1 /* 2 * Copyright 2017, Rockchip Electronics Co., Ltd 3 * hisping lin, <hisping.lin@rock-chips.com> 4 * 5 * SPDX-License-Identifier: GPL-2.0+ 6 */ 7 8 #include <common.h> 9 #include <optee_include/OpteeClientInterface.h> 10 #include <optee_include/OpteeClientApiLib.h> 11 #include <optee_include/tee_client_api.h> 12 #include <optee_include/tee_api_defines.h> 13 #include <boot_rkimg.h> 14 #include <stdlib.h> 15 #include <attestation_key.h> 16 17 #define BOOT_FROM_EMMC (1 << 1) 18 #define STORAGE_CMD_READ_ATTRIBUTE_HASH 0 19 #define STORAGE_CMD_WRITE_ATTRIBUTE_HASH 1 20 #define STORAGE_CMD_UBOOT_END_OTP 2 21 #define STORAGE_CMD_READ_VBOOTKEY_HASH 3 22 #define STORAGE_CMD_WRITE_VBOOTKEY_HASH 4 23 #define STORAGE_CMD_READ_ENABLE_FLAG 5 24 #define STORAGE_CMD_WRITE_TA_ENCRYPTION_KEY 9 25 #define STORAGE_CMD_CHECK_SECURITY_LEVEL_FLAG 10 26 #define STORAGE_CMD_WRITE_OEM_HUK 11 27 #define STORAGE_CMD_WRITE_OEM_NS_OTP 12 28 #define STORAGE_CMD_READ_OEM_NS_OTP 13 29 #define STORAGE_CMD_WRITE_OEM_OTP_KEY 14 30 #define STORAGE_CMD_SET_OEM_HR_OTP_READ_LOCK 15 31 #define STORAGE_CMD_OEM_OTP_KEY_IS_WRITTEN 16 32 33 #define CRYPTO_SERVICE_CMD_OEM_OTP_KEY_PHYS_CIPHER 0x00000002 34 35 #define RK_CRYPTO_SERVICE_UUID { 0x0cacdb5d, 0x4fea, 0x466c, \ 36 { 0x97, 0x16, 0x3d, 0x54, 0x16, 0x52, 0x83, 0x0f } } 37 38 static uint8_t b2hs_add_base(uint8_t in) 39 { 40 if (in > 9) 41 return in + 55; 42 else 43 return in + 48; 44 } 45 46 static uint32_t b2hs(uint8_t *b, uint8_t *hs, uint32_t blen, uint32_t hslen) 47 { 48 uint32_t i = 0; 49 50 if (blen * 2 + 1 > hslen) 51 return 0; 52 53 for (; i < blen; i++) { 54 hs[i * 2 + 1] = b2hs_add_base(b[i] & 0xf); 55 hs[i * 2] = b2hs_add_base(b[i] >> 4); 56 } 57 hs[blen * 2] = 0; 58 59 return blen * 2; 60 } 61 62 static void crypto_flush_cacheline(uint32_t addr, uint32_t size) 63 { 64 ulong alignment = CONFIG_SYS_CACHELINE_SIZE; 65 ulong aligned_input, aligned_len; 66 67 if (!addr || !size) 68 return; 69 70 /* Must flush dcache before crypto DMA fetch data region */ 71 aligned_input = round_down(addr, alignment); 72 aligned_len = round_up(size + (addr - aligned_input), alignment); 73 flush_cache(aligned_input, aligned_len); 74 } 75 76 static uint32_t trusty_base_write_security_data(char *filename, 77 uint32_t filename_size, 78 uint8_t *data, 79 uint32_t data_size) 80 { 81 TEEC_Result TeecResult; 82 TEEC_Context TeecContext; 83 TEEC_Session TeecSession; 84 uint32_t ErrorOrigin; 85 TEEC_UUID tempuuid = { 0x1b484ea5, 0x698b, 0x4142, 86 { 0x82, 0xb8, 0x3a, 0xcf, 0x16, 0xe9, 0x9e, 0x2a } }; 87 TEEC_UUID *TeecUuid = &tempuuid; 88 TEEC_Operation TeecOperation = {0}; 89 struct blk_desc *dev_desc; 90 dev_desc = rockchip_get_bootdev(); 91 if (!dev_desc) { 92 printf("%s: dev_desc is NULL!\n", __func__); 93 return -TEEC_ERROR_GENERIC; 94 } 95 96 TeecResult = OpteeClientApiLibInitialize(); 97 if (TeecResult != TEEC_SUCCESS) 98 return TeecResult; 99 100 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 101 if (TeecResult != TEEC_SUCCESS) 102 return TeecResult; 103 104 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 105 TEEC_NONE, 106 TEEC_NONE, 107 TEEC_NONE); 108 /*0 nand or emmc "security" partition , 1 rpmb*/ 109 if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 110 TeecOperation.params[0].value.a = 1; 111 else 112 TeecOperation.params[0].value.a = 0; 113 #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 114 TeecOperation.params[0].value.a = 0; 115 #endif 116 117 TeecResult = TEEC_OpenSession(&TeecContext, 118 &TeecSession, 119 TeecUuid, 120 TEEC_LOGIN_PUBLIC, 121 NULL, 122 &TeecOperation, 123 &ErrorOrigin); 124 if (TeecResult != TEEC_SUCCESS) 125 return TeecResult; 126 127 TEEC_SharedMemory SharedMem0 = {0}; 128 129 SharedMem0.size = filename_size; 130 SharedMem0.flags = 0; 131 132 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 133 if (TeecResult != TEEC_SUCCESS) 134 goto exit; 135 136 memcpy(SharedMem0.buffer, filename, SharedMem0.size); 137 138 TEEC_SharedMemory SharedMem1 = {0}; 139 140 SharedMem1.size = data_size; 141 SharedMem1.flags = 0; 142 143 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem1); 144 if (TeecResult != TEEC_SUCCESS) 145 goto exit; 146 147 memcpy(SharedMem1.buffer, data, SharedMem1.size); 148 149 TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 150 TeecOperation.params[0].tmpref.size = SharedMem0.size; 151 152 TeecOperation.params[1].tmpref.buffer = SharedMem1.buffer; 153 TeecOperation.params[1].tmpref.size = SharedMem1.size; 154 155 156 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT, 157 TEEC_MEMREF_TEMP_INOUT, 158 TEEC_NONE, 159 TEEC_NONE); 160 161 TeecResult = TEEC_InvokeCommand(&TeecSession, 162 1, 163 &TeecOperation, 164 &ErrorOrigin); 165 if (TeecResult != TEEC_SUCCESS) 166 goto exit; 167 exit: 168 TEEC_ReleaseSharedMemory(&SharedMem0); 169 TEEC_ReleaseSharedMemory(&SharedMem1); 170 TEEC_CloseSession(&TeecSession); 171 TEEC_FinalizeContext(&TeecContext); 172 173 return TeecResult; 174 } 175 176 static uint32_t trusty_base_read_security_data(char *filename, 177 uint32_t filename_size, 178 uint8_t *data, 179 uint32_t data_size) 180 { 181 TEEC_Result TeecResult; 182 TEEC_Context TeecContext; 183 TEEC_Session TeecSession; 184 uint32_t ErrorOrigin; 185 TEEC_UUID tempuuid = { 0x1b484ea5, 0x698b, 0x4142, 186 { 0x82, 0xb8, 0x3a, 0xcf, 0x16, 0xe9, 0x9e, 0x2a } }; 187 TEEC_UUID *TeecUuid = &tempuuid; 188 TEEC_Operation TeecOperation = {0}; 189 190 struct blk_desc *dev_desc; 191 dev_desc = rockchip_get_bootdev(); 192 if (!dev_desc) { 193 printf("%s: dev_desc is NULL!\n", __func__); 194 return -TEEC_ERROR_GENERIC; 195 } 196 197 TeecResult = OpteeClientApiLibInitialize(); 198 if (TeecResult != TEEC_SUCCESS) 199 return TeecResult; 200 201 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 202 if (TeecResult != TEEC_SUCCESS) 203 return TeecResult; 204 205 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 206 TEEC_NONE, 207 TEEC_NONE, 208 TEEC_NONE); 209 /*0 nand or emmc "security" partition , 1 rpmb*/ 210 if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 211 TeecOperation.params[0].value.a = 1; 212 else 213 TeecOperation.params[0].value.a = 0; 214 #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 215 TeecOperation.params[0].value.a = 0; 216 #endif 217 218 TeecResult = TEEC_OpenSession(&TeecContext, 219 &TeecSession, 220 TeecUuid, 221 TEEC_LOGIN_PUBLIC, 222 NULL, 223 &TeecOperation, 224 &ErrorOrigin); 225 if (TeecResult != TEEC_SUCCESS) 226 return TeecResult; 227 228 TEEC_SharedMemory SharedMem0 = {0}; 229 230 SharedMem0.size = filename_size; 231 SharedMem0.flags = 0; 232 233 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 234 if (TeecResult != TEEC_SUCCESS) 235 goto exit; 236 237 memcpy(SharedMem0.buffer, filename, SharedMem0.size); 238 239 TEEC_SharedMemory SharedMem1 = {0}; 240 241 SharedMem1.size = data_size; 242 SharedMem1.flags = 0; 243 244 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem1); 245 if (TeecResult != TEEC_SUCCESS) 246 goto exit; 247 248 TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 249 TeecOperation.params[0].tmpref.size = SharedMem0.size; 250 251 TeecOperation.params[1].tmpref.buffer = SharedMem1.buffer; 252 TeecOperation.params[1].tmpref.size = SharedMem1.size; 253 254 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT, 255 TEEC_MEMREF_TEMP_INOUT, 256 TEEC_NONE, 257 TEEC_NONE); 258 259 TeecResult = TEEC_InvokeCommand(&TeecSession, 260 0, 261 &TeecOperation, 262 &ErrorOrigin); 263 if (TeecResult == TEEC_SUCCESS) 264 memcpy(data, SharedMem1.buffer, SharedMem1.size); 265 exit: 266 TEEC_ReleaseSharedMemory(&SharedMem0); 267 TEEC_ReleaseSharedMemory(&SharedMem1); 268 TEEC_CloseSession(&TeecSession); 269 TEEC_FinalizeContext(&TeecContext); 270 271 return TeecResult; 272 } 273 274 static uint32_t trusty_base_end_security_data(void) 275 { 276 TEEC_Result TeecResult; 277 TEEC_Context TeecContext; 278 TEEC_Session TeecSession; 279 uint32_t ErrorOrigin; 280 TEEC_UUID tempuuid = { 0x1b484ea5, 0x698b, 0x4142, 281 { 0x82, 0xb8, 0x3a, 0xcf, 0x16, 0xe9, 0x9e, 0x2a } }; 282 TEEC_UUID *TeecUuid = &tempuuid; 283 TEEC_Operation TeecOperation = {0}; 284 285 TeecResult = OpteeClientApiLibInitialize(); 286 if (TeecResult != TEEC_SUCCESS) 287 return TeecResult; 288 289 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 290 if (TeecResult != TEEC_SUCCESS) 291 return TeecResult; 292 293 TeecResult = TEEC_OpenSession(&TeecContext, 294 &TeecSession, 295 TeecUuid, 296 TEEC_LOGIN_PUBLIC, 297 NULL, 298 NULL, 299 &ErrorOrigin); 300 if (TeecResult != TEEC_SUCCESS) 301 return TeecResult; 302 303 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_NONE, 304 TEEC_NONE, 305 TEEC_NONE, 306 TEEC_NONE); 307 308 TeecResult = TEEC_InvokeCommand(&TeecSession, 309 2, 310 &TeecOperation, 311 &ErrorOrigin); 312 if (TeecResult != TEEC_SUCCESS) 313 goto exit; 314 exit: 315 TEEC_CloseSession(&TeecSession); 316 TEEC_FinalizeContext(&TeecContext); 317 318 return TeecResult; 319 } 320 321 uint32_t trusty_read_rollback_index(uint32_t slot, uint64_t *value) 322 { 323 char hs[9]; 324 325 b2hs((uint8_t *)&slot, (uint8_t *)hs, 4, 9); 326 327 return trusty_base_read_security_data(hs, 8, (uint8_t *)value, 8); 328 } 329 330 uint32_t trusty_write_rollback_index(uint32_t slot, uint64_t value) 331 { 332 char hs[9]; 333 334 b2hs((uint8_t *)&slot, (uint8_t *)hs, 4, 9); 335 336 return trusty_base_write_security_data(hs, 8, (uint8_t *)&value, 8); 337 } 338 339 uint32_t trusty_read_permanent_attributes(uint8_t *attributes, uint32_t size) 340 { 341 return trusty_base_read_security_data("attributes", 342 sizeof("attributes"), attributes, size); 343 } 344 345 uint32_t trusty_write_permanent_attributes(uint8_t *attributes, uint32_t size) 346 { 347 return trusty_base_write_security_data("attributes", 348 sizeof("attributes"), attributes, size); 349 } 350 351 uint32_t trusty_read_permanent_attributes_flag(uint8_t *attributes) 352 { 353 return trusty_base_read_security_data("attributes_flag", 354 sizeof("attributes_flag"), attributes, 1); 355 } 356 357 uint32_t trusty_write_permanent_attributes_flag(uint8_t attributes) 358 { 359 return trusty_base_write_security_data("attributes_flag", 360 sizeof("attributes_flag"), &attributes, 1); 361 } 362 363 uint32_t trusty_read_permanent_attributes_cer(uint8_t *attributes, 364 uint32_t size) 365 { 366 return trusty_base_read_security_data("rsacer", 367 sizeof("rsacer"), attributes, size); 368 } 369 370 uint32_t trusty_write_permanent_attributes_cer(uint8_t *attributes, 371 uint32_t size) 372 { 373 return trusty_base_write_security_data("rsacer", 374 sizeof("rsacer"), attributes, size); 375 } 376 377 uint32_t trusty_read_lock_state(uint8_t *lock_state) 378 { 379 return trusty_base_read_security_data("lock_state", 380 sizeof("lock_state"), lock_state, 1); 381 } 382 383 uint32_t trusty_write_lock_state(uint8_t lock_state) 384 { 385 return trusty_base_write_security_data("lock_state", 386 sizeof("lock_state"), &lock_state, 1); 387 } 388 389 uint32_t trusty_read_flash_lock_state(uint8_t *flash_lock_state) 390 { 391 return trusty_base_read_security_data("flash_lock_state", 392 sizeof("flash_lock_state"), flash_lock_state, 1); 393 } 394 395 uint32_t trusty_write_flash_lock_state(uint8_t flash_lock_state) 396 { 397 return trusty_base_write_security_data("flash_lock_state", 398 sizeof("flash_lock_state"), &flash_lock_state, 1); 399 } 400 401 static uint32_t trusty_base_end_efuse_or_otp(void) 402 { 403 TEEC_Result TeecResult; 404 TEEC_Context TeecContext; 405 TEEC_Session TeecSession; 406 uint32_t ErrorOrigin; 407 TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 408 { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 409 410 TEEC_UUID *TeecUuid = &tempuuid; 411 TEEC_Operation TeecOperation = {0}; 412 413 TeecResult = OpteeClientApiLibInitialize(); 414 if (TeecResult != TEEC_SUCCESS) 415 return TeecResult; 416 417 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 418 if (TeecResult != TEEC_SUCCESS) 419 return TeecResult; 420 421 TeecResult = TEEC_OpenSession(&TeecContext, 422 &TeecSession, 423 TeecUuid, 424 TEEC_LOGIN_PUBLIC, 425 NULL, 426 NULL, 427 &ErrorOrigin); 428 if (TeecResult != TEEC_SUCCESS) 429 return TeecResult; 430 431 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_NONE, 432 TEEC_NONE, 433 TEEC_NONE, 434 TEEC_NONE); 435 436 TeecResult = TEEC_InvokeCommand(&TeecSession, 437 STORAGE_CMD_UBOOT_END_OTP, 438 &TeecOperation, 439 &ErrorOrigin); 440 if (TeecResult != TEEC_SUCCESS) 441 goto exit; 442 exit: 443 TEEC_CloseSession(&TeecSession); 444 TEEC_FinalizeContext(&TeecContext); 445 446 return TeecResult; 447 } 448 449 static uint32_t trusty_base_efuse_or_otp_operation(uint32_t cmd, 450 uint8_t is_write, 451 uint32_t *buf, 452 uint32_t length) 453 { 454 TEEC_Result TeecResult; 455 TEEC_Context TeecContext; 456 TEEC_Session TeecSession; 457 uint32_t ErrorOrigin; 458 459 TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 460 { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 461 TEEC_UUID *TeecUuid = &tempuuid; 462 TEEC_Operation TeecOperation = {0}; 463 464 TeecResult = OpteeClientApiLibInitialize(); 465 if (TeecResult != TEEC_SUCCESS) 466 return TeecResult; 467 468 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 469 if (TeecResult != TEEC_SUCCESS) 470 return TeecResult; 471 472 TeecResult = TEEC_OpenSession(&TeecContext, 473 &TeecSession, 474 TeecUuid, 475 TEEC_LOGIN_PUBLIC, 476 NULL, 477 NULL, 478 &ErrorOrigin); 479 if (TeecResult != TEEC_SUCCESS) 480 return TeecResult; 481 482 TEEC_SharedMemory SharedMem0 = {0}; 483 484 SharedMem0.size = length * sizeof(uint32_t); 485 SharedMem0.flags = 0; 486 487 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 488 if (TeecResult != TEEC_SUCCESS) 489 goto exit; 490 491 TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 492 TeecOperation.params[0].tmpref.size = SharedMem0.size; 493 494 if (is_write) { 495 memcpy(SharedMem0.buffer, buf, SharedMem0.size); 496 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT, 497 TEEC_NONE, 498 TEEC_NONE, 499 TEEC_NONE); 500 501 } else { 502 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_OUTPUT, 503 TEEC_NONE, 504 TEEC_NONE, 505 TEEC_NONE); 506 } 507 508 TeecResult = TEEC_InvokeCommand(&TeecSession, 509 cmd, 510 &TeecOperation, 511 &ErrorOrigin); 512 if (TeecResult != TEEC_SUCCESS) 513 goto exit; 514 515 if (!is_write) 516 memcpy(buf, SharedMem0.buffer, SharedMem0.size); 517 518 exit: 519 TEEC_ReleaseSharedMemory(&SharedMem0); 520 TEEC_CloseSession(&TeecSession); 521 TEEC_FinalizeContext(&TeecContext); 522 523 return TeecResult; 524 } 525 526 uint32_t trusty_read_attribute_hash(uint32_t *buf, uint32_t length) 527 { 528 return trusty_base_efuse_or_otp_operation(STORAGE_CMD_READ_ATTRIBUTE_HASH, 529 false, buf, length); 530 } 531 532 uint32_t trusty_write_attribute_hash(uint32_t *buf, uint32_t length) 533 { 534 return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_ATTRIBUTE_HASH, 535 true, buf, length); 536 } 537 538 uint32_t trusty_notify_optee_uboot_end(void) 539 { 540 TEEC_Result res; 541 542 res = trusty_base_end_security_data(); 543 res |= trusty_base_end_efuse_or_otp(); 544 return res; 545 } 546 547 uint32_t trusty_read_vbootkey_hash(uint32_t *buf, uint32_t length) 548 { 549 return trusty_base_efuse_or_otp_operation(STORAGE_CMD_READ_VBOOTKEY_HASH, 550 false, buf, length); 551 } 552 553 uint32_t trusty_write_vbootkey_hash(uint32_t *buf, uint32_t length) 554 { 555 return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_VBOOTKEY_HASH, 556 true, buf, length); 557 } 558 559 uint32_t trusty_read_vbootkey_enable_flag(uint8_t *flag) 560 { 561 uint32_t bootflag; 562 TEEC_Result TeecResult; 563 564 *flag = 0; 565 566 TeecResult = trusty_base_efuse_or_otp_operation(STORAGE_CMD_READ_ENABLE_FLAG, 567 false, &bootflag, 1); 568 569 if (TeecResult == TEEC_SUCCESS) { 570 #if defined(CONFIG_ROCKCHIP_RK3288) 571 if (bootflag == 0x00000001) 572 *flag = 1; 573 #else 574 if (bootflag == 0x000000FF) 575 *flag = 1; 576 #endif 577 } 578 return TeecResult; 579 } 580 581 uint32_t trusty_write_ta_encryption_key(uint32_t *buf, uint32_t length) 582 { 583 return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_TA_ENCRYPTION_KEY, 584 true, buf, length); 585 } 586 587 uint32_t trusty_check_security_level_flag(uint8_t flag) 588 { 589 uint32_t levelflag; 590 591 levelflag = flag; 592 return trusty_base_efuse_or_otp_operation(STORAGE_CMD_CHECK_SECURITY_LEVEL_FLAG, 593 true, &levelflag, 1); 594 } 595 596 uint32_t trusty_write_oem_huk(uint32_t *buf, uint32_t length) 597 { 598 return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_OEM_HUK, 599 true, buf, length); 600 } 601 602 void trusty_select_security_level(void) 603 { 604 #if (CONFIG_OPTEE_SECURITY_LEVEL > 0) 605 TEEC_Result TeecResult; 606 607 TeecResult = trusty_check_security_level_flag(CONFIG_OPTEE_SECURITY_LEVEL); 608 if (TeecResult == TEE_ERROR_CANCEL) { 609 run_command("download", 0); 610 return; 611 } 612 613 if (TeecResult == TEEC_SUCCESS) 614 debug("optee select security level success!"); 615 else 616 panic("optee select security level fail!"); 617 618 return; 619 #endif 620 } 621 622 uint32_t trusty_write_oem_ns_otp(uint32_t byte_off, uint8_t *byte_buf, uint32_t byte_len) 623 { 624 TEEC_Result TeecResult; 625 TEEC_Context TeecContext; 626 TEEC_Session TeecSession; 627 uint32_t ErrorOrigin; 628 629 TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 630 { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 631 TEEC_UUID *TeecUuid = &tempuuid; 632 TEEC_Operation TeecOperation = {0}; 633 634 TeecResult = OpteeClientApiLibInitialize(); 635 if (TeecResult != TEEC_SUCCESS) 636 return TeecResult; 637 638 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 639 if (TeecResult != TEEC_SUCCESS) 640 return TeecResult; 641 642 TeecResult = TEEC_OpenSession(&TeecContext, 643 &TeecSession, 644 TeecUuid, 645 TEEC_LOGIN_PUBLIC, 646 NULL, 647 NULL, 648 &ErrorOrigin); 649 if (TeecResult != TEEC_SUCCESS) 650 return TeecResult; 651 652 TeecOperation.params[0].value.a = byte_off; 653 654 TEEC_SharedMemory SharedMem = {0}; 655 656 SharedMem.size = byte_len; 657 SharedMem.flags = 0; 658 659 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem); 660 if (TeecResult != TEEC_SUCCESS) 661 goto exit; 662 663 TeecOperation.params[1].tmpref.buffer = SharedMem.buffer; 664 TeecOperation.params[1].tmpref.size = SharedMem.size; 665 666 memcpy(SharedMem.buffer, byte_buf, SharedMem.size); 667 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 668 TEEC_MEMREF_TEMP_INPUT, 669 TEEC_NONE, 670 TEEC_NONE); 671 672 TeecResult = TEEC_InvokeCommand(&TeecSession, 673 STORAGE_CMD_WRITE_OEM_NS_OTP, 674 &TeecOperation, 675 &ErrorOrigin); 676 if (TeecResult != TEEC_SUCCESS) 677 goto exit; 678 679 exit: 680 TEEC_ReleaseSharedMemory(&SharedMem); 681 TEEC_CloseSession(&TeecSession); 682 TEEC_FinalizeContext(&TeecContext); 683 684 return TeecResult; 685 } 686 687 uint32_t trusty_read_oem_ns_otp(uint32_t byte_off, uint8_t *byte_buf, uint32_t byte_len) 688 { 689 TEEC_Result TeecResult; 690 TEEC_Context TeecContext; 691 TEEC_Session TeecSession; 692 uint32_t ErrorOrigin; 693 694 TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 695 { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 696 TEEC_UUID *TeecUuid = &tempuuid; 697 TEEC_Operation TeecOperation = {0}; 698 699 TeecResult = OpteeClientApiLibInitialize(); 700 if (TeecResult != TEEC_SUCCESS) 701 return TeecResult; 702 703 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 704 if (TeecResult != TEEC_SUCCESS) 705 return TeecResult; 706 707 TeecResult = TEEC_OpenSession(&TeecContext, 708 &TeecSession, 709 TeecUuid, 710 TEEC_LOGIN_PUBLIC, 711 NULL, 712 NULL, 713 &ErrorOrigin); 714 if (TeecResult != TEEC_SUCCESS) 715 return TeecResult; 716 717 TeecOperation.params[0].value.a = byte_off; 718 719 TEEC_SharedMemory SharedMem = {0}; 720 721 SharedMem.size = byte_len; 722 SharedMem.flags = 0; 723 724 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem); 725 if (TeecResult != TEEC_SUCCESS) 726 goto exit; 727 728 TeecOperation.params[1].tmpref.buffer = SharedMem.buffer; 729 TeecOperation.params[1].tmpref.size = SharedMem.size; 730 731 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 732 TEEC_MEMREF_TEMP_OUTPUT, 733 TEEC_NONE, 734 TEEC_NONE); 735 736 TeecResult = TEEC_InvokeCommand(&TeecSession, 737 STORAGE_CMD_READ_OEM_NS_OTP, 738 &TeecOperation, 739 &ErrorOrigin); 740 if (TeecResult != TEEC_SUCCESS) 741 goto exit; 742 743 memcpy(byte_buf, SharedMem.buffer, SharedMem.size); 744 745 exit: 746 TEEC_ReleaseSharedMemory(&SharedMem); 747 TEEC_CloseSession(&TeecSession); 748 TEEC_FinalizeContext(&TeecContext); 749 750 return TeecResult; 751 } 752 753 uint32_t trusty_write_oem_otp_key(enum RK_OEM_OTP_KEYID key_id, 754 uint8_t *byte_buf, uint32_t byte_len) 755 { 756 TEEC_Result TeecResult; 757 TEEC_Context TeecContext; 758 TEEC_Session TeecSession; 759 uint32_t ErrorOrigin; 760 761 TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 762 { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 763 TEEC_UUID *TeecUuid = &tempuuid; 764 TEEC_Operation TeecOperation = {0}; 765 766 TeecResult = OpteeClientApiLibInitialize(); 767 if (TeecResult != TEEC_SUCCESS) 768 return TeecResult; 769 770 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 771 if (TeecResult != TEEC_SUCCESS) 772 return TeecResult; 773 774 TeecResult = TEEC_OpenSession(&TeecContext, 775 &TeecSession, 776 TeecUuid, 777 TEEC_LOGIN_PUBLIC, 778 NULL, 779 NULL, 780 &ErrorOrigin); 781 if (TeecResult != TEEC_SUCCESS) 782 return TeecResult; 783 784 TeecOperation.params[0].value.a = key_id; 785 786 TEEC_SharedMemory SharedMem = {0}; 787 788 SharedMem.size = byte_len; 789 SharedMem.flags = 0; 790 791 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem); 792 if (TeecResult != TEEC_SUCCESS) 793 goto exit; 794 795 TeecOperation.params[1].tmpref.buffer = SharedMem.buffer; 796 TeecOperation.params[1].tmpref.size = SharedMem.size; 797 798 memcpy(SharedMem.buffer, byte_buf, SharedMem.size); 799 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 800 TEEC_MEMREF_TEMP_INPUT, 801 TEEC_NONE, 802 TEEC_NONE); 803 804 TeecResult = TEEC_InvokeCommand(&TeecSession, 805 STORAGE_CMD_WRITE_OEM_OTP_KEY, 806 &TeecOperation, 807 &ErrorOrigin); 808 if (TeecResult != TEEC_SUCCESS) 809 goto exit; 810 811 exit: 812 TEEC_ReleaseSharedMemory(&SharedMem); 813 TEEC_CloseSession(&TeecSession); 814 TEEC_FinalizeContext(&TeecContext); 815 816 return TeecResult; 817 } 818 819 uint32_t trusty_oem_otp_key_is_written(enum RK_OEM_OTP_KEYID key_id, uint8_t *value) 820 { 821 TEEC_Result TeecResult; 822 TEEC_Context TeecContext; 823 TEEC_Session TeecSession; 824 uint32_t ErrorOrigin; 825 826 *value = 0xFF; 827 828 TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 829 { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 830 TEEC_UUID *TeecUuid = &tempuuid; 831 TEEC_Operation TeecOperation = {0}; 832 833 TeecResult = OpteeClientApiLibInitialize(); 834 if (TeecResult != TEEC_SUCCESS) 835 return TeecResult; 836 837 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 838 if (TeecResult != TEEC_SUCCESS) 839 return TeecResult; 840 841 TeecResult = TEEC_OpenSession(&TeecContext, 842 &TeecSession, 843 TeecUuid, 844 TEEC_LOGIN_PUBLIC, 845 NULL, 846 NULL, 847 &ErrorOrigin); 848 if (TeecResult != TEEC_SUCCESS) 849 return TeecResult; 850 851 TeecOperation.params[0].value.a = key_id; 852 853 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INOUT, 854 TEEC_NONE, 855 TEEC_NONE, 856 TEEC_NONE); 857 858 TeecResult = TEEC_InvokeCommand(&TeecSession, 859 STORAGE_CMD_OEM_OTP_KEY_IS_WRITTEN, 860 &TeecOperation, 861 &ErrorOrigin); 862 if (TeecResult == TEEC_SUCCESS) 863 *value = TeecOperation.params[0].value.b; 864 865 TEEC_CloseSession(&TeecSession); 866 TEEC_FinalizeContext(&TeecContext); 867 868 return TeecResult; 869 } 870 871 uint32_t trusty_set_oem_hr_otp_read_lock(enum RK_OEM_OTP_KEYID key_id) 872 { 873 TEEC_Result TeecResult; 874 TEEC_Context TeecContext; 875 TEEC_Session TeecSession; 876 uint32_t ErrorOrigin; 877 878 TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 879 { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 880 TEEC_UUID *TeecUuid = &tempuuid; 881 TEEC_Operation TeecOperation = {0}; 882 883 TeecResult = OpteeClientApiLibInitialize(); 884 if (TeecResult != TEEC_SUCCESS) 885 return TeecResult; 886 887 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 888 if (TeecResult != TEEC_SUCCESS) 889 return TeecResult; 890 891 TeecResult = TEEC_OpenSession(&TeecContext, 892 &TeecSession, 893 TeecUuid, 894 TEEC_LOGIN_PUBLIC, 895 NULL, 896 NULL, 897 &ErrorOrigin); 898 if (TeecResult != TEEC_SUCCESS) 899 return TeecResult; 900 901 TeecOperation.params[0].value.a = key_id; 902 903 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 904 TEEC_NONE, 905 TEEC_NONE, 906 TEEC_NONE); 907 908 TeecResult = TEEC_InvokeCommand(&TeecSession, 909 STORAGE_CMD_SET_OEM_HR_OTP_READ_LOCK, 910 &TeecOperation, 911 &ErrorOrigin); 912 if (TeecResult != TEEC_SUCCESS) 913 goto exit; 914 915 exit: 916 TEEC_CloseSession(&TeecSession); 917 TEEC_FinalizeContext(&TeecContext); 918 919 return TeecResult; 920 } 921 922 uint32_t trusty_oem_otp_key_cipher(enum RK_OEM_OTP_KEYID key_id, rk_cipher_config *config, 923 uint32_t src_phys_addr, uint32_t dst_phys_addr, 924 uint32_t len) 925 { 926 TEEC_Result TeecResult; 927 TEEC_Context TeecContext; 928 TEEC_Session TeecSession; 929 TEEC_Operation TeecOperation = {0}; 930 uint32_t ErrorOrigin; 931 TEEC_UUID uuid = RK_CRYPTO_SERVICE_UUID; 932 TEEC_SharedMemory SharedMem_config = {0}; 933 934 if (key_id != RK_OEM_OTP_KEY0 && 935 key_id != RK_OEM_OTP_KEY1 && 936 key_id != RK_OEM_OTP_KEY2 && 937 key_id != RK_OEM_OTP_KEY3 && 938 key_id != RK_OEM_OTP_KEY_FW) 939 return TEEC_ERROR_BAD_PARAMETERS; 940 941 if (!config) 942 return TEEC_ERROR_BAD_PARAMETERS; 943 944 if (config->algo != RK_ALGO_AES && config->algo != RK_ALGO_SM4) 945 return TEEC_ERROR_BAD_PARAMETERS; 946 947 if (config->mode >= RK_CIPHER_MODE_XTS) 948 return TEEC_ERROR_BAD_PARAMETERS; 949 950 if (config->operation != RK_MODE_ENCRYPT && 951 config->operation != RK_MODE_DECRYPT) 952 return TEEC_ERROR_BAD_PARAMETERS; 953 954 if (config->key_len != 16 && 955 config->key_len != 24 && 956 config->key_len != 32) 957 return TEEC_ERROR_BAD_PARAMETERS; 958 959 if (key_id == RK_OEM_OTP_KEY_FW && config->key_len != 16) 960 return TEEC_ERROR_BAD_PARAMETERS; 961 962 #if defined(CONFIG_ROCKCHIP_RV1126) 963 if (config->key_len == 24) 964 return TEEC_ERROR_BAD_PARAMETERS; 965 #endif 966 967 if (len % AES_BLOCK_SIZE || 968 len == 0) 969 return TEEC_ERROR_BAD_PARAMETERS; 970 971 if (!src_phys_addr || !dst_phys_addr) 972 return TEEC_ERROR_BAD_PARAMETERS; 973 974 TeecResult = OpteeClientApiLibInitialize(); 975 if (TeecResult != TEEC_SUCCESS) 976 return TeecResult; 977 978 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 979 if (TeecResult != TEEC_SUCCESS) 980 return TeecResult; 981 982 TeecResult = TEEC_OpenSession(&TeecContext, 983 &TeecSession, 984 &uuid, 985 TEEC_LOGIN_PUBLIC, 986 NULL, 987 NULL, 988 &ErrorOrigin); 989 if (TeecResult != TEEC_SUCCESS) 990 goto exit; 991 992 SharedMem_config.size = sizeof(rk_cipher_config); 993 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem_config); 994 if (TeecResult != TEEC_SUCCESS) 995 goto exit; 996 997 memcpy(SharedMem_config.buffer, config, sizeof(rk_cipher_config)); 998 TeecOperation.params[0].value.a = key_id; 999 TeecOperation.params[1].tmpref.buffer = SharedMem_config.buffer; 1000 TeecOperation.params[1].tmpref.size = SharedMem_config.size; 1001 TeecOperation.params[2].value.a = src_phys_addr; 1002 TeecOperation.params[2].value.b = len; 1003 TeecOperation.params[3].value.a = dst_phys_addr; 1004 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 1005 TEEC_MEMREF_TEMP_INPUT, 1006 TEEC_VALUE_INPUT, 1007 TEEC_VALUE_INPUT); 1008 1009 crypto_flush_cacheline(src_phys_addr, len); 1010 crypto_flush_cacheline(dst_phys_addr, len); 1011 1012 TeecResult = TEEC_InvokeCommand(&TeecSession, 1013 CRYPTO_SERVICE_CMD_OEM_OTP_KEY_PHYS_CIPHER, 1014 &TeecOperation, 1015 &ErrorOrigin); 1016 1017 exit: 1018 TEEC_ReleaseSharedMemory(&SharedMem_config); 1019 TEEC_CloseSession(&TeecSession); 1020 TEEC_FinalizeContext(&TeecContext); 1021 return TeecResult; 1022 } 1023 1024 uint32_t trusty_attest_dh(uint8_t *dh, uint32_t *dh_size) 1025 { 1026 TEEC_Result TeecResult; 1027 TEEC_Context TeecContext; 1028 TEEC_Session TeecSession; 1029 uint32_t ErrorOrigin; 1030 TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 1031 { 0xa8, 0x69, 0x9c, 0xe6, 1032 0x88, 0x6c, 0x5d, 0x5d 1033 } 1034 }; 1035 TEEC_UUID *TeecUuid = &tempuuid; 1036 TEEC_Operation TeecOperation = {0}; 1037 struct blk_desc *dev_desc; 1038 dev_desc = rockchip_get_bootdev(); 1039 if (!dev_desc) { 1040 printf("%s: dev_desc is NULL!\n", __func__); 1041 return -TEEC_ERROR_GENERIC; 1042 } 1043 1044 TeecResult = OpteeClientApiLibInitialize(); 1045 if (TeecResult != TEEC_SUCCESS) 1046 return TeecResult; 1047 1048 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 1049 if (TeecResult != TEEC_SUCCESS) 1050 return TeecResult; 1051 1052 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 1053 TEEC_NONE, 1054 TEEC_NONE, 1055 TEEC_NONE); 1056 /*0 nand or emmc "security" partition , 1 rpmb*/ 1057 if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 1058 TeecOperation.params[0].value.a = 1; 1059 else 1060 TeecOperation.params[0].value.a = 0; 1061 1062 #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 1063 TeecOperation.params[0].value.a = 0; 1064 #endif 1065 1066 TeecResult = TEEC_OpenSession(&TeecContext, 1067 &TeecSession, 1068 TeecUuid, 1069 TEEC_LOGIN_PUBLIC, 1070 NULL, 1071 &TeecOperation, 1072 &ErrorOrigin); 1073 if (TeecResult != TEEC_SUCCESS) 1074 return TeecResult; 1075 1076 TEEC_SharedMemory SharedMem0 = {0}; 1077 1078 SharedMem0.size = *dh_size; 1079 SharedMem0.flags = 0; 1080 1081 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1082 if (TeecResult != TEEC_SUCCESS) 1083 goto exit; 1084 1085 TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 1086 TeecOperation.params[0].tmpref.size = SharedMem0.size; 1087 1088 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 1089 TEEC_NONE, 1090 TEEC_NONE, 1091 TEEC_NONE); 1092 1093 TeecResult = TEEC_InvokeCommand(&TeecSession, 1094 143, 1095 &TeecOperation, 1096 &ErrorOrigin); 1097 if (TeecResult != TEEC_SUCCESS) 1098 goto exit; 1099 1100 *dh_size = TeecOperation.params[0].tmpref.size; 1101 memcpy(dh, SharedMem0.buffer, SharedMem0.size); 1102 exit: 1103 TEEC_ReleaseSharedMemory(&SharedMem0); 1104 TEEC_CloseSession(&TeecSession); 1105 TEEC_FinalizeContext(&TeecContext); 1106 1107 return TeecResult; 1108 } 1109 1110 uint32_t trusty_attest_uuid(uint8_t *uuid, uint32_t *uuid_size) 1111 { 1112 TEEC_Result TeecResult; 1113 TEEC_Context TeecContext; 1114 TEEC_Session TeecSession; 1115 uint32_t ErrorOrigin; 1116 TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 1117 { 0xa8, 0x69, 0x9c, 0xe6, 1118 0x88, 0x6c, 0x5d, 0x5d 1119 } 1120 }; 1121 TEEC_UUID *TeecUuid = &tempuuid; 1122 TEEC_Operation TeecOperation = {0}; 1123 struct blk_desc *dev_desc; 1124 dev_desc = rockchip_get_bootdev(); 1125 if (!dev_desc) { 1126 printf("%s: dev_desc is NULL!\n", __func__); 1127 return -TEEC_ERROR_GENERIC; 1128 } 1129 1130 TeecResult = OpteeClientApiLibInitialize(); 1131 if (TeecResult != TEEC_SUCCESS) 1132 return TeecResult; 1133 1134 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 1135 if (TeecResult != TEEC_SUCCESS) 1136 return TeecResult; 1137 1138 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 1139 TEEC_NONE, 1140 TEEC_NONE, 1141 TEEC_NONE); 1142 /*0 nand or emmc "security" partition , 1 rpmb*/ 1143 if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 1144 TeecOperation.params[0].value.a = 1; 1145 else 1146 TeecOperation.params[0].value.a = 0; 1147 1148 #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 1149 TeecOperation.params[0].value.a = 0; 1150 #endif 1151 1152 TeecResult = TEEC_OpenSession(&TeecContext, 1153 &TeecSession, 1154 TeecUuid, 1155 TEEC_LOGIN_PUBLIC, 1156 NULL, 1157 &TeecOperation, 1158 &ErrorOrigin); 1159 if (TeecResult != TEEC_SUCCESS) 1160 return TeecResult; 1161 1162 TEEC_SharedMemory SharedMem0 = {0}; 1163 1164 SharedMem0.size = *uuid_size; 1165 SharedMem0.flags = 0; 1166 1167 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1168 if (TeecResult != TEEC_SUCCESS) 1169 goto exit; 1170 1171 TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 1172 TeecOperation.params[0].tmpref.size = SharedMem0.size; 1173 1174 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 1175 TEEC_NONE, 1176 TEEC_NONE, 1177 TEEC_NONE); 1178 1179 TeecResult = TEEC_InvokeCommand(&TeecSession, 1180 144, 1181 &TeecOperation, 1182 &ErrorOrigin); 1183 if (TeecResult != TEEC_SUCCESS) 1184 goto exit; 1185 1186 *uuid_size = TeecOperation.params[0].tmpref.size; 1187 memcpy(uuid, SharedMem0.buffer, SharedMem0.size); 1188 exit: 1189 TEEC_ReleaseSharedMemory(&SharedMem0); 1190 TEEC_CloseSession(&TeecSession); 1191 TEEC_FinalizeContext(&TeecContext); 1192 1193 return TeecResult; 1194 } 1195 1196 uint32_t trusty_attest_get_ca(uint8_t *operation_start, 1197 uint32_t *operation_size, 1198 uint8_t *out, 1199 uint32_t *out_len) 1200 { 1201 TEEC_Result TeecResult; 1202 TEEC_Context TeecContext; 1203 TEEC_Session TeecSession; 1204 uint32_t ErrorOrigin; 1205 1206 TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 1207 { 0xa8, 0x69, 0x9c, 0xe6, 1208 0x88, 0x6c, 0x5d, 0x5d 1209 } 1210 }; 1211 1212 TEEC_UUID *TeecUuid = &tempuuid; 1213 TEEC_Operation TeecOperation = {0}; 1214 struct blk_desc *dev_desc; 1215 dev_desc = rockchip_get_bootdev(); 1216 if (!dev_desc) { 1217 printf("%s: dev_desc is NULL!\n", __func__); 1218 return -TEEC_ERROR_GENERIC; 1219 } 1220 1221 TeecResult = OpteeClientApiLibInitialize(); 1222 if (TeecResult != TEEC_SUCCESS) 1223 return TeecResult; 1224 1225 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 1226 if (TeecResult != TEEC_SUCCESS) 1227 return TeecResult; 1228 1229 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 1230 TEEC_NONE, 1231 TEEC_NONE, 1232 TEEC_NONE); 1233 /*0 nand or emmc "security" partition , 1 rpmb*/ 1234 if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 1235 TeecOperation.params[0].value.a = 1; 1236 else 1237 TeecOperation.params[0].value.a = 0; 1238 1239 #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 1240 TeecOperation.params[0].value.a = 0; 1241 #endif 1242 1243 TeecResult = TEEC_OpenSession(&TeecContext, 1244 &TeecSession, 1245 TeecUuid, 1246 TEEC_LOGIN_PUBLIC, 1247 NULL, 1248 &TeecOperation, 1249 &ErrorOrigin); 1250 if (TeecResult != TEEC_SUCCESS) 1251 return TeecResult; 1252 1253 TEEC_SharedMemory SharedMem0 = {0}; 1254 1255 SharedMem0.size = *operation_size; 1256 SharedMem0.flags = 0; 1257 1258 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1259 if (TeecResult != TEEC_SUCCESS) 1260 goto exit; 1261 1262 memcpy(SharedMem0.buffer, operation_start, SharedMem0.size); 1263 1264 TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 1265 TeecOperation.params[0].tmpref.size = SharedMem0.size; 1266 1267 TEEC_SharedMemory SharedMem1 = {0}; 1268 1269 SharedMem1.size = *out_len; 1270 SharedMem1.flags = 0; 1271 1272 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem1); 1273 if (TeecResult != TEEC_SUCCESS) 1274 goto exit; 1275 1276 TeecOperation.params[1].tmpref.buffer = SharedMem1.buffer; 1277 TeecOperation.params[1].tmpref.size = SharedMem1.size; 1278 1279 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 1280 TEEC_MEMREF_TEMP_INOUT, 1281 TEEC_NONE, 1282 TEEC_NONE); 1283 1284 TeecResult = TEEC_InvokeCommand(&TeecSession, 1285 145, 1286 &TeecOperation, 1287 &ErrorOrigin); 1288 if (TeecResult != TEEC_SUCCESS) 1289 goto exit; 1290 1291 *out_len = TeecOperation.params[1].tmpref.size; 1292 memcpy(out, SharedMem1.buffer, SharedMem1.size); 1293 exit: 1294 TEEC_ReleaseSharedMemory(&SharedMem0); 1295 TEEC_ReleaseSharedMemory(&SharedMem1); 1296 TEEC_CloseSession(&TeecSession); 1297 TEEC_FinalizeContext(&TeecContext); 1298 1299 return TeecResult; 1300 } 1301 1302 uint32_t trusty_attest_set_ca(uint8_t *ca_response, uint32_t *ca_response_size) 1303 { 1304 TEEC_Result TeecResult; 1305 TEEC_Context TeecContext; 1306 TEEC_Session TeecSession; 1307 uint32_t ErrorOrigin; 1308 TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 1309 { 0xa8, 0x69, 0x9c, 0xe6, 1310 0x88, 0x6c, 0x5d, 0x5d 1311 } 1312 }; 1313 TEEC_UUID *TeecUuid = &tempuuid; 1314 TEEC_Operation TeecOperation = {0}; 1315 struct blk_desc *dev_desc; 1316 dev_desc = rockchip_get_bootdev(); 1317 if (!dev_desc) { 1318 printf("%s: dev_desc is NULL!\n", __func__); 1319 return -TEEC_ERROR_GENERIC; 1320 } 1321 TeecResult = OpteeClientApiLibInitialize(); 1322 if (TeecResult != TEEC_SUCCESS) 1323 return TeecResult; 1324 1325 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 1326 if (TeecResult != TEEC_SUCCESS) 1327 return TeecResult; 1328 1329 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 1330 TEEC_NONE, 1331 TEEC_NONE, 1332 TEEC_NONE); 1333 /*0 nand or emmc "security" partition , 1 rpmb*/ 1334 if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 1335 TeecOperation.params[0].value.a = 1; 1336 else 1337 TeecOperation.params[0].value.a = 0; 1338 1339 #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 1340 TeecOperation.params[0].value.a = 0; 1341 #endif 1342 1343 TeecResult = TEEC_OpenSession(&TeecContext, 1344 &TeecSession, 1345 TeecUuid, 1346 TEEC_LOGIN_PUBLIC, 1347 NULL, 1348 &TeecOperation, 1349 &ErrorOrigin); 1350 if (TeecResult != TEEC_SUCCESS) 1351 return TeecResult; 1352 1353 TEEC_SharedMemory SharedMem0 = {0}; 1354 1355 SharedMem0.size = *ca_response_size; 1356 SharedMem0.flags = 0; 1357 1358 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1359 if (TeecResult != TEEC_SUCCESS) 1360 goto exit; 1361 1362 memcpy(SharedMem0.buffer, ca_response, SharedMem0.size); 1363 1364 TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 1365 TeecOperation.params[0].tmpref.size = SharedMem0.size; 1366 1367 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 1368 TEEC_NONE, 1369 TEEC_NONE, 1370 TEEC_NONE); 1371 1372 TeecResult = TEEC_InvokeCommand(&TeecSession, 1373 146, 1374 &TeecOperation, 1375 &ErrorOrigin); 1376 if (TeecResult != TEEC_SUCCESS) 1377 goto exit; 1378 exit: 1379 TEEC_ReleaseSharedMemory(&SharedMem0); 1380 TEEC_CloseSession(&TeecSession); 1381 TEEC_FinalizeContext(&TeecContext); 1382 1383 return TeecResult; 1384 } 1385