src - OpenGrok history log for /optee

Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
ee49d9f2	02-Apr-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: fixup header file inclusion ordering Fix order of included header files where applicable. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Rouven Czerwinski <r ta: pkcs11: fixup header file inclusion ordering Fix order of included header files where applicable. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... pkcs11_token.c serializer.h
fce35058	02-Apr-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: fixup user id in init_pin_key() Minor simplification of init_pin_keys() prototype. Change argument unsigned int uid to enum pkcs11_user_type type since it's what is provided by the calle ta: pkcs11: fixup user id in init_pin_key() Minor simplification of init_pin_keys() prototype. Change argument unsigned int uid to enum pkcs11_user_type type since it's what is provided by the called and expected by the function. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/.shippable.yml /optee_os/core/arch/arm/crypto/ghash-ce-core_a32.S /optee_os/core/arch/arm/crypto/ghash-ce-core_a64.S /optee_os/core/arch/arm/kernel/thread_a32.S /optee_os/core/arch/arm/kernel/thread_a64.S /optee_os/core/arch/arm/plat-imx/drivers/imx_snvs.c /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_clk.c /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_rcc.h /optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c /optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h /optee_os/core/arch/arm/sm/sm_a32.S /optee_os/core/drivers/stm32_etzpc.c /optee_os/core/drivers/stm32_rng.c /optee_os/core/tee/tee_svc.c /optee_os/lib/libutils/isoc/arch/arm/arm32_aeabi_divmod_a32.S /optee_os/lib/libutils/isoc/arch/arm/arm32_aeabi_ldivmod_a32.S persistent_token.c
6e4f8f17	12-Mar-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: session commands support Add and remove session from session list owned by the client session. Generate client session IDs using handle.c (produced indices like starting from 1). entry_ ta: pkcs11: session commands support Add and remove session from session list owned by the client session. Generate client session IDs using handle.c (produced indices like starting from 1). entry_ck_open_session(): uses set_session_state() to default new session instances. entry_ck_close_session() and entry_ck_close_all_sessions() use close_ck_session() to factorize session resource release. entry_ck_session_info() reads session state as when called. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> show more ... entry.c pkcs11_token.c pkcs11_token.h
e084583e	12-Mar-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: register a client instance for each opened TEE session Each TEE session open toward the TA creates a client reference. It can be used by command handlers to identify client. Client refer ta: pkcs11: register a client instance for each opened TEE session Each TEE session open toward the TA creates a client reference. It can be used by command handlers to identify client. Client reference is passed between TA and client library using the TEE session argument in the GPD TEE Client API. Value used is the client instance address in the TA (as a void *) and is abstracted with an opaque ID by OP-TEE Core between being exposed to client. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> show more ... entry.c pkcs11_token.c pkcs11_token.h
22ada947	12-Mar-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: handle database for various client references Dump core/kernel/handle.c into PKCS11 TA source tree with some changes: - Remove ptr_destructor() support, - Adapt the TEE Internal APIs (I. ta: pkcs11: handle database for various client references Dump core/kernel/handle.c into PKCS11 TA source tree with some changes: - Remove ptr_destructor() support, - Adapt the TEE Internal APIs (I.e. TEE_MemMove() instead of memcpy()), - Produce 32bit IDs starting from 1, 0 is reserved as undefined reference. Most handles return by the TA to the client are 32bit unsigned values as per TA API. handle.c will manage these IDs. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> show more ... handle.c handle.h sub.mk
d21ec5f4	12-Mar-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: add mechanism info and session command to helpers Add mechanism info and session management command IDs in debug helpers of the PKCS11 TA. Signed-off-by: Etienne Carriere <etienne.carri ta: pkcs11: add mechanism info and session command to helpers Add mechanism info and session management command IDs in debug helpers of the PKCS11 TA. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> show more ... /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_rcc.c /optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h /optee_os/core/tee/tee_rpmb_fs.c /optee_os/ta/pkcs11/include/pkcs11_ta.h pkcs11_helpers.c pkcs11_helpers.h
1d3ebedb	17-Feb-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: command to get mechanism info Implement command PKCS11_CMD_MECHANISM_INFO for client to get information on a specific mechanism embedded in a token. Signed-off-by: Etienne Carriere <eti ta: pkcs11: command to get mechanism info Implement command PKCS11_CMD_MECHANISM_INFO for client to get information on a specific mechanism embedded in a token. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... entry.c pkcs11_token.c pkcs11_token.h
6f74919d	04-Feb-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: command to get mechanisms embedded in a token Implement command PKCS11_CMD_MECHANISM_IDS for client to get IDs of the mechanisms embedded in a token Signed-off-by: Etienne Carriere <eti ta: pkcs11: command to get mechanisms embedded in a token Implement command PKCS11_CMD_MECHANISM_IDS for client to get IDs of the mechanisms embedded in a token Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... entry.c pkcs11_token.c pkcs11_token.h
8849c126	18-Feb-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: support for mechanism embedded in a token Implement token_capabilities.c to centralize the mechanisms supported by a token. As PKCS11 TA can implemented several token, each token may pro ta: pkcs11: support for mechanism embedded in a token Implement token_capabilities.c to centralize the mechanisms supported by a token. As PKCS11 TA can implemented several token, each token may provide support for a restricted list of mechanisms and processing over these mechanisms. Array pkcs11_modes[] is used to strictly define the processing that are allowed for a mechanism as per PKCS#11 specification. Conversion of a mechanism ID into a debug friendly string is implemented in token_capabilities.c rather than pkcs11_helpers.c as for the other string helpers since the source file already defines the list of the valid mechanism IDs, hence an indirection from id2str_mechanism() to mechanism_string_id(). Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/ta/pkcs11/include/pkcs11_ta.h pkcs11_helpers.h sub.mk token_capabilities.c token_capabilities.h
60659a86	17-Mar-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: factorize persistent file name get_db_file_name() and get_pin_file_name() factorize TEE object file IDs. open_db_file() and open_pin_file() factorize opening of TA persistent database o ta: pkcs11: factorize persistent file name get_db_file_name() and get_pin_file_name() factorize TEE object file IDs. open_db_file() and open_pin_file() factorize opening of TA persistent database object and PIN cipher key objects. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/kernel/early_ta.c /optee_os/core/arch/arm/kernel/ree_fs_ta.c /optee_os/core/arch/arm/mm/tee_mmu.c /optee_os/core/arch/arm/mm/tee_pager.c /optee_os/core/arch/arm/plat-imx/crypto_conf.mk /optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c /optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h /optee_os/core/arch/arm/tee/entry_std.c /optee_os/core/crypto/crypto.c /optee_os/core/drivers/bnxt/bnxt_fw.c /optee_os/core/drivers/crypto/caam/caam_ctrl.c /optee_os/core/drivers/crypto/caam/cipher/caam_cipher.c /optee_os/core/drivers/crypto/caam/cipher/caam_cipher_xts.c /optee_os/core/drivers/crypto/caam/cipher/local.h /optee_os/core/drivers/crypto/caam/cipher/sub.mk /optee_os/core/drivers/crypto/caam/include/caam_cipher.h /optee_os/core/drivers/crypto/caam/include/caam_trace.h /optee_os/core/drivers/crypto/caam/sub.mk /optee_os/core/drivers/crypto/crypto_api/cipher/cipher.c /optee_os/core/drivers/crypto/crypto_api/cipher/sub.mk /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt.h /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_cipher.h /optee_os/core/drivers/crypto/crypto_api/sub.mk /optee_os/core/drivers/gic.c /optee_os/core/drivers/stm32_etzpc.c /optee_os/core/include/crypto/crypto_impl.h /optee_os/core/include/signed_hdr.h /optee_os/core/pta/gprof.c /optee_os/core/pta/system.c /optee_os/lib/libutee/include/tee_api_defines_extensions.h /optee_os/lib/libutils/ext/include/util.h /optee_os/mk/lib.mk /optee_os/ta/pkcs11/include/pkcs11_ta.h persistent_token.c
9dbdd8cd	18-Mar-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: identify user as per define user types Define users with CKU User Type in Cryptoki API: PKCS11_CKU_SO and PKCS11_CKU_USER. They will be used as identifiers for login and related PKCS#11 ta: pkcs11: identify user as per define user types Define users with CKU User Type in Cryptoki API: PKCS11_CKU_SO and PKCS11_CKU_USER. They will be used as identifiers for login and related PKCS#11 API functions. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> show more ... /optee_os/ta/pkcs11/include/pkcs11_ta.h persistent_token.c
37d01a77	17-Mar-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: use sizeof(rc) instead of sizeof(uint32_t) Prefer sizeof() to use rc reference rather than explicit 32bit. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jer ta: pkcs11: use sizeof(rc) instead of sizeof(uint32_t) Prefer sizeof() to use rc reference rather than explicit 32bit. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jerome Forissier <jerome@forissier.org> show more ... /optee_os/core/arch/arm/include/mm/core_mmu.h /optee_os/core/arch/arm/kernel/generic_entry_a32.S /optee_os/core/arch/arm/kernel/generic_entry_a64.S /optee_os/core/arch/arm/kernel/thread_a32.S /optee_os/core/arch/arm/kernel/user_ta.c /optee_os/core/arch/arm/mm/core_mmu_lpae.c /optee_os/core/arch/arm/mm/core_mmu_v7.c /optee_os/core/drivers/crypto/caam/acipher/caam_rsa.c /optee_os/core/drivers/crypto/crypto_api/acipher/rsassa.c /optee_os/ldelf/ta_elf.c /optee_os/ldelf/ta_elf_rel.c /optee_os/lib/libutee/include/arm64_user_sysreg.h /optee_os/lib/libutils/isoc/include/setjmp.h entry.c
030e7392	04-Mar-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: implement command to get token information Implement TA command PKCS11_CMD_TOKEN_INFO for client to get information on a token embedded in the PKCS11 TA. Rename PKCS11_TOKEN_PIN_SIZE in ta: pkcs11: implement command to get token information Implement TA command PKCS11_CMD_TOKEN_INFO for client to get information on a token embedded in the PKCS11 TA. Rename PKCS11_TOKEN_PIN_SIZE into PKCS11_TOKEN_PIN_SIZE_MAX as introducing PKCS11_TOKEN_PIN_SIZE_MIN, in pkcs11_token.h. Rely on serializer.h for de-serializing the command arguments. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> show more ... entry.c pkcs11_token.c pkcs11_token.h
b3ac5035	17-Feb-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: add pad_str() helper in token info wrapper Add pad_str() to pad a string ('\0' terminated) with blank characters (' '), removing the '\0' termination as per PKCS#11 specification. This ta: pkcs11: add pad_str() helper in token info wrapper Add pad_str() to pad a string ('\0' terminated) with blank characters (' '), removing the '\0' termination as per PKCS#11 specification. This will factorize other padding needed in other function/command wrappers. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> show more ... /optee_os/ldelf/ta_elf.c /optee_os/ldelf/ta_elf_rel.c pkcs11_token.c
ce94efef	17-Feb-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: implement command to get slot information Implement TA command PKCS11_CMD_SLOT_INFO for client get information on a specific slot. Rely on serializer.h for de-serializing the command ar ta: pkcs11: implement command to get slot information Implement TA command PKCS11_CMD_SLOT_INFO for client get information on a specific slot. Rely on serializer.h for de-serializing the command arguments. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... entry.c pkcs11_token.c pkcs11_token.h
d38f9635	02-Mar-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: speculation safe lookup of token instance Change get_token_id() to be safe against speculation execution for IDs provided by client. This change is needed for TA command handlers relying ta: pkcs11: speculation safe lookup of token instance Change get_token_id() to be safe against speculation execution for IDs provided by client. This change is needed for TA command handlers relying on slot/token IDs provided by client applications. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... pkcs11_token.c pkcs11_token.h
22ac6984	04-Feb-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: implement command to get slots list Implement TA command PKCS11_CMD_SLOT_LIST for client to get the IDs of the slots embedded in the PKCS11 TA. Signed-off-by: Etienne Carriere <etienne. ta: pkcs11: implement command to get slots list Implement TA command PKCS11_CMD_SLOT_LIST for client to get the IDs of the slots embedded in the PKCS11 TA. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... entry.c pkcs11_token.c pkcs11_token.h
4f8a354f	04-Feb-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: de-serialization of command arguments Add serialize.c\|.h that provide functions to extract a sized data in a serialized buffer as used for command serial arguments. Signed-off-by: Etien ta: pkcs11: de-serialization of command arguments Add serialize.c\|.h that provide functions to extract a sized data in a serialized buffer as used for command serial arguments. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... serializer.c serializer.h sub.mk
be1ce869	03-Mar-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: better test object ids generation Change init_pin_keys() and init_persistent_db() to rely on the strict byte size of the object ID reference rather than using hard coded value 32. Fixes ta: pkcs11: better test object ids generation Change init_pin_keys() and init_persistent_db() to rely on the strict byte size of the object ID reference rather than using hard coded value 32. Fixes: c84ccd0a805e ("ta: pkcs11: persistent database for the pkcs11 tokens") Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> show more ... /optee_os/.shippable.yml /optee_os/core/arch/arm/tee/init.c /optee_os/core/drivers/crypto/caam/caam_jr.c /optee_os/core/drivers/crypto/caam/hal/common/hal_cfg.c /optee_os/core/drivers/crypto/caam/hal/common/hal_jr.c /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_asn1_oid.h /optee_os/core/drivers/crypto/crypto_api/oid/hash_oid.c /optee_os/lib/libutils/ext/include/confine_array_index.h /optee_os/ta/arch/arm/ta.ld.S persistent_token.c
a67dc424	04-Feb-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: API for slot/token information Define invocation commands to carry the request related to PKCS#11 API functions related to slot and token information: - get the list of the slots, relate ta: pkcs11: API for slot/token information Define invocation commands to carry the request related to PKCS#11 API functions related to slot and token information: - get the list of the slots, related to CK function C_GetSlotList(), - get information from a slot, related to C_GetSlotInfo(), - get information from a token, related to C_GetTokenInfo(), - get the list of mechanisms supported by a token, C_GetMechanismList(), - get information a mechanism from a token, C_GetMechanismInfo(). The TA API involves several byte serialization of invocation parameters data inside TEE invocation input/output memory reference parameters. This change introduces the command APIs and some debug helpers for the newly defined slot/token flags. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/ta/pkcs11/include/pkcs11_ta.h pkcs11_helpers.c pkcs11_helpers.h
c84ccd0a	04-Feb-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: persistent database for the pkcs11 tokens Initialize token(s) state from a persistent database. If no persistent database is found in the secure storage, initialize it to a default state ta: pkcs11: persistent database for the pkcs11 tokens Initialize token(s) state from a persistent database. If no persistent database is found in the secure storage, initialize it to a default state and save the database in secure storage. PKCS11 TA may implement several tokens each related to its own database. A token persistent database is stored in several part in TEE secure storage. The main database stores token label, flags and PINs status. Another database stores the UUIDs of the TEE persistent objects used to store the token PKCS11 objects allowing the token to find back PKCS11 persistent objects. This object database is out of the scope of this change. At runtime, a token instance is reference by a struct ck_token instance in RAM which stores the state of the token and references to the resources the token as loaded as PIN cipher keys (see paragraph below), session states and the volatile copy of the persistent databases. Among data saved in persistent database is the reference to the keys used to cipher the PINs that will be used. A symmetric encryption scheme is used using keys PKCS11 TA does not have access to. This allows PKCS11 TA to save in RAM an encrypted value of the owners PINs. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/kernel/generic_boot.c /optee_os/core/arch/arm/kernel/generic_entry_a64.S /optee_os/core/arch/arm/kernel/link.mk /optee_os/core/arch/arm/kernel/link_dummies_init.c /optee_os/core/arch/arm/kernel/link_dummies_paged.c /optee_os/core/arch/arm/kernel/ree_fs_ta.c /optee_os/core/arch/arm/kernel/sub.mk /optee_os/core/arch/arm/kernel/thread_a64.S /optee_os/core/arch/arm/kernel/thread_optee_smc_a64.S /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/mm/core_mmu_private.h /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-imx/crypto_conf.mk /optee_os/core/arch/arm/plat-imx/drivers/imx_snvs.c /optee_os/core/arch/arm/plat-imx/drivers/sub.mk /optee_os/core/arch/arm/tee/arch_svc.c /optee_os/core/drivers/crypto/caam/acipher/caam_math.c /optee_os/core/drivers/crypto/caam/acipher/caam_prime.c /optee_os/core/drivers/crypto/caam/acipher/caam_rsa.c /optee_os/core/drivers/crypto/caam/acipher/local.h /optee_os/core/drivers/crypto/caam/acipher/sub.mk /optee_os/core/drivers/crypto/caam/caam_ctrl.c /optee_os/core/drivers/crypto/caam/caam_rng.c /optee_os/core/drivers/crypto/caam/hal/common/hal_ctrl.c /optee_os/core/drivers/crypto/caam/hal/common/registers/version_regs.h /optee_os/core/drivers/crypto/caam/include/caam_acipher.h /optee_os/core/drivers/crypto/caam/include/caam_desc_ccb_defines.h /optee_os/core/drivers/crypto/caam/include/caam_desc_defines.h /optee_os/core/drivers/crypto/caam/include/caam_hal_ctrl.h /optee_os/core/drivers/crypto/caam/include/caam_jr_status.h /optee_os/core/drivers/crypto/caam/include/caam_trace.h /optee_os/core/drivers/crypto/caam/include/caam_utils_mem.h /optee_os/core/drivers/crypto/caam/sub.mk /optee_os/core/drivers/crypto/caam/utils/utils_mem.c /optee_os/core/drivers/crypto/crypto_api/acipher/local.h /optee_os/core/drivers/crypto/crypto_api/acipher/rsa.c /optee_os/core/drivers/crypto/crypto_api/acipher/rsamgf.c /optee_os/core/drivers/crypto/crypto_api/acipher/rsassa.c /optee_os/core/drivers/crypto/crypto_api/acipher/sub.mk /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt.h /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_acipher.h /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_asn1_oid.h /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_hash.h /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_math.h /optee_os/core/drivers/crypto/crypto_api/math/modulus.c /optee_os/core/drivers/crypto/crypto_api/math/sub.mk /optee_os/core/drivers/crypto/crypto_api/oid/hash_oid.c /optee_os/core/drivers/crypto/crypto_api/oid/sub.mk /optee_os/core/drivers/crypto/crypto_api/sub.mk /optee_os/core/drivers/imx_snvs.c /optee_os/core/include/drivers/imx_snvs.h /optee_os/core/include/tee/tee_fs.h /optee_os/core/tee/tee_rpmb_fs.c /optee_os/ldelf/ta_elf.c /optee_os/ldelf/ta_elf.h /optee_os/lib/libdl/dlfcn.c /optee_os/lib/libutee/arch/arm/user_ta_entry.c /optee_os/lib/libutee/include/user_ta_header.h /optee_os/ta/arch/arm/link.mk entry.c persistent_token.c pkcs11_token.c pkcs11_token.h sub.mk
208dec38	20-Jan-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: report PKCS11 return code to client For the PKCS11 TA to provide client a meaningful return code as per PKCS#11 specification, the GPD TEE command invocation return code is forced to TEE ta: pkcs11: report PKCS11 return code to client For the PKCS11 TA to provide client a meaningful return code as per PKCS#11 specification, the GPD TEE command invocation return code is forced to TEE_SUCCESS and client is expected to read effective PKCS11 return code (which can report a success or a failure) from invocation parameter #0 that must be a input/output memory reference. The status is return as a 32bit value in the output buffer. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/ta/pkcs11/include/pkcs11_ta.h entry.c pkcs11_helpers.h
d34f3266	20-Jan-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: define pkcs11 return codes This change introduces PKCS11 return codes used internally in the TA to get a PKCS#11 compliant status of the requested operation and also reported to the call ta: pkcs11: define pkcs11 return codes This change introduces PKCS11 return codes used internally in the TA to get a PKCS#11 compliant status of the requested operation and also reported to the caller client providing a cryptoki compliant return value for the client API functions. There are PCSK11 TA specific return values that are defined and used only internally in the TA: PKCS11_RVçNOT_FOUND and PKCS11_RV_NOT_IMPLEMENTED. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/MAINTAINERS /optee_os/core/arch/arm/kernel/generic_boot.c /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-imx/drivers/tzc380.c /optee_os/core/arch/arm/plat-imx/imx.h /optee_os/core/arch/arm/plat-imx/main.c /optee_os/core/arch/arm/plat-vexpress/conf.mk /optee_os/core/drivers/tzc380.c /optee_os/core/include/drivers/tzc380.h /optee_os/core/include/kernel/tpm.h /optee_os/core/kernel/sub.mk /optee_os/core/kernel/tpm.c /optee_os/core/pta/system.c /optee_os/lib/libutee/arch/arm/sub.mk /optee_os/lib/libutee/arch/arm/user_ta_entry.c /optee_os/lib/libutee/include/pta_system.h /optee_os/mk/clang.mk /optee_os/mk/config.mk /optee_os/scripts/get_maintainer.py /optee_os/scripts/symbolize.py /optee_os/ta/arch/arm/ta.ld.S /optee_os/ta/pkcs11/include/pkcs11_ta.h entry.c pkcs11_helpers.c pkcs11_helpers.h /optee_os/ta/ta.mk
23fc5a78	03-Feb-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: set TA version property mandated by GPD Set version property "gpd.ta.version" of the TA to the version information set in TA API through macros PKCS11_TA_VERSION_MAJOR, PKCS11_TA_VERSION ta: pkcs11: set TA version property mandated by GPD Set version property "gpd.ta.version" of the TA to the version information set in TA API through macros PKCS11_TA_VERSION_MAJOR, PKCS11_TA_VERSION_MINOR and PKCS11_TA_VERSION_PATCH. This change also adds a short description in "gpd.ta.description". Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jerome Forissier <jerome@forissier.org> show more ... /optee_os/.shippable.yml /optee_os/.travis.yml /optee_os/core/arch/arm/kernel/generic_entry_a32.S /optee_os/core/arch/arm/kernel/generic_entry_a64.S /optee_os/core/arch/arm/kernel/thread.c /optee_os/core/arch/arm/mm/tee_mmu.c /optee_os/core/arch/arm/plat-imx/conf.mk /optee_os/core/arch/arm/plat-ls/conf.mk /optee_os/core/arch/arm/plat-ls/crypto_conf.mk /optee_os/core/arch/arm/plat-ls/platform_config.h /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/main.c /optee_os/core/arch/arm/plat-stm32mp1/platform_config.h /optee_os/core/arch/arm/tee/arch_svc.c /optee_os/core/arch/arm/tee/init.c /optee_os/core/core.mk /optee_os/core/drivers/crypto/caam/caam_desc.c /optee_os/core/drivers/tzc380.c /optee_os/core/include/drivers/tzc380.h /optee_os/core/include/kernel/panic.h /optee_os/core/lib/libtomcrypt/mpi_desc.c /optee_os/core/lib/libtomcrypt/sub.mk /optee_os/core/tee/tee_rpmb_fs.c /optee_os/lib/libmbedtls/include/mbedtls_config_kernel.h /optee_os/lib/libutee/include/tee_arith_internal.h /optee_os/lib/libutee/sub.mk /optee_os/lib/libutils/ext/ftrace/ftrace.c /optee_os/mk/checkconf.mk /optee_os/mk/config.mk /optee_os/scripts/symbolize.py /optee_os/ta/arch/arm/ta.ld.S /optee_os/ta/mk/build-user-ta.mk /optee_os/ta/mk/ta_dev_kit.mk user_ta_header_defines.h /optee_os/ta/ta.mk
60290f69	04-Feb-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: add debug trace at command entry/exit Add debug traces at entry and exit of the command invocation handler of the TA. Prints TA command as a readable string thanks to ck_helpers.c Signe ta: pkcs11: add debug trace at command entry/exit Add debug traces at entry and exit of the command invocation handler of the TA. Prints TA command as a readable string thanks to ck_helpers.c Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... entry.c pkcs11_helpers.c
1 2 3 4 5 6 7 8910