plat: rcar: force disable core ALSR

We need to disable core ASLR for two reasons:
1. There is no source for ALSR seed, as Rcar platform
does not provide DTB to OP-TEE
2. OP-TEE crashes during boo

plat: rcar: force disable core ALSR

We need to disable core ASLR for two reasons:
1. There is no source for ALSR seed, as Rcar platform
does not provide DTB to OP-TEE
2. OP-TEE crashes during boot with enabled CFG_CORE_ASLR

Mainly we are disabling ASLR for the second reason. Further
investigation is needed to see why enabled ASLR causes data
abort in MMIO functions.

Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat: rcar: generate .srec file using gen_tee_bin

After recent changes, we are not able to use raw binary generated
from the elf file. Instead we need to use gen_tee_bin script to
generate the heade

plat: rcar: generate .srec file using gen_tee_bin

After recent changes, we are not able to use raw binary generated
from the elf file. Instead we need to use gen_tee_bin script to
generate the header-less binary with the correct layout.

This change also generates tee-raw.bin as byproduct. This file is
usable also, because it allows to flash OP-TEE using JTAG.

Fixes: 5dd1570ac5b ("core: add embedded data region")
Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto: add support for SM2 KEP

Adds SM2 Key Exchange Protocol [1] using LibTomCrypt. The TA interface
complies with the GlobalPlatform TEE Internal Core API version 1.2.

SM2 KEP is enabled w

core: crypto: add support for SM2 KEP

Adds SM2 Key Exchange Protocol [1] using LibTomCrypt. The TA interface
complies with the GlobalPlatform TEE Internal Core API version 1.2.

SM2 KEP is enabled with CFG_CRYPTO_SM2_KEP=y (default y) wich currently
requires that CFG_CRYPTOLIB_NAME=tomcrypt. An Mbed TLS implementation
could be added later if needed.

[1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724110812

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: add support for SM2 KEP

Adds support for the SM3 Key Exchange Protocol [1] for use by
OP-TEE core based on LibTomCrypt.

[1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724110812

core: ltc: add support for SM2 KEP

Adds support for the SM3 Key Exchange Protocol [1] for use by
OP-TEE core based on LibTomCrypt.

[1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724110812

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: SM2 PKE: export sm2_kdf()

The Key Derivation Function used by the SM2 Public Key Encryption
algorithm is also used by the Key Exchange Protocol. Move it to its
file in order to be able to

core: ltc: SM2 PKE: export sm2_kdf()

The Key Derivation Function used by the SM2 Public Key Encryption
algorithm is also used by the Key Exchange Protocol. Move it to its
file in order to be able to re-use it.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: SM2 DSA: fix configuration variable name

The name of the config variable indicating support for SM2 DSA is
_CFG_CORE_LTC_SM2_DSA, not _CFG_CORE_LTC_SM2_DSA_SM3.

Fixes: 76c7ba4b9ff7 ("cor

core: ltc: SM2 DSA: fix configuration variable name

The name of the config variable indicating support for SM2 DSA is
_CFG_CORE_LTC_SM2_DSA, not _CFG_CORE_LTC_SM2_DSA_SM3.

Fixes: 76c7ba4b9ff7 ("core: ltc: add support for SM2 DSA")
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: ecc_populate_ltc_private_key(): copy public part

A private key alone is not always useful; the public part of the
key is often needed. Adjust ecc_populate_ltc_private_key() accordingly.

core: ltc: ecc_populate_ltc_private_key(): copy public part

A private key alone is not always useful; the public part of the
key is often needed. Adjust ecc_populate_ltc_private_key() accordingly.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: SM2 DSA: fix bignum conversions

All integers used in the SM2 algorithms are encoded as 32 byte buffers
in big endian format. The current code does not properly pad the buffer
with zeros w

core: ltc: SM2 DSA: fix bignum conversions

All integers used in the SM2 algorithms are encoded as 32 byte buffers
in big endian format. The current code does not properly pad the buffer
with zeros when a value does not need the whole 32 bytes. Fix that.

Fixes: 76c7ba4b9ff7 ("core: ltc: add support for SM2 DSA")
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: SM2 PKE: fix bignum conversions

All integers used in the SM2 algorithms are encoded as 32 byte buffers
in big endian format. The current code does not properly pad the buffer
with zeros w

core: ltc: SM2 PKE: fix bignum conversions

All integers used in the SM2 algorithms are encoded as 32 byte buffers
in big endian format. The current code does not properly pad the buffer
with zeros when a value does not need the whole 32 bytes and has a few
other related issues. Fix that.

Fixes: f9a78287dd12 ("core: ltc: add support for SM2 PKE")
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: acipher_helpers.h: add macro mp_to_unsigned_bin2()

Writing a bignum to a fixed size integer buffer in big endian order is
slightly cumbersome, because one has to take into account the act

core: ltc: acipher_helpers.h: add macro mp_to_unsigned_bin2()

Writing a bignum to a fixed size integer buffer in big endian order is
slightly cumbersome, because one has to take into account the actual
size of the bignum in order to have the zero padding on the left.
Let's say I am working with 256-bit numbers:

unsigned char buf[32] = { };
void *n = compute_some_bignum(...);

mp_to_unsigned_bin(n, buf + sizeof(buf) - mp_unsigned_bin_size(n));

This commit introduces mp_to_unsigned_bin2() which can be used like so:

unsigned char buf[32] = { };
void *n = compute_some_bignum(...);

mp_to_unsigned_bin2(n, buf, sizeof(buf));

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: generic_entry_a{32,64}.S: use correct cached_mem_end

Stores the correct register at cached_mem_end at boot. This avoids usage
of stale dcache content.

Fixes: 5dd1570ac5b0 ("core: add embedded

core: generic_entry_a{32,64}.S: use correct cached_mem_end

Stores the correct register at cached_mem_end at boot. This avoids usage
of stale dcache content.

Fixes: 5dd1570ac5b0 ("core: add embedded data region")
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: generic_entry_a64.S: use CIVAC over IVAC to clean cache data

After moving some initial sections around in memory we clean out the new
data and invalidate the cache so it can be seen by other c

core: generic_entry_a64.S: use CIVAC over IVAC to clean cache data

After moving some initial sections around in memory we clean out the new
data and invalidate the cache so it can be seen by other cores when they
enable caches. The instruction used was invalidate; on most systems this
will behave the same as clean/invalidate, but on some with L3 caches this
can cause the just written data to be invalidated. Use the
clean+invalidate to prevent this on such systems.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm64: introduce CFG_CORE_ARM64_PA_BITS

Introduces CFG_CORE_ARM64_PA_BITS which replaces the max_pa global
variable which was used to configure TCR_EL1.IPS.

Prior to 520860f ("core: generic_e

core: arm64: introduce CFG_CORE_ARM64_PA_BITS

Introduces CFG_CORE_ARM64_PA_BITS which replaces the max_pa global
variable which was used to configure TCR_EL1.IPS.

Prior to 520860f ("core: generic_entry: add enable_mmu()") TCR_EL1.IPS
was calculated and even updated later in the boot flow to automatically
cover the needed physical address space. But now it's calculated before
MMU is enabled and once MMU it's kept in read only memory.

With CFG_CORE_ARM64_PA_BITS TCR_EL1.IPS can be determined early and
later it is enough to check that physical addresses to be mapped are
covered by CFG_CORE_ARM64_PA_BITS.

Fixes: 520860f658be ("core: generic_entry: add enable_mmu()")
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: make SMALL_PAGE_MASK and friends of type paddr_t

Makes SMALL_PAGE_MASK, CORE_MMU_PGDIR_MASK, CORE_MMU_USER_CODE_MASK and
CORE_MMU_USER_PARAM_MASK of type paddr_t to allow correct masking of
si

core: make SMALL_PAGE_MASK and friends of type paddr_t

Makes SMALL_PAGE_MASK, CORE_MMU_PGDIR_MASK, CORE_MMU_USER_CODE_MASK and
CORE_MMU_USER_PARAM_MASK of type paddr_t to allow correct masking of
significant bits.

Example:
extern paddr_t addr;
paddr_t page_addr = addr & ~SMALL_PAGE_MASK

If paddr_t is a 64-bit type SMALL_PAGE_MASK must also be 64-bit wide or
the ~ operation will not set all the higher bits.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: support shared irq

With some platforms would have multiplexed interrupts
and software implement difference interrupt handler.
Currently the interrupt mechanism only handle the first
matched ha

core: support shared irq

With some platforms would have multiplexed interrupts
and software implement difference interrupt handler.
Currently the interrupt mechanism only handle the first
matched handler, and can not support shared irq.

New change to keep find another matched handler if the
previous handler return none.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: davidwang <davidwang@realtek.com>

show more ...

core: ltc: SM2 DSA: fix bignum memory leaks

crypto_acipher_sm2_dsa_sign() and crypto_acipher_sm2_dsa_verify() leak
some bignum memory due to missing calls to ecc_free().
This is all the more problem

core: ltc: SM2 DSA: fix bignum memory leaks

crypto_acipher_sm2_dsa_sign() and crypto_acipher_sm2_dsa_verify() leak
some bignum memory due to missing calls to ecc_free().
This is all the more problematic that bignum allocations use a special
memory pool [1] that can easily cause deadlocks when misused.

This commit adds the missing calls.

[1] Commit a2eb5b55d169 ("libutils: add mempool API")

Fixes: 76c7ba4b9ff7 ("core: ltc: add support for SM2 DSA")
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: SM2 PKE: fix bignum memory leaks

crypto_acipher_sm2_pke_encrypt() and crypto_acipher_sm2_pke_decrypt()
leak some bignum memory due to missing calls to ecc_free() and also due
to the fact

core: ltc: SM2 PKE: fix bignum memory leaks

crypto_acipher_sm2_pke_encrypt() and crypto_acipher_sm2_pke_decrypt()
leak some bignum memory due to missing calls to ecc_free() and also due
to the fact that the x and y fields of an ecc_point are overwritten.
This is all the more problematic that bignum allocations use a special
memory pool [1] that can easily cause deadlocks when misused.

This commit fixes these problems.

[1] Commit a2eb5b55d169 ("libutils: add mempool API")

Fixes: f9a78287dd12 ("core: ltc: add support for SM2 PKE")
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: SM2 PKE: add missing return status check

The status of function ltc_ecc_is_point_at_infinity() is not checked in
crypto_acipher_sm2_pke_encrypt(). Fix that.

Fixes: f9a78287dd12 ("core: l

core: ltc: SM2 PKE: add missing return status check

The status of function ltc_ecc_is_point_at_infinity() is not checked in
crypto_acipher_sm2_pke_encrypt(). Fix that.

Fixes: f9a78287dd12 ("core: ltc: add support for SM2 PKE")
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto add support for SM2 DSA

Adds SM2 Digital Signature Algorithm [1] using LibTomCrypt. The TA
interface complies with the GlobalPlatform TEE Internal Core API
version 1.2.

SM2 DSA is enab

core: crypto add support for SM2 DSA

Adds SM2 Digital Signature Algorithm [1] using LibTomCrypt. The TA
interface complies with the GlobalPlatform TEE Internal Core API
version 1.2.

SM2 DSA is enabled with CFG_CRYPTO_SM2_DSA=y (default y) which currently
requires that CFG_CRYPTOLIB_NAME=tomcrypt. An Mbed TLS implementation
could be added later if needed.

[1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724110812

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: add support for SM2 DSA

Adds support for the SM2 Digital Signature Algorithm [1] for use by
OP-TEE core based on LibTomCrypt.

[1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724

core: ltc: add support for SM2 DSA

Adds support for the SM2 Digital Signature Algorithm [1] for use by
OP-TEE core based on LibTomCrypt.

[1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724110812

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto: add support for SM2 PKE

Adds SM2 Public Key Encryption [1] using LibTomCrypt. The TA interface
complies with the GlobalPlatform TEE Internal Core API version 1.2.

SM2 is enabled with

core: crypto: add support for SM2 PKE

Adds SM2 Public Key Encryption [1] using LibTomCrypt. The TA interface
complies with the GlobalPlatform TEE Internal Core API version 1.2.

SM2 is enabled with CFG_CRYPTO_SM2_PKE=y (default y) which currently
requires that CFG_CRYPTOLIB_NAME=tomcrypt. An Mbed TLS implementation
could be added later if needed.

[1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724110812

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: add support for SM2 PKE

SM2 is a set of public key cryptographic algorithms based on elliptic
curves published by the Chinese Commercial Cryptography Administration
Office [1]. The standa

core: ltc: add support for SM2 PKE

SM2 is a set of public key cryptographic algorithms based on elliptic
curves published by the Chinese Commercial Cryptography Administration
Office [1]. The standard has three main parts which define:

- A Digital Signature Algorithm (part 2)
- A Key Exchange Protocol (part 3)
- A Public Key Encryption method (part 4)

This commit implements the PKE LibTomcrypt for use by the OP-TEE core.
It uses the LibTomCrypt ECC and arithmetic helper functions as well as
the OP-TEE hash interface for the SM3 algorithm.

As far as the ECC point encoding goes, only the uncompressed form is
supported, as permitted by the standard. In practice, it means that the
cipher text always starts with the byte value 0x04. Other forms cannot
be decrypted by this implementation.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: export ECC key helper functions

The static functions ecc_populate_ltc_private_key() and
ecc_populate_ltc_public_key() will be useful for other ECC algorithms
than the ones currently handl

core: ltc: export ECC key helper functions

The static functions ecc_populate_ltc_private_key() and
ecc_populate_ltc_public_key() will be useful for other ECC algorithms
than the ones currently handled by core/lib/libtomcrypt/ecc.c, namely:
the SM2 family of algorithms. Therefore, export these functions in
"acipher_helpers.h".

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: add implementations for .addmod and .submod

Adds the addmod() and submod() functions which are missing from the
ltc_mp descriptor. It is a bug, because crypto functions never check the
fu

core: ltc: add implementations for .addmod and .submod

Adds the addmod() and submod() functions which are missing from the
ltc_mp descriptor. It is a bug, because crypto functions never check the
functions pointers before using them.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: add SM2 curve parameters

Adds the recommended curve parameters for SM2 [1] [2].

[1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724110812
[2] https://tools.ietf.org/id/draft-ribo

core: ltc: add SM2 curve parameters

Adds the recommended curve parameters for SM2 [1] [2].

[1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724110812
[2] https://tools.ietf.org/id/draft-ribose-openpgp-oscca-00.html

Signed-off-by: Jerome Forissier <jerome@forissier.org>

show more ...