core: arm32.h: add read_midr()

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

core: rename exception vectors

Rename exception vectors to thread_excp_vect* for both ARM32 and ARM64
to be more clear. The vectors are also exported with global definitions.

Reviewed-by: Volodymyr

core: rename exception vectors

Rename exception vectors to thread_excp_vect* for both ARM32 and ARM64
to be more clear. The vectors are also exported with global definitions.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: armv7: core_init_mmu_regs() init contextidr

The value of CONTEXTIDR is initially undefined, initialize it with a
sane value.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested

core: armv7: core_init_mmu_regs() init contextidr

The value of CONTEXTIDR is initially undefined, initialize it with a
sane value.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Jordan Rhee <jordanrh@microsoft.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: kern.ld.S: stop using PROVIDE()

Stop using the PROVIDE() keyword in the linker script. The current usage
causes problems like:
out/arm-plat-vexpress/core/kern.ld:168: undefined symbol
`__

core: arm: kern.ld.S: stop using PROVIDE()

Stop using the PROVIDE() keyword in the linker script. The current usage
causes problems like:
out/arm-plat-vexpress/core/kern.ld:168: undefined symbol
`__asan_map_end' referenced in expression
make: *** [out/arm-plat-vexpress/core/tee.elf] Error 1

when compiled with certain flags and compilers.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core 32bit mmu: remove constraint on reuse of xlat tables

Since commit 5e36abf51875 ("mmu: implement generic mmu initialization")
the MMU 32bit descriptor mode allows to map memories with different

core 32bit mmu: remove constraint on reuse of xlat tables

Since commit 5e36abf51875 ("mmu: implement generic mmu initialization")
the MMU 32bit descriptor mode allows to map memories with different
attributes (but the NS state) using different entries of a common
level2 MMU table. In the old days the non-LPAE layer failed to share
such level2 tables and required a pgdir alignment constraint when
assigning the core virtual addresses to be mapped. This change removes
the now useless constraint.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: FS: storage: don't allow the object_id to reside in shared memory

According to the GP spec V1.1, the object_id in create/open/rename
functions is not allowed to reside in the share memory, thi

core: FS: storage: don't allow the object_id to reside in shared memory

According to the GP spec V1.1, the object_id in create/open/rename
functions is not allowed to reside in the share memory, this patch
simply removes the TEE_MEMORY_ACCESS_ANY_OWNER flag to limit the
object_id to TA private memory space.

Signed-off-by: Zeng Tao <prime.zeng@hisilicon.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

mmu: add dump_xlat_tables() function

As we dropped tables initialization code from core_mmu_v7.c and
core_mmu_lpae.c there are no means to visualize pagetables now.

This patch adds function that re

mmu: add dump_xlat_tables() function

As we dropped tables initialization code from core_mmu_v7.c and
core_mmu_lpae.c there are no means to visualize pagetables now.

This patch adds function that recursively prints current state of
pagetables. Currently it prints pagetables only during initialization,
but it can be used to debug pgt at any time.

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

mmu: implement generic mmu initialization

This patch adds function core_mmu_map_region() that maps given memory
region. This function is generic, in sense, that it can map memory for
both short and

mmu: implement generic mmu initialization

This patch adds function core_mmu_map_region() that maps given memory
region. This function is generic, in sense, that it can map memory for
both short and long descriptor formats, as it uses primitives provided
by core_mmu_v7 and core_mmu_lpae.

Also, this function tries to use largest allocation blocks
possible. For example, if memory region is not aligned to PGDIR_SIZE
but spans across multiple pgdirs, core_mmu_map_region() will map
most of this region with large blocks, and only start/end will be
mapped with small pages.

As core_mmu_map_region() provides all means needed for MMU initialization,
we can drop mmu-specific code in core_mmu_v7.c and core_mmu_lpae.c

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

mmu: replace _prepare_small_page_mapping with _entry_to_finer_grained

core_mmu_prepare_small_page_mapping() just prepares table for the next
level if there was no mappings already.
core_mmu_entry_to

mmu: replace _prepare_small_page_mapping with _entry_to_finer_grained

core_mmu_prepare_small_page_mapping() just prepares table for the next
level if there was no mappings already.
core_mmu_entry_to_finer_grained() will do the same even if there is are
something mapped there.

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: bugfix tee_tadb_ta_read()

When tee_tadb_ta_read() has advanced through the entire binary it should
call crypto_authenc_dec_final() to check that the computed tag matches
expected tag. Before t

core: bugfix tee_tadb_ta_read()

When tee_tadb_ta_read() has advanced through the entire binary it should
call crypto_authenc_dec_final() to check that the computed tag matches
expected tag. Before this commit that wasn't done.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: fs_htree: fix authenc_init() error path

- Add missing crypto_authenc_free_ctx()
- Do not call crypto_authenc_final() if crypto_authenc_init() was not
successful

Signed-off-by: Jerome Forissie

core: fs_htree: fix authenc_init() error path

- Add missing crypto_authenc_free_ctx()
- Do not call crypto_authenc_final() if crypto_authenc_init() was not
successful

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reported-by: Summer Qin <summer.qin@arm.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

crypto: hkdf_expand(): call crypto_mac_free_ctx() instead of free()

A context allocated via crypto_mac_alloc_ctx() has to be freed using
crypto_mac_free_ctx(). While the default implementation just

crypto: hkdf_expand(): call crypto_mac_free_ctx() instead of free()

A context allocated via crypto_mac_alloc_ctx() has to be freed using
crypto_mac_free_ctx(). While the default implementation just ends up
calling free(), other implementations may not.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reported-by: Summer Qin <summer.qin@arm.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Remove the unused file tee_kta_trace.h

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

core: ltc: prevent incorrect asserts in crypto_*_free_ctx()

Avoid asserting in crypto_*_free_ctx() in the following case:

void *ctx = NULL;
TEE_Result res;

res = crypto_*_alloc_ctx(&ctx, <u

core: ltc: prevent incorrect asserts in crypto_*_free_ctx()

Avoid asserting in crypto_*_free_ctx() in the following case:

void *ctx = NULL;
TEE_Result res;

res = crypto_*_alloc_ctx(&ctx, <unsupported_algo>)
if (!res)
goto out;
/* ... */
out:
crypto_*_free_ctx(ctx);

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto.c: crypto_*_free_ctx() stubs should allow NULL context

Update the crypto_*_free_ctx() functions so that they do nothing when
passed a NULL ctx. Allows for easier error handling.

Signed

core: crypto.c: crypto_*_free_ctx() stubs should allow NULL context

Update the crypto_*_free_ctx() functions so that they do nothing when
passed a NULL ctx. Allows for easier error handling.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Generate conf.cmake for TA dev kit

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

core: lower debug verbosity on short buffer errors

TEE_ERROR_SHORT_BUFFER is likely to be an expected error code returned
by a trusted application or a core service. Therefore this change
prevents d

core: lower debug verbosity on short buffer errors

TEE_ERROR_SHORT_BUFFER is likely to be an expected error code returned
by a trusted application or a core service. Therefore this change
prevents debug "Error: " in short buffer case at completion the
invoke_command request.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

Force ARCH to arm

It is the only value used for now. No other value works, not even
aarch64.

Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@li

Force ARCH to arm

It is the only value used for now. No other value works, not even
aarch64.

Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

smc: extend protocol to support virtualization

In order to support multiple guests, OP-TEE should be able to track
guest lifecycle. Idea is that hypervisor informs OP-TEE when it
wants to create a n

smc: extend protocol to support virtualization

In order to support multiple guests, OP-TEE should be able to track
guest lifecycle. Idea is that hypervisor informs OP-TEE when it
wants to create a new virtual machine. OP-TEE allocates resources
for it or returns an error, if there are not enough resources available.
When virtual machine is being destroyed OP-TEE frees any resources
that was allocated previously.

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: add pager constraint on mobj get_pa method

On user TA crash or panic the core may dump the TA state
among which the physical address of the memory area mapped
in the TA space which are referen

core: add pager constraint on mobj get_pa method

On user TA crash or panic the core may dump the TA state
among which the physical address of the memory area mapped
in the TA space which are referenced by the mobj layer.
Therefore the get_pa method for such mobj shall have a
KEEP_PAGER constraint.

This change adds such constraint for static shm and registered
shm memory objects.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: fs_htree: include meta in root hash

Includes the meta data when calculating the hash of the root node to
detect changes in file length while number of blocks is unchanged.

Signed-off-by: Jens

core: fs_htree: include meta in root hash

Includes the meta data when calculating the hash of the root node to
detect changes in file length while number of blocks is unchanged.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Fixes: https://github.com/OP-TEE/optee_os/issues/2094
Reported-by: Kevin Peng <kevinp@marvell.com>
Tested-by: Kevin Peng <kevinp@marvell.com>
[jf: add Fixes:, Reported-by: and Tested-by: tags]
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: REE FS: ree_fs_truncate() commit dirh writes

To commit the changes done by ree_fs_truncate() in the dirfile, call
commit_dirh_writes() before closing the dirh.

Signed-off-by: Jens Wiklander <

core: REE FS: ree_fs_truncate() commit dirh writes

To commit the changes done by ree_fs_truncate() in the dirfile, call
commit_dirh_writes() before closing the dirh.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: REE FS: make sure dirty flag is set when object is truncated

When an object is truncated but the number of blocks is unchanged, only
the metadata's length field is modified. The hash tree laye

core: REE FS: make sure dirty flag is set when object is truncated

When an object is truncated but the number of blocks is unchanged, only
the metadata's length field is modified. The hash tree layer has to be
notified so that it knows it has to flush the data before closing the
object, otherwise the truncation is lost.
Add a function for that purpose: tee_fs_htree_meta_set_dirty(), and
call it whenever meta->length is updated.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: REE FS: ree_fs_truncate(): fix reversed error checks

Reported-by: Kevin Peng <kevinp@marvell.com>
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jen

core: REE FS: ree_fs_truncate(): fix reversed error checks

Reported-by: Kevin Peng <kevinp@marvell.com>
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: sm_a32: add missing isb after scr change

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <

core: sm_a32: add missing isb after scr change

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...