| Age | Commit message (Collapse) | Author |
|---|
|
Adds CFG_CORE_HUK_SUBKEY_COMPAT which if set to 'y' makes
huk_subkey_derive() produce RPMB and SSK keys identical to the legacy
code.
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
This change removes -pedantic from the build directive from all
warning build level. The rational is that OP-TEE OS package no
longer supports being built in pedantic mode allowing now use
of implementation sequence that are rejected in pedantic mode,
for example using = { } for initializing structured local variables
in a structure agnostic way which OP-TEE OS community as agreed to
use.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Initial step of mbedtls cryptos integration.
Directory created and interface file is drafted.
All function interfaces are set to "not supported".
The mbedtls can be selected by specifying build flags
"CFG_CRYPTOLIB_NAME=mbedtls" and "CFG_CRYPTOLIB_DIR=lib/libmbedtls"
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Edison Ai <edison.ai@arm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Moves default assignment of CFG_CORE_MBEDTLS_MPI into mk/config.mk
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Moves default initialization of CFG_CRYPTOLIB_NAME and CFG_CRYPTOLIB_DIR
to mk/config.mk.
Only assigns default y to CFG_CRYPTO_RSASSA_NA1 in case
CFG_CRYPTOLIB_NAME == tomcrypt.
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Introduces CFG_TA_ASLR to enable Address Space Layout Randomization of
Trusted Applications. ASLR makes the exploitation of memory corruption
vulnerabilities harder.
The feature is disabled by default except for the configurations I
could test (QEMU and HiKey960).
When CFG_TA_ASLR=y, the stack and subsequent ELF file(s) needed by the
TA are mapped into the user VA space with a random offset comprised
between CFG_TA_ASLR_MIN_OFFSET_PAGES and CFG_TA_ASLR_MAX_OFFSET_PAGES
pages (that is between 0 and 128 pages by default).
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (QEMU, HiKey960)
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
When CFG_ULIBS_SHARED=y (default n), build libutils, libmpa/libmbedtls
and libutee as shared libraries (.so). The static archives (.a) are
still produced. The linker uses shared libraries by default when
present so TAs just need to be re-built to use the shared libraries.
For the time being, in-tree TAs are always linked statically for
practical reasons. Indeed, in-tree TAs (such as ta/avb) are likely
to be used as "early TAs". If such a TA was linked against shared
libraries, then those libraries would need to be installed in the
"early TA" area, too. While this works fine technically, it requires
some more steps in the Makefiles to make sure the proper dependencies
are installed and also it would mean that those libraries take
precedence over the ones potentially installed in the REE FS etc.
In other words, it would raise questions that we do not want nor need
to address now.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
This commit adds the infrastructure to build libutils, libmpa/
libmbedtls etc. as shared objects (.so).
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Adds configuration flag CFG_REE_FS_TA_BUFFERED, default enabled.
A new TA store is introduced which depends on the TEE FS TA store to
load the whole binary into a temporary buffer in secure DDR and
authenticate it before being processed further.
This reduces the attack surface of the TEE core in case of a
vulnerability in the ELF loader, at the expense of increased memory
usage at load time.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reported-by: Bastien Simondi <bsimondi@netflix.com> [3.6]
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
The comment stating that the REE filesystem is the only possible storage
to load Trusted Applications from is not true anymore. As described in
documentation/optee_design.md, two other options are possible (early TAs
and secure storage). Therefore, remove the comment.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
|
|
This patch adds virtualization framework to OP-TEE.
Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
This patch is the first in series of patches that split OP-TEE RW memory
into two regions: nexus memory and TEE memory. Nexus memory will
be always mapped and it will be used to store all data that is
vital for OP-TEE core and is not bound to virtual guests.
TEE memory is a memory that holds data specific for certain guest.
There will be TEE memory bank for every guest and it will be mapped
into OP-TEE address space only during call from that guest.
This patch adds nexus memory and moves stacks into it. Also
it provides __nex_bss and __nex_data macros, so one can easily set right
section for a variable.
Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
If virtualization enabled, this pool will be used to allocate
memory for OP-TEE nexus needs.
Without virtualization, generic malloc pool will be used.
Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
AOSP's Toybox's version of cp doesn't support the -u option
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Signed-off-by: Yongqin Liu <yongqin.liu@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
|
|
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
|
|
This pseudo TA enumerates OP-TEE pseudo TAs which can act as devices/
services for Linux TEE bus driver. For differentiation of such devices,
added TA_FLAG_DEVICE_ENUM optional flag in pseudo TA header.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Document the configuration flags that controls the target architecture for
user mode libraries and in-tree TAs.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
This change introduces CFG_USER_TA_TARGETS to allow the configuration
directives to select the architectures for which userspace TA and TA
libraries shall be built. The only use case for the moment is to be able
to build only 32 or 64-bit libraries and TAs when the platform would
otherwise support both 32 and 64-bit. See the example below.
If CFG_USER_TA_TARGETS is undefined or empty, all the architectures
supported by the platform are built.
If CFG_USER_TA_TARGETS contains an unsupported value, the build will
report an error.
Examples:
$ make PLATFORM=hikey CFG_ARM64_core=y
# Builds both 32 and 64-bit userspace
$ make PLATFORM=hikey CFG_ARM64_core=y \
CFG_USER_TA_TARGETS="ta_arm32 ta_arm64"
# Same as above
$ make PLATFORM=hikey CFG_ARM64_core=y CFG_USER_TA_TARGETS=ta_arm32
# Builds only 32-bit userspace
Suggested-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
This patch adds a dt routine add_dt_overlay_fragment(). This purpose of
which is to encapsulate the dynamic FDT node entries OPTEE provides inside
of a
fragment@0 {
target-path = "/";
__overlay__ {
/* OPTEE nodes go here */
};
};
A subsequent set of patches will wrapper up existing dynamic OPTEE nodes
- /firmware/optee
- /psci
- /reserved/memory
optee@0xaddress
Once done it will be possible for a DTB in memory to be populated
with OPTEE fragments and for a subsequent bootloader to merge the OPTEE
populated overlay into a DTB loaded by a later stage.
if CFG_EXTERNAL_DTB_OVERLAY is not defined then this code has no effect.
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Defines __FILE_ID__ with a unique name of the file being compiled.
Useful to create globally unique variables.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
This change introduces configurations CFG_EMDED_DTB and
CFG_EMBED_DTB_SOURCE_FILE. When CFG_EMDED_DTB=y a device
tree blob (DTB) is embedded in a read-only section of the
core based on an in-tree device tree source (DTS) file.
CFG_EMBED_DTS_SOURCE_FILE defines the relative path of
the target device in core/arch/$(ARCH)/dts.
Non empty CFG_EMBED_DTS_SOURCE_FILE content implies CFG_EMBED_DTB=y.
CFG_EMBED_DTB=y mandates CFG_EMBED_DTS_SOURCE_FILE definition.
CFG_EMDED_DTB=y mandates CFG_DT=y.
Since the embedded DTB is read-only, core do not attempt to
modify it adding information such as OP-TEE resources nodes and
properties. Core still get generic information such as system
memory address range and debug console configuration
from the embedded DTB.
Documentation includes a DT section in the OP-TEE design
description.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Add helper function gen-dtb-file in the build sequence. It generates
a DTB file from input DTS file. The DTS file is preprocessed with
CPP before being compiled using the device tree compiler (DTC).
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Code cleanup, no functional change. This commit avoids the duplication of
the -pg flag in the library makefiles.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Enable the TEE_ALG_RSASSA_PKCS1_V1_5 extension by default.
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Gabor Szekely <szvgabor@gmail.com>
|
|
The global `trace_level` session-wise indicator which is set by
`trace_set_level()` [1], could get a wrong value in case of an
input `level` set to 0, meaning that all logs need to be disabled
by user define `CFG_TEE_TA_LOG_LEVEL=0` when building TA applications.
This inconsistency is caused by a rather wrong value of `TRACE_MIN`
low boundary value set to 1. According to [1] `trace level` will be
set to `TRACE_MAX` (4) in case input level is smaller than `TRACE_MIN`
and larger than `TRACE_MAX`.
In the scenario when the needed log level is 0, `trace level` would be
set to `TRACE_MAX` and will cause a lot of flow log level information
dumped by trace functions/macros that are using `trace_printf()`
primitive.
This patch sets the `TRACE_MIN` to 0 in order to assure a proper trace
level setting and completely disable all logs in case
`CFG_TEE_TA_LOG_LEVEL=0`.
[1]
void trace_set_level(int level)
{
if (((int)level >= TRACE_MIN) && (level <= TRACE_MAX))
trace_level = level;
else
trace_level = TRACE_MAX;
}
Acked-by: Christoph Gellner <cgellner@de.adit-jv.com>
Signed-off-by: Ovidiu Mihalachi <ovidiu_mihalachi@mentor.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
The host side make command is disallowed by the Android build system on
AOSP master [1]. Using it anyway causes the following build error:
"make" is not allowed to be used.
See [2] for more information.
Link: [1] https://android-review.googlesource.com/c/platform/build/soong/+/796565
Link: [2] https://android.googlesource.com/platform/build/+/master/Changes.md#PATH_Tools
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Yongqin Liu <yongqin.liu@linaro.org>
|
|
There are some limitations on PHONY target introduced into the AOSP master [1],
and the change here is to remove the use of PHONY target for BUILD_OPTEE_OS
definition, and to define OPTEE_BIN with relative path in aosp workspace
instead of absolute path.
Link [1]: https://android.googlesource.com/platform/build/+/HEAD/Changes.md#phony_targets
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Yongqin Liu <yongqin.liu@linaro.org>
|
|
Implements lockdep hooks for mutexes. CFG_LOCKDEP is disabled by default,
because it causes a noticeable slowdown (plain xtest runs 2-4x slower).
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (QEMU, HiKey960)
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
When running xtest 6018 we have got panics because of
TEE_ERROR_OUT_OF_MEMORY errors when trying to allocate memory (using
malloc and calloc). The reason for this seems to be a fragmented heap
when running with the pager enabled. By enabling the BestFit algorithm
in bget we have seen a much improved use of the heap with a lot less
fragmentation. We have been running xtest on QEMU v8 and HiKey 6220 and
the performance difference seems to be negligible.
Fixes: https://github.com/OP-TEE/optee_os/issues/2580
Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Joakim Bech <joakim.bech@linaro.org> (HiKey 6220, QEMU v8)
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
The commit [1] that changed the revision macros from 3.2 to 3.3 was not
pushed to the master branch when I created the 3.3.0-rc1 tag. Pick this
commit now.
[1] Commit b5aecc05ca32 ("Update revision for release tag 3.3.0-rc1")
(tag 3.3.0-rc1)
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
|
|
Removes the -Wdeclaration-after-statement compiler flag to allow mixed
declaration and code
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Clean $(spec-srcs) variable, as the value can be accumulated in
ta/mk/build-user-ta.mk
Fixes linking issues when multiple TAs are compiled as Early TAs
(using CFG_IN_TREE_EARLY_TAS)
$ make V=1
...
out/arm/ta/avb/user_ta_header.o:(.data+0x0): multiple definition of `trace_level'
out/arm/ta/avb/user_ta_header.o:(.data+0x0): first defined here
out/arm/ta/avb/user_ta_header.o: In function `tahead_get_trace_level':
optee_os/out/arm/export-ta_arm32/src/user_ta_header.c:102: multiple definition of `trace_ext_prefix'
out/arm/ta/avb/user_ta_header.o:optee_os/out/arm/export-ta_arm32/src/user_ta_header.c:102: first defined here
out/arm/ta/avb/user_ta_header.o: In function `tahead_get_trace_level':
optee_os/out/arm/export-ta_arm32/src/user_ta_header.c:102: multiple definition of `ta_head'
out/arm/ta/avb/user_ta_header.o:optee_os/out/arm/export-ta_arm32/src/user_ta_header.c:102: first defined here
out/arm/ta/avb/user_ta_header.o: In function `tahead_get_trace_level':
optee_os/out/arm/export-ta_arm32/src/user_ta_header.c:102: multiple definition of `ta_heap'
out/arm/ta/avb/user_ta_header.o:optee_os/out/arm/export-ta_arm32/src/user_ta_header.c:102: first defined here
out/arm/ta/avb/user_ta_header.o: In function `tahead_get_trace_level':
optee_os/out/arm/export-ta_arm32/src/user_ta_header.c:102: multiple definition of `ta_heap_size'
out/arm/ta/avb/user_ta_header.o:optee_os/out/arm/export-ta_arm32/src/user_ta_header.c:102: first defined here
out/arm/ta/avb/user_ta_header.o: In function `tahead_get_trace_level':
optee_os/out/arm/export-ta_arm32/src/user_ta_header.c:102: multiple definition of `ta_props'
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>
|
|
Trying to specify Android build location outside of souce directory's
default 'out' using OUT_DIR_COMMON_BASE env variable, results in errors
like
"...
<built-in>:1:10: fatal error: 'conf.h' file not found
"
Signed-off-by: Jassi Brar <jaswinder.singh@linaro.org>
Tested-by: Victor Chong <victor.chong@linaro.org> (hikey620)
Acked-by: Victor Chong <victor.chong@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
[jf: wrap commit text]
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
|
|
Fixes the following errors which may reportedly be triggered by plain
"make" too [1]:
$ make -s clean && make -s out/arm-plat-vexpress/ta/avb/entry.o
cc1: warning: out/arm-plat-vexpress/export-ta_arm32/include: No such file or directory [-Wmissing-include-dirs]
ta/avb/entry.c:5:30: fatal error: tee_internal_api.h: No such file or directory
compilation terminated.
mk/compile.mk:146: recipe for target 'out/arm-plat-vexpress/ta/avb/entry.o' failed
make: *** [out/arm-plat-vexpress/ta/avb/entry.o] Error 1
$ make -s clean && make -s out/arm-plat-vexpress/ta/avb/user_ta_header.o
cc1: warning: out/arm-plat-vexpress/export-ta_arm32/include: No such file or directory [-Wmissing-include-dirs]
out/arm-plat-vexpress/export-ta_arm32/src/user_ta_header.c:5:22: fatal error: compiler.h: No such file or directory
compilation terminated.
mk/compile.mk:154: recipe for target 'out/arm-plat-vexpress/ta/avb/user_ta_header.o' failed
make: *** [out/arm-plat-vexpress/ta/avb/user_ta_header.o] Error 1
Link: [1] https://github.com/OP-TEE/build/issues/285
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
to make it work with Treble enabled builds
Acked-by: Victor Chong <victor.chong@linaro.org>
Signed-off-by: Yongqin Liu <yongqin.liu@linaro.org>
|
|
If (D|E|I|F)MSG is called with foreign interrupts masked
we can report core ID. "?" will be printed instead, if
foreign interrupts aren't masked.
With this patch log looks like this:
D/TC:2 0 core_mmu_set_user_map:940 0xe181b88 0xeee8003
D/TC:? 0 __wq_rpc:40 wake thread 1 0xe16f028 -3
D/TC:1 thread_handle_std_smc:612 a7: 2
D/TC:3 0 core_mmu_set_user_map:940 0x0 0x0
Where first digit shows core id and second - thread id.
Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
|
|
Adds CFG_IN_TREE_EARLY_TAS which is used to embed in-tree TAs as early
TAs in the OP-TEE binary.
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Adds support for compiling in-tree TAs. Unless specified via
CFG_USER_TA_TARGET_<ta-name> the TA will be built with the first TA
target (aka TA dev kit, when delivered) specified in the variable
ta-targets which is initialized in core/arch/arm/plat-*/conf.mk.
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Uses per $(sm) unique FORCE-GENSRC to allow one submodule (sm) depend on
files produced by another submodule.
CFG_IN_TREE_EARLY_TAS needs this for the core submodule to depend on a
submodule representing an in-tree TA.
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
NOWERROR=1 has been made obsolete by commit beb065df6ee5 ("Do not set
-Werror by default"). Remove it.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Having -Werror turned on by default can be annoying, because not everyone
uses the same compiler, and different compiler versions have different
warnings.
Therefore, provide CFG_WERROR to turn it on instead. Enable CFG_WERROR in
the CI scripts because we still don't want warnings with the officially
supported compilers.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
|
|
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
|
|
Signed-off-by: Yongqin Liu <yongqin.liu@linaro.org>
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
|
|
Add system pTA, which provides misc. auxiliary services, extending
existing GlobalPlatform Core API.
Add a call for seeding entropy to the default RNG pool.
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>
|
|
Configures mbedtls with a minimal user mode TA configuration and makes
it compile.
Adds dummy include/mbedtls_config_kernel.h to give a good error message
in case mbedTLS is compiled in for kernel mode.
mbedTLS is enabled for TAs with CFG_TA_MBEDTLS = y
Builtin self tests are enabled with CFG_TA_MBEDTLS_SELF_TEST = y
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
This commit adds support for 32-bit dynamically linked Trusted
Applications. The config flag for this feature is CFG_TA_DYNLINK,
default enabled.
Why do this? Several reasons:
1. Save space in the TA storage area. The OP-TEE core libraries
(libutee, libutils, libmpa) could very well be provided as shared
objects (.so) rather than archive files (.a). They would be installed
only once in the TA storage, instead of being duplicated inside each TA.
2. Allow upgrade of some libraries without re-linking the TAs.
3. Pave the way to sharing code pages between TAs, thus potentially
reducing the memory footprint of the TEE.
The ELF loader is updated as follows:
- Locate the dynamic section in the program headers (PT_DYNAMIC entry).
- Find the required external libraries by looking for DT_NEEDED entries
in the dynamic section. Libraries are .so files signed like TAs and
identified by a UUID so that the TA stores can be re-used. Using a UUID
is also more flexible, because a new versions of a library may keep the
same UUID or use another one.
- Load all the libraries.
- Process the dynamic relocations of type R_ARM_GLOB_DAT and
R_ARM_JUMP_SLOT by resolving symbols by name, in breadth first order.
- Map the library code and data into the user VA space.
The stack unwinding code will be updated in a later commit. As a result
only the main executable may be unwound ; stack dumps will stop if the
call stack goes inside a shared library.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (QEMU)
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960 32/64)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Joakim Bech <joakim.bech@linaro.org>
|
|
Prior to this patch TEE_Malloc(), TEE_Realloc() and TEE_Free() were using
two extra layers implemented on top of the well known malloc(),
realloc(), calloc() and free() functions. With this patch the extra layers
are skipped.
When compiled for user TAs realloc() clears all memory that otherwise
would be uninitialized memory since it's required by the spec [1] if
TEE_Malloc() is called with the hint TEE_MALLOC_FILL_ZERO. Since that's
the only recognized hint in the spec realloc() assumes that it's always
needed.
[1] GP TEE Internal Core API Specification v1.1
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
tee_kta_trace.h is unused and useless.
Reword "static TA" into "pseudo TA" in comments.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
|
|
Make the size of big numbers in the TEE core configurable. The default
(4096 bits) may be reduced if such a large key size is not needed, to
save core memory.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
|
