core: generic_entry_a{32,64}.S: use correct cached_mem_end

Stores the correct register at cached_mem_end at boot. This avoids usage
of stale dcache content.

Fixes: 5dd1570ac5b0 ("core: add embedded

core: generic_entry_a{32,64}.S: use correct cached_mem_end

Stores the correct register at cached_mem_end at boot. This avoids usage
of stale dcache content.

Fixes: 5dd1570ac5b0 ("core: add embedded data region")
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: generic_entry_a64.S: use CIVAC over IVAC to clean cache data

After moving some initial sections around in memory we clean out the new
data and invalidate the cache so it can be seen by other c

core: generic_entry_a64.S: use CIVAC over IVAC to clean cache data

After moving some initial sections around in memory we clean out the new
data and invalidate the cache so it can be seen by other cores when they
enable caches. The instruction used was invalidate; on most systems this
will behave the same as clean/invalidate, but on some with L3 caches this
can cause the just written data to be invalidated. Use the
clean+invalidate to prevent this on such systems.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm64: introduce CFG_CORE_ARM64_PA_BITS

Introduces CFG_CORE_ARM64_PA_BITS which replaces the max_pa global
variable which was used to configure TCR_EL1.IPS.

Prior to 520860f ("core: generic_e

core: arm64: introduce CFG_CORE_ARM64_PA_BITS

Introduces CFG_CORE_ARM64_PA_BITS which replaces the max_pa global
variable which was used to configure TCR_EL1.IPS.

Prior to 520860f ("core: generic_entry: add enable_mmu()") TCR_EL1.IPS
was calculated and even updated later in the boot flow to automatically
cover the needed physical address space. But now it's calculated before
MMU is enabled and once MMU it's kept in read only memory.

With CFG_CORE_ARM64_PA_BITS TCR_EL1.IPS can be determined early and
later it is enough to check that physical addresses to be mapped are
covered by CFG_CORE_ARM64_PA_BITS.

Fixes: 520860f658be ("core: generic_entry: add enable_mmu()")
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: make SMALL_PAGE_MASK and friends of type paddr_t

Makes SMALL_PAGE_MASK, CORE_MMU_PGDIR_MASK, CORE_MMU_USER_CODE_MASK and
CORE_MMU_USER_PARAM_MASK of type paddr_t to allow correct masking of
si

core: make SMALL_PAGE_MASK and friends of type paddr_t

Makes SMALL_PAGE_MASK, CORE_MMU_PGDIR_MASK, CORE_MMU_USER_CODE_MASK and
CORE_MMU_USER_PARAM_MASK of type paddr_t to allow correct masking of
significant bits.

Example:
extern paddr_t addr;
paddr_t page_addr = addr & ~SMALL_PAGE_MASK

If paddr_t is a 64-bit type SMALL_PAGE_MASK must also be 64-bit wide or
the ~ operation will not set all the higher bits.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: support shared irq

With some platforms would have multiplexed interrupts
and software implement difference interrupt handler.
Currently the interrupt mechanism only handle the first
matched ha

core: support shared irq

With some platforms would have multiplexed interrupts
and software implement difference interrupt handler.
Currently the interrupt mechanism only handle the first
matched handler, and can not support shared irq.

New change to keep find another matched handler if the
previous handler return none.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: davidwang <davidwang@realtek.com>

show more ...

GitHub: use GitHub actions to close stale issues and PRs

It's not uncommon that people ask questions or send pull requests that
becomes stale for various reasons. Some examples can be:
- Original P

GitHub: use GitHub actions to close stale issues and PRs

It's not uncommon that people ask questions or send pull requests that
becomes stale for various reasons. Some examples can be:
- Original Poster (OP) doesn't close the ticket.
- OP doesn't get back when maintainers asked for more information.
- OP gets busy with other things and have to put the work a side.

Having lots of open issues and pull request makes it almost impossible
to figure out where help and input is needed, since things simply
becomes overwhelming. By using GitHub actions [1] we enable a tool that
can:
- Automatically close issues that no one cares about.
- Help us bring attention back to issues that are of importance.
- Push patch creators to not drop their proposed patches.
- Remind maintainers and other OP-TEE users that reviews are needed.

This patch set propose actions that will warn after 30 days of no
activity, together with that warning the GitHub bot will add a "stale"
label. If that label isn't removed within 5 days, then the GitHub bot
will close the issue or pull request.

People who are admins in the OP-TEE project can remove the label by
themselves, other people have to add a comment telling that their issue
is still relevant and that they would like to have the stale label
removed.

When we first enable this, hundreds of issues and pull requests will be
affected, but after a first round the list of open issues and pull
request should be much smaller and should only contain things that are
or relevance to continue working with.

Link: [1] https://help.github.com/en/actions/automating-your-workflow-with-github-actions/about-github-actions

Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: SM2 DSA: fix bignum memory leaks

crypto_acipher_sm2_dsa_sign() and crypto_acipher_sm2_dsa_verify() leak
some bignum memory due to missing calls to ecc_free().
This is all the more problem

core: ltc: SM2 DSA: fix bignum memory leaks

crypto_acipher_sm2_dsa_sign() and crypto_acipher_sm2_dsa_verify() leak
some bignum memory due to missing calls to ecc_free().
This is all the more problematic that bignum allocations use a special
memory pool [1] that can easily cause deadlocks when misused.

This commit adds the missing calls.

[1] Commit a2eb5b55d169 ("libutils: add mempool API")

Fixes: 76c7ba4b9ff7 ("core: ltc: add support for SM2 DSA")
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: SM2 PKE: fix bignum memory leaks

crypto_acipher_sm2_pke_encrypt() and crypto_acipher_sm2_pke_decrypt()
leak some bignum memory due to missing calls to ecc_free() and also due
to the fact

core: ltc: SM2 PKE: fix bignum memory leaks

crypto_acipher_sm2_pke_encrypt() and crypto_acipher_sm2_pke_decrypt()
leak some bignum memory due to missing calls to ecc_free() and also due
to the fact that the x and y fields of an ecc_point are overwritten.
This is all the more problematic that bignum allocations use a special
memory pool [1] that can easily cause deadlocks when misused.

This commit fixes these problems.

[1] Commit a2eb5b55d169 ("libutils: add mempool API")

Fixes: f9a78287dd12 ("core: ltc: add support for SM2 PKE")
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: SM2 PKE: add missing return status check

The status of function ltc_ecc_is_point_at_infinity() is not checked in
crypto_acipher_sm2_pke_encrypt(). Fix that.

Fixes: f9a78287dd12 ("core: l

core: ltc: SM2 PKE: add missing return status check

The status of function ltc_ecc_is_point_at_infinity() is not checked in
crypto_acipher_sm2_pke_encrypt(). Fix that.

Fixes: f9a78287dd12 ("core: ltc: add support for SM2 PKE")
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto add support for SM2 DSA

Adds SM2 Digital Signature Algorithm [1] using LibTomCrypt. The TA
interface complies with the GlobalPlatform TEE Internal Core API
version 1.2.

SM2 DSA is enab

core: crypto add support for SM2 DSA

Adds SM2 Digital Signature Algorithm [1] using LibTomCrypt. The TA
interface complies with the GlobalPlatform TEE Internal Core API
version 1.2.

SM2 DSA is enabled with CFG_CRYPTO_SM2_DSA=y (default y) which currently
requires that CFG_CRYPTOLIB_NAME=tomcrypt. An Mbed TLS implementation
could be added later if needed.

[1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724110812

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: add support for SM2 DSA

Adds support for the SM2 Digital Signature Algorithm [1] for use by
OP-TEE core based on LibTomCrypt.

[1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724

core: ltc: add support for SM2 DSA

Adds support for the SM2 Digital Signature Algorithm [1] for use by
OP-TEE core based on LibTomCrypt.

[1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724110812

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

symbolize.py: fix stack dump of TEE core with pager

Commit 105e09c24479 ("symbolize.py: add support for TEE core ASLR") has
introduced support for ASLR by using addresses relative to the .text
secti

symbolize.py: fix stack dump of TEE core with pager

Commit 105e09c24479 ("symbolize.py: add support for TEE core ASLR") has
introduced support for ASLR by using addresses relative to the .text
section. To this end, the '-j.text' option is passed to addr2line.
Unfortunately, it happens that addr2line does not like to be given
addresses that are outside the specified section. This can happen when
CFG_WITH_PAGER=y as shown in the following example:

D/TC:4 0 TEE load address @ 0x3f000000
D/TC:4 0 Call stack:
D/TC:4 0 0x000000003f0080ac read_pc at optee_os/core/arch/arm/include/arm64.h:237
D/TC:4 0 0x000000003f062984 ?? ??:0
D/TC:4 0 0x000000003f007be4 wq_wait_final at optee_os/core/arch/arm/kernel/wait_queue.c:88
D/TC:4 0 0x000000003f007698 __mutex_lock at optee_os/core/arch/arm/kernel/mutex.c:57
D/TC:4 0 0x000000003f06c204 ?? ??:0
D/TC:4 0 0x000000003f067160 ?? ??:0
D/TC:4 0 0x000000003f06221c ?? ??:0
D/TC:4 0 0x000000003f006298 thread_std_smc_entry at optee_os/core/arch/arm/kernel/thread_optee_smc_a64.S:162

The addresses that cannot be resolved happen to be inside section
.text_pageable, not .text (excerpt from readelf -e tee.elf):

[Nr] Name Type Address Offset
[ 1] .text PROGBITS 000000003f000000 00010000
[11] .text_pageable PROGBITS 000000003f05f388 0006f388

This commit choses a different approch. Instead of using relative
addresses, we keep absolute ones but correct them with the load address
in the ELF file:

corrected address = supplied address - runtime start address
+ link time load address

Fixes: 105e09c24479 ("symbolize.py: add support for TEE core ASLR")
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

MAINTAINERS: update Aijun Sun's email address

Spreadtrum has become Unisoc. Update Aijun's email accordingly.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Aijun Sun <aijun.sun@u

MAINTAINERS: update Aijun Sun's email address

Spreadtrum has become Unisoc. Update Aijun's email accordingly.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Aijun Sun <aijun.sun@unisoc.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

MAINTAINERS: update my email address

My @linaro.org address has been invalid for some time now.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linar

MAINTAINERS: update my email address

My @linaro.org address has been invalid for some time now.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto: add support for SM2 PKE

Adds SM2 Public Key Encryption [1] using LibTomCrypt. The TA interface
complies with the GlobalPlatform TEE Internal Core API version 1.2.

SM2 is enabled with

core: crypto: add support for SM2 PKE

Adds SM2 Public Key Encryption [1] using LibTomCrypt. The TA interface
complies with the GlobalPlatform TEE Internal Core API version 1.2.

SM2 is enabled with CFG_CRYPTO_SM2_PKE=y (default y) which currently
requires that CFG_CRYPTOLIB_NAME=tomcrypt. An Mbed TLS implementation
could be added later if needed.

[1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724110812

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: add support for SM2 PKE

SM2 is a set of public key cryptographic algorithms based on elliptic
curves published by the Chinese Commercial Cryptography Administration
Office [1]. The standa

core: ltc: add support for SM2 PKE

SM2 is a set of public key cryptographic algorithms based on elliptic
curves published by the Chinese Commercial Cryptography Administration
Office [1]. The standard has three main parts which define:

- A Digital Signature Algorithm (part 2)
- A Key Exchange Protocol (part 3)
- A Public Key Encryption method (part 4)

This commit implements the PKE LibTomcrypt for use by the OP-TEE core.
It uses the LibTomCrypt ECC and arithmetic helper functions as well as
the OP-TEE hash interface for the SM3 algorithm.

As far as the ECC point encoding goes, only the uncompressed form is
supported, as permitted by the standard. In practice, it means that the
cipher text always starts with the byte value 0x04. Other forms cannot
be decrypted by this implementation.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: export ECC key helper functions

The static functions ecc_populate_ltc_private_key() and
ecc_populate_ltc_public_key() will be useful for other ECC algorithms
than the ones currently handl

core: ltc: export ECC key helper functions

The static functions ecc_populate_ltc_private_key() and
ecc_populate_ltc_public_key() will be useful for other ECC algorithms
than the ones currently handled by core/lib/libtomcrypt/ecc.c, namely:
the SM2 family of algorithms. Therefore, export these functions in
"acipher_helpers.h".

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: add implementations for .addmod and .submod

Adds the addmod() and submod() functions which are missing from the
ltc_mp descriptor. It is a bug, because crypto functions never check the
fu

core: ltc: add implementations for .addmod and .submod

Adds the addmod() and submod() functions which are missing from the
ltc_mp descriptor. It is a bug, because crypto functions never check the
functions pointers before using them.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: add SM2 curve parameters

Adds the recommended curve parameters for SM2 [1] [2].

[1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724110812
[2] https://tools.ietf.org/id/draft-ribo

core: ltc: add SM2 curve parameters

Adds the recommended curve parameters for SM2 [1] [2].

[1] http://www.gmbz.org.cn/main/postDetail.html?id=20180724110812
[2] https://tools.ietf.org/id/draft-ribose-openpgp-oscca-00.html

Signed-off-by: Jerome Forissier <jerome@forissier.org>

show more ...

TA dev kit: expose CFG_TA_VERSION build option

Allow to configure version of a TA via CFG_TA_VERSION as TA compile
time option.

Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Jerome

TA dev kit: expose CFG_TA_VERSION build option

Allow to configure version of a TA via CFG_TA_VERSION as TA compile
time option.

Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: enable rollback protection for REE-FS TAs

Add check for TA version while loading TA from REE-FS and compare
against secure storage based TA version database to prevent against
any TA version d

core: enable rollback protection for REE-FS TAs

Add check for TA version while loading TA from REE-FS and compare
against secure storage based TA version database to prevent against
any TA version downgrades.

Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm64: fix speculative execution past ERET vulnerability

Even though ERET always causes a jump to another address, aarch64 CPUs
speculatively execute following instructions as if the ERET
inst

core: arm64: fix speculative execution past ERET vulnerability

Even though ERET always causes a jump to another address, aarch64 CPUs
speculatively execute following instructions as if the ERET
instruction was not a jump instruction.
The speculative execution does not cross privilege-levels (to the jump
target as one would expect), but it continues on the kernel privilege
level as if the ERET instruction did not change the control flow -
thus execution anything that is accidentally linked after the ERET
instruction. Later, the results of this speculative execution are
always architecturally discarded, however they can leak data using
microarchitectural side channels. This speculative execution is very
reliable (seems to be unconditional) and it manages to complete even
relatively performance-heavy operations (e.g. multiple dependent
fetches from uncached memory).

It was fixed by Linux [1], FreeBSD [2] and OpenBSD [3]. The misbehavior
is demonstrated in [4] and [5].

Link: [1] https://github.com/torvalds/linux/commit/679db70801da9fda91d26caf13bf5b5ccc74e8e8
Link: [2] https://github.com/freebsd/freebsd/commit/29fb48ace4186a41c409fde52bcf4216e9e50b61
Link: [3] https://github.com/openbsd/src/commit/3a08873ece1cb28ace89fd65e8f3c1375cc98de2
Link: [4] https://github.com/google/safeside/blob/master/demos/eret_hvc_smc_wrapper.cc
Link: [5] https://github.com/google/safeside/blob/master/kernel_modules/kmod_eret_hvc_smc/eret_hvc_smc_module.c

Signed-off-by: Anthony Steinhauser <asteinhauser@google.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ci: shippable: remove CCACHE_UNIFY=true

The ccache unify mode does not increase cache hits in the Shippable
build, contrary to what is claimed in commit a2a52e198719 ("ci:
shippable: enable ccache's

ci: shippable: remove CCACHE_UNIFY=true

The ccache unify mode does not increase cache hits in the Shippable
build, contrary to what is claimed in commit a2a52e198719 ("ci:
shippable: enable ccache's 'unify' option"). Disable this mode,
because it is slower than the default mode [1] and might cause
corrupted builds [2].

Unify mode was enabled in the above commit, but that commit also set
CFG_DEBUG_INFO=n. It was in fact this configuration flag that allowed
better caching, by preventing -g3 from being added to the C flags.
With -g3, the preprocessor output contains all the macro definitions
(such as the configuration variables from config.h). Without it (or
with -g), those defines are not visible after the preprocessing stage
and therefore adding defines that do not change the actual code has no
impact and cached objects can be re-used.

$ echo '#define FOO 1' | gcc -x c -E - | grep '#define FOO 1'
$ echo '#define FOO 1' | gcc -x c -g3 -E - | grep '#define FOO 1'
#define FOO 1

[1] ccache(1) man page
[2] .incbin directive bug: https://github.com/ccache/ccache/issues/497

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add core_mmu_map_contiguous_pages()

Adds core_mmu_map_contiguous_pages() which maps a range of physical
addresses.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wik

core: add core_mmu_map_contiguous_pages()

Adds core_mmu_map_contiguous_pages() which maps a range of physical
addresses.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

stdint.h: add U() ULL() L() LL() macros

Adds U() ULL() L() and LL() macros with a separate implementation for
assembly. Brushes up {,U}INT{8,16,32,64}_C() macros to use the new
primitive macros inst

stdint.h: add U() ULL() L() LL() macros

Adds U() ULL() L() and LL() macros with a separate implementation for
assembly. Brushes up {,U}INT{8,16,32,64}_C() macros to use the new
primitive macros instead.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...