- OP-TEE - lists.trustedfirmware.org

Re: [Tee-dev] OpenVPN hardening with OP-TEE

by Jerome Forissier

Hi Kris, [CC op-tee(a)lists.trustedfirmware.org the newer ML for OP-TEE which is now under the TrustedFirmware.org umbrella] On 2/9/21 11:04 PM, Kris Kwiatkowski wrote: > Hello, > > I've recently been involved in producing PoC, which utilizes OP-TEE > to produce proof of a secret key possession. That is used during tunnel > establishment by OpenVPN. > > In case someone finds it interesting, for example as kind of "real-world" > use case of OP-TEE, then details are described here: > https://www.amongbytes.com/post/20210112-optee-openssl-engine/ Thanks for sharing! It is a well-written article, quite interesting to read IMO. I always like to see how OP-TEE is used in various scenarios. As upstream project maintainers we hear about bug reports and we review new contributions of course, but there is clearly a lot of activity going on downstream that we don't know much about. Yet, a bit of context certainly helps take the good decisions for the project going forward! > and code is here: > https://github.com/henrydcase/optee_eng > > The actual PoC used post-quantum schemes integrated into TEE OS and TF-A > (secure boot). Those two points are not described really described for brevity > (and probably there is low interest anyway). > > Kind regards, > Kris > _______________________________________________ > Tee-dev mailing list > Tee-dev(a)lists.linaro.org > https://lists.linaro.org/mailman/listinfo/tee-dev Thanks, -- Jerome

4 years, 1 month

1
0
0 0

[PATCH v2] hwrng: optee: Use device-managed registration API

by Tian Tao

Use devm_hwrng_register to get rid of manual unregistration. Signed-off-by: Tian Tao <tiantao6(a)hisilicon.com> Reviewed-by: Sumit Garg <sumit.garg(a)linaro.org> --- v2:Fix up subject line as s/hwrng: optee -:/hwrng: optee:/ --- drivers/char/hw_random/optee-rng.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/drivers/char/hw_random/optee-rng.c b/drivers/char/hw_random/optee-rng.c index a99d829..135a825 100644 --- a/drivers/char/hw_random/optee-rng.c +++ b/drivers/char/hw_random/optee-rng.c @@ -243,7 +243,7 @@ static int optee_rng_probe(struct device *dev) if (err) goto out_sess; - err = hwrng_register(&pvt_data.optee_rng); + err = devm_hwrng_register(dev, &pvt_data.optee_rng); if (err) { dev_err(dev, "hwrng registration failed (%d)\n", err); goto out_sess; @@ -263,7 +263,6 @@ static int optee_rng_probe(struct device *dev) static int optee_rng_remove(struct device *dev) { - hwrng_unregister(&pvt_data.optee_rng); tee_client_close_session(pvt_data.ctx, pvt_data.session_id); tee_client_close_context(pvt_data.ctx); -- 2.7.4

4 years, 1 month

2
1
0 0

[GIT PULL] OP-TEE I2C simplification for v5.12

by Jens Wiklander

Hello arm-soc maintainers, Please pull this fix eliminating a stack frame size warning and also simplifying I2C access in the OP-TEE driver. Thanks, Jens The following changes since commit e71ba9452f0b5b2e8dc8aa5445198cd9214a6a62: Linux 5.11-rc2 (2021-01-03 15:55:30 -0800) are available in the Git repository at: git://git.linaro.org/people/jens.wiklander/linux-tee.git tags/optee-simplify-i2c-access_for-v5.12 for you to fetch changes up to 67bc809752796acb2641ca343cad5b45eef31d7c: optee: simplify i2c access (2021-02-08 13:42:31 +0100) ---------------------------------------------------------------- Simplify i2c acess in OP-TEE driver ---------------------------------------------------------------- Arnd Bergmann (1): optee: simplify i2c access drivers/tee/optee/rpc.c | 31 ++++++++++++++++--------------- 1 file changed, 16 insertions(+), 15 deletions(-)

4 years, 1 month

2
1
0 0

[PATCH] tee: optee: add invoke_fn tracepoints

by Jisheng Zhang

Add tracepoints to retrieve information about the invoke_fn. This would help to measure how many invoke_fn are triggered and how long it takes to complete one invoke_fn call. Signed-off-by: Jisheng Zhang <Jisheng.Zhang(a)synaptics.com> --- drivers/tee/optee/call.c | 4 ++ drivers/tee/optee/optee_trace.h | 65 +++++++++++++++++++++++++++++++++ 2 files changed, 69 insertions(+) create mode 100644 drivers/tee/optee/optee_trace.h diff --git a/drivers/tee/optee/call.c b/drivers/tee/optee/call.c index 780d7c4fd756..9dbab10e7ac3 100644 --- a/drivers/tee/optee/call.c +++ b/drivers/tee/optee/call.c @@ -12,6 +12,8 @@ #include <linux/tee_drv.h> #include <linux/types.h> #include <linux/uaccess.h> +#define CREATE_TRACE_POINTS +#include "optee_trace.h" #include "optee_private.h" #include "optee_smc.h" @@ -138,9 +140,11 @@ u32 optee_do_call_with_arg(struct tee_context *ctx, phys_addr_t parg) while (true) { struct arm_smccc_res res; + trace_optee_invoke_fn_begin(&param); optee->invoke_fn(param.a0, param.a1, param.a2, param.a3, param.a4, param.a5, param.a6, param.a7, &res); + trace_optee_invoke_fn_end(&param, &res); if (res.a0 == OPTEE_SMC_RETURN_ETHREAD_LIMIT) { /* diff --git a/drivers/tee/optee/optee_trace.h b/drivers/tee/optee/optee_trace.h new file mode 100644 index 000000000000..f209df7004c2 --- /dev/null +++ b/drivers/tee/optee/optee_trace.h @@ -0,0 +1,65 @@ +/* SPDX-License-Identifier: GPL-2.0 */ +/* + * optee trace points + * + * Copyright (C) 2021 Synaptics Incorporated + * Author: Jisheng Zhang <jszhang(a)kernel.org> + */ + +#undef TRACE_SYSTEM +#define TRACE_SYSTEM optee + +#if !defined(_TRACE_OPTEE_H) || defined(TRACE_HEADER_MULTI_READ) +#define _TRACE_OPTEE_H + +#include <linux/arm-smccc.h> +#include <linux/tracepoint.h> +#include "optee_private.h" + +TRACE_EVENT(optee_invoke_fn_begin, + TP_PROTO(struct optee_rpc_param *param), + TP_ARGS(param), + + TP_STRUCT__entry( + __field(void *, param) + __array(u32, args, 8) + ), + + TP_fast_assign( + __entry->param = param; + memcpy(__entry->args, param, sizeof(__entry->args)); + ), + + TP_printk("param=%p (%x, %x, %x, %x, %x, %x, %x, %x)", __entry->param, + __entry->args[0], __entry->args[1], __entry->args[2], + __entry->args[3], __entry->args[4], __entry->args[5], + __entry->args[6], __entry->args[7]) +); + +TRACE_EVENT(optee_invoke_fn_end, + TP_PROTO(struct optee_rpc_param *param, struct arm_smccc_res *res), + TP_ARGS(param, res), + + TP_STRUCT__entry( + __field(void *, param) + __array(unsigned long, rets, 4) + ), + + TP_fast_assign( + __entry->param = param; + memcpy(__entry->rets, res, sizeof(__entry->rets)); + ), + + TP_printk("param=%p ret (%lx, %lx, %lx, %lx)", __entry->param, + __entry->rets[0], __entry->rets[1], __entry->rets[2], + __entry->rets[3]) +); +#endif /* _TRACE_OPTEE_H */ + +#undef TRACE_INCLUDE_PATH +#define TRACE_INCLUDE_PATH . +#undef TRACE_INCLUDE_FILE +#define TRACE_INCLUDE_FILE optee_trace + +/* This part must be outside protection */ +#include <trace/define_trace.h> -- 2.30.0

4 years, 1 month

2
1
0 0

[PATCH] optee: simplify i2c access

by Arnd Bergmann

From: Arnd Bergmann <arnd(a)arndb.de> Storing a bogus i2c_client structure on the stack adds overhead and causes a compile-time warning: drivers/tee/optee/rpc.c:493:6: error: stack frame size of 1056 bytes in function 'optee_handle_rpc' [-Werror,-Wframe-larger-than=] void optee_handle_rpc(struct tee_context *ctx, struct optee_rpc_param *param, Change the implementation of handle_rpc_func_cmd_i2c_transfer() to open-code the i2c_transfer() call, which makes it easier to read and avoids the warning. Fixes: c05210ab9757 ("drivers: optee: allow op-tee to access devices on the i2c bus") Signed-off-by: Arnd Bergmann <arnd(a)arndb.de> --- drivers/tee/optee/rpc.c | 31 ++++++++++++++++--------------- 1 file changed, 16 insertions(+), 15 deletions(-) diff --git a/drivers/tee/optee/rpc.c b/drivers/tee/optee/rpc.c index 1e3614e4798f..6cbb3643c6c4 100644 --- a/drivers/tee/optee/rpc.c +++ b/drivers/tee/optee/rpc.c @@ -54,8 +54,9 @@ static void handle_rpc_func_cmd_get_time(struct optee_msg_arg *arg) static void handle_rpc_func_cmd_i2c_transfer(struct tee_context *ctx, struct optee_msg_arg *arg) { - struct i2c_client client = { 0 }; struct tee_param *params; + struct i2c_adapter *adapter; + struct i2c_msg msg = { }; size_t i; int ret = -EOPNOTSUPP; u8 attr[] = { @@ -85,48 +86,48 @@ static void handle_rpc_func_cmd_i2c_transfer(struct tee_context *ctx, goto bad; } - client.adapter = i2c_get_adapter(params[0].u.value.b); - if (!client.adapter) + adapter = i2c_get_adapter(params[0].u.value.b); + if (!adapter) goto bad; if (params[1].u.value.a & OPTEE_MSG_RPC_CMD_I2C_FLAGS_TEN_BIT) { - if (!i2c_check_functionality(client.adapter, + if (!i2c_check_functionality(adapter, I2C_FUNC_10BIT_ADDR)) { - i2c_put_adapter(client.adapter); + i2c_put_adapter(adapter); goto bad; } - client.flags = I2C_CLIENT_TEN; + msg.flags = I2C_M_TEN; } - client.addr = params[0].u.value.c; - snprintf(client.name, I2C_NAME_SIZE, "i2c%d", client.adapter->nr); + msg.addr = params[0].u.value.c; + msg.buf = params[2].u.memref.shm->kaddr; + msg.len = params[2].u.memref.size; switch (params[0].u.value.a) { case OPTEE_MSG_RPC_CMD_I2C_TRANSFER_RD: - ret = i2c_master_recv(&client, params[2].u.memref.shm->kaddr, - params[2].u.memref.size); + msg.flags |= I2C_M_RD; break; case OPTEE_MSG_RPC_CMD_I2C_TRANSFER_WR: - ret = i2c_master_send(&client, params[2].u.memref.shm->kaddr, - params[2].u.memref.size); break; default: - i2c_put_adapter(client.adapter); + i2c_put_adapter(adapter); goto bad; } + ret = i2c_transfer(adapter, &msg, 1); + if (ret < 0) { arg->ret = TEEC_ERROR_COMMUNICATION; } else { - params[3].u.value.a = ret; + params[3].u.value.a = msg.len; if (optee_to_msg_param(arg->params, arg->num_params, params)) arg->ret = TEEC_ERROR_BAD_PARAMETERS; else arg->ret = TEEC_SUCCESS; } - i2c_put_adapter(client.adapter); + i2c_put_adapter(adapter); kfree(params); return; bad: -- 2.29.2

4 years, 1 month

3
9
0 0

[GIT PULL] TEE housekeeping for v5.12

by Jens Wiklander

Hello arm-soc maintainers, Please pull these patches fixing some comment typos and also a larger patch syncing some internal OP-TEE driver headers with OP-TEE OS. Thanks, Jens The following changes since commit e71ba9452f0b5b2e8dc8aa5445198cd9214a6a62: Linux 5.11-rc2 (2021-01-03 15:55:30 -0800) are available in the Git repository at: git://git.linaro.org:/people/jens.wiklander/linux-tee.git tags/tee-housekeeping-for-v5.12 for you to fetch changes up to 617d8e8b347edcee6da38df0aeb671fc9c9ba19c: optee: sync OP-TEE headers (2021-02-02 14:50:41 +0100) ---------------------------------------------------------------- TEE subsystem housekeeping - Fixes some comment typos in header files - Updates to use flexible-array member instead of zero-length array - Syncs internal OP-TEE headers with the ones from OP-TEE OS ---------------------------------------------------------------- Bjorn Helgaas (1): tee: optee: fix 'physical' typos Elvira Khabirova (1): tee: fix some comment typos in header files Jens Wiklander (1): optee: sync OP-TEE headers Tian Tao (1): drivers: optee: use flexible-array member instead of zero-length array drivers/tee/optee/optee_msg.h | 158 +++----------------------------------- drivers/tee/optee/optee_rpc_cmd.h | 103 +++++++++++++++++++++++++ drivers/tee/optee/optee_smc.h | 72 +++++++++++------ drivers/tee/optee/rpc.c | 39 +++++----- include/linux/tee_drv.h | 2 +- include/uapi/linux/tee.h | 2 +- 6 files changed, 183 insertions(+), 193 deletions(-) create mode 100644 drivers/tee/optee/optee_rpc_cmd.h

4 years, 2 months

2
1
0 0

[GIT PULL] OP-TEE fix for v5.12

by Jens Wiklander

Hello arm-soc maintainers, Please pull this small fix removing an unnecessary call to need_resched() before cond_resched() while the OP-TEE driver is handing a RPC. Thanks, Jens The following changes since commit e71ba9452f0b5b2e8dc8aa5445198cd9214a6a62: Linux 5.11-rc2 (2021-01-03 15:55:30 -0800) are available in the Git repository at: git://git.linaro.org:/people/jens.wiklander/linux-tee.git tags/optee-fix-cond-resched-call-for-v5.12 for you to fetch changes up to 958567600517fd15b7f35ca1a8be0104f0eb0686: tee: optee: remove need_resched() before cond_resched() (2021-02-03 08:11:11 +0100) ---------------------------------------------------------------- Remove unnecessary need_resched() before cond_resched() ---------------------------------------------------------------- Jens Wiklander (1): tee: optee: remove need_resched() before cond_resched() Rouven Czerwinski (1): tee: optee: replace might_sleep with cond_resched drivers/tee/optee/call.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)

4 years, 2 months

2
1
0 0

[PATCH] hwrng: optee -: Use device-managed registration API

by Tian Tao

Use devm_hwrng_register to get rid of manual unregistration. Signed-off-by: Tian Tao <tiantao6(a)hisilicon.com> --- drivers/char/hw_random/optee-rng.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/drivers/char/hw_random/optee-rng.c b/drivers/char/hw_random/optee-rng.c index a99d829..135a825 100644 --- a/drivers/char/hw_random/optee-rng.c +++ b/drivers/char/hw_random/optee-rng.c @@ -243,7 +243,7 @@ static int optee_rng_probe(struct device *dev) if (err) goto out_sess; - err = hwrng_register(&pvt_data.optee_rng); + err = devm_hwrng_register(dev, &pvt_data.optee_rng); if (err) { dev_err(dev, "hwrng registration failed (%d)\n", err); goto out_sess; @@ -263,7 +263,6 @@ static int optee_rng_probe(struct device *dev) static int optee_rng_remove(struct device *dev) { - hwrng_unregister(&pvt_data.optee_rng); tee_client_close_session(pvt_data.ctx, pvt_data.session_id); tee_client_close_context(pvt_data.ctx); -- 2.7.4

4 years, 2 months

2
1
0 0

[PATCH] tee: fix some comment typos in header files

by Elvira Khabirova

struct tee_param: revc -> recv. TEE_IOC_SUPPL_SEND: typo introduced by copy-pasting, replace invalid description with description from the according argument struct. Signed-off-by: Elvira Khabirova <e.khabirova(a)omprussia.ru> --- include/linux/tee_drv.h | 2 +- include/uapi/linux/tee.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/include/linux/tee_drv.h b/include/linux/tee_drv.h index d074302989dd..61557bc0e29f 100644 --- a/include/linux/tee_drv.h +++ b/include/linux/tee_drv.h @@ -85,7 +85,7 @@ struct tee_param { * @close_session: close a session * @invoke_func: invoke a trusted function * @cancel_req: request cancel of an ongoing invoke or open - * @supp_revc: called for supplicant to get a command + * @supp_recv: called for supplicant to get a command * @supp_send: called for supplicant to send a response * @shm_register: register shared memory buffer in TEE * @shm_unregister: unregister shared memory buffer in TEE diff --git a/include/uapi/linux/tee.h b/include/uapi/linux/tee.h index b619f37ee03e..7546be5ed4f8 100644 --- a/include/uapi/linux/tee.h +++ b/include/uapi/linux/tee.h @@ -342,7 +342,7 @@ struct tee_iocl_supp_send_arg { }; /** - * TEE_IOC_SUPPL_SEND - Receive a request for a supplicant function + * TEE_IOC_SUPPL_SEND - Send a response to a received request * * Takes a struct tee_ioctl_buf_data which contains a struct * tee_iocl_supp_send_arg followed by any array of struct tee_param -- 2.28.0

4 years, 2 months

3
2
0 0

[PATCH] tee: optee: fix 'physical' typos

by Bjorn Helgaas

From: Bjorn Helgaas <bhelgaas(a)google.com> Fix misspellings of "physical". Signed-off-by: Bjorn Helgaas <bhelgaas(a)google.com> --- drivers/tee/optee/optee_smc.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/tee/optee/optee_smc.h b/drivers/tee/optee/optee_smc.h index 777ad54d4c2c..b52eb34b4237 100644 --- a/drivers/tee/optee/optee_smc.h +++ b/drivers/tee/optee/optee_smc.h @@ -139,7 +139,7 @@ struct optee_smc_call_get_os_revision_result { * optee_msg_arg. * OPTEE_SMC_RETURN_ETHREAD_LIMIT Number of Trusted OS threads exceeded, * try again later. - * OPTEE_SMC_RETURN_EBADADDR Bad physcial pointer to struct + * OPTEE_SMC_RETURN_EBADADDR Bad physical pointer to struct * optee_msg_arg. * OPTEE_SMC_RETURN_EBADCMD Bad/unknown cmd in struct optee_msg_arg * OPTEE_SMC_RETURN_IS_RPC() Call suspended by RPC call to normal -- 2.25.1

4 years, 2 months

2
1
0 0

2025

2024

2023

2022

2021

2020

OP-TEE