4 years agoREADME: Add DEPRECATED notice for this repository ti-optee-client 07.00.00.002 07.00.00.003 07.00.00.004 07.00.00.005 07.01.00.001 07.01.00.002 07.01.00.003 07.01.00.004 07.01.00.005 07.01.00.006 07.02.00.002 07.02.00.003 07.02.00.004 07.03.00.000 07.03.00.001 07.03.00.002 07.03.00.003 07.03.00.004 07.03.00.005 08.00.00.000 08.00.00.001 08.00.00.002 08.00.00.003 08.00.00.004 08.01.00.001 08.01.00.002 08.01.00.003 08.01.00.004 08.01.00.005 08.01.00.006 08.02.00.001 08.02.00.002 08.02.00.003 08.02.00.004 08.02.00.005 08.02.00.006 08.03.00.001 08.03.00.002 08.03.00.003 08.03.00.004 08.03.00.005 08.04.00.001 08.04.00.002 2021.00.001 2021.00.002 2021.00.003 ti2020.01.00
README: Add DEPRECATED notice for this repository
Signed-off-by: Andrew F. Davis <afd@ti.com>
Signed-off-by: Andrew F. Davis <afd@ti.com>
libteec: report out of bound memory references from client library
Change teec_pre_process_partial() to reject out of bound memref
invocation parameters before TEE is invoked.
This change is needed in case dynamic SHM is disabled in which case
memory reference used as TEE invocation parameters may have been
allocated using a wider buffer than the one provided by client. In
such case, TEE may not able to detect out of bound references
since original client buffer very location (start and size) do not
reach the TEE.
Fixes: https://github.com/OP-TEE/optee_test/issues/410
Reported-by: Sumit Garg <sumit.garg@linaro.org>
Suggested-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Change teec_pre_process_partial() to reject out of bound memref
invocation parameters before TEE is invoked.
This change is needed in case dynamic SHM is disabled in which case
memory reference used as TEE invocation parameters may have been
allocated using a wider buffer than the one provided by client. In
such case, TEE may not able to detect out of bound references
since original client buffer very location (start and size) do not
reach the TEE.
Fixes: https://github.com/OP-TEE/optee_test/issues/410
Reported-by: Sumit Garg <sumit.garg@linaro.org>
Suggested-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
libckteec: querying slot count returns with success
Change C_GetSlotList() wrapper function ck_slot_get_list() to
return CKR_OK when caller queries slot count providing a NULL
output slot list buffer reference.
This change simplifies somewhat ck_slot_get_list() using the pattern
implemented in ck_token_mechanism_ids() to handle return value provided
by the TA.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Change C_GetSlotList() wrapper function ck_slot_get_list() to
return CKR_OK when caller queries slot count providing a NULL
output slot list buffer reference.
This change simplifies somewhat ck_slot_get_list() using the pattern
implemented in ck_token_mechanism_ids() to handle return value provided
by the TA.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: fix buggy shm registration when getting mechanism ids
Fix ck_token_mechanism_ids() that registered caller client buffer
to get mechanism IDs whereas mechanisms are copied to that buffer
when converted into client ABI (32b/64b).
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Fix ck_token_mechanism_ids() that registered caller client buffer
to get mechanism IDs whereas mechanisms are copied to that buffer
when converted into client ABI (32b/64b).
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: register all required functions
Fix libckteec as per PKCS#11 specification that states functions not
supported by the library should still be defined and referenced
in the function list returned by C_GetFunctionList() and return
an applicable CKR_ error code.
Reported-by: Ricardo Salveti <ricardo@foundries.io>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Fix libckteec as per PKCS#11 specification that states functions not
supported by the library should still be defined and referenced
in the function list returned by C_GetFunctionList() and return
an applicable CKR_ error code.
Reported-by: Ricardo Salveti <ricardo@foundries.io>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: debug: fix string ids for md5 and vendor defined
Remove CKM_VENDOR_DEFINED as a known mechanism as it is only a bit flag
tagging custom mechanisms not listed in the PKCS#11 specification.
Move CKM_MD5 to where is belongs to according to ordering used in
pkcs11.h header file.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Remove CKM_VENDOR_DEFINED as a known mechanism as it is only a bit flag
tagging custom mechanisms not listed in the PKCS#11 specification.
Move CKM_MD5 to where is belongs to according to ordering used in
pkcs11.h header file.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: add special values used for ulong values
Define IDs CK_UNAVAILABLE_INFORMATION and CK_EFFECTIVELY_INFINITE
defined by the PKCS#11 specification.
Signed-off-by: Ricardo Salveti <ricardo@foundries.io>
[etienne: fix minor port conflict, rework commit log]
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Define IDs CK_UNAVAILABLE_INFORMATION and CK_EFFECTIVELY_INFINITE
defined by the PKCS#11 specification.
Signed-off-by: Ricardo Salveti <ricardo@foundries.io>
[etienne: fix minor port conflict, rework commit log]
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: fix return code for C_GetFunctionStatus()/C_CancelFunction()
PKCS#11 specification requires C_GetFunctionStatus() and
C_CancelFunction() to return CKR_FUNCTION_NOT_PARALLEL when parallel
processing is not supported, not CKR_FUNCTION_NOT_SUPPORTED.
Signed-off-by: Ricardo Salveti <ricardo@foundries.io>
[etienne: fix minor port conflict, rework commit log]
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
PKCS#11 specification requires C_GetFunctionStatus() and
C_CancelFunction() to return CKR_FUNCTION_NOT_PARALLEL when parallel
processing is not supported, not CKR_FUNCTION_NOT_SUPPORTED.
Signed-off-by: Ricardo Salveti <ricardo@foundries.io>
[etienne: fix minor port conflict, rework commit log]
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: C_Finalize: validate input arguments
Change libckteec as per PKCS#11 specification that requires
C_Finalize() argument pReserved to be NULL.
Signed-off-by: Ricardo Salveti <ricardo@foundries.io>
[etienne: fix minor port conflict, rework commit log]
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Change libckteec as per PKCS#11 specification that requires
C_Finalize() argument pReserved to be NULL.
Signed-off-by: Ricardo Salveti <ricardo@foundries.io>
[etienne: fix minor port conflict, rework commit log]
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: C_Initialize: validate input arguments
Change libckteec as per PKCS#11 specification that requires
C_Initialize() argument pInitArgs::reserved to be NULL.
Signed-off-by: Ricardo Salveti <ricardo@foundries.io>
[etienne: fix minor port conflict, rework commit log]
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Change libckteec as per PKCS#11 specification that requires
C_Initialize() argument pInitArgs::reserved to be NULL.
Signed-off-by: Ricardo Salveti <ricardo@foundries.io>
[etienne: fix minor port conflict, rework commit log]
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec/libteec: move LFLAGS to end of call
At least Yocto and ptxdist provide the option to invoke the linker with
-Wl,--as-needed, which will only mark the libraries as needed if they
are used by the binary or library. However this assumes that the object
files are passed before the shared libraries, move the LFLAGS for
libctkteec and libteec to the end of linker invocation to support this.
Signed-off-by: Rouven Czerwinski <rouven@czerwinskis.de>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
At least Yocto and ptxdist provide the option to invoke the linker with
-Wl,--as-needed, which will only mark the libraries as needed if they
are used by the binary or library. However this assumes that the object
files are passed before the shared libraries, move the LFLAGS for
libctkteec and libteec to the end of linker invocation to support this.
Signed-off-by: Rouven Czerwinski <rouven@czerwinskis.de>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
tee-supplicant: cast to __u64 to avoid potential overflow
If request->send.num_params is assigned a large value, there could be
an overflow when computing data.buf_len. Cast to __u64 to avoid a
32-bit computation.
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reported-by: Keping Hu <hukeping@huawei.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
If request->send.num_params is assigned a large value, there could be
an overflow when computing data.buf_len. Cast to __u64 to avoid a
32-bit computation.
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reported-by: Keping Hu <hukeping@huawei.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: sync with pkcs11 ta api for token flags and user id
Sync with PKCS11 TA API update from [1] for enum pkcs11_user_type and
from [2] for token flags fixup.
Link: [1] https://github.com/OP-TEE/optee_os/commit/9dbdd8cd750206c92b34c645fff365bea4485313
Link: [2] https://github.com/OP-TEE/optee_os/commit/b4f1a77e7bc2639ab4eb611614d379f5809343b7
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Sync with PKCS11 TA API update from [1] for enum pkcs11_user_type and
from [2] for token flags fixup.
Link: [1] https://github.com/OP-TEE/optee_os/commit/9dbdd8cd750206c92b34c645fff365bea4485313
Link: [2] https://github.com/OP-TEE/optee_os/commit/b4f1a77e7bc2639ab4eb611614d379f5809343b7
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
libckteec: fix unexpected tabulation in C_GetInfo() wrapper
Remove unexpected tabulation before initialization value in function
ck_get_info().
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Remove unexpected tabulation before initialization value in function
ck_get_info().
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
libckteec: implement C_OpenSession() and session fiends
Implement API function C_OpenSession(), C_CloseSession(),
C_CloseAllSessions() and C_GetSessionInfo() for session management.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Implement API function C_OpenSession(), C_CloseSession(),
C_CloseAllSessions() and C_GetSessionInfo() for session management.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: debug string helpers for session flags and state
Define debug string helpers for session flag and state IDs.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Define debug string helpers for session flag and state IDs.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: sync with pkcs11 ta api for session commands
Synchronize with PKCS11 TA API for support of session commands [1].
This change defines session flags and state used by the PKCS11 TA.
[1] https://github.com/OP-TEE/optee_os/pull/3690
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Synchronize with PKCS11 TA API for support of session commands [1].
This change defines session flags and state used by the PKCS11 TA.
[1] https://github.com/OP-TEE/optee_os/pull/3690
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
libutee: flag NULL pointer using invalid shm id
Referring to GPTS test suite v2.0.0.1-2016-11-09 id de-14-33
Refer to the TEEC_RegisterSharedMemory function for error conditions
which can be triggered during temporary registration of a memory region.
The CA needs to be able to send a null pointer to the TA. Previously
this was done by allocating a block of shared memory but setting the
size to 0. This did not allow sending a non-NULL pointer with size 0,
this failing GPTS tests.
This change flags a NULL pointer with an invalid shared memory id rather
than size 0.
Add new context capability "memref_null" in the TEEC_Context
structure to handle the support of the shared memory buffer
with a NULL pointer.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Michael Whitfield <michael.whitfield@nxp.com>
Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Referring to GPTS test suite v2.0.0.1-2016-11-09 id de-14-33
Refer to the TEEC_RegisterSharedMemory function for error conditions
which can be triggered during temporary registration of a memory region.
The CA needs to be able to send a null pointer to the TA. Previously
this was done by allocating a block of shared memory but setting the
size to 0. This did not allow sending a non-NULL pointer with size 0,
this failing GPTS tests.
This change flags a NULL pointer with an invalid shared memory id rather
than size 0.
Add new context capability "memref_null" in the TEEC_Context
structure to handle the support of the shared memory buffer
with a NULL pointer.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Michael Whitfield <michael.whitfield@nxp.com>
Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
libckteec: rename label bail into out in command handlers
Prefer label out over bail for fast exit path in TA command handlers.
Fixes: commit 682bde7f5976 ("libckteec: implement C_GetSlotInfo()")
Fixes: commit c8453190a8cd ("libckteec: implement C_GetTokenInfo()")
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Prefer label out over bail for fast exit path in TA command handlers.
Fixes: commit 682bde7f5976 ("libckteec: implement C_GetSlotInfo()")
Fixes: commit c8453190a8cd ("libckteec: implement C_GetTokenInfo()")
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: debug string helpers for slot/token flags and mechanism info
Define debug string helpers for slot flag info, token flag info
and mechanism info.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Define debug string helpers for slot flag info, token flag info
and mechanism info.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: implement C_GetMechanismInfo()
Implement API function C_GetMechanismInfo() to retrieve information
about mechanism implemented or not by the PKCS11 TA.
Helper function ta2ck_mechanism_info() converts mechanism information
data from TA API into compliant Cryptoki API.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Implement API function C_GetMechanismInfo() to retrieve information
about mechanism implemented or not by the PKCS11 TA.
Helper function ta2ck_mechanism_info() converts mechanism information
data from TA API into compliant Cryptoki API.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: implement C_GetMechanismList()
Implement API function C_GetMechanismList().
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Implement API function C_GetMechanismList().
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: sync with pkcs11 ta api for mechanism info
Synchronize with PKCS11 TA API for mechanism information retrieve [1].
This change defines mechanism flags and IDs for the targeted mechanisms
supported by the PKCS11 TA.
[1] https://github.com/OP-TEE/optee_os/pull/3667
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Synchronize with PKCS11 TA API for mechanism information retrieve [1].
This change defines mechanism flags and IDs for the targeted mechanisms
supported by the PKCS11 TA.
[1] https://github.com/OP-TEE/optee_os/pull/3667
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: better handle null size buffer in C_GetSlotList()
When caller of C_GetSlotList() provides a non-NULL buffer reference
with a count value of zero, the TA gets invoked with a null buffer
reference in the OP-TEE shared memory, hence it will return CKR_OK
status since it legitimately only returns the count information. This
change makes ckteec library to return CKR_BUFFER_TOO_SMALL as
per PKCS#11 specification.
This change also fixes C_GetSlotList() that, prior to this change,
would have returned CKR_ARGUMENTS_BAD upon NULL buffer and non-zero
count value whereas specification says that "The contents of *pulCount
on entry to C_GetSlotList has no meaning in this case (...)".
Fixes: 4dc4081da3e3 ("libckteec: implement C_GetSlotList()")
Reported-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
When caller of C_GetSlotList() provides a non-NULL buffer reference
with a count value of zero, the TA gets invoked with a null buffer
reference in the OP-TEE shared memory, hence it will return CKR_OK
status since it legitimately only returns the count information. This
change makes ckteec library to return CKR_BUFFER_TOO_SMALL as
per PKCS#11 specification.
This change also fixes C_GetSlotList() that, prior to this change,
would have returned CKR_ARGUMENTS_BAD upon NULL buffer and non-zero
count value whereas specification says that "The contents of *pulCount
on entry to C_GetSlotList has no meaning in this case (...)".
Fixes: 4dc4081da3e3 ("libckteec: implement C_GetSlotList()")
Reported-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: implement C_GetTokenInfo()
Implement C_GetTokenInfo() API function to retrieve information about
a token implemented by the PKCS11 TA.
Helper function ta2ck_token_info() converts token information data from
TA API into compliant Cryptoki API.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Implement C_GetTokenInfo() API function to retrieve information about
a token implemented by the PKCS11 TA.
Helper function ta2ck_token_info() converts token information data from
TA API into compliant Cryptoki API.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: implement C_GetSlotInfo()
Implement C_GetSlotInfo() API function to retrieve information about
a slot implemented by the PKCS11 TA.
Helper function ta2ck_slot_info() converts slot information data from
TA API into compliant Cryptoki API.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Implement C_GetSlotInfo() API function to retrieve information about
a slot implemented by the PKCS11 TA.
Helper function ta2ck_slot_info() converts slot information data from
TA API into compliant Cryptoki API.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: implement C_GetSlotList()
Implement C_GetSlotList() API function for client to retrieve the IDs
if the slots implemented by the PKCS11 TA.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Implement C_GetSlotList() API function for client to retrieve the IDs
if the slots implemented by the PKCS11 TA.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: implement C_GetInfo()
Implement C_GetInfo() API function for client to retrieve information
from the Cryptoki library.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Implement C_GetInfo() API function for client to retrieve information
from the Cryptoki library.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: remove prototype for deprecated teec2ck_rv()
Remove declaration of teec2ck_rv() that was deprecated in commit referred
below.
Fixes: 57f1a7962509 ("libckteec: fix CK return value on unexpected TEE error")
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Remove declaration of teec2ck_rv() that was deprecated in commit referred
below.
Fixes: 57f1a7962509 ("libckteec: fix CK return value on unexpected TEE error")
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: sync with pkcs11 ta api for slot/token info
Synchronize with PKCS11 TA API for slot/token information retrieve
merged in [1]. This change moves TA command IDs from macro definitions
into an enumerated type. This change also defines structure for
slot/token information client application can retrieve from the
PKCS11 TA.
Link: [1] https://github.com/OP-TEE/optee_os/commit/a67dc424ff106301a7729469d649eb1cf8bc8a40
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Synchronize with PKCS11 TA API for slot/token information retrieve
merged in [1]. This change moves TA command IDs from macro definitions
into an enumerated type. This change also defines structure for
slot/token information client application can retrieve from the
PKCS11 TA.
Link: [1] https://github.com/OP-TEE/optee_os/commit/a67dc424ff106301a7729469d649eb1cf8bc8a40
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: print debug string id on unexpected return value
Print the string identifier for unexpected value returned by
Cryptoki API functions.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Print the string identifier for unexpected value returned by
Cryptoki API functions.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: debug helpers for PKCS#11 IDs as strings
ck_debug.c implements other of such functions to trace PKCS#11
IDs from their label rather than from their numerical value.
Exported header file ck_debug.h describes the functions provided
by libckteec. The functions are label ck<something>2str(<arglist>).
First helper ckr2str() converts PKCS#11 error codes CKR_* into strings.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
ck_debug.c implements other of such functions to trace PKCS#11
IDs from their label rather than from their numerical value.
Exported header file ck_debug.h describes the functions provided
by libckteec. The functions are label ck<something>2str(<arglist>).
First helper ckr2str() converts PKCS#11 error codes CKR_* into strings.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: helper for ckteec_invoke_ta()
Add helper functions ckteec_invoke_ctrl(), ckteec_invoke_ctrl_in()
and ckteec_invoke_ctrl_out() when called with ctrl (param#0) buffer
and either no data, an input data reference or an output data
reference.
Note that ckteec_invoke_ctrl_in() and ckteec_invoke_ctrl_out() the
data buffer reference to be non NULL.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Add helper functions ckteec_invoke_ctrl(), ckteec_invoke_ctrl_in()
and ckteec_invoke_ctrl_out() when called with ctrl (param#0) buffer
and either no data, an input data reference or an output data
reference.
Note that ckteec_invoke_ctrl_in() and ckteec_invoke_ctrl_out() the
data buffer reference to be non NULL.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: correct ckteec_invoke_ta() arguments for output data sizes
Arguments param#2 and param#3 can refer to output data buffer. The
effective output data size info is provided by the TA to libckteec
but current implementation make caller of ckteec_invoke_ta() not able
to get this information.
As a consequence, this change adds out2_size and out3_size arguments
to ckteec_invoke_ta() which can be used as effective output data size
reference when related param#2 and/or param#3 refer to output data.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Arguments param#2 and param#3 can refer to output data buffer. The
effective output data size info is provided by the TA to libckteec
but current implementation make caller of ckteec_invoke_ta() not able
to get this information.
As a consequence, this change adds out2_size and out3_size arguments
to ckteec_invoke_ta() which can be used as effective output data size
reference when related param#2 and/or param#3 refer to output data.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: fix CK return value on unexpected TEE error
When TA returns with an unexpected status, CK library shall report
error CKR_DEVICE_ERROR rather than CKR_FUNCTION_FAILED.
As teec2ck_rv() is used only from invoke_ta(), remove it from
ck_helpers.c.
Fixes: 1e04717835ba ("libckteec: helpers for Cryptoki/PKCS11 TA IDs conversion")
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
When TA returns with an unexpected status, CK library shall report
error CKR_DEVICE_ERROR rather than CKR_FUNCTION_FAILED.
As teec2ck_rv() is used only from invoke_ta(), remove it from
ck_helpers.c.
Fixes: 1e04717835ba ("libckteec: helpers for Cryptoki/PKCS11 TA IDs conversion")
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: get cryptoki return value from the TA
PKCS11 TA outputs a return value together with the GPD TEE return
code. When GPD TEE return code from the TA is TEEC_SUCCESS then
param#0 which is always an output memory reference provides a fine
return value the library can convert into a compliant PKCS#11
CKR_xxx ID.
This change updates ping command and generic ckteec_invoke_ta()
accordingly.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
PKCS11 TA outputs a return value together with the GPD TEE return
code. When GPD TEE return code from the TA is TEEC_SUCCESS then
param#0 which is always an output memory reference provides a fine
return value the library can convert into a compliant PKCS#11
CKR_xxx ID.
This change updates ping command and generic ckteec_invoke_ta()
accordingly.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: sync with pkcs11 ta api for return code
Synchronize with PKCS11 TA API for invoked command return status [1].
[1] https://github.com/OP-TEE/optee_os/pull/3582
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Synchronize with PKCS11 TA API for invoked command return status [1].
[1] https://github.com/OP-TEE/optee_os/pull/3582
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
ci: travis: Use proper construct for full clone
As per the Travis docs at
https://docs.travis-ci.com/user/customizing-the-build#git-clone-depth to
avoid performing git clones with limited depth, the depth should be set
to "false", not to a large magic number.
Signed-off-by: David Brown <david.brown@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
As per the Travis docs at
https://docs.travis-ci.com/user/customizing-the-build#git-clone-depth to
avoid performing git clones with limited depth, the depth should be set
to "false", not to a large magic number.
Signed-off-by: David Brown <david.brown@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
4 years agolibckteec: use PRIu32 instead of casts ti2020-rc1 ti2020.00 ti2020.00-rc1 ti2020.00-rc2 ti2020.00-rc3 ti2020.00-rc4
libckteec: use PRIu32 instead of casts
Use PRIu32 specifiers in debug trace instead of casting the
traced values.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Use PRIu32 specifiers in debug trace instead of casting the
traced values.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: Makefile: add missing dependency
libckteec depends on libteec, therefore the build-libckteec target
needs to have build-libteec as a prerequisite.
Fixes the following build error:
$ make -j`nproc`
[...]
<...>/bin/ld: cannot find -lteec
collect2: error: ld returned 1 exit status
Makefile:47: recipe for target '<...>/libckteec.so.0.1.0' failed
make[2]: *** [<...>/libckteec.so.0.1.0] Error 1
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Joakim Bech <joakim.bech@linaro.org> (QEMU)
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
libckteec depends on libteec, therefore the build-libckteec target
needs to have build-libteec as a prerequisite.
Fixes the following build error:
$ make -j`nproc`
[...]
<...>/bin/ld: cannot find -lteec
collect2: error: ld returned 1 exit status
Makefile:47: recipe for target '<...>/libckteec.so.0.1.0' failed
make[2]: *** [<...>/libckteec.so.0.1.0] Error 1
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Joakim Bech <joakim.bech@linaro.org> (QEMU)
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
libckteec: invocation api function to register shared memory
Add new API function ckteec_register_shm() to register in OP-TEE OS
a piece of Linux userland memory which a PKCS11 TA service will access
to, as an input data or output data buffer in a cryptography ciphering
sequence.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Add new API function ckteec_register_shm() to register in OP-TEE OS
a piece of Linux userland memory which a PKCS11 TA service will access
to, as an input data or output data buffer in a cryptography ciphering
sequence.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: assert api init/release functions return value compliance
For sanity of the library and service implementation, assert the
CKR_* return value before returning to caller from CK API functions.
This change asserts return values for C_Initialize() and C_Finalize().
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
For sanity of the library and service implementation, assert the
CKR_* return value before returning to caller from CK API functions.
This change asserts return values for C_Initialize() and C_Finalize().
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: helper to assert return value of cryptoki api functions
Add helpers for assertion of the return values of the Cryptoki API
functions regarding the specification. This change also adds a
debug trace in the stderr channel when assertion fails.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Add helpers for assertion of the return values of the Cryptoki API
functions regarding the specification. This change also adds a
debug trace in the stderr channel when assertion fails.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: sanity on APIs regarding library initialization
PKCS#11 specifies library must be initialized prior being used
but for 2 API functions, C_Initialize() and C_GetFunctionList().
Library initialization first invokes the PKCS11 TA and check its
availability and version information.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
PKCS#11 specifies library must be initialized prior being used
but for 2 API functions, C_Initialize() and C_GetFunctionList().
Library initialization first invokes the PKCS11 TA and check its
availability and version information.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: generic invocation of the PKCS11 TA
Library opens a single TEE session against the PKCS11 TA regardless of
the PKCS#11 token reached in the TA.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Library opens a single TEE session against the PKCS11 TA regardless of
the PKCS#11 token reached in the TA.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: helpers for Cryptoki/PKCS11 TA IDs conversion
The PKCS11 TA uses IDs that mostly relate to defined PKCS#11 IDs
but with different numerical value. These helpers convert PKCS#11
IDs into/from PKCS11 TA IDs.
This change introduces conversion from GPD TEE Client error codes
into CryptoKi return values.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
The PKCS11 TA uses IDs that mostly relate to defined PKCS#11 IDs
but with different numerical value. These helpers convert PKCS#11
IDs into/from PKCS11 TA IDs.
This change introduces conversion from GPD TEE Client error codes
into CryptoKi return values.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: introduce minimal PKCS11 TA API
Introduce the PKCS11 TA API (pkcs11_ta.h) with only 1 command defined
and the PKCS11 return code values.
Command PKCS11_CMD_PING is used when initializing the library to check
PKCS11 TA availability and compatibility (version info).
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Introduce the PKCS11 TA API (pkcs11_ta.h) with only 1 command defined
and the PKCS11 return code values.
Command PKCS11_CMD_PING is used when initializing the library to check
PKCS11 TA availability and compatibility (version info).
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: implement C_GetFunctionList()
C_GetFunctionList() returns the list of the functions supported by
the PKCS#11 implementation.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
C_GetFunctionList() returns the list of the functions supported by
the PKCS#11 implementation.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: local utilities
Define ARRAY_SIZE() helper macros for library internal purposes.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Define ARRAY_SIZE() helper macros for library internal purposes.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: fully stubbed cryptoki API
Define the few platform macros expected by the cryptolib header files.
Initial source file: the API functions from pkcs11_api.c.
Builds from Makefile or from CMake.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Define the few platform macros expected by the cryptolib header files.
Initial source file: the API functions from pkcs11_api.c.
Builds from Makefile or from CMake.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
libckteec: Introduce PKCS#11 API (2.40-e01) header
Library ckteec will implement the PKCS#11 API using the PKCS11 trusted
application executing in OP-TEE as backend token.
Implement pkcs11.h header file that partially covers the PKCS#11
specification. Resources initially planned to be supported are defined.
The header will need to be updated with remaining PKCS#11 definition
when related support will be implemented.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Library ckteec will implement the PKCS#11 API using the PKCS11 trusted
application executing in OP-TEE as backend token.
Implement pkcs11.h header file that partially covers the PKCS#11
specification. Resources initially planned to be supported are defined.
The header will need to be updated with remaining PKCS#11 definition
when related support will be implemented.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
travis: run checkpatch on patches
Adds checks with checkpatch on new patches.
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Adds checks with checkpatch on new patches.
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
ftrace, gprof: fix format of UUID string in file name
Function prof_process() creates a file in /tmp which is named after
the UUID passed to the function. The format of the UUID is not the
usual one; a dash is missing. Add it.
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Function prof_process() creates a file in /tmp which is named after
the UUID passed to the function. The format of the UUID is not the
usual one; a dash is missing. Add it.
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
4 years agotee-supplicant: Rename ftrace config macro ti2019.05 ti2019.05-rc1 ti2019.05-rc2 ti2019.05-rc3 ti2019.05-rc4 ti2019.06 ti2019.06-rc1 ti2019.06-rc2 ti2019.06-rc3 ti2019.06-rc4 ti2019.06-rc5
tee-supplicant: Rename ftrace config macro
Rename ftrace config macro from CFG_TA_FTRACE_SUPPORT to
CFG_FTRACE_SUPPORT as now with syscall function graph feature,
scope of ftrace has been enlarged to profile OP-TEE core as well.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Rename ftrace config macro from CFG_TA_FTRACE_SUPPORT to
CFG_FTRACE_SUPPORT as now with syscall function graph feature,
scope of ftrace has been enlarged to profile OP-TEE core as well.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
rpmb: add DMSG to print dev_id
Print dev_id as a sanity check during debugging.
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Print dev_id as a sanity check during debugging.
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
rmpb: update AOSP RPMB device path
kernel 4.14[1] enumerates RPMB devices on /dev/block/ but 4.19[2]
does them on /dev/.
LINK: [1] https://android-git.linaro.org/kernel/hikey-linaro.git/log/?h=android-hikey-linaro-4.14
LINK: [2] https://android-git.linaro.org/kernel/hikey-linaro.git/log/?h=android-hikey-linaro-4.19
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
kernel 4.14[1] enumerates RPMB devices on /dev/block/ but 4.19[2]
does them on /dev/.
LINK: [1] https://android-git.linaro.org/kernel/hikey-linaro.git/log/?h=android-hikey-linaro-4.14
LINK: [2] https://android-git.linaro.org/kernel/hikey-linaro.git/log/?h=android-hikey-linaro-4.19
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
rpmb emu: increase EMU_RPMB_SIZE_MULT to 2
This increases the total RPMB size to 2*128 kB. Without this, 6018 will
fail when 'xtest' is run using the 'test' account.
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Tested-by: Victor Chong <victor.chong@linaro.org> (QEMU v8)
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
This increases the total RPMB size to 2*128 kB. Without this, 6018 will
fail when 'xtest' is run using the 'test' account.
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Tested-by: Victor Chong <victor.chong@linaro.org> (QEMU v8)
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
rpmb emu: fix ioctl return type
The RPMB spec defines return results of commands as a single byte
value. A result from an ioctl call for a command is stored in
'op_result' of 'struct rpmb_data_frame', which is of type 'uint16_t',
which corresponds to 'uint8_t op_result[2]' of 'struct rpmb_data_frame'
in 'optee_os', with the single byte result stored @ index 1 of the
2-element byte array since data transfer is MSB first, so we need to
convert the return results into the proper uint16_t values.
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
The RPMB spec defines return results of commands as a single byte
value. A result from an ioctl call for a command is stored in
'op_result' of 'struct rpmb_data_frame', which is of type 'uint16_t',
which corresponds to 'uint8_t op_result[2]' of 'struct rpmb_data_frame'
in 'optee_os', with the single byte result stored @ index 1 of the
2-element byte array since data transfer is MSB first, so we need to
convert the return results into the proper uint16_t values.
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
rpmb emu: remove gratuitous line
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
rpmb emu: return RPMB_RESULT_AUTH_KEY_NOT_PROGRAMMED if key not set
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
rpmb: add missing defines for RPMB results
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
tee-supplicant: default enable ftrace a gprof
By default enables ftrace and gprof dumping. Not used unless secure
world decides to dump something.
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
By default enables ftrace and gprof dumping. Not used unless secure
world decides to dump something.
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Travis: install package libc6-dev-armhf-cross
Travis CI have switched their default distribution from Ubuntu 14.04.5
to 16.04.6. Now we have the following build error:
CC src/tee_client_api.c
In file included from /usr/include/errno.h:28:0,
from src/tee_client_api.c:28:
/usr/include/features.h:367:25: fatal error: sys/cdefs.h: No such file or directory
The missing file is in the libc6-dev-armhf-cross package.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Travis CI have switched their default distribution from Ubuntu 14.04.5
to 16.04.6. Now we have the following build error:
CC src/tee_client_api.c
In file included from /usr/include/errno.h:28:0,
from src/tee_client_api.c:28:
/usr/include/features.h:367:25: fatal error: sys/cdefs.h: No such file or directory
The missing file is in the libc6-dev-armhf-cross package.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
tee_client_api: fix typo in comment
Remove duplicate words.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Remove duplicate words.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
config.mk: get rid of CFG_TEE_LOGS_PATH
CFG_TEE_CLIENT_LOG_FILE was originally /data/teec.log. Commit 9a63135b
("Android.mk & config.mk: move teec.log/teesupp.log under /data/tee")
introduced CFG_TEE_LOGS_PATH which placed teec.log under
/data/tee/logs/, but in nowhere (here or build.git) do we create the
'logs' dir, so fopen /data/tee/logs/teec.log fails and teec.log is
never created. To make things simple, remove CFG_TEE_LOGS_PATH and
just place teec.log under /data/tee.
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
CFG_TEE_CLIENT_LOG_FILE was originally /data/teec.log. Commit 9a63135b
("Android.mk & config.mk: move teec.log/teesupp.log under /data/tee")
introduced CFG_TEE_LOGS_PATH which placed teec.log under
/data/tee/logs/, but in nowhere (here or build.git) do we create the
'logs' dir, so fopen /data/tee/logs/teec.log fails and teec.log is
never created. To make things simple, remove CFG_TEE_LOGS_PATH and
just place teec.log under /data/tee.
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
tee-supplicant: create profiling files with permission 0644
Profiling files are created in /tmp by tee-supplicant with permissions
0600 (-rw-------). In other words, only the owner of the file can
access it. This is a bit annoying because tee-supplicant typically runs
under a special user account ('tee') which is not normally used to log
into the system. As a result, the files are difficult to access when
debugging.
Change permissions to 0644 (-rw-r--r--) for easier access to the data.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Profiling files are created in /tmp by tee-supplicant with permissions
0600 (-rw-------). In other words, only the owner of the file can
access it. This is a bit annoying because tee-supplicant typically runs
under a special user account ('tee') which is not normally used to log
into the system. As a result, the files are difficult to access when
debugging.
Change permissions to 0644 (-rw-r--r--) for easier access to the data.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
tee-supplicant: Add ftrace buffer dump support
Make gprof dump framework common to utilize for ftrace buffer dump
support.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Make gprof dump framework common to utilize for ftrace buffer dump
support.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
simplify use of TEE fs related configs
CFG_TEE_DATA_PATH confuses users because it's only used as a prefix for
CFG_TEE_LOGS_PATH and not the actual root path for the TEE data dir as
described. The actual root path is $(TEE_FS_PARENT_PATH)/tee as can be
seen under tee_supp_fs_init() in tee-supplicant/src/tee_supp_fs.c, so
just get rid of CFG_TEE_DATA_PATH.
Next, we move "/tee" from tee_supp_fs_init() to CFG_TEE_FS_PARENT_PATH,
because otherwise, we have the beginning part of the path in a makefile
(config.mk) and the ending in code (tee_supp_fs_init()), which seems
messy to manage and error prone. E.g. CFG_TEE_LOGS_PATH (or any of its
subsequently derived configs) depends on the actual full path of the TEE
fs, so we can just set
CFG_TEE_LOGS_PATH ?= $(CFG_TEE_FS_PARENT_PATH)/logs
rather than
CFG_TEE_LOGS_PATH ?= $(CFG_TEE_FS_PARENT_PATH)/tee/logs
where the "tee" here has to match the "tee" in code.
With this change, the "/tee" subdirectory path is expected from the
CFG_TEE_FS_PARENT_PATH value, but this change does not modify legacy
default path of embedded files.
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Tested-by: Victor Chong <victor.chong@linaro.org> (QEMU v8)
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
CFG_TEE_DATA_PATH confuses users because it's only used as a prefix for
CFG_TEE_LOGS_PATH and not the actual root path for the TEE data dir as
described. The actual root path is $(TEE_FS_PARENT_PATH)/tee as can be
seen under tee_supp_fs_init() in tee-supplicant/src/tee_supp_fs.c, so
just get rid of CFG_TEE_DATA_PATH.
Next, we move "/tee" from tee_supp_fs_init() to CFG_TEE_FS_PARENT_PATH,
because otherwise, we have the beginning part of the path in a makefile
(config.mk) and the ending in code (tee_supp_fs_init()), which seems
messy to manage and error prone. E.g. CFG_TEE_LOGS_PATH (or any of its
subsequently derived configs) depends on the actual full path of the TEE
fs, so we can just set
CFG_TEE_LOGS_PATH ?= $(CFG_TEE_FS_PARENT_PATH)/logs
rather than
CFG_TEE_LOGS_PATH ?= $(CFG_TEE_FS_PARENT_PATH)/tee/logs
where the "tee" here has to match the "tee" in code.
With this change, the "/tee" subdirectory path is expected from the
CFG_TEE_FS_PARENT_PATH value, but this change does not modify legacy
default path of embedded files.
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Tested-by: Victor Chong <victor.chong@linaro.org> (QEMU v8)
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
tee-supplicant: do not 'mkdir /data/tee' on startup
'mkdir' only on the first instance the REE FS is required, because:
1. On systems that use RPMB only, this dir isn't necessary so there's
no point in creating an unused dir.
2. AOSP systems that use OP-TEE for disk encryption depends on the
tee-supplicant service to be up before properly mounting /data. If the
tee-supplicant in return depends on 'mkdir /data/tee/' before it can
start, this creates a circular dependency and causes boot to hang.
Removing this tee-supplicant startup dependency on /data is part of the
solution chain to enable the use of OP-TEE for AOSP disk encryption.
3. Most systems seem to take care of the creation of /data/tee with
the proper permission via some sort of init script anyway before
tee-supplicant is even started.
NOTE: /data is the default value assigned to TEE_FS_PARENT_PATH
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Tested-by: Victor Chong <victor.chong@linaro.org> (QEMU v8)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
'mkdir' only on the first instance the REE FS is required, because:
1. On systems that use RPMB only, this dir isn't necessary so there's
no point in creating an unused dir.
2. AOSP systems that use OP-TEE for disk encryption depends on the
tee-supplicant service to be up before properly mounting /data. If the
tee-supplicant in return depends on 'mkdir /data/tee/' before it can
start, this creates a circular dependency and causes boot to hang.
Removing this tee-supplicant startup dependency on /data is part of the
solution chain to enable the use of OP-TEE for AOSP disk encryption.
3. Most systems seem to take care of the creation of /data/tee with
the proper permission via some sort of init script anyway before
tee-supplicant is even started.
NOTE: /data is the default value assigned to TEE_FS_PARENT_PATH
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Tested-by: Victor Chong <victor.chong@linaro.org> (QEMU v8)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
tee-supplicant: ioctl_emu_read_ctr(): MAC correct data
Prior to this patch was ioctl_emu_read_ctr() calculating a MAC over
among other things the uninitialized "op_result". "op_result" often
happens to be 0 which is the same as RPMB_RESULT_OK which is returned by
compute_hmac() on success. However, this field is not initialized before
calculating the MAC so it could very well differ resulting in an invalid
MAC. This patch fixes this by initializing "op_result" to RPMB_RESULT_OK
before calculating the MAC.
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Prior to this patch was ioctl_emu_read_ctr() calculating a MAC over
among other things the uninitialized "op_result". "op_result" often
happens to be 0 which is the same as RPMB_RESULT_OK which is returned by
compute_hmac() on success. However, this field is not initialized before
calculating the MAC so it could very well differ resulting in an invalid
MAC. This patch fixes this by initializing "op_result" to RPMB_RESULT_OK
before calculating the MAC.
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
config.mk: default CFG_TA_TEST_PATH to n
CFG_TA_TEST_PATH is a test config and should not be set by default but
explicitly by the build environment/recipe.
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
CFG_TA_TEST_PATH is a test config and should not be set by default but
explicitly by the build environment/recipe.
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
tee-supplicant: cmake: fix typo
The typo had no effect on builds because CFG_TA_TEST_PATH is also
enabled by default.
Fixes: c48bc3be ("tee-supplicant: cmake: enable RPMB emulation by default")
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
The typo had no effect on builds because CFG_TA_TEST_PATH is also
enabled by default.
Fixes: c48bc3be ("tee-supplicant: cmake: enable RPMB emulation by default")
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
tee_supplicant_android.mk: support RPMB_EMU
add support for RPMB_EMU
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
add support for RPMB_EMU
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
config.mk: redefine CFG_TEE_DATA_PATH
Set CFG_TEE_DATA_PATH properly based on the hierarchical relationship
below, i.e. the CFG_ defined one line above is used to expand the CFG_
of the current line.
CFG_TEE_FS_PARENT_PATH ?= /data
CFG_TEE_DATA_PATH ?= $(CFG_TEE_FS_PARENT_PATH)/vendor/tee
CFG_TEE_LOGS_PATH ?= $(CFG_TEE_DATA_PATH)/logs
CFG_TEE_CLIENT_LOG_FILE ?= $(CFG_TEE_LOGS_PATH)/teec.log
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Set CFG_TEE_DATA_PATH properly based on the hierarchical relationship
below, i.e. the CFG_ defined one line above is used to expand the CFG_
of the current line.
CFG_TEE_FS_PARENT_PATH ?= /data
CFG_TEE_DATA_PATH ?= $(CFG_TEE_FS_PARENT_PATH)/vendor/tee
CFG_TEE_LOGS_PATH ?= $(CFG_TEE_DATA_PATH)/logs
CFG_TEE_CLIENT_LOG_FILE ?= $(CFG_TEE_LOGS_PATH)/teec.log
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
config.mk: add more config description
Add more detailed description for CFG_TEE_FS_PARENT_PATH and
CFG_TEE_DATA_PATH.
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Add more detailed description for CFG_TEE_FS_PARENT_PATH and
CFG_TEE_DATA_PATH.
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
{config,tee_supplicant_android}.mk: improve legibility
Rearrange some text to make them more legible.
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Rearrange some text to make them more legible.
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
5 years agoCleanup some local variable initialization master ti_optee_client ti2019.01 ti2019.01-rc2 ti2019.01-rc3 ti2019.01-rc4 ti2019.01-rc5 ti2019.02 ti2019.02-rc1 ti2019.02-rc2 ti2019.02-rc3 ti2019.02-rc4 ti2019.03 ti2019.03-rc1 ti2019.03-rc2 ti2019.03-rc3 ti2019.03-rc4 ti2019.04 ti2019.04-rc1 ti2019.04-rc2 ti2019.04-rc3 ti2019.04-rc4 ti2019.04-rc5
Cleanup some local variable initialization
This change removes few useless memset() and replace few memset() with
an initialized structure where possible.
This change fixes some TEEC_Result variables initialization
using a valid enumerated ID.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Joakim Bech <joakim.bech@linaro.org>
This change removes few useless memset() and replace few memset() with
an initialized structure where possible.
This change fixes some TEEC_Result variables initialization
using a valid enumerated ID.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Joakim Bech <joakim.bech@linaro.org>
libteec: fix clang build errors
external/optee_client/libteec/src/tee_client_api.c:488:11: error: fields must have a constant size: 'variable length array in structure' extension will never be supported
uint8_t data[sizeof(struct tee_ioctl_open_session_arg) + p_sz];
^
external/optee_client/libteec/src/tee_client_api.c:566:11: error: fields must have a constant size: 'variable length array in structure' extension will never be supported
uint8_t data[sizeof(struct tee_ioctl_invoke_arg) + p_sz];
^
Fixes: 9dbc61b3 ("libteec: fix build warnings")
Fixes: https://github.com/OP-TEE/optee_client/issues/152
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
external/optee_client/libteec/src/tee_client_api.c:488:11: error: fields must have a constant size: 'variable length array in structure' extension will never be supported
uint8_t data[sizeof(struct tee_ioctl_open_session_arg) + p_sz];
^
external/optee_client/libteec/src/tee_client_api.c:566:11: error: fields must have a constant size: 'variable length array in structure' extension will never be supported
uint8_t data[sizeof(struct tee_ioctl_invoke_arg) + p_sz];
^
Fixes: 9dbc61b3 ("libteec: fix build warnings")
Fixes: https://github.com/OP-TEE/optee_client/issues/152
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Explicitly initialize local variables
This change initializes all local variables to prevent build issues
(warnings and/or errors) in OP-TEE client package.
Use memset() to initialize structured and typed variables. This change
changes ordering in the local variable definition block at function
head. Structured variables are defined below, right above the memset()
call block for their initialization, when possible.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
This change initializes all local variables to prevent build issues
(warnings and/or errors) in OP-TEE client package.
Use memset() to initialize structured and typed variables. This change
changes ordering in the local variable definition block at function
head. Structured variables are defined below, right above the memset()
call block for their initialization, when possible.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libteec: fix build warnings
Fix build warnings reported by the Buildroot team [1]:
/home/thomas/projets/outputs/armv5-ctng-linux-gnueabi/build/optee-client-3.4.0/libteec/src/tee_client_api.c: In function 'TEEC_InitializeContext':
/home/thomas/projets/outputs/armv5-ctng-linux-gnueabi/build/optee-client-3.4.0/libteec/src/tee_client_api.c:149:28: error: 'gen_caps' may be used uninitialized in this function [-Werror=maybe-uninitialized]
ctx->reg_mem = gen_caps & TEE_GEN_CAP_REG_MEM;
^
/home/thomas/projets/buildroot/output/build/optee-client-3.4.0/libteec/src/tee_client_api.c: In function ‘TEEC_OpenSession’:
/home/thomas/projets/buildroot/output/build/optee-client-3.4.0/libteec/src/tee_client_api.c:507:8: error: cast increases required alignment of target type [-Werror=cast-align]
arg = (struct tee_ioctl_open_session_arg *)buf;
^
/home/thomas/projets/buildroot/output/build/optee-client-3.4.0/libteec/src/tee_client_api.c: In function ‘TEEC_InvokeCommand’:
/home/thomas/projets/buildroot/output/build/optee-client-3.4.0/libteec/src/tee_client_api.c:581:8: error: cast increases required alignment of target type [-Werror=cast-align]
arg = (struct tee_ioctl_invoke_arg *)buf;
^
[1] http://lists.busybox.net/pipermail/buildroot/2019-February/243437.html
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960 32, 64)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Fix build warnings reported by the Buildroot team [1]:
/home/thomas/projets/outputs/armv5-ctng-linux-gnueabi/build/optee-client-3.4.0/libteec/src/tee_client_api.c: In function 'TEEC_InitializeContext':
/home/thomas/projets/outputs/armv5-ctng-linux-gnueabi/build/optee-client-3.4.0/libteec/src/tee_client_api.c:149:28: error: 'gen_caps' may be used uninitialized in this function [-Werror=maybe-uninitialized]
ctx->reg_mem = gen_caps & TEE_GEN_CAP_REG_MEM;
^
/home/thomas/projets/buildroot/output/build/optee-client-3.4.0/libteec/src/tee_client_api.c: In function ‘TEEC_OpenSession’:
/home/thomas/projets/buildroot/output/build/optee-client-3.4.0/libteec/src/tee_client_api.c:507:8: error: cast increases required alignment of target type [-Werror=cast-align]
arg = (struct tee_ioctl_open_session_arg *)buf;
^
/home/thomas/projets/buildroot/output/build/optee-client-3.4.0/libteec/src/tee_client_api.c: In function ‘TEEC_InvokeCommand’:
/home/thomas/projets/buildroot/output/build/optee-client-3.4.0/libteec/src/tee_client_api.c:581:8: error: cast increases required alignment of target type [-Werror=cast-align]
arg = (struct tee_ioctl_invoke_arg *)buf;
^
[1] http://lists.busybox.net/pipermail/buildroot/2019-February/243437.html
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey960 32, 64)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
cmake: support BUILD_STATIC_LIBS/BUILD_SHARED_LIBS
CMake variables BUILD_STATIC_LIBS and BUILD_SHARED_LIBS
set constraints on libraries and executable linkage.
With this change OP-TEE client CMake script builds and installs the
embedded files with the expected linkage configuration.
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
CMake variables BUILD_STATIC_LIBS and BUILD_SHARED_LIBS
set constraints on libraries and executable linkage.
With this change OP-TEE client CMake script builds and installs the
embedded files with the expected linkage configuration.
Reported-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
docs: Remove current docs and link to the new location
All current documentation has been transferred to a new git called
optee_docs [1]. The output from optee_docs will be rendered using Sphinx
and hosted at optee.readthedocs.io [2]. The new documentation git will
also be part of the regular OP-TEE releases. For completeness, it will
also be included in our manifests making up a full OP-TEE developer
setup.
[1] https://github.com/OP-TEE/optee_docs
[2] https://optee.readthedocs.io
Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
All current documentation has been transferred to a new git called
optee_docs [1]. The output from optee_docs will be rendered using Sphinx
and hosted at optee.readthedocs.io [2]. The new documentation git will
also be part of the regular OP-TEE releases. For completeness, it will
also be included in our manifests making up a full OP-TEE developer
setup.
[1] https://github.com/OP-TEE/optee_docs
[2] https://optee.readthedocs.io
Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Makefile: default install client libs and headers in /usr
Change default install path for the libraries and their header files
to locate them in /usr/lib and /usr/include which are more generic
than /lib and /include as used prior this change.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Change default install path for the libraries and their header files
to locate them in /usr/lib and /usr/include which are more generic
than /lib and /include as used prior this change.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Makefile: install tee-supplicant in /usr/sbin by default
Change GNU makefile to default install tee-supplicant in target
directory /usr/sbin instead of /bin. This change aligns the GNU
makefile install sequence with the CMake install sequence.
Build environment can override embedded sbin path from environment
variable SBINDIR whereas prior this change tee-supplicant install
directory path was defined from BINDIR.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Change GNU makefile to default install tee-supplicant in target
directory /usr/sbin instead of /bin. This change aligns the GNU
makefile install sequence with the CMake install sequence.
Build environment can override embedded sbin path from environment
variable SBINDIR whereas prior this change tee-supplicant install
directory path was defined from BINDIR.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
5 years agoflags: add -D_FILE_OFFSET_BITS=64 to support large files ti2019.00 ti2019.00-rc1 ti2019.00-rc2 ti2019.00-rc3 ti2019.00-rc4 ti2019.00-rc5 ti2019.01-rc1
flags: add -D_FILE_OFFSET_BITS=64 to support large files
The tee client library does not need to provide compatibility for the old file
system interface.
The sources in [0] and [1] explain that _FILE_OFFSET_BITS=64 support has been
added to the Android NDK only recently, adding the flags now could break existing
applications. Thus _FILE_OFFSET_BITS=64 is left out for the android make flags.
[0]: https://android-developers.googleblog.com/2017/09/introducing-android-native-development.html
[1]: https://android.googlesource.com/platform/bionic/+/master/docs/32-bit-abi.md
Fixes: https://github.com/OP-TEE/optee_client/issues/140
Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
[jf: use URL in Fixes: tag]
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
The tee client library does not need to provide compatibility for the old file
system interface.
The sources in [0] and [1] explain that _FILE_OFFSET_BITS=64 support has been
added to the Android NDK only recently, adding the flags now could break existing
applications. Thus _FILE_OFFSET_BITS=64 is left out for the android make flags.
[0]: https://android-developers.googleblog.com/2017/09/introducing-android-native-development.html
[1]: https://android.googlesource.com/platform/bionic/+/master/docs/32-bit-abi.md
Fixes: https://github.com/OP-TEE/optee_client/issues/140
Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
[jf: use URL in Fixes: tag]
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
libteec: Makefile: Generate .so files the same way as CMake
Update the Makefile so that the generated libteec.so file and the
corresponding symlinks match those generated by the CMake script.
Specifically, before this commit the Makefile generated the following
files:
symlink: libteec.so -> libteec.so.1
symlink: libteec.so.1 -> libteec.so.1.0
file: libteec.so.1.0 (SONAME libteec.so.1.0)
With this commit the generated files are:
symlink: libteec.so -> libteec.so.1
symlink: libteec.so.1 -> libteec.so.1.0.0
symlink: libteec.so.1.0 -> libteec.so.1.0.0
file: libteec.so.1.0.0 (SONAME libteec.so.1)
The symlink "libteec.so.1.0" is kept for compatibility with existing
installations. Note that "libteec.so.1.0" is not generated by the CMake
script.
Signed-off-by: Fabian Hofmann <fabian.hofmann@fau.de>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Update the Makefile so that the generated libteec.so file and the
corresponding symlinks match those generated by the CMake script.
Specifically, before this commit the Makefile generated the following
files:
symlink: libteec.so -> libteec.so.1
symlink: libteec.so.1 -> libteec.so.1.0
file: libteec.so.1.0 (SONAME libteec.so.1.0)
With this commit the generated files are:
symlink: libteec.so -> libteec.so.1
symlink: libteec.so.1 -> libteec.so.1.0.0
symlink: libteec.so.1.0 -> libteec.so.1.0.0
file: libteec.so.1.0.0 (SONAME libteec.so.1)
The symlink "libteec.so.1.0" is kept for compatibility with existing
installations. Note that "libteec.so.1.0" is not generated by the CMake
script.
Signed-off-by: Fabian Hofmann <fabian.hofmann@fau.de>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
tee_supplicant: gprof: fix compile error
Avoids a compile error with using GCC 8.x with CFG_TA_GPROF_SUPPORT=y:
src/gprof.c: In function ‘gprof_process’:
src/gprof.c:97:35: error: ‘%d’ directive output may be truncated writing between 1 and 10 bytes into a region of size 4 [-Werror=format-truncation=]
snprintf(vers, sizeof(vers), ".%d", id - 1);
^~
src/gprof.c:97:33: note: directive argument in the range [1, 2147483646]
snprintf(vers, sizeof(vers), ".%d", id - 1);
^~~~~
src/gprof.c:97:4: note: ‘snprintf’ output between 3 and 12 bytes into a destination of size 5
snprintf(vers, sizeof(vers), ".%d", id - 1);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Avoids a compile error with using GCC 8.x with CFG_TA_GPROF_SUPPORT=y:
src/gprof.c: In function ‘gprof_process’:
src/gprof.c:97:35: error: ‘%d’ directive output may be truncated writing between 1 and 10 bytes into a region of size 4 [-Werror=format-truncation=]
snprintf(vers, sizeof(vers), ".%d", id - 1);
^~
src/gprof.c:97:33: note: directive argument in the range [1, 2147483646]
snprintf(vers, sizeof(vers), ".%d", id - 1);
^~~~~
src/gprof.c:97:4: note: ‘snprintf’ output between 3 and 12 bytes into a destination of size 5
snprintf(vers, sizeof(vers), ".%d", id - 1);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
tee-supplicant: cmake: enable RPMB emulation by default
Enables RPMB emulation by default also when compiling with cmake.
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Enables RPMB emulation by default also when compiling with cmake.
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Makefile and config.mk: remove export in config.mk
to workaorund export restriction when building for android platform
because of the deprecation described here:
https://android.googlesource.com/platform/build/+/master/Changes.md#export_keyword
with export used in make files, the aosp build will report error like here:
https://ci.linaro.org/job/android-lcr-reference-hikey-master/95/console
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (QEMU)
Tested-by: Yongqin Liu <yongqin.liu@linaro.org> (AOSP master)
Signed-off-by: Yongqin Liu <yongqin.liu@linaro.org>
to workaorund export restriction when building for android platform
because of the deprecation described here:
https://android.googlesource.com/platform/build/+/master/Changes.md#export_keyword
with export used in make files, the aosp build will report error like here:
https://ci.linaro.org/job/android-lcr-reference-hikey-master/95/console
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (QEMU)
Tested-by: Yongqin Liu <yongqin.liu@linaro.org> (AOSP master)
Signed-off-by: Yongqin Liu <yongqin.liu@linaro.org>
tee-supplicant: add daemon mode (-d)
Add the missing code to make tee-supplicant a proper daemon when invoked
with -d.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Add the missing code to make tee-supplicant a proper daemon when invoked
with -d.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Do not set -Werror by default
Do not use -Werror unless explicitly asked via "make CFG_WERROR=y".
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Do not use -Werror unless explicitly asked via "make CFG_WERROR=y".
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
tee-supplicant: rpmb.c: add __attribute__((fallthrough))
Fix the following error reported by GCC 8.1:
src/rpmb.c: In function ‘rpmb_data_req’:
src/rpmb.c:683:6: error: this statement may fall through [-Werror=implicit-fallthrough=]
if (rsp_nfrm != 1) {
^
src/rpmb.c:689:2: note: here
case RPMB_MSG_TYPE_REQ_AUTH_DATA_READ:
^~~~
I could not silence this warning using any of the special comments
documented on the GCC Warning Options page [1]. It is weird, because we
use -Wextra which is supposed to enable -Wimplicit-fallthrough=3, which is
supposed to recognize the comment we had already (/* Fall through */).
Link: [1] https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Fix the following error reported by GCC 8.1:
src/rpmb.c: In function ‘rpmb_data_req’:
src/rpmb.c:683:6: error: this statement may fall through [-Werror=implicit-fallthrough=]
if (rsp_nfrm != 1) {
^
src/rpmb.c:689:2: note: here
case RPMB_MSG_TYPE_REQ_AUTH_DATA_READ:
^~~~
I could not silence this warning using any of the special comments
documented on the GCC Warning Options page [1]. It is weird, because we
use -Wextra which is supposed to enable -Wimplicit-fallthrough=3, which is
supposed to recognize the comment we had already (/* Fall through */).
Link: [1] https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
libteec: refactor _dprintf()
GCC8.1 gives an error when compiling _dprintf():
src/teec_trace.c: In function ‘_dprintf’:
src/teec_trace.c:110:5: error: ‘%s’ directive output may be truncated writing up to 255 bytes into a region of size 246 [-Werror=format-truncation=]
"%s [%d] %s:%s:%d: %s",
^~~~~~~~~~~~~~~~~~~~~~
src/teec_trace.c:112:11:
line, raw);
~~~
src/teec_trace.c:109:3: note: ‘snprintf’ output 11 or more bytes (assuming 266) into a destination of size 256
snprintf(prefixed, MAX_PRINT_SIZE,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"%s [%d] %s:%s:%d: %s",
~~~~~~~~~~~~~~~~~~~~~~~
trace_level_strings[level], thread_id, prefix, func,
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
line, raw);
~~~~~~~~~~
Fix this error by using a single output buffer, printing the prefix first
then the other arguments with the supplied format.
In addition, further simplify the function by getting rid of things that
do not make much sense:
- Remove the 'flen' parameter, which is only ever set to zero or
strlen(__func__).
- Remove the TRACE_FUNC_LENGTH_CST macro which is not set by default and
does not seem very useful.
- Change the return type to void because callers do not care about success
or failure.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
GCC8.1 gives an error when compiling _dprintf():
src/teec_trace.c: In function ‘_dprintf’:
src/teec_trace.c:110:5: error: ‘%s’ directive output may be truncated writing up to 255 bytes into a region of size 246 [-Werror=format-truncation=]
"%s [%d] %s:%s:%d: %s",
^~~~~~~~~~~~~~~~~~~~~~
src/teec_trace.c:112:11:
line, raw);
~~~
src/teec_trace.c:109:3: note: ‘snprintf’ output 11 or more bytes (assuming 266) into a destination of size 256
snprintf(prefixed, MAX_PRINT_SIZE,
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"%s [%d] %s:%s:%d: %s",
~~~~~~~~~~~~~~~~~~~~~~~
trace_level_strings[level], thread_id, prefix, func,
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
line, raw);
~~~~~~~~~~
Fix this error by using a single output buffer, printing the prefix first
then the other arguments with the supplied format.
In addition, further simplify the function by getting rid of things that
do not make much sense:
- Remove the 'flen' parameter, which is only ever set to zero or
strlen(__func__).
- Remove the TRACE_FUNC_LENGTH_CST macro which is not set by default and
does not seem very useful.
- Change the return type to void because callers do not care about success
or failure.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
benchmark: fix computation of page address
Subtracting the size *in bytes* from a (intptr_t *) is incorrect, since it
will subtract n * sizeof(intptr_t).
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Subtracting the size *in bytes* from a (intptr_t *) is incorrect, since it
will subtract n * sizeof(intptr_t).
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Android related files: changes to work with Treble enabled build
1. change to make libteec and tee-supplicant installed in the vendor partition
2. use /data/vendor/tee instead of /data/tee as the workspace for tee
3. local ta files from /vendor/lib
Acked-by: Victor Chong <victor.chong@linaro.org>
Signed-off-by: Yongqin Liu <yongqin.liu@linaro.org>
1. change to make libteec and tee-supplicant installed in the vendor partition
2. use /data/vendor/tee instead of /data/tee as the workspace for tee
3. local ta files from /vendor/lib
Acked-by: Victor Chong <victor.chong@linaro.org>
Signed-off-by: Yongqin Liu <yongqin.liu@linaro.org>
Android.mk & config.mk: move teec.log/teesupp.log under /data/tee
for Android platform, otherwise there will be SELinux problem
reported
Acked-by: Victor Chong <victor.chong@linaro.org>
Signed-off-by: Yongqin Liu <yongqin.liu@linaro.org>
for Android platform, otherwise there will be SELinux problem
reported
Acked-by: Victor Chong <victor.chong@linaro.org>
Signed-off-by: Yongqin Liu <yongqin.liu@linaro.org>
5 years agobenchmark: fix compilation issues ti2018.03-rc3 ti2018.05 ti2018.05-rc1 ti2018.05-rc2 ti2018.05-rc3 ti2018.05-rc4 ti2018.05-rc5
benchmark: fix compilation issues
This fixes "cast from pointer to integer of different" warning, when
CFG_TEE_BENCHMARK is enabled.
src/teec_benchmark.c: In function 'mmap_paddr':
src/teec_benchmark.c:128:11: error: cast from pointer to integer of different
size [-Werror=pointer-to-int-cast]
offset = (off_t)hw_addr % getpagesize();
^
src/teec_benchmark.c:129:14: error: cast from pointer to integer of different
size [-Werror=pointer-to-int-cast]
page_addr = (off_t)(hw_addr - offset);
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>
This fixes "cast from pointer to integer of different" warning, when
CFG_TEE_BENCHMARK is enabled.
src/teec_benchmark.c: In function 'mmap_paddr':
src/teec_benchmark.c:128:11: error: cast from pointer to integer of different
size [-Werror=pointer-to-int-cast]
offset = (off_t)hw_addr % getpagesize();
^
src/teec_benchmark.c:129:14: error: cast from pointer to integer of different
size [-Werror=pointer-to-int-cast]
page_addr = (off_t)(hw_addr - offset);
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>
Do not export CMakeLists.txt when running install
Fixes: https://github.com/OP-TEE/optee_client/issues/122
Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Joakim Bech <joakim.bech@linaro.org>
Suggested-by: Tomáš Chvátal <tomas.chvatal@gmail.com>
Reported-by: Tomáš Chvátal <tomas.chvatal@gmail.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Fixes: https://github.com/OP-TEE/optee_client/issues/122
Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Joakim Bech <joakim.bech@linaro.org>
Suggested-by: Tomáš Chvátal <tomas.chvatal@gmail.com>
Reported-by: Tomáš Chvátal <tomas.chvatal@gmail.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
libteec: Fix incorrect SOVERSION number
Fixes: https://github.com/OP-TEE/optee_client/issues/123
Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Joakim Bech <joakim.bech@linaro.org>
Suggested-by: Tomáš Chvátal <tomas.chvatal@gmail.com>
Reported-by: Tomáš Chvátal <tomas.chvatal@gmail.com>
Fixes: https://github.com/OP-TEE/optee_client/issues/123
Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Joakim Bech <joakim.bech@linaro.org>
Suggested-by: Tomáš Chvátal <tomas.chvatal@gmail.com>
Reported-by: Tomáš Chvátal <tomas.chvatal@gmail.com>
tee-supplicant: cast sizeof(x) to socklen_t
Fixes compilation warnings on Android:
optee_client/tee-supplicant/src/tee_socket.c:551:12: error: comparison of integers of different signs: 'socklen_t' (aka 'int') and 'unsigned int' [-Werror,-Wsign-compare]
if (slen < sizeof(*sain))
~~~~ ^ ~~~~~~~~~~~~~
optee_client/tee-supplicant/src/tee_socket.c:561:12: error: comparison of integers of different signs: 'socklen_t' (aka 'int') and 'unsigned int' [-Werror,-Wsign-compare]
if (slen < sizeof(*sain6))
~~~~ ^ ~~~~~~~~~~~~~~
optee_client/tee-supplicant/src/tee_socket.c:577:12: error: comparison of integers of different signs: 'socklen_t' (aka 'int') and 'unsigned int' [-Werror,-Wsign-compare]
if (slen < sizeof(*sain))
~~~~ ^ ~~~~~~~~~~~~~
optee_client/tee-supplicant/src/tee_socket.c:587:12: error: comparison of integers of different signs: 'socklen_t' (aka 'int') and 'unsigned int' [-Werror,-Wsign-compare]
if (slen < sizeof(*sain6))
~~~~ ^ ~~~~~~~~~~~~~~
socklen_t may be signed or unsigned, depending on which standard is
implemented. For instance, the Single UNIX Specification V2 [1] defines
it as unsigned, while the more recent Open Group Base Specifications
Issue 7 [2] does not mention signedness.
Therefore, cast sizeof(x) to socklen_t to avoid any sign mismatch.
Link: [1] http://pubs.opengroup.org/onlinepubs/7908799/xns/syssocket.h.html
Link: [2] http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/sys_socket.h.html
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reported-by: Angela Stegmaier <angelabaker@ti.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Fixes compilation warnings on Android:
optee_client/tee-supplicant/src/tee_socket.c:551:12: error: comparison of integers of different signs: 'socklen_t' (aka 'int') and 'unsigned int' [-Werror,-Wsign-compare]
if (slen < sizeof(*sain))
~~~~ ^ ~~~~~~~~~~~~~
optee_client/tee-supplicant/src/tee_socket.c:561:12: error: comparison of integers of different signs: 'socklen_t' (aka 'int') and 'unsigned int' [-Werror,-Wsign-compare]
if (slen < sizeof(*sain6))
~~~~ ^ ~~~~~~~~~~~~~~
optee_client/tee-supplicant/src/tee_socket.c:577:12: error: comparison of integers of different signs: 'socklen_t' (aka 'int') and 'unsigned int' [-Werror,-Wsign-compare]
if (slen < sizeof(*sain))
~~~~ ^ ~~~~~~~~~~~~~
optee_client/tee-supplicant/src/tee_socket.c:587:12: error: comparison of integers of different signs: 'socklen_t' (aka 'int') and 'unsigned int' [-Werror,-Wsign-compare]
if (slen < sizeof(*sain6))
~~~~ ^ ~~~~~~~~~~~~~~
socklen_t may be signed or unsigned, depending on which standard is
implemented. For instance, the Single UNIX Specification V2 [1] defines
it as unsigned, while the more recent Open Group Base Specifications
Issue 7 [2] does not mention signedness.
Therefore, cast sizeof(x) to socklen_t to avoid any sign mismatch.
Link: [1] http://pubs.opengroup.org/onlinepubs/7908799/xns/syssocket.h.html
Link: [2] http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/sys_socket.h.html
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reported-by: Angela Stegmaier <angelabaker@ti.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>