Re: [PATCH v7 4/4] optee: probe RPMB device using RPMB subsystem

OP-TEE Archive on lore.kernel.org
 help / color / mirror / Atom feed

From: Mikko Rapeli <mikko.rapeli@linaro.org>
To: op-tee@lists.trustedfirmware.org
Subject: Re: [PATCH v7 4/4] optee: probe RPMB device using RPMB subsystem
Date: Tue, 11 Jun 2024 12:02:12 +0900	[thread overview]
Message-ID: <Zme-NMa3Bvp2h7aL@nuoska> (raw)
In-Reply-To: < <CAHUa44GAiUf9+PxqhXOwGfOuc250YDyJ7uzGe2B1bGmBw2iegg@mail.gmail.com>>

[-- Attachment #1: Type: text/plain, Size: 1963 bytes --]

Hi,

On Mon, Jun 10, 2024 at 02:52:31PM +0200, Jens Wiklander wrote:
> Hi Manuel,
> 
> On Mon, Jun 3, 2024 at 11:10 AM Manuel Traut <manut@mecka.net> wrote:
> >
> > On 14:13 Mon 27 May     , Jens Wiklander wrote:
> > > --- a/drivers/tee/optee/ffa_abi.c
> > > +++ b/drivers/tee/optee/ffa_abi.c
> > > @@ -7,6 +7,7 @@
> > >
> > >  #include <linux/arm_ffa.h>
> > >  #include <linux/errno.h>
> > > +#include <linux/rpmb.h>
> > >  #include <linux/scatterlist.h>
> > >  #include <linux/sched.h>
> > >  #include <linux/slab.h>
> > > @@ -903,6 +904,10 @@ static int optee_ffa_probe(struct ffa_device *ffa_dev)
> > >       optee->ffa.bottom_half_value = U32_MAX;
> > >       optee->rpc_param_count = rpc_param_count;
> > >
> > > +     if (IS_REACHABLE(CONFIG_RPMB) &&
> > > +         (sec_caps & OPTEE_FFA_SEC_CAP_RPMB_PROBE))
> > > +             optee->in_kernel_rpmb_routing = true;
> >
> > The SEC_CAP_RPMB_PROBE flag seems to be missing in optee_os at the moment.
> > If I remove this check here, the series works for me.
> 
> You're right, I missed pushing those flags to optee_os. I've pushed them now.

Thanks! Tested with optee 4.1 and your patches from
https://github.com/jenswi-linaro/optee_os/commits/rpmb_probe_v7/
in Trusted Substrate uefi firmware
( https://gitlab.com/Linaro/trustedsubstrate/meta-ts/ )
and this series and a bunch of dependencies backported to
our Trusted Reference Stack
( https://trs.readthedocs.io/en/latest/ )
6.6.29 kernel on rockpi4b (rk3399 ARM64 SoC) with secure boot and
the optee side fTPM TA device used to create an encrypted rootfs with
systemd. Kernel side RPMB routing is in use and works for the TPM use cases.

Full boot and test log (with unrelated test failures)
https://ledge.validation.linaro.org/scheduler/job/88692

root(a)trs-qemuarm64:~# cat /sys/class/tee/tee0/rpmb_routing_model
...
kernel

Tested-by: Mikko Rapeli <mikko.rapeli@linaro.org>

Cheers,

-Mikko

next      parent reply	other threads:[~2024-06-11  3:02 UTC|newest]

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] < <CAHUa44GAiUf9+PxqhXOwGfOuc250YDyJ7uzGe2B1bGmBw2iegg@mail.gmail.com>
2024-06-11  3:02 ` Mikko Rapeli [this message]
2024-06-11 10:43   ` [PATCH v7 4/4] optee: probe RPMB device using RPMB subsystem Sumit Garg
     [not found] < <CAFA6WYPYSfrDtnLPRs7_0h5Hf01oPfOpqmt4c7_Twxv-re87xQ@mail.gmail.com>
2024-06-12  1:14 ` Mikko Rapeli
2024-06-12  6:56   ` Jens Wiklander
     [not found] < <CAFA6WYOny9RVPLbGCsTwUqOo+doi6k+F-RgCorNdyC+w7u63mw@mail.gmail.com>
2024-05-29  8:18 ` Sumit Garg
     [not found] < <CAFA6WYOT52fdqgGvDYE91DQ_4MUbAv_1Gnn2fTyMNhrj_Agu=w@mail.gmail.com>
2024-05-29  7:09 ` Mikko Rapeli
2024-05-29  8:06   ` Sumit Garg
2024-05-29  9:38   ` Manuel Traut
2024-05-29 14:26     ` Mikko Rapeli
2024-05-30  7:35       ` Manuel Traut
2024-05-30  8:29         ` Mikko Rapeli
2024-05-30 14:22           ` Manuel Traut
     [not found] < <CAHUa44EFYwYU6LSGfv+2ym_pweDKbJzqQG0MfW=bqx5UGSnYSQ@mail.gmail.com>
2024-05-29  5:04 ` Sumit Garg
     [not found] < <CAHUa44G0bcK55RxNrN5sXiicBZ-BJtA46KpedfBdUSKsN8eUOA@mail.gmail.com>
2024-05-28  9:30 ` Mikko Rapeli
2024-05-29  5:26   ` Sumit Garg
     [not found] < <CAFA6WYNF77WrpC6PPY4idM7XkObnrS9hDyyBJDsaLRLcqdH_9g@mail.gmail.com>
2024-05-28  9:08 ` Jens Wiklander
2024-05-27 12:13 [PATCH v7 0/4] Replay Protected Memory Block (RPMB) subsystem Jens Wiklander
2024-05-27 12:13 ` [PATCH v7 4/4] optee: probe RPMB device using RPMB subsystem Jens Wiklander
2024-05-27 13:00   ` Jerome Forissier
2024-05-27 13:24     ` Jens Wiklander
2024-05-27 14:38   ` Sumit Garg
2024-06-03  9:10   ` Manuel Traut
2024-06-10 12:52     ` Jens Wiklander

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=Zme-NMa3Bvp2h7aL@nuoska \
    --to=mikko.rapeli@linaro.org \
    --cc=op-tee@lists.trustedfirmware.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox