core: init FS key manager late

Switches to service_init_late() to initialize FS key manager as it
depends on the tee_cryp_init service init call.

Reviewed-by: Jerome Forissier <jerome.forissier@lin

core: init FS key manager late

Switches to service_init_late() to initialize FS key manager as it
depends on the tee_cryp_init service init call.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add late service_init and driver_init

Adds service_init_late() for init calls that depends on other services.
Adds driver_init_late() for init calls that depends on other drivers.

Reviewed-by

core: add late service_init and driver_init

Adds service_init_late() for init calls that depends on other services.
Adds driver_init_late() for init calls that depends on other drivers.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

travis: exclude some paths when running the coding style tool

OP-TEE contains code imported from Open Source libraries or
designed to comply with GlobalPlatform specifications. Such code will
trigge

travis: exclude some paths when running the coding style tool

OP-TEE contains code imported from Open Source libraries or
designed to comply with GlobalPlatform specifications. Such code will
trigger checkpatch.pl errors whenever the Linux kernel coding rules are
violated. Such message are useless and actually make the CI loop look
like the builds are failing when they are actually correct.

To fix this, add a list of directories that should be ignored by
'git format-patch' when producing the diff fed into checkpatch.pl.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Suggested-by: David Brown <david.brown@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>

show more ...

core debug: update travis build tests

This change updates travis build tests on default 'qemu' target.
Test all core trace verbosity levels.
Test minimal and disabled core debug features with optee

core debug: update travis build tests

This change updates travis build tests on default 'qemu' target.
Test all core trace verbosity levels.
Test minimal and disabled core debug features with optee core big
features enable (pager, rpmb, fdt, lpae).

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Etienne Carriere <etienne.carriere@linaro.org> (qemu_v7/v8)

show more ...

core debug: no CFG_TEE_CORE_DEBUG enables NDEBUG

Suggested-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Etienne Carriere <e

core debug: no CFG_TEE_CORE_DEBUG enables NDEBUG

Suggested-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Etienne Carriere <etienne.carriere@linaro.org> (qemu_v7/v8)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core debug: cleanup CFG_TEE_CORE_DEBUG

Fix inconsistencies in CFG_TEE_CORE_DEBUG. This change proposes to
define CFG_TEE_CORE_DEBUG as a y/n directive.

This change also fixes the comment describing

core debug: cleanup CFG_TEE_CORE_DEBUG

Fix inconsistencies in CFG_TEE_CORE_DEBUG. This change proposes to
define CFG_TEE_CORE_DEBUG as a y/n directive.

This change also fixes the comment describing DEBUG directive.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Etienne Carriere <etienne.carriere@linaro.org> (qemu_v7/v8)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Enable static TA and core self tests..

..for all platforms by setting

CFG_TEE_CORE_EMBED_INTERNAL_TESTS ?= y

in mk/config.mk.

Signed-off-by: Victor Chong <victor.chong@linaro.org>
Suggested-by: J

Enable static TA and core self tests..

..for all platforms by setting

CFG_TEE_CORE_EMBED_INTERNAL_TESTS ?= y

in mk/config.mk.

Signed-off-by: Victor Chong <victor.chong@linaro.org>
Suggested-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Travis: build with CFG_SQL_FS=y

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>
Revi

Travis: build with CFG_SQL_FS=y

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

secure storage: move common RPC code to its own file

The REE and SQL filesystems use similar RPC calls to tee-supplicant,
only with a different command ID. Move the code to a common file.

Signed-of

secure storage: move common RPC code to its own file

The REE and SQL filesystems use similar RPC calls to tee-supplicant,
only with a different command ID. Move the code to a common file.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

secure storage: add SQL filesystem

This commit adds a new container type for trusted storage: SQL FS.
Data are stored in the non-secure world, just like the REE FS
(CFG_REE_FS). But, unlike REE FS w

secure storage: add SQL filesystem

This commit adds a new container type for trusted storage: SQL FS.
Data are stored in the non-secure world, just like the REE FS
(CFG_REE_FS). But, unlike REE FS which manipulates several files for
each secure object, this implementation needs only one container in a
SQLite database per secure object. We rely on the transaction-based
nature of the database to provide atomicity.

A storage identifier is added to the TA API: TEE_STORAGE_PRIVATE_SQL.
Trusted applications can use it to select this filesystem. The value
TEE_STORAGE_PRIVATE defined by GlobalPlatform will also select the
SQL FS if all other implementations are disabled.

This feature is enabled with CFG_SQL_FS=y. It depends on SQL support
in tee-supplicant [1].

[1] https://github.com/OP-TEE/optee_client/pull/50

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey)
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

secure storage: make sure we don't try to delete a NULL file

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: David Brown

secure storage: make sure we don't try to delete a NULL file

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

secure storage: add flag TEE_FS_S_IXUSR and use it

This flag should logically be set on directories so that they can be
traversed.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Revi

secure storage: add flag TEE_FS_S_IXUSR and use it

This flag should logically be set on directories so that they can be
traversed.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

secure storage: use absolute paths

Update the functions that create file and directory paths so that they
always output a leading slash, meaning an absolute path in the
underlying filesystem. In add

secure storage: use absolute paths

Update the functions that create file and directory paths so that they
always output a leading slash, meaning an absolute path in the
underlying filesystem. In addition to being cleaner, this can avoid
path manipulations in the lower-level code. For instance, code using
libsqlfs in tee-supplicant can use the path as-is. It does not make a
difference with code that would prepend a more complex path anyway.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

secure storage: move TEE_FS_MODE_* constants out of tee_fs_defs.h

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: David B

secure storage: move TEE_FS_MODE_* constants out of tee_fs_defs.h

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

docs: Sort all prerequisites in alphabetic order

Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: David Brown <david.brown@lin

docs: Sort all prerequisites in alphabetic order

Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>

show more ...

docs: Add more prerequisites

On Ubuntu 16.04.1, there are a few more packages needed to be able to
run `make menuconfig` on Linux kernel.

Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Reviewe

docs: Add more prerequisites

On Ubuntu 16.04.1, there are a few more packages needed to be able to
run `make menuconfig` on Linux kernel.

Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>

show more ...

Change the access right from w to r in virt_to_phy

Currently we are using the write_ats1cpw to do the
virt_to_phys translation, but when the input address
is readonly, the translation will fail, fix

Change the access right from w to r in virt_to_phy

Currently we are using the write_ats1cpw to do the
virt_to_phys translation, but when the input address
is readonly, the translation will fail, fix it using
write_ats1cpr.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Zeng Tao <prime.zeng@huawei.com>

show more ...

drivers: hi16xx_uart: cleanup

- The FIFOs are automatically cleared when FIFO mode is enabled, so
don't use (UART_FCR_RX_FIFO_RST | UART_FCR_TX_FIFO_RST).
- hi16xx_uart_putc() waits for the TX FIFO

drivers: hi16xx_uart: cleanup

- The FIFOs are automatically cleared when FIFO mode is enabled, so
don't use (UART_FCR_RX_FIFO_RST | UART_FCR_TX_FIFO_RST).
- hi16xx_uart_putc() waits for the TX FIFO to be empty before pushing
a new character. It is a good thing to avoid losing several characters
when the control is transferred to another piece of software which may
be resetting the UART (such as the Linux kernel). Therefore, remove the
commented out code which deals with "TX FIFO not full".

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: hi16xx_uart: remove useless dsb()'s

Since we use write32() to operate on device memory, accesses are
necessarily ordered and there is no need for data synchronization
barriers.

Signed-off-

drivers: hi16xx_uart: remove useless dsb()'s

Since we use write32() to operate on device memory, accesses are
necessarily ordered and there is no need for data synchronization
barriers.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

arm32: AES using ARMv8-A cryptographic extensions

Add AES acceleration to LibTomCrypt in 32-bit mode using ARMv8
Cryptographic Extensions. Enabled when CFG_CRYPTO_AES_ARM32_CE=y.

The ARMv8 CE assem

arm32: AES using ARMv8-A cryptographic extensions

Add AES acceleration to LibTomCrypt in 32-bit mode using ARMv8
Cryptographic Extensions. Enabled when CFG_CRYPTO_AES_ARM32_CE=y.

The ARMv8 CE assembler code comes from the Linux kernel's
arch/arm64/crypto/aes-ce-core.S (contributed by Ard Biesheuvel,
Linaro) with minor updates:

- Removed the alignment hints in vld1/vst1 operations, for instance
'vld1.8 {q1}, [r1, :64]!' becomes 'vld1.8 {q1}, [r1]!'. This is
required because the input and output buffers may not be 8-byte
aligned.
- ce_aes_ctr_encrypt(): do not increment the counter on the first block
because the C wrapper already did. Do not increment the counter after
the last block has been processed either, because the C wrapper will do
it before calling ce_aes_ctr_encrypt() again.
- aes_xts_decrypt(): drop the 'first' parameter which is not used (it
would always be set to 1 by the caller).

Tested on HiKey with xtest [1] for functional tests and aes-perf [2] for
speed. In the table below, a mode name followed by a '+' means
accelerated with crypto extensions, while no '+' is with acceleration
disabled (i.e., CFG_CRYPTO_AES_ARM32_CE=n).

Average encryption speed (MiB/s):

Size | Mode
(KiB) | ECB CBC CTR XTS ECB+ CBC+ CTR+ XTS+
------+--------------------------------------------------
1 | 14.9 12.7 12.3 10.9 33.8 32.7 33.3 29.1
2 | 18.2 15.4 14.9 13.3 65.0 60.9 62.6 55.4
4 | 20.8 17.3 16.6 15.0 119.3 106.0 112.6 101.0
8 | 22.4 18.2 17.6 16.0 201.6 166.5 182.3 166.7
16 | 23.3 19.0 18.1 16.6 308.1 232.9 264.3 248.3
32 | 23.8 19.3 18.4 16.9 427.7 295.1 346.4 335.1
64 | 24.0 19.5 18.6 17.1 532.8 341.3 411.0 407.6
128 | 24.2 19.6 18.7 17.2 608.1 371.3 454.9 457.5
256 | 24.2 19.6 18.7 17.1 624.4 382.0 463.5 481.6
512 | 24.0 19.4 18.6 17.1 658.8 389.6 477.3 498.3

[1] https://github.com/OP-TEE/optee_test
[2] https://github.com/linaro-swg/aes-perf.git

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

arm64: libtomcrypt: rename AES CE files

aes_arm64_ce.c contains wrapper code for the assembly routines that
implement AES using the ARMv8-A cryptographic extensions. It is
currently used only in 64-

arm64: libtomcrypt: rename AES CE files

aes_arm64_ce.c contains wrapper code for the assembly routines that
implement AES using the ARMv8-A cryptographic extensions. It is
currently used only in 64-bit builds, but could be used for 32-bits
as well. So, rename it to aes_armv8a_ce.c to better reflect its content
and prepare for 32-bit support. Also rename the 64-bit assembly file
(aes_modes_arm64_ce_a64.S -> aes_modes_armv8a_ce_a64.S) for
consistency.
Note: this naming scheme (xyz_armv8a_ce.c / xyz_armv8a_ce_a{32,64}.S)
is already used for SHA1 and SHA2.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

arm64: libtomcrypt: move inline assembly to .S file

In order to be able to re-use aes_arm64_ce.c for arm32, move all the
inline assembly to aes_modes_arm64_ce_a64.S.

Signed-off-by: Jerome Forissier

arm64: libtomcrypt: move inline assembly to .S file

In order to be able to re-use aes_arm64_ce.c for arm32, move all the
inline assembly to aes_modes_arm64_ce_a64.S.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

travis: add CFG_* flags for new drivers

Adds CFG_TZC400=y CFG_PS2MOUSE=y CFG_PL050=y CFG_PL111=y to build
new drivers.

Reviewed-by: etienne carriere <etienne.carriere@linaro.org>
Reviewed-by: David

travis: add CFG_* flags for new drivers

Adds CFG_TZC400=y CFG_PS2MOUSE=y CFG_PL050=y CFG_PL111=y to build
new drivers.

Reviewed-by: etienne carriere <etienne.carriere@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-vexpress: configure tzc400 driver if enabled

Configures the tzc400 driver if CFG_TZC400 is y.

Reviewed-by: etienne carriere <etienne.carriere@linaro.org>
Reviewed-by: David Brown <david.brown@

plat-vexpress: configure tzc400 driver if enabled

Configures the tzc400 driver if CFG_TZC400 is y.

Reviewed-by: etienne carriere <etienne.carriere@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU, FVP)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add tzc400 driver

Reviewed-by: etienne carriere <etienne.carriere@linaro.org>
Reviewed-by: David Brown <david.brown@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>