> > So you do not really need an MM partition running alongside OP-TEE? > > > > Agree that most of secure services can be implemented as static > (pseudo) TAs. But if I think about services like RAS error handling and > firmware updates. Is Trusted OS (OP-TEE or any third party OS) an > appropriate place to implement these platform specific services?
In my view, UEFI/MM services should be TOS specific. These must be independent of TOS. > Regards, > Sumit > > > > > > > So it looks like they complement each other and we will have more > > > robustness once we migrate to v8.4 Secure-EL2 Hypervisor for > > > isolation support. > > > > In a way yes! The robustness bit is not really related to the > > interface used to access as service. > > > > > > > > Please feel free to correct me if I missed something. > > > > Hope this makes sense. > > > > cheers, > > Achin > > > > > > > > Regards, > > > Sumit > > > > > > [1] > > > > https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fin > > > > focenter.arm.com%2Fhelp%2Ftopic%2Fcom.arm.doc.den0028b%2FARM_DE > N0028 > > > > B_SMC_Calling_Convention.pdf&data=02%7C01%7Cudit.kumar%40nxp. > com > > > > %7C8e3b0815c5424819b54f08d60d043499%7C686ea1d3bc2b4c6fa92cd99c5 > c3016 > > > > 35%7C0%7C0%7C636710709050808156&sdata=ad%2BlzFhGuZo9weUA > CLYz3h%2 > > > FiGtRRbibouX7uXxrRQfw%3D&reserved=0 > > > [2] > > > > https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fin > > > > focenter.arm.com%2Fhelp%2Ftopic%2Fcom.arm.doc.den0060a%2FDEN0060 > A_AR > > > > M_MM_Interface_Specification.pdf&data=02%7C01%7Cudit.kumar%40 > nxp > > > > .com%7C8e3b0815c5424819b54f08d60d043499%7C686ea1d3bc2b4c6fa92cd > 99c5c > > > > 301635%7C0%7C0%7C636710709050808156&sdata=CdVkFdX0dYkb%2F > 8LzQXtJ > > > WjlKjIsBoG1QHjxVvTIlV8k%3D&reserved=0 > > > > > > > Thanks > > > > Matteo > > > > > > > > [1]: > > > > > https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2 > > > > > Fcommunity.arm.com%2Fprocessors%2Fb%2Fblog%2Fposts%2Farchitecting- > > > > more-secure-world-with-isolation-and-virtualization&data=02%7C > > > > > 01%7Cudit.kumar%40nxp.com%7C8e3b0815c5424819b54f08d60d043499%7 > C686 > > > > > ea1d3bc2b4c6fa92cd99c5c301635%7C0%7C0%7C636710709050808156&am > p;sda > > > > > ta=fCaQAmaYd7Qur81A%2BRPvJ373e2uRuE0IJFTUDx8JzfU%3D&reserve > d=0 > > > > > > > > > -----Original Message----- > > > > > From: Udit Kumar <udit.ku...@nxp.com> > > > > > Sent: 24 August 2018 18:46 > > > > > To: Ard Biesheuvel <ard.biesheu...@linaro.org>; Matteo Carlini > > > > > <matteo.carl...@arm.com> > > > > > Cc: Sumit Garg <sumit.g...@linaro.org>; edk2-devel@lists.01.org; > > > > > tee- d...@lists.linaro.org; daniel.thomp...@linaro.org; > > > > > jens.wiklan...@linaro.org; Rod Dorris <rod.dor...@nxp.com> > > > > > Subject: RE: [edk2] [PATCH 1/1] ArmPkg/OpteeLib: Add APIs to > > > > > communicate with OP-TEE > > > > > > > > > > Hi Ard > > > > > > > > > > > If MM mode is fundamentally incompatible with OP-TEE, then you > > > > > > cannot run both at the same time, > > > > > > > > > > Both cannot coexist unless you have v8.4 CPU > > > > > > > > > > Regards > > > > > Udit > > > > > > > > > > > > > > > > > > > > > > > >> -----Original Message----- > > > > > > >> From: edk2-devel <edk2-devel-boun...@lists.01.org> On > > > > > > >> Behalf Of Sumit Garg > > > > > > >> Sent: Friday, August 24, 2018 2:51 PM > > > > > > >> To: edk2-devel@lists.01.org > > > > > > >> Cc: daniel.thomp...@linaro.org; tee-...@lists.linaro.org; > > > > > > >> jens.wiklan...@linaro.org > > > > > > >> Subject: [edk2] [PATCH 1/1] ArmPkg/OpteeLib: Add APIs to > > > > > > >> communicate with OP-TEE > > > > > > >> > > > > > > >> Add following APIs to communicate with OP-TEE static TA: > > > > > > >> 1. OpteeInit > > > > > > >> 2. OpteeOpenSession > > > > > > >> 3. OpteeCloseSession > > > > > > >> 4. OpteeInvokeFunc > > > > > > >> > > > > > > >> Cc: Ard Biesheuvel <ard.biesheu...@linaro.org> > > > > > > >> Cc: Leif Lindholm <leif.lindh...@linaro.org> > > > > > > >> Contributed-under: TianoCore Contribution Agreement 1.1 > > > > > > >> Signed-off-by: Sumit Garg <sumit.g...@linaro.org> > > > > > > >> --- > > > > > > >> ArmPkg/Include/Library/OpteeLib.h | 102 ++++++ > > > > > > >> ArmPkg/Library/OpteeLib/Optee.c | 358 > > > > > > >> +++++++++++++++++++++ > > > > > > >> ArmPkg/Library/OpteeLib/OpteeLib.inf | 2 + > > > > > > >> ArmPkg/Library/OpteeLib/OpteeSmc.h | 43 +++ > > > > > > >> .../Include/IndustryStandard/GlobalPlatform.h | 60 ++-- > > > > > > >> 5 files changed, 531 insertions(+), 34 deletions(-) > > > > > > >> create mode > > > > > > >> 100644 ArmPkg/Library/OpteeLib/OpteeSmc.h > > > > > > >> copy ArmPkg/Include/Library/OpteeLib.h => > > > > > > >> MdePkg/Include/IndustryStandard/GlobalPlatform.h (53%) > > > > > > >> > > > > > > >> diff --git a/ArmPkg/Include/Library/OpteeLib.h > > > > > > >> b/ArmPkg/Include/Library/OpteeLib.h > > > > > > >> index f65d8674d9b8..c323f49072f8 100644 > > > > > > >> --- a/ArmPkg/Include/Library/OpteeLib.h > > > > > > >> +++ b/ArmPkg/Include/Library/OpteeLib.h > > > > > > >> @@ -25,10 +25,112 @@ > > > > > > >> #define OPTEE_OS_UID2 0xaf630002 > > > > > > >> #define OPTEE_OS_UID3 0xa5d5c51b > > > > > > >> > > > > > > >> +#define OPTEE_MSG_ATTR_TYPE_NONE 0x0 > > > > > > >> +#define OPTEE_MSG_ATTR_TYPE_VALUE_INPUT 0x1 > > > > > > >> +#define OPTEE_MSG_ATTR_TYPE_VALUE_OUTPUT 0x2 > > > > > > >> +#define OPTEE_MSG_ATTR_TYPE_VALUE_INOUT 0x3 > > > > > > >> +#define OPTEE_MSG_ATTR_TYPE_MEM_INPUT 0x9 > > > > > > >> +#define OPTEE_MSG_ATTR_TYPE_MEM_OUTPUT 0xa > > > > > > >> +#define OPTEE_MSG_ATTR_TYPE_MEM_INOUT 0xb > > > > > > >> + > > > > > > >> +#define OPTEE_MSG_ATTR_TYPE_MASK 0xff > > > > > > >> + > > > > > > >> +typedef struct { > > > > > > >> + UINT64 BufPtr; > > > > > > >> + UINT64 Size; > > > > > > >> + UINT64 ShmRef; > > > > > > >> +} OPTEE_MSG_PARAM_MEM; > > > > > > >> + > > > > > > >> +typedef struct { > > > > > > >> + UINT64 A; > > > > > > >> + UINT64 B; > > > > > > >> + UINT64 C; > > > > > > >> +} OPTEE_MSG_PARAM_VALUE; > > > > > > >> + > > > > > > >> +typedef struct { > > > > > > >> + UINT64 Attr; > > > > > > >> + union { > > > > > > >> + OPTEE_MSG_PARAM_MEM Mem; > > > > > > >> + OPTEE_MSG_PARAM_VALUE Value; > > > > > > >> + } U; > > > > > > >> +} OPTEE_MSG_PARAM; > > > > > > >> + > > > > > > >> +#define MAX_PARAMS 4 > > > > > > >> + > > > > > > >> +typedef struct { > > > > > > >> + UINT32 Cmd; > > > > > > >> + UINT32 Func; > > > > > > >> + UINT32 Session; > > > > > > >> + UINT32 CancelId; > > > > > > >> + UINT32 Pad; > > > > > > >> + UINT32 Ret; > > > > > > >> + UINT32 RetOrigin; > > > > > > >> + UINT32 NumParams; > > > > > > >> + > > > > > > >> + // NumParams tells the actual number of element in > Params > > > > > > >> + OPTEE_MSG_PARAM Params[MAX_PARAMS]; > > > > > > >> +} OPTEE_MSG_ARG; > > > > > > >> + > > > > > > >> +#define OPTEE_UUID_LEN 16 > > > > > > >> + > > > > > > >> +// > > > > > > >> +// struct OPTEE_OPEN_SESSION_ARG - Open session argument > > > > > > >> +// @Uuid: [in] UUID of the Trusted Application > > > > > > >> +// @Session: [out] Session id > > > > > > >> +// @Ret: [out] Return value > > > > > > >> +// @RetOrigin [out] Origin of the return value > > > > > > >> +// > > > > > > >> +typedef struct { > > > > > > >> + UINT8 Uuid[OPTEE_UUID_LEN]; > > > > > > >> + UINT32 Session; > > > > > > >> + UINT32 Ret; > > > > > > >> + UINT32 RetOrigin; > > > > > > >> +} OPTEE_OPEN_SESSION_ARG; > > > > > > >> + > > > > > > >> +// > > > > > > >> +// struct OPTEE_INVOKE_FUNC_ARG - Invoke function > argument > > > > > > >> +// @Func: [in] Trusted Application function, specific to > > > > > > >> the > TA > > > > > > >> +// @Session: [in] Session id > > > > > > >> +// @Ret: [out] Return value > > > > > > >> +// @RetOrigin [out] Origin of the return value > > > > > > >> +// @Params [inout] Parameters for function to be invoked > > > > > > >> +// > > > > > > >> +typedef struct { > > > > > > >> + UINT32 Func; > > > > > > >> + UINT32 Session; > > > > > > >> + UINT32 Ret; > > > > > > >> + UINT32 RetOrigin; > > > > > > >> + OPTEE_MSG_PARAM Params[MAX_PARAMS]; > > > > > > >> +} OPTEE_INVOKE_FUNC_ARG; > > > > > > >> + > > > > > > >> BOOLEAN > > > > > > >> EFIAPI > > > > > > >> IsOpteePresent ( > > > > > > >> VOID > > > > > > >> ); > > > > > > >> > > > > > > >> +EFI_STATUS > > > > > > >> +EFIAPI > > > > > > >> +OpteeInit ( > > > > > > >> + VOID > > > > > > >> + ); > > > > > > >> + > > > > > > >> +EFI_STATUS > > > > > > >> +EFIAPI > > > > > > >> +OpteeOpenSession ( > > > > > > >> + IN OUT OPTEE_OPEN_SESSION_ARG *OpenSessionArg > > > > > > >> + ); > > > > > > >> + > > > > > > >> +EFI_STATUS > > > > > > >> +EFIAPI > > > > > > >> +OpteeCloseSession ( > > > > > > >> + IN UINT32 Session > > > > > > >> + ); > > > > > > >> + > > > > > > >> +EFI_STATUS > > > > > > >> +EFIAPI > > > > > > >> +OpteeInvokeFunc ( > > > > > > >> + IN OUT OPTEE_INVOKE_FUNC_ARG *InvokeFuncArg > > > > > > >> + ); > > > > > > >> + > > > > > > >> #endif > > > > > > >> diff --git a/ArmPkg/Library/OpteeLib/Optee.c > > > > > > >> b/ArmPkg/Library/OpteeLib/Optee.c index > > > > > > >> 574527f8b5ea..2111022d3662 > > > > > > >> 100644 > > > > > > >> --- a/ArmPkg/Library/OpteeLib/Optee.c > > > > > > >> +++ b/ArmPkg/Library/OpteeLib/Optee.c > > > > > > >> @@ -14,11 +14,19 @@ > > > > > > >> > > > > > > >> **/ > > > > > > >> > > > > > > >> +#include <Library/ArmMmuLib.h> > > > > > > >> #include <Library/ArmSmcLib.h> > > > > > > >> +#include <Library/BaseMemoryLib.h> > > > > > > >> #include <Library/BaseLib.h> > > > > > > >> +#include <Library/DebugLib.h> > > > > > > >> #include <Library/OpteeLib.h> > > > > > > >> > > > > > > >> #include <IndustryStandard/ArmStdSmc.h> > > > > > > >> +#include <IndustryStandard/GlobalPlatform.h> > > > > > > >> +#include <OpteeSmc.h> > > > > > > >> +#include <Uefi.h> > > > > > > >> + > > > > > > >> +STATIC OPTEE_SHARED_MEMORY_INFO OpteeShmInfo = { 0 }; > > > > > > >> > > > > > > >> /** > > > > > > >> Check for OP-TEE presence. > > > > > > >> @@ -31,6 +39,7 @@ IsOpteePresent ( { > > > > > > >> ARM_SMC_ARGS ArmSmcArgs; > > > > > > >> > > > > > > >> + ZeroMem (&ArmSmcArgs, sizeof (ARM_SMC_ARGS)); > > > > > > >> // Send a Trusted OS Calls UID command > > > > > > >> ArmSmcArgs.Arg0 = ARM_SMC_ID_TOS_UID; > > > > > > >> ArmCallSmc (&ArmSmcArgs); @@ -44,3 +53,352 @@ > > > > > > >> IsOpteePresent ( > > > > > > >> return FALSE; > > > > > > >> } > > > > > > >> } > > > > > > >> + > > > > > > >> +STATIC > > > > > > >> +EFI_STATUS > > > > > > >> +OpteeShmMemRemap ( > > > > > > >> + VOID > > > > > > >> + ) > > > > > > >> +{ > > > > > > >> + ARM_SMC_ARGS ArmSmcArgs; > > > > > > >> + EFI_PHYSICAL_ADDRESS Paddr; > > > > > > >> + EFI_PHYSICAL_ADDRESS Start; > > > > > > >> + EFI_PHYSICAL_ADDRESS End; > > > > > > >> + EFI_STATUS Status; > > > > > > >> + UINTN Size; > > > > > > >> + > > > > > > >> + ZeroMem (&ArmSmcArgs, sizeof (ARM_SMC_ARGS)); > > > > > > >> + ArmSmcArgs.Arg0 = OPTEE_SMC_GET_SHM_CONFIG; > > > > > > >> + > > > > > > >> + ArmCallSmc (&ArmSmcArgs); if (ArmSmcArgs.Arg0 != > > > > > > >> + OPTEE_SMC_RETURN_OK) { > > > > > > >> + DEBUG ((DEBUG_WARN, "OP-TEE shared memory not > supported\n")); > > > > > > >> + return EFI_UNSUPPORTED; } > > > > > > >> + > > > > > > >> + if (ArmSmcArgs.Arg3 != OPTEE_SMC_SHM_CACHED) { > > > > > > >> + DEBUG ((DEBUG_WARN, "OP-TEE: Only normal cached shared > > > > > > memory > > > > > > >> supported\n")); > > > > > > >> + return EFI_UNSUPPORTED; } > > > > > > >> + > > > > > > >> + Start = (ArmSmcArgs.Arg1 + SIZE_4KB - 1) & ~(SIZE_4KB - > > > > > > >> + 1); End = > > > > > > >> + (ArmSmcArgs.Arg1 + ArmSmcArgs.Arg2) & ~(SIZE_4KB - 1); > > > > > > >> + Paddr = Start; Size = End - Start; > > > > > > >> + > > > > > > >> + if (Size < SIZE_4KB) { > > > > > > >> + DEBUG ((DEBUG_WARN, "OP-TEE shared memory too > small\n")); > > > > > > >> + return EFI_BUFFER_TOO_SMALL; } > > > > > > >> + > > > > > > >> + Status = ArmSetMemoryAttributes (Paddr, Size, > > > > > > >> + EFI_MEMORY_WB); if (EFI_ERROR (Status)) { > > > > > > >> + return Status; > > > > > > >> + } > > > > > > >> + > > > > > > >> + OpteeShmInfo.Base = (UINTN)Paddr; OpteeShmInfo.Size = > > > > > > >> + Size; > > > > > > >> + > > > > > > >> + return EFI_SUCCESS; > > > > > > >> +} > > > > > > >> + > > > > > > >> +EFI_STATUS > > > > > > >> +EFIAPI > > > > > > >> +OpteeInit ( > > > > > > >> + VOID > > > > > > >> + ) > > > > > > >> +{ > > > > > > >> + EFI_STATUS Status; > > > > > > >> + > > > > > > >> + if (!IsOpteePresent ()) { > > > > > > >> + DEBUG ((DEBUG_WARN, "OP-TEE not present\n")); > > > > > > >> + return EFI_UNSUPPORTED; } > > > > > > >> + > > > > > > >> + Status = OpteeShmMemRemap (); if (EFI_ERROR (Status)) { > > > > > > >> + DEBUG ((DEBUG_WARN, "OP-TEE shared memory remap > failed\n")); > > > > > > >> + return Status; > > > > > > >> + } > > > > > > >> + > > > > > > >> + return EFI_SUCCESS; > > > > > > >> +} > > > > > > >> + > > > > > > >> +/** > > > > > > >> + Does Standard SMC to OP-TEE in secure world. > > > > > > >> + > > > > > > >> + @param[in] Parg Physical address of message to pass to > secure world > > > > > > >> + > > > > > > >> + @return 0 on success, secure world return code > otherwise > > > > > > >> + > > > > > > >> +**/ > > > > > > >> +STATIC > > > > > > >> +UINT32 > > > > > > >> +OpteeCallWithArg ( > > > > > > >> + IN EFI_PHYSICAL_ADDRESS Parg > > > > > > >> + ) > > > > > > >> +{ > > > > > > >> + ARM_SMC_ARGS ArmSmcArgs; > > > > > > >> + > > > > > > >> + ZeroMem (&ArmSmcArgs, sizeof (ARM_SMC_ARGS)); > > > > > > >> + ArmSmcArgs.Arg0 = OPTEE_SMC_CALL_WITH_ARG; > > > > > > >> + ArmSmcArgs.Arg1 = (UINT32)(Parg >> 32); > > > > > > >> + ArmSmcArgs.Arg2 = (UINT32)Parg; > > > > > > >> + > > > > > > >> + while (TRUE) { > > > > > > >> + ArmCallSmc (&ArmSmcArgs); > > > > > > >> + > > > > > > >> + if (ArmSmcArgs.Arg0 == > OPTEE_SMC_RETURN_RPC_FOREIGN_INTR) { > > > > > > >> + // > > > > > > >> + // A foreign interrupt was raised while secure world was > > > > > > >> + // executing, since they are handled in UEFI a dummy RPC > > > > > > >> is > > > > > > >> + // performed to let UEFI take the interrupt through the > normal > > > > > > >> + // vector. > > > > > > >> + // > > > > > > >> + ArmSmcArgs.Arg0 = OPTEE_SMC_RETURN_FROM_RPC; > > > > > > >> + } else { > > > > > > >> + break; > > > > > > >> + } > > > > > > >> + } > > > > > > >> + > > > > > > >> + return ArmSmcArgs.Arg0; > > > > > > >> +} > > > > > > >> + > > > > > > >> +EFI_STATUS > > > > > > >> +EFIAPI > > > > > > >> +OpteeOpenSession ( > > > > > > >> + IN OUT OPTEE_OPEN_SESSION_ARG *OpenSessionArg > > > > > > >> + ) > > > > > > >> +{ > > > > > > >> + OPTEE_MSG_ARG *MsgArg; > > > > > > >> + > > > > > > >> + MsgArg = NULL; > > > > > > >> + > > > > > > >> + if (OpteeShmInfo.Base == 0) { > > > > > > >> + DEBUG ((DEBUG_WARN, "OP-TEE not initialized\n")); > > > > > > >> + return EFI_NOT_STARTED; } > > > > > > >> + > > > > > > >> + MsgArg = (OPTEE_MSG_ARG *)OpteeShmInfo.Base; ZeroMem > > > > > > >> + (MsgArg, > > > > > > >> sizeof > > > > > > >> + (OPTEE_MSG_ARG)); > > > > > > >> + > > > > > > >> + MsgArg->Cmd = OPTEE_MSG_CMD_OPEN_SESSION; > > > > > > >> + > > > > > > >> + // > > > > > > >> + // Initialize and add the meta parameters needed when > > > > > > >> + opening a // session. > > > > > > >> + // > > > > > > >> + MsgArg->Params[0].Attr = > OPTEE_MSG_ATTR_TYPE_VALUE_INPUT | > > > > > > >> + OPTEE_MSG_ATTR_META; > > > > > > >> + MsgArg->Params[1].Attr = > OPTEE_MSG_ATTR_TYPE_VALUE_INPUT > > > > > > >> + MsgArg->| > > > > > > >> + OPTEE_MSG_ATTR_META; CopyMem > > > > > > >> + (&MsgArg->Params[0].U.Value, OpenSessionArg->Uuid, > > > > > > OPTEE_UUID_LEN); > > > > > > >> + ZeroMem (&MsgArg->Params[1].U.Value, OPTEE_UUID_LEN); > > > > > > >> + MsgArg->Params[1].U.Value.C = TEE_LOGIN_PUBLIC; > > > > > > >> + > > > > > > >> + MsgArg->NumParams = 2; > > > > > > >> + > > > > > > >> + if (OpteeCallWithArg ((EFI_PHYSICAL_ADDRESS)MsgArg)) { > > > > > > >> + MsgArg->Ret = TEEC_ERROR_COMMUNICATION; > > > > > > >> + MsgArg->RetOrigin = TEEC_ORIGIN_COMMS; } > > > > > > >> + > > > > > > >> + OpenSessionArg->Session = MsgArg->Session; > > > > > > >> + OpenSessionArg->Ret = > > > > > > >> + MsgArg->Ret; OpenSessionArg->RetOrigin = > > > > > > >> + MsgArg->MsgArg->RetOrigin; > > > > > > >> + > > > > > > >> + return EFI_SUCCESS; > > > > > > >> +} > > > > > > >> + > > > > > > >> +EFI_STATUS > > > > > > >> +EFIAPI > > > > > > >> +OpteeCloseSession ( > > > > > > >> + IN UINT32 Session > > > > > > >> + ) > > > > > > >> +{ > > > > > > >> + OPTEE_MSG_ARG *MsgArg; > > > > > > >> + > > > > > > >> + MsgArg = NULL; > > > > > > >> + > > > > > > >> + if (OpteeShmInfo.Base == 0) { > > > > > > >> + DEBUG ((DEBUG_WARN, "OP-TEE not initialized\n")); > > > > > > >> + return EFI_NOT_STARTED; } > > > > > > >> + > > > > > > >> + MsgArg = (OPTEE_MSG_ARG *)OpteeShmInfo.Base; ZeroMem > > > > > > >> + (MsgArg, > > > > > > >> sizeof > > > > > > >> + (OPTEE_MSG_ARG)); > > > > > > >> + > > > > > > >> + MsgArg->Cmd = OPTEE_MSG_CMD_CLOSE_SESSION; > > > > > > >> + MsgArg->Session > > > > > > = > > > > > > >> + Session; > > > > > > >> + > > > > > > >> + OpteeCallWithArg ((EFI_PHYSICAL_ADDRESS)MsgArg); > > > > > > >> + > > > > > > >> + return EFI_SUCCESS; > > > > > > >> +} > > > > > > >> + > > > > > > >> +STATIC > > > > > > >> +EFI_STATUS > > > > > > >> +OpteeToMsgParam ( > > > > > > >> + OUT OPTEE_MSG_PARAM *MsgParams, > > > > > > >> + IN UINT32 NumParams, > > > > > > >> + IN OPTEE_MSG_PARAM *InParams > > > > > > >> + ) > > > > > > >> +{ > > > > > > >> + UINT32 Idx; > > > > > > >> + UINTN ParamShmAddr; > > > > > > >> + UINTN ShmSize; > > > > > > >> + UINTN Size; > > > > > > >> + > > > > > > >> + Size = (sizeof (OPTEE_MSG_ARG) + sizeof (UINT64) - 1) & > > > > > > >> + ~(sizeof > > > > > > >> + (UINT64) - 1); ParamShmAddr = OpteeShmInfo.Base + Size; > > > > > > >> + ShmSize = OpteeShmInfo.Size - Size; > > > > > > >> + > > > > > > >> + for (Idx = 0; Idx < NumParams; Idx++) { > > > > > > >> + CONST OPTEE_MSG_PARAM *Ip; > > > > > > >> + OPTEE_MSG_PARAM *Mp; > > > > > > >> + UINT32 Attr; > > > > > > >> + > > > > > > >> + Ip = InParams + Idx; > > > > > > >> + Mp = MsgParams + Idx; > > > > > > >> + Attr = Ip->Attr & OPTEE_MSG_ATTR_TYPE_MASK; > > > > > > >> + > > > > > > >> + switch (Attr) { > > > > > > >> + case OPTEE_MSG_ATTR_TYPE_NONE: > > > > > > >> + Mp->Attr = OPTEE_MSG_ATTR_TYPE_NONE; > > > > > > >> + ZeroMem (&Mp->U, sizeof (Mp->U)); > > > > > > >> + break; > > > > > > >> + > > > > > > >> + case OPTEE_MSG_ATTR_TYPE_VALUE_INPUT: > > > > > > >> + case OPTEE_MSG_ATTR_TYPE_VALUE_OUTPUT: > > > > > > >> + case OPTEE_MSG_ATTR_TYPE_VALUE_INOUT: > > > > > > >> + Mp->Attr = Attr; > > > > > > >> + Mp->U.Value.A = Ip->U.Value.A; > > > > > > >> + Mp->U.Value.B = Ip->U.Value.B; > > > > > > >> + Mp->U.Value.C = Ip->U.Value.C; > > > > > > >> + break; > > > > > > >> + > > > > > > >> + case OPTEE_MSG_ATTR_TYPE_MEM_INPUT: > > > > > > >> + case OPTEE_MSG_ATTR_TYPE_MEM_OUTPUT: > > > > > > >> + case OPTEE_MSG_ATTR_TYPE_MEM_INOUT: > > > > > > >> + Mp->Attr = Attr; > > > > > > >> + > > > > > > >> + if (Ip->U.Mem.Size > ShmSize) { > > > > > > >> + return EFI_OUT_OF_RESOURCES; > > > > > > >> + } > > > > > > >> + > > > > > > >> + CopyMem ((VOID *)ParamShmAddr, (VOID > > > > > > >> + *)Ip->U.Mem.BufPtr, Ip- > > > > > > >> >U.Mem.Size); > > > > > > >> + Mp->U.Mem.BufPtr = (UINT64)ParamShmAddr; > > > > > > >> + Mp->U.Mem.Size = Ip->U.Mem.Size; > > > > > > >> + > > > > > > >> + Size = (Ip->U.Mem.Size + sizeof (UINT64) - 1) & ~(sizeof > (UINT64) - 1); > > > > > > >> + ParamShmAddr += Size; > > > > > > >> + ShmSize -= Size; > > > > > > >> + break; > > > > > > >> + > > > > > > >> + default: > > > > > > >> + return EFI_INVALID_PARAMETER; > > > > > > >> + } > > > > > > >> + } > > > > > > >> + > > > > > > >> + return EFI_SUCCESS; > > > > > > >> +} > > > > > > >> + > > > > > > >> +STATIC > > > > > > >> +EFI_STATUS > > > > > > >> +OpteeFromMsgParam ( > > > > > > >> + OUT OPTEE_MSG_PARAM *OutParams, > > > > > > >> + IN UINT32 NumParams, > > > > > > >> + IN OPTEE_MSG_PARAM *MsgParams > > > > > > >> + ) > > > > > > >> +{ > > > > > > >> + UINT32 Idx; > > > > > > >> + > > > > > > >> + for (Idx = 0; Idx < NumParams; Idx++) { > > > > > > >> + OPTEE_MSG_PARAM *Op; > > > > > > >> + CONST OPTEE_MSG_PARAM *Mp; > > > > > > >> + UINT32 Attr; > > > > > > >> + > > > > > > >> + Op = OutParams + Idx; > > > > > > >> + Mp = MsgParams + Idx; > > > > > > >> + Attr = Mp->Attr & OPTEE_MSG_ATTR_TYPE_MASK; > > > > > > >> + > > > > > > >> + switch (Attr) { > > > > > > >> + case OPTEE_MSG_ATTR_TYPE_NONE: > > > > > > >> + Op->Attr = OPTEE_MSG_ATTR_TYPE_NONE; > > > > > > >> + ZeroMem (&Op->U, sizeof (Op->U)); > > > > > > >> + break; > > > > > > >> + > > > > > > >> + case OPTEE_MSG_ATTR_TYPE_VALUE_INPUT: > > > > > > >> + case OPTEE_MSG_ATTR_TYPE_VALUE_OUTPUT: > > > > > > >> + case OPTEE_MSG_ATTR_TYPE_VALUE_INOUT: > > > > > > >> + Op->Attr = Attr; > > > > > > >> + Op->U.Value.A = Mp->U.Value.A; > > > > > > >> + Op->U.Value.B = Mp->U.Value.B; > > > > > > >> + Op->U.Value.C = Mp->U.Value.C; > > > > > > >> + break; > > > > > > >> + > > > > > > >> + case OPTEE_MSG_ATTR_TYPE_MEM_INPUT: > > > > > > >> + case OPTEE_MSG_ATTR_TYPE_MEM_OUTPUT: > > > > > > >> + case OPTEE_MSG_ATTR_TYPE_MEM_INOUT: > > > > > > >> + Op->Attr = Attr; > > > > > > >> + > > > > > > >> + if (Mp->U.Mem.Size > Op->U.Mem.Size) { > > > > > > >> + return EFI_BAD_BUFFER_SIZE; > > > > > > >> + } > > > > > > >> + > > > > > > >> + CopyMem ((VOID *)Op->U.Mem.BufPtr, (VOID > > > > > > >> + *)Mp->U.Mem.BufPtr, > > > > > > >> Mp->U.Mem.Size); > > > > > > >> + Op->U.Mem.Size = Mp->U.Mem.Size; > > > > > > >> + break; > > > > > > >> + > > > > > > >> + default: > > > > > > >> + return EFI_INVALID_PARAMETER; > > > > > > >> + } > > > > > > >> + } > > > > > > >> + > > > > > > >> + return EFI_SUCCESS; > > > > > > >> +} > > > > > > >> + > > > > > > >> +EFI_STATUS > > > > > > >> +EFIAPI > > > > > > >> +OpteeInvokeFunc ( > > > > > > >> + IN OUT OPTEE_INVOKE_FUNC_ARG *InvokeFuncArg > > > > > > >> + ) > > > > > > >> +{ > > > > > > >> + EFI_STATUS Status; > > > > > > >> + OPTEE_MSG_ARG *MsgArg; > > > > > > >> + > > > > > > >> + MsgArg = NULL; > > > > > > >> + > > > > > > >> + if (OpteeShmInfo.Base == 0) { > > > > > > >> + DEBUG ((DEBUG_WARN, "OP-TEE not initialized\n")); > > > > > > >> + return EFI_NOT_STARTED; } > > > > > > >> + > > > > > > >> + MsgArg = (OPTEE_MSG_ARG *)OpteeShmInfo.Base; ZeroMem > > > > > > >> + (MsgArg, > > > > > > >> sizeof > > > > > > >> + (OPTEE_MSG_ARG)); > > > > > > >> + > > > > > > >> + MsgArg->Cmd = OPTEE_MSG_CMD_INVOKE_COMMAND; > MsgArg- > > > > > > >Func = > > > > > > >> + InvokeFuncArg->Func; MsgArg->Session = > > > > > > >> + InvokeFuncArg->InvokeFuncArg->Session; > > > > > > >> + > > > > > > >> + Status = OpteeToMsgParam (MsgArg->Params, MAX_PARAMS, > > > > > > >> + InvokeFuncArg->Params); if (Status) > > > > > > >> + return Status; > > > > > > >> + > > > > > > >> + MsgArg->NumParams = MAX_PARAMS; > > > > > > >> + > > > > > > >> + if (OpteeCallWithArg ((EFI_PHYSICAL_ADDRESS)MsgArg)) { > > > > > > >> + MsgArg->Ret = TEEC_ERROR_COMMUNICATION; > > > > > > >> + MsgArg->RetOrigin = TEEC_ORIGIN_COMMS; } > > > > > > >> + > > > > > > >> + if (OpteeFromMsgParam (InvokeFuncArg->Params, > > > > > > >> + MAX_PARAMS, > > > > > > >> MsgArg->Params)) { > > > > > > >> + MsgArg->Ret = TEEC_ERROR_COMMUNICATION; > > > > > > >> + MsgArg->RetOrigin = TEEC_ORIGIN_COMMS; } > > > > > > >> + > > > > > > >> + InvokeFuncArg->Ret = MsgArg->Ret; > > > > > > >> + InvokeFuncArg->RetOrigin = > > > > > > >> + MsgArg->RetOrigin; > > > > > > >> + > > > > > > >> + return EFI_SUCCESS; > > > > > > >> +} > > > > > > >> diff --git a/ArmPkg/Library/OpteeLib/OpteeLib.inf > > > > > > >> b/ArmPkg/Library/OpteeLib/OpteeLib.inf > > > > > > >> index 5abd427379cc..e03054a7167d 100644 > > > > > > >> --- a/ArmPkg/Library/OpteeLib/OpteeLib.inf > > > > > > >> +++ b/ArmPkg/Library/OpteeLib/OpteeLib.inf > > > > > > >> @@ -23,11 +23,13 @@ [Defines] > > > > > > >> > > > > > > >> [Sources] > > > > > > >> Optee.c > > > > > > >> + OpteeSmc.h > > > > > > >> > > > > > > >> [Packages] > > > > > > >> ArmPkg/ArmPkg.dec > > > > > > >> MdePkg/MdePkg.dec > > > > > > >> > > > > > > >> [LibraryClasses] > > > > > > >> + ArmMmuLib > > > > > > >> ArmSmcLib > > > > > > >> BaseLib > > > > > > >> diff --git a/ArmPkg/Library/OpteeLib/OpteeSmc.h > > > > > > >> b/ArmPkg/Library/OpteeLib/OpteeSmc.h > > > > > > >> new file mode 100644 > > > > > > >> index 000000000000..e2ea35784a0a > > > > > > >> --- /dev/null > > > > > > >> +++ b/ArmPkg/Library/OpteeLib/OpteeSmc.h > > > > > > >> @@ -0,0 +1,43 @@ > > > > > > >> +/** @file > > > > > > >> + OP-TEE SMC header file. > > > > > > >> + > > > > > > >> + Copyright (c) 2018, Linaro Ltd. All rights reserved.<BR> > > > > > > >> + > > > > > > >> + This program and the accompanying materials are > > > > > > >> + licensed and made available under the terms and > > > > > > >> + conditions of the BSD License which accompanies this > > > > > > >> + distribution. The full text of the license may be found > > > > > > >> + at > > > > > > >> + > > > > > > >> + > > > > > > >> > > > > > > https://emea01.safelinks.protection.outlook.com/?url=http%3A%2 > > > > > > F%2Fope > > > > > > >> n > > > > > > >> + source.org%2Flicenses%2Fbsd- > > > > > > >> license.php&data=02%7C01%7Cudit.kumar% > > > > > > >> + > > > > > > >> > > > > > > > 40nxp.com%7Ce95635d0c3c74edbf79808d609a30c7b%7C686ea1d3bc2b4c6 > > > > > > f > > > > > > >> a92cd99 > > > > > > >> + > > > > > > >> > > > > > > > c5c301635%7C0%7C0%7C636706993250535371&sdata=pyZF9Ku3qEpp > > > > > > >> OOKCyshbg > > > > > > >> + 9oCT4P6AwM2olKY3%2B2ImWs%3D&reserved=0 > > > > > > >> + > > > > > > >> + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON > AN "AS IS" > > > > > > >> BASIS, > > > > > > >> + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, > EITHER > > > > > > >> EXPRESS OR IMPLIED. > > > > > > >> + > > > > > > >> +**/ > > > > > > >> + > > > > > > >> +#ifndef _OPTEE_SMC_H_ > > > > > > >> +#define _OPTEE_SMC_H_ > > > > > > >> + > > > > > > >> +/* Returned in Arg0 only from Trusted OS functions */ > > > > > > >> +#define OPTEE_SMC_RETURN_OK 0x0 > > > > > > >> + > > > > > > >> +#define OPTEE_SMC_RETURN_FROM_RPC 0x32000003 > > > > > > >> +#define OPTEE_SMC_CALL_WITH_ARG 0x32000004 > > > > > > >> +#define OPTEE_SMC_GET_SHM_CONFIG 0xb2000007 > > > > > > >> + > > > > > > >> +#define OPTEE_SMC_SHM_CACHED 1 > > > > > > >> + > > > > > > >> +#define OPTEE_SMC_RETURN_RPC_FOREIGN_INTR > 0xffff0004 > > > > > > >> + > > > > > > >> +#define OPTEE_MSG_CMD_OPEN_SESSION 0 > > > > > > >> +#define OPTEE_MSG_CMD_INVOKE_COMMAND 1 > > > > > > >> +#define OPTEE_MSG_CMD_CLOSE_SESSION 2 > > > > > > >> + > > > > > > >> +#define OPTEE_MSG_ATTR_META 0x100 > > > > > > >> + > > > > > > >> +#define TEE_LOGIN_PUBLIC 0x0 > > > > > > >> + > > > > > > >> +typedef struct { > > > > > > >> + UINTN Base; > > > > > > >> + UINTN Size; > > > > > > >> +} OPTEE_SHARED_MEMORY_INFO; > > > > > > >> + > > > > > > >> +#endif > > > > > > >> diff --git a/ArmPkg/Include/Library/OpteeLib.h > > > > > > >> b/MdePkg/Include/IndustryStandard/GlobalPlatform.h > > > > > > >> similarity index 53% > > > > > > >> copy from ArmPkg/Include/Library/OpteeLib.h copy to > > > > > > >> MdePkg/Include/IndustryStandard/GlobalPlatform.h > > > > > > >> index f65d8674d9b8..14c621d89971 100644 > > > > > > >> --- a/ArmPkg/Include/Library/OpteeLib.h > > > > > > >> +++ b/MdePkg/Include/IndustryStandard/GlobalPlatform.h > > > > > > >> @@ -1,34 +1,26 @@ > > > > > > >> -/** @file > > > > > > >> - OP-TEE specific header file. > > > > > > >> - > > > > > > >> - Copyright (c) 2018, Linaro Ltd. All rights reserved.<BR> > > > > > > >> - > > > > > > >> - This program and the accompanying materials > > > > > > >> - are licensed and made available under the terms and > > > > > > >> conditions of the BSD License > > > > > > >> - which accompanies this distribution. The full text of > > > > > > >> the license may be found at > > > > > > >> - > > > > > > >> > > > > > > https://emea01.safelinks.protection.outlook.com/?url=http%3A%2 > > > > > > F%2Fope > > > > > > >> nsource.org%2Flicenses%2Fbsd- > > > > > > >> > > > > > > > license.php&data=02%7C01%7Cudit.kumar%40nxp.com%7Ce95635d0 > > > > > > c > > > > > > >> > > > > > > > 3c74edbf79808d609a30c7b%7C686ea1d3bc2b4c6fa92cd99c5c301635%7C0 > > > > > > % > > > > > > >> > > > > > > > 7C0%7C636706993250535371&sdata=pyZF9Ku3qEppOOKCyshbg9oCT4 > > > > > > >> P6AwM2olKY3%2B2ImWs%3D&reserved=0 > > > > > > >> - > > > > > > >> - THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON > AN "AS IS" > > > > > > >> BASIS, > > > > > > >> - WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, > > > > > > >> EITHER > > > > > > EXPRESS > > > > > > >> OR IMPLIED. > > > > > > >> - > > > > > > >> -**/ > > > > > > >> - > > > > > > >> -#ifndef _OPTEE_H_ > > > > > > >> -#define _OPTEE_H_ > > > > > > >> - > > > > > > >> -/* > > > > > > >> - * The 'Trusted OS Call UID' is supposed to return the > > > > > > >> following UUID for > > > > > > >> - * OP-TEE OS. This is a 128-bit value. > > > > > > >> - */ > > > > > > >> -#define OPTEE_OS_UID0 0x384fb3e0 > > > > > > >> -#define OPTEE_OS_UID1 0xe7f811e3 > > > > > > >> -#define OPTEE_OS_UID2 0xaf630002 > > > > > > >> -#define OPTEE_OS_UID3 0xa5d5c51b > > > > > > >> - > > > > > > >> -BOOLEAN > > > > > > >> -EFIAPI > > > > > > >> -IsOpteePresent ( > > > > > > >> - VOID > > > > > > >> - ); > > > > > > >> - > > > > > > >> -#endif > > > > > > >> +/** @file > > > > > > >> + Standardized Global Platform header file. > > > > > > >> + > > > > > > >> + Copyright (c) 2018, Linaro Ltd. All rights reserved.<BR> > > > > > > >> + > > > > > > >> + This program and the accompanying materials are > > > > > > >> + licensed and made available under the terms and > > > > > > >> + conditions of the BSD License which accompanies this > > > > > > >> + distribution. The full text of the license may be found > > > > > > >> + at > > > > > > >> + > > > > > > >> + > > > > > > >> > > > > > > https://emea01.safelinks.protection.outlook.com/?url=http%3A%2 > > > > > > F%2Fope > > > > > > >> n > > > > > > >> + source.org%2Flicenses%2Fbsd- > > > > > > >> license.php&data=02%7C01%7Cudit.kumar% > > > > > > >> + > > > > > > >> > > > > > > > 40nxp.com%7Ce95635d0c3c74edbf79808d609a30c7b%7C686ea1d3bc2b4c6 > > > > > > f > > > > > > >> a92cd99 > > > > > > >> + > > > > > > >> > > > > > > > c5c301635%7C0%7C0%7C636706993250535371&sdata=pyZF9Ku3qEpp > > > > > > >> OOKCyshbg > > > > > > >> + 9oCT4P6AwM2olKY3%2B2ImWs%3D&reserved=0 > > > > > > >> + > > > > > > >> + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON > AN "AS IS" > > > > > > >> BASIS, > > > > > > >> + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, > EITHER > > > > > > >> EXPRESS OR IMPLIED. > > > > > > >> + > > > > > > >> +**/ > > > > > > >> + > > > > > > >> +#ifndef _GLOBAL_PLATFORM_H_ #define > _GLOBAL_PLATFORM_H_ > > > > > > >> + > > > > > > >> +#define TEEC_ORIGIN_COMMS 0x00000002 > > > > > > >> + > > > > > > >> +#define TEEC_SUCCESS 0x00000000 > > > > > > >> +#define TEEC_ERROR_BAD_PARAMETERS 0xFFFF0006 > > > > > > >> +#define TEEC_ERROR_COMMUNICATION 0xFFFF000E > > > > > > >> +#define TEEC_ERROR_OUT_OF_MEMORY 0xFFFF000C > > > > > > >> + > > > > > > >> +#endif > > > > > > >> -- > > > > > > >> 2.7.4 > > > > > > >> > > > > > > >> _______________________________________________ > > > > > > >> edk2-devel mailing list > > > > > > >> edk2-devel@lists.01.org > > > > > > >> > > > > > > https://emea01.safelinks.protection.outlook.com/?url=https%3A% > > > > > > 2F%2Fli > > > > > > >> st > > > > > > >> s.01.org%2Fmailman%2Flistinfo%2Fedk2- > > > > > > >> > > > > > > > devel&data=02%7C01%7Cudit.kumar%40nxp.com%7Ce95635d0c3c74e > > > > > > >> > > > > > > > dbf79808d609a30c7b%7C686ea1d3bc2b4c6fa92cd99c5c301635%7C0%7C0% > > > > > > >> > > > > > > > 7C636706993250535371&sdata=msA6jGRAkpWoQ33VsDfbWqgGcIMTP > > > > > > >> u%2Fhcds3j9aDPnU%3D&reserved=0 > > > > > > > _______________________________________________ > > > > > > > edk2-devel mailing list > > > > > > > edk2-devel@lists.01.org > > > > > > > > > > > > > https://emea01.safelinks.protection.outlook.com/?url=https%3A% > > > > > > 2F%2Flis > > > > > > > ts.01.org%2Fmailman%2Flistinfo%2Fedk2- > > > > > > devel&data=02%7C01%7Cudit.ku > > > > > > > > > > > > > > mar%40nxp.com%7C5311c5dc22d54095d79d08d609e7fbf5%7C686ea1d3bc2 > > > > > > b4c6fa92 > > > > > > > > > > > > > > cd99c5c301635%7C0%7C0%7C636707289305519903&sdata=dwLUq8j9f > > > > > > 9rxeb37V > > > > > > > 8fGZKoiWh1TNBnhVFqnuF5oN3g%3D&reserved=0 > > > > IMPORTANT NOTICE: The contents of this email and any attachments > are confidential and may also be privileged. If you are not the intended > recipient, please notify the sender immediately and do not disclose the > contents to any other person, use it for any purpose, or store or copy the > information in any medium. Thank you. _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel