NVIDIA DRIVE OS Linux API Reference

5.1.3.0 Release

 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
ote_service.h
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2013-2018, NVIDIA CORPORATION. All rights reserved
3  *
4  * Permission is hereby granted, free of charge, to any person obtaining
5  * a copy of this software and associated documentation files
6  * (the "Software"), to deal in the Software without restriction,
7  * including without limitation the rights to use, copy, modify, merge,
8  * publish, distribute, sublicense, and/or sell copies of the Software,
9  * and to permit persons to whom the Software is furnished to do so,
10  * subject to the following conditions:
11  *
12  * The above copyright notice and this permission notice shall be
13  * included in all copies or substantial portions of the Software.
14  *
15  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
16  * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
17  * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
18  * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
19  * CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
20  * TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
21  * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
22  */
23 
43 #ifndef __OTE_SERVICE_H
44 #define __OTE_SERVICE_H
45 
46 #include <stdio.h>
47 
48 #include <sys/types.h>
49 #include <common/ote_common.h>
50 #include <common/ote_ioctl.h>
51 
52 #ifdef CONFIG_TRUSTY
53 #include <trusty_ipc.h>
54 #endif
55 
56 #define TE_PRINTF_MAX_SIZE 512
57 #define MAX_NUM_SUPPORTED_GUESTS 16U
58 #define DEFAULT_GUEST_ID 0xDEADFEED
59 
60 /* macros to help manage debug output */
61 #define LIBTA_CRITICAL(args...) te_fprintf(TE_CRITICAL, args)
62 #define LIBTA_ERR(args...) te_fprintf(TE_ERR, args)
63 #define LIBTA_INFO(args...) te_fprintf(TE_INFO, args)
64 #define LIBTA_SECURE(args...) te_fprintf(TE_SECURE, args)
65 
66 void te_exit_service(void);
67 
68 enum {
71  OPEN_SESSION = 3UL,
75 };
76 
77 typedef enum {
82 
88 typedef struct {
89  uint32_t type;
90  uint32_t session_id;
91  uint32_t command_id;
93  uint32_t params_size;
94  uint32_t dest_uuid[4];
95  uint32_t result;
96  uint32_t result_origin;
97 } te_request_t;
98 
99 typedef struct {
102 
103 typedef struct {
104  uint32_t type;
107  uint32_t command_id;
109  uint32_t params_size;
111 
112 /*
113  * Service Interfaces
114  */
115 
117 te_error_t te_init(int argc, char **argv);
118 
120 void te_destroy(void);
121 
124 
126 void te_destroy_instance_iface(void);
127 
134 
139 void te_close_session_iface(void* sctx);
140 
148 
150 void* ote_get_instance_data(void);
151 
153 void ote_set_instance_data(void*sessionContext);
154 
156 typedef struct
157 {
158  uint32_t login;
160 } te_identity_t;
161 
163 enum {
166 };
167 
169 enum {
172 };
173 
175 typedef enum {
180 
182 typedef struct {
184  uint32_t data_type;
185  union {
188  } value;
189  size_t value_size;
192 
201 
210 
220 
228 char *uuid_to_str(te_service_id_t *uuid);
229 
239 
248 te_error_t check_client_login(uint32_t login, te_identity_t *client_id_p);
249 
259 te_error_t te_get_current_guest_id(uint32_t *guest_id);
260 
261 #define DEVICE_UID_SIZE_BYTES 16
262 
264 typedef struct {
267 
274 
277 
278 #ifdef CONFIG_TRUSTY
279 
280 /* Holds the root of trust for Trusty */
281 #define RSA2K_NUM_BYTES 256
282 
283 typedef struct {
284  uint8_t dtb_pub_key[RSA2K_NUM_BYTES];
285  uint8_t boot_pub_key[RSA2K_NUM_BYTES];
286  uint8_t verified_boot_state;
288 
289 #else
290 
291 #define VERIFIED_BOOT_KEY_SIZE_BYTES 256
292 
294 typedef struct {
295  uint8_t verified_boot_key[VERIFIED_BOOT_KEY_SIZE_BYTES];
298 
299 #endif
300 
301 /* Verified boot state definitions */
302 #define VERIFIED_BOOT_UNKNOWN_STATE 0
303 #define VERIFIED_BOOT_RED_STATE 1
304 #define VERIFIED_BOOT_YELLOW_STATE 2
305 #define VERIFIED_BOOT_GREEN_STATE 3
306 #define VERIFIED_BOOT_ORANGE_STATE 4
307 
313 
315 #define OTE_PANIC_MSG_MAX_SIZE 128
316 typedef struct {
319 
326 void te_panic(char *msg) __attribute__ ((noreturn));
327 
330 #define OTE_TE_FPRINTF_PREFIX_MAX_LENGTH (OTE_TASK_NAME_MAX_LENGTH + 4)
331 
342 void te_fprintf_set_prefix(const char *prefix);
343 
351 
359 
360 typedef struct {
363 
365 
366 /* Use events_mask to only register for selected events. */
368  uint32_t events_mask);
369 
378 te_error_t te_check_se_keyslot_owner(uint32_t keyslot_type, uint32_t keyslot_idx,
379  te_service_id_t *uuid);
387 te_error_t te_request_se_keyslot(uint32_t keyslot_type, uint32_t *keyslot_idx);
388 
395 te_error_t te_release_se_keyslot(uint32_t keyslot_type, uint32_t keyslot_idx);
396 
397 #define LOG_PREFIX_CRITICAL 'C'
398 #define LOG_PREFIX_INFO 'I'
399 #define LOG_PREFIX_ERR 'E'
400 #define LOG_PREFIX_SECURE 'S'
401 
406 void convert_fd_to_log_prefix(int fd, char *log_level);
407 
408 /* Defines rollback checks supported by TLK */
409 typedef enum {
412 
413 /*
414  * Defines rollback message format.
415  * @rollback_field [in] type of rollback to check against
416  * @enabled [out] gets the enabled field in rollback structure
417  * @version [out] gets the rollback version
418  * @value [out] value of the field in bootloader rollback structure
419  */
420 typedef struct {
422  uint8_t enabled;
423  uint8_t version;
424  uint32_t value;
426 
427 /*
428  * Makes an IOCTL request to the kernel to verify a rollback value.
429  * @param rb_args A rollback value to be passed to the kernel.
430  */
432 
440 #define ENABLE_SPECULATION_BARRIER
441 #ifdef ENABLE_SPECULATION_BARRIER
442 static inline void te_speculation_barrier(void)
443 {
444  __asm__ volatile("dsb sy\n\t"
445  "isb"
446  ::: "memory");
447 
448  return;
449 }
450 #else
451 static inline void te_speculation_barrier(void)
452 {
453  return;
454 }
455 #endif
456 
459 #ifdef CONFIG_TRUSTY
460 
465 extern const char *TRUSTY_LOG_TAG;
466 
467 /* Entry point for Trusty TAs. Every TA is expected to invoke this in their
468  * main function.
469  * \uuid[in]: UUID of the TA
470  * \flags[in]: This value should be a combination of the following values:
471  * IPC_PORT_ALLOW_NS_CONNECT - allows a connection from other secure apps
472  * IPC_PORT_ALLOW_TA_CONNECT- allows a connection from the non-secure world
473  */
474 int te_main(te_service_id_t uuid, uint32_t flags);
475 #endif
476 
477 #endif
void te_close_session_iface(void *sctx)
Closes an opened session.
uint32_t result_origin
Definition: ote_service.h:96
te_rollback_fields
Definition: ote_service.h:409
uint32_t result
Definition: ote_service.h:95
te_error_t te_get_dsi_panel_config(bool *res)
Gets whether the device has DSI panel attached or not.
te_error_t te_get_current_guest_id(uint32_t *guest_id)
Returns the current guest id requesting service from this TA.
void te_oper_dump_param(te_oper_param_t *param)
Prints out the list of parameters for debugging.
te_property_type_t prop
Holds the TE_PROPERTY_* value.
Definition: ote_service.h:183
te_error_t te_request_se_keyslot(uint32_t keyslot_type, uint32_t *keyslot_idx)
Returns the index of a free SE keyslot if one is available.
uint8_t verified_boot_state
Definition: ote_service.h:296
te_error_t te_get_client_ta_identity(te_identity_t *value)
Gets the current client's identity only if it is a secure TA.
te_service_id_t uuid
Definition: ote_service.h:159
te_error_t te_get_device_unique_id(te_device_unique_id *uid)
Gets the device's unique ID.
void te_exit_service(void)
Holds operation object information that is to be delivered to the TLK Secure Service.
Definition: ote_common.h:178
Definition: ote_service.h:103
#define VERIFIED_BOOT_KEY_SIZE_BYTES
Definition: ote_service.h:291
te_property_type_t
Defines the property data information.
Definition: ote_service.h:175
te_error_t te_receive_operation_iface(void *sctx, te_operation_t *oper)
Receives an operation.
Holds the identity of a client/caller.
Definition: ote_service.h:156
#define DEVICE_UID_SIZE_BYTES
Definition: ote_service.h:261
void * ote_get_instance_data(void)
Gets the instance context data.
void ote_set_instance_data(void *sessionContext)
Sets an instance context data.
uint32_t command_id
Definition: ote_service.h:107
Holds the device unique ID.
Definition: ote_service.h:264
te_error_t te_check_se_keyslot_owner(uint32_t keyslot_type, uint32_t keyslot_idx, te_service_id_t *uuid)
Checks if the client TA is the owner of the keyslot it wants to write to.
uint32_t params_size
Definition: ote_service.h:93
te_error_t(* ta_event_handler_t)(ta_event_args_t *args)
Definition: ote_service.h:364
NVIDIA Trusted Little Kernel Interface: Common Declarations
uint32_t params_size
Definition: ote_service.h:109
te_error_t te_open_session_iface(void **sctx, te_operation_t *oper)
Opens a session.
int uint32_t uint32_t uint32_t const uint32_t const uint32_t const uint32_t const uint64_t uint32_t uint32_t flags
size_t value_size
Holds the size of return value.
Definition: ote_service.h:189
void te_oper_dump_param_list(te_operation_t *te_op)
Prints out the list of parameters for debugging.
te_error_t te_rollback_check(te_rollback_args_t *rb_args)
Holds data about the TA client.
Definition: ote_service.h:182
uint32_t command_id
Definition: ote_service.h:91
Defines a unique 16-byte ID for each TLK service.
Definition: ote_common.h:102
cmnptr_t context
Definition: ote_service.h:106
te_pm_event_t
Definition: ote_service.h:77
te_error_t check_client_uuid(te_service_id_t *service_id)
Validates the client's identity.
te_pm_event_t event_id
Definition: ote_service.h:361
uint32_t login
Definition: ote_service.h:158
uint64_t cmnptr_t
Holds a pointer large enough to support 32- and 64-bit clients.
Definition: ote_common.h:137
cmnptr_t params
Definition: ote_service.h:92
te_error_t check_client_login(uint32_t login, te_identity_t *client_id_p)
Validates client's login scheme with the expected login type.
te_service_id_t uuid
Definition: ote_service.h:186
te_identity_t identity
Definition: ote_service.h:187
uint32_t session_id
Definition: ote_service.h:90
static void te_speculation_barrier(void)
Definition: ote_service.h:442
uint32_t type
Definition: ote_service.h:89
te_error_t result
Definition: ote_service.h:105
Holds the root of trust for TLK.
Definition: ote_service.h:294
void te_destroy_instance_iface(void)
Destroys an instance of the service.
te_error_t te_release_se_keyslot(uint32_t keyslot_type, uint32_t keyslot_idx)
Releases a keyslot.
te_error_t te_get_root_of_trust(te_root_of_trust *r_o_t)
Gets the root of trust.
te_error_t te_get_current_ta_uuid(te_service_id_t *value)
Gets the service ID for the current Trusted Application (TA).
Holds the layout of the te_oper_param_t structures which must match the layout sent in by the non-sec...
Definition: ote_service.h:88
te_error_t te_get_client_identity(te_identity_t *value)
Gets the current client's identity.
cmnptr_t params
Definition: ote_service.h:108
void convert_fd_to_log_prefix(int fd, char *log_level)
Maps the fd level to a corresponding logger prefix character.
uint32_t type
Definition: ote_service.h:104
te_rollback_fields rollback_field
Definition: ote_service.h:421
#define OTE_PANIC_MSG_MAX_SIZE
Holds the panic information.
Definition: ote_service.h:315
te_error_t
Defines Open Trusted Environment (OTE) error codes.
Definition: ote_error.h:45
void te_fprintf_set_prefix(const char *prefix)
Sets a printable prefix string that te_fprintf() outputs in front of every log message from this task...
Holds the operation object parameters.
Definition: ote_common.h:153
te_error_t te_register_ta_event_handler(ta_event_handler_t handler, uint32_t events_mask)
void te_panic(char *msg)
Panics the system.
uint32_t data_type
Holds the data type of property.
Definition: ote_service.h:184
char * uuid_to_str(te_service_id_t *uuid)
Converts a UUID to string format.
void te_destroy(void)
Deinitializes the service.
te_error_t te_create_instance_iface(void)
Creates a new instance of the service.
te_error_t te_init(int argc, char **argv)
Initializes the service.