- OP-TEE - lists.trustedfirmware.org

[op-tee] [PATCH] Documentation: tee: Document TEE kernel interface

by Sumit Garg

Update documentation with TEE bus infrastructure which provides an interface for kernel client drivers to communicate with corresponding Trusted Application. Signed-off-by: Sumit Garg <sumit.garg(a)linaro.org> --- Documentation/tee.txt | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) diff --git a/Documentation/tee.txt b/Documentation/tee.txt index c8fad81..428d3b5 100644 --- a/Documentation/tee.txt +++ b/Documentation/tee.txt @@ -53,6 +53,28 @@ clients, forward them to the TEE and send back the results. In the case of supplicants the communication goes in the other direction, the TEE sends requests to the supplicant which then sends back the result. +The TEE kernel interface +======================== + +Kernel provides a TEE bus infrastructure where a Trusted Application is +represented as a device identified via Universally Unique Identifier (UUID) and +client drivers register a table of supported device UUIDs. + +TEE bus infrastructure registers following APIs: +- match(): iterates over the client driver UUID table to find a corresponding + match for device UUID. If a match is found, then this particular device is + probed via corresponding probe API registered by the client driver. This + process happens whenever a device or a client driver is registered with TEE + bus. +- uevent(): notifies user-space (udev) whenever a new device is registered on + TEE bus for auto-loading of modularized client drivers. + +TEE bus device enumeration is specific to underlying TEE implementation, so it +is left open for TEE drivers to provide corresponding implementation. + +Then TEE client driver can talk to a matched Trusted Application using APIs +listed in include/linux/tee_drv.h. + OP-TEE driver ============= @@ -112,6 +134,14 @@ kernel are handled by the kernel driver. Other RPC messages will be forwarded to tee-supplicant without further involvement of the driver, except switching shared memory buffer representation. +OP-TEE device enumeration +------------------------- + +OP-TEE provides a pseudo Trusted Application: drivers/tee/optee/device.c in +order to support device enumeration. In other words, OP-TEE driver invokes this +application to retrieve a list of Trusted Applications which can be registered +as devices on the TEE bus. + AMD-TEE driver ============== -- 2.7.4

3 years, 10 months

2
2
0 0

[op-tee] [PATCH v4 0/4] Introduce TEE based Trusted Keys support

by Sumit Garg

Add support for TEE based trusted keys where TEE provides the functionality to seal and unseal trusted keys using hardware unique key. Also, this is an alternative in case platform doesn't possess a TPM device. This patch-set has been tested with OP-TEE based early TA which can be found here [1]. [1] https://github.com/OP-TEE/optee_os/pull/3838 Changes in v4: 1. Pushed independent TEE features separately: - Part of recent TEE PR: https://lkml.org/lkml/2020/5/4/1062 2. Updated trusted-encrypted doc with TEE as a new trust source. 3. Rebased onto latest tpmdd/master. Changes in v3: 1. Update patch #2 to support registration of multiple kernel pages. 2. Incoporate dependency patch #4 in this patch-set: https://patchwork.kernel.org/patch/11091435/ Changes in v2: 1. Add reviewed-by tags for patch #1 and #2. 2. Incorporate comments from Jens for patch #3. 3. Switch to use generic trusted keys framework. Sumit Garg (4): KEYS: trusted: Add generic trusted keys framework KEYS: trusted: Introduce TEE based Trusted Keys doc: trusted-encrypted: updates with TEE as a new trust source MAINTAINERS: Add entry for TEE based Trusted Keys Documentation/security/keys/trusted-encrypted.rst | 203 ++++++++++--- MAINTAINERS | 8 + include/keys/trusted-type.h | 48 ++++ include/keys/trusted_tee.h | 66 +++++ include/keys/trusted_tpm.h | 15 - security/keys/Kconfig | 3 + security/keys/trusted-keys/Makefile | 2 + security/keys/trusted-keys/trusted_common.c | 336 ++++++++++++++++++++++ security/keys/trusted-keys/trusted_tee.c | 282 ++++++++++++++++++ security/keys/trusted-keys/trusted_tpm1.c | 335 ++++----------------- 10 files changed, 974 insertions(+), 324 deletions(-) create mode 100644 include/keys/trusted_tee.h create mode 100644 security/keys/trusted-keys/trusted_common.c create mode 100644 security/keys/trusted-keys/trusted_tee.c -- 2.7.4

3 years, 11 months

2
20
0 0

[op-tee] Aarch64: unaligned access despite -mstrict-align

by Jerome Forissier

Hi, I experienced a crash in code compiled with Clang 10.0.0 due to a misaligned 64-bit data access. The (ARMv8) CPU is configured with SCTL.A == 1 (alignment check enable). With SCTLR.A == 0 the code runs as expected. After some investigation I came up with the following reproducer: ---8<-------8<-------8<-------8<-------8<-------8<-------8<------- $ cat test.c extern char *g; int memcmp(const void *s1, const void *s2, unsigned long n); int f(void *c) { return memcmp(g, c, 16); } $ clang --target=aarch64-linux-gnu -Os -mstrict-align -S test.c $ cat test.s .text .file "test.c" .globl f // -- Begin function f .p2align 2 .type f,@function f: // @f // %bb.0: adrp x8, g ldr x10, [x8, :lo12:g] ldr x9, [x0] ldr x8, [x10] rev x9, x9 rev x8, x8 cmp x8, x9 b.ne .LBB0_3 // %bb.1: ldr x8, [x10, #8] ldr x9, [x0, #8] rev x8, x8 rev x9, x9 cmp x8, x9 b.ne .LBB0_3 // %bb.2: mov w0, wzr ret .LBB0_3: cmp x8, x9 mov w8, #-1 cneg w0, w8, hs ret .Lfunc_end0: .size f, .Lfunc_end0-f // -- End function .ident "clang version 10.0.0-4ubuntu1 " .section ".note.GNU-stack","",@progbits .addrsig ---8<-------8<-------8<-------8<-------8<-------8<-------8<------- Note the 'ldr x9, [x0]'. At this point there is no guarantee that x0 is a multiple of 8, so why is Clang generating this code? Thanks, -- Jerome

3 years, 11 months

4
6
0 0

[op-tee] Maximum line length in the Linux kernel

by Jérôme Forissier

FYI, the "80 column" rule has just evolved a bit: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?… So it is now s "<= 80 columns preferred, but up to 100 is OK". Since we are mostly following the Linux coding style, I think this should apply to OP-TEE as well. Personally, I think it's a good thing as it will help avoid some silly line breaks in long debug messages for instance. -- Jerome

3 years, 11 months

1
0
0 0

[op-tee] OP-TEE 3.9.0 has been released

by Jens Wiklander

[BCC all OP-TEE maintainers] Hi, FYI, I have just finalized the OP-TEE 3.9.0 release (changelog [1]). As always, thank you to everyone who contributed to OP-TEE and participated in testing this release [2]. [1] https://github.com/OP-TEE/optee_os/blob/3.9.0/CHANGELOG.md [2] https://github.com/OP-TEE/optee_os/commit/af141c61fe7a2430f3b4bb89661d84141… Regards, Jens

3 years, 11 months

1
0
0 0

[op-tee] Preparing for OP-TEE 3.9.0

by Jens Wiklander

[BCC all OP-TEE maintainers] Hi OP-TEE maintainers & contributors, We're about to make another OP-TEE release, namely: 3.9.0. Target is Friday, May 22th which leaves us almost 3 weeks to finalize the release. Please start testing your favorite platform(s) and report any issue in this pull request [1]. I will create a release candidate tag one week before the release date, at which point we will do some more testing and I will collect Tested-by tags in the same pull request. [1] https://github.com/OP-TEE/optee_os/pull/3833 Thanks! Regards, Jens

3 years, 11 months

1
1
0 0

[op-tee] [PATCH v2 0/3] tee: add support for session's client UUID generation

by Vesa Jääskeläinen

TEE Client API defines that from user space only information needed for specified login operations is group identifier for group based logins. REE kernel is expected to formulate trustworthy client UUID and pass that to TEE environment. REE kernel is required to verify that provided group identifier for group based logins matches calling processes group memberships. TEE specification only defines that the information passed from REE environment to TEE environment is encoded into on UUID. In order to guarantee trustworthiness of client UUID user space is not allowed to freely pass client UUID. Vesa Jääskeläinen (3): tee: add support for session's client UUID generation tee: optee: Add support for session login client UUID generation [RFC] tee: add support for app id for client UUID generation drivers/tee/Kconfig | 1 + drivers/tee/optee/call.c | 6 +- drivers/tee/tee_core.c | 211 +++++++++++++++++++++++++++++++++++++++ include/linux/tee_drv.h | 16 +++ 4 files changed, 233 insertions(+), 1 deletion(-) -- 2.17.1 Changes v1->v2: * Changed goto labels to be more logical * Capture error if formatted string for UUIDv5 does not fit into buffer Notes: This patcheset has been designed so that it can be iteratively intergrated meaning that the application ID (RFC patch) part can be left for later when there is agreed solution for that. TEE specification leaves Linux behavior undefined. It does not define any UUID value for name space. UUID in here is randomly generated with uuidgen tool. I have also include amdtee people as this method probably should also be applied in there. Using op-tee(a)lists.trustedfirmware.org instead of tee-dev(a)lists.linaro.org as latter is deprecated old list. Original issue in OP-TEE OS tracker: https://github.com/OP-TEE/optee_os/issues/3642 Related reviews and demonstration for the concept: https://github.com/linaro-swg/linux/pull/74 https://github.com/OP-TEE/optee_client/pull/195 https://github.com/OP-TEE/optee_test/pull/406

3 years, 11 months

2
4
0 0

[op-tee] [PATCH 0/3] tee: add support for session's client UUID generation

by Vesa Jääskeläinen

TEE Client API defines that from user space only information needed for specified login operations is group identifier for group based logins. REE kernel is expected to formulate trustworthy client UUID and pass that to TEE environment. REE kernel is required to verify that provided group identifier for group based logins matches calling processes group memberships. TEE specification only defines that the information passed from REE environment to TEE environment is encoded into on UUID. In order to guarantee trustworthiness of client UUID user space is not allowed to freely pass client UUID. Vesa Jääskeläinen (3): tee: add support for session's client UUID generation tee: optee: Add support for session login client UUID generation [RFC] tee: add support for app id for client UUID generation drivers/tee/Kconfig | 1 + drivers/tee/optee/call.c | 6 +- drivers/tee/tee_core.c | 188 +++++++++++++++++++++++++++++++++++++++ include/linux/tee_drv.h | 16 ++++ 4 files changed, 210 insertions(+), 1 deletion(-) -- 2.17.1 Notes: This patcheset has been designed so that it can be iteratively intergrated meaning that the application ID (RFC patch) part can be left for later when there is agreed solution for that. TEE specification leaves Linux behavior undefined. It does not define any UUID value for name space. UUID in here is randomly generated with uuidgen tool. I have also include amdtee people as this method probably should also be applied in there. Using op-tee(a)lists.trustedfirmware.org instead of tee-dev(a)lists.linaro.org as latter is deprecated old list. Original issue in OP-TEE OS tracker: https://github.com/OP-TEE/optee_os/issues/3642 Related reviews and demonstration for the concept: https://github.com/linaro-swg/linux/pull/74 https://github.com/OP-TEE/optee_client/pull/195 https://github.com/OP-TEE/optee_test/pull/406

4 years

2
6
0 0

[op-tee] [PATCH v2 0/2] hw/arm/virt: dt: add kaslr-seed property

by Jerome Forissier

This patchset creates the DT property /chosen/kaslr-seed which is used by the OS for Address Space Layout Randomization. If the machine is secure, a similar property is created under /secure-chosen. Changes since v1: - Move creation of /secure-chosen to create_fdt() - Use qemu_guest_getrandom() instead of qcrypto_random_bytes() - Create kaslr-seed for the non-secure OS too Jerome Forissier (2): hw/arm/virt: dt: move creation of /secure-chosen to create_fdt() hw/arm/virt: dt: add kaslr-seed property hw/arm/virt.c | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) -- 2.20.1

4 years

2
3
0 0

2024

2023

2022

2021

2020

OP-TEE