1 /* 2 * Copyright 2017, Rockchip Electronics Co., Ltd 3 * hisping lin, <hisping.lin@rock-chips.com> 4 * 5 * SPDX-License-Identifier: GPL-2.0+ 6 */ 7 8 #include <common.h> 9 #include <optee_include/OpteeClientInterface.h> 10 #include <optee_include/OpteeClientApiLib.h> 11 #include <optee_include/tee_client_api.h> 12 #include <optee_include/tee_api_defines.h> 13 #include <boot_rkimg.h> 14 #include <stdlib.h> 15 #include <attestation_key.h> 16 17 #define BOOT_FROM_EMMC (1 << 1) 18 #define STORAGE_CMD_READ_ATTRIBUTE_HASH 0 19 #define STORAGE_CMD_WRITE_ATTRIBUTE_HASH 1 20 #define STORAGE_CMD_UBOOT_END_OTP 2 21 #define STORAGE_CMD_READ_VBOOTKEY_HASH 3 22 #define STORAGE_CMD_WRITE_VBOOTKEY_HASH 4 23 #define STORAGE_CMD_READ_ENABLE_FLAG 5 24 #define STORAGE_CMD_WRITE_TA_ENCRYPTION_KEY 9 25 #define STORAGE_CMD_CHECK_SECURITY_LEVEL_FLAG 10 26 #define STORAGE_CMD_WRITE_OEM_HUK 11 27 #define STORAGE_CMD_WRITE_OEM_NS_OTP 12 28 #define STORAGE_CMD_READ_OEM_NS_OTP 13 29 #define STORAGE_CMD_WRITE_OEM_OTP_KEY 14 30 #define STORAGE_CMD_SET_OEM_HR_OTP_READ_LOCK 15 31 32 #define CRYPTO_SERVICE_CMD_OEM_OTP_KEY_CIPHER 0x00000001 33 34 #define RK_CRYPTO_SERVICE_UUID { 0x0cacdb5d, 0x4fea, 0x466c, \ 35 { 0x97, 0x16, 0x3d, 0x54, 0x16, 0x52, 0x83, 0x0f } } 36 37 static uint8_t b2hs_add_base(uint8_t in) 38 { 39 if (in > 9) 40 return in + 55; 41 else 42 return in + 48; 43 } 44 45 static uint32_t b2hs(uint8_t *b, uint8_t *hs, uint32_t blen, uint32_t hslen) 46 { 47 uint32_t i = 0; 48 49 if (blen * 2 + 1 > hslen) 50 return 0; 51 52 for (; i < blen; i++) { 53 hs[i * 2 + 1] = b2hs_add_base(b[i] & 0xf); 54 hs[i * 2] = b2hs_add_base(b[i] >> 4); 55 } 56 hs[blen * 2] = 0; 57 58 return blen * 2; 59 } 60 61 static uint32_t trusty_base_write_security_data(char *filename, 62 uint32_t filename_size, 63 uint8_t *data, 64 uint32_t data_size) 65 { 66 TEEC_Result TeecResult; 67 TEEC_Context TeecContext; 68 TEEC_Session TeecSession; 69 uint32_t ErrorOrigin; 70 TEEC_UUID tempuuid = { 0x1b484ea5, 0x698b, 0x4142, 71 { 0x82, 0xb8, 0x3a, 0xcf, 0x16, 0xe9, 0x9e, 0x2a } }; 72 TEEC_UUID *TeecUuid = &tempuuid; 73 TEEC_Operation TeecOperation = {0}; 74 struct blk_desc *dev_desc; 75 dev_desc = rockchip_get_bootdev(); 76 if (!dev_desc) { 77 printf("%s: dev_desc is NULL!\n", __func__); 78 return -TEEC_ERROR_GENERIC; 79 } 80 81 TeecResult = OpteeClientApiLibInitialize(); 82 if (TeecResult != TEEC_SUCCESS) 83 return TeecResult; 84 85 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 86 if (TeecResult != TEEC_SUCCESS) 87 return TeecResult; 88 89 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 90 TEEC_NONE, 91 TEEC_NONE, 92 TEEC_NONE); 93 /*0 nand or emmc "security" partition , 1 rpmb*/ 94 if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 95 TeecOperation.params[0].value.a = 1; 96 else 97 TeecOperation.params[0].value.a = 0; 98 #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 99 TeecOperation.params[0].value.a = 0; 100 #endif 101 102 TeecResult = TEEC_OpenSession(&TeecContext, 103 &TeecSession, 104 TeecUuid, 105 TEEC_LOGIN_PUBLIC, 106 NULL, 107 &TeecOperation, 108 &ErrorOrigin); 109 if (TeecResult != TEEC_SUCCESS) 110 return TeecResult; 111 112 TEEC_SharedMemory SharedMem0 = {0}; 113 114 SharedMem0.size = filename_size; 115 SharedMem0.flags = 0; 116 117 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 118 if (TeecResult != TEEC_SUCCESS) 119 goto exit; 120 121 memcpy(SharedMem0.buffer, filename, SharedMem0.size); 122 123 TEEC_SharedMemory SharedMem1 = {0}; 124 125 SharedMem1.size = data_size; 126 SharedMem1.flags = 0; 127 128 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem1); 129 if (TeecResult != TEEC_SUCCESS) 130 goto exit; 131 132 memcpy(SharedMem1.buffer, data, SharedMem1.size); 133 134 TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 135 TeecOperation.params[0].tmpref.size = SharedMem0.size; 136 137 TeecOperation.params[1].tmpref.buffer = SharedMem1.buffer; 138 TeecOperation.params[1].tmpref.size = SharedMem1.size; 139 140 141 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT, 142 TEEC_MEMREF_TEMP_INOUT, 143 TEEC_NONE, 144 TEEC_NONE); 145 146 TeecResult = TEEC_InvokeCommand(&TeecSession, 147 1, 148 &TeecOperation, 149 &ErrorOrigin); 150 if (TeecResult != TEEC_SUCCESS) 151 goto exit; 152 exit: 153 TEEC_ReleaseSharedMemory(&SharedMem0); 154 TEEC_ReleaseSharedMemory(&SharedMem1); 155 TEEC_CloseSession(&TeecSession); 156 TEEC_FinalizeContext(&TeecContext); 157 158 return TeecResult; 159 } 160 161 static uint32_t trusty_base_read_security_data(char *filename, 162 uint32_t filename_size, 163 uint8_t *data, 164 uint32_t data_size) 165 { 166 TEEC_Result TeecResult; 167 TEEC_Context TeecContext; 168 TEEC_Session TeecSession; 169 uint32_t ErrorOrigin; 170 TEEC_UUID tempuuid = { 0x1b484ea5, 0x698b, 0x4142, 171 { 0x82, 0xb8, 0x3a, 0xcf, 0x16, 0xe9, 0x9e, 0x2a } }; 172 TEEC_UUID *TeecUuid = &tempuuid; 173 TEEC_Operation TeecOperation = {0}; 174 175 struct blk_desc *dev_desc; 176 dev_desc = rockchip_get_bootdev(); 177 if (!dev_desc) { 178 printf("%s: dev_desc is NULL!\n", __func__); 179 return -TEEC_ERROR_GENERIC; 180 } 181 182 TeecResult = OpteeClientApiLibInitialize(); 183 if (TeecResult != TEEC_SUCCESS) 184 return TeecResult; 185 186 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 187 if (TeecResult != TEEC_SUCCESS) 188 return TeecResult; 189 190 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 191 TEEC_NONE, 192 TEEC_NONE, 193 TEEC_NONE); 194 /*0 nand or emmc "security" partition , 1 rpmb*/ 195 if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 196 TeecOperation.params[0].value.a = 1; 197 else 198 TeecOperation.params[0].value.a = 0; 199 #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 200 TeecOperation.params[0].value.a = 0; 201 #endif 202 203 TeecResult = TEEC_OpenSession(&TeecContext, 204 &TeecSession, 205 TeecUuid, 206 TEEC_LOGIN_PUBLIC, 207 NULL, 208 &TeecOperation, 209 &ErrorOrigin); 210 if (TeecResult != TEEC_SUCCESS) 211 return TeecResult; 212 213 TEEC_SharedMemory SharedMem0 = {0}; 214 215 SharedMem0.size = filename_size; 216 SharedMem0.flags = 0; 217 218 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 219 if (TeecResult != TEEC_SUCCESS) 220 goto exit; 221 222 memcpy(SharedMem0.buffer, filename, SharedMem0.size); 223 224 TEEC_SharedMemory SharedMem1 = {0}; 225 226 SharedMem1.size = data_size; 227 SharedMem1.flags = 0; 228 229 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem1); 230 if (TeecResult != TEEC_SUCCESS) 231 goto exit; 232 233 TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 234 TeecOperation.params[0].tmpref.size = SharedMem0.size; 235 236 TeecOperation.params[1].tmpref.buffer = SharedMem1.buffer; 237 TeecOperation.params[1].tmpref.size = SharedMem1.size; 238 239 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT, 240 TEEC_MEMREF_TEMP_INOUT, 241 TEEC_NONE, 242 TEEC_NONE); 243 244 TeecResult = TEEC_InvokeCommand(&TeecSession, 245 0, 246 &TeecOperation, 247 &ErrorOrigin); 248 if (TeecResult == TEEC_SUCCESS) 249 memcpy(data, SharedMem1.buffer, SharedMem1.size); 250 exit: 251 TEEC_ReleaseSharedMemory(&SharedMem0); 252 TEEC_ReleaseSharedMemory(&SharedMem1); 253 TEEC_CloseSession(&TeecSession); 254 TEEC_FinalizeContext(&TeecContext); 255 256 return TeecResult; 257 } 258 259 static uint32_t trusty_base_end_security_data(void) 260 { 261 TEEC_Result TeecResult; 262 TEEC_Context TeecContext; 263 TEEC_Session TeecSession; 264 uint32_t ErrorOrigin; 265 TEEC_UUID tempuuid = { 0x1b484ea5, 0x698b, 0x4142, 266 { 0x82, 0xb8, 0x3a, 0xcf, 0x16, 0xe9, 0x9e, 0x2a } }; 267 TEEC_UUID *TeecUuid = &tempuuid; 268 TEEC_Operation TeecOperation = {0}; 269 270 TeecResult = OpteeClientApiLibInitialize(); 271 if (TeecResult != TEEC_SUCCESS) 272 return TeecResult; 273 274 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 275 if (TeecResult != TEEC_SUCCESS) 276 return TeecResult; 277 278 TeecResult = TEEC_OpenSession(&TeecContext, 279 &TeecSession, 280 TeecUuid, 281 TEEC_LOGIN_PUBLIC, 282 NULL, 283 NULL, 284 &ErrorOrigin); 285 if (TeecResult != TEEC_SUCCESS) 286 return TeecResult; 287 288 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_NONE, 289 TEEC_NONE, 290 TEEC_NONE, 291 TEEC_NONE); 292 293 TeecResult = TEEC_InvokeCommand(&TeecSession, 294 2, 295 &TeecOperation, 296 &ErrorOrigin); 297 if (TeecResult != TEEC_SUCCESS) 298 goto exit; 299 exit: 300 TEEC_CloseSession(&TeecSession); 301 TEEC_FinalizeContext(&TeecContext); 302 303 return TeecResult; 304 } 305 306 uint32_t trusty_read_rollback_index(uint32_t slot, uint64_t *value) 307 { 308 char hs[9]; 309 310 b2hs((uint8_t *)&slot, (uint8_t *)hs, 4, 9); 311 312 return trusty_base_read_security_data(hs, 8, (uint8_t *)value, 8); 313 } 314 315 uint32_t trusty_write_rollback_index(uint32_t slot, uint64_t value) 316 { 317 char hs[9]; 318 319 b2hs((uint8_t *)&slot, (uint8_t *)hs, 4, 9); 320 321 return trusty_base_write_security_data(hs, 8, (uint8_t *)&value, 8); 322 } 323 324 uint32_t trusty_read_permanent_attributes(uint8_t *attributes, uint32_t size) 325 { 326 return trusty_base_read_security_data("attributes", 327 sizeof("attributes"), attributes, size); 328 } 329 330 uint32_t trusty_write_permanent_attributes(uint8_t *attributes, uint32_t size) 331 { 332 return trusty_base_write_security_data("attributes", 333 sizeof("attributes"), attributes, size); 334 } 335 336 uint32_t trusty_read_permanent_attributes_flag(uint8_t *attributes) 337 { 338 return trusty_base_read_security_data("attributes_flag", 339 sizeof("attributes_flag"), attributes, 1); 340 } 341 342 uint32_t trusty_write_permanent_attributes_flag(uint8_t attributes) 343 { 344 return trusty_base_write_security_data("attributes_flag", 345 sizeof("attributes_flag"), &attributes, 1); 346 } 347 348 uint32_t trusty_read_permanent_attributes_cer(uint8_t *attributes, 349 uint32_t size) 350 { 351 return trusty_base_read_security_data("rsacer", 352 sizeof("rsacer"), attributes, size); 353 } 354 355 uint32_t trusty_write_permanent_attributes_cer(uint8_t *attributes, 356 uint32_t size) 357 { 358 return trusty_base_write_security_data("rsacer", 359 sizeof("rsacer"), attributes, size); 360 } 361 362 uint32_t trusty_read_lock_state(uint8_t *lock_state) 363 { 364 return trusty_base_read_security_data("lock_state", 365 sizeof("lock_state"), lock_state, 1); 366 } 367 368 uint32_t trusty_write_lock_state(uint8_t lock_state) 369 { 370 return trusty_base_write_security_data("lock_state", 371 sizeof("lock_state"), &lock_state, 1); 372 } 373 374 uint32_t trusty_read_flash_lock_state(uint8_t *flash_lock_state) 375 { 376 return trusty_base_read_security_data("flash_lock_state", 377 sizeof("flash_lock_state"), flash_lock_state, 1); 378 } 379 380 uint32_t trusty_write_flash_lock_state(uint8_t flash_lock_state) 381 { 382 return trusty_base_write_security_data("flash_lock_state", 383 sizeof("flash_lock_state"), &flash_lock_state, 1); 384 } 385 386 static uint32_t trusty_base_end_efuse_or_otp(void) 387 { 388 TEEC_Result TeecResult; 389 TEEC_Context TeecContext; 390 TEEC_Session TeecSession; 391 uint32_t ErrorOrigin; 392 TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 393 { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 394 395 TEEC_UUID *TeecUuid = &tempuuid; 396 TEEC_Operation TeecOperation = {0}; 397 398 TeecResult = OpteeClientApiLibInitialize(); 399 if (TeecResult != TEEC_SUCCESS) 400 return TeecResult; 401 402 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 403 if (TeecResult != TEEC_SUCCESS) 404 return TeecResult; 405 406 TeecResult = TEEC_OpenSession(&TeecContext, 407 &TeecSession, 408 TeecUuid, 409 TEEC_LOGIN_PUBLIC, 410 NULL, 411 NULL, 412 &ErrorOrigin); 413 if (TeecResult != TEEC_SUCCESS) 414 return TeecResult; 415 416 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_NONE, 417 TEEC_NONE, 418 TEEC_NONE, 419 TEEC_NONE); 420 421 TeecResult = TEEC_InvokeCommand(&TeecSession, 422 STORAGE_CMD_UBOOT_END_OTP, 423 &TeecOperation, 424 &ErrorOrigin); 425 if (TeecResult != TEEC_SUCCESS) 426 goto exit; 427 exit: 428 TEEC_CloseSession(&TeecSession); 429 TEEC_FinalizeContext(&TeecContext); 430 431 return TeecResult; 432 } 433 434 static uint32_t trusty_base_efuse_or_otp_operation(uint32_t cmd, 435 uint8_t is_write, 436 uint32_t *buf, 437 uint32_t length) 438 { 439 TEEC_Result TeecResult; 440 TEEC_Context TeecContext; 441 TEEC_Session TeecSession; 442 uint32_t ErrorOrigin; 443 444 TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 445 { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 446 TEEC_UUID *TeecUuid = &tempuuid; 447 TEEC_Operation TeecOperation = {0}; 448 449 TeecResult = OpteeClientApiLibInitialize(); 450 if (TeecResult != TEEC_SUCCESS) 451 return TeecResult; 452 453 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 454 if (TeecResult != TEEC_SUCCESS) 455 return TeecResult; 456 457 TeecResult = TEEC_OpenSession(&TeecContext, 458 &TeecSession, 459 TeecUuid, 460 TEEC_LOGIN_PUBLIC, 461 NULL, 462 NULL, 463 &ErrorOrigin); 464 if (TeecResult != TEEC_SUCCESS) 465 return TeecResult; 466 467 TEEC_SharedMemory SharedMem0 = {0}; 468 469 SharedMem0.size = length * sizeof(uint32_t); 470 SharedMem0.flags = 0; 471 472 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 473 if (TeecResult != TEEC_SUCCESS) 474 goto exit; 475 476 TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 477 TeecOperation.params[0].tmpref.size = SharedMem0.size; 478 479 if (is_write) { 480 memcpy(SharedMem0.buffer, buf, SharedMem0.size); 481 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT, 482 TEEC_NONE, 483 TEEC_NONE, 484 TEEC_NONE); 485 486 } else { 487 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_OUTPUT, 488 TEEC_NONE, 489 TEEC_NONE, 490 TEEC_NONE); 491 } 492 493 TeecResult = TEEC_InvokeCommand(&TeecSession, 494 cmd, 495 &TeecOperation, 496 &ErrorOrigin); 497 if (TeecResult != TEEC_SUCCESS) 498 goto exit; 499 500 if (!is_write) 501 memcpy(buf, SharedMem0.buffer, SharedMem0.size); 502 503 exit: 504 TEEC_ReleaseSharedMemory(&SharedMem0); 505 TEEC_CloseSession(&TeecSession); 506 TEEC_FinalizeContext(&TeecContext); 507 508 return TeecResult; 509 } 510 511 uint32_t trusty_read_attribute_hash(uint32_t *buf, uint32_t length) 512 { 513 return trusty_base_efuse_or_otp_operation(STORAGE_CMD_READ_ATTRIBUTE_HASH, 514 false, buf, length); 515 } 516 517 uint32_t trusty_write_attribute_hash(uint32_t *buf, uint32_t length) 518 { 519 return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_ATTRIBUTE_HASH, 520 true, buf, length); 521 } 522 523 uint32_t trusty_notify_optee_uboot_end(void) 524 { 525 TEEC_Result res; 526 527 res = trusty_base_end_security_data(); 528 res |= trusty_base_end_efuse_or_otp(); 529 return res; 530 } 531 532 uint32_t trusty_read_vbootkey_hash(uint32_t *buf, uint32_t length) 533 { 534 return trusty_base_efuse_or_otp_operation(STORAGE_CMD_READ_VBOOTKEY_HASH, 535 false, buf, length); 536 } 537 538 uint32_t trusty_write_vbootkey_hash(uint32_t *buf, uint32_t length) 539 { 540 return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_VBOOTKEY_HASH, 541 true, buf, length); 542 } 543 544 uint32_t trusty_read_vbootkey_enable_flag(uint8_t *flag) 545 { 546 uint32_t bootflag; 547 TEEC_Result TeecResult; 548 549 *flag = 0; 550 551 TeecResult = trusty_base_efuse_or_otp_operation(STORAGE_CMD_READ_ENABLE_FLAG, 552 false, &bootflag, 1); 553 554 if (TeecResult == TEEC_SUCCESS) { 555 #if defined(CONFIG_ROCKCHIP_RK3288) 556 if (bootflag == 0x00000001) 557 *flag = 1; 558 #else 559 if (bootflag == 0x000000FF) 560 *flag = 1; 561 #endif 562 } 563 return TeecResult; 564 } 565 566 uint32_t trusty_write_ta_encryption_key(uint32_t *buf, uint32_t length) 567 { 568 return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_TA_ENCRYPTION_KEY, 569 true, buf, length); 570 } 571 572 uint32_t trusty_check_security_level_flag(uint8_t flag) 573 { 574 uint32_t levelflag; 575 576 levelflag = flag; 577 return trusty_base_efuse_or_otp_operation(STORAGE_CMD_CHECK_SECURITY_LEVEL_FLAG, 578 true, &levelflag, 1); 579 } 580 581 uint32_t trusty_write_oem_huk(uint32_t *buf, uint32_t length) 582 { 583 return trusty_base_efuse_or_otp_operation(STORAGE_CMD_WRITE_OEM_HUK, 584 true, buf, length); 585 } 586 587 void trusty_select_security_level(void) 588 { 589 #if (CONFIG_OPTEE_SECURITY_LEVEL > 0) 590 TEEC_Result TeecResult; 591 592 TeecResult = trusty_check_security_level_flag(CONFIG_OPTEE_SECURITY_LEVEL); 593 if (TeecResult == TEE_ERROR_CANCEL) { 594 run_command("download", 0); 595 return; 596 } 597 598 if (TeecResult == TEEC_SUCCESS) 599 debug("optee select security level success!"); 600 else 601 panic("optee select security level fail!"); 602 603 return; 604 #endif 605 } 606 607 uint32_t trusty_write_oem_ns_otp(uint32_t byte_off, uint8_t *byte_buf, uint32_t byte_len) 608 { 609 TEEC_Result TeecResult; 610 TEEC_Context TeecContext; 611 TEEC_Session TeecSession; 612 uint32_t ErrorOrigin; 613 614 TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 615 { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 616 TEEC_UUID *TeecUuid = &tempuuid; 617 TEEC_Operation TeecOperation = {0}; 618 619 TeecResult = OpteeClientApiLibInitialize(); 620 if (TeecResult != TEEC_SUCCESS) 621 return TeecResult; 622 623 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 624 if (TeecResult != TEEC_SUCCESS) 625 return TeecResult; 626 627 TeecResult = TEEC_OpenSession(&TeecContext, 628 &TeecSession, 629 TeecUuid, 630 TEEC_LOGIN_PUBLIC, 631 NULL, 632 NULL, 633 &ErrorOrigin); 634 if (TeecResult != TEEC_SUCCESS) 635 return TeecResult; 636 637 TeecOperation.params[0].value.a = byte_off; 638 639 TEEC_SharedMemory SharedMem = {0}; 640 641 SharedMem.size = byte_len; 642 SharedMem.flags = 0; 643 644 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem); 645 if (TeecResult != TEEC_SUCCESS) 646 goto exit; 647 648 TeecOperation.params[1].tmpref.buffer = SharedMem.buffer; 649 TeecOperation.params[1].tmpref.size = SharedMem.size; 650 651 memcpy(SharedMem.buffer, byte_buf, SharedMem.size); 652 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 653 TEEC_MEMREF_TEMP_INPUT, 654 TEEC_NONE, 655 TEEC_NONE); 656 657 TeecResult = TEEC_InvokeCommand(&TeecSession, 658 STORAGE_CMD_WRITE_OEM_NS_OTP, 659 &TeecOperation, 660 &ErrorOrigin); 661 if (TeecResult != TEEC_SUCCESS) 662 goto exit; 663 664 exit: 665 TEEC_ReleaseSharedMemory(&SharedMem); 666 TEEC_CloseSession(&TeecSession); 667 TEEC_FinalizeContext(&TeecContext); 668 669 return TeecResult; 670 } 671 672 uint32_t trusty_read_oem_ns_otp(uint32_t byte_off, uint8_t *byte_buf, uint32_t byte_len) 673 { 674 TEEC_Result TeecResult; 675 TEEC_Context TeecContext; 676 TEEC_Session TeecSession; 677 uint32_t ErrorOrigin; 678 679 TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 680 { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 681 TEEC_UUID *TeecUuid = &tempuuid; 682 TEEC_Operation TeecOperation = {0}; 683 684 TeecResult = OpteeClientApiLibInitialize(); 685 if (TeecResult != TEEC_SUCCESS) 686 return TeecResult; 687 688 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 689 if (TeecResult != TEEC_SUCCESS) 690 return TeecResult; 691 692 TeecResult = TEEC_OpenSession(&TeecContext, 693 &TeecSession, 694 TeecUuid, 695 TEEC_LOGIN_PUBLIC, 696 NULL, 697 NULL, 698 &ErrorOrigin); 699 if (TeecResult != TEEC_SUCCESS) 700 return TeecResult; 701 702 TeecOperation.params[0].value.a = byte_off; 703 704 TEEC_SharedMemory SharedMem = {0}; 705 706 SharedMem.size = byte_len; 707 SharedMem.flags = 0; 708 709 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem); 710 if (TeecResult != TEEC_SUCCESS) 711 goto exit; 712 713 TeecOperation.params[1].tmpref.buffer = SharedMem.buffer; 714 TeecOperation.params[1].tmpref.size = SharedMem.size; 715 716 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 717 TEEC_MEMREF_TEMP_OUTPUT, 718 TEEC_NONE, 719 TEEC_NONE); 720 721 TeecResult = TEEC_InvokeCommand(&TeecSession, 722 STORAGE_CMD_READ_OEM_NS_OTP, 723 &TeecOperation, 724 &ErrorOrigin); 725 if (TeecResult != TEEC_SUCCESS) 726 goto exit; 727 728 memcpy(byte_buf, SharedMem.buffer, SharedMem.size); 729 730 exit: 731 TEEC_ReleaseSharedMemory(&SharedMem); 732 TEEC_CloseSession(&TeecSession); 733 TEEC_FinalizeContext(&TeecContext); 734 735 return TeecResult; 736 } 737 738 uint32_t trusty_write_oem_otp_key(enum RK_OEM_OTP_KEYID key_id, 739 uint8_t *byte_buf, uint32_t byte_len) 740 { 741 TEEC_Result TeecResult; 742 TEEC_Context TeecContext; 743 TEEC_Session TeecSession; 744 uint32_t ErrorOrigin; 745 746 TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 747 { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 748 TEEC_UUID *TeecUuid = &tempuuid; 749 TEEC_Operation TeecOperation = {0}; 750 751 TeecResult = OpteeClientApiLibInitialize(); 752 if (TeecResult != TEEC_SUCCESS) 753 return TeecResult; 754 755 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 756 if (TeecResult != TEEC_SUCCESS) 757 return TeecResult; 758 759 TeecResult = TEEC_OpenSession(&TeecContext, 760 &TeecSession, 761 TeecUuid, 762 TEEC_LOGIN_PUBLIC, 763 NULL, 764 NULL, 765 &ErrorOrigin); 766 if (TeecResult != TEEC_SUCCESS) 767 return TeecResult; 768 769 TeecOperation.params[0].value.a = key_id; 770 771 TEEC_SharedMemory SharedMem = {0}; 772 773 SharedMem.size = byte_len; 774 SharedMem.flags = 0; 775 776 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem); 777 if (TeecResult != TEEC_SUCCESS) 778 goto exit; 779 780 TeecOperation.params[1].tmpref.buffer = SharedMem.buffer; 781 TeecOperation.params[1].tmpref.size = SharedMem.size; 782 783 memcpy(SharedMem.buffer, byte_buf, SharedMem.size); 784 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 785 TEEC_MEMREF_TEMP_INPUT, 786 TEEC_NONE, 787 TEEC_NONE); 788 789 TeecResult = TEEC_InvokeCommand(&TeecSession, 790 STORAGE_CMD_WRITE_OEM_OTP_KEY, 791 &TeecOperation, 792 &ErrorOrigin); 793 if (TeecResult != TEEC_SUCCESS) 794 goto exit; 795 796 exit: 797 TEEC_ReleaseSharedMemory(&SharedMem); 798 TEEC_CloseSession(&TeecSession); 799 TEEC_FinalizeContext(&TeecContext); 800 801 return TeecResult; 802 } 803 804 uint32_t trusty_set_oem_hr_otp_read_lock(enum RK_OEM_OTP_KEYID key_id) 805 { 806 TEEC_Result TeecResult; 807 TEEC_Context TeecContext; 808 TEEC_Session TeecSession; 809 uint32_t ErrorOrigin; 810 811 TEEC_UUID tempuuid = { 0x2d26d8a8, 0x5134, 0x4dd8, 812 { 0xb3, 0x2f, 0xb3, 0x4b, 0xce, 0xeb, 0xc4, 0x71 } }; 813 TEEC_UUID *TeecUuid = &tempuuid; 814 TEEC_Operation TeecOperation = {0}; 815 816 TeecResult = OpteeClientApiLibInitialize(); 817 if (TeecResult != TEEC_SUCCESS) 818 return TeecResult; 819 820 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 821 if (TeecResult != TEEC_SUCCESS) 822 return TeecResult; 823 824 TeecResult = TEEC_OpenSession(&TeecContext, 825 &TeecSession, 826 TeecUuid, 827 TEEC_LOGIN_PUBLIC, 828 NULL, 829 NULL, 830 &ErrorOrigin); 831 if (TeecResult != TEEC_SUCCESS) 832 return TeecResult; 833 834 TeecOperation.params[0].value.a = key_id; 835 836 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 837 TEEC_NONE, 838 TEEC_NONE, 839 TEEC_NONE); 840 841 TeecResult = TEEC_InvokeCommand(&TeecSession, 842 STORAGE_CMD_SET_OEM_HR_OTP_READ_LOCK, 843 &TeecOperation, 844 &ErrorOrigin); 845 if (TeecResult != TEEC_SUCCESS) 846 goto exit; 847 848 exit: 849 TEEC_CloseSession(&TeecSession); 850 TEEC_FinalizeContext(&TeecContext); 851 852 return TeecResult; 853 } 854 855 uint32_t trusty_oem_otp_key_cipher(enum RK_OEM_OTP_KEYID key_id, 856 rk_cipher_config *config, 857 uint8_t *src, uint8_t *dest, uint32_t len) 858 { 859 TEEC_Result TeecResult; 860 TEEC_Context TeecContext; 861 TEEC_Session TeecSession; 862 TEEC_Operation TeecOperation = {0}; 863 uint32_t ErrorOrigin; 864 TEEC_UUID uuid = RK_CRYPTO_SERVICE_UUID; 865 TEEC_SharedMemory SharedMem_config = {0}; 866 TEEC_SharedMemory SharedMem_inout = {0}; 867 868 if (key_id >= RK_OEM_OTP_KEYMAX) 869 return TEEC_ERROR_BAD_PARAMETERS; 870 871 if (!config || !src || !dest) 872 return TEEC_ERROR_BAD_PARAMETERS; 873 874 if (config->algo != RK_ALGO_AES && config->algo != RK_ALGO_SM4) 875 return TEEC_ERROR_BAD_PARAMETERS; 876 877 if (config->mode >= RK_CIPHER_MODE_XTS) 878 return TEEC_ERROR_BAD_PARAMETERS; 879 880 if (config->operation != RK_MODE_ENCRYPT && 881 config->operation != RK_MODE_DECRYPT) 882 return TEEC_ERROR_BAD_PARAMETERS; 883 884 if (config->key_len != 16 && 885 config->key_len != 24 && 886 config->key_len != 32) 887 return TEEC_ERROR_BAD_PARAMETERS; 888 889 if (len % AES_BLOCK_SIZE || 890 len > RK_CRYPTO_MAX_DATA_LEN || 891 len == 0) 892 return TEEC_ERROR_BAD_PARAMETERS; 893 894 TeecResult = OpteeClientApiLibInitialize(); 895 if (TeecResult != TEEC_SUCCESS) 896 return TeecResult; 897 898 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 899 if (TeecResult != TEEC_SUCCESS) 900 return TeecResult; 901 902 TeecResult = TEEC_OpenSession(&TeecContext, 903 &TeecSession, 904 &uuid, 905 TEEC_LOGIN_PUBLIC, 906 NULL, 907 NULL, 908 &ErrorOrigin); 909 if (TeecResult != TEEC_SUCCESS) 910 goto exit; 911 912 SharedMem_config.size = sizeof(rk_cipher_config); 913 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem_config); 914 if (TeecResult != TEEC_SUCCESS) 915 goto exit; 916 917 SharedMem_inout.size = len; 918 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem_inout); 919 if (TeecResult != TEEC_SUCCESS) 920 goto exit; 921 922 memcpy(SharedMem_config.buffer, config, sizeof(rk_cipher_config)); 923 memcpy(SharedMem_inout.buffer, src, len); 924 TeecOperation.params[0].value.a = key_id; 925 TeecOperation.params[1].tmpref.buffer = SharedMem_config.buffer; 926 TeecOperation.params[1].tmpref.size = SharedMem_config.size; 927 TeecOperation.params[2].tmpref.buffer = SharedMem_inout.buffer; 928 TeecOperation.params[2].tmpref.size = SharedMem_inout.size; 929 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 930 TEEC_MEMREF_TEMP_INPUT, 931 TEEC_MEMREF_TEMP_INOUT, 932 TEEC_NONE); 933 TeecResult = TEEC_InvokeCommand(&TeecSession, 934 CRYPTO_SERVICE_CMD_OEM_OTP_KEY_CIPHER, 935 &TeecOperation, 936 &ErrorOrigin); 937 if (TeecResult != TEEC_SUCCESS) 938 goto exit; 939 940 memcpy(dest, SharedMem_inout.buffer, SharedMem_inout.size); 941 942 exit: 943 TEEC_ReleaseSharedMemory(&SharedMem_config); 944 TEEC_ReleaseSharedMemory(&SharedMem_inout); 945 TEEC_CloseSession(&TeecSession); 946 TEEC_FinalizeContext(&TeecContext); 947 return TeecResult; 948 } 949 950 uint32_t trusty_attest_dh(uint8_t *dh, uint32_t *dh_size) 951 { 952 TEEC_Result TeecResult; 953 TEEC_Context TeecContext; 954 TEEC_Session TeecSession; 955 uint32_t ErrorOrigin; 956 TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 957 { 0xa8, 0x69, 0x9c, 0xe6, 958 0x88, 0x6c, 0x5d, 0x5d 959 } 960 }; 961 TEEC_UUID *TeecUuid = &tempuuid; 962 TEEC_Operation TeecOperation = {0}; 963 struct blk_desc *dev_desc; 964 dev_desc = rockchip_get_bootdev(); 965 if (!dev_desc) { 966 printf("%s: dev_desc is NULL!\n", __func__); 967 return -TEEC_ERROR_GENERIC; 968 } 969 970 TeecResult = OpteeClientApiLibInitialize(); 971 if (TeecResult != TEEC_SUCCESS) 972 return TeecResult; 973 974 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 975 if (TeecResult != TEEC_SUCCESS) 976 return TeecResult; 977 978 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 979 TEEC_NONE, 980 TEEC_NONE, 981 TEEC_NONE); 982 /*0 nand or emmc "security" partition , 1 rpmb*/ 983 if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 984 TeecOperation.params[0].value.a = 1; 985 else 986 TeecOperation.params[0].value.a = 0; 987 988 #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 989 TeecOperation.params[0].value.a = 0; 990 #endif 991 992 TeecResult = TEEC_OpenSession(&TeecContext, 993 &TeecSession, 994 TeecUuid, 995 TEEC_LOGIN_PUBLIC, 996 NULL, 997 &TeecOperation, 998 &ErrorOrigin); 999 if (TeecResult != TEEC_SUCCESS) 1000 return TeecResult; 1001 1002 TEEC_SharedMemory SharedMem0 = {0}; 1003 1004 SharedMem0.size = *dh_size; 1005 SharedMem0.flags = 0; 1006 1007 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1008 if (TeecResult != TEEC_SUCCESS) 1009 goto exit; 1010 1011 TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 1012 TeecOperation.params[0].tmpref.size = SharedMem0.size; 1013 1014 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 1015 TEEC_NONE, 1016 TEEC_NONE, 1017 TEEC_NONE); 1018 1019 TeecResult = TEEC_InvokeCommand(&TeecSession, 1020 143, 1021 &TeecOperation, 1022 &ErrorOrigin); 1023 if (TeecResult != TEEC_SUCCESS) 1024 goto exit; 1025 1026 *dh_size = TeecOperation.params[0].tmpref.size; 1027 memcpy(dh, SharedMem0.buffer, SharedMem0.size); 1028 exit: 1029 TEEC_ReleaseSharedMemory(&SharedMem0); 1030 TEEC_CloseSession(&TeecSession); 1031 TEEC_FinalizeContext(&TeecContext); 1032 1033 return TeecResult; 1034 } 1035 1036 uint32_t trusty_attest_uuid(uint8_t *uuid, uint32_t *uuid_size) 1037 { 1038 TEEC_Result TeecResult; 1039 TEEC_Context TeecContext; 1040 TEEC_Session TeecSession; 1041 uint32_t ErrorOrigin; 1042 TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 1043 { 0xa8, 0x69, 0x9c, 0xe6, 1044 0x88, 0x6c, 0x5d, 0x5d 1045 } 1046 }; 1047 TEEC_UUID *TeecUuid = &tempuuid; 1048 TEEC_Operation TeecOperation = {0}; 1049 struct blk_desc *dev_desc; 1050 dev_desc = rockchip_get_bootdev(); 1051 if (!dev_desc) { 1052 printf("%s: dev_desc is NULL!\n", __func__); 1053 return -TEEC_ERROR_GENERIC; 1054 } 1055 1056 TeecResult = OpteeClientApiLibInitialize(); 1057 if (TeecResult != TEEC_SUCCESS) 1058 return TeecResult; 1059 1060 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 1061 if (TeecResult != TEEC_SUCCESS) 1062 return TeecResult; 1063 1064 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 1065 TEEC_NONE, 1066 TEEC_NONE, 1067 TEEC_NONE); 1068 /*0 nand or emmc "security" partition , 1 rpmb*/ 1069 if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 1070 TeecOperation.params[0].value.a = 1; 1071 else 1072 TeecOperation.params[0].value.a = 0; 1073 1074 #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 1075 TeecOperation.params[0].value.a = 0; 1076 #endif 1077 1078 TeecResult = TEEC_OpenSession(&TeecContext, 1079 &TeecSession, 1080 TeecUuid, 1081 TEEC_LOGIN_PUBLIC, 1082 NULL, 1083 &TeecOperation, 1084 &ErrorOrigin); 1085 if (TeecResult != TEEC_SUCCESS) 1086 return TeecResult; 1087 1088 TEEC_SharedMemory SharedMem0 = {0}; 1089 1090 SharedMem0.size = *uuid_size; 1091 SharedMem0.flags = 0; 1092 1093 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1094 if (TeecResult != TEEC_SUCCESS) 1095 goto exit; 1096 1097 TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 1098 TeecOperation.params[0].tmpref.size = SharedMem0.size; 1099 1100 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 1101 TEEC_NONE, 1102 TEEC_NONE, 1103 TEEC_NONE); 1104 1105 TeecResult = TEEC_InvokeCommand(&TeecSession, 1106 144, 1107 &TeecOperation, 1108 &ErrorOrigin); 1109 if (TeecResult != TEEC_SUCCESS) 1110 goto exit; 1111 1112 *uuid_size = TeecOperation.params[0].tmpref.size; 1113 memcpy(uuid, SharedMem0.buffer, SharedMem0.size); 1114 exit: 1115 TEEC_ReleaseSharedMemory(&SharedMem0); 1116 TEEC_CloseSession(&TeecSession); 1117 TEEC_FinalizeContext(&TeecContext); 1118 1119 return TeecResult; 1120 } 1121 1122 uint32_t trusty_attest_get_ca(uint8_t *operation_start, 1123 uint32_t *operation_size, 1124 uint8_t *out, 1125 uint32_t *out_len) 1126 { 1127 TEEC_Result TeecResult; 1128 TEEC_Context TeecContext; 1129 TEEC_Session TeecSession; 1130 uint32_t ErrorOrigin; 1131 1132 TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 1133 { 0xa8, 0x69, 0x9c, 0xe6, 1134 0x88, 0x6c, 0x5d, 0x5d 1135 } 1136 }; 1137 1138 TEEC_UUID *TeecUuid = &tempuuid; 1139 TEEC_Operation TeecOperation = {0}; 1140 struct blk_desc *dev_desc; 1141 dev_desc = rockchip_get_bootdev(); 1142 if (!dev_desc) { 1143 printf("%s: dev_desc is NULL!\n", __func__); 1144 return -TEEC_ERROR_GENERIC; 1145 } 1146 1147 TeecResult = OpteeClientApiLibInitialize(); 1148 if (TeecResult != TEEC_SUCCESS) 1149 return TeecResult; 1150 1151 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 1152 if (TeecResult != TEEC_SUCCESS) 1153 return TeecResult; 1154 1155 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 1156 TEEC_NONE, 1157 TEEC_NONE, 1158 TEEC_NONE); 1159 /*0 nand or emmc "security" partition , 1 rpmb*/ 1160 if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 1161 TeecOperation.params[0].value.a = 1; 1162 else 1163 TeecOperation.params[0].value.a = 0; 1164 1165 #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 1166 TeecOperation.params[0].value.a = 0; 1167 #endif 1168 1169 TeecResult = TEEC_OpenSession(&TeecContext, 1170 &TeecSession, 1171 TeecUuid, 1172 TEEC_LOGIN_PUBLIC, 1173 NULL, 1174 &TeecOperation, 1175 &ErrorOrigin); 1176 if (TeecResult != TEEC_SUCCESS) 1177 return TeecResult; 1178 1179 TEEC_SharedMemory SharedMem0 = {0}; 1180 1181 SharedMem0.size = *operation_size; 1182 SharedMem0.flags = 0; 1183 1184 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1185 if (TeecResult != TEEC_SUCCESS) 1186 goto exit; 1187 1188 memcpy(SharedMem0.buffer, operation_start, SharedMem0.size); 1189 1190 TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 1191 TeecOperation.params[0].tmpref.size = SharedMem0.size; 1192 1193 TEEC_SharedMemory SharedMem1 = {0}; 1194 1195 SharedMem1.size = *out_len; 1196 SharedMem1.flags = 0; 1197 1198 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem1); 1199 if (TeecResult != TEEC_SUCCESS) 1200 goto exit; 1201 1202 TeecOperation.params[1].tmpref.buffer = SharedMem1.buffer; 1203 TeecOperation.params[1].tmpref.size = SharedMem1.size; 1204 1205 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 1206 TEEC_MEMREF_TEMP_INOUT, 1207 TEEC_NONE, 1208 TEEC_NONE); 1209 1210 TeecResult = TEEC_InvokeCommand(&TeecSession, 1211 145, 1212 &TeecOperation, 1213 &ErrorOrigin); 1214 if (TeecResult != TEEC_SUCCESS) 1215 goto exit; 1216 1217 *out_len = TeecOperation.params[1].tmpref.size; 1218 memcpy(out, SharedMem1.buffer, SharedMem1.size); 1219 exit: 1220 TEEC_ReleaseSharedMemory(&SharedMem0); 1221 TEEC_ReleaseSharedMemory(&SharedMem1); 1222 TEEC_CloseSession(&TeecSession); 1223 TEEC_FinalizeContext(&TeecContext); 1224 1225 return TeecResult; 1226 } 1227 1228 uint32_t trusty_attest_set_ca(uint8_t *ca_response, uint32_t *ca_response_size) 1229 { 1230 TEEC_Result TeecResult; 1231 TEEC_Context TeecContext; 1232 TEEC_Session TeecSession; 1233 uint32_t ErrorOrigin; 1234 TEEC_UUID tempuuid = { 0x258be795, 0xf9ca, 0x40e6, 1235 { 0xa8, 0x69, 0x9c, 0xe6, 1236 0x88, 0x6c, 0x5d, 0x5d 1237 } 1238 }; 1239 TEEC_UUID *TeecUuid = &tempuuid; 1240 TEEC_Operation TeecOperation = {0}; 1241 struct blk_desc *dev_desc; 1242 dev_desc = rockchip_get_bootdev(); 1243 if (!dev_desc) { 1244 printf("%s: dev_desc is NULL!\n", __func__); 1245 return -TEEC_ERROR_GENERIC; 1246 } 1247 TeecResult = OpteeClientApiLibInitialize(); 1248 if (TeecResult != TEEC_SUCCESS) 1249 return TeecResult; 1250 1251 TeecResult = TEEC_InitializeContext(NULL, &TeecContext); 1252 if (TeecResult != TEEC_SUCCESS) 1253 return TeecResult; 1254 1255 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT, 1256 TEEC_NONE, 1257 TEEC_NONE, 1258 TEEC_NONE); 1259 /*0 nand or emmc "security" partition , 1 rpmb*/ 1260 if (dev_desc->if_type == IF_TYPE_MMC && dev_desc->devnum == 0) 1261 TeecOperation.params[0].value.a = 1; 1262 else 1263 TeecOperation.params[0].value.a = 0; 1264 1265 #ifdef CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION 1266 TeecOperation.params[0].value.a = 0; 1267 #endif 1268 1269 TeecResult = TEEC_OpenSession(&TeecContext, 1270 &TeecSession, 1271 TeecUuid, 1272 TEEC_LOGIN_PUBLIC, 1273 NULL, 1274 &TeecOperation, 1275 &ErrorOrigin); 1276 if (TeecResult != TEEC_SUCCESS) 1277 return TeecResult; 1278 1279 TEEC_SharedMemory SharedMem0 = {0}; 1280 1281 SharedMem0.size = *ca_response_size; 1282 SharedMem0.flags = 0; 1283 1284 TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0); 1285 if (TeecResult != TEEC_SUCCESS) 1286 goto exit; 1287 1288 memcpy(SharedMem0.buffer, ca_response, SharedMem0.size); 1289 1290 TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer; 1291 TeecOperation.params[0].tmpref.size = SharedMem0.size; 1292 1293 TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INOUT, 1294 TEEC_NONE, 1295 TEEC_NONE, 1296 TEEC_NONE); 1297 1298 TeecResult = TEEC_InvokeCommand(&TeecSession, 1299 146, 1300 &TeecOperation, 1301 &ErrorOrigin); 1302 if (TeecResult != TEEC_SUCCESS) 1303 goto exit; 1304 exit: 1305 TEEC_ReleaseSharedMemory(&SharedMem0); 1306 TEEC_CloseSession(&TeecSession); 1307 TEEC_FinalizeContext(&TeecContext); 1308 1309 return TeecResult; 1310 } 1311