tee - OpenGrok history log for /optee

Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
ced8449a	12-Mar-2019	Bastien Simondi <bsimondi@netflix.com>	core: storage: add some overflow checks Adds overflow checks to the secure storage code. Signed-off-by: Bastien Simondi <bsimondi@netflix.com> [jf: Fix test in syscall_storage_obj_seek() case TEE_D core: storage: add some overflow checks Adds overflow checks to the secure storage code. Signed-off-by: Bastien Simondi <bsimondi@netflix.com> [jf: Fix test in syscall_storage_obj_seek() case TEE_DATA_SEEK_END] [jf: Get rid of { } block, initialize new local variables] [jf: Do not fail on (data && !len) in syscall_storage_obj_create()] Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Joakim Bech <joakim.bech@linaro.org> show more ... tee_svc_storage.c
a401bcfb	12-Mar-2019	Bastien Simondi <bsimondi@netflix.com>	core: check allocated size of temporary secure memory When servicing syscall_invoke_ta_command(), the invoked TA could modify the .size field. Make sure the allocated buffer is not overwritten on re core: check allocated size of temporary secure memory When servicing syscall_invoke_ta_command(), the invoked TA could modify the .size field. Make sure the allocated buffer is not overwritten on return. Signed-off-by: Bastien Simondi <bsimondi@netflix.com> [jf: fix multi-line comment, replace '= { 0 };' with '= { };'] [jf: add commit description] Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Joakim Bech <joakim.bech@linaro.org> show more ... /optee_os/core/lib/libtomcrypt/sub.mk tee_svc.c
3ca4a1ca	25-Feb-2019	Jerome Forissier <jerome.forissier@linaro.org>	core: FS: wipe sensitive data after use The secure storage code makes use of various cryptographic data (keys and IVs). Make sure the buffers are wiped after use to minimize the risks that sensitive core: FS: wipe sensitive data after use The secure storage code makes use of various cryptographic data (keys and IVs). Make sure the buffers are wiped after use to minimize the risks that sensitive data may be leaked to an attacker who would have gained some access to the secure memory. Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Reported-by: Bastien Simondi <bsimondi@netflix.com> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Joakim Bech <joakim.bech@linaro.org> show more ... /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/kernel/huk_subkey.c tee_fs_key_manager.c
93488549	30-Jan-2019	Jerome Forissier <jerome.forissier@linaro.org>	core: scrub user-tainted memory returned by alloc_temp_sec_mem() This is a security fix for TA-to-TA calls. In syscall_open_ta_session() and syscall_invoke_ta_command(), caller TA can reference som core: scrub user-tainted memory returned by alloc_temp_sec_mem() This is a security fix for TA-to-TA calls. In syscall_open_ta_session() and syscall_invoke_ta_command(), caller TA can reference some private memory, in which case the kernel makes a temporary copy. Unfortunately, memory allocated through alloc_temp_sec_mem() is not cleared when returned. One could leverage this to copy arbitrary data into this secure memory pool or to snoop former data from a previous call done by another TA (e.g., using TEE_PARAM_TYPE_MEMREF_OUTPUT allows to map the data while not overwriting it, hence accessing to what is already there). This patch introduces mobj_free_wipe() to clear and free an mobj. Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Reported-by: Bastien Simondi <bsimondi@netflix.com> [1.5] Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Joakim Bech <joakim.bech@linaro.org> show more ... /optee_os/core/arch/arm/include/mm/mobj.h tee_svc.c /optee_os/lib/libutils/ext/include/string_ext.h /optee_os/lib/libutils/ext/memzero_explicit.c /optee_os/lib/libutils/ext/sub.mk
70b61310	29-Jan-2019	Jerome Forissier <jerome.forissier@linaro.org>	core: scrub user-tainted kernel heap memory before freeing it Some syscalls can be used to poison kernel heap memory. Data copied from userland is not wiped when the syscall returns. For instance, w core: scrub user-tainted kernel heap memory before freeing it Some syscalls can be used to poison kernel heap memory. Data copied from userland is not wiped when the syscall returns. For instance, when doing syscall_log() one can copy arbitrary data of variable length onto kernel memory. When free() is called, the block is returned to the memory pool, tainted with that userland data. This might be used in combination with some other vulnerability to produce an exploit. This patch uses free_wipe() to clear the buffers that have been used to store user-provided data before returning them to the heap. Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Reported-by: Bastien Simondi <bsimondi@netflix.com> [1.4] Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Joakim Bech <joakim.bech@linaro.org> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... /optee_os/core/arch/arm/kernel/elf_load.c /optee_os/core/arch/arm/kernel/elf_load.h /optee_os/core/arch/arm/kernel/elf_load_private.h /optee_os/core/arch/arm/kernel/user_ta.c /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/mm/core_mmu_lpae.c /optee_os/core/arch/arm/mm/core_mmu_v7.c /optee_os/core/arch/arm/mm/pgt_cache.c /optee_os/core/arch/arm/mm/tee_mmu.c /optee_os/core/arch/arm/mm/tee_pager.c /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/main.c /optee_os/core/kernel/msg_param.c tee_svc.c tee_svc_cryp.c /optee_os/lib/libutils/ext/include/stdlib_ext.h /optee_os/lib/libutils/isoc/bget.c /optee_os/lib/libutils/isoc/bget.h /optee_os/lib/libutils/isoc/bget_malloc.c /optee_os/mk/config.mk /optee_os/ta/arch/arm/link.mk /optee_os/ta/arch/arm/user_ta_header.c
fead5511	07-Feb-2019	Jens Wiklander <jens.wiklander@linaro.org>	core: add get_tag() to struct user_ta_store_ops Adds get_tag() method to struct user_ta_store_ops. Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wi core: add get_tag() to struct user_ta_store_ops Adds get_tag() method to struct user_ta_store_ops. Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/kernel/early_ta.c /optee_os/core/arch/arm/kernel/elf_load.h /optee_os/core/arch/arm/kernel/ree_fs_ta.c /optee_os/core/arch/arm/kernel/secstor_ta.c tadb.c
0b345c6c	07-Feb-2019	Jens Wiklander <jens.wiklander@linaro.org>	core: add tee_tadb_get_tag() Adds the function tee_tadb_get_tag() which returns a tag that uniquely identifies a TA. Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens core: add tee_tadb_get_tag() Adds the function tee_tadb_get_tag() which returns a tag that uniquely identifies a TA. Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/include/mm/mobj.h /optee_os/core/arch/arm/include/mm/pgt_cache.h /optee_os/core/arch/arm/include/mm/tee_pager.h /optee_os/core/arch/arm/kernel/generic_boot.c /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/kernel/user_ta.c /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/mm/core_mmu_lpae.c /optee_os/core/arch/arm/mm/core_mmu_v7.c /optee_os/core/arch/arm/mm/mobj.c /optee_os/core/arch/arm/mm/pgt_cache.c /optee_os/core/arch/arm/mm/tee_mmu.c /optee_os/core/arch/arm/mm/tee_pager.c /optee_os/core/include/mm/file.h /optee_os/core/include/mm/fobj.h /optee_os/core/include/mm/tee_mmu.h /optee_os/core/include/mm/tee_mmu_types.h /optee_os/core/include/tee/tadb.h /optee_os/core/mm/file.c /optee_os/core/mm/fobj.c /optee_os/core/mm/sub.mk tadb.c
7513149e	07-Feb-2019	Jens Wiklander <jens.wiklander@linaro.org>	core: remove flags argument from tee_pager_alloc() Removes the flags argument from tee_pager_alloc() since it's only used with TEE_MATTR_LOCKED. The exception is the bignum pool, but since it still core: remove flags argument from tee_pager_alloc() Removes the flags argument from tee_pager_alloc() since it's only used with TEE_MATTR_LOCKED. The exception is the bignum pool, but since it still releases all locked pages each time the pool becomes unused it's efficient usage of memory. Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/include/mm/mobj.h /optee_os/core/arch/arm/include/mm/tee_pager.h /optee_os/core/arch/arm/kernel/elf_load.c /optee_os/core/arch/arm/kernel/elf_load.h /optee_os/core/arch/arm/kernel/user_ta.c /optee_os/core/arch/arm/mm/mobj.c /optee_os/core/arch/arm/mm/pgt_cache.c /optee_os/core/arch/arm/mm/tee_pager.c /optee_os/core/arch/arm/tee/init.c /optee_os/core/include/mm/fobj.h /optee_os/core/lib/libtomcrypt/mpa_desc.c /optee_os/core/lib/libtomcrypt/mpi_desc.c /optee_os/core/mm/fobj.c /optee_os/core/mm/sub.mk /optee_os/core/sub.mk tee_ree_fs.c /optee_os/lib/libutee/include/user_ta_header.h /optee_os/ta/arch/arm/link.mk /optee_os/ta/arch/arm/ta.ld.S /optee_os/ta/arch/arm/user_ta_header.c
fd10f62b	28-Jan-2019	Ovidiu Mihalachi <ovidiu_mihalachi@mentor.com>	core: keep alive TA context can be created after TA has panicked When a keep alive TA instance panics, it continues to exist and blocks all further use of the TA until the next reboot of the system. core: keep alive TA context can be created after TA has panicked When a keep alive TA instance panics, it continues to exist and blocks all further use of the TA until the next reboot of the system. Moreover, when a new session is trying to be created for the panicked TA (while another session to that TA is still opened), the system hangs. This change releases panicked TA context and clears all references to the released context when the TA panics regardless the TA properties. This allows keep alive TA instances to be created back after they have panicked without needing to reboot OP-TEE core. Sessions on panicked TAs have to be closed by the client by calling the proper API when session client is scheduled back. Signed-off-by: Ovidiu Mihalachi <ovidiu_mihalachi@mentor.com> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/include/mm/core_mmu.h /optee_os/core/arch/arm/include/mm/mobj.h /optee_os/core/arch/arm/include/tee/entry_std.h /optee_os/core/arch/arm/kernel/generic_boot.c /optee_os/core/arch/arm/kernel/otp_stubs.c /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/kernel/user_ta.c /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/mm/mobj.c /optee_os/core/arch/arm/mm/mobj_dyn_shm.c /optee_os/core/arch/arm/mm/sub.mk /optee_os/core/arch/arm/mm/tee_mmu.c /optee_os/core/arch/arm/mm/tee_pager.c /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/main.c /optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c /optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h /optee_os/core/arch/arm/tee/entry_fast.c /optee_os/core/arch/arm/tee/entry_std.c /optee_os/core/arch/arm/tee/init.c /optee_os/core/core.mk /optee_os/core/drivers/stm32_gpio.c /optee_os/core/drivers/stm32_i2c.c /optee_os/core/drivers/stm32_uart.c /optee_os/core/drivers/sub.mk /optee_os/core/include/drivers/stm32_i2c.h /optee_os/core/include/drivers/stm32_uart.h /optee_os/core/include/kernel/msg_param.h /optee_os/core/include/mm/tee_mmu.h /optee_os/core/kernel/sub.mk /optee_os/core/kernel/tee_ta_manager.c tee_svc.c /optee_os/mk/config.mk
9cc10bc9	25-Apr-2019	Jens Wiklander <jens.wiklander@linaro.org>	core: derive RPMB key using huk_subkey_derive() tee_rpmb_key_gen() uses huk_subkey_derive() to derive the RPMB instead of MAC:ing etc directly. Note that this is only backwards compatible if CFG_CO core: derive RPMB key using huk_subkey_derive() tee_rpmb_key_gen() uses huk_subkey_derive() to derive the RPMB instead of MAC:ing etc directly. Note that this is only backwards compatible if CFG_CORE_HUK_SUBKEY_COMPAT=y. Reviewed-by: Joakim Bech <joakim.bech@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... tee_rpmb_fs.c
df91a522	25-Apr-2019	Jens Wiklander <jens.wiklander@linaro.org>	core: derive SSK using huk_subkey_derive() tee_fs_init_key_manager() uses huk_subkey_derive() to derive the SSK instead of MAC:ing etc directly. Note that this is only backwards compatible if CFG_C core: derive SSK using huk_subkey_derive() tee_fs_init_key_manager() uses huk_subkey_derive() to derive the SSK instead of MAC:ing etc directly. Note that this is only backwards compatible if CFG_CORE_HUK_SUBKEY_COMPAT=y. Reviewed-by: Joakim Bech <joakim.bech@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/CHANGELOG.md /optee_os/core/arch/arm/include/kernel/mutex.h /optee_os/core/arch/arm/include/kernel/wait_queue.h /optee_os/core/arch/arm/include/sm/optee_smc.h /optee_os/core/arch/arm/kernel/link_dummies.c /optee_os/core/arch/arm/kernel/mutex.c /optee_os/core/arch/arm/kernel/user_ta.c /optee_os/core/arch/arm/kernel/wait_queue.c /optee_os/core/arch/arm/plat-bcm/conf.mk /optee_os/core/arch/arm/plat-bcm/main.c /optee_os/core/arch/arm/plat-bcm/platform_config.h /optee_os/core/arch/arm/plat-hikey/platform_config.h /optee_os/core/arch/arm/plat-imx/a7_plat_init.S /optee_os/core/arch/arm/plat-imx/a9_plat_init.S /optee_os/core/arch/arm/tee/entry_fast.c /optee_os/core/drivers/bcm_gpio.c /optee_os/core/drivers/pl022_spi.c /optee_os/core/drivers/pl061_gpio.c /optee_os/core/drivers/sub.mk /optee_os/core/include/drivers/bcm_gpio.h /optee_os/core/include/kernel/huk_subkey.h /optee_os/core/kernel/huk_subkey.c /optee_os/core/kernel/sub.mk /optee_os/core/lib/libtomcrypt/mpi_desc.c tee_fs_key_manager.c /optee_os/lib/libmbedtls/mbedtls/library/bignum.c /optee_os/lib/libutee/arch/arm/gprof/gprof_a32.S /optee_os/lib/libutee/arch/arm/gprof/gprof_a64.S /optee_os/lib/libutee/arch/arm/user_ta_entry.c /optee_os/mk/config.mk /optee_os/ta/arch/arm/ta.ld.S /optee_os/typedefs.checkpatch
13e224aa	11-Apr-2019	Christopher Tam <godtamit@google.com>	core: storage: set data length after truncation After truncating a persistent object, update dataSize in the corresponding TEE_ObjectInfo structure. Signed-off-by: Christopher Tam <godtamit@google. core: storage: set data length after truncation After truncating a persistent object, update dataSize in the corresponding TEE_ObjectInfo structure. Signed-off-by: Christopher Tam <godtamit@google.com> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (QEMU, GP) show more ... /optee_os/.shippable.yml /optee_os/MAINTAINERS /optee_os/core/arch/arm/kernel/generic_boot.c /optee_os/core/arch/arm/kernel/kern.ld.S /optee_os/core/arch/arm/kernel/link.mk /optee_os/core/arch/arm/kernel/user_ta.c /optee_os/core/arch/arm/plat-hikey/conf.mk /optee_os/core/arch/arm/plat-imx/drivers/sub.mk /optee_os/core/arch/arm/plat-imx/drivers/tzc380.c /optee_os/core/arch/arm/plat-imx/imx.h /optee_os/core/arch/arm/plat-imx/imx6.c /optee_os/core/arch/arm/plat-imx/sub.mk /optee_os/core/arch/arm/plat-rpi3/conf.mk /optee_os/core/arch/arm/plat-rpi3/platform_config.h /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_clk.c /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_pwr.c /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_pwr.h /optee_os/core/arch/arm/plat-stm32mp1/main.c /optee_os/core/arch/arm/plat-stm32mp1/platform_config.h /optee_os/core/arch/arm/plat-stm32mp1/pm/psci.c /optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c /optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h /optee_os/core/arch/arm/plat-stm32mp1/sub.mk /optee_os/core/arch/arm/plat-vexpress/conf.mk /optee_os/core/arch/arm/plat-zynqmp/platform_config.h /optee_os/core/core.mk /optee_os/core/crypto.mk /optee_os/core/crypto/aes-cts.c /optee_os/core/crypto/aes-gcm-ghash-tbl.c /optee_os/core/crypto/aes-gcm-sw.c /optee_os/core/crypto/aes-gcm.c /optee_os/core/crypto/cbc-mac.c /optee_os/core/crypto/crypto.c /optee_os/core/crypto/sub.mk /optee_os/core/drivers/bcm_hwrng.c /optee_os/core/drivers/bcm_sotp.c /optee_os/core/drivers/stm32_etzpc.c /optee_os/core/drivers/stm32_gpio.c /optee_os/core/drivers/stm32_i2c.c /optee_os/core/drivers/stm32_rng.c /optee_os/core/drivers/stm32_uart.c /optee_os/core/drivers/sub.mk /optee_os/core/drivers/tzc380.c /optee_os/core/include/crypto/crypto.h /optee_os/core/include/crypto/crypto_impl.h /optee_os/core/include/drivers/bcm_hwrng.h /optee_os/core/include/drivers/bcm_sotp.h /optee_os/core/include/drivers/stm32_i2c.h /optee_os/core/include/drivers/stm32_rng.h /optee_os/core/include/drivers/tzc380.h /optee_os/core/lib/libtomcrypt/acipher_helpers.h /optee_os/core/lib/libtomcrypt/aes.c /optee_os/core/lib/libtomcrypt/cbc.c /optee_os/core/lib/libtomcrypt/ccm.c /optee_os/core/lib/libtomcrypt/cmac.c /optee_os/core/lib/libtomcrypt/ctr.c /optee_os/core/lib/libtomcrypt/des2_key.h /optee_os/core/lib/libtomcrypt/dh.c /optee_os/core/lib/libtomcrypt/dsa.c /optee_os/core/lib/libtomcrypt/ecb.c /optee_os/core/lib/libtomcrypt/ecc.c /optee_os/core/lib/libtomcrypt/gcm.c /optee_os/core/lib/libtomcrypt/hash.c /optee_os/core/lib/libtomcrypt/hmac.c /optee_os/core/lib/libtomcrypt/include/tomcrypt_custom.h /optee_os/core/lib/libtomcrypt/include/tomcrypt_init.h /optee_os/core/lib/libtomcrypt/include/tomcrypt_mp.h /optee_os/core/lib/libtomcrypt/mpa_desc.c /optee_os/core/lib/libtomcrypt/mpi_desc.c /optee_os/core/lib/libtomcrypt/rsa.c /optee_os/core/lib/libtomcrypt/src/ciphers/sub.mk /optee_os/core/lib/libtomcrypt/src/encauth/gcm/gcm_mult_h_arm_ce.c /optee_os/core/lib/libtomcrypt/src/encauth/gcm/sub.mk /optee_os/core/lib/libtomcrypt/src/encauth/sub.mk /optee_os/core/lib/libtomcrypt/src/hashes/sha2/sub.mk /optee_os/core/lib/libtomcrypt/src/hashes/sub.mk /optee_os/core/lib/libtomcrypt/src/mac/sub.mk /optee_os/core/lib/libtomcrypt/src/math/fp/sub.mk /optee_os/core/lib/libtomcrypt/src/modes/sub.mk /optee_os/core/lib/libtomcrypt/src/pk/dsa/dsa_import.c /optee_os/core/lib/libtomcrypt/src/pk/sub.mk /optee_os/core/lib/libtomcrypt/src/prngs/sub.mk /optee_os/core/lib/libtomcrypt/src/sub.mk /optee_os/core/lib/libtomcrypt/sub.mk /optee_os/core/lib/libtomcrypt/tomcrypt.c /optee_os/core/lib/libtomcrypt/xts.c tee_svc_storage.c /optee_os/lib/libmbedtls/core/aes.c /optee_os/lib/libmbedtls/core/aes_cbc.c /optee_os/lib/libmbedtls/core/aes_cmac.c /optee_os/lib/libmbedtls/core/aes_ctr.c /optee_os/lib/libmbedtls/core/aes_ecb.c /optee_os/lib/libmbedtls/core/bignum.c /optee_os/lib/libmbedtls/core/des3_cbc.c /optee_os/lib/libmbedtls/core/des3_ecb.c /optee_os/lib/libmbedtls/core/des_cbc.c /optee_os/lib/libmbedtls/core/des_ecb.c /optee_os/lib/libmbedtls/core/dh.c /optee_os/lib/libmbedtls/core/ecc.c /optee_os/lib/libmbedtls/core/hash.c /optee_os/lib/libmbedtls/core/hmac.c /optee_os/lib/libmbedtls/core/mbd_rand.h /optee_os/lib/libmbedtls/core/rsa.c /optee_os/lib/libmbedtls/core/sub.mk /optee_os/lib/libmbedtls/core/tomcrypt.c /optee_os/lib/libmbedtls/include/mbedtls_config_kernel.h /optee_os/lib/libmbedtls/mbedtls/CONTRIBUTING.md /optee_os/lib/libmbedtls/mbedtls/ChangeLog /optee_os/lib/libmbedtls/mbedtls/README.md /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/aes.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/aesni.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/arc4.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/aria.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/asn1.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/asn1write.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/base64.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/bignum.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/blowfish.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/bn_mul.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/camellia.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ccm.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/certs.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/chacha20.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/chachapoly.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/check_config.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cipher.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cipher_internal.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cmac.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/compat-1.3.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ctr_drbg.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/debug.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/des.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/dhm.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecdh.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecdsa.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecjpake.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecp.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecp_internal.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/entropy.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/entropy_poll.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/error.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/gcm.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/havege.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/hkdf.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/hmac_drbg.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md2.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md4.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md5.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md_internal.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/memory_buffer_alloc.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/net.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/net_sockets.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/nist_kw.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/oid.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/padlock.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pem.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pk.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pk_internal.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pkcs11.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pkcs12.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pkcs5.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/platform.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/platform_time.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/platform_util.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/poly1305.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ripemd160.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/rsa.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/rsa_internal.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha1.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha256.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha512.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_cache.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_ciphersuites.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_cookie.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_internal.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_ticket.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/threading.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/timing.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/version.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_crl.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_crt.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_csr.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/xtea.h /optee_os/lib/libmbedtls/mbedtls/library/aes.c /optee_os/lib/libmbedtls/mbedtls/library/aesni.c /optee_os/lib/libmbedtls/mbedtls/library/arc4.c /optee_os/lib/libmbedtls/mbedtls/library/aria.c /optee_os/lib/libmbedtls/mbedtls/library/asn1parse.c /optee_os/lib/libmbedtls/mbedtls/library/asn1write.c /optee_os/lib/libmbedtls/mbedtls/library/bignum.c /optee_os/lib/libmbedtls/mbedtls/library/blowfish.c /optee_os/lib/libmbedtls/mbedtls/library/camellia.c /optee_os/lib/libmbedtls/mbedtls/library/ccm.c /optee_os/lib/libmbedtls/mbedtls/library/certs.c /optee_os/lib/libmbedtls/mbedtls/library/chacha20.c /optee_os/lib/libmbedtls/mbedtls/library/chachapoly.c /optee_os/lib/libmbedtls/mbedtls/library/cipher.c /optee_os/lib/libmbedtls/mbedtls/library/cipher_wrap.c /optee_os/lib/libmbedtls/mbedtls/library/cmac.c /optee_os/lib/libmbedtls/mbedtls/library/ctr_drbg.c /optee_os/lib/libmbedtls/mbedtls/library/debug.c /optee_os/lib/libmbedtls/mbedtls/library/des.c /optee_os/lib/libmbedtls/mbedtls/library/dhm.c /optee_os/lib/libmbedtls/mbedtls/library/ecdh.c /optee_os/lib/libmbedtls/mbedtls/library/ecdsa.c /optee_os/lib/libmbedtls/mbedtls/library/ecjpake.c /optee_os/lib/libmbedtls/mbedtls/library/ecp.c /optee_os/lib/libmbedtls/mbedtls/library/ecp_curves.c /optee_os/lib/libmbedtls/mbedtls/library/entropy.c /optee_os/lib/libmbedtls/mbedtls/library/entropy_poll.c /optee_os/lib/libmbedtls/mbedtls/library/error.c /optee_os/lib/libmbedtls/mbedtls/library/gcm.c /optee_os/lib/libmbedtls/mbedtls/library/havege.c /optee_os/lib/libmbedtls/mbedtls/library/hkdf.c /optee_os/lib/libmbedtls/mbedtls/library/hmac_drbg.c /optee_os/lib/libmbedtls/mbedtls/library/md.c /optee_os/lib/libmbedtls/mbedtls/library/md2.c /optee_os/lib/libmbedtls/mbedtls/library/md4.c /optee_os/lib/libmbedtls/mbedtls/library/md5.c /optee_os/lib/libmbedtls/mbedtls/library/md_wrap.c /optee_os/lib/libmbedtls/mbedtls/library/memory_buffer_alloc.c /optee_os/lib/libmbedtls/mbedtls/library/net_sockets.c /optee_os/lib/libmbedtls/mbedtls/library/nist_kw.c /optee_os/lib/libmbedtls/mbedtls/library/oid.c /optee_os/lib/libmbedtls/mbedtls/library/pem.c /optee_os/lib/libmbedtls/mbedtls/library/pk.c /optee_os/lib/libmbedtls/mbedtls/library/pk_wrap.c /optee_os/lib/libmbedtls/mbedtls/library/pkcs12.c /optee_os/lib/libmbedtls/mbedtls/library/pkcs5.c /optee_os/lib/libmbedtls/mbedtls/library/pkparse.c /optee_os/lib/libmbedtls/mbedtls/library/pkwrite.c /optee_os/lib/libmbedtls/mbedtls/library/platform.c /optee_os/lib/libmbedtls/mbedtls/library/platform_util.c /optee_os/lib/libmbedtls/mbedtls/library/poly1305.c /optee_os/lib/libmbedtls/mbedtls/library/ripemd160.c /optee_os/lib/libmbedtls/mbedtls/library/rsa.c /optee_os/lib/libmbedtls/mbedtls/library/rsa_internal.c /optee_os/lib/libmbedtls/mbedtls/library/sha1.c /optee_os/lib/libmbedtls/mbedtls/library/sha256.c /optee_os/lib/libmbedtls/mbedtls/library/sha512.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_cache.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_ciphersuites.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_cli.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_cookie.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_srv.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_ticket.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls.c /optee_os/lib/libmbedtls/mbedtls/library/threading.c /optee_os/lib/libmbedtls/mbedtls/library/timing.c /optee_os/lib/libmbedtls/mbedtls/library/version.c /optee_os/lib/libmbedtls/mbedtls/library/version_features.c /optee_os/lib/libmbedtls/mbedtls/library/x509.c /optee_os/lib/libmbedtls/mbedtls/library/x509_create.c /optee_os/lib/libmbedtls/mbedtls/library/x509_crl.c /optee_os/lib/libmbedtls/mbedtls/library/x509_crt.c /optee_os/lib/libmbedtls/mbedtls/library/x509_csr.c /optee_os/lib/libmbedtls/mbedtls/library/x509write_crt.c /optee_os/lib/libmbedtls/mbedtls/library/x509write_csr.c /optee_os/lib/libmbedtls/mbedtls/library/xtea.c /optee_os/lib/libmbedtls/sub.mk /optee_os/lib/libutee/base64.c /optee_os/lib/libutee/tee_api_arith_mpi.c /optee_os/lib/libutils/ext/include/types_ext.h /optee_os/lib/libutils/ext/trace.c /optee_os/mk/compile.mk /optee_os/mk/config.mk /optee_os/scripts/symbolize.py /optee_os/typedefs.checkpatch
025f5cd8	07-Mar-2019	Alexandre Jutras <alexandre.jutras@linaro.org>	core: Initialize the chip_id array when generating the SSK In tee_fs_init_key_manager(), Secure Storage Key (SSK) is computed as follow: SSK = HMAC(HUK, message) message := concatenate(chip core: Initialize the chip_id array when generating the SSK In tee_fs_init_key_manager(), Secure Storage Key (SSK) is computed as follow: SSK = HMAC(HUK, message) message := concatenate(chip_id, static string) chip_id is a 32-byte array but some tee_otp_get_die_id() implementation may provide a smaller chip ID. Initialize the chip_id array to make sure the remaining bytes do not contain garbage data. Without this initialization, SSK may be inconsistent across power cycles generating failures when reading back data from the secure storage. Signed-off-by: Alexandre Jutras <alexandre.jutras@linaro.org> Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> show more ... /optee_os/core/arch/arm/kernel/elf_load.c /optee_os/core/arch/arm/kernel/user_ta.c /optee_os/core/drivers/stm32_i2c.c /optee_os/core/drivers/sub.mk /optee_os/core/include/drivers/stm32_i2c.h tee_fs_key_manager.c /optee_os/lib/libutee/include/user_ta_header.h /optee_os/lib/libutils/ext/include/util.h /optee_os/mk/config.mk /optee_os/mk/lib.mk /optee_os/ta/arch/arm/link.mk /optee_os/ta/mk/build-user-ta.mk /optee_os/ta/ta.mk
65fe41db	01-Mar-2019	Etienne Carriere <etienne.carriere@linaro.org>	core: cleanup generic traces Remove useless newline character in few generic debug traces. Remove argument __func__ from a FMSG trace since already output by macro FMSG(). Remove error trace from core: cleanup generic traces Remove useless newline character in few generic debug traces. Remove argument __func__ from a FMSG trace since already output by macro FMSG(). Remove error trace from syscall_storage_obj_read() that, prior this change, output failing error code from storage read() handler. This is useless and not done for other storage handlers return code. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> show more ... /optee_os/core/arch/arm/arm.mk /optee_os/core/arch/arm/kernel/generic_boot.c /optee_os/core/arch/arm/kernel/pseudo_ta.c /optee_os/core/arch/arm/kernel/ree_fs_ta.c /optee_os/core/arch/arm/kernel/tee_time_arm_cntpct.c /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/kernel/unwind_arm32.c /optee_os/core/arch/arm/kernel/user_ta.c /optee_os/core/arch/arm/mm/core_mmu_lpae.c /optee_os/core/arch/arm/pta/gprof.c /optee_os/core/arch/arm/tee/entry_std.c /optee_os/core/drivers/tzc380.c /optee_os/core/drivers/tzc400.c /optee_os/core/include/kernel/tee_ta_manager.h /optee_os/core/kernel/tee_ta_manager.c /optee_os/core/lib/libtomcrypt/src/tee_ltc_provider.c tee_obj.c tee_rpmb_fs.c tee_svc_storage.c /optee_os/lib/libutee/include/pta_invoke_tests.h /optee_os/mk/config.mk
48e10604	14-Feb-2019	Jerome Forissier <jerome.forissier@linaro.org>	libutils: remove buf_compare_ct() Now that we have consttime_memcmp(), buf_compare_ct() is redundant. Every time buf_compare_ct() is used, consttime_memcmp() may be used instead. This commit remove libutils: remove buf_compare_ct() Now that we have consttime_memcmp(), buf_compare_ct() is redundant. Every time buf_compare_ct() is used, consttime_memcmp() may be used instead. This commit removes buf_compare_ct(). A compatibility wrapper is kept in <string_ext.h> to avoid knowingly breaking the build of any TA that may use it. Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/pta/secstor_ta_mgmt.c /optee_os/core/crypto/aes-gcm.c /optee_os/core/lib/libtomcrypt/include/tomcrypt_custom.h /optee_os/core/lib/libtomcrypt/src/tee_ltc_provider.c fs_htree.c tee_rpmb_fs.c /optee_os/lib/libutee/include/tee_api.h /optee_os/lib/libutee/tee_api.c /optee_os/lib/libutee/tee_api_operations.c /optee_os/lib/libutils/ext/consttime_memcmp.c /optee_os/lib/libutils/ext/include/string_ext.h /optee_os/lib/libutils/ext/sub.mk
ea81076f	06-Feb-2019	Jerome Forissier <jerome.forissier@linaro.org>	core: RPMB FS: check for potential overflows This commit deals with a number of potential integer overflows in the RPMB FS code. rpmb_fs_init() requests device information from the REE. The RPMB si core: RPMB FS: check for potential overflows This commit deals with a number of potential integer overflows in the RPMB FS code. rpmb_fs_init() requests device information from the REE. The RPMB size is returned in struct rpmb_dev_info (field rpmb_size_mult) and is used in a multiplication that could overflow. Use MUL_OVERFLOW() to deal with this case. Some overflow checks are also added in the read and write paths. Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Reported-by: Bastien Simondi <bsimondi@netflix.com> [2.12] Reviewed-by: Joakim Bech <joakim.bech@linaro.org> show more ... tee_rpmb_fs.c
06aa9a9b	05-Feb-2019	Jerome Forissier <jerome.forissier@linaro.org>	core: syscall_authenc_init(): check nonce accessibility syscall_authenc_init() does not check that the given nonce address is within TA accessible memory. Fix that. Signed-off-by: Jerome Forissier core: syscall_authenc_init(): check nonce accessibility syscall_authenc_init() does not check that the given nonce address is within TA accessible memory. Fix that. Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Reported-by: Bastien Simondi <bsimondi@netflix.com> [2.10] Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Joakim Bech <joakim.bech@linaro.org> show more ... tee_svc_cryp.c
bd81e5b9	05-Feb-2019	Jerome Forissier <jerome.forissier@linaro.org>	core: crypto: add overflow check when copying attributes In copy_in_attrs(), attr_count * sizeof(struct utee_attribute) could overflow if a very large attr_count is given. Use MUL_OVERFLOW() to prop core: crypto: add overflow check when copying attributes In copy_in_attrs(), attr_count * sizeof(struct utee_attribute) could overflow if a very large attr_count is given. Use MUL_OVERFLOW() to properly deal with this case. Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Reported-by: Bastien Simondi <bsimondi@netflix.com> [2.9] Reviewed-by: Joakim Bech <joakim.bech@linaro.org> show more ... /optee_os/core/arch/arm/kernel/user_ta.c /optee_os/core/arch/arm/mm/mobj.c /optee_os/core/crypto/signed_hdr.c tee_svc_cryp.c
99164a05	04-Feb-2019	Jerome Forissier <jerome.forissier@linaro.org>	core: do not use virtual addresses as session identifier Session context virtual address is returned to the REE in entry_open_session(); it is then used back in entry_close_session() and entry_invok core: do not use virtual addresses as session identifier Session context virtual address is returned to the REE in entry_open_session(); it is then used back in entry_close_session() and entry_invoke_command(). Sharing virtual addresses with the REE leads to virtual memory addresses disclosure that could be leveraged to defeat ASLR (if/when implemented) and/or mount an attack. Similarly, syscall_open_ta_session() returns a session ID directly derived from the session virtual address to the caller TA. This commit introduces a 32-bit identifier field in struct tee_ta_session. The ID is generated when the session is created, starting from the id of the last session in the queue, and counting up until a number that is not used in the session queue is found. Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Reported-by: Bastien Simondi <bsimondi@netflix.com> [2.1] Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Joakim Bech <joakim.bech@linaro.org> show more ... /optee_os/.shippable.yml /optee_os/.travis.yml /optee_os/LICENSE /optee_os/MAINTAINERS /optee_os/README.md /optee_os/core/arch/arm/dts/stm32mp157c.dtsi /optee_os/core/arch/arm/include/arm64.h /optee_os/core/arch/arm/include/kernel/generic_boot.h /optee_os/core/arch/arm/include/kernel/linker.h /optee_os/core/arch/arm/include/kernel/thread.h /optee_os/core/arch/arm/include/mm/core_mmu.h /optee_os/core/arch/arm/kernel/elf_load.c /optee_os/core/arch/arm/kernel/generic_boot.c /optee_os/core/arch/arm/kernel/generic_entry_a32.S /optee_os/core/arch/arm/kernel/generic_entry_a64.S /optee_os/core/arch/arm/kernel/kern.ld.S /optee_os/core/arch/arm/kernel/link_dummy.ld /optee_os/core/arch/arm/kernel/pseudo_ta.c /optee_os/core/arch/arm/kernel/sub.mk /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/kernel/thread_a64.S /optee_os/core/arch/arm/kernel/trace_ext.c /optee_os/core/arch/arm/kernel/user_ta.c /optee_os/core/arch/arm/kernel/virtualization.c /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/mm/core_mmu_lpae.c /optee_os/core/arch/arm/mm/core_mmu_private.h /optee_os/core/arch/arm/mm/core_mmu_v7.c /optee_os/core/arch/arm/mm/tee_mm.c /optee_os/core/arch/arm/mm/tee_mmu.c /optee_os/core/arch/arm/mm/tee_pager.c /optee_os/core/arch/arm/plat-bcm/main.c /optee_os/core/arch/arm/plat-bcm/platform_config.h /optee_os/core/arch/arm/plat-d02/main.c /optee_os/core/arch/arm/plat-hikey/main.c /optee_os/core/arch/arm/plat-hikey/spi_test.c /optee_os/core/arch/arm/plat-hisilicon/conf.mk /optee_os/core/arch/arm/plat-hisilicon/hi3519av100.h /optee_os/core/arch/arm/plat-hisilicon/hi3519av100_plat_init.S /optee_os/core/arch/arm/plat-hisilicon/main.c /optee_os/core/arch/arm/plat-hisilicon/platform_config.h /optee_os/core/arch/arm/plat-hisilicon/psci.c /optee_os/core/arch/arm/plat-hisilicon/sub.mk /optee_os/core/arch/arm/plat-imx/imx-common.c /optee_os/core/arch/arm/plat-imx/imx6.c /optee_os/core/arch/arm/plat-imx/imx6ul.c /optee_os/core/arch/arm/plat-imx/imx7.c /optee_os/core/arch/arm/plat-imx/imx_pl310.c /optee_os/core/arch/arm/plat-imx/main.c /optee_os/core/arch/arm/plat-imx/mmdc.c /optee_os/core/arch/arm/plat-imx/pm/cpuidle-imx7d.c /optee_os/core/arch/arm/plat-imx/pm/gpcv2.c /optee_os/core/arch/arm/plat-imx/pm/pm-imx7.c /optee_os/core/arch/arm/plat-imx/pm/psci.c /optee_os/core/arch/arm/plat-k3/main.c /optee_os/core/arch/arm/plat-ls/conf.mk /optee_os/core/arch/arm/plat-ls/main.c /optee_os/core/arch/arm/plat-marvell/armada3700/hal_sec_perf.c /optee_os/core/arch/arm/plat-marvell/armada7k8k/hal_sec_perf.c /optee_os/core/arch/arm/plat-marvell/main.c /optee_os/core/arch/arm/plat-mediatek/main.c /optee_os/core/arch/arm/plat-poplar/main.c /optee_os/core/arch/arm/plat-poplar/platform_config.h /optee_os/core/arch/arm/plat-rcar/conf.mk /optee_os/core/arch/arm/plat-rcar/main.c /optee_os/core/arch/arm/plat-rcar/platform_config.h /optee_os/core/arch/arm/plat-rockchip/main.c /optee_os/core/arch/arm/plat-rockchip/platform.c /optee_os/core/arch/arm/plat-rockchip/psci_rk322x.c /optee_os/core/arch/arm/plat-rpi3/main.c /optee_os/core/arch/arm/plat-rpi3/platform_config.h /optee_os/core/arch/arm/plat-sam/main.c /optee_os/core/arch/arm/plat-sam/matrix.c /optee_os/core/arch/arm/plat-sam/platform_config.h /optee_os/core/arch/arm/plat-sprd/main.c /optee_os/core/arch/arm/plat-sprd/platform_config.h /optee_os/core/arch/arm/plat-stm/main.c /optee_os/core/arch/arm/plat-stm/rng_support.c /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_clk.c /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_etzpc.h /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_pwr.c /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_pwr.h /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_rcc.c /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_rcc.h /optee_os/core/arch/arm/plat-stm32mp1/drivers/sub.mk /optee_os/core/arch/arm/plat-stm32mp1/main.c /optee_os/core/arch/arm/plat-stm32mp1/platform_config.h /optee_os/core/arch/arm/plat-stm32mp1/pm/psci.c /optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h /optee_os/core/arch/arm/plat-sunxi/main.c /optee_os/core/arch/arm/plat-sunxi/psci.c /optee_os/core/arch/arm/plat-synquacer/main.c /optee_os/core/arch/arm/plat-synquacer/rng_pta.c /optee_os/core/arch/arm/plat-ti/main.c /optee_os/core/arch/arm/plat-ti/platform_config.h /optee_os/core/arch/arm/plat-ti/sm_platform_handler_a9.c /optee_os/core/arch/arm/plat-ti/ti_pl310.c /optee_os/core/arch/arm/plat-vexpress/main.c /optee_os/core/arch/arm/plat-zynq7k/main.c /optee_os/core/arch/arm/plat-zynqmp/main.c /optee_os/core/arch/arm/plat-zynqmp/platform_config.h /optee_os/core/arch/arm/pta/core_self_tests.c /optee_os/core/arch/arm/pta/stats.c /optee_os/core/arch/arm/tee/entry_fast.c /optee_os/core/arch/arm/tee/entry_std.c /optee_os/core/drivers/atmel_uart.c /optee_os/core/drivers/cdns_uart.c /optee_os/core/drivers/dra7_rng.c /optee_os/core/drivers/gic.c /optee_os/core/drivers/hi16xx_rng.c /optee_os/core/drivers/hi16xx_uart.c /optee_os/core/drivers/imx_snvs.c /optee_os/core/drivers/imx_uart.c /optee_os/core/drivers/imx_wdog.c /optee_os/core/drivers/mvebu_uart.c /optee_os/core/drivers/ns16550.c /optee_os/core/drivers/pl011.c /optee_os/core/drivers/pl022_spi.c /optee_os/core/drivers/pl061_gpio.c /optee_os/core/drivers/scif.c /optee_os/core/drivers/serial8250_uart.c /optee_os/core/drivers/sprd_uart.c /optee_os/core/drivers/stih_asc.c /optee_os/core/drivers/stm32_bsec.c /optee_os/core/drivers/stm32_etzpc.c /optee_os/core/drivers/stm32_gpio.c /optee_os/core/drivers/stm32_uart.c /optee_os/core/drivers/sub.mk /optee_os/core/drivers/tzc380.c /optee_os/core/drivers/tzc400.c /optee_os/core/include/drivers/stm32_bsec.h /optee_os/core/include/drivers/stm32_etzpc.h /optee_os/core/include/drivers/stm32_gpio.h /optee_os/core/include/io.h /optee_os/core/include/kernel/tee_ta_manager.h /optee_os/core/include/kernel/virtualization.h /optee_os/core/include/mm/tee_mm.h /optee_os/core/kernel/console.c /optee_os/core/kernel/tee_ta_manager.c /optee_os/core/lib/libtomcrypt/src/mpa_desc.c /optee_os/core/lib/libtomcrypt/src/mpi_desc.c /optee_os/core/lib/libtomcrypt/src/tee_ltc_provider.c tee_svc.c /optee_os/lib/libutee/tee_api_arith_mpa.c /optee_os/lib/libutee/tee_api_arith_mpi.c /optee_os/lib/libutee/tee_api_objects.c /optee_os/lib/libutils/ext/include/compiler.h /optee_os/lib/libutils/ext/include/mempool.h /optee_os/lib/libutils/ext/include/string_ext.h /optee_os/lib/libutils/ext/mempool.c /optee_os/lib/libutils/ext/nex_strdup.c /optee_os/lib/libutils/ext/sub.mk /optee_os/lib/libutils/isoc/bget.c /optee_os/lib/libutils/isoc/bget_malloc.c /optee_os/lib/libutils/isoc/include/malloc.h /optee_os/lib/libutils/isoc/isalnum.c /optee_os/lib/libutils/isoc/iscntrl.c /optee_os/lib/libutils/isoc/isgraph.c /optee_os/lib/libutils/isoc/islower.c /optee_os/lib/libutils/isoc/isprint.c /optee_os/lib/libutils/isoc/ispunct.c /optee_os/lib/libutils/isoc/stack_check.c /optee_os/lib/libutils/isoc/sub.mk /optee_os/lib/libutils/isoc/toupper.c /optee_os/mk/config.mk /optee_os/ta/arch/arm/link.mk
42cf03c3	24-Jan-2019	Oliver Chiang <rockerfeynman@gmail.com>	core: check the value of tee_otp_get_die_id() Just like the get_prop_tee_dev_id() in tee_svc.c, it returns TEE_ERROR_BAD_STATE, when tee_otp_get_die_id() reports someting bad. Put the same check in core: check the value of tee_otp_get_die_id() Just like the get_prop_tee_dev_id() in tee_svc.c, it returns TEE_ERROR_BAD_STATE, when tee_otp_get_die_id() reports someting bad. Put the same check in tee_fs_init_key_manager() as well. Fixes: https://github.com/OP-TEE/optee_os/issues/2762 Signed-off-by: Oliver Chiang <rockerfeynman@gmail.com> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> [jf: use URL in Fixes: tag] Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> show more ... /optee_os/.shippable.yml /optee_os/CHANGELOG.md /optee_os/MAINTAINERS /optee_os/README.md /optee_os/core/arch/arm/kernel/ree_fs_ta.c /optee_os/core/arch/arm/kernel/thread_a32.S /optee_os/core/arch/arm/plat-bcm/conf.mk /optee_os/core/arch/arm/plat-bcm/main.c /optee_os/core/arch/arm/plat-bcm/platform_config.h /optee_os/core/arch/arm/plat-bcm/sub.mk /optee_os/core/arch/arm/plat-stm32mp1/scripts/stm32image.py tee_fs_key_manager.c /optee_os/documentation/external_libraries.rst /optee_os/mk/aosp_optee.mk /optee_os/scripts/bin_to_c.py
41b29406	16-Jan-2019	Oliver Chiang <rockerfeynman@gmail.com>	core: syscall_storage_obj_create(): fix a memory leak Free the o->attr in the error handling part. Fixes: https://github.com/OP-TEE/optee_os/issues/2738 Signed-off-by: Oliver Chiang <rockerfeynman@ core: syscall_storage_obj_create(): fix a memory leak Free the o->attr in the error handling part. Fixes: https://github.com/OP-TEE/optee_os/issues/2738 Signed-off-by: Oliver Chiang <rockerfeynman@gmail.com> [jf: do not set o->attr = 0; move tee_obj_free(o) under if (o) { ... }] [jf: add spaces to subject; use URL in Fixes: tag] Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (QEMU) show more ... /optee_os/core/arch/arm/plat-vexpress/main.c tee_svc_storage.c
84e9c40b	20-Nov-2018	Jens Wiklander <jens.wiklander@linaro.org>	core: svc_cryp: fix truncated buffer length Fixes truncated buffer length in multiple crypto syscalls. The buffer length is truncated on 32-bit systems because a size_t can't hold a uint64_t which i core: svc_cryp: fix truncated buffer length Fixes truncated buffer length in multiple crypto syscalls. The buffer length is truncated on 32-bit systems because a size_t can't hold a uint64_t which is use to carry the buffer length. Fixes: "Truncated buffer length in crypto system calls (x4)" as reported by Riscure. Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> Tested-by: Joakim Bech <joakim.bech@linaro.org> (QEMU v7, v8) Reviewed-by: Joakim Bech <joakim.bech@linaro.org> Reported-by: Riscure <inforequest@riscure.com> Reported-by: Alyssa Milburn <a.a.milburn@vu.nl> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... tee_svc_cryp.c
d5c5b0b7	20-Nov-2018	Jens Wiklander <jens.wiklander@linaro.org>	core: svc: always check ta parameters Always check TA parameters from a user TA. This prevents a user TA from passing invalid pointers to a pseudo TA. Fixes: OP-TEE-2018-0007: "Buffer checks missin core: svc: always check ta parameters Always check TA parameters from a user TA. This prevents a user TA from passing invalid pointers to a pseudo TA. Fixes: OP-TEE-2018-0007: "Buffer checks missing when calling pseudo TAs". Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> Tested-by: Joakim Bech <joakim.bech@linaro.org> (QEMU v7, v8) Reviewed-by: Joakim Bech <joakim.bech@linaro.org> Reported-by: Riscure <inforequest@riscure.com> Reported-by: Alyssa Milburn <a.a.milburn@vu.nl> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... /optee_os/core/arch/arm/mm/tee_mmu.c /optee_os/core/arch/arm/tee/entry_std.c /optee_os/core/include/optee_msg.h tee_svc.c
359324a2	12-Oct-2018	Jens Wiklander <jens.wiklander@linaro.org>	svc: Initialize tmp_va_buf to prevent a TOCTOU attack tmp_va_buf will be used if caller parameters points to private TA memory. However, after doing the syscall to invoke the command it could be tha svc: Initialize tmp_va_buf to prevent a TOCTOU attack tmp_va_buf will be used if caller parameters points to private TA memory. However, after doing the syscall to invoke the command it could be that REE has changed caller parameters to point to regular shared memory and that could potentially open for tmp_va_buf leaking old information on the stack. Mitigate this by simplify tee_svc_update_out_param() by only taking tmp_buf_va[n] into account to tell if a temporary buffer is used or not. Note that tee_svc_copy_to_user() will make sure that only data writeable by the user TA can be updated. Fixes: "Double fetch can be used to copy from uninitialized pointer" as reported by Riscure. Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> Tested-by: Joakim Bech <joakim.bech@linaro.org> (QEMU v7, v8) Reviewed-by: Joakim Bech <joakim.bech@linaro.org> Reported-by: Riscure <inforequest@riscure.com> Reported-by: Alyssa Milburn <a.a.milburn@vu.nl> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... /optee_os/core/arch/arm/tee/entry_std.c tee_svc.c
99e8a8cc	27-Sep-2018	Joakim Bech <joakim.bech@linaro.org>	svc: fix NULL pointer dereference during storage enumeration In syscall_storage_next_enum(..) when 'tee_obj o' isn't successfully initialized, then 'o->pobj->fops' is a NULL pointer and therefore we svc: fix NULL pointer dereference during storage enumeration In syscall_storage_next_enum(..) when 'tee_obj o' isn't successfully initialized, then 'o->pobj->fops' is a NULL pointer and therefore we need to check for that before trying to dereference it in the clean-up part of the function. Fixes: "Null pointer dereference in storage system call" as reported by Riscure. Signed-off-by: Joakim Bech <joakim.bech@linaro.org> Tested-by: Joakim Bech <joakim.bech@linaro.org> (QEMU v7, v8) Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reported-by: Riscure <inforequest@riscure.com> Reported-by: Alyssa Milburn <a.a.milburn@vu.nl> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> show more ... tee_svc_storage.c
1 2 3 4 5 6 7 8 910>>...24