core: fix header file guard names

Fixes header file guards macro name prefix (mostly missing occurrences)
that should reflect the file base directory sub-path where applicable.

Reviewed-by: Jens Wi

core: fix header file guard names

Fixes header file guards macro name prefix (mostly missing occurrences)
that should reflect the file base directory sub-path where applicable.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: add generic struct ts_session

As a step in making room for Secure Partitions (SPs) running at S-EL0
add a Trusted Service (TS) abstraction. Both TAs and SPs is a TS.

Adds the generic struct t

core: add generic struct ts_session

As a step in making room for Secure Partitions (SPs) running at S-EL0
add a Trusted Service (TS) abstraction. Both TAs and SPs is a TS.

Adds the generic struct ts_session. All future sessions structs
(currently only struct tee_ta_session exists) should add this struct to
allow generic session operations.

With this struct comes new functions replacing previous struct
tee_ta_session oriented functions. The following functions are replaced
as:
tee_ta_get_current_session() -> ts_get_current_session()
tee_ta_push_current_session() -> ts_push_current_session()
tee_ta_pop_current_session() -> ts_pop_current_session()
tee_ta_get_calling_session() -> ts_get_calling_session()

ts_get_current_session() is changed compared to its predecessor to
panic() in case of failure to return a valid pointer.

A new function ts_get_current_session_may_fail() is added to handle an
eventual case where a return NULL session may be handled.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: separate copy_from_user() and friends

Removes the tee_svc_ prefix and moves tee_svc_copy_from_user() and
friends into <kernel/user_access.h> and core/kernel/user/access.c

Reviewed-by: Jerome

core: separate copy_from_user() and friends

Removes the tee_svc_ prefix and moves tee_svc_copy_from_user() and
friends into <kernel/user_access.h> and core/kernel/user/access.c

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: make stack trace robust

Makes stack trace robust by checking addresses before copying data.
Kernel stack traces are a bit more relaxed as we have crashed already.

Reviewed-by: Jerome Forissie

core: make stack trace robust

Makes stack trace robust by checking addresses before copying data.
Kernel stack traces are a bit more relaxed as we have crashed already.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960 AArch32, Aarch64)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (Juno, QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Remove license notice from STMicroelectronics files

Since a while the source files license info are defined by SPDX
identifiers. We can safely remove the verbose license text from the
files that are

Remove license notice from STMicroelectronics files

Since a while the source files license info are defined by SPDX
identifiers. We can safely remove the verbose license text from the
files that are owned by either only STMicroelectronics or only both
Linaro and STMicroelectronics.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Add SPDX license identifiers

Adds one SPDX-License-Identifier line [1] to each source files that
contains license text.

Generated by [2]:
spdxify.py --add-spdx optee_os/

The scancode tool [3] wa

Add SPDX license identifiers

Adds one SPDX-License-Identifier line [1] to each source files that
contains license text.

Generated by [2]:
spdxify.py --add-spdx optee_os/

The scancode tool [3] was used to double check the license matching
code in the Python script. All the licenses detected by scancode are
either detected by spdxify.py, or have no SPDX identifier, or are false
matches.

Link: [1] https://spdx.org/licenses/
Link: [2] https://github.com/jforissier/misc/blob/f7b56c8/spdxify.py
Link: [3] https://github.com/nexB/scancode-toolkit
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

core: remove TEE_ASSERT()

TEE_ASSERT() can be confusing regarding assert() as assert() can
be disabled through NDEBUG while TEE_ASSERT() can't.
Instead one should explicitly implement "if (cond) { p

core: remove TEE_ASSERT()

TEE_ASSERT() can be confusing regarding assert() as assert() can
be disabled through NDEBUG while TEE_ASSERT() can't.
Instead one should explicitly implement "if (cond) { panic(); }"

This patch removes several inclusions on tee_common_unpg.h as it
used to define TEE_ASSERT() that has been removed.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jen.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Etienne Carriere <etienne.carriere@linaro.org> (QEMU)

show more ...

core: update tee_svc_copy_{to,from}_user

Removes the sess parameter to tee_svc_copy_to_user(),
tee_svc_copy_from_user() and tee_svc_copy_kaddr_to_uref() as it's always
passed as either NULL or curre

core: update tee_svc_copy_{to,from}_user

Removes the sess parameter to tee_svc_copy_to_user(),
tee_svc_copy_from_user() and tee_svc_copy_kaddr_to_uref() as it's always
passed as either NULL or current session.

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Remove unused syscalls

A number of syscalls which are now unused have been removed:
- TEE_SCN_DUMMY
- TEE_SCN_DUMMY_7ARGS
- TEE_SCN_GET_PROPERTY_OBSOLETE

This breaks binary compatibility

Reviewed-

Remove unused syscalls

A number of syscalls which are now unused have been removed:
- TEE_SCN_DUMMY
- TEE_SCN_DUMMY_7ARGS
- TEE_SCN_GET_PROPERTY_OBSOLETE

This breaks binary compatibility

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

Properties: Adding Microsoft specific property

As an example on how to add vendor specific properties,
the microsoft specific property is added.

Original pull-request is
https://github.com/OP-T

Properties: Adding Microsoft specific property

As an example on how to add vendor specific properties,
the microsoft specific property is added.

Original pull-request is
https://github.com/OP-TEE/optee_os/pull/460

Suggested-by: Paul Swan <paswan@microsoft.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU)
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

Properties: prepare to add vendor specific properties

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Pascal Brand <pascal.brand@st.com>

Properties in kernel side

In order to ease the inclusion of vendor-specific properties,
properties are now mostly described in the kernel. This allows
a lower synchronization between user-side and k

Properties in kernel side

In order to ease the inclusion of vendor-specific properties,
properties are now mostly described in the kernel. This allows
a lower synchronization between user-side and kernel-side.

The only properties now handled at user-side are TA properties
(apart from "gpd.ta.appID") as well as the TEE property
"gpd.tee.arith.maxBigIntSize"

Early discussion can be found at
https://github.com/OP-TEE/optee_os/pull/460
and https://github.com/OP-TEE/optee_os/pull/482

Suggested-by: Paul Swan <paswan@microsoft.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

core: merge tee_ta_manager{,_unpg}.{c,h}

Merges tee_ta_manager_unpg.h into tee_ta_manager.h and
tee_ta_manager_unpg.c into tee_ta_manager.c

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewe

core: merge tee_ta_manager{,_unpg}.{c,h}

Merges tee_ta_manager_unpg.h into tee_ta_manager.h and
tee_ta_manager_unpg.c into tee_ta_manager.c

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU, FVP)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: move cache syscall

Moves cache syscall code to arch/arm/tee

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Signed-off-by: Jens Wiklander

core: move cache syscall

Moves cache syscall code to arch/arm/tee

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Remove unused functions

After finding a set of functions potentially not used anywhere (using
gcc -Wl,--print-gc-sections) I did grep'd for those functions and the
ones that couldn't be found to be

Remove unused functions

After finding a set of functions potentially not used anywhere (using
gcc -Wl,--print-gc-sections) I did grep'd for those functions and the
ones that couldn't be found to be used anywhere has been deleted
(although utility functions, LibTomCrypt etc hasn't been touched).

Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Joakim Bech <joakim.bech@linaro.org> (QEMU)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: trace_syscall(): print the syscall name in addition to its number

When CFG_TEE_CORE_LOG_LEVEL >= 4, a debug trace is printed whenever a
system call is entered. Currently it just prints the sys

core: trace_syscall(): print the syscall name in addition to its number

When CFG_TEE_CORE_LOG_LEVEL >= 4, a debug trace is printed whenever a
system call is entered. Currently it just prints the syscall number,
which is not very convenient. This commit adds the name of the syscall
function to the trace.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

Make TEE Core TA interaction 64-bit compatible

* Updates TA entry
* Update ta_head
* Updates the syscall interface
* Adds functions to make a short pointer (32-bit uref) from a kernel pointer
and

Make TEE Core TA interaction 64-bit compatible

* Updates TA entry
* Update ta_head
* Updates the syscall interface
* Adds functions to make a short pointer (32-bit uref) from a kernel pointer
and vice versa

Note that this change is not backwards compatible, TAs needs to be
recompiled.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

core: rename system calls (s/tee_svc_/syscall_/)

Assign the syscall_ prefix to all system calls to make them stand out
from other functions.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro

core: rename system calls (s/tee_svc_/syscall_/)

Assign the syscall_ prefix to all system calls to make them stand out
from other functions.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

arm64: fix buffer overflows when copying kernel addresses to user space

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by:

arm64: fix buffer overflows when copying kernel addresses to user space

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

Define 32-bit ABI

Defines 32-bit ABI for various types passed by reference. Either by an
explicit conversion to/from TEE_Param and TEE_Attribute or by changing
size_t to uint32_t. Affected interface

Define 32-bit ABI

Defines 32-bit ABI for various types passed by reference. Either by an
explicit conversion to/from TEE_Param and TEE_Attribute or by changing
size_t to uint32_t. Affected interfaces are SVC interface and parameters
passed to user TA inside tee_user_ta_enter().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU, FVP)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

Internal API extension on Cache Operations

Following extensions are introduced:
- TEE_CacheClean()
- TEE_CacheFlush()
- TEE_CacheInvalidate()

Reviewed-by: Jerome Forissier <jerome.foris

Internal API extension on Cache Operations

Following extensions are introduced:
- TEE_CacheClean()
- TEE_CacheFlush()
- TEE_CacheInvalidate()

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

SE API: implment lubutee and svc handler

- Implemented tee_se_service
- Rename tee_se_reader_handle to tee_se_reader_proxy
to avoid confuse with libutee
- Implemented SE API(tee_internal_se_api.h)

SE API: implment lubutee and svc handler

- Implemented tee_se_service
- Rename tee_se_reader_handle to tee_se_reader_proxy
to avoid confuse with libutee
- Implemented SE API(tee_internal_se_api.h) in libutee
- Implemented svc handler for SE API
- rename protocol.[ch] to iso7816.[ch]
- prefix aid_* with "tee_se_"
- add an option to enable/disable se_api_self_tests

Signed-off-by: SY Chiu <sy.chiu@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: SY Chiu <sy.chiu@linaro.org> (Modified QEMU + jcardsim)

show more ...

Clean syscall handling

* Implements a svc handler suitable to supply as a handler for
thread_svc_handler.
* Removes hardcoded call to tee_svc_sycall in
thread_svc_handler.
* Removes duplicated c

Clean syscall handling

* Implements a svc handler suitable to supply as a handler for
thread_svc_handler.
* Removes hardcoded call to tee_svc_sycall in
thread_svc_handler.
* Removes duplicated code for unwinding of stack after
tee_svc_enter_user_mode() replacing it with a single
tee_svc_unwind_enter_user_mode()

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU virt and FVP)
Reviewed-by: Etienne Carriere <etienne.carriere@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)

show more ...

Merge tee_{core,uta}_trace.h into libutil

Merges tee_core_trace.h and tee_uta_trace.h into a common trace.h
in libutil. Since the trace functions now resides libutil they have
to rely on core and li

Merge tee_{core,uta}_trace.h into libutil

Merges tee_core_trace.h and tee_uta_trace.h into a common trace.h
in libutil. Since the trace functions now resides libutil they have
to rely on core and libutee to provide functions to print to the
log device.

* Keeps compatible interface from tee_kta_trace.h
* Adds TAMSG() and TAMSG_RAW() to log TA related events
* Removes the TRACE_ALWAYS level

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU virt platform)
Reviewed-by: Etienne Carriere <etienne.carriere@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)

show more ...

Cleanup

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Pascal Brand <pascal.brand@st.com>