NVIDIA DRIVE OS Linux API Reference5.1.0.2 Release |
Defines Trusted Application (TA) services declarations and functions.
Data Structures | |
struct | te_request_t |
Holds the layout of the te_oper_param_t structures which must match the layout sent in by the non-secure (NS) world via the TrustZone Secure Monitor Call (TZ SMC) path. More... | |
struct | te_ta_to_ta_request_args_t |
struct | te_entry_point_message_t |
struct | te_identity_t |
Holds the identity of a client/caller. More... | |
struct | te_get_property_args_t |
Holds data about the TA client. More... | |
struct | te_device_unique_id |
Holds the device unique ID. More... | |
struct | te_root_of_trust |
Holds the root of trust for TLK. More... | |
struct | te_panic_args_t |
struct | ta_event_args_t |
struct | te_rollback_args_t |
Macros | |
#define | TE_PRINTF_MAX_SIZE 512 |
#define | MAX_NUM_SUPPORTED_GUESTS 16U |
#define | DEFAULT_GUEST_ID 0xDEADFEED |
#define | LIBTA_CRITICAL(args...) te_fprintf(TE_CRITICAL, args) |
#define | LIBTA_ERR(args...) te_fprintf(TE_ERR, args) |
#define | LIBTA_INFO(args...) te_fprintf(TE_INFO, args) |
#define | LIBTA_SECURE(args...) te_fprintf(TE_SECURE, args) |
#define | DEVICE_UID_SIZE_BYTES 16 |
#define | VERIFIED_BOOT_KEY_SIZE_BYTES 256 |
#define | OTE_PANIC_MSG_MAX_SIZE 128 |
Holds the panic information. More... | |
#define | OTE_TE_FPRINTF_PREFIX_MAX_LENGTH (OTE_TASK_NAME_MAX_LENGTH + 4) |
Defines the maximum length of the "[task_name] " prefix for the te_fprintf() task log entries. More... | |
#define | LOG_PREFIX_CRITICAL 'C' |
#define | LOG_PREFIX_INFO 'I' |
#define | LOG_PREFIX_ERR 'E' |
#define | LOG_PREFIX_SECURE 'S' |
#define | ENABLE_SPECULATION_BARRIER |
general-purpose speculation barrier More... | |
Typedefs | |
typedef te_error_t(* | ta_event_handler_t )(ta_event_args_t *args) |
Enumerations | |
enum | { CREATE_INSTANCE = 1UL, DESTROY_INSTANCE = 2UL, OPEN_SESSION = 3UL, CLOSE_SESSION = 4UL, LAUNCH_OPERATION = 5UL, HANDLE_PM_EVENTS = 6UL } |
enum | te_pm_event_t { PM_EVENT_RESUME = 1, PM_EVENT_SUSPEND = 2, PM_EVENT_POWEROFF = 3 } |
enum | { TE_LOGIN_PUBLIC = 0, TE_LOGIN_TA = 7 } |
Defines the supported login types. More... | |
enum | { TE_PROP_DATA_TYPE_UUID = 1, TE_PROP_DATA_TYPE_IDENTITY = 2 } |
Defines the type of property data. More... | |
enum | te_property_type_t { TE_PROPERTY_CURRENT_TA = 0xFFFFFFFF, TE_PROPERTY_CURRENT_CLIENT = 0xFFFFFFFE, TE_PROPERTY_TE_IMPLEMENTATION = 0xFFFFFFFD } |
Defines the property data information. More... | |
enum | te_rollback_fields { TE_ROLLBACK_EKS2_VERSION = 1 } |
Functions | |
void | te_exit_service (void) |
te_error_t | te_init (int argc, char **argv) |
Initializes the service. More... | |
void | te_destroy (void) |
Deinitializes the service. More... | |
te_error_t | te_create_instance_iface (void) |
Creates a new instance of the service. More... | |
void | te_destroy_instance_iface (void) |
Destroys an instance of the service. More... | |
te_error_t | te_open_session_iface (void **sctx, te_operation_t *oper) |
Opens a session. More... | |
void | te_close_session_iface (void *sctx) |
Closes an opened session. More... | |
te_error_t | te_receive_operation_iface (void *sctx, te_operation_t *oper) |
Receives an operation. More... | |
void * | ote_get_instance_data (void) |
Gets the instance context data. More... | |
void | ote_set_instance_data (void *sessionContext) |
Sets an instance context data. More... | |
te_error_t | te_get_current_ta_uuid (te_service_id_t *value) |
Gets the service ID for the current Trusted Application (TA). More... | |
te_error_t | te_get_client_ta_identity (te_identity_t *value) |
Gets the current client's identity only if it is a secure TA. More... | |
te_error_t | te_get_client_identity (te_identity_t *value) |
Gets the current client's identity. More... | |
char * | uuid_to_str (te_service_id_t *uuid) |
Converts a UUID to string format. More... | |
te_error_t | check_client_uuid (te_service_id_t *service_id) |
Validates the client's identity. More... | |
te_error_t | check_client_login (uint32_t login, te_identity_t *client_id_p) |
Validates client's login scheme with the expected login type. More... | |
te_error_t | te_get_current_guest_id (uint32_t *guest_id) |
Returns the current guest id requesting service from this TA. More... | |
te_error_t | te_get_device_unique_id (te_device_unique_id *uid) |
Gets the device's unique ID. More... | |
te_error_t | te_get_dsi_panel_config (bool *res) |
Gets whether the device has DSI panel attached or not. More... | |
te_error_t | te_get_root_of_trust (te_root_of_trust *r_o_t) |
Gets the root of trust. More... | |
void | te_panic (char *msg) |
Panics the system. More... | |
void | te_fprintf_set_prefix (const char *prefix) |
Sets a printable prefix string that te_fprintf() outputs in front of every log message from this task. More... | |
void | te_oper_dump_param (te_oper_param_t *param) |
Prints out the list of parameters for debugging. More... | |
void | te_oper_dump_param_list (te_operation_t *te_op) |
Prints out the list of parameters for debugging. More... | |
te_error_t | te_register_ta_event_handler (ta_event_handler_t handler, uint32_t events_mask) |
te_error_t | te_check_se_keyslot_owner (uint32_t keyslot_type, uint32_t keyslot_idx, te_service_id_t *uuid) |
Checks if the client TA is the owner of the keyslot it wants to write to. More... | |
te_error_t | te_request_se_keyslot (uint32_t keyslot_type, uint32_t *keyslot_idx) |
Returns the index of a free SE keyslot if one is available. More... | |
te_error_t | te_release_se_keyslot (uint32_t keyslot_type, uint32_t keyslot_idx) |
Releases a keyslot. More... | |
void | convert_fd_to_log_prefix (int fd, char *log_level) |
Maps the fd level to a corresponding logger prefix character. More... | |
te_error_t | te_rollback_check (te_rollback_args_t *rb_args) |
static void | te_speculation_barrier (void) |
#define DEFAULT_GUEST_ID 0xDEADFEED |
Definition at line 58 of file ote_service.h.
#define DEVICE_UID_SIZE_BYTES 16 |
Definition at line 261 of file ote_service.h.
#define ENABLE_SPECULATION_BARRIER |
general-purpose speculation barrier
Any memory read that is sequenced after the speculation barrier will not speculatively execute until all conditions evaluated before the barrier have been architecturally resolved.
Definition at line 433 of file ote_service.h.
#define LIBTA_CRITICAL | ( | args... | ) | te_fprintf(TE_CRITICAL, args) |
Definition at line 61 of file ote_service.h.
#define LIBTA_ERR | ( | args... | ) | te_fprintf(TE_ERR, args) |
Definition at line 62 of file ote_service.h.
#define LIBTA_INFO | ( | args... | ) | te_fprintf(TE_INFO, args) |
Definition at line 63 of file ote_service.h.
#define LIBTA_SECURE | ( | args... | ) | te_fprintf(TE_SECURE, args) |
Definition at line 64 of file ote_service.h.
#define LOG_PREFIX_CRITICAL 'C' |
Definition at line 390 of file ote_service.h.
#define LOG_PREFIX_ERR 'E' |
Definition at line 392 of file ote_service.h.
#define LOG_PREFIX_INFO 'I' |
Definition at line 391 of file ote_service.h.
#define LOG_PREFIX_SECURE 'S' |
Definition at line 393 of file ote_service.h.
#define MAX_NUM_SUPPORTED_GUESTS 16U |
Definition at line 57 of file ote_service.h.
#define OTE_PANIC_MSG_MAX_SIZE 128 |
Holds the panic information.
Definition at line 308 of file ote_service.h.
#define OTE_TE_FPRINTF_PREFIX_MAX_LENGTH (OTE_TASK_NAME_MAX_LENGTH + 4) |
Defines the maximum length of the "[task_name] " prefix for the te_fprintf() task log entries.
Definition at line 323 of file ote_service.h.
#define TE_PRINTF_MAX_SIZE 512 |
Definition at line 56 of file ote_service.h.
#define VERIFIED_BOOT_KEY_SIZE_BYTES 256 |
Definition at line 291 of file ote_service.h.
typedef te_error_t(* ta_event_handler_t)(ta_event_args_t *args) |
Definition at line 357 of file ote_service.h.
anonymous enum |
Enumerator | |
---|---|
CREATE_INSTANCE | |
DESTROY_INSTANCE | |
OPEN_SESSION | |
CLOSE_SESSION | |
LAUNCH_OPERATION | |
HANDLE_PM_EVENTS |
Definition at line 68 of file ote_service.h.
anonymous enum |
Defines the supported login types.
Enumerator | |
---|---|
TE_LOGIN_PUBLIC | |
TE_LOGIN_TA |
Definition at line 163 of file ote_service.h.
anonymous enum |
Defines the type of property data.
Enumerator | |
---|---|
TE_PROP_DATA_TYPE_UUID | |
TE_PROP_DATA_TYPE_IDENTITY |
Definition at line 169 of file ote_service.h.
enum te_pm_event_t |
Enumerator | |
---|---|
PM_EVENT_RESUME | |
PM_EVENT_SUSPEND | |
PM_EVENT_POWEROFF |
Definition at line 77 of file ote_service.h.
enum te_property_type_t |
Defines the property data information.
Enumerator | |
---|---|
TE_PROPERTY_CURRENT_TA | |
TE_PROPERTY_CURRENT_CLIENT | |
TE_PROPERTY_TE_IMPLEMENTATION |
Definition at line 175 of file ote_service.h.
enum te_rollback_fields |
Enumerator | |
---|---|
TE_ROLLBACK_EKS2_VERSION |
Definition at line 402 of file ote_service.h.
te_error_t check_client_login | ( | uint32_t | login, |
te_identity_t * | client_id_p | ||
) |
Validates client's login scheme with the expected login type.
[in] | login | The expected login type. |
[out] | client_id_p | A pointer to the location where the login type is stored if login is successful. |
te_error_t check_client_uuid | ( | te_service_id_t * | service_id | ) |
Validates the client's identity.
[in] | service_id | A pointer to a service ID structure to be used to validate the identity. |
void convert_fd_to_log_prefix | ( | int | fd, |
char * | log_level | ||
) |
Maps the fd level to a corresponding logger prefix character.
fd | File Descriptor |
log_level | pointer to a character |
void* ote_get_instance_data | ( | void | ) |
Gets the instance context data.
void ote_set_instance_data | ( | void * | sessionContext | ) |
Sets an instance context data.
te_error_t te_check_se_keyslot_owner | ( | uint32_t | keyslot_type, |
uint32_t | keyslot_idx, | ||
te_service_id_t * | uuid | ||
) |
Checks if the client TA is the owner of the keyslot it wants to write to.
keyslot_type | The keyslot type: RSA or AES. |
keyslot_idx | Index of the keyslot. |
uuid | A pointer to the client TA's UUID. |
void te_close_session_iface | ( | void * | sctx | ) |
Closes an opened session.
sctx | A pointer to the session to close. |
te_error_t te_create_instance_iface | ( | void | ) |
Creates a new instance of the service.
void te_destroy | ( | void | ) |
Deinitializes the service.
void te_destroy_instance_iface | ( | void | ) |
Destroys an instance of the service.
void te_exit_service | ( | void | ) |
void te_fprintf_set_prefix | ( | const char * | prefix | ) |
Sets a printable prefix string that te_fprintf() outputs in front of every log message from this task.
The OTE library automatically sets a "[task_name] " log prefix based on the task name set in the task manifest (if the manifest defines a task name).
[in] | prefix | The string to use for the prefix or NULL for no prefix. The maximum length of prefix is OTE_TE_FPRINTF_PREFIX_MAX_LENGTH. A NULL value cancels the log prefix; a non-null string changes the prefix. |
te_error_t te_get_client_identity | ( | te_identity_t * | value | ) |
Gets the current client's identity.
[out] | value | A pointer to te_identity_t, which holds the client's identity. |
te_error_t te_get_client_ta_identity | ( | te_identity_t * | value | ) |
Gets the current client's identity only if it is a secure TA.
[out] | value | A pointer to te_identity_t, which holds the client's identity. |
te_error_t te_get_current_guest_id | ( | uint32_t * | guest_id | ) |
Returns the current guest id requesting service from this TA.
[out] | guest_id | Guest id which is requesting service from the TA. In the native non-hypervisor case, 0 is returned. |
te_error_t te_get_current_ta_uuid | ( | te_service_id_t * | value | ) |
Gets the service ID for the current Trusted Application (TA).
[out] | value | A pointer to te_service_id_t, which holds the service ID. |
te_error_t te_get_device_unique_id | ( | te_device_unique_id * | uid | ) |
Gets the device's unique ID.
[out] | uid | A pointer to a location where the device's unique ID is to be stored. |
te_error_t te_get_dsi_panel_config | ( | bool * | res | ) |
Gets whether the device has DSI panel attached or not.
te_error_t te_get_root_of_trust | ( | te_root_of_trust * | r_o_t | ) |
Gets the root of trust.
[out] | r_o_t | A pointer to the root of trust. |
te_error_t te_init | ( | int | argc, |
char ** | argv | ||
) |
Initializes the service.
te_error_t te_open_session_iface | ( | void ** | sctx, |
te_operation_t * | oper | ||
) |
Opens a session.
sctx | A pointer to the session. |
oper | A pointer to the operation. |
void te_oper_dump_param | ( | te_oper_param_t * | param | ) |
Prints out the list of parameters for debugging.
Prints out the list of parameters with the parameter content.
[in] | param | A pointer to a TLK operation. |
void te_oper_dump_param_list | ( | te_operation_t * | te_op | ) |
Prints out the list of parameters for debugging.
Prints out the list of parameters with the parameter content.
[in] | te_op | A pointer to a TLK operation. |
void te_panic | ( | char * | msg | ) |
Panics the system.
This call does not return.
msg | A pointer to a string containing a panic message. |
te_error_t te_receive_operation_iface | ( | void * | sctx, |
te_operation_t * | oper | ||
) |
Receives an operation.
sctx | A pointer to the session from which to receive the operation. |
oper | A pointer to the operation. |
te_error_t te_register_ta_event_handler | ( | ta_event_handler_t | handler, |
uint32_t | events_mask | ||
) |
te_error_t te_release_se_keyslot | ( | uint32_t | keyslot_type, |
uint32_t | keyslot_idx | ||
) |
Releases a keyslot.
A TA normally releases a keyslot when done writing to it.
keyslot_type | Keyslot type: RSA or AES. |
keyslot_idx | Index of the keyslot. |
te_error_t te_request_se_keyslot | ( | uint32_t | keyslot_type, |
uint32_t * | keyslot_idx | ||
) |
Returns the index of a free SE keyslot if one is available.
keyslot_type | Keyslot type: RSA or AES. |
keyslot_idx | A pointer to a location where a free keyslot index should be stored. |
te_error_t te_rollback_check | ( | te_rollback_args_t * | rb_args | ) |
|
inlinestatic |
Definition at line 435 of file ote_service.h.
char* uuid_to_str | ( | te_service_id_t * | uuid | ) |
Converts a UUID to string format.
[in] | uuid | A pointer to the UUID to convert. |