Line data Source code
1 1 : /*
2 : * Copyright (c) 2023 EPAM Systems
3 : *
4 : * SPDX-License-Identifier: Apache-2.0
5 : */
6 :
7 : /**
8 : * @file drivers/tee.h
9 : *
10 : * @brief Public APIs for the tee driver.
11 : */
12 :
13 : /*
14 : * Copyright (c) 2015-2016, Linaro Limited
15 : * All rights reserved.
16 : *
17 : * Redistribution and use in source and binary forms, with or without
18 : * modification, are permitted provided that the following conditions are met:
19 : *
20 : * 1. Redistributions of source code must retain the above copyright notice,
21 : * this list of conditions and the following disclaimer.
22 : *
23 : * 2. Redistributions in binary form must reproduce the above copyright notice,
24 : * this list of conditions and the following disclaimer in the documentation
25 : * and/or other materials provided with the distribution.
26 : *
27 : * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
28 : * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
29 : * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
30 : * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
31 : * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
32 : * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
33 : * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
34 : * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
35 : * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
36 : * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
37 : * POSSIBILITY OF SUCH DAMAGE.
38 : */
39 : #ifndef ZEPHYR_INCLUDE_DRIVERS_TEE_H_
40 : #define ZEPHYR_INCLUDE_DRIVERS_TEE_H_
41 :
42 : #include <zephyr/device.h>
43 : #include <zephyr/kernel.h>
44 : #include <zephyr/sys/util.h>
45 :
46 : /**
47 : * @brief Trusted Execution Environment Interface
48 : * @defgroup tee_interface TEE Interface
49 : * @ingroup io_interfaces
50 : * @{
51 : *
52 : * The generic interface to work with Trusted Execution Environment (TEE).
53 : * TEE is Trusted OS, running in the Secure Space, such as TrustZone in ARM cpus.
54 : * It also can be presented as the separate secure co-processors. It allows system
55 : * to implement logic, separated from the Normal World.
56 : *
57 : * Using TEE syscalls:
58 : * - tee_get_version() to get current TEE capabilities
59 : * - tee_open_session() to open new session to the TA
60 : * - tee_close_session() to close session to the TA
61 : * - tee_cancel() to cancel session or invoke function
62 : * - tee_invoke_func() to invoke function to the TA
63 : * - tee_shm_register() to register shared memory region
64 : * - tee_shm_unregister() to unregister shared memory region
65 : * - tee_shm_alloc() to allocate shared memory region
66 : * - tee_shm_free() to free shared memory region
67 : */
68 :
69 : #ifdef __cplusplus
70 : extern "C" {
71 : #endif
72 0 : #define TEE_UUID_LEN 16
73 :
74 0 : #define TEE_GEN_CAP_GP BIT(0) /* GlobalPlatform compliant TEE */
75 0 : #define TEE_GEN_CAP_PRIVILEGED BIT(1) /* Privileged device (for supplicant) */
76 0 : #define TEE_GEN_CAP_REG_MEM BIT(2) /* Supports registering shared memory */
77 0 : #define TEE_GEN_CAP_MEMREF_NULL BIT(3) /* Support NULL MemRef */
78 :
79 0 : #define TEE_SHM_REGISTER BIT(0)
80 0 : #define TEE_SHM_ALLOC BIT(1)
81 :
82 0 : #define TEE_PARAM_ATTR_TYPE_NONE 0 /* parameter not used */
83 0 : #define TEE_PARAM_ATTR_TYPE_VALUE_INPUT 1
84 0 : #define TEE_PARAM_ATTR_TYPE_VALUE_OUTPUT 2
85 0 : #define TEE_PARAM_ATTR_TYPE_VALUE_INOUT 3 /* input and output */
86 0 : #define TEE_PARAM_ATTR_TYPE_MEMREF_INPUT 5
87 0 : #define TEE_PARAM_ATTR_TYPE_MEMREF_OUTPUT 6
88 0 : #define TEE_PARAM_ATTR_TYPE_MEMREF_INOUT 7 /* input and output */
89 0 : #define TEE_PARAM_ATTR_TYPE_MASK 0xff
90 0 : #define TEE_PARAM_ATTR_META 0x100
91 0 : #define TEE_PARAM_ATTR_MASK (TEE_PARAM_ATTR_TYPE_MASK | TEE_PARAM_ATTR_META)
92 :
93 : /**
94 : * @brief Function error origins, of type TEEC_ErrorOrigin. These indicate where in
95 : * the software stack a particular return value originates from.
96 : *
97 : * TEEC_ORIGIN_API The error originated within the TEE Client API
98 : * implementation.
99 : * TEEC_ORIGIN_COMMS The error originated within the underlying
100 : * communications stack linking the rich OS with
101 : * the TEE.
102 : * TEEC_ORIGIN_TEE The error originated within the common TEE code.
103 : * TEEC_ORIGIN_TRUSTED_APP The error originated within the Trusted Application
104 : * code.
105 : */
106 1 : #define TEEC_ORIGIN_API 0x00000001
107 0 : #define TEEC_ORIGIN_COMMS 0x00000002
108 0 : #define TEEC_ORIGIN_TEE 0x00000003
109 0 : #define TEEC_ORIGIN_TRUSTED_APP 0x00000004
110 :
111 : /**
112 : * Return values. Type is TEEC_Result
113 : *
114 : * TEEC_SUCCESS The operation was successful.
115 : * TEEC_ERROR_GENERIC Non-specific cause.
116 : * TEEC_ERROR_ACCESS_DENIED Access privileges are not sufficient.
117 : * TEEC_ERROR_CANCEL The operation was canceled.
118 : * TEEC_ERROR_ACCESS_CONFLICT Concurrent accesses caused conflict.
119 : * TEEC_ERROR_EXCESS_DATA Too much data for the requested operation was
120 : * passed.
121 : * TEEC_ERROR_BAD_FORMAT Input data was of invalid format.
122 : * TEEC_ERROR_BAD_PARAMETERS Input parameters were invalid.
123 : * TEEC_ERROR_BAD_STATE Operation is not valid in the current state.
124 : * TEEC_ERROR_ITEM_NOT_FOUND The requested data item is not found.
125 : * TEEC_ERROR_NOT_IMPLEMENTED The requested operation should exist but is not
126 : * yet implemented.
127 : * TEEC_ERROR_NOT_SUPPORTED The requested operation is valid but is not
128 : * supported in this implementation.
129 : * TEEC_ERROR_NO_DATA Expected data was missing.
130 : * TEEC_ERROR_OUT_OF_MEMORY System ran out of resources.
131 : * TEEC_ERROR_BUSY The system is busy working on something else.
132 : * TEEC_ERROR_COMMUNICATION Communication with a remote party failed.
133 : * TEEC_ERROR_SECURITY A security fault was detected.
134 : * TEEC_ERROR_SHORT_BUFFER The supplied buffer is too short for the
135 : * generated output.
136 : * TEEC_ERROR_TARGET_DEAD Trusted Application has panicked
137 : * during the operation.
138 : */
139 :
140 : /**
141 : * Standard defined error codes.
142 : */
143 1 : #define TEEC_SUCCESS 0x00000000
144 0 : #define TEEC_ERROR_STORAGE_NOT_AVAILABLE 0xF0100003
145 0 : #define TEEC_ERROR_GENERIC 0xFFFF0000
146 0 : #define TEEC_ERROR_ACCESS_DENIED 0xFFFF0001
147 0 : #define TEEC_ERROR_CANCEL 0xFFFF0002
148 0 : #define TEEC_ERROR_ACCESS_CONFLICT 0xFFFF0003
149 0 : #define TEEC_ERROR_EXCESS_DATA 0xFFFF0004
150 0 : #define TEEC_ERROR_BAD_FORMAT 0xFFFF0005
151 0 : #define TEEC_ERROR_BAD_PARAMETERS 0xFFFF0006
152 0 : #define TEEC_ERROR_BAD_STATE 0xFFFF0007
153 0 : #define TEEC_ERROR_ITEM_NOT_FOUND 0xFFFF0008
154 0 : #define TEEC_ERROR_NOT_IMPLEMENTED 0xFFFF0009
155 0 : #define TEEC_ERROR_NOT_SUPPORTED 0xFFFF000A
156 0 : #define TEEC_ERROR_NO_DATA 0xFFFF000B
157 0 : #define TEEC_ERROR_OUT_OF_MEMORY 0xFFFF000C
158 0 : #define TEEC_ERROR_BUSY 0xFFFF000D
159 0 : #define TEEC_ERROR_COMMUNICATION 0xFFFF000E
160 0 : #define TEEC_ERROR_SECURITY 0xFFFF000F
161 0 : #define TEEC_ERROR_SHORT_BUFFER 0xFFFF0010
162 0 : #define TEEC_ERROR_EXTERNAL_CANCEL 0xFFFF0011
163 0 : #define TEEC_ERROR_TARGET_DEAD 0xFFFF3024
164 0 : #define TEEC_ERROR_STORAGE_NO_SPACE 0xFFFF3041
165 :
166 : /**
167 : * Session login methods, for use in tee_open_session() as parameter
168 : * connectionMethod. Type is uint32_t.
169 : *
170 : * TEEC_LOGIN_PUBLIC No login data is provided.
171 : * TEEC_LOGIN_USER Login data about the user running the Client
172 : * Application process is provided.
173 : * TEEC_LOGIN_GROUP Login data about the group running the Client
174 : * Application process is provided.
175 : * TEEC_LOGIN_APPLICATION Login data about the running Client Application
176 : * itself is provided.
177 : * TEEC_LOGIN_USER_APPLICATION Login data about the user and the running
178 : * Client Application itself is provided.
179 : * TEEC_LOGIN_GROUP_APPLICATION Login data about the group and the running
180 : * Client Application itself is provided.
181 : */
182 1 : #define TEEC_LOGIN_PUBLIC 0x00000000
183 0 : #define TEEC_LOGIN_USER 0x00000001
184 0 : #define TEEC_LOGIN_GROUP 0x00000002
185 0 : #define TEEC_LOGIN_APPLICATION 0x00000004
186 0 : #define TEEC_LOGIN_USER_APPLICATION 0x00000005
187 0 : #define TEEC_LOGIN_GROUP_APPLICATION 0x00000006
188 :
189 : /**
190 : * @brief TEE version
191 : *
192 : * Identifies the TEE implementation,@ref impl_id is one of TEE_IMPL_ID_* above.
193 : * @ref impl_caps is implementation specific, for example TEE_OPTEE_CAP_*
194 : * is valid when @ref impl_id == TEE_IMPL_ID_OPTEE.
195 : */
196 1 : struct tee_version_info {
197 1 : uint32_t impl_id; /**< [out] TEE implementation id */
198 1 : uint32_t impl_caps; /**< [out] implementation specific capabilities */
199 1 : uint32_t gen_caps; /**< Generic capabilities, defined by TEE_GEN_CAPS_* above */
200 : };
201 :
202 : /**
203 : * @brief - Open session argument
204 : */
205 1 : struct tee_open_session_arg {
206 1 : uint8_t uuid[TEE_UUID_LEN]; /**< [in] UUID of the Trusted Application */
207 1 : uint8_t clnt_uuid[TEE_UUID_LEN]; /**< [in] UUID of client */
208 1 : uint32_t clnt_login; /**< login class of client, TEE_IOCTL_LOGIN_* above */
209 1 : uint32_t cancel_id; /**< [in] cancellation id, a unique value to identify this request */
210 1 : uint32_t session; /**< [out] session id */
211 1 : uint32_t ret; /**< [out] return value */
212 1 : uint32_t ret_origin; /**< [out] origin of the return value */
213 : };
214 :
215 : /**
216 : * @brief Tee parameter
217 : *
218 : * @ref attr & TEE_PARAM_ATTR_TYPE_MASK indicates if memref or value is used in
219 : * the union. TEE_PARAM_ATTR_TYPE_VALUE_* indicates value and
220 : * TEE_PARAM_ATTR_TYPE_MEMREF_* indicates memref. TEE_PARAM_ATTR_TYPE_NONE
221 : * indicates that none of the members are used.
222 : *
223 : * Shared memory is allocated with TEE_IOC_SHM_ALLOC which returns an
224 : * identifier representing the shared memory object. A memref can reference
225 : * a part of a shared memory by specifying an offset (@ref a) and size (@ref b) of
226 : * the object. To supply the entire shared memory object set the offset
227 : * (@ref a) to 0 and size (@ref b) to the previously returned size of the object.
228 : */
229 1 : struct tee_param {
230 1 : uint64_t attr; /**< attributes */
231 1 : uint64_t a; /**< if a memref, offset into the shared memory object, else a value*/
232 1 : uint64_t b; /**< if a memref, size of the buffer, else a value parameter */
233 1 : uint64_t c; /**< if a memref, shared memory identifier, else a value parameter */
234 : };
235 :
236 : /**
237 : * @brief Invokes a function in a Trusted Application
238 : */
239 1 : struct tee_invoke_func_arg {
240 1 : uint32_t func; /**< [in] Trusted Application function, specific to the TA */
241 1 : uint32_t session; /**< [in] session id */
242 1 : uint32_t cancel_id; /**< [in] cancellation id, a unique value to identify this request */
243 1 : uint32_t ret; /**< [out] return value */
244 1 : uint32_t ret_origin; /**< [out] origin of the return value */
245 : };
246 :
247 : /**
248 : * @brief Tee shared memory structure
249 : */
250 1 : struct tee_shm {
251 1 : const struct device *dev; /**< [out] pointer to the device driver structure */
252 1 : void *addr; /**< [out] shared buffer pointer */
253 1 : uint64_t size; /**< [out] shared buffer size */
254 1 : uint32_t flags; /**< [out] shared buffer flags */
255 : };
256 :
257 : /**
258 : * @typedef tee_get_version_t
259 : *
260 : * @brief Callback API to get current tee version
261 : *
262 : * See @a tee_version_get() for argument definitions.
263 : */
264 1 : typedef int (*tee_get_version_t)(const struct device *dev, struct tee_version_info *info);
265 :
266 : /**
267 : * @typedef tee_open_session_t
268 : *
269 : * @brief Callback API to open session to Trusted Application
270 : *
271 : * See @a tee_open_session() for argument definitions.
272 : */
273 1 : typedef int (*tee_open_session_t)(const struct device *dev, struct tee_open_session_arg *arg,
274 : unsigned int num_param, struct tee_param *param,
275 : uint32_t *session_id);
276 : /**
277 : * @typedef tee_close_session_t
278 : *
279 : * @brief Callback API to close session to TA
280 : *
281 : * See @a tee_close_session() for argument definitions.
282 : */
283 1 : typedef int (*tee_close_session_t)(const struct device *dev, uint32_t session_id);
284 :
285 : /**
286 : * @typedef tee_cancel_t
287 : *
288 : * @brief Callback API to cancel open session of invoke function to TA
289 : *
290 : * See @a tee_cancel() for argument definitions.
291 : */
292 1 : typedef int (*tee_cancel_t)(const struct device *dev, uint32_t session_id, uint32_t cancel_id);
293 :
294 : /**
295 : * @typedef tee_invoke_func_t
296 : *
297 : * @brief Callback API to invoke function to TA
298 : *
299 : * See @a tee_invoke_func() for argument definitions.
300 : */
301 1 : typedef int (*tee_invoke_func_t)(const struct device *dev, struct tee_invoke_func_arg *arg,
302 : unsigned int num_param, struct tee_param *param);
303 : /**
304 : * @typedef tee_shm_register_t
305 : *
306 : * @brief Callback API to register shared memory
307 : *
308 : * See @a tee_shm_register() for argument definitions.
309 : */
310 1 : typedef int (*tee_shm_register_t)(const struct device *dev, struct tee_shm *shm);
311 :
312 : /**
313 : * @typedef tee_shm_unregister_t
314 : *
315 : * @brief Callback API to unregister shared memory
316 : *
317 : * See @a tee_shm_unregister() for argument definitions.
318 : */
319 1 : typedef int (*tee_shm_unregister_t)(const struct device *dev, struct tee_shm *shm);
320 :
321 : /**
322 : * @typedef tee_suppl_recv_t
323 : *
324 : * @brief Callback API to receive a request for TEE supplicant
325 : *
326 : * See @a tee_suppl_recv() for argument definitions.
327 : */
328 1 : typedef int (*tee_suppl_recv_t)(const struct device *dev, uint32_t *func, unsigned int *num_params,
329 : struct tee_param *param);
330 :
331 : /**
332 : * @typedef tee_suppl_send_t
333 : *
334 : * @brief Callback API to send a request for TEE supplicant
335 : *
336 : * See @a tee_suppl_send() for argument definitions.
337 : */
338 1 : typedef int (*tee_suppl_send_t)(const struct device *dev, unsigned int ret, unsigned int num_params,
339 : struct tee_param *param);
340 :
341 0 : __subsystem struct tee_driver_api {
342 0 : tee_get_version_t get_version;
343 0 : tee_open_session_t open_session;
344 0 : tee_close_session_t close_session;
345 0 : tee_cancel_t cancel;
346 0 : tee_invoke_func_t invoke_func;
347 0 : tee_shm_register_t shm_register;
348 0 : tee_shm_unregister_t shm_unregister;
349 0 : tee_suppl_recv_t suppl_recv;
350 0 : tee_suppl_send_t suppl_send;
351 : };
352 :
353 : /**
354 : * @brief Get the current TEE version info
355 : *
356 : * Returns info as tee version info which includes capabilities description
357 : *
358 : * @param dev TEE device
359 : * @param info Structure to return the capabilities
360 : *
361 : * @retval -ENOSYS If callback was not implemented
362 : *
363 : * @retval 0 On success, negative on error
364 : */
365 1 : __syscall int tee_get_version(const struct device *dev, struct tee_version_info *info);
366 :
367 : static inline int z_impl_tee_get_version(const struct device *dev, struct tee_version_info *info)
368 : {
369 : const struct tee_driver_api *api = (const struct tee_driver_api *)dev->api;
370 :
371 : if (!api->get_version) {
372 : return -ENOSYS;
373 : }
374 :
375 : return api->get_version(dev, info);
376 : }
377 :
378 : /**
379 : * @brief Open session for Trusted Environment
380 : *
381 : * Opens the new session to the Trusted Environment
382 : *
383 : * @param dev TEE device
384 : * @param arg Structure with the session arguments
385 : * @param num_param Number of the additional params to be passed
386 : * @param param List of the params to pass to open_session call
387 : * @param session_id Returns id of the created session
388 : *
389 : * @retval -ENOSYS If callback was not implemented
390 : *
391 : * @retval 0 On success, negative on error
392 : */
393 1 : __syscall int tee_open_session(const struct device *dev, struct tee_open_session_arg *arg,
394 : unsigned int num_param, struct tee_param *param,
395 : uint32_t *session_id);
396 :
397 : static inline int z_impl_tee_open_session(const struct device *dev,
398 : struct tee_open_session_arg *arg,
399 : unsigned int num_param, struct tee_param *param,
400 : uint32_t *session_id)
401 : {
402 : const struct tee_driver_api *api = (const struct tee_driver_api *)dev->api;
403 :
404 : if (!api->open_session) {
405 : return -ENOSYS;
406 : }
407 :
408 : return api->open_session(dev, arg, num_param, param, session_id);
409 : }
410 :
411 : /**
412 : * @brief Close session for Trusted Environment
413 : *
414 : * Closes session to the Trusted Environment
415 : *
416 : * @param dev TEE device
417 : * @param session_id session to close
418 : *
419 : * @retval -ENOSYS If callback was not implemented
420 : *
421 : * @retval 0 On success, negative on error
422 : */
423 1 : __syscall int tee_close_session(const struct device *dev, uint32_t session_id);
424 :
425 : static inline int z_impl_tee_close_session(const struct device *dev, uint32_t session_id)
426 : {
427 : const struct tee_driver_api *api = (const struct tee_driver_api *)dev->api;
428 :
429 : if (!api->close_session) {
430 : return -ENOSYS;
431 : }
432 :
433 : return api->close_session(dev, session_id);
434 : }
435 :
436 : /**
437 : * @brief Cancel session or invoke function for Trusted Environment
438 : *
439 : * Cancels session or invoke function for TA
440 : *
441 : * @param dev TEE device
442 : * @param session_id session to close
443 : * @param cancel_id cancel reason
444 : *
445 : * @retval -ENOSYS If callback was not implemented
446 : *
447 : * @retval 0 On success, negative on error
448 : */
449 1 : __syscall int tee_cancel(const struct device *dev, uint32_t session_id, uint32_t cancel_id);
450 :
451 : static inline int z_impl_tee_cancel(const struct device *dev, uint32_t session_id,
452 : uint32_t cancel_id)
453 : {
454 : const struct tee_driver_api *api = (const struct tee_driver_api *)dev->api;
455 :
456 : if (!api->cancel) {
457 : return -ENOSYS;
458 : }
459 :
460 : return api->cancel(dev, session_id, cancel_id);
461 : }
462 :
463 : /**
464 : * @brief Invoke function for Trusted Environment Application
465 : *
466 : * Invokes function to the TA
467 : *
468 : * @param dev TEE device
469 : * @param arg Structure with the invoke function arguments
470 : * @param num_param Number of the additional params to be passed
471 : * @param param List of the params to pass to open_session call
472 : *
473 : * @retval -ENOSYS If callback was not implemented
474 : *
475 : * @retval 0 On success, negative on error
476 : */
477 1 : __syscall int tee_invoke_func(const struct device *dev, struct tee_invoke_func_arg *arg,
478 : unsigned int num_param, struct tee_param *param);
479 :
480 : static inline int z_impl_tee_invoke_func(const struct device *dev, struct tee_invoke_func_arg *arg,
481 : unsigned int num_param, struct tee_param *param)
482 : {
483 : const struct tee_driver_api *api = (const struct tee_driver_api *)dev->api;
484 :
485 : if (!api->invoke_func) {
486 : return -ENOSYS;
487 : }
488 :
489 : return api->invoke_func(dev, arg, num_param, param);
490 : }
491 :
492 : /**
493 : * @brief Helper function to allocate and register shared memory
494 : *
495 : * Allocates and registers shared memory for TEE
496 : *
497 : * @param dev TEE device
498 : * @param addr Address of the shared memory
499 : * @param align Region alignment
500 : * @param size Size of the shared memory region
501 : * @param flags Flags to set registering parameters
502 : * @param shmp Return shared memory structure
503 : *
504 : * @retval 0 On success, negative on error
505 : */
506 1 : int tee_add_shm(const struct device *dev, void *addr, size_t align, size_t size, uint32_t flags,
507 : struct tee_shm **shmp);
508 :
509 : /**
510 : * @brief Helper function to remove and unregister shared memory
511 : *
512 : * Removes and unregisters shared memory for TEE
513 : *
514 : * @param dev TEE device
515 : * @param shm Pointer to tee_shm structure
516 : *
517 : * @retval 0 On success, negative on error
518 : */
519 1 : int tee_rm_shm(const struct device *dev, struct tee_shm *shm);
520 :
521 : /**
522 : * @brief Register shared memory for Trusted Environment
523 : *
524 : * Registers shared memory for TEE
525 : *
526 : * @param dev TEE device
527 : * @param addr Address of the shared memory
528 : * @param size Size of the shared memory region
529 : * @param flags Flags to set registering parameters
530 : * @param shm Return shared memory structure
531 : *
532 : * @retval -ENOSYS If callback was not implemented
533 : *
534 : * @retval 0 On success, negative on error
535 : */
536 1 : __syscall int tee_shm_register(const struct device *dev, void *addr, size_t size,
537 : uint32_t flags, struct tee_shm **shm);
538 :
539 : static inline int z_impl_tee_shm_register(const struct device *dev, void *addr, size_t size,
540 : uint32_t flags, struct tee_shm **shm)
541 : {
542 : flags &= ~TEE_SHM_ALLOC;
543 : return tee_add_shm(dev, addr, 0, size, flags | TEE_SHM_REGISTER, shm);
544 : }
545 :
546 : /**
547 : * @brief Unregister shared memory for Trusted Environment
548 : *
549 : * Unregisters shared memory for TEE
550 : *
551 : * @param dev TEE device
552 : * @param shm Shared memory structure
553 : *
554 : * @retval -ENOSYS If callback was not implemented
555 : *
556 : * @retval 0 On success, negative on error
557 : */
558 1 : __syscall int tee_shm_unregister(const struct device *dev, struct tee_shm *shm);
559 :
560 : static inline int z_impl_tee_shm_unregister(const struct device *dev, struct tee_shm *shm)
561 : {
562 : return tee_rm_shm(dev, shm);
563 : }
564 :
565 : /**
566 : * @brief Allocate shared memory region for Trusted Environment
567 : *
568 : * Allocate shared memory for TEE
569 : *
570 : * @param dev TEE device
571 : * @param size Region size
572 : * @param flags to allocate region
573 : * @param shm Return shared memory structure
574 : *
575 : * @retval -ENOSYS If callback was not implemented
576 : *
577 : * @retval 0 On success, negative on error
578 : */
579 1 : __syscall int tee_shm_alloc(const struct device *dev, size_t size, uint32_t flags,
580 : struct tee_shm **shm);
581 :
582 : static inline int z_impl_tee_shm_alloc(const struct device *dev, size_t size, uint32_t flags,
583 : struct tee_shm **shm)
584 : {
585 : return tee_add_shm(dev, NULL, 0, size, flags | TEE_SHM_ALLOC | TEE_SHM_REGISTER, shm);
586 : }
587 :
588 : /**
589 : * @brief Free shared memory region for Trusted Environment
590 : *
591 : * Frees shared memory for TEE
592 : *
593 : * @param dev TEE device
594 : * @param shm Shared memory structure
595 : *
596 : * @retval -ENOSYS If callback was not implemented
597 : *
598 : * @retval 0 On success, negative on error
599 : */
600 1 : __syscall int tee_shm_free(const struct device *dev, struct tee_shm *shm);
601 :
602 : static inline int z_impl_tee_shm_free(const struct device *dev, struct tee_shm *shm)
603 : {
604 : return tee_rm_shm(dev, shm);
605 : }
606 :
607 : /**
608 : * @brief Receive a request for TEE Supplicant
609 : *
610 : * @param dev TEE device
611 : * @param func Supplicant function
612 : * @param num_params Number of parameters to be passed
613 : * @param param List of the params for send/receive
614 : *
615 : * @retval -ENOSYS If callback was not implemented
616 : *
617 : * @retval 0 On success, negative on error
618 : */
619 1 : __syscall int tee_suppl_recv(const struct device *dev, uint32_t *func, unsigned int *num_params,
620 : struct tee_param *param);
621 :
622 : static inline int z_impl_tee_suppl_recv(const struct device *dev, uint32_t *func,
623 : unsigned int *num_params, struct tee_param *param)
624 : {
625 : const struct tee_driver_api *api = (const struct tee_driver_api *)dev->api;
626 :
627 : if (!api->suppl_recv) {
628 : return -ENOSYS;
629 : }
630 :
631 : return api->suppl_recv(dev, func, num_params, param);
632 : }
633 :
634 : /**
635 : * @brief Send a request for TEE Supplicant function
636 : *
637 : * @param dev TEE device
638 : * @param ret supplicant return code
639 : * @param num_params Number of parameters to be passed
640 : * @param param List of the params for send/receive
641 : *
642 : * @retval -ENOSYS If callback was not implemented
643 : * @retval Return value for sent request
644 : *
645 : * @retval 0 On success, negative on error
646 : */
647 1 : __syscall int tee_suppl_send(const struct device *dev, unsigned int ret, unsigned int num_params,
648 : struct tee_param *param);
649 :
650 : static inline int z_impl_tee_suppl_send(const struct device *dev, unsigned int ret,
651 : unsigned int num_params, struct tee_param *param)
652 : {
653 : const struct tee_driver_api *api = (const struct tee_driver_api *)dev->api;
654 :
655 : if (!api->suppl_send) {
656 : return -ENOSYS;
657 : }
658 :
659 : return api->suppl_send(dev, ret, num_params, param);
660 : }
661 :
662 : #ifdef __cplusplus
663 : }
664 : #endif
665 :
666 : /**
667 : * @}
668 : */
669 :
670 : #include <zephyr/syscalls/tee.h>
671 :
672 : #endif /* ZEPHYR_INCLUDE_DRIVERS_TEE_H_ */
|
