libutee: add a new API to interact with plugins from TA

This patch adds a new API to libutee to interact
with tee-supplicant plugins from TEE userspace.

Every user TA can use 'tee_invoke_supp_plugi

libutee: add a new API to interact with plugins from TA

This patch adds a new API to libutee to interact
with tee-supplicant plugins from TEE userspace.

Every user TA can use 'tee_invoke_supp_plugin()' to send any commands
to a plugin. The commands are predefined by the plugin developer.

See the https://github.com/linaro-swg/optee_examples
repo for an example of using plugins.

Signed-off-by: Aleksandr Anisimov <a.anisimov@omprussia.ru>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libmbedtls: core: fix copy of AES context

The mbedtls_aes_context type cannot generally be copied with a simple
assignment (dst = src) because it contains a pointer field ('rk') which
needs to point

libmbedtls: core: fix copy of AES context

The mbedtls_aes_context type cannot generally be copied with a simple
assignment (dst = src) because it contains a pointer field ('rk') which
needs to point to the 'buf' field. The current code is incorrect and
causes errors in xtest 4003 on all platforms that do not have
CFG_CRYPTO_WITH_CE=y. When CE is enabled, a different structure
mbedtls_aes_context from aes_alt.h is used and the copy is correct.

Introduce a helper function: mbed_copy_mbedtls_aes_context() to perform
the copy operation and use it when copying AES ECB, CBC and CTR
contexts.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libmbedtls: core: rename mbd_rand.h to mbed_helpers.h

mbd_rand.h contains only one helper function: mbd_rand(). Give it a more
generic name so that other functions may be added in subsequent commits

libmbedtls: core: rename mbd_rand.h to mbed_helpers.h

mbd_rand.h contains only one helper function: mbd_rand(). Give it a more
generic name so that other functions may be added in subsequent commits.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutils: sys/queue.h: add LIST_FOREACH_SAFE()

Import macro LIST_FOREACH_SAFE from FreeBSD.

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Reviewed-by: Rouven Czerwinski <r.czerwinski@peng

libutils: sys/queue.h: add LIST_FOREACH_SAFE()

Import macro LIST_FOREACH_SAFE from FreeBSD.

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

lib: libutils: ext/isoc: sub.mk: make sources path platform generic

The path to platform specific code is hard-coded. This commit
changes it to use defined variable. This is helpful in case
of porti

lib: libutils: ext/isoc: sub.mk: make sources path platform generic

The path to platform specific code is hard-coded. This commit
changes it to use defined variable. This is helpful in case
of porting OP-TEE OS to a new architecture such we make
maximum reuse of existing sources.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: pta: drop SDP PTA

Drop SDP PTA as it is not used anywhere and looks like isn't
maintained. When is CFG_SDP_PTA=y the build fails with
compile errors:

error: implicit declaration of function ‘

core: pta: drop SDP PTA

Drop SDP PTA as it is not used anywhere and looks like isn't
maintained. When is CFG_SDP_PTA=y the build fails with
compile errors:

error: implicit declaration of function ‘tee_ta_get_calling_session’;
did you mean ‘ts_get_calling_session’?
[-Werror=implicit-function-declaration]
...
error: ‘struct tee_ta_session’ has no member named ‘ctx’

Signed-off-by: Igor Opaniuk <igor.opaniuk@gmail.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

ta: fix processing of DT_FINI_ARRAY

The code that is supposed to invoke the finalization functions in the
DT_FINI_ARRAY of a TA is broken. It mixes DT_INIT_ARRAY with
DT_FINI_ARRAYSZ. As a result, t

ta: fix processing of DT_FINI_ARRAY

The code that is supposed to invoke the finalization functions in the
DT_FINI_ARRAY of a TA is broken. It mixes DT_INIT_ARRAY with
DT_FINI_ARRAYSZ. As a result, the finalization functions are never
called and the TA may even crash on exit.

Fix the issue by replacing the erroneous DT_INIT_ARRAY with
DT_FINI_ARRAY.

Fixes: dd655cb9906c ("ldelf, ta: add support for DT_INIT_ARRAY and DT_FINI_ARRAY")
Reported-by: JY Ho <JY.Ho@mediatek.com>
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ldelf: implement separate syscalls for ldelf

Implements a separate syscall handler for ldelf to decouple it from user
TAs and enable using it for all TSs. The calling convention is the same
as

core: ldelf: implement separate syscalls for ldelf

Implements a separate syscall handler for ldelf to decouple it from user
TAs and enable using it for all TSs. The calling convention is the same
as for utee_* syscalls. To distinguish between the different SVCs, the
syscall handler pointer is updated before entering ldelf and restored
after returning. The step of opening a system PTA session and invoking
the commands there is eliminated, the necessary functionality is
implemented in the ldelf syscall functions.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>

show more ...

Reintroduce memalign() and friends

memalign() and friends where removed with the
commit 8cd8a6296974 ("Remove memalign()").

At the time memalign() was unused and a bit buggy. This new memalign()
is

Reintroduce memalign() and friends

memalign() and friends where removed with the
commit 8cd8a6296974 ("Remove memalign()").

At the time memalign() was unused and a bit buggy. This new memalign()
is believed to work correctly due to extensive testing. Recently
memalign() has been needed by certain drivers so it makes sense to add
it again.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutil: add hdr_size parameter to bget

Adds a hdr_size parameter to bget(), bgetz() and bgetr(). hdr_size must
be a multiple of BGET_HDR_QUANTUM. If hdr_size is larger than 0 the
buffer will be all

libutil: add hdr_size parameter to bget

Adds a hdr_size parameter to bget(), bgetz() and bgetr(). hdr_size must
be a multiple of BGET_HDR_QUANTUM. If hdr_size is larger than 0 the
buffer will be allocated so that the alignment constraints are fulfilled
after advancing hdr_size bytes into the returned buffer.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutil: add alignment parameter to bget

Adds alignment parameter to bget(), bgetz() and bgetr(). If alignment is
larger then 0 the returned buffer is guaranteed to have an address which
is a multip

libutil: add alignment parameter to bget

Adds alignment parameter to bget(), bgetz() and bgetr(). If alignment is
larger then 0 the returned buffer is guaranteed to have an address which
is a multiple of this value.

The algorithm is basically unchanged, in the way that the memory is
still allocated from the end of a free memory block. The difference is
in the core implementation in bget() where now alignment of the returned
memory is taken into account. If only allocating with the minimum
alignment the memory blocks are expected to be allocated in the same
pattern.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Introduce CFG_TA_BGET_TEST

Introduces CFG_TA_BGET_TEST which compiles the integrated bget test
suite together with the rest of bget. When enabled, the test entry point
is bget_main_test() in libutil

Introduce CFG_TA_BGET_TEST

Introduces CFG_TA_BGET_TEST which compiles the integrated bget test
suite together with the rest of bget. When enabled, the test entry point
is bget_main_test() in libutils.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Use barrier_read_cntpct() to read CNTPCT

Arm ARM quite clearly mentions [1] [2] that such reads must be preceded
by an ISB to forbid re-ordering.

[1] https://developer.arm.com/documentation/ddi0487

Use barrier_read_cntpct() to read CNTPCT

Arm ARM quite clearly mentions [1] [2] that such reads must be preceded
by an ISB to forbid re-ordering.

[1] https://developer.arm.com/documentation/ddi0487/fc/ page D13-2863
"Synchronization requirements for AArch64 System registers" and page
G8-6146 "Ordering of reads of System registers".
[2] https://developer.arm.com/documentation/ddi0406/cd/ page B3-1441
"Ordering of reads of system control registers"

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reported-by: Olivier Deprez <Olivier.Deprez@arm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: add isb() and barrier_read_cntpct()

Adds isb() and barrier_read_cntpct() to arm_user_sysreg.h, the latter to be
used as a helper when reading CNTPCT.

Reviewed-by: Jerome Forissier <jerome@

libutee: add isb() and barrier_read_cntpct()

Adds isb() and barrier_read_cntpct() to arm_user_sysreg.h, the latter to be
used as a helper when reading CNTPCT.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: fix TEE_BigIntInit() memset()

The TEE_BigIntInit() supplied length is the number of words allocated
for the bigint, including headers. Prior to this patch it seems it was
assumed that lengt

libutee: fix TEE_BigIntInit() memset()

The TEE_BigIntInit() supplied length is the number of words allocated
for the bigint, including headers. Prior to this patch it seems it was
assumed that length was number of bits given the call to
TEE_BigIntSizeInU32(). With this patch correct this by removing the
TEE_BigIntSizeInU32() call.

Fixes: 062e3d01c039 ("ta: switch to to mbedtls for bignum")
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: TEE_CopyOperation() copy info.digestLength

When copying an operation include info.digestLength in the copied fields
which is needed for the authenticated encryption algorithms AES-GCM and
A

libutee: TEE_CopyOperation() copy info.digestLength

When copying an operation include info.digestLength in the copied fields
which is needed for the authenticated encryption algorithms AES-GCM and
AES-CCM.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Suggested-by: Tony He <tony.he@armchina.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: TEE_CopyOperation() check operation mode

Adds a check in TEE_CopyOperation() to panic if operation mode doesn't
match in the source and destination operations.

Reviewed-by: Jerome Forissie

libutee: TEE_CopyOperation() check operation mode

Adds a check in TEE_CopyOperation() to panic if operation mode doesn't
match in the source and destination operations.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: user_ta_header.h: remove unused struct ta_func_head

struct ta_func_head is unused, remove it.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.

libutee: user_ta_header.h: remove unused struct ta_func_head

struct ta_func_head is unused, remove it.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: user_ta_header.h: remove unused property strings

user_ta_header.h defines a few macros with property names that are not
used anywhere and are not part of any specification. Remove them.

Si

libutee: user_ta_header.h: remove unused property strings

user_ta_header.h defines a few macros with property names that are not
used anywhere and are not part of any specification. Remove them.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: user_ta_header.h: remove unused enum user_ta_core_service_id

enum user_ta_core_service_id is unused, remove it.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne

libutee: user_ta_header.h: remove unused enum user_ta_core_service_id

enum user_ta_core_service_id is unused, remove it.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Remove unused file lib/libutee/errno.c

lib/libutee/errno.c is not built or used in any way so remove it.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklan

Remove unused file lib/libutee/errno.c

lib/libutee/errno.c is not built or used in any way so remove it.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: pta: SCP03 pseudo trusted application

Implement GlobalPlatform Secure Channel Protocol 3 control from
REE. Secure boot requires that SCP03 is enabled as soon as secure
storage is available (ie

core: pta: SCP03 pseudo trusted application

Implement GlobalPlatform Secure Channel Protocol 3 control from
REE. Secure boot requires that SCP03 is enabled as soon as secure
storage is available (ie RPMB).

Host side example:
github.com/foundriesio/optee-scp03

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

libs: ltc and mbedtls introduce crypto_ecc[public/keypair]_ops

Change ECC call functions name to be able to use a ECC HW driver.
At ECC public and keypair allocation, if success, set the key ops fie

libs: ltc and mbedtls introduce crypto_ecc[public/keypair]_ops

Change ECC call functions name to be able to use a ECC HW driver.
At ECC public and keypair allocation, if success, set the key ops field
to call the cryptographic operations linked to the key allocator.

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: libmbedtls: use crypto_acipher_free_rsa_keypair() instead of open-coding

There is a function to free an RSA keypair, use it instead of
duplicating the code.

Signed-off-by: Jerome Forissier <j

core: libmbedtls: use crypto_acipher_free_rsa_keypair() instead of open-coding

There is a function to free an RSA keypair, use it instead of
duplicating the code.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: libmbedtls: crypto_acipher_free_rsa_keypair(): add missing free for s->dq

The crypto_acipher_free_rsa_keypair() function lacks a call to
crypto_bignum_free() for the dq member of the key. Add

core: libmbedtls: crypto_acipher_free_rsa_keypair(): add missing free for s->dq

The crypto_acipher_free_rsa_keypair() function lacks a call to
crypto_bignum_free() for the dq member of the key. Add it.

Fixes: a1d5c81f8834 ("crypto: add function to free rsa keypair")
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...