【OPTEE开发】从TA到安全驱动的功能设计
生活随笔
收集整理的這篇文章主要介紹了
【OPTEE开发】从TA到安全驱动的功能设计
小編覺得挺不錯的,現在分享給大家,幫大家做個參考.
文章目錄
- 一、功能需求
- 二、TA到Driver層的架構
- 1. 軟件層架構
- 2. 實現思路
- 2.3 封裝libutee層系統API
- 2.2 core中增加系統服務層
- 2.1 Driver側接口和實現
- 三、詳細實現
- 1. 修改清單
- 2. 詳細設計
- 2.1 libutee對外接口設計
- 2.2 core服務設計
- 2.3 Driver驅動側設計
- 2.4 TA應用側實現
一、功能需求
實現普通TA通過系統調用到增加的Driver側功能,實現完整的通路。
功能:在TA中通過系統調用安全驅動中的write和read功能,增加rot service系統服務,封裝libutee對TA提供的對外接口,實現完整的通路功能。
本篇主要是通過增加這個功能,來加深對TA調用通路的理解,當然也可以不采用此通路設計,可以直接設計成TA調用PTA完成基本功能。
原創不易,轉載請注明出處:https://blog.csdn.net/jackone12347/article/details/122487418
二、TA到Driver層的架構
1. 軟件層架構
2. 實現思路
為了實現這個功能,需要完成如下幾個子模塊的設計和實現。
2.3 封裝libutee層系統API
在libutee中增加對TA調用的系統接口,方便普通的TA通過libutee庫進行調用。
2.2 core中增加系統服務層
libutee中的接口封裝OK后,需要在core serivce中增加自己的service,銜接libutee到 driver的功能。
增加的service本身也可以init初始化一些自己的基本功能,類似android的Framework中的serivce。
同時,可以增加core service有一個好處是將driver側的實現細節屏蔽掉,只提供一個對外的接口。
2.1 Driver側接口和實現
driver側的功能用途:一般driver側用來初始化一些私有的數據和操作安全設備。
我們這里增加rot的write和read功能。
三、詳細實現
下面是詳細的設計實現。
1. 修改清單
下面是所有的涉及到的文件修改列表:
對應的git修改列表:
2. 詳細設計
2.1 libutee對外接口設計
這里直接修改原始的tee_api.h,當然也可以不這么設計,可以直接添加和libutee同級別的lib庫也是可以的。
TA調用接口:\lib\libutee\include\tee_api.h中增加三個調用接口:
TEE_Result Tee_Rot_Write(void *buf, size_t blen, size_t offset);TEE_Result Tee_Rot_Read(void *buf, size_t blen, size_t offset);TEE_Result Tee_Rot_Dump(void *buf, size_t blen);三個接口實現:optee_os\lib\libutee\tee_api.c
TEE_Result Tee_Rot_Write(void *buf, size_t blen, size_t offset) {TEE_Result res = TEE_SUCCESS;res = _utee_rot_driver_write(buf, blen, offset);return res; }TEE_Result Tee_Rot_Read(void *buf, size_t blen, size_t offset) {TEE_Result res = TEE_SUCCESS;res = _utee_rot_driver_read(buf, blen, offset);return res; }TEE_Result Tee_Rot_Dump(void *buf, size_t blen) {TEE_Result res = TEE_SUCCESS;res = _utee_rot_driver_dump(buf, blen);return res; }其中_utee_rot_driver_write、_utee_rot_driver_read、_utee_rot_driver_dump需要在core中繼續封裝和實現,tee_rot的封裝如下:
@core/include/tee/tee_rot.h
@core/tee/tee_rot.c實現如下:
#include <drivers/driver_rot.h> #include <tee/tee_rot.h> #include <tee/tee_svc.h> #include <trace.h>TEE_Result syscall_rot_driver_write(void *buf, size_t blen, size_t offset); TEE_Result syscall_rot_driver_read(void *buf, size_t blen, size_t offset); TEE_Result syscall_rot_driver_dump(void *buf, size_t blen);struct rot_service_ops rot_ops = {.name = "RotDriver",.rot_driver = {.device_init = device_init,.write_rot = write_rot,.read_rot = read_rot,.driver_dump = driver_dump,}, };TEE_Result syscall_rot_driver_write(void *buf, size_t blen, size_t offset) {uint8_t* src = NULL;DMSG("pis syscall_rot_driver_write entry.\n");src = malloc(blen);memcpy(src, buf, blen);rot_ops.rot_driver.write_rot(src, blen, offset);free(src);return TEE_SUCCESS; }TEE_Result syscall_rot_driver_read(void *buf, size_t blen, size_t offset) {uint8_t* dst = NULL;DMSG("pis syscall_rot_driver_read entry.\n");dst = malloc(blen);rot_ops.rot_driver.read_rot(dst, blen, offset);memcpy(buf, dst, blen);free(dst);return TEE_SUCCESS;}TEE_Result syscall_rot_driver_dump(void *buf, size_t blen) {uint8_t* dst = NULL;dst = malloc(blen);rot_ops.rot_driver.driver_dump(dst, blen);memcpy(buf, dst, blen);free(dst);return TEE_SUCCESS; }static TEE_Result tee_rot_init(void) {DMSG("Strat to start rot servie\n");if (rot_ops.rot_driver.device_init)rot_ops.rot_driver.device_init();DMSG("rot servcie initial is ok\n");return TEE_SUCCESS; }service_init(tee_rot_init);這里有兩個地方需要重要注意:
rot_service_ops是core serivce中定義的結構體,而rot_driver_ops_s是driver對外的結構體;
service_init(tee_rot_init)是我們新的rot service的初始化的地方。
2.2 core服務設計
core service一般在OPTEE的initcall段的代碼啟動和初始化。
所以,這里我們增加兩個文件,tee_rot.h和tee_rot.c文件,起到承上啟下的作用。
在2.1章節中調用了_utee_rot_driver_write等函數,普通TA是運行在用戶空間,不能直接調用到core service側,需要syscall轉化一下。
所以,先增加syscall通路,列表如下:
內容分別如下:
@lib/libutee/include/utee_syscalls.h
@lib/libutee/arch/arm/utee_syscalls_asm.S,第三個參數表示參數的個數。
UTEE_SYSCALL _utee_rot_driver_write, TEE_SCN_ROT_DRIVER_WRITE, 3UTEE_SYSCALL _utee_rot_driver_read, TEE_SCN_ROT_DRIVER_READ, 3UTEE_SYSCALL _utee_rot_driver_dump, TEE_SCN_ROT_DRIVER_DUMP, 2@core/arch/arm/tee/arch_svc.c,增加三個syscall函數
static const struct syscall_entry tee_svc_syscall_table[] = { ...SYSCALL_ENTRY(syscall_rot_driver_write),SYSCALL_ENTRY(syscall_rot_driver_read),SYSCALL_ENTRY(syscall_rot_driver_dump), }@lib/libutee/include/tee_syscall_numbers.h 增加三個syscall,MAX修改為73
#define TEE_SCN_ROT_DRIVER_WRITE 71 #define TEE_SCN_ROT_DRIVER_READ 72 #define TEE_SCN_ROT_DRIVER_DUMP 73 #define TEE_SCN_MAX 732.3 Driver驅動側設計
最后再增加driver側的實現
core/drivers/driver_rot.ccore/include/drivers/driver_rot.h頭文件的定義:
@core/include/drivers/driver_rot.h
syscall_rot_driver_write是core serivce中對應的,這樣TA -》core serivce -> TA driver就完整的實現了通路。
下面是driver_rot.c的實現的完整代碼:
@core/drivers/driver_rot.c
2.4 TA應用側實現
有了以上三個部分的實現后,TA中的調用就比較簡單了,就可以和普通的lib庫一樣調用即可。
比起TA通過openTAsession等函數方便多了~~~
測試代碼如下,實現了寫入和讀取數據,數據是存在driver中的全局變量。
#include <tee_internal_api.h> #include <tee_internal_api_extensions.h> #include <tee_api_types.h>TEE_Result get_rot_data() {TEE_Result res = TEE_SUCCESS;DMSG("pis 1 get_rot_data entry. \n");res = Tee_Rot_Write((void *)"aaaabbbbccccdddd1111222233334444aaaabbbbccccdddd1111222233334444", 64, 0);DMSG ("pis 22 Tee_Rot_Write result:%d", res);uint8_t *temp = NULL;temp = malloc(65);res = Tee_Rot_Read(temp, 64, 0);DMSG ("pis 1 Tee_Rot_Read result:%d", res);int i = 0;for(; i < 64; i++) {DMSG ("pis Tee_Rot_Read content:0x%x", temp[i]);}free(temp);DMSG("pis 1 get_rot_data done. \n");return res; }運行結果:
rot service在OPTEE啟動的時候的打印,可以看到rot service正常啟動和init初始化了。
寫ROT數據:
D/TA: get_rot_data:1514 pis get_rot_data entry. F/TC:? 0 trace_syscall:155 syscall #71 (syscall_rot_driver_write) D/TC:? 0 syscall_rot_driver_write:35 pis syscall_rot_driver_write entry. D/TC:? 0 write_rot:36 pis driver write rot entry ==== D/TC:? 0 write_rot:44 pis driver write_rot:0x61 D/TC:? 0 write_rot:44 pis driver write_rot:0x61 D/TC:? 0 write_rot:44 pis driver write_rot:0x61 D/TC:? 0 write_rot:44 pis driver write_rot:0x61 D/TC:? 0 write_rot:44 pis driver write_rot:0x62 D/TC:? 0 write_rot:44 pis driver write_rot:0x62 D/TC:? 0 write_rot:44 pis driver write_rot:0x62 D/TC:? 0 write_rot:44 pis driver write_rot:0x62 D/TC:? 0 write_rot:44 pis driver write_rot:0x63 D/TC:? 0 write_rot:44 pis driver write_rot:0x63 D/TC:? 0 write_rot:44 pis driver write_rot:0x63 D/TC:? 0 write_rot:44 pis driver write_rot:0x63 D/TC:? 0 write_rot:44 pis driver write_rot:0x64 D/TC:? 0 write_rot:44 pis driver write_rot:0x64 D/TC:? 0 write_rot:44 pis driver write_rot:0x64 D/TC:? 0 write_rot:44 pis driver write_rot:0x64 D/TC:? 0 write_rot:44 pis driver write_rot:0x31 D/TC:? 0 write_rot:44 pis driver write_rot:0x31 D/TC:? 0 write_rot:44 pis driver write_rot:0x31 D/TC:? 0 write_rot:44 pis driver write_rot:0x31 D/TC:? 0 write_rot:44 pis driver write_rot:0x32 D/TC:? 0 write_rot:44 pis driver write_rot:0x32 D/TC:? 0 write_rot:44 pis driver write_rot:0x32 D/TC:? 0 write_rot:44 pis driver write_rot:0x32 D/TC:? 0 write_rot:44 pis driver write_rot:0x33 D/TC:? 0 write_rot:44 pis driver write_rot:0x33 D/TC:? 0 write_rot:44 pis driver write_rot:0x33 D/TC:? 0 write_rot:44 pis driver write_rot:0x33 D/TC:? 0 write_rot:44 pis driver write_rot:0x34 D/TC:? 0 write_rot:44 pis driver write_rot:0x34 D/TC:? 0 write_rot:44 pis driver write_rot:0x34 D/TC:? 0 write_rot:44 pis driver write_rot:0x34 D/TC:? 0 write_rot:44 pis driver write_rot:0x61 D/TC:? 0 write_rot:44 pis driver write_rot:0x61 D/TC:? 0 write_rot:44 pis driver write_rot:0x61 D/TC:? 0 write_rot:44 pis driver write_rot:0x61 D/TC:? 0 write_rot:44 pis driver write_rot:0x62 D/TC:? 0 write_rot:44 pis driver write_rot:0x62 D/TC:? 0 write_rot:44 pis driver write_rot:0x62 D/TC:? 0 write_rot:44 pis driver write_rot:0x62 D/TC:? 0 write_rot:44 pis driver write_rot:0x63 D/TC:? 0 write_rot:44 pis driver write_rot:0x63 D/TC:? 0 write_rot:44 pis driver write_rot:0x63 D/TC:? 0 write_rot:44 pis driver write_rot:0x63 D/TC:? 0 write_rot:44 pis driver write_rot:0x64 D/TC:? 0 write_rot:44 pis driver write_rot:0x64 D/TC:? 0 write_rot:44 pis driver write_rot:0x64 D/TC:? 0 write_rot:44 pis driver write_rot:0x64 D/TC:? 0 write_rot:44 pis driver write_rot:0x31 D/TC:? 0 write_rot:44 pis driver write_rot:0x31 D/TC:? 0 write_rot:44 pis driver write_rot:0x31 D/TC:? 0 write_rot:44 pis driver write_rot:0x31 D/TC:? 0 write_rot:44 pis driver write_rot:0x32 D/TC:? 0 write_rot:44 pis driver write_rot:0x32 D/TC:? 0 write_rot:44 pis driver write_rot:0x32 D/TC:? 0 write_rot:44 pis driver write_rot:0x32 D/TC:? 0 write_rot:44 pis driver write_rot:0x33 D/TC:? 0 write_rot:44 pis driver write_rot:0x33 D/TC:? 0 write_rot:44 pis driver write_rot:0x33 D/TC:? 0 write_rot:44 pis driver write_rot:0x33 D/TC:? 0 write_rot:44 pis driver write_rot:0x34 D/TC:? 0 write_rot:44 pis driver write_rot:0x34 D/TC:? 0 write_rot:44 pis driver write_rot:0x34 D/TC:? 0 write_rot:44 pis driver write_rot:0x34 D/TC:? 0 write_rot:65 pis driver write rot done ==== D/TA: get_rot_data:1518 pis Tee_Rot_Write result:0再讀取ROT數據
F/TC:? 0 trace_syscall:155 syscall #72 (syscall_rot_driver_read) D/TC:? 0 syscall_rot_driver_read:50 pis syscall_rot_driver_read entry. D/TC:? 0 read_rot:72 pis driver read rot entry ==== D/TC:? 0 read_rot:82 pis driver read rot done. D/TA: get_rot_data:1524 pis 1 Tee_Rot_Read result:0 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x61 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x61 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x61 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x61 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x62 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x62 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x62 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x62 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x63 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x63 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x63 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x63 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x64 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x64 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x64 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x64 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x31 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x31 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x31 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x31 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x32 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x32 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x32 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x32 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x33 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x33 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x33 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x33 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x34 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x34 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x34 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x34 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x61 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x61 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x61 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x61 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x62 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x62 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x62 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x62 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x63 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x63 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x63 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x63 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x64 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x64 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x64 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x64 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x31 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x31 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x31 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x31 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x32 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x32 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x32 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x32 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x33 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x33 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x33 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x33 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x34 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x34 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x34 D/TA: get_rot_data:1527 pis Tee_Rot_Read content:0x34 D/TA: get_rot_data:1532 pis 1 get_rot_data done. 新人創作打卡挑戰賽發博客就能抽獎!定制產品紅包拿不停!總結
以上是生活随笔為你收集整理的【OPTEE开发】从TA到安全驱动的功能设计的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: LRU缓存机制
- 下一篇: 机器学习中常见的损失函数