| Age | Commit message (Collapse) | Author |
|---|
|
Helper functions for serial arguments that expect memory allocation.
Reviewed-by: Ricardo Salveti <ricardo@foundries.io>
Co-developed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Helper function to add attributes in serial list of object
attributes in PKCS11 TA.
Reviewed-by: Ricardo Salveti <ricardo@foundries.io>
Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
[jw: change return types to enum pkcs11_rc]
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Add missing user authentication commands id-to-string conversion.
Add new import/destroy commands id-to-string conversion.
Reviewed-by: Ricardo Salveti <ricardo@foundries.io>
Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Add commands PKCS11_CMD_IMPORT_OBJECT and PKCS11_CMD_DESTROY_OBJECT
in enum pkcs11_ta_cmd.
Reviewed-by: Ricardo Salveti <ricardo@foundries.io>
Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Add PKCS11_PROCESSING_IMPORT and PKCS11_CKM_UNDEFINED_ID in
enum pkcs11_mechanism_id.
Reviewed-by: Ricardo Salveti <ricardo@foundries.io>
Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Add attributes/class/key type IDs in TA API.
Reviewed-by: Ricardo Salveti <ricardo@foundries.io>
Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Define the ABI used to exchange attributes and lists of attributes
between the PKCS11 TA and its client.
Reviewed-by: Ricardo Salveti <ricardo@foundries.io>
Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
The type of params[1] is changed to OUT to match the expected params in
tee-supplicant's tee_fs_rpc_readdir, so calls to tee_fs_rpc_readdir
won't fail with TEE_ERROR_BAD_PARAMETERS.
Signed-off-by: Roland Nagy <rnagy@xmimx.tk>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
GitHub reports [1]:
The workflow is not valid.
.github/workflows/stales.yml (Line: 2, Col: 1): Unexpected value
'description'
This commit removes the description: line to fix the issue and moves
additional text to the name: line.
Link: [1] https://github.com/OP-TEE/optee_os/actions/runs/156017617
Fixes: 50bbda3dd3b2 ("github: add a new actions/workflow file")
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
|
|
Instead of having two different workflow files, let's combine them into
a single file instead. This also updates the actions from v1.0 to
v3.0.7. This new workflow file also makes use of the 'exempt' feature
meaning that we can exclude issues and pull requests from being
automatically closed if they have a certain label. Here we have chosen
the labels "bug" and "enhancement".
Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
|
|
The same Clang 10 fix in commit 4d35ab6a0cef ("TA dev kit: clang: link
shared libraries with -z separate-loadable-segments") is needed for
locally built user space libraries when CFG_ULIBS_SHARED=y.
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
This patch adds a .gitattributes file to specify files that should
never end up in a distribution tarball.
Signed-off-by: Hu Keping <hukeping@huawei.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
assert not NULL before dereferencing in tee_pager_add_core_area().
Signed-off-by: Sander Visser <github@visser.se>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Issue detected by Cppcheck in internal_aes_gcm_ghash_update().
Issue mitigated by adding an argument check that prevents
passing a pointer on that is calculated with NULL as base.
Also fixed a cast in the same code lines to keep constness.
Signed-off-by: Sander Visser <github@visser.se>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Show 0 size for NULL message/cipher length.
Signed-off-by: Sander Visser <github@visser.se>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Fix memory leak in split_vm_region().
Signed-off-by: Sander Visser <github@visser.se>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Fix memory leak in ree_fs_ta_open().
Signed-off-by: Sander Visser <github@visser.se>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
The Linux kernel has recently increased maximum line length to 100, but
still recommends to stay under 80. So make sure the checkpatch still warn
when exceeding 80.
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
There are two lines of "CFG_STM32_RNG ?= y" in plat-stm32mp1/conf.mk.
Remove a duplicate one.
Signed-off-by: Che-Chia Chang <vivahavey@gmail.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
The Webasto common communication board version 2 (ccbv2) is a mx6ul
based custom board with 256MB of RAM and the communication done on
UART7.
Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Jerome Forissier <jerome@forissier.org>
|
|
Add a leading underscore to global functions: base64_dec(),
base64_enc(), base64_enc_len() to avoid the risk of conflicts with user
programs.
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
checkpatch warns about unnecessary parentheses, remove them.
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
libutee defines assembler wrapper functions for each OP-TEE system call.
These wrappers have a utee_ prefix. This commit adds a leading
underscore so that the names cannot clash with user-defined symbols.
Doing so is common practice for "system" libraries, as defined by the C
standard in a set of requirements that can be summarized as follows
(excerpt from the GNU libc documentation [1]):
[R]eserved names include all external identifiers (global functions
and variables) that begin with an underscore (‘_’) and all identifiers
regardless of use that begin with either two underscores or an
underscore followed by a capital letter are reserved names. This is so
that the library and header files can define functions, variables, and
macros for internal purposes without risk of conflict with names in
user programs.
The utee_*() wrappers are internal to OP-TEE and are not supposed to be
called directly by TAs so this should not have any user-visible impact.
Link: [1] https://www.gnu.org/software/libc/manual/html_node/Reserved-Names.html
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
When processing the memory map of a TA, it can happen that the ELF file
for a region is not found. One typical reason is a missing -d argument
on the command line (can easily happen when a TA uses shared libraries
for instance).
In the above case, the script crashes with no clear indication about
the cause. This commit fixes the crash by ignoring ELFs that are not
found. This is consistent with the general behavior of symbolize.py,
which is to always print out all the information it is fed and simply
augment it with debug information when possible.
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
|
|
unwind_arm64() currently does not check the value of the frame pointer
after it has done its job unwinding one frame. A NULL value indicates
the end of the call stack, and therefore the function should return
false to stop the caller from unwinding further (a do .. while loop is
used in print_stack_arm64()). Instead invalid values for FP and PC are
returned which causes an erroneous display and the unwind stops one
step too late, when the FP is found to be outside the stack.
Fixes the invalid last line in call stacks such as xtest 1019:
E/TC:? 0 TA panicked with code 0x0
E/LD: Status of TA 5b9e0e40-2636-11e1-ad9e-0002a5d5c51b
E/LD: arch: aarch64
[...]
E/LD: Call stack:
E/LD: 0x0000000080062a50
E/LD: 0x00000000801df848
E/LD: 0x00000000800631a8
E/LD: 0xfffffffffffffffc
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
All platforms but one (bcm-ns3) set CFG_WITH_STACK_CANARIES ?= y in
their configuration files. Move this flag to the global mk/config.mk
instead. Not sure it matters much, but in order to avoid any functional
change, CFG_WITH_STACK_CANARIES ?= n is added to plat-bcm/conf.mk.
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Several crypto tests fail when OP-TEE is built with Clang in non-debug
mode, more precisely with -Os. xtest numbers 4001, 4002, 4006 and 4014
are impacted.
The root cause is the shift operations in the ROTL(x, n) are undefined
when n > 32 because the values to shift are uint32_t, but the macro is
used with 0 <= n < 64.
By masking n with 0x1F (thus implementing a modulo 32), we continue
rotating the bits when n >= 32.
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
|
|
There are a few places where the value of thread_core_local::flags
does not reflect the stack being used, i.e., the temporary stack is
used but THREAD_CLF_TMP is not set or the opposite. In such cases,
get_stack_limits() would return invalid values. The consequence is a
debugging issue: no stack dump on core panic or abort.
This was found with the help of compiler instrumentation
(-finstrument-functions).
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Start and end of initialization for each CPU is important information
that deserves to be shown with I (information) severity rather than D
(debug). This is not done consistently, fix that.
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Implement CMAC for CAAM.
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Add a generic cryptographic driver CMAC interface connecting
TEE Crypto generic APIs to HW driver interface
Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Make sure input data of caam_cpy_block_src() is not empty.
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Initialize `algo_id` and `algo_md` variables to their final values at
declaration.
Remove useless `size_topost` variable assignment.
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Rename and export to local.h the following functions:
caam_cipher_initialize()
caam_cipher_free()
caam_cipher_copy_state()
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Introduce 'blocks' parameter for caam_cipher_block() function for
addtionnal data block to handle during cipher operations.
Add `enum caam_cipher_block` to describe these additionnal data blocks.
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
The function now returns an `enum caam_status`.
It also returns a boolean with realloc pointer : true if the buffer is
reallocated by the function, false otherwise.
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Move maximum job ring descriptor entries to local.h
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Tag core/drivers/imx_i2c driver as maintained.
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Clement Faure <clement.faure@nxp.com>
|
|
This driver provides native access to the I2C bus on iMX.
The driver will not query the clock hierarchy - to find the base clock
rate - because it overcomplicates the deliverable for not much added
value (this can be done at a later time if required).
The U-Boot and Linux GPL code was initially used as a reference;
however due to the simpler OP-TEE use case requirements, the code was
later re-written following the reference manual [1].
This driver will not access addresses within a I2C slave map.
This driver must not be used while the Linux kernel is running unless
the following is guaranteed:
- that the I2C bus will not be suspended.
- that there will not be collisions with other bus masters.
Without those guarantees, please use a trampoline driver to route the
I2C requests to Linux.
Tested on imx8mm-lpddr4.
[1] i.MX 8M Mini Applications Processor Reference Manual
Document Number: IMX8MMMRM
Rev.2 08/2019
Tested-by: Jorge Ramirez-Ortiz <jorge@foundries.io> (imx8mm)
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
|
|
Calls release_external_dt() via finalcalls instead of a direct call
in paged_init_primary().
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Adds call_finalcalls() called at the end of paged_init_primary() just
before switching to normal world boot. This allows separation of
initcalls and finalcalls needed by virtualization.
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Now that init_teecore() is only a wrapper around call_initcalls(), drop
that function and call call_initcalls() directly from
init_tee_runtime().
Also move the file to core/kernel/initcall.c since that's what it does.
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Calls fobj_generate_authenc_key() via initcalls instead of a direct call
in init_teecore().
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Calls time_source_init() via initcalls instead of a direct call in
init_teecore().
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Calls teecore_init_pub_ram() via initcalls instead of a direct call in
init_teecore().
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
tee_svc_uref_base is only needed with user TAs so move initialization to
init_user_ta() in order to simplify init_teecore().
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Adds debug prints when calling function. Enabled with DMSG() prints and
gives an output like:
D/TC:0 0 call_initcalls:30 level 3 check_ta_store()
D/TC:0 0 check_ta_store:635 TA store: "REE"
D/TC:0 0 call_initcalls:30 level 3 init_user_ta()
D/TC:0 0 call_initcalls:30 level 3 verify_pseudo_tas_conformance()
D/TC:0 0 call_initcalls:30 level 3 mobj_mapped_shm_init()
D/TC:0 0 mobj_mapped_shm_init:447 Shared memory address range: e300000, 10300000
D/TC:0 0 call_initcalls:30 level 3 tee_cryp_init()
D/TC:0 0 call_initcalls:30 level 4 tee_fs_init_key_manager()
D/TC:0 0 call_initcalls:30 level 5 init_console_itr()
D/TC:0 0 gic_it_set_cpu_mask:251 cpu_mask: writing 0xff to 0x10d00828
D/TC:0 0 gic_it_set_cpu_mask:253 cpu_mask: 0xff
D/TC:0 0 gic_it_set_prio:266 prio: writing 0x1 to 0x10d00428
D/TC:0 0 call_initcalls:30 level 6 mobj_init()
D/TC:0 0 call_initcalls:30 level 6 default_mobj_init()
I/TC:0 0 init_teecore:73 Initialized
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
print_kernel_stack() depends on thread_stack_start() and
thread_stack_size() to get information about the current stack and stop
unwinding outside of the expected range. These functions can only be
used in a thread context; they don't work during the early boot when a
temporary stack is used. Therefore, we often get truncated stack dumps
when an abort or panic() occurs during boot.
This commit introduces a new function: get_stack_limits(), which will
correctly identify cases when the temporary stack is used. Tested on
QEMU (32/64 bits) by calling panic() at various stages of the boot. A
complete call stack was printed on the console every time (note: with
optimization set to -O0 via CFG_CC_OPTIMIZE_FOR_SIZE=n).
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Tested-by: Jerome Forissier <jerome@forissier.org> (QEMU, QEMUv8)
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
The struct thread_core_local for each CPU is global, hence initialized
to zero when .bss is cleared. So before threads are initialized we have
a seemingly valid curr_thread value (0) when we should really have -1.
thread_get_id_may_fail() can return 0 although there is no current
thread.
Fix this by setting curr_thread to -1 earlier in the boot.
Note: this moves code out of thread_init_threads(), which is called by
virt_guest_created() when virtualization is enabled. I think it is the
right thing to do because I see no reason why the thread_core_local
structures should be cleared when a guest is added (the data belong to
.nex_bss).
Signed-off-by: Jerome Forissier <jerome@forissier.org>
CC: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
When building for HiKey with Clang 10.0.0 and DEBUG=1 we get the
following panic:
D/TC:0 0 check_pa_matches_va:2120 va 0x3b000000 maps 0x3f200000, expect 0x0
E/TC:0 0 Panic at core/arch/arm/mm/core_mmu.c:2121 <check_pa_matches_va>
The root cause is an overflow of the temporary stack. DEBUG=1 sets
CFG_CC_OPTIMIZE_FOR_SIZE=n which in turn sets the optimization flags to
-O0 instead of -Os. In this configuration, Clang apparently needs much
more stack space (not something observed with GCC).
This commit increases the temporary stacks from approximately 2K per
core to approximately 4K per core.
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Victor Chong <victor.chong@linaro.org> (HiKey620 AOSP)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
|
