| 39e8c200 | 01-Feb-2022 |
Jerome Forissier <jerome@forissier.org> |
core: tag ops structures with __relrodata_unpaged
Global structures currently tagged with __rodata_unpaged need to use __relrodata_unpaged instead because they contain pointers which are subject to
core: tag ops structures with __relrodata_unpaged
Global structures currently tagged with __rodata_unpaged need to use __relrodata_unpaged instead because they contain pointers which are subject to relocation when CFG_CORE_ASLR=y. Doing so moves them out of .rodata which will now stay unmodified even with ASLR turned on.
Signed-off-by: Jerome Forissier <jerome@forissier.org> Acked-by: Sumit Garg <sumit.garg@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 528dabb2 | 08-Mar-2022 |
Jerome Forissier <jerome@forissier.org> |
core: suppress text relocation on stack_tmp_export
stack_tmp_export is a pointer so it is associated with a dynamic relocation when position-independent code is generated (ASLR). Moreover, this symb
core: suppress text relocation on stack_tmp_export
stack_tmp_export is a pointer so it is associated with a dynamic relocation when position-independent code is generated (ASLR). Moreover, this symbol is in the .identity_map section, which is part of .text after the final link. To get rid of this TEXTREL, remove stack_tmp_export and compute the corresponding value in assembly instead from stack_tmp and constants defined in core/arch/arm/kernel/asm-defines.c.
Signed-off-by: Jerome Forissier <jerome@forissier.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| aac71369 | 14-Feb-2022 |
Jens Wiklander <jens.wiklander@linaro.org> |
core: move NOTIF_VALUE_DO_BOTTOM_HALF assert to thread_optee_smc.c
Moves the compile assertion that NOTIF_VALUE_DO_BOTTOM_HALF matches OPTEE_SMC_ASYNC_NOTIF_VALUE_DO_BOTTOM_HALF in core/kernel/notif
core: move NOTIF_VALUE_DO_BOTTOM_HALF assert to thread_optee_smc.c
Moves the compile assertion that NOTIF_VALUE_DO_BOTTOM_HALF matches OPTEE_SMC_ASYNC_NOTIF_VALUE_DO_BOTTOM_HALF in core/kernel/notif.c to core/arch/arm/kernel/thread_optee_smc.c to keep dependencies to optee_smc.h in architecture specific code.
Acked-by: Marouene Boubakri <marouene.boubakri@nxp.com> Reviewed-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 85c8e02c | 31-Dec-2021 |
Marouene Boubakri <marouene.boubakri@nxp.com> |
core: kernel: tee_ta_manager.c: remove arm.h from includes
Header file arm.h is not used in tee_ta_manager.c, remove it from includes such that can reuse it with new architecture.
Signed-off-by: Ma
core: kernel: tee_ta_manager.c: remove arm.h from includes
Header file arm.h is not used in tee_ta_manager.c, remove it from includes such that can reuse it with new architecture.
Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 891569af | 01-Feb-2022 |
Jens Wiklander <jens.wiklander@linaro.org> |
core: move thread_defs.h into thread.h
Moves the defines in core/arch/arm/include/kernel/thread_defs.h into core/include/kernel/thread.h.
Reviewed-by: Jerome Forissier <jerome@forissier.org> Acked-
core: move thread_defs.h into thread.h
Moves the defines in core/arch/arm/include/kernel/thread_defs.h into core/include/kernel/thread.h.
Reviewed-by: Jerome Forissier <jerome@forissier.org> Acked-by: Marouene Boubakri <marouene.boubakri@nxp.com> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| ca825890 | 01-Feb-2022 |
Jens Wiklander <jens.wiklander@linaro.org> |
core: split core/arch/arm/kernel/thread.c
Splits core/arch/arm/kernel/thread.c into one generic and one architecture specific file.
Acked-by: Jerome Forissier <jerome@forissier.org> Acked-by: Marou
core: split core/arch/arm/kernel/thread.c
Splits core/arch/arm/kernel/thread.c into one generic and one architecture specific file.
Acked-by: Jerome Forissier <jerome@forissier.org> Acked-by: Marouene Boubakri <marouene.boubakri@nxp.com> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| ec835942 | 20-Dec-2021 |
Marouene Boubakri <marouene.boubakri@nxp.com> |
core: kernel: move spin_lock_debug.c to core/kernel
Source file spin_lock_debug.c does not contain architecture-specific code therefore, move it from core/arch/arm/kernel to core/kernel and remove u
core: kernel: move spin_lock_debug.c to core/kernel
Source file spin_lock_debug.c does not contain architecture-specific code therefore, move it from core/arch/arm/kernel to core/kernel and remove unused header thread_private.h
Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jerome Forissier <jerome@forissier.org>
show more ...
|
| 2b06f9de | 10-Jan-2022 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
Add basic pointer authentication support for TA's
APIAKey is used for usespace TA's where these keys are generated for every TA at load time. The TEE core maintains the key value for each TA is resp
Add basic pointer authentication support for TA's
APIAKey is used for usespace TA's where these keys are generated for every TA at load time. The TEE core maintains the key value for each TA is responsible for storing/restorign them during switch to EL0 and back.
Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| c78b2c66 | 17-Nov-2021 |
Etienne Carriere <etienne.carriere@linaro.org> |
drivers: add reset controller framework
Adds a common reset controller framework rstctrl for interfacing reset controllers exposed by a platform.
Reset controller consumers can act on relate reset
drivers: add reset controller framework
Adds a common reset controller framework rstctrl for interfacing reset controllers exposed by a platform.
Reset controller consumers can act on relate reset level with rstctrl_assert(), rstctrl_deassert() and friends.
Reset controller consumers can claim exclusive access to the reset level woth rstctrl_get_exclusive(), rstctrl_put_exclusive().
Reset controller provider drivers call rstctrl_register_provider() to allow other drivers to get a reset control reference from a devicetree reference. Reset controller driver are identified with type DT_DRIVER_RSTCTRL.
A reset controller provider exposes struct rstctrl instances made of an opaque private reference (a private data pointer or an unsigned integer identifier), an reset controller operators reference and the exclusive claim state.
Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| 61bdedea | 13-Jan-2022 |
Jerome Forissier <jerome@forissier.org> |
core: define DT drivers using scattered arrays
Replace the specific mechanism used to define and enumerate DT drivers with scattered arrays. Doing so simplifies the TEE linker file a bit.
Signed-of
core: define DT drivers using scattered arrays
Replace the specific mechanism used to define and enumerate DT drivers with scattered arrays. Doing so simplifies the TEE linker file a bit.
Signed-off-by: Jerome Forissier <jerome@forissier.org> Suggested-by: Jens Wiklander <jens.wiklander@linaro.org> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 9c4aaf67 | 11-Jan-2022 |
Jens Wiklander <jens.wiklander@linaro.org> |
core: make mobj_get_va() more secure
Adds a length parameter to allow mobj_get_va() to check that the entire va range requested is available.
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.
core: make mobj_get_va() more secure
Adds a length parameter to allow mobj_get_va() to check that the entire va range requested is available.
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| c2d44948 | 20-Apr-2021 |
Jens Wiklander <jens.wiklander@linaro.org> |
core: add asynchronous notifications
Adds support for asynchronous notifications from secure world to normal world. This allows a design with a top half and bottom half type of driver where the top
core: add asynchronous notifications
Adds support for asynchronous notifications from secure world to normal world. This allows a design with a top half and bottom half type of driver where the top half runs in secure interrupt context and a notifications tells normal world to schedule a yielding call to do the bottom half processing.
The protocol is defined in optee_msg.h optee_rpc_cmd.h and optee_smc.h.
A notification consists of a 32-bit value which normal world can retrieve using a fastcall into secure world. OP-TEE is currently only supporting the value 0-63 where 0 has a special meaning. When 0 is sent it means that normal world is supposed to make a yielding call OPTEE_MSG_CMD_DO_BOTTOM_HALF.
The notification framework in OP-TEE defines an interface where drivers can register a callback which is called on each yielding bottom half call.
Notification capability is negotiated with the normal world while it initializes its driver. If both sides supports these notifications then they are enabled.
CFG_CORE_ASYNC_NOTIF_GIC_INTID is added to define the hardware interrupt used to notify normal world. This is added to the DTB in case OP-TEE can is configured with CFG_DT=y. Other cases requires the normal world DTB to be kept in sync with this.
Reviewed-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 2828809e | 20-Apr-2021 |
Jens Wiklander <jens.wiklander@linaro.org> |
core: add new interface for synchronous notifications
Adds a new interface for synchronous notifications. The old RPC interface based on OPTEE_RPC_CMD_WAIT_QUEUE is renamed to OPTEE_RPC_CMD_NOTIFICA
core: add new interface for synchronous notifications
Adds a new interface for synchronous notifications. The old RPC interface based on OPTEE_RPC_CMD_WAIT_QUEUE is renamed to OPTEE_RPC_CMD_NOTIFICATION in order to match the new interface.
Reviewed-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 0d482f82 | 02-Nov-2021 |
Ruchika Gupta <ruchika.gupta@linaro.org> |
ldelf: Add support for mapping ELF executable sections as guarded
Introduce LDELF_MAP_FLAG_BTI to indicate if ELF supports BTI. A BTI instruction is used to guard against the execution of instructio
ldelf: Add support for mapping ELF executable sections as guarded
Introduce LDELF_MAP_FLAG_BTI to indicate if ELF supports BTI. A BTI instruction is used to guard against the execution of instructions that are not the intended target of a branch. The executable pages need to be marked as guarded to ensure that BTI doesn't execute as NOP.
Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org> Acked-by: Jerome Forissier <jerome@forissier.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| c9bd3375 | 24-Nov-2021 |
Etienne Carriere <etienne.carriere@linaro.org> |
core: dt_driver: probe drivers before/after crypto services
Changes drivers probing sequence to probe before and after core crypto services that are initialized at service_init initcall level. It in
core: dt_driver: probe drivers before/after crypto services
Changes drivers probing sequence to probe before and after core crypto services that are initialized at service_init initcall level. It intends to support probing of drivers the crypto layer depends on (as those registering to drvcrypt framework) as well as drivers that depend on crypto services.
At early_init_late initcall level, root node is parsed and the driver probing loop is run as prior this change. With this change the probing loop may end-up unresolved dependencies hence another round of driver probing is done at driver_init initcall level. Drivers dependencies are expected to be resolved at that stage.
Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| 3de8f0de | 25-Nov-2021 |
Etienne Carriere <etienne.carriere@linaro.org> |
core: dt_driver: helper for dependency on crypt service
Adds dt_driver_get_crypto() function to allow drivers to request probe deferral when depending on core crypto services. For that purpose tee_c
core: dt_driver: helper for dependency on crypt service
Adds dt_driver_get_crypto() function to allow drivers to request probe deferral when depending on core crypto services. For that purpose tee_cryp_init() is changed to call dt_driver_crypt_init_complete() once crypt layer initialization completes.
Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| 3430d816 | 08-Dec-2021 |
Lionel Debieve <lionel.debieve@foss.st.com> |
core: pm: fix incorrect flag check in pm_callback
Fix test error check that always return true with current condition. The check must be done to identify if the SUSPENDED flag has been set.
Fixes:
core: pm: fix incorrect flag check in pm_callback
Fix test error check that always return true with current condition. The check must be done to identify if the SUSPENDED flag has been set.
Fixes: 5920ec258f16 ("core: kernel: pm: refine suspend/resume sequence order") Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 736cb9e1 | 22-Nov-2021 |
Etienne Carriere <etienne.carriere@linaro.org> |
core: dt_driver: allow drivers to fail initialization
Change the probing logic to not panic core if a drivers fails to initialize. Driver that fail to probe are moved in a specific list that may be
core: dt_driver: allow drivers to fail initialization
Change the probing logic to not panic core if a drivers fails to initialize. Driver that fail to probe are moved in a specific list that may be later print for debug purpose.
Acked-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| 115944b5 | 22-Nov-2021 |
Etienne Carriere <etienne.carriere@linaro.org> |
core: dt_driver: factorize resource releasing
Moves dt_driver_release_provider() into release_probe_lists() to get all DT driver probing resources released upon core initialization completion.
Also
core: dt_driver: factorize resource releasing
Moves dt_driver_release_provider() into release_probe_lists() to get all DT driver probing resources released upon core initialization completion.
Also removes the debug verbosity that is not useful at that place.
Acked-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| c4c84e2c | 02-Dec-2021 |
Sahil Malhotra <sahil.malhotra@nxp.com> |
core: dt_driver: skip drivers not providing a probe operator
If drivers is not providing a probe operator, that can result in crash, so skip drivers not providing a probe operator.
Signed-off-by: S
core: dt_driver: skip drivers not providing a probe operator
If drivers is not providing a probe operator, that can result in crash, so skip drivers not providing a probe operator.
Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Fixes: https://github.com/OP-TEE/optee_os/issues/5017
show more ...
|
| 8dca59b4 | 19-Nov-2021 |
Etienne Carriere <etienne.carriere@linaro.org> |
core: dt_driver: use driver type when finding a driver provider
Adds driver type argument to functions dt_driver_get_provider_by_node(), and dt_driver_get_provider_by_phandle() to differentiate driv
core: dt_driver: use driver type when finding a driver provider
Adds driver type argument to functions dt_driver_get_provider_by_node(), and dt_driver_get_provider_by_phandle() to differentiate driver provider references when a single DT node relates to several driver providers that are of different type by DT binding definition. For example, a DT node may describe a device that acts both as a clock provider and a reset controller, for which two driver references are needed in the driver provider list.
Updates dt_driver_device_from_node_idx_prop() accordingly.
Fixes: f498c4042931 ("core: dt_driver: factorize clk_get_provider_by_*()") Acked-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| a3f00f7d | 21-Nov-2021 |
Etienne Carriere <etienne.carriere@linaro.org> |
core: dt_driver: return TEE_ERROR_DEFER_DRIVER_INIT if no provider
Changes dt_driver_device_from_node_idx_prop() to report caller driver probe deferral when the expected provider is not yet found in
core: dt_driver: return TEE_ERROR_DEFER_DRIVER_INIT if no provider
Changes dt_driver_device_from_node_idx_prop() to report caller driver probe deferral when the expected provider is not yet found in the provider list as the function description expects.
Fixes: d8b14b46af9d ("core: dt_driver: get return code when querying a device") Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| 33b38f8c | 21-Nov-2021 |
Ruslan Piasetskyi <ruslan.piasetskyi@gmail.com> |
core: introduce CFG_CORE_HUK_SUBKEY_COMPAT_USE_OTP_DIE_ID
Adds CFG_CORE_HUK_SUBKEY_COMPAT_USE_OTP_DIE_ID which if set to 'y' makes huk_subkey_derive() generate SSK using tee_otp_get_die_id().
Old s
core: introduce CFG_CORE_HUK_SUBKEY_COMPAT_USE_OTP_DIE_ID
Adds CFG_CORE_HUK_SUBKEY_COMPAT_USE_OTP_DIE_ID which if set to 'y' makes huk_subkey_derive() generate SSK using tee_otp_get_die_id().
Old scheme for SSK generation: SSK = HMAC_SHA256(HUK, Chip_ID || "ONLY_FOR_tee_fs_ssk") This config changes Chip_ID from the default BEEF-like value to the result of tee_otp_get_die_id().
Note that this option works only if CFG_CORE_HUK_SUBKEY_COMPAT=y.
Acked-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Signed-off-by: Ruslan Piasetskyi <ruslan.piasetskyi@gmail.com>
show more ...
|
| 6e2de0d7 | 24-Nov-2021 |
Jens Wiklander <jens.wiklander@linaro.org> |
core: Fix warnings in core/kernel/lockdep.c
Fixes -Wdeclaration-after-statement warnings in core/kernel/lockdep.c: core/kernel/lockdep.c: In function 'lockdep_graph_get_shortest_cycle': core/kernel/
core: Fix warnings in core/kernel/lockdep.c
Fixes -Wdeclaration-after-statement warnings in core/kernel/lockdep.c: core/kernel/lockdep.c: In function 'lockdep_graph_get_shortest_cycle': core/kernel/lockdep.c:151:3: error: ISO C90 forbids mixed declarations and code [-Werror=declaration-after-statement] struct lockdep_node *n = qe->node; ^~~~~~ core/kernel/lockdep.c:155:3: error: ISO C90 forbids mixed declarations and code [-Werror=declaration-after-statement] struct lockdep_edge *e = NULL; ^~~~~~ core/kernel/lockdep.c:183:5: error: ISO C90 forbids mixed declarations and code [-Werror=declaration-after-statement] size_t nlen = qe->pathlen + 1; ^~~~~~ core/kernel/lockdep.c: In function 'lockdep_visit': core/kernel/lockdep.c:221:2: error: ISO C90 forbids mixed declarations and code [-Werror=declaration-after-statement] struct lockdep_edge *e; ^~~~~~ core/kernel/lockdep.c: In function '__lockdep_lock_acquire': core/kernel/lockdep.c:343:2: error: ISO C90 forbids mixed declarations and code [-Werror=declaration-after-statement] struct lockdep_lock *lock = NULL; ^~~~~~ core/kernel/lockdep.c:356:2: error: ISO C90 forbids mixed declarations and code [-Werror=declaration-after-statement] TEE_Result res = lockdep_graph_sort(graph); ^~~~~~~~~~ core/kernel/lockdep.c: In function '__lockdep_lock_tryacquire': core/kernel/lockdep.c:390:2: error: ISO C90 forbids mixed declarations and code [-Werror=declaration-after-statement] struct lockdep_lock *lock = NULL; ^~~~~~
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 3f4f2e50 | 24-Nov-2021 |
Jens Wiklander <jens.wiklander@linaro.org> |
core: Fix warning in __wq_rpc()
Fixes a -Wdeclaration-after-statement warning in __wq_rpc(): core/kernel/wait_queue.c:36:2: error: ISO C90 forbids mixed declarations and code [-Werror=declaration-af
core: Fix warning in __wq_rpc()
Fixes a -Wdeclaration-after-statement warning in __wq_rpc(): core/kernel/wait_queue.c:36:2: error: ISO C90 forbids mixed declarations and code [-Werror=declaration-after-statement] struct thread_param params = THREAD_PARAM_VALUE(IN, func, id, 0); ^~~~~~
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|