| 45507d10 | 18-Nov-2022 |
Khoa Hoang <admin@khoahoang.com> |
Add support for compiler stack protector
This change add support for CFG_CORE_STACK_PROTECTOR{,_STRONG,_ALL}
and CFG_TA_STACK_PROTECTOR{,_STRONG,_ALL}. This flag enable the
compiler stack overflow p
Add support for compiler stack protector
This change add support for CFG_CORE_STACK_PROTECTOR{,_STRONG,_ALL}
and CFG_TA_STACK_PROTECTOR{,_STRONG,_ALL}. This flag enable the
compiler stack overflow protection feature -fstack-protector* and
also generate random stack canary value on kernel boot and TA entry.
Weak function plat_get_random_stack_canary() can be override by
platform to provide random stack canary value for the core kernel.
Signed-off-by: Khoa Hoang <admin@khoahoang.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| efb29c60 | 11-Nov-2022 |
Jorge Ramirez-Ortiz <jorge@foundries.io> |
MAINTAINERS: Versal ACAP: ECC driver maintained
Maintain ECC driver for Versal ACAP.
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org> |
| 49b0febc | 04-Jul-2022 |
Jorge Ramirez-Ortiz <jorge@foundries.io> |
crypto: versal: elliptic curve cryptography driver
This driver uses the PLM xilsecure service to deliver ECC sign/verify
functionality.
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked
crypto: versal: elliptic curve cryptography driver
This driver uses the PLM xilsecure service to deliver ECC sign/verify
functionality.
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 5879c0ee | 21-Nov-2022 |
Jorge Ramirez-Ortiz <jorge@foundries.io> |
lib: mbedtls: ecc: support the crypto driver
Provide an interface that can be used by drivers using the Crypto API
so that they can fallback to MBEDTLS software operations.
Signed-off-by: Jorge Ram
lib: mbedtls: ecc: support the crypto driver
Provide an interface that can be used by drivers using the Crypto API
so that they can fallback to MBEDTLS software operations.
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| e7971844 | 21-Nov-2022 |
Jorge Ramirez-Ortiz <jorge@foundries.io> |
core: ltc: ecc: support the crypto driver
Provide an interface that can be used by drivers using the Crypto API
so that they can fallback to LTC software operations.
Signed-off-by: Jorge Ramirez-Or
core: ltc: ecc: support the crypto driver
Provide an interface that can be used by drivers using the Crypto API
so that they can fallback to LTC software operations.
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 5516c6cd | 21-Nov-2022 |
Jorge Ramirez-Ortiz <jorge@foundries.io> |
core: ecc: support the crypto driver
Provide an interface that cryptographic IC drivers can use to fallback
to the software implementation of the algorithms.
This supports the use case where vulner
core: ecc: support the crypto driver
Provide an interface that cryptographic IC drivers can use to fallback
to the software implementation of the algorithms.
This supports the use case where vulnerabilities in the IC algorithms
can be addressed without a respin of the hardware.
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 8fab4371 | 30-Nov-2022 |
liushiwei <liushiwei@eswincomputing.com> |
ldelf: support RISC-V
Add 64-bit RISC-V ldelf startup assembly and
parsing 64-bit ELF files.
Signed-off-by: liushiwei <liushiwei@eswincomputing.com>
Tested-by: liushiwei <liushiwei@eswincomputing.c
ldelf: support RISC-V
Add 64-bit RISC-V ldelf startup assembly and
parsing 64-bit ELF files.
Signed-off-by: liushiwei <liushiwei@eswincomputing.com>
Tested-by: liushiwei <liushiwei@eswincomputing.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| f197f055 | 30-Nov-2022 |
liushiwei <liushiwei@eswincomputing.com> |
libutils: confine_array_index: add support for RISC-V
Add a naive C implementation for RISC-V.
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: liushiwei <liushiwei@eswincomputin
libutils: confine_array_index: add support for RISC-V
Add a naive C implementation for RISC-V.
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: liushiwei <liushiwei@eswincomputing.com>
Reviewed-by: chenchaokai <chenchaokai@eswincomputing.com>
show more ...
|
| 041e28a1 | 21-Nov-2022 |
Etienne Carriere <etienne.carriere@linaro.org> |
core: tee_svc_storage: remove unused local variable
Removes file local variable from syscall_storage_obj_open() that is
not used.
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewe
core: tee_svc_storage: remove unused local variable
Removes file local variable from syscall_storage_obj_open() that is
not used.
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| 75d6a373 | 28-Nov-2022 |
Jens Wiklander <jens.wiklander@linaro.org> |
Use struct utee_object_info in TA syscall abi
TEE_ObjectInfo was until now used in the syscall ABI provided to TAs.
TEE_ObjectInfo changes in later versions of the TEE Internal Core API so
add an in
Use struct utee_object_info in TA syscall abi
TEE_ObjectInfo was until now used in the syscall ABI provided to TAs.
TEE_ObjectInfo changes in later versions of the TEE Internal Core API so
add an independent definition with struct utee_object_info in order to
preserve a stable ABI.
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 181f0998 | 28-Nov-2022 |
Jens Wiklander <jens.wiklander@linaro.org> |
core: update to new field names in TEE_ObjectInfo
With GP TEE Internal Core API version 1.1.1 the two fields keySize and
maxKeySize was renamed to objectSize and maxObjectSize respectively.
Update t
core: update to new field names in TEE_ObjectInfo
With GP TEE Internal Core API version 1.1.1 the two fields keySize and
maxKeySize was renamed to objectSize and maxObjectSize respectively.
Update the rest of the core code to reflect that change as a preparation
for future updates.
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 4b0f9953 | 26-Nov-2022 |
Jens Wiklander <jens.wiklander@linaro.org> |
Move tee_api.h and tee_ta_api.h into tee_internal_api.h
The Global Platform TEE Internal Core specifications only mentions
tee_internal_api.h, the other .h files are part of the OP-TEE specific
impl
Move tee_api.h and tee_ta_api.h into tee_internal_api.h
The Global Platform TEE Internal Core specifications only mentions
tee_internal_api.h, the other .h files are part of the OP-TEE specific
implementation. Having a separate tee_api_defines.h for defines and a
tee_api_types.h for types is useful in OP-TEE core, but tee_api.h and
tee_ta_api.h adds nothing of value. Quite the opposite as it will make
it harder than necessary to implement the macro tricks needed for
backwards compatibility when updating to a more recent standard.
So to simplify things, move function declarations in tee_api.h and
tee_ta_api.h into tee_internal_api.h. tee_api.h and tee_ta_api.h are
kept for compatibility, but they are only including
<tee_internal_api.h>.
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 9446de32 | 22-Nov-2022 |
Etienne Carriere <etienne.carriere@linaro.org> |
dts: stm32: reorder node in ST stm32mp15 board DTS files
Fixes node ordering in stm32mp15 DTS files where nodes shall be listed
in the alphabetical order of the node phandle labels.
Acked-by: Jerom
dts: stm32: reorder node in ST stm32mp15 board DTS files
Fixes node ordering in stm32mp15 DTS files where nodes shall be listed
in the alphabetical order of the node phandle labels.
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| 4f6cde8f | 18-Oct-2022 |
Etienne Carriere <etienne.carriere@linaro.org> |
dts: stm32: sync GPIO-z node name with linux stm32mp151.dtsi
Upgrades pinctrl-z DTS node name to Linux v5.19 stm32mp151.dtsi file.
This change updates a related platform function that was based on t
dts: stm32: sync GPIO-z node name with linux stm32mp151.dtsi
Upgrades pinctrl-z DTS node name to Linux v5.19 stm32mp151.dtsi file.
This change updates a related platform function that was based on the
old node string name. It is changed to look for target compatible node
instead.
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| e076782b | 26-Aug-2022 |
Etienne Carriere <etienne.carriere@linaro.org> |
dts: stm32: disable unused nodes in ST stm32mp15 boards DTS files
Disables nodes not consumed by OP-TEE for ST boards based on stm32mp15
devices.
Acked-by: Jerome Forissier <jerome.forissier@linaro
dts: stm32: disable unused nodes in ST stm32mp15 boards DTS files
Disables nodes not consumed by OP-TEE for ST boards based on stm32mp15
devices.
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| 9b5d5284 | 22-Aug-2022 |
Etienne Carriere <etienne.carriere@linaro.org> |
dts: stm32: remove commented out GPIO properties in stm32mp157c-ev1
Deletes DTS file lines related to DT node properties not embedded in
OP-TEE.
Acked-by: Jerome Forissier <jerome.forissier@linaro.
dts: stm32: remove commented out GPIO properties in stm32mp157c-ev1
Deletes DTS file lines related to DT node properties not embedded in
OP-TEE.
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| a178cce2 | 21-Oct-2022 |
Andrew Mustea <andrew.mustea@microsoft.com> |
dts: fsl-lx2160a: add SecMon DTS node
Enable the secure-status property and disable the status property so
that the sec-mon node is only usable in the secure world.
Signed-off-by: Andrew Mustea <an
dts: fsl-lx2160a: add SecMon DTS node
Enable the secure-status property and disable the status property so
that the sec-mon node is only usable in the secure world.
Signed-off-by: Andrew Mustea <andrew.mustea@microsoft.com>
Reviewed-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
show more ...
|
| aa8c4695 | 15-Nov-2022 |
Marouene Boubakri <marouene.boubakri@nxp.com> |
riscv: include: riscv.h: define generic CSR registers
To allow reading/writing CSR registers regardless the privilege mode
selected to build and boot OP-TEE OS.
Signed-off-by: Marouene Boubakri <ma
riscv: include: riscv.h: define generic CSR registers
To allow reading/writing CSR registers regardless the privilege mode
selected to build and boot OP-TEE OS.
Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
[jf: set author to be same as Signed-off-by:]
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
show more ...
|
| 9afe87e0 | 14-Nov-2022 |
Marouene Boubakri <marouene.boubakri@nxp.com> |
riscv: kernel: add console driver for S-Mode using SBI
Implements a generic console driver using legacy SBI extension.
This introduces a flag CFG_RISCV_SBI_CONSOLE to decide building
the driver or n
riscv: kernel: add console driver for S-Mode using SBI
Implements a generic console driver using legacy SBI extension.
This introduces a flag CFG_RISCV_SBI_CONSOLE to decide building
the driver or not. This allows using another UART driver instead.
Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
[jf: set author to be same as Signed-off-by:]
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
show more ...
|
| 3cdf0b24 | 11-Nov-2022 |
Marouene Boubakri <marouene.boubakri@nxp.com> |
riscv: kernel: sbi: add RISC-V SBI interface
Allow OP-TEE core running in S-Mode (supervisor) to interface with
Supervisor Execution Environment (SEE) through environmental calls (ecall).
Adds CFG_R
riscv: kernel: sbi: add RISC-V SBI interface
Allow OP-TEE core running in S-Mode (supervisor) to interface with
Supervisor Execution Environment (SEE) through environmental calls (ecall).
Adds CFG_RISCV_SBI flag to enable or disable it.
Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
[jf: set author to be same as Signed-off-by:]
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
show more ...
|
| 7c14296e | 11-Nov-2022 |
Marouene Boubakri <marouene.boubakri@nxp.com> |
riscv: core: riscv.mk: select privilege mode of OP-TEE core
Introduce CFG_RISCV_M_MODE and CFG_RISCV_S_MODE flags to decide
in which privilege level OP-TEE OS will run, respectively, machine mode
or
riscv: core: riscv.mk: select privilege mode of OP-TEE core
Introduce CFG_RISCV_M_MODE and CFG_RISCV_S_MODE flags to decide
in which privilege level OP-TEE OS will run, respectively, machine mode
or supervisor mode.
Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
[jf: set author to be same as Signed-off-by:]
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
show more ...
|
| b18d0251 | 08-Nov-2022 |
Marouene Boubakri <marouene.boubakri@nxp.com> |
riscv: kernel: spinlock.S: make __cpu_spin_trylock() visible
Function __cpu_spin_trylock() is need by trace_ext.c, therefore,
do not hide it.
Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp
riscv: kernel: spinlock.S: make __cpu_spin_trylock() visible
Function __cpu_spin_trylock() is need by trace_ext.c, therefore,
do not hide it.
Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 5305bce1 | 08-Nov-2022 |
Marouene Boubakri <marouene.boubakri@nxp.com> |
core: kernel: move trace_ext.c to core/kernel
Functions in trace_ext.c are architecture independent, therefore, code
could be moved to core/kernel.
Signed-off-by: Marouene Boubakri <marouene.boubak
core: kernel: move trace_ext.c to core/kernel
Functions in trace_ext.c are architecture independent, therefore, code
could be moved to core/kernel.
Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
show more ...
|
| 7e85f665 | 02-Nov-2022 |
Marouene Boubakri <marouene.boubakri@nxp.com> |
riscv: plat-spike: conf.mk: set CFG_TEE_CORE_LOG_LEVEL to default
Do not force CFG_TEE_CORE_LOG_LEVEL to zero in
core/arch/riscv/plat-spike/conf.mk
Signed-off-by: Marouene Boubakri <marouene.boubak
riscv: plat-spike: conf.mk: set CFG_TEE_CORE_LOG_LEVEL to default
Do not force CFG_TEE_CORE_LOG_LEVEL to zero in
core/arch/riscv/plat-spike/conf.mk
Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 2f39a4c2 | 02-Nov-2022 |
Marouene Boubakri <marouene.boubakri@nxp.com> |
riscv: mm: tlb_helpers_rv.S: translation look-aside buffer invalidate
Implement tlbi_all(), tlbi_mva_allasid() and tlbi_asid() using supervisor
memory-management fence instruction SFENCE.VMA.
Signe
riscv: mm: tlb_helpers_rv.S: translation look-aside buffer invalidate
Implement tlbi_all(), tlbi_mva_allasid() and tlbi_asid() using supervisor
memory-management fence instruction SFENCE.VMA.
Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|