This series adds the necessary pieces to provide OP-TEE access to RPMB
partitions under barebox.
With this OP-TEE can issue RPMB requests to barebox and barebox will
answer them accordingly.
OP-TEE will only access the RPMB when triggered by barebox. For this
purpose I implemented access to the Android Verified Boot (AVB) variable
store. This is implemented in U-Boot as well and the code is loosely
based on it. The variables can be read/written using the newly
introduced avb_pvalue command.
Signed-off-by: Sascha Hauer <s.hauer@xxxxxxxxxxxxxx>
---
Sascha Hauer (9):
mci: implement mci_set_blockcount()
mci: export some functions for RPMB support
mci: detect RPMB partitions
mci: add RPMB support
tee: optee: probe successfully even when no devices are found
tee: optee: implement shared mem alloc/free RPC commands
tee: optee: implement RPMB support
tee: optee: implement AVB named persistent values support
commands: add avb_pvalue command
commands/Kconfig | 13 +++
commands/Makefile | 1 +
commands/avb_pvalue.c | 138 +++++++++++++++++++++++++
drivers/mci/Kconfig | 3 +
drivers/mci/Makefile | 1 +
drivers/mci/mci-core.c | 73 +++++++++++++-
drivers/mci/rpmb.c | 206 ++++++++++++++++++++++++++++++++++++++
drivers/tee/optee/Kconfig | 9 ++
drivers/tee/optee/Makefile | 2 +
drivers/tee/optee/avb.c | 189 ++++++++++++++++++++++++++++++++++
drivers/tee/optee/device.c | 1 +
drivers/tee/optee/optee_private.h | 13 +++
drivers/tee/optee/optee_rpc_cmd.h | 144 ++++++++++++++++++++++++++
drivers/tee/optee/rpc.c | 63 +++++++++++-
drivers/tee/optee/rpmb.c | 128 +++++++++++++++++++++++
drivers/tee/optee/smc_abi.c | 26 +++--
drivers/tee/tee_shm.c | 1 +
include/linux/tee_drv.h | 1 +
include/mci.h | 17 +++-
include/tee/avb.h | 9 ++
20 files changed, 1021 insertions(+), 17 deletions(-)
---
base-commit: a9a50228674d01adc8d7a49d1ab0e7e894c25fe8
change-id: 20250312-rpmb-c6f330f29cb1
Best regards,
--
Sascha Hauer <s.hauer@xxxxxxxxxxxxxx>
