| 2be3770e | 16-Mar-2023 |
Xu Yizhou <xuyizhou1@huawei.com> |
core: arm64: SM4 CE optimization for ARMv8.2
Enabled with CFG_CRYPTO_SM4_ARM_CE=y, set by default if
CFG_CRYPTO_WITH_CE82=y.
Signed-off-by: Xu Yizhou <xuyizhou1@huawei.com>
Acked-by: Tianjia Zhang
core: arm64: SM4 CE optimization for ARMv8.2
Enabled with CFG_CRYPTO_SM4_ARM_CE=y, set by default if
CFG_CRYPTO_WITH_CE82=y.
Signed-off-by: Xu Yizhou <xuyizhou1@huawei.com>
Acked-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
show more ...
|
| 8b5fb12e | 07-Mar-2023 |
Xu Yizhou <xuyizhou1@huawei.com> |
core: arm64: SM4-AESE optimization for ARMv8
Enabled with CFG_CRYPTO_SM4_ARM_AESE=y, set by default if
CFG_CRYPTO_WITH_CE=y.
Signed-off-by: Xu Yizhou <xuyizhou1@huawei.com>
Acked-by: Tianjia Zhang
core: arm64: SM4-AESE optimization for ARMv8
Enabled with CFG_CRYPTO_SM4_ARM_AESE=y, set by default if
CFG_CRYPTO_WITH_CE=y.
Signed-off-by: Xu Yizhou <xuyizhou1@huawei.com>
Acked-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 6e99433e | 08-Mar-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
core: remove keep pager directive on core_init_mmu_regs()
Function core_init_mmu_regs() does not need to be unpaged, it is needed
at core initialization before MMU is setup. Remove DECLARE_KEEP_PAGE
core: remove keep pager directive on core_init_mmu_regs()
Function core_init_mmu_regs() does not need to be unpaged, it is needed
at core initialization before MMU is setup. Remove DECLARE_KEEP_PAGER()
directive (as done in core_mmu_lpae.c) as core_init_mmu_map() already
brings core_init_mmu_regs() in the init sections.
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| dd884cc2 | 06-Mar-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
plat-stm32mp1: conf: support 32bit MMU
Updates CFG_TEE_RAM_VA_SIZE default value and MAX_XLAT_TABLES when
32bit-MMU mapping is used instead of LPAE and default disable LPAE
for STM32MP15 with pager.
plat-stm32mp1: conf: support 32bit MMU
Updates CFG_TEE_RAM_VA_SIZE default value and MAX_XLAT_TABLES when
32bit-MMU mapping is used instead of LPAE and default disable LPAE
for STM32MP15 with pager. This setup optimizes pager resident memory
by about 4kB (1 physical page) in current platform default configuration.
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| 1a3d47c5 | 08-Mar-2023 |
Etienne Carriere <etienne.carriere@linaro.org> |
clk: stm32mp15: embed clock names only in debug mode
Don't embed clock names when not in debug mode, even when log level
is DEBUG_LEVEL. This saves few bytes of SYSRAM for the pager.
Acked-by: Gati
clk: stm32mp15: embed clock names only in debug mode
Don't embed clock names when not in debug mode, even when log level
is DEBUG_LEVEL. This saves few bytes of SYSRAM for the pager.
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| 9cf576a9 | 06-Mar-2023 |
Jerome Forissier <jerome.forissier@linaro.org> |
drivers: crypto: versal: do not use deprecated algorithm macros
The TEE_ALG_ECDSA_P384 and TEE_ALG_ECDSA_P521 constants are deprecated
since commit fe2fd3ff46c0 ("GP131: Add TEE_ALG_ECDH_DERIVE_SHAR
drivers: crypto: versal: do not use deprecated algorithm macros
The TEE_ALG_ECDSA_P384 and TEE_ALG_ECDSA_P521 constants are deprecated
since commit fe2fd3ff46c0 ("GP131: Add TEE_ALG_ECDH_DERIVE_SHARED_SECRET
and TEE_ALG_ECDSA_SHA*"). Therefore use TEE_ALG_ECDSA_SHA384 or
TEE_ALG_ECDSA_SHA512 instead (no functional change since the
aforementioned commit made them equal).
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 53af8d70 | 06-Mar-2023 |
Jerome Forissier <jerome.forissier@linaro.org> |
drivers: crypto: se050: do not use deprecated algorithm macros
The TEE_ALG_ECD{H,SA}_P* constants are deprecated since
commit fe2fd3ff46c0 ("GP131: Add TEE_ALG_ECDH_DERIVE_SHARED_SECRET and
TEE_ALG_
drivers: crypto: se050: do not use deprecated algorithm macros
The TEE_ALG_ECD{H,SA}_P* constants are deprecated since
commit fe2fd3ff46c0 ("GP131: Add TEE_ALG_ECDH_DERIVE_SHARED_SECRET and
TEE_ALG_ECDSA_SHA*"). Therefore use TEE_ALG_ECDSA_SHA* or
TEE_ALG_ECDH_DERIVE_SHARED_SECRET instead (no functional change since
the aforementioned commit made them equal)
Additional checks tying the curve to the algorithm do not apply anymore
since the key size (defined by the curve constant: TEE_ECC_CURVE_*) is
not the same as the hash size anymore (defined by the algorithm:
TEE_ALG_ECDSA_SHA* or TEE_ALG_ECDH_DERIVE_SHARED_SECRET).
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| fa40bed5 | 10-Mar-2023 |
Weizhao Jiang <weizhaoj@amazon.com> |
core: fix out-of-bounds access of dump_ctx
Problem: in the case of no UTA running, the buffer of dump_ctx will
be allocated with 0 size and passed to init_dump_ctx(). That causes
buffer overrunning.
core: fix out-of-bounds access of dump_ctx
Problem: in the case of no UTA running, the buffer of dump_ctx will
be allocated with 0 size and passed to init_dump_ctx(). That causes
buffer overrunning.
Solution: Check buffer size before allocate the buffer. If it's 0,
return TEE_ERROR_ITEM_NOT_FOUND.
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Weizhao Jiang <weizhaoj@amazon.com>
Signed-off-by: Weizhao Jiang <weizhaoj@amazon.com>
show more ...
|
| 442c670a | 19-Dec-2022 |
Clément Léger <clement.leger@bootlin.com> |
drivers: atmel_tcb: Use matrix_dt_get_id() to correctly retrieve the id
Use matrix_dt_get_id() instead of manual address parsing to determine
which matrix ID is to be used. Previously it was plain w
drivers: atmel_tcb: Use matrix_dt_get_id() to correctly retrieve the id
Use matrix_dt_get_id() instead of manual address parsing to determine
which matrix ID is to be used. Previously it was plain wrong since it
compared a virtual address to a physical one and thus compute a wrong
value.
Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
show more ...
|
| 9a28dbc4 | 19-Dec-2022 |
Clément Léger <clement.leger@bootlin.com> |
plat-sam: matrix: add matrix_dt_get_id() to parse matrix id from dt
Rather than using hardcoded values for matrix identifier in drivers
themselves, (which might change in future hardware SoC), add
m
plat-sam: matrix: add matrix_dt_get_id() to parse matrix id from dt
Rather than using hardcoded values for matrix identifier in drivers
themselves, (which might change in future hardware SoC), add
matrix_dt_get_id() function which allows to retrieve the ID based on a
devite-tree node reg property. This property contains the address of the
peripheral and thus can be used to match the address with an identifier.
This is also useful for peripheral which have multiple instances and thus
id is not the same for all of them.
Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
show more ...
|
| 0db29820 | 23-Jan-2023 |
Clement Faure <clement.faure@nxp.com> |
core: pta: imx: add manufacturing protection
Add the i.MX PTA to expose CAAM manufacturing protection features:
* Get manufacturing protection public key.
* Get manufacturing protection message.
core: pta: imx: add manufacturing protection
Add the i.MX PTA to expose CAAM manufacturing protection features:
* Get manufacturing protection public key.
* Get manufacturing protection message.
* Message signature with manufacturing protection private key.
Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| d538d293 | 23-Jan-2023 |
Clement Faure <clement.faure@nxp.com> |
drivers: caam: add manufacturing protection feature
The CAAM features a "manufacturing protection" functionality.
It is a authentication process used to authenticate the chip to
the OEM's server. Th
drivers: caam: add manufacturing protection feature
The CAAM features a "manufacturing protection" functionality.
It is a authentication process used to authenticate the chip to
the OEM's server. The authentication process can ensure the chip:
* is a genuine NXP part
* is a correct part type
* has been properly fused
* is running a authenticated software
* runs in secure/trusted mode.
Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| f5c3d85a | 01-Dec-2020 |
Julien Masson <jmasson@baylibre.com> |
core: crypto: add support MD5 hashes in RSA sign/verify/cipher
Introduce support of using MD5 hashes in RSA sign/verify/cipher
operations, which is required by AOSP Keymaster.
This is verified in
core: crypto: add support MD5 hashes in RSA sign/verify/cipher
Introduce support of using MD5 hashes in RSA sign/verify/cipher
operations, which is required by AOSP Keymaster.
This is verified in VerificationOperationsTest.RsaSuccess VTS Test [1],
which checks usage of such digests: NONE, MD5, SHA1, SHA_2_224, SHA_2_256,
SHA_2_384, SHA_2_512.
This patch has been inspired by commit[2]:
Link: [1] https://android.googlesource.com/platform/hardware/interfaces/+/master/keymaster/3.0/vts/functional/keymaster_hidl_hal_test.cpp
Link: [2] https://github.com/OP-TEE/optee_os/commit/199d0b7310d1705661a106358f1f0b46e4c5c587 ("core: crypto: add support MD5 hashes in RSA sign/verify")
Signed-off-by: Julien Masson <jmasson@baylibre.com>
Signed-off-by: Safae Ouajih <souajih@baylibre.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 2c952266 | 09-Mar-2023 |
Neal Frager <neal.frager@amd.com> |
core: drivers: zynqmp_csu_puf.c: increase regen time to 6ms
With further evaluation of the ZU+ PUF, we have determined that it is
possible for the PUF regeneration time to exceed 3ms. For this reas
core: drivers: zynqmp_csu_puf.c: increase regen time to 6ms
With further evaluation of the ZU+ PUF, we have determined that it is
possible for the PUF regeneration time to exceed 3ms. For this reason,
the 2023.1 version of the Xilinx xilskey library will bump the wait time
for PUF regeneration to 6ms. This patch brings optee in line with this
change.
Signed-off-by: Neal Frager <neal.frager@amd.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
show more ...
|
| 3d70a974 | 19-Jun-2018 |
Igor Opaniuk <igor.opaniuk@linaro.org> |
core: crypto: change supported HMAC key size ranges
Change supported HMAC key size range from 64 to 1024 when
CFG_HMAC_64_1024_RANGE config is enabled, This is required
to successfully pass AOSP Key
core: crypto: change supported HMAC key size ranges
Change supported HMAC key size range from 64 to 1024 when
CFG_HMAC_64_1024_RANGE config is enabled, This is required
to successfully pass AOSP Keymaster VTS tests.
From TEE Internal Core API specificaion:
"Table 5-9, support for other sizes or algorithms
is implementation-defined."
Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>
Signed-off-by: Safae Ouajih <souajih@baylibre.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 200eb7bd | 20-Feb-2023 |
Annam Sai Manisha <annam.saimanisha@arm.com> |
plat-totalcompute: remap console logs
Remapping console logs from soc uart1 (s0 termial)
to css secure (uart1_ap terminal)
Signed-off-by: Annam Sai Manisha <annam.saimanisha@arm.com>
Acked-by: Jens
plat-totalcompute: remap console logs
Remapping console logs from soc uart1 (s0 termial)
to css secure (uart1_ap terminal)
Signed-off-by: Annam Sai Manisha <annam.saimanisha@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| f4f85ac7 | 27-Feb-2023 |
Zexi Yu <yuzexi@hisilicon.com> |
drivers: crypto: add SM2 ECC encrypt and decrypt
Adds operation handlers for decryption with ECC public keys and
encryption with ECC private keys and implements SM2 curves asymmetric
ciphering.
Sig
drivers: crypto: add SM2 ECC encrypt and decrypt
Adds operation handlers for decryption with ECC public keys and
encryption with ECC private keys and implements SM2 curves asymmetric
ciphering.
Signed-off-by: Zexi Yu <yuzexi@hisilicon.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Clement Faure <clement.faure@nxp.com>
show more ...
|
| 769cbbd7 | 07-Feb-2023 |
Zexi Yu <yuzexi@hisilicon.com> |
drivers: crypto: add SM2 curve in crypto API
Add SM2 curve in function get_ecc_key_size_bytes().
Signed-off-by: Zexi Yu <yuzexi@hisilicon.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.or
drivers: crypto: add SM2 curve in crypto API
Add SM2 curve in function get_ecc_key_size_bytes().
Signed-off-by: Zexi Yu <yuzexi@hisilicon.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Clement Faure <clement.faure@nxp.com>
show more ...
|
| a3cfa14a | 23-Apr-2021 |
Clement Faure <clement.faure@nxp.com> |
drivers: caam: enable the CAAM clock when submitting a new job
Make sure the CAAM clock is running before writing to CAAM registers
when submitting a new CAAM job.
Otherwise, it would generate an OP
drivers: caam: enable the CAAM clock when submitting a new job
Make sure the CAAM clock is running before writing to CAAM registers
when submitting a new CAAM job.
Otherwise, it would generate an OPTEE data-abort.
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| 316fd6e9 | 23-Mar-2022 |
Clement Faure <clement.faure@nxp.com> |
drivers: caam: add missing header file
Fix the following warning:
In file included from core/drivers/crypto/caam/hal/imx_8m/hal_cfg.c:8:
core/drivers/crypto/caam/hal/imx_8m/../../include/caam_hal_j
drivers: caam: add missing header file
Fix the following warning:
In file included from core/drivers/crypto/caam/hal/imx_8m/hal_cfg.c:8:
core/drivers/crypto/caam/hal/imx_8m/../../include/caam_hal_jr.h:22:16: warning: ‘enum caam_jr_owner’ declared inside parameter list will not be visible outside of this definition or declaration
22 | enum caam_jr_owner owner);
| ^~~~~~~~~~~~~
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| cd857358 | 15-Nov-2022 |
Clement Faure <clement.faure@nxp.com> |
core: imx: use register_ddr() to register dynamic shared memory
Use register_ddr() to register all the DDR memory. Secure memory chunks
are automatically carved-out of the defined DDR memory ranges.
core: imx: use register_ddr() to register dynamic shared memory
Use register_ddr() to register all the DDR memory. Secure memory chunks
are automatically carved-out of the defined DDR memory ranges.
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| 9740df77 | 04-Apr-2022 |
Clément Léger <clement.leger@bootlin.com> |
drivers: clk: sam: remove hard coded USB clock setup
Now that USB clock is exposed and usable from the device-tree, we can rely
on the "assigned-clock" properties that have been added in the
device-
drivers: clk: sam: remove hard coded USB clock setup
Now that USB clock is exposed and usable from the device-tree, we can rely
on the "assigned-clock" properties that have been added in the
device-tree.
Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| 5ff81ad8 | 04-Apr-2022 |
Clément Léger <clement.leger@bootlin.com> |
dts: sama5d2: add assigned-clocks properties for usb
In order for USB to work, the correct clock parents and rates must be
set for USB clock. Assigned UTMI clock for USB clock and set its rate
to 48
dts: sama5d2: add assigned-clocks properties for usb
In order for USB to work, the correct clock parents and rates must be
set for USB clock. Assigned UTMI clock for USB clock and set its rate
to 48000000.
Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| 90dee57a | 04-Apr-2022 |
Clément Léger <clement.leger@bootlin.com> |
drivers: clk: sam: export audiopll_fracck and usbck
This allows to modify the clocks rate and parents from the device-tree
using assigned-clock-parents/rate properties rather than hardcoding the
clo
drivers: clk: sam: export audiopll_fracck and usbck
This allows to modify the clocks rate and parents from the device-tree
using assigned-clock-parents/rate properties rather than hardcoding the
clocks rate.
Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| c0e9e857 | 04-Apr-2022 |
Clément Léger <clement.leger@bootlin.com> |
drivers: clk: sam: add a macro for count of main clocks
Add a macro instead of using clock index name to define the count of main
clocks. This will ease the changes when exposing new clocks.
Signed
drivers: clk: sam: add a macro for count of main clocks
Add a macro instead of using clock index name to define the count of main
clocks. This will ease the changes when exposing new clocks.
Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|