summaryrefslogtreecommitdiff
path: root/include/tee
diff options
context:
space:
mode:
authorJens Wiklander <jens.wiklander@linaro.org>2018-09-25 16:40:15 +0200
committerTom Rini <trini@konsulko.com>2018-10-07 10:47:38 -0400
commit1cc8cc4e675e32cde76487292c8bace5fa927eee (patch)
tree1b0d3f82ae5d0b34ec92047a6c4e950daa124fae /include/tee
parent232cfd6d9152fd2a4e7113faec51db2a9ab8c6bd (diff)
downloadu-boot-1cc8cc4e675e32cde76487292c8bace5fa927eee.tar.gz
tee: optee: support AVB trusted application
Adds configuration option OPTEE_TA_AVB and a header file describing the interface to the Android Verified Boot 2.0 (AVB) trusted application provided by OP-TEE. Tested-by: Igor Opaniuk <igor.opaniuk@linaro.org> Reviewed-by: Igor Opaniuk <igor.opaniuk@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Simon Glass <sjg@chromium.org>
Diffstat (limited to 'include/tee')
-rw-r--r--include/tee/optee_ta_avb.h48
1 files changed, 48 insertions, 0 deletions
diff --git a/include/tee/optee_ta_avb.h b/include/tee/optee_ta_avb.h
new file mode 100644
index 0000000000..074386af19
--- /dev/null
+++ b/include/tee/optee_ta_avb.h
@@ -0,0 +1,48 @@
+/* SPDX-License-Identifier: BSD-2-Clause */
+/* Copyright (c) 2018, Linaro Limited */
+
+#ifndef __TA_AVB_H
+#define __TA_AVB_H
+
+#define TA_AVB_UUID { 0x023f8f1a, 0x292a, 0x432b, \
+ { 0x8f, 0xc4, 0xde, 0x84, 0x71, 0x35, 0x80, 0x67 } }
+
+#define TA_AVB_MAX_ROLLBACK_LOCATIONS 256
+
+/*
+ * Gets the rollback index corresponding to the given rollback index slot.
+ *
+ * in params[0].value.a: rollback index slot
+ * out params[1].value.a: upper 32 bits of rollback index
+ * out params[1].value.b: lower 32 bits of rollback index
+ */
+#define TA_AVB_CMD_READ_ROLLBACK_INDEX 0
+
+/*
+ * Updates the rollback index corresponding to the given rollback index slot.
+ *
+ * Will refuse to update a slot with a lower value.
+ *
+ * in params[0].value.a: rollback index slot
+ * in params[1].value.a: upper 32 bits of rollback index
+ * in params[1].value.b: lower 32 bits of rollback index
+ */
+#define TA_AVB_CMD_WRITE_ROLLBACK_INDEX 1
+
+/*
+ * Gets the lock state of the device.
+ *
+ * out params[0].value.a: lock state
+ */
+#define TA_AVB_CMD_READ_LOCK_STATE 2
+
+/*
+ * Sets the lock state of the device.
+ *
+ * If the lock state is changed all rollback slots will be reset to 0
+ *
+ * in params[0].value.a: lock state
+ */
+#define TA_AVB_CMD_WRITE_LOCK_STATE 3
+
+#endif /* __TA_AVB_H */