ta - OpenGrok history log for /optee

Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
1dbb91e7	09-Apr-2020	Jens Wiklander <jens.wiklander@linaro.org>	ta: pkcs11: implement command PKCS11_CMD_SET_PIN PKCS11_CMD_SET_PIN implements C_SetPIN() client API function that is in charge of modifying a login PIN. Acked-by: Rouven Czerwinski <r.czerwinski@p ta: pkcs11: implement command PKCS11_CMD_SET_PIN PKCS11_CMD_SET_PIN implements C_SetPIN() client API function that is in charge of modifying a login PIN. Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Co-developed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... pkcs11/include/pkcs11_ta.h pkcs11/src/entry.c pkcs11/src/pkcs11_token.c pkcs11/src/pkcs11_token.h
e8dbd92c	09-Apr-2020	Jens Wiklander <jens.wiklander@linaro.org>	ta: pkcs11: implement command PKCS11_CMD_INIT_PIN PKCS11_CMD_INIT_PIN implements C_InitPIN() client API function that is in charge of initializing the normal user login PIN. Security Officer must b ta: pkcs11: implement command PKCS11_CMD_INIT_PIN PKCS11_CMD_INIT_PIN implements C_InitPIN() client API function that is in charge of initializing the normal user login PIN. Security Officer must be logged to current session in order to call this function Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Co-developed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... pkcs11/include/pkcs11_ta.h pkcs11/src/entry.c pkcs11/src/pkcs11_token.c pkcs11/src/pkcs11_token.h
f485be04	09-Apr-2020	Jens Wiklander <jens.wiklander@linaro.org>	ta: pkcs11: implement command PKCS11_CMD_INIT_TOKEN PKCS11_CMD_INIT_TOKEN implements C_InitToken() client API function that is in charge of initializing the Security Officer login PIN if not already ta: pkcs11: implement command PKCS11_CMD_INIT_TOKEN PKCS11_CMD_INIT_TOKEN implements C_InitToken() client API function that is in charge of initializing the Security Officer login PIN if not already done and destroy objects that can be. As objects are not yet supported in the TA, this later feature is not implemented. Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Co-developed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... pkcs11/include/pkcs11_ta.h pkcs11/src/entry.c pkcs11/src/pkcs11_token.c pkcs11/src/pkcs11_token.h
e86828f4	09-Apr-2020	Jens Wiklander <jens.wiklander@linaro.org>	ta: pkcs11: helper to update token persistent database update_persistent_db() updates the persistent database or panics on failure. Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Co-deve ta: pkcs11: helper to update token persistent database update_persistent_db() updates the persistent database or panics on failure. Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Co-developed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... pkcs11/src/persistent_token.c pkcs11/src/pkcs11_token.h
40bbca26	09-Apr-2020	Jens Wiklander <jens.wiklander@linaro.org>	ta: pkcs11: update PIN fields in struct token_persistent_main Replaces the fields use to keep track of encrypted PINs with fields to keep track of hashed PINs instead. Acked-by: Rouven Czerwinski < ta: pkcs11: update PIN fields in struct token_persistent_main Replaces the fields use to keep track of encrypted PINs with fields to keep track of hashed PINs instead. Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... pkcs11/src/pkcs11_token.h
bef8bc68	09-Apr-2020	Jens Wiklander <jens.wiklander@linaro.org>	ta: pkcs11: helpers for PIN hashing Adds helpers to hash PIN and to verify the hash of a PIN. The PIN is hashed together with user type and a generated salt. A used salt never takes the value 0 so t ta: pkcs11: helpers for PIN hashing Adds helpers to hash PIN and to verify the hash of a PIN. The PIN is hashed together with user type and a generated salt. A used salt never takes the value 0 so that can be used to tell if a PIN is set. Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... pkcs11/src/persistent_token.c pkcs11/src/pkcs11_token.h
8e03579e	09-Apr-2020	Jens Wiklander <jens.wiklander@linaro.org>	ta: pkcs11: helper for GPD TEE to PKCS#11 status conversion Introduce helper function pkcs2tee_error() for the several TEE Core Internal APIs called for which return value needs to be reported to ca ta: pkcs11: helper for GPD TEE to PKCS#11 status conversion Introduce helper function pkcs2tee_error() for the several TEE Core Internal APIs called for which return value needs to be reported to caller in PKCS#11 return code format. The function returns PKCS11_CKR_GENERAL_ERROR for TEE_Result values that do not strictly match a PKCS#11 return code. Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Co-developed-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/.github/issue_template.md /optee_os/.github/pull_request_template.md /optee_os/Makefile /optee_os/core/arch/arm/mm/core_mmu.c /optee_os/core/arch/arm/plat-rcar/link.mk /optee_os/core/arch/arm/plat-stm32mp1/conf.mk /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_clk.c /optee_os/core/arch/arm/plat-stm32mp1/main.c /optee_os/core/arch/arm/plat-stm32mp1/nsec-service/stm32mp1_smc.h /optee_os/core/arch/arm/plat-stm32mp1/nsec-service/stm32mp1_svc_setup.c /optee_os/core/arch/arm/plat-stm32mp1/nsec-service/sub.mk /optee_os/core/arch/arm/plat-stm32mp1/platform_config.h /optee_os/core/arch/arm/plat-stm32mp1/scmi_server.c /optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c /optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h /optee_os/core/arch/arm/plat-stm32mp1/sub.mk /optee_os/core/drivers/crypto/caam/caam_desc.c /optee_os/core/drivers/crypto/caam/caam_jr.c /optee_os/core/drivers/crypto/caam/hal/common/hal_jr.c /optee_os/core/drivers/crypto/caam/include/caam_common.h /optee_os/core/drivers/crypto/caam/include/caam_desc_helper.h /optee_os/core/drivers/crypto/caam/include/caam_jr.h /optee_os/core/include/dt-bindings/clock/stm32mp1-clks.h /optee_os/core/include/dt-bindings/reset/stm32mp1-resets.h /optee_os/core/pta/tests/invoke.c /optee_os/lib/libutee/include/pta_invoke_tests.h pkcs11/src/pkcs11_helpers.c pkcs11/src/pkcs11_helpers.h
70224f58	05-Apr-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: drop derive from AES_ECB Drop key derivation as a capability of mechanisms AES_ECB as not part of the PKCS#11 specification. Reported-by: Ricardo Salveti <ricardo@foundries.io> Signed-o ta: pkcs11: drop derive from AES_ECB Drop key derivation as a capability of mechanisms AES_ECB as not part of the PKCS#11 specification. Reported-by: Ricardo Salveti <ricardo@foundries.io> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... pkcs11/src/token_capabilities.c
6459f267	08-Apr-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: fix MECHANISM_IDS to return OK when no output buffer Fix PKCS11 TA command PKCS11_CMD_MECHANISM_IDS to handle case where client provides a NULL buffer reference when querying the list of ta: pkcs11: fix MECHANISM_IDS to return OK when no output buffer Fix PKCS11 TA command PKCS11_CMD_MECHANISM_IDS to handle case where client provides a NULL buffer reference when querying the list of supported mechanism IDs. In such case TA should return OK, not PKCS11_CKR_BUFFER_TOO_SMALL. This change is needed since commit [1] that makes an OP-TEE TA able to receive memref parameters with a NULL buffer reference. Link: [1] 20b567068a37 ("libutee: flag NULL pointer using invalid shm id") Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> show more ... /optee_os/core/arch/arm/crypto/aes-gcm-ce.c /optee_os/core/arch/arm/crypto/aes_armv8a_ce.c /optee_os/core/arch/arm/crypto/aes_armv8a_ce.h /optee_os/core/arch/arm/crypto/aes_modes_armv8a_ce_a32.S /optee_os/core/arch/arm/crypto/aes_modes_armv8a_ce_a64.S /optee_os/core/arch/arm/crypto/ghash-ce-core_a32.S /optee_os/core/arch/arm/crypto/ghash-ce-core_a64.S /optee_os/core/arch/arm/crypto/sha1_armv8a_ce.c /optee_os/core/arch/arm/crypto/sha1_armv8a_ce_a32.S /optee_os/core/arch/arm/crypto/sha1_armv8a_ce_a64.S /optee_os/core/arch/arm/crypto/sha256_armv8a_ce.c /optee_os/core/arch/arm/crypto/sha256_armv8a_ce_a32.S /optee_os/core/arch/arm/crypto/sha256_armv8a_ce_a64.S /optee_os/core/arch/arm/crypto/sub.mk /optee_os/core/arch/arm/include/crypto/ghash-ce-core.h /optee_os/core/arch/arm/include/sm/optee_smc.h /optee_os/core/arch/arm/mm/tee_mmu.c /optee_os/core/arch/arm/tee/entry_fast.c /optee_os/core/arch/arm/tee/entry_std.c /optee_os/core/crypto.mk /optee_os/core/crypto/aes-gcm-ghash-tbl.c /optee_os/core/crypto/aes-gcm-sw.c /optee_os/core/crypto/aes-gcm.c /optee_os/core/crypto/signed_hdr.c /optee_os/core/crypto/sub.mk /optee_os/core/drivers/crypto/crypto_api/acipher/rsa.c /optee_os/core/drivers/scmi-msg/base.c /optee_os/core/drivers/scmi-msg/base.h /optee_os/core/drivers/scmi-msg/clock.c /optee_os/core/drivers/scmi-msg/clock.h /optee_os/core/drivers/scmi-msg/common.h /optee_os/core/drivers/scmi-msg/entry.c /optee_os/core/drivers/scmi-msg/reset_domain.c /optee_os/core/drivers/scmi-msg/reset_domain.h /optee_os/core/drivers/scmi-msg/smt.c /optee_os/core/drivers/scmi-msg/sub.mk /optee_os/core/drivers/sub.mk /optee_os/core/include/crypto/crypto_accel.h /optee_os/core/include/crypto/internal_aes-gcm.h /optee_os/core/include/drivers/scmi-msg.h /optee_os/core/include/drivers/scmi.h /optee_os/core/include/tee/tee_cryp_utl.h /optee_os/core/kernel/lockdep.c /optee_os/core/lib/libtomcrypt/aes.c /optee_os/core/lib/libtomcrypt/aes_accel.c /optee_os/core/lib/libtomcrypt/dsa.c /optee_os/core/lib/libtomcrypt/rsa.c /optee_os/core/lib/libtomcrypt/sha1_accel.c /optee_os/core/lib/libtomcrypt/sha256_accel.c /optee_os/core/lib/libtomcrypt/src/ciphers/aes/sub.mk /optee_os/core/lib/libtomcrypt/src/hashes/sha2/sub.mk /optee_os/core/lib/libtomcrypt/src/hashes/sub.mk /optee_os/core/lib/libtomcrypt/src/headers/tomcrypt_hash.h /optee_os/core/lib/libtomcrypt/sub.mk /optee_os/core/mm/fobj.c /optee_os/core/pta/tests/aes_perf.c /optee_os/core/pta/tests/invoke.c /optee_os/core/pta/tests/misc.h /optee_os/core/pta/tests/sub.mk /optee_os/core/tee/tee_cryp_concat_kdf.c /optee_os/core/tee/tee_cryp_hkdf.c /optee_os/core/tee/tee_cryp_pbkdf2.c /optee_os/core/tee/tee_cryp_utl.c /optee_os/core/tee/tee_svc.c /optee_os/core/tee/tee_svc_cryp.c /optee_os/ldelf/ldelf.ld.S /optee_os/lib/libmbedtls/core/aes.c /optee_os/lib/libmbedtls/core/aes_cbc.c /optee_os/lib/libmbedtls/core/aes_ctr.c /optee_os/lib/libmbedtls/core/aes_ecb.c /optee_os/lib/libmbedtls/core/hash.c /optee_os/lib/libmbedtls/core/rsa.c /optee_os/lib/libmbedtls/include/aes_alt.h /optee_os/lib/libmbedtls/include/mbedtls_config_kernel.h /optee_os/lib/libmbedtls/mbedtls/CONTRIBUTING.md /optee_os/lib/libmbedtls/mbedtls/ChangeLog /optee_os/lib/libmbedtls/mbedtls/README.md /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/aes.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/aesni.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/arc4.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/asn1write.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/base64.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/bignum.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/bn_mul.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/camellia.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ccm.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/certs.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/check_config.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cipher.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cmac.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/compat-1.3.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ctr_drbg.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/des.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/dhm.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecdh.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecdsa.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecjpake.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecp.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecp_internal.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/error.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/gcm.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/havege.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/hkdf.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/hmac_drbg.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md2.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md4.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/md5.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/net.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/nist_kw.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/padlock.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pem.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pk.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pkcs12.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pkcs5.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/platform_util.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/poly1305.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ripemd160.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/rsa.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha1.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha256.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/sha512.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_cache.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_ciphersuites.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_cookie.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_internal.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_ticket.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/version.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_crl.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_crt.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_csr.h /optee_os/lib/libmbedtls/mbedtls/include/mbedtls/xtea.h /optee_os/lib/libmbedtls/mbedtls/library/aes.c /optee_os/lib/libmbedtls/mbedtls/library/asn1write.c /optee_os/lib/libmbedtls/mbedtls/library/bignum.c /optee_os/lib/libmbedtls/mbedtls/library/ccm.c /optee_os/lib/libmbedtls/mbedtls/library/certs.c /optee_os/lib/libmbedtls/mbedtls/library/chacha20.c /optee_os/lib/libmbedtls/mbedtls/library/cipher.c /optee_os/lib/libmbedtls/mbedtls/library/ctr_drbg.c /optee_os/lib/libmbedtls/mbedtls/library/debug.c /optee_os/lib/libmbedtls/mbedtls/library/des.c /optee_os/lib/libmbedtls/mbedtls/library/dhm.c /optee_os/lib/libmbedtls/mbedtls/library/ecdh.c /optee_os/lib/libmbedtls/mbedtls/library/ecdsa.c /optee_os/lib/libmbedtls/mbedtls/library/ecjpake.c /optee_os/lib/libmbedtls/mbedtls/library/ecp.c /optee_os/lib/libmbedtls/mbedtls/library/ecp_curves.c /optee_os/lib/libmbedtls/mbedtls/library/error.c /optee_os/lib/libmbedtls/mbedtls/library/havege.c /optee_os/lib/libmbedtls/mbedtls/library/hmac_drbg.c /optee_os/lib/libmbedtls/mbedtls/library/md4.c /optee_os/lib/libmbedtls/mbedtls/library/md5.c /optee_os/lib/libmbedtls/mbedtls/library/net_sockets.c /optee_os/lib/libmbedtls/mbedtls/library/oid.c /optee_os/lib/libmbedtls/mbedtls/library/pkparse.c /optee_os/lib/libmbedtls/mbedtls/library/pkwrite.c /optee_os/lib/libmbedtls/mbedtls/library/platform_util.c /optee_os/lib/libmbedtls/mbedtls/library/poly1305.c /optee_os/lib/libmbedtls/mbedtls/library/ripemd160.c /optee_os/lib/libmbedtls/mbedtls/library/rsa.c /optee_os/lib/libmbedtls/mbedtls/library/sha1.c /optee_os/lib/libmbedtls/mbedtls/library/sha256.c /optee_os/lib/libmbedtls/mbedtls/library/sha512.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_ciphersuites.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_srv.c /optee_os/lib/libmbedtls/mbedtls/library/ssl_tls.c /optee_os/lib/libmbedtls/mbedtls/library/timing.c /optee_os/lib/libmbedtls/mbedtls/library/version_features.c /optee_os/lib/libmbedtls/mbedtls/library/x509.c /optee_os/lib/libmbedtls/mbedtls/library/x509_crl.c /optee_os/lib/libmbedtls/mbedtls/library/x509_crt.c /optee_os/lib/libmbedtls/mbedtls/library/x509_csr.c /optee_os/lib/libmbedtls/mbedtls/library/x509write_crt.c /optee_os/lib/libmbedtls/mbedtls/library/x509write_csr.c /optee_os/lib/libmbedtls/sub.mk /optee_os/lib/libutee/include/pta_invoke_tests.h /optee_os/lib/libutee/include/utee_defines.h /optee_os/lib/libutee/tee_api_operations.c /optee_os/lib/libutils/isoc/newlib/sub.mk /optee_os/mk/config.mk pkcs11/src/pkcs11_token.c
226699cb	02-Apr-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: remove inline comment about persistent object database Remove inline comment that is not relevant since PKCS11 object database is not implemented yet. Signed-off-by: Etienne Carriere <e ta: pkcs11: remove inline comment about persistent object database Remove inline comment that is not relevant since PKCS11 object database is not implemented yet. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... pkcs11/src/persistent_token.c
ee49d9f2	02-Apr-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: fixup header file inclusion ordering Fix order of included header files where applicable. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Rouven Czerwinski <r ta: pkcs11: fixup header file inclusion ordering Fix order of included header files where applicable. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... pkcs11/src/pkcs11_token.c pkcs11/src/serializer.h
fce35058	02-Apr-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: fixup user id in init_pin_key() Minor simplification of init_pin_keys() prototype. Change argument unsigned int uid to enum pkcs11_user_type type since it's what is provided by the calle ta: pkcs11: fixup user id in init_pin_key() Minor simplification of init_pin_keys() prototype. Change argument unsigned int uid to enum pkcs11_user_type type since it's what is provided by the called and expected by the function. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/.shippable.yml /optee_os/core/arch/arm/crypto/ghash-ce-core_a32.S /optee_os/core/arch/arm/crypto/ghash-ce-core_a64.S /optee_os/core/arch/arm/kernel/thread_a32.S /optee_os/core/arch/arm/kernel/thread_a64.S /optee_os/core/arch/arm/plat-imx/drivers/imx_snvs.c /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_clk.c /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_rcc.h /optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c /optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h /optee_os/core/arch/arm/sm/sm_a32.S /optee_os/core/drivers/stm32_etzpc.c /optee_os/core/drivers/stm32_rng.c /optee_os/core/tee/tee_svc.c /optee_os/lib/libutils/isoc/arch/arm/arm32_aeabi_divmod_a32.S /optee_os/lib/libutils/isoc/arch/arm/arm32_aeabi_ldivmod_a32.S pkcs11/src/persistent_token.c
6e4f8f17	12-Mar-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: session commands support Add and remove session from session list owned by the client session. Generate client session IDs using handle.c (produced indices like starting from 1). entry_ ta: pkcs11: session commands support Add and remove session from session list owned by the client session. Generate client session IDs using handle.c (produced indices like starting from 1). entry_ck_open_session(): uses set_session_state() to default new session instances. entry_ck_close_session() and entry_ck_close_all_sessions() use close_ck_session() to factorize session resource release. entry_ck_session_info() reads session state as when called. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> show more ... pkcs11/src/entry.c pkcs11/src/pkcs11_token.c pkcs11/src/pkcs11_token.h
e084583e	12-Mar-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: register a client instance for each opened TEE session Each TEE session open toward the TA creates a client reference. It can be used by command handlers to identify client. Client refer ta: pkcs11: register a client instance for each opened TEE session Each TEE session open toward the TA creates a client reference. It can be used by command handlers to identify client. Client reference is passed between TA and client library using the TEE session argument in the GPD TEE Client API. Value used is the client instance address in the TA (as a void *) and is abstracted with an opaque ID by OP-TEE Core between being exposed to client. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> show more ... pkcs11/src/entry.c pkcs11/src/pkcs11_token.c pkcs11/src/pkcs11_token.h
22ada947	12-Mar-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: handle database for various client references Dump core/kernel/handle.c into PKCS11 TA source tree with some changes: - Remove ptr_destructor() support, - Adapt the TEE Internal APIs (I. ta: pkcs11: handle database for various client references Dump core/kernel/handle.c into PKCS11 TA source tree with some changes: - Remove ptr_destructor() support, - Adapt the TEE Internal APIs (I.e. TEE_MemMove() instead of memcpy()), - Produce 32bit IDs starting from 1, 0 is reserved as undefined reference. Most handles return by the TA to the client are 32bit unsigned values as per TA API. handle.c will manage these IDs. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> show more ... pkcs11/src/handle.c pkcs11/src/handle.h pkcs11/src/sub.mk
d21ec5f4	12-Mar-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: add mechanism info and session command to helpers Add mechanism info and session management command IDs in debug helpers of the PKCS11 TA. Signed-off-by: Etienne Carriere <etienne.carri ta: pkcs11: add mechanism info and session command to helpers Add mechanism info and session management command IDs in debug helpers of the PKCS11 TA. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> show more ... pkcs11/src/pkcs11_helpers.c pkcs11/src/pkcs11_helpers.h
aaa6cf9d	11-Mar-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: define TA commands related to session management Define commands PKCS11_CMD_CLOSE_SESSION, PKCS11_CMD_CLOSE_SESSION, PKCS11_CMD_CLOSE_SESSION and PKCS11_CMD_CLOSE_SESSION and related res ta: pkcs11: define TA commands related to session management Define commands PKCS11_CMD_CLOSE_SESSION, PKCS11_CMD_CLOSE_SESSION, PKCS11_CMD_CLOSE_SESSION and PKCS11_CMD_CLOSE_SESSION and related resources in the PKCS11 TA API. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> show more ... /optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_rcc.c /optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h /optee_os/core/tee/tee_rpmb_fs.c pkcs11/include/pkcs11_ta.h
1d3ebedb	17-Feb-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: command to get mechanism info Implement command PKCS11_CMD_MECHANISM_INFO for client to get information on a specific mechanism embedded in a token. Signed-off-by: Etienne Carriere <eti ta: pkcs11: command to get mechanism info Implement command PKCS11_CMD_MECHANISM_INFO for client to get information on a specific mechanism embedded in a token. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... pkcs11/src/entry.c pkcs11/src/pkcs11_token.c pkcs11/src/pkcs11_token.h
6f74919d	04-Feb-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: command to get mechanisms embedded in a token Implement command PKCS11_CMD_MECHANISM_IDS for client to get IDs of the mechanisms embedded in a token Signed-off-by: Etienne Carriere <eti ta: pkcs11: command to get mechanisms embedded in a token Implement command PKCS11_CMD_MECHANISM_IDS for client to get IDs of the mechanisms embedded in a token Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... pkcs11/src/entry.c pkcs11/src/pkcs11_token.c pkcs11/src/pkcs11_token.h
8849c126	18-Feb-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: support for mechanism embedded in a token Implement token_capabilities.c to centralize the mechanisms supported by a token. As PKCS11 TA can implemented several token, each token may pro ta: pkcs11: support for mechanism embedded in a token Implement token_capabilities.c to centralize the mechanisms supported by a token. As PKCS11 TA can implemented several token, each token may provide support for a restricted list of mechanisms and processing over these mechanisms. Array pkcs11_modes[] is used to strictly define the processing that are allowed for a mechanism as per PKCS#11 specification. Conversion of a mechanism ID into a debug friendly string is implemented in token_capabilities.c rather than pkcs11_helpers.c as for the other string helpers since the source file already defines the list of the valid mechanism IDs, hence an indirection from id2str_mechanism() to mechanism_string_id(). Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... pkcs11/src/pkcs11_helpers.h pkcs11/src/sub.mk pkcs11/src/token_capabilities.c pkcs11/src/token_capabilities.h
91753548	17-Feb-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: define mechanism info resources in ta api Define mechanism info structure returned by the TA on command PKCS11_CMD_MECHANISM_INFO related to client API function C_GetMechanismInfo(). Th ta: pkcs11: define mechanism info resources in ta api Define mechanism info structure returned by the TA on command PKCS11_CMD_MECHANISM_INFO related to client API function C_GetMechanismInfo(). This change also define mechanism identifier for AES ECB in the TA API even if this mechanism is not yet supported by the TA. This change is needed to serve as an example of a mechanism for which a client can invoke the PKCS11 TA to get information from. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... pkcs11/include/pkcs11_ta.h
60659a86	17-Mar-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: factorize persistent file name get_db_file_name() and get_pin_file_name() factorize TEE object file IDs. open_db_file() and open_pin_file() factorize opening of TA persistent database o ta: pkcs11: factorize persistent file name get_db_file_name() and get_pin_file_name() factorize TEE object file IDs. open_db_file() and open_pin_file() factorize opening of TA persistent database object and PIN cipher key objects. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/plat-imx/crypto_conf.mk /optee_os/core/arch/arm/plat-stm32mp1/shared_resources.c /optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h /optee_os/core/arch/arm/tee/entry_std.c /optee_os/core/crypto/crypto.c /optee_os/core/drivers/crypto/caam/caam_ctrl.c /optee_os/core/drivers/crypto/caam/cipher/caam_cipher.c /optee_os/core/drivers/crypto/caam/cipher/caam_cipher_xts.c /optee_os/core/drivers/crypto/caam/cipher/local.h /optee_os/core/drivers/crypto/caam/cipher/sub.mk /optee_os/core/drivers/crypto/caam/include/caam_cipher.h /optee_os/core/drivers/crypto/caam/include/caam_trace.h /optee_os/core/drivers/crypto/caam/sub.mk /optee_os/core/drivers/crypto/crypto_api/cipher/cipher.c /optee_os/core/drivers/crypto/crypto_api/cipher/sub.mk /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt.h /optee_os/core/drivers/crypto/crypto_api/include/drvcrypt_cipher.h /optee_os/core/drivers/crypto/crypto_api/sub.mk /optee_os/core/drivers/gic.c /optee_os/core/drivers/stm32_etzpc.c /optee_os/core/include/crypto/crypto_impl.h /optee_os/lib/libutee/include/tee_api_defines_extensions.h pkcs11/src/persistent_token.c
b4f1a77e	17-Mar-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: fix token flags as per specification Fix the token flags position that are expected to match the PKCS#11 specification and did not. Fixes: a67dc424ff106 ("ta: pkcs11: API for slot/token ta: pkcs11: fix token flags as per specification Fix the token flags position that are expected to match the PKCS#11 specification and did not. Fixes: a67dc424ff106 ("ta: pkcs11: API for slot/token information") Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... /optee_os/core/arch/arm/kernel/early_ta.c /optee_os/core/arch/arm/kernel/ree_fs_ta.c /optee_os/core/arch/arm/mm/tee_mmu.c /optee_os/core/arch/arm/mm/tee_pager.c /optee_os/core/drivers/bnxt/bnxt_fw.c /optee_os/core/include/signed_hdr.h /optee_os/core/pta/gprof.c /optee_os/core/pta/system.c /optee_os/lib/libutils/ext/include/util.h /optee_os/mk/lib.mk pkcs11/include/pkcs11_ta.h
9dbdd8cd	18-Mar-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: identify user as per define user types Define users with CKU User Type in Cryptoki API: PKCS11_CKU_SO and PKCS11_CKU_USER. They will be used as identifiers for login and related PKCS#11 ta: pkcs11: identify user as per define user types Define users with CKU User Type in Cryptoki API: PKCS11_CKU_SO and PKCS11_CKU_USER. They will be used as identifiers for login and related PKCS#11 API functions. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> show more ... pkcs11/include/pkcs11_ta.h pkcs11/src/persistent_token.c
37d01a77	17-Mar-2020	Etienne Carriere <etienne.carriere@linaro.org>	ta: pkcs11: use sizeof(rc) instead of sizeof(uint32_t) Prefer sizeof() to use rc reference rather than explicit 32bit. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jer ta: pkcs11: use sizeof(rc) instead of sizeof(uint32_t) Prefer sizeof() to use rc reference rather than explicit 32bit. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Reviewed-by: Jerome Forissier <jerome@forissier.org> show more ... /optee_os/core/arch/arm/include/mm/core_mmu.h /optee_os/core/arch/arm/kernel/generic_entry_a32.S /optee_os/core/arch/arm/kernel/generic_entry_a64.S /optee_os/core/arch/arm/kernel/thread_a32.S /optee_os/core/arch/arm/kernel/user_ta.c /optee_os/core/arch/arm/mm/core_mmu_lpae.c /optee_os/core/arch/arm/mm/core_mmu_v7.c /optee_os/core/drivers/crypto/caam/acipher/caam_rsa.c /optee_os/core/drivers/crypto/crypto_api/acipher/rsassa.c /optee_os/ldelf/ta_elf.c /optee_os/ldelf/ta_elf_rel.c /optee_os/lib/libutee/include/arm64_user_sysreg.h /optee_os/lib/libutils/isoc/include/setjmp.h pkcs11/src/entry.c
1...<<11 121314 15 16 17 18 19 20