Hi Bhupesh, On Wed, 29 Aug 2018 at 11:11, Bhupesh Sharma <bhsha...@redhat.com> wrote: > > Hi Sumit, > > On Tue, Aug 28, 2018 at 10:04 PM, Sumit Garg <sumit.g...@linaro.org> wrote: > > Hi Achin, > > > > On Tue, 28 Aug 2018 at 18:38, Achin Gupta <achin.gu...@arm.com> wrote: > >> > >> Hi Sumit, > >> > >> Apologies for not replying sooner. Some questions and thoughts inline. > >> > >> On Mon, Aug 27, 2018 at 03:28:52PM +0530, Sumit Garg wrote: > >> > On Fri, 24 Aug 2018 at 23:33, Matteo Carlini <matteo.carl...@arm.com> > >> > wrote: > >> > > > >> > > +Achin > >> > > > >> > > SPD (for OP-TEE and other Trusted-OSes payloads running at S-EL1) and > >> > > SPM (for Secure Partitions at S-EL0) are currently mutually exclusive > >> > > into Trusted Firmware-A codebase. > >> > > > >> > > In other words, you cannot turn them on in parallel and execute both a > >> > > S-EL1 Trusted OS AND (one or many) S-EL0 Secure Partitions in the > >> > > Secure World with the current Software Architecture. > >> > > > >> > > >> > IIUC, currently BL32 image is common in Trusted Firmware-A code-base. > >> > If we turn on SPD then BL32=<trusted-os image> else if we turn on SPM > >> > then BL32=<SPM S-EL0 image>, correct? > >> > >> Yes! BL32 is a TOS image if SPD is enabled. It is a S-EL0 Standalone MM > >> Secure > >> partition image if SPM is enabled. > >> > >> > > >> > But I think SMC calling conventions (SMC Calling Convention [1] and > >> > Management Mode Interface Specification [2]) doesn't put any such > >> > restrictions as SMC function IDs are totally separate. > >> > >> Yes, this was an implementation choice to ensure that either a S-EL1 > >> payload > >> (Trusted OS) or a S-EL0 payload (MM SP) could be included in an Arm TF > >> build but > >> not both. > >> > >> > > >> > > Achin and other Arm architects are trying to figure out a way for > >> > > solving this problem without the need for a v8.4 Secure-EL2 > >> > > Hypervisor, obviously without leveraging the isolation benefits of it > >> > > (see also [1]). > >> > > > >> > > >> > Agree we won't be having isolation benefits which provides added level > >> > of Security. > >> > > >> > > But Ard is right: there could be use-cases to ship UEFI systems with > >> > > OP-TEE and TAs on top...and this should still be currently possible > >> > > using the SPD dispatcher into TF-A. I've not looked deeply into this > >> > > patch, but it doesn’t seem to contradict the above Sw architecture. > >> > > > >> > > The question would be: would you foresee the need for running one (or > >> > > many) other (UEFI/EDK2-based) Secure Services in the Secure World into > >> > > a Secure Partition (using the StandaloneMmPkg) *together* with OP-TEE? > >> > > > >> > > >> > As per following quote from Management Mode Interface Specification [2]: > >> > > >> > "Management Mode (MM) provides an environment for implementing OS > >> > agnostic services (MM services) like RAS error handling, secure > >> > variable storage, and firmware updates in system firmware. The > >> > services can be invoked synchronously and asynchronously." > >> > > >> > It seems that MM mode is designed for more robust and platform > >> > specific services whereas OP-TEE (or any trusted OS) use-cases seem to > >> > be more complex like Entropy pool (RNG as in our case), DRM (could be > >> > valid use-case for Android TV or Chromebook), keymaster or keystore > >> > (for Edge devices) etc. > >> > >> It really depends upon the secure sw stack, use case and the requirements. > >> MM > >> interface specification specifies a blocking SMC (MM_COMMUNICATE) to > >> access a > >> secure service implemented in S-EL0. > >> > >> In the UEFI/PI/EDK2 context, MM drivers are used to satisfy a variety of > >> use > >> cases during boot through the EFI_MM_COMMUNICATION_PROTOCOL (the bad press > >> of > >> SMM aside!). MM_COMMUNICATE SMC provides a channel into the secure world > >> to the > >> backend of this protocol on Arm systems. So any service accessible through > >> this > >> protocol could be implemented on Arm systems in a MM SP. > >> > >> IIUC, in your case there is OP-TEE and firmware in the secure world. > >> OP-TEE has > >> a static TA that provides the random data service and you want to leverage > >> it at > >> boot time? Ditto for other services? > > > > Correct, actually we tried to create OP-TEE static (pseudo) TA that > > provides RNG service using thermal sensor noise and secure timer > > interrupts (FIQs) to fill entropy pool. Using this service via OP-TEE > > library in UEFI (subset in terms of functionality as compared to > > OP-TEE kernel driver) for features like KASLR etc. > > Commenting on this from a distribution p-o-v, we have arn64 boards > available which have good entropy sources available but do not support > EFI_RNG_PROTOCOL as they would not like the EFI firmware running in > EL2 mode to use the secure entropy sources (which should be touched > only by secure EL3 or EL1 softwares). > > In such cases, we are not able to support KASLR linux boot on such > boards as there is basically no EFI_RNG_PROTOCOL support (see [1]). > Ofcourse we can ask them to plug-in usb keys (Ard has a driver > available for the Chaos Usb Key, see [2]) to help generate the random > entropy for us, but it is not always possible in a production > environment. Using on-board entropy sources (if available), is the > best possible alternative there. > > We rely on using NS-EL0 user-space calls like linux's getrandom() to > get entropy from the random pool if required in he linux user-space, > but these implementation have their own limitations (see [3] and [4]), > so may be on arm64 systems which support secure partitions/trusted-os > we can had over these getrandom() calls to OPTEE-TAs which can get the > entropy value from the secure sources as well.
Following is brief description regarding RNG implementation we have: 1. Boot time: Support for EFI_RNG_PROTOCOL using this OP-TEE Library to access RNG service. Using EFI_RNG_PROTOCOL to provide kaslr-seed and initial seed for kernel entropy pool. 2. Run time: In Linux we tried to emulate "hw_random" char driver (/dev/hwrng) using kernel TEE internal client interface [1] to access RNG service. Using /dev/hwrng, we added entropy to kernel entropy pools (/dev/random) which could be used by Linux user-space via getrandom() system calls. I hope above implementation suffices your use-case too. BTW, we do have a session regarding this at Linaro Connect [2]. [1] https://patchwork.kernel.org/patch/10513611/ [2] https://yvr18.pathable.com/meetings/740437 Regards, Sumit > > [1] https://www.spinics.net/lists/arm-kernel/msg640435.html > [2] https://www.spinics.net/lists/arm-kernel/msg640437.html > [3] https://www.mail-archive.com/kexec@lists.infradead.org/msg19586.html > [4] https://access.redhat.com/security/cve/cve-2018-1108 > > Thanks, > Bhupesh > > >> So you do not really need an MM partition > >> running alongside OP-TEE? > >> > > > >> So you do not really need an MM partition > >> running alongside OP-TEE? > >> > > > > Agree that most of secure services can be implemented as static > > (pseudo) TAs. But if I think about services like RAS error handling > > and firmware updates. Is Trusted OS (OP-TEE or any third party OS) an > > appropriate place to implement these platform specific services? > > > >> In any case, what we are working on is to define a set of standard SMC > >> interfaces that can be used to talk to a secure service in a payload in > >> S-EL1 or > >> S-EL0. This standard ABI will avoid the need to use payload specific SMCs > >> in the > >> normal world e.g. OP-TEE specific SMCs. > >> > > > > It would be nice to have such standard ABI. > > > >> Side topic! Do you foresee a usecase for DRM through UEFI during boot? > >> Would it > >> work in the absence of RPC support in the Optee Library? IIUC, at runtime, > >> DRM > >> traffic will be routed through the OP-TEE driver in the OS instead of UEFI > >> since > >> there is no UEFI runtime service interface to do DRM? > >> > > > > Correct, I don't foresee DRM use-case during UEFI boot. Actually by > > DRM use-case I mean to say via OP-TEE driver in OS only. Earlier I was > > trying to list use-cases of OP-TEE on devices using UEFI as a > > boot-loader. > > > > Regards, > > Sumit > > > >> > > >> > So it looks like they complement each other and we will have more > >> > robustness once we migrate to v8.4 Secure-EL2 Hypervisor for isolation > >> > support. > >> > >> In a way yes! The robustness bit is not really related to the interface > >> used to > >> access as service. > >> > >> > > >> > Please feel free to correct me if I missed something. > >> > >> Hope this makes sense. > >> > >> cheers, > >> Achin > >> > >> > > >> > Regards, > >> > Sumit > >> > > >> > [1] > >> > http://infocenter.arm.com/help/topic/com.arm.doc.den0028b/ARM_DEN0028B_SMC_Calling_Convention.pdf > >> > [2] > >> > http://infocenter.arm.com/help/topic/com.arm.doc.den0060a/DEN0060A_ARM_MM_Interface_Specification.pdf > >> > > >> > > Thanks > >> > > Matteo > >> > > > >> > > [1]: > >> > > https://community.arm.com/processors/b/blog/posts/architecting-more-secure-world-with-isolation-and-virtualization > >> > > > >> > > > -----Original Message----- > >> > > > From: Udit Kumar <udit.ku...@nxp.com> > >> > > > Sent: 24 August 2018 18:46 > >> > > > To: Ard Biesheuvel <ard.biesheu...@linaro.org>; Matteo Carlini > >> > > > <matteo.carl...@arm.com> > >> > > > Cc: Sumit Garg <sumit.g...@linaro.org>; edk2-devel@lists.01.org; tee- > >> > > > d...@lists.linaro.org; daniel.thomp...@linaro.org; > >> > > > jens.wiklan...@linaro.org; > >> > > > Rod Dorris <rod.dor...@nxp.com> > >> > > > Subject: RE: [edk2] [PATCH 1/1] ArmPkg/OpteeLib: Add APIs to > >> > > > communicate > >> > > > with OP-TEE > >> > > > > >> > > > Hi Ard > >> > > > > >> > > > > If MM mode is fundamentally incompatible with OP-TEE, then you > >> > > > > cannot > >> > > > > run both at the same time, > >> > > > > >> > > > Both cannot coexist unless you have v8.4 CPU > >> > > > > >> > > > Regards > >> > > > Udit > >> > > > > >> > > > > > >> > > > > > >> > > > > >> -----Original Message----- > >> > > > > >> From: edk2-devel <edk2-devel-boun...@lists.01.org> On Behalf Of > >> > > > > >> Sumit Garg > >> > > > > >> Sent: Friday, August 24, 2018 2:51 PM > >> > > > > >> To: edk2-devel@lists.01.org > >> > > > > >> Cc: daniel.thomp...@linaro.org; tee-...@lists.linaro.org; > >> > > > > >> jens.wiklan...@linaro.org > >> > > > > >> Subject: [edk2] [PATCH 1/1] ArmPkg/OpteeLib: Add APIs to > >> > > > > >> communicate with OP-TEE > >> > > > > >> > >> > > > > >> Add following APIs to communicate with OP-TEE static TA: > >> > > > > >> 1. OpteeInit > >> > > > > >> 2. OpteeOpenSession > >> > > > > >> 3. OpteeCloseSession > >> > > > > >> 4. OpteeInvokeFunc > >> > > > > >> > >> > > > > >> Cc: Ard Biesheuvel <ard.biesheu...@linaro.org> > >> > > > > >> Cc: Leif Lindholm <leif.lindh...@linaro.org> > >> > > > > >> Contributed-under: TianoCore Contribution Agreement 1.1 > >> > > > > >> Signed-off-by: Sumit Garg <sumit.g...@linaro.org> > >> > > > > >> --- > >> > > > > >> ArmPkg/Include/Library/OpteeLib.h | 102 ++++++ > >> > > > > >> ArmPkg/Library/OpteeLib/Optee.c | 358 > >> > > > > >> +++++++++++++++++++++ > >> > > > > >> ArmPkg/Library/OpteeLib/OpteeLib.inf | 2 + > >> > > > > >> ArmPkg/Library/OpteeLib/OpteeSmc.h | 43 +++ > >> > > > > >> .../Include/IndustryStandard/GlobalPlatform.h | 60 ++-- > >> > > > > >> 5 files changed, 531 insertions(+), 34 deletions(-) create > >> > > > > >> mode > >> > > > > >> 100644 ArmPkg/Library/OpteeLib/OpteeSmc.h > >> > > > > >> copy ArmPkg/Include/Library/OpteeLib.h => > >> > > > > >> MdePkg/Include/IndustryStandard/GlobalPlatform.h (53%) > >> > > > > >> > >> > > > > >> diff --git a/ArmPkg/Include/Library/OpteeLib.h > >> > > > > >> b/ArmPkg/Include/Library/OpteeLib.h > >> > > > > >> index f65d8674d9b8..c323f49072f8 100644 > >> > > > > >> --- a/ArmPkg/Include/Library/OpteeLib.h > >> > > > > >> +++ b/ArmPkg/Include/Library/OpteeLib.h > >> > > > > >> @@ -25,10 +25,112 @@ > >> > > > > >> #define OPTEE_OS_UID2 0xaf630002 > >> > > > > >> #define OPTEE_OS_UID3 0xa5d5c51b > >> > > > > >> > >> > > > > >> +#define OPTEE_MSG_ATTR_TYPE_NONE 0x0 > >> > > > > >> +#define OPTEE_MSG_ATTR_TYPE_VALUE_INPUT 0x1 > >> > > > > >> +#define OPTEE_MSG_ATTR_TYPE_VALUE_OUTPUT 0x2 > >> > > > > >> +#define OPTEE_MSG_ATTR_TYPE_VALUE_INOUT 0x3 > >> > > > > >> +#define OPTEE_MSG_ATTR_TYPE_MEM_INPUT 0x9 > >> > > > > >> +#define OPTEE_MSG_ATTR_TYPE_MEM_OUTPUT 0xa > >> > > > > >> +#define OPTEE_MSG_ATTR_TYPE_MEM_INOUT 0xb > >> > > > > >> + > >> > > > > >> +#define OPTEE_MSG_ATTR_TYPE_MASK 0xff > >> > > > > >> + > >> > > > > >> +typedef struct { > >> > > > > >> + UINT64 BufPtr; > >> > > > > >> + UINT64 Size; > >> > > > > >> + UINT64 ShmRef; > >> > > > > >> +} OPTEE_MSG_PARAM_MEM; > >> > > > > >> + > >> > > > > >> +typedef struct { > >> > > > > >> + UINT64 A; > >> > > > > >> + UINT64 B; > >> > > > > >> + UINT64 C; > >> > > > > >> +} OPTEE_MSG_PARAM_VALUE; > >> > > > > >> + > >> > > > > >> +typedef struct { > >> > > > > >> + UINT64 Attr; > >> > > > > >> + union { > >> > > > > >> + OPTEE_MSG_PARAM_MEM Mem; > >> > > > > >> + OPTEE_MSG_PARAM_VALUE Value; > >> > > > > >> + } U; > >> > > > > >> +} OPTEE_MSG_PARAM; > >> > > > > >> + > >> > > > > >> +#define MAX_PARAMS 4 > >> > > > > >> + > >> > > > > >> +typedef struct { > >> > > > > >> + UINT32 Cmd; > >> > > > > >> + UINT32 Func; > >> > > > > >> + UINT32 Session; > >> > > > > >> + UINT32 CancelId; > >> > > > > >> + UINT32 Pad; > >> > > > > >> + UINT32 Ret; > >> > > > > >> + UINT32 RetOrigin; > >> > > > > >> + UINT32 NumParams; > >> > > > > >> + > >> > > > > >> + // NumParams tells the actual number of element in > >> > > > > >> Params > >> > > > > >> + OPTEE_MSG_PARAM Params[MAX_PARAMS]; > >> > > > > >> +} OPTEE_MSG_ARG; > >> > > > > >> + > >> > > > > >> +#define OPTEE_UUID_LEN 16 > >> > > > > >> + > >> > > > > >> +// > >> > > > > >> +// struct OPTEE_OPEN_SESSION_ARG - Open session argument > >> > > > > >> +// @Uuid: [in] UUID of the Trusted Application > >> > > > > >> +// @Session: [out] Session id > >> > > > > >> +// @Ret: [out] Return value > >> > > > > >> +// @RetOrigin [out] Origin of the return value > >> > > > > >> +// > >> > > > > >> +typedef struct { > >> > > > > >> + UINT8 Uuid[OPTEE_UUID_LEN]; > >> > > > > >> + UINT32 Session; > >> > > > > >> + UINT32 Ret; > >> > > > > >> + UINT32 RetOrigin; > >> > > > > >> +} OPTEE_OPEN_SESSION_ARG; > >> > > > > >> + > >> > > > > >> +// > >> > > > > >> +// struct OPTEE_INVOKE_FUNC_ARG - Invoke function argument > >> > > > > >> +// @Func: [in] Trusted Application function, specific to > >> > > > > >> the TA > >> > > > > >> +// @Session: [in] Session id > >> > > > > >> +// @Ret: [out] Return value > >> > > > > >> +// @RetOrigin [out] Origin of the return value > >> > > > > >> +// @Params [inout] Parameters for function to be invoked > >> > > > > >> +// > >> > > > > >> +typedef struct { > >> > > > > >> + UINT32 Func; > >> > > > > >> + UINT32 Session; > >> > > > > >> + UINT32 Ret; > >> > > > > >> + UINT32 RetOrigin; > >> > > > > >> + OPTEE_MSG_PARAM Params[MAX_PARAMS]; > >> > > > > >> +} OPTEE_INVOKE_FUNC_ARG; > >> > > > > >> + > >> > > > > >> BOOLEAN > >> > > > > >> EFIAPI > >> > > > > >> IsOpteePresent ( > >> > > > > >> VOID > >> > > > > >> ); > >> > > > > >> > >> > > > > >> +EFI_STATUS > >> > > > > >> +EFIAPI > >> > > > > >> +OpteeInit ( > >> > > > > >> + VOID > >> > > > > >> + ); > >> > > > > >> + > >> > > > > >> +EFI_STATUS > >> > > > > >> +EFIAPI > >> > > > > >> +OpteeOpenSession ( > >> > > > > >> + IN OUT OPTEE_OPEN_SESSION_ARG *OpenSessionArg > >> > > > > >> + ); > >> > > > > >> + > >> > > > > >> +EFI_STATUS > >> > > > > >> +EFIAPI > >> > > > > >> +OpteeCloseSession ( > >> > > > > >> + IN UINT32 Session > >> > > > > >> + ); > >> > > > > >> + > >> > > > > >> +EFI_STATUS > >> > > > > >> +EFIAPI > >> > > > > >> +OpteeInvokeFunc ( > >> > > > > >> + IN OUT OPTEE_INVOKE_FUNC_ARG *InvokeFuncArg > >> > > > > >> + ); > >> > > > > >> + > >> > > > > >> #endif > >> > > > > >> diff --git a/ArmPkg/Library/OpteeLib/Optee.c > >> > > > > >> b/ArmPkg/Library/OpteeLib/Optee.c index > >> > > > > >> 574527f8b5ea..2111022d3662 > >> > > > > >> 100644 > >> > > > > >> --- a/ArmPkg/Library/OpteeLib/Optee.c > >> > > > > >> +++ b/ArmPkg/Library/OpteeLib/Optee.c > >> > > > > >> @@ -14,11 +14,19 @@ > >> > > > > >> > >> > > > > >> **/ > >> > > > > >> > >> > > > > >> +#include <Library/ArmMmuLib.h> > >> > > > > >> #include <Library/ArmSmcLib.h> > >> > > > > >> +#include <Library/BaseMemoryLib.h> > >> > > > > >> #include <Library/BaseLib.h> > >> > > > > >> +#include <Library/DebugLib.h> > >> > > > > >> #include <Library/OpteeLib.h> > >> > > > > >> > >> > > > > >> #include <IndustryStandard/ArmStdSmc.h> > >> > > > > >> +#include <IndustryStandard/GlobalPlatform.h> > >> > > > > >> +#include <OpteeSmc.h> > >> > > > > >> +#include <Uefi.h> > >> > > > > >> + > >> > > > > >> +STATIC OPTEE_SHARED_MEMORY_INFO OpteeShmInfo = { 0 }; > >> > > > > >> > >> > > > > >> /** > >> > > > > >> Check for OP-TEE presence. > >> > > > > >> @@ -31,6 +39,7 @@ IsOpteePresent ( > >> > > > > >> { > >> > > > > >> ARM_SMC_ARGS ArmSmcArgs; > >> > > > > >> > >> > > > > >> + ZeroMem (&ArmSmcArgs, sizeof (ARM_SMC_ARGS)); > >> > > > > >> // Send a Trusted OS Calls UID command > >> > > > > >> ArmSmcArgs.Arg0 = ARM_SMC_ID_TOS_UID; > >> > > > > >> ArmCallSmc (&ArmSmcArgs); > >> > > > > >> @@ -44,3 +53,352 @@ IsOpteePresent ( > >> > > > > >> return FALSE; > >> > > > > >> } > >> > > > > >> } > >> > > > > >> + > >> > > > > >> +STATIC > >> > > > > >> +EFI_STATUS > >> > > > > >> +OpteeShmMemRemap ( > >> > > > > >> + VOID > >> > > > > >> + ) > >> > > > > >> +{ > >> > > > > >> + ARM_SMC_ARGS ArmSmcArgs; > >> > > > > >> + EFI_PHYSICAL_ADDRESS Paddr; > >> > > > > >> + EFI_PHYSICAL_ADDRESS Start; > >> > > > > >> + EFI_PHYSICAL_ADDRESS End; > >> > > > > >> + EFI_STATUS Status; > >> > > > > >> + UINTN Size; > >> > > > > >> + > >> > > > > >> + ZeroMem (&ArmSmcArgs, sizeof (ARM_SMC_ARGS)); > >> > > > > >> + ArmSmcArgs.Arg0 = OPTEE_SMC_GET_SHM_CONFIG; > >> > > > > >> + > >> > > > > >> + ArmCallSmc (&ArmSmcArgs); > >> > > > > >> + if (ArmSmcArgs.Arg0 != OPTEE_SMC_RETURN_OK) { > >> > > > > >> + DEBUG ((DEBUG_WARN, "OP-TEE shared memory not > >> > > > > >> supported\n")); > >> > > > > >> + return EFI_UNSUPPORTED; > >> > > > > >> + } > >> > > > > >> + > >> > > > > >> + if (ArmSmcArgs.Arg3 != OPTEE_SMC_SHM_CACHED) { > >> > > > > >> + DEBUG ((DEBUG_WARN, "OP-TEE: Only normal cached shared > >> > > > > memory > >> > > > > >> supported\n")); > >> > > > > >> + return EFI_UNSUPPORTED; > >> > > > > >> + } > >> > > > > >> + > >> > > > > >> + Start = (ArmSmcArgs.Arg1 + SIZE_4KB - 1) & ~(SIZE_4KB - 1); > >> > > > > >> End > >> > > > > >> + = > >> > > > > >> + (ArmSmcArgs.Arg1 + ArmSmcArgs.Arg2) & ~(SIZE_4KB - 1); Paddr > >> > > > > >> = > >> > > > > >> + Start; Size = End - Start; > >> > > > > >> + > >> > > > > >> + if (Size < SIZE_4KB) { > >> > > > > >> + DEBUG ((DEBUG_WARN, "OP-TEE shared memory too small\n")); > >> > > > > >> + return EFI_BUFFER_TOO_SMALL; > >> > > > > >> + } > >> > > > > >> + > >> > > > > >> + Status = ArmSetMemoryAttributes (Paddr, Size, EFI_MEMORY_WB); > >> > > > > >> + if (EFI_ERROR (Status)) { > >> > > > > >> + return Status; > >> > > > > >> + } > >> > > > > >> + > >> > > > > >> + OpteeShmInfo.Base = (UINTN)Paddr; OpteeShmInfo.Size = Size; > >> > > > > >> + > >> > > > > >> + return EFI_SUCCESS; > >> > > > > >> +} > >> > > > > >> + > >> > > > > >> +EFI_STATUS > >> > > > > >> +EFIAPI > >> > > > > >> +OpteeInit ( > >> > > > > >> + VOID > >> > > > > >> + ) > >> > > > > >> +{ > >> > > > > >> + EFI_STATUS Status; > >> > > > > >> + > >> > > > > >> + if (!IsOpteePresent ()) { > >> > > > > >> + DEBUG ((DEBUG_WARN, "OP-TEE not present\n")); > >> > > > > >> + return EFI_UNSUPPORTED; > >> > > > > >> + } > >> > > > > >> + > >> > > > > >> + Status = OpteeShmMemRemap (); > >> > > > > >> + if (EFI_ERROR (Status)) { > >> > > > > >> + DEBUG ((DEBUG_WARN, "OP-TEE shared memory remap > >> > > > > >> failed\n")); > >> > > > > >> + return Status; > >> > > > > >> + } > >> > > > > >> + > >> > > > > >> + return EFI_SUCCESS; > >> > > > > >> +} > >> > > > > >> + > >> > > > > >> +/** > >> > > > > >> + Does Standard SMC to OP-TEE in secure world. > >> > > > > >> + > >> > > > > >> + @param[in] Parg Physical address of message to pass to > >> > > > > >> secure world > >> > > > > >> + > >> > > > > >> + @return 0 on success, secure world return code > >> > > > > >> otherwise > >> > > > > >> + > >> > > > > >> +**/ > >> > > > > >> +STATIC > >> > > > > >> +UINT32 > >> > > > > >> +OpteeCallWithArg ( > >> > > > > >> + IN EFI_PHYSICAL_ADDRESS Parg > >> > > > > >> + ) > >> > > > > >> +{ > >> > > > > >> + ARM_SMC_ARGS ArmSmcArgs; > >> > > > > >> + > >> > > > > >> + ZeroMem (&ArmSmcArgs, sizeof (ARM_SMC_ARGS)); > >> > > > > >> + ArmSmcArgs.Arg0 = OPTEE_SMC_CALL_WITH_ARG; > >> > > > > >> + ArmSmcArgs.Arg1 = (UINT32)(Parg >> 32); > >> > > > > >> + ArmSmcArgs.Arg2 = (UINT32)Parg; > >> > > > > >> + > >> > > > > >> + while (TRUE) { > >> > > > > >> + ArmCallSmc (&ArmSmcArgs); > >> > > > > >> + > >> > > > > >> + if (ArmSmcArgs.Arg0 == OPTEE_SMC_RETURN_RPC_FOREIGN_INTR) { > >> > > > > >> + // > >> > > > > >> + // A foreign interrupt was raised while secure world was > >> > > > > >> + // executing, since they are handled in UEFI a dummy RPC > >> > > > > >> is > >> > > > > >> + // performed to let UEFI take the interrupt through the > >> > > > > >> normal > >> > > > > >> + // vector. > >> > > > > >> + // > >> > > > > >> + ArmSmcArgs.Arg0 = OPTEE_SMC_RETURN_FROM_RPC; > >> > > > > >> + } else { > >> > > > > >> + break; > >> > > > > >> + } > >> > > > > >> + } > >> > > > > >> + > >> > > > > >> + return ArmSmcArgs.Arg0; > >> > > > > >> +} > >> > > > > >> + > >> > > > > >> +EFI_STATUS > >> > > > > >> +EFIAPI > >> > > > > >> +OpteeOpenSession ( > >> > > > > >> + IN OUT OPTEE_OPEN_SESSION_ARG *OpenSessionArg > >> > > > > >> + ) > >> > > > > >> +{ > >> > > > > >> + OPTEE_MSG_ARG *MsgArg; > >> > > > > >> + > >> > > > > >> + MsgArg = NULL; > >> > > > > >> + > >> > > > > >> + if (OpteeShmInfo.Base == 0) { > >> > > > > >> + DEBUG ((DEBUG_WARN, "OP-TEE not initialized\n")); > >> > > > > >> + return EFI_NOT_STARTED; > >> > > > > >> + } > >> > > > > >> + > >> > > > > >> + MsgArg = (OPTEE_MSG_ARG *)OpteeShmInfo.Base; ZeroMem > >> > > > > >> (MsgArg, > >> > > > > >> sizeof > >> > > > > >> + (OPTEE_MSG_ARG)); > >> > > > > >> + > >> > > > > >> + MsgArg->Cmd = OPTEE_MSG_CMD_OPEN_SESSION; > >> > > > > >> + > >> > > > > >> + // > >> > > > > >> + // Initialize and add the meta parameters needed when > >> > > > > >> opening a > >> > > > > >> + // session. > >> > > > > >> + // > >> > > > > >> + MsgArg->Params[0].Attr = OPTEE_MSG_ATTR_TYPE_VALUE_INPUT | > >> > > > > >> + OPTEE_MSG_ATTR_META; > >> > > > > >> + MsgArg->Params[1].Attr = OPTEE_MSG_ATTR_TYPE_VALUE_INPUT | > >> > > > > >> + OPTEE_MSG_ATTR_META; CopyMem > >> > > > > >> + (&MsgArg->Params[0].U.Value, OpenSessionArg->Uuid, > >> > > > > OPTEE_UUID_LEN); > >> > > > > >> + ZeroMem (&MsgArg->Params[1].U.Value, OPTEE_UUID_LEN); > >> > > > > >> + MsgArg->Params[1].U.Value.C = TEE_LOGIN_PUBLIC; > >> > > > > >> + > >> > > > > >> + MsgArg->NumParams = 2; > >> > > > > >> + > >> > > > > >> + if (OpteeCallWithArg ((EFI_PHYSICAL_ADDRESS)MsgArg)) { > >> > > > > >> + MsgArg->Ret = TEEC_ERROR_COMMUNICATION; > >> > > > > >> + MsgArg->RetOrigin = TEEC_ORIGIN_COMMS; } > >> > > > > >> + > >> > > > > >> + OpenSessionArg->Session = MsgArg->Session; > >> > > > > >> OpenSessionArg->Ret > >> > > > > >> + = > >> > > > > >> + MsgArg->Ret; OpenSessionArg->RetOrigin = MsgArg->RetOrigin; > >> > > > > >> + > >> > > > > >> + return EFI_SUCCESS; > >> > > > > >> +} > >> > > > > >> + > >> > > > > >> +EFI_STATUS > >> > > > > >> +EFIAPI > >> > > > > >> +OpteeCloseSession ( > >> > > > > >> + IN UINT32 Session > >> > > > > >> + ) > >> > > > > >> +{ > >> > > > > >> + OPTEE_MSG_ARG *MsgArg; > >> > > > > >> + > >> > > > > >> + MsgArg = NULL; > >> > > > > >> + > >> > > > > >> + if (OpteeShmInfo.Base == 0) { > >> > > > > >> + DEBUG ((DEBUG_WARN, "OP-TEE not initialized\n")); > >> > > > > >> + return EFI_NOT_STARTED; > >> > > > > >> + } > >> > > > > >> + > >> > > > > >> + MsgArg = (OPTEE_MSG_ARG *)OpteeShmInfo.Base; ZeroMem > >> > > > > >> (MsgArg, > >> > > > > >> sizeof > >> > > > > >> + (OPTEE_MSG_ARG)); > >> > > > > >> + > >> > > > > >> + MsgArg->Cmd = OPTEE_MSG_CMD_CLOSE_SESSION; MsgArg->Session > >> > > > > = > >> > > > > >> + Session; > >> > > > > >> + > >> > > > > >> + OpteeCallWithArg ((EFI_PHYSICAL_ADDRESS)MsgArg); > >> > > > > >> + > >> > > > > >> + return EFI_SUCCESS; > >> > > > > >> +} > >> > > > > >> + > >> > > > > >> +STATIC > >> > > > > >> +EFI_STATUS > >> > > > > >> +OpteeToMsgParam ( > >> > > > > >> + OUT OPTEE_MSG_PARAM *MsgParams, > >> > > > > >> + IN UINT32 NumParams, > >> > > > > >> + IN OPTEE_MSG_PARAM *InParams > >> > > > > >> + ) > >> > > > > >> +{ > >> > > > > >> + UINT32 Idx; > >> > > > > >> + UINTN ParamShmAddr; > >> > > > > >> + UINTN ShmSize; > >> > > > > >> + UINTN Size; > >> > > > > >> + > >> > > > > >> + Size = (sizeof (OPTEE_MSG_ARG) + sizeof (UINT64) - 1) & > >> > > > > >> ~(sizeof > >> > > > > >> + (UINT64) - 1); ParamShmAddr = OpteeShmInfo.Base + Size; > >> > > > > >> ShmSize > >> > > > > >> + = OpteeShmInfo.Size - Size; > >> > > > > >> + > >> > > > > >> + for (Idx = 0; Idx < NumParams; Idx++) { > >> > > > > >> + CONST OPTEE_MSG_PARAM *Ip; > >> > > > > >> + OPTEE_MSG_PARAM *Mp; > >> > > > > >> + UINT32 Attr; > >> > > > > >> + > >> > > > > >> + Ip = InParams + Idx; > >> > > > > >> + Mp = MsgParams + Idx; > >> > > > > >> + Attr = Ip->Attr & OPTEE_MSG_ATTR_TYPE_MASK; > >> > > > > >> + > >> > > > > >> + switch (Attr) { > >> > > > > >> + case OPTEE_MSG_ATTR_TYPE_NONE: > >> > > > > >> + Mp->Attr = OPTEE_MSG_ATTR_TYPE_NONE; > >> > > > > >> + ZeroMem (&Mp->U, sizeof (Mp->U)); > >> > > > > >> + break; > >> > > > > >> + > >> > > > > >> + case OPTEE_MSG_ATTR_TYPE_VALUE_INPUT: > >> > > > > >> + case OPTEE_MSG_ATTR_TYPE_VALUE_OUTPUT: > >> > > > > >> + case OPTEE_MSG_ATTR_TYPE_VALUE_INOUT: > >> > > > > >> + Mp->Attr = Attr; > >> > > > > >> + Mp->U.Value.A = Ip->U.Value.A; > >> > > > > >> + Mp->U.Value.B = Ip->U.Value.B; > >> > > > > >> + Mp->U.Value.C = Ip->U.Value.C; > >> > > > > >> + break; > >> > > > > >> + > >> > > > > >> + case OPTEE_MSG_ATTR_TYPE_MEM_INPUT: > >> > > > > >> + case OPTEE_MSG_ATTR_TYPE_MEM_OUTPUT: > >> > > > > >> + case OPTEE_MSG_ATTR_TYPE_MEM_INOUT: > >> > > > > >> + Mp->Attr = Attr; > >> > > > > >> + > >> > > > > >> + if (Ip->U.Mem.Size > ShmSize) { > >> > > > > >> + return EFI_OUT_OF_RESOURCES; > >> > > > > >> + } > >> > > > > >> + > >> > > > > >> + CopyMem ((VOID *)ParamShmAddr, (VOID *)Ip->U.Mem.BufPtr, > >> > > > > >> Ip- > >> > > > > >> >U.Mem.Size); > >> > > > > >> + Mp->U.Mem.BufPtr = (UINT64)ParamShmAddr; > >> > > > > >> + Mp->U.Mem.Size = Ip->U.Mem.Size; > >> > > > > >> + > >> > > > > >> + Size = (Ip->U.Mem.Size + sizeof (UINT64) - 1) & ~(sizeof > >> > > > > >> (UINT64) - 1); > >> > > > > >> + ParamShmAddr += Size; > >> > > > > >> + ShmSize -= Size; > >> > > > > >> + break; > >> > > > > >> + > >> > > > > >> + default: > >> > > > > >> + return EFI_INVALID_PARAMETER; > >> > > > > >> + } > >> > > > > >> + } > >> > > > > >> + > >> > > > > >> + return EFI_SUCCESS; > >> > > > > >> +} > >> > > > > >> + > >> > > > > >> +STATIC > >> > > > > >> +EFI_STATUS > >> > > > > >> +OpteeFromMsgParam ( > >> > > > > >> + OUT OPTEE_MSG_PARAM *OutParams, > >> > > > > >> + IN UINT32 NumParams, > >> > > > > >> + IN OPTEE_MSG_PARAM *MsgParams > >> > > > > >> + ) > >> > > > > >> +{ > >> > > > > >> + UINT32 Idx; > >> > > > > >> + > >> > > > > >> + for (Idx = 0; Idx < NumParams; Idx++) { > >> > > > > >> + OPTEE_MSG_PARAM *Op; > >> > > > > >> + CONST OPTEE_MSG_PARAM *Mp; > >> > > > > >> + UINT32 Attr; > >> > > > > >> + > >> > > > > >> + Op = OutParams + Idx; > >> > > > > >> + Mp = MsgParams + Idx; > >> > > > > >> + Attr = Mp->Attr & OPTEE_MSG_ATTR_TYPE_MASK; > >> > > > > >> + > >> > > > > >> + switch (Attr) { > >> > > > > >> + case OPTEE_MSG_ATTR_TYPE_NONE: > >> > > > > >> + Op->Attr = OPTEE_MSG_ATTR_TYPE_NONE; > >> > > > > >> + ZeroMem (&Op->U, sizeof (Op->U)); > >> > > > > >> + break; > >> > > > > >> + > >> > > > > >> + case OPTEE_MSG_ATTR_TYPE_VALUE_INPUT: > >> > > > > >> + case OPTEE_MSG_ATTR_TYPE_VALUE_OUTPUT: > >> > > > > >> + case OPTEE_MSG_ATTR_TYPE_VALUE_INOUT: > >> > > > > >> + Op->Attr = Attr; > >> > > > > >> + Op->U.Value.A = Mp->U.Value.A; > >> > > > > >> + Op->U.Value.B = Mp->U.Value.B; > >> > > > > >> + Op->U.Value.C = Mp->U.Value.C; > >> > > > > >> + break; > >> > > > > >> + > >> > > > > >> + case OPTEE_MSG_ATTR_TYPE_MEM_INPUT: > >> > > > > >> + case OPTEE_MSG_ATTR_TYPE_MEM_OUTPUT: > >> > > > > >> + case OPTEE_MSG_ATTR_TYPE_MEM_INOUT: > >> > > > > >> + Op->Attr = Attr; > >> > > > > >> + > >> > > > > >> + if (Mp->U.Mem.Size > Op->U.Mem.Size) { > >> > > > > >> + return EFI_BAD_BUFFER_SIZE; > >> > > > > >> + } > >> > > > > >> + > >> > > > > >> + CopyMem ((VOID *)Op->U.Mem.BufPtr, (VOID > >> > > > > >> *)Mp->U.Mem.BufPtr, > >> > > > > >> Mp->U.Mem.Size); > >> > > > > >> + Op->U.Mem.Size = Mp->U.Mem.Size; > >> > > > > >> + break; > >> > > > > >> + > >> > > > > >> + default: > >> > > > > >> + return EFI_INVALID_PARAMETER; > >> > > > > >> + } > >> > > > > >> + } > >> > > > > >> + > >> > > > > >> + return EFI_SUCCESS; > >> > > > > >> +} > >> > > > > >> + > >> > > > > >> +EFI_STATUS > >> > > > > >> +EFIAPI > >> > > > > >> +OpteeInvokeFunc ( > >> > > > > >> + IN OUT OPTEE_INVOKE_FUNC_ARG *InvokeFuncArg > >> > > > > >> + ) > >> > > > > >> +{ > >> > > > > >> + EFI_STATUS Status; > >> > > > > >> + OPTEE_MSG_ARG *MsgArg; > >> > > > > >> + > >> > > > > >> + MsgArg = NULL; > >> > > > > >> + > >> > > > > >> + if (OpteeShmInfo.Base == 0) { > >> > > > > >> + DEBUG ((DEBUG_WARN, "OP-TEE not initialized\n")); > >> > > > > >> + return EFI_NOT_STARTED; > >> > > > > >> + } > >> > > > > >> + > >> > > > > >> + MsgArg = (OPTEE_MSG_ARG *)OpteeShmInfo.Base; ZeroMem > >> > > > > >> (MsgArg, > >> > > > > >> sizeof > >> > > > > >> + (OPTEE_MSG_ARG)); > >> > > > > >> + > >> > > > > >> + MsgArg->Cmd = OPTEE_MSG_CMD_INVOKE_COMMAND; MsgArg- > >> > > > > >Func = > >> > > > > >> + InvokeFuncArg->Func; MsgArg->Session = > >> > > > > >> InvokeFuncArg->Session; > >> > > > > >> + > >> > > > > >> + Status = OpteeToMsgParam (MsgArg->Params, MAX_PARAMS, > >> > > > > >> + InvokeFuncArg->Params); if (Status) > >> > > > > >> + return Status; > >> > > > > >> + > >> > > > > >> + MsgArg->NumParams = MAX_PARAMS; > >> > > > > >> + > >> > > > > >> + if (OpteeCallWithArg ((EFI_PHYSICAL_ADDRESS)MsgArg)) { > >> > > > > >> + MsgArg->Ret = TEEC_ERROR_COMMUNICATION; > >> > > > > >> + MsgArg->RetOrigin = TEEC_ORIGIN_COMMS; } > >> > > > > >> + > >> > > > > >> + if (OpteeFromMsgParam (InvokeFuncArg->Params, MAX_PARAMS, > >> > > > > >> MsgArg->Params)) { > >> > > > > >> + MsgArg->Ret = TEEC_ERROR_COMMUNICATION; > >> > > > > >> + MsgArg->RetOrigin = TEEC_ORIGIN_COMMS; } > >> > > > > >> + > >> > > > > >> + InvokeFuncArg->Ret = MsgArg->Ret; InvokeFuncArg->RetOrigin = > >> > > > > >> + MsgArg->RetOrigin; > >> > > > > >> + > >> > > > > >> + return EFI_SUCCESS; > >> > > > > >> +} > >> > > > > >> diff --git a/ArmPkg/Library/OpteeLib/OpteeLib.inf > >> > > > > >> b/ArmPkg/Library/OpteeLib/OpteeLib.inf > >> > > > > >> index 5abd427379cc..e03054a7167d 100644 > >> > > > > >> --- a/ArmPkg/Library/OpteeLib/OpteeLib.inf > >> > > > > >> +++ b/ArmPkg/Library/OpteeLib/OpteeLib.inf > >> > > > > >> @@ -23,11 +23,13 @@ [Defines] > >> > > > > >> > >> > > > > >> [Sources] > >> > > > > >> Optee.c > >> > > > > >> + OpteeSmc.h > >> > > > > >> > >> > > > > >> [Packages] > >> > > > > >> ArmPkg/ArmPkg.dec > >> > > > > >> MdePkg/MdePkg.dec > >> > > > > >> > >> > > > > >> [LibraryClasses] > >> > > > > >> + ArmMmuLib > >> > > > > >> ArmSmcLib > >> > > > > >> BaseLib > >> > > > > >> diff --git a/ArmPkg/Library/OpteeLib/OpteeSmc.h > >> > > > > >> b/ArmPkg/Library/OpteeLib/OpteeSmc.h > >> > > > > >> new file mode 100644 > >> > > > > >> index 000000000000..e2ea35784a0a > >> > > > > >> --- /dev/null > >> > > > > >> +++ b/ArmPkg/Library/OpteeLib/OpteeSmc.h > >> > > > > >> @@ -0,0 +1,43 @@ > >> > > > > >> +/** @file > >> > > > > >> + OP-TEE SMC header file. > >> > > > > >> + > >> > > > > >> + Copyright (c) 2018, Linaro Ltd. All rights reserved.<BR> > >> > > > > >> + > >> > > > > >> + This program and the accompanying materials are licensed and > >> > > > > >> + made available under the terms and conditions of the BSD > >> > > > > >> License > >> > > > > >> + which accompanies this distribution. The full text of the > >> > > > > >> + license may be found at > >> > > > > >> + > >> > > > > >> + > >> > > > > >> > >> > > > > https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fope > >> > > > > >> n > >> > > > > >> + source.org%2Flicenses%2Fbsd- > >> > > > > >> license.php&data=02%7C01%7Cudit.kumar% > >> > > > > >> + > >> > > > > >> > >> > > > > 40nxp.com%7Ce95635d0c3c74edbf79808d609a30c7b%7C686ea1d3bc2b4c6f > >> > > > > >> a92cd99 > >> > > > > >> + > >> > > > > >> > >> > > > > c5c301635%7C0%7C0%7C636706993250535371&sdata=pyZF9Ku3qEpp > >> > > > > >> OOKCyshbg > >> > > > > >> + 9oCT4P6AwM2olKY3%2B2ImWs%3D&reserved=0 > >> > > > > >> + > >> > > > > >> + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS > >> > > > > >> IS" > >> > > > > >> BASIS, > >> > > > > >> + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER > >> > > > > >> EXPRESS OR IMPLIED. > >> > > > > >> + > >> > > > > >> +**/ > >> > > > > >> + > >> > > > > >> +#ifndef _OPTEE_SMC_H_ > >> > > > > >> +#define _OPTEE_SMC_H_ > >> > > > > >> + > >> > > > > >> +/* Returned in Arg0 only from Trusted OS functions */ > >> > > > > >> +#define OPTEE_SMC_RETURN_OK 0x0 > >> > > > > >> + > >> > > > > >> +#define OPTEE_SMC_RETURN_FROM_RPC 0x32000003 > >> > > > > >> +#define OPTEE_SMC_CALL_WITH_ARG 0x32000004 > >> > > > > >> +#define OPTEE_SMC_GET_SHM_CONFIG 0xb2000007 > >> > > > > >> + > >> > > > > >> +#define OPTEE_SMC_SHM_CACHED 1 > >> > > > > >> + > >> > > > > >> +#define OPTEE_SMC_RETURN_RPC_FOREIGN_INTR 0xffff0004 > >> > > > > >> + > >> > > > > >> +#define OPTEE_MSG_CMD_OPEN_SESSION 0 > >> > > > > >> +#define OPTEE_MSG_CMD_INVOKE_COMMAND 1 > >> > > > > >> +#define OPTEE_MSG_CMD_CLOSE_SESSION 2 > >> > > > > >> + > >> > > > > >> +#define OPTEE_MSG_ATTR_META 0x100 > >> > > > > >> + > >> > > > > >> +#define TEE_LOGIN_PUBLIC 0x0 > >> > > > > >> + > >> > > > > >> +typedef struct { > >> > > > > >> + UINTN Base; > >> > > > > >> + UINTN Size; > >> > > > > >> +} OPTEE_SHARED_MEMORY_INFO; > >> > > > > >> + > >> > > > > >> +#endif > >> > > > > >> diff --git a/ArmPkg/Include/Library/OpteeLib.h > >> > > > > >> b/MdePkg/Include/IndustryStandard/GlobalPlatform.h > >> > > > > >> similarity index 53% > >> > > > > >> copy from ArmPkg/Include/Library/OpteeLib.h copy to > >> > > > > >> MdePkg/Include/IndustryStandard/GlobalPlatform.h > >> > > > > >> index f65d8674d9b8..14c621d89971 100644 > >> > > > > >> --- a/ArmPkg/Include/Library/OpteeLib.h > >> > > > > >> +++ b/MdePkg/Include/IndustryStandard/GlobalPlatform.h > >> > > > > >> @@ -1,34 +1,26 @@ > >> > > > > >> -/** @file > >> > > > > >> - OP-TEE specific header file. > >> > > > > >> - > >> > > > > >> - Copyright (c) 2018, Linaro Ltd. All rights reserved.<BR> > >> > > > > >> - > >> > > > > >> - This program and the accompanying materials > >> > > > > >> - are licensed and made available under the terms and > >> > > > > >> conditions > >> > > > > >> of the BSD License > >> > > > > >> - which accompanies this distribution. The full text of the > >> > > > > >> license may be found at > >> > > > > >> - > >> > > > > >> > >> > > > > https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fope > >> > > > > >> nsource.org%2Flicenses%2Fbsd- > >> > > > > >> > >> > > > > license.php&data=02%7C01%7Cudit.kumar%40nxp.com%7Ce95635d0c > >> > > > > >> > >> > > > > 3c74edbf79808d609a30c7b%7C686ea1d3bc2b4c6fa92cd99c5c301635%7C0% > >> > > > > >> > >> > > > > 7C0%7C636706993250535371&sdata=pyZF9Ku3qEppOOKCyshbg9oCT4 > >> > > > > >> P6AwM2olKY3%2B2ImWs%3D&reserved=0 > >> > > > > >> - > >> > > > > >> - THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS > >> > > > > >> IS" > >> > > > > >> BASIS, > >> > > > > >> - WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER > >> > > > > EXPRESS > >> > > > > >> OR IMPLIED. > >> > > > > >> - > >> > > > > >> -**/ > >> > > > > >> - > >> > > > > >> -#ifndef _OPTEE_H_ > >> > > > > >> -#define _OPTEE_H_ > >> > > > > >> - > >> > > > > >> -/* > >> > > > > >> - * The 'Trusted OS Call UID' is supposed to return the > >> > > > > >> following > >> > > > > >> UUID for > >> > > > > >> - * OP-TEE OS. This is a 128-bit value. > >> > > > > >> - */ > >> > > > > >> -#define OPTEE_OS_UID0 0x384fb3e0 > >> > > > > >> -#define OPTEE_OS_UID1 0xe7f811e3 > >> > > > > >> -#define OPTEE_OS_UID2 0xaf630002 > >> > > > > >> -#define OPTEE_OS_UID3 0xa5d5c51b > >> > > > > >> - > >> > > > > >> -BOOLEAN > >> > > > > >> -EFIAPI > >> > > > > >> -IsOpteePresent ( > >> > > > > >> - VOID > >> > > > > >> - ); > >> > > > > >> - > >> > > > > >> -#endif > >> > > > > >> +/** @file > >> > > > > >> + Standardized Global Platform header file. > >> > > > > >> + > >> > > > > >> + Copyright (c) 2018, Linaro Ltd. All rights reserved.<BR> > >> > > > > >> + > >> > > > > >> + This program and the accompanying materials are licensed and > >> > > > > >> + made available under the terms and conditions of the BSD > >> > > > > >> License > >> > > > > >> + which accompanies this distribution. The full text of the > >> > > > > >> + license may be found at > >> > > > > >> + > >> > > > > >> + > >> > > > > >> > >> > > > > https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fope > >> > > > > >> n > >> > > > > >> + source.org%2Flicenses%2Fbsd- > >> > > > > >> license.php&data=02%7C01%7Cudit.kumar% > >> > > > > >> + > >> > > > > >> > >> > > > > 40nxp.com%7Ce95635d0c3c74edbf79808d609a30c7b%7C686ea1d3bc2b4c6f > >> > > > > >> a92cd99 > >> > > > > >> + > >> > > > > >> > >> > > > > c5c301635%7C0%7C0%7C636706993250535371&sdata=pyZF9Ku3qEpp > >> > > > > >> OOKCyshbg > >> > > > > >> + 9oCT4P6AwM2olKY3%2B2ImWs%3D&reserved=0 > >> > > > > >> + > >> > > > > >> + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS > >> > > > > >> IS" > >> > > > > >> BASIS, > >> > > > > >> + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER > >> > > > > >> EXPRESS OR IMPLIED. > >> > > > > >> + > >> > > > > >> +**/ > >> > > > > >> + > >> > > > > >> +#ifndef _GLOBAL_PLATFORM_H_ > >> > > > > >> +#define _GLOBAL_PLATFORM_H_ > >> > > > > >> + > >> > > > > >> +#define TEEC_ORIGIN_COMMS 0x00000002 > >> > > > > >> + > >> > > > > >> +#define TEEC_SUCCESS 0x00000000 > >> > > > > >> +#define TEEC_ERROR_BAD_PARAMETERS 0xFFFF0006 > >> > > > > >> +#define TEEC_ERROR_COMMUNICATION 0xFFFF000E > >> > > > > >> +#define TEEC_ERROR_OUT_OF_MEMORY 0xFFFF000C > >> > > > > >> + > >> > > > > >> +#endif > >> > > > > >> -- > >> > > > > >> 2.7.4 > >> > > > > >> > >> > > > > >> _______________________________________________ > >> > > > > >> edk2-devel mailing list > >> > > > > >> edk2-devel@lists.01.org > >> > > > > >> > >> > > > > https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fli > >> > > > > >> st > >> > > > > >> s.01.org%2Fmailman%2Flistinfo%2Fedk2- > >> > > > > >> > >> > > > > devel&data=02%7C01%7Cudit.kumar%40nxp.com%7Ce95635d0c3c74e > >> > > > > >> > >> > > > > dbf79808d609a30c7b%7C686ea1d3bc2b4c6fa92cd99c5c301635%7C0%7C0% > >> > > > > >> > >> > > > > 7C636706993250535371&sdata=msA6jGRAkpWoQ33VsDfbWqgGcIMTP > >> > > > > >> u%2Fhcds3j9aDPnU%3D&reserved=0 > >> > > > > > _______________________________________________ > >> > > > > > edk2-devel mailing list > >> > > > > > edk2-devel@lists.01.org > >> > > > > > > >> > > > > https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Flis > >> > > > > > ts.01.org%2Fmailman%2Flistinfo%2Fedk2- > >> > > > > devel&data=02%7C01%7Cudit.ku > >> > > > > > > >> > > > > mar%40nxp.com%7C5311c5dc22d54095d79d08d609e7fbf5%7C686ea1d3bc2 > >> > > > > b4c6fa92 > >> > > > > > > >> > > > > cd99c5c301635%7C0%7C0%7C636707289305519903&sdata=dwLUq8j9f > >> > > > > 9rxeb37V > >> > > > > > 8fGZKoiWh1TNBnhVFqnuF5oN3g%3D&reserved=0 > >> > > IMPORTANT NOTICE: The contents of this email and any attachments are > >> > > confidential and may also be privileged. If you are not the intended > >> > > recipient, please notify the sender immediately and do not disclose > >> > > the contents to any other person, use it for any purpose, or store or > >> > > copy the information in any medium. Thank you. > > _______________________________________________ > > edk2-devel mailing list > > edk2-devel@lists.01.org > > https://lists.01.org/mailman/listinfo/edk2-devel _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel