History log of /optee_os/core/ (Results 2151 – 2175 of 6495)
Revision Date Author Comments
(<<< Hide modified files)
(Show modified files >>>)
a40be7eb08-Dec-2022 Jorge Ramirez-Ortiz <jorge@foundries.io>

crypto: drivers: se050: rsa: fallback to softw-ops

Operations that require a public key might fallback to a software
based implementation.

Operations that require a private key might fallback to a

crypto: drivers: se050: rsa: fallback to softw-ops

Operations that require a public key might fallback to a software
based implementation.

Operations that require a private key might fallback to a software
based implementation as long as the private key is not in the secure
element.

Use CFG_NXP_SE05X_RSA_DRV_FALLBACK to enable this feature.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

f8dc366908-Dec-2022 Jorge Ramirez-Ortiz <jorge@foundries.io>

crypto: drivers: se050-f: rsa: fix support

The NXP SE050-F does not support raw RSA keys, only CRT types.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.

crypto: drivers: se050-f: rsa: fix support

The NXP SE050-F does not support raw RSA keys, only CRT types.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

73bc4c5908-Dec-2022 Jorge Ramirez-Ortiz <jorge@foundries.io>

crypto: drivers: se050: adaptor: provide the oefid interface

Not all the NXP SE05X secure elements provide the same level of
cryptographic support. This interface allows runtime identification
of th

crypto: drivers: se050: adaptor: provide the oefid interface

Not all the NXP SE05X secure elements provide the same level of
cryptographic support. This interface allows runtime identification
of the device under control

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

1d7bc98c12-Dec-2022 Gatien Chevallier <gatien.chevallier@foss.st.com>

plat-stm32mp1: remove stm32mp_is_closed_device()

Removes stm32mp_is_closed_device() platform function and related
resources as it is superseded by BSEC driver API function
stm32_bsec_get_state().

S

plat-stm32mp1: remove stm32mp_is_closed_device()

Removes stm32mp_is_closed_device() platform function and related
resources as it is superseded by BSEC driver API function
stm32_bsec_get_state().

Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

4b4b84a812-Dec-2022 Gatien Chevallier <gatien.chevallier@foss.st.com>

drivers: stm32_bsec: remove protection on debug configuration

Keeps stm32_bsec_write_debug_conf() out of CFG_STM32_BSEC_WRITE
purpose. This switch must protect OTP memory writes, not accesses
to BSE

drivers: stm32_bsec: remove protection on debug configuration

Keeps stm32_bsec_write_debug_conf() out of CFG_STM32_BSEC_WRITE
purpose. This switch must protect OTP memory writes, not accesses
to BSEC configuration registers.

CFG_STM32_BSEC_WRITE is now default enabled and not set to
CFG_TEE_CORE_DEBUG value.

Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

a638030b07-Dec-2022 Gatien Chevallier <gatien.chevallier@foss.st.com>

drivers: stm32_bsec: remove unused functions

Removes unused functions stm32_bsec_otp_lock() and
stm32_bsec_shadow_register().

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-o

drivers: stm32_bsec: remove unused functions

Removes unused functions stm32_bsec_otp_lock() and
stm32_bsec_shadow_register().

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

eab9487612-Dec-2022 Gatien Chevallier <gatien.chevallier@foss.st.com>

plat-stm32mp1: deprecate BSEC SIP services

As the interface is now managed using PTA BSEC, the
SMC SIP services can be set as deprecated.

It can be removed in few OP-TEE releases.

Signed-off-by: L

plat-stm32mp1: deprecate BSEC SIP services

As the interface is now managed using PTA BSEC, the
SMC SIP services can be set as deprecated.

It can be removed in few OP-TEE releases.

Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

dae611ea07-Dec-2022 Gatien Chevallier <gatien.chevallier@foss.st.com>

pta: stm32mp: enable BSEC PTA

Default enables the BSEC PTA for STM32MP15x and STM32MP13x.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.che

pta: stm32mp: enable BSEC PTA

Default enables the BSEC PTA for STM32MP15x and STM32MP13x.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

4583de0612-Dec-2022 Gatien Chevallier <gatien.chevallier@foss.st.com>

pta: stm32mp: add BSEC PTA

Add BSEC PTA to offer an interface with One Time Programmed resources
(OTPs) of stm32mp1x platforms.

This interface allows non-secure world clients to get the state of
th

pta: stm32mp: add BSEC PTA

Add BSEC PTA to offer an interface with One Time Programmed resources
(OTPs) of stm32mp1x platforms.

This interface allows non-secure world clients to get the state of
the BSEC, and read and write the OTPs. The REE has restricted
access on OTPs, the policy is defined in the embedded DT.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

ee649fe812-Dec-2022 Gatien Chevallier <gatien.chevallier@foss.st.com>

dts: stm32: correct BSEC nodes compatible for stm32mp13

Device tree alignment with kernel and latest binding for BSEC node:
the rev2.0 is used on STM32MP13x devices with the new compatible
compatibl

dts: stm32: correct BSEC nodes compatible for stm32mp13

Device tree alignment with kernel and latest binding for BSEC node:
the rev2.0 is used on STM32MP13x devices with the new compatible
compatible = "st,stm32mp13-bsec".

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

e090bb5a12-Dec-2022 Gatien Chevallier <gatien.chevallier@foss.st.com>

drivers: stm32_bsec: update for stm32mp13

Adds support for stm32mp13x platforms in BSEC driver.
Permanent lock status is updated without reset.

Signed-off-by: Patrick Delaunay <patrick.delaunay@fos

drivers: stm32_bsec: update for stm32mp13

Adds support for stm32mp13x platforms in BSEC driver.
Permanent lock status is updated without reset.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

d6df31b012-Dec-2022 Gatien Chevallier <gatien.chevallier@foss.st.com>

drivers: stm32_bsec: add low power management

Adds low power management in BSEC driver to save and restore
the debug settings.

It is a preliminary step for BSEC support on STM32MP13.

Signed-off-by

drivers: stm32_bsec: add low power management

Adds low power management in BSEC driver to save and restore
the debug settings.

It is a preliminary step for BSEC support on STM32MP13.

Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

7dfc80ab12-Dec-2022 Gatien Chevallier <gatien.chevallier@foss.st.com>

drivers: stm32_bsec: add new generic interfaces

Exports generic functions to retrieve the BSEC state and check
if a fuse can be read depending on the BSEC current state.
Adds some robustness in the

drivers: stm32_bsec: add new generic interfaces

Exports generic functions to retrieve the BSEC state and check
if a fuse can be read depending on the BSEC current state.
Adds some robustness in the driver to enforce security when
trying to access a fuse.

It is a preliminary step for BSEC PTA introduction.

Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

d5d94b3502-Nov-2022 Clément Léger <clement.leger@bootlin.com>

drivers: atmel_wdt: enable watchdog reset

In order to reset the system rather that using an interrupt handler, set
the WDT_MR_WDRSTEN bit which allows to reboot the system.

Signed-off-by: Clément L

drivers: atmel_wdt: enable watchdog reset

In order to reset the system rather that using an interrupt handler, set
the WDT_MR_WDRSTEN bit which allows to reboot the system.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Suggested-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

d16bc0a922-Feb-2022 Clément Léger <clement.leger@bootlin.com>

dts: at91: fix reg address for secure PIO

The secure PIO controller is located at 0xfc039000 not 0xfc038000. Fix
this in all at91 device-trees.

Signed-off-by: Clément Léger <clement.leger@bootlin.c

dts: at91: fix reg address for secure PIO

The secure PIO controller is located at 0xfc039000 not 0xfc038000. Fix
this in all at91 device-trees.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

51a05df125-Jan-2022 Clément Léger <clement.leger@bootlin.com>

dts: sama5d2: set rstc, shdwc and rtc as secure

Set reset, shutdown and RTC controllers as secure.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked-by: Etienne Carriere <etienne.carri

dts: sama5d2: set rstc, shdwc and rtc as secure

Set reset, shutdown and RTC controllers as secure.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

c2daaa3725-Jan-2022 Clément Léger <clement.leger@bootlin.com>

drivers: atmel-shdwc: check secure status

Check for the shutdown controller secure-status property and if true,
then set it as secure.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked

drivers: atmel-shdwc: check secure status

Check for the shutdown controller secure-status property and if true,
then set it as secure.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

c2c7da1d25-Jan-2022 Clément Léger <clement.leger@bootlin.com>

drivers: atmel-rstc: check for secure status

Check for the reset controller secure-status property and if true, then
set it as secure.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked

drivers: atmel-rstc: check for secure status

Check for the reset controller secure-status property and if true, then
set it as secure.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

ae0e2fec27-Oct-2021 Clément Léger <clement.leger@bootlin.com>

dts: sama5d2: set sckc as secure

The slow clock controller is not used anymore by Linux, set it as
secure.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked-by: Etienne Carriere <etien

dts: sama5d2: set sckc as secure

The slow clock controller is not used anymore by Linux, set it as
secure.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

3fea76be27-Oct-2021 Clément Léger <clement.leger@bootlin.com>

dts: sama5d2: set pmc as secure

The PMC was not set as secure up to now but since all the PSCI support
allows using the PMC through it, set it as secure.

Signed-off-by: Clément Léger <clement.leger

dts: sama5d2: set pmc as secure

The PMC was not set as secure up to now but since all the PSCI support
allows using the PMC through it, set it as secure.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

21acbe5628-Jun-2021 Clément Léger <clement.leger@bootlin.com>

dts: sama5d2: set sfr as secure only

Now that all the drivers for the sfr components are present in OP-TEE,
we can safely set the sfr as secure.

Signed-off-by: Clément Léger <clement.leger@bootlin.

dts: sama5d2: set sfr as secure only

Now that all the drivers for the sfr components are present in OP-TEE,
we can safely set the sfr as secure.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

33e931b123-Dec-2022 Mark-PK Tsai <mark-pk.tsai@mediatek.com>

core: Correct the description of core_is_buffer_outside

Correct the function description of core_is_buffer_outside
in comment.

Signed-off-by: Mark-PK Tsai <mark-pk.tsai@mediatek.com>
Reviewed-by: J

core: Correct the description of core_is_buffer_outside

Correct the function description of core_is_buffer_outside
in comment.

Signed-off-by: Mark-PK Tsai <mark-pk.tsai@mediatek.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

3e8a614715-Dec-2022 Jens Wiklander <jens.wiklander@linaro.org>

core: crypto: fix TEE_ATTR_EDDSA_PREHASH interpretation

Commit 0aaad418ac8b ("core: crypto: add Ed25519 support") introduced
support for the ED25519 algorithm. This included parsing a
TEE_ATTR_EDDSA

core: crypto: fix TEE_ATTR_EDDSA_PREHASH interpretation

Commit 0aaad418ac8b ("core: crypto: add Ed25519 support") introduced
support for the ED25519 algorithm. This included parsing a
TEE_ATTR_EDDSA_PREHASH parameter that unfortunately was not fully
compliant with the standard. So fix this with a more strict
interpretation of TEE_ATTR_EDDSA_PREHASH as described in the
specification.

Fixes: 0aaad418ac8b ("core: crypto: add Ed25519 support")
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Valerii Chubar <valerii_chubar@epam.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

2373e1b901-Sep-2022 Jens Wiklander <jens.wiklander@linaro.org>

core: add overflow checks in crypto_aes_ccm_init()

aad_len and payload_len are of the type size_t which has a greater range
than int which is used for the corresponding arguments when passed to
ccm_

core: add overflow checks in crypto_aes_ccm_init()

aad_len and payload_len are of the type size_t which has a greater range
than int which is used for the corresponding arguments when passed to
ccm_init(). So to guard against wrapped or truncated values check that
the variables can be in a int first before calling ccm_init().

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

de1cd72220-Dec-2022 Jens Wiklander <jens.wiklander@linaro.org>

core: syscall_storage_obj_write(): handle corrupt object

All syscalls operating on an object handle and can return
TEE_ERROR_CORRUPT_OBJECT must also remove the object if the return code
is TEE_ERRO

core: syscall_storage_obj_write(): handle corrupt object

All syscalls operating on an object handle and can return
TEE_ERROR_CORRUPT_OBJECT must also remove the object if the return code
is TEE_ERROR_CORRUPT_OBJECT. This is missing in
syscall_storage_obj_write() so add the missing call to remove the object
if it is corrupt.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

1...<<81828384858687888990>>...260