#
1bb67bbf |
|
17-Aug-2018 |
Christopher Tam <godtamit@google.com> |
[tee][optee] Implement basic RPC command handling One of the core RPCs in the OP-TEE spec executes a command specified and parameterized by an OP-TEE message format stored in memory. This CL adds support for the commands that allocate/free shared memory and load trusted applications for the trusted world. Supporting these commands are enough to allow for simple trusted applications to be loaded and executed in OP-TEE. Test: Manual testing on both VIM2 and Astro to verify that the TEEC_OpenSession API loads and returns successfully for a test "hello world" trusted application-client application pair. Change-Id: I1a2baa39c81090c678506e5b76abd792236835dd
|
#
ec288800 |
|
13-Aug-2018 |
Christopher Tam <godtamit@google.com> |
[tee][optee] Support private shared memory RPCs The OP-TEE driver is responsible for mediating communication between the REE and TEE. During this communication, the TEE may request the driver to send messages to and perform commands in the REE on its behalf via RPCs, but in order to communicate these requests to the driver, the TEE needs support from the driver to marshal shared memory (between the driver and TEE) via an RPC call. This CL adds support in the OP-TEE driver for responding to these RPCs and managing shared memory from the private pool for driver-TEE communication. Test: Manual testing on VIM2 to verify shared memory RPCs are properly fulfilled and communicated back to the TEE. Change-Id: Ib5d66b045d43fefdff20536a2e6bdd02e53217d4
|
#
aec5afba |
|
25-Jul-2018 |
RJ Ascani <rjascani@google.com> |
[tee][optee] Add open session interface To communicate between a client app and trusted app pair, a session must be created. This is done by sending an OP-TEE message to the secure world requesting a new session be established. This CL adds an interface to the OP-TEE device driver for opening a session and receiving a session id back. That id is then stored in the implementation specific portion of the TEE Client API's TEEC_Session. In practice, this doesn't quite work yet. Upon receiving the session request, OP-TEE replies with an RPC request for shared memory. Since we haven't added RPC handling yet, we fail there. Test: Run tee-test and see that it fails when RPC request is made by secure world. Change-Id: I56ff5f2a98b73c3d262738197b6bb62e2ef58fa5
|
#
1bca0094 |
|
25-Jul-2018 |
RJ Ascani <rjascani@google.com> |
[tee] Rename SMC Message to SMC Function Per ARM SMCCC nomenclature, a SMC call targets a function of a secure monitor provided service. As such, the SMC parameters that make up an SMC call should be referred to as a function call rather than a message. This will also help disambiguate from OP-TEE messages, which are an optional parameters in shared memory. This change is just a rename, no functionality changed. Test: Compilation successful Change-Id: Ieca80e27c777d07ed42997ba643201424ec0dbc2
|
#
f44de875 |
|
04-Jun-2018 |
RJ Ascani <rjascani@google.com> |
[drivers][optee] Add barebones OP-TEE driver OP-TEE is a Trusted OS designed for executing in the secure world of Cortex-A cores using TrustZone. Interaction with OP-TEE is an RPC like interface using the ARM Secure Monitor Call. The OP-TEE OS (BL32) is initialized by ARM Trusted Firmware (BL31) prior to U-Boot (BL33). This commit adds a not yet useful barebones driver that does nothing more than check to see whether OP-TEE is available in the secure world. For now, the platform driver will only attempt to initialize OP-TEE on VIM2. Test: Manually tested on VIM2 that the driver starts and binds when OP-TEE is installed and that it doesn't when it is not installed. Change-Id: I15315191d1a66f6841ec66e9bd7e7e8739aaa29e
|