stdint.h: add UL macro

This macro helps to define unsigned values such as addresses for C
compilers and ld.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wikla

stdint.h: add UL macro

This macro helps to define unsigned values such as addresses for C
compilers and ld.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: imx: disable CAAM driver for i.MX6SL

CAAM is not available on i.MX6SL.

Signed-off-by: Silvano di Ninno <silvano.dininno@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by:

core: imx: disable CAAM driver for i.MX6SL

CAAM is not available on i.MX6SL.

Signed-off-by: Silvano di Ninno <silvano.dininno@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: imx: rename register files

Remove _regs from register header files. It is redundant since header
files are already in /registers folder.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
A

core: imx: rename register files

Remove _regs from register header files. It is redundant since header
files are already in /registers folder.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

imx: change imx8 prefixe to mx8

For consistency, change all imx8 prefixe to mx8.
This change affects:
* CFG_IMX8*
* platform flavors

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by:

imx: change imx8 prefixe to mx8

For consistency, change all imx8 prefixe to mx8.
This change affects:
* CFG_IMX8*
* platform flavors

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

mbedtls: Add MBEDTLS_X509_CSR_WRITE_C define

Enable the mbedtls_x509write_csr_* functions that can be used
to create certificate signing requests by generating and
updating the structure mbedtls_x50

mbedtls: Add MBEDTLS_X509_CSR_WRITE_C define

Enable the mbedtls_x509write_csr_* functions that can be used
to create certificate signing requests by generating and
updating the structure mbedtls_x509write_csr.

Acked-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Florian Depraz <florian.depraz@alumni.epfl.ch>

show more ...

core: fix check_mem_map() vs MEM_AREA_IDENTITY_MAP_RX

This patch updates check_mem_map() to recognize MEM_AREA_IDENTITY_MAP_RX
as part of secure only memory.

This fix is only needed with CFG_CORE_A

core: fix check_mem_map() vs MEM_AREA_IDENTITY_MAP_RX

This patch updates check_mem_map() to recognize MEM_AREA_IDENTITY_MAP_RX
as part of secure only memory.

This fix is only needed with CFG_CORE_ASLR=y and prevents an error like:
E/TC:0 0 check_mem_map:1166 Uhandled memtype 8
E/TC:0 0 Panic at core/arch/arm/mm/core_mmu.c:1167 <check_mem_map>

Fixes: 1385854b72c9 ("core: Add core memory type MEM_AREA_IDENTITY_MAP_RX")
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Tested-by: Jerome Forissier <jerome@forissier.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

scripts/gen_ldelf_hex.py: remove unused imports

Removes a few import lines that are not needed.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@li

scripts/gen_ldelf_hex.py: remove unused imports

Removes a few import lines that are not needed.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ci: shippable: build with CFG_CORE_ASLR=y

Changes one qemu virt v8 and two qemu virt v7 (with and without LPAE
enabled) to include CFG_CORE_ASLR=y

Acked-by: Etienne Carriere <etienne.carriere@linar

ci: shippable: build with CFG_CORE_ASLR=y

Changes one qemu virt v8 and two qemu virt v7 (with and without LPAE
enabled) to include CFG_CORE_ASLR=y

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

symbolize.py: add support for TEE core ASLR

With the introduction of ASLR, the abort and panic dumps for the TEE
core have gained a "Load address" line. Update the symbolize.py script
to parse that

symbolize.py: add support for TEE core ASLR

With the introduction of ASLR, the abort and panic dumps for the TEE
core have gained a "Load address" line. Update the symbolize.py script
to parse that line and pass relative addresses to addr2line.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: add support for CFG_CORE_ASLR

Adds support for CFG_CORE_ASLR to load TEE Core at a random address.
ASLR makes the exploitation of memory corruption vulnerabilities more
difficult.

Paging is c

core: add support for CFG_CORE_ASLR

Adds support for CFG_CORE_ASLR to load TEE Core at a random address.
ASLR makes the exploitation of memory corruption vulnerabilities more
difficult.

Paging is currently not supported with CFG_CORE_ASLR=y.

Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm grow MAX_XLAT_TABLES with ASLR

If CFG_CORE_ASLR=y increase MAX_XLAT_TABLES to cater for the added
identity region and also less optimal alignment of mappings.

Acked-by: Jerome Forissier <

core: arm grow MAX_XLAT_TABLES with ASLR

If CFG_CORE_ASLR=y increase MAX_XLAT_TABLES to cater for the added
identity region and also less optimal alignment of mappings.

Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: kern.ld.S: make ctors/dtors contiguous with other relro sections

Fixes error when linking with clang:
ld.lld: error: section: .ctors is not contiguous with other relro sections
ld.lld: error:

core: kern.ld.S: make ctors/dtors contiguous with other relro sections

Fixes error when linking with clang:
ld.lld: error: section: .ctors is not contiguous with other relro sections
ld.lld: error: section: .dtors is not contiguous with other relro sections

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: kern.ld.S: make .got RO after relocation

Moves .got section to after .rodata section.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro

core: kern.ld.S: make .got RO after relocation

Moves .got section to after .rodata section.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: kern.ld.S: provide start/end of relocations

- Adds __rel_start and __rel_end for Rel type of relocations used by
ARM32.
- Adds __rela_end and __rela_start for Rela type of relocations used b

core: kern.ld.S: provide start/end of relocations

- Adds __rel_start and __rel_end for Rel type of relocations used by
ARM32.
- Adds __rela_end and __rela_start for Rela type of relocations used by
ARM64.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: Add core memory type MEM_AREA_IDENTITY_MAP_RX

Adds another memory type, MEM_AREA_IDENTITY_MAP_RX, to enum
teecore_memtypes. MEM_AREA_IDENTITY_MAP_RX is used to represent memory
which is addit

core: Add core memory type MEM_AREA_IDENTITY_MAP_RX

Adds another memory type, MEM_AREA_IDENTITY_MAP_RX, to enum
teecore_memtypes. MEM_AREA_IDENTITY_MAP_RX is used to represent memory
which is additionally identity mapped while OP-TEE is mapped at a
non-identity mapped location. This is needed to support CFG_CORE_ASLR=y.

The link script is updated to collect functions and read-only data in
between __identity_map_init_start and __identity_map_init_end.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: generic_entry: add enable_mmu()

Adds the assembly function enable_mmu() which as the name suggests enables
MMU. The function writes configuration which has previously been prepared
by core_ini

core: generic_entry: add enable_mmu()

Adds the assembly function enable_mmu() which as the name suggests enables
MMU. The function writes configuration which has previously been prepared
by core_init_mmu_regs().

The now obsolete assembly functions cpu_mmu_enable(),
cpu_mmu_enable_icache() and cpu_mmu_enable_dcache() are removed since
they are fully covered by enable_mmu().

Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add relocatable VCORE_START_VA

Adds VCORE_START_VA which is relocated to the new virtual address of the
start of the OP-TEE memory in case ASLR is configured. This define
should be used instea

core: add relocatable VCORE_START_VA

Adds VCORE_START_VA which is relocated to the new virtual address of the
start of the OP-TEE memory in case ASLR is configured. This define
should be used instead of TEE_RAM_START after the initial translation
tables has been created.

thread_get_user_kcode() and thread_get_user_kdata() are updated
accordingly.

Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add get_aslr_seed()

Adds get_aslr_seed() which reads "kaslr-seed" from "/secure-chosen" in
FDT. The seed is intended to use as input to ASLR, also known as,
randomized address space layout.

O

core: add get_aslr_seed()

Adds get_aslr_seed() which reads "kaslr-seed" from "/secure-chosen" in
FDT. The seed is intended to use as input to ASLR, also known as,
randomized address space layout.

Once successfully read the seed is zeroed out in the FDT to minimize the
risk of leaking the seed.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Assembly FUNC macros take optional section

Adds an optional section parameter to the macros FUNC() and LOCAL_FUNC()

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklande

Assembly FUNC macros take optional section

Adds an optional section parameter to the macros FUNC() and LOCAL_FUNC()

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

elf_common.h: Add relocation type R_AARCH64_NONE

Adds the relocation type R_AARCH64_NONE.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.o

elf_common.h: Add relocation type R_AARCH64_NONE

Adds the relocation type R_AARCH64_NONE.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: refactor core_init_mmu_map() and helpers

Breaks up core_init_mmu_map() and some of its helper functions in
multiple smaller functions to make it easier to follow and later extend
the code.

Th

core: refactor core_init_mmu_map() and helpers

Breaks up core_init_mmu_map() and some of its helper functions in
multiple smaller functions to make it easier to follow and later extend
the code.

There are no changes in behaviour with the exception of how the memory
map is sorted at different stages.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Fix warning in fallback SUB_OVERFLOW() macro

Fixes two warnings for 'comparison of integers of different signs' in
the __INTOF_SUB() helper macro used by the fallback SUB_OVERFLOW()
macro.

Fixes: e

Fix warning in fallback SUB_OVERFLOW() macro

Fixes two warnings for 'comparison of integers of different signs' in
the __INTOF_SUB() helper macro used by the fallback SUB_OVERFLOW()
macro.

Fixes: ecdedc94e720 ("util: update fallback SUB_OVERFLOW() macro")
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: core_mmu.h: make page size and friends unsigned

Redefines mask and size for small pages (SMALL_PAGE_*),
CORE_MMU_USER_CODE_* and CORE_MMU_USER_PARAM_* to be of an unsigned
type in order to be

core: core_mmu.h: make page size and friends unsigned

Redefines mask and size for small pages (SMALL_PAGE_*),
CORE_MMU_USER_CODE_* and CORE_MMU_USER_PARAM_* to be of an unsigned
type in order to be compatible with vaddr_t and paddr_t.

Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: bugfix v7 core_mmu_entry_to_finer_grained()

The short descriptor table implementation of
core_mmu_entry_to_finer_grained() incorrectly assumes that allocated
translation tables are identity ma

core: bugfix v7 core_mmu_entry_to_finer_grained()

The short descriptor table implementation of
core_mmu_entry_to_finer_grained() incorrectly assumes that allocated
translation tables are identity mapped. That is fixed with this patch by
adding a missing virt_to_phys() on a newly allocated translation table.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: reference count struct mobj

The mobj interface is changed to use reference counting of mobjs, the
direct mobj_free() call is replaced by mobj_put(). As expected a
mobj_get() is also added to h

core: reference count struct mobj

The mobj interface is changed to use reference counting of mobjs, the
direct mobj_free() call is replaced by mobj_put(). As expected a
mobj_get() is also added to handle multiple references to the same mobj.

This also changes already present reference counting in struct
mobj_reg_shm to use the reference counting mechanism now available in
struct mobj.

The VM_FLAG_EXCLUSIVE_MOBJ flag is removed since the referenced mobj is
put instead when a struct vm_region is removed.

Tested-by: Jerome Forissier <jerome@forissier.org> (HiKey960)
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...