include - OpenGrok history log for /optee

Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
1df59751	30-Mar-2020	Jens Wiklander <jens.wiklander@linaro.org>	core: crypto: remove internal_aes_gcm_expand_enc_key() Removes internal_aes_gcm_expand_enc_key() which is replaced by crypto_aes_expand_enc_key(). Reviewed-by: Etienne Carriere <etienne.carriere@li core: crypto: remove internal_aes_gcm_expand_enc_key() Removes internal_aes_gcm_expand_enc_key() which is replaced by crypto_aes_expand_enc_key(). Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/crypto/aes-gcm-ce.c /optee_os/core/crypto/aes-gcm-sw.c /optee_os/core/crypto/aes-gcm.c crypto/internal_aes-gcm.h
8a15c688	30-Mar-2020	Jens Wiklander <jens.wiklander@linaro.org>	core: update AArch64 GHASH acceleration routines Update AArch64 GHASH acceleration routines for improved performance. The core parts of assembly and wrapper updates are written by Ard Biesheuvel <a core: update AArch64 GHASH acceleration routines Update AArch64 GHASH acceleration routines for improved performance. The core parts of assembly and wrapper updates are written by Ard Biesheuvel <ard.biesheuvel@linaro.org>, see [1]. Link: [1] https://github.com/torvalds/linux/commit/22240df7ac6d76a271197571a7be45addef2ba15 Acked-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/crypto/aes-gcm-ce.c /optee_os/core/arch/arm/crypto/ghash-ce-core_a64.S /optee_os/core/arch/arm/include/crypto/ghash-ce-core.h /optee_os/core/crypto/aes-gcm.c crypto/internal_aes-gcm.h
8f848cdb	30-Mar-2020	Jens Wiklander <jens.wiklander@linaro.org>	core: crypto: add internal_aes_gcm_{en,de}crypt_block() Adds internal_aes_gcm_encrypt_block() and internal_aes_gcm_decrypt_block() to encrypt or decrypt a well aligned AES-GCM payload block. Review core: crypto: add internal_aes_gcm_{en,de}crypt_block() Adds internal_aes_gcm_encrypt_block() and internal_aes_gcm_decrypt_block() to encrypt or decrypt a well aligned AES-GCM payload block. Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/crypto/aes-gcm.c crypto/internal_aes-gcm.h
4f6d7160	30-Mar-2020	Jens Wiklander <jens.wiklander@linaro.org>	core: crypto: remove internal_aes_gcm_encrypt_block() Replaces calls to internal_aes_gcm_encrypt_block() with calls to crypto_aes_enc_block(). Removes internal_aes_gcm_encrypt_block(). Reviewed-by: core: crypto: remove internal_aes_gcm_encrypt_block() Replaces calls to internal_aes_gcm_encrypt_block() with calls to crypto_aes_enc_block(). Removes internal_aes_gcm_encrypt_block(). Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/crypto/aes-gcm-ce.c /optee_os/core/crypto/aes-gcm-ghash-tbl.c /optee_os/core/crypto/aes-gcm-sw.c /optee_os/core/crypto/aes-gcm.c crypto/internal_aes-gcm.h
d7fd8f87	30-Mar-2020	Jens Wiklander <jens.wiklander@linaro.org>	core: crypto: unaligned aes-gcm acceleration The Arm CE code supports working with unaligned data. In order to make full use of that is the generic __weak function internal_aes_gcm_update_payload_bl core: crypto: unaligned aes-gcm acceleration The Arm CE code supports working with unaligned data. In order to make full use of that is the generic __weak function internal_aes_gcm_update_payload_block_aligned() replaced with internal_aes_gcm_update_payload_blocks(). The latter now supports working with unaligned buffers. Acked-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/crypto/aes-gcm-ce.c /optee_os/core/arch/arm/crypto/ghash-ce-core_a32.S /optee_os/core/arch/arm/crypto/ghash-ce-core_a64.S /optee_os/core/crypto/aes-gcm.c crypto/internal_aes-gcm.h
b314df1f	30-Mar-2020	Jens Wiklander <jens.wiklander@linaro.org>	core: crypto: refactor aes-gcm implementation Adds struct internal_ghash_key to represent the ghash key instead of some lose fields inside struct internal_aes_gcm_state. Software of CE configuratio core: crypto: refactor aes-gcm implementation Adds struct internal_ghash_key to represent the ghash key instead of some lose fields inside struct internal_aes_gcm_state. Software of CE configuration is done explicitly in core/crypto/aes-gcm-sw.c, dropping the __weak attribute for all functions but internal_aes_gcm_update_payload_block_aligned() which is only overridden with CFG_CRYPTO_WITH_CE=y in AArch64. Content of aes-gcm-private.h is moved into internal_aes-gcm.h. internal_aes_gcm_gfmul() is made available for generic GF multiplication. The CE versions of internal_aes_gcm_expand_enc_key() and internal_aes_gcm_encrypt_block() are now only wrappers around crypto_accel_aes_expand_keys() and crypto_accel_aes_ecb_enc(). Acked-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/crypto/aes-gcm-ce.c /optee_os/core/arch/arm/include/crypto/ghash-ce-core.h /optee_os/core/crypto.mk /optee_os/core/crypto/aes-gcm-ghash-tbl.c /optee_os/core/crypto/aes-gcm-sw.c /optee_os/core/crypto/aes-gcm.c /optee_os/core/crypto/sub.mk crypto/internal_aes-gcm.h /optee_os/core/lib/libtomcrypt/aes.c /optee_os/core/lib/libtomcrypt/aes_accel.c /optee_os/core/lib/libtomcrypt/sha1_accel.c /optee_os/core/lib/libtomcrypt/sha256_accel.c /optee_os/core/lib/libtomcrypt/src/ciphers/aes/sub.mk /optee_os/core/lib/libtomcrypt/src/hashes/sha2/sub.mk /optee_os/core/lib/libtomcrypt/src/hashes/sub.mk /optee_os/core/lib/libtomcrypt/sub.mk /optee_os/core/mm/fobj.c /optee_os/ldelf/ldelf.ld.S /optee_os/lib/libmbedtls/core/aes.c /optee_os/lib/libmbedtls/core/aes_cbc.c /optee_os/lib/libmbedtls/core/aes_ctr.c /optee_os/lib/libmbedtls/core/aes_ecb.c /optee_os/lib/libmbedtls/core/hash.c /optee_os/lib/libmbedtls/include/aes_alt.h /optee_os/lib/libmbedtls/include/mbedtls_config_kernel.h /optee_os/lib/libutils/isoc/newlib/sub.mk
75fea8a9	30-Mar-2020	Jens Wiklander <jens.wiklander@linaro.org>	core: add accelerated SHA-256 routines Adds an Arm CE accelerated SHA-256 function to core/arch/arm/crypto. The code originates from the previous implementation inside LTC library. With this multipl core: add accelerated SHA-256 routines Adds an Arm CE accelerated SHA-256 function to core/arch/arm/crypto. The code originates from the previous implementation inside LTC library. With this multiple crypto libraries can share the function. The old CFG_CRYPTO_SHA256_ARM64_CE and CFG_CRYPTO_SHA256_ARM32_CE are replaced by CFG_CRYPTO_SHA256_ARM_CE. CFG_CORE_CRYPTO_SHA256_ACCEL is introduced as to indicate that some kind of SHA-256 acceleration is available, not necessarily based on Arm CE. Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/crypto/sha256_armv8a_ce.c /optee_os/core/arch/arm/crypto/sha256_armv8a_ce_a32.S /optee_os/core/arch/arm/crypto/sha256_armv8a_ce_a64.S /optee_os/core/arch/arm/crypto/sub.mk /optee_os/core/crypto.mk crypto/crypto_accel.h
858d5279	30-Mar-2020	Jens Wiklander <jens.wiklander@linaro.org>	core: add accelerated SHA1 routines Adds an Arm CE accelerated SHA1 function to core/arch/arm/crypto. The code originates from the previous implementation inside LTC library. With this multiple cryp core: add accelerated SHA1 routines Adds an Arm CE accelerated SHA1 function to core/arch/arm/crypto. The code originates from the previous implementation inside LTC library. With this multiple crypto libraries can share the function. The old CFG_CRYPTO_SHA1_ARM64_CE and CFG_CRYPTO_SHA1_ARM32_CE are replaced by CFG_CRYPTO_SHA1_ARM_CE. CFG_CORE_CRYPTO_SHA1_ACCEL is introduced as to indicate that some kind of SHA-1 acceleration is available, not necessarily based on Arm CE. Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/crypto/sha1_armv8a_ce.c /optee_os/core/arch/arm/crypto/sha1_armv8a_ce_a32.S /optee_os/core/arch/arm/crypto/sha1_armv8a_ce_a64.S /optee_os/core/arch/arm/crypto/sub.mk /optee_os/core/crypto.mk crypto/crypto_accel.h
06d2e416	30-Mar-2020	Jens Wiklander <jens.wiklander@linaro.org>	core: add accelerated AES routines Adds Arm CE accelerated AES routines to core/arch/arm/crypto. The code originates from the previous implementation inside LTC library. With this multiple crypto li core: add accelerated AES routines Adds Arm CE accelerated AES routines to core/arch/arm/crypto. The code originates from the previous implementation inside LTC library. With this multiple crypto library can share these routines. A new header file, <crypto/crypto_accel.h>, is added with primitive functions implementing crypto accelerated ciphers. The old CFG_CRYPTO_AES_ARM64_CE and CFG_CRYPTO_AES_ARM32_CE are replaced by CFG_CRYPTO_AES_ARM_CE. CFG_CORE_CRYPTO_AES_ACCEL is introduced as to indicate that some kind of AES acceleration is available, not necessarily based on Arm CE. Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/crypto/aes_armv8a_ce.c /optee_os/core/arch/arm/crypto/aes_armv8a_ce.h /optee_os/core/arch/arm/crypto/aes_modes_armv8a_ce_a32.S /optee_os/core/arch/arm/crypto/aes_modes_armv8a_ce_a64.S /optee_os/core/arch/arm/crypto/sub.mk /optee_os/core/crypto.mk crypto/crypto_accel.h /optee_os/core/lib/libtomcrypt/src/ciphers/aes/sub.mk /optee_os/core/lib/libtomcrypt/src/hashes/sha2/sub.mk /optee_os/core/lib/libtomcrypt/src/hashes/sub.mk /optee_os/core/lib/libtomcrypt/src/headers/tomcrypt_hash.h /optee_os/core/lib/libtomcrypt/sub.mk /optee_os/core/pta/tests/aes_perf.c /optee_os/core/pta/tests/invoke.c /optee_os/core/pta/tests/misc.h /optee_os/core/pta/tests/sub.mk /optee_os/lib/libutee/include/pta_invoke_tests.h
a58c4d70	16-Dec-2019	Etienne Carriere <etienne.carriere@linaro.org>	drivers/scmi-msg: smt entry points for incoming messages This change implements SCMI channels for reading a SCMI message from a shared memory and call the SCMI message drivers to route the message t drivers/scmi-msg: smt entry points for incoming messages This change implements SCMI channels for reading a SCMI message from a shared memory and call the SCMI message drivers to route the message to the target platform services. SMT refers to the shared memory management protocol which is used to get/put message/response in shared memory. SMT is a 28byte header stating shared memory state and exchanged protocol data. The processing entry for a SCMI message can be a secure interrupt (CFG_SCMI_MSG_SMT_INTERRUPT_ENTRY=y), and fastcall SMC (CFG_SCMI_MSG_SMT_FASTCALL_ENTRY=y) or a threaded execution context entry (CFG_SCMI_MSG_SMT_THREAD_ENTRY=y). SMT description in this implementation is based on the SCP-firmware implementation [1]. Link: [1] https://github.com/ARM-software/SCP-firmware.git Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/drivers/scmi-msg/smt.c /optee_os/core/drivers/scmi-msg/sub.mk drivers/scmi-msg.h /optee_os/mk/config.mk
56a1f10e	02-Dec-2019	Etienne Carriere <etienne.carriere@linaro.org>	drivers/scmi-msg: support for reset domain protocol Adds SCMI reset domain protocol support in the SCMI message drivers as defined in SCMI specification v2.0 [1]. Not all the messages defined in the drivers/scmi-msg: support for reset domain protocol Adds SCMI reset domain protocol support in the SCMI message drivers as defined in SCMI specification v2.0 [1]. Not all the messages defined in the specification are supported. Embedded upon CFG_SCMI_MSG_RESET_DOMAIN=y. scmi_msg_get_rd_handler() sanitizes the message_id value against any speculative use of reset domain ID as a index since by SCMI specification, IDs are indices. SCMI resource in this implementation are dumped or inspired by the SCP-firmware implementation [2] of the SCMI protocol, server side. Link: [1] http://infocenter.arm.com/help/topic/com.arm.doc.den0056a/DEN0056A_System_Control_and_Management_Interface.pdf Link: [2] https://github.com/ARM-software/SCP-firmware.git Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/drivers/scmi-msg/common.h /optee_os/core/drivers/scmi-msg/entry.c /optee_os/core/drivers/scmi-msg/reset_domain.c /optee_os/core/drivers/scmi-msg/reset_domain.h /optee_os/core/drivers/scmi-msg/sub.mk drivers/scmi-msg.h /optee_os/mk/config.mk
a7a9e3ba	02-Dec-2019	Etienne Carriere <etienne.carriere@linaro.org>	drivers/scmi-msg: support for clock protocol Adds SCMI clock protocol support in the SCMI message drivers as defined in SCMI specification v2.0 [1]. Not all the messages defined in the specification drivers/scmi-msg: support for clock protocol Adds SCMI clock protocol support in the SCMI message drivers as defined in SCMI specification v2.0 [1]. Not all the messages defined in the specification are supported. Embedded upon CFG_SCMI_MSG_CLOCK=y. Platform can provide one of the plat_scmi_clock_*() handler for the supported operations set/get state/rate and others. scmi_msg_get_clock_handler() sanitizes the message_id value against any speculative use of clock ID as a index since by SCMI specification, IDs are indices. SCMI resource in this implementation are dumped or inspired by the SCP-firmware implementation [2] of the SCMI protocol, server side. Link: [1] http://infocenter.arm.com/help/topic/com.arm.doc.den0056a/DEN0056A_System_Control_and_Management_Interface.pdf Link: [2] https://github.com/ARM-software/SCP-firmware.git Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/drivers/scmi-msg/clock.c /optee_os/core/drivers/scmi-msg/clock.h /optee_os/core/drivers/scmi-msg/common.h /optee_os/core/drivers/scmi-msg/entry.c /optee_os/core/drivers/scmi-msg/sub.mk drivers/scmi-msg.h /optee_os/mk/config.mk
ae8c8068	01-Dec-2019	Etienne Carriere <etienne.carriere@linaro.org>	drivers/scmi-msg: driver for processing scmi messages This change introduces drivers to allow a platform to create a SCMI service and register handlers for client request (SCMI agent) on system reso drivers/scmi-msg: driver for processing scmi messages This change introduces drivers to allow a platform to create a SCMI service and register handlers for client request (SCMI agent) on system resources. This is the first piece of the drivers: an entry function, the SCMI base protocol support and helpers for create the response message. With this change, scmi_process_message() is the entry function to process an incoming SCMI message. The function expect the message is already copied from shared memory into secure memory. The message structure stores message reference and output buffer reference where response message shall be stored. scmi_process_message() calls the SCMI protocol driver according to the protocol ID in the message. The SCMI protocol driver will call defined platform handlers according to the message content. This change introduces only the SCMI base protocol as defined in SCMI specification v2.0 [1]. Not all the messages defined in the specification are supported. SCMI resource in this implementation are dumped or inspired by the SCP-firmware implementation [2] of the SCMI protocol, server side. Link: [1] http://infocenter.arm.com/help/topic/com.arm.doc.den0056a/DEN0056A_System_Control_and_Management_Interface.pdf Link: [2] https://github.com/ARM-software/SCP-firmware.git Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/include/sm/optee_smc.h /optee_os/core/arch/arm/mm/tee_mmu.c /optee_os/core/arch/arm/tee/entry_fast.c /optee_os/core/arch/arm/tee/entry_std.c /optee_os/core/drivers/scmi-msg/base.c /optee_os/core/drivers/scmi-msg/base.h /optee_os/core/drivers/scmi-msg/common.h /optee_os/core/drivers/scmi-msg/entry.c /optee_os/core/drivers/scmi-msg/sub.mk /optee_os/core/drivers/sub.mk drivers/scmi-msg.h drivers/scmi.h /optee_os/lib/libutee/tee_api_operations.c /optee_os/mk/config.mk
7c767434	02-Apr-2020	Albert Schwarzkopf <a.schwarzkopf@phytec.de>	core: merge tee__get_digest_size() into a single function Rename tee_hash_get_digest_size() to tee_alg_get_digest_size(). Change tee_alg_get_digest_size() to use new libutee macro TEE_ALG_GET_DIGE core: merge tee__get_digest_size() into a single function Rename tee_hash_get_digest_size() to tee_alg_get_digest_size(). Change tee_alg_get_digest_size() to use new libutee macro TEE_ALG_GET_DIGEST_SIZE. Remove tee_mac_get_digest_size() as its functionality is handled by tee_alg_get_digest_size() now. Signed-off-by: Albert Schwarzkopf <a.schwarzkopf@phytec.de> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/.shippable.yml /optee_os/core/arch/arm/crypto/ghash-ce-core_a32.S /optee_os/core/arch/arm/crypto/ghash-ce-core_a64.S /optee_os/core/arch/arm/kernel/thread_a32.S /optee_os/core/arch/arm/kernel/thread_a64.S /optee_os/core/arch/arm/plat-imx/crypto_conf.mk /optee_os/core/arch/arm/plat-imx/drivers/imx_snvs.c /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_clk.c /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_rcc.c /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_rcc.h /optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c /optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h /optee_os/core/arch/arm/sm/sm_a32.S /optee_os/core/arch/arm/tee/entry_std.c /optee_os/core/crypto/signed_hdr.c /optee_os/core/drivers/crypto/caam/caam_ctrl.c /optee_os/core/drivers/crypto/caam/cipher/caam_cipher.c /optee_os/core/drivers/crypto/caam/cipher/caam_cipher_xts.c /optee_os/core/drivers/crypto/caam/cipher/local.h /optee_os/core/drivers/crypto/caam/cipher/sub.mk /optee_os/core/drivers/crypto/caam/include/caam_cipher.h /optee_os/core/drivers/crypto/caam/include/caam_trace.h /optee_os/core/drivers/crypto/caam/sub.mk /optee_os/core/drivers/crypto/crypto_api/acipher/rsa.c /optee_os/core/drivers/gic.c /optee_os/core/drivers/stm32_etzpc.c /optee_os/core/drivers/stm32_rng.c tee/tee_cryp_utl.h /optee_os/core/lib/libtomcrypt/dsa.c /optee_os/core/lib/libtomcrypt/rsa.c /optee_os/core/tee/tee_cryp_concat_kdf.c /optee_os/core/tee/tee_cryp_hkdf.c /optee_os/core/tee/tee_cryp_pbkdf2.c /optee_os/core/tee/tee_cryp_utl.c /optee_os/core/tee/tee_rpmb_fs.c /optee_os/core/tee/tee_svc.c /optee_os/core/tee/tee_svc_cryp.c /optee_os/lib/libmbedtls/core/rsa.c /optee_os/lib/libutee/include/tee_api_defines_extensions.h /optee_os/lib/libutee/include/utee_defines.h /optee_os/lib/libutee/tee_api_operations.c /optee_os/lib/libutils/isoc/arch/arm/arm32_aeabi_divmod_a32.S /optee_os/lib/libutils/isoc/arch/arm/arm32_aeabi_ldivmod_a32.S /optee_os/ta/pkcs11/include/pkcs11_ta.h /optee_os/ta/pkcs11/src/entry.c /optee_os/ta/pkcs11/src/handle.c /optee_os/ta/pkcs11/src/handle.h /optee_os/ta/pkcs11/src/persistent_token.c /optee_os/ta/pkcs11/src/pkcs11_helpers.c /optee_os/ta/pkcs11/src/pkcs11_helpers.h /optee_os/ta/pkcs11/src/pkcs11_token.c /optee_os/ta/pkcs11/src/pkcs11_token.h /optee_os/ta/pkcs11/src/serializer.h /optee_os/ta/pkcs11/src/sub.mk /optee_os/ta/pkcs11/src/token_capabilities.c /optee_os/ta/pkcs11/src/token_capabilities.h
e43ab7a8	07-Aug-2019	Cedric Neveux <cedric.neveux@nxp.com>	core: driver: generic resources for crypto cipher driver Add a generic cryptographic Cipher driver interface connecting TEE Crypto generic APIs to HW driver interface To make Cipher HW driver gener core: driver: generic resources for crypto cipher driver Add a generic cryptographic Cipher driver interface connecting TEE Crypto generic APIs to HW driver interface To make Cipher HW driver generic and to reduce the amount of function parameters, add structure data for the initialization and update function driver call. Checks the Cipher operation's parameter in the generic part before calling the HW driver. Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com> Signed-off-by: Clement Faure <clement.faure@nxp.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... /optee_os/core/arch/arm/kernel/early_ta.c /optee_os/core/arch/arm/kernel/ree_fs_ta.c /optee_os/core/arch/arm/mm/tee_mmu.c /optee_os/core/arch/arm/mm/tee_pager.c /optee_os/core/crypto/crypto.c /optee_os/core/drivers/bnxt/bnxt_fw.c /optee_os/core/drivers/crypto/crypto_api/cipher/cipher.c /optee_os/core/drivers/crypto/crypto_api/cipher/sub.mk /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt.h /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_cipher.h /optee_os/core/drivers/crypto/crypto_api/sub.mk crypto/crypto_impl.h /optee_os/core/pta/gprof.c /optee_os/core/pta/system.c /optee_os/lib/libutils/ext/include/util.h /optee_os/ta/pkcs11/include/pkcs11_ta.h
40bb4a98	19-Mar-2020	Jens Wiklander <jens.wiklander@linaro.org>	core: add overflow check in SHDR_GET_SIZE() Adds overflow check in SHDR_GET_SIZE(), 0 which never can be a correct size is returned in case of overflow. Reviewed-by: Joakim Bech <joakim.bech@linaro core: add overflow check in SHDR_GET_SIZE() Adds overflow check in SHDR_GET_SIZE(), 0 which never can be a correct size is returned in case of overflow. Reviewed-by: Joakim Bech <joakim.bech@linaro.org> Reviewed-by: Jerome Forissier <jerome@forissier.org> Reported-by: Bastien Simondi <bsimondi@netflix.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/.shippable.yml /optee_os/core/arch/arm/include/mm/core_mmu.h /optee_os/core/arch/arm/kernel/generic_boot.c /optee_os/core/arch/arm/kernel/generic_entry_a32.S /optee_os/core/arch/arm/kernel/generic_entry_a64.S /optee_os/core/arch/arm/kernel/link.mk /optee_os/core/arch/arm/kernel/link_dummies_init.c /optee_os/core/arch/arm/kernel/link_dummies_paged.c /optee_os/core/arch/arm/kernel/ree_fs_ta.c /optee_os/core/arch/arm/kernel/sub.mk /optee_os/core/arch/arm/kernel/thread_a32.S /optee_os/core/arch/arm/kernel/thread_a64.S /optee_os/core/arch/arm/kernel/thread_optee_smc_a64.S /optee_os/core/arch/arm/kernel/user_ta.c /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/mm/core_mmu_lpae.c /optee_os/core/arch/arm/mm/core_mmu_private.h /optee_os/core/arch/arm/mm/core_mmu_v7.c /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-imx/crypto_conf.mk /optee_os/core/arch/arm/plat-imx/drivers/imx_snvs.c /optee_os/core/arch/arm/plat-imx/drivers/sub.mk /optee_os/core/arch/arm/tee/arch_svc.c /optee_os/core/arch/arm/tee/init.c /optee_os/core/drivers/crypto/caam/acipher/caam_math.c /optee_os/core/drivers/crypto/caam/acipher/caam_prime.c /optee_os/core/drivers/crypto/caam/acipher/caam_rsa.c /optee_os/core/drivers/crypto/caam/acipher/local.h /optee_os/core/drivers/crypto/caam/acipher/sub.mk /optee_os/core/drivers/crypto/caam/caam_ctrl.c /optee_os/core/drivers/crypto/caam/caam_jr.c /optee_os/core/drivers/crypto/caam/caam_rng.c /optee_os/core/drivers/crypto/caam/hal/common/hal_cfg.c /optee_os/core/drivers/crypto/caam/hal/common/hal_ctrl.c /optee_os/core/drivers/crypto/caam/hal/common/hal_jr.c /optee_os/core/drivers/crypto/caam/hal/common/registers/version_regs.h /optee_os/core/drivers/crypto/caam/include/caam_acipher.h /optee_os/core/drivers/crypto/caam/include/caam_desc_ccb_defines.h /optee_os/core/drivers/crypto/caam/include/caam_desc_defines.h /optee_os/core/drivers/crypto/caam/include/caam_hal_ctrl.h /optee_os/core/drivers/crypto/caam/include/caam_jr_status.h /optee_os/core/drivers/crypto/caam/include/caam_trace.h /optee_os/core/drivers/crypto/caam/include/caam_utils_mem.h /optee_os/core/drivers/crypto/caam/sub.mk /optee_os/core/drivers/crypto/caam/utils/utils_mem.c /optee_os/core/drivers/crypto/crypto_api/acipher/local.h /optee_os/core/drivers/crypto/crypto_api/acipher/rsa.c /optee_os/core/drivers/crypto/crypto_api/acipher/rsamgf.c /optee_os/core/drivers/crypto/crypto_api/acipher/rsassa.c /optee_os/core/drivers/crypto/crypto_api/acipher/sub.mk /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt.h /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_acipher.h /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_asn1_oid.h /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_hash.h /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_math.h /optee_os/core/drivers/crypto/crypto_api/math/modulus.c /optee_os/core/drivers/crypto/crypto_api/math/sub.mk /optee_os/core/drivers/crypto/crypto_api/oid/hash_oid.c /optee_os/core/drivers/crypto/crypto_api/oid/sub.mk /optee_os/core/drivers/crypto/crypto_api/sub.mk signed_hdr.h /optee_os/ldelf/ta_elf.c /optee_os/ldelf/ta_elf.h /optee_os/ldelf/ta_elf_rel.c /optee_os/lib/libdl/dlfcn.c /optee_os/lib/libutee/arch/arm/user_ta_entry.c /optee_os/lib/libutee/include/arm64_user_sysreg.h /optee_os/lib/libutee/include/user_ta_header.h /optee_os/lib/libutils/ext/include/confine_array_index.h /optee_os/lib/libutils/isoc/include/setjmp.h /optee_os/mk/lib.mk /optee_os/ta/arch/arm/link.mk /optee_os/ta/arch/arm/ta.ld.S /optee_os/ta/pkcs11/include/pkcs11_ta.h /optee_os/ta/pkcs11/src/entry.c /optee_os/ta/pkcs11/src/persistent_token.c /optee_os/ta/pkcs11/src/pkcs11_helpers.c /optee_os/ta/pkcs11/src/pkcs11_helpers.h /optee_os/ta/pkcs11/src/pkcs11_token.c /optee_os/ta/pkcs11/src/pkcs11_token.h /optee_os/ta/pkcs11/src/serializer.c /optee_os/ta/pkcs11/src/serializer.h /optee_os/ta/pkcs11/src/sub.mk
b1042535	29-Nov-2019	Rouven Czerwinski <r.czerwinski@pengutronix.de>	rpmb: function to block rpmb write per platform Often the RPMB should only be written if the platform is in the correct state where the Hardware Unique Key (HUK) for the platform works correctly. As rpmb: function to block rpmb write per platform Often the RPMB should only be written if the platform is in the correct state where the Hardware Unique Key (HUK) for the platform works correctly. As an example on imx platforms with HUK derivation from the OTPMK, the OTPMK is only accessible from the secure or trusted state. Add a function and weak implementation for platforms to indicate that the device is in the correct state to allow RPMB key writes. Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Cedric Neveux <cedric.neveux@nxp.com> show more ... tee/tee_fs.h /optee_os/core/tee/tee_rpmb_fs.c
599784c7	29-Nov-2019	Rouven Czerwinski <r.czerwinski@pengutronix.de>	imx: snvs: rework snvs driver Remove the unused SRTC functionality which is not wired up anywhere. Instead add a function to read the device configuration and system security monitor instead. Signe imx: snvs: rework snvs driver Remove the unused SRTC functionality which is not wired up anywhere. Instead add a function to read the device configuration and system security monitor instead. Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Cedric Neveux <cedric.neveux@nxp.com> show more ... /optee_os/MAINTAINERS /optee_os/core/drivers/imx_snvs.c drivers/imx_snvs.h /optee_os/lib/libutee/arch/arm/sub.mk /optee_os/lib/libutee/arch/arm/user_ta_entry.c /optee_os/mk/clang.mk /optee_os/mk/config.mk /optee_os/scripts/get_maintainer.py /optee_os/scripts/symbolize.py /optee_os/ta/arch/arm/ta.ld.S /optee_os/ta/pkcs11/include/pkcs11_ta.h /optee_os/ta/pkcs11/src/entry.c /optee_os/ta/pkcs11/src/pkcs11_helpers.c /optee_os/ta/pkcs11/src/pkcs11_helpers.h
dd333f03	20-Jan-2020	Javier Almansa Sobrino <javier.almansasobrino@arm.com>	core: Add support to access a TPM event log in secure memory. Support for OPTEE to be able to receive a TPM event log through a DTB so it can forward it to a TA (such as a TPM service) in order to e core: Add support to access a TPM event log in secure memory. Support for OPTEE to be able to receive a TPM event log through a DTB so it can forward it to a TA (such as a TPM service) in order to extend the measurements. CFG_CORE_TPM_EVENT_LOG enables this feature. CFG_TPM_LOG_BASE_ADDR hardcodes the phys address of the event log in case CFG_DT is not set. CFG_TPM_MAX_LOG_SIZE harcodes the size of the event log in case CFG_DT is not set. When this feature is enabled, the PTA_SYSTEM_GET_TPM_EVENT_LOG command is available to any TA. Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com> Reviewed-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/kernel/generic_boot.c /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-imx/drivers/tzc380.c /optee_os/core/arch/arm/plat-imx/imx.h /optee_os/core/arch/arm/plat-imx/main.c /optee_os/core/arch/arm/plat-vexpress/conf.mk /optee_os/core/drivers/tzc380.c kernel/tpm.h /optee_os/core/kernel/sub.mk /optee_os/core/kernel/tpm.c /optee_os/core/pta/system.c /optee_os/lib/libutee/include/pta_system.h /optee_os/mk/config.mk /optee_os/ta/ta.mk
5544b89d	06-Feb-2020	Rouven Czerwinski <r.czerwinski@pengutronix.de>	tzc380: add function to lockdown regions The TZC380 allows a lockdown of the region configuration to prevent unintended or malicious configuration changes. Add a function which locks down all region tzc380: add function to lockdown regions The TZC380 allows a lockdown of the region configuration to prevent unintended or malicious configuration changes. Add a function which locks down all regions of the current configuration Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Reviewed-by: Clement Faure <clement.faure@nxp.com> show more ... /optee_os/core/drivers/tzc380.c drivers/tzc380.h /optee_os/ta/pkcs11/src/user_ta_header_defines.h
e55ef7c3	17-Feb-2020	Jerome Forissier <jerome@forissier.org>	core: panic(): don't lose the message in non-debug mode When CFG_TEE_CORE_DEBUG != y, panic("Some text") prints no file/line/ function information (which is expected in non-debug mode) but it also i core: panic(): don't lose the message in non-debug mode When CFG_TEE_CORE_DEBUG != y, panic("Some text") prints no file/line/ function information (which is expected in non-debug mode) but it also ignores its parameter. As a result, the console simply shows "Panic" which is not very helpful. There is no reason not to print the panic message, so add it. Note that it is still possible to build a fully silent OP-TEE by setting the log level to zero. Signed-off-by: Jerome Forissier <jerome@forissier.org> Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> show more ... /optee_os/.shippable.yml /optee_os/core/arch/arm/kernel/generic_entry_a32.S /optee_os/core/arch/arm/kernel/generic_entry_a64.S /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-ls/conf.mk /optee_os/core/arch/arm/plat-ls/crypto_conf.mk /optee_os/core/arch/arm/plat-ls/platform_config.h /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/main.c /optee_os/core/arch/arm/plat-stm32mp1/platform_config.h /optee_os/core/arch/arm/tee/init.c /optee_os/core/drivers/crypto/caam/caam_desc.c kernel/panic.h /optee_os/core/tee/tee_rpmb_fs.c /optee_os/lib/libutils/ext/ftrace/ftrace.c /optee_os/mk/checkconf.mk /optee_os/mk/config.mk /optee_os/scripts/symbolize.py /optee_os/ta/arch/arm/ta.ld.S
dd13645c	30-Jan-2020	Clement Faure <clement.faure@nxp.com>	drivers: tzc: set maximum region size for tzc_auto_configure() According to the TZC380 documentation, the AXI address width controls the upper limit value of the region size. This fix makes sure tha drivers: tzc: set maximum region size for tzc_auto_configure() According to the TZC380 documentation, the AXI address width controls the upper limit value of the region size. This fix makes sure that tzc_auto_configure() function will not allocated a region bigger that the AXI address width. Signed-off-by: Clement Faure <clement.faure@nxp.com> Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> show more ... /optee_os/.shippable.yml /optee_os/.travis.yml /optee_os/core/arch/arm/include/arm32.h /optee_os/core/arch/arm/include/arm64.h /optee_os/core/arch/arm/kernel/generic_entry_a32.S /optee_os/core/arch/arm/kernel/generic_entry_a64.S /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/mm/tee_mmu.c /optee_os/core/arch/arm/plat-hikey/conf.mk /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-imx/crypto_conf.mk /optee_os/core/arch/arm/tee/arch_svc.c /optee_os/core/core.mk /optee_os/core/drivers/crypto/caam/hash/caam_hash.c /optee_os/core/drivers/crypto/caam/include/caam_common.h /optee_os/core/drivers/crypto/caam/include/caam_desc_helper.h /optee_os/core/drivers/crypto/caam/include/caam_trace.h /optee_os/core/drivers/crypto/caam/include/caam_utils_mem.h /optee_os/core/drivers/crypto/caam/include/caam_utils_sgt.h /optee_os/core/drivers/crypto/caam/utils/utils_mem.c /optee_os/core/drivers/crypto/caam/utils/utils_sgt.c /optee_os/core/drivers/tzc380.c drivers/tzc380.h /optee_os/core/lib/libtomcrypt/mpi_desc.c /optee_os/core/lib/libtomcrypt/sub.mk /optee_os/lib/libmbedtls/include/mbedtls_config_kernel.h /optee_os/lib/libutee/include/tee_arith_internal.h /optee_os/lib/libutee/sub.mk /optee_os/mk/config.mk /optee_os/ta/mk/build-user-ta.mk /optee_os/ta/mk/ta_dev_kit.mk /optee_os/ta/pkcs11/src/entry.c /optee_os/ta/pkcs11/src/pkcs11_helpers.c /optee_os/ta/pkcs11/src/pkcs11_helpers.h /optee_os/ta/pkcs11/src/sub.mk /optee_os/ta/ta.mk
b6afa13a	27-Jan-2020	Carlo Caione <ccaione@baylibre.com>	plat-amlogic: Add initial support for Amlogic platforms This is the initial support for the Amlogic platforms. Tested 64-bin mode on A113D (AXG) board using upstream TF-A BL31. * xtest results (-l plat-amlogic: Add initial support for Amlogic platforms This is the initial support for the Amlogic platforms. Tested 64-bin mode on A113D (AXG) board using upstream TF-A BL31. * xtest results (-l 15): \| 44074 subtests of which 0 failed \| 96 test cases of which 0 failed \| 0 test cases were skipped \| TEE test application done! * Compiled with: \| make PLATFORM=amlogic Reviewed-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Carlo Caione <ccaione@baylibre.com> show more ... /optee_os/.shippable.yml /optee_os/MAINTAINERS /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/plat-amlogic/conf.mk /optee_os/core/arch/arm/plat-amlogic/link.mk /optee_os/core/arch/arm/plat-amlogic/main.c /optee_os/core/arch/arm/plat-amlogic/platform_config.h /optee_os/core/arch/arm/plat-amlogic/scripts/aml_bin2img.py /optee_os/core/arch/arm/plat-amlogic/sub.mk /optee_os/core/arch/arm/plat-imx/drivers/imx_csu.c /optee_os/core/arch/arm/plat-imx/registers/imx6.h /optee_os/core/arch/arm/plat-imx/registers/imx7.h /optee_os/core/arch/arm/tee/entry_fast.c /optee_os/core/drivers/amlogic_uart.c /optee_os/core/drivers/sub.mk drivers/amlogic_uart.h /optee_os/core/lib/libfdt/README.license /optee_os/core/lib/libfdt/fdt.c /optee_os/core/lib/libfdt/fdt_addresses.c /optee_os/core/lib/libfdt/fdt_empty_tree.c /optee_os/core/lib/libfdt/fdt_overlay.c /optee_os/core/lib/libfdt/fdt_ro.c /optee_os/core/lib/libfdt/fdt_rw.c /optee_os/core/lib/libfdt/fdt_strerror.c /optee_os/core/lib/libfdt/fdt_sw.c /optee_os/core/lib/libfdt/fdt_wip.c /optee_os/core/lib/libfdt/include/fdt.h /optee_os/core/lib/libfdt/include/libfdt.h /optee_os/core/lib/libfdt/include/libfdt_env.h /optee_os/core/lib/libfdt/libfdt_internal.h /optee_os/lib/libmbedtls/core/dh.c /optee_os/lib/libutee/include/tee_api.h /optee_os/lib/libutee/include/tee_api_defines.h /optee_os/lib/libutee/tee_api_operations.c /optee_os/scripts/symbolize.py /optee_os/ta/pkcs11/Android.mk /optee_os/ta/pkcs11/Makefile /optee_os/ta/pkcs11/include/pkcs11_ta.h /optee_os/ta/pkcs11/src/entry.c /optee_os/ta/pkcs11/src/sub.mk /optee_os/ta/pkcs11/src/user_ta_header_defines.h /optee_os/ta/pkcs11/sub.mk /optee_os/ta/pkcs11/user_ta.mk
a66805b1	29-Jan-2020	Jerome Forissier <jerome@forissier.org>	Move core/include/config.h to lib/libutils/ext/include In order to be able to use the IS_ENABLED() macro in user space libraries, move config.h from core to libutils. Signed-off-by: Jerome Forissie Move core/include/config.h to lib/libutils/ext/include In order to be able to use the IS_ENABLED() macro in user space libraries, move config.h from core to libutils. Signed-off-by: Jerome Forissier <jerome@forissier.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/.shippable.yml /optee_os/CHANGELOG.md /optee_os/core/arch/arm/include/arm64.h /optee_os/core/arch/arm/include/kernel/generic_boot.h /optee_os/core/arch/arm/include/mm/core_mmu.h /optee_os/core/arch/arm/kernel/generic_boot.c /optee_os/core/arch/arm/kernel/generic_entry_a32.S /optee_os/core/arch/arm/kernel/generic_entry_a64.S /optee_os/core/arch/arm/kernel/pseudo_ta.c /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/mm/mobj.c /optee_os/core/arch/arm/mm/mobj_dyn_shm.c /optee_os/core/arch/arm/plat-rcar/conf.mk /optee_os/core/arch/arm/plat-rcar/link.mk /optee_os/core/lib/libtomcrypt/sm2-pke.c /optee_os/core/tee/tee_svc_cryp.c /optee_os/lib/libutee/include/tee_api_defines.h /optee_os/lib/libutee/include/utee_defines.h /optee_os/lib/libutils/ext/include/config.h /optee_os/mk/config.mk /optee_os/scripts/gen_tee_bin.py
5b385b3f	06-Jan-2020	Jerome Forissier <jerome@forissier.org>	core: crypto: add support for SM2 KEP Adds SM2 Key Exchange Protocol [1] using LibTomCrypt. The TA interface complies with the GlobalPlatform TEE Internal Core API version 1.2. SM2 KEP is enabled w core: crypto: add support for SM2 KEP Adds SM2 Key Exchange Protocol [1] using LibTomCrypt. The TA interface complies with the GlobalPlatform TEE Internal Core API version 1.2. SM2 KEP is enabled with CFG_CRYPTO_SM2_KEP=y (default y) wich currently requires that CFG_CRYPTOLIB_NAME=tomcrypt. An Mbed TLS implementation could be added later if needed. [1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724110812 Signed-off-by: Jerome Forissier <jerome@forissier.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/arm.mk /optee_os/core/arch/arm/include/mm/core_mmu.h /optee_os/core/arch/arm/kernel/generic_entry_a32.S /optee_os/core/arch/arm/kernel/generic_entry_a64.S /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/mm/core_mmu_lpae.c /optee_os/core/arch/arm/mm/core_mmu_private.h /optee_os/core/arch/arm/plat-rcar/conf.mk /optee_os/core/arch/arm/plat-vexpress/conf.mk /optee_os/core/crypto.mk /optee_os/core/crypto/crypto.c crypto/crypto.h /optee_os/core/lib/libtomcrypt/acipher_helpers.h /optee_os/core/lib/libtomcrypt/ecc.c /optee_os/core/lib/libtomcrypt/sm2-dsa.c /optee_os/core/lib/libtomcrypt/sm2-kep.c /optee_os/core/lib/libtomcrypt/sm2-pke.c /optee_os/core/lib/libtomcrypt/sm2_kdf.c /optee_os/core/lib/libtomcrypt/sub.mk /optee_os/core/tee/tee_svc_cryp.c /optee_os/lib/libutee/include/tee_api_defines.h /optee_os/lib/libutee/include/utee_defines.h /optee_os/lib/libutee/tee_api_operations.c
1...<<313233 34 35 36 37 38 39 40 >>...52