ta: pkcs11: identify user as per define user types

Define users with CKU User Type in Cryptoki API:
PKCS11_CKU_SO and PKCS11_CKU_USER. They will be used as identifiers
for login and related PKCS#11

ta: pkcs11: identify user as per define user types

Define users with CKU User Type in Cryptoki API:
PKCS11_CKU_SO and PKCS11_CKU_USER. They will be used as identifiers
for login and related PKCS#11 API functions.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>

show more ...

ta: pkcs11: use sizeof(rc) instead of sizeof(uint32_t)

Prefer sizeof() to use rc reference rather than explicit 32bit.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jer

ta: pkcs11: use sizeof(rc) instead of sizeof(uint32_t)

Prefer sizeof() to use rc reference rather than explicit 32bit.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: remove #include <elf_common.h>

Since the introduction of ldelf, the TEE kernel does not do any ELF
processing anymore. Remove the useless ELF includes.

Signed-off-by: Jerome Forissier <jerome

core: remove #include <elf_common.h>

Since the introduction of ldelf, the TEE kernel does not do any ELF
processing anymore. Remove the useless ELF includes.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

libutee: arm64: update register accessor macros to support Clang

When building a 64-bit TA that includes <arm64_user_sysreg.h>, Clang
complains about ASM operand width:

lib/libutee/include/arm64_u

libutee: arm64: update register accessor macros to support Clang

When building a 64-bit TA that includes <arm64_user_sysreg.h>, Clang
complains about ASM operand width:

lib/libutee/include/arm64_user_sysreg.h:31:1: error: value size does not match register size specified by the constraint and modifier [-Werror,-Wasm-operand-widths]
DEFINE_REG_READ_FUNC_(cntfrq, uint32_t, cntfrq_el0)
^
lib/libutee/include/arm64_user_sysreg.h:20:42: note: expanded from macro 'DEFINE_REG_READ_FUNC_'
asm volatile("mrs %0, " #asmreg : "=r" (val)); \
^
lib/libutee/include/arm64_user_sysreg.h:31:1: note: use constraint modifier "w"
lib/libutee/include/arm64_user_sysreg.h:20:20: note: expanded from macro 'DEFINE_REG_READ_FUNC_'
asm volatile("mrs %0, " #asmreg : "=r" (val)); \
^
Let's apply the same fix as in commit 16e2153c57f0 ("core: arm64:
update register accessor macros to support Clang").

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: caam: add descriptive defines for RSA key formats

Add descriptive defines for RSA private key formats for a better
readability.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-b

drivers: caam: add descriptive defines for RSA key formats

Add descriptive defines for RSA private key formats for a better
readability.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: driver: fix RSA encoded message length computation

Fix the RSA encoded message length computation when verifying the
message.
This fixes inconsistent xtest 4006.20 and 4006.32 fails.

Signed-o

core: driver: fix RSA encoded message length computation

Fix the RSA encoded message length computation when verifying the
message.
This fixes inconsistent xtest 4006.20 and 4006.32 fails.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: caam: fix RSA key format number 3

Fix the RSA private key format number 3.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

libutils: add __noreturn to longjmp() prototype

The longjmp() function does not return, therefore it should have the
__noreturn attribute. Avoids compiler warnings.

Signed-off-by: Jerome Forissier

libutils: add __noreturn to longjmp() prototype

The longjmp() function does not return, therefore it should have the
__noreturn attribute. Avoids compiler warnings.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: core_mmu_v7.c: set TTBCR_PD1 in reduced mappings

When using reduced mappings set TTBCR_PD1 in order to disable table
walks using TTBR1 which holds the OP-TEE Core mappings. This saves us
from

core: core_mmu_v7.c: set TTBCR_PD1 in reduced mappings

When using reduced mappings set TTBCR_PD1 in order to disable table
walks using TTBR1 which holds the OP-TEE Core mappings. This saves us
from keeping an empty L1 translation table (16 KiB) with
CFG_CORE_UNMAP_CORE_AT_EL0=y.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: make main l1 translation tables static again

The main level 1 memory translation tables for both short and
longer descriptors are only accessed internally in respective
C file. So make the tab

core: make main l1 translation tables static again

The main level 1 memory translation tables for both short and
longer descriptors are only accessed internally in respective
C file. So make the tables static again.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ldelf: prints consistent with readelf

Prints names of sections consistent with names used in the readelf
utility.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander

ldelf: prints consistent with readelf

Prints names of sections consistent with names used in the readelf
utility.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ldelf: consistent error codes

Changes error codes related to bad format or values in ELF to
TEE_ERROR_BAD_FORMAT. This includes overflowing multiplications and
addresses outside the range of the cur

ldelf: consistent error codes

Changes error codes related to bad format or values in ELF to
TEE_ERROR_BAD_FORMAT. This includes overflowing multiplications and
addresses outside the range of the current ELF being parsed.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ldelf: use confine_array_index() to cap speculation

Uses confine_array_index() to limit speculation on different indexes into
the ELF.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Ac

ldelf: use confine_array_index() to cap speculation

Uses confine_array_index() to limit speculation on different indexes into
the ELF.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ldelf: check ranges in __resolve_sym()

Adds checks in __resolve_sym() to see that the offset of the name and
location of a symbol is in range.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
A

ldelf: check ranges in __resolve_sym()

Adds checks in __resolve_sym() to see that the offset of the name and
location of a symbol is in range.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ldelf: calculate correct elf->max_addr

Prior to this patch when the different load sections are mapped
elf->max_addr is inceased as appropriate, except in one case, when memsz
is larger than filesz.

ldelf: calculate correct elf->max_addr

Prior to this patch when the different load sections are mapped
elf->max_addr is inceased as appropriate, except in one case, when memsz
is larger than filesz. With this patch use memsz instead to calculate
elf->max_addr in order to also cover .bss and friends.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ta: pkcs11: implement command to get token information

Implement TA command PKCS11_CMD_TOKEN_INFO for client to get
information on a token embedded in the PKCS11 TA.

Rename PKCS11_TOKEN_PIN_SIZE in

ta: pkcs11: implement command to get token information

Implement TA command PKCS11_CMD_TOKEN_INFO for client to get
information on a token embedded in the PKCS11 TA.

Rename PKCS11_TOKEN_PIN_SIZE into PKCS11_TOKEN_PIN_SIZE_MAX as
introducing PKCS11_TOKEN_PIN_SIZE_MIN, in pkcs11_token.h.

Rely on serializer.h for de-serializing the command arguments.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>

show more ...

ta: pkcs11: add pad_str() helper in token info wrapper

Add pad_str() to pad a string ('\0' terminated) with blank characters
(' '), removing the '\0' termination as per PKCS#11 specification.

This

ta: pkcs11: add pad_str() helper in token info wrapper

Add pad_str() to pad a string ('\0' terminated) with blank characters
(' '), removing the '\0' termination as per PKCS#11 specification.

This will factorize other padding needed in other function/command
wrappers.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>

show more ...

ldelf: strict checks during relocation

Adds strict check of symbol index, string table index and destination
location when relocating an ELF. This fixes an error where a malformed
ELF may cause the

ldelf: strict checks during relocation

Adds strict check of symbol index, string table index and destination
location when relocating an ELF. This fixes an error where a malformed
ELF may cause the loader to read/write data from/in other ELF or from
the loader itself.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reported-by: Martijn Bogaard <martijn@riscure.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ldelf: check dynsym index is in range

Checks that a dynsym index found in hashtab is in the valid range of
dynsyms before indexing into the dynsym table. This fixes an error where
a malformed ELF ma

ldelf: check dynsym index is in range

Checks that a dynsym index found in hashtab is in the valid range of
dynsyms before indexing into the dynsym table. This fixes an error where
a malformed ELF may cause the loader to read data from other ELF or from
the loader itself.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reported-by: Martijn Bogaard <martijn@riscure.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ldelf: check string table ranges

Checks that the string table is in the range of the ELF and also checks
that offsets into the string table are indeed inside the string table.
This fixes an error wh

ldelf: check string table ranges

Checks that the string table is in the range of the ELF and also checks
that offsets into the string table are indeed inside the string table.
This fixes an error where a malformed ELF may cause the loader to read
data from other ELF or from the loader itself.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reported-by: Martijn Bogaard <martijn@riscure.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ldelf: fix possible integer overflow in init_elf()

The size of the program headers is calculated as:
e_phoff + e_phnum * e_phentsize
This can overflow for large values leading to the 4k size check t

ldelf: fix possible integer overflow in init_elf()

The size of the program headers is calculated as:
e_phoff + e_phnum * e_phentsize
This can overflow for large values leading to the 4k size check to fail.
Fix this by using MUL_OVERFLOW() and ADD_OVERFLOW() instead.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reported-by: Martijn Bogaard <martijn@riscure.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ldelf: check dynsymtab and dynstr ranges

Checks the ranges of dynsymtab and dynstr. Also checks that the dynstr
index in section headers isn't out of range. This fixes an error where a
malformed ELF

ldelf: check dynsymtab and dynstr ranges

Checks the ranges of dynsymtab and dynstr. Also checks that the dynstr
index in section headers isn't out of range. This fixes an error where a
malformed ELF may cause the loader to read data from other ELF or from
the loader itself.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reported-by: Martijn Bogaard <martijn@riscure.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ldelf: check against section headers size overflow

Adds a check in copy_section_headers() to guard against overflow in
the e_shnum * e_shentsize multiplication.

Reviewed-by: Etienne Carriere <etien

ldelf: check against section headers size overflow

Adds a check in copy_section_headers() to guard against overflow in
the e_shnum * e_shentsize multiplication.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Reported-by: Martijn Bogaard <martijn@riscure.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ldelf: check that hashtab entries are in range

Adds checks that each looked up entry in the hashtab is in the range of
the hashtab. This fixes an error where a malformed ELF may cause the
loader to

ldelf: check that hashtab entries are in range

Adds checks that each looked up entry in the hashtab is in the range of
the hashtab. This fixes an error where a malformed ELF may cause the
loader to read data from other ELF or from the loader itself.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Reported-by: Martijn Bogaard <martijn@riscure.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ldelf: check that hashtab is in range before use

Adds checks that the hashtab found via the dynamic section is in range
of the loaded ELF before they are used. This fixes an error where a
malformed

ldelf: check that hashtab is in range before use

Adds checks that the hashtab found via the dynamic section is in range
of the loaded ELF before they are used. This fixes an error where a
malformed ELF may cause the loader to read data from other ELF or from
the loader itself.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reported-by: Martijn Bogaard <martijn@riscure.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...