kernel - OpenGrok history log for /optee

Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
97db86ce	03-Feb-2023	Etienne Carriere <etienne.carriere@linaro.org>	core: tpm: fix syntax in trace message Fixes build warning (trace message below) when CFG_CORE_TPM_EVENT_LOG=y. core/kernel/tpm.c:115:8: warning: format ‘%lu’ expects argument of type ‘long unsigne core: tpm: fix syntax in trace message Fixes build warning (trace message below) when CFG_CORE_TPM_EVENT_LOG=y. core/kernel/tpm.c:115:8: warning: format ‘%lu’ expects argument of type ‘long unsigned int’, but argument 7 has type ‘size_t’ {aka ‘unsigned int’} [-Wformat=] 115 \| EMSG("TPM: Not enough space for the log: %zu, %lu", \| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 116 \| buf_size, tpm_log_size); \| ~~~~~~~~~~~~ \| \| \| size_t {aka unsigned int} Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... /optee_os/core/arch/arm/plat-k3/conf.mk /optee_os/core/arch/arm/plat-k3/drivers/ti_sci.c /optee_os/core/arch/arm/plat-k3/drivers/ti_sci.h /optee_os/core/arch/arm/plat-k3/drivers/ti_sci_protocol.h /optee_os/core/arch/arm/plat-vexpress/conf.mk tpm.c /optee_os/core/pta/k3/otp.c /optee_os/core/pta/k3/sub.mk /optee_os/core/pta/sub.mk /optee_os/lib/libutee/include/k3/otp_keywriting_ta.h /optee_os/lib/libutee/include/utee_defines.h
b76b2296	03-Feb-2023	Jerome Forissier <jerome.forissier@linaro.org>	virt: rename CFG_VIRTUALIZATION to CFG_NS_VIRTUALIZATION With the advent of virtualization support at S-EL2 in the Armv8.4-A architecture, CFG_VIRTUALIZATION has become ambiguous. Let's rename it to virt: rename CFG_VIRTUALIZATION to CFG_NS_VIRTUALIZATION With the advent of virtualization support at S-EL2 in the Armv8.4-A architecture, CFG_VIRTUALIZATION has become ambiguous. Let's rename it to CFG_NS_VIRTUALIZATION to indicate more clearly that it is about supporting virtualization on the non-secure side. This commit is the result of the following command: $ for f in $(git grep -l -w CFG_VIRTUALIZATION); do \ sed -i -e 's/CFG_VIRTUALIZATION/CFG_NS_VIRTUALIZATION/g' $f; \ done ...plus the compatibility line in mk/config.mk: CFG_NS_VIRTUALIZATION ?= $(CFG_VIRTUALIZATION) Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com> show more ... /optee_os/.github/workflows/ci.yml /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/kernel/entry_a32.S /optee_os/core/arch/arm/kernel/entry_a64.S /optee_os/core/arch/arm/kernel/kern.ld.S /optee_os/core/arch/arm/kernel/secure_partition.c /optee_os/core/arch/arm/kernel/sub.mk /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/kernel/thread_optee_smc.c /optee_os/core/arch/arm/mm/core_mmu_lpae.c /optee_os/core/arch/arm/mm/core_mmu_v7.c /optee_os/core/arch/arm/plat-vexpress/main.c /optee_os/core/arch/arm/tee/entry_fast.c /optee_os/core/arch/riscv/kernel/thread_arch.c /optee_os/core/arch/riscv/plat-spike/conf.mk /optee_os/core/include/drivers/gic.h /optee_os/core/include/kernel/virtualization.h /optee_os/core/include/mm/core_mmu.h thread.c /optee_os/core/mm/core_mmu.c /optee_os/core/pta/bcm/wdt.c /optee_os/core/pta/stats.c /optee_os/core/pta/tests/misc.c /optee_os/lib/libutils/ext/include/compiler.h /optee_os/lib/libutils/isoc/bget_malloc.c /optee_os/lib/libutils/isoc/include/malloc.h /optee_os/mk/config.mk /optee_os/scripts/ts_bin_to_c.py
af78e1b1	24-Oct-2022	Imre Kis <imre.kis@arm.com>	ldelf: Provide access to TS load address Propagate ELF load address from ldelf to user mode context as a preparation for load address relative memory regions. Signed-off-by: Imre Kis <imre.kis@arm. ldelf: Provide access to TS load address Propagate ELF load address from ldelf to user mode context as a preparation for load address relative memory regions. Signed-off-by: Imre Kis <imre.kis@arm.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/.github/workflows/ci.yml /optee_os/core/arch/arm/kernel/secure_partition.c /optee_os/core/arch/arm/plat-versal/conf.mk /optee_os/core/drivers/crypto/versal/crypto.mk /optee_os/core/drivers/crypto/versal/ecc.c /optee_os/core/drivers/crypto/versal/rsa.c /optee_os/core/include/kernel/user_mode_ctx_struct.h ldelf_loader.c /optee_os/ldelf/include/ldelf.h /optee_os/ldelf/main.c /optee_os/ldelf/ta_elf.c /optee_os/ldelf/ta_elf.h
74f6dd9b	01-Feb-2023	Marouene Boubakri <marouene.boubakri@nxp.com>	core, ldelf: add support for RISC-V RISC-V support of argument for ldelf dump state. Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com> Reviewed-by: Jerome Forissier <jerome.forissier@lin core, ldelf: add support for RISC-V RISC-V support of argument for ldelf dump state. Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com> Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> show more ... ldelf_loader.c /optee_os/ldelf/include/ldelf.h
cb5f271c	01-Feb-2023	Marouene Boubakri <marouene.boubakri@nxp.com>	core, ldelf: replace is_arm32 with is_32bit To refer to 32-bit mode, this commit replace is_arm32 with is_32bit in the following files: - core/kernel/ldelf_loader.c - ldelf/include/ldelf.h - ldelf/m core, ldelf: replace is_arm32 with is_32bit To refer to 32-bit mode, this commit replace is_arm32 with is_32bit in the following files: - core/kernel/ldelf_loader.c - ldelf/include/ldelf.h - ldelf/main.c Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com> Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> show more ... ldelf_loader.c /optee_os/ldelf/include/ldelf.h /optee_os/ldelf/main.c
d8e4ae07	01-Feb-2023	Marouene Boubakri <marouene.boubakri@nxp.com>	core: kernel: move ldelf_loader.c to core/kernel Make other architecture implementations benefit from ldelf_loader.c, therefore move it from core/arch/arm/kernel to core/kernel. The header file is a core: kernel: move ldelf_loader.c to core/kernel Make other architecture implementations benefit from ldelf_loader.c, therefore move it from core/arch/arm/kernel to core/kernel. The header file is already located outside the arch folder. Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com> Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> show more ... /optee_os/.github/workflows/ci.yml /optee_os/core/arch/arm/arm.mk /optee_os/core/arch/arm/dts/at91-sama5d27_wlsom1.dtsi /optee_os/core/arch/arm/dts/at91-sama5d27_wlsom1_ek.dts /optee_os/core/arch/arm/dts/stm32mp13-pinctrl.dtsi /optee_os/core/arch/arm/dts/stm32mp131.dtsi /optee_os/core/arch/arm/dts/stm32mp135f-dk.dts /optee_os/core/arch/arm/include/hafnium.h /optee_os/core/arch/arm/include/kernel/stmm_sp.h /optee_os/core/arch/arm/include/kernel/thread_arch.h /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/kernel/entry_a64.S /optee_os/core/arch/arm/kernel/stmm_sp.c /optee_os/core/arch/arm/kernel/sub.mk /optee_os/core/arch/arm/kernel/thread_a32.S /optee_os/core/arch/arm/kernel/thread_a64.S /optee_os/core/arch/arm/kernel/thread_spmc.c /optee_os/core/arch/arm/mm/mobj_ffa.c /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-imx/main.c /optee_os/core/arch/arm/plat-sam/conf.mk /optee_os/core/arch/arm/plat-sam/platform_config.h /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-vexpress/conf.mk /optee_os/core/arch/arm/plat-vexpress/main.c /optee_os/core/arch/riscv/include/kernel/arch_scall.h /optee_os/core/arch/riscv/include/kernel/stmm_sp.h /optee_os/core/arch/riscv/include/kernel/thread_arch.h /optee_os/core/arch/riscv/include/kernel/thread_private_arch.h /optee_os/core/arch/riscv/include/riscv.h /optee_os/core/arch/riscv/include/riscv_macros.S /optee_os/core/arch/riscv/kernel/abort.c /optee_os/core/arch/riscv/kernel/arch_scall.c /optee_os/core/arch/riscv/kernel/arch_scall_rv.S /optee_os/core/arch/riscv/kernel/asm-defines.c /optee_os/core/arch/riscv/kernel/cache_helpers_rv.S /optee_os/core/arch/riscv/kernel/sub.mk /optee_os/core/arch/riscv/kernel/thread_arch.c /optee_os/core/arch/riscv/kernel/thread_rv.S /optee_os/core/crypto.mk /optee_os/core/crypto/crypto.c /optee_os/core/drivers/crypto/caam/acipher/caam_math.c /optee_os/core/drivers/crypto/caam/utils/utils_delay.c /optee_os/core/drivers/crypto/crypto_api/acipher/ecc.c /optee_os/core/drivers/crypto/crypto_api/acipher/rsassa.c /optee_os/core/drivers/crypto/crypto_api/cipher/cipher.c /optee_os/core/drivers/crypto/crypto_api/hash/hash.c /optee_os/core/drivers/crypto/se050/adaptors/utils/utils.c /optee_os/core/drivers/crypto/se050/core/ecc.c /optee_os/core/drivers/hfic.c /optee_os/core/drivers/ls_sfp.c /optee_os/core/drivers/stm32_rng.c /optee_os/core/drivers/sub.mk /optee_os/core/include/crypto/crypto_impl.h /optee_os/core/include/drivers/hfic.h /optee_os/core/include/drivers/ls_sfp.h ldelf_loader.c sub.mk /optee_os/core/lib/libtomcrypt/ecc.c /optee_os/core/lib/libtomcrypt/hash.c /optee_os/core/lib/libtomcrypt/hmac.c /optee_os/core/lib/libtomcrypt/shake.c /optee_os/core/lib/libtomcrypt/src/hashes/sub.mk /optee_os/core/lib/libtomcrypt/sub.mk /optee_os/core/lib/libtomcrypt/tomcrypt.c /optee_os/core/pta/device.c /optee_os/core/pta/imx/digprog.c /optee_os/core/pta/imx/ocotp.c /optee_os/core/pta/imx/sub.mk /optee_os/core/pta/sub.mk /optee_os/core/pta/tests/invoke.c /optee_os/core/tee/tee_svc.c /optee_os/core/tee/tee_svc_cryp.c /optee_os/core/tee/tee_svc_storage.c /optee_os/lib/libutee/arch/arm/sub.mk /optee_os/lib/libutee/arch/arm/user_ta_entry.c /optee_os/lib/libutee/arch/arm/user_ta_entry_compat.c /optee_os/lib/libutee/include/pta_imx_digprog.h /optee_os/lib/libutee/include/pta_imx_ocotp.h /optee_os/lib/libutee/include/tee_api_compat.h /optee_os/lib/libutee/include/tee_api_defines.h /optee_os/lib/libutee/include/tee_api_defines_extensions.h /optee_os/lib/libutee/include/tee_api_types.h /optee_os/lib/libutee/include/tee_internal_api.h /optee_os/lib/libutee/include/user_ta_header.h /optee_os/lib/libutee/include/utee_defines.h /optee_os/lib/libutee/tee_api.c /optee_os/lib/libutee/tee_api_arith_mpi.c /optee_os/lib/libutee/tee_api_objects.c /optee_os/lib/libutee/tee_api_operations.c /optee_os/lib/libutee/tee_api_panic.c /optee_os/lib/libutee/tee_api_private.h /optee_os/lib/libutee/tee_api_property.c /optee_os/lib/libutils/isoc/bget_malloc.c /optee_os/mk/compile.mk /optee_os/mk/config.mk /optee_os/scripts/checkpatch.sh /optee_os/ta/arch/arm/user_ta_header.c /optee_os/ta/avb/entry.c /optee_os/ta/pkcs11/src/persistent_token.c /optee_os/ta/pkcs11/src/pkcs11_helpers.c /optee_os/ta/pkcs11/src/processing.c /optee_os/ta/pkcs11/src/processing_asymm.c /optee_os/ta/pkcs11/src/processing_digest.c /optee_os/ta/pkcs11/src/processing_symm.c /optee_os/ta/ta.mk /optee_os/ta/trusted_keys/entry.c
fc82e622	19-Dec-2022	Jens Wiklander <jens.wiklander@linaro.org>	core: finalize scall layer Finalizes the new scall layer by renaming remaining files so the generic scall layer resides in core/include/kernel/scall.h and core/kernel/scall.c. New architectures are core: finalize scall layer Finalizes the new scall layer by renaming remaining files so the generic scall layer resides in core/include/kernel/scall.h and core/kernel/scall.c. New architectures are expected to provide a core/arch/arm/include/kernel/arch_scall.h with functions needed to deal with the architecture specific struct thread_scall_regs usage in core/kernel/scall.c. New architectures are also expected to provide an implementation of scall_save_panic_stack() called from scall_sys_return_helper(). Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/include/kernel/arch_scall.h /optee_os/core/arch/arm/kernel/arch_scall.c /optee_os/core/arch/arm/kernel/arch_scall_a32.S /optee_os/core/arch/arm/kernel/arch_scall_a64.S /optee_os/core/arch/arm/kernel/ldelf_loader.c /optee_os/core/arch/arm/kernel/sub.mk /optee_os/core/arch/arm/tee/sub.mk /optee_os/core/include/kernel/scall.h scall.c sub.mk user_ta.c
ab5363c6	19-Dec-2022	Jens Wiklander <jens.wiklander@linaro.org>	core: introduce scall layer from svc parts Introduces a scall layer by renaming various thread_svc* names and _handle_svc() functions and function pointers as a first step in doing architecture neu core: introduce scall layer from svc parts Introduces a scall layer by renaming various thread_svc names and _*handle_svc() functions and function pointers as a first step in doing architecture neutral syscall processing. The name scall is used instead of syscall since the syscall_ prefix is reserved for the functions implementing the actual syscall. While scall is the infrastructure used to reach the syscall functions. No files are renamed and removed at this stage. This patch doesn't change any behaviour. Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/.github/workflows/ci.yml /optee_os/CHANGELOG.md /optee_os/MAINTAINERS /optee_os/Makefile /optee_os/core/arch/arm/include/kernel/thread_arch.h /optee_os/core/arch/arm/include/kernel/thread_private_arch.h /optee_os/core/arch/arm/include/tee/arch_svc.h /optee_os/core/arch/arm/kernel/asm-defines.c /optee_os/core/arch/arm/kernel/ldelf_loader.c /optee_os/core/arch/arm/kernel/secure_partition.c /optee_os/core/arch/arm/kernel/stmm_sp.c /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/kernel/thread_a32.S /optee_os/core/arch/arm/kernel/thread_a64.S /optee_os/core/arch/arm/plat-k3/platform_config.h /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/main.c /optee_os/core/arch/arm/plat-versal/conf.mk /optee_os/core/arch/arm/plat-versal/main.c /optee_os/core/arch/arm/plat-versal/platform_config.h /optee_os/core/arch/arm/tee/arch_svc.c /optee_os/core/arch/arm/tee/arch_svc_a32.S /optee_os/core/arch/arm/tee/arch_svc_a64.S /optee_os/core/arch/arm/tee/arch_svc_private.h /optee_os/core/arch/riscv/include/kernel/thread_arch.h /optee_os/core/arch/riscv/kernel/boot.c /optee_os/core/arch/riscv/kernel/entry.S /optee_os/core/arch/riscv/kernel/sub.mk /optee_os/core/drivers/crypto/se050/adaptors/apis/sss.c /optee_os/core/drivers/sub.mk /optee_os/core/drivers/versal_huk.c /optee_os/core/include/drivers/clk_dt.h /optee_os/core/include/kernel/dt_driver.h /optee_os/core/include/kernel/ts_manager.h tee_ta_manager.c user_ta.c /optee_os/lib/libutee/include/pta_stm32mp_bsec.h /optee_os/lib/libutils/ext/arch/riscv/atomic_rv.S /optee_os/lib/libutils/ext/arch/riscv/sub.mk /optee_os/mk/config.mk
94397285	27-Jan-2022	Etienne Carriere <etienne.carriere@linaro.org>	core: notif: allow GIC_PPI usage for async notif Allows to use GIC_PPI interrupts for asynchronous notification. This change replace macro COMPILE_TIME_ASSERT() with static_assert() as the former i core: notif: allow GIC_PPI usage for async notif Allows to use GIC_PPI interrupts for asynchronous notification. This change replace macro COMPILE_TIME_ASSERT() with static_assert() as the former is deprecated. Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... /optee_os/core/arch/arm/kernel/secure_partition.c /optee_os/core/arch/arm/plat-mediatek/conf.mk /optee_os/core/arch/arm/plat-mediatek/platform_config.h /optee_os/core/arch/arm/plat-stm32mp1/platform_config.h /optee_os/core/arch/arm/plat-stm32mp1/scmi_server.c /optee_os/core/arch/arm/tee/entry_fast.c /optee_os/core/drivers/rstctrl/rstctrl.c /optee_os/core/include/drivers/rstctrl.h notif.c /optee_os/core/pta/scmi.c /optee_os/lib/libutils/isoc/bget_malloc.c
0adca93a	04-Jan-2023	Gatien Chevallier <gatien.chevallier@foss.st.com>	core: dt_driver: differentiate error codes if property is not found Differentiates error codes in dt_driver_device_from_node_idx_prop() if the requested resource is not found by returning TEE_ERROR_ core: dt_driver: differentiate error codes if property is not found Differentiates error codes in dt_driver_device_from_node_idx_prop() if the requested resource is not found by returning TEE_ERROR_ITEM_NOT_FOUND. This is useful to differentiate cases for optional properties in drivers. Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... /optee_os/.github/workflows/ci.yml /optee_os/core/arch/arm/dts/stm32mp135f-dk.dts /optee_os/core/arch/arm/include/scmi/scmi_server.h /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/main.c /optee_os/core/arch/arm/plat-stm32mp1/platform_config.h /optee_os/core/arch/arm/plat-vexpress/conf.mk /optee_os/core/core.mk /optee_os/core/drivers/clk/clk.c /optee_os/core/drivers/stm32_bsec.c /optee_os/core/drivers/stm32mp15_huk.c /optee_os/core/include/drivers/clk.h /optee_os/core/include/kernel/dt_driver.h dt_driver.c /optee_os/core/lib/libtomcrypt/ecc.c /optee_os/core/lib/scmi-server/conf-optee-fvp.mk /optee_os/core/lib/scmi-server/conf-optee-stm32mp1.mk /optee_os/core/lib/scmi-server/conf.mk /optee_os/core/lib/scmi-server/include/optee_scmi.h /optee_os/core/lib/scmi-server/scmi_server.c /optee_os/core/lib/scmi-server/sub-optee-fvp.mk /optee_os/core/lib/scmi-server/sub-optee-stm32mp1.mk /optee_os/core/lib/scmi-server/sub.mk /optee_os/core/pta/scmi.c /optee_os/lib/libutee/include/pta_scmi_client.h /optee_os/lib/libutils/ext/include/config.h /optee_os/lib/libutils/isoc/arch/riscv/setjmp_rv.S /optee_os/lib/libutils/isoc/arch/riscv/sub.mk /optee_os/lib/libutils/isoc/include/assert.h /optee_os/lib/libutils/isoc/include/setjmp.h /optee_os/mk/config.mk
683b6d2c	03-Jan-2023	Marouene Boubakri <marouene.boubakri@nxp.com>	core: kernel: move otp_stubs.c to core/kernel otp_stubs.c is architecture-agnostic, therefore, move it from core/arch/arm/kernel to core/kernel. Signed-off-by: Marouene Boubakri <marouene.boubakri@ core: kernel: move otp_stubs.c to core/kernel otp_stubs.c is architecture-agnostic, therefore, move it from core/arch/arm/kernel to core/kernel. Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... /optee_os/core/arch/arm/kernel/sub.mk /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/riscv/include/kernel/delay_arch.h /optee_os/core/arch/riscv/plat-virt/conf.mk /optee_os/core/arch/riscv/plat-virt/main.c /optee_os/core/arch/riscv/plat-virt/platform_config.h /optee_os/core/arch/riscv/plat-virt/sub.mk /optee_os/core/arch/riscv/riscv.mk /optee_os/core/drivers/stm32_bsec.c /optee_os/core/include/drivers/stm32_bsec.h otp_stubs.c sub.mk
c67c4c8d	01-Dec-2022	Marouene Boubakri <marouene.boubakri@nxp.com>	core: kernel: delay: sort-out architecture-independant code from arch dir This commit moves core/arch/arm/kernel/delay.c to core/kernel/delay.c. Keeps architecture-dependant code in core/arch/$ARCH/ core: kernel: delay: sort-out architecture-independant code from arch dir This commit moves core/arch/arm/kernel/delay.c to core/kernel/delay.c. Keeps architecture-dependant code in core/arch/$ARCH/include/kernel/delay_arch.h and moves generic functions to core/include/kernel/delay.h Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com> Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/include/kernel/delay_arch.h /optee_os/core/arch/arm/kernel/sub.mk /optee_os/core/arch/riscv/kernel/sub.mk /optee_os/core/arch/riscv/kernel/tee_time_rdtime.c /optee_os/core/arch/riscv/plat-spike/conf.mk /optee_os/core/include/kernel/delay.h delay.c sub.mk
14c0df4e	01-Dec-2022	Marouene Boubakri <marouene.boubakri@nxp.com>	core: move tee_time.c and tee_time_ree.c to core/kernel tee_time.c and tee_time_ree.c are architecture-independant code therefore move them from core/arch/arm/kernel to core/kernel. Signed-off-by: core: move tee_time.c and tee_time_ree.c to core/kernel tee_time.c and tee_time_ree.c are architecture-independant code therefore move them from core/arch/arm/kernel to core/kernel. Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com> Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/.github/workflows/ci.yml /optee_os/core/arch/arm/crypto/sha512_armv8a_ce.c /optee_os/core/arch/arm/crypto/sha512_armv8a_ce_a64.S /optee_os/core/arch/arm/crypto/sm3_armv8a_ce.c /optee_os/core/arch/arm/crypto/sm3_armv8a_ce_a64.S /optee_os/core/arch/arm/crypto/sub.mk /optee_os/core/arch/arm/dts/at91-sama5d27_som1.dtsi /optee_os/core/arch/arm/dts/at91-sama5d27_som1_ek.dts /optee_os/core/arch/arm/dts/at91-sama5d2_xplained.dts /optee_os/core/arch/arm/dts/sama5d2.dtsi /optee_os/core/arch/arm/dts/stm32mp131.dtsi /optee_os/core/arch/arm/kernel/sub.mk /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/main.c /optee_os/core/arch/arm/plat-stm32mp1/nsec-service/stm32mp1_smc.h /optee_os/core/arch/arm/plat-stm32mp1/platform_config.h /optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c /optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h /optee_os/core/arch/riscv/include/kernel/clint.h /optee_os/core/arch/riscv/include/kernel/time.h /optee_os/core/arch/riscv/kernel/kern.ld.S /optee_os/core/arch/riscv/kernel/link.mk /optee_os/core/arch/riscv/riscv.mk /optee_os/core/arch/riscv/tee/sub.mk /optee_os/core/crypto.mk /optee_os/core/crypto/sm3.c /optee_os/core/drivers/atmel_rstc.c /optee_os/core/drivers/atmel_shdwc.c /optee_os/core/drivers/atmel_wdt.c /optee_os/core/drivers/crypto/se050/adaptors/include/se050.h /optee_os/core/drivers/crypto/se050/adaptors/utils/scp_config.c /optee_os/core/drivers/crypto/se050/core/ecc.c /optee_os/core/drivers/crypto/se050/core/rsa.c /optee_os/core/drivers/crypto/se050/crypto.mk /optee_os/core/drivers/stm32_bsec.c /optee_os/core/include/crypto/crypto_accel.h /optee_os/core/include/drivers/stm32_bsec.h sub.mk tee_time.c tee_time_ree.c /optee_os/core/lib/libtomcrypt/sha512_accel.c /optee_os/core/lib/libtomcrypt/src/hashes/sha2/sub.mk /optee_os/core/lib/libtomcrypt/sub.mk /optee_os/core/pta/stm32mp/bsec_pta.c /optee_os/core/pta/stm32mp/sub.mk /optee_os/core/pta/sub.mk /optee_os/lib/libmbedtls/core/hash.c /optee_os/lib/libmbedtls/include/mbedtls_config_kernel.h /optee_os/lib/libutee/arch/riscv/sub.mk /optee_os/lib/libutee/arch/riscv/utee_syscalls_rv.S /optee_os/lib/libutee/include/pta_stm32mp_bsec.h
33e931b1	23-Dec-2022	Mark-PK Tsai <mark-pk.tsai@mediatek.com>	core: Correct the description of core_is_buffer_outside Correct the function description of core_is_buffer_outside in comment. Signed-off-by: Mark-PK Tsai <mark-pk.tsai@mediatek.com> Reviewed-by: J core: Correct the description of core_is_buffer_outside Correct the function description of core_is_buffer_outside in comment. Signed-off-by: Mark-PK Tsai <mark-pk.tsai@mediatek.com> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/.github/workflows/ci.yml /optee_os/MAINTAINERS /optee_os/core/arch/arm/dts/stm32mp131.dtsi /optee_os/core/arch/arm/dts/stm32mp135f-dk.dts /optee_os/core/arch/arm/dts/stm32mp151.dtsi /optee_os/core/arch/arm/plat-d06/conf.mk /optee_os/core/arch/arm/plat-d06/main.c /optee_os/core/arch/arm/plat-d06/platform_config.h /optee_os/core/arch/arm/plat-stm32mp1/main.c /optee_os/core/arch/arm/plat-totalcompute/fdts/optee_sp_manifest.dts /optee_os/core/arch/arm/plat-versal/conf.mk /optee_os/core/drivers/imx_lpuart.c /optee_os/core/drivers/lpc_uart.c /optee_os/core/drivers/stm32_bsec.c /optee_os/core/drivers/sub.mk /optee_os/core/drivers/versal_pm.c /optee_os/core/drivers/versal_puf.c /optee_os/core/include/drivers/lpc_uart.h /optee_os/core/include/drivers/stm32_bsec.h /optee_os/core/include/drivers/versal_puf.h tee_misc.c /optee_os/core/lib/libtomcrypt/ccm.c /optee_os/core/lib/libtomcrypt/mpi_desc.c /optee_os/core/lib/libtomcrypt/rsa.c /optee_os/core/tee/tee_svc_cryp.c /optee_os/core/tee/tee_svc_storage.c /optee_os/lib/libmbedtls/include/mbedtls_config_kernel.h /optee_os/lib/libutee/arch/arm/utee_syscalls_a32.S /optee_os/lib/libutee/arch/arm/utee_syscalls_a64.S /optee_os/lib/libutee/arch/riscv/sub.mk /optee_os/lib/libutee/arch/riscv/utee_syscalls_rv64.S /optee_os/lib/libutee/include/tee_api_defines.h /optee_os/lib/libutee/include/utee_syscalls_asm.S /optee_os/lib/libutils/isoc/bget_malloc.c /optee_os/lib/libutils/isoc/include/malloc.h /optee_os/ta/pkcs11/src/processing.c /optee_os/ta/pkcs11/src/processing_asymm.c /optee_os/ta/pkcs11/src/processing_digest.c /optee_os/ta/pkcs11/src/processing_symm.c
7b84e23d	06-Dec-2022	Jerome Forissier <jerome.forissier@linaro.org>	drivers: struct serial_ops: make all functions optional except putc() Many platforms only use the putc() function pointer in struct serial_ops. Therefore, explicitly make the others optional (flush( drivers: struct serial_ops: make all functions optional except putc() Many platforms only use the putc() function pointer in struct serial_ops. Therefore, explicitly make the others optional (flush(), have_rx_data() and getchar()) by adding comments to the struct and making sure the code checks the pointer before using them. With this it should be clear that drivers do not need to provide stub functions. Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... /optee_os/core/arch/arm/dts/fsl-lx2160a.dtsi /optee_os/core/arch/arm/plat-stm/main.c /optee_os/core/arch/arm/plat-vexpress/main.c /optee_os/core/drivers/ls_sfp.c /optee_os/core/drivers/sub.mk /optee_os/core/include/drivers/ls_sfp.h /optee_os/core/include/drivers/serial.h console.c /optee_os/core/tee/tee_svc_cryp.c /optee_os/lib/libmbedtls/include/mbedtls_config_uta.h /optee_os/lib/libmbedtls/mbedtls/library/cipher_wrap.c /optee_os/lib/libutee/include/tee_api_defines.h /optee_os/lib/libutee/include/tee_internal_api.h /optee_os/lib/libutee/include/utee_syscalls.h /optee_os/lib/libutee/tee_api.c /optee_os/ta/pkcs11/include/pkcs11_ta.h /optee_os/ta/pkcs11/src/pkcs11_attributes.c /optee_os/ta/pkcs11/src/pkcs11_attributes.h /optee_os/ta/pkcs11/src/processing.c /optee_os/ta/pkcs11/src/processing.h /optee_os/ta/pkcs11/src/processing_asymm.c /optee_os/ta/pkcs11/src/processing_rsa.c /optee_os/ta/pkcs11/src/token_capabilities.c
c123d804	29-Nov-2022	Jens Wiklander <jens.wiklander@linaro.org>	core: embedded_ts: use mempool to decompress TS image Changes embedded TS management to have zlib using default mempool to allocate buffers for image decompression. This is useful as the process can core: embedded_ts: use mempool to decompress TS image Changes embedded TS management to have zlib using default mempool to allocate buffers for image decompression. This is useful as the process can require buffer of several kilobytes. Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/MAINTAINERS /optee_os/core/arch/arm/dts/fsl-lx2160a.dtsi /optee_os/core/arch/arm/dts/stm32mp151.dtsi /optee_os/core/arch/arm/dts/stm32mp157a-dk1.dts /optee_os/core/arch/arm/dts/stm32mp157c-dk2.dts /optee_os/core/arch/arm/dts/stm32mp157c-ed1.dts /optee_os/core/arch/arm/dts/stm32mp157c-ev1.dts /optee_os/core/arch/arm/dts/stm32mp15xx-dkx.dtsi /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/kernel/entry_a32.S /optee_os/core/arch/arm/kernel/entry_a64.S /optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c /optee_os/core/arch/arm/plat-versal/conf.mk /optee_os/core/arch/riscv/include/riscv.h /optee_os/core/arch/riscv/include/sbi.h /optee_os/core/arch/riscv/kernel/sbi.c /optee_os/core/arch/riscv/kernel/sbi_console.c /optee_os/core/arch/riscv/kernel/spinlock.S /optee_os/core/arch/riscv/kernel/sub.mk /optee_os/core/arch/riscv/plat-spike/drivers/sub.mk /optee_os/core/arch/riscv/plat-spike/main.c /optee_os/core/arch/riscv/riscv.mk /optee_os/core/core.mk /optee_os/core/crypto.mk /optee_os/core/crypto/crypto.c /optee_os/core/crypto/sm4-xts.c /optee_os/core/crypto/sm4.c /optee_os/core/crypto/sm4.h /optee_os/core/crypto/sub.mk /optee_os/core/drivers/crypto/versal/ecc.c /optee_os/core/drivers/crypto/versal/ipi.c /optee_os/core/drivers/crypto/versal/rsa.c /optee_os/core/drivers/crypto/versal/sub.mk /optee_os/core/drivers/sub.mk /optee_os/core/drivers/versal_sha3_384.c /optee_os/core/include/crypto/crypto_impl.h /optee_os/core/include/drivers/versal_sha3_384.h /optee_os/core/include/kernel/boot.h /optee_os/core/include/tee/tee_svc_cryp.h /optee_os/core/include/tee/tee_svc_storage.h embedded_ts.c /optee_os/core/lib/libtomcrypt/ecc.c /optee_os/core/tee/tee_cryp_utl.c /optee_os/core/tee/tee_svc_cryp.c /optee_os/core/tee/tee_svc_storage.c /optee_os/ldelf/ldelf.ld.S /optee_os/ldelf/ldelf.mk /optee_os/ldelf/start_rv64.S /optee_os/ldelf/sub.mk /optee_os/ldelf/ta_elf.c /optee_os/ldelf/ta_elf_rel.c /optee_os/lib/libmbedtls/core/ecc.c /optee_os/lib/libutee/include/elf_common.h /optee_os/lib/libutee/include/tee_api.h /optee_os/lib/libutee/include/tee_api_compat.h /optee_os/lib/libutee/include/tee_api_defines.h /optee_os/lib/libutee/include/tee_api_defines_extensions.h /optee_os/lib/libutee/include/tee_internal_api.h /optee_os/lib/libutee/include/tee_ta_api.h /optee_os/lib/libutee/include/utee_defines.h /optee_os/lib/libutee/include/utee_syscalls.h /optee_os/lib/libutee/include/utee_types.h /optee_os/lib/libutee/tee_api_objects.c /optee_os/lib/libutee/tee_api_operations.c /optee_os/lib/libutils/ext/include/confine_array_index.h /optee_os/lib/libutils/isoc/stack_check.c /optee_os/mk/config.mk /optee_os/ta/arch/arm/user_ta_header.c /optee_os/ta/mk/build-user-ta.mk /optee_os/ta/mk/ta_dev_kit.mk /optee_os/ta/pkcs11/src/processing.c /optee_os/ta/ta.mk
5305bce1	08-Nov-2022	Marouene Boubakri <marouene.boubakri@nxp.com>	core: kernel: move trace_ext.c to core/kernel Functions in trace_ext.c are architecture independent, therefore, code could be moved to core/kernel. Signed-off-by: Marouene Boubakri <marouene.boubak core: kernel: move trace_ext.c to core/kernel Functions in trace_ext.c are architecture independent, therefore, code could be moved to core/kernel. Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com> Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> show more ... /optee_os/core/arch/arm/include/kernel/cache_helpers_arch.h /optee_os/core/arch/arm/include/kernel/misc_arch.h /optee_os/core/arch/arm/kernel/sub.mk /optee_os/core/arch/riscv/include/kernel/cache_helpers_arch.h /optee_os/core/arch/riscv/include/kernel/misc_arch.h /optee_os/core/arch/riscv/include/kernel/tee_l2cc_mutex.h /optee_os/core/arch/riscv/include/kernel/thread_arch.h /optee_os/core/arch/riscv/include/mm/core_mmu_arch.h /optee_os/core/arch/riscv/include/riscv_macros.S /optee_os/core/arch/riscv/kernel/idle.c /optee_os/core/arch/riscv/kernel/sub.mk /optee_os/core/arch/riscv/kernel/tee_time.c /optee_os/core/arch/riscv/mm/sub.mk /optee_os/core/arch/riscv/mm/tlb_helpers_rv.S /optee_os/core/arch/riscv/plat-spike/conf.mk /optee_os/core/arch/riscv/plat-spike/main.c /optee_os/core/arch/riscv/riscv.mk /optee_os/core/include/kernel/cache_helpers.h /optee_os/core/include/kernel/misc.h sub.mk trace_ext.c
2d7720f1	11-Nov-2022	Jens Wiklander <jens.wiklander@linaro.org>	core: add fault mitigations in ree_fs_ta_open() Adds and enables fault mitigation in ree_fs_ta_open() to check the signature of the TA before returning success. Acked-by: Jerome Forissier <jerome.f core: add fault mitigations in ree_fs_ta_open() Adds and enables fault mitigation in ree_fs_ta_open() to check the signature of the TA before returning success. Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... ree_fs_ta.c
c8219657	01-Apr-2022	Jens Wiklander <jens.wiklander@linaro.org>	core: add fault mitigations in buf_ta_open() Adds and enables fault mitigation in buf_ta_open() to check both the signature of the TA and then also the hash of the TA before returning success. Acke core: add fault mitigations in buf_ta_open() Adds and enables fault mitigation in buf_ta_open() to check both the signature of the TA and then also the hash of the TA before returning success. Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/arm.mk /optee_os/core/arch/arm/include/ffa.h /optee_os/core/arch/arm/include/kernel/secure_partition.h /optee_os/core/arch/arm/include/kernel/thread_private_arch.h /optee_os/core/arch/arm/kernel/link_dummies_paged.c /optee_os/core/arch/arm/kernel/secure_partition.c /optee_os/core/arch/arm/kernel/spmc_sp_handler.c /optee_os/core/arch/arm/kernel/stmm_sp.c /optee_os/core/arch/arm/kernel/thread_a32.S /optee_os/core/arch/arm/kernel/thread_spmc.c /optee_os/core/arch/arm/kernel/thread_spmc_a32.S /optee_os/core/arch/arm/kernel/thread_spmc_a64.S /optee_os/core/arch/arm/mm/mobj_ffa.c /optee_os/core/arch/arm/mm/sp_mem.c /optee_os/core/crypto/signed_hdr.c /optee_os/core/drivers/crypto/crypto_api/acipher/rsa.c /optee_os/core/include/drivers/stm32_gpio.h /optee_os/core/include/kernel/thread.h ree_fs_ta.c /optee_os/core/lib/libtomcrypt/rsa.c /optee_os/core/lib/libtomcrypt/src/pk/pkcs1/pkcs_1_pss_decode.c /optee_os/core/lib/libtomcrypt/src/pk/rsa/rsa_verify_hash.c /optee_os/core/sub.mk /optee_os/core/tests/ftmn_boot_tests.c /optee_os/core/tests/sub.mk /optee_os/lib/libmbedtls/core/rsa.c /optee_os/lib/libmbedtls/mbedtls/library/rsa.c /optee_os/lib/libutils/ext/fault_mitigation.c /optee_os/lib/libutils/ext/include/fault_mitigation.h /optee_os/lib/libutils/ext/include/stdlib_ext.h /optee_os/lib/libutils/ext/include/string_ext.h /optee_os/lib/libutils/ext/include/types_ext.h /optee_os/lib/libutils/ext/sub.mk /optee_os/lib/libutils/isoc/bget_malloc.c /optee_os/lib/libutils/isoc/include/assert.h /optee_os/lib/libutils/isoc/include/inttypes.h /optee_os/lib/libutils/isoc/include/limits.h /optee_os/lib/libutils/isoc/include/malloc.h /optee_os/lib/libutils/isoc/include/memory.h /optee_os/lib/libutils/isoc/include/signal.h /optee_os/lib/libutils/isoc/include/stdint.h /optee_os/lib/libutils/isoc/include/stdio.h /optee_os/lib/libutils/isoc/include/stdlib.h /optee_os/lib/libutils/isoc/include/string.h /optee_os/lib/libutils/isoc/include/time.h /optee_os/lib/libutils/isoc/include/unistd.h /optee_os/lib/libutils/isoc/include/wchar.h /optee_os/mk/compile.mk /optee_os/mk/config.mk
cb94c145	21-Oct-2022	Weizhao Jiang <weizhaoj@amazon.com>	core: implement a method to dump user TA runtime status This patch is to dump user TA runtime status for debug purposes. The change includes: 1. Add new command (STATS_CMD_TA_STATS) in the stats PTA core: implement a method to dump user TA runtime status This patch is to dump user TA runtime status for debug purposes. The change includes: 1. Add new command (STATS_CMD_TA_STATS) in the stats PTA. 2. Add tee_ta_dump_stats() to scan all ongoing TA instance and sessions and snapshot their status. 3. Add new function: entry_dump_memstats() to __utee_entry() to get TA heap statistics. 4. Add new compile option (CFG_TA_STATS, default n) to enable this feature. Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Tested-by: Weizhao Jiang <weizhaoj@amazon.com> Signed-off-by: Weizhao Jiang <weizhaoj@amazon.com> [jf: edit commit message] Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> show more ... /optee_os/MAINTAINERS /optee_os/core/arch/arm/plat-versal/conf.mk /optee_os/core/crypto/signed_hdr.c /optee_os/core/drivers/crypto/sub.mk /optee_os/core/drivers/crypto/versal/authenc.c /optee_os/core/drivers/crypto/versal/include/ipi.h /optee_os/core/drivers/crypto/versal/ipi.c /optee_os/core/drivers/crypto/versal/sub.mk /optee_os/core/include/kernel/tee_ta_manager.h /optee_os/core/include/kernel/ts_manager.h tee_ta_manager.c user_ta.c /optee_os/core/pta/stats.c /optee_os/lib/libutee/arch/arm/user_ta_entry.c /optee_os/lib/libutee/include/utee_types.h /optee_os/mk/config.mk
827c9002	10-Nov-2022	Jens Wiklander <jens.wiklander@linaro.org>	core: ree_fs: copy in encrypted TA header only once In ree_fs_ta_open() when an encrypted TA is loaded there is an encrypted TA sub-header. Prior to this patch it was copied in from non-secure share core: ree_fs: copy in encrypted TA header only once In ree_fs_ta_open() when an encrypted TA is loaded there is an encrypted TA sub-header. Prior to this patch it was copied in from non-secure shared memory twice, first one time to read the total size of the header, and then a second time to copy in the entire header. Fix this by only copying in what wasn't copied the first time. Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... ree_fs_ta.c
19b1ce2b	10-Nov-2022	Jens Wiklander <jens.wiklander@linaro.org>	core: ree_fs: check ta size before use Check that the total loaded size of a TA matches what is in the sign header. This prevents an eventual attacker from providing arbitrary values in the img_size core: ree_fs: check ta size before use Check that the total loaded size of a TA matches what is in the sign header. This prevents an eventual attacker from providing arbitrary values in the img_size field of the signed header. Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Suggested-by: Asaf Modelevsky <amodele@amazon.com> Reported-by: Asaf Modelevsky <amodele@amazon.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/MAINTAINERS /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-zynqmp/conf.mk /optee_os/core/arch/arm/plat-zynqmp/platform_config.h /optee_os/core/drivers/crypto/se050/adaptors/apis/sss.c /optee_os/core/drivers/crypto/se050/adaptors/utils/scp_config.c /optee_os/core/drivers/crypto/se050/crypto.mk /optee_os/core/drivers/stm32mp15_huk.c ree_fs_ta.c /optee_os/core/tee/tee_svc.c
884f2f1a	21-Mar-2022	Olivier Moysan <olivier.moysan@foss.st.com>	core: dt: allow null value in reg property This change allows reg property to have value 0. The reg property can be used to describe an element that is not a physical address and for which 0 is a va core: dt: allow null value in reg property This change allows reg property to have value 0. The reg property can be used to describe an element that is not a physical address and for which 0 is a valid value. Signed-off-by: Olivier Moysan <olivier.moysan@foss.st.com> Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> show more ... /optee_os/MAINTAINERS /optee_os/core/arch/arm/plat-d06/conf.mk /optee_os/core/arch/arm/plat-d06/core_pos_a64.S /optee_os/core/arch/arm/plat-d06/main.c /optee_os/core/arch/arm/plat-d06/platform_config.h /optee_os/core/arch/arm/plat-d06/sub.mk dt.c
c34d0d91	05-Sep-2022	Jens Wiklander <jens.wiklander@linaro.org>	core: support loading TAs signed with a subkey Adds support to load TAs signed with subkey or a chain of subkeys. This allows delegation of TA signing without distributing the root key. TAs signed w core: support loading TAs signed with a subkey Adds support to load TAs signed with subkey or a chain of subkeys. This allows delegation of TA signing without distributing the root key. TAs signed with a subkey are confined to the UUID-V5 namespace of the subkey to avoid TA UUID clashes with different subkeys. SHDR_SUBKEY is a type of header which enables chains of public keys. The public root key is used to verify the first public subkey, which then is used to verify the next public subkey and so on. The TA is finally verified using the last subkey. All these headers are added in front of the TA binary so everything needed to verify the TA is available when it's loaded into memory. For example: Subkey struct shdr magic: 0x4f545348 img_type: 3 (SHDR_SUBKEY) img_size: 320 bytes algo: 0x70414930 (TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256) hash_size: 32 bytes sig_size: 256 bytes hash: f573f329fe77be686ce71647909c4ea35b5e1cd7de86369bd7d9fca31f6a4d65 struct shdr_subkey uuid: f04fa996-148a-453c-b037-1dcfbad120a6 name_size: 64 subkey_version: 1 max_depth: 4 algo: 0x70414930 (TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256) attr_count: 2 next name: "mid_level_subkey" Next header at offset: 692 (0x2b4) Subkey struct shdr magic: 0x4f545348 img_type: 3 (SHDR_SUBKEY) img_size: 320 bytes algo: 0x70414930 (TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256) hash_size: 32 bytes sig_size: 256 bytes hash: 233a6dcf1a2cf69e50cde8e20c4129157da707c76fa86ce12ee31037edef02d7 struct shdr_subkey uuid: 1a5948c5-1aa0-518c-86f4-be6f6a057b16 name_size: 64 subkey_version: 1 max_depth: 3 algo: 0x70414930 (TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256) attr_count: 2 next name: "subkey1_ta" Next header at offset: 1384 (0x568) Bootstrap TA struct shdr magic: 0x4f545348 img_type: 1 (SHDR_BOOTSTRAP_TA) img_size: 84576 bytes algo: 0x70414930 (TEE_ALG_RSASSA_PKCS1_PSS_MGF1_SHA256) hash_size: 32 bytes sig_size: 256 bytes hash: ea31ac7dc2cc06a9dc2853cd791dd00f784b5edc062ecfa274deeb66589b4ca5 struct shdr_bootstrap_ta uuid: 5c206987-16a3-59cc-ab0f-64b9cfc9e758 ta_version: 0 TA offset: 1712 (0x6b0) bytes TA size: 84576 (0x14a60) bytes Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (vexpress-qemu_virt) Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/crypto/signed_hdr.c /optee_os/core/include/signed_hdr.h ree_fs_ta.c /optee_os/mk/config.mk /optee_os/ta/arch/arm/link.mk /optee_os/ta/arch/arm/link_shlib.mk
ce20b8ec	05-Sep-2022	Jens Wiklander <jens.wiklander@linaro.org>	core: ree_fs: refactor check_update_version() Refactors check_update_version() to support more than one version database. Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> Acked-by: Etien core: ree_fs: refactor check_update_version() Refactors check_update_version() to support more than one version database. Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... ree_fs_ta.c
1 2 3 4 5 6 7 8910 >>...21