History log of /optee_os/lib/ (Results 426 – 450 of 883)
Revision Date Author Comments
(<<< Hide modified files)
(Show modified files >>>)
f88850d411-Mar-2020 Jerome Forissier <jerome@forissier.org>

libutils: add __noreturn to longjmp() prototype

The longjmp() function does not return, therefore it should have the
__noreturn attribute. Avoids compiler warnings.

Signed-off-by: Jerome Forissier

libutils: add __noreturn to longjmp() prototype

The longjmp() function does not return, therefore it should have the
__noreturn attribute. Avoids compiler warnings.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/.shippable.yml
/optee_os/core/arch/arm/include/mm/core_mmu.h
/optee_os/core/arch/arm/kernel/thread_a32.S
/optee_os/core/arch/arm/mm/core_mmu_lpae.c
/optee_os/core/arch/arm/mm/core_mmu_v7.c
/optee_os/core/arch/arm/tee/init.c
/optee_os/core/drivers/crypto/caam/caam_jr.c
/optee_os/core/drivers/crypto/caam/hal/common/hal_cfg.c
/optee_os/core/drivers/crypto/caam/hal/common/hal_jr.c
/optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_asn1_oid.h
/optee_os/core/drivers/crypto/crypto_api/oid/hash_oid.c
/optee_os/ldelf/ta_elf.c
/optee_os/ldelf/ta_elf_rel.c
libutils/isoc/include/setjmp.h
/optee_os/ta/pkcs11/src/entry.c
/optee_os/ta/pkcs11/src/persistent_token.c
/optee_os/ta/pkcs11/src/pkcs11_token.c
/optee_os/ta/pkcs11/src/pkcs11_token.h
/optee_os/ta/pkcs11/src/serializer.c
/optee_os/ta/pkcs11/src/serializer.h
/optee_os/ta/pkcs11/src/sub.mk
2b6dd0df03-Mar-2020 Jens Wiklander <jens.wiklander@linaro.org>

confine_array_index.h: add A32 and T32 versions of confine_array_index()

Adds inline assembly implementations for the A32 and T32 instruction
sets. The implementation is based on __load_no_speculate

confine_array_index.h: add A32 and T32 versions of confine_array_index()

Adds inline assembly implementations for the A32 and T32 instruction
sets. The implementation is based on __load_no_speculate1() in
<speculation_barrier.h>.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


libutils/ext/include/confine_array_index.h
6b40e45203-Mar-2020 Jens Wiklander <jens.wiklander@linaro.org>

libutils: import confine_array_index.h from Fuchsia

Imports confine_array_index.h from [1].

Replaced include statements to suit OP-TEE and removed the namespace
directive. Added content from [2] as

libutils: import confine_array_index.h from Fuchsia

Imports confine_array_index.h from [1].

Replaced include statements to suit OP-TEE and removed the namespace
directive. Added content from [2] as a comment to clarify the license.

The speculation safe function confine_array_index() is provided with
this.

Note that only AArch64 and x86_64 versions of the function is implemented
in this commit.

Link: [1] https://fuchsia.googlesource.com/fuchsia/+/39d9b8c2dbb0f6133a835676f8f669b07aca6b30/zircon/system/ulib/fbl/include/fbl/confine_array_index.h
Link: [2] https://fuchsia.googlesource.com/fuchsia/+/39d9b8c2dbb0f6133a835676f8f669b07aca6b30/LICENSE

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/core/arch/arm/kernel/generic_boot.c
/optee_os/core/arch/arm/kernel/generic_entry_a64.S
/optee_os/core/arch/arm/kernel/link.mk
/optee_os/core/arch/arm/kernel/link_dummies_init.c
/optee_os/core/arch/arm/kernel/link_dummies_paged.c
/optee_os/core/arch/arm/kernel/sub.mk
/optee_os/core/arch/arm/kernel/thread_a64.S
/optee_os/core/arch/arm/kernel/thread_optee_smc_a64.S
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/arch/arm/plat-imx/conf.mk
/optee_os/core/arch/arm/plat-imx/crypto_conf.mk
/optee_os/core/arch/arm/tee/arch_svc.c
/optee_os/core/drivers/crypto/caam/acipher/caam_math.c
/optee_os/core/drivers/crypto/caam/acipher/caam_prime.c
/optee_os/core/drivers/crypto/caam/acipher/caam_rsa.c
/optee_os/core/drivers/crypto/caam/acipher/local.h
/optee_os/core/drivers/crypto/caam/acipher/sub.mk
/optee_os/core/drivers/crypto/caam/caam_ctrl.c
/optee_os/core/drivers/crypto/caam/caam_rng.c
/optee_os/core/drivers/crypto/caam/hal/common/hal_ctrl.c
/optee_os/core/drivers/crypto/caam/hal/common/registers/version_regs.h
/optee_os/core/drivers/crypto/caam/include/caam_acipher.h
/optee_os/core/drivers/crypto/caam/include/caam_desc_ccb_defines.h
/optee_os/core/drivers/crypto/caam/include/caam_desc_defines.h
/optee_os/core/drivers/crypto/caam/include/caam_hal_ctrl.h
/optee_os/core/drivers/crypto/caam/include/caam_jr_status.h
/optee_os/core/drivers/crypto/caam/include/caam_trace.h
/optee_os/core/drivers/crypto/caam/include/caam_utils_mem.h
/optee_os/core/drivers/crypto/caam/sub.mk
/optee_os/core/drivers/crypto/caam/utils/utils_mem.c
/optee_os/core/drivers/crypto/crypto_api/acipher/local.h
/optee_os/core/drivers/crypto/crypto_api/acipher/rsa.c
/optee_os/core/drivers/crypto/crypto_api/acipher/rsamgf.c
/optee_os/core/drivers/crypto/crypto_api/acipher/rsassa.c
/optee_os/core/drivers/crypto/crypto_api/acipher/sub.mk
/optee_os/core/drivers/crypto/crypto_api/include/drvcrypt.h
/optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_acipher.h
/optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_asn1_oid.h
/optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_hash.h
/optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_math.h
/optee_os/core/drivers/crypto/crypto_api/math/modulus.c
/optee_os/core/drivers/crypto/crypto_api/math/sub.mk
/optee_os/core/drivers/crypto/crypto_api/oid/hash_oid.c
/optee_os/core/drivers/crypto/crypto_api/oid/sub.mk
/optee_os/core/drivers/crypto/crypto_api/sub.mk
libutils/ext/include/confine_array_index.h
/optee_os/ta/arch/arm/ta.ld.S
/optee_os/ta/pkcs11/include/pkcs11_ta.h
/optee_os/ta/pkcs11/src/entry.c
/optee_os/ta/pkcs11/src/persistent_token.c
/optee_os/ta/pkcs11/src/pkcs11_helpers.c
/optee_os/ta/pkcs11/src/pkcs11_helpers.h
/optee_os/ta/pkcs11/src/pkcs11_token.c
/optee_os/ta/pkcs11/src/pkcs11_token.h
/optee_os/ta/pkcs11/src/sub.mk
dd655cb914-Feb-2020 Jerome Forissier <jerome@forissier.org>

ldelf, ta: add support for DT_INIT_ARRAY and DT_FINI_ARRAY

Adds support for running initialization and finalization functions in
TA ELF files. Such functions are used, for instance, by C++ compilers

ldelf, ta: add support for DT_INIT_ARRAY and DT_FINI_ARRAY

Adds support for running initialization and finalization functions in
TA ELF files. Such functions are used, for instance, by C++ compilers
to construct and destruct global objects. They can also be used in C
thanks to __attribute__((constructor)) and __attribute__((destructor)).

A global structure is added to libutee. ldelf is responsible for
filling it with the addresses of the functions pointer arrays present
in the ELF files whenever such a file is loaded. Since the number of
arrays is unknown at compile time (it depends on how many ELF files are
loaded, and whether they have constructors or destructors), memory is
allocated on the TA heap.

Two helper functions are introduced: __utee_call_elf_init_fn() and
__utee_call_elf_fini_fn(). They are used when the TA instance is
created and torn down, as well as by dlopen().

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Tested-by: Jerome Forissier <jerome@forissier.org> (QEMU, QEMUv8, HiKey960 32/64)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/core/arch/arm/kernel/ree_fs_ta.c
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/arch/arm/mm/core_mmu_private.h
/optee_os/core/arch/arm/plat-imx/conf.mk
/optee_os/core/arch/arm/plat-imx/drivers/imx_snvs.c
/optee_os/core/arch/arm/plat-imx/drivers/sub.mk
/optee_os/core/drivers/imx_snvs.c
/optee_os/core/include/drivers/imx_snvs.h
/optee_os/core/include/tee/tee_fs.h
/optee_os/core/tee/tee_rpmb_fs.c
/optee_os/ldelf/ta_elf.c
/optee_os/ldelf/ta_elf.h
libdl/dlfcn.c
libutee/arch/arm/user_ta_entry.c
libutee/include/user_ta_header.h
/optee_os/scripts/symbolize.py
/optee_os/ta/arch/arm/link.mk
/optee_os/ta/pkcs11/include/pkcs11_ta.h
/optee_os/ta/pkcs11/src/entry.c
/optee_os/ta/pkcs11/src/pkcs11_helpers.c
/optee_os/ta/pkcs11/src/pkcs11_helpers.h
ca171ad218-Feb-2020 Jerome Forissier <jerome@forissier.org>

libutee: remove utee_misc.h and utee_misc.c

utee_misc.{h,c} contain an unused function: utee_get_ta_exec_id(), and
nothing else. Remove them.

Signed-off-by: Jerome Forissier <jerome@forissier.org>

libutee: remove utee_misc.h and utee_misc.c

utee_misc.{h,c} contain an unused function: utee_get_ta_exec_id(), and
nothing else. Remove them.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/MAINTAINERS
libutee/arch/arm/sub.mk
libutee/arch/arm/user_ta_entry.c
/optee_os/mk/clang.mk
/optee_os/mk/config.mk
/optee_os/scripts/get_maintainer.py
/optee_os/ta/arch/arm/ta.ld.S
dd333f0320-Jan-2020 Javier Almansa Sobrino <javier.almansasobrino@arm.com>

core: Add support to access a TPM event log in secure memory.

Support for OPTEE to be able to receive a TPM event log through
a DTB so it can forward it to a TA (such as a TPM service)
in order to e

core: Add support to access a TPM event log in secure memory.

Support for OPTEE to be able to receive a TPM event log through
a DTB so it can forward it to a TA (such as a TPM service)
in order to extend the measurements.

CFG_CORE_TPM_EVENT_LOG enables this feature.
CFG_TPM_LOG_BASE_ADDR hardcodes the phys address of the event log
in case CFG_DT is not set.
CFG_TPM_MAX_LOG_SIZE harcodes the size of the event log in case
CFG_DT is not set.

When this feature is enabled, the PTA_SYSTEM_GET_TPM_EVENT_LOG
command is available to any TA.

Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/core/arch/arm/kernel/generic_boot.c
/optee_os/core/arch/arm/kernel/generic_entry_a32.S
/optee_os/core/arch/arm/kernel/generic_entry_a64.S
/optee_os/core/arch/arm/plat-imx/conf.mk
/optee_os/core/arch/arm/plat-imx/drivers/tzc380.c
/optee_os/core/arch/arm/plat-imx/imx.h
/optee_os/core/arch/arm/plat-imx/main.c
/optee_os/core/arch/arm/plat-ls/conf.mk
/optee_os/core/arch/arm/plat-ls/crypto_conf.mk
/optee_os/core/arch/arm/plat-ls/platform_config.h
/optee_os/core/arch/arm/plat-stm32mp1/conf.mk
/optee_os/core/arch/arm/plat-stm32mp1/main.c
/optee_os/core/arch/arm/plat-stm32mp1/platform_config.h
/optee_os/core/arch/arm/plat-vexpress/conf.mk
/optee_os/core/arch/arm/tee/init.c
/optee_os/core/drivers/crypto/caam/caam_desc.c
/optee_os/core/drivers/tzc380.c
/optee_os/core/include/drivers/tzc380.h
/optee_os/core/include/kernel/panic.h
/optee_os/core/include/kernel/tpm.h
/optee_os/core/kernel/sub.mk
/optee_os/core/kernel/tpm.c
/optee_os/core/pta/system.c
/optee_os/core/tee/tee_rpmb_fs.c
libutee/include/pta_system.h
/optee_os/mk/config.mk
/optee_os/scripts/symbolize.py
/optee_os/ta/pkcs11/src/user_ta_header_defines.h
/optee_os/ta/ta.mk
d408db9912-Feb-2020 Jerome Forissier <jerome@forissier.org>

ftrace: introduce CFG_FTRACE_BUF_WHEN_FULL

Function tracing can become extremely slow in case a big buffer size is
used (say, CFG_FTRACE_BUF_SIZE=6000000 instead of the default 2048
bytes). This is

ftrace: introduce CFG_FTRACE_BUF_WHEN_FULL

Function tracing can become extremely slow in case a big buffer size is
used (say, CFG_FTRACE_BUF_SIZE=6000000 instead of the default 2048
bytes). This is because of the "shifting" algorithm used when the buffer
is full, which copies almost the full buffer before inserting a new
line.

In order to mitigate this problem, this patch introduces two new
methods to handle the buffer full condition:

1. Discard existing data and write new lines to the beginning of the
buffer.
2. Stop adding new lines.

The method can be selected at build time with CFG_FTRACE_BUF_WHEN_FULL.
Supported values are "shift", "wrap" and "stop".

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/.shippable.yml
/optee_os/.travis.yml
/optee_os/core/arch/arm/kernel/thread.c
/optee_os/core/arch/arm/plat-imx/conf.mk
/optee_os/core/arch/arm/tee/arch_svc.c
/optee_os/core/drivers/tzc380.c
/optee_os/core/include/drivers/tzc380.h
libutils/ext/ftrace/ftrace.c
/optee_os/mk/checkconf.mk
/optee_os/mk/config.mk
/optee_os/ta/arch/arm/ta.ld.S
7fb525f123-Jan-2020 Jerome Forissier <jerome@forissier.org>

Remove libmpa in favor of libmbedtls

We currently have two "big numbers" library, Mbed TLS and MPA. Both can
be used by libutee to implement the TEE Internal Core API Arithmetical
functions, and by

Remove libmpa in favor of libmbedtls

We currently have two "big numbers" library, Mbed TLS and MPA. Both can
be used by libutee to implement the TEE Internal Core API Arithmetical
functions, and by the TEE core or pseudo-TAs. This situation is
reflected by two configuration variables allowing to choose between
libmbedtls and libmpa:

- CFG_TA_MBEDTLS_MPI (default y) configures libutee,
- CFG_CORE_MBEDTLS_MPI (default y) configures the TEE core/PTAs.

In addition there is CFG_TA_MBEDTLS (default y, mandatory when
CFG_TA_MBEDTLS_MPI is y) to build libmbedtls and install it into the
SDK for direct use by TAs (libmbedtls also has function to deal with
certificates for instance).

MBed TLS has been supported and used by default for just over a year;
and we have recently found an issue with the MPA implementation of the
integer multiplication with modulus (mpa_mulmod()) [1] [2]. Therefore,
now is a good time to remove libmpa and use libmbedtls instead.

Link: [1] https://github.com/OP-TEE/optee_os/pull/3541#issuecomment-577592381
Link: [2] https://github.com/OP-TEE/optee_test/pull/389
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/.shippable.yml
/optee_os/MAINTAINERS
/optee_os/core/arch/arm/include/arm32.h
/optee_os/core/arch/arm/include/arm64.h
/optee_os/core/arch/arm/kernel/generic_entry_a32.S
/optee_os/core/arch/arm/kernel/generic_entry_a64.S
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/arch/arm/mm/tee_mmu.c
/optee_os/core/arch/arm/plat-amlogic/conf.mk
/optee_os/core/arch/arm/plat-amlogic/link.mk
/optee_os/core/arch/arm/plat-amlogic/main.c
/optee_os/core/arch/arm/plat-amlogic/platform_config.h
/optee_os/core/arch/arm/plat-amlogic/scripts/aml_bin2img.py
/optee_os/core/arch/arm/plat-amlogic/sub.mk
/optee_os/core/arch/arm/plat-hikey/conf.mk
/optee_os/core/arch/arm/plat-imx/crypto_conf.mk
/optee_os/core/arch/arm/tee/entry_fast.c
/optee_os/core/core.mk
/optee_os/core/drivers/amlogic_uart.c
/optee_os/core/drivers/crypto/caam/hash/caam_hash.c
/optee_os/core/drivers/crypto/caam/include/caam_common.h
/optee_os/core/drivers/crypto/caam/include/caam_desc_helper.h
/optee_os/core/drivers/crypto/caam/include/caam_trace.h
/optee_os/core/drivers/crypto/caam/include/caam_utils_mem.h
/optee_os/core/drivers/crypto/caam/include/caam_utils_sgt.h
/optee_os/core/drivers/crypto/caam/utils/utils_mem.c
/optee_os/core/drivers/crypto/caam/utils/utils_sgt.c
/optee_os/core/drivers/sub.mk
/optee_os/core/include/drivers/amlogic_uart.h
/optee_os/core/lib/libtomcrypt/mpi_desc.c
/optee_os/core/lib/libtomcrypt/sub.mk
libmbedtls/include/mbedtls_config_kernel.h
libutee/include/tee_arith_internal.h
libutee/sub.mk
/optee_os/mk/config.mk
/optee_os/ta/mk/build-user-ta.mk
/optee_os/ta/mk/ta_dev_kit.mk
/optee_os/ta/pkcs11/Android.mk
/optee_os/ta/pkcs11/Makefile
/optee_os/ta/pkcs11/include/pkcs11_ta.h
/optee_os/ta/pkcs11/src/entry.c
/optee_os/ta/pkcs11/src/pkcs11_helpers.c
/optee_os/ta/pkcs11/src/pkcs11_helpers.h
/optee_os/ta/pkcs11/src/sub.mk
/optee_os/ta/pkcs11/src/user_ta_header_defines.h
/optee_os/ta/pkcs11/sub.mk
/optee_os/ta/pkcs11/user_ta.mk
/optee_os/ta/ta.mk
df24e65129-Jan-2020 Cao, Vincent T <vincent.t.cao@intel.com>

libmbedtls: fix public key size in crypto_acipher_gen_dh_key()

GP wrapper of mbedtls DH operation generate key function wrongly
calculates the number of bytes from bits, leading to incorrect public

libmbedtls: fix public key size in crypto_acipher_gen_dh_key()

GP wrapper of mbedtls DH operation generate key function wrongly
calculates the number of bytes from bits, leading to incorrect public
key generated and returned.

Fixes: 34789f62982f ("libmbedtls: support mbedtls DH function")

Signed-off-by: Cao, Vincent T <vincent.t.cao@intel.com>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...


/optee_os/core/arch/arm/plat-imx/drivers/imx_csu.c
/optee_os/core/arch/arm/plat-imx/registers/imx6.h
/optee_os/core/arch/arm/plat-imx/registers/imx7.h
/optee_os/core/lib/libfdt/README.license
/optee_os/core/lib/libfdt/fdt.c
/optee_os/core/lib/libfdt/fdt_addresses.c
/optee_os/core/lib/libfdt/fdt_empty_tree.c
/optee_os/core/lib/libfdt/fdt_overlay.c
/optee_os/core/lib/libfdt/fdt_ro.c
/optee_os/core/lib/libfdt/fdt_rw.c
/optee_os/core/lib/libfdt/fdt_strerror.c
/optee_os/core/lib/libfdt/fdt_sw.c
/optee_os/core/lib/libfdt/fdt_wip.c
/optee_os/core/lib/libfdt/include/fdt.h
/optee_os/core/lib/libfdt/include/libfdt.h
/optee_os/core/lib/libfdt/include/libfdt_env.h
/optee_os/core/lib/libfdt/libfdt_internal.h
libmbedtls/core/dh.c
/optee_os/scripts/symbolize.py
79170ce024-Jan-2020 Jerome Forissier <jerome@forissier.org>

libutee: add TEE_IsAlgorithmSupported()

Adds function TEE_IsAlgorithmSupported() as per the GlobalPlatform TEE
Internal Core API v1.2.1.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked

libutee: add TEE_IsAlgorithmSupported()

Adds function TEE_IsAlgorithmSupported() as per the GlobalPlatform TEE
Internal Core API v1.2.1.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


libutee/include/tee_api.h
libutee/include/tee_api_defines.h
libutee/tee_api_operations.c
a66805b129-Jan-2020 Jerome Forissier <jerome@forissier.org>

Move core/include/config.h to lib/libutils/ext/include

In order to be able to use the IS_ENABLED() macro in user space
libraries, move config.h from core to libutils.

Signed-off-by: Jerome Forissie

Move core/include/config.h to lib/libutils/ext/include

In order to be able to use the IS_ENABLED() macro in user space
libraries, move config.h from core to libutils.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/core/arch/arm/include/arm64.h
/optee_os/core/arch/arm/include/kernel/generic_boot.h
/optee_os/core/arch/arm/kernel/generic_boot.c
/optee_os/core/arch/arm/kernel/generic_entry_a32.S
/optee_os/core/arch/arm/kernel/generic_entry_a64.S
/optee_os/core/arch/arm/kernel/pseudo_ta.c
/optee_os/core/arch/arm/mm/mobj.c
/optee_os/core/arch/arm/mm/mobj_dyn_shm.c
libutils/ext/include/config.h
688c335d27-Jan-2020 Jerome Forissier <jerome@forissier.org>

Remove TEE_OPERATION_EXTENSION

Commit 6a2e0a9fe2b9 ("utee: support prehashed RSA sign/ver without
ASN.1") has introduced TEE_OPERATION_EXTENSION in tee_api_defines.h with
value 0xF. This poses a cou

Remove TEE_OPERATION_EXTENSION

Commit 6a2e0a9fe2b9 ("utee: support prehashed RSA sign/ver without
ASN.1") has introduced TEE_OPERATION_EXTENSION in tee_api_defines.h with
value 0xF. This poses a couple of minor issues:

1. Values 0x00000009-0x7FFFFFFF are "Reserved for future use" according
to the TEE Internal Core API specification v1.2.1 (Table 5-6),

2. The meaning of this #define is not clear: "extension" is not a
kind of operation like "cipher", "MAC", "asymmetric signature" etc.
The algorithm added by the above commit is TEE_ALG_RSASSA_PKCS1_V1_5
which is an asymmetric signature and should therefore be associated with
TEE_OPERATION_ASYMMETRIC_SIGNATURE.

I suppose the operation value was added in a attempt to keep the
structure of algorithm identifiers as defined in the GP v1.1
specification, where some particular bits indicate some attributes of
the algorithm. This scheme has since been abandoned by GlobalPlatform so
there is no reason to keep it.

Therefore, this commit removes the TEE_OPERATION_EXTENSION macro and
makes a special case in the TEE_GET_CLASS() macro so that algorithm
TEE_ALG_RSASSA_PKCS1_V1_5 is associated with
TEE_OPERATION_ASYMMETRIC_SIGNATURE.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Gabor Szekely <szvgabor@gmail.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/.shippable.yml
/optee_os/CHANGELOG.md
/optee_os/core/arch/arm/include/mm/core_mmu.h
/optee_os/core/arch/arm/kernel/generic_boot.c
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/arch/arm/mm/mobj_dyn_shm.c
/optee_os/core/arch/arm/plat-rcar/conf.mk
/optee_os/core/arch/arm/plat-rcar/link.mk
/optee_os/core/lib/libtomcrypt/sm2-pke.c
/optee_os/core/tee/tee_svc_cryp.c
libutee/include/tee_api_defines.h
libutee/include/utee_defines.h
/optee_os/mk/config.mk
/optee_os/scripts/gen_tee_bin.py
5b385b3f06-Jan-2020 Jerome Forissier <jerome@forissier.org>

core: crypto: add support for SM2 KEP

Adds SM2 Key Exchange Protocol [1] using LibTomCrypt. The TA interface
complies with the GlobalPlatform TEE Internal Core API version 1.2.

SM2 KEP is enabled w

core: crypto: add support for SM2 KEP

Adds SM2 Key Exchange Protocol [1] using LibTomCrypt. The TA interface
complies with the GlobalPlatform TEE Internal Core API version 1.2.

SM2 KEP is enabled with CFG_CRYPTO_SM2_KEP=y (default y) wich currently
requires that CFG_CRYPTOLIB_NAME=tomcrypt. An Mbed TLS implementation
could be added later if needed.

[1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724110812

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/.github/workflows/stale_issue.yml
/optee_os/.github/workflows/stale_pr.yml
/optee_os/core/arch/arm/arm.mk
/optee_os/core/arch/arm/include/mm/core_mmu.h
/optee_os/core/arch/arm/kernel/generic_entry_a32.S
/optee_os/core/arch/arm/kernel/generic_entry_a64.S
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/arch/arm/mm/core_mmu_lpae.c
/optee_os/core/arch/arm/mm/core_mmu_private.h
/optee_os/core/arch/arm/plat-rcar/conf.mk
/optee_os/core/arch/arm/plat-vexpress/conf.mk
/optee_os/core/crypto.mk
/optee_os/core/crypto/crypto.c
/optee_os/core/include/crypto/crypto.h
/optee_os/core/include/kernel/interrupt.h
/optee_os/core/kernel/interrupt.c
/optee_os/core/lib/libtomcrypt/acipher_helpers.h
/optee_os/core/lib/libtomcrypt/ecc.c
/optee_os/core/lib/libtomcrypt/sm2-dsa.c
/optee_os/core/lib/libtomcrypt/sm2-kep.c
/optee_os/core/lib/libtomcrypt/sm2-pke.c
/optee_os/core/lib/libtomcrypt/sm2_kdf.c
/optee_os/core/lib/libtomcrypt/sub.mk
/optee_os/core/tee/tee_svc_cryp.c
libutee/include/tee_api_defines.h
libutee/include/utee_defines.h
libutee/tee_api_operations.c
0f15194317-Dec-2019 Jerome Forissier <jerome@forissier.org>

core: crypto add support for SM2 DSA

Adds SM2 Digital Signature Algorithm [1] using LibTomCrypt. The TA
interface complies with the GlobalPlatform TEE Internal Core API
version 1.2.

SM2 DSA is enab

core: crypto add support for SM2 DSA

Adds SM2 Digital Signature Algorithm [1] using LibTomCrypt. The TA
interface complies with the GlobalPlatform TEE Internal Core API
version 1.2.

SM2 DSA is enabled with CFG_CRYPTO_SM2_DSA=y (default y) which currently
requires that CFG_CRYPTOLIB_NAME=tomcrypt. An Mbed TLS implementation
could be added later if needed.

[1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724110812

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/MAINTAINERS
/optee_os/core/crypto.mk
/optee_os/core/crypto/crypto.c
/optee_os/core/include/crypto/crypto.h
/optee_os/core/lib/libtomcrypt/ecc.c
/optee_os/core/lib/libtomcrypt/sm2-dsa.c
/optee_os/core/lib/libtomcrypt/sub.mk
/optee_os/core/tee/tee_svc_cryp.c
libutee/include/tee_api_defines.h
libutee/include/utee_defines.h
libutee/tee_api_operations.c
/optee_os/scripts/symbolize.py
91fc6bd817-Dec-2019 Jerome Forissier <jerome@forissier.org>

core: crypto: add support for SM2 PKE

Adds SM2 Public Key Encryption [1] using LibTomCrypt. The TA interface
complies with the GlobalPlatform TEE Internal Core API version 1.2.

SM2 is enabled with

core: crypto: add support for SM2 PKE

Adds SM2 Public Key Encryption [1] using LibTomCrypt. The TA interface
complies with the GlobalPlatform TEE Internal Core API version 1.2.

SM2 is enabled with CFG_CRYPTO_SM2_PKE=y (default y) which currently
requires that CFG_CRYPTOLIB_NAME=tomcrypt. An Mbed TLS implementation
could be added later if needed.

[1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724110812

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/.shippable.yml
/optee_os/core/arch/arm/include/mm/core_mmu.h
/optee_os/core/arch/arm/kernel/ree_fs_ta.c
/optee_os/core/arch/arm/kernel/thread_a64.S
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/crypto.mk
/optee_os/core/crypto/crypto.c
/optee_os/core/include/crypto/crypto.h
/optee_os/core/lib/libtomcrypt/acipher_helpers.h
/optee_os/core/lib/libtomcrypt/dh.c
/optee_os/core/lib/libtomcrypt/dsa.c
/optee_os/core/lib/libtomcrypt/ecc.c
/optee_os/core/lib/libtomcrypt/mpa_desc.c
/optee_os/core/lib/libtomcrypt/mpi_desc.c
/optee_os/core/lib/libtomcrypt/rsa.c
/optee_os/core/lib/libtomcrypt/sm2-pke.c
/optee_os/core/lib/libtomcrypt/src/pk/ecc/ecc.c
/optee_os/core/lib/libtomcrypt/src/pk/ecc/ecc_find_curve.c
/optee_os/core/lib/libtomcrypt/src/pk/ecc/sub.mk
/optee_os/core/lib/libtomcrypt/sub.mk
/optee_os/core/tee/tee_svc_cryp.c
libutee/include/tee_api_defines.h
libutee/include/utee_defines.h
libutee/tee_api_operations.c
/optee_os/ta/arch/arm/link.mk
/optee_os/ta/avb/user_ta.mk
/optee_os/ta/mk/ta_dev_kit.mk
378e007d03-Dec-2019 Jens Wiklander <jens.wiklander@linaro.org>

stdint.h: add U() ULL() L() LL() macros

Adds U() ULL() L() and LL() macros with a separate implementation for
assembly. Brushes up {,U}INT{8,16,32,64}_C() macros to use the new
primitive macros inst

stdint.h: add U() ULL() L() LL() macros

Adds U() ULL() L() and LL() macros with a separate implementation for
assembly. Brushes up {,U}INT{8,16,32,64}_C() macros to use the new
primitive macros instead.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/.shippable.yml
/optee_os/core/arch/arm/include/mm/mobj.h
/optee_os/core/arch/arm/kernel/pseudo_ta.c
/optee_os/core/arch/arm/mm/mobj_dyn_shm.c
/optee_os/core/crypto/sm3-hmac.c
libutils/isoc/include/stdint.h
/optee_os/mk/compile.mk
4764557713-Dec-2019 Jerome Forissier <jerome@forissier.org>

core: crypto: add support for SM3

Adds support for the SM3 cryptographic hash function [1] using the API
defined in the GlobalPlatform TEE Internal Core API v1.2, as well as the
HMAC based on this h

core: crypto: add support for SM3

Adds support for the SM3 cryptographic hash function [1] using the API
defined in the GlobalPlatform TEE Internal Core API v1.2, as well as the
HMAC based on this hash.

This implementation is based on code published on Gitlab [2]. See commit
ade6f848e084 ("core: crypto: add support for SM4") for details.

[1] https://tools.ietf.org/html/draft-sca-cfrg-sm3-02
[2] https://gitlab.com/otpfree/sm234

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...


/optee_os/core/crypto.mk
/optee_os/core/crypto/crypto.c
/optee_os/core/crypto/sm3-hash.c
/optee_os/core/crypto/sm3-hmac.c
/optee_os/core/crypto/sm3.c
/optee_os/core/crypto/sm3.h
/optee_os/core/crypto/sub.mk
/optee_os/core/include/crypto/crypto_impl.h
/optee_os/core/tee/tee_cryp_utl.c
/optee_os/core/tee/tee_svc_cryp.c
libutee/include/tee_api_defines.h
libutee/include/utee_defines.h
libutee/tee_api_operations.c
ade6f84812-Dec-2019 Jerome Forissier <jerome@forissier.org>

core: crypto: add support for SM4

Adds support for the SM4 cipher [1] using the API defined in the
GlobalPlatform TEE Internal Core API v1.2.

ECB, CBC and CTR modes are implemented. Other modes are

core: crypto: add support for SM4

Adds support for the SM4 cipher [1] using the API defined in the
GlobalPlatform TEE Internal Core API v1.2.

ECB, CBC and CTR modes are implemented. Other modes are valid but are
not included in the GP specification, so they are not considered here.

This implementation is based on code published on Gitlab [2]. The
project contains no licensing terms, so I contacted the author
(goldboar@163.com), asking for permission to re-use the code in OP-TEE
under a BSD-2-Clause license. I received the following reply:

"[...] If you like you can use it [...]"

I have reworked the source to better fit the OP-TEE coding style. I
have also added the CTR mode of operation.

I do not think we will need to merge any change from upstream in the
future.

[1] https://tools.ietf.org/html/draft-ribose-cfrg-sm4-10
[2] https://gitlab.com/otpfree/sm234

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...


/optee_os/.shippable.yml
/optee_os/core/arch/arm/include/kernel/generic_boot.h
/optee_os/core/arch/arm/include/kernel/linker.h
/optee_os/core/arch/arm/include/kernel/thread.h
/optee_os/core/arch/arm/include/kernel/user_ta.h
/optee_os/core/arch/arm/include/mm/core_mmu.h
/optee_os/core/arch/arm/include/mm/tee_pager.h
/optee_os/core/arch/arm/include/tee/arch_svc.h
/optee_os/core/arch/arm/kernel/abort.c
/optee_os/core/arch/arm/kernel/asm-defines.c
/optee_os/core/arch/arm/kernel/generic_boot.c
/optee_os/core/arch/arm/kernel/generic_entry_a32.S
/optee_os/core/arch/arm/kernel/generic_entry_a64.S
/optee_os/core/arch/arm/kernel/kern.ld.S
/optee_os/core/arch/arm/kernel/link.mk
/optee_os/core/arch/arm/kernel/link_dummies.c
/optee_os/core/arch/arm/kernel/otp_stubs.c
/optee_os/core/arch/arm/kernel/ree_fs_ta.c
/optee_os/core/arch/arm/kernel/thread.c
/optee_os/core/arch/arm/kernel/thread_a32.S
/optee_os/core/arch/arm/kernel/thread_a64.S
/optee_os/core/arch/arm/kernel/thread_private.h
/optee_os/core/arch/arm/kernel/unwind_arm32.c
/optee_os/core/arch/arm/kernel/unwind_arm64.c
/optee_os/core/arch/arm/kernel/user_ta.c
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/arch/arm/mm/core_mmu_lpae.c
/optee_os/core/arch/arm/mm/core_mmu_private.h
/optee_os/core/arch/arm/mm/core_mmu_v7.c
/optee_os/core/arch/arm/mm/mobj.c
/optee_os/core/arch/arm/mm/tee_mmu.c
/optee_os/core/arch/arm/mm/tee_pager.c
/optee_os/core/arch/arm/plat-bcm/bcm_elog.c
/optee_os/core/arch/arm/plat-bcm/bcm_elog.h
/optee_os/core/arch/arm/plat-bcm/conf.mk
/optee_os/core/arch/arm/plat-bcm/main.c
/optee_os/core/arch/arm/plat-bcm/platform_config.h
/optee_os/core/arch/arm/plat-bcm/sub.mk
/optee_os/core/arch/arm/plat-hikey/conf.mk
/optee_os/core/arch/arm/plat-imx/conf.mk
/optee_os/core/arch/arm/plat-imx/drivers/tzc380.c
/optee_os/core/arch/arm/plat-imx/main.c
/optee_os/core/arch/arm/plat-imx/pm/cpuidle-imx7d.c
/optee_os/core/arch/arm/plat-imx/pm/imx7_suspend.c
/optee_os/core/arch/arm/plat-ls/main.c
/optee_os/core/arch/arm/plat-sam/main.c
/optee_os/core/arch/arm/plat-stm/main.c
/optee_os/core/arch/arm/plat-stm/tz_a9init.S
/optee_os/core/arch/arm/plat-sunxi/main.c
/optee_os/core/arch/arm/plat-ti/a9_plat_init.S
/optee_os/core/arch/arm/plat-ti/sm_platform_handler_a15.c
/optee_os/core/arch/arm/plat-ti/sm_platform_handler_a9.c
/optee_os/core/arch/arm/plat-vexpress/conf.mk
/optee_os/core/arch/arm/plat-zynq7k/main.c
/optee_os/core/arch/arm/tee/arch_svc.c
/optee_os/core/arch/arm/tee/svc_cache.c
/optee_os/core/crypto.mk
/optee_os/core/crypto/crypto.c
/optee_os/core/crypto/signed_hdr.c
/optee_os/core/crypto/sm4-cbc.c
/optee_os/core/crypto/sm4-ctr.c
/optee_os/core/crypto/sm4-ecb.c
/optee_os/core/crypto/sm4.c
/optee_os/core/crypto/sm4.h
/optee_os/core/crypto/sub.mk
/optee_os/core/drivers/bcm_gpio.c
/optee_os/core/drivers/bcm_sotp.c
/optee_os/core/drivers/bnxt/bnxt.c
/optee_os/core/drivers/bnxt/bnxt_fw.c
/optee_os/core/drivers/bnxt/bnxt_images.c
/optee_os/core/include/crypto/crypto_impl.h
/optee_os/core/include/drivers/bcm/bnxt.h
/optee_os/core/include/drivers/bcm_gpio.h
/optee_os/core/include/kernel/huk_subkey.h
/optee_os/core/include/kernel/tee_common_otp.h
/optee_os/core/include/kernel/tee_ta_manager.h
/optee_os/core/include/kernel/user_mode_ctx.h
/optee_os/core/include/kernel/user_mode_ctx_struct.h
/optee_os/core/include/mm/fobj.h
/optee_os/core/include/mm/tee_mmu.h
/optee_os/core/include/signed_hdr.h
/optee_os/core/include/tee/tee_ta_enc_manager.h
/optee_os/core/kernel/sub.mk
/optee_os/core/kernel/tee_ta_manager.c
/optee_os/core/kernel/user_mode_ctx.c
/optee_os/core/mm/fobj.c
/optee_os/core/pta/bcm/bnxt.c
/optee_os/core/pta/bcm/elog.c
/optee_os/core/pta/bcm/gpio.c
/optee_os/core/pta/bcm/hwrng.c
/optee_os/core/pta/bcm/sotp.c
/optee_os/core/pta/bcm/sub.mk
/optee_os/core/pta/bcm/wdt.c
/optee_os/core/pta/system.c
/optee_os/core/tee/sub.mk
/optee_os/core/tee/tadb.c
/optee_os/core/tee/tee_cryp_utl.c
/optee_os/core/tee/tee_svc.c
/optee_os/core/tee/tee_svc_cryp.c
/optee_os/core/tee/tee_svc_storage.c
/optee_os/core/tee/tee_ta_enc_manager.c
libutee/include/tee_api_defines.h
libutee/include/utee_defines.h
libutee/tee_api_operations.c
/optee_os/mk/clang.mk
/optee_os/mk/config.mk
/optee_os/mk/lib.mk
/optee_os/scripts/gen_tee_bin.py
/optee_os/scripts/mem_usage.py
/optee_os/scripts/sign_encrypt.py
/optee_os/scripts/symbolize.py
/optee_os/scripts/tee_bin_parser.py
/optee_os/ta/arch/arm/link.mk
/optee_os/ta/arch/arm/link_shlib.mk
/optee_os/ta/ta.mk
ea4ae5cd21-Aug-2019 Sheetal Tigadoli <sheetal.tigadoli@broadcom.com>

trace: Add weak platform tracer function

Add weak platform tracer function
This would allow each platform to carry out
plat specific logging, possibly to some media
for post-mortem analysis

Signed-

trace: Add weak platform tracer function

Add weak platform tracer function
This would allow each platform to carry out
plat specific logging, possibly to some media
for post-mortem analysis

Signed-off-by: Sheetal Tigadoli <sheetal.tigadoli@broadcom.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...


/optee_os/core/arch/arm/kernel/trace_ext.c
/optee_os/core/arch/arm/plat-imx/conf.mk
libutils/ext/include/trace.h
2c0bb3df15-Nov-2019 Clement Faure <clement.faure@nxp.com>

stdint.h: add UL macro

This macro helps to define unsigned values such as addresses for C
compilers and ld.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wikla

stdint.h: add UL macro

This macro helps to define unsigned values such as addresses for C
compilers and ld.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...


/optee_os/.shippable.yml
/optee_os/core/arch/arm/plat-imx/conf.mk
/optee_os/core/arch/arm/plat-imx/imx-common.c
/optee_os/core/arch/arm/plat-imx/imx-regs.h
/optee_os/core/arch/arm/plat-imx/registers/imx6-crm.h
/optee_os/core/arch/arm/plat-imx/registers/imx6.h
/optee_os/core/arch/arm/plat-imx/registers/imx7-crm.h
/optee_os/core/arch/arm/plat-imx/registers/imx7.h
/optee_os/core/arch/arm/plat-imx/registers/imx7ulp-crm.h
/optee_os/core/arch/arm/plat-imx/registers/imx8m.h
/optee_os/core/drivers/crypto/caam/hal/sub.mk
libutils/isoc/include/stdint.h
0d77037f31-Oct-2019 Florian Depraz <florian.depraz@alumni.epfl.ch>

mbedtls: Add MBEDTLS_X509_CSR_WRITE_C define

Enable the mbedtls_x509write_csr_* functions that can be used
to create certificate signing requests by generating and
updating the structure mbedtls_x50

mbedtls: Add MBEDTLS_X509_CSR_WRITE_C define

Enable the mbedtls_x509write_csr_* functions that can be used
to create certificate signing requests by generating and
updating the structure mbedtls_x509write_csr.

Acked-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Florian Depraz <florian.depraz@alumni.epfl.ch>

show more ...


/optee_os/.shippable.yml
/optee_os/core/arch/arm/arm.mk
/optee_os/core/arch/arm/include/kernel/generic_boot.h
/optee_os/core/arch/arm/include/kernel/linker.h
/optee_os/core/arch/arm/include/mm/core_mmu.h
/optee_os/core/arch/arm/kernel/asm-defines.c
/optee_os/core/arch/arm/kernel/generic_boot.c
/optee_os/core/arch/arm/kernel/generic_entry_a32.S
/optee_os/core/arch/arm/kernel/generic_entry_a64.S
/optee_os/core/arch/arm/kernel/kern.ld.S
/optee_os/core/arch/arm/kernel/link.mk
/optee_os/core/arch/arm/kernel/link_dummy.ld
/optee_os/core/arch/arm/kernel/misc_a32.S
/optee_os/core/arch/arm/kernel/misc_a64.S
/optee_os/core/arch/arm/kernel/sub.mk
/optee_os/core/arch/arm/kernel/thread.c
/optee_os/core/arch/arm/kernel/thread_optee_smc_a32.S
/optee_os/core/arch/arm/kernel/thread_optee_smc_a64.S
/optee_os/core/arch/arm/kernel/unwind_arm32.c
/optee_os/core/arch/arm/kernel/unwind_arm64.c
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/arch/arm/mm/core_mmu_lpae.c
/optee_os/core/arch/arm/mm/core_mmu_v7.c
libmbedtls/include/mbedtls_config_uta.h
/optee_os/mk/config.mk
/optee_os/scripts/gen_ldelf_hex.py
/optee_os/scripts/symbolize.py
0095acfc15-Oct-2019 Jens Wiklander <jens.wiklander@linaro.org>

Assembly FUNC macros take optional section

Adds an optional section parameter to the macros FUNC() and LOCAL_FUNC()

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklande

Assembly FUNC macros take optional section

Adds an optional section parameter to the macros FUNC() and LOCAL_FUNC()

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/ldelf/include/elf_common.h
libutils/ext/include/asm.S
6ccd56ca16-Oct-2019 Jens Wiklander <jens.wiklander@linaro.org>

Fix warning in fallback SUB_OVERFLOW() macro

Fixes two warnings for 'comparison of integers of different signs' in
the __INTOF_SUB() helper macro used by the fallback SUB_OVERFLOW()
macro.

Fixes: e

Fix warning in fallback SUB_OVERFLOW() macro

Fixes two warnings for 'comparison of integers of different signs' in
the __INTOF_SUB() helper macro used by the fallback SUB_OVERFLOW()
macro.

Fixes: ecdedc94e720 ("util: update fallback SUB_OVERFLOW() macro")
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/core/arch/arm/include/mm/core_mmu.h
/optee_os/core/arch/arm/include/mm/mobj.h
/optee_os/core/arch/arm/kernel/thread_optee_smc.c
/optee_os/core/arch/arm/kernel/user_ta.c
/optee_os/core/arch/arm/mm/core_mmu_v7.c
/optee_os/core/arch/arm/mm/mobj.c
/optee_os/core/arch/arm/mm/mobj_dyn_shm.c
/optee_os/core/arch/arm/mm/tee_mmu.c
/optee_os/core/arch/arm/tee/entry_std.c
/optee_os/core/include/mm/tee_mmu_types.h
/optee_os/core/kernel/msg_param.c
/optee_os/core/pta/system.c
/optee_os/core/tee/tee_svc.c
libutils/ext/include/compiler.h
8800b01d08-Nov-2019 Jerome Forissier <jerome@forissier.org>

gprof: fix TEE core crash by allocating sample buffer dynamically

The gprof sample buffer is in user space memory but is also accessed by
the TEE core. Currently, space is reserved by the TA linker

gprof: fix TEE core crash by allocating sample buffer dynamically

The gprof sample buffer is in user space memory but is also accessed by
the TEE core. Currently, space is reserved by the TA linker script. The
address and size of the buffer is passed to the TEE core via a call to
the gprof PTA. After this call, the TEE core accesses the buffer
periodically, such as when the TA is interrupted by a timer interrupt.

Commit ef305e54eac8 ("libutee: allocate temp secmem for invoke")
modified the way that private TA memory is mapped in TA to TA
invocations, so that memory is mapped only for the duration of the
call. After this point, the memory is unmapped so the gprof sample
buffer becomes inaccessible, resulting in a crash:

E/TC:0 0 Core data-abort at address 0x121356 (translation fault)
E/TC:0 0 fsr 0x00000007 ttbr0 0x0e19206a ttbr1 0x0e18806a cidr 0x2
E/TC:0 0 cpu #0 cpsr 0x800001f2
E/TC:0 0 r0 0x00000000 r4 0x00000000 r8 0x00000000 r12 0x0017bb4b
E/TC:0 0 r1 0x000021ab r5 0x00000000 r9 0x00000000 sp 0x0e1928f0
E/TC:0 0 r2 0x0011d000 r6 0x00000000 r10 0x00000000 lr 0x0e112763
E/TC:0 0 r3 0x00121356 r7 0x0e1928f0 r11 0x00000000 pc 0x0e12958e
E/TC:0 0 Core data-abort at address 0x121356 .debug_info+1184598 (translation fault)
E/TC:0 0 Call stack:
E/TC:0 0 0x0e12958e tee_ta_gprof_sample_pc at optee_os/core/kernel/tee_ta_manager.c:897

The solution is to allocate and map the sample buffer explicitly in
user space when profiling is initialized, and at the same time get rid
of the reserved area in the TA linker script. The TEE core also needs
to check that the sample buffer is valid before writing to it,
otherwise a malicious TA could crash the core by unmapping that memory.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Sumit Garg <sumit.garg@linaro.org>

show more ...


/optee_os/.shippable.yml
/optee_os/MAINTAINERS
/optee_os/core/arch/arm/arm.mk
/optee_os/core/arch/arm/include/sm/optee_smc.h
/optee_os/core/arch/arm/kernel/early_ta.c
/optee_os/core/arch/arm/kernel/ree_fs_ta.c
/optee_os/core/arch/arm/kernel/thread_a32.S
/optee_os/core/arch/arm/plat-bcm/conf.mk
/optee_os/core/arch/arm/plat-bcm/crc32.c
/optee_os/core/arch/arm/plat-bcm/crc32.h
/optee_os/core/arch/arm/plat-bcm/main.c
/optee_os/core/arch/arm/plat-bcm/platform_config.h
/optee_os/core/arch/arm/plat-bcm/sub.mk
/optee_os/core/arch/arm/plat-hikey/main.c
/optee_os/core/arch/arm/plat-imx/conf.mk
/optee_os/core/arch/arm/plat-imx/registers/imx6.h
/optee_os/core/arch/arm/plat-rockchip/common.h
/optee_os/core/arch/arm/plat-rockchip/conf.mk
/optee_os/core/arch/arm/plat-rockchip/cru.h
/optee_os/core/arch/arm/plat-rockchip/grf.h
/optee_os/core/arch/arm/plat-rockchip/main.c
/optee_os/core/arch/arm/plat-rockchip/plat_init.S
/optee_os/core/arch/arm/plat-rockchip/platform.c
/optee_os/core/arch/arm/plat-rockchip/platform.h
/optee_os/core/arch/arm/plat-rockchip/platform_config.h
/optee_os/core/arch/arm/plat-rockchip/platform_px30.c
/optee_os/core/arch/arm/plat-rockchip/platform_rk322x.c
/optee_os/core/arch/arm/plat-rockchip/platform_rk3399.c
/optee_os/core/arch/arm/plat-rockchip/psci_rk322x.c
/optee_os/core/arch/arm/plat-rockchip/sub.mk
/optee_os/core/core.mk
/optee_os/core/crypto/aes-cts.c
/optee_os/core/crypto/cbc-mac.c
/optee_os/core/crypto/crypto.c
/optee_os/core/crypto/rng_fortuna.c
/optee_os/core/drivers/bnxt/bnxt.c
/optee_os/core/drivers/bnxt/bnxt_fw.c
/optee_os/core/drivers/bnxt/bnxt_images.c
/optee_os/core/drivers/bnxt/sub.mk
/optee_os/core/drivers/sub.mk
/optee_os/core/include/crypto/crypto.h
/optee_os/core/include/drivers/bcm/bnxt.h
/optee_os/core/include/drivers/gic.h
/optee_os/core/include/tee/tee_cryp_utl.h
/optee_os/core/kernel/huk_subkey.c
/optee_os/core/kernel/tee_ta_manager.c
/optee_os/core/pta/bcm/bnxt.c
/optee_os/core/pta/bcm/sub.mk
/optee_os/core/pta/secstor_ta_mgmt.c
/optee_os/core/pta/sub.mk
/optee_os/core/pta/tests/invoke.c
/optee_os/core/sub.mk
/optee_os/core/tee/fs_htree.c
/optee_os/core/tee/tadb.c
/optee_os/core/tee/tee_cryp_concat_kdf.c
/optee_os/core/tee/tee_cryp_hkdf.c
/optee_os/core/tee/tee_cryp_pbkdf2.c
/optee_os/core/tee/tee_cryp_utl.c
/optee_os/core/tee/tee_fs_key_manager.c
/optee_os/core/tee/tee_rpmb_fs.c
/optee_os/core/tee/tee_svc_cryp.c
/optee_os/ldelf/link.mk
libutee/arch/arm/gprof/gprof.c
/optee_os/mk/config.mk
/optee_os/mk/subdir.mk
/optee_os/ta/arch/arm/ta.ld.S
099918f605-Sep-2019 Sumit Garg <sumit.garg@linaro.org>

ftrace: Add support for syscall function tracer

This patch adds support for syscall tracing in TEE core. It complements
existing ftrace support for user TAs via adding trace for syscalls that
are in

ftrace: Add support for syscall function tracer

This patch adds support for syscall tracing in TEE core. It complements
existing ftrace support for user TAs via adding trace for syscalls that
are invoked by user TAs into the TEE core.

And after this patch ftrace will cover both TA and TEE core code. So lets
rename config option from CFG_TA_FTRACE_SUPPORT to CFG_FTRACE_SUPPORT.

It is optional to enable syscall trace via CFG_SYSCALL_FTRACE=y config
option in addition to CFG_FTRACE_SUPPORT=y config option.

Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...


/optee_os/core/arch/arm/arm.mk
/optee_os/core/arch/arm/include/kernel/misc.h
/optee_os/core/arch/arm/include/kernel/user_ta.h
/optee_os/core/arch/arm/include/mm/core_mmu.h
/optee_os/core/arch/arm/include/sm/sm.h
/optee_os/core/arch/arm/kernel/abort.c
/optee_os/core/arch/arm/kernel/sub.mk
/optee_os/core/arch/arm/kernel/thread.c
/optee_os/core/arch/arm/kernel/unwind_arm64.c
/optee_os/core/arch/arm/kernel/user_ta.c
/optee_os/core/arch/arm/mm/sub.mk
/optee_os/core/arch/arm/sm/sm_a32.S
/optee_os/core/arch/arm/tee/arch_svc.c
/optee_os/core/core.mk
/optee_os/core/include/kernel/tee_ta_manager.h
/optee_os/core/kernel/tee_ta_manager.c
/optee_os/ldelf/ftrace.c
/optee_os/ldelf/ftrace.h
/optee_os/ldelf/main.c
/optee_os/ldelf/sub.mk
libutee/include/user_ta_header.h
libutils/ext/arch/arm/mcount_a32.S
libutils/ext/arch/arm/mcount_a64.S
libutils/ext/ftrace/ftrace.c
libutils/ext/ftrace/sub.mk
libutils/isoc/arch/arm/setjmp_a32.S
libutils/isoc/arch/arm/setjmp_a64.S
libutils/isoc/include/setjmp.h
/optee_os/mk/config.mk
/optee_os/scripts/arm32_sysreg.py
/optee_os/scripts/symbolize.py
/optee_os/ta/arch/arm/link.mk
/optee_os/ta/arch/arm/user_ta_header.c
/optee_os/ta/ta.mk

1...<<11121314151617181920>>...36