1
linux/drivers/tee/optee/optee_ffa.h
Jens Wiklander f0c8431568 optee: probe RPMB device using RPMB subsystem
Adds support in the OP-TEE drivers (both SMC and FF-A ABIs) to probe and
use an RPMB device via the RPMB subsystem instead of passing the RPMB
frames via tee-supplicant in user space. A fallback mechanism is kept to
route RPMB frames via tee-supplicant if the RPMB subsystem isn't
available.

The OP-TEE RPC ABI is extended to support iterating over all RPMB
devices until one is found with the expected RPMB key already
programmed.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Manuel Traut <manut@mecka.net>
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Link: https://lore.kernel.org/r/20240814153558.708365-5-jens.wiklander@linaro.org
Signed-off-by: Ulf Hansson <ulf.hansson@linaro.org>
2024-08-26 13:16:20 +02:00

186 lines
6.1 KiB
C

/* SPDX-License-Identifier: BSD-2-Clause */
/*
* Copyright (c) 2019-2021, 2023 Linaro Limited
*/
/*
* This file is exported by OP-TEE and is kept in sync between secure world
* and normal world drivers. We're using ARM FF-A 1.0 specification.
*/
#ifndef __OPTEE_FFA_H
#define __OPTEE_FFA_H
#include <linux/arm_ffa.h>
/*
* Normal world sends requests with FFA_MSG_SEND_DIRECT_REQ and
* responses are returned with FFA_MSG_SEND_DIRECT_RESP for normal
* messages.
*
* All requests with FFA_MSG_SEND_DIRECT_REQ and FFA_MSG_SEND_DIRECT_RESP
* are using the AArch32 SMC calling convention with register usage as
* defined in FF-A specification:
* w0: Function ID (0x8400006F or 0x84000070)
* w1: Source/Destination IDs
* w2: Reserved (MBZ)
* w3-w7: Implementation defined, free to be used below
*/
#define OPTEE_FFA_VERSION_MAJOR 1
#define OPTEE_FFA_VERSION_MINOR 0
#define OPTEE_FFA_BLOCKING_CALL(id) (id)
#define OPTEE_FFA_YIELDING_CALL_BIT 31
#define OPTEE_FFA_YIELDING_CALL(id) ((id) | BIT(OPTEE_FFA_YIELDING_CALL_BIT))
/*
* Returns the API version implemented, currently follows the FF-A version.
* Call register usage:
* w3: Service ID, OPTEE_FFA_GET_API_VERSION
* w4-w7: Not used (MBZ)
*
* Return register usage:
* w3: OPTEE_FFA_VERSION_MAJOR
* w4: OPTEE_FFA_VERSION_MINOR
* w5-w7: Not used (MBZ)
*/
#define OPTEE_FFA_GET_API_VERSION OPTEE_FFA_BLOCKING_CALL(0)
/*
* Returns the revision of OP-TEE.
*
* Used by non-secure world to figure out which version of the Trusted OS
* is installed. Note that the returned revision is the revision of the
* Trusted OS, not of the API.
*
* Call register usage:
* w3: Service ID, OPTEE_FFA_GET_OS_VERSION
* w4-w7: Unused (MBZ)
*
* Return register usage:
* w3: CFG_OPTEE_REVISION_MAJOR
* w4: CFG_OPTEE_REVISION_MINOR
* w5: TEE_IMPL_GIT_SHA1 (or zero if not supported)
*/
#define OPTEE_FFA_GET_OS_VERSION OPTEE_FFA_BLOCKING_CALL(1)
/*
* Exchange capabilities between normal world and secure world.
*
* Currently there are no defined capabilities. When features are added new
* capabilities may be added.
*
* Call register usage:
* w3: Service ID, OPTEE_FFA_EXCHANGE_CAPABILITIES
* w4-w7: Not used (MBZ)
*
* Return register usage:
* w3: Error code, 0 on success
* w4: Bit[7:0]: Number of parameters needed for RPC to be supplied
* as the second MSG arg struct for
* OPTEE_FFA_YIELDING_CALL_WITH_ARG.
* Bit[31:8]: Reserved (MBZ)
* w5: Bitfield of secure world capabilities OPTEE_FFA_SEC_CAP_* below,
* w6: The maximum secure world notification number
* w7: Not used (MBZ)
*/
/*
* Secure world supports giving an offset into the argument shared memory
* object, see also OPTEE_FFA_YIELDING_CALL_WITH_ARG
*/
#define OPTEE_FFA_SEC_CAP_ARG_OFFSET BIT(0)
/* OP-TEE supports asynchronous notification via FF-A */
#define OPTEE_FFA_SEC_CAP_ASYNC_NOTIF BIT(1)
/* OP-TEE supports probing for RPMB device if needed */
#define OPTEE_FFA_SEC_CAP_RPMB_PROBE BIT(2)
#define OPTEE_FFA_EXCHANGE_CAPABILITIES OPTEE_FFA_BLOCKING_CALL(2)
/*
* Unregister shared memory
*
* Call register usage:
* w3: Service ID, OPTEE_FFA_YIELDING_CALL_UNREGISTER_SHM
* w4: Shared memory handle, lower bits
* w5: Shared memory handle, higher bits
* w6-w7: Not used (MBZ)
*
* Return register usage:
* w3: Error code, 0 on success
* w4-w7: Note used (MBZ)
*/
#define OPTEE_FFA_UNREGISTER_SHM OPTEE_FFA_BLOCKING_CALL(3)
/*
* Inform OP-TEE that the normal world is able to receive asynchronous
* notifications.
*
* Call register usage:
* w3: Service ID, OPTEE_FFA_ENABLE_ASYNC_NOTIF
* w4: Notification value to request bottom half processing, should be
* less than OPTEE_FFA_MAX_ASYNC_NOTIF_VALUE.
* w5-w7: Not used (MBZ)
*
* Return register usage:
* w3: Error code, 0 on success
* w4-w7: Note used (MBZ)
*/
#define OPTEE_FFA_ENABLE_ASYNC_NOTIF OPTEE_FFA_BLOCKING_CALL(5)
#define OPTEE_FFA_MAX_ASYNC_NOTIF_VALUE 64
/*
* Call with struct optee_msg_arg as argument in the supplied shared memory
* with a zero internal offset and normal cached memory attributes.
* Register usage:
* w3: Service ID, OPTEE_FFA_YIELDING_CALL_WITH_ARG
* w4: Lower 32 bits of a 64-bit Shared memory handle
* w5: Upper 32 bits of a 64-bit Shared memory handle
* w6: Offset into shared memory pointing to a struct optee_msg_arg
* right after the parameters of this struct (at offset
* OPTEE_MSG_GET_ARG_SIZE(num_params) follows a struct optee_msg_arg
* for RPC, this struct has reserved space for the number of RPC
* parameters as returned by OPTEE_FFA_EXCHANGE_CAPABILITIES.
* MBZ unless the bit OPTEE_FFA_SEC_CAP_ARG_OFFSET is received with
* OPTEE_FFA_EXCHANGE_CAPABILITIES.
* w7: Not used (MBZ)
* Resume from RPC. Register usage:
* w3: Service ID, OPTEE_FFA_YIELDING_CALL_RESUME
* w4-w6: Not used (MBZ)
* w7: Resume info
*
* Normal return (yielding call is completed). Register usage:
* w3: Error code, 0 on success
* w4: OPTEE_FFA_YIELDING_CALL_RETURN_DONE
* w5-w7: Not used (MBZ)
*
* RPC interrupt return (RPC from secure world). Register usage:
* w3: Error code == 0
* w4: Any defined RPC code but OPTEE_FFA_YIELDING_CALL_RETURN_DONE
* w5-w6: Not used (MBZ)
* w7: Resume info
*
* Possible error codes in register w3:
* 0: Success
* FFA_DENIED: w4 isn't one of OPTEE_FFA_YIELDING_CALL_START
* OPTEE_FFA_YIELDING_CALL_RESUME
*
* Possible error codes for OPTEE_FFA_YIELDING_CALL_START,
* FFA_BUSY: Number of OP-TEE OS threads exceeded,
* try again later
* FFA_DENIED: RPC shared memory object not found
* FFA_INVALID_PARAMETER: Bad shared memory handle or offset into the memory
*
* Possible error codes for OPTEE_FFA_YIELDING_CALL_RESUME
* FFA_INVALID_PARAMETER: Bad resume info
*/
#define OPTEE_FFA_YIELDING_CALL_WITH_ARG OPTEE_FFA_YIELDING_CALL(0)
#define OPTEE_FFA_YIELDING_CALL_RESUME OPTEE_FFA_YIELDING_CALL(1)
#define OPTEE_FFA_YIELDING_CALL_RETURN_DONE 0
#define OPTEE_FFA_YIELDING_CALL_RETURN_RPC_CMD 1
#define OPTEE_FFA_YIELDING_CALL_RETURN_INTERRUPT 2
#endif /*__OPTEE_FFA_H*/