core: add CFG_RPMB_ANNOUNCE_PROBE_CAP

Add CFG_RPMB_ANNOUNCE_PROBE_CAP to control whether RPMB probe capability should be announced to the kernel. For the kernel driver to enable in-kernel RPMB routing it must know in advance that OP-TEE supports it. By masking the capability the kernel will route all RPMB commands to tee-supplicant. Signed-off-by: Jens Wiklander <[email protected]> Reviewed-by: Jerome Forissier <[email protected]> Reviewed-by: Etienne Carriere <[email protected]>
OP-TEE · Sep 13, 2024 · b78dd3f · b78dd3f
1 parent a4ad8ad
commit b78dd3f
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 2 deletions.
diff --git a/core/arch/arm/kernel/thread_spmc.c b/core/arch/arm/kernel/thread_spmc.c
@@ -798,7 +798,8 @@ static void handle_blocking_call(struct thread_smc_args *args,
 		sec_caps = OPTEE_FFA_SEC_CAP_ARG_OFFSET;
 		if (spmc_notif_is_ready)
 			sec_caps |= OPTEE_FFA_SEC_CAP_ASYNC_NOTIF;
-		sec_caps |= OPTEE_FFA_SEC_CAP_RPMB_PROBE;
+		if (IS_ENABLED(CFG_RPMB_ANNOUNCE_PROBE_CAP))
+			sec_caps |= OPTEE_FFA_SEC_CAP_RPMB_PROBE;
 		spmc_set_args(args, direct_resp_fid,
 			      swap_src_dst(args->a1), 0, 0,
 			      THREAD_RPC_MAX_NUM_PARAMS, sec_caps);

diff --git a/core/arch/arm/tee/entry_fast.c b/core/arch/arm/tee/entry_fast.c
@@ -118,7 +118,8 @@ static void tee_entry_exchange_capabilities(struct thread_smc_args *args)
 	args->a1 |= OPTEE_SMC_SEC_CAP_RPC_ARG;
 	args->a3 = THREAD_RPC_MAX_NUM_PARAMS;
 
-	args->a1 |= OPTEE_SMC_SEC_CAP_RPMB_PROBE;
+	if (IS_ENABLED(CFG_RPMB_ANNOUNCE_PROBE_CAP))
+		args->a1 |= OPTEE_SMC_SEC_CAP_RPMB_PROBE;
 }
 
 static void tee_entry_disable_shm_cache(struct thread_smc_args *args)

diff --git a/mk/config.mk b/mk/config.mk
@@ -214,6 +214,14 @@ CFG_RPMB_TESTKEY ?= n
 # - RPMB key provisioning in a controlled environment (factory setup)
 CFG_RPMB_WRITE_KEY ?= n
 
+# For the kernel driver to enable in-kernel RPMB routing it must know in
+# advance that OP-TEE supports it. Setting CFG_RPMB_ANNOUNCE_PROBE_CAP=y
+# will announce OP-TEE's capability for RPMB probing to the kernel and it
+# will use in-kernel RPMB routing, without it all RPMB commands will be
+# routed to tee-supplicant. This option is intended give some control over
+# how the RPMB commands are routed to simplify testing.
+CFG_RPMB_ANNOUNCE_PROBE_CAP ?= y
+
 _CFG_WITH_SECURE_STORAGE := $(call cfg-one-enabled,CFG_REE_FS CFG_RPMB_FS)
 
 # Signing key for OP-TEE TA's