plat-k3: add config for building extended OTP PTA

Add the config to build it for K3 platforms. It is still an optional
support and can be disabled if necessary.

Signed-off-by: Manorit Chawdhry <m-c

plat-k3: add config for building extended OTP PTA

Add the config to build it for K3 platforms. It is still an optional
support and can be disabled if necessary.

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: pta: Add K3 specific PTA for writing into extended OTP

Writing into the extended OTP has been a vendor specific thing and no
generic drivers exists for it in the OP-TEE framework.

Add a PTA t

core: pta: Add K3 specific PTA for writing into extended OTP

Writing into the extended OTP has been a vendor specific thing and no
generic drivers exists for it in the OP-TEE framework.

Add a PTA to write into the custom extended OTP bits in K3 architecture.

This header should be exported out of optee-os to be used by the host
binary for interacting with the PTA.

Includes OTP keywriting PTA header file in libutee

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-k3: drivers: add TISCI calls for extended OTP

Extended OTP are a set of bits in our efuses that can be programmed for
user specific cases which deal with authentication/encryption.

This patch

plat-k3: drivers: add TISCI calls for extended OTP

Extended OTP are a set of bits in our efuses that can be programmed for
user specific cases which deal with authentication/encryption.

This patch adds support for calling extended OTP APIs using TISCI.

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

virt: rename CFG_VIRTUALIZATION to CFG_NS_VIRTUALIZATION

With the advent of virtualization support at S-EL2 in the Armv8.4-A
architecture, CFG_VIRTUALIZATION has become ambiguous. Let's rename
it to

virt: rename CFG_VIRTUALIZATION to CFG_NS_VIRTUALIZATION

With the advent of virtualization support at S-EL2 in the Armv8.4-A
architecture, CFG_VIRTUALIZATION has become ambiguous. Let's rename
it to CFG_NS_VIRTUALIZATION to indicate more clearly that it is about
supporting virtualization on the non-secure side.

This commit is the result of the following command:

$ for f in $(git grep -l -w CFG_VIRTUALIZATION); do \
sed -i -e 's/CFG_VIRTUALIZATION/CFG_NS_VIRTUALIZATION/g' $f; \
done

...plus the compatibility line in mk/config.mk:

CFG_NS_VIRTUALIZATION ?= $(CFG_VIRTUALIZATION)

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>

show more ...

core: arm: fix external DT when async notif interrupt is a GIC PPI

Fixes values loaded in interrupt properties of the optee node created
in external DT for cases where the interrupt used is a PPI.

core: arm: fix external DT when async notif interrupt is a GIC PPI

Fixes values loaded in interrupt properties of the optee node created
in external DT for cases where the interrupt used is a PPI.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: gic: rename macros GIC_SGI, GIC_PPI and GIC_SPI

Renames OP-TEE core macros GIC_SGI(), GIC_PPI() and GIC_SPI() to
GIC_xxx_TO_ITNUM() to prevent collision with macros GIC_SPI and CFG_PPI
defined

core: gic: rename macros GIC_SGI, GIC_PPI and GIC_SPI

Renames OP-TEE core macros GIC_SGI(), GIC_PPI() and GIC_SPI() to
GIC_xxx_TO_ITNUM() to prevent collision with macros GIC_SPI and CFG_PPI
defined in GIC DT bindings.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: spmc: Add support for raw binary format SPs

The current SP loading mechanism is using a similar ELF format as
GP TAs. The new SP format is a flat binary which doesn't require the
presence of a

core: spmc: Add support for raw binary format SPs

The current SP loading mechanism is using a similar ELF format as
GP TAs. The new SP format is a flat binary which doesn't require the
presence of an ELF loader and it doesn't have any SPMC specific ties.
These properties make the format the one that can be used across
different SPMC implementations. Combined with the load address relative
memory regions the sections of the binary can be mapped in a similar
way as with ELF files.
The elf-format field of the SP manifest selects the ELF based or the
binary format loading mechanism.

Signed-off-by: Imre Kis <imre.kis@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: spmc: Add support for load address relative memory regions

Add support for memory regions where the required VA is set as an
offset from the SP's load address. The mapping of memory regions is

core: spmc: Add support for load address relative memory regions

Add support for memory regions where the required VA is set as an
offset from the SP's load address. The mapping of memory regions is
done in two phases. First the load address relative memory regions
are being mapped to the given VA and then ones where the VA is
selected by the system. This way conflicts between the memory regions
in the VA space can be prevented.
The NOBITS load-flags value is similar to the NOBITS ELF sections. If
this bit is set then the SPMC allocates new area otherwise it will set
the access rights of already mapped areas.

Signed-off-by: Imre Kis <imre.kis@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ldelf: Provide access to TS load address

Propagate ELF load address from ldelf to user mode context as a
preparation for load address relative memory regions.

Signed-off-by: Imre Kis <imre.kis@arm.

ldelf: Provide access to TS load address

Propagate ELF load address from ldelf to user mode context as a
preparation for load address relative memory regions.

Signed-off-by: Imre Kis <imre.kis@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: spmc: Differentiate return values of SP manifest helpers

Distinguish between non-existing properties and invalid property
lengths in manifest helper functions to allow having optional
properti

core: spmc: Differentiate return values of SP manifest helpers

Distinguish between non-existing properties and invalid property
lengths in manifest helper functions to allow having optional
properties.

Signed-off-by: Imre Kis <imre.kis@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

versal: enable the crypto driver

The crypto driver API provides an extra indirection level to enable
different ciphers.

Since Versal ACAP supports acipher and authenc, enable them.

Falling-back to

versal: enable the crypto driver

The crypto driver API provides an extra indirection level to enable
different ciphers.

Since Versal ACAP supports acipher and authenc, enable them.

Falling-back to software operations (RSA sign/verify) triggers a
fault detection; we will disable this config while a solution is
found.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

versal: increase CFG_CORE_HEAP_SIZE

Empirically incrementing limit to avoid OOM when executing xtests.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.for

versal: increase CFG_CORE_HEAP_SIZE

Empirically incrementing limit to avoid OOM when executing xtests.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

crypto: versal: rsa: only support sign/verify operations

RSA encryption/decryption is not supported (the PLM does not
return the size of the encrypted/decrypted buffers).

Signed-off-by: Jorge Ramir

crypto: versal: rsa: only support sign/verify operations

RSA encryption/decryption is not supported (the PLM does not
return the size of the encrypted/decrypted buffers).

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

crypto: versal: ecc: sign/verify fix

Both the message (hash) and the generated signatures must be swapped.

The following custom tests were executed for P384 (prime384v1) and
P521 (nistp521) curves.

crypto: versal: ecc: sign/verify fix

Both the message (hash) and the generated signatures must be swapped.

The following custom tests were executed for P384 (prime384v1) and
P521 (nistp521) curves.

Signing and verifying using pkcs#11 alone (ie like done in xtest) was
not sufficient to capture this bug.

PTOOL='pkcs11-tool --module /usr/lib/libckteec.so.0.1.0'
SO_PIN=55555555
PIN=44444444
FILE=hello

printf "OP-TEE: create key pair"
$PTOOL --id 01 --label ldts --token-label fio --pin $PIN \
--keypairgen \
--key-type EC:prime384v1

printf "OP-TEE: read the public key"
$PTOOL -l --pin $PIN --id 01 \
--read-object --type pubkey --output-file pubkey.spki

printf "Openssl: export key to PEM"
openssl ec -inform DER -outform PEM -in pubkey.spki -pubin > pubkey.pub

printf "Create file to sign"
echo "hello world" > $FILE

printf "OpenSSL: create the file sha384"
openssl dgst -binary -sha384 $FILE > $FILE.hash

printf "OP-TEE: generate signature "
$PTOOL --pin $PIN --id 01 --label ldts --token-label fio \
--sign
--input-file $FILE.hash
--output-file $FILE.sig
--mechanism ECDSA
-f openssl

printf "OpenSSL: verify signature"
openssl dgst -sha384 -verify pubkey.pub -signature "$FILE".sig "$FILE"

printf "OP-TEE: verify signature"
$PTOOL --pin $PIN --id 01 --label ldts --token-label fio \
--verify \
--input-file $FILE.hash \
--signature-format openssl \
--signature-file $FILE.sig \
--mechanism ECDSA

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core, ldelf: add support for RISC-V

RISC-V support of argument for ldelf dump state.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@lin

core, ldelf: add support for RISC-V

RISC-V support of argument for ldelf dump state.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core, ldelf: replace is_arm32 with is_32bit

To refer to 32-bit mode, this commit replace is_arm32 with is_32bit
in the following files:
- core/kernel/ldelf_loader.c
- ldelf/include/ldelf.h
- ldelf/m

core, ldelf: replace is_arm32 with is_32bit

To refer to 32-bit mode, this commit replace is_arm32 with is_32bit
in the following files:
- core/kernel/ldelf_loader.c
- ldelf/include/ldelf.h
- ldelf/main.c

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: kernel: move ldelf_loader.c to core/kernel

Make other architecture implementations benefit from ldelf_loader.c,
therefore move it from core/arch/arm/kernel to core/kernel.
The header file is a

core: kernel: move ldelf_loader.c to core/kernel

Make other architecture implementations benefit from ldelf_loader.c,
therefore move it from core/arch/arm/kernel to core/kernel.
The header file is already located outside the arch folder.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

GP131: Add TA property gpd.ta.doesNotCloseHandleOnCorruptObject

Adds the TA property gpd.ta.doesNotCloseHandleOnCorruptObject.

All syscalls operating on an object handle and can return
TEE_ERROR_CO

GP131: Add TA property gpd.ta.doesNotCloseHandleOnCorruptObject

Adds the TA property gpd.ta.doesNotCloseHandleOnCorruptObject.

All syscalls operating on an object handle and can return
TEE_ERROR_CORRUPT_OBJECT must also do special treatment when
TEE_ERROR_CORRUPT_OBJECT is returned. Prior to
gpd.ta.doesNotCloseHandleOnCorruptObject this meant removing the object
and closing the object handle. With the
gpd.ta.doesNotCloseHandleOnCorruptObject property the object handle
shouldn't be close if this the current TA has the property set to true.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: syscall_hash_final() support XOF

Adds support in syscall_hash_final() for Extendable Output Functions,
that is, TEE_ALG_SHAKE128 and TEE_ALG_SHAKE256 for now.

Acked-by: Etienne Carriere <etie

core: syscall_hash_final() support XOF

Adds support in syscall_hash_final() for Extendable Output Functions,
that is, TEE_ALG_SHAKE128 and TEE_ALG_SHAKE256 for now.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Enable SHA-3 support by default

Enables all the supported SHA-3 algorithms by default.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.

Enable SHA-3 support by default

Enables all the supported SHA-3 algorithms by default.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: LTC: conditionally enable SHA-3 implementation

Enables SHA-3 implementation in libtomcrypt and add OP-TEE wrappers.

Adds LTC fallback for mbedtls configurations since mbedtls doesn't
support

core: LTC: conditionally enable SHA-3 implementation

Enables SHA-3 implementation in libtomcrypt and add OP-TEE wrappers.

Adds LTC fallback for mbedtls configurations since mbedtls doesn't
support SHA-3 yet.

Implementation of the crypto_hmac_*_alloc_ctx() functions is updated to
only add a full implementation if the corresponding hash function also
is configured.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto: add API for SHA-3

Adds an API for the SHA-3 [1] algorithms SHA3-224, SHA3_256, SHA3_384,
SHA3_512, SHAKE128, and SHAKE256. SHAKE128 and SHAKE256 are
Extendable-Output Functions (XOF),

core: crypto: add API for SHA-3

Adds an API for the SHA-3 [1] algorithms SHA3-224, SHA3_256, SHA3_384,
SHA3_512, SHAKE128, and SHAKE256. SHAKE128 and SHAKE256 are
Extendable-Output Functions (XOF), but handled as hashes in the API.

Adds API for SHA-3 based HMAC functions.

For XOF algorithms crypto_hash_final() can be called multiple times and
generate an arbitrary amount of data. Note that this data will have a
common prefix if done over the same input (see A.2 in [1]).

[1] https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

GP131: Update gpd.tee.trustedStorage.antiRollback.protectionLevel

Updates used values for
gpd.tee.trustedStorage.antiRollback.protectionLevel according to TEE
Internal Core API version 1.3.1.

Note

GP131: Update gpd.tee.trustedStorage.antiRollback.protectionLevel

Updates used values for
gpd.tee.trustedStorage.antiRollback.protectionLevel according to TEE
Internal Core API version 1.3.1.

Note that protection level 0 is not valid any longer, so report level
100 when RPMB isn't in use. Only root can tamper with the REE FS storage
due to the REE file system permissions.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

GP131: add TA property gpd.client.endian

Adds the new property "gpd.client.endian" to report the endianness used
by a client.

At the moment there is no way for a client to report its endianness to

GP131: add TA property gpd.client.endian

Adds the new property "gpd.client.endian" to report the endianness used
by a client.

At the moment there is no way for a client to report its endianness to
OP-TEE so assume that all are little-endian.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

GP131: Update TEE_AsymmetricEncrypt() and TEE_AsymmetricDecrypt()

Updates TEE_AsymmetricEncrypt() and TEE_AsymmetricDecrypt() according to
TEE Internal Core API version 1.3.1. The srcLen and dstLen

GP131: Update TEE_AsymmetricEncrypt() and TEE_AsymmetricDecrypt()

Updates TEE_AsymmetricEncrypt() and TEE_AsymmetricDecrypt() according to
TEE Internal Core API version 1.3.1. The srcLen and dstLen parameters
are changed to use size_t instead of uint32_t

Adds the optional attribute TEE_ATTR_RSA_OAEP_MGF_HASH which if provided
specifies the MGF1 hash function to use. Prior to GP v1.3.1 it was
implementation defined. OP-TEE only supports using the same MGF1 hash
function as the internal hash function of the algorithim, that is, for
the algorithm TEE_ALG_RSAES_PKCS1_OAEP_MGF1_x that hash function
TEE_ALG_x is used.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...