[PATCH 1/1] Add RISC-V TEE support

[PATCH 1/1] Add RISC-V TEE support

[liushiwei]

RISC-V Trusted Executable Environment security software includes
linux, opensbi, and OP-TEE OS. linux is the non-secure domain,
and OP-TEE OS is the secure domain. At boot time, opensbi boots
OP-TEE OS and then starts linux. At runtime, opensbi acts as a
secure monitor, responsible for context saving and restoring
when switching between linux and OP-TEE OS.
TEE function is off by default, when using configuration is
added in the config and objects file, such as
platform/generic/configs/defconfig add CONFIG_SBI_ECALL_TEE = y,
In the platform/generic/objects.mk add CONFIG_TEE_LOAD_ADDR =
0x27c000000, CONFIG_TEE_LOAD_ADDR is the starting address
of the OP-TEE OS.

Signed-off-by: liushiwei <liushiwei@eswincomputing.com>
---
 include/sbi/sbi_ecall_interface.h         |   3 +
 include/sbi_utils/tee/tee_context.h       | 104 ++++++++++
 include/sbi_utils/tee/tee_sm_dispatcher.h |  44 +++++
 include/sbi_utils/tee/teeecall_opteed.h   | 145 ++++++++++++++
 lib/sbi/Kconfig                           |   4 +
 lib/sbi/objects.mk                        |   3 +
 lib/sbi/sbi_ecall_tee.c                   |  19 ++
 lib/sbi/sbi_init.c                        |   5 +
 lib/utils/tee/objects.mk                  |  16 ++
 lib/utils/tee/tee_context.S               | 189 ++++++++++++++++++
 lib/utils/tee/tee_sm_dispatcher.c         | 228 ++++++++++++++++++++++
 11 files changed, 760 insertions(+)
 create mode 100644 include/sbi_utils/tee/tee_context.h
 create mode 100644 include/sbi_utils/tee/tee_sm_dispatcher.h
 create mode 100644 include/sbi_utils/tee/teeecall_opteed.h
 create mode 100644 lib/sbi/sbi_ecall_tee.c
 create mode 100644 lib/utils/tee/objects.mk
 create mode 100644 lib/utils/tee/tee_context.S
 create mode 100644 lib/utils/tee/tee_sm_dispatcher.c

diff --git a/include/sbi/sbi_ecall_interface.h b/include/sbi/sbi_ecall_interface.h
index a3f2bf4..5ed5bd5 100644
--- a/include/sbi/sbi_ecall_interface.h
+++ b/include/sbi/sbi_ecall_interface.h
@@ -238,6 +238,9 @@ enum sbi_pmu_ctr_type {
 #define SBI_EXT_VENDOR_END			0x09FFFFFF
 #define SBI_EXT_FIRMWARE_START			0x0A000000
 #define SBI_EXT_FIRMWARE_END			0x0AFFFFFF
+#define SBI_EXT_TEE_START			0x0A000000
+#define SBI_EXT_TEE_END				0x0AFFFFFF
+#define SBI_EXT_TEE				0xFFFFEEEE
 
 /* SBI return error codes */
 #define SBI_SUCCESS				0
diff --git a/include/sbi_utils/tee/tee_context.h b/include/sbi_utils/tee/tee_context.h
new file mode 100644
index 0000000..467ff00
--- /dev/null
+++ b/include/sbi_utils/tee/tee_context.h
@@ -0,0 +1,104 @@
+/*
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright  2023  Beijing ESWIN Computing Technology Co., Ltd.
+ *
+ * Authors:
+ *   Chen Chaokai <chenchaokai@eswincomputing.com>
+ *   Liu Shiwei <liushiwei@eswincomputing.com>
+ */
+
+#ifndef __TEE_CONTEXT_H__
+#define __TEE_CONTEXT_H__
+
+#define TEE_SECURE_FLAG					(0xFFFF0000)
+#define TEE_NON_SECURE_FLAG				(0xFFFFFFFF)
+
+#define TEE_HART_COUNT					(0x8)
+#define OPTEED_CORE_COUNT				TEE_HART_COUNT
+
+#define ECALL_TEE_SHIFT					(0x10)
+#define MCAUSE_INTR					(1)
+
+/* The secure and non-secure contexts size are used to
+ * store the regisers respectively.
+ * The macros defined below are used to setup the spaces
+ * for secure and non-secure contexts.
+ * */
+
+#define SBI_SAVE_CONTEXT_sepc				35
+#define SBI_SAVE_CONTEXT_satp				36
+#define SBI_SAVE_CONTEXT_sstatus			37
+#define SBI_SAVE_CONTEXT_sie				38
+#define SBI_SAVE_CONTEXT_stvec				39
+#define SBI_SAVE_CONTEXT_sscratch			40
+#define SBI_SAVE_CONTEXT_scounteren			41
+#define SBI_SAVE_CONTEXT_scause				42
+#define SBI_SAVE_CONTEXT_stval				43
+#define SBI_SAVE_CONTEXT_sip				44
+#define SBI_SAVE_CONTEXT_last				45
+
+/** Get offset of member with name 'x' in sbi_save_context */
+#define SBI_SAVE_CONTEXT_OFFSET(x) ((SBI_SAVE_CONTEXT_##x) * __SIZEOF_POINTER__)
+/** Size (in bytes) of sbi_trap_regs */
+#define SBI_SAVE_CONTEXT_SIZE SBI_SAVE_CONTEXT_OFFSET(last)
+
+#ifndef __ASSEMBLER__
+#include <sbi/sbi_types.h>
+
+typedef uint32_t optee_vector_isn_t;
+
+typedef struct optee_vectors {
+	optee_vector_isn_t yield_smc_entry;
+	optee_vector_isn_t fast_smc_entry;
+	optee_vector_isn_t cpu_on_entry;
+	optee_vector_isn_t cpu_off_entry;
+	optee_vector_isn_t cpu_resume_entry;
+	optee_vector_isn_t cpu_suspend_entry;
+	optee_vector_isn_t fiq_entry;
+	optee_vector_isn_t system_off_entry;
+	optee_vector_isn_t system_reset_entry;
+} optee_vectors_t;
+
+struct sbi_save_context {
+	struct sbi_trap_regs regs;
+	unsigned long sepc;
+	unsigned long satp;
+	unsigned long sstatus;
+	unsigned long sie;
+	unsigned long stvec;
+	unsigned long sscratch;
+	unsigned long scounteren;
+	unsigned long scause;
+	unsigned long stval;
+	unsigned long sip;
+};
+
+/**
+ * Save opensbi context and enter into TEE OS
+ *
+ * @param cpu_ctx_addr Address of struct sbi_save_context to save context.
+ *
+ * @return Return 0 on success and negative value on failure
+ */
+int entry_teeos(unsigned long cpu_ctx_addr);
+
+/**
+ * Restore openSBI context and continue running openSBI
+ *
+ * @param cpu_ctx_addr Address of struct sbi_trap_regs to restore context.
+ * @param ret Return value coming from TEE OS.
+ *
+ */
+void teeos_entry_done(unsigned long cpu_ctx_addr);
+
+/**
+ * Load supervisor context and return to supervisor mode
+ *
+ * @param ctx_addr Address of struct sbi_trap_regs to restore context.
+ *
+ */
+void restore_to_supervisor(unsigned long ctx_addr);
+
+#endif /* __ASSEMBLER__ */
+#endif /* __TEE_CONTEXT_H__ */
diff --git a/include/sbi_utils/tee/tee_sm_dispatcher.h b/include/sbi_utils/tee/tee_sm_dispatcher.h
new file mode 100644
index 0000000..1c971a4
--- /dev/null
+++ b/include/sbi_utils/tee/tee_sm_dispatcher.h
@@ -0,0 +1,44 @@
+/*
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright  2023  Beijing ESWIN Computing Technology Co., Ltd.
+ *
+ * Authors:
+ *   Chen Chaokai <chenchaokai@eswincomputing.com>
+ *   Liu Shiwei <liushiwei@eswincomputing.com>
+ */
+
+#ifndef __TEE_SM_DISPATCHER_H__
+#define __TEE_SM_DISPATCHER_H__
+
+#define TEE_ENTRY_ADDR      TEE_LOAD_ADDR
+
+#ifndef __ASSEMBLER__
+#include <sbi/sbi_types.h>
+
+/**
+ * Initialize tee os
+ *
+ * @return Return 0 on success and negative value on failure
+ */
+void tee_os_init(void);
+
+/**
+ * TEE dispatcher handler which interact bewteen REE and TEE
+ *
+ * @param extid is SBI_EXT_TEE
+ * @param funcid Function id for this ecall trap.
+ * @param args Parameter passed from supervisor mode
+ * @param out_value Output value
+ * @param out_trap Trap detail
+ *
+ * @return Return 0 on success and negative value on failure
+ */
+
+int sbi_ecall_tee_handler(ulong extid, ulong funcid,
+			  const struct sbi_trap_regs *regs,
+			  ulong *out_val,
+			  struct sbi_trap_info *out_trap);
+
+#endif /* __ASSEMBLER__ */
+#endif /* __TEE_SM_DISPATCHER_H__ */
diff --git a/include/sbi_utils/tee/teeecall_opteed.h b/include/sbi_utils/tee/teeecall_opteed.h
new file mode 100644
index 0000000..e953a36
--- /dev/null
+++ b/include/sbi_utils/tee/teeecall_opteed.h
@@ -0,0 +1,145 @@
+/*
+ * Copyright (c) 2014, ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+/* Copyright (c) 2014, Linaro Limited. All rights reserved. */
+
+#ifndef __TEEECALL_OPTEED_H__
+#define __TEEECALL_OPTEED_H__
+
+#define ECALL_TYPE_FAST     (1)
+#define ECALL_TYPE_YEILD    (0)
+
+#define FUNCID_TYPE_SHIFT   (31)
+#define FUNCID_TYPE_MASK    (0x1)
+#define ECALL_32            (0)
+#define FUNCID_CC_SHIFT     (30)
+#define FUNCID_OEN_SHIFT    (24)
+
+#define FUNCID_NUM_MASK      (0xffff)
+
+#define GET_ECALL_TYPE(id)        (((id) >> FUNCID_TYPE_SHIFT) & \
+                     FUNCID_TYPE_MASK)
+
+
+#define TEEECALL_OPTEED_RV(func_num) \
+        ((ECALL_TYPE_FAST << FUNCID_TYPE_SHIFT) | \
+         ((ECALL_32) << FUNCID_CC_SHIFT) | \
+         (62 << FUNCID_OEN_SHIFT) | \
+         ((func_num) & FUNCID_NUM_MASK))
+
+
+/*
+ * This file specify SMC function IDs used when returning from TEE to the
+ * secure monitor.
+ *
+ * All SMC Function IDs indicates SMC32 Calling Convention but will carry
+ * full 64 bit values in the argument registers if invoked from Aarch64
+ * mode. This violates the SMC Calling Convention, but since this
+ * convention only coveres API towards Normwal World it's something that
+ * only concerns the OP-TEE Dispatcher in ARM Trusted Firmware and OP-TEE
+ * OS at Secure EL1.
+ */
+
+/*
+ * Issued when returning from initial entry.
+ *
+ * Register usage:
+ * r0/x0	SMC Function ID, TEEECALL_OPTEED_RETURN_ENTRY_DONE
+ * r1/x1	Pointer to entry vector
+ */
+#define TEEECALL_OPTEED_FUNCID_RETURN_ENTRY_DONE		0
+#define TEEECALL_OPTEED_RETURN_ENTRY_DONE \
+	TEEECALL_OPTEED_RV(TEEECALL_OPTEED_FUNCID_RETURN_ENTRY_DONE)
+
+
+
+/*
+ * Issued when returning from "cpu_on" vector
+ *
+ * Register usage:
+ * r0/x0	SMC Function ID, TEEECALL_OPTEED_RETURN_ON_DONE
+ * r1/x1	0 on success and anything else to indicate error condition
+ */
+#define TEEECALL_OPTEED_FUNCID_RETURN_ON_DONE		1
+#define TEEECALL_OPTEED_RETURN_ON_DONE \
+	TEEECALL_OPTEED_RV(TEEECALL_OPTEED_FUNCID_RETURN_ON_DONE)
+
+/*
+ * Issued when returning from "cpu_off" vector
+ *
+ * Register usage:
+ * r0/x0	SMC Function ID, TEEECALL_OPTEED_RETURN_OFF_DONE
+ * r1/x1	0 on success and anything else to indicate error condition
+ */
+#define TEEECALL_OPTEED_FUNCID_RETURN_OFF_DONE		2
+#define TEEECALL_OPTEED_RETURN_OFF_DONE \
+	TEEECALL_OPTEED_RV(TEEECALL_OPTEED_FUNCID_RETURN_OFF_DONE)
+
+/*
+ * Issued when returning from "cpu_suspend" vector
+ *
+ * Register usage:
+ * r0/x0	SMC Function ID, TEEECALL_OPTEED_RETURN_SUSPEND_DONE
+ * r1/x1	0 on success and anything else to indicate error condition
+ */
+#define TEEECALL_OPTEED_FUNCID_RETURN_SUSPEND_DONE	3
+#define TEEECALL_OPTEED_RETURN_SUSPEND_DONE \
+	TEEECALL_OPTEED_RV(TEEECALL_OPTEED_FUNCID_RETURN_SUSPEND_DONE)
+
+/*
+ * Issued when returning from "cpu_resume" vector
+ *
+ * Register usage:
+ * r0/x0	SMC Function ID, TEEECALL_OPTEED_RETURN_RESUME_DONE
+ * r1/x1	0 on success and anything else to indicate error condition
+ */
+#define TEEECALL_OPTEED_FUNCID_RETURN_RESUME_DONE		4
+#define TEEECALL_OPTEED_RETURN_RESUME_DONE \
+	TEEECALL_OPTEED_RV(TEEECALL_OPTEED_FUNCID_RETURN_RESUME_DONE)
+
+/*
+ * Issued when returning from "std_smc" or "fast_smc" vector
+ *
+ * Register usage:
+ * r0/x0	SMC Function ID, TEEECALL_OPTEED_RETURN_CALL_DONE
+ * r1-4/x1-4	Return value 0-3 which will passed to normal world in
+ *		r0-3/x0-3
+ */
+#define TEEECALL_OPTEED_FUNCID_RETURN_CALL_DONE		5
+#define TEEECALL_OPTEED_RETURN_CALL_DONE \
+	TEEECALL_OPTEED_RV(TEEECALL_OPTEED_FUNCID_RETURN_CALL_DONE)
+
+/*
+ * Issued when returning from "fiq" vector
+ *
+ * Register usage:
+ * r0/x0	SMC Function ID, TEEECALL_OPTEED_RETURN_FIQ_DONE
+ */
+#define TEEECALL_OPTEED_FUNCID_RETURN_FIQ_DONE		6
+#define TEEECALL_OPTEED_RETURN_FIQ_DONE \
+	TEEECALL_OPTEED_RV(TEEECALL_OPTEED_FUNCID_RETURN_FIQ_DONE)
+
+/*
+ * Issued when returning from "system_off" vector
+ *
+ * Register usage:
+ * r0/x0	SMC Function ID, TEEECALL_OPTEED_RETURN_SYSTEM_OFF_DONE
+ */
+#define TEEECALL_OPTEED_FUNCID_RETURN_SYSTEM_OFF_DONE	7
+#define TEEECALL_OPTEED_RETURN_SYSTEM_OFF_DONE \
+	TEEECALL_OPTEED_RV(TEEECALL_OPTEED_FUNCID_RETURN_SYSTEM_OFF_DONE)
+
+/*
+ * Issued when returning from "system_reset" vector
+ *
+ * Register usage:
+ * r0/x0	SMC Function ID, TEEECALL_OPTEED_RETURN_SYSTEM_RESET_DONE
+ */
+#define TEEECALL_OPTEED_FUNCID_RETURN_SYSTEM_RESET_DONE	8
+#define TEEECALL_OPTEED_RETURN_SYSTEM_RESET_DONE \
+	TEEECALL_OPTEED_RV(TEEECALL_OPTEED_FUNCID_RETURN_SYSTEM_RESET_DONE)
+
+#endif /* __TEEECALL_OPTEED_H__ */
diff --git a/lib/sbi/Kconfig b/lib/sbi/Kconfig
index df74bba..7cfc8c3 100644
--- a/lib/sbi/Kconfig
+++ b/lib/sbi/Kconfig
@@ -34,4 +34,8 @@ config SBI_ECALL_VENDOR
 	bool "Platform-defined vendor extensions"
 	default y
 
+config SBI_ECALL_TEE
+	bool "trusted execution environment"
+	default n
+
 endmenu
diff --git a/lib/sbi/objects.mk b/lib/sbi/objects.mk
index c774ebb..ea79924 100644
--- a/lib/sbi/objects.mk
+++ b/lib/sbi/objects.mk
@@ -43,6 +43,9 @@ libsbi-objs-$(CONFIG_SBI_ECALL_LEGACY) += sbi_ecall_legacy.o
 carray-sbi_ecall_exts-$(CONFIG_SBI_ECALL_VENDOR) += ecall_vendor
 libsbi-objs-$(CONFIG_SBI_ECALL_VENDOR) += sbi_ecall_vendor.o
 
+carray-sbi_ecall_exts-$(CONFIG_SBI_ECALL_TEE) += ecall_tee
+libsbi-objs-$(CONFIG_SBI_ECALL_TEE) += sbi_ecall_tee.o
+
 libsbi-objs-y += sbi_bitmap.o
 libsbi-objs-y += sbi_bitops.o
 libsbi-objs-y += sbi_console.o
diff --git a/lib/sbi/sbi_ecall_tee.c b/lib/sbi/sbi_ecall_tee.c
new file mode 100644
index 0000000..86deea3
--- /dev/null
+++ b/lib/sbi/sbi_ecall_tee.c
@@ -0,0 +1,19 @@
+/*
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright  2023  Beijing ESWIN Computing Technology Co., Ltd.
+ *
+ * Authors:
+ *   Chen Chaokai <chenchaokai@eswincomputing.com>
+ *   Liu Shiwei <liushiwei@eswincomputing.com>
+ */
+
+#include <sbi/sbi_ecall.h>
+#include <sbi/sbi_ecall_interface.h>
+#include <sbi_utils/tee/tee_sm_dispatcher.h>
+
+struct sbi_ecall_extension ecall_tee = {
+	.extid_start = SBI_EXT_TEE,
+	.extid_end = SBI_EXT_TEE,
+	.handle = sbi_ecall_tee_handler,
+};
diff --git a/lib/sbi/sbi_init.c b/lib/sbi/sbi_init.c
index 259a191..1158949 100644
--- a/lib/sbi/sbi_init.c
+++ b/lib/sbi/sbi_init.c
@@ -26,6 +26,7 @@
 #include <sbi/sbi_timer.h>
 #include <sbi/sbi_tlb.h>
 #include <sbi/sbi_version.h>
+#include <sbi_utils/tee/tee_sm_dispatcher.h>
 
 #define BANNER                                              \
 	"   ____                    _____ ____ _____\n"     \
@@ -350,6 +351,10 @@ static void __noreturn init_coldboot(struct sbi_scratch *scratch, u32 hartid)
 	init_count = sbi_scratch_offset_ptr(scratch, init_count_offset);
 	(*init_count)++;
 
+#ifdef CONFIG_SBI_ECALL_TEE
+	tee_os_init();
+#endif
+
 	sbi_hsm_prepare_next_jump(scratch, hartid);
 	sbi_hart_switch_mode(hartid, scratch->next_arg1, scratch->next_addr,
 			     scratch->next_mode, false);
diff --git a/lib/utils/tee/objects.mk b/lib/utils/tee/objects.mk
new file mode 100644
index 0000000..5bf81f7
--- /dev/null
+++ b/lib/utils/tee/objects.mk
@@ -0,0 +1,16 @@
+#
+# SPDX-License-Identifier: BSD-2-Clause
+#
+# Copyright  2023  Beijing ESWIN Computing Technology Co., Ltd.
+#
+# Authors:
+#   Chen Chaokai <chenchaokai@eswincomputing.com>
+#   Liu Shiwei <liushiwei@eswincomputing.com>
+#
+
+ifdef CONFIG_TEE_LOAD_ADDR
+firmware-cflags-y += -DTEE_LOAD_ADDR=$(CONFIG_TEE_LOAD_ADDR)
+endif
+
+libsbiutils-objs-$(CONFIG_SBI_ECALL_TEE) += tee/tee_context.o
+libsbiutils-objs-$(CONFIG_SBI_ECALL_TEE) += tee/tee_sm_dispatcher.o
diff --git a/lib/utils/tee/tee_context.S b/lib/utils/tee/tee_context.S
new file mode 100644
index 0000000..90b1013
--- /dev/null
+++ b/lib/utils/tee/tee_context.S
@@ -0,0 +1,189 @@
+/*
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright  2023  Beijing ESWIN Computing Technology Co., Ltd.
+ *
+ * Authors:
+ *   Chen Chaokai <chenchaokai@eswincomputing.com>
+ *   Liu Shiwei <liushiwei@eswincomputing.com>
+ */
+
+#include <sbi/riscv_asm.h>
+#include <sbi/riscv_encoding.h>
+#include <sbi/sbi_platform.h>
+#include <sbi/sbi_scratch.h>
+#include <sbi/sbi_trap.h>
+#include <sbi_utils/tee/tee_context.h>
+
+	.global entry_teeos
+	.type entry_teeos, @function
+entry_teeos:
+	/* Save t0 into scratch temporarily */
+	csrrw	tp, CSR_MSCRATCH, tp
+	REG_S	t0, SBI_SCRATCH_TMP0_OFFSET(tp)
+
+	li	t0, 0
+	addi	t0, sp, 0
+
+	/* Set new SP */
+	li	sp, 0
+	addi	sp, a0, 0
+
+	/* Save original SP and t0 */
+	REG_S	t0, SBI_TRAP_REGS_OFFSET(sp)(sp)
+	REG_L	t0, SBI_SCRATCH_TMP0_OFFSET(tp)
+	REG_S	t0, SBI_TRAP_REGS_OFFSET(t0)(sp)
+
+	csrrw	tp, CSR_MSCRATCH, tp
+
+	/* Save all general registers except SP and T0*/
+	REG_S	ra, SBI_TRAP_REGS_OFFSET(ra)(sp)
+	REG_S	a0, SBI_TRAP_REGS_OFFSET(a0)(sp)
+	REG_S	gp, SBI_TRAP_REGS_OFFSET(gp)(sp)
+	REG_S	tp, SBI_TRAP_REGS_OFFSET(tp)(sp)
+	REG_S	t1, SBI_TRAP_REGS_OFFSET(t1)(sp)
+	REG_S	t2, SBI_TRAP_REGS_OFFSET(t2)(sp)
+	REG_S	s0, SBI_TRAP_REGS_OFFSET(s0)(sp)
+	REG_S	s1, SBI_TRAP_REGS_OFFSET(s1)(sp)
+	REG_S	a1, SBI_TRAP_REGS_OFFSET(a1)(sp)
+	REG_S	a2, SBI_TRAP_REGS_OFFSET(a2)(sp)
+	REG_S	a3, SBI_TRAP_REGS_OFFSET(a3)(sp)
+	REG_S	a4, SBI_TRAP_REGS_OFFSET(a4)(sp)
+	REG_S	a5, SBI_TRAP_REGS_OFFSET(a5)(sp)
+	REG_S	a6, SBI_TRAP_REGS_OFFSET(a6)(sp)
+	REG_S	a7, SBI_TRAP_REGS_OFFSET(a7)(sp)
+	REG_S	s2, SBI_TRAP_REGS_OFFSET(s2)(sp)
+	REG_S	s3, SBI_TRAP_REGS_OFFSET(s3)(sp)
+	REG_S	s4, SBI_TRAP_REGS_OFFSET(s4)(sp)
+	REG_S	s5, SBI_TRAP_REGS_OFFSET(s5)(sp)
+	REG_S	s6, SBI_TRAP_REGS_OFFSET(s6)(sp)
+	REG_S	s7, SBI_TRAP_REGS_OFFSET(s7)(sp)
+	REG_S	s8, SBI_TRAP_REGS_OFFSET(s8)(sp)
+	REG_S	s9, SBI_TRAP_REGS_OFFSET(s9)(sp)
+	REG_S	s10, SBI_TRAP_REGS_OFFSET(s10)(sp)
+	REG_S	s11, SBI_TRAP_REGS_OFFSET(s11)(sp)
+	REG_S	t3, SBI_TRAP_REGS_OFFSET(t3)(sp)
+	REG_S	t4, SBI_TRAP_REGS_OFFSET(t4)(sp)
+	REG_S	t5, SBI_TRAP_REGS_OFFSET(t5)(sp)
+	REG_S	t6, SBI_TRAP_REGS_OFFSET(t6)(sp)
+	REG_L	sp, SBI_TRAP_REGS_OFFSET(sp)(sp)
+
+	/* Enter supervisor mode */
+	call	enter_teeos_start_point
+
+	.global teeos_entry_done
+	.type teeos_entry_done, @function
+teeos_entry_done:
+	li	sp, 0
+	addi	sp, a0, 0
+
+	/* Restore all general purpose registers except SP and T0*/
+	REG_L	ra, SBI_TRAP_REGS_OFFSET(ra)(sp)
+	REG_L	gp, SBI_TRAP_REGS_OFFSET(gp)(sp)
+	REG_L	tp, SBI_TRAP_REGS_OFFSET(tp)(sp)
+	REG_L	t1, SBI_TRAP_REGS_OFFSET(t1)(sp)
+	REG_L	t2, SBI_TRAP_REGS_OFFSET(t2)(sp)
+	REG_L	s0, SBI_TRAP_REGS_OFFSET(s0)(sp)
+	REG_L	s1, SBI_TRAP_REGS_OFFSET(s1)(sp)
+	REG_L	a0, SBI_TRAP_REGS_OFFSET(a0)(sp)
+	REG_L	a1, SBI_TRAP_REGS_OFFSET(a1)(sp)
+	REG_L	a2, SBI_TRAP_REGS_OFFSET(a2)(sp)
+	REG_L	a3, SBI_TRAP_REGS_OFFSET(a3)(sp)
+	REG_L	a4, SBI_TRAP_REGS_OFFSET(a4)(sp)
+	REG_L	a5, SBI_TRAP_REGS_OFFSET(a5)(sp)
+	REG_L	a6, SBI_TRAP_REGS_OFFSET(a6)(sp)
+	REG_L	a7, SBI_TRAP_REGS_OFFSET(a7)(sp)
+	REG_L	s2, SBI_TRAP_REGS_OFFSET(s2)(sp)
+	REG_L	s3, SBI_TRAP_REGS_OFFSET(s3)(sp)
+	REG_L	s4, SBI_TRAP_REGS_OFFSET(s4)(sp)
+	REG_L	s5, SBI_TRAP_REGS_OFFSET(s5)(sp)
+	REG_L	s6, SBI_TRAP_REGS_OFFSET(s6)(sp)
+	REG_L	s7, SBI_TRAP_REGS_OFFSET(s7)(sp)
+	REG_L	s8, SBI_TRAP_REGS_OFFSET(s8)(sp)
+	REG_L	s9, SBI_TRAP_REGS_OFFSET(s9)(sp)
+	REG_L	s10, SBI_TRAP_REGS_OFFSET(s10)(sp)
+	REG_L	s11, SBI_TRAP_REGS_OFFSET(s11)(sp)
+	REG_L	t3, SBI_TRAP_REGS_OFFSET(t3)(sp)
+	REG_L	t4, SBI_TRAP_REGS_OFFSET(t4)(sp)
+	REG_L	t5, SBI_TRAP_REGS_OFFSET(t5)(sp)
+	REG_L	t6, SBI_TRAP_REGS_OFFSET(t6)(sp)
+
+	/* Restore T0 */
+	REG_L	t0, SBI_TRAP_REGS_OFFSET(t0)(sp)
+
+	/* Restore SP */
+	REG_L	sp, SBI_TRAP_REGS_OFFSET(sp)(sp)
+	ret
+
+	.global restore_to_supervisor
+	.type restore_to_supervisor, @function
+restore_to_supervisor:
+	li	sp, 0
+	add	sp, a0, zero
+
+	/* Restore all general purpose registers except SP and T0*/
+	REG_L	zero, SBI_TRAP_REGS_OFFSET(zero)(sp)
+	REG_L	ra, SBI_TRAP_REGS_OFFSET(ra)(sp)
+	REG_L	gp, SBI_TRAP_REGS_OFFSET(gp)(sp)
+	REG_L	tp, SBI_TRAP_REGS_OFFSET(tp)(sp)
+	REG_L	t1, SBI_TRAP_REGS_OFFSET(t1)(sp)
+	REG_L	t2, SBI_TRAP_REGS_OFFSET(t2)(sp)
+	REG_L	s0, SBI_TRAP_REGS_OFFSET(s0)(sp)
+	REG_L	s1, SBI_TRAP_REGS_OFFSET(s1)(sp)
+	REG_L	a0, SBI_TRAP_REGS_OFFSET(a0)(sp)
+	REG_L	a1, SBI_TRAP_REGS_OFFSET(a1)(sp)
+	REG_L	a2, SBI_TRAP_REGS_OFFSET(a2)(sp)
+	REG_L	a3, SBI_TRAP_REGS_OFFSET(a3)(sp)
+	REG_L	a4, SBI_TRAP_REGS_OFFSET(a4)(sp)
+	REG_L	a5, SBI_TRAP_REGS_OFFSET(a5)(sp)
+	REG_L	a6, SBI_TRAP_REGS_OFFSET(a6)(sp)
+	REG_L	a7, SBI_TRAP_REGS_OFFSET(a7)(sp)
+	REG_L	s2, SBI_TRAP_REGS_OFFSET(s2)(sp)
+	REG_L	s3, SBI_TRAP_REGS_OFFSET(s3)(sp)
+	REG_L	s4, SBI_TRAP_REGS_OFFSET(s4)(sp)
+	REG_L	s5, SBI_TRAP_REGS_OFFSET(s5)(sp)
+	REG_L	s6, SBI_TRAP_REGS_OFFSET(s6)(sp)
+	REG_L	s7, SBI_TRAP_REGS_OFFSET(s7)(sp)
+	REG_L	s8, SBI_TRAP_REGS_OFFSET(s8)(sp)
+	REG_L	s9, SBI_TRAP_REGS_OFFSET(s9)(sp)
+	REG_L	s10, SBI_TRAP_REGS_OFFSET(s10)(sp)
+	REG_L	s11, SBI_TRAP_REGS_OFFSET(s11)(sp)
+	REG_L	t3, SBI_TRAP_REGS_OFFSET(t3)(sp)
+	REG_L	t4, SBI_TRAP_REGS_OFFSET(t4)(sp)
+	REG_L	t5, SBI_TRAP_REGS_OFFSET(t5)(sp)
+	REG_L	t6, SBI_TRAP_REGS_OFFSET(t6)(sp)
+
+	/* Restore Supervisor mode CSRs */
+	REG_L	t0, SBI_SAVE_CONTEXT_OFFSET(sepc)(sp)
+	csrw	CSR_SEPC, t0
+	REG_L	t0, SBI_SAVE_CONTEXT_OFFSET(satp)(sp)
+	csrw	CSR_SATP, t0
+	REG_L	t0, SBI_SAVE_CONTEXT_OFFSET(sstatus)(sp)
+	csrw	CSR_SSTATUS, t0
+	REG_L	t0, SBI_SAVE_CONTEXT_OFFSET(sie)(sp)
+	csrw	CSR_SIE, t0
+	REG_L	t0, SBI_SAVE_CONTEXT_OFFSET(stvec)(sp)
+	csrw	CSR_STVEC, t0
+	REG_L	t0, SBI_SAVE_CONTEXT_OFFSET(sscratch)(sp)
+	csrw	CSR_SSCRATCH, t0
+	REG_L	t0, SBI_SAVE_CONTEXT_OFFSET(scounteren)(sp)
+	csrw	CSR_SCOUNTEREN, t0
+	REG_L	t0, SBI_SAVE_CONTEXT_OFFSET(scause)(sp)
+	csrw	CSR_SCAUSE, t0
+	REG_L	t0, SBI_SAVE_CONTEXT_OFFSET(stval)(sp)
+	csrw	CSR_STVAL, t0
+	REG_L	t0, SBI_SAVE_CONTEXT_OFFSET(sip)(sp)
+	csrw	CSR_SIP, t0
+
+	/* Restore Machine mode CSRs */
+	REG_L	t0, SBI_TRAP_REGS_OFFSET(mepc)(sp)
+	csrw	CSR_MEPC, t0
+	REG_L	t0, SBI_TRAP_REGS_OFFSET(mstatus)(sp)
+	csrw	CSR_MSTATUS, t0
+
+	/* Restore T0 */
+	REG_L	t0, SBI_TRAP_REGS_OFFSET(t0)(sp)
+
+	/* Restore SP */
+	REG_L	sp, SBI_TRAP_REGS_OFFSET(sp)(sp)
+	mret
diff --git a/lib/utils/tee/tee_sm_dispatcher.c b/lib/utils/tee/tee_sm_dispatcher.c
new file mode 100644
index 0000000..74e55c5
--- /dev/null
+++ b/lib/utils/tee/tee_sm_dispatcher.c
@@ -0,0 +1,228 @@
+/*
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright  2023  Beijing ESWIN Computing Technology Co., Ltd.
+ *
+ * Authors:
+ *   Chen Chaokai <chenchaokai@eswincomputing.com>
+ *   Liu Shiwei <liushiwei@eswincomputing.com>
+ */
+
+#include <sbi/riscv_encoding.h>
+#include <sbi/sbi_error.h>
+#include <sbi/riscv_asm.h>
+#include <sbi/sbi_scratch.h>
+#include <sbi/sbi_platform.h>
+#include <sbi/sbi_trap.h>
+#include <sbi/sbi_console.h>
+#include <sbi/sbi_hart.h>
+#include <sbi/sbi_string.h>
+#include <sbi/sbi_types.h>
+#include <sbi_utils/tee/tee_context.h>
+#include <sbi_utils/tee/teeecall_opteed.h>
+#include <sbi_utils/tee/tee_sm_dispatcher.h>
+
+optee_vectors_t *optee_vector_table;
+struct sbi_save_context nsec_cpu_context[OPTEED_CORE_COUNT];
+struct sbi_save_context sec_cpu_context[OPTEED_CORE_COUNT];
+struct sbi_trap_regs cpu_start_context[OPTEED_CORE_COUNT];
+ulong mscratch[OPTEED_CORE_COUNT];
+typedef ulong tee_tmp_trap_stack[1024];
+static tee_tmp_trap_stack tmp_stack[OPTEED_CORE_COUNT];
+
+static ulong get_save_context_addr(uint32_t direction)
+{
+	ulong addr = 0;
+	ulong hartid = current_hartid();
+	switch (direction) {
+	case TEE_SECURE_FLAG:
+		addr = (ulong)&sec_cpu_context[hartid];
+		break;
+	case TEE_NON_SECURE_FLAG:
+		addr = (ulong)&nsec_cpu_context[hartid];
+		break;
+	default:
+		sbi_printf("wrong state\n");
+		while(1)
+			wfi();
+	}
+
+	return addr;
+}
+
+static ulong save_context(const struct sbi_trap_regs *regs)
+{
+	ulong addr = 0;
+	struct sbi_save_context *context = NULL;
+
+	addr = get_save_context_addr(regs->a5);
+	context = (struct sbi_save_context *)addr;
+	if (context != NULL) {
+		sbi_memset(context, 0, sizeof(struct sbi_save_context));
+		sbi_memcpy(context, regs, sizeof(struct sbi_trap_regs));
+	} else {
+		return SBI_EINVAL;
+	}
+
+	context->sepc = csr_read(CSR_SEPC);
+	context->satp = csr_read(CSR_SATP);
+	context->sstatus = csr_read(CSR_SSTATUS);
+	context->sie = csr_read(CSR_SIE);
+	context->stvec = csr_read(CSR_STVEC);
+	context->sscratch = csr_read(CSR_SSCRATCH);
+	context->scounteren = csr_read(CSR_SCOUNTEREN);
+	context->scause = csr_read(CSR_SCAUSE);
+	context->stval = csr_read(CSR_STVAL);
+	context->sip = csr_read(CSR_SIP);
+
+	return SBI_OK;
+}
+
+static void restore_context(ulong ctx_addr)
+{
+	restore_to_supervisor(ctx_addr);
+}
+
+void enter_teeos_start_point(void)
+{
+	uint32_t hartid = current_hartid();
+	mscratch[hartid] = csr_read(CSR_MSCRATCH);
+	csr_write(CSR_MSCRATCH,&tmp_stack[hartid + 1]);
+	sbi_hart_switch_mode(hartid, 0, TEE_ENTRY_ADDR, PRV_S, false);
+}
+
+static void teeos_back(void)
+{
+	uint32_t hartid = current_hartid();
+	struct sbi_trap_regs *optee_ctx = &cpu_start_context[hartid];
+	csr_write(CSR_MSCRATCH,mscratch[hartid]);
+
+	teeos_entry_done((ulong)optee_ctx);
+
+	sbi_printf("Error, should never reach here\n");
+}
+
+static ulong prepare_tee_ctx(ulong funcid, ulong *args, ulong *ctx_addr)
+{
+	uint32_t hartid = current_hartid();
+	struct sbi_trap_regs *tee_regs = (struct sbi_trap_regs *)&sec_cpu_context[hartid];
+	tee_regs->mstatus |= MSTATUS_SUM;
+	struct sbi_save_context *context = (struct sbi_save_context *)tee_regs;
+	context->sstatus |= MSTATUS_SUM;
+	ulong func_type = GET_ECALL_TYPE(funcid);
+
+	if (func_type == ECALL_TYPE_FAST) {
+		tee_regs->mepc = (ulong)&optee_vector_table->fast_smc_entry;
+		tee_regs->a0 = funcid;
+		tee_regs->a1 = args[1];
+		tee_regs->a2 = args[2];
+		tee_regs->a3 = args[3];
+		tee_regs->a4 = args[4];
+		tee_regs->a5 = args[5];
+	} else if (func_type == ECALL_TYPE_YEILD) {
+		tee_regs->mepc = (ulong)&optee_vector_table->yield_smc_entry;
+		tee_regs->a0 = funcid;
+		tee_regs->a1 = args[1];
+		tee_regs->a2 = args[2];
+		tee_regs->a3 = args[3];
+		tee_regs->a4 = args[4];
+		tee_regs->a5 = args[0];
+	} else
+		return SBI_EFAIL;
+
+	*ctx_addr = (ulong)tee_regs;
+	return SBI_OK;
+}
+
+static ulong prepare_ree_ctx(ulong *args, ulong *ctx_addr)
+{
+	struct sbi_save_context *ns_regs = NULL;
+	uint32_t hartid = current_hartid();
+
+	ns_regs = &nsec_cpu_context[hartid];
+	ns_regs->regs.a0 = args[0];
+	ns_regs->regs.a1 = args[1];
+	ns_regs->regs.a2 = args[2];
+	ns_regs->regs.a3 = args[3];
+	ns_regs->regs.a4 = args[4];
+	ns_regs->regs.a5 = args[5];
+	ns_regs->regs.mepc += 4;
+	*ctx_addr = (ulong)ns_regs;
+
+	return SBI_OK;
+}
+
+void tee_os_init(void)
+{
+	uint32_t hartid = current_hartid();
+	struct sbi_trap_regs *optee_cpu_ctx = &cpu_start_context[hartid];
+
+	sbi_memset(optee_cpu_ctx, 0, sizeof(struct sbi_save_context));
+	entry_teeos((ulong )optee_cpu_ctx);
+}
+
+int sbi_ecall_tee_handler(ulong extid, ulong funcid,
+			  const struct sbi_trap_regs *regs,
+			  ulong *out_val,
+			  struct sbi_trap_info *out_trap)
+{
+	ulong ret;
+	int tee_func_id = funcid;
+	ulong ctx_addr = 0;
+	ulong args[8] = {0};
+	ulong secure_state = 0;
+	args[0] = regs->a0;
+	args[1] = regs->a1;
+	args[2] = regs->a2;
+	args[3] = regs->a3;
+	args[4] = regs->a4;
+	args[5] = regs->a5;
+	args[6] = regs->a6;
+	args[7] = regs->a7;
+	secure_state = args[5];
+
+	ret = save_context(regs);
+	if (ret != SBI_OK) {
+		sbi_printf("save exception context failed\n");
+		return ret;
+	}
+
+	if (secure_state == TEE_NON_SECURE_FLAG) {
+		ret = prepare_tee_ctx(funcid, args, &ctx_addr);
+		if ( ret != SBI_OK) {
+			sbi_printf("Set optee context failed\n");
+			return ret;
+		}
+		restore_context(ctx_addr);
+	} else if (secure_state == TEE_SECURE_FLAG) {
+		switch (tee_func_id) {
+		case TEEECALL_OPTEED_RETURN_ENTRY_DONE:
+		/* Stash the OPTEE entry point information. */
+			optee_vector_table = (optee_vectors_t *)args[1];
+			if (!args[1] || (args[1] & 3)) {
+				sbi_printf("Get TEE vector table failed.\n");
+				while(1);
+					wfi();
+			}
+			teeos_back();
+			break;
+		case TEEECALL_OPTEED_RETURN_CALL_DONE:
+			ret = prepare_ree_ctx(args, &ctx_addr);
+			if (ret != SBI_OK) {
+				sbi_printf("Set ree context failed\n");
+				return ret;
+			}
+			restore_context(ctx_addr);
+			break;
+		default:
+			sbi_printf("Wrong TEE funcid, funcid = %lx\n", funcid);
+			return SBI_EILL;
+		}
+
+	} else {
+		sbi_printf("Wrong secure state!\n");
+		return SBI_EILL;
+	}
+
+	return SBI_OK;
+}
-- 
2.17.1

[PATCH 1/1] Add RISC-V TEE support

[liushiwei]

RISC-V Trusted Executable Environment security software includes
linux, opensbi, and OP-TEE OS. linux is the non-secure domain,
and OP-TEE OS is the secure domain. At boot time, opensbi boots
OP-TEE OS and then starts linux. At runtime, opensbi acts as a
secure monitor, responsible for context saving and restoring
when switching between linux and OP-TEE OS.
TEE function is off by default, when using configuration is
added in the config and objects file, such as
platform/generic/configs/defconfig add CONFIG_SBI_ECALL_TEE = y,
In the platform/generic/objects.mk add CONFIG_TEE_LOAD_ADDR =
0x27c000000, CONFIG_TEE_LOAD_ADDR is the starting address
of the OP-TEE OS.

Signed-off-by: liushiwei <liushiwei@eswincomputing.com>
---
 include/sbi/sbi_ecall_interface.h         |   3 +
 include/sbi_utils/tee/tee_context.h       | 104 ++++++++++
 include/sbi_utils/tee/tee_sm_dispatcher.h |  44 +++++
 include/sbi_utils/tee/teeecall_opteed.h   | 145 ++++++++++++++
 lib/sbi/Kconfig                           |   4 +
 lib/sbi/objects.mk                        |   3 +
 lib/sbi/sbi_ecall_tee.c                   |  19 ++
 lib/sbi/sbi_init.c                        |   5 +
 lib/utils/tee/objects.mk                  |  16 ++
 lib/utils/tee/tee_context.S               | 189 ++++++++++++++++++
 lib/utils/tee/tee_sm_dispatcher.c         | 228 ++++++++++++++++++++++
 11 files changed, 760 insertions(+)
 create mode 100644 include/sbi_utils/tee/tee_context.h
 create mode 100644 include/sbi_utils/tee/tee_sm_dispatcher.h
 create mode 100644 include/sbi_utils/tee/teeecall_opteed.h
 create mode 100644 lib/sbi/sbi_ecall_tee.c
 create mode 100644 lib/utils/tee/objects.mk
 create mode 100644 lib/utils/tee/tee_context.S
 create mode 100644 lib/utils/tee/tee_sm_dispatcher.c

diff --git a/include/sbi/sbi_ecall_interface.h b/include/sbi/sbi_ecall_interface.h
index a3f2bf4..5ed5bd5 100644
--- a/include/sbi/sbi_ecall_interface.h
+++ b/include/sbi/sbi_ecall_interface.h
@@ -238,6 +238,9 @@ enum sbi_pmu_ctr_type {
 #define SBI_EXT_VENDOR_END			0x09FFFFFF
 #define SBI_EXT_FIRMWARE_START			0x0A000000
 #define SBI_EXT_FIRMWARE_END			0x0AFFFFFF
+#define SBI_EXT_TEE_START			0x0A000000
+#define SBI_EXT_TEE_END				0x0AFFFFFF
+#define SBI_EXT_TEE				0xFFFFEEEE
 
 /* SBI return error codes */
 #define SBI_SUCCESS				0
diff --git a/include/sbi_utils/tee/tee_context.h b/include/sbi_utils/tee/tee_context.h
new file mode 100644
index 0000000..467ff00
--- /dev/null
+++ b/include/sbi_utils/tee/tee_context.h
@@ -0,0 +1,104 @@
+/*
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright  2023  Beijing ESWIN Computing Technology Co., Ltd.
+ *
+ * Authors:
+ *   Chen Chaokai <chenchaokai@eswincomputing.com>
+ *   Liu Shiwei <liushiwei@eswincomputing.com>
+ */
+
+#ifndef __TEE_CONTEXT_H__
+#define __TEE_CONTEXT_H__
+
+#define TEE_SECURE_FLAG					(0xFFFF0000)
+#define TEE_NON_SECURE_FLAG				(0xFFFFFFFF)
+
+#define TEE_HART_COUNT					(0x8)
+#define OPTEED_CORE_COUNT				TEE_HART_COUNT
+
+#define ECALL_TEE_SHIFT					(0x10)
+#define MCAUSE_INTR					(1)
+
+/* The secure and non-secure contexts size are used to
+ * store the regisers respectively.
+ * The macros defined below are used to setup the spaces
+ * for secure and non-secure contexts.
+ * */
+
+#define SBI_SAVE_CONTEXT_sepc				35
+#define SBI_SAVE_CONTEXT_satp				36
+#define SBI_SAVE_CONTEXT_sstatus			37
+#define SBI_SAVE_CONTEXT_sie				38
+#define SBI_SAVE_CONTEXT_stvec				39
+#define SBI_SAVE_CONTEXT_sscratch			40
+#define SBI_SAVE_CONTEXT_scounteren			41
+#define SBI_SAVE_CONTEXT_scause				42
+#define SBI_SAVE_CONTEXT_stval				43
+#define SBI_SAVE_CONTEXT_sip				44
+#define SBI_SAVE_CONTEXT_last				45
+
+/** Get offset of member with name 'x' in sbi_save_context */
+#define SBI_SAVE_CONTEXT_OFFSET(x) ((SBI_SAVE_CONTEXT_##x) * __SIZEOF_POINTER__)
+/** Size (in bytes) of sbi_trap_regs */
+#define SBI_SAVE_CONTEXT_SIZE SBI_SAVE_CONTEXT_OFFSET(last)
+
+#ifndef __ASSEMBLER__
+#include <sbi/sbi_types.h>
+
+typedef uint32_t optee_vector_isn_t;
+
+typedef struct optee_vectors {
+	optee_vector_isn_t yield_smc_entry;
+	optee_vector_isn_t fast_smc_entry;
+	optee_vector_isn_t cpu_on_entry;
+	optee_vector_isn_t cpu_off_entry;
+	optee_vector_isn_t cpu_resume_entry;
+	optee_vector_isn_t cpu_suspend_entry;
+	optee_vector_isn_t fiq_entry;
+	optee_vector_isn_t system_off_entry;
+	optee_vector_isn_t system_reset_entry;
+} optee_vectors_t;
+
+struct sbi_save_context {
+	struct sbi_trap_regs regs;
+	unsigned long sepc;
+	unsigned long satp;
+	unsigned long sstatus;
+	unsigned long sie;
+	unsigned long stvec;
+	unsigned long sscratch;
+	unsigned long scounteren;
+	unsigned long scause;
+	unsigned long stval;
+	unsigned long sip;
+};
+
+/**
+ * Save opensbi context and enter into TEE OS
+ *
+ * @param cpu_ctx_addr Address of struct sbi_save_context to save context.
+ *
+ * @return Return 0 on success and negative value on failure
+ */
+int entry_teeos(unsigned long cpu_ctx_addr);
+
+/**
+ * Restore openSBI context and continue running openSBI
+ *
+ * @param cpu_ctx_addr Address of struct sbi_trap_regs to restore context.
+ * @param ret Return value coming from TEE OS.
+ *
+ */
+void teeos_entry_done(unsigned long cpu_ctx_addr);
+
+/**
+ * Load supervisor context and return to supervisor mode
+ *
+ * @param ctx_addr Address of struct sbi_trap_regs to restore context.
+ *
+ */
+void restore_to_supervisor(unsigned long ctx_addr);
+
+#endif /* __ASSEMBLER__ */
+#endif /* __TEE_CONTEXT_H__ */
diff --git a/include/sbi_utils/tee/tee_sm_dispatcher.h b/include/sbi_utils/tee/tee_sm_dispatcher.h
new file mode 100644
index 0000000..1c971a4
--- /dev/null
+++ b/include/sbi_utils/tee/tee_sm_dispatcher.h
@@ -0,0 +1,44 @@
+/*
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright  2023  Beijing ESWIN Computing Technology Co., Ltd.
+ *
+ * Authors:
+ *   Chen Chaokai <chenchaokai@eswincomputing.com>
+ *   Liu Shiwei <liushiwei@eswincomputing.com>
+ */
+
+#ifndef __TEE_SM_DISPATCHER_H__
+#define __TEE_SM_DISPATCHER_H__
+
+#define TEE_ENTRY_ADDR      TEE_LOAD_ADDR
+
+#ifndef __ASSEMBLER__
+#include <sbi/sbi_types.h>
+
+/**
+ * Initialize tee os
+ *
+ * @return Return 0 on success and negative value on failure
+ */
+void tee_os_init(void);
+
+/**
+ * TEE dispatcher handler which interact bewteen REE and TEE
+ *
+ * @param extid is SBI_EXT_TEE
+ * @param funcid Function id for this ecall trap.
+ * @param args Parameter passed from supervisor mode
+ * @param out_value Output value
+ * @param out_trap Trap detail
+ *
+ * @return Return 0 on success and negative value on failure
+ */
+
+int sbi_ecall_tee_handler(ulong extid, ulong funcid,
+			  const struct sbi_trap_regs *regs,
+			  ulong *out_val,
+			  struct sbi_trap_info *out_trap);
+
+#endif /* __ASSEMBLER__ */
+#endif /* __TEE_SM_DISPATCHER_H__ */
diff --git a/include/sbi_utils/tee/teeecall_opteed.h b/include/sbi_utils/tee/teeecall_opteed.h
new file mode 100644
index 0000000..e953a36
--- /dev/null
+++ b/include/sbi_utils/tee/teeecall_opteed.h
@@ -0,0 +1,145 @@
+/*
+ * Copyright (c) 2014, ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+/* Copyright (c) 2014, Linaro Limited. All rights reserved. */
+
+#ifndef __TEEECALL_OPTEED_H__
+#define __TEEECALL_OPTEED_H__
+
+#define ECALL_TYPE_FAST     (1)
+#define ECALL_TYPE_YEILD    (0)
+
+#define FUNCID_TYPE_SHIFT   (31)
+#define FUNCID_TYPE_MASK    (0x1)
+#define ECALL_32            (0)
+#define FUNCID_CC_SHIFT     (30)
+#define FUNCID_OEN_SHIFT    (24)
+
+#define FUNCID_NUM_MASK      (0xffff)
+
+#define GET_ECALL_TYPE(id)        (((id) >> FUNCID_TYPE_SHIFT) & \
+                     FUNCID_TYPE_MASK)
+
+
+#define TEEECALL_OPTEED_RV(func_num) \
+        ((ECALL_TYPE_FAST << FUNCID_TYPE_SHIFT) | \
+         ((ECALL_32) << FUNCID_CC_SHIFT) | \
+         (62 << FUNCID_OEN_SHIFT) | \
+         ((func_num) & FUNCID_NUM_MASK))
+
+
+/*
+ * This file specify SMC function IDs used when returning from TEE to the
+ * secure monitor.
+ *
+ * All SMC Function IDs indicates SMC32 Calling Convention but will carry
+ * full 64 bit values in the argument registers if invoked from Aarch64
+ * mode. This violates the SMC Calling Convention, but since this
+ * convention only coveres API towards Normwal World it's something that
+ * only concerns the OP-TEE Dispatcher in ARM Trusted Firmware and OP-TEE
+ * OS at Secure EL1.
+ */
+
+/*
+ * Issued when returning from initial entry.
+ *
+ * Register usage:
+ * r0/x0	SMC Function ID, TEEECALL_OPTEED_RETURN_ENTRY_DONE
+ * r1/x1	Pointer to entry vector
+ */
+#define TEEECALL_OPTEED_FUNCID_RETURN_ENTRY_DONE		0
+#define TEEECALL_OPTEED_RETURN_ENTRY_DONE \
+	TEEECALL_OPTEED_RV(TEEECALL_OPTEED_FUNCID_RETURN_ENTRY_DONE)
+
+
+
+/*
+ * Issued when returning from "cpu_on" vector
+ *
+ * Register usage:
+ * r0/x0	SMC Function ID, TEEECALL_OPTEED_RETURN_ON_DONE
+ * r1/x1	0 on success and anything else to indicate error condition
+ */
+#define TEEECALL_OPTEED_FUNCID_RETURN_ON_DONE		1
+#define TEEECALL_OPTEED_RETURN_ON_DONE \
+	TEEECALL_OPTEED_RV(TEEECALL_OPTEED_FUNCID_RETURN_ON_DONE)
+
+/*
+ * Issued when returning from "cpu_off" vector
+ *
+ * Register usage:
+ * r0/x0	SMC Function ID, TEEECALL_OPTEED_RETURN_OFF_DONE
+ * r1/x1	0 on success and anything else to indicate error condition
+ */
+#define TEEECALL_OPTEED_FUNCID_RETURN_OFF_DONE		2
+#define TEEECALL_OPTEED_RETURN_OFF_DONE \
+	TEEECALL_OPTEED_RV(TEEECALL_OPTEED_FUNCID_RETURN_OFF_DONE)
+
+/*
+ * Issued when returning from "cpu_suspend" vector
+ *
+ * Register usage:
+ * r0/x0	SMC Function ID, TEEECALL_OPTEED_RETURN_SUSPEND_DONE
+ * r1/x1	0 on success and anything else to indicate error condition
+ */
+#define TEEECALL_OPTEED_FUNCID_RETURN_SUSPEND_DONE	3
+#define TEEECALL_OPTEED_RETURN_SUSPEND_DONE \
+	TEEECALL_OPTEED_RV(TEEECALL_OPTEED_FUNCID_RETURN_SUSPEND_DONE)
+
+/*
+ * Issued when returning from "cpu_resume" vector
+ *
+ * Register usage:
+ * r0/x0	SMC Function ID, TEEECALL_OPTEED_RETURN_RESUME_DONE
+ * r1/x1	0 on success and anything else to indicate error condition
+ */
+#define TEEECALL_OPTEED_FUNCID_RETURN_RESUME_DONE		4
+#define TEEECALL_OPTEED_RETURN_RESUME_DONE \
+	TEEECALL_OPTEED_RV(TEEECALL_OPTEED_FUNCID_RETURN_RESUME_DONE)
+
+/*
+ * Issued when returning from "std_smc" or "fast_smc" vector
+ *
+ * Register usage:
+ * r0/x0	SMC Function ID, TEEECALL_OPTEED_RETURN_CALL_DONE
+ * r1-4/x1-4	Return value 0-3 which will passed to normal world in
+ *		r0-3/x0-3
+ */
+#define TEEECALL_OPTEED_FUNCID_RETURN_CALL_DONE		5
+#define TEEECALL_OPTEED_RETURN_CALL_DONE \
+	TEEECALL_OPTEED_RV(TEEECALL_OPTEED_FUNCID_RETURN_CALL_DONE)
+
+/*
+ * Issued when returning from "fiq" vector
+ *
+ * Register usage:
+ * r0/x0	SMC Function ID, TEEECALL_OPTEED_RETURN_FIQ_DONE
+ */
+#define TEEECALL_OPTEED_FUNCID_RETURN_FIQ_DONE		6
+#define TEEECALL_OPTEED_RETURN_FIQ_DONE \
+	TEEECALL_OPTEED_RV(TEEECALL_OPTEED_FUNCID_RETURN_FIQ_DONE)
+
+/*
+ * Issued when returning from "system_off" vector
+ *
+ * Register usage:
+ * r0/x0	SMC Function ID, TEEECALL_OPTEED_RETURN_SYSTEM_OFF_DONE
+ */
+#define TEEECALL_OPTEED_FUNCID_RETURN_SYSTEM_OFF_DONE	7
+#define TEEECALL_OPTEED_RETURN_SYSTEM_OFF_DONE \
+	TEEECALL_OPTEED_RV(TEEECALL_OPTEED_FUNCID_RETURN_SYSTEM_OFF_DONE)
+
+/*
+ * Issued when returning from "system_reset" vector
+ *
+ * Register usage:
+ * r0/x0	SMC Function ID, TEEECALL_OPTEED_RETURN_SYSTEM_RESET_DONE
+ */
+#define TEEECALL_OPTEED_FUNCID_RETURN_SYSTEM_RESET_DONE	8
+#define TEEECALL_OPTEED_RETURN_SYSTEM_RESET_DONE \
+	TEEECALL_OPTEED_RV(TEEECALL_OPTEED_FUNCID_RETURN_SYSTEM_RESET_DONE)
+
+#endif /* __TEEECALL_OPTEED_H__ */
diff --git a/lib/sbi/Kconfig b/lib/sbi/Kconfig
index df74bba..7cfc8c3 100644
--- a/lib/sbi/Kconfig
+++ b/lib/sbi/Kconfig
@@ -34,4 +34,8 @@ config SBI_ECALL_VENDOR
 	bool "Platform-defined vendor extensions"
 	default y
 
+config SBI_ECALL_TEE
+	bool "trusted execution environment"
+	default n
+
 endmenu
diff --git a/lib/sbi/objects.mk b/lib/sbi/objects.mk
index c774ebb..ea79924 100644
--- a/lib/sbi/objects.mk
+++ b/lib/sbi/objects.mk
@@ -43,6 +43,9 @@ libsbi-objs-$(CONFIG_SBI_ECALL_LEGACY) += sbi_ecall_legacy.o
 carray-sbi_ecall_exts-$(CONFIG_SBI_ECALL_VENDOR) += ecall_vendor
 libsbi-objs-$(CONFIG_SBI_ECALL_VENDOR) += sbi_ecall_vendor.o
 
+carray-sbi_ecall_exts-$(CONFIG_SBI_ECALL_TEE) += ecall_tee
+libsbi-objs-$(CONFIG_SBI_ECALL_TEE) += sbi_ecall_tee.o
+
 libsbi-objs-y += sbi_bitmap.o
 libsbi-objs-y += sbi_bitops.o
 libsbi-objs-y += sbi_console.o
diff --git a/lib/sbi/sbi_ecall_tee.c b/lib/sbi/sbi_ecall_tee.c
new file mode 100644
index 0000000..86deea3
--- /dev/null
+++ b/lib/sbi/sbi_ecall_tee.c
@@ -0,0 +1,19 @@
+/*
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright  2023  Beijing ESWIN Computing Technology Co., Ltd.
+ *
+ * Authors:
+ *   Chen Chaokai <chenchaokai@eswincomputing.com>
+ *   Liu Shiwei <liushiwei@eswincomputing.com>
+ */
+
+#include <sbi/sbi_ecall.h>
+#include <sbi/sbi_ecall_interface.h>
+#include <sbi_utils/tee/tee_sm_dispatcher.h>
+
+struct sbi_ecall_extension ecall_tee = {
+	.extid_start = SBI_EXT_TEE,
+	.extid_end = SBI_EXT_TEE,
+	.handle = sbi_ecall_tee_handler,
+};
diff --git a/lib/sbi/sbi_init.c b/lib/sbi/sbi_init.c
index 259a191..1158949 100644
--- a/lib/sbi/sbi_init.c
+++ b/lib/sbi/sbi_init.c
@@ -26,6 +26,7 @@
 #include <sbi/sbi_timer.h>
 #include <sbi/sbi_tlb.h>
 #include <sbi/sbi_version.h>
+#include <sbi_utils/tee/tee_sm_dispatcher.h>
 
 #define BANNER                                              \
 	"   ____                    _____ ____ _____\n"     \
@@ -350,6 +351,10 @@ static void __noreturn init_coldboot(struct sbi_scratch *scratch, u32 hartid)
 	init_count = sbi_scratch_offset_ptr(scratch, init_count_offset);
 	(*init_count)++;
 
+#ifdef CONFIG_SBI_ECALL_TEE
+	tee_os_init();
+#endif
+
 	sbi_hsm_prepare_next_jump(scratch, hartid);
 	sbi_hart_switch_mode(hartid, scratch->next_arg1, scratch->next_addr,
 			     scratch->next_mode, false);
diff --git a/lib/utils/tee/objects.mk b/lib/utils/tee/objects.mk
new file mode 100644
index 0000000..5bf81f7
--- /dev/null
+++ b/lib/utils/tee/objects.mk
@@ -0,0 +1,16 @@
+#
+# SPDX-License-Identifier: BSD-2-Clause
+#
+# Copyright  2023  Beijing ESWIN Computing Technology Co., Ltd.
+#
+# Authors:
+#   Chen Chaokai <chenchaokai@eswincomputing.com>
+#   Liu Shiwei <liushiwei@eswincomputing.com>
+#
+
+ifdef CONFIG_TEE_LOAD_ADDR
+firmware-cflags-y += -DTEE_LOAD_ADDR=$(CONFIG_TEE_LOAD_ADDR)
+endif
+
+libsbiutils-objs-$(CONFIG_SBI_ECALL_TEE) += tee/tee_context.o
+libsbiutils-objs-$(CONFIG_SBI_ECALL_TEE) += tee/tee_sm_dispatcher.o
diff --git a/lib/utils/tee/tee_context.S b/lib/utils/tee/tee_context.S
new file mode 100644
index 0000000..90b1013
--- /dev/null
+++ b/lib/utils/tee/tee_context.S
@@ -0,0 +1,189 @@
+/*
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright  2023  Beijing ESWIN Computing Technology Co., Ltd.
+ *
+ * Authors:
+ *   Chen Chaokai <chenchaokai@eswincomputing.com>
+ *   Liu Shiwei <liushiwei@eswincomputing.com>
+ */
+
+#include <sbi/riscv_asm.h>
+#include <sbi/riscv_encoding.h>
+#include <sbi/sbi_platform.h>
+#include <sbi/sbi_scratch.h>
+#include <sbi/sbi_trap.h>
+#include <sbi_utils/tee/tee_context.h>
+
+	.global entry_teeos
+	.type entry_teeos, @function
+entry_teeos:
+	/* Save t0 into scratch temporarily */
+	csrrw	tp, CSR_MSCRATCH, tp
+	REG_S	t0, SBI_SCRATCH_TMP0_OFFSET(tp)
+
+	li	t0, 0
+	addi	t0, sp, 0
+
+	/* Set new SP */
+	li	sp, 0
+	addi	sp, a0, 0
+
+	/* Save original SP and t0 */
+	REG_S	t0, SBI_TRAP_REGS_OFFSET(sp)(sp)
+	REG_L	t0, SBI_SCRATCH_TMP0_OFFSET(tp)
+	REG_S	t0, SBI_TRAP_REGS_OFFSET(t0)(sp)
+
+	csrrw	tp, CSR_MSCRATCH, tp
+
+	/* Save all general registers except SP and T0*/
+	REG_S	ra, SBI_TRAP_REGS_OFFSET(ra)(sp)
+	REG_S	a0, SBI_TRAP_REGS_OFFSET(a0)(sp)
+	REG_S	gp, SBI_TRAP_REGS_OFFSET(gp)(sp)
+	REG_S	tp, SBI_TRAP_REGS_OFFSET(tp)(sp)
+	REG_S	t1, SBI_TRAP_REGS_OFFSET(t1)(sp)
+	REG_S	t2, SBI_TRAP_REGS_OFFSET(t2)(sp)
+	REG_S	s0, SBI_TRAP_REGS_OFFSET(s0)(sp)
+	REG_S	s1, SBI_TRAP_REGS_OFFSET(s1)(sp)
+	REG_S	a1, SBI_TRAP_REGS_OFFSET(a1)(sp)
+	REG_S	a2, SBI_TRAP_REGS_OFFSET(a2)(sp)
+	REG_S	a3, SBI_TRAP_REGS_OFFSET(a3)(sp)
+	REG_S	a4, SBI_TRAP_REGS_OFFSET(a4)(sp)
+	REG_S	a5, SBI_TRAP_REGS_OFFSET(a5)(sp)
+	REG_S	a6, SBI_TRAP_REGS_OFFSET(a6)(sp)
+	REG_S	a7, SBI_TRAP_REGS_OFFSET(a7)(sp)
+	REG_S	s2, SBI_TRAP_REGS_OFFSET(s2)(sp)
+	REG_S	s3, SBI_TRAP_REGS_OFFSET(s3)(sp)
+	REG_S	s4, SBI_TRAP_REGS_OFFSET(s4)(sp)
+	REG_S	s5, SBI_TRAP_REGS_OFFSET(s5)(sp)
+	REG_S	s6, SBI_TRAP_REGS_OFFSET(s6)(sp)
+	REG_S	s7, SBI_TRAP_REGS_OFFSET(s7)(sp)
+	REG_S	s8, SBI_TRAP_REGS_OFFSET(s8)(sp)
+	REG_S	s9, SBI_TRAP_REGS_OFFSET(s9)(sp)
+	REG_S	s10, SBI_TRAP_REGS_OFFSET(s10)(sp)
+	REG_S	s11, SBI_TRAP_REGS_OFFSET(s11)(sp)
+	REG_S	t3, SBI_TRAP_REGS_OFFSET(t3)(sp)
+	REG_S	t4, SBI_TRAP_REGS_OFFSET(t4)(sp)
+	REG_S	t5, SBI_TRAP_REGS_OFFSET(t5)(sp)
+	REG_S	t6, SBI_TRAP_REGS_OFFSET(t6)(sp)
+	REG_L	sp, SBI_TRAP_REGS_OFFSET(sp)(sp)
+
+	/* Enter supervisor mode */
+	call	enter_teeos_start_point
+
+	.global teeos_entry_done
+	.type teeos_entry_done, @function
+teeos_entry_done:
+	li	sp, 0
+	addi	sp, a0, 0
+
+	/* Restore all general purpose registers except SP and T0*/
+	REG_L	ra, SBI_TRAP_REGS_OFFSET(ra)(sp)
+	REG_L	gp, SBI_TRAP_REGS_OFFSET(gp)(sp)
+	REG_L	tp, SBI_TRAP_REGS_OFFSET(tp)(sp)
+	REG_L	t1, SBI_TRAP_REGS_OFFSET(t1)(sp)
+	REG_L	t2, SBI_TRAP_REGS_OFFSET(t2)(sp)
+	REG_L	s0, SBI_TRAP_REGS_OFFSET(s0)(sp)
+	REG_L	s1, SBI_TRAP_REGS_OFFSET(s1)(sp)
+	REG_L	a0, SBI_TRAP_REGS_OFFSET(a0)(sp)
+	REG_L	a1, SBI_TRAP_REGS_OFFSET(a1)(sp)
+	REG_L	a2, SBI_TRAP_REGS_OFFSET(a2)(sp)
+	REG_L	a3, SBI_TRAP_REGS_OFFSET(a3)(sp)
+	REG_L	a4, SBI_TRAP_REGS_OFFSET(a4)(sp)
+	REG_L	a5, SBI_TRAP_REGS_OFFSET(a5)(sp)
+	REG_L	a6, SBI_TRAP_REGS_OFFSET(a6)(sp)
+	REG_L	a7, SBI_TRAP_REGS_OFFSET(a7)(sp)
+	REG_L	s2, SBI_TRAP_REGS_OFFSET(s2)(sp)
+	REG_L	s3, SBI_TRAP_REGS_OFFSET(s3)(sp)
+	REG_L	s4, SBI_TRAP_REGS_OFFSET(s4)(sp)
+	REG_L	s5, SBI_TRAP_REGS_OFFSET(s5)(sp)
+	REG_L	s6, SBI_TRAP_REGS_OFFSET(s6)(sp)
+	REG_L	s7, SBI_TRAP_REGS_OFFSET(s7)(sp)
+	REG_L	s8, SBI_TRAP_REGS_OFFSET(s8)(sp)
+	REG_L	s9, SBI_TRAP_REGS_OFFSET(s9)(sp)
+	REG_L	s10, SBI_TRAP_REGS_OFFSET(s10)(sp)
+	REG_L	s11, SBI_TRAP_REGS_OFFSET(s11)(sp)
+	REG_L	t3, SBI_TRAP_REGS_OFFSET(t3)(sp)
+	REG_L	t4, SBI_TRAP_REGS_OFFSET(t4)(sp)
+	REG_L	t5, SBI_TRAP_REGS_OFFSET(t5)(sp)
+	REG_L	t6, SBI_TRAP_REGS_OFFSET(t6)(sp)
+
+	/* Restore T0 */
+	REG_L	t0, SBI_TRAP_REGS_OFFSET(t0)(sp)
+
+	/* Restore SP */
+	REG_L	sp, SBI_TRAP_REGS_OFFSET(sp)(sp)
+	ret
+
+	.global restore_to_supervisor
+	.type restore_to_supervisor, @function
+restore_to_supervisor:
+	li	sp, 0
+	add	sp, a0, zero
+
+	/* Restore all general purpose registers except SP and T0*/
+	REG_L	zero, SBI_TRAP_REGS_OFFSET(zero)(sp)
+	REG_L	ra, SBI_TRAP_REGS_OFFSET(ra)(sp)
+	REG_L	gp, SBI_TRAP_REGS_OFFSET(gp)(sp)
+	REG_L	tp, SBI_TRAP_REGS_OFFSET(tp)(sp)
+	REG_L	t1, SBI_TRAP_REGS_OFFSET(t1)(sp)
+	REG_L	t2, SBI_TRAP_REGS_OFFSET(t2)(sp)
+	REG_L	s0, SBI_TRAP_REGS_OFFSET(s0)(sp)
+	REG_L	s1, SBI_TRAP_REGS_OFFSET(s1)(sp)
+	REG_L	a0, SBI_TRAP_REGS_OFFSET(a0)(sp)
+	REG_L	a1, SBI_TRAP_REGS_OFFSET(a1)(sp)
+	REG_L	a2, SBI_TRAP_REGS_OFFSET(a2)(sp)
+	REG_L	a3, SBI_TRAP_REGS_OFFSET(a3)(sp)
+	REG_L	a4, SBI_TRAP_REGS_OFFSET(a4)(sp)
+	REG_L	a5, SBI_TRAP_REGS_OFFSET(a5)(sp)
+	REG_L	a6, SBI_TRAP_REGS_OFFSET(a6)(sp)
+	REG_L	a7, SBI_TRAP_REGS_OFFSET(a7)(sp)
+	REG_L	s2, SBI_TRAP_REGS_OFFSET(s2)(sp)
+	REG_L	s3, SBI_TRAP_REGS_OFFSET(s3)(sp)
+	REG_L	s4, SBI_TRAP_REGS_OFFSET(s4)(sp)
+	REG_L	s5, SBI_TRAP_REGS_OFFSET(s5)(sp)
+	REG_L	s6, SBI_TRAP_REGS_OFFSET(s6)(sp)
+	REG_L	s7, SBI_TRAP_REGS_OFFSET(s7)(sp)
+	REG_L	s8, SBI_TRAP_REGS_OFFSET(s8)(sp)
+	REG_L	s9, SBI_TRAP_REGS_OFFSET(s9)(sp)
+	REG_L	s10, SBI_TRAP_REGS_OFFSET(s10)(sp)
+	REG_L	s11, SBI_TRAP_REGS_OFFSET(s11)(sp)
+	REG_L	t3, SBI_TRAP_REGS_OFFSET(t3)(sp)
+	REG_L	t4, SBI_TRAP_REGS_OFFSET(t4)(sp)
+	REG_L	t5, SBI_TRAP_REGS_OFFSET(t5)(sp)
+	REG_L	t6, SBI_TRAP_REGS_OFFSET(t6)(sp)
+
+	/* Restore Supervisor mode CSRs */
+	REG_L	t0, SBI_SAVE_CONTEXT_OFFSET(sepc)(sp)
+	csrw	CSR_SEPC, t0
+	REG_L	t0, SBI_SAVE_CONTEXT_OFFSET(satp)(sp)
+	csrw	CSR_SATP, t0
+	REG_L	t0, SBI_SAVE_CONTEXT_OFFSET(sstatus)(sp)
+	csrw	CSR_SSTATUS, t0
+	REG_L	t0, SBI_SAVE_CONTEXT_OFFSET(sie)(sp)
+	csrw	CSR_SIE, t0
+	REG_L	t0, SBI_SAVE_CONTEXT_OFFSET(stvec)(sp)
+	csrw	CSR_STVEC, t0
+	REG_L	t0, SBI_SAVE_CONTEXT_OFFSET(sscratch)(sp)
+	csrw	CSR_SSCRATCH, t0
+	REG_L	t0, SBI_SAVE_CONTEXT_OFFSET(scounteren)(sp)
+	csrw	CSR_SCOUNTEREN, t0
+	REG_L	t0, SBI_SAVE_CONTEXT_OFFSET(scause)(sp)
+	csrw	CSR_SCAUSE, t0
+	REG_L	t0, SBI_SAVE_CONTEXT_OFFSET(stval)(sp)
+	csrw	CSR_STVAL, t0
+	REG_L	t0, SBI_SAVE_CONTEXT_OFFSET(sip)(sp)
+	csrw	CSR_SIP, t0
+
+	/* Restore Machine mode CSRs */
+	REG_L	t0, SBI_TRAP_REGS_OFFSET(mepc)(sp)
+	csrw	CSR_MEPC, t0
+	REG_L	t0, SBI_TRAP_REGS_OFFSET(mstatus)(sp)
+	csrw	CSR_MSTATUS, t0
+
+	/* Restore T0 */
+	REG_L	t0, SBI_TRAP_REGS_OFFSET(t0)(sp)
+
+	/* Restore SP */
+	REG_L	sp, SBI_TRAP_REGS_OFFSET(sp)(sp)
+	mret
diff --git a/lib/utils/tee/tee_sm_dispatcher.c b/lib/utils/tee/tee_sm_dispatcher.c
new file mode 100644
index 0000000..74e55c5
--- /dev/null
+++ b/lib/utils/tee/tee_sm_dispatcher.c
@@ -0,0 +1,228 @@
+/*
+ * SPDX-License-Identifier: BSD-2-Clause
+ *
+ * Copyright  2023  Beijing ESWIN Computing Technology Co., Ltd.
+ *
+ * Authors:
+ *   Chen Chaokai <chenchaokai@eswincomputing.com>
+ *   Liu Shiwei <liushiwei@eswincomputing.com>
+ */
+
+#include <sbi/riscv_encoding.h>
+#include <sbi/sbi_error.h>
+#include <sbi/riscv_asm.h>
+#include <sbi/sbi_scratch.h>
+#include <sbi/sbi_platform.h>
+#include <sbi/sbi_trap.h>
+#include <sbi/sbi_console.h>
+#include <sbi/sbi_hart.h>
+#include <sbi/sbi_string.h>
+#include <sbi/sbi_types.h>
+#include <sbi_utils/tee/tee_context.h>
+#include <sbi_utils/tee/teeecall_opteed.h>
+#include <sbi_utils/tee/tee_sm_dispatcher.h>
+
+optee_vectors_t *optee_vector_table;
+struct sbi_save_context nsec_cpu_context[OPTEED_CORE_COUNT];
+struct sbi_save_context sec_cpu_context[OPTEED_CORE_COUNT];
+struct sbi_trap_regs cpu_start_context[OPTEED_CORE_COUNT];
+ulong mscratch[OPTEED_CORE_COUNT];
+typedef ulong tee_tmp_trap_stack[1024];
+static tee_tmp_trap_stack tmp_stack[OPTEED_CORE_COUNT];
+
+static ulong get_save_context_addr(uint32_t direction)
+{
+	ulong addr = 0;
+	ulong hartid = current_hartid();
+	switch (direction) {
+	case TEE_SECURE_FLAG:
+		addr = (ulong)&sec_cpu_context[hartid];
+		break;
+	case TEE_NON_SECURE_FLAG:
+		addr = (ulong)&nsec_cpu_context[hartid];
+		break;
+	default:
+		sbi_printf("wrong state\n");
+		while(1)
+			wfi();
+	}
+
+	return addr;
+}
+
+static ulong save_context(const struct sbi_trap_regs *regs)
+{
+	ulong addr = 0;
+	struct sbi_save_context *context = NULL;
+
+	addr = get_save_context_addr(regs->a5);
+	context = (struct sbi_save_context *)addr;
+	if (context != NULL) {
+		sbi_memset(context, 0, sizeof(struct sbi_save_context));
+		sbi_memcpy(context, regs, sizeof(struct sbi_trap_regs));
+	} else {
+		return SBI_EINVAL;
+	}
+
+	context->sepc = csr_read(CSR_SEPC);
+	context->satp = csr_read(CSR_SATP);
+	context->sstatus = csr_read(CSR_SSTATUS);
+	context->sie = csr_read(CSR_SIE);
+	context->stvec = csr_read(CSR_STVEC);
+	context->sscratch = csr_read(CSR_SSCRATCH);
+	context->scounteren = csr_read(CSR_SCOUNTEREN);
+	context->scause = csr_read(CSR_SCAUSE);
+	context->stval = csr_read(CSR_STVAL);
+	context->sip = csr_read(CSR_SIP);
+
+	return SBI_OK;
+}
+
+static void restore_context(ulong ctx_addr)
+{
+	restore_to_supervisor(ctx_addr);
+}
+
+void enter_teeos_start_point(void)
+{
+	uint32_t hartid = current_hartid();
+	mscratch[hartid] = csr_read(CSR_MSCRATCH);
+	csr_write(CSR_MSCRATCH,&tmp_stack[hartid + 1]);
+	sbi_hart_switch_mode(hartid, 0, TEE_ENTRY_ADDR, PRV_S, false);
+}
+
+static void teeos_back(void)
+{
+	uint32_t hartid = current_hartid();
+	struct sbi_trap_regs *optee_ctx = &cpu_start_context[hartid];
+	csr_write(CSR_MSCRATCH,mscratch[hartid]);
+
+	teeos_entry_done((ulong)optee_ctx);
+
+	sbi_printf("Error, should never reach here\n");
+}
+
+static ulong prepare_tee_ctx(ulong funcid, ulong *args, ulong *ctx_addr)
+{
+	uint32_t hartid = current_hartid();
+	struct sbi_trap_regs *tee_regs = (struct sbi_trap_regs *)&sec_cpu_context[hartid];
+	tee_regs->mstatus |= MSTATUS_SUM;
+	struct sbi_save_context *context = (struct sbi_save_context *)tee_regs;
+	context->sstatus |= MSTATUS_SUM;
+	ulong func_type = GET_ECALL_TYPE(funcid);
+
+	if (func_type == ECALL_TYPE_FAST) {
+		tee_regs->mepc = (ulong)&optee_vector_table->fast_smc_entry;
+		tee_regs->a0 = funcid;
+		tee_regs->a1 = args[1];
+		tee_regs->a2 = args[2];
+		tee_regs->a3 = args[3];
+		tee_regs->a4 = args[4];
+		tee_regs->a5 = args[5];
+	} else if (func_type == ECALL_TYPE_YEILD) {
+		tee_regs->mepc = (ulong)&optee_vector_table->yield_smc_entry;
+		tee_regs->a0 = funcid;
+		tee_regs->a1 = args[1];
+		tee_regs->a2 = args[2];
+		tee_regs->a3 = args[3];
+		tee_regs->a4 = args[4];
+		tee_regs->a5 = args[0];
+	} else
+		return SBI_EFAIL;
+
+	*ctx_addr = (ulong)tee_regs;
+	return SBI_OK;
+}
+
+static ulong prepare_ree_ctx(ulong *args, ulong *ctx_addr)
+{
+	struct sbi_save_context *ns_regs = NULL;
+	uint32_t hartid = current_hartid();
+
+	ns_regs = &nsec_cpu_context[hartid];
+	ns_regs->regs.a0 = args[0];
+	ns_regs->regs.a1 = args[1];
+	ns_regs->regs.a2 = args[2];
+	ns_regs->regs.a3 = args[3];
+	ns_regs->regs.a4 = args[4];
+	ns_regs->regs.a5 = args[5];
+	ns_regs->regs.mepc += 4;
+	*ctx_addr = (ulong)ns_regs;
+
+	return SBI_OK;
+}
+
+void tee_os_init(void)
+{
+	uint32_t hartid = current_hartid();
+	struct sbi_trap_regs *optee_cpu_ctx = &cpu_start_context[hartid];
+
+	sbi_memset(optee_cpu_ctx, 0, sizeof(struct sbi_save_context));
+	entry_teeos((ulong )optee_cpu_ctx);
+}
+
+int sbi_ecall_tee_handler(ulong extid, ulong funcid,
+			  const struct sbi_trap_regs *regs,
+			  ulong *out_val,
+			  struct sbi_trap_info *out_trap)
+{
+	ulong ret;
+	int tee_func_id = funcid;
+	ulong ctx_addr = 0;
+	ulong args[8] = {0};
+	ulong secure_state = 0;
+	args[0] = regs->a0;
+	args[1] = regs->a1;
+	args[2] = regs->a2;
+	args[3] = regs->a3;
+	args[4] = regs->a4;
+	args[5] = regs->a5;
+	args[6] = regs->a6;
+	args[7] = regs->a7;
+	secure_state = args[5];
+
+	ret = save_context(regs);
+	if (ret != SBI_OK) {
+		sbi_printf("save exception context failed\n");
+		return ret;
+	}
+
+	if (secure_state == TEE_NON_SECURE_FLAG) {
+		ret = prepare_tee_ctx(funcid, args, &ctx_addr);
+		if ( ret != SBI_OK) {
+			sbi_printf("Set optee context failed\n");
+			return ret;
+		}
+		restore_context(ctx_addr);
+	} else if (secure_state == TEE_SECURE_FLAG) {
+		switch (tee_func_id) {
+		case TEEECALL_OPTEED_RETURN_ENTRY_DONE:
+		/* Stash the OPTEE entry point information. */
+			optee_vector_table = (optee_vectors_t *)args[1];
+			if (!args[1] || (args[1] & 3)) {
+				sbi_printf("Get TEE vector table failed.\n");
+				while(1);
+					wfi();
+			}
+			teeos_back();
+			break;
+		case TEEECALL_OPTEED_RETURN_CALL_DONE:
+			ret = prepare_ree_ctx(args, &ctx_addr);
+			if (ret != SBI_OK) {
+				sbi_printf("Set ree context failed\n");
+				return ret;
+			}
+			restore_context(ctx_addr);
+			break;
+		default:
+			sbi_printf("Wrong TEE funcid, funcid = %lx\n", funcid);
+			return SBI_EILL;
+		}
+
+	} else {
+		sbi_printf("Wrong secure state!\n");
+		return SBI_EILL;
+	}
+
+	return SBI_OK;
+}
-- 
2.17.1

[PATCH 1/1] Add RISC-V TEE support

[hchauhan]

-----Original Message-----
> From: opensbi <opensbi-bounces@lists.infradead.org> On Behalf Of liushiwei
> Sent: 11 January 2023 07:32
> To: opensbi at lists.infradead.org
> Cc: chenchaokai at eswincomputing.com; liushiwei
<liushiwei@eswincomputing.com>
> Subject: [PATCH 1/1] Add RISC-V TEE support

>RISC-V Trusted Executable Environment security software includes linux,
opensbi, and OP-TEE OS. linux is the non-secure domain, and OP-TEE OS is the
secure domain. At boot time, opensbi boots OP->TEE OS and then starts linux.
At runtime, opensbi acts as a secure monitor, responsible for context saving
and restoring when switching between linux and OP-TEE OS.
>TEE function is off by default, when using configuration is added in the
config and objects file, such as platform/generic/configs/defconfig add
CONFIG_SBI_ECALL_TEE = y, In the >platform/generic/objects.mk add
CONFIG_TEE_LOAD_ADDR = 0x27c000000, CONFIG_TEE_LOAD_ADDR is the starting
address of the OP-TEE OS.

Hi Liushiwei,

Was there any formal specification or draft for this? Could you please point
me to the draft or specification?

Regards
Himanshu

-- 
opensbi mailing list
opensbi at lists.infradead.org
http://lists.infradead.org/mailman/listinfo/opensbi

[PATCH 1/1] Add RISC-V TEE support

[Anup Patel]

On Wed, Jan 11, 2023 at 5:58 PM liushiwei <liushiwei@eswincomputing.com> wrote:
>
> Do you mean hardware? Our hardware design referred to arm's trustzone
> technology. optee os is a software solution using arm trustzone hardware,
> which mainly includes REE(linux), TEE(optee os), ATF(ARM Trusted firmware),
> and then our software also developed these three parts. opensbi is similar
> to ATF. whether if this is what you want?  The current committed code is not
> hardware-dependent, but just continues the idea of this workaround, and we
> may commit hardware-dependent code later.

We can't blindly use SBI extension ID and function ID space for TEE.

Please share a draft proposal of how OP-TEE calls will be implemented
as SBI calls.

I see that you have reserved an entire range of SBI extension IDs
for OP-TEE. This is a waste of the SBI extension ID space.

Regards,
Anup

>
> -----????-----
> ???: hchauhan at ventanamicro.com [mailto:hchauhan at ventanamicro.com]
> ????: 2023?1?11? 20:03
> ???: 'liushiwei' <liushiwei@eswincomputing.com>; opensbi at lists.infradead.
> org
> ??: chenchaokai at eswincomputing.com
> ??: RE: [PATCH 1/1] Add RISC-V TEE support
>
> -----Original Message-----
> > From: opensbi <opensbi-bounces@lists.infradead.org> On Behalf Of
> > liushiwei
> > Sent: 11 January 2023 07:32
> > To: opensbi at lists.infradead.org
> > Cc: chenchaokai at eswincomputing.com; liushiwei
> <liushiwei@eswincomputing.com>
> > Subject: [PATCH 1/1] Add RISC-V TEE support
>
> >RISC-V Trusted Executable Environment security software includes linux,
> opensbi, and OP-TEE OS. linux is the non-secure domain, and OP-TEE OS is the
> secure domain. At boot time, opensbi boots OP->TEE OS and then starts linux.
> At runtime, opensbi acts as a secure monitor, responsible for context saving
> and restoring when switching between linux and OP-TEE OS.
> >TEE function is off by default, when using configuration is added in
> >the
> config and objects file, such as platform/generic/configs/defconfig add
> CONFIG_SBI_ECALL_TEE = y, In the >platform/generic/objects.mk add
> CONFIG_TEE_LOAD_ADDR = 0x27c000000, CONFIG_TEE_LOAD_ADDR is the starting
> address of the OP-TEE OS.
>
> Hi Liushiwei,
>
> Was there any formal specification or draft for this? Could you please point
> me to the draft or specification?
>
> Regards
> Himanshu
>
> --
> opensbi mailing list
> opensbi at lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/opensbi
>
>
> --
> opensbi mailing list
> opensbi at lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/opensbi

[PATCH 1/1] Add RISC-V TEE support

[liushiwei]

Hi?Conor.
	I have replied to the question of a draft proposal in another email, and Anup suggested that I edit it in https://github.com/riscv-non-isa/riscv-sbi-doc/blob/master/riscv-sbi.adoc. I tried to push a document edit commit [https://github.com/riscv-non-isa/riscv-sbi-doc/pull/106]. Please check. Am I doing what you expect me to do?

Thanks,
Liushiwei
-----????-----
???: Conor Dooley [mailto:conor at kernel.org] 
????: 2023?1?13? 19:47
???: opensbi at lists.infradead.org; liushiwei <liushiwei@eswincomputing.com>; 'Anup Patel' <apatel@ventanamicro.com>
??: hchauhan at ventanamicro.com; chenchaokai at eswincomputing.com
??: Re: ??: [PATCH 1/1] Add RISC-V TEE support



On 13 January 2023 03:30:41 GMT, liushiwei <liushiwei@eswincomputing.com> wrote:
>Hi,  Anup

It'd be nice if you'd respond inline so that following the conversation was easier.
And responding from a mobile device would be too!

>	I've combed through the linux code. What do you think of the following 
>change?
>
>diff --git a/arch/riscv/include/asm/sbi.h 
>b/arch/riscv/include/asm/sbi.h index d1c37479d..9696c8c77 100644
>--- a/arch/riscv/include/asm/sbi.h
>+++ b/arch/riscv/include/asm/sbi.h
>@@ -29,6 +29,7 @@ enum sbi_ext_id {
>        SBI_EXT_RFENCE = 0x52464E43,
>        SBI_EXT_HSM = 0x48534D,
>        SBI_EXT_SRST = 0x53525354,
>+       SBI_EXT_TEE = 0x544545,

This range is reserved for official extensions.
Can you please respond to Anup's request, preserved below, for a draft proposal?

>	I find that these values are just transformations of these letters?So I just use the ext id, not the func id?
>	While the sbi_ecall_tee_handler function uses other registers, such as t0.

Anup wrote:
> >We can't blindly use SBI extension ID and function ID space for TEE.
> >Please share a draft proposal of how OP-TEE calls will be implemented as SBI calls.

Thanks,
Conor.

[PATCH 1/1] Add RISC-V TEE support

[liushiwei]

Hi?Anup
	I have updated the document in https://github.com/riscv-non-isa/riscv-sbi-doc/pull/106 . 
	You can preview them at https://github.com/liushiwei007/riscv-sbi-doc/blob/master/riscv-sbi.adoc .
	With regard to the TEE function, the design focuses on its three main categories (yield /fast/fiq hardware dependent, not implemented yet), 
	which are three different TEE entry. The more detailed part, which opensbi does not care about, needs to be handled internally by optee os according to parameters.
	As for function value concatenation, the linux part still follows the arm rules. Specific to view https://documentation-service.arm.com/static/6013e5faeee5236980d08619 2.5 Function Identifiers.

Regards,
Liushiwei

-----????-----
???: Anup Patel [mailto:anup at brainfault.org] 
????: 2023?1?21? 21:37
???: liushiwei <liushiwei@eswincomputing.com>
??: Himanshu Chauhan <hchauhan@ventanamicro.com>; opensbi at lists.infradead.org; chenchaokai at eswincomputing.com
??: Re: ??: [PATCH 1/1] Add RISC-V TEE support

Hi Liushiwei,

On Mon, Jan 16, 2023 at 6:39 PM liushiwei <liushiwei@eswincomputing.com> wrote:
>
> Hi?Anup
> I edit it in 
> https://github.com/riscv-non-isa/riscv-sbi-doc/blob/master/riscv-sbi.a
> doc. I tried to push a document edit commit 
> [https://github.com/riscv-non-isa/riscv-sbi-doc/pull/106]. Please 
> check. Am I doing what you expect me to do

This is a good starting point but can you add more details about:
1) Details of the supervisor state to be saved-n-restored by SBI implementation when forwarding the TEE calls
2) Details about each TEE function (such as FID, etc). You can cite the actual OP-TEE spec

Regards,
Anup

>
>
> Thanks
> Liushiwei
> -----????-----
> ???: Anup Patel [mailto:anup at brainfault.org]
> ????: 2023?1?13? 20:00
> ???: liushiwei <liushiwei@eswincomputing.com>
> ??: Himanshu Chauhan <hchauhan@ventanamicro.com>; 
> opensbi at lists.infradead.org; chenchaokai at eswincomputing.com
> ??: Re: ??: [PATCH 1/1] Add RISC-V TEE support
>
> On Thu, Jan 12, 2023 at 12:38 PM liushiwei <liushiwei@eswincomputing.com> wrote:
> >
> > Hi, Himanshu ,  These are my description:
> >
> > In my design, The entire linux space is called REE (Rich Execution 
> > Environment), and TEE OS includes its user state called TEE (Trusted execution environment).
> > adding TEE functionality to opensbi requires two configuration items.
> > For example:
> >    add CONFIG_SBI_ECALL_TEE=y in platform/generic/configs/defconfig file.
> >    add CONFIG_TEE_LOAD_ADDR=0x27C000000 platform/generic/objects.mk.
> >    The value of CONFIG_TEE_LOAD_ADDR depends on the actual memory layout,
> >    It's a physical address.
> >
> > When TEE is configured, opensbi adds the following functionality:
> > 1. Boot TEE OS.
> >    If TEE is enabled, tee_os_init() is called before entering
> >    sbi_hart_switch_mode(). tee_os_init saves the current context,
> >    sets a new trap stack address, and runs to CONFIG_TEE_LOAD_ADDR as configured
> >    to complete TEE OS initialization. TEE OS returns via ecall, Go to opensbi
> >    sbi_ecall_tee_handler and use the characteristic value RETURN_ENTRY_DONE
> >    to indicate the return after the TEE OS completes booting. Check whether the
> >    TEE OS boot successfully according to the parameter. If fails,
> >    the system enters wfi and terminates the startup process of opensbi. If successful,
> >    it returns REE to switch into TEE's vector. then trap stack memory is restored,
> >    the context is restored, the tee_os_init call is returned,
> >    and the rest of the process is performed.
> > 2. REE switches to TEE.
> >    When the TEE OS boot successfully, it returns an entry vector for REE into the TEE.
> >    It represents various entry points into TEE OS and is stored in opensbi's global variables.
> >    It is the optee_vectors_t structure, which contains nine entry cases:
> >       1. yield_smc_entry;
> >       2. fast_smc_entry;
> >       3. cpu_on_entry;
> >       4. cpu_off_entry;
> >       5. cpu_resume_entry;
> >       6. cpu_suspend_entry;
> >       7. fiq_entry;
> >       8. system_off_entry;
> >       9. system_reset_entry;
> >    yield_smc_entry means that this function entry TEE will start the thread function
> >    and enter the user state of TEE. It may also switch back to REE with RPC function,
> >    and then return to TEE after REE completes the corresponding function.
> >    For the REE process that sent you this call, it may cause sleep.
> >
> >    fast_smc_entry indicates that this is a quick function that returns after
> >    the TEE OS does something, and that it does not cause the caller to sleep.
> >
> >    yield_smc_entry and fast_smc_entry return opensbi use eigenvalue RETURN_CALL_DONE.
> >    for yield_smc_entry, whether the call returns or the RPC returns is decided by linux.
> >
> >    cpu_on_entry/cpu_off_entry/cpu_resume_entry/cpu_suspend_entry and
> >    fiq_entry/system_off_entry/system_reset_entry they are not implemented currently.
> >
> > 3. TEE switches to REE.
> >    opensbi needs to save the context when REE enters the TEE,
> >    and restore the context when it returns from the TEE.
> >
> > 4. TEE/REE Request a special function.
> >    We have some specific functions, like get hartid from TEE,
> >    it need save and restore the TEE context.
> >
> > Data structure.
> > opensbi adds the sbi_save_context declaration
> >    struct sbi_save_context {
> >       struct sbi_trap_regs regs;
> >       unsigned long sepc;
> >       unsigned long satp;
> >       unsigned long sstatus;
> >       unsigned long sie;
> >       unsigned long stvec;
> >       unsigned long sscratch;
> >       unsigned long scounteren;
> >       unsigned long scause;
> >       unsigned long stval;
> >       unsigned long sip;
> >    };
> >    sbi_save_context include sbi_trap_regs and S mode csr. Used to 
> > hold the context of TEE or REE
> >
> >    typedef struct optee_vectors {
> >       optee_vector_isn_t yield_smc_entry;
> >       optee_vector_isn_t fast_smc_entry;
> >       optee_vector_isn_t cpu_on_entry;
> >       optee_vector_isn_t cpu_off_entry;
> >       optee_vector_isn_t cpu_resume_entry;
> >       optee_vector_isn_t cpu_suspend_entry;
> >       optee_vector_isn_t fiq_entry;
> >       optee_vector_isn_t system_off_entry;
> >       optee_vector_isn_t system_reset_entry;
> >    } optee_vectors_t;
> >    optee_vectors represent the various entry points into TEE OS.
> >
> > Variables defined by opensbi
> >    optee_vectors_t *optee_vector_table;
> >    struct sbi_save_context nsec_cpu_context[OPTEED_CORE_COUNT];
> >    struct sbi_save_context sec_cpu_context[OPTEED_CORE_COUNT];
> >    struct sbi_trap_regs cpu_start_context[OPTEED_CORE_COUNT];
> >    typedef ulong tee_tmp_trap_stack[1024];
> >    static tee_tmp_trap_stack tmp_stack[OPTEED_CORE_COUNT];
> >
> >    optee_vector_table value is assigned after the TEE OS boot succeeds.
> >    nsec_cpu_context and sec_cpu_context is to save the context of TEE and REE,
> >    cpu_start_context save the context of opensbi before tee_os_init enter TEE OS,
> >    tee_tmp_stack is the trap stack when TEE OS return tee_os_init.
> >
> > Under the current design, REE does not enable interrupts when 
> > entering TEE, and the entire TEE, including opensbi, is the process context of linux.
> > TEE processing must be brief and quick.
>
> Looks like you do have some write-up for your proof-of-concept implementation which is good but we can look at your patches only after we have discussed your SBI OPTEE proposal.
>
> I suggest you should create a textual/adoc description as if you are 
> writing a chapter for 
> https://github.com/riscv-non-isa/riscv-sbi-doc/blob/master/riscv-sbi.a
> doc
>
> After you have this textual/adoc writeup for SBI OPTEE, we can discuss this in the Platform runtime services (PRS) or Trusted computing SIG meeting.
>
> Your patches can be reviewed only after there is enough agreement on your SBI OPTEE proposal.
>
> Regards,
> Anup
>
> >
> >
> > Regards,
> > liushiwei
> > -----????-----
> > ???: Himanshu Chauhan [mailto:hchauhan at ventanamicro.com]
> > ????: 2023?1?11? 23:39
> > ???: liushiwei <liushiwei@eswincomputing.com>
> > ??: opensbi at lists.infradead.org; chenchaokai at eswincomputing.com
> > ??: Re: ??: [PATCH 1/1] Add RISC-V TEE support
> >
> > On Wed, Jan 11, 2023 at 08:27:59PM +0800, liushiwei wrote:
> > > Do you mean hardware? Our hardware design referred to arm's 
> > > trustzone technology. optee os is a software solution using arm 
> > > trustzone hardware, which mainly includes REE(linux), TEE(optee 
> > > os), ATF(ARM Trusted firmware), and then our software also 
> > > developed these three parts. opensbi is similar to ATF. whether if this is what you want?
> > > The current committed code is not hardware-dependent, but just 
> > > continues the idea of this workaround, and we may commit hardware-dependent code later.
> > >
> > No, I meant the software specification.
> >
> > > -----????-----
> > > ???: hchauhan at ventanamicro.com [mailto:hchauhan at ventanamicro.com]
> > > ????: 2023?1?11? 20:03
> > > ???: 'liushiwei' <liushiwei@eswincomputing.com>; opensbi at lists.infradead.
> > > org
> > > ??: chenchaokai at eswincomputing.com
> > > ??: RE: [PATCH 1/1] Add RISC-V TEE support
> > >
> > > -----Original Message-----
> > > > From: opensbi <opensbi-bounces@lists.infradead.org> On Behalf Of 
> > > > liushiwei
> > > > Sent: 11 January 2023 07:32
> > > > To: opensbi at lists.infradead.org
> > > > Cc: chenchaokai at eswincomputing.com; liushiwei
> > > <liushiwei@eswincomputing.com>
> > > > Subject: [PATCH 1/1] Add RISC-V TEE support
> > >
> > > >RISC-V Trusted Executable Environment security software includes 
> > > >linux,
> > > opensbi, and OP-TEE OS. linux is the non-secure domain, and OP-TEE 
> > > OS is the secure domain. At boot time, opensbi boots OP->TEE OS and then starts linux.
> > > At runtime, opensbi acts as a secure monitor, responsible for 
> > > context saving and restoring when switching between linux and OP-TEE OS.
> > > >TEE function is off by default, when using configuration is added 
> > > >in the
> > > config and objects file, such as 
> > > platform/generic/configs/defconfig
> > > add CONFIG_SBI_ECALL_TEE = y, In the >platform/generic/objects.mk 
> > > add CONFIG_TEE_LOAD_ADDR = 0x27c000000, CONFIG_TEE_LOAD_ADDR is 
> > > the starting address of the OP-TEE OS.
> > >
> > > Hi Liushiwei,
> > >
> > > Was there any formal specification or draft for this? Could you 
> > > please point me to the draft or specification?
> > >
> > > Regards
> > > Himanshu
> > >
> > > --
> > > opensbi mailing list
> > > opensbi at lists.infradead.org
> > > http://lists.infradead.org/mailman/listinfo/opensbi
> > >
> >
> >
> > --
> > opensbi mailing list
> > opensbi at lists.infradead.org
> > http://lists.infradead.org/mailman/listinfo/opensbi
>

[PATCH 1/1] Add RISC-V TEE support

[liushiwei]

Hi, Atish 
	Thank you for your reply.
	I submitted my ideas to https://github.com/riscv-non-isa/riscv-sbi-doc/pull/106 as requested by other members of the email. 
	You can preview them at https://github.com/liushiwei007/riscv-sbi-doc/blob/master/riscv-sbi.adoc .
	I'm not sure if I need to send an email to tech-prs at lists.riscv.org or sig-trusted-computing at lists.riscv.org after submitting to riscv-sbi-doc? 
	If so, Is it to send the patch of opensbi I submitted before?

Regards,
Liushiwei


-----????-----
???: Atish Patra [mailto:atishp at atishpatra.org] 
????: 2023?1?25? 3:12
???: liushiwei <liushiwei@eswincomputing.com>
??: Himanshu Chauhan <hchauhan@ventanamicro.com>; opensbi at lists.infradead.org; chenchaokai at eswincomputing.com
??: Re: ??: [PATCH 1/1] Add RISC-V TEE support

On Wed, Jan 11, 2023 at 11:08 PM liushiwei <liushiwei@eswincomputing.com> wrote:
>
> Hi, Himanshu ,  These are my description:
>
> In my design, The entire linux space is called REE (Rich Execution 
> Environment), and TEE OS includes its user state called TEE (Trusted execution environment).
> adding TEE functionality to opensbi requires two configuration items.
> For example:
>    add CONFIG_SBI_ECALL_TEE=y in platform/generic/configs/defconfig file.
>    add CONFIG_TEE_LOAD_ADDR=0x27C000000 platform/generic/objects.mk.
>    The value of CONFIG_TEE_LOAD_ADDR depends on the actual memory layout,
>    It's a physical address.
>
> When TEE is configured, opensbi adds the following functionality:
> 1. Boot TEE OS.
>    If TEE is enabled, tee_os_init() is called before entering
>    sbi_hart_switch_mode(). tee_os_init saves the current context,
>    sets a new trap stack address, and runs to CONFIG_TEE_LOAD_ADDR as configured
>    to complete TEE OS initialization. TEE OS returns via ecall, Go to opensbi
>    sbi_ecall_tee_handler and use the characteristic value RETURN_ENTRY_DONE
>    to indicate the return after the TEE OS completes booting. Check whether the
>    TEE OS boot successfully according to the parameter. If fails,
>    the system enters wfi and terminates the startup process of opensbi. If successful,
>    it returns REE to switch into TEE's vector. then trap stack memory is restored,
>    the context is restored, the tee_os_init call is returned,
>    and the rest of the process is performed.
> 2. REE switches to TEE.
>    When the TEE OS boot successfully, it returns an entry vector for REE into the TEE.
>    It represents various entry points into TEE OS and is stored in opensbi's global variables.
>    It is the optee_vectors_t structure, which contains nine entry cases:
>       1. yield_smc_entry;
>       2. fast_smc_entry;
>       3. cpu_on_entry;
>       4. cpu_off_entry;
>       5. cpu_resume_entry;
>       6. cpu_suspend_entry;
>       7. fiq_entry;
>       8. system_off_entry;
>       9. system_reset_entry;
>    yield_smc_entry means that this function entry TEE will start the thread function
>    and enter the user state of TEE. It may also switch back to REE with RPC function,
>    and then return to TEE after REE completes the corresponding function.
>    For the REE process that sent you this call, it may cause sleep.
>
>    fast_smc_entry indicates that this is a quick function that returns after
>    the TEE OS does something, and that it does not cause the caller to sleep.
>
>    yield_smc_entry and fast_smc_entry return opensbi use eigenvalue RETURN_CALL_DONE.
>    for yield_smc_entry, whether the call returns or the RPC returns is decided by linux.
>
>    cpu_on_entry/cpu_off_entry/cpu_resume_entry/cpu_suspend_entry and
>    fiq_entry/system_off_entry/system_reset_entry they are not implemented currently.
>
> 3. TEE switches to REE.
>    opensbi needs to save the context when REE enters the TEE,
>    and restore the context when it returns from the TEE.
>
> 4. TEE/REE Request a special function.
>    We have some specific functions, like get hartid from TEE,
>    it need save and restore the TEE context.
>
> Data structure.
> opensbi adds the sbi_save_context declaration
>    struct sbi_save_context {
>       struct sbi_trap_regs regs;
>       unsigned long sepc;
>       unsigned long satp;
>       unsigned long sstatus;
>       unsigned long sie;
>       unsigned long stvec;
>       unsigned long sscratch;
>       unsigned long scounteren;
>       unsigned long scause;
>       unsigned long stval;
>       unsigned long sip;
>    };
>    sbi_save_context include sbi_trap_regs and S mode csr. Used to hold 
> the context of TEE or REE
>
>    typedef struct optee_vectors {
>       optee_vector_isn_t yield_smc_entry;
>       optee_vector_isn_t fast_smc_entry;
>       optee_vector_isn_t cpu_on_entry;
>       optee_vector_isn_t cpu_off_entry;
>       optee_vector_isn_t cpu_resume_entry;
>       optee_vector_isn_t cpu_suspend_entry;
>       optee_vector_isn_t fiq_entry;
>       optee_vector_isn_t system_off_entry;
>       optee_vector_isn_t system_reset_entry;
>    } optee_vectors_t;
>    optee_vectors represent the various entry points into TEE OS.
>
> Variables defined by opensbi
>    optee_vectors_t *optee_vector_table;
>    struct sbi_save_context nsec_cpu_context[OPTEED_CORE_COUNT];
>    struct sbi_save_context sec_cpu_context[OPTEED_CORE_COUNT];
>    struct sbi_trap_regs cpu_start_context[OPTEED_CORE_COUNT];
>    typedef ulong tee_tmp_trap_stack[1024];
>    static tee_tmp_trap_stack tmp_stack[OPTEED_CORE_COUNT];
>
>    optee_vector_table value is assigned after the TEE OS boot succeeds.
>    nsec_cpu_context and sec_cpu_context is to save the context of TEE and REE,
>    cpu_start_context save the context of opensbi before tee_os_init enter TEE OS,
>    tee_tmp_stack is the trap stack when TEE OS return tee_os_init.
>
> Under the current design, REE does not enable interrupts when entering 
> TEE, and the entire TEE, including opensbi, is the process context of linux.
> TEE processing must be brief and quick.
>

Great. Thanks. Your PR should include more details like this with proper FID allocation and description.
In order to make it a standard RISC-V SBI extension, you need to present this in tech-prs mailing list
(https://lists.riscv.org/g/tech-prs)
and get it approved within the group. Here is the policy document[1]

https://docs.google.com/document/d/1bQGHU-wD4uN4mU07oH9adpXbH51NqUbFxcL8qTTIqhA/edit

I think it would be good if you can present your work in trusted computing SIG (https://lists.riscv.org/g/sig-trusted-computing) as well.

>
> Regards,
> liushiwei
> -----????-----
> ???: Himanshu Chauhan [mailto:hchauhan at ventanamicro.com]
> ????: 2023?1?11? 23:39
> ???: liushiwei <liushiwei@eswincomputing.com>
> ??: opensbi at lists.infradead.org; chenchaokai at eswincomputing.com
> ??: Re: ??: [PATCH 1/1] Add RISC-V TEE support
>
> On Wed, Jan 11, 2023 at 08:27:59PM +0800, liushiwei wrote:
> > Do you mean hardware? Our hardware design referred to arm's 
> > trustzone technology. optee os is a software solution using arm 
> > trustzone hardware, which mainly includes REE(linux), TEE(optee os), 
> > ATF(ARM Trusted firmware), and then our software also developed 
> > these three parts. opensbi is similar to ATF. whether if this is what you want?
> > The current committed code is not hardware-dependent, but just 
> > continues the idea of this workaround, and we may commit hardware-dependent code later.
> >
> No, I meant the software specification.
>
> > -----????-----
> > ???: hchauhan at ventanamicro.com [mailto:hchauhan at ventanamicro.com]
> > ????: 2023?1?11? 20:03
> > ???: 'liushiwei' <liushiwei@eswincomputing.com>; opensbi at lists.infradead.
> > org
> > ??: chenchaokai at eswincomputing.com
> > ??: RE: [PATCH 1/1] Add RISC-V TEE support
> >
> > -----Original Message-----
> > > From: opensbi <opensbi-bounces@lists.infradead.org> On Behalf Of 
> > > liushiwei
> > > Sent: 11 January 2023 07:32
> > > To: opensbi at lists.infradead.org
> > > Cc: chenchaokai at eswincomputing.com; liushiwei
> > <liushiwei@eswincomputing.com>
> > > Subject: [PATCH 1/1] Add RISC-V TEE support
> >
> > >RISC-V Trusted Executable Environment security software includes 
> > >linux,
> > opensbi, and OP-TEE OS. linux is the non-secure domain, and OP-TEE 
> > OS is the secure domain. At boot time, opensbi boots OP->TEE OS and then starts linux.
> > At runtime, opensbi acts as a secure monitor, responsible for 
> > context saving and restoring when switching between linux and OP-TEE OS.
> > >TEE function is off by default, when using configuration is added 
> > >in the
> > config and objects file, such as platform/generic/configs/defconfig
> > add CONFIG_SBI_ECALL_TEE = y, In the >platform/generic/objects.mk 
> > add CONFIG_TEE_LOAD_ADDR = 0x27c000000, CONFIG_TEE_LOAD_ADDR is the 
> > starting address of the OP-TEE OS.
> >
> > Hi Liushiwei,
> >
> > Was there any formal specification or draft for this? Could you 
> > please point me to the draft or specification?
> >
> > Regards
> > Himanshu
> >
> > --
> > opensbi mailing list
> > opensbi at lists.infradead.org
> > http://lists.infradead.org/mailman/listinfo/opensbi
> >
>
>
> --
> opensbi mailing list
> opensbi at lists.infradead.org
> http://lists.infradead.org/mailman/listinfo/opensbi



--
Regards,
Atish

[PATCH 1/1] Add RISC-V TEE support

[Atish Patra]

On Sat, Jan 28, 2023 at 12:33 AM liushiwei <liushiwei@eswincomputing.com> wrote:
>
> Hi, Atish
>         Thank you for your reply.
>         I submitted my ideas to https://github.com/riscv-non-isa/riscv-sbi-doc/pull/106 as requested by other members of the email.
>         You can preview them at https://github.com/liushiwei007/riscv-sbi-doc/blob/master/riscv-sbi.adoc .
>         I'm not sure if I need to send an email to tech-prs at lists.riscv.org or sig-trusted-computing at lists.riscv.org after submitting to riscv-sbi-doc?
>         If so, Is it to send the patch of opensbi I submitted before?
>

The Trusted computing SIG evaluates the overall merit and direction of
any TEE related specifications.
The PRS TG will focus more on the SBI specification related parts.
I would recommend you to present your work to Trusted Computing SIG
first so that everybody agrees on the overall direction
for OP-TEE support in RISC-V.

> Regards,
> Liushiwei
>
>
> -----????-----
> ???: Atish Patra [mailto:atishp at atishpatra.org]
> ????: 2023?1?25? 3:12
> ???: liushiwei <liushiwei@eswincomputing.com>
> ??: Himanshu Chauhan <hchauhan@ventanamicro.com>; opensbi at lists.infradead.org; chenchaokai at eswincomputing.com
> ??: Re: ??: [PATCH 1/1] Add RISC-V TEE support
>
> On Wed, Jan 11, 2023 at 11:08 PM liushiwei <liushiwei@eswincomputing.com> wrote:
> >
> > Hi, Himanshu ,  These are my description:
> >
> > In my design, The entire linux space is called REE (Rich Execution
> > Environment), and TEE OS includes its user state called TEE (Trusted execution environment).
> > adding TEE functionality to opensbi requires two configuration items.
> > For example:
> >    add CONFIG_SBI_ECALL_TEE=y in platform/generic/configs/defconfig file.
> >    add CONFIG_TEE_LOAD_ADDR=0x27C000000 platform/generic/objects.mk.
> >    The value of CONFIG_TEE_LOAD_ADDR depends on the actual memory layout,
> >    It's a physical address.
> >
> > When TEE is configured, opensbi adds the following functionality:
> > 1. Boot TEE OS.
> >    If TEE is enabled, tee_os_init() is called before entering
> >    sbi_hart_switch_mode(). tee_os_init saves the current context,
> >    sets a new trap stack address, and runs to CONFIG_TEE_LOAD_ADDR as configured
> >    to complete TEE OS initialization. TEE OS returns via ecall, Go to opensbi
> >    sbi_ecall_tee_handler and use the characteristic value RETURN_ENTRY_DONE
> >    to indicate the return after the TEE OS completes booting. Check whether the
> >    TEE OS boot successfully according to the parameter. If fails,
> >    the system enters wfi and terminates the startup process of opensbi. If successful,
> >    it returns REE to switch into TEE's vector. then trap stack memory is restored,
> >    the context is restored, the tee_os_init call is returned,
> >    and the rest of the process is performed.
> > 2. REE switches to TEE.
> >    When the TEE OS boot successfully, it returns an entry vector for REE into the TEE.
> >    It represents various entry points into TEE OS and is stored in opensbi's global variables.
> >    It is the optee_vectors_t structure, which contains nine entry cases:
> >       1. yield_smc_entry;
> >       2. fast_smc_entry;
> >       3. cpu_on_entry;
> >       4. cpu_off_entry;
> >       5. cpu_resume_entry;
> >       6. cpu_suspend_entry;
> >       7. fiq_entry;
> >       8. system_off_entry;
> >       9. system_reset_entry;
> >    yield_smc_entry means that this function entry TEE will start the thread function
> >    and enter the user state of TEE. It may also switch back to REE with RPC function,
> >    and then return to TEE after REE completes the corresponding function.
> >    For the REE process that sent you this call, it may cause sleep.
> >
> >    fast_smc_entry indicates that this is a quick function that returns after
> >    the TEE OS does something, and that it does not cause the caller to sleep.
> >
> >    yield_smc_entry and fast_smc_entry return opensbi use eigenvalue RETURN_CALL_DONE.
> >    for yield_smc_entry, whether the call returns or the RPC returns is decided by linux.
> >
> >    cpu_on_entry/cpu_off_entry/cpu_resume_entry/cpu_suspend_entry and
> >    fiq_entry/system_off_entry/system_reset_entry they are not implemented currently.
> >
> > 3. TEE switches to REE.
> >    opensbi needs to save the context when REE enters the TEE,
> >    and restore the context when it returns from the TEE.
> >
> > 4. TEE/REE Request a special function.
> >    We have some specific functions, like get hartid from TEE,
> >    it need save and restore the TEE context.
> >
> > Data structure.
> > opensbi adds the sbi_save_context declaration
> >    struct sbi_save_context {
> >       struct sbi_trap_regs regs;
> >       unsigned long sepc;
> >       unsigned long satp;
> >       unsigned long sstatus;
> >       unsigned long sie;
> >       unsigned long stvec;
> >       unsigned long sscratch;
> >       unsigned long scounteren;
> >       unsigned long scause;
> >       unsigned long stval;
> >       unsigned long sip;
> >    };
> >    sbi_save_context include sbi_trap_regs and S mode csr. Used to hold
> > the context of TEE or REE
> >
> >    typedef struct optee_vectors {
> >       optee_vector_isn_t yield_smc_entry;
> >       optee_vector_isn_t fast_smc_entry;
> >       optee_vector_isn_t cpu_on_entry;
> >       optee_vector_isn_t cpu_off_entry;
> >       optee_vector_isn_t cpu_resume_entry;
> >       optee_vector_isn_t cpu_suspend_entry;
> >       optee_vector_isn_t fiq_entry;
> >       optee_vector_isn_t system_off_entry;
> >       optee_vector_isn_t system_reset_entry;
> >    } optee_vectors_t;
> >    optee_vectors represent the various entry points into TEE OS.
> >
> > Variables defined by opensbi
> >    optee_vectors_t *optee_vector_table;
> >    struct sbi_save_context nsec_cpu_context[OPTEED_CORE_COUNT];
> >    struct sbi_save_context sec_cpu_context[OPTEED_CORE_COUNT];
> >    struct sbi_trap_regs cpu_start_context[OPTEED_CORE_COUNT];
> >    typedef ulong tee_tmp_trap_stack[1024];
> >    static tee_tmp_trap_stack tmp_stack[OPTEED_CORE_COUNT];
> >
> >    optee_vector_table value is assigned after the TEE OS boot succeeds.
> >    nsec_cpu_context and sec_cpu_context is to save the context of TEE and REE,
> >    cpu_start_context save the context of opensbi before tee_os_init enter TEE OS,
> >    tee_tmp_stack is the trap stack when TEE OS return tee_os_init.
> >
> > Under the current design, REE does not enable interrupts when entering
> > TEE, and the entire TEE, including opensbi, is the process context of linux.
> > TEE processing must be brief and quick.
> >
>
> Great. Thanks. Your PR should include more details like this with proper FID allocation and description.
> In order to make it a standard RISC-V SBI extension, you need to present this in tech-prs mailing list
> (https://lists.riscv.org/g/tech-prs)
> and get it approved within the group. Here is the policy document[1]
>
> https://docs.google.com/document/d/1bQGHU-wD4uN4mU07oH9adpXbH51NqUbFxcL8qTTIqhA/edit
>
> I think it would be good if you can present your work in trusted computing SIG (https://lists.riscv.org/g/sig-trusted-computing) as well.
>
> >
> > Regards,
> > liushiwei
> > -----????-----
> > ???: Himanshu Chauhan [mailto:hchauhan at ventanamicro.com]
> > ????: 2023?1?11? 23:39
> > ???: liushiwei <liushiwei@eswincomputing.com>
> > ??: opensbi at lists.infradead.org; chenchaokai at eswincomputing.com
> > ??: Re: ??: [PATCH 1/1] Add RISC-V TEE support
> >
> > On Wed, Jan 11, 2023 at 08:27:59PM +0800, liushiwei wrote:
> > > Do you mean hardware? Our hardware design referred to arm's
> > > trustzone technology. optee os is a software solution using arm
> > > trustzone hardware, which mainly includes REE(linux), TEE(optee os),
> > > ATF(ARM Trusted firmware), and then our software also developed
> > > these three parts. opensbi is similar to ATF. whether if this is what you want?
> > > The current committed code is not hardware-dependent, but just
> > > continues the idea of this workaround, and we may commit hardware-dependent code later.
> > >
> > No, I meant the software specification.
> >
> > > -----????-----
> > > ???: hchauhan at ventanamicro.com [mailto:hchauhan at ventanamicro.com]
> > > ????: 2023?1?11? 20:03
> > > ???: 'liushiwei' <liushiwei@eswincomputing.com>; opensbi at lists.infradead.
> > > org
> > > ??: chenchaokai at eswincomputing.com
> > > ??: RE: [PATCH 1/1] Add RISC-V TEE support
> > >
> > > -----Original Message-----
> > > > From: opensbi <opensbi-bounces@lists.infradead.org> On Behalf Of
> > > > liushiwei
> > > > Sent: 11 January 2023 07:32
> > > > To: opensbi at lists.infradead.org
> > > > Cc: chenchaokai at eswincomputing.com; liushiwei
> > > <liushiwei@eswincomputing.com>
> > > > Subject: [PATCH 1/1] Add RISC-V TEE support
> > >
> > > >RISC-V Trusted Executable Environment security software includes
> > > >linux,
> > > opensbi, and OP-TEE OS. linux is the non-secure domain, and OP-TEE
> > > OS is the secure domain. At boot time, opensbi boots OP->TEE OS and then starts linux.
> > > At runtime, opensbi acts as a secure monitor, responsible for
> > > context saving and restoring when switching between linux and OP-TEE OS.
> > > >TEE function is off by default, when using configuration is added
> > > >in the
> > > config and objects file, such as platform/generic/configs/defconfig
> > > add CONFIG_SBI_ECALL_TEE = y, In the >platform/generic/objects.mk
> > > add CONFIG_TEE_LOAD_ADDR = 0x27c000000, CONFIG_TEE_LOAD_ADDR is the
> > > starting address of the OP-TEE OS.
> > >
> > > Hi Liushiwei,
> > >
> > > Was there any formal specification or draft for this? Could you
> > > please point me to the draft or specification?
> > >
> > > Regards
> > > Himanshu
> > >
> > > --
> > > opensbi mailing list
> > > opensbi at lists.infradead.org
> > > http://lists.infradead.org/mailman/listinfo/opensbi
> > >
> >
> >
> > --
> > opensbi mailing list
> > opensbi at lists.infradead.org
> > http://lists.infradead.org/mailman/listinfo/opensbi
>
>
>
> --
> Regards,
> Atish
>


-- 
Regards,
Atish

[PATCH 1/1] Add RISC-V TEE support

[liushiwei]

Hi? Atish
	I tried to email tech-prs at lists.riscv.org and sig-trusted-computing at lists.riscv.org, but both returned. My attempts to send a patch directly also returned.
	Looking at this reason, does it seem like I have to join some group before I can send an email?

?Connection to the remote recipient's server was denied for unknown reason.
SMTP through SDN 37, SMTP: (Proxy)Host lists.riscv.org said 510 5.1.1 Your email address, liushiwei at eswincomputing.com, 
is not subscribed to that group.  To subscribe, send an email to sig-trusted-computing+subscribe at lists.riscv.org, 
or visit https://lists.riscv.org/g/sig-trusted-computing?

Regards,
Liushiwei
-----????-----
???: Atish Patra [mailto:atishp at atishpatra.org] 
????: 2023?2?8? 6:37
???: liushiwei <liushiwei@eswincomputing.com>
??: Himanshu Chauhan <hchauhan@ventanamicro.com>; opensbi at lists.infradead.org; chenchaokai at eswincomputing.com
??: Re: Re: [PATCH 1/1] Add RISC-V TEE support

On Sat, Jan 28, 2023 at 12:33 AM liushiwei <liushiwei@eswincomputing.com> wrote:
>
> Hi, Atish
>         Thank you for your reply.
>         I submitted my ideas to https://github.com/riscv-non-isa/riscv-sbi-doc/pull/106 as requested by other members of the email.
>         You can preview them at https://github.com/liushiwei007/riscv-sbi-doc/blob/master/riscv-sbi.adoc .
>         I'm not sure if I need to send an email to tech-prs at lists.riscv.org or sig-trusted-computing at lists.riscv.org after submitting to riscv-sbi-doc?
>         If so, Is it to send the patch of opensbi I submitted before?
>

The Trusted computing SIG evaluates the overall merit and direction of any TEE related specifications.
The PRS TG will focus more on the SBI specification related parts.
I would recommend you to present your work to Trusted Computing SIG first so that everybody agrees on the overall direction for OP-TEE support in RISC-V.

> Regards,
> Liushiwei
>
>
> -----????-----
> ???: Atish Patra [mailto:atishp at atishpatra.org]
> ????: 2023?1?25? 3:12
> ???: liushiwei <liushiwei@eswincomputing.com>
> ??: Himanshu Chauhan <hchauhan@ventanamicro.com>; 
> opensbi at lists.infradead.org; chenchaokai at eswincomputing.com
> ??: Re: ??: [PATCH 1/1] Add RISC-V TEE support
>
> On Wed, Jan 11, 2023 at 11:08 PM liushiwei <liushiwei@eswincomputing.com> wrote:
> >
> > Hi, Himanshu ,  These are my description:
> >
> > In my design, The entire linux space is called REE (Rich Execution 
> > Environment), and TEE OS includes its user state called TEE (Trusted execution environment).
> > adding TEE functionality to opensbi requires two configuration items.
> > For example:
> >    add CONFIG_SBI_ECALL_TEE=y in platform/generic/configs/defconfig file.
> >    add CONFIG_TEE_LOAD_ADDR=0x27C000000 platform/generic/objects.mk.
> >    The value of CONFIG_TEE_LOAD_ADDR depends on the actual memory layout,
> >    It's a physical address.
> >
> > When TEE is configured, opensbi adds the following functionality:
> > 1. Boot TEE OS.
> >    If TEE is enabled, tee_os_init() is called before entering
> >    sbi_hart_switch_mode(). tee_os_init saves the current context,
> >    sets a new trap stack address, and runs to CONFIG_TEE_LOAD_ADDR as configured
> >    to complete TEE OS initialization. TEE OS returns via ecall, Go to opensbi
> >    sbi_ecall_tee_handler and use the characteristic value RETURN_ENTRY_DONE
> >    to indicate the return after the TEE OS completes booting. Check whether the
> >    TEE OS boot successfully according to the parameter. If fails,
> >    the system enters wfi and terminates the startup process of opensbi. If successful,
> >    it returns REE to switch into TEE's vector. then trap stack memory is restored,
> >    the context is restored, the tee_os_init call is returned,
> >    and the rest of the process is performed.
> > 2. REE switches to TEE.
> >    When the TEE OS boot successfully, it returns an entry vector for REE into the TEE.
> >    It represents various entry points into TEE OS and is stored in opensbi's global variables.
> >    It is the optee_vectors_t structure, which contains nine entry cases:
> >       1. yield_smc_entry;
> >       2. fast_smc_entry;
> >       3. cpu_on_entry;
> >       4. cpu_off_entry;
> >       5. cpu_resume_entry;
> >       6. cpu_suspend_entry;
> >       7. fiq_entry;
> >       8. system_off_entry;
> >       9. system_reset_entry;
> >    yield_smc_entry means that this function entry TEE will start the thread function
> >    and enter the user state of TEE. It may also switch back to REE with RPC function,
> >    and then return to TEE after REE completes the corresponding function.
> >    For the REE process that sent you this call, it may cause sleep.
> >
> >    fast_smc_entry indicates that this is a quick function that returns after
> >    the TEE OS does something, and that it does not cause the caller to sleep.
> >
> >    yield_smc_entry and fast_smc_entry return opensbi use eigenvalue RETURN_CALL_DONE.
> >    for yield_smc_entry, whether the call returns or the RPC returns is decided by linux.
> >
> >    cpu_on_entry/cpu_off_entry/cpu_resume_entry/cpu_suspend_entry and
> >    fiq_entry/system_off_entry/system_reset_entry they are not implemented currently.
> >
> > 3. TEE switches to REE.
> >    opensbi needs to save the context when REE enters the TEE,
> >    and restore the context when it returns from the TEE.
> >
> > 4. TEE/REE Request a special function.
> >    We have some specific functions, like get hartid from TEE,
> >    it need save and restore the TEE context.
> >
> > Data structure.
> > opensbi adds the sbi_save_context declaration
> >    struct sbi_save_context {
> >       struct sbi_trap_regs regs;
> >       unsigned long sepc;
> >       unsigned long satp;
> >       unsigned long sstatus;
> >       unsigned long sie;
> >       unsigned long stvec;
> >       unsigned long sscratch;
> >       unsigned long scounteren;
> >       unsigned long scause;
> >       unsigned long stval;
> >       unsigned long sip;
> >    };
> >    sbi_save_context include sbi_trap_regs and S mode csr. Used to 
> > hold the context of TEE or REE
> >
> >    typedef struct optee_vectors {
> >       optee_vector_isn_t yield_smc_entry;
> >       optee_vector_isn_t fast_smc_entry;
> >       optee_vector_isn_t cpu_on_entry;
> >       optee_vector_isn_t cpu_off_entry;
> >       optee_vector_isn_t cpu_resume_entry;
> >       optee_vector_isn_t cpu_suspend_entry;
> >       optee_vector_isn_t fiq_entry;
> >       optee_vector_isn_t system_off_entry;
> >       optee_vector_isn_t system_reset_entry;
> >    } optee_vectors_t;
> >    optee_vectors represent the various entry points into TEE OS.
> >
> > Variables defined by opensbi
> >    optee_vectors_t *optee_vector_table;
> >    struct sbi_save_context nsec_cpu_context[OPTEED_CORE_COUNT];
> >    struct sbi_save_context sec_cpu_context[OPTEED_CORE_COUNT];
> >    struct sbi_trap_regs cpu_start_context[OPTEED_CORE_COUNT];
> >    typedef ulong tee_tmp_trap_stack[1024];
> >    static tee_tmp_trap_stack tmp_stack[OPTEED_CORE_COUNT];
> >
> >    optee_vector_table value is assigned after the TEE OS boot succeeds.
> >    nsec_cpu_context and sec_cpu_context is to save the context of TEE and REE,
> >    cpu_start_context save the context of opensbi before tee_os_init enter TEE OS,
> >    tee_tmp_stack is the trap stack when TEE OS return tee_os_init.
> >
> > Under the current design, REE does not enable interrupts when 
> > entering TEE, and the entire TEE, including opensbi, is the process context of linux.
> > TEE processing must be brief and quick.
> >
>
> Great. Thanks. Your PR should include more details like this with proper FID allocation and description.
> In order to make it a standard RISC-V SBI extension, you need to 
> present this in tech-prs mailing list
> (https://lists.riscv.org/g/tech-prs)
> and get it approved within the group. Here is the policy document[1]
>
> https://docs.google.com/document/d/1bQGHU-wD4uN4mU07oH9adpXbH51NqUbFxc
> L8qTTIqhA/edit
>
> I think it would be good if you can present your work in trusted computing SIG (https://lists.riscv.org/g/sig-trusted-computing) as well.
>
> >
> > Regards,
> > liushiwei
> > -----????-----
> > ???: Himanshu Chauhan [mailto:hchauhan at ventanamicro.com]
> > ????: 2023?1?11? 23:39
> > ???: liushiwei <liushiwei@eswincomputing.com>
> > ??: opensbi at lists.infradead.org; chenchaokai at eswincomputing.com
> > ??: Re: ??: [PATCH 1/1] Add RISC-V TEE support
> >
> > On Wed, Jan 11, 2023 at 08:27:59PM +0800, liushiwei wrote:
> > > Do you mean hardware? Our hardware design referred to arm's 
> > > trustzone technology. optee os is a software solution using arm 
> > > trustzone hardware, which mainly includes REE(linux), TEE(optee 
> > > os), ATF(ARM Trusted firmware), and then our software also 
> > > developed these three parts. opensbi is similar to ATF. whether if this is what you want?
> > > The current committed code is not hardware-dependent, but just 
> > > continues the idea of this workaround, and we may commit hardware-dependent code later.
> > >
> > No, I meant the software specification.
> >
> > > -----????-----
> > > ???: hchauhan at ventanamicro.com [mailto:hchauhan at ventanamicro.com]
> > > ????: 2023?1?11? 20:03
> > > ???: 'liushiwei' <liushiwei@eswincomputing.com>; opensbi at lists.infradead.
> > > org
> > > ??: chenchaokai at eswincomputing.com
> > > ??: RE: [PATCH 1/1] Add RISC-V TEE support
> > >
> > > -----Original Message-----
> > > > From: opensbi <opensbi-bounces@lists.infradead.org> On Behalf Of 
> > > > liushiwei
> > > > Sent: 11 January 2023 07:32
> > > > To: opensbi at lists.infradead.org
> > > > Cc: chenchaokai at eswincomputing.com; liushiwei
> > > <liushiwei@eswincomputing.com>
> > > > Subject: [PATCH 1/1] Add RISC-V TEE support
> > >
> > > >RISC-V Trusted Executable Environment security software includes 
> > > >linux,
> > > opensbi, and OP-TEE OS. linux is the non-secure domain, and OP-TEE 
> > > OS is the secure domain. At boot time, opensbi boots OP->TEE OS and then starts linux.
> > > At runtime, opensbi acts as a secure monitor, responsible for 
> > > context saving and restoring when switching between linux and OP-TEE OS.
> > > >TEE function is off by default, when using configuration is added 
> > > >in the
> > > config and objects file, such as 
> > > platform/generic/configs/defconfig
> > > add CONFIG_SBI_ECALL_TEE = y, In the >platform/generic/objects.mk 
> > > add CONFIG_TEE_LOAD_ADDR = 0x27c000000, CONFIG_TEE_LOAD_ADDR is 
> > > the starting address of the OP-TEE OS.
> > >
> > > Hi Liushiwei,
> > >
> > > Was there any formal specification or draft for this? Could you 
> > > please point me to the draft or specification?
> > >
> > > Regards
> > > Himanshu
> > >
> > > --
> > > opensbi mailing list
> > > opensbi at lists.infradead.org
> > > http://lists.infradead.org/mailman/listinfo/opensbi
> > >
> >
> >
> > --
> > opensbi mailing list
> > opensbi at lists.infradead.org
> > http://lists.infradead.org/mailman/listinfo/opensbi
>
>
>
> --
> Regards,
> Atish
>


--
Regards,
Atish

[PATCH 1/1] Add RISC-V TEE support

[Atish Patra]

On Thu, Feb 16, 2023 at 3:40 AM liushiwei <liushiwei@eswincomputing.com> wrote:
>
> Hi? Atish
>         I tried to email tech-prs at lists.riscv.org and sig-trusted-computing at lists.riscv.org, but both returned. My attempts to send a patch directly also returned.
>         Looking at this reason, does it seem like I have to join some group before I can send an email?
>
> ?Connection to the remote recipient's server was denied for unknown reason.
> SMTP through SDN 37, SMTP: (Proxy)Host lists.riscv.org said 510 5.1.1 Your email address, liushiwei at eswincomputing.com,
> is not subscribed to that group.  To subscribe, send an email to sig-trusted-computing+subscribe at lists.riscv.org,
> or visit https://lists.riscv.org/g/sig-trusted-computing?
>

Yes. You have to subscribe to each group. Either you can join as an
individual member or your organization if that's already a RVI member.

> Regards,
> Liushiwei
> -----????-----
> ???: Atish Patra [mailto:atishp at atishpatra.org]
> ????: 2023?2?8? 6:37
> ???: liushiwei <liushiwei@eswincomputing.com>
> ??: Himanshu Chauhan <hchauhan@ventanamicro.com>; opensbi at lists.infradead.org; chenchaokai at eswincomputing.com
> ??: Re: Re: [PATCH 1/1] Add RISC-V TEE support
>
> On Sat, Jan 28, 2023 at 12:33 AM liushiwei <liushiwei@eswincomputing.com> wrote:
> >
> > Hi, Atish
> >         Thank you for your reply.
> >         I submitted my ideas to https://github.com/riscv-non-isa/riscv-sbi-doc/pull/106 as requested by other members of the email.
> >         You can preview them at https://github.com/liushiwei007/riscv-sbi-doc/blob/master/riscv-sbi.adoc .
> >         I'm not sure if I need to send an email to tech-prs at lists.riscv.org or sig-trusted-computing at lists.riscv.org after submitting to riscv-sbi-doc?
> >         If so, Is it to send the patch of opensbi I submitted before?
> >
>
> The Trusted computing SIG evaluates the overall merit and direction of any TEE related specifications.
> The PRS TG will focus more on the SBI specification related parts.
> I would recommend you to present your work to Trusted Computing SIG first so that everybody agrees on the overall direction for OP-TEE support in RISC-V.
>
> > Regards,
> > Liushiwei
> >
> >
> > -----????-----
> > ???: Atish Patra [mailto:atishp at atishpatra.org]
> > ????: 2023?1?25? 3:12
> > ???: liushiwei <liushiwei@eswincomputing.com>
> > ??: Himanshu Chauhan <hchauhan@ventanamicro.com>;
> > opensbi at lists.infradead.org; chenchaokai at eswincomputing.com
> > ??: Re: ??: [PATCH 1/1] Add RISC-V TEE support
> >
> > On Wed, Jan 11, 2023 at 11:08 PM liushiwei <liushiwei@eswincomputing.com> wrote:
> > >
> > > Hi, Himanshu ,  These are my description:
> > >
> > > In my design, The entire linux space is called REE (Rich Execution
> > > Environment), and TEE OS includes its user state called TEE (Trusted execution environment).
> > > adding TEE functionality to opensbi requires two configuration items.
> > > For example:
> > >    add CONFIG_SBI_ECALL_TEE=y in platform/generic/configs/defconfig file.
> > >    add CONFIG_TEE_LOAD_ADDR=0x27C000000 platform/generic/objects.mk.
> > >    The value of CONFIG_TEE_LOAD_ADDR depends on the actual memory layout,
> > >    It's a physical address.
> > >
> > > When TEE is configured, opensbi adds the following functionality:
> > > 1. Boot TEE OS.
> > >    If TEE is enabled, tee_os_init() is called before entering
> > >    sbi_hart_switch_mode(). tee_os_init saves the current context,
> > >    sets a new trap stack address, and runs to CONFIG_TEE_LOAD_ADDR as configured
> > >    to complete TEE OS initialization. TEE OS returns via ecall, Go to opensbi
> > >    sbi_ecall_tee_handler and use the characteristic value RETURN_ENTRY_DONE
> > >    to indicate the return after the TEE OS completes booting. Check whether the
> > >    TEE OS boot successfully according to the parameter. If fails,
> > >    the system enters wfi and terminates the startup process of opensbi. If successful,
> > >    it returns REE to switch into TEE's vector. then trap stack memory is restored,
> > >    the context is restored, the tee_os_init call is returned,
> > >    and the rest of the process is performed.
> > > 2. REE switches to TEE.
> > >    When the TEE OS boot successfully, it returns an entry vector for REE into the TEE.
> > >    It represents various entry points into TEE OS and is stored in opensbi's global variables.
> > >    It is the optee_vectors_t structure, which contains nine entry cases:
> > >       1. yield_smc_entry;
> > >       2. fast_smc_entry;
> > >       3. cpu_on_entry;
> > >       4. cpu_off_entry;
> > >       5. cpu_resume_entry;
> > >       6. cpu_suspend_entry;
> > >       7. fiq_entry;
> > >       8. system_off_entry;
> > >       9. system_reset_entry;
> > >    yield_smc_entry means that this function entry TEE will start the thread function
> > >    and enter the user state of TEE. It may also switch back to REE with RPC function,
> > >    and then return to TEE after REE completes the corresponding function.
> > >    For the REE process that sent you this call, it may cause sleep.
> > >
> > >    fast_smc_entry indicates that this is a quick function that returns after
> > >    the TEE OS does something, and that it does not cause the caller to sleep.
> > >
> > >    yield_smc_entry and fast_smc_entry return opensbi use eigenvalue RETURN_CALL_DONE.
> > >    for yield_smc_entry, whether the call returns or the RPC returns is decided by linux.
> > >
> > >    cpu_on_entry/cpu_off_entry/cpu_resume_entry/cpu_suspend_entry and
> > >    fiq_entry/system_off_entry/system_reset_entry they are not implemented currently.
> > >
> > > 3. TEE switches to REE.
> > >    opensbi needs to save the context when REE enters the TEE,
> > >    and restore the context when it returns from the TEE.
> > >
> > > 4. TEE/REE Request a special function.
> > >    We have some specific functions, like get hartid from TEE,
> > >    it need save and restore the TEE context.
> > >
> > > Data structure.
> > > opensbi adds the sbi_save_context declaration
> > >    struct sbi_save_context {
> > >       struct sbi_trap_regs regs;
> > >       unsigned long sepc;
> > >       unsigned long satp;
> > >       unsigned long sstatus;
> > >       unsigned long sie;
> > >       unsigned long stvec;
> > >       unsigned long sscratch;
> > >       unsigned long scounteren;
> > >       unsigned long scause;
> > >       unsigned long stval;
> > >       unsigned long sip;
> > >    };
> > >    sbi_save_context include sbi_trap_regs and S mode csr. Used to
> > > hold the context of TEE or REE
> > >
> > >    typedef struct optee_vectors {
> > >       optee_vector_isn_t yield_smc_entry;
> > >       optee_vector_isn_t fast_smc_entry;
> > >       optee_vector_isn_t cpu_on_entry;
> > >       optee_vector_isn_t cpu_off_entry;
> > >       optee_vector_isn_t cpu_resume_entry;
> > >       optee_vector_isn_t cpu_suspend_entry;
> > >       optee_vector_isn_t fiq_entry;
> > >       optee_vector_isn_t system_off_entry;
> > >       optee_vector_isn_t system_reset_entry;
> > >    } optee_vectors_t;
> > >    optee_vectors represent the various entry points into TEE OS.
> > >
> > > Variables defined by opensbi
> > >    optee_vectors_t *optee_vector_table;
> > >    struct sbi_save_context nsec_cpu_context[OPTEED_CORE_COUNT];
> > >    struct sbi_save_context sec_cpu_context[OPTEED_CORE_COUNT];
> > >    struct sbi_trap_regs cpu_start_context[OPTEED_CORE_COUNT];
> > >    typedef ulong tee_tmp_trap_stack[1024];
> > >    static tee_tmp_trap_stack tmp_stack[OPTEED_CORE_COUNT];
> > >
> > >    optee_vector_table value is assigned after the TEE OS boot succeeds.
> > >    nsec_cpu_context and sec_cpu_context is to save the context of TEE and REE,
> > >    cpu_start_context save the context of opensbi before tee_os_init enter TEE OS,
> > >    tee_tmp_stack is the trap stack when TEE OS return tee_os_init.
> > >
> > > Under the current design, REE does not enable interrupts when
> > > entering TEE, and the entire TEE, including opensbi, is the process context of linux.
> > > TEE processing must be brief and quick.
> > >
> >
> > Great. Thanks. Your PR should include more details like this with proper FID allocation and description.
> > In order to make it a standard RISC-V SBI extension, you need to
> > present this in tech-prs mailing list
> > (https://lists.riscv.org/g/tech-prs)
> > and get it approved within the group. Here is the policy document[1]
> >
> > https://docs.google.com/document/d/1bQGHU-wD4uN4mU07oH9adpXbH51NqUbFxc
> > L8qTTIqhA/edit
> >
> > I think it would be good if you can present your work in trusted computing SIG (https://lists.riscv.org/g/sig-trusted-computing) as well.
> >
> > >
> > > Regards,
> > > liushiwei
> > > -----????-----
> > > ???: Himanshu Chauhan [mailto:hchauhan at ventanamicro.com]
> > > ????: 2023?1?11? 23:39
> > > ???: liushiwei <liushiwei@eswincomputing.com>
> > > ??: opensbi at lists.infradead.org; chenchaokai at eswincomputing.com
> > > ??: Re: ??: [PATCH 1/1] Add RISC-V TEE support
> > >
> > > On Wed, Jan 11, 2023 at 08:27:59PM +0800, liushiwei wrote:
> > > > Do you mean hardware? Our hardware design referred to arm's
> > > > trustzone technology. optee os is a software solution using arm
> > > > trustzone hardware, which mainly includes REE(linux), TEE(optee
> > > > os), ATF(ARM Trusted firmware), and then our software also
> > > > developed these three parts. opensbi is similar to ATF. whether if this is what you want?
> > > > The current committed code is not hardware-dependent, but just
> > > > continues the idea of this workaround, and we may commit hardware-dependent code later.
> > > >
> > > No, I meant the software specification.
> > >
> > > > -----????-----
> > > > ???: hchauhan at ventanamicro.com [mailto:hchauhan at ventanamicro.com]
> > > > ????: 2023?1?11? 20:03
> > > > ???: 'liushiwei' <liushiwei@eswincomputing.com>; opensbi at lists.infradead.
> > > > org
> > > > ??: chenchaokai at eswincomputing.com
> > > > ??: RE: [PATCH 1/1] Add RISC-V TEE support
> > > >
> > > > -----Original Message-----
> > > > > From: opensbi <opensbi-bounces@lists.infradead.org> On Behalf Of
> > > > > liushiwei
> > > > > Sent: 11 January 2023 07:32
> > > > > To: opensbi at lists.infradead.org
> > > > > Cc: chenchaokai at eswincomputing.com; liushiwei
> > > > <liushiwei@eswincomputing.com>
> > > > > Subject: [PATCH 1/1] Add RISC-V TEE support
> > > >
> > > > >RISC-V Trusted Executable Environment security software includes
> > > > >linux,
> > > > opensbi, and OP-TEE OS. linux is the non-secure domain, and OP-TEE
> > > > OS is the secure domain. At boot time, opensbi boots OP->TEE OS and then starts linux.
> > > > At runtime, opensbi acts as a secure monitor, responsible for
> > > > context saving and restoring when switching between linux and OP-TEE OS.
> > > > >TEE function is off by default, when using configuration is added
> > > > >in the
> > > > config and objects file, such as
> > > > platform/generic/configs/defconfig
> > > > add CONFIG_SBI_ECALL_TEE = y, In the >platform/generic/objects.mk
> > > > add CONFIG_TEE_LOAD_ADDR = 0x27c000000, CONFIG_TEE_LOAD_ADDR is
> > > > the starting address of the OP-TEE OS.
> > > >
> > > > Hi Liushiwei,
> > > >
> > > > Was there any formal specification or draft for this? Could you
> > > > please point me to the draft or specification?
> > > >
> > > > Regards
> > > > Himanshu
> > > >
> > > > --
> > > > opensbi mailing list
> > > > opensbi at lists.infradead.org
> > > > http://lists.infradead.org/mailman/listinfo/opensbi
> > > >
> > >
> > >
> > > --
> > > opensbi mailing list
> > > opensbi at lists.infradead.org
> > > http://lists.infradead.org/mailman/listinfo/opensbi
> >
> >
> >
> > --
> > Regards,
> > Atish
> >
>
>
> --
> Regards,
> Atish
>


-- 
Regards,
Atish

[PATCH 1/1] Add RISC-V TEE support

[liushiwei]

	Ok, thanks Atish, I'll try to join the group first.

Regards,
Liushiwei

-----????-----
???: Atish Patra [mailto:atishp at atishpatra.org] 
????: 2023?2?22? 4:23
???: liushiwei <liushiwei@eswincomputing.com>
??: Himanshu Chauhan <hchauhan@ventanamicro.com>; opensbi at lists.infradead.org; chenchaokai at eswincomputing.com
??: Re: Re: [PATCH 1/1] Add RISC-V TEE support

On Thu, Feb 16, 2023 at 3:40 AM liushiwei <liushiwei@eswincomputing.com> wrote:
>
> Hi? Atish
>         I tried to email tech-prs at lists.riscv.org and sig-trusted-computing at lists.riscv.org, but both returned. My attempts to send a patch directly also returned.
>         Looking at this reason, does it seem like I have to join some 
> group before I can send an email?
>
> ?Connection to the remote recipient's server was denied for unknown reason.
> SMTP through SDN 37, SMTP: (Proxy)Host lists.riscv.org said 510 5.1.1 
> Your email address, liushiwei at eswincomputing.com, is not subscribed to 
> that group.  To subscribe, send an email to 
> sig-trusted-computing+subscribe at lists.riscv.org,
> or visit https://lists.riscv.org/g/sig-trusted-computing?
>

Yes. You have to subscribe to each group. Either you can join as an individual member or your organization if that's already a RVI member.

> Regards,
> Liushiwei
> -----????-----
> ???: Atish Patra [mailto:atishp at atishpatra.org]
> ????: 2023?2?8? 6:37
> ???: liushiwei <liushiwei@eswincomputing.com>
> ??: Himanshu Chauhan <hchauhan@ventanamicro.com>; 
> opensbi at lists.infradead.org; chenchaokai at eswincomputing.com
> ??: Re: Re: [PATCH 1/1] Add RISC-V TEE support
>
> On Sat, Jan 28, 2023 at 12:33 AM liushiwei <liushiwei@eswincomputing.com> wrote:
> >
> > Hi, Atish
> >         Thank you for your reply.
> >         I submitted my ideas to https://github.com/riscv-non-isa/riscv-sbi-doc/pull/106 as requested by other members of the email.
> >         You can preview them at https://github.com/liushiwei007/riscv-sbi-doc/blob/master/riscv-sbi.adoc .
> >         I'm not sure if I need to send an email to tech-prs at lists.riscv.org or sig-trusted-computing at lists.riscv.org after submitting to riscv-sbi-doc?
> >         If so, Is it to send the patch of opensbi I submitted before?
> >
>
> The Trusted computing SIG evaluates the overall merit and direction of any TEE related specifications.
> The PRS TG will focus more on the SBI specification related parts.
> I would recommend you to present your work to Trusted Computing SIG first so that everybody agrees on the overall direction for OP-TEE support in RISC-V.
>
> > Regards,
> > Liushiwei
> >
> >
> > -----????-----
> > ???: Atish Patra [mailto:atishp at atishpatra.org]
> > ????: 2023?1?25? 3:12
> > ???: liushiwei <liushiwei@eswincomputing.com>
> > ??: Himanshu Chauhan <hchauhan@ventanamicro.com>; 
> > opensbi at lists.infradead.org; chenchaokai at eswincomputing.com
> > ??: Re: ??: [PATCH 1/1] Add RISC-V TEE support
> >
> > On Wed, Jan 11, 2023 at 11:08 PM liushiwei <liushiwei@eswincomputing.com> wrote:
> > >
> > > Hi, Himanshu ,  These are my description:
> > >
> > > In my design, The entire linux space is called REE (Rich Execution 
> > > Environment), and TEE OS includes its user state called TEE (Trusted execution environment).
> > > adding TEE functionality to opensbi requires two configuration items.
> > > For example:
> > >    add CONFIG_SBI_ECALL_TEE=y in platform/generic/configs/defconfig file.
> > >    add CONFIG_TEE_LOAD_ADDR=0x27C000000 platform/generic/objects.mk.
> > >    The value of CONFIG_TEE_LOAD_ADDR depends on the actual memory layout,
> > >    It's a physical address.
> > >
> > > When TEE is configured, opensbi adds the following functionality:
> > > 1. Boot TEE OS.
> > >    If TEE is enabled, tee_os_init() is called before entering
> > >    sbi_hart_switch_mode(). tee_os_init saves the current context,
> > >    sets a new trap stack address, and runs to CONFIG_TEE_LOAD_ADDR as configured
> > >    to complete TEE OS initialization. TEE OS returns via ecall, Go to opensbi
> > >    sbi_ecall_tee_handler and use the characteristic value RETURN_ENTRY_DONE
> > >    to indicate the return after the TEE OS completes booting. Check whether the
> > >    TEE OS boot successfully according to the parameter. If fails,
> > >    the system enters wfi and terminates the startup process of opensbi. If successful,
> > >    it returns REE to switch into TEE's vector. then trap stack memory is restored,
> > >    the context is restored, the tee_os_init call is returned,
> > >    and the rest of the process is performed.
> > > 2. REE switches to TEE.
> > >    When the TEE OS boot successfully, it returns an entry vector for REE into the TEE.
> > >    It represents various entry points into TEE OS and is stored in opensbi's global variables.
> > >    It is the optee_vectors_t structure, which contains nine entry cases:
> > >       1. yield_smc_entry;
> > >       2. fast_smc_entry;
> > >       3. cpu_on_entry;
> > >       4. cpu_off_entry;
> > >       5. cpu_resume_entry;
> > >       6. cpu_suspend_entry;
> > >       7. fiq_entry;
> > >       8. system_off_entry;
> > >       9. system_reset_entry;
> > >    yield_smc_entry means that this function entry TEE will start the thread function
> > >    and enter the user state of TEE. It may also switch back to REE with RPC function,
> > >    and then return to TEE after REE completes the corresponding function.
> > >    For the REE process that sent you this call, it may cause sleep.
> > >
> > >    fast_smc_entry indicates that this is a quick function that returns after
> > >    the TEE OS does something, and that it does not cause the caller to sleep.
> > >
> > >    yield_smc_entry and fast_smc_entry return opensbi use eigenvalue RETURN_CALL_DONE.
> > >    for yield_smc_entry, whether the call returns or the RPC returns is decided by linux.
> > >
> > >    cpu_on_entry/cpu_off_entry/cpu_resume_entry/cpu_suspend_entry and
> > >    fiq_entry/system_off_entry/system_reset_entry they are not implemented currently.
> > >
> > > 3. TEE switches to REE.
> > >    opensbi needs to save the context when REE enters the TEE,
> > >    and restore the context when it returns from the TEE.
> > >
> > > 4. TEE/REE Request a special function.
> > >    We have some specific functions, like get hartid from TEE,
> > >    it need save and restore the TEE context.
> > >
> > > Data structure.
> > > opensbi adds the sbi_save_context declaration
> > >    struct sbi_save_context {
> > >       struct sbi_trap_regs regs;
> > >       unsigned long sepc;
> > >       unsigned long satp;
> > >       unsigned long sstatus;
> > >       unsigned long sie;
> > >       unsigned long stvec;
> > >       unsigned long sscratch;
> > >       unsigned long scounteren;
> > >       unsigned long scause;
> > >       unsigned long stval;
> > >       unsigned long sip;
> > >    };
> > >    sbi_save_context include sbi_trap_regs and S mode csr. Used to 
> > > hold the context of TEE or REE
> > >
> > >    typedef struct optee_vectors {
> > >       optee_vector_isn_t yield_smc_entry;
> > >       optee_vector_isn_t fast_smc_entry;
> > >       optee_vector_isn_t cpu_on_entry;
> > >       optee_vector_isn_t cpu_off_entry;
> > >       optee_vector_isn_t cpu_resume_entry;
> > >       optee_vector_isn_t cpu_suspend_entry;
> > >       optee_vector_isn_t fiq_entry;
> > >       optee_vector_isn_t system_off_entry;
> > >       optee_vector_isn_t system_reset_entry;
> > >    } optee_vectors_t;
> > >    optee_vectors represent the various entry points into TEE OS.
> > >
> > > Variables defined by opensbi
> > >    optee_vectors_t *optee_vector_table;
> > >    struct sbi_save_context nsec_cpu_context[OPTEED_CORE_COUNT];
> > >    struct sbi_save_context sec_cpu_context[OPTEED_CORE_COUNT];
> > >    struct sbi_trap_regs cpu_start_context[OPTEED_CORE_COUNT];
> > >    typedef ulong tee_tmp_trap_stack[1024];
> > >    static tee_tmp_trap_stack tmp_stack[OPTEED_CORE_COUNT];
> > >
> > >    optee_vector_table value is assigned after the TEE OS boot succeeds.
> > >    nsec_cpu_context and sec_cpu_context is to save the context of TEE and REE,
> > >    cpu_start_context save the context of opensbi before tee_os_init enter TEE OS,
> > >    tee_tmp_stack is the trap stack when TEE OS return tee_os_init.
> > >
> > > Under the current design, REE does not enable interrupts when 
> > > entering TEE, and the entire TEE, including opensbi, is the process context of linux.
> > > TEE processing must be brief and quick.
> > >
> >
> > Great. Thanks. Your PR should include more details like this with proper FID allocation and description.
> > In order to make it a standard RISC-V SBI extension, you need to 
> > present this in tech-prs mailing list
> > (https://lists.riscv.org/g/tech-prs)
> > and get it approved within the group. Here is the policy document[1]
> >
> > https://docs.google.com/document/d/1bQGHU-wD4uN4mU07oH9adpXbH51NqUbF
> > xc
> > L8qTTIqhA/edit
> >
> > I think it would be good if you can present your work in trusted computing SIG (https://lists.riscv.org/g/sig-trusted-computing) as well.
> >
> > >
> > > Regards,
> > > liushiwei
> > > -----????-----
> > > ???: Himanshu Chauhan [mailto:hchauhan at ventanamicro.com]
> > > ????: 2023?1?11? 23:39
> > > ???: liushiwei <liushiwei@eswincomputing.com>
> > > ??: opensbi at lists.infradead.org; chenchaokai at eswincomputing.com
> > > ??: Re: ??: [PATCH 1/1] Add RISC-V TEE support
> > >
> > > On Wed, Jan 11, 2023 at 08:27:59PM +0800, liushiwei wrote:
> > > > Do you mean hardware? Our hardware design referred to arm's 
> > > > trustzone technology. optee os is a software solution using arm 
> > > > trustzone hardware, which mainly includes REE(linux), TEE(optee 
> > > > os), ATF(ARM Trusted firmware), and then our software also 
> > > > developed these three parts. opensbi is similar to ATF. whether if this is what you want?
> > > > The current committed code is not hardware-dependent, but just 
> > > > continues the idea of this workaround, and we may commit hardware-dependent code later.
> > > >
> > > No, I meant the software specification.
> > >
> > > > -----????-----
> > > > ???: hchauhan at ventanamicro.com 
> > > > [mailto:hchauhan at ventanamicro.com]
> > > > ????: 2023?1?11? 20:03
> > > > ???: 'liushiwei' <liushiwei@eswincomputing.com>; opensbi at lists.infradead.
> > > > org
> > > > ??: chenchaokai at eswincomputing.com
> > > > ??: RE: [PATCH 1/1] Add RISC-V TEE support
> > > >
> > > > -----Original Message-----
> > > > > From: opensbi <opensbi-bounces@lists.infradead.org> On Behalf 
> > > > > Of liushiwei
> > > > > Sent: 11 January 2023 07:32
> > > > > To: opensbi at lists.infradead.org
> > > > > Cc: chenchaokai at eswincomputing.com; liushiwei
> > > > <liushiwei@eswincomputing.com>
> > > > > Subject: [PATCH 1/1] Add RISC-V TEE support
> > > >
> > > > >RISC-V Trusted Executable Environment security software 
> > > > >includes linux,
> > > > opensbi, and OP-TEE OS. linux is the non-secure domain, and 
> > > > OP-TEE OS is the secure domain. At boot time, opensbi boots OP->TEE OS and then starts linux.
> > > > At runtime, opensbi acts as a secure monitor, responsible for 
> > > > context saving and restoring when switching between linux and OP-TEE OS.
> > > > >TEE function is off by default, when using configuration is 
> > > > >added in the
> > > > config and objects file, such as 
> > > > platform/generic/configs/defconfig
> > > > add CONFIG_SBI_ECALL_TEE = y, In the 
> > > > >platform/generic/objects.mk add CONFIG_TEE_LOAD_ADDR = 
> > > > 0x27c000000, CONFIG_TEE_LOAD_ADDR is the starting address of the OP-TEE OS.
> > > >
> > > > Hi Liushiwei,
> > > >
> > > > Was there any formal specification or draft for this? Could you 
> > > > please point me to the draft or specification?
> > > >
> > > > Regards
> > > > Himanshu
> > > >
> > > > --
> > > > opensbi mailing list
> > > > opensbi at lists.infradead.org
> > > > http://lists.infradead.org/mailman/listinfo/opensbi
> > > >
> > >
> > >
> > > --
> > > opensbi mailing list
> > > opensbi at lists.infradead.org
> > > http://lists.infradead.org/mailman/listinfo/opensbi
> >
> >
> >
> > --
> > Regards,
> > Atish
> >
>
>
> --
> Regards,
> Atish
>


--
Regards,
Atish