crypto: introduce CFG_CRYPTO_HW_PBKDF2

Add a new configuration flag to support hardware implementation of
PBKDF2.

Signed-off-by: loubaihui <loubaihui1@huawei.com>
Acked-by: Jens Wiklander <jens.wik

crypto: introduce CFG_CRYPTO_HW_PBKDF2

Add a new configuration flag to support hardware implementation of
PBKDF2.

Signed-off-by: loubaihui <loubaihui1@huawei.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: move FS files out of CFG_WITH_USER_TA

Some files which are currently guarded with CFG_WITH_USER_TA should be
guarded with _CFG_WITH_SECURE_STORAGE or FS-specific configs (CFG_RPMB_FS,
CFG_RPMB

core: move FS files out of CFG_WITH_USER_TA

Some files which are currently guarded with CFG_WITH_USER_TA should be
guarded with _CFG_WITH_SECURE_STORAGE or FS-specific configs (CFG_RPMB_FS,
CFG_RPMB_FS). This will allow the use of secure storage from kernel code
when CFG_WITH_USER_TA=n.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: fix build dependencies for fs_htree.c

core/tee/fs_htree.c is used when CFG_REE_FS=y, and is also used by the
test PTA core/pta/tests/fs_htree.c. Rather than make the implementation
depend on t

core: fix build dependencies for fs_htree.c

core/tee/fs_htree.c is used when CFG_REE_FS=y, and is also used by the
test PTA core/pta/tests/fs_htree.c. Rather than make the implementation
depend on the test (CFG_TEE_CORE_EMBED_INTERNAL_TESTS), do the opposite.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: tee: move entry_std.c to core/tee

entry_std.* are not architecture-specific codes, therefore move
entry_std.c to core/tee and entry_std.h to core/include/tee.

Signed-off-by: Marouene Boubakri

core: tee: move entry_std.c to core/tee

entry_std.* are not architecture-specific codes, therefore move
entry_std.c to core/tee and entry_std.h to core/include/tee.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: tee: sub.mk: don't build tee_ta_enc_manager.c when CFG_WITH_USER_TA=n

This commit makes tee_ta_enc_manager.c source file depend on
CFG_WITH_USER_TA flag. Building it when CFG_WITH_USER_TA=n le

core: tee: sub.mk: don't build tee_ta_enc_manager.c when CFG_WITH_USER_TA=n

This commit makes tee_ta_enc_manager.c source file depend on
CFG_WITH_USER_TA flag. Building it when CFG_WITH_USER_TA=n leads to an
inconsistency (extra unresolved symbols). Moreover it adds unused code.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>

show more ...

core: add a new RPC as an interface to tee-supplicant plugins

Any external TEE services can be designed as a tee-supplicant plugin.
The plugins will be loaded by the supplicant during startup proces

core: add a new RPC as an interface to tee-supplicant plugins

Any external TEE services can be designed as a tee-supplicant plugin.
The plugins will be loaded by the supplicant during startup process
using libdl.
It makes it easy to:
- add new features in the supplicant that aren't needed in upstream,
e.g. Rich OS specific services;
- sync upstream version with own fork;

This patch adds a new RPC - 'OPTEE_RPC_CMD_SUPP_PLUGIN' as an unified
interface between OP-TEE and any plugins. Kernel code can use it
to call for execution of some command in plugins.

Every plugin has own name based on UUID.
OP-TEE has access to plugins by it.

See definition of protocol for the plugin RPC command
in 'core/include/optee_rpc_cmd.h' file.

Signed-off-by: Aleksandr Anisimov <a.anisimov@omprussia.ru>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add generic rpc shared memory buffer caching

Replaces tee_fs_rpc_cache_alloc() with thread_rpc_shm_alloc() which also
takes a shared memory type as argument. This allows allocating an kernel
p

core: add generic rpc shared memory buffer caching

Replaces tee_fs_rpc_cache_alloc() with thread_rpc_shm_alloc() which also
takes a shared memory type as argument. This allows allocating an kernel
private RPC buffer when needed.

Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add framework to load REE-FS encrypted TAs

Add framework to support loading of encrypted TAs from REE-FS using
symmetric authenticated encryption scheme supported by OP-TEE.

The default encry

core: add framework to load REE-FS encrypted TAs

Add framework to support loading of encrypted TAs from REE-FS using
symmetric authenticated encryption scheme supported by OP-TEE.

The default encryption key is derived from hardware unique key which
can be overridden via platform specific encryption key.

Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: move sockets PTA to core/tee

The sockets pseudo-TA is architecture-independent. Move it to
core/tee and drop the pta_ prefix which is not really useful.

Signed-off-by: Jerome Forissier <jerom

core: move sockets PTA to core/tee

The sockets pseudo-TA is architecture-independent. Move it to
core/tee and drop the pta_ prefix which is not really useful.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Remove Secure Element API support

There is probably no-one using the Secure Element API. We have never heard
anyone asking questions about it, have no way to test it and we believe
it is not even wo

Remove Secure Element API support

There is probably no-one using the Secure Element API. We have never heard
anyone asking questions about it, have no way to test it and we believe
it is not even working right now. Therefore, remove it.

- The reserved syscalls are still present, but return
TEE_ERROR_NOT_SUPPORTED
- The TEE_SE* functions (GlobalPlatform TEE Secure Element API,
GPD_SPE_024) are removed from libutee.a and the header file
tee_internal_se_api.h is removed as well

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: add tadb

Adds tadb which is a database in which TAs can be stored leveraging
secure storage for anti-rollback, key storage and list of TAs.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.

core: add tadb

Adds tadb which is a database in which TAs can be stored leveraging
secure storage for anti-rollback, key storage and list of TAs.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Remove SQL-FS

With recent developments in REE-FS SQL-FS has become redundant. This
patch removes SQL-FS.

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jerome Forissier <jerome.forissi

Remove SQL-FS

With recent developments in REE-FS SQL-FS has become redundant. This
patch removes SQL-FS.

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: REE FS: use the new dirfile interface

Uses the new dirfile interface to keep track of persistent objects.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Etienne Carrie

core: REE FS: use the new dirfile interface

Uses the new dirfile interface to keep track of persistent objects.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Etienne Carriere <etienne.carriere@linaro.org> (b2260)
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add test case for hash-tree

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@

core: add test case for hash-tree

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: SQL FS: use the new hash tree interface

Uses the new hash tree interface to implement secure storage.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander

core: SQL FS: use the new hash tree interface

Uses the new hash tree interface to implement secure storage.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: REE FS: use the new hash tree interface

Uses the new hash tree interface to implement secure storage.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander

core: REE FS: use the new hash tree interface

Uses the new hash tree interface to implement secure storage.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: encode UUID big endian

When encoding a UUID as a sequence of bytes, the spec
(https://www.ietf.org/rfc/rfc4122.txt) says that the u32, and two u16s
should be represented big endian.

Before th

core: encode UUID big endian

When encoding a UUID as a sequence of bytes, the spec
(https://www.ietf.org/rfc/rfc4122.txt) says that the u32, and two u16s
should be represented big endian.

Before this patch OPTEE always treated them natively. With this patch
UUIDs are always converted to/from big endian when communicating with
normal world.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Fixes: https://github.com/OP-TEE/optee_os/issues/858
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add RPC FS cache for payload data

Adds an RPC FS cache for payload data. Allocated RPC FS payload data isn't
free until the thread exits the current command. This allows reuse of the
memory al

core: add RPC FS cache for payload data

Adds an RPC FS cache for payload data. Allocated RPC FS payload data isn't
free until the thread exits the current command. This allows reuse of the
memory allocation, avoiding many needless entries of tee-supplicant.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

secure storage: move common RPC code to its own file

The REE and SQL filesystems use similar RPC calls to tee-supplicant,
only with a different command ID. Move the code to a common file.

Signed-of

secure storage: move common RPC code to its own file

The REE and SQL filesystems use similar RPC calls to tee-supplicant,
only with a different command ID. Move the code to a common file.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

secure storage: add SQL filesystem

This commit adds a new container type for trusted storage: SQL FS.
Data are stored in the non-secure world, just like the REE FS
(CFG_REE_FS). But, unlike REE FS w

secure storage: add SQL filesystem

This commit adds a new container type for trusted storage: SQL FS.
Data are stored in the non-secure world, just like the REE FS
(CFG_REE_FS). But, unlike REE FS which manipulates several files for
each secure object, this implementation needs only one container in a
SQLite database per secure object. We rely on the transaction-based
nature of the database to provide atomicity.

A storage identifier is added to the TA API: TEE_STORAGE_PRIVATE_SQL.
Trusted applications can use it to select this filesystem. The value
TEE_STORAGE_PRIVATE defined by GlobalPlatform will also select the
SQL FS if all other implementations are disabled.

This feature is enabled with CFG_SQL_FS=y. It depends on SQL support
in tee-supplicant [1].

[1] https://github.com/OP-TEE/optee_client/pull/50

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey)
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: secure storage: dual filesystems support

Adds support for multiple filesystems by keeping a pointer to
tee_file_operations in the tee_pobj and tee_storage_enum structures.

Two identifiers are

core: secure storage: dual filesystems support

Adds support for multiple filesystems by keeping a pointer to
tee_file_operations in the tee_pobj and tee_storage_enum structures.

Two identifiers are added to the API to be used as the storage_id
parameter, so that TAs may dynamically choose the filesystem:
- TEE_STORAGE_PRIVATE_REE (requires CFG_REE_FS=y)
- TEE_STORAGE_PRIVATE_RPMB (requires CFG_RPMB_FS=y)
The value TEE_STORAGE_PRIVATE will select the REE FS if available,
otherwise RPMB. At least one FS has to be enabled at build time. Only
the REE filesystem is enabled by default.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

Merge core/tee/tee_rpmb_fs_common.c into core/tee/tee_rpmb_fs.c

Make most functions static. Use a consistent naming scheme (rpmb_fs_*).
Delete core/include/tee/tee_rpmb_fs.h.

Signed-off-by: Jerome

Merge core/tee/tee_rpmb_fs_common.c into core/tee/tee_rpmb_fs.c

Make most functions static. Use a consistent naming scheme (rpmb_fs_*).
Delete core/include/tee/tee_rpmb_fs.h.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Rename core/tee/tee_fs_common.c -> core/tee/tee_ree_fs.c

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pa

Rename core/tee/tee_fs_common.c -> core/tee/tee_ree_fs.c

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Delete core/tee/tee_fs.c

tee_fs.c contains trivial wrappers, that will eventually go. Move them
temporarily into tee_rpmb_fs.c and tee_fs_common.c (which will later be
renamed tee_ree_fs.c).

Signed

Delete core/tee/tee_fs.c

tee_fs.c contains trivial wrappers, that will eventually go. Move them
temporarily into tee_rpmb_fs.c and tee_fs_common.c (which will later be
renamed tee_ree_fs.c).

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Minimal OP-TEE without user TAs

Hide all user TA related code under CFG_WITH_USER_TA. When compiled
with:
CFG_WITH_USER_TA=n
CFG_CRYPTO=n
CFG_ENC_FS=n
CFG_SE_API=n
CFG_PCSC_PASSTHRU_READER_DRV=n

Sk

Minimal OP-TEE without user TAs

Hide all user TA related code under CFG_WITH_USER_TA. When compiled
with:
CFG_WITH_USER_TA=n
CFG_CRYPTO=n
CFG_ENC_FS=n
CFG_SE_API=n
CFG_PCSC_PASSTHRU_READER_DRV=n

Skips building in static TA tests for features not enabled.

The size of OP-TEE is reduced to one third of its original size.

Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU xtest 1001)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...