| /optee_os/ta/qcom_pas/src/ |
| H A D | qcom_pas.c | abca35a69f9bea0496cf05e025c3c36e6d5ea68b Tue Mar 31 09:21:54 UTC 2026 Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com> ta: pas: Add Qualcomm PAS TA
Certificate chain validation requires substantial parsing, which is not
suitable for the constrained S-EL1 environment. While signature
verification is supported by the crypto API, extending the TEE core/PTA
to handle full chain parsing would increase complexity and TCB size.
Move certificate validation to a user TA, keeping the PTA for platform
operations (PAS control, firmware loading, resets). This allows reuse of
existing parsing libraries and keeps the core minimal.
Signed-off-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
|
| H A D | user_ta_header_defines.h | abca35a69f9bea0496cf05e025c3c36e6d5ea68b Tue Mar 31 09:21:54 UTC 2026 Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com> ta: pas: Add Qualcomm PAS TA
Certificate chain validation requires substantial parsing, which is not
suitable for the constrained S-EL1 environment. While signature
verification is supported by the crypto API, extending the TEE core/PTA
to handle full chain parsing would increase complexity and TCB size.
Move certificate validation to a user TA, keeping the PTA for platform
operations (PAS control, firmware loading, resets). This allows reuse of
existing parsing libraries and keeps the core minimal.
Signed-off-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
|
| H A D | sub.mk | abca35a69f9bea0496cf05e025c3c36e6d5ea68b Tue Mar 31 09:21:54 UTC 2026 Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com> ta: pas: Add Qualcomm PAS TA
Certificate chain validation requires substantial parsing, which is not
suitable for the constrained S-EL1 environment. While signature
verification is supported by the crypto API, extending the TEE core/PTA
to handle full chain parsing would increase complexity and TCB size.
Move certificate validation to a user TA, keeping the PTA for platform
operations (PAS control, firmware loading, resets). This allows reuse of
existing parsing libraries and keeps the core minimal.
Signed-off-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
|
| /optee_os/ta/qcom_pas/ |
| H A D | Makefile | abca35a69f9bea0496cf05e025c3c36e6d5ea68b Tue Mar 31 09:21:54 UTC 2026 Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com> ta: pas: Add Qualcomm PAS TA
Certificate chain validation requires substantial parsing, which is not
suitable for the constrained S-EL1 environment. While signature
verification is supported by the crypto API, extending the TEE core/PTA
to handle full chain parsing would increase complexity and TCB size.
Move certificate validation to a user TA, keeping the PTA for platform
operations (PAS control, firmware loading, resets). This allows reuse of
existing parsing libraries and keeps the core minimal.
Signed-off-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
|
| H A D | sub.mk | abca35a69f9bea0496cf05e025c3c36e6d5ea68b Tue Mar 31 09:21:54 UTC 2026 Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com> ta: pas: Add Qualcomm PAS TA
Certificate chain validation requires substantial parsing, which is not
suitable for the constrained S-EL1 environment. While signature
verification is supported by the crypto API, extending the TEE core/PTA
to handle full chain parsing would increase complexity and TCB size.
Move certificate validation to a user TA, keeping the PTA for platform
operations (PAS control, firmware loading, resets). This allows reuse of
existing parsing libraries and keeps the core minimal.
Signed-off-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
|
| H A D | user_ta.mk | abca35a69f9bea0496cf05e025c3c36e6d5ea68b Tue Mar 31 09:21:54 UTC 2026 Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com> ta: pas: Add Qualcomm PAS TA
Certificate chain validation requires substantial parsing, which is not
suitable for the constrained S-EL1 environment. While signature
verification is supported by the crypto API, extending the TEE core/PTA
to handle full chain parsing would increase complexity and TCB size.
Move certificate validation to a user TA, keeping the PTA for platform
operations (PAS control, firmware loading, resets). This allows reuse of
existing parsing libraries and keeps the core minimal.
Signed-off-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
|
| /optee_os/ta/qcom_pas/include/ |
| H A D | ta_qcom_pas.h | abca35a69f9bea0496cf05e025c3c36e6d5ea68b Tue Mar 31 09:21:54 UTC 2026 Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com> ta: pas: Add Qualcomm PAS TA
Certificate chain validation requires substantial parsing, which is not
suitable for the constrained S-EL1 environment. While signature
verification is supported by the crypto API, extending the TEE core/PTA
to handle full chain parsing would increase complexity and TCB size.
Move certificate validation to a user TA, keeping the PTA for platform
operations (PAS control, firmware loading, resets). This allows reuse of
existing parsing libraries and keeps the core minimal.
Signed-off-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
|
| /optee_os/core/pta/qcom/pas/ |
| H A D | pta_qcom_pas.c | abca35a69f9bea0496cf05e025c3c36e6d5ea68b Tue Mar 31 09:21:54 UTC 2026 Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com> ta: pas: Add Qualcomm PAS TA
Certificate chain validation requires substantial parsing, which is not
suitable for the constrained S-EL1 environment. While signature
verification is supported by the crypto API, extending the TEE core/PTA
to handle full chain parsing would increase complexity and TCB size.
Move certificate validation to a user TA, keeping the PTA for platform
operations (PAS control, firmware loading, resets). This allows reuse of
existing parsing libraries and keeps the core minimal.
Signed-off-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
|