Add README file to record some important information of optee_client.
Signed-off-by: Elon Zhang <zhangzj@rock-chips.com>
Change-Id: I66788f021d38c4617c87b46b6e3640ed7dd9e22f
The cache fixup is for the data coherence when communication
between U-Boot and OP-TEE. And data abort exception appeares on
OP-TEE V1 32bit platform due to unknown reason.
So only the share memory need be mapped as dcache enabled.
Signed-off-by: Elon Zhang <zhangzj@rock-chips.com>
Change-Id: I92b62ef5fbdf47adc0328a14034a5861e8e77fed
optee v1 smc message is deprecated and update to new optee msg,
api revision smc call is add in init func to check capcibility.
Change-Id: Ia54a1257050b5e3776a00b6b76ca608c939bb401
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
Signed-off-by: Elon Zhang <zhangzj@rock-chips.com>
1.use get_rkss_version function to get rkss version,
if security partition have data with rkss version 1, then
we choice rkss version 1, if security partition is empty,
then we choice rkss version 2
2.rkss version 2 support dual backup mechanism,
security partition total use 1M
3.rkss version 2 R&W 256k data one time
Change-Id: I2f17b22d6a442df84be0d94a808b03465dc6fefe
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
1.use get_rkss_version function to get rkss version,
if security partition have data with rkss version 1, then
we choice rkss version 1, if security partition is empty,
then we choice rkss version 2
2.rkss version 2 support dual backup mechanism,
security partition total use 1M
3.rkss version 2 R&W 256k data one time
Change-Id: I4103b6600666dffccf473ec4ed8854776a46da31
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
1.dev_desc->if_type == IF_TYPE_MMC for SD and eMMC device,
dev_desc->devnum == 1 is SD devices,
dev_desc->devnum == 0 is eMMC devices
2.SD devices do not have rpmb
3.we prefer to use rpmb for eMMC devices, use security
partition for nand or SD devices
Change-Id: Ifc21bd4da7c3ee91e2ecc845c343182c78d52dc1
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
file not exist if ret < 0, file exist if ret >=0
Change-Id: I1a70b0a41773f03d552c5f6cda82b745d6e81421
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
1.switch to RPMB partition when call init rpmb
2.switch to original partition when call finish rpmb
3.it will not switch to original partition when error
occurred, we should recover original partition after error
Change-Id: I41927e82fb2db690058a809f008ca1f59d334011
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
1.mmc testsecurestorage to test secure storage
2.test secure storage in rpmb and test secure storage in
security partition when use emmc
3.test secure storage in security partition when use nand
Change-Id: Id6f72893c002c5040cb1790051c9685911878df7
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
Extract keymaster CA module from OpteeClientInterface
refactoring code for keymaster reads and writes form caller module
Change-Id: I1069fce0d29d9d9815f71e7f3b4d231754382acd
Signed-off-by: Jian Qiu <qiujian@rock-chips.com>
Split attestation key into AttestationKey.ec and AttestationKey.rsa,
then write to secure storage.
Change-Id: I8e00d602c4174a002e6ecad2e4cfa846f32a681f
Signed-off-by: Tony Xu <tony.xu@rock-chips.com>
keymaster ta is too large, so we change store data
to static ta and remove keymaster ta
Change-Id: Icdb694138caf005d2cb2821714a8526d0391b18b
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
bug make error R&W when security partition is not defined
Change-Id: Iddf840d3f9c090292e58f73492c20f84e4b3b4ea
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
use R&W multi blocks and cache used flag to
speed up secure store.
Change-Id: Ib534fa33e1bb03006ed3b85992d1d48b5fe36f39
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION is support
for OPTEE_V1
Change-Id: Ic83d06a08a1d409905dcc61e0f7346ab23261b0c
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
compile form keymaster 8.0/develop commit:ddd71dca
Features:
ddd71dca ta: support emmc/nand storage for keymaster & gatekeeper
2692c551 Update export-user_ta/ to support dual filesystems
bc288722 keymaster: uboot write data overwrite
Change-Id: I51b84f62db15bd4825035089dbb6ee38d11d4cac
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
fix bug which make error when we try to create
a new file, old file should be delete, but old
file which fd equal to zero is exist!
Change-Id: I602e889ae12756c0c40e409d6439ac36cc1b5382
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
uboot can secure store data to nand or emmc "security"
partition for optee v2
Change-Id: I85abbfb3970a2fa3f46f540d3f16dfc7ca605317
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
uboot send data and data length to keymaster TA, keymaster
TA secure store the data, and read temp data from secure
store, compare data and temp data, but the compare length
use temp data length is wrong, fix the bug to use data length.
Change-Id: I900a7ab1b1e95ca844dfb7327c34c793cf635278
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
uboot read date return error when file not exit,
do not to create new file.
Change-Id: Ic4cbc631b9e75dc345759d6d0dbcc86250245511
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
move CONFIG_OPTEE_V1/V2 to lib/optee_clientApi/Kconfig
Change-Id: I446454547a186a27110aa95183264154fc538de9
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
Elon Zhang
Hisping Lin
Jason Zhu
Jian Qiu
Tony Xu
Joseph Chen