Zephyr API Documentation 4.4.99
A Scalable Open Source RTOS
Loading...
Searching...
No Matches
tee.h
Go to the documentation of this file.
1/*
2 * Copyright (c) 2023 EPAM Systems
3 *
4 * SPDX-License-Identifier: Apache-2.0
5 */
6
12
13/*
14 * Copyright (c) 2015-2016, Linaro Limited
15 * All rights reserved.
16 *
17 * Redistribution and use in source and binary forms, with or without
18 * modification, are permitted provided that the following conditions are met:
19 *
20 * 1. Redistributions of source code must retain the above copyright notice,
21 * this list of conditions and the following disclaimer.
22 *
23 * 2. Redistributions in binary form must reproduce the above copyright notice,
24 * this list of conditions and the following disclaimer in the documentation
25 * and/or other materials provided with the distribution.
26 *
27 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
28 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
29 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
30 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
31 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
32 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
33 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
34 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
35 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
36 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
37 * POSSIBILITY OF SUCH DAMAGE.
38 */
39#ifndef ZEPHYR_INCLUDE_DRIVERS_TEE_H_
40#define ZEPHYR_INCLUDE_DRIVERS_TEE_H_
41
42#include <zephyr/device.h>
43#include <zephyr/kernel.h>
44#include <zephyr/sys/util.h>
45
68
69#ifdef __cplusplus
70extern "C" {
71#endif
72#define TEE_UUID_LEN 16
73
74#define TEE_GEN_CAP_GP BIT(0) /* GlobalPlatform compliant TEE */
75#define TEE_GEN_CAP_PRIVILEGED BIT(1) /* Privileged device (for supplicant) */
76#define TEE_GEN_CAP_REG_MEM BIT(2) /* Supports registering shared memory */
77#define TEE_GEN_CAP_MEMREF_NULL BIT(3) /* Support NULL MemRef */
78
79#define TEE_SHM_REGISTER BIT(0)
80#define TEE_SHM_ALLOC BIT(1)
81
82#define TEE_PARAM_ATTR_TYPE_NONE 0 /* parameter not used */
83#define TEE_PARAM_ATTR_TYPE_VALUE_INPUT 1
84#define TEE_PARAM_ATTR_TYPE_VALUE_OUTPUT 2
85#define TEE_PARAM_ATTR_TYPE_VALUE_INOUT 3 /* input and output */
86#define TEE_PARAM_ATTR_TYPE_MEMREF_INPUT 5
87#define TEE_PARAM_ATTR_TYPE_MEMREF_OUTPUT 6
88#define TEE_PARAM_ATTR_TYPE_MEMREF_INOUT 7 /* input and output */
89#define TEE_PARAM_ATTR_TYPE_MASK 0xff
90#define TEE_PARAM_ATTR_META 0x100
91#define TEE_PARAM_ATTR_MASK (TEE_PARAM_ATTR_TYPE_MASK | TEE_PARAM_ATTR_META)
92
106#define TEEC_ORIGIN_API 0x00000001
107#define TEEC_ORIGIN_COMMS 0x00000002
108#define TEEC_ORIGIN_TEE 0x00000003
109#define TEEC_ORIGIN_TRUSTED_APP 0x00000004
110
139
143#define TEEC_SUCCESS 0x00000000
144#define TEEC_ERROR_STORAGE_NOT_AVAILABLE 0xF0100003
145#define TEEC_ERROR_GENERIC 0xFFFF0000
146#define TEEC_ERROR_ACCESS_DENIED 0xFFFF0001
147#define TEEC_ERROR_CANCEL 0xFFFF0002
148#define TEEC_ERROR_ACCESS_CONFLICT 0xFFFF0003
149#define TEEC_ERROR_EXCESS_DATA 0xFFFF0004
150#define TEEC_ERROR_BAD_FORMAT 0xFFFF0005
151#define TEEC_ERROR_BAD_PARAMETERS 0xFFFF0006
152#define TEEC_ERROR_BAD_STATE 0xFFFF0007
153#define TEEC_ERROR_ITEM_NOT_FOUND 0xFFFF0008
154#define TEEC_ERROR_NOT_IMPLEMENTED 0xFFFF0009
155#define TEEC_ERROR_NOT_SUPPORTED 0xFFFF000A
156#define TEEC_ERROR_NO_DATA 0xFFFF000B
157#define TEEC_ERROR_OUT_OF_MEMORY 0xFFFF000C
158#define TEEC_ERROR_BUSY 0xFFFF000D
159#define TEEC_ERROR_COMMUNICATION 0xFFFF000E
160#define TEEC_ERROR_SECURITY 0xFFFF000F
161#define TEEC_ERROR_SHORT_BUFFER 0xFFFF0010
162#define TEEC_ERROR_EXTERNAL_CANCEL 0xFFFF0011
163#define TEEC_ERROR_TARGET_DEAD 0xFFFF3024
164#define TEEC_ERROR_STORAGE_NO_SPACE 0xFFFF3041
165
182#define TEEC_LOGIN_PUBLIC 0x00000000
183#define TEEC_LOGIN_USER 0x00000001
184#define TEEC_LOGIN_GROUP 0x00000002
185#define TEEC_LOGIN_APPLICATION 0x00000004
186#define TEEC_LOGIN_USER_APPLICATION 0x00000005
187#define TEEC_LOGIN_GROUP_APPLICATION 0x00000006
188
201
214
235
246
250struct tee_shm {
251 const struct device *dev;
252 void *addr;
253 uint64_t size;
254 uint32_t flags;
255};
256
263typedef int (*tee_get_version_t)(const struct device *dev, struct tee_version_info *info);
264
271typedef int (*tee_open_session_t)(const struct device *dev, struct tee_open_session_arg *arg,
272 unsigned int num_param, struct tee_param *param,
273 uint32_t *session_id);
280typedef int (*tee_close_session_t)(const struct device *dev, uint32_t session_id);
281
288typedef int (*tee_cancel_t)(const struct device *dev, uint32_t session_id, uint32_t cancel_id);
289
296typedef int (*tee_invoke_func_t)(const struct device *dev, struct tee_invoke_func_arg *arg,
297 unsigned int num_param, struct tee_param *param);
304typedef int (*tee_shm_register_t)(const struct device *dev, struct tee_shm *shm);
305
312typedef int (*tee_shm_unregister_t)(const struct device *dev, struct tee_shm *shm);
313
320typedef int (*tee_suppl_recv_t)(const struct device *dev, uint32_t *func, unsigned int *num_params,
321 struct tee_param *param);
322
329typedef int (*tee_suppl_send_t)(const struct device *dev, unsigned int ret, unsigned int num_params,
330 struct tee_param *param);
331
343
356__syscall int tee_get_version(const struct device *dev, struct tee_version_info *info);
357
358static inline int z_impl_tee_get_version(const struct device *dev, struct tee_version_info *info)
359{
360 const struct tee_driver_api *api = DEVICE_API_GET(tee, dev);
361
362 if (!api->get_version) {
363 return -ENOSYS;
364 }
365
366 return api->get_version(dev, info);
367}
368
384__syscall int tee_open_session(const struct device *dev, struct tee_open_session_arg *arg,
385 unsigned int num_param, struct tee_param *param,
386 uint32_t *session_id);
387
388static inline int z_impl_tee_open_session(const struct device *dev,
389 struct tee_open_session_arg *arg,
390 unsigned int num_param, struct tee_param *param,
391 uint32_t *session_id)
392{
393 const struct tee_driver_api *api = DEVICE_API_GET(tee, dev);
394
395 if (!api->open_session) {
396 return -ENOSYS;
397 }
398
399 return api->open_session(dev, arg, num_param, param, session_id);
400}
401
414__syscall int tee_close_session(const struct device *dev, uint32_t session_id);
415
416static inline int z_impl_tee_close_session(const struct device *dev, uint32_t session_id)
417{
418 const struct tee_driver_api *api = DEVICE_API_GET(tee, dev);
419
420 if (!api->close_session) {
421 return -ENOSYS;
422 }
423
424 return api->close_session(dev, session_id);
425}
426
440__syscall int tee_cancel(const struct device *dev, uint32_t session_id, uint32_t cancel_id);
441
442static inline int z_impl_tee_cancel(const struct device *dev, uint32_t session_id,
443 uint32_t cancel_id)
444{
445 const struct tee_driver_api *api = DEVICE_API_GET(tee, dev);
446
447 if (!api->cancel) {
448 return -ENOSYS;
449 }
450
451 return api->cancel(dev, session_id, cancel_id);
452}
453
468__syscall int tee_invoke_func(const struct device *dev, struct tee_invoke_func_arg *arg,
469 unsigned int num_param, struct tee_param *param);
470
471static inline int z_impl_tee_invoke_func(const struct device *dev, struct tee_invoke_func_arg *arg,
472 unsigned int num_param, struct tee_param *param)
473{
474 const struct tee_driver_api *api = DEVICE_API_GET(tee, dev);
475
476 if (!api->invoke_func) {
477 return -ENOSYS;
478 }
479
480 return api->invoke_func(dev, arg, num_param, param);
481}
482
497int tee_add_shm(const struct device *dev, void *addr, size_t align, size_t size, uint32_t flags,
498 struct tee_shm **shmp);
499
510int tee_rm_shm(const struct device *dev, struct tee_shm *shm);
511
527__syscall int tee_shm_register(const struct device *dev, void *addr, size_t size,
528 uint32_t flags, struct tee_shm **shm);
529
530static inline int z_impl_tee_shm_register(const struct device *dev, void *addr, size_t size,
531 uint32_t flags, struct tee_shm **shm)
532{
533 flags &= ~TEE_SHM_ALLOC;
534 return tee_add_shm(dev, addr, 0, size, flags | TEE_SHM_REGISTER, shm);
535}
536
549__syscall int tee_shm_unregister(const struct device *dev, struct tee_shm *shm);
550
551static inline int z_impl_tee_shm_unregister(const struct device *dev, struct tee_shm *shm)
552{
553 return tee_rm_shm(dev, shm);
554}
555
570__syscall int tee_shm_alloc(const struct device *dev, size_t size, uint32_t flags,
571 struct tee_shm **shm);
572
573static inline int z_impl_tee_shm_alloc(const struct device *dev, size_t size, uint32_t flags,
574 struct tee_shm **shm)
575{
576 return tee_add_shm(dev, NULL, 0, size, flags | TEE_SHM_ALLOC | TEE_SHM_REGISTER, shm);
577}
578
591__syscall int tee_shm_free(const struct device *dev, struct tee_shm *shm);
592
593static inline int z_impl_tee_shm_free(const struct device *dev, struct tee_shm *shm)
594{
595 return tee_rm_shm(dev, shm);
596}
597
610__syscall int tee_suppl_recv(const struct device *dev, uint32_t *func, unsigned int *num_params,
611 struct tee_param *param);
612
613static inline int z_impl_tee_suppl_recv(const struct device *dev, uint32_t *func,
614 unsigned int *num_params, struct tee_param *param)
615{
616 const struct tee_driver_api *api = DEVICE_API_GET(tee, dev);
617
618 if (!api->suppl_recv) {
619 return -ENOSYS;
620 }
621
622 return api->suppl_recv(dev, func, num_params, param);
623}
624
638__syscall int tee_suppl_send(const struct device *dev, unsigned int ret, unsigned int num_params,
639 struct tee_param *param);
640
641static inline int z_impl_tee_suppl_send(const struct device *dev, unsigned int ret,
642 unsigned int num_params, struct tee_param *param)
643{
644 const struct tee_driver_api *api = DEVICE_API_GET(tee, dev);
645
646 if (!api->suppl_send) {
647 return -ENOSYS;
648 }
649
650 return api->suppl_send(dev, ret, num_params, param);
651}
652
653#ifdef __cplusplus
654}
655#endif
656
660
661#include <zephyr/syscalls/tee.h>
662
663#endif /* ZEPHYR_INCLUDE_DRIVERS_TEE_H_ */
DEVICE_API_GET
#define DEVICE_API_GET(_class, _dev)
Expands to the pointer of a device's API for a given class.
Definition device.h:1425
ENOSYS
#define ENOSYS
Function not implemented.
Definition errno.h:82
tee_shm_register
int tee_shm_register(const struct device *dev, void *addr, size_t size, uint32_t flags, struct tee_shm **shm)
Register shared memory for Trusted Environment.
tee_suppl_recv
int tee_suppl_recv(const struct device *dev, uint32_t *func, unsigned int *num_params, struct tee_param *param)
Receive a request for TEE Supplicant.
tee_shm_unregister_t
int(* tee_shm_unregister_t)(const struct device *dev, struct tee_shm *shm)
Callback API to unregister shared memory.
Definition tee.h:312
TEE_SHM_REGISTER
#define TEE_SHM_REGISTER
Definition tee.h:79
tee_shm_free
int tee_shm_free(const struct device *dev, struct tee_shm *shm)
Free shared memory region for Trusted Environment.
tee_cancel
int tee_cancel(const struct device *dev, uint32_t session_id, uint32_t cancel_id)
Cancel session or invoke function for Trusted Environment.
tee_suppl_send_t
int(* tee_suppl_send_t)(const struct device *dev, unsigned int ret, unsigned int num_params, struct tee_param *param)
Callback API to send a request for TEE supplicant.
Definition tee.h:329
tee_shm_alloc
int tee_shm_alloc(const struct device *dev, size_t size, uint32_t flags, struct tee_shm **shm)
Allocate shared memory region for Trusted Environment.
TEE_UUID_LEN
#define TEE_UUID_LEN
Definition tee.h:72
TEE_SHM_ALLOC
#define TEE_SHM_ALLOC
Definition tee.h:80
tee_suppl_send
int tee_suppl_send(const struct device *dev, unsigned int ret, unsigned int num_params, struct tee_param *param)
Send a request for TEE Supplicant function.
tee_shm_register_t
int(* tee_shm_register_t)(const struct device *dev, struct tee_shm *shm)
Callback API to register shared memory.
Definition tee.h:304
tee_suppl_recv_t
int(* tee_suppl_recv_t)(const struct device *dev, uint32_t *func, unsigned int *num_params, struct tee_param *param)
Callback API to receive a request for TEE supplicant.
Definition tee.h:320
tee_invoke_func_t
int(* tee_invoke_func_t)(const struct device *dev, struct tee_invoke_func_arg *arg, unsigned int num_param, struct tee_param *param)
Callback API to invoke function to TA.
Definition tee.h:296
tee_close_session_t
int(* tee_close_session_t)(const struct device *dev, uint32_t session_id)
Callback API to close session to TA.
Definition tee.h:280
tee_get_version_t
int(* tee_get_version_t)(const struct device *dev, struct tee_version_info *info)
Callback API to get current tee version.
Definition tee.h:263
tee_close_session
int tee_close_session(const struct device *dev, uint32_t session_id)
Close session for Trusted Environment.
tee_cancel_t
int(* tee_cancel_t)(const struct device *dev, uint32_t session_id, uint32_t cancel_id)
Callback API to cancel open session of invoke function to TA.
Definition tee.h:288
tee_open_session
int tee_open_session(const struct device *dev, struct tee_open_session_arg *arg, unsigned int num_param, struct tee_param *param, uint32_t *session_id)
Open session for Trusted Environment.
tee_get_version
int tee_get_version(const struct device *dev, struct tee_version_info *info)
Get the current TEE version info.
tee_shm_unregister
int tee_shm_unregister(const struct device *dev, struct tee_shm *shm)
Unregister shared memory for Trusted Environment.
tee_add_shm
int tee_add_shm(const struct device *dev, void *addr, size_t align, size_t size, uint32_t flags, struct tee_shm **shmp)
Helper function to allocate and register shared memory.
tee_invoke_func
int tee_invoke_func(const struct device *dev, struct tee_invoke_func_arg *arg, unsigned int num_param, struct tee_param *param)
Invoke function for Trusted Environment Application.
tee_rm_shm
int tee_rm_shm(const struct device *dev, struct tee_shm *shm)
Helper function to remove and unregister shared memory.
tee_open_session_t
int(* tee_open_session_t)(const struct device *dev, struct tee_open_session_arg *arg, unsigned int num_param, struct tee_param *param, uint32_t *session_id)
Callback API to open session to Trusted Application.
Definition tee.h:271
NULL
#define NULL
Definition iar_missing_defs.h:20
kernel.h
Public kernel APIs.
flags
flags
Definition parser.h:97
uint32_t
__UINT32_TYPE__ uint32_t
Definition stdint.h:90
uint64_t
__UINT64_TYPE__ uint64_t
Definition stdint.h:91
uint8_t
__UINT8_TYPE__ uint8_t
Definition stdint.h:88
device
Runtime device structure (in ROM) per driver instance.
Definition device.h:513
tee_driver_api
Definition tee.h:332
tee_driver_api::cancel
tee_cancel_t cancel
Definition tee.h:336
tee_driver_api::shm_register
tee_shm_register_t shm_register
Definition tee.h:338
tee_driver_api::suppl_recv
tee_suppl_recv_t suppl_recv
Definition tee.h:340
tee_driver_api::close_session
tee_close_session_t close_session
Definition tee.h:335
tee_driver_api::invoke_func
tee_invoke_func_t invoke_func
Definition tee.h:337
tee_driver_api::suppl_send
tee_suppl_send_t suppl_send
Definition tee.h:341
tee_driver_api::shm_unregister
tee_shm_unregister_t shm_unregister
Definition tee.h:339
tee_driver_api::get_version
tee_get_version_t get_version
Definition tee.h:333
tee_driver_api::open_session
tee_open_session_t open_session
Definition tee.h:334
tee_invoke_func_arg
Invokes a function in a Trusted Application.
Definition tee.h:239
tee_invoke_func_arg::func
uint32_t func
[in] Trusted Application function, specific to the TA
Definition tee.h:240
tee_invoke_func_arg::cancel_id
uint32_t cancel_id
[in] cancellation id, a unique value to identify this request
Definition tee.h:242
tee_invoke_func_arg::ret_origin
uint32_t ret_origin
[out] origin of the return value
Definition tee.h:244
tee_invoke_func_arg::session
uint32_t session
[in] session id
Definition tee.h:241
tee_invoke_func_arg::ret
uint32_t ret
[out] return value
Definition tee.h:243
tee_open_session_arg
Open session argument
Definition tee.h:205
tee_open_session_arg::clnt_login
uint32_t clnt_login
login class of client, TEE_IOCTL_LOGIN_* above
Definition tee.h:208
tee_open_session_arg::ret
uint32_t ret
[out] return value
Definition tee.h:211
tee_open_session_arg::session
uint32_t session
[out] session id
Definition tee.h:210
tee_open_session_arg::ret_origin
uint32_t ret_origin
[out] origin of the return value
Definition tee.h:212
tee_open_session_arg::uuid
uint8_t uuid[16]
[in] UUID of the Trusted Application
Definition tee.h:206
tee_open_session_arg::cancel_id
uint32_t cancel_id
[in] cancellation id, a unique value to identify this request
Definition tee.h:209
tee_open_session_arg::clnt_uuid
uint8_t clnt_uuid[16]
[in] UUID of client
Definition tee.h:207
tee_param
Tee parameter.
Definition tee.h:229
tee_param::b
uint64_t b
if a memref, size of the buffer, else a value parameter
Definition tee.h:232
tee_param::c
uint64_t c
if a memref, shared memory identifier, else a value parameter
Definition tee.h:233
tee_param::attr
uint64_t attr
attributes
Definition tee.h:230
tee_param::a
uint64_t a
if a memref, offset into the shared memory object, else a value
Definition tee.h:231
tee_shm
Tee shared memory structure.
Definition tee.h:250
tee_shm::size
uint64_t size
[out] shared buffer size
Definition tee.h:253
tee_shm::addr
void * addr
[out] shared buffer pointer
Definition tee.h:252
tee_shm::dev
const struct device * dev
[out] pointer to the device driver structure
Definition tee.h:251
tee_shm::flags
uint32_t flags
[out] shared buffer flags
Definition tee.h:254
tee_version_info
TEE version.
Definition tee.h:196
tee_version_info::gen_caps
uint32_t gen_caps
Generic capabilities, defined by TEE_GEN_CAPS_* above.
Definition tee.h:199
tee_version_info::impl_caps
uint32_t impl_caps
[out] implementation specific capabilities
Definition tee.h:198
tee_version_info::impl_id
uint32_t impl_id
[out] TEE implementation id
Definition tee.h:197
util.h
Misc utilities.