u-boot.git/drivers/tee, branch master Unnamed repository; edit this file 'description' to name the repository. tee: Rework Makefile logic 2025-10-14T07:42:27+00:00 Tom Rini trini@konsulko.com 2025-09-26T15:31:44+00:00 398f988410c94e95b49fe6679d8d848d2a09835a The intention of how this Makefile was written was to allow for sandbox to build and test drivers still while otherwise requiring OPTEE to be enabled. This however didn't work quite right in practice as sandbox could enable some drivers which would then fail to link. Rework things such that sandbox will also traverse the optee directory when SANDBOX_TEE is enabled, but only build one of the optee-specific files when OPTEE is enabled. Signed-off-by: Tom Rini <trini@konsulko.com> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
The intention of how this Makefile was written was to allow for sandbox
to build and test drivers still while otherwise requiring OPTEE to be
enabled. This however didn't work quite right in practice as sandbox
could enable some drivers which would then fail to link. Rework things
such that sandbox will also traverse the optee directory when
SANDBOX_TEE is enabled, but only build one of the optee-specific files
when OPTEE is enabled.

Signed-off-by: Tom Rini <trini@konsulko.com>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
tee: sandbox: check for buffer size 2024-04-26T05:28:35+00:00 Igor Opaniuk igor.opaniuk@gmail.com 2024-04-21T20:48:39+00:00 8800cbe9b83bf15ca6dc43ca4b05269b3126526a Add additional check for buffer size when reading out persistent storage value and provide back actual value size. Signed-off-by: Igor Opaniuk <igor.opaniuk@gmail.com> Reviewed-by: Oleksandr Suvorov <cryosay@gmail.com> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
Add additional check for buffer size when reading out persistent
storage value and provide back actual value size.

Signed-off-by: Igor Opaniuk <igor.opaniuk@gmail.com>
Reviewed-by: Oleksandr Suvorov <cryosay@gmail.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
tee: remove common.h inclusion 2024-04-18T13:04:48+00:00 Igor Opaniuk igor.opaniuk@gmail.com 2024-04-04T13:19:51+00:00 b905599b36e3d8158c5cd045c26278416909b422 The usage of the common.h include file is deprecated [1], and has already been removed from several files. Get rid of all inclusions in the "drivers/tee" directory, and replace it with required include files directly where needed. [1] doc/develop/codingstyle.rst Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Igor Opaniuk <igor.opaniuk@gmail.com> Reviewed-by: Sam Protsenko <semen.protsenko@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
The usage of the common.h include file is deprecated [1], and has already
been removed from several files.
Get rid of all inclusions in the "drivers/tee" directory, and replace it
with required include files directly where needed.

[1] doc/develop/codingstyle.rst

Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Igor Opaniuk <igor.opaniuk@gmail.com>
Reviewed-by: Sam Protsenko <semen.protsenko@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
tee: optee: fix description in Kconfig 2024-04-18T13:04:48+00:00 Igor Opaniuk igor.opaniuk@gmail.com 2024-04-04T13:19:47+00:00 6e8bb1fb0ae81ff02e1057d47bcb08ca2d84d27b Fix OPTEE_TA_AVB symbol description in Kconfig: s/"write"rb"/"write_rb"/g Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Igor Opaniuk <igor.opaniuk@gmail.com> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
Fix OPTEE_TA_AVB symbol description in Kconfig:
s/"write"rb"/"write_rb"/g

Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Igor Opaniuk <igor.opaniuk@gmail.com>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
tee: sandbox: fix spelling errors 2024-03-27T08:29:00+00:00 Igor Opaniuk igor.opaniuk@gmail.com 2024-03-04T17:44:50+00:00 5e19fe8ea8ff3f983a06b52694c29ab6560692eb Fix spelling errors in comments. Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Igor Opaniuk <igor.opaniuk@gmail.com> 
Fix spelling errors in comments.

Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Igor Opaniuk <igor.opaniuk@gmail.com>
tee: optee: don't enumerate services if there ain't any 2023-12-19T15:07:48+00:00 Etienne Carriere etienne.carriere@foss.st.com 2023-11-29T12:37:53+00:00 51774b3b03a60a553cf183e6b8f5f8ee80afe625 Change optee driver service enumeration to not enumerate (and allocate a zero sized shared memory buffer) when OP-TEE reports that there is no service to enumerate. This change fixes an existing issue that occurs when the such zero sized shared memory buffer allocated from malloc() has a physical address of offset 0 of a physical 4kB page. In such case, OP-TEE secure world refuses to register the zero-sized shared memory area and makes U-Boot optee service enumeration to fail. Fixes: 94ccfb78a4d6 ("drivers: tee: optee: discover OP-TEE services") Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> 
Change optee driver service enumeration to not enumerate (and
allocate a zero sized shared memory buffer) when OP-TEE
reports that there is no service to enumerate.

This change fixes an existing issue that occurs when the such zero
sized shared memory buffer allocated from malloc() has a physical
address of offset 0 of a physical 4kB page. In such case, OP-TEE
secure world refuses to register the zero-sized shared memory
area and makes U-Boot optee service enumeration to fail.

Fixes: 94ccfb78a4d6 ("drivers: tee: optee: discover OP-TEE services")
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
tee: optee: don't fail on services enumeration failure 2023-12-19T15:07:48+00:00 Etienne Carriere etienne.carriere@foss.st.com 2023-11-29T12:37:52+00:00 ab9500e9c3fa1a4512eeebcc616f7ba73cf938ef Change optee probe function to only warn when service enumeration sequence fails instead of reporting an optee driver probe failure. Indeed U-Boot can still use OP-TEE even if some OP-TEE services are not discovered. Fixes: 94ccfb78a4d6 ("drivers: tee: optee: discover OP-TEE services") Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> 
Change optee probe function to only warn when service enumeration
sequence fails instead of reporting an optee driver probe failure.
Indeed U-Boot can still use OP-TEE even if some OP-TEE services are
not discovered.

Fixes: 94ccfb78a4d6 ("drivers: tee: optee: discover OP-TEE services")
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Patrice Chotard <patrice.chotard@foss.st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
drivers: tee: sandbox: Fix SCP03 control emulator 2023-04-28T17:30:17+00:00 Jorge Ramirez-Ortiz jorge@foundries.io 2023-04-08T15:35:31+00:00 7f1a4c9dd89b5bd5203988609fe3f9f9c0c0e4e8 Fix and document the Secure Channel Protocol03 emulator. Fixes: 5a8783c80c39 ("drivers: tee: sandbox: SCP03 control emulator") Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Reviewed-by: Simon Glass <sjg@chromium.org> Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
Fix and document the Secure Channel Protocol03 emulator.

Fixes: 5a8783c80c39 ("drivers: tee: sandbox: SCP03 control emulator")

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
tee: optee: fix uuid comparisons on service discovery 2023-01-20T08:04:56+00:00 Ilias Apalodimas ilias.apalodimas@linaro.org 2023-01-19T09:21:37+00:00 eda976d36a37d459da5908fb922173a4bafe8666 When comparing UUIDs for discovered services we only compare up to the ptr size instead of the entire UUID Fixes: 94ccfb78a4d61 ("drivers: tee: optee: discover OP-TEE services") Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> 
When comparing UUIDs for discovered services we only compare up to the
ptr size instead of the entire UUID

Fixes: 94ccfb78a4d61 ("drivers: tee: optee: discover OP-TEE services")
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
tee: optee: fix a print error on rng probing 2023-01-20T08:04:56+00:00 Ilias Apalodimas ilias.apalodimas@linaro.org 2023-01-18T15:38:21+00:00 218a9917d6f0b11c41189ceb649cf04201325daf If we fail to probe the optee-rng device, we print a wrong message referring to the firmware tpm. Fixes: 476a3d58dfeb ("tee: optee: don't fail probe because of optee-rng") Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> 
If we fail to probe the optee-rng device, we print a wrong message
referring to the firmware tpm.

Fixes: 476a3d58dfeb ("tee: optee: don't fail probe because of optee-rng")
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>