Merge patch series "cmd: Add support for optee commands."WIP/08Jan2024-next

Venkatesh Yadav Abbarapu <venkatesh.abbarapu@amd.com> says:

Add the basic 'hello world ta' command which increments the value passed.
This provides easy test for establishing a session with OP-TEE TA and verify.

It includes following subcommands:
optee hello
optee hello <value>; value to increment via OP-TEE HELLO WORLD TA.

Link: https://lore.kernel.org/r/20241219043918.1646095-1-venkatesh.abbarapu@amd.com

5 files changed, 148 insertions, 0 deletions

diff --git a/cmd/Kconfig b/cmd/Kconfig
index 93efeaec6f4..4c4ad9d9979 100644
--- a/cmd/Kconfig
+++ b/cmd/Kconfig
@@ -1453,6 +1453,12 @@ config CMD_OPTEE_RPMB
 	  in the Replay Protection Memory Block partition in eMMC by
 	  using Persistent Objects in OPTEE
 
+config CMD_OPTEE
+	bool "Enable OP-TEE commands"
+	depends on OPTEE
+	help
+	 OP-TEE commands support.
+
 config CMD_MTD
 	bool "mtd"
 	depends on MTD
diff --git a/cmd/Makefile b/cmd/Makefile
index 1e6d3128c8c..bf322201c64 100644
--- a/cmd/Makefile
+++ b/cmd/Makefile
@@ -119,6 +119,7 @@ obj-$(CONFIG_CMD_PAUSE) += pause.o
 obj-$(CONFIG_CMD_SLEEP) += sleep.o
 obj-$(CONFIG_CMD_MMC) += mmc.o
 obj-$(CONFIG_CMD_OPTEE_RPMB) += optee_rpmb.o
+obj-$(CONFIG_CMD_OPTEE) += optee.o
 obj-$(CONFIG_CMD_MP) += mp.o
 obj-$(CONFIG_CMD_MTD) += mtd.o
 obj-$(CONFIG_CMD_MTDPARTS) += mtdparts.o
diff --git a/cmd/optee.c b/cmd/optee.c
new file mode 100644
index 00000000000..d0d37293986
--- /dev/null
+++ b/cmd/optee.c
@@ -0,0 +1,70 @@
+// SPDX-License-Identifier: GPL-2.0
+/*
+ * (C) Copyright 2024, Advanced Micro Devices, Inc.
+ */
+#include <command.h>
+#include <errno.h>
+#include <tee.h>
+#include <vsprintf.h>
+
+#define TA_HELLO_WORLD_CMD_INC_VALUE 0
+/* This needs to match the UUID of the Hello World TA. */
+#define TA_HELLO_WORLD_UUID \
+	{ 0x8aaaf200, 0x2450, 0x11e4, \
+	{ 0xab, 0xe2, 0x00, 0x02, 0xa5, 0xd5, 0xc5, 0x1b} }
+
+static int hello_world_ta(unsigned int value)
+{
+	const struct tee_optee_ta_uuid uuid = TA_HELLO_WORLD_UUID;
+	struct tee_open_session_arg session_arg;
+	struct udevice *tee = NULL;
+	struct tee_invoke_arg arg;
+	struct tee_param param[2];
+	int rc;
+
+	tee = tee_find_device(tee, NULL, NULL, NULL);
+	if (!tee)
+		return -ENODEV;
+
+	memset(&session_arg, 0, sizeof(session_arg));
+	tee_optee_ta_uuid_to_octets(session_arg.uuid, &uuid);
+	rc = tee_open_session(tee, &session_arg, 0, NULL);
+	if (rc) {
+		printf("tee_open_session(): failed(%d)\n", rc);
+		return rc;
+	}
+
+	arg.func = TA_HELLO_WORLD_CMD_INC_VALUE;
+	arg.session = session_arg.session;
+
+	param[0].attr = TEE_PARAM_ATTR_TYPE_VALUE_INOUT;
+	param[0].u.value.a = value;
+
+	printf("Value before: 0x%x\n", (int)param[0].u.value.a);
+	printf("Calling TA\n");
+	tee_invoke_func(tee, &arg, 1, param);
+
+	printf("Value after: 0x%x\n", (int)param[0].u.value.a);
+	return tee_close_session(tee, session_arg.session);
+}
+
+static int do_optee_hello_world_ta(struct cmd_tbl *cmdtp, int flag, int argc,
+				   char * const argv[])
+{
+	int ret, value = 0;
+
+	if (strcmp(argv[1], NULL))
+		value = hextoul(argv[1], NULL);
+
+	ret = hello_world_ta(value);
+	if (ret)
+		return CMD_RET_FAILURE;
+
+	return CMD_RET_SUCCESS;
+}
+
+U_BOOT_LONGHELP(optee,
+	"hello [<value>]   Invoke the OP-TEE 'Hello World' TA\n");
+
+U_BOOT_CMD_WITH_SUBCMDS(optee, "OP-TEE commands", optee_help_text,
+	U_BOOT_SUBCMD_MKENT(hello, 2, 1, do_optee_hello_world_ta));
diff --git a/doc/usage/cmd/optee.rst b/doc/usage/cmd/optee.rst
new file mode 100644
index 00000000000..46c569a105f
--- /dev/null
+++ b/doc/usage/cmd/optee.rst
@@ -0,0 +1,70 @@
+.. SPDX-License-Identifier: GPL-2.0
+
+.. index::
+   single: optee (command)
+
+optee command
+=============
+
+Synopsis
+--------
+
+::
+
+    optee hello
+    optee hello <value>
+
+Description
+-----------
+
+This is an OP-TEE sanity test which invokes the "Hello World"
+Trusted Application (TA). The TA does two things:
+- It prints debug and information messages to the secure console (if logging is enabled)
+- It increments the integer value passed as a parameter and returns it
+
+
+value
+	Integer value that the TA is expected to increment and return.
+	The default value is 0.
+
+To enable the OP-TEE Hello World example please refer
+https://optee.readthedocs.io/en/latest/building/gits/optee_examples/optee_examples.html
+
+Examples
+--------
+
+::
+
+	==> optee hello
+	D/TA:  TA_CreateEntryPoint:39 has been called
+	I/TA: Hello World!
+	Value before: 0x0
+	Calling TA
+	D/TA:  inc_value:105 has been called
+	I/TA: Got value: 0 from NW
+	I/TA: Increase value to: 1
+	Value after: 0x1
+	I/TA: Goodbye!
+	D/TA:  TA_DestroyEntryPoint:50 has been called
+
+	==> optee hello 74
+	D/TA:  TA_CreateEntryPoint:39 has been called
+	I/TA: Hello World!
+	Value before: 0x74
+	Calling TA
+	D/TA:  inc_value:105 has been called
+	I/TA: Got value: 116 from NW
+	I/TA: Increase value to: 117
+	Value after: 0x75
+	I/TA: Goodbye!
+	D/TA:  TA_DestroyEntryPoint:50 has been called
+
+Configuration
+-------------
+
+The optee command is enabled by CONFIG_OPTEE=y and CONFIG_CMD_OPTEE=y.
+
+Return value
+------------
+
+The return value $? is 0 (true) if the command succeeds, 1 (false) otherwise.
diff --git a/doc/usage/index.rst b/doc/usage/index.rst
index cb7a23f1170..4dd00f002cd 100644
--- a/doc/usage/index.rst
+++ b/doc/usage/index.rst
@@ -92,6 +92,7 @@ Shell commands
    cmd/msr
    cmd/mtest
    cmd/mtrr
+   cmd/optee
    cmd/panic
    cmd/part
    cmd/pause