History log of /optee_os/core/tee/ (Results 176 – 200 of 594)
Revision Date Author Comments
(<<< Hide modified files)
(Show modified files >>>)
6885abf218-Aug-2020 Jens Wiklander <jens.wiklander@linaro.org>

core: tee_pobj_get() takes an enum tee_pobj_usage

Changes tee_pobj_get() to take an enum tee_pobj_usage usage instead of a
bool temporary.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signe

core: tee_pobj_get() takes an enum tee_pobj_usage

Changes tee_pobj_get() to take an enum tee_pobj_usage usage instead of a
bool temporary.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/core/include/tee/tee_pobj.h
tee_pobj.c
tee_svc_storage.c
06b0fe0814-Aug-2020 Jens Wiklander <jens.wiklander@linaro.org>

core: remove struct tee_obj::flags

struct tee_obj keeps a TEE_ObjectInfo which has a flags field with the
same meaning as the flags field in struct tee_obj. To avoid the two
fields getting out of sy

core: remove struct tee_obj::flags

struct tee_obj keeps a TEE_ObjectInfo which has a flags field with the
same meaning as the flags field in struct tee_obj. To avoid the two
fields getting out of sync remove struct tee_obj::flags and only use
TEE_ObjectInfo::handleFlags.

Additional checks are added in syscall_storage_obj_open() and
syscall_storage_obj_create() to make sure that no undefined flags are
added to TEE_ObjectInfo::handleFlags.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/core/include/tee/tee_obj.h
tee_svc_storage.c
/optee_os/lib/libutee/tee_api_arith_mpi.c
5e81752313-Aug-2020 Jens Wiklander <jens.wiklander@linaro.org>

core: syscall_storage_obj_create(): check that the attributes object is initialized

Adds a check in syscall_storage_obj_create() to see that the attributes
object is initialized.

Reviewed-by: Jerom

core: syscall_storage_obj_create(): check that the attributes object is initialized

Adds a check in syscall_storage_obj_create() to see that the attributes
object is initialized.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/CHANGELOG.md
/optee_os/core/arch/arm/kernel/rpc_io_i2c.c
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/arch/arm/mm/tee_mmu.c
/optee_os/core/kernel/tpm.c
tee_svc_storage.c
/optee_os/ldelf/sub.mk
/optee_os/ldelf/ta_elf_rel.c
/optee_os/ldelf/tlsdesc_rel_a64.S
/optee_os/lib/libutee/include/elf_common.h
1a7d8eae17-Aug-2020 Jens Wiklander <jens.wiklander@linaro.org>

core: add user parameter thread_rpc_shm_cache_alloc()

Adds a user parameter to thread_rpc_shm_cache_alloc() to make sure that
different callers of thread_rpc_shm_cache_alloc() doesn't interfere with

core: add user parameter thread_rpc_shm_cache_alloc()

Adds a user parameter to thread_rpc_shm_cache_alloc() to make sure that
different callers of thread_rpc_shm_cache_alloc() doesn't interfere with
each other. The FS allocation could perhaps be intertwined with I2C
allocations if crypto operations are done over I2C.

Fixes: 9bee8f2a5af7 ("core: add generic rpc shared memory buffer caching")
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/.shippable.yml
/optee_os/core/arch/arm/arm.mk
/optee_os/core/arch/arm/cpu/cortex-a15.mk
/optee_os/core/arch/arm/cpu/cortex-a5.mk
/optee_os/core/arch/arm/cpu/cortex-a7.mk
/optee_os/core/arch/arm/cpu/cortex-a9.mk
/optee_os/core/arch/arm/cpu/cortex-armv8-0.mk
/optee_os/core/arch/arm/include/arm32.h
/optee_os/core/arch/arm/include/arm64.h
/optee_os/core/arch/arm/include/kernel/spinlock.h
/optee_os/core/arch/arm/include/kernel/thread.h
/optee_os/core/arch/arm/include/mm/mobj.h
/optee_os/core/arch/arm/kernel/asm-defines.c
/optee_os/core/arch/arm/kernel/boot.c
/optee_os/core/arch/arm/kernel/entry_a32.S
/optee_os/core/arch/arm/kernel/entry_a64.S
/optee_os/core/arch/arm/kernel/pseudo_ta.c
/optee_os/core/arch/arm/kernel/rpc_io_i2c.c
/optee_os/core/arch/arm/kernel/spin_lock_debug.c
/optee_os/core/arch/arm/kernel/sub.mk
/optee_os/core/arch/arm/kernel/thread.c
/optee_os/core/arch/arm/kernel/thread_a32.S
/optee_os/core/arch/arm/kernel/thread_a64.S
/optee_os/core/arch/arm/kernel/thread_optee_smc.c
/optee_os/core/arch/arm/kernel/thread_private.h
/optee_os/core/arch/arm/kernel/unwind_arm32.c
/optee_os/core/arch/arm/kernel/unwind_arm64.c
/optee_os/core/arch/arm/mm/mobj_dyn_shm.c
/optee_os/core/arch/arm/mm/mobj_ffa.c
/optee_os/core/arch/arm/plat-stm32mp1/nsec-service/stm32mp1_smc.h
/optee_os/core/arch/arm/plat-vexpress/conf.mk
/optee_os/core/core.mk
/optee_os/core/drivers/stm32_bsec.c
/optee_os/core/include/drivers/stm32_bsec.h
/optee_os/core/include/kernel/rpc_io_i2c.h
/optee_os/core/include/optee_rpc_cmd.h
/optee_os/core/kernel/assert.c
socket.c
tadb.c
tee_fs_rpc.c
/optee_os/ldelf/dl.c
/optee_os/ldelf/ftrace.c
/optee_os/ldelf/main.c
/optee_os/ldelf/ta_elf.c
/optee_os/ldelf/ta_elf.h
/optee_os/ldelf/ta_elf_rel.c
/optee_os/ldelf/unwind_arm32.c
/optee_os/lib/libdl/dlfcn.c
/optee_os/lib/libutee/arch/arm/sub.mk
/optee_os/lib/libutee/arch/arm/tcb.c
/optee_os/lib/libutee/arch/arm/user_ta_entry.c
/optee_os/lib/libutee/include/arm64_user_sysreg.h
/optee_os/lib/libutee/include/elf.h
/optee_os/lib/libutee/include/elf32.h
/optee_os/lib/libutee/include/elf64.h
/optee_os/lib/libutee/include/elf_common.h
/optee_os/lib/libutee/include/link.h
/optee_os/lib/libutee/include/user_ta_header.h
/optee_os/lib/libutee/tee_api_operations.c
/optee_os/lib/libutils/ext/arch/arm/sub.mk
/optee_os/lib/libutils/ext/include/compiler.h
/optee_os/lib/libutils/ext/include/printk.h
/optee_os/lib/libutils/ext/snprintk.c
/optee_os/lib/libutils/isoc/fp.c
/optee_os/lib/libutils/isoc/fputc.c
/optee_os/lib/libutils/isoc/fputs.c
/optee_os/lib/libutils/isoc/fwrite.c
/optee_os/lib/libutils/isoc/include/stdio.h
/optee_os/lib/libutils/isoc/include/unistd.h
/optee_os/lib/libutils/isoc/sprintf.c
/optee_os/lib/libutils/isoc/sub.mk
/optee_os/lib/libutils/isoc/write.c
/optee_os/mk/clang.mk
/optee_os/mk/compile.mk
/optee_os/mk/config.mk
/optee_os/mk/gcc.mk
/optee_os/mk/subdir.mk
/optee_os/scripts/checkpatch_inc.sh
/optee_os/scripts/symbolize.py
/optee_os/ta/arch/arm/link.mk
/optee_os/ta/arch/arm/ta.ld.S
/optee_os/ta/arch/arm/ta_entry_a32.S
/optee_os/ta/mk/ta_dev_kit.mk
/optee_os/ta/ta.mk
/optee_os/typedefs.checkpatch
ce9a20c130-Jul-2020 Jerome Forissier <jerome@forissier.org>

rmpb: fix infinite recursion in dump_fat() when CFG_TEE_CORE_LOG_LEVEL=4

When CFG_TEE_CORE_LOG_LEVEL=4 and CFG_RPMB_FS=y, the TEE core crashes
with a dead stack canary message:

E/TC:0 0 Dead canar

rmpb: fix infinite recursion in dump_fat() when CFG_TEE_CORE_LOG_LEVEL=4

When CFG_TEE_CORE_LOG_LEVEL=4 and CFG_RPMB_FS=y, the TEE core crashes
with a dead stack canary message:

E/TC:0 0 Dead canary at end of 'stack_abt[3]'
E/TC:0 0 Panic at core/arch/arm/kernel/thread.c:192 <thread_check_canaries>
E/TC:0 0 TEE load address @ 0x1bd0f000
E/TC:0 0 Call stack:
E/TC:0 0 0x1bd17b3d print_kernel_stack at optee_os/core/arch/arm/kernel/unwind_arm32.c:452
E/TC:0 0 0x1bd23a07 __do_panic at optee_os/core/kernel/panic.c:32 (discriminator 1)
E/TC:0 0 0x1bd120cb thread_check_canaries at optee_os/core/arch/arm/kernel/thread.c:188 (discriminator 2)
E/TC:0 0 0x1bd12c1f thread_state_suspend at optee_os/core/arch/arm/kernel/thread.c:754
E/TC:0 0 0x1bd14610 thread_rpc at optee_os/core/arch/arm/kernel/thread_optee_smc_a32.S:227

The issue happens to be with the debug function dump_fat() which causes
infinite recursion. Fix it by doing nothing until after RPMB
initialization has completed.

Fixes: 5f68d7848fe8 ("core: RPMB FS: Caching for FAT FS entries")
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/core/arch/arm/include/kernel/boot.h
/optee_os/core/arch/arm/include/kernel/thread.h
/optee_os/core/arch/arm/include/sm/sm.h
/optee_os/core/arch/arm/kernel/asm-defines.c
/optee_os/core/arch/arm/kernel/boot.c
/optee_os/core/arch/arm/kernel/sub.mk
/optee_os/core/arch/arm/kernel/thread.c
/optee_os/core/arch/arm/kernel/thread_optee_smc_a32.S
/optee_os/core/arch/arm/kernel/thread_optee_smc_a64.S
/optee_os/core/arch/arm/kernel/thread_private.h
/optee_os/core/arch/arm/kernel/unwind_arm32.c
/optee_os/core/arch/arm/plat-amlogic/conf.mk
/optee_os/core/arch/arm/plat-amlogic/main.c
/optee_os/core/arch/arm/plat-bcm/conf.mk
/optee_os/core/arch/arm/plat-bcm/main.c
/optee_os/core/arch/arm/plat-d02/conf.mk
/optee_os/core/arch/arm/plat-d02/main.c
/optee_os/core/arch/arm/plat-hikey/conf.mk
/optee_os/core/arch/arm/plat-hikey/main.c
/optee_os/core/arch/arm/plat-hisilicon/conf.mk
/optee_os/core/arch/arm/plat-hisilicon/main.c
/optee_os/core/arch/arm/plat-hisilicon/psci.c
/optee_os/core/arch/arm/plat-imx/conf.mk
/optee_os/core/arch/arm/plat-imx/main.c
/optee_os/core/arch/arm/plat-imx/pm/cpuidle-imx7d.c
/optee_os/core/arch/arm/plat-imx/pm/pm-imx7.c
/optee_os/core/arch/arm/plat-imx/pm/psci.c
/optee_os/core/arch/arm/plat-k3/conf.mk
/optee_os/core/arch/arm/plat-k3/main.c
/optee_os/core/arch/arm/plat-ls/conf.mk
/optee_os/core/arch/arm/plat-ls/main.c
/optee_os/core/arch/arm/plat-marvell/conf.mk
/optee_os/core/arch/arm/plat-marvell/main.c
/optee_os/core/arch/arm/plat-mediatek/conf.mk
/optee_os/core/arch/arm/plat-mediatek/main.c
/optee_os/core/arch/arm/plat-poplar/conf.mk
/optee_os/core/arch/arm/plat-poplar/main.c
/optee_os/core/arch/arm/plat-rcar/conf.mk
/optee_os/core/arch/arm/plat-rcar/main.c
/optee_os/core/arch/arm/plat-rockchip/conf.mk
/optee_os/core/arch/arm/plat-rockchip/main.c
/optee_os/core/arch/arm/plat-rpi3/conf.mk
/optee_os/core/arch/arm/plat-rpi3/main.c
/optee_os/core/arch/arm/plat-sam/conf.mk
/optee_os/core/arch/arm/plat-sam/main.c
/optee_os/core/arch/arm/plat-sprd/conf.mk
/optee_os/core/arch/arm/plat-sprd/main.c
/optee_os/core/arch/arm/plat-stm/conf.mk
/optee_os/core/arch/arm/plat-stm/main.c
/optee_os/core/arch/arm/plat-stm32mp1/conf.mk
/optee_os/core/arch/arm/plat-stm32mp1/main.c
/optee_os/core/arch/arm/plat-sunxi/conf.mk
/optee_os/core/arch/arm/plat-sunxi/main.c
/optee_os/core/arch/arm/plat-sunxi/psci.c
/optee_os/core/arch/arm/plat-synquacer/conf.mk
/optee_os/core/arch/arm/plat-synquacer/main.c
/optee_os/core/arch/arm/plat-ti/conf.mk
/optee_os/core/arch/arm/plat-ti/main.c
/optee_os/core/arch/arm/plat-uniphier/conf.mk
/optee_os/core/arch/arm/plat-uniphier/main.c
/optee_os/core/arch/arm/plat-vexpress/conf.mk
/optee_os/core/arch/arm/plat-vexpress/main.c
/optee_os/core/arch/arm/plat-zynq7k/conf.mk
/optee_os/core/arch/arm/plat-zynq7k/main.c
/optee_os/core/arch/arm/plat-zynqmp/conf.mk
/optee_os/core/arch/arm/plat-zynqmp/main.c
/optee_os/core/arch/arm/sm/pm.c
/optee_os/core/arch/arm/sm/sm.c
/optee_os/core/arch/arm/sm/sm_a32.S
tee_rpmb_fs.c
/optee_os/ta/ta.mk
7446af6121-Jul-2020 Jerome Forissier <jerome@forissier.org>

core: log message when secure storage corruption is detected

When CFG_REE_FS and CFG_RPMB_FS are both 'y', the data stored by OP-TEE
in the REE filesystem (typically, under /data/tee) are protected

core: log message when secure storage corruption is detected

When CFG_REE_FS and CFG_RPMB_FS are both 'y', the data stored by OP-TEE
in the REE filesystem (typically, under /data/tee) are protected by
hashes stored in the RPMB. Any modifications to the REE files via
external means are therefore detected and TEE_ERROR_SECURITY is
returned. However, no error or debug message is printed to the secure
console which makes troubleshooting more difficult than needed. This
commit adds a debug message.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/core/arch/arm/arm.mk
/optee_os/core/arch/arm/kernel/link.mk
/optee_os/core/arch/arm/kernel/thread_spmc.c
/optee_os/core/arch/arm/plat-imx/drivers/imx_csu.c
/optee_os/core/sub.mk
tee_ree_fs.c
/optee_os/mk/config.mk
/optee_os/mk/lib.mk
/optee_os/ta/arch/arm/link.mk
/optee_os/ta/arch/arm/link_shlib.mk
/optee_os/ta/ta.mk
9bee8f2a21-Jul-2020 Jens Wiklander <jens.wiklander@linaro.org>

core: add generic rpc shared memory buffer caching

Replaces tee_fs_rpc_cache_alloc() with thread_rpc_shm_alloc() which also
takes a shared memory type as argument. This allows allocating an kernel
p

core: add generic rpc shared memory buffer caching

Replaces tee_fs_rpc_cache_alloc() with thread_rpc_shm_alloc() which also
takes a shared memory type as argument. This allows allocating an kernel
private RPC buffer when needed.

Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/.shippable.yml
/optee_os/core/arch/arm/arm.mk
/optee_os/core/arch/arm/include/arm.h
/optee_os/core/arch/arm/include/ffa.h
/optee_os/core/arch/arm/include/kernel/boot.h
/optee_os/core/arch/arm/include/kernel/mutex.h
/optee_os/core/arch/arm/include/kernel/thread.h
/optee_os/core/arch/arm/include/mm/mobj.h
/optee_os/core/arch/arm/include/optee_ffa.h
/optee_os/core/arch/arm/include/sm/psci.h
/optee_os/core/arch/arm/kernel/asm-defines.c
/optee_os/core/arch/arm/kernel/entry_a32.S
/optee_os/core/arch/arm/kernel/entry_a64.S
/optee_os/core/arch/arm/kernel/mutex.c
/optee_os/core/arch/arm/kernel/mutex_lockdep.c
/optee_os/core/arch/arm/kernel/sub.mk
/optee_os/core/arch/arm/kernel/thread.c
/optee_os/core/arch/arm/kernel/thread_a64.S
/optee_os/core/arch/arm/kernel/thread_optee_smc.c
/optee_os/core/arch/arm/kernel/thread_private.h
/optee_os/core/arch/arm/kernel/thread_spmc.c
/optee_os/core/arch/arm/kernel/thread_spmc_a32.S
/optee_os/core/arch/arm/kernel/thread_spmc_a64.S
/optee_os/core/arch/arm/mm/mobj_ffa.c
/optee_os/core/arch/arm/mm/sub.mk
/optee_os/core/arch/arm/plat-vexpress/fvp_spmc_pm.c
/optee_os/core/arch/arm/plat-vexpress/sub.mk
/optee_os/core/arch/arm/tee/entry_std.c
/optee_os/core/arch/arm/tee/sub.mk
/optee_os/core/drivers/stm32_etzpc.c
/optee_os/core/include/kernel/tee_ta_manager.h
/optee_os/core/include/optee_msg.h
/optee_os/core/include/tee/tee_fs_rpc.h
/optee_os/core/kernel/sub.mk
/optee_os/core/kernel/tee_ta_manager.c
socket.c
sub.mk
tadb.c
tee_fs_rpc.c
/optee_os/lib/libutils/ext/ftrace/ftrace.c
/optee_os/lib/libutils/ext/include/atomic.h
/optee_os/lib/libutils/ext/mempool.c
/optee_os/mk/subdir.mk
/optee_os/ta/pkcs11/include/pkcs11_ta.h
/optee_os/ta/pkcs11/src/attributes.c
/optee_os/ta/pkcs11/src/attributes.h
/optee_os/ta/pkcs11/src/entry.c
/optee_os/ta/pkcs11/src/object.c
/optee_os/ta/pkcs11/src/object.h
/optee_os/ta/pkcs11/src/persistent_token.c
/optee_os/ta/pkcs11/src/pkcs11_attributes.c
/optee_os/ta/pkcs11/src/pkcs11_attributes.h
/optee_os/ta/pkcs11/src/pkcs11_helpers.c
/optee_os/ta/pkcs11/src/pkcs11_helpers.h
/optee_os/ta/pkcs11/src/pkcs11_token.c
/optee_os/ta/pkcs11/src/pkcs11_token.h
/optee_os/ta/pkcs11/src/sanitize_object.c
/optee_os/ta/pkcs11/src/sanitize_object.h
/optee_os/ta/pkcs11/src/serializer.c
/optee_os/ta/pkcs11/src/serializer.h
/optee_os/ta/pkcs11/src/sub.mk
1b97b78505-Jul-2020 Roland Nagy <rnagy@xmimx.tk>

core: fix tee_fs_rpc_readdir() parameter direction

The type of params[1] is changed to OUT to match the expected params in
tee-supplicant's tee_fs_rpc_readdir, so calls to tee_fs_rpc_readdir
won't f

core: fix tee_fs_rpc_readdir() parameter direction

The type of params[1] is changed to OUT to match the expected params in
tee-supplicant's tee_fs_rpc_readdir, so calls to tee_fs_rpc_readdir
won't fail with TEE_ERROR_BAD_PARAMETERS.

Signed-off-by: Roland Nagy <rnagy@xmimx.tk>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/.checkpatch.conf
/optee_os/.gitattributes
/optee_os/.github/workflows/stales.yml
/optee_os/.travis.yml
/optee_os/CHANGELOG.md
/optee_os/MAINTAINERS
/optee_os/core/arch/arm/arm.mk
/optee_os/core/arch/arm/include/kernel/boot.h
/optee_os/core/arch/arm/include/kernel/thread.h
/optee_os/core/arch/arm/kernel/asm-defines.c
/optee_os/core/arch/arm/kernel/boot.c
/optee_os/core/arch/arm/kernel/entry_a32.S
/optee_os/core/arch/arm/kernel/entry_a64.S
/optee_os/core/arch/arm/kernel/link.mk
/optee_os/core/arch/arm/kernel/link_dummies_init.c
/optee_os/core/arch/arm/kernel/link_dummies_paged.c
/optee_os/core/arch/arm/kernel/link_dummy.ld
/optee_os/core/arch/arm/kernel/pseudo_ta.c
/optee_os/core/arch/arm/kernel/ree_fs_ta.c
/optee_os/core/arch/arm/kernel/sub.mk
/optee_os/core/arch/arm/kernel/tee_time.c
/optee_os/core/arch/arm/kernel/thread.c
/optee_os/core/arch/arm/kernel/thread_a32.S
/optee_os/core/arch/arm/kernel/thread_optee_smc.c
/optee_os/core/arch/arm/kernel/unwind_arm32.c
/optee_os/core/arch/arm/kernel/unwind_arm64.c
/optee_os/core/arch/arm/kernel/user_ta.c
/optee_os/core/arch/arm/kernel/virtualization.c
/optee_os/core/arch/arm/kernel/wait_queue.c
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/arch/arm/mm/tee_mmu.c
/optee_os/core/arch/arm/mm/tee_pager.c
/optee_os/core/arch/arm/plat-amlogic/conf.mk
/optee_os/core/arch/arm/plat-amlogic/main.c
/optee_os/core/arch/arm/plat-bcm/conf.mk
/optee_os/core/arch/arm/plat-bcm/main.c
/optee_os/core/arch/arm/plat-d02/conf.mk
/optee_os/core/arch/arm/plat-d02/main.c
/optee_os/core/arch/arm/plat-hikey/conf.mk
/optee_os/core/arch/arm/plat-hikey/main.c
/optee_os/core/arch/arm/plat-hisilicon/conf.mk
/optee_os/core/arch/arm/plat-hisilicon/main.c
/optee_os/core/arch/arm/plat-hisilicon/psci.c
/optee_os/core/arch/arm/plat-imx/conf.mk
/optee_os/core/arch/arm/plat-imx/crypto_conf.mk
/optee_os/core/arch/arm/plat-imx/imx_pl310.c
/optee_os/core/arch/arm/plat-imx/link.mk
/optee_os/core/arch/arm/plat-imx/main.c
/optee_os/core/arch/arm/plat-imx/pm/cpuidle-imx7d.c
/optee_os/core/arch/arm/plat-imx/pm/imx7_suspend.c
/optee_os/core/arch/arm/plat-imx/pm/psci.c
/optee_os/core/arch/arm/plat-imx/registers/imx8m-crm.h
/optee_os/core/arch/arm/plat-imx/registers/imx8m.h
/optee_os/core/arch/arm/plat-k3/conf.mk
/optee_os/core/arch/arm/plat-k3/main.c
/optee_os/core/arch/arm/plat-k3/platform_config.h
/optee_os/core/arch/arm/plat-ls/conf.mk
/optee_os/core/arch/arm/plat-ls/main.c
/optee_os/core/arch/arm/plat-marvell/conf.mk
/optee_os/core/arch/arm/plat-marvell/main.c
/optee_os/core/arch/arm/plat-mediatek/conf.mk
/optee_os/core/arch/arm/plat-mediatek/main.c
/optee_os/core/arch/arm/plat-poplar/conf.mk
/optee_os/core/arch/arm/plat-poplar/main.c
/optee_os/core/arch/arm/plat-rcar/conf.mk
/optee_os/core/arch/arm/plat-rcar/main.c
/optee_os/core/arch/arm/plat-rockchip/conf.mk
/optee_os/core/arch/arm/plat-rockchip/main.c
/optee_os/core/arch/arm/plat-rockchip/psci_rk322x.c
/optee_os/core/arch/arm/plat-rpi3/conf.mk
/optee_os/core/arch/arm/plat-rpi3/main.c
/optee_os/core/arch/arm/plat-sam/conf.mk
/optee_os/core/arch/arm/plat-sam/main.c
/optee_os/core/arch/arm/plat-sprd/conf.mk
/optee_os/core/arch/arm/plat-sprd/main.c
/optee_os/core/arch/arm/plat-stm/conf.mk
/optee_os/core/arch/arm/plat-stm/main.c
/optee_os/core/arch/arm/plat-stm32mp1/conf.mk
/optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_clk.c
/optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_pmic.c
/optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_rcc.h
/optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_syscfg.c
/optee_os/core/arch/arm/plat-stm32mp1/drivers/sub.mk
/optee_os/core/arch/arm/plat-stm32mp1/main.c
/optee_os/core/arch/arm/plat-stm32mp1/nsec-service/stm32mp1_svc_setup.c
/optee_os/core/arch/arm/plat-stm32mp1/platform_config.h
/optee_os/core/arch/arm/plat-stm32mp1/pm/psci.c
/optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c
/optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h
/optee_os/core/arch/arm/plat-sunxi/conf.mk
/optee_os/core/arch/arm/plat-sunxi/main.c
/optee_os/core/arch/arm/plat-sunxi/psci.c
/optee_os/core/arch/arm/plat-synquacer/conf.mk
/optee_os/core/arch/arm/plat-synquacer/main.c
/optee_os/core/arch/arm/plat-ti/conf.mk
/optee_os/core/arch/arm/plat-ti/main.c
/optee_os/core/arch/arm/plat-ti/ti_pl310.c
/optee_os/core/arch/arm/plat-uniphier/conf.mk
/optee_os/core/arch/arm/plat-uniphier/main.c
/optee_os/core/arch/arm/plat-vexpress/conf.mk
/optee_os/core/arch/arm/plat-vexpress/main.c
/optee_os/core/arch/arm/plat-zynq7k/conf.mk
/optee_os/core/arch/arm/plat-zynq7k/main.c
/optee_os/core/arch/arm/plat-zynqmp/conf.mk
/optee_os/core/arch/arm/plat-zynqmp/main.c
/optee_os/core/arch/arm/sm/pm.c
/optee_os/core/arch/arm/sm/psci.c
/optee_os/core/arch/arm/tee/arch_svc.c
/optee_os/core/arch/arm/tee/arch_svc_a32.S
/optee_os/core/arch/arm/tee/arch_svc_a64.S
/optee_os/core/arch/arm/tee/arch_svc_private.h
/optee_os/core/arch/arm/tee/entry_fast.c
/optee_os/core/arch/arm/tee/sub.mk
/optee_os/core/core.mk
/optee_os/core/crypto/aes-gcm-sw.c
/optee_os/core/crypto/sm3.c
/optee_os/core/drivers/crypto/caam/acipher/caam_math.c
/optee_os/core/drivers/crypto/caam/acipher/caam_rsa.c
/optee_os/core/drivers/crypto/caam/caam_ctrl.c
/optee_os/core/drivers/crypto/caam/cipher/caam_cipher.c
/optee_os/core/drivers/crypto/caam/cipher/caam_cipher_mac.c
/optee_os/core/drivers/crypto/caam/cipher/caam_cipher_xts.c
/optee_os/core/drivers/crypto/caam/cipher/local.h
/optee_os/core/drivers/crypto/caam/cipher/sub.mk
/optee_os/core/drivers/crypto/caam/hal/common/hal_cfg.c
/optee_os/core/drivers/crypto/caam/hash/caam_hash.c
/optee_os/core/drivers/crypto/caam/include/caam_cipher.h
/optee_os/core/drivers/crypto/caam/include/caam_utils_mem.h
/optee_os/core/drivers/crypto/caam/sub.mk
/optee_os/core/drivers/crypto/caam/utils/utils_mem.c
/optee_os/core/drivers/crypto/crypto_api/acipher/local.h
/optee_os/core/drivers/crypto/crypto_api/acipher/rsa.c
/optee_os/core/drivers/crypto/crypto_api/include/drvcrypt.h
/optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_mac.h
/optee_os/core/drivers/crypto/crypto_api/mac/mac.c
/optee_os/core/drivers/imx_i2c.c
/optee_os/core/drivers/imx_wdog.c
/optee_os/core/drivers/stm32_bsec.c
/optee_os/core/drivers/stm32_etzpc.c
/optee_os/core/drivers/stm32_gpio.c
/optee_os/core/drivers/stm32_i2c.c
/optee_os/core/drivers/stm32_rng.c
/optee_os/core/drivers/sub.mk
/optee_os/core/include/crypto/crypto.h
/optee_os/core/include/drivers/imx_i2c.h
/optee_os/core/include/initcall.h
/optee_os/core/include/kernel/handle.h
/optee_os/core/include/kernel/tee_misc.h
/optee_os/core/include/mm/fobj.h
/optee_os/core/include/mm/tee_mmu.h
/optee_os/core/kernel/console.c
/optee_os/core/kernel/initcall.c
/optee_os/core/kernel/interrupt.c
/optee_os/core/kernel/sub.mk
/optee_os/core/kernel/tee_misc.c
/optee_os/core/kernel/tpm.c
/optee_os/core/mm/fobj.c
/optee_os/core/pta/device.c
tee_fs_rpc.c
/optee_os/ldelf/link.mk
/optee_os/ldelf/start_a32.S
/optee_os/ldelf/start_a64.S
/optee_os/ldelf/sys.c
/optee_os/ldelf/sys.h
/optee_os/ldelf/ta_elf.c
/optee_os/ldelf/unwind_arm64.c
/optee_os/lib/libutee/abort.c
/optee_os/lib/libutee/arch/arm/utee_syscalls_a32.S
/optee_os/lib/libutee/arch/arm/utee_syscalls_a64.S
/optee_os/lib/libutee/arch/arm/utee_syscalls_asm.S
/optee_os/lib/libutee/assert.c
/optee_os/lib/libutee/base64.c
/optee_os/lib/libutee/base64.h
/optee_os/lib/libutee/include/pta_device.h
/optee_os/lib/libutee/include/user_ta_header.h
/optee_os/lib/libutee/include/utee_syscalls.h
/optee_os/lib/libutee/tee_api.c
/optee_os/lib/libutee/tee_api_arith_mpi.c
/optee_os/lib/libutee/tee_api_objects.c
/optee_os/lib/libutee/tee_api_operations.c
/optee_os/lib/libutee/tee_api_panic.c
/optee_os/lib/libutee/tee_api_property.c
/optee_os/lib/libutee/trace_ext.c
/optee_os/lib/libutils/ext/ftrace/ftrace.c
/optee_os/lib/libutils/ext/include/atomic.h
/optee_os/lib/libutils/ext/include/confine_array_index.h
/optee_os/mk/cc-option.mk
/optee_os/mk/clang.mk
/optee_os/mk/compile.mk
/optee_os/mk/config.mk
/optee_os/mk/gcc.mk
/optee_os/mk/lib.mk
/optee_os/mk/subdir.mk
/optee_os/scripts/checkpatch_inc.sh
/optee_os/scripts/pem_to_pub_c.py
/optee_os/scripts/symbolize.py
/optee_os/ta/arch/arm/link.mk
/optee_os/ta/arch/arm/link_shlib.mk
/optee_os/ta/arch/arm/user_ta_header.c
/optee_os/ta/mk/build-user-ta.mk
/optee_os/ta/mk/ta_dev_kit.mk
/optee_os/ta/pkcs11/include/pkcs11_ta.h
/optee_os/ta/pkcs11/src/handle.h
/optee_os/ta/ta.mk
e762809b11-May-2020 Gianguido Sorà <me@gsora.xyz>

rpmb: fix building when TRACE_LEVEL >= TRACE_FLOW

Building with CFG_RPMB_FS=y and CFG_TEE_CORE_LOG_LEVEL=4 yields a
compile-time error due to a typo.

Replacing TEE_RESULT with TEE_Result fixes the

rpmb: fix building when TRACE_LEVEL >= TRACE_FLOW

Building with CFG_RPMB_FS=y and CFG_TEE_CORE_LOG_LEVEL=4 yields a
compile-time error due to a typo.

Replacing TEE_RESULT with TEE_Result fixes the issue.

Signed-off-by: Gianguido Sorà <me@gsora.xyz>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>

show more ...


/optee_os/.shippable.yml
/optee_os/core/arch/arm/dts/stm32mp15-pinctrl.dtsi
/optee_os/core/arch/arm/dts/stm32mp151.dtsi
/optee_os/core/arch/arm/dts/stm32mp153.dtsi
/optee_os/core/arch/arm/dts/stm32mp157.dtsi
/optee_os/core/arch/arm/dts/stm32mp157a-dk1.dts
/optee_os/core/arch/arm/dts/stm32mp157c-dk2.dts
/optee_os/core/arch/arm/dts/stm32mp157c-ed1.dts
/optee_os/core/arch/arm/dts/stm32mp157c-ev1.dts
/optee_os/core/arch/arm/dts/stm32mp15xc.dtsi
/optee_os/core/arch/arm/dts/stm32mp15xx-dkx.dtsi
/optee_os/core/arch/arm/dts/stm32mp15xxaa-pinctrl.dtsi
/optee_os/core/arch/arm/dts/stm32mp15xxab-pinctrl.dtsi
/optee_os/core/arch/arm/dts/stm32mp15xxac-pinctrl.dtsi
/optee_os/core/arch/arm/dts/stm32mp15xxad-pinctrl.dtsi
/optee_os/core/arch/arm/include/kernel/generic_boot.h
/optee_os/core/arch/arm/include/sm/sm.h
/optee_os/core/arch/arm/include/sm/std_smc.h
/optee_os/core/arch/arm/kernel/generic_boot.c
/optee_os/core/arch/arm/kernel/generic_entry_a32.S
/optee_os/core/arch/arm/kernel/generic_entry_a64.S
/optee_os/core/arch/arm/kernel/link_dummies_paged.c
/optee_os/core/arch/arm/kernel/thread.c
/optee_os/core/arch/arm/kernel/thread_a32.S
/optee_os/core/arch/arm/kernel/thread_a64.S
/optee_os/core/arch/arm/kernel/thread_optee_smc_a32.S
/optee_os/core/arch/arm/kernel/thread_optee_smc_a64.S
/optee_os/core/arch/arm/mm/core_mmu_v7.c
/optee_os/core/arch/arm/mm/mobj.c
/optee_os/core/arch/arm/mm/mobj_dyn_shm.c
/optee_os/core/arch/arm/mm/tee_pager.c
/optee_os/core/arch/arm/plat-hisilicon/psci.c
/optee_os/core/arch/arm/plat-imx/crypto_conf.mk
/optee_os/core/arch/arm/plat-ls/conf.mk
/optee_os/core/arch/arm/plat-ls/crypto_conf.mk
/optee_os/core/arch/arm/plat-ls/platform_config.h
/optee_os/core/arch/arm/plat-stm32mp1/conf.mk
/optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_clk.c
/optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_pmic.c
/optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_pmic.h
/optee_os/core/arch/arm/plat-stm32mp1/drivers/sub.mk
/optee_os/core/arch/arm/plat-stm32mp1/main.c
/optee_os/core/arch/arm/plat-stm32mp1/nsec-service/bsec_svc.c
/optee_os/core/arch/arm/plat-stm32mp1/nsec-service/bsec_svc.h
/optee_os/core/arch/arm/plat-stm32mp1/nsec-service/stm32mp1_smc.h
/optee_os/core/arch/arm/plat-stm32mp1/nsec-service/stm32mp1_svc_setup.c
/optee_os/core/arch/arm/plat-stm32mp1/nsec-service/sub.mk
/optee_os/core/arch/arm/plat-stm32mp1/plat_tzc400.c
/optee_os/core/arch/arm/plat-stm32mp1/platform_config.h
/optee_os/core/arch/arm/plat-stm32mp1/pm/psci.c
/optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c
/optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h
/optee_os/core/arch/arm/plat-stm32mp1/sub.mk
/optee_os/core/arch/arm/plat-vexpress/main.c
/optee_os/core/arch/arm/sm/sm.c
/optee_os/core/arch/arm/sm/sm_a32.S
/optee_os/core/crypto/crypto.c
/optee_os/core/drivers/bcm_gpio.c
/optee_os/core/drivers/cdns_uart.c
/optee_os/core/drivers/crypto/caam/blob/caam_blob.c
/optee_os/core/drivers/crypto/caam/blob/sub.mk
/optee_os/core/drivers/crypto/caam/caam_ctrl.c
/optee_os/core/drivers/crypto/caam/caam_desc.c
/optee_os/core/drivers/crypto/caam/hal/common/hal_ctrl.c
/optee_os/core/drivers/crypto/caam/hal/common/hal_rng.c
/optee_os/core/drivers/crypto/caam/hal/common/registers/version_regs.h
/optee_os/core/drivers/crypto/caam/hash/caam_hash.c
/optee_os/core/drivers/crypto/caam/hash/caam_hash_mac.c
/optee_os/core/drivers/crypto/caam/hash/local.h
/optee_os/core/drivers/crypto/caam/hash/sub.mk
/optee_os/core/drivers/crypto/caam/include/caam_blob.h
/optee_os/core/drivers/crypto/caam/include/caam_desc_helper.h
/optee_os/core/drivers/crypto/caam/include/caam_hal_ctrl.h
/optee_os/core/drivers/crypto/caam/include/caam_hash.h
/optee_os/core/drivers/crypto/caam/include/caam_trace.h
/optee_os/core/drivers/crypto/caam/sub.mk
/optee_os/core/drivers/crypto/crypto_api/include/drvcrypt.h
/optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_mac.h
/optee_os/core/drivers/crypto/crypto_api/mac/mac.c
/optee_os/core/drivers/crypto/crypto_api/mac/sub.mk
/optee_os/core/drivers/crypto/crypto_api/sub.mk
/optee_os/core/drivers/gic.c
/optee_os/core/drivers/hi16xx_uart.c
/optee_os/core/drivers/imx_lpuart.c
/optee_os/core/drivers/imx_uart.c
/optee_os/core/drivers/imx_wdog.c
/optee_os/core/drivers/mvebu_uart.c
/optee_os/core/drivers/ns16550.c
/optee_os/core/drivers/pl011.c
/optee_os/core/drivers/pl022_spi.c
/optee_os/core/drivers/pl061_gpio.c
/optee_os/core/drivers/scif.c
/optee_os/core/drivers/scmi-msg/base.c
/optee_os/core/drivers/scmi-msg/clock.h
/optee_os/core/drivers/scmi-msg/entry.c
/optee_os/core/drivers/scmi-msg/reset_domain.c
/optee_os/core/drivers/serial8250_uart.c
/optee_os/core/drivers/sp805_wdt.c
/optee_os/core/drivers/sprd_uart.c
/optee_os/core/drivers/stih_asc.c
/optee_os/core/drivers/stm32_bsec.c
/optee_os/core/drivers/stm32_etzpc.c
/optee_os/core/drivers/stm32_i2c.c
/optee_os/core/drivers/stm32_rng.c
/optee_os/core/drivers/stm32_uart.c
/optee_os/core/drivers/stpmic1.c
/optee_os/core/drivers/tzc400.c
/optee_os/core/include/crypto/crypto_impl.h
/optee_os/core/include/drivers/scmi-msg.h
/optee_os/core/include/drivers/stm32_i2c.h
/optee_os/core/include/drivers/stpmic1.h
/optee_os/core/include/drivers/tzc400.h
/optee_os/core/include/dt-bindings/pinctrl/stm32-pinfunc.h
/optee_os/core/include/initcall.h
/optee_os/core/include/keep.h
/optee_os/core/include/kernel/pm.h
/optee_os/core/include/scattered_array.h
/optee_os/core/kernel/asan.c
/optee_os/core/kernel/console.c
/optee_os/core/mm/fobj.c
/optee_os/core/pta/tests/interrupt.c
tee_rpmb_fs.c
/optee_os/lib/libmbedtls/mbedtls/library/bignum.c
/optee_os/lib/libutee/tee_api_operations.c
/optee_os/scripts/checkpatch_inc.sh
/optee_os/scripts/gen_ldelf_hex.py
/optee_os/ta/pkcs11/include/pkcs11_ta.h
/optee_os/ta/pkcs11/src/entry.c
/optee_os/ta/pkcs11/src/pkcs11_token.c
/optee_os/ta/pkcs11/src/pkcs11_token.h
/optee_os/ta/pkcs11/src/serializer.c
/optee_os/ta/pkcs11/src/serializer.h
/optee_os/ta/pkcs11/src/token_capabilities.h
/optee_os/ta/trusted_keys/entry.c
/optee_os/ta/trusted_keys/include/trusted_keys.h
/optee_os/ta/trusted_keys/sub.mk
/optee_os/ta/trusted_keys/user_ta.mk
/optee_os/ta/trusted_keys/user_ta_header_defines.h
66d685f128-Apr-2020 Peikan Tsai <peikantsai@gmail.com>

rpmb: remove unnecessary check

Remove unnecessary check to fix compile warning reported
by clang as following:

core/tee/tee_rpmb_fs.c:2051:11: warning: address of array 'fh->filename'
will always e

rpmb: remove unnecessary check

Remove unnecessary check to fix compile warning reported
by clang as following:

core/tee/tee_rpmb_fs.c:2051:11: warning: address of array 'fh->filename'
will always evaluate to 'true' [-Wpointer-bool-conversion]
if (fh->filename && (!strcmp(fh->filename,
fe->filename)) &&
~~~~^~~~~~~~ ~~
core/tee/tee_rpmb_fs.c:2134:10: warning: address of array 'fh->filename'
will always evaluate to 'true' [-Wpointer-bool-conversion]
if (fh->filename && !fh->rpmb_fat_address)
~~~~^~~~~~~~ ~~

Signed-off-by: Mark-PK Tsai <mark-pk.tsai@mediatek.com>
Signed-off-by: Peikan Tsai <peikantsai@gmail.com>
Reviewed-by: YJ Chiang <yj.chiang@mediatek.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...


/optee_os/core/arch/arm/include/kernel/early_ta.h
/optee_os/core/arch/arm/kernel/early_ta.c
/optee_os/core/arch/arm/kernel/generic_entry_a64.S
/optee_os/core/arch/arm/kernel/link.mk
/optee_os/core/arch/arm/kernel/ree_fs_ta.c
/optee_os/core/arch/arm/plat-stm32mp1/main.c
/optee_os/core/arch/arm/plat-stm32mp1/rng_seed.c
/optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c
/optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h
/optee_os/core/arch/arm/plat-stm32mp1/sub.mk
/optee_os/core/drivers/stm32_bsec.c
/optee_os/core/include/drivers/stm32_bsec.h
/optee_os/core/lib/libtomcrypt/acipher_helpers.h
/optee_os/core/pta/device.c
tee_rpmb_fs.c
/optee_os/lib/libutils/ext/include/confine_array_index.h
/optee_os/mk/clang.mk
/optee_os/scripts/gen_ldelf_hex.py
/optee_os/scripts/ta_bin_to_c.py
/optee_os/ta/pkcs11/src/pkcs11_token.c
/optee_os/ta/pkcs11/src/pkcs11_token.h
/optee_os/ta/pkcs11/src/serializer.c
/optee_os/ta/pkcs11/src/serializer.h
5f68d78417-Mar-2020 Manuel Huber <mahuber@microsoft.com>

core: RPMB FS: Caching for FAT FS entries

This patch adds optional FAT FS entry caching functionality to the
RPMB FS. This functionality can be enabled by a non zero value for
CFG_RPMB_FS_CACHE_ENTR

core: RPMB FS: Caching for FAT FS entries

This patch adds optional FAT FS entry caching functionality to the
RPMB FS. This functionality can be enabled by a non zero value for
CFG_RPMB_FS_CACHE_ENTRIES. The caching functionality can improve RPMB
I/O at the cost of additional heap memory. The cache size is most
likely platform-specific and should be chosen according to available
secure world memory and expected FAT FS entries in RPMB. The cache
holds the first X FAT FS entry in RAM. Whenever the FAT FS is
traversed, we read from the cache instead of invoking RPMB I/O. The
cache is updated when cached FAT FS entries are written.

Signed-off-by: Manuel Huber <mahuber@microsoft.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Tested-by: Jerome Forissier <jerome@forissier.org> (HiKey960, GP)

show more ...


tee_rpmb_fs.c
/optee_os/lib/libmbedtls/include/mbedtls_config_kernel.h
/optee_os/lib/libmbedtls/mbedtls/CONTRIBUTING.md
/optee_os/lib/libmbedtls/mbedtls/ChangeLog
/optee_os/lib/libmbedtls/mbedtls/LICENSE
/optee_os/lib/libmbedtls/mbedtls/README.md
/optee_os/lib/libmbedtls/mbedtls/dco.txt
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/aes.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/aesni.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/arc4.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/aria.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/asn1.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/asn1write.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/base64.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/bignum.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/blowfish.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/bn_mul.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/camellia.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ccm.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/certs.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/chacha20.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/chachapoly.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/check_config.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cipher.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cipher_internal.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cmac.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/compat-1.3.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ctr_drbg.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/debug.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/des.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/dhm.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecdh.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecdsa.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecjpake.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecp.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecp_internal.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/entropy.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/entropy_poll.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/error.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/gcm.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/havege.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/hkdf.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/hmac_drbg.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md2.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md4.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md5.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md_internal.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/memory_buffer_alloc.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/net.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/net_sockets.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/nist_kw.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/oid.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/padlock.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pem.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pk.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pk_internal.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pkcs11.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pkcs12.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pkcs5.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/platform.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/platform_time.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/platform_util.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/poly1305.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/psa_util.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ripemd160.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/rsa.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/rsa_internal.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha1.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha256.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha512.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_cache.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_ciphersuites.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_cookie.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_internal.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_ticket.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/threading.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/timing.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/version.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_crl.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_crt.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_csr.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/xtea.h
/optee_os/lib/libmbedtls/mbedtls/library/aes.c
/optee_os/lib/libmbedtls/mbedtls/library/asn1parse.c
/optee_os/lib/libmbedtls/mbedtls/library/asn1write.c
/optee_os/lib/libmbedtls/mbedtls/library/bignum.c
/optee_os/lib/libmbedtls/mbedtls/library/ccm.c
/optee_os/lib/libmbedtls/mbedtls/library/certs.c
/optee_os/lib/libmbedtls/mbedtls/library/chacha20.c
/optee_os/lib/libmbedtls/mbedtls/library/chachapoly.c
/optee_os/lib/libmbedtls/mbedtls/library/cipher.c
/optee_os/lib/libmbedtls/mbedtls/library/cipher_wrap.c
/optee_os/lib/libmbedtls/mbedtls/library/cmac.c
/optee_os/lib/libmbedtls/mbedtls/library/ctr_drbg.c
/optee_os/lib/libmbedtls/mbedtls/library/debug.c
/optee_os/lib/libmbedtls/mbedtls/library/des.c
/optee_os/lib/libmbedtls/mbedtls/library/dhm.c
/optee_os/lib/libmbedtls/mbedtls/library/ecdh.c
/optee_os/lib/libmbedtls/mbedtls/library/ecdsa.c
/optee_os/lib/libmbedtls/mbedtls/library/ecjpake.c
/optee_os/lib/libmbedtls/mbedtls/library/ecp.c
/optee_os/lib/libmbedtls/mbedtls/library/ecp_curves.c
/optee_os/lib/libmbedtls/mbedtls/library/entropy.c
/optee_os/lib/libmbedtls/mbedtls/library/entropy_poll.c
/optee_os/lib/libmbedtls/mbedtls/library/error.c
/optee_os/lib/libmbedtls/mbedtls/library/gcm.c
/optee_os/lib/libmbedtls/mbedtls/library/havege.c
/optee_os/lib/libmbedtls/mbedtls/library/hkdf.c
/optee_os/lib/libmbedtls/mbedtls/library/hmac_drbg.c
/optee_os/lib/libmbedtls/mbedtls/library/md.c
/optee_os/lib/libmbedtls/mbedtls/library/md2.c
/optee_os/lib/libmbedtls/mbedtls/library/md4.c
/optee_os/lib/libmbedtls/mbedtls/library/md5.c
/optee_os/lib/libmbedtls/mbedtls/library/net_sockets.c
/optee_os/lib/libmbedtls/mbedtls/library/nist_kw.c
/optee_os/lib/libmbedtls/mbedtls/library/oid.c
/optee_os/lib/libmbedtls/mbedtls/library/pem.c
/optee_os/lib/libmbedtls/mbedtls/library/pk.c
/optee_os/lib/libmbedtls/mbedtls/library/pk_wrap.c
/optee_os/lib/libmbedtls/mbedtls/library/pkcs12.c
/optee_os/lib/libmbedtls/mbedtls/library/pkcs5.c
/optee_os/lib/libmbedtls/mbedtls/library/pkparse.c
/optee_os/lib/libmbedtls/mbedtls/library/pkwrite.c
/optee_os/lib/libmbedtls/mbedtls/library/platform.c
/optee_os/lib/libmbedtls/mbedtls/library/poly1305.c
/optee_os/lib/libmbedtls/mbedtls/library/ripemd160.c
/optee_os/lib/libmbedtls/mbedtls/library/rsa.c
/optee_os/lib/libmbedtls/mbedtls/library/sha1.c
/optee_os/lib/libmbedtls/mbedtls/library/sha256.c
/optee_os/lib/libmbedtls/mbedtls/library/sha512.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_cache.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_ciphersuites.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_cli.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_cookie.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_msg.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_srv.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_ticket.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_tls.c
/optee_os/lib/libmbedtls/mbedtls/library/version_features.c
/optee_os/lib/libmbedtls/mbedtls/library/x509.c
/optee_os/lib/libmbedtls/mbedtls/library/x509_create.c
/optee_os/lib/libmbedtls/mbedtls/library/x509_crl.c
/optee_os/lib/libmbedtls/mbedtls/library/x509_crt.c
/optee_os/lib/libmbedtls/mbedtls/library/x509_csr.c
/optee_os/lib/libmbedtls/mbedtls/library/x509write_crt.c
/optee_os/lib/libmbedtls/mbedtls/library/x509write_csr.c
/optee_os/lib/libmbedtls/sub.mk
/optee_os/mk/clang.mk
/optee_os/mk/config.mk
21282bae16-Apr-2020 Jerome Forissier <jerome@forissier.org>

core: crypto: ECC: make sure key_size is consistent with attributes

TEE_GenerateKey() takes a key_size argument and various attributes. If
the size derived from the attributes is not key_size, we sh

core: crypto: ECC: make sure key_size is consistent with attributes

TEE_GenerateKey() takes a key_size argument and various attributes. If
the size derived from the attributes is not key_size, we should return
TEE_ERROR_BAD_PARAMETERS as per the GP TEE Internal Core API
specification v1.2.1: "If an incorrect or inconsistent attribute is
detected. The checks that are performed depend on the implementation.".

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/core/crypto/crypto.c
/optee_os/core/include/crypto/crypto.h
/optee_os/core/lib/libtomcrypt/ecc.c
tee_svc_cryp.c
/optee_os/lib/libmbedtls/core/ecc.c
9f4dcefb16-Apr-2020 Jerome Forissier <jerome@forissier.org>

core: crypto: DH: make sure key_size is consistent with attributes

TEE_GenerateKey() takes a key_size argument and various attributes. For
Diffie-Hellman, if the size of the prime number (TEE_ATTR_D

core: crypto: DH: make sure key_size is consistent with attributes

TEE_GenerateKey() takes a key_size argument and various attributes. For
Diffie-Hellman, if the size of the prime number (TEE_ATTR_DH_PRIME) is
not key_size, we should return TEE_ERROR_BAD_PARAMETERS as per the GP
TEE Internal Core API specification v1.2.1: "If an incorrect or
inconsistent attribute is detected. The checks that are performed
depend on the implementation.".

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/core/crypto/crypto.c
/optee_os/core/include/crypto/crypto.h
/optee_os/core/lib/libtomcrypt/dh.c
tee_svc_cryp.c
/optee_os/lib/libmbedtls/core/dh.c
82c30aaa15-Apr-2020 Jerome Forissier <jerome@forissier.org>

core: crypto: use supplied DSA parameters when creating key

When generating a DSA key, syscall_obj_generate_key() currently ignores
the supplied parameters: TEE_ATTR_DSA_PRIME, TEE_ATTR_DSA_SUBPRIME

core: crypto: use supplied DSA parameters when creating key

When generating a DSA key, syscall_obj_generate_key() currently ignores
the supplied parameters: TEE_ATTR_DSA_PRIME, TEE_ATTR_DSA_SUBPRIME and
TEE_ATTR_DSA_BASE. Instead a new set of parameters is generated each
time based on the specified key size. This does not comply with the
GlobalPlatform TEE Internal Core API specification which lists these
atrributes as mandatory input to the generation function (see v1.2.1
table 5-12 TEE_GenerateKey parameters).

Fix this issue by providing the supplied parameters to LibTomCrypt's
dsa_generate_key() instead of calling dsa_make_key().

Fixes: https://github.com/OP-TEE/optee_os/issues/3746
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...


/optee_os/.github/issue_template.md
/optee_os/.github/pull_request_template.md
/optee_os/MAINTAINERS
/optee_os/Makefile
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/arch/arm/plat-rcar/link.mk
/optee_os/core/arch/arm/plat-stm32mp1/conf.mk
/optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_clk.c
/optee_os/core/arch/arm/plat-stm32mp1/main.c
/optee_os/core/arch/arm/plat-stm32mp1/nsec-service/stm32mp1_smc.h
/optee_os/core/arch/arm/plat-stm32mp1/nsec-service/stm32mp1_svc_setup.c
/optee_os/core/arch/arm/plat-stm32mp1/nsec-service/sub.mk
/optee_os/core/arch/arm/plat-stm32mp1/platform_config.h
/optee_os/core/arch/arm/plat-stm32mp1/scmi_server.c
/optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c
/optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h
/optee_os/core/arch/arm/plat-stm32mp1/sub.mk
/optee_os/core/arch/arm/plat-uniphier/conf.mk
/optee_os/core/arch/arm/plat-uniphier/kern.ld.S
/optee_os/core/arch/arm/plat-uniphier/link.mk
/optee_os/core/arch/arm/plat-uniphier/main.c
/optee_os/core/arch/arm/plat-uniphier/platform_config.h
/optee_os/core/arch/arm/plat-uniphier/sub.mk
/optee_os/core/drivers/crypto/caam/caam_desc.c
/optee_os/core/drivers/crypto/caam/caam_jr.c
/optee_os/core/drivers/crypto/caam/hal/common/hal_jr.c
/optee_os/core/drivers/crypto/caam/include/caam_common.h
/optee_os/core/drivers/crypto/caam/include/caam_desc_helper.h
/optee_os/core/drivers/crypto/caam/include/caam_jr.h
/optee_os/core/include/dt-bindings/clock/stm32mp1-clks.h
/optee_os/core/include/dt-bindings/reset/stm32mp1-resets.h
/optee_os/core/lib/libtomcrypt/dsa.c
/optee_os/core/pta/tests/invoke.c
tee_svc_cryp.c
/optee_os/lib/libmbedtls/mbedtls/CONTRIBUTING.md
/optee_os/lib/libmbedtls/mbedtls/ChangeLog
/optee_os/lib/libmbedtls/mbedtls/README.md
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/aes.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/aesni.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/arc4.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/asn1write.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/base64.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/bignum.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/bn_mul.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/camellia.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ccm.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/certs.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/check_config.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cipher.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cmac.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/compat-1.3.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ctr_drbg.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/des.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/dhm.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecdh.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecdsa.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecjpake.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecp.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecp_internal.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/error.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/gcm.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/havege.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/hkdf.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/hmac_drbg.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md2.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md4.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md5.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/net.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/nist_kw.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/padlock.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pem.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pk.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pkcs12.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pkcs5.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/platform_util.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/poly1305.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ripemd160.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/rsa.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha1.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha256.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha512.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_cache.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_ciphersuites.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_cookie.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_internal.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_ticket.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/version.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_crl.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_crt.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_csr.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/xtea.h
/optee_os/lib/libmbedtls/mbedtls/library/aes.c
/optee_os/lib/libmbedtls/mbedtls/library/asn1write.c
/optee_os/lib/libmbedtls/mbedtls/library/bignum.c
/optee_os/lib/libmbedtls/mbedtls/library/ccm.c
/optee_os/lib/libmbedtls/mbedtls/library/certs.c
/optee_os/lib/libmbedtls/mbedtls/library/chacha20.c
/optee_os/lib/libmbedtls/mbedtls/library/cipher.c
/optee_os/lib/libmbedtls/mbedtls/library/ctr_drbg.c
/optee_os/lib/libmbedtls/mbedtls/library/debug.c
/optee_os/lib/libmbedtls/mbedtls/library/des.c
/optee_os/lib/libmbedtls/mbedtls/library/dhm.c
/optee_os/lib/libmbedtls/mbedtls/library/ecdh.c
/optee_os/lib/libmbedtls/mbedtls/library/ecdsa.c
/optee_os/lib/libmbedtls/mbedtls/library/ecjpake.c
/optee_os/lib/libmbedtls/mbedtls/library/ecp.c
/optee_os/lib/libmbedtls/mbedtls/library/ecp_curves.c
/optee_os/lib/libmbedtls/mbedtls/library/error.c
/optee_os/lib/libmbedtls/mbedtls/library/havege.c
/optee_os/lib/libmbedtls/mbedtls/library/hmac_drbg.c
/optee_os/lib/libmbedtls/mbedtls/library/md4.c
/optee_os/lib/libmbedtls/mbedtls/library/md5.c
/optee_os/lib/libmbedtls/mbedtls/library/net_sockets.c
/optee_os/lib/libmbedtls/mbedtls/library/oid.c
/optee_os/lib/libmbedtls/mbedtls/library/pkparse.c
/optee_os/lib/libmbedtls/mbedtls/library/pkwrite.c
/optee_os/lib/libmbedtls/mbedtls/library/platform_util.c
/optee_os/lib/libmbedtls/mbedtls/library/poly1305.c
/optee_os/lib/libmbedtls/mbedtls/library/ripemd160.c
/optee_os/lib/libmbedtls/mbedtls/library/rsa.c
/optee_os/lib/libmbedtls/mbedtls/library/sha1.c
/optee_os/lib/libmbedtls/mbedtls/library/sha256.c
/optee_os/lib/libmbedtls/mbedtls/library/sha512.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_ciphersuites.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_srv.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_tls.c
/optee_os/lib/libmbedtls/mbedtls/library/timing.c
/optee_os/lib/libmbedtls/mbedtls/library/version_features.c
/optee_os/lib/libmbedtls/mbedtls/library/x509.c
/optee_os/lib/libmbedtls/mbedtls/library/x509_crl.c
/optee_os/lib/libmbedtls/mbedtls/library/x509_crt.c
/optee_os/lib/libmbedtls/mbedtls/library/x509_csr.c
/optee_os/lib/libmbedtls/mbedtls/library/x509write_crt.c
/optee_os/lib/libmbedtls/mbedtls/library/x509write_csr.c
/optee_os/lib/libmbedtls/sub.mk
/optee_os/lib/libutee/include/pta_invoke_tests.h
/optee_os/ta/pkcs11/include/pkcs11_ta.h
/optee_os/ta/pkcs11/src/entry.c
/optee_os/ta/pkcs11/src/persistent_token.c
/optee_os/ta/pkcs11/src/pkcs11_helpers.c
/optee_os/ta/pkcs11/src/pkcs11_helpers.h
/optee_os/ta/pkcs11/src/pkcs11_token.c
/optee_os/ta/pkcs11/src/pkcs11_token.h
/optee_os/ta/pkcs11/src/token_capabilities.c
ee3e1c5407-Apr-2020 Cedric Neveux <cedric.neveux@nxp.com>

core: utee_param_to_param(): set mobj to NULL when NULL memrefs of size 0

Set the tee_ta_param mobj to NULL if user parameter is a NULL memrefs
of size 0.
When mobj pointer is NULL, it also identify

core: utee_param_to_param(): set mobj to NULL when NULL memrefs of size 0

Set the tee_ta_param mobj to NULL if user parameter is a NULL memrefs
of size 0.
When mobj pointer is NULL, it also identify the last parameter of the list.

Fixes: 9d2e798360b5 ("core: TEE capability for null sized memrefs support")

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jerome Forissier <jerome@forissier.org> (HiKey960)
Tested-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...


/optee_os/core/arch/arm/crypto/aes-gcm-ce.c
/optee_os/core/arch/arm/crypto/aes_armv8a_ce.c
/optee_os/core/arch/arm/crypto/aes_armv8a_ce.h
/optee_os/core/arch/arm/crypto/aes_modes_armv8a_ce_a32.S
/optee_os/core/arch/arm/crypto/aes_modes_armv8a_ce_a64.S
/optee_os/core/arch/arm/crypto/ghash-ce-core_a32.S
/optee_os/core/arch/arm/crypto/ghash-ce-core_a64.S
/optee_os/core/arch/arm/crypto/sha1_armv8a_ce.c
/optee_os/core/arch/arm/crypto/sha1_armv8a_ce_a32.S
/optee_os/core/arch/arm/crypto/sha1_armv8a_ce_a64.S
/optee_os/core/arch/arm/crypto/sha256_armv8a_ce.c
/optee_os/core/arch/arm/crypto/sha256_armv8a_ce_a32.S
/optee_os/core/arch/arm/crypto/sha256_armv8a_ce_a64.S
/optee_os/core/arch/arm/crypto/sub.mk
/optee_os/core/arch/arm/include/crypto/ghash-ce-core.h
/optee_os/core/arch/arm/include/sm/optee_smc.h
/optee_os/core/arch/arm/mm/tee_mmu.c
/optee_os/core/arch/arm/tee/entry_fast.c
/optee_os/core/arch/arm/tee/entry_std.c
/optee_os/core/crypto.mk
/optee_os/core/crypto/aes-gcm-ghash-tbl.c
/optee_os/core/crypto/aes-gcm-sw.c
/optee_os/core/crypto/aes-gcm.c
/optee_os/core/crypto/sub.mk
/optee_os/core/drivers/scmi-msg/base.c
/optee_os/core/drivers/scmi-msg/base.h
/optee_os/core/drivers/scmi-msg/clock.c
/optee_os/core/drivers/scmi-msg/clock.h
/optee_os/core/drivers/scmi-msg/common.h
/optee_os/core/drivers/scmi-msg/entry.c
/optee_os/core/drivers/scmi-msg/reset_domain.c
/optee_os/core/drivers/scmi-msg/reset_domain.h
/optee_os/core/drivers/scmi-msg/smt.c
/optee_os/core/drivers/scmi-msg/sub.mk
/optee_os/core/drivers/sub.mk
/optee_os/core/include/crypto/crypto_accel.h
/optee_os/core/include/crypto/internal_aes-gcm.h
/optee_os/core/include/drivers/scmi-msg.h
/optee_os/core/include/drivers/scmi.h
/optee_os/core/kernel/lockdep.c
/optee_os/core/lib/libtomcrypt/aes.c
/optee_os/core/lib/libtomcrypt/aes_accel.c
/optee_os/core/lib/libtomcrypt/sha1_accel.c
/optee_os/core/lib/libtomcrypt/sha256_accel.c
/optee_os/core/lib/libtomcrypt/src/ciphers/aes/sub.mk
/optee_os/core/lib/libtomcrypt/src/hashes/sha2/sub.mk
/optee_os/core/lib/libtomcrypt/src/hashes/sub.mk
/optee_os/core/lib/libtomcrypt/src/headers/tomcrypt_hash.h
/optee_os/core/lib/libtomcrypt/sub.mk
/optee_os/core/mm/fobj.c
/optee_os/core/pta/tests/aes_perf.c
/optee_os/core/pta/tests/invoke.c
/optee_os/core/pta/tests/misc.h
/optee_os/core/pta/tests/sub.mk
tee_svc.c
/optee_os/ldelf/ldelf.ld.S
/optee_os/lib/libmbedtls/core/aes.c
/optee_os/lib/libmbedtls/core/aes_cbc.c
/optee_os/lib/libmbedtls/core/aes_ctr.c
/optee_os/lib/libmbedtls/core/aes_ecb.c
/optee_os/lib/libmbedtls/core/hash.c
/optee_os/lib/libmbedtls/include/aes_alt.h
/optee_os/lib/libmbedtls/include/mbedtls_config_kernel.h
/optee_os/lib/libutee/include/pta_invoke_tests.h
/optee_os/lib/libutee/tee_api_operations.c
/optee_os/lib/libutils/isoc/newlib/sub.mk
/optee_os/mk/config.mk
7c76743402-Apr-2020 Albert Schwarzkopf <a.schwarzkopf@phytec.de>

core: merge tee_*_get_digest_size() into a single function

Rename tee_hash_get_digest_size() to tee_alg_get_digest_size().

Change tee_alg_get_digest_size() to use new libutee macro
TEE_ALG_GET_DIGE

core: merge tee_*_get_digest_size() into a single function

Rename tee_hash_get_digest_size() to tee_alg_get_digest_size().

Change tee_alg_get_digest_size() to use new libutee macro
TEE_ALG_GET_DIGEST_SIZE.

Remove tee_mac_get_digest_size() as its functionality
is handled by tee_alg_get_digest_size() now.

Signed-off-by: Albert Schwarzkopf <a.schwarzkopf@phytec.de>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/core/arch/arm/crypto/ghash-ce-core_a32.S
/optee_os/core/arch/arm/crypto/ghash-ce-core_a64.S
/optee_os/core/arch/arm/kernel/thread_a32.S
/optee_os/core/arch/arm/kernel/thread_a64.S
/optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_clk.c
/optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_rcc.h
/optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c
/optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h
/optee_os/core/arch/arm/sm/sm_a32.S
/optee_os/core/crypto/signed_hdr.c
/optee_os/core/drivers/crypto/crypto_api/acipher/rsa.c
/optee_os/core/drivers/stm32_etzpc.c
/optee_os/core/drivers/stm32_rng.c
/optee_os/core/include/tee/tee_cryp_utl.h
/optee_os/core/lib/libtomcrypt/dsa.c
/optee_os/core/lib/libtomcrypt/rsa.c
tee_cryp_concat_kdf.c
tee_cryp_hkdf.c
tee_cryp_pbkdf2.c
tee_cryp_utl.c
tee_svc_cryp.c
/optee_os/lib/libmbedtls/core/rsa.c
/optee_os/lib/libutee/include/utee_defines.h
/optee_os/lib/libutee/tee_api_operations.c
/optee_os/lib/libutils/isoc/arch/arm/arm32_aeabi_divmod_a32.S
/optee_os/lib/libutils/isoc/arch/arm/arm32_aeabi_ldivmod_a32.S
/optee_os/ta/pkcs11/src/persistent_token.c
/optee_os/ta/pkcs11/src/pkcs11_token.c
/optee_os/ta/pkcs11/src/serializer.h
85daf48c25-Mar-2020 Jens Wiklander <jens.wiklander@linaro.org>

core: check writeable in tee_svc_copy_param()

Check that the callee_params are writeable too in tee_svc_copy_param()
as they will be updated in tee_svc_update_out_param() in case one of the
paramete

core: check writeable in tee_svc_copy_param()

Check that the callee_params are writeable too in tee_svc_copy_param()
as they will be updated in tee_svc_update_out_param() in case one of the
parameters is an "out" parameter. To keep it simple always require
callee_params to be writeable.

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reported-by: Bastien Simondi <bsimondi@netflix.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/.shippable.yml
/optee_os/core/arch/arm/plat-imx/drivers/imx_snvs.c
tee_svc.c
/optee_os/ta/pkcs11/include/pkcs11_ta.h
/optee_os/ta/pkcs11/src/entry.c
/optee_os/ta/pkcs11/src/handle.c
/optee_os/ta/pkcs11/src/handle.h
/optee_os/ta/pkcs11/src/pkcs11_helpers.c
/optee_os/ta/pkcs11/src/pkcs11_helpers.h
/optee_os/ta/pkcs11/src/pkcs11_token.c
/optee_os/ta/pkcs11/src/pkcs11_token.h
/optee_os/ta/pkcs11/src/sub.mk
db49848426-Mar-2020 Jens Wiklander <jens.wiklander@linaro.org>

rpmb: fix call to plat_rpmb_key_is_ready()

In tee_rpmb_write_and_verify_key() a call was recently added to check if
the RPMB key was ready to be retrieved. But the function wasn't called
in the new

rpmb: fix call to plat_rpmb_key_is_ready()

In tee_rpmb_write_and_verify_key() a call was recently added to check if
the RPMB key was ready to be retrieved. But the function wasn't called
in the new if statement, instead was just the address of the function
tested to be non-NULL. So with this patch add the missing () to make it
a function call.

Fixes: b1042535dc3e ("rpmb: function to block rpmb write per platform")
Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/.shippable.yml
/optee_os/core/arch/arm/include/mm/core_mmu.h
/optee_os/core/arch/arm/kernel/early_ta.c
/optee_os/core/arch/arm/kernel/generic_boot.c
/optee_os/core/arch/arm/kernel/generic_entry_a32.S
/optee_os/core/arch/arm/kernel/generic_entry_a64.S
/optee_os/core/arch/arm/kernel/link.mk
/optee_os/core/arch/arm/kernel/link_dummies_init.c
/optee_os/core/arch/arm/kernel/link_dummies_paged.c
/optee_os/core/arch/arm/kernel/ree_fs_ta.c
/optee_os/core/arch/arm/kernel/sub.mk
/optee_os/core/arch/arm/kernel/thread_a32.S
/optee_os/core/arch/arm/kernel/thread_a64.S
/optee_os/core/arch/arm/kernel/thread_optee_smc_a64.S
/optee_os/core/arch/arm/kernel/user_ta.c
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/arch/arm/mm/core_mmu_lpae.c
/optee_os/core/arch/arm/mm/core_mmu_private.h
/optee_os/core/arch/arm/mm/core_mmu_v7.c
/optee_os/core/arch/arm/mm/tee_mmu.c
/optee_os/core/arch/arm/mm/tee_pager.c
/optee_os/core/arch/arm/plat-imx/conf.mk
/optee_os/core/arch/arm/plat-imx/crypto_conf.mk
/optee_os/core/arch/arm/plat-imx/drivers/imx_snvs.c
/optee_os/core/arch/arm/plat-imx/drivers/sub.mk
/optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_rcc.c
/optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c
/optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h
/optee_os/core/arch/arm/tee/arch_svc.c
/optee_os/core/arch/arm/tee/entry_std.c
/optee_os/core/arch/arm/tee/init.c
/optee_os/core/crypto/crypto.c
/optee_os/core/drivers/bnxt/bnxt_fw.c
/optee_os/core/drivers/crypto/caam/acipher/caam_math.c
/optee_os/core/drivers/crypto/caam/acipher/caam_prime.c
/optee_os/core/drivers/crypto/caam/acipher/caam_rsa.c
/optee_os/core/drivers/crypto/caam/acipher/local.h
/optee_os/core/drivers/crypto/caam/acipher/sub.mk
/optee_os/core/drivers/crypto/caam/caam_ctrl.c
/optee_os/core/drivers/crypto/caam/caam_jr.c
/optee_os/core/drivers/crypto/caam/caam_rng.c
/optee_os/core/drivers/crypto/caam/cipher/caam_cipher.c
/optee_os/core/drivers/crypto/caam/cipher/caam_cipher_xts.c
/optee_os/core/drivers/crypto/caam/cipher/local.h
/optee_os/core/drivers/crypto/caam/cipher/sub.mk
/optee_os/core/drivers/crypto/caam/hal/common/hal_cfg.c
/optee_os/core/drivers/crypto/caam/hal/common/hal_ctrl.c
/optee_os/core/drivers/crypto/caam/hal/common/hal_jr.c
/optee_os/core/drivers/crypto/caam/hal/common/registers/version_regs.h
/optee_os/core/drivers/crypto/caam/include/caam_acipher.h
/optee_os/core/drivers/crypto/caam/include/caam_cipher.h
/optee_os/core/drivers/crypto/caam/include/caam_desc_ccb_defines.h
/optee_os/core/drivers/crypto/caam/include/caam_desc_defines.h
/optee_os/core/drivers/crypto/caam/include/caam_hal_ctrl.h
/optee_os/core/drivers/crypto/caam/include/caam_jr_status.h
/optee_os/core/drivers/crypto/caam/include/caam_trace.h
/optee_os/core/drivers/crypto/caam/include/caam_utils_mem.h
/optee_os/core/drivers/crypto/caam/sub.mk
/optee_os/core/drivers/crypto/caam/utils/utils_mem.c
/optee_os/core/drivers/crypto/crypto_api/acipher/local.h
/optee_os/core/drivers/crypto/crypto_api/acipher/rsa.c
/optee_os/core/drivers/crypto/crypto_api/acipher/rsamgf.c
/optee_os/core/drivers/crypto/crypto_api/acipher/rsassa.c
/optee_os/core/drivers/crypto/crypto_api/acipher/sub.mk
/optee_os/core/drivers/crypto/crypto_api/cipher/cipher.c
/optee_os/core/drivers/crypto/crypto_api/cipher/sub.mk
/optee_os/core/drivers/crypto/crypto_api/include/drvcrypt.h
/optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_acipher.h
/optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_asn1_oid.h
/optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_cipher.h
/optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_hash.h
/optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_math.h
/optee_os/core/drivers/crypto/crypto_api/math/modulus.c
/optee_os/core/drivers/crypto/crypto_api/math/sub.mk
/optee_os/core/drivers/crypto/crypto_api/oid/hash_oid.c
/optee_os/core/drivers/crypto/crypto_api/oid/sub.mk
/optee_os/core/drivers/crypto/crypto_api/sub.mk
/optee_os/core/drivers/gic.c
/optee_os/core/drivers/stm32_etzpc.c
/optee_os/core/include/crypto/crypto_impl.h
/optee_os/core/include/signed_hdr.h
/optee_os/core/pta/gprof.c
/optee_os/core/pta/system.c
tee_rpmb_fs.c
/optee_os/ldelf/ta_elf.c
/optee_os/ldelf/ta_elf.h
/optee_os/ldelf/ta_elf_rel.c
/optee_os/lib/libdl/dlfcn.c
/optee_os/lib/libutee/arch/arm/user_ta_entry.c
/optee_os/lib/libutee/include/arm64_user_sysreg.h
/optee_os/lib/libutee/include/tee_api_defines_extensions.h
/optee_os/lib/libutee/include/user_ta_header.h
/optee_os/lib/libutils/ext/include/confine_array_index.h
/optee_os/lib/libutils/ext/include/util.h
/optee_os/lib/libutils/isoc/include/setjmp.h
/optee_os/mk/lib.mk
/optee_os/ta/arch/arm/link.mk
/optee_os/ta/arch/arm/ta.ld.S
/optee_os/ta/pkcs11/include/pkcs11_ta.h
/optee_os/ta/pkcs11/src/entry.c
/optee_os/ta/pkcs11/src/persistent_token.c
/optee_os/ta/pkcs11/src/pkcs11_helpers.c
/optee_os/ta/pkcs11/src/pkcs11_helpers.h
/optee_os/ta/pkcs11/src/pkcs11_token.c
/optee_os/ta/pkcs11/src/pkcs11_token.h
/optee_os/ta/pkcs11/src/serializer.c
/optee_os/ta/pkcs11/src/serializer.h
/optee_os/ta/pkcs11/src/sub.mk
/optee_os/ta/pkcs11/src/token_capabilities.c
/optee_os/ta/pkcs11/src/token_capabilities.h
b104253529-Nov-2019 Rouven Czerwinski <r.czerwinski@pengutronix.de>

rpmb: function to block rpmb write per platform

Often the RPMB should only be written if the platform is in the correct
state where the Hardware Unique Key (HUK) for the platform works
correctly. As

rpmb: function to block rpmb write per platform

Often the RPMB should only be written if the platform is in the correct
state where the Hardware Unique Key (HUK) for the platform works
correctly. As an example on imx platforms with HUK derivation from the
OTPMK, the OTPMK is only accessible from the secure or trusted state.
Add a function and weak implementation for platforms to indicate that
the device is in the correct state to allow RPMB key writes.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Cedric Neveux <cedric.neveux@nxp.com>

show more ...


/optee_os/MAINTAINERS
/optee_os/core/arch/arm/kernel/generic_boot.c
/optee_os/core/arch/arm/kernel/generic_entry_a32.S
/optee_os/core/arch/arm/plat-imx/conf.mk
/optee_os/core/arch/arm/plat-imx/drivers/tzc380.c
/optee_os/core/arch/arm/plat-imx/imx.h
/optee_os/core/arch/arm/plat-imx/main.c
/optee_os/core/arch/arm/plat-ls/conf.mk
/optee_os/core/arch/arm/plat-ls/crypto_conf.mk
/optee_os/core/arch/arm/plat-ls/platform_config.h
/optee_os/core/arch/arm/plat-stm32mp1/conf.mk
/optee_os/core/arch/arm/plat-stm32mp1/main.c
/optee_os/core/arch/arm/plat-stm32mp1/platform_config.h
/optee_os/core/arch/arm/plat-vexpress/conf.mk
/optee_os/core/drivers/crypto/caam/caam_desc.c
/optee_os/core/drivers/imx_snvs.c
/optee_os/core/drivers/tzc380.c
/optee_os/core/include/drivers/imx_snvs.h
/optee_os/core/include/drivers/tzc380.h
/optee_os/core/include/kernel/panic.h
/optee_os/core/include/kernel/tpm.h
/optee_os/core/include/tee/tee_fs.h
/optee_os/core/kernel/sub.mk
/optee_os/core/kernel/tpm.c
/optee_os/core/pta/system.c
tee_rpmb_fs.c
/optee_os/lib/libutee/arch/arm/sub.mk
/optee_os/lib/libutee/arch/arm/user_ta_entry.c
/optee_os/lib/libutee/include/pta_system.h
/optee_os/mk/clang.mk
/optee_os/mk/config.mk
/optee_os/scripts/get_maintainer.py
/optee_os/scripts/symbolize.py
/optee_os/ta/arch/arm/ta.ld.S
/optee_os/ta/pkcs11/include/pkcs11_ta.h
/optee_os/ta/pkcs11/src/entry.c
/optee_os/ta/pkcs11/src/pkcs11_helpers.c
/optee_os/ta/pkcs11/src/pkcs11_helpers.h
/optee_os/ta/pkcs11/src/user_ta_header_defines.h
/optee_os/ta/ta.mk
7d97159b12-Feb-2020 Manuel Huber <mahuber@microsoft.com>

core: RPMB FS: Make N_ENTRIES a config variable

Allows to configure the number of FAT fs entries to be read from RPMB
storage in one chunk. Increasing this number makes functions that
traverse the F

core: RPMB FS: Make N_ENTRIES a config variable

Allows to configure the number of FAT fs entries to be read from RPMB
storage in one chunk. Increasing this number makes functions that
traverse the FAT fs read in more entries within a single RPMB read
operation. While this potentially improves RPMB I/O, it comes at the
cost of additional memory required to be allocated on the heap.
Determining an optimal size is platform- and use-case-dependent.

Signed-off-by: Manuel Huber <mahuber@microsoft.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/core/arch/arm/kernel/generic_entry_a32.S
/optee_os/core/arch/arm/kernel/generic_entry_a64.S
/optee_os/core/arch/arm/tee/init.c
tee_rpmb_fs.c
/optee_os/mk/config.mk
/optee_os/scripts/symbolize.py
213777fd11-Feb-2020 Manuel Huber <mahuber@microsoft.com>

Empty body for dump_fat() unless log level set to TRACE_FLOW

This patch improves RPMB performance. When called, dump_fat()
traverses the whole list of FAT entries and prints them out using
FMSG(). d

Empty body for dump_fat() unless log level set to TRACE_FLOW

This patch improves RPMB performance. When called, dump_fat()
traverses the whole list of FAT entries and prints them out using
FMSG(). dump_fat() is currently called by write_fat_entry() and
rpmb_fs_setup(). With this commit, dump_fat() is only active when
debugging/tracing, and empty for productive builds.

Signed-off-by: Manuel Huber <mahuber@microsoft.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...


/optee_os/.shippable.yml
/optee_os/.travis.yml
/optee_os/MAINTAINERS
/optee_os/core/arch/arm/include/arm32.h
/optee_os/core/arch/arm/include/arm64.h
/optee_os/core/arch/arm/include/kernel/generic_boot.h
/optee_os/core/arch/arm/kernel/generic_boot.c
/optee_os/core/arch/arm/kernel/generic_entry_a32.S
/optee_os/core/arch/arm/kernel/generic_entry_a64.S
/optee_os/core/arch/arm/kernel/pseudo_ta.c
/optee_os/core/arch/arm/kernel/thread.c
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/arch/arm/mm/mobj.c
/optee_os/core/arch/arm/mm/mobj_dyn_shm.c
/optee_os/core/arch/arm/mm/tee_mmu.c
/optee_os/core/arch/arm/plat-amlogic/conf.mk
/optee_os/core/arch/arm/plat-amlogic/link.mk
/optee_os/core/arch/arm/plat-amlogic/main.c
/optee_os/core/arch/arm/plat-amlogic/platform_config.h
/optee_os/core/arch/arm/plat-amlogic/scripts/aml_bin2img.py
/optee_os/core/arch/arm/plat-amlogic/sub.mk
/optee_os/core/arch/arm/plat-hikey/conf.mk
/optee_os/core/arch/arm/plat-imx/conf.mk
/optee_os/core/arch/arm/plat-imx/crypto_conf.mk
/optee_os/core/arch/arm/plat-imx/drivers/imx_csu.c
/optee_os/core/arch/arm/plat-imx/registers/imx6.h
/optee_os/core/arch/arm/plat-imx/registers/imx7.h
/optee_os/core/arch/arm/tee/arch_svc.c
/optee_os/core/arch/arm/tee/entry_fast.c
/optee_os/core/core.mk
/optee_os/core/drivers/amlogic_uart.c
/optee_os/core/drivers/crypto/caam/hash/caam_hash.c
/optee_os/core/drivers/crypto/caam/include/caam_common.h
/optee_os/core/drivers/crypto/caam/include/caam_desc_helper.h
/optee_os/core/drivers/crypto/caam/include/caam_trace.h
/optee_os/core/drivers/crypto/caam/include/caam_utils_mem.h
/optee_os/core/drivers/crypto/caam/include/caam_utils_sgt.h
/optee_os/core/drivers/crypto/caam/utils/utils_mem.c
/optee_os/core/drivers/crypto/caam/utils/utils_sgt.c
/optee_os/core/drivers/sub.mk
/optee_os/core/drivers/tzc380.c
/optee_os/core/include/drivers/amlogic_uart.h
/optee_os/core/include/drivers/tzc380.h
/optee_os/core/lib/libfdt/README.license
/optee_os/core/lib/libfdt/fdt.c
/optee_os/core/lib/libfdt/fdt_addresses.c
/optee_os/core/lib/libfdt/fdt_empty_tree.c
/optee_os/core/lib/libfdt/fdt_overlay.c
/optee_os/core/lib/libfdt/fdt_ro.c
/optee_os/core/lib/libfdt/fdt_rw.c
/optee_os/core/lib/libfdt/fdt_strerror.c
/optee_os/core/lib/libfdt/fdt_sw.c
/optee_os/core/lib/libfdt/fdt_wip.c
/optee_os/core/lib/libfdt/include/fdt.h
/optee_os/core/lib/libfdt/include/libfdt.h
/optee_os/core/lib/libfdt/include/libfdt_env.h
/optee_os/core/lib/libfdt/libfdt_internal.h
/optee_os/core/lib/libtomcrypt/mpi_desc.c
/optee_os/core/lib/libtomcrypt/sub.mk
tee_rpmb_fs.c
/optee_os/lib/libmbedtls/core/dh.c
/optee_os/lib/libmbedtls/include/mbedtls_config_kernel.h
/optee_os/lib/libutee/include/tee_api.h
/optee_os/lib/libutee/include/tee_api_defines.h
/optee_os/lib/libutee/include/tee_arith_internal.h
/optee_os/lib/libutee/sub.mk
/optee_os/lib/libutee/tee_api_operations.c
/optee_os/lib/libutils/ext/ftrace/ftrace.c
/optee_os/lib/libutils/ext/include/config.h
/optee_os/mk/checkconf.mk
/optee_os/mk/config.mk
/optee_os/scripts/symbolize.py
/optee_os/ta/arch/arm/ta.ld.S
/optee_os/ta/mk/build-user-ta.mk
/optee_os/ta/mk/ta_dev_kit.mk
/optee_os/ta/pkcs11/Android.mk
/optee_os/ta/pkcs11/Makefile
/optee_os/ta/pkcs11/include/pkcs11_ta.h
/optee_os/ta/pkcs11/src/entry.c
/optee_os/ta/pkcs11/src/pkcs11_helpers.c
/optee_os/ta/pkcs11/src/pkcs11_helpers.h
/optee_os/ta/pkcs11/src/sub.mk
/optee_os/ta/pkcs11/src/user_ta_header_defines.h
/optee_os/ta/pkcs11/sub.mk
/optee_os/ta/pkcs11/user_ta.mk
/optee_os/ta/ta.mk
688c335d27-Jan-2020 Jerome Forissier <jerome@forissier.org>

Remove TEE_OPERATION_EXTENSION

Commit 6a2e0a9fe2b9 ("utee: support prehashed RSA sign/ver without
ASN.1") has introduced TEE_OPERATION_EXTENSION in tee_api_defines.h with
value 0xF. This poses a cou

Remove TEE_OPERATION_EXTENSION

Commit 6a2e0a9fe2b9 ("utee: support prehashed RSA sign/ver without
ASN.1") has introduced TEE_OPERATION_EXTENSION in tee_api_defines.h with
value 0xF. This poses a couple of minor issues:

1. Values 0x00000009-0x7FFFFFFF are "Reserved for future use" according
to the TEE Internal Core API specification v1.2.1 (Table 5-6),

2. The meaning of this #define is not clear: "extension" is not a
kind of operation like "cipher", "MAC", "asymmetric signature" etc.
The algorithm added by the above commit is TEE_ALG_RSASSA_PKCS1_V1_5
which is an asymmetric signature and should therefore be associated with
TEE_OPERATION_ASYMMETRIC_SIGNATURE.

I suppose the operation value was added in a attempt to keep the
structure of algorithm identifiers as defined in the GP v1.1
specification, where some particular bits indicate some attributes of
the algorithm. This scheme has since been abandoned by GlobalPlatform so
there is no reason to keep it.

Therefore, this commit removes the TEE_OPERATION_EXTENSION macro and
makes a special case in the TEE_GET_CLASS() macro so that algorithm
TEE_ALG_RSASSA_PKCS1_V1_5 is associated with
TEE_OPERATION_ASYMMETRIC_SIGNATURE.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Gabor Szekely <szvgabor@gmail.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/.shippable.yml
/optee_os/CHANGELOG.md
/optee_os/core/arch/arm/include/mm/core_mmu.h
/optee_os/core/arch/arm/kernel/generic_boot.c
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/arch/arm/mm/mobj_dyn_shm.c
/optee_os/core/arch/arm/plat-rcar/conf.mk
/optee_os/core/arch/arm/plat-rcar/link.mk
/optee_os/core/lib/libtomcrypt/sm2-pke.c
tee_svc_cryp.c
/optee_os/lib/libutee/include/tee_api_defines.h
/optee_os/lib/libutee/include/utee_defines.h
/optee_os/mk/config.mk
/optee_os/scripts/gen_tee_bin.py
5b385b3f06-Jan-2020 Jerome Forissier <jerome@forissier.org>

core: crypto: add support for SM2 KEP

Adds SM2 Key Exchange Protocol [1] using LibTomCrypt. The TA interface
complies with the GlobalPlatform TEE Internal Core API version 1.2.

SM2 KEP is enabled w

core: crypto: add support for SM2 KEP

Adds SM2 Key Exchange Protocol [1] using LibTomCrypt. The TA interface
complies with the GlobalPlatform TEE Internal Core API version 1.2.

SM2 KEP is enabled with CFG_CRYPTO_SM2_KEP=y (default y) wich currently
requires that CFG_CRYPTOLIB_NAME=tomcrypt. An Mbed TLS implementation
could be added later if needed.

[1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724110812

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/.github/workflows/stale_issue.yml
/optee_os/.github/workflows/stale_pr.yml
/optee_os/core/arch/arm/arm.mk
/optee_os/core/arch/arm/include/mm/core_mmu.h
/optee_os/core/arch/arm/kernel/generic_entry_a32.S
/optee_os/core/arch/arm/kernel/generic_entry_a64.S
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/arch/arm/mm/core_mmu_lpae.c
/optee_os/core/arch/arm/mm/core_mmu_private.h
/optee_os/core/arch/arm/plat-rcar/conf.mk
/optee_os/core/arch/arm/plat-vexpress/conf.mk
/optee_os/core/crypto.mk
/optee_os/core/crypto/crypto.c
/optee_os/core/include/crypto/crypto.h
/optee_os/core/include/kernel/interrupt.h
/optee_os/core/kernel/interrupt.c
/optee_os/core/lib/libtomcrypt/acipher_helpers.h
/optee_os/core/lib/libtomcrypt/ecc.c
/optee_os/core/lib/libtomcrypt/sm2-dsa.c
/optee_os/core/lib/libtomcrypt/sm2-kep.c
/optee_os/core/lib/libtomcrypt/sm2-pke.c
/optee_os/core/lib/libtomcrypt/sm2_kdf.c
/optee_os/core/lib/libtomcrypt/sub.mk
tee_svc_cryp.c
/optee_os/lib/libutee/include/tee_api_defines.h
/optee_os/lib/libutee/include/utee_defines.h
/optee_os/lib/libutee/tee_api_operations.c
0f15194317-Dec-2019 Jerome Forissier <jerome@forissier.org>

core: crypto add support for SM2 DSA

Adds SM2 Digital Signature Algorithm [1] using LibTomCrypt. The TA
interface complies with the GlobalPlatform TEE Internal Core API
version 1.2.

SM2 DSA is enab

core: crypto add support for SM2 DSA

Adds SM2 Digital Signature Algorithm [1] using LibTomCrypt. The TA
interface complies with the GlobalPlatform TEE Internal Core API
version 1.2.

SM2 DSA is enabled with CFG_CRYPTO_SM2_DSA=y (default y) which currently
requires that CFG_CRYPTOLIB_NAME=tomcrypt. An Mbed TLS implementation
could be added later if needed.

[1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724110812

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/MAINTAINERS
/optee_os/core/crypto.mk
/optee_os/core/crypto/crypto.c
/optee_os/core/include/crypto/crypto.h
/optee_os/core/lib/libtomcrypt/ecc.c
/optee_os/core/lib/libtomcrypt/sm2-dsa.c
/optee_os/core/lib/libtomcrypt/sub.mk
tee_svc_cryp.c
/optee_os/lib/libutee/include/tee_api_defines.h
/optee_os/lib/libutee/include/utee_defines.h
/optee_os/lib/libutee/tee_api_operations.c
/optee_os/scripts/symbolize.py
91fc6bd817-Dec-2019 Jerome Forissier <jerome@forissier.org>

core: crypto: add support for SM2 PKE

Adds SM2 Public Key Encryption [1] using LibTomCrypt. The TA interface
complies with the GlobalPlatform TEE Internal Core API version 1.2.

SM2 is enabled with

core: crypto: add support for SM2 PKE

Adds SM2 Public Key Encryption [1] using LibTomCrypt. The TA interface
complies with the GlobalPlatform TEE Internal Core API version 1.2.

SM2 is enabled with CFG_CRYPTO_SM2_PKE=y (default y) which currently
requires that CFG_CRYPTOLIB_NAME=tomcrypt. An Mbed TLS implementation
could be added later if needed.

[1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724110812

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/.shippable.yml
/optee_os/core/arch/arm/include/mm/core_mmu.h
/optee_os/core/arch/arm/include/mm/mobj.h
/optee_os/core/arch/arm/kernel/pseudo_ta.c
/optee_os/core/arch/arm/kernel/ree_fs_ta.c
/optee_os/core/arch/arm/kernel/thread_a64.S
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/arch/arm/mm/mobj_dyn_shm.c
/optee_os/core/crypto.mk
/optee_os/core/crypto/crypto.c
/optee_os/core/crypto/sm3-hmac.c
/optee_os/core/include/crypto/crypto.h
/optee_os/core/lib/libtomcrypt/acipher_helpers.h
/optee_os/core/lib/libtomcrypt/dh.c
/optee_os/core/lib/libtomcrypt/dsa.c
/optee_os/core/lib/libtomcrypt/ecc.c
/optee_os/core/lib/libtomcrypt/mpa_desc.c
/optee_os/core/lib/libtomcrypt/mpi_desc.c
/optee_os/core/lib/libtomcrypt/rsa.c
/optee_os/core/lib/libtomcrypt/sm2-pke.c
/optee_os/core/lib/libtomcrypt/src/pk/ecc/ecc.c
/optee_os/core/lib/libtomcrypt/src/pk/ecc/ecc_find_curve.c
/optee_os/core/lib/libtomcrypt/src/pk/ecc/sub.mk
/optee_os/core/lib/libtomcrypt/sub.mk
tee_svc_cryp.c
/optee_os/lib/libutee/include/tee_api_defines.h
/optee_os/lib/libutee/include/utee_defines.h
/optee_os/lib/libutee/tee_api_operations.c
/optee_os/lib/libutils/isoc/include/stdint.h
/optee_os/mk/compile.mk
/optee_os/ta/arch/arm/link.mk
/optee_os/ta/avb/user_ta.mk
/optee_os/ta/mk/ta_dev_kit.mk

12345678910>>...24