core: crypto.c: don't use _CFG_CRYPTO_WITH_ACIPHER

Uses CFG_CRYPTO_RSA, CFG_CRYPTO_DSA, CFG_CRYPTO_DH and CFG_CRYPTO_ECC to
tell if bignum functions needs to be stubbed instead of relying on
_CFG_CR

core: crypto.c: don't use _CFG_CRYPTO_WITH_ACIPHER

Uses CFG_CRYPTO_RSA, CFG_CRYPTO_DSA, CFG_CRYPTO_DH and CFG_CRYPTO_ECC to
tell if bignum functions needs to be stubbed instead of relying on
_CFG_CRYPTO_WITH_ACIPHER which is about to be removed.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Move CFG_CORE_MBEDTLS_MPI init to mk/config.mk

Moves default assignment of CFG_CORE_MBEDTLS_MPI into mk/config.mk

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklan

Move CFG_CORE_MBEDTLS_MPI init to mk/config.mk

Moves default assignment of CFG_CORE_MBEDTLS_MPI into mk/config.mk

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Move CFG_CRYPTOLIB_{NAME,DIR} init to mk/config.mk

Moves default initialization of CFG_CRYPTOLIB_NAME and CFG_CRYPTOLIB_DIR
to mk/config.mk.

Only assigns default y to CFG_CRYPTO_RSASSA_NA1 in case

Move CFG_CRYPTOLIB_{NAME,DIR} init to mk/config.mk

Moves default initialization of CFG_CRYPTOLIB_NAME and CFG_CRYPTOLIB_DIR
to mk/config.mk.

Only assigns default y to CFG_CRYPTO_RSASSA_NA1 in case
CFG_CRYPTOLIB_NAME == tomcrypt.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: link tee.elf with lib archives

Links tee.elf with the library archives instead of -llibname in order to
detect multiply defined symbols in several libraries.

Acked-by: Jerome Forissier <

core: arm: link tee.elf with lib archives

Links tee.elf with the library archives instead of -llibname in order to
detect multiply defined symbols in several libraries.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: dsa_import() use inlen instead of MAX_RSA_SIZE

Upstream has changed dsa_import() to use inlen instead of MAX_RSA_SIZE.
This is needed when compiling LTC with DSA but without RSA support.

core: ltc: dsa_import() use inlen instead of MAX_RSA_SIZE

Upstream has changed dsa_import() to use inlen instead of MAX_RSA_SIZE.
This is needed when compiling LTC with DSA but without RSA support.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add encrypt key length in AES encrypt API

Adds size of expanded AES encryption key to crypto_aes_expand_enc_key()
and crypto_aes_enc_block() to make the functions more safe to call.

Reviewed-

core: add encrypt key length in AES encrypt API

Adds size of expanded AES encryption key to crypto_aes_expand_enc_key()
and crypto_aes_enc_block() to make the functions more safe to call.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Summer Qin <summer.qin@arm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: compile only libmpa with libtomcrypt

Only compile libmpa if libtomcrypt is selected as crypto library and is
configured to use libmpa instead of MPI.

Reviewed-by: Jerome Forissier <jerome.for

core: compile only libmpa with libtomcrypt

Only compile libmpa if libtomcrypt is selected as crypto library and is
configured to use libmpa instead of MPI.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Only clear base-prefix for crypto libraries in core

If the crypto library selected with CFG_CRYPTOLIB_NAME and
CFG_CRYPTOLIB_DIR resides under core it's OK to clear base-prefix.
However, if it can b

Only clear base-prefix for crypto libraries in core

If the crypto library selected with CFG_CRYPTOLIB_NAME and
CFG_CRYPTOLIB_DIR resides under core it's OK to clear base-prefix.
However, if it can be compiled for user space too we need to keep
base-prefix in order to avoid output conflicts.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Add CFG_CRYPTOLIB_NAME_$(CFG_CRYPTOLIB_NAME)

Adds CFG_CRYPTOLIB_NAME_$(CFG_CRYPTOLIB_NAME) := y for easy testing of
which cryptolib currently is in use.

Mbedtls is a bit tricky since it can be comp

Add CFG_CRYPTOLIB_NAME_$(CFG_CRYPTOLIB_NAME)

Adds CFG_CRYPTOLIB_NAME_$(CFG_CRYPTOLIB_NAME) := y for easy testing of
which cryptolib currently is in use.

Mbedtls is a bit tricky since it can be compiled either as a support lib
with the bignum routines or as a complete crypto lib.
CFG_CRYPTOLIB_NAME_$(CFG_CRYPTOLIB_NAME) can be used to select optimal
configuration.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto: move AES-CTS wrappers from libtomcrypt/ to crypto/

Moves the AES-CTS implementation from LTC wrapper to core/crypto.

The AES-CTS implementation can be overridden in a crypto library b

core: crypto: move AES-CTS wrappers from libtomcrypt/ to crypto/

Moves the AES-CTS implementation from LTC wrapper to core/crypto.

The AES-CTS implementation can be overridden in a crypto library by
setting CFG_CRYPTO_CTS_FROM_CRYPTOLIB:=y

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: user_ta: implement ASLR for TAs

Introduces CFG_TA_ASLR to enable Address Space Layout Randomization of
Trusted Applications. ASLR makes the exploitation of memory corruption
vulnerabilities ha

core: user_ta: implement ASLR for TAs

Introduces CFG_TA_ASLR to enable Address Space Layout Randomization of
Trusted Applications. ASLR makes the exploitation of memory corruption
vulnerabilities harder.
The feature is disabled by default except for the configurations I
could test (QEMU and HiKey960).
When CFG_TA_ASLR=y, the stack and subsequent ELF file(s) needed by the
TA are mapped into the user VA space with a random offset comprised
between CFG_TA_ASLR_MIN_OFFSET_PAGES and CFG_TA_ASLR_MAX_OFFSET_PAGES
pages (that is between 0 and 128 pages by default).

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (QEMU, HiKey960)
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: user_ta: use consistent formatting for addresses in TA dump

Improve the layout of the TA dump message by using fixed width for
physical and virtual addresses: 0x + 8 or 16 characters, dependin

core: user_ta: use consistent formatting for addresses in TA dump

Improve the layout of the TA dump message by using fixed width for
physical and virtual addresses: 0x + 8 or 16 characters, depending on
the address size (32 or 64 bits). This makes the output more
consistent, more readable, and nicer overall.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

generic_boot: reserve optee_tzdram memory

Aside from reserving the shared memory, also reserve the TZDRAM OP-TEE
memory.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: R

generic_boot: reserve optee_tzdram memory

Aside from reserving the shared memory, also reserve the TZDRAM OP-TEE
memory.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>

show more ...

generic_boot: retrieve address-cells and size-cells from root

If the reserved-memory subnode does not exist, retrieve address-cells
and size-cells from the root node.

The linux kernel checks whethe

generic_boot: retrieve address-cells and size-cells from root

If the reserved-memory subnode does not exist, retrieve address-cells
and size-cells from the root node.

The linux kernel checks whether these properties match between the root
and reserved-memory nodes and discards non-matching nodes.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>

show more ...

generic_boot: rename shared reserved memory node

Rename the shared reserved memory node from "optee" to "optee_shm".
This should avoid confusion when we introduce the "optee_core" reserved
memory no

generic_boot: rename shared reserved memory node

Rename the shared reserved memory node from "optee" to "optee_shm".
This should avoid confusion when we introduce the "optee_core" reserved
memory node in later commits.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>

show more ...

zynqmp: fix UART1 base for zcu102, zc1751_dc1, zc1751_dc2 flavors

Fix UART1 base address for zcu102, zc1751_dc1, zc1751_dc2 flavors.
More information provided p226 of UG1085 [1].

Link: [1] https://

zynqmp: fix UART1 base for zcu102, zc1751_dc1, zc1751_dc2 flavors

Fix UART1 base address for zcu102, zc1751_dc1, zc1751_dc2 flavors.
More information provided p226 of UG1085 [1].

Link: [1] https://www.xilinx.com/support/documentation/user_guides/ug1085-zynq-ultrascale-trm.pdf
Signed-off-by: Michael Grand <michael.grand.mg@gmail.com>
[jf: move URL to a Link: tag]
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: crypto: introduce struct crypto_authenc_ops

Uses struct crypto_authenc_ops pointer in crypto context for authenc
ciphers (AES-GCM and AES-CCM) as a glue layer instead of a switch(algo)
in each

core: crypto: introduce struct crypto_authenc_ops

Uses struct crypto_authenc_ops pointer in crypto context for authenc
ciphers (AES-GCM and AES-CCM) as a glue layer instead of a switch(algo)
in each cryto_authenc_*() function.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto: introduce struct crypto_cipher_ops

Uses struct crypto_cipher_ops pointer in crypto context for ciphers as a
glue layer instead of a switch(algo) in each crypto_cipher_*() function.

Re

core: crypto: introduce struct crypto_cipher_ops

Uses struct crypto_cipher_ops pointer in crypto context for ciphers as a
glue layer instead of a switch(algo) in each crypto_cipher_*() function.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto: introduce struct crypto_mac_ops

Uses struct crypto_mac_ops pointer in crypto context for MACs as a
glue layer instead of a switch(algo) in each crypto_mac_*() function.

Moves CBC-MAC

core: crypto: introduce struct crypto_mac_ops

Uses struct crypto_mac_ops pointer in crypto context for MACs as a
glue layer instead of a switch(algo) in each crypto_mac_*() function.

Moves CBC-MAC implementation from LTC wrapper to core/crypto.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: implement crypto_cipher_get_block_size()

Prior to this patch only the prototype and a stub of
crypto_cipher_get_block_size() was available. With this patch replace
the stub with an implementat

core: implement crypto_cipher_get_block_size()

Prior to this patch only the prototype and a stub of
crypto_cipher_get_block_size() was available. With this patch replace
the stub with an implementation.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto: introduce struct crypto_hash_ops

Uses struct crypto_hash_ops pointer in crypto context for hashes as a
glue layer instead of a switch(algo) in each crypto_hash_*() function.

Reviewed-

core: crypto: introduce struct crypto_hash_ops

Uses struct crypto_hash_ops pointer in crypto context for hashes as a
glue layer instead of a switch(algo) in each crypto_hash_*() function.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Add support for ultra96 ZynqMP board

Add flavor 'ultra96' to platform 'zynqmp'.
Redirect TEE console output to UART1.

Signed-off-by: Michael Grand <michael.grand.mg@gmail.com>
Acked-by: Jerome Fori

Add support for ultra96 ZynqMP board

Add flavor 'ultra96' to platform 'zynqmp'.
Redirect TEE console output to UART1.

Signed-off-by: Michael Grand <michael.grand.mg@gmail.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: Initialize the chip_id array when generating the SSK

In tee_fs_init_key_manager(), Secure Storage Key (SSK) is computed as
follow:

SSK = HMAC(HUK, message)
message := concatenate(chip

core: Initialize the chip_id array when generating the SSK

In tee_fs_init_key_manager(), Secure Storage Key (SSK) is computed as
follow:

SSK = HMAC(HUK, message)
message := concatenate(chip_id, static string)

chip_id is a 32-byte array but some tee_otp_get_die_id() implementation
may provide a smaller chip ID. Initialize the chip_id array to make
sure the remaining bytes do not contain garbage data. Without this
initialization, SSK may be inconsistent across power cycles generating
failures when reading back data from the secure storage.

Signed-off-by: Alexandre Jutras <alexandre.jutras@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

stm32_i2c: driver for STM32 I2C bus

Drivers is embedded upon CFG_STM32_I2C=y.

The driver main API functions are:
stm32_i2c_init() to initialize the device driver,
stm32_i2c_mem_{write|read}() for I

stm32_i2c: driver for STM32 I2C bus

Drivers is embedded upon CFG_STM32_I2C=y.

The driver main API functions are:
stm32_i2c_init() to initialize the device driver,
stm32_i2c_mem_{write|read}() for I2C memory mode transfer,
stm32_i2c_master_{transmit|receive}() for stream transfer.

2 helpers:
stm32_i2c_is_device_ready() checks the hardware I2C link,
stm32_i2c_get_setup_from_fdt() fills the I2C initialization
structure from the content found in the DT.

I2C driver instances do not register themselves to the PM
framework. Bus owner is responsible for calling the
stm32_i2c_{suspend|resume}() APIs when the owner device
executes a PM sequence.

stm32_i2c driver is dual licensed GPL-2.0/BSD-3-Clause.
The conversion algorithm for converting device tree bindings
timing information into STM32 I2C timings configuration
register is shared with other packages (Linux kernel, Arm
Trusted Firmware-A, U-Boot).

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Signed-off-by: Nicolas Le Bayon <nicolas.le.bayon@st.com>
Signed-off-by: Pascal Paillet <p.paillet@st.com>
Signed-off-by: Pierre-Yves MORDRET <pierre-yves.mordret@st.com>
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

core: better align output of TA dump with many or big regions

With the introduction of shared libutee/libutils/libmbedtls etc., it
is not uncommon for a TA to have more than 10 memory regions. When

core: better align output of TA dump with many or big regions

With the introduction of shared libutee/libutils/libmbedtls etc., it
is not uncommon for a TA to have more than 10 memory regions. When this
happens, the crash dump output is not properly aligned.

Similarly, since there is no width specifier when we print the region
size, misalignments can occur.

This commit makes the output look good for up to 100 regions of up to
16 MiB in size.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...