- OP-TEE - lists.trustedfirmware.org

[PATCH v4 0/3] Replay Protected Memory Block (RPMB) subsystem

by Jens Wiklander

Hi, This patch set introduces a new RPMB subsystem, based on patches from [1], [2], and [3]. The RPMB subsystem aims at providing access to RPMB partitions to other kernel drivers, in particular the OP-TEE driver. A new user space ABI isn't needed, we can instead continue using the already present ABI when writing the RPMB key during production. I've added and removed things to keep only what is needed by the OP-TEE driver. Since the posting of [3], there has been major changes in the MMC subsystem so "mmc: block: register RPMB partition with the RPMB subsystem" is in practice completely rewritten. With this OP-TEE can access RPMB during early boot instead of having to wait for user space to become available as in the current design [4]. This will benefit the efi variables [5] since we wont rely on userspace as well as some TPM issues [6] that were solved. The OP-TEE driver finds the correct RPMB device to interact with by iterating over available devices until one is found with a programmed authentication matching the one OP-TEE is using. This enables coexisting users of other RPMBs since the owner can be determined by who knows the authentication key. The corresponding secure world OP-TEE patches are available at [7]. I've put myself as a maintainer for the RPMB subsystem as I have an interest in the OP-TEE driver to keep this in good shape. However, if you'd rather see someone else taking the maintainership that's fine too. I'll help keep the subsystem updated regardless. [1] https://lore.kernel.org/lkml/20230722014037.42647-1-shyamsaini@linux.micros… [2] https://lore.kernel.org/lkml/20220405093759.1126835-2-alex.bennee@linaro.or… [3] https://lore.kernel.org/linux-mmc/1478548394-8184-2-git-send-email-tomas.wi… [4] https://optee.readthedocs.io/en/latest/architecture/secure_storage.html#rpm… [5] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… [6] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… [7] https://github.com/jenswi-linaro/optee_os/tree/rpmb_probe Thanks, Jens Changes since v3: * Move struct rpmb_frame into the MMC driver since the format of the RPMB frames depend on the implementation, one format for eMMC, another for UFS, and so on * "rpmb: add Replay Protected Memory Block (RPMB) subsystem" - Adding Reviewed-by: Linus Walleij <linus.walleij(a)linaro.org> - Adding more description of the API functions - Removing the set_dev_info() op from struct rpmb_ops, the needed information is supplied in the arguments to rpmb_dev_register() instead. - Getting rid of struct rpmb_ops since only the route_frames() op was remaining, store that op directly in struct rpmb_dev - Changed rpmb_interface_register() and rpmb_interface_unregister() to use notifier_block instead of implementing the same thing ourselves * "mmc: block: register RPMB partition with the RPMB subsystem" - Moving the call to rpmb_dev_register() to be done at the end of mmc_blk_probe() when the device is fully available * "optee: probe RPMB device using RPMB subsystem" - Use IS_REACHABLE(CONFIG_RPMB) to determine if the RPMB subsystem is available - Translate TEE_ERROR_STORAGE_NOT_AVAILABLE if encountered in get_devices() to recognize the error in optee_rpmb_scan() - Simplified optee_rpmb_scan() and optee_rpmb_intf_rdev() Changes since v2: * "rpmb: add Replay Protected Memory Block (RPMB) subsystem" - Fixing documentation issues - Adding a "depends on MMC" in the Kconfig - Removed the class-device and the embedded device, struct rpmb_dev now relies on the parent device for reference counting as requested - Removed the now unneeded rpmb_ops get_resources() and put_resources() since references are already taken in mmc_blk_alloc_rpmb_part() before rpmb_dev_register() is called - Added rpmb_interface_{,un}register() now that class_interface_{,un}register() can't be used ay longer * "mmc: block: register RPMB partition with the RPMB subsystem" - Adding the missing error cleanup in alloc_idata() - Taking the needed reference to md->disk in mmc_blk_alloc_rpmb_part() instead of in mmc_rpmb_chrdev_open() and rpmb_op_mmc_get_resources() * "optee: probe RPMB device using RPMB subsystem" - Registering to get a notification when an RPMB device comes online - Probes for RPMB devices each time an RPMB device comes online, until a usable device is found - When a usable RPMB device is found, call optee_enumerate_devices(PTA_CMD_GET_DEVICES_RPMB) - Pass type of rpmb in return value from OPTEE_RPC_CMD_RPMB_PROBE_NEXT Changes since Shyam's RFC: * Removed the remaining leftover rpmb_cdev_*() function calls * Refactored the struct rpmb_ops with all the previous ops replaced, in some sense closer to [3] with the route_frames() op * Added rpmb_route_frames() * Added struct rpmb_frame, enum rpmb_op_result, and enum rpmb_type from [3] * Removed all functions not needed in the OP-TEE use case * Added "mmc: block: register RPMB partition with the RPMB subsystem", based on the commit with the same name in [3] * Added "optee: probe RPMB device using RPMB subsystem" for integration with OP-TEE * Moved the RPMB driver into drivers/misc/rpmb-core.c * Added my name to MODULE_AUTHOR() in rpmb-core.c * Added an rpmb_mutex to serialize access to the IDA * Removed the target parameter from all rpmb_*() functions since it's currently unused Jens Wiklander (3): rpmb: add Replay Protected Memory Block (RPMB) subsystem mmc: block: register RPMB partition with the RPMB subsystem optee: probe RPMB device using RPMB subsystem MAINTAINERS | 7 + drivers/misc/Kconfig | 10 ++ drivers/misc/Makefile | 1 + drivers/misc/rpmb-core.c | 232 +++++++++++++++++++++++++++++ drivers/mmc/core/block.c | 230 ++++++++++++++++++++++++++++- drivers/tee/optee/core.c | 30 ++++ drivers/tee/optee/device.c | 7 + drivers/tee/optee/ffa_abi.c | 8 + drivers/tee/optee/optee_private.h | 21 ++- drivers/tee/optee/optee_rpc_cmd.h | 35 +++++ drivers/tee/optee/rpc.c | 233 ++++++++++++++++++++++++++++++ drivers/tee/optee/smc_abi.c | 7 + include/linux/rpmb.h | 136 +++++++++++++++++ 13 files changed, 954 insertions(+), 3 deletions(-) create mode 100644 drivers/misc/rpmb-core.c create mode 100644 include/linux/rpmb.h -- 2.34.1

1 year, 8 months

5
15
0 0

Linaro OP-TEE Contribution, LOC, monthly meeting April 23

by Jens Wiklander

Hi, Tomorrow (Tuesday), it's time for another LOC monthly meeting. For time and connection details see the calendar at https://www.trustedfirmware.org/meetings/ Jan Kiszka has brought [1] up the need for a new home for OP-TEE fTPM. Let's talk about this at the meeting tomorrow. Any other topics? [1] https://lists.trustedfirmware.org/archives/list/op-tee@lists.trustedfirmwar… Thanks, Jens

1 year, 8 months

1
0
0 0

Reminder: TrustedFirmware Discord Channel

by don.harbin＠linaro.org

The content of this message was lost. It was probably cross-posted to multiple lists and previously handled on another list.

1 year, 8 months

1
0
0 0

OP-TEE 4.2.0 has been released

by Joakim Bech

Hi, I'm pleased to announce that OP-TEE version 4.2.0 is now available. The list of changes can be found in the changelog [1]. A summary will be published shortly as well summarizing this release. The branch for stable can be found here [2]. Tested platforms in this release can be found here [3]. Many thanks to everyone who has contributed in any form to this release. Let me take the opportunity to remind you that OP-TEE will celebrate ten years as an open source project in June of this year. The next Linaro Connect will feature a panel discussion amongst the core maintainers along with a brief history lesson as part of the 10 year celebration. For those who wish to participate in person, registration details can be found here [4]. [1] https://github.com/OP-TEE/optee_os/blob/master/CHANGELOG.md [2] https://github.com/OP-TEE/manifest/tree/4.2.0 [3] https://github.com/OP-TEE/optee_os/commit/12d7c4ee4642d2d761e39fbcf21a06fb7… [4] https://connect.linaro.org/ -- Regards, Joakim Bech | Distinguished Engineer | Linaro | | Mobile: +46 73 697 37 14 | Address: Scheelevägen 17, 223 63 Lund, Sweden |

1 year, 8 months

1
0
0 0

OP-TEE fTPM seems in need for a new home

by Jan Kiszka

Hi all, not sure if this is the best place to discuss, but let's try (open for better suggestions): The fTPM version for OP-TEE based on [1] is discontinued [2] and the one in [3] is apparently dead as well. Seems this valuable piece of integration needs a new home and new maintainers. Is anyone aware of related plans/activities? Jan [1] https://github.com/microsoft/ms-tpm-20-ref [2] https://github.com/microsoft/ms-tpm-20-ref/pull/97#issuecomment-1985982763 [3] https://github.com/microsoft/MSRSec/issues/42 -- Siemens AG, Technology Linux Expert Center

1 year, 8 months

3
3
0 0

OP-TEE fTPM seems in need for a new home

by Jan Kiszka

Hi all, not sure if this is the best place to discuss, but let's try (open for better suggestions): The fTPM version for OP-TEE based on [1] is discontinued [2] and the one in [3] is apparently dead as well. Seems this valuable piece of integration needs a new home and new maintainers. Is anyone aware of related plans/activities? Jan [1] https://github.com/microsoft/ms-tpm-20-ref [2] https://github.com/microsoft/ms-tpm-20-ref/pull/97#issuecomment-1985982763 [3] https://github.com/microsoft/MSRSec/issues/42 -- Siemens AG, Technology Linux Expert Center

1 year, 8 months

1
0
0 0

[PATCH v3 0/3] Replay Protected Memory Block (RPMB) subsystem

by Jens Wiklander

Hi, This patch set introduces a new RPMB subsystem, based on patches from [1], [2], and [3]. The RPMB subsystem aims at providing access to RPMB partitions to other kernel drivers, in particular the OP-TEE driver. A new user space ABI isn't needed, we can instead continue using the already present ABI when writing the RPMB key during production. I've added and removed things to keep only what is needed by the OP-TEE driver. Since the posting of [3], there has been major changes in the MMC subsystem so "mmc: block: register RPMB partition with the RPMB subsystem" is in practice completely rewritten. With this OP-TEE can access RPMB during early boot instead of having to wait for user space to become available as in the current design [4]. This will benefit the efi variables [5] since we wont rely on userspace as well as some TPM issues [6] that were solved. The OP-TEE driver finds the correct RPMB device to interact with by iterating over available devices until one is found with a programmed authentication matching the one OP-TEE is using. This enables coexisting users of other RPMBs since the owner can be determined by who knows the authentication key. I've put myself as a maintainer for the RPMB subsystem as I have an interest in the OP-TEE driver to keep this in good shape. However, if you'd rather see someone else taking the maintainership that's fine too. I'll help keep the subsystem updated regardless. [1] https://lore.kernel.org/lkml/20230722014037.42647-1-shyamsaini@linux.micros… [2] https://lore.kernel.org/lkml/20220405093759.1126835-2-alex.bennee@linaro.or… [3] https://lore.kernel.org/linux-mmc/1478548394-8184-2-git-send-email-tomas.wi… [4] https://optee.readthedocs.io/en/latest/architecture/secure_storage.html#rpm… [5] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… [6] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… Thanks, Jens Changes since v2: * "rpmb: add Replay Protected Memory Block (RPMB) subsystem" - Fixing documentation issues - Adding a "depends on MMC" in the Kconfig - Removed the class-device and the embedded device, struct rpmb_dev now relies on the parent device for reference counting as requested - Removed the now unneeded rpmb_ops get_resources() and put_resources() since references are already taken in mmc_blk_alloc_rpmb_part() before rpmb_dev_register() is called - Added rpmb_interface_{,un}register() now that class_interface_{,un}register() can't be used ay longer * "mmc: block: register RPMB partition with the RPMB subsystem" - Adding the missing error cleanup in alloc_idata() - Taking the needed reference to md->disk in mmc_blk_alloc_rpmb_part() instead of in mmc_rpmb_chrdev_open() and rpmb_op_mmc_get_resources() * "optee: probe RPMB device using RPMB subsystem" - Registering to get a notification when an RPMB device comes online - Probes for RPMB devices each time an RPMB device comes online, until a usable device is found - When a usable RPMB device is found, call optee_enumerate_devices(PTA_CMD_GET_DEVICES_RPMB) - Pass type of rpmb in return value from OPTEE_RPC_CMD_RPMB_PROBE_NEXT Changes since Shyam's RFC: * Removed the remaining leftover rpmb_cdev_*() function calls * Refactored the struct rpmb_ops with all the previous ops replaced, in some sense closer to [3] with the route_frames() op * Added rpmb_route_frames() * Added struct rpmb_frame, enum rpmb_op_result, and enum rpmb_type from [3] * Removed all functions not needed in the OP-TEE use case * Added "mmc: block: register RPMB partition with the RPMB subsystem", based on the commit with the same name in [3] * Added "optee: probe RPMB device using RPMB subsystem" for integration with OP-TEE * Moved the RPMB driver into drivers/misc/rpmb-core.c * Added my name to MODULE_AUTHOR() in rpmb-core.c * Added an rpmb_mutex to serialize access to the IDA * Removed the target parameter from all rpmb_*() functions since it's currently unused Jens Wiklander (3): rpmb: add Replay Protected Memory Block (RPMB) subsystem mmc: block: register RPMB partition with the RPMB subsystem optee: probe RPMB device using RPMB subsystem MAINTAINERS | 7 + drivers/misc/Kconfig | 10 ++ drivers/misc/Makefile | 1 + drivers/misc/rpmb-core.c | 258 ++++++++++++++++++++++++++++++ drivers/mmc/core/block.c | 153 +++++++++++++++++- drivers/tee/optee/core.c | 55 +++++++ drivers/tee/optee/ffa_abi.c | 7 + drivers/tee/optee/optee_private.h | 16 ++ drivers/tee/optee/optee_rpc_cmd.h | 35 ++++ drivers/tee/optee/rpc.c | 233 +++++++++++++++++++++++++++ drivers/tee/optee/smc_abi.c | 6 + include/linux/rpmb.h | 195 ++++++++++++++++++++++ 12 files changed, 974 insertions(+), 2 deletions(-) create mode 100644 drivers/misc/rpmb-core.c create mode 100644 include/linux/rpmb.h base-commit: 41bccc98fb7931d63d03f326a746ac4d429c1dd3 -- 2.34.1

1 year, 9 months

7
25
0 0

Preparing for OP-TEE 4.2.0

by Joakim Bech

[BCC all OP-TEE maintainers] Hi OP-TEE maintainers & contributors, OP-TEE v4.2.0 is scheduled to be released on 2024-04-12. So, now is a good time to start testing the master branch on the various platforms and report/fix any bugs. The GitHub pull request for collecting Tested-by tags or any other comments is https://github.com/OP-TEE/optee_os/pull/6770. As usual, we will create a release candidate tag one week before the release date for final testing. In addition to that you can find some additional information related to releases here: https://optee.readthedocs.io/en/latest/general/releases.html -- Regards, Joakim | Distinguished Engineer | Linaro | | Mobile: +46 73 697 37 14 | Address: Scheelevägen 17, 223 63 Lund, Sweden |

1 year, 9 months

1
1
0 0

[PATCH v4 0/5] TEE driver for Trusted Services

by Balint Dobszay

This series introduces a TEE driver for Trusted Services [1]. Trusted Services is a TrustedFirmware.org project that provides a framework for developing and deploying device Root of Trust services in FF-A [2] Secure Partitions. The project hosts the reference implementation of Arm Platform Security Architecture [3] for Arm A-profile devices. The FF-A Secure Partitions are accessible through the FF-A driver in Linux. However, the FF-A driver doesn't have a user space interface so user space clients currently cannot access Trusted Services. The goal of this TEE driver is to bridge this gap and make Trusted Services functionality accessible from user space. Changelog: v3[7] -> v4: - Remove unnecessary callbacks from tstee_ops - Add maintainers entry for the new driver v2[6] -> v3: - Add patch "tee: Refactor TEE subsystem header files" from Sumit - Remove unnecessary includes from core.c - Remove the mutex from "struct ts_context_data" since the same mechanism could be implemented by reusing the XArray's internal lock - Rename tee_shm_pool_op_*_helper functions as suggested by Sumit - Replace pr_* with dev_* as previously suggested by Krzysztof v1[5] -> v2: - Refactor session handling to use XArray instead of IDR and linked list (the linked list was redundant as pointed out by Jens, and IDR is now deprecated in favor of XArray) - Refactor tstee_probe() to not call tee_device_unregister() before calling tee_device_register() - Address comments from Krzysztof and Jens - Address documentation comments from Randy - Use module_ffa_driver() macro instead of separate module init / exit functions - Reformat max line length 100 -> 80 RFC[4] -> v1: - Add patch for moving pool_op helper functions to the TEE subsystem, as suggested by Jens - Address comments from Sumit, add patch for documentation [1] https://www.trustedfirmware.org/projects/trusted-services/ [2] https://developer.arm.com/documentation/den0077/ [3] https://www.arm.com/architecture/security-features/platform-security [4] https://lore.kernel.org/linux-arm-kernel/20230927152145.111777-1-balint.dob… [5] https://lore.kernel.org/lkml/20240213145239.379875-1-balint.dobszay@arm.com/ [6] https://lore.kernel.org/lkml/20240223095133.109046-1-balint.dobszay@arm.com/ [7] https://lore.kernel.org/lkml/20240305101745.213933-1-balint.dobszay@arm.com/ Balint Dobszay (4): tee: optee: Move pool_op helper functions tee: tstee: Add Trusted Services TEE driver Documentation: tee: Add TS-TEE driver MAINTAINERS: tee: tstee: Add entry Sumit Garg (1): tee: Refactor TEE subsystem header files Documentation/tee/index.rst | 1 + Documentation/tee/ts-tee.rst | 71 ++++ MAINTAINERS | 10 + drivers/tee/Kconfig | 1 + drivers/tee/Makefile | 1 + drivers/tee/amdtee/amdtee_private.h | 2 +- drivers/tee/amdtee/call.c | 2 +- drivers/tee/amdtee/core.c | 3 +- drivers/tee/amdtee/shm_pool.c | 2 +- drivers/tee/optee/call.c | 2 +- drivers/tee/optee/core.c | 66 +--- drivers/tee/optee/device.c | 2 +- drivers/tee/optee/ffa_abi.c | 8 +- drivers/tee/optee/notif.c | 2 +- drivers/tee/optee/optee_private.h | 14 +- drivers/tee/optee/rpc.c | 2 +- drivers/tee/optee/smc_abi.c | 11 +- drivers/tee/tee_core.c | 2 +- drivers/tee/tee_private.h | 35 -- drivers/tee/tee_shm.c | 66 +++- drivers/tee/tee_shm_pool.c | 2 +- drivers/tee/tstee/Kconfig | 11 + drivers/tee/tstee/Makefile | 3 + drivers/tee/tstee/core.c | 480 ++++++++++++++++++++++++++++ drivers/tee/tstee/tstee_private.h | 92 ++++++ include/linux/tee_core.h | 306 ++++++++++++++++++ include/linux/tee_drv.h | 285 ++--------------- include/uapi/linux/tee.h | 1 + 28 files changed, 1094 insertions(+), 389 deletions(-) create mode 100644 Documentation/tee/ts-tee.rst create mode 100644 drivers/tee/tstee/Kconfig create mode 100644 drivers/tee/tstee/Makefile create mode 100644 drivers/tee/tstee/core.c create mode 100644 drivers/tee/tstee/tstee_private.h create mode 100644 include/linux/tee_core.h -- 2.34.1

1 year, 9 months

4
10
0 0

[PATCH v4 0/4] Introduction of a remoteproc tee to load signed firmware

by Arnaud Pouliquen

Main updates from the previous version [1]: - Remove the alternate boot sequence: rproc_alt_fw_boot() - Introduce tee_rproc_parse_fw function - create a cached table as done inrproc_elf_load_rsc_table[2], - PR sent to OP-TEE to allow TA_RPROC_FW_CMD_LOAD_FW service re-entrance[3]. - Rework TEE_REMOTEPROC description in Kconfig - Introduce proc::tee_interface Patch commit messages list updates with more details base-commit: 62210f7509e13a2caa7b080722a45229b8f17a0a [1] https://lore.kernel.org/linux-arm-kernel/Zdjl6Z2ktTwi+oWp@p14s/T/#m53f99423… [2] https://elixir.bootlin.com/linux/latest/source/drivers/remoteproc/remotepro… [3] https://github.com/OP-TEE/optee_os/pull/6743 Description of the feature: This series proposes the implementation of a remoteproc tee driver to communicate with a TEE trusted application responsible for authenticating and loading the remoteproc firmware image in an Arm secure context. 1) Principle: The remoteproc tee driver provides services to communicate with the OP-TEE trusted application running on the Trusted Execution Context (TEE). The trusted application in TEE manages the remote processor lifecycle: - authenticating and loading firmware images, - isolating and securing the remote processor memories, - supporting multi-firmware (e.g., TF-M + Zephyr on a Cortex-M33), - managing the start and stop of the firmware by the TEE. 2) Format of the signed image: Refer to: https://github.com/OP-TEE/optee_os/blob/master/ta/remoteproc/src/remoteproc… 3) OP-TEE trusted application API: Refer to: https://github.com/OP-TEE/optee_os/blob/master/ta/remoteproc/include/ta_rem… 4) OP-TEE signature script Refer to: https://github.com/OP-TEE/optee_os/blob/master/scripts/sign_rproc_fw.py Example of usage: sign_rproc_fw.py --in <fw1.elf> --in <fw2.elf> --out <signed_fw.sign> --key ${OP-TEE_PATH}/keys/default.pem 5) Impact on User space Application No sysfs impact.the user only needs to provide the signed firmware image instead of the ELF image. For more information about the implementation, a presentation is available here (note that the format of the signed image has evolved between the presentation and the integration in OP-TEE). https://resources.linaro.org/en/resource/6c5bGvZwUAjX56fvxthxds Arnaud Pouliquen (4): remoteproc: Add TEE support dt-bindings: remoteproc: Add compatibility for TEE support remoteproc: stm32: Create sub-functions to request shutdown and release remoteproc: stm32: Add support of an OP-TEE TA to load the firmware .../bindings/remoteproc/st,stm32-rproc.yaml | 51 +- drivers/remoteproc/Kconfig | 10 + drivers/remoteproc/Makefile | 1 + drivers/remoteproc/stm32_rproc.c | 144 ++++-- drivers/remoteproc/tee_remoteproc.c | 434 ++++++++++++++++++ include/linux/remoteproc.h | 4 + include/linux/tee_remoteproc.h | 112 +++++ 7 files changed, 711 insertions(+), 45 deletions(-) create mode 100644 drivers/remoteproc/tee_remoteproc.c create mode 100644 include/linux/tee_remoteproc.h base-commit: 62210f7509e13a2caa7b080722a45229b8f17a0a -- 2.25.1

1 year, 9 months

4
17
0 0

2026

2025

2024

2023

2022

2021

2020

OP-TEE