tee_ree_fs: avoid race condition between fh usage/closing

It is possible that one core will call ree_fs_close_primitive()
while another is calling ree_fs_read_primitive(). This patch
prevents this b

tee_ree_fs: avoid race condition between fh usage/closing

It is possible that one core will call ree_fs_close_primitive()
while another is calling ree_fs_read_primitive(). This patch
prevents this by putting ree_fs_close_primitive under mutex.

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libmbedtls: configure and compile mbedtls

Configures mbedtls with a minimal user mode TA configuration and makes
it compile.

Adds dummy include/mbedtls_config_kernel.h to give a good error message

libmbedtls: configure and compile mbedtls

Configures mbedtls with a minimal user mode TA configuration and makes
it compile.

Adds dummy include/mbedtls_config_kernel.h to give a good error message
in case mbedTLS is compiled in for kernel mode.

mbedTLS is enabled for TAs with CFG_TA_MBEDTLS = y
Builtin self tests are enabled with CFG_TA_MBEDTLS_SELF_TEST = y

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Squashed commit importing mbedtls-2.6.1 source

Squash merging branch import/mbedtls-2.6.1

215609ae4d8c ("mbedtls: configure mbedtls to reach for config")
6916dcd9b9cd ("mbedtls: remove default incl

Squashed commit importing mbedtls-2.6.1 source

Squash merging branch import/mbedtls-2.6.1

215609ae4d8c ("mbedtls: configure mbedtls to reach for config")
6916dcd9b9cd ("mbedtls: remove default include/mbedtls/config.h")
b60fc42a5cd5 ("Import mbedtls-2.6.1")

Acked-by: Joakim Bech <joakim.bech@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

checkpatch_inc.sh: ignore lib/libmbedtls

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

checkpatch_inc.sh: remove non-existent directories

Removes directories listed in checkpatch_inc.sh that doesn't
exists any longer.

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Etienn

checkpatch_inc.sh: remove non-existent directories

Removes directories listed in checkpatch_inc.sh that doesn't
exists any longer.

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Add rand() for TA usage

Adds rand() by declaring it in stdlib.h where it's expected to be found.
Implementation is provided in libutee since it depends on
TEE_GenerateRandom().

Reviewed-by: Joakim

Add rand() for TA usage

Adds rand() by declaring it in stdlib.h where it's expected to be found.
Implementation is provided in libutee since it depends on
TEE_GenerateRandom().

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

mpa_desc.c: rename rand() to mpa_rand()

In mpa_desc.c rename rand() to mpa_rand() to avoid conflict with the C99
function rand().

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Etienne

mpa_desc.c: rename rand() to mpa_rand()

In mpa_desc.c rename rand() to mpa_rand() to avoid conflict with the C99
function rand().

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

stdint.h: include limits.h

The define SIZE_MAX uses ULONG_MAX, which is provided in limits.h.

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.o

stdint.h: include limits.h

The define SIZE_MAX uses ULONG_MAX, which is provided in limits.h.

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutils: import strcpy() and strncpy()

Imports strcpy() and strncpy() from newlib with license added

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@

libutils: import strcpy() and strncpy()

Imports strcpy() and strncpy() from newlib with license added

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutils: import strstr() from newlib

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.

libutils: import strstr() from newlib

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutils: time.h: typedef time_t

Typedefs time_t as a int64_t

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklande

libutils: time.h: typedef time_t

Typedefs time_t as a int64_t

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

user_ta: add helper function free_utc() for unified cleanup

Add helper function free_utc(). This function will be called both from
error path in tee_ta_init_user_ta_session() and from user_ta_ctx_de

user_ta: add helper function free_utc() for unified cleanup

Add helper function free_utc(). This function will be called both from
error path in tee_ta_init_user_ta_session() and from user_ta_ctx_destroy().

Suggested-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey)

show more ...

user_ta: tee_ta_init_user_ta_session(): return if calloc fails

There is no sense to do cleanup if user TA context can't be
allocated. Return error immediately.

Signed-off-by: Volodymyr Babchuk <vla

user_ta: tee_ta_init_user_ta_session(): return if calloc fails

There is no sense to do cleanup if user TA context can't be
allocated. Return error immediately.

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

user_ta: tee_ta_init_user_ta_session(): free mobj_exidx in error path

Fixes: b072193efb70 ("arm32: stack unwinding for dynamically linked TAs")

Suggested-by: Jerome Forissier <jerome.forissier@lina

user_ta: tee_ta_init_user_ta_session(): free mobj_exidx in error path

Fixes: b072193efb70 ("arm32: stack unwinding for dynamically linked TAs")

Suggested-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

user_ta: tee_ta_init_user_ta_session(): missing free_elfs() in error path

Fixes: c27907e1bc5a ("core: arm32: add support for dynamically linked TAs")

Suggested-by: Jerome Forissier <jerome.forissie

user_ta: tee_ta_init_user_ta_session(): missing free_elfs() in error path

Fixes: c27907e1bc5a ("core: arm32: add support for dynamically linked TAs")

Suggested-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

plat-vexpress: qemu_*: no need to register non-secure DDR

Qemus force CFG_DT to y resulting in DTB to provide the REE system memory
range(s). No need to register REE memory for dynamic SHM support.

plat-vexpress: qemu_*: no need to register non-secure DDR

Qemus force CFG_DT to y resulting in DTB to provide the REE system memory
range(s). No need to register REE memory for dynamic SHM support.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-vexpress: move to generic RAM layout

FVP:
- Secure RAM [0600.0000 0800.0000[ configurable.
- Static SHM [8300.0000 8320.0000[ configurable.

Juno:
- Secure RAM [ff00.0000 ffff.8000[ configurabl

plat-vexpress: move to generic RAM layout

FVP:
- Secure RAM [0600.0000 0800.0000[ configurable.
- Static SHM [8300.0000 8320.0000[ configurable.

Juno:
- Secure RAM [ff00.0000 ffff.8000[ configurable.
Note trailing 32kByte reserved by SCP for DDR retraining.
- Static SHM [fee0.0000 ff00.0000[ configurable.

qemu_virt:
- Secure RAM [0e10.0000 0f00.0000[ configurable.
- Static SHM [7fe0.0000 8000.0000[ configurable.

qemu_armv8:
- Secure RAM [0.0e10.0000 0.0f00.0000[ configurable.
- Static SHM [0.ffe0.0000 1.0000.0000[ configurable.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-vexpress: qemu_virt: align DRAM0 end with qemu_armv8

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

plat-vexpress: Juno: don't waste about 2MB of Secure RAM

Only the last 32kByte of the DRAM is used by SCP. There are
a bit less than 2MByte that could be used.

Actually this does not change a lot b

plat-vexpress: Juno: don't waste about 2MB of Secure RAM

Only the last 32kByte of the DRAM is used by SCP. There are
a bit less than 2MByte that could be used.

Actually this does not change a lot but allow to remove a comment
in the platform configuration file.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: fixed gcc 7 format-truncation errors

gcc7 failed to build with -Werror=format-truncation.
snprintf() with format "[%d]" can output 12 bytes maximum because
the range of the argument are from 1

core: fixed gcc 7 format-truncation errors

gcc7 failed to build with -Werror=format-truncation.
snprintf() with format "[%d]" can output 12 bytes maximum because
the range of the argument are from 1 to 10 bytes. Thus we need to
enlarge the desc buffer to 13 bytes to avoid this error.

Signed-off-by: Ying-Chun Liu (PaulLiu) <paulliu@debian.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: htree: fix meta inclusion in root hash

Prior to this patch was the size of the meta data supplied as the size
of the pointer to meta data. With this patch the size is corrected to be
the size

core: htree: fix meta inclusion in root hash

Prior to this patch was the size of the meta data supplied as the size
of the pointer to meta data. With this patch the size is corrected to be
the size of meta data itself.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Fixes: https://github.com/OP-TEE/optee_os/issues/2330
Fixes: 94a72998bc1d ("core: fs_htree: include meta in root hash")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

mmu: add locking for OP-TEE address space manipulation

core_mmu_(un)map_pages() functions can be called in multiple threads
simultaneously and there is no protection against races.

This patch adds

mmu: add locking for OP-TEE address space manipulation

core_mmu_(un)map_pages() functions can be called in multiple threads
simultaneously and there is no protection against races.

This patch adds spinlock that ensures that only one core will alter
pagetables at a time.

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-ls: move to generic RAM layout

Move default secure and non-secure Optee memory locations from
platform_config.h to conf.mk using header generic_ram_layout.h.

ls1021atwr:
- Secure RAM [bc00.000

plat-ls: move to generic RAM layout

Move default secure and non-secure Optee memory locations from
platform_config.h to conf.mk using header generic_ram_layout.h.

ls1021atwr:
- Secure RAM [bc00.0000 bfe0.0000[ configurable.
- Static SHM [bfe0.0000 bff0.0000[ configurable.

ls1021aqds:
- Secure RAM [fc00.0000 ffe0.0000[ configurable.
- Static SHM [ffe0.0000 ffff.ffff] configurable.

ls1012ardb:
- Secure RAM [bc00.0000 bfe0.0000[ configurable.
- Static SHM [bfe0.0000 c000.0000[ configurable.

ls1043ardb:
- Secure RAM [fc00.0000 ffe0.0000[ configurable.
- Static SHM [bfe0.0000 c000.0000[ configurable.

ls1046ardb:
- Secure RAM [fc00.0000 ffe0.0000[ configurable.
- Static SHM [bfe0.0000 c000.0000[ configurable.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Sumit Garg <sumit.garg@linaro.org>

show more ...

core: add ELF identifier after memory region when dumping TA state

Update the TA exception/panic dump to add an identifier after each memory
region used to map an ELF section. Here is an example wit

core: add ELF identifier after memory region when dumping TA state

Update the TA exception/panic dump to add an identifier after each memory
region used to map an ELF section. Here is an example with a TA linked
against two dynamic libraries ("E/TC:0" prefix removed):

TA panicked with code 0x0
Status of TA 93038f64-871d-4773-b1f5-878697745eee (0xe17fe00) (active)
arch: arm load address: 0x103000 ctx-idr: 2
stack: 0x102000 4096
region 0: va 0x100000 pa 0xe100000 size 0x1000 flags ---R-X
region 1: va 0x102000 pa 0xe318000 size 0x1000 flags rw-RW-
region 2: va 0x103000 pa 0xe300000 size 0xd000 flags r-x--- [0]
region 3: va 0x110000 pa 0xe30d000 size 0xb000 flags rw---- [0]
region 4: va 0x11b000 pa 0xe319000 size 0x1000 flags r-x--- [1]
region 5: va 0x12b000 pa 0xe329000 size 0x1000 flags rw---- [1]
region 6: va 0x12c000 pa 0xe32a000 size 0x1000 flags r-x--- [2]
region 7: va 0x13c000 pa 0xe33a000 size 0x1000 flags rw---- [2]
region 8: va 0x13d000 pa 0xe33b000 size 0x1000 flags r-----
[0] 93038f64-871d-4773-b1f5-878697745eee @ 0x103000
[1] 7814a949-e967-421c-8838-04f7ee1c5744 @ 0x11b000
[2] 14c7f8d4-0202-4bfe-b4ca-ab6eca303169 @ 0x12c000
Call stack:
0x00103628
0x00109591
0x0011b36d
0x00103041
0x00103245
0x0010334d
0x0010348b
0x001035df

Index [0] points to the main executable while higher values identify
libraries.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm32: map consolidated EXIDX table after libraries

The ELF loader may leave some unused VA space between segments. It is a
consequence of the alignment constraints in the ELF file.
When mappi

core: arm32: map consolidated EXIDX table after libraries

The ELF loader may leave some unused VA space between segments. It is a
consequence of the alignment constraints in the ELF file.
When mapping the consolidated EXIDX table, we do not specify an address
and let vm_map() choose the first available space instead. As a result,
EXIDX may be inserted into the (unused) VA space of a library.
While this seems to be valid, it may be a bit misleading.

This patch moves the new EXIDX table after the ELF binaries.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...