Convert configuration variables to CFG_* name

- Rename configuration variables that do not follow the CFG_* convention
- Delete useless -D<VAR> compiler flags
- Slightly reformat mk/conf.mk, add com

Convert configuration variables to CFG_* name

- Rename configuration variables that do not follow the CFG_* convention
- Delete useless -D<VAR> compiler flags
- Slightly reformat mk/conf.mk, add comments

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Rename CFG_TRACE_LEVEL to TRACE_LEVEL

The trace level macro is not meant to be configured directly, it takes its
value from CFG_TEE_CORE_LOG_LEVEL (when the TEE core is compiled) or from
CFG_TEE_TA_

Rename CFG_TRACE_LEVEL to TRACE_LEVEL

The trace level macro is not meant to be configured directly, it takes its
value from CFG_TEE_CORE_LOG_LEVEL (when the TEE core is compiled) or from
CFG_TEE_TA_LOG_LEVEL (when user libraries are compiled). Therefore it should
not have a CFG_ prefix.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add helpers to manage maskable cpu exception

Adds helpers thread_{get,set,mask,unmask}_exceptions() to manage
the AIF bits of CPSR.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
T

core: add helpers to manage maskable cpu exception

Adds helpers thread_{get,set,mask,unmask}_exceptions() to manage
the AIF bits of CPSR.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)

show more ...

vfp.c: add missing license header

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

core: split arm32.h

Splits arm32.h into one ARM generic arm.h and one ARM32 specific arm32.h.
arm32.h should not be included directly, arm.h should be included instead.

Signed-off-by: Jens Wiklande

core: split arm32.h

Splits arm32.h into one ARM generic arm.h and one ARM32 specific arm32.h.
arm32.h should not be included directly, arm.h should be included instead.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

UART cleaning

- Rename core/include/drivers/{uart.h -> pl011.h} and
core/drivers/{uart.c -> pl011.c}. Use pl011_ prefix.
- Remove WITH_UART_DRV, which was used to enable pl011 on vexpress platform

UART cleaning

- Rename core/include/drivers/{uart.h -> pl011.h} and
core/drivers/{uart.c -> pl011.c}. Use pl011_ prefix.
- Remove WITH_UART_DRV, which was used to enable pl011 on vexpress platforms
and sunxi_uart on sunxi platform. Replace it with CFG_PL011 and
CFG_SUNXI_UART.
- Move platform-specific (STM) code in core/arch/arm32/tee/init.c (which
was guarded by #ifndef WITH_UART_DRV) to core/arch/arm32/plat-stm/tz_init.S.
- Move core/arch/arm32/include/kernel/asc.h to core/arch/arm32/plat-stm.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (FVP)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)

show more ...

Added new interface in PRNG Hal to inject entropy

- Added add_entropy interface in crypto_ops.prng, and expose
new interface tee_prng_add_entropy() for platform vendor to
inject entropy.
- Injec

Added new interface in PRNG Hal to inject entropy

- Added add_entropy interface in crypto_ops.prng, and expose
new interface tee_prng_add_entropy() for platform vendor to
inject entropy.
- Inject entropy using current timestamp every time
when a session is opened or closed.

Signed-off-by: SY Chiu <sy.chiu@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: SY Chiu <sy.chiu@linaro.org> (FVP,QEMU)
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU)

show more ...

Define CFG_ARM32_user_ta on stm and sunxi

Signed-off-by: Pascal Brand <pascal.brand@st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org>

Define CFG_ARM32_user_ta on stm and sunxi

Signed-off-by: Pascal Brand <pascal.brand@st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)

show more ...

core: rename .S files to _a32.S

Renames .S files to _a32.s dropping eventual _asm suffix to reflect
the instruction set that is used in the assembly files.

Signed-off-by: Jens Wiklander <jens.wikla

core: rename .S files to _a32.S

Renames .S files to _a32.s dropping eventual _asm suffix to reflect
the instruction set that is used in the assembly files.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

Fix typo: s/pagable/pageable/

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

Define 32-bit ABI

Defines 32-bit ABI for various types passed by reference. Either by an
explicit conversion to/from TEE_Param and TEE_Attribute or by changing
size_t to uint32_t. Affected interface

Define 32-bit ABI

Defines 32-bit ABI for various types passed by reference. Either by an
explicit conversion to/from TEE_Param and TEE_Attribute or by changing
size_t to uint32_t. Affected interfaces are SVC interface and parameters
passed to user TA inside tee_user_ta_enter().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU, FVP)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

Get rid of CROSS_PREFIX, restore CROSS_COMPILE

Use CROSS_COMPILE to set the cross-compiler (CROSS_PREFIX is not supported
anymore). Use CROSS_COMPILE_core and CROSS_COMPILE_user_ta to override the
c

Get rid of CROSS_PREFIX, restore CROSS_COMPILE

Use CROSS_COMPILE to set the cross-compiler (CROSS_PREFIX is not supported
anymore). Use CROSS_COMPILE_core and CROSS_COMPILE_user_ta to override the
compiler for TEE core and user space code (Trusted Applications),
respectively.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

GP Internal Core API v1.1 : add defines, update type

Note: TEE_DATA_FLAG_OVERWRITE not supported

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@lina

GP Internal Core API v1.1 : add defines, update type

Note: TEE_DATA_FLAG_OVERWRITE not supported

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: James Kung <james.kung@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU platform)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM Cannes)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (FVP)

show more ...

Separate compiler for core and user TA

Enables compilation with different compilers for core and user TA.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.w

Separate compiler for core and user TA

Enables compilation with different compilers for core and user TA.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU, FVP)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

Handle "keep alive" TA property

At session open, if a TA instance is found, single session TAs are
busy only if context already handle a session.

At session closure, KeepAlive TA must close all pen

Handle "keep alive" TA property

At session open, if a TA instance is found, single session TAs are
busy only if context already handle a session.

At session closure, KeepAlive TA must close all pending session
but not free remaining allocations nor free its context.

From user TA entry code, remove useless "ta_dead" field and insure
heap and math support is only initialized once (for KeepAlive TA not
to re-init these libs).

Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

thread: move stack allocation from platform specific

Moves static stack allocation from platform specific code to the thread
subsystem.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tes

thread: move stack allocation from platform specific

Moves static stack allocation from platform specific code to the thread
subsystem.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)

show more ...

Check of the identity of the TA invoking a TA operation

On the following operations
invoke command
close
cancel
the one that is at the origin of the operations is checked. It could
be a

Check of the identity of the TA invoking a TA operation

On the following operations
invoke command
close
cancel
the one that is at the origin of the operations is checked. It could
be a TA or the core. In case of a TA, this is checked that it is the
same as the one that opened the session.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU)
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

Added Abstract Layer for PRNG

- Extended crypto_ops with a new prng_ops which handles prng operations.
- Replace calls to get_rng_array() with crypto_ops.prng.read(), this
enforces PRNG operations

Added Abstract Layer for PRNG

- Extended crypto_ops with a new prng_ops which handles prng operations.
- Replace calls to get_rng_array() with crypto_ops.prng.read(), this
enforces PRNG operations go through PRNG HAL, instead of invoking
platform-dependent PRNG implementation directly.
- Create a new mpa_set_random_generator() interface for mpa user to register
a callback to generate random number, instead of expecting the user to provide
a get_rng_array(). This enables libmpa uses crypto_ops.prng.read().
- Added a new configuration CFG_WITH_PRNG_SOFTWARE to toggle SW/HW-dependent
PRNG implementation.
- The SW PRNG implementation is supplied by backed cryto library(libtomcrypt).
- Added a new SW PRNG 'Fortuna' to libtomcrypt.
- Added a new SW PRNG 'RC4' to libtomcrypt, when Fortuna is not available due
to AES and SHA256 not available, fallback to RC4.
- Get rid of bad implemented SW PRNG in plat_vexpress(rng_support.c).
- If CFG_WITH_PRNG_SOFTWARE is not enabled, the platform needs to supply
hw_get_random_byte().

Signed-off-by: SY Chiu <sy.chiu@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Tested-by: SY Chiu <sy.chiu@linaro.org> (QEMU)

show more ...

TEE Core File Operation Abstraction Layer

Tested-by: James Kung <james.kung@linaro.org> (QEMU platform)
Signed-off-by: James Kung <james.kung@linaro.org>
Reviewed-by: Jerome Forissier <jerome.foriss

TEE Core File Operation Abstraction Layer

Tested-by: James Kung <james.kung@linaro.org> (QEMU platform)
Signed-off-by: James Kung <james.kung@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

load/generate TEE Core build configuration file

At build time, conf.in file is generated at output root core directory.

At build entry, if CFG_OPTEE_CONFIG is defined, it specifies the
path of the

load/generate TEE Core build configuration file

At build time, conf.in file is generated at output root core directory.

At build entry, if CFG_OPTEE_CONFIG is defined, it specifies the
path of the target TEE Core build configuration to use.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Etienne CARRIERE <etienne.carriere@st.com>
Reviewed-by: Pascal BRAND <pascal.brand@st.com>
Reviewed-by: Etienne CARRIERE <etienne.carriere@st.com>

show more ...

CFG_TEE_CORE_TA_TRACE to disable TA traces

In order to disable TA traces, whatever the compilation options of the
TAs, CFG_TEE_CORE_TA_TRACE can be defined to n

Reviewed-by: Jerome Forissier <jerom

CFG_TEE_CORE_TA_TRACE to disable TA traces

In order to disable TA traces, whatever the compilation options of the
TAs, CFG_TEE_CORE_TA_TRACE can be defined to n

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

Libtomcrypt: use buf_compare_ct instead of mem_neq

This is a size-optimization, as the current optee_os code
already contains a function dedicated to constant-time
memory compare: buf_compare_ct()

Libtomcrypt: use buf_compare_ct instead of mem_neq

This is a size-optimization, as the current optee_os code
already contains a function dedicated to constant-time
memory compare: buf_compare_ct()

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU)
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

arm32: move some inline assembly into arm32.h

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.

arm32: move some inline assembly into arm32.h

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)

show more ...

struct tee_ta_ctx: remove rw_data*

Removes rw_data and tw_data_usage elements in struct tee_ta_ctx as
they are not used any longer.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewe

struct tee_ta_ctx: remove rw_data*

Removes rw_data and tw_data_usage elements in struct tee_ta_ctx as
they are not used any longer.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

arm32: Adds LPAE support

Enables use of Large Physical Address Extension (LPAE) with
CFG_WITH_LPAE=y

To facilitate both the old V7 and the new LPAE translation tables an
abstraction layer has been

arm32: Adds LPAE support

Enables use of Large Physical Address Extension (LPAE) with
CFG_WITH_LPAE=y

To facilitate both the old V7 and the new LPAE translation tables an
abstraction layer has been added to avoid direct manipulations of the
translation tables.

Both V7 and LPAE implementation uses TEX remapping (SCTLR.TRE = 1) and
enables access flags (SCTLR.AFE = 1). This is a change in the V7 code
base as those bits where 0 before. There are two reason for this change:
1."From the introduction of the Large Physical Address Extension, ARM
deprecates any use of the AP[2:0] scheme for defining MMU access
permissions. This deprecation applies to software for all ARMv7-A
implementations, regardless of whether they include the Large
Physical Address Extension."
2. With SCTLR.TRE = 1 and SCTLR.AFE = 1 V7 and LPAE implementations uses
the same way of specifying access permissions and memory attributes.

Currently only supported on plat-vexpress.

Bugfix v7 config: sets NOS bit in TTBRx registers

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU, FVP Base model)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)

show more ...