- Apr 02, 2024
-
-
GlobalPlatform TEE Client API Specification v1.0 specifies that the structs TEEC_Context, TEEC_Session, TEEC_SharedMemory, and TEEC_Operation shall have a user defined struct named imp. In OP-TEE the struct is not there and instead the user defined fields are declared directly in the top structs. This commit introduces the imp struct to better support using different implementations. The imp fields now represent the implementation defined parts of the structs that was previously declared directly in the top struct. All previously available parameters are preserved in the imp struct. The updated version of the imp structure makes it easier to create a binding for Rust. Adding the missing imp struct to the structs in OP-TEE is an ABI breakage which requires a version major update of libteec. Link: https://github.com/OP-TEE/optee_client/issues/348 Reported-by:
Tom Hebb <tommyhebb@gmail.com> Signed-off-by:
Julianus Larson <julianus.larson@linaro.org> Acked-by:
Etienne Carriere <etienne.carriere@foss.st.com> Acked-by:
Jerome Forissier <jerome.forissier@linaro.org>
-
- Mar 13, 2024
-
-
Add a pkgconfig file to libteeacl, so that the library and its headers can be found from wherever they have been installed. Signed-off-by:
Eero Aaltonen <eero.aaltonen@vaisala.com> Acked-by:
-
pkg-config --static --libs includes the libraries specified in Libs, so there's no need to repeat them in Libs.private. Signed-off-by:
-
Switch naming convention of the pkgconfig metadata file use the plain namespec without the lib prefix. While both forms are permitted, the man page of pkg-config[1] has more examples of metadata files without a lib prefix. Similarly the uuid metadata file that teeacl uses to link is named simply `uuid.pc`. Additionally the lib prefix does not provide extra information, and long lists of pkgconfig metadata files are easier to read with just the plain namespec. [1]: https://linux.die.net/man/1/pkg-config Signed-off-by:
-
- Feb 19, 2024
-
-
set_ta_path() doesn't add a NULL pointer to the last element of ta_path, which can cause a segmentation fault when a TA is not found. Use calloc() instead of malloc() to make sure the ta_path array is always NULL-terminated. Link: https://github.com/OP-TEE/optee_client/issues/374 Signed-off-by:
guan-gm.lin <guan-gm.lin@mediatek.com> Reviewed-by:
-
- Feb 14, 2024
-
-
Change the one shot encryption and decryption handler function to allow input buffer reference to be NULL. This may happen for example with AES GCM operation where encryption of a NULL buffer is expected to produce an AES GCM authentication tag. Before this change, providing a NULL buffer to C_Encrypt() made ckteec_register_shm() to fail and ckteec_register_shm() to return CKR_HOST_MEMORY error code. Fixes: aa3dd58d ("libckteec: Allow 0 length input buffer for update operations.") Acked-by:
-
- Jan 29, 2024
-
-
Android use by default Soong Build System, *.mk files are deprecated in favor of Android.bp [1]. All the logics present in android mk files have been ported to a single Android.bp optee_client.device.mk set the same default flags as we did in the old Android *.mk files. Example of configs in device/VENDOR/BOARD/device.mk: Before: CFG_TEE_FS_PARENT_PATH := /mnt/vendor/persist/tee PRODUCT_PACKAGES += \ libteec \ tee-supplicant After: include $(PATH_OPTEE_CLIENT)/optee_client.device.mk $(call soong_config_set,optee_client,cfg_tee_fs_parent_path,/mnt/vendor/persist/tee) PRODUCT_PACKAGES += \ libteec \ tee-supplicant [1] https://source.android.com/docs/setup/build Acked-by:Julien Masson <jmasson@baylibre.com>
-
- Jan 23, 2024
-
-
Drop Benchmark Framework as current implementation is non-function and obsolete, and it's not supported anymore. Acked-by:
Jens Wiklander <jens.wiklander@linaro.org> Acked-by:
Igor Opaniuk <igor.opaniuk@foundries.io>
-
- Jan 16, 2024
-
-
The variable aligned_sz will be 0 when the requested sz is MAX_SIZE. Since posix_memalign can return a valid pointer for zero size allocations, share memory registration requests for MAX_SIZE might make it to the kernel. This PR stops it early - just as it was before "teec: use multiple of page size for page aligned buffers" was merged. Fixes: acb0885c ("teec: use multiple of page size for page aligned buffers") Signed-off-by:
Jorge Ramirez-Ortiz <jorge@foundries.io> Reviewed-by:
-
- Jan 12, 2024
-
-
When running in 64 bit CPU things like ulMaxSessionCount would get value of 4294967295 instead of ~0. Adjust all other CK_ULONG fields supporting CK_UNAVAILABLE_INFORMATION. Signed-off-by:
Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Reviewed-by:
-
On 64 bit systems uint32_t cannot handle CK_ULONG defined CK_UNAVAILABLE_INFORMATION. This adds helper maybe_unavail() to assist in conversion. Signed-off-by:
-
- Jan 08, 2024
-
-
Commit 3ac968ee moved linux/tee.h from libteec/include to libteec/src resulting in the following build failure with any kernel < 4.16 (i.e before https://github.com/torvalds/linux/commit/033ddf12bcf5326b93bd604f50a7474a434a35f9 ): /home/buildroot/autobuild/instance-3/output-1/build/optee-client-4.0.0/tee-supplicant/src/tee_supplicant.c: In function 'register_local_shm': /home/buildroot/autobuild/instance-3/output-1/build/optee-client-4.0.0/tee-supplicant/src/tee_supplicant.c:356:44: error: storage size of 'data' isn't known 356 | struct tee_ioctl_shm_register_data data; | ^~~~ To fix this build failure, update CMakeLists.txt and Makefile of tee-supplicant to add libteec/src to the include directories. Fixes: 3ac968ee ("Makefile, cmake: move teec related headers") Acked-by:
Fabrice Fontaine <fontaine.fabrice@gmail.com>
-
Verify "ta-path" command line argument length and if snprintf() concated path is too long, then print an error message and terminate startup. Signed-off-by:
Tanel Dettenborn <tanel@ssrc.tii.ae> Reviewed-by:
-
- Dec 07, 2023
-
-
This commits adds serialize_mecha_aes_gcm() function to serialize_ck.c to support AES-GCM mechanism (CKM_AES_GCM) in libckteec. Co-developed-by:
Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by:
Marouene Boubakri <marouene.boubakri@nxp.com> Reviewed-by:
-
- Dec 04, 2023
-
-
TEE_ERROR_EXTERNAL_CANCEL and TEE_ERROR_STORAGE_NO_SPACE are not part of the specification [1]. TEEC_ERROR_EXTERNAL_CANCEL and TEEC_ERROR_STORAGE_NO_SPACE should be preferred instead. Add a message in the description to deprecate these two macros, but keep them for backward compatibility. [1] TEE Client API Specification v1.0 Errata and Precisions Version 2.0, §P.4 Define Additional Return Codes Signed-off-by:Vincent Mailhol <mailhol.vincent@wanadoo.fr> Acked-by:
-
The precision from [1] defines 9 additional return codes. One of them, TEEC_ERROR_TARGET_DEAD was already added in [2]. Apply the 8 other ones and reorder them by values. The added documentation is a verbatim copy of the description from [1]. Overwrite the existing documentation of TEEC_ERROR_TARGET_DEAD with the one from the specification. [1] TEE Client API Specification v1.0 Errata and Precisions Version 2.0, §P.4 Define Additional Return Codes [2] commit f2b0ed41 ("Updated related Linux Driver Refactoring") Link: https://github.com/OP-TEE/optee_client/commit/f2b0ed41c8c7b3 Signed-off-by: -
Apply the errata from [1] which fixes two typos in the definition of the paramTypes. [1] TEE Client API Specification v1.0 Errata and Precisions Version 2.0, §E.1 Correct Reference to TEEC_MemoryReference Signed-off-by:
-
- Nov 27, 2023
-
-
Add a new `--ta-path` CLI flag for overriding the default load path used by tee-supplicant. The given path string can be a set of colon (':') separated paths, each being a full path used when searching for TAs. When this option is not used, the existing behavior of loading TAs from a subdirectory "ta-dir" under TEEC_LOAD_PATH is retained. Signed-off-by:Jared Baur <jaredbaur@fastmail.com> Reviewed-by:
-
- Oct 30, 2023
-
-
Cleanup TEEC_TEST_LOAD_PATH and CFG_TA_TEST_PATH, as the TEEC_TEST_LOAD_PATH was not working properly anyway. TEEC_TEST_LOAD_PATH and CFG_TA_TEST_PATH are removed, and the TEEC_LOAD_PATH is supposed to hold all paths where to search for TAs. Signed-off-by:
Mika Tammi <mika.tammi@unikie.com> Reviewed-by:
-
- Oct 19, 2023
-
-
When allocating a page aligned buffer, round the size up the next multiple of page size. With this we can guarantee that a part of that page isn't registered already. Signed-off-by:
Joakim Bech <joakim.bech@linaro.org>
-
- Oct 13, 2023
-
-
Make it so that pkgconfig file is actually installed to INSTALL_LIBDIR. Signed-off-by:
-
Remove extra comments about CMake build. Before the comments were included in the generated .pc file. Based on a short sample, most projects pkgconfig files don't start with any extra comments. Signed-off-by:
-
The optee-client-headers interface library was added back in commit e0a12e23 "cmake: Initial CMake support" , but to a directory named "public". Improve the consistency of the Cmake build by moving the headers under the associated libteec include directory. Signed-off-by:
-
The style used by the CMake project itself and the most widely used CMake style does not place white space between the function/macro name and the parenthesis. Align with the common style. Signed-off-by:
-
- Mar 20, 2023
-
-
We're no longer using Travis CI and have no plans of adding it again. Hence let's remove the .travis.yml file. Signed-off-by:
Joakim Bech <joakim.bech@linaro.org>
Reviewed-by:
-
- Mar 01, 2023
-
-
load_plugin() calls dlopen() but does not call dlclose() when dlsym() fails. Fix that. Signed-off-by:
liu_yi <liu_yi@kylinos.cn> [jf: fix minor formatting issues in code and description] Reviewed-by:
-
- Feb 15, 2023
-
-
Use realloc() instead of reallocarray(), since uClibc apparently does not implement reallocarray(). Fixes: https://github.com/OP-TEE/optee_client/issues/339 Signed-off-by:
-
Compiling with clang would fail with ``` error: unknown warning option '-Wunsafe-loop-optimizations' ``` Adjust CMake so that the warning is only added for GNU compiler. Signed-off-by:
-
- Feb 02, 2023
-
-
Use `sbindir`, `libdir` and `includedir` as variables for installation targets. These variables names are defined by GNU coding standards [1]. Link: [1] https://www.gnu.org/prep/standards/html_node/Directory-Variables.html Signed-off-by:
Clement Faure <clement.faure@nxp.com> Reviewed-by:
-
- Dec 09, 2022
-
-
For uuid dependency checking, cross compiler version pkg-config should be used. However top level makefile does not hold the information of the cross compiler. To solve that, move the checking from top level makefile to the library level. Fixes: d448e8bb ("Allow cross-compile pkg-config") Signed-off-by:
Su Bao Cheng <baocheng.su@siemens.com> Reviewed-by:
-
- Dec 08, 2022
-
-
Replaces use of set() with option() for CFG_WERROR boolean switch. Acked-by:
-
Build and embed libteeacl upon WITH_TEEACL=1 (default configuration). This configuration switch allows one to build OP-TEE client without dependencies on pkg-config and libuuid when OP-TEE ACL for PKCS11 is not needed: cmake -DWITH_TEEACL=0 ... or make WITH_TEEACL=0 ... With the comments below addressed, LGTM. Acked-by:
-
- Dec 01, 2022
-
-
Adds a CI script to be run on push and pull requests. Eight cross-builds are checked: (armhf, aarch64) x (make, cmake) x (Debian, Ubuntu). Signed-off-by:
-
- Nov 25, 2022
-
-
Autotools build environments that use libteec would benefit from the addition of generated package config files so that libraries could be found wherever they are installed. Add a teec pkg-config generation to support that Signed-off-by:
Neil Horman <nhorman@gmail.com> Acked-by:
-
- Nov 21, 2022
-
-
optee-client fails to cross build from source. This commit apply CROSS_COMPILE on pkg-config to let it be able to build by cross-compiler. Link: https://bugs.debian.org/1023233 Link: http://crossqa.debian.net/src/optee-client Signed-off-by:
Ying-Chun Liu (PaulLiu) <paul.liu@linaro.org> Signed-off-by:
Helmut Grohne <helmut@subdivi.de> Acked-by:
-
- Nov 18, 2022
-
-
The PKCS#11 Specification: https://docs.oasis-open.org/pkcs11/pkcs11-spec/v3.1/cs01/ pkcs11-spec-v3.1-cs01.pdf 6.1.23 RSA AES KEY WRAP Signed-off-by:
Valerii Chubar <valerii_chubar@epam.com> Reviewed-by:
-
- Oct 31, 2022
-
-
In order to properly synchronize data and meta-data for secure storage, fsync() must be performed on the containing directory after mkdir() and rename() operations. This may be especially of interest in a production environment where power may be cut as soon as all the security parameters are saved. Reviewed-by:
Joakim Nordell <joakim.nordell@axis.com>
-
- Oct 28, 2022
-
-
The `uuid` pkg-config file provides the include directory as `${PREFIX}/include/uuid`. Set include path relative to pkg-config file specified include_dir to remain portable. Signed-off-by:
-
- Oct 24, 2022
-
-
A string is empty when its first character is zero. Therefore, we can avoid calling strlen() on each FS request. Signed-off-by:
-
- Oct 17, 2022
-
-
Fixed libteec function mmap_paddr mmap() size problem reported in [1]. Link: [1] https://github.com/OP-TEE/optee_client/issues/318 Signed-off-by:
Yuelei Kan <936115299@qq.com> Reviewed-by:
-
