arm - OpenGrok history log for /optee

Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
d93190aa	26-Feb-2019	Jerome Forissier <jerome.forissier@linaro.org>	core: user_ta: load_elf(): return meaningful error code If any error is encountered when the TEE core attempts to load a TA from TA storage, the next storage is tried and so on until the TA is succe core: user_ta: load_elf(): return meaningful error code If any error is encountered when the TEE core attempts to load a TA from TA storage, the next storage is tried and so on until the TA is successfully loaded or there is no more storage to try. In this case, a generic error code (TEE_ERROR_ITEM_NOT_FOUND) is returned to the caller of load_elf() and ultimately to the client. This is not super useful, especially when debug traces are disabled, because the user has no way to differentiate a true "not found" situation (which might be a configuration or deployement issue) from an issue with the TA file itself or an out-of-memory condition etc. This commit changes the return code of load_elf() to better reflect the errors. When load_elf_from_store() returns TEE_ERROR_ITEM_NOT_FOUND or TEE_ERROR_STORAGE_NOT_AVAILABLE, the next storage is tried. Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... kernel/user_ta.c
e61fc00f	19-Apr-2019	Sandeep Tripathy <sandeep.tripathy@broadcom.com>	drivers: bcm_gpio: add IPROC GPIO driver low level driver for Broadcom IPROC GPIO controller. Signed-off-by: Sandeep Tripathy <sandeep.tripathy@broadcom.com> Acked-by: Etienne Carriere <etienne.car drivers: bcm_gpio: add IPROC GPIO driver low level driver for Broadcom IPROC GPIO controller. Signed-off-by: Sandeep Tripathy <sandeep.tripathy@broadcom.com> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Victor Chong <victor.chong@linaro.org> show more ... plat-bcm/conf.mk /optee_os/core/drivers/bcm_gpio.c /optee_os/core/drivers/sub.mk /optee_os/core/include/drivers/bcm_gpio.h
7695df05	02-Apr-2019	Sandeep Tripathy <sandeep.tripathy@broadcom.com>	plat-bcm: update platform configurations -add more device ranges and definitions. -fix dynamic shm api. -cleanup plaform def. -enable PL022 SPI, bcm HWRNG and bcm SOTP driver. Acked-by: Etienne Car plat-bcm: update platform configurations -add more device ranges and definitions. -fix dynamic shm api. -cleanup plaform def. -enable PL022 SPI, bcm HWRNG and bcm SOTP driver. Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Sandeep Tripathy <sandeep.tripathy@broadcom.com> show more ... plat-bcm/conf.mk plat-bcm/main.c plat-bcm/platform_config.h
f9044cdb	02-Apr-2018	Peng Fan <peng.fan@nxp.com>	core: arm: imx: handle errata 845369 Under very rare timing circumstances, a data corruption might occur on a dirty cache line that is evicted from the L1 Data Cache due to another cache line being core: arm: imx: handle errata 845369 Under very rare timing circumstances, a data corruption might occur on a dirty cache line that is evicted from the L1 Data Cache due to another cache line being entirely written. Configurations affected: This erratum affects configurations with either: - One processor if the ACP is present - Two or more processors This erratum can be worked round by setting bit[22] of the undocumented Diagnostic Control Register to 1. This register is encoded as CP15 c15 0 c0 1. The bit can be written in Secure state only, with the following. Read/Modify/Write code sequence: MRC p15,0,rt,c15,c0,1 ORR rt,rt,#0x00400000 MCR p15,0,rt,c15,c0,1 Signed-off-by: Peng Fan <peng.fan@nxp.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> show more ... plat-imx/a9_plat_init.S
0eac5b57	02-Apr-2018	Peng Fan <peng.fan@nxp.com>	core: arm: imx: a9: tune ACTLR Tune ACTLR. To SLL, the value is 0xE at runtime. To others, the value should be 0x4F at runtime. Bit3 will be enabled when enable L2. The SMP bit for i.MX6SLL needs t core: arm: imx: a9: tune ACTLR Tune ACTLR. To SLL, the value is 0xE at runtime. To others, the value should be 0x4F at runtime. Bit3 will be enabled when enable L2. The SMP bit for i.MX6SLL needs to be make ldrex/strex instruction work properly. Signed-off-by: Peng Fan <peng.fan@nxp.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> show more ... plat-imx/a9_plat_init.S
a75fcd2c	02-Apr-2018	Peng Fan <peng.fan@nxp.com>	core: arm: imx: a7: set L1 Data prefetch The default value of L1PCTL field in ACTLR is 0x3, which is "3 outstanding pre-fetches permitted", the value should not be override with 0 to decrease the pe core: arm: imx: a7: set L1 Data prefetch The default value of L1PCTL field in ACTLR is 0x3, which is "3 outstanding pre-fetches permitted", the value should not be override with 0 to decrease the performance. Signed-off-by: Peng Fan <peng.fan@nxp.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> show more ... plat-imx/a7_plat_init.S /optee_os/core/lib/libtomcrypt/mpi_desc.c /optee_os/lib/libmbedtls/mbedtls/library/bignum.c
27b5e34b	18-Feb-2019	Volodymyr Babchuk <vlad.babchuk@gmail.com>	core: Introduce OPTEE_SMC_GET_THREAD_COUNT This call should be used to query OP-TEE about number of threads (basically, CFG_NUM_THREADS build option). It is introduced after discussion at [1] about core: Introduce OPTEE_SMC_GET_THREAD_COUNT This call should be used to query OP-TEE about number of threads (basically, CFG_NUM_THREADS build option). It is introduced after discussion at [1] about possibility to read number of supported threads. It is needed for XEN OP-TEE mediator to mitigate possible DoS from virtual guest. If XEN knows number of OP-TEE threads, it can limit number of standard calls from the guest on own side. Also, it can be used by optee client driver, to ratelimit number of calls from its side. Link: [1] https://lists.xenproject.org/archives/html/xen-devel/2019-01/msg01460.html Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jerome Forissier <jerome.forissier@linaro.org> show more ... include/sm/optee_smc.h tee/entry_fast.c /optee_os/core/drivers/pl022_spi.c /optee_os/core/drivers/pl061_gpio.c /optee_os/core/tee/tee_svc_storage.c
bccaa847	15-Apr-2019	Jerome Forissier <jerome.forissier@linaro.org>	core: arm: kern.ld.S: minimize padding between .heap1 and .nozi When OP-TEE is build with CFG_WITH_LPAE=y, the things stored in the .nozi section do not need to be aligned on more than 4 KiB. Only t core: arm: kern.ld.S: minimize padding between .heap1 and .nozi When OP-TEE is build with CFG_WITH_LPAE=y, the things stored in the .nozi section do not need to be aligned on more than 4 KiB. Only the non-LPAE case requires 16 KiB alignment for the L1 page table. Use an #ifdef to minimize the extra space between .heap1 and .nozi, thus making the heap size closer to what is requested by CFG_CORE_HEAP_SIZE. This can be useful when trying to minimize the size of the TEE core binary, which could otherwise be bigger than necessary by as much as 12 KiB. Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... kernel/kern.ld.S
1601a3c5	12-Apr-2019	Jerome Forissier <jerome.forissier@linaro.org>	core: arm: kern.ld.S: use ABSOLUTE() in some assertions Symbols defined inside output sections are relative to the section start. Therefore, when we want to check the actual address, we need to appl core: arm: kern.ld.S: use ABSOLUTE() in some assertions Symbols defined inside output sections are relative to the section start. Therefore, when we want to check the actual address, we need to apply the ABSOLUTE() builtin function to the symbol. Note that symbols defined outside output sections are absolute by default, and therefore need not be treated the same. kern.ld.S has two incorrect assertions which can never fail, because the value that is checked is in fact 0 (since we are at the beginning of a section in both cases). Fix the code by adding the missing ABSOLUTE(). Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... kernel/kern.ld.S
5981d034	18-Mar-2019	Rouven Czerwinski <r.czerwinski@pengutronix.de>	plat-imx: mx6: add support for the TZC380 to MX6Q Use the generic RAM layout to configure the TZC380 according to the device configuration. Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutroni plat-imx: mx6: add support for the TZC380 to MX6Q Use the generic RAM layout to configure the TZC380 according to the device configuration. Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Acked-by: Peng Fan <peng.fan@nxp.com> show more ... plat-imx/drivers/sub.mk plat-imx/drivers/tzc380.c plat-imx/imx.h plat-imx/imx6.c plat-imx/sub.mk /optee_os/core/drivers/bcm_hwrng.c /optee_os/core/drivers/bcm_sotp.c /optee_os/core/drivers/sub.mk /optee_os/core/drivers/tzc380.c /optee_os/core/include/drivers/bcm_hwrng.h /optee_os/core/include/drivers/bcm_sotp.h /optee_os/core/include/drivers/tzc380.h
4e7f52fc	20-Mar-2019	Ying-Chun Liu (PaulLiu) <paulliu@debian.org>	plat-rpi3: Use generic memory layout plat-rpi3 have quite standard memory layout, so there is no sense to maintain separate configuration if it possible to use generic one. Signed-off-by: Ying-Chun plat-rpi3: Use generic memory layout plat-rpi3 have quite standard memory layout, so there is no sense to maintain separate configuration if it possible to use generic one. Signed-off-by: Ying-Chun Liu (PaulLiu) <paulliu@debian.org> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> show more ... plat-rpi3/conf.mk plat-rpi3/platform_config.h
10e46687	14-Mar-2019	Etienne Carriere <etienne.carriere@st.com>	stm32mp1: shres: set GPIO secure hardening Set secure hardening for the GPIOZ pins according to their peripheral registration. Signed-off-by: Etienne Carriere <etienne.carriere@st.com> Acked-by: Je stm32mp1: shres: set GPIO secure hardening Set secure hardening for the GPIOZ pins according to their peripheral registration. Signed-off-by: Etienne Carriere <etienne.carriere@st.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... plat-stm32mp1/shared_resources.c
23b2f911	14-Mar-2019	Etienne Carriere <etienne.carriere@st.com>	stm32mp1: shres: configure ETZPC protection With this change, platform configures the ETZPC firewall according to shared peripheral being assigned to either the secure or the non-secure world. Sign stm32mp1: shres: configure ETZPC protection With this change, platform configures the ETZPC firewall according to shared peripheral being assigned to either the secure or the non-secure world. Signed-off-by: Etienne Carriere <etienne.carriere@st.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... plat-stm32mp1/shared_resources.c
84d74c3b	14-Mar-2019	Etienne Carriere <etienne.carriere@st.com>	stm32mp1: shres: check RCC secure hardening This change add a platform consistency test between shared resource registering and SoC RCC hardening. When secure resources are registered, RCC secure h stm32mp1: shres: check RCC secure hardening This change add a platform consistency test between shared resource registering and SoC RCC hardening. When secure resources are registered, RCC secure hardening must be enabled unless what secure world cannot guaranty the resource reliability. Signed-off-by: Etienne Carriere <etienne.carriere@st.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... plat-stm32mp1/shared_resources.c
90c579db	14-Mar-2019	Etienne Carriere <etienne.carriere@st.com>	stm32mp1: shres: secure clock parents Add API function stm32mp_register_clock_parents_secure(). The function registers as secure the parent clock(s) of the target clock reference. This API is used b stm32mp1: shres: secure clock parents Add API function stm32mp_register_clock_parents_secure(). The function registers as secure the parent clock(s) of the target clock reference. This API is used by shared_resources.c when a clock is registered as secure so that its dependencies are also registered as secure. Signed-off-by: Etienne Carriere <etienne.carriere@st.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... plat-stm32mp1/drivers/stm32mp1_clk.c plat-stm32mp1/shared_resources.c plat-stm32mp1/stm32_util.h
646fd5c7	14-Mar-2019	Etienne Carriere <etienne.carriere@st.com>	stm32mp1: shres: registering shared resources This change implements a driver for the stm32mp1 resources that may be assigned to either secure or non-secure worlds upon the platform configuration. stm32mp1: shres: registering shared resources This change implements a driver for the stm32mp1 resources that may be assigned to either secure or non-secure worlds upon the platform configuration. Other drivers shall register their resources (when applicable) using the API functions stm32mp_register_{secure\|non_secure}_periph(): - stm32mp_register__periph() registers a resource from its platform ID. - stm32mp_register__periph_iomem() registers a resource from its IOMEM base address. - stm32mp_register__periph_gpio() registers a resource from its GPIO reference, bank and position. Shared resource driver exports some APIs to query a resource registration state, stm32mp_periph_is_(), stm32mp_gpio_bank_is_(), stm32mp_clock_is_*(). The driver saves the peripheral assignation. The API does not allow peripherals to change state at runtime. Moverover, to prevent testing a resource status before it is registered, the first query on a resource state locks further registering. Later attempt to register a peripheral will panic the core. Resources are either secure on non-secure but clock that maybe shared in which case it will be assigned to the secure world but a platform service will allow non-secure to access the resource (i.e. enable/disable the clock). Note such service is out of the scope of this change, yet this explains API stm32mp_clock_is_shared(). Signed-off-by: Etienne Carriere <etienne.carriere@st.com> Signed-off-by: Nicolas Le Bayon <nicolas.le.bayon@st.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/MAINTAINERS plat-stm32mp1/conf.mk plat-stm32mp1/platform_config.h plat-stm32mp1/shared_resources.c plat-stm32mp1/stm32_util.h plat-stm32mp1/sub.mk /optee_os/core/drivers/stm32_gpio.c /optee_os/core/drivers/stm32_i2c.c /optee_os/core/include/drivers/stm32_i2c.h
e15cb72b	15-Feb-2019	Etienne Carriere <etienne.carriere@linaro.org>	stm32mp1: fix ordering in IOMEM mapping registering Swap RCC_BASE and PWR_BASE mapping registering for a nice alpha ordering of the mapping definitions. Signed-off-by: Etienne Carriere <etienne.car stm32mp1: fix ordering in IOMEM mapping registering Swap RCC_BASE and PWR_BASE mapping registering for a nice alpha ordering of the mapping definitions. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... plat-stm32mp1/main.c
9b39d0fa	15-Feb-2019	Etienne Carriere <etienne.carriere@linaro.org>	stm32mp1: prefer vaddr_t to uintptr_t Use vaddr_t and paddr_t instead of uintptr_t where applicable. This change also simplifies some platform get-base-address functions to use io_pa_or_va(). Sign stm32mp1: prefer vaddr_t to uintptr_t Use vaddr_t and paddr_t instead of uintptr_t where applicable. This change also simplifies some platform get-base-address functions to use io_pa_or_va(). Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... plat-stm32mp1/drivers/stm32mp1_pwr.c plat-stm32mp1/drivers/stm32mp1_pwr.h plat-stm32mp1/main.c plat-stm32mp1/stm32_util.h
10e1dc35	15-Feb-2019	Etienne Carriere <etienne.carriere@linaro.org>	stm32mp1: make all local variables be initialized Update platform to conform with OP-TEE directive about local variables initialization. Also rename variable labels excep into exceptions as more ex stm32mp1: make all local variables be initialized Update platform to conform with OP-TEE directive about local variables initialization. Also rename variable labels excep into exceptions as more explicit. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... plat-stm32mp1/drivers/stm32mp1_clk.c plat-stm32mp1/main.c plat-stm32mp1/pm/psci.c /optee_os/core/drivers/stm32_etzpc.c /optee_os/core/drivers/stm32_gpio.c /optee_os/core/drivers/stm32_uart.c
68aa058f	25-Feb-2019	Etienne Carriere <etienne.carriere@st.com>	stm32mp1: embed stm32_rng driver Platform embeds RNG driver and maps the RNG1 interface registers. Signed-off-by: Etienne Carriere <etienne.carriere@st.com> Acked-by: Jens Wiklander <jens.wiklander stm32mp1: embed stm32_rng driver Platform embeds RNG driver and maps the RNG1 interface registers. Signed-off-by: Etienne Carriere <etienne.carriere@st.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... plat-stm32mp1/conf.mk plat-stm32mp1/main.c plat-stm32mp1/platform_config.h /optee_os/core/drivers/stm32_rng.c /optee_os/core/drivers/sub.mk /optee_os/core/include/drivers/stm32_rng.h
9f6d9163	13-Feb-2019	Etienne Carriere <etienne.carriere@st.com>	stm32mp1: util for shared resources refcount Implement {incr\|decr}_shrefcnt(refcount, secure_flag) to provide reference counting for secure, non secure and resources used both from secure and non se stm32mp1: util for shared resources refcount Implement {incr\|decr}_shrefcnt(refcount, secure_flag) to provide reference counting for secure, non secure and resources used both from secure and non secure world. Functions {incr\|decr}_refcnt(refcount) is a secure refcount only reference counting. Signed-off-by: Etienne Carriere <etienne.carriere@st.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/.shippable.yml plat-stm32mp1/stm32_util.h /optee_os/core/core.mk /optee_os/core/crypto.mk /optee_os/core/crypto/crypto.c /optee_os/core/lib/libtomcrypt/acipher_helpers.h /optee_os/core/lib/libtomcrypt/aes.c /optee_os/core/lib/libtomcrypt/cbc.c /optee_os/core/lib/libtomcrypt/dh.c /optee_os/core/lib/libtomcrypt/dsa.c /optee_os/core/lib/libtomcrypt/ecb.c /optee_os/core/lib/libtomcrypt/ecc.c /optee_os/core/lib/libtomcrypt/hash.c /optee_os/core/lib/libtomcrypt/include/tomcrypt_custom.h /optee_os/core/lib/libtomcrypt/include/tomcrypt_init.h /optee_os/core/lib/libtomcrypt/include/tomcrypt_mp.h /optee_os/core/lib/libtomcrypt/mpa_desc.c /optee_os/core/lib/libtomcrypt/mpi_desc.c /optee_os/core/lib/libtomcrypt/rsa.c /optee_os/core/lib/libtomcrypt/src/ciphers/sub.mk /optee_os/core/lib/libtomcrypt/src/encauth/gcm/gcm_mult_h_arm_ce.c /optee_os/core/lib/libtomcrypt/src/encauth/gcm/sub.mk /optee_os/core/lib/libtomcrypt/src/encauth/sub.mk /optee_os/core/lib/libtomcrypt/src/hashes/sha2/sub.mk /optee_os/core/lib/libtomcrypt/src/hashes/sub.mk /optee_os/core/lib/libtomcrypt/src/mac/sub.mk /optee_os/core/lib/libtomcrypt/src/math/fp/sub.mk /optee_os/core/lib/libtomcrypt/src/modes/sub.mk /optee_os/core/lib/libtomcrypt/src/pk/sub.mk /optee_os/core/lib/libtomcrypt/src/prngs/sub.mk /optee_os/core/lib/libtomcrypt/src/sub.mk /optee_os/core/lib/libtomcrypt/sub.mk /optee_os/core/lib/libtomcrypt/tomcrypt.c /optee_os/lib/libmbedtls/core/aes.c /optee_os/lib/libmbedtls/core/aes_cbc.c /optee_os/lib/libmbedtls/core/aes_cmac.c /optee_os/lib/libmbedtls/core/aes_ctr.c /optee_os/lib/libmbedtls/core/aes_ecb.c /optee_os/lib/libmbedtls/core/bignum.c /optee_os/lib/libmbedtls/core/des3_cbc.c /optee_os/lib/libmbedtls/core/des3_ecb.c /optee_os/lib/libmbedtls/core/des_cbc.c /optee_os/lib/libmbedtls/core/des_ecb.c /optee_os/lib/libmbedtls/core/dh.c /optee_os/lib/libmbedtls/core/ecc.c /optee_os/lib/libmbedtls/core/hash.c /optee_os/lib/libmbedtls/core/hmac.c /optee_os/lib/libmbedtls/core/mbd_rand.h /optee_os/lib/libmbedtls/core/rsa.c /optee_os/lib/libmbedtls/core/sub.mk /optee_os/lib/libmbedtls/core/tomcrypt.c /optee_os/lib/libmbedtls/include/mbedtls_config_kernel.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cipher.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cipher_internal.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cmac.h /optee_os/lib/libmbedtls/mbedtls/library/cipher.c /optee_os/lib/libmbedtls/mbedtls/library/cipher_wrap.c /optee_os/lib/libmbedtls/mbedtls/library/cmac.c /optee_os/lib/libmbedtls/mbedtls/library/md.c /optee_os/lib/libmbedtls/mbedtls/library/rsa.c /optee_os/lib/libmbedtls/sub.mk /optee_os/mk/compile.mk /optee_os/mk/config.mk
2b39fbe0	27-Mar-2019	Jens Wiklander <jens.wiklander@linaro.org>	core: arm: link tee.elf with lib archives Links tee.elf with the library archives instead of -llibname in order to detect multiply defined symbols in several libraries. Acked-by: Jerome Forissier < core: arm: link tee.elf with lib archives Links tee.elf with the library archives instead of -llibname in order to detect multiply defined symbols in several libraries. Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... kernel/link.mk /optee_os/core/core.mk /optee_os/core/crypto/aes-cts.c /optee_os/core/crypto/aes-gcm-sw.c /optee_os/core/crypto/sub.mk /optee_os/core/include/crypto/crypto.h /optee_os/core/lib/libtomcrypt/src/pk/dsa/dsa_import.c /optee_os/core/lib/libtomcrypt/src/tee_ltc_provider.c /optee_os/core/lib/libtomcrypt/sub.mk /optee_os/lib/libmbedtls/mbedtls/CONTRIBUTING.md /optee_os/lib/libmbedtls/mbedtls/ChangeLog /optee_os/lib/libmbedtls/mbedtls/README.md /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/aes.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/aesni.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/arc4.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/aria.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/asn1.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/asn1write.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/base64.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/bignum.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/blowfish.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/bn_mul.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/camellia.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ccm.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/certs.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/chacha20.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/chachapoly.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/check_config.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cipher.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cipher_internal.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cmac.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/compat-1.3.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ctr_drbg.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/debug.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/des.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/dhm.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecdh.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecdsa.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecjpake.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecp.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecp_internal.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/entropy.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/entropy_poll.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/error.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/gcm.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/havege.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/hkdf.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/hmac_drbg.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md2.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md4.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md5.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md_internal.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/memory_buffer_alloc.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/net.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/net_sockets.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/nist_kw.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/oid.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/padlock.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pem.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pk.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pk_internal.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pkcs11.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pkcs12.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pkcs5.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/platform.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/platform_time.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/platform_util.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/poly1305.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ripemd160.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/rsa.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/rsa_internal.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha1.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha256.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha512.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_cache.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_ciphersuites.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_cookie.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_internal.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_ticket.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/threading.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/timing.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/version.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_crl.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_crt.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_csr.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/xtea.h /optee_os/lib/libmbedtls/mbedtls/library/aes.c /optee_os/lib/libmbedtls/mbedtls/library/aesni.c /optee_os/lib/libmbedtls/mbedtls/library/arc4.c /optee_os/lib/libmbedtls/mbedtls/library/aria.c /optee_os/lib/libmbedtls/mbedtls/library/asn1parse.c /optee_os/lib/libmbedtls/mbedtls/library/asn1write.c /optee_os/lib/libmbedtls/mbedtls/library/bignum.c /optee_os/lib/libmbedtls/mbedtls/library/blowfish.c /optee_os/lib/libmbedtls/mbedtls/library/camellia.c /optee_os/lib/libmbedtls/mbedtls/library/ccm.c /optee_os/lib/libmbedtls/mbedtls/library/certs.c /optee_os/lib/libmbedtls/mbedtls/library/chacha20.c /optee_os/lib/libmbedtls/mbedtls/library/chachapoly.c /optee_os/lib/libmbedtls/mbedtls/library/cipher.c /optee_os/lib/libmbedtls/mbedtls/library/cipher_wrap.c /optee_os/lib/libmbedtls/mbedtls/library/cmac.c /optee_os/lib/libmbedtls/mbedtls/library/ctr_drbg.c /optee_os/lib/libmbedtls/mbedtls/library/debug.c /optee_os/lib/libmbedtls/mbedtls/library/des.c /optee_os/lib/libmbedtls/mbedtls/library/dhm.c /optee_os/lib/libmbedtls/mbedtls/library/ecdh.c /optee_os/lib/libmbedtls/mbedtls/library/ecdsa.c /optee_os/lib/libmbedtls/mbedtls/library/ecjpake.c /optee_os/lib/libmbedtls/mbedtls/library/ecp.c /optee_os/lib/libmbedtls/mbedtls/library/ecp_curves.c /optee_os/lib/libmbedtls/mbedtls/library/entropy.c /optee_os/lib/libmbedtls/mbedtls/library/entropy_poll.c /optee_os/lib/libmbedtls/mbedtls/library/error.c /optee_os/lib/libmbedtls/mbedtls/library/gcm.c /optee_os/lib/libmbedtls/mbedtls/library/havege.c /optee_os/lib/libmbedtls/mbedtls/library/hkdf.c /optee_os/lib/libmbedtls/mbedtls/library/hmac_drbg.c /optee_os/lib/libmbedtls/mbedtls/library/md.c /optee_os/lib/libmbedtls/mbedtls/library/md2.c /optee_os/lib/libmbedtls/mbedtls/library/md4.c /optee_os/lib/libmbedtls/mbedtls/library/md5.c /optee_os/lib/libmbedtls/mbedtls/library/md_wrap.c /optee_os/lib/libmbedtls/mbedtls/library/memory_buffer_alloc.c /optee_os/lib/libmbedtls/mbedtls/library/net_sockets.c /optee_os/lib/libmbedtls/mbedtls/library/nist_kw.c /optee_os/lib/libmbedtls/mbedtls/library/oid.c /optee_os/lib/libmbedtls/mbedtls/library/pem.c /optee_os/lib/libmbedtls/mbedtls/library/pk.c /optee_os/lib/libmbedtls/mbedtls/library/pk_wrap.c /optee_os/lib/libmbedtls/mbedtls/library/pkcs12.c /optee_os/lib/libmbedtls/mbedtls/library/pkcs5.c /optee_os/lib/libmbedtls/mbedtls/library/pkparse.c /optee_os/lib/libmbedtls/mbedtls/library/pkwrite.c /optee_os/lib/libmbedtls/mbedtls/library/platform.c /optee_os/lib/libmbedtls/mbedtls/library/platform_util.c /optee_os/lib/libmbedtls/mbedtls/library/poly1305.c /optee_os/lib/libmbedtls/mbedtls/library/ripemd160.c /optee_os/lib/libmbedtls/mbedtls/library/rsa.c /optee_os/lib/libmbedtls/mbedtls/library/rsa_internal.c /optee_os/lib/libmbedtls/mbedtls/library/sha1.c /optee_os/lib/libmbedtls/mbedtls/library/sha256.c /optee_os/lib/libmbedtls/mbedtls/library/sha512.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_cache.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_ciphersuites.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_cli.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_cookie.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_srv.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_ticket.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls.c /optee_os/lib/libmbedtls/mbedtls/library/threading.c /optee_os/lib/libmbedtls/mbedtls/library/timing.c /optee_os/lib/libmbedtls/mbedtls/library/version.c /optee_os/lib/libmbedtls/mbedtls/library/version_features.c /optee_os/lib/libmbedtls/mbedtls/library/x509.c /optee_os/lib/libmbedtls/mbedtls/library/x509_create.c /optee_os/lib/libmbedtls/mbedtls/library/x509_crl.c /optee_os/lib/libmbedtls/mbedtls/library/x509_crt.c /optee_os/lib/libmbedtls/mbedtls/library/x509_csr.c /optee_os/lib/libmbedtls/mbedtls/library/x509write_crt.c /optee_os/lib/libmbedtls/mbedtls/library/x509write_csr.c /optee_os/lib/libmbedtls/mbedtls/library/xtea.c /optee_os/lib/libmbedtls/sub.mk
7dfff131	20-Dec-2018	Jerome Forissier <jerome.forissier@linaro.org>	core: user_ta: implement ASLR for TAs Introduces CFG_TA_ASLR to enable Address Space Layout Randomization of Trusted Applications. ASLR makes the exploitation of memory corruption vulnerabilities ha core: user_ta: implement ASLR for TAs Introduces CFG_TA_ASLR to enable Address Space Layout Randomization of Trusted Applications. ASLR makes the exploitation of memory corruption vulnerabilities harder. The feature is disabled by default except for the configurations I could test (QEMU and HiKey960). When CFG_TA_ASLR=y, the stack and subsequent ELF file(s) needed by the TA are mapped into the user VA space with a random offset comprised between CFG_TA_ASLR_MIN_OFFSET_PAGES and CFG_TA_ASLR_MAX_OFFSET_PAGES pages (that is between 0 and 128 pages by default). Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (QEMU, HiKey960) Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... kernel/user_ta.c plat-hikey/conf.mk plat-vexpress/conf.mk /optee_os/mk/config.mk
0a8fec75	20-Dec-2018	Jerome Forissier <jerome.forissier@linaro.org>	core: user_ta: use consistent formatting for addresses in TA dump Improve the layout of the TA dump message by using fixed width for physical and virtual addresses: 0x + 8 or 16 characters, dependin core: user_ta: use consistent formatting for addresses in TA dump Improve the layout of the TA dump message by using fixed width for physical and virtual addresses: 0x + 8 or 16 characters, depending on the address size (32 or 64 bits). This makes the output more consistent, more readable, and nicer overall. Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... kernel/user_ta.c /optee_os/lib/libutee/base64.c /optee_os/lib/libutee/tee_api_arith_mpi.c /optee_os/lib/libutils/ext/include/types_ext.h /optee_os/lib/libutils/ext/trace.c /optee_os/typedefs.checkpatch
e9495e2a	12-Mar-2019	Rouven Czerwinski <r.czerwinski@pengutronix.de>	generic_boot: reserve optee_tzdram memory Aside from reserving the shared memory, also reserve the TZDRAM OP-TEE memory. Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: R generic_boot: reserve optee_tzdram memory Aside from reserving the shared memory, also reserve the TZDRAM OP-TEE memory. Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> show more ... kernel/generic_boot.c
1...<<919293 94 95 96 97 98 99 100 >>...146