core: define plat_rng_init() as a weak alias of __plat_rng_init()

Rename the function plat_rng_init() to __plat_rng_init() and define
plat_rng_init() as a weak alias of __plat_rng_init().
This allow

core: define plat_rng_init() as a weak alias of __plat_rng_init()

Rename the function plat_rng_init() to __plat_rng_init() and define
plat_rng_init() as a weak alias of __plat_rng_init().
This allow to use the default RNG initialization in the platform
plat_rng_init() function.

Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: fix header file guard names

Fixes header file guards macro name prefix (mostly missing occurrences)
that should reflect the file base directory sub-path where applicable.

Reviewed-by: Jens Wi

core: fix header file guard names

Fixes header file guards macro name prefix (mostly missing occurrences)
that should reflect the file base directory sub-path where applicable.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: merge tee_*_get_digest_size() into a single function

Rename tee_hash_get_digest_size() to tee_alg_get_digest_size().

Change tee_alg_get_digest_size() to use new libutee macro
TEE_ALG_GET_DIGE

core: merge tee_*_get_digest_size() into a single function

Rename tee_hash_get_digest_size() to tee_alg_get_digest_size().

Change tee_alg_get_digest_size() to use new libutee macro
TEE_ALG_GET_DIGEST_SIZE.

Remove tee_mac_get_digest_size() as its functionality
is handled by tee_alg_get_digest_size() now.

Signed-off-by: Albert Schwarzkopf <a.schwarzkopf@phytec.de>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: remove algo from crypto_cipher_*()

Removes the algo parameters from all crypto_cipher_*() functions except
crypto_cipher_alloc_ctx().

tee_aes_cbc_cts_update() is moved into aes-cts.c and rena

core: remove algo from crypto_cipher_*()

Removes the algo parameters from all crypto_cipher_*() functions except
crypto_cipher_alloc_ctx().

tee_aes_cbc_cts_update() is moved into aes-cts.c and renamed to
cbc_cts_update().

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Remove get_rng_array()

Removes get_rng_array() in favor of crypto_rng_read() which always uses
the configured RNG implementation to draw random.

Reviewed-by: Jerome Forissier <jerome.forissier@lina

Remove get_rng_array()

Removes get_rng_array() in favor of crypto_rng_read() which always uses
the configured RNG implementation to draw random.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add new RNG implementation

Adds a new cryptographically secure pseudo random number generator known
as Fortuna. The implementation is based on the description in [0]. This
implementation repla

core: add new RNG implementation

Adds a new cryptographically secure pseudo random number generator known
as Fortuna. The implementation is based on the description in [0]. This
implementation replaces the implementation in LTC which was used until
now.

Gathering of entropy has been refined with crypto_rng_add_event() to
better match how entropy is added to Fortuna. A enum crypto_rng_src
identifies the source of the event. The source also controls how the
event is added. There are two options available, queue it in a circular
buffer for later processing or adding it directly to a pool. The former
option is suitable when being called from an interrupt handler or some
other place where RPC to normal world is forbidden.

plat_prng_add_jitter_entropy_norpc() is removed and
plat_prng_add_jitter_entropy() is updated to use this new entropy source
scheme.

The configuration of LTC is simplified by this, now PRNG is always drawn
via prng_mpa_desc.

plat_rng_init() takes care of initializing the PRNG in order to allow
platforms to override or enhance the Fortuna integration.

[0] Link:https://www.schneier.com/academic/paperfiles/fortuna.pdf

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Remove 'All rights reserved' from Linaro files

The text 'All rights reserved' is useless [1]. The Free Software
Foundation's REUSE Initiative best practices document [2] does not
contain these words

Remove 'All rights reserved' from Linaro files

The text 'All rights reserved' is useless [1]. The Free Software
Foundation's REUSE Initiative best practices document [2] does not
contain these words. Therefore, we can safely remove the text from the
files that are owned by Linaro.

Generated by:
spdxify.py --linaro-only --strip-arr optee_os/

Link: [1] https://en.wikipedia.org/wiki/All_rights_reserved
Link: [2] https://reuse.software/practices/
Link: [3] https://github.com/jforissier/misc/blob/f7b56c8/spdxify.py
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

Remove license notice from Linaro files

Now that we have added SPDX identifiers, we can safely remove the
verbose license text from the files that are owned by Linaro.

Generated by [1]:
spdxify.p

Remove license notice from Linaro files

Now that we have added SPDX identifiers, we can safely remove the
verbose license text from the files that are owned by Linaro.

Generated by [1]:
spdxify.py --linaro-only --strip-license-text optee_os/

Link: [1] https://github.com/jforissier/misc/blob/f7b56c8/spdxify.py
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

Add SPDX license identifiers

Adds one SPDX-License-Identifier line [1] to each source files that
contains license text.

Generated by [2]:
spdxify.py --add-spdx optee_os/

The scancode tool [3] wa

Add SPDX license identifiers

Adds one SPDX-License-Identifier line [1] to each source files that
contains license text.

Generated by [2]:
spdxify.py --add-spdx optee_os/

The scancode tool [3] was used to double check the license matching
code in the Python script. All the licenses detected by scancode are
either detected by spdxify.py, or have no SPDX identifier, or are false
matches.

Link: [1] https://spdx.org/licenses/
Link: [2] https://github.com/jforissier/misc/blob/f7b56c8/spdxify.py
Link: [3] https://github.com/nexB/scancode-toolkit
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

core: prng: Don't lock a mutex from rpc_cmd_nolock()

Avoids a recursive indirect call to rpc_cmd_nolock() from
plat_prng_add_jitter_entropy_norpc() by not calling
plat_prng_add_jitter_entropy_norpc(

core: prng: Don't lock a mutex from rpc_cmd_nolock()

Avoids a recursive indirect call to rpc_cmd_nolock() from
plat_prng_add_jitter_entropy_norpc() by not calling
plat_prng_add_jitter_entropy_norpc() for RPC related to mutex
wait/wakeup.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (HiKey)
Fixes: 82f97f19fe2d ("prng: call plat_prng_add_jitter_entropy() at PRNG init and before NW RPC")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: prng: Don't try to read REE time when it's not possible

The commit referenced below extends entropy gathering to two locations
where it is unfortunately not OK to invoke Normal World through R

core: prng: Don't try to read REE time when it's not possible

The commit referenced below extends entropy gathering to two locations
where it is unfortunately not OK to invoke Normal World through RPC:

1. tee_ltc_prng_init(), because at this point the RPC subsystem has not
yet been initialized,
2. rpc_cmd_nolock(), because doing so would cause recursion and would
be inefficient (doubling the number of RPC calls).

The problem is: if CFG_SECURE_TIME_SOURCE_REE=y and if the platform
does not override plat_prng_add_jitter_entropy(), the function will end
up calling the RPC service where it's not permitted and the TEE will
crash.

This commit introduces plat_prng_add_jitter_entropy_norpc() and
provides a default implementation which does nothing if the time source
is the REE, thus fixing the issue while still allowing platform code to
implement a specific behavior.

Fixes: 82f97f19fe2d ("prng: call plat_prng_add_jitter_entropy() at PRNG init and before NW RPC")
Reported-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

[Review] core: prng: Don't try to read REE time when it's not possible

Remove useless return.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

prng: move old implementation to be weak default

The patch replaces the original entropy scheme using system time with
the new api plat_prng_add_jitter_entropy().

The old scheme aimed to get 64 bit

prng: move old implementation to be weak default

The patch replaces the original entropy scheme using system time with
the new api plat_prng_add_jitter_entropy().

The old scheme aimed to get 64 bits of entropy from the current time
expressed in 64 bits in ms each time. Most of this was in fact zeros or
unchanging for >256s. If you call it twice with 1ms, it actually
provides 0 bits of entropy.

The replacement scheme aims to get 2 bits of entropy from the counter,
which typically operates faster than 1MHz, greater than a thousand times
more precision than the old way, each time.

For backwards compatibility, the old scheme is retained as the default
or arches or platforms that did not provide an override to collect
jitter in a better way.

Signed-off-by: Andy Green <andy@warmcat.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

Remove unused functions

After finding a set of functions potentially not used anywhere (using
gcc -Wl,--print-gc-sections) I did grep'd for those functions and the
ones that couldn't be found to be

Remove unused functions

After finding a set of functions potentially not used anywhere (using
gcc -Wl,--print-gc-sections) I did grep'd for those functions and the
ones that couldn't be found to be used anywhere has been deleted
(although utility functions, LibTomCrypt etc hasn't been touched).

Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Joakim Bech <joakim.bech@linaro.org> (QEMU)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Added new interface in PRNG Hal to inject entropy

- Added add_entropy interface in crypto_ops.prng, and expose
new interface tee_prng_add_entropy() for platform vendor to
inject entropy.
- Injec

Added new interface in PRNG Hal to inject entropy

- Added add_entropy interface in crypto_ops.prng, and expose
new interface tee_prng_add_entropy() for platform vendor to
inject entropy.
- Inject entropy using current timestamp every time
when a session is opened or closed.

Signed-off-by: SY Chiu <sy.chiu@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: SY Chiu <sy.chiu@linaro.org> (FVP,QEMU)
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU)

show more ...

Added Abstract Layer for PRNG

- Extended crypto_ops with a new prng_ops which handles prng operations.
- Replace calls to get_rng_array() with crypto_ops.prng.read(), this
enforces PRNG operations

Added Abstract Layer for PRNG

- Extended crypto_ops with a new prng_ops which handles prng operations.
- Replace calls to get_rng_array() with crypto_ops.prng.read(), this
enforces PRNG operations go through PRNG HAL, instead of invoking
platform-dependent PRNG implementation directly.
- Create a new mpa_set_random_generator() interface for mpa user to register
a callback to generate random number, instead of expecting the user to provide
a get_rng_array(). This enables libmpa uses crypto_ops.prng.read().
- Added a new configuration CFG_WITH_PRNG_SOFTWARE to toggle SW/HW-dependent
PRNG implementation.
- The SW PRNG implementation is supplied by backed cryto library(libtomcrypt).
- Added a new SW PRNG 'Fortuna' to libtomcrypt.
- Added a new SW PRNG 'RC4' to libtomcrypt, when Fortuna is not available due
to AES and SHA256 not available, fallback to RC4.
- Get rid of bad implemented SW PRNG in plat_vexpress(rng_support.c).
- If CFG_WITH_PRNG_SOFTWARE is not enabled, the platform needs to supply
hw_get_random_byte().

Signed-off-by: SY Chiu <sy.chiu@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Tested-by: SY Chiu <sy.chiu@linaro.org> (QEMU)

show more ...

Add crypto provider internal API

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.

Add crypto provider internal API

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)

show more ...