ltc: fix ccm_process() bug when input buffer is longer than 256 bytes

Upstream commit 08dee2735956 ("fixes #323 ccm_process fails to process
input buffer longer than 256").

Link: https://github.com

ltc: fix ccm_process() bug when input buffer is longer than 256 bytes

Upstream commit 08dee2735956 ("fixes #323 ccm_process fails to process
input buffer longer than 256").

Link: https://github.com/libtom/libtomcrypt/pull/326
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

build: simplify mv-if-changed

In mv-if-changed(file1, file2), there is no need to check if file2
exists before trying to compare both files. Indeed, if file2 does not
exist, cmp -s will return non-z

build: simplify mv-if-changed

In mv-if-changed(file1, file2), there is no need to check if file2
exists before trying to compare both files. Indeed, if file2 does not
exist, cmp -s will return non-zero and the second branch of the
conditional will be taken anyway.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

mk/aosp_optee.mk: define OPTEE_BIN for path of tee.bin

so that other android projects could use OPTEE_BIN
as the dependency instead of the old BUILD_OPTEE_OS target.

Ths is workaround for the probl

mk/aosp_optee.mk: define OPTEE_BIN for path of tee.bin

so that other android projects could use OPTEE_BIN
as the dependency instead of the old BUILD_OPTEE_OS target.

Ths is workaround for the problem with following with aosp master:
external/optee_test/Android.mk: error: xtest: LOCAL_ADDITIONAL_DEPENDENCIES must only contain paths (not module names)

Reviewed-by: Victor Chong <victor.chong@linaro.org>

Tested by: Victor Chong <victor.chong@linaro.org> (hikey aosp)
Tested-by: Yongqin Liu <yongqin.liu@linaro.org> (hikey aosp master)

Signed-off-by: Yongqin Liu <yongqin.liu@linaro.org>

show more ...

core: asan: empty __asan_handle_no_return()

It seems __asan_handle_no_return() isn't called when a __noreturn
function returns, instead it's called before the function is called. So
empty the __asa

core: asan: empty __asan_handle_no_return()

It seems __asan_handle_no_return() isn't called when a __noreturn
function returns, instead it's called before the function is called. So
empty the __asan_handle_no_return() function to let __noreturn function
be called.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: asan_tag_access() ignore null ranges

asan_tag_access() should ignore null ranges to make tagging of areas
easier.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Je

core: asan_tag_access() ignore null ranges

asan_tag_access() should ignore null ranges to make tagging of areas
easier.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: fix version-o-cflags

Fixes version-o-cflags by adding $(cflagscore) to make sure that the
address sanitizer flags are used for this object file too.

Reviewed-by: Etienne Carriere <etienne.car

core: fix version-o-cflags

Fixes version-o-cflags by adding $(cflagscore) to make sure that the
address sanitizer flags are used for this object file too.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

qemu_virt: fix memory configuration

Fixes memory configuration inconsistency introduced with the coherent
memory area for QEMU virt with pager enabled.

Fixes: 5402a9fe46f9 ("qemu_virt: enable smp b

qemu_virt: fix memory configuration

Fixes memory configuration inconsistency introduced with the coherent
memory area for QEMU virt with pager enabled.

Fixes: 5402a9fe46f9 ("qemu_virt: enable smp boot")
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: pager: enable address sanitizer

Enables address sanitizer when pager is enabled.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@lina

core: pager: enable address sanitizer

Enables address sanitizer when pager is enabled.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: generic boot: tag paging access

When pager is enabled tag needed ranges accordingly.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@

core: generic boot: tag paging access

When pager is enabled tag needed ranges accordingly.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: generic boot: move init_asan()

Moves the section covered by #ifdef CFG_CORE_SANITIZE_KADDRESS to above
the #ifdef CFG_WITH_PAGER section to be able to later initialize address
sanitizer with p

core: generic boot: move init_asan()

Moves the section covered by #ifdef CFG_CORE_SANITIZE_KADDRESS to above
the #ifdef CFG_WITH_PAGER section to be able to later initialize address
sanitizer with pager enabled.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: thread: asan tag paged stacks

Tags paged stacks as accessible.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

core: pager: carve out asan shadow range

Carves out address sanitizer range used for bookkeeping.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wik

core: pager: carve out asan shadow range

Carves out address sanitizer range used for bookkeeping.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: asan: pager adoptions

Makes sure that __asan_register_globals is available during init.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wikland

core: asan: pager adoptions

Makes sure that __asan_register_globals is available during init.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: pager: asan adoptions

Tag temporary or allocated memory ranges to allow new accesses.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander

core: pager: asan adoptions

Tag temporary or allocated memory ranges to allow new accesses.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: kern.ld.S: put constructors in init

Makes sure that constructor functions are in the init section to be
available during initialization of OP-TEE.

Acked-by: Etienne Carriere <etienne.car

core: arm: kern.ld.S: put constructors in init

Makes sure that constructor functions are in the init section to be
available during initialization of OP-TEE.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: asan: provide asan_memcpy_unchecked()

Provides asan_memcpy_unchecked() which does a memcpy() that isn't
checked against the tagging in the ASAN shadow area. If ASAN isn't
enabled it's replaced

core: asan: provide asan_memcpy_unchecked()

Provides asan_memcpy_unchecked() which does a memcpy() that isn't
checked against the tagging in the ASAN shadow area. If ASAN isn't
enabled it's replaced by a direct call to memcpy().

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core; add MEM_AREA_TEE_ASAN

Adds MEM_AREA_TEE_ASAN which is used when pager is enabled to map the
memory used by the address sanitizer if enabled.

Currently this only works in configurations with t

core; add MEM_AREA_TEE_ASAN

Adds MEM_AREA_TEE_ASAN which is used when pager is enabled to map the
memory used by the address sanitizer if enabled.

Currently this only works in configurations with the pager where
emulated SRAM is used.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: pager: bugfix set_alias_area()

Fixes set_alias_area() to only take the supplied area, prior to this
the final page would have been included too.

Reviewed-by: Etienne Carriere <etienne.carrier

core: pager: bugfix set_alias_area()

Fixes set_alias_area() to only take the supplied area, prior to this
the final page would have been included too.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

tee: fix improper calloc usage

calloc() takes number of entries as first argument, and size of entry
as a second. There was several places, where argument order was
reversed.

Signed-off-by: Volodym

tee: fix improper calloc usage

calloc() takes number of entries as first argument, and size of entry
as a second. There was several places, where argument order was
reversed.

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

Replace struct prng_ops with function interface

Adds crypto_rng_add_entropy() and crypto_rng_read() replacing
struct prng_ops in crypto_ops.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.o

Replace struct prng_ops with function interface

Adds crypto_rng_add_entropy() and crypto_rng_read() replacing
struct prng_ops in crypto_ops.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: RPMB_FS: remember owner uuid

Prior to this patch was the owning uuid looked up via the current
session. The assumption that the uuid of the context of the current
session is the same as the o

core: RPMB_FS: remember owner uuid

Prior to this patch was the owning uuid looked up via the current
session. The assumption that the uuid of the context of the current
session is the same as the owner of a RPMB file doesn't hold any longer
after:
commit 078f18f82eeb ("core: RPMB FS: provide tee_rpmb_fs_raw_open()")
was introduced.

Instead the pointer to the uuid passed as the owner is stored in the
file handle and used as needed when encrypting/decrypting the file.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Fixes: https://github.com/OP-TEE/optee_os/issues/1780
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: fix access conflict status in rpmb fs that panics TA

According to the GPD TEE Internal Core API specs, when creating
an existing persistent object without the overwrite flag, the OS
should ret

core: fix access conflict status in rpmb fs that panics TA

According to the GPD TEE Internal Core API specs, when creating
an existing persistent object without the overwrite flag, the OS
should return a TEE_ERROR_ACCESS_CONFLICT status.

This change fixes the RPMB FS layer. An effect of this correction
is that before this change, OS panicked TAs that requested such
forbidden object creation, as a TEE_ERROR_BAD_PARAMETERS return
value is considered by the API as an unexpected status.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)

show more ...

core: arm32: reset_secondary() set reset vector

Sets reset vector in reset_secondary() to trap unexpected exceptions.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jens Wik

core: arm32: reset_secondary() set reset vector

Sets reset vector in reset_secondary() to trap unexpected exceptions.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU v7/v8)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm32: replace _start with reset() function

Renames _start to reset_vect_table and renames reset() to _start() in
order to avoid pulling in too much unpaged code via
reset_secondary()/cpu_on_h

core: arm32: replace _start with reset() function

Renames _start to reset_vect_table and renames reset() to _start() in
order to avoid pulling in too much unpaged code via
reset_secondary()/cpu_on_handler().

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Keep assembly functions in separate sections

To get a more fine grained selection of which area (init, paged,
unpaged) an assembly function is assigned do the equivalent of
-ffunction-sections but i

Keep assembly functions in separate sections

To get a more fine grained selection of which area (init, paged,
unpaged) an assembly function is assigned do the equivalent of
-ffunction-sections but in assembly.

Some functions has to be in specific places in the binary for a
successful boot, link script is updated accordingly.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...