core: add support for SM2 using MBed TLS

The SM2 algorithms (PKE, KEP and DSA) are currently implemented using
LibTomCrypt. They are automatically disabled when MBed TLS is selected
as the core cryp

core: add support for SM2 using MBed TLS

The SM2 algorithms (PKE, KEP and DSA) are currently implemented using
LibTomCrypt. They are automatically disabled when MBed TLS is selected
as the core crypto library (that is, when CFG_CRYPTOLIB_NAME=mbedtls
CFG_CRYPTOLIB_DIR=lib/libmbedtls).

This commit removes this restriction by porting the relevant files
(core/lib/libtomcrypt/sm2-{dsa,kep,pke}.c) over to the MBed TLS API in
lib/libmbedtls/core.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: crypto: sm2: do not panic core if key allocation fails

During SM2 key derivation via syscall_cryp_derive_key(), if
crypto_acipher_alloc_ecc_public_key() fails for whatever reason in
get_sm2_ke

core: crypto: sm2: do not panic core if key allocation fails

During SM2 key derivation via syscall_cryp_derive_key(), if
crypto_acipher_alloc_ecc_public_key() fails for whatever reason in
get_sm2_kep_params(), peer_key and/or peer_eph_key are left in an invalid
state and it is incorrect to call crypto_acipher_free_ecc_public_key()
in this case. Doing so causes a core panic:

E/TC:? 0 assertion 'key->ops && key->ops->free' failed at core/crypto/crypto.c:702 <crypto_acipher_free_ecc_public_key>
E/TC:1 0 Panic at core/kernel/assert.c:28 <_assert_break>

Fix the get_sm2_kep_params() cleanup code to avoid this situation.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

libmbedtls: add SM2 curve

When MBEDTLS_ECP_DP_SM2_ENABLED is set, adds support for the ECC curve
defined for the Chinese SM2 algorithm (G/MT 0003 Part 5, [1]).

Link: [1] http://www.gmbz.org.cn/uplo

libmbedtls: add SM2 curve

When MBEDTLS_ECP_DP_SM2_ENABLED is set, adds support for the ECC curve
defined for the Chinese SM2 algorithm (G/MT 0003 Part 5, [1]).

Link: [1] http://www.gmbz.org.cn/upload/2018-07-24/1532401863206085511.pdf
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: ltc: move sm2_kdf() to common core/crypto/sm2-kdf.c

The key derivation function sm2_kdf() is a helper function used by SM2
KEP (Key Exchange Protocol) and PKE (Private Key Encryption). It is
c

core: ltc: move sm2_kdf() to common core/crypto/sm2-kdf.c

The key derivation function sm2_kdf() is a helper function used by SM2
KEP (Key Exchange Protocol) and PKE (Private Key Encryption). It is
currently implemented in core/lib/libtomcrypt/sm2_kdf.c, next to the SM2
source code based on LibTomCrypt.

In order to provide an MBed TLS implementation of SM2, the helper
function shall be outside the LibTomCrypt directory. Move it to
core/crypto/sm2-kdf.c.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

libutee: sockets: drop useless & before function names

There is no need to use & on a function name to obtain the function
address. Drop the useless & characters.

Signed-off-by: Jerome Forissier <j

libutee: sockets: drop useless & before function names

There is no need to use & on a function name to obtain the function
address. Drop the useless & characters.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: libmbedtls: drop useless & before function names

There is no need to use & on a function name to obtain the function
address. Drop the useless & characters.

Signed-off-by: Jerome Forissier <j

core: libmbedtls: drop useless & before function names

There is no need to use & on a function name to obtain the function
address. Drop the useless & characters.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: libtomcrypt: drop useless & before function names

There is no need to use & on a function name to obtain the function
address. Drop the useless & characters.

Signed-off-by: Jerome Forissier <

core: libtomcrypt: drop useless & before function names

There is no need to use & on a function name to obtain the function
address. Drop the useless & characters.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: se050: drop useless & before function names

There is no need to use & on a function name to obtain the function
address. Drop the useless & characters.

Signed-off-by: Jerome Forissier <jer

drivers: se050: drop useless & before function names

There is no need to use & on a function name to obtain the function
address. Drop the useless & characters.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: crypto: drop useless & before function names

There is no need to use & on a function name to obtain the function
address. Drop the useless & characters.

Signed-off-by: Jerome Forissier <je

drivers: crypto: drop useless & before function names

There is no need to use & on a function name to obtain the function
address. Drop the useless & characters.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: caam: drop useless & before function names

There is no need to use & on a function name to obtain the function
address. Drop the useless & characters.

Signed-off-by: Jerome Forissier <jero

drivers: caam: drop useless & before function names

There is no need to use & on a function name to obtain the function
address. Drop the useless & characters.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: add a new API to interact with plugins from TA

This patch adds a new API to libutee to interact
with tee-supplicant plugins from TEE userspace.

Every user TA can use 'tee_invoke_supp_plugi

libutee: add a new API to interact with plugins from TA

This patch adds a new API to libutee to interact
with tee-supplicant plugins from TEE userspace.

Every user TA can use 'tee_invoke_supp_plugin()' to send any commands
to a plugin. The commands are predefined by the plugin developer.

See the https://github.com/linaro-swg/optee_examples
repo for an example of using plugins.

Signed-off-by: Aleksandr Anisimov <a.anisimov@omprussia.ru>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add a new RPC as an interface to tee-supplicant plugins

Any external TEE services can be designed as a tee-supplicant plugin.
The plugins will be loaded by the supplicant during startup proces

core: add a new RPC as an interface to tee-supplicant plugins

Any external TEE services can be designed as a tee-supplicant plugin.
The plugins will be loaded by the supplicant during startup process
using libdl.
It makes it easy to:
- add new features in the supplicant that aren't needed in upstream,
e.g. Rich OS specific services;
- sync upstream version with own fork;

This patch adds a new RPC - 'OPTEE_RPC_CMD_SUPP_PLUGIN' as an unified
interface between OP-TEE and any plugins. Kernel code can use it
to call for execution of some command in plugins.

Every plugin has own name based on UUID.
OP-TEE has access to plugins by it.

See definition of protocol for the plugin RPC command
in 'core/include/optee_rpc_cmd.h' file.

Signed-off-by: Aleksandr Anisimov <a.anisimov@omprussia.ru>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: fix shared memory buffer rpc allocation

When dynamic shared memory has been configured, contiguous shared
memory regions outside reserved SHM need to be included in the
allocation pool.

To ke

core: fix shared memory buffer rpc allocation

When dynamic shared memory has been configured, contiguous shared
memory regions outside reserved SHM need to be included in the
allocation pool.

To keep the implementation simple, we will restrict the size of these
allocations to a single page; we can then leverage the mechanism used
for the allocation of arguments.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

libmbedtls: core: fix copy of AES context

The mbedtls_aes_context type cannot generally be copied with a simple
assignment (dst = src) because it contains a pointer field ('rk') which
needs to point

libmbedtls: core: fix copy of AES context

The mbedtls_aes_context type cannot generally be copied with a simple
assignment (dst = src) because it contains a pointer field ('rk') which
needs to point to the 'buf' field. The current code is incorrect and
causes errors in xtest 4003 on all platforms that do not have
CFG_CRYPTO_WITH_CE=y. When CE is enabled, a different structure
mbedtls_aes_context from aes_alt.h is used and the copy is correct.

Introduce a helper function: mbed_copy_mbedtls_aes_context() to perform
the copy operation and use it when copying AES ECB, CBC and CTR
contexts.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libmbedtls: core: rename mbd_rand.h to mbed_helpers.h

mbd_rand.h contains only one helper function: mbd_rand(). Give it a more
generic name so that other functions may be added in subsequent commits

libmbedtls: core: rename mbd_rand.h to mbed_helpers.h

mbd_rand.h contains only one helper function: mbd_rand(). Give it a more
generic name so that other functions may be added in subsequent commits.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

link: make section size definitions relocation-proof

Value of define VCORE_UNPG_RW_SZ is determined by linker script and
provided to C code as a symbol value (__vcore_unpg_rw_size). This is a
standa

link: make section size definitions relocation-proof

Value of define VCORE_UNPG_RW_SZ is determined by linker script and
provided to C code as a symbol value (__vcore_unpg_rw_size). This is a
standard way of sharing linker variables with C code, which is described in
ld manual.

Problem is that linker sometimes makes those symbols relocatable and ASLR
code then moves them to random places with rest of the OP-TEE image.

For example, on build for RCAR platform I am getting those entries in
relocation section:

[...]
000000004415b120 R_AARCH64_RELATIVE *ABS*+0x0000000044100180
000000004415af60 R_AARCH64_RELATIVE *ABS*+0x000000004415fc48
000000004415afb0 R_AARCH64_RELATIVE *ABS*+0x00000000000a4000 <======
000000004415aef8 R_AARCH64_RELATIVE *ABS*+0x000000004415c000
[...]

From programmer's point of view this looks like "constant" VCORE_UNPG_RW_SZ
has random value every boot.

Obvious approach is to provide section end address and then calculate size
on C side:

#define VCORE_UNPG_RW_SZ ((size_t)(__vcore_unpg_rx_end -
__vcore_unpg_rx_start))

But with this approach compiler can't initialize constant values in
definitions like

register_phys_mem_ul(MEM_AREA_TEE_RAM_RW, VCORE_UNPG_RW_PA,
VCORE_UNPG_RW_SZ);

from core_mmu.c.

Basically, this leads to following constraints:

1. If we calculate section size in linker script, then compiler can use
it as a constant expression, but this value may be mangled by ASLR
at run-time.

2. We can't calculate section size in C code, because this value can't be
used as a constant expression.

This patch provides a workaround around this issue by providing two sets of
definitions: old _SZ definition is renamed to _SZ_UNSAFE and it should be
used only in places where a constant expression is required and provided it
is referenced only before dynamic relocations have been applied, while the
new _SZ definition can be used in all other situations.

Value of _new SZ is obtained by deducting section start address from end
address. Additional linker symbols are introduced to provide section end
addresses.

Fixes: 170e9084a84f ("core: add support for CFG_CORE_ASLR")
Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ta: avb: copy data to temporary buffers

Use intermediate temporary buffers instead of directly supplying
non-secure buffers to TEE_ReadObjectData()/TEE_CreatePersistentObject().
This fixes TA panics

ta: avb: copy data to temporary buffers

Use intermediate temporary buffers instead of directly supplying
non-secure buffers to TEE_ReadObjectData()/TEE_CreatePersistentObject().
This fixes TA panics while accessing persistent objects:

E/TC:? 0 TA panicked with code 0xffff0001
E/LD: Status of TA 023f8f1a-292a-432b-8fc4-de8471358067
...
D/TC:? 0 user_ta_enter:176 tee_user_ta_enter: TA panicked with
code 0xffff0001

Signed-off-by: Igor Opaniuk <igor.opaniuk@foundries.io>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ta/pkcs11: Use LIST_FOREACH_SAFE when removing objects from list

When traversing object list to remove objects, use LIST_FOREACH_SAFE
to avoid segmentation fault.

Signed-off-by: Ruchika Gupta <ruch

ta/pkcs11: Use LIST_FOREACH_SAFE when removing objects from list

When traversing object list to remove objects, use LIST_FOREACH_SAFE
to avoid segmentation fault.

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

ta: pkcs11: add debug string for PKCS11_CKA_KEY_GEN_MECHANISM

Add missing attribute debug string for PKCS11_CKA_KEY_GEN_MECHANISM.

Reviewed-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Reviewed-by:

ta: pkcs11: add debug string for PKCS11_CKA_KEY_GEN_MECHANISM

Add missing attribute debug string for PKCS11_CKA_KEY_GEN_MECHANISM.

Reviewed-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

show more ...

ta: pkcs11: Fix serialization handling for non-indirect attributes

Both sides of serialization and de-serialization must match the logic.

Only TEMPLATE based arguments has indirect attributes so de

ta: pkcs11: Fix serialization handling for non-indirect attributes

Both sides of serialization and de-serialization must match the logic.

Only TEMPLATE based arguments has indirect attributes so detect them and
handle them specifically.

Otherwise use standard attribute handling code for other attributes.

Reviewed-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

show more ...

ta: pkcs11: get_attribute: fix return value when querying value size

When C_GetAttributeValue() is issued with attribute with pValue == NULL:
- Size of the attribute value should be returned
- Retur

ta: pkcs11: get_attribute: fix return value when querying value size

When C_GetAttributeValue() is issued with attribute with pValue == NULL:
- Size of the attribute value should be returned
- Return value should be CKR_OK

If pValue != NULL and value does not fit then CKR_BUFFER_TOO_SMALL should
be returned.

Reviewed-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

show more ...

ta: pkcs11: get_attribute: fix returning values into larger buffer

It is completely fine for callee to allocate more memory than what is
needed.

Now attributes value is wholly copied and copied dat

ta: pkcs11: get_attribute: fix returning values into larger buffer

It is completely fine for callee to allocate more memory than what is
needed.

Now attributes value is wholly copied and copied data amount is returned.

Reviewed-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

show more ...

ta: pkcs11: fix get attribute data alignment problem

In OP-TEE there is no behind the scenes handler that would fix data
alignment problems.

Use aligned variables when accessing struct variables.

ta: pkcs11: fix get attribute data alignment problem

In OP-TEE there is no behind the scenes handler that would fix data
alignment problems.

Use aligned variables when accessing struct variables.

Reviewed-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>

show more ...

libutils: sys/queue.h: add LIST_FOREACH_SAFE()

Import macro LIST_FOREACH_SAFE from FreeBSD.

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Reviewed-by: Rouven Czerwinski <r.czerwinski@peng

libutils: sys/queue.h: add LIST_FOREACH_SAFE()

Import macro LIST_FOREACH_SAFE from FreeBSD.

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

lib: libutils: ext/isoc: sub.mk: make sources path platform generic

The path to platform specific code is hard-coded. This commit
changes it to use defined variable. This is helpful in case
of porti

lib: libutils: ext/isoc: sub.mk: make sources path platform generic

The path to platform specific code is hard-coded. This commit
changes it to use defined variable. This is helpful in case
of porting OP-TEE OS to a new architecture such we make
maximum reuse of existing sources.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...