1 /* SPDX-License-Identifier: GPL-2.0+ */
3 * Copyright (c) 2018 Linaro Limited
9 #include <linux/bitops.h>
10 #include <linux/list.h>
12 #define TEE_UUID_LEN 16
14 #define TEE_GEN_CAP_GP BIT(0) /* GlobalPlatform compliant TEE */
15 #define TEE_GEN_CAP_REG_MEM BIT(1) /* Supports registering shared memory */
17 #define TEE_SHM_REGISTER BIT(0) /* In list of shared memory */
18 #define TEE_SHM_SEC_REGISTER BIT(1) /* TEE notified of this memory */
19 #define TEE_SHM_ALLOC BIT(2) /* The memory is malloced() and must */
22 #define TEE_PARAM_ATTR_TYPE_NONE 0 /* parameter not used */
23 #define TEE_PARAM_ATTR_TYPE_VALUE_INPUT 1
24 #define TEE_PARAM_ATTR_TYPE_VALUE_OUTPUT 2
25 #define TEE_PARAM_ATTR_TYPE_VALUE_INOUT 3 /* input and output */
26 #define TEE_PARAM_ATTR_TYPE_MEMREF_INPUT 5
27 #define TEE_PARAM_ATTR_TYPE_MEMREF_OUTPUT 6
28 #define TEE_PARAM_ATTR_TYPE_MEMREF_INOUT 7 /* input and output */
29 #define TEE_PARAM_ATTR_TYPE_MASK 0xff
30 #define TEE_PARAM_ATTR_META 0x100
31 #define TEE_PARAM_ATTR_MASK (TEE_PARAM_ATTR_TYPE_MASK | \
35 * Global Platform login identifiers for tee_open_session_arg::clnt_login
37 #define TEE_LOGIN_PUBLIC 0x00000000
38 #define TEE_LOGIN_USER 0x00000001
39 #define TEE_LOGIN_GROUP 0x00000002
40 #define TEE_LOGIN_APPLICATION 0x00000004
41 #define TEE_LOGIN_APPLICATION_USER 0x00000005
42 #define TEE_LOGIN_APPLICATION_GROUP 0x00000006
44 * Reserve use of GP implementation specific login method range
45 * (0x80000000 - 0xBFFFFFFF). This range is rather being used
46 * for REE kernel clients or TEE implementation.
48 #define TEE_LOGIN_REE_KERNEL_MIN 0x80000000
49 #define TEE_LOGIN_REE_KERNEL_MAX 0xBFFFFFFF
50 /* Private login method for REE kernel/privileged clients */
51 #define TEE_LOGIN_REE_KERNEL 0x80000000
54 * Some Global Platform error codes which has a meaning if the
55 * TEE_GEN_CAP_GP bit is returned by the driver in
56 * struct tee_version_data::gen_caps
58 #define TEE_SUCCESS 0x00000000
59 #define TEE_ERROR_STORAGE_NOT_AVAILABLE 0xf0100003
60 #define TEE_ERROR_GENERIC 0xffff0000
61 #define TEE_ERROR_BAD_PARAMETERS 0xffff0006
62 #define TEE_ERROR_ITEM_NOT_FOUND 0xffff0008
63 #define TEE_ERROR_NOT_IMPLEMENTED 0xffff0009
64 #define TEE_ERROR_NOT_SUPPORTED 0xffff000a
65 #define TEE_ERROR_COMMUNICATION 0xffff000e
66 #define TEE_ERROR_SECURITY 0xffff000f
67 #define TEE_ERROR_SHORT_BUFFER 0xffff0010
68 #define TEE_ERROR_OUT_OF_MEMORY 0xffff000c
69 #define TEE_ERROR_OVERFLOW 0xffff300f
70 #define TEE_ERROR_TARGET_DEAD 0xffff3024
71 #define TEE_ERROR_STORAGE_NO_SPACE 0xffff3041
73 #define TEE_ORIGIN_COMMS 0x00000002
74 #define TEE_ORIGIN_TEE 0x00000003
75 #define TEE_ORIGIN_TRUSTED_APP 0x00000004
80 * struct tee_optee_ta_uuid - OP-TEE Trusted Application (TA) UUID format
82 * Used to identify an OP-TEE TA and define suitable to initialize structs
83 * of this format is distributed with the interface of the TA. The
84 * individual fields of this struct doesn't have any special meaning in
85 * OP-TEE. See RFC4122 for details on the format.
87 struct tee_optee_ta_uuid {
90 u16 time_hi_and_version;
91 u8 clock_seq_and_node[8];
95 * struct tee_shm - memory shared with the TEE
96 * @dev: The TEE device
97 * @link: List node in the list in struct struct tee_uclass_priv
98 * @addr: Pointer to the shared memory
99 * @size: Size of the the shared memory
100 * @flags: TEE_SHM_* above
104 struct list_head link;
111 * struct tee_param_memref - memory reference for a Trusted Application
112 * @shm_offs: Offset in bytes into the shared memory object @shm
113 * @size: Size in bytes of the memory reference
114 * @shm: Pointer to a shared memory object for the buffer
116 * Used as a part of struct tee_param, see that for more information.
118 struct tee_param_memref {
125 * struct tee_param_value - value parameter for a Trusted Application
126 * @a, @b, @c: Parameters passed by value
128 * Used as a part of struct tee_param, see that for more information.
130 struct tee_param_value {
137 * struct tee_param - invoke parameter for a Trusted Application
139 * @u.memref: Memref parameter if (@attr & TEE_PARAM_ATTR_MASK) is one of
140 * TEE_PARAM_ATTR_TYPE_MEMREF_* above
141 * @u.value: Value parameter if (@attr & TEE_PARAM_ATTR_MASK) is one of
142 * TEE_PARAM_ATTR_TYPE_VALUE_* above
144 * Parameters to TA are passed using an array of this struct, for
145 * flexibility both value parameters and memory refereces can be used.
150 struct tee_param_memref memref;
151 struct tee_param_value value;
156 * struct tee_open_session_arg - extra arguments for tee_open_session()
157 * @uuid: [in] UUID of the Trusted Application
158 * @clnt_uuid: [in] UUID of client, zeroes for PUBLIC/REE_KERNEL
159 * @clnt_login: [in] Class of client TEE_LOGIN_*
160 * @session: [out] Session id
161 * @ret: [out] return value
162 * @ret_origin: [out] origin of the return value
164 struct tee_open_session_arg {
165 u8 uuid[TEE_UUID_LEN];
166 u8 clnt_uuid[TEE_UUID_LEN];
174 * struct tee_invoke_arg - extra arguments for tee_invoke_func()
175 * @func: [in] Trusted Application function, specific to the TA
176 * @session: [in] Session id, from open session
177 * @ret: [out] return value
178 * @ret_origin: [out] origin of the return value
180 struct tee_invoke_arg {
188 * struct tee_version_data - description of TEE
189 * @gen_caps: Generic capabilities, TEE_GEN_CAP_* above
191 struct tee_version_data {
196 * struct tee_driver_ops - TEE driver operations
197 * @get_version: Query capabilities of TEE device,
198 * @open_session: Opens a session to a Trusted Application in the TEE,
199 * @close_session: Closes a session to Trusted Application,
200 * @invoke_func: Invokes a function in a Trusted Application,
201 * @shm_register: Registers memory shared with the TEE
202 * @shm_unregister: Unregisters memory shared with the TEE
204 struct tee_driver_ops {
206 * get_version() - Query capabilities of TEE device
207 * @dev: The TEE device
208 * @vers: Pointer to version data
210 void (*get_version)(struct udevice *dev, struct tee_version_data *vers);
212 * open_session() - Open a session to a Trusted Application
213 * @dev: The TEE device
214 * @arg: Open session arguments
215 * @num_param: Number of elements in @param
216 * @param: Parameters for Trusted Application
218 * Returns < 0 on error else see @arg->ret for result. If @arg->ret is
219 * TEE_SUCCESS the session identifier is available in @arg->session.
221 int (*open_session)(struct udevice *dev,
222 struct tee_open_session_arg *arg, uint num_param,
223 struct tee_param *param);
225 * close_session() - Close a session to a Trusted Application
226 * @dev: The TEE device
227 * @session: Session id
229 * Return < 0 on error else 0, regardless the session will not be valid
230 * after this function has returned.
232 int (*close_session)(struct udevice *dev, u32 session);
234 * tee_invoke_func() - Invoke a function in a Trusted Application
235 * @dev: The TEE device
236 * @arg: Invoke arguments
237 * @num_param: Number of elements in @param
238 * @param: Parameters for Trusted Application
240 * Returns < 0 on error else see @arg->ret for result.
242 int (*invoke_func)(struct udevice *dev, struct tee_invoke_arg *arg,
243 uint num_param, struct tee_param *param);
245 * shm_register() - Registers memory shared with the TEE
246 * @dev: The TEE device
247 * @shm: Pointer to a shared memory object
248 * Returns 0 on success or < 0 on failure.
250 int (*shm_register)(struct udevice *dev, struct tee_shm *shm);
252 * shm_unregister() - Unregisters memory shared with the TEE
253 * @dev: The TEE device
254 * @shm: Pointer to a shared memory object
255 * Returns 0 on success or < 0 on failure.
257 int (*shm_unregister)(struct udevice *dev, struct tee_shm *shm);
261 * __tee_shm_add() - Internal helper function to register shared memory
262 * @dev: The TEE device
263 * @align: Required alignment of allocated memory block if
264 * (@flags & TEE_SHM_ALLOC)
265 * @addr: Address of memory block, ignored if (@flags & TEE_SHM_ALLOC)
266 * @size: Size of memory block
267 * @flags: TEE_SHM_* above
268 * @shmp: If the function return 0, this holds the allocated
271 * returns 0 on success or < 0 on failure.
273 int __tee_shm_add(struct udevice *dev, ulong align, void *addr, ulong size,
274 u32 flags, struct tee_shm **shmp);
277 * tee_shm_alloc() - Allocate shared memory
278 * @dev: The TEE device
279 * @size: Size of memory block
280 * @flags: TEE_SHM_* above
281 * @shmp: If the function return 0, this holds the allocated
284 * returns 0 on success or < 0 on failure.
286 int tee_shm_alloc(struct udevice *dev, ulong size, u32 flags,
287 struct tee_shm **shmp);
290 * tee_shm_register() - Registers shared memory
291 * @dev: The TEE device
292 * @addr: Address of memory block
293 * @size: Size of memory block
294 * @flags: TEE_SHM_* above
295 * @shmp: If the function return 0, this holds the allocated
298 * returns 0 on success or < 0 on failure.
300 int tee_shm_register(struct udevice *dev, void *addr, ulong size, u32 flags,
301 struct tee_shm **shmp);
304 * tee_shm_free() - Frees shared memory
305 * @shm: Shared memory object
307 void tee_shm_free(struct tee_shm *shm);
310 * tee_shm_is_registered() - Check register status of shared memory object
311 * @shm: Pointer to shared memory object
312 * @dev: The TEE device
314 * Returns true if the shared memory object is registered for the supplied
317 bool tee_shm_is_registered(struct tee_shm *shm, struct udevice *dev);
320 * tee_find_device() - Look up a TEE device
321 * @start: if not NULL, continue search after this device
322 * @match: function to check TEE device, returns != 0 if the device
324 * @data: data for match function
325 * @vers: if not NULL, version data of TEE device of the device returned
327 * Returns a probed TEE device of the first TEE device matched by the
328 * match() callback or NULL.
330 #if CONFIG_IS_ENABLED(TEE)
331 struct udevice *tee_find_device(struct udevice *start,
332 int (*match)(struct tee_version_data *vers,
335 struct tee_version_data *vers);
337 static inline struct udevice *tee_find_device(struct udevice *start,
338 int (*match)(struct tee_version_data *vers,
341 struct tee_version_data *vers)
348 * tee_get_version() - Query capabilities of TEE device
349 * @dev: The TEE device
350 * @vers: Pointer to version data
352 void tee_get_version(struct udevice *dev, struct tee_version_data *vers);
355 * tee_open_session() - Open a session to a Trusted Application
356 * @dev: The TEE device
357 * @arg: Open session arguments
358 * @num_param: Number of elements in @param
359 * @param: Parameters for Trusted Application
361 * Returns < 0 on error else see @arg->ret for result. If @arg->ret is
362 * TEE_SUCCESS the session identifier is available in @arg->session.
364 int tee_open_session(struct udevice *dev, struct tee_open_session_arg *arg,
365 uint num_param, struct tee_param *param);
368 * tee_close_session() - Close a session to a Trusted Application
369 * @dev: The TEE device
370 * @session: Session id
372 * Return < 0 on error else 0, regardless the session will not be valid
373 * after this function has returned.
375 int tee_close_session(struct udevice *dev, u32 session);
378 * tee_invoke_func() - Invoke a function in a Trusted Application
379 * @dev: The TEE device
380 * @arg: Invoke arguments
381 * @num_param: Number of elements in @param
382 * @param: Parameters for Trusted Application
384 * Returns < 0 on error else see @arg->ret for result.
386 int tee_invoke_func(struct udevice *dev, struct tee_invoke_arg *arg,
387 uint num_param, struct tee_param *param);
390 * tee_optee_ta_uuid_from_octets() - Converts to struct tee_optee_ta_uuid
391 * @d: Destination struct
392 * @s: Source UUID octets
394 * Conversion to a struct tee_optee_ta_uuid represantion from binary octet
397 void tee_optee_ta_uuid_from_octets(struct tee_optee_ta_uuid *d,
398 const u8 s[TEE_UUID_LEN]);
401 * tee_optee_ta_uuid_to_octets() - Converts from struct tee_optee_ta_uuid
402 * @d: Destination UUID octets
405 * Conversion from a struct tee_optee_ta_uuid represantion to binary octet
408 void tee_optee_ta_uuid_to_octets(u8 d[TEE_UUID_LEN],
409 const struct tee_optee_ta_uuid *s);
412 * tee_flush_all_shm_dcache() - Flush data cache for all shared memories
413 * @dev: The TEE device
415 void tee_flush_all_shm_dcache(struct udevice *dev);
projects / platform / kernel / u-boot.git / blob