tee_mm.c: fix includes section

- Remove double #include <mm/tee_mm.h>
- Put includes into alphabetical order

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Etienne Carrier

tee_mm.c: fix includes section

- Remove double #include <mm/tee_mm.h>
- Put includes into alphabetical order

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add management pseudo TA for secstor TAs

Adds a pseudo TA for management of Trusted Applications and Security
Domains. The pseudo TA only provides a minimal interface, a more
advanced interfac

core: add management pseudo TA for secstor TAs

Adds a pseudo TA for management of Trusted Applications and Security
Domains. The pseudo TA only provides a minimal interface, a more
advanced interface is supposed to be provided by a user TA using this
pseudo TA. Such a TA could for instance implement Global Platforms TEE
Management Framework or OTrP.

The management TA currently only supports installing bootstrap packaged
TAs in secure storage.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add ta storage based on tadb

Adds ta storage based on tadb. The TAs has to be installed in tadb
before they can be loaded.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by:

core: add ta storage based on tadb

Adds ta storage based on tadb. The TAs has to be installed in tadb
before they can be loaded.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add tadb

Adds tadb which is a database in which TAs can be stored leveraging
secure storage for anti-rollback, key storage and list of TAs.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.

core: add tadb

Adds tadb which is a database in which TAs can be stored leveraging
secure storage for anti-rollback, key storage and list of TAs.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ree fs ta store: support bootstrap TA format

Adds support for the new bootstrap TA format to the REE FS TA storage.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jerome

core: ree fs ta store: support bootstrap TA format

Adds support for the new bootstrap TA format to the REE FS TA storage.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ree fs ta store: use new shdr_*() helpers

Uses the new shdr_*() helper functions to verify a signed header.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jerome Forissi

core: ree fs ta store: use new shdr_*() helpers

Uses the new shdr_*() helper functions to verify a signed header.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto: add struct shdr helper functions

Adds struct shdr helper functions to allocate and verify a struct shdr.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jerome Fo

core: crypto: add struct shdr helper functions

Adds struct shdr helper functions to allocate and verify a struct shdr.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add shdr type SHDR_BOOTSTRAP_TA

Adds a signed header type for bootstrap TA. This type is used when there
isn't any security domains installed yet.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk

core: add shdr type SHDR_BOOTSTRAP_TA

Adds a signed header type for bootstrap TA. This type is used when there
isn't any security domains installed yet.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: provide tee_svc_storage_file_ops()

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wikla

core: provide tee_svc_storage_file_ops()

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: fs_htree: bugfix creating empty file

Fixes problem with creating an empty htree file.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Acked-by: Jerome Forissier <jerome.forissier@lina

core: fs_htree: bugfix creating empty file

Fixes problem with creating an empty htree file.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add refcount routines

Adds refcount_inc() and refcount_dec()

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by:

core: add refcount routines

Adds refcount_inc() and refcount_dec()

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: imx: add i.MX6SX Sabreauto support

Add i.MX6SX Sabreauto support.

Signed-off-by: Peng Fan <peng.fan@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander

core: imx: add i.MX6SX Sabreauto support

Add i.MX6SX Sabreauto support.

Signed-off-by: Peng Fan <peng.fan@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add negative tests for htree

Adds negative test for htree.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-

core: add negative tests for htree

Adds negative test for htree.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core/crypto/crypto.c: fix compile errors when _CFG_CRYPTO_WITH_CIPHER=n

Although _CFG_CRYPTO_WITH_CIPHER=n does not seem to be a valid
configuration (both the REE and RPMB FS use AES and at least on

core/crypto/crypto.c: fix compile errors when _CFG_CRYPTO_WITH_CIPHER=n

Although _CFG_CRYPTO_WITH_CIPHER=n does not seem to be a valid
configuration (both the REE and RPMB FS use AES and at least one has to
be enabled currently), fix build errors triggered by:

make _CFG_CRYPTO_WITH_CIPHER=n \
out/arm-plat-vexpress/core/crypto/crypto.o

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: pager: use new aes-gcm implementation

Pager switches to use the new internal accelerated AES-GCM
implementation instead of the old software only implementation.

Reviewed-by: Jerome Forissier

core: pager: use new aes-gcm implementation

Pager switches to use the new internal accelerated AES-GCM
implementation instead of the old software only implementation.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU, Hikey)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto: AES-GCM: internal_aes_gcm_{enc,dec}()

Adds internal_aes_gcm_enc() and internal_aes_gcm_dec() for
encrypting/decrypting a complete message with an external expanded
key.

Acked-by: Jero

core: crypto: AES-GCM: internal_aes_gcm_{enc,dec}()

Adds internal_aes_gcm_enc() and internal_aes_gcm_dec() for
encrypting/decrypting a complete message with an external expanded
key.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto: AES-GCM: separate encryption key

Separates the AES (CTR) encryption key from the rest of the context
to allow more efficient key handling.

Acked-by: Jerome Forissier <jerome.forissier

core: crypto: AES-GCM: separate encryption key

Separates the AES (CTR) encryption key from the rest of the context
to allow more efficient key handling.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm64: crypto: AES-GCM: add internal key expansion

Adds internal encryption key expansion when internal AES-GCM uses AES
crypto extensions. This avoids a dependency on the crypto library to us

core: arm64: crypto: AES-GCM: add internal key expansion

Adds internal encryption key expansion when internal AES-GCM uses AES
crypto extensions. This avoids a dependency on the crypto library to use
the same endian on the expanded encryption key.

Copies code from core/lib/libtomcrypt/src/ciphers/ aes_armv8a_ce.c and
aes_modes_armv8a_ce_a64.S and makes some small changes to make it fit
in the new place.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto: AES-GCM: remove tomcrypt.h dependency

Removes tomcrypt.h dependency by replacing the "symmetric_key skey"
field in struct internal_aes_gcm_ctx with a raw key. Replaces calls to
the LTC

core: crypto: AES-GCM: remove tomcrypt.h dependency

Removes tomcrypt.h dependency by replacing the "symmetric_key skey"
field in struct internal_aes_gcm_ctx with a raw key. Replaces calls to
the LTC functions aes_setup() and aes_ecb_encrypt() with calls to
crypto_aes_expand_enc_key() and crypto_aes_enc_block() respectively.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: LTC provide some AES primitives

Provides crypto_aes_expand_enc_key() and crypto_aes_enc_block(). These
functions are needed to avoid exposing the type symmetric_key outside of
LTC.

Reviewed-b

core: LTC provide some AES primitives

Provides crypto_aes_expand_enc_key() and crypto_aes_enc_block(). These
functions are needed to avoid exposing the type symmetric_key outside of
LTC.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: AES-GCM: import table based GF-mult

Imports table based GF multiplication from mbed TLS.

Sets CFG_AES_GCM_TABLE_BASED to default y unless CFG_CRYPTO_WITH_CE is
y, then CFG_AES_GCM_TABLE_BASED

core: AES-GCM: import table based GF-mult

Imports table based GF multiplication from mbed TLS.

Sets CFG_AES_GCM_TABLE_BASED to default y unless CFG_CRYPTO_WITH_CE is
y, then CFG_AES_GCM_TABLE_BASED forced n.

With tables performance is on HiKey960 (CFG_CRYPTO_WITH_CE=n):
xtest --aes-perf -m GCM
(CFG_AES_GCM_TABLE_BASED=n)
min=69.27us max=86.458us mean=70.5695us stddev=0.955826us (cv 1.35445%) (13.8383MiB/s)
(CFG_AES_GCM_TABLE_BASED=y)
min=41.666us max=53.646us mean=42.138us stddev=0.621345us (cv 1.47455%) (23.1753MiB/s)

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm32: enable NEON with .fpu directive rather than compile flag

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (QEMU CF

core: arm32: enable NEON with .fpu directive rather than compile flag

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (QEMU CFG_WITH_VFP=y)
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960 AArch32 {,pager})
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Remove useless .section directive

The FUNC macro has a .section so any previous occurrence is useless.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jen

Remove useless .section directive

The FUNC macro has a .section so any previous occurrence is useless.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Use -mfpu-neon for assembly files in TEE core only

Some platforms set arm32-platform-aflags += -mfpu-neon, which causes
NEON to be selected when building any assembly files. TEE core, user-mode
libr

Use -mfpu-neon for assembly files in TEE core only

Some platforms set arm32-platform-aflags += -mfpu-neon, which causes
NEON to be selected when building any assembly files. TEE core, user-mode
libraries and TAs are all affected by this setting.

This is most likely incorrect because user-mode libraries do not use
NEON instructions (only some core files do). And, it does not make much
sense to set it by default for TAs either.

So, core_arm32-platform-aflags should be set instead.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: se: fix potential use after free

The freed `proxy` will be used again on the incremental part of the for
loop, it leaves potential risk of UAF crashing, replace `TAILQ_FOREACH()`
with `TAILQ_F

core: se: fix potential use after free

The freed `proxy` will be used again on the incremental part of the for
loop, it leaves potential risk of UAF crashing, replace `TAILQ_FOREACH()`
with `TAILQ_FOREACH_SAFE()` to avoid second use of freed memory.

Fixes: https://github.com/OP-TEE/optee_os/issues/1965
Signed-off-by: Alex CHEN <viennadd@gmail.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
[jf: add 'se:' to subject, don't capitalize "use", capitalize 'Fixes:']
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...