aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--meta-rcar-gen3/recipes-bsp/optee/optee-os/0001-core-crypto-arm64-ce-update-AES-CBC-routines.patch178
-rw-r--r--meta-rcar-gen3/recipes-bsp/optee/optee-os_git.bb5
2 files changed, 180 insertions, 3 deletions
diff --git a/meta-rcar-gen3/recipes-bsp/optee/optee-os/0001-core-crypto-arm64-ce-update-AES-CBC-routines.patch b/meta-rcar-gen3/recipes-bsp/optee/optee-os/0001-core-crypto-arm64-ce-update-AES-CBC-routines.patch
new file mode 100644
index 0000000..570752e
--- /dev/null
+++ b/meta-rcar-gen3/recipes-bsp/optee/optee-os/0001-core-crypto-arm64-ce-update-AES-CBC-routines.patch
@@ -0,0 +1,178 @@
+From e77020396508fc086d7a4d6137388b116e4a662f Mon Sep 17 00:00:00 2001
+From: Jerome Forissier <jerome.forissier@linaro.org>
+Date: Tue, 12 Jun 2018 08:40:03 +0200
+Subject: [PATCH] core: crypto: arm64 ce: update AES CBC routines
+
+Update the Aarch64 Crypto Extension accelerated CBC encryption/decryption
+routines to the latest upstream implementation in the Linux kernel
+(v4.17-rc7).
+
+Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
+Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960)
+CC: Ard Biesheuvel <ard.biesheuvel@linaro.org>
+Fixes: https://github.com/OP-TEE/optee_os/issues/2355
+Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
+---
+ core/lib/libtomcrypt/src/ciphers/aes_armv8a_ce.c | 8 +--
+ .../src/ciphers/aes_modes_armv8a_ce_a64.S | 70 ++++++++++++----------
+ 2 files changed, 41 insertions(+), 37 deletions(-)
+
+diff --git a/core/lib/libtomcrypt/src/ciphers/aes_armv8a_ce.c b/core/lib/libtomcrypt/src/ciphers/aes_armv8a_ce.c
+index cd99e45..873435e 100644
+--- a/core/lib/libtomcrypt/src/ciphers/aes_armv8a_ce.c
++++ b/core/lib/libtomcrypt/src/ciphers/aes_armv8a_ce.c
+@@ -59,9 +59,9 @@ void ce_aes_ecb_encrypt(u8 out[], u8 const in[], u8 const rk[], int rounds,
+ void ce_aes_ecb_decrypt(u8 out[], u8 const in[], u8 const rk[], int rounds,
+ int blocks, int first);
+ void ce_aes_cbc_encrypt(u8 out[], u8 const in[], u8 const rk[], int rounds,
+- int blocks, u8 iv[], int first);
++ int blocks, u8 iv[]);
+ void ce_aes_cbc_decrypt(u8 out[], u8 const in[], u8 const rk[], int rounds,
+- int blocks, u8 iv[], int first);
++ int blocks, u8 iv[]);
+ void ce_aes_ctr_encrypt(u8 out[], u8 const in[], u8 const rk[], int rounds,
+ int blocks, u8 ctr[], int first);
+ void ce_aes_xts_encrypt(u8 out[], u8 const in[], u8 const rk1[], int rounds,
+@@ -250,7 +250,7 @@ static int aes_cbc_encrypt_nblocks(const unsigned char *pt, unsigned char *ct,
+ rk = (u8 *)skey->rijndael.eK;
+
+ tomcrypt_arm_neon_enable(&state);
+- ce_aes_cbc_encrypt(ct, pt, rk, Nr, blocks, IV, 1);
++ ce_aes_cbc_encrypt(ct, pt, rk, Nr, blocks, IV);
+ tomcrypt_arm_neon_disable(&state);
+
+ return CRYPT_OK;
+@@ -273,7 +273,7 @@ static int aes_cbc_decrypt_nblocks(const unsigned char *ct, unsigned char *pt,
+ rk = (u8 *)skey->rijndael.dK;
+
+ tomcrypt_arm_neon_enable(&state);
+- ce_aes_cbc_decrypt(pt, ct, rk, Nr, blocks, IV, 1);
++ ce_aes_cbc_decrypt(pt, ct, rk, Nr, blocks, IV);
+ tomcrypt_arm_neon_disable(&state);
+
+ return CRYPT_OK;
+diff --git a/core/lib/libtomcrypt/src/ciphers/aes_modes_armv8a_ce_a64.S b/core/lib/libtomcrypt/src/ciphers/aes_modes_armv8a_ce_a64.S
+index 04a4b06..58aa05e 100644
+--- a/core/lib/libtomcrypt/src/ciphers/aes_modes_armv8a_ce_a64.S
++++ b/core/lib/libtomcrypt/src/ciphers/aes_modes_armv8a_ce_a64.S
+@@ -329,55 +329,61 @@ ENDPROC(ce_aes_ecb_decrypt)
+
+ /*
+ * aes_cbc_encrypt(u8 out[], u8 const in[], u8 const rk[], int rounds,
+- * int blocks, u8 iv[], int first)
++ * int blocks, u8 iv[])
+ * aes_cbc_decrypt(u8 out[], u8 const in[], u8 const rk[], int rounds,
+- * int blocks, u8 iv[], int first)
++ * int blocks, u8 iv[])
+ */
+
+ ENTRY(ce_aes_cbc_encrypt)
+- cbz w6, .Lcbcencloop
+-
+- ld1 {v0.16b}, [x5] /* get iv */
+- enc_prepare w3, x2, x5
++ ld1 {v4.16b}, [x5] /* get iv */
++ enc_prepare w3, x2, x6
+
++.Lcbcencloop4x:
++ subs w4, w4, #4
++ bmi .Lcbcenc1x
++ ld1 {v0.16b-v3.16b}, [x1], #64 /* get 4 pt blocks */
++ eor v0.16b, v0.16b, v4.16b /* ..and xor with iv */
++ encrypt_block v0, w3, x2, x6, w7
++ eor v1.16b, v1.16b, v0.16b
++ encrypt_block v1, w3, x2, x6, w7
++ eor v2.16b, v2.16b, v1.16b
++ encrypt_block v2, w3, x2, x6, w7
++ eor v3.16b, v3.16b, v2.16b
++ encrypt_block v3, w3, x2, x6, w7
++ st1 {v0.16b-v3.16b}, [x0], #64
++ mov v4.16b, v3.16b
++ b .Lcbcencloop4x
++.Lcbcenc1x:
++ adds w4, w4, #4
++ beq .Lcbcencout
+ .Lcbcencloop:
+- ld1 {v1.16b}, [x1], #16 /* get next pt block */
+- eor v0.16b, v0.16b, v1.16b /* ..and xor with iv */
+- encrypt_block v0, w3, x2, x5, w6
+- st1 {v0.16b}, [x0], #16
++ ld1 {v0.16b}, [x1], #16 /* get next pt block */
++ eor v4.16b, v4.16b, v0.16b /* ..and xor with iv */
++ encrypt_block v4, w3, x2, x6, w7
++ st1 {v4.16b}, [x0], #16
+ subs w4, w4, #1
+ bne .Lcbcencloop
+- st1 {v0.16b}, [x5] /* save iv for later */
++.Lcbcencout:
++ st1 {v4.16b}, [x5] /* return iv */
+ ret
+ ENDPROC(ce_aes_cbc_encrypt)
+
+
+ ENTRY(ce_aes_cbc_decrypt)
+- FRAME_PUSH
+- cbz w6, .LcbcdecloopNx
++ stp x29, x30, [sp, #-16]!
++ mov x29, sp
+
+ ld1 {v7.16b}, [x5] /* get iv */
+- dec_prepare w3, x2, x5
++ dec_prepare w3, x2, x6
+
+ .LcbcdecloopNx:
+-#if INTERLEAVE >= 2
+- subs w4, w4, #INTERLEAVE
++ subs w4, w4, #4
+ bmi .Lcbcdec1x
+-#if INTERLEAVE == 2
+- ld1 {v0.16b-v1.16b}, [x1], #32 /* get 2 ct blocks */
+- mov v2.16b, v0.16b
+- mov v3.16b, v1.16b
+- do_decrypt_block2x
+- eor v0.16b, v0.16b, v7.16b
+- eor v1.16b, v1.16b, v2.16b
+- mov v7.16b, v3.16b
+- st1 {v0.16b-v1.16b}, [x0], #32
+-#else
+ ld1 {v0.16b-v3.16b}, [x1], #64 /* get 4 ct blocks */
+ mov v4.16b, v0.16b
+ mov v5.16b, v1.16b
+ mov v6.16b, v2.16b
+- do_decrypt_block4x
++ bl aes_decrypt_block4x
+ sub x1, x1, #16
+ eor v0.16b, v0.16b, v7.16b
+ eor v1.16b, v1.16b, v4.16b
+@@ -385,24 +391,22 @@ ENTRY(ce_aes_cbc_decrypt)
+ eor v2.16b, v2.16b, v5.16b
+ eor v3.16b, v3.16b, v6.16b
+ st1 {v0.16b-v3.16b}, [x0], #64
+-#endif
+ b .LcbcdecloopNx
+ .Lcbcdec1x:
+- adds w4, w4, #INTERLEAVE
++ adds w4, w4, #4
+ beq .Lcbcdecout
+-#endif
+ .Lcbcdecloop:
+ ld1 {v1.16b}, [x1], #16 /* get next ct block */
+ mov v0.16b, v1.16b /* ...and copy to v0 */
+- decrypt_block v0, w3, x2, x5, w6
++ decrypt_block v0, w3, x2, x6, w7
+ eor v0.16b, v0.16b, v7.16b /* xor with iv => pt */
+ mov v7.16b, v1.16b /* ct is next iv */
+ st1 {v0.16b}, [x0], #16
+ subs w4, w4, #1
+ bne .Lcbcdecloop
+ .Lcbcdecout:
+- st1 {v1.16b}, [x5] /* save iv for later */
+- FRAME_POP
++ st1 {v7.16b}, [x5] /* return iv */
++ ldp x29, x30, [sp], #16
+ ret
+ ENDPROC(ce_aes_cbc_decrypt)
+
+--
+2.7.4
+
diff --git a/meta-rcar-gen3/recipes-bsp/optee/optee-os_git.bb b/meta-rcar-gen3/recipes-bsp/optee/optee-os_git.bb
index 81ba4c4..8c1b18d 100644
--- a/meta-rcar-gen3/recipes-bsp/optee/optee-os_git.bb
+++ b/meta-rcar-gen3/recipes-bsp/optee/optee-os_git.bb
@@ -14,12 +14,13 @@ PV = "3.1.0+renesas+git${SRCPV}"
BRANCH = "rcar_gen3"
SRCREV_renesas = "c3f73c1e8667a829e085c6d2c4d8a6ff1ec3d213"
-SRCREV_officialgit = "e77020396508fc086d7a4d6137388b116e4a662f"
+SRCREV_officialgit = "0ab9388c0d553a6bb5ae04e41b38ba40cf0474bf"
SRCREV_FORMAT = "renesas_officialgit"
SRC_URI = " \
git://github.com/renesas-rcar/optee_os.git;branch=${BRANCH};name=renesas \
git://github.com/OP-TEE/optee_os.git;branch=master;name=officialgit;destsuffix=git_official \
+ file://0001-core-crypto-arm64-ce-update-AES-CBC-routines.patch;patchdir=../git_official \
"
COMPATIBLE_MACHINE = "(salvator-x|h3ulcb|m3ulcb|m3nulcb|ebisu)"
@@ -40,8 +41,6 @@ S = "${WORKDIR}/git"
EXTRA_OEMAKE = "-e MAKEFLAGS="
do_configure() {
- git -C ${WORKDIR}/git_official checkout -B official 3.1.0
- git -C ${WORKDIR}/git_official cherry-pick ${SRCREV_officialgit}
cp -rn ${WORKDIR}/git_official/core/lib/libtomcrypt ${B}/core/lib/.
}