core: arm: declare struct mobj in thread_arch.h

Adds missing declaration of struct mobj in arm/kernel/thread_arch.h.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne C

core: arm: declare struct mobj in thread_arch.h

Adds missing declaration of struct mobj in arm/kernel/thread_arch.h.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-sam: enable CFG_ATMEL_TCB

Enable CFG_ATMEL_TCB to use the TCB as a time source instead of
CFG_SECURE_TIME_SOURCE_REE.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Cl

plat-sam: enable CFG_ATMEL_TCB

Enable CFG_ATMEL_TCB to use the TCB as a time source instead of
CFG_SECURE_TIME_SOURCE_REE.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>

show more ...

plat-sam: add timer clock driver

Add support for the TCB block that are present on the samad2. This
series add support for the TCB as a time source and register it using
REGISTER_TIME_SOURCE(). More

plat-sam: add timer clock driver

Add support for the TCB block that are present on the samad2. This
series add support for the TCB as a time source and register it using
REGISTER_TIME_SOURCE(). Moreover, on Linux, the tick is done using the
TCB since the sama5d2 does not have the ARM architected timers. Since
the time source used for the tick clocksource is probed early in the
boot process, the SCMI clock support which uses a platform driver is
not yet probed and thus the TCB can't be probe properly. To workaround
that problem, this driver enables the TCB clocks and the Linux
device-tree is modified to use "fixed-clock" clock instead of the TCB
SCMI ones.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>

show more ...

core: crypto: add X25519 support

This adds the X25519 core functionality and
enables support for Curve25519 key attribute
type for OP-TEE crypto syscalls.

Acked-by: Etienne Carriere <etienne.carrie

core: crypto: add X25519 support

This adds the X25519 core functionality and
enables support for Curve25519 key attribute
type for OP-TEE crypto syscalls.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Sohaib ul Hassan <sohaib.ul.hassan@unikie.com>

show more ...

core: libtomcrypt: Remove prng_state* NULL pointer check from x25519_make_key()

Calling x25519_make_key(prng_state *prng, int wprng, curve25519_key *key)
checks if prng_state is NULL. This would req

core: libtomcrypt: Remove prng_state* NULL pointer check from x25519_make_key()

Calling x25519_make_key(prng_state *prng, int wprng, curve25519_key *key)
checks if prng_state is NULL. This would require the caller to pass
a valid pointer. Initializing prng_state in some configurations
can get very large. For instance, xtest for X25519 key generation
causes the TA to panic due to stack overrun

F/TC:? 0 trace_syscall:151 syscall #54 (syscall_obj_generate_key)
E/TC:1 Dead canary at end of 'stack_abt[3]' (0xe1a01fc)
E/TC:1 Panic at core/kernel/thread.c:124 <thread_check_canaries>
E/TC:1 TEE load address @ 0xe100000
E/TC:1 Call stack:
E/TC:1 0x0e108934 print_kernel_stack at optee_os/core/arch/arm/kernel/unwind_arm64.c:80
E/TC:1 0x0e113f24 __do_panic at optee_os/core/kernel/panic.c:24
E/TC:1 0x0e116eb4 thread_check_canaries at optee_os/core/kernel/thread.c:115
E/TC:1 0x0e106a60 thread_handle_std_smc at optee_os/core/arch/arm/kernel/thread_optee_smc.c:56

OP-TEE registers a custom prng descriptor (prng_crypto_desc) used for
LTC asymmetric crypto operations and prng_state is not used.

The LTC_ARGCHK(prng != NULL) check is not present in the LTC key generation
functions for ECC, RSA, DH and DSA implementations.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Sohaib ul Hassan <sohaib.ul.hassan@unikie.com>

show more ...

core: libtomcrypt: Add X25519 support

This enables the X25519 implementation of libtomcrypt
and adds the OP-TEE wrapper function definitions

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

core: libtomcrypt: Add X25519 support

This enables the X25519 implementation of libtomcrypt
and adds the OP-TEE wrapper function definitions

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Sohaib ul Hassan <sohaib.ul.hassan@unikie.com>

show more ...

plat-ti: Remove extra license text as we have SPDX

No functional change here.

Signed-off-by: Andrew Davis <afd@ti.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

plat-sam: enable CFG_ATMEL_PIOBU by default

By default, enable CFG_ATMEL_PIOBU driver on plat-sam.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.foriss

plat-sam: enable CFG_ATMEL_PIOBU by default

By default, enable CFG_ATMEL_PIOBU driver on plat-sam.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>

show more ...

drivers: atmel_piobu: add driver

Add piobu driver which handle secumod GPIOs. This driver also handle
tampering interrupts on GPIOs which are configured as input with the
device-tree. For instance,

drivers: atmel_piobu: add driver

Add piobu driver which handle secumod GPIOs. This driver also handle
tampering interrupts on GPIOs which are configured as input with the
device-tree. For instance, the following device-tree excerpt allows to
set an input as an intrusion detection pin:

gpios = <0 PIOBU_PIN_INPUT(1, 1, PIOBU_PIN_PULL_DOWN,
PIOBU_PIN_DEF_LEVEL_LOW, PIOBU_PIN_WAKEUP_ENABLE)>;

In case of a tamper event, the source of the tampering will be
displayed.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>

show more ...

drivers: atmel_rtc: add atmel_rtc_get_tamper_timestamp()

The sama5d2 RTC actually hold the timestamp of the last tampering
attempt. Add a function to get the last time of tampering detection.

Acked

drivers: atmel_rtc: add atmel_rtc_get_tamper_timestamp()

The sama5d2 RTC actually hold the timestamp of the last tampering
attempt. Add a function to get the last time of tampering detection.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>

show more ...

plat-ti: Enable hardware RNG PTA

When the hardware RNG is available we should also enable
the HWRNG PTA so we can use it from the REE.

Signed-off-by: Andrew Davis <afd@ti.com>
Acked-by: Jens Wiklan

plat-ti: Enable hardware RNG PTA

When the hardware RNG is available we should also enable
the HWRNG PTA so we can use it from the REE.

Signed-off-by: Andrew Davis <afd@ti.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-ti: Add SM handler for setting AMBA IF in the WUGEN

This mirrors what is available as a ROM API. We implement this here as
OP-TEE's monitor replaces the ROM's monitor functions and we would lik

plat-ti: Add SM handler for setting AMBA IF in the WUGEN

This mirrors what is available as a ROM API. We implement this here as
OP-TEE's monitor replaces the ROM's monitor functions and we would like
to keep feature parity.

Signed-off-by: Andrew Davis <afd@ti.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: xiphera_trng: Add support for XIP8001B TRNG

Adds support for Xiphera's XIP8001B true random number generator.

XIP8001B is a FPGA IP core that can be synthesized in FPGA devices to
provide

drivers: xiphera_trng: Add support for XIP8001B TRNG

Adds support for Xiphera's XIP8001B true random number generator.

XIP8001B is a FPGA IP core that can be synthesized in FPGA devices to
provide TRNG source for device where it is missing like Xilinx Zynq-7000
and Xilinx Zynq MPSoC.

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Co-developed-by: Atte Tommiska <atte.tommiska@xiphera.com>
Signed-off-by: Atte Tommiska <atte.tommiska@xiphera.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: dt_driver: Add support for disabled devices

In systems where there are multiple instances of the devices like two TRNGs
where one is reserved for REE environment and one is for TEE environment

core: dt_driver: Add support for disabled devices

In systems where there are multiple instances of the devices like two TRNGs
where one is reserved for REE environment and one is for TEE environment
those can be defined in device tree in following way:

ree-trng {
status = "okay";
secure-status = "disabled";
...
}

tee-trng {
status = "disabled";
secure-status = "okay";
...
}

If OP-TEE has driver enabled for the device both devices will be probed.

Driver can detect device's 'status' and 'secure-status' settings and return
TEE_ERROR_NODE_DISABLED value for one that is not for its use.

This will indicate to device driver probing to continue without an error.

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: SP: Add dump state

Add dump state for SPs. This will make it possible for the symbolize
script to print SP call stack on a panic,

Signed-off-by: Jelle Sels <jelle.sels@arm.com>
Acked-by: Jens

core: SP: Add dump state

Add dump state for SPs. This will make it possible for the symbolize
script to print SP call stack on a panic,

Signed-off-by: Jelle Sels <jelle.sels@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers: imx_snvs: fix the is_otpmk_valid() logic

The logic wanted was the inverse of the one implemented.

Fixes: ea4f7ad67d ("drivers: imx_snvs: add master key selection")
Signed-off-by: Franck LE

drivers: imx_snvs: fix the is_otpmk_valid() logic

The logic wanted was the inverse of the one implemented.

Fixes: ea4f7ad67d ("drivers: imx_snvs: add master key selection")
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers: imx_snvs: fix SNVS register read operation

A coding mistake in the precedence order of C operators is causing
an incorrect read of the SNVS register. This error would return a wrong
board l

drivers: imx_snvs: fix SNVS register read operation

A coding mistake in the precedence order of C operators is causing
an incorrect read of the SNVS register. This error would return a wrong
board lifecycle state by snvs_get_security_cfg().

Fixes: 5cd93c5a ("drivers: imx_snvs: fix SNVS security configuration values")
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

plat-k3: Add DDR setup in k3 platform

This patch introduces DDR setup for possible use of
CFG_CORE_DYN_SHM/dynamic shared memory on k3 platform.

Acked-by: Jerome Forissier <jerome.forissier@linaro.

plat-k3: Add DDR setup in k3 platform

This patch introduces DDR setup for possible use of
CFG_CORE_DYN_SHM/dynamic shared memory on k3 platform.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Manorit Chawdhry <m-chawdhry@ti.com>
Signed-off-by: Ivan Mikhaylov <ivan.mikhaylov@siemens.com>

show more ...

plat-stm32mp1: conf: enable SCMI with MSG header

Changes stm32mp1 platform configuration to default enable
CFG_SCMI_MSG_SHM_MSG and not mandate SMT message header protocol support
when SCMI PTA serv

plat-stm32mp1: conf: enable SCMI with MSG header

Changes stm32mp1 platform configuration to default enable
CFG_SCMI_MSG_SHM_MSG and not mandate SMT message header protocol support
when SCMI PTA service are embedded. The reason is that SCMI client
using threaded execution of SCMI messages, through the SCMI PTA service,
may use TEE shared memory and MSG header to transfer SCMI messages
instead of SMT header messages over IOMEM shared memory.

CFG_SCMI_MSG_SMT must be enabled when using SCMI SIP SMC services which
uses IOMEM shared memory only.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: pta: scmi: new API to support MSG header communication protocol

in the SCMI PTA.
Adds a new capability and a new command to the SCMI PTA API to support
SCMI MSG header communication protocol.

core: pta: scmi: new API to support MSG header communication protocol

in the SCMI PTA.
Adds a new capability and a new command to the SCMI PTA API to support
SCMI MSG header communication protocol. Capability
PTA_SCMI_CAPS_MSG_HEADER allows client and service to negotiate the
desired transport configuration. Command PTA_SCMI_CMD_PROCESS_MSG_CHANNEL
allows client to request processing of a message sent based on that
message exchange protocol where input and output SCMI messages are
exchange using OP-TEE shared memory references provided by the
client.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: scmi-msg: add SCMI MSG message protocol

Implements MSG header protocol to handle SCMI messages. MSG header
protocol was introduced in Linux kernel v5.15 [1]. It relies on normal
cached shar

drivers: scmi-msg: add SCMI MSG message protocol

Implements MSG header protocol to handle SCMI messages. MSG header
protocol was introduced in Linux kernel v5.15 [1]. It relies on normal
cached shared memory buffer using a 32bit header followed by the SCMI
message payload.

To support this message interface, the SCMI PTA defines a new capability
and a new command. Capability PTA_SCMI_CAPS_MSG_HEADER allows client and
service to negotiate the desired transport configuration. Command
PTA_SCMI_CMD_PROCESS_MSG_CHANNEL allows client to request processing
of a message sent based on that message exchange protocol.

Platforms shall enable configuration switch CFG_SCMI_MSG_SHM_MSG to have
their SCMI service supporting that communication protocol.

Link: [1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f301bba0ca7392d16a6ea4f1d264a91f1fadea1a
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: imx_snvs: use snvs_is_device_closed() for RPMB key status

Call the function snvs_is_device_closed() to know if the platform is
closed or not in plat_rpmb_key_is_ready() instead of reading t

drivers: imx_snvs: use snvs_is_device_closed() for RPMB key status

Call the function snvs_is_device_closed() to know if the platform is
closed or not in plat_rpmb_key_is_ready() instead of reading the
platform security configuration.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers: caam: set OTP as master key

Before the CAAM initialization, set the OTP as the SNVS master key
if the device is in closed state.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-

drivers: caam: set OTP as master key

Before the CAAM initialization, set the OTP as the SNVS master key
if the device is in closed state.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

plat: imx: enable SNVS driver by default

Enable SNVS driver by default for the following platforms:
* imx6
* imx7
* imx8m

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Fo

plat: imx: enable SNVS driver by default

Enable SNVS driver by default for the following platforms:
* imx6
* imx7
* imx8m

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: imx: force CFG_IMX_UART to y for all imx6/7 and imx8m

Force the CFG_IMX_UART compilation flag to 'y' for all imx6/7 platforms
and imx8m platforms.
CFG_IMX_UART=n is an invalid configuration an

core: imx: force CFG_IMX_UART to y for all imx6/7 and imx8m

Force the CFG_IMX_UART compilation flag to 'y' for all imx6/7 platforms
and imx8m platforms.
CFG_IMX_UART=n is an invalid configuration and triggers a link error:
LD out/arm-plat-imx/core/all_objs.o
arm-none-linux-gnueabihf-ld.bfd: out/arm-plat-imx/core/arch/arm/plat-imx/main.o: in function `console_init'
core/arch/arm/plat-imx/main.c:113: undefined reference to `imx_uart_init'

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...