From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ard.biesheuvel@linaro.org>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=2607:f8b0:4001:c06::229; helo=mail-io0-x229.google.com;
 envelope-from=ard.biesheuvel@linaro.org; receiver=edk2-devel@lists.01.org 
Received: from mail-io0-x229.google.com (mail-io0-x229.google.com
 [IPv6:2607:f8b0:4001:c06::229])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id B77AB210F4BAD
 for <edk2-devel@lists.01.org>; Fri, 24 Aug 2018 06:18:30 -0700 (PDT)
Received: by mail-io0-x229.google.com with SMTP id v14-v6so7095626iob.4
 for <edk2-devel@lists.01.org>; Fri, 24 Aug 2018 06:18:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :cc; bh=2x9/YthVp5unC6w//EsUv7dRVgIJTcx6+JA3/JNIKO0=;
 b=Knm+xE+TXp+Ga4gMxAKt04blwXxHt+Yb3YOl0J1Rmt6yGBmMyroQJlkAwzx6OUrAr3
 ShxvQFjLT05z63ybBJiKuiEZgC0eoZu/CbzbE0SEzMhp9bkCWOqd0+nx87fhclApztzv
 Nw8wlkyr8Gx7hl9oRNw6LF7P9LSk9k16AtpV4=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to:cc;
 bh=2x9/YthVp5unC6w//EsUv7dRVgIJTcx6+JA3/JNIKO0=;
 b=V0Y6V08OUc2u98qeeLhDuhGXOe8EDknJa0/r7LJJpgah1ynVQMQNJOhGsHkrshemjx
 ZmfG+3EQX3cLoxDDpNPFyIX1q05xzE9CW7oGf/uJaZ7kltwbTMFHV59BbSmuotVjzThX
 LcAwmHSrDnumgquujw15xtOOgNhCOWmGxx0LMrvJoJu1L/uYTHbRRjegsl/8KBuxQUhN
 2LgZP+UyV3PnNaFkdkV3rVcVxd5xgD77pzaXvKGZIKmbem9zCzHXlDK1WJ0nTGcrYcCR
 FEFycsQaqm4ik9eTknI+3/plyYFlY0yS/nKRVdDaq7TCSpf75rFYLzrRVRIiG8GoaJy1
 WCmw==
X-Gm-Message-State: APzg51DsblfhfrUxCTCeXaneAAmmfwIVbJUSw+7EU6iX2kNjiFqgj2zT
 XyI4K2v6iYLXdxH51DDJAVSzF0GcXnlEimbYrTPkgw==
X-Google-Smtp-Source: ANB0VdbUoK3Lky0ltfuTu7F4eGIf5IlJA0sYzDKfYh/76s4SolyYhTjNQX0qgnpXhzb21EB8MK9IbnIEcL5w9ad5dOA=
X-Received: by 2002:a6b:450f:: with SMTP id
 s15-v6mr1256959ioa.60.1535116709394; 
 Fri, 24 Aug 2018 06:18:29 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a6b:ac05:0:0:0:0:0 with HTTP; Fri, 24 Aug 2018 06:18:28
 -0700 (PDT)
In-Reply-To: <1535102474-24383-1-git-send-email-sumit.garg@linaro.org>
References: <1535102474-24383-1-git-send-email-sumit.garg@linaro.org>
From: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Date: Fri, 24 Aug 2018 14:18:28 +0100
Message-ID: <CAKv+Gu9_KDDFEDFod2tFXm8v5bfnP_xHbOi_sbvBt0FARPZfpA@mail.gmail.com>
To: Sumit Garg <sumit.garg@linaro.org>
Cc: "edk2-devel@lists.01.org" <edk2-devel@lists.01.org>,
 tee-dev@lists.linaro.org, Daniel Thompson <daniel.thompson@linaro.org>,
 Jens Wiklander <jens.wiklander@linaro.org>, 
 Leif Lindholm <leif.lindholm@linaro.org>
Subject: Re: [PATCH 1/1] ArmPkg/OpteeLib: Add APIs to communicate with OP-TEE
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Aug 2018 13:18:31 -0000
Content-Type: text/plain; charset="UTF-8"

Hi Sumit,

On 24 August 2018 at 10:21, Sumit Garg <sumit.garg@linaro.org> wrote:
> Add following APIs to communicate with OP-TEE static TA:
> 1. OpteeInit
> 2. OpteeOpenSession
> 3. OpteeCloseSession
> 4. OpteeInvokeFunc
>
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> Cc: Leif Lindholm <leif.lindholm@linaro.org>
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
> ---
>  ArmPkg/Include/Library/OpteeLib.h                  | 102 ++++++
>  ArmPkg/Library/OpteeLib/Optee.c                    | 358 +++++++++++++++++++++
>  ArmPkg/Library/OpteeLib/OpteeLib.inf               |   2 +
>  ArmPkg/Library/OpteeLib/OpteeSmc.h                 |  43 +++
>  .../Include/IndustryStandard/GlobalPlatform.h      |  60 ++--
>  5 files changed, 531 insertions(+), 34 deletions(-)
>  create mode 100644 ArmPkg/Library/OpteeLib/OpteeSmc.h
>  copy ArmPkg/Include/Library/OpteeLib.h => MdePkg/Include/IndustryStandard/GlobalPlatform.h (53%)
>
> diff --git a/ArmPkg/Include/Library/OpteeLib.h b/ArmPkg/Include/Library/OpteeLib.h
> index f65d8674d9b8..c323f49072f8 100644
> --- a/ArmPkg/Include/Library/OpteeLib.h
> +++ b/ArmPkg/Include/Library/OpteeLib.h
> @@ -25,10 +25,112 @@
>  #define OPTEE_OS_UID2          0xaf630002
>  #define OPTEE_OS_UID3          0xa5d5c51b
>
> +#define OPTEE_MSG_ATTR_TYPE_NONE                0x0
> +#define OPTEE_MSG_ATTR_TYPE_VALUE_INPUT         0x1
> +#define OPTEE_MSG_ATTR_TYPE_VALUE_OUTPUT        0x2
> +#define OPTEE_MSG_ATTR_TYPE_VALUE_INOUT         0x3
> +#define OPTEE_MSG_ATTR_TYPE_MEM_INPUT           0x9
> +#define OPTEE_MSG_ATTR_TYPE_MEM_OUTPUT          0xa
> +#define OPTEE_MSG_ATTR_TYPE_MEM_INOUT           0xb
> +
> +#define OPTEE_MSG_ATTR_TYPE_MASK                0xff
> +
> +typedef struct {
> +  UINT64    BufPtr;
> +  UINT64    Size;
> +  UINT64    ShmRef;
> +} OPTEE_MSG_PARAM_MEM;
> +
> +typedef struct {
> +  UINT64    A;
> +  UINT64    B;
> +  UINT64    C;
> +} OPTEE_MSG_PARAM_VALUE;
> +
> +typedef struct {
> +  UINT64 Attr;
> +  union {
> +    OPTEE_MSG_PARAM_MEM      Mem;
> +    OPTEE_MSG_PARAM_VALUE    Value;
> +  } U;
> +} OPTEE_MSG_PARAM;
> +
> +#define MAX_PARAMS           4
> +
> +typedef struct {
> +        UINT32             Cmd;
> +        UINT32             Func;
> +        UINT32             Session;
> +        UINT32             CancelId;
> +        UINT32             Pad;
> +        UINT32             Ret;
> +        UINT32             RetOrigin;
> +        UINT32             NumParams;
> +
> +        // NumParams tells the actual number of element in Params
> +        OPTEE_MSG_PARAM    Params[MAX_PARAMS];
> +} OPTEE_MSG_ARG;
> +
> +#define OPTEE_UUID_LEN       16
> +
> +//
> +// struct OPTEE_OPEN_SESSION_ARG - Open session argument
> +// @Uuid:       [in] UUID of the Trusted Application
> +// @Session:    [out] Session id
> +// @Ret:        [out] Return value
> +// @RetOrigin   [out] Origin of the return value
> +//
> +typedef struct {
> +        UINT8     Uuid[OPTEE_UUID_LEN];
> +        UINT32    Session;
> +        UINT32    Ret;
> +        UINT32    RetOrigin;
> +} OPTEE_OPEN_SESSION_ARG;
> +

What I meant before was

typedef struct {
        UINT8     Uuid[OPTEE_UUID_LEN]; // [in] UUID of the Trusted Application
        UINT32    Session;              // [out] Session id
        UINT32    Ret;                  // [out] Return value
        UINT32    RetOrigin;            // [out] Origin of the return value
} OPTEE_OPEN_SESSION_ARG;





> +//
> +// struct OPTEE_INVOKE_FUNC_ARG - Invoke function argument
> +// @Func:       [in] Trusted Application function, specific to the TA
> +// @Session:    [in] Session id
> +// @Ret:        [out] Return value
> +// @RetOrigin   [out] Origin of the return value
> +// @Params      [inout] Parameters for function to be invoked
> +//
> +typedef struct {
> +        UINT32             Func;
> +        UINT32             Session;
> +        UINT32             Ret;
> +        UINT32             RetOrigin;
> +        OPTEE_MSG_PARAM    Params[MAX_PARAMS];
> +} OPTEE_INVOKE_FUNC_ARG;
> +
>  BOOLEAN
>  EFIAPI
>  IsOpteePresent (
>    VOID
>    );
>
> +EFI_STATUS
> +EFIAPI
> +OpteeInit (
> +  VOID
> +  );
> +
> +EFI_STATUS
> +EFIAPI
> +OpteeOpenSession (
> +  IN OUT OPTEE_OPEN_SESSION_ARG      *OpenSessionArg
> +  );
> +
> +EFI_STATUS
> +EFIAPI
> +OpteeCloseSession (
> +  IN UINT32                      Session
> +  );
> +
> +EFI_STATUS
> +EFIAPI
> +OpteeInvokeFunc (
> +  IN OUT OPTEE_INVOKE_FUNC_ARG       *InvokeFuncArg
> +  );
> +
>  #endif
> diff --git a/ArmPkg/Library/OpteeLib/Optee.c b/ArmPkg/Library/OpteeLib/Optee.c
> index 574527f8b5ea..2111022d3662 100644
> --- a/ArmPkg/Library/OpteeLib/Optee.c
> +++ b/ArmPkg/Library/OpteeLib/Optee.c
> @@ -14,11 +14,19 @@
>
>  **/
>
> +#include <Library/ArmMmuLib.h>
>  #include <Library/ArmSmcLib.h>
> +#include <Library/BaseMemoryLib.h>
>  #include <Library/BaseLib.h>
> +#include <Library/DebugLib.h>
>  #include <Library/OpteeLib.h>
>
>  #include <IndustryStandard/ArmStdSmc.h>
> +#include <IndustryStandard/GlobalPlatform.h>
> +#include <OpteeSmc.h>
> +#include <Uefi.h>
> +
> +STATIC OPTEE_SHARED_MEMORY_INFO OpteeShmInfo = { 0 };
>
>  /**
>    Check for OP-TEE presence.
> @@ -31,6 +39,7 @@ IsOpteePresent (
>  {
>    ARM_SMC_ARGS ArmSmcArgs;
>
> +  ZeroMem (&ArmSmcArgs, sizeof (ARM_SMC_ARGS));
>    // Send a Trusted OS Calls UID command
>    ArmSmcArgs.Arg0 = ARM_SMC_ID_TOS_UID;
>    ArmCallSmc (&ArmSmcArgs);
> @@ -44,3 +53,352 @@ IsOpteePresent (
>      return FALSE;
>    }
>  }
> +
> +STATIC
> +EFI_STATUS
> +OpteeShmMemRemap (
> +  VOID
> +  )
> +{
> +  ARM_SMC_ARGS                 ArmSmcArgs;
> +  EFI_PHYSICAL_ADDRESS         Paddr;
> +  EFI_PHYSICAL_ADDRESS         Start;
> +  EFI_PHYSICAL_ADDRESS         End;
> +  EFI_STATUS                   Status;
> +  UINTN                        Size;
> +
> +  ZeroMem (&ArmSmcArgs, sizeof (ARM_SMC_ARGS));
> +  ArmSmcArgs.Arg0 = OPTEE_SMC_GET_SHM_CONFIG;
> +
> +  ArmCallSmc (&ArmSmcArgs);
> +  if (ArmSmcArgs.Arg0 != OPTEE_SMC_RETURN_OK) {
> +    DEBUG ((DEBUG_WARN, "OP-TEE shared memory not supported\n"));
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  if (ArmSmcArgs.Arg3 != OPTEE_SMC_SHM_CACHED) {
> +    DEBUG ((DEBUG_WARN, "OP-TEE: Only normal cached shared memory supported\n"));
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  Start = (ArmSmcArgs.Arg1 + SIZE_4KB - 1) & ~(SIZE_4KB - 1);
> +  End = (ArmSmcArgs.Arg1 + ArmSmcArgs.Arg2) & ~(SIZE_4KB - 1);
> +  Paddr = Start;
> +  Size = End - Start;
> +
> +  if (Size < SIZE_4KB) {
> +    DEBUG ((DEBUG_WARN, "OP-TEE shared memory too small\n"));
> +    return EFI_BUFFER_TOO_SMALL;
> +  }
> +
> +  Status = ArmSetMemoryAttributes (Paddr, Size, EFI_MEMORY_WB);
> +  if (EFI_ERROR (Status)) {
> +    return Status;
> +  }
> +
> +  OpteeShmInfo.Base = (UINTN)Paddr;
> +  OpteeShmInfo.Size = Size;
> +
> +  return EFI_SUCCESS;
> +}
> +
> +EFI_STATUS
> +EFIAPI
> +OpteeInit (
> +  VOID
> +  )
> +{
> +  EFI_STATUS      Status;
> +
> +  if (!IsOpteePresent ()) {
> +    DEBUG ((DEBUG_WARN, "OP-TEE not present\n"));
> +    return EFI_UNSUPPORTED;
> +  }
> +
> +  Status = OpteeShmMemRemap ();
> +  if (EFI_ERROR (Status)) {
> +    DEBUG ((DEBUG_WARN, "OP-TEE shared memory remap failed\n"));
> +    return Status;
> +  }
> +
> +  return EFI_SUCCESS;
> +}
> +
> +/**
> +  Does Standard SMC to OP-TEE in secure world.
> +
> +  @param[in]  Parg   Physical address of message to pass to secure world
> +
> +  @return            0 on success, secure world return code otherwise
> +
> +**/
> +STATIC
> +UINT32
> +OpteeCallWithArg (
> +  IN EFI_PHYSICAL_ADDRESS Parg
> +  )
> +{
> +  ARM_SMC_ARGS ArmSmcArgs;
> +
> +  ZeroMem (&ArmSmcArgs, sizeof (ARM_SMC_ARGS));
> +  ArmSmcArgs.Arg0 = OPTEE_SMC_CALL_WITH_ARG;
> +  ArmSmcArgs.Arg1 = (UINT32)(Parg >> 32);
> +  ArmSmcArgs.Arg2 = (UINT32)Parg;
> +
> +  while (TRUE) {
> +    ArmCallSmc (&ArmSmcArgs);
> +
> +    if (ArmSmcArgs.Arg0 == OPTEE_SMC_RETURN_RPC_FOREIGN_INTR) {
> +      //
> +      // A foreign interrupt was raised while secure world was
> +      // executing, since they are handled in UEFI a dummy RPC is
> +      // performed to let UEFI take the interrupt through the normal
> +      // vector.
> +      //
> +      ArmSmcArgs.Arg0 = OPTEE_SMC_RETURN_FROM_RPC;
> +    } else {
> +      break;
> +    }
> +  }
> +
> +  return ArmSmcArgs.Arg0;
> +}
> +
> +EFI_STATUS
> +EFIAPI
> +OpteeOpenSession (
> +  IN OUT OPTEE_OPEN_SESSION_ARG      *OpenSessionArg
> +  )
> +{
> +  OPTEE_MSG_ARG    *MsgArg;
> +
> +  MsgArg = NULL;
> +
> +  if (OpteeShmInfo.Base == 0) {
> +    DEBUG ((DEBUG_WARN, "OP-TEE not initialized\n"));
> +    return EFI_NOT_STARTED;
> +  }
> +
> +  MsgArg = (OPTEE_MSG_ARG *)OpteeShmInfo.Base;
> +  ZeroMem (MsgArg, sizeof (OPTEE_MSG_ARG));
> +
> +  MsgArg->Cmd = OPTEE_MSG_CMD_OPEN_SESSION;
> +
> +  //
> +  // Initialize and add the meta parameters needed when opening a
> +  // session.
> +  //
> +  MsgArg->Params[0].Attr = OPTEE_MSG_ATTR_TYPE_VALUE_INPUT |
> +                           OPTEE_MSG_ATTR_META;
> +  MsgArg->Params[1].Attr = OPTEE_MSG_ATTR_TYPE_VALUE_INPUT |
> +                           OPTEE_MSG_ATTR_META;
> +  CopyMem (&MsgArg->Params[0].U.Value, OpenSessionArg->Uuid, OPTEE_UUID_LEN);
> +  ZeroMem (&MsgArg->Params[1].U.Value, OPTEE_UUID_LEN);
> +  MsgArg->Params[1].U.Value.C = TEE_LOGIN_PUBLIC;
> +
> +  MsgArg->NumParams = 2;
> +
> +  if (OpteeCallWithArg ((EFI_PHYSICAL_ADDRESS)MsgArg)) {
> +    MsgArg->Ret = TEEC_ERROR_COMMUNICATION;
> +    MsgArg->RetOrigin = TEEC_ORIGIN_COMMS;
> +  }
> +
> +  OpenSessionArg->Session = MsgArg->Session;
> +  OpenSessionArg->Ret = MsgArg->Ret;
> +  OpenSessionArg->RetOrigin = MsgArg->RetOrigin;
> +
> +  return EFI_SUCCESS;
> +}
> +
> +EFI_STATUS
> +EFIAPI
> +OpteeCloseSession (
> +  IN UINT32                      Session
> +  )
> +{
> +  OPTEE_MSG_ARG    *MsgArg;
> +
> +  MsgArg = NULL;
> +
> +  if (OpteeShmInfo.Base == 0) {
> +    DEBUG ((DEBUG_WARN, "OP-TEE not initialized\n"));
> +    return EFI_NOT_STARTED;
> +  }
> +
> +  MsgArg = (OPTEE_MSG_ARG *)OpteeShmInfo.Base;
> +  ZeroMem (MsgArg, sizeof (OPTEE_MSG_ARG));
> +
> +  MsgArg->Cmd = OPTEE_MSG_CMD_CLOSE_SESSION;
> +  MsgArg->Session = Session;
> +
> +  OpteeCallWithArg ((EFI_PHYSICAL_ADDRESS)MsgArg);
> +
> +  return EFI_SUCCESS;
> +}
> +
> +STATIC
> +EFI_STATUS
> +OpteeToMsgParam (
> +  OUT OPTEE_MSG_PARAM    *MsgParams,
> +  IN UINT32              NumParams,
> +  IN OPTEE_MSG_PARAM     *InParams
> +  )
> +{
> +  UINT32                  Idx;
> +  UINTN                   ParamShmAddr;
> +  UINTN                   ShmSize;
> +  UINTN                   Size;
> +
> +  Size = (sizeof (OPTEE_MSG_ARG) + sizeof (UINT64) - 1) & ~(sizeof (UINT64) - 1);
> +  ParamShmAddr = OpteeShmInfo.Base + Size;
> +  ShmSize = OpteeShmInfo.Size - Size;
> +
> +  for (Idx = 0; Idx < NumParams; Idx++) {
> +    CONST OPTEE_MSG_PARAM    *Ip;
> +    OPTEE_MSG_PARAM          *Mp;
> +    UINT32                   Attr;
> +
> +    Ip = InParams + Idx;
> +    Mp = MsgParams + Idx;
> +    Attr = Ip->Attr & OPTEE_MSG_ATTR_TYPE_MASK;
> +
> +    switch (Attr) {
> +    case OPTEE_MSG_ATTR_TYPE_NONE:
> +      Mp->Attr = OPTEE_MSG_ATTR_TYPE_NONE;
> +      ZeroMem (&Mp->U, sizeof (Mp->U));
> +      break;
> +
> +    case OPTEE_MSG_ATTR_TYPE_VALUE_INPUT:
> +    case OPTEE_MSG_ATTR_TYPE_VALUE_OUTPUT:
> +    case OPTEE_MSG_ATTR_TYPE_VALUE_INOUT:
> +      Mp->Attr = Attr;
> +      Mp->U.Value.A = Ip->U.Value.A;
> +      Mp->U.Value.B = Ip->U.Value.B;
> +      Mp->U.Value.C = Ip->U.Value.C;
> +      break;
> +
> +    case OPTEE_MSG_ATTR_TYPE_MEM_INPUT:
> +    case OPTEE_MSG_ATTR_TYPE_MEM_OUTPUT:
> +    case OPTEE_MSG_ATTR_TYPE_MEM_INOUT:
> +      Mp->Attr = Attr;
> +
> +      if (Ip->U.Mem.Size > ShmSize) {
> +        return EFI_OUT_OF_RESOURCES;
> +      }
> +
> +      CopyMem ((VOID *)ParamShmAddr, (VOID *)Ip->U.Mem.BufPtr, Ip->U.Mem.Size);
> +      Mp->U.Mem.BufPtr = (UINT64)ParamShmAddr;
> +      Mp->U.Mem.Size = Ip->U.Mem.Size;
> +
> +      Size = (Ip->U.Mem.Size + sizeof (UINT64) - 1) & ~(sizeof (UINT64) - 1);
> +      ParamShmAddr += Size;
> +      ShmSize -= Size;
> +      break;
> +
> +    default:
> +      return EFI_INVALID_PARAMETER;
> +    }
> +  }
> +
> +  return EFI_SUCCESS;
> +}
> +
> +STATIC
> +EFI_STATUS
> +OpteeFromMsgParam (
> +  OUT OPTEE_MSG_PARAM    *OutParams,
> +  IN UINT32              NumParams,
> +  IN OPTEE_MSG_PARAM     *MsgParams
> +  )
> +{
> +  UINT32                 Idx;
> +
> +  for (Idx = 0; Idx < NumParams; Idx++) {
> +    OPTEE_MSG_PARAM          *Op;
> +    CONST OPTEE_MSG_PARAM    *Mp;
> +    UINT32                   Attr;
> +
> +    Op = OutParams + Idx;
> +    Mp = MsgParams + Idx;
> +    Attr = Mp->Attr & OPTEE_MSG_ATTR_TYPE_MASK;
> +
> +    switch (Attr) {
> +    case OPTEE_MSG_ATTR_TYPE_NONE:
> +      Op->Attr = OPTEE_MSG_ATTR_TYPE_NONE;
> +      ZeroMem (&Op->U, sizeof (Op->U));
> +      break;
> +
> +    case OPTEE_MSG_ATTR_TYPE_VALUE_INPUT:
> +    case OPTEE_MSG_ATTR_TYPE_VALUE_OUTPUT:
> +    case OPTEE_MSG_ATTR_TYPE_VALUE_INOUT:
> +      Op->Attr = Attr;
> +      Op->U.Value.A = Mp->U.Value.A;
> +      Op->U.Value.B = Mp->U.Value.B;
> +      Op->U.Value.C = Mp->U.Value.C;
> +      break;
> +
> +    case OPTEE_MSG_ATTR_TYPE_MEM_INPUT:
> +    case OPTEE_MSG_ATTR_TYPE_MEM_OUTPUT:
> +    case OPTEE_MSG_ATTR_TYPE_MEM_INOUT:
> +      Op->Attr = Attr;
> +
> +      if (Mp->U.Mem.Size > Op->U.Mem.Size) {
> +        return EFI_BAD_BUFFER_SIZE;
> +      }
> +
> +      CopyMem ((VOID *)Op->U.Mem.BufPtr, (VOID *)Mp->U.Mem.BufPtr, Mp->U.Mem.Size);
> +      Op->U.Mem.Size = Mp->U.Mem.Size;
> +      break;
> +
> +    default:
> +      return EFI_INVALID_PARAMETER;
> +    }
> +  }
> +
> +  return EFI_SUCCESS;
> +}
> +
> +EFI_STATUS
> +EFIAPI
> +OpteeInvokeFunc (
> +  IN OUT OPTEE_INVOKE_FUNC_ARG       *InvokeFuncArg
> +  )
> +{
> +  EFI_STATUS       Status;
> +  OPTEE_MSG_ARG    *MsgArg;
> +
> +  MsgArg = NULL;
> +
> +  if (OpteeShmInfo.Base == 0) {
> +    DEBUG ((DEBUG_WARN, "OP-TEE not initialized\n"));
> +    return EFI_NOT_STARTED;
> +  }
> +
> +  MsgArg = (OPTEE_MSG_ARG *)OpteeShmInfo.Base;
> +  ZeroMem (MsgArg, sizeof (OPTEE_MSG_ARG));
> +
> +  MsgArg->Cmd = OPTEE_MSG_CMD_INVOKE_COMMAND;
> +  MsgArg->Func = InvokeFuncArg->Func;
> +  MsgArg->Session = InvokeFuncArg->Session;
> +
> +  Status = OpteeToMsgParam (MsgArg->Params, MAX_PARAMS, InvokeFuncArg->Params);
> +  if (Status)
> +    return Status;
> +
> +  MsgArg->NumParams = MAX_PARAMS;
> +
> +  if (OpteeCallWithArg ((EFI_PHYSICAL_ADDRESS)MsgArg)) {
> +    MsgArg->Ret = TEEC_ERROR_COMMUNICATION;
> +    MsgArg->RetOrigin = TEEC_ORIGIN_COMMS;
> +  }
> +
> +  if (OpteeFromMsgParam (InvokeFuncArg->Params, MAX_PARAMS, MsgArg->Params)) {
> +    MsgArg->Ret = TEEC_ERROR_COMMUNICATION;
> +    MsgArg->RetOrigin = TEEC_ORIGIN_COMMS;
> +  }
> +
> +  InvokeFuncArg->Ret = MsgArg->Ret;
> +  InvokeFuncArg->RetOrigin = MsgArg->RetOrigin;
> +
> +  return EFI_SUCCESS;
> +}
> diff --git a/ArmPkg/Library/OpteeLib/OpteeLib.inf b/ArmPkg/Library/OpteeLib/OpteeLib.inf
> index 5abd427379cc..e03054a7167d 100644
> --- a/ArmPkg/Library/OpteeLib/OpteeLib.inf
> +++ b/ArmPkg/Library/OpteeLib/OpteeLib.inf
> @@ -23,11 +23,13 @@ [Defines]
>
>  [Sources]
>    Optee.c
> +  OpteeSmc.h
>
>  [Packages]
>    ArmPkg/ArmPkg.dec
>    MdePkg/MdePkg.dec
>
>  [LibraryClasses]
> +  ArmMmuLib
>    ArmSmcLib
>    BaseLib
> diff --git a/ArmPkg/Library/OpteeLib/OpteeSmc.h b/ArmPkg/Library/OpteeLib/OpteeSmc.h
> new file mode 100644
> index 000000000000..e2ea35784a0a
> --- /dev/null
> +++ b/ArmPkg/Library/OpteeLib/OpteeSmc.h
> @@ -0,0 +1,43 @@
> +/** @file
> +  OP-TEE SMC header file.
> +
> +  Copyright (c) 2018, Linaro Ltd. All rights reserved.<BR>
> +
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#ifndef _OPTEE_SMC_H_
> +#define _OPTEE_SMC_H_
> +
> +/* Returned in Arg0 only from Trusted OS functions */
> +#define OPTEE_SMC_RETURN_OK                     0x0
> +
> +#define OPTEE_SMC_RETURN_FROM_RPC               0x32000003
> +#define OPTEE_SMC_CALL_WITH_ARG                 0x32000004
> +#define OPTEE_SMC_GET_SHM_CONFIG                0xb2000007
> +
> +#define OPTEE_SMC_SHM_CACHED                    1
> +
> +#define OPTEE_SMC_RETURN_RPC_FOREIGN_INTR       0xffff0004
> +
> +#define OPTEE_MSG_CMD_OPEN_SESSION              0
> +#define OPTEE_MSG_CMD_INVOKE_COMMAND            1
> +#define OPTEE_MSG_CMD_CLOSE_SESSION             2
> +
> +#define OPTEE_MSG_ATTR_META                     0x100
> +
> +#define TEE_LOGIN_PUBLIC                        0x0
> +
> +typedef struct {
> +  UINTN    Base;
> +  UINTN    Size;
> +} OPTEE_SHARED_MEMORY_INFO;
> +
> +#endif
> diff --git a/ArmPkg/Include/Library/OpteeLib.h b/MdePkg/Include/IndustryStandard/GlobalPlatform.h
> similarity index 53%
> copy from ArmPkg/Include/Library/OpteeLib.h
> copy to MdePkg/Include/IndustryStandard/GlobalPlatform.h
> index f65d8674d9b8..14c621d89971 100644
> --- a/ArmPkg/Include/Library/OpteeLib.h
> +++ b/MdePkg/Include/IndustryStandard/GlobalPlatform.h

This has to go into a separate patch, and has to be cc'ed to the
MdePkg maintainers as well.

> @@ -1,34 +1,26 @@
> -/** @file
> -  OP-TEE specific header file.
> -
> -  Copyright (c) 2018, Linaro Ltd. All rights reserved.<BR>
> -
> -  This program and the accompanying materials
> -  are licensed and made available under the terms and conditions of the BSD License
> -  which accompanies this distribution.  The full text of the license may be found at
> -  http://opensource.org/licenses/bsd-license.php
> -
> -  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> -  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> -
> -**/
> -
> -#ifndef _OPTEE_H_
> -#define _OPTEE_H_
> -
> -/*
> - * The 'Trusted OS Call UID' is supposed to return the following UUID for
> - * OP-TEE OS. This is a 128-bit value.
> - */
> -#define OPTEE_OS_UID0          0x384fb3e0
> -#define OPTEE_OS_UID1          0xe7f811e3
> -#define OPTEE_OS_UID2          0xaf630002
> -#define OPTEE_OS_UID3          0xa5d5c51b
> -
> -BOOLEAN
> -EFIAPI
> -IsOpteePresent (
> -  VOID
> -  );
> -
> -#endif
> +/** @file
> +  Standardized Global Platform header file.
> +

Can you please include some URL reference here?

> +  Copyright (c) 2018, Linaro Ltd. All rights reserved.<BR>
> +
> +  This program and the accompanying materials
> +  are licensed and made available under the terms and conditions of the BSD License
> +  which accompanies this distribution.  The full text of the license may be found at
> +  http://opensource.org/licenses/bsd-license.php
> +
> +  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
> +  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
> +
> +**/
> +
> +#ifndef _GLOBAL_PLATFORM_H_
> +#define _GLOBAL_PLATFORM_H_
> +
> +#define TEEC_ORIGIN_COMMS                       0x00000002
> +
> +#define TEEC_SUCCESS                            0x00000000
> +#define TEEC_ERROR_BAD_PARAMETERS               0xFFFF0006
> +#define TEEC_ERROR_COMMUNICATION                0xFFFF000E
> +#define TEEC_ERROR_OUT_OF_MEMORY                0xFFFF000C
> +
> +#endif
> --
> 2.7.4
>