core: drivers: crypto: caam: Check PKCS_V1_5 decryption buffer size

Check if original buffer is large enough for a result of
RSA PKCS_V1_5 decryption operation.
With this change PKCS11 variable leng

core: drivers: crypto: caam: Check PKCS_V1_5 decryption buffer size

Check if original buffer is large enough for a result of
RSA PKCS_V1_5 decryption operation.
With this change PKCS11 variable length buffers are supported
for all RSA operations:
- Crypto API checks it for PKCS_V1_5 and OAEP encryptions.
- OAEP decryption already supports it.

This fixes: https://github.com/OP-TEE/optee_os/issues/5841

Acked-by: Clement Faure <clement.faure@nxp.com>
Signed-off-by: Anton Antonov <Anton.Antonov@arm.com>

show more ...

drivers: imx: tzc380: re-configure TZ380 upon PM resume

Call the initialization function of TZC380 upon resume to reconfigure
regions and check region lockdown.

Signed-off-by: Clement Faure <clemen

drivers: imx: tzc380: re-configure TZ380 upon PM resume

Call the initialization function of TZC380 upon resume to reconfigure
regions and check region lockdown.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers: imx: tzc380: do not dump TZASC state before lockdown

Remove the TZASC state dump before the region lockdown.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier

drivers: imx: tzc380: do not dump TZASC state before lockdown

Remove the TZASC state dump before the region lockdown.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers: imx: tzc380: add support for 8mscale platforms

Add the TZASC support for all 8mscale platforms.
The TZASC regions on these platforms have an offset equals to
the DRAM base address.

Signed-

drivers: imx: tzc380: add support for 8mscale platforms

Add the TZASC support for all 8mscale platforms.
The TZASC regions on these platforms have an offset equals to
the DRAM base address.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: ffa: add TOS_FW_CONFIG handling

At boot TF-A passes two DT addresses (HW_CONFIG and TOS_FW_CONFIG), but
currently only the HW_CONFIG address is saved, the other one is dropped.
This commit add

core: ffa: add TOS_FW_CONFIG handling

At boot TF-A passes two DT addresses (HW_CONFIG and TOS_FW_CONFIG), but
currently only the HW_CONFIG address is saved, the other one is dropped.
This commit adds functionality to save the TOS_FW_CONFIG too, so we can
retrieve it later. This is necessary for the CFG_CORE_SEL1_SPMC use
case, because the SPMC manifest is passed in this DT.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>

show more ...

core: crypto: fix memory leak in Ed25519 support

The software implementation of ED25519 algorithm has a memory leak in the
key and key pair allocation. Upon every public key allocation, a key pair
i

core: crypto: fix memory leak in Ed25519 support

The software implementation of ED25519 algorithm has a memory leak in the
key and key pair allocation. Upon every public key allocation, a key pair
is allocated (public and private components). When freeing the public
key, only the public component is freed. To reproduce the issue:

$ while xtest 4016; do :; done

Until the following error:

* regression_4016 Test TEE Internal API ED25519 sign/verify
E/LD: copy_section_headers:1124 sys_copy_from_ta_bin
E/TC:? 0 ldelf_init_with_ldelf:131 ldelf failed with res: 0xffff000c /usr/src/debug/optee-test/master.imx-r0/host/xtest/regression_4000.c:6062: xtest_teec_open_session(&session, &crypt_user_ta_uuid, ((void *)0), &ret_orig) has an unexpected value: 0xffff000c = TEEC_ERROR_OUT_OF_MEMORY, expected 0x0 = TEEC_SUCCESS
regression_4016 FAILED

To fix the memory leak, a separate public key allocation function must
be defined along a ED25519 public key structure.

Fixes: 0aaad418ac8b ("core: crypto: add Ed25519 support")
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: link.mk: produce tee-raw.bin by default

Adds tee-raw.bin as a dependency of all. This produces a tee-raw.bin for
all platforms when building. tee-raw.bin is more useful than for
instance

core: arm: link.mk: produce tee-raw.bin by default

Adds tee-raw.bin as a dependency of all. This produces a tee-raw.bin for
all platforms when building. tee-raw.bin is more useful than for
instance tee-pager_v2.bin which often is used when a raw binary is
needed. Platforms with a link.mk only to produce tee-raw.bin have their
link.mk removed since the generic version suffices now.

Acked-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-totalcompute: update TZDRAM_SIZE

For CFG_CORE_SEL2_SPMC, manifest size is increased from 0x1000 to
0x4000 for boot protocol support.

Signed-off-by: Rupinderjit Singh <rupinderjit.singh@arm.com

plat-totalcompute: update TZDRAM_SIZE

For CFG_CORE_SEL2_SPMC, manifest size is increased from 0x1000 to
0x4000 for boot protocol support.

Signed-off-by: Rupinderjit Singh <rupinderjit.singh@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: stm32_*: remove code for when DT is not supported

This change removes implementation managing cases when CFG_EMBED_DTB or
CFG_DT are disabled. This change aims to simplify source files and

drivers: stm32_*: remove code for when DT is not supported

This change removes implementation managing cases when CFG_EMBED_DTB or
CFG_DT are disabled. This change aims to simplify source files and is
related to commit [1] from which stm32mp1 platform requires DTB for the
drivers configuration.

Link: [1] 474ad1856b56 ("plat-stm32mp1: conf: mandate the use of device tree on STM32MP1x platforms")
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-stm32mp1: remove code for when DT is not supported

This change removes implementation managing cases when CFG_EMBED_DTB is
disabled. This change aims to simplify source files and is related to

plat-stm32mp1: remove code for when DT is not supported

This change removes implementation managing cases when CFG_EMBED_DTB is
disabled. This change aims to simplify source files and is related to
commit [1] from which stm32mp1 platform requires DTB for the drivers
configuration.

Link: [1] 474ad1856b56 ("plat-stm32mp1: conf: mandate the use of device tree on STM32MP1x platforms")
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: tpm: fix syntax in trace message

Fixes build warning (trace message below) when CFG_CORE_TPM_EVENT_LOG=y.

core/kernel/tpm.c:115:8: warning: format ‘%lu’ expects argument of type ‘long unsigne

core: tpm: fix syntax in trace message

Fixes build warning (trace message below) when CFG_CORE_TPM_EVENT_LOG=y.

core/kernel/tpm.c:115:8: warning: format ‘%lu’ expects argument of type ‘long unsigned int’, but argument 7 has type ‘size_t’ {aka ‘unsigned int’} [-Wformat=]
115 | EMSG("TPM: Not enough space for the log: %zu, %lu",
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
116 | buf_size, tpm_log_size);
| ~~~~~~~~~~~~
| |
| size_t {aka unsigned int}


Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-vexpress: enable CFG_PCKS11_TA by default

Enable the PKCS#11 TA in plat-vexpress for easier testing (such as in
CI). With this, the PKCS#11 in-tree TA is built with optee_os and
CFG_PKCS11_TA i

plat-vexpress: enable CFG_PCKS11_TA by default

Enable the PKCS#11 TA in plat-vexpress for easier testing (such as in
CI). With this, the PKCS#11 in-tree TA is built with optee_os and
CFG_PKCS11_TA is exported in the host_include folder of the TA dev kit
(host_include/conf.{mk,h,cmake}) where optee_test will find it and
also enable the PKCS#11 tests.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

qemu_armv8a: set default-user-ta-target ?= ta_arm64

Update platform vexpress-qemu_armv8a to build in-tree TAs in 64 bit
mode (ta_arm64) by default instead of 32-bit. This makes more sense
because th

qemu_armv8a: set default-user-ta-target ?= ta_arm64

Update platform vexpress-qemu_armv8a to build in-tree TAs in 64 bit
mode (ta_arm64) by default instead of 32-bit. This makes more sense
because that is the default setting in the OP-TEE development/test
environment [1].

Link: [1] https://github.com/OP-TEE/build/blob/3.20.0/qemu_v8.mk#L8
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-k3: remove duplicate comments

Removing duplicated comments in the existing as well as newly added
functions.

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
Acked-by: Etienne Carriere <eti

plat-k3: remove duplicate comments

Removing duplicated comments in the existing as well as newly added
functions.

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-k3: add config for building extended OTP PTA

Add the config to build it for K3 platforms. It is still an optional
support and can be disabled if necessary.

Signed-off-by: Manorit Chawdhry <m-c

plat-k3: add config for building extended OTP PTA

Add the config to build it for K3 platforms. It is still an optional
support and can be disabled if necessary.

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: pta: Add K3 specific PTA for writing into extended OTP

Writing into the extended OTP has been a vendor specific thing and no
generic drivers exists for it in the OP-TEE framework.

Add a PTA t

core: pta: Add K3 specific PTA for writing into extended OTP

Writing into the extended OTP has been a vendor specific thing and no
generic drivers exists for it in the OP-TEE framework.

Add a PTA to write into the custom extended OTP bits in K3 architecture.

This header should be exported out of optee-os to be used by the host
binary for interacting with the PTA.

Includes OTP keywriting PTA header file in libutee

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-k3: drivers: add TISCI calls for extended OTP

Extended OTP are a set of bits in our efuses that can be programmed for
user specific cases which deal with authentication/encryption.

This patch

plat-k3: drivers: add TISCI calls for extended OTP

Extended OTP are a set of bits in our efuses that can be programmed for
user specific cases which deal with authentication/encryption.

This patch adds support for calling extended OTP APIs using TISCI.

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

virt: rename CFG_VIRTUALIZATION to CFG_NS_VIRTUALIZATION

With the advent of virtualization support at S-EL2 in the Armv8.4-A
architecture, CFG_VIRTUALIZATION has become ambiguous. Let's rename
it to

virt: rename CFG_VIRTUALIZATION to CFG_NS_VIRTUALIZATION

With the advent of virtualization support at S-EL2 in the Armv8.4-A
architecture, CFG_VIRTUALIZATION has become ambiguous. Let's rename
it to CFG_NS_VIRTUALIZATION to indicate more clearly that it is about
supporting virtualization on the non-secure side.

This commit is the result of the following command:

$ for f in $(git grep -l -w CFG_VIRTUALIZATION); do \
sed -i -e 's/CFG_VIRTUALIZATION/CFG_NS_VIRTUALIZATION/g' $f; \
done

...plus the compatibility line in mk/config.mk:

CFG_NS_VIRTUALIZATION ?= $(CFG_VIRTUALIZATION)

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>

show more ...

core: arm: fix external DT when async notif interrupt is a GIC PPI

Fixes values loaded in interrupt properties of the optee node created
in external DT for cases where the interrupt used is a PPI.

core: arm: fix external DT when async notif interrupt is a GIC PPI

Fixes values loaded in interrupt properties of the optee node created
in external DT for cases where the interrupt used is a PPI.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: gic: rename macros GIC_SGI, GIC_PPI and GIC_SPI

Renames OP-TEE core macros GIC_SGI(), GIC_PPI() and GIC_SPI() to
GIC_xxx_TO_ITNUM() to prevent collision with macros GIC_SPI and CFG_PPI
defined

core: gic: rename macros GIC_SGI, GIC_PPI and GIC_SPI

Renames OP-TEE core macros GIC_SGI(), GIC_PPI() and GIC_SPI() to
GIC_xxx_TO_ITNUM() to prevent collision with macros GIC_SPI and CFG_PPI
defined in GIC DT bindings.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: spmc: Add support for raw binary format SPs

The current SP loading mechanism is using a similar ELF format as
GP TAs. The new SP format is a flat binary which doesn't require the
presence of a

core: spmc: Add support for raw binary format SPs

The current SP loading mechanism is using a similar ELF format as
GP TAs. The new SP format is a flat binary which doesn't require the
presence of an ELF loader and it doesn't have any SPMC specific ties.
These properties make the format the one that can be used across
different SPMC implementations. Combined with the load address relative
memory regions the sections of the binary can be mapped in a similar
way as with ELF files.
The elf-format field of the SP manifest selects the ELF based or the
binary format loading mechanism.

Signed-off-by: Imre Kis <imre.kis@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: spmc: Add support for load address relative memory regions

Add support for memory regions where the required VA is set as an
offset from the SP's load address. The mapping of memory regions is

core: spmc: Add support for load address relative memory regions

Add support for memory regions where the required VA is set as an
offset from the SP's load address. The mapping of memory regions is
done in two phases. First the load address relative memory regions
are being mapped to the given VA and then ones where the VA is
selected by the system. This way conflicts between the memory regions
in the VA space can be prevented.
The NOBITS load-flags value is similar to the NOBITS ELF sections. If
this bit is set then the SPMC allocates new area otherwise it will set
the access rights of already mapped areas.

Signed-off-by: Imre Kis <imre.kis@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ldelf: Provide access to TS load address

Propagate ELF load address from ldelf to user mode context as a
preparation for load address relative memory regions.

Signed-off-by: Imre Kis <imre.kis@arm.

ldelf: Provide access to TS load address

Propagate ELF load address from ldelf to user mode context as a
preparation for load address relative memory regions.

Signed-off-by: Imre Kis <imre.kis@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: spmc: Differentiate return values of SP manifest helpers

Distinguish between non-existing properties and invalid property
lengths in manifest helper functions to allow having optional
properti

core: spmc: Differentiate return values of SP manifest helpers

Distinguish between non-existing properties and invalid property
lengths in manifest helper functions to allow having optional
properties.

Signed-off-by: Imre Kis <imre.kis@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

versal: enable the crypto driver

The crypto driver API provides an extra indirection level to enable
different ciphers.

Since Versal ACAP supports acipher and authenc, enable them.

Falling-back to

versal: enable the crypto driver

The crypto driver API provides an extra indirection level to enable
different ciphers.

Since Versal ACAP supports acipher and authenc, enable them.

Falling-back to software operations (RSA sign/verify) triggers a
fault detection; we will disable this config while a solution is
found.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...