[PATCH] cmd: Add support for optee hello world ta command

Heinrich Schuchardt xypron.glpk at gmx.de
Fri Dec 13 09:18:05 CET 2024 

Am 13. Dezember 2024 08:01:49 MEZ schrieb Venkatesh Yadav Abbarapu <venkatesh.abbarapu at amd.com>:
>Enable "hello_world_ta" command which increments the value passed.
>This provides easy test for establishing a session with OPTEE
>TA and verify.
>
>It includes following subcommands:
>hello_world_ta write_value value: value to increment via OPTEE HELLO
>WORLD TA.
>
>To enable the OPTEE side HELLO WORLD example please refer
>https://optee.readthedocs.io/en/latest/building/gits/optee_examples/optee_examples.html
>
>Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu at amd.com>
>---
> cmd/Kconfig                |  8 ++++
> cmd/Makefile               |  1 +
> cmd/optee_hello_world_ta.c | 98 ++++++++++++++++++++++++++++++++++++++

Each CLI command should be documented. Please, provide a man-page in doc/usage/cmd/


> 3 files changed, 107 insertions(+)
> create mode 100644 cmd/optee_hello_world_ta.c
>
>diff --git a/cmd/Kconfig b/cmd/Kconfig
>index 1d7ddb4ed36..f1f8d1b9571 100644
>--- a/cmd/Kconfig
>+++ b/cmd/Kconfig
>@@ -1446,6 +1446,14 @@ config CMD_OPTEE_RPMB
> 	  in the Replay Protection Memory Block partition in eMMC by
> 	  using Persistent Objects in OPTEE
> 
>+config CMD_OPTEE_HELLO_WORLD
>+	bool "Enable Hello world TA"
>+	depends on OPTEE
>+	default y
>+	help
>+	 Enable the hello world ta command to test the OPTEE by passing
>+	 a "value" which should increment by OPTEE TA example.
>+
> config CMD_MTD
> 	bool "mtd"
> 	depends on MTD
>diff --git a/cmd/Makefile b/cmd/Makefile
>index d1f369deec0..049147a1442 100644
>--- a/cmd/Makefile
>+++ b/cmd/Makefile
>@@ -118,6 +118,7 @@ obj-$(CONFIG_CMD_PAUSE) += pause.o
> obj-$(CONFIG_CMD_SLEEP) += sleep.o
> obj-$(CONFIG_CMD_MMC) += mmc.o
> obj-$(CONFIG_CMD_OPTEE_RPMB) += optee_rpmb.o
>+obj-$(CONFIG_CMD_OPTEE_HELLO_WORLD) += optee_hello_world_ta.o
> obj-$(CONFIG_CMD_MP) += mp.o
> obj-$(CONFIG_CMD_MTD) += mtd.o
> obj-$(CONFIG_CMD_MTDPARTS) += mtdparts.o
>diff --git a/cmd/optee_hello_world_ta.c b/cmd/optee_hello_world_ta.c
>new file mode 100644
>index 00000000000..54342b90812
>--- /dev/null
>+++ b/cmd/optee_hello_world_ta.c
>@@ -0,0 +1,98 @@
>+// SPDX-License-Identifier: GPL-2.0
>+/*
>+ * (C) Copyright 2024, Advanced Micro Devices, Inc.
>+ */
>+#include <command.h>
>+#include <errno.h>
>+#include <tee.h>
>+#include <vsprintf.h>
>+
>+static struct udevice *tee;
>+static u32 session;
>+
>+#define TA_HELLO_WORLD_CMD_INC_VALUE 0
>+/* This needs to match the UUID of the Hello World TA. */
>+#define TA_HELLO_WORLD_UUID \
>+	{ 0x8aaaf200, 0x2450, 0x11e4, \
>+	{ 0xab, 0xe2, 0x00, 0x02, 0xa5, 0xd5, 0xc5, 0x1b} }
>+
>+static int hello_world_ta_open_session(void)
>+{
>+	const struct tee_optee_ta_uuid uuid = TA_HELLO_WORLD_UUID;
>+	struct tee_open_session_arg arg;
>+	int rc;
>+
>+	tee = tee_find_device(tee, NULL, NULL, NULL);
>+	if (!tee)
>+		return -ENODEV;
>+
>+	memset(&arg, 0, sizeof(arg));
>+	tee_optee_ta_uuid_to_octets(arg.uuid, &uuid);
>+	rc = tee_open_session(tee, &arg, 0, NULL);
>+	if (!rc)
>+		session = arg.session;
>+
>+	return 0;
>+}
>+
>+static int hello_world_ta(unsigned int value)
>+{
>+	struct tee_param param[2];
>+	struct tee_invoke_arg arg;
>+	int status = -EACCES;
>+
>+	printf("The Hello World TA is going to be called\n");
>+
>+	status = hello_world_ta_open_session();
>+	if (status) {
>+		printf("HellWorldTA: OpenSession FAILED!\n");
>+		return status;
>+	}
>+
>+	arg.func = TA_HELLO_WORLD_CMD_INC_VALUE;
>+	arg.session = session;
>+
>+	param[0].attr = TEE_PARAM_ATTR_TYPE_VALUE_INOUT;
>+	param[0].u.value.a = value;
>+
>+	printf("TA value: %d\n", (int)param[0].u.value.a);
>+
>+	tee_invoke_func(tee, &arg, 1, param);
>+
>+	printf("TA value: %d\n", (int)param[0].u.value.a);
>+
>+	tee_invoke_func(tee, &arg, 1, param);
>+
>+	printf("TA value: %d\n", (int)param[0].u.value.a);
>+
>+	status = tee_close_session(tee, session);
>+
>+	return status;
>+}
>+
>+static int do_optee_hello_world_ta(struct cmd_tbl *cmdtp, int flag, int argc,
>+				   char * const argv[])
>+{
>+	int ret;
>+	int value;
>+
>+	if (argc != cmdtp->maxargs) {
>+		debug("hello_world_ta: incorrect parameters passed\n");
>+		return CMD_RET_USAGE;
>+	}
>+
>+	value = dectoul(argv[1], NULL);
>+	ret = hello_world_ta(value);
>+	if (ret)
>+		return CMD_RET_FAILURE;
>+
>+	return CMD_RET_SUCCESS;
>+}
>+
>+U_BOOT_LONGHELP(optee_hello_world_ta,
>+		"write_value value - Write value to increment\n"
>+		"Command for testing Hello World OPTEE TA\n"
>+		"pass the 'value' which needs to increment from OPTEE world\n");
>+
>+U_BOOT_CMD_WITH_SUBCMDS(hello_world_ta, "OPTEE hello world TA", optee_hello_world_ta_help_text,
>+			U_BOOT_SUBCMD_MKENT(write_value, 2, 1, do_optee_hello_world_ta));

I am sure we we will come up with more ideas on how to query OP-TEE in future.

Hence I would suggest to have one 'optee' command and making 'hello' a sub command.

Best regards

Heinrich

More information about the U-Boot mailing list