TEE Core File Operation Abstraction Layer

Tested-by: James Kung <james.kung@linaro.org> (QEMU platform)
Signed-off-by: James Kung <james.kung@linaro.org>
Reviewed-by: Jerome Forissier <jerome.foriss

TEE Core File Operation Abstraction Layer

Tested-by: James Kung <james.kung@linaro.org> (QEMU platform)
Signed-off-by: James Kung <james.kung@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

struct tee_ta_ctx: remove rw_data*

Removes rw_data and tw_data_usage elements in struct tee_ta_ctx as
they are not used any longer.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewe

struct tee_ta_ctx: remove rw_data*

Removes rw_data and tw_data_usage elements in struct tee_ta_ctx as
they are not used any longer.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

arm32: Adds LPAE support

Enables use of Large Physical Address Extension (LPAE) with
CFG_WITH_LPAE=y

To facilitate both the old V7 and the new LPAE translation tables an
abstraction layer has been

arm32: Adds LPAE support

Enables use of Large Physical Address Extension (LPAE) with
CFG_WITH_LPAE=y

To facilitate both the old V7 and the new LPAE translation tables an
abstraction layer has been added to avoid direct manipulations of the
translation tables.

Both V7 and LPAE implementation uses TEX remapping (SCTLR.TRE = 1) and
enables access flags (SCTLR.AFE = 1). This is a change in the V7 code
base as those bits where 0 before. There are two reason for this change:
1."From the introduction of the Large Physical Address Extension, ARM
deprecates any use of the AP[2:0] scheme for defining MMU access
permissions. This deprecation applies to software for all ARMv7-A
implementations, regardless of whether they include the Large
Physical Address Extension."
2. With SCTLR.TRE = 1 and SCTLR.AFE = 1 V7 and LPAE implementations uses
the same way of specifying access permissions and memory attributes.

Currently only supported on plat-vexpress.

Bugfix v7 config: sets NOS bit in TTBRx registers

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU, FVP Base model)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)

show more ...

Internal API extension on Cache Operations

Following extensions are introduced:
- TEE_CacheClean()
- TEE_CacheFlush()
- TEE_CacheInvalidate()

Reviewed-by: Jerome Forissier <jerome.foris

Internal API extension on Cache Operations

Following extensions are introduced:
- TEE_CacheClean()
- TEE_CacheFlush()
- TEE_CacheInvalidate()

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

SE API: Change configuration to be prefixed with CFG_*

Signed-off-by: SY Chiu <sy.chiu@linaro.org>
Tested-by: SY Chiu <sy.chiu@linaro.org> (Modified QEMU + jcardsim)

SE API: hide private interfaces

- Split each headers into module.h and module_priv.h, move the methods that
is only used internally by SE implementation to module_priv.h, and export
module_priv.

SE API: hide private interfaces

- Split each headers into module.h and module_priv.h, move the methods that
is only used internally by SE implementation to module_priv.h, and export
module_priv.h to rest of TEE Core
- Added new include path to se_api_self_tests.c for which needs to include
private headers
- Split aid.c and apdu.c from iso7816.c. Originally they have to be wriiten in
the same file since they share some private data structures. Now, the
private data structure can be shared via private headers.
- Split reader.c from manager.c for the same reason above.

Signed-off-by: SY Chiu <sy.chiu@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: SY Chiu <sy.chiu@linaro.org> (Modified QEMU + jcardsim)

show more ...

SE API: implment lubutee and svc handler

- Implemented tee_se_service
- Rename tee_se_reader_handle to tee_se_reader_proxy
to avoid confuse with libutee
- Implemented SE API(tee_internal_se_api.h)

SE API: implment lubutee and svc handler

- Implemented tee_se_service
- Rename tee_se_reader_handle to tee_se_reader_proxy
to avoid confuse with libutee
- Implemented SE API(tee_internal_se_api.h) in libutee
- Implemented svc handler for SE API
- rename protocol.[ch] to iso7816.[ch]
- prefix aid_* with "tee_se_"
- add an option to enable/disable se_api_self_tests

Signed-off-by: SY Chiu <sy.chiu@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: SY Chiu <sy.chiu@linaro.org> (Modified QEMU + jcardsim)

show more ...

SE API: Session, Protocol and Channel implementation

- Implement Session which maintains the connection between TA and a
specific SE Reader
- Implement ISO7816 transport layer protocol, and Channe

SE API: Session, Protocol and Channel implementation

- Implement Session which maintains the connection between TA and a
specific SE Reader
- Implement ISO7816 transport layer protocol, and Channel management
- Implement Utilities to handle AID(ISO7816-3) and APDU(ISO7816-4)
- Brunch of self tests to velidate functionality of each module

Signed-off-by: SY Chiu <sy.chiu@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: SY Chiu <sy.chiu@linaro.org> (Modified QEMU + jcardsim)

show more ...

SE API: SE Manager and Reader implementation

- Introduce an interface for developers to write reader driver
(core/include/tee/se/reader/interface.h)
- A sample reader driver implementation: PC/SC

SE API: SE Manager and Reader implementation

- Introduce an interface for developers to write reader driver
(core/include/tee/se/reader/interface.h)
- A sample reader driver implementation: PC/SC passthru reader
(core/tee/se/reader/passthru_reader)
- Currently supported machine is qemu-virt (compile with --with-pcsc-passthru)
- A selftest STA is included to test the functionality of SE Reader
(core/arch/arm32/sta/se_api_self_tests.c)
- To enable SE API, add "WITH_SE_API := y" in your platform config

Signed-off-by: SY Chiu <sy.chiu@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: SY Chiu <sy.chiu@linaro.org> (Modified QEMU + jcardsim)

show more ...

Introduce a Linux style initcall mechanism

To use it, simply add something like:

service_init(server_init_callback);

The callback regsitered will be invoked at the end of init_teecore().
Now we ha

Introduce a Linux style initcall mechanism

To use it, simply add something like:

service_init(server_init_callback);

The callback regsitered will be invoked at the end of init_teecore().
Now we have 2 priority service_init and driver_init. The callback
regsitered in service level will be invoked first.

Signed-off-by: SY Chiu <sy.chiu@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: SY Chiu <sy.chiu@linaro.org> (QEMU)

show more ...

Add PKCS #5 v2.0 key derivation function 2 (PBKDF2)

This commit implements a crypto extension to support the key derivation
function defined in section 5.2 of RFC 2898
(https://www.ietf.org/rfc/rfc2

Add PKCS #5 v2.0 key derivation function 2 (PBKDF2)

This commit implements a crypto extension to support the key derivation
function defined in section 5.2 of RFC 2898
(https://www.ietf.org/rfc/rfc2898.txt), which is a re-publish of PKCS #5 v2.0.
The underlying pseudorandom function is HMAC-SHA1, which is the default PRF
specified in the RFC. It would be trivial to support the other HMAC functions
already implemented in OP-TEE.

See documentation/extensions/crypto_pbkdf2.md for details.

Tested on PLATFORM=vexpress-qemu_virt with the test vectors from RFC 6070
(https://www.ietf.org/rfc/rfc6070.txt).

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Xiaoqiang Du <xiaoqiang.du@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)

show more ...

Add HMAC-based extract-and-expand key derivation function (HKDF)

HKDF (http://tools.ietf.org/html/rfc5869) is a key derivation algorithm.
As per the RFC:

A key derivation function (KDF) is a bas

Add HMAC-based extract-and-expand key derivation function (HKDF)

HKDF (http://tools.ietf.org/html/rfc5869) is a key derivation algorithm.
As per the RFC:

A key derivation function (KDF) is a basic and essential component of
cryptographic systems. Its goal is to take some source of initial
keying material and derive from it one or more cryptographically
strong secret keys.
[...]
HKDF follows the "extract-then-expand" paradigm, where the KDF
logically consists of two modules.
[...]
The goal of the "extract" stage is to "concentrate" the possibly
dispersed entropy of the input keying material into a short, but
cryptographically strong, pseudorandom key.
[...]
The second stage "expands" the pseudorandom key to the desired
length; the number and lengths of the output keys depend on the
specific cryptographic algorithms for which the keys are needed.

Since HKDF is not covered by the GlobalPlatform Internal API specification
v1.0/v1.1, this commit introduces extensions to the specification.
More specifically: it defines new algorithms, a new object type and new
object attributes. This implementation supports all the usual hash
functions (MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512) and may
produce output keys of length up to 4096 bits (currently limited only by
the maximum size allowed for an object of type TEE_TYPE_GENERIC_SECRET).
Aside from minor updates to object manipulation functions to support
the new data, the function TEE_DeriveKey() is mostly impacted.

The file documentation/extensions/crypto_hkdf.md contains the modifications
to the GP Internal API v1.0 spec in order to support HKDF.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Xiaoqiang Du <xiaoqiang.du@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

Add Concat KDF (Concatenation Key Derivation Function, NIST SP 800-56A R1)

Concat KDF is a key derivation algorithm defined in section 5.8.1 of
the NIST Special Publication 800-56A Revision 1, "Reco

Add Concat KDF (Concatenation Key Derivation Function, NIST SP 800-56A R1)

Concat KDF is a key derivation algorithm defined in section 5.8.1 of
the NIST Special Publication 800-56A Revision 1, "Recommendation for Pair-Wise
Key Establishment Schemes Using Discrete Logarithm Cryptography"
(http://csrc.nist.gov/publications/nistpubs/800-56A/SP800-56A_Revision1_Mar08-2007.pdf)

This is a TEE implementation of the function, which supports the following
hash algorithms: SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512.
The actual key derivation is implemented in TEE_DeriveKey() thanks to
custom extensions to the GlobalPlatform API v1.0. Please refer to
documentation/extensions/crypto_concat_kdf.md for details.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Xiaoqiang Du <xiaoqiang.du@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)

show more ...

Add plat-sunxi

Initial version support for Allwinner A80 platform.
Allwinner A80 is big.little archtecture with 4*A7 + 4*A15,
Support Trustzone tech and secureboot inside hardware.
plat-sunxi suppor

Add plat-sunxi

Initial version support for Allwinner A80 platform.
Allwinner A80 is big.little archtecture with 4*A7 + 4*A15,
Support Trustzone tech and secureboot inside hardware.
plat-sunxi support features:
1.Clone plat-sunxi from plat-vexpress;
2.Secure bootloader reserved 64MB secure DRAM for optee_os;
3.Support SMP secondary cpu secure stage bootup;
4.Add uart driver to core/driver/*;
5.Support GIC driver initialization.
The porting work test on Optimus board, with allwinner A80 chip.

Signed-off-by: sunny <sunny@allwinnertech.com>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

driver/gic: add gic_cpu_init interface.

The interface mainly use for secondary cpu bootup.
When secondary cpu bootup, It will initialize per-cpu gic-cpu-interface.
The gic_cpu_init main work include

driver/gic: add gic_cpu_init interface.

The interface mainly use for secondary cpu bootup.
When secondary cpu bootup, It will initialize per-cpu gic-cpu-interface.
The gic_cpu_init main work include:
1.Set the per-cpu interrupts as Group1;
2.Enable Group0-interrupts/Group1-interrupts/FIQEn.

Signed-off-by: sunny <sunny@allwinnertech.com>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

arm32: paging of TEE Core optionally enabled

plat-vexpress-*:
* Optionally enable paging with CFG_WITH_PAGER=y
* Uses fake SRAM when paging is enabled
* Supports partitioning OP-TEE binary in unpage

arm32: paging of TEE Core optionally enabled

plat-vexpress-*:
* Optionally enable paging with CFG_WITH_PAGER=y
* Uses fake SRAM when paging is enabled
* Supports partitioning OP-TEE binary in unpaged, init and pagable areas

plat-stm:
* Displays an error message if compiled with CFG_WITH_PAGER=y

arm32:
* Replaces legacy paging support with new paging support
* Removes unused tee_pager_unpg.c

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU, FVP, Juno)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform - Check the code without the pager is not broken).

show more ...

provide hash_sha256_check()

Adds hash_sha256_check() to the tee_crypt_provider interface to be
used by pager and early initialization code where the complete crypto
library might not be available.

provide hash_sha256_check()

Adds hash_sha256_check() to the tee_crypt_provider interface to be
used by pager and early initialization code where the complete crypto
library might not be available.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

tee_mm: remove legacy TEE_MM_POOL_PAGED define

Removes the legacy TEE_MM_POOL_PAGED define and unsused code
associated with it.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by

tee_mm: remove legacy TEE_MM_POOL_PAGED define

Removes the legacy TEE_MM_POOL_PAGED define and unsused code
associated with it.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

merge tee_pager*.c and tee_pager*.h files

* Merges tee_pager_unpg.c and tee_pager.c into tee_pager.c
* Merges tee_pager_unpg.h and tee_pager.h into tee_pager.h
* Removes some legacy dummy macros
* R

merge tee_pager*.c and tee_pager*.h files

* Merges tee_pager_unpg.c and tee_pager.c into tee_pager.c
* Merges tee_pager_unpg.h and tee_pager.h into tee_pager.h
* Removes some legacy dummy macros
* Replaces some while(1) with panic()

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

core/arm32: add traces in case of user TA abort

TA manager and TA mmu layer have specific trace handlers for TA aborts:
- dumping TA info.
- dumping TA mapping info.

Generic helper uuid2str().

Sig

core/arm32: add traces in case of user TA abort

TA manager and TA mmu layer have specific trace handlers for TA aborts:
- dumping TA info.
- dumping TA mapping info.

Generic helper uuid2str().

Signed-off-by: Pascal Brand <pascal.brand@st.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)

show more ...

Clean syscall handling

* Implements a svc handler suitable to supply as a handler for
thread_svc_handler.
* Removes hardcoded call to tee_svc_sycall in
thread_svc_handler.
* Removes duplicated c

Clean syscall handling

* Implements a svc handler suitable to supply as a handler for
thread_svc_handler.
* Removes hardcoded call to tee_svc_sycall in
thread_svc_handler.
* Removes duplicated code for unwinding of stack after
tee_svc_enter_user_mode() replacing it with a single
tee_svc_unwind_enter_user_mode()

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU virt and FVP)
Reviewed-by: Etienne Carriere <etienne.carriere@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)

show more ...

MAC operations now supports NULL arguments

MAC algorithms support NULL arguments and zero length strings.

Note that the fix consists in a change of API in the internal crypto
interface. This change

MAC operations now supports NULL arguments

MAC algorithms support NULL arguments and zero length strings.

Note that the fix consists in a change of API in the internal crypto
interface. This change make hash_ops and mac_ops look the same in terms of
update and final step

Signed-off-by: Pascal Brand <pascal.brand@st.com>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-stm: L2CC_MUTEX implementation

Signed-off-by: Pascal Brand <pascal.brand@st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

Fixes in trace refactoring

- Deprecates ATAMSG
- trace_ext.c is arm32 specific
- tee_kta_trace.h and trace_ta.h are generic
- Default level is now 1 (was 2)

Signed-off-by: Pascal Brand <pascal.bran

Fixes in trace refactoring

- Deprecates ATAMSG
- trace_ext.c is arm32 specific
- tee_kta_trace.h and trace_ta.h are generic
- Default level is now 1 (was 2)

Signed-off-by: Pascal Brand <pascal.brand@st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Fix memory leak in tee_svc_cryp_obj_copy()

The following Trusted App would lead to a memory leak in the TEE core:

TEE_ObjectHandle o1, o2;
TEE_AllocateTransientObject(TEE_TYPE_RSA_KEYPAIR, 256,

Fix memory leak in tee_svc_cryp_obj_copy()

The following Trusted App would lead to a memory leak in the TEE core:

TEE_ObjectHandle o1, o2;
TEE_AllocateTransientObject(TEE_TYPE_RSA_KEYPAIR, 256, &o1);
TEE_GenerateKey(o1, 256, NULL, 0);
TEE_AllocateTransientObject(TEE_TYPE_RSA_KEYPAIR, 256, &o2);
TEE_CopyObjectAttributes(o2, o1);
TEE_FreeTransientObject(o1);
TEE_FreeTransientObject(o2);

The leak was introduced by commit ffe040395b13 ("Add crypto provider internal
API").

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)

show more ...