core, libutils: unpoison stack on longjmp for ASan

Adds support for unpoisoning the stack when performing longjmp,
to ensure correct ASan behavior.

When a longjmp unwinds the stack, parts of the st

core, libutils: unpoison stack on longjmp for ASan

Adds support for unpoisoning the stack when performing longjmp,
to ensure correct ASan behavior.

When a longjmp unwinds the stack, parts of the stack that were
poisoned during deeper calls may remain marked as inaccessible.
This can lead to false ASan reports after longjmp, as the new
frame reuses that memory.

To avoid this, a call to asan_handle_longjmp() is added to
setjmp_a64.S, which unpoisons the stack range between the current
SP and the old SP (saved during setjmp).

Signed-off-by: Aleksandr Iashchenko <aleksandr.iashchenko@linutronix.de>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

arm32: libutils, libutee, ta: add .note.GNU-stack section to .S files

When building for arm32 with GNU binutils 2.39, the linker outputs
warnings when linking Trusted Applications:

arm-unknown-lin

arm32: libutils, libutee, ta: add .note.GNU-stack section to .S files

When building for arm32 with GNU binutils 2.39, the linker outputs
warnings when linking Trusted Applications:

arm-unknown-linux-uclibcgnueabihf-ld.bfd: warning: utee_syscalls_a32.o: missing .note.GNU-stack section implies executable stack
arm-unknown-linux-uclibcgnueabihf-ld.bfd: NOTE: This behaviour is deprecated and will be removed in a future version of the linker

We could silence the warning by adding the '--no-warn-execstack' option
to the TA link flags, like we did in the parent commit for the TEE core
and ldelf. Indeed, ldelf always allocates a non-executable piece of
memory for the TA to use as a stack.

However it seems preferable to comply with the common ELF practices in
this case. A better fix is therefore to add the missing .note.GNU-stack
sections in the assembler files.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ftrace: Add support for syscall function tracer

This patch adds support for syscall tracing in TEE core. It complements
existing ftrace support for user TAs via adding trace for syscalls that
are in

ftrace: Add support for syscall function tracer

This patch adds support for syscall tracing in TEE core. It complements
existing ftrace support for user TAs via adding trace for syscalls that
are invoked by user TAs into the TEE core.

And after this patch ftrace will cover both TA and TEE core code. So lets
rename config option from CFG_TA_FTRACE_SUPPORT to CFG_FTRACE_SUPPORT.

It is optional to enable syscall trace via CFG_SYSCALL_FTRACE=y config
option in addition to CFG_FTRACE_SUPPORT=y config option.

Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

Remove deprecated ldm/stm instructions

Some uses of SP, PC and LR in the register list of Load/Store Multiple
instructions is forbidden (Thumb) or deprecated (ARM) as per the ARM
ARM DDI 0406 C.d. F

Remove deprecated ldm/stm instructions

Some uses of SP, PC and LR in the register list of Load/Store Multiple
instructions is forbidden (Thumb) or deprecated (ARM) as per the ARM
ARM DDI 0406 C.d. For the LDM instructions, SP should not be in the
list, and the list should not contain both PC and LR. See sections:

[A8.8.58] LDM/LDMIA/LDMFD (Thumb)
[A8.8.59] LDM/LDMIA/LDMFD (ARM)
[A8.8.60] LDMDA/LDMFA
[A8.8.61] LDMDB/LDMEA
[A8.8.62] LDMIB/LDMED

For the STM instructions, neither SP nor PC should be in the list. See
sections:

[A8.8.200] STM (STMIA, STMEA)
[A8.8.201] STMDA (STMED)
[A8.8.202] STMDB (STMFD)
[A8.8.203] STMIB (STMFA)

Clang warns on the deprecated constructs. Use ldr/str instead.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ftrace: Enable support for 32 bit apps

By default 32 bit trusted applications are compiled in thumb mode but
thumb mode doesn't support function graph tracing due to missing frame
pointer support re

ftrace: Enable support for 32 bit apps

By default 32 bit trusted applications are compiled in thumb mode but
thumb mode doesn't support function graph tracing due to missing frame
pointer support required to trace function call chain. So rather compile
trusted applications in ARM mode in case function tracing is enabled.

Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

Add SPDX license identifiers

Adds one SPDX-License-Identifier line [1] to each source files that
contains license text.

Generated by [2]:
spdxify.py --add-spdx optee_os/

The scancode tool [3] wa

Add SPDX license identifiers

Adds one SPDX-License-Identifier line [1] to each source files that
contains license text.

Generated by [2]:
spdxify.py --add-spdx optee_os/

The scancode tool [3] was used to double check the license matching
code in the Python script. All the licenses detected by scancode are
either detected by spdxify.py, or have no SPDX identifier, or are false
matches.

Link: [1] https://spdx.org/licenses/
Link: [2] https://github.com/jforissier/misc/blob/f7b56c8/spdxify.py
Link: [3] https://github.com/nexB/scancode-toolkit
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

libutil: add setjmp/longjmp

Imports setjmp/longjmp from newlib.

Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens W

libutil: add setjmp/longjmp

Imports setjmp/longjmp from newlib.

Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...