From patchwork Tue Nov  9 16:08:20 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Etienne Carriere <etienne.carriere@linaro.org>
X-Patchwork-Id: 1553040
X-Patchwork-Delegate: trini@ti.com
Return-Path: <u-boot-bounces@lists.denx.de>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: bilbo.ozlabs.org;
	dkim=pass (2048-bit key;
 unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256
 header.s=google header.b=o5gvDlQH;
	dkim-atps=neutral
Authentication-Results: ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de
 (client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; helo=phobos.denx.de;
 envelope-from=u-boot-bounces@lists.denx.de; receiver=<UNKNOWN>)
Received: from phobos.denx.de (phobos.denx.de
 [IPv6:2a01:238:438b:c500:173d:9f52:ddab:ee01])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits))
	(No client certificate requested)
	by bilbo.ozlabs.org (Postfix) with ESMTPS id 4HpXwp4RcVz9sPf
	for <incoming@patchwork.ozlabs.org>; Wed, 10 Nov 2021 03:09:14 +1100 (AEDT)
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
	by phobos.denx.de (Postfix) with ESMTP id 9F07A8394C;
	Tue,  9 Nov 2021 17:09:11 +0100 (CET)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Authentication-Results: phobos.denx.de;
	dkim=pass (2048-bit key;
 unprotected) header.d=linaro.org header.i=@linaro.org header.b="o5gvDlQH";
	dkim-atps=neutral
Received: by phobos.denx.de (Postfix, from userid 109)
 id 3DADB83969; Tue,  9 Nov 2021 17:09:09 +0100 (CET)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de
X-Spam-Level: 
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
 DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS
 autolearn=ham autolearn_force=no version=3.4.2
Received: from mail-wr1-x42b.google.com (mail-wr1-x42b.google.com
 [IPv6:2a00:1450:4864:20::42b])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits))
 (No client certificate requested)
 by phobos.denx.de (Postfix) with ESMTPS id 5D7828393E
 for <u-boot@lists.denx.de>; Tue,  9 Nov 2021 17:09:04 +0100 (CET)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=etienne.carriere@linaro.org
Received: by mail-wr1-x42b.google.com with SMTP id d27so33898456wrb.6
 for <u-boot@lists.denx.de>; Tue, 09 Nov 2021 08:09:04 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;
 h=from:to:cc:subject:date:message-id;
 bh=APhiAyb3qY/I1eI+ESDqCctoYgDXFZugey31t5jxaFM=;
 b=o5gvDlQHXIeMuZx5zusEkEFSUrFjHZ79agybZUTUDoLi8R+GfNdbgGZFDf69elQDKL
 T9g5tmv6P29MKLiMQmfWIQv7LJr2C7FJDjNk66NeIh7Y3BrHO3g/xQYGSOpLy221p3bC
 9Q6jk415Zs2+MqPiS8kdsV+e4JTUrMxE5v0Dtb9uAx/th9kq8b68oawv9v0Wr76DkoMS
 1aXlPu+310pGBjowSlucQgZtubzT6KQTlAfhRlBj1rJjxlek7udKO1FGIm8sRIM+zJRX
 kS+ry4qfT1PKyOmRU2mGEcJd5WQN+N2Ou7bo9nh7F98/B8/KeRQJltGqhv1ro39aawGv
 xDFQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=x-gm-message-state:from:to:cc:subject:date:message-id;
 bh=APhiAyb3qY/I1eI+ESDqCctoYgDXFZugey31t5jxaFM=;
 b=jS90zQkW0f5w1adnl1zxoYtu6aqAU9HBuxTfCro63GNJf2Uc046+mRrskXya3g3O5s
 C5G8iBiS4CrCsSU191sB1iSM/Z1VMtZ8kX1bGbUBSxPcuZ5Q2QCgyLyTv75I+vM9wY9n
 xgtxvD8In+IviLzWxPjB2/zdwsbffirIfy2y82ewB0AK8FNl7qnKunIWIrF21S8jitIC
 a7QFbjpHHv0f1hd2y/gwtX3SG7yAp1LDGz4668g0m+COjfzMdj3V8GR5GLp5d8y0iani
 qwnz0d6H+/ys40kbTmN9uhtuRXpsof0I/o3VQz3xBv2s3KhU81nwiJ/tKFiKdHmDXPSA
 bGEw==
X-Gm-Message-State: AOAM533uagRBWRDonCCXp+Gf3GW4QPZuyKIjZFWc6cM4koWVqToUf2en
 zUdRgU8rJABuDw8xrSSaHzVXUEl4YZuOIe5N
X-Google-Smtp-Source: 
 ABdhPJwAl1IyzNjAUR/7Vz2wtotiNwIxH3q8mvbvxYT+fb9YvR3EzRHzuxYlr6ZQLHGDpFFuDmhY0Q==
X-Received: by 2002:a5d:64ed:: with SMTP id
 g13mr10783123wri.222.1636474143562;
 Tue, 09 Nov 2021 08:09:03 -0800 (PST)
Received: from lmecxl0524.lme.st.com
 ([2a04:cec0:10ec:fe30:ed93:5b26:60a4:aace])
 by smtp.gmail.com with ESMTPSA id e18sm20130236wrs.48.2021.11.09.08.09.02
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 09 Nov 2021 08:09:03 -0800 (PST)
From: Etienne Carriere <etienne.carriere@linaro.org>
To: u-boot@lists.denx.de
Cc: Etienne Carriere <etienne.carriere@linaro.org>,
 Jens Wiklander <jens.wiklander@linaro.org>
Subject: [PATCH v2 1/5] tee: define session login identifiers
Date: Tue,  9 Nov 2021 17:08:20 +0100
Message-Id: <20211109160824.18268-1-etienne.carriere@linaro.org>
X-Mailer: git-send-email 2.17.1
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de
X-Virus-Status: Clean

Define identifiers for clnt_login field in struct tee_open_session_arg
based in GlobalPlatform Device TEE IDs and on the REE_KERNEL identifier
extension from OP-TEE OS.

Cc: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
---
Changes since v1:
 - Applied review tags

Added info for v1:
This change was previously discussed in the U-Boot ML, see v2 at:
https://patchwork.ozlabs.org/project/uboot/patch/20210519142613.7668-1-etienne.carriere@linaro.org/

Changes since this v2 post:
 - Updated the inline comment describing reserved login Ids
 - Rephrase 'REE kernel agent' to 'REE kernel/privileged agent' to
   better apply to U-Boot that is not a kernel but still runs at a
   privileged execution level.
---
 include/tee.h | 23 +++++++++++++++++++++--
 1 file changed, 21 insertions(+), 2 deletions(-)

diff --git a/include/tee.h b/include/tee.h
index 44e9cd4321..30ea2ee164 100644
--- a/include/tee.h
+++ b/include/tee.h
@@ -31,6 +31,25 @@
 #define TEE_PARAM_ATTR_MASK			(TEE_PARAM_ATTR_TYPE_MASK | \
 						 TEE_PARAM_ATTR_META)
 
+/*
+ * Global Platform login identifiers for tee_open_session_arg::clnt_login
+ */
+#define TEE_LOGIN_PUBLIC                  0x00000000
+#define TEE_LOGIN_USER                    0x00000001
+#define TEE_LOGIN_GROUP                   0x00000002
+#define TEE_LOGIN_APPLICATION             0x00000004
+#define TEE_LOGIN_APPLICATION_USER        0x00000005
+#define TEE_LOGIN_APPLICATION_GROUP       0x00000006
+/*
+ * Reserve use of GP implementation specific login method range
+ * (0x80000000 - 0xBFFFFFFF). This range is rather being used
+ * for REE kernel clients or TEE implementation.
+ */
+#define TEE_LOGIN_REE_KERNEL_MIN          0x80000000
+#define TEE_LOGIN_REE_KERNEL_MAX          0xBFFFFFFF
+/* Private login method for REE kernel/privileged clients */
+#define TEE_LOGIN_REE_KERNEL              0x80000000
+
 /*
  * Some Global Platform error codes which has a meaning if the
  * TEE_GEN_CAP_GP bit is returned by the driver in
@@ -135,8 +154,8 @@ struct tee_param {
 /**
  * struct tee_open_session_arg - extra arguments for tee_open_session()
  * @uuid:	[in] UUID of the Trusted Application
- * @clnt_uuid:	[in] Normally zeroes
- * @clnt_login:	[in] Normally 0
+ * @clnt_uuid:	[in] UUID of client, zeroes for PUBLIC/REE_KERNEL
+ * @clnt_login:	[in] Class of client TEE_LOGIN_*
  * @session:	[out] Session id
  * @ret:	[out] return value
  * @ret_origin:	[out] origin of the return value