libutee: increase MPI_MEMPOOL_SIZE to 14Kb

With the Widevine v17/v18 OPKs using their new Provisioning 4.0
technique, this pool size needs to be increased to 14Kb from 12Kb.

The sequence that is be

libutee: increase MPI_MEMPOOL_SIZE to 14Kb

With the Widevine v17/v18 OPKs using their new Provisioning 4.0
technique, this pool size needs to be increased to 14Kb from 12Kb.

The sequence that is being executed that requires this is as follows:
1. TEE_GenerateKey(key_handle, 2048, NULL, 0)
2. TEE_GetObjectBufferAttribute(key, TEE_ATTR_RSA_MODULUS,
modulus_data, &modulus_len),
same for TEE_ATTR_RSA_PUBLIC_EXPONENT and
TEE_ATTR_RSA_PRIVATE_EXPONENT.
3. mbedtls_rsa_complete() on a pk object created from the extracted
modulus, public exp and private exp.

Signed-off-by: Jeffrey Kardatzke <jkardatzke@google.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

libutee: add TEE_ALG_ECDSA_SHA* to TEE_ALG_GET_DIGEST_SIZE()

The TEE_ALG_GET_DIGEST_SIZE() macro lacks the ECDSA algorithms. Add
them.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>

libutee: add TEE_ALG_ECDSA_SHA* to TEE_ALG_GET_DIGEST_SIZE()

The TEE_ALG_GET_DIGEST_SIZE() macro lacks the ECDSA algorithms. Add
them.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: mbedtls: ecc_get_keysize(): do not check algorithm against curve

Since commit fe2fd3ff46c0 ("GP131: Add TEE_ALG_ECDH_DERIVE_SHARED_SECRET
and TEE_ALG_ECDSA_SHA*"), the algorithm and curve valu

core: mbedtls: ecc_get_keysize(): do not check algorithm against curve

Since commit fe2fd3ff46c0 ("GP131: Add TEE_ALG_ECDH_DERIVE_SHARED_SECRET
and TEE_ALG_ECDSA_SHA*"), the algorithm and curve values are not tied
as closely as before. The GP TEE Internal Core API specification v1.3.1
mentions "ECDSA algorithm identifiers should be tied to the size of the
digest, not the key. The key size information is provided with the key
material." (Table B-2). In other words, a number of algorithm values
are valid for use with any given ECC curve. Therefore remove the
algorithm checks in ecc_get_keysize(). This function is not the proper
place anyways.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: pta: imx: add manufacturing protection

Add the i.MX PTA to expose CAAM manufacturing protection features:
* Get manufacturing protection public key.
* Get manufacturing protection message.

core: pta: imx: add manufacturing protection

Add the i.MX PTA to expose CAAM manufacturing protection features:
* Get manufacturing protection public key.
* Get manufacturing protection message.
* Message signature with manufacturing protection private key.

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: crypto: add support MD5 hashes in RSA sign/verify/cipher

Introduce support of using MD5 hashes in RSA sign/verify/cipher
operations, which is required by AOSP Keymaster.

This is verified in

core: crypto: add support MD5 hashes in RSA sign/verify/cipher

Introduce support of using MD5 hashes in RSA sign/verify/cipher
operations, which is required by AOSP Keymaster.

This is verified in VerificationOperationsTest.RsaSuccess VTS Test [1],
which checks usage of such digests: NONE, MD5, SHA1, SHA_2_224, SHA_2_256,
SHA_2_384, SHA_2_512.

This patch has been inspired by commit[2]:

Link: [1] https://android.googlesource.com/platform/hardware/interfaces/+/master/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp
Link: [2] https://github.com/OP-TEE/optee_os/commit/199d0b7310d1705661a106358f1f0b46e4c5c587 ("core: crypto: add support MD5 hashes in RSA sign/verify")
Signed-off-by: Julien Masson <jmasson@baylibre.com>
Signed-off-by: Safae Ouajih <souajih@baylibre.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutils: add stubs for pthread functions

When building with GCC 11.3.1 [1], the linker reports undefined symbols
in the C++ test TA:

$ make 2>&1 | grep -E "(in function|undefined reference)" | se

libutils: add stubs for pthread functions

When building with GCC 11.3.1 [1], the linker reports undefined symbols
in the C++ test TA:

$ make 2>&1 | grep -E "(in function|undefined reference)" | sed 's@.*/@@'
libstdc++.a(eh_alloc.o): in function `(anonymous namespace)::pool::free(void*) [clone .constprop.0]':
gthr-default.h:749: undefined reference to `pthread_mutex_lock'
gthr-default.h:779: undefined reference to `pthread_mutex_unlock'
libstdc++.a(eh_alloc.o): in function `(anonymous namespace)::pool::allocate(unsigned long) [clone .constprop.0]':
gthr-default.h:749: undefined reference to `pthread_mutex_lock'
gthr-default.h:779: undefined reference to `pthread_mutex_unlock'
libgcc_eh.a(unwind-dw2-fde-dip.o): in function `__gthread_mutex_lock':
gthr-default.h:749: undefined reference to `pthread_mutex_lock'
libgcc_eh.a(unwind-dw2-fde-dip.o): in function `__gthread_mutex_unlock':
gthr-default.h:779: undefined reference to `pthread_mutex_unlock'
[more of the same follow]

To fix that issue, introduce no-op stubs as weak symbols in libutils.
Doing so is valid because TAs are single threaded and non-reentrant.

Link: [1] https://developer.arm.com/-/media/Files/downloads/gnu/11.3.rel1/binrel/arm-gnu-toolchain-11.3.rel1-x86_64-aarch64-none-linux-gnu.tar.xz
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Sumit Garg <sumit.garg@linaro.org>

show more ...

libutee: add CNTVCT to user system registers

Adds CNTVCT to user system registers. Needed when compiling with
CFG_CORE_SEL2_SPMC=y and CFG_MEMTAG=y.

Reviewed-by: Jerome Forissier <jerome.forissier@

libutee: add CNTVCT to user system registers

Adds CNTVCT to user system registers. Needed when compiling with
CFG_CORE_SEL2_SPMC=y and CFG_MEMTAG=y.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: add TEE_MAIN_ALGO_SHAKE values

The CAAM driver relies on TEE_ALG_GET_MAIN_ALG() macro to retrieve the
main algorithm ID from the TEE_ALG_* value.

With the addition of TEE_ALG_SHAKE128 and

libutee: add TEE_MAIN_ALGO_SHAKE values

The CAAM driver relies on TEE_ALG_GET_MAIN_ALG() macro to retrieve the
main algorithm ID from the TEE_ALG_* value.

With the addition of TEE_ALG_SHAKE128 and TEE_ALG_SHAKE256,
TEE_ALG_GET_MAIN_ALG() would return 0x01 (TEE_MAIN_ALGO_MD5) and 0x02
(TEE_MAIN_ALGO_SHA1). These returned values are wrong.

Add TEE_MAIN_ALGO_SHAKE128 and TEE_MAIN_ALGO_SHAKE256 values for
respectively TEE_ALG_SHAKE128 and TEE_ALG_SHAKE256.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: pta: Add K3 specific PTA for writing into extended OTP

Writing into the extended OTP has been a vendor specific thing and no
generic drivers exists for it in the OP-TEE framework.

Add a PTA t

core: pta: Add K3 specific PTA for writing into extended OTP

Writing into the extended OTP has been a vendor specific thing and no
generic drivers exists for it in the OP-TEE framework.

Add a PTA to write into the custom extended OTP bits in K3 architecture.

This header should be exported out of optee-os to be used by the host
binary for interacting with the PTA.

Includes OTP keywriting PTA header file in libutee

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

virt: rename CFG_VIRTUALIZATION to CFG_NS_VIRTUALIZATION

With the advent of virtualization support at S-EL2 in the Armv8.4-A
architecture, CFG_VIRTUALIZATION has become ambiguous. Let's rename
it to

virt: rename CFG_VIRTUALIZATION to CFG_NS_VIRTUALIZATION

With the advent of virtualization support at S-EL2 in the Armv8.4-A
architecture, CFG_VIRTUALIZATION has become ambiguous. Let's rename
it to CFG_NS_VIRTUALIZATION to indicate more clearly that it is about
supporting virtualization on the non-secure side.

This commit is the result of the following command:

$ for f in $(git grep -l -w CFG_VIRTUALIZATION); do \
sed -i -e 's/CFG_VIRTUALIZATION/CFG_NS_VIRTUALIZATION/g' $f; \
done

...plus the compatibility line in mk/config.mk:

CFG_NS_VIRTUALIZATION ?= $(CFG_VIRTUALIZATION)

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>

show more ...

GP131: Fix the TEE_ALG_SM2_PKE define

The define TEE_ALG_SM2_PKE was introduced with the value 0x80000045 in
the v1.2 specification and later changed to 0x80000046 in v1.3. At this
point we try to b

GP131: Fix the TEE_ALG_SM2_PKE define

The define TEE_ALG_SM2_PKE was introduced with the value 0x80000045 in
the v1.2 specification and later changed to 0x80000046 in v1.3. At this
point we try to be compatible with v1.3.1 so update the value to match
that version of the GlobalPlatform specification.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

GP131: tee_api_defines.h: remove obsolete comments

Removes the obsolete comments "/* vx.y.z spec */" from attributes, type,
and algorithm defines. The defines are all now up to date with GP
v1.3.1.

GP131: tee_api_defines.h: remove obsolete comments

Removes the obsolete comments "/* vx.y.z spec */" from attributes, type,
and algorithm defines. The defines are all now up to date with GP
v1.3.1.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

GP131: Add TA property gpd.ta.doesNotCloseHandleOnCorruptObject

Adds the TA property gpd.ta.doesNotCloseHandleOnCorruptObject.

All syscalls operating on an object handle and can return
TEE_ERROR_CO

GP131: Add TA property gpd.ta.doesNotCloseHandleOnCorruptObject

Adds the TA property gpd.ta.doesNotCloseHandleOnCorruptObject.

All syscalls operating on an object handle and can return
TEE_ERROR_CORRUPT_OBJECT must also do special treatment when
TEE_ERROR_CORRUPT_OBJECT is returned. Prior to
gpd.ta.doesNotCloseHandleOnCorruptObject this meant removing the object
and closing the object handle. With the
gpd.ta.doesNotCloseHandleOnCorruptObject property the object handle
shouldn't be close if this the current TA has the property set to true.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

GP131: TEE_Asymmetric{En,De}crypt() add return codes

Adds TEE_ERROR_CIPHERTEXT_INVALID and TEE_ERROR_NOT_SUPPORTED to the
list of supported return code for TEE_AsymmetricEncrypt() and
TEE_Asymmetric

GP131: TEE_Asymmetric{En,De}crypt() add return codes

Adds TEE_ERROR_CIPHERTEXT_INVALID and TEE_ERROR_NOT_SUPPORTED to the
list of supported return code for TEE_AsymmetricEncrypt() and
TEE_AsymmetricDecrypt().

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

GP131: add TEE_BigIntExpMod()

Adds the function TEE_BigIntExpMod() introduced in TEE Internal Core API
v1.2.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklande

GP131: add TEE_BigIntExpMod()

Adds the function TEE_BigIntExpMod() introduced in TEE Internal Core API
v1.2.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

GP131: add TEE_BigIntAbs()

Adds the function TEE_BigIntAbs() introduced in TEE Internal Core API
v1.2.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jen

GP131: add TEE_BigIntAbs()

Adds the function TEE_BigIntAbs() introduced in TEE Internal Core API
v1.2.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

GP131: add TEE_BigIntSetBit()

Adds the function TEE_BigIntSetBit() introduced in TEE Internal Core API
v1.2.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklande

GP131: add TEE_BigIntSetBit()

Adds the function TEE_BigIntSetBit() introduced in TEE Internal Core API
v1.2.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

GP131: add TEE_BigIntAssign()

Adds the function TEE_BigIntAssign() introduced in TEE Internal Core API
v1.2.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklande

GP131: add TEE_BigIntAssign()

Adds the function TEE_BigIntAssign() introduced in TEE Internal Core API
v1.2.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

GP131: Update TEE_SetOperationKey*()

Update TEE_SetOperationKey() and TEE_SetOperationKey2() according to TEE
Internal Core API version 1.3.1.

Compatibility functions for v1.1 are added due an inco

GP131: Update TEE_SetOperationKey*()

Update TEE_SetOperationKey() and TEE_SetOperationKey2() according to TEE
Internal Core API version 1.3.1.

Compatibility functions for v1.1 are added due an incompatible change
highlighted by the GP compliance test suite. Prior to 1.3 the functions
where should panic if operation state isn't "initial", in 1.3 they are
instead required to always reset the operation state to "initial".

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

GP131: add support for TEE_MALLOC_NO_SHARE

Adds support for the TEE_MALLOC_NO_SHARE hint to TEE_Malloc(). With this
there is a check in TEE_OpenTASession() and TEE_InvokeTACommand() to see
that buff

GP131: add support for TEE_MALLOC_NO_SHARE

Adds support for the TEE_MALLOC_NO_SHARE hint to TEE_Malloc(). With this
there is a check in TEE_OpenTASession() and TEE_InvokeTACommand() to see
that buffers allocated with this flag are passed on to other TAs.

A second memory pool is added to be used for memory allocations using
this flag. This means a new configuration variable,
TA_NO_SHARE_DATA_SIZE, for user_ta_header.h. It's set to 0 by default,
so by default nothing can be allocated using the TEE_MALLOC_NO_SHARE
hint.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

GP131: check permissions on buffer passed to other TAs

In TEE Internal Core API Specification version 1.2 there is a passed in
"4.9.4 Operation Parameters in the Internal Client API" that says that:

GP131: check permissions on buffer passed to other TAs

In TEE Internal Core API Specification version 1.2 there is a passed in
"4.9.4 Operation Parameters in the Internal Client API" that says that:
Where all or part of the referenced memory buffer was passed to the
TA from the REE or from another TA, the implementation SHALL NOT
result in downgrade of the security characteristics of the buffer.
That is, buffers read-only memrefs should not be passed on to other TAs
as read/write. Fix this by adding the needed check in
TEE_OpenTASession() and TEE_InvokeTACommand().

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

GP131: Update TEE_CheckMemoryAccessRights()

Updates TEE_CheckMemoryAccessRights() to be more strict by taking passed
memory parameters (memrefs) and heap allocations into account.

Reviewed-by: Etie

GP131: Update TEE_CheckMemoryAccessRights()

Updates TEE_CheckMemoryAccessRights() to be more strict by taking passed
memory parameters (memrefs) and heap allocations into account.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

GP131: add TEE_DigestExtract()

Adds TEE_DigestExtract() to support Extendable Output Functions, that
is, for now TEE_ALG_SHAKE128 and TEE_ALG_SHAKE256.

Reviewed-by: Etienne Carriere <etienne.carrie

GP131: add TEE_DigestExtract()

Adds TEE_DigestExtract() to support Extendable Output Functions, that
is, for now TEE_ALG_SHAKE128 and TEE_ALG_SHAKE256.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto: add API for SHA-3

Adds an API for the SHA-3 [1] algorithms SHA3-224, SHA3_256, SHA3_384,
SHA3_512, SHAKE128, and SHAKE256. SHAKE128 and SHAKE256 are
Extendable-Output Functions (XOF),

core: crypto: add API for SHA-3

Adds an API for the SHA-3 [1] algorithms SHA3-224, SHA3_256, SHA3_384,
SHA3_512, SHAKE128, and SHAKE256. SHAKE128 and SHAKE256 are
Extendable-Output Functions (XOF), but handled as hashes in the API.

Adds API for SHA-3 based HMAC functions.

For XOF algorithms crypto_hash_final() can be called multiple times and
generate an arbitrary amount of data. Note that this data will have a
common prefix if done over the same input (see A.2 in [1]).

[1] https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

GP131: add missing TEE_ALG_* and TEE_TYPE_* defines

Adds the missing TEE_ALG_* and TEE_TYPE_* defines from the
GlobalPlatform TEE Internal Core API v1.3.1 specification.

Reviewed-by: Jerome Forissi

GP131: add missing TEE_ALG_* and TEE_TYPE_* defines

Adds the missing TEE_ALG_* and TEE_TYPE_* defines from the
GlobalPlatform TEE Internal Core API v1.3.1 specification.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...