build: introduce ld-option macro

Adds a makefile macro to test if the linker supports a given option.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander

build: introduce ld-option macro

Adds a makefile macro to test if the linker supports a given option.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: remove generic_ from generic_boot

Now that the CFG_GENERIC_BOOT configuration flag has been removed also
remove "generic_" prefix from and in the related files.

Acked-by: Etienne Carriere <et

core: remove generic_ from generic_boot

Now that the CFG_GENERIC_BOOT configuration flag has been removed also
remove "generic_" prefix from and in the related files.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: make generic boot mandatory

The OP-TEE booting has since quite some time been unified in the sense
that all platforms use CFG_GENERIC_BOOT=y. Make this configuration option
mandatory and remov

core: make generic boot mandatory

The OP-TEE booting has since quite some time been unified in the sense
that all platforms use CFG_GENERIC_BOOT=y. Make this configuration option
mandatory and remove the CFG_GENERIC_BOOT flag.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: fix ops_sec_mem in core/mm/fobj.c

Adds missing const attribute to ops_sec_mem in core/mm/fobj.c.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Joakim Bech <joakim.b

core: fix ops_sec_mem in core/mm/fobj.c

Adds missing const attribute to ops_sec_mem in core/mm/fobj.c.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Remove unused core/arch/arm/tee/svc_dummy.c

The function tee_svc_handler() doesn't exist any longer so no need for a
dummy implementation. Removes references to tee_svc_handler() and where
applicabl

Remove unused core/arch/arm/tee/svc_dummy.c

The function tee_svc_handler() doesn't exist any longer so no need for a
dummy implementation. Removes references to tee_svc_handler() and where
applicable adds references to user_ta_handle_svc() instead.

Fixes: 7c732ee481c6 ("core: get svc handler from the context of current session")
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutils: atomic.h: fix atomic_load_u32() types

Prior to this patch was atomic_load_u32() using wrong types, unsigned int
instead of the expected uint32_t. Fix this by changing the types.

Reviewed-

libutils: atomic.h: fix atomic_load_u32() types

Prior to this patch was atomic_load_u32() using wrong types, unsigned int
instead of the expected uint32_t. Fix this by changing the types.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Disable CFG_SCTLR_ALIGNMENT_CHECK (SCTLR.A) by default

With ARM CPUs, unaligned accesses are forbidden in a number of cases
such as when the MMU is disabled, or when device memory is concerned,
or w

Disable CFG_SCTLR_ALIGNMENT_CHECK (SCTLR.A) by default

With ARM CPUs, unaligned accesses are forbidden in a number of cases
such as when the MMU is disabled, or when device memory is concerned,
or with atomic instructions. However in the general case [1] and for
all modern ARMv7-A and ARMv8-A processors, they do not really matter.
Compilers such as GCC and Clang will generate unaligned accesses by
default; a specific flag (-mstrict-align or --mno-unaligned-access) has
to be supplied to prevent such code from being output.

[1] Roughly speaking: LDR/STR instructions operating on normal cached
memory.

The SCTLR.A bit ("Alignment check enable") defines whether the CPU
should allow these unaligned accesses (when set to 0) or should trap
(when set to 1). Having SCTLR.A enabled by default can be annoying for
a couple of reasons that we have met in practice:

1. TAs linked against a third-party library. Since strict alignment
is not a compiler default, it is likely that a third party library does
not enforce it. With SCTLR.A == 1, such a library would have to be
recompiled in order to be used by a TA. Recompiling may or may not be
an easy task. Concrete example: libgcc_eh.a (the C++ exception handling
support library, part of the arm-linux-gnueabihf and aarch64-linux-gnu
toolchains).
2. Compiler bug. For example, Clang 9.0.1 and 10.0.0 may erroneously
replace memcmp() calls with inline code performing unaligned accesses
[2].

All things being considered, it seems preferable for SCTLR.A to be
cleared by default, i.e., CFG_SCTLR_ALIGNMENT_CHECK=n, which is what
this commit does. The configuration variable is kept just in case.
Note that the Linux kernel and the KVM hypervisor do not set SCTLR.A or
HSCTLR.A either.

Note regarding code running before the MMU is enabled: when SCTLR.M is
clear all accesses are treated as with DEVICE attribute and hence
SCTLR.A has no effect. It will trap unaligned accesses regardless. So
this patch will have no side effect.

Link: [2] http://lists.llvm.org/pipermail/llvm-dev/2020-June/141985.html
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: base64: initialize local variables

Initialize local variables where defined in base64 coding functions
as per OP-TEE coding style directives.

Signed-off-by: Etienne Carriere <etienne.carri

libutee: base64: initialize local variables

Initialize local variables where defined in base64 coding functions
as per OP-TEE coding style directives.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: fix base64 to support strictly well sized buffer

Before this change base64 decoding helper function base64_dec() could
mandated caller to provide an output buffer that was at least 1 byte
l

libutee: fix base64 to support strictly well sized buffer

Before this change base64 decoding helper function base64_dec() could
mandated caller to provide an output buffer that was at least 1 byte
larger than the expected size, depending on the base64 encoded data.
This change fixes the issue as this is obviously not the expected
behavior.

Fixes: https://github.com/OP-TEE/optee_os/issues/3876
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by Jean-Pierre Miceli <jean-pierre.miceli@heig-vd.ch>

show more ...

libutee: fix size query for property as binary block

Fix TEE_GetPropertyAsBinaryBlock() to allow caller to query property
size by providing a NULL output buffer reference.

Fixes: https://github.com

libutee: fix size query for property as binary block

Fix TEE_GetPropertyAsBinaryBlock() to allow caller to query property
size by providing a NULL output buffer reference.

Fixes: https://github.com/OP-TEE/optee_os/issues/3876
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ta: Add missing default of user-ta-version

When a user TA is built with the TA dev kit (out-of-tree TA),
user-ta-version is always set to the value of CFG_TA_VERSION (default:
0) by ta_dev_kit.mk. B

ta: Add missing default of user-ta-version

When a user TA is built with the TA dev kit (out-of-tree TA),
user-ta-version is always set to the value of CFG_TA_VERSION (default:
0) by ta_dev_kit.mk. But for in-tree TAs, this variable is never set
outside the in-tree TA makefiles (ta/*/user_ta.mk). Therefore it is
mandatory for in-tree user TAs to set the variable or various issues
will happen (build error or unexpected version taken from the TA that
happened to have been built just before).

To address the problem and for consistency this commit sets a default
value of 0 for user-ta-version in ta/mk/build-user-ta.mk before
including user_ta.mk.

Fixes: 682f256caaf6 ("TA dev kit: expose CFG_TA_VERSION build option")
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

plat-imx: remove CFG_BOOT_SYNC_CPU

It is disabled by default, and no i.MX platform enables it anyway.

Signed-off-by: Gianguido Sorà <me@gsora.xyz>
Acked-by: Clement Faure <clement.faure@nxp.com>

Cleanup unused comp-cflags$(sm) from libgcc lookup commands

The compiler is not expected to need any flag from $(comp-cflags$(sm))
to locate the compiler runtime libraries, and in fact this variable

Cleanup unused comp-cflags$(sm) from libgcc lookup commands

The compiler is not expected to need any flag from $(comp-cflags$(sm))
to locate the compiler runtime libraries, and in fact this variable is
always undefined at the point it is used. Indeed, comp-cflags$(sm) is
set in mk/compile.mk, i.e., after mk/gcc.mk (or mk/clang.mk) has
been included.

Therefore, remove the useless flags.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

arm64: Disable outline-atomics when compiling

Disables the automatic detection of LSE (Large System Extension)
instructions when compiling AArch64 code. GCC 10 implements this
detection in libgcc us

arm64: Disable outline-atomics when compiling

Disables the automatic detection of LSE (Large System Extension)
instructions when compiling AArch64 code. GCC 10 implements this
detection in libgcc using __getauxval(), which OP-TEE does not
implement.
This requires that the proper -mcpu is passed to GCC so that the code
can be correctly compiled to use either LSE or load-store-exclusive.

Fixes linker errors like the following when compiling with GCC 10:

aarch64-linux-ld.bfd: libgcc.a(lse-init.o):
in function `init_have_lse_atomics':
lse-init.c:44: undefined reference to `__getauxval'
core/arch/arm/kernel/link.mk:38:
recipe for target 'build/core/all_objs.o' failed

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
[jf: s/optee doesn't/OP-TEE does not/, replace ?= by := for immediate
evaluation]
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

Allow use of cc-option in core/arch/arm/arm.mk

It can be useful to call the cc-option macro when setting flags in
core/arch/arm/arm.mk. Unfortunately cc-option is defined in
mk/compile.mk which is t

Allow use of cc-option in core/arch/arm/arm.mk

It can be useful to call the cc-option macro when setting flags in
core/arch/arm/arm.mk. Unfortunately cc-option is defined in
mk/compile.mk which is too late to be useful (core/arch/arm/arm.mk is
included by core/core.mk before mk/compile.mk).

This commit addresses the issue by moving the definition of cc-option
to its own file, mk/cc-option.mk, which is then included by
core/arch/arm/arm.mk. There is a dependency on the compiler definitions
(mk/gcc.mk or mk/clang.mk) and on $(arch-bit-$(sm)) so
core/arch/arm/arm.mk is modified accordingly.

Moving cc-option out of mk/compile.mk means that all non-core
submodules would lose the definition unless they include
mk/cc-option.mk; the TA dev kit is modified so that TAs can call
cc-option from within their sub.mk files. As for other submodules, they
are internal and do not use cc-options as of now so they are not
modified.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

mk/compile.mk: fix cc-option macro

There are (at least) three issues with the cc-option macro:

1. When COMPILER=clang: when presented with a supported but unused
option, Clang emits a warning to

mk/compile.mk: fix cc-option macro

There are (at least) three issues with the cc-option macro:

1. When COMPILER=clang: when presented with a supported but unused
option, Clang emits a warning to stderr (and returns a success code
of 0). Therefore it is incorrect to check stderr to determine if an
option is supported or not; we should rely on the return status
instead.
2. When COMPILER=clang, the compile command $(CC$(sm)) contains an
equal sign (e.g., clang --target=arm-linux-gnueabihf). This is not
expected in the cc-option macro, currently only flags are allowed to
potentially contain an equal sign. This messes with the caching of
the test result.
3. The macro should not cache the return value when an option is not
supported. For instance, if we have:
A := $(call cc-option,--not-supported,a)
B := $(call cc-option,--not-supported,b)
...we expect A to be "a" and B to be "b". The current implementation
returns "a" in both cases.

This commit fixes the above problems.

Fixes: 989ac108b0ef ("mk/compile.mk: add cc-option macro")
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-k3: Make UART number configurable via CFG_CONSOLE_UART

This is analogous to plat-hikey and allows to select a different console
UART for the k3 platform as well during build. This is needed to

plat-k3: Make UART number configurable via CFG_CONSOLE_UART

This is analogous to plat-hikey and allows to select a different console
UART for the k3 platform as well during build. This is needed to enable
support for the IOT2050 device which uses the second UART.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Acked-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Andrew F. Davis <afd@ti.com>

show more ...

scripts/pem_to_pub.py: use Cryptodome module instead of Crypto

Upgrade scripts/pem_to_pub.py to use module Cryptodome instead of
module Crypto for consistency with the other helper Python scripts
of

scripts/pem_to_pub.py: use Cryptodome module instead of Crypto

Upgrade scripts/pem_to_pub.py to use module Cryptodome instead of
module Crypto for consistency with the other helper Python scripts
of OP-TEE OS package.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

config.mk: fix CFG_OPTEE_REVISION_MINOR

The current release is 3.9.0, change the revision to match.

Fixes: af141c61fe7a ("Update CHANGELOG for 3.9.0")
Reviewed-by: Joakim Bech <joakim.bech@linaro.o

config.mk: fix CFG_OPTEE_REVISION_MINOR

The current release is 3.9.0, change the revision to match.

Fixes: af141c61fe7a ("Update CHANGELOG for 3.9.0")
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reported-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

clang.mk: use the compiler-rt runtime instead of libgcc

Add the `-rtlib` option to `clang -print-libgcc-file-name` so that the
compiler-rt runtime is used instead of libgcc, as the AOSP (also any
ot

clang.mk: use the compiler-rt runtime instead of libgcc

Add the `-rtlib` option to `clang -print-libgcc-file-name` so that the
compiler-rt runtime is used instead of libgcc, as the AOSP (also any
other Clang-only) build environment comes with compiler-rt but not
libgcc.

Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Tested-by: Jerome Forissier <jerome@forissier.org> (QEMUv8, Clang 9.0.1)

show more ...

link.mk: add missing $libgcc to ldargs

Add missing $libgcc arg to ldargs for ldelf, ta link.mk and ta
link_shlib.mk. This is required for the AOSP clang build to fix compile
errors like below:

ld.l

link.mk: add missing $libgcc to ldargs

Add missing $libgcc arg to ldargs for ldelf, ta link.mk and ta
link_shlib.mk. This is required for the AOSP clang build to fix compile
errors like below:

ld.lld: error: undefined symbol: __aeabi_mem*

Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

Revert "arm64: Disable outline-atomics when compiling"

This reverts commit 5e75fab066a352c8f334b1b5c73380f5896e85f3.

Unfortunately, the cc-option function cannot be called in
core/arch/arm/arm.mk,

Revert "arm64: Disable outline-atomics when compiling"

This reverts commit 5e75fab066a352c8f334b1b5c73380f5896e85f3.

Unfortunately, the cc-option function cannot be called in
core/arch/arm/arm.mk, at least not without further changes, because it
depends on $(CC$(sm)) which is set in mk/gcc.mk or mk/clang.mk. Both
files need $(arch-bits-$(sm)), which is set in core/arch/arm/arm.mk.
Circular dependency.

Let's revert this change until a proper fix is found, because it has
side effects on non-GCC 10 compilation such as build warnings [1] and
slow compilation with Clang.

Signed-off-by: Jerome Forissier <jerome@forissier.org>

show more ...

ci: travis: install codespell package

Since commit e7e3142343c2 ("checkpatch: add codespell support"),
checkpatch.pl expects to find the codespell dictionary at
/usr/share/codespell/dictionary.txt.

ci: travis: install codespell package

Since commit e7e3142343c2 ("checkpatch: add codespell support"),
checkpatch.pl expects to find the codespell dictionary at
/usr/share/codespell/dictionary.txt. This patch adds the missing
package.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

arm64: Disable outline-atomics when compiling

Disables the automatic detection of LSE (Large System Extension)
instructions when compiling AArch64 code. GCC 10 implements this
detection in libgcc us

arm64: Disable outline-atomics when compiling

Disables the automatic detection of LSE (Large System Extension)
instructions when compiling AArch64 code. GCC 10 implements this
detection in libgcc using __getauxval(), which OP-TEE doesn't implement.
This requires that the proper -mcpu is passed to GCC so that the code
can be correctly compiled to use either LSE or load-store-exclusive.

Fixes linker errors like the following when compiling with GCC 10:

aarch64-linux-ld.bfd: libgcc.a(lse-init.o):
in function `init_have_lse_atomics':
lse-init.c:44: undefined reference to `__getauxval'
core/arch/arm/kernel/link.mk:38:
recipe for target 'build/core/all_objs.o' failed

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
[jf: s/optee/OP-TEE/]
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

Update CHANGELOG for 3.9.0

Update CHANGELOG for 3.9.0 and collect Tested-by tags.

Tested-by: Jerome Forissier <jerome@forissier.org> (HiKey960, GP)
Tested-by: Jerome Forissier <jerome@forissier.org

Update CHANGELOG for 3.9.0

Update CHANGELOG for 3.9.0 and collect Tested-by tags.

Tested-by: Jerome Forissier <jerome@forissier.org> (HiKey960, GP)
Tested-by: Jerome Forissier <jerome@forissier.org> (QEMUv8)
Tested-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> (mx6qsabrelite)
Tested-by: Igor Opaniuk <igor.opaniuk@gmail.com> (Poplar)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (Juno)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (Hikey)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (FVP)
Tested-by: Etienne Carriere <etienne.carriere@linaro.org> (qemu_virt/qemu_armv8)
Tested-by: Sumit Garg <sumit.garg@linaro.org> (Developerbox)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx6dlsabreauto)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx6qpsabreauto)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx6dlsabresd)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx6ulevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx6ullevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx6ulzevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx6slevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx6sllevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx7dsabresd)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx7ulpevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx8mmevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx8mnevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx8mqevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx8qxpmek)
Tested-by: Jerome Forissier <jerome@forissier.org> (HiKey, GP)
Tested-by: Jerome Forissier <jerome@forissier.org> (QEMUv8)
Tested-by: Clement Faure <clement.faure@nxp.com> (mx8qmmek)
Tested-by: Joakim Bech <joakim.bech@linaro.org> (RPi3)
Tested-by: Etienne Carriere <etienne.carriere@linaro.org> (Qemu armv7/armv8 + GP)
Tested-by: Joakim Bech <joakim.bech@linaro.org> (RPi3-NFS)
Tested-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com> (Rcar H3)
Tested-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com> (Rcar H3/virtualization)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...