History log of /optee_os/core/drivers/crypto/ (Results 1 – 25 of 362)
Revision Date Author Comments
(<<< Hide modified files)
(Show modified files >>>)
06c4e95e08-Apr-2026 Harish Ediga <harish.ediga@amd.com>

crypto: asu: send hash address in request buffer for digest

Update driver to read digest from hash address sent to firmware
instead of response buffer

Fixes: 74ddb42edbe0 ("crypto: asu: Add crypto

crypto: asu: send hash address in request buffer for digest

Update driver to read digest from hash address sent to firmware
instead of response buffer

Fixes: 74ddb42edbe0 ("crypto: asu: Add crypto hash driver")
Signed-off-by: Harish Ediga <harish.ediga@amd.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

20da862b06-Apr-2026 Harish Ediga <harish.ediga@amd.com>

crypto: asu: fix command header length and race condition

- Updated asu_create_header() to pass command length in words
(sizeof(*cp)/sizeof(uint32_t)) instead of zero, to align with
ASUFW requir

crypto: asu: fix command header length and race condition

- Updated asu_create_header() to pass command length in words
(sizeof(*cp)/sizeof(uint32_t)) instead of zero, to align with
ASUFW requirements for proper command parsing.
- Multiple crypto drivers can submit request to shared buffer.
Make sure all queue parameters are update in spin_lock.

Fixes: 7f2d4e10736f ("drivers: amd: Add ASU support")
Signed-off-by: Harish Ediga <harish.ediga@amd.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/MAINTAINERS
/optee_os/core/arch/arm/arm.mk
/optee_os/core/arch/arm/include/kernel/stmm_sp.h
/optee_os/core/arch/arm/kernel/boot.c
/optee_os/core/arch/arm/kernel/entry_a32.S
/optee_os/core/arch/arm/kernel/entry_a64.S
/optee_os/core/arch/arm/kernel/thread.c
/optee_os/core/arch/arm/kernel/thread_spmc.c
/optee_os/core/arch/arm/mm/mobj_ffa.c
/optee_os/core/arch/arm/mm/tee_pager.c
/optee_os/core/arch/arm/plat-altera/conf.mk
/optee_os/core/arch/arm/plat-altera/main.c
/optee_os/core/arch/arm/plat-altera/platform_config.h
/optee_os/core/arch/arm/plat-altera/sub.mk
/optee_os/core/arch/arm/plat-d06/conf.mk
/optee_os/core/arch/arm/plat-d06/main.c
/optee_os/core/arch/arm/plat-d06/platform_config.h
/optee_os/core/arch/arm/plat-imx/conf.mk
/optee_os/core/arch/arm/plat-qcom/conf.mk
/optee_os/core/arch/arm/plat-rockchip/conf.mk
/optee_os/core/arch/arm/sm/pm_a32.S
/optee_os/core/arch/riscv/kernel/thread_arch.c
/optee_os/core/arch/riscv/plat-spike/conf.mk
/optee_os/core/core.mk
/optee_os/core/drivers/amd/asu/asu_main.c
asu_driver/asu_hash.c
/optee_os/core/drivers/imx_rngb.c
/optee_os/core/include/kernel/tee_ta_manager.h
/optee_os/core/include/tee/fs_htree.h
/optee_os/core/kernel/sub.mk
/optee_os/core/kernel/tee_ta_manager.c
/optee_os/core/kernel/thread.c
/optee_os/core/kernel/trace_ext.c
/optee_os/core/kernel/user_ta.c
/optee_os/core/mm/boot_mem.c
/optee_os/core/mm/vm.c
/optee_os/core/pta/tests/misc.c
/optee_os/core/tee/entry_std.c
/optee_os/core/tee/fs_htree.c
/optee_os/core/tee/tee_ree_fs.c
/optee_os/core/tee/tee_rpmb_fs.c
/optee_os/core/tee/tee_svc.c
/optee_os/core/tee/tee_svc_cryp.c
/optee_os/ldelf/asan.c
/optee_os/ldelf/asan.h
/optee_os/ldelf/ldelf.ld.S
/optee_os/ldelf/ldelf.mk
/optee_os/ldelf/main.c
/optee_os/ldelf/sub.mk
/optee_os/ldelf/ta_elf.c
/optee_os/ldelf/ta_elf_rel.c
/optee_os/lib/libmbedtls/mbedtls/ChangeLog
/optee_os/lib/libmbedtls/mbedtls/README.md
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/bignum.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/build_info.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cipher.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/cmac.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/threading.h
/optee_os/lib/libmbedtls/mbedtls/include/psa/crypto.h
/optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_extra.h
/optee_os/lib/libmbedtls/mbedtls/library/bignum.c
/optee_os/lib/libmbedtls/mbedtls/library/bignum_core.c
/optee_os/lib/libmbedtls/mbedtls/library/bignum_core.h
/optee_os/lib/libmbedtls/mbedtls/library/bignum_core_invasive.h
/optee_os/lib/libmbedtls/mbedtls/library/bignum_internal.h
/optee_os/lib/libmbedtls/mbedtls/library/cipher.c
/optee_os/lib/libmbedtls/mbedtls/library/cipher_invasive.h
/optee_os/lib/libmbedtls/mbedtls/library/cipher_wrap.c
/optee_os/lib/libmbedtls/mbedtls/library/cipher_wrap.h
/optee_os/lib/libmbedtls/mbedtls/library/cmac.c
/optee_os/lib/libmbedtls/mbedtls/library/common.h
/optee_os/lib/libmbedtls/mbedtls/library/dhm.c
/optee_os/lib/libmbedtls/mbedtls/library/ecdsa.c
/optee_os/lib/libmbedtls/mbedtls/library/ecp.c
/optee_os/lib/libmbedtls/mbedtls/library/psa_crypto.c
/optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_cipher.c
/optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_core.h
/optee_os/lib/libmbedtls/mbedtls/library/rsa.c
/optee_os/lib/libmbedtls/mbedtls/library/rsa_alt_helpers.c
/optee_os/lib/libmbedtls/mbedtls/library/rsa_alt_helpers.h
/optee_os/lib/libmbedtls/mbedtls/library/ssl_msg.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_tls.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_tls12_client.c
/optee_os/lib/libmbedtls/mbedtls/library/threading.c
/optee_os/lib/libmbedtls/mbedtls/library/threading_internal.h
/optee_os/lib/libutee/include/tee_internal_api.h
/optee_os/lib/libutee/include/tee_internal_api_extensions.h
/optee_os/lib/libutee/tee_system_pta.c
/optee_os/lib/libutee/user_ta_entry.c
/optee_os/lib/libutils/ext/asan.c
/optee_os/lib/libutils/ext/asan_test.c
/optee_os/lib/libutils/ext/include/asan.h
/optee_os/lib/libutils/ext/include/asan_test.h
/optee_os/lib/libutils/ext/include/compiler.h
/optee_os/lib/libutils/ext/sub.mk
/optee_os/lib/libutils/isoc/arch/arm/setjmp_a32.S
/optee_os/lib/libutils/isoc/arch/arm/setjmp_a64.S
/optee_os/lib/libutils/isoc/bget_malloc.c
/optee_os/lib/libutils/isoc/sub.mk
/optee_os/mk/config.mk
/optee_os/ta/arch/arm/ta.ld.S
/optee_os/ta/mk/ta_dev_kit.mk
/optee_os/ta/ta.mk
a086221118-Mar-2026 zhaozheng7 <zhaozheng96@outlook.com>

drivers: crypto: hisilicon: fix qp memory leak

Fix the null pointer access issue for hisilicon QM driver.

Fixes: c7f9abcee87f ("drivers: implement HiSilicon Queue Management (QM) module")
Signed-of

drivers: crypto: hisilicon: fix qp memory leak

Fix the null pointer access issue for hisilicon QM driver.

Fixes: c7f9abcee87f ("drivers: implement HiSilicon Queue Management (QM) module")
Signed-off-by: zhaozheng7 <zhaozheng96@outlook.com>
Acked-by: Zexi Yu <yuzexi@hisilicon.com>

show more ...

74ddb42e26-Feb-2026 Harsh Jain <h.jain@amd.com>

crypto: asu: Add crypto hash driver

Add support for following Hash algorithms
SHA-256, SHA-384, SHA-512, SHA3-256, SHA3-384, SHA3-512

Signed-off-by: Harsh Jain <h.jain@amd.com>
Signed-off-by: Aksha

crypto: asu: Add crypto hash driver

Add support for following Hash algorithms
SHA-256, SHA-384, SHA-512, SHA3-256, SHA3-384, SHA3-512

Signed-off-by: Harsh Jain <h.jain@amd.com>
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

3a7a97b927-Feb-2026 Martin Nyhus <martin@nyhus.dev>

drivers: caam: fix cache invalidation of RSA buffer

When using CAAM to generate an RSA key the CPU caching of the DMA
buffers need to be controlled to ensure the correct visibility for both
devices.

drivers: caam: fix cache invalidation of RSA buffer

When using CAAM to generate an RSA key the CPU caching of the DMA
buffers need to be controlled to ensure the correct visibility for both
devices. For the n parameter the wrong address was used when
invalidating the CPU cache after the DMA operation, resulting in <key
length> bytes of the stack being invalidated (without flushing to
memory) instead of the buffer.

The first potential consequence of this is that any parts of the n
buffer that were cached during the key generation won't get read from
RAM, resulting in a corrupt key. This is unlikely since the n buffer
was correctly flushed immediately before starting the CAAM operation.
To reliably reproduce this, a read that should normally be harmless can
be inserted immediately before caam_jr_enqueue:
((volatile uint8_t *)genkey.n.data)[0];

The second effect of this bug is that parts of the do_gen_keypair stack
frame will have its cache lines invalidated (again without write back to
memory). With 4096 bit keys and a compiler that produces the right stack
layout this affects callee saved registers, the return pointer and
potentially a stack canary. I have not been able to see the effects of
this on my iMX8MQ test device.

Fixes: ccbcceeb73c1 ("drivers: caam: add CAAM key support for RSA")
Signed-off-by: Martin Nyhus <martin@nyhus.dev>
Acked-by: Sahil Malhotra <sahil.malhotra@nxp.com>

show more ...

30b3553727-Feb-2026 Martin Nyhus <martin@nyhus.dev>

drivers: caam: handle serialization of short params

Adjusts the caam key serialization code to account for keys where
sec_size < buf.length. When that is the case the serialization can only
touch th

drivers: caam: handle serialization of short params

Adjusts the caam key serialization code to account for keys where
sec_size < buf.length. When that is the case the serialization can only
touch the first sec_size bytes since the rest are invalid, and the
serialized length is thus sec_size.

If the default key type has been changed to plain this can happen during
RSA keygen if the d parameter ends up shorter than the key size in
bytes. In that case the valid bytes are at the front of the buffer and
do_gen_keypair accounts for this by setting sec_size correctly, and
caam_key_serialize_to_bn is called with an inkey in the sec_size <
buf.length state. This ended up creating corrupt keys for roughly 1% of
keygens, and was caught by various RSA tests in optee_test.

Fixes: 1495f6c4a82a ("drivers: caam: add CAAM key driver")
Signed-off-by: Martin Nyhus <martin@nyhus.dev>
Acked-by: Sahil Malhotra <sahil.malhotra@nxp.com>

show more ...

ea36ae9b27-Feb-2026 Martin Nyhus <martin@nyhus.dev>

drivers: caam: fix bits/bytes confusion

Fixes two mixups of bits and bytes in caam_key_init that roughly cancel
each other out. Both sec_size and the result from
caam_key_serialized_size are values

drivers: caam: fix bits/bytes confusion

Fixes two mixups of bits and bytes in caam_key_init that roughly cancel
each other out. Both sec_size and the result from
caam_key_serialized_size are values in bytes, so the key sizes in bits
need to be converted. For plain text keys this makes no difference to
the result since they cancel each other out exactly.

For the default key type of BLACK_CCM the blob overhead is now correctly
counted as bytes instead of bits which decreases the headroom, but since
the default config of 4576 was calculated correctly, the assert still
shouldn't fail.

Fixes: 1495f6c4a82a ("drivers: caam: add CAAM key driver")
Signed-off-by: Martin Nyhus <martin@nyhus.dev>
Acked-by: Sahil Malhotra <sahil.malhotra@nxp.com>

show more ...

3ca5b31409-Feb-2026 Zexi Yu <yuzexi@hisilicon.com>

driver: crypto: hisilicon: fix qm timeout variable type

The type of the timeout variable is fixed to prevent overflow

Signed-off-by: Zexi Yu <yuzexi@hisilicon.com>
Acked-by: Jens Wiklander <jens.wi

driver: crypto: hisilicon: fix qm timeout variable type

The type of the timeout variable is fixed to prevent overflow

Signed-off-by: Zexi Yu <yuzexi@hisilicon.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

cfa66f0304-Feb-2026 Zexi Yu <yuzexi@hisilicon.com>

driver: crypto: hisilicon: fix CKEY_LEN macro value

Fix CKEY_LEN macro value for hisilicon SEC driver

Fixes: 562874beda99 ("drivers: crypto: hisilicon: Add cipher algorithm")
Signed-off-by: Zexi Yu

driver: crypto: hisilicon: fix CKEY_LEN macro value

Fix CKEY_LEN macro value for hisilicon SEC driver

Fixes: 562874beda99 ("drivers: crypto: hisilicon: Add cipher algorithm")
Signed-off-by: Zexi Yu <yuzexi@hisilicon.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

e9eaf44a03-Feb-2026 Jens Wiklander <jens.wiklander@linaro.org>

drivers: crypto: fix SM2 ECC encrypt and decrypt

Adds checks that the destination buffer has room for the result in
ecc_sm2_decrypt() and ecc_sm2_encrypt(). Note that these two functions
not reachab

drivers: crypto: fix SM2 ECC encrypt and decrypt

Adds checks that the destination buffer has room for the result in
ecc_sm2_decrypt() and ecc_sm2_encrypt(). Note that these two functions
not reachable upstream since none of the crypto drivers registers ECC
encrypt or decrypt drivers. So fix this before it becomes a problem.

Fixes: f4f85ac774af ("drivers: crypto: add SM2 ECC encrypt and decrypt")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Zexi Yu <yuzexi@hisilicon.com>

show more ...


/optee_os/.github/workflows/ci.yml
/optee_os/CHANGELOG.md
/optee_os/MAINTAINERS
/optee_os/core/arch/arm/arm.mk
/optee_os/core/arch/arm/cpu/cortex-a320.mk
/optee_os/core/arch/arm/include/arm.h
/optee_os/core/arch/arm/include/arm32.h
/optee_os/core/arch/arm/include/arm32_macros.S
/optee_os/core/arch/arm/include/arm64.h
/optee_os/core/arch/arm/kernel/sub.mk
/optee_os/core/arch/arm/kernel/thread.c
/optee_os/core/arch/arm/mm/core_mmu_lpae.c
/optee_os/core/arch/arm/plat-corstone1000/conf.mk
/optee_os/core/arch/arm/plat-corstone1000/main.c
/optee_os/core/arch/arm/plat-corstone1000/platform_config.h
/optee_os/core/arch/arm/plat-k3/drivers/dthev2.c
/optee_os/core/arch/arm/plat-k3/drivers/sa2ul.c
/optee_os/core/arch/arm/plat-k3/drivers/sub.mk
/optee_os/core/arch/arm/plat-k3/drivers/ti_crypto.c
/optee_os/core/arch/arm/plat-k3/drivers/ti_crypto.h
/optee_os/core/arch/arm/plat-k3/platform_config.h
/optee_os/core/arch/arm/plat-marvell/conf.mk
/optee_os/core/arch/arm/plat-marvell/main.c
/optee_os/core/arch/arm/plat-stm32mp1/conf.mk
/optee_os/core/arch/arm/plat-zynqmp/conf.mk
/optee_os/core/arch/arm/plat-zynqmp/main.c
/optee_os/core/arch/arm/plat-zynqmp/platform_config.h
/optee_os/core/arch/riscv/include/kernel/thread_arch.h
/optee_os/core/arch/riscv/kernel/boot.c
/optee_os/core/arch/riscv/kernel/sbi_mpxy.c
/optee_os/core/arch/riscv/kernel/thread_arch.c
/optee_os/core/arch/riscv/kernel/thread_rv.S
crypto_api/acipher/ecc.c
/optee_os/core/drivers/gic.c
/optee_os/core/drivers/stm32_bsec.c
/optee_os/core/include/drivers/gic.h
/optee_os/core/include/drivers/stm32_bsec.h
/optee_os/core/include/kernel/dt.h
/optee_os/core/kernel/dt.c
/optee_os/core/kernel/tee_ta_manager.c
/optee_os/core/kernel/ts_manager.c
/optee_os/core/kernel/user_ta.c
/optee_os/core/pta/stm32mp/debug_access_pta.c
/optee_os/core/pta/stm32mp/sub.mk
/optee_os/core/tee/tee_ree_fs.c
/optee_os/lib/libutee/include/pta_stm32mp_debug_access.h
/optee_os/lib/libutee/tee_api_arith_mpi.c
/optee_os/mk/compile.mk
/optee_os/mk/config.mk
/optee_os/ta/avb/entry.c
19dc9e1b18-Dec-2025 Martin Nyhus <martin@nyhus.dev>

drivers: caam: improve empty aad updates

In caam_ae_update_aad an update without data was already handled as long
as the data pointer was NULL. This change updates the logic to also
account for the

drivers: caam: improve empty aad updates

In caam_ae_update_aad an update without data was already handled as long
as the data pointer was NULL. This change updates the logic to also
account for the case where the pointer is non-null but the length is
zero. When that was the case caam_cpy_buf would exit early without
allocating, leaving aad->data as NULL, making caam_cpy_block_src fail.

This was found through the Android Keymint tests because Rust represents
empty buffers (Rust slices) with a non-null pointer and length 0.

Fixes: faaf0c5975d2 ("drivers: caam: Add AES GCM")
Signed-off-by: Martin Nyhus <martin@nyhus.dev>
Acked-by: Sahil Malhotra <sahil.malhotra@nxp.com>

show more ...


/optee_os/.github/workflows/ci.yml
/optee_os/MAINTAINERS
/optee_os/core/arch/arm/cpu/cortex-a320.mk
/optee_os/core/arch/arm/cpu/cortex-a35.mk
/optee_os/core/arch/arm/cpu/cortex-armv8-0.mk
/optee_os/core/arch/arm/include/ffa.h
/optee_os/core/arch/arm/kernel/abort.c
/optee_os/core/arch/arm/kernel/spmc_sp_handler.c
/optee_os/core/arch/arm/kernel/thread_spmc.c
/optee_os/core/arch/arm/plat-corstone1000/conf.mk
/optee_os/core/arch/arm/plat-corstone1000/main.c
/optee_os/core/arch/arm/plat-corstone1000/platform_config.h
/optee_os/core/arch/arm/plat-k3/drivers/mailbox.c
/optee_os/core/arch/arm/plat-k3/drivers/sa2ul.c
/optee_os/core/arch/arm/plat-k3/drivers/sec_proxy.c
/optee_os/core/arch/arm/plat-k3/drivers/sub.mk
/optee_os/core/arch/arm/plat-k3/drivers/ti_sci.c
/optee_os/core/arch/arm/plat-k3/drivers/ti_sci_transport.h
/optee_os/core/arch/arm/plat-k3/main.c
/optee_os/core/arch/arm/plat-k3/platform_config.h
/optee_os/core/arch/arm/plat-qcom/conf.mk
/optee_os/core/arch/arm/plat-qcom/main.c
/optee_os/core/arch/arm/plat-qcom/platform_config.h
/optee_os/core/arch/arm/plat-rockchip/conf.mk
/optee_os/core/arch/arm/plat-rockchip/platform_config.h
/optee_os/core/arch/arm/plat-rockchip/platform_rk3588.c
/optee_os/core/arch/riscv/kernel/abort.c
caam/ae/caam_ae.c
/optee_os/core/drivers/qcom/prng/prng.c
/optee_os/core/drivers/qcom/ramblur/ramblur_pimem_v3.c
/optee_os/core/drivers/qcom/sub.mk
/optee_os/core/drivers/sub.mk
/optee_os/core/include/drivers/qcom/ramblur/v3/ramblur_pimem_hwio.h
/optee_os/core/kernel/ldelf_loader.c
/optee_os/core/kernel/tee_ta_manager.c
/optee_os/core/kernel/user_mode_ctx.c
/optee_os/core/kernel/user_ta.c
/optee_os/core/pta/rockchip/rk_secure_boot.c
/optee_os/core/pta/rockchip/sub.mk
/optee_os/core/pta/sub.mk
/optee_os/ldelf/ftrace.c
/optee_os/ldelf/ftrace.h
/optee_os/ldelf/main.c
/optee_os/lib/libutee/include/pta_rk_secure_boot.h
/optee_os/lib/libutee/include/user_ta_header.h
/optee_os/lib/libutee/tee_api_operations.c
/optee_os/lib/libutils/compiler-rt/lib/builtins/int_mulo_impl.inc
/optee_os/lib/libutils/compiler-rt/lib/builtins/mulodi4.c
/optee_os/lib/libutils/compiler-rt/lib/builtins/sub.mk
/optee_os/lib/libutils/ext/include/compiler.h
/optee_os/mk/config.mk
/optee_os/scripts/notify_maintainers.py
f224797a19-Nov-2025 Sahil Malhotra <sahil.malhotra@nxp.com>

drivers: ele: update struct get_info_rsp{} fields

update struct get_info_rsp{} fields

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Rouven Czerwinski <rouven.czerwinski@linaro.or

drivers: ele: update struct get_info_rsp{} fields

update struct get_info_rsp{} fields

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Rouven Czerwinski <rouven.czerwinski@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

212ccf0301-Apr-2025 Sahil Malhotra <sahil.malhotra@nxp.com>

drivers: ele: enable getting HUK/RNG from ELE on i.MX943

Enable support for getting HUK/RNG from ELE on i.MX943

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Rouven Czerwinski <r

drivers: ele: enable getting HUK/RNG from ELE on i.MX943

Enable support for getting HUK/RNG from ELE on i.MX943

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Rouven Czerwinski <rouven.czerwinski@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/.github/workflows/ci.yml
/optee_os/.github/workflows/notify.yml
/optee_os/core/arch/arm/dts/stm32mp211.dtsi
/optee_os/core/arch/arm/dts/stm32mp231.dtsi
/optee_os/core/arch/arm/dts/stm32mp251.dtsi
/optee_os/core/arch/arm/include/ffa.h
/optee_os/core/arch/arm/include/kernel/secure_partition.h
/optee_os/core/arch/arm/include/kernel/spmc_sp_handler.h
/optee_os/core/arch/arm/include/kernel/thread_private_arch.h
/optee_os/core/arch/arm/include/kernel/thread_spmc.h
/optee_os/core/arch/arm/include/optee_ffa.h
/optee_os/core/arch/arm/include/sm/optee_smc.h
/optee_os/core/arch/arm/kernel/secure_partition.c
/optee_os/core/arch/arm/kernel/spmc_sp_handler.c
/optee_os/core/arch/arm/kernel/thread_spmc.c
/optee_os/core/arch/arm/mm/mobj_ffa.c
/optee_os/core/arch/arm/plat-imx/conf.mk
/optee_os/core/arch/arm/plat-imx/imx-common.c
/optee_os/core/arch/arm/plat-imx/imx-regs.h
/optee_os/core/arch/arm/plat-imx/imx.h
/optee_os/core/arch/arm/plat-imx/registers/imx943.h
/optee_os/core/arch/arm/plat-rpi5/conf.mk
/optee_os/core/arch/arm/plat-rpi5/main.c
/optee_os/core/arch/arm/plat-rpi5/platform_config.h
/optee_os/core/arch/arm/plat-rpi5/sub.mk
/optee_os/core/arch/arm/plat-stm32mp2/conf.mk
/optee_os/core/arch/arm/plat-telechips/scripts/tcmktool.py
/optee_os/core/arch/arm/plat-ti/main.c
/optee_os/core/arch/arm/tee/entry_fast.c
/optee_os/core/arch/riscv/kernel/spinlock.S
ele/ele.c
/optee_os/core/drivers/imx/mu/sub.mk
/optee_os/core/drivers/stm32_i2c.c
/optee_os/core/include/drivers/imx_mu.h
/optee_os/core/include/drivers/stm32_i2c.h
/optee_os/core/include/kernel/boot.h
/optee_os/core/include/mm/mobj.h
/optee_os/core/include/optee_msg.h
/optee_os/core/lib/libtomcrypt/src/pk/rsa/rsa_verify_hash.c
/optee_os/core/mm/core_mmu.c
/optee_os/core/mm/mobj.c
/optee_os/core/mm/mobj_dyn_shm.c
/optee_os/core/tee/entry_std.c
/optee_os/core/tee/fs_htree.c
/optee_os/mk/config.mk
/optee_os/mk/macros.mk
/optee_os/scripts/gen_ldelf_hex.py
/optee_os/scripts/notify_maintainers.py
79b6146c18-Jul-2025 Sahil Malhotra <sahil.malhotra@nxp.com>

drivers: ele: remove sab_init() initialization

ELE firmware has been divided into 2 firmwares for i.MX8ULP and i.MX95:
Primary and secondary firmware.
SAB init command is in Secondary firmware, whic

drivers: ele: remove sab_init() initialization

ELE firmware has been divided into 2 firmwares for i.MX8ULP and i.MX95:
Primary and secondary firmware.
SAB init command is in Secondary firmware, which will be loaded when
rootfs comes up, so this command is not available when OP-TEE is
initializing.
Moreover, we are not using any ELE command which is available in
secondary firmware, So removing sab_init() function.
Will add it when it will be used in driver.

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

de9f0c2518-Jul-2025 Sahil Malhotra <sahil.malhotra@nxp.com>

drivers: ele: update struct get_info_rsp{} fields

There has been an addition of PQC related fields in
Get Info Command response for i.MX95.

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Ac

drivers: ele: update struct get_info_rsp{} fields

There has been an addition of PQC related fields in
Get Info Command response for i.MX95.

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

3d8c192a14-Jul-2025 Sahil Malhotra <sahil.malhotra@nxp.com>

drivers: ele: enable getting HUK/RNG from ELE on imx95

Enable support of getting HUK and RNG from ELE on imx95

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jens Wiklander <jens.

drivers: ele: enable getting HUK/RNG from ELE on imx95

Enable support of getting HUK and RNG from ELE on imx95

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/.github/workflows/ci.yml
/optee_os/.github/workflows/stales.yml
/optee_os/.gitignore
/optee_os/CHANGELOG.md
/optee_os/MAINTAINERS
/optee_os/core/arch/arm/crypto/aes-gcm-ce.c
/optee_os/core/arch/arm/dts/stm32mp131.dtsi
/optee_os/core/arch/arm/dts/stm32mp135f-dk.dts
/optee_os/core/arch/arm/dts/stm32mp151.dtsi
/optee_os/core/arch/arm/dts/stm32mp157c-ed1.dts
/optee_os/core/arch/arm/dts/stm32mp15xx-dkx.dtsi
/optee_os/core/arch/arm/dts/stm32mp21-st-scmi-cfg.dtsi
/optee_os/core/arch/arm/dts/stm32mp211.dtsi
/optee_os/core/arch/arm/dts/stm32mp213.dtsi
/optee_os/core/arch/arm/dts/stm32mp215.dtsi
/optee_os/core/arch/arm/dts/stm32mp215f-dk-ca35tdcid-rcc.dtsi
/optee_os/core/arch/arm/dts/stm32mp215f-dk-ca35tdcid-rif.dtsi
/optee_os/core/arch/arm/dts/stm32mp215f-dk.dts
/optee_os/core/arch/arm/dts/stm32mp21xc.dtsi
/optee_os/core/arch/arm/dts/stm32mp21xf.dtsi
/optee_os/core/arch/arm/dts/stm32mp23-st-scmi-cfg.dtsi
/optee_os/core/arch/arm/dts/stm32mp231.dtsi
/optee_os/core/arch/arm/dts/stm32mp233.dtsi
/optee_os/core/arch/arm/dts/stm32mp235.dtsi
/optee_os/core/arch/arm/dts/stm32mp235f-dk-ca35tdcid-rcc.dtsi
/optee_os/core/arch/arm/dts/stm32mp235f-dk-ca35tdcid-resmem.dtsi
/optee_os/core/arch/arm/dts/stm32mp235f-dk-ca35tdcid-rif.dtsi
/optee_os/core/arch/arm/dts/stm32mp235f-dk.dts
/optee_os/core/arch/arm/dts/stm32mp23xc.dtsi
/optee_os/core/arch/arm/dts/stm32mp23xf.dtsi
/optee_os/core/arch/arm/dts/stm32mp25-st-scmi-cfg.dtsi
/optee_os/core/arch/arm/dts/stm32mp251.dtsi
/optee_os/core/arch/arm/dts/stm32mp257f-dk-ca35tdcid-rcc.dtsi
/optee_os/core/arch/arm/dts/stm32mp257f-dk-ca35tdcid-resmem.dtsi
/optee_os/core/arch/arm/dts/stm32mp257f-dk-ca35tdcid-rif.dtsi
/optee_os/core/arch/arm/dts/stm32mp257f-dk.dts
/optee_os/core/arch/arm/dts/stm32mp257f-ev1-ca35tdcid-rif.dtsi
/optee_os/core/arch/arm/dts/stm32mp257f-ev1.dts
/optee_os/core/arch/arm/include/arm64.h
/optee_os/core/arch/arm/include/mm/core_mmu_arch.h
/optee_os/core/arch/arm/kernel/boot.c
/optee_os/core/arch/arm/kernel/entry_a32.S
/optee_os/core/arch/arm/kernel/entry_a64.S
/optee_os/core/arch/arm/kernel/generic_timer.c
/optee_os/core/arch/arm/kernel/kern.ld.S
/optee_os/core/arch/arm/kernel/secure_partition.c
/optee_os/core/arch/arm/kernel/stmm_sp.c
/optee_os/core/arch/arm/mm/core_mmu.c
/optee_os/core/arch/arm/plat-automotive_rd/conf.mk
/optee_os/core/arch/arm/plat-automotive_rd/main.c
/optee_os/core/arch/arm/plat-automotive_rd/platform_config.h
/optee_os/core/arch/arm/plat-automotive_rd/rd1ae_core_pos.S
/optee_os/core/arch/arm/plat-automotive_rd/sub.mk
/optee_os/core/arch/arm/plat-corstone1000/conf.mk
/optee_os/core/arch/arm/plat-imx/conf.mk
/optee_os/core/arch/arm/plat-imx/registers/imx95.h
/optee_os/core/arch/arm/plat-k3/conf.mk
/optee_os/core/arch/arm/plat-k3/drivers/dthev2.c
/optee_os/core/arch/arm/plat-k3/drivers/eip76d_trng.c
/optee_os/core/arch/arm/plat-k3/drivers/eip76d_trng.h
/optee_os/core/arch/arm/plat-k3/drivers/sa2ul.c
/optee_os/core/arch/arm/plat-k3/drivers/sub.mk
/optee_os/core/arch/arm/plat-k3/platform_config.h
/optee_os/core/arch/arm/plat-marvell/conf.mk
/optee_os/core/arch/arm/plat-marvell/platform_config.h
/optee_os/core/arch/arm/plat-marvell/sub.mk
/optee_os/core/arch/arm/plat-qcom/conf.mk
/optee_os/core/arch/arm/plat-qcom/main.c
/optee_os/core/arch/arm/plat-qcom/platform_config.h
/optee_os/core/arch/arm/plat-qcom/sub.mk
/optee_os/core/arch/arm/plat-rockchip/conf.mk
/optee_os/core/arch/arm/plat-rockchip/main.c
/optee_os/core/arch/arm/plat-rockchip/platform_config.h
/optee_os/core/arch/arm/plat-rockchip/platform_rk3588.c
/optee_os/core/arch/arm/plat-stm32mp1/conf.mk
/optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_pwr.c
/optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_syscfg.c
/optee_os/core/arch/arm/plat-stm32mp1/main.c
/optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h
/optee_os/core/arch/arm/plat-stm32mp2/conf.mk
/optee_os/core/arch/arm/plat-stm32mp2/drivers/stm32mp25_syscfg.c
/optee_os/core/arch/arm/plat-stm32mp2/main.c
/optee_os/core/arch/arm/plat-stm32mp2/stm32_sysconf.h
/optee_os/core/arch/arm/plat-stm32mp2/stm32_util.h
/optee_os/core/arch/arm/plat-versal2/conf.mk
/optee_os/core/arch/arm/plat-vexpress/conf.mk
/optee_os/core/arch/arm/plat-vexpress/main.c
/optee_os/core/arch/arm/plat-vexpress/platform_config.h
/optee_os/core/arch/riscv/include/kernel/misc_arch.h
/optee_os/core/arch/riscv/include/kernel/riscv_elf.h
/optee_os/core/arch/riscv/include/kernel/thread_private_arch.h
/optee_os/core/arch/riscv/include/mm/core_mmu_arch.h
/optee_os/core/arch/riscv/include/rpmi.h
/optee_os/core/arch/riscv/include/sbi.h
/optee_os/core/arch/riscv/include/sbi_mpxy.h
/optee_os/core/arch/riscv/include/sbi_mpxy_rpmi.h
/optee_os/core/arch/riscv/kernel/asm-defines.c
/optee_os/core/arch/riscv/kernel/boot.c
/optee_os/core/arch/riscv/kernel/entry.S
/optee_os/core/arch/riscv/kernel/kern.ld.S
/optee_os/core/arch/riscv/kernel/sbi.c
/optee_os/core/arch/riscv/kernel/sbi_mpxy.c
/optee_os/core/arch/riscv/kernel/sbi_mpxy_rpmi.c
/optee_os/core/arch/riscv/kernel/sub.mk
/optee_os/core/arch/riscv/kernel/thread_arch.c
/optee_os/core/arch/riscv/mm/core_mmu_arch.c
/optee_os/core/arch/riscv/plat-sifive/conf.mk
/optee_os/core/arch/riscv/plat-virt/conf.mk
/optee_os/core/arch/riscv/riscv.mk
/optee_os/core/core.mk
/optee_os/core/crypto/aes-gcm.c
/optee_os/core/drivers/amd/gpio_common.c
/optee_os/core/drivers/amd/gpio_private.h
/optee_os/core/drivers/amd/ps_gpio_driver.c
/optee_os/core/drivers/amd/sub.mk
/optee_os/core/drivers/clk/clk-stm32mp21.c
/optee_os/core/drivers/clk/clk-stm32mp25.c
/optee_os/core/drivers/clk/sub.mk
ele/ele.c
/optee_os/core/drivers/ffa_console.c
/optee_os/core/drivers/firewall/stm32_rifsc.c
/optee_os/core/drivers/firewall/stm32_risab.c
/optee_os/core/drivers/gpio/gpio.c
/optee_os/core/drivers/hfic.c
/optee_os/core/drivers/imx/mu/imx_mu_8ulp_9x.c
/optee_os/core/drivers/imx/mu/sub.mk
/optee_os/core/drivers/qcom_geni_uart.c
/optee_os/core/drivers/regulator/regulator.c
/optee_os/core/drivers/regulator/regulator_dt.c
/optee_os/core/drivers/regulator/regulator_fixed.c
/optee_os/core/drivers/regulator/regulator_gpio.c
/optee_os/core/drivers/rockchip_otp.c
/optee_os/core/drivers/rstctrl/stm32mp21_rstctrl.c
/optee_os/core/drivers/rstctrl/stm32mp25_rstctrl.c
/optee_os/core/drivers/rstctrl/sub.mk
/optee_os/core/drivers/stm32_exti.c
/optee_os/core/drivers/stm32_gpio.c
/optee_os/core/drivers/stm32_hpdma.c
/optee_os/core/drivers/stm32_iwdg.c
/optee_os/core/drivers/stm32_omm.c
/optee_os/core/drivers/stm32_rtc.c
/optee_os/core/drivers/stm32_tamp.c
/optee_os/core/drivers/sub.mk
/optee_os/core/include/drivers/gpio.h
/optee_os/core/include/drivers/imx_mu.h
/optee_os/core/include/drivers/qcom_geni_uart.h
/optee_os/core/include/drivers/regulator.h
/optee_os/core/include/drivers/rockchip_otp.h
/optee_os/core/include/drivers/rtc.h
/optee_os/core/include/drivers/stm32_gpio.h
/optee_os/core/include/drivers/stm32_rtc.h
/optee_os/core/include/drivers/stm32mp21_rcc.h
/optee_os/core/include/drivers/stm32mp_dt_bindings.h
/optee_os/core/include/dt-bindings/clock/st,stm32mp21-rcc.h
/optee_os/core/include/dt-bindings/clock/stm32mp21-clksrc.h
/optee_os/core/include/dt-bindings/firewall/stm32mp21-rifsc.h
/optee_os/core/include/dt-bindings/firewall/stm32mp25-rifsc.h
/optee_os/core/include/dt-bindings/reset/st,stm32mp21-rcc.h
/optee_os/core/include/dt-bindings/scmi/scmi-clock.h
/optee_os/core/include/dt-bindings/tamper/st,stm32-tamp.h
/optee_os/core/include/dt-bindings/tamper/st,stm32mp13-tamp.h
/optee_os/core/include/dt-bindings/tamper/st,stm32mp21-tamp.h
/optee_os/core/include/dt-bindings/tamper/st,stm32mp25-tamp.h
/optee_os/core/include/kernel/asan.h
/optee_os/core/include/kernel/boot.h
/optee_os/core/include/kernel/dt_driver.h
/optee_os/core/include/kernel/interrupt.h
/optee_os/core/include/kernel/thread.h
/optee_os/core/include/mm/core_mmu.h
/optee_os/core/kernel/asan.c
/optee_os/core/kernel/boot.c
/optee_os/core/kernel/console.c
/optee_os/core/kernel/panic.c
/optee_os/core/kernel/ree_fs_ta.c
/optee_os/core/kernel/tee_ta_manager.c
/optee_os/core/kernel/thread.c
/optee_os/core/kernel/tpm.c
/optee_os/core/kernel/transfer_list.c
/optee_os/core/kernel/user_ta.c
/optee_os/core/lib/scmi-server/conf-optee-stm32mp1.mk
/optee_os/core/lib/scmi-server/conf-optee-stm32mp2.mk
/optee_os/core/lib/scmi-server/conf.mk
/optee_os/core/lib/scmi-server/include/scmi_agent_configuration.h
/optee_os/core/lib/scmi-server/include/scmi_clock_consumer.h
/optee_os/core/lib/scmi-server/include/scmi_reset_consumer.h
/optee_os/core/lib/scmi-server/scmi_clock_consumer.c
/optee_os/core/lib/scmi-server/scmi_reset_consumer.c
/optee_os/core/lib/scmi-server/scmi_server.c
/optee_os/core/lib/scmi-server/scmi_server_scpfw.c
/optee_os/core/lib/scmi-server/sub.mk
/optee_os/core/mm/boot_mem.c
/optee_os/core/mm/core_mmu.c
/optee_os/core/mm/vm.c
/optee_os/core/pta/device.c
/optee_os/core/pta/rtc.c
/optee_os/core/pta/tests/dt_driver_test.c
/optee_os/core/pta/tests/misc.c
/optee_os/core/tee/fs_htree.c
/optee_os/lib/libmbedtls/mbedtls/ChangeLog
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/bignum.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/build_info.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/dhm.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecdh.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecdsa.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecjpake.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ecp.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/lms.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/pk.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/platform_util.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/rsa.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_cookie.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl_ticket.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_crt.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/x509_csr.h
/optee_os/lib/libmbedtls/mbedtls/include/psa/crypto.h
/optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_extra.h
/optee_os/lib/libmbedtls/mbedtls/library/aesni.c
/optee_os/lib/libmbedtls/mbedtls/library/asn1write.c
/optee_os/lib/libmbedtls/mbedtls/library/base64.c
/optee_os/lib/libmbedtls/mbedtls/library/cipher.c
/optee_os/lib/libmbedtls/mbedtls/library/cipher_invasive.h
/optee_os/lib/libmbedtls/mbedtls/library/cipher_wrap.c
/optee_os/lib/libmbedtls/mbedtls/library/cipher_wrap.h
/optee_os/lib/libmbedtls/mbedtls/library/common.h
/optee_os/lib/libmbedtls/mbedtls/library/lmots.c
/optee_os/lib/libmbedtls/mbedtls/library/lms.c
/optee_os/lib/libmbedtls/mbedtls/library/pem.c
/optee_os/lib/libmbedtls/mbedtls/library/psa_crypto.c
/optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_mac.c
/optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_slot_management.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_misc.h
/optee_os/lib/libmbedtls/mbedtls/library/ssl_msg.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_tls.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_tls12_client.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_tls12_server.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_tls13_keys.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_tls13_keys.h
/optee_os/lib/libmbedtls/mbedtls/library/version_features.c
/optee_os/lib/libmbedtls/mbedtls/library/x509_create.c
/optee_os/lib/libmbedtls/mbedtls/library/x509write_crt.c
/optee_os/lib/libmbedtls/mbedtls/library/x509write_csr.c
/optee_os/lib/libutee/include/pta_rtc.h
/optee_os/lib/libutee/include/user_ta_header.h
/optee_os/lib/libutee/user_ta_entry.c
/optee_os/lib/libutils/isoc/arch/arm/setjmp_a32.S
/optee_os/lib/libutils/isoc/arch/arm/setjmp_a64.S
/optee_os/lib/libutils/isoc/arch/riscv/setjmp_rv.S
/optee_os/lib/libutils/isoc/bget_malloc.c
/optee_os/lib/libutils/isoc/include/setjmp.h
/optee_os/lib/libutils/isoc/newlib/strchr.c
/optee_os/lib/libutils/isoc/newlib/strcmp.c
/optee_os/lib/libutils/isoc/newlib/strcpy.c
/optee_os/lib/libutils/isoc/newlib/strlen.c
/optee_os/mk/clang.mk
/optee_os/mk/config.mk
/optee_os/scripts/ci-host-cleanup.sh
/optee_os/ta/link.mk
/optee_os/ta/pkcs11/src/processing_rsa.c
/optee_os/ta/remoteproc/src/remoteproc_core.c
/optee_os/ta/user_ta_header.c
49c6944315-May-2025 Pavel Löbl <pavel@loebl.cz>

caam: fix compilation when CFG_NXP_CAAM_AE_* are disabled

Similarly to other CAAM modules, define empty function if CAAM AE is
not used, to avoid undefined reference to caam_ae_init().

Signed-off-b

caam: fix compilation when CFG_NXP_CAAM_AE_* are disabled

Similarly to other CAAM modules, define empty function if CAAM AE is
not used, to avoid undefined reference to caam_ae_init().

Signed-off-by: Pavel Löbl <pavel@loebl.cz>
Acked-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...


/optee_os/.github/workflows/ci.yml
/optee_os/CHANGELOG.md
/optee_os/core/arch/arm/arm.mk
/optee_os/core/arch/arm/include/kernel/secure_partition.h
/optee_os/core/arch/arm/include/kernel/thread_arch.h
/optee_os/core/arch/arm/include/kernel/thread_private_arch.h
/optee_os/core/arch/arm/include/kernel/thread_spmc.h
/optee_os/core/arch/arm/kernel/asm-defines.c
/optee_os/core/arch/arm/kernel/boot.c
/optee_os/core/arch/arm/kernel/entry_a32.S
/optee_os/core/arch/arm/kernel/entry_a64.S
/optee_os/core/arch/arm/kernel/link.mk
/optee_os/core/arch/arm/kernel/secure_partition.c
/optee_os/core/arch/arm/kernel/stmm_sp.c
/optee_os/core/arch/arm/kernel/thread.c
/optee_os/core/arch/arm/kernel/thread_a64.S
/optee_os/core/arch/arm/kernel/thread_spmc.c
/optee_os/core/arch/arm/kernel/virtualization.c
/optee_os/core/arch/arm/mm/core_mmu_lpae.c
/optee_os/core/arch/arm/plat-k3/drivers/sa2ul.c
/optee_os/core/arch/arm/plat-k3/drivers/ti_sci.c
/optee_os/core/arch/arm/plat-k3/drivers/ti_sci.h
/optee_os/core/arch/arm/plat-k3/drivers/ti_sci_protocol.h
/optee_os/core/arch/arm/plat-k3/platform_config.h
/optee_os/core/arch/arm/plat-rockchip/conf.mk
/optee_os/core/arch/arm/plat-rockchip/main.c
/optee_os/core/arch/arm/plat-rockchip/platform_config.h
/optee_os/core/arch/arm/plat-stm32mp1/main.c
/optee_os/core/arch/arm/plat-ti/a9_plat_init.S
/optee_os/core/arch/arm/sm/pm_a32.S
/optee_os/core/arch/arm/tests/ffa_lsp.c
/optee_os/core/arch/arm/tests/sub.mk
/optee_os/core/arch/riscv/include/mm/core_mmu_arch.h
/optee_os/core/arch/riscv/kernel/boot.c
/optee_os/core/arch/riscv/kernel/entry.S
/optee_os/core/arch/riscv/kernel/thread_rv.S
/optee_os/core/arch/riscv/mm/core_mmu_arch.c
/optee_os/core/arch/riscv/riscv.mk
/optee_os/core/core.mk
/optee_os/core/crypto/signed_hdr.c
caam/include/caam_ae.h
/optee_os/core/drivers/stm32_iwdg.c
/optee_os/core/drivers/wdt/watchdog_sm.c
/optee_os/core/include/drivers/wdt.h
/optee_os/core/include/kernel/dt.h
/optee_os/core/include/kernel/thread.h
/optee_os/core/include/kernel/thread_private.h
/optee_os/core/include/mm/core_mmu.h
/optee_os/core/kernel/dt.c
/optee_os/core/kernel/dt_driver.c
/optee_os/core/kernel/thread.c
/optee_os/core/kernel/transfer_list.c
/optee_os/core/lib/libefi/hob.c
/optee_os/core/lib/libefi/include/efi/efi_types.h
/optee_os/core/lib/libefi/include/efi/hob.h
/optee_os/core/lib/libefi/include/efi/hob_guid.h
/optee_os/core/lib/libefi/include/efi/mmram.h
/optee_os/core/lib/libefi/include/efi/mpinfo.h
/optee_os/core/lib/libefi/sub.mk
/optee_os/core/mm/core_mmu.c
/optee_os/core/pta/tests/invoke.c
/optee_os/core/pta/tests/misc.c
/optee_os/core/pta/tests/misc.h
/optee_os/core/pta/tests/sub.mk
/optee_os/core/pta/tests/transfer_list.c
/optee_os/core/tee/fs_htree.c
/optee_os/keys/default.pem
/optee_os/lib/libmbedtls/include/mbedtls_config_kernel.h
/optee_os/lib/libmbedtls/include/mbedtls_config_uta.h
/optee_os/lib/libutee/include/pta_invoke_tests.h
/optee_os/lib/libutils/compiler-rt/LICENSE.TXT
/optee_os/lib/libutils/compiler-rt/README.txt
/optee_os/lib/libutils/compiler-rt/lib/builtins/ashlti3.c
/optee_os/lib/libutils/compiler-rt/lib/builtins/int_div_impl.inc
/optee_os/lib/libutils/compiler-rt/lib/builtins/int_endianness.h
/optee_os/lib/libutils/compiler-rt/lib/builtins/int_lib.h
/optee_os/lib/libutils/compiler-rt/lib/builtins/int_types.h
/optee_os/lib/libutils/compiler-rt/lib/builtins/int_util.h
/optee_os/lib/libutils/compiler-rt/lib/builtins/sub.mk
/optee_os/lib/libutils/compiler-rt/lib/builtins/udivmodti4.c
/optee_os/lib/libutils/compiler-rt/lib/builtins/udivti3.c
/optee_os/lib/libutils/compiler-rt/lib/sub.mk
/optee_os/lib/libutils/compiler-rt/sub.mk
/optee_os/lib/libutils/sub.mk
/optee_os/mk/clang.mk
/optee_os/mk/config.mk
80e8ddc024-Apr-2025 Etienne Carriere <etienne.carriere@foss.st.com>

crypto: stm32: fix stm32_saes CTR mode on small input buffers

Fix missing cast when saving pre-computed masks in STM32 SAES driver
CTR implementation when several small input data is provided to
the

crypto: stm32: fix stm32_saes CTR mode on small input buffers

Fix missing cast when saving pre-computed masks in STM32 SAES driver
CTR implementation when several small input data is provided to
the update handler.

The issue is revealed by xtest regression_4017 when run with at least
level 12, e.g. "xtest -l 15 regression_4017".

Fixes: 4320f5cf30c5 ("crypto: stm32: SAES cipher support")
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

a9b7c5a823-Apr-2025 Etienne Carriere <etienne.carriere@foss.st.com>

crypto: stm32: fix stm32_cryp CTR mode on small input buffers

Fix missing cast when saving pre-computed masks in STM32 CRYP driver
CTR implementation when several small input data is provided to
the

crypto: stm32: fix stm32_cryp CTR mode on small input buffers

Fix missing cast when saving pre-computed masks in STM32 CRYP driver
CTR implementation when several small input data is provided to
the update handler.

The issue could be found, for example, by assigning STM32 CRYP to OP-TEE
in stm32mp1-157C_DK2 board DTS file (patch below) and running xtest
regression_4017 with level 15 ("xtest -l 15 regression_4017").

Example of a patch on stm32mp157c-dk2.dts file to use CRYP driver for
AES operations:
+&cryp1 { status = "okay"; };
+
&etzpc {
st,decprot =
(...)
- <DECPROT(STM32MP1_ETZPC_CRYP1_ID, DECPROT_NS_RW, DECPROT_UNLOCK)>,
+ <DECPROT(STM32MP1_ETZPC_CRYP1_ID, DECPROT_S_RW, DECPROT_UNLOCK)>,
(...)
}

Fixes: 5e64ae6796b7 ("crypto: stm32: use CRYP IP for CIPHER algorithms")
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...


/optee_os/.github/workflows/ci.yml
/optee_os/core/arch/arm/arm.mk
/optee_os/core/arch/arm/dts/stm32mp131.dtsi
/optee_os/core/arch/arm/dts/stm32mp135f-dk.dts
/optee_os/core/arch/arm/dts/stm32mp15xx-dhcor-avenger96.dtsi
/optee_os/core/arch/arm/kernel/asm-defines.c
/optee_os/core/arch/arm/kernel/boot.c
/optee_os/core/arch/arm/kernel/entry_a32.S
/optee_os/core/arch/arm/kernel/entry_a64.S
/optee_os/core/arch/arm/kernel/link.mk
/optee_os/core/arch/arm/kernel/thread.c
/optee_os/core/arch/arm/kernel/thread_spmc.c
/optee_os/core/arch/arm/kernel/virtualization.c
/optee_os/core/arch/arm/mm/core_mmu_lpae.c
/optee_os/core/arch/arm/plat-imx/conf.mk
/optee_os/core/arch/arm/plat-rockchip/conf.mk
/optee_os/core/arch/arm/plat-rockchip/platform_config.h
/optee_os/core/arch/arm/plat-rockchip/platform_rk3588.c
/optee_os/core/arch/arm/plat-sam/scmi_server.c
/optee_os/core/arch/arm/plat-stm32mp1/conf.mk
/optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_pwr.h
/optee_os/core/arch/arm/plat-stm32mp1/drivers/stm32mp1_syscfg.c
/optee_os/core/arch/arm/plat-stm32mp1/main.c
/optee_os/core/arch/arm/plat-stm32mp1/platform_config.h
/optee_os/core/arch/arm/plat-stm32mp1/scmi_server.c
/optee_os/core/arch/arm/plat-stm32mp1/stm32_util.h
/optee_os/core/arch/riscv/include/kernel/misc_arch.h
/optee_os/core/arch/riscv/include/kernel/thread_arch.h
/optee_os/core/arch/riscv/include/riscv.h
/optee_os/core/arch/riscv/include/sbi.h
/optee_os/core/arch/riscv/kernel/asm-defines.c
/optee_os/core/arch/riscv/kernel/boot.c
/optee_os/core/arch/riscv/kernel/entry.S
/optee_os/core/arch/riscv/kernel/link.mk
/optee_os/core/arch/riscv/kernel/sbi.c
/optee_os/core/arch/riscv/kernel/thread_arch.c
/optee_os/core/arch/riscv/kernel/thread_rv.S
/optee_os/core/arch/riscv/plat-sifive/conf.mk
/optee_os/core/arch/riscv/plat-sifive/main.c
/optee_os/core/arch/riscv/plat-sifive/platform_config.h
/optee_os/core/arch/riscv/plat-sifive/sub.mk
/optee_os/core/arch/riscv/plat-spike/conf.mk
/optee_os/core/arch/riscv/plat-virt/conf.mk
/optee_os/core/arch/riscv/plat-virt/platform_config.h
/optee_os/core/arch/riscv/riscv.mk
/optee_os/core/core.mk
/optee_os/core/drivers/atmel_saic.c
/optee_os/core/drivers/clk/sam/at91_clk.h
/optee_os/core/drivers/clk/sam/clk-sam9x60-pll.c
/optee_os/core/drivers/clk/sam/sama7g5_clk.c
stm32/stm32_cryp.c
/optee_os/core/drivers/firewall/stm32_rifsc.c
/optee_os/core/drivers/imx_csu.c
/optee_os/core/drivers/remoteproc/stm32_remoteproc.c
/optee_os/core/drivers/scmi-msg/entry.c
/optee_os/core/drivers/scmi-msg/perf_domain.c
/optee_os/core/drivers/scmi-msg/perf_domain.h
/optee_os/core/drivers/scmi-msg/sub.mk
/optee_os/core/drivers/sifive_uart.c
/optee_os/core/drivers/stm32_cpu_opp.c
/optee_os/core/drivers/stm32_gpio.c
/optee_os/core/drivers/sub.mk
/optee_os/core/include/drivers/scmi-msg.h
/optee_os/core/include/drivers/sifive_uart.h
/optee_os/core/include/drivers/stm32_cpu_opp.h
/optee_os/core/include/dt-bindings/clock/at91.h
/optee_os/core/include/kernel/boot.h
/optee_os/core/include/mm/core_mmu.h
/optee_os/core/include/mm/page_alloc.h
/optee_os/core/include/mm/phys_mem.h
/optee_os/core/include/mm/tee_mm.h
/optee_os/core/kernel/boot.c
/optee_os/core/kernel/sub.mk
/optee_os/core/kernel/thread.c
/optee_os/core/mm/core_mmu.c
/optee_os/core/mm/page_alloc.c
/optee_os/core/mm/phys_mem.c
/optee_os/core/mm/sub.mk
/optee_os/core/mm/tee_mm.c
/optee_os/core/pta/tests/misc.c
/optee_os/core/tee/fs_htree.c
/optee_os/ldelf/ldelf.mk
/optee_os/ldelf/link.mk
/optee_os/lib/libmbedtls/include/mbedtls_config_kernel.h
/optee_os/lib/libmbedtls/include/mbedtls_config_uta.h
/optee_os/lib/libmbedtls/mbedtls/ChangeLog
/optee_os/lib/libmbedtls/mbedtls/SECURITY.md
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/build_info.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/check_config.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/config_adjust_legacy_crypto.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/config_adjust_legacy_from_psa.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/config_adjust_psa_superset_legacy.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/debug.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/entropy.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/error.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/gcm.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/net_sockets.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/psa_util.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/ssl.h
/optee_os/lib/libmbedtls/mbedtls/include/mbedtls/threading.h
/optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_config.h
/optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_extra.h
/optee_os/lib/libmbedtls/mbedtls/include/psa/crypto_sizes.h
/optee_os/lib/libmbedtls/mbedtls/library/aesni.c
/optee_os/lib/libmbedtls/mbedtls/library/bignum.c
/optee_os/lib/libmbedtls/mbedtls/library/bignum_core.c
/optee_os/lib/libmbedtls/mbedtls/library/bignum_core.h
/optee_os/lib/libmbedtls/mbedtls/library/bignum_core_invasive.h
/optee_os/lib/libmbedtls/mbedtls/library/ccm.c
/optee_os/lib/libmbedtls/mbedtls/library/constant_time_impl.h
/optee_os/lib/libmbedtls/mbedtls/library/ecp.c
/optee_os/lib/libmbedtls/mbedtls/library/error.c
/optee_os/lib/libmbedtls/mbedtls/library/net_sockets.c
/optee_os/lib/libmbedtls/mbedtls/library/pk.c
/optee_os/lib/libmbedtls/mbedtls/library/psa_crypto.c
/optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_cipher.c
/optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_core.h
/optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_driver_wrappers.h
/optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_ecp.c
/optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_slot_management.c
/optee_os/lib/libmbedtls/mbedtls/library/psa_crypto_storage.h
/optee_os/lib/libmbedtls/mbedtls/library/psa_util.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_client.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_debug_helpers_generated.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_misc.h
/optee_os/lib/libmbedtls/mbedtls/library/ssl_msg.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_tls.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_tls12_client.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_tls12_server.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_tls13_client.c
/optee_os/lib/libmbedtls/mbedtls/library/ssl_tls13_server.c
/optee_os/lib/libmbedtls/mbedtls/library/threading.c
/optee_os/lib/libmbedtls/mbedtls/library/version_features.c
/optee_os/lib/libutee/include/pta_stats.h
/optee_os/lib/libutee/tcb.c
/optee_os/lib/libutee/tee_api.c
/optee_os/lib/libutils/ext/ftrace/ftrace.c
/optee_os/lib/libutils/ext/include/asm.S
/optee_os/lib/libutils/ext/sub.mk
/optee_os/lib/libutils/ext/ubsan.c
/optee_os/lib/libutils/isoc/bget.c
/optee_os/lib/libutils/isoc/bget_malloc.c
/optee_os/lib/libutils/isoc/include/malloc.h
/optee_os/lib/libutils/isoc/include/malloc_flags.h
/optee_os/mk/compile.mk
/optee_os/mk/config.mk
/optee_os/scripts/checkpatch.sh
/optee_os/scripts/checkpatch_inc.sh
/optee_os/scripts/sign_encrypt.py
/optee_os/scripts/sign_rproc_fw.py
/optee_os/ta/link.mk
/optee_os/ta/link_shlib.mk
/optee_os/ta/mk/build-user-ta.mk
/optee_os/ta/mk/ta_dev_kit.mk
/optee_os/ta/pkcs11/scripts/dump_ec_curve_params.sh
/optee_os/ta/pkcs11/scripts/verify-helpers.sh
/optee_os/ta/ta.mk
e880aa9713-Sep-2021 Nicolas Toromanoff <nicolas.toromanoff@foss.st.com>

crypto: stm32: use HASH IP for HASH and HMAC algorithm

Add HASH IP drivers, and add hooks in OP-TEE crypto framework to use
HASH IP to do HASH and HMAC process

Signed-off-by: Nicolas Toromanoff <ni

crypto: stm32: use HASH IP for HASH and HMAC algorithm

Add HASH IP drivers, and add hooks in OP-TEE crypto framework to use
HASH IP to do HASH and HMAC process

Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com>
Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

85a5d97e03-May-2023 Sahil Malhotra <sahil.malhotra@nxp.com>

drivers: ele: rng: get random number from ELE

TEE_GenerateRandom() supported by ELE get random command on imx93 & imx91.

Issues in the ELE FW have been found when both, secure and
non-secure worlds

drivers: ele: rng: get random number from ELE

TEE_GenerateRandom() supported by ELE get random command on imx93 & imx91.

Issues in the ELE FW have been found when both, secure and
non-secure worlds are communicating with ELE.

To prevent any issue, rely on RNG software in OPTEE. The compilation of
hw_get_random_bytes() is conditioned by CFG_WITH_SOFTWARE_PRNG.
Set CFG_WITH_SOFTWARE_PRNG=y by default.

With CFG_WITH_SOFTWARE_PRNG enabled in OP-TEE, ELE will not be used
in OP-TEE at runtime and Linux can access the ELE without conflicts.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Signed-off-by: Olivier Masse <olivier.masse@nxp.com>
Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

4734f2cf02-Aug-2023 Sahil Malhotra <sahil.malhotra@nxp.com>

drivers: ele: add SAB init command

There has been addition of SAB init command for initializing
the Edgeleock enclave services.

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jens

drivers: ele: add SAB init command

There has been addition of SAB init command for initializing
the Edgeleock enclave services.

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

f680c91502-Aug-2023 Sahil Malhotra <sahil.malhotra@nxp.com>

drivers: ele: update session open command parameters

Update session open command parameters to be compatible with
ELE FW API doc

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jen

drivers: ele: update session open command parameters

Update session open command parameters to be compatible with
ELE FW API doc

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

bc7d76b611-May-2023 Clement Faure <clement.faure@nxp.com>

drivers: ele: allocate data in heap for HUK derivation

Use the heap and the ELE memory allocator instead of using the stack.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Signed-off-by: Sahi

drivers: ele: allocate data in heap for HUK derivation

Use the heap and the ELE memory allocator instead of using the stack.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

6681083111-May-2023 Clement Faure <clement.faure@nxp.com>

drivers: ele: use the baseline API to retrieve the UID

Use the baseline API instead of the HSM to retrieve the UID. These two
API calls are duplicates and the HSM call is soon deprecated.

Signed-of

drivers: ele: use the baseline API to retrieve the UID

Use the baseline API instead of the HSM to retrieve the UID. These two
API calls are duplicates and the HSM call is soon deprecated.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

12345678910>>...15