Tee-dev October 2019

tee-dev@lists.linaro.org

16 participants
14 discussions

by Thomas, Rijo-john

This patch series introduces Trusted Execution Environment (TEE) driver for AMD APU enabled systems. The TEE is a secure area of a processor which ensures that sensitive data is stored, processed and protected in an isolated and trusted environment. The AMD Secure Processor is a dedicated processor which provides TEE to enable HW platform security. It offers protection against software attacks generated in Rich Operating System (Rich OS) such as Linux running on x86. The AMD-TEE Trusted OS running on AMD Secure Processor allows loading and execution of security sensitive applications called Trusted Applications (TAs). An example of a TA would be a DRM (Digital Rights Management) TA written to enforce content protection. Linux already provides a tee subsystem, which is described in [1]. The tee subsystem provides a generic TEE ioctl interface which can be used by user space to talk to a TEE driver. AMD-TEE driver registers with tee subsystem and implements tee function callbacks in an AMD platform specific manner. The following TEE commands are recognized by AMD-TEE Trusted OS: 1. TEE_CMD_ID_LOAD_TA : Load Trusted Application (TA) binary into TEE environment 2. TEE_CMD_ID_UNLOAD_TA : Unload TA binary from TEE environment 3. TEE_CMD_ID_OPEN_SESSION : Open session with loaded TA 4. TEE_CMD_ID_CLOSE_SESSION : Close session with loaded TA 5. TEE_CMD_ID_INVOKE_CMD : Invoke a command with loaded TA 6. TEE_CMD_ID_MAP_SHARED_MEM : Map shared memory 7. TEE_CMD_ID_UNMAP_SHARED_MEM : Unmap shared memory Each command has its own payload format. The AMD-TEE driver creates a command buffer payload for submission to AMD-TEE Trusted OS. This patch series has a dependency on another patch set titled - Add TEE interface support to AMD Secure Processor driver. [1] https://www.kernel.org/doc/Documentation/tee.txt Rijo Thomas (2): tee: allow compilation of tee subsystem for AMD CPUs tee: add AMD-TEE driver drivers/tee/Kconfig | 4 +- drivers/tee/Makefile | 1 + drivers/tee/amdtee/Kconfig | 8 + drivers/tee/amdtee/Makefile | 5 + drivers/tee/amdtee/amdtee_if.h | 183 +++++++++++++ drivers/tee/amdtee/amdtee_private.h | 159 +++++++++++ drivers/tee/amdtee/call.c | 370 ++++++++++++++++++++++++++ drivers/tee/amdtee/core.c | 510 ++++++++++++++++++++++++++++++++++++ drivers/tee/amdtee/shm_pool.c | 130 +++++++++ include/uapi/linux/tee.h | 1 + 10 files changed, 1369 insertions(+), 2 deletions(-) create mode 100644 drivers/tee/amdtee/Kconfig create mode 100644 drivers/tee/amdtee/Makefile create mode 100644 drivers/tee/amdtee/amdtee_if.h create mode 100644 drivers/tee/amdtee/amdtee_private.h create mode 100644 drivers/tee/amdtee/call.c create mode 100644 drivers/tee/amdtee/core.c create mode 100644 drivers/tee/amdtee/shm_pool.c -- 1.9.1

4 years, 12 months

[PATCH 0/2] tee: optee: compatibility of natively running OS with virt-enabled OP-TEE

by Michalis Pappas

There are cases in a virtualized environment where a privileged guest needs to communicate with OP-TEE OS without the presence of a hypervisor (eg system recovery). As OP-TEE OS with virtualization support requires all guests to be announced and requests to be tagged with vm id, the above task would require reflashing OP-TEE OS with a build that disables virtualization support. The following patches introduce compatibilty between a natively running OS (ie without a hypervisor) and OP-TEE OS configured with virtualization support. This is achieved by the driver announcing itself to OP-TEE, and tagging subsequent requests with a predetermined vm id. For this change to be interoperable with virtualized environments, a hypervisor has the following options: 1. Filter out the OPTEE_SMC_SEC_CAP_VIRTUALIZATION capability, so that the driver is not aware of executing in a virtualized setup. In that case, the driver will not announce itself or update the vm id parameter. 2. Gracefully handle the announcement of addition / removal of guests from the driver (OPTEE_SMC_VM_CREATED / OPTEE_SMC_VM_DESTROYED), and overwrite the vm id parameter as normal. Enabling this option does not have an impact on OP-TEE OS configured without virtualization support. Please notice that this patch depends on 9733b072a12a from mainline Linux, which is not available in Linaro's tree. Michalis Pappas (2): tee: optee: Add protocol definitions for virtualization tee: optee: Allow native systems to interact with virtualization-enabled OP-TEE drivers/tee/optee/Kconfig | 23 +++++++++++++++ drivers/tee/optee/core.c | 43 ++++++++++++++++++++++++++++ drivers/tee/optee/optee_smc.h | 54 +++++++++++++++++++++++++++++++++++ 3 files changed, 120 insertions(+) -- 2.17.1 Please mind our privacy notice<https://www.opensynergy.com/datenschutzerklaerung/privacy-notice-for-busine…> pursuant to Art. 13 GDPR. // Unsere Hinweise zum Datenschutz gem. Art. 13 DSGVO finden Sie hier.<https://www.opensynergy.com/de/datenschutzerklaerung/datenschutzhinweise-fu…>

5 years

[PATCH] tee: optee: Fix dynamic shm pool allocations

by Sumit Garg

In case of dynamic shared memory pool, kernel memory allocated using dmabuf_mgr pool needs to be registered with OP-TEE prior to its usage during optee_open_session() or optee_invoke_func(). So fix dmabuf_mgr pool allocations via an additional call to optee_shm_register(). Fixes: 9733b072a12a ("optee: allow to work without static shared memory") Signed-off-by: Sumit Garg <sumit.garg(a)linaro.org> --- Depends on patch: https://lkml.org/lkml/2019/7/30/506 that adds support to allow registration of kernel buffers with OP-TEE. drivers/tee/optee/shm_pool.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/drivers/tee/optee/shm_pool.c b/drivers/tee/optee/shm_pool.c index de1d9b8..0332a53 100644 --- a/drivers/tee/optee/shm_pool.c +++ b/drivers/tee/optee/shm_pool.c @@ -17,6 +17,7 @@ static int pool_op_alloc(struct tee_shm_pool_mgr *poolm, { unsigned int order = get_order(size); struct page *page; + int rc = 0; page = alloc_pages(GFP_KERNEL | __GFP_ZERO, order); if (!page) @@ -26,12 +27,21 @@ static int pool_op_alloc(struct tee_shm_pool_mgr *poolm, shm->paddr = page_to_phys(page); shm->size = PAGE_SIZE << order; - return 0; + if (shm->flags & TEE_SHM_DMA_BUF) { + shm->flags |= TEE_SHM_REGISTER; + rc = optee_shm_register(shm->ctx, shm, &page, 1 << order, + (unsigned long)shm->kaddr); + } + + return rc; } static void pool_op_free(struct tee_shm_pool_mgr *poolm, struct tee_shm *shm) { + if (shm->flags & TEE_SHM_DMA_BUF) + optee_shm_unregister(shm->ctx, shm); + free_pages((unsigned long)shm->kaddr, get_order(shm->size)); shm->kaddr = NULL; } -- 2.7.4

5 years

[Patch v3 0/7] Introduce TEE based Trusted Keys support

by Sumit Garg

Add support for TEE based trusted keys where TEE provides the functionality to seal and unseal trusted keys using hardware unique key. Also, this is an alternative in case platform doesn't possess a TPM device. This series also adds some TEE features like: Patch #1, #2 enables support for registered kernel shared memory with TEE. Patch #3 enables support for private kernel login method required for cases like trusted keys where we don't wan't user-space to directly access TEE service to retrieve trusted key contents. Rest of the patches from #4 to #7 adds support for TEE based trusted keys. This patch-set has been tested with OP-TEE based pseudo TA which can be found here [1]. [1] https://github.com/OP-TEE/optee_os/pull/3082 Changes in v3: 1. Update patch #2 to support registration of multiple kernel pages. 2. Incoporate dependency patch #4 in this patch-set: https://patchwork.kernel.org/patch/11091435/ 3. Rebased to latest tpmdd-master. Changes in v2: 1. Add reviewed-by tags for patch #1 and #2. 2. Incorporate comments from Jens for patch #3. 3. Switch to use generic trusted keys framework. Sumit Garg (7): tee: optee: allow kernel pages to register as shm tee: enable support to register kernel memory tee: add private login method for kernel clients KEYS: trusted: Add generic trusted keys framework KEYS: trusted: Introduce TEE based Trusted Keys doc: keys: Document usage of TEE based Trusted Keys MAINTAINERS: Add entry for TEE based Trusted Keys Documentation/security/keys/index.rst | 1 + Documentation/security/keys/tee-trusted.rst | 93 ++++++++ MAINTAINERS | 9 + drivers/tee/optee/call.c | 7 + drivers/tee/tee_core.c | 6 + drivers/tee/tee_shm.c | 26 ++- include/keys/trusted-type.h | 48 ++++ include/keys/trusted_tee.h | 66 ++++++ include/keys/trusted_tpm.h | 15 -- include/linux/tee_drv.h | 1 + include/uapi/linux/tee.h | 8 + security/keys/Kconfig | 3 + security/keys/trusted-keys/Makefile | 2 + security/keys/trusted-keys/trusted_common.c | 346 ++++++++++++++++++++++++++++ security/keys/trusted-keys/trusted_tee.c | 282 +++++++++++++++++++++++ security/keys/trusted-keys/trusted_tpm1.c | 345 +++++---------------------- 16 files changed, 954 insertions(+), 304 deletions(-) create mode 100644 Documentation/security/keys/tee-trusted.rst create mode 100644 include/keys/trusted_tee.h create mode 100644 security/keys/trusted-keys/trusted_common.c create mode 100644 security/keys/trusted-keys/trusted_tee.c -- 2.7.4

5 years

[PATCH net-next V5 0/3] Add OP-TEE based bnxt f/w manager

by Sheetal Tigadoli

This patch series adds support for TEE based BNXT firmware management module and the driver changes to invoke OP-TEE APIs to fastboot firmware and to collect crash dump. Changes from v4: - update Kconfig to reflect dependency on TEE driver Vasundhara Volam (2): bnxt_en: Add support to invoke OP-TEE API to reset firmware bnxt_en: Add support to collect crash dump via ethtool Vikas Gupta (1): firmware: broadcom: add OP-TEE based BNXT f/w manager drivers/firmware/broadcom/Kconfig | 8 + drivers/firmware/broadcom/Makefile | 1 + drivers/firmware/broadcom/tee_bnxt_fw.c | 279 ++++++++++++++++++ drivers/net/ethernet/broadcom/bnxt/bnxt.c | 13 +- drivers/net/ethernet/broadcom/bnxt/bnxt.h | 6 + .../net/ethernet/broadcom/bnxt/bnxt_ethtool.c | 37 ++- .../net/ethernet/broadcom/bnxt/bnxt_ethtool.h | 2 + include/linux/firmware/broadcom/tee_bnxt_fw.h | 14 + 8 files changed, 356 insertions(+), 4 deletions(-) create mode 100644 drivers/firmware/broadcom/tee_bnxt_fw.c create mode 100644 include/linux/firmware/broadcom/tee_bnxt_fw.h base-commit: d86784fe9b037baf06a154283a4e8cff46b6fe2f -- 2.17.1

5 years

[PATCH] optee: allow to work without static shared memory

by Volodymyr Babchuk

From: Volodymyr Babchuk <vlad.babchuk(a)gmail.com> On virtualized systems it is possible that OP-TEE will provide only dynamic shared memory support. So it is fine to boot without static SHM enabled if dymanic one is supported. Signed-off-by: Volodymyr Babchuk <vlad.babchuk(a)gmail.com> --- drivers/tee/optee/core.c | 83 ++++++++++++++++++++++++++++-------------------- 1 file changed, 49 insertions(+), 34 deletions(-) diff --git a/drivers/tee/optee/core.c b/drivers/tee/optee/core.c index 4a2c420..d80da29 100644 --- a/drivers/tee/optee/core.c +++ b/drivers/tee/optee/core.c @@ -420,9 +420,35 @@ static bool optee_msg_exchange_capabilities(optee_invoke_fn *invoke_fn, return true; } +static struct tee_shm_pool *optee_config_dyn_shm(void) +{ + struct tee_shm_pool_mgr *priv_mgr; + struct tee_shm_pool_mgr *dmabuf_mgr; + void *rc; + + rc = optee_shm_pool_alloc_pages(); + if (IS_ERR(rc)) + return rc; + priv_mgr = rc; + + rc = optee_shm_pool_alloc_pages(); + if (IS_ERR(rc)) { + tee_shm_pool_mgr_destroy(priv_mgr); + return rc; + } + dmabuf_mgr = rc; + + rc = tee_shm_pool_alloc(priv_mgr, dmabuf_mgr); + if (IS_ERR(rc)) { + tee_shm_pool_mgr_destroy(priv_mgr); + tee_shm_pool_mgr_destroy(dmabuf_mgr); + } + + return rc; +} + static struct tee_shm_pool * -optee_config_shm_memremap(optee_invoke_fn *invoke_fn, void **memremaped_shm, - u32 sec_caps) +optee_config_shm_memremap(optee_invoke_fn *invoke_fn, void **memremaped_shm) { union { struct arm_smccc_res smccc; @@ -437,10 +463,11 @@ optee_config_shm_memremap(optee_invoke_fn *invoke_fn, void **memremaped_shm, struct tee_shm_pool_mgr *priv_mgr; struct tee_shm_pool_mgr *dmabuf_mgr; void *rc; + const int sz = OPTEE_SHM_NUM_PRIV_PAGES * PAGE_SIZE; invoke_fn(OPTEE_SMC_GET_SHM_CONFIG, 0, 0, 0, 0, 0, 0, 0, &res.smccc); if (res.result.status != OPTEE_SMC_RETURN_OK) { - pr_info("shm service not available\n"); + pr_err("static shm service not available\n"); return ERR_PTR(-ENOENT); } @@ -466,28 +493,15 @@ optee_config_shm_memremap(optee_invoke_fn *invoke_fn, void **memremaped_shm, } vaddr = (unsigned long)va; - /* - * If OP-TEE can work with unregistered SHM, we will use own pool - * for private shm - */ - if (sec_caps & OPTEE_SMC_SEC_CAP_DYNAMIC_SHM) { - rc = optee_shm_pool_alloc_pages(); - if (IS_ERR(rc)) - goto err_memunmap; - priv_mgr = rc; - } else { - const size_t sz = OPTEE_SHM_NUM_PRIV_PAGES * PAGE_SIZE; - - rc = tee_shm_pool_mgr_alloc_res_mem(vaddr, paddr, sz, - 3 /* 8 bytes aligned */); - if (IS_ERR(rc)) - goto err_memunmap; - priv_mgr = rc; - - vaddr += sz; - paddr += sz; - size -= sz; - } + rc = tee_shm_pool_mgr_alloc_res_mem(vaddr, paddr, sz, + 3 /* 8 bytes aligned */); + if (IS_ERR(rc)) + goto err_memunmap; + priv_mgr = rc; + + vaddr += sz; + paddr += sz; + size -= sz; rc = tee_shm_pool_mgr_alloc_res_mem(vaddr, paddr, size, PAGE_SHIFT); if (IS_ERR(rc)) @@ -553,7 +567,7 @@ static optee_invoke_fn *get_invoke_func(struct device_node *np) static struct optee *optee_probe(struct device_node *np) { optee_invoke_fn *invoke_fn; - struct tee_shm_pool *pool; + struct tee_shm_pool *pool = ERR_PTR(-EINVAL); struct optee *optee = NULL; void *memremaped_shm = NULL; struct tee_device *teedev; @@ -582,13 +596,17 @@ static struct optee *optee_probe(struct device_node *np) } /* - * We have no other option for shared memory, if secure world - * doesn't have any reserved memory we can use we can't continue. + * Try to use dynamic shared memory if possible */ - if (!(sec_caps & OPTEE_SMC_SEC_CAP_HAVE_RESERVED_SHM)) - return ERR_PTR(-EINVAL); + if (sec_caps & OPTEE_SMC_SEC_CAP_DYNAMIC_SHM) + pool = optee_config_dyn_shm(); + + /* + * If dynamic shared memory is not available or failed - try static one + */ + if (IS_ERR(pool) && (sec_caps & OPTEE_SMC_SEC_CAP_HAVE_RESERVED_SHM)) + pool = optee_config_shm_memremap(invoke_fn, &memremaped_shm); - pool = optee_config_shm_memremap(invoke_fn, &memremaped_shm, sec_caps); if (IS_ERR(pool)) return (void *)pool; @@ -632,9 +650,6 @@ static struct optee *optee_probe(struct device_node *np) optee_enable_shm_cache(optee); - if (optee->sec_caps & OPTEE_SMC_SEC_CAP_DYNAMIC_SHM) - pr_info("dynamic shared memory is enabled\n"); - pr_info("initialized driver\n"); return optee; err: -- 2.7.4

5 years

[PATCH net-next V4 0/3] Add OP-TEE based bnxt f/w manager

by Sheetal Tigadoli

This patch series adds support for TEE based BNXT firmware management module and the driver changes to invoke OP-TEE APIs to fastboot firmware and to collect crash dump. changes from v3: - address review comments from sumit - fix SZ_4M undeclared error reported by kbuild test robot Vasundhara Volam (2): bnxt_en: Add support to invoke OP-TEE API to reset firmware bnxt_en: Add support to collect crash dump via ethtool Vikas Gupta (1): firmware: broadcom: add OP-TEE based BNXT f/w manager drivers/firmware/broadcom/Kconfig | 8 + drivers/firmware/broadcom/Makefile | 1 + drivers/firmware/broadcom/tee_bnxt_fw.c | 279 ++++++++++++++++++ drivers/net/ethernet/broadcom/bnxt/bnxt.c | 13 +- drivers/net/ethernet/broadcom/bnxt/bnxt.h | 6 + .../net/ethernet/broadcom/bnxt/bnxt_ethtool.c | 37 ++- .../net/ethernet/broadcom/bnxt/bnxt_ethtool.h | 2 + include/linux/firmware/broadcom/tee_bnxt_fw.h | 14 + 8 files changed, 356 insertions(+), 4 deletions(-) create mode 100644 drivers/firmware/broadcom/tee_bnxt_fw.c create mode 100644 include/linux/firmware/broadcom/tee_bnxt_fw.h base-commit: 749234419aeeb275900c2706e1fa078fd7394743 -- 2.17.1

5 years

[PATCH V3 0/3] Add OP-TEE based bnxt f/w manager

by Sheetal Tigadoli

This patch series adds support for TEE based BNXT firmware management module and the driver changes to invoke OP-TEE APIs to fastboot firmware and to collect crash dump. changes from v2: - address review comments from Jakub Vasundhara Volam (2): bnxt_en: Add support to invoke OP-TEE API to reset firmware bnxt_en: Add support to collect crash dump via ethtool Vikas Gupta (1): firmware: broadcom: add OP-TEE based BNXT f/w manager drivers/firmware/broadcom/Kconfig | 8 + drivers/firmware/broadcom/Makefile | 1 + drivers/firmware/broadcom/tee_bnxt_fw.c | 277 ++++++++++++++++++++++ drivers/net/ethernet/broadcom/bnxt/bnxt.c | 13 +- drivers/net/ethernet/broadcom/bnxt/bnxt.h | 6 + drivers/net/ethernet/broadcom/bnxt/bnxt_ethtool.c | 37 ++- drivers/net/ethernet/broadcom/bnxt/bnxt_ethtool.h | 2 + include/linux/firmware/broadcom/tee_bnxt_fw.h | 14 ++ 8 files changed, 354 insertions(+), 4 deletions(-) create mode 100644 drivers/firmware/broadcom/tee_bnxt_fw.c create mode 100644 include/linux/firmware/broadcom/tee_bnxt_fw.h -- 1.9.1

5 years

[PATCH V2 0/3] Add OP-TEE based bnxt f/w manager

by Sheetal Tigadoli

This patch series adds support for TEE based BNXT firmware management module and the driver changes to invoke OP-TEE APIs to fastboot firmware and to collect crash dump. Changes from v1: - address review comemnt from scott, - update error msg and introduce HANDLE_ERROR Macro - address review comment from Greg, - use KBUILD_MODNAME, indent comment, build with COMPILE_TEST Vasundhara Volam (2): bnxt_en: Add support to invoke OP-TEE API to reset firmware bnxt_en: Add support to collect crash dump via ethtool Vikas Gupta (1): firmware: broadcom: add OP-TEE based BNXT f/w manager drivers/firmware/broadcom/Kconfig | 8 + drivers/firmware/broadcom/Makefile | 1 + drivers/firmware/broadcom/tee_bnxt_fw.c | 283 ++++++++++++++++++++++ drivers/net/ethernet/broadcom/bnxt/bnxt.c | 13 +- drivers/net/ethernet/broadcom/bnxt/bnxt.h | 6 + drivers/net/ethernet/broadcom/bnxt/bnxt_ethtool.c | 36 ++- drivers/net/ethernet/broadcom/bnxt/bnxt_ethtool.h | 2 + include/linux/firmware/broadcom/tee_bnxt_fw.h | 14 ++ 8 files changed, 359 insertions(+), 4 deletions(-) create mode 100644 drivers/firmware/broadcom/tee_bnxt_fw.c create mode 100644 include/linux/firmware/broadcom/tee_bnxt_fw.h -- 1.9.1

5 years, 1 month

[PATCH v3] tpm/tpm_ftpm_tee: add shutdown call back

by Pavel Tatashin

Add shutdown call back to close existing session with fTPM TA to support kexec scenario. Add parentheses to function names in comments as specified in kdoc. Signed-off-by: Thirupathaiah Annapureddy <thiruan(a)microsoft.com> Signed-off-by: Pavel Tatashin <pasha.tatashin(a)soleen.com> --- drivers/char/tpm/tpm_ftpm_tee.c | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/drivers/char/tpm/tpm_ftpm_tee.c b/drivers/char/tpm/tpm_ftpm_tee.c index 6640a14dbe48..22bf553ccf9d 100644 --- a/drivers/char/tpm/tpm_ftpm_tee.c +++ b/drivers/char/tpm/tpm_ftpm_tee.c @@ -32,7 +32,7 @@ static const uuid_t ftpm_ta_uuid = 0x82, 0xCB, 0x34, 0x3F, 0xB7, 0xF3, 0x78, 0x96); /** - * ftpm_tee_tpm_op_recv - retrieve fTPM response. + * ftpm_tee_tpm_op_recv() - retrieve fTPM response. * @chip: the tpm_chip description as specified in driver/char/tpm/tpm.h. * @buf: the buffer to store data. * @count: the number of bytes to read. @@ -61,7 +61,7 @@ static int ftpm_tee_tpm_op_recv(struct tpm_chip *chip, u8 *buf, size_t count) } /** - * ftpm_tee_tpm_op_send - send TPM commands through the TEE shared memory. + * ftpm_tee_tpm_op_send() - send TPM commands through the TEE shared memory. * @chip: the tpm_chip description as specified in driver/char/tpm/tpm.h * @buf: the buffer to send. * @len: the number of bytes to send. @@ -208,7 +208,7 @@ static int ftpm_tee_match(struct tee_ioctl_version_data *ver, const void *data) } /** - * ftpm_tee_probe - initialize the fTPM + * ftpm_tee_probe() - initialize the fTPM * @pdev: the platform_device description. * * Return: @@ -298,7 +298,7 @@ static int ftpm_tee_probe(struct platform_device *pdev) } /** - * ftpm_tee_remove - remove the TPM device + * ftpm_tee_remove() - remove the TPM device * @pdev: the platform_device description. * * Return: @@ -328,6 +328,19 @@ static int ftpm_tee_remove(struct platform_device *pdev) return 0; } +/** + * ftpm_tee_shutdown() - shutdown the TPM device + * @pdev: the platform_device description. + */ +static void ftpm_tee_shutdown(struct platform_device *pdev) +{ + struct ftpm_tee_private *pvt_data = dev_get_drvdata(&pdev->dev); + + tee_shm_free(pvt_data->shm); + tee_client_close_session(pvt_data->ctx, pvt_data->session); + tee_client_close_context(pvt_data->ctx); +} + static const struct of_device_id of_ftpm_tee_ids[] = { { .compatible = "microsoft,ftpm" }, { } @@ -341,6 +354,7 @@ static struct platform_driver ftpm_tee_driver = { }, .probe = ftpm_tee_probe, .remove = ftpm_tee_remove, + .shutdown = ftpm_tee_shutdown, }; module_platform_driver(ftpm_tee_driver); -- 2.23.0

5 years, 1 month

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

Tee-dev October 2019