From cdfe43454f6ce18654b233e0d2478ce091e60f65 Mon Sep 17 00:00:00 2001 From: Etienne Carriere Date: Thu, 12 Dec 2024 17:07:56 +0100 Subject: [PATCH] optee ftpm: CFG_TA_FTPM_RPMB_STORAGE selects RPMB storage Adds configuration switch CFG_TA_FTPM_RPMB_STORAGE that, when enable, makes fTPM OP-TEE TA to explicitly use the eMMC RPMB secure storage of OP-TEE instead of OP-TEE private storage which depends on OP-TEE configuration. The configuration switch is default disabled for compatibility reasons. Signed-off-by: Etienne Carriere --- platform/NVMem.c | 12 +++++++++--- sub.mk | 3 +++ 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/platform/NVMem.c b/platform/NVMem.c index fad411b..4421339 100644 --- a/platform/NVMem.c +++ b/platform/NVMem.c @@ -49,6 +49,12 @@ #include #include +#ifdef CFG_TA_FTPM_RPMB_STORAGE +#define CHOOSEN_TEE_STORAGE TEE_STORAGE_PRIVATE_RPMB +#else +#define CHOOSEN_TEE_STORAGE TEE_STORAGE_PRIVATE +#endif + // // Overall size of NV, not just the TPM's NV storage // @@ -157,7 +163,7 @@ _plat__NvInitFromStorage() objID = s_StorageObjectID + i; // Attempt to open TEE persistent storage object. - Result = TEE_OpenPersistentObject(TEE_STORAGE_PRIVATE, + Result = TEE_OpenPersistentObject(CHOOSEN_TEE_STORAGE, (void *)&objID, sizeof(objID), TA_STORAGE_FLAGS, @@ -175,7 +181,7 @@ _plat__NvInitFromStorage() } // Storage object was not found, create it. - Result = TEE_CreatePersistentObject(TEE_STORAGE_PRIVATE, + Result = TEE_CreatePersistentObject(CHOOSEN_TEE_STORAGE, (void *)&objID, sizeof(objID), TA_STORAGE_FLAGS, @@ -313,7 +319,7 @@ _plat__NvWriteBack() // Force storage stack to update its backing store TEE_CloseObject(s_NVStore[i]); - Result = TEE_OpenPersistentObject(TEE_STORAGE_PRIVATE, + Result = TEE_OpenPersistentObject(CHOOSEN_TEE_STORAGE, (void *)&objID, sizeof(objID), TA_STORAGE_FLAGS, diff --git a/sub.mk b/sub.mk index e317865..047b5bd 100644 --- a/sub.mk +++ b/sub.mk @@ -1,4 +1,5 @@ CFG_FTPM_EMULATE_PPI ?= n +CFG_TA_FTPM_RPMB_STORAGE ?= n # # The fTPM needs to overwrite some of the header files used in the @@ -95,6 +96,8 @@ srcs-y += platform/fTPM_helpers.c srcs-y += fTPM.c +cflags-$(CFG_TA_FTPM_RPMB_STORAGE) += -DCFG_TA_FTPM_RPMB_STORAGE + ifeq ($(CFG_TA_MEASURED_BOOT),y) CFG_TA_EVENT_LOG_SIZE ?= 1024 # Support for Trusted Firmware Measured Boot.