GP131: Update TEE_CreatePersistentObject()

Update TEE_CreatePersistentObject() according to TEE Internal Core API
version 1.3.1. The objectIDLen parameter is changed to use size_t
instead of uint32_

GP131: Update TEE_CreatePersistentObject()

Update TEE_CreatePersistentObject() according to TEE Internal Core API
version 1.3.1. The objectIDLen parameter is changed to use size_t
instead of uint32_t.

The object parameter is now an optional pointer to a handle. When NULL
the standard says:
If attributes is a handle on an initialized transient object,
the initialized transient object SHALL be transformed to a
persistent object.
So syscall_storage_obj_create() is also updated accordingly.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

GP131: Update TEE_Param

Updates TEE_Param according to TEE Internal Core API version 1.3.1.

A compatibility type with a __GP11_ prefix is added for compatibility
with version 1.1. The two API funct

GP131: Update TEE_Param

Updates TEE_Param according to TEE Internal Core API version 1.3.1.

A compatibility type with a __GP11_ prefix is added for compatibility
with version 1.1. The two API functions TEE_InvokeTACommand() and
TEE_OpenTASession() are updated in a similar manner.

For the two TA entry functions TA_InvokeCommandEntryPoint() and
TA_OpenSessionEntryPoint() we are implementing those in directly in
user_ta_header.c since it's compiled with the TA and can used
conditionals based on __OPTEE_CORE_API_COMPAT_1_1.

These TA entry points calls __ta_open_sess() and __ta_invoke_cmd() to
convert TEE_Param to the compatibility __GP11_TEE_Param and in then call
the compatibility entry points __GP11_TA_OpenSessionEntryPoint() and
__GP11_TA_InvokeCommandEntryPoint().

Supplying __GP11_TA_OpenSessionEntryPoint() and
__GP11_TA_InvokeCommandEntryPoint() as function pointers ensures that
libutee doesn't try to look up the compatibility entry points when not
needed.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

GP131: Update HKDF defines

OP-TEE provides an HKDF implementation as an extension to the TEE
Internal Core API which predates version 1.3 of the specification where
HKDF was officially introduced.

GP131: Update HKDF defines

OP-TEE provides an HKDF implementation as an extension to the TEE
Internal Core API which predates version 1.3 of the specification where
HKDF was officially introduced.

Update with the official defines and resolve name clashes. With this
OP-TEE supports both the old extension and the new official API.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

GP131: Add TEE_ALG_ECDH_DERIVE_SHARED_SECRET and TEE_ALG_ECDSA_SHA*

Adds the defines
- TEE_ALG_ECDH_DERIVE_SHARED_SECRET
- TEE_ALG_ECDSA_SHA1
- TEE_ALG_ECDSA_SHA224
- TEE_ALG_ECDSA_SHA256
- TEE_ALG_

GP131: Add TEE_ALG_ECDH_DERIVE_SHARED_SECRET and TEE_ALG_ECDSA_SHA*

Adds the defines
- TEE_ALG_ECDH_DERIVE_SHARED_SECRET
- TEE_ALG_ECDSA_SHA1
- TEE_ALG_ECDSA_SHA224
- TEE_ALG_ECDSA_SHA256
- TEE_ALG_ECDSA_SHA386
- TEE_ALG_ECDSA_SHA512
from TEE Internal Core API version 1.3.1 to replace the previous now
deprecated defines:
- TEE_ALG_ECDSA_P192
- TEE_ALG_ECDSA_P224
- TEE_ALG_ECDSA_P256
- TEE_ALG_ECDSA_P384
- TEE_ALG_ECDSA_P521
- TEE_ALG_ECDH_P192
- TEE_ALG_ECDH_P224
- TEE_ALG_ECDH_P256
- TEE_ALG_ECDH_P384
- TEE_ALG_ECDH_P521

The new defines have new values and the values from the old defines are
not reused.

The syscall ABI maintains compatibility by handling both the old and new
values in parallel from now on.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: drivers: nxp: always disable povdd after trying to fuse the SFP

- The LX series manual specifies that the POVDD pin should always be
reset to GND before powering off or resetting the SoC.
-

core: drivers: nxp: always disable povdd after trying to fuse the SFP

- The LX series manual specifies that the POVDD pin should always be
reset to GND before powering off or resetting the SoC.
- The SFP driver will leave the POVDD pin raised if it encounters an
error while fusing.
- Change SFP driver to always unset POVDD after any fuse attempt.

Signed-off-by: Andrew Mustea <andrew.mustea@microsoft.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Sahil Malhotra <sahil.malhotra@nxp.com>

show more ...

core: drivers: nxp: bit shift the ITS and SB bits when reading the SFP

- The Intent to Secure (ITS) and Secure Boot (SB) flags are written to a
given pointer in ls_sfp_get_its() and ls_sfp_get_sb(

core: drivers: nxp: bit shift the ITS and SB bits when reading the SFP

- The Intent to Secure (ITS) and Secure Boot (SB) flags are written to a
given pointer in ls_sfp_get_its() and ls_sfp_get_sb() respectively.
- The written values are equivalent to the entire masked OSPR0 and OSPR1
registers.
- The two functions should instead update a pointer with a boolean
integer containing the bit shifted value of the desired flag.

Signed-off-by: Andrew Mustea <andrew.mustea@microsoft.com>
Reviewed-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: drivers: nxp: update LX series SFP fuse timeout

- The LX series manual specifies that fusing the SFP can take up to
100ms to complete.
- The fuse timeout in the LS SFP driver should be chang

core: drivers: nxp: update LX series SFP fuse timeout

- The LX series manual specifies that fusing the SFP can take up to
100ms to complete.
- The fuse timeout in the LS SFP driver should be changed to 150ms
so that the possible 100ms timeout has a buffer to interpret errors.

Signed-off-by: Andrew Mustea <andrew.mustea@microsoft.com>
Reviewed-by: Sahil Malhotra <sahil.malhotra@nxp.com>

show more ...

core: riscv: provide cache_helpers_rv.S

Simple implementation of instruction cache and data cache operations
that relies on RISC-V's fence and fence.i instructions.

Signed-off-by: Marouene Boubakri

core: riscv: provide cache_helpers_rv.S

Simple implementation of instruction cache and data cache operations
that relies on RISC-V's fence and fence.i instructions.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: riscv: provide arch_scall_rv.S

Provide an implementation of scall_do_call(), syscall_sys_return()
and syscall_panic().

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: J

core: riscv: provide arch_scall_rv.S

Provide an implementation of scall_do_call(), syscall_sys_return()
and syscall_panic().

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: riscv: arch_scall.c: implement scall_save_panic_stack()

Provide an implementation of scall_save_panic_stack() needed by
scall_sys_return_helper().

Signed-off-by: Marouene Boubakri <marouene.b

core: riscv: arch_scall.c: implement scall_save_panic_stack()

Provide an implementation of scall_save_panic_stack() needed by
scall_sys_return_helper().

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: riscv: provide arch_scall.h

Specifies what registers from thread_scall_regs are used for system calls.
The syscall number is provided in t0 register. The syscall max args is
provided in t1 reg

core: riscv: provide arch_scall.h

Specifies what registers from thread_scall_regs are used for system calls.
The syscall number is provided in t0 register. The syscall max args is
provided in t1 register. The return value is provided in a0 register.
The panic and panic code are provided respectively in a1 and a2 registers.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: riscv: implement thread management routines in thread_arch.c

This commit implements an initial thread management for RISC-V. It covers
the following routines:

- Exceptions un/masking
- Trap h

core: riscv: implement thread management routines in thread_arch.c

This commit implements an initial thread management for RISC-V. It covers
the following routines:

- Exceptions un/masking
- Trap handling, including syscalls handling.
- Thread allocation, execution, suspension, freeing with slight changes
to set RISC-V registers such as CSRs.
- RPC.

Pending routines:
- Floatting point support F/D/Q/L extensions and software FP.
- Abort mode.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: riscv: provide abort.c

Initial implementation of abort handler for RISC-V.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

core: riscv: add thread manager assembly code in thread_rv.S

This commit implements:
- An entry point of trap handler in non-vectored mode.
- thread_unwind_user_mode() and thread_exit_user_mode()
to

core: riscv: add thread manager assembly code in thread_rv.S

This commit implements:
- An entry point of trap handler in non-vectored mode.
- thread_unwind_user_mode() and thread_exit_user_mode()
to return from U-Mode.
- __thread_enter_user_mode() to jump to U-Mode from S-Mode or M-Mode.
- thread_std_smc_entry(), thread_resume() and thread_rpc().

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: riscv: riscv.h: bind registers to their ABI names

For better readability of code, allow using register ABI names
in ASM sources to match registers declarations in C files.

Signed-off-by: Maro

core: riscv: riscv.h: bind registers to their ABI names

For better readability of code, allow using register ABI names
in ASM sources to match registers declarations in C files.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: riscv: asm-defines.c: create and populate with thread-related defines

Create core/arch/riscv/kernel/asm-defines.c and add defines for thread_ctx,
thread_core_local, thread_ctx_regs, thread_use

core: riscv: asm-defines.c: create and populate with thread-related defines

Create core/arch/riscv/kernel/asm-defines.c and add defines for thread_ctx,
thread_core_local, thread_ctx_regs, thread_user_mode_rec, thread_trap_regs
and thread_scall_regs.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: riscv: kernel: add several modifications to thread_arch.h

This commits:
- Adds 4 trampoline registers to thread_core_local to store arguments of
__thread_enter_user_mode before jumping to U-Mo

core: riscv: kernel: add several modifications to thread_arch.h

This commits:
- Adds 4 trampoline registers to thread_core_local to store arguments of
__thread_enter_user_mode before jumping to U-Mode to be restored later
after exiting U-Mode.
- Populates thread_trap_regs with all registers available on RV 64/32,
this holds the trap frame for trap handling.
- Populates thread_ctx_regs with general purpose registers.
- Makes generic definition of THREAD_EXCP_FOREIGN_INTR and
THREAD_EXCP_NATIVE_INTR to work both on S-Mode and M-Mode.
- Adds prototypes for Soft FP (to be implemented later) and RPC caches.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: riscv: kernel: add thread_private_arch.h

Declares stacks sizes, thread_user_mode_rec structure to restore
context after exiting from U-Mode. It also adds prototypes for
thread_rv.s and thread_

core: riscv: kernel: add thread_private_arch.h

Declares stacks sizes, thread_user_mode_rec structure to restore
context after exiting from U-Mode. It also adds prototypes for
thread_rv.s and thread_arch.c

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: riscv: riscv.h: define generic CSRs to handle traps

Added xSTATUS and xIE related fields and flags for traps
handling.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: J

core: riscv: riscv.h: define generic CSRs to handle traps

Added xSTATUS and xIE related fields and flags for traps
handling.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: riscv: riscv_macros.S: add load_xregs and save_xregs macros

Introduce helper macros to load/store a range registers from/to a base
register at a given offset. It uses LDR and STR macros define

core: riscv: riscv_macros.S: add load_xregs and save_xregs macros

Introduce helper macros to load/store a range registers from/to a base
register at a given offset. It uses LDR and STR macros defined in riscv.h
for respectively RV32 and RV64. Offsets are shifted by RISCV_XLEN_BYTES.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-vexpress: add support for hafnium interrupt controller

Enables support for the Hafnium interrupt controller if configured with
CFG_CORE_HAFNIUM_INTC=y.

Acked-by: Jerome Forissier <jerome.foris

plat-vexpress: add support for hafnium interrupt controller

Enables support for the Hafnium interrupt controller if configured with
CFG_CORE_HAFNIUM_INTC=y.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add driver for hafnium interrupt controller

Adds a driver for the paravirtualized interrupt controller provided by
Hafnium at S-EL2. The driver is enabled with CFG_CORE_HAFNIUM_INTC=y.

The in

core: add driver for hafnium interrupt controller

Adds a driver for the paravirtualized interrupt controller provided by
Hafnium at S-EL2. The driver is enabled with CFG_CORE_HAFNIUM_INTC=y.

The interrupt controller is limited compared to the GIC and only works
with interrupt ids which are already added in the SP manifest or as
predefined reserved interrupt ids.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add CFG_CORE_IRQ_IS_NATIVE_INTR

Adds CFG_CORE_IRQ_IS_NATIVE_INTR to configure how native and foreign are
signalled.
Selects if IRQ is used to signal native interrupt
if CFG_CORE_IRQ_IS_NATIVE_

core: add CFG_CORE_IRQ_IS_NATIVE_INTR

Adds CFG_CORE_IRQ_IS_NATIVE_INTR to configure how native and foreign are
signalled.
Selects if IRQ is used to signal native interrupt
if CFG_CORE_IRQ_IS_NATIVE_INTR == y:
IRQ signals a native interrupt pending
FIQ signals a foreign non-secure interrupt or a managed exit pending
else: (vice versa)
IRQ signals a foreign non-secure interrupt or a managed exit pending
FIQ signals a native interrupt pending

CFG_CORE_IRQ_IS_NATIVE_INTR replaces the places in the code where
CFG_ARM_GICV3 was used to configure how FIQ and IRQ was treated.

CFG_CORE_IRQ_IS_NATIVE_INTR is automatically configured according to
CFG_ARM_GICV3 if CFG_GIC == y. This prepares for other interrupt
controllers where it doesn't make sense to use CFG_ARM_GICV3.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-vexpress: S-EL2 SPMC: update for hafnium

Updates needed to run with Hafnium as S-EL2 SPMC on QEMU. GIC and
reserved (static) shared is not supported, so disable it for
CFG_CORE_SEL2_SPMC=y.

Wi

plat-vexpress: S-EL2 SPMC: update for hafnium

Updates needed to run with Hafnium as S-EL2 SPMC on QEMU. GIC and
reserved (static) shared is not supported, so disable it for
CFG_CORE_SEL2_SPMC=y.

With S-EL2 on QEMU some secure memory must be set aside for Hafnium.
Since this depends on how Hafnium is compiled etc don't assume which
address range can be used by OP-TEE, instead leave that as an open
configuration option.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: add thread_hvc()

Adds thread_hvc() which is the same as thread_smc() except that it uses
the HVC instruction instead of the SMC instruction. This is useful where
an SPMC at S-EL2 expects

core: arm: add thread_hvc()

Adds thread_hvc() which is the same as thread_smc() except that it uses
the HVC instruction instead of the SMC instruction. This is useful where
an SPMC at S-EL2 expects and HVC instead of SMC for certain functions.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...