core: fix the keepalive condition in close session

According to the The GP Internal Core API v1.1:
The keepalive flag should be ignored when the single instance flag is
not set.

Reviewed-by: Jens W

core: fix the keepalive condition in close session

According to the The GP Internal Core API v1.1:
The keepalive flag should be ignored when the single instance flag is
not set.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Zeng Tao <prime.zeng@hisilicon.com>

show more ...

mobj: add mobj_reg_shm and mobj_mapped_shm

mobj_reg_shm represents registered shared memory. This is basically
a list of pages provided by normal world. It can be used to pass
memory parameters to T

mobj: add mobj_reg_shm and mobj_mapped_shm

mobj_reg_shm represents registered shared memory. This is basically
a list of pages provided by normal world. It can be used to pass
memory parameters to TAs.

mobj_mapped_shm is built on top of mobj_reg_shm. It is almost
the same thing, but it is mapped to OP-TEE virtual address space,
so OP-TEE kernel can access such buffers.

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core_mmu: add non-secure DDR ranges support

This patch adds new macro `register_nsec_ddr` which allows
platform code to register non-secure memory ranges.

Signed-off-by: Volodymyr Babchuk <vlad.bab

core_mmu: add non-secure DDR ranges support

This patch adds new macro `register_nsec_ddr` which allows
platform code to register non-secure memory ranges.

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: add linker.h for link script symbols

Moves all core extern declarations of linker script symbols into
<kernel/linker.h>.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off

core: add linker.h for link script symbols

Moves all core extern declarations of linker script symbols into
<kernel/linker.h>.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: imx: use core_mmu_get_va

Use core_mmu_get_va to simplify the code.

Signed-off-by: Peng Fan <peng.fan@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jen

core: arm: imx: use core_mmu_get_va

Use core_mmu_get_va to simplify the code.

Signed-off-by: Peng Fan <peng.fan@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: mmu: add core_mmu_get_va helper function

Add core_mmu_get_va helper function.

Signed-off-by: Peng Fan <peng.fan@nxp.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-b

core: mmu: add core_mmu_get_va helper function

Add core_mmu_get_va helper function.

Signed-off-by: Peng Fan <peng.fan@nxp.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

OP-TEE Benchmark

OP-TEE Benchmark feature provides timestamp data for the roundtrip time
from libteec to OP-TEE OS core.

Benchmark PTA handles registration/unregistration commands of timestamp
buff

OP-TEE Benchmark

OP-TEE Benchmark feature provides timestamp data for the roundtrip time
from libteec to OP-TEE OS core.

Benchmark PTA handles registration/unregistration commands of timestamp
buffer, invoked by optee_benchmark NW application, and performs
registration of timestamp buffer in the linux kernel optee driver via
RPC call.

To enable this feature set CFG_TEE_BENCHMARK compile flag to "y".

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>

show more ...

Remove CFG_SMALL_PAGE_USER_TA=n

Removes CFG_SMALL_PAGE_USER_TA and keep the code that was activated by
CFG_SMALL_PAGE_USER_TA=y. This means that CFG_SMALL_PAGE_USER_TA=n which
resulted in TA being m

Remove CFG_SMALL_PAGE_USER_TA=n

Removes CFG_SMALL_PAGE_USER_TA and keep the code that was activated by
CFG_SMALL_PAGE_USER_TA=y. This means that CFG_SMALL_PAGE_USER_TA=n which
resulted in TA being mapped using 1 MiB or 2 MiB granularity is removed.

Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: sparse fix: generic_boot.c

Fixes all sparse warnings in generic_boot.c except the ones related to
panic().

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wikl

core: sparse fix: generic_boot.c

Fixes all sparse warnings in generic_boot.c except the ones related to
panic().

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: sparse fix: tmp_stack

Fixes the sparse warnings related to tmp_stack. The fix actually remove
some instructions from the assembly code initializing the temporary
stack pointer.

Reviewed-by: J

core: sparse fix: tmp_stack

Fixes the sparse warnings related to tmp_stack. The fix actually remove
some instructions from the assembly code initializing the temporary
stack pointer.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: sparse fix: almost entire thread.c

Fixes all sparse warnings in thread.c except the ones related to
stack_tmp and panic().

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-o

core: sparse fix: almost entire thread.c

Fixes all sparse warnings in thread.c except the ones related to
stack_tmp and panic().

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: sparse fix: pm_panic

Removes __noreturn attribute from pm_panic() to avoid sparse warnings
when used to initialize struct thread_handlers.

Reviewed-by: Jerome Forissier <jerome.forissier@lina

core: sparse fix: pm_panic

Removes __noreturn attribute from pm_panic() to avoid sparse warnings
when used to initialize struct thread_handlers.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: keep.h: sparse fixes for KEEP_*() macros

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

core: remove __early_bss

Initialize the .bss section early from assembler before entering C
code. As a result, the __early_bss qualifier is not needed anymore.
Remove it, as well as the related symb

core: remove __early_bss

Initialize the .bss section early from assembler before entering C
code. As a result, the __early_bss qualifier is not needed anymore.
Remove it, as well as the related symbols (__early_bss_start and
__early_bss_end).

This makes the code simpler hence easier to maintain, at the expense
of initialization time, since .bss is cleared before CPU caches are
turned on (and doing it later would mean some C function have been
called already). Here are some performance numbers measured on HiKey.
The "memset" column measures the time it takes to clear .bss in C,
without this patch. The "assembly" column reports the time taken by the
clear_bss loop in this patch. Timings were performed using CNTPCT.
Worst case is a ~1 ms overhead in boot time.

memset(): | assembly:
ms (bytes) | ms (bytes)
--------------+--------------
Aarch64 0.30 (72824) | 0.08 (73528)
Aarch32 0.27 (65016) | 1.24 (65408)
Aarch32/pager 0.03 (11328) | 0.23 (11736)

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (QEMU)
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey 32/64)
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey/pager)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: make pager aliased paged not always writable

This change lower the attack surface of executable memory in
the pager by allowing write access to aliased virtual pages
related to read-only conte

core: make pager aliased paged not always writable

This change lower the attack surface of executable memory in
the pager by allowing write access to aliased virtual pages
related to read-only content (including executable content)
only when pager needs to update page content.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Etienne Carriere <etienne.carriere@linaro.org> (qemu_virt)
Tested-by: Etienne Carriere <etienne.carriere@st.com> (b2260)

show more ...

core: tee_mmu_check_access_rights() use ADD_OVERFLOW()

Replaces the integer overflow check in tee_mmu_check_access_rights()
with ADD_OVERFLOW()

Reviewed-by: Etienne Carriere <etienne.carriere@linar

core: tee_mmu_check_access_rights() use ADD_OVERFLOW()

Replaces the integer overflow check in tee_mmu_check_access_rights()
with ADD_OVERFLOW()

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: set_invoke_timeout() use ADD_OVERFLOW()

Replaces the integer overflow checks in set_invoke_timeout() with
ADD_OVERFLOW()

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off

core: set_invoke_timeout() use ADD_OVERFLOW()

Replaces the integer overflow checks in set_invoke_timeout() with
ADD_OVERFLOW()

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: tee_svc_copy_param() use ADD_OVERFLOW()

Replaces the integer overflow check in tee_svc_copy_param() with
ADD_OVERFLOW()

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-

core: tee_svc_copy_param() use ADD_OVERFLOW()

Replaces the integer overflow check in tee_svc_copy_param() with
ADD_OVERFLOW()

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: elf load: use overflow macros

Uses the overflow macros to test for integer overflows when loading an
ELF file.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens

core: elf load: use overflow macros

Uses the overflow macros to test for integer overflows when loading an
ELF file.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: factorize cpu support

Create core/arch/arm/cpu/<cpu-name>.mk to store CPU generic configurations
settings. Update supported platforms to rely on the generic CPU support.

Platform shall still

core: factorize cpu support

Create core/arch/arm/cpu/<cpu-name>.mk to store CPU generic configurations
settings. Update supported platforms to rely on the generic CPU support.

Platform shall still specify whether they support or not the NEON
extension.

Cortex-A53 and Cortex-A57 are all ARMv8.0 compliant. For ARMv8 core,
we will use ARMv8-A architecture minor version configuration files.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: enable write-implies-execute-never when applicable

HW may or may not support STCLR "WXN" configuration field.
CFG_HWSUPP_MEM_PERM_WXN reflects this state. AArch64 is assumed to
always support

core: enable write-implies-execute-never when applicable

HW may or may not support STCLR "WXN" configuration field.
CFG_HWSUPP_MEM_PERM_WXN reflects this state. AArch64 is assumed to
always support this field.

Enable the "WXN" (and UWXN) bits in STCLR upon configuration directive
CFG_CORE_RWDATA_NOEXEC.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: use only KEEP*() macros for dependencies

Replaces the last $(entries-unpaged) and $(entries-init) which are hard
coded in link.mk with KEEP_* annotations inside the source files
instead.

Revi

core: use only KEEP*() macros for dependencies

Replaces the last $(entries-unpaged) and $(entries-init) which are hard
coded in link.mk with KEEP_* annotations inside the source files
instead.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (HiKey pager)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU pager)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: bugfix assembly KEEP_*() macros

Fixes two bugs in the assembly version of the KEEP_*() macros.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Acked-by: Jerome Forissier <jerome.foris

core: bugfix assembly KEEP_*() macros

Fixes two bugs in the assembly version of the KEEP_*() macros.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: remove KEEP_*() macro workaround

Now that the AArch64 linking problem has be sorted out remove the
temporary workaround introduced in:
commit c3d13c95da89 ("core: workaround KEEP_*() macro pro

core: remove KEEP_*() macro workaround

Now that the AArch64 linking problem has be sorted out remove the
temporary workaround introduced in:
commit c3d13c95da89 ("core: workaround KEEP_*() macro problem")

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: avoid incremental linking with -gc

The AArch64 linkers seems to have occasional problems with incremental
linking (-i) in combination with garbage collect of sections (-gc). The
way we're orga

core: avoid incremental linking with -gc

The AArch64 linkers seems to have occasional problems with incremental
linking (-i) in combination with garbage collect of sections (-gc). The
way we're organizing the layout of the binary used for paging depends on
-gc to build the different dependency trees for unpaged and
initialization code.

The problem in the linker is tracked in
https://bugs.linaro.org/show_bug.cgi?id=3006 and
https://sourceware.org/bugzilla/show_bug.cgi?id=21524

The problem typically manifests itself by:
aarch64-toolchain/gcc-linaro-6.3.1-2017.02-x86_64_aarch64-linux-gnu/bin/aarch64-linux-gnu-ld: BFD (Linaro_Binutils-2017.02) 2.27.0.20161019 assertion fail /home/tcwg-buildslave/workspace/tcwg-make-release/label/docker-trusty-amd64-tcwg-build/target/aarch64-linux-gnu/snapshots/binutils-gdb.git~linaro_binutils-2_27-branch/bfd/elflink.c:8380
core/arch/arm/kernel/link.mk:90: recipe for target 'out/arm-plat-vexpress/core/init.o' failed
make: *** [out/arm-plat-vexpress/core/init.o] Error 1

With this patch we replace the incremental linking with a full link
using a special link script. With a full link we can't have undefined
symbols so some dummy symbols are provided by the link script when some
object files are skipped when reducing the dependency tree. To
completely get rid of those dummy symbols the script that gathers the
sections is replaced by a python script that skips listed sections (if
provided).

In terms of features in the resulting binary, nothing is changed in this
commit.

Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...