pkcs11 - OpenGrok history log for /optee_os/ta/pkcs11

Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
c2c23cd4	14-Oct-2025	Etienne Carriere <etienne.carriere@st.com>	ta: pkcs11: be flexible on RSA private key optional attributes Allow RSA private key to partially store the RSA private key optional attributes without facing complaints from the GP TEE API. On one ta: pkcs11: be flexible on RSA private key optional attributes Allow RSA private key to partially store the RSA private key optional attributes without facing complaints from the GP TEE API. On one hand, in the PKCS#11 specification, RSA private key attributes CKA_PRIME_1, CKA_PRIME_2, CKA_EXPONENT_1, CKA_EXPONENT_2 and CKA_COEFFICIENT are optional and the spec does not add much constraints on their presence. On the other hand, the GP TEE Internal Core API requests that these 5 optional attributes are all present or none is present at all. As a trade-off, allow PKCS#11 client to partially provide them but do not load them into the TEE object unless they are all present. Fixes: 3dc4089afde2 ("ta: pkcs11: correct RSA keys extended attributes sanitation") Closes: https://github.com/OP-TEE/optee_os/issues/5418 Closes: https://github.com/OP-TEE/optee_os/issues/7520 Signed-off-by: Etienne Carriere <etienne.carriere@st.com> show more ... /optee_os/.github/workflows/ci.yml /optee_os/.github/workflows/stales.yml /optee_os/.gitignore /optee_os/CHANGELOG.md /optee_os/MAINTAINERS /optee_os/core/arch/arm/arm.mk /optee_os/core/arch/arm/crypto/aes-gcm-ce.c /optee_os/core/arch/arm/dts/stm32mp131.dtsi /optee_os/core/arch/arm/dts/stm32mp135f-dk.dts /optee_os/core/arch/arm/dts/stm32mp151.dtsi /optee_os/core/arch/arm/dts/stm32mp157c-ed1.dts /optee_os/core/arch/arm/dts/stm32mp15xx-dkx.dtsi /optee_os/core/arch/arm/dts/stm32mp21-st-scmi-cfg.dtsi /optee_os/core/arch/arm/dts/stm32mp211.dtsi /optee_os/core/arch/arm/dts/stm32mp213.dtsi /optee_os/core/arch/arm/dts/stm32mp215.dtsi /optee_os/core/arch/arm/dts/stm32mp215f-dk-ca35tdcid-rcc.dtsi /optee_os/core/arch/arm/dts/stm32mp215f-dk-ca35tdcid-rif.dtsi /optee_os/core/arch/arm/dts/stm32mp215f-dk.dts /optee_os/core/arch/arm/dts/stm32mp21xc.dtsi /optee_os/core/arch/arm/dts/stm32mp21xf.dtsi /optee_os/core/arch/arm/dts/stm32mp23-st-scmi-cfg.dtsi /optee_os/core/arch/arm/dts/stm32mp231.dtsi /optee_os/core/arch/arm/dts/stm32mp233.dtsi /optee_os/core/arch/arm/dts/stm32mp235.dtsi /optee_os/core/arch/arm/dts/stm32mp235f-dk-ca35tdcid-rcc.dtsi /optee_os/core/arch/arm/dts/stm32mp235f-dk-ca35tdcid-resmem.dtsi /optee_os/core/arch/arm/dts/stm32mp235f-dk-ca35tdcid-rif.dtsi /optee_os/core/arch/arm/dts/stm32mp235f-dk.dts /optee_os/core/arch/arm/dts/stm32mp23xc.dtsi /optee_os/core/arch/arm/dts/stm32mp23xf.dtsi /optee_os/core/arch/arm/dts/stm32mp25-st-scmi-cfg.dtsi /optee_os/core/arch/arm/dts/stm32mp251.dtsi /optee_os/core/arch/arm/dts/stm32mp257f-dk-ca35tdcid-rcc.dtsi /optee_os/core/arch/arm/dts/stm32mp257f-dk-ca35tdcid-resmem.dtsi /optee_os/core/arch/arm/dts/stm32mp257f-dk-ca35tdcid-rif.dtsi /optee_os/core/arch/arm/dts/stm32mp257f-dk.dts /optee_os/core/arch/arm/dts/stm32mp257f-ev1-ca35tdcid-rif.dtsi /optee_os/core/arch/arm/dts/stm32mp257f-ev1.dts /optee_os/core/arch/arm/include/arm64.h /optee_os/core/arch/arm/include/kernel/secure_partition.h /optee_os/core/arch/arm/include/kernel/thread_arch.h /optee_os/core/arch/arm/include/kernel/thread_private_arch.h /optee_os/core/arch/arm/include/kernel/thread_spmc.h /optee_os/core/arch/arm/include/mm/core_mmu_arch.h /optee_os/core/arch/arm/kernel/asm-defines.c /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/kernel/entry_a32.S /optee_os/core/arch/arm/kernel/entry_a64.S /optee_os/core/arch/arm/kernel/generic_timer.c /optee_os/core/arch/arm/kernel/kern.ld.S /optee_os/core/arch/arm/kernel/link.mk /optee_os/core/arch/arm/kernel/secure_partition.c /optee_os/core/arch/arm/kernel/stmm_sp.c /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/kernel/thread_a64.S /optee_os/core/arch/arm/kernel/thread_spmc.c /optee_os/core/arch/arm/kernel/virtualization.c /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/mm/core_mmu_lpae.c /optee_os/core/arch/arm/plat-automotive_rd/conf.mk /optee_os/core/arch/arm/plat-automotive_rd/main.c /optee_os/core/arch/arm/plat-automotive_rd/platform_config.h /optee_os/core/arch/arm/plat-automotive_rd/rd1ae_core_pos.S /optee_os/core/arch/arm/plat-automotive_rd/sub.mk /optee_os/core/arch/arm/plat-corstone1000/conf.mk /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-k3/conf.mk /optee_os/core/arch/arm/plat-k3/drivers/dthev2.c /optee_os/core/arch/arm/plat-k3/drivers/eip76d_trng.c /optee_os/core/arch/arm/plat-k3/drivers/eip76d_trng.h /optee_os/core/arch/arm/plat-k3/drivers/sa2ul.c /optee_os/core/arch/arm/plat-k3/drivers/sub.mk /optee_os/core/arch/arm/plat-k3/drivers/ti_sci.c /optee_os/core/arch/arm/plat-k3/drivers/ti_sci.h /optee_os/core/arch/arm/plat-k3/drivers/ti_sci_protocol.h /optee_os/core/arch/arm/plat-k3/platform_config.h /optee_os/core/arch/arm/plat-marvell/conf.mk /optee_os/core/arch/arm/plat-marvell/platform_config.h /optee_os/core/arch/arm/plat-marvell/sub.mk /optee_os/core/arch/arm/plat-rockchip/conf.mk /optee_os/core/arch/arm/plat-rockchip/platform_config.h /optee_os/core/arch/arm/plat-rockchip/platform_rk3588.c /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_pwr.c /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_syscfg.c /optee_os/core/arch/arm/plat-stm32mp1/main.c /optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h /optee_os/core/arch/arm/plat-stm32mp2/conf.mk /optee_os/core/arch/arm/plat-stm32mp2/drivers/stm32mp25_syscfg.c /optee_os/core/arch/arm/plat-stm32mp2/main.c /optee_os/core/arch/arm/plat-stm32mp2/stm32_sysconf.h /optee_os/core/arch/arm/plat-stm32mp2/stm32_util.h /optee_os/core/arch/arm/plat-ti/a9_plat_init.S /optee_os/core/arch/arm/plat-versal2/conf.mk /optee_os/core/arch/arm/plat-vexpress/conf.mk /optee_os/core/arch/arm/plat-vexpress/main.c /optee_os/core/arch/arm/plat-vexpress/platform_config.h /optee_os/core/arch/arm/sm/pm_a32.S /optee_os/core/arch/arm/tests/ffa_lsp.c /optee_os/core/arch/arm/tests/sub.mk /optee_os/core/arch/riscv/include/kernel/misc_arch.h /optee_os/core/arch/riscv/include/kernel/riscv_elf.h /optee_os/core/arch/riscv/include/kernel/thread_arch.h /optee_os/core/arch/riscv/include/kernel/thread_private_arch.h /optee_os/core/arch/riscv/include/mm/core_mmu_arch.h /optee_os/core/arch/riscv/include/riscv.h /optee_os/core/arch/riscv/include/rpmi.h /optee_os/core/arch/riscv/include/sbi.h /optee_os/core/arch/riscv/include/sbi_mpxy.h /optee_os/core/arch/riscv/include/sbi_mpxy_rpmi.h /optee_os/core/arch/riscv/kernel/asm-defines.c /optee_os/core/arch/riscv/kernel/boot.c /optee_os/core/arch/riscv/kernel/entry.S /optee_os/core/arch/riscv/kernel/kern.ld.S /optee_os/core/arch/riscv/kernel/link.mk /optee_os/core/arch/riscv/kernel/sbi.c /optee_os/core/arch/riscv/kernel/sbi_mpxy.c /optee_os/core/arch/riscv/kernel/sbi_mpxy_rpmi.c /optee_os/core/arch/riscv/kernel/sub.mk /optee_os/core/arch/riscv/kernel/thread_arch.c /optee_os/core/arch/riscv/kernel/thread_rv.S /optee_os/core/arch/riscv/mm/core_mmu_arch.c /optee_os/core/arch/riscv/plat-sifive/conf.mk /optee_os/core/arch/riscv/plat-sifive/main.c /optee_os/core/arch/riscv/plat-sifive/platform_config.h /optee_os/core/arch/riscv/plat-sifive/sub.mk /optee_os/core/arch/riscv/plat-spike/conf.mk /optee_os/core/arch/riscv/plat-virt/conf.mk /optee_os/core/arch/riscv/plat-virt/platform_config.h /optee_os/core/arch/riscv/riscv.mk /optee_os/core/core.mk /optee_os/core/crypto/aes-gcm.c /optee_os/core/crypto/signed_hdr.c /optee_os/core/drivers/amd/gpio_common.c /optee_os/core/drivers/amd/gpio_private.h /optee_os/core/drivers/amd/ps_gpio_driver.c /optee_os/core/drivers/amd/sub.mk /optee_os/core/drivers/atmel_saic.c /optee_os/core/drivers/clk/clk-stm32mp21.c /optee_os/core/drivers/clk/clk-stm32mp25.c /optee_os/core/drivers/clk/sub.mk /optee_os/core/drivers/crypto/caam/include/caam_ae.h /optee_os/core/drivers/crypto/stm32/stm32_cryp.c /optee_os/core/drivers/crypto/stm32/stm32_saes.c /optee_os/core/drivers/ffa_console.c /optee_os/core/drivers/firewall/stm32_rifsc.c /optee_os/core/drivers/firewall/stm32_risab.c /optee_os/core/drivers/gpio/gpio.c /optee_os/core/drivers/hfic.c /optee_os/core/drivers/imx_csu.c /optee_os/core/drivers/regulator/regulator.c /optee_os/core/drivers/regulator/regulator_dt.c /optee_os/core/drivers/regulator/regulator_fixed.c /optee_os/core/drivers/regulator/regulator_gpio.c /optee_os/core/drivers/rockchip_otp.c /optee_os/core/drivers/rstctrl/stm32mp21_rstctrl.c /optee_os/core/drivers/rstctrl/stm32mp25_rstctrl.c /optee_os/core/drivers/rstctrl/sub.mk /optee_os/core/drivers/sifive_uart.c /optee_os/core/drivers/stm32_exti.c /optee_os/core/drivers/stm32_gpio.c /optee_os/core/drivers/stm32_hpdma.c /optee_os/core/drivers/stm32_iwdg.c /optee_os/core/drivers/stm32_omm.c /optee_os/core/drivers/stm32_rtc.c /optee_os/core/drivers/stm32_tamp.c /optee_os/core/drivers/sub.mk /optee_os/core/drivers/wdt/watchdog_sm.c /optee_os/core/include/drivers/gpio.h /optee_os/core/include/drivers/regulator.h /optee_os/core/include/drivers/rockchip_otp.h /optee_os/core/include/drivers/rtc.h /optee_os/core/include/drivers/sifive_uart.h /optee_os/core/include/drivers/stm32_gpio.h /optee_os/core/include/drivers/stm32_rtc.h /optee_os/core/include/drivers/stm32mp21_rcc.h /optee_os/core/include/drivers/stm32mp_dt_bindings.h /optee_os/core/include/drivers/wdt.h /optee_os/core/include/dt-bindings/clock/st,stm32mp21-rcc.h /optee_os/core/include/dt-bindings/clock/stm32mp21-clksrc.h /optee_os/core/include/dt-bindings/firewall/stm32mp21-rifsc.h /optee_os/core/include/dt-bindings/firewall/stm32mp25-rifsc.h /optee_os/core/include/dt-bindings/reset/st,stm32mp21-rcc.h /optee_os/core/include/dt-bindings/scmi/scmi-clock.h /optee_os/core/include/dt-bindings/tamper/st,stm32-tamp.h /optee_os/core/include/dt-bindings/tamper/st,stm32mp13-tamp.h /optee_os/core/include/dt-bindings/tamper/st,stm32mp21-tamp.h /optee_os/core/include/dt-bindings/tamper/st,stm32mp25-tamp.h /optee_os/core/include/kernel/asan.h /optee_os/core/include/kernel/boot.h /optee_os/core/include/kernel/dt.h /optee_os/core/include/kernel/dt_driver.h /optee_os/core/include/kernel/interrupt.h /optee_os/core/include/kernel/thread.h /optee_os/core/include/kernel/thread_private.h /optee_os/core/include/mm/core_mmu.h /optee_os/core/kernel/asan.c /optee_os/core/kernel/boot.c /optee_os/core/kernel/console.c /optee_os/core/kernel/dt.c /optee_os/core/kernel/dt_driver.c /optee_os/core/kernel/panic.c /optee_os/core/kernel/ree_fs_ta.c /optee_os/core/kernel/tee_ta_manager.c /optee_os/core/kernel/thread.c /optee_os/core/kernel/tpm.c /optee_os/core/kernel/transfer_list.c /optee_os/core/kernel/user_ta.c /optee_os/core/lib/libefi/hob.c /optee_os/core/lib/libefi/include/efi/efi_types.h /optee_os/core/lib/libefi/include/efi/hob.h /optee_os/core/lib/libefi/include/efi/hob_guid.h /optee_os/core/lib/libefi/include/efi/mmram.h /optee_os/core/lib/libefi/include/efi/mpinfo.h /optee_os/core/lib/libefi/sub.mk /optee_os/core/lib/scmi-server/conf-optee-stm32mp1.mk /optee_os/core/lib/scmi-server/conf-optee-stm32mp2.mk /optee_os/core/lib/scmi-server/conf.mk /optee_os/core/lib/scmi-server/include/scmi_agent_configuration.h /optee_os/core/lib/scmi-server/include/scmi_clock_consumer.h /optee_os/core/lib/scmi-server/include/scmi_reset_consumer.h /optee_os/core/lib/scmi-server/scmi_clock_consumer.c /optee_os/core/lib/scmi-server/scmi_reset_consumer.c /optee_os/core/lib/scmi-server/scmi_server.c /optee_os/core/lib/scmi-server/scmi_server_scpfw.c /optee_os/core/lib/scmi-server/sub.mk /optee_os/core/mm/boot_mem.c /optee_os/core/mm/core_mmu.c /optee_os/core/mm/vm.c /optee_os/core/pta/rtc.c /optee_os/core/pta/tests/dt_driver_test.c /optee_os/core/pta/tests/invoke.c /optee_os/core/pta/tests/misc.c /optee_os/core/pta/tests/misc.h /optee_os/core/pta/tests/sub.mk /optee_os/core/pta/tests/transfer_list.c /optee_os/core/tee/fs_htree.c /optee_os/keys/default.pem /optee_os/ldelf/link.mk /optee_os/lib/libmbedtls/include/mbedtls_config_kernel.h /optee_os/lib/libmbedtls/include/mbedtls_config_uta.h /optee_os/lib/libmbedtls/mbedtls/ChangeLog /optee_os/lib/libmbedtls/mbedtls/SECURITY.md /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/bignum.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/build_info.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/check_config.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/config_adjust_legacy_crypto.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/config_adjust_legacy_from_psa.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/config_adjust_psa_superset_legacy.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/debug.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/dhm.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecdh.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecdsa.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecjpake.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecp.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/entropy.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/error.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/gcm.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/lms.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/net_sockets.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pk.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/platform_util.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/psa_util.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/rsa.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_cookie.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_ticket.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/threading.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_crt.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_csr.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_config.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_extra.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_sizes.h /optee_os/lib/libmbedtls/mbedtls/library/aesni.c /optee_os/lib/libmbedtls/mbedtls/library/asn1write.c /optee_os/lib/libmbedtls/mbedtls/library/base64.c /optee_os/lib/libmbedtls/mbedtls/library/bignum_core.c /optee_os/lib/libmbedtls/mbedtls/library/bignum_core.h /optee_os/lib/libmbedtls/mbedtls/library/bignum_core_invasive.h /optee_os/lib/libmbedtls/mbedtls/library/ccm.c /optee_os/lib/libmbedtls/mbedtls/library/cipher.c /optee_os/lib/libmbedtls/mbedtls/library/cipher_invasive.h /optee_os/lib/libmbedtls/mbedtls/library/cipher_wrap.c /optee_os/lib/libmbedtls/mbedtls/library/cipher_wrap.h /optee_os/lib/libmbedtls/mbedtls/library/common.h /optee_os/lib/libmbedtls/mbedtls/library/constant_time_impl.h /optee_os/lib/libmbedtls/mbedtls/library/ecp.c /optee_os/lib/libmbedtls/mbedtls/library/error.c /optee_os/lib/libmbedtls/mbedtls/library/lmots.c /optee_os/lib/libmbedtls/mbedtls/library/lms.c /optee_os/lib/libmbedtls/mbedtls/library/net_sockets.c /optee_os/lib/libmbedtls/mbedtls/library/pem.c /optee_os/lib/libmbedtls/mbedtls/library/pk.c /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto.c /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_cipher.c /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_core.h /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_driver_wrappers.h /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_ecp.c /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_mac.c /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_slot_management.c /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_storage.h /optee_os/lib/libmbedtls/mbedtls/library/psa_util.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_client.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_debug_helpers_generated.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_misc.h /optee_os/lib/libmbedtls/mbedtls/library/ssl_msg.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls12_client.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls12_server.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls13_client.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls13_keys.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls13_keys.h /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls13_server.c /optee_os/lib/libmbedtls/mbedtls/library/threading.c /optee_os/lib/libmbedtls/mbedtls/library/version_features.c /optee_os/lib/libmbedtls/mbedtls/library/x509_create.c /optee_os/lib/libmbedtls/mbedtls/library/x509write_crt.c /optee_os/lib/libmbedtls/mbedtls/library/x509write_csr.c /optee_os/lib/libutee/include/pta_invoke_tests.h /optee_os/lib/libutee/include/pta_rtc.h /optee_os/lib/libutee/include/pta_stats.h /optee_os/lib/libutee/include/user_ta_header.h /optee_os/lib/libutee/tcb.c /optee_os/lib/libutee/tee_api.c /optee_os/lib/libutee/user_ta_entry.c /optee_os/lib/libutils/compiler-rt/LICENSE.TXT /optee_os/lib/libutils/compiler-rt/README.txt /optee_os/lib/libutils/compiler-rt/lib/builtins/ashlti3.c /optee_os/lib/libutils/compiler-rt/lib/builtins/int_div_impl.inc /optee_os/lib/libutils/compiler-rt/lib/builtins/int_endianness.h /optee_os/lib/libutils/compiler-rt/lib/builtins/int_lib.h /optee_os/lib/libutils/compiler-rt/lib/builtins/int_types.h /optee_os/lib/libutils/compiler-rt/lib/builtins/int_util.h /optee_os/lib/libutils/compiler-rt/lib/builtins/sub.mk /optee_os/lib/libutils/compiler-rt/lib/builtins/udivmodti4.c /optee_os/lib/libutils/compiler-rt/lib/builtins/udivti3.c /optee_os/lib/libutils/compiler-rt/lib/sub.mk /optee_os/lib/libutils/compiler-rt/sub.mk /optee_os/lib/libutils/ext/ftrace/ftrace.c /optee_os/lib/libutils/isoc/arch/arm/setjmp_a32.S /optee_os/lib/libutils/isoc/arch/arm/setjmp_a64.S /optee_os/lib/libutils/isoc/arch/riscv/setjmp_rv.S /optee_os/lib/libutils/isoc/bget.c /optee_os/lib/libutils/isoc/bget_malloc.c /optee_os/lib/libutils/isoc/include/malloc.h /optee_os/lib/libutils/isoc/include/setjmp.h /optee_os/lib/libutils/isoc/newlib/strchr.c /optee_os/lib/libutils/isoc/newlib/strcmp.c /optee_os/lib/libutils/isoc/newlib/strcpy.c /optee_os/lib/libutils/isoc/newlib/strlen.c /optee_os/lib/libutils/sub.mk /optee_os/mk/clang.mk /optee_os/mk/compile.mk /optee_os/mk/config.mk /optee_os/ta/link.mk src/processing_rsa.c /optee_os/ta/remoteproc/src/remoteproc_core.c /optee_os/ta/user_ta_header.c
228cf40e	28-Mar-2025	Rouven Czerwinski <r.czerwinski@pengutronix.de>	tree-wide: use /usr/bin/env bash in bash scripts Some distributions don't provide bash inside of /bin, increase compatibility by using env to resolve the correct path at runtime. Fixes running the s tree-wide: use /usr/bin/env bash in bash scripts Some distributions don't provide bash inside of /bin, increase compatibility by using env to resolve the correct path at runtime. Fixes running the scripts on my NixOS systems. Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Acked-by: Etienne Carriere <etienne.carriere@foss.st.com> show more ... /optee_os/.github/workflows/ci.yml /optee_os/CHANGELOG.md /optee_os/MAINTAINERS /optee_os/core/arch/arm/arm.mk /optee_os/core/arch/arm/dts/stm32mp131.dtsi /optee_os/core/arch/arm/dts/stm32mp135f-dk.dts /optee_os/core/arch/arm/dts/stm32mp13xc.dtsi /optee_os/core/arch/arm/dts/stm32mp13xf.dtsi /optee_os/core/arch/arm/dts/stm32mp15xx-dhcom-som.dtsi /optee_os/core/arch/arm/dts/stm32mp15xx-dhcor-avenger96.dtsi /optee_os/core/arch/arm/dts/stm32mp15xx-dhcor-som.dtsi /optee_os/core/arch/arm/dts/stm32mp251.dtsi /optee_os/core/arch/arm/dts/stm32mp257f-ev1-ca35tdcid-rif.dtsi /optee_os/core/arch/arm/include/arm64.h /optee_os/core/arch/arm/include/ffa.h /optee_os/core/arch/arm/include/kernel/secure_partition.h /optee_os/core/arch/arm/include/kernel/spmc_sp_handler.h /optee_os/core/arch/arm/include/kernel/thread_arch.h /optee_os/core/arch/arm/include/kernel/thread_spmc.h /optee_os/core/arch/arm/include/mm/core_mmu_arch.h /optee_os/core/arch/arm/kernel/abort.c /optee_os/core/arch/arm/kernel/asm-defines.c /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/kernel/entry_a32.S /optee_os/core/arch/arm/kernel/entry_a64.S /optee_os/core/arch/arm/kernel/link.mk /optee_os/core/arch/arm/kernel/link_dummies_paged.c /optee_os/core/arch/arm/kernel/secure_partition.c /optee_os/core/arch/arm/kernel/spmc_sp_handler.c /optee_os/core/arch/arm/kernel/stmm_sp.c /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/kernel/thread_a64.S /optee_os/core/arch/arm/kernel/thread_spmc.c /optee_os/core/arch/arm/kernel/thread_spmc_a64.S /optee_os/core/arch/arm/kernel/virtualization.c /optee_os/core/arch/arm/mm/core_mmu_lpae.c /optee_os/core/arch/arm/mm/core_mmu_v7.c /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-imx/registers/imx93.h /optee_os/core/arch/arm/plat-k3/conf.mk /optee_os/core/arch/arm/plat-k3/main.c /optee_os/core/arch/arm/plat-rockchip/conf.mk /optee_os/core/arch/arm/plat-rockchip/platform_config.h /optee_os/core/arch/arm/plat-rockchip/platform_rk3588.c /optee_os/core/arch/arm/plat-sam/conf.mk /optee_os/core/arch/arm/plat-sam/scmi_server.c /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_pmic.c /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_pwr.h /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_syscfg.c /optee_os/core/arch/arm/plat-stm32mp1/main.c /optee_os/core/arch/arm/plat-stm32mp1/platform_config.h /optee_os/core/arch/arm/plat-stm32mp1/scmi_server.c /optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h /optee_os/core/arch/arm/plat-stm32mp2/conf.mk /optee_os/core/arch/arm/plat-stm32mp2/main.c /optee_os/core/arch/arm/plat-versal2/conf.mk /optee_os/core/arch/arm/tee/entry_fast.c /optee_os/core/arch/riscv/include/riscv.h /optee_os/core/arch/riscv/kernel/boot.c /optee_os/core/arch/riscv/kernel/entry.S /optee_os/core/arch/riscv/mm/core_mmu_arch.c /optee_os/core/arch/riscv/plat-spike/conf.mk /optee_os/core/arch/riscv/plat-virt/conf.mk /optee_os/core/arch/riscv/plat-virt/main.c /optee_os/core/arch/riscv/plat-virt/platform_config.h /optee_os/core/arch/riscv/riscv.mk /optee_os/core/drivers/aplic_direct.c /optee_os/core/drivers/aplic_msi.c /optee_os/core/drivers/aplic_priv.c /optee_os/core/drivers/atmel_rstc.c /optee_os/core/drivers/atmel_rtc.c /optee_os/core/drivers/atmel_saic.c /optee_os/core/drivers/clk/clk-stm32-core.c /optee_os/core/drivers/clk/clk-stm32mp25.c /optee_os/core/drivers/clk/clk.c /optee_os/core/drivers/clk/sam/at91_clk.h /optee_os/core/drivers/clk/sam/clk-sam9x60-pll.c /optee_os/core/drivers/clk/sam/sama7g5_clk.c /optee_os/core/drivers/counter/stm32_stgen.c /optee_os/core/drivers/counter/sub.mk /optee_os/core/drivers/crypto/ele/crypto.mk /optee_os/core/drivers/crypto/ele/ele.c /optee_os/core/drivers/crypto/ele/include/ele.h /optee_os/core/drivers/crypto/ele/include/memutils.h /optee_os/core/drivers/crypto/ele/memutils.c /optee_os/core/drivers/crypto/ele/sub.mk /optee_os/core/drivers/crypto/stm32/common.h /optee_os/core/drivers/crypto/stm32/crypto.mk /optee_os/core/drivers/crypto/stm32/ecc.c /optee_os/core/drivers/crypto/stm32/hash.c /optee_os/core/drivers/crypto/stm32/hmac.c /optee_os/core/drivers/crypto/stm32/stm32_hash.c /optee_os/core/drivers/crypto/stm32/stm32_hash.h /optee_os/core/drivers/crypto/stm32/stm32_pka.c /optee_os/core/drivers/crypto/stm32/stm32_pka.h /optee_os/core/drivers/crypto/stm32/sub.mk /optee_os/core/drivers/crypto/sub.mk /optee_os/core/drivers/dra7_rng.c /optee_os/core/drivers/firewall/stm32_etzpc.c /optee_os/core/drivers/firewall/stm32_rifsc.c /optee_os/core/drivers/firewall/stm32_risab.c /optee_os/core/drivers/firewall/stm32_risaf.c /optee_os/core/drivers/firewall/stm32_serc.c /optee_os/core/drivers/gic.c /optee_os/core/drivers/hfic.c /optee_os/core/drivers/imsic.c /optee_os/core/drivers/imx/mu/imx_mu.c /optee_os/core/drivers/imx_rngb.c /optee_os/core/drivers/microchip_pit.c /optee_os/core/drivers/plic.c /optee_os/core/drivers/remoteproc/stm32_remoteproc.c /optee_os/core/drivers/rtc/rtc.c /optee_os/core/drivers/scmi-msg/entry.c /optee_os/core/drivers/scmi-msg/perf_domain.c /optee_os/core/drivers/scmi-msg/perf_domain.h /optee_os/core/drivers/scmi-msg/sub.mk /optee_os/core/drivers/stm32_cpu_opp.c /optee_os/core/drivers/stm32_gpio.c /optee_os/core/drivers/stm32_i2c.c /optee_os/core/drivers/stm32_rng.c /optee_os/core/drivers/stm32_rtc.c /optee_os/core/drivers/sub.mk /optee_os/core/include/drivers/aplic.h /optee_os/core/include/drivers/aplic_priv.h /optee_os/core/include/drivers/atmel_rstc.h /optee_os/core/include/drivers/gic.h /optee_os/core/include/drivers/imsic.h /optee_os/core/include/drivers/rtc.h /optee_os/core/include/drivers/scmi-msg.h /optee_os/core/include/drivers/stm32_cpu_opp.h /optee_os/core/include/drivers/stm32_i2c.h /optee_os/core/include/drivers/stm32_serc.h /optee_os/core/include/drivers/stm32_stgen.h /optee_os/core/include/dt-bindings/clock/at91.h /optee_os/core/include/dt-bindings/clock/stm32mp13-clksrc.h /optee_os/core/include/dt-bindings/firewall/stm32mp25-rifsc.h /optee_os/core/include/initcall.h /optee_os/core/include/kernel/abort.h /optee_os/core/include/kernel/boot.h /optee_os/core/include/kernel/interrupt.h /optee_os/core/include/kernel/thread.h /optee_os/core/include/mm/core_mmu.h /optee_os/core/include/mm/page_alloc.h /optee_os/core/include/mm/phys_mem.h /optee_os/core/include/mm/tee_mm.h /optee_os/core/include/tee/tee_fs.h /optee_os/core/kernel/dt.c /optee_os/core/kernel/initcall.c /optee_os/core/kernel/interrupt.c /optee_os/core/kernel/notif_default.c /optee_os/core/kernel/otp_stubs.c /optee_os/core/kernel/sub.mk /optee_os/core/kernel/thread.c /optee_os/core/kernel/transfer_list.c /optee_os/core/lib/libtomcrypt/src/modes/ctr/ctr_encrypt.c /optee_os/core/lib/scmi-server/conf-optee-fvp.mk /optee_os/core/mm/boot_mem.c /optee_os/core/mm/core_mmu.c /optee_os/core/mm/page_alloc.c /optee_os/core/mm/phys_mem.c /optee_os/core/mm/sub.mk /optee_os/core/mm/tee_mm.c /optee_os/core/pta/device.c /optee_os/core/pta/stats.c /optee_os/core/pta/tests/misc.c /optee_os/core/tee/tee_cryp_utl.c /optee_os/core/tee/tee_rpmb_fs.c /optee_os/ldelf/ldelf.mk /optee_os/ldelf/link.mk /optee_os/lib/libmbedtls/include/mbedtls_config_kernel.h /optee_os/lib/libmbedtls/include/mbedtls_config_uta.h /optee_os/lib/libmbedtls/mbedtls/library/bignum.c /optee_os/lib/libmbedtls/mbedtls/library/common.h /optee_os/lib/libutee/include/pta_stats.h /optee_os/lib/libutee/tee_api_arith_mpi.c /optee_os/lib/libutils/ext/include/asm.S /optee_os/lib/libutils/ext/include/util.h /optee_os/lib/libutils/ext/sub.mk /optee_os/lib/libutils/ext/ubsan.c /optee_os/lib/libutils/isoc/bget_malloc.c /optee_os/lib/libutils/isoc/include/malloc.h /optee_os/lib/libutils/isoc/include/malloc_flags.h /optee_os/mk/compile.mk /optee_os/mk/config.mk /optee_os/scripts/checkpatch.sh /optee_os/scripts/checkpatch_inc.sh /optee_os/scripts/sign_encrypt.py /optee_os/scripts/sign_rproc_fw.py /optee_os/ta/avb/user_ta_header_defines.h /optee_os/ta/link.mk /optee_os/ta/link_shlib.mk /optee_os/ta/mk/build-user-ta.mk /optee_os/ta/mk/ta_dev_kit.mk scripts/dump_ec_curve_params.sh scripts/verify-helpers.sh /optee_os/ta/ta.mk /optee_os/ta/trusted_keys/user_ta_header_defines.h
04e46975	16-Dec-2024	Etienne Carriere <etienne.carriere@foss.st.com>	tree-wide: use ROUNDUP_DIV() where applicable Use ROUNDUP_DIV() instead of ROUNDUP(..., size) / size where applicable. Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Je tree-wide: use ROUNDUP_DIV() where applicable Use ROUNDUP_DIV() instead of ROUNDUP(..., size) / size where applicable. Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/.github/workflows/ci.yml /optee_os/MAINTAINERS /optee_os/core/arch/arm/kernel/stmm_sp.c /optee_os/core/arch/arm/mm/core_mmu_v7.c /optee_os/core/arch/arm/mm/mobj_ffa.c /optee_os/core/arch/arm/mm/sp_mem.c /optee_os/core/arch/arm/plat-d06/conf.mk /optee_os/core/arch/arm/plat-telechips/conf.mk /optee_os/core/arch/arm/plat-telechips/drivers/include/drivers/tcc_otp.h /optee_os/core/arch/arm/plat-telechips/drivers/sub.mk /optee_os/core/arch/arm/plat-telechips/drivers/tcc_otp.c /optee_os/core/arch/arm/plat-telechips/link.mk /optee_os/core/arch/arm/plat-telechips/main.c /optee_os/core/arch/arm/plat-telechips/plat_tzc.c /optee_os/core/arch/arm/plat-telechips/scripts/tcmktool.py /optee_os/core/arch/arm/plat-telechips/sub.mk /optee_os/core/arch/arm/plat-telechips/tcc805x/otprom.h /optee_os/core/arch/arm/plat-telechips/tcc805x/platform_config.h /optee_os/core/drivers/crypto/crypto_api/acipher/rsassa.c /optee_os/core/drivers/crypto/hisilicon/crypto.mk /optee_os/core/drivers/crypto/hisilicon/sec_pbkdf2.c /optee_os/core/drivers/crypto/hisilicon/sec_pbkdf2.h /optee_os/core/drivers/crypto/hisilicon/sub.mk /optee_os/core/drivers/imx/dcp/dcp.c /optee_os/core/drivers/openedges_omc.c /optee_os/core/drivers/sub.mk /optee_os/core/include/drivers/openedges_omc.h /optee_os/core/kernel/ldelf_loader.c /optee_os/core/lib/libtomcrypt/mpi_desc.c /optee_os/core/mm/fobj.c /optee_os/core/tee/tee_ree_fs.c /optee_os/core/tee/tee_rpmb_fs.c src/pkcs11_attributes.c src/processing_aes.c src/processing_rsa.c src/token_capabilities.c
5395f036	06-Jan-2025	Etienne Carriere <etienne.carriere@foss.st.com>	ta: pkcs11: set TA version ID to 1.0.0 PKCS#11 TA version ID is 0.1.0 since its early integration. Let's set it 1.0.0 since it now mature enough to deserve a non-zero major version number. Signed-o ta: pkcs11: set TA version ID to 1.0.0 PKCS#11 TA version ID is 0.1.0 since its early integration. Let's set it 1.0.0 since it now mature enough to deserve a non-zero major version number. Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/.github/workflows/ci.yml /optee_os/core/arch/arm/plat-sam/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_pmic.c /optee_os/core/arch/arm/plat-stm32mp1/main.c /optee_os/core/arch/arm/plat-stm32mp1/scmi_server.c /optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h /optee_os/core/arch/arm/plat-stm32mp1/sub.mk /optee_os/core/arch/arm/plat-stm32mp2/main.c /optee_os/core/arch/arm/plat-stm32mp2/stm32_util.h /optee_os/core/arch/arm/plat-versal2/conf.mk /optee_os/core/arch/arm/plat-versal2/platform_config.h /optee_os/core/arch/arm/plat-vexpress/conf.mk /optee_os/core/drivers/clk/clk-stm32-core.c /optee_os/core/drivers/clk/sam/clk-sam9x60-pll.c /optee_os/core/drivers/crypto/caam/ae/caam_ae.c /optee_os/core/drivers/crypto/caam/ae/caam_ae_ccm.c /optee_os/core/drivers/crypto/caam/ae/caam_ae_gcm.c /optee_os/core/drivers/crypto/caam/ae/local.h /optee_os/core/drivers/crypto/caam/ae/sub.mk /optee_os/core/drivers/crypto/caam/caam_ctrl.c /optee_os/core/drivers/crypto/caam/caam_desc.c /optee_os/core/drivers/crypto/caam/cipher/caam_cipher.c /optee_os/core/drivers/crypto/caam/crypto.mk /optee_os/core/drivers/crypto/caam/include/caam_ae.h /optee_os/core/drivers/crypto/caam/include/caam_desc_ccb_defines.h /optee_os/core/drivers/crypto/caam/include/caam_desc_defines.h /optee_os/core/drivers/crypto/caam/include/caam_desc_helper.h /optee_os/core/drivers/crypto/caam/include/caam_trace.h /optee_os/core/drivers/crypto/caam/include/caam_utils_mem.h /optee_os/core/drivers/crypto/caam/sub.mk /optee_os/core/drivers/crypto/caam/utils/utils_dmaobj.c /optee_os/core/drivers/crypto/caam/utils/utils_mem.c /optee_os/core/drivers/crypto/hisilicon/crypto.mk /optee_os/core/drivers/crypto/hisilicon/hpre_rsa.c /optee_os/core/drivers/crypto/hisilicon/hpre_rsa.h /optee_os/core/drivers/crypto/hisilicon/sub.mk /optee_os/core/drivers/crypto/stm32/stm32_cryp.c /optee_os/core/drivers/firewall/stm32_etzpc.c /optee_os/core/drivers/microchip_pit.c /optee_os/core/drivers/regulator/stm32mp13_regulator_iod.c /optee_os/core/drivers/stm32_iwdg.c /optee_os/core/drivers/stm32_rng.c /optee_os/core/drivers/stm32_uart.c /optee_os/core/drivers/sub.mk /optee_os/core/include/drivers/stm32_uart.h /optee_os/core/kernel/tee_misc.c /optee_os/core/kernel/transfer_list.c /optee_os/core/mm/boot_mem.c /optee_os/core/mm/core_mmu.c /optee_os/core/mm/tee_mm.c /optee_os/core/mm/vm.c /optee_os/core/pta/secstor_ta_mgmt.c /optee_os/ldelf/ta_elf.c /optee_os/lib/libmbedtls/mbedtls/library/bignum.c /optee_os/lib/libutee/tee_api.c /optee_os/lib/libutee/tee_api_operations.c /optee_os/lib/libutils/ext/include/util.h include/pkcs11_ta.h
8cf8403b	11-Dec-2024	Etienne Carriere <etienne.carriere@foss.st.com>	ta: pkcs11: default disable CFG_PKCS11_TA_RSA_X_509 Disable CFG_PKCS11_TA_RSA_X_509 in pkcs11 TA default configuration since raw RSA signature (CKM_RSA_X_509) computation and verification can be uns ta: pkcs11: default disable CFG_PKCS11_TA_RSA_X_509 Disable CFG_PKCS11_TA_RSA_X_509 in pkcs11 TA default configuration since raw RSA signature (CKM_RSA_X_509) computation and verification can be unsafe. Target systems willing to embed its support (e.g. for some TSL v1.2 support) will need to enable it explicitly. Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Acked-by: Jerome Forissier <jerome.forissier@linaro.org> show more ... /optee_os/.devcontainer/Dockerfile.vscode /optee_os/.devcontainer/devcontainer.json /optee_os/.github/workflows/ci.yml /optee_os/.gitignore /optee_os/.vscode/extensions.json /optee_os/MAINTAINERS /optee_os/core/arch/arm/dts/stm32mp13-pinctrl.dtsi /optee_os/core/arch/arm/dts/stm32mp131.dtsi /optee_os/core/arch/arm/dts/stm32mp15-pinctrl.dtsi /optee_os/core/arch/arm/dts/stm32mp151.dtsi /optee_os/core/arch/arm/dts/stm32mp157c-ed1.dts /optee_os/core/arch/arm/dts/stm32mp15xx-dhcor-avenger96.dtsi /optee_os/core/arch/arm/dts/stm32mp25-pinctrl.dtsi /optee_os/core/arch/arm/dts/stm32mp251.dtsi /optee_os/core/arch/arm/dts/stm32mp257f-ev1-ca35tdcid-rif.dtsi /optee_os/core/arch/arm/include/kernel/thread_private_arch.h /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/kernel/entry_a32.S /optee_os/core/arch/arm/kernel/entry_a64.S /optee_os/core/arch/arm/kernel/kern.ld.S /optee_os/core/arch/arm/kernel/link_dummy.ld /optee_os/core/arch/arm/kernel/secure_partition.c /optee_os/core/arch/arm/kernel/virtualization.c /optee_os/core/arch/arm/mm/core_mmu_v7.c /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-k3/drivers/ti_sci.c /optee_os/core/arch/arm/plat-rockchip/conf.mk /optee_os/core/arch/arm/plat-rockchip/main.c /optee_os/core/arch/arm/plat-rockchip/platform_config.h /optee_os/core/arch/arm/plat-rockchip/platform_rk3588.c /optee_os/core/arch/arm/plat-rockchip/sub.mk /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_pmic.c /optee_os/core/arch/arm/plat-stm32mp1/main.c /optee_os/core/arch/arm/plat-stm32mp1/platform_config.h /optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c /optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h /optee_os/core/arch/arm/plat-stm32mp2/conf.mk /optee_os/core/arch/arm/plat-versal2/conf.mk /optee_os/core/arch/arm/plat-versal2/main.c /optee_os/core/arch/arm/plat-versal2/platform_config.h /optee_os/core/arch/arm/plat-versal2/sub.mk /optee_os/core/arch/riscv/include/riscv.h /optee_os/core/arch/riscv/kernel/kern.ld.S /optee_os/core/drivers/clk/clk-stm32mp25.c /optee_os/core/drivers/crypto/caam/caam_rng.c /optee_os/core/drivers/crypto/caam/caam_sm.c /optee_os/core/drivers/crypto/caam/crypto.mk /optee_os/core/drivers/crypto/caam/hal/common/hal_sm.c /optee_os/core/drivers/scmi-msg/clock_generic.c /optee_os/core/drivers/stm32_gpio.c /optee_os/core/drivers/stm32_i2c.c /optee_os/core/drivers/stm32_tamp.c /optee_os/core/drivers/stm32_uart.c /optee_os/core/include/drivers/stm32_gpio.h /optee_os/core/include/dt-bindings/gpio/stm32mp_gpio.h /optee_os/core/include/dt-bindings/pinctrl/stm32-pinfunc.h /optee_os/core/include/kernel/boot.h /optee_os/core/include/kernel/linker.h /optee_os/core/include/kernel/virtualization.h /optee_os/core/include/mm/core_memprot.h /optee_os/core/include/mm/core_mmu.h /optee_os/core/kernel/ree_fs_ta.c /optee_os/core/lib/libtomcrypt/ed25519.c /optee_os/core/mm/boot_mem.c /optee_os/core/mm/core_mmu.c /optee_os/core/mm/fobj.c /optee_os/core/mm/mobj.c /optee_os/core/mm/pgt_cache.c /optee_os/core/mm/phys_mem.c /optee_os/core/mm/sub.mk /optee_os/lib/libmbedtls/mbedtls/ChangeLog /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/bignum.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/build_info.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/check_config.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/config_adjust_legacy_crypto.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/config_adjust_legacy_from_psa.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/config_adjust_psa_from_legacy.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/config_adjust_psa_superset_legacy.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/config_adjust_ssl.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/config_adjust_x509.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/config_psa.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ctr_drbg.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecdh.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecp.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pk.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_adjust_auto_enabled.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_adjust_config_dependencies.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_adjust_config_key_pair_types.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_adjust_config_synonyms.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_extra.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_struct.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_types.h /optee_os/lib/libmbedtls/mbedtls/library/bignum.c /optee_os/lib/libmbedtls/mbedtls/library/bignum_core.c /optee_os/lib/libmbedtls/mbedtls/library/bignum_core.h /optee_os/lib/libmbedtls/mbedtls/library/bignum_internal.h /optee_os/lib/libmbedtls/mbedtls/library/block_cipher.c /optee_os/lib/libmbedtls/mbedtls/library/cipher.c /optee_os/lib/libmbedtls/mbedtls/library/common.h /optee_os/lib/libmbedtls/mbedtls/library/ctr_drbg.c /optee_os/lib/libmbedtls/mbedtls/library/entropy.c /optee_os/lib/libmbedtls/mbedtls/library/entropy_poll.c /optee_os/lib/libmbedtls/mbedtls/library/error.c /optee_os/lib/libmbedtls/mbedtls/library/lmots.c /optee_os/lib/libmbedtls/mbedtls/library/lms.c /optee_os/lib/libmbedtls/mbedtls/library/md.c /optee_os/lib/libmbedtls/mbedtls/library/net_sockets.c /optee_os/lib/libmbedtls/mbedtls/library/nist_kw.c /optee_os/lib/libmbedtls/mbedtls/library/pem.c /optee_os/lib/libmbedtls/mbedtls/library/pk.c /optee_os/lib/libmbedtls/mbedtls/library/pkwrite.c /optee_os/lib/libmbedtls/mbedtls/library/platform_util.c /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto.c /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_cipher.c /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_core.h /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_driver_wrappers.h /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_random_impl.h /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_rsa.c /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_rsa.h /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_slot_management.c /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_slot_management.h /optee_os/lib/libmbedtls/mbedtls/library/psa_util.c /optee_os/lib/libmbedtls/mbedtls/library/rsa.c /optee_os/lib/libmbedtls/mbedtls/library/sha256.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_cookie.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_debug_helpers_generated.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_misc.h /optee_os/lib/libmbedtls/mbedtls/library/ssl_msg.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_ticket.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls12_client.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls12_server.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls13_client.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls13_generic.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls13_server.c /optee_os/lib/libmbedtls/mbedtls/library/version_features.c /optee_os/lib/libmbedtls/mbedtls/library/x509_crt.c /optee_os/lib/libmbedtls/mbedtls/library/x509write_crt.c /optee_os/lib/libmbedtls/mbedtls/library/x509write_csr.c /optee_os/mk/clang.mk /optee_os/mk/config.mk sub.mk
b7abff72	06-Sep-2024	Etienne Carriere <etienne.carriere@foss.st.com>	ta: pkcs11: add CKM_RSA_X_509 ciphering Add support for CKM_RSA_X_509 mechanism for encrypt/decrypt operations. Signed-off-by: Alexandre Marechal <alexandre.marechal@st.com> Signed-off-by: Etienne ta: pkcs11: add CKM_RSA_X_509 ciphering Add support for CKM_RSA_X_509 mechanism for encrypt/decrypt operations. Signed-off-by: Alexandre Marechal <alexandre.marechal@st.com> Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> show more ... src/processing_asymm.c src/token_capabilities.c
e02f17f3	24-Jul-2024	Alexandre Marechal <alexandre.marechal@st.com>	ta: pkcs11: add CKM_RSA_X_509 authentication Add support for CKM_RSA_X_509 mechanism for sing/verify operations. Sign and verify operations are processed using TEE decrypt/encrypt operation since G ta: pkcs11: add CKM_RSA_X_509 authentication Add support for CKM_RSA_X_509 mechanism for sing/verify operations. Sign and verify operations are processed using TEE decrypt/encrypt operation since GP TEE Internal Core API specification only allows these modes for TEE_ALG_RSA_NOPAD algorithm. The pkcs11 TA only support sign operation when the provided payload is exactly of the same size as the RSA key used and checks the generate signature is of right size. This mechanism can be needed to support CKM_RSA_X_509 for TLSv1.2 connections. Add CFG_PKCS11_TA_RSA_X_509 to allow configuring the pkcs11 TA with or without raw RSA crypto support. The config switch is default enabled. Signed-off-by: Alexandre Marechal <alexandre.marechal@st.com> Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> show more ... /optee_os/.github/workflows/ci.yml /optee_os/CHANGELOG.md /optee_os/core/arch/arm/cpu/cortex-armv9.mk /optee_os/core/arch/arm/cpu/neoverse-v2.mk /optee_os/core/arch/arm/dts/stm32mp131.dtsi /optee_os/core/arch/arm/dts/stm32mp135.dtsi /optee_os/core/arch/arm/dts/stm32mp135f-dk.dts /optee_os/core/arch/arm/dts/stm32mp13xc.dtsi /optee_os/core/arch/arm/dts/stm32mp13xf.dtsi /optee_os/core/arch/arm/dts/stm32mp151.dtsi /optee_os/core/arch/arm/dts/stm32mp153.dtsi /optee_os/core/arch/arm/dts/stm32mp157a-dk1-scmi.dts /optee_os/core/arch/arm/dts/stm32mp157a-dk1.dts /optee_os/core/arch/arm/dts/stm32mp157c-dk2-scmi.dts /optee_os/core/arch/arm/dts/stm32mp157c-dk2.dts /optee_os/core/arch/arm/dts/stm32mp157c-ed1-scmi.dts /optee_os/core/arch/arm/dts/stm32mp157c-ed1.dts /optee_os/core/arch/arm/dts/stm32mp15xc.dtsi /optee_os/core/arch/arm/dts/stm32mp15xx-dhcom-som.dtsi /optee_os/core/arch/arm/dts/stm32mp15xx-dhcor-som.dtsi /optee_os/core/arch/arm/dts/stm32mp15xx-dkx.dtsi /optee_os/core/arch/arm/dts/stm32mp25-pinctrl.dtsi /optee_os/core/arch/arm/dts/stm32mp251.dtsi /optee_os/core/arch/arm/dts/stm32mp257f-ev1-ca35tdcid-rcc.dtsi /optee_os/core/arch/arm/dts/stm32mp257f-ev1-ca35tdcid-resmem.dtsi /optee_os/core/arch/arm/dts/stm32mp257f-ev1-ca35tdcid-rif.dtsi /optee_os/core/arch/arm/dts/stm32mp257f-ev1.dts /optee_os/core/arch/arm/include/arm.h /optee_os/core/arch/arm/include/mm/core_mmu_arch.h /optee_os/core/arch/arm/include/optee_ffa.h /optee_os/core/arch/arm/include/sm/optee_smc.h /optee_os/core/arch/arm/kernel/misc_a64.S /optee_os/core/arch/arm/kernel/thread_spmc.c /optee_os/core/arch/arm/mm/core_mmu_v7.c /optee_os/core/arch/arm/plat-corstone1000/conf.mk /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-k3/conf.mk /optee_os/core/arch/arm/plat-ls/main.c /optee_os/core/arch/arm/plat-rd1ae/conf.mk /optee_os/core/arch/arm/plat-rd1ae/main.c /optee_os/core/arch/arm/plat-rd1ae/platform_config.h /optee_os/core/arch/arm/plat-rd1ae/rd1ae_core_pos.S /optee_os/core/arch/arm/plat-rd1ae/sub.mk /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_pmic.c /optee_os/core/arch/arm/plat-stm32mp1/main.c /optee_os/core/arch/arm/plat-stm32mp1/plat_tzc400.c /optee_os/core/arch/arm/plat-stm32mp1/platform_config.h /optee_os/core/arch/arm/plat-stm32mp1/scmi_server.c /optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c /optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h /optee_os/core/arch/arm/plat-stm32mp2/conf.mk /optee_os/core/arch/arm/plat-stm32mp2/main.c /optee_os/core/arch/arm/plat-stm32mp2/platform_config.h /optee_os/core/arch/arm/plat-stm32mp2/stm32_sysconf.h /optee_os/core/arch/arm/plat-stm32mp2/stm32_util.h /optee_os/core/arch/arm/tee/entry_fast.c /optee_os/core/arch/riscv/include/kernel/thread_private_arch.h /optee_os/core/arch/riscv/include/mm/core_mmu_arch.h /optee_os/core/arch/riscv/kernel/abort.c /optee_os/core/arch/riscv/kernel/asm-defines.c /optee_os/core/arch/riscv/kernel/thread_arch.c /optee_os/core/arch/riscv/kernel/thread_optee_abi_rv.S /optee_os/core/arch/riscv/kernel/thread_rv.S /optee_os/core/arch/riscv/mm/core_mmu_arch.c /optee_os/core/arch/riscv/plat-virt/conf.mk /optee_os/core/core.mk /optee_os/core/drivers/cbmem_console.c /optee_os/core/drivers/clk/clk-stm32-core.c /optee_os/core/drivers/clk/clk-stm32-core.h /optee_os/core/drivers/clk/clk-stm32mp13.c /optee_os/core/drivers/clk/clk-stm32mp15.c /optee_os/core/drivers/clk/clk-stm32mp25.c /optee_os/core/drivers/clk/clk.c /optee_os/core/drivers/crypto/caam/acipher/caam_ecc.c /optee_os/core/drivers/crypto/caam/acipher/caam_rsa.c /optee_os/core/drivers/crypto/caam/caam_key.c /optee_os/core/drivers/crypto/caam/crypto.mk /optee_os/core/drivers/crypto/caam/hal/common/hal_cfg.c /optee_os/core/drivers/crypto/caam/hal/common/hal_cfg_dt.c /optee_os/core/drivers/crypto/caam/hal/common/hal_sm_dt.c /optee_os/core/drivers/crypto/caam/hal/common/sub.mk /optee_os/core/drivers/crypto/caam/hal/imx_8m/hal_cfg.c /optee_os/core/drivers/crypto/caam/hal/imx_8m/sub.mk /optee_os/core/drivers/crypto/caam/include/caam_desc_defines.h /optee_os/core/drivers/crypto/caam/include/caam_hal_cfg.h /optee_os/core/drivers/crypto/se050/core/storage.c /optee_os/core/drivers/crypto/stm32/stm32_saes.c /optee_os/core/drivers/firewall/firewall.c /optee_os/core/drivers/firewall/stm32_etzpc.c /optee_os/core/drivers/firewall/stm32_rif.c /optee_os/core/drivers/firewall/stm32_rifsc.c /optee_os/core/drivers/firewall/stm32_risab.c /optee_os/core/drivers/firewall/stm32_risaf.c /optee_os/core/drivers/firewall/sub.mk /optee_os/core/drivers/gic.c /optee_os/core/drivers/imx_csu.c /optee_os/core/drivers/nvmem/nvmem.c /optee_os/core/drivers/regulator/regulator.c /optee_os/core/drivers/regulator/stm32_vrefbuf.c /optee_os/core/drivers/remoteproc/stm32_remoteproc.c /optee_os/core/drivers/stm32_bsec.c /optee_os/core/drivers/stm32_fmc.c /optee_os/core/drivers/stm32_gpio.c /optee_os/core/drivers/stm32_hpdma.c /optee_os/core/drivers/stm32_hsem.c /optee_os/core/drivers/stm32_ipcc.c /optee_os/core/drivers/stm32_rng.c /optee_os/core/drivers/sub.mk /optee_os/core/include/drivers/clk.h /optee_os/core/include/drivers/firewall.h /optee_os/core/include/drivers/firewall_device.h /optee_os/core/include/drivers/regulator.h /optee_os/core/include/drivers/stm32_etzpc.h /optee_os/core/include/drivers/stm32_remoteproc.h /optee_os/core/include/drivers/stm32_rif.h /optee_os/core/include/drivers/stm32_risab.h /optee_os/core/include/drivers/stm32_risaf.h /optee_os/core/include/drivers/stm32mp_dt_bindings.h /optee_os/core/include/dt-bindings/firewall/stm32mp13-etzpc.h /optee_os/core/include/dt-bindings/firewall/stm32mp13-tzc400.h /optee_os/core/include/dt-bindings/firewall/stm32mp15-etzpc.h /optee_os/core/include/dt-bindings/firewall/stm32mp15-tzc400.h /optee_os/core/include/dt-bindings/firewall/stm32mp25-rif.h /optee_os/core/include/dt-bindings/firewall/stm32mp25-rifsc.h /optee_os/core/include/dt-bindings/firewall/stm32mp25-risab.h /optee_os/core/include/dt-bindings/firewall/stm32mp25-risaf.h /optee_os/core/include/dt-bindings/firewall/tzc400.h /optee_os/core/include/kernel/delay.h /optee_os/core/include/kernel/dt.h /optee_os/core/include/kernel/pm.h /optee_os/core/include/kernel/thread.h /optee_os/core/include/mm/core_mmu.h /optee_os/core/include/optee_rpc_cmd.h /optee_os/core/include/tee/tee_cryp_utl.h /optee_os/core/include/tee/tee_fs.h /optee_os/core/kernel/dt.c /optee_os/core/kernel/notif.c /optee_os/core/kernel/pm.c /optee_os/core/lib/libfdt/fdt_ro.c /optee_os/core/lib/qcbor/LICENSE /optee_os/core/lib/qcbor/README.md /optee_os/core/lib/qcbor/inc/UsefulBuf.h /optee_os/core/lib/qcbor/inc/qcbor.h /optee_os/core/lib/qcbor/inc/qcbor/UsefulBuf.h /optee_os/core/lib/qcbor/inc/qcbor/qcbor.h /optee_os/core/lib/qcbor/inc/qcbor/qcbor_common.h /optee_os/core/lib/qcbor/inc/qcbor/qcbor_decode.h /optee_os/core/lib/qcbor/inc/qcbor/qcbor_encode.h /optee_os/core/lib/qcbor/inc/qcbor/qcbor_private.h /optee_os/core/lib/qcbor/inc/qcbor/qcbor_spiffy_decode.h /optee_os/core/lib/qcbor/src/UsefulBuf.c /optee_os/core/lib/qcbor/src/ieee754.c /optee_os/core/lib/qcbor/src/ieee754.h /optee_os/core/lib/qcbor/src/qcbor_decode.c /optee_os/core/lib/qcbor/src/qcbor_encode.c /optee_os/core/lib/qcbor/src/qcbor_err_to_str.c /optee_os/core/lib/qcbor/sub.mk /optee_os/core/mm/core_mmu.c /optee_os/core/mm/mobj.c /optee_os/core/mm/mobj_dyn_shm.c /optee_os/core/pta/device.c /optee_os/core/pta/sub.mk /optee_os/core/pta/veraison_attestation/README.md /optee_os/core/pta/veraison_attestation/cbor.c /optee_os/core/pta/veraison_attestation/cbor.h /optee_os/core/pta/veraison_attestation/hash.c /optee_os/core/pta/veraison_attestation/hash.h /optee_os/core/pta/veraison_attestation/sign.c /optee_os/core/pta/veraison_attestation/sign.h /optee_os/core/pta/veraison_attestation/sub.mk /optee_os/core/pta/veraison_attestation/veraison_attestation.c /optee_os/core/tee/tee_cryp_utl.c /optee_os/core/tee/tee_rpmb_fs.c /optee_os/ldelf/ta_elf_rel.c /optee_os/lib/libmbedtls/include/mbedtls_config_uta.h /optee_os/lib/libutee/include/pta_device.h /optee_os/lib/libutee/include/pta_veraison_attestation.h /optee_os/lib/libutee/include/tee_api_types.h /optee_os/lib/libutee/include/tee_internal_api.h /optee_os/lib/libutee/include/user_ta_header.h /optee_os/lib/libutee/tee_api.c /optee_os/lib/libutils/ext/include/compiler.h /optee_os/mk/compile.mk /optee_os/mk/config.mk /optee_os/mk/subdir.mk /optee_os/scripts/checkpatch_inc.sh /optee_os/scripts/sign_encrypt.py /optee_os/ta/mk/ta_dev_kit.mk include/pkcs11_ta.h src/pkcs11_attributes.c src/pkcs11_helpers.c src/processing.h src/processing_asymm.c src/processing_rsa.c src/token_capabilities.c sub.mk /optee_os/ta/user_ta_header.c
55a4d839	04-Sep-2024	Georges Savoundararadj <savoundg@amazon.com>	ta: pkcs11: fix memory leak On update_persistent_object_attributes failure, head_new (stored in obj->attributes) is not freed, causing a memory leak. Reported-by: Christian Zoia <czoia@amazon.es> C ta: pkcs11: fix memory leak On update_persistent_object_attributes failure, head_new (stored in obj->attributes) is not freed, causing a memory leak. Reported-by: Christian Zoia <czoia@amazon.es> Closes: https://github.com/OP-TEE/optee_os/issues/7023 Fixes: 6959626e1621 ("ta: pkcs11: preserve object when set attribute fails") Signed-off-by: Georges Savoundararadj <savoundg@amazon.com> Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com> show more ... /optee_os/.checkpatch.conf /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/kernel/entry_a32.S /optee_os/core/arch/arm/kernel/entry_a64.S /optee_os/core/arch/arm/kernel/kern.ld.S /optee_os/core/arch/arm/kernel/secure_partition.c /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/kernel/virtualization.c /optee_os/core/arch/arm/plat-k3/drivers/sa2ul.c /optee_os/core/arch/arm/plat-k3/main.c /optee_os/core/arch/arm/plat-vexpress/conf.mk /optee_os/core/arch/riscv/include/encoding.h /optee_os/core/arch/riscv/include/kernel/thread_arch.h /optee_os/core/arch/riscv/include/kernel/thread_private_arch.h /optee_os/core/arch/riscv/include/riscv.h /optee_os/core/arch/riscv/kernel/boot.c /optee_os/core/arch/riscv/kernel/thread_arch.c /optee_os/core/arch/riscv/kernel/thread_rv.S /optee_os/core/arch/riscv/mm/core_mmu_arch.c /optee_os/core/arch/riscv/plat-spike/platform_config.h /optee_os/core/arch/riscv/plat-virt/conf.mk /optee_os/core/arch/riscv/plat-virt/platform_config.h /optee_os/core/drivers/crypto/hisilicon/hpre_montgomery.c /optee_os/core/drivers/crypto/hisilicon/hpre_montgomery.h /optee_os/core/drivers/crypto/hisilicon/sub.mk /optee_os/core/drivers/remoteproc/stm32_remoteproc.c /optee_os/core/drivers/riscv_zkr_rng.c /optee_os/core/include/drivers/rstctrl.h /optee_os/core/include/drivers/stm32_remoteproc.h /optee_os/core/include/kernel/thread.h /optee_os/core/include/mm/core_mmu.h /optee_os/core/include/mm/phys_mem.h /optee_os/core/kernel/ree_fs_ta.c /optee_os/core/kernel/thread.c /optee_os/core/mm/core_mmu.c /optee_os/core/mm/fobj.c /optee_os/core/mm/pgt_cache.c /optee_os/core/mm/phys_mem.c /optee_os/core/mm/sub.mk /optee_os/core/pta/stats.c /optee_os/core/pta/stm32mp/remoteproc_pta.c /optee_os/core/tee/tee_svc_storage.c /optee_os/lib/libutee/include/remoteproc_pta.h /optee_os/lib/libutils/ext/include/types_ext.h /optee_os/lib/libutils/isoc/include/malloc.h /optee_os/mk/compile.mk /optee_os/mk/config.mk src/object.c /optee_os/ta/remoteproc/include/ta_remoteproc.h /optee_os/ta/remoteproc/src/remoteproc_core.c
931c8c5e	14-Aug-2024	Weizhao Jiang <weizhaoj@amazon.com>	ta: pkcs11: write db_main and db_objs in one operation Problem: There is a potential issue in persistent_token.c::init_persistent_db(). There are two steps to initialize a token DB if it doesn’t exi ta: pkcs11: write db_main and db_objs in one operation Problem: There is a potential issue in persistent_token.c::init_persistent_db(). There are two steps to initialize a token DB if it doesn’t exist: 1. Call TEE_CreatePersistentObject() with db_main as the initial data. 2. Truncate the object data and then insert db_obj data. If a power loss occurs between above two steps, only the db_main data is present in the database. When the device restarts, it detects the existing database and successfully reads db_main, but fails to read db_obj, leading to a TA panic each time. https://github.com/OP-TEE/optee_os/issues/6977 Solution: Write both db_main and the initial 4 bytes of db_objs (with a count of 0) in a single operation during TEE_CreatePersistentObject(). Tested-by: Weizhao Jiang <weizhaoj@amazon.com> Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com> Signed-off-by: Weizhao Jiang <weizhaoj@amazon.com> show more ... /optee_os/core/arch/arm/dts/stm32mp251.dtsi /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/kernel/entry_a32.S /optee_os/core/arch/arm/kernel/entry_a64.S /optee_os/core/arch/arm/kernel/link_dummies_paged.c /optee_os/core/arch/arm/kernel/thread_a32.S /optee_os/core/arch/arm/kernel/virtualization.c /optee_os/core/arch/arm/plat-sam/conf.mk /optee_os/core/arch/arm/plat-sam/nsec-service/sm_platform_handler.c /optee_os/core/arch/arm/plat-sam/nsec-service/smc_ids.h /optee_os/core/arch/arm/plat-sam/sam_pl310.c /optee_os/core/arch/arm/plat-sam/sam_pl310.h /optee_os/core/arch/arm/plat-stm32mp2/conf.mk /optee_os/core/arch/arm/plat-stm32mp2/main.c /optee_os/core/arch/riscv/kernel/csr_detect.S /optee_os/core/drivers/clk/sam/at91_cpu_opp.c /optee_os/core/drivers/firewall/stm32_iac.c /optee_os/core/drivers/firewall/stm32_serc.c /optee_os/core/drivers/firewall/sub.mk /optee_os/core/drivers/scmi-msg/clock.c /optee_os/core/drivers/scmi-msg/voltage_domain.h /optee_os/core/include/drivers/clk.h /optee_os/core/include/drivers/stm32_rif.h /optee_os/core/include/initcall.h /optee_os/core/include/kernel/boot.h /optee_os/core/kernel/initcall.c /optee_os/core/tee/tee_cryp_utl.c /optee_os/lib/libutee/sub.mk /optee_os/lib/libutee/tee_api_property.c /optee_os/lib/libutils/ext/base64.c /optee_os/lib/libutils/ext/include/base64.h /optee_os/lib/libutils/ext/sub.mk src/persistent_token.c
3dc4089a	24-Apr-2024	Etienne Carriere <etienne.carriere@foss.st.com>	ta: pkcs11: correct RSA keys extended attributes sanitation Fix RSA key attributes function load_tee_rsa_key_attrs() that badly checks that the 5 extended RSA attributes are found in the key object. ta: pkcs11: correct RSA keys extended attributes sanitation Fix RSA key attributes function load_tee_rsa_key_attrs() that badly checks that the 5 extended RSA attributes are found in the key object. Link: https://github.com/OP-TEE/optee_test/issues/721#issuecomment-2068055537 Link: https://github.com/OP-TEE/optee_test/issues/721#issuecomment-2072064963 Fixes: 0442c956edfb ("ta: pkcs11: Add support for RSA signing & verification") Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> show more ... /optee_os/.github/workflows/ci.yml /optee_os/CHANGELOG.md /optee_os/core/arch/arm/arm.mk /optee_os/core/arch/arm/crypto/aes_modes_armv8a_ce_a64.S /optee_os/core/arch/arm/crypto/sha3_armv8a_ce_a64.S /optee_os/core/arch/arm/crypto/sm4_armv8a_ce_a64.S /optee_os/core/arch/arm/dts/sama5d2.dtsi /optee_os/core/arch/arm/dts/sama7g5.dtsi /optee_os/core/arch/arm/dts/stm32mp13xc.dtsi /optee_os/core/arch/arm/dts/stm32mp13xf.dtsi /optee_os/core/arch/arm/dts/stm32mp251.dtsi /optee_os/core/arch/arm/dts/stm32mp257f-ev1-ca35tdcid-rcc.dtsi /optee_os/core/arch/arm/dts/stm32mp257f-ev1.dts /optee_os/core/arch/arm/include/arm64.h /optee_os/core/arch/arm/include/ffa.h /optee_os/core/arch/arm/include/kernel/secure_partition.h /optee_os/core/arch/arm/include/kernel/spmc_sp_handler.h /optee_os/core/arch/arm/include/kernel/stmm_sp.h /optee_os/core/arch/arm/include/kernel/thread_private_arch.h /optee_os/core/arch/arm/include/kernel/thread_spmc.h /optee_os/core/arch/arm/include/mm/core_mmu_arch.h /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/kernel/entry_a64.S /optee_os/core/arch/arm/kernel/kern.ld.S /optee_os/core/arch/arm/kernel/link.mk /optee_os/core/arch/arm/kernel/secure_partition.c /optee_os/core/arch/arm/kernel/spmc_sp_handler.c /optee_os/core/arch/arm/kernel/stmm_sp.c /optee_os/core/arch/arm/kernel/tee_time_arm_cntpct.c /optee_os/core/arch/arm/kernel/thread_spmc.c /optee_os/core/arch/arm/kernel/virtualization.c /optee_os/core/arch/arm/mm/core_mmu_lpae.c /optee_os/core/arch/arm/mm/core_mmu_v7.c /optee_os/core/arch/arm/mm/mobj_ffa.c /optee_os/core/arch/arm/mm/sp_mem.c /optee_os/core/arch/arm/mm/sub.mk /optee_os/core/arch/arm/mm/tee_pager.c /optee_os/core/arch/arm/plat-corstone1000/main.c /optee_os/core/arch/arm/plat-corstone1000/platform_config.h /optee_os/core/arch/arm/plat-hikey/platform_config.h /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-imx/imx-common.c /optee_os/core/arch/arm/plat-imx/imx-regs.h /optee_os/core/arch/arm/plat-imx/imx.h /optee_os/core/arch/arm/plat-imx/registers/imx95.h /optee_os/core/arch/arm/plat-mediatek/conf.mk /optee_os/core/arch/arm/plat-mediatek/platform_config.h /optee_os/core/arch/arm/plat-sam/conf.mk /optee_os/core/arch/arm/plat-sam/freq.c /optee_os/core/arch/arm/plat-sam/platform_sama5d2.c /optee_os/core/arch/arm/plat-sam/platform_sama7g5.c /optee_os/core/arch/arm/plat-sam/scmi_server.c /optee_os/core/arch/arm/plat-sam/sub.mk /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_pmic.c /optee_os/core/arch/arm/plat-stm32mp2/conf.mk /optee_os/core/arch/arm/plat-stm32mp2/drivers/stm32mp25_syscfg.c /optee_os/core/arch/arm/plat-stm32mp2/drivers/sub.mk /optee_os/core/arch/arm/plat-stm32mp2/main.c /optee_os/core/arch/arm/plat-stm32mp2/stm32_sysconf.h /optee_os/core/arch/arm/plat-stm32mp2/stm32_util.h /optee_os/core/arch/arm/plat-stm32mp2/sub.mk /optee_os/core/arch/arm/plat-vexpress/conf.mk /optee_os/core/arch/arm/plat-vexpress/main.c /optee_os/core/arch/arm/tee/entry_fast.c /optee_os/core/arch/riscv/include/encoding.h /optee_os/core/arch/riscv/include/kernel/stmm_sp.h /optee_os/core/arch/riscv/include/kernel/thread_arch.h /optee_os/core/arch/riscv/include/kernel/thread_private_arch.h /optee_os/core/arch/riscv/include/mm/core_mmu_arch.h /optee_os/core/arch/riscv/include/riscv.h /optee_os/core/arch/riscv/kernel/abort.c /optee_os/core/arch/riscv/kernel/asm-defines.c /optee_os/core/arch/riscv/kernel/boot.c /optee_os/core/arch/riscv/kernel/csr_detect.S /optee_os/core/arch/riscv/kernel/entry.S /optee_os/core/arch/riscv/kernel/link.mk /optee_os/core/arch/riscv/kernel/sub.mk /optee_os/core/arch/riscv/kernel/tee_time_rdtime.c /optee_os/core/arch/riscv/kernel/thread_arch.c /optee_os/core/arch/riscv/kernel/thread_optee_abi_rv.S /optee_os/core/arch/riscv/kernel/thread_rv.S /optee_os/core/arch/riscv/mm/core_mmu_arch.c /optee_os/core/arch/riscv/plat-virt/conf.mk /optee_os/core/arch/riscv/riscv.mk /optee_os/core/arch/riscv/tee/entry_fast.c /optee_os/core/core.mk /optee_os/core/crypto.mk /optee_os/core/crypto/crypto.c /optee_os/core/crypto/signed_hdr.c /optee_os/core/drivers/atmel_shdwc.c /optee_os/core/drivers/atmel_tcb.c /optee_os/core/drivers/atmel_wdt.c /optee_os/core/drivers/clk/clk-stm32mp25.c /optee_os/core/drivers/clk/clk.c /optee_os/core/drivers/clk/sam/at91_clk.h /optee_os/core/drivers/clk/sam/at91_cpu_opp.c /optee_os/core/drivers/clk/sam/at91_pmc.h /optee_os/core/drivers/clk/sam/sub.mk /optee_os/core/drivers/clk/sub.mk /optee_os/core/drivers/crypto/caam/acipher/caam_rsa.c /optee_os/core/drivers/crypto/crypto_api/acipher/rsa.c /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_acipher.h /optee_os/core/drivers/crypto/hisilicon/crypto.mk /optee_os/core/drivers/crypto/hisilicon/hisi_qm.h /optee_os/core/drivers/crypto/hisilicon/hpre_dh.c /optee_os/core/drivers/crypto/hisilicon/hpre_dh.h /optee_os/core/drivers/crypto/hisilicon/hpre_ecc.c /optee_os/core/drivers/crypto/hisilicon/hpre_ecc.h /optee_os/core/drivers/crypto/hisilicon/hpre_main.c /optee_os/core/drivers/crypto/hisilicon/hpre_main.h /optee_os/core/drivers/crypto/hisilicon/sec_authenc.c /optee_os/core/drivers/crypto/hisilicon/sec_authenc.h /optee_os/core/drivers/crypto/hisilicon/sec_cipher.c /optee_os/core/drivers/crypto/hisilicon/sec_cipher.h /optee_os/core/drivers/crypto/hisilicon/sec_hash.c /optee_os/core/drivers/crypto/hisilicon/sec_hash.h /optee_os/core/drivers/crypto/hisilicon/sec_hmac.c /optee_os/core/drivers/crypto/hisilicon/sec_main.c /optee_os/core/drivers/crypto/hisilicon/sec_main.h /optee_os/core/drivers/crypto/hisilicon/sub.mk /optee_os/core/drivers/crypto/se050/adaptors/include/se050.h /optee_os/core/drivers/crypto/se050/adaptors/utils/scp_config.c /optee_os/core/drivers/crypto/se050/core/rsa.c /optee_os/core/drivers/crypto/stm32/cipher.c /optee_os/core/drivers/crypto/stm32/stm32_cryp.c /optee_os/core/drivers/crypto/stm32/stm32_saes.c /optee_os/core/drivers/crypto/versal/rsa.c /optee_os/core/drivers/ffa_console.c /optee_os/core/drivers/firewall/firewall.c /optee_os/core/drivers/firewall/stm32_rifsc.c /optee_os/core/drivers/firewall/sub.mk /optee_os/core/drivers/hisi_trng.c /optee_os/core/drivers/i2c/atmel_i2c.c /optee_os/core/drivers/imx/mu/sub.mk /optee_os/core/drivers/imx_ele.c /optee_os/core/drivers/nvmem/atmel_sfc.c /optee_os/core/drivers/nvmem/nvmem_die_id.c /optee_os/core/drivers/nvmem/nvmem_huk.c /optee_os/core/drivers/pm/sam/at91_pm.c /optee_os/core/drivers/pm/sam/at91_pm.h /optee_os/core/drivers/pm/sam/pm-defines.c /optee_os/core/drivers/pm/sam/pm_suspend.S /optee_os/core/drivers/regulator/regulator.c /optee_os/core/drivers/riscv_zkr_rng.c /optee_os/core/drivers/rstctrl/stm32_rstctrl.c /optee_os/core/drivers/rstctrl/stm32_rstctrl.h /optee_os/core/drivers/rstctrl/stm32mp1_rstctrl.c /optee_os/core/drivers/rstctrl/stm32mp25_rstctrl.c /optee_os/core/drivers/rstctrl/sub.mk /optee_os/core/drivers/stm32_fmc.c /optee_os/core/drivers/stm32_hpdma.c /optee_os/core/drivers/stm32_hsem.c /optee_os/core/drivers/stm32_i2c.c /optee_os/core/drivers/stm32_ipcc.c /optee_os/core/drivers/stm32_rng.c /optee_os/core/drivers/sub.mk /optee_os/core/include/crypto/crypto.h /optee_os/core/include/crypto/crypto_impl.h /optee_os/core/include/drivers/atmel_shdwc.h /optee_os/core/include/drivers/clk.h /optee_os/core/include/drivers/ffa_console.h /optee_os/core/include/drivers/firewall.h /optee_os/core/include/drivers/firewall_device.h /optee_os/core/include/drivers/imx_mu.h /optee_os/core/include/drivers/pm/sam/atmel_pm.h /optee_os/core/include/drivers/regulator.h /optee_os/core/include/drivers/sam/sama7-ddr.h /optee_os/core/include/drivers/stm32_i2c.h /optee_os/core/include/drivers/stm32_rif.h /optee_os/core/include/drivers/stm32mp25_rcc.h /optee_os/core/include/drivers/stm32mp2_rcc_util.h /optee_os/core/include/drivers/stm32mp_dt_bindings.h /optee_os/core/include/drivers/stpmic1_regulator.h /optee_os/core/include/dt-bindings/clock/at91.h /optee_os/core/include/dt-bindings/clock/st,stm32mp25-rcc.h /optee_os/core/include/dt-bindings/clock/stm32mp25-clksrc.h /optee_os/core/include/dt-bindings/firewall/stm32mp25-rif.h /optee_os/core/include/dt-bindings/firewall/stm32mp25-rifsc.h /optee_os/core/include/dt-bindings/mfd/st,stpmic1.h /optee_os/core/include/dt-bindings/reset/st,stm32mp25-rcc.h /optee_os/core/include/kernel/boot.h /optee_os/core/include/kernel/dt.h /optee_os/core/include/kernel/dt_driver.h /optee_os/core/include/kernel/interrupt.h /optee_os/core/include/kernel/mutex.h /optee_os/core/include/kernel/mutex_pm_aware.h /optee_os/core/include/kernel/notif.h /optee_os/core/include/kernel/pm.h /optee_os/core/include/kernel/pseudo_ta.h /optee_os/core/include/kernel/spinlock.h /optee_os/core/include/kernel/tee_ta_manager.h /optee_os/core/include/kernel/transfer_list.h /optee_os/core/include/kernel/user_mode_ctx_struct.h /optee_os/core/include/kernel/user_ta.h /optee_os/core/include/kernel/virtualization.h /optee_os/core/include/kernel/wait_queue.h /optee_os/core/include/mm/core_mmu.h /optee_os/core/include/mm/mobj.h /optee_os/core/include/mm/pgt_cache.h /optee_os/core/include/mm/tee_mm.h /optee_os/core/include/mm/tee_mmu_types.h /optee_os/core/include/optee_rpc_cmd.h /optee_os/core/kernel/boot.c /optee_os/core/kernel/callout.c /optee_os/core/kernel/console.c /optee_os/core/kernel/dt.c /optee_os/core/kernel/dt_driver.c /optee_os/core/kernel/mutex.c /optee_os/core/kernel/notif.c /optee_os/core/kernel/notif_default.c /optee_os/core/kernel/panic.c /optee_os/core/kernel/pseudo_ta.c /optee_os/core/kernel/sub.mk /optee_os/core/kernel/tee_ta_manager.c /optee_os/core/kernel/tee_time.c /optee_os/core/kernel/tee_time_ree.c /optee_os/core/kernel/thread.c /optee_os/core/kernel/ubsan.c /optee_os/core/kernel/user_access.c /optee_os/core/kernel/user_ta.c /optee_os/core/kernel/wait_queue.c /optee_os/core/lib/libtomcrypt/aes.c /optee_os/core/lib/libtomcrypt/aes_accel.c /optee_os/core/lib/libtomcrypt/rsa.c /optee_os/core/lib/libtomcrypt/src/ciphers/aes/aes.c /optee_os/core/lib/libtomcrypt/src/ciphers/aes/aes_desc.c /optee_os/core/lib/libtomcrypt/src/ciphers/aes/aesni.c /optee_os/core/lib/libtomcrypt/src/encauth/ccm/ccm_memory.c /optee_os/core/lib/libtomcrypt/src/encauth/ccm/ccm_test.c /optee_os/core/lib/libtomcrypt/src/encauth/gcm/gcm_memory.c /optee_os/core/lib/libtomcrypt/src/hashes/tiger.c /optee_os/core/lib/libtomcrypt/src/headers/tomcrypt.h /optee_os/core/lib/libtomcrypt/src/headers/tomcrypt_cfg.h /optee_os/core/lib/libtomcrypt/src/headers/tomcrypt_cipher.h /optee_os/core/lib/libtomcrypt/src/headers/tomcrypt_custom.h /optee_os/core/lib/libtomcrypt/src/headers/tomcrypt_hash.h /optee_os/core/lib/libtomcrypt/src/headers/tomcrypt_mac.h /optee_os/core/lib/libtomcrypt/src/headers/tomcrypt_macros.h /optee_os/core/lib/libtomcrypt/src/headers/tomcrypt_pk.h /optee_os/core/lib/libtomcrypt/src/headers/tomcrypt_pkcs.h /optee_os/core/lib/libtomcrypt/src/headers/tomcrypt_private.h /optee_os/core/lib/libtomcrypt/src/math/fp/ltc_ecc_fp_mulmod.c /optee_os/core/lib/libtomcrypt/src/misc/crypt/crypt.c /optee_os/core/lib/libtomcrypt/src/misc/crypt/crypt_register_all_ciphers.c /optee_os/core/lib/libtomcrypt/src/misc/crypt/crypt_register_all_hashes.c /optee_os/core/lib/libtomcrypt/src/misc/pkcs5/pkcs_5_test.c /optee_os/core/lib/libtomcrypt/src/misc/ssh/ssh_encode_sequence_multi.c /optee_os/core/lib/libtomcrypt/src/pk/asn1/der/choice/der_decode_choice.c /optee_os/core/lib/libtomcrypt/src/pk/asn1/der/custom_type/der_encode_custom_type.c /optee_os/core/lib/libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence_flexi.c /optee_os/core/lib/libtomcrypt/src/pk/asn1/der/sequence/der_decode_sequence_multi.c /optee_os/core/lib/libtomcrypt/src/pk/asn1/der/sequence/der_encode_sequence_ex.c /optee_os/core/lib/libtomcrypt/src/pk/asn1/der/sequence/der_encode_sequence_multi.c /optee_os/core/lib/libtomcrypt/src/pk/asn1/der/utf8/der_decode_utf8_string.c /optee_os/core/lib/libtomcrypt/src/pk/dsa/dsa_import.c /optee_os/core/lib/libtomcrypt/src/pk/ec25519/tweetnacl.c /optee_os/core/lib/libtomcrypt/src/pk/ecc/ecc_get_key.c /optee_os/core/lib/libtomcrypt/src/pk/ecc/ecc_import_pkcs8.c /optee_os/core/lib/libtomcrypt/src/pk/pkcs1/pkcs_1_oaep_decode.c /optee_os/core/lib/libtomcrypt/src/pk/pkcs1/pkcs_1_oaep_encode.c /optee_os/core/lib/libtomcrypt/src/pk/pkcs1/pkcs_1_v1_5_encode.c /optee_os/core/lib/libtomcrypt/src/pk/rsa/rsa_decrypt_key.c /optee_os/core/lib/libtomcrypt/src/pk/rsa/rsa_encrypt_key.c /optee_os/core/lib/libtomcrypt/src/pk/rsa/rsa_verify_hash.c /optee_os/core/lib/libtomcrypt/src/prngs/fortuna.c /optee_os/core/lib/libtomcrypt/src/prngs/rng_get_bytes.c /optee_os/core/lib/libtomcrypt/sub.mk /optee_os/core/lib/scmi-server/conf-optee-stm32mp1.mk /optee_os/core/lib/scmi-server/conf.mk /optee_os/core/lib/scmi-server/sub.mk /optee_os/core/lib/zlib/sub.mk /optee_os/core/mm/core_mmu.c /optee_os/core/mm/mobj.c /optee_os/core/mm/mobj_dyn_shm.c /optee_os/core/mm/pgt_cache.c /optee_os/core/mm/sub.mk /optee_os/core/mm/tee_mm.c /optee_os/core/tee/tee_ree_fs.c /optee_os/core/tee/tee_svc_cryp.c /optee_os/core/tests/notif_test_wd.c /optee_os/ldelf/ta_elf.c /optee_os/lib/libmbedtls/core/hash.c /optee_os/lib/libmbedtls/core/rsa.c /optee_os/lib/libmbedtls/include/mbedtls_config_kernel.h /optee_os/lib/libmbedtls/include/mbedtls_config_uta.h /optee_os/lib/libmbedtls/mbedtls/.uncrustify.cfg /optee_os/lib/libmbedtls/mbedtls/BUGS.md /optee_os/lib/libmbedtls/mbedtls/CONTRIBUTING.md /optee_os/lib/libmbedtls/mbedtls/ChangeLog /optee_os/lib/libmbedtls/mbedtls/LICENSE /optee_os/lib/libmbedtls/mbedtls/README.md /optee_os/lib/libmbedtls/mbedtls/SECURITY.md /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/aes.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/aria.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/asn1.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/asn1write.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/base64.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/bignum.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/block_cipher.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/build_info.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/camellia.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ccm.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/chacha20.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/chachapoly.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/check_config.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cipher.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cmac.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/compat-2.x.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/config_adjust_legacy_crypto.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/config_adjust_legacy_from_psa.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/config_adjust_psa_from_legacy.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/config_adjust_psa_superset_legacy.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/config_adjust_ssl.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/config_adjust_x509.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/config_psa.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/constant_time.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ctr_drbg.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/debug.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/des.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/dhm.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecdh.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecdsa.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecjpake.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecp.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/entropy.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/error.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/gcm.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/hkdf.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/hmac_drbg.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/lms.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md5.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/memory_buffer_alloc.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/net_sockets.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/nist_kw.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/oid.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pem.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pk.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pkcs12.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pkcs5.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pkcs7.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/platform.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/platform_time.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/platform_util.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/poly1305.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/private_access.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/psa_util.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ripemd160.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/rsa.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha1.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha256.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha3.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha512.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_cache.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_ciphersuites.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_cookie.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_ticket.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/threading.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/timing.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/version.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_crl.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_crt.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_csr.h /optee_os/lib/libmbedtls/mbedtls/include/psa/build_info.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_adjust_auto_enabled.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_adjust_config_key_pair_types.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_adjust_config_synonyms.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_builtin_composites.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_builtin_key_derivation.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_builtin_primitives.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_compat.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_config.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_driver_common.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_driver_contexts_composites.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_driver_contexts_key_derivation.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_driver_contexts_primitives.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_extra.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_legacy.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_platform.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_se_driver.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_sizes.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_struct.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_types.h /optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_values.h /optee_os/lib/libmbedtls/mbedtls/library/aes.c /optee_os/lib/libmbedtls/mbedtls/library/aesce.c /optee_os/lib/libmbedtls/mbedtls/library/aesce.h /optee_os/lib/libmbedtls/mbedtls/library/aesni.c /optee_os/lib/libmbedtls/mbedtls/library/aesni.h /optee_os/lib/libmbedtls/mbedtls/library/alignment.h /optee_os/lib/libmbedtls/mbedtls/library/aria.c /optee_os/lib/libmbedtls/mbedtls/library/asn1parse.c /optee_os/lib/libmbedtls/mbedtls/library/asn1write.c /optee_os/lib/libmbedtls/mbedtls/library/base64.c /optee_os/lib/libmbedtls/mbedtls/library/base64_internal.h /optee_os/lib/libmbedtls/mbedtls/library/bignum.c /optee_os/lib/libmbedtls/mbedtls/library/bignum_core.c /optee_os/lib/libmbedtls/mbedtls/library/bignum_core.h /optee_os/lib/libmbedtls/mbedtls/library/bignum_mod.c /optee_os/lib/libmbedtls/mbedtls/library/bignum_mod.h /optee_os/lib/libmbedtls/mbedtls/library/bignum_mod_raw.c /optee_os/lib/libmbedtls/mbedtls/library/bignum_mod_raw.h /optee_os/lib/libmbedtls/mbedtls/library/bignum_mod_raw_invasive.h /optee_os/lib/libmbedtls/mbedtls/library/block_cipher.c /optee_os/lib/libmbedtls/mbedtls/library/block_cipher_internal.h /optee_os/lib/libmbedtls/mbedtls/library/bn_mul.h /optee_os/lib/libmbedtls/mbedtls/library/camellia.c /optee_os/lib/libmbedtls/mbedtls/library/ccm.c /optee_os/lib/libmbedtls/mbedtls/library/chacha20.c /optee_os/lib/libmbedtls/mbedtls/library/chachapoly.c /optee_os/lib/libmbedtls/mbedtls/library/check_crypto_config.h /optee_os/lib/libmbedtls/mbedtls/library/cipher.c /optee_os/lib/libmbedtls/mbedtls/library/cipher_wrap.c /optee_os/lib/libmbedtls/mbedtls/library/cipher_wrap.h /optee_os/lib/libmbedtls/mbedtls/library/cmac.c /optee_os/lib/libmbedtls/mbedtls/library/common.h /optee_os/lib/libmbedtls/mbedtls/library/constant_time.c /optee_os/lib/libmbedtls/mbedtls/library/constant_time_impl.h /optee_os/lib/libmbedtls/mbedtls/library/constant_time_internal.h /optee_os/lib/libmbedtls/mbedtls/library/ctr.h /optee_os/lib/libmbedtls/mbedtls/library/ctr_drbg.c /optee_os/lib/libmbedtls/mbedtls/library/debug.c /optee_os/lib/libmbedtls/mbedtls/library/debug_internal.h /optee_os/lib/libmbedtls/mbedtls/library/des.c /optee_os/lib/libmbedtls/mbedtls/library/dhm.c /optee_os/lib/libmbedtls/mbedtls/library/ecdh.c /optee_os/lib/libmbedtls/mbedtls/library/ecdsa.c /optee_os/lib/libmbedtls/mbedtls/library/ecjpake.c /optee_os/lib/libmbedtls/mbedtls/library/ecp.c /optee_os/lib/libmbedtls/mbedtls/library/ecp_curves.c /optee_os/lib/libmbedtls/mbedtls/library/ecp_curves_new.c /optee_os/lib/libmbedtls/mbedtls/library/ecp_internal_alt.h /optee_os/lib/libmbedtls/mbedtls/library/ecp_invasive.h /optee_os/lib/libmbedtls/mbedtls/library/entropy.c /optee_os/lib/libmbedtls/mbedtls/library/entropy_poll.c /optee_os/lib/libmbedtls/mbedtls/library/entropy_poll.h /optee_os/lib/libmbedtls/mbedtls/library/error.c /optee_os/lib/libmbedtls/mbedtls/library/gcm.c /optee_os/lib/libmbedtls/mbedtls/library/hkdf.c /optee_os/lib/libmbedtls/mbedtls/library/hmac_drbg.c /optee_os/lib/libmbedtls/mbedtls/library/lmots.c /optee_os/lib/libmbedtls/mbedtls/library/lmots.h /optee_os/lib/libmbedtls/mbedtls/library/lms.c /optee_os/lib/libmbedtls/mbedtls/library/md.c /optee_os/lib/libmbedtls/mbedtls/library/md5.c /optee_os/lib/libmbedtls/mbedtls/library/md_psa.h /optee_os/lib/libmbedtls/mbedtls/library/md_wrap.h /optee_os/lib/libmbedtls/mbedtls/library/memory_buffer_alloc.c /optee_os/lib/libmbedtls/mbedtls/library/net_sockets.c /optee_os/lib/libmbedtls/mbedtls/library/nist_kw.c /optee_os/lib/libmbedtls/mbedtls/library/oid.c /optee_os/lib/libmbedtls/mbedtls/library/padlock.c /optee_os/lib/libmbedtls/mbedtls/library/padlock.h /optee_os/lib/libmbedtls/mbedtls/library/pem.c /optee_os/lib/libmbedtls/mbedtls/library/pk.c /optee_os/lib/libmbedtls/mbedtls/library/pk_ecc.c /optee_os/lib/libmbedtls/mbedtls/library/pk_internal.h /optee_os/lib/libmbedtls/mbedtls/library/pk_wrap.c /optee_os/lib/libmbedtls/mbedtls/library/pk_wrap.h /optee_os/lib/libmbedtls/mbedtls/library/pkcs12.c /optee_os/lib/libmbedtls/mbedtls/library/pkcs5.c /optee_os/lib/libmbedtls/mbedtls/library/pkcs7.c /optee_os/lib/libmbedtls/mbedtls/library/pkparse.c /optee_os/lib/libmbedtls/mbedtls/library/pkwrite.c /optee_os/lib/libmbedtls/mbedtls/library/pkwrite.h /optee_os/lib/libmbedtls/mbedtls/library/platform.c /optee_os/lib/libmbedtls/mbedtls/library/platform_util.c /optee_os/lib/libmbedtls/mbedtls/library/poly1305.c /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto.c /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_aead.c /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_aead.h /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_cipher.c /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_cipher.h /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_client.c /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_core.h /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_core_common.h /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_driver_wrappers.h /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_driver_wrappers_no_static.c /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_driver_wrappers_no_static.h /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_ecp.c /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_ecp.h /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_ffdh.c /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_ffdh.h /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_hash.c /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_hash.h /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_invasive.h /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_its.h /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_mac.c /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_mac.h /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_pake.c /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_pake.h /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_random_impl.h /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_rsa.c /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_rsa.h /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_se.c /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_se.h /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_slot_management.c /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_slot_management.h /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_storage.c /optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_storage.h /optee_os/lib/libmbedtls/mbedtls/library/psa_its_file.c /optee_os/lib/libmbedtls/mbedtls/library/psa_util.c /optee_os/lib/libmbedtls/mbedtls/library/psa_util_internal.h /optee_os/lib/libmbedtls/mbedtls/library/ripemd160.c /optee_os/lib/libmbedtls/mbedtls/library/rsa.c /optee_os/lib/libmbedtls/mbedtls/library/rsa_alt_helpers.c /optee_os/lib/libmbedtls/mbedtls/library/rsa_alt_helpers.h /optee_os/lib/libmbedtls/mbedtls/library/rsa_internal.h /optee_os/lib/libmbedtls/mbedtls/library/sha1.c /optee_os/lib/libmbedtls/mbedtls/library/sha256.c /optee_os/lib/libmbedtls/mbedtls/library/sha3.c /optee_os/lib/libmbedtls/mbedtls/library/sha512.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_cache.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_ciphersuites.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_ciphersuites_internal.h /optee_os/lib/libmbedtls/mbedtls/library/ssl_client.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_client.h /optee_os/lib/libmbedtls/mbedtls/library/ssl_cookie.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_debug_helpers.h /optee_os/lib/libmbedtls/mbedtls/library/ssl_debug_helpers_generated.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_misc.h /optee_os/lib/libmbedtls/mbedtls/library/ssl_msg.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_ticket.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls12_client.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls12_server.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls13_client.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls13_generic.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls13_invasive.h /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls13_keys.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls13_keys.h /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls13_server.c /optee_os/lib/libmbedtls/mbedtls/library/threading.c /optee_os/lib/libmbedtls/mbedtls/library/timing.c /optee_os/lib/libmbedtls/mbedtls/library/version.c /optee_os/lib/libmbedtls/mbedtls/library/version_features.c /optee_os/lib/libmbedtls/mbedtls/library/x509.c /optee_os/lib/libmbedtls/mbedtls/library/x509_create.c /optee_os/lib/libmbedtls/mbedtls/library/x509_crl.c /optee_os/lib/libmbedtls/mbedtls/library/x509_crt.c /optee_os/lib/libmbedtls/mbedtls/library/x509_csr.c /optee_os/lib/libmbedtls/mbedtls/library/x509_internal.h /optee_os/lib/libmbedtls/mbedtls/library/x509write.c /optee_os/lib/libmbedtls/mbedtls/library/x509write_crt.c /optee_os/lib/libmbedtls/mbedtls/library/x509write_csr.c /optee_os/lib/libmbedtls/sub.mk /optee_os/lib/libutee/include/user_ta_header.h /optee_os/lib/libutee/tee_api_operations.c /optee_os/lib/libutils/ext/array.c /optee_os/lib/libutils/ext/include/fault_mitigation.h /optee_os/lib/libutils/ext/include/string_ext.h /optee_os/lib/libutils/ext/include/util.h /optee_os/lib/libutils/ext/qsort_helpers.c /optee_os/lib/libutils/ext/sub.mk /optee_os/lib/libutils/isoc/arch/arm/sub.mk /optee_os/lib/libutils/isoc/sub.mk /optee_os/mk/checkconf.mk /optee_os/mk/compile.mk /optee_os/mk/config.mk /optee_os/mk/macros.mk /optee_os/scripts/ftrace_format.py /optee_os/scripts/gen_compile_commands.py src/processing_rsa.c
5d2d37cd	09-Feb-2024	Etienne Carriere <etienne.carriere@foss.st.com>	ta: pkcs11: Clarify context reference in step_symm_operation() Function step_symm_operation() defines a local variable to reference the session processing context but uses both session reference and ta: pkcs11: Clarify context reference in step_symm_operation() Function step_symm_operation() defines a local variable to reference the session processing context but uses both session reference and this local variable which can be confusing when reading the code. Change the implementation to only use the local variable for consistency. No functional changes. Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> show more ... /optee_os/.github/workflows/ci.yml /optee_os/.gitignore /optee_os/core/arch/arm/dts/at91-sama7g54_ek.dts /optee_os/core/arch/arm/dts/sama5d2.dtsi /optee_os/core/arch/arm/dts/sama7g5-pinfunc.h /optee_os/core/arch/arm/dts/sama7g5.dtsi /optee_os/core/arch/arm/include/arm.h /optee_os/core/arch/arm/include/arm64.h /optee_os/core/arch/arm/include/kernel/delay_arch.h /optee_os/core/arch/arm/include/kernel/thread_spmc.h /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/kernel/generic_timer.c /optee_os/core/arch/arm/kernel/semihosting_a64.S /optee_os/core/arch/arm/kernel/sub.mk /optee_os/core/arch/arm/kernel/tee_time_arm_cntpct.c /optee_os/core/arch/arm/kernel/thread_spmc.c /optee_os/core/arch/arm/kernel/timer_a64.c /optee_os/core/arch/arm/kernel/virtualization.c /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/mm/mobj_ffa.c /optee_os/core/arch/arm/plat-amlogic/main.c /optee_os/core/arch/arm/plat-aspeed/platform_ast2600.c /optee_os/core/arch/arm/plat-aspeed/platform_ast2700.c /optee_os/core/arch/arm/plat-bcm/main.c /optee_os/core/arch/arm/plat-corstone1000/main.c /optee_os/core/arch/arm/plat-d02/main.c /optee_os/core/arch/arm/plat-d06/main.c /optee_os/core/arch/arm/plat-hikey/main.c /optee_os/core/arch/arm/plat-hisilicon/main.c /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-imx/main.c /optee_os/core/arch/arm/plat-k3/main.c /optee_os/core/arch/arm/plat-ls/main.c /optee_os/core/arch/arm/plat-marvell/main.c /optee_os/core/arch/arm/plat-mediatek/conf.mk /optee_os/core/arch/arm/plat-mediatek/main.c /optee_os/core/arch/arm/plat-mediatek/platform_config.h /optee_os/core/arch/arm/plat-nuvoton/main.c /optee_os/core/arch/arm/plat-poplar/main.c /optee_os/core/arch/arm/plat-rcar/main.c /optee_os/core/arch/arm/plat-rockchip/main.c /optee_os/core/arch/arm/plat-rpi3/main.c /optee_os/core/arch/arm/plat-rzg/main.c /optee_os/core/arch/arm/plat-rzn1/main.c /optee_os/core/arch/arm/plat-sam/conf.mk /optee_os/core/arch/arm/plat-sam/freq.c /optee_os/core/arch/arm/plat-sam/main.c /optee_os/core/arch/arm/plat-sam/scmi_server.c /optee_os/core/arch/arm/plat-sprd/console.c /optee_os/core/arch/arm/plat-stm/main.c /optee_os/core/arch/arm/plat-stm32mp1/main.c /optee_os/core/arch/arm/plat-stm32mp2/main.c /optee_os/core/arch/arm/plat-stm32mp2/stm32mp_pm.c /optee_os/core/arch/arm/plat-stm32mp2/stm32mp_pm.h /optee_os/core/arch/arm/plat-stm32mp2/sub.mk /optee_os/core/arch/arm/plat-sunxi/main.c /optee_os/core/arch/arm/plat-synquacer/main.c /optee_os/core/arch/arm/plat-synquacer/rng_pta.c /optee_os/core/arch/arm/plat-ti/main.c /optee_os/core/arch/arm/plat-totalcompute/main.c /optee_os/core/arch/arm/plat-uniphier/main.c /optee_os/core/arch/arm/plat-versal/main.c /optee_os/core/arch/arm/plat-vexpress/main.c /optee_os/core/arch/arm/plat-vexpress/platform_config.h /optee_os/core/arch/arm/plat-zynq7k/main.c /optee_os/core/arch/arm/plat-zynqmp/main.c /optee_os/core/arch/riscv/include/kernel/delay_arch.h /optee_os/core/arch/riscv/include/sbi.h /optee_os/core/arch/riscv/kernel/boot.c /optee_os/core/arch/riscv/kernel/sbi.c /optee_os/core/arch/riscv/kernel/sbi_console.c /optee_os/core/arch/riscv/kernel/semihosting_rv.S /optee_os/core/arch/riscv/kernel/sub.mk /optee_os/core/arch/riscv/mm/core_mmu_arch.c /optee_os/core/arch/riscv/plat-spike/main.c /optee_os/core/arch/riscv/plat-virt/main.c /optee_os/core/arch/riscv/riscv.mk /optee_os/core/drivers/clk/clk-stm32mp13.c /optee_os/core/drivers/clk/clk.c /optee_os/core/drivers/clk/sam/at91_clk.h /optee_os/core/drivers/clk/sam/at91_generated.c /optee_os/core/drivers/clk/sam/at91_master.c /optee_os/core/drivers/clk/sam/at91_pmc.c /optee_os/core/drivers/clk/sam/clk-sam9x60-pll.c /optee_os/core/drivers/clk/sam/sama5d2_clk.c /optee_os/core/drivers/clk/sam/sama7g5_clk.c /optee_os/core/drivers/gic.c /optee_os/core/drivers/nvmem/nvmem_die_id.c /optee_os/core/drivers/nvmem/nvmem_huk.c /optee_os/core/drivers/nvmem/sub.mk /optee_os/core/drivers/regulator/regulator.c /optee_os/core/drivers/semihosting_console.c /optee_os/core/drivers/sub.mk /optee_os/core/include/console.h /optee_os/core/include/drivers/clk.h /optee_os/core/include/drivers/clk_dt.h /optee_os/core/include/drivers/regulator.h /optee_os/core/include/drivers/semihosting_console.h /optee_os/core/include/dt-bindings/clock/at91.h /optee_os/core/include/kernel/callout.h /optee_os/core/include/kernel/delay.h /optee_os/core/include/kernel/pm.h /optee_os/core/include/kernel/semihosting.h /optee_os/core/include/kernel/spinlock.h /optee_os/core/include/kernel/timer.h /optee_os/core/include/kernel/virtualization.h /optee_os/core/kernel/callout.c /optee_os/core/kernel/console.c /optee_os/core/kernel/delay.c /optee_os/core/kernel/notif.c /optee_os/core/kernel/notif_default.c /optee_os/core/kernel/panic.c /optee_os/core/kernel/semihosting.c /optee_os/core/kernel/sub.mk /optee_os/core/tests/notif_test_wd.c /optee_os/core/tests/sub.mk /optee_os/ldelf/ta_elf_rel.c /optee_os/lib/libunw/sub.mk /optee_os/lib/libutils/isoc/include/sys/fcntl.h /optee_os/mk/config.mk /optee_os/mk/lib.mk src/processing_symm.c /optee_os/ta/remoteproc/src/remoteproc_core.c
571857c0	15-Feb-2024	Etienne Carriere <etienne.carriere@foss.st.com>	ta: pkcs11: factorize second operation handle Factorize fields tee_hash_op_handle and tee_op_handle2 of struct active_processing that both are used as second operation handle for specific algorithm. ta: pkcs11: factorize second operation handle Factorize fields tee_hash_op_handle and tee_op_handle2 of struct active_processing that both are used as second operation handle for specific algorithm. Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Reviewed-by: Marouene Boubakri <marouene.boubakri@nxp.com> Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> show more ... src/pkcs11_token.c src/pkcs11_token.h src/processing.c src/processing_asymm.c
63778faa	12-Feb-2024	Etienne Carriere <etienne.carriere@foss.st.com>	ta: pkcs11: implement AES GCM operations Implement AES GCM authenticated encryption and decryption. AES GCM decryption requires that the output data is revealed only once decryption is finalized an ta: pkcs11: implement AES GCM operations Implement AES GCM authenticated encryption and decryption. AES GCM decryption requires that the output data is revealed only once decryption is finalized and the MAC signature successfully verified. For this operation, the AES GCM context references a dynamically allocated data buffer to store output data as they are generated by each call to TEE_AEUpdate(). AES GCM one-shot operation in the pkc11 TA is a bit specific in that it requires an extra TEE operation handle to save the initialized operation state in case of one shot processing request (C_Encrypt() or C_Decrypt() cryptoki API functions) that queries the output buffer size. GP TEE Internal Core API does not define a single API function for such one shot operation that could be called to query the output buffer size. We must first fully process the input data (TEE_AEUpdate()) before we can query the output buffer size with TEE_AEEncryptFinal() or TEE_AEDecryptFinal(). Consequently we will need to process again the input data when client provides a well sized output buffer as we are not sure that input data will be the same. Therefore the implementation allocates a 2nd operation handle, copy the operation state into after it is initialized and use this context to restore this initial state in case the one shot AE operation is returning PKCS11_CKR_BUFFER_TOO_SMALL. Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Reviewed-by: Marouene Boubakri <marouene.boubakri@nxp.com> Co-developed-by: Marouene Boubakri <marouene.boubakri@nxp.com> Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com> Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> show more ... src/pkcs11_attributes.c src/pkcs11_token.h src/processing.c src/processing.h src/processing_aes.c src/processing_symm.c src/token_capabilities.c
5fee6cc9	16-Nov-2023	Marouene Boubakri <marouene.boubakri@nxp.com>	ta: pkcs11: pkcs11_ta.h: define PKCS11_CKM_AES_GCM Define PKCS11_CKM_AES_GCM setting its value to 0x01087 according to libckteec/include/pkcs11_ta.h from OP-TEE Client API. Reviewed-by: Jerome Fori ta: pkcs11: pkcs11_ta.h: define PKCS11_CKM_AES_GCM Define PKCS11_CKM_AES_GCM setting its value to 0x01087 according to libckteec/include/pkcs11_ta.h from OP-TEE Client API. Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com> Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> show more ... /optee_os/MAINTAINERS /optee_os/core/arch/arm/dts/stm32mp251.dtsi /optee_os/core/arch/arm/dts/stm32mp257f-ev1-ca35tdcid-rif.dtsi /optee_os/core/arch/arm/dts/stm32mp257f-ev1.dts /optee_os/core/arch/arm/plat-hikey/conf.mk /optee_os/core/arch/arm/plat-hikey/main.c /optee_os/core/arch/arm/plat-hikey/platform_config.h /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-stm32mp2/conf.mk /optee_os/core/crypto.mk /optee_os/core/drivers/clk/sam/at91_clk.h /optee_os/core/drivers/clk/sam/at91_pmc.h /optee_os/core/drivers/clk/sam/at91_sckc.c /optee_os/core/drivers/clk/sam/at91_utmi.c /optee_os/core/drivers/clk/sam/phy-sama7-utmi-clk.c /optee_os/core/drivers/crypto/caam/acipher/caam_dh.c /optee_os/core/drivers/crypto/caam/acipher/caam_dsa.c /optee_os/core/drivers/crypto/caam/acipher/caam_ecc.c /optee_os/core/drivers/crypto/caam/acipher/caam_prime_dsa.c /optee_os/core/drivers/crypto/caam/acipher/caam_prime_rsa.c /optee_os/core/drivers/crypto/caam/acipher/caam_rsa.c /optee_os/core/drivers/crypto/caam/caam_ctrl.c /optee_os/core/drivers/crypto/caam/caam_key.c /optee_os/core/drivers/crypto/caam/caam_rng.c /optee_os/core/drivers/crypto/caam/crypto.mk /optee_os/core/drivers/crypto/caam/hash/caam_hash_mac.c /optee_os/core/drivers/crypto/caam/include/caam_desc_defines.h /optee_os/core/drivers/crypto/caam/include/caam_desc_helper.h /optee_os/core/drivers/crypto/caam/include/caam_key.h /optee_os/core/drivers/crypto/caam/include/caam_trace.h /optee_os/core/drivers/crypto/caam/include/caam_utils_status.h /optee_os/core/drivers/crypto/caam/sub.mk /optee_os/core/drivers/crypto/hisilicon/hisi_qm.c /optee_os/core/drivers/crypto/stm32/authenc.c /optee_os/core/drivers/crypto/stm32/cipher.c /optee_os/core/drivers/crypto/stm32/stm32_saes.c /optee_os/core/drivers/firewall/stm32_rif.c /optee_os/core/drivers/firewall/stm32_rifsc.c /optee_os/core/drivers/firewall/sub.mk /optee_os/core/drivers/sub.mk /optee_os/core/include/drivers/stm32_rif.h /optee_os/core/include/drivers/stm32mp_dt_bindings.h /optee_os/core/include/dt-bindings/firewall/stm32mp25-rif.h /optee_os/core/include/dt-bindings/firewall/stm32mp25-rifsc.h /optee_os/core/include/initcall.h /optee_os/core/include/io.h /optee_os/core/include/mm/core_memprot.h /optee_os/core/kernel/notif.c /optee_os/core/kernel/panic.c /optee_os/core/kernel/tee_time.c /optee_os/core/mm/core_mmu.c /optee_os/lib/libutils/ext/include/speculation_barrier.h /optee_os/mk/config.mk include/pkcs11_ta.h
897aaf11	15-Feb-2024	Etienne Carriere <etienne.carriere@foss.st.com>	ta: pkcs11: fix build warning on unused arguments Add missing __maybe_unused attribute for function arguments not used when the pkcs11 TA is built with NDEBUG directive, as shown by the following bu ta: pkcs11: fix build warning on unused arguments Add missing __maybe_unused attribute for function arguments not used when the pkcs11 TA is built with NDEBUG directive, as shown by the following build trace message: ta/pkcs11/src/pkcs11_attributes.c: In function ‘get_default_value’: ta/pkcs11/src/pkcs11_attributes.c:261:61: warning: unused parameter ‘id’ [-Wunused-parameter] 261 \| static enum pkcs11_rc get_default_value(enum pkcs11_attr_id id, void *value, \| ~~~~~~~~~~~~~~~~~~~~^~ ta/pkcs11/src/pkcs11_attributes.c: In function ‘check_created_attrs_against_processing’: ta/pkcs11/src/pkcs11_attributes.c:1647:73: warning: unused parameter ‘head’ [-Wunused-parameter] 1647 \| struct obj_attrs head) \| ~~~~~~~~~~~~~~~~~~^~~~ Fixes: 63f89caa9022 ("ta: pkcs11: attribute helper functions") Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> show more ... /optee_os/.github/workflows/ci.yml /optee_os/core/arch/arm/crypto/ghash-ce-core_a64.S /optee_os/core/arch/arm/dts/fsl-lx2160a.dtsi /optee_os/core/arch/arm/include/arm64.h /optee_os/core/arch/arm/include/optee_ffa.h /optee_os/core/arch/arm/kernel/secure_partition.c /optee_os/core/arch/arm/kernel/spmc_sp_handler.c /optee_os/core/arch/arm/kernel/thread_optee_smc.c /optee_os/core/arch/arm/kernel/thread_spmc.c /optee_os/core/arch/arm/kernel/thread_spmc_a64.S /optee_os/core/arch/arm/kernel/timer_a64.c /optee_os/core/arch/arm/kernel/virtualization.c /optee_os/core/arch/arm/plat-k3/drivers/sec_proxy.c /optee_os/core/arch/arm/plat-ls/conf.mk /optee_os/core/arch/arm/plat-rcar/conf.mk /optee_os/core/arch/arm/plat-sam/sam_sfr.c /optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c /optee_os/core/arch/arm/plat-stm32mp2/conf.mk /optee_os/core/arch/arm/plat-vexpress/main.c /optee_os/core/arch/riscv/kernel/kern.ld.S /optee_os/core/crypto/aes-gcm.c /optee_os/core/drivers/atmel_piobu.c /optee_os/core/drivers/atmel_rstc.c /optee_os/core/drivers/atmel_rtc.c /optee_os/core/drivers/atmel_shdwc.c /optee_os/core/drivers/atmel_tcb.c /optee_os/core/drivers/atmel_trng.c /optee_os/core/drivers/atmel_wdt.c /optee_os/core/drivers/clk/clk-stm32mp13.c /optee_os/core/drivers/crypto/caam/acipher/caam_ecc.c /optee_os/core/drivers/crypto/caam/crypto.mk /optee_os/core/drivers/crypto/caam/hal/common/hal_rng.c /optee_os/core/drivers/crypto/caam/hal/imx_8q/hal_rng.c /optee_os/core/drivers/crypto/hisilicon/hisi_qm.c /optee_os/core/drivers/crypto/se050/crypto.mk /optee_os/core/drivers/crypto/stm32/stm32_saes.c /optee_os/core/drivers/hfic.c /optee_os/core/drivers/nvmem/atmel_sfc.c /optee_os/core/drivers/pinctrl/atmel_pio.c /optee_os/core/drivers/pl011.c /optee_os/core/drivers/regulator/regulator_gpio.c /optee_os/core/drivers/stm32_rng.c /optee_os/core/drivers/sub.mk /optee_os/core/drivers/widevine_huk.c /optee_os/core/include/crypto/crypto_impl.h /optee_os/core/include/drivers/atmel_rstc.h /optee_os/core/include/drivers/serial.h /optee_os/core/include/drivers/stm32mp1_rcc.h /optee_os/core/include/kernel/dt.h /optee_os/core/include/kernel/huk_subkey.h /optee_os/core/include/kernel/msg_param.h /optee_os/core/lib/libtomcrypt/gcm.c /optee_os/core/pta/sub.mk /optee_os/core/pta/widevine.c /optee_os/core/tee/entry_std.c /optee_os/core/tee/fs_dirfile.c /optee_os/core/tee/tadb.c /optee_os/ldelf/ta_elf_rel.c /optee_os/lib/libutee/include/pta_widevine.h /optee_os/mk/config.mk src/pkcs11_attributes.c
a2431e9f	05-Jan-2024	Clement Faure <clement.faure@nxp.com>	ta: pkcs11: check returned value of mbedtls_pk_rsa() Check returned pointer of mbedtls_pk_rsa() as it can return NULL. Signed-off-by: Clement Faure <clement.faure@nxp.com> Reviewed-by: Jerome Foris ta: pkcs11: check returned value of mbedtls_pk_rsa() Check returned pointer of mbedtls_pk_rsa() as it can return NULL. Signed-off-by: Clement Faure <clement.faure@nxp.com> Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com> show more ... /optee_os/core/arch/arm/tee/entry_fast.c /optee_os/core/kernel/dt.c /optee_os/core/kernel/dt_driver.c /optee_os/core/mm/core_mmu.c /optee_os/core/tee/tee_svc_cryp.c /optee_os/ldelf/ta_elf.c src/pkcs11_attributes.c
4bc2a199	10-Jan-2024	Clement Faure <clement.faure@nxp.com>	ta: remove unnecessary includes Remove unnecessary includes. Signed-off-by: Clement Faure <clement.faure@nxp.com> Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Acked-by: Jens Wiklander < ta: remove unnecessary includes Remove unnecessary includes. Signed-off-by: Clement Faure <clement.faure@nxp.com> Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Acked-by: Etienne Carriere <etienne.carriere@foss.st.com> show more ... /optee_os/.github/workflows/ci.yml /optee_os/CHANGELOG.md /optee_os/core/arch/arm/dts/sama5d2.dtsi /optee_os/core/arch/arm/kernel/abort.c /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/kernel/link_dummies_paged.c /optee_os/core/arch/arm/kernel/secure_partition.c /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/kernel/thread_optee_smc.c /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/mm/mobj_dyn_shm.c /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-k3/drivers/sa2ul_rng.c /optee_os/core/arch/arm/plat-rcar/conf.mk /optee_os/core/arch/arm/plat-rcar/romapi.c /optee_os/core/arch/arm/plat-sam/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-vexpress/conf.mk /optee_os/core/arch/arm/plat-vexpress/main.c /optee_os/core/arch/arm/plat-vexpress/platform_config.h /optee_os/core/arch/arm/tee/entry_fast.c /optee_os/core/arch/riscv/include/kernel/thread_private_arch.h /optee_os/core/arch/riscv/kernel/entry.S /optee_os/core/arch/riscv/kernel/thread_optee_abi_rv.S /optee_os/core/arch/riscv/mm/core_mmu_arch.c /optee_os/core/crypto/aes-gcm-ghash-tbl.c /optee_os/core/crypto/crypto.c /optee_os/core/crypto/sm3-hmac.c /optee_os/core/drivers/clk/clk.c /optee_os/core/drivers/clk/clk_dt.c /optee_os/core/drivers/gpio/gpio.c /optee_os/core/drivers/nvmem/atmel_sfc.c /optee_os/core/drivers/nvmem/nvmem.c /optee_os/core/drivers/nvmem/sub.mk /optee_os/core/drivers/scmi-msg/smt.c /optee_os/core/drivers/stm32_i2c.c /optee_os/core/drivers/stm32_uart.c /optee_os/core/drivers/sub.mk /optee_os/core/include/drivers/i2c.h /optee_os/core/include/drivers/nvmem.h /optee_os/core/include/kernel/dt_driver.h /optee_os/core/kernel/console.c /optee_os/core/kernel/dt.c /optee_os/core/kernel/dt_driver.c /optee_os/core/kernel/ree_fs_ta.c /optee_os/core/kernel/scall.c /optee_os/core/kernel/tee_misc.c /optee_os/core/kernel/tee_ta_manager.c /optee_os/core/kernel/tee_time.c /optee_os/core/kernel/user_ta.c /optee_os/core/kernel/wait_queue.c /optee_os/core/mm/mobj.c /optee_os/core/mm/vm.c /optee_os/core/pta/device.c /optee_os/core/pta/scmi.c /optee_os/core/pta/stats.c /optee_os/core/pta/system.c /optee_os/core/pta/tests/aes_perf.c /optee_os/core/pta/tests/dt_driver_test.c /optee_os/core/tee/tadb.c /optee_os/core/tee/tee_cryp_utl.c /optee_os/core/tee/tee_fs_key_manager.c /optee_os/core/tee/tee_fs_rpc.c /optee_os/core/tee/tee_obj.c /optee_os/core/tee/tee_pobj.c /optee_os/core/tee/tee_ree_fs.c /optee_os/core/tee/tee_svc_storage.c /optee_os/core/tee/tee_time_generic.c /optee_os/ldelf/ta_elf.c /optee_os/lib/libutee/include/elf_common.h /optee_os/mk/config.mk /optee_os/ta/avb/entry.c src/attributes.c src/handle.c src/pkcs11_attributes.c src/sanitize_object.c
6959626e	15-Dec-2023	Etienne Carriere <etienne.carriere@foss.st.com>	ta: pkcs11: preserve object when set attribute fails Preserve original object attributes when C_SetAttributeValue service fails instead of possibly changing object attributes before the whole new at ta: pkcs11: preserve object when set attribute fails Preserve original object attributes when C_SetAttributeValue service fails instead of possibly changing object attributes before the whole new attribute set is validated. Fixes: bcac2127a7f1 ("ta: pkcs11: pkcs11_attributes.c: support PKCS11_CKA_CHECK_VALUE") Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Reviewed-by: Marouene Boubakri <marouene.boubakri@nxp.com> Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> show more ... src/object.c
2ea9746d	15-Dec-2023	Etienne Carriere <etienne.carriere@foss.st.com>	ta: pkcs11: treat bad KCV size as a bad value case Return PKCS11_CKR_ATTRIBUTE_VALUE_INVALID instead of a template inconsistency when the key check value attribute is wrong due to its size. Fixes: ta: pkcs11: treat bad KCV size as a bad value case Return PKCS11_CKR_ATTRIBUTE_VALUE_INVALID instead of a template inconsistency when the key check value attribute is wrong due to its size. Fixes: bcac2127a7f1 ("ta: pkcs11: pkcs11_attributes.c: support PKCS11_CKA_CHECK_VALUE") Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Reviewed-by: Marouene Boubakri <marouene.boubakri@nxp.com> Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> show more ... /optee_os/core/arch/arm/kernel/spmc_sp_handler.c /optee_os/core/crypto/cbc-mac.c /optee_os/core/crypto/sm3.c /optee_os/core/drivers/crypto/caam/acipher/caam_dsa.c /optee_os/core/drivers/crypto/caam/acipher/caam_ecc.c /optee_os/core/drivers/crypto/caam/crypto.mk /optee_os/core/drivers/crypto/caam/include/caam_desc_defines.h /optee_os/core/drivers/crypto/caam/include/caam_desc_helper.h /optee_os/core/drivers/crypto/hisilicon/hisi_qm.c /optee_os/core/drivers/crypto/hisilicon/include/hisi_qm.h /optee_os/core/drivers/gpio/gpio.c /optee_os/core/drivers/stm32_rng.c /optee_os/core/kernel/user_access.c /optee_os/core/pta/stats.c src/pkcs11_attributes.c
69de4b2d	08-Jan-2024	Etienne Carriere <etienne.carriere@foss.st.com>	ta: pkcs11: default enable key check value support Default enable support for key check value attribute in pkcs11 TA. Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Etienne ta: pkcs11: default enable key check value support Default enable support for key check value attribute in pkcs11 TA. Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> show more ... sub.mk
3bc92b91	08-Jan-2024	Etienne Carriere <etienne.carriere@foss.st.com>	ta: pkcs11: use TEE_InitRefAttribute() to compute key check value Use TEE_InitRefAttribute() helper function to set key data attribute in compute_check_value_with_ecb(). Fixes: bcac2127a7f1 ("ta: p ta: pkcs11: use TEE_InitRefAttribute() to compute key check value Use TEE_InitRefAttribute() helper function to set key data attribute in compute_check_value_with_ecb(). Fixes: bcac2127a7f1 ("ta: pkcs11: pkcs11_attributes.c: support PKCS11_CKA_CHECK_VALUE") Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> show more ... src/pkcs11_attributes.c
cfbe7874	08-Jan-2024	Etienne Carriere <etienne.carriere@foss.st.com>	ta: pkcs11: key check value may not be applicable Key check value attribute is required only for objects of types certificate and symmetric keys. Fix set_check_value_attr() to return a successful st ta: pkcs11: key check value may not be applicable Key check value attribute is required only for objects of types certificate and symmetric keys. Fix set_check_value_attr() to return a successful status instead of bad argument error code when there is no key check value attribute to compute. Fixes: bcac2127a7f1 ("ta: pkcs11: pkcs11_attributes.c: support PKCS11_CKA_CHECK_VALUE") Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> show more ... src/pkcs11_attributes.c
adfad2cd	08-Jan-2024	Etienne Carriere <etienne.carriere@foss.st.com>	ta: pkcs11: fix block size to compute AES key check value Fix AES block size in compute_check_value_with_ecb(). It is 16 bytes, not the AES key size. By the way allocate cipher block in the stack in ta: pkcs11: fix block size to compute AES key check value Fix AES block size in compute_check_value_with_ecb(). It is 16 bytes, not the AES key size. By the way allocate cipher block in the stack instead of in the heap since the block is quite small. Fixes: bcac2127a7f1 ("ta: pkcs11: pkcs11_attributes.c: support PKCS11_CKA_CHECK_VALUE") Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> show more ... /optee_os/CHANGELOG.md /optee_os/core/arch/arm/dts/stm32mp135f-dk.dts /optee_os/core/arch/arm/dts/stm32mp151.dtsi /optee_os/core/arch/arm/dts/stm32mp157a-dk1-scmi.dts /optee_os/core/arch/arm/dts/stm32mp157c-dk2-scmi.dts /optee_os/core/arch/arm/dts/stm32mp157c-ed1-scmi.dts /optee_os/core/arch/arm/dts/stm32mp157c-ed1.dts /optee_os/core/arch/arm/dts/stm32mp157c-ev1-scmi.dts /optee_os/core/arch/arm/dts/stm32mp15xx-dkx.dtsi /optee_os/core/arch/arm/include/arm64.h /optee_os/core/arch/arm/include/kernel/tz_ssvce_pl310.h /optee_os/core/arch/arm/kernel/thread_spmc_a64.S /optee_os/core/arch/arm/kernel/tz_ssvce_pl310_a32.S /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/plat-imx/imx_pl310.c /optee_os/core/arch/arm/plat-k3/drivers/sa2ul_rng.c /optee_os/core/arch/arm/plat-sam/conf.mk /optee_os/core/arch/arm/plat-sam/main.c /optee_os/core/arch/arm/plat-sam/matrix.c /optee_os/core/arch/arm/plat-sam/matrix.h /optee_os/core/arch/arm/plat-sam/platform_config.h /optee_os/core/arch/arm/plat-sam/sama7g5.h /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-stm32mp2/main.c /optee_os/core/arch/riscv/include/riscv.h /optee_os/core/arch/riscv/kernel/thread_arch.c /optee_os/core/drivers/crypto/caam/caam_rng.c /optee_os/core/drivers/crypto/caam/crypto.mk /optee_os/core/drivers/crypto/caam/hal/common/hal_rng.c /optee_os/core/drivers/crypto/caam/hal/common/registers/rng_regs.h /optee_os/core/drivers/crypto/caam/include/caam_hal_rng.h /optee_os/core/drivers/crypto/hisilicon/hisi_qm.c /optee_os/core/drivers/crypto/hisilicon/include/hisi_qm.h /optee_os/core/drivers/plic.c /optee_os/core/drivers/remoteproc/stm32_remoteproc.c /optee_os/core/drivers/remoteproc/sub.mk /optee_os/core/drivers/stm32_gpio.c /optee_os/core/drivers/stm32_iwdg.c /optee_os/core/drivers/sub.mk /optee_os/core/include/drivers/clk_dt.h /optee_os/core/include/drivers/stm32_iwdg.h /optee_os/core/include/drivers/stm32_remoteproc.h /optee_os/core/include/dt-bindings/gpio/stm32mp_gpio.h /optee_os/core/include/kernel/transfer_list.h /optee_os/core/pta/stm32mp/remoteproc_pta.c /optee_os/core/pta/stm32mp/rproc_pub_key.h /optee_os/core/pta/stm32mp/sub.mk /optee_os/core/pta/sub.mk /optee_os/lib/libutee/include/remoteproc_pta.h /optee_os/lib/libutee/include/utee_defines.h /optee_os/mk/config.mk src/pkcs11_attributes.c /optee_os/ta/remoteproc/Makefile /optee_os/ta/remoteproc/include/ta_remoteproc.h /optee_os/ta/remoteproc/src/elf_parser.c /optee_os/ta/remoteproc/src/elf_parser.h /optee_os/ta/remoteproc/src/remoteproc_core.c /optee_os/ta/remoteproc/src/sub.mk /optee_os/ta/remoteproc/src/user_ta_header_defines.h /optee_os/ta/remoteproc/sub.mk /optee_os/ta/remoteproc/user_ta.mk
bcac2127	24-Nov-2023	Marouene Boubakri <marouene.boubakri@nxp.com>	ta: pkcs11: pkcs11_attributes.c: support PKCS11_CKA_CHECK_VALUE Add PKCS11_CKA_CHECK_VALUE as an optional attribute of symmetric key and certificate objects . As per the PKCS#11 specification, key c ta: pkcs11: pkcs11_attributes.c: support PKCS11_CKA_CHECK_VALUE Add PKCS11_CKA_CHECK_VALUE as an optional attribute of symmetric key and certificate objects . As per the PKCS#11 specification, key check value attribute is optional therefore add pkcs11 TA configuration switch CFG_PKCS11_TA_CHECK_VALUE_ATTRIBUTE to embed or not the support. When supported, as per the spec, the attribute can be either the legitimate value recomputed by the PKCS#11 token or a zero-sized value called a no-value for when client does not want the attribute to set in an object. This change adds the support for the pcks11 TA commands related to Cryptoki API functions C_GenerateKey(), C_CreateObject(), C_CopyObject(), C_SetAttributeValue(), C_UnwrapKey() and C_DeriveKey(). TA command related to C_FindOjects() support the attribute without any change. Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com> Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com> show more ... /optee_os/.github/workflows/ci.yml /optee_os/core/arch/arm/dts/stm32mp157a-dk1.dts /optee_os/core/arch/arm/dts/stm32mp157c-dk2.dts /optee_os/core/arch/arm/dts/stm32mp157c-ed1.dts /optee_os/core/arch/arm/dts/stm32mp15xx-dkx.dtsi /optee_os/core/arch/arm/include/arm64.h /optee_os/core/arch/arm/include/ffa.h /optee_os/core/arch/arm/include/kernel/thread_spmc.h /optee_os/core/arch/arm/include/mm/core_mmu_arch.h /optee_os/core/arch/arm/include/optee_ffa.h /optee_os/core/arch/arm/kernel/entry_a32.S /optee_os/core/arch/arm/kernel/thread_optee_smc.c /optee_os/core/arch/arm/kernel/thread_spmc.c /optee_os/core/arch/arm/mm/core_mmu_lpae.c /optee_os/core/arch/arm/mm/mobj_ffa.c /optee_os/core/arch/arm/plat-aspeed/conf.mk /optee_os/core/arch/arm/plat-aspeed/platform_ast2600.c /optee_os/core/arch/arm/plat-aspeed/platform_ast2700.c /optee_os/core/arch/arm/plat-aspeed/platform_config.h /optee_os/core/arch/arm/plat-corstone1000/main.c /optee_os/core/arch/arm/plat-d06/conf.mk /optee_os/core/arch/arm/plat-imx/main.c /optee_os/core/arch/arm/plat-k3/main.c /optee_os/core/arch/arm/plat-ls/main.c /optee_os/core/arch/arm/plat-mediatek/main.c /optee_os/core/arch/arm/plat-rcar/main.c /optee_os/core/arch/arm/plat-rockchip/main.c /optee_os/core/arch/arm/plat-rzn1/main.c /optee_os/core/arch/arm/plat-sam/matrix.c /optee_os/core/arch/arm/plat-sam/matrix.h /optee_os/core/arch/arm/plat-stm/main.c /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_pmic.c /optee_os/core/arch/arm/plat-stm32mp1/main.c /optee_os/core/arch/arm/plat-stm32mp1/plat_tzc400.c /optee_os/core/arch/arm/plat-stm32mp1/scmi_server.c /optee_os/core/arch/arm/plat-stm32mp2/main.c /optee_os/core/arch/arm/plat-sunxi/main.c /optee_os/core/arch/arm/plat-ti/main.c /optee_os/core/arch/arm/plat-vexpress/conf.mk /optee_os/core/arch/arm/plat-vexpress/main.c /optee_os/core/arch/arm/plat-vexpress/platform_config.h /optee_os/core/arch/arm/plat-zynq7k/main.c /optee_os/core/arch/riscv/plat-virt/conf.mk /optee_os/core/core.mk /optee_os/core/drivers/clk/clk.c /optee_os/core/drivers/crypto/caam/include/caam_sm.h /optee_os/core/drivers/crypto/hisilicon/hisi_qm.c /optee_os/core/drivers/crypto/hisilicon/include/hisi_qm.h /optee_os/core/drivers/crypto/hisilicon/sub.mk /optee_os/core/drivers/crypto/sub.mk /optee_os/core/drivers/gic.c /optee_os/core/drivers/hisi_trng.c /optee_os/core/drivers/regulator/regulator.c /optee_os/core/drivers/regulator/regulator_gpio.c /optee_os/core/drivers/regulator/stm32_vrefbuf.c /optee_os/core/drivers/regulator/stm32mp13_regulator_iod.c /optee_os/core/include/drivers/clk.h /optee_os/core/include/drivers/gic.h /optee_os/core/include/drivers/regulator.h /optee_os/core/include/kernel/interrupt.h /optee_os/core/include/kernel/transfer_list.h /optee_os/core/include/mm/tee_mm.h /optee_os/core/include/tee/tee_pobj.h /optee_os/core/include/tee/tee_svc_storage.h /optee_os/core/kernel/dt_driver.c /optee_os/core/kernel/interrupt.c /optee_os/core/kernel/notif.c /optee_os/core/kernel/notif_default.c /optee_os/core/kernel/panic.c /optee_os/core/kernel/sub.mk /optee_os/core/kernel/tee_ta_manager.c /optee_os/core/kernel/transfer_list.c /optee_os/core/mm/tee_mm.c /optee_os/core/pta/stats.c /optee_os/core/tee/tee_pobj.c /optee_os/core/tee/tee_rpmb_fs.c /optee_os/core/tee/tee_svc_cryp.c /optee_os/core/tee/tee_svc_storage.c /optee_os/lib/libutee/include/pta_stats.h /optee_os/lib/libutee/user_ta_entry.c /optee_os/lib/libutils/ext/mempool.c /optee_os/lib/libutils/isoc/bget_malloc.c /optee_os/lib/libutils/isoc/include/malloc.h /optee_os/mk/config.mk /optee_os/scripts/checkpatch_inc.sh src/object.c src/pkcs11_attributes.c src/pkcs11_attributes.h src/processing.c sub.mk
2eba68d2	28-Sep-2023	Etienne Carriere <etienne.carriere@foss.st.com>	ta: pkcs11: prevent user ID verification when user PIN is not set Fix User PIN verification in ACL mode (protected authentication) so that it always returns PKCS11_CKR_USER_PIN_NOT_INITIALIZED when ta: pkcs11: prevent user ID verification when user PIN is not set Fix User PIN verification in ACL mode (protected authentication) so that it always returns PKCS11_CKR_USER_PIN_NOT_INITIALIZED when User PIN has not been initialized yet by the Security Officer. Before this change, this was tested only in the standard PIN path, not for the authenticated TEE identity mode (CFG_PKCS11_TA_AUTH_TEE_IDENTITY=y). Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> show more ... /optee_os/.github/workflows/ci.yml /optee_os/core/arch/arm/arm.mk /optee_os/core/arch/arm/dts/stm32mp131.dtsi /optee_os/core/arch/arm/dts/stm32mp135f-dk.dts /optee_os/core/arch/arm/dts/stm32mp157c-ed1.dts /optee_os/core/arch/arm/dts/stm32mp15xx-dkx.dtsi /optee_os/core/arch/arm/include/mm/generic_ram_layout.h /optee_os/core/arch/arm/kernel/boot.c /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/kernel/thread_optee_smc.c /optee_os/core/arch/arm/kernel/thread_spmc.c /optee_os/core/arch/arm/plat-hikey/main.c /optee_os/core/arch/arm/plat-hikey/spi_test.c /optee_os/core/arch/arm/plat-rockchip/platform.c /optee_os/core/arch/arm/plat-rockchip/platform_px30.c /optee_os/core/arch/arm/plat-rockchip/platform_rk3399.c /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_pwr.c /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_pwr.h /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_syscfg.c /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_syscfg.h /optee_os/core/arch/arm/plat-stm32mp1/main.c /optee_os/core/arch/arm/plat-stm32mp1/platform_config.h /optee_os/core/arch/arm/plat-stm32mp1/scmi_server.c /optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c /optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h /optee_os/core/arch/arm/plat-stm32mp2/conf.mk /optee_os/core/arch/arm/plat-vexpress/conf.mk /optee_os/core/arch/riscv/kernel/boot.c /optee_os/core/arch/riscv/plat-spike/conf.mk /optee_os/core/drivers/atmel_piobu.c /optee_os/core/drivers/atmel_saic.c /optee_os/core/drivers/atmel_wdt.c /optee_os/core/drivers/bcm_hwrng.c /optee_os/core/drivers/clk/clk.c /optee_os/core/drivers/crypto/caam/hal/common/hal_jr.c /optee_os/core/drivers/dra7_rng.c /optee_os/core/drivers/gic.c /optee_os/core/drivers/imx_wdog.c /optee_os/core/drivers/ls_dspi.c /optee_os/core/drivers/ls_gpio.c /optee_os/core/drivers/ls_i2c.c /optee_os/core/drivers/regulator/regulator.c /optee_os/core/drivers/regulator/regulator_gpio.c /optee_os/core/drivers/regulator/stm32mp13_regulator_iod.c /optee_os/core/drivers/regulator/sub.mk /optee_os/core/drivers/smccc_trng.c /optee_os/core/drivers/xiphera_trng.c /optee_os/core/include/drivers/clk.h /optee_os/core/include/drivers/scmi-msg.h /optee_os/core/include/drivers/stm32mp13_regulator_iod.h /optee_os/core/include/kernel/dt.h /optee_os/core/include/kernel/dt_driver.h /optee_os/core/include/kernel/interrupt.h /optee_os/core/include/mm/core_mmu.h /optee_os/core/kernel/dt.c /optee_os/core/kernel/dt_driver.c /optee_os/core/kernel/interrupt.c /optee_os/core/kernel/panic.c /optee_os/core/kernel/tee_ta_manager.c /optee_os/core/kernel/tpm.c /optee_os/core/kernel/trace_ext.c /optee_os/core/mm/core_mmu.c /optee_os/core/pta/bcm/gpio.c /optee_os/core/tee/tee_ree_fs.c /optee_os/core/tee/tee_svc.c /optee_os/lib/libmbedtls/core/ecc.c /optee_os/lib/libutee/include/tee_arith_internal.h /optee_os/lib/libutee/tee_api_arith_mpi.c /optee_os/lib/libutils/ext/include/trace.h /optee_os/lib/libutils/ext/trace.c /optee_os/lib/libutils/isoc/bget_malloc.c /optee_os/mk/config.mk /optee_os/scripts/symbolize.py src/pkcs11_token.c
12 3 4 5 6 7 8 9 10 11