blob: b3cafd924108fa417bc483b843bf42514c2be14a [file] [log] [blame]
// SPDX-License-Identifier: GPL-2.0+
/*
* Copyright 2020 NXP
*/
#include <command.h>
#include <common.h>
#include <env.h>
#include <errno.h>
#include <image.h>
#include <malloc.h>
#include <mmc.h>
#include <tee.h>
#include <tee/optee_ta_avb.h>
static struct udevice *tee;
static u32 session;
static int avb_ta_open_session(void)
{
const struct tee_optee_ta_uuid uuid = TA_AVB_UUID;
struct tee_open_session_arg arg;
int rc;
tee = tee_find_device(tee, NULL, NULL, NULL);
if (!tee)
return -ENODEV;
memset(&arg, 0, sizeof(arg));
tee_optee_ta_uuid_to_octets(arg.uuid, &uuid);
rc = tee_open_session(tee, &arg, 0, NULL);
if (!rc)
session = arg.session;
return 0;
}
static int invoke_func(u32 func, ulong num_param, struct tee_param *param)
{
struct tee_invoke_arg arg;
if (!tee)
if (avb_ta_open_session())
return -ENODEV;
memset(&arg, 0, sizeof(arg));
arg.func = func;
arg.session = session;
if (tee_invoke_func(tee, &arg, num_param, param))
return -EFAULT;
switch (arg.ret) {
case TEE_SUCCESS:
return 0;
case TEE_ERROR_OUT_OF_MEMORY:
case TEE_ERROR_STORAGE_NO_SPACE:
return -ENOSPC;
case TEE_ERROR_ITEM_NOT_FOUND:
return -EIO;
case TEE_ERROR_TARGET_DEAD:
/*
* The TA has paniced, close the session to reload the TA
* for the next request.
*/
tee_close_session(tee, session);
tee = NULL;
return -EIO;
default:
return -EIO;
}
}
static int read_persistent_value(const char *name,
size_t buffer_size,
u8 *out_buffer,
size_t *out_num_bytes_read)
{
int rc = 0;
struct tee_shm *shm_name;
struct tee_shm *shm_buf;
struct tee_param param[2];
size_t name_size = strlen(name) + 1;
if (!tee)
if (avb_ta_open_session())
return -ENODEV;
rc = tee_shm_alloc(tee, name_size,
TEE_SHM_ALLOC, &shm_name);
if (rc) {
rc = -ENOMEM;
goto close_session;
}
rc = tee_shm_alloc(tee, buffer_size,
TEE_SHM_ALLOC, &shm_buf);
if (rc) {
rc = -ENOMEM;
goto free_name;
}
memcpy(shm_name->addr, name, name_size);
memset(param, 0, sizeof(param));
param[0].attr = TEE_PARAM_ATTR_TYPE_MEMREF_INPUT;
param[0].u.memref.shm = shm_name;
param[0].u.memref.size = name_size;
param[1].attr = TEE_PARAM_ATTR_TYPE_MEMREF_INOUT;
param[1].u.memref.shm = shm_buf;
param[1].u.memref.size = buffer_size;
rc = invoke_func(TA_AVB_CMD_READ_PERSIST_VALUE,
2, param);
if (rc)
goto out;
if (param[1].u.memref.size > buffer_size) {
rc = -EINVAL;
goto out;
}
*out_num_bytes_read = param[1].u.memref.size;
memcpy(out_buffer, shm_buf->addr, *out_num_bytes_read);
out:
tee_shm_free(shm_buf);
free_name:
tee_shm_free(shm_name);
close_session:
tee_close_session(tee, session);
tee = NULL;
return rc;
}
static int write_persistent_value(const char *name,
size_t value_size,
const u8 *value)
{
int rc = 0;
struct tee_shm *shm_name;
struct tee_shm *shm_buf;
struct tee_param param[2];
size_t name_size = strlen(name) + 1;
if (!value_size)
return -EINVAL;
if (!tee) {
if (avb_ta_open_session())
return -ENODEV;
}
rc = tee_shm_alloc(tee, name_size,
TEE_SHM_ALLOC, &shm_name);
if (rc) {
rc = -ENOMEM;
goto close_session;
}
rc = tee_shm_alloc(tee, value_size,
TEE_SHM_ALLOC, &shm_buf);
if (rc) {
rc = -ENOMEM;
goto free_name;
}
memcpy(shm_name->addr, name, name_size);
memcpy(shm_buf->addr, value, value_size);
memset(param, 0, sizeof(param));
param[0].attr = TEE_PARAM_ATTR_TYPE_MEMREF_INPUT;
param[0].u.memref.shm = shm_name;
param[0].u.memref.size = name_size;
param[1].attr = TEE_PARAM_ATTR_TYPE_MEMREF_INPUT;
param[1].u.memref.shm = shm_buf;
param[1].u.memref.size = value_size;
rc = invoke_func(TA_AVB_CMD_WRITE_PERSIST_VALUE,
2, param);
if (rc)
goto out;
out:
tee_shm_free(shm_buf);
free_name:
tee_shm_free(shm_name);
close_session:
tee_close_session(tee, session);
tee = NULL;
return rc;
}
int do_optee_rpmb_read(struct cmd_tbl *cmdtp, int flag, int argc,
char * const argv[])
{
const char *name;
size_t bytes;
size_t bytes_read;
void *buffer;
char *endp;
if (argc != 3)
return CMD_RET_USAGE;
name = argv[1];
bytes = dectoul(argv[2], &endp);
if (*endp && *endp != '\n')
return CMD_RET_USAGE;
buffer = malloc(bytes);
if (!buffer)
return CMD_RET_FAILURE;
if (read_persistent_value(name, bytes, buffer, &bytes_read) == 0) {
printf("Read %zu bytes, value = %s\n", bytes_read,
(char *)buffer);
free(buffer);
return CMD_RET_SUCCESS;
}
printf("Failed to read persistent value\n");
free(buffer);
return CMD_RET_FAILURE;
}
int do_optee_rpmb_write(struct cmd_tbl *cmdtp, int flag, int argc,
char * const argv[])
{
const char *name;
const char *value;
if (argc != 3)
return CMD_RET_USAGE;
name = argv[1];
value = argv[2];
if (write_persistent_value(name, strlen(value) + 1,
(const uint8_t *)value) == 0) {
printf("Wrote %zu bytes\n", strlen(value) + 1);
return CMD_RET_SUCCESS;
}
printf("Failed to write persistent value\n");
return CMD_RET_FAILURE;
}
static struct cmd_tbl cmd_optee_rpmb[] = {
U_BOOT_CMD_MKENT(read_pvalue, 3, 0, do_optee_rpmb_read, "", ""),
U_BOOT_CMD_MKENT(write_pvalue, 3, 0, do_optee_rpmb_write, "", ""),
};
static int do_optee_rpmb(struct cmd_tbl *cmdtp, int flag, int argc,
char * const argv[])
{
struct cmd_tbl *cp;
cp = find_cmd_tbl(argv[1], cmd_optee_rpmb, ARRAY_SIZE(cmd_optee_rpmb));
argc--;
argv++;
if (!cp || argc > cp->maxargs)
return CMD_RET_USAGE;
if (flag == CMD_FLAG_REPEAT)
return CMD_RET_FAILURE;
return cp->cmd(cmdtp, flag, argc, argv);
}
U_BOOT_CMD (
optee_rpmb, 29, 0, do_optee_rpmb,
"Provides commands for testing secure storage on RPMB on OPTEE",
"read_pvalue <name> <bytes> - read a persistent value <name>\n"
"optee_rpmb write_pvalue <name> <value> - write a persistent value <name>\n"
);