libutils: util.h: Relax ROUNDDOWN() and add ROUNDDOWN2()

Remove constraint on ROUNDDOWN() to have its size argument being a power
of 2 and add new ROUNDDOWN2() macro with that constraint.

The previ

libutils: util.h: Relax ROUNDDOWN() and add ROUNDDOWN2()

Remove constraint on ROUNDDOWN() to have its size argument being a power
of 2 and add new ROUNDDOWN2() macro with that constraint.

The previous implementation of ROUNDDOWN(), optimized for when size
argument is a power of 2, is now used for ROUNDDOWN2() but this latter
also asserts (in debug build mode) that the size argument conforms to
this condition.

The new implementation of ROUNDDOWN() is less optimal but modern
compilers produce the same optimized assembly code with this macro when
the size argument is a constant value known from the compiler so all
use of ROUNDDOWN() with a known constant value do not need move to
ROUNDDOWN2().

Performance sensitive routines should now on use ROUNDDOWN2() to
leverage the power-of-2 rounding optimization.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutils: util.h: Relax ROUNDUP() and add ROUNDUP2()

Remove constraint on ROUNDUP() to have its size argument being a power
of 2 and add new ROUNDUP2() macro with that constraint.

The previous impl

libutils: util.h: Relax ROUNDUP() and add ROUNDUP2()

Remove constraint on ROUNDUP() to have its size argument being a power
of 2 and add new ROUNDUP2() macro with that constraint.

The previous implementation of ROUNDUP(), optimized for when size
argument is a power of 2, is now used for ROUNDUP2() but this latter
also asserts (in debug build mode) that the size argument conforms to
this condition.

The new implementation of ROUNDUP() is less optimal but modern
compilers produce the same optimized assembly code with this macro
when the size argument is a constant value known from the compiler
so all use of ROUNDUP() with a known constant value do not need
move to ROUNDUP2().

Performance sensitive routines should now on use ROUNDUP2() to
leverage the power-of-2 rounding optimization.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutils: util.h: Relax ROUNDUP_OVERFLOW() and add ROUNDUP2_OVERFLOW()

Remove constraint on ROUNDUP_OVERFLOW() to have its size argument being
a power of 2 and add new ROUNDUP2_OVERFLOW() macro with

libutils: util.h: Relax ROUNDUP_OVERFLOW() and add ROUNDUP2_OVERFLOW()

Remove constraint on ROUNDUP_OVERFLOW() to have its size argument being
a power of 2 and add new ROUNDUP2_OVERFLOW() macro with that constraint.

The previous implementation of ROUNDUP_OVERFLOW(), optimized for when
size argument is a power of 2, is now used for ROUNDUP2_OVERFLOW() but
this latter also asserts (in debug build mode) that the size argument
conforms to this condition.

Performance sensitive routines should now on use ROUNDUP2_OVERFLOW() to
leverage the power-of-2 rounding optimization.

The new implementation of ROUNDUP_OVERFLOW() is less optimal but modern
compilers produce the same optimized assembly code with this macro
when the size argument is a constant value known from the compiler
so all use of ROUNDUP_OVERFLOW() with a known constant value do not need
move to ROUNDUP2_OVERFLOW().

By the way, fix the indentation in the macro implementation for
consistency of the header file implementation and extend the inline
description comment.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutils: util.h: Relax ROUNDUP_DIV() and add ROUNDUP2_DIV()

Remove constraint on ROUNDUP_DIV() to have its size argument being a
power of 2 and add new ROUNDUP2_DIV() macro with that constraint.

T

libutils: util.h: Relax ROUNDUP_DIV() and add ROUNDUP2_DIV()

Remove constraint on ROUNDUP_DIV() to have its size argument being a
power of 2 and add new ROUNDUP2_DIV() macro with that constraint.

The previous implementation of ROUNDUP_DIV(), optimized for when size
argument is a power of 2, is now used for ROUNDUP2_DIV() but this latter
also asserts (in debug build mode) that the size argument conforms to
this condition.

Performance sensitive routines should now on use ROUNDUP2_DIV() to
leverage the power-of-2 rounding optimization.

The new implementation of ROUNDUP_DIV() is less optimal but modern
compilers produce the same optimized assembly code with this macro
when the size argument is a constant value known from the compiler
so all use of ROUNDUP_DIV() with a known constant value do not need
move to ROUNDUP2_DIV().

By the way, fix the indentation in the macro implementation for
consistency of the header file implementation.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutils: util.h: fix ROUND*() macros description argument constraint

Correct inline description comment for ROUNDUP(), ROUNDUP_OVERFLOW(),
ROUNDDOWN() where the second argument is expected to be a

libutils: util.h: fix ROUND*() macros description argument constraint

Correct inline description comment for ROUNDUP(), ROUNDUP_OVERFLOW(),
ROUNDDOWN() where the second argument is expected to be a power of 2,
not a multiple of 2.

Add an inline description comment to ROUNDUP_OVERFLOW() to state
this requirement.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libmbedtls: use mempool_calloc() for temporary memory

mbedtls_mpi_exp_mod_optionally_safe() needs a large chunk of temporary
memory for the mbedtls_mpi_core_exp_mod() function. The amount of memory

libmbedtls: use mempool_calloc() for temporary memory

mbedtls_mpi_exp_mod_optionally_safe() needs a large chunk of temporary
memory for the mbedtls_mpi_core_exp_mod() function. The amount of memory
is too much to reliably allocate from the heap. So use mempool_calloc()
instead of mbedtls_calloc(), similar to using mbedtls_mpi_init_mempool()
instead of mbedtls_mpi_init().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

Squashed commit upgrading to mbedtls-3.6.2

Squash merging branch import/mbedtls-3.6.2.

85df256c4a67 ("libmbedtls: add CFG_CORE_UNSAFE_MODEXP and CFG_TA_MEBDTLS_UNSAFE_MODEXP")
1e9c6f15ef0f ("libm

Squashed commit upgrading to mbedtls-3.6.2

Squash merging branch import/mbedtls-3.6.2.

85df256c4a67 ("libmbedtls: add CFG_CORE_UNSAFE_MODEXP and CFG_TA_MEBDTLS_UNSAFE_MODEXP")
1e9c6f15ef0f ("libmbedtls: allow inclusion of arm_neon.h")
fab5313d7598 ("libmbedtls: fix cipher_wrap.c for NIST AES Key Wrap mode")
58c8b24bac04 ("libmbedtls: fix cipher_wrap.c for chacha20 and chachapoly")
50e013c6c306 ("libmbedtls: add fault mitigation in mbedtls_rsa_rsassa_pkcs1_v15_verify()")
c363a3c7e7e1 ("libmbedtls: add fault mitigation in mbedtls_rsa_rsassa_pss_verify_ext()")
91d9fe4fad38 ("libmbedtls: add SM2 curve")
b03fbd7006aa ("libmbedtls: fix no CRT issue")
bed9eb0c5209 ("libmbedtls: add interfaces in mbedtls for context memory operation")
65e7ec82d894 ("libmedtls: mpi_miller_rabin: increase count limit")
5e0191a043cb ("libmbedtls: add mbedtls_mpi_init_mempool()")
bf7ce25bb90f ("libmbedtls: make mbedtls_mpi_mont*() available")
04a9845a09b4 ("mbedtls: configure mbedtls to reach for config")
3f98104bba82 ("mbedtls: remove default include/mbedtls/config.h")
4d211f365152 ("Import mbedtls-3.6.2")

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

pta: veraison_attestation: integrate Veraison remote attestation PTA

Copy remote attestation PTA functionality from the repository:
https://github.com/iisec-suzaki/optee-ra (commit: 80ca8ef), and ma

pta: veraison_attestation: integrate Veraison remote attestation PTA

Copy remote attestation PTA functionality from the repository:
https://github.com/iisec-suzaki/optee-ra (commit: 80ca8ef), and make
the following adjustments for integration:

- Add build configuration for remote attestation PTA by introducing
the CFG_VERAISON_ATTESTATION_PTA option to align with the new naming
convention.
- Replace the custom base64 implementation with the base64 library
added in PR OP-TEE#7007.
- Update QCBOR integration by removing custom QCBOR files and using
the standard library, adjusting paths as necessary.
- Apply region validation improvements introduced in PR OP-TEE#6195.
- Update API calls in sign.c to align with libmbedtls changes from
PR OP-TEE#6151.
- Calculate the required buffer size at runtime to minimize memory
allocation.
- Refactor code to improve readability and maintainability.
- Add SPDX license identifier (BSD-2-Clause) and copyright notice.

Signed-off-by: Yuichi Sugiyama <yuichis@ricsec.co.jp>
Reviewed-by: Thomas Fossati <thomas.fossati@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: fix TEE_MemMove()'s return type

In all the published versions of the TEE Internal API Specification,
the return type of TEE_MemMove() has always been void, not void *.

Fixes: b01047730e77

libutee: fix TEE_MemMove()'s return type

In all the published versions of the TEE Internal API Specification,
the return type of TEE_MemMove() has always been void, not void *.

Fixes: b01047730e77 ("Open-source the TEE Core")
Signed-off-by: Vincent Mailhol <mailhol.vincent@wanadoo.fr>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

compiler.h: only use __no_stack_protector if supported by the compiler

The __attribute__((no_stack_protector)) was introduced in GCC 11.
Building a TA with a version of GCC older than that would tri

compiler.h: only use __no_stack_protector if supported by the compiler

The __attribute__((no_stack_protector)) was introduced in GCC 11.
Building a TA with a version of GCC older than that would trigger a
-Wattributes warning on the ta/user_ta_header.c file.

Use __has_attribute() to check support of the no_stack_protector
attribute before using it. If not supported, define the
__no_stack_protector alias as a NOP.

Fixes: e3fb2bd005f0 ("compiler.h: add __no_stack_protector")
Signed-off-by: Vincent Mailhol <mailhol.vincent@wanadoo.fr>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libmbedtls: mbedtls_config_uta.h: enable SHA-384 and SHA-512 support

Enable SHA-384 and SHA-512 support for user TAs.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne

libmbedtls: mbedtls_config_uta.h: enable SHA-384 and SHA-512 support

Enable SHA-384 and SHA-512 support for user TAs.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

tee_api_types.h: default alignment for TEE_BigIntFMMContext

Remove the custom alignment from TEE_BigIntFMMContext.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Car

tee_api_types.h: default alignment for TEE_BigIntFMMContext

Remove the custom alignment from TEE_BigIntFMMContext.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

compiler.h: add __no_stack_protector

Add the __no_stack_protector macro as an alias for
__attribute__((no_stack_protector)), which prevents the generation by
the compiler of the stack protection cod

compiler.h: add __no_stack_protector

Add the __no_stack_protector macro as an alias for
__attribute__((no_stack_protector)), which prevents the generation by
the compiler of the stack protection code.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Khoa Hoang <admin@khoahoang.com>

show more ...

user_ta_header.h: update TA_FLAGS_MASK for RPMB support

TA_FLAG_DEVICE_ENUM_RPMB 12 is a valid flag now. Fixes usage of
this new flag at runtime in TAs.

Signed-off-by: Mikko Rapeli <mikko.rapeli@li

user_ta_header.h: update TA_FLAGS_MASK for RPMB support

TA_FLAG_DEVICE_ENUM_RPMB 12 is a valid flag now. Fixes usage of
this new flag at runtime in TAs.

Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: add flag to enumerate TAs when secure storage is ready

Add TA_FLAG_DEVICE_ENUM_TEE_STORAGE_PRIVATE with similar usage as
TA_FLAG_DEVICE_ENUM_SUPP except that it is used to add an enumeration
p

core: add flag to enumerate TAs when secure storage is ready

Add TA_FLAG_DEVICE_ENUM_TEE_STORAGE_PRIVATE with similar usage as
TA_FLAG_DEVICE_ENUM_SUPP except that it is used to add an enumeration
point when secure storage is ready.

The new TA function PTA_CMD_GET_DEVICES_RPMB is added to the device PTA
to report TAs depending on RPMB.

PTA_CMD_GET_DEVICES_RPMB will if CFG_REE_FS!=y and CFG_RPMB_FS=y first
try to initialize RPMB and only if successful will it return eventual
TAs with the TA_FLAG_DEVICE_ENUM_TEE_STORAGE_PRIVATE flag set.

PTA_CMD_GET_DEVICES_SUPP will if CFG_REE_FS=y include TAs with the
TA_FLAG_DEVICE_ENUM_TEE_STORAGE_PRIVATE flag set in the list of TAs to
return.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

libutils: malloc.h: add nex_malloc_buffer_overlaps_heap()

Add the macros nex_malloc_buffer_overlaps_heap() and
nex_malloc_buffer_is_within_alloced() as aliases for
malloc_buffer_overlaps_heap() and

libutils: malloc.h: add nex_malloc_buffer_overlaps_heap()

Add the macros nex_malloc_buffer_overlaps_heap() and
nex_malloc_buffer_is_within_alloced() as aliases for
malloc_buffer_overlaps_heap() and malloc_buffer_is_within_alloced() when
virtualization isn't enabled.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

libutils: add PADDR_MAX and PADDR_SIZE_MAX

Add defines for the maximum values of paddr_t and paddr_size_t.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <j

libutils: add PADDR_MAX and PADDR_SIZE_MAX

Add defines for the maximum values of paddr_t and paddr_size_t.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

pta: remoteproc: Add command to release remote processor resources

This patch introduces a new PTA command `PTA_REMOTEPROC_RELEASE` to
release the resources associated with a remote processor.

- De

pta: remoteproc: Add command to release remote processor resources

This patch introduces a new PTA command `PTA_REMOTEPROC_RELEASE` to
release the resources associated with a remote processor.

- Definition of the `PTA_REMOTEPROC_RELEASE` PTA command the header file
- Implement the command in the stm32mp remote proc PTA to request the
clean of the remoteproc memories.

Signed-off-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

Move base64.{c,h} from libutee to libutils

Make the base64 routines publicly available by moving them from libutee
to libutils. The _ prefix is removed from the public functions since
they aren't in

Move base64.{c,h} from libutee to libutils

Make the base64 routines publicly available by moving them from libutee
to libutils. The _ prefix is removed from the public functions since
they aren't internal to libutee any longer.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: mbedtls: Fix build

The macro 'MBEDTLS_INTERNAL_VALIDATE_RET()' was removed in upstream commit
https://github.com/Mbed-TLS/mbedtls/commit/cc0fd47531ffeffb3185db77a17ee113

The macro was a no-op

core: mbedtls: Fix build

The macro 'MBEDTLS_INTERNAL_VALIDATE_RET()' was removed in upstream commit
https://github.com/Mbed-TLS/mbedtls/commit/cc0fd47531ffeffb3185db77a17ee113

The macro was a no-op, so just remove the checks.

This fixes building OP-TEE with:

make PLATFORM=vexpress \
PLATFORM_FLAVOR=juno \
CFG_CRYPTOLIB_NAME=mbedtls \
CFG_CRYPTOLIB_DIR=lib/libmbedtls
...
lib/libmbedtls/core/hash.c: In function 'mbedtls_internal_sha1_process':
lib/libmbedtls/core/hash.c:205:9: error: implicit declaration of function 'MBEDTLS_INTERNAL_VALIDATE_RET'

Signed-off-by: Jacob Kroon <jacobkr@axis.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

libutils: add array helpers

Add helper function() to insert and remove an element from an array. The
helper functions shifts the elements in the array as needed to make room
or fill a room of an ele

libutils: add array helpers

Add helper function() to insert and remove an element from an array. The
helper functions shifts the elements in the array as needed to make room
or fill a room of an element at a certain position.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

libutils: qsort helper for standard types

Add qsort_int(), qsort_uint(), qsort_u32() and friends as qsort() helper
functions to sort standard typed arrays.

Signed-off-by: Etienne Carriere <etienne.

libutils: qsort helper for standard types

Add qsort_int(), qsort_uint(), qsort_u32() and friends as qsort() helper
functions to sort standard typed arrays.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

arm32: ftrace: skip profiling of __aeabi functions

When compiling the __aeabi functions, skip profiling unconditionally to
avoid recursive calls.

Reported-by: Jerome Forissier <jerome.forissier@lin

arm32: ftrace: skip profiling of __aeabi functions

When compiling the __aeabi functions, skip profiling unconditionally to
avoid recursive calls.

Reported-by: Jerome Forissier <jerome.forissier@linaro.org>
Closes: https://github.com/OP-TEE/optee_os/issues/6870
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (vexpress-qemu_virt)

show more ...

Fix TA_FLAGS_MASK

Add missing TA_FLAG_DONT_CLOSE_HANDLE_ON_CORRUPT_OBJECT to
TA_FLAGS_MASK.

Fixes: 138c5102ef4c ("GP131: Add TA property gpd.ta.doesNotCloseHandleOnCorruptObject")
Suggested-by: Mik

Fix TA_FLAGS_MASK

Add missing TA_FLAG_DONT_CLOSE_HANDLE_ON_CORRUPT_OBJECT to
TA_FLAGS_MASK.

Fixes: 138c5102ef4c ("GP131: Add TA property gpd.ta.doesNotCloseHandleOnCorruptObject")
Suggested-by: Mikko Rapeli <mikko.rapeli@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

Squashed commit upgrading to mbedtls-3.6.0

Squash merging branch import/mbedtls-3.6.0

0fc9291f4 ("libmbedtls: bignum: restore mbedtls_mpi_exp_mod() from v3.5.2")
0ef87b1e6 ("libmbedtls: reset minim

Squashed commit upgrading to mbedtls-3.6.0

Squash merging branch import/mbedtls-3.6.0

0fc9291f4 ("libmbedtls: bignum: restore mbedtls_mpi_exp_mod() from v3.5.2")
0ef87b1e6 ("libmbedtls: reset minimum rsa key size")
70b079496 ("libmbedtls: adjust use of rsa pk_wrap API")
6cf76464f ("libmbedtls: allow inclusion of arm_neon.h")
27df5c911 ("libmbedtls: fix cipher_wrap.c for NIST AES Key Wrap mode")
aa584f9ed ("libmbedtls: fix cipher_wrap.c for chacha20 and chachapoly")
523ae957e ("libmbedtls: add fault mitigation in mbedtls_rsa_rsassa_pkcs1_v15_verify()")
30bdb1bbf ("libmbedtls: add fault mitigation in mbedtls_rsa_rsassa_pss_verify_ext()")
e45cdab62 ("libmbedtls: add SM2 curve")
d2fda4fc2 ("libmbedtls: fix no CRT issue")
ab0eb5515 ("libmbedtls: add interfaces in mbedtls for context memory operation")
7925a6f26 ("libmedtls: mpi_miller_rabin: increase count limit")
8eaf69279 ("libmbedtls: add mbedtls_mpi_init_mempool()")
12e83fc8d ("libmbedtls: make mbedtls_mpi_mont*() available")
f9e261da5 ("mbedtls: configure mbedtls to reach for config")
7b6f378d7 ("mbedtls: remove default include/mbedtls/config.h")
c16331743 ("Import mbedtls-3.6.0")

Signed-off-by: Tom Van Eyck <tom.vaneyck@kuleuven.be>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...