core: kernel: bump transfer list to spec version 2.0

Update the transfer list library to implement specification version 2.0,
as versions 1.0 and 0.9 have been withdrawn [1]. The primary change is
s

core: kernel: bump transfer list to spec version 2.0

Update the transfer list library to implement specification version 2.0,
as versions 1.0 and 0.9 have been withdrawn [1]. The primary change is
switching the checksum calculation from an XOR sum to a byte-wise sum.
This aligns the implementation with the updated specification and with
behavior already used in existing deployments.

1. https://github.com/FirmwareHandoff/firmware_handoff/pull/80

Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Acked-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: imx: fix mx8mpevk optee memory layout

Mostly all i.MX OP-TEE platforms place OP-TEE at the end of the
available memory. Since the i.MX8MP-EVK has 6GiB RAM we need to set
CFG_LPAE_ADDR_SPACE_BI

core: imx: fix mx8mpevk optee memory layout

Mostly all i.MX OP-TEE platforms place OP-TEE at the end of the
available memory. Since the i.MX8MP-EVK has 6GiB RAM we need to set
CFG_LPAE_ADDR_SPACE_BITS accordingly else OP-TEE uses 32-bit and can't
access the memory above.

The fix uses the same amount of bits as used for CFG_CORE_ARM64_PA_BITS.

Acked-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>

show more ...

core: fix protmem overlap in check_reg_shm_conflict()

Prior to this patch, check_reg_shm_conflict() would miss checking the
last page of a registered shared memory if it had a non-zero page_offset
o

core: fix protmem overlap in check_reg_shm_conflict()

Prior to this patch, check_reg_shm_conflict() would miss checking the
last page of a registered shared memory if it had a non-zero page_offset
or a page-unaligned mobj.size. So fix it and ensure the final page is
included in the conflict check by accounting for the page_offset and any
remaining unaligned bytes in the size.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Rouven Czerwinski <rouven.czerwinski@linaro.org>

show more ...

core: fs: report key manager initialization failure

Some platforms may fail at deriving the Hardware Unique Key (HUK).

When the HUK cannot be retrieved, the secure storage subsystem cannot
derive t

core: fs: report key manager initialization failure

Some platforms may fail at deriving the Hardware Unique Key (HUK).

When the HUK cannot be retrieved, the secure storage subsystem cannot
derive the Secure Storage Key (SSK). In this case secure storage is not
usable and the key manager initialization fails.

Emit an explicit error message when SSK derivation fails so that the
reason for secure storage being unavailable is visible in the logs.

This is particularly useful on platforms such as Versal where fuse
access depends on external firmware components.

Signed-off-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: imx: relax CFG_DDR_SIZE decision

The overall NS DRAM size can be passed via DT if CFG_EXTERNAL_DT is
enabled. So don't throw an error in case no size was specified.

Reviewed-by: Sahil Malhotr

core: imx: relax CFG_DDR_SIZE decision

The overall NS DRAM size can be passed via DT if CFG_EXTERNAL_DT is
enabled. So don't throw an error in case no size was specified.

Reviewed-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>

show more ...

drivers: imx: tzc380: document reconfiguration requirements

Document why the reconfiguration is required.

Reviewed-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Signed-off-by: Marco Felsch <m.felsch@

drivers: imx: tzc380: document reconfiguration requirements

Document why the reconfiguration is required.

Reviewed-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>

show more ...

drivers: imx: tzc380: add support to discover nsec_dram dynamically

Convert the driver to use the new core_mmu_for_each_nsec_ddr() to allow
dynamic configurations of the NS DRAM region(s). The DRAM

drivers: imx: tzc380: add support to discover nsec_dram dynamically

Convert the driver to use the new core_mmu_for_each_nsec_ddr() to allow
dynamic configurations of the NS DRAM region(s). The DRAM configuration
parsed by the OP-TEE core is either based on:
- manifest-dt
- external-dt
- internal/embedded-dt
- builtin compile-time defines

This logic allows the imx-tzc380 driver to use the runtime information
provided by an external DT. The compile-time builtin defines are used if
no external DT is found or the external DT doesn't contain any memory
information.

For plat-imx this mapps to register_ddr(CFG_DRAM_BASE, CFG_DDR_SIZE),
which is equivalent to
imx_tzc_auto_configure(CFG_DRAM_BASE, CFG_DDR_SIZE, TZC_ATTR_SP_NS_RW).

Reviewed-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>

show more ...

core: mm: add core_mmu_for_each_nsec_ddr support

Currently all TZC drivers implement the nsec_ddr configuration via
compile time configuration switches. This fact is not ideal for
platforms which ha

core: mm: add core_mmu_for_each_nsec_ddr support

Currently all TZC drivers implement the nsec_ddr configuration via
compile time configuration switches. This fact is not ideal for
platforms which have various DRAM settings.

OP-TEE already supports discovering the nsec_ddr chunks during the early
boot process but doesn't expose this information. Therefore this foreach
helper is added which can be used by the TZC drivers to address the
above use-case.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>

show more ...

drivers: imx: tzc380: refactor region number handling

Move the region number handling into imx_tzc_auto_configure(), to make
it possible to call the helper without ext. required context.

This is re

drivers: imx: tzc380: refactor region number handling

Move the region number handling into imx_tzc_auto_configure(), to make
it possible to call the helper without ext. required context.

This is required for the upcoming dynamic ddr size configuration.

Reviewed-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>

show more ...

drivers: imx: tzc380: add support to check TZASC enable state

If OP-TEE is used the TZASC should be enabled to validate the memory
access. This adds the initial support for the i.MX6 and i.MX8M to c

drivers: imx: tzc380: add support to check TZASC enable state

If OP-TEE is used the TZASC should be enabled to validate the memory
access. This adds the initial support for the i.MX6 and i.MX8M to check
if the TZASC is enabled and throw a panic if not.

Once all platforms are covered this CFG_TZASC_CHECK_ENABLED should be
removed and the check should be done by default to enforce that the
TZASC is running.

Reviewed-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>

show more ...

drivers: imx: tzc380: add support to verify region0

There are platforms where memory aliasing can't be prevented, e.g. the
i.MX8M. If the previous running firmware configured region0, which
covers t

drivers: imx: tzc380: add support to verify region0

There are platforms where memory aliasing can't be prevented, e.g. the
i.MX8M. If the previous running firmware configured region0, which
covers the whole AXI address space, to be accessible from secure and
non-secure world the OP-TEE core memory would be accessible via memory
aliasing.

To prevent such attacks we need to ensure that region0 is accessible
from the secure world only.

Reviewed-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>

show more ...

drivers: tzc380: add tzc_verify_region0_secure helper

Add a helper which verifies that region0 is only accessible by the
secure world.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Review

drivers: tzc380: add tzc_verify_region0_secure helper

Add a helper which verifies that region0 is only accessible by the
secure world.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>

show more ...

drivers: tzc380: add support to dump region0

Dumping region0 is interesting too since it may have a insecure sp
configuration applied by the previous running firmware.

Reviewed-by: Sahil Malhotra <

drivers: tzc380: add support to dump region0

Dumping region0 is interesting too since it may have a insecure sp
configuration applied by the previous running firmware.

Reviewed-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>

show more ...

drivers: imx: tzc380: add CFG_MX6QP TZASC2 configuration

The i.MX6DP/QP SoCs have a 2nd memory controller as well which must be
configured.

This commit covers only the i.MX6QP because there is no i

drivers: imx: tzc380: add CFG_MX6QP TZASC2 configuration

The i.MX6DP/QP SoCs have a 2nd memory controller as well which must be
configured.

This commit covers only the i.MX6QP because there is no i.MX6DP OP-TEE
platform yet.

Reviewed-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>

show more ...

core: riscv: core_mmu_arch: zero-initialize new page tables

New page table pages must always start cleared. On some
platforms (e.g., QEMU) RAM happens to be zeroed at reset,
but on real hardware (FP

core: riscv: core_mmu_arch: zero-initialize new page tables

New page table pages must always start cleared. On some
platforms (e.g., QEMU) RAM happens to be zeroed at reset,
but on real hardware (FPGA/SoC DDR) may not be the case.
Without this memset, stale contents can make
core_mmu_map_region() see non-zero old_attr and panic with
"Page is already mapped" when CFG_DYN_CONFIG is enabled.

Signed-off-by: Yu-Chien Peter Lin <peter.lin@sifive.com>
Reviewed-by: Alvin Chang <alvinga@andestech.com>
Reviewed-by: Marouene Boubakri <marouene.boubakri@nxp.com>

show more ...

crypto: asu: Add crypto hash driver

Add support for following Hash algorithms
SHA-256, SHA-384, SHA-512, SHA3-256, SHA3-384, SHA3-512

Signed-off-by: Harsh Jain <h.jain@amd.com>
Signed-off-by: Aksha

crypto: asu: Add crypto hash driver

Add support for following Hash algorithms
SHA-256, SHA-384, SHA-512, SHA3-256, SHA3-384, SHA3-512

Signed-off-by: Harsh Jain <h.jain@amd.com>
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: amd: Add ASU support

Add support for the AMD Application Security Unit (ASU), the on-chip
Hardware Security Module (HSM) for Versal Gen 2.
The ASU manages all device-level security services

drivers: amd: Add ASU support

Add support for the AMD Application Security Unit (ASU), the on-chip
Hardware Security Module (HSM) for Versal Gen 2.
The ASU manages all device-level security services for user
applications, extending beyond accelerator-centric tasks.
Its firmware also exposes several software-based cryptographic
primitives, including:
- Key transfer
- RSA authentication (multiple padding schemes)
- HMAC
- Key Derivation Function (KDF)
- Key wrap / unwrap

Co-developed-by: Harsh Jain <h.jain@amd.com>
Signed-off-by: Harsh Jain <h.jain@amd.com>
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: caam: fix cache invalidation of RSA buffer

When using CAAM to generate an RSA key the CPU caching of the DMA
buffers need to be controlled to ensure the correct visibility for both
devices.

drivers: caam: fix cache invalidation of RSA buffer

When using CAAM to generate an RSA key the CPU caching of the DMA
buffers need to be controlled to ensure the correct visibility for both
devices. For the n parameter the wrong address was used when
invalidating the CPU cache after the DMA operation, resulting in <key
length> bytes of the stack being invalidated (without flushing to
memory) instead of the buffer.

The first potential consequence of this is that any parts of the n
buffer that were cached during the key generation won't get read from
RAM, resulting in a corrupt key. This is unlikely since the n buffer
was correctly flushed immediately before starting the CAAM operation.
To reliably reproduce this, a read that should normally be harmless can
be inserted immediately before caam_jr_enqueue:
((volatile uint8_t *)genkey.n.data)[0];

The second effect of this bug is that parts of the do_gen_keypair stack
frame will have its cache lines invalidated (again without write back to
memory). With 4096 bit keys and a compiler that produces the right stack
layout this affects callee saved registers, the return pointer and
potentially a stack canary. I have not been able to see the effects of
this on my iMX8MQ test device.

Fixes: ccbcceeb73c1 ("drivers: caam: add CAAM key support for RSA")
Signed-off-by: Martin Nyhus <martin@nyhus.dev>
Acked-by: Sahil Malhotra <sahil.malhotra@nxp.com>

show more ...

drivers: caam: handle serialization of short params

Adjusts the caam key serialization code to account for keys where
sec_size < buf.length. When that is the case the serialization can only
touch th

drivers: caam: handle serialization of short params

Adjusts the caam key serialization code to account for keys where
sec_size < buf.length. When that is the case the serialization can only
touch the first sec_size bytes since the rest are invalid, and the
serialized length is thus sec_size.

If the default key type has been changed to plain this can happen during
RSA keygen if the d parameter ends up shorter than the key size in
bytes. In that case the valid bytes are at the front of the buffer and
do_gen_keypair accounts for this by setting sec_size correctly, and
caam_key_serialize_to_bn is called with an inkey in the sec_size <
buf.length state. This ended up creating corrupt keys for roughly 1% of
keygens, and was caught by various RSA tests in optee_test.

Fixes: 1495f6c4a82a ("drivers: caam: add CAAM key driver")
Signed-off-by: Martin Nyhus <martin@nyhus.dev>
Acked-by: Sahil Malhotra <sahil.malhotra@nxp.com>

show more ...

drivers: caam: fix bits/bytes confusion

Fixes two mixups of bits and bytes in caam_key_init that roughly cancel
each other out. Both sec_size and the result from
caam_key_serialized_size are values

drivers: caam: fix bits/bytes confusion

Fixes two mixups of bits and bytes in caam_key_init that roughly cancel
each other out. Both sec_size and the result from
caam_key_serialized_size are values in bytes, so the key sizes in bits
need to be converted. For plain text keys this makes no difference to
the result since they cancel each other out exactly.

For the default key type of BLACK_CCM the blob overhead is now correctly
counted as bytes instead of bits which decreases the headroom, but since
the default config of 4576 was calculated correctly, the assert still
shouldn't fail.

Fixes: 1495f6c4a82a ("drivers: caam: add CAAM key driver")
Signed-off-by: Martin Nyhus <martin@nyhus.dev>
Acked-by: Sahil Malhotra <sahil.malhotra@nxp.com>

show more ...

MAINTAINERS: update Gatien's e-mail address

I am changing employer. Change my email address to a dedicated personal
one to keep an eye on the stm32 changes for now.

Signed-off-by: Gatien Chevallier

MAINTAINERS: update Gatien's e-mail address

I am changing employer. Change my email address to a dedicated personal
one to keep an eye on the stm32 changes for now.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-k3: drivers: Increase mailbox timeout to 1000ms

Mailbox driver waits for 10ms to get a response from TIFS, before
flagging the transaction a failure. 10ms seems to be right at the edge,
since u

plat-k3: drivers: Increase mailbox timeout to 1000ms

Mailbox driver waits for 10ms to get a response from TIFS, before
flagging the transaction a failure. 10ms seems to be right at the edge,
since unrelated updates to other components in the boot chain are
causing the actual wait time to increase. Therefore increase the timeout
to 1000ms.

1000ms is chosen to keep uniformity with the mailbox driver in TF-A.

Signed-off-by: Suhaas Joshi <s-joshi@ti.com>
Reviewed-by: Andrew Davis <afd@ti.com>

show more ...

MAINTAINERS: add MediaTek maintainer entry

Edit MAINTAINERS to add myself as maintainer for MediaTek support.

Signed-off-by: guan-gm.lin <guan-gm.lin@mediatek.com>

plat-rockchip: px30: set CFG_CRYPTO_WITH_CE ?= y

Similarly to what's been done to RK3399 in commit 3ab148c8f4a0
("plat-rockchip: rk3399: set CFG_CRYPTO_WITH_CE ?= y"), we can enable
the Arm Cryptogr

plat-rockchip: px30: set CFG_CRYPTO_WITH_CE ?= y

Similarly to what's been done to RK3399 in commit 3ab148c8f4a0
("plat-rockchip: rk3399: set CFG_CRYPTO_WITH_CE ?= y"), we can enable
the Arm Cryptography Extensions by default for PX30 as Rockchip claims
they are supported in the datasheet[1].

Tested with:

xtest --aes-perf -m XTS -s 1000000 -n 1000

Before:
min=88574.2us max=91273us mean=88942.8us stddev=234.498us (cv 0.26365%) (10.7223MiB/s)

After:
min=3297.58us max=3655.75us mean=3464.66us stddev=59.7159us (cv 1.72357%) (275.258MiB/s)

Link: https://opensource.rock-chips.com/images/8/87/Rockchip_PX30_Datasheet_V1.4-20191227.pdf [1]
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Quentin Schulz <quentin.schulz@cherry.de>

show more ...

core: arm: link.mk: Fix typo for python command line

Fix typo for python command line
$(q)scripts/gen_tee_bin.py => $(q)$(PYTHON3) scripts/gen_tee_bin.py

Signed-off-by: guan-gm.lin <guan-gm.lin@med

core: arm: link.mk: Fix typo for python command line

Fix typo for python command line
$(q)scripts/gen_tee_bin.py => $(q)$(PYTHON3) scripts/gen_tee_bin.py

Signed-off-by: guan-gm.lin <guan-gm.lin@mediatek.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...