1ae8ec5e1SHisping Lin /* 2ae8ec5e1SHisping Lin * Copyright 2017, Rockchip Electronics Co., Ltd 3ae8ec5e1SHisping Lin * hisping lin, <hisping.lin@rock-chips.com> 4ae8ec5e1SHisping Lin * 5ae8ec5e1SHisping Lin * SPDX-License-Identifier: GPL-2.0+ 6ae8ec5e1SHisping Lin */ 7ae8ec5e1SHisping Lin 8ae8ec5e1SHisping Lin #include <common.h> 9bb1ba6acSHisping Lin #include <optee_include/OpteeClientInterface.h> 10ae8ec5e1SHisping Lin #include <optee_include/OpteeClientApiLib.h> 11ae8ec5e1SHisping Lin #include <optee_include/tee_client_api.h> 1278ef5fbdSqiujian #include <optee_include/tee_api_defines.h> 133251364cSHisping Lin #include <boot_rkimg.h> 14a7df4868Stony.xu #include <stdlib.h> 151e8c0e44STony Xu #include <attestation_key.h> 16a7df4868Stony.xu 17a7df4868Stony.xu #define BOOT_FROM_EMMC (1 << 1) 18c7de5349SHisping Lin #define STORAGE_CMD_READ_ATTRIBUTE_HASH 0 19c7de5349SHisping Lin #define STORAGE_CMD_WRITE_ATTRIBUTE_HASH 1 20c7de5349SHisping Lin #define STORAGE_CMD_UBOOT_END_OTP 2 21c7de5349SHisping Lin #define STORAGE_CMD_READ_VBOOTKEY_HASH 3 22c7de5349SHisping Lin #define STORAGE_CMD_WRITE_VBOOTKEY_HASH 4 23c7de5349SHisping Lin #define STORAGE_CMD_READ_ENABLE_FLAG 5 241ef63c75SHisping Lin #define STORAGE_CMD_WRITE_TA_ENCRYPTION_KEY 9 25fbf29bfbSHisping Lin #define STORAGE_CMD_CHECK_SECURITY_LEVEL_FLAG 10 26f39d4289SHisping Lin #define STORAGE_CMD_WRITE_OEM_HUK 11 27d5913350SHisping Lin #define STORAGE_CMD_WRITE_OEM_NS_OTP 12 28d5913350SHisping Lin #define STORAGE_CMD_READ_OEM_NS_OTP 13 2990e849a0Sxb.wang #define STORAGE_CMD_WRITE_OEM_OTP_KEY 14 30a405238aSHisping Lin #define STORAGE_CMD_SET_OEM_HR_OTP_READ_LOCK 15 31*9deb34f6SHisping Lin #define STORAGE_CMD_OEM_OTP_KEY_IS_WRITTEN 16 32ae8ec5e1SHisping Lin 332f8c34bdSxb.wang #define CRYPTO_SERVICE_CMD_OEM_OTP_KEY_PHYS_CIPHER 0x00000002 34fc3694d6Sxb.wang 35fc3694d6Sxb.wang #define RK_CRYPTO_SERVICE_UUID { 0x0cacdb5d, 0x4fea, 0x466c, \ 36fc3694d6Sxb.wang { 0x97, 0x16, 0x3d, 0x54, 0x16, 0x52, 0x83, 0x0f } } 37fc3694d6Sxb.wang 38ae8ec5e1SHisping Lin static uint8_t b2hs_add_base(uint8_t in) 39ae8ec5e1SHisping Lin { 40ae8ec5e1SHisping Lin if (in > 9) 41ae8ec5e1SHisping Lin return in + 55; 42ae8ec5e1SHisping Lin else 43ae8ec5e1SHisping Lin return in + 48; 44ae8ec5e1SHisping Lin } 45ae8ec5e1SHisping Lin 46c7de5349SHisping Lin static uint32_t b2hs(uint8_t *b, uint8_t *hs, uint32_t blen, uint32_t hslen) 47ae8ec5e1SHisping Lin { 48ae8ec5e1SHisping Lin uint32_t i = 0; 49ae8ec5e1SHisping Lin 50ae8ec5e1SHisping Lin if (blen * 2 + 1 > hslen) 51ae8ec5e1SHisping Lin return 0; 52ae8ec5e1SHisping Lin 53ae8ec5e1SHisping Lin for (; i < blen; i++) { 54ae8ec5e1SHisping Lin hs[i * 2 + 1] = b2hs_add_base(b[i] & 0xf); 55ae8ec5e1SHisping Lin hs[i * 2] = b2hs_add_base(b[i] >> 4); 56ae8ec5e1SHisping Lin } 57ae8ec5e1SHisping Lin hs[blen * 2] = 0; 58ae8ec5e1SHisping Lin 59ae8ec5e1SHisping Lin return blen * 2; 60ae8ec5e1SHisping Lin } 61ae8ec5e1SHisping Lin 622f8c34bdSxb.wang static void crypto_flush_cacheline(uint32_t addr, uint32_t size) 632f8c34bdSxb.wang { 642f8c34bdSxb.wang ulong alignment = CONFIG_SYS_CACHELINE_SIZE; 652f8c34bdSxb.wang ulong aligned_input, aligned_len; 662f8c34bdSxb.wang 672f8c34bdSxb.wang if (!addr || !size) 682f8c34bdSxb.wang return; 692f8c34bdSxb.wang 702f8c34bdSxb.wang /* Must flush dcache before crypto DMA fetch data region */ 712f8c34bdSxb.wang aligned_input = round_down(addr, alignment); 722f8c34bdSxb.wang aligned_len = round_up(size + (addr - aligned_input), alignment); 732f8c34bdSxb.wang flush_cache(aligned_input, aligned_len); 742f8c34bdSxb.wang } 752f8c34bdSxb.wang 76c7de5349SHisping Lin static uint32_t trusty_base_write_security_data(char *filename, 77c7de5349SHisping Lin uint32_t filename_size, 78c7de5349SHisping Lin uint8_t *data, 79c7de5349SHisping Lin uint32_t data_size) 80ae8ec5e1SHisping Lin { 81ae8ec5e1SHisping Lin TEEC_Result TeecResult; 82ae8ec5e1SHisping Lin TEEC_Context TeecContext; 83ae8ec5e1SHisping Lin TEEC_Session TeecSession; 84ae8ec5e1SHisping Lin uint32_t ErrorOrigin; 85ae8ec5e1SHisping Lin TEEC_UUID tempuuid = { 0x1b484ea5, 0x698b, 0x4142, 86ae8ec5e1SHisping Lin { 0x82, 0xb8, 0x3a, 0xcf, 0x16, 0xe9, 0x9e, 0x2a } }; 87ae8ec5e1SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 88ae8ec5e1SHisping Lin TEEC_Operation TeecOperation = {0}; 893251364cSHisping Lin struct blk_desc *dev_desc; 903251364cSHisping Lin dev_desc = rockchip_get_bootdev(); 916651d4c0SJason Zhu if (!dev_desc) { 926651d4c0SJason Zhu printf("%s: dev_desc is NULL!\n", __func__); 936651d4c0SJason Zhu return -TEEC_ERROR_GENERIC; 946651d4c0SJason Zhu } 953251364cSHisping Lin 96f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 97f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 98f4e1db95SHisping Lin return TeecResult; 99ae8ec5e1SHisping Lin 100ae8ec5e1SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 101f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 102f4e1db95SHisping Lin return TeecResult; 103ae8ec5e1SHisping Lin 1043251364cSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 1053251364cSHisping Lin TEEC_NONE, 1063251364cSHisping Lin TEEC_NONE, 1073251364cSHisping Lin TEEC_NONE); 1083251364cSHisping Lin /*0 nand or emmc "security" partition , 1 rpmb*/ 109b9a7e756SHisping Lin if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 110b9a7e756SHisping Lin TeecOperation.params[0].value.a = 1; 111b9a7e756SHisping Lin else 112b9a7e756SHisping Lin TeecOperation.params[0].value.a = 0; 1133251364cSHisping Lin #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 1143251364cSHisping Lin TeecOperation.params[0].value.a = 0; 1153251364cSHisping Lin #endif 1163251364cSHisping Lin 117ae8ec5e1SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 118ae8ec5e1SHisping Lin &TeecSession, 119ae8ec5e1SHisping Lin TeecUuid, 120ae8ec5e1SHisping Lin TEEC_LOGIN_PUBLIC, 121ae8ec5e1SHisping Lin NULL, 1223251364cSHisping Lin &TeecOperation, 123ae8ec5e1SHisping Lin &ErrorOrigin); 124f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 125f4e1db95SHisping Lin return TeecResult; 126ae8ec5e1SHisping Lin 127ae8ec5e1SHisping Lin TEEC_SharedMemory SharedMem0 = {0}; 128ae8ec5e1SHisping Lin 129c7de5349SHisping Lin SharedMem0.size = filename_size; 130ae8ec5e1SHisping Lin SharedMem0.flags = 0; 131ae8ec5e1SHisping Lin 132ae8ec5e1SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 133f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 134f4e1db95SHisping Lin goto exit; 135ae8ec5e1SHisping Lin 136c7de5349SHisping Lin memcpy(SharedMem0.buffer, filename, SharedMem0.size); 137ae8ec5e1SHisping Lin 138ae8ec5e1SHisping Lin TEEC_SharedMemory SharedMem1 = {0}; 139ae8ec5e1SHisping Lin 140c7de5349SHisping Lin SharedMem1.size = data_size; 141c7de5349SHisping Lin SharedMem1.flags = 0; 142c7de5349SHisping Lin 143c7de5349SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem1); 144c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 145c7de5349SHisping Lin goto exit; 146c7de5349SHisping Lin 147c7de5349SHisping Lin memcpy(SharedMem1.buffer, data, SharedMem1.size); 148c7de5349SHisping Lin 149c7de5349SHisping Lin TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 150c7de5349SHisping Lin TeecOperation.params[0].tmpref.size = SharedMem0.size; 151c7de5349SHisping Lin 152c7de5349SHisping Lin TeecOperation.params[1].tmpref.buffer = SharedMem1.buffer; 153c7de5349SHisping Lin TeecOperation.params[1].tmpref.size = SharedMem1.size; 154c7de5349SHisping Lin 155c7de5349SHisping Lin 156c7de5349SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT, 157c7de5349SHisping Lin TEEC_MEMREF_TEMP_INOUT, 158c7de5349SHisping Lin TEEC_NONE, 159c7de5349SHisping Lin TEEC_NONE); 160c7de5349SHisping Lin 161c7de5349SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 162c7de5349SHisping Lin 1, 163c7de5349SHisping Lin &TeecOperation, 164c7de5349SHisping Lin &ErrorOrigin); 165c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 166c7de5349SHisping Lin goto exit; 167c7de5349SHisping Lin exit: 168c7de5349SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem0); 169c7de5349SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem1); 170c7de5349SHisping Lin TEEC_CloseSession(&TeecSession); 171c7de5349SHisping Lin TEEC_FinalizeContext(&TeecContext); 172c7de5349SHisping Lin 173c7de5349SHisping Lin return TeecResult; 174c7de5349SHisping Lin } 175c7de5349SHisping Lin 176c7de5349SHisping Lin static uint32_t trusty_base_read_security_data(char *filename, 177c7de5349SHisping Lin uint32_t filename_size, 178c7de5349SHisping Lin uint8_t *data, 179c7de5349SHisping Lin uint32_t data_size) 180c7de5349SHisping Lin { 181c7de5349SHisping Lin TEEC_Result TeecResult; 182c7de5349SHisping Lin TEEC_Context TeecContext; 183c7de5349SHisping Lin TEEC_Session TeecSession; 184c7de5349SHisping Lin uint32_t ErrorOrigin; 185c7de5349SHisping Lin TEEC_UUID tempuuid = { 0x1b484ea5, 0x698b, 0x4142, 186c7de5349SHisping Lin { 0x82, 0xb8, 0x3a, 0xcf, 0x16, 0xe9, 0x9e, 0x2a } }; 187c7de5349SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 188c7de5349SHisping Lin TEEC_Operation TeecOperation = {0}; 189c7de5349SHisping Lin 190c7de5349SHisping Lin struct blk_desc *dev_desc; 191c7de5349SHisping Lin dev_desc = rockchip_get_bootdev(); 192c7de5349SHisping Lin if (!dev_desc) { 193c7de5349SHisping Lin printf("%s: dev_desc is NULL!\n", __func__); 194c7de5349SHisping Lin return -TEEC_ERROR_GENERIC; 195c7de5349SHisping Lin } 196c7de5349SHisping Lin 197c7de5349SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 198c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 199c7de5349SHisping Lin return TeecResult; 200c7de5349SHisping Lin 201c7de5349SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 202c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 203c7de5349SHisping Lin return TeecResult; 204c7de5349SHisping Lin 205c7de5349SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 206c7de5349SHisping Lin TEEC_NONE, 207c7de5349SHisping Lin TEEC_NONE, 208c7de5349SHisping Lin TEEC_NONE); 209c7de5349SHisping Lin /*0 nand or emmc "security" partition , 1 rpmb*/ 210c7de5349SHisping Lin if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 211c7de5349SHisping Lin TeecOperation.params[0].value.a = 1; 212c7de5349SHisping Lin else 213c7de5349SHisping Lin TeecOperation.params[0].value.a = 0; 214c7de5349SHisping Lin #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 215c7de5349SHisping Lin TeecOperation.params[0].value.a = 0; 216c7de5349SHisping Lin #endif 217c7de5349SHisping Lin 218c7de5349SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 219c7de5349SHisping Lin &TeecSession, 220c7de5349SHisping Lin TeecUuid, 221c7de5349SHisping Lin TEEC_LOGIN_PUBLIC, 222c7de5349SHisping Lin NULL, 223c7de5349SHisping Lin &TeecOperation, 224c7de5349SHisping Lin &ErrorOrigin); 225c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 226c7de5349SHisping Lin return TeecResult; 227c7de5349SHisping Lin 228c7de5349SHisping Lin TEEC_SharedMemory SharedMem0 = {0}; 229c7de5349SHisping Lin 230c7de5349SHisping Lin SharedMem0.size = filename_size; 231c7de5349SHisping Lin SharedMem0.flags = 0; 232c7de5349SHisping Lin 233c7de5349SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 234c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 235c7de5349SHisping Lin goto exit; 236c7de5349SHisping Lin 237c7de5349SHisping Lin memcpy(SharedMem0.buffer, filename, SharedMem0.size); 238c7de5349SHisping Lin 239c7de5349SHisping Lin TEEC_SharedMemory SharedMem1 = {0}; 240c7de5349SHisping Lin 241c7de5349SHisping Lin SharedMem1.size = data_size; 242ae8ec5e1SHisping Lin SharedMem1.flags = 0; 243ae8ec5e1SHisping Lin 244ae8ec5e1SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem1); 245f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 246f4e1db95SHisping Lin goto exit; 247ae8ec5e1SHisping Lin 248ae8ec5e1SHisping Lin TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 249ae8ec5e1SHisping Lin TeecOperation.params[0].tmpref.size = SharedMem0.size; 250ae8ec5e1SHisping Lin 251ae8ec5e1SHisping Lin TeecOperation.params[1].tmpref.buffer = SharedMem1.buffer; 252ae8ec5e1SHisping Lin TeecOperation.params[1].tmpref.size = SharedMem1.size; 253ae8ec5e1SHisping Lin 254ae8ec5e1SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT, 255ae8ec5e1SHisping Lin TEEC_MEMREF_TEMP_INOUT, 256ae8ec5e1SHisping Lin TEEC_NONE, 257ae8ec5e1SHisping Lin TEEC_NONE); 258ae8ec5e1SHisping Lin 259ae8ec5e1SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 260ae8ec5e1SHisping Lin 0, 261ae8ec5e1SHisping Lin &TeecOperation, 262ae8ec5e1SHisping Lin &ErrorOrigin); 26346b2a054SHisping Lin if (TeecResult == TEEC_SUCCESS) 264c7de5349SHisping Lin memcpy(data, SharedMem1.buffer, SharedMem1.size); 265f4e1db95SHisping Lin exit: 266ae8ec5e1SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem0); 267ae8ec5e1SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem1); 268ae8ec5e1SHisping Lin TEEC_CloseSession(&TeecSession); 26946b2a054SHisping Lin TEEC_FinalizeContext(&TeecContext); 270ae8ec5e1SHisping Lin 271ae8ec5e1SHisping Lin return TeecResult; 272ae8ec5e1SHisping Lin } 273ae8ec5e1SHisping Lin 274c7de5349SHisping Lin static uint32_t trusty_base_end_security_data(void) 275c7de5349SHisping Lin { 276c7de5349SHisping Lin TEEC_Result TeecResult; 277c7de5349SHisping Lin TEEC_Context TeecContext; 278c7de5349SHisping Lin TEEC_Session TeecSession; 279c7de5349SHisping Lin uint32_t ErrorOrigin; 280c7de5349SHisping Lin TEEC_UUID tempuuid = { 0x1b484ea5, 0x698b, 0x4142, 281c7de5349SHisping Lin { 0x82, 0xb8, 0x3a, 0xcf, 0x16, 0xe9, 0x9e, 0x2a } }; 282c7de5349SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 283c7de5349SHisping Lin TEEC_Operation TeecOperation = {0}; 284c7de5349SHisping Lin 285c7de5349SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 286c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 287c7de5349SHisping Lin return TeecResult; 288c7de5349SHisping Lin 289c7de5349SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 290c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 291c7de5349SHisping Lin return TeecResult; 292c7de5349SHisping Lin 293c7de5349SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 294c7de5349SHisping Lin &TeecSession, 295c7de5349SHisping Lin TeecUuid, 296c7de5349SHisping Lin TEEC_LOGIN_PUBLIC, 297c7de5349SHisping Lin NULL, 298c7de5349SHisping Lin NULL, 299c7de5349SHisping Lin &ErrorOrigin); 300c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 301c7de5349SHisping Lin return TeecResult; 302c7de5349SHisping Lin 303c7de5349SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_NONE, 304c7de5349SHisping Lin TEEC_NONE, 305c7de5349SHisping Lin TEEC_NONE, 306c7de5349SHisping Lin TEEC_NONE); 307c7de5349SHisping Lin 308c7de5349SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 309c7de5349SHisping Lin 2, 310c7de5349SHisping Lin &TeecOperation, 311c7de5349SHisping Lin &ErrorOrigin); 312c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 313c7de5349SHisping Lin goto exit; 314c7de5349SHisping Lin exit: 315c7de5349SHisping Lin TEEC_CloseSession(&TeecSession); 316c7de5349SHisping Lin TEEC_FinalizeContext(&TeecContext); 317c7de5349SHisping Lin 318c7de5349SHisping Lin return TeecResult; 319c7de5349SHisping Lin } 320c7de5349SHisping Lin 321c7de5349SHisping Lin uint32_t trusty_read_rollback_index(uint32_t slot, uint64_t *value) 322c7de5349SHisping Lin { 323c7de5349SHisping Lin char hs[9]; 324c7de5349SHisping Lin 325c7de5349SHisping Lin b2hs((uint8_t *)&slot, (uint8_t *)hs, 4, 9); 326c7de5349SHisping Lin 327c7de5349SHisping Lin return trusty_base_read_security_data(hs, 8, (uint8_t *)value, 8); 328c7de5349SHisping Lin } 329c7de5349SHisping Lin 330ae8ec5e1SHisping Lin uint32_t trusty_write_rollback_index(uint32_t slot, uint64_t value) 331ae8ec5e1SHisping Lin { 332c7de5349SHisping Lin char hs[9]; 3333251364cSHisping Lin 334c7de5349SHisping Lin b2hs((uint8_t *)&slot, (uint8_t *)hs, 4, 9); 335ae8ec5e1SHisping Lin 336c7de5349SHisping Lin return trusty_base_write_security_data(hs, 8, (uint8_t *)&value, 8); 337ae8ec5e1SHisping Lin } 338ae8ec5e1SHisping Lin 339ae8ec5e1SHisping Lin uint32_t trusty_read_permanent_attributes(uint8_t *attributes, uint32_t size) 340ae8ec5e1SHisping Lin { 341c7de5349SHisping Lin return trusty_base_read_security_data("attributes", 342c7de5349SHisping Lin sizeof("attributes"), attributes, size); 343ae8ec5e1SHisping Lin } 344ae8ec5e1SHisping Lin 345ae8ec5e1SHisping Lin uint32_t trusty_write_permanent_attributes(uint8_t *attributes, uint32_t size) 346ae8ec5e1SHisping Lin { 347c7de5349SHisping Lin return trusty_base_write_security_data("attributes", 348c7de5349SHisping Lin sizeof("attributes"), attributes, size); 3496651d4c0SJason Zhu } 350ae8ec5e1SHisping Lin 351c7de5349SHisping Lin uint32_t trusty_read_permanent_attributes_flag(uint8_t *attributes) 352c7de5349SHisping Lin { 353c7de5349SHisping Lin return trusty_base_read_security_data("attributes_flag", 354c7de5349SHisping Lin sizeof("attributes_flag"), attributes, 1); 355c7de5349SHisping Lin } 356ae8ec5e1SHisping Lin 357c7de5349SHisping Lin uint32_t trusty_write_permanent_attributes_flag(uint8_t attributes) 358c7de5349SHisping Lin { 359c7de5349SHisping Lin return trusty_base_write_security_data("attributes_flag", 360c7de5349SHisping Lin sizeof("attributes_flag"), &attributes, 1); 361ae8ec5e1SHisping Lin } 362ae8ec5e1SHisping Lin 363564654ebSJason Zhu uint32_t trusty_read_permanent_attributes_cer(uint8_t *attributes, 364564654ebSJason Zhu uint32_t size) 365564654ebSJason Zhu { 366c7de5349SHisping Lin return trusty_base_read_security_data("rsacer", 367c7de5349SHisping Lin sizeof("rsacer"), attributes, size); 368564654ebSJason Zhu } 369564654ebSJason Zhu 370564654ebSJason Zhu uint32_t trusty_write_permanent_attributes_cer(uint8_t *attributes, 371564654ebSJason Zhu uint32_t size) 372564654ebSJason Zhu { 373c7de5349SHisping Lin return trusty_base_write_security_data("rsacer", 374c7de5349SHisping Lin sizeof("rsacer"), attributes, size); 375564654ebSJason Zhu } 376564654ebSJason Zhu 377ae8ec5e1SHisping Lin uint32_t trusty_read_lock_state(uint8_t *lock_state) 378ae8ec5e1SHisping Lin { 379c7de5349SHisping Lin return trusty_base_read_security_data("lock_state", 380c7de5349SHisping Lin sizeof("lock_state"), lock_state, 1); 381ae8ec5e1SHisping Lin } 382ae8ec5e1SHisping Lin 383ae8ec5e1SHisping Lin uint32_t trusty_write_lock_state(uint8_t lock_state) 384ae8ec5e1SHisping Lin { 385c7de5349SHisping Lin return trusty_base_write_security_data("lock_state", 386c7de5349SHisping Lin sizeof("lock_state"), &lock_state, 1); 387ae8ec5e1SHisping Lin } 388ae8ec5e1SHisping Lin 389ae8ec5e1SHisping Lin uint32_t trusty_read_flash_lock_state(uint8_t *flash_lock_state) 390ae8ec5e1SHisping Lin { 391c7de5349SHisping Lin return trusty_base_read_security_data("flash_lock_state", 392c7de5349SHisping Lin sizeof("flash_lock_state"), flash_lock_state, 1); 393c7de5349SHisping Lin } 394c7de5349SHisping Lin 395c7de5349SHisping Lin uint32_t trusty_write_flash_lock_state(uint8_t flash_lock_state) 396c7de5349SHisping Lin { 397c7de5349SHisping Lin return trusty_base_write_security_data("flash_lock_state", 398c7de5349SHisping Lin sizeof("flash_lock_state"), &flash_lock_state, 1); 399c7de5349SHisping Lin } 400c7de5349SHisping Lin 401c7de5349SHisping Lin static uint32_t trusty_base_end_efuse_or_otp(void) 402c7de5349SHisping Lin { 403ae8ec5e1SHisping Lin TEEC_Result TeecResult; 404ae8ec5e1SHisping Lin TEEC_Context TeecContext; 405ae8ec5e1SHisping Lin TEEC_Session TeecSession; 406ae8ec5e1SHisping Lin uint32_t ErrorOrigin; 407c7de5349SHisping Lin TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 408c7de5349SHisping Lin { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 409c7de5349SHisping Lin 410ae8ec5e1SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 411ae8ec5e1SHisping Lin TEEC_Operation TeecOperation = {0}; 412ae8ec5e1SHisping Lin 413f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 414f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 415f4e1db95SHisping Lin return TeecResult; 416ae8ec5e1SHisping Lin 417ae8ec5e1SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 418f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 419f4e1db95SHisping Lin return TeecResult; 420ae8ec5e1SHisping Lin 421ae8ec5e1SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 422ae8ec5e1SHisping Lin &TeecSession, 423ae8ec5e1SHisping Lin TeecUuid, 424ae8ec5e1SHisping Lin TEEC_LOGIN_PUBLIC, 425ae8ec5e1SHisping Lin NULL, 426c7de5349SHisping Lin NULL, 427ae8ec5e1SHisping Lin &ErrorOrigin); 428f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 429f4e1db95SHisping Lin return TeecResult; 430ae8ec5e1SHisping Lin 431c7de5349SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_NONE, 432c7de5349SHisping Lin TEEC_NONE, 433ae8ec5e1SHisping Lin TEEC_NONE, 434ae8ec5e1SHisping Lin TEEC_NONE); 435ae8ec5e1SHisping Lin 436ae8ec5e1SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 437c7de5349SHisping Lin STORAGE_CMD_UBOOT_END_OTP, 438ae8ec5e1SHisping Lin &TeecOperation, 439ae8ec5e1SHisping Lin &ErrorOrigin); 440c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 441c7de5349SHisping Lin goto exit; 442f4e1db95SHisping Lin exit: 443ae8ec5e1SHisping Lin TEEC_CloseSession(&TeecSession); 44446b2a054SHisping Lin TEEC_FinalizeContext(&TeecContext); 445ae8ec5e1SHisping Lin 446ae8ec5e1SHisping Lin return TeecResult; 447ae8ec5e1SHisping Lin } 448ae8ec5e1SHisping Lin 449c7de5349SHisping Lin static uint32_t trusty_base_efuse_or_otp_operation(uint32_t cmd, 450c7de5349SHisping Lin uint8_t is_write, 451c7de5349SHisping Lin uint32_t *buf, 452c7de5349SHisping Lin uint32_t length) 453ae8ec5e1SHisping Lin { 454ae8ec5e1SHisping Lin TEEC_Result TeecResult; 455ae8ec5e1SHisping Lin TEEC_Context TeecContext; 456ae8ec5e1SHisping Lin TEEC_Session TeecSession; 457ae8ec5e1SHisping Lin uint32_t ErrorOrigin; 458c7de5349SHisping Lin 459c7de5349SHisping Lin TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 460c7de5349SHisping Lin { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 461ae8ec5e1SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 462ae8ec5e1SHisping Lin TEEC_Operation TeecOperation = {0}; 463ae8ec5e1SHisping Lin 464f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 465f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 466f4e1db95SHisping Lin return TeecResult; 467ae8ec5e1SHisping Lin 468ae8ec5e1SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 469f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 470f4e1db95SHisping Lin return TeecResult; 471ae8ec5e1SHisping Lin 472ae8ec5e1SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 473ae8ec5e1SHisping Lin &TeecSession, 474ae8ec5e1SHisping Lin TeecUuid, 475ae8ec5e1SHisping Lin TEEC_LOGIN_PUBLIC, 476ae8ec5e1SHisping Lin NULL, 477c7de5349SHisping Lin NULL, 478ae8ec5e1SHisping Lin &ErrorOrigin); 479f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 480f4e1db95SHisping Lin return TeecResult; 481ae8ec5e1SHisping Lin 482ae8ec5e1SHisping Lin TEEC_SharedMemory SharedMem0 = {0}; 483ae8ec5e1SHisping Lin 484c7de5349SHisping Lin SharedMem0.size = length * sizeof(uint32_t); 485ae8ec5e1SHisping Lin SharedMem0.flags = 0; 486ae8ec5e1SHisping Lin 487ae8ec5e1SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 488f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 489f4e1db95SHisping Lin goto exit; 490ae8ec5e1SHisping Lin 491ae8ec5e1SHisping Lin TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 492ae8ec5e1SHisping Lin TeecOperation.params[0].tmpref.size = SharedMem0.size; 493ae8ec5e1SHisping Lin 494c7de5349SHisping Lin if (is_write) { 495c7de5349SHisping Lin memcpy(SharedMem0.buffer, buf, SharedMem0.size); 496ae8ec5e1SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT, 497c7de5349SHisping Lin TEEC_NONE, 498ae8ec5e1SHisping Lin TEEC_NONE, 499ae8ec5e1SHisping Lin TEEC_NONE); 500ae8ec5e1SHisping Lin 501c7de5349SHisping Lin } else { 502c7de5349SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_OUTPUT, 503c7de5349SHisping Lin TEEC_NONE, 504c7de5349SHisping Lin TEEC_NONE, 505c7de5349SHisping Lin TEEC_NONE); 506c7de5349SHisping Lin } 507c7de5349SHisping Lin 508ae8ec5e1SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 509c7de5349SHisping Lin cmd, 510ae8ec5e1SHisping Lin &TeecOperation, 511ae8ec5e1SHisping Lin &ErrorOrigin); 512f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 513f4e1db95SHisping Lin goto exit; 514c7de5349SHisping Lin 515c7de5349SHisping Lin if (!is_write) 516c7de5349SHisping Lin memcpy(buf, SharedMem0.buffer, SharedMem0.size); 517c7de5349SHisping Lin 518f4e1db95SHisping Lin exit: 519ae8ec5e1SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem0); 520ae8ec5e1SHisping Lin TEEC_CloseSession(&TeecSession); 52146b2a054SHisping Lin TEEC_FinalizeContext(&TeecContext); 522ae8ec5e1SHisping Lin 523ae8ec5e1SHisping Lin return TeecResult; 524ae8ec5e1SHisping Lin } 525ae8ec5e1SHisping Lin 5266ef445a4SHisping Lin uint32_t trusty_read_attribute_hash(uint32_t *buf, uint32_t length) 5276ef445a4SHisping Lin { 528c7de5349SHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_READ_ATTRIBUTE_HASH, 529c7de5349SHisping Lin false, buf, length); 5306ef445a4SHisping Lin } 5316ef445a4SHisping Lin 5326ef445a4SHisping Lin uint32_t trusty_write_attribute_hash(uint32_t *buf, uint32_t length) 5336ef445a4SHisping Lin { 534c7de5349SHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_ATTRIBUTE_HASH, 535c7de5349SHisping Lin true, buf, length); 53616539616SHisping Lin } 53716539616SHisping Lin 53816539616SHisping Lin uint32_t trusty_notify_optee_uboot_end(void) 53916539616SHisping Lin { 54016539616SHisping Lin TEEC_Result res; 541c7de5349SHisping Lin 542c7de5349SHisping Lin res = trusty_base_end_security_data(); 543c7de5349SHisping Lin res |= trusty_base_end_efuse_or_otp(); 54416539616SHisping Lin return res; 54516539616SHisping Lin } 5462cd27853SHisping Lin 5472cd27853SHisping Lin uint32_t trusty_read_vbootkey_hash(uint32_t *buf, uint32_t length) 5482cd27853SHisping Lin { 549c7de5349SHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_READ_VBOOTKEY_HASH, 550c7de5349SHisping Lin false, buf, length); 5512cd27853SHisping Lin } 552c7de5349SHisping Lin 5532cd27853SHisping Lin uint32_t trusty_write_vbootkey_hash(uint32_t *buf, uint32_t length) 5542cd27853SHisping Lin { 555c7de5349SHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_VBOOTKEY_HASH, 556c7de5349SHisping Lin true, buf, length); 5572cd27853SHisping Lin } 558095e2a82SHisping Lin 559468df3b2SHisping Lin uint32_t trusty_read_vbootkey_enable_flag(uint8_t *flag) 560468df3b2SHisping Lin { 561468df3b2SHisping Lin uint32_t bootflag; 562c7de5349SHisping Lin TEEC_Result TeecResult; 563468df3b2SHisping Lin 564f07e1686SHisping Lin *flag = 0; 565f07e1686SHisping Lin 566c7de5349SHisping Lin TeecResult = trusty_base_efuse_or_otp_operation(STORAGE_CMD_READ_ENABLE_FLAG, 567c7de5349SHisping Lin false, &bootflag, 1); 568468df3b2SHisping Lin 569468df3b2SHisping Lin if (TeecResult == TEEC_SUCCESS) { 5700202ee8aSHisping Lin #if defined(CONFIG_ROCKCHIP_RK3288) 5710202ee8aSHisping Lin if (bootflag == 0x00000001) 5720202ee8aSHisping Lin *flag = 1; 5730202ee8aSHisping Lin #else 574468df3b2SHisping Lin if (bootflag == 0x000000FF) 575468df3b2SHisping Lin *flag = 1; 5760202ee8aSHisping Lin #endif 577468df3b2SHisping Lin } 578095e2a82SHisping Lin return TeecResult; 579095e2a82SHisping Lin } 5804aa61755SAndy Ye 5811ef63c75SHisping Lin uint32_t trusty_write_ta_encryption_key(uint32_t *buf, uint32_t length) 5821ef63c75SHisping Lin { 5831ef63c75SHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_TA_ENCRYPTION_KEY, 5841ef63c75SHisping Lin true, buf, length); 5851ef63c75SHisping Lin } 5861ef63c75SHisping Lin 587fbf29bfbSHisping Lin uint32_t trusty_check_security_level_flag(uint8_t flag) 588fbf29bfbSHisping Lin { 589fbf29bfbSHisping Lin uint32_t levelflag; 590fbf29bfbSHisping Lin 591fbf29bfbSHisping Lin levelflag = flag; 592fbf29bfbSHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_CHECK_SECURITY_LEVEL_FLAG, 593fbf29bfbSHisping Lin true, &levelflag, 1); 594fbf29bfbSHisping Lin } 595fbf29bfbSHisping Lin 596f39d4289SHisping Lin uint32_t trusty_write_oem_huk(uint32_t *buf, uint32_t length) 597f39d4289SHisping Lin { 598f39d4289SHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_OEM_HUK, 599f39d4289SHisping Lin true, buf, length); 600f39d4289SHisping Lin } 601f39d4289SHisping Lin 6027504da74SHisping Lin void trusty_select_security_level(void) 6037504da74SHisping Lin { 6047504da74SHisping Lin #if (CONFIG_OPTEE_SECURITY_LEVEL > 0) 6057504da74SHisping Lin TEEC_Result TeecResult; 6067504da74SHisping Lin 6077504da74SHisping Lin TeecResult = trusty_check_security_level_flag(CONFIG_OPTEE_SECURITY_LEVEL); 6087504da74SHisping Lin if (TeecResult == TEE_ERROR_CANCEL) { 6097504da74SHisping Lin run_command("download", 0); 6107504da74SHisping Lin return; 6117504da74SHisping Lin } 6127504da74SHisping Lin 6137504da74SHisping Lin if (TeecResult == TEEC_SUCCESS) 6147504da74SHisping Lin debug("optee select security level success!"); 6157504da74SHisping Lin else 6167504da74SHisping Lin panic("optee select security level fail!"); 6177504da74SHisping Lin 6187504da74SHisping Lin return; 6197504da74SHisping Lin #endif 6207504da74SHisping Lin } 6217504da74SHisping Lin 622d5913350SHisping Lin uint32_t trusty_write_oem_ns_otp(uint32_t byte_off, uint8_t *byte_buf, uint32_t byte_len) 623d5913350SHisping Lin { 624d5913350SHisping Lin TEEC_Result TeecResult; 625d5913350SHisping Lin TEEC_Context TeecContext; 626d5913350SHisping Lin TEEC_Session TeecSession; 627d5913350SHisping Lin uint32_t ErrorOrigin; 628d5913350SHisping Lin 629d5913350SHisping Lin TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 630d5913350SHisping Lin { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 631d5913350SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 632d5913350SHisping Lin TEEC_Operation TeecOperation = {0}; 633d5913350SHisping Lin 634d5913350SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 635d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 636d5913350SHisping Lin return TeecResult; 637d5913350SHisping Lin 638d5913350SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 639d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 640d5913350SHisping Lin return TeecResult; 641d5913350SHisping Lin 642d5913350SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 643d5913350SHisping Lin &TeecSession, 644d5913350SHisping Lin TeecUuid, 645d5913350SHisping Lin TEEC_LOGIN_PUBLIC, 646d5913350SHisping Lin NULL, 647d5913350SHisping Lin NULL, 648d5913350SHisping Lin &ErrorOrigin); 649d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 650d5913350SHisping Lin return TeecResult; 651d5913350SHisping Lin 652d5913350SHisping Lin TeecOperation.params[0].value.a = byte_off; 653d5913350SHisping Lin 654d5913350SHisping Lin TEEC_SharedMemory SharedMem = {0}; 655d5913350SHisping Lin 656d5913350SHisping Lin SharedMem.size = byte_len; 657d5913350SHisping Lin SharedMem.flags = 0; 658d5913350SHisping Lin 659d5913350SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem); 660d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 661d5913350SHisping Lin goto exit; 662d5913350SHisping Lin 663d5913350SHisping Lin TeecOperation.params[1].tmpref.buffer = SharedMem.buffer; 664d5913350SHisping Lin TeecOperation.params[1].tmpref.size = SharedMem.size; 665d5913350SHisping Lin 666d5913350SHisping Lin memcpy(SharedMem.buffer, byte_buf, SharedMem.size); 667d5913350SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 668d5913350SHisping Lin TEEC_MEMREF_TEMP_INPUT, 669d5913350SHisping Lin TEEC_NONE, 670d5913350SHisping Lin TEEC_NONE); 671d5913350SHisping Lin 672d5913350SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 673d5913350SHisping Lin STORAGE_CMD_WRITE_OEM_NS_OTP, 674d5913350SHisping Lin &TeecOperation, 675d5913350SHisping Lin &ErrorOrigin); 676d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 677d5913350SHisping Lin goto exit; 678d5913350SHisping Lin 679d5913350SHisping Lin exit: 680d5913350SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem); 681d5913350SHisping Lin TEEC_CloseSession(&TeecSession); 682d5913350SHisping Lin TEEC_FinalizeContext(&TeecContext); 683d5913350SHisping Lin 684d5913350SHisping Lin return TeecResult; 685d5913350SHisping Lin } 686d5913350SHisping Lin 687d5913350SHisping Lin uint32_t trusty_read_oem_ns_otp(uint32_t byte_off, uint8_t *byte_buf, uint32_t byte_len) 688d5913350SHisping Lin { 689d5913350SHisping Lin TEEC_Result TeecResult; 690d5913350SHisping Lin TEEC_Context TeecContext; 691d5913350SHisping Lin TEEC_Session TeecSession; 692d5913350SHisping Lin uint32_t ErrorOrigin; 693d5913350SHisping Lin 694d5913350SHisping Lin TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 695d5913350SHisping Lin { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 696d5913350SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 697d5913350SHisping Lin TEEC_Operation TeecOperation = {0}; 698d5913350SHisping Lin 699d5913350SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 700d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 701d5913350SHisping Lin return TeecResult; 702d5913350SHisping Lin 703d5913350SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 704d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 705d5913350SHisping Lin return TeecResult; 706d5913350SHisping Lin 707d5913350SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 708d5913350SHisping Lin &TeecSession, 709d5913350SHisping Lin TeecUuid, 710d5913350SHisping Lin TEEC_LOGIN_PUBLIC, 711d5913350SHisping Lin NULL, 712d5913350SHisping Lin NULL, 713d5913350SHisping Lin &ErrorOrigin); 714d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 715d5913350SHisping Lin return TeecResult; 716d5913350SHisping Lin 717d5913350SHisping Lin TeecOperation.params[0].value.a = byte_off; 718d5913350SHisping Lin 719d5913350SHisping Lin TEEC_SharedMemory SharedMem = {0}; 720d5913350SHisping Lin 721d5913350SHisping Lin SharedMem.size = byte_len; 722d5913350SHisping Lin SharedMem.flags = 0; 723d5913350SHisping Lin 724d5913350SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem); 725d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 726d5913350SHisping Lin goto exit; 727d5913350SHisping Lin 728d5913350SHisping Lin TeecOperation.params[1].tmpref.buffer = SharedMem.buffer; 729d5913350SHisping Lin TeecOperation.params[1].tmpref.size = SharedMem.size; 730d5913350SHisping Lin 731d5913350SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 732d5913350SHisping Lin TEEC_MEMREF_TEMP_OUTPUT, 733d5913350SHisping Lin TEEC_NONE, 734d5913350SHisping Lin TEEC_NONE); 735d5913350SHisping Lin 736d5913350SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 737d5913350SHisping Lin STORAGE_CMD_READ_OEM_NS_OTP, 738d5913350SHisping Lin &TeecOperation, 739d5913350SHisping Lin &ErrorOrigin); 740d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 741d5913350SHisping Lin goto exit; 742d5913350SHisping Lin 743d5913350SHisping Lin memcpy(byte_buf, SharedMem.buffer, SharedMem.size); 744d5913350SHisping Lin 745d5913350SHisping Lin exit: 746d5913350SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem); 747d5913350SHisping Lin TEEC_CloseSession(&TeecSession); 748d5913350SHisping Lin TEEC_FinalizeContext(&TeecContext); 749d5913350SHisping Lin 750d5913350SHisping Lin return TeecResult; 751d5913350SHisping Lin } 752d5913350SHisping Lin 75390e849a0Sxb.wang uint32_t trusty_write_oem_otp_key(enum RK_OEM_OTP_KEYID key_id, 754bb1ba6acSHisping Lin uint8_t *byte_buf, uint32_t byte_len) 755bb1ba6acSHisping Lin { 756bb1ba6acSHisping Lin TEEC_Result TeecResult; 757bb1ba6acSHisping Lin TEEC_Context TeecContext; 758bb1ba6acSHisping Lin TEEC_Session TeecSession; 759bb1ba6acSHisping Lin uint32_t ErrorOrigin; 760bb1ba6acSHisping Lin 761bb1ba6acSHisping Lin TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 762bb1ba6acSHisping Lin { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 763bb1ba6acSHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 764bb1ba6acSHisping Lin TEEC_Operation TeecOperation = {0}; 765bb1ba6acSHisping Lin 766bb1ba6acSHisping Lin TeecResult = OpteeClientApiLibInitialize(); 767bb1ba6acSHisping Lin if (TeecResult != TEEC_SUCCESS) 768bb1ba6acSHisping Lin return TeecResult; 769bb1ba6acSHisping Lin 770bb1ba6acSHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 771bb1ba6acSHisping Lin if (TeecResult != TEEC_SUCCESS) 772bb1ba6acSHisping Lin return TeecResult; 773bb1ba6acSHisping Lin 774bb1ba6acSHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 775bb1ba6acSHisping Lin &TeecSession, 776bb1ba6acSHisping Lin TeecUuid, 777bb1ba6acSHisping Lin TEEC_LOGIN_PUBLIC, 778bb1ba6acSHisping Lin NULL, 779bb1ba6acSHisping Lin NULL, 780bb1ba6acSHisping Lin &ErrorOrigin); 781bb1ba6acSHisping Lin if (TeecResult != TEEC_SUCCESS) 782bb1ba6acSHisping Lin return TeecResult; 783bb1ba6acSHisping Lin 784bb1ba6acSHisping Lin TeecOperation.params[0].value.a = key_id; 785bb1ba6acSHisping Lin 786bb1ba6acSHisping Lin TEEC_SharedMemory SharedMem = {0}; 787bb1ba6acSHisping Lin 788bb1ba6acSHisping Lin SharedMem.size = byte_len; 789bb1ba6acSHisping Lin SharedMem.flags = 0; 790bb1ba6acSHisping Lin 791bb1ba6acSHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem); 792bb1ba6acSHisping Lin if (TeecResult != TEEC_SUCCESS) 793bb1ba6acSHisping Lin goto exit; 794bb1ba6acSHisping Lin 795bb1ba6acSHisping Lin TeecOperation.params[1].tmpref.buffer = SharedMem.buffer; 796bb1ba6acSHisping Lin TeecOperation.params[1].tmpref.size = SharedMem.size; 797bb1ba6acSHisping Lin 798bb1ba6acSHisping Lin memcpy(SharedMem.buffer, byte_buf, SharedMem.size); 799bb1ba6acSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 800bb1ba6acSHisping Lin TEEC_MEMREF_TEMP_INPUT, 801bb1ba6acSHisping Lin TEEC_NONE, 802bb1ba6acSHisping Lin TEEC_NONE); 803bb1ba6acSHisping Lin 804bb1ba6acSHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 80590e849a0Sxb.wang STORAGE_CMD_WRITE_OEM_OTP_KEY, 806bb1ba6acSHisping Lin &TeecOperation, 807bb1ba6acSHisping Lin &ErrorOrigin); 808bb1ba6acSHisping Lin if (TeecResult != TEEC_SUCCESS) 809bb1ba6acSHisping Lin goto exit; 810bb1ba6acSHisping Lin 811bb1ba6acSHisping Lin exit: 812bb1ba6acSHisping Lin TEEC_ReleaseSharedMemory(&SharedMem); 813bb1ba6acSHisping Lin TEEC_CloseSession(&TeecSession); 814bb1ba6acSHisping Lin TEEC_FinalizeContext(&TeecContext); 815bb1ba6acSHisping Lin 816bb1ba6acSHisping Lin return TeecResult; 817bb1ba6acSHisping Lin } 818bb1ba6acSHisping Lin 819*9deb34f6SHisping Lin uint32_t trusty_oem_otp_key_is_written(enum RK_OEM_OTP_KEYID key_id, uint8_t *value) 820*9deb34f6SHisping Lin { 821*9deb34f6SHisping Lin TEEC_Result TeecResult; 822*9deb34f6SHisping Lin TEEC_Context TeecContext; 823*9deb34f6SHisping Lin TEEC_Session TeecSession; 824*9deb34f6SHisping Lin uint32_t ErrorOrigin; 825*9deb34f6SHisping Lin 826*9deb34f6SHisping Lin *value = 0xFF; 827*9deb34f6SHisping Lin 828*9deb34f6SHisping Lin TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 829*9deb34f6SHisping Lin { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 830*9deb34f6SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 831*9deb34f6SHisping Lin TEEC_Operation TeecOperation = {0}; 832*9deb34f6SHisping Lin 833*9deb34f6SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 834*9deb34f6SHisping Lin if (TeecResult != TEEC_SUCCESS) 835*9deb34f6SHisping Lin return TeecResult; 836*9deb34f6SHisping Lin 837*9deb34f6SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 838*9deb34f6SHisping Lin if (TeecResult != TEEC_SUCCESS) 839*9deb34f6SHisping Lin return TeecResult; 840*9deb34f6SHisping Lin 841*9deb34f6SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 842*9deb34f6SHisping Lin &TeecSession, 843*9deb34f6SHisping Lin TeecUuid, 844*9deb34f6SHisping Lin TEEC_LOGIN_PUBLIC, 845*9deb34f6SHisping Lin NULL, 846*9deb34f6SHisping Lin NULL, 847*9deb34f6SHisping Lin &ErrorOrigin); 848*9deb34f6SHisping Lin if (TeecResult != TEEC_SUCCESS) 849*9deb34f6SHisping Lin return TeecResult; 850*9deb34f6SHisping Lin 851*9deb34f6SHisping Lin TeecOperation.params[0].value.a = key_id; 852*9deb34f6SHisping Lin 853*9deb34f6SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INOUT, 854*9deb34f6SHisping Lin TEEC_NONE, 855*9deb34f6SHisping Lin TEEC_NONE, 856*9deb34f6SHisping Lin TEEC_NONE); 857*9deb34f6SHisping Lin 858*9deb34f6SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 859*9deb34f6SHisping Lin STORAGE_CMD_OEM_OTP_KEY_IS_WRITTEN, 860*9deb34f6SHisping Lin &TeecOperation, 861*9deb34f6SHisping Lin &ErrorOrigin); 862*9deb34f6SHisping Lin if (TeecResult == TEEC_SUCCESS) 863*9deb34f6SHisping Lin *value = TeecOperation.params[0].value.b; 864*9deb34f6SHisping Lin 865*9deb34f6SHisping Lin TEEC_CloseSession(&TeecSession); 866*9deb34f6SHisping Lin TEEC_FinalizeContext(&TeecContext); 867*9deb34f6SHisping Lin 868*9deb34f6SHisping Lin return TeecResult; 869*9deb34f6SHisping Lin } 870*9deb34f6SHisping Lin 87190e849a0Sxb.wang uint32_t trusty_set_oem_hr_otp_read_lock(enum RK_OEM_OTP_KEYID key_id) 872a405238aSHisping Lin { 873a405238aSHisping Lin TEEC_Result TeecResult; 874a405238aSHisping Lin TEEC_Context TeecContext; 875a405238aSHisping Lin TEEC_Session TeecSession; 876a405238aSHisping Lin uint32_t ErrorOrigin; 877a405238aSHisping Lin 878a405238aSHisping Lin TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 879a405238aSHisping Lin { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 880a405238aSHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 881a405238aSHisping Lin TEEC_Operation TeecOperation = {0}; 882a405238aSHisping Lin 883a405238aSHisping Lin TeecResult = OpteeClientApiLibInitialize(); 884a405238aSHisping Lin if (TeecResult != TEEC_SUCCESS) 885a405238aSHisping Lin return TeecResult; 886a405238aSHisping Lin 887a405238aSHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 888a405238aSHisping Lin if (TeecResult != TEEC_SUCCESS) 889a405238aSHisping Lin return TeecResult; 890a405238aSHisping Lin 891a405238aSHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 892a405238aSHisping Lin &TeecSession, 893a405238aSHisping Lin TeecUuid, 894a405238aSHisping Lin TEEC_LOGIN_PUBLIC, 895a405238aSHisping Lin NULL, 896a405238aSHisping Lin NULL, 897a405238aSHisping Lin &ErrorOrigin); 898a405238aSHisping Lin if (TeecResult != TEEC_SUCCESS) 899a405238aSHisping Lin return TeecResult; 900a405238aSHisping Lin 901a405238aSHisping Lin TeecOperation.params[0].value.a = key_id; 902a405238aSHisping Lin 903a405238aSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 904a405238aSHisping Lin TEEC_NONE, 905a405238aSHisping Lin TEEC_NONE, 906a405238aSHisping Lin TEEC_NONE); 907a405238aSHisping Lin 908a405238aSHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 909a405238aSHisping Lin STORAGE_CMD_SET_OEM_HR_OTP_READ_LOCK, 910a405238aSHisping Lin &TeecOperation, 911a405238aSHisping Lin &ErrorOrigin); 912a405238aSHisping Lin if (TeecResult != TEEC_SUCCESS) 913a405238aSHisping Lin goto exit; 914a405238aSHisping Lin 915a405238aSHisping Lin exit: 916a405238aSHisping Lin TEEC_CloseSession(&TeecSession); 917a405238aSHisping Lin TEEC_FinalizeContext(&TeecContext); 918a405238aSHisping Lin 919a405238aSHisping Lin return TeecResult; 920a405238aSHisping Lin } 921a405238aSHisping Lin 9222f8c34bdSxb.wang uint32_t trusty_oem_otp_key_cipher(enum RK_OEM_OTP_KEYID key_id, rk_cipher_config *config, 9232f8c34bdSxb.wang uint32_t src_phys_addr, uint32_t dst_phys_addr, 9242f8c34bdSxb.wang uint32_t len) 925fc3694d6Sxb.wang { 926fc3694d6Sxb.wang TEEC_Result TeecResult; 927fc3694d6Sxb.wang TEEC_Context TeecContext; 928fc3694d6Sxb.wang TEEC_Session TeecSession; 929fc3694d6Sxb.wang TEEC_Operation TeecOperation = {0}; 930fc3694d6Sxb.wang uint32_t ErrorOrigin; 931fc3694d6Sxb.wang TEEC_UUID uuid = RK_CRYPTO_SERVICE_UUID; 932fc3694d6Sxb.wang TEEC_SharedMemory SharedMem_config = {0}; 933fc3694d6Sxb.wang 9342f8c34bdSxb.wang if (key_id != RK_OEM_OTP_KEY0 && 9352f8c34bdSxb.wang key_id != RK_OEM_OTP_KEY1 && 9362f8c34bdSxb.wang key_id != RK_OEM_OTP_KEY2 && 9372f8c34bdSxb.wang key_id != RK_OEM_OTP_KEY3 && 9382f8c34bdSxb.wang key_id != RK_OEM_OTP_KEY_FW) 939fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 940fc3694d6Sxb.wang 9412f8c34bdSxb.wang if (!config) 942fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 943fc3694d6Sxb.wang 944fc3694d6Sxb.wang if (config->algo != RK_ALGO_AES && config->algo != RK_ALGO_SM4) 945fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 946fc3694d6Sxb.wang 947fc3694d6Sxb.wang if (config->mode >= RK_CIPHER_MODE_XTS) 948fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 949fc3694d6Sxb.wang 950fc3694d6Sxb.wang if (config->operation != RK_MODE_ENCRYPT && 951fc3694d6Sxb.wang config->operation != RK_MODE_DECRYPT) 952fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 953fc3694d6Sxb.wang 954fc3694d6Sxb.wang if (config->key_len != 16 && 955fc3694d6Sxb.wang config->key_len != 24 && 956fc3694d6Sxb.wang config->key_len != 32) 957fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 958fc3694d6Sxb.wang 9592f8c34bdSxb.wang if (key_id == RK_OEM_OTP_KEY_FW && config->key_len != 16) 9602f8c34bdSxb.wang return TEEC_ERROR_BAD_PARAMETERS; 9612f8c34bdSxb.wang 9622f8c34bdSxb.wang #if defined(CONFIG_ROCKCHIP_RV1126) 9632f8c34bdSxb.wang if (config->key_len == 24) 9642f8c34bdSxb.wang return TEEC_ERROR_BAD_PARAMETERS; 9652f8c34bdSxb.wang #endif 9662f8c34bdSxb.wang 967fc3694d6Sxb.wang if (len % AES_BLOCK_SIZE || 968fc3694d6Sxb.wang len == 0) 969fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 970fc3694d6Sxb.wang 9712f8c34bdSxb.wang if (!src_phys_addr || !dst_phys_addr) 9722f8c34bdSxb.wang return TEEC_ERROR_BAD_PARAMETERS; 9732f8c34bdSxb.wang 974fc3694d6Sxb.wang TeecResult = OpteeClientApiLibInitialize(); 975fc3694d6Sxb.wang if (TeecResult != TEEC_SUCCESS) 976fc3694d6Sxb.wang return TeecResult; 977fc3694d6Sxb.wang 978fc3694d6Sxb.wang TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 979fc3694d6Sxb.wang if (TeecResult != TEEC_SUCCESS) 980fc3694d6Sxb.wang return TeecResult; 981fc3694d6Sxb.wang 982fc3694d6Sxb.wang TeecResult = TEEC_OpenSession(&TeecContext, 983fc3694d6Sxb.wang &TeecSession, 984fc3694d6Sxb.wang &uuid, 985fc3694d6Sxb.wang TEEC_LOGIN_PUBLIC, 986fc3694d6Sxb.wang NULL, 987fc3694d6Sxb.wang NULL, 988fc3694d6Sxb.wang &ErrorOrigin); 989fc3694d6Sxb.wang if (TeecResult != TEEC_SUCCESS) 990fc3694d6Sxb.wang goto exit; 991fc3694d6Sxb.wang 992fc3694d6Sxb.wang SharedMem_config.size = sizeof(rk_cipher_config); 993fc3694d6Sxb.wang TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem_config); 994fc3694d6Sxb.wang if (TeecResult != TEEC_SUCCESS) 995fc3694d6Sxb.wang goto exit; 996fc3694d6Sxb.wang 997fc3694d6Sxb.wang memcpy(SharedMem_config.buffer, config, sizeof(rk_cipher_config)); 998fc3694d6Sxb.wang TeecOperation.params[0].value.a = key_id; 999fc3694d6Sxb.wang TeecOperation.params[1].tmpref.buffer = SharedMem_config.buffer; 1000fc3694d6Sxb.wang TeecOperation.params[1].tmpref.size = SharedMem_config.size; 10012f8c34bdSxb.wang TeecOperation.params[2].value.a = src_phys_addr; 10022f8c34bdSxb.wang TeecOperation.params[2].value.b = len; 10032f8c34bdSxb.wang TeecOperation.params[3].value.a = dst_phys_addr; 1004fc3694d6Sxb.wang TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 1005fc3694d6Sxb.wang TEEC_MEMREF_TEMP_INPUT, 10062f8c34bdSxb.wang TEEC_VALUE_INPUT, 10072f8c34bdSxb.wang TEEC_VALUE_INPUT); 10082f8c34bdSxb.wang 10092f8c34bdSxb.wang crypto_flush_cacheline(src_phys_addr, len); 10102f8c34bdSxb.wang crypto_flush_cacheline(dst_phys_addr, len); 10112f8c34bdSxb.wang 1012fc3694d6Sxb.wang TeecResult = TEEC_InvokeCommand(&TeecSession, 10132f8c34bdSxb.wang CRYPTO_SERVICE_CMD_OEM_OTP_KEY_PHYS_CIPHER, 1014fc3694d6Sxb.wang &TeecOperation, 1015fc3694d6Sxb.wang &ErrorOrigin); 1016fc3694d6Sxb.wang 1017fc3694d6Sxb.wang exit: 1018fc3694d6Sxb.wang TEEC_ReleaseSharedMemory(&SharedMem_config); 1019fc3694d6Sxb.wang TEEC_CloseSession(&TeecSession); 1020fc3694d6Sxb.wang TEEC_FinalizeContext(&TeecContext); 1021fc3694d6Sxb.wang return TeecResult; 1022fc3694d6Sxb.wang } 1023fc3694d6Sxb.wang 10244aa61755SAndy Ye uint32_t trusty_attest_dh(uint8_t *dh, uint32_t *dh_size) 10254aa61755SAndy Ye { 10264aa61755SAndy Ye TEEC_Result TeecResult; 10274aa61755SAndy Ye TEEC_Context TeecContext; 10284aa61755SAndy Ye TEEC_Session TeecSession; 10294aa61755SAndy Ye uint32_t ErrorOrigin; 10304aa61755SAndy Ye TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 10314aa61755SAndy Ye { 0xa8, 0x69, 0x9c, 0xe6, 10324aa61755SAndy Ye 0x88, 0x6c, 0x5d, 0x5d 10334aa61755SAndy Ye } 10344aa61755SAndy Ye }; 10354aa61755SAndy Ye TEEC_UUID *TeecUuid = &tempuuid; 10364aa61755SAndy Ye TEEC_Operation TeecOperation = {0}; 10373251364cSHisping Lin struct blk_desc *dev_desc; 10383251364cSHisping Lin dev_desc = rockchip_get_bootdev(); 10396651d4c0SJason Zhu if (!dev_desc) { 10406651d4c0SJason Zhu printf("%s: dev_desc is NULL!\n", __func__); 10416651d4c0SJason Zhu return -TEEC_ERROR_GENERIC; 10426651d4c0SJason Zhu } 10434aa61755SAndy Ye 1044f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 1045f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1046f4e1db95SHisping Lin return TeecResult; 10474aa61755SAndy Ye 10484aa61755SAndy Ye TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 1049f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1050f4e1db95SHisping Lin return TeecResult; 10514aa61755SAndy Ye 10523251364cSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 10533251364cSHisping Lin TEEC_NONE, 10543251364cSHisping Lin TEEC_NONE, 10553251364cSHisping Lin TEEC_NONE); 10563251364cSHisping Lin /*0 nand or emmc "security" partition , 1 rpmb*/ 1057b9a7e756SHisping Lin if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 1058b9a7e756SHisping Lin TeecOperation.params[0].value.a = 1; 1059b9a7e756SHisping Lin else 1060b9a7e756SHisping Lin TeecOperation.params[0].value.a = 0; 1061b9a7e756SHisping Lin 10623251364cSHisping Lin #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 10633251364cSHisping Lin TeecOperation.params[0].value.a = 0; 10643251364cSHisping Lin #endif 10653251364cSHisping Lin 10664aa61755SAndy Ye TeecResult = TEEC_OpenSession(&TeecContext, 10674aa61755SAndy Ye &TeecSession, 10684aa61755SAndy Ye TeecUuid, 10694aa61755SAndy Ye TEEC_LOGIN_PUBLIC, 10704aa61755SAndy Ye NULL, 10713251364cSHisping Lin &TeecOperation, 10724aa61755SAndy Ye &ErrorOrigin); 1073f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1074f4e1db95SHisping Lin return TeecResult; 10754aa61755SAndy Ye 10764aa61755SAndy Ye TEEC_SharedMemory SharedMem0 = {0}; 10774aa61755SAndy Ye 10784aa61755SAndy Ye SharedMem0.size = *dh_size; 10794aa61755SAndy Ye SharedMem0.flags = 0; 10804aa61755SAndy Ye 10814aa61755SAndy Ye TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1082f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1083f4e1db95SHisping Lin goto exit; 10844aa61755SAndy Ye 10854aa61755SAndy Ye TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 10864aa61755SAndy Ye TeecOperation.params[0].tmpref.size = SharedMem0.size; 10874aa61755SAndy Ye 10884aa61755SAndy Ye TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 10894aa61755SAndy Ye TEEC_NONE, 10904aa61755SAndy Ye TEEC_NONE, 10914aa61755SAndy Ye TEEC_NONE); 10924aa61755SAndy Ye 10934aa61755SAndy Ye TeecResult = TEEC_InvokeCommand(&TeecSession, 10944aa61755SAndy Ye 143, 10954aa61755SAndy Ye &TeecOperation, 10964aa61755SAndy Ye &ErrorOrigin); 1097f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1098f4e1db95SHisping Lin goto exit; 10994aa61755SAndy Ye 11004aa61755SAndy Ye *dh_size = TeecOperation.params[0].tmpref.size; 11014aa61755SAndy Ye memcpy(dh, SharedMem0.buffer, SharedMem0.size); 1102f4e1db95SHisping Lin exit: 11034aa61755SAndy Ye TEEC_ReleaseSharedMemory(&SharedMem0); 11044aa61755SAndy Ye TEEC_CloseSession(&TeecSession); 1105f4e1db95SHisping Lin TEEC_FinalizeContext(&TeecContext); 11064aa61755SAndy Ye 11074aa61755SAndy Ye return TeecResult; 11084aa61755SAndy Ye } 11094aa61755SAndy Ye 11104aa61755SAndy Ye uint32_t trusty_attest_uuid(uint8_t *uuid, uint32_t *uuid_size) 11114aa61755SAndy Ye { 11124aa61755SAndy Ye TEEC_Result TeecResult; 11134aa61755SAndy Ye TEEC_Context TeecContext; 11144aa61755SAndy Ye TEEC_Session TeecSession; 11154aa61755SAndy Ye uint32_t ErrorOrigin; 11164aa61755SAndy Ye TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 11174aa61755SAndy Ye { 0xa8, 0x69, 0x9c, 0xe6, 11184aa61755SAndy Ye 0x88, 0x6c, 0x5d, 0x5d 11194aa61755SAndy Ye } 11204aa61755SAndy Ye }; 11214aa61755SAndy Ye TEEC_UUID *TeecUuid = &tempuuid; 11224aa61755SAndy Ye TEEC_Operation TeecOperation = {0}; 11233251364cSHisping Lin struct blk_desc *dev_desc; 11243251364cSHisping Lin dev_desc = rockchip_get_bootdev(); 11256651d4c0SJason Zhu if (!dev_desc) { 11266651d4c0SJason Zhu printf("%s: dev_desc is NULL!\n", __func__); 11276651d4c0SJason Zhu return -TEEC_ERROR_GENERIC; 11286651d4c0SJason Zhu } 11294aa61755SAndy Ye 1130f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 1131f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1132f4e1db95SHisping Lin return TeecResult; 11334aa61755SAndy Ye 11344aa61755SAndy Ye TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 1135f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1136f4e1db95SHisping Lin return TeecResult; 11374aa61755SAndy Ye 11383251364cSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 11393251364cSHisping Lin TEEC_NONE, 11403251364cSHisping Lin TEEC_NONE, 11413251364cSHisping Lin TEEC_NONE); 11423251364cSHisping Lin /*0 nand or emmc "security" partition , 1 rpmb*/ 1143b9a7e756SHisping Lin if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 1144b9a7e756SHisping Lin TeecOperation.params[0].value.a = 1; 1145b9a7e756SHisping Lin else 1146b9a7e756SHisping Lin TeecOperation.params[0].value.a = 0; 1147b9a7e756SHisping Lin 11483251364cSHisping Lin #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 11493251364cSHisping Lin TeecOperation.params[0].value.a = 0; 11503251364cSHisping Lin #endif 11513251364cSHisping Lin 11524aa61755SAndy Ye TeecResult = TEEC_OpenSession(&TeecContext, 11534aa61755SAndy Ye &TeecSession, 11544aa61755SAndy Ye TeecUuid, 11554aa61755SAndy Ye TEEC_LOGIN_PUBLIC, 11564aa61755SAndy Ye NULL, 11573251364cSHisping Lin &TeecOperation, 11584aa61755SAndy Ye &ErrorOrigin); 1159f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1160f4e1db95SHisping Lin return TeecResult; 11614aa61755SAndy Ye 11624aa61755SAndy Ye TEEC_SharedMemory SharedMem0 = {0}; 11634aa61755SAndy Ye 11644aa61755SAndy Ye SharedMem0.size = *uuid_size; 11654aa61755SAndy Ye SharedMem0.flags = 0; 11664aa61755SAndy Ye 11674aa61755SAndy Ye TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1168f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1169f4e1db95SHisping Lin goto exit; 11704aa61755SAndy Ye 11714aa61755SAndy Ye TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 11724aa61755SAndy Ye TeecOperation.params[0].tmpref.size = SharedMem0.size; 11734aa61755SAndy Ye 11744aa61755SAndy Ye TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 11754aa61755SAndy Ye TEEC_NONE, 11764aa61755SAndy Ye TEEC_NONE, 11774aa61755SAndy Ye TEEC_NONE); 11784aa61755SAndy Ye 11794aa61755SAndy Ye TeecResult = TEEC_InvokeCommand(&TeecSession, 11804aa61755SAndy Ye 144, 11814aa61755SAndy Ye &TeecOperation, 11824aa61755SAndy Ye &ErrorOrigin); 1183f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1184f4e1db95SHisping Lin goto exit; 11854aa61755SAndy Ye 11864aa61755SAndy Ye *uuid_size = TeecOperation.params[0].tmpref.size; 11874aa61755SAndy Ye memcpy(uuid, SharedMem0.buffer, SharedMem0.size); 1188f4e1db95SHisping Lin exit: 11894aa61755SAndy Ye TEEC_ReleaseSharedMemory(&SharedMem0); 11904aa61755SAndy Ye TEEC_CloseSession(&TeecSession); 1191f4e1db95SHisping Lin TEEC_FinalizeContext(&TeecContext); 11924aa61755SAndy Ye 11934aa61755SAndy Ye return TeecResult; 11944aa61755SAndy Ye } 11954aa61755SAndy Ye 11964aa61755SAndy Ye uint32_t trusty_attest_get_ca(uint8_t *operation_start, 11974aa61755SAndy Ye uint32_t *operation_size, 11984aa61755SAndy Ye uint8_t *out, 11994aa61755SAndy Ye uint32_t *out_len) 12004aa61755SAndy Ye { 12014aa61755SAndy Ye TEEC_Result TeecResult; 12024aa61755SAndy Ye TEEC_Context TeecContext; 12034aa61755SAndy Ye TEEC_Session TeecSession; 12044aa61755SAndy Ye uint32_t ErrorOrigin; 12054aa61755SAndy Ye 12064aa61755SAndy Ye TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 12074aa61755SAndy Ye { 0xa8, 0x69, 0x9c, 0xe6, 12084aa61755SAndy Ye 0x88, 0x6c, 0x5d, 0x5d 12094aa61755SAndy Ye } 12104aa61755SAndy Ye }; 12114aa61755SAndy Ye 12124aa61755SAndy Ye TEEC_UUID *TeecUuid = &tempuuid; 12134aa61755SAndy Ye TEEC_Operation TeecOperation = {0}; 12143251364cSHisping Lin struct blk_desc *dev_desc; 12153251364cSHisping Lin dev_desc = rockchip_get_bootdev(); 12166651d4c0SJason Zhu if (!dev_desc) { 12176651d4c0SJason Zhu printf("%s: dev_desc is NULL!\n", __func__); 12186651d4c0SJason Zhu return -TEEC_ERROR_GENERIC; 12196651d4c0SJason Zhu } 12204aa61755SAndy Ye 1221f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 1222f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1223f4e1db95SHisping Lin return TeecResult; 12244aa61755SAndy Ye 12254aa61755SAndy Ye TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 1226f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1227f4e1db95SHisping Lin return TeecResult; 12284aa61755SAndy Ye 12293251364cSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 12303251364cSHisping Lin TEEC_NONE, 12313251364cSHisping Lin TEEC_NONE, 12323251364cSHisping Lin TEEC_NONE); 12333251364cSHisping Lin /*0 nand or emmc "security" partition , 1 rpmb*/ 1234b9a7e756SHisping Lin if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 1235b9a7e756SHisping Lin TeecOperation.params[0].value.a = 1; 1236b9a7e756SHisping Lin else 1237b9a7e756SHisping Lin TeecOperation.params[0].value.a = 0; 1238b9a7e756SHisping Lin 12393251364cSHisping Lin #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 12403251364cSHisping Lin TeecOperation.params[0].value.a = 0; 12413251364cSHisping Lin #endif 12423251364cSHisping Lin 12434aa61755SAndy Ye TeecResult = TEEC_OpenSession(&TeecContext, 12444aa61755SAndy Ye &TeecSession, 12454aa61755SAndy Ye TeecUuid, 12464aa61755SAndy Ye TEEC_LOGIN_PUBLIC, 12474aa61755SAndy Ye NULL, 12483251364cSHisping Lin &TeecOperation, 12494aa61755SAndy Ye &ErrorOrigin); 1250f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1251f4e1db95SHisping Lin return TeecResult; 12524aa61755SAndy Ye 12534aa61755SAndy Ye TEEC_SharedMemory SharedMem0 = {0}; 12544aa61755SAndy Ye 12554aa61755SAndy Ye SharedMem0.size = *operation_size; 12564aa61755SAndy Ye SharedMem0.flags = 0; 12574aa61755SAndy Ye 12584aa61755SAndy Ye TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1259f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1260f4e1db95SHisping Lin goto exit; 12614aa61755SAndy Ye 12624aa61755SAndy Ye memcpy(SharedMem0.buffer, operation_start, SharedMem0.size); 12634aa61755SAndy Ye 12644aa61755SAndy Ye TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 12654aa61755SAndy Ye TeecOperation.params[0].tmpref.size = SharedMem0.size; 12664aa61755SAndy Ye 12674aa61755SAndy Ye TEEC_SharedMemory SharedMem1 = {0}; 12684aa61755SAndy Ye 12694aa61755SAndy Ye SharedMem1.size = *out_len; 12704aa61755SAndy Ye SharedMem1.flags = 0; 12714aa61755SAndy Ye 12724aa61755SAndy Ye TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem1); 1273f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1274f4e1db95SHisping Lin goto exit; 12754aa61755SAndy Ye 12764aa61755SAndy Ye TeecOperation.params[1].tmpref.buffer = SharedMem1.buffer; 12774aa61755SAndy Ye TeecOperation.params[1].tmpref.size = SharedMem1.size; 12784aa61755SAndy Ye 12794aa61755SAndy Ye TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 12804aa61755SAndy Ye TEEC_MEMREF_TEMP_INOUT, 12814aa61755SAndy Ye TEEC_NONE, 12824aa61755SAndy Ye TEEC_NONE); 12834aa61755SAndy Ye 12844aa61755SAndy Ye TeecResult = TEEC_InvokeCommand(&TeecSession, 12854aa61755SAndy Ye 145, 12864aa61755SAndy Ye &TeecOperation, 12874aa61755SAndy Ye &ErrorOrigin); 1288f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1289f4e1db95SHisping Lin goto exit; 12904aa61755SAndy Ye 12914aa61755SAndy Ye *out_len = TeecOperation.params[1].tmpref.size; 12924aa61755SAndy Ye memcpy(out, SharedMem1.buffer, SharedMem1.size); 1293f4e1db95SHisping Lin exit: 12944aa61755SAndy Ye TEEC_ReleaseSharedMemory(&SharedMem0); 12954aa61755SAndy Ye TEEC_ReleaseSharedMemory(&SharedMem1); 1296f4e1db95SHisping Lin TEEC_CloseSession(&TeecSession); 1297f4e1db95SHisping Lin TEEC_FinalizeContext(&TeecContext); 12984aa61755SAndy Ye 12994aa61755SAndy Ye return TeecResult; 13004aa61755SAndy Ye } 13014aa61755SAndy Ye 13024aa61755SAndy Ye uint32_t trusty_attest_set_ca(uint8_t *ca_response, uint32_t *ca_response_size) 13034aa61755SAndy Ye { 13044aa61755SAndy Ye TEEC_Result TeecResult; 13054aa61755SAndy Ye TEEC_Context TeecContext; 13064aa61755SAndy Ye TEEC_Session TeecSession; 13074aa61755SAndy Ye uint32_t ErrorOrigin; 13084aa61755SAndy Ye TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 13094aa61755SAndy Ye { 0xa8, 0x69, 0x9c, 0xe6, 13104aa61755SAndy Ye 0x88, 0x6c, 0x5d, 0x5d 13114aa61755SAndy Ye } 13124aa61755SAndy Ye }; 13134aa61755SAndy Ye TEEC_UUID *TeecUuid = &tempuuid; 13144aa61755SAndy Ye TEEC_Operation TeecOperation = {0}; 13153251364cSHisping Lin struct blk_desc *dev_desc; 13163251364cSHisping Lin dev_desc = rockchip_get_bootdev(); 13176651d4c0SJason Zhu if (!dev_desc) { 13186651d4c0SJason Zhu printf("%s: dev_desc is NULL!\n", __func__); 13196651d4c0SJason Zhu return -TEEC_ERROR_GENERIC; 13206651d4c0SJason Zhu } 1321f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 1322f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1323f4e1db95SHisping Lin return TeecResult; 13244aa61755SAndy Ye 13254aa61755SAndy Ye TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 1326f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1327f4e1db95SHisping Lin return TeecResult; 13284aa61755SAndy Ye 13293251364cSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 13303251364cSHisping Lin TEEC_NONE, 13313251364cSHisping Lin TEEC_NONE, 13323251364cSHisping Lin TEEC_NONE); 13333251364cSHisping Lin /*0 nand or emmc "security" partition , 1 rpmb*/ 1334b9a7e756SHisping Lin if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 1335b9a7e756SHisping Lin TeecOperation.params[0].value.a = 1; 1336b9a7e756SHisping Lin else 1337b9a7e756SHisping Lin TeecOperation.params[0].value.a = 0; 1338b9a7e756SHisping Lin 13393251364cSHisping Lin #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 13403251364cSHisping Lin TeecOperation.params[0].value.a = 0; 13413251364cSHisping Lin #endif 13423251364cSHisping Lin 13434aa61755SAndy Ye TeecResult = TEEC_OpenSession(&TeecContext, 13444aa61755SAndy Ye &TeecSession, 13454aa61755SAndy Ye TeecUuid, 13464aa61755SAndy Ye TEEC_LOGIN_PUBLIC, 13474aa61755SAndy Ye NULL, 13483251364cSHisping Lin &TeecOperation, 13494aa61755SAndy Ye &ErrorOrigin); 1350f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1351f4e1db95SHisping Lin return TeecResult; 13524aa61755SAndy Ye 13534aa61755SAndy Ye TEEC_SharedMemory SharedMem0 = {0}; 13544aa61755SAndy Ye 13554aa61755SAndy Ye SharedMem0.size = *ca_response_size; 13564aa61755SAndy Ye SharedMem0.flags = 0; 13574aa61755SAndy Ye 13584aa61755SAndy Ye TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1359f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1360f4e1db95SHisping Lin goto exit; 13614aa61755SAndy Ye 13624aa61755SAndy Ye memcpy(SharedMem0.buffer, ca_response, SharedMem0.size); 13634aa61755SAndy Ye 13644aa61755SAndy Ye TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 13654aa61755SAndy Ye TeecOperation.params[0].tmpref.size = SharedMem0.size; 13664aa61755SAndy Ye 13674aa61755SAndy Ye TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 13684aa61755SAndy Ye TEEC_NONE, 13694aa61755SAndy Ye TEEC_NONE, 13704aa61755SAndy Ye TEEC_NONE); 13714aa61755SAndy Ye 13724aa61755SAndy Ye TeecResult = TEEC_InvokeCommand(&TeecSession, 13734aa61755SAndy Ye 146, 13744aa61755SAndy Ye &TeecOperation, 13754aa61755SAndy Ye &ErrorOrigin); 1376f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1377f4e1db95SHisping Lin goto exit; 1378f4e1db95SHisping Lin exit: 13794aa61755SAndy Ye TEEC_ReleaseSharedMemory(&SharedMem0); 13804aa61755SAndy Ye TEEC_CloseSession(&TeecSession); 1381f4e1db95SHisping Lin TEEC_FinalizeContext(&TeecContext); 13824aa61755SAndy Ye 13834aa61755SAndy Ye return TeecResult; 13844aa61755SAndy Ye } 1385