| bc879b17 | 16-Apr-2018 |
Jerome Forissier <jerome.forissier@linaro.org> |
ltc: detect GCM counter re-use
Upstream commit 7d418b34b3fe ("Fix GCM counter reuse"):
GCM should error out after processing (2^32)-1 blocks / (2^39)-256 bits
[Note: LibTomCrypt GCM is used when C
ltc: detect GCM counter re-use
Upstream commit 7d418b34b3fe ("Fix GCM counter reuse"):
GCM should error out after processing (2^32)-1 blocks / (2^39)-256 bits
[Note: LibTomCrypt GCM is used when CFG_CRYPTO_AES_GCM_FROM_CRYPTOLIB=y
which is not the default]
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (QEMU)
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960)
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 2733280a | 06-Apr-2018 |
Etienne Carriere <etienne.carriere@linaro.org> |
libutee: out and tag buffers can be too short in TEE_AEEncryptFinal
With this change, a single call to TEE_AEEncryptFinal() checks both
the output data buffer size and the tag buffer size and return
libutee: out and tag buffers can be too short in TEE_AEEncryptFinal
With this change, a single call to TEE_AEEncryptFinal() checks both
the output data buffer size and the tag buffer size and return
TEE_ERROR_SHORT_BUFFER with both expected size if at least one
of the provided buffer is too short.
Before this change caller may need to call twice TEE_AEEncryptFinal()
in the right order to get the output buffers sizes, first for the
output data size then for the tag data size.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 9d8c378d | 16-Apr-2018 |
Jerome Forissier <jerome.forissier@linaro.org> |
checkpatch_inc.sh: fix case of empty commit due to path filtering
If a commit changes only paths that are filtered out by $_CP_EXCL, thus
making the diff empty, 'git format-patch -1 <sha1>' will sho
checkpatch_inc.sh: fix case of empty commit due to path filtering
If a commit changes only paths that are filtered out by $_CP_EXCL, thus
making the diff empty, 'git format-patch -1 <sha1>' will show the parent
commit instead. As a result, checkpatch.sh will check the wrong commit.
Several things are needed to fix the issue:
1. When calling 'git format-patch', specify the commit ID as a range
(<sha1>^..<sha1>) rather than as a single revision with a maximum count
(-1 <sha1>). This avoids showing the wrong commit.
2. Show the commit message then the diff in two steps, because the
above syntax will not print anything if the diff happens to be empty.
3. Tell checkpatch.pl to ignore the "not a unified diff" error which
is triggered if the commit log is not followed by a diff.
Link: https://travis-ci.org/OP-TEE/optee_os/builds/367058383#L2199-L2204
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| a449c911 | 12-Apr-2018 |
Andrew F. Davis <afd@ti.com> |
plat-ti: Restore GIC context on resume
The resume path may need to re-setup the GIC. This is cleared in
some suspend paths and so should be restored.
Signed-off-by: Andrew F. Davis <afd@ti.com> |
| 8d91fe09 | 13-Apr-2018 |
Victor Chong <victor.chong@linaro.org> |
hikey: register additional dyn shm
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org> |
| 9896cd2d | 13-Apr-2018 |
Victor Chong <victor.chong@linaro.org> |
hikey: fix typo
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org> |
| 0ab9388c | 05-Apr-2018 |
Jens Wiklander <jens.wiklander@linaro.org> |
Update CHANGELOG.md for 3.1.0
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (Hikey)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (Juno)
Tested-by: Jerome Forissier <jerome.forissier
Update CHANGELOG.md for 3.1.0
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (Hikey)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (Juno)
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (FVP)
Tested-by: Akshay Bhat <akshay.bhat@timesys.com> (Atmel SAM)
Tested-by: Victor Chong <victor.chong@linaro.org> (HiKey AOSP)
Tested-by: Joseph Chen <chenjh@rock-chips.com> (RK322X)
Tested-by: Igor Opaniuk <igor.opaniuk@linaro.org> (RPi3)
Tested-by: Kevin Peng <kevinp@marvell.com> (Armada 7K, 8K, 3700)
Tested-by: Volodymyr Babchuk <vlad.babchuk@gmail.com> (RCAR M3)
Tested-by: Etienne Carriere <etienne.carriere@linaro.org> (b2260/b2120, GP)
Tested-by: Peng Fan <peng.fan@nxp.com> (mx6qsabresd mx6ul/ullevk mx7dsabresd)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 74977ea7 | 03-Apr-2018 |
Jens Wiklander <jens.wiklander@linaro.org> |
core: calculate size of special rx map at EL0
Calculate the required size the read-only executable mapping of kernel
mode code while in user mode (EL0) instead of the old hard coded 8k
size.
Review
core: calculate size of special rx map at EL0
Calculate the required size the read-only executable mapping of kernel
mode code while in user mode (EL0) instead of the old hard coded 8k
size.
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (Juno)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| e13d1040 | 03-Apr-2018 |
Jens Wiklander <jens.wiklander@linaro.org> |
core: arm64: use SMCCC_ARCH_WORKAROUND_1
Use SMCCC_ARCH_WORKAROUND_1 to implement CVE-2017-5715 in AArch64.
Previous workarounds for CVE-2017-5715 haven't been fully effective.
Fixes CVE-2017-5715
core: arm64: use SMCCC_ARCH_WORKAROUND_1
Use SMCCC_ARCH_WORKAROUND_1 to implement CVE-2017-5715 in AArch64.
Previous workarounds for CVE-2017-5715 haven't been fully effective.
Fixes CVE-2017-5715
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 657d02f2 | 03-Apr-2018 |
Jens Wiklander <jens.wiklander@linaro.org> |
core: arm64: provide special rw kernel page at EL0
Provide a special kernel read/write mapped page while in EL0 if compiled
with CFG_CORE_UNMAP_CORE_AT_EL0 and CFG_CORE_WORKAROUND_SPECTRE_BP_SEC.
Th
core: arm64: provide special rw kernel page at EL0
Provide a special kernel read/write mapped page while in EL0 if compiled
with CFG_CORE_UNMAP_CORE_AT_EL0 and CFG_CORE_WORKAROUND_SPECTRE_BP_SEC.
This page will later be used as a temporary replacement of
thread_core_local. thread_core_local is not completely replaced, the new
memory is only used for temporary storage of registers via the stack
pointer.
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| cd69dc9e | 03-Apr-2018 |
Jens Wiklander <jens.wiklander@linaro.org> |
core: arm: add thread_smc()
Adds thread_smc() for simple SMC calls to dispatcher in EL3
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@l
core: arm: add thread_smc()
Adds thread_smc() for simple SMC calls to dispatcher in EL3
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 3d2ffcf3 | 03-Apr-2018 |
Jens Wiklander <jens.wiklander@linaro.org> |
core: add smccc.h
Adds <smccc.h> introducing new features in SMC calling convention v1.1
See also
Link: https://developer.arm.com/-/media/developer/pdf/ARM_DEN_0070A_Firmware_interfaces_for_mitigat
core: add smccc.h
Adds <smccc.h> introducing new features in SMC calling convention v1.1
See also
Link: https://developer.arm.com/-/media/developer/pdf/ARM_DEN_0070A_Firmware_interfaces_for_mitigating_CVE-2017-5715.pdf
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 03288f92 | 12-Apr-2018 |
Jerome Forissier <jerome.forissier@linaro.org> |
ltc: mpa: fix potential memory leak in exptmod()
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reported-by: Oliver Chiang <oliver.chiang@mstarsemi.com>
Acked-by: Jens Wiklander <jens
ltc: mpa: fix potential memory leak in exptmod()
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reported-by: Oliver Chiang <oliver.chiang@mstarsemi.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 09e7c6bf | 11-Apr-2018 |
Edison Ai <edison.ai@arm.com> |
core/arch/arm/pta/sdp_pta.c: Fix compile error
There will be a "format" compile error when using gcc 6.2.1.
It is not allowed to change type from "struct" to "void *"
in gcc 6.2.1.
Signed-off-by: E
core/arch/arm/pta/sdp_pta.c: Fix compile error
There will be a "format" compile error when using gcc 6.2.1.
It is not allowed to change type from "struct" to "void *"
in gcc 6.2.1.
Signed-off-by: Edison Ai <edison.ai@arm.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| e39aae81 | 10-Apr-2018 |
Jerome Forissier <jerome.forissier@linaro.org> |
core: crypto: arm32: add counter increment in ce_aes_ctr_encrypt()
Commit 628a9a10ca36 ("ltc: ctr: improve performance") reveals a bug in
the Aarch32 accelerated crypto code (AES CTR mode), which ca
core: crypto: arm32: add counter increment in ce_aes_ctr_encrypt()
Commit 628a9a10ca36 ("ltc: ctr: improve performance") reveals a bug in
the Aarch32 accelerated crypto code (AES CTR mode), which causes xtest
9159 to fail with some invalid buffer content: encrypting 96 bytes of
data in one pass does not yield the same result than encrypting 3 * 32
bytes. The problem is fixed by adding a missing counter increment in
ce_aes_ctr_encrypt().
Fixes: 9ff4f2ccc026 ("arm32: AES using ARMv8-A cryptographic extensions")
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960)
Acked-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 2a4f2cd1 | 05-Apr-2018 |
Jens Wiklander <jens.wiklander@linaro.org> |
Update revision for release tag 3.1.0-rc1
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> |
| 35964dc9 | 05-Apr-2018 |
Etienne Carriere <etienne.carriere@linaro.org> |
core: minor cleanup related to pseudo TAs
tee_kta_trace.h is unused and useless.
Reword "static TA" into "pseudo TA" in comments.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Revie
core: minor cleanup related to pseudo TAs
tee_kta_trace.h is unused and useless.
Reword "static TA" into "pseudo TA" in comments.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
show more ...
|
| 387b0ee3 | 05-Apr-2018 |
Etienne Carriere <etienne.carriere@linaro.org> |
core: deprecate TA property flags EXEC_DDR and USER_MODE
TA property flags TA_FLAG_EXEC_DDR and TA_FLAG_USER_MODE were
not really useful in the OP-TEE and now they are meaningless.
Define the mask
core: deprecate TA property flags EXEC_DDR and USER_MODE
TA property flags TA_FLAG_EXEC_DDR and TA_FLAG_USER_MODE were
not really useful in the OP-TEE and now they are meaningless.
Define the mask of flags a TA may pretend to and assert loaded
TAs do not expect flags set outside of the defined supported bit
flags.
Fix gmon.h against duplicate round macros.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
show more ...
|
| 027f0506 | 05-Apr-2018 |
Etienne Carriere <etienne.carriere@linaro.org> |
core: deprecate TA_FLAG_USER_MODE
Differentiate user TA and pseudo TA contexts based on the TA operation
structure registered in the TA context and specific to each.
Change gprof pTA to test uTA at
core: deprecate TA_FLAG_USER_MODE
Differentiate user TA and pseudo TA contexts based on the TA operation
structure registered in the TA context and specific to each.
Change gprof pTA to test uTA attribute when targeting uTA client instead
of testing !pTA attribute.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
show more ...
|
| ecb1e154 | 05-Apr-2018 |
Etienne Carriere <etienne.carriere@linaro.org> |
doc: update documentation against out dated information
OP-TEE currently targets ARM Cortex-A with TZ, not all ARM TZ HW.
This change updates documentation on this fact.
This change references the
doc: update documentation against out dated information
OP-TEE currently targets ARM Cortex-A with TZ, not all ARM TZ HW.
This change updates documentation on this fact.
This change references the GPD TEE Internal Core API v1.1 instead of
the older GPD TEE Internal API v1.0. This also fixes an missing
uppercase Internal *C*ore API v1.1 reference.
Remove reference to the deprecated optee_linuxdriver git repository and
review presentation of the several OP-TEE components in relate git
repositories.
These updates lead to few other changes, especially adding references
to other available documentation where accurate.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
show more ...
|
| d84eb122 | 22-Feb-2018 |
Pankaj Gupta <pankaj.gupta@nxp.com> |
plat-ls: Add support for fetching SSK from armv8 platform flavour.
- PLATFORM = ls-ls1046ardb, ls-ls1043ardb, ls-ls1012ardb
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Reviewed-by: Sumit
plat-ls: Add support for fetching SSK from armv8 platform flavour.
- PLATFORM = ls-ls1046ardb, ls-ls1043ardb, ls-ls1012ardb
Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>
Reviewed-by: Sumit Garg <sumit.garg@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
[jf: s/?=y/?= y/]
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
show more ...
|
| bdc919a5 | 22-Mar-2018 |
Jerome Forissier <jerome.forissier@linaro.org> |
core: crypto: enable 4096-bit RSA keys
RSA key size can be allowed to be as large as CFG_CORE_BIGNUM_MAX_BITS
(4096 by default).
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Review
core: crypto: enable 4096-bit RSA keys
RSA key size can be allowed to be as large as CFG_CORE_BIGNUM_MAX_BITS
(4096 by default).
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 409d2ff0 | 26-Mar-2018 |
Jerome Forissier <jerome.forissier@linaro.org> |
core: crypto: ltc: introduce CFG_CORE_BIGNUM_MAX_BITS
Make the size of big numbers in the TEE core configurable. The default
(4096 bits) may be reduced if such a large key size is not needed, to
sav
core: crypto: ltc: introduce CFG_CORE_BIGNUM_MAX_BITS
Make the size of big numbers in the TEE core configurable. The default
(4096 bits) may be reduced if such a large key size is not needed, to
save core memory.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| e3458e03 | 26-Mar-2018 |
Jerome Forissier <jerome.forissier@linaro.org> |
libutee: introduce CFG_TA_BIGNUM_MAX_BITS
Make the size of big numbers in libutee configurable. This controls
the size of the big numbers that can be manipulated through the TEE
Internal Core API (A
libutee: introduce CFG_TA_BIGNUM_MAX_BITS
Make the size of big numbers in libutee configurable. This controls
the size of the big numbers that can be manipulated through the TEE
Internal Core API (Arithmetical functions).
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 5beb9909 | 23-Mar-2018 |
Jerome Forissier <jerome.forissier@linaro.org> |
libutee: remove redundant #define for TEE_MAX_NUMBER_OF_SUPPORTED_BITS
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> |