Properties in kernel side

In order to ease the inclusion of vendor-specific properties,
properties are now mostly described in the kernel. This allows
a lower synchronization between user-side and k

Properties in kernel side

In order to ease the inclusion of vendor-specific properties,
properties are now mostly described in the kernel. This allows
a lower synchronization between user-side and kernel-side.

The only properties now handled at user-side are TA properties
(apart from "gpd.ta.appID") as well as the TEE property
"gpd.tee.arith.maxBigIntSize"

Early discussion can be found at
https://github.com/OP-TEE/optee_os/pull/460
and https://github.com/OP-TEE/optee_os/pull/482

Suggested-by: Paul Swan <paswan@microsoft.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

core: link with --gc-sections

Link OP-TEE Core with --gc-sections to remove unused code, saves ~8KiB.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens

core: link with --gc-sections

Link OP-TEE Core with --gc-sections to remove unused code, saves ~8KiB.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

arm: compile without -mlong-calls

Compiles without compiler option -mlong-calls, saves ~12 KiB.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wikla

arm: compile without -mlong-calls

Compiles without compiler option -mlong-calls, saves ~12 KiB.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-vexpress: FVP change shared memory range

Changes shared memory range used on FVP since the old shared memory
region conflicts with something on recent kernels (problem seen on
v4.4).

Because o

plat-vexpress: FVP change shared memory range

Changes shared memory range used on FVP since the old shared memory
region conflicts with something on recent kernels (problem seen on
v4.4).

Because of the conflict the kernel refuses to reserve the shared memory
resulting in occasional memory corruption.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

RPMB: add file encryption

Adds support for CFG_ENC_FS=y when CFG_RPMB_FS=y.

The files stored on an RPMB partition are encrypted with AES in Cipher
Block Chaining (CBC) mode with Encrypted Salt/Sect

RPMB: add file encryption

Adds support for CFG_ENC_FS=y when CFG_RPMB_FS=y.

The files stored on an RPMB partition are encrypted with AES in Cipher
Block Chaining (CBC) mode with Encrypted Salt/Sector Initialization
Vector (ESSIV).
Each file has it own 128-bit File Encryption Key (FEK), randomly chosen
when the file is created. The FEK is added to the FAT entry for the
file, it is always decrypted with the Secure Storage Key (SSK) before
use. The file path is reduced accordingly, so that a FAT entry is still
256 bytes.
Each 256-byte block in the file is encrypted as follows:

k = 128 bits of SHA256(FEK);
IV = AES_Encrypt(k, block number);
encrypted_block = AES_CBC(IV, FEK, block_data);

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

RPMB: update debug traces

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

core: stack unwinding

Adds support for stack unwinding, currently only done for fatal aborts
from kernel mode if CFG_CORE_UNWIND = y

The ARMv7/Aarch32 implementation uses -funwind-tables to generat

core: stack unwinding

Adds support for stack unwinding, currently only done for fatal aborts
from kernel mode if CFG_CORE_UNWIND = y

The ARMv7/Aarch32 implementation uses -funwind-tables to generate frame
unwinding information which is quite large. Enabling stack unwinding
currently consumes ~8 KiB. The code to parse the frame unwind
information is imported from FreeBSD.

The Aarch64 implementation takes advantage of the frame pointer and has
minimal overhead. The core code to unwind the stack is imported from
FreeBSD.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey 32/64)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU, FVP)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core/armv7: solve map issue for unaligned pa

in the function map_page_memarea() the l2 address alignment
is not correctly handled that cause issue when parameter
mm->pa is not aligned with section s

core/armv7: solve map issue for unaligned pa

in the function map_page_memarea() the l2 address alignment
is not correctly handled that cause issue when parameter
mm->pa is not aligned with section size
(ex: mm->pa=0x2ffc0000 => l2[192] = 0x30080416)

=> SECTION_MASK should be used instead of SMALL_PAGE_MASK

Change-Id: Ibc7aa5063265a78112bff761fdb55490cfc0d7f3
Signed-off-by: Patrick Delaunay <patrick.delaunay73@gmail.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Introduce CROSS_COMPILE32 and CROSS_COMPILE64

Currently, to build a 64-bit TEE core (as well as mixed 32- and 64-bit
TA libraries, which are automatically enabled in this case), one has to
set too m

Introduce CROSS_COMPILE32 and CROSS_COMPILE64

Currently, to build a 64-bit TEE core (as well as mixed 32- and 64-bit
TA libraries, which are automatically enabled in this case), one has to
set too many compiler variables:

$ make PLATFORM=hikey CFG_ARM64_core=y \
CROSS_COMPILE_core=aarch64-linux-gnu- \
CROSS_COMPILE_ta_arm64=aarch64-linux-gnu-

This commit introduces two variables, CROSS_COMPILE32 and
CROSS_COMPILE64. They take appropriate default values, so that the
above line may be simplified as:

$ make PLATFORM=hikey CFG_ARM64_core=y

The change remains compatible with previous builds, i.e., CROSS_COMPILE
can still be used to define the 32-bit compiler because CROSS_COMPILE32
defaults to $(CROSS_COMPILE). Similarly, CROSS_COMPILE_core and
CROSS_COMPILE_ta_arm{32,64} are still used so they may be overridden
too.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

core: remove registration of svc and abort handlers

Removes the possibility to register svc and abort handlers as the same
handler is always used. The svc and abort handlers are also so closely
tied

core: remove registration of svc and abort handlers

Removes the possibility to register svc and abort handlers as the same
handler is always used. The svc and abort handlers are also so closely
tied to thread system that it would be difficult and error prone to use
alternative handlers.

Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (FVP)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

RPMB: make sure tee_rpmb_fs_write() is atomic

File updates have to be atomic, even in case of a powerdown event for
instance. Therefore we must not write data in-place unless the update spans
less t

RPMB: make sure tee_rpmb_fs_write() is atomic

File updates have to be atomic, even in case of a powerdown event for
instance. Therefore we must not write data in-place unless the update spans
less than rel_wr_blkcnt blocks.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

arm: add TA hard-float support

Adds support for hard-float in TAs. Hard-float is enabled by default for
all platforms which are capable, currently all. Soft-float is still
available if needed.

Revi

arm: add TA hard-float support

Adds support for hard-float in TAs. Hard-float is enabled by default for
all platforms which are capable, currently all. Soft-float is still
available if needed.

Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU, FVP)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: introduce __maybe_unused

When a variable, parameter or function may or may not be referenced
depending on some conditional compilation setting, mark it with
__maybe_unused instead of __unused.

core: introduce __maybe_unused

When a variable, parameter or function may or may not be referenced
depending on some conditional compilation setting, mark it with
__maybe_unused instead of __unused. The goal is to improve code
legibility.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

core: abort.{c,h} refactoring

Renames structs, functions and defines to show that they are part of the
abort module.

Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jerome Forissie

core: abort.{c,h} refactoring

Renames structs, functions and defines to show that they are part of the
abort module.

Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU, FVP)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: minor housekeeping in tee_pager.c

* Reduces to one #ifdef CFG_WITH_PAGER section in the file and one #else
section.
* Removes unneeded includes.

Reviewed-by: Pascal Brand <pascal.brand@lina

core: minor housekeeping in tee_pager.c

* Reduces to one #ifdef CFG_WITH_PAGER section in the file and one #else
section.
* Removes unneeded includes.

Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add abort.{c,h} pager neutral processing

Moves structs, functions and defines which are central in abort
processing into abort.{c,h}. All identifier keeps their name in this
commit to make it

core: add abort.{c,h} pager neutral processing

Moves structs, functions and defines which are central in abort
processing into abort.{c,h}. All identifier keeps their name in this
commit to make it easier to follow how the code is moved.

Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: merge tee_ta_manager{,_unpg}.{c,h}

Merges tee_ta_manager_unpg.h into tee_ta_manager.h and
tee_ta_manager_unpg.c into tee_ta_manager.c

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewe

core: merge tee_ta_manager{,_unpg}.{c,h}

Merges tee_ta_manager_unpg.h into tee_ta_manager.h and
tee_ta_manager_unpg.c into tee_ta_manager.c

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU, FVP)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: move cache syscall

Moves cache syscall code to arch/arm/tee

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Signed-off-by: Jens Wiklander

core: move cache syscall

Moves cache syscall code to arch/arm/tee

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

cleanup static TA handling

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

Assembly files should use FUNC* macros

* All assembly files should use the FUNC* macros for interwork to work
properly.
* Moves asm.S into libutils to make it available for TA libs

Reviewed-by: J

Assembly files should use FUNC* macros

* All assembly files should use the FUNC* macros for interwork to work
properly.
* Moves asm.S into libutils to make it available for TA libs

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey 32/64 bits)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

get rid of platform_flags.mk

Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey)
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@l

get rid of platform_flags.mk

Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey)
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU, FVP)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: RPMB (Replay Protected Memory Block) filesystem support

This is an update to the RPMB filesystem implementation so that the
persistent object API may use RPMB rather than the REE filesystem.
T

core: RPMB (Replay Protected Memory Block) filesystem support

This is an update to the RPMB filesystem implementation so that the
persistent object API may use RPMB rather than the REE filesystem.
This feature is enabled with CFG_RPMB_FS=y.
Note that this implementation requires support from the non-secure side
to actually access the RPMB partition, as there is no eMMC driver here.
Also, the code is currently not compatible with CFG_ENC_FS (file
encryption), which must be set to 'n'. Encryption will be added later.

Signed-off-by: Youssef Esmat <youssef.esmat@microsoft.com>
Signed-off-by: Paul Swan <Paul.Swan@microsoft.com>
[Rebased onto master, Linux driver/tee-supplicant support]
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

plat-vexpress: Change UART1_BASE and IT_UART1

This is required to move OP-TEE to upstream QEMU.

Signed-off-by: Victor Chong <victor.chong@linaro.org>
Suggested-by: Peter Maydell <peter.maydell@lina

plat-vexpress: Change UART1_BASE and IT_UART1

This is required to move OP-TEE to upstream QEMU.

Signed-off-by: Victor Chong <victor.chong@linaro.org>
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Tested-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

Replace CFG_TEE_IMPL_VERSION with TEE_IMPL_VERSION

Replaces CFG_TEE_IMPL_VERSION with TEE_IMPL_VERSION to avoid updating
<out-dir>/core/include/generated/conf.h each time description of the current

Replace CFG_TEE_IMPL_VERSION with TEE_IMPL_VERSION

Replaces CFG_TEE_IMPL_VERSION with TEE_IMPL_VERSION to avoid updating
<out-dir>/core/include/generated/conf.h each time description of the current
git commit is changed.

This avoids full recompiles that can't even be cached just because some
files has changed in an updated commit.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: split struct tee_ta_ctx

Moves user ta specific parts into struct user_ta_ctx and static ta
specific parts into struct static_ta_ctx.

Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested

core: split struct tee_ta_ctx

Moves user ta specific parts into struct user_ta_ctx and static ta
specific parts into struct static_ta_ctx.

Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...