core: arm64: crypto: AES-GCM: add internal key expansion

Adds internal encryption key expansion when internal AES-GCM uses AES
crypto extensions. This avoids a dependency on the crypto library to us

core: arm64: crypto: AES-GCM: add internal key expansion

Adds internal encryption key expansion when internal AES-GCM uses AES
crypto extensions. This avoids a dependency on the crypto library to use
the same endian on the expanded encryption key.

Copies code from core/lib/libtomcrypt/src/ciphers/ aes_armv8a_ce.c and
aes_modes_armv8a_ce_a64.S and makes some small changes to make it fit
in the new place.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto: AES-GCM: remove tomcrypt.h dependency

Removes tomcrypt.h dependency by replacing the "symmetric_key skey"
field in struct internal_aes_gcm_ctx with a raw key. Replaces calls to
the LTC

core: crypto: AES-GCM: remove tomcrypt.h dependency

Removes tomcrypt.h dependency by replacing the "symmetric_key skey"
field in struct internal_aes_gcm_ctx with a raw key. Replaces calls to
the LTC functions aes_setup() and aes_ecb_encrypt() with calls to
crypto_aes_expand_enc_key() and crypto_aes_enc_block() respectively.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: LTC provide some AES primitives

Provides crypto_aes_expand_enc_key() and crypto_aes_enc_block(). These
functions are needed to avoid exposing the type symmetric_key outside of
LTC.

Reviewed-b

core: LTC provide some AES primitives

Provides crypto_aes_expand_enc_key() and crypto_aes_enc_block(). These
functions are needed to avoid exposing the type symmetric_key outside of
LTC.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: AES-GCM: import table based GF-mult

Imports table based GF multiplication from mbed TLS.

Sets CFG_AES_GCM_TABLE_BASED to default y unless CFG_CRYPTO_WITH_CE is
y, then CFG_AES_GCM_TABLE_BASED

core: AES-GCM: import table based GF-mult

Imports table based GF multiplication from mbed TLS.

Sets CFG_AES_GCM_TABLE_BASED to default y unless CFG_CRYPTO_WITH_CE is
y, then CFG_AES_GCM_TABLE_BASED forced n.

With tables performance is on HiKey960 (CFG_CRYPTO_WITH_CE=n):
xtest --aes-perf -m GCM
(CFG_AES_GCM_TABLE_BASED=n)
min=69.27us max=86.458us mean=70.5695us stddev=0.955826us (cv 1.35445%) (13.8383MiB/s)
(CFG_AES_GCM_TABLE_BASED=y)
min=41.666us max=53.646us mean=42.138us stddev=0.621345us (cv 1.47455%) (23.1753MiB/s)

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm32: enable NEON with .fpu directive rather than compile flag

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (QEMU CF

core: arm32: enable NEON with .fpu directive rather than compile flag

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (QEMU CFG_WITH_VFP=y)
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960 AArch32 {,pager})
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Remove useless .section directive

The FUNC macro has a .section so any previous occurrence is useless.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jen

Remove useless .section directive

The FUNC macro has a .section so any previous occurrence is useless.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Use -mfpu-neon for assembly files in TEE core only

Some platforms set arm32-platform-aflags += -mfpu-neon, which causes
NEON to be selected when building any assembly files. TEE core, user-mode
libr

Use -mfpu-neon for assembly files in TEE core only

Some platforms set arm32-platform-aflags += -mfpu-neon, which causes
NEON to be selected when building any assembly files. TEE core, user-mode
libraries and TAs are all affected by this setting.

This is most likely incorrect because user-mode libraries do not use
NEON instructions (only some core files do). And, it does not make much
sense to set it by default for TAs either.

So, core_arm32-platform-aflags should be set instead.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: se: fix potential use after free

The freed `proxy` will be used again on the incremental part of the for
loop, it leaves potential risk of UAF crashing, replace `TAILQ_FOREACH()`
with `TAILQ_F

core: se: fix potential use after free

The freed `proxy` will be used again on the incremental part of the for
loop, it leaves potential risk of UAF crashing, replace `TAILQ_FOREACH()`
with `TAILQ_FOREACH_SAFE()` to avoid second use of freed memory.

Fixes: https://github.com/OP-TEE/optee_os/issues/1965
Signed-off-by: Alex CHEN <viennadd@gmail.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
[jf: add 'se:' to subject, don't capitalize "use", capitalize 'Fixes:']
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: drivers: imx_wdog: fix register access

The registers's base address are 16bits aligned, so read32/write32
should be replaced with read16/write16.

Signed-off-by: Peng Fan <peng.fan@nxp.com>
Ac

core: drivers: imx_wdog: fix register access

The registers's base address are 16bits aligned, so read32/write32
should be replaced with read16/write16.

Signed-off-by: Peng Fan <peng.fan@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libfdt: fix undefined behaviour in fdt_offset_ptr()

Upstream commit d0b3ab0a0f46 ("libfdt: Fix undefined behaviour in
fdt_offset_ptr()").

Using pointer arithmetic to generate a pointer outside a kn

libfdt: fix undefined behaviour in fdt_offset_ptr()

Upstream commit d0b3ab0a0f46 ("libfdt: Fix undefined behaviour in
fdt_offset_ptr()").

Using pointer arithmetic to generate a pointer outside a known object is,
technically, undefined behaviour in C. Unfortunately, we were using that
in fdt_offset_ptr() to detect overflows.

To fix this we need to do our bounds / overflow checking on the offsets
before constructing pointers from them.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Fixes: https://github.com/OP-TEE/optee_os/issues/1967
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: fix potential double free in ta_open()

ta_open() relies on the local variable shdr to be NULL unless it's a valid
pointer. alloc_and_copy_shdr() can in one code path update shdr and then
free

core: fix potential double free in ta_open()

ta_open() relies on the local variable shdr to be NULL unless it's a valid
pointer. alloc_and_copy_shdr() can in one code path update shdr and then
free it before returning.

The fix is in alloc_and_copy_shdr() to only set the returned shdr once
the pointer is to be returned.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Fixes: https://github.com/OP-TEE/optee_os/issues/1968
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

tee_fs_rpc_opendir(): avoid potential memory leak after early return

Fixes: https://github.com/OP-TEE/optee_os/issues/1960
Signed-off-by: Alex CHEN <viennadd@gmail.com>
Reviewed-by: Jerome Forissier

tee_fs_rpc_opendir(): avoid potential memory leak after early return

Fixes: https://github.com/OP-TEE/optee_os/issues/1960
Signed-off-by: Alex CHEN <viennadd@gmail.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: fix double free in dsa_import()

Upstream commit 1e260eeaae43 ("fir coverity finding: dsa_import double
free").

Fixes: https://github.com/OP-TEE/optee_os/issues/1962
Signed-off-by: Jerome

core: ltc: fix double free in dsa_import()

Upstream commit 1e260eeaae43 ("fir coverity finding: dsa_import double
free").

Fixes: https://github.com/OP-TEE/optee_os/issues/1962
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: GET_OS_REVISION: return SHA1 of current Git commit

When processing an OPTEE_SMC_CALL_GET_OS_REVISION request, return the
abbreviated SHA1 of the current Git commit as the third parameter (a2).

core: GET_OS_REVISION: return SHA1 of current Git commit

When processing an OPTEE_SMC_CALL_GET_OS_REVISION request, return the
abbreviated SHA1 of the current Git commit as the third parameter (a2).

If the SHA1 cannot be determined or CFG_OS_REV_REPORTS_GIT_SHA1 is
disabled, set a2 to zero meaning "not specified".

This allows the TEE driver to report more precise information about the
TEE at probe time.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: GET_OS_REVISION: document a2 as a build identifier

In the OPTEE_SMC_CALL_GET_OS_REVISION request, the previously reserved
parameter a2 is now documented as being an optional build identif

core: arm: GET_OS_REVISION: document a2 as a build identifier

In the OPTEE_SMC_CALL_GET_OS_REVISION request, the previously reserved
parameter a2 is now documented as being an optional build identifier
(such as an SCM revision or commit ID, for instance).

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-marvell: Add initial support for ARMADA3700

Only test 64bit mode with default configuration

1. Build command
make PLATFORM=marvell-armada3700
2. Pass xtest

Signed-off-by: wangwen <wangwen

plat-marvell: Add initial support for ARMADA3700

Only test 64bit mode with default configuration

1. Build command
make PLATFORM=marvell-armada3700
2. Pass xtest

Signed-off-by: wangwen <wangwen@marvell.comi>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Kevin Peng <kevinp@marvell.com>

show more ...

core: pta_socket: add TA_FLAG_CONCURRENT

Adds flag TA_FLAG_CONCURRENT to PTA socket used by the socket
implementation. This avoids one TA blocking another unrelated TA both
doing socket operations.

core: pta_socket: add TA_FLAG_CONCURRENT

Adds flag TA_FLAG_CONCURRENT to PTA socket used by the socket
implementation. This avoids one TA blocking another unrelated TA both
doing socket operations.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: crypto: fix AES-GCM counter increase

In pmull_gcm_encrypt() and pmull_gcm_decrypt() it was assumed that it's
enough to only increase the least significant 64-bits of the counter fed
to th

core: arm: crypto: fix AES-GCM counter increase

In pmull_gcm_encrypt() and pmull_gcm_decrypt() it was assumed that it's
enough to only increase the least significant 64-bits of the counter fed
to the block cipher. This can hold for 96-bit IVs, but not for IVs of
any other length as the number stored in the least significant 64-bits
of the counter can't be easily predicted.

In this patch pmull_gcm_encrypt() and pmull_gcm_decrypt() are updated to
increase the entire counter, at the same time is the interface changed
to accept the counter in little endian format instead.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU, Hikey)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto: add new AES-GCM implementation

Adds a new AES-GCM implementation optimized for hardware acceleration.

This implementation is enabled by default, to use the implementation in
libTomCry

core: crypto: add new AES-GCM implementation

Adds a new AES-GCM implementation optimized for hardware acceleration.

This implementation is enabled by default, to use the implementation in
libTomCrypt instead set CFG_CRYPTO_AES_GCM_FROM_CRYPTOLIB=y.

Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960)
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add CFG_CRYPTO_AES_GCM_FROM_CRYPTOLIB

Adds CFG_CRYPTO_AES_GCM_FROM_CRYPTOLIB which if y will enable AES-GCM in
the crypto library and use that as the implementation used by
crypto_authen_*() f

core: add CFG_CRYPTO_AES_GCM_FROM_CRYPTOLIB

Adds CFG_CRYPTO_AES_GCM_FROM_CRYPTOLIB which if y will enable AES-GCM in
the crypto library and use that as the implementation used by
crypto_authen_*() functions.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add core/crypto.mk with CFG_CRYPTO* flags

Moves CFG_CRYPTO* and _CFG_CRYPTO flags in core/lib/libtomcrypt/sub.mk
to core/crypto.mk.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Si

core: add core/crypto.mk with CFG_CRYPTO* flags

Moves CFG_CRYPTO* and _CFG_CRYPTO flags in core/lib/libtomcrypt/sub.mk
to core/crypto.mk.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-vexpress: Juno: CFG_HWSUPP_PMULL=y

Takes full advantage of LTC GHASH acceleration by using the pmull
instruction.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens W

plat-vexpress: Juno: CFG_HWSUPP_PMULL=y

Takes full advantage of LTC GHASH acceleration by using the pmull
instruction.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

hikey{,960}: CFG_HWSUPP_PMULL=y

Takes full advantage of LTC GHASH acceleration by using the pmull
instruction.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander

hikey{,960}: CFG_HWSUPP_PMULL=y

Takes full advantage of LTC GHASH acceleration by using the pmull
instruction.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

LTC: add GHASH acceleration

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

core: import GHASH acceleration routines

Imports assembly code for accelerated GHASH computations and provides an
interface for using these low level functions.

The assembly code relies on features

core: import GHASH acceleration routines

Imports assembly code for accelerated GHASH computations and provides an
interface for using these low level functions.

The assembly code relies on features now available in all ARM cores. No
assembly code is enabled at all unless CFG_CRYPTO_WITH_CE = y. Code
using the PMULL/PMULL2 instruction is enabled with CFG_HWSUPP_PMULL = y.

The assembly code is written by Ard Biesheuvel
<ard.biesheuvel@linaro.org> and modified slightly here to fit better
into OP-TEE.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...