core: drivers: imx_wdog: fix register access

The registers's base address are 16bits aligned, so read32/write32
should be replaced with read16/write16.

Signed-off-by: Peng Fan <peng.fan@nxp.com>
Ac

core: drivers: imx_wdog: fix register access

The registers's base address are 16bits aligned, so read32/write32
should be replaced with read16/write16.

Signed-off-by: Peng Fan <peng.fan@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libfdt: fix undefined behaviour in fdt_offset_ptr()

Upstream commit d0b3ab0a0f46 ("libfdt: Fix undefined behaviour in
fdt_offset_ptr()").

Using pointer arithmetic to generate a pointer outside a kn

libfdt: fix undefined behaviour in fdt_offset_ptr()

Upstream commit d0b3ab0a0f46 ("libfdt: Fix undefined behaviour in
fdt_offset_ptr()").

Using pointer arithmetic to generate a pointer outside a known object is,
technically, undefined behaviour in C. Unfortunately, we were using that
in fdt_offset_ptr() to detect overflows.

To fix this we need to do our bounds / overflow checking on the offsets
before constructing pointers from them.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Fixes: https://github.com/OP-TEE/optee_os/issues/1967
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: fix potential double free in ta_open()

ta_open() relies on the local variable shdr to be NULL unless it's a valid
pointer. alloc_and_copy_shdr() can in one code path update shdr and then
free

core: fix potential double free in ta_open()

ta_open() relies on the local variable shdr to be NULL unless it's a valid
pointer. alloc_and_copy_shdr() can in one code path update shdr and then
free it before returning.

The fix is in alloc_and_copy_shdr() to only set the returned shdr once
the pointer is to be returned.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Fixes: https://github.com/OP-TEE/optee_os/issues/1968
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

tee_fs_rpc_opendir(): avoid potential memory leak after early return

Fixes: https://github.com/OP-TEE/optee_os/issues/1960
Signed-off-by: Alex CHEN <viennadd@gmail.com>
Reviewed-by: Jerome Forissier

tee_fs_rpc_opendir(): avoid potential memory leak after early return

Fixes: https://github.com/OP-TEE/optee_os/issues/1960
Signed-off-by: Alex CHEN <viennadd@gmail.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: fix double free in dsa_import()

Upstream commit 1e260eeaae43 ("fir coverity finding: dsa_import double
free").

Fixes: https://github.com/OP-TEE/optee_os/issues/1962
Signed-off-by: Jerome

core: ltc: fix double free in dsa_import()

Upstream commit 1e260eeaae43 ("fir coverity finding: dsa_import double
free").

Fixes: https://github.com/OP-TEE/optee_os/issues/1962
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: GET_OS_REVISION: return SHA1 of current Git commit

When processing an OPTEE_SMC_CALL_GET_OS_REVISION request, return the
abbreviated SHA1 of the current Git commit as the third parameter (a2).

core: GET_OS_REVISION: return SHA1 of current Git commit

When processing an OPTEE_SMC_CALL_GET_OS_REVISION request, return the
abbreviated SHA1 of the current Git commit as the third parameter (a2).

If the SHA1 cannot be determined or CFG_OS_REV_REPORTS_GIT_SHA1 is
disabled, set a2 to zero meaning "not specified".

This allows the TEE driver to report more precise information about the
TEE at probe time.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: GET_OS_REVISION: document a2 as a build identifier

In the OPTEE_SMC_CALL_GET_OS_REVISION request, the previously reserved
parameter a2 is now documented as being an optional build identif

core: arm: GET_OS_REVISION: document a2 as a build identifier

In the OPTEE_SMC_CALL_GET_OS_REVISION request, the previously reserved
parameter a2 is now documented as being an optional build identifier
(such as an SCM revision or commit ID, for instance).

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-marvell: Add initial support for ARMADA3700

Only test 64bit mode with default configuration

1. Build command
make PLATFORM=marvell-armada3700
2. Pass xtest

Signed-off-by: wangwen <wangwen

plat-marvell: Add initial support for ARMADA3700

Only test 64bit mode with default configuration

1. Build command
make PLATFORM=marvell-armada3700
2. Pass xtest

Signed-off-by: wangwen <wangwen@marvell.comi>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Kevin Peng <kevinp@marvell.com>

show more ...

core: pta_socket: add TA_FLAG_CONCURRENT

Adds flag TA_FLAG_CONCURRENT to PTA socket used by the socket
implementation. This avoids one TA blocking another unrelated TA both
doing socket operations.

core: pta_socket: add TA_FLAG_CONCURRENT

Adds flag TA_FLAG_CONCURRENT to PTA socket used by the socket
implementation. This avoids one TA blocking another unrelated TA both
doing socket operations.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: crypto: fix AES-GCM counter increase

In pmull_gcm_encrypt() and pmull_gcm_decrypt() it was assumed that it's
enough to only increase the least significant 64-bits of the counter fed
to th

core: arm: crypto: fix AES-GCM counter increase

In pmull_gcm_encrypt() and pmull_gcm_decrypt() it was assumed that it's
enough to only increase the least significant 64-bits of the counter fed
to the block cipher. This can hold for 96-bit IVs, but not for IVs of
any other length as the number stored in the least significant 64-bits
of the counter can't be easily predicted.

In this patch pmull_gcm_encrypt() and pmull_gcm_decrypt() are updated to
increase the entire counter, at the same time is the interface changed
to accept the counter in little endian format instead.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU, Hikey)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto: add new AES-GCM implementation

Adds a new AES-GCM implementation optimized for hardware acceleration.

This implementation is enabled by default, to use the implementation in
libTomCry

core: crypto: add new AES-GCM implementation

Adds a new AES-GCM implementation optimized for hardware acceleration.

This implementation is enabled by default, to use the implementation in
libTomCrypt instead set CFG_CRYPTO_AES_GCM_FROM_CRYPTOLIB=y.

Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960)
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add CFG_CRYPTO_AES_GCM_FROM_CRYPTOLIB

Adds CFG_CRYPTO_AES_GCM_FROM_CRYPTOLIB which if y will enable AES-GCM in
the crypto library and use that as the implementation used by
crypto_authen_*() f

core: add CFG_CRYPTO_AES_GCM_FROM_CRYPTOLIB

Adds CFG_CRYPTO_AES_GCM_FROM_CRYPTOLIB which if y will enable AES-GCM in
the crypto library and use that as the implementation used by
crypto_authen_*() functions.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add core/crypto.mk with CFG_CRYPTO* flags

Moves CFG_CRYPTO* and _CFG_CRYPTO flags in core/lib/libtomcrypt/sub.mk
to core/crypto.mk.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Si

core: add core/crypto.mk with CFG_CRYPTO* flags

Moves CFG_CRYPTO* and _CFG_CRYPTO flags in core/lib/libtomcrypt/sub.mk
to core/crypto.mk.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-vexpress: Juno: CFG_HWSUPP_PMULL=y

Takes full advantage of LTC GHASH acceleration by using the pmull
instruction.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens W

plat-vexpress: Juno: CFG_HWSUPP_PMULL=y

Takes full advantage of LTC GHASH acceleration by using the pmull
instruction.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

hikey{,960}: CFG_HWSUPP_PMULL=y

Takes full advantage of LTC GHASH acceleration by using the pmull
instruction.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander

hikey{,960}: CFG_HWSUPP_PMULL=y

Takes full advantage of LTC GHASH acceleration by using the pmull
instruction.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

LTC: add GHASH acceleration

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

core: import GHASH acceleration routines

Imports assembly code for accelerated GHASH computations and provides an
interface for using these low level functions.

The assembly code relies on features

core: import GHASH acceleration routines

Imports assembly code for accelerated GHASH computations and provides an
interface for using these low level functions.

The assembly code relies on features now available in all ARM cores. No
assembly code is enabled at all unless CFG_CRYPTO_WITH_CE = y. Code
using the PMULL/PMULL2 instruction is enabled with CFG_HWSUPP_PMULL = y.

The assembly code is written by Ard Biesheuvel
<ard.biesheuvel@linaro.org> and modified slightly here to fit better
into OP-TEE.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: io.h: add {get,put}_be{16,32,64}()

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

core: arm64: add mov_imm assembly macro

Implement a macro mov_imm that can be used to move an immediate constant
into a 64-bit register, using between 2 and 4 movz/movk instructions
(depending on th

core: arm64: add mov_imm assembly macro

Implement a macro mov_imm that can be used to move an immediate constant
into a 64-bit register, using between 2 and 4 movz/movk instructions
(depending on the operand)

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Rewrite mem_usage.awk in Python

Rewrite the memory usage script in Python. No functional change, except
that the script now takes tee.elf as an argument instead of processing
the output of readelf.

Rewrite mem_usage.awk in Python

Rewrite the memory usage script in Python. No functional change, except
that the script now takes tee.elf as an argument instead of processing
the output of readelf. The makefile (make mem_usage) is adjusted
accordingly.

This makes the script shorter and easier to call, and it is now
possible to add command line options.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: avoid warning in wq_wake_next()

avoid:
core/arch/arm/kernel/wait_queue.c: In function 'wq_wake_next':
core/arch/arm/kernel/wait_queue.c:155:7: error: 'wake_read' may be used uninitialized in t

core: avoid warning in wq_wake_next()

avoid:
core/arch/arm/kernel/wait_queue.c: In function 'wq_wake_next':
core/arch/arm/kernel/wait_queue.c:155:7: error: 'wake_read' may be used uninitialized in this function [-Werror=maybe-uninitialized]
if (wqe->wait_read != wake_read)

When building with gcc 5.3.1

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: pta: add PTA_INVOKE_TESTS_CMD_MUTEX

Adds test functions PTA_INVOKE_TESTS_CMD_MUTEX the invoke tests PTA
(PTA_INVOKE_TESTS_UUID). The PTA_INVOKE_TESTS_CMD_MUTEX function is used
to test in part

core: pta: add PTA_INVOKE_TESTS_CMD_MUTEX

Adds test functions PTA_INVOKE_TESTS_CMD_MUTEX the invoke tests PTA
(PTA_INVOKE_TESTS_UUID). The PTA_INVOKE_TESTS_CMD_MUTEX function is used
to test in particular read and write mutex, but also mutex over all.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: extend mutex to support read locks

Extends mutex implementation to support read locks in addition to the
default lock which has write lock semantics.

With read locks multiple threads can simu

core: extend mutex to support read locks

Extends mutex implementation to support read locks in addition to the
default lock which has write lock semantics.

With read locks multiple threads can simultaneously acquire a read lock,
typically used for read only access to a shared resource.

The default mutex_lock behaves as a write lock with only a single thread
at a time able to acquire the write lock, typically used for exclusive
access to a shared resource.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: allow multithreaded pseudo TAs

Introduces TA_FLAG_CONCURRENT valid for pseudo TAs only which allows
concurrent execution of the TA.

With this change a pseudo TA configured with TA_FLAG_CONCUR

core: allow multithreaded pseudo TAs

Introduces TA_FLAG_CONCURRENT valid for pseudo TAs only which allows
concurrent execution of the TA.

With this change a pseudo TA configured with TA_FLAG_CONCURRENT would
accept multiple sessions where each can be used concurrently with the
other sessions.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

optee: use correct type to hold exceptions state

cpu_spin_lock_xsave() returns exceptions state in uin32_t, not
in unsigned int.

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-b

optee: use correct type to hold exceptions state

cpu_spin_lock_xsave() returns exceptions state in uin32_t, not
in unsigned int.

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...