u-boot.git/drivers/tee/optee/supplicant.c, branch master Unnamed repository; edit this file 'description' to name the repository. tee: remove common.h inclusion 2024-04-18T13:04:48+00:00 Igor Opaniuk igor.opaniuk@gmail.com 2024-04-04T13:19:51+00:00 b905599b36e3d8158c5cd045c26278416909b422 The usage of the common.h include file is deprecated [1], and has already been removed from several files. Get rid of all inclusions in the "drivers/tee" directory, and replace it with required include files directly where needed. [1] doc/develop/codingstyle.rst Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Igor Opaniuk <igor.opaniuk@gmail.com> Reviewed-by: Sam Protsenko <semen.protsenko@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
The usage of the common.h include file is deprecated [1], and has already
been removed from several files.
Get rid of all inclusions in the "drivers/tee" directory, and replace it
with required include files directly where needed.

[1] doc/develop/codingstyle.rst

Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Igor Opaniuk <igor.opaniuk@gmail.com>
Reviewed-by: Sam Protsenko <semen.protsenko@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
drivers: tee: i2c trampoline driver 2021-02-16T16:48:20+00:00 Jorge Ramirez-Ortiz jorge@foundries.io 2021-01-25T12:28:40+00:00 4e9635618529e0e404b641e155513ad7f313f423 This commit gives the secure world access to the I2C bus so it can communicate with I2C slaves (typically those would be secure elements like the NXP SE050). A similar service implementation has been merged in linux: c05210ab ("drivers: optee: allow op-tee to access devices on the i2c bus") Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> 
This commit gives the secure world access to the I2C bus so it can
communicate with I2C slaves (typically those would be secure elements
like the NXP SE050).

A similar service implementation has been merged in linux:
c05210ab ("drivers: optee: allow op-tee to access devices on the i2c
bus")

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
dm: core: Create a new header file for 'compat' features 2020-02-06T02:33:46+00:00 Simon Glass sjg@chromium.org 2020-02-03T14:36:16+00:00 336d4615f8fa774557d14f9b3245daa9e5fe3dbc At present dm/device.h includes the linux-compatible features. This requires including linux/compat.h which in turn includes a lot of headers. One of these is malloc.h which we thus end up including in every file in U-Boot. Apart from the inefficiency of this, it is problematic for sandbox which needs to use the system malloc() in some files. Move the compatibility features into a separate header file. Signed-off-by: Simon Glass <sjg@chromium.org> 
At present dm/device.h includes the linux-compatible features. This
requires including linux/compat.h which in turn includes a lot of headers.
One of these is malloc.h which we thus end up including in every file in
U-Boot. Apart from the inefficiency of this, it is problematic for sandbox
which needs to use the system malloc() in some files.

Move the compatibility features into a separate header file.

Signed-off-by: Simon Glass <sjg@chromium.org>
tee: change return code for REE FS supplicant cmd 2018-12-15T16:49:19+00:00 Igor Opaniuk igor.opaniuk@linaro.org 2018-12-04T12:37:19+00:00 8b1312662b3b1748c3d5f8a30bc6f9ca72879c7a If OP-TEE core is compiled with support of REE FS and RPMB at the same time (CFG_RPMB_FS ?= y; CFG_RPMB_FS ?= y), and persistent storage API is used with TEE_STORAGE_PRIVATE storage id, it will lead to TA panic. E/TC:? 0 TA panicked with code 0xffff0009 ..... E/TC:? 0 Call stack: E/TC:? 0 0x000000004002f2f8 TEE_OpenPersistentObject at lib/libutee/tee_api_objects.c:422 In this particular case TEE_ERROR_STORAGE_NOT_AVAILABLE is more suitable than TEE_ERROR_NOT_IMPLEMENTED, as it provides to a TA a possibility to handle this error code [1]. >From GPD TEE Internal Core specification [2]: TEE_ERROR_STORAGE_NOT_AVAILABLE - if the persistent object is stored in a storage area which is currently inaccessible. It may be associated with the device but unplugged, busy, or inaccessible for some other reason. [1]: https://github.com/OP-TEE/optee_os/blob/94db01ef448d1e552161c2d861d57a5f8bda0cc0/lib/libutee/tee_api_objects.c#L419 [2]: https://globalplatform.org/wp-content/uploads/2018/06/GPD_TEE_Internal_Core_API_Specification_v1.1.2.50_PublicReview.pdf Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> 
If OP-TEE core is compiled with support of REE FS and RPMB
at the same time (CFG_RPMB_FS ?= y; CFG_RPMB_FS ?= y), and persistent
storage API is used with TEE_STORAGE_PRIVATE storage id, it will
lead to TA panic.

E/TC:? 0 TA panicked with code 0xffff0009
.....
E/TC:? 0 Call stack:
E/TC:? 0  0x000000004002f2f8 TEE_OpenPersistentObject at
lib/libutee/tee_api_objects.c:422

In this particular case TEE_ERROR_STORAGE_NOT_AVAILABLE is more suitable
than TEE_ERROR_NOT_IMPLEMENTED, as it provides to a TA a possibility
to handle this error code [1].

>From GPD TEE Internal Core specification [2]:
TEE_ERROR_STORAGE_NOT_AVAILABLE - if the persistent object is stored in a
storage area which is currently inaccessible. It may be associated with
the device but unplugged, busy, or inaccessible for some other reason.

[1]: https://github.com/OP-TEE/optee_os/blob/94db01ef448d1e552161c2d861d57a5f8bda0cc0/lib/libutee/tee_api_objects.c#L419
[2]: https://globalplatform.org/wp-content/uploads/2018/06/GPD_TEE_Internal_Core_API_Specification_v1.1.2.50_PublicReview.pdf

Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
optee: support routing of rpmb data frames to mmc 2018-10-07T14:47:38+00:00 Jens Wiklander jens.wiklander@linaro.org 2018-09-25T14:40:14+00:00 232cfd6d9152fd2a4e7113faec51db2a9ab8c6bd Adds support in optee supplicant to route signed (MACed) RPMB frames from OP-TEE Secure OS to MMC and vice versa to manipulate the RPMB partition. Tested-by: Igor Opaniuk <igor.opaniuk@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org> 
Adds support in optee supplicant to route signed (MACed) RPMB frames
from OP-TEE Secure OS to MMC and vice versa to manipulate the RPMB
partition.

Tested-by: Igor Opaniuk <igor.opaniuk@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
tee: add OP-TEE driver 2018-10-07T14:47:38+00:00 Jens Wiklander jens.wiklander@linaro.org 2018-09-25T14:40:11+00:00 d4bd3d25d8b032da8de9c79cbe103d47a3d160df Adds a OP-TEE driver. * Targets ARM and ARM64 * Supports using any U-Boot memory as shared memory * Probes OP-TEE version using SMCs * Uses OPTEE message protocol version 2 to communicate with secure world Reviewed-by: Simon Glass <sjg@chromium.org> Tested-by: Igor Opaniuk <igor.opaniuk@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> 
Adds a OP-TEE driver.

* Targets ARM and ARM64
* Supports using any U-Boot memory as shared memory
* Probes OP-TEE version using SMCs
* Uses OPTEE message protocol version 2 to communicate with secure world

Reviewed-by: Simon Glass <sjg@chromium.org>
Tested-by: Igor Opaniuk <igor.opaniuk@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>