Rename .bss.prebss.* sections to .nozi.*

Renames .bss.prebss.* sections to .nozi.* to be clear that it's
not a "subsection" of .bss and also make the matching in the link
script easier.

plat-vexpre

Rename .bss.prebss.* sections to .nozi.*

Renames .bss.prebss.* sections to .nozi.* to be clear that it's
not a "subsection" of .bss and also make the matching in the link
script easier.

plat-vexpress:
* The .nozi section is moved after the .bss section
* The padding added before .nozi by the linker is recorded to
make it possible to do something useful with the otherwise
wasted memory

Reviewed-by: Etienne Carriere <etienne.carriere@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org> (STM platform)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (FVP platform)

show more ...

Remove some assembly files

Removes kta_table_unpg_asm.S,
Remove tee_pager_unpg_asm.S
Removes tee_mmu_unpg_asm.S
* Replaces assembly implementation of tee_mmu_switch()
with a C version
* Replaces c

Remove some assembly files

Removes kta_table_unpg_asm.S,
Remove tee_pager_unpg_asm.S
Removes tee_mmu_unpg_asm.S
* Replaces assembly implementation of tee_mmu_switch()
with a C version
* Replaces calls to tee_mmu_invtlb_asid with
secure_mmu_unifiedtlbinv_byasid

Reviewed-by: Etienne Carriere <etienne.carriere@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

Optimize mmu handling

Previously there was two complete L1 mmu tables where one was only
used when kernel mapping was active and the other when user mapping
was active too. In addition to that there

Optimize mmu handling

Previously there was two complete L1 mmu tables where one was only
used when kernel mapping was active and the other when user mapping
was active too. In addition to that there was several sets of L2 mmu
tables which where unused.

Now there's only one complete L1 mmu table shared by all CPUs. There's
one small L1 mmu table for each thread used to keep user mappings. The
small L1 mmu tables takes each 128 bytes and can spans 32 MiB of
virtual memory.

This change saves memory ~32 KiB, but also prepares for multiprocessing
since each thread has its own user mapping.

Due to the change of mmu table handling many low level assembly and C
functions are changed, and some even removed.

Reviewed-by: Etienne Carriere <etienne.carriere@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

thread: check cpsr after fast handler

Asserts that a fast handler hasn't cleared the I, F or A bits
in CPSR.

Reviewed-by: Etienne Carriere <etienne.carriere@st.com>
Reviewed-by: Pascal Brand <pasca

thread: check cpsr after fast handler

Asserts that a fast handler hasn't cleared the I, F or A bits
in CPSR.

Reviewed-by: Etienne Carriere <etienne.carriere@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

travis plat-vexpress: adding flavor qemu_virt

Adds plat-vexpress flagvor qemu_virt to Travis CI builds

Reviewed-by: Etienne Carriere <etienne.carriere@st.com>
Reviewed-by: Pascal Brand <pascal.bran

travis plat-vexpress: adding flavor qemu_virt

Adds plat-vexpress flagvor qemu_virt to Travis CI builds

Reviewed-by: Etienne Carriere <etienne.carriere@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

plat-vexpress: add qemu_virt flavor

Reviewed-by: Etienne Carriere <etienne.carriere@st.com>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

CCM Authentication optimization

CCM is now optimized. Instead of being computed twice,
libtomcrypt code has been optimized so that classical ccm_init, ccm_process,...
can be used incrementally (wh

CCM Authentication optimization

CCM is now optimized. Instead of being computed twice,
libtomcrypt code has been optimized so that classical ccm_init, ccm_process,...
can be used incrementally (when the whole stream is not available when
starting the authentication).
CCM way of proceeding is now very closed to GCM authentication.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

various minor cleanups

- Remove unused assembly routines "secure_mmu_xxx".
- arm32/plat-stm:
. move platform stm definitions of CFG_TEE_xxx configs from conf.mk to
system_config.in
. emit er

various minor cleanups

- Remove unused assembly routines "secure_mmu_xxx".
- arm32/plat-stm:
. move platform stm definitions of CFG_TEE_xxx configs from conf.mk to
system_config.in
. emit error in case some configuration variables are not defined
.Remove deprecated macro _USE_SLAPORT_LIB
- Comment message format

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

plat-vexpress: build with -mfloat-abi=soft

OP-TEE on plat-vexpress does not support Neon. This patch prevents generating
Neon instructions when the cross-compiler is configured to use
'-mfloat-abi=h

plat-vexpress: build with -mfloat-abi=soft

OP-TEE on plat-vexpress does not support Neon. This patch prevents generating
Neon instructions when the cross-compiler is configured to use
'-mfloat-abi=hard' by default (such as arm-linux-gnueabihf-gcc).

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Time initialization performed in init_teecore()

Time initialization was performed in specific platform initialization
main_init_helper() function. It is now performed in the generic arm32
initializa

Time initialization performed in init_teecore()

Time initialization was performed in specific platform initialization
main_init_helper() function. It is now performed in the generic arm32
initialization init_teecore() function.

Signed-off-by: Pascal Brand <pascal.brand@st.com>
Reviewed-by: Joakim Bech joakim.bech@linaro.org
Reviewed-by: Jens Wiklander jens.wiklander@linaro.org

show more ...

Remove SW version of the RNG which is not secure enough

Reviewed-by: Jens Wiklander jens.wiklander@linaro.org
Signed-off-by: Pascal Brand <pascal.brand@st.com>

CFG_TEE_CORE_LOG_LEVEL=0 DEBUG=0 is now up in Travis

Reviewed-by: Jens Wiklander jens.wiklander@linaro.org
Signed-off-by: Pascal Brand <pascal.brand@st.com>

Drivers gic and uart are optional

Platforms stm do not use gic and uart drivers, whereas vexpress (fvp / qemu)
does. So the conf.mk of the latter case defines the following:
WITH_UART_DRV := y

Drivers gic and uart are optional

Platforms stm do not use gic and uart drivers, whereas vexpress (fvp / qemu)
does. So the conf.mk of the latter case defines the following:
WITH_UART_DRV := y
WITH_GIC_DRV := y

Reviewed-by: Joakim Bech joakim.bech@linaro.org
Reviewed-by: Jens Wiklander jens.wiklander@linaro.org
Signed-off-by: Pascal Brand <pascal.brand@st.com>

show more ...

"Dirty tests" renamed in "self tests"

Reviewed-by: Jens Wiklander jens.wiklander@linaro.org
Reviewed-by: Joakim Bech joakim.bech@linaro.org
Signed-off-by: Pascal Brand <pascal.brand@st.com>

Added script for setting up FVP and OP-TEE

The script will clone and download all needed Git's to run OP-TEE using
FVP (Foundation Models). The first time a user runs the script it will
acquire the

Added script for setting up FVP and OP-TEE

The script will clone and download all needed Git's to run OP-TEE using
FVP (Foundation Models). The first time a user runs the script it will
acquire the needed software from various sources. This is followed by
configuring and building all needed components. In every sub-step there
will be a script created that could be used when building a component
later on.

There are some inter-dependencies between the software components. This
means that the developer using this setup must either now about the
inter-dependencies or if not sure, the developer could build everything
using two general helper scripts in the following order:
1) build_secure.sh
2) build_normal.sh

When a user needs to add new files to the root filesystem, he must
update the file "gen_rootfs/filelist-tee.txt".

Some developers might also have access to a Git containing tests
designed for testing OP-TEE functionality. In such case, the developer
can update the script so it matches the users login name (Linaro
account). If such access is granted there will also be tests built and
added by default when running this script.

Reviewed-by: Pascal Brand pascal.brand@linaro.org
Reviewed-by: Jens Wiklander jens.wiklander@linaro.org

show more ...

fvp: enable uart1 fiq

Configures UART1/GIC to generate a FIQ when there's input on
UART1.

gic: bugfix probe_max_it

Clean tz_proc.S

* Removes some unused functions
* Converts a few mcr/mrc instructions to use macros from
arm32_macros.S instead.

tee_mmu_is_mapped cleanup

Remove unused global variable

Remove unused functions

teesmc: cleanup teesmc.h

teesmc: sync with ARM Trusted Firmware

Remove unused tee_sleep_services.*

Reenable warnings for all non-3rd party code

* Reenables warnings for all non-3rd party code
* Renames dprintf macro to dprintf_level