From fc1fe01b08cedd77a194bb82fa81af4fe1e39031 Mon Sep 17 00:00:00 2001 From: Igor Opaniuk Date: Tue, 9 Apr 2019 15:38:14 +0200 Subject: avb: add support for named persistent values AVB 2.0 spec. revision 1.1 introduces support for named persistent values that must be tamper evident and allows AVB to store arbitrary key-value pairs [1]. Introduce implementation of two additional AVB operations read_persistent_value()/write_persistent_value() for retrieving/storing named persistent values. Correspondent pull request in the OP-TEE OS project repo [2]. [1]: https://android.googlesource.com/platform/external/avb/+/android-9.0.0_r22 [2]: https://github.com/OP-TEE/optee_os/pull/2699 Reviewed-by: Simon Glass Reviewed-by: Sam Protsenko Signed-off-by: Igor Opaniuk --- drivers/tee/sandbox.c | 121 ++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 102 insertions(+), 19 deletions(-) (limited to 'drivers/tee/sandbox.c') diff --git a/drivers/tee/sandbox.c b/drivers/tee/sandbox.c index ccddb03e73..a136bc9609 100644 --- a/drivers/tee/sandbox.c +++ b/drivers/tee/sandbox.c @@ -14,6 +14,7 @@ * available. */ +static const u32 pstorage_max = 16; /** * struct ta_entry - TA entries * @uuid: UUID of an emulated TA @@ -24,8 +25,11 @@ */ struct ta_entry { struct tee_optee_ta_uuid uuid; - u32 (*open_session)(uint num_params, struct tee_param *params); - u32 (*invoke_func)(u32 func, uint num_params, struct tee_param *params); + u32 (*open_session)(struct udevice *dev, uint num_params, + struct tee_param *params); + u32 (*invoke_func)(struct udevice *dev, + u32 func, uint num_params, + struct tee_param *params); }; #ifdef CONFIG_OPTEE_TA_AVB @@ -59,10 +63,8 @@ bad_params: return TEE_ERROR_BAD_PARAMETERS; } -static u64 ta_avb_rollback_indexes[TA_AVB_MAX_ROLLBACK_LOCATIONS]; -static u32 ta_avb_lock_state; - -static u32 ta_avb_open_session(uint num_params, struct tee_param *params) +static u32 ta_avb_open_session(struct udevice *dev, uint num_params, + struct tee_param *params) { /* * We don't expect additional parameters when opening a session to @@ -73,12 +75,17 @@ static u32 ta_avb_open_session(uint num_params, struct tee_param *params) num_params, params); } -static u32 ta_avb_invoke_func(u32 func, uint num_params, +static u32 ta_avb_invoke_func(struct udevice *dev, u32 func, uint num_params, struct tee_param *params) { + struct sandbox_tee_state *state = dev_get_priv(dev); + ENTRY e, *ep; + char *name; u32 res; uint slot; u64 val; + char *value; + u32 value_sz; switch (func) { case TA_AVB_CMD_READ_ROLLBACK_INDEX: @@ -91,12 +98,12 @@ static u32 ta_avb_invoke_func(u32 func, uint num_params, return res; slot = params[0].u.value.a; - if (slot >= ARRAY_SIZE(ta_avb_rollback_indexes)) { + if (slot >= ARRAY_SIZE(state->ta_avb_rollback_indexes)) { printf("Rollback index slot out of bounds %u\n", slot); return TEE_ERROR_BAD_PARAMETERS; } - val = ta_avb_rollback_indexes[slot]; + val = state->ta_avb_rollback_indexes[slot]; params[1].u.value.a = val >> 32; params[1].u.value.b = val; return TEE_SUCCESS; @@ -111,16 +118,16 @@ static u32 ta_avb_invoke_func(u32 func, uint num_params, return res; slot = params[0].u.value.a; - if (slot >= ARRAY_SIZE(ta_avb_rollback_indexes)) { + if (slot >= ARRAY_SIZE(state->ta_avb_rollback_indexes)) { printf("Rollback index slot out of bounds %u\n", slot); return TEE_ERROR_BAD_PARAMETERS; } val = (u64)params[1].u.value.a << 32 | params[1].u.value.b; - if (val < ta_avb_rollback_indexes[slot]) + if (val < state->ta_avb_rollback_indexes[slot]) return TEE_ERROR_SECURITY; - ta_avb_rollback_indexes[slot] = val; + state->ta_avb_rollback_indexes[slot] = val; return TEE_SUCCESS; case TA_AVB_CMD_READ_LOCK_STATE: @@ -132,7 +139,7 @@ static u32 ta_avb_invoke_func(u32 func, uint num_params, if (res) return res; - params[0].u.value.a = ta_avb_lock_state; + params[0].u.value.a = state->ta_avb_lock_state; return TEE_SUCCESS; case TA_AVB_CMD_WRITE_LOCK_STATE: @@ -144,13 +151,64 @@ static u32 ta_avb_invoke_func(u32 func, uint num_params, if (res) return res; - if (ta_avb_lock_state != params[0].u.value.a) { - ta_avb_lock_state = params[0].u.value.a; - memset(ta_avb_rollback_indexes, 0, - sizeof(ta_avb_rollback_indexes)); + if (state->ta_avb_lock_state != params[0].u.value.a) { + state->ta_avb_lock_state = params[0].u.value.a; + memset(state->ta_avb_rollback_indexes, 0, + sizeof(state->ta_avb_rollback_indexes)); } return TEE_SUCCESS; + case TA_AVB_CMD_READ_PERSIST_VALUE: + res = check_params(TEE_PARAM_ATTR_TYPE_MEMREF_INPUT, + TEE_PARAM_ATTR_TYPE_MEMREF_INOUT, + TEE_PARAM_ATTR_TYPE_NONE, + TEE_PARAM_ATTR_TYPE_NONE, + num_params, params); + if (res) + return res; + + name = params[0].u.memref.shm->addr; + + value = params[1].u.memref.shm->addr; + value_sz = params[1].u.memref.size; + + e.key = name; + e.data = NULL; + hsearch_r(e, FIND, &ep, &state->pstorage_htab, 0); + if (!ep) + return TEE_ERROR_ITEM_NOT_FOUND; + + value_sz = strlen(ep->data); + memcpy(value, ep->data, value_sz); + + return TEE_SUCCESS; + case TA_AVB_CMD_WRITE_PERSIST_VALUE: + res = check_params(TEE_PARAM_ATTR_TYPE_MEMREF_INPUT, + TEE_PARAM_ATTR_TYPE_MEMREF_INPUT, + TEE_PARAM_ATTR_TYPE_NONE, + TEE_PARAM_ATTR_TYPE_NONE, + num_params, params); + if (res) + return res; + + name = params[0].u.memref.shm->addr; + + value = params[1].u.memref.shm->addr; + value_sz = params[1].u.memref.size; + + e.key = name; + e.data = NULL; + hsearch_r(e, FIND, &ep, &state->pstorage_htab, 0); + if (ep) + hdelete_r(e.key, &state->pstorage_htab, 0); + + e.key = name; + e.data = value; + hsearch_r(e, ENTER, &ep, &state->pstorage_htab, 0); + if (!ep) + return TEE_ERROR_OUT_OF_MEMORY; + + return TEE_SUCCESS; default: return TEE_ERROR_NOT_SUPPORTED; @@ -225,7 +283,7 @@ static int sandbox_tee_open_session(struct udevice *dev, return 0; } - arg->ret = ta->open_session(num_params, params); + arg->ret = ta->open_session(dev, num_params, params); arg->ret_origin = TEE_ORIGIN_TRUSTED_APP; if (!arg->ret) { @@ -261,7 +319,7 @@ static int sandbox_tee_invoke_func(struct udevice *dev, return -EINVAL; } - arg->ret = ta->invoke_func(arg->func, num_params, params); + arg->ret = ta->invoke_func(dev, arg->func, num_params, params); arg->ret_origin = TEE_ORIGIN_TRUSTED_APP; return 0; @@ -285,6 +343,29 @@ static int sandbox_tee_shm_unregister(struct udevice *dev, struct tee_shm *shm) return 0; } +static int sandbox_tee_remove(struct udevice *dev) +{ + struct sandbox_tee_state *state = dev_get_priv(dev); + + hdestroy_r(&state->pstorage_htab); + + return 0; +} + +static int sandbox_tee_probe(struct udevice *dev) +{ + struct sandbox_tee_state *state = dev_get_priv(dev); + /* + * With this hastable we emulate persistent storage, + * which should contain persistent values + * between different sessions/command invocations. + */ + if (!hcreate_r(pstorage_max, &state->pstorage_htab)) + return TEE_ERROR_OUT_OF_MEMORY; + + return 0; +} + static const struct tee_driver_ops sandbox_tee_ops = { .get_version = sandbox_tee_get_version, .open_session = sandbox_tee_open_session, @@ -305,4 +386,6 @@ U_BOOT_DRIVER(sandbox_tee) = { .of_match = sandbox_tee_match, .ops = &sandbox_tee_ops, .priv_auto_alloc_size = sizeof(struct sandbox_tee_state), + .probe = sandbox_tee_probe, + .remove = sandbox_tee_remove, }; -- cgit