core: arm32_macros.S: add {read,write}_tpidrprw

Adds the assembly macros write_tpidrprw and read_tpidrprw to access the
TPIDRPRW register.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org

core: arm32_macros.S: add {read,write}_tpidrprw

Adds the assembly macros write_tpidrprw and read_tpidrprw to access the
TPIDRPRW register.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm32: sm: invalidate branch predictor

If build with secure monitor and CFG_CORE_WORKAROUND_SPECTRE_BP=y
invalidate branch predictor on non-secure entry.

Fixes CVE-2017-5715

Reviewed-by: Jer

core: arm32: sm: invalidate branch predictor

If build with secure monitor and CFG_CORE_WORKAROUND_SPECTRE_BP=y
invalidate branch predictor on non-secure entry.

Fixes CVE-2017-5715

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: thread.h: reorder struct thread_core_local

Reorders elements in struct thread_core_local to make sure that:
uint32_t r[2];
is double word (8) aligned for ARM32 since the strd instruction
somet

core: thread.h: reorder struct thread_core_local

Reorders elements in struct thread_core_local to make sure that:
uint32_t r[2];
is double word (8) aligned for ARM32 since the strd instruction
sometimes is used to write to that element.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: thread_a32.S: remove useless .section

Removes the useless .section .text.thread_asm

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@l

core: thread_a32.S: remove useless .section

Removes the useless .section .text.thread_asm

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm64: treat size fault as translation fault

AArch64 is very specific regarding different data/prefetch exceptions.
With this patch recognize Address Size faults and treat them as
translation

core: arm64: treat size fault as translation fault

AArch64 is very specific regarding different data/prefetch exceptions.
With this patch recognize Address Size faults and treat them as
translation faults.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: pgt: bugfix pop_from_some_list()

Prior to this patch pgt obtained with pop_least_used_from_cache_list()
in pop_from_some_list() wasn't cleared properly. Only entries used for
paging was clear.

core: pgt: bugfix pop_from_some_list()

Prior to this patch pgt obtained with pop_least_used_from_cache_list()
in pop_from_some_list() wasn't cleared properly. Only entries used for
paging was clear. With this patch the entire pgt is cleared to cover
eventual entries not used for paging.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

poplar: Add initial support

Signed-off-by: Victor Chong <victor.chong@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

trace: make output more compact

The new format for traces are:
<type>/<where>:<thread_id> [<func:line>] <message>

<type>:
D = DEBUG
E = ERROR
I = INFO
F = FLOW

<where>:
TA = Trusted Ap

trace: make output more compact

The new format for traces are:
<type>/<where>:<thread_id> [<func:line>] <message>

<type>:
D = DEBUG
E = ERROR
I = INFO
F = FLOW

<where>:
TA = Trusted Application
TC = TEE Core

I.e, it outputs messages like this:
D/TC:00 ta_load:316 ELF load address 0x101000
etc

Thread ID will either take a single or two digits depending on the
number of threads in use.

Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

tee_mm.c: fix includes section

- Remove double #include <mm/tee_mm.h>
- Put includes into alphabetical order

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Etienne Carrier

tee_mm.c: fix includes section

- Remove double #include <mm/tee_mm.h>
- Put includes into alphabetical order

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add management pseudo TA for secstor TAs

Adds a pseudo TA for management of Trusted Applications and Security
Domains. The pseudo TA only provides a minimal interface, a more
advanced interfac

core: add management pseudo TA for secstor TAs

Adds a pseudo TA for management of Trusted Applications and Security
Domains. The pseudo TA only provides a minimal interface, a more
advanced interface is supposed to be provided by a user TA using this
pseudo TA. Such a TA could for instance implement Global Platforms TEE
Management Framework or OTrP.

The management TA currently only supports installing bootstrap packaged
TAs in secure storage.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add ta storage based on tadb

Adds ta storage based on tadb. The TAs has to be installed in tadb
before they can be loaded.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by:

core: add ta storage based on tadb

Adds ta storage based on tadb. The TAs has to be installed in tadb
before they can be loaded.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ree fs ta store: support bootstrap TA format

Adds support for the new bootstrap TA format to the REE FS TA storage.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jerome

core: ree fs ta store: support bootstrap TA format

Adds support for the new bootstrap TA format to the REE FS TA storage.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ree fs ta store: use new shdr_*() helpers

Uses the new shdr_*() helper functions to verify a signed header.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jerome Forissi

core: ree fs ta store: use new shdr_*() helpers

Uses the new shdr_*() helper functions to verify a signed header.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: imx: add i.MX6SX Sabreauto support

Add i.MX6SX Sabreauto support.

Signed-off-by: Peng Fan <peng.fan@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander

core: imx: add i.MX6SX Sabreauto support

Add i.MX6SX Sabreauto support.

Signed-off-by: Peng Fan <peng.fan@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add negative tests for htree

Adds negative test for htree.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-

core: add negative tests for htree

Adds negative test for htree.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: pager: use new aes-gcm implementation

Pager switches to use the new internal accelerated AES-GCM
implementation instead of the old software only implementation.

Reviewed-by: Jerome Forissier

core: pager: use new aes-gcm implementation

Pager switches to use the new internal accelerated AES-GCM
implementation instead of the old software only implementation.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU, Hikey)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto: AES-GCM: separate encryption key

Separates the AES (CTR) encryption key from the rest of the context
to allow more efficient key handling.

Acked-by: Jerome Forissier <jerome.forissier

core: crypto: AES-GCM: separate encryption key

Separates the AES (CTR) encryption key from the rest of the context
to allow more efficient key handling.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm64: crypto: AES-GCM: add internal key expansion

Adds internal encryption key expansion when internal AES-GCM uses AES
crypto extensions. This avoids a dependency on the crypto library to us

core: arm64: crypto: AES-GCM: add internal key expansion

Adds internal encryption key expansion when internal AES-GCM uses AES
crypto extensions. This avoids a dependency on the crypto library to use
the same endian on the expanded encryption key.

Copies code from core/lib/libtomcrypt/src/ciphers/ aes_armv8a_ce.c and
aes_modes_armv8a_ce_a64.S and makes some small changes to make it fit
in the new place.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto: AES-GCM: remove tomcrypt.h dependency

Removes tomcrypt.h dependency by replacing the "symmetric_key skey"
field in struct internal_aes_gcm_ctx with a raw key. Replaces calls to
the LTC

core: crypto: AES-GCM: remove tomcrypt.h dependency

Removes tomcrypt.h dependency by replacing the "symmetric_key skey"
field in struct internal_aes_gcm_ctx with a raw key. Replaces calls to
the LTC functions aes_setup() and aes_ecb_encrypt() with calls to
crypto_aes_expand_enc_key() and crypto_aes_enc_block() respectively.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm32: enable NEON with .fpu directive rather than compile flag

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (QEMU CF

core: arm32: enable NEON with .fpu directive rather than compile flag

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (QEMU CFG_WITH_VFP=y)
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960 AArch32 {,pager})
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Remove useless .section directive

The FUNC macro has a .section so any previous occurrence is useless.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jen

Remove useless .section directive

The FUNC macro has a .section so any previous occurrence is useless.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Use -mfpu-neon for assembly files in TEE core only

Some platforms set arm32-platform-aflags += -mfpu-neon, which causes
NEON to be selected when building any assembly files. TEE core, user-mode
libr

Use -mfpu-neon for assembly files in TEE core only

Some platforms set arm32-platform-aflags += -mfpu-neon, which causes
NEON to be selected when building any assembly files. TEE core, user-mode
libraries and TAs are all affected by this setting.

This is most likely incorrect because user-mode libraries do not use
NEON instructions (only some core files do). And, it does not make much
sense to set it by default for TAs either.

So, core_arm32-platform-aflags should be set instead.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: fix potential double free in ta_open()

ta_open() relies on the local variable shdr to be NULL unless it's a valid
pointer. alloc_and_copy_shdr() can in one code path update shdr and then
free

core: fix potential double free in ta_open()

ta_open() relies on the local variable shdr to be NULL unless it's a valid
pointer. alloc_and_copy_shdr() can in one code path update shdr and then
free it before returning.

The fix is in alloc_and_copy_shdr() to only set the returned shdr once
the pointer is to be returned.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Fixes: https://github.com/OP-TEE/optee_os/issues/1968
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: GET_OS_REVISION: return SHA1 of current Git commit

When processing an OPTEE_SMC_CALL_GET_OS_REVISION request, return the
abbreviated SHA1 of the current Git commit as the third parameter (a2).

core: GET_OS_REVISION: return SHA1 of current Git commit

When processing an OPTEE_SMC_CALL_GET_OS_REVISION request, return the
abbreviated SHA1 of the current Git commit as the third parameter (a2).

If the SHA1 cannot be determined or CFG_OS_REV_REPORTS_GIT_SHA1 is
disabled, set a2 to zero meaning "not specified".

This allows the TEE driver to report more precise information about the
TEE at probe time.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: GET_OS_REVISION: document a2 as a build identifier

In the OPTEE_SMC_CALL_GET_OS_REVISION request, the previously reserved
parameter a2 is now documented as being an optional build identif

core: arm: GET_OS_REVISION: document a2 as a build identifier

In the OPTEE_SMC_CALL_GET_OS_REVISION request, the previously reserved
parameter a2 is now documented as being an optional build identifier
(such as an SCM revision or commit ID, for instance).

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...