From patchwork Mon Nov 7 19:53:14 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Winkler, Tomas" X-Patchwork-Id: 9415867 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 8444060512 for ; Mon, 7 Nov 2016 19:00:40 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 7475B28D1D for ; Mon, 7 Nov 2016 19:00:40 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 6937728D20; Mon, 7 Nov 2016 19:00:40 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D247628D8F for ; Mon, 7 Nov 2016 19:00:39 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933531AbcKGS7h (ORCPT ); Mon, 7 Nov 2016 13:59:37 -0500 Received: from mga09.intel.com ([134.134.136.24]:45221 "EHLO mga09.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933005AbcKGS6Z (ORCPT ); Mon, 7 Nov 2016 13:58:25 -0500 Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by orsmga102.jf.intel.com with ESMTP; 07 Nov 2016 10:57:51 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.31,606,1473145200"; d="scan'208";a="188665280" Received: from twinkler-lnx.jer.intel.com ([10.12.87.167]) by fmsmga004.fm.intel.com with ESMTP; 07 Nov 2016 10:57:46 -0800 From: Tomas Winkler To: Greg Kroah-Hartman , Ulf Hansson , Adrian Hunter , James Bottomley , "Martin K . Petersen" , Vinayak Holikatti , Andy Lutomirski , =?UTF-8?q?Arve=20Hj=C3=B8nnev=C3=A5g?= , Michael Ryleev , Joao Pinto , Christoph Hellwig , Yaniv Gardi Cc: Avri Altman , linux-kernel@vger.kernel.org, linux-mmc@vger.kernel.org, linux-scsi@vger.kernel.org, linux-doc@vger.kernel.org, Tomas Winkler Subject: [PATCH v7 11/11] char: rpmb: Document Replay Protected Memory Block (RPMB) subsystem Date: Mon, 7 Nov 2016 21:53:14 +0200 Message-Id: <1478548394-8184-12-git-send-email-tomas.winkler@intel.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1478548394-8184-1-git-send-email-tomas.winkler@intel.com> References: <1478548394-8184-1-git-send-email-tomas.winkler@intel.com> Sender: linux-mmc-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-mmc@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Add rpmb documentatin in sphinx format. V7: new in the series Signed-off-by: Tomas Winkler --- Documentation/index.rst | 1 + Documentation/rpmb/conf.py | 5 ++ Documentation/rpmb/index.rst | 18 ++++++ Documentation/rpmb/introduction.rst | 102 +++++++++++++++++++++++++++++++ Documentation/rpmb/rpmb-tool.rst | 19 ++++++ Documentation/rpmb/simulation-device.rst | 19 ++++++ MAINTAINERS | 1 + 7 files changed, 165 insertions(+) create mode 100644 Documentation/rpmb/conf.py create mode 100644 Documentation/rpmb/index.rst create mode 100644 Documentation/rpmb/introduction.rst create mode 100644 Documentation/rpmb/rpmb-tool.rst create mode 100644 Documentation/rpmb/simulation-device.rst diff --git a/Documentation/index.rst b/Documentation/index.rst index c53d089455a4..56dd46e9359c 100644 --- a/Documentation/index.rst +++ b/Documentation/index.rst @@ -18,6 +18,7 @@ Contents: media/index gpu/index 80211/index + rpmb/index Indices and tables ================== diff --git a/Documentation/rpmb/conf.py b/Documentation/rpmb/conf.py new file mode 100644 index 000000000000..20c7c275ef4a --- /dev/null +++ b/Documentation/rpmb/conf.py @@ -0,0 +1,5 @@ +# -*- coding: utf-8; mode: python -*- + +project = "Linux 802.11 Driver Developer's Guide" + +tags.add("subproject") diff --git a/Documentation/rpmb/index.rst b/Documentation/rpmb/index.rst new file mode 100644 index 000000000000..876a2603e4b5 --- /dev/null +++ b/Documentation/rpmb/index.rst @@ -0,0 +1,18 @@ +.. -*- coding: utf-8; mode: rst -*- + +============================================== +Replay Protected Memory Block (RPMB) subsystem +============================================== + +.. toctree:: + + introduction + simulation-device.rst + rpmb-tool.rst + +.. only:: subproject + + Indices + ======= + + * :ref:`genindex` diff --git a/Documentation/rpmb/introduction.rst b/Documentation/rpmb/introduction.rst new file mode 100644 index 000000000000..f4ded7d18e55 --- /dev/null +++ b/Documentation/rpmb/introduction.rst @@ -0,0 +1,102 @@ +.. -*- coding: utf-8; mode: rst -*- + +============= +Introduction: +============= + +Few storage technologies such is EMMC, UFS, and NVMe support RPMB +hardware partition with common protocol and frame layout. +The RPMB partition `cannot` be accessed via standard block layer, +but by a set of specific commands: + +WRITE, READ, GET_WRITE_COUNTER, and PROGRAM_KEY. + +The commands and the data are embedded within :c:type:`rpmb_frame `. + +An RPMB partition provides authenticated and replay protected access, +hence it is suitable as a secure storage. + +In-kernel API +------------- +The RPMB layer aims to provide in-kernel API for Trusted Execution +Environment (TEE) devices that are capable to securely compute the block +frame signature. In case a TEE device wish to store a replay protected +data, it creates an RPMB frame with requested data and computes HMAC of +the frame, then it requests the storage device via RPMB layer to store +the data. + +The layer provides two APIs, for :c:func:`rpmb_req_cmd()` for issuing one of RPMB +specific commands and :c:func:`rpmb_seq_cmd()` for issuing of raw RPMB protocol +frames, which is close to the functionality provided by emmc multi ioctl +interface. + +.. c:function:: int rpmb_cmd_req(struct rpmb_dev *rdev, struct rpmb_data *data); + +.. c:function:: int rpmb_cmd_seq(struct rpmb_dev *rdev, struct rpmb_cmd *cmds, u32 ncmds); + + +A TEE driver can claim the RPMB interface, for example, via +:c:func:`class_interface_register`: + +.. code-block:: c + + struct class_interface tee_rpmb_intf = { + .class = &rpmb_class; + .add_dev = rpmb_add_device; + .remove_dev = rpmb_remove_device; + } + class_interface_register(&tee_rpmb_intf); + + +RPMB device registeration +---------------------------- + +A storage device registers its RPMB hardware (eMMC) partition or RPMB +W-LUN (UFS) with the RPMB layer :c:func:`rpmb_dev_register` providing +an implementation for :c:func:`rpmb_seq_cmd()` handler. The interface +enables sending sequence of RPMB standard frames. + +.. code-block:: c + + struct rpmb_ops mmc_rpmb_dev_ops = { + .cmd_seq = mmc_blk_rpmb_cmd_seq, + .type = RPMB_TYPE_EMMC, + ... + } + rpmb_dev_register(disk_to_dev(part_md->disk), &mmc_rpmb_dev_ops); + + +User space API +-------------- + +A parallel user space API is provided via /dev/rpmbX character +device with two IOCTL commands. +Simplified one, ``RPMB_IOC_REQ_CMD``, were read result cycles is performed +by the framework on behalf the user and second, ``RPMB_IOC_SEQ_CMD`` where +the whole RPMB sequence, including ``RESULT_READ`` is supplied by the caller. +The latter is intended for easier adjusting of the applications that +use ``MMC_IOC_MULTI_CMD`` ioctl, such as +https://android.googlesource.com/trusty/app/storage/ + +.. code-block:: c + + struct rpmb_ioc_req_cmd ireq; + int ret; + + ireq.req_type = RPMB_WRITE_DATA; + rpmb_ioc_cmd_set(ireq.icmd, RPMB_F_WRITE, frames_in, cnt_in); + rpmb_ioc_cmd_set(ireq.ocmd, 0, frames_out, cnt_out); + + ret = ioctl(fd, RPMB_IOC_REQ_CMD, &ireq); + + +API +--- +.. kernel-doc:: include/linux/rpmb.h + +.. kernel-doc:: drivers/char/rpmb/core.c + +.. kernel-doc:: include/uapi/linux/rpmb.h + +.. kernel-doc:: drivers/char/rpmb/cdev.c + diff --git a/Documentation/rpmb/rpmb-tool.rst b/Documentation/rpmb/rpmb-tool.rst new file mode 100644 index 000000000000..148eb0df4750 --- /dev/null +++ b/Documentation/rpmb/rpmb-tool.rst @@ -0,0 +1,19 @@ +========== +RPMB Tool +========== + +There is a sample rpmb tool under tools/rpmb/ directory that exercises +the RPMB devices via RPMB character devices interface (/dev/rpmbX) + +.. code-block:: none + + rpmb [-v] [-r|-s] + + rpmb program-key [- + rpmb write-counter [KEY_FILE] + rpmb write-blocks
+ rpmb read-blocks
[KEY_FILE] + + rpmb -v/--verbose: runs in verbose mode + rpmb -s/--sequence: use RPMB_IOC_SEQ_CMD + rpmb -r/--request: use RPMB_IOC_REQ_CMD diff --git a/Documentation/rpmb/simulation-device.rst b/Documentation/rpmb/simulation-device.rst new file mode 100644 index 000000000000..9192a78a71d4 --- /dev/null +++ b/Documentation/rpmb/simulation-device.rst @@ -0,0 +1,19 @@ +====================== +RPMB Simulation Device +====================== + +RPMB partition simulation device is a virtual device that +provides simulation of the RPMB protocol and uses kernel memory +as storage. + +This driver cannot promise any real security, it is suitable for testing +of the RPMB subsystem it self and mostly it was found useful for testing of +RPMB applications prior to RPMB key provisioning/programming as +The RPMB key programming can be performed only once in the life time +of the storage device. + +Implementation: +--------------- + +.. kernel-doc:: drivers/char/rpmb/rpmb_sim.c + diff --git a/MAINTAINERS b/MAINTAINERS index d9bca5134c7f..fa6f8017a05c 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -10292,6 +10292,7 @@ F: drivers/char/rpmb/* F: include/uapi/linux/rpmb.h F: include/linux/rpmb.h F: Documentation/ABI/testing/sysfs-class-rpmb +F: Documentation/rpmb.rst F: tools/rpmb/ RTL2830 MEDIA DRIVER