core: remove unnecessary includes

Remove unnecessary includes.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander

core: remove unnecessary includes

Remove unnecessary includes.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: replace tee_mmu prefix with vm

Replaces the tee_mmu prefix with vm. tee_mmu.h is renamed to vm.h and
core/arch/arm/mm/tee_mmu.c is moved to core/mm/vm.c. Public functions
belonging to these fi

core: replace tee_mmu prefix with vm

Replaces the tee_mmu prefix with vm. tee_mmu.h is renamed to vm.h and
core/arch/arm/mm/tee_mmu.c is moved to core/mm/vm.c. Public functions
belonging to these files are renamed with a vm prefix.

Introduces: vm_map_param(), vm_clean_param(),
vm_buf_is_inside_private(), vm_buf_intersects_private(),
vm_buf_to_mboj_offs(), vm_buf_is_inside_um_private(),
vm_buf_intersects_um_private(), vm_add_rwmem(), vm_rem_rwmem(),
vm_va2pa(), vm_pa2va(), vm_check_access_rights(), vm_set_ctx() replacing
their tee_mmu_*() counterpart.

Acked-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add generic struct ts_session

As a step in making room for Secure Partitions (SPs) running at S-EL0
add a Trusted Service (TS) abstraction. Both TAs and SPs is a TS.

Adds the generic struct t

core: add generic struct ts_session

As a step in making room for Secure Partitions (SPs) running at S-EL0
add a Trusted Service (TS) abstraction. Both TAs and SPs is a TS.

Adds the generic struct ts_session. All future sessions structs
(currently only struct tee_ta_session exists) should add this struct to
allow generic session operations.

With this struct comes new functions replacing previous struct
tee_ta_session oriented functions. The following functions are replaced
as:
tee_ta_get_current_session() -> ts_get_current_session()
tee_ta_push_current_session() -> ts_push_current_session()
tee_ta_pop_current_session() -> ts_pop_current_session()
tee_ta_get_calling_session() -> ts_get_calling_session()

ts_get_current_session() is changed compared to its predecessor to
panic() in case of failure to return a valid pointer.

A new function ts_get_current_session_may_fail() is added to handle an
eventual case where a return NULL session may be handled.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: use vaddr_t instead of uint32_t for object IDs

Some function incorrectly use uint32_t for object identifiers:
tee_obj_get(), tee_svc_cryp_get_state() and tee_svc_storage_get_enum().
Those obje

core: use vaddr_t instead of uint32_t for object IDs

Some function incorrectly use uint32_t for object identifiers:
tee_obj_get(), tee_svc_cryp_get_state() and tee_svc_storage_get_enum().
Those object IDs are actually virtual addresses so they need to be of
type vaddr_t.

Link: https://github.com/OP-TEE/optee_os/issues/4035#issuecomment-680037072
Signed-off-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: tee_obj_get() return TEE_ERROR_BAD_STATE

Updates tee_obj_get() to return TEE_ERROR_BAD_STATE when an object
reference can't be found. This will allow the GP TA API to panic the
caller as requi

core: tee_obj_get() return TEE_ERROR_BAD_STATE

Updates tee_obj_get() to return TEE_ERROR_BAD_STATE when an object
reference can't be found. This will allow the GP TA API to panic the
caller as required in the GP spec [1].

[1] GlobalPlatform TEE Internal Core API Specification v1.1
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: cleanup generic traces

Remove useless newline character in few generic debug traces.

Remove argument __func__ from a FMSG trace since already
output by macro FMSG().

Remove error trace from

core: cleanup generic traces

Remove useless newline character in few generic debug traces.

Remove argument __func__ from a FMSG trace since already
output by macro FMSG().

Remove error trace from syscall_storage_obj_read() that, prior
this change, output failing error code from storage read()
handler. This is useless and not done for other storage handlers
return code.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

Remove license notice from STMicroelectronics files

Since a while the source files license info are defined by SPDX
identifiers. We can safely remove the verbose license text from the
files that are

Remove license notice from STMicroelectronics files

Since a while the source files license info are defined by SPDX
identifiers. We can safely remove the verbose license text from the
files that are owned by either only STMicroelectronics or only both
Linaro and STMicroelectronics.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Add SPDX license identifiers

Adds one SPDX-License-Identifier line [1] to each source files that
contains license text.

Generated by [2]:
spdxify.py --add-spdx optee_os/

The scancode tool [3] wa

Add SPDX license identifiers

Adds one SPDX-License-Identifier line [1] to each source files that
contains license text.

Generated by [2]:
spdxify.py --add-spdx optee_os/

The scancode tool [3] was used to double check the license matching
code in the Python script. All the licenses detected by scancode are
either detected by spdxify.py, or have no SPDX identifier, or are false
matches.

Link: [1] https://spdx.org/licenses/
Link: [2] https://github.com/jforissier/misc/blob/f7b56c8/spdxify.py
Link: [3] https://github.com/nexB/scancode-toolkit
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

core: FS: remove redundant fields from struct tee_svc_storage_head

Removes the unused/redundant fields magic, head_size, ds_size from
struct tee_svc_storage_head. meta_size is renamed to attr_size t

core: FS: remove redundant fields from struct tee_svc_storage_head

Removes the unused/redundant fields magic, head_size, ds_size from
struct tee_svc_storage_head. meta_size is renamed to attr_size to better
reflect the usage.

The size of the data stream is calculated from the total size of the
file minus attr_size. This makes the header static after it's
initialized.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: FS: replace file name with struct tee_pobj

Replaces the file name with a pointer to corresponding struct tee_pobj
instead in the file operation interface.

Reviewed-by: Jerome Forissier <jerom

core: FS: replace file name with struct tee_pobj

Replaces the file name with a pointer to corresponding struct tee_pobj
instead in the file operation interface.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey, GP)
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Etienne Carriere <etienne.carriere@linaro.org> (b2260, GP)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: remove obsolete <tee/tee_fs_defs.h>

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

core: FS: remove FOP access

Removes all calls to FOP access and the FOP itself.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

core: FS: remove rmdir and mkdir

Removes explicit rmdir and mkdir. It's not needed for SQL FS and RPMB
FS. REE FS does rmdir and mkdir when needed directly inside
tee-supplicant instead.

Reviewed-b

core: FS: remove rmdir and mkdir

Removes explicit rmdir and mkdir. It's not needed for SQL FS and RPMB
FS. REE FS does rmdir and mkdir when needed directly inside
tee-supplicant instead.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: FS: change to new FOP interface

Changes the FOP interface to use TEE_Result as the primary return code to
harmonize better with the rest of the code.

Reviewed-by: Joakim Bech <joakim.bech@lin

core: FS: change to new FOP interface

Changes the FOP interface to use TEE_Result as the primary return code to
harmonize better with the rest of the code.

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: optimize tee_svc_storage_read_head()

Optimizes tee_svc_storage_read_head() by leaving the file descriptor
open in the struct tee_obj.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.or

core: optimize tee_svc_storage_read_head()

Optimizes tee_svc_storage_read_head() by leaving the file descriptor
open in the struct tee_obj.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: tee_obj_alloc() initialize file descriptor

tee_obj_alloc() initializes file descriptor in struct tee_obj to -1
to mark it invalid.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

core: tee_obj_alloc() initialize file descriptor

tee_obj_alloc() initializes file descriptor in struct tee_obj to -1
to mark it invalid.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: tee_obj_close() close all persistent objects

tee_obj_close() closes all persistent objects regardless of the 'fd'
field. The 'close' operation is only called if 'fd' is positive.

Reviewed-by:

core: tee_obj_close() close all persistent objects

tee_obj_close() closes all persistent objects regardless of the 'fd'
field. The 'close' operation is only called if 'fd' is positive.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: fix tee object attribute management

Prior to the patch the attribute management of tee objects occasionally
assumed that the attribute data didn't contain any addresses. This
assumption is inc

core: fix tee object attribute management

Prior to the patch the attribute management of tee objects occasionally
assumed that the attribute data didn't contain any addresses. This
assumption is incorrect for asymmetric key objects. This patch fixes
that by introducing an operation struct for each basic attribute type.

Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: secure storage: dual filesystems support

Adds support for multiple filesystems by keeping a pointer to
tee_file_operations in the tee_pobj and tee_storage_enum structures.

Two identifiers are

core: secure storage: dual filesystems support

Adds support for multiple filesystems by keeping a pointer to
tee_file_operations in the tee_pobj and tee_storage_enum structures.

Two identifiers are added to the API to be used as the storage_id
parameter, so that TAs may dynamically choose the filesystem:
- TEE_STORAGE_PRIVATE_REE (requires CFG_REE_FS=y)
- TEE_STORAGE_PRIVATE_RPMB (requires CFG_RPMB_FS=y)
The value TEE_STORAGE_PRIVATE will select the REE FS if available,
otherwise RPMB. At least one FS has to be enabled at build time. Only
the REE filesystem is enabled by default.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

core: split struct tee_ta_ctx

Moves user ta specific parts into struct user_ta_ctx and static ta
specific parts into struct static_ta_ctx.

Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested

core: split struct tee_ta_ctx

Moves user ta specific parts into struct user_ta_ctx and static ta
specific parts into struct static_ta_ctx.

Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

GP11 : trusted storage verify (block enc fs)

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@l

GP11 : trusted storage verify (block enc fs)

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

arm32: update types to be 64bit ready

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

TEE Core File Operation Abstraction Layer

Tested-by: James Kung <james.kung@linaro.org> (QEMU platform)
Signed-off-by: James Kung <james.kung@linaro.org>
Reviewed-by: Jerome Forissier <jerome.foriss

TEE Core File Operation Abstraction Layer

Tested-by: James Kung <james.kung@linaro.org> (QEMU platform)
Signed-off-by: James Kung <james.kung@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Fix memory leak in tee_svc_cryp_obj_copy()

The following Trusted App would lead to a memory leak in the TEE core:

TEE_ObjectHandle o1, o2;
TEE_AllocateTransientObject(TEE_TYPE_RSA_KEYPAIR, 256,

Fix memory leak in tee_svc_cryp_obj_copy()

The following Trusted App would lead to a memory leak in the TEE core:

TEE_ObjectHandle o1, o2;
TEE_AllocateTransientObject(TEE_TYPE_RSA_KEYPAIR, 256, &o1);
TEE_GenerateKey(o1, 256, NULL, 0);
TEE_AllocateTransientObject(TEE_TYPE_RSA_KEYPAIR, 256, &o2);
TEE_CopyObjectAttributes(o2, o1);
TEE_FreeTransientObject(o1);
TEE_FreeTransientObject(o2);

The leak was introduced by commit ffe040395b13 ("Add crypto provider internal
API").

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)

show more ...

Merge tee_{core,uta}_trace.h into libutil

Merges tee_core_trace.h and tee_uta_trace.h into a common trace.h
in libutil. Since the trace functions now resides libutil they have
to rely on core and li

Merge tee_{core,uta}_trace.h into libutil

Merges tee_core_trace.h and tee_uta_trace.h into a common trace.h
in libutil. Since the trace functions now resides libutil they have
to rely on core and libutee to provide functions to print to the
log device.

* Keeps compatible interface from tee_kta_trace.h
* Adds TAMSG() and TAMSG_RAW() to log TA related events
* Removes the TRACE_ALWAYS level

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU virt platform)
Reviewed-by: Etienne Carriere <etienne.carriere@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)

show more ...