1 // SPDX-License-Identifier: GPL-2.0+
3 * Copyright (C) 2018 Linaro Limited
7 #include <sandboxtee.h>
9 #include <tee/optee_ta_avb.h>
10 #include <tee/optee_ta_rpc_test.h>
11 #include <tee/optee_ta_scp03.h>
13 #include "optee/optee_msg.h"
14 #include "optee/optee_private.h"
17 * The sandbox tee driver tries to emulate a generic Trusted Exectution
18 * Environment (TEE) with the Trusted Applications (TA) OPTEE_TA_AVB and
19 * OPTEE_TA_RPC_TEST available.
22 static const u32 pstorage_max = 16;
24 * struct ta_entry - TA entries
25 * @uuid: UUID of an emulated TA
26 * @open_session Called when a session is openened to the TA
27 * @invoke_func Called when a function in the TA is to be invoked
29 * This struct is used to register TAs in this sandbox emulation of a TEE.
32 struct tee_optee_ta_uuid uuid;
33 u32 (*open_session)(struct udevice *dev, uint num_params,
34 struct tee_param *params);
35 u32 (*invoke_func)(struct udevice *dev,
36 u32 func, uint num_params,
37 struct tee_param *params);
40 static int get_msg_arg(struct udevice *dev, uint num_params,
41 struct tee_shm **shmp, struct optee_msg_arg **msg_arg)
44 struct optee_msg_arg *ma;
46 rc = __tee_shm_add(dev, OPTEE_MSG_NONCONTIG_PAGE_SIZE, NULL,
47 OPTEE_MSG_GET_ARG_SIZE(num_params), TEE_SHM_ALLOC,
53 memset(ma, 0, OPTEE_MSG_GET_ARG_SIZE(num_params));
54 ma->num_params = num_params;
60 void *optee_alloc_and_init_page_list(void *buf, ulong len,
64 * An empty stub is added just to fix linking issues.
65 * This function isn't supposed to be called in sandbox
66 * setup, otherwise replace this with a proper
67 * implementation from optee/core.c
72 #if defined(CONFIG_OPTEE_TA_SCP03) || defined(CONFIG_OPTEE_TA_AVB)
73 static u32 get_attr(uint n, uint num_params, struct tee_param *params)
76 return TEE_PARAM_ATTR_TYPE_NONE;
78 return params[n].attr;
81 static u32 check_params(u8 p0, u8 p1, u8 p2, u8 p3, uint num_params,
82 struct tee_param *params)
84 u8 p[] = { p0, p1, p2, p3 };
87 for (n = 0; n < ARRAY_SIZE(p); n++)
88 if (p[n] != get_attr(n, num_params, params))
91 for (; n < num_params; n++)
92 if (get_attr(n, num_params, params))
98 printf("Bad param attrs\n");
100 return TEE_ERROR_BAD_PARAMETERS;
104 #ifdef CONFIG_OPTEE_TA_SCP03
105 static u32 pta_scp03_open_session(struct udevice *dev, uint num_params,
106 struct tee_param *params)
109 * We don't expect additional parameters when opening a session to
112 return check_params(TEE_PARAM_ATTR_TYPE_NONE, TEE_PARAM_ATTR_TYPE_NONE,
113 TEE_PARAM_ATTR_TYPE_NONE, TEE_PARAM_ATTR_TYPE_NONE,
117 static u32 pta_scp03_invoke_func(struct udevice *dev, u32 func, uint num_params,
118 struct tee_param *params)
124 case PTA_CMD_ENABLE_SCP03:
125 res = check_params(TEE_PARAM_ATTR_TYPE_VALUE_INPUT,
126 TEE_PARAM_ATTR_TYPE_NONE,
127 TEE_PARAM_ATTR_TYPE_NONE,
128 TEE_PARAM_ATTR_TYPE_NONE,
138 if (params[0].u.value.a)
142 return TEE_ERROR_NOT_SUPPORTED;
147 #ifdef CONFIG_OPTEE_TA_AVB
148 static u32 ta_avb_open_session(struct udevice *dev, uint num_params,
149 struct tee_param *params)
152 * We don't expect additional parameters when opening a session to
155 return check_params(TEE_PARAM_ATTR_TYPE_NONE, TEE_PARAM_ATTR_TYPE_NONE,
156 TEE_PARAM_ATTR_TYPE_NONE, TEE_PARAM_ATTR_TYPE_NONE,
160 static u32 ta_avb_invoke_func(struct udevice *dev, u32 func, uint num_params,
161 struct tee_param *params)
163 struct sandbox_tee_state *state = dev_get_priv(dev);
164 struct env_entry e, *ep;
173 case TA_AVB_CMD_READ_ROLLBACK_INDEX:
174 res = check_params(TEE_PARAM_ATTR_TYPE_VALUE_INPUT,
175 TEE_PARAM_ATTR_TYPE_VALUE_OUTPUT,
176 TEE_PARAM_ATTR_TYPE_NONE,
177 TEE_PARAM_ATTR_TYPE_NONE,
182 slot = params[0].u.value.a;
183 if (slot >= ARRAY_SIZE(state->ta_avb_rollback_indexes)) {
184 printf("Rollback index slot out of bounds %u\n", slot);
185 return TEE_ERROR_BAD_PARAMETERS;
188 val = state->ta_avb_rollback_indexes[slot];
189 params[1].u.value.a = val >> 32;
190 params[1].u.value.b = val;
193 case TA_AVB_CMD_WRITE_ROLLBACK_INDEX:
194 res = check_params(TEE_PARAM_ATTR_TYPE_VALUE_INPUT,
195 TEE_PARAM_ATTR_TYPE_VALUE_INPUT,
196 TEE_PARAM_ATTR_TYPE_NONE,
197 TEE_PARAM_ATTR_TYPE_NONE,
202 slot = params[0].u.value.a;
203 if (slot >= ARRAY_SIZE(state->ta_avb_rollback_indexes)) {
204 printf("Rollback index slot out of bounds %u\n", slot);
205 return TEE_ERROR_BAD_PARAMETERS;
208 val = (u64)params[1].u.value.a << 32 | params[1].u.value.b;
209 if (val < state->ta_avb_rollback_indexes[slot])
210 return TEE_ERROR_SECURITY;
212 state->ta_avb_rollback_indexes[slot] = val;
215 case TA_AVB_CMD_READ_LOCK_STATE:
216 res = check_params(TEE_PARAM_ATTR_TYPE_VALUE_OUTPUT,
217 TEE_PARAM_ATTR_TYPE_NONE,
218 TEE_PARAM_ATTR_TYPE_NONE,
219 TEE_PARAM_ATTR_TYPE_NONE,
224 params[0].u.value.a = state->ta_avb_lock_state;
227 case TA_AVB_CMD_WRITE_LOCK_STATE:
228 res = check_params(TEE_PARAM_ATTR_TYPE_VALUE_INPUT,
229 TEE_PARAM_ATTR_TYPE_NONE,
230 TEE_PARAM_ATTR_TYPE_NONE,
231 TEE_PARAM_ATTR_TYPE_NONE,
236 if (state->ta_avb_lock_state != params[0].u.value.a) {
237 state->ta_avb_lock_state = params[0].u.value.a;
238 memset(state->ta_avb_rollback_indexes, 0,
239 sizeof(state->ta_avb_rollback_indexes));
243 case TA_AVB_CMD_READ_PERSIST_VALUE:
244 res = check_params(TEE_PARAM_ATTR_TYPE_MEMREF_INPUT,
245 TEE_PARAM_ATTR_TYPE_MEMREF_INOUT,
246 TEE_PARAM_ATTR_TYPE_NONE,
247 TEE_PARAM_ATTR_TYPE_NONE,
252 name = params[0].u.memref.shm->addr;
254 value = params[1].u.memref.shm->addr;
255 value_sz = params[1].u.memref.size;
259 hsearch_r(e, ENV_FIND, &ep, &state->pstorage_htab, 0);
261 return TEE_ERROR_ITEM_NOT_FOUND;
263 value_sz = strlen(ep->data) + 1;
264 memcpy(value, ep->data, value_sz);
267 case TA_AVB_CMD_WRITE_PERSIST_VALUE:
268 res = check_params(TEE_PARAM_ATTR_TYPE_MEMREF_INPUT,
269 TEE_PARAM_ATTR_TYPE_MEMREF_INPUT,
270 TEE_PARAM_ATTR_TYPE_NONE,
271 TEE_PARAM_ATTR_TYPE_NONE,
276 name = params[0].u.memref.shm->addr;
278 value = params[1].u.memref.shm->addr;
279 value_sz = params[1].u.memref.size;
283 hsearch_r(e, ENV_FIND, &ep, &state->pstorage_htab, 0);
285 hdelete_r(e.key, &state->pstorage_htab, 0);
289 hsearch_r(e, ENV_ENTER, &ep, &state->pstorage_htab, 0);
291 return TEE_ERROR_OUT_OF_MEMORY;
296 return TEE_ERROR_NOT_SUPPORTED;
299 #endif /* OPTEE_TA_AVB */
301 #ifdef CONFIG_OPTEE_TA_RPC_TEST
302 static u32 ta_rpc_test_open_session(struct udevice *dev, uint num_params,
303 struct tee_param *params)
306 * We don't expect additional parameters when opening a session to
309 return check_params(TEE_PARAM_ATTR_TYPE_NONE, TEE_PARAM_ATTR_TYPE_NONE,
310 TEE_PARAM_ATTR_TYPE_NONE, TEE_PARAM_ATTR_TYPE_NONE,
314 static void fill_i2c_rpc_params(struct optee_msg_arg *msg_arg, u64 bus_num,
315 u64 chip_addr, u64 xfer_flags, u64 op,
316 struct tee_param_memref memref)
318 msg_arg->params[0].attr = OPTEE_MSG_ATTR_TYPE_VALUE_INPUT;
319 msg_arg->params[1].attr = OPTEE_MSG_ATTR_TYPE_VALUE_INPUT;
320 msg_arg->params[2].attr = OPTEE_MSG_ATTR_TYPE_RMEM_INOUT;
321 msg_arg->params[3].attr = OPTEE_MSG_ATTR_TYPE_VALUE_OUTPUT;
323 /* trigger I2C services of TEE supplicant */
324 msg_arg->cmd = OPTEE_MSG_RPC_CMD_I2C_TRANSFER;
326 msg_arg->params[0].u.value.a = op;
327 msg_arg->params[0].u.value.b = bus_num;
328 msg_arg->params[0].u.value.c = chip_addr;
329 msg_arg->params[1].u.value.a = xfer_flags;
331 /* buffer to read/write data */
332 msg_arg->params[2].u.rmem.shm_ref = (ulong)memref.shm;
333 msg_arg->params[2].u.rmem.size = memref.size;
334 msg_arg->params[2].u.rmem.offs = memref.shm_offs;
336 msg_arg->num_params = 4;
339 static u32 ta_rpc_test_invoke_func(struct udevice *dev, u32 func,
341 struct tee_param *params)
344 struct tee_param_memref memref_data;
345 struct optee_msg_arg *msg_arg;
346 int chip_addr, bus_num, op, xfer_flags;
349 res = check_params(TEE_PARAM_ATTR_TYPE_VALUE_INPUT,
350 TEE_PARAM_ATTR_TYPE_MEMREF_INOUT,
351 TEE_PARAM_ATTR_TYPE_NONE,
352 TEE_PARAM_ATTR_TYPE_NONE,
355 return TEE_ERROR_BAD_PARAMETERS;
357 bus_num = params[0].u.value.a;
358 chip_addr = params[0].u.value.b;
359 xfer_flags = params[0].u.value.c;
360 memref_data = params[1].u.memref;
363 case TA_RPC_TEST_CMD_I2C_READ:
364 op = OPTEE_MSG_RPC_CMD_I2C_TRANSFER_RD;
366 case TA_RPC_TEST_CMD_I2C_WRITE:
367 op = OPTEE_MSG_RPC_CMD_I2C_TRANSFER_WR;
370 return TEE_ERROR_NOT_SUPPORTED;
374 * Fill params for an RPC call to tee supplicant
376 res = get_msg_arg(dev, 4, &shm, &msg_arg);
380 fill_i2c_rpc_params(msg_arg, bus_num, chip_addr, xfer_flags, op,
383 /* Make an RPC call to tee supplicant */
384 optee_suppl_cmd(dev, shm, 0);
391 #endif /* CONFIG_OPTEE_TA_RPC_TEST */
393 static const struct ta_entry ta_entries[] = {
394 #ifdef CONFIG_OPTEE_TA_AVB
395 { .uuid = TA_AVB_UUID,
396 .open_session = ta_avb_open_session,
397 .invoke_func = ta_avb_invoke_func,
400 #ifdef CONFIG_OPTEE_TA_RPC_TEST
401 { .uuid = TA_RPC_TEST_UUID,
402 .open_session = ta_rpc_test_open_session,
403 .invoke_func = ta_rpc_test_invoke_func,
406 #ifdef CONFIG_OPTEE_TA_SCP03
407 { .uuid = PTA_SCP03_UUID,
408 .open_session = pta_scp03_open_session,
409 .invoke_func = pta_scp03_invoke_func,
414 static void sandbox_tee_get_version(struct udevice *dev,
415 struct tee_version_data *vers)
417 struct tee_version_data v = {
418 .gen_caps = TEE_GEN_CAP_GP | TEE_GEN_CAP_REG_MEM,
424 static int sandbox_tee_close_session(struct udevice *dev, u32 session)
426 struct sandbox_tee_state *state = dev_get_priv(dev);
428 if (!state->ta || state->session != session)
437 static const struct ta_entry *find_ta_entry(u8 uuid[TEE_UUID_LEN])
439 struct tee_optee_ta_uuid u;
442 tee_optee_ta_uuid_from_octets(&u, uuid);
444 for (n = 0; n < ARRAY_SIZE(ta_entries); n++)
445 if (!memcmp(&u, &ta_entries[n].uuid, sizeof(u)))
446 return ta_entries + n;
451 static int sandbox_tee_open_session(struct udevice *dev,
452 struct tee_open_session_arg *arg,
453 uint num_params, struct tee_param *params)
455 struct sandbox_tee_state *state = dev_get_priv(dev);
456 const struct ta_entry *ta;
459 printf("A session is already open\n");
463 ta = find_ta_entry(arg->uuid);
465 printf("Cannot find TA\n");
466 arg->ret = TEE_ERROR_ITEM_NOT_FOUND;
467 arg->ret_origin = TEE_ORIGIN_TEE;
472 arg->ret = ta->open_session(dev, num_params, params);
473 arg->ret_origin = TEE_ORIGIN_TRUSTED_APP;
476 state->ta = (void *)ta;
478 arg->session = state->session;
480 printf("Cannot open session, TA returns error\n");
486 static int sandbox_tee_invoke_func(struct udevice *dev,
487 struct tee_invoke_arg *arg,
488 uint num_params, struct tee_param *params)
490 struct sandbox_tee_state *state = dev_get_priv(dev);
491 struct ta_entry *ta = state->ta;
494 printf("Missing session\n");
499 printf("TA session not available\n");
503 if (arg->session != state->session) {
504 printf("Session mismatch\n");
508 arg->ret = ta->invoke_func(dev, arg->func, num_params, params);
509 arg->ret_origin = TEE_ORIGIN_TRUSTED_APP;
514 static int sandbox_tee_shm_register(struct udevice *dev, struct tee_shm *shm)
516 struct sandbox_tee_state *state = dev_get_priv(dev);
523 static int sandbox_tee_shm_unregister(struct udevice *dev, struct tee_shm *shm)
525 struct sandbox_tee_state *state = dev_get_priv(dev);
532 static int sandbox_tee_remove(struct udevice *dev)
534 struct sandbox_tee_state *state = dev_get_priv(dev);
536 hdestroy_r(&state->pstorage_htab);
541 static int sandbox_tee_probe(struct udevice *dev)
543 struct sandbox_tee_state *state = dev_get_priv(dev);
545 * With this hastable we emulate persistent storage,
546 * which should contain persistent values
547 * between different sessions/command invocations.
549 if (!hcreate_r(pstorage_max, &state->pstorage_htab))
550 return TEE_ERROR_OUT_OF_MEMORY;
555 static const struct tee_driver_ops sandbox_tee_ops = {
556 .get_version = sandbox_tee_get_version,
557 .open_session = sandbox_tee_open_session,
558 .close_session = sandbox_tee_close_session,
559 .invoke_func = sandbox_tee_invoke_func,
560 .shm_register = sandbox_tee_shm_register,
561 .shm_unregister = sandbox_tee_shm_unregister,
564 static const struct udevice_id sandbox_tee_match[] = {
565 { .compatible = "sandbox,tee" },
569 U_BOOT_DRIVER(sandbox_tee) = {
570 .name = "sandbox_tee",
572 .of_match = sandbox_tee_match,
573 .ops = &sandbox_tee_ops,
574 .priv_auto = sizeof(struct sandbox_tee_state),
575 .probe = sandbox_tee_probe,
576 .remove = sandbox_tee_remove,