Align __start_ta_head_section on 8-byte boundary

Fixes an issue on 64-bit HiKey when running the self-tests of
https://github.com/OP-TEE/optee_os/pull/371. The tests would pass
when CFG_TEE_CORE_LOG

Align __start_ta_head_section on 8-byte boundary

Fixes an issue on 64-bit HiKey when running the self-tests of
https://github.com/OP-TEE/optee_os/pull/371. The tests would pass
when CFG_TEE_CORE_LOG_LEVEL=2 but fail with static TA not found
when log level is 3.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core pl011: enable RT interrupt

Enables Receive Timeout interrupt when initializing a PL011 uart. This
will generate an interrupt very soon after each key press in the
terminal.

Signed-off-by: Jens

core pl011: enable RT interrupt

Enables Receive Timeout interrupt when initializing a PL011 uart. This
will generate an interrupt very soon after each key press in the
terminal.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (FVP)
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

ECC: sign and self tests, at crypto_ops level

Note that in case of pager, the emulated esram size
has been increased from 200KB to 256KB.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Rev

ECC: sign and self tests, at crypto_ops level

Note that in case of pager, the emulated esram size
has been increased from 200KB to 256KB.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey 32 & 64-bit)
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey with pager)
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU platform)
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

arm64: fix buffer overflows when copying kernel addresses to user space

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by:

arm64: fix buffer overflows when copying kernel addresses to user space

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

Fix buffer length test in tee_svc_cryp_obj_populate_type()

Make sure attribute is of reference type before checking its ref.length.
Fixes failure of xtest 4007 (TEE_ATTR_DH_X_BITS attribute) on HiKe

Fix buffer length test in tee_svc_cryp_obj_populate_type()

Make sure attribute is of reference type before checking its ref.length.
Fixes failure of xtest 4007 (TEE_ATTR_DH_X_BITS attribute) on HiKey and
FVP with 64-bit TEE core. Tested on HiKey and FVP (32 and 64-bit).

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Cedric Chaumont <cedric.chaumont@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

ECC: gen_ecc_key HAL

Implementation and test of crypto_ops.acipher.gen_ecc_key

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: P

ECC: gen_ecc_key HAL

Implementation and test of crypto_ops.acipher.gen_ecc_key

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU)
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

arm64: AES using ARMv8-A cryptographic extensions

Adds AES acceleration to LibTomCrypt when CFG_CRYPTO_AES_ARM64_CE=y.

This commit implements an ltc_cipher_descriptor with accelerated
encryption an

arm64: AES using ARMv8-A cryptographic extensions

Adds AES acceleration to LibTomCrypt when CFG_CRYPTO_AES_ARM64_CE=y.

This commit implements an ltc_cipher_descriptor with accelerated
encryption and decryption for AES modes: ECB, CBC and CTR.
XTS will also benefit from CE acceleration since it relies on
ecb_encrypt() and ecb_decrypt(), but it may be beneficial to later
add multiple-blocks XTS operations to the descriptor.

The ARMv8 CE assembler code comes from the Linux kernel:
arch/arm64/crypto/{aes-modes.S,aes-ce.S,aes-ce-cipher.c}.

Tested on HiKey. CE code was benchmarked against plain C code using
the test application at http://github.com/linaro-swg/aes-perf.git.
A Trusted Application is invoked to encrypt a buffer of a given
size using TEE_CipherUpdate(). The client application measures the
time it takes for TEEC_InvokeCommand() to execute. The throughput
values below are computed from the average time it takes to encrypt
one buffer of the specified size. '+' after a mode means accelerated
with crypto extensions.

Average encryption speed (MiB/s):

Size | Mode
(KiB) | ECB CBC CTR XTS ECB+ CBC+ CTR+ XTS+
------+--------------------------------------------------
1 | 11.8 10.6 10.2 9.2 23.7 23.2 23.5 13.0
2 | 15.6 13.5 12.8 11.7 46.4 44.9 45.7 18.3
4 | 18.6 15.8 14.8 13.6 89.4 84.1 87.5 23.0
8 | 20.6 17.2 16.1 14.7 165.4 148.1 159.3 26.3
16 | 21.8 17.9 16.8 15.4 292.3 240.2 272.2 28.4
32 | 22.4 18.4 17.1 15.8 470.4 351.9 422.2 29.6
64 | 22.8 18.6 17.3 16.0 684.6 461.6 585.0 30.3
128 | 23.0 18.7 17.4 16.1 884.2 546.6 726.5 30.6

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>

show more ...

ECC: Update LTC code from branch develop

Synchronize https://github.com/libtom/libtomcrypt,
src/pk/ecc, at sha1=aeaa6d4a515f390515c21f1678e11b52b81d1ada

Reviewed-by: Cedric Chaumont <cedric.chaumon

ECC: Update LTC code from branch develop

Synchronize https://github.com/libtom/libtomcrypt,
src/pk/ecc, at sha1=aeaa6d4a515f390515c21f1678e11b52b81d1ada

Reviewed-by: Cedric Chaumont <cedric.chaumont@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU)
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

GP Internal Core API v1.1 : enable LibTomCrypt's ECC code

Note: ECC-256 commented (legacy)

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Jerome Forissier <jerome.forissier@li

GP Internal Core API v1.1 : enable LibTomCrypt's ECC code

Note: ECC-256 commented (legacy)

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

GP Internal Core API v1.1 : Transient Object Functions

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.w

GP Internal Core API v1.1 : Transient Object Functions

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

File Storage: fix position in case of seek

Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey 32-bit)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Pascal Bran

File Storage: fix position in case of seek

Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey 32-bit)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

core: mm: fix adding integer overflow issue

On ARMv7 platform, it is easy that "base + size" wraps down to 0.
For example, base is 0xfc100000, size is 0x3f00000, then base + size is 0.
We should use

core: mm: fix adding integer overflow issue

On ARMv7 platform, it is easy that "base + size" wraps down to 0.
For example, base is 0xfc100000, size is 0x3f00000, then base + size is 0.
We should use the "end" address to do the comparation, but not "end + 1".

This patch also can be used for ARMv8.

Signed-off-by: Peng Fan <van.freenix@gmail.com>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU platform)
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey 32/64-bit)

show more ...

core: preallocate RPC argument

Preallocates an RPC argument structure when starting a new thread. Since
a thread can only have one active RPC at a time it's enough to allocate
one RPC argument for a

core: preallocate RPC argument

Preallocates an RPC argument structure when starting a new thread. Since
a thread can only have one active RPC at a time it's enough to allocate
one RPC argument for all RPC during the lifetime of the thread. The
preallocated RPC argument is used internally by thread_rpc_cmd(). This
simplifies all calls to thread_rpc_cmd().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

arm32: core_mmu_v7 clear tbl_info.table before use

Clear tlb_info.table before use, because there maybe junk
data in this area. If not, system may crash when setting
ttbr0 as following:
core_mmu_se

arm32: core_mmu_v7 clear tbl_info.table before use

Clear tlb_info.table before use, because there maybe junk
data in this area. If not, system may crash when setting
ttbr0 as following:
core_mmu_set_user_map->write_ttbr0(map->ttbr0);

Signed-off-by: Peng Fan <van.freenix@gmail.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

arm64: rewrite register access functions with macros

Reduces code duplication.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

arm64: rewrite register access functions with macros

Reduces code duplication.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

GP Internal Core API v1.1 : TEE_CreatePersistentObject

Deprecated TEE_DATA_FLAG_EXCLUSIVE
Replaced by TEE__DATA_FLAG_OVERWRITE

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: J

GP Internal Core API v1.1 : TEE_CreatePersistentObject

Deprecated TEE_DATA_FLAG_EXCLUSIVE
Replaced by TEE__DATA_FLAG_OVERWRITE

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

arm: fixes FIQ problem with pager enabled

Fixes occasional FIQ problem when pager is enabled.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@lin

arm: fixes FIQ problem with pager enabled

Fixes occasional FIQ problem when pager is enabled.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (Juno, qemu)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

arm64: add support for NEON/VFP in TEE core (CFG_WITH_VFP=y)

Implements the state preservation functions for the Advanced SIMD and
floating-point registers on AArch64. This is required to run floati

arm64: add support for NEON/VFP in TEE core (CFG_WITH_VFP=y)

Implements the state preservation functions for the Advanced SIMD and
floating-point registers on AArch64. This is required to run floating-
point, Advanced SIMD (a.k.a. NEON), or Cryptographic Extension
instructions in the TEE core.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

Remove unused function vfp_is_vpfinstr()

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand

Remove unused function vfp_is_vpfinstr()

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

Move fail recovery logic to tee_fs_common.c

This patch tries to move REE filesystem operations to a common
file (tee_fs_common.c), and let tee_enc_fs.c concentrated on file
encryption and authentica

Move fail recovery logic to tee_fs_common.c

This patch tries to move REE filesystem operations to a common
file (tee_fs_common.c), and let tee_enc_fs.c concentrated on file
encryption and authentications.

For the atomic file operation (rollback to previous commit if operation
failed), it can be handled in the common file. Both tee_fs.c and
tee_enc_fs.c replied on tee_fs_common.c, thus both of them can gain
atomicy property.

Signed-off-by: SY Chiu <sy.chiu@linaro.org>
Tested-by: SY Chiu <sy.chiu@linaro.org> (QEMU)
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

Fail recovery in encrypted file system

- File will be deleted if the file content of a new created file
cannot be successfully encrypted and write back to normal world
file system.

Signed-off-b

Fail recovery in encrypted file system

- File will be deleted if the file content of a new created file
cannot be successfully encrypted and write back to normal world
file system.

Signed-off-by: James Kung <james.kung@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: SY Chiu <sy.chiu@linaro.org>
Tested-by: James Kung <james.kung@linaro.org> (QEMU)
Tested-by: SY Chiu <sy.chiu@linaro.org> (QEMU)
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)

show more ...

Enhancing Secure Storage

- Implement encrypted file system key manager
* Key generation for SSK, FEK
* Provide helper APIs to do file encryption/decryption
* Finished key manager test cases fo

Enhancing Secure Storage

- Implement encrypted file system key manager
* Key generation for SSK, FEK
* Provide helper APIs to do file encryption/decryption
* Finished key manager test cases for file encryption/decryption tests

- Implements encrypted file system operations file-based operation
* file content is encrypted and MACed before storing
on normal world file system.
* file hole is not implemented because this is
meaningless in the context of secure storage.

Signed-off-by: SY Chiu <sy.chiu@linaro.org>
Signed-off-by: James Kung <james.kung@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: SY Chiu <sy.chiu@linaro.org> (QEMU)
Tested-by: James Kung <james.kung@linaro.org> (QEMU)
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)

show more ...

Fix unaligned lo and hi in tee_mm_init

Fixes #304

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Pascal Brand <pascal.brand@st.com>

Fix objdump warning

If version.o is compiled with -g3, which is the case for several platforms
since commit c974c7ddc7d8 ("plat-stm: use generic linker script") which
introduces the use of $(platfor

Fix objdump warning

If version.o is compiled with -g3, which is the case for several platforms
since commit c974c7ddc7d8 ("plat-stm: use generic linker script") which
introduces the use of $(platform-cflags) when compiling version.o, objdump
produces a warning:

$ make PLATFORM=vexpress-qemu_virt
<...>
OBJDUMP out/arm-plat-vexpress/core/tee.dmp
BFD: Dwarf Error: mangled line number section.

The object file does not look right (or objdump does not decode it
properly?):

$ arm-linux-gnueabihf-objdump -W out/arm-plat-vexpress/core/version.o \
>/dev/null
arm-linux-gnueabihf-objdump: Warning: Badly formed extended line op
encountered!

Just remove the offending flag to workaround the issue.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Fix pager

Commit c974c7ddc7d8 ("plat-stm: use generic linker script") breaks
CFG_WITH_PAGER=y because it adds $(platform-cflags) to the C flags for
version.o. This is correct, otherwise the compiler

Fix pager

Commit c974c7ddc7d8 ("plat-stm: use generic linker script") breaks
CFG_WITH_PAGER=y because it adds $(platform-cflags) to the C flags for
version.o. This is correct, otherwise the compiler may generate code
that is not suitable for the platform (such as floating-point
instructions when we don't expect them).

However, compiling version.o with $(platform-cflags) brings in
-fdata-sections which has an unfortunate side effect: the object is not
included in the non-pageable code unless we add it explicitely.
This is what this commit does.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...