From: Yi Chou <yich@chromium.org>
To: Rob Herring <robh@kernel.org>
Cc: devicetree-spec@vger.kernel.org,
krzysztof.kozlowski+dt@linaro.org, yich@google.com,
chenyian@google.com, jens.wiklander@linaro.org,
jkardatzke@google.com, sjg@chromium.org,
etienne.carriere@linaro.org, jwerner@chromium.org,
Yi Chou <yich@chromium.org>
Subject: [PATCH v2] schemas: Add Google Widevine initialization parameters
Date: Mon, 13 Nov 2023 15:48:54 +0800 [thread overview]
Message-ID: <20231113075249.3807225-1-yich@chromium.org> (raw)
The necessary fields to initialize the Widevine related functions in
OP-TEE.
Widevine is Google's content protection system for DRM (Digital rights
management) contents.
Signed-off-by: Yi Chou <yich@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
---
The previous discussion in the OP-TEE:
https://github.com/OP-TEE/optee_os/pull/6418
The reviewer prefer us remove the compatible string.
And they prefer the /options/op-tee/widevine node.
Changes in v2:
- Change all "widevine" to "Widevine".
- Fix the prefix of properties.
- Add the description of Widevine in description.
- Add the usage restriction in the description.
.../options/op-tee/google,widevine.yaml | 79 +++++++++++++++++++
1 file changed, 79 insertions(+)
create mode 100644 dtschema/schemas/options/op-tee/google,widevine.yaml
diff --git a/dtschema/schemas/options/op-tee/google,widevine.yaml b/dtschema/schemas/options/op-tee/google,widevine.yaml
new file mode 100644
index 0000000..742e519
--- /dev/null
+++ b/dtschema/schemas/options/op-tee/google,widevine.yaml
@@ -0,0 +1,79 @@
+# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
+%YAML 1.2
+---
+$id: http://devicetree.org/schemas/options/op-tee/google,widevine.yaml#
+$schema: http://devicetree.org/meta-schemas/core.yaml#
+
+title: Google Widevine initialization parameters
+
+maintainers:
+ - Jeffrey Kardatzke <jkardatzke@chromium.org>
+ - Yi Chou <yich@chromium.org>
+
+description:
+ Widevine is Google's content protection system for DRM (digital rights
+ management) contents.
+ The necessary fields to initialize the Widevine related functions in
+ OP-TEE. This node does not represent a real device, but serves as a
+ place for passing data between firmware and OP-TEE.
+ The content of this node should not be shared with the Linux kernel.
+
+properties:
+ op-tee,hardware-unique-key:
+ $ref: /schemas/types.yaml#/definitions/uint8-array
+ maxItems: 32
+ description: |
+ The hardware-unique key of the OP-TEE. It will be used to derive
+ the secure storage key.
+ For more information, please reference:
+ https://optee.readthedocs.io/en/latest/architecture/porting_guidelines.html#hardware-unique-key
+
+ tcg,tpm-auth-public-key:
+ $ref: /schemas/types.yaml#/definitions/uint8-array
+ maxItems: 1024
+ description: |
+ The TPM auth public key. Used to communicate the TPM from OP-TEE.
+ The format of data should be TPM2B_PUBLIC.
+ For more information, please reference the 12.2.5 section:
+ https://trustedcomputinggroup.org/wp-content/uploads/TCG_TPM2_r1p59_Part2_Structures_pub.pdf
+
+ google,widevine-root-of-trust-ecc-p256:
+ $ref: /schemas/types.yaml#/definitions/uint8-array
+ maxItems: 32
+ description: |
+ The Widevine root of trust secret. Used to sign the Widevine
+ request in OP-TEE. The value is an ECC NIST P-256 scalar.
+ For more information, please reference the G.1.2 section:
+ https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-186.pdf
+
+required:
+ - op-tee,hardware-unique-key
+ - tcg,tpm-auth-public-key
+ - google,widevine-root-of-trust-ecc-p256
+
+additionalProperties: false
+
+examples:
+ - |
+ options {
+ google,widevine {
+ op-tee,hardware-unique-key = [
+ 12 f7 98 d2 0e d2 85 92 a5 82 bf 98 b8 99 2b c0
+ c6 6f 19 85 79 86 65 18 55 eb ff 9b 6c c0 ac 27
+ ];
+ tcg,tpm-auth-public-key = [
+ 00 76 00 23 00 0b 00 02 04 b2 00 20 e1 47 bf 27
+ e1 74 30 c8 16 ab 72 4d 5c 77 e1 5c 61 2d 56 81
+ b3 35 cd 9d eb 67 41 37 69 f0 32 41 00 10 00 10
+ 00 03 00 10 00 20 70 9a df 50 f9 0f d5 f4 40 e0
+ ea 2c e8 f2 26 9f 0e 5c 02 70 16 c3 6c c1 83 03
+ 2d 04 10 bd 85 7a 00 20 83 03 c2 66 6e 01 32 34
+ 5c 5e 80 22 c7 48 24 3c 70 6b b8 e4 24 42 74 a9
+ cf fc ab f8 30 e9 de 51
+ ];
+ google,widevine-root-of-trust-ecc-p256 = [
+ ac 0d 86 c3 d7 b5 b7 a2 6f c3 d9 93 f7 de bc bb
+ d5 c4 25 9b 21 5f 36 af b5 dd 6d 29 9d 08 c0 10
+ ];
+ };
+ };
--
2.42.0.869.gea05f2083d-goog
next reply other threads:[~2023-11-13 7:53 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-13 7:48 Yi Chou [this message]
2024-01-08 17:40 ` [PATCH v2] schemas: Add Google Widevine initialization parameters Jeffrey Kardatzke
2024-01-08 18:53 ` Krzysztof Kozlowski
2024-01-09 3:44 Yi Chou
2024-01-11 18:30 ` Jeffrey Kardatzke
2024-01-11 19:39 ` Krzysztof Kozlowski
2024-01-11 20:16 ` Rob Herring
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231113075249.3807225-1-yich@chromium.org \
--to=yich@chromium.org \
--cc=chenyian@google.com \
--cc=devicetree-spec@vger.kernel.org \
--cc=etienne.carriere@linaro.org \
--cc=jens.wiklander@linaro.org \
--cc=jkardatzke@google.com \
--cc=jwerner@chromium.org \
--cc=krzysztof.kozlowski+dt@linaro.org \
--cc=robh@kernel.org \
--cc=sjg@chromium.org \
--cc=yich@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.