drivers: implement lpc_uart driver

Support for lpc_uart that is a serial driver.

Signed-off-by: Xiaoxu Zeng <zengxiaoxu@huawei.com>
Signed-off-by: Zeng Tao <prime.zeng@hisilicon.com>
Reviewed-by: J

drivers: implement lpc_uart driver

Support for lpc_uart that is a serial driver.

Signed-off-by: Xiaoxu Zeng <zengxiaoxu@huawei.com>
Signed-off-by: Zeng Tao <prime.zeng@hisilicon.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto: Fix tee_obj_attr_copy_from for X25519

Make sure in tee_obj_attr_copy_from() if the source object type
is TEE_TYPE_X25519_KEYPAIR the destination object type should be
TEE_TYPE_X25519_P

core: crypto: Fix tee_obj_attr_copy_from for X25519

Make sure in tee_obj_attr_copy_from() if the source object type
is TEE_TYPE_X25519_KEYPAIR the destination object type should be
TEE_TYPE_X25519_PUBLIC_KEY. The function should extract public
key attributes if presented with a key pair object.

According to the TEE Internal Core API Specification v1.2 we should
check if the source is of type *_KEYPAIR then the destination is a
subset of type *_PUBLIC_KEY when populating the destination object as
listed in the Table 5-11.

Fixes: 90040fa4c81c ("core: crypto: add X25519 support")
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Sohaib ul Hassan <sohaib.ul.hassan@unikie.com>

show more ...

drivers: imx_lpuart: remove stubbed .flush() implementation

There is no need to provide function stubs for unimplemented functions
in struct serial_ops. Just let the compiler set the pointer to NULL

drivers: imx_lpuart: remove stubbed .flush() implementation

There is no need to provide function stubs for unimplemented functions
in struct serial_ops. Just let the compiler set the pointer to NULL.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: struct serial_ops: make all functions optional except putc()

Many platforms only use the putc() function pointer in struct
serial_ops. Therefore, explicitly make the others optional (flush(

drivers: struct serial_ops: make all functions optional except putc()

Many platforms only use the putc() function pointer in struct
serial_ops. Therefore, explicitly make the others optional (flush(),
have_rx_data() and getchar()) by adding comments to the struct and
making sure the code checks the pointer before using them.

With this it should be clear that drivers do not need to provide
stub functions.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: drivers: nxp: Add LX series SFP driver

- Implement reading and writing to the NXP LX2160-series Security Fuse
Processor (SFP).
- Add the CFG_LS_SFP flag to enable building the SFP driver.
-

core: drivers: nxp: Add LX series SFP driver

- Implement reading and writing to the NXP LX2160-series Security Fuse
Processor (SFP).
- Add the CFG_LS_SFP flag to enable building the SFP driver.
- The SFP driver should be able to:
- Read the entire SFP.
- Read the debug level.
- Read the Intent to Secure (ITS) and Secure Boot (SB) flags.
- Read individual OEM Unique Scratch Pad Fuse (OUID) registers.
- Read individual Super Root Key Hash (SRKH) registers.
- Set the debug level.
- Set the device to permanently program the fuse block by
setting the ITS and SB flags.
- Set individual OUID registers.
- Get the status of the SFP driver itself.
- Update fsl-lx2160a device tree with sfp and gpio nodes.

Signed-off-by: Andrew Mustea <andrew.mustea@microsoft.com>
Reviewed-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

Fix TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_*

Commit 5b385b3f835d ("core: crypto: add support for SM2 KEP")defined by
mistake the wrong values for these two. To fix this we're are renaming
these IDs alt

Fix TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_*

Commit 5b385b3f835d ("core: crypto: add support for SM2 KEP")defined by
mistake the wrong values for these two. To fix this we're are renaming
these IDs alternative IDs which OP-TEE will recognize in addition to the
correct official values when deriving a key using the TEE_ALG_SM2_KEP
algorithm.

TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_X and
TEE_ATTR_ECC_EPHEMERAL_PUBLIC_VALUE_Y are only used as input parameters
so there is no need to translate back to the old invalid values.

Fixes: 5b385b3f835d ("core: crypto: add support for SM2 KEP")
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: embedded_ts: use mempool to decompress TS image

Changes embedded TS management to have zlib using default mempool to
allocate buffers for image decompression. This is useful as the process
can

core: embedded_ts: use mempool to decompress TS image

Changes embedded TS management to have zlib using default mempool to
allocate buffers for image decompression. This is useful as the process
can require buffer of several kilobytes.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: crypto: implement SM4 XTS

In this patch, we add software computing support for sm4-xts.

Signed-off-by: Pingan Xie <xiepingan3@huawei.com>
Reviewed-by: Xiaoxu Zeng <zengxiaoxu@huawei.com>
Acke

core: crypto: implement SM4 XTS

In this patch, we add software computing support for sm4-xts.

Signed-off-by: Pingan Xie <xiepingan3@huawei.com>
Reviewed-by: Xiaoxu Zeng <zengxiaoxu@huawei.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core, libutee: introduce TEE_ALG_SM4_XTS

In this patch, The sm4-xts algorithm is supported in the GP process.

Signed-off-by: Pingan Xie <xiepingan3@huawei.com>
Reviewed-by: Xiaoxu Zeng <zengxiaoxu@

core, libutee: introduce TEE_ALG_SM4_XTS

In this patch, The sm4-xts algorithm is supported in the GP process.

Signed-off-by: Pingan Xie <xiepingan3@huawei.com>
Reviewed-by: Xiaoxu Zeng <zengxiaoxu@huawei.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers: versal: SHA3-384 engine support

Enable the PLM controlled SHA3-384 cryptographic engine for TEE core
usage.

Since the engine does not have the concept of "context", it can't
provide the le

drivers: versal: SHA3-384 engine support

Enable the PLM controlled SHA3-384 cryptographic engine for TEE core
usage.

Since the engine does not have the concept of "context", it can't
provide the level support required by user-space (multiple parallel
contexts) hence why it is being provided just to the core.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Nathan Menhorn <nathan.menhorn@amd.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

crypto: fallback to LibTomCrypt for X25519/Ed25519 when CFG_CRYPTOLIB_NAME=mbedtls

Mbed TLS currently does not support X25519/Ed25519. This commit allows the
use of LTC implementation of these algor

crypto: fallback to LibTomCrypt for X25519/Ed25519 when CFG_CRYPTOLIB_NAME=mbedtls

Mbed TLS currently does not support X25519/Ed25519. This commit allows the
use of LTC implementation of these algorithms when CFG_CRYPTO_ED25519=y
and/or CFG_CRYPTO_X25519=y, and CFG_CRYPTOLIB_NAME=mbedtls.

Signed-off-by: Sergiy Kibrik <Sergiy_Kibrik@epam.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

crypto: versal: RSA driver

This driver uses the PLM xilsecure service to deliver RSA
encryption/decryption functionality.

https://github.com/Xilinx/embeddedsw

Signed-off-by: Jorge Ramirez-Ortiz <j

crypto: versal: RSA driver

This driver uses the PLM xilsecure service to deliver RSA
encryption/decryption functionality.

https://github.com/Xilinx/embeddedsw

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

Add support for compiler stack protector

This change add support for CFG_CORE_STACK_PROTECTOR{,_STRONG,_ALL}
and CFG_TA_STACK_PROTECTOR{,_STRONG,_ALL}. This flag enable the
compiler stack overflow p

Add support for compiler stack protector

This change add support for CFG_CORE_STACK_PROTECTOR{,_STRONG,_ALL}
and CFG_TA_STACK_PROTECTOR{,_STRONG,_ALL}. This flag enable the
compiler stack overflow protection feature -fstack-protector* and
also generate random stack canary value on kernel boot and TA entry.

Weak function plat_get_random_stack_canary() can be override by
platform to provide random stack canary value for the core kernel.

Signed-off-by: Khoa Hoang <admin@khoahoang.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

crypto: versal: elliptic curve cryptography driver

This driver uses the PLM xilsecure service to deliver ECC sign/verify
functionality.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked

crypto: versal: elliptic curve cryptography driver

This driver uses the PLM xilsecure service to deliver ECC sign/verify
functionality.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: ecc: support the crypto driver

Provide an interface that can be used by drivers using the Crypto API
so that they can fallback to LTC software operations.

Signed-off-by: Jorge Ramirez-Or

core: ltc: ecc: support the crypto driver

Provide an interface that can be used by drivers using the Crypto API
so that they can fallback to LTC software operations.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ecc: support the crypto driver

Provide an interface that cryptographic IC drivers can use to fallback
to the software implementation of the algorithms.

This supports the use case where vulner

core: ecc: support the crypto driver

Provide an interface that cryptographic IC drivers can use to fallback
to the software implementation of the algorithms.

This supports the use case where vulnerabilities in the IC algorithms
can be addressed without a respin of the hardware.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: tee_svc_storage: remove unused local variable

Removes file local variable from syscall_storage_obj_open() that is
not used.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewe

core: tee_svc_storage: remove unused local variable

Removes file local variable from syscall_storage_obj_open() that is
not used.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

Use struct utee_object_info in TA syscall abi

TEE_ObjectInfo was until now used in the syscall ABI provided to TAs.
TEE_ObjectInfo changes in later versions of the TEE Internal Core API so
add an in

Use struct utee_object_info in TA syscall abi

TEE_ObjectInfo was until now used in the syscall ABI provided to TAs.
TEE_ObjectInfo changes in later versions of the TEE Internal Core API so
add an independent definition with struct utee_object_info in order to
preserve a stable ABI.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: update to new field names in TEE_ObjectInfo

With GP TEE Internal Core API version 1.1.1 the two fields keySize and
maxKeySize was renamed to objectSize and maxObjectSize respectively.
Update t

core: update to new field names in TEE_ObjectInfo

With GP TEE Internal Core API version 1.1.1 the two fields keySize and
maxKeySize was renamed to objectSize and maxObjectSize respectively.
Update the rest of the core code to reflect that change as a preparation
for future updates.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

dts: stm32: reorder node in ST stm32mp15 board DTS files

Fixes node ordering in stm32mp15 DTS files where nodes shall be listed
in the alphabetical order of the node phandle labels.

Acked-by: Jerom

dts: stm32: reorder node in ST stm32mp15 board DTS files

Fixes node ordering in stm32mp15 DTS files where nodes shall be listed
in the alphabetical order of the node phandle labels.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

dts: stm32: sync GPIO-z node name with linux stm32mp151.dtsi

Upgrades pinctrl-z DTS node name to Linux v5.19 stm32mp151.dtsi file.
This change updates a related platform function that was based on t

dts: stm32: sync GPIO-z node name with linux stm32mp151.dtsi

Upgrades pinctrl-z DTS node name to Linux v5.19 stm32mp151.dtsi file.
This change updates a related platform function that was based on the
old node string name. It is changed to look for target compatible node
instead.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

dts: stm32: disable unused nodes in ST stm32mp15 boards DTS files

Disables nodes not consumed by OP-TEE for ST boards based on stm32mp15
devices.

Acked-by: Jerome Forissier <jerome.forissier@linaro

dts: stm32: disable unused nodes in ST stm32mp15 boards DTS files

Disables nodes not consumed by OP-TEE for ST boards based on stm32mp15
devices.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

dts: stm32: remove commented out GPIO properties in stm32mp157c-ev1

Deletes DTS file lines related to DT node properties not embedded in
OP-TEE.

Acked-by: Jerome Forissier <jerome.forissier@linaro.

dts: stm32: remove commented out GPIO properties in stm32mp157c-ev1

Deletes DTS file lines related to DT node properties not embedded in
OP-TEE.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

dts: fsl-lx2160a: add SecMon DTS node

Enable the secure-status property and disable the status property so
that the sec-mon node is only usable in the secure world.

Signed-off-by: Andrew Mustea <an

dts: fsl-lx2160a: add SecMon DTS node

Enable the secure-status property and disable the status property so
that the sec-mon node is only usable in the secure world.

Signed-off-by: Andrew Mustea <andrew.mustea@microsoft.com>
Reviewed-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

riscv: include: riscv.h: define generic CSR registers

To allow reading/writing CSR registers regardless the privilege mode
selected to build and boot OP-TEE OS.

Signed-off-by: Marouene Boubakri <ma

riscv: include: riscv.h: define generic CSR registers

To allow reading/writing CSR registers regardless the privilege mode
selected to build and boot OP-TEE OS.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
[jf: set author to be same as Signed-off-by:]
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...