1.mmc testsecurestorage to test secure storage
2.test secure storage in rpmb and test secure storage in
security partition when use emmc
3.test secure storage in security partition when use nand
Change-Id: Id6f72893c002c5040cb1790051c9685911878df7
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
Extract keymaster CA module from OpteeClientInterface
refactoring code for keymaster reads and writes form caller module
Change-Id: I1069fce0d29d9d9815f71e7f3b4d231754382acd
Signed-off-by: Jian Qiu <qiujian@rock-chips.com>
Split attestation key into AttestationKey.ec and AttestationKey.rsa,
then write to secure storage.
Change-Id: I8e00d602c4174a002e6ecad2e4cfa846f32a681f
Signed-off-by: Tony Xu <tony.xu@rock-chips.com>
keymaster ta is too large, so we change store data
to static ta and remove keymaster ta
Change-Id: Icdb694138caf005d2cb2821714a8526d0391b18b
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
bug make error R&W when security partition is not defined
Change-Id: Iddf840d3f9c090292e58f73492c20f84e4b3b4ea
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
use R&W multi blocks and cache used flag to
speed up secure store.
Change-Id: Ib534fa33e1bb03006ed3b85992d1d48b5fe36f39
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
CONFIG_OPTEE_ALWAYS_USE_SECURITY_PARTITION is support
for OPTEE_V1
Change-Id: Ic83d06a08a1d409905dcc61e0f7346ab23261b0c
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
compile form keymaster 8.0/develop commit:ddd71dca
Features:
ddd71dca ta: support emmc/nand storage for keymaster & gatekeeper
2692c551 Update export-user_ta/ to support dual filesystems
bc288722 keymaster: uboot write data overwrite
Change-Id: I51b84f62db15bd4825035089dbb6ee38d11d4cac
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
fix bug which make error when we try to create
a new file, old file should be delete, but old
file which fd equal to zero is exist!
Change-Id: I602e889ae12756c0c40e409d6439ac36cc1b5382
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
uboot can secure store data to nand or emmc "security"
partition for optee v2
Change-Id: I85abbfb3970a2fa3f46f540d3f16dfc7ca605317
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
uboot send data and data length to keymaster TA, keymaster
TA secure store the data, and read temp data from secure
store, compare data and temp data, but the compare length
use temp data length is wrong, fix the bug to use data length.
Change-Id: I900a7ab1b1e95ca844dfb7327c34c793cf635278
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
uboot read date return error when file not exit,
do not to create new file.
Change-Id: Ic4cbc631b9e75dc345759d6d0dbcc86250245511
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
move CONFIG_OPTEE_V1/V2 to lib/optee_clientApi/Kconfig
Change-Id: I446454547a186a27110aa95183264154fc538de9
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
this bug make compile error when we compile all code in android.
Change-Id: Id9b8673576bee13c4df0990bd068548fa11458bf
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
support attestation commands:
at-attest-dh,at-attest-uuid,at-get-ca-request,at-set-ca-request
Change-Id: I3fe94befa57a131e89dbe136c065a948b1631756
Signed-off-by: Andy Ye <andy.ye@rock-chips.com>
updata keymaster ta and write attributes to keymaster
Change-Id: Iac3e64f7e4da1d6b5700d9f049d5fa8b1427b077
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
uboot can read vboot key hash from efuse and write
vboot key hash to efuse, secure boot will be enable
after you write vboot key hash.
Change-Id: Ibe7b2a5778a3f38e13a241261617f1be8537c88e
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
trusty_notify_optee_uboot_end() function is used before uboot
jump into kernel, then optee will free memery and denied
call some tipc functions, denied call read write attribute hash.
Change-Id: I96b5687e1afd5bfdf1780ed1641f5fff2fc17eee
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
change OpteeClientTest.c to OpteeClientInterface.c
Change-Id: I68b32a2a4757af655bd4eaa723067f024ff112ef
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
The new fastboot cmd need to store the flashing
lock state in order to prevent flash. And the state
is stored in rpmb. So the tipc provide the functions
to read/write the flash_lock_state.
Change-Id: Idf6eb7de7aff1b3257fcd70d0fc87ac7634de4d0
Signed-off-by: Jason Zhu <jason.zhu@rock-chips.com>
tipc functions is used for uboot communicate
with TEE. uboot can request service for secure
store or secure algorithm.
Change-Id: Ie44095aff4c044feceb5f362abf6e3d24ceb8d4c
Signed-off-by: Hisping Lin <hisping.lin@rock-chips.com>
Hisping Lin
Jason Zhu
Jian Qiu
Tony Xu
Joseph Chen
Andy Ye