[U-Boot] [PATCH 09/10] tee: optee: support AVB trusted application
Igor Opaniuk
igor.opaniuk at linaro.org
Sun Aug 19 12:42:41 UTC 2018
Reviewed-by: Igor Opaniuk <igor.opaniuk at linaro.org>
On 16 August 2018 at 15:22, Igor Opaniuk <igor.opaniuk at linaro.org> wrote:
> Tested-by: Igor Opaniuk <igor.opaniuk at linaro.org>
>
> On 13 August 2018 at 18:53, Jens Wiklander <jens.wiklander at linaro.org> wrote:
>> Adds configuration option OPTEE_TA_AVB and a header file describing the
>> interface to the AVB trusted application provided by OP-TEE.
>>
>> Signed-off-by: Jens Wiklander <jens.wiklander at linaro.org>
>> ---
>> MAINTAINERS | 1 +
>> drivers/tee/optee/Kconfig | 16 +++++++++++++
>> include/tee.h | 7 ++++++
>> include/tee/optee_ta_avb.h | 48 ++++++++++++++++++++++++++++++++++++++
>> 4 files changed, 72 insertions(+)
>> create mode 100644 include/tee/optee_ta_avb.h
>>
>> diff --git a/MAINTAINERS b/MAINTAINERS
>> index 7458c606ee92..cb36c45d74ea 100644
>> --- a/MAINTAINERS
>> +++ b/MAINTAINERS
>> @@ -576,6 +576,7 @@ M: Jens Wiklander <jens.wiklander at linaro.org>
>> S: Maintained
>> F: drivers/tee/
>> F: include/tee.h
>> +F: include/tee/
>>
>> UBI
>> M: Kyungmin Park <kmpark at infradead.org>
>> diff --git a/drivers/tee/optee/Kconfig b/drivers/tee/optee/Kconfig
>> index 8f7ebe161111..a5dc08439629 100644
>> --- a/drivers/tee/optee/Kconfig
>> +++ b/drivers/tee/optee/Kconfig
>> @@ -5,3 +5,19 @@ config OPTEE
>> help
>> This implements the OP-TEE Trusted Execution Environment (TEE)
>> driver.
>> +
>> +if OPTEE
>> +
>> +menu "OP-TEE options"
>> +
>> +config OPTEE_TA_AVB
>> + bool "Support AVB TA"
>> + default y
>> + help
>> + Enables support for the AVB Trusted Application (TA) in OP-TEE.
>> + The TA can support the "avb" subcommands "read_rb", "write"rb"
>> + and "is_unlocked".
>> +
>> +endmenu
>> +
>> +endif
>> diff --git a/include/tee.h b/include/tee.h
>> index c2ac13e34128..3d95d4b3f740 100644
>> --- a/include/tee.h
>> +++ b/include/tee.h
>> @@ -48,6 +48,13 @@
>>
>> struct tee_driver_ops;
>>
>> +struct tee_optee_ta_uuid {
>> + u32 time_low;
>> + u16 time_mid;
>> + u16 time_hi_and_version;
>> + u8 clock_seq_and_node[8];
>> +};
>> +
>> struct tee_shm {
>> struct udevice *dev;
>> struct list_head link;
>> diff --git a/include/tee/optee_ta_avb.h b/include/tee/optee_ta_avb.h
>> new file mode 100644
>> index 000000000000..0e1da084e09d
>> --- /dev/null
>> +++ b/include/tee/optee_ta_avb.h
>> @@ -0,0 +1,48 @@
>> +/* SPDX-License-Identifier: BSD-2-Clause */
>> +/* Copyright (c) 2018, Linaro Limited */
>> +
>> +#ifndef __TA_AVB_H
>> +#define __TA_AVB_H
>> +
>> +#define TA_AVB_UUID { 0x023f8f1a, 0x292a, 0x432b, \
>> + { 0x8f, 0xc4, 0xde, 0x84, 0x71, 0x35, 0x80, 0x67 } }
>> +
>> +#define TA_AVB_MAX_ROLLBACK_LOCATIONS 256
>> +
>> +/*
>> + * Gets the rollback index corresponding to the given rollback index slot.
>> + *
>> + * in params[0].value.a: rollback index slot
>> + * out params[1].value.a: upper 32 bits of rollback index
>> + * out params[1].value.b: lower 32 bits of rollback index
>> + */
>> +#define TA_AVB_CMD_READ_ROLLBACK_INDEX 0
>> +
>> +/*
>> + * Updates the rollback index corresponding to the given rollback index slot.
>> + *
>> + * Will refuse to update a slot with a lower value.
>> + *
>> + * in params[0].value.a: rollback index slot
>> + * in params[1].value.a: upper 32 bits of rollback index
>> + * in params[1].value.b: lower 32 bits of rollback index
>> + */
>> +#define TA_AVB_CMD_WRITE_ROLLBACK_INDEX 1
>> +
>> +/*
>> + * Gets the lock state of the device.
>> + *
>> + * out params[0].value.a: lock state
>> + */
>> +#define TA_AVB_CMD_READ_LOCK_STATE 2
>> +
>> +/*
>> + * Sets the lock state of the device.
>> + *
>> + * If the lock state is changed all rollback slots will be reset to 0
>> + *
>> + * in params[0].value.a: lock state
>> + */
>> +#define TA_AVB_CMD_WRITE_LOCK_STATE 3
>> +
>> +#endif /*__TA_AVB_H*/
>> --
>> 2.17.1
>>
>
>
>
> --
> Regards,
> Igor Opaniuk
--
Regards,
Igor Opaniuk
More information about the U-Boot
mailing list