From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=217.140.101.70; helo=foss.arm.com; envelope-from=mark.rutland@arm.com; receiver=edk2-devel@lists.01.org Received: from foss.arm.com (foss.arm.com [217.140.101.70]) by ml01.01.org (Postfix) with ESMTP id 87998210C1EED for ; Fri, 27 Jul 2018 05:49:16 -0700 (PDT) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.72.51.249]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 914ED15AD; Fri, 27 Jul 2018 05:49:15 -0700 (PDT) Received: from lakrids.cambridge.arm.com (usa-sjc-imap-foss1.foss.arm.com [10.72.51.249]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id A66973F575; Fri, 27 Jul 2018 05:49:14 -0700 (PDT) Date: Fri, 27 Jul 2018 13:49:12 +0100 From: Mark Rutland To: Sumit Garg Cc: Daniel Thompson , edk2-devel@lists.01.org, Patch Tracking Message-ID: <20180727124911.xcjqzwjvdkcfextm@lakrids.cambridge.arm.com> References: <1532351961-17377-1-git-send-email-sumit.garg@linaro.org> <20180726073616.ut62js3w6lxsvrvf@holly.lan> <20180726075050.b6lnnj463phntuwi@holly.lan> MIME-Version: 1.0 In-Reply-To: User-Agent: NeoMutt/20170113 (1.7.2) Subject: Re: [PATCH edk2-platforms v2 1/1] Silicon/SynQuacer: add optional OP-TEE DT node X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jul 2018 12:49:16 -0000 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Thu, Jul 26, 2018 at 02:12:04PM +0530, Sumit Garg wrote: > On Thu, 26 Jul 2018 at 13:20, Daniel Thompson wrote: > > I guess it could implement a secure monitor call to provide it. In > > fact I find it a rather pleasing approach. However I think it still loops > > us round to pretty much the same question as before. Does TF-A "protec > > " a normal world that makes an SMC to an OP-TEE that isn't there by > > failing the call in a nice way? > > TF-A returns SMC call for OP-TEE as unknown (error code: -1 in "x0" > register) if OP-TEE is not present. Be careful here; you can't use an arbitrary SMC since that could be implemented by another trusted OS (with a completely different meaning). Assuming you know the system provides SMCCC, you can use the "Call UID Query" in the trusted OS range, and check that returned value matches OP-TEE's UID. i.e uid = smccc_uid_query(OPTEE_RANGE); if (uid == OPTEEE_SMCCC_UID) { [ OP-TEE present ] } else { [ unknown/no trusted OS present ] } Thanks, Mark.