crypto - OpenGrok history log for /optee

Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
e7b17391	24-Jan-2023	Clement Faure <clement.faure@nxp.com>	core: crypto_api: remove unused includes Remove unused includes from the crypto API. Signed-off-by: Clement Faure <clement.faure@nxp.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> core: crypto_api: remove unused includes Remove unused includes from the crypto API. Signed-off-by: Clement Faure <clement.faure@nxp.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... crypto_api/acipher/ecc.c crypto_api/cipher/cipher.c crypto_api/hash/hash.c
1bd5ecaf	24-Jan-2023	Clement Faure <clement.faure@nxp.com>	drivers: caam: remove unused includes Remove unused includes from the CAAM driver. Signed-off-by: Clement Faure <clement.faure@nxp.com> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Acke drivers: caam: remove unused includes Remove unused includes from the CAAM driver. Signed-off-by: Clement Faure <clement.faure@nxp.com> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/plat-imx/main.c caam/acipher/caam_math.c caam/utils/utils_delay.c
3cd271a4	24-Jan-2023	Clement Faure <clement.faure@nxp.com>	core: crypto_api: fix malloc() allocation check Coverity reports a CERT-C ERR33-C coding violation on EM.data pointer for not being checked right after malloc() call. This is a false positive error core: crypto_api: fix malloc() allocation check Coverity reports a CERT-C ERR33-C coding violation on EM.data pointer for not being checked right after malloc() call. This is a false positive error since EM.data value is checked along EM_gen.data value later. Check EM.data and EM_gen.data values separately to make Coverity happy. Signed-off-by: Clement Faure <clement.faure@nxp.com> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/dts/at91-sama5d27_wlsom1.dtsi /optee_os/core/arch/arm/dts/at91-sama5d27_wlsom1_ek.dts /optee_os/core/arch/arm/include/kernel/stmm_sp.h /optee_os/core/arch/arm/kernel/stmm_sp.c /optee_os/core/arch/arm/plat-sam/conf.mk /optee_os/core/arch/arm/plat-sam/platform_config.h /optee_os/core/arch/riscv/include/kernel/stmm_sp.h crypto_api/acipher/rsassa.c /optee_os/core/pta/device.c
530f76bb	24-Jan-2023	Jorge Ramirez-Ortiz <jorge@foundries.io>	drivers: crypto: se050: increase DER signature buffer In order to support P-521 (132 byte {r,s} pairs), the buffer storing the DER signature must be large enough. Signed-off-by: Jorge Ramirez-Ortiz drivers: crypto: se050: increase DER signature buffer In order to support P-521 (132 byte {r,s} pairs), the buffer storing the DER signature must be large enough. Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Acked-by: Jerome Forissier <jerome.forissier@linaro.org> show more ... /optee_os/.github/workflows/ci.yml se050/core/ecc.c
5abb46e2	23-Jan-2023	Jorge Ramirez-Ortiz <jorge@foundries.io>	crypto: drivers: se050: fix generation of oid values Converting the OID watermarked value (8 bytes) to a bignum removes the first byte if this is different than zero. The failing case observed the crypto: drivers: se050: fix generation of oid values Converting the OID watermarked value (8 bytes) to a bignum removes the first byte if this is different than zero. The failing case observed the value 0x57.72.15.66.1a.f2.9d.00 being retrieved as 0x57.72.15.66.1a.f2.9d after having been transformed into a bignum and back to its original binary value. This will cause cryptographic operations to fail as the secured keys and objects become not addressable. Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Acked-by: Jerome Forissier <jerome.forissier@linaro.org> show more ... /optee_os/.github/workflows/ci.yml /optee_os/CHANGELOG.md /optee_os/MAINTAINERS /optee_os/Makefile /optee_os/core/arch/arm/include/kernel/arch_scall.h /optee_os/core/arch/arm/include/kernel/thread_arch.h /optee_os/core/arch/arm/include/kernel/thread_private_arch.h /optee_os/core/arch/arm/kernel/arch_scall.c /optee_os/core/arch/arm/kernel/arch_scall_a32.S /optee_os/core/arch/arm/kernel/arch_scall_a64.S /optee_os/core/arch/arm/kernel/asm-defines.c /optee_os/core/arch/arm/kernel/ldelf_loader.c /optee_os/core/arch/arm/kernel/secure_partition.c /optee_os/core/arch/arm/kernel/stmm_sp.c /optee_os/core/arch/arm/kernel/sub.mk /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/kernel/thread_a32.S /optee_os/core/arch/arm/kernel/thread_a64.S /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-k3/platform_config.h /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/main.c /optee_os/core/arch/arm/plat-versal/conf.mk /optee_os/core/arch/arm/plat-versal/main.c /optee_os/core/arch/arm/plat-versal/platform_config.h /optee_os/core/arch/arm/tee/sub.mk /optee_os/core/arch/riscv/include/kernel/thread_arch.h /optee_os/core/arch/riscv/kernel/boot.c /optee_os/core/arch/riscv/kernel/entry.S /optee_os/core/arch/riscv/kernel/sub.mk se050/adaptors/utils/utils.c /optee_os/core/drivers/sub.mk /optee_os/core/drivers/versal_huk.c /optee_os/core/include/drivers/clk_dt.h /optee_os/core/include/kernel/dt_driver.h /optee_os/core/include/kernel/scall.h /optee_os/core/include/kernel/ts_manager.h /optee_os/core/kernel/scall.c /optee_os/core/kernel/sub.mk /optee_os/core/kernel/tee_ta_manager.c /optee_os/core/kernel/user_ta.c /optee_os/core/pta/imx/digprog.c /optee_os/core/pta/imx/ocotp.c /optee_os/core/pta/imx/sub.mk /optee_os/core/pta/sub.mk /optee_os/lib/libutee/include/pta_imx_digprog.h /optee_os/lib/libutee/include/pta_imx_ocotp.h /optee_os/lib/libutee/include/pta_stm32mp_bsec.h /optee_os/lib/libutils/ext/arch/riscv/atomic_rv.S /optee_os/lib/libutils/ext/arch/riscv/sub.mk /optee_os/mk/config.mk
c36f205e	17-Jan-2023	Jorge Ramirez-Ortiz <jorge@foundries.io>	crypto: se050: update policies Certain devices (depending on the applet) will use the common policies for the object's read/write permissions. This commit makes sure both are supported. Signed-off crypto: se050: update policies Certain devices (depending on the applet) will use the common policies for the object's read/write permissions. This commit makes sure both are supported. Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/.github/workflows/ci.yml /optee_os/core/arch/arm/crypto/sha512_armv8a_ce.c /optee_os/core/arch/arm/crypto/sha512_armv8a_ce_a64.S /optee_os/core/arch/arm/crypto/sm3_armv8a_ce.c /optee_os/core/arch/arm/crypto/sm3_armv8a_ce_a64.S /optee_os/core/arch/arm/crypto/sub.mk /optee_os/core/arch/arm/dts/stm32mp135f-dk.dts /optee_os/core/arch/arm/include/kernel/delay_arch.h /optee_os/core/arch/arm/include/scmi/scmi_server.h /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/kernel/secure_partition.c /optee_os/core/arch/arm/kernel/sub.mk /optee_os/core/arch/arm/plat-mediatek/conf.mk /optee_os/core/arch/arm/plat-mediatek/platform_config.h /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/main.c /optee_os/core/arch/arm/plat-stm32mp1/platform_config.h /optee_os/core/arch/arm/plat-stm32mp1/scmi_server.c /optee_os/core/arch/arm/plat-vexpress/conf.mk /optee_os/core/arch/arm/tee/entry_fast.c /optee_os/core/arch/riscv/include/kernel/clint.h /optee_os/core/arch/riscv/include/kernel/delay_arch.h /optee_os/core/arch/riscv/include/kernel/time.h /optee_os/core/arch/riscv/kernel/kern.ld.S /optee_os/core/arch/riscv/kernel/link.mk /optee_os/core/arch/riscv/kernel/sub.mk /optee_os/core/arch/riscv/kernel/tee_time_rdtime.c /optee_os/core/arch/riscv/plat-spike/conf.mk /optee_os/core/arch/riscv/plat-virt/conf.mk /optee_os/core/arch/riscv/plat-virt/main.c /optee_os/core/arch/riscv/plat-virt/platform_config.h /optee_os/core/arch/riscv/plat-virt/sub.mk /optee_os/core/arch/riscv/riscv.mk /optee_os/core/arch/riscv/tee/sub.mk /optee_os/core/core.mk /optee_os/core/crypto.mk /optee_os/core/crypto/sm3.c /optee_os/core/drivers/clk/clk.c se050/adaptors/apis/sss.c /optee_os/core/drivers/rstctrl/rstctrl.c /optee_os/core/drivers/stm32_bsec.c /optee_os/core/drivers/stm32mp15_huk.c /optee_os/core/include/crypto/crypto_accel.h /optee_os/core/include/drivers/clk.h /optee_os/core/include/drivers/rstctrl.h /optee_os/core/include/drivers/stm32_bsec.h /optee_os/core/include/kernel/delay.h /optee_os/core/include/kernel/dt_driver.h /optee_os/core/kernel/delay.c /optee_os/core/kernel/dt_driver.c /optee_os/core/kernel/notif.c /optee_os/core/kernel/otp_stubs.c /optee_os/core/kernel/sub.mk /optee_os/core/kernel/tee_time.c /optee_os/core/kernel/tee_time_ree.c /optee_os/core/lib/libtomcrypt/ecc.c /optee_os/core/lib/libtomcrypt/sha512_accel.c /optee_os/core/lib/libtomcrypt/src/hashes/sha2/sub.mk /optee_os/core/lib/libtomcrypt/sub.mk /optee_os/core/lib/scmi-server/conf-optee-fvp.mk /optee_os/core/lib/scmi-server/conf-optee-stm32mp1.mk /optee_os/core/lib/scmi-server/conf.mk /optee_os/core/lib/scmi-server/include/optee_scmi.h /optee_os/core/lib/scmi-server/scmi_server.c /optee_os/core/lib/scmi-server/sub-optee-fvp.mk /optee_os/core/lib/scmi-server/sub-optee-stm32mp1.mk /optee_os/core/lib/scmi-server/sub.mk /optee_os/core/pta/scmi.c /optee_os/lib/libmbedtls/core/hash.c /optee_os/lib/libmbedtls/include/mbedtls_config_kernel.h /optee_os/lib/libutee/arch/riscv/sub.mk /optee_os/lib/libutee/arch/riscv/utee_syscalls_rv.S /optee_os/lib/libutee/include/pta_scmi_client.h /optee_os/lib/libutils/ext/include/config.h /optee_os/lib/libutils/isoc/arch/riscv/setjmp_rv.S /optee_os/lib/libutils/isoc/arch/riscv/sub.mk /optee_os/lib/libutils/isoc/bget_malloc.c /optee_os/lib/libutils/isoc/include/assert.h /optee_os/lib/libutils/isoc/include/setjmp.h /optee_os/mk/config.mk
00b7e9c7	03-Jan-2023	Jorge Ramirez-Ortiz <jorge@foundries.io>	crypto: se050: fix typo in information message The SCP03 "built-in" keys were incorrectly being reported to the console as a nonsensical "build-int". Signed-off-by: Jorge Ramirez-Ortiz <jorge@found crypto: se050: fix typo in information message The SCP03 "built-in" keys were incorrectly being reported to the console as a nonsensical "build-int". Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... se050/adaptors/utils/scp_config.c
39100dea	12-Dec-2022	Jorge Ramirez-Ortiz <jorge@foundries.io>	crypto: se050: fix build warning When the configured logging level does not output IMSG, the static function get_scp03_ksrc_name() is not called. This causes a function unused warning which might l crypto: se050: fix build warning When the configured logging level does not output IMSG, the static function get_scp03_ksrc_name() is not called. This causes a function unused warning which might lead to a build error. Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... /optee_os/.github/workflows/ci.yml se050/adaptors/utils/scp_config.c
6cc77cdd	08-Dec-2022	Jorge Ramirez-Ortiz <jorge@foundries.io>	crypto: drivers: se050-f: ecc: can fallback to softw-ops The SE050-F device can select to fallback to specific unsupported operations. This allows xtests to run to completion without errors. Signe crypto: drivers: se050-f: ecc: can fallback to softw-ops The SE050-F device can select to fallback to specific unsupported operations. This allows xtests to run to completion without errors. Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... se050/core/ecc.c
58986cdf	12-Dec-2022	Jorge Ramirez-Ortiz <jorge@foundries.io>	crypto: drivers: se050-f: rsa: can fallback to softw-ops The SE050-F device can select to fallback to specific unsupported operations. This allows xtests to run to completion without errors. Signe crypto: drivers: se050-f: rsa: can fallback to softw-ops The SE050-F device can select to fallback to specific unsupported operations. This allows xtests to run to completion without errors. Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... se050/core/rsa.c
d8eed0c1	08-Dec-2022	Jorge Ramirez-Ortiz <jorge@foundries.io>	crypto: drivers: se050: ecc: fallback to softw-ops Operations that require a public key might fallback to a software based implementation. Operations that require a private key might fallback to a crypto: drivers: se050: ecc: fallback to softw-ops Operations that require a public key might fallback to a software based implementation. Operations that require a private key might fallback to a software based implementation as long as the private key is not in the secure element. Use CFG_NXP_SE05X_ECC_DRV_FALLBACK to enable this feature. Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... se050/core/ecc.c se050/crypto.mk
a40be7eb	08-Dec-2022	Jorge Ramirez-Ortiz <jorge@foundries.io>	crypto: drivers: se050: rsa: fallback to softw-ops Operations that require a public key might fallback to a software based implementation. Operations that require a private key might fallback to a crypto: drivers: se050: rsa: fallback to softw-ops Operations that require a public key might fallback to a software based implementation. Operations that require a private key might fallback to a software based implementation as long as the private key is not in the secure element. Use CFG_NXP_SE05X_RSA_DRV_FALLBACK to enable this feature. Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... se050/core/rsa.c se050/crypto.mk
f8dc3669	08-Dec-2022	Jorge Ramirez-Ortiz <jorge@foundries.io>	crypto: drivers: se050-f: rsa: fix support The NXP SE050-F does not support raw RSA keys, only CRT types. Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Acked-by: Jerome Forissier <jerome. crypto: drivers: se050-f: rsa: fix support The NXP SE050-F does not support raw RSA keys, only CRT types. Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... se050/core/rsa.c
73bc4c59	08-Dec-2022	Jorge Ramirez-Ortiz <jorge@foundries.io>	crypto: drivers: se050: adaptor: provide the oefid interface Not all the NXP SE05X secure elements provide the same level of cryptographic support. This interface allows runtime identification of th crypto: drivers: se050: adaptor: provide the oefid interface Not all the NXP SE05X secure elements provide the same level of cryptographic support. This interface allows runtime identification of the device under control Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... /optee_os/.github/workflows/ci.yml /optee_os/MAINTAINERS /optee_os/core/arch/arm/dts/at91-sama5d27_som1.dtsi /optee_os/core/arch/arm/dts/at91-sama5d27_som1_ek.dts /optee_os/core/arch/arm/dts/at91-sama5d2_xplained.dts /optee_os/core/arch/arm/dts/fsl-lx2160a.dtsi /optee_os/core/arch/arm/dts/sama5d2.dtsi /optee_os/core/arch/arm/dts/stm32mp131.dtsi /optee_os/core/arch/arm/dts/stm32mp135f-dk.dts /optee_os/core/arch/arm/dts/stm32mp151.dtsi /optee_os/core/arch/arm/plat-d06/conf.mk /optee_os/core/arch/arm/plat-d06/main.c /optee_os/core/arch/arm/plat-d06/platform_config.h /optee_os/core/arch/arm/plat-stm/main.c /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/main.c /optee_os/core/arch/arm/plat-stm32mp1/nsec-service/stm32mp1_smc.h /optee_os/core/arch/arm/plat-stm32mp1/platform_config.h /optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c /optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h /optee_os/core/arch/arm/plat-totalcompute/fdts/optee_sp_manifest.dts /optee_os/core/arch/arm/plat-versal/conf.mk /optee_os/core/arch/arm/plat-vexpress/main.c /optee_os/core/crypto/crypto.c /optee_os/core/crypto/sm4-xts.c /optee_os/core/crypto/sm4.c /optee_os/core/crypto/sm4.h /optee_os/core/crypto/sub.mk /optee_os/core/drivers/atmel_rstc.c /optee_os/core/drivers/atmel_shdwc.c /optee_os/core/drivers/atmel_wdt.c se050/adaptors/include/se050.h se050/adaptors/utils/scp_config.c /optee_os/core/drivers/imx_lpuart.c /optee_os/core/drivers/lpc_uart.c /optee_os/core/drivers/ls_sfp.c /optee_os/core/drivers/stm32_bsec.c /optee_os/core/drivers/sub.mk /optee_os/core/drivers/versal_pm.c /optee_os/core/drivers/versal_puf.c /optee_os/core/include/crypto/crypto_impl.h /optee_os/core/include/drivers/lpc_uart.h /optee_os/core/include/drivers/ls_sfp.h /optee_os/core/include/drivers/serial.h /optee_os/core/include/drivers/stm32_bsec.h /optee_os/core/include/drivers/versal_puf.h /optee_os/core/kernel/console.c /optee_os/core/kernel/embedded_ts.c /optee_os/core/kernel/tee_misc.c /optee_os/core/lib/libtomcrypt/ccm.c /optee_os/core/lib/libtomcrypt/mpi_desc.c /optee_os/core/lib/libtomcrypt/rsa.c /optee_os/core/pta/stm32mp/bsec_pta.c /optee_os/core/pta/stm32mp/sub.mk /optee_os/core/pta/sub.mk /optee_os/core/tee/tee_cryp_utl.c /optee_os/core/tee/tee_svc_cryp.c /optee_os/core/tee/tee_svc_storage.c /optee_os/lib/libmbedtls/include/mbedtls_config_kernel.h /optee_os/lib/libmbedtls/include/mbedtls_config_uta.h /optee_os/lib/libmbedtls/mbedtls/library/cipher_wrap.c /optee_os/lib/libutee/arch/arm/utee_syscalls_a32.S /optee_os/lib/libutee/arch/arm/utee_syscalls_a64.S /optee_os/lib/libutee/arch/riscv/sub.mk /optee_os/lib/libutee/arch/riscv/utee_syscalls_rv64.S /optee_os/lib/libutee/include/pta_stm32mp_bsec.h /optee_os/lib/libutee/include/tee_api_compat.h /optee_os/lib/libutee/include/tee_api_defines.h /optee_os/lib/libutee/include/tee_api_defines_extensions.h /optee_os/lib/libutee/include/tee_internal_api.h /optee_os/lib/libutee/include/utee_defines.h /optee_os/lib/libutee/include/utee_syscalls.h /optee_os/lib/libutee/include/utee_syscalls_asm.S /optee_os/lib/libutee/tee_api.c /optee_os/lib/libutee/tee_api_operations.c /optee_os/lib/libutils/isoc/bget_malloc.c /optee_os/lib/libutils/isoc/include/malloc.h /optee_os/mk/config.mk /optee_os/ta/mk/build-user-ta.mk /optee_os/ta/mk/ta_dev_kit.mk /optee_os/ta/pkcs11/include/pkcs11_ta.h /optee_os/ta/pkcs11/src/pkcs11_attributes.c /optee_os/ta/pkcs11/src/pkcs11_attributes.h /optee_os/ta/pkcs11/src/processing.c /optee_os/ta/pkcs11/src/processing.h /optee_os/ta/pkcs11/src/processing_asymm.c /optee_os/ta/pkcs11/src/processing_digest.c /optee_os/ta/pkcs11/src/processing_rsa.c /optee_os/ta/pkcs11/src/processing_symm.c /optee_os/ta/pkcs11/src/token_capabilities.c
4502832d	30-Nov-2022	Jorge Ramirez-Ortiz <jorge@foundries.io>	drivers: versal: SHA3-384 engine support Enable the PLM controlled SHA3-384 cryptographic engine for TEE core usage. Since the engine does not have the concept of "context", it can't provide the le drivers: versal: SHA3-384 engine support Enable the PLM controlled SHA3-384 cryptographic engine for TEE core usage. Since the engine does not have the concept of "context", it can't provide the level support required by user-space (multiple parallel contexts) hence why it is being provided just to the core. Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Reviewed-by: Nathan Menhorn <nathan.menhorn@amd.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/MAINTAINERS /optee_os/core/arch/arm/plat-versal/conf.mk /optee_os/core/crypto.mk versal/ipi.c /optee_os/core/drivers/sub.mk /optee_os/core/drivers/versal_sha3_384.c /optee_os/core/include/drivers/versal_sha3_384.h
cef8ce12	11-Nov-2022	Jorge Ramirez-Ortiz <jorge@foundries.io>	crypto: versal: RSA driver This driver uses the PLM xilsecure service to deliver RSA encryption/decryption functionality. https://github.com/Xilinx/embeddedsw Signed-off-by: Jorge Ramirez-Ortiz <j crypto: versal: RSA driver This driver uses the PLM xilsecure service to deliver RSA encryption/decryption functionality. https://github.com/Xilinx/embeddedsw Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... /optee_os/MAINTAINERS /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/kernel/entry_a32.S /optee_os/core/arch/arm/kernel/entry_a64.S /optee_os/core/core.mk versal/rsa.c versal/sub.mk /optee_os/core/include/kernel/boot.h /optee_os/lib/libutils/isoc/stack_check.c /optee_os/mk/config.mk /optee_os/ta/arch/arm/user_ta_header.c /optee_os/ta/ta.mk
49b0febc	04-Jul-2022	Jorge Ramirez-Ortiz <jorge@foundries.io>	crypto: versal: elliptic curve cryptography driver This driver uses the PLM xilsecure service to deliver ECC sign/verify functionality. Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Acked crypto: versal: elliptic curve cryptography driver This driver uses the PLM xilsecure service to deliver ECC sign/verify functionality. Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/dts/fsl-lx2160a.dtsi /optee_os/core/arch/arm/dts/stm32mp151.dtsi /optee_os/core/arch/arm/dts/stm32mp157a-dk1.dts /optee_os/core/arch/arm/dts/stm32mp157c-dk2.dts /optee_os/core/arch/arm/dts/stm32mp157c-ed1.dts /optee_os/core/arch/arm/dts/stm32mp157c-ev1.dts /optee_os/core/arch/arm/dts/stm32mp15xx-dkx.dtsi /optee_os/core/arch/arm/include/kernel/cache_helpers_arch.h /optee_os/core/arch/arm/include/kernel/misc_arch.h /optee_os/core/arch/arm/kernel/sub.mk /optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c /optee_os/core/arch/riscv/include/kernel/cache_helpers_arch.h /optee_os/core/arch/riscv/include/kernel/misc_arch.h /optee_os/core/arch/riscv/include/kernel/tee_l2cc_mutex.h /optee_os/core/arch/riscv/include/kernel/thread_arch.h /optee_os/core/arch/riscv/include/mm/core_mmu_arch.h /optee_os/core/arch/riscv/include/riscv.h /optee_os/core/arch/riscv/include/riscv_macros.S /optee_os/core/arch/riscv/include/sbi.h /optee_os/core/arch/riscv/kernel/idle.c /optee_os/core/arch/riscv/kernel/sbi.c /optee_os/core/arch/riscv/kernel/sbi_console.c /optee_os/core/arch/riscv/kernel/spinlock.S /optee_os/core/arch/riscv/kernel/sub.mk /optee_os/core/arch/riscv/kernel/tee_time.c /optee_os/core/arch/riscv/mm/sub.mk /optee_os/core/arch/riscv/mm/tlb_helpers_rv.S /optee_os/core/arch/riscv/plat-spike/conf.mk /optee_os/core/arch/riscv/plat-spike/drivers/sub.mk /optee_os/core/arch/riscv/plat-spike/main.c /optee_os/core/arch/riscv/riscv.mk /optee_os/core/crypto/signed_hdr.c versal/ecc.c versal/sub.mk /optee_os/core/include/crypto/crypto_impl.h /optee_os/core/include/kernel/cache_helpers.h /optee_os/core/include/kernel/misc.h /optee_os/core/include/tee/tee_svc_cryp.h /optee_os/core/include/tee/tee_svc_storage.h /optee_os/core/kernel/ree_fs_ta.c /optee_os/core/kernel/sub.mk /optee_os/core/kernel/trace_ext.c /optee_os/core/lib/libtomcrypt/ecc.c /optee_os/core/tee/tee_svc_cryp.c /optee_os/core/tee/tee_svc_storage.c /optee_os/ldelf/ldelf.ld.S /optee_os/ldelf/ldelf.mk /optee_os/ldelf/start_rv64.S /optee_os/ldelf/sub.mk /optee_os/ldelf/ta_elf.c /optee_os/ldelf/ta_elf_rel.c /optee_os/lib/libmbedtls/core/ecc.c /optee_os/lib/libutee/include/elf_common.h /optee_os/lib/libutee/include/tee_api.h /optee_os/lib/libutee/include/tee_internal_api.h /optee_os/lib/libutee/include/tee_ta_api.h /optee_os/lib/libutee/include/utee_syscalls.h /optee_os/lib/libutee/include/utee_types.h /optee_os/lib/libutee/tee_api_objects.c /optee_os/lib/libutee/tee_api_operations.c /optee_os/lib/libutils/ext/include/confine_array_index.h
b303be92	01-Apr-2022	Jens Wiklander <jens.wiklander@linaro.org>	drivers: crypto: add stubbed fault mitigation in crypto_acipher_rsassa_verify() Adds a stubbed fault mitigation for the drivers version of crypto_acipher_rsassa_verify). End the function with FTMN_C drivers: crypto: add stubbed fault mitigation in crypto_acipher_rsassa_verify() Adds a stubbed fault mitigation for the drivers version of crypto_acipher_rsassa_verify). End the function with FTMN_CALLEE_DONE() to record that the function was indeed called and a redundant copy of the return value. Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/MAINTAINERS /optee_os/core/arch/arm/arm.mk /optee_os/core/arch/arm/include/ffa.h /optee_os/core/arch/arm/include/kernel/secure_partition.h /optee_os/core/arch/arm/include/kernel/thread_private_arch.h /optee_os/core/arch/arm/kernel/link_dummies_paged.c /optee_os/core/arch/arm/kernel/secure_partition.c /optee_os/core/arch/arm/kernel/spmc_sp_handler.c /optee_os/core/arch/arm/kernel/stmm_sp.c /optee_os/core/arch/arm/kernel/thread_a32.S /optee_os/core/arch/arm/kernel/thread_spmc.c /optee_os/core/arch/arm/kernel/thread_spmc_a32.S /optee_os/core/arch/arm/kernel/thread_spmc_a64.S /optee_os/core/arch/arm/mm/mobj_ffa.c /optee_os/core/arch/arm/mm/sp_mem.c crypto_api/acipher/rsa.c /optee_os/core/include/drivers/stm32_gpio.h /optee_os/core/include/kernel/tee_ta_manager.h /optee_os/core/include/kernel/thread.h /optee_os/core/include/kernel/ts_manager.h /optee_os/core/kernel/tee_ta_manager.c /optee_os/core/kernel/user_ta.c /optee_os/core/lib/libtomcrypt/rsa.c /optee_os/core/lib/libtomcrypt/src/pk/pkcs1/pkcs_1_pss_decode.c /optee_os/core/lib/libtomcrypt/src/pk/rsa/rsa_verify_hash.c /optee_os/core/pta/stats.c /optee_os/core/sub.mk /optee_os/core/tests/ftmn_boot_tests.c /optee_os/core/tests/sub.mk /optee_os/lib/libmbedtls/core/rsa.c /optee_os/lib/libmbedtls/mbedtls/library/rsa.c /optee_os/lib/libutee/arch/arm/user_ta_entry.c /optee_os/lib/libutee/include/utee_types.h /optee_os/lib/libutils/ext/fault_mitigation.c /optee_os/lib/libutils/ext/include/fault_mitigation.h /optee_os/lib/libutils/ext/include/stdlib_ext.h /optee_os/lib/libutils/ext/include/string_ext.h /optee_os/lib/libutils/ext/include/types_ext.h /optee_os/lib/libutils/ext/sub.mk /optee_os/lib/libutils/isoc/bget_malloc.c /optee_os/lib/libutils/isoc/include/assert.h /optee_os/lib/libutils/isoc/include/inttypes.h /optee_os/lib/libutils/isoc/include/limits.h /optee_os/lib/libutils/isoc/include/malloc.h /optee_os/lib/libutils/isoc/include/memory.h /optee_os/lib/libutils/isoc/include/signal.h /optee_os/lib/libutils/isoc/include/stdint.h /optee_os/lib/libutils/isoc/include/stdio.h /optee_os/lib/libutils/isoc/include/stdlib.h /optee_os/lib/libutils/isoc/include/string.h /optee_os/lib/libutils/isoc/include/time.h /optee_os/lib/libutils/isoc/include/unistd.h /optee_os/lib/libutils/isoc/include/wchar.h /optee_os/mk/compile.mk /optee_os/mk/config.mk
dc23c448	20-Oct-2022	Jorge Ramirez-Ortiz <jorge@foundries.io>	crypto: versal: authentication driver This driver uses the PLM xilsecure service to deliver authentication functionality using AES-GCM. The driver currently does not handle unaligned data and lengt crypto: versal: authentication driver This driver uses the PLM xilsecure service to deliver authentication functionality using AES-GCM. The driver currently does not handle unaligned data and lengths; due to this the corresponding xtest regression test will not pass (xtest -t regression 4005 will fail). Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... /optee_os/core/arch/arm/plat-versal/conf.mk versal/authenc.c versal/ipi.c versal/sub.mk
614bc034	04-Jul-2022	Jorge Ramirez-Ortiz <jorge@foundries.io>	crypto: versal: interprocessor communication Interface to the PLM xilsecure service. Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Acked-by: Jerome Forissier <jerome.forissier@linaro.org> crypto: versal: interprocessor communication Interface to the PLM xilsecure service. Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... /optee_os/core/crypto/signed_hdr.c sub.mk versal/include/ipi.h versal/ipi.c versal/sub.mk /optee_os/core/kernel/ree_fs_ta.c
e41e74a8	10-Nov-2022	Jorge Ramirez-Ortiz <jorge@foundries.io>	crypto: se050: provision SCP03 keys on SCP03 enablement. Rotate the SCP03 keys as soon as the SCP03 communication channel is established. This can happen during boot or at a later time via normal w crypto: se050: provision SCP03 keys on SCP03 enablement. Rotate the SCP03 keys as soon as the SCP03 communication channel is established. This can happen during boot or at a later time via normal world request [1]. The rotation configuration that can be built-in in the driver allows the algorithm to rotate to a HUK based secret key or back to the factory based keys. [1] https://u-boot.readthedocs.io/en/latest/usage/cmd/scp03.html Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... se050/adaptors/apis/sss.c se050/crypto.mk
d5050d09	10-Nov-2022	Jorge Ramirez-Ortiz <jorge@foundries.io>	crypto: se050: reword configuration options Reword and add caution clauses to some of the critical configuration options in the driver. Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Acked crypto: se050: reword configuration options Reword and add caution clauses to some of the critical configuration options in the driver. Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... /optee_os/MAINTAINERS /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-zynqmp/conf.mk /optee_os/core/arch/arm/plat-zynqmp/platform_config.h se050/crypto.mk /optee_os/core/drivers/stm32mp15_huk.c /optee_os/core/tee/tee_svc.c
5ddb11a1	04-Nov-2022	Jorge Ramirez-Ortiz <jorge@foundries.io>	crypto: se050: provision SCP03 keys back factory keys This commit allows a user who might have rotated the device's SCP03 keys to reset them back to their factory settings (public). Signed-off-by: crypto: se050: provision SCP03 keys back factory keys This commit allows a user who might have rotated the device's SCP03 keys to reset them back to their factory settings (public). Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... se050/adaptors/apis/sss.c se050/crypto.mk
b54b17ab	04-Nov-2022	Jorge Ramirez-Ortiz <jorge@foundries.io>	crypto: se050: output the SCP03 security level to the console The SCP03 keys used in the secure channel have different levels of security that can change at runtime. Output the name of the one bein crypto: se050: output the SCP03 security level to the console The SCP03 keys used in the secure channel have different levels of security that can change at runtime. Output the name of the one being used to the console for informational purposes. Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/MAINTAINERS /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/plat-d06/conf.mk /optee_os/core/arch/arm/plat-d06/core_pos_a64.S /optee_os/core/arch/arm/plat-d06/main.c /optee_os/core/arch/arm/plat-d06/platform_config.h /optee_os/core/arch/arm/plat-d06/sub.mk /optee_os/core/arch/arm/plat-versal/conf.mk /optee_os/core/crypto/signed_hdr.c /optee_os/core/drivers/clk/clk_dt.c se050/adaptors/utils/scp_config.c /optee_os/core/drivers/sub.mk /optee_os/core/drivers/versal_nvm.c /optee_os/core/include/drivers/versal_nvm.h /optee_os/core/include/kernel/boot.h /optee_os/core/include/signed_hdr.h /optee_os/core/kernel/dt.c /optee_os/core/kernel/dt_driver.c /optee_os/core/kernel/ree_fs_ta.c /optee_os/core/pta/secstor_ta_mgmt.c /optee_os/mk/config.mk /optee_os/scripts/sign_encrypt.py /optee_os/ta/arch/arm/link.mk /optee_os/ta/arch/arm/link_shlib.mk
64d3c0c2	08-Sep-2022	Olivier Masse <olivier.masse@nxp.com>	plat-imx, plat-ls: replace crypto_conf.mk by common drivers/crypto/caam/crypto.mk move platform specific conf file to crypto drivers one. CFG_CRYPTO_DRIVER should be define in driver conf file inste plat-imx, plat-ls: replace crypto_conf.mk by common drivers/crypto/caam/crypto.mk move platform specific conf file to crypto drivers one. CFG_CRYPTO_DRIVER should be define in driver conf file instead of platform configuration file. Signed-off-by: Olivier Masse <olivier.masse@nxp.com> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Acked-by: Clement Faure <clement.faure@nxp.com> show more ... /optee_os/MAINTAINERS /optee_os/core/arch/arm/arm.mk /optee_os/core/arch/arm/include/arm32.h /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/mm/pgt_cache.c /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-ls/conf.mk /optee_os/core/arch/arm/plat-versal/conf.mk /optee_os/core/arch/arm/plat-zynq7k/conf.mk /optee_os/core/arch/arm/sm/sm.c /optee_os/core/drivers/atmel_piobu.c /optee_os/core/drivers/atmel_rstc.c /optee_os/core/drivers/atmel_rtc.c /optee_os/core/drivers/atmel_saic.c /optee_os/core/drivers/atmel_shdwc.c /optee_os/core/drivers/atmel_tcb.c /optee_os/core/drivers/atmel_trng.c /optee_os/core/drivers/atmel_wdt.c /optee_os/core/drivers/clk/sam/sama5d2_clk.c caam/crypto.mk /optee_os/core/drivers/imx_i2c.c /optee_os/core/drivers/imx_lpuart.c /optee_os/core/drivers/imx_rngb.c /optee_os/core/drivers/imx_uart.c /optee_os/core/drivers/imx_wdog.c /optee_os/core/drivers/ls_dspi.c /optee_os/core/drivers/ls_gpio.c /optee_os/core/drivers/ls_i2c.c /optee_os/core/drivers/ls_sec_mon.c /optee_os/core/drivers/pl011.c /optee_os/core/drivers/pm/sam/at91_pm.c /optee_os/core/drivers/serial8250_uart.c /optee_os/core/drivers/sub.mk /optee_os/core/drivers/versal_trng.c /optee_os/core/drivers/xiphera_trng.c /optee_os/core/include/kernel/dt.h /optee_os/core/kernel/dt.c /optee_os/core/mm/vm.c /optee_os/core/pta/bcm/sotp.c
1 2 3 4 5 678 9 10 >>...15