core: sp: map device regions from SP manifest

Map the device regions defined in the SP manifest file into the SP's
context. In the manifest fdt the device's PA is overwritten with the VA
after mappi

core: sp: map device regions from SP manifest

Map the device regions defined in the SP manifest file into the SP's
context. In the manifest fdt the device's PA is overwritten with the VA
after mapping. This fdt is passed to the SP on boot and can be used by
the SP to determine the VA of the device.

The content of the SP manifest is defined in the FF-A specification.
The devicetree binding for the SP manifest is defined at the link below.

Link: https://trustedfirmware-a.readthedocs.io/en/latest/components/ffa-manifest-binding.html
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>
Signed-off-by: Jelle Sels <jelle.sels@arm.com>

show more ...

core: sp_mem: add security attribute

Currently sp_mem only supports non-secure memory. This patch enables
using it for secure memory too.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed

core: sp_mem: add security attribute

Currently sp_mem only supports non-secure memory. This patch enables
using it for secure memory too.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>
Signed-off-by: Jelle Sels <jelle.sels@arm.com>

show more ...

core: sp_mem: add memory type attribute

Currently sp_mem only supports TEE_MATTR_MEM_TYPE_CACHE memory type.
This patch adds support for using it with any type so it can be used
for device memory to

core: sp_mem: add memory type attribute

Currently sp_mem only supports TEE_MATTR_MEM_TYPE_CACHE memory type.
This patch adds support for using it with any type so it can be used
for device memory too.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>
Signed-off-by: Jelle Sels <jelle.sels@arm.com>

show more ...

plat-stm32mp1: define backup register secure accesses

Implements access permissions for stm32mp1 backup registers accesses.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: E

plat-stm32mp1: define backup register secure accesses

Implements access permissions for stm32mp1 backup registers accesses.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-stm32mp1: default embed stm32_tamp driver

Default enable CFG_STM32_TAMP in stm32mp1 platform configuration
with there is an embedded DTB.

Acked-by: Jerome Forissier <jerome.forissier@linaro.or

plat-stm32mp1: default embed stm32_tamp driver

Default enable CFG_STM32_TAMP in stm32mp1 platform configuration
with there is an embedded DTB.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: add stm32 tamper domain driver

Adds stm32_tamp driver for stm32mp1 TAMP sub-system. The implementation
only covers probing of the driver upon embedded DTB content and enabling
some secure c

drivers: add stm32 tamper domain driver

Adds stm32_tamp driver for stm32mp1 TAMP sub-system. The implementation
only covers probing of the driver upon embedded DTB content and enabling
some secure configuration.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: crypto: stm32_cryp: fix coding style issues

Removes spurious space characters in stm32_cryp driver implementation
to conform with optee_os coding style.

Reviewed-by: Jerome Forissier <jero

drivers: crypto: stm32_cryp: fix coding style issues

Removes spurious space characters in stm32_cryp driver implementation
to conform with optee_os coding style.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: crypto: stm32_cryp: probe as a dt_driver

Changes stm32_cryp driver to register as a DT driver and support
probe deferral on clock and reset controller resources.

Acked-by: Jerome Forissier

drivers: crypto: stm32_cryp: probe as a dt_driver

Changes stm32_cryp driver to register as a DT driver and support
probe deferral on clock and reset controller resources.

Acked-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: imx: add UART4 base address for iMX8QM/QP

Some iMX8QM boards use the UART4.

Acked-by: Clement Faure <clement.faure@nxp.com>
Signed-off-by: Clément Péron <peron.clem@gmail.com>

plat-stm32mp1: add STM32MP13 platform support

Add specific platform code for STM32MP13 initialization.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Gabriel Fernandez <gab

plat-stm32mp1: add STM32MP13 platform support

Add specific platform code for STM32MP13 initialization.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>

show more ...

clk: stm32mp13: add all clocks for STM32MP13

Registers all STM32PM13 clock with the clock framework.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Gabriel Fernandez <gabri

clk: stm32mp13: add all clocks for STM32MP13

Registers all STM32PM13 clock with the clock framework.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>

show more ...

clk: stm32mp13: Introduce STM32MP13 clocks platform

This driver uses a clk-stm32-core API to manage STM32 gates, dividers
and muxes.
The goal of this first patch is to parse the device tree and init

clk: stm32mp13: Introduce STM32MP13 clocks platform

This driver uses a clk-stm32-core API to manage STM32 gates, dividers
and muxes.
The goal of this first patch is to parse the device tree and initialize
a platform data to configure the clock tree.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>

show more ...

dt-bindings: stm32: add stm32mp13 clock and reset bindings

Add new clocks and reset binding files to manage STM32MP13 RCC.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Ga

dt-bindings: stm32: add stm32mp13 clock and reset bindings

Add new clocks and reset binding files to manage STM32MP13 RCC.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>

show more ...

plat-stm32mp1: add stub for clock parents registering for stm32mp13

No need to register secure clock parents for STM32MP13 platform.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-

plat-stm32mp1: add stub for clock parents registering for stm32mp13

No need to register secure clock parents for STM32MP13 platform.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>

show more ...

core: dt: add kernel DT API to retrieved device information from DT

Add _fdt_read_uint32_array(), _fdt_read_uint32(),
_fdt_read_uint32_default(), _fdt_check_node() functions.

Acked-by: Etienne Carr

core: dt: add kernel DT API to retrieved device information from DT

Add _fdt_read_uint32_array(), _fdt_read_uint32(),
_fdt_read_uint32_default(), _fdt_check_node() functions.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>

show more ...

core: imx: generate uImage for imx6 and imx7 platforms

In the standard NXP BSP boot-flow, for imx6 and imx7 platforms (ARMv7),
optee-os is booted by U-Boot as a uImage file.
The generation of this u

core: imx: generate uImage for imx6 and imx7 platforms

In the standard NXP BSP boot-flow, for imx6 and imx7 platforms (ARMv7),
optee-os is booted by U-Boot as a uImage file.
The generation of this uImage requires:
- optee-os load address. This address is fetched in the tee.elf file
with readelf.
- mkimage u-boot-tools. This tool takes the load address and the
tee-raw.bin as an input to generate the uImage uTee.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: sp: Pass manifest fdt to SP

Pass the SP manifest fdt to the SP inside the info struct. To be able to
pass the manifest we allocate and map a new page to the SP and copy the
fdt inside this pag

core: sp: Pass manifest fdt to SP

Pass the SP manifest fdt to the SP inside the info struct. To be able to
pass the manifest we allocate and map a new page to the SP and copy the
fdt inside this page. This is done to make sure that no other data in
the same page as the original fdt is leaked to the SP.
After the SP is done initializing we free the page from the SP.

Signed-off-by: Jelle Sels <jelle.sels@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: sp: Add magic value into info parameter

The info parameter passed to a SP at initialization should have the
magic value set to "FF-A".

Signed-off-by: Jelle Sels <jelle.sels@arm.com>
Acked-by:

core: sp: Add magic value into info parameter

The info parameter passed to a SP at initialization should have the
magic value set to "FF-A".

Signed-off-by: Jelle Sels <jelle.sels@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: sp: check manifest fdt

Check the SPs manifest fdt file to make sure that the correct manifest
is loaded for the SP.

Signed-off-by: Jelle Sels <jelle.sels@arm.com>
Acked-by: Jens Wiklander <je

core: sp: check manifest fdt

Check the SPs manifest fdt file to make sure that the correct manifest
is loaded for the SP.

Signed-off-by: Jelle Sels <jelle.sels@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: sp: Append fdt manifest to SP image

Sp use a manifest file that define information about the SP. A device
tree (fdt) will be used as a manifest file. This is in line with the
Hafnium SPMC mani

core: sp: Append fdt manifest to SP image

Sp use a manifest file that define information about the SP. A device
tree (fdt) will be used as a manifest file. This is in line with the
Hafnium SPMC manifest format.

The fdt will be appended to the SP image by adding a --manifest flag to
the scripts/ts_bin_to_c.py script.

Link: https://trustedfirmware-a.readthedocs.io/en/latest/components/ffa-manifest-binding.html
Signed-off-by: Jelle Sels <jelle.sels@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: crypto: fix key generation for SM2 DSA and SM2 PKE

TEE_GenerateKey() returns TEE_ERROR_BAD_FORMAT when the object type is
TEE_TYPE_SM2_DSA_KEYPAIR or TEE_TYPE_SM2_KEP_KEYPAIR. Only
TEE_TYPE_SM

core: crypto: fix key generation for SM2 DSA and SM2 PKE

TEE_GenerateKey() returns TEE_ERROR_BAD_FORMAT when the object type is
TEE_TYPE_SM2_DSA_KEYPAIR or TEE_TYPE_SM2_KEP_KEYPAIR. Only
TEE_TYPE_SM2_PKE_KEYPAIR is accepted, which is clearly wrong as per the
GlobalPlatform specification. Fix that by adding the missing entries to
syscall_obj_generate_key().

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: crypto: sm2: remove TEE_ATTR_ECC_CURVE attribute from SM2 keys

SM2 key objects should not have a TEE_ATTR_ECC_CURVE attribute. For
example, the GP specification states that TEE_GenerateKey() c

core: crypto: sm2: remove TEE_ATTR_ECC_CURVE attribute from SM2 keys

SM2 key objects should not have a TEE_ATTR_ECC_CURVE attribute. For
example, the GP specification states that TEE_GenerateKey() can be
called with no attribute for the various SM2 algorithms. The current
implementation uses the same attribute templates than generic ECC
algorithms, which is wrong. Define specific variants for SM2 so that
TEE_ATTR_ECC_CURVE is not required when generating or populating SM2
keys and is not output either by TEE_GetObjectBufferAttribute().

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: ltc: sm2: use proper curve during key generation

TEE_GenerateKey() generates an invalid key pair for SM2: the point is not
on the curve, it is on the NIST P256 curve instead. Fix this by looki

core: ltc: sm2: use proper curve during key generation

TEE_GenerateKey() generates an invalid key pair for SM2: the point is not
on the curve, it is on the NIST P256 curve instead. Fix this by looking
up the proper curve name before key generation.

Link: https://github.com/OP-TEE/optee_os/issues/5211
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: ltc: sm2: set curve by default when key type is SM2

crypto_asym_alloc_ecc_keypair() and crypto_asym_alloc_ecc_public_key()
should set the curve field of the ecc_key structure to TEE_ECC_CURVE_

core: ltc: sm2: set curve by default when key type is SM2

crypto_asym_alloc_ecc_keypair() and crypto_asym_alloc_ecc_public_key()
should set the curve field of the ecc_key structure to TEE_ECC_CURVE_SM2
when the key type is one of TEE_TYPE_SM2_{DSA,KEP,PKE}_KEYPAIR because
the user is not supposed to provide any TEE_ATTR_ECC_CURVE attribute,
contrary to other ECC algorithms.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: mm: fix mobj_shm_ops support .get_cattr()

ftrace use static shared memory returns an object of type mobj_shm_ops.
But the get_cattr function is not implemented in mobj_shm_ops.This will
cause

core: mm: fix mobj_shm_ops support .get_cattr()

ftrace use static shared memory returns an object of type mobj_shm_ops.
But the get_cattr function is not implemented in mobj_shm_ops.This will
cause ftrace to not work properly.

Signed-off-by: Lejia Zhang <zhanlej@gmail.com>
Suggested-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...