kernel - OpenGrok history log for /optee

Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
0a971fdb	11-Dec-2020	Balint Dobszay <balint.dobszay@arm.com>	core: invoke SVC handler through struct ts_session Store the current SVC handler function pointer in struct ts_session, and invoke the handler through this. Enables changing the SVC handler for a se core: invoke SVC handler through struct ts_session Store the current SVC handler function pointer in struct ts_session, and invoke the handler through this. Enables changing the SVC handler for a session without modifying the ts_ops defined in the session context. Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Balint Dobszay <balint.dobszay@arm.com> show more ... /optee_os/core/arch/arm/kernel/stmm_sp.c /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/kernel/user_ta.c /optee_os/core/include/kernel/ts_manager.h tee_ta_manager.c
cbe7e1b8	11-Dec-2020	Balint Dobszay <balint.dobszay@arm.com>	core: extract ldelf related code from system PTA Various functions in the system PTA are only used in conjunction with ldelf. They either implement a system service needed only by ldelf (system_open core: extract ldelf related code from system PTA Various functions in the system PTA are only used in conjunction with ldelf. They either implement a system service needed only by ldelf (system_open_ta_binary(), etc.) or they provide an interface for TAs to invoke services implemented in user space by ldelf (call_ldelf_dlopen(), call_ldelf_dlsym()). Extract these to a separate file as a first step towards converting the PTA system_*() calls into proper ldelf-specific syscalls. Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Signed-off-by: Balint Dobszay <balint.dobszay@arm.com> show more ... /optee_os/.shippable.yml /optee_os/core/arch/arm/include/kernel/ldelf_loader.h /optee_os/core/arch/arm/kernel/ldelf_loader.c /optee_os/core/arch/arm/kernel/pseudo_ta.c /optee_os/core/arch/arm/plat-vexpress/platform_config.h /optee_os/core/drivers/crypto/se050/adaptors/apis/apdu.c /optee_os/core/drivers/crypto/se050/adaptors/include/se050_apdu_apis.h /optee_os/core/drivers/crypto/se050/adaptors/include/se050_utils.h /optee_os/core/drivers/crypto/se050/adaptors/utils/utils.c /optee_os/core/drivers/crypto/se050/core/ecc.c /optee_os/core/drivers/crypto/se050/core/rsa.c /optee_os/core/drivers/crypto/se050/core/sub.mk /optee_os/core/drivers/crypto/se050/crypto.mk /optee_os/core/include/kernel/ldelf_syscalls.h /optee_os/core/include/kernel/tee_ta_manager.h /optee_os/core/include/kernel/ts_manager.h ldelf_syscalls.c sub.mk /optee_os/core/pta/system.c /optee_os/core/pta/tests/misc.c /optee_os/core/tee/tee_rpmb_fs.c /optee_os/lib/libutils/isoc/bget.c /optee_os/lib/libutils/isoc/bget.h /optee_os/lib/libutils/isoc/bget_malloc.c /optee_os/lib/libutils/isoc/include/malloc.h /optee_os/mk/compile.mk /optee_os/mk/config.mk /optee_os/ta/pkcs11/include/pkcs11_ta.h /optee_os/ta/pkcs11/src/attributes.c /optee_os/ta/pkcs11/src/attributes.h /optee_os/ta/pkcs11/src/entry.c /optee_os/ta/pkcs11/src/object.c /optee_os/ta/pkcs11/src/pkcs11_attributes.c /optee_os/ta/pkcs11/src/pkcs11_attributes.h /optee_os/ta/pkcs11/src/pkcs11_helpers.c /optee_os/ta/pkcs11/src/pkcs11_token.c /optee_os/ta/pkcs11/src/processing.c /optee_os/ta/pkcs11/src/processing.h /optee_os/ta/pkcs11/src/sanitize_object.c /optee_os/ta/pkcs11/src/sanitize_object.h /optee_os/ta/pkcs11/src/token_capabilities.c /optee_os/ta/ta.mk
145ae446	02-Dec-2020	Jens Wiklander <jens.wiklander@linaro.org>	Use barrier_read_cntpct() to read CNTPCT Arm ARM quite clearly mentions [1] [2] that such reads must be preceded by an ISB to forbid re-ordering. [1] https://developer.arm.com/documentation/ddi0487 Use barrier_read_cntpct() to read CNTPCT Arm ARM quite clearly mentions [1] [2] that such reads must be preceded by an ISB to forbid re-ordering. [1] https://developer.arm.com/documentation/ddi0487/fc/ page D13-2863 "Synchronization requirements for AArch64 System registers" and page G8-6146 "Ordering of reads of System registers". [2] https://developer.arm.com/documentation/ddi0406/cd/ page B3-1441 "Ordering of reads of system control registers" Reviewed-by: Jerome Forissier <jerome@forissier.org> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Reported-by: Olivier Deprez <Olivier.Deprez@arm.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/.shippable.yml /optee_os/MAINTAINERS /optee_os/core/arch/arm/include/arm.h /optee_os/core/arch/arm/include/kernel/delay.h /optee_os/core/arch/arm/include/kernel/stmm_sp.h /optee_os/core/arch/arm/kernel/abort.c /optee_os/core/arch/arm/kernel/kern.ld.S /optee_os/core/arch/arm/kernel/link.mk /optee_os/core/arch/arm/kernel/stmm_sp.c /optee_os/core/arch/arm/kernel/tee_time_arm_cntpct.c /optee_os/core/arch/arm/kernel/thread_a32.S /optee_os/core/arch/arm/kernel/thread_private.h /optee_os/core/arch/arm/mm/tee_pager.c /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-mediatek/conf.mk /optee_os/core/arch/arm/plat-mediatek/main.c /optee_os/core/arch/arm/plat-mediatek/platform_config.h /optee_os/core/arch/arm/plat-rcar/link.mk /optee_os/core/arch/arm/plat-rockchip/platform.c /optee_os/core/arch/arm/plat-rzg/conf.mk /optee_os/core/arch/arm/plat-rzg/link.mk /optee_os/core/arch/arm/plat-rzg/main.c /optee_os/core/arch/arm/plat-rzg/platform_config.h /optee_os/core/arch/arm/plat-rzg/sub.mk /optee_os/core/arch/arm/plat-stm32mp1/scmi_server.c /optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h /optee_os/core/crypto.mk /optee_os/core/crypto/aes-cts.c /optee_os/core/crypto/crypto.c /optee_os/core/drivers/crypto/crypto_api/acipher/ecc.c /optee_os/core/drivers/crypto/crypto_api/acipher/sub.mk /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt.h /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_acipher.h /optee_os/core/drivers/crypto/se050/adaptors/apis/apdu.c /optee_os/core/drivers/crypto/se050/adaptors/apis/sss.c /optee_os/core/drivers/crypto/se050/adaptors/apis/user.c /optee_os/core/drivers/crypto/se050/adaptors/include/se050.h /optee_os/core/drivers/crypto/se050/adaptors/include/se050_apdu_apis.h /optee_os/core/drivers/crypto/se050/adaptors/include/se050_sss_apis.h /optee_os/core/drivers/crypto/se050/adaptors/include/se050_user_apis.h /optee_os/core/drivers/crypto/se050/adaptors/include/se050_utils.h /optee_os/core/drivers/crypto/se050/adaptors/sub.mk /optee_os/core/drivers/crypto/se050/adaptors/utils/info.c /optee_os/core/drivers/crypto/se050/adaptors/utils/scp_config.c /optee_os/core/drivers/crypto/se050/adaptors/utils/utils.c /optee_os/core/drivers/crypto/se050/core/cipher.c /optee_os/core/drivers/crypto/se050/core/ctr.c /optee_os/core/drivers/crypto/se050/core/huk.c /optee_os/core/drivers/crypto/se050/core/include/se050_cipher_algorithms.h /optee_os/core/drivers/crypto/se050/core/rng.c /optee_os/core/drivers/crypto/se050/core/rsa.c /optee_os/core/drivers/crypto/se050/core/scp03.c /optee_os/core/drivers/crypto/se050/core/storage.c /optee_os/core/drivers/crypto/se050/core/sub.mk /optee_os/core/drivers/crypto/se050/crypto.mk /optee_os/core/drivers/crypto/se050/glue/i2c.c /optee_os/core/drivers/crypto/se050/glue/user.c /optee_os/core/drivers/crypto/se050/session.c /optee_os/core/drivers/crypto/se050/sub.mk /optee_os/core/drivers/crypto/sub.mk /optee_os/core/drivers/imx_i2c.c /optee_os/core/drivers/pl022_spi.c /optee_os/core/drivers/tzc380.c /optee_os/core/include/crypto/crypto.h /optee_os/core/include/crypto/crypto_impl.h /optee_os/core/include/keep.h /optee_os/core/include/kernel/tee_time.h /optee_os/core/include/spi.h tee_ta_manager.c /optee_os/core/lib/libtomcrypt/acipher_helpers.h /optee_os/core/lib/libtomcrypt/ecc.c /optee_os/core/lib/libtomcrypt/sm2-dsa.c /optee_os/core/lib/libtomcrypt/sm2-pke.c /optee_os/core/lib/libtomcrypt/src/pk/dh/dh_make_key.c /optee_os/core/pta/scp03.c /optee_os/core/pta/sub.mk /optee_os/core/sub.mk /optee_os/core/tee/tee_rpmb_fs.c /optee_os/core/tee/tee_svc_cryp.c /optee_os/core/tee/tee_svc_storage.c /optee_os/lib/libmbedtls/core/ecc.c /optee_os/lib/libutee/include/arm_user_sysreg.h /optee_os/lib/libutee/include/scp03_pta.h /optee_os/lib/libutee/include/user_ta_header.h /optee_os/lib/libutee/tee_api_arith_mpi.c /optee_os/lib/libutee/tee_api_operations.c /optee_os/lib/libutils/ext/ftrace/ftrace.c /optee_os/mk/cc-option.mk /optee_os/mk/checkconf.mk /optee_os/mk/config.mk /optee_os/ta/pkcs11/include/pkcs11_ta.h /optee_os/ta/pkcs11/src/entry.c /optee_os/ta/pkcs11/src/object.c /optee_os/ta/pkcs11/src/pkcs11_attributes.c /optee_os/ta/pkcs11/src/pkcs11_helpers.c /optee_os/ta/pkcs11/src/pkcs11_helpers.h /optee_os/ta/pkcs11/src/pkcs11_token.c /optee_os/ta/pkcs11/src/processing.c /optee_os/ta/pkcs11/src/processing.h /optee_os/ta/pkcs11/src/processing_aes.c /optee_os/ta/pkcs11/src/processing_symm.c /optee_os/ta/pkcs11/src/token_capabilities.c
521aacf1	10-Nov-2020	Etienne Carriere <etienne.carriere@linaro.org>	core: fix secure partition TA context Fix secure partition invocation in tee_ta_manager.c. The TA context instance is found in the secure partition context (as here _stmm_ctx()), instead of the tru core: fix secure partition TA context Fix secure partition invocation in tee_ta_manager.c. The TA context instance is found in the secure partition context (as here _stmm_ctx()), instead of the trusted service context as for regular TAs and PTAs. This change moves to_ta_session() from header file to source file so that is_stmm_ctx() is visible and can be asserted. Tested-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... /optee_os/core/arch/arm/plat-hikey/conf.mk /optee_os/core/drivers/crypto/caam/acipher/caam_rsa.c /optee_os/core/include/kernel/tee_ta_manager.h tee_ta_manager.c /optee_os/core/lib/libtomcrypt/rsa.c /optee_os/lib/libmbedtls/core/rsa.c
e3603bde	27-Oct-2020	Balint Dobszay <balint.dobszay@arm.com>	core: move non TA specific fields from user_ta_ctx Moves fields from user_ta_ctx to user_mode_ctx, which are not specific to user TAs. This is needed to prepare for handling Secure Partitions, user_ core: move non TA specific fields from user_ta_ctx Moves fields from user_ta_ctx to user_mode_ctx, which are not specific to user TAs. This is needed to prepare for handling Secure Partitions, user_mode_ctx will be the common ground for the fields used by both TAs and SPs. Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Balint Dobszay <balint.dobszay@arm.com> show more ... /optee_os/core/arch/arm/include/kernel/early_ta.h /optee_os/core/arch/arm/include/kernel/embedded_ts.h /optee_os/core/arch/arm/include/kernel/ldelf_loader.h /optee_os/core/arch/arm/include/kernel/secure_partition.h /optee_os/core/arch/arm/include/kernel/thread.h /optee_os/core/arch/arm/include/kernel/user_ta.h /optee_os/core/arch/arm/kernel/early_ta.c /optee_os/core/arch/arm/kernel/embedded_ts.c /optee_os/core/arch/arm/kernel/ldelf_loader.c /optee_os/core/arch/arm/kernel/ree_fs_ta.c /optee_os/core/arch/arm/kernel/secstor_ta.c /optee_os/core/arch/arm/kernel/secure_partition.c /optee_os/core/arch/arm/kernel/stmm_sp.c /optee_os/core/arch/arm/kernel/sub.mk /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/kernel/user_ta.c /optee_os/core/arch/arm/plat-imx/registers/imx6.h /optee_os/core/arch/arm/plat-imx/registers/imx8m-crm.h /optee_os/core/arch/arm/plat-imx/registers/imx8m.h /optee_os/core/arch/arm/tee/arch_svc.c /optee_os/core/drivers/imx_i2c.c /optee_os/core/include/kernel/ts_store.h /optee_os/core/include/kernel/user_mode_ctx_struct.h tee_ta_manager.c /optee_os/core/pta/device.c /optee_os/core/pta/system.c /optee_os/core/sub.mk /optee_os/mk/config.mk /optee_os/scripts/ts_bin_to_c.py /optee_os/ta/pkcs11/src/pkcs11_attributes.c /optee_os/ta/pkcs11/src/pkcs11_helpers.c
f9cd31c5	05-Oct-2020	Jelle Sels <jelle.sels@arm.com>	core: rename secure_partition to stmm_sp The current secure partition code is used for the stmm SP. Rename it so we can start integrating the FF-A secure partitions. Backwards compatibility is main core: rename secure_partition to stmm_sp The current secure partition code is used for the stmm SP. Rename it so we can start integrating the FF-A secure partitions. Backwards compatibility is maintained when CFG_STMM_PATH is used to enable support for STMM. The internal configuration flag CFG_WITH_SECURE_PARTITION is renamed to CFG_WITH_STMM_SP. Signed-off-by: Jelle Sels <jelle.sels@arm.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> show more ... /optee_os/.checkpatch.conf /optee_os/core/arch/arm/include/kernel/stmm_sp.h /optee_os/core/arch/arm/kernel/stmm_sp.c /optee_os/core/arch/arm/kernel/sub.mk /optee_os/core/include/kernel/user_mode_ctx.h tee_ta_manager.c /optee_os/mk/config.mk
89c9728d	19-Oct-2020	Jens Wiklander <jens.wiklander@linaro.org>	core: replace tee_mmu prefix with vm Replaces the tee_mmu prefix with vm. tee_mmu.h is renamed to vm.h and core/arch/arm/mm/tee_mmu.c is moved to core/mm/vm.c. Public functions belonging to these fi core: replace tee_mmu prefix with vm Replaces the tee_mmu prefix with vm. tee_mmu.h is renamed to vm.h and core/arch/arm/mm/tee_mmu.c is moved to core/mm/vm.c. Public functions belonging to these files are renamed with a vm prefix. Introduces: vm_map_param(), vm_clean_param(), vm_buf_is_inside_private(), vm_buf_intersects_private(), vm_buf_to_mboj_offs(), vm_buf_is_inside_um_private(), vm_buf_intersects_um_private(), vm_add_rwmem(), vm_rem_rwmem(), vm_va2pa(), vm_pa2va(), vm_check_access_rights(), vm_set_ctx() replacing their tee_mmu_*() counterpart. Acked-by: Joakim Bech <joakim.bech@linaro.org> Acked-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/include/kernel/secure_partition.h /optee_os/core/arch/arm/include/kernel/user_ta.h /optee_os/core/arch/arm/include/mm/core_mmu.h /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/kernel/secure_partition.c /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/kernel/user_ta.c /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/mm/mobj.c /optee_os/core/arch/arm/mm/mobj_dyn_shm.c /optee_os/core/arch/arm/mm/sub.mk /optee_os/core/arch/arm/mm/tee_pager.c /optee_os/core/arch/arm/tee/arch_svc.c /optee_os/core/arch/arm/tee/svc_cache.c /optee_os/core/drivers/crypto/caam/utils/utils_mem.c /optee_os/core/include/kernel/ts_manager.h /optee_os/core/include/kernel/user_mode_ctx.h /optee_os/core/include/kernel/user_mode_ctx_struct.h /optee_os/core/include/mm/vm.h tee_ta_manager.c ts_manager.c user_access.c /optee_os/core/mm/sub.mk /optee_os/core/mm/vm.c /optee_os/core/pta/benchmark.c /optee_os/core/pta/gprof.c /optee_os/core/pta/sdp.c /optee_os/core/pta/system.c /optee_os/core/tee/tee_obj.c /optee_os/core/tee/tee_svc.c /optee_os/core/tee/tee_svc_cryp.c /optee_os/core/tee/tee_svc_storage.c
82061b8d	01-Sep-2020	Jens Wiklander <jens.wiklander@linaro.org>	core: store TA params in session struct Stores TA params and error origin in struct tee_ta_session instead of passing them as parameters to enter_open_session() and enter_invoke_cmd() in struct ts_o core: store TA params in session struct Stores TA params and error origin in struct tee_ta_session instead of passing them as parameters to enter_open_session() and enter_invoke_cmd() in struct ts_ops. This makes struct ts_ops less TA specific. Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/include/kernel/secure_partition.h /optee_os/core/arch/arm/kernel/pseudo_ta.c /optee_os/core/arch/arm/kernel/secure_partition.c /optee_os/core/arch/arm/kernel/user_ta.c /optee_os/core/include/kernel/tee_ta_manager.h /optee_os/core/include/kernel/ts_manager.h tee_ta_manager.c
ce332a51	01-Sep-2020	Jens Wiklander <jens.wiklander@linaro.org>	core: add is_ta_ctx() Adds is_ta_ctx() and calls it in to_ta_session() and to_ta_ctx() to help debugging. Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander < core: add is_ta_ctx() Adds is_ta_ctx() and calls it in to_ta_session() and to_ta_ctx() to help debugging. Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/include/kernel/tee_ta_manager.h tee_ta_manager.c
3560d990	01-Sep-2020	Jens Wiklander <jens.wiklander@linaro.org>	core: add generic struct ts_ctx Adds the generic struct ts_ctx to be used instead of struct tee_ta_ctx where generic context operations are performed. struct tee_ta_ctx adds a field with struct ts_ core: add generic struct ts_ctx Adds the generic struct ts_ctx to be used instead of struct tee_ta_ctx where generic context operations are performed. struct tee_ta_ctx adds a field with struct ts_ctx for conversion to struct ts_ctx where needed. The struct ts_session is updated to keep a pointer to a struct ts_ctx instead of the previous struct tee_ta_ctx. Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/include/kernel/pseudo_ta.h /optee_os/core/arch/arm/include/kernel/secure_partition.h /optee_os/core/arch/arm/include/kernel/thread.h /optee_os/core/arch/arm/include/kernel/user_ta.h /optee_os/core/arch/arm/include/mm/pgt_cache.h /optee_os/core/arch/arm/kernel/pseudo_ta.c /optee_os/core/arch/arm/kernel/secure_partition.c /optee_os/core/arch/arm/kernel/user_ta.c /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/mm/mobj.c /optee_os/core/arch/arm/mm/pgt_cache.c /optee_os/core/arch/arm/mm/tee_mmu.c /optee_os/core/arch/arm/mm/tee_pager.c /optee_os/core/arch/arm/tee/svc_cache.c /optee_os/core/include/kernel/tee_ta_manager.h /optee_os/core/include/kernel/ts_manager.h /optee_os/core/include/kernel/user_mode_ctx.h /optee_os/core/include/mm/tee_mmu.h tee_ta_manager.c ts_manager.c /optee_os/core/tee/tee_svc.c
00b3b9a2	31-Aug-2020	Jens Wiklander <jens.wiklander@linaro.org>	core: add generic struct ts_session As a step in making room for Secure Partitions (SPs) running at S-EL0 add a Trusted Service (TS) abstraction. Both TAs and SPs is a TS. Adds the generic struct t core: add generic struct ts_session As a step in making room for Secure Partitions (SPs) running at S-EL0 add a Trusted Service (TS) abstraction. Both TAs and SPs is a TS. Adds the generic struct ts_session. All future sessions structs (currently only struct tee_ta_session exists) should add this struct to allow generic session operations. With this struct comes new functions replacing previous struct tee_ta_session oriented functions. The following functions are replaced as: tee_ta_get_current_session() -> ts_get_current_session() tee_ta_push_current_session() -> ts_push_current_session() tee_ta_pop_current_session() -> ts_pop_current_session() tee_ta_get_calling_session() -> ts_get_calling_session() ts_get_current_session() is changed compared to its predecessor to panic() in case of failure to return a valid pointer. A new function ts_get_current_session_may_fail() is added to handle an eventual case where a return NULL session may be handled. Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/.shippable.yml /optee_os/.travis.yml /optee_os/CHANGELOG.md /optee_os/MAINTAINERS /optee_os/core/arch/arm/arm.mk /optee_os/core/arch/arm/include/kernel/abort.h /optee_os/core/arch/arm/include/kernel/early_ta.h /optee_os/core/arch/arm/include/kernel/linker.h /optee_os/core/arch/arm/include/kernel/thread.h /optee_os/core/arch/arm/include/mm/core_mmu.h /optee_os/core/arch/arm/kernel/abort.c /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/kernel/kern.ld.S /optee_os/core/arch/arm/kernel/pseudo_ta.c /optee_os/core/arch/arm/kernel/secure_partition.c /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/kernel/thread_a32.S /optee_os/core/arch/arm/kernel/thread_a64.S /optee_os/core/arch/arm/kernel/user_ta.c /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/mm/core_mmu_lpae.c /optee_os/core/arch/arm/plat-mediatek/conf.mk /optee_os/core/arch/arm/plat-mediatek/platform_config.h /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_pwr.c /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_pwr.h /optee_os/core/arch/arm/plat-stm32mp1/scmi_server.c /optee_os/core/arch/arm/plat-vexpress/vendor_props.c /optee_os/core/arch/arm/plat-zynqmp/conf.mk /optee_os/core/arch/arm/plat-zynqmp/platform_config.h /optee_os/core/arch/arm/sm/sm_a32.S /optee_os/core/arch/arm/tee/arch_svc.c /optee_os/core/arch/arm/tee/svc_cache.c /optee_os/core/drivers/scmi-msg/base.c /optee_os/core/drivers/scmi-msg/base.h /optee_os/core/drivers/scmi-msg/clock.h /optee_os/core/drivers/scmi-msg/common.h /optee_os/core/drivers/scmi-msg/entry.c /optee_os/core/drivers/scmi-msg/reset_domain.c /optee_os/core/drivers/scmi-msg/reset_domain.h /optee_os/core/drivers/scmi-msg/voltage_domain.c /optee_os/core/drivers/scmi-msg/voltage_domain.h /optee_os/core/include/drivers/scmi-msg.h /optee_os/core/include/dt-bindings/regulator/st,stm32mp15-regulator.h /optee_os/core/include/kernel/tee_ta_manager.h /optee_os/core/include/kernel/ts_manager.h /optee_os/core/include/tee/tee_svc.h sub.mk tee_ta_manager.c ts_manager.c user_access.c /optee_os/core/pta/gprof.c /optee_os/core/pta/system.c /optee_os/core/pta/tests/fs_htree.c /optee_os/core/pta/tests/invoke.c /optee_os/core/tee/socket.c /optee_os/core/tee/tee_obj.c /optee_os/core/tee/tee_rpmb_fs.c /optee_os/core/tee/tee_svc.c /optee_os/core/tee/tee_svc_cryp.c /optee_os/core/tee/tee_svc_storage.c /optee_os/lib/libutils/ext/arch/arm/auxval.c /optee_os/lib/libutils/ext/arch/arm/sub.mk /optee_os/lib/libutils/ext/ftrace/ftrace.c /optee_os/lib/libutils/ext/include/asm.S /optee_os/lib/libutils/isoc/newlib/strtoul.c /optee_os/mk/cc-option.mk /optee_os/mk/config.mk /optee_os/scripts/pem_to_pub_c.py /optee_os/scripts/sign_encrypt.py /optee_os/scripts/ta_bin_to_c.py /optee_os/ta/arch/arm/link.mk /optee_os/ta/mk/ta_dev_kit.mk
6b050394	08-Oct-2020	Jens Wiklander <jens.wiklander@linaro.org>	core: refactor locking during PTA init tee_ta_init_pseudo_ta_session() locks tee_ta_mutex only when needed. This makes this function similar to sec_part_init_session() and tee_ta_init_user_ta_sessio core: refactor locking during PTA init tee_ta_init_pseudo_ta_session() locks tee_ta_mutex only when needed. This makes this function similar to sec_part_init_session() and tee_ta_init_user_ta_session() in usage. Reviewed-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/kernel/pseudo_ta.c tee_ta_manager.c
6b5921cc	08-Oct-2020	Jens Wiklander <jens.wiklander@linaro.org>	core: refactor locking during StMM load sec_part_init_session() locks tee_ta_mutex only when needed. This avoids a window where deadlock can occur in case pgt_alloc() goes to sleep. Reviewed-by: Je core: refactor locking during StMM load sec_part_init_session() locks tee_ta_mutex only when needed. This avoids a window where deadlock can occur in case pgt_alloc() goes to sleep. Reviewed-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/kernel/secure_partition.c tee_ta_manager.c
f0ab1c64	07-Oct-2020	Jens Wiklander <jens.wiklander@linaro.org>	core: refactor locking during user TA load tee_ta_init_user_ta_session() unlocks tee_ta_mutex while loading ldelf and the user TA. This avoids a window where deadlock can occur in case pgt_alloc() g core: refactor locking during user TA load tee_ta_init_user_ta_session() unlocks tee_ta_mutex while loading ldelf and the user TA. This avoids a window where deadlock can occur in case pgt_alloc() goes to sleep. A new condition variable, tee_ta_init_cv, is added to signal that a TA has changed state while initializing. tee_ta_init_session_with_context waits for a TA context be fully initialized before assigning it to another session. This also simplifies tee_ta_try_set_busy() since it now doesn't have to handle the case where it has to wait for a TA context to be fully initialized. Reviewed-by: Jerome Forissier <jerome@forissier.org> Suggested-by: Opensource <opensource@sequiturlabs.com> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/Makefile /optee_os/core/arch/arm/include/kernel/thread.h /optee_os/core/arch/arm/include/mm/pgt_cache.h /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/kernel/link.mk /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/kernel/user_ta.c /optee_os/core/arch/arm/mm/core_mmu_lpae.c /optee_os/core/arch/arm/mm/core_mmu_v7.c /optee_os/core/arch/arm/plat-rcar/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_clk.c /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_pmic.c /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_rcc.c /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_rcc.h /optee_os/core/arch/arm/plat-stm32mp1/pm/psci.c /optee_os/core/arch/arm/plat-stm32mp1/scmi_server.c /optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c /optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h /optee_os/core/drivers/imx_i2c.c /optee_os/core/drivers/scmi-msg/clock.c /optee_os/core/drivers/scmi-msg/common.h /optee_os/core/drivers/scmi-msg/entry.c /optee_os/core/drivers/scmi-msg/sub.mk /optee_os/core/drivers/scmi-msg/voltage_domain.c /optee_os/core/drivers/scmi-msg/voltage_domain.h /optee_os/core/drivers/stm32_bsec.c /optee_os/core/drivers/stm32_gpio.c /optee_os/core/drivers/stpmic1.c /optee_os/core/include/drivers/scmi-msg.h /optee_os/core/include/drivers/scmi.h /optee_os/core/include/drivers/stpmic1.h /optee_os/core/include/dt-bindings/reset/stm32mp1-resets.h /optee_os/core/include/kernel/dt.h /optee_os/core/include/kernel/tee_ta_manager.h /optee_os/core/include/tee/tee_obj.h tee_ta_manager.c /optee_os/core/pta/tests/aes_perf.c /optee_os/core/tee/tee_obj.c /optee_os/core/tee/tee_rpmb_fs.c /optee_os/core/tee/tee_svc.c /optee_os/core/tee/tee_svc_cryp.c /optee_os/core/tee/tee_svc_storage.c /optee_os/lib/libutee/include/tee_api_defines.h /optee_os/lib/libutee/tee_api_objects.c /optee_os/lib/libutee/tee_api_operations.c /optee_os/lib/libutils/ext/arch/arm/mcount_a32.S /optee_os/lib/libutils/ext/include/compiler.h /optee_os/lib/libutils/ext/include/util.h /optee_os/lib/libutils/ext/snprintk.c /optee_os/mk/config.mk
1527e616	29-Aug-2020	Marek Vasut <marek.vasut+renesas@gmail.com>	core: dt: Repair type in _fdt_reg_size() The function returns ssize_t , while DT_INFO_INVALID_REG is paddr_t, fix the type. Fixes: c0cfb36c ("core: dt: introduce _fdt_fill_device_info()") Signed-of core: dt: Repair type in _fdt_reg_size() The function returns ssize_t , while DT_INFO_INVALID_REG is paddr_t, fix the type. Fixes: c0cfb36c ("core: dt: introduce _fdt_fill_device_info()") Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jerome Forissier <jerome@forissier.org> show more ... /optee_os/core/include/kernel/dt.h /optee_os/core/include/mm/tee_mmu_types.h dt.c /optee_os/core/tee/tee_svc.c /optee_os/core/tee/tee_svc_cryp.c /optee_os/core/tee/tee_svc_storage.c /optee_os/lib/libutee/tee_api.c /optee_os/lib/libutee/tee_api_objects.c /optee_os/lib/libutee/tee_api_operations.c /optee_os/lib/libutee/tee_api_panic.c /optee_os/lib/libutee/tee_api_private.h /optee_os/lib/libutee/tee_api_property.c /optee_os/mk/config.mk
7e4100f3	22-Jun-2020	Jens Wiklander <jens.wiklander@linaro.org>	core: add copy_{to,from}_private() Adds the copy_{to,from}_private() functions which checks that the user mode buffer resides in TA private memory and not non-secure shared memory for instance. Rev core: add copy_{to,from}_private() Adds the copy_{to,from}_private() functions which checks that the user mode buffer resides in TA private memory and not non-secure shared memory for instance. Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/include/kernel/user_access.h user_access.c
c40a6505	21-Jun-2020	Jens Wiklander <jens.wiklander@linaro.org>	core: separate copy_from_user() and friends Removes the tee_svc_ prefix and moves tee_svc_copy_from_user() and friends into <kernel/user_access.h> and core/kernel/user/access.c Reviewed-by: Jerome core: separate copy_from_user() and friends Removes the tee_svc_ prefix and moves tee_svc_copy_from_user() and friends into <kernel/user_access.h> and core/kernel/user/access.c Reviewed-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/.shippable.yml /optee_os/core/arch/arm/arm.mk /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/kernel/user_ta.c /optee_os/core/arch/arm/mm/tee_mmu.c /optee_os/core/arch/arm/plat-vexpress/vendor_props.c /optee_os/core/arch/arm/tee/arch_svc_a32.S /optee_os/core/arch/arm/tee/arch_svc_a64.S /optee_os/core/crypto.mk /optee_os/core/crypto/crypto.c /optee_os/core/drivers/crypto/caam/acipher/caam_prime.c /optee_os/core/drivers/crypto/caam/acipher/caam_rsa.c /optee_os/core/drivers/crypto/crypto_api/acipher/rsa.c /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_acipher.h /optee_os/core/include/crypto/crypto.h /optee_os/core/include/kernel/user_access.h /optee_os/core/include/mm/tee_mmu.h /optee_os/core/include/tee/tee_svc.h sub.mk user_access.c /optee_os/core/lib/libtomcrypt/rsa.c /optee_os/core/pta/system.c /optee_os/core/tee/tee_svc.c /optee_os/core/tee/tee_svc_cryp.c /optee_os/core/tee/tee_svc_storage.c /optee_os/lib/libmbedtls/core/rsa.c /optee_os/lib/libutee/trace_ext.c /optee_os/lib/libutils/ext/include/compiler.h /optee_os/lib/libutils/isoc/newlib/sub.mk /optee_os/scripts/sign_encrypt.py
42471ecf	11-Sep-2019	Jens Wiklander <jens.wiklander@linaro.org>	core: load stmm via secure partition Secure variable storage for EFI variables is critical for enabling and protecting UEFI Secure Boot. Unfortunately due to the fact that SPD and SPM are mutually e core: load stmm via secure partition Secure variable storage for EFI variables is critical for enabling and protecting UEFI Secure Boot. Unfortunately due to the fact that SPD and SPM are mutually exclusive, we can't run StMM from EDK2 and OP-TEE. An advantage of doing so is that different firmware implementations can leverage EDK2's StandAloneMM and in cooperation with OP-TEE RPMB APIs can store UEFI variables in a secure storage. This makes the variable storage quite generic in any device with an RPMB partition. Using a well debugged application is preferable over rewriting the whole application as a TA. Another advantage is that this inherits the Fault Tolerant Writes (FTW) functionality built-in on StMM to protect variables against corruptions during writing. Considering the FFA changes of the future Arm architectures using an SP that includes everything seems like a better choice at the moment. The 'SPM emulation' currently added into OP-TEE only supports a single SP to be launched. This means that the StMM embedded application has the RPMB driver built in at the moment. In the future we can add code (evolving FFA) to launch multiple SPs. So the StMM variable handling can be decoupled from the RPMB driver, which will reside in a different SP. So let's add a user mode secure partition context and support loading "Standalone MM" of EDK2 into it. A separate syscall handling is added to serve as different kind of ABI and syscall IDs. The secure partition has a TA like interface towards normal world, but requests are routed into the StMM partition instead. CFG_STMM_PATH is assigned the path of BL32_AP_MM.fd, for instance: CFG_STMM_PATH=...Build/QemuVirtMmStandalone/DEBUG_GCC5/FV/BL32_AP_MM.fd Since this is quite tricky to compile and test you can use this [1]. Just clone the repo and run ./build.sh. The script will pick up edk2, edk2-platforms, op-tee, atf and U-boot and compile all the necessary binaries for QEMU. A patch (awful hack) has been added to U-boot to allow RPMB emulation through it's supplicant, since QEMU RPMB emulation is not yet available. After compiling and launching QEMU the usual U-boot commands for EFI variable management will store the variables on an RPMB device. [1] https://git.linaro.org/people/ilias.apalodimas/efi_optee_variables.git/ Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> Co-developed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org> Co-developed-by: Pipat Methavanitpong <pipat1010@gmail.com> Signed-off-by: Pipat Methavanitpong <pipat1010@gmail.com> Co-developed-by: Miklos Balint <Miklos.Balint@arm.com> Signed-off-by: Miklos Balint <Miklos.Balint@arm.com> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... /optee_os/core/arch/arm/include/kernel/secure_partition.h /optee_os/core/arch/arm/include/kernel/unwind.h /optee_os/core/arch/arm/include/pta_stmm.h /optee_os/core/arch/arm/kernel/abort.c /optee_os/core/arch/arm/kernel/cache_helpers_a32.S /optee_os/core/arch/arm/kernel/entry_a32.S /optee_os/core/arch/arm/kernel/misc_a32.S /optee_os/core/arch/arm/kernel/secure_partition.c /optee_os/core/arch/arm/kernel/spin_lock_a32.S /optee_os/core/arch/arm/kernel/sub.mk /optee_os/core/arch/arm/kernel/thread_a32.S /optee_os/core/arch/arm/kernel/thread_optee_smc_a32.S /optee_os/core/arch/arm/kernel/thread_spmc_a32.S /optee_os/core/arch/arm/kernel/tlb_helpers_a32.S /optee_os/core/arch/arm/kernel/tz_ssvce_pl310_a32.S /optee_os/core/arch/arm/kernel/unwind_arm32.c /optee_os/core/arch/arm/kernel/unwind_arm64.c /optee_os/core/arch/arm/kernel/unwind_private.h /optee_os/core/arch/arm/kernel/vfp_a32.S /optee_os/core/arch/arm/mm/tee_mmu.c /optee_os/core/arch/arm/plat-hisilicon/hi3519av100_plat_init.S /optee_os/core/arch/arm/plat-imx/a7_plat_init.S /optee_os/core/arch/arm/plat-imx/a9_plat_init.S /optee_os/core/arch/arm/plat-imx/pm/psci-cpuidle-imx7.S /optee_os/core/arch/arm/plat-imx/pm/psci-suspend-imx7.S /optee_os/core/arch/arm/plat-ls/plat_init.S /optee_os/core/arch/arm/plat-rockchip/core_pos_a32.S /optee_os/core/arch/arm/plat-rockchip/plat_init.S /optee_os/core/arch/arm/plat-rzn1/a7_plat_init.S /optee_os/core/arch/arm/plat-stm/tz_a9init.S /optee_os/core/arch/arm/plat-stm32mp1/reset.S /optee_os/core/arch/arm/plat-sunxi/plat_init.S /optee_os/core/arch/arm/plat-ti/a9_plat_init.S /optee_os/core/arch/arm/plat-vexpress/juno_core_pos_a32.S /optee_os/core/arch/arm/plat-zynq7k/plat_init.S /optee_os/core/arch/arm/sm/pm_a32.S /optee_os/core/arch/arm/sm/psci-helper.S /optee_os/core/arch/arm/sm/sm_a32.S /optee_os/core/arch/arm/tee/arch_svc_a32.S /optee_os/core/core.mk /optee_os/core/include/kernel/user_mode_ctx.h /optee_os/core/include/mm/tee_mmu.h tee_ta_manager.c /optee_os/core/sub.mk /optee_os/ldelf/ldelf.mk /optee_os/ldelf/sub.mk /optee_os/ldelf/ta_elf.c /optee_os/lib/libunw/include/unw/unwind.h /optee_os/lib/libunw/sub.mk /optee_os/lib/libunw/unwind_arm32.c /optee_os/lib/libunw/unwind_arm64.c /optee_os/lib/libutee/arch/arm/utee_syscalls_a32.S /optee_os/lib/libutils/ext/include/asm.S /optee_os/lib/libutils/isoc/arch/arm/arm32_aeabi_divmod_a32.S /optee_os/lib/libutils/isoc/arch/arm/arm32_aeabi_ldivmod_a32.S /optee_os/mk/config.mk /optee_os/scripts/gen_stmm_hex.py /optee_os/ta/arch/arm/ta_entry_a32.S
e6f01334	03-Sep-2020	Jerome Forissier <jerome@forissier.org>	core: remove stack dump macros and multiple log levels Of the various xPRINT_STACK() macros (x in {E,I,D,F}), only EPRINT_STACK() is used. Let's simplify the code by removing the macros altogether a core: remove stack dump macros and multiple log levels Of the various xPRINT_STACK() macros (x in {E,I,D,F}), only EPRINT_STACK() is used. Let's simplify the code by removing the macros altogether and calling print_kernel_stack() instead. Since only the TRACE_ERROR is used, the 'level' argument to print_kernel_stack(), print_stack_arm32() and print_stack_arm64() is removed too. In addition to simplifying the code, these changes will allow the consolidation of the stack unwinding code between core and ldelf. Signed-off-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... /optee_os/.shippable.yml /optee_os/CHANGELOG.md /optee_os/MAINTAINERS /optee_os/core/arch/arm/include/kernel/unwind.h /optee_os/core/arch/arm/kernel/abort.c /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/kernel/unwind_arm32.c /optee_os/core/arch/arm/kernel/unwind_arm64.c /optee_os/core/arch/arm/mm/tee_mmu.c /optee_os/core/arch/arm/plat-ls/main.c /optee_os/core/arch/arm/plat-rzn1/a7_plat_init.S /optee_os/core/arch/arm/plat-rzn1/conf.mk /optee_os/core/arch/arm/plat-rzn1/link.mk /optee_os/core/arch/arm/plat-rzn1/main.c /optee_os/core/arch/arm/plat-rzn1/platform_config.h /optee_os/core/arch/arm/plat-rzn1/psci.c /optee_os/core/arch/arm/plat-rzn1/rzn1_regauth.h /optee_os/core/arch/arm/plat-rzn1/rzn1_tz.h /optee_os/core/arch/arm/plat-rzn1/sm_platform_handler.c /optee_os/core/arch/arm/plat-rzn1/sub.mk /optee_os/core/arch/arm/plat-vexpress/conf.mk /optee_os/core/arch/arm/tee/arch_svc.c /optee_os/core/drivers/ns16550.c /optee_os/core/include/drivers/ns16550.h /optee_os/core/include/tee/tee_obj.h /optee_os/core/include/tee/tee_pobj.h panic.c /optee_os/core/tee/tee_pobj.c /optee_os/core/tee/tee_svc_storage.c /optee_os/ldelf/sub.mk /optee_os/ldelf/ta_elf_rel.c /optee_os/ldelf/tlsdesc_rel_a64.S /optee_os/lib/libutee/include/elf_common.h /optee_os/lib/libutee/tee_api_arith_mpi.c /optee_os/lib/libutils/ext/include/trace.h /optee_os/lib/libutils/isoc/bget_malloc.c /optee_os/ta/pkcs11/include/pkcs11_ta.h /optee_os/ta/pkcs11/src/attributes.c /optee_os/ta/pkcs11/src/attributes.h /optee_os/ta/pkcs11/src/entry.c /optee_os/ta/pkcs11/src/object.c /optee_os/ta/pkcs11/src/persistent_token.c /optee_os/ta/pkcs11/src/pkcs11_attributes.c /optee_os/ta/pkcs11/src/pkcs11_attributes.h /optee_os/ta/pkcs11/src/pkcs11_helpers.c /optee_os/ta/pkcs11/src/pkcs11_helpers.h /optee_os/ta/pkcs11/src/pkcs11_token.c /optee_os/ta/pkcs11/src/pkcs11_token.h /optee_os/ta/pkcs11/src/processing.c /optee_os/ta/pkcs11/src/processing.h /optee_os/ta/pkcs11/src/processing_aes.c /optee_os/ta/pkcs11/src/processing_symm.c /optee_os/ta/pkcs11/src/sub.mk /optee_os/ta/pkcs11/src/token_capabilities.c /optee_os/ta/pkcs11/src/token_capabilities.h
1554a779	19-Aug-2020	Javier Almansa Sobrino <javier.almansasobrino@arm.com>	core: Fix the entry on the match table for TPM support. TF-A Measured Boot driver expects a tpm_event_log node on the DTB with the compatible field set to "arm,tpm_event_log", so fix the match table core: Fix the entry on the match table for TPM support. TF-A Measured Boot driver expects a tpm_event_log node on the DTB with the compatible field set to "arm,tpm_event_log", so fix the match table entry for the TPM support to match the one used by TF-A. Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com> Acked-by: Jerome Forissier <jerome@forissier.org> show more ... /optee_os/.shippable.yml /optee_os/core/arch/arm/include/kernel/thread.h /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/kernel/rpc_io_i2c.c /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/kernel/thread_private.h /optee_os/core/arch/arm/mm/core_mmu.c tpm.c /optee_os/core/tee/socket.c /optee_os/core/tee/tadb.c /optee_os/core/tee/tee_fs_rpc.c /optee_os/lib/libutils/ext/arch/arm/sub.mk /optee_os/mk/config.mk /optee_os/mk/subdir.mk
e2f03e07	04-Jun-2020	Jerome Forissier <jerome@forissier.org>	core: add stack overflow detection This commit introduces CFG_CORE_DEBUG_CHECK_STACKS to check the stack limits using compiler instrumentation (-finstrument-functions). When enabled, the C compiler core: add stack overflow detection This commit introduces CFG_CORE_DEBUG_CHECK_STACKS to check the stack limits using compiler instrumentation (-finstrument-functions). When enabled, the C compiler will insert entry and exit hooks in all functions in the TEE core. On entry, the stack pointer is checked and if an overflow is detected, panic() is called. How is this helpful since we have stack canaries already? 1. When a dead canary is found, the call stack will give no indication of the root cause of the corruption which may have happened quite some time before. Running the test case again with a debugger attached and a watchpoint on the canary is not always an option. 2. The system may corrupt the stack and hang in an exception handler before the first canary check, for instance, during boot when the temporary stack is used. This code will likely catch such issues, too. The downside is increased stack usage and a significant runtime overhead which is why this feature should be enabled only for troubleshooting. Signed-off-by: Jerome Forissier <jerome@forissier.org> Tested-by: Jerome Forissier <jerome@forissier.org> (QEMU, QEMUv8) Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... /optee_os/.shippable.yml /optee_os/core/arch/arm/arm.mk /optee_os/core/arch/arm/cpu/cortex-a15.mk /optee_os/core/arch/arm/cpu/cortex-a5.mk /optee_os/core/arch/arm/cpu/cortex-a7.mk /optee_os/core/arch/arm/cpu/cortex-a9.mk /optee_os/core/arch/arm/cpu/cortex-armv8-0.mk /optee_os/core/arch/arm/include/arm32.h /optee_os/core/arch/arm/include/arm64.h /optee_os/core/arch/arm/include/kernel/boot.h /optee_os/core/arch/arm/include/kernel/spinlock.h /optee_os/core/arch/arm/include/kernel/thread.h /optee_os/core/arch/arm/include/mm/mobj.h /optee_os/core/arch/arm/include/sm/sm.h /optee_os/core/arch/arm/kernel/asm-defines.c /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/kernel/entry_a32.S /optee_os/core/arch/arm/kernel/entry_a64.S /optee_os/core/arch/arm/kernel/link.mk /optee_os/core/arch/arm/kernel/pseudo_ta.c /optee_os/core/arch/arm/kernel/rpc_io_i2c.c /optee_os/core/arch/arm/kernel/spin_lock_debug.c /optee_os/core/arch/arm/kernel/sub.mk /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/kernel/thread_a32.S /optee_os/core/arch/arm/kernel/thread_a64.S /optee_os/core/arch/arm/kernel/thread_optee_smc.c /optee_os/core/arch/arm/kernel/thread_optee_smc_a32.S /optee_os/core/arch/arm/kernel/thread_optee_smc_a64.S /optee_os/core/arch/arm/kernel/thread_private.h /optee_os/core/arch/arm/kernel/thread_spmc.c /optee_os/core/arch/arm/kernel/unwind_arm32.c /optee_os/core/arch/arm/kernel/unwind_arm64.c /optee_os/core/arch/arm/mm/mobj_dyn_shm.c /optee_os/core/arch/arm/mm/mobj_ffa.c /optee_os/core/arch/arm/plat-amlogic/conf.mk /optee_os/core/arch/arm/plat-amlogic/main.c /optee_os/core/arch/arm/plat-bcm/conf.mk /optee_os/core/arch/arm/plat-bcm/main.c /optee_os/core/arch/arm/plat-d02/conf.mk /optee_os/core/arch/arm/plat-d02/main.c /optee_os/core/arch/arm/plat-hikey/conf.mk /optee_os/core/arch/arm/plat-hikey/main.c /optee_os/core/arch/arm/plat-hisilicon/conf.mk /optee_os/core/arch/arm/plat-hisilicon/main.c /optee_os/core/arch/arm/plat-hisilicon/psci.c /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-imx/drivers/imx_csu.c /optee_os/core/arch/arm/plat-imx/main.c /optee_os/core/arch/arm/plat-imx/pm/cpuidle-imx7d.c /optee_os/core/arch/arm/plat-imx/pm/pm-imx7.c /optee_os/core/arch/arm/plat-imx/pm/psci.c /optee_os/core/arch/arm/plat-k3/conf.mk /optee_os/core/arch/arm/plat-k3/main.c /optee_os/core/arch/arm/plat-ls/conf.mk /optee_os/core/arch/arm/plat-ls/main.c /optee_os/core/arch/arm/plat-marvell/conf.mk /optee_os/core/arch/arm/plat-marvell/main.c /optee_os/core/arch/arm/plat-mediatek/conf.mk /optee_os/core/arch/arm/plat-mediatek/main.c /optee_os/core/arch/arm/plat-poplar/conf.mk /optee_os/core/arch/arm/plat-poplar/main.c /optee_os/core/arch/arm/plat-rcar/conf.mk /optee_os/core/arch/arm/plat-rcar/main.c /optee_os/core/arch/arm/plat-rockchip/conf.mk /optee_os/core/arch/arm/plat-rockchip/main.c /optee_os/core/arch/arm/plat-rpi3/conf.mk /optee_os/core/arch/arm/plat-rpi3/main.c /optee_os/core/arch/arm/plat-sam/conf.mk /optee_os/core/arch/arm/plat-sam/main.c /optee_os/core/arch/arm/plat-sprd/conf.mk /optee_os/core/arch/arm/plat-sprd/main.c /optee_os/core/arch/arm/plat-stm/conf.mk /optee_os/core/arch/arm/plat-stm/main.c /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/main.c /optee_os/core/arch/arm/plat-stm32mp1/nsec-service/stm32mp1_smc.h /optee_os/core/arch/arm/plat-sunxi/conf.mk /optee_os/core/arch/arm/plat-sunxi/main.c /optee_os/core/arch/arm/plat-sunxi/psci.c /optee_os/core/arch/arm/plat-synquacer/conf.mk /optee_os/core/arch/arm/plat-synquacer/main.c /optee_os/core/arch/arm/plat-ti/conf.mk /optee_os/core/arch/arm/plat-ti/main.c /optee_os/core/arch/arm/plat-uniphier/conf.mk /optee_os/core/arch/arm/plat-uniphier/main.c /optee_os/core/arch/arm/plat-vexpress/conf.mk /optee_os/core/arch/arm/plat-vexpress/main.c /optee_os/core/arch/arm/plat-zynq7k/conf.mk /optee_os/core/arch/arm/plat-zynq7k/main.c /optee_os/core/arch/arm/plat-zynqmp/conf.mk /optee_os/core/arch/arm/plat-zynqmp/main.c /optee_os/core/arch/arm/sm/pm.c /optee_os/core/arch/arm/sm/sm.c /optee_os/core/arch/arm/sm/sm_a32.S /optee_os/core/core.mk /optee_os/core/drivers/stm32_bsec.c /optee_os/core/include/drivers/stm32_bsec.h /optee_os/core/include/kernel/rpc_io_i2c.h /optee_os/core/include/optee_rpc_cmd.h /optee_os/core/include/tee/tee_fs_rpc.h assert.c /optee_os/core/sub.mk /optee_os/core/tee/socket.c /optee_os/core/tee/sub.mk /optee_os/core/tee/tadb.c /optee_os/core/tee/tee_fs_rpc.c /optee_os/core/tee/tee_ree_fs.c /optee_os/core/tee/tee_rpmb_fs.c /optee_os/ldelf/dl.c /optee_os/ldelf/ftrace.c /optee_os/ldelf/main.c /optee_os/ldelf/ta_elf.c /optee_os/ldelf/ta_elf.h /optee_os/ldelf/ta_elf_rel.c /optee_os/ldelf/unwind_arm32.c /optee_os/lib/libdl/dlfcn.c /optee_os/lib/libutee/arch/arm/sub.mk /optee_os/lib/libutee/arch/arm/tcb.c /optee_os/lib/libutee/arch/arm/user_ta_entry.c /optee_os/lib/libutee/include/arm64_user_sysreg.h /optee_os/lib/libutee/include/elf.h /optee_os/lib/libutee/include/elf32.h /optee_os/lib/libutee/include/elf64.h /optee_os/lib/libutee/include/elf_common.h /optee_os/lib/libutee/include/link.h /optee_os/lib/libutee/include/user_ta_header.h /optee_os/lib/libutee/tee_api_operations.c /optee_os/lib/libutils/ext/include/compiler.h /optee_os/lib/libutils/ext/include/printk.h /optee_os/lib/libutils/ext/snprintk.c /optee_os/lib/libutils/isoc/fp.c /optee_os/lib/libutils/isoc/fputc.c /optee_os/lib/libutils/isoc/fputs.c /optee_os/lib/libutils/isoc/fwrite.c /optee_os/lib/libutils/isoc/include/stdio.h /optee_os/lib/libutils/isoc/include/unistd.h /optee_os/lib/libutils/isoc/sprintf.c /optee_os/lib/libutils/isoc/sub.mk /optee_os/lib/libutils/isoc/write.c /optee_os/mk/clang.mk /optee_os/mk/compile.mk /optee_os/mk/config.mk /optee_os/mk/gcc.mk /optee_os/mk/lib.mk /optee_os/scripts/checkpatch_inc.sh /optee_os/scripts/symbolize.py /optee_os/ta/arch/arm/link.mk /optee_os/ta/arch/arm/link_shlib.mk /optee_os/ta/arch/arm/ta.ld.S /optee_os/ta/arch/arm/ta_entry_a32.S /optee_os/ta/mk/ta_dev_kit.mk /optee_os/ta/ta.mk /optee_os/typedefs.checkpatch
1b302ac0	02-Jun-2020	Jens Wiklander <jens.wiklander@linaro.org>	core: enable FF-A with SPM Core at S-EL1 Adds support for using FF-A as transport instead of using the proprietary SMCs defined in optee_smc.h. The configuration support the case where SPM Core is core: enable FF-A with SPM Core at S-EL1 Adds support for using FF-A as transport instead of using the proprietary SMCs defined in optee_smc.h. The configuration support the case where SPM Core is implementation at S-EL1, that is, inside OP-TEE. This configuration is also know as "S-EL1 SPMC" in the FF-A 1.0 specification [1]. Compile with CFG_CORE_SEL1_SPMC=y Note that this is an experimental feature, ABIs etc may have incompatible changes Link: [1] https://static.docs.arm.com/den0077/a/DEN0077A_PSA_Firmware_Framework_Arm_v8-A_1.0_EAC.pdf Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/.shippable.yml /optee_os/core/arch/arm/arm.mk /optee_os/core/arch/arm/include/arm.h /optee_os/core/arch/arm/include/ffa.h /optee_os/core/arch/arm/include/kernel/boot.h /optee_os/core/arch/arm/include/kernel/mutex.h /optee_os/core/arch/arm/include/kernel/thread.h /optee_os/core/arch/arm/include/mm/mobj.h /optee_os/core/arch/arm/include/optee_ffa.h /optee_os/core/arch/arm/include/sm/psci.h /optee_os/core/arch/arm/kernel/asm-defines.c /optee_os/core/arch/arm/kernel/entry_a32.S /optee_os/core/arch/arm/kernel/entry_a64.S /optee_os/core/arch/arm/kernel/mutex.c /optee_os/core/arch/arm/kernel/sub.mk /optee_os/core/arch/arm/kernel/thread_private.h /optee_os/core/arch/arm/kernel/thread_spmc.c /optee_os/core/arch/arm/kernel/thread_spmc_a32.S /optee_os/core/arch/arm/kernel/thread_spmc_a64.S /optee_os/core/arch/arm/mm/mobj_ffa.c /optee_os/core/arch/arm/mm/sub.mk /optee_os/core/arch/arm/plat-vexpress/fvp_spmc_pm.c /optee_os/core/arch/arm/plat-vexpress/sub.mk /optee_os/core/arch/arm/tee/entry_std.c /optee_os/core/arch/arm/tee/sub.mk /optee_os/core/drivers/stm32_etzpc.c /optee_os/core/include/optee_msg.h sub.mk /optee_os/lib/libutils/ext/include/atomic.h /optee_os/lib/libutils/ext/mempool.c /optee_os/mk/subdir.mk
f86aa9e1	09-Jul-2020	Jerome Forissier <jerome@forissier.org>	core: make thread ID a short int Changes thread_get_id() and thread_get_id_may_fail() to return 'short int' instead of 'int'. That is, 16 bits instead of 32 on all supported architectures which is m core: make thread ID a short int Changes thread_get_id() and thread_get_id_may_fail() to return 'short int' instead of 'int'. That is, 16 bits instead of 32 on all supported architectures which is more than enough since the largest thread ID value is (CFG_NUM_THREADS - 1). Note, struct wait_queue_elem::handle is already a short int. trace_ext_get_thread_id() is not changed (still returns an int) because it is part of the TA API and modifying it would needlessly introduce incompatibilities. Signed-off-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/.checkpatch.conf /optee_os/.gitattributes /optee_os/.github/workflows/stales.yml /optee_os/core/arch/arm/include/kernel/thread.h /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/kernel/mutex_lockdep.c /optee_os/core/arch/arm/kernel/ree_fs_ta.c /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/kernel/thread_a32.S /optee_os/core/arch/arm/kernel/thread_a64.S /optee_os/core/arch/arm/kernel/thread_optee_smc.c /optee_os/core/arch/arm/mm/tee_mmu.c /optee_os/core/arch/arm/mm/tee_pager.c /optee_os/core/arch/arm/plat-amlogic/conf.mk /optee_os/core/arch/arm/plat-bcm/conf.mk /optee_os/core/arch/arm/plat-d02/conf.mk /optee_os/core/arch/arm/plat-hikey/conf.mk /optee_os/core/arch/arm/plat-hisilicon/conf.mk /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-k3/conf.mk /optee_os/core/arch/arm/plat-ls/conf.mk /optee_os/core/arch/arm/plat-marvell/conf.mk /optee_os/core/arch/arm/plat-mediatek/conf.mk /optee_os/core/arch/arm/plat-poplar/conf.mk /optee_os/core/arch/arm/plat-rcar/conf.mk /optee_os/core/arch/arm/plat-rockchip/conf.mk /optee_os/core/arch/arm/plat-rpi3/conf.mk /optee_os/core/arch/arm/plat-sam/conf.mk /optee_os/core/arch/arm/plat-sprd/conf.mk /optee_os/core/arch/arm/plat-stm/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-sunxi/conf.mk /optee_os/core/arch/arm/plat-synquacer/conf.mk /optee_os/core/arch/arm/plat-ti/conf.mk /optee_os/core/arch/arm/plat-uniphier/conf.mk /optee_os/core/arch/arm/plat-vexpress/conf.mk /optee_os/core/arch/arm/plat-zynq7k/conf.mk /optee_os/core/arch/arm/plat-zynqmp/conf.mk /optee_os/core/arch/arm/tee/arch_svc.c /optee_os/core/crypto/aes-gcm-sw.c /optee_os/core/crypto/sm3.c /optee_os/core/drivers/crypto/crypto_api/acipher/rsa.c /optee_os/core/include/kernel/tee_ta_manager.h tee_ta_manager.c /optee_os/core/tee/tee_fs_rpc.c /optee_os/ldelf/start_a32.S /optee_os/ldelf/start_a64.S /optee_os/ldelf/sys.c /optee_os/ldelf/sys.h /optee_os/ldelf/ta_elf.c /optee_os/ldelf/unwind_arm64.c /optee_os/lib/libutee/abort.c /optee_os/lib/libutee/arch/arm/utee_syscalls_a32.S /optee_os/lib/libutee/arch/arm/utee_syscalls_a64.S /optee_os/lib/libutee/arch/arm/utee_syscalls_asm.S /optee_os/lib/libutee/assert.c /optee_os/lib/libutee/base64.c /optee_os/lib/libutee/base64.h /optee_os/lib/libutee/include/utee_syscalls.h /optee_os/lib/libutee/tee_api.c /optee_os/lib/libutee/tee_api_arith_mpi.c /optee_os/lib/libutee/tee_api_objects.c /optee_os/lib/libutee/tee_api_operations.c /optee_os/lib/libutee/tee_api_panic.c /optee_os/lib/libutee/tee_api_property.c /optee_os/lib/libutee/trace_ext.c /optee_os/lib/libutils/ext/ftrace/ftrace.c /optee_os/mk/config.mk /optee_os/mk/lib.mk /optee_os/scripts/symbolize.py /optee_os/ta/arch/arm/user_ta_header.c /optee_os/ta/pkcs11/include/pkcs11_ta.h /optee_os/ta/pkcs11/src/attributes.c /optee_os/ta/pkcs11/src/attributes.h /optee_os/ta/pkcs11/src/entry.c /optee_os/ta/pkcs11/src/object.c /optee_os/ta/pkcs11/src/object.h /optee_os/ta/pkcs11/src/persistent_token.c /optee_os/ta/pkcs11/src/pkcs11_attributes.c /optee_os/ta/pkcs11/src/pkcs11_attributes.h /optee_os/ta/pkcs11/src/pkcs11_helpers.c /optee_os/ta/pkcs11/src/pkcs11_helpers.h /optee_os/ta/pkcs11/src/pkcs11_token.c /optee_os/ta/pkcs11/src/pkcs11_token.h /optee_os/ta/pkcs11/src/sanitize_object.c /optee_os/ta/pkcs11/src/sanitize_object.h /optee_os/ta/pkcs11/src/serializer.c /optee_os/ta/pkcs11/src/serializer.h /optee_os/ta/pkcs11/src/sub.mk
0d8358d2	10-Jun-2020	Jerome Forissier <jerome@forissier.org>	core: print CPU initialization messages with IMSG() Start and end of initialization for each CPU is important information that deserves to be shown with I (information) severity rather than D (debug core: print CPU initialization messages with IMSG() Start and end of initialization for each CPU is important information that deserves to be shown with I (information) severity rather than D (debug). This is not done consistently, fix that. Signed-off-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... /optee_os/MAINTAINERS /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/plat-imx/crypto_conf.mk /optee_os/core/arch/arm/plat-imx/registers/imx8m-crm.h /optee_os/core/arch/arm/plat-imx/registers/imx8m.h /optee_os/core/drivers/crypto/caam/acipher/caam_math.c /optee_os/core/drivers/crypto/caam/acipher/caam_rsa.c /optee_os/core/drivers/crypto/caam/caam_ctrl.c /optee_os/core/drivers/crypto/caam/cipher/caam_cipher.c /optee_os/core/drivers/crypto/caam/cipher/caam_cipher_mac.c /optee_os/core/drivers/crypto/caam/cipher/caam_cipher_xts.c /optee_os/core/drivers/crypto/caam/cipher/local.h /optee_os/core/drivers/crypto/caam/cipher/sub.mk /optee_os/core/drivers/crypto/caam/hash/caam_hash.c /optee_os/core/drivers/crypto/caam/include/caam_cipher.h /optee_os/core/drivers/crypto/caam/include/caam_utils_mem.h /optee_os/core/drivers/crypto/caam/sub.mk /optee_os/core/drivers/crypto/caam/utils/utils_mem.c /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt.h /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_mac.h /optee_os/core/drivers/crypto/crypto_api/mac/mac.c /optee_os/core/drivers/imx_i2c.c /optee_os/core/drivers/sub.mk /optee_os/core/include/drivers/imx_i2c.h initcall.c
e3172f9d	05-Jun-2020	Jens Wiklander <jens.wiklander@linaro.org>	core: add call_finalcalls() Adds call_finalcalls() called at the end of paged_init_primary() just before switching to normal world boot. This allows separation of initcalls and finalcalls needed by core: add call_finalcalls() Adds call_finalcalls() called at the end of paged_init_primary() just before switching to normal world boot. This allows separation of initcalls and finalcalls needed by virtualization. Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/kernel/link_dummies_paged.c /optee_os/core/include/initcall.h initcall.c
1...<<11 12 131415 16 17 18 19 20 21