Lin } 737d5913350SHisping Lin 738*90e849a0Sxb.wang uint32_t trusty_write_oem_otp_key(enum RK_OEM_OTP_KEYID key_id, 739bb1ba6acSHisping Lin uint8_t *byte_buf, uint32_t byte_len) 740bb1ba6acSHisping Lin { 741bb1ba6acSHisping Lin TEEC_Result TeecResult; 742bb1ba6acSHisping Lin TEEC_Context TeecContext; 743bb1ba6acSHisping Lin TEEC_Session TeecSession; 744bb1ba6acSHisping Lin uint32_t ErrorOrigin; 745bb1ba6acSHisping Lin 746bb1ba6acSHisping Lin TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 747bb1ba6acSHisping Lin { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 748bb1ba6acSHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 749bb1ba6acSHisping Lin TEEC_Operation TeecOperation = {0}; 750bb1ba6acSHisping Lin 751bb1ba6acSHisping Lin TeecResult = OpteeClientApiLibInitialize(); 752bb1ba6acSHisping Lin if (TeecResult != TEEC_SUCCESS) 753bb1ba6acSHisping Lin return TeecResult; 754bb1ba6acSHisping Lin 755bb1ba6acSHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 756bb1ba6acSHisping Lin if (TeecResult != TEEC_SUCCESS) 757bb1ba6acSHisping Lin return TeecResult; 758bb1ba6acSHisping Lin 759bb1ba6acSHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 760bb1ba6acSHisping Lin &TeecSession, 761bb1ba6acSHisping Lin TeecUuid, 762bb1ba6acSHisping Lin TEEC_LOGIN_PUBLIC, 763bb1ba6acSHisping Lin NULL, 764bb1ba6acSHisping Lin NULL, 765bb1ba6acSHisping Lin &ErrorOrigin); 766bb1ba6acSHisping Lin if (TeecResult != TEEC_SUCCESS) 767bb1ba6acSHisping Lin return TeecResult; 768bb1ba6acSHisping Lin 769bb1ba6acSHisping Lin TeecOperation.params[0].value.a = key_id; 770bb1ba6acSHisping Lin 771bb1ba6acSHisping Lin TEEC_SharedMemory SharedMem = {0}; 772bb1ba6acSHisping Lin 773bb1ba6acSHisping Lin SharedMem.size = byte_len; 774bb1ba6acSHisping Lin SharedMem.flags = 0; 775bb1ba6acSHisping Lin 776bb1ba6acSHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem); 777bb1ba6acSHisping Lin if (TeecResult != TEEC_SUCCESS) 778bb1ba6acSHisping Lin goto exit; 779bb1ba6acSHisping Lin 780bb1ba6acSHisping Lin TeecOperation.params[1].tmpref.buffer = SharedMem.buffer; 781bb1ba6acSHisping Lin TeecOperation.params[1].tmpref.size = SharedMem.size; 782bb1ba6acSHisping Lin 783bb1ba6acSHisping Lin memcpy(SharedMem.buffer, byte_buf, SharedMem.size); 784bb1ba6acSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 785bb1ba6acSHisping Lin TEEC_MEMREF_TEMP_INPUT, 786bb1ba6acSHisping Lin TEEC_NONE, 787bb1ba6acSHisping Lin TEEC_NONE); 788bb1ba6acSHisping Lin 789bb1ba6acSHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 790*90e849a0Sxb.wang STORAGE_CMD_WRITE_OEM_OTP_KEY, 791bb1ba6acSHisping Lin &TeecOperation, 792bb1ba6acSHisping Lin &ErrorOrigin); 793bb1ba6acSHisping Lin if (TeecResult != TEEC_SUCCESS) 794bb1ba6acSHisping Lin goto exit; 795bb1ba6acSHisping Lin 796bb1ba6acSHisping Lin exit: 797bb1ba6acSHisping Lin TEEC_ReleaseSharedMemory(&SharedMem); 798bb1ba6acSHisping Lin TEEC_CloseSession(&TeecSession); 799bb1ba6acSHisping Lin TEEC_FinalizeContext(&TeecContext); 800bb1ba6acSHisping Lin 801bb1ba6acSHisping Lin return TeecResult; 802bb1ba6acSHisping Lin } 803bb1ba6acSHisping Lin 804*90e849a0Sxb.wang uint32_t trusty_set_oem_hr_otp_read_lock(enum RK_OEM_OTP_KEYID key_id) 805a405238aSHisping Lin { 806a405238aSHisping Lin TEEC_Result TeecResult; 807a405238aSHisping Lin TEEC_Context TeecContext; 808a405238aSHisping Lin TEEC_Session TeecSession; 809a405238aSHisping Lin uint32_t ErrorOrigin; 810a405238aSHisping Lin 811a405238aSHisping Lin TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 812a405238aSHisping Lin { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 813a405238aSHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 814a405238aSHisping Lin TEEC_Operation TeecOperation = {0}; 815a405238aSHisping Lin 816a405238aSHisping Lin TeecResult = OpteeClientApiLibInitialize(); 817a405238aSHisping Lin if (TeecResult != TEEC_SUCCESS) 818a405238aSHisping Lin return TeecResult; 819a405238aSHisping Lin 820a405238aSHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 821a405238aSHisping Lin if (TeecResult != TEEC_SUCCESS) 822a405238aSHisping Lin return TeecResult; 823a405238aSHisping Lin 824a405238aSHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 825a405238aSHisping Lin &TeecSession, 826a405238aSHisping Lin TeecUuid, 827a405238aSHisping Lin TEEC_LOGIN_PUBLIC, 828a405238aSHisping Lin NULL, 829a405238aSHisping Lin NULL, 830a405238aSHisping Lin &ErrorOrigin); 831a405238aSHisping Lin if (TeecResult != TEEC_SUCCESS) 832a405238aSHisping Lin return TeecResult; 833a405238aSHisping Lin 834a405238aSHisping Lin TeecOperation.params[0].value.a = key_id; 835a405238aSHisping Lin 836a405238aSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 837a405238aSHisping Lin TEEC_NONE, 838a405238aSHisping Lin TEEC_NONE, 839a405238aSHisping Lin TEEC_NONE); 840a405238aSHisping Lin 841a405238aSHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 842a405238aSHisping Lin STORAGE_CMD_SET_OEM_HR_OTP_READ_LOCK, 843a405238aSHisping Lin &TeecOperation, 844a405238aSHisping Lin &ErrorOrigin); 845a405238aSHisping Lin if (TeecResult != TEEC_SUCCESS) 846a405238aSHisping Lin goto exit; 847a405238aSHisping Lin 848a405238aSHisping Lin exit: 849a405238aSHisping Lin TEEC_CloseSession(&TeecSession); 850a405238aSHisping Lin TEEC_FinalizeContext(&TeecContext); 851a405238aSHisping Lin 852a405238aSHisping Lin return TeecResult; 853a405238aSHisping Lin } 854a405238aSHisping Lin 855*90e849a0Sxb.wang uint32_t trusty_oem_otp_key_cipher(enum RK_OEM_OTP_KEYID key_id, 856fc3694d6Sxb.wang rk_cipher_config *config, 857fc3694d6Sxb.wang uint8_t *src, uint8_t *dest, uint32_t len) 858fc3694d6Sxb.wang { 859fc3694d6Sxb.wang TEEC_Result TeecResult; 860fc3694d6Sxb.wang TEEC_Context TeecContext; 861fc3694d6Sxb.wang TEEC_Session TeecSession; 862fc3694d6Sxb.wang TEEC_Operation TeecOperation = {0}; 863fc3694d6Sxb.wang uint32_t ErrorOrigin; 864fc3694d6Sxb.wang TEEC_UUID uuid = RK_CRYPTO_SERVICE_UUID; 865fc3694d6Sxb.wang TEEC_SharedMemory SharedMem_config = {0}; 866fc3694d6Sxb.wang TEEC_SharedMemory SharedMem_inout = {0}; 867fc3694d6Sxb.wang 868*90e849a0Sxb.wang if (key_id >= RK_OEM_OTP_KEYMAX) 869fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 870fc3694d6Sxb.wang 871fc3694d6Sxb.wang if (!config || !src || !dest) 872fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 873fc3694d6Sxb.wang 874fc3694d6Sxb.wang if (config->algo != RK_ALGO_AES && config->algo != RK_ALGO_SM4) 875fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 876fc3694d6Sxb.wang 877fc3694d6Sxb.wang if (config->mode >= RK_CIPHER_MODE_XTS) 878fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 879fc3694d6Sxb.wang 880fc3694d6Sxb.wang if (config->operation != RK_MODE_ENCRYPT && 881fc3694d6Sxb.wang config->operation != RK_MODE_DECRYPT) 882fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 883fc3694d6Sxb.wang 884fc3694d6Sxb.wang if (config->key_len != 16 && 885fc3694d6Sxb.wang config->key_len != 24 && 886fc3694d6Sxb.wang config->key_len != 32) 887fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 888fc3694d6Sxb.wang 889fc3694d6Sxb.wang if (len % AES_BLOCK_SIZE || 890fc3694d6Sxb.wang len > RK_CRYPTO_MAX_DATA_LEN || 891fc3694d6Sxb.wang len == 0) 892fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 893fc3694d6Sxb.wang 894fc3694d6Sxb.wang TeecResult = OpteeClientApiLibInitialize(); 895fc3694d6Sxb.wang if (TeecResult != TEEC_SUCCESS) 896fc3694d6Sxb.wang return TeecResult; 897fc3694d6Sxb.wang 898fc3694d6Sxb.wang TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 899fc3694d6Sxb.wang if (TeecResult != TEEC_SUCCESS) 900fc3694d6Sxb.wang return TeecResult; 901fc3694d6Sxb.wang 902fc3694d6Sxb.wang TeecResult = TEEC_OpenSession(&TeecContext, 903fc3694d6Sxb.wang &TeecSession, 904fc3694d6Sxb.wang &uuid, 905fc3694d6Sxb.wang TEEC_LOGIN_PUBLIC, 906fc3694d6Sxb.wang NULL, 907fc3694d6Sxb.wang NULL, 908fc3694d6Sxb.wang &ErrorOrigin); 909fc3694d6Sxb.wang if (TeecResult != TEEC_SUCCESS) 910fc3694d6Sxb.wang goto exit; 911fc3694d6Sxb.wang 912fc3694d6Sxb.wang SharedMem_config.size = sizeof(rk_cipher_config); 913fc3694d6Sxb.wang TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem_config); 914fc3694d6Sxb.wang if (TeecResult != TEEC_SUCCESS) 915fc3694d6Sxb.wang goto exit; 916fc3694d6Sxb.wang 917fc3694d6Sxb.wang SharedMem_inout.size = len; 918fc3694d6Sxb.wang TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem_inout); 919fc3694d6Sxb.wang if (TeecResult != TEEC_SUCCESS) 920fc3694d6Sxb.wang goto exit; 921fc3694d6Sxb.wang 922fc3694d6Sxb.wang memcpy(SharedMem_config.buffer, config, sizeof(rk_cipher_config)); 923fc3694d6Sxb.wang memcpy(SharedMem_inout.buffer, src, len); 924fc3694d6Sxb.wang TeecOperation.params[0].value.a = key_id; 925fc3694d6Sxb.wang TeecOperation.params[1].tmpref.buffer = SharedMem_config.buffer; 926fc3694d6Sxb.wang TeecOperation.params[1].tmpref.size = SharedMem_config.size; 927fc3694d6Sxb.wang TeecOperation.params[2].tmpref.buffer = SharedMem_inout.buffer; 928fc3694d6Sxb.wang TeecOperation.params[2].tmpref.size = SharedMem_inout.size; 929fc3694d6Sxb.wang TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 930fc3694d6Sxb.wang TEEC_MEMREF_TEMP_INPUT, 931fc3694d6Sxb.wang TEEC_MEMREF_TEMP_INOUT, 932fc3694d6Sxb.wang TEEC_NONE); 933fc3694d6Sxb.wang TeecResult = TEEC_InvokeCommand(&TeecSession, 934*90e849a0Sxb.wang CRYPTO_SERVICE_CMD_OEM_OTP_KEY_CIPHER, 935fc3694d6Sxb.wang &TeecOperation, 936fc3694d6Sxb.wang &ErrorOrigin); 937fc3694d6Sxb.wang if (TeecResult != TEEC_SUCCESS) 938fc3694d6Sxb.wang goto exit; 939fc3694d6Sxb.wang 940fc3694d6Sxb.wang memcpy(dest, SharedMem_inout.buffer, SharedMem_inout.size); 941fc3694d6Sxb.wang 942fc3694d6Sxb.wang exit: 943fc3694d6Sxb.wang TEEC_ReleaseSharedMemory(&SharedMem_config); 944fc3694d6Sxb.wang TEEC_ReleaseSharedMemory(&SharedMem_inout); 945fc3694d6Sxb.wang TEEC_CloseSession(&TeecSession); 946fc3694d6Sxb.wang TEEC_FinalizeContext(&TeecContext); 947fc3694d6Sxb.wang return TeecResult; 948fc3694d6Sxb.wang } 949fc3694d6Sxb.wang 9504aa61755SAndy Ye uint32_t trusty_attest_dh(uint8_t *dh, uint32_t *dh_size) 9514aa61755SAndy Ye { 9524aa61755SAndy Ye TEEC_Result TeecResult; 9534aa61755SAndy Ye TEEC_Context TeecContext; 9544aa61755SAndy Ye TEEC_Session TeecSession; 9554aa61755SAndy Ye uint32_t ErrorOrigin; 9564aa61755SAndy Ye TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 9574aa61755SAndy Ye { 0xa8, 0x69, 0x9c, 0xe6, 9584aa61755SAndy Ye 0x88, 0x6c, 0x5d, 0x5d 9594aa61755SAndy Ye } 9604aa61755SAndy Ye }; 9614aa61755SAndy Ye TEEC_UUID *TeecUuid = &tempuuid; 9624aa61755SAndy Ye TEEC_Operation TeecOperation = {0}; 9633251364cSHisping Lin struct blk_desc *dev_desc; 9643251364cSHisping Lin dev_desc = rockchip_get_bootdev(); 9656651d4c0SJason Zhu if (!dev_desc) { 9666651d4c0SJason Zhu printf("%s: dev_desc is NULL!\n", __func__); 9676651d4c0SJason Zhu return -TEEC_ERROR_GENERIC; 9686651d4c0SJason Zhu } 9694aa61755SAndy Ye 970f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 971f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 972f4e1db95SHisping Lin return TeecResult; 9734aa61755SAndy Ye 9744aa61755SAndy Ye TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 975f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 976f4e1db95SHisping Lin return TeecResult; 9774aa61755SAndy Ye 9783251364cSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 9793251364cSHisping Lin TEEC_NONE, 9803251364cSHisping Lin TEEC_NONE, 9813251364cSHisping Lin TEEC_NONE); 9823251364cSHisping Lin /*0 nand or emmc "security" partition , 1 rpmb*/ 983b9a7e756SHisping Lin if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 984b9a7e756SHisping Lin TeecOperation.params[0].value.a = 1; 985b9a7e756SHisping Lin else 986b9a7e756SHisping Lin TeecOperation.params[0].value.a = 0; 987b9a7e756SHisping Lin 9883251364cSHisping Lin #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 9893251364cSHisping Lin TeecOperation.params[0].value.a = 0; 9903251364cSHisping Lin #endif 9913251364cSHisping Lin 9924aa61755SAndy Ye TeecResult = TEEC_OpenSession(&TeecContext, 9934aa61755SAndy Ye &TeecSession, 9944aa61755SAndy Ye TeecUuid, 9954aa61755SAndy Ye TEEC_LOGIN_PUBLIC, 9964aa61755SAndy Ye NULL, 9973251364cSHisping Lin &TeecOperation, 9984aa61755SAndy Ye &ErrorOrigin); 999f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1000f4e1db95SHisping Lin return TeecResult; 10014aa61755SAndy Ye 10024aa61755SAndy Ye TEEC_SharedMemory SharedMem0 = {0}; 10034aa61755SAndy Ye 10044aa61755SAndy Ye SharedMem0.size = *dh_size; 10054aa61755SAndy Ye SharedMem0.flags = 0; 10064aa61755SAndy Ye 10074aa61755SAndy Ye TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1008f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1009f4e1db95SHisping Lin goto exit; 10104aa61755SAndy Ye 10114aa61755SAndy Ye TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 10124aa61755SAndy Ye TeecOperation.params[0].tmpref.size = SharedMem0.size; 10134aa61755SAndy Ye 10144aa61755SAndy Ye TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 10154aa61755SAndy Ye TEEC_NONE, 10164aa61755SAndy Ye TEEC_NONE, 10174aa61755SAndy Ye TEEC_NONE); 10184aa61755SAndy Ye 10194aa61755SAndy Ye TeecResult = TEEC_InvokeCommand(&TeecSession, 10204aa61755SAndy Ye 143, 10214aa61755SAndy Ye &TeecOperation, 10224aa61755SAndy Ye &ErrorOrigin); 1023f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1024f4e1db95SHisping Lin goto exit; 10254aa61755SAndy Ye 10264aa61755SAndy Ye *dh_size = TeecOperation.params[0].tmpref.size; 10274aa61755SAndy Ye memcpy(dh, SharedMem0.buffer, SharedMem0.size); 1028f4e1db95SHisping Lin exit: 10294aa61755SAndy Ye TEEC_ReleaseSharedMemory(&SharedMem0); 10304aa61755SAndy Ye TEEC_CloseSession(&TeecSession); 1031f4e1db95SHisping Lin TEEC_FinalizeContext(&TeecContext); 10324aa61755SAndy Ye 10334aa61755SAndy Ye return TeecResult; 10344aa61755SAndy Ye } 10354aa61755SAndy Ye 10364aa61755SAndy Ye uint32_t trusty_attest_uuid(uint8_t *uuid, uint32_t *uuid_size) 10374aa61755SAndy Ye { 10384aa61755SAndy Ye TEEC_Result TeecResult; 10394aa61755SAndy Ye TEEC_Context TeecContext; 10404aa61755SAndy Ye TEEC_Session TeecSession; 10414aa61755SAndy Ye uint32_t ErrorOrigin; 10424aa61755SAndy Ye TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 10434aa61755SAndy Ye { 0xa8, 0x69, 0x9c, 0xe6, 10444aa61755SAndy Ye 0x88, 0x6c, 0x5d, 0x5d 10454aa61755SAndy Ye } 10464aa61755SAndy Ye }; 10474aa61755SAndy Ye TEEC_UUID *TeecUuid = &tempuuid; 10484aa61755SAndy Ye TEEC_Operation TeecOperation = {0}; 10493251364cSHisping Lin struct blk_desc *dev_desc; 10503251364cSHisping Lin dev_desc = rockchip_get_bootdev(); 10516651d4c0SJason Zhu if (!dev_desc) { 10526651d4c0SJason Zhu printf("%s: dev_desc is NULL!\n", __func__); 10536651d4c0SJason Zhu return -TEEC_ERROR_GENERIC; 10546651d4c0SJason Zhu } 10554aa61755SAndy Ye 1056f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 1057f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1058f4e1db95SHisping Lin return TeecResult; 10594aa61755SAndy Ye 10604aa61755SAndy Ye TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 1061f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1062f4e1db95SHisping Lin return TeecResult; 10634aa61755SAndy Ye 10643251364cSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 10653251364cSHisping Lin TEEC_NONE, 10663251364cSHisping Lin TEEC_NONE, 10673251364cSHisping Lin TEEC_NONE); 10683251364cSHisping Lin /*0 nand or emmc "security" partition , 1 rpmb*/ 1069b9a7e756SHisping Lin if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 1070b9a7e756SHisping Lin TeecOperation.params[0].value.a = 1; 1071b9a7e756SHisping Lin else 1072b9a7e756SHisping Lin TeecOperation.params[0].value.a = 0; 1073b9a7e756SHisping Lin 10743251364cSHisping Lin #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 10753251364cSHisping Lin TeecOperation.params[0].value.a = 0; 10763251364cSHisping Lin #endif 10773251364cSHisping Lin 10784aa61755SAndy Ye TeecResult = TEEC_OpenSession(&TeecContext, 10794aa61755SAndy Ye &TeecSession, 10804aa61755SAndy Ye TeecUuid, 10814aa61755SAndy Ye TEEC_LOGIN_PUBLIC, 10824aa61755SAndy Ye NULL, 10833251364cSHisping Lin &TeecOperation, 10844aa61755SAndy Ye &ErrorOrigin); 1085f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1086f4e1db95SHisping Lin return TeecResult; 10874aa61755SAndy Ye 10884aa61755SAndy Ye TEEC_SharedMemory SharedMem0 = {0}; 10894aa61755SAndy Ye 10904aa61755SAndy Ye SharedMem0.size = *uuid_size; 10914aa61755SAndy Ye SharedMem0.flags = 0; 10924aa61755SAndy Ye 10934aa61755SAndy Ye TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1094f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1095f4e1db95SHisping Lin goto exit; 10964aa61755SAndy Ye 10974aa61755SAndy Ye TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 10984aa61755SAndy Ye TeecOperation.params[0].tmpref.size = SharedMem0.size; 10994aa61755SAndy Ye 11004aa61755SAndy Ye TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 11014aa61755SAndy Ye TEEC_NONE, 11024aa61755SAndy Ye TEEC_NONE, 11034aa61755SAndy Ye TEEC_NONE); 11044aa61755SAndy Ye 11054aa61755SAndy Ye TeecResult = TEEC_InvokeCommand(&TeecSession, 11064aa61755SAndy Ye 144, 11074aa61755SAndy Ye &TeecOperation, 11084aa61755SAndy Ye &ErrorOrigin); 1109f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1110f4e1db95SHisping Lin goto exit; 11114aa61755SAndy Ye 11124aa61755SAndy Ye *uuid_size = TeecOperation.params[0].tmpref.size; 11134aa61755SAndy Ye memcpy(uuid, SharedMem0.buffer, SharedMem0.size); 1114f4e1db95SHisping Lin exit: 11154aa61755SAndy Ye TEEC_ReleaseSharedMemory(&SharedMem0); 11164aa61755SAndy Ye TEEC_CloseSession(&TeecSession); 1117f4e1db95SHisping Lin TEEC_FinalizeContext(&TeecContext); 11184aa61755SAndy Ye 11194aa61755SAndy Ye return TeecResult; 11204aa61755SAndy Ye } 11214aa61755SAndy Ye 11224aa61755SAndy Ye uint32_t trusty_attest_get_ca(uint8_t *operation_start, 11234aa61755SAndy Ye uint32_t *operation_size, 11244aa61755SAndy Ye uint8_t *out, 11254aa61755SAndy Ye uint32_t *out_len) 11264aa61755SAndy Ye { 11274aa61755SAndy Ye TEEC_Result TeecResult; 11284aa61755SAndy Ye TEEC_Context TeecContext; 11294aa61755SAndy Ye TEEC_Session TeecSession; 11304aa61755SAndy Ye uint32_t ErrorOrigin; 11314aa61755SAndy Ye 11324aa61755SAndy Ye TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 11334aa61755SAndy Ye { 0xa8, 0x69, 0x9c, 0xe6, 11344aa61755SAndy Ye 0x88, 0x6c, 0x5d, 0x5d 11354aa61755SAndy Ye } 11364aa61755SAndy Ye }; 11374aa61755SAndy Ye 11384aa61755SAndy Ye TEEC_UUID *TeecUuid = &tempuuid; 11394aa61755SAndy Ye TEEC_Operation TeecOperation = {0}; 11403251364cSHisping Lin struct blk_desc *dev_desc; 11413251364cSHisping Lin dev_desc = rockchip_get_bootdev(); 11426651d4c0SJason Zhu if (!dev_desc) { 11436651d4c0SJason Zhu printf("%s: dev_desc is NULL!\n", __func__); 11446651d4c0SJason Zhu return -TEEC_ERROR_GENERIC; 11456651d4c0SJason Zhu } 11464aa61755SAndy Ye 1147f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 1148f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1149f4e1db95SHisping Lin return TeecResult; 11504aa61755SAndy Ye 11514aa61755SAndy Ye TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 1152f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1153f4e1db95SHisping Lin return TeecResult; 11544aa61755SAndy Ye 11553251364cSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 11563251364cSHisping Lin TEEC_NONE, 11573251364cSHisping Lin TEEC_NONE, 11583251364cSHisping Lin TEEC_NONE); 11593251364cSHisping Lin /*0 nand or emmc "security" partition , 1 rpmb*/ 1160b9a7e756SHisping Lin if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 1161b9a7e756SHisping Lin TeecOperation.params[0].value.a = 1; 1162b9a7e756SHisping Lin else 1163b9a7e756SHisping Lin TeecOperation.params[0].value.a = 0; 1164b9a7e756SHisping Lin 11653251364cSHisping Lin #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 11663251364cSHisping Lin TeecOperation.params[0].value.a = 0; 11673251364cSHisping Lin #endif 11683251364cSHisping Lin 11694aa61755SAndy Ye TeecResult = TEEC_OpenSession(&TeecContext, 11704aa61755SAndy Ye &TeecSession, 11714aa61755SAndy Ye TeecUuid, 11724aa61755SAndy Ye TEEC_LOGIN_PUBLIC, 11734aa61755SAndy Ye NULL, 11743251364cSHisping Lin &TeecOperation, 11754aa61755SAndy Ye &ErrorOrigin); 1176f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1177f4e1db95SHisping Lin return TeecResult; 11784aa61755SAndy Ye 11794aa61755SAndy Ye TEEC_SharedMemory SharedMem0 = {0}; 11804aa61755SAndy Ye 11814aa61755SAndy Ye SharedMem0.size = *operation_size; 11824aa61755SAndy Ye SharedMem0.flags = 0; 11834aa61755SAndy Ye 11844aa61755SAndy Ye TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1185f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1186f4e1db95SHisping Lin goto exit; 11874aa61755SAndy Ye 11884aa61755SAndy Ye memcpy(SharedMem0.buffer, operation_start, SharedMem0.size); 11894aa61755SAndy Ye 11904aa61755SAndy Ye TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 11914aa61755SAndy Ye TeecOperation.params[0].tmpref.size = SharedMem0.size; 11924aa61755SAndy Ye 11934aa61755SAndy Ye TEEC_SharedMemory SharedMem1 = {0}; 11944aa61755SAndy Ye 11954aa61755SAndy Ye SharedMem1.size = *out_len; 11964aa61755SAndy Ye SharedMem1.flags = 0; 11974aa61755SAndy Ye 11984aa61755SAndy Ye TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem1); 1199f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1200f4e1db95SHisping Lin goto exit; 12014aa61755SAndy Ye 12024aa61755SAndy Ye TeecOperation.params[1].tmpref.buffer = SharedMem1.buffer; 12034aa61755SAndy Ye TeecOperation.params[1].tmpref.size = SharedMem1.size; 12044aa61755SAndy Ye 12054aa61755SAndy Ye TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 12064aa61755SAndy Ye TEEC_MEMREF_TEMP_INOUT, 12074aa61755SAndy Ye TEEC_NONE, 12084aa61755SAndy Ye TEEC_NONE); 12094aa61755SAndy Ye 12104aa61755SAndy Ye TeecResult = TEEC_InvokeCommand(&TeecSession, 12114aa61755SAndy Ye 145, 12124aa61755SAndy Ye &TeecOperation, 12134aa61755SAndy Ye &ErrorOrigin); 1214f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1215f4e1db95SHisping Lin goto exit; 12164aa61755SAndy Ye 12174aa61755SAndy Ye *out_len = TeecOperation.params[1].tmpref.size; 12184aa61755SAndy Ye memcpy(out, SharedMem1.buffer, SharedMem1.size); 1219f4e1db95SHisping Lin exit: 12204aa61755SAndy Ye TEEC_ReleaseSharedMemory(&SharedMem0); 12214aa61755SAndy Ye TEEC_ReleaseSharedMemory(&SharedMem1); 1222f4e1db95SHisping Lin TEEC_CloseSession(&TeecSession); 1223f4e1db95SHisping Lin TEEC_FinalizeContext(&TeecContext); 12244aa61755SAndy Ye 12254aa61755SAndy Ye return TeecResult; 12264aa61755SAndy Ye } 12274aa61755SAndy Ye 12284aa61755SAndy Ye uint32_t trusty_attest_set_ca(uint8_t *ca_response, uint32_t *ca_response_size) 12294aa61755SAndy Ye { 12304aa61755SAndy Ye TEEC_Result TeecResult; 12314aa61755SAndy Ye TEEC_Context TeecContext; 12324aa61755SAndy Ye TEEC_Session TeecSession; 12334aa61755SAndy Ye uint32_t ErrorOrigin; 12344aa61755SAndy Ye TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 12354aa61755SAndy Ye { 0xa8, 0x69, 0x9c, 0xe6, 12364aa61755SAndy Ye 0x88, 0x6c, 0x5d, 0x5d 12374aa61755SAndy Ye } 12384aa61755SAndy Ye }; 12394aa61755SAndy Ye TEEC_UUID *TeecUuid = &tempuuid; 12404aa61755SAndy Ye TEEC_Operation TeecOperation = {0}; 12413251364cSHisping Lin struct blk_desc *dev_desc; 12423251364cSHisping Lin dev_desc = rockchip_get_bootdev(); 12436651d4c0SJason Zhu if (!dev_desc) { 12446651d4c0SJason Zhu printf("%s: dev_desc is NULL!\n", __func__); 12456651d4c0SJason Zhu return -TEEC_ERROR_GENERIC; 12466651d4c0SJason Zhu } 1247f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 1248f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1249f4e1db95SHisping Lin return TeecResult; 12504aa61755SAndy Ye 12514aa61755SAndy Ye TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 1252f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1253f4e1db95SHisping Lin return TeecResult; 12544aa61755SAndy Ye 12553251364cSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 12563251364cSHisping Lin TEEC_NONE, 12573251364cSHisping Lin TEEC_NONE, 12583251364cSHisping Lin TEEC_NONE); 12593251364cSHisping Lin /*0 nand or emmc "security" partition , 1 rpmb*/ 1260b9a7e756SHisping Lin if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 1261b9a7e756SHisping Lin TeecOperation.params[0].value.a = 1; 1262b9a7e756SHisping Lin else 1263b9a7e756SHisping Lin TeecOperation.params[0].value.a = 0; 1264b9a7e756SHisping Lin 12653251364cSHisping Lin #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 12663251364cSHisping Lin TeecOperation.params[0].value.a = 0; 12673251364cSHisping Lin #endif 12683251364cSHisping Lin 12694aa61755SAndy Ye TeecResult = TEEC_OpenSession(&TeecContext, 12704aa61755SAndy Ye &TeecSession, 12714aa61755SAndy Ye TeecUuid, 12724aa61755SAndy Ye TEEC_LOGIN_PUBLIC, 12734aa61755SAndy Ye NULL, 12743251364cSHisping Lin &TeecOperation, 12754aa61755SAndy Ye &ErrorOrigin); 1276f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1277f4e1db95SHisping Lin return TeecResult; 12784aa61755SAndy Ye 12794aa61755SAndy Ye TEEC_SharedMemory SharedMem0 = {0}; 12804aa61755SAndy Ye 12814aa61755SAndy Ye SharedMem0.size = *ca_response_size; 12824aa61755SAndy Ye SharedMem0.flags = 0; 12834aa61755SAndy Ye 12844aa61755SAndy Ye TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1285f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1286f4e1db95SHisping Lin goto exit; 12874aa61755SAndy Ye 12884aa61755SAndy Ye memcpy(SharedMem0.buffer, ca_response, SharedMem0.size); 12894aa61755SAndy Ye 12904aa61755SAndy Ye TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 12914aa61755SAndy Ye TeecOperation.params[0].tmpref.size = SharedMem0.size; 12924aa61755SAndy Ye 12934aa61755SAndy Ye TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 12944aa61755SAndy Ye TEEC_NONE, 12954aa61755SAndy Ye TEEC_NONE, 12964aa61755SAndy Ye TEEC_NONE); 12974aa61755SAndy Ye 12984aa61755SAndy Ye TeecResult = TEEC_InvokeCommand(&TeecSession, 12994aa61755SAndy Ye 146, 13004aa61755SAndy Ye &TeecOperation, 13014aa61755SAndy Ye &ErrorOrigin); 1302f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1303f4e1db95SHisping Lin goto exit; 1304f4e1db95SHisping Lin exit: 13054aa61755SAndy Ye TEEC_ReleaseSharedMemory(&SharedMem0); 13064aa61755SAndy Ye TEEC_CloseSession(&TeecSession); 1307f4e1db95SHisping Lin TEEC_FinalizeContext(&TeecContext); 13084aa61755SAndy Ye 13094aa61755SAndy Ye return TeecResult; 13104aa61755SAndy Ye } 1311