ta: pkcs11: add object attribute ABI in TA header file

Define the ABI used to exchange attributes and lists of attributes
between the PKCS11 TA and its client.

Reviewed-by: Ricardo Salveti <ricardo

ta: pkcs11: add object attribute ABI in TA header file

Define the ABI used to exchange attributes and lists of attributes
between the PKCS11 TA and its client.

Reviewed-by: Ricardo Salveti <ricardo@foundries.io>
Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: fix tee_fs_rpc_readdir() parameter direction

The type of params[1] is changed to OUT to match the expected params in
tee-supplicant's tee_fs_rpc_readdir, so calls to tee_fs_rpc_readdir
won't f

core: fix tee_fs_rpc_readdir() parameter direction

The type of params[1] is changed to OUT to match the expected params in
tee-supplicant's tee_fs_rpc_readdir, so calls to tee_fs_rpc_readdir
won't fail with TEE_ERROR_BAD_PARAMETERS.

Signed-off-by: Roland Nagy <rnagy@xmimx.tk>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

github: fix error in workflow file

GitHub reports [1]:

The workflow is not valid.
.github/workflows/stales.yml (Line: 2, Col: 1): Unexpected value
'description'

This commit removes the descript

github: fix error in workflow file

GitHub reports [1]:

The workflow is not valid.
.github/workflows/stales.yml (Line: 2, Col: 1): Unexpected value
'description'

This commit removes the description: line to fix the issue and moves
additional text to the name: line.

Link: [1] https://github.com/OP-TEE/optee_os/actions/runs/156017617
Fixes: 50bbda3dd3b2 ("github: add a new actions/workflow file")
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

github: add a new actions/workflow file

Instead of having two different workflow files, let's combine them into
a single file instead. This also updates the actions from v1.0 to
v3.0.7. This new wor

github: add a new actions/workflow file

Instead of having two different workflow files, let's combine them into
a single file instead. This also updates the actions from v1.0 to
v3.0.7. This new workflow file also makes use of the 'exempt' feature
meaning that we can exclude issues and pull requests from being
automatically closed if they have a certain label. Here we have chosen
the labels "bug" and "enhancement".

Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

lib.mk: clang: link shared libraries with -z separate-loadable-segments

The same Clang 10 fix in commit 4d35ab6a0cef ("TA dev kit: clang: link
shared libraries with -z separate-loadable-segments") i

lib.mk: clang: link shared libraries with -z separate-loadable-segments

The same Clang 10 fix in commit 4d35ab6a0cef ("TA dev kit: clang: link
shared libraries with -z separate-loadable-segments") is needed for
locally built user space libraries when CFG_ULIBS_SHARED=y.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Add .gitattributes

This patch adds a .gitattributes file to specify files that should
never end up in a distribution tarball.

Signed-off-by: Hu Keping <hukeping@huawei.com>
Acked-by: Etienne Carrie

Add .gitattributes

This patch adds a .gitattributes file to specify files that should
never end up in a distribution tarball.

Signed-off-by: Hu Keping <hukeping@huawei.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: pager: refactored to fix NULL dereferencing

assert not NULL before dereferencing in tee_pager_add_core_area().

Signed-off-by: Sander Visser <github@visser.se>
Reviewed-by: Jens Wiklander <jen

core: pager: refactored to fix NULL dereferencing

assert not NULL before dereferencing in tee_pager_add_core_area().

Signed-off-by: Sander Visser <github@visser.se>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: refactoring to avoid possible NULL_PTR arithmetics

Issue detected by Cppcheck in internal_aes_gcm_ghash_update().
Issue mitigated by adding an argument check that prevents
passing a pointer on

core: refactoring to avoid possible NULL_PTR arithmetics

Issue detected by Cppcheck in internal_aes_gcm_ghash_update().
Issue mitigated by adding an argument check that prevents
passing a pointer on that is calculated with NULL as base.

Also fixed a cast in the same code lines to keep constness.

Signed-off-by: Sander Visser <github@visser.se>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: rsa: Avoid NULL dereferencing in RSA trace messages

Show 0 size for NULL message/cipher length.

Signed-off-by: Sander Visser <github@visser.se>
Reviewed-by: Jens Wiklander <jens.wiklander@lin

core: rsa: Avoid NULL dereferencing in RSA trace messages

Show 0 size for NULL message/cipher length.

Signed-off-by: Sander Visser <github@visser.se>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: mm: fix MMU memory leak

Fix memory leak in split_vm_region().

Signed-off-by: Sander Visser <github@visser.se>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carr

core: mm: fix MMU memory leak

Fix memory leak in split_vm_region().

Signed-off-by: Sander Visser <github@visser.se>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: fix TA REE backed secure storage memory leak

Fix memory leak in ree_fs_ta_open().

Signed-off-by: Sander Visser <github@visser.se>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Revie

core: fix TA REE backed secure storage memory leak

Fix memory leak in ree_fs_ta_open().

Signed-off-by: Sander Visser <github@visser.se>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

checkpatch: limit maximum line length to 80

The Linux kernel has recently increased maximum line length to 100, but
still recommends to stay under 80. So make sure the checkpatch still warn
when exc

checkpatch: limit maximum line length to 80

The Linux kernel has recently increased maximum line length to 100, but
still recommends to stay under 80. So make sure the checkpatch still warn
when exceeding 80.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-stm32mp1: remove duplicate config

There are two lines of "CFG_STM32_RNG ?= y" in plat-stm32mp1/conf.mk.
Remove a duplicate one.

Signed-off-by: Che-Chia Chang <vivahavey@gmail.com>
Reviewed-by:

plat-stm32mp1: remove duplicate config

There are two lines of "CFG_STM32_RNG ?= y" in plat-stm32mp1/conf.mk.
Remove a duplicate one.

Signed-off-by: Che-Chia Chang <vivahavey@gmail.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

imx: add support for ccbv2

The Webasto common communication board version 2 (ccbv2) is a mx6ul
based custom board with 256MB of RAM and the communication done on
UART7.

Signed-off-by: Rouven Czerwi

imx: add support for ccbv2

The Webasto common communication board version 2 (ccbv2) is a mx6ul
based custom board with 256MB of RAM and the communication done on
UART7.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

libutee: add leading underscore to base64 functions

Add a leading underscore to global functions: base64_dec(),
base64_enc(), base64_enc_len() to avoid the risk of conflicts with user
programs.

Sig

libutee: add leading underscore to base64 functions

Add a leading underscore to global functions: base64_dec(),
base64_enc(), base64_enc_len() to avoid the risk of conflicts with user
programs.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

libutee: remove unnecessary parentheses

checkpatch warns about unnecessary parentheses, remove them.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@

libutee: remove unnecessary parentheses

checkpatch warns about unnecessary parentheses, remove them.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

libutee, ldelf: add leading underscore to syscall wrappers

libutee defines assembler wrapper functions for each OP-TEE system call.
These wrappers have a utee_ prefix. This commit adds a leading
und

libutee, ldelf: add leading underscore to syscall wrappers

libutee defines assembler wrapper functions for each OP-TEE system call.
These wrappers have a utee_ prefix. This commit adds a leading
underscore so that the names cannot clash with user-defined symbols.
Doing so is common practice for "system" libraries, as defined by the C
standard in a set of requirements that can be summarized as follows
(excerpt from the GNU libc documentation [1]):

[R]eserved names include all external identifiers (global functions
and variables) that begin with an underscore (‘_’) and all identifiers
regardless of use that begin with either two underscores or an
underscore followed by a capital letter are reserved names. This is so
that the library and header files can define functions, variables, and
macros for internal purposes without risk of conflict with names in
user programs.

The utee_*() wrappers are internal to OP-TEE and are not supposed to be
called directly by TAs so this should not have any user-visible impact.

Link: [1] https://www.gnu.org/software/libc/manual/html_node/Reserved-Names.html
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

symbolize.py: ignore error if ELF file is not found

When processing the memory map of a TA, it can happen that the ELF file
for a region is not found. One typical reason is a missing -d argument
on

symbolize.py: ignore error if ELF file is not found

When processing the memory map of a TA, it can happen that the ELF file
for a region is not found. One typical reason is a missing -d argument
on the command line (can easily happen when a TA uses shared libraries
for instance).

In the above case, the script crashes with no clear indication about
the cause. This commit fixes the crash by ignoring ELFs that are not
found. This is consistent with the general behavior of symbolize.py,
which is to always print out all the information it is fed and simply
augment it with debug information when possible.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

ldelf: arm64: do not unwind past end of stack

unwind_arm64() currently does not check the value of the frame pointer
after it has done its job unwinding one frame. A NULL value indicates
the end of

ldelf: arm64: do not unwind past end of stack

unwind_arm64() currently does not check the value of the frame pointer
after it has done its job unwinding one frame. A NULL value indicates
the end of the call stack, and therefore the function should return
false to stop the caller from unwinding further (a do .. while loop is
used in print_stack_arm64()). Instead invalid values for FP and PC are
returned which causes an erroneous display and the unwind stops one
step too late, when the FP is found to be outside the stack.

Fixes the invalid last line in call stacks such as xtest 1019:

E/TC:? 0 TA panicked with code 0x0
E/LD: Status of TA 5b9e0e40-2636-11e1-ad9e-0002a5d5c51b
E/LD: arch: aarch64
[...]
E/LD: Call stack:
E/LD: 0x0000000080062a50
E/LD: 0x00000000801df848
E/LD: 0x00000000800631a8
E/LD: 0xfffffffffffffffc

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Move CFG_WITH_STACK_CANARIES to global config file

All platforms but one (bcm-ns3) set CFG_WITH_STACK_CANARIES ?= y in
their configuration files. Move this flag to the global mk/config.mk
instead. N

Move CFG_WITH_STACK_CANARIES to global config file

All platforms but one (bcm-ns3) set CFG_WITH_STACK_CANARIES ?= y in
their configuration files. Move this flag to the global mk/config.mk
instead. Not sure it matters much, but in order to avoid any functional
change, CFG_WITH_STACK_CANARIES ?= n is added to plat-bcm/conf.mk.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto: fix invalid SM3 output with Clang -Os

Several crypto tests fail when OP-TEE is built with Clang in non-debug
mode, more precisely with -Os. xtest numbers 4001, 4002, 4006 and 4014
are

core: crypto: fix invalid SM3 output with Clang -Os

Several crypto tests fail when OP-TEE is built with Clang in non-debug
mode, more precisely with -Os. xtest numbers 4001, 4002, 4006 and 4014
are impacted.

The root cause is the shift operations in the ROTL(x, n) are undefined
when n > 32 because the values to shift are uint32_t, but the macro is
used with 0 <= n < 64.

By masking n with 0x1F (thus implementing a modulo 32), we continue
rotating the bits when n >= 32.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>

show more ...

core: add missing THREAD_CLF_TMP flag updates

There are a few places where the value of thread_core_local::flags
does not reflect the stack being used, i.e., the temporary stack is
used but THREAD_C

core: add missing THREAD_CLF_TMP flag updates

There are a few places where the value of thread_core_local::flags
does not reflect the stack being used, i.e., the temporary stack is
used but THREAD_CLF_TMP is not set or the opposite. In such cases,
get_stack_limits() would return invalid values. The consequence is a
debugging issue: no stack dump on core panic or abort.

This was found with the help of compiler instrumentation
(-finstrument-functions).

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: print CPU initialization messages with IMSG()

Start and end of initialization for each CPU is important information
that deserves to be shown with I (information) severity rather than D
(debug

core: print CPU initialization messages with IMSG()

Start and end of initialization for each CPU is important information
that deserves to be shown with I (information) severity rather than D
(debug). This is not done consistently, fix that.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: caam: implement CMAC for CAAM

Implement CMAC for CAAM.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Acked-by: Jens Wiklander <j

drivers: caam: implement CMAC for CAAM

Implement CMAC for CAAM.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: crypto: generic resources for crypto device driver - CMAC

Add a generic cryptographic driver CMAC interface connecting
TEE Crypto generic APIs to HW driver interface

Signed-off-by: Cedric

drivers: crypto: generic resources for crypto device driver - CMAC

Add a generic cryptographic driver CMAC interface connecting
TEE Crypto generic APIs to HW driver interface

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...