core: fix map pa to va and vice versa

map_pa2va() and core_va2pa_helper() has an over complex way of
calculating the translated address which gives a faulty result if the
upper 32-bits are used in a

core: fix map pa to va and vice versa

map_pa2va() and core_va2pa_helper() has an over complex way of
calculating the translated address which gives a faulty result if the
upper 32-bits are used in a 64-bit address. This patch fixes the error
by simplifying the calculation.

Reported-by: Zhizhou Zhang <zhizhouzhang@asrmicro.com>
Tested-by: Zhizhou Zhang <zhizhouzhang@asrmicro.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (FVP AArch64)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU v7 & v8)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add interface to load user TAs

Some use cases may require custom load and verification methods for
user-mode Trusted Applications. Introduce struct user_ta_store_ops with
open(), get_size(), r

core: add interface to load user TAs

Some use cases may require custom load and verification methods for
user-mode Trusted Applications. Introduce struct user_ta_store_ops with
open(), get_size(), read() and close() functions to abstract these
tasks from the ELF loader code. Do the communication with
tee-supplicant as well as the hashing and signature verification of the
TA binary in core/arch/arm/kernel/ree_fs_ta.c, which may be disabled
and replaced by a different implementation if need be.

CC: Zeng Tao <prime.zeng@hisilicon.com>
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey, QEMU)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: arm: Enable interruptions on i.MX6

Signed-off-by: Mathieu Briand <mbriand@witekio.com>
Acked-by: Peng Fan <peng.fan@nxp.com>
Acked-by: Yan Yan <yan.yan@windriver.com>

core: mm: add missing entry in teecore_memtype_name()

teecore_memtype_name() does not handle MEM_AREA_SHM_VASPACE. Add it.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by:

core: mm: add missing entry in teecore_memtype_name()

teecore_memtype_name() does not handle MEM_AREA_SHM_VASPACE. Add it.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-ti: Add secure paging support for DRA7xx/AM57xx

Add definitions for secure SRAM and DRAM space for builds with
CFG_WITH_PAGER enabled.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Acked-by: Jen

plat-ti: Add secure paging support for DRA7xx/AM57xx

Add definitions for secure SRAM and DRAM space for builds with
CFG_WITH_PAGER enabled.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-ti: Remove duplicate SECRAM memory definition

After removing DEVICEx_TYPE/_PA_BASE/_SIZE support the definition
for SECRAM was moved to main.c, but we had already made this move,
remove the dup

plat-ti: Remove duplicate SECRAM memory definition

After removing DEVICEx_TYPE/_PA_BASE/_SIZE support the definition
for SECRAM was moved to main.c, but we had already made this move,
remove the duplicate definition.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core_mmu: add page map/unmap functions

This function allows to map list of physical pages to specified virtual
memory address.

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by:

core_mmu: add page map/unmap functions

This function allows to map list of physical pages to specified virtual
memory address.

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
[jf: remove braces {} around single statement block]
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

mm: add new VA region for dynamic shared buffers

This region will be used later to dynamically map shared buffers
provided by Normal World.

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>

mm: add new VA region for dynamic shared buffers

This region will be used later to dynamically map shared buffers
provided by Normal World.

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: fix build with DEBUG=y and LOG_LEVEL=0

Fix build issue with CFG_TEE_CORE_DEBUG=y and CFG_TEE_CORE_LOG_LEVEL=0.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Reviewed-by: Jens Wikl

core: fix build with DEBUG=y and LOG_LEVEL=0

Fix build issue with CFG_TEE_CORE_DEBUG=y and CFG_TEE_CORE_LOG_LEVEL=0.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: arm: generic boot: dt: switch console to /secure-chosen/stdout-path

If CFG_DT=y, check the Device Tree's /secure-chosen node and look for
the stdout-path property. Adjust the console output ac

core: arm: generic boot: dt: switch console to /secure-chosen/stdout-path

If CFG_DT=y, check the Device Tree's /secure-chosen node and look for
the stdout-path property. Adjust the console output accordingly.
The DT bindings for this property have been proposed on the LKML [1].

[1] https://www.spinics.net/lists/arm-kernel/msg566034.html

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (QEMU)
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: introduce struct dt_driver

When CFG_DT=y, a linker section is created (.rodata.dtdrv) to hold all
the DT-compatible drivers. The table can later be queried at runtime.
Some manipulation functi

core: introduce struct dt_driver

When CFG_DT=y, a linker section is created (.rodata.dtdrv) to hold all
the DT-compatible drivers. The table can later be queried at runtime.
Some manipulation functions are exported in <kernel/dt.h>.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: dt: use fdt_address_cells() and fdt_size_cells()

Use the functions provided by libfdt instead of our own.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Ca

core: dt: use fdt_address_cells() and fdt_size_cells()

Use the functions provided by libfdt instead of our own.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: fix non-LPAE page mapped static mapping

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

core: fix test against end address of core virtual memory

Fix the first argument of the ROUNDUP() that should be 'map->va' instead
of 'va' which is the lowest virtual address mapped.

'va_max' is re

core: fix test against end address of core virtual memory

Fix the first argument of the ROUNDUP() that should be 'map->va' instead
of 'va' which is the lowest virtual address mapped.

'va_max' is renamed 'end' to help code fitting in 80 char lines.

Fixes: aa2ab38be0aa (core: more flexible static memory mapping)
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-imx: use the mov_imm macro instead of movw/movt

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wikla

plat-imx: use the mov_imm macro instead of movw/movt

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

am57xx: fix build error

Fix "#elif with no expression" error when building with ti-am57xx flavor
Add am57xx to .travic.yml as supported platform

Reviewed-by: Jerome Forissier <jerome.forissier@lina

am57xx: fix build error

Fix "#elif with no expression" error when building with ti-am57xx flavor
Add am57xx to .travic.yml as supported platform

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Andrew F. Davis <afd@ti.com>
Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>

show more ...

core: thread: allocate RPC arg data on demand

Delays the RPC arg data allocation until it's needed to avoid doing RPC
when the caller in normal world isn't prepared to handle it.

Reviewed-by: Jerom

core: thread: allocate RPC arg data on demand

Delays the RPC arg data allocation until it's needed to avoid doing RPC
when the caller in normal world isn't prepared to handle it.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey)
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-ti: Add support for using HUK on DRA7xx/AM57xx

On DRA7xx/AM57xx the initial secure software will pass OP-TEE a
Hardware Unique Key (HUK), use this key when requested.

Signed-off-by: Andrew F.

plat-ti: Add support for using HUK on DRA7xx/AM57xx

On DRA7xx/AM57xx the initial secure software will pass OP-TEE a
Hardware Unique Key (HUK), use this key when requested.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

plat-ti: Read and store HUK sent by initial secure software

Some TI platforms pass the HUK to OP-TEE via a secure memory stack. Read
and store this key for later use. On platforms without CFG_OTP_SU

plat-ti: Read and store HUK sent by initial secure software

Some TI platforms pass the HUK to OP-TEE via a secure memory stack. Read
and store this key for later use. On platforms without CFG_OTP_SUPPORT
this key is ignored.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

plat-ti: Rename platform context to platform boot arguments

Currently the non-secure context is passed in from our initial secure
software as part of the OP-TEE load process. This passed-in data wil

plat-ti: Rename platform context to platform boot arguments

Currently the non-secure context is passed in from our initial secure
software as part of the OP-TEE load process. This passed-in data will
not only contain the non-secure context but also any additional data we
may need to give to OP-TEE. Rename these structures and group the context
data into a struct for future expansion.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

Support ARM GICv3 mode

In ARM GICv3 mode, the interrupts are used as below for optee_os.
* FIQ - Foreign interrupts not handled by optee_os. This includes
the non-secure interrupts that should be ha

Support ARM GICv3 mode

In ARM GICv3 mode, the interrupts are used as below for optee_os.
* FIQ - Foreign interrupts not handled by optee_os. This includes
the non-secure interrupts that should be handled by the REE and the
secure interrupts assigned to the monitor (aarch32 Monitor mode or
aarch64 EL3).
* IRQ - Native interrupts for optee_os.

And optee_os should use the system register interface to access the GICC
registers in GICv3 mode.

A new build flag `CFG_ARM_GICV3=y` should be set to support GICv3 mode.

Signed-off-by: David Wang <david.wang@arm.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Refine the interrupt handlers

The handlers of native and foreign interrupts are hardcoded in FIQ and
IRQ handlers.
This patch generalizes these handlers in macros.
For ARM GICv2 mode, FIQ handler ca

Refine the interrupt handlers

The handlers of native and foreign interrupts are hardcoded in FIQ and
IRQ handlers.
This patch generalizes these handlers in macros.
For ARM GICv2 mode, FIQ handler calls native interrupt handler and IRQ
handler calls foreign interrupt handler.

Signed-off-by: David Wang <david.wang@arm.com>
Tested-by: David Wang <david.wang@arm.com> (juno arm32 and arm64)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

otp: convert to use weak default

There is no longer any point in having CFG_OTP_SUPPORT.

It's always supported either by the weak implementation
or any platform override.

Since there exists a plat

otp: convert to use weak default

There is no longer any point in having CFG_OTP_SUPPORT.

It's always supported either by the weak implementation
or any platform override.

Since there exists a platform 'sunxi' that does not have
CFG_GENERIC_BOOT and doesn't build generic_boot.c, this
is plaved in a new file 'otp_stubs.c'. Since this is
just copied Linaro code at this point, keep Linaro
copyright message on the new file.

Signed-off-by: Andy Green <andy@warmcat.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

dtb: no need to print trace with an ! if we were given a dtb with expected nodes

Signed-off-by: Andy Green <andy@warmcat.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

Add one IMSG line before OP-TEE init message

Otherwise at least on Hikey, it comes partway through an ARM TF
message and is hard to parse.

Signed-off-by: Andy Green <andy@warmcat.com>
[jf: s/a-t-f/

Add one IMSG line before OP-TEE init message

Otherwise at least on Hikey, it comes partway through an ARM TF
message and is hard to parse.

Signed-off-by: Andy Green <andy@warmcat.com>
[jf: s/a-t-f/ARM TF/ in commit log]
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...