plat-k3: drivers: Set firewall for DTHEv2 RNG

Set firewall to protect DTHEv2 RNG from non-secure world.

Signed-off-by: Suhaas Joshi <s-joshi@ti.com>
Reviewed-by: T Pratham <t-pratham@ti.com>
Review

plat-k3: drivers: Set firewall for DTHEv2 RNG

Set firewall to protect DTHEv2 RNG from non-secure world.

Signed-off-by: Suhaas Joshi <s-joshi@ti.com>
Reviewed-by: T Pratham <t-pratham@ti.com>
Reviewed-by: Andrew Davis <afd@ti.com>

show more ...

plat-k3: drivers: Remove code to get firewall configs

The ti_crypto_init_rng_fwl() function gets firewall configurations
before setting new ones. This is pointless, since we are not using
the config

plat-k3: drivers: Remove code to get firewall configs

The ti_crypto_init_rng_fwl() function gets firewall configurations
before setting new ones. This is pointless, since we are not using
the configurations that we get anywhere. Therefore remove these blocks
of code.

Signed-off-by: Suhaas Joshi <s-joshi@ti.com>
Reviewed-by: Andrew Davis <afd@ti.com>
Reviewed-by: T Pratham <t-pratham@ti.com>

show more ...

plat-k3: drivers: Refactor SA2UL RNG firewall setup

sa2ul_init() contains code to set firewall for SA2UL RNG. However,
almost the same code can also be used to firewall DTHEv2 RNG. Therefore
refacto

plat-k3: drivers: Refactor SA2UL RNG firewall setup

sa2ul_init() contains code to set firewall for SA2UL RNG. However,
almost the same code can also be used to firewall DTHEv2 RNG. Therefore
refactor this code into a separate function in the ti_sci driver.

Signed-off-by: Suhaas Joshi <s-joshi@ti.com>
Reviewed-by: T Pratham <t-pratham@ti.com>
Reviewed-by: Andrew Davis <afd@ti.com>

show more ...

mk/compile.mk: include conf.h during device tree build

When compiling device trees conf.h isn't included in the cpp step.
Add the -include for conf.h and add it as a dependency too.

Signed-off-by:

mk/compile.mk: include conf.h during device tree build

When compiling device trees conf.h isn't included in the cpp step.
Add the -include for conf.h and add it as a dependency too.

Signed-off-by: Jan Imhof <jan210404@gmx.de>
Reviewed-by: Jerome Forissier <jerome.forissier@arm.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: mm: add extra xlat table when core ASan is enabled

Enabling CFG_CORE_SANITIZE_KADDRESS increases MMU translation
table usage in multiple ways. In addition to ASan shadow regions,
the overall s

core: mm: add extra xlat table when core ASan is enabled

Enabling CFG_CORE_SANITIZE_KADDRESS increases MMU translation
table usage in multiple ways. In addition to ASan shadow regions,
the overall size of the core image grows, including code, data,
and stack mappings. This often leads to additional page table splits
and higher xlat table consumption.

Signed-off-by: Aleksandr Iashchenko <aleksandr.iashchenko@linutronix.de>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@st.com>

show more ...

Revert "ci: disable regression_1034 for SPMC_AT_EL=2"

This reverts commit e4a86928c2052a1e04f4014f2e98f0e70c63351e. The Linux
kernel has been updated to v6.18 which brings FF-A 1.2. With FF-A 1.2
bo

Revert "ci: disable regression_1034 for SPMC_AT_EL=2"

This reverts commit e4a86928c2052a1e04f4014f2e98f0e70c63351e. The Linux
kernel has been updated to v6.18 which brings FF-A 1.2. With FF-A 1.2
both in the normal world and in OP-TEE, Hafnium will not panic on too
large fragmented mem share requests. So let's re-enable the test case
regression 1034 for Hafnium.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Rouven Czerwinski <rouven.czerwinski@linaro.org>

show more ...

plat-stm32mp1: default enable CFG_STM32_DEBUG_ACCESS_PTA

In order to handle request on the debug configuration, default enable
CFG_STM32_DEBUG_ACCESS_PTA to embed the debug access PTA.

Signed-off-b

plat-stm32mp1: default enable CFG_STM32_DEBUG_ACCESS_PTA

In order to handle request on the debug configuration, default enable
CFG_STM32_DEBUG_ACCESS_PTA to embed the debug access PTA.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@st.com>

show more ...

pta: stm32mp: add debug access PTA

Add the debug access PTA that is responsible of validating whether
a given debug profile is configured or not. This basically means that
the debug configuration sh

pta: stm32mp: add debug access PTA

Add the debug access PTA that is responsible of validating whether
a given debug profile is configured or not. This basically means that
the debug configuration should allow (at least!) access to the debug
peripherals requiring the debug profile being checked.

For now, as it is specific to BSEC, only embed the PTA if the BSEC support
is embedded as well.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@st.com>

show more ...

MAINTAINERS: update Jerome's e-mail address

Update my e-mail address. My personal address is still valid but using
my professional e-mail is preferred.

Signed-off-by: Jerome Forissier <jerome.foris

MAINTAINERS: update Jerome's e-mail address

Update my e-mail address. My personal address is still valid but using
my professional e-mail is preferred.

Signed-off-by: Jerome Forissier <jerome.forissier@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: fix feat_pauth_implemented not consider QARMA3 algorithm

The feat_pauth_implemented function does not take
ID_AA64ISAR2_EL1.{GPA3,APA3} into account, which indicates the
processor support

core: arm: fix feat_pauth_implemented not consider QARMA3 algorithm

The feat_pauth_implemented function does not take
ID_AA64ISAR2_EL1.{GPA3,APA3} into account, which indicates the
processor supports the QARMA3.

According to Arm's documentation, ID_AA64ISAR1_EL1.{GPI,GPA,API,APA}
should be zero if ID_AA64ISAR2_EL1.{GPA3,APA3} are non-zero.
Therefore, OP-TEE wrongly reports that PAC is not available to TA
when the CPU uses QARMA3 algorithm.

This commit also introduces the register read function and related
definitions for ID_AA64ISAR2_EL1.

Signed-off-by: Leo Chen <shf.chen@mediatek.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: dt: add overlay support to dt_enable_secure_status

Add support to write the "secure-status" property to overlays in
addition to the inline DTB changes if the user enabled the overlay
support.

core: dt: add overlay support to dt_enable_secure_status

Add support to write the "secure-status" property to overlays in
addition to the inline DTB changes if the user enabled the overlay
support.

Most BL33 firmwares don't reuse the DTB provided to OP-TEE. Therefore
add an overlay for the requested node to not lose the changes done by
OP-TEE. The overlay can be used by the BL33 firmware to apply the
changes.

Reviewed-by: Etienne Carriere <etienne.carriere@st.com>
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>

show more ...

core: dt: add add_dt_node_overlay_fragment helper

Add a helper to add overlays to an external-dt for a caller provided
node. The overlay can be used by the caller to overwrite node
properties. The s

core: dt: add add_dt_node_overlay_fragment helper

Add a helper to add overlays to an external-dt for a caller provided
node. The overlay can be used by the caller to overwrite node
properties. The subsequent BL33 can use the overlay to apply the changes
to the BL33 DTB and kernel DTB.

Reviewed-by: Etienne Carriere <etienne.carriere@st.com>
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>

show more ...

core: dt: add support to pass target-path to add_dt_overlay_fragment

Exentend the API to be able to specify the DTB overlay "target-path".

Reviewed-by: Etienne Carriere <etienne.carriere@st.com>
Si

core: dt: add support to pass target-path to add_dt_overlay_fragment

Exentend the API to be able to specify the DTB overlay "target-path".

Reviewed-by: Etienne Carriere <etienne.carriere@st.com>
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>

show more ...

core: dt: fix add_res_mem_dt_node for _CFG_USE_DTB_OVERLAY use-cases

Currently add_res_mem_dt_node() doesn't add a overlay fragment if
CFG_EXTERNAL_DTB_OVERLAY=y and the provided DTB already contain

core: dt: fix add_res_mem_dt_node for _CFG_USE_DTB_OVERLAY use-cases

Currently add_res_mem_dt_node() doesn't add a overlay fragment if
CFG_EXTERNAL_DTB_OVERLAY=y and the provided DTB already contains a
"/reserved-memory" e.g. due to some co-processor reserved-memory
descriptions.

To fix this add_res_mem_dt_node() must always add a "/reserved-memory"
DTB overlay fragment if a DTB overlay shall be created
(_CFG_USE_DTB_OVERLAY=y).

Reviewed-by: Etienne Carriere <etienne.carriere@st.com>
Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>

show more ...

core: tee_ree_fs: remove corrupt file without rollback protection

During the creation of the OP-TEE REE-FS database file, several
RPC commands are executed. If an unexpected power outage occurs
duri

core: tee_ree_fs: remove corrupt file without rollback protection

During the creation of the OP-TEE REE-FS database file, several
RPC commands are executed. If an unexpected power outage occurs
during this process, it may result in an incomplete dirf.db file
with a size of 0 bytes, and this file has not yet been configured
with rollback protection.

This change extends the error handling in ree_fs_open_primitive
function to conditionally remove the corrupted file when rollback
protection is not set, allowing the caller to recreate the file
later. This also resolves the previously mentioned dirf.db issue.

Link: https://github.com/OP-TEE/optee_os/issues/7512
Signed-off-by: Ox Yeh <ox.yeh@mediatek.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@st.com>

show more ...

Update CHANGELOG for 4.9.0

Update CHANGELOG for 4.9.0 and collect Tested-by tags.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Sumit Garg <sumit.garg@oss.qualcomm.com> (qcom

Update CHANGELOG for 4.9.0

Update CHANGELOG for 4.9.0 and collect Tested-by tags.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Sumit Garg <sumit.garg@oss.qualcomm.com> (qcom-kodiak)
Tested-by: Amey Raghatate <ameyavinash.raghatate@amd.com> (AMD Versal Gen 2)
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (imx-mx6dlsabresd)
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (imx-mx6sxsabresd)
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (imx-mx6ulevk)
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (imx-mx6ullevk)
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (imx-mx7dsabresd)
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (imx-mx7ulpevk)
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (imx-mx8dxlevk)
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (imx-mx8mmevk)
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (imx-mx8mnevk)
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (imx-mx8mqevk)
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (imx-mx8mpevk)
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (imx-mx8qmmek)
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (imx-mx8qxpmek)
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (imx-mx8ulpevk)
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (imx-mx93evk)
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (imx-mx91evk)
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (imx-mx95evk)
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (imx-mx943evk)
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (LX2160A-RDB)
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (LS1046A-RDB)
Tested-by: Joakim Bech <joakim.bech@gmail.com> (Rpi3)
Tested-by: Guiyong Hwang <gy.hwang@telechips.com> (telechips-tcc805x)
Tested-by: Etienne Carriere <etienne.carriere@st.com> (stm32mp1-135F_DK)
Tested-by: Etienne Carriere <etienne.carriere@st.com> (stm32mp1-157C_EV1 with RPMB)
Tested-by: Etienne Carriere <etienne.carriere@st.com> (stm32mp1-157C_EV1_SCMI, with RPMB)
Tested-by: Etienne Carriere <etienne.carriere@st.com> (stm32mp1-157C_DK2)
Tested-by: Etienne Carriere <etienne.carriere@st.com> (stm32mp1-157C_DK2_SCMI)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (Hikey)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (rockchip-rk3399 Rockpi4B)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (vexpress-qemu_virt)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (vexpress-qemu_armv8a)

show more ...

core: atomic ftrace buffer map update

When switching sessions, that is, calling ts_push_current_session() or
ts_pop_current_session(), a foreign interrupt may save the current
thread. When this happ

core: atomic ftrace buffer map update

When switching sessions, that is, calling ts_push_current_session() or
ts_pop_current_session(), a foreign interrupt may save the current
thread. When this happens, the ftrace buffer mapping must be consistent
with the current session, or bad things, like OP-TEE core crashing or
corrupting TA memory, might occur. Fix this by masking foreign
interrupts while updating the linked list, and disable the ftrace buffer
while setting new TA mappings.

All mappings of a TA are removed if the TA crashes, even if user
mappings might still be active. Add checks in the functions accessing
the ftrace buffer that the buffer is accessible before accessing it to
avoid eventual OP-TEE core crashes.

Fixes: 17513217b24c ("ftrace: dump ftrace after every ta_entry")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
Acked-by: Rouven Czerwinski <rouven.czerwinski@linaro.org>

show more ...

core: user_ta: fix cleared userspace PAUTH keys

Restore pointer authentication keys that were cleared when commit
referenced below was integrated since vm_info_init(), called after
the keys are gene

core: user_ta: fix cleared userspace PAUTH keys

Restore pointer authentication keys that were cleared when commit
referenced below was integrated since vm_info_init(), called after
the keys are generated, resets the user context structure.

Closes: https://github.com/OP-TEE/optee_os/issues/7659
Fixes: 614b28146e96 ("core: user_ta: PAUTH key initialization may fail")
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Reviewed-by: Rouven Czerwinski <rouven.czerwinski@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

zynqmp: add platform_banner for ZynqMP

Add a platform_banner for zynqmp platforms.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Acked-by: Etienne Carriere <etienne.carriere@st.com>
Reviewed-by:

zynqmp: add platform_banner for ZynqMP

Add a platform_banner for zynqmp platforms.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Acked-by: Etienne Carriere <etienne.carriere@st.com>
Reviewed-by: Ricardo Salveti <ricardo@foundries.io>

show more ...

zynqmp: add flavors for kria starter kits

Add PLATFORM_FLAVOR for kd240, kr260 and kv260 kria starter kits.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Acked-by: Etienne Carriere <etienne.carr

zynqmp: add flavors for kria starter kits

Add PLATFORM_FLAVOR for kd240, kr260 and kv260 kria starter kits.

Signed-off-by: Neal Frager <neal.frager@amd.com>
Acked-by: Etienne Carriere <etienne.carriere@st.com>
Reviewed-by: Ricardo Salveti <ricardo@foundries.io>

show more ...

core: only dump ftrace buffer with TA mapped

The ftrace buffer is mapped in secure user space. The dump_ftrace()
callback must only be called if the buffer is mapped. During TA panic
the dump_ftrace

core: only dump ftrace buffer with TA mapped

The ftrace buffer is mapped in secure user space. The dump_ftrace()
callback must only be called if the buffer is mapped. During TA panic
the dump_ftrace() might get called as part of the TA context cleanup and
cause a crash. So fix this by skipping the dump_ftrace() callback during
those occasions.

Fixes: 17513217b24c ("ftrace: dump ftrace after every ta_entry")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Rouven Czerwinski <rouven.czerwinski@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@st.com>

show more ...

MAINTAINERS: update Etienne's e-mail address

Update Etienne's e-mail address.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Joakim Bech <joakim.bech@gmail.com>
Acked-by: Etien

MAINTAINERS: update Etienne's e-mail address

Update Etienne's e-mail address.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Joakim Bech <joakim.bech@gmail.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

MAINTAINERS: update Ahmed's e-mail address

Update Ahmed's e-mail address.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Joakim Bech <joakim.bech@gmail.com>
Acked-by: Etienne C

MAINTAINERS: update Ahmed's e-mail address

Update Ahmed's e-mail address.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Joakim Bech <joakim.bech@gmail.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

MAINTAINERS: remove Amit (AllWinner sun50i A64)

Amit's email bounces, therefor remove him from MAINTAINERS. Since
there's no one left for AllWinner sun50i A64, change its status from
Maintained to O

MAINTAINERS: remove Amit (AllWinner sun50i A64)

Amit's email bounces, therefor remove him from MAINTAINERS. Since
there's no one left for AllWinner sun50i A64, change its status from
Maintained to Orphan.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Joakim Bech <joakim.bech@gmail.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

MAINTAINERS: update Joakim's details

Update Joakim's email address and GitHub handle.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Joakim Bech <joakim.bech@gmail.com>
Acked-b

MAINTAINERS: update Joakim's details

Update Joakim's email address and GitHub handle.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Joakim Bech <joakim.bech@gmail.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...