core: arm64: add add_imm and sub_imm assembly macros

Adds the add_imm and sub_imm assembly macros capable of adding or
subtracting a 24-bit immediate value to or from a general purpose
register.

Si

core: arm64: add add_imm and sub_imm assembly macros

Adds the add_imm and sub_imm assembly macros capable of adding or
subtracting a 24-bit immediate value to or from a general purpose
register.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

arm64: Introduce permissive PAN implementation

Privileged Access Never (PAN) is a part of ARMv8.1 extension that
restricts accesses to unprivileged memory from privileged mode
in order to prevent un

arm64: Introduce permissive PAN implementation

Privileged Access Never (PAN) is a part of ARMv8.1 extension that
restricts accesses to unprivileged memory from privileged mode
in order to prevent unintended accesses to potentially malicious
memory.

This introduces configuration of PAN and helper functions
enter_user_access() and exit_user_access() that toggles PSTATE.PAN
that controls the behavior of PAN.

Current OP-TEE impelmentation is not ready to apply strict PAN policy
due to missing user-access function uses, etc.

Hence, this patch takes a very permissive approach (yet better
than nothing), where PAN is deactivated in the entire lifetime of
thread_svc_handler (i.e., system call).

Signed-off-by: Seonghyun Park <seonghp@amazon.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

Add basic pointer authentication support for TA's

APIAKey is used for usespace TA's where these keys are generated
for every TA at load time. The TEE core maintains the key value
for each TA is resp

Add basic pointer authentication support for TA's

APIAKey is used for usespace TA's where these keys are generated
for every TA at load time. The TEE core maintains the key value
for each TA is responsible for storing/restorign them during
switch to EL0 and back.

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: panic at unexpected smc return

Certain smc's are not expected to return. Prior to this patch in order
to guard against unexpected return a "b ." instruction was added after
each such smc to at

core: panic at unexpected smc return

Certain smc's are not expected to return. Prior to this patch in order
to guard against unexpected return a "b ." instruction was added after
each such smc to at least capture the cpu. With the introduction of FF-A
TF-A may in case there's a mismatch between OP-TEE and TF-A
configuration return some error code when an unrecognized smc is
encountered. The result is typically that the boot hangs after the print:
I/TC: Primary CPU switching to normal world boot

To help diagnosing such errors a call to panic is added after
each smc which isn't expected to return. The result becomes instead:
I/TC: Primary CPU switching to normal world boot
E/TC:0 Panic at core/arch/arm/kernel/boot.c:122 <__panic_at_smc_return>
E/TC:0 TEE load address @ 0xe100000
E/TC:0 Call stack:
E/TC:0 0x0e10d23c
E/TC:0 0x0e124848
E/TC:0 0x0e10be60

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm64: add adr_l assembly macro

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

Remove 'All rights reserved' from Linaro files

The text 'All rights reserved' is useless [1]. The Free Software
Foundation's REUSE Initiative best practices document [2] does not
contain these words

Remove 'All rights reserved' from Linaro files

The text 'All rights reserved' is useless [1]. The Free Software
Foundation's REUSE Initiative best practices document [2] does not
contain these words. Therefore, we can safely remove the text from the
files that are owned by Linaro.

Generated by:
spdxify.py --linaro-only --strip-arr optee_os/

Link: [1] https://en.wikipedia.org/wiki/All_rights_reserved
Link: [2] https://reuse.software/practices/
Link: [3] https://github.com/jforissier/misc/blob/f7b56c8/spdxify.py
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

Remove license notice from Linaro files

Now that we have added SPDX identifiers, we can safely remove the
verbose license text from the files that are owned by Linaro.

Generated by [1]:
spdxify.p

Remove license notice from Linaro files

Now that we have added SPDX identifiers, we can safely remove the
verbose license text from the files that are owned by Linaro.

Generated by [1]:
spdxify.py --linaro-only --strip-license-text optee_os/

Link: [1] https://github.com/jforissier/misc/blob/f7b56c8/spdxify.py
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

Add SPDX license identifiers

Adds one SPDX-License-Identifier line [1] to each source files that
contains license text.

Generated by [2]:
spdxify.py --add-spdx optee_os/

The scancode tool [3] wa

Add SPDX license identifiers

Adds one SPDX-License-Identifier line [1] to each source files that
contains license text.

Generated by [2]:
spdxify.py --add-spdx optee_os/

The scancode tool [3] was used to double check the license matching
code in the Python script. All the licenses detected by scancode are
either detected by spdxify.py, or have no SPDX identifier, or are false
matches.

Link: [1] https://spdx.org/licenses/
Link: [2] https://github.com/jforissier/misc/blob/f7b56c8/spdxify.py
Link: [3] https://github.com/nexB/scancode-toolkit
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

core: arm64: add mov_imm assembly macro

Implement a macro mov_imm that can be used to move an immediate constant
into a 64-bit register, using between 2 and 4 movz/movk instructions
(depending on th

core: arm64: add mov_imm assembly macro

Implement a macro mov_imm that can be used to move an immediate constant
into a 64-bit register, using between 2 and 4 movz/movk instructions
(depending on the operand)

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

arm: add Aarch64 (aka ARM64) support

* Adds support for ARM64 in plat-vexpress
* The name of the ARM64 instruction set is, hence _a64.S suffix to ARM64
assembly files to keep them apart from the A

arm: add Aarch64 (aka ARM64) support

* Adds support for ARM64 in plat-vexpress
* The name of the ARM64 instruction set is, hence _a64.S suffix to ARM64
assembly files to keep them apart from the A32 assembly files.
* ARM64 specific C code is inside #ifdef ARM64

The ARM64 port has all features of the ARM32 port with the exception of:
* Paging not supported
* No crypto ARMv8 crypto extensions implemented

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU, FVP, Juno)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...