- OP-TEE - lists.trustedfirmware.org

[PATCH v7 0/5] introduce tee-based EFI Runtime Variable Service

by Masahisa Kojima

This series introduces the tee based EFI Runtime Variable Service. The eMMC device is typically owned by the non-secure world(linux in this case). There is an existing solution utilizing eMMC RPMB partition for EFI Variables, it is implemented by interacting with OP-TEE, StandaloneMM(as EFI Variable Service Pseudo TA), eMMC driver and tee-supplicant. The last piece is the tee-based variable access driver to interact with OP-TEE and StandaloneMM. Changelog: v6 -> v7 Patch #1-#4 are not updated. Patch #5 is added into this series, original patch is here: https://lore.kernel.org/all/20230609094532.562934-1-ilias.apalodimas@linaro… There are two issues in the v6 series and v7 series addresses those. 1) efivar ops is not restored when the tee-supplicant daemon terminates. -> As the following patch says, user must remove the device before terminating tee-supplicant daemon. https://lore.kernel.org/all/20230728134832.326467-1-sumit.garg@linaro.org/ 2) cause panic when someone remounts the efivarfs as RW even if SetVariable is not supported -> The fifth patch addresses this issue. "[PATCH v7 5/5] efivarfs: force RO when remounting if SetVariable is not supported" Changelog: v5 -> v6 - new patch #4 is added in this series, #1-#3 patches are unchanged. automatically update super block flag when the efivarops support SetVariable runtime service, so that user does not need to manually remount the efivarfs as RW. v4 -> v5 - rebase to efi-next based on v6.4-rc1 - set generic_ops.query_variable_info, it works as expected as follows. $ df -h /sys/firmware/efi/efivars/ Filesystem Size Used Avail Use% Mounted on efivarfs 16K 1.3K 15K 8% /sys/firmware/efi/efivars v3 -> v4: - replace the reference from EDK2 to PI Specification - remove EDK2 source code reference comments - prepare nonblocking variant of set_variable, it just returns EFI_UNSUPPORTED - remove redundant buffer size check - argument name change in mm_communicate - function interface changes in setup_mm_hdr to remove (void **) cast v2 -> v3: - add CONFIG_EFI dependency to TEE_STMM_EFI - add missing return code check for tee_client_invoke_func() - directly call efivars_register/unregister from tee_stmm_efi.c rfc v1 -> v2: - split patch into three patches, one for drivers/tee, one for include/linux/efi.h, and one for the driver/firmware/efi/stmm - context/session management into probe() and remove() same as other tee client driver - StMM variable driver is moved from driver/tee/optee to driver/firmware/efi - use "tee" prefix instead of "optee" in driver/firmware/efi/stmm/tee_stmm_efi.c, this file does not contain op-tee specific code, abstracted by tee layer and StMM variable driver will work on other tee implementation. - PTA_STMM_CMD_COMMUNICATE -> PTA_STMM_CMD_COMMUNICATE - implement query_variable_store() but currently not used - no use of TEEC_SUCCESS, it is defined in driver/tee/optee/optee_private.h. Other tee client drivers use 0 instead of using TEEC_SUCCESS - remove TEEC_ERROR_EXCESS_DATA status, it is referred just to output error message Ilias Apalodimas (1): efivarfs: force RO when remounting if SetVariable is not supported Masahisa Kojima (4): efi: expose efivar generic ops register function efi: Add EFI_ACCESS_DENIED status code efi: Add tee-based EFI variable driver efivarfs: automatically update super block flag drivers/firmware/efi/Kconfig | 15 + drivers/firmware/efi/Makefile | 1 + drivers/firmware/efi/efi.c | 18 + drivers/firmware/efi/stmm/mm_communication.h | 236 +++++++ drivers/firmware/efi/stmm/tee_stmm_efi.c | 638 +++++++++++++++++++ drivers/firmware/efi/vars.c | 8 + fs/efivarfs/super.c | 45 ++ include/linux/efi.h | 12 + 8 files changed, 973 insertions(+) create mode 100644 drivers/firmware/efi/stmm/mm_communication.h create mode 100644 drivers/firmware/efi/stmm/tee_stmm_efi.c base-commit: 2e28a798c3092ea42b968fa16ac835969d124898 -- 2.30.2

1 year, 10 months

5
12
0 0

[PATCH v6 0/4] introduce tee-based EFI Runtime Variable Service

by Masahisa Kojima

This series introduces the tee based EFI Runtime Variable Service. The eMMC device is typically owned by the non-secure world(linux in this case). There is an existing solution utilizing eMMC RPMB partition for EFI Variables, it is implemented by interacting with OP-TEE, StandaloneMM(as EFI Variable Service Pseudo TA), eMMC driver and tee-supplicant. The last piece is the tee-based variable access driver to interact with OP-TEE and StandaloneMM. Changelog: v5 -> v6 - new patch #4 is added in this series, #1-#3 patches are unchanged. automatically update super block flag when the efivarops support SetVariable runtime service, so that user does not need to manually remount the efivarfs as RW. v4 -> v5 - rebase to efi-next based on v6.4-rc1 - set generic_ops.query_variable_info, it works as expected as follows. $ df -h /sys/firmware/efi/efivars/ Filesystem Size Used Avail Use% Mounted on efivarfs 16K 1.3K 15K 8% /sys/firmware/efi/efivars v3 -> v4: - replace the reference from EDK2 to PI Specification - remove EDK2 source code reference comments - prepare nonblocking variant of set_variable, it just returns EFI_UNSUPPORTED - remove redundant buffer size check - argument name change in mm_communicate - function interface changes in setup_mm_hdr to remove (void **) cast v2 -> v3: - add CONFIG_EFI dependency to TEE_STMM_EFI - add missing return code check for tee_client_invoke_func() - directly call efivars_register/unregister from tee_stmm_efi.c rfc v1 -> v2: - split patch into three patches, one for drivers/tee, one for include/linux/efi.h, and one for the driver/firmware/efi/stmm - context/session management into probe() and remove() same as other tee client driver - StMM variable driver is moved from driver/tee/optee to driver/firmware/efi - use "tee" prefix instead of "optee" in driver/firmware/efi/stmm/tee_stmm_efi.c, this file does not contain op-tee specific code, abstracted by tee layer and StMM variable driver will work on other tee implementation. - PTA_STMM_CMD_COMMUNICATE -> PTA_STMM_CMD_COMMUNICATE - implement query_variable_store() but currently not used - no use of TEEC_SUCCESS, it is defined in driver/tee/optee/optee_private.h. Other tee client drivers use 0 instead of using TEEC_SUCCESS - remove TEEC_ERROR_EXCESS_DATA status, it is referred just to output error message Masahisa Kojima (4): efi: expose efivar generic ops register function efi: Add EFI_ACCESS_DENIED status code efi: Add tee-based EFI variable driver efivarfs: automatically update super block flag drivers/firmware/efi/Kconfig | 15 + drivers/firmware/efi/Makefile | 1 + drivers/firmware/efi/efi.c | 18 + drivers/firmware/efi/stmm/mm_communication.h | 236 +++++++ drivers/firmware/efi/stmm/tee_stmm_efi.c | 638 +++++++++++++++++++ drivers/firmware/efi/vars.c | 8 + fs/efivarfs/super.c | 33 + include/linux/efi.h | 12 + 8 files changed, 961 insertions(+) create mode 100644 drivers/firmware/efi/stmm/mm_communication.h create mode 100644 drivers/firmware/efi/stmm/tee_stmm_efi.c base-commit: d0a1865cf7e2211d9227592ef4141f4632e33908 -- 2.30.2

1 year, 10 months

3
16
0 0

OP-TEE 3.22.0 has been released

by Joakim Bech

Hi, I'm pleased to announce that OP-TEE version 3.22.0 is now available. The list of changes can be found in the changelog [1]. The branch for stable can be found here [2]. Tested platforms in this release can be found here [3]. Many thanks to everyone who has contributed in any form to this release. Let me also highlight that because many people are on vacation over the summer, we cancelled the Linaro OP-TEE call for the month of July. Having said that, we have coverage for maintenance tasks and security issues. However, due to the reduced workforce, getting attention for reviewing and merging may take a little longer in the coming weeks. [1] https://github.com/OP-TEE/optee_os/blob/master/CHANGELOG.md [2] https://github.com/OP-TEE/manifest/tree/3.22.0 [3] https://github.com/OP-TEE/optee_os/commit/001ace6655dd6bb9cbe31aa31b4ba6974… -- Regards, Joakim

1 year, 11 months

2
1
0 0

core: fix fragmented memory retrieve

by 梅建强(禹夜)

Hi, Jens, The PR has been updated as requested. https://github.com/OP-TEE/optee_os/pull/5966 <https://github.com/OP-TEE/optee_os/pull/5966 > Regards, Yuye. ------------------------------------------------------------------ 发件人：Jens Wiklander <jens.wiklander(a)linaro.org> 发送时间：2023年7月3日(星期一) 15:20 收件人：梅建强(禹夜) <meijianqiang.mjq(a)alibaba-inc.com> 抄　送：op-tee <op-tee(a)lists.trustedfirmware.org> 主　题：Re: core: fix fragmented memory retrieve Hi Yuye, On Mon, Jul 3, 2023 at 8:30 AM 梅建强(禹夜) <meijianqiang.mjq(a)alibaba-inc.com> wrote: > > > > > Hi, Jens, > > The previous fix was based on ffa_mem_transaction with ffa version 1.0, > now optee and Hafnium have updated ffa_mem_transaction to ffa 1.1. > But optee-driver in linaro-swg/linux seems to be using ffa version 1.0, > which causes incorrect data reading when the driver is doing mem_share to Hafnium. > I need to debug my previous code. > When will optee-driver synchronize this version change? Updating the SPMC version in the SPMC manifest should fix the issue of mismatching versions. By the way, I've started to update my QEMU S-EL2 setup to use upstream only. I'll propose updates for the manifest and build gits to be merged after the upcoming OP-TEE release. Cheers, Jens > > Regards, > Yuye. > > ------------------------------------------------------------------ > 发件人：Jens Wiklander <jens.wiklander(a)linaro.org> > 发送时间：2023年6月28日(星期三) 17:54 > 收件人：梅建强(禹夜) <meijianqiang.mjq(a)alibaba-inc.com> > 抄送：op-tee <op-tee(a)lists.trustedfirmware.org> > 主题：Re: core: fix fragmented memory retrieve > > Hi Yuye, > > On Wed, Jun 28, 2023 at 11:50 AM 梅建强(禹夜) > <meijianqiang.mjq(a)alibaba-inc.com> wrote: > > > > > > > > > > Hi, Jens, > > > > Sorry for forgetting to revise the PR in time, because my github email changed so I haven't received any comments. > > Could you help me reopen the PR since I don't have the right? I will re-fix the problem as requested. > > Thanks. > > https://github.com/OP-TEE/optee_os/pull/5966 <https://github.com/OP-TEE/optee_os/pull/5966 > > > I've reopened it. > > Cheers, > Jens

1 year, 11 months

1
0
0 0

core: fix fragmented memory retrieve

by 梅建强(禹夜)

Hi, Jens, The previous fix was based on ffa_mem_transaction with ffa version 1.0, now optee and Hafnium have updated ffa_mem_transaction to ffa 1.1. But optee-driver in linaro-swg/linux seems to be using ffa version 1.0, which causes incorrect data reading when the driver is doing mem_share to Hafnium. I need to debug my previous code. When will optee-driver synchronize this version change? Regards, Yuye. ------------------------------------------------------------------ 发件人：Jens Wiklander <jens.wiklander(a)linaro.org> 发送时间：2023年6月28日(星期三) 17:54 收件人：梅建强(禹夜) <meijianqiang.mjq(a)alibaba-inc.com> 抄　送：op-tee <op-tee(a)lists.trustedfirmware.org> 主　题：Re: core: fix fragmented memory retrieve Hi Yuye, On Wed, Jun 28, 2023 at 11:50 AM 梅建强(禹夜) <meijianqiang.mjq(a)alibaba-inc.com> wrote: > > > > > Hi, Jens, > > Sorry for forgetting to revise the PR in time, because my github email changed so I haven't received any comments. > Could you help me reopen the PR since I don't have the right? I will re-fix the problem as requested. > Thanks. > https://github.com/OP-TEE/optee_os/pull/5966 <https://github.com/OP-TEE/optee_os/pull/5966 > I've reopened it. Cheers, Jens

1 year, 11 months

2
1
0 0

core: fix fragmented memory retrieve

by 梅建强(禹夜)

Hi, Jens Since the optee driver has not been updated to ffa 1.1, I will first update the code with ffa 1.0. Regards, Yuye. ------------------------------------------------------------------ 发件人：梅建强(禹夜) <meijianqiang.mjq(a)alibaba-inc.com> 发送时间：2023年7月3日(星期一) 14:30 收件人：Jens Wiklander <jens.wiklander(a)linaro.org> 抄　送：op-tee <op-tee(a)lists.trustedfirmware.org> 主　题：core: fix fragmented memory retrieve Hi, Jens, The previous fix was based on ffa_mem_transaction with ffa version 1.0, now optee and Hafnium have updated ffa_mem_transaction to ffa 1.1. But optee-driver in linaro-swg/linux seems to be using ffa version 1.0, which causes incorrect data reading when the driver is doing mem_share to Hafnium. I need to debug my previous code. When will optee-driver synchronize this version change? Regards, Yuye. ------------------------------------------------------------------ 发件人：Jens Wiklander <jens.wiklander(a)linaro.org> 发送时间：2023年6月28日(星期三) 17:54 收件人：梅建强(禹夜) <meijianqiang.mjq(a)alibaba-inc.com> 抄　送：op-tee <op-tee(a)lists.trustedfirmware.org> 主　题：Re: core: fix fragmented memory retrieve Hi Yuye, On Wed, Jun 28, 2023 at 11:50 AM 梅建强(禹夜) <meijianqiang.mjq(a)alibaba-inc.com> wrote: > > > > > Hi, Jens, > > Sorry for forgetting to revise the PR in time, because my github email changed so I haven't received any comments. > Could you help me reopen the PR since I don't have the right? I will re-fix the problem as requested. > Thanks. > https://github.com/OP-TEE/optee_os/pull/5966 <https://github.com/OP-TEE/optee_os/pull/5966 > I've reopened it. Cheers, Jens

1 year, 11 months

1
0
0 0

Preparing for OP-TEE 3.22.0

by Joakim Bech

[BCC all OP-TEE maintainers] Hi OP-TEE maintainers & contributors, OP-TEE v3.22.0 is scheduled to be released at 2023-07-07 (*). So, now is a good time to start testing the master branch on the various platforms and report/fix any bugs. The GitHub pull request for collecting Tested-by tags or any other comments is https://github.com/OP-TEE/optee_os/pull/6125. As usual, we will create a release candidate tag one week before the release date for final testing. In addition to that you can find some additional information related to releases here: https://optee.readthedocs.io/en/latest/general/releases.html Regards, Joakim Bech (*) We moved this from July 14th to July 7th due to vacation and holiday schedules.

1 year, 11 months

1
1
0 0

optee_benchmark found optee_os function vm_set_ctx() spent much time

by haiyuan.ghy＠alibaba-inc.com

The content of this message was lost. It was probably cross-posted to multiple lists and previously handled on another list.

1 year, 11 months

3
8
0 0

core: fix fragmented memory retrieve

by 梅建强(禹夜)

Hi, Jens, Sorry for forgetting to revise the PR in time, because my github email changed so I haven't received any comments. Could you help me reopen the PR since I don't have the right? I will re-fix the problem as requested. Thanks. https://github.com/OP-TEE/optee_os/pull/5966 <https://github.com/OP-TEE/optee_os/pull/5966 > Regards, Yuye.

1 year, 11 months

2
1
0 0

[RFC PATCH 1/1] tests/avocado: Introduce avocado tests for aarch64 S-EL2 booting

by shiju.jose＠huawei.com

From: Shiju Jose <shiju.jose(a)huawei.com> Add avocado tests for aarch64 S-EL2, include booting and run xtest on linux terminal. The prebuilt S-EL2 images are corresponding to the https://github.com/jenswi-linaro/manifest.git \ -m qemu_v8.xml -b qemu_sel2 How to run ========== "make check-avocado" in qemu/build or with QEMU_CI=1 and QEMU_CI_AVOCADO_TESTING=1 "amd64-fedora-container", "build-cfi-aarch64" and "avocado-cfi-aarch64" on gitlab for qemu Question: Presently tested with the prebuilt images temporarily in /tests/data/sel2-boot-images/prebuilt-sel2-images.zip Can the prebuilt images for SEL2 available in the OP-TEE/TF-A/similar release? Note1: The pre-built S-EL2 images used are few months old as there are some issue found in xtest with the images build from the recent Linaro SEL2 code. Note2: On gitlab CI, there is an outstanding issue found in booting linux, after starting network OK. Signed-off-by: Shiju Jose <shiju.jose(a)huawei.com> --- tests/avocado/machine_aarch64_virt.py | 63 ++++++++++++++++++ .../sel2-boot-images/prebuilt-sel2-images.zip | Bin 0 -> 23151996 bytes 2 files changed, 63 insertions(+) create mode 100644 tests/data/sel2-boot-images/prebuilt-sel2-images.zip diff --git a/tests/avocado/machine_aarch64_virt.py b/tests/avocado/machine_aarch64_virt.py index a90dc6ff4b..039673fd40 100644 --- a/tests/avocado/machine_aarch64_virt.py +++ b/tests/avocado/machine_aarch64_virt.py @@ -11,13 +11,16 @@ import time import os import logging +import shutil from avocado_qemu import QemuSystemTest from avocado_qemu import wait_for_console_pattern from avocado_qemu import exec_command from avocado_qemu import BUILD_DIR +from avocado_qemu import is_readable_executable_file from avocado.utils import process from avocado.utils.path import find_command +from avocado.utils import archive class Aarch64VirtMachine(QemuSystemTest): KERNEL_COMMON_COMMAND_LINE = 'printk.time=0 ' @@ -144,3 +147,63 @@ def test_aarch64_virt_gicv2(self): :avocado: tags=cpu:max """ self.common_aarch64_virt("virt,gic-version=2") + + def copy_sel2_prebuilt_images(self): + """extract the prebuilt S-EL2 binaries to the test directory. """ + + relative_path = "./tests/data/sel2-boot-images/prebuilt-sel2-images.zip" + prebuilt_bin_path = os.path.join(BUILD_DIR, relative_path) + target_dir = os.path.join(BUILD_DIR) + + self.assertTrue(os.path.exists(prebuilt_bin_path)) + self.assertTrue(os.path.exists(target_dir)) + archive.extract(prebuilt_bin_path, target_dir) + + timeout = 1000 + def test_aarch64_sel2_boot(self): + """ + :avocado: tags=arch:aarch64 + :avocado: tags=machine:secure + :avocado: tags=machine:virt + :avocado: tags=cpu:max + """ + + self.copy_sel2_prebuilt_images() + self.vm.set_console() + kernel_command_line = (self.KERNEL_COMMON_COMMAND_LINE + + 'console=ttyAMA0,38400 keep_bootcon root=/dev/vda2 nokaslr') + + self.vm.add_args("-cpu", "max,sme=off,pauth-impdef=on") + self.vm.add_args("-machine", + "virt,secure=on," + "virtualization=on," + "mte=on," + "gic-version=3") + self.vm.add_args("-d", "unimp") + self.vm.add_args("-semihosting-config", "enable=on,target=native") + self.vm.add_args("-smp", "2", "-m", "1024") + self.vm.add_args('-bios', 'bl1.bin') + self.vm.add_args('-initrd', 'rootfs.cpio.gz') + self.vm.add_args('-kernel', 'Image') + self.vm.add_args('-machine', 'acpi=off') + self.vm.add_args('-append', kernel_command_line) + self.vm.add_args('-object', 'rng-random,filename=/dev/urandom,id=rng0') + self.vm.add_args('-device', 'virtio-rng-pci,rng=rng0,max-bytes=1024,period=1000') + self.vm.launch() + self.wait_for_console_pattern('Welcome to Buildroot') + time.sleep(0.1) + exec_command(self, 'root') + time.sleep(0.1) + + def test_aarch64_sel2_xtest(self): + """ + :avocado: tags=arch:aarch64 + :avocado: tags=machine:secure + :avocado: tags=machine:virt + :avocado: tags=cpu:max + """ + self.test_aarch64_sel2_boot() + exec_command(self, 'xtest') + time.sleep(0.1) + self.wait_for_console_pattern('subtests of which 0 failed') + time.sleep(0.1) diff --git a/tests/data/sel2-boot-images/prebuilt-sel2-images.zip b/tests/data/sel2-boot-images/prebuilt-sel2-images.zip new file mode 100644 index 0000000000..13c5e1e4cc Binary files /dev/null and b/tests/data/sel2-boot-images/prebuilt-sel2-images.zip differ -- 2.25.1

1 year, 11 months

1
0
0 0

2025

2024

2023

2022

2021

2020

OP-TEE