plat-vexpress: fix non-debug build

Fixes a number of build errors when 'PLATFORM=vexpress' and 'DEBUG=':
- '<var> may be used uninitialized'
- 'dereferencing type-punned pointer will break strict-al

plat-vexpress: fix non-debug build

Fixes a number of build errors when 'PLATFORM=vexpress' and 'DEBUG=':
- '<var> may be used uninitialized'
- 'dereferencing type-punned pointer will break strict-aliasing rules'
This one is addressed by adding -fno-strict-aliasing to the cflags for the
problematic files, which is a temporary solution.
- 'inlining failed'

Also, make sure tee_svc_syscall_table is aligned on a 32-bit boundary.
Otherwise, an alignment fault might occur:
ERR [0x0] TEE-CORE:tee_pager_print_error_abort:101: data-abort at 0x602f16b
FSR 0x1 PC 0x6007bd4 TTBR0 0x603804A CONTEXIDR 0x1
CPUID 0x80000001 DBGPCSR 0x0 CPSR 0x80000013 (read from SPSR)
ERR [0x0] TEE-CORE:tee_pager_handle_abort:164: [TEE_PAGER] alignement fault! (trap CPU)

Note: on Foundation_v8, I measured a ~3x speedup between debug and non-debug
builds for asymmetric crypto tests.

show more ...

Fix GCM Authentication

Authentication tag length, given during the enc_final(),
was wrong. It was the max of the tag buffer, instead of the
value provided during the init.

Other cleanup also takes

Fix GCM Authentication

Authentication tag length, given during the enc_final(),
was wrong. It was the max of the tag buffer, instead of the
value provided during the init.

Other cleanup also takes place to simplify CCM authentication.

Change-Id: I14c02b2a39a51fb485b0ff04707895f91fcc73a3
Reviewed-on: https://gerrit.st.com/12369
Tested-by: Pascal BRAND <pascal.brand@st.com>
Tested-by: Jean-Michel DELORME <jean-michel.delorme@st.com>
Reviewed-by: Jean-Michel DELORME <jean-michel.delorme@st.com>
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

Fix dirty tests

* Makes dirty tests work again
* Fixes compile issues when enabling the LOG features in dirty tests

Update references to ARM Trusted Firmware

We must never abbreviate ARM so we either reference as "ARM
Trusted Firmware" or "ARM-TF".

vexpress,qemu: Change memory layout

Start QEMU with -m 1057
Use vexpress-v2p-ca15-tc1.dtb from the Linux kernel tree

"Core Status" service on malloc

- Gets teecore heap info.
- Enabled only on CFG_TEE_FW_DEBUG != 0.
- Update dirty tests
- Reset max allocated size after malloc dirty tests.

Implemented wait in normal world

Instead of busy waiting in secure world, it is more efficient to wait
in normal world such that HLOS can schedule another task to execute
while waiting

- Added a ne

Implemented wait in normal world

Instead of busy waiting in secure world, it is more efficient to wait
in normal world such that HLOS can schedule another task to execute
while waiting

- Added a new RPC command to wait in linux driver
- Remove wait_specific() hook in time_source, it seems can be a generic
function.
- This patch depends on "Implemented wait in normal world" in
optee_linuxdrver

show more ...

Generic secure time layer

Provided a time source api in order to let soc vendors implement their
own secure counter

- Moved platform-dependent code out of tee_time.c to make it a generic
time lay

Generic secure time layer

Provided a time source api in order to let soc vendors implement their
own secure counter

- Moved platform-dependent code out of tee_time.c to make it a generic
time layer.
- Added an abstract layer for platforms to implement their own secure
time source.
- Implemented arm cntpct as one of secure time source.
- Moved rtt0 related time operation from tee_time.c to tee_time_rtt.c,
act as another secure time source.
- Added tee_time_ree.c for the plaform that doesn't have secure time
source. In this case, using ree time as secure time source.

show more ...

Fix #6323: A failing RSA decode leads to panic

Change-Id: Ia4762f076922338f280d431f104b653e731bf64f
Reviewed-on: https://gerrit.st.com/11598
Reviewed-by: Jean-Michel DELORME <jean-michel.delorme@st.

Fix #6323: A failing RSA decode leads to panic

Change-Id: Ia4762f076922338f280d431f104b653e731bf64f
Reviewed-on: https://gerrit.st.com/11598
Reviewed-by: Jean-Michel DELORME <jean-michel.delorme@st.com>
Tested-by: Jean-Michel DELORME <jean-michel.delorme@st.com>
Tested-by: Jocelyn RICARD <jocelyn.ricard@st.com>
Reviewed-by: Pascal BRAND <pascal.brand@st.com>

Update wrt comments from review

Fix returned error when the mode is not ok

show more ...

Fix #6294: Full HW Random Generator

Change-Id: I9babada92991c646d844a25af175150d530a8ddb
Reviewed-on: https://gerrit.st.com/11597
Reviewed-by: Jean-Michel DELORME <jean-michel.delorme@st.com>
Tested

Fix #6294: Full HW Random Generator

Change-Id: I9babada92991c646d844a25af175150d530a8ddb
Reviewed-on: https://gerrit.st.com/11597
Reviewed-by: Jean-Michel DELORME <jean-michel.delorme@st.com>
Tested-by: Jean-Michel DELORME <jean-michel.delorme@st.com>
Reviewed-by: Jocelyn RICARD <jocelyn.ricard@st.com>
Reviewed-by: Pascal BRAND <pascal.brand@st.com>

Conflicts:
core/arch/st231/plat-stm/rng_support.c

show more ...

Makefile variables $(*-dir) should not have a trailing slash

As a general rule, Makefile variables that are directories should not have
a trailing slash, and should be used as: $(some-dir)/some-file

Makefile variables $(*-dir) should not have a trailing slash

As a general rule, Makefile variables that are directories should not have
a trailing slash, and should be used as: $(some-dir)/some-file rather than
$(some-dir)some-file. This is more readable.

show more ...

MMU: Simplify tee_mmu_switch function

Replaced direct CP15 instructions with macros instead and removed some
unnecessary code.

Updates for ARM Trusted Firmware tag v1.0

* New load address for plat-vexpress,fvp
* Entry vector extended with system_off and system_reset
entries

Cosmetic fixes for build output

By default, the OP-TEE build shows abbreviated output similar to the Linux
kernel. This commit fixes a number of deviations/inconsistencies.

- Always print a command

Cosmetic fixes for build output

By default, the OP-TEE build shows abbreviated output similar to the Linux
kernel. This commit fixes a number of deviations/inconsistencies.

- Always print a command in uppercase, followed by the target file.
- Make sure commands and file paths are nicely aligned, with two leading spaces
to make command output/errors better stand out.
- Remove some duplicate slashes in file paths. We use the following rule:
variables that hold directory names such as $(arch-dir) or $(platform-dir)
always have a trailing slash. The 'subdirs' and 'incdirs' variables used in
sub-makefiles are an exception because doing otherwise would needlessly
clutter the sub-makefiles.

show more ...

plat-orly2 and plat-cannes merged in plat-stm

PLATFORM_FLAVOR is used to distinguish orly2 and cannes

Change-Id: Iaed89451f704120e29b0b0adb83627f11bf9df48

Reentrancy fixes

Before this patch: The normal world was only allowed to enter
secure world with one thread at a time.

After this patch: The normal world may try to enter secure world
with as many

Reentrancy fixes

Before this patch: The normal world was only allowed to enter
secure world with one thread at a time.

After this patch: The normal world may try to enter secure world
with as many threads as it likes, secure world will return busy
when no more threads can be allowed. Secure world still only allows
one active thread at a time, but during RPC another thread may enter
and do some work. This is needed for cancellation to work.

* Adds a mutex that waits in normal world if busy
* Adds a new RPC service to wait in normal world
* Imports bitstring.h from FreeBSD to aid mutex implementation
* Adds a critical section in tee_ta_init_session
* Unmaps TA before RPC exit and maps it again on return to handle
rescheduling of threads during RPC
* Doesn't clear a1-a3 when returning busy
* Bugfixes vector_std_smc_entry

This patch depends on the "Allow parallel entries to secure world"
patch in optee_linuxdriver.

show more ...

Make more common implementation of orly2 and cannes platforms

This will prepare PLAT_FLAVOR of orly2 / cannes

TEE_ROUNDxxx renamed in ROUNDxxx in libutee

This change is to have the same macro names in core
part and libutee part

tee_acipher_rsadorep: fix handling of zero-padding in output

- Always remove leading null bytes in output buffer (previously this was done
only for PK_PRIVATE keys)
- Leave one null byte when rsa_ex

tee_acipher_rsadorep: fix handling of zero-padding in output

- Always remove leading null bytes in output buffer (previously this was done
only for PK_PRIVATE keys)
- Leave one null byte when rsa_exptmod() output is all zeroes (do not return
an empty buffer)
- Fix output buffer length check (take padding into account)

show more ...

Create util.h to rearrange define macro

Cannes / H410 support

Support STMicroelectronics chip H410 "cannes".
Is compiled using
PLATFORM=cannes make

Cleanup

Get value of gpd.tee.arith.maxBigIntSize from libutee

The property gpd.tee.arith.maxBigIntSize was implemented in TEE core by
tee_svc_sys_get_property() which was returning a constant taken from the

Get value of gpd.tee.arith.maxBigIntSize from libutee

The property gpd.tee.arith.maxBigIntSize was implemented in TEE core by
tee_svc_sys_get_property() which was returning a constant taken from the
crypto module (LTC_MAX_BITS_PER_VARIABLE / 2).
The correct value is TEE_MAX_NUMBER_OF_SUPPORTED_BITS from libutee.
This commit makes libutee return the appropriate value directly (without
calling the TEE core) and deletes the property from the syscall.
Additionally, this removes the unjustified dependency of tee_svc.c on
<tee_ltc_wrapper.h>.

show more ...

enable_mmu functions renamed in cpu_enable_mmu

Add a flag to turn on/off PSCI debug msg