libutils: trace: support more than 100 threads and cores

Add code to support printing thread and core number on 3 digits when
needed.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed

libutils: trace: support more than 100 threads and cores

Add code to support printing thread and core number on 3 digits when
needed.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

libutils: trace: fix off-by-one when switching to 2 digits for thread id

Threads are numbered starting from zero so when CFG_NUM_THREADS == 10
the number still fits on one digit. Fix the conditional

libutils: trace: fix off-by-one when switching to 2 digits for thread id

Threads are numbered starting from zero so when CFG_NUM_THREADS == 10
the number still fits on one digit. Fix the conditional in
print_thread_id().

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

libutils: qsort.c: fix undefined pointer subtraction

Clang 13.0.0 produces the following warning:

lib/libutils/isoc/qsort.c:81:8: warning: performing pointer subtraction with a null pointer has un

libutils: qsort.c: fix undefined pointer subtraction

Clang 13.0.0 produces the following warning:

lib/libutils/isoc/qsort.c:81:8: warning: performing pointer subtraction with a null pointer has undefined behavior [-Wnull-pointer-subtraction]
loop: SWAPINIT(a, es);
^~~~~~~~~~~~~~~
lib/libutils/isoc/qsort.c:50:47: note: expanded from macro 'SWAPINIT'
#define SWAPINIT(a, es) swaptype = ((char *)a - (char *)0) % sizeof(long)
^ ~~~~~~~~~

Replace the subtraction with a simple cast to uintptr_t.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: pta: APDU pseudo trusted application

Allow trusted applications and REE clients to send APDU frames to a
secure element.

Even though secure elements are usually accessible from serial buses,

core: pta: APDU pseudo trusted application

Allow trusted applications and REE clients to send APDU frames to a
secure element.

Even though secure elements are usually accessible from serial buses,
when they have been initialized in OP-TEE is possible that the SCP03
secret keys are only available in the Trusted World and therefore APDU
requests must be handled in OP-TEE.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: crypto: Secure Element cryptographic interface

Extract cryptographic operations specific to Secure Elements from the
more generic cryptographic interface.

Also, the Secure Channel Protocol03

core: crypto: Secure Element cryptographic interface

Extract cryptographic operations specific to Secure Elements from the
more generic cryptographic interface.

Also, the Secure Channel Protocol03 is a global protocol supported by
most SEs and not NXP SE05X specific. Use this commit to reflect this
fact.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

libutee: Fix warning in TEE_BigIntInvMod()

Fixes a -Wdeclaration-after-statement warning in TEE_BigIntInvMod:
lib/libutee/tee_api_arith_mpi.c: In function ‘TEE_BigIntInvMod’:
lib/libutee/tee_api_ari

libutee: Fix warning in TEE_BigIntInvMod()

Fixes a -Wdeclaration-after-statement warning in TEE_BigIntInvMod:
lib/libutee/tee_api_arith_mpi.c: In function ‘TEE_BigIntInvMod’:
lib/libutee/tee_api_arith_mpi.c:539:2: error: ISO C90 forbids mixed declarations and code [-Werror=declaration-after-statement]
mbedtls_mpi mpi_dest;
^~~~~~~~~~~

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: Fix warning in bigint_binary_mod()

Fixes a -Wdeclaration-after-statement warning in bigint_binary_mod:
lib/libutee/tee_api_arith_mpi.c: In function ‘bigint_binary_mod’:
lib/libutee/tee_api_

libutee: Fix warning in bigint_binary_mod()

Fixes a -Wdeclaration-after-statement warning in bigint_binary_mod:
lib/libutee/tee_api_arith_mpi.c: In function ‘bigint_binary_mod’:
lib/libutee/tee_api_arith_mpi.c:358:2: error: ISO C90 forbids mixed declarations and code [-Werror=declaration-after-statement]
mbedtls_mpi mpi_dest;
^~~~~~~~~~~
lib/libutee/tee_api_arith_mpi.c: In function ‘TEE_BigIntInvMod’:
lib/libutee/tee_api_arith_mpi.c:539:2: error: ISO C90 forbids mixed declarations and code [-Werror=declaration-after-statement]
mbedtls_mpi mpi_dest;

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libmbedtls: disable -Wdeclaration-after-statement

Disabled -Wdeclaration-after-statement when compiling the mbedtls
library in order to avoid that kind of warnings from upstream code.

Reviewed-by:

libmbedtls: disable -Wdeclaration-after-statement

Disabled -Wdeclaration-after-statement when compiling the mbedtls
library in order to avoid that kind of warnings from upstream code.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ext: include: add DIV_ROUND_UP function

Export DIV_ROUND_UP from mbedtls files to be used by clock drivers.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Clément Léger

ext: include: add DIV_ROUND_UP function

Export DIV_ROUND_UP from mbedtls files to be used by clock drivers.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>

show more ...

libutee: define error core TEE_ERROR_DEFER_DRIVER_INIT

Define TEE_Result implementation specific error code
TEE_ERROR_DEFER_DRIVER_INIT intended to be used when a driver instance
fails to initialize

libutee: define error core TEE_ERROR_DEFER_DRIVER_INIT

Define TEE_Result implementation specific error code
TEE_ERROR_DEFER_DRIVER_INIT intended to be used when a driver instance
fails to initialize because another device driver it depends on is not
yet initialized.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

lib: mbebtls: correct return value in RSA-SSA signature verification

The value TEE_ERROR_MAC_INVALID returned by function
crypto_acipher_rsassa_verify() of mbedtls library will
cause TEE_AsymmetricV

lib: mbebtls: correct return value in RSA-SSA signature verification

The value TEE_ERROR_MAC_INVALID returned by function
crypto_acipher_rsassa_verify() of mbedtls library will
cause TEE_AsymmetricVerifyDigest() to call TEE_Panic()
when it reports an invalid signature. Fix this by returning
TEE_ERROR_SIGNATURE_INVALID instead as specified by
the GPD TEE Internal Core API specifications.

Signed-off-by: lubing <lubing@eswin.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

util: rename ALIGNMENT_IS_OK to IS_ALIGNED_WITH_TYPE

Implement the renamed macro using the IS_ALIGNED definition.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Etienne Carrie

util: rename ALIGNMENT_IS_OK to IS_ALIGNED_WITH_TYPE

Implement the renamed macro using the IS_ALIGNED definition.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

util: define IS_ALIGNED macro

Keep a single version of the macro definition.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Revi

util: define IS_ALIGNED macro

Keep a single version of the macro definition.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutils: ta: provide malloc(), calloc() and realloc() when debug is on

When enabling malloc debug for TAs (CFG_TEE_TA_MALLOC_DEBUG=y), the
standard malloc entry points malloc(), calloc() and reallo

libutils: ta: provide malloc(), calloc() and realloc() when debug is on

When enabling malloc debug for TAs (CFG_TEE_TA_MALLOC_DEBUG=y), the
standard malloc entry points malloc(), calloc() and realloc() are
redirected by C macros to instrumented variants: mdbg_malloc(),
mdbg_calloc() and mdbg_realloc(). In addition, the 'normal' symbols are
not exported by libutils. That is a problem because a TA might still
reference them. For example the C++ code in optee_test requires libstdc++
which relies on malloc() etc.:

build (master)$ make -j10 CFG_TEE_TA_MALLOC_DEBUG=y CFG_TEE_TA_LOG_LEVEL=2
...
/home/jerome/work/optee_repo_qemu/build/../toolchains/aarch32/bin/arm-linux-gnueabihf-ld.bfd: /home/jerome/work/toolchains-gcc10.2/aarch32/bin/../lib/gcc/arm-none-linux-gnueabihf/10.2.1/../../../../arm-none-linux-gnueabihf/lib/libstdc++.a(eh_alloc.o): in function `__cxa_allocate_exception':
/tmp/dgboter/bbs/build03--cen7x86_64/buildbot/cen7x86_64--arm-none-linux-gnueabihf/build/src/gcc/libstdc++-v3/libsupc++/eh_alloc.cc:284: undefined reference to `malloc'
...

Fix the issue by defining the standard malloc() functions in libutils,
calling the debug variants.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

lib: libutee: init array to 0

Add missing initialization in array declaration.

Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Revi

lib: libutee: init array to 0

Add missing initialization in array declaration.

Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

show more ...

libutils: bget_malloc: fix test in pool min size

Requires at least 1 kB for the initial malloc memory pool. The rational
is that the initial pool min size is not straightforward to compute as
it dep

libutils: bget_malloc: fix test in pool min size

Requires at least 1 kB for the initial malloc memory pool. The rational
is that the initial pool min size is not straightforward to compute as
it depends on the internals of the BGET implementation. However, with
a requirement of at least 1 kB in initial memory pool we'll have good
margin while still being reasonable.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: Handle zero sized buffer allocations

The GlobalPlatform TEE internal API specification mentions the following
about zero sized buffer allocations:
"The value returned is undefined but guara

libutee: Handle zero sized buffer allocations

The GlobalPlatform TEE internal API specification mentions the following
about zero sized buffer allocations:
"The value returned is undefined but guaranteed to be different from NULL.
The Trusted Application SHALL NOT access the returned pointer.
The Trusted Application SHOULD panic if the memory pointed to by such a
pointer is accessed for either read or write"

But, we would never observe a TA panic because a zero size is internally
translated to 1 and finally to (2 * sizeof(long)) in the bget() function.

This patch handles this aspect so to return a known non-NULL invalid
pointer when the requested size is zero.

Signed-off-by: Sadiq Hussain <sadiq.muchumarri@intel.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Squashed commit upgrading to mbedtls-2.27.0

Squash merging branch import/mbedtls-2.27.0

335b95f50f90 ("core: libmbedtls: add ctr_drbg.c to core sources")
9ad9df8b36e4 ("core: libtomcrypt: libmbed

Squashed commit upgrading to mbedtls-2.27.0

Squash merging branch import/mbedtls-2.27.0

335b95f50f90 ("core: libmbedtls: add ctr_drbg.c to core sources")
9ad9df8b36e4 ("core: libtomcrypt: libmbedtls: mbedtls_mpi_montred() now returns void")
ade0994c57b3 ("libmbedtls: add SM2 curve")
3041cf9726e2 ("libmbedtls: mbedtls_mpi_exp_mod(): optimize mempool usage")
a2e7a4cd262d ("libmbedtls: mbedtls_mpi_exp_mod(): reduce stack usage")
87efbd27f8e0 ("libmbedtls: mbedtls_mpi_exp_mod() initialize W")
e7c59b9b1d5f ("libmbedtls: fix no CRT issue")
d76bd278d9e2 ("libmbedtls: add interfaces in mbedtls for context memory operation")
e5b6c167f809 ("libmedtls: mpi_miller_rabin: increase count limit")
b81d896a903d ("libmbedtls: add mbedtls_mpi_init_mempool()")
3fbd8660c09d ("libmbedtls: make mbedtls_mpi_mont*() available")
2cc759c67e37 ("mbedtls: configure mbedtls to reach for config")
48bf81758c6e ("mbedtls: remove default include/mbedtls/config.h")
3602df84d7b3 ("Import mbedtls-2.27.0")

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

arm64: format call stack addresses on 8 characters by default

print_stack_arm64() currently shows the full 64 bit addresses in
hexadecimal with leading zeros (0x0000000000000000). This is a bit hard

arm64: format call stack addresses on 8 characters by default

print_stack_arm64() currently shows the full 64 bit addresses in
hexadecimal with leading zeros (0x0000000000000000). This is a bit hard
to read and is not necessary since virtual addresses are typically 32
or 36 bits (defined by CFG_LPAE_ADDR_SPACE_BITS), and in any case
nowhere near 64 bits.
Therefore, use a 32-bit format by default (0x00000000) and expand the
width as necessary. The new format is already used in ldelf to print
the region addresses so this changes brings consistency.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Revert "libutee: TEE_MACCompareFinal(): panic if input size is too large"

This reverts commit dbb3274a60f0b258fe115ed1678fc569335c0c5d. It turns
out the panic reason cited in the commit ("If input d

Revert "libutee: TEE_MACCompareFinal(): panic if input size is too large"

This reverts commit dbb3274a60f0b258fe115ed1678fc569335c0c5d. It turns
out the panic reason cited in the commit ("If input data exceeds maximum
length for the algorithm") applies to the message only and has nothing
to do with macLen. The same sentence appears elsewhere in the spec where
there is no ambiguity.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: TEE_MACCompareFinal(): panic if input size is too large

The GlobalPlatform TEE Internal Core API specification mentions the
following panic reason for TEE_MACCompareFinal(): "if input data

libutee: TEE_MACCompareFinal(): panic if input size is too large

The GlobalPlatform TEE Internal Core API specification mentions the
following panic reason for TEE_MACCompareFinal(): "if input data exceeds
the maximum length for the algorithm". The current code returns
TEE_ERROR_MAC_INVALID instead. Fix this by assigning error code
TEE_ERROR_BAD_PARAMETERS which gets translated into a panic later.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

compiler.h: add __rodata_dummy macro

Adds the macro __rodata_dummy which places a symbol in the section
".rodata.dummy". This macro is intended to be used in the
core/arch/arm/kernel/link_dummies_*.

compiler.h: add __rodata_dummy macro

Adds the macro __rodata_dummy which places a symbol in the section
".rodata.dummy". This macro is intended to be used in the
core/arch/arm/kernel/link_dummies_*.c files.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: use separate sections for each __rodata_unpaged variable

Adds a mandatory argument to the macro __rodata_unpaged() to take the
name of the variable to put in the unpaged rodata section. This w

core: use separate sections for each __rodata_unpaged variable

Adds a mandatory argument to the macro __rodata_unpaged() to take the
name of the variable to put in the unpaged rodata section. This will
result in separate sections for each such variable and make it easier to
debug the pruning of the dependency tree for unpaged sections.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

lib: mbedtls: return TEE_ERROR_BAD_PARAMETERS on input data error

This change fixes Keymaster VTS if cryptolib uses libmedtls
EncryptionOperationsTest, RsaPkcs1Success and
EncryptionOperationsTest,

lib: mbedtls: return TEE_ERROR_BAD_PARAMETERS on input data error

This change fixes Keymaster VTS if cryptolib uses libmedtls
EncryptionOperationsTest, RsaPkcs1Success and
EncryptionOperationsTest, RsaOaepSuccess probabilistic failure.
We should change error code from libmedtls to TEE_AsymmetricDecrypt.
In the same scenario, the tomcrypt return value is eventually
Converted to TEE_ERROR_BAD_PARAMETERS,and then pass the test.
But mbedtls converted to TEE_ERROR_BAD_STATE,
This causes TEE_AsymmetricDecrypt() to panic.

Signed-off-by: Liu Shiwei <liushiwei@eswin.com>
Tested-by: Liu Shiwei <liushiwei@eswin.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Victor Chong <victor.chong@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutils: fix range check in gen_malloc_add_pool()

Prior to this patch was the length of supplied buffer not checked
accurately for very small buffer. This could result in an unexpected
assert():
E/

libutils: fix range check in gen_malloc_add_pool()

Prior to this patch was the length of supplied buffer not checked
accurately for very small buffer. This could result in an unexpected
assert():
E/TC:0 0 assertion 'start < end' failed at lib/libutils/isoc/bget_malloc.c:775 <gen_malloc_add_pool>
E/TC:0 0 Panic at core/kernel/assert.c:28 <_assert_break>

So fix this with a proper test.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...