cmd: add test case for secure storage

1.mmc testsecurestorage to test secure storage
2.test secure storage in rpmb and test secure storage in
  security partition when use emmc
3.test secure storage in security partition when use nand

Change-Id: Id6f72893c002c5040cb1790051c9685911878df7
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>

cmd/Makefile

@@ -156,6 +156,8 @@ obj-$(CONFIG_CMD_DFU) += dfu.o
 obj-$(CONFIG_CMD_GPT) += gpt.o
 obj-$(CONFIG_CMD_ETHSW) += ethsw.o
 
+obj-$(CONFIG_OPTEE_CLIENT) += optee.o
+
 # Power
 obj-$(CONFIG_CMD_PMIC) += pmic.o
 obj-$(CONFIG_CMD_REGULATOR) += regulator.o

cmd/mmc.c

@@ -10,6 +10,7 @@
 #include <mmc.h>
 #include <optee_include/OpteeClientInterface.h>
 #include <optee_include/OpteeClientApiLib.h>
+#include <optee_test.h>
 
 static int curr_device = -1;
 
@@ -125,8 +126,8 @@ static int do_mmcinfo(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[])
 }
 
 #ifdef CONFIG_OPTEE_CLIENT
-static int do_mmc_testrpmb(cmd_tbl_t *cmdtp,
+static int do_mmc_test_secure_storage(cmd_tbl_t *cmdtp,
-		int flag, int argc, char * const argv[])
+				      int flag, int argc, char * const argv[])
 {
 	struct mmc *mmc;
 
@@ -144,29 +145,23 @@ static int do_mmc_testrpmb(cmd_tbl_t *cmdtp,
 	if (!mmc)
 		return CMD_RET_FAILURE;
 
-	uint64_t value;
+	int i, count = 100;
-	trusty_write_rollback_index(0x87654321, 0x1122334455667788);
-	trusty_read_rollback_index(0x87654321, &value);
-	debug("sizeof(value) %zu\n ", sizeof(value));
-	if (value == 0x1122334455667788)
-		printf("good ! value==0x1122334455667788\n ");
-	else
-		printf("error ! value!=0x1122334455667788\n ");
 
-	uint8_t data[] = "just a data";
+	for (i = 1; i <= count; i++) {
-	uint8_t data_read[11];
+		if (test_secure_storage_default() == 0) {
-	trusty_write_permanent_attributes(data, sizeof(data));
+			printf("test_secure_storage_default success! %d/%d\n", i, count);
-	trusty_read_permanent_attributes(data_read, sizeof(data));
+		} else {
-	printf("attribute: %s\n ", data_read);
+			printf("test_secure_storage_default fail! %d/%d\n", i, count);
+			break;
+		}
+		if (test_secure_storage_security_partition() == 0) {
+			printf("test_secure_storage_security_partition success! %d/%d\n", i, count);
+		} else {
+			printf("test_secure_storage_security_partition fail! %d/%d\n", i, count);
+			break;
+		}
+	}
 
-	trusty_notify_optee_uboot_end();
-	printf(" tell_optee_uboot_end \n ");
-	value = 0;
-	trusty_read_rollback_index(0x87654321, &value);
-	if (value == 0x1122334455667788)
-		printf(" value==0x1122334455667788 read still enable\n ");
-	else
-		printf(" good! value!=0x1122334455667788 read denied\n ");
 	return CMD_RET_SUCCESS;
 }
 
@@ -960,7 +955,7 @@ static cmd_tbl_t cmd_mmc[] = {
 	U_BOOT_CMD_MKENT(rst-function, 3, 0, do_mmc_rst_func, "", ""),
 #endif
 #ifdef CONFIG_OPTEE_CLIENT
-	U_BOOT_CMD_MKENT(testrpmb, 1, 0, do_mmc_testrpmb, "", ""),
+	U_BOOT_CMD_MKENT(testsecurestorage, 1, 0, do_mmc_test_secure_storage, "", ""),
 	U_BOOT_CMD_MKENT(testefuse, 1, 0, do_mmc_testefuse, "", ""),
 #endif
 #ifdef CONFIG_SUPPORT_EMMC_RPMB
@@ -1028,7 +1023,7 @@ U_BOOT_CMD(
 	"   WARNING: This is a write-once field and 0 / 1 / 2 are the only valid values.\n"
 #endif
 #ifdef CONFIG_OPTEE_CLIENT
-	"mmc testrpmb - test CA call static TA,and TA call rpmb in uboot\n"
+	"mmc testsecurestorage - test CA call static TA to store data in security\n"
 	"mmc testefuse - test CA call static TA,and TA read or write efuse\n"
 #endif
 #ifdef CONFIG_SUPPORT_EMMC_RPMB

cmd/optee.c

@@ -0,0 +1,279 @@
+/* SPDX-License-Identifier:     GPL-2.0+
+ *
+ * Copyright 2019, Rockchip Electronics Co., Ltd
+ *
+ */
+
+#include <common.h>
+#include <optee_include/OpteeClientApiLib.h>
+#include <optee_include/tee_client_api.h>
+#include <optee_include/tee_api_defines.h>
+#include <boot_rkimg.h>
+#include <stdlib.h>
+
+int test_secure_storage_default(void)
+{
+	TEEC_Result TeecResult;
+	TEEC_Context TeecContext;
+	TEEC_Session TeecSession;
+	uint32_t ErrorOrigin;
+	TEEC_UUID tempuuid = { 0x1b484ea5, 0x698b, 0x4142,
+		{ 0x82, 0xb8, 0x3a, 0xcf, 0x16, 0xe9, 0x9e, 0x2a } };
+	TEEC_UUID *TeecUuid = &tempuuid;
+	TEEC_Operation TeecOperation = {0};
+	struct blk_desc *dev_desc;
+
+	dev_desc = rockchip_get_bootdev();
+	if (!dev_desc) {
+		printf("%s: dev_desc is NULL!\n", __func__);
+		return -1;
+	}
+
+	debug("%s start\n", __func__);
+	OpteeClientApiLibInitialize();
+
+	TeecResult = TEEC_InitializeContext(NULL, &TeecContext);
+
+	TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
+						    TEEC_NONE,
+						    TEEC_NONE,
+						    TEEC_NONE);
+	/*0 nand or emmc "security" partition , 1 rpmb*/
+	TeecOperation.params[0].value.a =
+		(dev_desc->if_type == IF_TYPE_MMC) ? 1 : 0;
+
+	TeecResult = TEEC_OpenSession(&TeecContext,
+				      &TeecSession,
+				      TeecUuid,
+				      TEEC_LOGIN_PUBLIC,
+				      NULL,
+				      &TeecOperation,
+				      &ErrorOrigin);
+	if (TeecResult != TEEC_SUCCESS) {
+		printf("%s TEEC_OpenSession fail!\n", __func__);
+		return -1;
+	}
+
+	TEEC_SharedMemory SharedMem0 = {0};
+
+	SharedMem0.size = sizeof("filename_test_secure_storage_default");
+	SharedMem0.flags = 0;
+
+	TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0);
+	if (TeecResult != TEEC_SUCCESS) {
+		printf("%s TEEC_AllocateSharedMemory fail!\n", __func__);
+		return -1;
+	}
+
+	memcpy(SharedMem0.buffer,
+	       "filename_test_secure_storage_default",
+	       SharedMem0.size);
+
+	TEEC_SharedMemory SharedMem1 = {0};
+
+	SharedMem1.size = 1024 * 8;
+	SharedMem1.flags = 0;
+
+	TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem1);
+	if (TeecResult != TEEC_SUCCESS) {
+		printf("%s TEEC_AllocateSharedMemory fail!\n", __func__);
+		return -1;
+	}
+
+	memset(SharedMem1.buffer, 'a', SharedMem1.size);
+
+	TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer;
+	TeecOperation.params[0].tmpref.size = SharedMem0.size;
+
+	TeecOperation.params[1].tmpref.buffer = SharedMem1.buffer;
+	TeecOperation.params[1].tmpref.size = SharedMem1.size;
+
+	TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT,
+						    TEEC_MEMREF_TEMP_INOUT,
+						    TEEC_NONE,
+						    TEEC_NONE);
+
+	TeecResult = TEEC_InvokeCommand(&TeecSession,//write data
+					1,
+					&TeecOperation,
+					&ErrorOrigin);
+	if (TeecResult != TEEC_SUCCESS) {
+		printf("%s TEEC_InvokeCommand fail!\n", __func__);
+		return -1;
+	}
+
+	TEEC_SharedMemory SharedMem2 = {0};
+
+	SharedMem2.size = 1024 * 8;
+	SharedMem2.flags = 0;
+
+	TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem2);
+	if (TeecResult != TEEC_SUCCESS) {
+		printf("%s TEEC_AllocateSharedMemory fail!\n", __func__);
+		return -1;
+	}
+
+	TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer;
+	TeecOperation.params[0].tmpref.size = SharedMem0.size;
+
+	TeecOperation.params[1].tmpref.buffer = SharedMem2.buffer;
+	TeecOperation.params[1].tmpref.size = SharedMem2.size;
+
+	TeecResult = TEEC_InvokeCommand(&TeecSession,//read data
+					0,
+					&TeecOperation,
+					&ErrorOrigin);
+	if (TeecResult != TEEC_SUCCESS) {
+		printf("%s TEEC_InvokeCommand fail!\n", __func__);
+		return -1;
+	}
+	if (memcmp(SharedMem1.buffer, SharedMem2.buffer,
+	    SharedMem1.size) != 0) {
+		printf("error! %s read not equal to write!\n", __func__);
+		return -1;
+	}
+
+	TEEC_ReleaseSharedMemory(&SharedMem0);
+	TEEC_ReleaseSharedMemory(&SharedMem1);
+	TEEC_ReleaseSharedMemory(&SharedMem2);
+
+	TEEC_CloseSession(&TeecSession);
+
+	TEEC_FinalizeContext(&TeecContext);
+
+	debug("%s end\n", __func__);
+	return 0;
+}
+
+int test_secure_storage_security_partition(void)
+{
+	TEEC_Result TeecResult;
+	TEEC_Context TeecContext;
+	TEEC_Session TeecSession;
+	uint32_t ErrorOrigin;
+	TEEC_UUID tempuuid = { 0x1b484ea5, 0x698b, 0x4142,
+		{ 0x82, 0xb8, 0x3a, 0xcf, 0x16, 0xe9, 0x9e, 0x2a } };
+	TEEC_UUID *TeecUuid = &tempuuid;
+	TEEC_Operation TeecOperation = {0};
+	struct blk_desc *dev_desc;
+
+	dev_desc = rockchip_get_bootdev();
+	if (!dev_desc) {
+		printf("%s: dev_desc is NULL!\n", __func__);
+		return -1;
+	}
+
+	debug("%s start\n", __func__);
+	OpteeClientApiLibInitialize();
+
+	TeecResult = TEEC_InitializeContext(NULL, &TeecContext);
+
+	TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INPUT,
+						    TEEC_NONE,
+						    TEEC_NONE,
+						    TEEC_NONE);
+	/*0 nand or emmc "security" partition , 1 rpmb*/
+	TeecOperation.params[0].value.a = 0;//use security partition
+
+	TeecResult = TEEC_OpenSession(&TeecContext,
+				      &TeecSession,
+				      TeecUuid,
+				      TEEC_LOGIN_PUBLIC,
+				      NULL,
+				      &TeecOperation,
+				      &ErrorOrigin);
+	if (TeecResult != TEEC_SUCCESS) {
+		printf("%s TEEC_OpenSession fail!\n", __func__);
+		return -1;
+	}
+
+	TEEC_SharedMemory SharedMem0 = {0};
+
+	SharedMem0.size = sizeof("filename_test_secure_storage_security_partition");
+	SharedMem0.flags = 0;
+
+	TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem0);
+	if (TeecResult != TEEC_SUCCESS) {
+		printf("%s TEEC_AllocateSharedMemory fail!\n", __func__);
+		return -1;
+	}
+
+	memcpy(SharedMem0.buffer,
+	       "filename_test_secure_storage_security_partition",
+	       SharedMem0.size);
+
+	TEEC_SharedMemory SharedMem1 = {0};
+
+	SharedMem1.size = 1024 * 8;
+	SharedMem1.flags = 0;
+
+	TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem1);
+	if (TeecResult != TEEC_SUCCESS) {
+		printf("%s TEEC_AllocateSharedMemory fail!\n", __func__);
+		return -1;
+	}
+
+	memset(SharedMem1.buffer, 'b', SharedMem1.size);
+
+	TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer;
+	TeecOperation.params[0].tmpref.size = SharedMem0.size;
+
+	TeecOperation.params[1].tmpref.buffer = SharedMem1.buffer;
+	TeecOperation.params[1].tmpref.size = SharedMem1.size;
+
+	TeecOperation.paramTypes = TEEC_PARAM_TYPES(TEEC_MEMREF_TEMP_INPUT,
+						    TEEC_MEMREF_TEMP_INOUT,
+						    TEEC_NONE,
+						    TEEC_NONE);
+
+	TeecResult = TEEC_InvokeCommand(&TeecSession,//write data
+					1,
+					&TeecOperation,
+					&ErrorOrigin);
+	if (TeecResult != TEEC_SUCCESS) {
+		printf("%s TEEC_InvokeCommand fail!\n", __func__);
+		return -1;
+	}
+
+	TEEC_SharedMemory SharedMem2 = {0};
+
+	SharedMem2.size = 1024 * 8;
+	SharedMem2.flags = 0;
+
+	TeecResult = TEEC_AllocateSharedMemory(&TeecContext, &SharedMem2);
+	if (TeecResult != TEEC_SUCCESS) {
+		printf("%s TEEC_AllocateSharedMemory fail!\n", __func__);
+		return -1;
+	}
+
+	TeecOperation.params[0].tmpref.buffer = SharedMem0.buffer;
+	TeecOperation.params[0].tmpref.size = SharedMem0.size;
+
+	TeecOperation.params[1].tmpref.buffer = SharedMem2.buffer;
+	TeecOperation.params[1].tmpref.size = SharedMem2.size;
+
+	TeecResult = TEEC_InvokeCommand(&TeecSession,//read data
+					0,
+					&TeecOperation,
+					&ErrorOrigin);
+	if (TeecResult != TEEC_SUCCESS) {
+		printf("%s TEEC_InvokeCommand fail!\n", __func__);
+		return -1;
+	}
+	if (memcmp(SharedMem1.buffer, SharedMem2.buffer,
+	    SharedMem1.size) != 0) {
+		printf("error! %s read not equal to write!\n", __func__);
+		return -1;
+	}
+
+	TEEC_ReleaseSharedMemory(&SharedMem0);
+	TEEC_ReleaseSharedMemory(&SharedMem1);
+	TEEC_ReleaseSharedMemory(&SharedMem2);
+
+	TEEC_CloseSession(&TeecSession);
+
+	TEEC_FinalizeContext(&TeecContext);
+
+	debug("%s end\n", __func__);
+	return 0;
+}

include/optee_test.h

@@ -0,0 +1,21 @@
+/* SPDX-License-Identifier:     GPL-2.0+
+ *
+ * Copyright 2019, Rockchip Electronics Co., Ltd
+ * hisping lin, <hisping.lin@rock-chips.com>
+ *
+ */
+#ifndef _OPTEE_TEST_H_
+#define _OPTEE_TEST_H_
+
+/*
+ * test secure storage in rpmb when use emmc
+ * test secure storage in security partition when use nand
+ */
+int test_secure_storage_default(void);
+
+/*
+ * test secure storage in security partition
+ */
+int test_secure_storage_security_partition(void);
+
+#endif /*_OPTEE_TEST_H_*/

lib/optee_clientApi/OpteeClientMem.c

@@ -140,8 +140,8 @@ void OpteeClientMemInit(void)
 
 	tee_smc_call(&ArmSmcArgs);
 
-	printf("get share memory, arg0=0x%x arg1=0x%x arg2=0x%x arg3=0x%x\n",
+	debug("get share memory, arg0=0x%x arg1=0x%x arg2=0x%x arg3=0x%x\n",
-			ArmSmcArgs.Arg0, ArmSmcArgs.Arg1, ArmSmcArgs.Arg2, ArmSmcArgs.Arg3);
+	      ArmSmcArgs.Arg0, ArmSmcArgs.Arg1, ArmSmcArgs.Arg2, ArmSmcArgs.Arg3);
 
 	my_malloc_init((void *)(size_t)ArmSmcArgs.Arg1, ArmSmcArgs.Arg2);
 }