arm64: add support for NEON/VFP in TEE core (CFG_WITH_VFP=y)

Implements the state preservation functions for the Advanced SIMD and
floating-point registers on AArch64. This is required to run floati

arm64: add support for NEON/VFP in TEE core (CFG_WITH_VFP=y)

Implements the state preservation functions for the Advanced SIMD and
floating-point registers on AArch64. This is required to run floating-
point, Advanced SIMD (a.k.a. NEON), or Cryptographic Extension
instructions in the TEE core.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

Remove unused function vfp_is_vpfinstr()

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand

Remove unused function vfp_is_vpfinstr()

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

Move fail recovery logic to tee_fs_common.c

This patch tries to move REE filesystem operations to a common
file (tee_fs_common.c), and let tee_enc_fs.c concentrated on file
encryption and authentica

Move fail recovery logic to tee_fs_common.c

This patch tries to move REE filesystem operations to a common
file (tee_fs_common.c), and let tee_enc_fs.c concentrated on file
encryption and authentications.

For the atomic file operation (rollback to previous commit if operation
failed), it can be handled in the common file. Both tee_fs.c and
tee_enc_fs.c replied on tee_fs_common.c, thus both of them can gain
atomicy property.

Signed-off-by: SY Chiu <sy.chiu@linaro.org>
Tested-by: SY Chiu <sy.chiu@linaro.org> (QEMU)
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

Fail recovery in encrypted file system

- File will be deleted if the file content of a new created file
cannot be successfully encrypted and write back to normal world
file system.

Signed-off-b

Fail recovery in encrypted file system

- File will be deleted if the file content of a new created file
cannot be successfully encrypted and write back to normal world
file system.

Signed-off-by: James Kung <james.kung@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: SY Chiu <sy.chiu@linaro.org>
Tested-by: James Kung <james.kung@linaro.org> (QEMU)
Tested-by: SY Chiu <sy.chiu@linaro.org> (QEMU)
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)

show more ...

Enhancing Secure Storage

- Implement encrypted file system key manager
* Key generation for SSK, FEK
* Provide helper APIs to do file encryption/decryption
* Finished key manager test cases fo

Enhancing Secure Storage

- Implement encrypted file system key manager
* Key generation for SSK, FEK
* Provide helper APIs to do file encryption/decryption
* Finished key manager test cases for file encryption/decryption tests

- Implements encrypted file system operations file-based operation
* file content is encrypted and MACed before storing
on normal world file system.
* file hole is not implemented because this is
meaningless in the context of secure storage.

Signed-off-by: SY Chiu <sy.chiu@linaro.org>
Signed-off-by: James Kung <james.kung@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: SY Chiu <sy.chiu@linaro.org> (QEMU)
Tested-by: James Kung <james.kung@linaro.org> (QEMU)
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)

show more ...

Fix unaligned lo and hi in tee_mm_init

Fixes #304

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Pascal Brand <pascal.brand@st.com>

Fix objdump warning

If version.o is compiled with -g3, which is the case for several platforms
since commit c974c7ddc7d8 ("plat-stm: use generic linker script") which
introduces the use of $(platfor

Fix objdump warning

If version.o is compiled with -g3, which is the case for several platforms
since commit c974c7ddc7d8 ("plat-stm: use generic linker script") which
introduces the use of $(platform-cflags) when compiling version.o, objdump
produces a warning:

$ make PLATFORM=vexpress-qemu_virt
<...>
OBJDUMP out/arm-plat-vexpress/core/tee.dmp
BFD: Dwarf Error: mangled line number section.

The object file does not look right (or objdump does not decode it
properly?):

$ arm-linux-gnueabihf-objdump -W out/arm-plat-vexpress/core/version.o \
>/dev/null
arm-linux-gnueabihf-objdump: Warning: Badly formed extended line op
encountered!

Just remove the offending flag to workaround the issue.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Fix pager

Commit c974c7ddc7d8 ("plat-stm: use generic linker script") breaks
CFG_WITH_PAGER=y because it adds $(platform-cflags) to the C flags for
version.o. This is correct, otherwise the compiler

Fix pager

Commit c974c7ddc7d8 ("plat-stm: use generic linker script") breaks
CFG_WITH_PAGER=y because it adds $(platform-cflags) to the C flags for
version.o. This is correct, otherwise the compiler may generate code
that is not suitable for the platform (such as floating-point
instructions when we don't expect them).

However, compiling version.o with $(platform-cflags) brings in
-fdata-sections which has an unfortunate side effect: the object is not
included in the non-pageable code unless we add it explicitely.
This is what this commit does.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-stm: use generic linker script

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.o

plat-stm: use generic linker script

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

plat-stm: CFG_GENERIC_BOOT=y

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Tested-by: Pascal Brand <pascal.brand@linaro.org

plat-stm: CFG_GENERIC_BOOT=y

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU platform)
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

plat-stm: tz_sinit.c becomes very close to generic_entry_a32.S

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Pascal Brand <pascal.brand@st.com>

Out of memory check fix for tee_mm_alloc

This is to address issue #304 where tee_mm_alloc has an
incorrect check for out of memory condition.

Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Rev

Out of memory check fix for tee_mm_alloc

This is to address issue #304 where tee_mm_alloc has an
incorrect check for out of memory condition.

Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Youssef Esmat <youssef.esmat@microsoft.com>

show more ...

hikey: enable SHA1 and SHA256 crypto extensions by default on aarch32

This results in a 3.4x speed improvement on a mixed SHA1 and SHA256 test.
I used xtest 4001, modified to run 2 test loops (one f

hikey: enable SHA1 and SHA256 crypto extensions by default on aarch32

This results in a 3.4x speed improvement on a mixed SHA1 and SHA256 test.
I used xtest 4001, modified to run 2 test loops (one for SHA1 and one for
SHA256) on a 32 KiB buffer. The buffer is hashed 10,000 times in each
loop. I measured the total elapsed time for a test run.
aarch64 numbers are given for comparison although crypto extensions are
not supported in this case.

Test case # runs min avg max stddev relative
(s) (s) (s) (%) speed
-------------- ------ ----- ----- ----- ------ ---------
aarch32, no CE 10 18.65 18.86 19.49 1.7 1.00
aarch32, CE 10 5.49 5.60 5.67 1.0 3.37
aarch64 10 22.02 22.14 22.83 1.2 0.85

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Fix compile error

Some versions of GCC produce a "may be used uninitialized" error when
DEBUG=0 CFG_TEE_CORE_LOG_LEVEL=3.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by:

Fix compile error

Some versions of GCC produce a "may be used uninitialized" error when
DEBUG=0 CFG_TEE_CORE_LOG_LEVEL=3.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

TEE_HANDLE_FLAG_INITIALIZED cleared in tee_svc_cryp_obj_reset()

Signed-off-by: Pascal Brand <pascal.brand@st.com>
Reviewed-by: Jean-Michel DELORME <jean-michel.delorme@st.com>
Reviewed-by: Joakim Be

TEE_HANDLE_FLAG_INITIALIZED cleared in tee_svc_cryp_obj_reset()

Signed-off-by: Pascal Brand <pascal.brand@st.com>
Reviewed-by: Jean-Michel DELORME <jean-michel.delorme@st.com>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Move SMALL_PAGE_* defines to core_mmu.h

Moves SMALL_PAGE_* to core_mmu.h and removes
core/arch/arm/include/mm/tee_mm_def.h

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pas

Move SMALL_PAGE_* defines to core_mmu.h

Moves SMALL_PAGE_* to core_mmu.h and removes
core/arch/arm/include/mm/tee_mm_def.h

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

GP Internal Core API v1.1 : TEE configuration properties

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier

GP Internal Core API v1.1 : TEE configuration properties

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

Remove RTT0 and RTT1 support

Removes the support for RTT0 and RTT1 as we don't have a port to any
hardware with RTT0 and RTT1.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by:

Remove RTT0 and RTT1 support

Removes the support for RTT0 and RTT1 as we don't have a port to any
hardware with RTT0 and RTT1.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

Add sparse support [C=1]

Adds support to check source files with sparse when C=1 on the command
line. Only files that are recompiled are checked.

Note that sparse isn't very useful at this stage si

Add sparse support [C=1]

Adds support to check source files with sparse when C=1 on the command
line. Only files that are recompiled are checked.

Note that sparse isn't very useful at this stage since the source code
need changes to be more sparse friendly.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

Fix CFG_TEE_CORE_EMBED_INTERNAL_TESTS macro

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Pascal Brand <pascal.br

Fix CFG_TEE_CORE_EMBED_INTERNAL_TESTS macro

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

Clean/simplify supplicant RPC parameters

Tested on HiKey with 32-bit and 64-bit TEE Core.

Note: this commit depends on:
https://github.com/OP-TEE/optee_client/pull/32
https://github.com/OP-TEE/op

Clean/simplify supplicant RPC parameters

Tested on HiKey with 32-bit and 64-bit TEE Core.

Note: this commit depends on:
https://github.com/OP-TEE/optee_client/pull/32
https://github.com/OP-TEE/optee_linuxdriver/pull/22

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-stm: main.c now use generic_boot.c

Yet another step towrds generic boot on plat-stm
plat-stm/main.c is now minimized by including
kernel/generic_boot.c

Reviewed-by: Joakim Bech <joakim.bech@li

plat-stm: main.c now use generic_boot.c

Yet another step towrds generic boot on plat-stm
plat-stm/main.c is now minimized by including
kernel/generic_boot.c

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

Generic console initialization code

Signed-off-by: SY Chiu <sy.chiu@linaro.org>
Tested-by: SY Chiu <sy.chiu@linaro.org> (MT8173 EVB)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

Mediatek mt8173 platform support

Add support for Mediatek mt8173 platform with 32bit
and 64bit OP-TEE OS. Due to Mediatek ATF firmware
limitation, this commit only tested with 64bit OP-TEE OS.

Sign

Mediatek mt8173 platform support

Add support for Mediatek mt8173 platform with 32bit
and 64bit OP-TEE OS. Due to Mediatek ATF firmware
limitation, this commit only tested with 64bit OP-TEE OS.

Signed-off-by: James Kung <james.kung@linaro.org>
Signed-off-by: SY Chiu <sy.chiu@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey)
Tested-by: James Kung <james.kung@linaro.org> (MT8173 EVB)
Tested-by: SY Chiu <sy.chiu@linaro.org> (MT8173 EVB)

NOTE: To test this on MT8173 EVB, you need to update firmware
please refer to https://github.com/m943040028/evb-utils

show more ...

core: log build information on init

Build information includes:

- Version string as returned by 'git describe --always --dirty'
- Build counter (#1 initially or after 'make clean')
- Build date/tim

core: log build information on init

Build information includes:

- Version string as returned by 'git describe --always --dirty'
- Build counter (#1 initially or after 'make clean')
- Build date/time
- Linker architecture ('arm', 'aarch64')

For example: 0.2.0-107-g985d7d8 #1 Tue May 12 16:49:14 UTC 2015 aarch64

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...