Message ID | 20211104141451.29967-1-etienne.carriere@linaro.org |
---|---|
State | Superseded |
Headers | show |
Series | [1/5] tee: define session login identifiers | expand |
Hi, On 11/4/21 3:14 PM, Etienne Carriere wrote: > Define identifiers for clnt_login field in struct tee_open_session_arg > based in GlobalPlatform Device TEE IDs and on the REE_KERNEL identifier > extension from OP-TEE OS. > > Cc: Jens Wiklander <jens.wiklander@linaro.org> > Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> > --- > This change was previously discussed in the U-Boot ML, see v2 at: > https://patchwork.ozlabs.org/project/uboot/patch/20210519142613.7668-1-etienne.carriere@linaro.org/ > > Changes since this v2 post: > - Updated the inline comment describing reserved login Ids > - Rephrase 'REE kernel agent' to 'REE kernel/privileged agent' to > better apply to U-Boot that is not a kernel but still runs at a > privileged execution level. > --- > include/tee.h | 23 +++++++++++++++++++++-- > 1 file changed, 21 insertions(+), 2 deletions(-) > Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com> Thanks Patrick
On Thu, Nov 4, 2021 at 3:14 PM Etienne Carriere <etienne.carriere@linaro.org> wrote: > > Define identifiers for clnt_login field in struct tee_open_session_arg > based in GlobalPlatform Device TEE IDs and on the REE_KERNEL identifier > extension from OP-TEE OS. > > Cc: Jens Wiklander <jens.wiklander@linaro.org> > Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> > --- > This change was previously discussed in the U-Boot ML, see v2 at: > https://patchwork.ozlabs.org/project/uboot/patch/20210519142613.7668-1-etienne.carriere@linaro.org/ > > Changes since this v2 post: > - Updated the inline comment describing reserved login Ids > - Rephrase 'REE kernel agent' to 'REE kernel/privileged agent' to > better apply to U-Boot that is not a kernel but still runs at a > privileged execution level. > --- > include/tee.h | 23 +++++++++++++++++++++-- > 1 file changed, 21 insertions(+), 2 deletions(-) Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Thanks, Jens
diff --git a/include/tee.h b/include/tee.h index 44e9cd4321..30ea2ee164 100644 --- a/include/tee.h +++ b/include/tee.h @@ -31,6 +31,25 @@ #define TEE_PARAM_ATTR_MASK (TEE_PARAM_ATTR_TYPE_MASK | \ TEE_PARAM_ATTR_META) +/* + * Global Platform login identifiers for tee_open_session_arg::clnt_login + */ +#define TEE_LOGIN_PUBLIC 0x00000000 +#define TEE_LOGIN_USER 0x00000001 +#define TEE_LOGIN_GROUP 0x00000002 +#define TEE_LOGIN_APPLICATION 0x00000004 +#define TEE_LOGIN_APPLICATION_USER 0x00000005 +#define TEE_LOGIN_APPLICATION_GROUP 0x00000006 +/* + * Reserve use of GP implementation specific login method range + * (0x80000000 - 0xBFFFFFFF). This range is rather being used + * for REE kernel clients or TEE implementation. + */ +#define TEE_LOGIN_REE_KERNEL_MIN 0x80000000 +#define TEE_LOGIN_REE_KERNEL_MAX 0xBFFFFFFF +/* Private login method for REE kernel/privileged clients */ +#define TEE_LOGIN_REE_KERNEL 0x80000000 + /* * Some Global Platform error codes which has a meaning if the * TEE_GEN_CAP_GP bit is returned by the driver in @@ -135,8 +154,8 @@ struct tee_param { /** * struct tee_open_session_arg - extra arguments for tee_open_session() * @uuid: [in] UUID of the Trusted Application - * @clnt_uuid: [in] Normally zeroes - * @clnt_login: [in] Normally 0 + * @clnt_uuid: [in] UUID of client, zeroes for PUBLIC/REE_KERNEL + * @clnt_login: [in] Class of client TEE_LOGIN_* * @session: [out] Session id * @ret: [out] return value * @ret_origin: [out] origin of the return value
Define identifiers for clnt_login field in struct tee_open_session_arg based in GlobalPlatform Device TEE IDs and on the REE_KERNEL identifier extension from OP-TEE OS. Cc: Jens Wiklander <jens.wiklander@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> --- This change was previously discussed in the U-Boot ML, see v2 at: https://patchwork.ozlabs.org/project/uboot/patch/20210519142613.7668-1-etienne.carriere@linaro.org/ Changes since this v2 post: - Updated the inline comment describing reserved login Ids - Rephrase 'REE kernel agent' to 'REE kernel/privileged agent' to better apply to U-Boot that is not a kernel but still runs at a privileged execution level. --- include/tee.h | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) -- 2.17.1