| 95d0db1e | 15-May-2019 |
Jens Wiklander <jens.wiklander@linaro.org> |
core: add system wide mempool_default
Adds system wide mempool_default for temporary large memory allocations.
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere
core: add system wide mempool_default
Adds system wide mempool_default for temporary large memory allocations.
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 7c8b181a | 25-Feb-2019 |
Jerome Forissier <jerome.forissier@linaro.org> |
libutils: add memzero_explicit()
Adds a new function: memzero_explicit(s, count) which is equivalent to
memset(s, 0, count) except that it cannot be optimized away by the
compiler.
memset() being a
libutils: add memzero_explicit()
Adds a new function: memzero_explicit(s, count) which is equivalent to
memset(s, 0, count) except that it cannot be optimized away by the
compiler.
memset() being a built-in function, the compiler is free to perform
optimizations such as simply discarding a call when it considers that the
call cannot have any observable effect from the program's point of view.
A typical example is clearing local data before returning from a
function. memset() is likely to have no effect in this case while
memzero_explicit() will work as expected.
Calling memset() directly from memzero_explicit() would work as long as
link time optimization (LTO) is not applied. With LTO however, the
compiler could inline the call to memzero_explicit() and find out that
dead store optimization applies. In order to avoid that, we use a method
mentioned in [1] which consists in using a volatile function pointer.
This method is considered "effective in practice" with all the commonly
used compilers.
Link: [1] https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-yang.pdf
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
show more ...
|
| 4e570655 | 13-Feb-2019 |
Jerome Forissier <jerome.forissier@linaro.org> |
libutils: add free_wipe()
Adds function free_wipe(void *ptr) to clear a buffer before returning
it to the heap. The pattern used to overwrite the data is 0x55.
Users have to #include <stdlib_ext.h>
libutils: add free_wipe()
Adds function free_wipe(void *ptr) to clear a buffer before returning
it to the heap. The pattern used to overwrite the data is 0x55.
Users have to #include <stdlib_ext.h> to import the declaration.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| c2ce4186 | 12-Apr-2019 |
Jens Wiklander <jens.wiklander@linaro.org> |
Introduce CFG_CORE_DUMP_OOM
Introduces CFG_CORE_DUMP_OOM which if y will print an error and dump the
stack on memory allocation failures using malloc() and friends.
Reviewed-by: Jerome Forissier <j
Introduce CFG_CORE_DUMP_OOM
Introduces CFG_CORE_DUMP_OOM which if y will print an error and dump the
stack on memory allocation failures using malloc() and friends.
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| a73b5878 | 07-Feb-2019 |
Jens Wiklander <jens.wiklander@linaro.org> |
Replace ta_head.entry with elf entry
Prior to this patch the entry function of the TA was stored in ta_head
which is located in a read-only section of the TA. This results in the
linker emitting a r
Replace ta_head.entry with elf entry
Prior to this patch the entry function of the TA was stored in ta_head
which is located in a read-only section of the TA. This results in the
linker emitting a relocation modifying a read-only section. This is a
problem if the read-only section is mapped read-only while relocations
are performed. To avoid this problematic relocation the ta_head.entry
is removed and the ELF entry point is used instead.
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| e34f6cde | 12-Apr-2019 |
Sumit Garg <sumit.garg@linaro.org> |
gprof: define original mcount APIs inserted by compiler
Simplify gprof implementation via defining original mcount APIs: _mcount
(for aarch64) and __gnu_mcount_nc (for arm) inserted by compiler inst
gprof: define original mcount APIs inserted by compiler
Simplify gprof implementation via defining original mcount APIs: _mcount
(for aarch64) and __gnu_mcount_nc (for arm) inserted by compiler instead
of providing them via __utee_mcount API.
Also remove weak definitions of mcount API that were earlier mandated by
linker script via PROVIDE().
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
show more ...
|
| 2976273f | 17-Apr-2019 |
Jens Wiklander <jens.wiklander@linaro.org> |
libmbedtls: preserve mempool usage on reinit
be040a3e949b ("libmbedtls: preserve mempool usage on reinit") from
branch import/mbedtls-2.16.0
Preserve the use_mempool field when reinitializing X in
libmbedtls: preserve mempool usage on reinit
be040a3e949b ("libmbedtls: preserve mempool usage on reinit") from
branch import/mbedtls-2.16.0
Preserve the use_mempool field when reinitializing X in
mbedtls_mpi_read_binary().
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| b99a4a18 | 17-Apr-2019 |
Jens Wiklander <jens.wiklander@linaro.org> |
libmbedtls: mbedtls_mpi_exp_mod() initialize W
ae499f6a39f3 ("libmbedtls: mbedtls_mpi_exp_mod() initialize W") from
branch import/mbedtls-2.16.0
Initialize W using mbedtls_mpi_init_mempool() instea
libmbedtls: mbedtls_mpi_exp_mod() initialize W
ae499f6a39f3 ("libmbedtls: mbedtls_mpi_exp_mod() initialize W") from
branch import/mbedtls-2.16.0
Initialize W using mbedtls_mpi_init_mempool() instead of memset() to
ensure that the temporary variable uses the designated memory pool if
configured.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| ef21404e | 21-Mar-2019 |
Jens Wiklander <jens.wiklander@linaro.org> |
mbedtls: Support AES-CCM algorithm
Use AES-CCM implementation from libtomcrypt instead of mbedtls version
due to limitations in the mbedtls API.
Acked-by: Etienne Carriere <etienne.carriere@linaro.
mbedtls: Support AES-CCM algorithm
Use AES-CCM implementation from libtomcrypt instead of mbedtls version
due to limitations in the mbedtls API.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| a4ae1ebe | 27-Mar-2019 |
Jens Wiklander <jens.wiklander@linaro.org> |
libmbedtls: Support cipher XTS algorithm
Cipher XTS is not supported in MbedTLS, use libtomcrypt instead.
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jen
libmbedtls: Support cipher XTS algorithm
Cipher XTS is not supported in MbedTLS, use libtomcrypt instead.
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| a2aa5803 | 27-Mar-2019 |
Jens Wiklander <jens.wiklander@linaro.org> |
libmbedtls: Support DSA algorithm
DSA is not supported in MbedTLS, use libtomcrypt instead.
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@li
libmbedtls: Support DSA algorithm
DSA is not supported in MbedTLS, use libtomcrypt instead.
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| ad6cfae7 | 11-Sep-2017 |
Edison Ai <edison.ai@arm.com> |
libmbedtls: support mbedtls ECC function
Support mbedtls ECC: ecdh and ecdsa.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Edison Ai <edison.ai@arm.com>
Signed-off-by: Je
libmbedtls: support mbedtls ECC function
Support mbedtls ECC: ecdh and ecdsa.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Edison Ai <edison.ai@arm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 34789f62 | 11-Sep-2017 |
Edison Ai <edison.ai@arm.com> |
libmbedtls: support mbedtls DH function
Implement DH function based on mbedtls.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Edison Ai <edison.ai@arm.com>
Signed-off-by:
libmbedtls: support mbedtls DH function
Implement DH function based on mbedtls.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Edison Ai <edison.ai@arm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| f8907bbf | 11-Aug-2017 |
Edison Ai <edison.ai@arm.com> |
libmbedtls: support mbedtls acipher RSA function
Support RSA:
RSASSA_PKCS1_V1_5
RSASSA_PKCS1_PSS_MGF1
RSAES_PKCS1_V1_5
RSAES_PKCS1_OAEP_MGF1
Acked-by: Etienne Carriere <etienne.carriere@linaro.
libmbedtls: support mbedtls acipher RSA function
Support RSA:
RSASSA_PKCS1_V1_5
RSASSA_PKCS1_PSS_MGF1
RSAES_PKCS1_V1_5
RSAES_PKCS1_OAEP_MGF1
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Edison Ai <edison.ai@arm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 000fae55 | 14-Sep-2017 |
Edison Ai <edison.ai@arm.com> |
libmbedtls: support mbedtls bignum functions
Implement bignum function based on mbedtls.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Edison Ai <edison.ai@arm.com>
Signed
libmbedtls: support mbedtls bignum functions
Implement bignum function based on mbedtls.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Edison Ai <edison.ai@arm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| ebc81cdc | 27-Dec-2017 |
Edison Ai <edison.ai@arm.com> |
libmbedtls: support CMAC algorithm
Implement CMAC function based on mbedtls.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Edison Ai <edison.ai@arm.com>
Signed-off-by: Jen
libmbedtls: support CMAC algorithm
Implement CMAC function based on mbedtls.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Edison Ai <edison.ai@arm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 2b716ccc | 01-Oct-2017 |
Edison Ai <edison.ai@arm.com> |
libmbedtls: support mbedtls HMAC algorithm
Implement HMAC function based on mbedtls.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Edison Ai <edison.ai@arm.com>
Signed-off
libmbedtls: support mbedtls HMAC algorithm
Implement HMAC function based on mbedtls.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Edison Ai <edison.ai@arm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 08caee9b | 02-Jul-2018 |
Summer Qin <summer.qin@arm.com> |
libmbedtls: implement AES encrypt api
These two implemented interfaces will be used by AES-GCM algo.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Summer Qin <summer.qin@a
libmbedtls: implement AES encrypt api
These two implemented interfaces will be used by AES-GCM algo.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Summer Qin <summer.qin@arm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| d2e5e90e | 09-Jan-2018 |
Edison Ai <edison.ai@arm.com> |
libmbedtls: support symmetrical ciphers
Adds support for symmetrical ciphers. The XTS mode is not supported in
mbedTLS and will be dealt with later.
Acked-by: Etienne Carriere <etienne.carriere@lin
libmbedtls: support symmetrical ciphers
Adds support for symmetrical ciphers. The XTS mode is not supported in
mbedTLS and will be dealt with later.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Edison Ai <edison.ai@arm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| dddd6a26 | 28-Mar-2019 |
Jens Wiklander <jens.wiklander@linaro.org> |
libmbedtls: support mbedtls hash algorithm
1. Support mbedtls hash algorithm.
2. Add mbedtls source configure
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Edison Ai <edis
libmbedtls: support mbedtls hash algorithm
1. Support mbedtls hash algorithm.
2. Add mbedtls source configure
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Edison Ai <edison.ai@arm.com>
[jw: moved hash routines to hash.c using ops interface]
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 884462fe | 27-Mar-2019 |
Jens Wiklander <jens.wiklander@linaro.org> |
core: with mbedtls as crypto lib compile LTC too
When mbedtls is configured as crypto lib compile libtomcrypt too in
order to complement with missing algorithms.
Acked-by: Jerome Forissier <jerome.
core: with mbedtls as crypto lib compile LTC too
When mbedtls is configured as crypto lib compile libtomcrypt too in
order to complement with missing algorithms.
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 77327d7a | 15-Dec-2017 |
Edison Ai <edison.ai@arm.com> |
libmbedtls: support mbedTLS in kernel mode
Initial step of mbedtls cryptos integration.
Directory created and interface file is drafted.
All function interfaces are set to "not supported".
The mbedt
libmbedtls: support mbedTLS in kernel mode
Initial step of mbedtls cryptos integration.
Directory created and interface file is drafted.
All function interfaces are set to "not supported".
The mbedtls can be selected by specifying build flags
"CFG_CRYPTOLIB_NAME=mbedtls" and "CFG_CRYPTOLIB_DIR=lib/libmbedtls"
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Edison Ai <edison.ai@arm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 8452b181 | 15-Dec-2017 |
Summer Qin <summer.qin@arm.com> |
libmbedtls: fix no CRT issue
b95a6c5de200 ("libmbedtls: fix no CRT issue") from branch
import/mbedtls-2.16.0
In NO_CRT mode, Q and P may be invalid. But Q and P will be re-filled
again if PRNG func
libmbedtls: fix no CRT issue
b95a6c5de200 ("libmbedtls: fix no CRT issue") from branch
import/mbedtls-2.16.0
In NO_CRT mode, Q and P may be invalid. But Q and P will be re-filled
again if PRNG function is valid. So add judgement process if it is
in NO_CRT mode.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Summer Qin <summer.qin@arm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 12484fc7 | 19-Dec-2018 |
Edison Ai <edison.ai@arm.com> |
libmbedtls: add interfaces in mbedtls for context memory operation
ac34734ac2c8 ("libmbedtls: add interfaces in mbedtls for context memory
operation") from branch import/mbedtls-2.16.0
For integrat
libmbedtls: add interfaces in mbedtls for context memory operation
ac34734ac2c8 ("libmbedtls: add interfaces in mbedtls for context memory
operation") from branch import/mbedtls-2.16.0
For integrating into OPTEE_OS, it needs add some interfaces:
1. add mbedtls_cipher_clone() for cipher to copy context between two
operations.
2. add mbedtls_cipher_setup_info() for cipher. cipher need to get its
"cipher_info" according the key length, while the key length is not an
input in allocate function. So, use a default key len in the beginning.
It need to reset the cipher info again in init function.
3. add mbedtls_cipher_cmac_setup() for cmac. This function is separate
from mbedtls_cipher_cmac_starts().
4. copy hmac context in md.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Edison Ai <edison.ai@arm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 3d3b0591 | 20-Mar-2019 |
Jens Wiklander <jens.wiklander@linaro.org> |
Squashed commit upgrading to mbedtls-2.16.0
Squash merging branch import/mbedtls-2.16.0
9ee2a92de51f ("libmbedtls: compile new files added with 2.16.0")
9b0818d48d29 ("mbedtls: fix memory leak in m
Squashed commit upgrading to mbedtls-2.16.0
Squash merging branch import/mbedtls-2.16.0
9ee2a92de51f ("libmbedtls: compile new files added with 2.16.0")
9b0818d48d29 ("mbedtls: fix memory leak in mpi_miller_rabin()")
2d6644ee0bbe ("libmedtls: mpi_miller_rabin: increase count limit")
d831db4c238a ("libmbedtls: add mbedtls_mpi_init_mempool()")
df0f4886b663 ("libmbedtls: make mbedtls_mpi_mont*() available")
7b0792062b65 ("libmbedtls: refine mbedtls license header")
2616e2d9709f ("mbedtls: configure mbedtls to reach for config")
d686ab1c51b7 ("mbedtls: remove default include/mbedtls/config.h")
50a57cfac892 ("Import mbedtls-2.16.0")
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|