mk - OpenGrok history log for /optee

Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
ae8c8068	01-Dec-2019	Etienne Carriere <etienne.carriere@linaro.org>	drivers/scmi-msg: driver for processing scmi messages This change introduces drivers to allow a platform to create a SCMI service and register handlers for client request (SCMI agent) on system reso drivers/scmi-msg: driver for processing scmi messages This change introduces drivers to allow a platform to create a SCMI service and register handlers for client request (SCMI agent) on system resources. This is the first piece of the drivers: an entry function, the SCMI base protocol support and helpers for create the response message. With this change, scmi_process_message() is the entry function to process an incoming SCMI message. The function expect the message is already copied from shared memory into secure memory. The message structure stores message reference and output buffer reference where response message shall be stored. scmi_process_message() calls the SCMI protocol driver according to the protocol ID in the message. The SCMI protocol driver will call defined platform handlers according to the message content. This change introduces only the SCMI base protocol as defined in SCMI specification v2.0 [1]. Not all the messages defined in the specification are supported. SCMI resource in this implementation are dumped or inspired by the SCP-firmware implementation [2] of the SCMI protocol, server side. Link: [1] http://infocenter.arm.com/help/topic/com.arm.doc.den0056a/DEN0056A_System_Control_and_Management_Interface.pdf Link: [2] https://github.com/ARM-software/SCP-firmware.git Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/.shippable.yml /optee_os/core/arch/arm/crypto/ghash-ce-core_a32.S /optee_os/core/arch/arm/crypto/ghash-ce-core_a64.S /optee_os/core/arch/arm/include/sm/optee_smc.h /optee_os/core/arch/arm/kernel/early_ta.c /optee_os/core/arch/arm/kernel/ree_fs_ta.c /optee_os/core/arch/arm/kernel/thread_a32.S /optee_os/core/arch/arm/kernel/thread_a64.S /optee_os/core/arch/arm/mm/tee_mmu.c /optee_os/core/arch/arm/mm/tee_pager.c /optee_os/core/arch/arm/plat-imx/crypto_conf.mk /optee_os/core/arch/arm/plat-imx/drivers/imx_snvs.c /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_clk.c /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_rcc.c /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_rcc.h /optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c /optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h /optee_os/core/arch/arm/sm/sm_a32.S /optee_os/core/arch/arm/tee/entry_fast.c /optee_os/core/arch/arm/tee/entry_std.c /optee_os/core/crypto/crypto.c /optee_os/core/crypto/signed_hdr.c /optee_os/core/drivers/bnxt/bnxt_fw.c /optee_os/core/drivers/crypto/caam/caam_ctrl.c /optee_os/core/drivers/crypto/caam/cipher/caam_cipher.c /optee_os/core/drivers/crypto/caam/cipher/caam_cipher_xts.c /optee_os/core/drivers/crypto/caam/cipher/local.h /optee_os/core/drivers/crypto/caam/cipher/sub.mk /optee_os/core/drivers/crypto/caam/include/caam_cipher.h /optee_os/core/drivers/crypto/caam/include/caam_trace.h /optee_os/core/drivers/crypto/caam/sub.mk /optee_os/core/drivers/crypto/crypto_api/acipher/rsa.c /optee_os/core/drivers/crypto/crypto_api/cipher/cipher.c /optee_os/core/drivers/crypto/crypto_api/cipher/sub.mk /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt.h /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_cipher.h /optee_os/core/drivers/crypto/crypto_api/sub.mk /optee_os/core/drivers/gic.c /optee_os/core/drivers/scmi-msg/base.c /optee_os/core/drivers/scmi-msg/base.h /optee_os/core/drivers/scmi-msg/common.h /optee_os/core/drivers/scmi-msg/entry.c /optee_os/core/drivers/scmi-msg/sub.mk /optee_os/core/drivers/stm32_etzpc.c /optee_os/core/drivers/stm32_rng.c /optee_os/core/drivers/sub.mk /optee_os/core/include/crypto/crypto_impl.h /optee_os/core/include/drivers/scmi-msg.h /optee_os/core/include/drivers/scmi.h /optee_os/core/include/signed_hdr.h /optee_os/core/include/tee/tee_cryp_utl.h /optee_os/core/lib/libtomcrypt/dsa.c /optee_os/core/lib/libtomcrypt/rsa.c /optee_os/core/pta/gprof.c /optee_os/core/pta/system.c /optee_os/core/tee/tee_cryp_concat_kdf.c /optee_os/core/tee/tee_cryp_hkdf.c /optee_os/core/tee/tee_cryp_pbkdf2.c /optee_os/core/tee/tee_cryp_utl.c /optee_os/core/tee/tee_rpmb_fs.c /optee_os/core/tee/tee_svc.c /optee_os/core/tee/tee_svc_cryp.c /optee_os/lib/libmbedtls/core/rsa.c /optee_os/lib/libutee/include/tee_api_defines_extensions.h /optee_os/lib/libutee/include/utee_defines.h /optee_os/lib/libutee/tee_api_operations.c /optee_os/lib/libutils/ext/include/util.h /optee_os/lib/libutils/isoc/arch/arm/arm32_aeabi_divmod_a32.S /optee_os/lib/libutils/isoc/arch/arm/arm32_aeabi_ldivmod_a32.S config.mk /optee_os/ta/pkcs11/include/pkcs11_ta.h /optee_os/ta/pkcs11/src/entry.c /optee_os/ta/pkcs11/src/handle.c /optee_os/ta/pkcs11/src/handle.h /optee_os/ta/pkcs11/src/persistent_token.c /optee_os/ta/pkcs11/src/pkcs11_helpers.c /optee_os/ta/pkcs11/src/pkcs11_helpers.h /optee_os/ta/pkcs11/src/pkcs11_token.c /optee_os/ta/pkcs11/src/pkcs11_token.h /optee_os/ta/pkcs11/src/serializer.h /optee_os/ta/pkcs11/src/sub.mk /optee_os/ta/pkcs11/src/token_capabilities.c /optee_os/ta/pkcs11/src/token_capabilities.h
4e74e39a	18-Mar-2020	Jerome Forissier <jerome@forissier.org>	mk/lib.mk: cleanup shared library link command The command used to link shared libraries when CFG_ULIBS_SHARED=y is slightly incorrect for two reasons: 1. The -L/-l arguments are passed before the mk/lib.mk: cleanup shared library link command The command used to link shared libraries when CFG_ULIBS_SHARED=y is slightly incorrect for two reasons: 1. The -L/-l arguments are passed before the object files, when they should normally be added after; 2. The shared libraries needed during the link are passed as files in addition to being supplied with -L/-l. This is redundant, and is a consequence of having the shared libraries in the prerequisites and using $^. Therefore, filter out the .so files. Signed-off-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/.shippable.yml /optee_os/core/arch/arm/include/mm/core_mmu.h /optee_os/core/arch/arm/kernel/generic_boot.c /optee_os/core/arch/arm/kernel/generic_entry_a32.S /optee_os/core/arch/arm/kernel/generic_entry_a64.S /optee_os/core/arch/arm/kernel/link.mk /optee_os/core/arch/arm/kernel/link_dummies_init.c /optee_os/core/arch/arm/kernel/link_dummies_paged.c /optee_os/core/arch/arm/kernel/ree_fs_ta.c /optee_os/core/arch/arm/kernel/sub.mk /optee_os/core/arch/arm/kernel/thread_a32.S /optee_os/core/arch/arm/kernel/thread_a64.S /optee_os/core/arch/arm/kernel/thread_optee_smc_a64.S /optee_os/core/arch/arm/kernel/user_ta.c /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/mm/core_mmu_lpae.c /optee_os/core/arch/arm/mm/core_mmu_private.h /optee_os/core/arch/arm/mm/core_mmu_v7.c /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-imx/crypto_conf.mk /optee_os/core/arch/arm/plat-imx/drivers/imx_snvs.c /optee_os/core/arch/arm/plat-imx/drivers/sub.mk /optee_os/core/arch/arm/tee/arch_svc.c /optee_os/core/arch/arm/tee/init.c /optee_os/core/drivers/crypto/caam/acipher/caam_math.c /optee_os/core/drivers/crypto/caam/acipher/caam_prime.c /optee_os/core/drivers/crypto/caam/acipher/caam_rsa.c /optee_os/core/drivers/crypto/caam/acipher/local.h /optee_os/core/drivers/crypto/caam/acipher/sub.mk /optee_os/core/drivers/crypto/caam/caam_ctrl.c /optee_os/core/drivers/crypto/caam/caam_jr.c /optee_os/core/drivers/crypto/caam/caam_rng.c /optee_os/core/drivers/crypto/caam/hal/common/hal_cfg.c /optee_os/core/drivers/crypto/caam/hal/common/hal_ctrl.c /optee_os/core/drivers/crypto/caam/hal/common/hal_jr.c /optee_os/core/drivers/crypto/caam/hal/common/registers/version_regs.h /optee_os/core/drivers/crypto/caam/include/caam_acipher.h /optee_os/core/drivers/crypto/caam/include/caam_desc_ccb_defines.h /optee_os/core/drivers/crypto/caam/include/caam_desc_defines.h /optee_os/core/drivers/crypto/caam/include/caam_hal_ctrl.h /optee_os/core/drivers/crypto/caam/include/caam_jr_status.h /optee_os/core/drivers/crypto/caam/include/caam_trace.h /optee_os/core/drivers/crypto/caam/include/caam_utils_mem.h /optee_os/core/drivers/crypto/caam/sub.mk /optee_os/core/drivers/crypto/caam/utils/utils_mem.c /optee_os/core/drivers/crypto/crypto_api/acipher/local.h /optee_os/core/drivers/crypto/crypto_api/acipher/rsa.c /optee_os/core/drivers/crypto/crypto_api/acipher/rsamgf.c /optee_os/core/drivers/crypto/crypto_api/acipher/rsassa.c /optee_os/core/drivers/crypto/crypto_api/acipher/sub.mk /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt.h /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_acipher.h /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_asn1_oid.h /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_hash.h /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_math.h /optee_os/core/drivers/crypto/crypto_api/math/modulus.c /optee_os/core/drivers/crypto/crypto_api/math/sub.mk /optee_os/core/drivers/crypto/crypto_api/oid/hash_oid.c /optee_os/core/drivers/crypto/crypto_api/oid/sub.mk /optee_os/core/drivers/crypto/crypto_api/sub.mk /optee_os/core/drivers/imx_snvs.c /optee_os/core/include/drivers/imx_snvs.h /optee_os/core/include/tee/tee_fs.h /optee_os/core/tee/tee_rpmb_fs.c /optee_os/ldelf/ta_elf.c /optee_os/ldelf/ta_elf.h /optee_os/ldelf/ta_elf_rel.c /optee_os/lib/libdl/dlfcn.c /optee_os/lib/libutee/arch/arm/sub.mk /optee_os/lib/libutee/arch/arm/user_ta_entry.c /optee_os/lib/libutee/include/arm64_user_sysreg.h /optee_os/lib/libutee/include/user_ta_header.h /optee_os/lib/libutils/ext/include/confine_array_index.h /optee_os/lib/libutils/isoc/include/setjmp.h lib.mk /optee_os/scripts/symbolize.py /optee_os/ta/arch/arm/link.mk /optee_os/ta/arch/arm/ta.ld.S /optee_os/ta/pkcs11/include/pkcs11_ta.h /optee_os/ta/pkcs11/src/entry.c /optee_os/ta/pkcs11/src/persistent_token.c /optee_os/ta/pkcs11/src/pkcs11_helpers.c /optee_os/ta/pkcs11/src/pkcs11_helpers.h /optee_os/ta/pkcs11/src/pkcs11_token.c /optee_os/ta/pkcs11/src/pkcs11_token.h /optee_os/ta/pkcs11/src/serializer.c /optee_os/ta/pkcs11/src/serializer.h /optee_os/ta/pkcs11/src/sub.mk
787d2737	21-Feb-2020	Jerome Forissier <jerome@forissier.org>	clang: use llvm-objdump Clang version 9.0.0 has a llvm-objdump tool that provides equivalent output to the binutils version. Let's use it and remove the hack in mk/clang.mk. With this, it is possib clang: use llvm-objdump Clang version 9.0.0 has a llvm-objdump tool that provides equivalent output to the binutils version. Let's use it and remove the hack in mk/clang.mk. With this, it is possible to build OP-TEE with Clang and without a GCC toolchain. Signed-off-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Joakim Bech <joakim.bech@linaro.org> show more ... clang.mk /optee_os/scripts/get_maintainer.py
f2edd829	18-Feb-2020	Jerome Forissier <jerome@forissier.org>	Revert "ftrace: define CFG_FTRACE_BUF_SIZE in mk/config.mk" This reverts commit 59e8ef0dcb3773964fd133d0a9360989cb86108f. The default value for CFG_FTRACE_BUF_SIZE needs to be in the TA link script Revert "ftrace: define CFG_FTRACE_BUF_SIZE in mk/config.mk" This reverts commit 59e8ef0dcb3773964fd133d0a9360989cb86108f. The default value for CFG_FTRACE_BUF_SIZE needs to be in the TA link script ta.ld.S, because this file is not pre-processed before being added to the TA dev kit. Replacement of CFG_* values only happens when the TA is built, at which point mk/config.mk is irrelevant. It makes sense of course, since it allows to change TA settings and re-build only the TA. Fixes the following TA link error: $ make CFLAGS_ta_arm32=-pg [...] bin/arm-linux-gnueabihf-ld.bfd:out/ta.lds:57: undefined symbol `CFG_FTRACE_BUF_SIZE' referenced in expression Signed-off-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Sumit Garg <sumit.garg@linaro.org> show more ... /optee_os/MAINTAINERS config.mk /optee_os/ta/arch/arm/ta.ld.S
dd333f03	20-Jan-2020	Javier Almansa Sobrino <javier.almansasobrino@arm.com>	core: Add support to access a TPM event log in secure memory. Support for OPTEE to be able to receive a TPM event log through a DTB so it can forward it to a TA (such as a TPM service) in order to e core: Add support to access a TPM event log in secure memory. Support for OPTEE to be able to receive a TPM event log through a DTB so it can forward it to a TA (such as a TPM service) in order to extend the measurements. CFG_CORE_TPM_EVENT_LOG enables this feature. CFG_TPM_LOG_BASE_ADDR hardcodes the phys address of the event log in case CFG_DT is not set. CFG_TPM_MAX_LOG_SIZE harcodes the size of the event log in case CFG_DT is not set. When this feature is enabled, the PTA_SYSTEM_GET_TPM_EVENT_LOG command is available to any TA. Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com> Reviewed-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/kernel/generic_boot.c /optee_os/core/arch/arm/kernel/generic_entry_a32.S /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-imx/drivers/tzc380.c /optee_os/core/arch/arm/plat-imx/imx.h /optee_os/core/arch/arm/plat-imx/main.c /optee_os/core/arch/arm/plat-ls/conf.mk /optee_os/core/arch/arm/plat-ls/crypto_conf.mk /optee_os/core/arch/arm/plat-ls/platform_config.h /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/main.c /optee_os/core/arch/arm/plat-stm32mp1/platform_config.h /optee_os/core/arch/arm/plat-vexpress/conf.mk /optee_os/core/drivers/crypto/caam/caam_desc.c /optee_os/core/drivers/tzc380.c /optee_os/core/include/drivers/tzc380.h /optee_os/core/include/kernel/panic.h /optee_os/core/include/kernel/tpm.h /optee_os/core/kernel/sub.mk /optee_os/core/kernel/tpm.c /optee_os/core/pta/system.c /optee_os/lib/libutee/include/pta_system.h config.mk /optee_os/ta/pkcs11/src/user_ta_header_defines.h /optee_os/ta/ta.mk
7d97159b	12-Feb-2020	Manuel Huber <mahuber@microsoft.com>	core: RPMB FS: Make N_ENTRIES a config variable Allows to configure the number of FAT fs entries to be read from RPMB storage in one chunk. Increasing this number makes functions that traverse the F core: RPMB FS: Make N_ENTRIES a config variable Allows to configure the number of FAT fs entries to be read from RPMB storage in one chunk. Increasing this number makes functions that traverse the FAT fs read in more entries within a single RPMB read operation. While this potentially improves RPMB I/O, it comes at the cost of additional memory required to be allocated on the heap. Determining an optimal size is platform- and use-case-dependent. Signed-off-by: Manuel Huber <mahuber@microsoft.com> Reviewed-by: Jerome Forissier <jerome@forissier.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/kernel/generic_entry_a32.S /optee_os/core/arch/arm/kernel/generic_entry_a64.S /optee_os/core/arch/arm/tee/init.c /optee_os/core/tee/tee_rpmb_fs.c config.mk /optee_os/scripts/symbolize.py
d408db99	12-Feb-2020	Jerome Forissier <jerome@forissier.org>	ftrace: introduce CFG_FTRACE_BUF_WHEN_FULL Function tracing can become extremely slow in case a big buffer size is used (say, CFG_FTRACE_BUF_SIZE=6000000 instead of the default 2048 bytes). This is ftrace: introduce CFG_FTRACE_BUF_WHEN_FULL Function tracing can become extremely slow in case a big buffer size is used (say, CFG_FTRACE_BUF_SIZE=6000000 instead of the default 2048 bytes). This is because of the "shifting" algorithm used when the buffer is full, which copies almost the full buffer before inserting a new line. In order to mitigate this problem, this patch introduces two new methods to handle the buffer full condition: 1. Discard existing data and write new lines to the beginning of the buffer. 2. Stop adding new lines. The method can be selected at build time with CFG_FTRACE_BUF_WHEN_FULL. Supported values are "shift", "wrap" and "stop". Signed-off-by: Jerome Forissier <jerome@forissier.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/lib/libutils/ext/ftrace/ftrace.c config.mk
c20f0d11	12-Feb-2020	Jerome Forissier <jerome@forissier.org>	checkconf.mk: add cfg-check-value Adds a function to check if a configuration variable has a valid value. Signed-off-by: Jerome Forissier <jerome@forissier.org> Acked-by: Jens Wiklander <jens.wikla checkconf.mk: add cfg-check-value Adds a function to check if a configuration variable has a valid value. Signed-off-by: Jerome Forissier <jerome@forissier.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... checkconf.mk
59e8ef0d	11-Feb-2020	Jerome Forissier <jerome@forissier.org>	ftrace: define CFG_FTRACE_BUF_SIZE in mk/config.mk The main configuration file is a better place to define the size of the ftrace buffer than the TA linker script. Signed-off-by: Jerome Forissier < ftrace: define CFG_FTRACE_BUF_SIZE in mk/config.mk The main configuration file is a better place to define the size of the ftrace buffer than the TA linker script. Signed-off-by: Jerome Forissier <jerome@forissier.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/.shippable.yml /optee_os/.travis.yml /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/tee/arch_svc.c /optee_os/core/drivers/tzc380.c /optee_os/core/include/drivers/tzc380.h config.mk /optee_os/ta/arch/arm/ta.ld.S
7fb525f1	23-Jan-2020	Jerome Forissier <jerome@forissier.org>	Remove libmpa in favor of libmbedtls We currently have two "big numbers" library, Mbed TLS and MPA. Both can be used by libutee to implement the TEE Internal Core API Arithmetical functions, and by Remove libmpa in favor of libmbedtls We currently have two "big numbers" library, Mbed TLS and MPA. Both can be used by libutee to implement the TEE Internal Core API Arithmetical functions, and by the TEE core or pseudo-TAs. This situation is reflected by two configuration variables allowing to choose between libmbedtls and libmpa: - CFG_TA_MBEDTLS_MPI (default y) configures libutee, - CFG_CORE_MBEDTLS_MPI (default y) configures the TEE core/PTAs. In addition there is CFG_TA_MBEDTLS (default y, mandatory when CFG_TA_MBEDTLS_MPI is y) to build libmbedtls and install it into the SDK for direct use by TAs (libmbedtls also has function to deal with certificates for instance). MBed TLS has been supported and used by default for just over a year; and we have recently found an issue with the MPA implementation of the integer multiplication with modulus (mpa_mulmod()) [1] [2]. Therefore, now is a good time to remove libmpa and use libmbedtls instead. Link: [1] https://github.com/OP-TEE/optee_os/pull/3541#issuecomment-577592381 Link: [2] https://github.com/OP-TEE/optee_test/pull/389 Signed-off-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/.shippable.yml /optee_os/CHANGELOG.md /optee_os/MAINTAINERS /optee_os/core/arch/arm/include/arm32.h /optee_os/core/arch/arm/include/arm64.h /optee_os/core/arch/arm/include/kernel/generic_boot.h /optee_os/core/arch/arm/include/mm/core_mmu.h /optee_os/core/arch/arm/kernel/generic_boot.c /optee_os/core/arch/arm/kernel/generic_entry_a32.S /optee_os/core/arch/arm/kernel/generic_entry_a64.S /optee_os/core/arch/arm/kernel/pseudo_ta.c /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/mm/mobj.c /optee_os/core/arch/arm/mm/mobj_dyn_shm.c /optee_os/core/arch/arm/mm/tee_mmu.c /optee_os/core/arch/arm/plat-amlogic/conf.mk /optee_os/core/arch/arm/plat-amlogic/link.mk /optee_os/core/arch/arm/plat-amlogic/main.c /optee_os/core/arch/arm/plat-amlogic/platform_config.h /optee_os/core/arch/arm/plat-amlogic/scripts/aml_bin2img.py /optee_os/core/arch/arm/plat-amlogic/sub.mk /optee_os/core/arch/arm/plat-hikey/conf.mk /optee_os/core/arch/arm/plat-imx/crypto_conf.mk /optee_os/core/arch/arm/plat-imx/drivers/imx_csu.c /optee_os/core/arch/arm/plat-imx/registers/imx6.h /optee_os/core/arch/arm/plat-imx/registers/imx7.h /optee_os/core/arch/arm/plat-rcar/conf.mk /optee_os/core/arch/arm/plat-rcar/link.mk /optee_os/core/arch/arm/tee/entry_fast.c /optee_os/core/core.mk /optee_os/core/drivers/amlogic_uart.c /optee_os/core/drivers/crypto/caam/hash/caam_hash.c /optee_os/core/drivers/crypto/caam/include/caam_common.h /optee_os/core/drivers/crypto/caam/include/caam_desc_helper.h /optee_os/core/drivers/crypto/caam/include/caam_trace.h /optee_os/core/drivers/crypto/caam/include/caam_utils_mem.h /optee_os/core/drivers/crypto/caam/include/caam_utils_sgt.h /optee_os/core/drivers/crypto/caam/utils/utils_mem.c /optee_os/core/drivers/crypto/caam/utils/utils_sgt.c /optee_os/core/drivers/sub.mk /optee_os/core/include/drivers/amlogic_uart.h /optee_os/core/lib/libfdt/README.license /optee_os/core/lib/libfdt/fdt.c /optee_os/core/lib/libfdt/fdt_addresses.c /optee_os/core/lib/libfdt/fdt_empty_tree.c /optee_os/core/lib/libfdt/fdt_overlay.c /optee_os/core/lib/libfdt/fdt_ro.c /optee_os/core/lib/libfdt/fdt_rw.c /optee_os/core/lib/libfdt/fdt_strerror.c /optee_os/core/lib/libfdt/fdt_sw.c /optee_os/core/lib/libfdt/fdt_wip.c /optee_os/core/lib/libfdt/include/fdt.h /optee_os/core/lib/libfdt/include/libfdt.h /optee_os/core/lib/libfdt/include/libfdt_env.h /optee_os/core/lib/libfdt/libfdt_internal.h /optee_os/core/lib/libtomcrypt/mpi_desc.c /optee_os/core/lib/libtomcrypt/sm2-pke.c /optee_os/core/lib/libtomcrypt/sub.mk /optee_os/core/tee/tee_svc_cryp.c /optee_os/lib/libmbedtls/core/dh.c /optee_os/lib/libmbedtls/include/mbedtls_config_kernel.h /optee_os/lib/libutee/include/tee_api.h /optee_os/lib/libutee/include/tee_api_defines.h /optee_os/lib/libutee/include/tee_arith_internal.h /optee_os/lib/libutee/include/utee_defines.h /optee_os/lib/libutee/sub.mk /optee_os/lib/libutee/tee_api_operations.c /optee_os/lib/libutils/ext/include/config.h config.mk /optee_os/scripts/gen_tee_bin.py /optee_os/scripts/symbolize.py /optee_os/ta/mk/build-user-ta.mk /optee_os/ta/mk/ta_dev_kit.mk /optee_os/ta/pkcs11/Android.mk /optee_os/ta/pkcs11/Makefile /optee_os/ta/pkcs11/include/pkcs11_ta.h /optee_os/ta/pkcs11/src/entry.c /optee_os/ta/pkcs11/src/pkcs11_helpers.c /optee_os/ta/pkcs11/src/pkcs11_helpers.h /optee_os/ta/pkcs11/src/sub.mk /optee_os/ta/pkcs11/src/user_ta_header_defines.h /optee_os/ta/pkcs11/sub.mk /optee_os/ta/pkcs11/user_ta.mk /optee_os/ta/ta.mk
490b9f94	17-Jan-2020	Jerome Forissier <jerome@forissier.org>	Update revision for release tag 3.8.0-rc1 Signed-off-by: Jerome Forissier <jerome@forissier.org> /optee_os/.github/workflows/stale_issue.yml /optee_os/.github/workflows/stale_pr.yml /optee_os/.shippable.yml /optee_os/MAINTAINERS /optee_os/core/arch/arm/arm.mk /optee_os/core/arch/arm/include/mm/core_mmu.h /optee_os/core/arch/arm/include/mm/mobj.h /optee_os/core/arch/arm/kernel/generic_entry_a32.S /optee_os/core/arch/arm/kernel/generic_entry_a64.S /optee_os/core/arch/arm/kernel/pseudo_ta.c /optee_os/core/arch/arm/kernel/ree_fs_ta.c /optee_os/core/arch/arm/kernel/thread_a64.S /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/mm/core_mmu_lpae.c /optee_os/core/arch/arm/mm/core_mmu_private.h /optee_os/core/arch/arm/mm/mobj_dyn_shm.c /optee_os/core/arch/arm/plat-rcar/conf.mk /optee_os/core/arch/arm/plat-vexpress/conf.mk /optee_os/core/crypto.mk /optee_os/core/crypto/crypto.c /optee_os/core/crypto/sm3-hmac.c /optee_os/core/include/crypto/crypto.h /optee_os/core/include/kernel/interrupt.h /optee_os/core/kernel/interrupt.c /optee_os/core/lib/libtomcrypt/acipher_helpers.h /optee_os/core/lib/libtomcrypt/dh.c /optee_os/core/lib/libtomcrypt/dsa.c /optee_os/core/lib/libtomcrypt/ecc.c /optee_os/core/lib/libtomcrypt/mpa_desc.c /optee_os/core/lib/libtomcrypt/mpi_desc.c /optee_os/core/lib/libtomcrypt/rsa.c /optee_os/core/lib/libtomcrypt/sm2-dsa.c /optee_os/core/lib/libtomcrypt/sm2-kep.c /optee_os/core/lib/libtomcrypt/sm2-pke.c /optee_os/core/lib/libtomcrypt/sm2_kdf.c /optee_os/core/lib/libtomcrypt/src/pk/ecc/ecc.c /optee_os/core/lib/libtomcrypt/src/pk/ecc/ecc_find_curve.c /optee_os/core/lib/libtomcrypt/src/pk/ecc/sub.mk /optee_os/core/lib/libtomcrypt/sub.mk /optee_os/core/tee/tee_svc_cryp.c /optee_os/lib/libutee/include/tee_api_defines.h /optee_os/lib/libutee/include/utee_defines.h /optee_os/lib/libutee/tee_api_operations.c /optee_os/lib/libutils/isoc/include/stdint.h config.mk /optee_os/scripts/symbolize.py /optee_os/ta/arch/arm/link.mk /optee_os/ta/avb/user_ta.mk /optee_os/ta/mk/ta_dev_kit.mk
989ac108	18-Dec-2019	Jerome Forissier <jerome@forissier.org>	mk/compile.mk: add cc-option macro Adds a macro to test the availability of a compiler option. For example: $(call cc-option,-opt1,-opt2) ...will evaluate to '-opt1' if the C compiler supports op mk/compile.mk: add cc-option macro Adds a macro to test the availability of a compiler option. For example: $(call cc-option,-opt1,-opt2) ...will evaluate to '-opt1' if the C compiler supports option -opt1, or '-opt2' otherwise. The second argument (-opt2) is optional. Signed-off-by: Jerome Forissier <jerome@forissier.org> Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/plat-ti/sm_platform_handler_a15.c /optee_os/core/arch/arm/plat-ti/sm_platform_handler_a9.c /optee_os/core/crypto.mk /optee_os/core/crypto/crypto.c /optee_os/core/crypto/sm3-hash.c /optee_os/core/crypto/sm3-hmac.c /optee_os/core/crypto/sm3.c /optee_os/core/crypto/sm3.h /optee_os/core/crypto/sm4-cbc.c /optee_os/core/crypto/sm4-ctr.c /optee_os/core/crypto/sm4-ecb.c /optee_os/core/crypto/sm4.c /optee_os/core/crypto/sm4.h /optee_os/core/crypto/sub.mk /optee_os/core/include/crypto/crypto_impl.h /optee_os/core/tee/tee_cryp_utl.c /optee_os/core/tee/tee_svc_cryp.c /optee_os/lib/libutee/include/tee_api_defines.h /optee_os/lib/libutee/include/utee_defines.h /optee_os/lib/libutee/tee_api_operations.c compile.mk /optee_os/scripts/tee_bin_parser.py
87372da4	22-Nov-2019	Jens Wiklander <jens.wiklander@linaro.org>	Enable ASLR by default With this patch both CFG_TA_ASLR and CFG_CORE_ASLR are set to 'y' by default. Removes CFG_TA_ASLR?=y for plat-hikey and plat-vexpress (qemu_virt). If the current platform do Enable ASLR by default With this patch both CFG_TA_ASLR and CFG_CORE_ASLR are set to 'y' by default. Removes CFG_TA_ASLR?=y for plat-hikey and plat-vexpress (qemu_virt). If the current platform doesn't use CFG_DT=y and hasn't overridden get_aslr_seed() a warning message will be printed on the secure uart and execution will resume with the default load address. Reviewed-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/kernel/link.mk /optee_os/core/arch/arm/plat-hikey/conf.mk /optee_os/core/arch/arm/plat-vexpress/conf.mk config.mk
e996d189	22-Nov-2019	Jens Wiklander <jens.wiklander@linaro.org>	core: support ASLR and paging Adds support for CFG_WITH_PAGER=y and CFG_CORE_ASLR=y. Acked-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> /optee_os/.shippable.yml /optee_os/core/arch/arm/include/kernel/thread.h /optee_os/core/arch/arm/include/kernel/user_ta.h /optee_os/core/arch/arm/include/mm/core_mmu.h /optee_os/core/arch/arm/include/mm/tee_pager.h /optee_os/core/arch/arm/include/tee/arch_svc.h /optee_os/core/arch/arm/kernel/abort.c /optee_os/core/arch/arm/kernel/asm-defines.c /optee_os/core/arch/arm/kernel/generic_boot.c /optee_os/core/arch/arm/kernel/generic_entry_a32.S /optee_os/core/arch/arm/kernel/generic_entry_a64.S /optee_os/core/arch/arm/kernel/kern.ld.S /optee_os/core/arch/arm/kernel/link.mk /optee_os/core/arch/arm/kernel/link_dummies.c /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/kernel/thread_a32.S /optee_os/core/arch/arm/kernel/thread_a64.S /optee_os/core/arch/arm/kernel/thread_private.h /optee_os/core/arch/arm/kernel/unwind_arm32.c /optee_os/core/arch/arm/kernel/unwind_arm64.c /optee_os/core/arch/arm/kernel/user_ta.c /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/mm/core_mmu_lpae.c /optee_os/core/arch/arm/mm/core_mmu_private.h /optee_os/core/arch/arm/mm/core_mmu_v7.c /optee_os/core/arch/arm/mm/mobj.c /optee_os/core/arch/arm/mm/tee_mmu.c /optee_os/core/arch/arm/mm/tee_pager.c /optee_os/core/arch/arm/plat-bcm/conf.mk /optee_os/core/arch/arm/plat-bcm/main.c /optee_os/core/arch/arm/plat-bcm/platform_config.h /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-ti/a9_plat_init.S /optee_os/core/arch/arm/tee/arch_svc.c /optee_os/core/arch/arm/tee/svc_cache.c /optee_os/core/crypto/signed_hdr.c /optee_os/core/drivers/bcm_gpio.c /optee_os/core/include/drivers/bcm_gpio.h /optee_os/core/include/kernel/tee_ta_manager.h /optee_os/core/include/kernel/user_mode_ctx.h /optee_os/core/include/kernel/user_mode_ctx_struct.h /optee_os/core/include/mm/fobj.h /optee_os/core/include/mm/tee_mmu.h /optee_os/core/include/signed_hdr.h /optee_os/core/kernel/sub.mk /optee_os/core/kernel/tee_ta_manager.c /optee_os/core/kernel/user_mode_ctx.c /optee_os/core/mm/fobj.c /optee_os/core/pta/bcm/elog.c /optee_os/core/pta/bcm/gpio.c /optee_os/core/pta/bcm/sub.mk /optee_os/core/pta/system.c /optee_os/core/tee/tadb.c /optee_os/core/tee/tee_svc.c /optee_os/core/tee/tee_svc_cryp.c /optee_os/core/tee/tee_svc_storage.c config.mk /optee_os/scripts/gen_tee_bin.py /optee_os/scripts/mem_usage.py /optee_os/scripts/sign_encrypt.py /optee_os/scripts/symbolize.py
33017d85	22-Nov-2019	Jerome Forissier <jerome@forissier.org>	Remove script/llvm-objcopy-wrapper The llvm-objcopy-wrapper script was introduced in commit 98d863a5c0b2 ("Experimental Clang support") because llvm-objcopy would not support some options needed to Remove script/llvm-objcopy-wrapper The llvm-objcopy-wrapper script was introduced in commit 98d863a5c0b2 ("Experimental Clang support") because llvm-objcopy would not support some options needed to produce the final TEE binaries from tee.elf or cause errors when building them. However, since commit 1a9edabc0ed4 ("core: link.mk: use gen_tee_bin.py"), objcopy is not used for this purpose anymore. Thus we can safely use llvm-objcopy. Signed-off-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... clang.mk /optee_os/ta/ta.mk
2de17fda	23-Oct-2019	Sumit Garg <sumit.garg@linaro.org>	TA dev kit: add support for TA encryption Add CFG_ENCRYPT_TA as TA build time configuration option to enable encryption of TA using encryption key provided via TA_ENC_KEY build time option. The defa TA dev kit: add support for TA encryption Add CFG_ENCRYPT_TA as TA build time configuration option to enable encryption of TA using encryption key provided via TA_ENC_KEY build time option. The default value of TA_ENC_KEY is derived from 16 zero bytes default hardware unique key. Also rename scripts/sign.py to scripts/sign_encrypt.py to reflect optional encryption support along with signing of TAs. Signed-off-by: Sumit Garg <sumit.garg@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/.shippable.yml /optee_os/core/arch/arm/include/kernel/generic_boot.h /optee_os/core/arch/arm/include/kernel/linker.h /optee_os/core/arch/arm/include/kernel/user_ta.h /optee_os/core/arch/arm/kernel/asm-defines.c /optee_os/core/arch/arm/kernel/generic_boot.c /optee_os/core/arch/arm/kernel/generic_entry_a32.S /optee_os/core/arch/arm/kernel/generic_entry_a64.S /optee_os/core/arch/arm/kernel/kern.ld.S /optee_os/core/arch/arm/kernel/link.mk /optee_os/core/arch/arm/kernel/otp_stubs.c /optee_os/core/arch/arm/kernel/ree_fs_ta.c /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/kernel/trace_ext.c /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/plat-bcm/bcm_elog.c /optee_os/core/arch/arm/plat-bcm/bcm_elog.h /optee_os/core/arch/arm/plat-bcm/conf.mk /optee_os/core/arch/arm/plat-bcm/main.c /optee_os/core/arch/arm/plat-bcm/platform_config.h /optee_os/core/arch/arm/plat-bcm/sub.mk /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-imx/drivers/tzc380.c /optee_os/core/arch/arm/plat-imx/imx-common.c /optee_os/core/arch/arm/plat-imx/imx-regs.h /optee_os/core/arch/arm/plat-imx/main.c /optee_os/core/arch/arm/plat-imx/pm/cpuidle-imx7d.c /optee_os/core/arch/arm/plat-imx/pm/imx7_suspend.c /optee_os/core/arch/arm/plat-imx/registers/imx6-crm.h /optee_os/core/arch/arm/plat-imx/registers/imx6.h /optee_os/core/arch/arm/plat-imx/registers/imx7-crm.h /optee_os/core/arch/arm/plat-imx/registers/imx7.h /optee_os/core/arch/arm/plat-imx/registers/imx7ulp-crm.h /optee_os/core/arch/arm/plat-imx/registers/imx8m.h /optee_os/core/arch/arm/plat-ls/main.c /optee_os/core/arch/arm/plat-sam/main.c /optee_os/core/arch/arm/plat-stm/main.c /optee_os/core/arch/arm/plat-stm/tz_a9init.S /optee_os/core/arch/arm/plat-sunxi/main.c /optee_os/core/arch/arm/plat-zynq7k/main.c /optee_os/core/drivers/bcm_sotp.c /optee_os/core/drivers/bnxt/bnxt.c /optee_os/core/drivers/bnxt/bnxt_fw.c /optee_os/core/drivers/bnxt/bnxt_images.c /optee_os/core/drivers/crypto/caam/hal/sub.mk /optee_os/core/include/drivers/bcm/bnxt.h /optee_os/core/include/kernel/huk_subkey.h /optee_os/core/include/kernel/tee_common_otp.h /optee_os/core/include/signed_hdr.h /optee_os/core/include/tee/tee_ta_enc_manager.h /optee_os/core/pta/bcm/bnxt.c /optee_os/core/pta/bcm/hwrng.c /optee_os/core/pta/bcm/sotp.c /optee_os/core/pta/bcm/sub.mk /optee_os/core/pta/bcm/wdt.c /optee_os/core/tee/sub.mk /optee_os/core/tee/tee_ta_enc_manager.c /optee_os/lib/libmbedtls/include/mbedtls_config_uta.h /optee_os/lib/libutils/ext/include/trace.h /optee_os/lib/libutils/isoc/include/stdint.h lib.mk /optee_os/scripts/gen_ldelf_hex.py /optee_os/scripts/gen_tee_bin.py /optee_os/scripts/sign_encrypt.py /optee_os/scripts/symbolize.py /optee_os/ta/arch/arm/link.mk /optee_os/ta/arch/arm/link_shlib.mk /optee_os/ta/ta.mk
170e9084	15-Oct-2019	Jens Wiklander <jens.wiklander@linaro.org>	core: add support for CFG_CORE_ASLR Adds support for CFG_CORE_ASLR to load TEE Core at a random address. ASLR makes the exploitation of memory corruption vulnerabilities more difficult. Paging is c core: add support for CFG_CORE_ASLR Adds support for CFG_CORE_ASLR to load TEE Core at a random address. ASLR makes the exploitation of memory corruption vulnerabilities more difficult. Paging is currently not supported with CFG_CORE_ASLR=y. Acked-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/arm.mk /optee_os/core/arch/arm/include/kernel/generic_boot.h /optee_os/core/arch/arm/include/kernel/linker.h /optee_os/core/arch/arm/include/mm/core_mmu.h /optee_os/core/arch/arm/include/mm/mobj.h /optee_os/core/arch/arm/kernel/asm-defines.c /optee_os/core/arch/arm/kernel/generic_boot.c /optee_os/core/arch/arm/kernel/generic_entry_a32.S /optee_os/core/arch/arm/kernel/generic_entry_a64.S /optee_os/core/arch/arm/kernel/kern.ld.S /optee_os/core/arch/arm/kernel/link.mk /optee_os/core/arch/arm/kernel/link_dummy.ld /optee_os/core/arch/arm/kernel/misc_a32.S /optee_os/core/arch/arm/kernel/misc_a64.S /optee_os/core/arch/arm/kernel/sub.mk /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/kernel/thread_optee_smc.c /optee_os/core/arch/arm/kernel/thread_optee_smc_a32.S /optee_os/core/arch/arm/kernel/thread_optee_smc_a64.S /optee_os/core/arch/arm/kernel/unwind_arm32.c /optee_os/core/arch/arm/kernel/unwind_arm64.c /optee_os/core/arch/arm/kernel/user_ta.c /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/mm/core_mmu_lpae.c /optee_os/core/arch/arm/mm/core_mmu_v7.c /optee_os/core/arch/arm/mm/mobj.c /optee_os/core/arch/arm/mm/mobj_dyn_shm.c /optee_os/core/arch/arm/mm/tee_mmu.c /optee_os/core/arch/arm/tee/entry_std.c /optee_os/core/include/mm/tee_mmu_types.h /optee_os/core/kernel/msg_param.c /optee_os/core/pta/system.c /optee_os/core/tee/tee_svc.c /optee_os/ldelf/include/elf_common.h /optee_os/lib/libutils/ext/include/asm.S /optee_os/lib/libutils/ext/include/compiler.h config.mk
8800b01d	08-Nov-2019	Jerome Forissier <jerome@forissier.org>	gprof: fix TEE core crash by allocating sample buffer dynamically The gprof sample buffer is in user space memory but is also accessed by the TEE core. Currently, space is reserved by the TA linker gprof: fix TEE core crash by allocating sample buffer dynamically The gprof sample buffer is in user space memory but is also accessed by the TEE core. Currently, space is reserved by the TA linker script. The address and size of the buffer is passed to the TEE core via a call to the gprof PTA. After this call, the TEE core accesses the buffer periodically, such as when the TA is interrupted by a timer interrupt. Commit ef305e54eac8 ("libutee: allocate temp secmem for invoke") modified the way that private TA memory is mapped in TA to TA invocations, so that memory is mapped only for the duration of the call. After this point, the memory is unmapped so the gprof sample buffer becomes inaccessible, resulting in a crash: E/TC:0 0 Core data-abort at address 0x121356 (translation fault) E/TC:0 0 fsr 0x00000007 ttbr0 0x0e19206a ttbr1 0x0e18806a cidr 0x2 E/TC:0 0 cpu #0 cpsr 0x800001f2 E/TC:0 0 r0 0x00000000 r4 0x00000000 r8 0x00000000 r12 0x0017bb4b E/TC:0 0 r1 0x000021ab r5 0x00000000 r9 0x00000000 sp 0x0e1928f0 E/TC:0 0 r2 0x0011d000 r6 0x00000000 r10 0x00000000 lr 0x0e112763 E/TC:0 0 r3 0x00121356 r7 0x0e1928f0 r11 0x00000000 pc 0x0e12958e E/TC:0 0 Core data-abort at address 0x121356 .debug_info+1184598 (translation fault) E/TC:0 0 Call stack: E/TC:0 0 0x0e12958e tee_ta_gprof_sample_pc at optee_os/core/kernel/tee_ta_manager.c:897 The solution is to allocate and map the sample buffer explicitly in user space when profiling is initialized, and at the same time get rid of the reserved area in the TA linker script. The TEE core also needs to check that the sample buffer is valid before writing to it, otherwise a malicious TA could crash the core by unmapping that memory. Signed-off-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Acked-by: Sumit Garg <sumit.garg@linaro.org> show more ... /optee_os/core/arch/arm/arm.mk /optee_os/core/arch/arm/include/sm/optee_smc.h /optee_os/core/arch/arm/kernel/early_ta.c /optee_os/core/arch/arm/kernel/ree_fs_ta.c /optee_os/core/arch/arm/kernel/thread_a32.S /optee_os/core/arch/arm/plat-bcm/conf.mk /optee_os/core/arch/arm/plat-bcm/crc32.c /optee_os/core/arch/arm/plat-bcm/crc32.h /optee_os/core/arch/arm/plat-bcm/main.c /optee_os/core/arch/arm/plat-bcm/platform_config.h /optee_os/core/arch/arm/plat-bcm/sub.mk /optee_os/core/arch/arm/plat-hikey/main.c /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-imx/registers/imx6.h /optee_os/core/arch/arm/plat-rockchip/common.h /optee_os/core/arch/arm/plat-rockchip/conf.mk /optee_os/core/arch/arm/plat-rockchip/cru.h /optee_os/core/arch/arm/plat-rockchip/grf.h /optee_os/core/arch/arm/plat-rockchip/main.c /optee_os/core/arch/arm/plat-rockchip/plat_init.S /optee_os/core/arch/arm/plat-rockchip/platform.c /optee_os/core/arch/arm/plat-rockchip/platform.h /optee_os/core/arch/arm/plat-rockchip/platform_config.h /optee_os/core/arch/arm/plat-rockchip/platform_px30.c /optee_os/core/arch/arm/plat-rockchip/platform_rk322x.c /optee_os/core/arch/arm/plat-rockchip/platform_rk3399.c /optee_os/core/arch/arm/plat-rockchip/psci_rk322x.c /optee_os/core/arch/arm/plat-rockchip/sub.mk /optee_os/core/core.mk /optee_os/core/crypto/aes-cts.c /optee_os/core/crypto/cbc-mac.c /optee_os/core/crypto/crypto.c /optee_os/core/crypto/rng_fortuna.c /optee_os/core/drivers/bnxt/bnxt.c /optee_os/core/drivers/bnxt/bnxt_fw.c /optee_os/core/drivers/bnxt/bnxt_images.c /optee_os/core/drivers/bnxt/sub.mk /optee_os/core/drivers/sub.mk /optee_os/core/include/crypto/crypto.h /optee_os/core/include/drivers/bcm/bnxt.h /optee_os/core/include/drivers/gic.h /optee_os/core/include/tee/tee_cryp_utl.h /optee_os/core/kernel/huk_subkey.c /optee_os/core/kernel/tee_ta_manager.c /optee_os/core/pta/bcm/bnxt.c /optee_os/core/pta/bcm/sub.mk /optee_os/core/pta/secstor_ta_mgmt.c /optee_os/core/pta/sub.mk /optee_os/core/pta/tests/invoke.c /optee_os/core/tee/fs_htree.c /optee_os/core/tee/tadb.c /optee_os/core/tee/tee_cryp_concat_kdf.c /optee_os/core/tee/tee_cryp_hkdf.c /optee_os/core/tee/tee_cryp_pbkdf2.c /optee_os/core/tee/tee_cryp_utl.c /optee_os/core/tee/tee_fs_key_manager.c /optee_os/core/tee/tee_rpmb_fs.c /optee_os/core/tee/tee_svc_cryp.c /optee_os/ldelf/link.mk /optee_os/lib/libutee/arch/arm/gprof/gprof.c config.mk /optee_os/ta/arch/arm/ta.ld.S
27fd7c71	23-Oct-2019	Jerome Forissier <jerome@forissier.org>	mk: gensrc: add generated file to $(cleanfiles) automatically The gensrc mechanism should not require the user to update the cleanfiles variable since it can do it by itself. This commit updates the mk: gensrc: add generated file to $(cleanfiles) automatically The gensrc mechanism should not require the user to update the cleanfiles variable since it can do it by itself. This commit updates the implementation and simplifies the call sites. Signed-off-by: Jerome Forissier <jerome@forissier.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/.shippable.yml /optee_os/MAINTAINERS /optee_os/core/sub.mk subdir.mk
099918f6	05-Sep-2019	Sumit Garg <sumit.garg@linaro.org>	ftrace: Add support for syscall function tracer This patch adds support for syscall tracing in TEE core. It complements existing ftrace support for user TAs via adding trace for syscalls that are in ftrace: Add support for syscall function tracer This patch adds support for syscall tracing in TEE core. It complements existing ftrace support for user TAs via adding trace for syscalls that are invoked by user TAs into the TEE core. And after this patch ftrace will cover both TA and TEE core code. So lets rename config option from CFG_TA_FTRACE_SUPPORT to CFG_FTRACE_SUPPORT. It is optional to enable syscall trace via CFG_SYSCALL_FTRACE=y config option in addition to CFG_FTRACE_SUPPORT=y config option. Signed-off-by: Sumit Garg <sumit.garg@linaro.org> Reviewed-by: Jerome Forissier <jerome@forissier.org> show more ... /optee_os/core/arch/arm/arm.mk /optee_os/core/arch/arm/include/kernel/misc.h /optee_os/core/arch/arm/include/kernel/user_ta.h /optee_os/core/arch/arm/include/mm/core_mmu.h /optee_os/core/arch/arm/include/sm/sm.h /optee_os/core/arch/arm/kernel/abort.c /optee_os/core/arch/arm/kernel/sub.mk /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/kernel/unwind_arm64.c /optee_os/core/arch/arm/kernel/user_ta.c /optee_os/core/arch/arm/mm/sub.mk /optee_os/core/arch/arm/sm/sm_a32.S /optee_os/core/arch/arm/tee/arch_svc.c /optee_os/core/core.mk /optee_os/core/include/kernel/tee_ta_manager.h /optee_os/core/kernel/tee_ta_manager.c /optee_os/ldelf/ftrace.c /optee_os/ldelf/ftrace.h /optee_os/ldelf/main.c /optee_os/ldelf/sub.mk /optee_os/lib/libutee/arch/arm/sub.mk /optee_os/lib/libutee/include/user_ta_header.h /optee_os/lib/libutils/ext/arch/arm/mcount_a32.S /optee_os/lib/libutils/ext/arch/arm/mcount_a64.S /optee_os/lib/libutils/ext/arch/arm/sub.mk /optee_os/lib/libutils/ext/ftrace/ftrace.c /optee_os/lib/libutils/ext/ftrace/ftrace.h /optee_os/lib/libutils/ext/ftrace/sub.mk /optee_os/lib/libutils/ext/sub.mk /optee_os/lib/libutils/isoc/arch/arm/setjmp_a32.S /optee_os/lib/libutils/isoc/arch/arm/setjmp_a64.S /optee_os/lib/libutils/isoc/include/setjmp.h config.mk /optee_os/scripts/arm32_sysreg.py /optee_os/scripts/symbolize.py /optee_os/ta/arch/arm/link.mk /optee_os/ta/arch/arm/user_ta_header.c /optee_os/ta/ta.mk
8be2de1a	23-Sep-2019	Imre Kis <imre.kis@arm.com>	core: Add support for multi-threaded MPIDR values If the MT bit is set the affinities are shifted in the MPIDR register so the get_core_pos_mpidr function needs to be modified accordingly. This is n core: Add support for multi-threaded MPIDR values If the MT bit is set the affinities are shifted in the MPIDR register so the get_core_pos_mpidr function needs to be modified accordingly. This is necessary to make OP-TEE to be able to run on multi-threaded systems. The number of threads/core can be modified by the CFG_CORE_THREAD_SHIFT makefile parameter. The default value is the existing single threaded mode. Signed-off-by: Imre Kis <imre.kis@arm.com> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/include/arm.h /optee_os/core/arch/arm/kernel/misc_a32.S /optee_os/core/arch/arm/kernel/misc_a64.S config.mk
a2fa5018	03-Oct-2019	Joakim Bech <joakim.bech@linaro.org>	Update CHANGELOG for 3.7.0 Update CHANGELOG for 3.7.0 Signed-off-by: Joakim Bech <joakim.bech@linaro.org> Tested-by: Akshay Bhat <akshay.bhat@timesys.com> (Atmel SAM) Tested-by: Andrew F. Davis <af Update CHANGELOG for 3.7.0 Update CHANGELOG for 3.7.0 Signed-off-by: Joakim Bech <joakim.bech@linaro.org> Tested-by: Akshay Bhat <akshay.bhat@timesys.com> (Atmel SAM) Tested-by: Andrew F. Davis <afd@ti.com> (plat-k3, plat-ti) Tested-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> WaRP7 Tested-by: Clement Faure <clement.faure@nxp.com> (mx6sllevk) Tested-by: Clement Faure <clement.faure@nxp.com> (mx6sxsabresd) Tested-by: Clement Faure <clement.faure@nxp.com> (mx6ulevk, mx6ullevk) Tested-by: Clement Faure <clement.faure@nxp.com> (mx7dsabresd) Tested-by: Clement Faure <clement.faure@nxp.com> (mx8mm, mx8mn, mx8mq) Tested-by: Etienne Carriere <etienne.carriere@linaro.org> (stm32mp1) Tested-by: Igor Opaniuk <igor.opaniuk@gmail.com> (Poplar) Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (Juno) Tested-by: Jerome Forissier <jerome@forissier.org> (HiKey960, GP) Tested-by: Jerome Forissier <jerome@forissier.org> (HiKey, GP) Tested-by: Jerome Forissier <jerome@forissier.org> (QEMUv8) Tested-by: Joakim Bech <joakim.bech@linaro.org> (FVP) Tested-by: Joakim Bech <joakim.bech@linaro.org> (Rpi3b) Tested-by: Joakim Bech <joakim.bech@linaro.org> (Rpi3b with NFS) Tested-by: Michael Grand <michael.grand.mg@gmail.com> ZynqMP (zcu102, ultra96v1) Tested-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> (imx-imx8mqevk) Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (LS1046A-RDB) Tested-by: Sumit Garg <sumit.garg@linaro.org> (Developerbox) Tested-by: Victor Chong <victor.chong@linaro.org> (Hikey620 AOSP) show more ... /optee_os/CHANGELOG.md /optee_os/MAINTAINERS /optee_os/core/arch/arm/kernel/early_ta.c /optee_os/core/arch/arm/plat-hikey/conf.mk /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-imx/crypto_conf.mk /optee_os/core/arch/arm/plat-imx/imx.h /optee_os/core/arch/arm/plat-imx/platform_config.h /optee_os/core/arch/arm/plat-imx/registers/imx7ulp-crm.h /optee_os/core/arch/arm/plat-imx/registers/imx7ulp.h /optee_os/core/drivers/crypto/caam/caam_ctrl.c /optee_os/core/drivers/crypto/caam/caam_desc.c /optee_os/core/drivers/crypto/caam/caam_jr.c /optee_os/core/drivers/crypto/caam/caam_pwr.c /optee_os/core/drivers/crypto/caam/caam_rng.c /optee_os/core/drivers/crypto/caam/hal/common/hal_cfg.c /optee_os/core/drivers/crypto/caam/hal/common/hal_cfg_dt.c /optee_os/core/drivers/crypto/caam/hal/common/hal_ctrl.c /optee_os/core/drivers/crypto/caam/hal/common/hal_jr.c /optee_os/core/drivers/crypto/caam/hal/common/hal_rng.c /optee_os/core/drivers/crypto/caam/hal/common/registers/ccb_regs.h /optee_os/core/drivers/crypto/caam/hal/common/registers/jr_regs.h /optee_os/core/drivers/crypto/caam/hal/common/registers/rng_regs.h /optee_os/core/drivers/crypto/caam/hal/common/registers/version_regs.h /optee_os/core/drivers/crypto/caam/hal/common/sub.mk /optee_os/core/drivers/crypto/caam/hal/imx_6_7/hal_clk_mx6.c /optee_os/core/drivers/crypto/caam/hal/imx_6_7/hal_clk_mx7.c /optee_os/core/drivers/crypto/caam/hal/imx_6_7/hal_clk_mx7ulp.c /optee_os/core/drivers/crypto/caam/hal/imx_6_7/hal_ctrl.c /optee_os/core/drivers/crypto/caam/hal/imx_6_7/hal_jr.c /optee_os/core/drivers/crypto/caam/hal/imx_6_7/registers/ctrl_regs.h /optee_os/core/drivers/crypto/caam/hal/imx_6_7/sub.mk /optee_os/core/drivers/crypto/caam/hal/imx_8m/hal_clk.c /optee_os/core/drivers/crypto/caam/hal/imx_8m/hal_ctrl.c /optee_os/core/drivers/crypto/caam/hal/imx_8m/hal_jr.c /optee_os/core/drivers/crypto/caam/hal/imx_8m/registers/ctrl_regs.h /optee_os/core/drivers/crypto/caam/hal/imx_8m/sub.mk /optee_os/core/drivers/crypto/caam/hal/ls/hal_clk.c /optee_os/core/drivers/crypto/caam/hal/ls/hal_ctrl.c /optee_os/core/drivers/crypto/caam/hal/ls/hal_jr.c /optee_os/core/drivers/crypto/caam/hal/ls/registers/ctrl_regs.h /optee_os/core/drivers/crypto/caam/hal/ls/sub.mk /optee_os/core/drivers/crypto/caam/hal/sub.mk /optee_os/core/drivers/crypto/caam/hash/caam_hash.c /optee_os/core/drivers/crypto/caam/hash/sub.mk /optee_os/core/drivers/crypto/caam/include/caam_common.h /optee_os/core/drivers/crypto/caam/include/caam_desc_defines.h /optee_os/core/drivers/crypto/caam/include/caam_desc_helper.h /optee_os/core/drivers/crypto/caam/include/caam_hal_cfg.h /optee_os/core/drivers/crypto/caam/include/caam_hal_clk.h /optee_os/core/drivers/crypto/caam/include/caam_hal_ctrl.h /optee_os/core/drivers/crypto/caam/include/caam_hal_jr.h /optee_os/core/drivers/crypto/caam/include/caam_hal_rng.h /optee_os/core/drivers/crypto/caam/include/caam_hash.h /optee_os/core/drivers/crypto/caam/include/caam_io.h /optee_os/core/drivers/crypto/caam/include/caam_jr.h /optee_os/core/drivers/crypto/caam/include/caam_jr_status.h /optee_os/core/drivers/crypto/caam/include/caam_pwr.h /optee_os/core/drivers/crypto/caam/include/caam_rng.h /optee_os/core/drivers/crypto/caam/include/caam_status.h /optee_os/core/drivers/crypto/caam/include/caam_trace.h /optee_os/core/drivers/crypto/caam/include/caam_utils_delay.h /optee_os/core/drivers/crypto/caam/include/caam_utils_mem.h /optee_os/core/drivers/crypto/caam/include/caam_utils_sgt.h /optee_os/core/drivers/crypto/caam/include/caam_utils_status.h /optee_os/core/drivers/crypto/caam/sub.mk /optee_os/core/drivers/crypto/caam/utils/sub.mk /optee_os/core/drivers/crypto/caam/utils/utils_delay.c /optee_os/core/drivers/crypto/caam/utils/utils_mem.c /optee_os/core/drivers/crypto/caam/utils/utils_sgt.c /optee_os/core/drivers/crypto/caam/utils/utils_status.c /optee_os/core/drivers/crypto/sub.mk /optee_os/core/lib/libtomcrypt/src/ciphers/aes/aes.c /optee_os/core/lib/libtomcrypt/src/pk/asn1/der/utf8/der_decode_utf8_string.c /optee_os/core/pta/system.c /optee_os/core/tee/tadb.c /optee_os/core/tee/tee_svc_cryp.c /optee_os/ldelf/main.c config.mk /optee_os/scripts/update_changelog.py
a2087649	18-Sep-2019	Jerome Forissier <jerome@forissier.org>	core: add support for dumping build configuration info on boot During development, we occasionally experience crashes within the TEE core. When the tests are run locally, the developer has all the n core: add support for dumping build configuration info on boot During development, we occasionally experience crashes within the TEE core. When the tests are run locally, the developer has all the needed information to troubleshoot the issue. But when the crash occurs on a remote host (CI for instance), it is sometimes inconvenient or even impossible to retrieve files other than the console logs. As a result, it is equally inconvenient or impossible to obtain a symbolized crash dump (scripts/symbolize.py needs the dump message but also tee.elf). If the exact build configuration is known, then it is possible to reproduce the build locally (assuming the same toolchain is also used which is not a problem in practice) and proceed with debugging. Unfortunately the values of the CFG_ flags are not always shown in the logs and omitting only one flag can significantly change the TEE binary. This commit introduces CFG_SHOW_CONF_ON_BOOT (default n). When enabled, the contents of the build configuration file $O/conf.mk is printed to the secure console during initialization with TRACE_INFO severity. The file is compressed to reduce memory usage and space used in the logs, and it is encoded into printable text. To obtain the conf.mk file, one needs to copy and paste the encoded text into 'base64 -d \| xz -d'. These two commands are also required at build time when CFG_SHOW_CONF_ON_BOOT is y. Signed-off-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Joakim Bech <joakim.bech@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/Makefile /optee_os/core/kernel/show_conf.c /optee_os/core/kernel/sub.mk /optee_os/core/sub.mk config.mk /optee_os/scripts/bin_to_c.py
38f4260c	17-Sep-2019	Jerome Forissier <jerome@forissier.org>	TA dev kit: Clang support Updates ta/mk/ta_dev_kit.mk and other makefiles so that the COMPILER variable can be used when building TAs: make COMPILER=clang ... Signed-off-by: Jerome Forissier <jerom TA dev kit: Clang support Updates ta/mk/ta_dev_kit.mk and other makefiles so that the COMPILER variable can be used when building TAs: make COMPILER=clang ... Signed-off-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/.shippable.yml /optee_os/Makefile /optee_os/core/arch/arm/arm.mk clang.mk /optee_os/ta/mk/ta_dev_kit.mk /optee_os/ta/ta.mk
98d863a5	05-Jul-2019	Jerome Forissier <jerome@forissier.org>	Experimental Clang support Allows building with Clang with "make COMPILER=clang [other flags...]". The clang command has to be in the $PATH, as well as the associated tools (clang-cpp, ld.lld, llvm- Experimental Clang support Allows building with Clang with "make COMPILER=clang [other flags...]". The clang command has to be in the $PATH, as well as the associated tools (clang-cpp, ld.lld, llvm-ar, llvm-nm, llvm-objcopy and llvm-readelf). Tested with Clang built from the master branch of [1] (development version for 9.0): mkdir build; cd build cmake -G Ninja -DCMAKE_BUILD_TYPE=Release \ -DCMAKE_INSTALL_PREFIX=~/llvm-install \ -DLLVM_ENABLE_PROJECTS="clang;lld" \ -DLLVM_TARGETS_TO_BUILD="AArch64;ARM" \ ~/llvm-project/llvm ninja && ninja install Limitations: - CFG_CORE_SANITIZE_KADDRESS=y is not supported. - CFG_WITH_PAGER is supported, but requires that the TEE core be linked with the GNU linker. The reason is documented in mk/clang.mk. Bug: - ldelf assertion failure in xtest 1019 when CFG_ULIBS_SHARED=y (QEMU) E/LD: assertion 'maps[map_idx].sz == sz' failed at ldelf/ta_elf.c:1114 in ta_elf_print_mappings() Prevents ldelf from displaying the TA mappings on abort or panic, but does not seem to cause any other problem. Link: [1] https://github.com/llvm/llvm-project/commits/8351c327647 Signed-off-by: Jerome Forissier <jerome@forissier.org> Tested-by: Jerome Forissier <jerome@forissier.org> (QEMU pager/no pager) Tested-by: Jerome Forissier <jerome@forissier.org> (QEMUv8, pager/no pager) Tested-by: Jerome Forissier <jerome@forissier.org> (HiKey960, 32/64, GP) Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/plat-rcar/conf.mk /optee_os/core/core.mk /optee_os/lib/libutils/ext/include/compiler.h clang.mk compile.mk /optee_os/scripts/llvm-objcopy-wrapper
1...<<1112 13 14 15 16 17 18 19