diff options
| author | r.tyminski <r.tyminski@partner.samsung.com> | 2017-06-05 12:44:25 +0200 |
|---|---|---|
| committer | r.tyminski <r.tyminski@partner.samsung.com> | 2017-06-05 12:44:25 +0200 |
| commit | 146aec115cd05a164a88e6d7b07435c57a33817f (patch) | |
| tree | d8099075c92576b1928069af274f9b833aca996e /core/include | |
| parent | f9a43781767007462965b21f3f518c4cfc0744c7 (diff) | |
| download | tef-optee_os-146aec115cd05a164a88e6d7b07435c57a33817f.tar.gz tef-optee_os-146aec115cd05a164a88e6d7b07435c57a33817f.tar.bz2 tef-optee_os-146aec115cd05a164a88e6d7b07435c57a33817f.zip | |
Update from upstream to 2.4.0 versionupstream/2.4.0upstream
Change-Id: I2b3a30f20684d6629fe379d9cd7895aff759c301
Diffstat (limited to 'core/include')
23 files changed, 402 insertions, 176 deletions
diff --git a/core/include/console.h b/core/include/console.h index 0fe8e49..d8df7f1 100644 --- a/core/include/console.h +++ b/core/include/console.h @@ -32,5 +32,8 @@ void console_init(void); void console_putc(int ch); void console_flush(void); +struct serial_chip; +void register_serial_console(struct serial_chip *chip); + #endif /* CONSOLE_H */ diff --git a/core/include/drivers/cdns_uart.h b/core/include/drivers/cdns_uart.h index 6688fd3..d97ee37 100644 --- a/core/include/drivers/cdns_uart.h +++ b/core/include/drivers/cdns_uart.h @@ -1,5 +1,6 @@ /* * Copyright (c) 2016, Xilinx Inc + * Copyright (c) 2017, Linaro Limited * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -28,15 +29,14 @@ #define CDNS_UART_H #include <types_ext.h> +#include <drivers/serial.h> -void cdns_uart_init(vaddr_t base, uint32_t uart_clk, uint32_t baud_rate); +struct cdns_uart_data { + struct io_pa_va base; + struct serial_chip chip; +}; -void cdns_uart_putc(int ch, vaddr_t base); - -void cdns_uart_flush(vaddr_t base); - -bool cdns_uart_have_rx_data(vaddr_t base); - -int cdns_uart_getchar(vaddr_t base); +void cdns_uart_init(struct cdns_uart_data *pd, paddr_t base, uint32_t uart_clk, + uint32_t baud_rate); #endif /* CDNS_UART_H */ diff --git a/core/include/drivers/hi16xx_uart.h b/core/include/drivers/hi16xx_uart.h index a7d4f0c..d3bd727 100644 --- a/core/include/drivers/hi16xx_uart.h +++ b/core/include/drivers/hi16xx_uart.h @@ -33,18 +33,16 @@ #define HI16XX_UART_H #include <types_ext.h> +#include <drivers/serial.h> #define HI16XX_UART_REG_SIZE 0xF8 -void hi16xx_uart_init(vaddr_t base, uint32_t uart_clk, uint32_t baud_rate); +struct hi16xx_uart_data { + struct io_pa_va base; + struct serial_chip chip; +}; -void hi16xx_uart_putc(int ch, vaddr_t base); - -void hi16xx_uart_flush(vaddr_t base); - -bool hi16xx_uart_have_rx_data(vaddr_t base); - -int hi16xx_uart_getchar(vaddr_t base); +void hi16xx_uart_init(struct hi16xx_uart_data *pd, paddr_t base, + uint32_t uart_clk, uint32_t baud_rate); #endif /* HI16XX_UART_H */ - diff --git a/core/include/drivers/imx_uart.h b/core/include/drivers/imx_uart.h index db63227..bbcc953 100644 --- a/core/include/drivers/imx_uart.h +++ b/core/include/drivers/imx_uart.h @@ -1,5 +1,6 @@ /* * Copyright (C) 2015 Freescale Semiconductor, Inc. + * Copyright (c) 2017, Linaro Limited * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -28,15 +29,13 @@ #define IMX_UART_H #include <types_ext.h> +#include <drivers/serial.h> -void imx_uart_init(vaddr_t base); +struct imx_uart_data { + struct io_pa_va base; + struct serial_chip chip; +}; -void imx_uart_putc(const char ch, vaddr_t base); - -void imx_uart_flush_tx_fifo(vaddr_t base); - -bool imx_uart_have_rx_data(vaddr_t base); - -int imx_uart_getchar(vaddr_t base); +void imx_uart_init(struct imx_uart_data *pd, paddr_t base); #endif /* IMX_UART_H */ diff --git a/core/include/drivers/ns16550.h b/core/include/drivers/ns16550.h index e865871..b8d1049 100644 --- a/core/include/drivers/ns16550.h +++ b/core/include/drivers/ns16550.h @@ -28,9 +28,13 @@ #define NS16550_H #include <types_ext.h> +#include <drivers/serial.h> -void ns16550_putc(int ch, vaddr_t base); +struct ns16550_data { + struct io_pa_va base; + struct serial_chip chip; +}; -void ns16550_flush(vaddr_t base); +void ns16550_init(struct ns16550_data *pd, paddr_t base); #endif /* NS16550_H */ diff --git a/core/include/drivers/pl011.h b/core/include/drivers/pl011.h index b83f2b2..872b7d1 100644 --- a/core/include/drivers/pl011.h +++ b/core/include/drivers/pl011.h @@ -28,18 +28,16 @@ #define PL011_H #include <types_ext.h> +#include <drivers/serial.h> #define PL011_REG_SIZE 0x1000 -void pl011_init(vaddr_t base, uint32_t uart_clk, uint32_t baud_rate); +struct pl011_data { + struct io_pa_va base; + struct serial_chip chip; +}; -void pl011_putc(int ch, vaddr_t base); - -void pl011_flush(vaddr_t base); - -bool pl011_have_rx_data(vaddr_t base); - -int pl011_getchar(vaddr_t base); +void pl011_init(struct pl011_data *pd, paddr_t base, uint32_t uart_clk, + uint32_t baud_rate); #endif /* PL011_H */ - diff --git a/core/include/drivers/scif.h b/core/include/drivers/scif.h index d9d1055..f621e6c 100644 --- a/core/include/drivers/scif.h +++ b/core/include/drivers/scif.h @@ -1,5 +1,6 @@ /* * Copyright (c) 2016, GlobalLogic + * Copyright (c) 2017, Linaro Limited * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -28,13 +29,15 @@ #define SCIF_H #include <types_ext.h> +#include <drivers/serial.h> #define SCIF_REG_SIZE 0x1000 -void scif_uart_flush(vaddr_t base); +struct scif_uart_data { + struct io_pa_va base; + struct serial_chip chip; +}; -void scif_uart_init(vaddr_t base); - -void scif_uart_putc(int ch, vaddr_t base); +void scif_uart_init(struct scif_uart_data *pd, paddr_t base); #endif /* SCIF */ diff --git a/core/include/drivers/serial.h b/core/include/drivers/serial.h index b8f00df..c1e9ebe 100644 --- a/core/include/drivers/serial.h +++ b/core/include/drivers/serial.h @@ -27,6 +27,12 @@ #ifndef __DRIVERS_SERIAL_H #define __DRIVERS_SERIAL_H +#include <assert.h> +#include <stdbool.h> +#include <types_ext.h> +#include <mm/core_memprot.h> +#include <mm/core_mmu.h> + struct serial_chip { const struct serial_ops *ops; }; @@ -38,4 +44,25 @@ struct serial_ops { int (*getchar)(struct serial_chip *chip); }; +struct io_pa_va { + paddr_t pa; + vaddr_t va; +}; + +/* + * Helper function to return a physical or virtual address for a device, + * depending on whether the MMU is enabled or not + */ +static inline vaddr_t io_pa_or_va(struct io_pa_va *p) +{ + assert(p->pa); + if (cpu_mmu_enabled()) { + if (!p->va) + p->va = (vaddr_t)phys_to_virt_io(p->pa); + assert(p->va); + return p->va; + } + return p->pa; +} + #endif /*__DRIVERS_SERIASERIAL_H*/ diff --git a/core/include/drivers/serial8250_uart.h b/core/include/drivers/serial8250_uart.h index 5b8985d..d8b5051 100644 --- a/core/include/drivers/serial8250_uart.h +++ b/core/include/drivers/serial8250_uart.h @@ -28,19 +28,17 @@ #define SERIAL8250_UART_H #include <types_ext.h> +#include <drivers/serial.h> #define SERIAL8250_UART_REG_SIZE 0x20 -void serial8250_uart_init(vaddr_t base, - uint32_t uart_clk, uint32_t baud_rate); +struct serial8250_uart_data { + struct io_pa_va base; + struct serial_chip chip; +}; -void serial8250_uart_putc(int ch, vaddr_t base); - -void serial8250_uart_flush_tx_fifo(vaddr_t base); - -bool serial8250_uart_have_rx_data(vaddr_t base); - -int serial8250_uart_getchar(vaddr_t base); +void serial8250_uart_init(struct serial8250_uart_data *pd, paddr_t base, + uint32_t uart_clk, uint32_t baud_rate); #endif /* SERIAL8250_UART_H */ diff --git a/core/include/drivers/sprd_uart.h b/core/include/drivers/sprd_uart.h index c70bfb9..f89f914 100644 --- a/core/include/drivers/sprd_uart.h +++ b/core/include/drivers/sprd_uart.h @@ -1,5 +1,6 @@ /* * Copyright (c) 2016, Spreadtrum Communications Inc. + * Copyright (c) 2017, Linaro Limited * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -28,12 +29,14 @@ #define SPRD_UART_H #include <types_ext.h> +#include <drivers/serial.h> -void sprd_uart_flush(vaddr_t base); +struct sprd_uart_data { + struct io_pa_va base; + struct serial_chip chip; +}; -void sprd_uart_putc(vaddr_t base, unsigned char ch); - -unsigned char sprd_uart_getc(vaddr_t base); +void sprd_uart_init(struct sprd_uart_data *pd, paddr_t base); #endif /* SPRD_UART_H */ diff --git a/core/include/drivers/stih_asc.h b/core/include/drivers/stih_asc.h new file mode 100644 index 0000000..a7cbee2 --- /dev/null +++ b/core/include/drivers/stih_asc.h @@ -0,0 +1,43 @@ +/* + * Copyright (c) 2017, Linaro Limited + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#ifndef STIH_ASC_H +#define STIH_ASC_H + +#include <drivers/serial.h> +#include <types_ext.h> + +#define STIH_ASC_REG_SIZE 0x1000 + +struct stih_asc_pd { + struct io_pa_va base; + struct serial_chip chip; +}; + +void stih_asc_init(struct stih_asc_pd *pb, vaddr_t base); + +#endif /* STIH_ASC_H */ + diff --git a/core/include/drivers/sunxi_uart.h b/core/include/drivers/sunxi_uart.h index 2b33641..a5a2b8c 100644 --- a/core/include/drivers/sunxi_uart.h +++ b/core/include/drivers/sunxi_uart.h @@ -28,16 +28,14 @@ #define SUNXI_UART_H #include <types_ext.h> +#include <drivers/serial.h> -void sunxi_uart_init(vaddr_t base); +struct sunxi_uart_data { + struct io_pa_va base; + struct serial_chip chip; +}; -void sunxi_uart_putc(int ch, vaddr_t base); - -void sunxi_uart_flush(vaddr_t base); - -bool sunxi_uart_have_rx_data(vaddr_t base); - -int sunxi_uart_getchar(vaddr_t base); +void sunxi_uart_init(struct sunxi_uart_data *pd, paddr_t base); #endif /*SUNXI_UART_H*/ diff --git a/core/include/io.h b/core/include/io.h index 510bf33..83b2efc 100644 --- a/core/include/io.h +++ b/core/include/io.h @@ -30,12 +30,6 @@ #include <stdint.h> #include <types_ext.h> -/* - * IO access macro, please avoid using this macro, since it's going to be - * deprecated. - */ -#define IO(addr) (*((volatile unsigned long *)(addr))) - static inline void write8(uint8_t val, vaddr_t addr) { *(volatile uint8_t *)addr = val; diff --git a/core/include/tee/cache.h b/core/include/tee/cache.h new file mode 100644 index 0000000..d32e365 --- /dev/null +++ b/core/include/tee/cache.h @@ -0,0 +1,34 @@ +/* + * Copyright (c) 2015, Linaro Limited + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ +#ifndef TEE_CACHE_H +#define TEE_CACHE_H + +#include <utee_types.h> + +TEE_Result cache_operation(enum utee_cache_operation op, void *va, size_t len); + +#endif /* TEE_CACHE_H */ diff --git a/core/include/tee/fs_htree.h b/core/include/tee/fs_htree.h new file mode 100644 index 0000000..3d280db --- /dev/null +++ b/core/include/tee/fs_htree.h @@ -0,0 +1,186 @@ +/* + * Copyright (c) 2017, Linaro Limited + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef __TEE_FS_HTREE_H +#define __TEE_FS_HTREE_H + +/* + * The purpose of this API is to provide file integrity and confidentiality + * in order to implement secure storage. On-disk data structures are + * duplicated to make updates atomic, an update is finalized to disk with + * tee_fs_htree_sync_to_storage(). + * + * This implementation doesn't provide rollback protection, it only + * guarantees the integrity and confidentiality of the file. + */ + +#include <tee_api_types.h> +#include <utee_defines.h> + +#define TEE_FS_HTREE_HASH_SIZE TEE_SHA256_HASH_SIZE +#define TEE_FS_HTREE_IV_SIZE 16 +#define TEE_FS_HTREE_FEK_SIZE 16 +#define TEE_FS_HTREE_TAG_SIZE 16 + +/* Internal struct provided to let the rpc callbacks know the size if needed */ +struct tee_fs_htree_node_image { + /* Note that calc_node_hash() depends on hash first in struct */ + uint8_t hash[TEE_FS_HTREE_HASH_SIZE]; + uint8_t iv[TEE_FS_HTREE_IV_SIZE]; + uint8_t tag[TEE_FS_HTREE_TAG_SIZE]; + uint16_t flags; +}; + +/* + * This struct is not interpreted by the hash tree, it's up to the user of + * the interface to update etc if needed. + */ +struct tee_fs_htree_meta { + uint64_t length; +}; + +/* Internal struct needed by struct tee_fs_htree_image */ +struct tee_fs_htree_imeta { + struct tee_fs_htree_meta meta; + uint32_t max_node_id; +}; + +/* Internal struct provided to let the rpc callbacks know the size if needed */ +struct tee_fs_htree_image { + uint8_t iv[TEE_FS_HTREE_IV_SIZE]; + uint8_t tag[TEE_FS_HTREE_TAG_SIZE]; + uint8_t enc_fek[TEE_FS_HTREE_FEK_SIZE]; + uint8_t imeta[sizeof(struct tee_fs_htree_imeta)]; + uint32_t counter; +}; + +/** + * enum tee_fs_htree_type - type of hash tree element + * @TEE_FS_HTREE_TYPE_HEAD: indicates a struct tee_fs_htree_image + * @TEE_FS_HTREE_TYPE_NODE: indicates a struct tee_fs_htree_node_image + * @TEE_FS_HTREE_TYPE_BLOCK: indicates a data block + */ +enum tee_fs_htree_type { + TEE_FS_HTREE_TYPE_HEAD, + TEE_FS_HTREE_TYPE_NODE, + TEE_FS_HTREE_TYPE_BLOCK, +}; + +struct tee_fs_rpc_operation; + +/** + * struct tee_fs_htree_storage - storage description supplied by user of + * this interface + * @block_size: size of data blocks + * @rpc_read_init: initialize a struct tee_fs_rpc_operation for an RPC read + * operation + * @rpc_write_init: initialize a struct tee_fs_rpc_operation for an RPC + * write operation + * + * The @idx arguments starts counting from 0. The @vers arguments are either + * 0 or 1. The @data arguments is a pointer to a buffer in non-secure shared + * memory where the encrypted data is stored. + */ +struct tee_fs_htree_storage { + size_t block_size; + TEE_Result (*rpc_read_init)(void *aux, struct tee_fs_rpc_operation *op, + enum tee_fs_htree_type type, size_t idx, + uint8_t vers, void **data); + TEE_Result (*rpc_read_final)(struct tee_fs_rpc_operation *op, + size_t *bytes); + TEE_Result (*rpc_write_init)(void *aux, struct tee_fs_rpc_operation *op, + enum tee_fs_htree_type type, size_t idx, + uint8_t vers, void **data); + TEE_Result (*rpc_write_final)(struct tee_fs_rpc_operation *op); +}; + +struct tee_fs_htree; + +/** + * tee_fs_htree_open() - opens/creates a hash tree + * @create: true if a new hash tree is to be created, else the hash tree + * is read in and verified + * @stor: storage description + * @stor_aux: auxilary pointer supplied to callbacks in struct + * tee_fs_htree_storage + * @ht: returned hash tree on success + */ +TEE_Result tee_fs_htree_open(bool create, + const struct tee_fs_htree_storage *stor, + void *stor_aux, struct tee_fs_htree **ht); +/** + * tee_fs_htree_close() - close a hash tree + * @ht: hash tree + */ +void tee_fs_htree_close(struct tee_fs_htree **ht); + +/** + * tee_fs_htree_get_meta() - get a pointer to associated struct + * tee_fs_htree_meta + * @ht: hash tree + */ +struct tee_fs_htree_meta *tee_fs_htree_get_meta(struct tee_fs_htree *ht); + +/** + * tee_fs_htree_sync_to_storage() - synchronize hash tree to storage + * @ht: hash tree + * + * Frees the hash tree and sets *ht to NULL on failure and returns an error code + */ +TEE_Result tee_fs_htree_sync_to_storage(struct tee_fs_htree **ht); + +/** + * tee_fs_htree_truncate() - truncate a hash tree + * @ht: hash tree + * @block_num: the number of nodes to truncate to + * + * Frees the hash tree and sets *ht to NULL on failure and returns an error code + */ +TEE_Result tee_fs_htree_truncate(struct tee_fs_htree **ht, size_t block_num); + +/** + * tee_fs_htree_write_block() - encrypt and write a data block to storage + * @ht: hash tree + * @block_num: block number + * @block: pointer to a block of stor->block_size size + * + * Frees the hash tree and sets *ht to NULL on failure and returns an error code + */ +TEE_Result tee_fs_htree_write_block(struct tee_fs_htree **ht, size_t block_num, + const void *block); +/** + * tee_fs_htree_write_block() - read and decrypt a data block from storage + * @ht: hash tree + * @block_num: block number + * @block: pointer to a block of stor->block_size size + * + * Frees the hash tree and sets *ht to NULL on failure and returns an error code + */ +TEE_Result tee_fs_htree_read_block(struct tee_fs_htree **ht, size_t block_num, + void *block); + +#endif /*__TEE_FS_HTREE_H*/ diff --git a/core/include/tee/tee_fs_defs.h b/core/include/tee/svc_cache.h index 9c11de9..d5d4972 100644 --- a/core/include/tee/tee_fs_defs.h +++ b/core/include/tee/svc_cache.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2014, STMicroelectronics International N.V. + * Copyright (c) 2015, Linaro Limited * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -24,41 +24,16 @@ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. */ +#ifndef SVC_CACHE_H +#define SVC_CACHE_H -#ifndef TEE_FS_DEFS_H -#define TEE_FS_DEFS_H - -/* - * tee_fs_open - */ -#define TEE_FS_O_RDONLY 0x1 -#define TEE_FS_O_WRONLY 0x2 -#define TEE_FS_O_RDWR 0x4 -#define TEE_FS_O_CREATE 0x8 -#define TEE_FS_O_EXCL 0x10 -#define TEE_FS_O_APPEND 0x20 -#define TEE_FS_O_TRUNC 0x40 - -/* - * tee_fs_lseek - */ -#define TEE_FS_SEEK_SET 0x1 -#define TEE_FS_SEEK_END 0x2 -#define TEE_FS_SEEK_CUR 0x4 - -/* - * file modes - */ -#define TEE_FS_S_IWUSR 0x1 -#define TEE_FS_S_IRUSR 0x2 -#define TEE_FS_S_IXUSR 0x4 - -/* - * access modes - * X_OK is not supported - */ -#define TEE_FS_R_OK 0x1 -#define TEE_FS_W_OK 0x2 -#define TEE_FS_F_OK 0x4 +#include <types_ext.h> +#include <tee_api_types.h> +#ifdef CFG_CACHE_API +TEE_Result syscall_cache_operation(void *va, size_t len, unsigned long op); +#else +#define syscall_cache_operation syscall_not_supported #endif + +#endif /*SVC_CACHE_H*/ diff --git a/core/include/tee/tee_cryp_utl.h b/core/include/tee/tee_cryp_utl.h index 99304f5..b303a59 100644 --- a/core/include/tee/tee_cryp_utl.h +++ b/core/include/tee/tee_cryp_utl.h @@ -50,5 +50,10 @@ TEE_Result tee_aes_cbc_cts_update(void *cbc_ctx, void *ecb_ctx, TEE_Result tee_prng_add_entropy(const uint8_t *in, size_t len); void plat_prng_add_jitter_entropy(void); +/* + * The _norpc version must not invoke Normal World, or infinite recursion + * may occur. As an exception however, using mutexes is allowed. + */ +void plat_prng_add_jitter_entropy_norpc(void); #endif diff --git a/core/include/tee/tee_fs.h b/core/include/tee/tee_fs.h index 299ef74..81253da 100644 --- a/core/include/tee/tee_fs.h +++ b/core/include/tee/tee_fs.h @@ -38,30 +38,31 @@ typedef int64_t tee_fs_off_t; typedef uint32_t tee_fs_mode_t; struct tee_fs_dirent { - char *d_name; + uint8_t oid[TEE_OBJECT_ID_MAX_LEN]; + size_t oidlen; }; struct tee_fs_dir; struct tee_file_handle; +struct tee_pobj; /* * tee_fs implements a POSIX like secure file system with GP extension */ struct tee_file_operations { - TEE_Result (*open)(const char *name, struct tee_file_handle **fh); - TEE_Result (*create)(const char *name, struct tee_file_handle **fh); + TEE_Result (*open)(struct tee_pobj *po, struct tee_file_handle **fh); + TEE_Result (*create)(struct tee_pobj *po, struct tee_file_handle **fh); void (*close)(struct tee_file_handle **fh); - TEE_Result (*read)(struct tee_file_handle *fh, void *buf, size_t *len); - TEE_Result (*write)(struct tee_file_handle *fh, const void *buf, - size_t len); - TEE_Result (*seek)(struct tee_file_handle *fh, int32_t offs, - TEE_Whence whence, int32_t *new_offs); - TEE_Result (*rename)(const char *old_name, const char *new_name, + TEE_Result (*read)(struct tee_file_handle *fh, size_t pos, + void *buf, size_t *len); + TEE_Result (*write)(struct tee_file_handle *fh, size_t pos, + const void *buf, size_t len); + TEE_Result (*rename)(struct tee_pobj *old_po, struct tee_pobj *new_po, bool overwrite); - TEE_Result (*remove)(const char *name); + TEE_Result (*remove)(struct tee_pobj *po); TEE_Result (*truncate)(struct tee_file_handle *fh, size_t size); - TEE_Result (*opendir)(const char *name, struct tee_fs_dir **d); + TEE_Result (*opendir)(const TEE_UUID *uuid, struct tee_fs_dir **d); TEE_Result (*readdir)(struct tee_fs_dir *d, struct tee_fs_dirent **ent); void (*closedir)(struct tee_fs_dir *d); }; diff --git a/core/include/tee/tee_fs_key_manager.h b/core/include/tee/tee_fs_key_manager.h index 7f26d26..b7259aa 100644 --- a/core/include/tee/tee_fs_key_manager.h +++ b/core/include/tee/tee_fs_key_manager.h @@ -33,62 +33,17 @@ #define TEE_FS_KM_CHIP_ID_LENGTH 32 #define TEE_FS_KM_HMAC_ALG TEE_ALG_HMAC_SHA256 -#define TEE_FS_KM_AUTH_ENC_ALG TEE_ALG_AES_GCM #define TEE_FS_KM_ENC_FEK_ALG TEE_ALG_AES_ECB_NOPAD #define TEE_FS_KM_SSK_SIZE TEE_SHA256_HASH_SIZE #define TEE_FS_KM_TSK_SIZE TEE_SHA256_HASH_SIZE #define TEE_FS_KM_FEK_SIZE 16 /* bytes */ -#define TEE_FS_KM_IV_LEN 12 /* bytes */ -#define TEE_FS_KM_MAX_TAG_LEN 16 /* bytes */ - -#define BLOCK_FILE_SHIFT 12 - -#define BLOCK_FILE_SIZE (1 << BLOCK_FILE_SHIFT) - -#define NUM_BLOCKS_PER_FILE 1024 - -enum tee_fs_file_type { - META_FILE, - BLOCK_FILE -}; - -struct tee_fs_file_info { - uint64_t length; - uint32_t backup_version_table[NUM_BLOCKS_PER_FILE / 32]; -}; - -struct tee_fs_file_meta { - struct tee_fs_file_info info; - uint8_t encrypted_fek[TEE_FS_KM_FEK_SIZE]; - uint32_t counter; -}; - -struct common_header { - uint8_t iv[TEE_FS_KM_IV_LEN]; - uint8_t tag[TEE_FS_KM_MAX_TAG_LEN]; -}; - -struct meta_header { - uint8_t encrypted_key[TEE_FS_KM_FEK_SIZE]; - struct common_header common; -}; - -struct block_header { - struct common_header common; -}; - -size_t tee_fs_get_header_size(enum tee_fs_file_type type); TEE_Result tee_fs_generate_fek(uint8_t *encrypted_fek, int fek_size); -TEE_Result tee_fs_encrypt_file(enum tee_fs_file_type file_type, - const uint8_t *plaintext, size_t plaintext_size, - uint8_t *ciphertext, size_t *ciphertext_size, - const uint8_t *encrypted_fek); -TEE_Result tee_fs_decrypt_file(enum tee_fs_file_type file_type, - const uint8_t *data_in, size_t data_in_size, - uint8_t *plaintext, size_t *plaintext_size, - uint8_t *encrypted_fek); TEE_Result tee_fs_crypt_block(uint8_t *out, const uint8_t *in, size_t size, uint16_t blk_idx, const uint8_t *encrypted_fek, TEE_OperationMode mode); + +TEE_Result tee_fs_fek_crypt(TEE_OperationMode mode, const uint8_t *in_key, + size_t size, uint8_t *out_key); + #endif diff --git a/core/include/tee/tee_fs_rpc.h b/core/include/tee/tee_fs_rpc.h index 4d73c4b..43c7631 100644 --- a/core/include/tee/tee_fs_rpc.h +++ b/core/include/tee/tee_fs_rpc.h @@ -44,8 +44,8 @@ struct tee_fs_rpc_operation { size_t num_params; }; -TEE_Result tee_fs_rpc_open(uint32_t id, const char *fname, int *fd); -TEE_Result tee_fs_rpc_create(uint32_t id, const char *fname, int *fd); +TEE_Result tee_fs_rpc_open(uint32_t id, struct tee_pobj *po, int *fd); +TEE_Result tee_fs_rpc_create(uint32_t id, struct tee_pobj *po, int *fd); TEE_Result tee_fs_rpc_close(uint32_t id, int fd); TEE_Result tee_fs_rpc_read_init(struct tee_fs_rpc_operation *op, @@ -61,11 +61,11 @@ TEE_Result tee_fs_rpc_write_final(struct tee_fs_rpc_operation *op); TEE_Result tee_fs_rpc_truncate(uint32_t id, int fd, size_t len); -TEE_Result tee_fs_rpc_remove(uint32_t id, const char *fname); -TEE_Result tee_fs_rpc_rename(uint32_t id, const char *old_fname, - const char *new_fname, bool overwrite); +TEE_Result tee_fs_rpc_remove(uint32_t id, struct tee_pobj *po); +TEE_Result tee_fs_rpc_rename(uint32_t id, struct tee_pobj *old, + struct tee_pobj *new, bool overwrite); -TEE_Result tee_fs_rpc_opendir(uint32_t id, const char *name, +TEE_Result tee_fs_rpc_opendir(uint32_t id, const TEE_UUID *uuid, struct tee_fs_dir **d); TEE_Result tee_fs_rpc_closedir(uint32_t id, struct tee_fs_dir *d); TEE_Result tee_fs_rpc_readdir(uint32_t id, struct tee_fs_dir *d, diff --git a/core/include/tee/tee_obj.h b/core/include/tee/tee_obj.h index bb82c9c..2224233 100644 --- a/core/include/tee/tee_obj.h +++ b/core/include/tee/tee_obj.h @@ -40,9 +40,9 @@ struct tee_obj { bool busy; /* true if used by an operation */ uint32_t have_attrs; /* bitfield identifying set properties */ void *attr; + size_t ds_pos; struct tee_pobj *pobj; /* ptr to persistant object */ struct tee_file_handle *fh; - uint32_t ds_size; /* data stream size */ uint32_t flags; /* permission flags for persistent objects */ }; diff --git a/core/include/tee/tee_pobj.h b/core/include/tee/tee_pobj.h index db7c9a6..29b7f77 100644 --- a/core/include/tee/tee_pobj.h +++ b/core/include/tee/tee_pobj.h @@ -40,12 +40,14 @@ struct tee_pobj { void *obj_id; uint32_t obj_id_len; uint32_t flags; + bool temporary; /* Filesystem handling this object */ const struct tee_file_operations *fops; }; TEE_Result tee_pobj_get(TEE_UUID *uuid, void *obj_id, uint32_t obj_id_len, - uint32_t flags, const struct tee_file_operations *fops, + uint32_t flags, bool temporary, + const struct tee_file_operations *fops, struct tee_pobj **obj); TEE_Result tee_pobj_release(struct tee_pobj *obj); diff --git a/core/include/tee/tee_svc_storage.h b/core/include/tee/tee_svc_storage.h index 7e4c10e..d3f0858 100644 --- a/core/include/tee/tee_svc_storage.h +++ b/core/include/tee/tee_svc_storage.h @@ -82,11 +82,11 @@ void tee_svc_storage_close_all_enum(struct user_ta_ctx *utc); void tee_svc_storage_init(void); -char *tee_svc_storage_create_filename(struct tee_ta_session *sess, - void *object_id, - uint32_t object_id_len, - bool transient); +struct tee_pobj; +TEE_Result tee_svc_storage_create_filename(void *buf, size_t blen, + struct tee_pobj *po, bool transient); -char *tee_svc_storage_create_dirname(struct tee_ta_session *sess); +TEE_Result tee_svc_storage_create_dirname(void *buf, size_t blen, + const TEE_UUID *uuid); #endif /* TEE_SVC_STORAGE_H */ |