core: arm64.h: add read_mpidr() macro

Adds the macro read_mpidr() to arm64.h to avoid ifdefs in code.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklan

core: arm64.h: add read_mpidr() macro

Adds the macro read_mpidr() to arm64.h to avoid ifdefs in code.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: read thread_vector_table from assembly

Reads and returns thread_vector_table directly from assembly instead of
saving the return value from generic_boot_init_primary(). With this
generic_boot_

core: read thread_vector_table from assembly

Reads and returns thread_vector_table directly from assembly instead of
saving the return value from generic_boot_init_primary(). With this
generic_boot_init_primary() is declared in the same way when configured
with or without TF-A.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: pseudo_ta: check size of mapped mobj

Add a check in copy_in_param() to see that the mobj is large enough
to hold the mapped parameter.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Sig

core: pseudo_ta: check size of mapped mobj

Add a check in copy_in_param() to see that the mobj is large enough
to hold the mapped parameter.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: mobj_phys_get_va(): check offset is in range

Checks that the supplied offset is still within the range of the mobj.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wi

core: mobj_phys_get_va(): check offset is in range

Checks that the supplied offset is still within the range of the mobj.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: mobj_reg_shm_get_va(): check offset is in range

Checks that the supplied offset is still within the range of the mobj.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens

core: mobj_reg_shm_get_va(): check offset is in range

Checks that the supplied offset is still within the range of the mobj.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: remove num_pages from struct mobj_reg_shm

Removes the redundant element num_pages from struct mobj_reg_shm.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander

core: remove num_pages from struct mobj_reg_shm

Removes the redundant element num_pages from struct mobj_reg_shm.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Remove TEE_OPERATION_EXTENSION

Commit 6a2e0a9fe2b9 ("utee: support prehashed RSA sign/ver without
ASN.1") has introduced TEE_OPERATION_EXTENSION in tee_api_defines.h with
value 0xF. This poses a cou

Remove TEE_OPERATION_EXTENSION

Commit 6a2e0a9fe2b9 ("utee: support prehashed RSA sign/ver without
ASN.1") has introduced TEE_OPERATION_EXTENSION in tee_api_defines.h with
value 0xF. This poses a couple of minor issues:

1. Values 0x00000009-0x7FFFFFFF are "Reserved for future use" according
to the TEE Internal Core API specification v1.2.1 (Table 5-6),

2. The meaning of this #define is not clear: "extension" is not a
kind of operation like "cipher", "MAC", "asymmetric signature" etc.
The algorithm added by the above commit is TEE_ALG_RSASSA_PKCS1_V1_5
which is an asymmetric signature and should therefore be associated with
TEE_OPERATION_ASYMMETRIC_SIGNATURE.

I suppose the operation value was added in a attempt to keep the
structure of algorithm identifiers as defined in the GP v1.1
specification, where some particular bits indicate some attributes of
the algorithm. This scheme has since been abandoned by GlobalPlatform so
there is no reason to keep it.

Therefore, this commit removes the TEE_OPERATION_EXTENSION macro and
makes a special case in the TEE_GET_CLASS() macro so that algorithm
TEE_ALG_RSASSA_PKCS1_V1_5 is associated with
TEE_OPERATION_ASYMMETRIC_SIGNATURE.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Gabor Szekely <szvgabor@gmail.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

.shippable.yml: build with CFG_REE_FS_TA_BUFFERED=y

Since commit e6e68745589b ("core: REE FS TAs: disable
CFG_REE_FS_TA_BUFFERED by default"), there is no need for an entry with
CFG_REE_FS_TA_BUFFER

.shippable.yml: build with CFG_REE_FS_TA_BUFFERED=y

Since commit e6e68745589b ("core: REE FS TAs: disable
CFG_REE_FS_TA_BUFFERED by default"), there is no need for an entry with
CFG_REE_FS_TA_BUFFERED=n in .shippable.yml. Instead, we should test
with =y.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: fix assigned size of struct mobj_reg_shm

Prior to this patch a struct mobj_reg_shm was initialized with num_pages
* SMALL_PAGE_SIZE without taking page_offset into account. This patch
fixes th

core: fix assigned size of struct mobj_reg_shm

Prior to this patch a struct mobj_reg_shm was initialized with num_pages
* SMALL_PAGE_SIZE without taking page_offset into account. This patch
fixes that by subtracting the result of the multiplication above with
page_offset.

Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Update CHANGELOG for 3.8.0

Update CHANGELOG for 3.8.0 and collect Tested-by tags.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Tested-by: Joakim Bech <joakim.bech@linaro.org> (RPi3b)
Test

Update CHANGELOG for 3.8.0

Update CHANGELOG for 3.8.0 and collect Tested-by tags.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Tested-by: Joakim Bech <joakim.bech@linaro.org> (RPi3b)
Tested-by: Igor Opaniuk <igor.opaniuk@gmail.com> (Poplar)
Tested-by: Andrew F. Davis <afd@ti.com> (plat-ti)
Tested-by: Jerome Forissier <jerome@forissier.org> (HiKey)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (Juno)
Tested-by: Jerome Forissier <jerome@forissier.org> (HiKey960, GP)
Tested-by: Sumit Garg <sumit.garg@linaro.org> (Developerbox)
Tested-by: Jerome Forissier <jerome@forissier.org> (QEMUv8)
Tested-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> WaRP7
Tested-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com> (Rcar H3)

show more ...

core: calculate size/address cells with overlay

In case an external device tree overlay is configured within OP-TEE,
fdt_{size,address}_cells will return the defaults from the device tree
specificat

core: calculate size/address cells with overlay

In case an external device tree overlay is configured within OP-TEE,
fdt_{size,address}_cells will return the defaults from the device tree
specification. These will be wrong for 32-bit ARM platforms, instead
calculate them from the paddr_t size instead.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

virt: core_mmu: use nexus memory area for temporary map

If CFG_VIRTUALIZATION is enabled, page allocator code will
try to allocate pages from nexus sections, which were not
mapped by default.

Signe

virt: core_mmu: use nexus memory area for temporary map

If CFG_VIRTUALIZATION is enabled, page allocator code will
try to allocate pages from nexus sections, which were not
mapped by default.

Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

gen_tee_bin: include .nex_data section

.nex_data section were missing in the resulting binary, which lead to
broken OP-TEE image that was unable to boot.

Signed-off-by: Volodymyr Babchuk <volodymyr

gen_tee_bin: include .nex_data section

.nex_data section were missing in the resulting binary, which lead to
broken OP-TEE image that was unable to boot.

Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
[jf: fix spelling mistake in subject]
Signed-off-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: fix typo error in nsec ddr discovery

In core_mmu_set_discovered_nsec_ddr(), core_mmap_is_end_of_table
always returns false and the loop body cannot be executed, which
is unexpected.

Reviewed-

core: fix typo error in nsec ddr discovery

In core_mmu_set_discovered_nsec_ddr(), core_mmap_is_end_of_table
always returns false and the loop body cannot be executed, which
is unexpected.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Fangsuo Wu <fangsuowu@asrmicro.com>

show more ...

core: introduce a new memory type for external dtb image

When CFG_DT=y, the external dtb image is mapped as
IO_NSEC memory type in init_external_dt function,
which may conflicts with dynamic shared

core: introduce a new memory type for external dtb image

When CFG_DT=y, the external dtb image is mapped as
IO_NSEC memory type in init_external_dt function,
which may conflicts with dynamic shared memory check.
Below is the panic log with qemu boot:

E/TC:0 0 check_phys_mem_is_outside:333 Non-sec mem (0x40000000:0x3fe00000) overlaps map (type 13 0x40000000:0x100000)
E/TC:0 0 Panic at core/arch/arm/mm/core_mmu.c:334 <check_phys_mem_is_outside>
E/TC:0 0 TEE load address @ 0x1bd0f000

This patch introduces a new memory type MEM_AREA_EXT_DT
which is used to map external dtb image. This memory type
will be skipped over in core_mmu_set_discovered_nsec_ddr()
in order to avoid the above panic.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Fangsuo Wu <fangsuowu@asrmicro.com>

show more ...

core: fix compiling error if reserved SHM not used

Fix compiling error when only use dynamic shared memory
(i.e: CFG_CORE_DYN_SHM=y && CFG_CORE_RESERVED_SHM=n) with
CFG_SHMEM_START and CFG_SHMEM_SIZ

core: fix compiling error if reserved SHM not used

Fix compiling error when only use dynamic shared memory
(i.e: CFG_CORE_DYN_SHM=y && CFG_CORE_RESERVED_SHM=n) with
CFG_SHMEM_START and CFG_SHMEM_SIZE not defined.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Fangsuo Wu <fangsuowu@asrmicro.com>

show more ...

core: adjust nsec ddr memory size correctly

In carve_out_phys_mem(), when pa has the same address
with m[n].addr, the m[n].size should also be adjusted.

Reviewed-by: Jens Wiklander <jens.wiklander@

core: adjust nsec ddr memory size correctly

In carve_out_phys_mem(), when pa has the same address
with m[n].addr, the m[n].size should also be adjusted.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Fangsuo Wu <fangsuowu@asrmicro.com>

show more ...

core: ltc: sm2: add missing status check

crypto_acipher_sm2_pke_decrypt() fails to check a return status from
LibTomCrypt. Add the missing check.

Fixes: f9a78287dd12 ("core: ltc: add support for SM

core: ltc: sm2: add missing status check

crypto_acipher_sm2_pke_decrypt() fails to check a return status from
LibTomCrypt. Add the missing check.

Fixes: f9a78287dd12 ("core: ltc: add support for SM2 PKE")
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat: rcar: force disable core ALSR

We need to disable core ASLR for two reasons:
1. There is no source for ALSR seed, as Rcar platform
does not provide DTB to OP-TEE
2. OP-TEE crashes during boo

plat: rcar: force disable core ALSR

We need to disable core ASLR for two reasons:
1. There is no source for ALSR seed, as Rcar platform
does not provide DTB to OP-TEE
2. OP-TEE crashes during boot with enabled CFG_CORE_ASLR

Mainly we are disabling ASLR for the second reason. Further
investigation is needed to see why enabled ASLR causes data
abort in MMIO functions.

Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat: rcar: generate .srec file using gen_tee_bin

After recent changes, we are not able to use raw binary generated
from the elf file. Instead we need to use gen_tee_bin script to
generate the heade

plat: rcar: generate .srec file using gen_tee_bin

After recent changes, we are not able to use raw binary generated
from the elf file. Instead we need to use gen_tee_bin script to
generate the header-less binary with the correct layout.

This change also generates tee-raw.bin as byproduct. This file is
usable also, because it allows to flash OP-TEE using JTAG.

Fixes: 5dd1570ac5b ("core: add embedded data region")
Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

gen_tee_bin: generate tee-raw.bin

Some platforms (like Rcar Gen3) still does not support OP-TEE images
wrapped into any type of container. In the past we were able to
generate raw binary straight fr

gen_tee_bin: generate tee-raw.bin

Some platforms (like Rcar Gen3) still does not support OP-TEE images
wrapped into any type of container. In the past we were able to
generate raw binary straight from the resulting elf file. But with
recent changes, OP-TEE expects some additional data past the __end, so
wee need to use gen_tee_bin.py to generate header-less OP-TEE binary.

This patch adds `--out_tee_raw_bin` option, which generates needed
file.

Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Update revision for release tag 3.8.0-rc1

Signed-off-by: Jerome Forissier <jerome@forissier.org>

core: crypto: add support for SM2 KEP

Adds SM2 Key Exchange Protocol [1] using LibTomCrypt. The TA interface
complies with the GlobalPlatform TEE Internal Core API version 1.2.

SM2 KEP is enabled w

core: crypto: add support for SM2 KEP

Adds SM2 Key Exchange Protocol [1] using LibTomCrypt. The TA interface
complies with the GlobalPlatform TEE Internal Core API version 1.2.

SM2 KEP is enabled with CFG_CRYPTO_SM2_KEP=y (default y) wich currently
requires that CFG_CRYPTOLIB_NAME=tomcrypt. An Mbed TLS implementation
could be added later if needed.

[1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724110812

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: add support for SM2 KEP

Adds support for the SM3 Key Exchange Protocol [1] for use by
OP-TEE core based on LibTomCrypt.

[1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724110812

core: ltc: add support for SM2 KEP

Adds support for the SM3 Key Exchange Protocol [1] for use by
OP-TEE core based on LibTomCrypt.

[1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724110812

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: SM2 PKE: export sm2_kdf()

The Key Derivation Function used by the SM2 Public Key Encryption
algorithm is also used by the Key Exchange Protocol. Move it to its
file in order to be able to

core: ltc: SM2 PKE: export sm2_kdf()

The Key Derivation Function used by the SM2 Public Key Encryption
algorithm is also used by the Key Exchange Protocol. Move it to its
file in order to be able to re-use it.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...