core: mask interrupts at assert or panic()

Masks interrupts at assert or panic() to keep the cpu pinned.

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklan

core: mask interrupts at assert or panic()

Masks interrupts at assert or panic() to keep the cpu pinned.

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm32.h: add address translation functions

Adds more address translation functions that can be useful when
debugging.

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Signed-off-by: Jens Wik

core: arm32.h: add address translation functions

Adds more address translation functions that can be useful when
debugging.

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: thread: release locked unused stack pages

Before this patch when the pager is active the thread stacks uses demand
allocation to add required physical pages to the stacks, but those pages
are

core: thread: release locked unused stack pages

Before this patch when the pager is active the thread stacks uses demand
allocation to add required physical pages to the stacks, but those pages
are never returned to the pool of physical pages.

With this patch when pager is active the locked but currently unused
thread stack pages are released on thread free or RPC. This returns the
previously demand allocated physical pages to the pager.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey)
Reviewed-by: David Brown <david.brown@linaro.org>
Tested-by: David Brown <david.brown@linaro.org> (qemu-32, FVP-64)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: allocate memory pool unlocked

Allocate the LTC memory pool without the TEE_PAGER_AREA_LOCK to allow
paging out data and make more physical pages available for paging.

Reviewed-by: Jerome

core: ltc: allocate memory pool unlocked

Allocate the LTC memory pool without the TEE_PAGER_AREA_LOCK to allow
paging out data and make more physical pages available for paging.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: pager: add support to page out r/w pages

Adds support in pager to page out read-write pages by encrypting them
with AES-GCM to avoid leaking sensitive information. With this patch there
are th

core: pager: add support to page out r/w pages

Adds support in pager to page out read-write pages by encrypting them
with AES-GCM to avoid leaking sensitive information. With this patch there
are three different ways of providing virtual memory:
- read only, where each page is protected with a SHA-256 hash
- read write locked, corresponding with previous zero initialized where
mapped pages are removed from the usual pool of physical pages and
only returned on explicit release
- read write, *new* dirty read write pages triggers update to the
storage using encryption (AES-GCM) before the page is reused.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

pager: add debug prints

Add debug prints that are triggered every 1024th page fault or when the
number of pages available to the pager changes. Useful to find out why
certain tests seems to run slow

pager: add debug prints

Add debug prints that are triggered every 1024th page fault or when the
number of pages available to the pager changes. Useful to find out why
certain tests seems to run slowly when the pager is enabled.

Enabled by CFG_TEE_CORE_DEBUG=y.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

pager: add pager_aes_gcm_{de,en}crypt()

Adds pager_aes_gcm_decrypt() and pager_aes_gcm_encrypt() providing a
pager optimized AES-GCM implementation to be used with read/write
paging.

Reviewed-by: J

pager: add pager_aes_gcm_{de,en}crypt()

Adds pager_aes_gcm_decrypt() and pager_aes_gcm_encrypt() providing a
pager optimized AES-GCM implementation to be used with read/write
paging.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ltc: provide rng_generate()

Adds rng_generate() to the tee_crypt_provider interface to be used by
pager and early initialization code where the complete crypto library
might not be available.

Revie

ltc: provide rng_generate()

Adds rng_generate() to the tee_crypt_provider interface to be used by
pager and early initialization code where the complete crypto library
might not be available.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ltc: bugfix find_prng()

When the prng_descriptor was changed to a pointer to descriptors in
7892cb1bcf8618990ed87458b898b37d6351428f
"ltc: make prng_descriptor a pointer to descriptors"
wasn't the f

ltc: bugfix find_prng()

When the prng_descriptor was changed to a pointer to descriptors in
7892cb1bcf8618990ed87458b898b37d6351428f
"ltc: make prng_descriptor a pointer to descriptors"
wasn't the find_prng() updated properly.
This causes NULL pointer error if
the PRNG name isn't found before the list is exhausted. This patch
fixes this problem.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: fix race to allocate secure buffer

Fixes race to allocate secure buffer for TA to TA communication.

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander

core: fix race to allocate secure buffer

Fixes race to allocate secure buffer for TA to TA communication.

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Update initialization messages

Demote a pager message from EMSG to IMSG and reformat it. Also
reformat the end of initialization message.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.or

Update initialization messages

Demote a pager message from EMSG to IMSG and reformat it. Also
reformat the end of initialization message.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

tee_fs_generate_fek(): return BAD_PARAMETERS when size is invalid

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

ltc: optionally compile with -Os

If CFG_CRYPTO_SIZE_OPTIMIZATION is y libtomcrypt is compiled with -Os
regardless of the value of DEBUG.

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by:

ltc: optionally compile with -Os

If CFG_CRYPTO_SIZE_OPTIMIZATION is y libtomcrypt is compiled with -Os
regardless of the value of DEBUG.

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: struct tee_ta_session: remove calling_sess

Removes calling_sess from struct tee_ta_session as the information is
available via link_tsd instead.

Reviewed-by: Joakim Bech <joakim.bech@linaro.o

core: struct tee_ta_session: remove calling_sess

Removes calling_sess from struct tee_ta_session as the information is
available via link_tsd instead.

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: replace tee_ta_set_current_session()

Replace tee_ta_set_current_session() with tee_ta_push_current_session()
and tee_ta_pop_current_session() to set and restore the current session
in a stack

core: replace tee_ta_set_current_session()

Replace tee_ta_set_current_session() with tee_ta_push_current_session()
and tee_ta_pop_current_session() to set and restore the current session
in a stack like fashion.

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: update tee_svc_copy_{to,from}_user

Removes the sess parameter to tee_svc_copy_to_user(),
tee_svc_copy_from_user() and tee_svc_copy_kaddr_to_uref() as it's always
passed as either NULL or curre

core: update tee_svc_copy_{to,from}_user

Removes the sess parameter to tee_svc_copy_to_user(),
tee_svc_copy_from_user() and tee_svc_copy_kaddr_to_uref() as it's always
passed as either NULL or current session.

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Add support for Spreadtrum SC9860(alias whale2) board

make PLATFORM=sprd-sc9860 [CFG_ARM64_core=y]

Signed-off-by: Aijun Sun <aijun.sun@spreadtrum.com>
Reviewed-by: Jerome Forissier <jerome.forissie

Add support for Spreadtrum SC9860(alias whale2) board

make PLATFORM=sprd-sc9860 [CFG_ARM64_core=y]

Signed-off-by: Aijun Sun <aijun.sun@spreadtrum.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

zynqmp: Map UART memory area as secure

Commit 1e00aeb97ffa ("core: non-linear mapping of secure world devices")
revealed a bug in the ZynqMP platform that mapped the UART non-secure
but looked up it

zynqmp: Map UART memory area as secure

Commit 1e00aeb97ffa ("core: non-linear mapping of secure world devices")
revealed a bug in the ZynqMP platform that mapped the UART non-secure
but looked up its VA as secure memory, resulting in an exception when
accessing the UART registers.
Fixing this by mapping the UART secure, making the mapping consistent
with the VA lookup.

Fixes: dc57f5a0e8f3 ("Add support for ZynqMP")
Signed-off-by: Soren Brinkmann <soren.brinkmann@xilinx.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: boot: make boot parameters unsigned long

Changes all boot parameters passed in registers to be of the type
unsigned long to match the register size and allow greater width on
64-bit systems.

core: boot: make boot parameters unsigned long

Changes all boot parameters passed in registers to be of the type
unsigned long to match the register size and allow greater width on
64-bit systems.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU v7 & v8)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

vexpress: CFG_DT=y for QEMU platforms

Enables Device Tree support for the two QEMU platforms.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wikland

vexpress: CFG_DT=y for QEMU platforms

Enables Device Tree support for the two QEMU platforms.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: generic boot: edit device tree

If configured with CFG_DT configures supplied device tree to add a node
for OP-TEE and reservation of shared memory.

Reviewed-by: Jerome Forissier <jerome.

core: arm: generic boot: edit device tree

If configured with CFG_DT configures supplied device tree to add a node
for OP-TEE and reservation of shared memory.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

arm: generic_boot: Add fdt parameter to entry point (register r2)

When CFG_DT=y, OP-TEE expects to find the address of the Flattened
Device Tree (FDT) binary in r2. The bootloader has to take care o

arm: generic_boot: Add fdt parameter to entry point (register r2)

When CFG_DT=y, OP-TEE expects to find the address of the Flattened
Device Tree (FDT) binary in r2. The bootloader has to take care of
this. r2 is not used when CFG_DT=n.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Import libfdt v1.4.1

Imports libfdt code from https://git.kernel.org/cgit/utils/dtc/dtc.git
tag "v1.4.1" commit 302fca9f4c283e1994cf0a5a9ce1cf43ca15e6d2.

API header files are moved to libfdt/includ

Import libfdt v1.4.1

Imports libfdt code from https://git.kernel.org/cgit/utils/dtc/dtc.git
tag "v1.4.1" commit 302fca9f4c283e1994cf0a5a9ce1cf43ca15e6d2.

API header files are moved to libfdt/include.

Small changes to make fdt.h and libfdt.h c99 compiant.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Suggested-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-hikey: use register_phys_mem()

Uses register_phys_mem to define mapping of devices instead of
the old DEVICE* defines.

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Jerome Foris

plat-hikey: use register_phys_mem()

Uses register_phys_mem to define mapping of devices instead of
the old DEVICE* defines.

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU, FVP)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-vexpress: use register_phys_mem()

Uses register_phys_mem to define mapping of devices instead of
the old DEVICE* defines.

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Signed-off-by: Jens

plat-vexpress: use register_phys_mem()

Uses register_phys_mem to define mapping of devices instead of
the old DEVICE* defines.

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...