core: rng_hw: Remove hw_get_random_byte()

Now that all everyone is moved over to hw_get_random_bytes()
we can remove the stub hw_get_random_byte() and the weak default
hw_get_random_bytes().

Signed

core: rng_hw: Remove hw_get_random_byte()

Now that all everyone is moved over to hw_get_random_bytes()
we can remove the stub hw_get_random_byte() and the weak default
hw_get_random_bytes().

Signed-off-by: Andrew Davis <afd@ti.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: Add hw_get_random_bytes()

Currently there are two options for supporting hardware RNG, implementing
hw_get_random_byte() or overriding crypto_rng_read().

crypto_rng_read() is provided by eith

core: Add hw_get_random_bytes()

Currently there are two options for supporting hardware RNG, implementing
hw_get_random_byte() or overriding crypto_rng_read().

crypto_rng_read() is provided by either a software PRNG or by a hardware
RNG through a weak function in rng_hw.c. This weak function repeatedly
calls hw_get_random_byte(). This can be an unneeded slowdown for
platforms that fetch more than one byte of randomness per call to their
HW RNG (all of them). The usual pattern is to store these extra bytes
in a FIFO and feed them out one at a time. But since the only two callers
of hw_get_random_byte() are themselves users of more than one byte this
indirection is unnecessary. To get around this some platforms have also
started overriding crypto_rng_read() which makes the API flow a bit less
intuitive than it could be.

Plan here is that platforms only need to implement hw_get_random_bytes().
This can be called with length = 1 if we only need a single byte. But in
the more common case we get a performance boost and simplify the RNG call
flow.

To start we keep hw_get_random_byte() and have the new
hw_get_random_bytes() use it to get platform HW RNG byte at a time.
When we finish moving all plats over to hw_get_random_bytes() then
hw_get_random_byte() can be removed.

Signed-off-by: Andrew Davis <afd@ti.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-stm32mp1: scmi_server update for STM32MP13

Update the SCMI server to support STM32MP13 and its SCMI domains: clock,
reset and voltage.

This change also remove the '0' index to the SCMI domains

plat-stm32mp1: scmi_server update for STM32MP13

Update the SCMI server to support STM32MP13 and its SCMI domains: clock,
reset and voltage.

This change also remove the '0' index to the SCMI domains in order to
align with Linux kernel.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

dt-bindings: add STM32MP13 regulator bindings

These bindings will be used for the SCMI voltage domain.

Signed-off-by: Pascal Paillet <p.paillet@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien

dt-bindings: add STM32MP13 regulator bindings

These bindings will be used for the SCMI voltage domain.

Signed-off-by: Pascal Paillet <p.paillet@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: stm32_rng: don't export stm32_rng_read_raw()

No need to export stm32_rng function stm32_rng_read_raw(). It is only
called from stm32_rng_read(). Also removes re-enabling of RNG in
stm32_rng

drivers: stm32_rng: don't export stm32_rng_read_raw()

No need to export stm32_rng function stm32_rng_read_raw(). It is only
called from stm32_rng_read(). Also removes re-enabling of RNG in
stm32_rng_read_raw() since already handled by caller function.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: imx: dcp: disable the use of UNIQUE KEY after HUK generation

Disable the use of DCP unique key (0xfe in the DCP key selection) after
the HUK generation.
The DCP unique key is used to genera

drivers: imx: dcp: disable the use of UNIQUE KEY after HUK generation

Disable the use of DCP unique key (0xfe in the DCP key selection) after
the HUK generation.
The DCP unique key is used to generate the HUK at boot time. Disabling
the use of the unique key prevents the non-secure world from
re-generating the HUK.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Ricardo Salveti <ricardo@foundries.io> (imx-mx6ullevk)

show more ...

drivers: stm32_shared_io: introduce shared io driver

This commit implements shared registers support, previously handled in
core/arch/arm/plat-stm32mp1/shared_resources.c, at platform level.

Defaul

drivers: stm32_shared_io: introduce shared io driver

This commit implements shared registers support, previously handled in
core/arch/arm/plat-stm32mp1/shared_resources.c, at platform level.

Default enable CFG_STM32_SHARED_IO.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: handle large holes in S-EL0 map

Prior to this patch it was assumed that the memory map of a user mode
context had no holes or very small holes. This leads to a higher pressure
on the translati

core: handle large holes in S-EL0 map

Prior to this patch it was assumed that the memory map of a user mode
context had no holes or very small holes. This leads to a higher pressure
on the translation tables than necessary.

So fix this by skipping to allocate translation tables for holes in the
memory map of a user mode context where possible.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-stm32mp1: remove SCMI0 channel index

Removes index 0 from SCMI DT binding ID macros and driver labels to
synchronize with Linux kernel 5.18 that considers a single SCMI
channel, see [1] and [2]

plat-stm32mp1: remove SCMI0 channel index

Removes index 0 from SCMI DT binding ID macros and driver labels to
synchronize with Linux kernel 5.18 that considers a single SCMI
channel, see [1] and [2].

Link: [1] https://lore.kernel.org/linux-arm-kernel/20220422150952.20587-4-alexandre.torgue@foss.st.com
Link: [2] https://lore.kernel.org/linux-arm-kernel/20220422150952.20587-5-alexandre.torgue@foss.st.com
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-stm32mp1: scmi_server: removed unused channel SCMI1

Remove this SCMI channel from DT bindings and platform driver as it is
unused.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.c

plat-stm32mp1: scmi_server: removed unused channel SCMI1

Remove this SCMI channel from DT bindings and platform driver as it is
unused.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: drivers: update stm32mp_dt_bindings.h

Adds st,stm32mp15-regulator.h to the header files included for
stm32mp15 as these bindings are used for SCMI services.

Signed-off-by: Gatien Chevallier <

core: drivers: update stm32mp_dt_bindings.h

Adds st,stm32mp15-regulator.h to the header files included for
stm32mp15 as these bindings are used for SCMI services.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: drivers: fix stm32mp_dt_bindings.h

Removes stm32mp1-clksrc.h header file include as this file doesn't
exist.

Fixes: 19a4632e0f17 ("dt-bindings: stm32: add stm32mp13 clock and
reset bindings")

core: drivers: fix stm32mp_dt_bindings.h

Removes stm32mp1-clksrc.h header file include as this file doesn't
exist.

Fixes: 19a4632e0f17 ("dt-bindings: stm32: add stm32mp13 clock and
reset bindings")

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: include: io.h: define io_read64() and io_write64() helpers

Add 64 bits read/write functions.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jerome Forissier <jerome

core: include: io.h: define io_read64() and io_write64() helpers

Add 64 bits read/write functions.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: deprecate vm_add_rwmem() and vm_rem_rwmem()

Deprecates vm_add_rwmem() and vm_rem_rwmem(), they should only be
called from mobj_seccpy_shm_alloc() and mobj_seccpy_shm_free().

Reviewed-by: Etie

core: deprecate vm_add_rwmem() and vm_rem_rwmem()

Deprecates vm_add_rwmem() and vm_rem_rwmem(), they should only be
called from mobj_seccpy_shm_alloc() and mobj_seccpy_shm_free().

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto: add X25519 support

This adds the X25519 core functionality and
enables support for Curve25519 key attribute
type for OP-TEE crypto syscalls.

Acked-by: Etienne Carriere <etienne.carrie

core: crypto: add X25519 support

This adds the X25519 core functionality and
enables support for Curve25519 key attribute
type for OP-TEE crypto syscalls.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Sohaib ul Hassan <sohaib.ul.hassan@unikie.com>

show more ...

drivers: atmel_piobu: add driver

Add piobu driver which handle secumod GPIOs. This driver also handle
tampering interrupts on GPIOs which are configured as input with the
device-tree. For instance,

drivers: atmel_piobu: add driver

Add piobu driver which handle secumod GPIOs. This driver also handle
tampering interrupts on GPIOs which are configured as input with the
device-tree. For instance, the following device-tree excerpt allows to
set an input as an intrusion detection pin:

gpios = <0 PIOBU_PIN_INPUT(1, 1, PIOBU_PIN_PULL_DOWN,
PIOBU_PIN_DEF_LEVEL_LOW, PIOBU_PIN_WAKEUP_ENABLE)>;

In case of a tamper event, the source of the tampering will be
displayed.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>

show more ...

drivers: atmel_rtc: add atmel_rtc_get_tamper_timestamp()

The sama5d2 RTC actually hold the timestamp of the last tampering
attempt. Add a function to get the last time of tampering detection.

Acked

drivers: atmel_rtc: add atmel_rtc_get_tamper_timestamp()

The sama5d2 RTC actually hold the timestamp of the last tampering
attempt. Add a function to get the last time of tampering detection.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>

show more ...

drivers: scmi-msg: add SCMI MSG message protocol

Implements MSG header protocol to handle SCMI messages. MSG header
protocol was introduced in Linux kernel v5.15 [1]. It relies on normal
cached shar

drivers: scmi-msg: add SCMI MSG message protocol

Implements MSG header protocol to handle SCMI messages. MSG header
protocol was introduced in Linux kernel v5.15 [1]. It relies on normal
cached shared memory buffer using a 32bit header followed by the SCMI
message payload.

To support this message interface, the SCMI PTA defines a new capability
and a new command. Capability PTA_SCMI_CAPS_MSG_HEADER allows client and
service to negotiate the desired transport configuration. Command
PTA_SCMI_CMD_PROCESS_MSG_CHANNEL allows client to request processing
of a message sent based on that message exchange protocol.

Platforms shall enable configuration switch CFG_SCMI_MSG_SHM_MSG to have
their SCMI service supporting that communication protocol.

Link: [1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f301bba0ca7392d16a6ea4f1d264a91f1fadea1a
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: imx_snvs: add master key selection

Select the OTPMK as the SNVS master key when the platforms is in closed
state.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Fori

drivers: imx_snvs: add master key selection

Select the OTPMK as the SNVS master key when the platforms is in closed
state.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: drivers: merge i.MX SNVS driver files

Move the implementation of plat_rpmb_key_is_ready() from
plat-imx/drivers/imx_snvs.c to drivers/imx_snvs.c

Signed-off-by: Clement Faure <clement.faure@nx

core: drivers: merge i.MX SNVS driver files

Move the implementation of plat_rpmb_key_is_ready() from
plat-imx/drivers/imx_snvs.c to drivers/imx_snvs.c

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers: scmi-msg: correct inline description

Fixes inline description comment of plat_scmi_clock_rates_array()
and scmi_smt_init_agent_channel().

Acked-by: Jens Wiklander <jens.wiklander@linaro.or

drivers: scmi-msg: correct inline description

Fixes inline description comment of plat_scmi_clock_rates_array()
and scmi_smt_init_agent_channel().

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: decrease register size for gicv2

The mapped size for GIC distributor and cpu registers is currently
defined to the size used for GICv3. GICv2 doesn't need such large sizes,
in fact some platfo

core: decrease register size for gicv2

The mapped size for GIC distributor and cpu registers is currently
defined to the size used for GICv3. GICv2 doesn't need such large sizes,
in fact some platforms has the distributor and cpu registers next to
each other in the physical memory map. This causes an overlap that can
be confusing. Fix this by selecting a smaller size when a GICv2 is used
instead.

It should be noted GICC_DIR is at offset 0x1000 in the cpu interface so
this register will not be accessible, but this should not be a problem
since OP-TEE doesn't use that register.

Reviewed-by: Vishnu Banavath <vishnu.banavath@arm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

tpm2: Add TPM2 as PCR provider to TCG eventlog parsing framework

TCG eventlog parsing framework parses the eventlog and extends the
PCR's. For this, it needs a provider for PCR's. Register TPM2 as
a

tpm2: Add TPM2 as PCR provider to TCG eventlog parsing framework

TCG eventlog parsing framework parses the eventlog and extends the
PCR's. For this, it needs a provider for PCR's. Register TPM2 as
a provider to this framework.

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: Add support to parse TPM eventlog and extend PCRs

Support for OP-TEE to parse the TPM eventlog. The eventlog format
is based on TCG specification [1], so we call this TCG framework.

To parse

core: Add support to parse TPM eventlog and extend PCRs

Support for OP-TEE to parse the TPM eventlog. The eventlog format
is based on TCG specification [1], so we call this TCG framework.

To parse the eventlog and extend PCR's device is needed which
supports PCR's. This device can be TPM or any other HSM which
supports PCR like registers. Such a device can register itself
as a TCG provider for PCR information and ability to extend the
PCR's.

[1] TCG PC Client Platform Firmware Profile Specification
link: https://trustedcomputinggroup.org/resource/pc-client-specific-platform-firmware-profile-specification/

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

tpm2: Add commands to GetCapability, Read/Extend PCR

Add support for TPM2_PCR_{Read/Extend} and TPM2_GetCapability.
TPM uses PCR for integrity collections. Add support to
read and extend PCR's. For

tpm2: Add commands to GetCapability, Read/Extend PCR

Add support for TPM2_PCR_{Read/Extend} and TPM2_GetCapability.
TPM uses PCR for integrity collections. Add support to
read and extend PCR's. For PCR's some generic information like
number of banks, number of PCR's, supported and active algorithms etc.
is required which can be obtained from TPM using TPM2_GetCapability
command. This information is required at lot of places, so save the
basic capability information with tpm2_chip.

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...