plat-stm32mp1: reformat OP-TEE images to stm32 format

OP-TEE core images are reformatted into a STM32 compliant format
expected by the platform flashing tools.

Signed-off-by: Etienne Carriere <etie

plat-stm32mp1: reformat OP-TEE images to stm32 format

OP-TEE core images are reformatted into a STM32 compliant format
expected by the platform flashing tools.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: stm32_uart driver

Used by platform stm32mp1.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <je

core: stm32_uart driver

Used by platform stm32mp1.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-stm32mp1: add initial support

Introduce platform stm32mp1 with board stm32mp1-stm32mp157c-ev1 based
on stm32mp1 SoC family integrating Arm Cortex-A7 technology. In its
default configuration, st

plat-stm32mp1: add initial support

Introduce platform stm32mp1 with board stm32mp1-stm32mp157c-ev1 based
on stm32mp1 SoC family integrating Arm Cortex-A7 technology. In its
default configuration, stm32mp1 OP-TEE core operates in a 256kB secure
RAM with pager support enabled.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Remove get_rng_array()

Removes get_rng_array() in favor of crypto_rng_read() which always uses
the configured RNG implementation to draw random.

Reviewed-by: Jerome Forissier <jerome.forissier@lina

Remove get_rng_array()

Removes get_rng_array() in favor of crypto_rng_read() which always uses
the configured RNG implementation to draw random.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libmpa: remove mpa_set_random_generator()

MPA is used in two configurations, either in kernel mode or in user mode.

In kernel mode random is always drawn with crypto_rng_read() and in
user mode ute

libmpa: remove mpa_set_random_generator()

MPA is used in two configurations, either in kernel mode or in user mode.

In kernel mode random is always drawn with crypto_rng_read() and in
user mode utee_cryp_random_number_generate() is used instead.

This patch makes the code easier to follow by replacing the call via a
function pointer to a normal function call instead.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add new RNG implementation

Adds a new cryptographically secure pseudo random number generator known
as Fortuna. The implementation is based on the description in [0]. This
implementation repla

core: add new RNG implementation

Adds a new cryptographically secure pseudo random number generator known
as Fortuna. The implementation is based on the description in [0]. This
implementation replaces the implementation in LTC which was used until
now.

Gathering of entropy has been refined with crypto_rng_add_event() to
better match how entropy is added to Fortuna. A enum crypto_rng_src
identifies the source of the event. The source also controls how the
event is added. There are two options available, queue it in a circular
buffer for later processing or adding it directly to a pool. The former
option is suitable when being called from an interrupt handler or some
other place where RPC to normal world is forbidden.

plat_prng_add_jitter_entropy_norpc() is removed and
plat_prng_add_jitter_entropy() is updated to use this new entropy source
scheme.

The configuration of LTC is simplified by this, now PRNG is always drawn
via prng_mpa_desc.

plat_rng_init() takes care of initializing the PRNG in order to allow
platforms to override or enhance the Fortuna integration.

[0] Link:https://www.schneier.com/academic/paperfiles/fortuna.pdf

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: split tee_pager_init()

Splits tee_pager_init() into tee_pager_set_alias_area() and
tee_pager_generate_authenc_key(). The former function is called where
tee_pager_init() used to be called and

core: split tee_pager_init()

Splits tee_pager_init() into tee_pager_set_alias_area() and
tee_pager_generate_authenc_key(). The former function is called where
tee_pager_init() used to be called and the latter function is called
after the crypto API and RNG has been initialized.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: don't divide by sizeof(*mem) for ddr nsec memory

Since the two addresses are already of type struct core_mmu_phys_mem, do
not divide by sizeof(struct core_mmu_phys_mem). This broke dynamic sha

core: don't divide by sizeof(*mem) for ddr nsec memory

Since the two addresses are already of type struct core_mmu_phys_mem, do
not divide by sizeof(struct core_mmu_phys_mem). This broke dynamic shared
memory on Juno r0, since nelem would be zero for two slots.

Tested on Juno r0.

Fixes: 2f82082fada3 ("core: add ddr overall register")
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Rouven Czerwinski <rouven@czerwinskis.de>

show more ...

ci: shippable: Add sunxi-bpi_zero

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Ying-Chun Liu (PaulLiu) <paul.liu

ci: shippable: Add sunxi-bpi_zero

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Ying-Chun Liu (PaulLiu) <paul.liu@linaro.org>

show more ...

MAINTAINERS: Add MAINTAINERS entry for AllWinner H2+

This commit adds maintainer for this board.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.foriss

MAINTAINERS: Add MAINTAINERS entry for AllWinner H2+

This commit adds maintainer for this board.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Ying-Chun Liu (PaulLiu) <paul.liu@linaro.org>

show more ...

plat-sunxi: Add plat-sunxi

Initial version support for Allwinner H2+ platform. Specific to Banana Pi
M2 zero board currently.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Je

plat-sunxi: Add plat-sunxi

Initial version support for Allwinner H2+ platform. Specific to Banana Pi
M2 zero board currently.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Ying-Chun Liu (PaulLiu) <paul.liu@linaro.org>

show more ...

core: add mdelay() function

checkpatch will check if udelay value is too large. Use udelay() to
implement mdelay() when we want to delay more than 10000 us.

Reviewed-by: Jens Wiklander <jens.wiklan

core: add mdelay() function

checkpatch will check if udelay value is too large. Use udelay() to
implement mdelay() when we want to delay more than 10000 us.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Ying-Chun Liu (PaulLiu) <paul.liu@linaro.org>

show more ...

core: drivers: serial8250_uart: Add DT support

Add DT support for serial8250 uart driver. The matchtable currently
supports allwinner H2+ SoC.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org

core: drivers: serial8250_uart: Add DT support

Add DT support for serial8250 uart driver. The matchtable currently
supports allwinner H2+ SoC.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Ying-Chun Liu (PaulLiu) <paulliu@debian.org>

show more ...

Add new platform for the TI K3 class of SoCs

Add platform 'k3' for the TI K3 family. These are ARMv8 devices
and are quite different from our line of existing ARMv7 OMAP style
SoCs, hence the new pl

Add new platform for the TI K3 class of SoCs

Add platform 'k3' for the TI K3 family. These are ARMv8 devices
and are quite different from our line of existing ARMv7 OMAP style
SoCs, hence the new platform.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto: arm64 ce: update AES CBC routines

Update the Aarch64 Crypto Extension accelerated CBC encryption/decryption
routines to the latest upstream implementation in the Linux kernel
(v4.17-rc

core: crypto: arm64 ce: update AES CBC routines

Update the Aarch64 Crypto Extension accelerated CBC encryption/decryption
routines to the latest upstream implementation in the Linux kernel
(v4.17-rc7).

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960)
CC: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Fixes: https://github.com/OP-TEE/optee_os/issues/2355
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ci: travis: cleanup for Ubuntu Trusty container-based environment

Now that the Travis container-based environment is running Ubuntu Trusty
(14.04), some downloads and build steps are not needed anym

ci: travis: cleanup for Ubuntu Trusty container-based environment

Now that the Travis container-based environment is running Ubuntu Trusty
(14.04), some downloads and build steps are not needed anymore. Use the
tools that come with the distribution instead.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ci: travis: set buildroot ccache directory to ~/.ccache

The default ccache directory used by buildroot is ~/.buildroot-ccache [1],
which is outside the paths saved by the Travis caching mechanism [2

ci: travis: set buildroot ccache directory to ~/.ccache

The default ccache directory used by buildroot is ~/.buildroot-ccache [1],
which is outside the paths saved by the Travis caching mechanism [2]. Fix
that by adding BR2_CCACHE_DIR=~/.ccache to the make command.

Link: [1] https://buildroot.org/downloads/manual/manual.html#ccache
Link: [2] https://docs.travis-ci.com/user/caching/#ccache-cache
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: Fix the keepalive condition on last session close

Keepalive condition check should involve single instance flag too, since
the keepalive flag is meaningless if the TA is not single instance

libutee: Fix the keepalive condition on last session close

Keepalive condition check should involve single instance flag too, since
the keepalive flag is meaningless if the TA is not single instance.
The same fix was done earlier in the core by commit f9a64f12b542 ("core:
fix the keepalive condition in close session").

Fixes: b7ea03ff2963 ("libutee: fix TA_CreateEntryPoint() and TA_DestroyEntryPoint()")
Signed-off-by: Andrew Gabbasov <andrew_gabbasov@mentor.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

mbedtls_config_uta.h: enable check key usage

Defines MBEDTLS_X509_CHECK_KEY_USAGE to enable checking key usage of a
certificate.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-o

mbedtls_config_uta.h: enable check key usage

Defines MBEDTLS_X509_CHECK_KEY_USAGE to enable checking key usage of a
certificate.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: fix syscall_cryp_obj_get_attr() with null buffer

Prior to this patch when syscall_cryp_obj_get_attr() is called with a
NULL buffer to query buffer size the function returns
TEE_ERROR_ACCESS_DE

core: fix syscall_cryp_obj_get_attr() with null buffer

Prior to this patch when syscall_cryp_obj_get_attr() is called with a
NULL buffer to query buffer size the function returns
TEE_ERROR_ACCESS_DENIED while TEE_ERROR_SHORT_BUFFER is expected. This
patch fixes syscall_cryp_obj_get_attr() to return TEE_ERROR_SHORT_BUFFER
if supplied buffer parameter is NULL.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

aosp_optee.mk: allow dependency builds for TAs

Signed-off-by: Yongqin Liu <yongqin.liu@linaro.org>
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissi

aosp_optee.mk: allow dependency builds for TAs

Signed-off-by: Yongqin Liu <yongqin.liu@linaro.org>
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

ci: shippable: enable parallel build

Try to speed up the Shippable CI by re-introducing parallel builds, which
were removed by commit c330283b4a00 ("ci: .shippable.yml: disable parallel
build") due

ci: shippable: enable parallel build

Try to speed up the Shippable CI by re-introducing parallel builds, which
were removed by commit c330283b4a00 ("ci: .shippable.yml: disable parallel
build") due to random build errors. Although the root cause was never
identified, there are reasons to believe that the issue may not be
reproducible anymore:
- The container environment has likely seen updates
- Commit 836334a163f9 ("ci: shippable: set build directory identically for
all platforms") has modified the output paths, so a race condition on
directory creation seems quite unlikely to happen.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

core: crypto: cleanup and fix CE accelerated AES CTR

There is a problem with how the counter is incremented in our Aarch32
implementation of ce_aes_ctr_encrypt(). When 3 or more 16-byte blocks of
da

core: crypto: cleanup and fix CE accelerated AES CTR

There is a problem with how the counter is incremented in our Aarch32
implementation of ce_aes_ctr_encrypt(). When 3 or more 16-byte blocks of
data are processed, the counter is incremented one time too many and
invalid data is produced as a result [1].

More generally, the way the counter is handled is quite convoluted. It is
incremented:
- In the generic LibTomCrypt code in ctr_encrypt_sub(),
- In the Crypto Extension glue layer in aes_ctr_encrypt_nblocks(),
- In the CE accelerated assembly code in ce_aes_ctr_encrypt().
We can easily get rid of the second one. We can also avoid always calling
the non-accelerated function on the first block of data.

This commit simplifies the C code to reflect the following rules:
- The core encryption functions (accelerated or not) should use the
counter value as is to process the first block of data,
- They should increment it for each block that is processed and return it
as an output parameter

The AArch32 and AArch64 CE assembler implementations are updated to the
latest available in the upstream Linux kernel (v4.17-rc7), thus
incorporating further improvements/simplifications by Ard Biesheuvel.
These functions handle the counter as described above so they fit our use
case perfectly.

Fixes: [1] https://github.com/OP-TEE/optee_os/issues/2305
CC: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960, 32/64, CE/no CE)
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

tee_ta_manager: remove unused function tee_ta_get_client_id()

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

plat-*/conf.mk: use $(call force, ...) to set CFG_TEE_CORE_NB_CORE

Except for very special cases (such as virtualization), the number of CPU
cores that can enter OP-TEE is a fixed number that depend

plat-*/conf.mk: use $(call force, ...) to set CFG_TEE_CORE_NB_CORE

Except for very special cases (such as virtualization), the number of CPU
cores that can enter OP-TEE is a fixed number that depends on the hardware
configuration and should not be configurable at build time.
Therefore, use $(call force,CFG_TEE_CORE_NB_CORE,<value>) to set the
value.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...