diff options
| author | android-build-team Robot <android-build-team-robot@google.com> | 2018-09-07 19:08:22 +0000 |
|---|---|---|
| committer | android-build-team Robot <android-build-team-robot@google.com> | 2018-09-07 19:08:22 +0000 |
| commit | 9a13fc2136cec133d0101e822da728eae2d5eef9 (patch) | |
| tree | 2fabda7fee0e597fc7f1cb3cd9c7fd65e17e7352 | |
| parent | ffd346fffdc38cb2e26ef63395767526a81f1581 (diff) | |
| parent | 0a6e4024f3580dad7adf564f71142236a914300f (diff) | |
| download | uboot-imx-oreo-mr1-1.2-iot-release.tar.gz | |
Snap for 4998801 from 0a6e4024f3580dad7adf564f71142236a914300f to oc-mr1-1.2-iot-releaseandroid-o-mr1-iot-release-smart-display-r4android-o-mr1-iot-release-smart-display-r3oreo-mr1-1.2-iot-release
Change-Id: I6a116de40f3ce0c0516b9196c899e98f7e339e78
24 files changed, 393 insertions, 263 deletions
diff --git a/arch/arm/imx-common/Kconfig b/arch/arm/imx-common/Kconfig index f557897106..e3ee091a2f 100644 --- a/arch/arm/imx-common/Kconfig +++ b/arch/arm/imx-common/Kconfig @@ -71,7 +71,7 @@ config IMX_M4_BIND config IMX_TRUSTY_OS bool "Support Trusty OS related feature" - depends on ARCH_MX6 || ARCH_MX7 + depends on ARCH_MX6 || ARCH_MX7 || ARCH_IMX8 || ARCH_IMX8M select SYS_ARM_CACHE_WRITEALLOC config SYS_ARM_CACHE_WRITEALLOC diff --git a/board/freescale/imx8mq_phanbell/imx8m_phanbell.c b/board/freescale/imx8mq_phanbell/imx8m_phanbell.c index 230fcf09c1..c4c161786d 100644 --- a/board/freescale/imx8mq_phanbell/imx8m_phanbell.c +++ b/board/freescale/imx8mq_phanbell/imx8m_phanbell.c @@ -169,6 +169,25 @@ int get_imx8m_baseboard_id(void) return baseboard_id; } +#ifdef CONFIG_IMX_TRUSTY_OS +int get_tee_load(ulong *load) +{ + int board_id; + + board_id = get_imx8m_baseboard_id(); + /* load TEE to the last 32M of DDR */ + if ((board_id == ENTERPRISE_MICRON_1G) || + (board_id == ENTERPRISE_HYNIX_1G)) { + /* for 1G DDR board */ + *load = (ulong)TEE_LOAD_ADDR_1G; + } else { + /* for 3G DDR board */ + *load = (ulong)TEE_LOAD_ADDR_3G; + } + + return 0; +} +#endif int dram_init(void) { diff --git a/board/freescale/pico-imx7d/Kconfig b/board/freescale/pico-imx7d/Kconfig index 79e12be576..a581f29d90 100644 --- a/board/freescale/pico-imx7d/Kconfig +++ b/board/freescale/pico-imx7d/Kconfig @@ -12,4 +12,8 @@ config SYS_SOC config SYS_CONFIG_NAME default "pico-imx7d" +config USE_STDINT + bool "Whether to use stdint" + default n + endif diff --git a/common/spl/spl_fit.c b/common/spl/spl_fit.c index fd7db10e40..1f1cd5c6c0 100644 --- a/common/spl/spl_fit.c +++ b/common/spl/spl_fit.c @@ -125,6 +125,15 @@ static int get_aligned_image_size(struct spl_load_info *info, int data_size, return (data_size + info->bl_len - 1) / info->bl_len; } +#if defined(CONFIG_DUAL_BOOTLOADER) && defined(CONFIG_IMX_TRUSTY_OS) +__weak int get_tee_load(ulong *load) +{ + /* default return ok */ + return 0; +} + +#endif + /** * spl_load_fit_image(): load the image described in a certain FIT node * @info: points to information about the device to load data from @@ -174,6 +183,21 @@ static int spl_load_fit_image(struct spl_load_info *info, ulong sector, if (fit_image_get_load(fit, node, &load_addr)) load_addr = image_info->load_addr; +#if defined(CONFIG_DUAL_BOOTLOADER) && defined(CONFIG_IMX_TRUSTY_OS) + char *desc = NULL; + + if (fit_get_desc(fit, node, &desc)) { + printf("can't found node description!\n"); + return -ENOENT; + } else if (!strncmp(desc, "TEE firmware", + strlen("TEE firmware"))) { + if (get_tee_load(&load_addr)) { + printf("Failed to get TEE load address!\n"); + return -ENOENT; + } + } +#endif + if (!fit_image_get_data_position(fit, node, &offset)) { external_data = true; } else if (!fit_image_get_data_offset(fit, node, &offset)) { diff --git a/configs/pico-imx7d-trusty_defconfig b/configs/pico-imx7d-trusty_defconfig index 8cfead91ad..17c989522d 100644 --- a/configs/pico-imx7d-trusty_defconfig +++ b/configs/pico-imx7d-trusty_defconfig @@ -38,4 +38,5 @@ CONFIG_USB_STORAGE=y CONFIG_OF_LIBFDT=y CONFIG_DM=y CONFIG_DM_THERMAL=y +CONFIG_USE_STDINT=y # CONFIG_EFI_LOADER is not set diff --git a/drivers/usb/gadget/f_fastboot.c b/drivers/usb/gadget/f_fastboot.c index 079faef3b0..db68c337e8 100755 --- a/drivers/usb/gadget/f_fastboot.c +++ b/drivers/usb/gadget/f_fastboot.c @@ -36,7 +36,6 @@ extern int armv7_init_nonsec(void); extern void trusty_os_init(void); #include <trusty/libtipc.h> -extern bool tos_flashed; #endif #ifdef CONFIG_FSL_FASTBOOT @@ -268,7 +267,7 @@ static struct usb_gadget_strings *fastboot_strings[] = { #else #define ANDROID_BOOTLOADER_OFFSET 0x400 #endif -#define ANDROID_BOOTLOADER_SIZE 0x1FFC00 +#define ANDROID_BOOTLOADER_SIZE 0x400000 #define MMC_SATA_BLOCK_SIZE 512 #define FASTBOOT_FBPARTS_ENV_MAX_LEN 1024 @@ -1090,12 +1089,14 @@ static int _fastboot_parts_load_from_ptable(void) ptable[PTN_GPT_INDEX].flags = FASTBOOT_PTENTRY_FLAGS_UNERASEABLE; strcpy(ptable[PTN_GPT_INDEX].fstype, "raw"); +#ifndef CONFIG_ARM64 /* Trusty OS */ strcpy(ptable[PTN_TEE_INDEX].name, FASTBOOT_PARTITION_TEE); ptable[PTN_TEE_INDEX].start = 0; ptable[PTN_TEE_INDEX].length = TRUSTY_OS_MMC_BLKS; ptable[PTN_TEE_INDEX].partition_id = TEE_HWPARTITION_ID; strcpy(ptable[PTN_TEE_INDEX].fstype, "raw"); +#endif /* Bootloader */ strcpy(ptable[PTN_BOOTLOADER_INDEX].name, FASTBOOT_PARTITION_BOOTLOADER); @@ -1340,6 +1341,15 @@ static AvbOps fsl_avb_ops = { #endif #ifdef CONFIG_IMX_TRUSTY_OS +#ifdef CONFIG_ARM64 +void tee_setup(void) +{ + trusty_ipc_init(); +} + +#else +extern bool tos_flashed; + void tee_setup(void) { /* load tee from boot1 of eMMC. */ @@ -1396,7 +1406,8 @@ fail: return; } -#endif +#endif /* CONFIG_ARM64 */ +#endif /* CONFIG_IMX_TRUSTY_OS */ void fastboot_setup(void) { @@ -1693,13 +1704,13 @@ int do_boota(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { printf(" boot '%s%s' still\n", avb_loadpart->partition_name, avb_out_data->ab_suffix); } - char bootargs_sec[ANDR_BOOT_ARGS_SIZE]; + char bootargs_sec[ANDR_BOOT_EXTRA_ARGS_SIZE]; if (lock_status == FASTBOOT_LOCK) { - sprintf(bootargs_sec, + snprintf(bootargs_sec, sizeof(bootargs_sec), "androidboot.verifiedbootstate=green androidboot.slot_suffix=%s %s", avb_out_data->ab_suffix, avb_out_data->cmdline); } else { - sprintf(bootargs_sec, + snprintf(bootargs_sec, sizeof(bootargs_sec), "androidboot.verifiedbootstate=orange androidboot.slot_suffix=%s %s", avb_out_data->ab_suffix, avb_out_data->cmdline); } @@ -2551,6 +2562,9 @@ static int get_single_var(char *cmd, char *response) trusty_free(uuid); } } + else if(!strcmp_l1("at-attest-dh", cmd)) { + strncat(response, "1:P256,2:curve25519", chars_left); + } #endif #ifdef CONFIG_FASTBOOT_LOCK else if (!strcmp_l1("secure", cmd)) { @@ -3039,7 +3053,7 @@ static int partition_table_valid(void) { int status, mmc_no; struct blk_desc *dev_desc; -#ifdef CONFIG_IMX_TRUSTY_OS +#if defined(CONFIG_IMX_TRUSTY_OS) && !defined(CONFIG_ARM64) //Prevent other partition accessing when no TOS flashed. if (!tos_flashed) return 0; diff --git a/drivers/usb/gadget/fastboot_lock_unlock.c b/drivers/usb/gadget/fastboot_lock_unlock.c index 7244fd0d6d..362741c1dd 100644 --- a/drivers/usb/gadget/fastboot_lock_unlock.c +++ b/drivers/usb/gadget/fastboot_lock_unlock.c @@ -54,7 +54,7 @@ int fastboot_flash_find_index(const char *name); -#ifdef CONFIG_IMX_TRUSTY_OS +#if defined(CONFIG_IMX_TRUSTY_OS) && !defined(CONFIG_ARM64) #define HAB_TAG_IVT 0xD1 #define IVT_HDR_LEN 0x20 #define HAB_MAJ_VER 0x40 @@ -283,8 +283,10 @@ FbLockState fastboot_get_lock_stat(void) { * unlock status to make device been able * to flash Trusty OS binary. */ +#ifndef CONFIG_ARM64 if (!tos_flashed) return FASTBOOT_UNLOCK; +#endif ret = trusty_read_lock_state(&l_status); if (ret < 0) return g_lockstat; @@ -299,8 +301,10 @@ int fastboot_set_lock_stat(FbLockState lock) { * If Trusty OS not flashed, we must prevent set lock * status. Due the Trusty IPC won't work here. */ +#ifndef CONFIG_ARM64 if (!tos_flashed) return 0; +#endif ret = trusty_write_lock_state(lock); if (ret < 0) { printf("cannot set lock status due Trusty return %d\n", ret); diff --git a/include/configs/imx8mq_evk_androidthings.h b/include/configs/imx8mq_evk_androidthings.h index 35d09f03e2..2a9d007564 100644 --- a/include/configs/imx8mq_evk_androidthings.h +++ b/include/configs/imx8mq_evk_androidthings.h @@ -58,6 +58,9 @@ #define WIBO_3G 0x00 #define IMX8M_REF_3G 0x00 +#define TEE_LOAD_ADDR_1G 0x7e000000 +#define TEE_LOAD_ADDR_3G 0xfe000000 + #ifdef CONFIG_SPL_BUILD #define CONFIG_FSL_CAAM_KB diff --git a/include/interface/keymaster/keymaster.h b/include/interface/keymaster/keymaster.h index 7b18a64f36..a5e3e8b4c7 100644 --- a/include/interface/keymaster/keymaster.h +++ b/include/interface/keymaster/keymaster.h @@ -62,6 +62,7 @@ enum keymaster_command { KM_ATAP_SET_CA_RESPONSE_UPDATE = (0x6000 << KEYMASTER_REQ_SHIFT), KM_ATAP_SET_CA_RESPONSE_FINISH = (0x7000 << KEYMASTER_REQ_SHIFT), KM_ATAP_READ_UUID = (0x8000 << KEYMASTER_REQ_SHIFT), + KM_SET_PRODUCT_ID = (0x9000 << KEYMASTER_REQ_SHIFT) }; typedef enum { diff --git a/include/trusty/keymaster.h b/include/trusty/keymaster.h index beb2ff9578..eadb0d1319 100644 --- a/include/trusty/keymaster.h +++ b/include/trusty/keymaster.h @@ -117,4 +117,14 @@ int trusty_atap_set_ca_response(const uint8_t *ca_response, */ int trusty_atap_read_uuid_str(char **uuid_p); +/* + * SetProductId is only called once to set the secure product id. Caller should + * read the product id from permanent attributes structure and set the product + * id while fusing the permanent attributes. + * + * @product_id: The product id to be set. + * @size: The size of the product id. + */ +int trusty_set_product_id(const uint8_t *product_id, uint32_t size); + #endif /* TRUSTY_KEYMASTER_H_ */ diff --git a/include/trusty/libtipc.h b/include/trusty/libtipc.h index e37b010770..69e480104c 100644 --- a/include/trusty/libtipc.h +++ b/include/trusty/libtipc.h @@ -31,7 +31,7 @@ /* * Initialize TIPC library */ -void trusty_ipc_init(void); +int trusty_ipc_init(void); /* * Shutdown TIPC library */ diff --git a/include/trusty/rpmb.h b/include/trusty/rpmb.h index 594f527a35..50066d2707 100644 --- a/include/trusty/rpmb.h +++ b/include/trusty/rpmb.h @@ -38,10 +38,6 @@ */ int rpmb_storage_proxy_init(struct trusty_ipc_dev *dev, void *rpmb_dev); /* - * Poll for and handle RPMB storange events. Returns one of trusty_err. - */ -int rpmb_storage_proxy_poll(void); -/* * Shutdown RPMB storage proxy * * @dev: initialized with trusty_ipc_dev_create @@ -73,4 +69,10 @@ int rpmb_storage_send(void *rpmb_dev, */ void *rpmb_storage_get_ctx(void); +/* + * Release a previously obtained RPMB context. + * Implementation is platform specific. + */ +void rpmb_storage_put_ctx(void *dev); + #endif /* TRUSTY_RPMB_H_ */ diff --git a/include/trusty/sysdeps.h b/include/trusty/sysdeps.h index a0fc090e9a..1f26bbd4c3 100644 --- a/include/trusty/sysdeps.h +++ b/include/trusty/sysdeps.h @@ -29,10 +29,9 @@ * types available in a normal C runtime. At least things like uint64_t, * uintptr_t, and bool (with |false|, |true| keywords) must be present. */ +#include <common.h> #include <compiler.h> -#include <stdarg.h> -#include <stdbool.h> -#include <linux/types.h> + /* * These attribute macros may need to be adjusted if not using gcc or clang. */ @@ -75,8 +74,8 @@ void trusty_idle(struct trusty_dev *dev); */ void trusty_abort(void) TRUSTY_ATTR_NO_RETURN; /* - * Print a formatted string. @format must point to a NULL-terminated UTF-8 - * string, and is followed by arguments to be printed. + * Print a formatted string. @format must point to a NULL-terminated string, and + * is followed by arguments to be printed. */ void trusty_printf(const char *format, ...); /* @@ -108,16 +107,14 @@ void *trusty_calloc(size_t n, size_t size) TRUSTY_ATTR_WARN_UNUSED_RESULT; */ void trusty_free(void *addr); /* - * Allocate @size bytes of page aligned memory to be shared with secure side. + * Allocate @count contiguous pages to be shared with secure side. * - * @mem_inf: Stores cache attributes * Returns: vaddr of allocated memory */ -void *trusty_membuf_alloc(struct ns_mem_page_info *mem_inf, - size_t size) TRUSTY_ATTR_WARN_UNUSED_RESULT; +void *trusty_alloc_pages(unsigned count) TRUSTY_ATTR_WARN_UNUSED_RESULT; /* - * Frees memory at @vaddr allocated by trusty_membuf_alloc + * Free @count pages at @vaddr allocated by trusty_alloc_pages */ -void trusty_membuf_free(void *vaddr); +void trusty_free_pages(void *vaddr, unsigned count); #endif /* TRUSTY_SYSDEPS_H_ */ diff --git a/include/trusty/trusty_ipc.h b/include/trusty/trusty_ipc.h index 03ef93507d..ce7cbd126a 100644 --- a/include/trusty/trusty_ipc.h +++ b/include/trusty/trusty_ipc.h @@ -143,11 +143,11 @@ struct trusty_ipc_chan { * * @ipc_dev: new Trusty IPC device to be initialized * @tdev: associated Trusty device - * @buf_size: size of shared buffer to be allocated + * @shared_buf_size: size of shared buffer to be allocated */ int trusty_ipc_dev_create(struct trusty_ipc_dev **ipc_dev, struct trusty_dev *tdev, - size_t buf_size); + size_t shared_buf_size); /* * Shutdown @dev. Frees shared buffer, and calls trusty_dev_shutdown_ipc * to shutdown on the secure side. @@ -227,10 +227,10 @@ int trusty_ipc_connect(struct trusty_ipc_chan *chan, const char *port, */ int trusty_ipc_close(struct trusty_ipc_chan *chan); /* - * Calls trusty_ipc_dev_get_event to poll for an event on @chan. Handles - * event by calling appropriate callback. Returns nonnegative on success. + * Calls trusty_ipc_dev_get_event to poll @dev for events. Handles + * events by calling appropriate callbacks. Returns nonnegative on success. */ -int trusty_ipc_poll_for_event(struct trusty_ipc_chan *chan); +int trusty_ipc_poll_for_event(struct trusty_ipc_dev *dev); /* * Calls trusty_ipc_dev_send to send a message. Returns a trusty_err. * diff --git a/include/trusty/trusty_mem.h b/include/trusty/trusty_mem.h new file mode 100644 index 0000000000..c796baa03f --- /dev/null +++ b/include/trusty/trusty_mem.h @@ -0,0 +1,41 @@ +/* + * Copyright (C) 2018 The Android Open Source Project + * + * Permission is hereby granted, free of charge, to any person + * obtaining a copy of this software and associated documentation + * files (the "Software"), to deal in the Software without + * restriction, including without limitation the rights to use, copy, + * modify, merge, publish, distribute, sublicense, and/or sell copies + * of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be + * included in all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + * SOFTWARE. + */ + +#ifndef TRUSTY_TRUSTY_MEM_H_ +#define TRUSTY_TRUSTY_MEM_H_ + +#include <trusty/sysdeps.h> + +/* + * Encodes the memory attributes of @va into @inf + * + * @inf: ns_mem_page_info allocated by the caller + * @va: virtual addresses to retrieve attributes for + * + * Returns 0 on success and -1 on failure + */ + +int trusty_encode_page_info(struct ns_mem_page_info *inf, void *va); + +#endif /* TRUSTY_TRUSTY_MEM_H_ */ diff --git a/lib/avb/fsl/fsl_avbkey.c b/lib/avb/fsl/fsl_avbkey.c index 30494cb080..4037a09f69 100644 --- a/lib/avb/fsl/fsl_avbkey.c +++ b/lib/avb/fsl/fsl_avbkey.c @@ -45,56 +45,8 @@ #define RESULT_ERROR -1 #define RESULT_OK 0 -#ifndef CONFIG_FSL_CAAM_KB -/* ARM64 won't avbkey and rollback index in this stage directly. */ -int avbkey_init(uint8_t *plainkey, uint32_t keylen) { - return 0; -} - -int rbkidx_erase(void) { - return 0; -} - -/* - * In no security enhanced ARM64, we cannot protect public key. - * So that we choose to trust the key from vbmeta image - */ -AvbIOResult fsl_validate_vbmeta_public_key_rpmb(AvbOps* ops, - const uint8_t* public_key_data, - size_t public_key_length, - const uint8_t* public_key_metadata, - size_t public_key_metadata_length, - bool* out_is_trusted) { - *out_is_trusted = true; - return AVB_IO_RESULT_OK; -} - -/* In no security enhanced ARM64, rollback index has no protection so no use it */ -AvbIOResult fsl_write_rollback_index_rpmb(AvbOps* ops, size_t rollback_index_slot, - uint64_t rollback_index) { - return AVB_IO_RESULT_OK; - -} -AvbIOResult fsl_read_rollback_index_rpmb(AvbOps* ops, size_t rollback_index_slot, - uint64_t* out_rollback_index) { - *out_rollback_index = 0; - return AVB_IO_RESULT_OK; -} -#else /* CONFIG_FSL_CAAM_KB */ -static int mmc_dev_no = -1; - -static struct mmc *get_mmc(void) { - extern int mmc_get_env_devno(void); - struct mmc *mmc; - if (mmc_dev_no < 0 && (mmc_dev_no = mmc_get_env_dev()) < 0) - return NULL; - mmc = find_mmc_device(mmc_dev_no); - if (!mmc || mmc_init(mmc)) - return NULL; - return mmc; -} - #ifndef CONFIG_SPL_BUILD +#if defined(CONFIG_AVB_ATX) && !defined(CONFIG_ARM64) static int fsl_fuse_ops(uint32_t *buffer, uint32_t length, uint32_t offset, const uint8_t read) { @@ -161,8 +113,9 @@ static int fsl_fuse_write(const uint32_t *buffer, uint32_t length, uint32_t offs 0 ); } +#endif /* defined(CONFIG_AVB_ATX) && !defined(CONFIG_ARM64) */ -#if defined(AVB_RPMB) && defined(CONFIG_AVB_ATX) +#if defined(CONFIG_AVB_ATX) static int sha256(unsigned char* data, int len, unsigned char* output) { struct hash_algo *algo; void *buf; @@ -209,6 +162,10 @@ calc_sha256: } static int init_permanent_attributes_fuse(void) { + +#ifdef CONFIG_ARM64 + return RESULT_OK; +#else uint8_t sha256_hash[AVB_SHA256_DIGEST_SIZE]; uint32_t buffer[ATX_FUSE_BANK_NUM]; int num = 0; @@ -242,6 +199,7 @@ static int init_permanent_attributes_fuse(void) { } return RESULT_OK; +#endif /* CONFIG_ARM64 */ } #endif @@ -253,8 +211,8 @@ int avb_atx_fuse_perm_attr(uint8_t *staged_buffer, uint32_t size) { return -1; } if (size != sizeof(AvbAtxPermanentAttributes)) { - ERR("Error. expect perm_attr length %d, but get %d.\n", - sizeof(AvbAtxPermanentAttributes), size); + ERR("Error. expect perm_attr length %u, but get %u.\n", + (uint32_t)sizeof(AvbAtxPermanentAttributes), size); return -1; } #ifdef CONFIG_IMX_TRUSTY_OS @@ -274,14 +232,133 @@ int avb_atx_fuse_perm_attr(uint8_t *staged_buffer, uint32_t size) { return 0; #endif } + +/* Reads permanent |attributes| data. There are no restrictions on where this + * data is stored. On success, returns AVB_IO_RESULT_OK and populates + * |attributes|. + */ +AvbIOResult fsl_read_permanent_attributes( + AvbAtxOps* atx_ops, AvbAtxPermanentAttributes* attributes) { +#ifdef CONFIG_IMX_TRUSTY_OS + if (!trusty_read_permanent_attributes((uint8_t *)attributes, + sizeof(AvbAtxPermanentAttributes))) { + return AVB_IO_RESULT_OK; + } + ERR("No perm-attr fused. Will use hard code one.\n"); +#endif /* CONFIG_IMX_TRUSTY_OS */ + + /* use hard code permanent attributes due to limited fuse and RPMB */ + attributes->version = fsl_version; + memcpy(attributes->product_root_public_key, fsl_product_root_public_key, + sizeof(fsl_product_root_public_key)); + memcpy(attributes->product_id, fsl_atx_product_id, + sizeof(fsl_atx_product_id)); + + return AVB_IO_RESULT_OK; +} + +/* Reads a |hash| of permanent attributes. This hash MUST be retrieved from a + * permanently read-only location (e.g. fuses) when a device is LOCKED. On + * success, returned AVB_IO_RESULT_OK and populates |hash|. + */ +AvbIOResult fsl_read_permanent_attributes_hash( + AvbAtxOps* atx_ops, uint8_t hash[AVB_SHA256_DIGEST_SIZE]) { +#ifdef CONFIG_ARM64 + /* calculate sha256(permanent attributes) */ + if (permanent_attributes_sha256_hash(hash) != RESULT_OK) { + return AVB_IO_RESULT_ERROR_IO; + } else { + return AVB_IO_RESULT_OK; + } +#else + uint8_t sha256_hash_buf[AVB_SHA256_DIGEST_SIZE]; + uint32_t sha256_hash_fuse[ATX_FUSE_BANK_NUM]; + + /* read first 112 bits of sha256(permanent attributes) from fuse */ + if (fsl_fuse_read(sha256_hash_fuse, ATX_FUSE_BANK_NUM, + PERMANENT_ATTRIBUTE_HASH_OFFSET)) { + printf("ERROR - read permanent attributes hash from " + "fuse error\n"); + return AVB_IO_RESULT_ERROR_IO; + } + /* only take the lower 2 bytes of last bank */ + sha256_hash_fuse[ATX_FUSE_BANK_NUM - 1] &= ATX_FUSE_BANK_MASK; + + /* calculate sha256(permanent attributes) */ + if (permanent_attributes_sha256_hash(sha256_hash_buf) != RESULT_OK) { + return AVB_IO_RESULT_ERROR_IO; + } + /* check if the sha256(permanent attributes) hash match the calculated one, + * if not match, just return all zeros hash. + */ + if (memcmp(sha256_hash_fuse, sha256_hash_buf, ATX_HASH_LENGTH)) { + printf("ERROR - sha256(permanent attributes) does not match\n"); + memset(hash, 0, AVB_SHA256_DIGEST_SIZE); + } else { + memcpy(hash, sha256_hash_buf, AVB_SHA256_DIGEST_SIZE); + } + + return AVB_IO_RESULT_OK; +#endif /* CONFIG_ARM64 */ +} + #endif /* CONFIG_AVB_ATX */ #endif /* CONFIG_SPL_BUILD */ +#ifndef CONFIG_FSL_CAAM_KB +/* ARM64 won't avbkey and rollback index in this stage directly. */ +int avbkey_init(uint8_t *plainkey, uint32_t keylen) { + return 0; +} + +int rbkidx_erase(void) { + return 0; +} + +/* + * In no security enhanced ARM64, we cannot protect public key. + * So that we choose to trust the key from vbmeta image + */ +AvbIOResult fsl_validate_vbmeta_public_key_rpmb(AvbOps* ops, + const uint8_t* public_key_data, + size_t public_key_length, + const uint8_t* public_key_metadata, + size_t public_key_metadata_length, + bool* out_is_trusted) { + *out_is_trusted = true; + return AVB_IO_RESULT_OK; +} + +/* In no security enhanced ARM64, rollback index has no protection so no use it */ +AvbIOResult fsl_write_rollback_index_rpmb(AvbOps* ops, size_t rollback_index_slot, + uint64_t rollback_index) { + return AVB_IO_RESULT_OK; + +} +AvbIOResult fsl_read_rollback_index_rpmb(AvbOps* ops, size_t rollback_index_slot, + uint64_t* out_rollback_index) { + *out_rollback_index = 0; + return AVB_IO_RESULT_OK; +} +#else /* CONFIG_FSL_CAAM_KB */ +static int mmc_dev_no = -1; + +struct mmc *get_mmc(void) { + extern int mmc_get_env_devno(void); + struct mmc *mmc; + if (mmc_dev_no < 0 && (mmc_dev_no = mmc_get_env_dev()) < 0) + return NULL; + mmc = find_mmc_device(mmc_dev_no); + if (!mmc || mmc_init(mmc)) + return NULL; + return mmc; +} + #ifdef AVB_RPMB int rpmb_read(struct mmc *mmc, uint8_t *buffer, size_t num_bytes, int64_t offset); int rpmb_write(struct mmc *mmc, uint8_t *buffer, size_t num_bytes, int64_t offset); -#ifndef CONFIG_IMX_TRUSTY_OS +#if defined(CONFIG_IMX_TRUSTY_OS) || defined(CONFIG_SPL_BUILD) int rpmb_init(void) { #if !defined(CONFIG_SPL_BUILD) || !defined(CONFIG_DUAL_BOOTLOADER) int i; @@ -1236,67 +1313,7 @@ fail: #endif /* CONFIG_SPL_BUILD */ #endif /* CONFIG_FSL_CAAM_KB */ -#if defined(AVB_RPMB) && defined(CONFIG_AVB_ATX) -/* Reads permanent |attributes| data. There are no restrictions on where this - * data is stored. On success, returns AVB_IO_RESULT_OK and populates - * |attributes|. - */ -AvbIOResult fsl_read_permanent_attributes( - AvbAtxOps* atx_ops, AvbAtxPermanentAttributes* attributes) { -#ifdef CONFIG_IMX_TRUSTY_OS - if (!trusty_read_permanent_attributes((uint8_t *)attributes, - sizeof(AvbAtxPermanentAttributes))) { - return AVB_IO_RESULT_OK; - } - ERR("No perm-attr fused. Will use hard code one.\n"); -#endif /* CONFIG_IMX_TRUSTY_OS */ - - /* use hard code permanent attributes due to limited fuse and RPMB */ - attributes->version = fsl_version; - memcpy(attributes->product_root_public_key, fsl_product_root_public_key, - sizeof(fsl_product_root_public_key)); - memcpy(attributes->product_id, fsl_atx_product_id, - sizeof(fsl_atx_product_id)); - - return AVB_IO_RESULT_OK; -} - -/* Reads a |hash| of permanent attributes. This hash MUST be retrieved from a - * permanently read-only location (e.g. fuses) when a device is LOCKED. On - * success, returned AVB_IO_RESULT_OK and populates |hash|. - */ -AvbIOResult fsl_read_permanent_attributes_hash( - AvbAtxOps* atx_ops, uint8_t hash[AVB_SHA256_DIGEST_SIZE]) { - uint8_t sha256_hash_buf[AVB_SHA256_DIGEST_SIZE]; - uint32_t sha256_hash_fuse[ATX_FUSE_BANK_NUM]; - - /* read first 112 bits of sha256(permanent attributes) from fuse */ - if (fsl_fuse_read(sha256_hash_fuse, ATX_FUSE_BANK_NUM, - PERMANENT_ATTRIBUTE_HASH_OFFSET)) { - printf("ERROR - read permanent attributes hash from " - "fuse error\n"); - return AVB_IO_RESULT_ERROR_IO; - } - /* only take the lower 2 bytes of last bank */ - sha256_hash_fuse[ATX_FUSE_BANK_NUM - 1] &= ATX_FUSE_BANK_MASK; - - /* calculate sha256(permanent attributes) */ - if (permanent_attributes_sha256_hash(sha256_hash_buf) != RESULT_OK) { - return AVB_IO_RESULT_ERROR_IO; - } - /* check if the sha256(permanent attributes) hash match the calculated one, - * if not match, just return all zeros hash. - */ - if (memcmp(sha256_hash_fuse, sha256_hash_buf, ATX_HASH_LENGTH)) { - printf("ERROR - sha256(permanent attributes) does not match\n"); - memset(hash, 0, AVB_SHA256_DIGEST_SIZE); - } else { - memcpy(hash, sha256_hash_buf, AVB_SHA256_DIGEST_SIZE); - } - - return AVB_IO_RESULT_OK; -} - +#if defined(AVB_RPMB) && defined(CONFIG_AVB_ATX) && !defined(CONFIG_SPL_BUILD) /* Provides the key version of a key used during verification. This may be * useful for managing the minimum key version. */ diff --git a/lib/trusty/ql-tipc/arch/arm/trusty_dev.c b/lib/trusty/ql-tipc/arch/arm/trusty_dev.c index 6407d738da..bd9a5fbfb6 100644 --- a/lib/trusty/ql-tipc/arch/arm/trusty_dev.c +++ b/lib/trusty/ql-tipc/arch/arm/trusty_dev.c @@ -61,12 +61,12 @@ static unsigned long smc(unsigned long r0, unsigned long r2, unsigned long r3) { - register unsigned long _r0 asm(SMC_ARG0) = r0; - register unsigned long _r1 asm(SMC_ARG1) = r1; - register unsigned long _r2 asm(SMC_ARG2) = r2; - register unsigned long _r3 asm(SMC_ARG3) = r3; + register unsigned long _r0 __asm__(SMC_ARG0) = r0; + register unsigned long _r1 __asm__(SMC_ARG1) = r1; + register unsigned long _r2 __asm__(SMC_ARG2) = r2; + register unsigned long _r3 __asm__(SMC_ARG3) = r3; - asm volatile( + __asm__ volatile( __asmeq("%0", SMC_ARG0) __asmeq("%1", SMC_ARG1) __asmeq("%2", SMC_ARG2) diff --git a/lib/trusty/ql-tipc/arch/arm/trusty_mem.c b/lib/trusty/ql-tipc/arch/arm/trusty_mem.c index e980b958ee..56d8348d3c 100644 --- a/lib/trusty/ql-tipc/arch/arm/trusty_mem.c +++ b/lib/trusty/ql-tipc/arch/arm/trusty_mem.c @@ -79,9 +79,28 @@ typedef uintptr_t paddr_t; /* * ARM64 */ -static void arm64_write_ATS1E1W(uint64_t vaddr) + +/* Note: this will crash if called from user space */ +static void arm64_write_ATS1ExW(uint64_t vaddr) { - __asm__ volatile("at S1E1W, %0" :: "r" (vaddr)); + uint64_t _current_el; + + __asm__ volatile("mrs %0, CurrentEL" : "=r" (_current_el)); + + _current_el = (_current_el >> 2) & 0x3; + switch (_current_el) { + case 0x1: + __asm__ volatile("at S1E1W, %0" :: "r" (vaddr)); + break; + case 0x2: + __asm__ volatile("at S1E2W, %0" :: "r" (vaddr)); + break; + case 0x3: + default: + trusty_fatal("Unsupported execution state: EL%u\n", _current_el ); + break; + } + __asm__ volatile("isb" ::: "memory"); } @@ -99,7 +118,7 @@ static uint64_t va2par(vaddr_t va) unsigned long irq_state; trusty_local_irq_disable(&irq_state); - arm64_write_ATS1E1W(va); + arm64_write_ATS1ExW(va); par = arm64_read_par64(); trusty_local_irq_restore(&irq_state); @@ -136,20 +155,18 @@ static uint64_t par2attr(uint64_t par) /* * ARM32 */ -static void arm_write_ATS1CPW(uint64_t vaddr) -{ - __asm__ volatile( - "mcr p15, 0, %0, c7, c8, 1 \n" - : : "r"(vaddr) - ); -} -static void arm_write_ATS1HW(uint64_t vaddr) +/* Note: this will crash if called from user space */ +static void arm_write_ATS1xW(uint64_t vaddr) { - __asm__ volatile( - "mcr p15, 4, %0, c7, c8, 1 \n" - : : "r"(vaddr) - ); + uint32_t _cpsr; + + __asm__ volatile("mrs %0, cpsr" : "=r"(_cpsr)); + + if ((_cpsr & 0xF) == 0xa) + __asm__ volatile("mcr p15, 4, %0, c7, c8, 1" : : "r"(vaddr)); + else + __asm__ volatile("mcr p15, 0, %0, c7, c8, 1" : : "r"(vaddr)); } static uint64_t arm_read_par64(void) @@ -242,7 +259,7 @@ static uint64_t va2par(vaddr_t va) unsigned long irq_state; trusty_local_irq_disable(&irq_state); - arm_write_ATS1CPW(va); /* need to call the right one */ + arm_write_ATS1xW(va); par = arm_read_par64(); trusty_local_irq_restore(&irq_state); diff --git a/lib/trusty/ql-tipc/avb.c b/lib/trusty/ql-tipc/avb.c index ebbb38ff20..2f2a418a44 100644 --- a/lib/trusty/ql-tipc/avb.c +++ b/lib/trusty/ql-tipc/avb.c @@ -75,10 +75,9 @@ static int avb_read_response(struct avb_message *msg, uint32_t cmd, void *resp, * @resp: the response buffer * @resp_size_p: pointer to the size of the response buffer. changed to the actual size of the response read from the secure side - * @handle_rpmb: true if the request is expected to invoke RPMB callbacks */ static int avb_do_tipc(uint32_t cmd, void *req, uint32_t req_size, void *resp, - uint32_t *resp_size_p, bool handle_rpmb) + uint32_t *resp_size_p) { int rc; struct avb_message msg = { .cmd = cmd }; @@ -94,16 +93,6 @@ static int avb_do_tipc(uint32_t cmd, void *req, uint32_t req_size, void *resp, return rc; } - if (handle_rpmb) { - /* handle any incoming RPMB requests */ - rc = rpmb_storage_proxy_poll(); - if (rc < 0) { - trusty_error("%s: failed (%d) to get RPMB requests\n", __func__, - rc); - return rc; - } - } - uint32_t resp_size = resp_size_p ? *resp_size_p : 0; rc = avb_read_response(&msg, cmd, resp, resp_size); if (rc < 0) { @@ -128,7 +117,7 @@ static int avb_get_version(uint32_t *version) struct avb_get_version_resp resp; uint32_t resp_size = sizeof(resp); - rc = avb_do_tipc(AVB_GET_VERSION, NULL, 0, &resp, &resp_size, false); + rc = avb_do_tipc(AVB_GET_VERSION, NULL, 0, &resp, &resp_size); *version = resp.version; return rc; @@ -190,7 +179,7 @@ int trusty_read_rollback_index(uint32_t slot, uint64_t *value) uint32_t resp_size = sizeof(resp); rc = avb_do_tipc(READ_ROLLBACK_INDEX, &req, sizeof(req), &resp, - &resp_size, true); + &resp_size); *value = resp.value; return rc; @@ -204,7 +193,7 @@ int trusty_write_rollback_index(uint32_t slot, uint64_t value) uint32_t resp_size = sizeof(resp); rc = avb_do_tipc(WRITE_ROLLBACK_INDEX, &req, sizeof(req), &resp, - &resp_size, true); + &resp_size); return rc; } @@ -213,7 +202,7 @@ int trusty_read_permanent_attributes(uint8_t *attributes, uint32_t size) uint8_t resp_buf[AVB_MAX_BUFFER_LENGTH]; uint32_t resp_size = AVB_MAX_BUFFER_LENGTH; int rc = avb_do_tipc(READ_PERMANENT_ATTRIBUTES, NULL, 0, resp_buf, - &resp_size, true); + &resp_size); if (rc != 0) { return rc; } @@ -227,24 +216,24 @@ int trusty_read_permanent_attributes(uint8_t *attributes, uint32_t size) int trusty_write_permanent_attributes(uint8_t *attributes, uint32_t size) { - return avb_do_tipc(WRITE_PERMANENT_ATTRIBUTES, attributes, size, NULL, NULL, - true); + return avb_do_tipc(WRITE_PERMANENT_ATTRIBUTES, attributes, size, NULL, + NULL); } int trusty_read_lock_state(uint8_t *lock_state) { uint32_t resp_size = sizeof(*lock_state); return avb_do_tipc(READ_LOCK_STATE, NULL, 0, lock_state, - &resp_size, true); + &resp_size); } int trusty_write_lock_state(uint8_t lock_state) { return avb_do_tipc(WRITE_LOCK_STATE, &lock_state, sizeof(lock_state), NULL, - NULL, true); + NULL); } int trusty_lock_boot_state(void) { - return avb_do_tipc(LOCK_BOOT_STATE, NULL, 0, NULL, NULL, false); + return avb_do_tipc(LOCK_BOOT_STATE, NULL, 0, NULL, NULL); } diff --git a/lib/trusty/ql-tipc/ipc.c b/lib/trusty/ql-tipc/ipc.c index 95c0ee605c..f488984d76 100644 --- a/lib/trusty/ql-tipc/ipc.c +++ b/lib/trusty/ql-tipc/ipc.c @@ -57,14 +57,15 @@ static int wait_for_complete(struct trusty_ipc_chan *chan) chan->complete = 0; for (;;) { - rc = trusty_ipc_poll_for_event(chan); + rc = trusty_ipc_poll_for_event(chan->dev); if (rc < 0) return rc; if (chan->complete) break; - trusty_ipc_dev_idle(chan->dev); + if (rc == TRUSTY_EVENT_NONE) + trusty_ipc_dev_idle(chan->dev); } return chan->complete; @@ -185,29 +186,30 @@ int trusty_ipc_recv(struct trusty_ipc_chan *chan, trusty_assert(chan->dev); trusty_assert(chan->handle); -Again: - rc = trusty_ipc_dev_recv(chan->dev, chan->handle, iovs, iovs_cnt); - if (rc == TRUSTY_ERR_NO_MSG) { - if (wait) { - rc = wait_for_reply(chan); - if (rc < 0) { - trusty_error("%s: wait to reply failed (%d)\n", __func__, rc); - return rc; - } - goto Again; + if (wait) { + rc = wait_for_reply(chan); + if (rc < 0) { + trusty_error("%s: wait to reply failed (%d)\n", __func__, rc); + return rc; } } + rc = trusty_ipc_dev_recv(chan->dev, chan->handle, iovs, iovs_cnt); + if (rc < 0) + trusty_error("%s: ipc recv failed (%d)\n", __func__, rc); + return rc; } -int trusty_ipc_poll_for_event(struct trusty_ipc_chan *chan) +int trusty_ipc_poll_for_event(struct trusty_ipc_dev *ipc_dev) { int rc; struct trusty_ipc_event evt; - trusty_assert(chan && chan->ops); + struct trusty_ipc_chan *chan; - rc = trusty_ipc_dev_get_event(chan->dev, chan->handle, &evt); + trusty_assert(dev); + + rc = trusty_ipc_dev_get_event(ipc_dev, 0, &evt); if (rc) { trusty_error("%s: get event failed (%d)\n", __func__, rc); return rc; @@ -219,6 +221,9 @@ int trusty_ipc_poll_for_event(struct trusty_ipc_chan *chan) return TRUSTY_EVENT_NONE; } + chan = (struct trusty_ipc_chan *)(uintptr_t)evt.cookie; + trusty_assert(chan && chan->ops); + /* check if we have raw event handler */ if (chan->ops->on_raw_event) { /* invoke it first */ diff --git a/lib/trusty/ql-tipc/ipc_dev.c b/lib/trusty/ql-tipc/ipc_dev.c index 5924d44891..720acf22be 100644 --- a/lib/trusty/ql-tipc/ipc_dev.c +++ b/lib/trusty/ql-tipc/ipc_dev.c @@ -24,6 +24,7 @@ #include <trusty/trusty_dev.h> #include <trusty/trusty_ipc.h> +#include <trusty/trusty_mem.h> #include <trusty/util.h> #define NS_PTE_PHYSADDR(pte) ((pte) & 0xFFFFFFFFF000ULL) @@ -156,14 +157,15 @@ static int check_response(struct trusty_ipc_dev *dev, int trusty_ipc_dev_create(struct trusty_ipc_dev **idev, struct trusty_dev *tdev, - size_t buf_size) + size_t shared_buf_size) { int rc; struct trusty_ipc_dev *dev; trusty_assert(idev); - - trusty_debug("%s: Create new Trusty IPC device (%zu)\n", __func__, buf_size); + trusty_assert(!(shared_buf_size % PAGE_SIZE)); + trusty_debug("%s: Create new Trusty IPC device (%zu)\n", __func__, + shared_buf_size); /* allocate device context */ dev = trusty_calloc(1, sizeof(*dev)); @@ -174,14 +176,21 @@ int trusty_ipc_dev_create(struct trusty_ipc_dev **idev, dev->tdev = tdev; /* allocate shared buffer */ - dev->buf_size = buf_size; - dev->buf_vaddr = trusty_membuf_alloc(&dev->buf_ns, buf_size); + dev->buf_size = shared_buf_size; + dev->buf_vaddr = trusty_alloc_pages(shared_buf_size / PAGE_SIZE); if (!dev->buf_vaddr) { trusty_error("%s: failed to allocate shared memory\n", __func__); rc = TRUSTY_ERR_NO_MEMORY; - goto err_alloc_membuf; + goto err_alloc_pages; } + /* Get memory attributes */ + rc = trusty_encode_page_info(&dev->buf_ns, dev->buf_vaddr); + if (rc != 0) { + trusty_error("%s: failed to get shared memory attributes\n", __func__); + rc = TRUSTY_ERR_GENERIC; + goto err_page_info; + } /* call secure OS to register shared buffer */ rc = trusty_dev_init_ipc(dev->tdev, &dev->buf_ns, dev->buf_size); if (rc != 0) { @@ -196,9 +205,10 @@ int trusty_ipc_dev_create(struct trusty_ipc_dev **idev, *idev = dev; return TRUSTY_ERR_NONE; +err_page_info: err_create_sec_dev: -err_alloc_membuf: - trusty_membuf_free(dev->buf_vaddr); + trusty_free_pages(dev->buf_vaddr, dev->buf_size / PAGE_SIZE); +err_alloc_pages: trusty_free(dev); return rc; } @@ -217,7 +227,7 @@ void trusty_ipc_dev_shutdown(struct trusty_ipc_dev *dev) trusty_error("%s: failed (%d) to shutdown Trusty IPC device\n", __func__, rc); } - trusty_membuf_free(dev->buf_vaddr); + trusty_free_pages(dev->buf_vaddr, dev->buf_size / PAGE_SIZE); trusty_free(dev); } diff --git a/lib/trusty/ql-tipc/keymaster.c b/lib/trusty/ql-tipc/keymaster.c index e0b8217262..1bfb8c699c 100644 --- a/lib/trusty/ql-tipc/keymaster.c +++ b/lib/trusty/ql-tipc/keymaster.c @@ -185,9 +185,8 @@ static int km_read_data_response(uint32_t cmd, int32_t *error, * caller expects an additional data buffer to be returned from the secure * side. */ -static int km_do_tipc(uint32_t cmd, bool handle_rpmb, void* req, - uint32_t req_len, void* resp_data, - uint32_t* resp_data_len) +static int km_do_tipc(uint32_t cmd, void* req, uint32_t req_len, + void* resp_data, uint32_t* resp_data_len) { int rc = TRUSTY_ERR_GENERIC; struct km_no_response resp_header; @@ -198,15 +197,6 @@ static int km_do_tipc(uint32_t cmd, bool handle_rpmb, void* req, return rc; } - if (handle_rpmb) { - /* handle any incoming RPMB requests */ - rc = rpmb_storage_proxy_poll(); - if (rc < 0) { - trusty_error("%s: failed (%d) to get RPMB requests\n", __func__, rc); - return rc; - } - } - if (!resp_data) { rc = km_read_raw_response(cmd, &resp_header, sizeof(resp_header)); } else { @@ -339,7 +329,7 @@ int trusty_set_boot_params(uint32_t os_version, uint32_t os_patchlevel, trusty_error("failed (%d) to serialize request\n", rc); goto end; } - rc = km_do_tipc(KM_SET_BOOT_PARAMS, false, req, req_size, NULL, NULL); + rc = km_do_tipc(KM_SET_BOOT_PARAMS, req, req_size, NULL, NULL); end: if (req) { @@ -365,7 +355,7 @@ static int trusty_send_attestation_data(uint32_t cmd, const uint8_t *data, trusty_error("failed (%d) to serialize request\n", rc); goto end; } - rc = km_do_tipc(cmd, true, req, req_size, NULL, NULL); + rc = km_do_tipc(cmd, req, req_size, NULL, NULL); end: if (req) { @@ -389,7 +379,7 @@ static int trusty_send_raw_buffer(uint32_t cmd, const uint8_t *req_data, trusty_error("failed (%d) to serialize request\n", rc); goto end; } - rc = km_do_tipc(cmd, false, req, req_size, resp_data, resp_data_size); + rc = km_do_tipc(cmd, req, req_size, resp_data, resp_data_size); end: if (req) { @@ -441,7 +431,7 @@ int trusty_atap_set_ca_response(const uint8_t *ca_response, /* Tell the Trusty Keymaster TA the size of CA Response message */ begin_req.ca_response_size = ca_response_size; - rc = km_do_tipc(KM_ATAP_SET_CA_RESPONSE_BEGIN, false, &begin_req, + rc = km_do_tipc(KM_ATAP_SET_CA_RESPONSE_BEGIN, &begin_req, sizeof(begin_req), NULL, NULL); if (rc != TRUSTY_ERR_NONE) { return rc; @@ -460,7 +450,7 @@ int trusty_atap_set_ca_response(const uint8_t *ca_response, } /* Tell Trusty Keymaster to parse the CA Response message */ - return km_do_tipc(KM_ATAP_SET_CA_RESPONSE_FINISH, true, NULL, 0, NULL, NULL); + return km_do_tipc(KM_ATAP_SET_CA_RESPONSE_FINISH, NULL, 0, NULL, NULL); } @@ -469,7 +459,7 @@ int trusty_atap_read_uuid_str(char **uuid_p) *uuid_p = (char*) trusty_calloc(1, kUuidSize); uint32_t response_size = kUuidSize; - int rc = km_do_tipc(KM_ATAP_READ_UUID, true, NULL, 0, *uuid_p, + int rc = km_do_tipc(KM_ATAP_READ_UUID, NULL, 0, *uuid_p, &response_size); if (rc < 0) { trusty_error("failed to read uuid: %d\n", rc); diff --git a/lib/trusty/ql-tipc/rpmb_proxy.c b/lib/trusty/ql-tipc/rpmb_proxy.c index 835e8634c9..812dc81720 100644 --- a/lib/trusty/ql-tipc/rpmb_proxy.c +++ b/lib/trusty/ql-tipc/rpmb_proxy.c @@ -300,35 +300,30 @@ int rpmb_storage_proxy_init(struct trusty_ipc_dev *dev, void *rpmb_dev) /* override default ops */ proxy_chan.ops = &proxy_ops; - rc = rpmb_storage_proxy_poll(); - if (rc < 0) { - return rc; - } - - /* mark as initialized */ - initialized = true; - - return TRUSTY_ERR_NONE; -} - -int rpmb_storage_proxy_poll(void) -{ - int rc = 0; - while ((rc != TRUSTY_EVENT_NONE) && (proxy_chan.handle != INVALID_IPC_HANDLE)){ + do { /* Check for RPMB events */ - rc = trusty_ipc_poll_for_event(&proxy_chan); + rc = trusty_ipc_poll_for_event(proxy_chan.dev); if (rc < 0) { trusty_error("%s: failed (%d) to get rpmb event\n", __func__, rc); return rc; } + + if (proxy_chan.handle == INVALID_IPC_HANDLE) { + trusty_error("%s: unexpected proxy channel close\n"); + return TRUSTY_ERR_CHANNEL_CLOSED; + } } - return (proxy_chan.handle)? TRUSTY_ERR_NONE : TRUSTY_ERR_CHANNEL_CLOSED; + while (rc != TRUSTY_EVENT_NONE); + + /* mark as initialized */ + initialized = true; + + return TRUSTY_ERR_NONE; } void rpmb_storage_proxy_shutdown(struct trusty_ipc_dev *dev) { - if (!initialized) - return; /* nothing to do */ + trusty_assert(initialized); /* close channel */ trusty_ipc_close(&proxy_chan); diff --git a/lib/trusty/ql-tipc/sysdeps/sysdeps_uboot.c b/lib/trusty/ql-tipc/sysdeps/sysdeps_uboot.c index e86b6e0f55..b42cd20d4f 100644 --- a/lib/trusty/ql-tipc/sysdeps/sysdeps_uboot.c +++ b/lib/trusty/ql-tipc/sysdeps/sysdeps_uboot.c @@ -99,25 +99,12 @@ void trusty_free(void *addr) free(addr); } -void *trusty_membuf_alloc(struct ns_mem_page_info *page_info, size_t size) +void *trusty_alloc_pages(unsigned count) { - void *va = NULL; - int res; - - va = memalign(4096, size); - if (!va) - return NULL; - - /* get memory attibutes */ - res = trusty_encode_page_info(page_info, va); - if (res) { - trusty_membuf_free(va); - return NULL; - } - return va; + return memalign(PAGE_SIZE, count * PAGE_SIZE); } -void trusty_membuf_free(void *va) +void trusty_free_pages(void *va, unsigned count) { if (va) free(va); |