Secure Storage: Implement block-based encrypted file system

- Meta file encryption/decryption is enforced
- Block file encryption/decryption is optional

Signed-off-by: James Kung <james.kung@linaro

Secure Storage: Implement block-based encrypted file system

- Meta file encryption/decryption is enforced
- Block file encryption/decryption is optional

Signed-off-by: James Kung <james.kung@linaro.org>
Signed-off-by: SY Chiu <sy.chiu@linaro.org>
Tested-by: James Kung <james.kung@linaro.org> (QEMU, MT8173 EVB)
Tested-by: SY Chiu <sy.chiu@linaro.org> (QEMU)
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

core: correct TA virtual address mapping calculation

Correct the TA virtual address mapping calculation to properly support TA's more than 1Mb in size.

Reviewed-by: Jens Wiklander <jens.wiklander@l

core: correct TA virtual address mapping calculation

Correct the TA virtual address mapping calculation to properly support TA's more than 1Mb in size.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU platform)

Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)

Signed-off-by: Paul Swan <paswan@microsoft.com>

show more ...

Remove core_serviceid.h file

This file contains many legacy defines, which are not used anymore.
The only used services are linked to l2cc configuration. These
services are now replaced by dedicated

Remove core_serviceid.h file

This file contains many legacy defines, which are not used anymore.
The only used services are linked to l2cc configuration. These
services are now replaced by dedicated functions
tee_get_l2cc_mutex(), tee_set_l2cc_mutex(), tee_enable_l2cc_mutex()
and tee_disable_l2cc_mutex()

Signed-off-by: Pascal Brand <pascal.brand@st.com>
Reviewed-by: Etienne CARRIERE <etienne.carriere@st.com>
Reviewed-by: Jean-Michel DELORME <jean-michel.delorme@st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU platform)

show more ...

Update types in some functions

- tee_mmu_user_pa2va_helper(): padd_t instead of void *
- tee_mmu_check_access_rights(): const context
- check tee_time_get_sys_time() succeeded

Reviewed-by: Jens Wik

Update types in some functions

- tee_mmu_user_pa2va_helper(): padd_t instead of void *
- tee_mmu_check_access_rights(): const context
- check tee_time_get_sys_time() succeeded

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU)
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

arm32: Keep CPSR.E bit value

Fix the problem which CPSR's status bit may be overwritten when
resume from normal world. This problem was caused by
function init_regs which called by thread scheduler.

arm32: Keep CPSR.E bit value

Fix the problem which CPSR's status bit may be overwritten when
resume from normal world. This problem was caused by
function init_regs which called by thread scheduler.

Change-Id: I04cea2f107df25fbeab7c33f54e6557ecf9d5033
Signed-off-by: duxiaoqiang <xiaoqiang.du@linaro.org>

show more ...

Align Session handle for generic ta interface entry

TEE session handle is now used by all tee_dispatch_xx
function. uint32_t type ID parameter has be removed for
the tee_dispatch_close_session() fun

Align Session handle for generic ta interface entry

TEE session handle is now used by all tee_dispatch_xx
function. uint32_t type ID parameter has be removed for
the tee_dispatch_close_session() function.

Signed-off-by: Jean-Michel Delorme <jean-michel.delorme@st.com>
Reviewed-by: Pascal BRAND <pascal.brand@st.com>
Reviewed-by: Etienne CARRIERE <etienne.carriere@st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)

show more ...

arm64: SHA-224/SHA-256 using ARMv8-A cryptographic extensions

Import SHA-2 assembly code from the Linux kernel (linaro contribution).
Enabled with CFG_CRYPTO_SHA256_ARM64_CE=y, set by default on HiK

arm64: SHA-224/SHA-256 using ARMv8-A cryptographic extensions

Import SHA-2 assembly code from the Linux kernel (linaro contribution).
Enabled with CFG_CRYPTO_SHA256_ARM64_CE=y, set by default on HiKey.
Performance gains compared to the C implementation are as follows
(sha-perf results for SHA-256 on HiKey in MiB/s):

Size | Accelerated?
(KiB) | No Yes
------+-------------
1 | 11.4 18.3
2 | 16.8 35.6
4 | 21.8 66.8
8 | 25.7 118.9
16 | 28.3 195.5
32 | 29.7 289.7
64 | 30.5 383.3
128 | 30.9 456.9
256 | 31.2 505.3
384 | 31.2 520.7

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

arm64: SHA-1 using ARMv8-A cryptographic extensions

- LibTomCrypt: add a new macro, HASH_PROCESS_NBLOCKS, similar to
HASH_PROCESS but accepts a function that digests n blocks of data, not
just 1.
-

arm64: SHA-1 using ARMv8-A cryptographic extensions

- LibTomCrypt: add a new macro, HASH_PROCESS_NBLOCKS, similar to
HASH_PROCESS but accepts a function that digests n blocks of data, not
just 1.
- Import sha1_ce_transform() from the Linux kernel (Linaro contribution)
which implements the main SHA-1 transform in assembler using the ARMv-8
cryptographic extensions.
- Acceleration is enabled by setting CFG_CRYPTO_SHA1_ARM64_CE=y (this
is the default when PLATFORM=hikey).

Performance was compared to the plain C version using sha-perf
(https://github.com/linaro-swg/sha-perf.git). Average hashing speed on
HiKey is (MiB/s):

Size | Accelerated?
(KiB) | No Yes
------+-------------
1 | 12.3 18.4
2 | 18.6 35.6
4 | 24.9 66.9
8 | 29.9 118.0
16 | 33.3 192.9
32 | 35.3 282.6
64 | 36.4 369.6
128 | 37.0 436.4
256 | 37.3 479.9
384 | 37.4 494.4

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

arm: mm: v7 panic when device's va conflicts with TA address space

If mm->va is smaller than 32M, then mm->va will conflict with
user TA address space. This mapping will be overridden/hidden
later w

arm: mm: v7 panic when device's va conflicts with TA address space

If mm->va is smaller than 32M, then mm->va will conflict with
user TA address space. This mapping will be overridden/hidden
later when a user TA is loaded since these low addresses are
used as TA virtual address space.

Some SoCs have devices at low addresses, so we need to map at
least those devices at a virtual address which isn't the same
as the physical.

TODO: support mapping devices at a virtual address which isn't
the same as the physical address.

Signed-off-by: Peng Fan <van.freenix@gmail.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU platform)

show more ...

arm: mm: lpae use XLAT_ENTRY_SIZE to replace sizeof(uint64_t)

Use XLAT_ENTRY_SIZE to replace sizeof(uint64_t). XLAT_ENTRY_SIZE is
better than sizeof(uint64_t), although they have same value.

Signed

arm: mm: lpae use XLAT_ENTRY_SIZE to replace sizeof(uint64_t)

Use XLAT_ENTRY_SIZE to replace sizeof(uint64_t). XLAT_ENTRY_SIZE is
better than sizeof(uint64_t), although they have same value.

Signed-off-by: Peng Fan <van.freenix@gmail.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU platform)

show more ...

arm: mm: lpae clear mmu table when initialization

Clear the tables when initialization to avoid junk data which
may crash system when setting ttbrx.

To ARMv7, non-lpae, this commit 'bc4de3134468a4b

arm: mm: lpae clear mmu table when initialization

Clear the tables when initialization to avoid junk data which
may crash system when setting ttbrx.

To ARMv7, non-lpae, this commit 'bc4de3134468a4b1760e6fd5cf09377bf7a7e7c3'
fix an issue when setting ttbr0 which crash system, because of junk data
in table.

This patch is to fix such issue.

Signed-off-by: Peng Fan <van.freenix@gmail.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU platform)

show more ...

ECC: optimize the pool of temporary variables

ECC is using a lot (80) temporary variables. These variables
are taken from a static pool, each being of the maximum key size
supported in OP-TEE: 4096b

ECC: optimize the pool of temporary variables

ECC is using a lot (80) temporary variables. These variables
are taken from a static pool, each being of the maximum key size
supported in OP-TEE: 4096bits, times 2 to include
wrapping multiplication in temporary computation.

With the introduction of being able to get temporary variables
of a given size, the current patch optimize the use of the variables
in case of ECC.

Thanks to this patch, the number of temporary variables is back to 50,
and the emulated esram size (QEMU / FVP / HiKey) is back to 200KB.

Note that further optimization can be performed, for ECC and also
for other algorithms (RSA,...).

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU platform)
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

Build for PLATFORM=vexpress-qemu_virt by default

Also, for STM platforms, set CROSS_COMPILE=arm-linux-gnueabihf-
by default (which is a more standard prefix for the 32-bit
compiler).

Signed-off-by:

Build for PLATFORM=vexpress-qemu_virt by default

Also, for STM platforms, set CROSS_COMPILE=arm-linux-gnueabihf-
by default (which is a more standard prefix for the 32-bit
compiler).

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

arm32 core_mmu_v7.c: bugfix map_page_memarea()

Fixes the problem that some page entries can not be mapped in
map_page_memarea().

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by

arm32 core_mmu_v7.c: bugfix map_page_memarea()

Fixes the problem that some page entries can not be mapped in
map_page_memarea().

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Signed-off-by: Xiaoqiang Du <xiaoqiang.du@linaro.org>

show more ...

Align __start_ta_head_section on 8-byte boundary

Fixes an issue on 64-bit HiKey when running the self-tests of
https://github.com/OP-TEE/optee_os/pull/371. The tests would pass
when CFG_TEE_CORE_LOG

Align __start_ta_head_section on 8-byte boundary

Fixes an issue on 64-bit HiKey when running the self-tests of
https://github.com/OP-TEE/optee_os/pull/371. The tests would pass
when CFG_TEE_CORE_LOG_LEVEL=2 but fail with static TA not found
when log level is 3.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ECC: sign and self tests, at crypto_ops level

Note that in case of pager, the emulated esram size
has been increased from 200KB to 256KB.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Rev

ECC: sign and self tests, at crypto_ops level

Note that in case of pager, the emulated esram size
has been increased from 200KB to 256KB.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey 32 & 64-bit)
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey with pager)
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU platform)
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

arm64: AES using ARMv8-A cryptographic extensions

Adds AES acceleration to LibTomCrypt when CFG_CRYPTO_AES_ARM64_CE=y.

This commit implements an ltc_cipher_descriptor with accelerated
encryption an

arm64: AES using ARMv8-A cryptographic extensions

Adds AES acceleration to LibTomCrypt when CFG_CRYPTO_AES_ARM64_CE=y.

This commit implements an ltc_cipher_descriptor with accelerated
encryption and decryption for AES modes: ECB, CBC and CTR.
XTS will also benefit from CE acceleration since it relies on
ecb_encrypt() and ecb_decrypt(), but it may be beneficial to later
add multiple-blocks XTS operations to the descriptor.

The ARMv8 CE assembler code comes from the Linux kernel:
arch/arm64/crypto/{aes-modes.S,aes-ce.S,aes-ce-cipher.c}.

Tested on HiKey. CE code was benchmarked against plain C code using
the test application at http://github.com/linaro-swg/aes-perf.git.
A Trusted Application is invoked to encrypt a buffer of a given
size using TEE_CipherUpdate(). The client application measures the
time it takes for TEEC_InvokeCommand() to execute. The throughput
values below are computed from the average time it takes to encrypt
one buffer of the specified size. '+' after a mode means accelerated
with crypto extensions.

Average encryption speed (MiB/s):

Size | Mode
(KiB) | ECB CBC CTR XTS ECB+ CBC+ CTR+ XTS+
------+--------------------------------------------------
1 | 11.8 10.6 10.2 9.2 23.7 23.2 23.5 13.0
2 | 15.6 13.5 12.8 11.7 46.4 44.9 45.7 18.3
4 | 18.6 15.8 14.8 13.6 89.4 84.1 87.5 23.0
8 | 20.6 17.2 16.1 14.7 165.4 148.1 159.3 26.3
16 | 21.8 17.9 16.8 15.4 292.3 240.2 272.2 28.4
32 | 22.4 18.4 17.1 15.8 470.4 351.9 422.2 29.6
64 | 22.8 18.6 17.3 16.0 684.6 461.6 585.0 30.3
128 | 23.0 18.7 17.4 16.1 884.2 546.6 726.5 30.6

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>

show more ...

core: mm: fix adding integer overflow issue

On ARMv7 platform, it is easy that "base + size" wraps down to 0.
For example, base is 0xfc100000, size is 0x3f00000, then base + size is 0.
We should use

core: mm: fix adding integer overflow issue

On ARMv7 platform, it is easy that "base + size" wraps down to 0.
For example, base is 0xfc100000, size is 0x3f00000, then base + size is 0.
We should use the "end" address to do the comparation, but not "end + 1".

This patch also can be used for ARMv8.

Signed-off-by: Peng Fan <van.freenix@gmail.com>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU platform)
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey 32/64-bit)

show more ...

core: preallocate RPC argument

Preallocates an RPC argument structure when starting a new thread. Since
a thread can only have one active RPC at a time it's enough to allocate
one RPC argument for a

core: preallocate RPC argument

Preallocates an RPC argument structure when starting a new thread. Since
a thread can only have one active RPC at a time it's enough to allocate
one RPC argument for all RPC during the lifetime of the thread. The
preallocated RPC argument is used internally by thread_rpc_cmd(). This
simplifies all calls to thread_rpc_cmd().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

arm32: core_mmu_v7 clear tbl_info.table before use

Clear tlb_info.table before use, because there maybe junk
data in this area. If not, system may crash when setting
ttbr0 as following:
core_mmu_se

arm32: core_mmu_v7 clear tbl_info.table before use

Clear tlb_info.table before use, because there maybe junk
data in this area. If not, system may crash when setting
ttbr0 as following:
core_mmu_set_user_map->write_ttbr0(map->ttbr0);

Signed-off-by: Peng Fan <van.freenix@gmail.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

arm64: rewrite register access functions with macros

Reduces code duplication.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

arm64: rewrite register access functions with macros

Reduces code duplication.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

arm: fixes FIQ problem with pager enabled

Fixes occasional FIQ problem when pager is enabled.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@lin

arm: fixes FIQ problem with pager enabled

Fixes occasional FIQ problem when pager is enabled.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (Juno, qemu)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

arm64: add support for NEON/VFP in TEE core (CFG_WITH_VFP=y)

Implements the state preservation functions for the Advanced SIMD and
floating-point registers on AArch64. This is required to run floati

arm64: add support for NEON/VFP in TEE core (CFG_WITH_VFP=y)

Implements the state preservation functions for the Advanced SIMD and
floating-point registers on AArch64. This is required to run floating-
point, Advanced SIMD (a.k.a. NEON), or Cryptographic Extension
instructions in the TEE core.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

Remove unused function vfp_is_vpfinstr()

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand

Remove unused function vfp_is_vpfinstr()

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

Move fail recovery logic to tee_fs_common.c

This patch tries to move REE filesystem operations to a common
file (tee_fs_common.c), and let tee_enc_fs.c concentrated on file
encryption and authentica

Move fail recovery logic to tee_fs_common.c

This patch tries to move REE filesystem operations to a common
file (tee_fs_common.c), and let tee_enc_fs.c concentrated on file
encryption and authentications.

For the atomic file operation (rollback to previous commit if operation
failed), it can be handled in the common file. Both tee_fs.c and
tee_enc_fs.c replied on tee_fs_common.c, thus both of them can gain
atomicy property.

Signed-off-by: SY Chiu <sy.chiu@linaro.org>
Tested-by: SY Chiu <sy.chiu@linaro.org> (QEMU)
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...