From patchwork Mon Aug 13 15:53:46 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jens Wiklander <jens.wiklander@linaro.org>
X-Patchwork-Id: 957042
X-Patchwork-Delegate: trini@ti.com
Return-Path: <u-boot-bounces@lists.denx.de>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
	spf=none (mailfrom) smtp.mailfrom=lists.denx.de
	(client-ip=81.169.180.215; helo=lists.denx.de;
	envelope-from=u-boot-bounces@lists.denx.de;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dmarc=fail (p=none dis=none) header.from=linaro.org
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (1024-bit key;
	unprotected) header.d=linaro.org header.i=@linaro.org
	header.b="R4yFZ6Ge"; dkim-atps=neutral
Received: from lists.denx.de (dione.denx.de [81.169.180.215])
	by ozlabs.org (Postfix) with ESMTP id 41q0pF0Vylz9sBJ
	for <incoming@patchwork.ozlabs.org>;
	Tue, 14 Aug 2018 02:01:24 +1000 (AEST)
Received: by lists.denx.de (Postfix, from userid 105)
	id 9DE85C21E0D; Mon, 13 Aug 2018 15:59:22 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on lists.denx.de
X-Spam-Level: 
X-Spam-Status: No, score=0.0 required=5.0 tests=RCVD_IN_MSPIKE_H2,
	T_DKIM_INVALID autolearn=unavailable autolearn_force=no version=3.4.0
Received: from lists.denx.de (localhost [IPv6:::1])
	by lists.denx.de (Postfix) with ESMTP id 75B16C21DCA;
	Mon, 13 Aug 2018 15:54:49 +0000 (UTC)
Received: by lists.denx.de (Postfix, from userid 105)
	id B5244C21DA2; Mon, 13 Aug 2018 15:54:22 +0000 (UTC)
Received: from mail-lf1-f67.google.com (mail-lf1-f67.google.com
	[209.85.167.67])
	by lists.denx.de (Postfix) with ESMTPS id C77D5C21DB3
	for <u-boot@lists.denx.de>; Mon, 13 Aug 2018 15:54:17 +0000 (UTC)
Received: by mail-lf1-f67.google.com with SMTP id g6-v6so11574292lfb.11
	for <u-boot@lists.denx.de>; Mon, 13 Aug 2018 08:54:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;
	h=from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=0nCrW8CLYCTt9B9YcBCJ6rQmZmPqwurpPpOYJMILYdo=;
	b=R4yFZ6GeuxMBMfTESkDFPiiyjZPKcYFiG72cfLBaZtcMGx9T6jdAxq3P4FU76PyZe0
	Rj3mC0F6w1fz2sm5WNpnVCWNXDac7DG1ZVsZeiUeSTT/rVq74IskvGAYME/FOQHGOu6F
	1ZbkTn7g6FBfpp+OhLIZpWBTQGqJ2bVCCobY4=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=0nCrW8CLYCTt9B9YcBCJ6rQmZmPqwurpPpOYJMILYdo=;
	b=NI06uL8eBVQED5HyfYFa9AQ2zdqvhCLFXf1Gg/1tSWPmIRj21AnMpGizlLqcZJ0HWx
	xX6x8OaVPZ5cVoZYGTyF6w71k85bQAcYsXJ1L81eh3EHIuv4XzOg8jtWVU7QTXroaQ01
	TasEO7m6Xr6gsxC8GAYDkRVyJ7tPTQKLAKe/rKkHcFPSk9LwIgB3FE1p2psltW367qJ1
	wBzHK3oot06kep/3m1Ps/cKbqarOddNLLGy3zbiDfShspqJmP557BL1BsJCP8Sg1SvhG
	8KMJsFhtqSpO2lvh8pL85kGMVmZB9H2CgN5F0daES2XjgMumAeK1/Iyr7OLTtssGKN5d
	Wlew==
X-Gm-Message-State: AOUpUlGA6uzm7OO/bnBjeU9+OthOZIAa4eSSgb7fN/H+50h4k/iIeLDL
	ussOKSEuDPW8xnqUtfoN/0D5djSusZk=
X-Google-Smtp-Source: 
 AA+uWPzBBsP5MWO9687K40Fbcs72b8LnCitxV1rAWH80hykdI47vjDB3oQEuohMkhY7kfzQRIyh3PQ==
X-Received: by 2002:a19:63dc:: with SMTP id
	v89-v6mr11942048lfi.23.1534175656964;
	Mon, 13 Aug 2018 08:54:16 -0700 (PDT)
Received: from jax.urgonet (h-84-105.A175.priv.bahnhof.se. [79.136.84.105])
	by smtp.gmail.com with ESMTPSA id
	q12-v6sm2791624lfc.26.2018.08.13.08.54.15
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Mon, 13 Aug 2018 08:54:16 -0700 (PDT)
From: Jens Wiklander <jens.wiklander@linaro.org>
To: u-boot@lists.denx.de
Date: Mon, 13 Aug 2018 17:53:46 +0200
Message-Id: <20180813155347.13844-10-jens.wiklander@linaro.org>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20180813155347.13844-1-jens.wiklander@linaro.org>
References: <20180813155347.13844-1-jens.wiklander@linaro.org>
Cc: Tom Rini <trini@konsulko.com>, Pierre Aubert <p.aubert@staubli.com>
Subject: [U-Boot] [PATCH 09/10] tee: optee: support AVB trusted application
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
	<mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <http://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
	<mailto:u-boot-request@lists.denx.de?subject=subscribe>
MIME-Version: 1.0
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>

Adds configuration option OPTEE_TA_AVB and a header file describing the
interface to the AVB trusted application provided by OP-TEE.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Igor Opaniuk <igor.opaniuk@linaro.org>
Reviewed-by: Igor Opaniuk <igor.opaniuk@linaro.org>
---
 MAINTAINERS                |  1 +
 drivers/tee/optee/Kconfig  | 16 +++++++++++++
 include/tee.h              |  7 ++++++
 include/tee/optee_ta_avb.h | 48 ++++++++++++++++++++++++++++++++++++++
 4 files changed, 72 insertions(+)
 create mode 100644 include/tee/optee_ta_avb.h

diff --git a/MAINTAINERS b/MAINTAINERS
index 7458c606ee92..cb36c45d74ea 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -576,6 +576,7 @@ M:	Jens Wiklander <jens.wiklander@linaro.org>
 S:	Maintained
 F:	drivers/tee/
 F:	include/tee.h
+F:	include/tee/
 
 UBI
 M:	Kyungmin Park <kmpark@infradead.org>
diff --git a/drivers/tee/optee/Kconfig b/drivers/tee/optee/Kconfig
index 8f7ebe161111..a5dc08439629 100644
--- a/drivers/tee/optee/Kconfig
+++ b/drivers/tee/optee/Kconfig
@@ -5,3 +5,19 @@ config OPTEE
 	help
 	  This implements the OP-TEE Trusted Execution Environment (TEE)
 	  driver.
+
+if OPTEE
+
+menu "OP-TEE options"
+
+config OPTEE_TA_AVB
+	bool "Support AVB TA"
+	default y
+	help
+	  Enables support for the AVB Trusted Application (TA) in OP-TEE.
+	  The TA can support the "avb" subcommands "read_rb", "write"rb"
+	  and "is_unlocked".
+
+endmenu
+
+endif
diff --git a/include/tee.h b/include/tee.h
index c2ac13e34128..3d95d4b3f740 100644
--- a/include/tee.h
+++ b/include/tee.h
@@ -48,6 +48,13 @@
 
 struct tee_driver_ops;
 
+struct tee_optee_ta_uuid {
+	u32 time_low;
+	u16 time_mid;
+	u16 time_hi_and_version;
+	u8 clock_seq_and_node[8];
+};
+
 struct tee_shm {
 	struct udevice *dev;
 	struct list_head link;
diff --git a/include/tee/optee_ta_avb.h b/include/tee/optee_ta_avb.h
new file mode 100644
index 000000000000..0e1da084e09d
--- /dev/null
+++ b/include/tee/optee_ta_avb.h
@@ -0,0 +1,48 @@
+/* SPDX-License-Identifier: BSD-2-Clause */
+/* Copyright (c) 2018, Linaro Limited */
+
+#ifndef __TA_AVB_H
+#define __TA_AVB_H
+
+#define TA_AVB_UUID { 0x023f8f1a, 0x292a, 0x432b, \
+		      { 0x8f, 0xc4, 0xde, 0x84, 0x71, 0x35, 0x80, 0x67 } }
+
+#define TA_AVB_MAX_ROLLBACK_LOCATIONS	256
+
+/*
+ * Gets the rollback index corresponding to the given rollback index slot.
+ *
+ * in	params[0].value.a:	rollback index slot
+ * out	params[1].value.a:	upper 32 bits of rollback index
+ * out	params[1].value.b:	lower 32 bits of rollback index
+ */
+#define TA_AVB_CMD_READ_ROLLBACK_INDEX	0
+
+/*
+ * Updates the rollback index corresponding to the given rollback index slot.
+ *
+ * Will refuse to update a slot with a lower value.
+ *
+ * in	params[0].value.a:	rollback index slot
+ * in	params[1].value.a:	upper 32 bits of rollback index
+ * in	params[1].value.b:	lower 32 bits of rollback index
+ */
+#define TA_AVB_CMD_WRITE_ROLLBACK_INDEX	1
+
+/*
+ * Gets the lock state of the device.
+ *
+ * out	params[0].value.a:	lock state
+ */
+#define TA_AVB_CMD_READ_LOCK_STATE	2
+
+/*
+ * Sets the lock state of the device.
+ *
+ * If the lock state is changed all rollback slots will be reset to 0
+ *
+ * in	params[0].value.a:	lock state
+ */
+#define TA_AVB_CMD_WRITE_LOCK_STATE	3
+
+#endif /*__TA_AVB_H*/