Replace struct hash_ops with function interface

Adds crypto_hash_get_ctx_size(), crypto_hash_init(),
crypto_hash_update() and crypto_hash_final() replacing struct hash_ops
in crypto_ops.

Acked-by:

Replace struct hash_ops with function interface

Adds crypto_hash_get_ctx_size(), crypto_hash_init(),
crypto_hash_update() and crypto_hash_final() replacing struct hash_ops
in crypto_ops.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto: fix crypto_rng_read() comment

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.w

core: crypto: fix crypto_rng_read() comment

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Add CFG_CONCURRENT_SINGLE_INSTANCE_TA

Commit 2b07dcb97c5e ("core: avoid deadlocks caused by single-instance
TA") introduces a lock that allows only one single instance TA to be
executing at any time

Add CFG_CONCURRENT_SINGLE_INSTANCE_TA

Commit 2b07dcb97c5e ("core: avoid deadlocks caused by single-instance
TA") introduces a lock that allows only one single instance TA to be
executing at any time. While it does address the risk of deadlock that
can arise when several single instance TAs call each other, it also
puts a serious performance limitation on multi-core platforms, which
could otherwise execute several unrelated single instance TAs
simultaneously.

This commit makes the single instance lock optional. By setting
CFG_CONCURRENT_SINGLE_INSTANCE_TA=y, the lock is disabled and TAs are
allowed to run concurrently. In the future, we may implement a deadlock
detection algorithm; in the meantime, this simple solution should be
enough to cover the current use cases.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960)
CC: Zeng Tao <prime.zeng@hisilicon.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: crypto: add overflow check

In some use cases, the input value may cause add_overflow, this patch make
the xxx_to_binary functions reporting the overflow errors instead of just
let it to be voi

core: crypto: add overflow check

In some use cases, the input value may cause add_overflow, this patch make
the xxx_to_binary functions reporting the overflow errors instead of just
let it to be void, allowing the upper layer to deal with it.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Zeng Tao <prime.zeng@hisilicon.com>
[jf: fix typo in commit subject]
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

ltc: fix ccm_process() bug when input buffer is longer than 256 bytes

Upstream commit 08dee2735956 ("fixes #323 ccm_process fails to process
input buffer longer than 256").

Link: https://github.com

ltc: fix ccm_process() bug when input buffer is longer than 256 bytes

Upstream commit 08dee2735956 ("fixes #323 ccm_process fails to process
input buffer longer than 256").

Link: https://github.com/libtom/libtomcrypt/pull/326
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

build: simplify mv-if-changed

In mv-if-changed(file1, file2), there is no need to check if file2
exists before trying to compare both files. Indeed, if file2 does not
exist, cmp -s will return non-z

build: simplify mv-if-changed

In mv-if-changed(file1, file2), there is no need to check if file2
exists before trying to compare both files. Indeed, if file2 does not
exist, cmp -s will return non-zero and the second branch of the
conditional will be taken anyway.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

mk/aosp_optee.mk: define OPTEE_BIN for path of tee.bin

so that other android projects could use OPTEE_BIN
as the dependency instead of the old BUILD_OPTEE_OS target.

Ths is workaround for the probl

mk/aosp_optee.mk: define OPTEE_BIN for path of tee.bin

so that other android projects could use OPTEE_BIN
as the dependency instead of the old BUILD_OPTEE_OS target.

Ths is workaround for the problem with following with aosp master:
external/optee_test/Android.mk: error: xtest: LOCAL_ADDITIONAL_DEPENDENCIES must only contain paths (not module names)

Reviewed-by: Victor Chong <victor.chong@linaro.org>

Tested by: Victor Chong <victor.chong@linaro.org> (hikey aosp)
Tested-by: Yongqin Liu <yongqin.liu@linaro.org> (hikey aosp master)

Signed-off-by: Yongqin Liu <yongqin.liu@linaro.org>

show more ...

core: asan: empty __asan_handle_no_return()

It seems __asan_handle_no_return() isn't called when a __noreturn
function returns, instead it's called before the function is called. So
empty the __asa

core: asan: empty __asan_handle_no_return()

It seems __asan_handle_no_return() isn't called when a __noreturn
function returns, instead it's called before the function is called. So
empty the __asan_handle_no_return() function to let __noreturn function
be called.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: asan_tag_access() ignore null ranges

asan_tag_access() should ignore null ranges to make tagging of areas
easier.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Je

core: asan_tag_access() ignore null ranges

asan_tag_access() should ignore null ranges to make tagging of areas
easier.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: fix version-o-cflags

Fixes version-o-cflags by adding $(cflagscore) to make sure that the
address sanitizer flags are used for this object file too.

Reviewed-by: Etienne Carriere <etienne.car

core: fix version-o-cflags

Fixes version-o-cflags by adding $(cflagscore) to make sure that the
address sanitizer flags are used for this object file too.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

qemu_virt: fix memory configuration

Fixes memory configuration inconsistency introduced with the coherent
memory area for QEMU virt with pager enabled.

Fixes: 5402a9fe46f9 ("qemu_virt: enable smp b

qemu_virt: fix memory configuration

Fixes memory configuration inconsistency introduced with the coherent
memory area for QEMU virt with pager enabled.

Fixes: 5402a9fe46f9 ("qemu_virt: enable smp boot")
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: pager: enable address sanitizer

Enables address sanitizer when pager is enabled.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@lina

core: pager: enable address sanitizer

Enables address sanitizer when pager is enabled.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: generic boot: tag paging access

When pager is enabled tag needed ranges accordingly.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@

core: generic boot: tag paging access

When pager is enabled tag needed ranges accordingly.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: generic boot: move init_asan()

Moves the section covered by #ifdef CFG_CORE_SANITIZE_KADDRESS to above
the #ifdef CFG_WITH_PAGER section to be able to later initialize address
sanitizer with p

core: generic boot: move init_asan()

Moves the section covered by #ifdef CFG_CORE_SANITIZE_KADDRESS to above
the #ifdef CFG_WITH_PAGER section to be able to later initialize address
sanitizer with pager enabled.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: thread: asan tag paged stacks

Tags paged stacks as accessible.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

core: pager: carve out asan shadow range

Carves out address sanitizer range used for bookkeeping.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wik

core: pager: carve out asan shadow range

Carves out address sanitizer range used for bookkeeping.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: asan: pager adoptions

Makes sure that __asan_register_globals is available during init.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wikland

core: asan: pager adoptions

Makes sure that __asan_register_globals is available during init.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: pager: asan adoptions

Tag temporary or allocated memory ranges to allow new accesses.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander

core: pager: asan adoptions

Tag temporary or allocated memory ranges to allow new accesses.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: kern.ld.S: put constructors in init

Makes sure that constructor functions are in the init section to be
available during initialization of OP-TEE.

Acked-by: Etienne Carriere <etienne.car

core: arm: kern.ld.S: put constructors in init

Makes sure that constructor functions are in the init section to be
available during initialization of OP-TEE.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: asan: provide asan_memcpy_unchecked()

Provides asan_memcpy_unchecked() which does a memcpy() that isn't
checked against the tagging in the ASAN shadow area. If ASAN isn't
enabled it's replaced

core: asan: provide asan_memcpy_unchecked()

Provides asan_memcpy_unchecked() which does a memcpy() that isn't
checked against the tagging in the ASAN shadow area. If ASAN isn't
enabled it's replaced by a direct call to memcpy().

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core; add MEM_AREA_TEE_ASAN

Adds MEM_AREA_TEE_ASAN which is used when pager is enabled to map the
memory used by the address sanitizer if enabled.

Currently this only works in configurations with t

core; add MEM_AREA_TEE_ASAN

Adds MEM_AREA_TEE_ASAN which is used when pager is enabled to map the
memory used by the address sanitizer if enabled.

Currently this only works in configurations with the pager where
emulated SRAM is used.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: pager: bugfix set_alias_area()

Fixes set_alias_area() to only take the supplied area, prior to this
the final page would have been included too.

Reviewed-by: Etienne Carriere <etienne.carrier

core: pager: bugfix set_alias_area()

Fixes set_alias_area() to only take the supplied area, prior to this
the final page would have been included too.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

tee: fix improper calloc usage

calloc() takes number of entries as first argument, and size of entry
as a second. There was several places, where argument order was
reversed.

Signed-off-by: Volodym

tee: fix improper calloc usage

calloc() takes number of entries as first argument, and size of entry
as a second. There was several places, where argument order was
reversed.

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

Replace struct prng_ops with function interface

Adds crypto_rng_add_entropy() and crypto_rng_read() replacing
struct prng_ops in crypto_ops.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.o

Replace struct prng_ops with function interface

Adds crypto_rng_add_entropy() and crypto_rng_read() replacing
struct prng_ops in crypto_ops.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: RPMB_FS: remember owner uuid

Prior to this patch was the owning uuid looked up via the current
session. The assumption that the uuid of the context of the current
session is the same as the o

core: RPMB_FS: remember owner uuid

Prior to this patch was the owning uuid looked up via the current
session. The assumption that the uuid of the context of the current
session is the same as the owner of a RPMB file doesn't hold any longer
after:
commit 078f18f82eeb ("core: RPMB FS: provide tee_rpmb_fs_raw_open()")
was introduced.

Instead the pointer to the uuid passed as the owner is stored in the
file handle and used as needed when encrypting/decrypting the file.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Fixes: https://github.com/OP-TEE/optee_os/issues/1780
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...