diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000000000000000000000000000000000000..5fb3ae8c49218f88b17609f021bb83657f07d2d4
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,13 @@
+.PHONY: clean tmm seal
+
+all: tmm seal
+
+tmm:
+	make -C tmm_driver/src
+
+seal:
+	make -C sealing_key/src
+
+clean:
+	make clean -C tmm_driver/src
+	make clean -C sealing_key/src
\ No newline at end of file
diff --git a/sealing_key/src/Makefile b/sealing_key/src/Makefile
new file mode 100644
index 0000000000000000000000000000000000000000..5df4ddc53bb75f8a62e64208f14945ef328568e8
--- /dev/null
+++ b/sealing_key/src/Makefile
@@ -0,0 +1,12 @@
+obj-m += sealing_key.o
+# Otherwise we were called directly from the command
+# line; invoke the kernel build system.
+KERNEL_DIR=/usr/src/kernels/$(shell uname -r)
+PWD:=$(shell pwd)
+
+modules:
+	$(MAKE) -C $(KERNEL_DIR) M=$(PWD) modules
+modules_install:
+	$(MAKE) -C $(KERNEL_DIR) M=$(PWD) modules_install
+clean:
+	$(MAKE) -C $(KERNEL_DIR) M=$(PWD) clean
\ No newline at end of file
diff --git a/sealing_key/src/sealing_key.c b/sealing_key/src/sealing_key.c
new file mode 100644
index 0000000000000000000000000000000000000000..cdb844b06329d6d88d87fbe487c63afe34b65906
--- /dev/null
+++ b/sealing_key/src/sealing_key.c
@@ -0,0 +1,181 @@
+/*
+ * get cvm sealing key driver for Linux
+ *
+ * Copyright (C) 2024 Huawei Technologies Co., Ltd.
+ *
+ * This driver provide huk derive key.
+ */
+
+#include <linux/slab.h>
+#include <linux/init.h>
+#include <linux/module.h>
+#include <linux/fs.h>
+#include <linux/cdev.h>
+#include <linux/uaccess.h>
+#include <linux/ioctl.h>
+#include <linux/arm-smccc.h>
+
+#define SEALING_KEY_LEN 32
+#define SEALING_SALT_LEN 64
+
+struct sealing_key_params {
+    uint32_t alg;
+    uint8_t salt[SEALING_SALT_LEN];
+    uint32_t salt_len;
+    uint8_t sealing_key[SEALING_KEY_LEN];
+};
+
+#define SEALING_KEY_DEV "sealingkey"
+#define SEAL_KEY_IOC_MAGIC 'd'
+#define IOCTL_SEALING_KEY _IOWR(SEAL_KEY_IOC_MAGIC, 0, struct sealing_key_params)
+
+#define ERR(fmt, args...) (void)pr_err("[%s][%s] " fmt "\n", SEALING_KEY_DEV, __func__, ##args)
+#define INFO(fmt, args...) (void)pr_info("[%s][%s] " fmt "\n", SEALING_KEY_DEV, __func__, ##args)
+
+#define SMC_TSI_CALL_BASE 0xC4000000
+#define SMC_TSI_FID(_x) (SMC_TSI_CALL_BASE + (_x))
+#define SMC_TSI_HUK_DERIVE_KEY SMC_TSI_FID(0x19B)
+
+static struct class *g_driver_class;
+static dev_t g_devno;
+static struct cdev g_cdev;
+
+static int smc_sealing_key(uint32_t alg, void *salt, uint32_t salt_len, void *key_buf)
+{
+    struct arm_smccc_res res = {0};
+    arm_smccc_1_1_smc(SMC_TSI_HUK_DERIVE_KEY, alg, virt_to_phys(salt), salt_len, virt_to_phys(key_buf), &res);
+
+    return res.a0;
+}
+
+static int cmd_get_sealing_key(void __user *argp)
+{
+    struct sealing_key_params seal_params = {0};
+    int ret = 0;
+    uint8_t *salt = NULL;
+    uint8_t *sealing_key = NULL;
+
+    if (!argp) {
+        ERR("args is NULL\n");
+        return -EINVAL;
+    }
+
+    ret = copy_from_user(&seal_params, argp, sizeof(struct sealing_key_params));
+    if (ret) {
+        ERR("copy huk params failed");
+        return ret;
+    }
+
+    if (seal_params.salt_len != 0) {
+        salt = kzalloc(seal_params.salt_len, GFP_KERNEL);
+        if (!salt) {
+            ERR("malloc memory failed");
+            return -ENOMEM;
+        }
+        (void)memcpy(salt, seal_params.salt, seal_params.salt_len);
+    }
+
+    sealing_key = kzalloc(SEALING_KEY_LEN, GFP_KERNEL);
+    if (!sealing_key) {
+        ERR("malloc memory failed");
+        ret = -ENOMEM;
+        goto free_umem;
+    }
+
+    ret = smc_sealing_key(seal_params.alg, salt, seal_params.salt_len, sealing_key);
+    if (ret != SMCCC_RET_SUCCESS) {
+        ERR("got sealing key by smc failed, ret: %d\n", ret);
+        goto free_kmem;
+    }
+
+    (void)memset(seal_params.sealing_key, 0, SEALING_KEY_LEN);
+    (void)memcpy(seal_params.sealing_key, sealing_key, SEALING_KEY_LEN);
+    ret = copy_to_user(argp, &seal_params, sizeof(struct sealing_key_params));
+    if (ret) {
+        ERR("copy result failed");
+    }
+
+free_kmem:
+    kfree(sealing_key);
+free_umem:
+    kfree(salt);
+    return ret;
+}
+
+static long seal_device_ioctl(struct file *fp, unsigned int cmd, unsigned long arg)
+{
+    int ret = 0;
+    void *argp = (void __user *)(uintptr_t)arg;
+
+    switch (cmd) {
+    case IOCTL_SEALING_KEY:
+        ret = cmd_get_sealing_key(argp);
+        break;
+    default:
+        ERR("invalid command %d", cmd);
+        ret = -ENOTTY;
+    }
+
+    return ret;
+}
+
+static struct file_operations g_seal_fops = {
+    .owner = THIS_MODULE,
+    .unlocked_ioctl = seal_device_ioctl,
+};
+
+static int __init seal_init(void)
+{
+    int ret;
+    struct device *class_dev = NULL;
+
+    g_driver_class = class_create(THIS_MODULE, SEALING_KEY_DEV);
+    if (IS_ERR_OR_NULL(g_driver_class)) {
+        ERR("class create failed");
+        return -ENOMEM;
+    }
+
+    ret = alloc_chrdev_region(&g_devno, 0, 1, SEALING_KEY_DEV);
+    if (ret < 0) {
+        ERR("alloc_chrdev_region failed!");
+        goto free_class;
+    }
+    INFO("MAJOR is %d, MINOR is %d", MAJOR(g_devno), MINOR(g_devno));
+    class_dev = device_create(g_driver_class, NULL, g_devno, NULL, SEALING_KEY_DEV);
+    if (IS_ERR_OR_NULL(class_dev)) {
+        ERR("device create failed");
+        ret = -ENOMEM;
+        goto unreg_chrdev;
+    }
+
+    cdev_init(&g_cdev, &g_seal_fops);
+    ret = cdev_add(&g_cdev, g_devno, 1);
+    if (ret < 0) {
+        ERR("cdev_add failed");
+        goto free_device;
+    }
+    INFO("module init success");
+    return 0;
+
+free_device:
+    device_destroy(g_driver_class, g_devno);
+unreg_chrdev:
+    unregister_chrdev_region(g_devno, 1);
+free_class:
+    class_destroy(g_driver_class);
+    return ret;
+}
+
+static void __exit seal_exit(void)
+{
+    device_destroy(g_driver_class, g_devno);
+    cdev_del(&g_cdev);
+    unregister_chrdev_region(g_devno, 1);
+    class_destroy(g_driver_class);
+    INFO("module exited");
+    return;
+}
+
+module_init(seal_init);
+module_exit(seal_exit);
+MODULE_LICENSE("GPL");
\ No newline at end of file
diff --git a/tmm_driver/tmm_driver.spec b/tmm_driver/tmm_driver.spec
deleted file mode 100644
index 81bba56580d5c33f8c2283f5e2874f1323920911..0000000000000000000000000000000000000000
--- a/tmm_driver/tmm_driver.spec
+++ /dev/null
@@ -1,50 +0,0 @@
-# spec file for package tmm_driver
-#
-# Copyright (c) Huawei Technologies Co., Ltd. 2024. All rights reserved.
-#
-%global debug_package %{nil}
-%define kmod_name tmm_driver
-Name         :  %{kmod_name}-kmod
-Summary      :  %{kmod_name}.ko
-Version      :  1.0
-Release      :  0.1
-License      :  GPLV2
-Group        :  System/Kernel
-Source0      :  %{kmod_name}.tar.gz
-BuildRoot    :  %{_tmppath}/%{kmod_name}-%{version}-build
-BuildRequires:  dos2unix
-Requires     :  rpm coreutils
-
-%define module_dir 5.10.0-virtcca/tmm
-%define module_ko       %{kmod_name}.ko
-
-%description
-%{name} module
-
-%prep
-%setup -q -n%{kmod_name}
-
-%build
-cd %_builddir/%{kmod_name}/src
-make
-
-%install
-mkdir -p %{buildroot}/lib/modules/%{module_dir}
-install -m 0640 %_builddir/%{kmod_name}/src/%{module_ko}        %{buildroot}/lib/modules/%{module_dir}
-
-%clean
-rm -rf %{buildroot}
-
-%files
-%defattr(-,root,root)
-%attr(0640,root,root) /lib/modules/%{module_dir}/%{module_ko}
-
-%post
-insmod /lib/modules/%{module_dir}/%{module_ko}
-
-%postun
-rmmod %{module_ko}
-
-%changelog
-* Fri May 10 2024 huawei
-    version 1.0 release 0.1
\ No newline at end of file