core: kernel: move ldelf_loader.c to core/kernel

Make other architecture implementations benefit from ldelf_loader.c,
therefore move it from core/arch/arm/kernel to core/kernel.
The header file is a

core: kernel: move ldelf_loader.c to core/kernel

Make other architecture implementations benefit from ldelf_loader.c,
therefore move it from core/arch/arm/kernel to core/kernel.
The header file is already located outside the arch folder.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

plat-vexpress: add support for hafnium interrupt controller

Enables support for the Hafnium interrupt controller if configured with
CFG_CORE_HAFNIUM_INTC=y.

Acked-by: Jerome Forissier <jerome.foris

plat-vexpress: add support for hafnium interrupt controller

Enables support for the Hafnium interrupt controller if configured with
CFG_CORE_HAFNIUM_INTC=y.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add driver for hafnium interrupt controller

Adds a driver for the paravirtualized interrupt controller provided by
Hafnium at S-EL2. The driver is enabled with CFG_CORE_HAFNIUM_INTC=y.

The in

core: add driver for hafnium interrupt controller

Adds a driver for the paravirtualized interrupt controller provided by
Hafnium at S-EL2. The driver is enabled with CFG_CORE_HAFNIUM_INTC=y.

The interrupt controller is limited compared to the GIC and only works
with interrupt ids which are already added in the SP manifest or as
predefined reserved interrupt ids.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add CFG_CORE_IRQ_IS_NATIVE_INTR

Adds CFG_CORE_IRQ_IS_NATIVE_INTR to configure how native and foreign are
signalled.
Selects if IRQ is used to signal native interrupt
if CFG_CORE_IRQ_IS_NATIVE_

core: add CFG_CORE_IRQ_IS_NATIVE_INTR

Adds CFG_CORE_IRQ_IS_NATIVE_INTR to configure how native and foreign are
signalled.
Selects if IRQ is used to signal native interrupt
if CFG_CORE_IRQ_IS_NATIVE_INTR == y:
IRQ signals a native interrupt pending
FIQ signals a foreign non-secure interrupt or a managed exit pending
else: (vice versa)
IRQ signals a foreign non-secure interrupt or a managed exit pending
FIQ signals a native interrupt pending

CFG_CORE_IRQ_IS_NATIVE_INTR replaces the places in the code where
CFG_ARM_GICV3 was used to configure how FIQ and IRQ was treated.

CFG_CORE_IRQ_IS_NATIVE_INTR is automatically configured according to
CFG_ARM_GICV3 if CFG_GIC == y. This prepares for other interrupt
controllers where it doesn't make sense to use CFG_ARM_GICV3.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-vexpress: S-EL2 SPMC: update for hafnium

Updates needed to run with Hafnium as S-EL2 SPMC on QEMU. GIC and
reserved (static) shared is not supported, so disable it for
CFG_CORE_SEL2_SPMC=y.

Wi

plat-vexpress: S-EL2 SPMC: update for hafnium

Updates needed to run with Hafnium as S-EL2 SPMC on QEMU. GIC and
reserved (static) shared is not supported, so disable it for
CFG_CORE_SEL2_SPMC=y.

With S-EL2 on QEMU some secure memory must be set aside for Hafnium.
Since this depends on how Hafnium is compiled etc don't assume which
address range can be used by OP-TEE, instead leave that as an open
configuration option.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: add thread_hvc()

Adds thread_hvc() which is the same as thread_smc() except that it uses
the HVC instruction instead of the SMC instruction. This is useful where
an SPMC at S-EL2 expects

core: arm: add thread_hvc()

Adds thread_hvc() which is the same as thread_smc() except that it uses
the HVC instruction instead of the SMC instruction. This is useful where
an SPMC at S-EL2 expects and HVC instead of SMC for certain functions.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: mobj_ffa_add_pages_at() trust addresses from SPMC

mobj_ffa_add_pages_at() checks that a supplied physical address is
non-secure. This check is not needed with an SPMC at S-EL2 as we can
trust

core: mobj_ffa_add_pages_at() trust addresses from SPMC

mobj_ffa_add_pages_at() checks that a supplied physical address is
non-secure. This check is not needed with an SPMC at S-EL2 as we can
trust that to only provide verified addresses. So disable the check for
non-secure memory in that case, this has also the advantage that OP-TEE
no longer need to know the valid ranges of non-secure memory.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: S-EL1 SPMC: fix handling of fragmented memory descriptors

Prior to this commit there was a misunderstanding of how fragmented
memory descriptors are handled. FFA_MEM_SHARE returned FFA_SU

core: arm: S-EL1 SPMC: fix handling of fragmented memory descriptors

Prior to this commit there was a misunderstanding of how fragmented
memory descriptors are handled. FFA_MEM_SHARE returned FFA_SUCCESS even
when another fragment was expected. FFA_MEM_FRAG_TX returned
FFA_MEM_FRAG_RX even after the last fragment was received.

Fix this by only return FFA_SUCCESS from FFA_MEM_SHARE if the entire
descriptor has been received. If only the first fragment has been
received return FFA_MEM_FRAG_RX instead. Only return FFA_MEM_FRAG_RX
from FFA_MEM_FRAG_TX if further fragments are expected. Return
FFA_SUCCESS from FFA_MEM_FRAG_RX when then entire descriptor has been
received.

Fixes: 1b302ac09816 ("core: enable FF-A with SPM Core at S-EL1")
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: S-EL1 SPMC: boot ABI update

Updates the boot ABI for S-EL1 SPMC to align better with other SPMCs,
like Hafnium, but also with the non-FF-A configuration.

Register usage:
X0 - TOS FW conf

core: arm: S-EL1 SPMC: boot ABI update

Updates the boot ABI for S-EL1 SPMC to align better with other SPMCs,
like Hafnium, but also with the non-FF-A configuration.

Register usage:
X0 - TOS FW config [1] address, if not NULL
X2 - System DTB, if not NULL

Adds check in the default get_aslr_seed() to see if the system DTB is
present before trying to read kaslr-seed from secure-chosen.

Note that this is an incompatible change and requires corresponding
change in TF-A ("feat(qemu): update abi between spmd and spmc") [2].

[1] A TF-A concept: TOS_FW_CONFIG - Trusted OS Firmware configuration
file. Used by Trusted OS (BL32), that is, OP-TEE in this case
Link: [2] https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/commit/?id=25ae7ad1878244f78206cc7c91f7bdbd267331a1

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

dts: stm32: remove unused pin description for uart8

Uart8 was removed. Removes unused pin description for this peripheral.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by:

dts: stm32: remove unused pin description for uart8

Uart8 was removed. Removes unused pin description for this peripheral.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

dts: stm32: fix indentation and remove unused uart8 for STM32MP135F-DK

Removes uart8 node as it is unused.

Fixes indentation issue for reserved-memory node.

Signed-off-by: Gatien Chevallier <gatie

dts: stm32: fix indentation and remove unused uart8 for STM32MP135F-DK

Removes uart8 node as it is unused.

Fixes indentation issue for reserved-memory node.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-stm32mp1: enable hardware rng for STM32MP13

Adds RNG node in stm32mp131.dtsi and enables it in stm32mp135f-dk.dts.

Default disables CFG_WITH_SOFTWARE_PRNG for STM32MP13: OP-TEE uses
the HW RNG

plat-stm32mp1: enable hardware rng for STM32MP13

Adds RNG node in stm32mp131.dtsi and enables it in stm32mp135f-dk.dts.

Default disables CFG_WITH_SOFTWARE_PRNG for STM32MP13: OP-TEE uses
the HW RNG support.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: imx: remove unused includes

Remove unused includes from main.c

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wik

core: imx: remove unused includes

Remove unused includes from main.c

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add StMM to reported services

Adds StMM to the list of services reported by the device pseudo TA.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias

core: add StMM to reported services

Adds StMM to the list of services reported by the device pseudo TA.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-sam: add support for sama5d27-wlsom1-ek board

Add support for PLATFORM_FLAVOR=sama5d27_wlsom1_ek and use the correct
debug console (UART0) for that platform.

Signed-off-by: Clément Léger <clem

plat-sam: add support for sama5d27-wlsom1-ek board

Add support for PLATFORM_FLAVOR=sama5d27_wlsom1_ek and use the correct
debug console (UART0) for that platform.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

dts: at91: add sama5d27-wlsom1-ek device-trees

Import device-tree from Linux for sama5d27-wlsom1-ek board.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked-by: Jens Wiklander <jens.wi

dts: at91: add sama5d27-wlsom1-ek device-trees

Import device-tree from Linux for sama5d27-wlsom1-ek board.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

pta: imx: add DIGPROG PTA

Add an i.MX PTA to get the platform digprog value.
This 32 bits value holds the SOC type and the minor and major revision
number.

Signed-off-by: Clement Faure <clement.fau

pta: imx: add DIGPROG PTA

Add an i.MX PTA to get the platform digprog value.
This 32 bits value holds the SOC type and the minor and major revision
number.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: finalize scall layer

Finalizes the new scall layer by renaming remaining files so the generic
scall layer resides in core/include/kernel/scall.h and
core/kernel/scall.c.

New architectures are

core: finalize scall layer

Finalizes the new scall layer by renaming remaining files so the generic
scall layer resides in core/include/kernel/scall.h and
core/kernel/scall.c.

New architectures are expected to provide a
core/arch/arm/include/kernel/arch_scall.h with functions needed to deal
with the architecture specific struct thread_scall_regs usage in
core/kernel/scall.c.

New architectures are also expected to provide an implementation of
scall_save_panic_stack() called from scall_sys_return_helper().

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: provide scall_save_panic_stack()

Provides an architecture specific function scall_save_panic_stack() in
core/arch/arm/kernel/arch_scall.c. This function and its helpers are
extracted from core

core: provide scall_save_panic_stack()

Provides an architecture specific function scall_save_panic_stack() in
core/arch/arm/kernel/arch_scall.c. This function and its helpers are
extracted from core/arch/arm/tee/arch_svc.c.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: provide arch_scall.h

Provide scall functions to deal with the layout of the architecture
specific struct thread_scall_regs. The new static inline scall_
functions are based on the old internal

core: provide arch_scall.h

Provide scall functions to deal with the layout of the architecture
specific struct thread_scall_regs. The new static inline scall_
functions are based on the old internal static functions in
core/arch/arm/tee/arch_svc.c.

This patch doesn't change any behaviour.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: introduce scall layer from svc parts

Introduces a scall layer by renaming various thread_svc* names and
_*handle_svc() functions and function pointers as a first step in doing
architecture neu

core: introduce scall layer from svc parts

Introduces a scall layer by renaming various thread_svc* names and
_*handle_svc() functions and function pointers as a first step in doing
architecture neutral syscall processing.

The name scall is used instead of syscall since the syscall_ prefix is
reserved for the functions implementing the actual syscall. While scall
is the infrastructure used to reach the syscall functions.

No files are renamed and removed at this stage. This patch doesn't
change any behaviour.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-stm32mp1: enable debug feature on non secure-closed chip

Adds a new service that enables all debug features (HPD, invasive,
non invasive debug) when the chip is not in secure-closed state.
This

plat-stm32mp1: enable debug feature on non secure-closed chip

Adds a new service that enables all debug features (HPD, invasive,
non invasive debug) when the chip is not in secure-closed state.
This feature is enabled when CFG_STM32_DEBUG_ACCESS is set to 'y'. It
defaults to CFG_TEE_CORE_DEBUG value.

By default, chip is secure open in order to make development and
allow debug purpose.

Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-k3: Increase size of high DDR memory region

With the addition of j784s4 in K3 devices, DRAM size is increased to
32GB.

Update the size of higher memory addresses to handle this.

Signed-off-by

plat-k3: Increase size of high DDR memory region

With the addition of j784s4 in K3 devices, DRAM size is increased to
32GB.

Update the size of higher memory addresses to handle this.

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
Acked-by: Andrew Davis <afd@ti.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-versal: program the FPGA during OP-TEE initialization

Users can program the FPGA image by placing it at
CFG_VERSAL_FPGA_DDR_ADDR.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-

plat-versal: program the FPGA during OP-TEE initialization

Users can program the FPGA image by placing it at
CFG_VERSAL_FPGA_DDR_ADDR.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-versal: allow RPMB init only on secured boards

Allow writing the RPMB key only on secured boards.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.for

plat-versal: allow RPMB init only on secured boards

Allow writing the RPMB key only on secured boards.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...