[PATCH 1/5] tee: define session login identifiers

Etienne Carriere etienne.carriere at linaro.org
Thu Nov 4 15:14:47 CET 2021 

Define identifiers for clnt_login field in struct tee_open_session_arg
based in GlobalPlatform Device TEE IDs and on the REE_KERNEL identifier
extension from OP-TEE OS.

Cc: Jens Wiklander <jens.wiklander at linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere at linaro.org>
---
This change was previously discussed in the U-Boot ML, see v2 at:
https://patchwork.ozlabs.org/project/uboot/patch/20210519142613.7668-1-etienne.carriere@linaro.org/

Changes since this v2 post:
 - Updated the inline comment describing reserved login Ids
 - Rephrase 'REE kernel agent' to 'REE kernel/privileged agent' to
   better apply to U-Boot that is not a kernel but still runs at a
   privileged execution level.
---
 include/tee.h | 23 +++++++++++++++++++++--
 1 file changed, 21 insertions(+), 2 deletions(-)

diff --git a/include/tee.h b/include/tee.h
index 44e9cd4321..30ea2ee164 100644
--- a/include/tee.h
+++ b/include/tee.h
@@ -31,6 +31,25 @@
 #define TEE_PARAM_ATTR_MASK			(TEE_PARAM_ATTR_TYPE_MASK | \
 						 TEE_PARAM_ATTR_META)
 
+/*
+ * Global Platform login identifiers for tee_open_session_arg::clnt_login
+ */
+#define TEE_LOGIN_PUBLIC                  0x00000000
+#define TEE_LOGIN_USER                    0x00000001
+#define TEE_LOGIN_GROUP                   0x00000002
+#define TEE_LOGIN_APPLICATION             0x00000004
+#define TEE_LOGIN_APPLICATION_USER        0x00000005
+#define TEE_LOGIN_APPLICATION_GROUP       0x00000006
+/*
+ * Reserve use of GP implementation specific login method range
+ * (0x80000000 - 0xBFFFFFFF). This range is rather being used
+ * for REE kernel clients or TEE implementation.
+ */
+#define TEE_LOGIN_REE_KERNEL_MIN          0x80000000
+#define TEE_LOGIN_REE_KERNEL_MAX          0xBFFFFFFF
+/* Private login method for REE kernel/privileged clients */
+#define TEE_LOGIN_REE_KERNEL              0x80000000
+
 /*
  * Some Global Platform error codes which has a meaning if the
  * TEE_GEN_CAP_GP bit is returned by the driver in
@@ -135,8 +154,8 @@ struct tee_param {
 /**
  * struct tee_open_session_arg - extra arguments for tee_open_session()
  * @uuid:	[in] UUID of the Trusted Application
- * @clnt_uuid:	[in] Normally zeroes
- * @clnt_login:	[in] Normally 0
+ * @clnt_uuid:	[in] UUID of client, zeroes for PUBLIC/REE_KERNEL
+ * @clnt_login:	[in] Class of client TEE_LOGIN_*
  * @session:	[out] Session id
  * @ret:	[out] return value
  * @ret_origin:	[out] origin of the return value
-- 
2.17.1

More information about the U-Boot mailing list