Move tee_api.h and tee_ta_api.h into tee_internal_api.h

The Global Platform TEE Internal Core specifications only mentions
tee_internal_api.h, the other .h files are part of the OP-TEE specific
impl

Move tee_api.h and tee_ta_api.h into tee_internal_api.h

The Global Platform TEE Internal Core specifications only mentions
tee_internal_api.h, the other .h files are part of the OP-TEE specific
implementation. Having a separate tee_api_defines.h for defines and a
tee_api_types.h for types is useful in OP-TEE core, but tee_api.h and
tee_ta_api.h adds nothing of value. Quite the opposite as it will make
it harder than necessary to implement the macro tricks needed for
backwards compatibility when updating to a more recent standard.

So to simplify things, move function declarations in tee_api.h and
tee_ta_api.h into tee_internal_api.h. tee_api.h and tee_ta_api.h are
kept for compatibility, but they are only including
<tee_internal_api.h>.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: add TEE_IsAlgorithmSupported()

Adds function TEE_IsAlgorithmSupported() as per the GlobalPlatform TEE
Internal Core API v1.2.1.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked

libutee: add TEE_IsAlgorithmSupported()

Adds function TEE_IsAlgorithmSupported() as per the GlobalPlatform TEE
Internal Core API v1.2.1.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: TEE_MemCompare(): use constant time algorithm

TEE_MemCompare() currently calls memcmp() which returns as soon as a
difference is found in the compared buffers. The fact that the
comparison

libutee: TEE_MemCompare(): use constant time algorithm

TEE_MemCompare() currently calls memcmp() which returns as soon as a
difference is found in the compared buffers. The fact that the
comparison is not constant time for a given buffer size can reveal
information on the buffer content and lead to side-channel attacks.
Although the GlobalPlatform TEE Internal Core API specification says
nothing about this timing aspect, it is unsafe not to propose a constant
time implementation to TAs. A member of the GP specification working
group confirmed in an informal discussion.

Therefore, replace memcmp() with consttime_memcmp() for constant time
comparison. If a TA needs the fastest possible buffer comparison it can
call the C library function memcmp() (from <string.h>), which we provide
in libutils.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reported-by: Bastien Simondi <bsimondi@netflix.com> [3.2]
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

Remove license notice from STMicroelectronics files

Since a while the source files license info are defined by SPDX
identifiers. We can safely remove the verbose license text from the
files that are

Remove license notice from STMicroelectronics files

Since a while the source files license info are defined by SPDX
identifiers. We can safely remove the verbose license text from the
files that are owned by either only STMicroelectronics or only both
Linaro and STMicroelectronics.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

TEE_Realloc(): fix invalid declaration

Prior to this was TEE_Realloc() declared as:

void *TEE_Realloc(const void *buffer, uint32_t newSize);

This does not make sense as the argument buffer can and

TEE_Realloc(): fix invalid declaration

Prior to this was TEE_Realloc() declared as:

void *TEE_Realloc(const void *buffer, uint32_t newSize);

This does not make sense as the argument buffer can and will be changed
as a result of calling this function. Instead fix the declaration to be:

void *TEE_Realloc(void *buffer, uint32_t newSize);

This is also more in line with realloc().

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Add SPDX license identifiers

Adds one SPDX-License-Identifier line [1] to each source files that
contains license text.

Generated by [2]:
spdxify.py --add-spdx optee_os/

The scancode tool [3] wa

Add SPDX license identifiers

Adds one SPDX-License-Identifier line [1] to each source files that
contains license text.

Generated by [2]:
spdxify.py --add-spdx optee_os/

The scancode tool [3] was used to double check the license matching
code in the Python script. All the licenses detected by scancode are
either detected by spdxify.py, or have no SPDX identifier, or are false
matches.

Link: [1] https://spdx.org/licenses/
Link: [2] https://github.com/jforissier/misc/blob/f7b56c8/spdxify.py
Link: [3] https://github.com/nexB/scancode-toolkit
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

Dump call stack on TA panic

Adds support for dumping the call stack of a user-mode TA when it
panics. Stack unwinding happens in kernel mode by re-using
abort_print_error() in core/arch/arm/kernel/a

Dump call stack on TA panic

Adds support for dumping the call stack of a user-mode TA when it
panics. Stack unwinding happens in kernel mode by re-using
abort_print_error() in core/arch/arm/kernel/abort.c. Like for abort
dumps, the helper script scripts/symbolize.py may be used to obtain
source-level information.

This feature is enabled by default. Set CFG_UNWIND=n to disable it
(or CFG_TEE_CORE_DEBUG=n).

In libutee, the utee_panic() syscall wrapper is renamed __utee_panic()
and now takes an additional parameters: a stack pointer, in addition to
the panic code. utee_panic() is written in assembly and pushes some
registers onto the stack before calling __utee_panic(). When it is time
to return from syscall_panic(), tee_svc_sys_return_helper() uses the
stack pointer to get the information needed to unwind the TA stack.
A struct abort_info is created and abort_print_error() is called.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (QEMU)
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey 32/64)
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (QEMUv8)

show more ...

libutee: API: add 'const' qualifiers

As per the GlobalPlatform Internal Core API Specification v1.1,
section 3.4 Parameter Annotations: "[...] the [in], [inbuf],
[instring], [instringopt], and [ctx]

libutee: API: add 'const' qualifiers

As per the GlobalPlatform Internal Core API Specification v1.1,
section 3.4 Parameter Annotations: "[...] the [in], [inbuf],
[instring], [instringopt], and [ctx] annotations can make use of the
const C keyword [...] the C header file of a compliant Implementation
SHOULD use the const keyword when these annotations appear."

Note that the TA entry points: TA_OpenSessionEntryPoint(),
TA_CloseSessionEntryPoint() and TA_InvokeCommandEntryPoint() are
unchanged to avoid breaking existing code (not worth it).

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core/libutee: perform cleanup for magic "4"

Perform cleanup for magic "4" constant that represents amount of tee
params

Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>
Reviewed-by: Etienne Ca

core/libutee: perform cleanup for magic "4"

Perform cleanup for magic "4" constant that represents amount of tee
params

Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

libutee: Optionally replace TEE_Panic() with macro

Help debugging by replacing TEE_Panic() with a macro that does an EMSG()
and then calls panic function (__TEE_Panic()).

Signed-off-by: Jens Wiklan

libutee: Optionally replace TEE_Panic() with macro

Help debugging by replacing TEE_Panic() with a macro that does an EMSG()
and then calls panic function (__TEE_Panic()).

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

GP11 : operation state handling

Change-Id: I136443ef2f137b2e12902324d724fff7ce7c590e
Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Jerome Forisssier <jerome.forissier@linaro.o

GP11 : operation state handling

Change-Id: I136443ef2f137b2e12902324d724fff7ce7c590e
Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Jerome Forisssier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

GP11 : TEE_GetOperationInfoMultiple

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org

GP11 : TEE_GetOperationInfoMultiple

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

GP11 : TEE Arithmetical API fix/panic reason

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@l

GP11 : TEE Arithmetical API fix/panic reason

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

GP11 : Asymmetric functions fix/panic reason

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.

GP11 : Asymmetric functions fix/panic reason

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

GP11 : AE functions fix/panic reason

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.or

GP11 : AE functions fix/panic reason

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

GP11 : MAC functions fix/panic reason

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.o

GP11 : MAC functions fix/panic reason

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

GP Internal Core API v1.1 : add new functions, panicked IDs

- Add new functions (that will replace deprecated functions)
TEE_GetObjectInfo1, TEE_RestrictObjectUsage1,
TEE_CopyObjectAttributes1, TEE_

GP Internal Core API v1.1 : add new functions, panicked IDs

- Add new functions (that will replace deprecated functions)
TEE_GetObjectInfo1, TEE_RestrictObjectUsage1,
TEE_CopyObjectAttributes1, TEE_CloseAndDeletePersistentObject1

- Support of deprecated functions available (will be removed in future release).
Note: TEE_ERROR_STORAGE_NOT_AVAILABLE case not implemented in OP-TEE core
(e.g. media removal)

- Add panicked functions identifiers (debug purpose)

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

Remove __noreturn from TEE_Panic prototype

According to the Global Plaform Internal Core API v1.1, the prototype
of the function TEE_Panic must be
void TEE_Panic(TEE_Result panicCode);

Reviewed

Remove __noreturn from TEE_Panic prototype

According to the Global Plaform Internal Core API v1.1, the prototype
of the function TEE_Panic must be
void TEE_Panic(TEE_Result panicCode);

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

GP Internal Core API v1.1 : add defines, update type

Note: TEE_DATA_FLAG_OVERWRITE not supported

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@lina

GP Internal Core API v1.1 : add defines, update type

Note: TEE_DATA_FLAG_OVERWRITE not supported

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: James Kung <james.kung@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU platform)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM Cannes)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (FVP)

show more ...

Reenable warnings for all non-3rd party code

* Reenables warnings for all non-3rd party code
* Renames dprintf macro to dprintf_level

Open-source the TEE Core

Signed-off-by: Pascal Brand <pascal.brand@st.com>