feat: linux: Add docs on OP-TEE Secure Storage

OP-TEE provides secure storage mechanism. Add docs to explain what
it is, its uses and how to compile it.

Signed-off-by: Suhaas Joshi <[email protected]>

Author: jsuhaas22

configs/AM62AX/AM62AX_linux_toc.txt

@@ -95,6 +95,7 @@ linux/Foundational_Components/Power_Management/pm_debug
 
 linux/Foundational_Components/System_Security/SELinux
 linux/Foundational_Components/System_Security/Auth_boot
+linux/Foundational_Components/System_Security/OPTEE_Secure_Storage
 
 linux/Foundational_Components_Kernel_Users_Guide
 linux/Foundational_Components_Kernel_LTP-DDT_Validation

configs/AM62PX/AM62PX_linux_toc.txt

@@ -100,6 +100,7 @@ linux/Foundational_Components/Power_Management/pm_debug
 
 linux/Foundational_Components/System_Security/SELinux
 linux/Foundational_Components/System_Security/Auth_boot
+linux/Foundational_Components/System_Security/OPTEE_Secure_Storage
 
 linux/Foundational_Components_Kernel_Users_Guide
 linux/Foundational_Components_Kernel_LTP-DDT_Validation

configs/AM62X/AM62X_linux_toc.txt

@@ -97,6 +97,7 @@ linux/Foundational_Components/Power_Management/pm_debug
 
 linux/Foundational_Components/System_Security/SELinux
 linux/Foundational_Components/System_Security/Auth_boot
+linux/Foundational_Components/System_Security/OPTEE_Secure_Storage
 
 linux/Foundational_Components_PRU_Subsystem
 linux/Foundational_Components/PRU-ICSS-Linux-Drivers

source/linux/Foundational_Components/System_Security/OPTEE_Secure_Storage.rst

@@ -0,0 +1,135 @@
+.. _optee_secure_storage:
+
+*********************
+OP-TEE Secure Storage
+*********************
+
+There is often the need to store sensitive data securely, and guarantee
+confidentiality and integrity. This data includes cryptographic keys,
+certificates and other application-specific or general-purpose data.
+
+To guarantee such security, OP-TEE offers 2 Secure Storage mechanisms:
+
+#. **REE FS:** OP-TEE stores data in normal world's filesystem, as encrypted
+   binary blobs.
+#. **RPMB:** OP-TEE stores data in a special partition of compliant storage
+   devices such as embedded Multimedia Card (eMMC) and Universal Flash Storage
+   (UFS).
+
+REE FS
+======
+
+**REE FS** stands for *Rich Execution Environment Filesystem*; that is, Linux's
+filesystem on TI SoCs. When the TA needs to store any data in REE FS mode,
+OP-TEE first encrypts and stores the data. This is done through the TEE (Trusted
+Execution Environment) Linux driver using the user-space process
+`tee-supplicant`.
+
+While REE FS guarantees confidentiality of the data (that is, only the TA that
+encrypted it can decrypt it), it does not offer any protection against
+denial-of-service attacks (that is, if attacker compromises Linux root, the attacker can
+delete these blobs). Further, unless the configuration enables RPMB, there's no
+protection offered against replay attacks.
+
+In TI SDK, REE FS is enabled by default. SDK disables RPMB by-default, therefore
+OP-TEE does not offer protection against replay attacks. The encrypted binary blobs are
+stored at ``/var/lib/tee/``.
+
+RPMB
+====
+
+**RPMB** stands for *Replay Protection Memory Block*. Storage devices such as
+the eMMC on TI SoCs contain a special "RPMB partition". This partition uses an
+"Authentication Key" to authenticate each write. Further, it maintains a counter
+to count the number of write operation, thereby ensuring protection against
+replay attacks.
+
+RPMB does not guarantee confidentiality. Data from the RPMB partition can be
+read by any process without requiring the Authentication Key. Therefore,
+to ensure confidentiality, the application must enable encryption or use RPMB in
+conjunction with REE FS.
+
+For more information on compiling OP-TEE with RPMB enabled, refer: :ref:`optee-rpmb-flags`.
+
+.. _optee-client-rpmb:
+
+OP-TEE Client and RPMB Emulation Mode
+-------------------------------------
+
+The optee-client repository offers a user-space process called
+"tee-supplicant", in ``/usr/sbin/``. This process runs as a systemd service
+by-default. All OP-TEE operations on secure storage (regardless of whether they
+are REE_FS or RPMB) go through tee-supplicant.
+
+OP-TEE client has a flag "RPMB_EMU". When set to `1`, tee-supplicant
+emulates RPMB instead of using the real RPMB on the eMMC. This is useful for
+testing and development activities. This "emulated RPMB" exists only in volatile
+memory, so it is reset at each boot.
+
+One use-case for "emulated RPMB" is to test the programming of the
+Authentication Key, using ``CFG_RPMB_WRITE_KEY=y`` option. Since this is a one-time
+and irreversible operation on the real RPMB, it is safer to test it on the
+emulated one, which is reset at every boot.
+
+Therefore, to use real RPMB, re-compile optee-client with RPMB_EMU=0 and copy
+the tee-supplicant to ``/usr/sbin/``. For more details, see: :ref:`optee-client-build`.
+
+
+Programming the Authentication Key
+----------------------------------
+
+Initially, on a new TI board, there's no key programmed into the eMMC for the
+RPMB.
+
+There are 2 ways to program the key:
+
+#. Use tools such ``mmc-utils`` to write the key.
+#. Use the ``CFG_RPMB_WRITE_KEY=y`` flag while compiling OP-TEE.
+
+The recommended approach is to use 3rd party tools such as
+``mmc-utils``. ``CFG_RPMB_WRITE_KEY=y`` makes OP-TEE send the key to the normal
+world in plain text. Therefore always disable it in production builds.
+
+If ``CFG_RPMB_WRITE_KEY=y`` is being used for programming the key in factory,
+then 2 sets of OP-TEE binaries are required:
+
+#. the first, with ``CFG_RPMB_WRITE_KEY=y``, to program the key.
+#. the second, with ``CFG_RPMB_WRITE_KEY=n``, for use in production.
+
+.. warning::
+
+   If configuration enables ``CFG_RPMB_WRITE_KEY``, OP-TEE sends the key in
+   plain text to Linux normal world. Therefore, ensure that it is **never**
+   enabled in production builds. To avoid accidents, the recommended way is to
+   **never**  use ``CFG_RPMB_WRITE_KEY=y`` at all, and instead to just rely on
+   third-party tools like ``mmc-utils``.
+
+.. warning::
+
+   The RPMB Authentication Key is one-time programmable only. Once written, it
+   cannot be re-written or modified. Thus if the user writes the wrong key, or
+   loses the key, the RPMB partition becomes un-usable. Be careful in writing
+   the key.
+
+   If configuration enables ``CFG_RPMB_WRITE_KEY``, and tee-supplicant operates
+   in emulated RPMB mode, then OP-TEE programs the key to the emulated RPMB,
+   which resets at each boot. This is good for testing and development phase.
+
+   However, if configuration has RPMB_EMU=0 with ``CFG_RPMB_WRITE_KEY``, or you
+   are using other tools, then the key is programmed to the real RPMB, therefore
+   be careful!
+
+
+OP-TEE Secure Storage Example
+*****************************
+
+To show secure storage in OP-TEE, use the
+``optee_examples_secure_storage`` binary in the filesystem.
+
+.. code::
+
+   optee_examples_secure_storage
+
+This example reads and writes raw data from and to the secure storage. This
+secure storage could be either REE_FS or RPMB or both, based on
+configuration. By default, it is REE_FS.

source/linux/Foundational_Components_OPTEE.rst

@@ -75,6 +75,7 @@ of entropy can work around these issues.
 
    $ make CROSS_COMPILE="$CROSS_COMPILE_32" CROSS_COMPILE64="$CROSS_COMPILE_64" PLATFORM=k3-|__OPTEE_PLATFORM_FLAVOR__| CFG_ARM64_core=y CFG_WITH_SOFTWARE_PRNG=y
 
+.. _optee-rpmb-flags:
 
 Secure Storage with RPMB (For HS)
 *********************************
@@ -84,10 +85,31 @@ KEK embedded in them that is programmed across OP-TEE instances that are distrib
 in a derived manner. Each HS device has its own HUK signing key (DKEK) which is different
 from other HS devices.
 
+To learn more about secure storage in OP-TEE, refer: :ref:`optee_secure_storage`.
+
 For enabling RPMB support along with secure storage, additional flags need to be passed to
 the build instructions. The information for the flags can be found here.
 https://optee.readthedocs.io/en/latest/architecture/secure_storage.html
 
+Two flags of interest are:
+
+#. ``CFG_RPMB_FS=y``: Enables RPMB support.
+#. ``CFG_RPMB_WRITE_KEY=y``: Enables OP-TEE to write the Authentication Key if a
+   key is not already programmed.
+
+.. warning::
+
+   Never enable ``CFG_RPMB_WRITE_KEY`` in a production build. It makes
+   OP-TEE send the Authentication Key in plain text to normal world, which is a
+   huge security risk. Keep it disabled in production builds.
+
+.. note::
+
+   ``CFG_RPMB_WRITE_KEY`` is a convenience feature provided by OP-TEE for easy key
+   writing. It is possible to write a key even without it. That is, in fact, the
+   recommended approach to writing a key. To write a key without
+   ``CFG_RPMB_WRITE_KEY``, use third-party tools such as ``mmc-utils``.
+
 There is a hybrid mode in which both the flags i.e `CFG_REE_FS=y` and `CFG_RPMB_FS=y` are enabled.
 This mode stores the state of the Secure Storage directory in RPMB partition to check for the
 integrity of the data present in it. It is the recommended way.
@@ -107,15 +129,27 @@ E.g. For enabling hybrid mode of RPMB along with REE_FS
 OPTEE-client also needs to be updated to enable the use of real
 emmc instead of the virtual emmc that is enabled by default
 
+.. _optee-client-build:
+
 Getting OP-TEE Client source code
 ---------------------------------
 
+To get optee_client source code, do:
+
+.. rubric:: Getting OP-TEE Client source code
+
 .. code-block:: console
 
   $ git clone https://github.com/OP-TEE/optee_client
 
 .. rubric:: Building OP-TEE Client with RPMB support
 
+To use emulated RPMB, set RPMB_EMU=1. Otherwise, set RPMB_EMU=0. For details,
+see: :ref:`optee-client-rpmb`.
+
+For example, the following command builds optee_client to use the real RPMB,
+instead of the emulated one.
+
 .. code-block:: console
 
   $ make CROSS_COMPILE="$CROSS_COMPILE_64" PLATFORM=k3 CFG_TEE_SUPP_LOG_LEVEL=2 RPMB_EMU=0 CFG_ARM64_core=y

source/linux/Foundational_Components_Security.rst

@@ -11,3 +11,4 @@ Security
    Foundational_Components_Secure_Boot
    Foundational_Components/System_Security/SELinux
    Foundational_Components/System_Security/Auth_boot
+   Foundational_Components/System_Security/OPTEE_Secure_Storage