[U-Boot] [PATCH v2 14/15] tee: optee: support AVB trusted application
Simon Glass
sjg at chromium.org
Thu Aug 30 00:29:09 UTC 2018
Hi Jens,
On 23 August 2018 at 04:43, Jens Wiklander <jens.wiklander at linaro.org> wrote:
> Adds configuration option OPTEE_TA_AVB and a header file describing the
> interface to the AVB trusted application provided by OP-TEE.
What is AVB? Can you please write it out in full?
>
> Tested-by: Igor Opaniuk <igor.opaniuk at linaro.org>
> Reviewed-by: Igor Opaniuk <igor.opaniuk at linaro.org>
> Signed-off-by: Jens Wiklander <jens.wiklander at linaro.org>
> ---
> MAINTAINERS | 1 +
> drivers/tee/optee/Kconfig | 16 +++++++++++++
> include/tee.h | 7 ++++++
> include/tee/optee_ta_avb.h | 48 ++++++++++++++++++++++++++++++++++++++
> 4 files changed, 72 insertions(+)
> create mode 100644 include/tee/optee_ta_avb.h
>
> diff --git a/MAINTAINERS b/MAINTAINERS
> index 7458c606ee92..cb36c45d74ea 100644
> --- a/MAINTAINERS
> +++ b/MAINTAINERS
> @@ -576,6 +576,7 @@ M: Jens Wiklander <jens.wiklander at linaro.org>
> S: Maintained
> F: drivers/tee/
> F: include/tee.h
> +F: include/tee/
>
> UBI
> M: Kyungmin Park <kmpark at infradead.org>
> diff --git a/drivers/tee/optee/Kconfig b/drivers/tee/optee/Kconfig
> index 8f7ebe161111..a5dc08439629 100644
> --- a/drivers/tee/optee/Kconfig
> +++ b/drivers/tee/optee/Kconfig
> @@ -5,3 +5,19 @@ config OPTEE
> help
> This implements the OP-TEE Trusted Execution Environment (TEE)
> driver.
> +
> +if OPTEE
> +
> +menu "OP-TEE options"
> +
> +config OPTEE_TA_AVB
> + bool "Support AVB TA"
> + default y
> + help
> + Enables support for the AVB Trusted Application (TA) in OP-TEE.
> + The TA can support the "avb" subcommands "read_rb", "write"rb"
> + and "is_unlocked".
> +
> +endmenu
> +
> +endif
> diff --git a/include/tee.h b/include/tee.h
> index 3e6771123ef0..b851d718d32f 100644
> --- a/include/tee.h
> +++ b/include/tee.h
> @@ -48,6 +48,13 @@
>
> #define TEE_ORIGIN_COMMS 0x00000002
>
> +struct tee_optee_ta_uuid {
Comment on this struct. What is it for?
> + u32 time_low;
> + u16 time_mid;
> + u16 time_hi_and_version;
> + u8 clock_seq_and_node[8];
> +};
> +
> /**
> * struct tee_shm - memory shared with the TEE
> * @dev: The TEE device
> diff --git a/include/tee/optee_ta_avb.h b/include/tee/optee_ta_avb.h
> new file mode 100644
> index 000000000000..0e1da084e09d
> --- /dev/null
> +++ b/include/tee/optee_ta_avb.h
> @@ -0,0 +1,48 @@
> +/* SPDX-License-Identifier: BSD-2-Clause */
> +/* Copyright (c) 2018, Linaro Limited */
> +
> +#ifndef __TA_AVB_H
> +#define __TA_AVB_H
> +
> +#define TA_AVB_UUID { 0x023f8f1a, 0x292a, 0x432b, \
> + { 0x8f, 0xc4, 0xde, 0x84, 0x71, 0x35, 0x80, 0x67 } }
> +
> +#define TA_AVB_MAX_ROLLBACK_LOCATIONS 256
> +
> +/*
> + * Gets the rollback index corresponding to the given rollback index slot.
> + *
> + * in params[0].value.a: rollback index slot
> + * out params[1].value.a: upper 32 bits of rollback index
> + * out params[1].value.b: lower 32 bits of rollback index
> + */
> +#define TA_AVB_CMD_READ_ROLLBACK_INDEX 0
> +
> +/*
> + * Updates the rollback index corresponding to the given rollback index slot.
> + *
> + * Will refuse to update a slot with a lower value.
> + *
> + * in params[0].value.a: rollback index slot
> + * in params[1].value.a: upper 32 bits of rollback index
> + * in params[1].value.b: lower 32 bits of rollback index
> + */
> +#define TA_AVB_CMD_WRITE_ROLLBACK_INDEX 1
> +
> +/*
> + * Gets the lock state of the device.
> + *
> + * out params[0].value.a: lock state
> + */
> +#define TA_AVB_CMD_READ_LOCK_STATE 2
> +
> +/*
> + * Sets the lock state of the device.
> + *
> + * If the lock state is changed all rollback slots will be reset to 0
> + *
> + * in params[0].value.a: lock state
> + */
> +#define TA_AVB_CMD_WRITE_LOCK_STATE 3
> +
> +#endif /*__TA_AVB_H*/
Space before */
> --
> 2.17.1
>
Regards,
Simon
More information about the U-Boot
mailing list