driver: tpm2: remove TPM2 driver

Remove TPM2 driver from OP-TEE core. OP-TEE will instead rely on a
remote REE TPM2 driver allowing REE OS to embed TPM2 software stack
and leverage TPM2 features.

A

driver: tpm2: remove TPM2 driver

Remove TPM2 driver from OP-TEE core. OP-TEE will instead rely on a
remote REE TPM2 driver allowing REE OS to embed TPM2 software stack
and leverage TPM2 features.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

crypto: se050: compare symmetric keys in constant time

Symmetric keys should be compared in constant time to protect against
side channel attacks.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundrie

crypto: se050: compare symmetric keys in constant time

Symmetric keys should be compared in constant time to protect against
side channel attacks.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers: caam: rework the CAAM crypto makefile

Re-work the CAAM crypto makefile to make it more readable.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wikland

drivers: caam: rework the CAAM crypto makefile

Re-work the CAAM crypto makefile to make it more readable.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: caam: remove CFG_NXP_CAAM_ACIPHER compilation flag

Remove useless CFG_NXP_CAAM_ACIPHER compilation flag. This flag acts as
a duplicate of CFG_CRYPTO_DRV_ACIPHER compilation flag.

Signed-of

drivers: caam: remove CFG_NXP_CAAM_ACIPHER compilation flag

Remove useless CFG_NXP_CAAM_ACIPHER compilation flag. This flag acts as
a duplicate of CFG_CRYPTO_DRV_ACIPHER compilation flag.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: imx_csu: move imx_csu driver source file

Move imx_csu driver from plat-imx/ to core/drivers/
Rename CFG_CSU to CFG_IMX_CSU compilation flag.

Signed-off-by: Clement Faure <clement.faure@nxp

drivers: imx_csu: move imx_csu driver source file

Move imx_csu driver from plat-imx/ to core/drivers/
Rename CFG_CSU to CFG_IMX_CSU compilation flag.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers: imx_scu: move imx_scu driver source file

Move imx_scu driver from plat-imx/ to core/drivers/
Rename CFG_SCU to CFG_IMX_SCU compilation flag.

Signed-off-by: Clement Faure <clement.faure@nxp

drivers: imx_scu: move imx_scu driver source file

Move imx_scu driver from plat-imx/ to core/drivers/
Rename CFG_SCU to CFG_IMX_SCU compilation flag.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

driver: imx_caam: move imx_caam driver source file

Move imx_caam driver from plat-imx/ to core/drivers/

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Jerome Forissier <jerome.fo

driver: imx_caam: move imx_caam driver source file

Move imx_caam driver from plat-imx/ to core/drivers/

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers: add cbmem console driver

This adds a CBMEM console driver which gets the cbmem address from a
device tree with the coreboot table information.

Signed-off-by: Jeffrey Kardatzke <jkardatzke@

drivers: add cbmem console driver

This adds a CBMEM console driver which gets the cbmem address from a
device tree with the coreboot table information.

Signed-off-by: Jeffrey Kardatzke <jkardatzke@google.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: dt_driver: move related content from dt.h to dt_driver.h

Moves so-called dt_driver related declarations and definitions from
dt.h to dt_drivers.h. Incidentally adds an inline description to
en

core: dt_driver: move related content from dt.h to dt_driver.h

Moves so-called dt_driver related declarations and definitions from
dt.h to dt_drivers.h. Incidentally adds an inline description to
enum dt_driver_type. This change clarifies when a source file shall
include dt.h and/or dt_driver.h.

This change updates driver source files to include none, one or both of
these header files where applicable.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

crypto: versal: ecc: allow software fallback on key allocation

The driver only supports ECDH/ECDSA key types. Other key types shall be
entirely handled by a software implementation enabled at compil

crypto: versal: ecc: allow software fallback on key allocation

The driver only supports ECDH/ECDSA key types. Other key types shall be
entirely handled by a software implementation enabled at compile time.

Fixes xtest regression 4006:
regression_4006.43 Asym Crypto case 426 algo 0x80000046 line 373

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

crypto: se050: ecc: allow software fallback on key allocation requests

The driver only supports ECDH/ECDSA key types. Other key types shall be
entirely handled by a software implementation enabled a

crypto: se050: ecc: allow software fallback on key allocation requests

The driver only supports ECDH/ECDSA key types. Other key types shall be
entirely handled by a software implementation enabled at compile time.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

crypto_api: acipher: ecc key allocation API, pass the key type

For Elliptic Curve, the cryptographic API can fallback to its software
operation instead of failing due to the lack of hardware support

crypto_api: acipher: ecc key allocation API, pass the key type

For Elliptic Curve, the cryptographic API can fallback to its software
operation instead of failing due to the lack of hardware support.

The relevant code can be see seen in the function
crypto_acipher_alloc_ecc_keypair(..).

crypto_api/acipher/ecc.c however does not pass the key type to the
relevant driver and therefore the backend driver can not take the
correct action at allocation time.

This commit addresses that limitation.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Clement Faure <clement.faure@nxp.com>

show more ...

drivers: i2c: fix fdt_xxx() function label

Fixes I2C bus driver and atmel_i2c driver regarding function
fdt_reg_base_address() and fdt_get_status() labels change in commit [1].

Fixes: f354a5d8f98e

drivers: i2c: fix fdt_xxx() function label

Fixes I2C bus driver and atmel_i2c driver regarding function
fdt_reg_base_address() and fdt_get_status() labels change in commit [1].

Fixes: f354a5d8f98e ("core: replace _fdt_ prefix with fdt_ for device tree API")
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: replace _fdt_ prefix with fdt_ for device tree API

As per upstream discussion, there is no reason to keep _fdt_ prefix.
Replaces it with fdt_ for all occurrences.

Signed-off-by: Gatien Cheval

core: replace _fdt_ prefix with fdt_ for device tree API

As per upstream discussion, there is no reason to keep _fdt_ prefix.
Replaces it with fdt_ for all occurrences.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: atmel_i2c: add new driver

Add a driver for the atmel I2C controller that can be found on sama5d2
platforms. This driver allows to execute standard I2C requests as well
as SMBus protocol com

drivers: atmel_i2c: add new driver

Add a driver for the atmel I2C controller that can be found on sama5d2
platforms. This driver allows to execute standard I2C requests as well
as SMBus protocol commands.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: i2c: add a simple framework to handle i2c devices

Add simple i2c support which provides support for I2C controllers and
devices using the generic DT mechanisms that already exists. I2C
cont

drivers: i2c: add a simple framework to handle i2c devices

Add simple i2c support which provides support for I2C controllers and
devices using the generic DT mechanisms that already exists. I2C
controllers needs to implement i2c_ctrl_ops to provide i2c operations
such as read, write and smbus commands depending on their capabilities.
I2C devices driver can then be defined using DEFINE_I2C_DEV_DRIVER().
This macros will use a default i2c probe function (__i2c_probe()) which
will then call the I2C device probe function by passing a i2c_dev struct
that can be used to communicate with the I2C device defined in the
device-tree.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: caam: disable CFG_CRYPTO_SM2_* when ECC CAAM driver is enabled

Disable CFG_CRYPTO_SM2_PKE and CFG_CRYPTO_SM2_KEP as ECC CAAM driver
does not support ECC encryption.
Disable CFG_CRYPTO_SM2_D

drivers: caam: disable CFG_CRYPTO_SM2_* when ECC CAAM driver is enabled

Disable CFG_CRYPTO_SM2_PKE and CFG_CRYPTO_SM2_KEP as ECC CAAM driver
does not support ECC encryption.
Disable CFG_CRYPTO_SM2_DSA as ECC CAAM driver does not support ECC SM2
signature.

This is a temporary fix until a proper software crypto fallback
is implemented.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

TZASC: Allow 32KB region size

According to the ARM TZC-380 Technical Reference Manual, 32KB is the
minimum region size [1]. But before this patch, tzc_auto_configure()
allowed only 64KB as minimum.

TZASC: Allow 32KB region size

According to the ARM TZC-380 Technical Reference Manual, 32KB is the
minimum region size [1]. But before this patch, tzc_auto_configure()
allowed only 64KB as minimum.

(pow > 15) implies the following:
region_size = (1ULL << pow) = (2^pow) > 32KB

After this patch, (pow >= 15) gives us region_size >= 32KB.

Tested on i.MX6UL.

Link: [1] https://developer.arm.com/documentation/ddi0431/c/programmers-model/register-descriptions/region-attributes--n--register?lang=en
Signed-off-by: Philip Oberfichtner <pro@denx.de>
Acked-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: caam: fix MP abstraction layer functions

Compile manufacturing HAL functions only if the platform supports it.

Fixes: d538d2936c22 ("drivers: caam: add manufacturing protection feature")
S

drivers: caam: fix MP abstraction layer functions

Compile manufacturing HAL functions only if the platform supports it.

Fixes: d538d2936c22 ("drivers: caam: add manufacturing protection feature")
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: caam: math: add CFG_NXP_CAAM_MATH_DRV compilation flag

Add CFG_NXP_CAAM_MATH_DRV compilation flag for caam_math.c
Remove CFG_NXP_CAAM_ACIPHER_DRV flag.
Bind the compilation of caam_rsa.c an

drivers: caam: math: add CFG_NXP_CAAM_MATH_DRV compilation flag

Add CFG_NXP_CAAM_MATH_DRV compilation flag for caam_math.c
Remove CFG_NXP_CAAM_ACIPHER_DRV flag.
Bind the compilation of caam_rsa.c and caam_prime_rsa.c to
CFG_NXP_CAAM_RSA_DRV.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: crypto: add support for SM2_DSA_SM3

Adds TEE_TYPE_SM2_DSA_SM3_PUBLIC_KEY to
drvcrypt_asym_alloc_ecc_public_key() and adds
TEE_TYPE_SM2_DSA_SM3_KEYPAIR to drvcrypt_asym_alloc_ecc_keypair().

drivers: crypto: add support for SM2_DSA_SM3

Adds TEE_TYPE_SM2_DSA_SM3_PUBLIC_KEY to
drvcrypt_asym_alloc_ecc_public_key() and adds
TEE_TYPE_SM2_DSA_SM3_KEYPAIR to drvcrypt_asym_alloc_ecc_keypair(). Adds
support for TEE_MAIN_ALGO_SM2_DSA_SM3 in ecc_sign and ecc_verify.

Signed-off-by: Zexi Yu <yuzexi@hisilicon.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: se050: allow configuring the Secure Element applet

Add CFG_CORE_SE05X_VER to allow configuring the desirable applet
version.
This enables making the driver compatible with newer elements.

drivers: se050: allow configuring the Secure Element applet

Add CFG_CORE_SE05X_VER to allow configuring the desirable applet
version.
This enables making the driver compatible with newer elements.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: stm32mp15_huk: use DT HUK NVMEM layout API

Adds the possibility to get the HUK from OTP definition in the device tree
using the function stm32_bsec_find_otp_in_nvmem_layout().

Signed-off-b

drivers: stm32mp15_huk: use DT HUK NVMEM layout API

Adds the possibility to get the HUK from OTP definition in the device tree
using the function stm32_bsec_find_otp_in_nvmem_layout().

Signed-off-by: Thomas BOURGOIN <thomas.bourgoin@foss.st.com>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

se050: ecc: SE050-F shared secret

The SE050-F does not support shared secret generation.
Allow this operation to also fallback to its software implementation.

Fixes: 6cc77cdd73aa ("crypto: drivers:

se050: ecc: SE050-F shared secret

The SE050-F does not support shared secret generation.
Allow this operation to also fallback to its software implementation.

Fixes: 6cc77cdd73aa ("crypto: drivers: se050-f: ecc: can fallback to softw-ops")
Test: xtest regression_4009
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers: imx_ele: add ELE driver

Add EdgeLock Enclave (or ELE) driver support.
ELE is a built-in security subsystem available on imx8ulp and imx93
providing security features to the Cortex-A.

Signe

drivers: imx_ele: add ELE driver

Add EdgeLock Enclave (or ELE) driver support.
ELE is a built-in security subsystem available on imx8ulp and imx93
providing security features to the Cortex-A.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...