Zephyr API Documentation  3.7.0
A Scalable Open Source RTOS
Loading...
Searching...
No Matches
tee.h
Go to the documentation of this file.
1/*
2 * Copyright (c) 2023 EPAM Systems
3 *
4 * SPDX-License-Identifier: Apache-2.0
5 */
6
13/*
14 * Copyright (c) 2015-2016, Linaro Limited
15 * All rights reserved.
16 *
17 * Redistribution and use in source and binary forms, with or without
18 * modification, are permitted provided that the following conditions are met:
19 *
20 * 1. Redistributions of source code must retain the above copyright notice,
21 * this list of conditions and the following disclaimer.
22 *
23 * 2. Redistributions in binary form must reproduce the above copyright notice,
24 * this list of conditions and the following disclaimer in the documentation
25 * and/or other materials provided with the distribution.
26 *
27 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
28 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
29 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
30 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
31 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
32 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
33 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
34 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
35 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
36 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
37 * POSSIBILITY OF SUCH DAMAGE.
38 */
39#ifndef ZEPHYR_INCLUDE_DRIVERS_TEE_H_
40#define ZEPHYR_INCLUDE_DRIVERS_TEE_H_
41
42#include <zephyr/device.h>
43#include <zephyr/kernel.h>
44#include <zephyr/sys/util.h>
45
69#ifdef __cplusplus
70extern "C" {
71#endif
72#define TEE_UUID_LEN 16
73
74#define TEE_GEN_CAP_GP BIT(0) /* GlobalPlatform compliant TEE */
75#define TEE_GEN_CAP_PRIVILEGED BIT(1) /* Privileged device (for supplicant) */
76#define TEE_GEN_CAP_REG_MEM BIT(2) /* Supports registering shared memory */
77#define TEE_GEN_CAP_MEMREF_NULL BIT(3) /* Support NULL MemRef */
78
79#define TEE_SHM_REGISTER BIT(0)
80#define TEE_SHM_ALLOC BIT(1)
81
82#define TEE_PARAM_ATTR_TYPE_NONE 0 /* parameter not used */
83#define TEE_PARAM_ATTR_TYPE_VALUE_INPUT 1
84#define TEE_PARAM_ATTR_TYPE_VALUE_OUTPUT 2
85#define TEE_PARAM_ATTR_TYPE_VALUE_INOUT 3 /* input and output */
86#define TEE_PARAM_ATTR_TYPE_MEMREF_INPUT 5
87#define TEE_PARAM_ATTR_TYPE_MEMREF_OUTPUT 6
88#define TEE_PARAM_ATTR_TYPE_MEMREF_INOUT 7 /* input and output */
89#define TEE_PARAM_ATTR_TYPE_MASK 0xff
90#define TEE_PARAM_ATTR_META 0x100
91#define TEE_PARAM_ATTR_MASK (TEE_PARAM_ATTR_TYPE_MASK | TEE_PARAM_ATTR_META)
92
106#define TEEC_ORIGIN_API 0x00000001
107#define TEEC_ORIGIN_COMMS 0x00000002
108#define TEEC_ORIGIN_TEE 0x00000003
109#define TEEC_ORIGIN_TRUSTED_APP 0x00000004
110
143#define TEEC_SUCCESS 0x00000000
144#define TEEC_ERROR_STORAGE_NOT_AVAILABLE 0xF0100003
145#define TEEC_ERROR_GENERIC 0xFFFF0000
146#define TEEC_ERROR_ACCESS_DENIED 0xFFFF0001
147#define TEEC_ERROR_CANCEL 0xFFFF0002
148#define TEEC_ERROR_ACCESS_CONFLICT 0xFFFF0003
149#define TEEC_ERROR_EXCESS_DATA 0xFFFF0004
150#define TEEC_ERROR_BAD_FORMAT 0xFFFF0005
151#define TEEC_ERROR_BAD_PARAMETERS 0xFFFF0006
152#define TEEC_ERROR_BAD_STATE 0xFFFF0007
153#define TEEC_ERROR_ITEM_NOT_FOUND 0xFFFF0008
154#define TEEC_ERROR_NOT_IMPLEMENTED 0xFFFF0009
155#define TEEC_ERROR_NOT_SUPPORTED 0xFFFF000A
156#define TEEC_ERROR_NO_DATA 0xFFFF000B
157#define TEEC_ERROR_OUT_OF_MEMORY 0xFFFF000C
158#define TEEC_ERROR_BUSY 0xFFFF000D
159#define TEEC_ERROR_COMMUNICATION 0xFFFF000E
160#define TEEC_ERROR_SECURITY 0xFFFF000F
161#define TEEC_ERROR_SHORT_BUFFER 0xFFFF0010
162#define TEEC_ERROR_EXTERNAL_CANCEL 0xFFFF0011
163#define TEEC_ERROR_TARGET_DEAD 0xFFFF3024
164#define TEEC_ERROR_STORAGE_NO_SPACE 0xFFFF3041
165
182#define TEEC_LOGIN_PUBLIC 0x00000000
183#define TEEC_LOGIN_USER 0x00000001
184#define TEEC_LOGIN_GROUP 0x00000002
185#define TEEC_LOGIN_APPLICATION 0x00000004
186#define TEEC_LOGIN_USER_APPLICATION 0x00000005
187#define TEEC_LOGIN_GROUP_APPLICATION 0x00000006
188
200};
201
213};
214
229struct tee_param {
234};
235
245};
246
250struct tee_shm {
251 const struct device *dev;
252 void *addr;
255};
256
264typedef int (*tee_get_version_t)(const struct device *dev, struct tee_version_info *info);
265
273typedef int (*tee_open_session_t)(const struct device *dev, struct tee_open_session_arg *arg,
274 unsigned int num_param, struct tee_param *param,
275 uint32_t *session_id);
283typedef int (*tee_close_session_t)(const struct device *dev, uint32_t session_id);
284
292typedef int (*tee_cancel_t)(const struct device *dev, uint32_t session_id, uint32_t cancel_id);
293
301typedef int (*tee_invoke_func_t)(const struct device *dev, struct tee_invoke_func_arg *arg,
302 unsigned int num_param, struct tee_param *param);
310typedef int (*tee_shm_register_t)(const struct device *dev, struct tee_shm *shm);
311
319typedef int (*tee_shm_unregister_t)(const struct device *dev, struct tee_shm *shm);
320
328typedef int (*tee_suppl_recv_t)(const struct device *dev, uint32_t *func, unsigned int *num_params,
329 struct tee_param *param);
330
338typedef int (*tee_suppl_send_t)(const struct device *dev, unsigned int ret, unsigned int num_params,
339 struct tee_param *param);
340
341__subsystem struct tee_driver_api {
351};
352
365__syscall int tee_get_version(const struct device *dev, struct tee_version_info *info);
366
367static inline int z_impl_tee_get_version(const struct device *dev, struct tee_version_info *info)
368{
369 const struct tee_driver_api *api = (const struct tee_driver_api *)dev->api;
370
371 if (!api->get_version) {
372 return -ENOSYS;
373 }
374
375 return api->get_version(dev, info);
376}
377
393__syscall int tee_open_session(const struct device *dev, struct tee_open_session_arg *arg,
394 unsigned int num_param, struct tee_param *param,
395 uint32_t *session_id);
396
397static inline int z_impl_tee_open_session(const struct device *dev,
398 struct tee_open_session_arg *arg,
399 unsigned int num_param, struct tee_param *param,
400 uint32_t *session_id)
401{
402 const struct tee_driver_api *api = (const struct tee_driver_api *)dev->api;
403
404 if (!api->open_session) {
405 return -ENOSYS;
406 }
407
408 return api->open_session(dev, arg, num_param, param, session_id);
409}
410
423__syscall int tee_close_session(const struct device *dev, uint32_t session_id);
424
425static inline int z_impl_tee_close_session(const struct device *dev, uint32_t session_id)
426{
427 const struct tee_driver_api *api = (const struct tee_driver_api *)dev->api;
428
429 if (!api->close_session) {
430 return -ENOSYS;
431 }
432
433 return api->close_session(dev, session_id);
434}
435
449__syscall int tee_cancel(const struct device *dev, uint32_t session_id, uint32_t cancel_id);
450
451static inline int z_impl_tee_cancel(const struct device *dev, uint32_t session_id,
452 uint32_t cancel_id)
453{
454 const struct tee_driver_api *api = (const struct tee_driver_api *)dev->api;
455
456 if (!api->cancel) {
457 return -ENOSYS;
458 }
459
460 return api->cancel(dev, session_id, cancel_id);
461}
462
477__syscall int tee_invoke_func(const struct device *dev, struct tee_invoke_func_arg *arg,
478 unsigned int num_param, struct tee_param *param);
479
480static inline int z_impl_tee_invoke_func(const struct device *dev, struct tee_invoke_func_arg *arg,
481 unsigned int num_param, struct tee_param *param)
482{
483 const struct tee_driver_api *api = (const struct tee_driver_api *)dev->api;
484
485 if (!api->invoke_func) {
486 return -ENOSYS;
487 }
488
489 return api->invoke_func(dev, arg, num_param, param);
490}
491
506int tee_add_shm(const struct device *dev, void *addr, size_t align, size_t size, uint32_t flags,
507 struct tee_shm **shmp);
508
519int tee_rm_shm(const struct device *dev, struct tee_shm *shm);
520
536__syscall int tee_shm_register(const struct device *dev, void *addr, size_t size,
537 uint32_t flags, struct tee_shm **shm);
538
539static inline int z_impl_tee_shm_register(const struct device *dev, void *addr, size_t size,
540 uint32_t flags, struct tee_shm **shm)
541{
542 flags &= ~TEE_SHM_ALLOC;
543 return tee_add_shm(dev, addr, 0, size, flags | TEE_SHM_REGISTER, shm);
544}
545
558__syscall int tee_shm_unregister(const struct device *dev, struct tee_shm *shm);
559
560static inline int z_impl_tee_shm_unregister(const struct device *dev, struct tee_shm *shm)
561{
562 return tee_rm_shm(dev, shm);
563}
564
579__syscall int tee_shm_alloc(const struct device *dev, size_t size, uint32_t flags,
580 struct tee_shm **shm);
581
582static inline int z_impl_tee_shm_alloc(const struct device *dev, size_t size, uint32_t flags,
583 struct tee_shm **shm)
584{
585 return tee_add_shm(dev, NULL, 0, size, flags | TEE_SHM_ALLOC | TEE_SHM_REGISTER, shm);
586}
587
600__syscall int tee_shm_free(const struct device *dev, struct tee_shm *shm);
601
602static inline int z_impl_tee_shm_free(const struct device *dev, struct tee_shm *shm)
603{
604 return tee_rm_shm(dev, shm);
605}
606
619__syscall int tee_suppl_recv(const struct device *dev, uint32_t *func, unsigned int *num_params,
620 struct tee_param *param);
621
622static inline int z_impl_tee_suppl_recv(const struct device *dev, uint32_t *func,
623 unsigned int *num_params, struct tee_param *param)
624{
625 const struct tee_driver_api *api = (const struct tee_driver_api *)dev->api;
626
627 if (!api->suppl_recv) {
628 return -ENOSYS;
629 }
630
631 return api->suppl_recv(dev, func, num_params, param);
632}
633
647__syscall int tee_suppl_send(const struct device *dev, unsigned int ret, unsigned int num_params,
648 struct tee_param *param);
649
650static inline int z_impl_tee_suppl_send(const struct device *dev, unsigned int ret,
651 unsigned int num_params, struct tee_param *param)
652{
653 const struct tee_driver_api *api = (const struct tee_driver_api *)dev->api;
654
655 if (!api->suppl_send) {
656 return -ENOSYS;
657 }
658
659 return api->suppl_send(dev, ret, num_params, param);
660}
661
662#ifdef __cplusplus
663}
664#endif
665
670#include <zephyr/syscalls/tee.h>
671
672#endif /* ZEPHYR_INCLUDE_DRIVERS_TEE_H_ */
#define ENOSYS
Function not implemented.
Definition: errno.h:82
int(* tee_suppl_send_t)(const struct device *dev, unsigned int ret, unsigned int num_params, struct tee_param *param)
Callback API to send a request for TEE supplicant.
Definition: tee.h:338
int(* tee_open_session_t)(const struct device *dev, struct tee_open_session_arg *arg, unsigned int num_param, struct tee_param *param, uint32_t *session_id)
Callback API to open session to Trusted Application.
Definition: tee.h:273
int tee_shm_register(const struct device *dev, void *addr, size_t size, uint32_t flags, struct tee_shm **shm)
Register shared memory for Trusted Environment.
int tee_suppl_recv(const struct device *dev, uint32_t *func, unsigned int *num_params, struct tee_param *param)
Receive a request for TEE Supplicant.
int(* tee_shm_unregister_t)(const struct device *dev, struct tee_shm *shm)
Callback API to unregister shared memory.
Definition: tee.h:319
#define TEE_SHM_REGISTER
Definition: tee.h:79
int tee_shm_free(const struct device *dev, struct tee_shm *shm)
Free shared memory region for Trusted Environment.
int tee_cancel(const struct device *dev, uint32_t session_id, uint32_t cancel_id)
Cancel session or invoke function for Trusted Environment.
int tee_shm_alloc(const struct device *dev, size_t size, uint32_t flags, struct tee_shm **shm)
Allocate shared memory region for Trusted Environment.
int(* tee_invoke_func_t)(const struct device *dev, struct tee_invoke_func_arg *arg, unsigned int num_param, struct tee_param *param)
Callback API to invoke function to TA.
Definition: tee.h:301
#define TEE_UUID_LEN
Definition: tee.h:72
int(* tee_close_session_t)(const struct device *dev, uint32_t session_id)
Callback API to close session to TA.
Definition: tee.h:283
#define TEE_SHM_ALLOC
Definition: tee.h:80
int tee_suppl_send(const struct device *dev, unsigned int ret, unsigned int num_params, struct tee_param *param)
Send a request for TEE Supplicant function.
int(* tee_cancel_t)(const struct device *dev, uint32_t session_id, uint32_t cancel_id)
Callback API to cancel open session of invoke function to TA.
Definition: tee.h:292
int(* tee_shm_register_t)(const struct device *dev, struct tee_shm *shm)
Callback API to register shared memory.
Definition: tee.h:310
int tee_close_session(const struct device *dev, uint32_t session_id)
Close session for Trusted Environment.
int(* tee_suppl_recv_t)(const struct device *dev, uint32_t *func, unsigned int *num_params, struct tee_param *param)
Callback API to receive a request for TEE supplicant.
Definition: tee.h:328
int(* tee_get_version_t)(const struct device *dev, struct tee_version_info *info)
Callback API to get current tee version.
Definition: tee.h:264
int tee_open_session(const struct device *dev, struct tee_open_session_arg *arg, unsigned int num_param, struct tee_param *param, uint32_t *session_id)
Open session for Trusted Environment.
int tee_get_version(const struct device *dev, struct tee_version_info *info)
Get the current TEE version info.
int tee_shm_unregister(const struct device *dev, struct tee_shm *shm)
Unregister shared memory for Trusted Environment.
int tee_add_shm(const struct device *dev, void *addr, size_t align, size_t size, uint32_t flags, struct tee_shm **shmp)
Helper function to allocate and register shared memory.
int tee_invoke_func(const struct device *dev, struct tee_invoke_func_arg *arg, unsigned int num_param, struct tee_param *param)
Invoke function for Trusted Environment Application.
int tee_rm_shm(const struct device *dev, struct tee_shm *shm)
Helper function to remove and unregister shared memory.
Public kernel APIs.
flags
Definition: parser.h:96
__UINT32_TYPE__ uint32_t
Definition: stdint.h:90
__UINT64_TYPE__ uint64_t
Definition: stdint.h:91
__UINT8_TYPE__ uint8_t
Definition: stdint.h:88
Runtime device structure (in ROM) per driver instance.
Definition: device.h:403
const void * api
Address of the API structure exposed by the device instance.
Definition: device.h:409
Definition: tee.h:341
tee_cancel_t cancel
Definition: tee.h:345
tee_shm_register_t shm_register
Definition: tee.h:347
tee_suppl_recv_t suppl_recv
Definition: tee.h:349
tee_close_session_t close_session
Definition: tee.h:344
tee_invoke_func_t invoke_func
Definition: tee.h:346
tee_suppl_send_t suppl_send
Definition: tee.h:350
tee_shm_unregister_t shm_unregister
Definition: tee.h:348
tee_get_version_t get_version
Definition: tee.h:342
tee_open_session_t open_session
Definition: tee.h:343
Invokes a function in a Trusted Application.
Definition: tee.h:239
uint32_t func
[in] Trusted Application function, specific to the TA
Definition: tee.h:240
uint32_t cancel_id
[in] cancellation id, a unique value to identify this request
Definition: tee.h:242
uint32_t ret_origin
[out] origin of the return value
Definition: tee.h:244
uint32_t session
[in] session id
Definition: tee.h:241
uint32_t ret
[out] return value
Definition: tee.h:243
Open session argument
Definition: tee.h:205
uint32_t clnt_login
login class of client, TEE_IOCTL_LOGIN_* above
Definition: tee.h:208
uint32_t ret
[out] return value
Definition: tee.h:211
uint32_t session
[out] session id
Definition: tee.h:210
uint32_t ret_origin
[out] origin of the return value
Definition: tee.h:212
uint8_t uuid[16]
[in] UUID of the Trusted Application
Definition: tee.h:206
uint32_t cancel_id
[in] cancellation id, a unique value to identify this request
Definition: tee.h:209
uint8_t clnt_uuid[16]
[in] UUID of client
Definition: tee.h:207
Tee parameter.
Definition: tee.h:229
uint64_t b
if a memref, size of the buffer, else a value parameter
Definition: tee.h:232
uint64_t c
if a memref, shared memory identifier, else a value parameter
Definition: tee.h:233
uint64_t attr
attributes
Definition: tee.h:230
uint64_t a
if a memref, offset into the shared memory object, else a value
Definition: tee.h:231
Tee shared memory structure.
Definition: tee.h:250
uint64_t size
[out] shared buffer size
Definition: tee.h:253
void * addr
[out] shared buffer pointer
Definition: tee.h:252
const struct device * dev
[out] pointer to the device driver structure
Definition: tee.h:251
uint32_t flags
[out] shared buffer flags
Definition: tee.h:254
TEE version.
Definition: tee.h:196
uint32_t gen_caps
Generic capabilities, defined by TEE_GEN_CAPS_* above.
Definition: tee.h:199
uint32_t impl_caps
[out] implementation specific capabilities
Definition: tee.h:198
uint32_t impl_id
[out] TEE implementation id
Definition: tee.h:197
Misc utilities.