OP-TEE · jforissier · Nov 14, 2017 · Nov 13, 2017 · Nov 9, 2017 · Nov 9, 2017
diff --git a/core/arch/arm/kernel/generic_boot.c b/core/arch/arm/kernel/generic_boot.c
@@ -29,6 +29,7 @@
 #include <assert.h>
 #include <compiler.h>
 #include <console.h>
+#include <crypto/crypto.h>
 #include <inttypes.h>
 #include <keep.h>
 #include <kernel/asan.h>
@@ -47,7 +48,6 @@
 #include <sm/psci.h>
 #include <sm/tee_mon.h>
 #include <stdio.h>
-#include <tee/tee_cryp_provider.h>
 #include <trace.h>
 #include <utee_defines.h>
 #include <util.h>

diff --git a/core/arch/arm/kernel/kern.ld.S b/core/arch/arm/kernel/kern.ld.S
@@ -489,8 +489,10 @@ PROVIDE(__vcore_init_ro_size = 0);
 #endif /* CFG_CORE_RODATA_NOEXEC */
 #endif /* CFG_WITH_PAGER */
 
+#ifdef CFG_CORE_SANITIZE_KADDRESS
 PROVIDE(__asan_map_start = (__asan_shadow_start / SMALL_PAGE_SIZE) *
 			   SMALL_PAGE_SIZE);
 PROVIDE(__asan_map_end = ((__asan_shadow_end - 1) / SMALL_PAGE_SIZE) *
 			 SMALL_PAGE_SIZE + SMALL_PAGE_SIZE);
 PROVIDE(__asan_map_size = __asan_map_end - __asan_map_start);
+#endif /*CFG_CORE_SANITIZE_KADDRESS*/
diff --git a/core/arch/arm/kernel/ree_fs_ta.c b/core/arch/arm/kernel/ree_fs_ta.c
@@ -25,6 +25,7 @@
  * POSSIBILITY OF SUCH DAMAGE.
  */
 #include <assert.h>
+#include <crypto/crypto.h>
 #include <initcall.h>
 #include <kernel/msg_param.h>
 #include <kernel/thread.h>
@@ -36,10 +37,9 @@
 #include <stdlib.h>
 #include <string.h>
 #include <ta_pub_key.h>
-#include <tee/tee_cryp_provider.h>
+#include <tee_api_types.h>
 #include <tee/tee_cryp_utl.h>
 #include <tee/tee_svc_cryp.h>
-#include <tee_api_types.h>
 #include <tee/uuid.h>
 #include <utee_defines.h>
 
@@ -98,29 +98,23 @@ static TEE_Result check_shdr(struct shdr *shdr)
 	if (hash_size != shdr->hash_size)
 		return TEE_ERROR_SECURITY;
 
-	if (!crypto_ops.acipher.alloc_rsa_public_key ||
-	    !crypto_ops.acipher.free_rsa_public_key ||
-	    !crypto_ops.acipher.rsassa_verify ||
-	    !crypto_ops.bignum.bin2bn)
-		return TEE_ERROR_NOT_SUPPORTED;
-
-	res = crypto_ops.acipher.alloc_rsa_public_key(&key, shdr->sig_size);
+	res = crypto_acipher_alloc_rsa_public_key(&key, shdr->sig_size);
 	if (res != TEE_SUCCESS)
 		return res;
 
-	res = crypto_ops.bignum.bin2bn((uint8_t *)&e, sizeof(e), key.e);
+	res = crypto_bignum_bin2bn((uint8_t *)&e, sizeof(e), key.e);
 	if (res != TEE_SUCCESS)
 		goto out;
-	res = crypto_ops.bignum.bin2bn(ta_pub_key_modulus,
-				       ta_pub_key_modulus_size, key.n);
+	res = crypto_bignum_bin2bn(ta_pub_key_modulus, ta_pub_key_modulus_size,
+				   key.n);
 	if (res != TEE_SUCCESS)
 		goto out;
 
-	res = crypto_ops.acipher.rsassa_verify(shdr->algo, &key, -1,
-				SHDR_GET_HASH(shdr), shdr->hash_size,
-				SHDR_GET_SIG(shdr), shdr->sig_size);
+	res = crypto_acipher_rsassa_verify(shdr->algo, &key, -1,
+					   SHDR_GET_HASH(shdr), shdr->hash_size,
+					   SHDR_GET_SIG(shdr), shdr->sig_size);
 out:
-	crypto_ops.acipher.free_rsa_public_key(&key);
+	crypto_acipher_free_rsa_public_key(&key);
 	if (res != TEE_SUCCESS)
 		return TEE_ERROR_SECURITY;
 	return TEE_SUCCESS;
@@ -187,11 +181,6 @@ static TEE_Result ta_open(const TEE_UUID *uuid,
 	uint64_t cookie = 0;
 	TEE_Result res;
 
-	if (!crypto_ops.hash.get_ctx_size ||
-	    !crypto_ops.hash.init ||
-	    !crypto_ops.hash.update)
-		return TEE_ERROR_NOT_SUPPORTED;
-
 	handle = calloc(1, sizeof(*handle));
 	if (!handle)
 		return TEE_ERROR_OUT_OF_MEMORY;
@@ -216,18 +205,18 @@ static TEE_Result ta_open(const TEE_UUID *uuid,
 	 * header (less the final file hash and its signature of course)
 	 */
 	hash_algo = TEE_DIGEST_HASH_TO_ALGO(shdr->algo);
-	res = crypto_ops.hash.get_ctx_size(hash_algo, &hash_ctx_size);
+	res = crypto_hash_get_ctx_size(hash_algo, &hash_ctx_size);
 	if (res != TEE_SUCCESS)
 		goto error_free_payload;
 	hash_ctx = malloc(hash_ctx_size);
 	if (!hash_ctx) {
 		res = TEE_ERROR_OUT_OF_MEMORY;
 		goto error_free_payload;
 	}
-	res = crypto_ops.hash.init(hash_ctx, hash_algo);
+	res = crypto_hash_init(hash_ctx, hash_algo);
 	if (res != TEE_SUCCESS)
 		goto error_free_payload;
-	res = crypto_ops.hash.update(hash_ctx, hash_algo, (uint8_t *)shdr,
+	res = crypto_hash_update(hash_ctx, hash_algo, (uint8_t *)shdr,
 				     sizeof(*shdr));
 	if (res != TEE_SUCCESS)
 		goto error_free_payload;
@@ -269,12 +258,10 @@ static TEE_Result check_digest(struct user_ta_store_handle *h)
 	void *digest = NULL;
 	TEE_Result res;
 
-	if (!crypto_ops.hash.final)
-		return TEE_ERROR_NOT_SUPPORTED;
 	digest = malloc(h->shdr->hash_size);
 	if (!digest)
 		return TEE_ERROR_OUT_OF_MEMORY;
-	res = crypto_ops.hash.final(h->hash_ctx, h->hash_algo, digest,
+	res = crypto_hash_final(h->hash_ctx, h->hash_algo, digest,
 				    h->shdr->hash_size);
 	if (res != TEE_SUCCESS) {
 		res = TEE_ERROR_SECURITY;
@@ -300,7 +287,7 @@ static TEE_Result ta_read(struct user_ta_store_handle *h, void *data,
 		dst = data; /* Hash secure buffer (shm might be modified) */
 		memcpy(dst, src, len);
 	}
-	res = crypto_ops.hash.update(h->hash_ctx, h->hash_algo, dst, len);
+	res = crypto_hash_update(h->hash_ctx, h->hash_algo, dst, len);
 	if (res != TEE_SUCCESS)
 		return TEE_ERROR_SECURITY;
 	h->offs += len;

diff --git a/core/arch/arm/kernel/user_ta.c b/core/arch/arm/kernel/user_ta.c
@@ -45,7 +45,6 @@
 #include <stdlib.h>
 #include <sys/queue.h>
 #include <ta_pub_key.h>
-#include <tee/tee_cryp_provider.h>
 #include <tee/tee_cryp_utl.h>
 #include <tee/tee_obj.h>
 #include <tee/tee_svc_cryp.h>

diff --git a/core/arch/arm/mm/tee_pager.c b/core/arch/arm/mm/tee_pager.c
@@ -28,6 +28,7 @@
 
 #include <arm.h>
 #include <assert.h>
+#include <crypto/crypto.h>
 #include <io.h>
 #include <keep.h>
 #include <kernel/abort.h>
@@ -44,7 +45,6 @@
 #include <stdlib.h>
 #include <sys/queue.h>
 #include <tee_api_defines.h>
-#include <tee/tee_cryp_provider.h>
 #include <trace.h>
 #include <types_ext.h>
 #include <utee_defines.h>

diff --git a/core/arch/arm/pta/interrupt_tests.c b/core/arch/arm/pta/interrupt_tests.c
@@ -24,6 +24,7 @@
  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  */
+#include <crypto/crypto.h>
 #include <keep.h>
 #include <kernel/interrupt.h>
 #include <kernel/misc.h>
@@ -32,7 +33,6 @@
 #include <kernel/thread.h>
 #include <platform_config.h>
 #include <string.h>
-#include <tee/tee_cryp_provider.h>
 #include <trace.h>
 
 #define TA_NAME		"interrupt_tests.ta"

diff --git a/core/arch/arm/tee/init.c b/core/arch/arm/tee/init.c
@@ -33,7 +33,6 @@
 #include <mm/core_memprot.h>
 #include <mm/tee_mmu.h>
 #include <sm/tee_mon.h>
-#include <tee/tee_cryp_provider.h>
 #include <tee/tee_fs.h>
 #include <tee/tee_svc.h>
 #include <trace.h>