plat-vexpress: Configure secure UART interrupt in qemu_virt startup

Configure the secure UART interrupt for the qemu_virt platform
flavour, rather than letting it default to non-secure.

Signed-off-

plat-vexpress: Configure secure UART interrupt in qemu_virt startup

Configure the secure UART interrupt for the qemu_virt platform
flavour, rather than letting it default to non-secure.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

qemu: update computation of TZDRAM_SIZE

TZDRAM_SIZE is computed from DRAM0_TEERES_SIZE, CFG_TEE_RAM_VA_SIZE
and CFG_SHMEM_SIZE, instead of using hard-coded values.

Change-Id: If4a21c1231e06d25c88dc

qemu: update computation of TZDRAM_SIZE

TZDRAM_SIZE is computed from DRAM0_TEERES_SIZE, CFG_TEE_RAM_VA_SIZE
and CFG_SHMEM_SIZE, instead of using hard-coded values.

Change-Id: If4a21c1231e06d25c88dca1ada535a06b0e80f4c
Signed-off-by: Pascal Brand <pascal.brand@st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Cedric Chaumont <cedric.chaumont@linaro.org>

show more ...

core: optionally enable concurrent execution of TAs

Enables concurrent execution of TAs unless CFG_DISABLE_CONCURRENT_EXEC
is y. Default is CFG_DISABLE_CONCURRENT_EXEC n, unless CFG_WITH_PAGER is
y.

core: optionally enable concurrent execution of TAs

Enables concurrent execution of TAs unless CFG_DISABLE_CONCURRENT_EXEC
is y. Default is CFG_DISABLE_CONCURRENT_EXEC n, unless CFG_WITH_PAGER is
y.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey)

show more ...

core/arm: rename TEESMC_RETURN_EBUSY

Renames TEESMC_RETURN_EBUSY to TEESMC_RETURN_ETHREAD_LIMIT to better
reflect the meaning.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by:

core/arm: rename TEESMC_RETURN_EBUSY

Renames TEESMC_RETURN_EBUSY to TEESMC_RETURN_ETHREAD_LIMIT to better
reflect the meaning.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

plat-*/conf.mk cleanup

- Do not set CFG_ values that do not change the default
- Remove a few useless -D<flag>
- Always use '?=' as opposed to ':=' for consistent behavior with
'CFG_FOO=y make' an

plat-*/conf.mk cleanup

- Do not set CFG_ values that do not change the default
- Remove a few useless -D<flag>
- Always use '?=' as opposed to ':=' for consistent behavior with
'CFG_FOO=y make' and 'make CFG_FOO=y'
=> Use this form when both enabled and disabled are valid options
- Add macro: $(call force,CFG_FOO,y) to set a variable and make
sure it does not conflict with external values that may be given
on the command line or in the environment
=> Use this form when the variable can only have the specified value
(any other value would be invalid). 'override CFG_FOO := y' would
be correct, too, but would not detect conflicting values.
- Always include mk/conf.mk last so that the platform definitions
always take precedence over the global configuration

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

core: fix error code for corrupt TA

Always return TEE_ERROR_SECURITY if tee_ta_load_check_shdr() fails
in any tests of the TA binary.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Teste

core: fix error code for corrupt TA

Always return TEE_ERROR_SECURITY if tee_ta_load_check_shdr() fails
in any tests of the TA binary.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

pager: statistics through a static TA

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Pascal Brand <pascal.brand@st

pager: statistics through a static TA

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

Remove unused defines

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Pascal Brand <pascal.brand@st.com>

core: rename system calls (s/tee_svc_/syscall_/)

Assign the syscall_ prefix to all system calls to make them stand out
from other functions.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro

core: rename system calls (s/tee_svc_/syscall_/)

Assign the syscall_ prefix to all system calls to make them stand out
from other functions.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

core/arm: trap access flag faults and fix FSR_FS_MASK

Reviewed-by: Etienne CARRIERE <etienne.carriere@st.com>
Tested-by: Etienne CARRIERE <etienne.carriere@st.com>
Reviewed-by: Jens Wiklander <jens.

core/arm: trap access flag faults and fix FSR_FS_MASK

Reviewed-by: Etienne CARRIERE <etienne.carriere@st.com>
Tested-by: Etienne CARRIERE <etienne.carriere@st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU)
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

Introduce free_rsa_public_key() and free_ecc_public_key()

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand

Introduce free_rsa_public_key() and free_ecc_public_key()

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM)
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

pager: remove pages used by scratch memory

Libtomcrypt is using, because of mpa, some scratch memory
used in intermediate computation. These data are useless
once the acipher computation is complete

pager: remove pages used by scratch memory

Libtomcrypt is using, because of mpa, some scratch memory
used in intermediate computation. These data are useless
once the acipher computation is completed. That means
that these data pages can be unmapped.

On QEMU, compiled with CFG_WITH_PAGER=y, "time xtest 4006" returns:
- Before the patch
real 3m 46.24s
user 0m 0.19s
sys 3m 45.51s
- After the patch
real 1m 29.00s
user 0m 0.17s
sys 1m 28.51s

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU with CFG_WITH_PAGER=y)
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

arm: imx: add i.MX 6UltraLite and EVK board support

The i.MX 6UltraLite[1] is a high performance, ultra-efficient processor
family featuring an advanced implementation of a single ARM® Cortex®-A7
co

arm: imx: add i.MX 6UltraLite and EVK board support

The i.MX 6UltraLite[1] is a high performance, ultra-efficient processor
family featuring an advanced implementation of a single ARM® Cortex®-A7
core.

This patch add i.MX 6Ulralite EVK board support:
1. Add a uart driver for i.MX platforms
2. Introduce plat-imx for i.MX platforms
3. Introduce i.MX6 UltraLite platform
4. This patch has been tested using the following step,
4.1. build step:
PLATFORM_FLAVOR=mx6ulevk make ARCH=arm PLATFORM=imx
${CROSS_COMPILE}-objcopy -O binary out/arm-plat-imx/core/tee.elf optee.bin
copy optee.bin to the first partition of SD card which is used for boot.
4.2. Boot setting in uboot:
run loadfdt;
run loadimage;
fatload mmc 1:1 0x9c100000 optee.bin;
run mmcargs;
bootz ${loadaddr} - ${fdt_addr};
5. pass xtest

Note:
CAAM is not implemented now, this will be added later.

[1] http://www.freescale.com/webapp/sps/site/prod_summary.jsp?
code=i.MX6UL&tid=redI.MX6UL-FAMILY&uc=true&lang_cd=en

Signed-off-by: Peng Fan <Peng.Fan@freescale.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

arm/pager: move init temp storage of hashes

When a paged OP-TEE binary is copied into secure memory with unpaged
code and data in the correct location, but with init code and hashes of
paged pages s

arm/pager: move init temp storage of hashes

When a paged OP-TEE binary is copied into secure memory with unpaged
code and data in the correct location, but with init code and hashes of
paged pages starting at the start of the .bss section. If .bss is large
enough init code and hashes will fit entirely in the .bss section and as
long as .bss is unused the data there is safe.

This assumption will not be true any longer if .bss shrinks dramatically
due to reduced size of mpa scratch memory.

With this patch the hashes will be copied to a temporary safe location
right after the init code. This location is the same as the start of the
.text_pageable section so the hashes must be copied to the final
location before the pager is initialized.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

Add fsl ls1021a platform support.

Added plat-ls, with initial support for fsl ls1021a platform.
Added uart driver (ns16550).

Signed-off-by: Sumit Garg <b49020@freescale.com>
Reviewed-by: Jens Wikla

Add fsl ls1021a platform support.

Added plat-ls, with initial support for fsl ls1021a platform.
Added uart driver (ns16550).

Signed-off-by: Sumit Garg <b49020@freescale.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

plat-stm: increase secure memory

On plat-stm, available RAM for TA was 6MB. This is too small to run
xtest 1005 and 1006, which are opening multiple session of os_test
TA, which is huge.

This patch

plat-stm: increase secure memory

On plat-stm, available RAM for TA was 6MB. This is too small to run
xtest 1005 and 1006, which are opening multiple session of os_test
TA, which is huge.

This patch increases the available memory to TAs, to 14MB.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

core: avoid deadlocks caused by single-instance TA

Protect against deadlocks caused by single-instance TAs calling another
single-instance TAs directly or indirectly. When a TA is invoked but
alread

core: avoid deadlocks caused by single-instance TA

Protect against deadlocks caused by single-instance TAs calling another
single-instance TAs directly or indirectly. When a TA is invoked but
already is busy with another operation the calling thread is suspended
using condvar_wait() until the TA is available again. This is
effectively a lock which can cause a deadlock if several such locks are
used at the same time but in different order.

This patch avoids this problem by only allowing one thread at a time to
set a single-instance TA context busy. If the thread with a
single-instance TA busy in the call stack tries to set an already busy
TA context busy it will return TEE_ERROR_BUSY instead as there is a
recursive loop in how the different TAs has invoked each other.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU - full test suite)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey - full test suite)

show more ...

core: add big thread lock

Adds a big thread lock to only return busy when a kernel thread can't be
allocated. This is compatible with current locking scheme in the Linux
kernel driver, but also open

core: add big thread lock

Adds a big thread lock to only return busy when a kernel thread can't be
allocated. This is compatible with current locking scheme in the Linux
kernel driver, but also opens up for an easier and more flexible locking
scheme in the driver.

Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU platform)
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU and FVP)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: use condvar when serializing TA execution

struct tee_ta_ctx::busy is used to serialize TA execution. Before this
patch the operation would fail if busy is true. This patch waits for
busy to be

core: use condvar when serializing TA execution

struct tee_ta_ctx::busy is used to serialize TA execution. Before this
patch the operation would fail if busy is true. This patch waits for
busy to become false if needed with help of wait_queue. Also uses the
busy flag for open session to avoid races on multi-session
single-instance TAs.

Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add condvar synchronization primitive

Adds condvar synchronization primitive which is similar to
pthread_condvar.

Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jerome Foris

core: add condvar synchronization primitive

Adds condvar synchronization primitive which is similar to
pthread_condvar.

Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: reimplement mutex with wait_queue

Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@

core: reimplement mutex with wait_queue

Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add wait_queue primitive for synchronization

Adds a new primitive for synchronization, wait_queue.

Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jerome Forissier <jerome.fo

core: add wait_queue primitive for synchronization

Adds a new primitive for synchronization, wait_queue.

Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Flush traces synchronously

Avoids random mixing of secure world traces with ones from the normal
world (assuming the normal world also flushes its debug traces
synchronously).

The 'sync' parameter

Flush traces synchronously

Avoids random mixing of secure world traces with ones from the normal
world (assuming the normal world also flushes its debug traces
synchronously).

The 'sync' parameter to the trace_printf() and trace_ext_puts() function
is removed because there seems to be no sensible use case mandating
sync == false.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

TA as ELF + signature

Changes format of TA to use the ELF format instead. This patch also adds
signature checking of the TA. The format of the TA is:
<Signed header>
<ELF header>
<Program header> (p

TA as ELF + signature

Changes format of TA to use the ELF format instead. This patch also adds
signature checking of the TA. The format of the TA is:
<Signed header>
<ELF header>
<Program header> (part of ELF spec, pointing out segments to load)
<Sections>

A struct ta_head is placed in the first section of the first segment
to carry flags and other properties of the TA.

elf32.h, elf64.h and elf_common.h are imported from FreeBSD.

In addition to the R_ARM_RELATIVE relocation type, adds support for
R_ARM_ABS32 relocations. Since a symbol table is needed to process this
relocation type a separate program header is added in the TA ELF
containing the sections .dynamic, .dynsym, .dynstr and .hash. These
sections are only needed during relocation and could be released once
the TA is relocated.

A default signing key has been generated with
openssl genrsa -out key.pem
and added as keys/default_ta.pem

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU, FVP)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU platform)
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey)

show more ...

Add TI dra7xx platform support

Added plat-ti, with initial support for TI dra7xx platform.

Changed generic init_sec_mon to be overriden by platform/main.c
because initial return to non-secure world

Add TI dra7xx platform support

Added plat-ti, with initial support for TI dra7xx platform.

Changed generic init_sec_mon to be overriden by platform/main.c
because initial return to non-secure world needs to restore full
NS context for this platform.

Signed-off-by: Harinarayan Bhatta <harinarayan.bhatta@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...