diff options
author | Khang Nguyen <khang.nguyen.xw@renesas.com> | 2018-10-28 20:59:49 -0400 |
---|---|---|
committer | Khang Nguyen <khang.nguyen.xv@renesas.com> | 2018-10-29 13:41:32 +0700 |
commit | 9f7ba089e8a0cc49c8114954c1182fedf341540e (patch) | |
tree | fdb6933ce69b8bf7425640d3bf3d8e63ed534f56 /meta-rcar-gen3/recipes-bsp/optee/optee-os/0002-OPTEE_PROVIDER-188122-Fix-to-exclusive-control-for-R.patch | |
parent | e5a8cfdc84a83544f281f33fcbe3ce15bb0ab119 (diff) |
rcar-gen3: IPL: Upgrade IPL version according to BSP v3.8.0
This commit updates IPL and Secure Monitor to Rev1.0.23 rev2 for
the following changes:
[IPL]
- plat: rcar: BL2: Correct MMU configuration.
- plat: rcar: Fix suspicious line in platform.mk.
- Change the definition value of BL2_LIMIT to end of System RAM.
- Update IPL boot message.
- Version up the base version to v1.5 of arm-trusted-firmware.
- Update DDR setting (rev.0.34).
- Modify the alignment of l2_tzram_layout to CACHE_WRITEBACK_GRANULE.
- Update H3 Ver.3.0 QoS setting rev.0.08.
- Update M3N Ver.1.1 QoS setting rev.0.07.
- Update E3 Ver.1.0 QoS setting rev.0.03.
- Fix the system WDT detection log is not output when D-Cache is enabled.
- Change the timer counter of micro_wait to the Generic Timer.
- Fix to log the timestamp at beginning of line.
- Change the timer counter for processing time measurement to the Generic Timer.
- Modify the DDR log output of IPL boot message.
[Secure Monitor]
- Version up the base version of arm-trusted-firmware.
https://github.com/ARM-software/arm-trusted-firmware
Commit ID ed8112606c54d85781fc8429160883d6310ece32 [Tag: v1.5]
- Backport the workaround for CVE-2018-3639.
Update optee_os Rev1.0.16 rev2
- Fix a contxt size allocated by OP-TEE OS with HW engine.
- Fix to exclusive control in ECDSA operation used by HW engine.
- Fix to set the initial value for a parameter in TEE_AEInit.
- Fix to clear the read cache of standalone_fs_create.
Signed-off-by: Khang Nguyen <khang.nguyen.xw@renesas.com>
Signed-off-by: Takamitsu Honda <takamitsu.honda.pv@renesas.com>
Diffstat (limited to 'meta-rcar-gen3/recipes-bsp/optee/optee-os/0002-OPTEE_PROVIDER-188122-Fix-to-exclusive-control-for-R.patch')
-rw-r--r-- | meta-rcar-gen3/recipes-bsp/optee/optee-os/0002-OPTEE_PROVIDER-188122-Fix-to-exclusive-control-for-R.patch | 105 |
1 files changed, 0 insertions, 105 deletions
diff --git a/meta-rcar-gen3/recipes-bsp/optee/optee-os/0002-OPTEE_PROVIDER-188122-Fix-to-exclusive-control-for-R.patch b/meta-rcar-gen3/recipes-bsp/optee/optee-os/0002-OPTEE_PROVIDER-188122-Fix-to-exclusive-control-for-R.patch deleted file mode 100644 index bac23ad..0000000 --- a/meta-rcar-gen3/recipes-bsp/optee/optee-os/0002-OPTEE_PROVIDER-188122-Fix-to-exclusive-control-for-R.patch +++ /dev/null @@ -1,105 +0,0 @@ -From f6ba4b6f808158a9daf39bc7224da806a9e3547d Mon Sep 17 00:00:00 2001 -From: Tomohiro Fujiwara <tomohiro.fujiwara.cw@hitachi.com> -Date: Wed, 26 Sep 2018 23:12:17 +0900 -Subject: [PATCH 2/2] [OPTEE_PROVIDER][#188122] Fix to exclusive control for - RSA/ECDSA - -This commit fixes to be exclusive in order to other processes are not -executed between build key process and sign/verify/enc/dec process. - -Signed-off-by: Tomohiro Fujiwara <tomohiro.fujiwara.cw@hitachi.com> ---- - core/lib/libcryptoengine/tee_pka_provider.c | 4 ++++ - core/lib/libcryptoengine/tee_provider_common.h | 1 + - core/lib/libcryptoengine/tee_ss_provider.c | 6 ++++++ - 3 files changed, 11 insertions(+) - -diff --git a/core/lib/libcryptoengine/tee_pka_provider.c b/core/lib/libcryptoengine/tee_pka_provider.c -index 453bc31a..c5df6737 100644 ---- a/core/lib/libcryptoengine/tee_pka_provider.c -+++ b/core/lib/libcryptoengine/tee_pka_provider.c -@@ -20,6 +20,8 @@ static SSError_t pka_get_ecc_keysize(uint32_t curve, - static void userProcessCompletedFunc(CRYSError_t opStatus __unused, - void* pVerifContext __unused); - -+static struct mutex pka_ecdsa_mutex = MUTEX_INITIALIZER; -+ - /* - * brief: Translate CRYS API AES error into SS provider error. - * -@@ -239,6 +241,7 @@ TEE_Result ss_ecc_verify_pka(struct ecc_public_key *key, const uint8_t *msg, - res = pka_get_ecc_digest(messageSizeInBytes, &eccHash); - } - -+ mutex_lock(&pka_ecdsa_mutex); - if (res == SS_SUCCESS) { - /* build public key */ - *publKeyIn_ptr = (uint8_t)CRYS_EC_PointUncompressed; -@@ -274,6 +277,7 @@ TEE_Result ss_ecc_verify_pka(struct ecc_public_key *key, const uint8_t *msg, - res = pka_translate_error_pka2ss_ecc(pka_res); - PROV_DMSG("Result: res=0x%08x\n", res); - } -+ mutex_unlock(&pka_ecdsa_mutex); - - ss_free((void *)publKeyX_ptr); - ss_free((void *)publKeyY_ptr); -diff --git a/core/lib/libcryptoengine/tee_provider_common.h b/core/lib/libcryptoengine/tee_provider_common.h -index 823c7bfa..ed2de568 100644 ---- a/core/lib/libcryptoengine/tee_provider_common.h -+++ b/core/lib/libcryptoengine/tee_provider_common.h -@@ -8,6 +8,7 @@ - - #include <crypto/crypto.h> - #include <tee/tee_cryp_utl.h> -+#include <kernel/mutex.h> - #include <mpalib.h> - #include <stdlib.h> - #include <string.h> -diff --git a/core/lib/libcryptoengine/tee_ss_provider.c b/core/lib/libcryptoengine/tee_ss_provider.c -index 77a12d7c..3e9f93a1 100644 ---- a/core/lib/libcryptoengine/tee_ss_provider.c -+++ b/core/lib/libcryptoengine/tee_ss_provider.c -@@ -282,6 +282,8 @@ static SSError_t ss_crys_aesccm_update(void *ctx, uint8_t *dataIn_ptr, - static void ss_backup_cb(enum suspend_to_ram_state state, uint32_t cpu_id); - static TEE_Result crypto_hw_init_crypto_engine(void); - -+static struct mutex secure_ecdsa_mutex = MUTEX_INITIALIZER; -+ - static SSError_t ss_crys_aes_update(void *ctx, uint8_t *dataIn_ptr, - uint32_t dataInSize, uint8_t *dataOut_ptr, CRYSError_t *crysRes) - { -@@ -3090,6 +3092,7 @@ TEE_Result crypto_hw_acipher_ecc_sign(struct ecc_keypair *key, - res = ss_get_ecc_digest(messageSizeInBytes, &eccHashMode); - } - -+ mutex_lock(&secure_ecdsa_mutex); - if (res == SS_SUCCESS) { - PROV_DMSG("CALL: CRYS_ECPKI_BuildPrivKey()\n"); - crys_res = CRYS_ECPKI_BuildPrivKey(domain_id, privKeySizeIn_ptr, -@@ -3107,6 +3110,7 @@ TEE_Result crypto_hw_acipher_ecc_sign(struct ecc_keypair *key, - res = ss_translate_error_crys2ss_ecc(crys_res); - PROV_DMSG("Result: crys_res=0x%08x -> res=0x%08x\n",crys_res,res); - } -+ mutex_unlock(&secure_ecdsa_mutex); - - ss_free((void *)signUserContext_ptr); - ss_free((void *)privKeySizeIn_ptr); -@@ -3193,6 +3197,7 @@ static SSError_t ss_ecc_verify_secure(struct ecc_public_key *key, - res = ss_get_ecc_digest(messageSizeInBytes, &eccHashMode); - } - -+ mutex_lock(&secure_ecdsa_mutex); - if (res == SS_SUCCESS) { - /* build public key */ - *publKeyIn_ptr = (uint8_t)CRYS_EC_PointUncompressed; -@@ -3217,6 +3222,7 @@ static SSError_t ss_ecc_verify_secure(struct ecc_public_key *key, - PROV_DMSG("Result: crys_res=0x%08x -> res=0x%08x\n", crys_res, - res); - } -+ mutex_unlock(&secure_ecdsa_mutex); - - ss_free((void *)publKeyX_ptr); - ss_free((void *)publKeyY_ptr); --- -2.14.1.windows.1 - |