mk/config.mk: hardcode CFG_OPTEE_REVISION_{MAJOR,MINOR}

There is really no guarantee that the values of CFG_OPTEE_REVISION_MAJOR
and CFG_OPTEE_REVISION_MINOR can be extracted from Git (think about
b

mk/config.mk: hardcode CFG_OPTEE_REVISION_{MAJOR,MINOR}

There is really no guarantee that the values of CFG_OPTEE_REVISION_MAJOR
and CFG_OPTEE_REVISION_MINOR can be extracted from Git (think about
building from a tarball or "git clone --depth=1"), so let's just hardcode
them into the configuration.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

Minimal OP-TEE without user TAs

Hide all user TA related code under CFG_WITH_USER_TA. When compiled
with:
CFG_WITH_USER_TA=n
CFG_CRYPTO=n
CFG_ENC_FS=n
CFG_SE_API=n
CFG_PCSC_PASSTHRU_READER_DRV=n

Sk

Minimal OP-TEE without user TAs

Hide all user TA related code under CFG_WITH_USER_TA. When compiled
with:
CFG_WITH_USER_TA=n
CFG_CRYPTO=n
CFG_ENC_FS=n
CFG_SE_API=n
CFG_PCSC_PASSTHRU_READER_DRV=n

Skips building in static TA tests for features not enabled.

The size of OP-TEE is reduced to one third of its original size.

Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU xtest 1001)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: new OPTEE_MSG interface

* Changes to a new OPTEE_MSG interface to work with the generic TEE driver.
* Removes TEESMC64_* defines as the TEESMC32_* functions are enhanced to
take 64bit values

core: new OPTEE_MSG interface

* Changes to a new OPTEE_MSG interface to work with the generic TEE driver.
* Removes TEESMC64_* defines as the TEESMC32_* functions are enhanced to
take 64bit values where required in pairs of 32bit registers instead.
* Changes open session meta information to be passed in two value
parameters instead of one memref.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey)
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU, FVP)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Introduce CFLAGS32 and CFLAGS64

Previously, compile.mk and gcc.mk were using $(CFLAGS) which cannot
properly handle 32-bit and 64-bit compiles. This commit introduces
CFLAGS32 and CFLAGS64 instead,

Introduce CFLAGS32 and CFLAGS64

Previously, compile.mk and gcc.mk were using $(CFLAGS) which cannot
properly handle 32-bit and 64-bit compiles. This commit introduces
CFLAGS32 and CFLAGS64 instead, which are set to $(CFLAGS) by defaut
for convenience.

For each submodule (core, ta_arm32, ta_arm64) a new internal variable
is defined in the architecture makefile (core/arch/arm/arm.mk):
arch-bits-$(sm). Its value is either 32 or 64. This can later be used
to reference the proper CFLAGS.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

RPMB: make device ID configurable

Introduce CFG_RPMB_FS_DEV_ID (default value: 0), so that the eMMC
device used by the RPMB filesystem is easily configurable.
For instance, set CFG_RPMB_FS_DEV_ID=1

RPMB: make device ID configurable

Introduce CFG_RPMB_FS_DEV_ID (default value: 0), so that the eMMC
device used by the RPMB filesystem is easily configurable.
For instance, set CFG_RPMB_FS_DEV_ID=1 for /dev/mmcblk1rpmb.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: stack unwinding

Adds support for stack unwinding, currently only done for fatal aborts
from kernel mode if CFG_CORE_UNWIND = y

The ARMv7/Aarch32 implementation uses -funwind-tables to generat

core: stack unwinding

Adds support for stack unwinding, currently only done for fatal aborts
from kernel mode if CFG_CORE_UNWIND = y

The ARMv7/Aarch32 implementation uses -funwind-tables to generate frame
unwinding information which is quite large. Enabling stack unwinding
currently consumes ~8 KiB. The code to parse the frame unwind
information is imported from FreeBSD.

The Aarch64 implementation takes advantage of the frame pointer and has
minimal overhead. The core code to unwind the stack is imported from
FreeBSD.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey 32/64)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU, FVP)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Introduce CROSS_COMPILE32 and CROSS_COMPILE64

Currently, to build a 64-bit TEE core (as well as mixed 32- and 64-bit
TA libraries, which are automatically enabled in this case), one has to
set too m

Introduce CROSS_COMPILE32 and CROSS_COMPILE64

Currently, to build a 64-bit TEE core (as well as mixed 32- and 64-bit
TA libraries, which are automatically enabled in this case), one has to
set too many compiler variables:

$ make PLATFORM=hikey CFG_ARM64_core=y \
CROSS_COMPILE_core=aarch64-linux-gnu- \
CROSS_COMPILE_ta_arm64=aarch64-linux-gnu-

This commit introduces two variables, CROSS_COMPILE32 and
CROSS_COMPILE64. They take appropriate default values, so that the
above line may be simplified as:

$ make PLATFORM=hikey CFG_ARM64_core=y

The change remains compatible with previous builds, i.e., CROSS_COMPILE
can still be used to define the 32-bit compiler because CROSS_COMPILE32
defaults to $(CROSS_COMPILE). Similarly, CROSS_COMPILE_core and
CROSS_COMPILE_ta_arm{32,64} are still used so they may be overridden
too.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

arm: add TA hard-float support

Adds support for hard-float in TAs. Hard-float is enabled by default for
all platforms which are capable, currently all. Soft-float is still
available if needed.

Revi

arm: add TA hard-float support

Adds support for hard-float in TAs. Hard-float is enabled by default for
all platforms which are capable, currently all. Soft-float is still
available if needed.

Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU, FVP)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Compiles user library using conf.h

Compilation of user libraries now includes conf.h
This makes the definition of CFG_xxx macro more reliable, without
the need of adding specific -D directives in ta

Compiles user library using conf.h

Compilation of user libraries now includes conf.h
This makes the definition of CFG_xxx macro more reliable, without
the need of adding specific -D directives in ta/ta.mk

Note that conf.h and conf.mk are no more generated in the out/core
directory.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

Replace CFG_TEE_IMPL_VERSION with TEE_IMPL_VERSION

Replaces CFG_TEE_IMPL_VERSION with TEE_IMPL_VERSION to avoid updating
<out-dir>/core/include/generated/conf.h each time description of the current

Replace CFG_TEE_IMPL_VERSION with TEE_IMPL_VERSION

Replaces CFG_TEE_IMPL_VERSION with TEE_IMPL_VERSION to avoid updating
<out-dir>/core/include/generated/conf.h each time description of the current
git commit is changed.

This avoids full recompiles that can't even be cached just because some
files has changed in an updated commit.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutils: provide aeabi functions using softfloat

Configures Softfloat to be used with aeabi function to provide floating
point support for user TAs. CFG_TA_FLOAT_SUPPORT is set to y for arm32
platf

libutils: provide aeabi functions using softfloat

Configures Softfloat to be used with aeabi function to provide floating
point support for user TAs. CFG_TA_FLOAT_SUPPORT is set to y for arm32
platforms to indicate that floating support is enabled.

Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Secure Storage: Added a flag to turn Block Cache off

Introduce a new flag CFG_FS_BLOCK_CACHE (default off) to
turn block cache on and off.

Signed-off-by: SY Chiu <sy.chiu@linaro.org>
Tested-by: SY

Secure Storage: Added a flag to turn Block Cache off

Introduce a new flag CFG_FS_BLOCK_CACHE (default off) to
turn block cache on and off.

Signed-off-by: SY Chiu <sy.chiu@linaro.org>
Tested-by: SY Chiu <sy.chiu@linaro.org> (QEMU,MT8173_EVB)
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

debug: enable bget memory leak detection

This patch enables memory leak detection in bget_malloc.c.
This is very helpful to find memory leakage issue in teecore
or user TA. To enable it in teecore,

debug: enable bget memory leak detection

This patch enables memory leak detection in bget_malloc.c.
This is very helpful to find memory leakage issue in teecore
or user TA. To enable it in teecore, build optee_os with
`CFG_TEE_CORE_MALLOC_DEBUG=y`. For user TA, build optee_os
with `CFG_TEE_TA_MALLOC_DEBUG=y`.

Then, add the following statement at some point of your
code that might frequently been triggered:

mdbg_check(1);

It will dump allocated memory blocks and the holders of
them. If you find a memory block appears multiple times
after the system runs a period of time, it is very likely
the source of memory leakage.

Here is an example output:

ERR TEE-CORE:mdbg_check:720: Orphaned buffer: 0 bytes core/tee/tee_svc_storage.c:260
ERR TEE-CORE:mdbg_check:720: Orphaned buffer: 104 bytes core/tee/tee_svc_storage.c:444
ERR TEE-CORE:mdbg_check:720: Orphaned buffer: 18 bytes core/tee/tee_pobj.c:119
ERR TEE-CORE:mdbg_check:720: Orphaned buffer: 56 bytes core/tee/tee_pobj.c:110
ERR TEE-CORE:mdbg_check:720: Orphaned buffer: 192 bytes core/arch/arm/mm/tee_mmu.c:93
ERR TEE-CORE:mdbg_check:720: Orphaned buffer: 32 bytes core/arch/arm/mm/tee_mmu.c:241
ERR TEE-CORE:mdbg_check:720: Orphaned buffer: 24 bytes core/arch/arm/mm/tee_mm.c:75
ERR TEE-CORE:mdbg_check:720: Orphaned buffer: 24 bytes core/arch/arm/mm/tee_mm.c:75
ERR TEE-CORE:mdbg_check:720: Orphaned buffer: 224 bytes core/arch/arm/kernel/tee_ta_manager.c:573
ERR TEE-CORE:mdbg_check:720: Orphaned buffer: 72 bytes core/arch/arm/kernel/tee_ta_manager.c:1202
ERR TEE-CORE:mdbg_check:720: Orphaned buffer: 7 bytes lib/libutils/isoc/strdup.c:34
ERR TEE-CORE:mdbg_check:720: Orphaned buffer: 7 bytes lib/libutils/isoc/strdup.c:34
ERR TEE-CORE:mdbg_check:720: Orphaned buffer: 7 bytes lib/libutils/isoc/strdup.c:34
ERR TEE-CORE:mdbg_check:720: Orphaned buffer: 7 bytes lib/libutils/isoc/strdup.c:34
ERR TEE-CORE:mdbg_check:720: Orphaned buffer: 32 bytes core/kernel/handle.c:70
ERR TEE-CORE:mdbg_check:720: Orphaned buffer: 24 bytes core/arch/arm/mm/tee_mm.c:48
ERR TEE-CORE:mdbg_check:720: Orphaned buffer: 24 bytes core/arch/arm/mm/tee_mm.c:48
ERR TEE-CORE:mdbg_check:720: Orphaned buffer: 24 bytes core/arch/arm/mm/tee_mm.c:48
ERR TEE-CORE:mdbg_check:720: Ignore buffer: 16 bytes lib/libutils/isoc/bget_malloc.c:794

You can see the buffer hold by strdup.c:34 appears 4 times,
so it's very likely to be the source of memory leakage.

Signed-off-by: SY Chiu <sy.chiu@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey)
Tested-by: SY Chiu <sy.chiu@linaro.org> (MT8173 EVB)

show more ...

Make compilation of lib/libutils/isoc configurable again

Commit c3e0bd74e4cf ("Delete libutil_with_isoc") wrongly assumed that
the code in lib/libutils/isoc is mandatory for any OP-TEE build. This i

Make compilation of lib/libutils/isoc configurable again

Commit c3e0bd74e4cf ("Delete libutil_with_isoc") wrongly assumed that
the code in lib/libutils/isoc is mandatory for any OP-TEE build. This is
not true for some non-upstream platforms which can find the functions in
external libraries.

Therefore, this commits makes the thing configurable again through
CFG_LIBUTILS_WITH_ISOC (default: y).

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reported-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: Optionally replace TEE_Panic() with macro

Help debugging by replacing TEE_Panic() with a macro that does an EMSG()
and then calls panic function (__TEE_Panic()).

Signed-off-by: Jens Wiklan

libutee: Optionally replace TEE_Panic() with macro

Help debugging by replacing TEE_Panic() with a macro that does an EMSG()
and then calls panic function (__TEE_Panic()).

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

TA as ELF + signature

Changes format of TA to use the ELF format instead. This patch also adds
signature checking of the TA. The format of the TA is:
<Signed header>
<ELF header>
<Program header> (p

TA as ELF + signature

Changes format of TA to use the ELF format instead. This patch also adds
signature checking of the TA. The format of the TA is:
<Signed header>
<ELF header>
<Program header> (part of ELF spec, pointing out segments to load)
<Sections>

A struct ta_head is placed in the first section of the first segment
to carry flags and other properties of the TA.

elf32.h, elf64.h and elf_common.h are imported from FreeBSD.

In addition to the R_ARM_RELATIVE relocation type, adds support for
R_ARM_ABS32 relocations. Since a symbol table is needed to process this
relocation type a separate program header is added in the TA ELF
containing the sections .dynamic, .dynsym, .dynstr and .hash. These
sections are only needed during relocation and could be released once
the TA is relocated.

A default signing key has been generated with
openssl genrsa -out key.pem
and added as keys/default_ta.pem

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU, FVP)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Tested-by: Pascal Brand <pascal.brand@linaro.org> (QEMU platform)
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey)

show more ...

Secure Storage: Implement block-based encrypted file system

- Meta file encryption/decryption is enforced
- Block file encryption/decryption is optional

Signed-off-by: James Kung <james.kung@linaro

Secure Storage: Implement block-based encrypted file system

- Meta file encryption/decryption is enforced
- Block file encryption/decryption is optional

Signed-off-by: James Kung <james.kung@linaro.org>
Signed-off-by: SY Chiu <sy.chiu@linaro.org>
Tested-by: James Kung <james.kung@linaro.org> (QEMU, MT8173 EVB)
Tested-by: SY Chiu <sy.chiu@linaro.org> (QEMU)
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

Secure Storage: Implemented block-based file operations

This patch represent a TEE file by many small REE files
and single meta file, which is used to describe the TEE
file. This approach can be use

Secure Storage: Implemented block-based file operations

This patch represent a TEE file by many small REE files
and single meta file, which is used to describe the TEE
file. This approach can be used as basis to support atomic
operation and enhance encrypt fs performance.

Signed-off-by: SY Chiu <sy.chiu@linaro.org>
Tested-by: SY Chiu <sy.chiu@linaro.org> (QEMU)
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

Build for PLATFORM=vexpress-qemu_virt by default

Also, for STM platforms, set CROSS_COMPILE=arm-linux-gnueabihf-
by default (which is a more standard prefix for the 32-bit
compiler).

Signed-off-by:

Build for PLATFORM=vexpress-qemu_virt by default

Also, for STM platforms, set CROSS_COMPILE=arm-linux-gnueabihf-
by default (which is a more standard prefix for the 32-bit
compiler).

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

Enhancing Secure Storage

- Implement encrypted file system key manager
* Key generation for SSK, FEK
* Provide helper APIs to do file encryption/decryption
* Finished key manager test cases fo

Enhancing Secure Storage

- Implement encrypted file system key manager
* Key generation for SSK, FEK
* Provide helper APIs to do file encryption/decryption
* Finished key manager test cases for file encryption/decryption tests

- Implements encrypted file system operations file-based operation
* file content is encrypted and MACed before storing
on normal world file system.
* file hole is not implemented because this is
meaningless in the context of secure storage.

Signed-off-by: SY Chiu <sy.chiu@linaro.org>
Signed-off-by: James Kung <james.kung@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: SY Chiu <sy.chiu@linaro.org> (QEMU)
Tested-by: James Kung <james.kung@linaro.org> (QEMU)
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)

show more ...

GP Internal Core API v1.1 : TEE configuration properties

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier

GP Internal Core API v1.1 : TEE configuration properties

Signed-off-by: Cedric Chaumont <cedric.chaumont@st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (STM boards)
Tested-by: Cedric Chaumont <cedric.chaumont@linaro.org> (ARM Juno board)

show more ...

s/CFG_TEE_FW_DEBUG/CFG_TEE_CORE_DEBUG

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Pascal Brand <pascal.brand@st.com>

Convert configuration variables to CFG_* name

- Rename configuration variables that do not follow the CFG_* convention
- Delete useless -D<VAR> compiler flags
- Slightly reformat mk/conf.mk, add com

Convert configuration variables to CFG_* name

- Rename configuration variables that do not follow the CFG_* convention
- Delete useless -D<VAR> compiler flags
- Slightly reformat mk/conf.mk, add comments

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Added Abstract Layer for PRNG

- Extended crypto_ops with a new prng_ops which handles prng operations.
- Replace calls to get_rng_array() with crypto_ops.prng.read(), this
enforces PRNG operations

Added Abstract Layer for PRNG

- Extended crypto_ops with a new prng_ops which handles prng operations.
- Replace calls to get_rng_array() with crypto_ops.prng.read(), this
enforces PRNG operations go through PRNG HAL, instead of invoking
platform-dependent PRNG implementation directly.
- Create a new mpa_set_random_generator() interface for mpa user to register
a callback to generate random number, instead of expecting the user to provide
a get_rng_array(). This enables libmpa uses crypto_ops.prng.read().
- Added a new configuration CFG_WITH_PRNG_SOFTWARE to toggle SW/HW-dependent
PRNG implementation.
- The SW PRNG implementation is supplied by backed cryto library(libtomcrypt).
- Added a new SW PRNG 'Fortuna' to libtomcrypt.
- Added a new SW PRNG 'RC4' to libtomcrypt, when Fortuna is not available due
to AES and SHA256 not available, fallback to RC4.
- Get rid of bad implemented SW PRNG in plat_vexpress(rng_support.c).
- If CFG_WITH_PRNG_SOFTWARE is not enabled, the platform needs to supply
hw_get_random_byte().

Signed-off-by: SY Chiu <sy.chiu@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Tested-by: SY Chiu <sy.chiu@linaro.org> (QEMU)

show more ...

CFG_TEE_CORE_TA_TRACE to disable TA traces

In order to disable TA traces, whatever the compilation options of the
TAs, CFG_TEE_CORE_TA_TRACE can be defined to n

Reviewed-by: Jerome Forissier <jerom

CFG_TEE_CORE_TA_TRACE to disable TA traces

In order to disable TA traces, whatever the compilation options of the
TAs, CFG_TEE_CORE_TA_TRACE can be defined to n

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...