1 /* 2 * Copyright (C) 2022 Huawei Technologies Co., Ltd. 3 * Licensed under the Mulan PSL v2. 4 * You can use this software according to the terms and conditions of the Mulan PSL v2. 5 * You may obtain a copy of Mulan PSL v2 at: 6 * http://license.coscl.org.cn/MulanPSL2 7 * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR 8 * IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR 9 * PURPOSE. 10 * See the Mulan PSL v2 for more details. 11 */ 12 #ifndef __PERSRV_H__ 13 #define __PERSRV_H__ 14 15 #include <stdint.h> 16 #include "crypto_wrapper.h" 17 #include "tee_internal_task_pub.h" 18 #include "tee_elf_verify.h" 19 #include "tee_msg_type.h" 20 21 #define TA_CERT_MAX_SERVICE_NAME_LEN 27 22 23 #define TA_LOAD_PERM_ALLOW 1 24 #define TA_LOAD_PERM_DENY 0 25 26 #define REGISTER_TA 1 27 #define UNREGISTER_TA 0 28 29 #define CHECK_BY_UUID 0 30 #define CHECK_BY_TASKID 1 31 #define MAX_PUB_KEY_SIZE 2056 32 #define MAX_PERM_SRV_BUFF_SIZE (70 * 1024) 33 34 #define PERMSRV_FILE_OPT "permsrv_file_operation" 35 #define PERMSRV_SAVE_FILE "permsrv_save_file" 36 #define PERMSRV_ASYNC_OPT "permsrv_async_operation" 37 #define PERMSRV_ASYNC_OPT_FILE "permsrv_async_operation_file" 38 39 enum PERM_COMMANDS_ID { 40 PERMSRV_QUERY_TA_PERMS = 0x102, 41 PERMSRV_SET_CRL_CERT = 0x103, 42 PERMSRV_SET_TA_CTRL_LIST = 0x104, 43 TEE_TASK_LOAD_CRL_AND_CTRL_LIST = 0x105, 44 PERMSRV_QUERY_TA2TA_PERM = 0x106, 45 TEE_TASK_ELF_VERIFY = 0x107, 46 TEE_TASK_CMS_CRL_UPDATE = 0x108, 47 PERMSRV_CERT_VERIFY = 0x109, 48 PERMSRV_CERT_EXPORT = 0x110, 49 PERMSRV_CERT_REMOVE = 0x111, 50 TEE_TASK_CA_HASHFILE_VERIFY = 0x112, 51 }; 52 53 enum PERM_TYPE { 54 PERM_TYPE_SE_CAPABILITY = 0x04, 55 PERM_TYPE_CERT_CAPABILITY = 0x07, 56 }; 57 58 enum init_state { 59 INIT_STATE_NOT_READY, 60 INIT_STATE_READY, 61 }; 62 63 typedef enum { 64 TA_DEBUG_CERT, 65 TA_RELEASE_CERT, 66 TA_CERT_MAX, 67 } ta_cert_t; 68 69 typedef enum { 70 CONF_DEBUG_CERT, 71 CONF_RELEASE_CERT, 72 CONF_CERT_MAX, 73 } conf_cert_t; 74 75 enum cert_product_type { 76 TEE_CA_TYPE, 77 OH_CA_TYPE, 78 IMPORT_CA_TYPE, 79 }; 80 81 typedef struct { 82 ta_cert_t cert_type; 83 uint8_t public_key[MAX_PUB_KEY_SIZE]; 84 uint8_t cert_product_type; 85 bool sys_verify_ta; 86 } cert_param_t; 87 88 typedef struct perm_srv_set_config_st { 89 uint64_t config_file; /* pointer */ 90 uint32_t len; 91 uint64_t cert_param; /* cert_param_t pointer */ 92 TEE_UUID uuid; 93 uint64_t service_name; /* pointer */ 94 uint32_t service_name_len; 95 } perm_srv_set_config_t; 96 97 typedef struct perm_srv_query_tarun_st { 98 TEE_UUID uuid; 99 uint64_t mani_val; /* pointer */ 100 uint32_t len; 101 uint16_t distribution; 102 } perm_srv_query_tarun_t; 103 104 typedef struct perm_srv_query_perms_st { 105 TEE_UUID uuid; 106 uint32_t taskid; 107 uint32_t checkby; 108 uint32_t perm_type; 109 } perm_srv_query_perms_t; 110 111 typedef struct perm_srv_query_ta2ta_perm_st { 112 TEE_UUID uuid; 113 uint32_t cmd; 114 } perm_srv_query_ta2ta_perm_t; 115 116 typedef struct perm_srv_set_crl_cert_st { 117 uint64_t crl_cert_buff; /* pointer */ 118 uint32_t crl_cert_size; 119 } perm_srv_set_crl_cert_t; 120 121 typedef struct perm_srv_set_ta_ctrl_list_st { 122 uint64_t ctrl_list_buff; /* pointer */ 123 uint32_t ctrl_list_size; 124 } perm_srv_set_ta_ctrl_list_t; 125 126 typedef struct perm_srv_set_ta_cert_st { 127 uint64_t ta_cert_buff; /* pointer */ 128 uint32_t ta_cert_size; 129 uint64_t pub_key_buff; /* pointer */ 130 uint32_t pub_key_size; 131 } perm_srv_set_ta_cert_t; 132 133 typedef struct perm_srv_ta_unload { 134 TEE_UUID uuid; 135 } perm_srv_ta_unload_t; 136 137 typedef struct perm_srv_crl_update { 138 uint64_t buffer; /* pointer */ 139 uint32_t size; 140 } perm_srv_crl_update_t; 141 142 typedef struct perm_srv_ca_hashfile_verify { 143 uint64_t buffer; /* pointer */ 144 uint32_t size; 145 }perm_srv_ca_hashfile_verify_t; 146 147 typedef union perm_srv_msgbody_st { 148 perm_srv_set_config_t ta_config; 149 perm_srv_query_tarun_t ta_run; 150 perm_srv_query_perms_t query_perms; 151 perm_srv_query_ta2ta_perm_t query_ta2ta_perm; 152 struct reg_ta_info reg_ta; 153 perm_srv_ta_unload_t ta_unload; 154 perm_srv_set_crl_cert_t crl_cert; 155 perm_srv_set_ta_ctrl_list_t ctrl_list; 156 elf_verify_req verify_req; 157 perm_srv_crl_update_t crl_update_req; 158 perm_srv_set_ta_cert_t ta_cert; 159 perm_srv_ca_hashfile_verify_t ca_hashfile_verify; 160 struct { 161 uint64_t dst; /* pointer */ 162 uint32_t len; 163 } crt; 164 } perm_srv_msgbody_t; 165 166 typedef struct perm_srv_sharememrsp_st { 167 uint32_t sharemem_index; 168 } perm_srv_sharememrsp_t; 169 170 typedef union perm_srv_permsrsp_st { 171 uint32_t rpmb_size; 172 uint64_t rpmb_capability; 173 uint64_t sfs_capability; 174 uint64_t se_capability; 175 uint64_t tui_capability; 176 uint32_t manager; 177 struct { 178 uint32_t len; 179 } crt; 180 uint64_t cert_capability; 181 } perm_srv_permsrsp_t; 182 183 typedef struct perm_srv_rspbody_st { 184 TEE_Result ret; 185 union { 186 perm_srv_sharememrsp_t sharememrsp; 187 perm_srv_permsrsp_t permsrsp; 188 }; 189 } perm_srv_rspbody_t; 190 191 /* struct for req msg and reply msg */ 192 typedef struct perm_srv_req_msg_st { 193 msg_header header; 194 perm_srv_msgbody_t req_msg; 195 } __attribute__((__packed__)) perm_srv_req_msg_t; 196 197 typedef struct perm_srv_reply_msg_st { 198 msg_header header; 199 perm_srv_rspbody_t reply; 200 } __attribute__((__packed__)) perm_srv_reply_msg_t; 201 202 #endif // __PERSRV_H__ 203