History log of /optee_os/lib/ (Results 301 – 325 of 879)
Revision Date Author Comments
(<<< Hide modified files)
(Show modified files >>>)
3ddd5cd716-Jun-2021 liushiwei <liushiwei@eswin.com>

lib: mbedtls: return TEE_ERROR_BAD_PARAMETERS on input data error

This change fixes Keymaster VTS if cryptolib uses libmedtls
EncryptionOperationsTest, RsaPkcs1Success and
EncryptionOperationsTest,

lib: mbedtls: return TEE_ERROR_BAD_PARAMETERS on input data error

This change fixes Keymaster VTS if cryptolib uses libmedtls
EncryptionOperationsTest, RsaPkcs1Success and
EncryptionOperationsTest, RsaOaepSuccess probabilistic failure.
We should change error code from libmedtls to TEE_AsymmetricDecrypt.
In the same scenario, the tomcrypt return value is eventually
Converted to TEE_ERROR_BAD_PARAMETERS,and then pass the test.
But mbedtls converted to TEE_ERROR_BAD_STATE,
This causes TEE_AsymmetricDecrypt() to panic.

Signed-off-by: Liu Shiwei <liushiwei@eswin.com>
Tested-by: Liu Shiwei <liushiwei@eswin.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Victor Chong <victor.chong@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/core/arch/arm/include/mm/core_mmu.h
/optee_os/core/arch/arm/kernel/boot.c
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/arch/arm/mm/tee_pager.c
/optee_os/core/arch/arm/plat-imx/conf.mk
/optee_os/core/arch/arm/plat-rcar/platform_config.h
/optee_os/core/arch/arm/plat-zynq7k/main.c
/optee_os/core/drivers/crypto/caam/hal/common/hal_cfg.c
/optee_os/core/drivers/crypto/caam/hal/common/hal_cfg_dt.c
/optee_os/core/drivers/imx_i2c.c
/optee_os/core/drivers/imx_rngb.c
/optee_os/core/kernel/dt.c
/optee_os/core/kernel/tpm.c
/optee_os/core/lib/libtomcrypt/rsa.c
/optee_os/core/lib/libtomcrypt/src/headers/tomcrypt_pk.h
/optee_os/core/lib/libtomcrypt/src/headers/tomcrypt_private.h
/optee_os/core/lib/libtomcrypt/src/pk/rsa/rsa_make_key.c
/optee_os/core/tee/fs_dirfile.c
/optee_os/core/tee/tadb.c
/optee_os/ldelf/ta_elf_rel.c
libmbedtls/core/rsa.c
53154de703-Jun-2021 Jens Wiklander <jens.wiklander@linaro.org>

libutils: fix range check in gen_malloc_add_pool()

Prior to this patch was the length of supplied buffer not checked
accurately for very small buffer. This could result in an unexpected
assert():
E/

libutils: fix range check in gen_malloc_add_pool()

Prior to this patch was the length of supplied buffer not checked
accurately for very small buffer. This could result in an unexpected
assert():
E/TC:0 0 assertion 'start < end' failed at lib/libutils/isoc/bget_malloc.c:775 <gen_malloc_add_pool>
E/TC:0 0 Panic at core/kernel/assert.c:28 <_assert_break>

So fix this with a proper test.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/core/arch/arm/kernel/spmc_sp_handler.c
/optee_os/core/arch/arm/kernel/thread_a32.S
/optee_os/core/arch/arm/plat-rcar/conf.mk
/optee_os/core/pta/hwrng.c
/optee_os/core/pta/sub.mk
libutils/isoc/bget_malloc.c
/optee_os/mk/config.mk
b2ac1d0f21-May-2021 Sergiy Kibrik <Sergiy_Kibrik@epam.com>

synquacer: rng-pta: move rng_pta_client.h to common path

Header is platform independent and can be used by generic RNG PTA.

Signed-off-by: Sergiy Kibrik <Sergiy_Kibrik@epam.com>
Reviewed-by: Jerome

synquacer: rng-pta: move rng_pta_client.h to common path

Header is platform independent and can be used by generic RNG PTA.

Signed-off-by: Sergiy Kibrik <Sergiy_Kibrik@epam.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/.azure-pipelines.yml
/optee_os/core/arch/arm/include/ffa.h
/optee_os/core/arch/arm/include/kernel/boot.h
/optee_os/core/arch/arm/kernel/boot.c
/optee_os/core/arch/arm/kernel/entry_a32.S
/optee_os/core/arch/arm/kernel/entry_a64.S
/optee_os/core/arch/arm/kernel/thread_optee_smc_a32.S
/optee_os/core/arch/arm/kernel/thread_spmc_a32.S
/optee_os/core/arch/arm/plat-rcar/conf.mk
/optee_os/core/arch/arm/plat-rcar/core_pos_a64.S
/optee_os/core/arch/arm/plat-rcar/hw_rng.c
/optee_os/core/arch/arm/plat-rcar/main.c
/optee_os/core/arch/arm/plat-rcar/platform_config.h
/optee_os/core/arch/arm/plat-rcar/rcar.h
/optee_os/core/arch/arm/plat-rcar/romapi.c
/optee_os/core/arch/arm/plat-rcar/romapi.h
/optee_os/core/arch/arm/plat-rcar/romapi_call.S
/optee_os/core/arch/arm/plat-rcar/sub.mk
/optee_os/core/arch/arm/plat-vexpress/fvp_spmc_pm.c
/optee_os/core/drivers/crypto/caam/cipher/caam_cipher_mac.c
/optee_os/core/drivers/crypto/caam/utils/utils_dmaobj.c
/optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_asn1_oid.h
/optee_os/core/drivers/scif.c
/optee_os/core/include/tee/tee_fs.h
/optee_os/core/include/tee/tee_svc_storage.h
/optee_os/core/kernel/ree_fs_ta.c
/optee_os/core/lib/zlib/zconf.h
/optee_os/core/mm/sub.mk
/optee_os/core/pta/scmi.c
/optee_os/core/tee/tee_rpmb_fs.c
/optee_os/core/tee/tee_svc_storage.c
libutee/include/rng_pta_client.h
/optee_os/mk/config.mk
/optee_os/scripts/mem_usage.py
/optee_os/ta/pkcs11/include/pkcs11_ta.h
/optee_os/ta/pkcs11/scripts/dump_ec_curve_params.sh
/optee_os/ta/pkcs11/src/entry.c
/optee_os/ta/pkcs11/src/pkcs11_attributes.c
/optee_os/ta/pkcs11/src/pkcs11_attributes.h
/optee_os/ta/pkcs11/src/pkcs11_helpers.c
/optee_os/ta/pkcs11/src/pkcs11_token.c
/optee_os/ta/pkcs11/src/pkcs11_token.h
/optee_os/ta/pkcs11/src/processing.c
/optee_os/ta/pkcs11/src/processing.h
/optee_os/ta/pkcs11/src/processing_asymm.c
/optee_os/ta/pkcs11/src/processing_ec.c
/optee_os/ta/pkcs11/src/sub.mk
/optee_os/ta/pkcs11/src/token_capabilities.c
c04a96a413-May-2021 lubing <lubing@eswin.com>

core: Fix memory leaks in sm2 of Mbedtls lib

When enable mbedtls in optee-os , xtest run twice will be fail.
Memory leakage exists in three functions.
1. grp and mpi in sm2_mbedtls_pke_encrypt
2. gr

core: Fix memory leaks in sm2 of Mbedtls lib

When enable mbedtls in optee-os , xtest run twice will be fail.
Memory leakage exists in three functions.
1. grp and mpi in sm2_mbedtls_pke_encrypt
2. grp in sm2_mbedtls_dsa_sign
3. grp in sm2_mbedtls_dsa_verify

Fixes: c84eee6397bb ("core: add support for SM2 using MBed TLS")
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: lubing <lubing@eswin.com>

show more ...


/optee_os/.azure-pipelines.yml
/optee_os/core/arch/arm/include/sm/psci.h
/optee_os/core/arch/arm/kernel/thread.c
/optee_os/core/arch/arm/kernel/thread_optee_smc.c
/optee_os/core/arch/arm/plat-imx/conf.mk
/optee_os/core/arch/arm/plat-imx/imx-regs.h
/optee_os/core/arch/arm/plat-imx/pm/psci.c
/optee_os/core/arch/arm/plat-imx/registers/imx8m.h
/optee_os/core/arch/arm/sm/psci.c
/optee_os/core/drivers/crypto/caam/hal/sub.mk
/optee_os/core/drivers/gic.c
/optee_os/core/drivers/imx_wdog.c
/optee_os/core/include/drivers/imx_wdog.h
libmbedtls/core/sm2-dsa.c
libmbedtls/core/sm2-pke.c
b5fed9f703-May-2021 Jens Wiklander <jens.wiklander@linaro.org>

libutils: sys/queue.h: add SLIST_FOREACH_SAFE()

Import macro SLIST_FOREACH_SAFE from FreeBSD.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissie

libutils: sys/queue.h: add SLIST_FOREACH_SAFE()

Import macro SLIST_FOREACH_SAFE from FreeBSD.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/.travis.yml
/optee_os/core/arch/arm/include/arm.h
/optee_os/core/arch/arm/include/arm32.h
/optee_os/core/arch/arm/include/arm64.h
/optee_os/core/arch/arm/include/ffa.h
/optee_os/core/arch/arm/include/kernel/stmm_sp.h
/optee_os/core/arch/arm/include/kernel/thread.h
/optee_os/core/arch/arm/include/kernel/tz_proc_def.h
/optee_os/core/arch/arm/include/kernel/tz_ssvce_def.h
/optee_os/core/arch/arm/include/kernel/vfp.h
/optee_os/core/arch/arm/include/mm/core_mmu.h
/optee_os/core/arch/arm/include/mm/tee_pager.h
/optee_os/core/arch/arm/include/optee_ffa.h
/optee_os/core/arch/arm/include/sm/optee_smc.h
/optee_os/core/arch/arm/include/sm/psci.h
/optee_os/core/arch/arm/kernel/boot.c
/optee_os/core/arch/arm/kernel/stmm_sp.c
/optee_os/core/arch/arm/kernel/thread.c
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/arch/arm/mm/tee_pager.c
/optee_os/core/arch/arm/plat-imx/crypto_conf.mk
/optee_os/core/arch/arm/plat-ls/crypto_conf.mk
/optee_os/core/drivers/crypto/caam/acipher/caam_dsa.c
/optee_os/core/drivers/crypto/caam/acipher/caam_prime_dsa.c
/optee_os/core/drivers/crypto/caam/acipher/caam_prime_rsa.c
/optee_os/core/drivers/crypto/caam/acipher/caam_rsa.c
/optee_os/core/drivers/crypto/caam/acipher/local.h
/optee_os/core/drivers/crypto/caam/acipher/sub.mk
/optee_os/core/drivers/crypto/caam/caam_ctrl.c
/optee_os/core/drivers/crypto/caam/include/caam_acipher.h
/optee_os/core/drivers/crypto/caam/include/caam_desc_ccb_defines.h
/optee_os/core/drivers/crypto/caam/include/caam_desc_defines.h
/optee_os/core/drivers/crypto/caam/include/caam_desc_helper.h
/optee_os/core/drivers/crypto/caam/include/caam_trace.h
/optee_os/core/drivers/crypto/crypto_api/acipher/dsa.c
/optee_os/core/drivers/crypto/crypto_api/acipher/sub.mk
/optee_os/core/drivers/crypto/crypto_api/include/drvcrypt.h
/optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_acipher.h
/optee_os/core/include/bench.h
/optee_os/core/include/drivers/imx/dcp.h
/optee_os/core/include/drivers/ls_gpio.h
/optee_os/core/include/drivers/ls_i2c.h
/optee_os/core/include/drivers/scmi-msg.h
/optee_os/core/include/drivers/stm32_i2c.h
/optee_os/core/include/drivers/tzc380.h
/optee_os/core/include/drivers/tzc400.h
/optee_os/core/include/kernel/asan.h
/optee_os/core/include/kernel/dt.h
/optee_os/core/include/kernel/pm.h
/optee_os/core/include/kernel/user_mode_ctx_struct.h
/optee_os/core/include/mm/fobj.h
/optee_os/core/include/mm/tee_mmu_types.h
/optee_os/core/include/optee_msg.h
/optee_os/core/include/optee_rpc_cmd.h
/optee_os/core/include/tee/fs_htree.h
/optee_os/core/include/tee/tee_fs.h
/optee_os/core/include/tee/tee_fs_key_manager.h
/optee_os/core/kernel/user_ta.c
/optee_os/core/mm/fobj.c
/optee_os/core/mm/mobj.c
/optee_os/core/mm/vm.c
libutils/isoc/include/sys/queue.h
fb19e98e25-Feb-2021 Jens Wiklander <jens.wiklander@linaro.org>

core: enable FF-A with SPM Core at S-EL2

This enables support for FF-A with SPM Core at S-EL2 in a secure
hypervisor while OP-TEE is running at S-EL1 as a SP.
This configuration is also know as "S-E

core: enable FF-A with SPM Core at S-EL2

This enables support for FF-A with SPM Core at S-EL2 in a secure
hypervisor while OP-TEE is running at S-EL1 as a SP.
This configuration is also know as "S-EL2 SPMC" in the FFA specification.

Compile with CFG_CORE_SEL2_SPMC=y

Note that this is an experimental feature, ABIs etc may have
incompatible changes.

This depends on using the FF-A v4 patchset in the Linux kernel.

Reviewed-by: Jelle Sels <jelle.sels@arm.com>
Co-developed-by: Marc Bonnici <marc.bonnici@arm.com>
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/core/arch/arm/arm.mk
/optee_os/core/arch/arm/include/arm.h
/optee_os/core/arch/arm/include/ffa.h
/optee_os/core/arch/arm/include/kernel/thread.h
/optee_os/core/arch/arm/include/optee_ffa.h
/optee_os/core/arch/arm/kernel/link_dummies_paged.c
/optee_os/core/arch/arm/kernel/thread.c
/optee_os/core/arch/arm/kernel/thread_optee_smc.c
/optee_os/core/arch/arm/kernel/thread_private.h
/optee_os/core/arch/arm/kernel/thread_spmc.c
/optee_os/core/arch/arm/mm/mobj_ffa.c
/optee_os/core/arch/arm/plat-vexpress/conf.mk
/optee_os/core/arch/arm/plat-vexpress/fvp_spmc_pm.c
/optee_os/core/include/mm/mobj.h
/optee_os/core/include/optee_msg.h
/optee_os/core/tee/entry_std.c
libutee/include/arm_user_sysreg.h
568fc27625-Feb-2021 Jens Wiklander <jens.wiklander@linaro.org>

arm64: add read_cntvct()

Adds read_cntvct() to read Counter-timer Virtual Count register.

Note that arm32 already have this function.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-of

arm64: add read_cntvct()

Adds read_cntvct() to read Counter-timer Virtual Count register.

Note that arm32 already have this function.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/core/arch/arm/include/arm64.h
/optee_os/core/arch/arm/include/kernel/thread.h
/optee_os/core/arch/arm/kernel/thread_a32.S
/optee_os/core/arch/arm/kernel/thread_a64.S
libutee/include/arm64_user_sysreg.h
c6e827c025-Feb-2021 Jens Wiklander <jens.wiklander@linaro.org>

Rename to barrier_read_counter_timer()

Renames barrier_read_cntpct() to barrier_read_counter_timer() to use a
neutral name for the counter.

With SPMC at S-EL2 OP-TEE will be virtualized and must us

Rename to barrier_read_counter_timer()

Renames barrier_read_cntpct() to barrier_read_counter_timer() to use a
neutral name for the counter.

With SPMC at S-EL2 OP-TEE will be virtualized and must use CNTVCT
instead of CNTPCT while the old physical OP-TEE must continue to use
CNTPCT.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/CHANGELOG.md
/optee_os/core/arch/arm/include/arm.h
/optee_os/core/arch/arm/include/kernel/delay.h
/optee_os/core/arch/arm/include/mm/tee_pager.h
/optee_os/core/arch/arm/kernel/tee_time_arm_cntpct.c
/optee_os/core/arch/arm/mm/tee_pager.c
/optee_os/core/arch/arm/plat-imx/crypto_conf.mk
/optee_os/core/arch/arm/plat-ls/crypto_conf.mk
/optee_os/core/arch/arm/plat-stm32mp1/conf.mk
/optee_os/core/drivers/crypto/caam/acipher/caam_dh.c
/optee_os/core/drivers/crypto/caam/acipher/sub.mk
/optee_os/core/drivers/crypto/caam/caam_ctrl.c
/optee_os/core/drivers/crypto/caam/cipher/caam_cipher_mac.c
/optee_os/core/drivers/crypto/caam/include/caam_acipher.h
/optee_os/core/drivers/crypto/caam/include/caam_desc_defines.h
/optee_os/core/drivers/crypto/caam/include/caam_trace.h
/optee_os/core/drivers/crypto/crypto_api/acipher/dh.c
/optee_os/core/drivers/crypto/crypto_api/acipher/sub.mk
/optee_os/core/drivers/crypto/crypto_api/include/drvcrypt.h
/optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_acipher.h
/optee_os/core/kernel/tee_ta_manager.c
libutee/include/arm_user_sysreg.h
libutils/ext/ftrace/ftrace.c
/optee_os/mk/config.mk
b0a1c25005-Apr-2021 Etienne Carriere <etienne.carriere@linaro.org>

core: pta: scmi: new interface to REE SCMI agent

Adds a PTA interface to REE SCMI agents to get SCMI message communication
channel for processing in OP-TEE SCMI server.

Currently implement supports

core: pta: scmi: new interface to REE SCMI agent

Adds a PTA interface to REE SCMI agents to get SCMI message communication
channel for processing in OP-TEE SCMI server.

Currently implement supports for a SCMI server built with
CFG_SCMI_MSG_SMT=y. The implementation is made so that an alternate
SCMI server implementation can added.

Client gets SCMI channel capabilities with PTA_SCMI_CMD_CAPABILITIES.
Client gets a handle for an SCMI channel with command
PTA_SCMI_CMD_GET_CHANNEL_HANDLE.
Client pushes SCMI messages with command PTA_SCMI_CMD_PROCESS_SMT_CHANNEL
or PTA_SCMI_CMD_PROCESS_SMT_CHANNEL_MESSAGE.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/core/arch/arm/plat-rcar/main.c
/optee_os/core/arch/arm/plat-rcar/platform_config.h
/optee_os/core/include/drivers/scmi-msg.h
/optee_os/core/pta/scmi.c
/optee_os/core/pta/sub.mk
libutee/include/pta_scmi_client.h
/optee_os/mk/config.mk
c31a368d26-Mar-2021 Marouene Boubakri <marouene.boubakri@nxp.com>

libutee: include: fix typo in pta_invoke_tests.h

In PTA "invoke test", the AES performance test command takes
as argument key size value as bits instead of bytes.
Fix typo in comment.

Signed-off-by

libutee: include: fix typo in pta_invoke_tests.h

In PTA "invoke test", the AES performance test command takes
as argument key size value as bits instead of bytes.
Fix typo in comment.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/core/arch/arm/include/kernel/thread_spmc.h
/optee_os/core/arch/arm/kernel/spmc_sp_handler.c
/optee_os/core/arch/arm/kernel/thread_spmc.c
/optee_os/core/arch/arm/plat-stm32mp1/conf.mk
/optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_clk.c
/optee_os/core/arch/arm/plat-stm32mp1/scmi_server.c
libutee/include/pta_invoke_tests.h
36905f9422-Apr-2021 Guido Vranken <guidovranken@gmail.com>

libmbedtls: Use single-line string literals.

Signed-off-by: Guido Vranken <guidovranken@gmail.com>
[Cherry-pick upstream commit 962e4ee4a6b3, add libmbedtls: prefix]
Signed-off-by: Jerome Forissier

libmbedtls: Use single-line string literals.

Signed-off-by: Guido Vranken <guidovranken@gmail.com>
[Cherry-pick upstream commit 962e4ee4a6b3, add libmbedtls: prefix]
Signed-off-by: Jerome Forissier <jerome@forissier.org>

show more ...


libmbedtls/mbedtls/library/md2.c
libmbedtls/mbedtls/library/md4.c
libmbedtls/mbedtls/library/md5.c
libmbedtls/mbedtls/library/ripemd160.c
libmbedtls/mbedtls/library/sha512.c
77bdbf6722-Apr-2021 Guido Vranken <guidovranken@gmail.com>

libmbedtls: Prevent triggering Clang 12 -Wstring-concatenation warning

Wrap multi-line string literals in parentheses
to prevent a Clang 12 -Wstring-concatenation warning
(activated by -Wall), which

libmbedtls: Prevent triggering Clang 12 -Wstring-concatenation warning

Wrap multi-line string literals in parentheses
to prevent a Clang 12 -Wstring-concatenation warning
(activated by -Wall), which caused the build to fail.

Fixes https://github.com/ARMmbed/mbedtls/issues/3586

Signed-off-by: Guido Vranken <guidovranken@gmail.com>
[Cherry-pick upstream commit 027fe00d2e32, add libmbedtls: prefix]
Signed-off-by: Jerome Forissier <jerome@forissier.org>

show more ...


/optee_os/core/arch/arm/kernel/entry_a32.S
/optee_os/core/arch/arm/kernel/misc_a32.S
/optee_os/core/arch/arm/kernel/misc_a64.S
libmbedtls/mbedtls/library/md2.c
libmbedtls/mbedtls/library/md4.c
libmbedtls/mbedtls/library/md5.c
libmbedtls/mbedtls/library/ripemd160.c
libmbedtls/mbedtls/library/sha512.c
44a8a0cf22-Apr-2021 Jerome Forissier <jerome@forissier.org>

libutils: asm.S: introduce WEAK_FUNC

Adds a WEAK_FUNC macro which does the same as FUNC but defines a weak
symbol rather than a global one.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Re

libutils: asm.S: introduce WEAK_FUNC

Adds a WEAK_FUNC macro which does the same as FUNC but defines a weak
symbol rather than a global one.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


libutils/ext/include/asm.S
914103c122-Apr-2021 Jerome Forissier <jerome@forissier.org>

libutils: asm.S: reorder macro definitions

Define function macros first, then data macros. No functional change.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere

libutils: asm.S: reorder macro definitions

Define function macros first, then data macros. No functional change.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/.azure-pipelines.yml
/optee_os/core/arch/arm/include/kernel/secure_partition.h
/optee_os/core/arch/arm/include/kernel/stmm_sp.h
/optee_os/core/arch/arm/include/kernel/thread_spmc.h
/optee_os/core/arch/arm/include/mm/core_mmu.h
/optee_os/core/arch/arm/kernel/entry_a32.S
/optee_os/core/arch/arm/kernel/entry_a64.S
/optee_os/core/arch/arm/kernel/link.mk
/optee_os/core/arch/arm/kernel/spmc_sp_handler.c
/optee_os/core/arch/arm/kernel/stmm_sp.c
/optee_os/core/arch/arm/kernel/sub.mk
/optee_os/core/arch/arm/kernel/thread.c
/optee_os/core/arch/arm/kernel/thread_spmc.c
/optee_os/core/arch/arm/kernel/unwind_arm64.c
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/arch/arm/mm/core_mmu_lpae.c
/optee_os/core/arch/arm/mm/core_mmu_v7.c
/optee_os/core/arch/arm/mm/sub.mk
/optee_os/core/arch/arm/plat-imx/crypto_conf.mk
/optee_os/core/arch/arm/plat-imx/drivers/imx_csu.c
/optee_os/core/arch/arm/plat-ls/conf.mk
/optee_os/core/arch/arm/plat-ls/crypto_conf.mk
/optee_os/core/arch/arm/plat-ls/main.c
/optee_os/core/arch/arm/plat-ls/sub.mk
/optee_os/core/arch/arm/plat-rcar/link.mk
/optee_os/core/arch/arm/plat-rockchip/conf.mk
/optee_os/core/arch/arm/plat-stm32mp1/conf.mk
/optee_os/core/arch/arm/plat-stm32mp1/nsec-service/stm32mp1_svc_setup.c
/optee_os/core/arch/arm/plat-stm32mp1/sub.mk
/optee_os/core/arch/arm/tee/sub.mk
/optee_os/core/drivers/bcm_sotp.c
/optee_os/core/drivers/crypto/caam/acipher/caam_ecc.c
/optee_os/core/drivers/crypto/caam/acipher/sub.mk
/optee_os/core/drivers/crypto/caam/caam_ctrl.c
/optee_os/core/drivers/crypto/caam/hal/common/hal_cfg_dt.c
/optee_os/core/drivers/crypto/caam/include/caam_acipher.h
/optee_os/core/drivers/crypto/caam/include/caam_desc_defines.h
/optee_os/core/drivers/crypto/caam/include/caam_trace.h
/optee_os/core/drivers/crypto/se050/core/cipher.c
/optee_os/core/drivers/gic.c
/optee_os/core/drivers/scmi-msg/smt.c
/optee_os/core/drivers/sp805_wdt.c
/optee_os/core/include/drivers/scmi-msg.h
/optee_os/core/include/kernel/dt.h
/optee_os/core/include/kernel/early_ta.h
/optee_os/core/include/kernel/embedded_ts.h
/optee_os/core/include/kernel/interrupt.h
/optee_os/core/include/kernel/tee_ta_manager.h
/optee_os/core/include/mm/mobj.h
/optee_os/core/include/tee/entry_std.h
/optee_os/core/kernel/dt.c
/optee_os/core/kernel/early_ta.c
/optee_os/core/kernel/embedded_ts.c
/optee_os/core/kernel/interrupt.c
/optee_os/core/kernel/pseudo_ta.c
/optee_os/core/kernel/ree_fs_ta.c
/optee_os/core/kernel/secstor_ta.c
/optee_os/core/kernel/sub.mk
/optee_os/core/kernel/tee_ta_manager.c
/optee_os/core/kernel/user_ta.c
/optee_os/core/mm/mobj.c
/optee_os/core/mm/sub.mk
/optee_os/core/mm/vm.c
/optee_os/core/sub.mk
/optee_os/core/tee/entry_std.c
/optee_os/core/tee/sub.mk
/optee_os/core/tee/tee_pobj.c
/optee_os/core/tee/tee_svc_cryp.c
libutils/ext/include/asm.S
/optee_os/mk/config.mk
/optee_os/ta/pkcs11/src/object.c
/optee_os/ta/pkcs11/src/sanitize_object.c
bbfe5da724-Mar-2021 Jerome Forissier <jerome@forissier.org>

core: libmbedtls: build only necessary files

When building MBed TLS source files for use in the TEE core, some files
are currently compiled which are not used in the final link. This wastes
some res

core: libmbedtls: build only necessary files

When building MBed TLS source files for use in the TEE core, some files
are currently compiled which are not used in the final link. This wastes
some resources (build time and disk space), although not much; but it
also makes it less clear what is actually used by the core.

Introduce a reduced source file list in lib/libmbedtls/sub.mk when the
library is built for the core.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/.azure-pipelines.yml
/optee_os/core/arch/arm/include/kernel/abort.h
/optee_os/core/arch/arm/include/mm/core_mmu.h
/optee_os/core/arch/arm/include/mm/tee_pager.h
/optee_os/core/arch/arm/kernel/abort.c
/optee_os/core/arch/arm/kernel/thread.c
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/arch/arm/mm/mobj.c
/optee_os/core/arch/arm/mm/tee_pager.c
/optee_os/core/arch/arm/plat-imx/crypto_conf.mk
/optee_os/core/arch/arm/plat-ls/conf.mk
/optee_os/core/arch/arm/plat-ls/crypto_conf.mk
/optee_os/core/arch/arm/plat-ls/platform_config.h
/optee_os/core/arch/arm/plat-mediatek/conf.mk
/optee_os/core/arch/arm/plat-mediatek/platform_config.h
/optee_os/core/arch/arm/plat-stm32mp1/scmi_server.c
/optee_os/core/drivers/crypto/caam/acipher/caam_math.c
/optee_os/core/drivers/crypto/caam/acipher/caam_prime.c
/optee_os/core/drivers/crypto/caam/acipher/caam_rsa.c
/optee_os/core/drivers/crypto/caam/caam_desc.c
/optee_os/core/drivers/crypto/caam/cipher/caam_cipher.c
/optee_os/core/drivers/crypto/caam/cipher/caam_cipher_mac.c
/optee_os/core/drivers/crypto/caam/cipher/caam_cipher_xts.c
/optee_os/core/drivers/crypto/caam/cipher/local.h
/optee_os/core/drivers/crypto/caam/hal/ls/registers/ctrl_regs.h
/optee_os/core/drivers/crypto/caam/hash/caam_hash.c
/optee_os/core/drivers/crypto/caam/hash/caam_hash_mac.c
/optee_os/core/drivers/crypto/caam/hash/local.h
/optee_os/core/drivers/crypto/caam/include/caam_common.h
/optee_os/core/drivers/crypto/caam/include/caam_desc_defines.h
/optee_os/core/drivers/crypto/caam/include/caam_desc_helper.h
/optee_os/core/drivers/crypto/caam/include/caam_io.h
/optee_os/core/drivers/crypto/caam/include/caam_jr_status.h
/optee_os/core/drivers/crypto/caam/include/caam_status.h
/optee_os/core/drivers/crypto/caam/include/caam_trace.h
/optee_os/core/drivers/crypto/caam/include/caam_types.h
/optee_os/core/drivers/crypto/caam/include/caam_utils_dmaobj.h
/optee_os/core/drivers/crypto/caam/include/caam_utils_mem.h
/optee_os/core/drivers/crypto/caam/include/caam_utils_sgt.h
/optee_os/core/drivers/crypto/caam/include/caam_utils_status.h
/optee_os/core/drivers/crypto/caam/utils/sub.mk
/optee_os/core/drivers/crypto/caam/utils/utils_dmaobj.c
/optee_os/core/drivers/crypto/caam/utils/utils_mem.c
/optee_os/core/drivers/crypto/caam/utils/utils_sgt.c
/optee_os/core/drivers/crypto/caam/utils/utils_sgt_v1.c
/optee_os/core/drivers/crypto/caam/utils/utils_sgt_v2.c
/optee_os/core/drivers/crypto/caam/utils/utils_status.c
/optee_os/core/drivers/scmi-msg/base.c
/optee_os/core/drivers/scmi-msg/clock.c
/optee_os/core/drivers/scmi-msg/common.h
/optee_os/core/drivers/scmi-msg/entry.c
/optee_os/core/drivers/scmi-msg/reset_domain.c
/optee_os/core/drivers/scmi-msg/smt.c
/optee_os/core/drivers/scmi-msg/voltage_domain.c
/optee_os/core/include/drivers/scmi-msg.h
/optee_os/core/include/mm/fobj.h
/optee_os/core/include/mm/vm.h
/optee_os/core/include/tee/tee_fs_rpc.h
/optee_os/core/mm/fobj.c
/optee_os/core/mm/vm.c
/optee_os/core/tee/tee_fs_rpc.c
/optee_os/core/tee/tee_svc_cryp.c
libmbedtls/sub.mk
/optee_os/mk/compile.mk
/optee_os/mk/config.mk
/optee_os/ta/pkcs11/src/object.c
/optee_os/ta/pkcs11/src/pkcs11_attributes.c
/optee_os/ta/pkcs11/src/token_capabilities.c
1321805901-Mar-2021 Matthieu BERTIN <matthieu.bertin@viaccess-orca.com>

libutee: fix memory leak in bigint_binary_mod()

The modulus variable (mpi_n) in bigint_binary_mod() is never released,
causing a memory leak in TEE_BigIntAddMod(), TEE_BigIntSubMod(),
TEE_BigIntMulM

libutee: fix memory leak in bigint_binary_mod()

The modulus variable (mpi_n) in bigint_binary_mod() is never released,
causing a memory leak in TEE_BigIntAddMod(), TEE_BigIntSubMod(),
TEE_BigIntMulMod() and TEE_BigIntSquareMod(). Add the missing call.

Signed-off-by: Matthieu BERTIN <matthieu.bertin@viaccess-orca.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...


/optee_os/.azure-pipelines.yml
/optee_os/.shippable.yml
/optee_os/MAINTAINERS
/optee_os/core/arch/arm/arm.mk
/optee_os/core/arch/arm/plat-imx/registers/imx6.h
/optee_os/core/arch/arm/plat-stm32mp1/main.c
/optee_os/core/arch/arm/plat-stm32mp1/platform_config.h
/optee_os/core/crypto.mk
/optee_os/core/drivers/gic.c
/optee_os/core/drivers/imx_rngb.c
/optee_os/core/drivers/stm32_rng.c
/optee_os/core/drivers/stpmic1.c
/optee_os/core/drivers/sub.mk
/optee_os/core/include/drivers/stpmic1.h
/optee_os/core/include/mm/core_memprot.h
/optee_os/core/kernel/pm.c
libutee/tee_api_arith_mpi.c
/optee_os/mk/config.mk
/optee_os/ta/pkcs11/include/pkcs11_ta.h
/optee_os/ta/pkcs11/src/entry.c
/optee_os/ta/pkcs11/src/pkcs11_attributes.c
/optee_os/ta/pkcs11/src/pkcs11_attributes.h
/optee_os/ta/pkcs11/src/pkcs11_helpers.c
/optee_os/ta/pkcs11/src/processing.c
/optee_os/ta/pkcs11/src/processing.h
/optee_os/ta/pkcs11/src/processing_digest.c
/optee_os/ta/pkcs11/src/sub.mk
/optee_os/ta/pkcs11/src/token_capabilities.c
2138a6f803-Mar-2021 Stefan Schmidt <snst@meek.de>

libutee: add NULL pointer check in TEE_OpenPersistentObject()

Fix missing test on user object handle output reference in
TEE_OpenPersistentObject().

Signed-off-by: Stefan Schmidt <snst@meek.de>
Rev

libutee: add NULL pointer check in TEE_OpenPersistentObject()

Fix missing test on user object handle output reference in
TEE_OpenPersistentObject().

Signed-off-by: Stefan Schmidt <snst@meek.de>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...


/optee_os/.azure-pipelines.yml
/optee_os/.shippable.yml
/optee_os/MAINTAINERS
/optee_os/core/arch/arm/include/ffa.h
/optee_os/core/arch/arm/include/kernel/abort.h
/optee_os/core/arch/arm/include/kernel/secure_partition.h
/optee_os/core/arch/arm/include/kernel/spmc_sp_handler.h
/optee_os/core/arch/arm/include/kernel/thread.h
/optee_os/core/arch/arm/include/kernel/thread_spmc.h
/optee_os/core/arch/arm/include/kernel/tlb_helpers.h
/optee_os/core/arch/arm/include/mm/core_mmu.h
/optee_os/core/arch/arm/include/mm/pgt_cache.h
/optee_os/core/arch/arm/kernel/abort.c
/optee_os/core/arch/arm/kernel/boot.c
/optee_os/core/arch/arm/kernel/ldelf_loader.c
/optee_os/core/arch/arm/kernel/otp_stubs.c
/optee_os/core/arch/arm/kernel/secure_partition.c
/optee_os/core/arch/arm/kernel/spmc_sp_handler.c
/optee_os/core/arch/arm/kernel/stmm_sp.c
/optee_os/core/arch/arm/kernel/sub.mk
/optee_os/core/arch/arm/kernel/thread.c
/optee_os/core/arch/arm/kernel/thread_private.h
/optee_os/core/arch/arm/kernel/thread_spmc.c
/optee_os/core/arch/arm/kernel/thread_spmc_a64.S
/optee_os/core/arch/arm/kernel/user_ta.c
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/arch/arm/mm/pgt_cache.c
/optee_os/core/arch/arm/plat-hikey/spi_test.c
/optee_os/core/arch/arm/plat-imx/conf.mk
/optee_os/core/arch/arm/plat-imx/registers/imx8m.h
/optee_os/core/arch/arm/plat-ls/conf.mk
/optee_os/core/drivers/bcm_gpio.c
/optee_os/core/drivers/ls_dspi.c
/optee_os/core/drivers/ls_gpio.c
/optee_os/core/drivers/pl022_spi.c
/optee_os/core/drivers/pl061_gpio.c
/optee_os/core/drivers/sub.mk
/optee_os/core/include/drivers/ls_dspi.h
/optee_os/core/include/drivers/ls_gpio.h
/optee_os/core/include/gpio.h
/optee_os/core/include/kernel/ldelf_loader.h
/optee_os/core/include/kernel/linker.h
/optee_os/core/include/kernel/mutex.h
/optee_os/core/include/kernel/pseudo_ta.h
/optee_os/core/include/kernel/time_source.h
/optee_os/core/include/kernel/timer.h
/optee_os/core/include/kernel/unwind.h
/optee_os/core/include/kernel/user_mode_ctx.h
/optee_os/core/include/kernel/user_ta.h
/optee_os/core/include/kernel/wait_queue.h
/optee_os/core/kernel/ldelf_syscalls.c
/optee_os/core/kernel/mutex.c
/optee_os/core/kernel/mutex_lockdep.c
/optee_os/core/kernel/mutex_lockdep.h
/optee_os/core/kernel/sub.mk
/optee_os/core/kernel/user_access.c
/optee_os/core/kernel/wait_queue.c
/optee_os/core/mm/vm.c
/optee_os/core/pta/bcm/gpio.c
/optee_os/core/tee/sub.mk
/optee_os/ldelf/main.c
libutee/tee_api_objects.c
/optee_os/ta/pkcs11/include/pkcs11_ta.h
/optee_os/ta/pkcs11/src/entry.c
/optee_os/ta/pkcs11/src/object.c
/optee_os/ta/pkcs11/src/object.h
/optee_os/ta/pkcs11/src/persistent_token.c
/optee_os/ta/pkcs11/src/pkcs11_attributes.c
/optee_os/ta/pkcs11/src/pkcs11_attributes.h
/optee_os/ta/pkcs11/src/pkcs11_helpers.c
/optee_os/ta/pkcs11/src/pkcs11_token.c
/optee_os/ta/pkcs11/src/pkcs11_token.h
/optee_os/ta/pkcs11/src/processing.c
/optee_os/ta/pkcs11/src/processing.h
/optee_os/ta/pkcs11/src/processing_symm.c
/optee_os/ta/pkcs11/src/sanitize_object.c
/optee_os/ta/trusted_keys/entry.c
dea9063e19-Feb-2021 Jens Wiklander <jens.wiklander@linaro.org>

libutee: check srcLen in TEE_CipherDoFinal()

Adds another check of srcLen in TEE_CipherDoFinal() before calling
tee_buffer_update() to make sure that we don't dereference destLen when
it's NULL.

Th

libutee: check srcLen in TEE_CipherDoFinal()

Adds another check of srcLen in TEE_CipherDoFinal() before calling
tee_buffer_update() to make sure that we don't dereference destLen when
it's NULL.

This fixes coverity scan:
CID 1501811 (#1 of 1): Dereference after null check (FORWARD_NULL)

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/core/pta/system.c
/optee_os/core/tee/tadb.c
/optee_os/ldelf/ta_elf.c
libutee/tee_api_operations.c
b6fa905f19-Feb-2021 Jens Wiklander <jens.wiklander@linaro.org>

libutee: remove redundant NULL check in TEE_BigIntComputeExtendedGcd()

The gcd parameter passed to TEE_BigIntComputeExtendedGcd() must not
be NULL so skip the unnecessary NULL check.

This fixes cov

libutee: remove redundant NULL check in TEE_BigIntComputeExtendedGcd()

The gcd parameter passed to TEE_BigIntComputeExtendedGcd() must not
be NULL so skip the unnecessary NULL check.

This fixes coverity scan:
CID 1501842 (#1 of 1): Dereference after null check (FORWARD_NULL)

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/core/lib/libtomcrypt/mpi_desc.c
libutee/tee_api_arith_mpi.c
b68bcfeb19-Feb-2021 Jens Wiklander <jens.wiklander@linaro.org>

libutee: add coverity note to TEE_Panic()

Coverity scans emits false positive "Dereference after null check"
errors because it doesn't understand that TEE_Panic() doesn't return.
Fix this by adding

libutee: add coverity note to TEE_Panic()

Coverity scans emits false positive "Dereference after null check"
errors because it doesn't understand that TEE_Panic() doesn't return.
Fix this by adding a __coverity_panic__() at the end of the function.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/MAINTAINERS
/optee_os/core/arch/arm/kernel/sub.mk
/optee_os/core/arch/arm/mm/mobj_dyn_shm.c
/optee_os/core/arch/arm/plat-ls/conf.mk
/optee_os/core/arch/arm/plat-rcar/conf.mk
/optee_os/core/arch/arm/plat-rcar/core_pos_a32.S
/optee_os/core/arch/arm/plat-rcar/core_pos_a64.S
/optee_os/core/arch/arm/plat-rcar/main.c
/optee_os/core/arch/arm/plat-rcar/platform_config.h
/optee_os/core/arch/arm/plat-rcar/sub.mk
/optee_os/core/drivers/crypto/caam/utils/utils_mem.c
/optee_os/core/drivers/ls_i2c.c
/optee_os/core/drivers/sub.mk
/optee_os/core/include/drivers/ls_i2c.h
libutee/tee_api_panic.c
/optee_os/mk/compile.mk
/optee_os/ta/pkcs11/src/object.c
/optee_os/ta/pkcs11/src/pkcs11_attributes.c
/optee_os/ta/pkcs11/src/pkcs11_token.c
/optee_os/ta/pkcs11/src/processing.c
/optee_os/ta/pkcs11/src/processing_symm.c
/optee_os/ta/pkcs11/src/token_capabilities.c
/optee_os/ta/pkcs11/src/token_capabilities.h
90135cea11-Feb-2021 Alexander Zakharov <uglym8@gmail.com>

core: libmbedtls: CMAC: remove code duplication

Use common code for AES CMAC and 3DES CMAC

Signed-off-by: Alexander Zakharov <uglym8@gmail.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

core: libmbedtls: CMAC: remove code duplication

Use common code for AES CMAC and 3DES CMAC

Signed-off-by: Alexander Zakharov <uglym8@gmail.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/.shippable.yml
/optee_os/core/arch/arm/include/mm/mobj.h
/optee_os/core/arch/arm/kernel/virtualization.c
/optee_os/core/drivers/crypto/caam/utils/utils_mem.c
/optee_os/core/drivers/crypto/se050/adaptors/sub.mk
/optee_os/core/drivers/crypto/se050/cflags.mk
/optee_os/core/drivers/crypto/se050/core/sub.mk
/optee_os/core/drivers/crypto/se050/sub.mk
libmbedtls/core/cmac.c
libmbedtls/core/sub.mk
/optee_os/ta/pkcs11/include/pkcs11_ta.h
/optee_os/ta/pkcs11/src/entry.c
/optee_os/ta/pkcs11/src/pkcs11_helpers.c
/optee_os/ta/pkcs11/src/pkcs11_token.c
/optee_os/ta/pkcs11/src/pkcs11_token.h
eee637e710-Feb-2021 Alexander Zakharov <uglym8@gmail.com>

Add 3DES CMAC implementation

CMAC is a Cipher-Based MAC that improves some of the security deficiencies
found in CBC-MAC. It is described in NIST SP800-38B as a mode of operation
for approved symmet

Add 3DES CMAC implementation

CMAC is a Cipher-Based MAC that improves some of the security deficiencies
found in CBC-MAC. It is described in NIST SP800-38B as a mode of operation
for approved symmetric block chipers, namely AES and TDEA.

CMAC has similar use cases and security guarantees as HMAC, with the
difference that it uses a different primitive (symmetric cipher instead
of hash function).
CMAC may be appropriate for information systems in which an approved block
cipher is more readily available than an approved hash function.

Commonly it is used for symmetric key diversification (ASC X9 TR 31-2018),
data integrity assurance (ICV).

CMAC is public domain.

OP-TEE core already supports for AES CMAC, but not TDEA CMAC. This commit
adds TDEA CMAC support.

Signed-off-by: Alexander Zakharov <uglym8@gmail.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
[jf: wrap commit description at 75 characters]
Signed-off-by: Jerome Forissier <jerome@forissier.org>

show more ...


/optee_os/core/crypto/crypto.c
/optee_os/core/include/crypto/crypto_impl.h
/optee_os/core/lib/libtomcrypt/cmac.c
/optee_os/core/tee/tee_cryp_utl.c
libutee/include/tee_api_defines_extensions.h
libutee/include/utee_defines.h
libutee/tee_api_operations.c
b6ca7e5d10-Feb-2021 Alexander Zakharov <uglym8@gmail.com>

core: libmbedtls: add 3DES CMAC implementation

Add 3DES CMAC (NIST SP800-38B).

Signed-off-by: Alexander Zakharov <uglym8@gmail.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Et

core: libmbedtls: add 3DES CMAC implementation

Add 3DES CMAC (NIST SP800-38B).

Signed-off-by: Alexander Zakharov <uglym8@gmail.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
[jf: add commit description]
Signed-off-by: Jerome Forissier <jerome@forissier.org>

show more ...


/optee_os/.shippable.yml
/optee_os/MAINTAINERS
/optee_os/core/arch/arm/dts/fsl-lx2160a-qds.dts
/optee_os/core/arch/arm/dts/fsl-lx2160a-rdb.dts
/optee_os/core/arch/arm/dts/fsl-lx2160a.dtsi
/optee_os/core/arch/arm/include/arm64.h
/optee_os/core/arch/arm/include/kernel/cache_helpers.h
/optee_os/core/arch/arm/include/mm/core_mmu.h
/optee_os/core/arch/arm/kernel/thread_a32.S
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/arch/arm/plat-imx/conf.mk
/optee_os/core/arch/arm/plat-imx/drivers/imx_csu.c
/optee_os/core/arch/arm/plat-imx/registers/imx6-dcp.h
/optee_os/core/arch/arm/plat-imx/registers/imx6.h
/optee_os/core/arch/arm/plat-ls/conf.mk
/optee_os/core/arch/arm/plat-ls/main.c
/optee_os/core/arch/arm/plat-ls/platform_config.h
/optee_os/core/drivers/crypto/se050/adaptors/apis/sss.c
/optee_os/core/drivers/crypto/se050/adaptors/include/se050_utils.h
/optee_os/core/drivers/crypto/se050/adaptors/utils/scp_config.c
/optee_os/core/drivers/crypto/se050/session.c
/optee_os/core/drivers/imx/dcp/dcp.c
/optee_os/core/drivers/imx/dcp/dcp_huk.c
/optee_os/core/drivers/imx/dcp/dcp_utils.c
/optee_os/core/drivers/imx/dcp/include/dcp_utils.h
/optee_os/core/drivers/imx/dcp/include/local.h
/optee_os/core/drivers/imx/dcp/sub.mk
/optee_os/core/drivers/imx/sub.mk
/optee_os/core/drivers/sub.mk
/optee_os/core/include/drivers/imx/dcp.h
/optee_os/core/include/kernel/huk_subkey.h
libmbedtls/core/des3_cmac.c
libmbedtls/core/sub.mk
/optee_os/ta/pkcs11/include/pkcs11_ta.h
/optee_os/ta/pkcs11/src/attributes.c
/optee_os/ta/pkcs11/src/attributes.h
/optee_os/ta/pkcs11/src/entry.c
/optee_os/ta/pkcs11/src/object.c
/optee_os/ta/pkcs11/src/object.h
/optee_os/ta/pkcs11/src/pkcs11_attributes.c
/optee_os/ta/pkcs11/src/pkcs11_attributes.h
/optee_os/ta/pkcs11/src/pkcs11_helpers.c
/optee_os/ta/pkcs11/src/pkcs11_token.c
c84eee6327-Jan-2021 Jerome Forissier <jerome@forissier.org>

core: add support for SM2 using MBed TLS

The SM2 algorithms (PKE, KEP and DSA) are currently implemented using
LibTomCrypt. They are automatically disabled when MBed TLS is selected
as the core cryp

core: add support for SM2 using MBed TLS

The SM2 algorithms (PKE, KEP and DSA) are currently implemented using
LibTomCrypt. They are automatically disabled when MBed TLS is selected
as the core crypto library (that is, when CFG_CRYPTOLIB_NAME=mbedtls
CFG_CRYPTOLIB_DIR=lib/libmbedtls).

This commit removes this restriction by porting the relevant files
(core/lib/libtomcrypt/sm2-{dsa,kep,pke}.c) over to the MBed TLS API in
lib/libmbedtls/core.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...


/optee_os/core/crypto.mk
/optee_os/core/tee/tee_svc_cryp.c
libmbedtls/core/ecc.c
libmbedtls/core/mbed_helpers.c
libmbedtls/core/mbed_helpers.h
libmbedtls/core/sm2-dsa.c
libmbedtls/core/sm2-dsa.h
libmbedtls/core/sm2-kep.c
libmbedtls/core/sm2-pke.c
libmbedtls/core/sm2-pke.h
libmbedtls/core/sub.mk
libmbedtls/include/mbedtls_config_kernel.h
9fc2442c22-Jan-2021 Jerome Forissier <jerome@forissier.org>

libmbedtls: add SM2 curve

When MBEDTLS_ECP_DP_SM2_ENABLED is set, adds support for the ECC curve
defined for the Chinese SM2 algorithm (G/MT 0003 Part 5, [1]).

Link: [1] http://www.gmbz.org.cn/uplo

libmbedtls: add SM2 curve

When MBEDTLS_ECP_DP_SM2_ENABLED is set, adds support for the ECC curve
defined for the Chinese SM2 algorithm (G/MT 0003 Part 5, [1]).

Link: [1] http://www.gmbz.org.cn/upload/2018-07-24/1532401863206085511.pdf
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...


/optee_os/core/crypto/sm2-kdf.c
/optee_os/core/crypto/sub.mk
/optee_os/core/include/crypto/sm2-kdf.h
/optee_os/core/lib/libtomcrypt/acipher_helpers.h
/optee_os/core/lib/libtomcrypt/sm2-kep.c
/optee_os/core/lib/libtomcrypt/sm2-pke.c
/optee_os/core/lib/libtomcrypt/sub.mk
libmbedtls/mbedtls/include/mbedtls/ecp.h
libmbedtls/mbedtls/library/ecp.c
libmbedtls/mbedtls/library/ecp_curves.c

1...<<11121314151617181920>>...36