-
Notifications
You must be signed in to change notification settings - Fork 1.1k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Most platforms have a per-device uinque ID available, but it is not publicly documented how to access it. That leads to a situation on, eg, Hikey where OP-TEE has no way to tell two Hikey's apart. For many situations, including OP-TEE's own "Secure Storage", this destroys security and other functionality. It's possible that the caller of OP-TEE, arm-trusted-firmware in aarch64 case has access to identifying unique tokens. In that case, it'd be nice if a-t-f could pass it into OP-TEE and if no access to the real SoC "OTP" per-device identifier, use this shorter unique token that has a very good chance of being unique between devices. This patch enables the code calling OP-TEE to pass in a uint32_t "pseudo device ID" at startup, which OP-TEE will then use if the platform sets CFG_OTP_SUPPORT and CFG_OTP_SUPPORT_PSEUDO_ID. For aarch64, X7 is used to carry the "pseudo device ID". Signed-off-by: Andy Green <andy@warmcat.com>
- Loading branch information
Showing
3 changed files
with
52 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters