user_ta: fix spelling mistake in debug message

Fixes a spelling mistake.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

plat-k3: Add J721E device support

The only difference from AM65x that OP-TEE cares about currently is the
GICC offset and size. Update the same.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Acked-by

plat-k3: Add J721E device support

The only difference from AM65x that OP-TEE cares about currently is the
GICC offset and size. Update the same.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

core: fix enum restart with syscall_storage_start_enum()

According to the GlobalPlatform specification it should be possible to
call TEE_StartPersistentObjectEnumerator(..) on an enumerator that
alr

core: fix enum restart with syscall_storage_start_enum()

According to the GlobalPlatform specification it should be possible to
call TEE_StartPersistentObjectEnumerator(..) on an enumerator that
already has been started. When doing that we trigged an assert and ended
up with a panic. This patch fixes that issue by ensuring that we are
closing the currently open directory before re-opening or opening
another directory in those cases where
TEE_StartPersistentObjectEnumerator(..) are called again and again with
no reset done in-between.

Fixes: https://github.com/OP-TEE/optee_os/issues/3093

Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Reported-by: Daniel McIlvaney <damcilva@microsoft.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (QEMU, GP)

show more ...

tee: entry_fast: reduce verbosity of dynamic shared memory message

Outside of the initial boot or error cases OP-TEE is quiet, this
is a notable exception that dirties up the boot log and has caused

tee: entry_fast: reduce verbosity of dynamic shared memory message

Outside of the initial boot or error cases OP-TEE is quiet, this
is a notable exception that dirties up the boot log and has caused
confusion during kernel boot by users. It is only needed for
debug purposes.

Reduce this message to only debug verbosity.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-ti: fix build errors

Fixes build error with PLATFORM=ti-dra7xx and PLATFORM=ti-am43xx:

error: conflicting types for ‘sm_platform_handler’
bool sm_platform_handler(struct sm_ctx *ctx)

plat-ti: fix build errors

Fixes build error with PLATFORM=ti-dra7xx and PLATFORM=ti-am43xx:

error: conflicting types for ‘sm_platform_handler’
bool sm_platform_handler(struct sm_ctx *ctx)
^~~~~~~~~~~~~~~~~~~

Fixes: aea0999e2360 ("core: explicit return value for sm_platform_handler()")
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

arm32: prevent unwinding of __ta_entry()

Since commit eeb866c431db ("Add TA entry point function: __ta_entry()"),
__ta_entry() is the first function in the user space call stack, not
__utee_entry().

arm32: prevent unwinding of __ta_entry()

Since commit eeb866c431db ("Add TA entry point function: __ta_entry()"),
__ta_entry() is the first function in the user space call stack, not
__utee_entry(). Therefore, the asm(".cantunwind") declaration should be
moved from __utee_entry() to __ta_entry().

When utee_return() was moved from __utee_entry() to __ta_entry() by
commit fde3a7f212f8 ("Remove redundant __noreturn from __utee_entry()"),
it caused a regression in xtest 1010.3. The stack unwinding would enter
an infinite loop as follows:

E/TC:? 0 User TA prefetch-abort at address 0x0 (translation fault)
E/TC:? 0 fsr 0x00000005 ttbr0 0x3f07906a ttbr1 0x3f06c06a cidr 0x2
E/TC:? 0 cpu #7 cpsr 0x80000110
E/TC:? 0 r0 0x00000001 r4 0x00161448 r8 0x00161438 r12 0x00152f80
E/TC:? 0 r1 0x00000002 r5 0x00152f40 r9 0x00152f30 sp 0x00152f10
E/TC:? 0 r2 0x00000000 r6 0x00152f80 r10 0x0000000a lr 0x0015498d
E/TC:? 0 r3 0x00152f14 r7 0x00161458 r11 0x00245420 pc 0x00000000
E/TC:? 0 Status of TA 5b9e0e40-2636-11e1-ad9e-0002a5d5c51b (0x3f069c30) (active)
E/TC:? 0 arch: arm load address: 0x00153000 ctx-idr: 2
E/TC:? 0 stack: 0x00150000 12288
E/TC:? 0 region 0: va 0x00100000 pa 0x3f000000 size 0x002000 flags ---R-X
E/TC:? 0 region 1: va 0x00150000 pa 0x3f110000 size 0x003000 flags rw-RW-
E/TC:? 0 region 2: va 0x00153000 pa 0x3f113000 size 0x00e000 flags r-xR-- [0] .ta_head .text .plt .rodata .ARM.extab .ARM.extab.text.unlikely .ARM.extab.text.__aeabi_ldivmod .ARM.extab.text.__aeabi_uldivmod .ARM.extab.text.utee_panic .ARM.exidx .dynsym .dynstr .hash
E/TC:? 0 region 3: va 0x00161000 pa 0x3f121000 size 0x0e5000 flags rw-RW- [0] .got .rel.got .rel.plt .dynamic .data .bss .rel.dyn
E/TC:? 0 region 4: va 0x00246000 pa 0x3f101000 size 0x001000 flags r-xR-- [1] .hash .dynsym .dynstr .rel.plt .plt .text .ARM.exidx
E/TC:? 0 region 5: va 0x00247000 pa 0x3f102000 size 0x001000 flags rw-RW- [1] .dynamic .got
E/TC:? 0 region 6: va 0x00248000 pa 0x3f100000 size 0x001000 flags r-----
E/TC:? 0 [0] 5b9e0e40-2636-11e1-ad9e-0002a5d5c51b @ 0x00153000 (optee_test/out/ta/os_test/5b9e0e40-2636-11e1-ad9e-0002a5d5c51b.elf)
E/TC:? 0 [1] ffd2bded-ab7d-4988-95ee-e4962fff7154 @ 0x00246000 (optee_test/out/ta/os_test_lib/libos_test.so)
E/TC:? 0 Call stack:
E/TC:? 0 0x00000000 ???
E/TC:? 0 0x0015c629 __ta_entry at optee_os/out/arm/export-ta_arm32/src/user_ta_header.c:41
E/TC:? 0 0x0015c62d tahead_get_trace_level at optee_os/out/arm/export-ta_arm32/src/user_ta_header.c:117
E/TC:? 0 0x0015c62d tahead_get_trace_level at optee_os/out/arm/export-ta_arm32/src/user_ta_header.c:117
...

Moving the .cantunwind directive fixes the issue.

Fixes: fde3a7f212f8 ("Remove redundant __noreturn from __utee_entry()")
Fixes: eeb866c431db ("Add TA entry point function: __ta_entry()")
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Sumit Garg <sumit.garg@linaro.org>

show more ...

hikey960: add support for 6G boards (CFG_DRAM_SIZE_GB=6)

Adds support for CFG_DRAM_SIZE_GB=6 and declares the non-secure
physical memory range 4~7G which may be used as shared memory by Linux
[1].

hikey960: add support for 6G boards (CFG_DRAM_SIZE_GB=6)

Adds support for CFG_DRAM_SIZE_GB=6 and declares the non-secure
physical memory range 4~7G which may be used as shared memory by Linux
[1].

Link: [1] https://github.com/96boards-hikey/OpenPlatformPkg/blob/50c813d0b9b3/Platforms/Hisilicon/HiKey960/Library/HiKey960Lib/HiKey960Mem.c#L40-L42
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

hikey960: fix memory mapping for 4G boards (CFG_DRAM_SIZE_GB=4)

HiKey960 boards equipped with 4G of RAM may use physical addresses in
the range 8G~8.5G [1]. This range is currently not declared in O

hikey960: fix memory mapping for 4G boards (CFG_DRAM_SIZE_GB=4)

HiKey960 boards equipped with 4G of RAM may use physical addresses in
the range 8G~8.5G [1]. This range is currently not declared in OP-TEE,
so if Linux happens to be using it for shared memory, it will cause
problems. This can happen when:
1. Dynamic shared memory is enabled in OP-TEE (CFG_CORE_DYN_SHM=y) and
used by the kernel driver ("optee: dynamic shared memory is enabled" in
the boot log), and
2. The UEFI firmware is recent enough to report the whole physical
address range to the kernel (introduced in edk2's OpenPlatformPkg
commit 50c813d0b9b3 ("Platforms/HiKey960: Support 4G or more memory
space for RAM") [2].

The typical error is (the address could be any value >4G):

E/TC:6 0 tee_entry_std:551 Bad arg address 0x217e9a000

This commit fixes the issue by adding the missing memory range.
Obviously, dealing with PAs greater than 4G requires a 64-bit TEE core
or CFG_CORE_LARGE_PHYSICAL_ADDR=y, so a compile-time check is added.

Link: [1] https://github.com/96boards-hikey/OpenPlatformPkg/blob/50c813d0b9b3/Platforms/Hisilicon/HiKey960/Library/HiKey960Lib/HiKey960Mem.c#L34-L38
Link: [2] https://github.com/96boards-hikey/OpenPlatformPkg/commit/50c813d0b9b3
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Sungjin Park <sungjinp@gmail.com>

show more ...

core: imx: Fix compilation warnings leading to build breakage

The following two commits slipped through warnings that weren't caught by
Shippable:

Commit 4cb61ae7d98e ("core: imx: Add simple CAAM p

core: imx: Fix compilation warnings leading to build breakage

The following two commits slipped through warnings that weren't caught by
Shippable:

Commit 4cb61ae7d98e ("core: imx: Add simple CAAM permissions set routine")
Commit f142f6f224fe ("core: imx: Add in calls to set CAAM job-ring
permissions")

This patch fixes both warnings.

Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Reported-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

MAINTAINERS: Update list of maintainers

Add Jerome Forissier back to the list of maintainers.

Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro

MAINTAINERS: Update list of maintainers

Add Jerome Forissier back to the list of maintainers.

Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

PTA: change method for checking memory in derive TA key

The tee_vbuf_is_sec() which ends up as core_vbuf_is() doesn't work with
paged user space memory, so instead use tee_mmu_check_access_rights().

PTA: change method for checking memory in derive TA key

The tee_vbuf_is_sec() which ends up as core_vbuf_is() doesn't work with
paged user space memory, so instead use tee_mmu_check_access_rights().

Fixes: a30ddda9e488 ("PTA: add support for deriving device and TA unique keys")

Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Suggested-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

PTA: add support for deriving device and TA unique keys

Enable derivation of device and Trusted Application unique keys that can
be used by different Trusted Applications directly. An example of use

PTA: add support for deriving device and TA unique keys

Enable derivation of device and Trusted Application unique keys that can
be used by different Trusted Applications directly. An example of use
case could be when you need to encrypt some data in a Trusted App and
then give it back to normal world.

By default device unique properties (HUK and TA UUID) will be used when
deriving a key. However, the one calling the PTA derive key function
also have the ability to provide some extra data that will be mixed in
together with existing device unique properties. That gives the ability
to derive keys that are not only device and Trusted Application unique,
but also tied to some additional data, it could for example be a
password or something similar.

Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

HUK: Add enum for TA unique key derivation

Add an additional enum that will be used when deriving device and TA
unique keys.

Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jens Wi

HUK: Add enum for TA unique key derivation

Add an additional enum that will be used when deriving device and TA
unique keys.

Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ftrace: arm64: handle special setjmp()/longjmp() apis

setjmp()/longjmp() user-space apis are used to perform a nonlocal goto
which transfer execution from one function to a predetermined location
in

ftrace: arm64: handle special setjmp()/longjmp() apis

setjmp()/longjmp() user-space apis are used to perform a nonlocal goto
which transfer execution from one function to a predetermined location
in another function. This is a special case as compared to normal "C"
function calls. So this patch enables ftrace to generate function graph
for these apis.

Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960)

show more ...

symbolize.py: add support to symbolize TA ftrace addresses

Add supoort to symbolize function graph addresses for instrumented TA.

Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Joak

symbolize.py: add support to symbolize TA ftrace addresses

Add supoort to symbolize function graph addresses for instrumented TA.

Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960)

show more ...

core: enable ftrace for TAs built using shared libraries

To enable ftrace for TAs built with shared libraries, we need to dump
the TA state (include regions dump along with mapping to <uuid>.elf) in

core: enable ftrace for TAs built using shared libraries

To enable ftrace for TAs built with shared libraries, we need to dump
the TA state (include regions dump along with mapping to <uuid>.elf) in
corresponding ftrace buffer for symbolize.py script to map symbols to
particular shared libraries.

Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960)

show more ...

libutee: arm64: Add support for function tracing of user TAs

Function tracing (ftrace) is a useful debugging technique to dump
function call graph for in-depth analysis of program execution and also

libutee: arm64: Add support for function tracing of user TAs

Function tracing (ftrace) is a useful debugging technique to dump
function call graph for in-depth analysis of program execution and also
to get useful information in case of any program abort.

In case of TA, this function graph information is dumped in a buffer
kept in .bss section of corresponding instrumented TA. So this buffer
can be dumped to normal world in case TA session closes or in case of
any abort. Also size of this ftrace buffer is configurable per TA via
following config option during TA compilation:

CFG_FTRACE_BUF_SIZE=2048

Function tracing is completely optional debugging feature which could
be enabled via command line config option CFG_TA_FTRACE_SUPPORT=y.

Along with this user needs to add cflag: "-pg" to the files for whom
function graph is to be generated. Typically for the whole TA, it should
be compiled with CFG_TA_MCOUNT=y.

And in case user wants to set "-pg" for particular file, following should
go in corresponding sub.mk:

cflags-<file-name>-y+=-pg

Also, to generate function graph for user mode libraries enable
CFG_ULIBS_MCOUNT=y which will set "-pg" for all library files.

Currently this patch adds support for function tracing of 64-bit
TAs only.

Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960)

show more ...

core: prepare support for TA function tracing

To support TA function tracing OP-TEE core role being:
- To initialize and register ftrace buffer per TA session.
- To dump TA ftrace buffer to normal w

core: prepare support for TA function tracing

To support TA function tracing OP-TEE core role being:
- To initialize and register ftrace buffer per TA session.
- To dump TA ftrace buffer to normal world via RPC call in case TA
session closes or in case of TA abort.

Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960)

show more ...

Rename CFG_ULIBS_GPROF to CFG_ULIBS_MCOUNT

CFG_ULIBS_GPROF builds the user mode libraries with -pg, which adds
instrumentation to all functions in the form of a call to mcount().
This was historical

Rename CFG_ULIBS_GPROF to CFG_ULIBS_MCOUNT

CFG_ULIBS_GPROF builds the user mode libraries with -pg, which adds
instrumentation to all functions in the form of a call to mcount().
This was historically used by gprof, but other tools can benefit from
this instrumentation. Therefore, rename the config flag as well as a
couple of source files to remove the reference to gprof.

Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960)

show more ...

core: fix AArch64 user TA stack dump

Restores user TA stack base and size __print_stack_unwind_arm64() to be
able to dump the user TA stack.

Fixes: c0bc8d0e7d72 ("core: print TA stack dump from thr

core: fix AArch64 user TA stack dump

Restores user TA stack base and size __print_stack_unwind_arm64() to be
able to dump the user TA stack.

Fixes: c0bc8d0e7d72 ("core: print TA stack dump from thread context")
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960)
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

TA dev kit: always link shared libraries against OP-TEE libraries

If a TA shared library is created, and needs to call OP-TEE functions,
it needs to link against the TEE libraries (libutee, libutils

TA dev kit: always link shared libraries against OP-TEE libraries

If a TA shared library is created, and needs to call OP-TEE functions,
it needs to link against the TEE libraries (libutee, libutils etc.) in
a similar way to TAs.

This patch adds the proper flags.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: sm: explicit return value for sm_from_nsec()

Define macros to explicit return value for sm_from_nsec() used
in monitor assembly trampoline to invoke either secure or non-secure
world.

Signed-

core: sm: explicit return value for sm_from_nsec()

Define macros to explicit return value for sm_from_nsec() used
in monitor assembly trampoline to invoke either secure or non-secure
world.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Etienne Carriere <etienne.carriere@linaro.org> (qemu)

show more ...

core: sm: embed sm_platform_handler upon CFG_SM_PLATFORM_HANDLER

When CFG_SM_PLATFORM_HANDLER is disabled don't even call platform
handler which is not embedded. This change aligns sm_platform_handl

core: sm: embed sm_platform_handler upon CFG_SM_PLATFORM_HANDLER

When CFG_SM_PLATFORM_HANDLER is disabled don't even call platform
handler which is not embedded. This change aligns sm_platform_handler()
and std_handler() in secure monitor integration.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: explicit return value for sm_platform_handler()

Changes sm_platform_handler() to explicitly return whether the SMC
was handled or if it shall be relayed to another layer. Prior this
change the

core: explicit return value for sm_platform_handler()

Changes sm_platform_handler() to explicitly return whether the SMC
was handled or if it shall be relayed to another layer. Prior this
change the function returned false when the SMC had been handled and
true otherwise which are not obvious return values.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: correct _fdt_get_status() description

Correct _fdt_get_status() function description since it returns a
positive or null value on success and -1 on error.

Signed-off-by: Etienne Carriere <eti

core: correct _fdt_get_status() description

Correct _fdt_get_status() function description since it returns a
positive or null value on success and -1 on error.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Joakim Bech <joakim.bech@linaro.org>

show more ...