1ae8ec5e1SHisping Lin /* 2ae8ec5e1SHisping Lin * Copyright 2017, Rockchip Electronics Co., Ltd 3ae8ec5e1SHisping Lin * hisping lin, <hisping.lin@rock-chips.com> 4ae8ec5e1SHisping Lin * 5ae8ec5e1SHisping Lin * SPDX-License-Identifier: GPL-2.0+ 6ae8ec5e1SHisping Lin */ 7ae8ec5e1SHisping Lin 8ae8ec5e1SHisping Lin #include <common.h> 9bb1ba6acSHisping Lin #include <optee_include/OpteeClientInterface.h> 10ae8ec5e1SHisping Lin #include <optee_include/OpteeClientApiLib.h> 11ae8ec5e1SHisping Lin #include <optee_include/tee_client_api.h> 1278ef5fbdSqiujian #include <optee_include/tee_api_defines.h> 133251364cSHisping Lin #include <boot_rkimg.h> 14a7df4868Stony.xu #include <stdlib.h> 151e8c0e44STony Xu #include <attestation_key.h> 16a7df4868Stony.xu 17a7df4868Stony.xu #define BOOT_FROM_EMMC (1 << 1) 18c7de5349SHisping Lin #define STORAGE_CMD_READ_ATTRIBUTE_HASH 0 19c7de5349SHisping Lin #define STORAGE_CMD_WRITE_ATTRIBUTE_HASH 1 20c7de5349SHisping Lin #define STORAGE_CMD_UBOOT_END_OTP 2 21c7de5349SHisping Lin #define STORAGE_CMD_READ_VBOOTKEY_HASH 3 22c7de5349SHisping Lin #define STORAGE_CMD_WRITE_VBOOTKEY_HASH 4 23c7de5349SHisping Lin #define STORAGE_CMD_READ_ENABLE_FLAG 5 241ef63c75SHisping Lin #define STORAGE_CMD_WRITE_TA_ENCRYPTION_KEY 9 25fbf29bfbSHisping Lin #define STORAGE_CMD_CHECK_SECURITY_LEVEL_FLAG 10 26f39d4289SHisping Lin #define STORAGE_CMD_WRITE_OEM_HUK 11 27d5913350SHisping Lin #define STORAGE_CMD_WRITE_OEM_NS_OTP 12 28d5913350SHisping Lin #define STORAGE_CMD_READ_OEM_NS_OTP 13 2990e849a0Sxb.wang #define STORAGE_CMD_WRITE_OEM_OTP_KEY 14 30a405238aSHisping Lin #define STORAGE_CMD_SET_OEM_HR_OTP_READ_LOCK 15 319deb34f6SHisping Lin #define STORAGE_CMD_OEM_OTP_KEY_IS_WRITTEN 16 32ae8ec5e1SHisping Lin 332f8c34bdSxb.wang #define CRYPTO_SERVICE_CMD_OEM_OTP_KEY_PHYS_CIPHER 0x00000002 34fc3694d6Sxb.wang 35fc3694d6Sxb.wang #define RK_CRYPTO_SERVICE_UUID { 0x0cacdb5d, 0x4fea, 0x466c, \ 36fc3694d6Sxb.wang { 0x97, 0x16, 0x3d, 0x54, 0x16, 0x52, 0x83, 0x0f } } 37fc3694d6Sxb.wang 38ae8ec5e1SHisping Lin static uint8_t b2hs_add_base(uint8_t in) 39ae8ec5e1SHisping Lin { 40ae8ec5e1SHisping Lin if (in > 9) 41ae8ec5e1SHisping Lin return in + 55; 42ae8ec5e1SHisping Lin else 43ae8ec5e1SHisping Lin return in + 48; 44ae8ec5e1SHisping Lin } 45ae8ec5e1SHisping Lin 46c7de5349SHisping Lin static uint32_t b2hs(uint8_t *b, uint8_t *hs, uint32_t blen, uint32_t hslen) 47ae8ec5e1SHisping Lin { 48ae8ec5e1SHisping Lin uint32_t i = 0; 49ae8ec5e1SHisping Lin 50ae8ec5e1SHisping Lin if (blen * 2 + 1 > hslen) 51ae8ec5e1SHisping Lin return 0; 52ae8ec5e1SHisping Lin 53ae8ec5e1SHisping Lin for (; i < blen; i++) { 54ae8ec5e1SHisping Lin hs[i * 2 + 1] = b2hs_add_base(b[i] & 0xf); 55ae8ec5e1SHisping Lin hs[i * 2] = b2hs_add_base(b[i] >> 4); 56ae8ec5e1SHisping Lin } 57ae8ec5e1SHisping Lin hs[blen * 2] = 0; 58ae8ec5e1SHisping Lin 59ae8ec5e1SHisping Lin return blen * 2; 60ae8ec5e1SHisping Lin } 61ae8ec5e1SHisping Lin 622f8c34bdSxb.wang static void crypto_flush_cacheline(uint32_t addr, uint32_t size) 632f8c34bdSxb.wang { 642f8c34bdSxb.wang ulong alignment = CONFIG_SYS_CACHELINE_SIZE; 652f8c34bdSxb.wang ulong aligned_input, aligned_len; 662f8c34bdSxb.wang 672f8c34bdSxb.wang if (!addr || !size) 682f8c34bdSxb.wang return; 692f8c34bdSxb.wang 702f8c34bdSxb.wang /* Must flush dcache before crypto DMA fetch data region */ 712f8c34bdSxb.wang aligned_input = round_down(addr, alignment); 722f8c34bdSxb.wang aligned_len = round_up(size + (addr - aligned_input), alignment); 732f8c34bdSxb.wang flush_cache(aligned_input, aligned_len); 742f8c34bdSxb.wang } 752f8c34bdSxb.wang 76*a900eef3SHisping Lin static void crypto_invalidate_cacheline(uint32_t addr, uint32_t size) 77*a900eef3SHisping Lin { 78*a900eef3SHisping Lin ulong alignment = CONFIG_SYS_CACHELINE_SIZE; 79*a900eef3SHisping Lin ulong aligned_input, aligned_len; 80*a900eef3SHisping Lin 81*a900eef3SHisping Lin if (!addr || !size) 82*a900eef3SHisping Lin return; 83*a900eef3SHisping Lin 84*a900eef3SHisping Lin /* Must invalidate dcache after crypto DMA write data region */ 85*a900eef3SHisping Lin aligned_input = round_down(addr, alignment); 86*a900eef3SHisping Lin aligned_len = round_up(size + (addr - aligned_input), alignment); 87*a900eef3SHisping Lin invalidate_dcache_range(aligned_input, aligned_input + aligned_len); 88*a900eef3SHisping Lin } 89*a900eef3SHisping Lin 90c7de5349SHisping Lin static uint32_t trusty_base_write_security_data(char *filename, 91c7de5349SHisping Lin uint32_t filename_size, 92c7de5349SHisping Lin uint8_t *data, 93c7de5349SHisping Lin uint32_t data_size) 94ae8ec5e1SHisping Lin { 95ae8ec5e1SHisping Lin TEEC_Result TeecResult; 96ae8ec5e1SHisping Lin TEEC_Context TeecContext; 97ae8ec5e1SHisping Lin TEEC_Session TeecSession; 98ae8ec5e1SHisping Lin uint32_t ErrorOrigin; 99ae8ec5e1SHisping Lin TEEC_UUID tempuuid = { 0x1b484ea5, 0x698b, 0x4142, 100ae8ec5e1SHisping Lin { 0x82, 0xb8, 0x3a, 0xcf, 0x16, 0xe9, 0x9e, 0x2a } }; 101ae8ec5e1SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 102ae8ec5e1SHisping Lin TEEC_Operation TeecOperation = {0}; 1033251364cSHisping Lin struct blk_desc *dev_desc; 1043251364cSHisping Lin dev_desc = rockchip_get_bootdev(); 1056651d4c0SJason Zhu if (!dev_desc) { 1066651d4c0SJason Zhu printf("%s: dev_desc is NULL!\n", __func__); 1076651d4c0SJason Zhu return -TEEC_ERROR_GENERIC; 1086651d4c0SJason Zhu } 1093251364cSHisping Lin 110f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 111f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 112f4e1db95SHisping Lin return TeecResult; 113ae8ec5e1SHisping Lin 114ae8ec5e1SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 115f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 116f4e1db95SHisping Lin return TeecResult; 117ae8ec5e1SHisping Lin 1183251364cSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 1193251364cSHisping Lin TEEC_NONE, 1203251364cSHisping Lin TEEC_NONE, 1213251364cSHisping Lin TEEC_NONE); 1223251364cSHisping Lin /*0 nand or emmc "security" partition , 1 rpmb*/ 123b9a7e756SHisping Lin if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 124b9a7e756SHisping Lin TeecOperation.params[0].value.a = 1; 125b9a7e756SHisping Lin else 126b9a7e756SHisping Lin TeecOperation.params[0].value.a = 0; 1273251364cSHisping Lin #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 1283251364cSHisping Lin TeecOperation.params[0].value.a = 0; 1293251364cSHisping Lin #endif 1303251364cSHisping Lin 131ae8ec5e1SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 132ae8ec5e1SHisping Lin &TeecSession, 133ae8ec5e1SHisping Lin TeecUuid, 134ae8ec5e1SHisping Lin TEEC_LOGIN_PUBLIC, 135ae8ec5e1SHisping Lin NULL, 1363251364cSHisping Lin &TeecOperation, 137ae8ec5e1SHisping Lin &ErrorOrigin); 138f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 139f4e1db95SHisping Lin return TeecResult; 140ae8ec5e1SHisping Lin 141ae8ec5e1SHisping Lin TEEC_SharedMemory SharedMem0 = {0}; 142ae8ec5e1SHisping Lin 143c7de5349SHisping Lin SharedMem0.size = filename_size; 144ae8ec5e1SHisping Lin SharedMem0.flags = 0; 145ae8ec5e1SHisping Lin 146ae8ec5e1SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 147f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 148f4e1db95SHisping Lin goto exit; 149ae8ec5e1SHisping Lin 150c7de5349SHisping Lin memcpy(SharedMem0.buffer, filename, SharedMem0.size); 151ae8ec5e1SHisping Lin 152ae8ec5e1SHisping Lin TEEC_SharedMemory SharedMem1 = {0}; 153ae8ec5e1SHisping Lin 154c7de5349SHisping Lin SharedMem1.size = data_size; 155c7de5349SHisping Lin SharedMem1.flags = 0; 156c7de5349SHisping Lin 157c7de5349SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem1); 158c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 159c7de5349SHisping Lin goto exit; 160c7de5349SHisping Lin 161c7de5349SHisping Lin memcpy(SharedMem1.buffer, data, SharedMem1.size); 162c7de5349SHisping Lin 163c7de5349SHisping Lin TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 164c7de5349SHisping Lin TeecOperation.params[0].tmpref.size = SharedMem0.size; 165c7de5349SHisping Lin 166c7de5349SHisping Lin TeecOperation.params[1].tmpref.buffer = SharedMem1.buffer; 167c7de5349SHisping Lin TeecOperation.params[1].tmpref.size = SharedMem1.size; 168c7de5349SHisping Lin 169c7de5349SHisping Lin 170c7de5349SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT, 171c7de5349SHisping Lin TEEC_MEMREF_TEMP_INOUT, 172c7de5349SHisping Lin TEEC_NONE, 173c7de5349SHisping Lin TEEC_NONE); 174c7de5349SHisping Lin 175c7de5349SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 176c7de5349SHisping Lin 1, 177c7de5349SHisping Lin &TeecOperation, 178c7de5349SHisping Lin &ErrorOrigin); 179c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 180c7de5349SHisping Lin goto exit; 181c7de5349SHisping Lin exit: 182c7de5349SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem0); 183c7de5349SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem1); 184c7de5349SHisping Lin TEEC_CloseSession(&TeecSession); 185c7de5349SHisping Lin TEEC_FinalizeContext(&TeecContext); 186c7de5349SHisping Lin 187c7de5349SHisping Lin return TeecResult; 188c7de5349SHisping Lin } 189c7de5349SHisping Lin 190c7de5349SHisping Lin static uint32_t trusty_base_read_security_data(char *filename, 191c7de5349SHisping Lin uint32_t filename_size, 192c7de5349SHisping Lin uint8_t *data, 193c7de5349SHisping Lin uint32_t data_size) 194c7de5349SHisping Lin { 195c7de5349SHisping Lin TEEC_Result TeecResult; 196c7de5349SHisping Lin TEEC_Context TeecContext; 197c7de5349SHisping Lin TEEC_Session TeecSession; 198c7de5349SHisping Lin uint32_t ErrorOrigin; 199c7de5349SHisping Lin TEEC_UUID tempuuid = { 0x1b484ea5, 0x698b, 0x4142, 200c7de5349SHisping Lin { 0x82, 0xb8, 0x3a, 0xcf, 0x16, 0xe9, 0x9e, 0x2a } }; 201c7de5349SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 202c7de5349SHisping Lin TEEC_Operation TeecOperation = {0}; 203c7de5349SHisping Lin 204c7de5349SHisping Lin struct blk_desc *dev_desc; 205c7de5349SHisping Lin dev_desc = rockchip_get_bootdev(); 206c7de5349SHisping Lin if (!dev_desc) { 207c7de5349SHisping Lin printf("%s: dev_desc is NULL!\n", __func__); 208c7de5349SHisping Lin return -TEEC_ERROR_GENERIC; 209c7de5349SHisping Lin } 210c7de5349SHisping Lin 211c7de5349SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 212c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 213c7de5349SHisping Lin return TeecResult; 214c7de5349SHisping Lin 215c7de5349SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 216c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 217c7de5349SHisping Lin return TeecResult; 218c7de5349SHisping Lin 219c7de5349SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 220c7de5349SHisping Lin TEEC_NONE, 221c7de5349SHisping Lin TEEC_NONE, 222c7de5349SHisping Lin TEEC_NONE); 223c7de5349SHisping Lin /*0 nand or emmc "security" partition , 1 rpmb*/ 224c7de5349SHisping Lin if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 225c7de5349SHisping Lin TeecOperation.params[0].value.a = 1; 226c7de5349SHisping Lin else 227c7de5349SHisping Lin TeecOperation.params[0].value.a = 0; 228c7de5349SHisping Lin #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 229c7de5349SHisping Lin TeecOperation.params[0].value.a = 0; 230c7de5349SHisping Lin #endif 231c7de5349SHisping Lin 232c7de5349SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 233c7de5349SHisping Lin &TeecSession, 234c7de5349SHisping Lin TeecUuid, 235c7de5349SHisping Lin TEEC_LOGIN_PUBLIC, 236c7de5349SHisping Lin NULL, 237c7de5349SHisping Lin &TeecOperation, 238c7de5349SHisping Lin &ErrorOrigin); 239c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 240c7de5349SHisping Lin return TeecResult; 241c7de5349SHisping Lin 242c7de5349SHisping Lin TEEC_SharedMemory SharedMem0 = {0}; 243c7de5349SHisping Lin 244c7de5349SHisping Lin SharedMem0.size = filename_size; 245c7de5349SHisping Lin SharedMem0.flags = 0; 246c7de5349SHisping Lin 247c7de5349SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 248c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 249c7de5349SHisping Lin goto exit; 250c7de5349SHisping Lin 251c7de5349SHisping Lin memcpy(SharedMem0.buffer, filename, SharedMem0.size); 252c7de5349SHisping Lin 253c7de5349SHisping Lin TEEC_SharedMemory SharedMem1 = {0}; 254c7de5349SHisping Lin 255c7de5349SHisping Lin SharedMem1.size = data_size; 256ae8ec5e1SHisping Lin SharedMem1.flags = 0; 257ae8ec5e1SHisping Lin 258ae8ec5e1SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem1); 259f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 260f4e1db95SHisping Lin goto exit; 261ae8ec5e1SHisping Lin 262ae8ec5e1SHisping Lin TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 263ae8ec5e1SHisping Lin TeecOperation.params[0].tmpref.size = SharedMem0.size; 264ae8ec5e1SHisping Lin 265ae8ec5e1SHisping Lin TeecOperation.params[1].tmpref.buffer = SharedMem1.buffer; 266ae8ec5e1SHisping Lin TeecOperation.params[1].tmpref.size = SharedMem1.size; 267ae8ec5e1SHisping Lin 268ae8ec5e1SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT, 269ae8ec5e1SHisping Lin TEEC_MEMREF_TEMP_INOUT, 270ae8ec5e1SHisping Lin TEEC_NONE, 271ae8ec5e1SHisping Lin TEEC_NONE); 272ae8ec5e1SHisping Lin 273ae8ec5e1SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 274ae8ec5e1SHisping Lin 0, 275ae8ec5e1SHisping Lin &TeecOperation, 276ae8ec5e1SHisping Lin &ErrorOrigin); 27746b2a054SHisping Lin if (TeecResult == TEEC_SUCCESS) 278c7de5349SHisping Lin memcpy(data, SharedMem1.buffer, SharedMem1.size); 279f4e1db95SHisping Lin exit: 280ae8ec5e1SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem0); 281ae8ec5e1SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem1); 282ae8ec5e1SHisping Lin TEEC_CloseSession(&TeecSession); 28346b2a054SHisping Lin TEEC_FinalizeContext(&TeecContext); 284ae8ec5e1SHisping Lin 285ae8ec5e1SHisping Lin return TeecResult; 286ae8ec5e1SHisping Lin } 287ae8ec5e1SHisping Lin 288c7de5349SHisping Lin static uint32_t trusty_base_end_security_data(void) 289c7de5349SHisping Lin { 290c7de5349SHisping Lin TEEC_Result TeecResult; 291c7de5349SHisping Lin TEEC_Context TeecContext; 292c7de5349SHisping Lin TEEC_Session TeecSession; 293c7de5349SHisping Lin uint32_t ErrorOrigin; 294c7de5349SHisping Lin TEEC_UUID tempuuid = { 0x1b484ea5, 0x698b, 0x4142, 295c7de5349SHisping Lin { 0x82, 0xb8, 0x3a, 0xcf, 0x16, 0xe9, 0x9e, 0x2a } }; 296c7de5349SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 297c7de5349SHisping Lin TEEC_Operation TeecOperation = {0}; 298c7de5349SHisping Lin 299c7de5349SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 300c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 301c7de5349SHisping Lin return TeecResult; 302c7de5349SHisping Lin 303c7de5349SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 304c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 305c7de5349SHisping Lin return TeecResult; 306c7de5349SHisping Lin 307c7de5349SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 308c7de5349SHisping Lin &TeecSession, 309c7de5349SHisping Lin TeecUuid, 310c7de5349SHisping Lin TEEC_LOGIN_PUBLIC, 311c7de5349SHisping Lin NULL, 312c7de5349SHisping Lin NULL, 313c7de5349SHisping Lin &ErrorOrigin); 314c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 315c7de5349SHisping Lin return TeecResult; 316c7de5349SHisping Lin 317c7de5349SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_NONE, 318c7de5349SHisping Lin TEEC_NONE, 319c7de5349SHisping Lin TEEC_NONE, 320c7de5349SHisping Lin TEEC_NONE); 321c7de5349SHisping Lin 322c7de5349SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 323c7de5349SHisping Lin 2, 324c7de5349SHisping Lin &TeecOperation, 325c7de5349SHisping Lin &ErrorOrigin); 326c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 327c7de5349SHisping Lin goto exit; 328c7de5349SHisping Lin exit: 329c7de5349SHisping Lin TEEC_CloseSession(&TeecSession); 330c7de5349SHisping Lin TEEC_FinalizeContext(&TeecContext); 331c7de5349SHisping Lin 332c7de5349SHisping Lin return TeecResult; 333c7de5349SHisping Lin } 334c7de5349SHisping Lin 335c7de5349SHisping Lin uint32_t trusty_read_rollback_index(uint32_t slot, uint64_t *value) 336c7de5349SHisping Lin { 337c7de5349SHisping Lin char hs[9]; 338c7de5349SHisping Lin 339c7de5349SHisping Lin b2hs((uint8_t *)&slot, (uint8_t *)hs, 4, 9); 340c7de5349SHisping Lin 341c7de5349SHisping Lin return trusty_base_read_security_data(hs, 8, (uint8_t *)value, 8); 342c7de5349SHisping Lin } 343c7de5349SHisping Lin 344ae8ec5e1SHisping Lin uint32_t trusty_write_rollback_index(uint32_t slot, uint64_t value) 345ae8ec5e1SHisping Lin { 346c7de5349SHisping Lin char hs[9]; 3473251364cSHisping Lin 348c7de5349SHisping Lin b2hs((uint8_t *)&slot, (uint8_t *)hs, 4, 9); 349ae8ec5e1SHisping Lin 350c7de5349SHisping Lin return trusty_base_write_security_data(hs, 8, (uint8_t *)&value, 8); 351ae8ec5e1SHisping Lin } 352ae8ec5e1SHisping Lin 353ae8ec5e1SHisping Lin uint32_t trusty_read_permanent_attributes(uint8_t *attributes, uint32_t size) 354ae8ec5e1SHisping Lin { 355c7de5349SHisping Lin return trusty_base_read_security_data("attributes", 356c7de5349SHisping Lin sizeof("attributes"), attributes, size); 357ae8ec5e1SHisping Lin } 358ae8ec5e1SHisping Lin 359ae8ec5e1SHisping Lin uint32_t trusty_write_permanent_attributes(uint8_t *attributes, uint32_t size) 360ae8ec5e1SHisping Lin { 361c7de5349SHisping Lin return trusty_base_write_security_data("attributes", 362c7de5349SHisping Lin sizeof("attributes"), attributes, size); 3636651d4c0SJason Zhu } 364ae8ec5e1SHisping Lin 365c7de5349SHisping Lin uint32_t trusty_read_permanent_attributes_flag(uint8_t *attributes) 366c7de5349SHisping Lin { 367c7de5349SHisping Lin return trusty_base_read_security_data("attributes_flag", 368c7de5349SHisping Lin sizeof("attributes_flag"), attributes, 1); 369c7de5349SHisping Lin } 370ae8ec5e1SHisping Lin 371c7de5349SHisping Lin uint32_t trusty_write_permanent_attributes_flag(uint8_t attributes) 372c7de5349SHisping Lin { 373c7de5349SHisping Lin return trusty_base_write_security_data("attributes_flag", 374c7de5349SHisping Lin sizeof("attributes_flag"), &attributes, 1); 375ae8ec5e1SHisping Lin } 376ae8ec5e1SHisping Lin 377564654ebSJason Zhu uint32_t trusty_read_permanent_attributes_cer(uint8_t *attributes, 378564654ebSJason Zhu uint32_t size) 379564654ebSJason Zhu { 380c7de5349SHisping Lin return trusty_base_read_security_data("rsacer", 381c7de5349SHisping Lin sizeof("rsacer"), attributes, size); 382564654ebSJason Zhu } 383564654ebSJason Zhu 384564654ebSJason Zhu uint32_t trusty_write_permanent_attributes_cer(uint8_t *attributes, 385564654ebSJason Zhu uint32_t size) 386564654ebSJason Zhu { 387c7de5349SHisping Lin return trusty_base_write_security_data("rsacer", 388c7de5349SHisping Lin sizeof("rsacer"), attributes, size); 389564654ebSJason Zhu } 390564654ebSJason Zhu 391ae8ec5e1SHisping Lin uint32_t trusty_read_lock_state(uint8_t *lock_state) 392ae8ec5e1SHisping Lin { 393c7de5349SHisping Lin return trusty_base_read_security_data("lock_state", 394c7de5349SHisping Lin sizeof("lock_state"), lock_state, 1); 395ae8ec5e1SHisping Lin } 396ae8ec5e1SHisping Lin 397ae8ec5e1SHisping Lin uint32_t trusty_write_lock_state(uint8_t lock_state) 398ae8ec5e1SHisping Lin { 399c7de5349SHisping Lin return trusty_base_write_security_data("lock_state", 400c7de5349SHisping Lin sizeof("lock_state"), &lock_state, 1); 401ae8ec5e1SHisping Lin } 402ae8ec5e1SHisping Lin 403ae8ec5e1SHisping Lin uint32_t trusty_read_flash_lock_state(uint8_t *flash_lock_state) 404ae8ec5e1SHisping Lin { 405c7de5349SHisping Lin return trusty_base_read_security_data("flash_lock_state", 406c7de5349SHisping Lin sizeof("flash_lock_state"), flash_lock_state, 1); 407c7de5349SHisping Lin } 408c7de5349SHisping Lin 409c7de5349SHisping Lin uint32_t trusty_write_flash_lock_state(uint8_t flash_lock_state) 410c7de5349SHisping Lin { 411c7de5349SHisping Lin return trusty_base_write_security_data("flash_lock_state", 412c7de5349SHisping Lin sizeof("flash_lock_state"), &flash_lock_state, 1); 413c7de5349SHisping Lin } 414c7de5349SHisping Lin 415c7de5349SHisping Lin static uint32_t trusty_base_end_efuse_or_otp(void) 416c7de5349SHisping Lin { 417ae8ec5e1SHisping Lin TEEC_Result TeecResult; 418ae8ec5e1SHisping Lin TEEC_Context TeecContext; 419ae8ec5e1SHisping Lin TEEC_Session TeecSession; 420ae8ec5e1SHisping Lin uint32_t ErrorOrigin; 421c7de5349SHisping Lin TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 422c7de5349SHisping Lin { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 423c7de5349SHisping Lin 424ae8ec5e1SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 425ae8ec5e1SHisping Lin TEEC_Operation TeecOperation = {0}; 426ae8ec5e1SHisping Lin 427f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 428f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 429f4e1db95SHisping Lin return TeecResult; 430ae8ec5e1SHisping Lin 431ae8ec5e1SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 432f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 433f4e1db95SHisping Lin return TeecResult; 434ae8ec5e1SHisping Lin 435ae8ec5e1SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 436ae8ec5e1SHisping Lin &TeecSession, 437ae8ec5e1SHisping Lin TeecUuid, 438ae8ec5e1SHisping Lin TEEC_LOGIN_PUBLIC, 439ae8ec5e1SHisping Lin NULL, 440c7de5349SHisping Lin NULL, 441ae8ec5e1SHisping Lin &ErrorOrigin); 442f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 443f4e1db95SHisping Lin return TeecResult; 444ae8ec5e1SHisping Lin 445c7de5349SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_NONE, 446c7de5349SHisping Lin TEEC_NONE, 447ae8ec5e1SHisping Lin TEEC_NONE, 448ae8ec5e1SHisping Lin TEEC_NONE); 449ae8ec5e1SHisping Lin 450ae8ec5e1SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 451c7de5349SHisping Lin STORAGE_CMD_UBOOT_END_OTP, 452ae8ec5e1SHisping Lin &TeecOperation, 453ae8ec5e1SHisping Lin &ErrorOrigin); 454c7de5349SHisping Lin if (TeecResult != TEEC_SUCCESS) 455c7de5349SHisping Lin goto exit; 456f4e1db95SHisping Lin exit: 457ae8ec5e1SHisping Lin TEEC_CloseSession(&TeecSession); 45846b2a054SHisping Lin TEEC_FinalizeContext(&TeecContext); 459ae8ec5e1SHisping Lin 460ae8ec5e1SHisping Lin return TeecResult; 461ae8ec5e1SHisping Lin } 462ae8ec5e1SHisping Lin 463c7de5349SHisping Lin static uint32_t trusty_base_efuse_or_otp_operation(uint32_t cmd, 464c7de5349SHisping Lin uint8_t is_write, 465c7de5349SHisping Lin uint32_t *buf, 466c7de5349SHisping Lin uint32_t length) 467ae8ec5e1SHisping Lin { 468ae8ec5e1SHisping Lin TEEC_Result TeecResult; 469ae8ec5e1SHisping Lin TEEC_Context TeecContext; 470ae8ec5e1SHisping Lin TEEC_Session TeecSession; 471ae8ec5e1SHisping Lin uint32_t ErrorOrigin; 472c7de5349SHisping Lin 473c7de5349SHisping Lin TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 474c7de5349SHisping Lin { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 475ae8ec5e1SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 476ae8ec5e1SHisping Lin TEEC_Operation TeecOperation = {0}; 477ae8ec5e1SHisping Lin 478f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 479f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 480f4e1db95SHisping Lin return TeecResult; 481ae8ec5e1SHisping Lin 482ae8ec5e1SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 483f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 484f4e1db95SHisping Lin return TeecResult; 485ae8ec5e1SHisping Lin 486ae8ec5e1SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 487ae8ec5e1SHisping Lin &TeecSession, 488ae8ec5e1SHisping Lin TeecUuid, 489ae8ec5e1SHisping Lin TEEC_LOGIN_PUBLIC, 490ae8ec5e1SHisping Lin NULL, 491c7de5349SHisping Lin NULL, 492ae8ec5e1SHisping Lin &ErrorOrigin); 493f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 494f4e1db95SHisping Lin return TeecResult; 495ae8ec5e1SHisping Lin 496ae8ec5e1SHisping Lin TEEC_SharedMemory SharedMem0 = {0}; 497ae8ec5e1SHisping Lin 498c7de5349SHisping Lin SharedMem0.size = length * sizeof(uint32_t); 499ae8ec5e1SHisping Lin SharedMem0.flags = 0; 500ae8ec5e1SHisping Lin 501ae8ec5e1SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 502f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 503f4e1db95SHisping Lin goto exit; 504ae8ec5e1SHisping Lin 505ae8ec5e1SHisping Lin TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 506ae8ec5e1SHisping Lin TeecOperation.params[0].tmpref.size = SharedMem0.size; 507ae8ec5e1SHisping Lin 508c7de5349SHisping Lin if (is_write) { 509c7de5349SHisping Lin memcpy(SharedMem0.buffer, buf, SharedMem0.size); 510ae8ec5e1SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT, 511c7de5349SHisping Lin TEEC_NONE, 512ae8ec5e1SHisping Lin TEEC_NONE, 513ae8ec5e1SHisping Lin TEEC_NONE); 514ae8ec5e1SHisping Lin 515c7de5349SHisping Lin } else { 516c7de5349SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_OUTPUT, 517c7de5349SHisping Lin TEEC_NONE, 518c7de5349SHisping Lin TEEC_NONE, 519c7de5349SHisping Lin TEEC_NONE); 520c7de5349SHisping Lin } 521c7de5349SHisping Lin 522ae8ec5e1SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 523c7de5349SHisping Lin cmd, 524ae8ec5e1SHisping Lin &TeecOperation, 525ae8ec5e1SHisping Lin &ErrorOrigin); 526f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 527f4e1db95SHisping Lin goto exit; 528c7de5349SHisping Lin 529c7de5349SHisping Lin if (!is_write) 530c7de5349SHisping Lin memcpy(buf, SharedMem0.buffer, SharedMem0.size); 531c7de5349SHisping Lin 532f4e1db95SHisping Lin exit: 533ae8ec5e1SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem0); 534ae8ec5e1SHisping Lin TEEC_CloseSession(&TeecSession); 53546b2a054SHisping Lin TEEC_FinalizeContext(&TeecContext); 536ae8ec5e1SHisping Lin 537ae8ec5e1SHisping Lin return TeecResult; 538ae8ec5e1SHisping Lin } 539ae8ec5e1SHisping Lin 5406ef445a4SHisping Lin uint32_t trusty_read_attribute_hash(uint32_t *buf, uint32_t length) 5416ef445a4SHisping Lin { 542c7de5349SHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_READ_ATTRIBUTE_HASH, 543c7de5349SHisping Lin false, buf, length); 5446ef445a4SHisping Lin } 5456ef445a4SHisping Lin 5466ef445a4SHisping Lin uint32_t trusty_write_attribute_hash(uint32_t *buf, uint32_t length) 5476ef445a4SHisping Lin { 548c7de5349SHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_ATTRIBUTE_HASH, 549c7de5349SHisping Lin true, buf, length); 55016539616SHisping Lin } 55116539616SHisping Lin 55216539616SHisping Lin uint32_t trusty_notify_optee_uboot_end(void) 55316539616SHisping Lin { 55416539616SHisping Lin TEEC_Result res; 555c7de5349SHisping Lin 556c7de5349SHisping Lin res = trusty_base_end_security_data(); 557c7de5349SHisping Lin res |= trusty_base_end_efuse_or_otp(); 55816539616SHisping Lin return res; 55916539616SHisping Lin } 5602cd27853SHisping Lin 5612cd27853SHisping Lin uint32_t trusty_read_vbootkey_hash(uint32_t *buf, uint32_t length) 5622cd27853SHisping Lin { 563c7de5349SHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_READ_VBOOTKEY_HASH, 564c7de5349SHisping Lin false, buf, length); 5652cd27853SHisping Lin } 566c7de5349SHisping Lin 5672cd27853SHisping Lin uint32_t trusty_write_vbootkey_hash(uint32_t *buf, uint32_t length) 5682cd27853SHisping Lin { 569c7de5349SHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_VBOOTKEY_HASH, 570c7de5349SHisping Lin true, buf, length); 5712cd27853SHisping Lin } 572095e2a82SHisping Lin 573468df3b2SHisping Lin uint32_t trusty_read_vbootkey_enable_flag(uint8_t *flag) 574468df3b2SHisping Lin { 575468df3b2SHisping Lin uint32_t bootflag; 576c7de5349SHisping Lin TEEC_Result TeecResult; 577468df3b2SHisping Lin 578f07e1686SHisping Lin *flag = 0; 579f07e1686SHisping Lin 580c7de5349SHisping Lin TeecResult = trusty_base_efuse_or_otp_operation(STORAGE_CMD_READ_ENABLE_FLAG, 581c7de5349SHisping Lin false, &bootflag, 1); 582468df3b2SHisping Lin 583468df3b2SHisping Lin if (TeecResult == TEEC_SUCCESS) { 5840202ee8aSHisping Lin #if defined(CONFIG_ROCKCHIP_RK3288) 5850202ee8aSHisping Lin if (bootflag == 0x00000001) 5860202ee8aSHisping Lin *flag = 1; 5870202ee8aSHisping Lin #else 588468df3b2SHisping Lin if (bootflag == 0x000000FF) 589468df3b2SHisping Lin *flag = 1; 5900202ee8aSHisping Lin #endif 591468df3b2SHisping Lin } 592095e2a82SHisping Lin return TeecResult; 593095e2a82SHisping Lin } 5944aa61755SAndy Ye 5951ef63c75SHisping Lin uint32_t trusty_write_ta_encryption_key(uint32_t *buf, uint32_t length) 5961ef63c75SHisping Lin { 5971ef63c75SHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_TA_ENCRYPTION_KEY, 5981ef63c75SHisping Lin true, buf, length); 5991ef63c75SHisping Lin } 6001ef63c75SHisping Lin 601fbf29bfbSHisping Lin uint32_t trusty_check_security_level_flag(uint8_t flag) 602fbf29bfbSHisping Lin { 603fbf29bfbSHisping Lin uint32_t levelflag; 604fbf29bfbSHisping Lin 605fbf29bfbSHisping Lin levelflag = flag; 606fbf29bfbSHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_CHECK_SECURITY_LEVEL_FLAG, 607fbf29bfbSHisping Lin true, &levelflag, 1); 608fbf29bfbSHisping Lin } 609fbf29bfbSHisping Lin 610f39d4289SHisping Lin uint32_t trusty_write_oem_huk(uint32_t *buf, uint32_t length) 611f39d4289SHisping Lin { 612f39d4289SHisping Lin return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_OEM_HUK, 613f39d4289SHisping Lin true, buf, length); 614f39d4289SHisping Lin } 615f39d4289SHisping Lin 6167504da74SHisping Lin void trusty_select_security_level(void) 6177504da74SHisping Lin { 6187504da74SHisping Lin #if (CONFIG_OPTEE_SECURITY_LEVEL > 0) 6197504da74SHisping Lin TEEC_Result TeecResult; 6207504da74SHisping Lin 6217504da74SHisping Lin TeecResult = trusty_check_security_level_flag(CONFIG_OPTEE_SECURITY_LEVEL); 6227504da74SHisping Lin if (TeecResult == TEE_ERROR_CANCEL) { 6237504da74SHisping Lin run_command("download", 0); 6247504da74SHisping Lin return; 6257504da74SHisping Lin } 6267504da74SHisping Lin 6277504da74SHisping Lin if (TeecResult == TEEC_SUCCESS) 6287504da74SHisping Lin debug("optee select security level success!"); 6297504da74SHisping Lin else 6307504da74SHisping Lin panic("optee select security level fail!"); 6317504da74SHisping Lin 6327504da74SHisping Lin return; 6337504da74SHisping Lin #endif 6347504da74SHisping Lin } 6357504da74SHisping Lin 636d5913350SHisping Lin uint32_t trusty_write_oem_ns_otp(uint32_t byte_off, uint8_t *byte_buf, uint32_t byte_len) 637d5913350SHisping Lin { 638d5913350SHisping Lin TEEC_Result TeecResult; 639d5913350SHisping Lin TEEC_Context TeecContext; 640d5913350SHisping Lin TEEC_Session TeecSession; 641d5913350SHisping Lin uint32_t ErrorOrigin; 642d5913350SHisping Lin 643d5913350SHisping Lin TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 644d5913350SHisping Lin { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 645d5913350SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 646d5913350SHisping Lin TEEC_Operation TeecOperation = {0}; 647d5913350SHisping Lin 648d5913350SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 649d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 650d5913350SHisping Lin return TeecResult; 651d5913350SHisping Lin 652d5913350SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 653d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 654d5913350SHisping Lin return TeecResult; 655d5913350SHisping Lin 656d5913350SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 657d5913350SHisping Lin &TeecSession, 658d5913350SHisping Lin TeecUuid, 659d5913350SHisping Lin TEEC_LOGIN_PUBLIC, 660d5913350SHisping Lin NULL, 661d5913350SHisping Lin NULL, 662d5913350SHisping Lin &ErrorOrigin); 663d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 664d5913350SHisping Lin return TeecResult; 665d5913350SHisping Lin 666d5913350SHisping Lin TeecOperation.params[0].value.a = byte_off; 667d5913350SHisping Lin 668d5913350SHisping Lin TEEC_SharedMemory SharedMem = {0}; 669d5913350SHisping Lin 670d5913350SHisping Lin SharedMem.size = byte_len; 671d5913350SHisping Lin SharedMem.flags = 0; 672d5913350SHisping Lin 673d5913350SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem); 674d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 675d5913350SHisping Lin goto exit; 676d5913350SHisping Lin 677d5913350SHisping Lin TeecOperation.params[1].tmpref.buffer = SharedMem.buffer; 678d5913350SHisping Lin TeecOperation.params[1].tmpref.size = SharedMem.size; 679d5913350SHisping Lin 680d5913350SHisping Lin memcpy(SharedMem.buffer, byte_buf, SharedMem.size); 681d5913350SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 682d5913350SHisping Lin TEEC_MEMREF_TEMP_INPUT, 683d5913350SHisping Lin TEEC_NONE, 684d5913350SHisping Lin TEEC_NONE); 685d5913350SHisping Lin 686d5913350SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 687d5913350SHisping Lin STORAGE_CMD_WRITE_OEM_NS_OTP, 688d5913350SHisping Lin &TeecOperation, 689d5913350SHisping Lin &ErrorOrigin); 690d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 691d5913350SHisping Lin goto exit; 692d5913350SHisping Lin 693d5913350SHisping Lin exit: 694d5913350SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem); 695d5913350SHisping Lin TEEC_CloseSession(&TeecSession); 696d5913350SHisping Lin TEEC_FinalizeContext(&TeecContext); 697d5913350SHisping Lin 698d5913350SHisping Lin return TeecResult; 699d5913350SHisping Lin } 700d5913350SHisping Lin 701d5913350SHisping Lin uint32_t trusty_read_oem_ns_otp(uint32_t byte_off, uint8_t *byte_buf, uint32_t byte_len) 702d5913350SHisping Lin { 703d5913350SHisping Lin TEEC_Result TeecResult; 704d5913350SHisping Lin TEEC_Context TeecContext; 705d5913350SHisping Lin TEEC_Session TeecSession; 706d5913350SHisping Lin uint32_t ErrorOrigin; 707d5913350SHisping Lin 708d5913350SHisping Lin TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 709d5913350SHisping Lin { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 710d5913350SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 711d5913350SHisping Lin TEEC_Operation TeecOperation = {0}; 712d5913350SHisping Lin 713d5913350SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 714d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 715d5913350SHisping Lin return TeecResult; 716d5913350SHisping Lin 717d5913350SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 718d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 719d5913350SHisping Lin return TeecResult; 720d5913350SHisping Lin 721d5913350SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 722d5913350SHisping Lin &TeecSession, 723d5913350SHisping Lin TeecUuid, 724d5913350SHisping Lin TEEC_LOGIN_PUBLIC, 725d5913350SHisping Lin NULL, 726d5913350SHisping Lin NULL, 727d5913350SHisping Lin &ErrorOrigin); 728d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 729d5913350SHisping Lin return TeecResult; 730d5913350SHisping Lin 731d5913350SHisping Lin TeecOperation.params[0].value.a = byte_off; 732d5913350SHisping Lin 733d5913350SHisping Lin TEEC_SharedMemory SharedMem = {0}; 734d5913350SHisping Lin 735d5913350SHisping Lin SharedMem.size = byte_len; 736d5913350SHisping Lin SharedMem.flags = 0; 737d5913350SHisping Lin 738d5913350SHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem); 739d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 740d5913350SHisping Lin goto exit; 741d5913350SHisping Lin 742d5913350SHisping Lin TeecOperation.params[1].tmpref.buffer = SharedMem.buffer; 743d5913350SHisping Lin TeecOperation.params[1].tmpref.size = SharedMem.size; 744d5913350SHisping Lin 745d5913350SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 746d5913350SHisping Lin TEEC_MEMREF_TEMP_OUTPUT, 747d5913350SHisping Lin TEEC_NONE, 748d5913350SHisping Lin TEEC_NONE); 749d5913350SHisping Lin 750d5913350SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 751d5913350SHisping Lin STORAGE_CMD_READ_OEM_NS_OTP, 752d5913350SHisping Lin &TeecOperation, 753d5913350SHisping Lin &ErrorOrigin); 754d5913350SHisping Lin if (TeecResult != TEEC_SUCCESS) 755d5913350SHisping Lin goto exit; 756d5913350SHisping Lin 757d5913350SHisping Lin memcpy(byte_buf, SharedMem.buffer, SharedMem.size); 758d5913350SHisping Lin 759d5913350SHisping Lin exit: 760d5913350SHisping Lin TEEC_ReleaseSharedMemory(&SharedMem); 761d5913350SHisping Lin TEEC_CloseSession(&TeecSession); 762d5913350SHisping Lin TEEC_FinalizeContext(&TeecContext); 763d5913350SHisping Lin 764d5913350SHisping Lin return TeecResult; 765d5913350SHisping Lin } 766d5913350SHisping Lin 76790e849a0Sxb.wang uint32_t trusty_write_oem_otp_key(enum RK_OEM_OTP_KEYID key_id, 768bb1ba6acSHisping Lin uint8_t *byte_buf, uint32_t byte_len) 769bb1ba6acSHisping Lin { 770bb1ba6acSHisping Lin TEEC_Result TeecResult; 771bb1ba6acSHisping Lin TEEC_Context TeecContext; 772bb1ba6acSHisping Lin TEEC_Session TeecSession; 773bb1ba6acSHisping Lin uint32_t ErrorOrigin; 774bb1ba6acSHisping Lin 775bb1ba6acSHisping Lin TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 776bb1ba6acSHisping Lin { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 777bb1ba6acSHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 778bb1ba6acSHisping Lin TEEC_Operation TeecOperation = {0}; 779bb1ba6acSHisping Lin 780bb1ba6acSHisping Lin TeecResult = OpteeClientApiLibInitialize(); 781bb1ba6acSHisping Lin if (TeecResult != TEEC_SUCCESS) 782bb1ba6acSHisping Lin return TeecResult; 783bb1ba6acSHisping Lin 784bb1ba6acSHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 785bb1ba6acSHisping Lin if (TeecResult != TEEC_SUCCESS) 786bb1ba6acSHisping Lin return TeecResult; 787bb1ba6acSHisping Lin 788bb1ba6acSHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 789bb1ba6acSHisping Lin &TeecSession, 790bb1ba6acSHisping Lin TeecUuid, 791bb1ba6acSHisping Lin TEEC_LOGIN_PUBLIC, 792bb1ba6acSHisping Lin NULL, 793bb1ba6acSHisping Lin NULL, 794bb1ba6acSHisping Lin &ErrorOrigin); 795bb1ba6acSHisping Lin if (TeecResult != TEEC_SUCCESS) 796bb1ba6acSHisping Lin return TeecResult; 797bb1ba6acSHisping Lin 798bb1ba6acSHisping Lin TeecOperation.params[0].value.a = key_id; 799bb1ba6acSHisping Lin 800bb1ba6acSHisping Lin TEEC_SharedMemory SharedMem = {0}; 801bb1ba6acSHisping Lin 802bb1ba6acSHisping Lin SharedMem.size = byte_len; 803bb1ba6acSHisping Lin SharedMem.flags = 0; 804bb1ba6acSHisping Lin 805bb1ba6acSHisping Lin TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem); 806bb1ba6acSHisping Lin if (TeecResult != TEEC_SUCCESS) 807bb1ba6acSHisping Lin goto exit; 808bb1ba6acSHisping Lin 809bb1ba6acSHisping Lin TeecOperation.params[1].tmpref.buffer = SharedMem.buffer; 810bb1ba6acSHisping Lin TeecOperation.params[1].tmpref.size = SharedMem.size; 811bb1ba6acSHisping Lin 812bb1ba6acSHisping Lin memcpy(SharedMem.buffer, byte_buf, SharedMem.size); 813bb1ba6acSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 814bb1ba6acSHisping Lin TEEC_MEMREF_TEMP_INPUT, 815bb1ba6acSHisping Lin TEEC_NONE, 816bb1ba6acSHisping Lin TEEC_NONE); 817bb1ba6acSHisping Lin 818bb1ba6acSHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 81990e849a0Sxb.wang STORAGE_CMD_WRITE_OEM_OTP_KEY, 820bb1ba6acSHisping Lin &TeecOperation, 821bb1ba6acSHisping Lin &ErrorOrigin); 822bb1ba6acSHisping Lin if (TeecResult != TEEC_SUCCESS) 823bb1ba6acSHisping Lin goto exit; 824bb1ba6acSHisping Lin 825bb1ba6acSHisping Lin exit: 826bb1ba6acSHisping Lin TEEC_ReleaseSharedMemory(&SharedMem); 827bb1ba6acSHisping Lin TEEC_CloseSession(&TeecSession); 828bb1ba6acSHisping Lin TEEC_FinalizeContext(&TeecContext); 829bb1ba6acSHisping Lin 830bb1ba6acSHisping Lin return TeecResult; 831bb1ba6acSHisping Lin } 832bb1ba6acSHisping Lin 8339deb34f6SHisping Lin uint32_t trusty_oem_otp_key_is_written(enum RK_OEM_OTP_KEYID key_id, uint8_t *value) 8349deb34f6SHisping Lin { 8359deb34f6SHisping Lin TEEC_Result TeecResult; 8369deb34f6SHisping Lin TEEC_Context TeecContext; 8379deb34f6SHisping Lin TEEC_Session TeecSession; 8389deb34f6SHisping Lin uint32_t ErrorOrigin; 8399deb34f6SHisping Lin 8409deb34f6SHisping Lin *value = 0xFF; 8419deb34f6SHisping Lin 8429deb34f6SHisping Lin TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 8439deb34f6SHisping Lin { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 8449deb34f6SHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 8459deb34f6SHisping Lin TEEC_Operation TeecOperation = {0}; 8469deb34f6SHisping Lin 8479deb34f6SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 8489deb34f6SHisping Lin if (TeecResult != TEEC_SUCCESS) 8499deb34f6SHisping Lin return TeecResult; 8509deb34f6SHisping Lin 8519deb34f6SHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 8529deb34f6SHisping Lin if (TeecResult != TEEC_SUCCESS) 8539deb34f6SHisping Lin return TeecResult; 8549deb34f6SHisping Lin 8559deb34f6SHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 8569deb34f6SHisping Lin &TeecSession, 8579deb34f6SHisping Lin TeecUuid, 8589deb34f6SHisping Lin TEEC_LOGIN_PUBLIC, 8599deb34f6SHisping Lin NULL, 8609deb34f6SHisping Lin NULL, 8619deb34f6SHisping Lin &ErrorOrigin); 8629deb34f6SHisping Lin if (TeecResult != TEEC_SUCCESS) 8639deb34f6SHisping Lin return TeecResult; 8649deb34f6SHisping Lin 8659deb34f6SHisping Lin TeecOperation.params[0].value.a = key_id; 8669deb34f6SHisping Lin 8679deb34f6SHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INOUT, 8689deb34f6SHisping Lin TEEC_NONE, 8699deb34f6SHisping Lin TEEC_NONE, 8709deb34f6SHisping Lin TEEC_NONE); 8719deb34f6SHisping Lin 8729deb34f6SHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 8739deb34f6SHisping Lin STORAGE_CMD_OEM_OTP_KEY_IS_WRITTEN, 8749deb34f6SHisping Lin &TeecOperation, 8759deb34f6SHisping Lin &ErrorOrigin); 8769deb34f6SHisping Lin if (TeecResult == TEEC_SUCCESS) 8779deb34f6SHisping Lin *value = TeecOperation.params[0].value.b; 8789deb34f6SHisping Lin 8799deb34f6SHisping Lin TEEC_CloseSession(&TeecSession); 8809deb34f6SHisping Lin TEEC_FinalizeContext(&TeecContext); 8819deb34f6SHisping Lin 8829deb34f6SHisping Lin return TeecResult; 8839deb34f6SHisping Lin } 8849deb34f6SHisping Lin 88590e849a0Sxb.wang uint32_t trusty_set_oem_hr_otp_read_lock(enum RK_OEM_OTP_KEYID key_id) 886a405238aSHisping Lin { 887a405238aSHisping Lin TEEC_Result TeecResult; 888a405238aSHisping Lin TEEC_Context TeecContext; 889a405238aSHisping Lin TEEC_Session TeecSession; 890a405238aSHisping Lin uint32_t ErrorOrigin; 891a405238aSHisping Lin 892a405238aSHisping Lin TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 893a405238aSHisping Lin { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 894a405238aSHisping Lin TEEC_UUID *TeecUuid = &tempuuid; 895a405238aSHisping Lin TEEC_Operation TeecOperation = {0}; 896a405238aSHisping Lin 897a405238aSHisping Lin TeecResult = OpteeClientApiLibInitialize(); 898a405238aSHisping Lin if (TeecResult != TEEC_SUCCESS) 899a405238aSHisping Lin return TeecResult; 900a405238aSHisping Lin 901a405238aSHisping Lin TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 902a405238aSHisping Lin if (TeecResult != TEEC_SUCCESS) 903a405238aSHisping Lin return TeecResult; 904a405238aSHisping Lin 905a405238aSHisping Lin TeecResult = TEEC_OpenSession(&TeecContext, 906a405238aSHisping Lin &TeecSession, 907a405238aSHisping Lin TeecUuid, 908a405238aSHisping Lin TEEC_LOGIN_PUBLIC, 909a405238aSHisping Lin NULL, 910a405238aSHisping Lin NULL, 911a405238aSHisping Lin &ErrorOrigin); 912a405238aSHisping Lin if (TeecResult != TEEC_SUCCESS) 913a405238aSHisping Lin return TeecResult; 914a405238aSHisping Lin 915a405238aSHisping Lin TeecOperation.params[0].value.a = key_id; 916a405238aSHisping Lin 917a405238aSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 918a405238aSHisping Lin TEEC_NONE, 919a405238aSHisping Lin TEEC_NONE, 920a405238aSHisping Lin TEEC_NONE); 921a405238aSHisping Lin 922a405238aSHisping Lin TeecResult = TEEC_InvokeCommand(&TeecSession, 923a405238aSHisping Lin STORAGE_CMD_SET_OEM_HR_OTP_READ_LOCK, 924a405238aSHisping Lin &TeecOperation, 925a405238aSHisping Lin &ErrorOrigin); 926a405238aSHisping Lin if (TeecResult != TEEC_SUCCESS) 927a405238aSHisping Lin goto exit; 928a405238aSHisping Lin 929a405238aSHisping Lin exit: 930a405238aSHisping Lin TEEC_CloseSession(&TeecSession); 931a405238aSHisping Lin TEEC_FinalizeContext(&TeecContext); 932a405238aSHisping Lin 933a405238aSHisping Lin return TeecResult; 934a405238aSHisping Lin } 935a405238aSHisping Lin 9362f8c34bdSxb.wang uint32_t trusty_oem_otp_key_cipher(enum RK_OEM_OTP_KEYID key_id, rk_cipher_config *config, 9372f8c34bdSxb.wang uint32_t src_phys_addr, uint32_t dst_phys_addr, 9382f8c34bdSxb.wang uint32_t len) 939fc3694d6Sxb.wang { 940fc3694d6Sxb.wang TEEC_Result TeecResult; 941fc3694d6Sxb.wang TEEC_Context TeecContext; 942fc3694d6Sxb.wang TEEC_Session TeecSession; 943fc3694d6Sxb.wang TEEC_Operation TeecOperation = {0}; 944fc3694d6Sxb.wang uint32_t ErrorOrigin; 945fc3694d6Sxb.wang TEEC_UUID uuid = RK_CRYPTO_SERVICE_UUID; 946fc3694d6Sxb.wang TEEC_SharedMemory SharedMem_config = {0}; 947fc3694d6Sxb.wang 9482f8c34bdSxb.wang if (key_id != RK_OEM_OTP_KEY0 && 9492f8c34bdSxb.wang key_id != RK_OEM_OTP_KEY1 && 9502f8c34bdSxb.wang key_id != RK_OEM_OTP_KEY2 && 9512f8c34bdSxb.wang key_id != RK_OEM_OTP_KEY3 && 9522f8c34bdSxb.wang key_id != RK_OEM_OTP_KEY_FW) 953fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 954fc3694d6Sxb.wang 9552f8c34bdSxb.wang if (!config) 956fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 957fc3694d6Sxb.wang 958fc3694d6Sxb.wang if (config->algo != RK_ALGO_AES && config->algo != RK_ALGO_SM4) 959fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 960fc3694d6Sxb.wang 961fc3694d6Sxb.wang if (config->mode >= RK_CIPHER_MODE_XTS) 962fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 963fc3694d6Sxb.wang 964fc3694d6Sxb.wang if (config->operation != RK_MODE_ENCRYPT && 965fc3694d6Sxb.wang config->operation != RK_MODE_DECRYPT) 966fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 967fc3694d6Sxb.wang 968fc3694d6Sxb.wang if (config->key_len != 16 && 969fc3694d6Sxb.wang config->key_len != 24 && 970fc3694d6Sxb.wang config->key_len != 32) 971fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 972fc3694d6Sxb.wang 9732f8c34bdSxb.wang if (key_id == RK_OEM_OTP_KEY_FW && config->key_len != 16) 9742f8c34bdSxb.wang return TEEC_ERROR_BAD_PARAMETERS; 9752f8c34bdSxb.wang 9762f8c34bdSxb.wang #if defined(CONFIG_ROCKCHIP_RV1126) 9772f8c34bdSxb.wang if (config->key_len == 24) 9782f8c34bdSxb.wang return TEEC_ERROR_BAD_PARAMETERS; 9792f8c34bdSxb.wang #endif 9802f8c34bdSxb.wang 981fc3694d6Sxb.wang if (len % AES_BLOCK_SIZE || 982fc3694d6Sxb.wang len == 0) 983fc3694d6Sxb.wang return TEEC_ERROR_BAD_PARAMETERS; 984fc3694d6Sxb.wang 9852f8c34bdSxb.wang if (!src_phys_addr || !dst_phys_addr) 9862f8c34bdSxb.wang return TEEC_ERROR_BAD_PARAMETERS; 9872f8c34bdSxb.wang 988fc3694d6Sxb.wang TeecResult = OpteeClientApiLibInitialize(); 989fc3694d6Sxb.wang if (TeecResult != TEEC_SUCCESS) 990fc3694d6Sxb.wang return TeecResult; 991fc3694d6Sxb.wang 992fc3694d6Sxb.wang TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 993fc3694d6Sxb.wang if (TeecResult != TEEC_SUCCESS) 994fc3694d6Sxb.wang return TeecResult; 995fc3694d6Sxb.wang 996fc3694d6Sxb.wang TeecResult = TEEC_OpenSession(&TeecContext, 997fc3694d6Sxb.wang &TeecSession, 998fc3694d6Sxb.wang &uuid, 999fc3694d6Sxb.wang TEEC_LOGIN_PUBLIC, 1000fc3694d6Sxb.wang NULL, 1001fc3694d6Sxb.wang NULL, 1002fc3694d6Sxb.wang &ErrorOrigin); 1003fc3694d6Sxb.wang if (TeecResult != TEEC_SUCCESS) 1004fc3694d6Sxb.wang goto exit; 1005fc3694d6Sxb.wang 1006fc3694d6Sxb.wang SharedMem_config.size = sizeof(rk_cipher_config); 1007fc3694d6Sxb.wang TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem_config); 1008fc3694d6Sxb.wang if (TeecResult != TEEC_SUCCESS) 1009fc3694d6Sxb.wang goto exit; 1010fc3694d6Sxb.wang 1011fc3694d6Sxb.wang memcpy(SharedMem_config.buffer, config, sizeof(rk_cipher_config)); 1012fc3694d6Sxb.wang TeecOperation.params[0].value.a = key_id; 1013fc3694d6Sxb.wang TeecOperation.params[1].tmpref.buffer = SharedMem_config.buffer; 1014fc3694d6Sxb.wang TeecOperation.params[1].tmpref.size = SharedMem_config.size; 10152f8c34bdSxb.wang TeecOperation.params[2].value.a = src_phys_addr; 10162f8c34bdSxb.wang TeecOperation.params[2].value.b = len; 10172f8c34bdSxb.wang TeecOperation.params[3].value.a = dst_phys_addr; 1018fc3694d6Sxb.wang TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 1019fc3694d6Sxb.wang TEEC_MEMREF_TEMP_INPUT, 10202f8c34bdSxb.wang TEEC_VALUE_INPUT, 10212f8c34bdSxb.wang TEEC_VALUE_INPUT); 10222f8c34bdSxb.wang 10232f8c34bdSxb.wang crypto_flush_cacheline(src_phys_addr, len); 10242f8c34bdSxb.wang crypto_flush_cacheline(dst_phys_addr, len); 10252f8c34bdSxb.wang 1026fc3694d6Sxb.wang TeecResult = TEEC_InvokeCommand(&TeecSession, 10272f8c34bdSxb.wang CRYPTO_SERVICE_CMD_OEM_OTP_KEY_PHYS_CIPHER, 1028fc3694d6Sxb.wang &TeecOperation, 1029fc3694d6Sxb.wang &ErrorOrigin); 1030fc3694d6Sxb.wang 1031*a900eef3SHisping Lin crypto_invalidate_cacheline(dst_phys_addr, len); 1032*a900eef3SHisping Lin 1033fc3694d6Sxb.wang exit: 1034fc3694d6Sxb.wang TEEC_ReleaseSharedMemory(&SharedMem_config); 1035fc3694d6Sxb.wang TEEC_CloseSession(&TeecSession); 1036fc3694d6Sxb.wang TEEC_FinalizeContext(&TeecContext); 1037fc3694d6Sxb.wang return TeecResult; 1038fc3694d6Sxb.wang } 1039fc3694d6Sxb.wang 10404aa61755SAndy Ye uint32_t trusty_attest_dh(uint8_t *dh, uint32_t *dh_size) 10414aa61755SAndy Ye { 10424aa61755SAndy Ye TEEC_Result TeecResult; 10434aa61755SAndy Ye TEEC_Context TeecContext; 10444aa61755SAndy Ye TEEC_Session TeecSession; 10454aa61755SAndy Ye uint32_t ErrorOrigin; 10464aa61755SAndy Ye TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 10474aa61755SAndy Ye { 0xa8, 0x69, 0x9c, 0xe6, 10484aa61755SAndy Ye 0x88, 0x6c, 0x5d, 0x5d 10494aa61755SAndy Ye } 10504aa61755SAndy Ye }; 10514aa61755SAndy Ye TEEC_UUID *TeecUuid = &tempuuid; 10524aa61755SAndy Ye TEEC_Operation TeecOperation = {0}; 10533251364cSHisping Lin struct blk_desc *dev_desc; 10543251364cSHisping Lin dev_desc = rockchip_get_bootdev(); 10556651d4c0SJason Zhu if (!dev_desc) { 10566651d4c0SJason Zhu printf("%s: dev_desc is NULL!\n", __func__); 10576651d4c0SJason Zhu return -TEEC_ERROR_GENERIC; 10586651d4c0SJason Zhu } 10594aa61755SAndy Ye 1060f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 1061f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1062f4e1db95SHisping Lin return TeecResult; 10634aa61755SAndy Ye 10644aa61755SAndy Ye TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 1065f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1066f4e1db95SHisping Lin return TeecResult; 10674aa61755SAndy Ye 10683251364cSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 10693251364cSHisping Lin TEEC_NONE, 10703251364cSHisping Lin TEEC_NONE, 10713251364cSHisping Lin TEEC_NONE); 10723251364cSHisping Lin /*0 nand or emmc "security" partition , 1 rpmb*/ 1073b9a7e756SHisping Lin if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 1074b9a7e756SHisping Lin TeecOperation.params[0].value.a = 1; 1075b9a7e756SHisping Lin else 1076b9a7e756SHisping Lin TeecOperation.params[0].value.a = 0; 1077b9a7e756SHisping Lin 10783251364cSHisping Lin #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 10793251364cSHisping Lin TeecOperation.params[0].value.a = 0; 10803251364cSHisping Lin #endif 10813251364cSHisping Lin 10824aa61755SAndy Ye TeecResult = TEEC_OpenSession(&TeecContext, 10834aa61755SAndy Ye &TeecSession, 10844aa61755SAndy Ye TeecUuid, 10854aa61755SAndy Ye TEEC_LOGIN_PUBLIC, 10864aa61755SAndy Ye NULL, 10873251364cSHisping Lin &TeecOperation, 10884aa61755SAndy Ye &ErrorOrigin); 1089f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1090f4e1db95SHisping Lin return TeecResult; 10914aa61755SAndy Ye 10924aa61755SAndy Ye TEEC_SharedMemory SharedMem0 = {0}; 10934aa61755SAndy Ye 10944aa61755SAndy Ye SharedMem0.size = *dh_size; 10954aa61755SAndy Ye SharedMem0.flags = 0; 10964aa61755SAndy Ye 10974aa61755SAndy Ye TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1098f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1099f4e1db95SHisping Lin goto exit; 11004aa61755SAndy Ye 11014aa61755SAndy Ye TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 11024aa61755SAndy Ye TeecOperation.params[0].tmpref.size = SharedMem0.size; 11034aa61755SAndy Ye 11044aa61755SAndy Ye TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 11054aa61755SAndy Ye TEEC_NONE, 11064aa61755SAndy Ye TEEC_NONE, 11074aa61755SAndy Ye TEEC_NONE); 11084aa61755SAndy Ye 11094aa61755SAndy Ye TeecResult = TEEC_InvokeCommand(&TeecSession, 11104aa61755SAndy Ye 143, 11114aa61755SAndy Ye &TeecOperation, 11124aa61755SAndy Ye &ErrorOrigin); 1113f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1114f4e1db95SHisping Lin goto exit; 11154aa61755SAndy Ye 11164aa61755SAndy Ye *dh_size = TeecOperation.params[0].tmpref.size; 11174aa61755SAndy Ye memcpy(dh, SharedMem0.buffer, SharedMem0.size); 1118f4e1db95SHisping Lin exit: 11194aa61755SAndy Ye TEEC_ReleaseSharedMemory(&SharedMem0); 11204aa61755SAndy Ye TEEC_CloseSession(&TeecSession); 1121f4e1db95SHisping Lin TEEC_FinalizeContext(&TeecContext); 11224aa61755SAndy Ye 11234aa61755SAndy Ye return TeecResult; 11244aa61755SAndy Ye } 11254aa61755SAndy Ye 11264aa61755SAndy Ye uint32_t trusty_attest_uuid(uint8_t *uuid, uint32_t *uuid_size) 11274aa61755SAndy Ye { 11284aa61755SAndy Ye TEEC_Result TeecResult; 11294aa61755SAndy Ye TEEC_Context TeecContext; 11304aa61755SAndy Ye TEEC_Session TeecSession; 11314aa61755SAndy Ye uint32_t ErrorOrigin; 11324aa61755SAndy Ye TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 11334aa61755SAndy Ye { 0xa8, 0x69, 0x9c, 0xe6, 11344aa61755SAndy Ye 0x88, 0x6c, 0x5d, 0x5d 11354aa61755SAndy Ye } 11364aa61755SAndy Ye }; 11374aa61755SAndy Ye TEEC_UUID *TeecUuid = &tempuuid; 11384aa61755SAndy Ye TEEC_Operation TeecOperation = {0}; 11393251364cSHisping Lin struct blk_desc *dev_desc; 11403251364cSHisping Lin dev_desc = rockchip_get_bootdev(); 11416651d4c0SJason Zhu if (!dev_desc) { 11426651d4c0SJason Zhu printf("%s: dev_desc is NULL!\n", __func__); 11436651d4c0SJason Zhu return -TEEC_ERROR_GENERIC; 11446651d4c0SJason Zhu } 11454aa61755SAndy Ye 1146f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 1147f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1148f4e1db95SHisping Lin return TeecResult; 11494aa61755SAndy Ye 11504aa61755SAndy Ye TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 1151f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1152f4e1db95SHisping Lin return TeecResult; 11534aa61755SAndy Ye 11543251364cSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 11553251364cSHisping Lin TEEC_NONE, 11563251364cSHisping Lin TEEC_NONE, 11573251364cSHisping Lin TEEC_NONE); 11583251364cSHisping Lin /*0 nand or emmc "security" partition , 1 rpmb*/ 1159b9a7e756SHisping Lin if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 1160b9a7e756SHisping Lin TeecOperation.params[0].value.a = 1; 1161b9a7e756SHisping Lin else 1162b9a7e756SHisping Lin TeecOperation.params[0].value.a = 0; 1163b9a7e756SHisping Lin 11643251364cSHisping Lin #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 11653251364cSHisping Lin TeecOperation.params[0].value.a = 0; 11663251364cSHisping Lin #endif 11673251364cSHisping Lin 11684aa61755SAndy Ye TeecResult = TEEC_OpenSession(&TeecContext, 11694aa61755SAndy Ye &TeecSession, 11704aa61755SAndy Ye TeecUuid, 11714aa61755SAndy Ye TEEC_LOGIN_PUBLIC, 11724aa61755SAndy Ye NULL, 11733251364cSHisping Lin &TeecOperation, 11744aa61755SAndy Ye &ErrorOrigin); 1175f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1176f4e1db95SHisping Lin return TeecResult; 11774aa61755SAndy Ye 11784aa61755SAndy Ye TEEC_SharedMemory SharedMem0 = {0}; 11794aa61755SAndy Ye 11804aa61755SAndy Ye SharedMem0.size = *uuid_size; 11814aa61755SAndy Ye SharedMem0.flags = 0; 11824aa61755SAndy Ye 11834aa61755SAndy Ye TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1184f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1185f4e1db95SHisping Lin goto exit; 11864aa61755SAndy Ye 11874aa61755SAndy Ye TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 11884aa61755SAndy Ye TeecOperation.params[0].tmpref.size = SharedMem0.size; 11894aa61755SAndy Ye 11904aa61755SAndy Ye TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 11914aa61755SAndy Ye TEEC_NONE, 11924aa61755SAndy Ye TEEC_NONE, 11934aa61755SAndy Ye TEEC_NONE); 11944aa61755SAndy Ye 11954aa61755SAndy Ye TeecResult = TEEC_InvokeCommand(&TeecSession, 11964aa61755SAndy Ye 144, 11974aa61755SAndy Ye &TeecOperation, 11984aa61755SAndy Ye &ErrorOrigin); 1199f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1200f4e1db95SHisping Lin goto exit; 12014aa61755SAndy Ye 12024aa61755SAndy Ye *uuid_size = TeecOperation.params[0].tmpref.size; 12034aa61755SAndy Ye memcpy(uuid, SharedMem0.buffer, SharedMem0.size); 1204f4e1db95SHisping Lin exit: 12054aa61755SAndy Ye TEEC_ReleaseSharedMemory(&SharedMem0); 12064aa61755SAndy Ye TEEC_CloseSession(&TeecSession); 1207f4e1db95SHisping Lin TEEC_FinalizeContext(&TeecContext); 12084aa61755SAndy Ye 12094aa61755SAndy Ye return TeecResult; 12104aa61755SAndy Ye } 12114aa61755SAndy Ye 12124aa61755SAndy Ye uint32_t trusty_attest_get_ca(uint8_t *operation_start, 12134aa61755SAndy Ye uint32_t *operation_size, 12144aa61755SAndy Ye uint8_t *out, 12154aa61755SAndy Ye uint32_t *out_len) 12164aa61755SAndy Ye { 12174aa61755SAndy Ye TEEC_Result TeecResult; 12184aa61755SAndy Ye TEEC_Context TeecContext; 12194aa61755SAndy Ye TEEC_Session TeecSession; 12204aa61755SAndy Ye uint32_t ErrorOrigin; 12214aa61755SAndy Ye 12224aa61755SAndy Ye TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 12234aa61755SAndy Ye { 0xa8, 0x69, 0x9c, 0xe6, 12244aa61755SAndy Ye 0x88, 0x6c, 0x5d, 0x5d 12254aa61755SAndy Ye } 12264aa61755SAndy Ye }; 12274aa61755SAndy Ye 12284aa61755SAndy Ye TEEC_UUID *TeecUuid = &tempuuid; 12294aa61755SAndy Ye TEEC_Operation TeecOperation = {0}; 12303251364cSHisping Lin struct blk_desc *dev_desc; 12313251364cSHisping Lin dev_desc = rockchip_get_bootdev(); 12326651d4c0SJason Zhu if (!dev_desc) { 12336651d4c0SJason Zhu printf("%s: dev_desc is NULL!\n", __func__); 12346651d4c0SJason Zhu return -TEEC_ERROR_GENERIC; 12356651d4c0SJason Zhu } 12364aa61755SAndy Ye 1237f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 1238f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1239f4e1db95SHisping Lin return TeecResult; 12404aa61755SAndy Ye 12414aa61755SAndy Ye TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 1242f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1243f4e1db95SHisping Lin return TeecResult; 12444aa61755SAndy Ye 12453251364cSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 12463251364cSHisping Lin TEEC_NONE, 12473251364cSHisping Lin TEEC_NONE, 12483251364cSHisping Lin TEEC_NONE); 12493251364cSHisping Lin /*0 nand or emmc "security" partition , 1 rpmb*/ 1250b9a7e756SHisping Lin if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 1251b9a7e756SHisping Lin TeecOperation.params[0].value.a = 1; 1252b9a7e756SHisping Lin else 1253b9a7e756SHisping Lin TeecOperation.params[0].value.a = 0; 1254b9a7e756SHisping Lin 12553251364cSHisping Lin #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 12563251364cSHisping Lin TeecOperation.params[0].value.a = 0; 12573251364cSHisping Lin #endif 12583251364cSHisping Lin 12594aa61755SAndy Ye TeecResult = TEEC_OpenSession(&TeecContext, 12604aa61755SAndy Ye &TeecSession, 12614aa61755SAndy Ye TeecUuid, 12624aa61755SAndy Ye TEEC_LOGIN_PUBLIC, 12634aa61755SAndy Ye NULL, 12643251364cSHisping Lin &TeecOperation, 12654aa61755SAndy Ye &ErrorOrigin); 1266f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1267f4e1db95SHisping Lin return TeecResult; 12684aa61755SAndy Ye 12694aa61755SAndy Ye TEEC_SharedMemory SharedMem0 = {0}; 12704aa61755SAndy Ye 12714aa61755SAndy Ye SharedMem0.size = *operation_size; 12724aa61755SAndy Ye SharedMem0.flags = 0; 12734aa61755SAndy Ye 12744aa61755SAndy Ye TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1275f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1276f4e1db95SHisping Lin goto exit; 12774aa61755SAndy Ye 12784aa61755SAndy Ye memcpy(SharedMem0.buffer, operation_start, SharedMem0.size); 12794aa61755SAndy Ye 12804aa61755SAndy Ye TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 12814aa61755SAndy Ye TeecOperation.params[0].tmpref.size = SharedMem0.size; 12824aa61755SAndy Ye 12834aa61755SAndy Ye TEEC_SharedMemory SharedMem1 = {0}; 12844aa61755SAndy Ye 12854aa61755SAndy Ye SharedMem1.size = *out_len; 12864aa61755SAndy Ye SharedMem1.flags = 0; 12874aa61755SAndy Ye 12884aa61755SAndy Ye TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem1); 1289f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1290f4e1db95SHisping Lin goto exit; 12914aa61755SAndy Ye 12924aa61755SAndy Ye TeecOperation.params[1].tmpref.buffer = SharedMem1.buffer; 12934aa61755SAndy Ye TeecOperation.params[1].tmpref.size = SharedMem1.size; 12944aa61755SAndy Ye 12954aa61755SAndy Ye TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 12964aa61755SAndy Ye TEEC_MEMREF_TEMP_INOUT, 12974aa61755SAndy Ye TEEC_NONE, 12984aa61755SAndy Ye TEEC_NONE); 12994aa61755SAndy Ye 13004aa61755SAndy Ye TeecResult = TEEC_InvokeCommand(&TeecSession, 13014aa61755SAndy Ye 145, 13024aa61755SAndy Ye &TeecOperation, 13034aa61755SAndy Ye &ErrorOrigin); 1304f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1305f4e1db95SHisping Lin goto exit; 13064aa61755SAndy Ye 13074aa61755SAndy Ye *out_len = TeecOperation.params[1].tmpref.size; 13084aa61755SAndy Ye memcpy(out, SharedMem1.buffer, SharedMem1.size); 1309f4e1db95SHisping Lin exit: 13104aa61755SAndy Ye TEEC_ReleaseSharedMemory(&SharedMem0); 13114aa61755SAndy Ye TEEC_ReleaseSharedMemory(&SharedMem1); 1312f4e1db95SHisping Lin TEEC_CloseSession(&TeecSession); 1313f4e1db95SHisping Lin TEEC_FinalizeContext(&TeecContext); 13144aa61755SAndy Ye 13154aa61755SAndy Ye return TeecResult; 13164aa61755SAndy Ye } 13174aa61755SAndy Ye 13184aa61755SAndy Ye uint32_t trusty_attest_set_ca(uint8_t *ca_response, uint32_t *ca_response_size) 13194aa61755SAndy Ye { 13204aa61755SAndy Ye TEEC_Result TeecResult; 13214aa61755SAndy Ye TEEC_Context TeecContext; 13224aa61755SAndy Ye TEEC_Session TeecSession; 13234aa61755SAndy Ye uint32_t ErrorOrigin; 13244aa61755SAndy Ye TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 13254aa61755SAndy Ye { 0xa8, 0x69, 0x9c, 0xe6, 13264aa61755SAndy Ye 0x88, 0x6c, 0x5d, 0x5d 13274aa61755SAndy Ye } 13284aa61755SAndy Ye }; 13294aa61755SAndy Ye TEEC_UUID *TeecUuid = &tempuuid; 13304aa61755SAndy Ye TEEC_Operation TeecOperation = {0}; 13313251364cSHisping Lin struct blk_desc *dev_desc; 13323251364cSHisping Lin dev_desc = rockchip_get_bootdev(); 13336651d4c0SJason Zhu if (!dev_desc) { 13346651d4c0SJason Zhu printf("%s: dev_desc is NULL!\n", __func__); 13356651d4c0SJason Zhu return -TEEC_ERROR_GENERIC; 13366651d4c0SJason Zhu } 1337f4e1db95SHisping Lin TeecResult = OpteeClientApiLibInitialize(); 1338f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1339f4e1db95SHisping Lin return TeecResult; 13404aa61755SAndy Ye 13414aa61755SAndy Ye TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 1342f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1343f4e1db95SHisping Lin return TeecResult; 13444aa61755SAndy Ye 13453251364cSHisping Lin TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 13463251364cSHisping Lin TEEC_NONE, 13473251364cSHisping Lin TEEC_NONE, 13483251364cSHisping Lin TEEC_NONE); 13493251364cSHisping Lin /*0 nand or emmc "security" partition , 1 rpmb*/ 1350b9a7e756SHisping Lin if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 1351b9a7e756SHisping Lin TeecOperation.params[0].value.a = 1; 1352b9a7e756SHisping Lin else 1353b9a7e756SHisping Lin TeecOperation.params[0].value.a = 0; 1354b9a7e756SHisping Lin 13553251364cSHisping Lin #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 13563251364cSHisping Lin TeecOperation.params[0].value.a = 0; 13573251364cSHisping Lin #endif 13583251364cSHisping Lin 13594aa61755SAndy Ye TeecResult = TEEC_OpenSession(&TeecContext, 13604aa61755SAndy Ye &TeecSession, 13614aa61755SAndy Ye TeecUuid, 13624aa61755SAndy Ye TEEC_LOGIN_PUBLIC, 13634aa61755SAndy Ye NULL, 13643251364cSHisping Lin &TeecOperation, 13654aa61755SAndy Ye &ErrorOrigin); 1366f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1367f4e1db95SHisping Lin return TeecResult; 13684aa61755SAndy Ye 13694aa61755SAndy Ye TEEC_SharedMemory SharedMem0 = {0}; 13704aa61755SAndy Ye 13714aa61755SAndy Ye SharedMem0.size = *ca_response_size; 13724aa61755SAndy Ye SharedMem0.flags = 0; 13734aa61755SAndy Ye 13744aa61755SAndy Ye TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1375f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1376f4e1db95SHisping Lin goto exit; 13774aa61755SAndy Ye 13784aa61755SAndy Ye memcpy(SharedMem0.buffer, ca_response, SharedMem0.size); 13794aa61755SAndy Ye 13804aa61755SAndy Ye TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 13814aa61755SAndy Ye TeecOperation.params[0].tmpref.size = SharedMem0.size; 13824aa61755SAndy Ye 13834aa61755SAndy Ye TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 13844aa61755SAndy Ye TEEC_NONE, 13854aa61755SAndy Ye TEEC_NONE, 13864aa61755SAndy Ye TEEC_NONE); 13874aa61755SAndy Ye 13884aa61755SAndy Ye TeecResult = TEEC_InvokeCommand(&TeecSession, 13894aa61755SAndy Ye 146, 13904aa61755SAndy Ye &TeecOperation, 13914aa61755SAndy Ye &ErrorOrigin); 1392f4e1db95SHisping Lin if (TeecResult != TEEC_SUCCESS) 1393f4e1db95SHisping Lin goto exit; 1394f4e1db95SHisping Lin exit: 13954aa61755SAndy Ye TEEC_ReleaseSharedMemory(&SharedMem0); 13964aa61755SAndy Ye TEEC_CloseSession(&TeecSession); 1397f4e1db95SHisping Lin TEEC_FinalizeContext(&TeecContext); 13984aa61755SAndy Ye 13994aa61755SAndy Ye return TeecResult; 14004aa61755SAndy Ye } 1401