Other Parts Discussed in Thread: TDA4VH-Q1
Hi, TI expert!
I worked on TDA4VH-Q1, the software SDK version is PROCESSOR-SDK-LINUX-J784S4-09.02.00.05.
To adapt to the upgrade of SDK, we update optee-os, optee-client and optee-test to 4.1.0 . But something wrong when I enable RPMB. The detailed information is as follows:
1.We execute "xtest ” to test optee,every case is passed at tag 4.1.0.,with optee config "CFG_RPMB_FS = n".
2.There are many failed cases happening at xtest when I set "CFG_RPMB_FS = y" and "CFG_RPMB_WRITE_KEY=y" . I tested many times and the results are different. The errors include 0xffff0000, 0xffff000f, 0xf0100001 and 0xffff00007,as follows:
root@megatron:/data# xtest -t regression
Run test suite with level=0
TEE test application started over default TEE instance
######################################################
#
# regression
#
######################################################
* regression_1001 Core self tests
o regression_1001.1 Core self tests
regression_1001.1 OK
o regression_1001.2 Core dt_driver self tests
regression_1001.2 OK
regression_1001 OK
* regression_1002 PTA parameters
regression_1002 OK
* regression_1003 Core internal read/write mutex
Number of parallel threads: 6 (2 writers and 4 readers)
Max read concurrency: 2
Max read waiters: 1
Mean read concurrency: 1.1
Mean read waiting: 1
regression_1003 OK
* regression_1004 Test User Crypt TA
/usr/src/debug/optee-test/4.1.0+gitAUTOINC+2e1e7a9c9d-r0/git/host/xtest/regression_1000.c:505: xtest_teec_open_session( &session, &crypt_user_ta_uuid, ((void *)0), &ret_orig) has an unexpected value: 0xffff0000 = TEEC_ERROR_GENERIC, expected 0x0 = TEEC_SUCCESS
regression_1004 FAILED
* regression_1005 Many sessions
/usr/src/debug/optee-test/4.1.0+gitAUTOINC+2e1e7a9c9d-r0/git/host/xtest/regression_1000.c:597: xtest_teec_open_session(&sessions[i], &concurrent_ta_uuid, ((void *)0), &ret_orig) has an unexpected value: 0xffff000f = TEEC_ERROR_SECURITY, expected 0x0 = TEEC_SUCCESS
regression_1005 FAILED
* regression_1006 Test Basic OS features
/usr/src/debug/optee-test/4.1.0+gitAUTOINC+2e1e7a9c9d-r0/git/host/xtest/regression_1000.c:616: xtest_teec_open_session(&session, &os_test_ta_uuid, ((void *)0), &ret_orig) has an unexpected value: 0xffff0000 = TEEC_ERROR_GENERIC, expected 0x0 = TEEC_SUCCESS
regression_1006 FAILED
* regression_1007 Test Panic
/usr/src/debug/optee-test/4.1.0+gitAUTOINC+2e1e7a9c9d-r0/git/host/xtest/regression_1000.c:640: xtest_teec_open_session(&session, &os_test_ta_uuid, ((void *)0), &ret_orig) has an unexpected value: 0xffff0000 = TEEC_ERROR_GENERIC, expected 0x0 = TEEC_SUCCESS
regression_1007 FAILED
* regression_1008 TEE internal client API
o regression_1008.1 Invoke command
/usr/src/debug/optee-test/4.1.0+gitAUTOINC+2e1e7a9c9d-r0/git/host/xtest/regression_1000.c:784: xtest_teec_open_session(&session, &os_test_ta_uuid, ((void *)0), &ret_orig) has an unexpected value: 0xffff000f = TEEC_ERROR_SECURITY, expected 0x0 = TEEC_SUCCESS
regression_1008.1 FAILED
o regression_1008.2 Invoke command with timeout
/usr/src/debug/optee-test/4.1.0+gitAUTOINC+2e1e7a9c9d-r0/git/host/xtest/regression_1000.c:805: xtest_teec_open_session(&session, &os_test_ta_uuid, ((void *)0), &ret_orig) has an unexpected value: 0xffff0000 = TEEC_ERROR_GENERIC, expected 0x0 = TEEC_SUCCESS
regression_1008.2 FAILED
o regression_1008.3 Create session fail
n = 0
/usr/src/debug/optee-test/4.1.0+gitAUTOINC+2e1e7a9c9d-r0/git/host/xtest/regression_1000.c:826: xtest_teec_open_session(&session_crypt, &create_fail_test_ta_uuid, ((void *)0), &ret_orig) has an unexpected value: 0xffff000f = TEEC_ERROR_SECURITY, expected 0xffff0000 = TEEC_ERROR_GENERIC
regression_1008.3 FAILED
o regression_1008.4 Load corrupt TA
/usr/src/debug/optee-test/4.1.0+gitAUTOINC+2e1e7a9c9d-r0/git/host/xtest/regression_1000.c:731: res has an unexpected value: 0xffff0000 = TEEC_ERROR_GENERIC, expected 0xffff000f = TEEC_ERROR_SECURITY
/usr/src/debug/optee-test/4.1.0+gitAUTOINC+2e1e7a9c9d-r0/git/host/xtest/regression_1000.c:772: load_corrupt_ta(c, 3000, 1) has an unexpected value: 0x0 = false, expected 0x1 = true
/usr/src/debug/optee-test/4.1.0+gitAUTOINC+2e1e7a9c9d-r0/git/host/xtest/regression_1000.c:731: res has an unexpected value: 0xffff0000 = TEEC_ERROR_GENERIC, expected 0xffff000f = TEEC_ERROR_SECURITY
/usr/src/debug/optee-test/4.1.0+gitAUTOINC+2e1e7a9c9d-r0/git/host/xtest/regression_1000.c:773: load_corrupt_ta(c, 8000, 1) has an unexpected value: 0x0 = false, expected 0x1 = true
regression_1008.4 FAILED
regression_1008 FAILED
3.So I set “RPMB_EMU = 1” to "Enable tee-supplicant to emulate RPMB". All use cases were successfully executed this time (except case regression 1033, which I know that dues to hardware reasons ).
root@megatron:/# xtest -t regression
Run test suite with level=0
TEE test application started over default TEE instance
######################################################
#
# regression
#
######################################################
* regression_1001 Core self tests
o regression_1001.1 Core self tests
regression_1001.1 OK
o regression_1001.2 Core dt_driver self tests
regression_1001.2 OK
regression_1001 OK
* regression_1002 PTA parameters
regression_1002 OK
* regression_1003 Core internal read/write mutex
Number of parallel threads: 6 (2 writers and 4 readers)
Max read concurrency: 1
Max read waiters: 1
Mean read concurrency: 1
Mean read waiting: 1
regression_1003 OK
* regression_1004 Test User Crypt TA
o regression_1004.1 AES encrypt
regression_1004.1 OK
o regression_1004.2 AES decrypt
regression_1004.2 OK
o regression_1004.3 SHA-256 test, 3 bytes input
regression_1004.3 OK
o regression_1004.4 AES-256 ECB encrypt (32B, fixed key)
regression_1004.4 OK
o regression_1004.5 AES-256 ECB decrypt (32B, fixed key)
regression_1004.5 OK
regression_1004 OK
* regression_1005 Many sessions
regression_1005 OK
* regression_1006 Test Basic OS features
regression_1006 OK
* regression_1007 Test Panic
regression_1007 OK
* regression_1008 TEE internal client API
o regression_1008.1 Invoke command
regression_1008.1 OK
o regression_1008.2 Invoke command with timeout
regression_1008.2 OK
o regression_1008.3 Create session fail
n = 0
regression_1008.3 OK
o regression_1008.4 Load corrupt TA
regression_1008.4 OK
regression_1008 OK
* regression_1009 TEE Wait
o regression_1009.1 TEE Wait 0.1s
regression_1009.1 OK
o regression_1009.2 TEE Wait 0.5s
regression_1009.2 OK
o regression_1009.3 TEE Wait 2s cancel
regression_1009.3 OK
o regression_1009.4 TEE Wait 2s
regression_1009.4 OK
regression_1009 OK
* regression_1010 Invalid memory access
o regression_1010.1 Invalid memory access 1
regression_1010.1 OK
o regression_1010.2 Invalid memory access 2
regression_1010.2 OK
o regression_1010.3 Invalid memory access 3
regression_1010.3 OK
o regression_1010.4 Invalid memory access 4
regression_1010.4 OK
o regression_1010.5 Invalid memory access 5
regression_1010.5 OK
o regression_1010.6 Invalid memory access 6
regression_1010.6 OK
o regression_1010.7 Invalid memory access 7
regression_1010.7 OK
o regression_1010.8 Invalid memory access 1 with 1024 bytes memref
regression_1010.8 OK
o regression_1010.9 Invalid memory access 2 with 1024 bytes memref
regression_1010.9 OK
o regression_1010.10 Invalid memory access 3 with 1024 bytes memref
regression_1010.10 OK
o regression_1010.11 Invalid memory access 4 with 1024 bytes memref
regression_1010.11 OK
o regression_1010.12 Invalid memory access 5 with 1024 bytes memref
regression_1010.12 OK
o regression_1010.13 Invalid memory access 1 with 65536 bytes memref
regression_1010.13 OK
o regression_1010.14 Invalid memory access 2 with 65536 bytes memref
regression_1010.14 OK
o regression_1010.15 Invalid memory access 3 with 65536 bytes memref
regression_1010.15 OK
o regression_1010.16 Invalid memory access 4 with 65536 bytes memref
regression_1010.16 OK
o regression_1010.17 Invalid memory access 5 with 65536 bytes memref
regression_1010.17 OK
regression_1010 OK
* regression_1011 Test TA-to-TA features with User Crypt TA
o regression_1011.1 TA-to-TA via non-secure shared memory
o regression_1011.1.1 AES encrypt
regression_1011.1.1 OK
o regression_1011.1.2 AES decrypt
regression_1011.1.2 OK
o regression_1011.1.3 SHA-256 test, 3 bytes input
regression_1011.1.3 OK
o regression_1011.1.4 AES-256 ECB encrypt (32B, fixed key)
regression_1011.1.4 OK
o regression_1011.1.5 AES-256 ECB decrypt (32B, fixed key)
regression_1011.1.5 OK
regression_1011.1 OK
o regression_1011.2 TA-to-TA via TA private memory
o regression_1011.2.1 AES encrypt
regression_1011.2.1 OK
o regression_1011.2.2 AES decrypt
regression_1011.2.2 OK
o regression_1011.2.3 SHA-256 test, 3 bytes input
regression_1011.2.3 OK
o regression_1011.2.4 AES-256 ECB encrypt (32B, fixed key)
regression_1011.2.4 OK
o regression_1011.2.5 AES-256 ECB decrypt (32B, fixed key)
regression_1011.2.5 OK
regression_1011.2 OK
regression_1011 OK
* regression_1012 Test Single Instance Multi Session features with SIMS TA
o regression_1012.1 Single Instance Multi Session
regression_1012.1 OK
regression_1012 OK
* regression_1013 Test concurrency with concurrent TA
o regression_1013.1 Using small concurrency TA
o regression_1013.1.1 Busy loop repeat 10000
regression_1013.1.1 OK
o regression_1013.1.2 SHA-256 loop repeat 1000
regression_1013.1.2 OK
o regression_1013.1.3 Busy loop repeat 10000
regression_1013.1.3 OK
o regression_1013.1.4 SHA-256 loop repeat 1000
regression_1013.1.4 OK
o regression_1013.1.5 Busy loop repeat 10000
regression_1013.1.5 OK
o regression_1013.1.6 SHA-256 loop repeat 1000
regression_1013.1.6 OK
o regression_1013.1.7 Busy loop repeat 10000
regression_1013.1.7 OK
o regression_1013.1.8 SHA-256 loop repeat 1000
regression_1013.1.8 OK
o regression_1013.1.9 Busy loop repeat 10000
regression_1013.1.9 OK
o regression_1013.1.10 SHA-256 loop repeat 1000
regression_1013.1.10 OK
o regression_1013.1.11 Busy loop repeat 10000
regression_1013.1.11 OK
o regression_1013.1.12 SHA-256 loop repeat 1000
regression_1013.1.12 OK
o regression_1013.1.13 Busy loop repeat 10000
regression_1013.1.13 OK
o regression_1013.1.14 SHA-256 loop repeat 1000
regression_1013.1.14 OK
o regression_1013.1.15 Busy loop repeat 10000
regression_1013.1.15 OK
o regression_1013.1.16 SHA-256 loop repeat 1000
regression_1013.1.16 OK
o regression_1013.1.17 Busy loop repeat 10000
regression_1013.1.17 OK
o regression_1013.1.18 SHA-256 loop repeat 1000
regression_1013.1.18 OK
o regression_1013.1.19 Busy loop repeat 10000
regression_1013.1.19 OK
o regression_1013.1.20 SHA-256 loop repeat 1000
regression_1013.1.20 OK
o regression_1013.1.21 Busy loop repeat 10000
regression_1013.1.21 OK
o regression_1013.1.22 SHA-256 loop repeat 1000
regression_1013.1.22 OK
o regression_1013.1.23 Busy loop repeat 10000
regression_1013.1.23 OK
o regression_1013.1.24 SHA-256 loop repeat 1000
regression_1013.1.24 OK
Number of parallel threads: 3
Mean concurrency: 1
regression_1013.1 OK
o regression_1013.2 Using large concurrency TA
o regression_1013.2.1 Busy loop repeat 10000
regression_1013.2.1 OK
o regression_1013.2.2 SHA-256 loop repeat 1000
regression_1013.2.2 OK
o regression_1013.2.3 Busy loop repeat 10000
regression_1013.2.3 OK
o regression_1013.2.4 SHA-256 loop repeat 1000
regression_1013.2.4 OK
o regression_1013.2.5 Busy loop repeat 10000
regression_1013.2.5 OK
o regression_1013.2.6 SHA-256 loop repeat 1000
regression_1013.2.6 OK
o regression_1013.2.7 Busy loop repeat 10000
regression_1013.2.7 OK
o regression_1013.2.8 SHA-256 loop repeat 1000
regression_1013.2.8 OK
o regression_1013.2.9 Busy loop repeat 10000
regression_1013.2.9 OK
o regression_1013.2.10 SHA-256 loop repeat 1000
regression_1013.2.10 OK
o regression_1013.2.11 Busy loop repeat 10000
regression_1013.2.11 OK
o regression_1013.2.12 SHA-256 loop repeat 1000
regression_1013.2.12 OK
o regression_1013.2.13 Busy loop repeat 10000
regression_1013.2.13 OK
o regression_1013.2.14 SHA-256 loop repeat 1000
regression_1013.2.14 OK
o regression_1013.2.15 Busy loop repeat 10000
regression_1013.2.15 OK
o regression_1013.2.16 SHA-256 loop repeat 1000
regression_1013.2.16 OK
o regression_1013.2.17 Busy loop repeat 10000
regression_1013.2.17 OK
o regression_1013.2.18 SHA-256 loop repeat 1000
regression_1013.2.18 OK
o regression_1013.2.19 Busy loop repeat 10000
regression_1013.2.19 OK
o regression_1013.2.20 SHA-256 loop repeat 1000
regression_1013.2.20 OK
o regression_1013.2.21 Busy loop repeat 10000
regression_1013.2.21 OK
o regression_1013.2.22 SHA-256 loop repeat 1000
regression_1013.2.22 OK
o regression_1013.2.23 Busy loop repeat 10000
regression_1013.2.23 OK
o regression_1013.2.24 SHA-256 loop repeat 1000
regression_1013.2.24 OK
Number of parallel threads: 3
Mean concurrency: 1
regression_1013.2 OK
regression_1013 OK
* regression_1015 FS hash-tree corner cases
regression_1015 OK
* regression_1016 Test TA to TA transfers (in/out/inout memrefs on the stack)
regression_1016 OK
* regression_1017 Test coalescing memrefs
regression_1017 OK
* regression_1018 Test memref out of bounds
o regression_1018.1 Out of bounds > 4kB on allocated shm
regression_1018.1 OK
o regression_1018.2 Out of bounds by 1 byte on registered shm
regression_1018.2 OK
o regression_1018.3 Out of bounds by 1 byte ref on allocated shm
regression_1018.3 OK
regression_1018 OK
* regression_1019 Test dynamically linked TA
regression_1019 OK
* regression_1020 Test lockdep algorithm
- 1020 - skip test, feature not implemented
regression_1020 OK
* regression_1021 Test panic context release
o regression_1021.1 Multiple Instances Single Session
regression_1021.1 OK
o regression_1021.2 Single Instance Multi Sessions
regression_1021.2 OK
o regression_1021.3 Single Instance Multi Sessions Keep Alive
regression_1021.3 OK
o regression_1021.4 Multi Sessions TA to TA
regression_1021.4 OK
regression_1021 OK
* regression_1022 Test dlopen()/dlsym()/dlclose() API
regression_1022 OK
* regression_1023 Test ELF initialization (.init_array)
regression_1023 OK
* regression_1025 Test memref NULL and/or 0 bytes size
o regression_1025.1 Invalid NULL buffer memref registration
regression_1025.1 OK
o regression_1025.2 Input/Output MEMREF Buffer NULL - Size 0 bytes
regression_1025.2 OK
o regression_1025.3 Input MEMREF Buffer NULL - Size non 0 bytes
regression_1025.3 OK
o regression_1025.4 Input MEMREF Buffer NULL over PTA invocation
regression_1025.4 OK
regression_1025 OK
* regression_1026 Session: public login
regression_1026 OK
* regression_1027 Session: user login for current user
regression_1027 OK
* regression_1028 Session: group login for current user's effective group
regression_1028 OK
* regression_1029 Test __thread attribute
o regression_1029.1 TLS variables (main program)
- 1029 - skip test, TA returned TEEC_ERROR_NOT_SUPPORTED
regression_1029.1 OK
o regression_1029.2 TLS variables (shared library)
- 1029 - skip test, TA returned TEEC_ERROR_NOT_SUPPORTED
regression_1029.2 OK
regression_1029 OK
* regression_1030 Test dl_iterate_phdr()
o regression_1030.1 Before dlopen()
regression_1030.1 OK
o regression_1030.2 After dlopen()
regression_1030.2 OK
regression_1030 OK
* regression_1031 Test C++ features
o regression_1031.1 Global object constructor (main program)
TA not built with C++ support, skipping C++ tests
regression_1031.1 OK
regression_1031 OK
* regression_1032 Register read-only shared memory
regression_1032 OK
* regression_1033 Test the supplicant plugin framework
/usr/src/debug/optee-test/4.1.0+gitAUTOINC+2e1e7a9c9d-r0/git/host/xtest/regression_1000.c:2465: xtest_teec_open_session(&session, &supp_plugin_test_ta_uuid, ((void *)0), &ret_orig) has an unexpected value: 0xffff0008 = TEEC_ERROR_ITEM_NOT_FOUND, expected 0x0 = TEEC_SUCCESS
regression_1033 FAILED
* regression_1034 Test loading a large TA
regression_1034 OK
* regression_1036 Test PAuth (Pointer Authentication)
o regression_1036.1 PAuth NOP test
Binary doesn't support PAuth - skip tests
regression_1036.1 OK
regression_1036 OK
* regression_1037 Remote attestation
skip test, pseudo TA not found
regression_1037 OK
* regression_1038 Test MTE (Memory Tag Extension)
o regression_1038.1 MTE use after free
Binary doesn't support MTE - skip tests
regression_1038.1 OK
regression_1038 OK
* regression_1039 Test subkey verification
o regression_1039.1 Load TA with two levels of subkeys
regression_1039.1 OK
o regression_1039.2 Load TA with identity subkey
regression_1039.2 OK
regression_1039 OK
* regression_1040 Test panic in concurrent open/invoke/close session
o regression_1040.1 Concurent invoke with panic in TA
regression_1040.1 OK
regression_1040 OK
* regression_2001 Trivial TCP iSocket API tests
o regression_2001.1 Start server
regression_2001.1 OK
o regression_2001.2 TCP Socket open
regression_2001.2 OK
o regression_2001.3 TCP Socket send
regression_2001.3 OK
o regression_2001.4 TCP Socket recv
regression_2001.4 OK
o regression_2001.5 TCP Socket get error
regression_2001.5 OK
o regression_2001.6 TCP Socket close
regression_2001.6 OK
o regression_2001.7 TCP Socket ioctl
regression_2001.7 OK
regression_2001 OK
* regression_2002 Concurrent stressing TCP iSocket API tests
o regression_2002.1 Stressing with 3 threads
regression_2002.1 OK
regression_2002 OK
Compare the various conditions mentioned above, accessing the real RPMB would result in xtest failure, while accessing the emulate RPMB xtest was successful after enabling RPMB storage.
So I guess if there are any code modifications or configuration changes for reading and writing RPMB in the kernel, how should I correctly read and write RPMB?
May I ask how to solve the problem I am currently facing?
Regards,
Han