1 /* 2 * Copyright 2017, Rockchip Electronics Co., Ltd 3 * hisping lin, <hisping.lin@rock-chips.com> 4 * 5 * SPDX-License-Identifier: GPL-2.0+ 6 */ 7 8 #include <common.h> 9 #include <optee_include/OpteeClientInterface.h> 10 #include <optee_include/OpteeClientApiLib.h> 11 #include <optee_include/tee_client_api.h> 12 #include <optee_include/tee_api_defines.h> 13 #include <boot_rkimg.h> 14 #include <stdlib.h> 15 #include <attestation_key.h> 16 17 #define BOOT_FROM_EMMC (1 << 1) 18 #define STORAGE_CMD_READ_ATTRIBUTE_HASH 0 19 #define STORAGE_CMD_WRITE_ATTRIBUTE_HASH 1 20 #define STORAGE_CMD_UBOOT_END_OTP 2 21 #define STORAGE_CMD_READ_VBOOTKEY_HASH 3 22 #define STORAGE_CMD_WRITE_VBOOTKEY_HASH 4 23 #define STORAGE_CMD_READ_ENABLE_FLAG 5 24 #define STORAGE_CMD_WRITE_TA_ENCRYPTION_KEY 9 25 #define STORAGE_CMD_CHECK_SECURITY_LEVEL_FLAG 10 26 #define STORAGE_CMD_WRITE_OEM_HUK 11 27 #define STORAGE_CMD_WRITE_OEM_NS_OTP 12 28 #define STORAGE_CMD_READ_OEM_NS_OTP 13 29 #define STORAGE_CMD_WRITE_OEM_OTP_KEY 14 30 #define STORAGE_CMD_SET_OEM_HR_OTP_READ_LOCK 15 31 32 #define CRYPTO_SERVICE_CMD_OEM_OTP_KEY_PHYS_CIPHER 0x00000002 33 34 #define RK_CRYPTO_SERVICE_UUID { 0x0cacdb5d, 0x4fea, 0x466c, \ 35 { 0x97, 0x16, 0x3d, 0x54, 0x16, 0x52, 0x83, 0x0f } } 36 37 static uint8_t b2hs_add_base(uint8_t in) 38 { 39 if (in > 9) 40 return in + 55; 41 else 42 return in + 48; 43 } 44 45 static uint32_t b2hs(uint8_t *b, uint8_t *hs, uint32_t blen, uint32_t hslen) 46 { 47 uint32_t i = 0; 48 49 if (blen * 2 + 1 > hslen) 50 return 0; 51 52 for (; i < blen; i++) { 53 hs[i * 2 + 1] = b2hs_add_base(b[i] & 0xf); 54 hs[i * 2] = b2hs_add_base(b[i] >> 4); 55 } 56 hs[blen * 2] = 0; 57 58 return blen * 2; 59 } 60 61 static void crypto_flush_cacheline(uint32_t addr, uint32_t size) 62 { 63 ulong alignment = CONFIG_SYS_CACHELINE_SIZE; 64 ulong aligned_input, aligned_len; 65 66 if (!addr || !size) 67 return; 68 69 /* Must flush dcache before crypto DMA fetch data region */ 70 aligned_input = round_down(addr, alignment); 71 aligned_len = round_up(size + (addr - aligned_input), alignment); 72 flush_cache(aligned_input, aligned_len); 73 } 74 75 static uint32_t trusty_base_write_security_data(char *filename, 76 uint32_t filename_size, 77 uint8_t *data, 78 uint32_t data_size) 79 { 80 TEEC_Result TeecResult; 81 TEEC_Context TeecContext; 82 TEEC_Session TeecSession; 83 uint32_t ErrorOrigin; 84 TEEC_UUID tempuuid = { 0x1b484ea5, 0x698b, 0x4142, 85 { 0x82, 0xb8, 0x3a, 0xcf, 0x16, 0xe9, 0x9e, 0x2a } }; 86 TEEC_UUID *TeecUuid = &tempuuid; 87 TEEC_Operation TeecOperation = {0}; 88 struct blk_desc *dev_desc; 89 dev_desc = rockchip_get_bootdev(); 90 if (!dev_desc) { 91 printf("%s: dev_desc is NULL!\n", __func__); 92 return -TEEC_ERROR_GENERIC; 93 } 94 95 TeecResult = OpteeClientApiLibInitialize(); 96 if (TeecResult != TEEC_SUCCESS) 97 return TeecResult; 98 99 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 100 if (TeecResult != TEEC_SUCCESS) 101 return TeecResult; 102 103 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 104 TEEC_NONE, 105 TEEC_NONE, 106 TEEC_NONE); 107 /*0 nand or emmc "security" partition , 1 rpmb*/ 108 if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 109 TeecOperation.params[0].value.a = 1; 110 else 111 TeecOperation.params[0].value.a = 0; 112 #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 113 TeecOperation.params[0].value.a = 0; 114 #endif 115 116 TeecResult = TEEC_OpenSession(&TeecContext, 117 &TeecSession, 118 TeecUuid, 119 TEEC_LOGIN_PUBLIC, 120 NULL, 121 &TeecOperation, 122 &ErrorOrigin); 123 if (TeecResult != TEEC_SUCCESS) 124 return TeecResult; 125 126 TEEC_SharedMemory SharedMem0 = {0}; 127 128 SharedMem0.size = filename_size; 129 SharedMem0.flags = 0; 130 131 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 132 if (TeecResult != TEEC_SUCCESS) 133 goto exit; 134 135 memcpy(SharedMem0.buffer, filename, SharedMem0.size); 136 137 TEEC_SharedMemory SharedMem1 = {0}; 138 139 SharedMem1.size = data_size; 140 SharedMem1.flags = 0; 141 142 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem1); 143 if (TeecResult != TEEC_SUCCESS) 144 goto exit; 145 146 memcpy(SharedMem1.buffer, data, SharedMem1.size); 147 148 TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 149 TeecOperation.params[0].tmpref.size = SharedMem0.size; 150 151 TeecOperation.params[1].tmpref.buffer = SharedMem1.buffer; 152 TeecOperation.params[1].tmpref.size = SharedMem1.size; 153 154 155 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT, 156 TEEC_MEMREF_TEMP_INOUT, 157 TEEC_NONE, 158 TEEC_NONE); 159 160 TeecResult = TEEC_InvokeCommand(&TeecSession, 161 1, 162 &TeecOperation, 163 &ErrorOrigin); 164 if (TeecResult != TEEC_SUCCESS) 165 goto exit; 166 exit: 167 TEEC_ReleaseSharedMemory(&SharedMem0); 168 TEEC_ReleaseSharedMemory(&SharedMem1); 169 TEEC_CloseSession(&TeecSession); 170 TEEC_FinalizeContext(&TeecContext); 171 172 return TeecResult; 173 } 174 175 static uint32_t trusty_base_read_security_data(char *filename, 176 uint32_t filename_size, 177 uint8_t *data, 178 uint32_t data_size) 179 { 180 TEEC_Result TeecResult; 181 TEEC_Context TeecContext; 182 TEEC_Session TeecSession; 183 uint32_t ErrorOrigin; 184 TEEC_UUID tempuuid = { 0x1b484ea5, 0x698b, 0x4142, 185 { 0x82, 0xb8, 0x3a, 0xcf, 0x16, 0xe9, 0x9e, 0x2a } }; 186 TEEC_UUID *TeecUuid = &tempuuid; 187 TEEC_Operation TeecOperation = {0}; 188 189 struct blk_desc *dev_desc; 190 dev_desc = rockchip_get_bootdev(); 191 if (!dev_desc) { 192 printf("%s: dev_desc is NULL!\n", __func__); 193 return -TEEC_ERROR_GENERIC; 194 } 195 196 TeecResult = OpteeClientApiLibInitialize(); 197 if (TeecResult != TEEC_SUCCESS) 198 return TeecResult; 199 200 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 201 if (TeecResult != TEEC_SUCCESS) 202 return TeecResult; 203 204 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 205 TEEC_NONE, 206 TEEC_NONE, 207 TEEC_NONE); 208 /*0 nand or emmc "security" partition , 1 rpmb*/ 209 if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 210 TeecOperation.params[0].value.a = 1; 211 else 212 TeecOperation.params[0].value.a = 0; 213 #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 214 TeecOperation.params[0].value.a = 0; 215 #endif 216 217 TeecResult = TEEC_OpenSession(&TeecContext, 218 &TeecSession, 219 TeecUuid, 220 TEEC_LOGIN_PUBLIC, 221 NULL, 222 &TeecOperation, 223 &ErrorOrigin); 224 if (TeecResult != TEEC_SUCCESS) 225 return TeecResult; 226 227 TEEC_SharedMemory SharedMem0 = {0}; 228 229 SharedMem0.size = filename_size; 230 SharedMem0.flags = 0; 231 232 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 233 if (TeecResult != TEEC_SUCCESS) 234 goto exit; 235 236 memcpy(SharedMem0.buffer, filename, SharedMem0.size); 237 238 TEEC_SharedMemory SharedMem1 = {0}; 239 240 SharedMem1.size = data_size; 241 SharedMem1.flags = 0; 242 243 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem1); 244 if (TeecResult != TEEC_SUCCESS) 245 goto exit; 246 247 TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 248 TeecOperation.params[0].tmpref.size = SharedMem0.size; 249 250 TeecOperation.params[1].tmpref.buffer = SharedMem1.buffer; 251 TeecOperation.params[1].tmpref.size = SharedMem1.size; 252 253 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT, 254 TEEC_MEMREF_TEMP_INOUT, 255 TEEC_NONE, 256 TEEC_NONE); 257 258 TeecResult = TEEC_InvokeCommand(&TeecSession, 259 0, 260 &TeecOperation, 261 &ErrorOrigin); 262 if (TeecResult == TEEC_SUCCESS) 263 memcpy(data, SharedMem1.buffer, SharedMem1.size); 264 exit: 265 TEEC_ReleaseSharedMemory(&SharedMem0); 266 TEEC_ReleaseSharedMemory(&SharedMem1); 267 TEEC_CloseSession(&TeecSession); 268 TEEC_FinalizeContext(&TeecContext); 269 270 return TeecResult; 271 } 272 273 static uint32_t trusty_base_end_security_data(void) 274 { 275 TEEC_Result TeecResult; 276 TEEC_Context TeecContext; 277 TEEC_Session TeecSession; 278 uint32_t ErrorOrigin; 279 TEEC_UUID tempuuid = { 0x1b484ea5, 0x698b, 0x4142, 280 { 0x82, 0xb8, 0x3a, 0xcf, 0x16, 0xe9, 0x9e, 0x2a } }; 281 TEEC_UUID *TeecUuid = &tempuuid; 282 TEEC_Operation TeecOperation = {0}; 283 284 TeecResult = OpteeClientApiLibInitialize(); 285 if (TeecResult != TEEC_SUCCESS) 286 return TeecResult; 287 288 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 289 if (TeecResult != TEEC_SUCCESS) 290 return TeecResult; 291 292 TeecResult = TEEC_OpenSession(&TeecContext, 293 &TeecSession, 294 TeecUuid, 295 TEEC_LOGIN_PUBLIC, 296 NULL, 297 NULL, 298 &ErrorOrigin); 299 if (TeecResult != TEEC_SUCCESS) 300 return TeecResult; 301 302 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_NONE, 303 TEEC_NONE, 304 TEEC_NONE, 305 TEEC_NONE); 306 307 TeecResult = TEEC_InvokeCommand(&TeecSession, 308 2, 309 &TeecOperation, 310 &ErrorOrigin); 311 if (TeecResult != TEEC_SUCCESS) 312 goto exit; 313 exit: 314 TEEC_CloseSession(&TeecSession); 315 TEEC_FinalizeContext(&TeecContext); 316 317 return TeecResult; 318 } 319 320 uint32_t trusty_read_rollback_index(uint32_t slot, uint64_t *value) 321 { 322 char hs[9]; 323 324 b2hs((uint8_t *)&slot, (uint8_t *)hs, 4, 9); 325 326 return trusty_base_read_security_data(hs, 8, (uint8_t *)value, 8); 327 } 328 329 uint32_t trusty_write_rollback_index(uint32_t slot, uint64_t value) 330 { 331 char hs[9]; 332 333 b2hs((uint8_t *)&slot, (uint8_t *)hs, 4, 9); 334 335 return trusty_base_write_security_data(hs, 8, (uint8_t *)&value, 8); 336 } 337 338 uint32_t trusty_read_permanent_attributes(uint8_t *attributes, uint32_t size) 339 { 340 return trusty_base_read_security_data("attributes", 341 sizeof("attributes"), attributes, size); 342 } 343 344 uint32_t trusty_write_permanent_attributes(uint8_t *attributes, uint32_t size) 345 { 346 return trusty_base_write_security_data("attributes", 347 sizeof("attributes"), attributes, size); 348 } 349 350 uint32_t trusty_read_permanent_attributes_flag(uint8_t *attributes) 351 { 352 return trusty_base_read_security_data("attributes_flag", 353 sizeof("attributes_flag"), attributes, 1); 354 } 355 356 uint32_t trusty_write_permanent_attributes_flag(uint8_t attributes) 357 { 358 return trusty_base_write_security_data("attributes_flag", 359 sizeof("attributes_flag"), &attributes, 1); 360 } 361 362 uint32_t trusty_read_permanent_attributes_cer(uint8_t *attributes, 363 uint32_t size) 364 { 365 return trusty_base_read_security_data("rsacer", 366 sizeof("rsacer"), attributes, size); 367 } 368 369 uint32_t trusty_write_permanent_attributes_cer(uint8_t *attributes, 370 uint32_t size) 371 { 372 return trusty_base_write_security_data("rsacer", 373 sizeof("rsacer"), attributes, size); 374 } 375 376 uint32_t trusty_read_lock_state(uint8_t *lock_state) 377 { 378 return trusty_base_read_security_data("lock_state", 379 sizeof("lock_state"), lock_state, 1); 380 } 381 382 uint32_t trusty_write_lock_state(uint8_t lock_state) 383 { 384 return trusty_base_write_security_data("lock_state", 385 sizeof("lock_state"), &lock_state, 1); 386 } 387 388 uint32_t trusty_read_flash_lock_state(uint8_t *flash_lock_state) 389 { 390 return trusty_base_read_security_data("flash_lock_state", 391 sizeof("flash_lock_state"), flash_lock_state, 1); 392 } 393 394 uint32_t trusty_write_flash_lock_state(uint8_t flash_lock_state) 395 { 396 return trusty_base_write_security_data("flash_lock_state", 397 sizeof("flash_lock_state"), &flash_lock_state, 1); 398 } 399 400 static uint32_t trusty_base_end_efuse_or_otp(void) 401 { 402 TEEC_Result TeecResult; 403 TEEC_Context TeecContext; 404 TEEC_Session TeecSession; 405 uint32_t ErrorOrigin; 406 TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 407 { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 408 409 TEEC_UUID *TeecUuid = &tempuuid; 410 TEEC_Operation TeecOperation = {0}; 411 412 TeecResult = OpteeClientApiLibInitialize(); 413 if (TeecResult != TEEC_SUCCESS) 414 return TeecResult; 415 416 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 417 if (TeecResult != TEEC_SUCCESS) 418 return TeecResult; 419 420 TeecResult = TEEC_OpenSession(&TeecContext, 421 &TeecSession, 422 TeecUuid, 423 TEEC_LOGIN_PUBLIC, 424 NULL, 425 NULL, 426 &ErrorOrigin); 427 if (TeecResult != TEEC_SUCCESS) 428 return TeecResult; 429 430 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_NONE, 431 TEEC_NONE, 432 TEEC_NONE, 433 TEEC_NONE); 434 435 TeecResult = TEEC_InvokeCommand(&TeecSession, 436 STORAGE_CMD_UBOOT_END_OTP, 437 &TeecOperation, 438 &ErrorOrigin); 439 if (TeecResult != TEEC_SUCCESS) 440 goto exit; 441 exit: 442 TEEC_CloseSession(&TeecSession); 443 TEEC_FinalizeContext(&TeecContext); 444 445 return TeecResult; 446 } 447 448 static uint32_t trusty_base_efuse_or_otp_operation(uint32_t cmd, 449 uint8_t is_write, 450 uint32_t *buf, 451 uint32_t length) 452 { 453 TEEC_Result TeecResult; 454 TEEC_Context TeecContext; 455 TEEC_Session TeecSession; 456 uint32_t ErrorOrigin; 457 458 TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 459 { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 460 TEEC_UUID *TeecUuid = &tempuuid; 461 TEEC_Operation TeecOperation = {0}; 462 463 TeecResult = OpteeClientApiLibInitialize(); 464 if (TeecResult != TEEC_SUCCESS) 465 return TeecResult; 466 467 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 468 if (TeecResult != TEEC_SUCCESS) 469 return TeecResult; 470 471 TeecResult = TEEC_OpenSession(&TeecContext, 472 &TeecSession, 473 TeecUuid, 474 TEEC_LOGIN_PUBLIC, 475 NULL, 476 NULL, 477 &ErrorOrigin); 478 if (TeecResult != TEEC_SUCCESS) 479 return TeecResult; 480 481 TEEC_SharedMemory SharedMem0 = {0}; 482 483 SharedMem0.size = length * sizeof(uint32_t); 484 SharedMem0.flags = 0; 485 486 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 487 if (TeecResult != TEEC_SUCCESS) 488 goto exit; 489 490 TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 491 TeecOperation.params[0].tmpref.size = SharedMem0.size; 492 493 if (is_write) { 494 memcpy(SharedMem0.buffer, buf, SharedMem0.size); 495 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT, 496 TEEC_NONE, 497 TEEC_NONE, 498 TEEC_NONE); 499 500 } else { 501 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_OUTPUT, 502 TEEC_NONE, 503 TEEC_NONE, 504 TEEC_NONE); 505 } 506 507 TeecResult = TEEC_InvokeCommand(&TeecSession, 508 cmd, 509 &TeecOperation, 510 &ErrorOrigin); 511 if (TeecResult != TEEC_SUCCESS) 512 goto exit; 513 514 if (!is_write) 515 memcpy(buf, SharedMem0.buffer, SharedMem0.size); 516 517 exit: 518 TEEC_ReleaseSharedMemory(&SharedMem0); 519 TEEC_CloseSession(&TeecSession); 520 TEEC_FinalizeContext(&TeecContext); 521 522 return TeecResult; 523 } 524 525 uint32_t trusty_read_attribute_hash(uint32_t *buf, uint32_t length) 526 { 527 return trusty_base_efuse_or_otp_operation(STORAGE_CMD_READ_ATTRIBUTE_HASH, 528 false, buf, length); 529 } 530 531 uint32_t trusty_write_attribute_hash(uint32_t *buf, uint32_t length) 532 { 533 return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_ATTRIBUTE_HASH, 534 true, buf, length); 535 } 536 537 uint32_t trusty_notify_optee_uboot_end(void) 538 { 539 TEEC_Result res; 540 541 res = trusty_base_end_security_data(); 542 res |= trusty_base_end_efuse_or_otp(); 543 return res; 544 } 545 546 uint32_t trusty_read_vbootkey_hash(uint32_t *buf, uint32_t length) 547 { 548 return trusty_base_efuse_or_otp_operation(STORAGE_CMD_READ_VBOOTKEY_HASH, 549 false, buf, length); 550 } 551 552 uint32_t trusty_write_vbootkey_hash(uint32_t *buf, uint32_t length) 553 { 554 return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_VBOOTKEY_HASH, 555 true, buf, length); 556 } 557 558 uint32_t trusty_read_vbootkey_enable_flag(uint8_t *flag) 559 { 560 uint32_t bootflag; 561 TEEC_Result TeecResult; 562 563 *flag = 0; 564 565 TeecResult = trusty_base_efuse_or_otp_operation(STORAGE_CMD_READ_ENABLE_FLAG, 566 false, &bootflag, 1); 567 568 if (TeecResult == TEEC_SUCCESS) { 569 #if defined(CONFIG_ROCKCHIP_RK3288) 570 if (bootflag == 0x00000001) 571 *flag = 1; 572 #else 573 if (bootflag == 0x000000FF) 574 *flag = 1; 575 #endif 576 } 577 return TeecResult; 578 } 579 580 uint32_t trusty_write_ta_encryption_key(uint32_t *buf, uint32_t length) 581 { 582 return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_TA_ENCRYPTION_KEY, 583 true, buf, length); 584 } 585 586 uint32_t trusty_check_security_level_flag(uint8_t flag) 587 { 588 uint32_t levelflag; 589 590 levelflag = flag; 591 return trusty_base_efuse_or_otp_operation(STORAGE_CMD_CHECK_SECURITY_LEVEL_FLAG, 592 true, &levelflag, 1); 593 } 594 595 uint32_t trusty_write_oem_huk(uint32_t *buf, uint32_t length) 596 { 597 return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_OEM_HUK, 598 true, buf, length); 599 } 600 601 void trusty_select_security_level(void) 602 { 603 #if (CONFIG_OPTEE_SECURITY_LEVEL > 0) 604 TEEC_Result TeecResult; 605 606 TeecResult = trusty_check_security_level_flag(CONFIG_OPTEE_SECURITY_LEVEL); 607 if (TeecResult == TEE_ERROR_CANCEL) { 608 run_command("download", 0); 609 return; 610 } 611 612 if (TeecResult == TEEC_SUCCESS) 613 debug("optee select security level success!"); 614 else 615 panic("optee select security level fail!"); 616 617 return; 618 #endif 619 } 620 621 uint32_t trusty_write_oem_ns_otp(uint32_t byte_off, uint8_t *byte_buf, uint32_t byte_len) 622 { 623 TEEC_Result TeecResult; 624 TEEC_Context TeecContext; 625 TEEC_Session TeecSession; 626 uint32_t ErrorOrigin; 627 628 TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 629 { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 630 TEEC_UUID *TeecUuid = &tempuuid; 631 TEEC_Operation TeecOperation = {0}; 632 633 TeecResult = OpteeClientApiLibInitialize(); 634 if (TeecResult != TEEC_SUCCESS) 635 return TeecResult; 636 637 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 638 if (TeecResult != TEEC_SUCCESS) 639 return TeecResult; 640 641 TeecResult = TEEC_OpenSession(&TeecContext, 642 &TeecSession, 643 TeecUuid, 644 TEEC_LOGIN_PUBLIC, 645 NULL, 646 NULL, 647 &ErrorOrigin); 648 if (TeecResult != TEEC_SUCCESS) 649 return TeecResult; 650 651 TeecOperation.params[0].value.a = byte_off; 652 653 TEEC_SharedMemory SharedMem = {0}; 654 655 SharedMem.size = byte_len; 656 SharedMem.flags = 0; 657 658 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem); 659 if (TeecResult != TEEC_SUCCESS) 660 goto exit; 661 662 TeecOperation.params[1].tmpref.buffer = SharedMem.buffer; 663 TeecOperation.params[1].tmpref.size = SharedMem.size; 664 665 memcpy(SharedMem.buffer, byte_buf, SharedMem.size); 666 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 667 TEEC_MEMREF_TEMP_INPUT, 668 TEEC_NONE, 669 TEEC_NONE); 670 671 TeecResult = TEEC_InvokeCommand(&TeecSession, 672 STORAGE_CMD_WRITE_OEM_NS_OTP, 673 &TeecOperation, 674 &ErrorOrigin); 675 if (TeecResult != TEEC_SUCCESS) 676 goto exit; 677 678 exit: 679 TEEC_ReleaseSharedMemory(&SharedMem); 680 TEEC_CloseSession(&TeecSession); 681 TEEC_FinalizeContext(&TeecContext); 682 683 return TeecResult; 684 } 685 686 uint32_t trusty_read_oem_ns_otp(uint32_t byte_off, uint8_t *byte_buf, uint32_t byte_len) 687 { 688 TEEC_Result TeecResult; 689 TEEC_Context TeecContext; 690 TEEC_Session TeecSession; 691 uint32_t ErrorOrigin; 692 693 TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 694 { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 695 TEEC_UUID *TeecUuid = &tempuuid; 696 TEEC_Operation TeecOperation = {0}; 697 698 TeecResult = OpteeClientApiLibInitialize(); 699 if (TeecResult != TEEC_SUCCESS) 700 return TeecResult; 701 702 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 703 if (TeecResult != TEEC_SUCCESS) 704 return TeecResult; 705 706 TeecResult = TEEC_OpenSession(&TeecContext, 707 &TeecSession, 708 TeecUuid, 709 TEEC_LOGIN_PUBLIC, 710 NULL, 711 NULL, 712 &ErrorOrigin); 713 if (TeecResult != TEEC_SUCCESS) 714 return TeecResult; 715 716 TeecOperation.params[0].value.a = byte_off; 717 718 TEEC_SharedMemory SharedMem = {0}; 719 720 SharedMem.size = byte_len; 721 SharedMem.flags = 0; 722 723 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem); 724 if (TeecResult != TEEC_SUCCESS) 725 goto exit; 726 727 TeecOperation.params[1].tmpref.buffer = SharedMem.buffer; 728 TeecOperation.params[1].tmpref.size = SharedMem.size; 729 730 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 731 TEEC_MEMREF_TEMP_OUTPUT, 732 TEEC_NONE, 733 TEEC_NONE); 734 735 TeecResult = TEEC_InvokeCommand(&TeecSession, 736 STORAGE_CMD_READ_OEM_NS_OTP, 737 &TeecOperation, 738 &ErrorOrigin); 739 if (TeecResult != TEEC_SUCCESS) 740 goto exit; 741 742 memcpy(byte_buf, SharedMem.buffer, SharedMem.size); 743 744 exit: 745 TEEC_ReleaseSharedMemory(&SharedMem); 746 TEEC_CloseSession(&TeecSession); 747 TEEC_FinalizeContext(&TeecContext); 748 749 return TeecResult; 750 } 751 752 uint32_t trusty_write_oem_otp_key(enum RK_OEM_OTP_KEYID key_id, 753 uint8_t *byte_buf, uint32_t byte_len) 754 { 755 TEEC_Result TeecResult; 756 TEEC_Context TeecContext; 757 TEEC_Session TeecSession; 758 uint32_t ErrorOrigin; 759 760 TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 761 { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 762 TEEC_UUID *TeecUuid = &tempuuid; 763 TEEC_Operation TeecOperation = {0}; 764 765 TeecResult = OpteeClientApiLibInitialize(); 766 if (TeecResult != TEEC_SUCCESS) 767 return TeecResult; 768 769 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 770 if (TeecResult != TEEC_SUCCESS) 771 return TeecResult; 772 773 TeecResult = TEEC_OpenSession(&TeecContext, 774 &TeecSession, 775 TeecUuid, 776 TEEC_LOGIN_PUBLIC, 777 NULL, 778 NULL, 779 &ErrorOrigin); 780 if (TeecResult != TEEC_SUCCESS) 781 return TeecResult; 782 783 TeecOperation.params[0].value.a = key_id; 784 785 TEEC_SharedMemory SharedMem = {0}; 786 787 SharedMem.size = byte_len; 788 SharedMem.flags = 0; 789 790 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem); 791 if (TeecResult != TEEC_SUCCESS) 792 goto exit; 793 794 TeecOperation.params[1].tmpref.buffer = SharedMem.buffer; 795 TeecOperation.params[1].tmpref.size = SharedMem.size; 796 797 memcpy(SharedMem.buffer, byte_buf, SharedMem.size); 798 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 799 TEEC_MEMREF_TEMP_INPUT, 800 TEEC_NONE, 801 TEEC_NONE); 802 803 TeecResult = TEEC_InvokeCommand(&TeecSession, 804 STORAGE_CMD_WRITE_OEM_OTP_KEY, 805 &TeecOperation, 806 &ErrorOrigin); 807 if (TeecResult != TEEC_SUCCESS) 808 goto exit; 809 810 exit: 811 TEEC_ReleaseSharedMemory(&SharedMem); 812 TEEC_CloseSession(&TeecSession); 813 TEEC_FinalizeContext(&TeecContext); 814 815 return TeecResult; 816 } 817 818 uint32_t trusty_set_oem_hr_otp_read_lock(enum RK_OEM_OTP_KEYID key_id) 819 { 820 TEEC_Result TeecResult; 821 TEEC_Context TeecContext; 822 TEEC_Session TeecSession; 823 uint32_t ErrorOrigin; 824 825 TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 826 { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 827 TEEC_UUID *TeecUuid = &tempuuid; 828 TEEC_Operation TeecOperation = {0}; 829 830 TeecResult = OpteeClientApiLibInitialize(); 831 if (TeecResult != TEEC_SUCCESS) 832 return TeecResult; 833 834 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 835 if (TeecResult != TEEC_SUCCESS) 836 return TeecResult; 837 838 TeecResult = TEEC_OpenSession(&TeecContext, 839 &TeecSession, 840 TeecUuid, 841 TEEC_LOGIN_PUBLIC, 842 NULL, 843 NULL, 844 &ErrorOrigin); 845 if (TeecResult != TEEC_SUCCESS) 846 return TeecResult; 847 848 TeecOperation.params[0].value.a = key_id; 849 850 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 851 TEEC_NONE, 852 TEEC_NONE, 853 TEEC_NONE); 854 855 TeecResult = TEEC_InvokeCommand(&TeecSession, 856 STORAGE_CMD_SET_OEM_HR_OTP_READ_LOCK, 857 &TeecOperation, 858 &ErrorOrigin); 859 if (TeecResult != TEEC_SUCCESS) 860 goto exit; 861 862 exit: 863 TEEC_CloseSession(&TeecSession); 864 TEEC_FinalizeContext(&TeecContext); 865 866 return TeecResult; 867 } 868 869 uint32_t trusty_oem_otp_key_cipher(enum RK_OEM_OTP_KEYID key_id, rk_cipher_config *config, 870 uint32_t src_phys_addr, uint32_t dst_phys_addr, 871 uint32_t len) 872 { 873 TEEC_Result TeecResult; 874 TEEC_Context TeecContext; 875 TEEC_Session TeecSession; 876 TEEC_Operation TeecOperation = {0}; 877 uint32_t ErrorOrigin; 878 TEEC_UUID uuid = RK_CRYPTO_SERVICE_UUID; 879 TEEC_SharedMemory SharedMem_config = {0}; 880 881 if (key_id != RK_OEM_OTP_KEY0 && 882 key_id != RK_OEM_OTP_KEY1 && 883 key_id != RK_OEM_OTP_KEY2 && 884 key_id != RK_OEM_OTP_KEY3 && 885 key_id != RK_OEM_OTP_KEY_FW) 886 return TEEC_ERROR_BAD_PARAMETERS; 887 888 if (!config) 889 return TEEC_ERROR_BAD_PARAMETERS; 890 891 if (config->algo != RK_ALGO_AES && config->algo != RK_ALGO_SM4) 892 return TEEC_ERROR_BAD_PARAMETERS; 893 894 if (config->mode >= RK_CIPHER_MODE_XTS) 895 return TEEC_ERROR_BAD_PARAMETERS; 896 897 if (config->operation != RK_MODE_ENCRYPT && 898 config->operation != RK_MODE_DECRYPT) 899 return TEEC_ERROR_BAD_PARAMETERS; 900 901 if (config->key_len != 16 && 902 config->key_len != 24 && 903 config->key_len != 32) 904 return TEEC_ERROR_BAD_PARAMETERS; 905 906 if (key_id == RK_OEM_OTP_KEY_FW && config->key_len != 16) 907 return TEEC_ERROR_BAD_PARAMETERS; 908 909 #if defined(CONFIG_ROCKCHIP_RV1126) 910 if (config->key_len == 24) 911 return TEEC_ERROR_BAD_PARAMETERS; 912 #endif 913 914 if (len % AES_BLOCK_SIZE || 915 len == 0) 916 return TEEC_ERROR_BAD_PARAMETERS; 917 918 if (!src_phys_addr || !dst_phys_addr) 919 return TEEC_ERROR_BAD_PARAMETERS; 920 921 TeecResult = OpteeClientApiLibInitialize(); 922 if (TeecResult != TEEC_SUCCESS) 923 return TeecResult; 924 925 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 926 if (TeecResult != TEEC_SUCCESS) 927 return TeecResult; 928 929 TeecResult = TEEC_OpenSession(&TeecContext, 930 &TeecSession, 931 &uuid, 932 TEEC_LOGIN_PUBLIC, 933 NULL, 934 NULL, 935 &ErrorOrigin); 936 if (TeecResult != TEEC_SUCCESS) 937 goto exit; 938 939 SharedMem_config.size = sizeof(rk_cipher_config); 940 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem_config); 941 if (TeecResult != TEEC_SUCCESS) 942 goto exit; 943 944 memcpy(SharedMem_config.buffer, config, sizeof(rk_cipher_config)); 945 TeecOperation.params[0].value.a = key_id; 946 TeecOperation.params[1].tmpref.buffer = SharedMem_config.buffer; 947 TeecOperation.params[1].tmpref.size = SharedMem_config.size; 948 TeecOperation.params[2].value.a = src_phys_addr; 949 TeecOperation.params[2].value.b = len; 950 TeecOperation.params[3].value.a = dst_phys_addr; 951 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 952 TEEC_MEMREF_TEMP_INPUT, 953 TEEC_VALUE_INPUT, 954 TEEC_VALUE_INPUT); 955 956 crypto_flush_cacheline(src_phys_addr, len); 957 crypto_flush_cacheline(dst_phys_addr, len); 958 959 TeecResult = TEEC_InvokeCommand(&TeecSession, 960 CRYPTO_SERVICE_CMD_OEM_OTP_KEY_PHYS_CIPHER, 961 &TeecOperation, 962 &ErrorOrigin); 963 964 exit: 965 TEEC_ReleaseSharedMemory(&SharedMem_config); 966 TEEC_CloseSession(&TeecSession); 967 TEEC_FinalizeContext(&TeecContext); 968 return TeecResult; 969 } 970 971 uint32_t trusty_attest_dh(uint8_t *dh, uint32_t *dh_size) 972 { 973 TEEC_Result TeecResult; 974 TEEC_Context TeecContext; 975 TEEC_Session TeecSession; 976 uint32_t ErrorOrigin; 977 TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 978 { 0xa8, 0x69, 0x9c, 0xe6, 979 0x88, 0x6c, 0x5d, 0x5d 980 } 981 }; 982 TEEC_UUID *TeecUuid = &tempuuid; 983 TEEC_Operation TeecOperation = {0}; 984 struct blk_desc *dev_desc; 985 dev_desc = rockchip_get_bootdev(); 986 if (!dev_desc) { 987 printf("%s: dev_desc is NULL!\n", __func__); 988 return -TEEC_ERROR_GENERIC; 989 } 990 991 TeecResult = OpteeClientApiLibInitialize(); 992 if (TeecResult != TEEC_SUCCESS) 993 return TeecResult; 994 995 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 996 if (TeecResult != TEEC_SUCCESS) 997 return TeecResult; 998 999 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 1000 TEEC_NONE, 1001 TEEC_NONE, 1002 TEEC_NONE); 1003 /*0 nand or emmc "security" partition , 1 rpmb*/ 1004 if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 1005 TeecOperation.params[0].value.a = 1; 1006 else 1007 TeecOperation.params[0].value.a = 0; 1008 1009 #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 1010 TeecOperation.params[0].value.a = 0; 1011 #endif 1012 1013 TeecResult = TEEC_OpenSession(&TeecContext, 1014 &TeecSession, 1015 TeecUuid, 1016 TEEC_LOGIN_PUBLIC, 1017 NULL, 1018 &TeecOperation, 1019 &ErrorOrigin); 1020 if (TeecResult != TEEC_SUCCESS) 1021 return TeecResult; 1022 1023 TEEC_SharedMemory SharedMem0 = {0}; 1024 1025 SharedMem0.size = *dh_size; 1026 SharedMem0.flags = 0; 1027 1028 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1029 if (TeecResult != TEEC_SUCCESS) 1030 goto exit; 1031 1032 TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 1033 TeecOperation.params[0].tmpref.size = SharedMem0.size; 1034 1035 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 1036 TEEC_NONE, 1037 TEEC_NONE, 1038 TEEC_NONE); 1039 1040 TeecResult = TEEC_InvokeCommand(&TeecSession, 1041 143, 1042 &TeecOperation, 1043 &ErrorOrigin); 1044 if (TeecResult != TEEC_SUCCESS) 1045 goto exit; 1046 1047 *dh_size = TeecOperation.params[0].tmpref.size; 1048 memcpy(dh, SharedMem0.buffer, SharedMem0.size); 1049 exit: 1050 TEEC_ReleaseSharedMemory(&SharedMem0); 1051 TEEC_CloseSession(&TeecSession); 1052 TEEC_FinalizeContext(&TeecContext); 1053 1054 return TeecResult; 1055 } 1056 1057 uint32_t trusty_attest_uuid(uint8_t *uuid, uint32_t *uuid_size) 1058 { 1059 TEEC_Result TeecResult; 1060 TEEC_Context TeecContext; 1061 TEEC_Session TeecSession; 1062 uint32_t ErrorOrigin; 1063 TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 1064 { 0xa8, 0x69, 0x9c, 0xe6, 1065 0x88, 0x6c, 0x5d, 0x5d 1066 } 1067 }; 1068 TEEC_UUID *TeecUuid = &tempuuid; 1069 TEEC_Operation TeecOperation = {0}; 1070 struct blk_desc *dev_desc; 1071 dev_desc = rockchip_get_bootdev(); 1072 if (!dev_desc) { 1073 printf("%s: dev_desc is NULL!\n", __func__); 1074 return -TEEC_ERROR_GENERIC; 1075 } 1076 1077 TeecResult = OpteeClientApiLibInitialize(); 1078 if (TeecResult != TEEC_SUCCESS) 1079 return TeecResult; 1080 1081 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 1082 if (TeecResult != TEEC_SUCCESS) 1083 return TeecResult; 1084 1085 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 1086 TEEC_NONE, 1087 TEEC_NONE, 1088 TEEC_NONE); 1089 /*0 nand or emmc "security" partition , 1 rpmb*/ 1090 if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 1091 TeecOperation.params[0].value.a = 1; 1092 else 1093 TeecOperation.params[0].value.a = 0; 1094 1095 #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 1096 TeecOperation.params[0].value.a = 0; 1097 #endif 1098 1099 TeecResult = TEEC_OpenSession(&TeecContext, 1100 &TeecSession, 1101 TeecUuid, 1102 TEEC_LOGIN_PUBLIC, 1103 NULL, 1104 &TeecOperation, 1105 &ErrorOrigin); 1106 if (TeecResult != TEEC_SUCCESS) 1107 return TeecResult; 1108 1109 TEEC_SharedMemory SharedMem0 = {0}; 1110 1111 SharedMem0.size = *uuid_size; 1112 SharedMem0.flags = 0; 1113 1114 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1115 if (TeecResult != TEEC_SUCCESS) 1116 goto exit; 1117 1118 TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 1119 TeecOperation.params[0].tmpref.size = SharedMem0.size; 1120 1121 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 1122 TEEC_NONE, 1123 TEEC_NONE, 1124 TEEC_NONE); 1125 1126 TeecResult = TEEC_InvokeCommand(&TeecSession, 1127 144, 1128 &TeecOperation, 1129 &ErrorOrigin); 1130 if (TeecResult != TEEC_SUCCESS) 1131 goto exit; 1132 1133 *uuid_size = TeecOperation.params[0].tmpref.size; 1134 memcpy(uuid, SharedMem0.buffer, SharedMem0.size); 1135 exit: 1136 TEEC_ReleaseSharedMemory(&SharedMem0); 1137 TEEC_CloseSession(&TeecSession); 1138 TEEC_FinalizeContext(&TeecContext); 1139 1140 return TeecResult; 1141 } 1142 1143 uint32_t trusty_attest_get_ca(uint8_t *operation_start, 1144 uint32_t *operation_size, 1145 uint8_t *out, 1146 uint32_t *out_len) 1147 { 1148 TEEC_Result TeecResult; 1149 TEEC_Context TeecContext; 1150 TEEC_Session TeecSession; 1151 uint32_t ErrorOrigin; 1152 1153 TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 1154 { 0xa8, 0x69, 0x9c, 0xe6, 1155 0x88, 0x6c, 0x5d, 0x5d 1156 } 1157 }; 1158 1159 TEEC_UUID *TeecUuid = &tempuuid; 1160 TEEC_Operation TeecOperation = {0}; 1161 struct blk_desc *dev_desc; 1162 dev_desc = rockchip_get_bootdev(); 1163 if (!dev_desc) { 1164 printf("%s: dev_desc is NULL!\n", __func__); 1165 return -TEEC_ERROR_GENERIC; 1166 } 1167 1168 TeecResult = OpteeClientApiLibInitialize(); 1169 if (TeecResult != TEEC_SUCCESS) 1170 return TeecResult; 1171 1172 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 1173 if (TeecResult != TEEC_SUCCESS) 1174 return TeecResult; 1175 1176 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 1177 TEEC_NONE, 1178 TEEC_NONE, 1179 TEEC_NONE); 1180 /*0 nand or emmc "security" partition , 1 rpmb*/ 1181 if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 1182 TeecOperation.params[0].value.a = 1; 1183 else 1184 TeecOperation.params[0].value.a = 0; 1185 1186 #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 1187 TeecOperation.params[0].value.a = 0; 1188 #endif 1189 1190 TeecResult = TEEC_OpenSession(&TeecContext, 1191 &TeecSession, 1192 TeecUuid, 1193 TEEC_LOGIN_PUBLIC, 1194 NULL, 1195 &TeecOperation, 1196 &ErrorOrigin); 1197 if (TeecResult != TEEC_SUCCESS) 1198 return TeecResult; 1199 1200 TEEC_SharedMemory SharedMem0 = {0}; 1201 1202 SharedMem0.size = *operation_size; 1203 SharedMem0.flags = 0; 1204 1205 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1206 if (TeecResult != TEEC_SUCCESS) 1207 goto exit; 1208 1209 memcpy(SharedMem0.buffer, operation_start, SharedMem0.size); 1210 1211 TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 1212 TeecOperation.params[0].tmpref.size = SharedMem0.size; 1213 1214 TEEC_SharedMemory SharedMem1 = {0}; 1215 1216 SharedMem1.size = *out_len; 1217 SharedMem1.flags = 0; 1218 1219 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem1); 1220 if (TeecResult != TEEC_SUCCESS) 1221 goto exit; 1222 1223 TeecOperation.params[1].tmpref.buffer = SharedMem1.buffer; 1224 TeecOperation.params[1].tmpref.size = SharedMem1.size; 1225 1226 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 1227 TEEC_MEMREF_TEMP_INOUT, 1228 TEEC_NONE, 1229 TEEC_NONE); 1230 1231 TeecResult = TEEC_InvokeCommand(&TeecSession, 1232 145, 1233 &TeecOperation, 1234 &ErrorOrigin); 1235 if (TeecResult != TEEC_SUCCESS) 1236 goto exit; 1237 1238 *out_len = TeecOperation.params[1].tmpref.size; 1239 memcpy(out, SharedMem1.buffer, SharedMem1.size); 1240 exit: 1241 TEEC_ReleaseSharedMemory(&SharedMem0); 1242 TEEC_ReleaseSharedMemory(&SharedMem1); 1243 TEEC_CloseSession(&TeecSession); 1244 TEEC_FinalizeContext(&TeecContext); 1245 1246 return TeecResult; 1247 } 1248 1249 uint32_t trusty_attest_set_ca(uint8_t *ca_response, uint32_t *ca_response_size) 1250 { 1251 TEEC_Result TeecResult; 1252 TEEC_Context TeecContext; 1253 TEEC_Session TeecSession; 1254 uint32_t ErrorOrigin; 1255 TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 1256 { 0xa8, 0x69, 0x9c, 0xe6, 1257 0x88, 0x6c, 0x5d, 0x5d 1258 } 1259 }; 1260 TEEC_UUID *TeecUuid = &tempuuid; 1261 TEEC_Operation TeecOperation = {0}; 1262 struct blk_desc *dev_desc; 1263 dev_desc = rockchip_get_bootdev(); 1264 if (!dev_desc) { 1265 printf("%s: dev_desc is NULL!\n", __func__); 1266 return -TEEC_ERROR_GENERIC; 1267 } 1268 TeecResult = OpteeClientApiLibInitialize(); 1269 if (TeecResult != TEEC_SUCCESS) 1270 return TeecResult; 1271 1272 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 1273 if (TeecResult != TEEC_SUCCESS) 1274 return TeecResult; 1275 1276 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 1277 TEEC_NONE, 1278 TEEC_NONE, 1279 TEEC_NONE); 1280 /*0 nand or emmc "security" partition , 1 rpmb*/ 1281 if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 1282 TeecOperation.params[0].value.a = 1; 1283 else 1284 TeecOperation.params[0].value.a = 0; 1285 1286 #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 1287 TeecOperation.params[0].value.a = 0; 1288 #endif 1289 1290 TeecResult = TEEC_OpenSession(&TeecContext, 1291 &TeecSession, 1292 TeecUuid, 1293 TEEC_LOGIN_PUBLIC, 1294 NULL, 1295 &TeecOperation, 1296 &ErrorOrigin); 1297 if (TeecResult != TEEC_SUCCESS) 1298 return TeecResult; 1299 1300 TEEC_SharedMemory SharedMem0 = {0}; 1301 1302 SharedMem0.size = *ca_response_size; 1303 SharedMem0.flags = 0; 1304 1305 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1306 if (TeecResult != TEEC_SUCCESS) 1307 goto exit; 1308 1309 memcpy(SharedMem0.buffer, ca_response, SharedMem0.size); 1310 1311 TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 1312 TeecOperation.params[0].tmpref.size = SharedMem0.size; 1313 1314 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 1315 TEEC_NONE, 1316 TEEC_NONE, 1317 TEEC_NONE); 1318 1319 TeecResult = TEEC_InvokeCommand(&TeecSession, 1320 146, 1321 &TeecOperation, 1322 &ErrorOrigin); 1323 if (TeecResult != TEEC_SUCCESS) 1324 goto exit; 1325 exit: 1326 TEEC_ReleaseSharedMemory(&SharedMem0); 1327 TEEC_CloseSession(&TeecSession); 1328 TEEC_FinalizeContext(&TeecContext); 1329 1330 return TeecResult; 1331 } 1332