| 35abff2f | 12-Jan-2022 |
Clément Léger <clement.leger@bootlin.com> |
driver: atmel_rtc: add driver for atmel RTC
On sama5d2, the RTC is included in a larger block of devices that can only be secured as a whole (RSTC, WDT, etc). Since these other peripherals needs to
driver: atmel_rtc: add driver for atmel RTC
On sama5d2, the RTC is included in a larger block of devices that can only be secured as a whole (RSTC, WDT, etc). Since these other peripherals needs to be secured, in order to still allow the RTC to be used from non-secure world, add a driver for the RTC which will be registered as the system RTC. The RTc PTA will then used this RTC to set/get time from Linux using a RTC driver that uses the TEE subsystem.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Signed-off-by: Clément Léger <clement.leger@bootlin.com>
show more ...
|
| cea1eb0b | 09-Feb-2022 |
Clément Léger <clement.leger@bootlin.com> |
pta: add PTA for RTC
On some systems, when the RTC is secured, there is no way for the normal world to access it. This PTA uses the RTC API to allow a Linux OP-TEE based RTC driver to communicate wi
pta: add PTA for RTC
On some systems, when the RTC is secured, there is no way for the normal world to access it. This PTA uses the RTC API to allow a Linux OP-TEE based RTC driver to communicate with the RTC that is secured.
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Signed-off-by: Clément Léger <clement.leger@bootlin.com>
show more ...
|
| f3f9432f | 10-Feb-2022 |
Clément Léger <clement.leger@bootlin.com> |
drivers: rtc: add RTC API
This API allows to interact with a RTC registered as the system RTC.
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@l
drivers: rtc: add RTC API
This API allows to interact with a RTC registered as the system RTC.
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> Signed-off-by: Clément Léger <clement.leger@bootlin.com>
show more ...
|
| e07514dc | 28-Feb-2022 |
Jerome Forissier <jerome@forissier.org> |
core: storage: do not check object ID buffer when its size is zero
The storage syscalls syscall_storage_obj_open(), syscall_storage_obj_create() and syscall_storage_obj_rename() must not call vm_che
core: storage: do not check object ID buffer when its size is zero
The storage syscalls syscall_storage_obj_open(), syscall_storage_obj_create() and syscall_storage_obj_rename() must not call vm_check_access_rights() on the object ID buffer when its length is zero, because it is a valid case but vm_check_access_rights() rejects such a buffer with TEE_ERROR_ACCESS_DENIED.
Signed-off-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 63740eac | 22-Feb-2022 |
Jerome Forissier <jerome@forissier.org> |
core: FS: make dirfile interface accept empty object ID
The TEE Internal Core API specification (v1.3.1) explicitly allows the use of an empty object ID in TEE_RenamePersistentObject(). The text is:
core: FS: make dirfile interface accept empty object ID
The TEE Internal Core API specification (v1.3.1) explicitly allows the use of an empty object ID in TEE_RenamePersistentObject(). The text is:
newObjectID, newObjectIDLen: A buffer containing the new object identifier. The identifier contains arbitrary bytes, including the zero byte. The identifier length SHALL be less than or equal to TEE_OBJECT_ID_MAX_LEN and can be zero.
(note the mention: "and can be zero").
Consequently, the OP-TEE filesystem code needs to accept an empty buffer as a valid object identifier.
The REE FS implementation is not currently compatible with this because a null struct dirfile_entry::oidlen is considered unused (free). In order to differentiate between a free entry and one that represents an object with an empty name, this commit adds a condition on the first byte of struct dirfile_entry::oid. When zero, the structure is free; when non-zero, it is the empty object ID. A new helper function is introduced (is_free()) and used instead of simple tests on !oidlen.
The tee_fs_dirfile_find() function is modified to be able to match the empty object ID. It used to interpret oidlen == 0 as a request to find a free entry; this logic is moved to an new function: tee_fs_dirfile_new().
The RPMB implementation (core/tee/tee_rpmb_fs.c) has no problem because it stores absolute object names including the TA UUID in a FAT structure like so: "/<TA UUID>/<Object ID in hexadecimal>". An empty object ID is therefore not a corner case.
Link: https://github.com/OP-TEE/optee_os/issues/5171 Reported-by: Sadiq Hussain <sadiq.muchumarri@intel.com> Signed-off-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| 2f35a7bc | 23-Feb-2022 |
Etienne Carriere <etienne.carriere@linaro.org> |
drivers: rstctrl: remove stm32_rstctrl legacy API functions
Removes stm32mp1 reset controllers legacy platform API functions and moves declaration of stm32mp_rcc_reset_id_to_rstctrl() next to the de
drivers: rstctrl: remove stm32_rstctrl legacy API functions
Removes stm32mp1 reset controllers legacy platform API functions and moves declaration of stm32mp_rcc_reset_id_to_rstctrl() next to the declaration of the remaining platform helper function related to reset controllers: stm32mp_nsec_can_access_reset().
Acked-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| 047c4fe1 | 23-Feb-2022 |
Etienne Carriere <etienne.carriere@linaro.org> |
drivers: crypto: stm32_cryp: use rstctrl resources
Changes stm32_cryp driver to use rstctrl resources. Driver panics upon rstctrl_dt_get_by_index() failure, even in case of driver probe deferral err
drivers: crypto: stm32_cryp: use rstctrl resources
Changes stm32_cryp driver to use rstctrl resources. Driver panics upon rstctrl_dt_get_by_index() failure, even in case of driver probe deferral error as stm32_cryp is not yet defined as a DT_DRIVER. Such port is out of the scope this change.
Acked-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| 29560614 | 23-Nov-2021 |
Etienne Carriere <etienne.carriere@linaro.org> |
plat-stm32mp1: scmi_server: use rstctrl resources
Change stm32mp1 SCMI server implementation to use rstctrl framework to handle reset controllers.
Acked-by: Jerome Forissier <jerome@forissier.org>
plat-stm32mp1: scmi_server: use rstctrl resources
Change stm32mp1 SCMI server implementation to use rstctrl framework to handle reset controllers.
Acked-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| 569d17b0 | 19-Nov-2021 |
Etienne Carriere <etienne.carriere@linaro.org> |
drivers: stm32_rstctrl reset controller for stm32mp1 platforms
Implement stm32 platforms reset controller device, embedded upon CFG_STM32_RSTCTRL=y.
The drivers exposes its reset controls to the dt
drivers: stm32_rstctrl reset controller for stm32mp1 platforms
Implement stm32 platforms reset controller device, embedded upon CFG_STM32_RSTCTRL=y.
The drivers exposes its reset controls to the dt_driver provider and with stm32mp1 platform legacy reset control API function: stm32_reset_assert(), stm32_reset_deassert() and stm32_reset_assert_deassert_mcu().
This change also removes source file stm32mp1_rcc.c that has moved to drivers/rstctrl/stm32_rstctrl.c but stm32_rcc_base() definition which is moved into to platform main.c.
Acked-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| ab875342 | 10-Feb-2022 |
Volodymyr Babchuk <volodymyr_babchuk@epam.com> |
plar: rcar: add initial support for Gen4
RCar Gen4 is the next generation of Renesas automotive chips. Currently only RCar S4 on board Spider is available. This platform has 8 CortexA55 cores with G
plar: rcar: add initial support for Gen4
RCar Gen4 is the next generation of Renesas automotive chips. Currently only RCar S4 on board Spider is available. This platform has 8 CortexA55 cores with GICv3.
This is patch adds minimal support, so not all Gen4 features are available. Namely, ROM API is not supported right now, so HW RNG and ASLR are disabled. Also, ATF does not provide DTB, so non-secure DDR ranges are hardcoded.
Apart from that, depending on external configuration, initial bootloader can use two different UARTs as console: either SCIF3 or HSCIF0. Thus, CFG_RCAR_UART is introduced.
Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 68c56642 | 10-Feb-2022 |
Volodymyr Babchuk <volodymyr_babchuk@epam.com> |
plat: rcar: enable GIC support
Enable GIC support in the same as it is done in other platforms.
Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com> Acked-by: Jens Wiklander <jens.wiklande
plat: rcar: enable GIC support
Enable GIC support in the same as it is done in other platforms.
Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 997ff827 | 08-Jun-2020 |
Cedric Neveux <cedric.neveux@nxp.com> |
drivers: crypto: add parameter checks for RSA signature
Add size check in the crypto driver for RSA sign and verify functions. For both functions, the encoded message length has some size constraint
drivers: crypto: add parameter checks for RSA signature
Add size check in the crypto driver for RSA sign and verify functions. For both functions, the encoded message length has some size constraints [1].
[1]: Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography https://datatracker.ietf.org/doc/html/rfc3447#section-9.1.1
Fixes: f5a70e3ef ("drivers: crypto: generic resources for crypto device driver - RSA") Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com> Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| 15a5e39d | 16-Feb-2022 |
Marc Kleine-Budde <mkl@pengutronix.de> |
plat-imx: Add SA settings for i.MX7DS
The Secure Access register configures the access mode for non-TrustZone aware DMA masters. To ensure that no DMA master can read the secure memory for OP-TEE, w
plat-imx: Add SA settings for i.MX7DS
The Secure Access register configures the access mode for non-TrustZone aware DMA masters. To ensure that no DMA master can read the secure memory for OP-TEE, we set access for all masters except the ARM CP15 register to non-secure only and lock the settings afterwards.
Acked-by: Clement Faure <clement.faure@nxp.com> Signed-off-by: Marc Kleine-Budde <mkl@pengutronix.de>
show more ...
|
| a7c3a045 | 15-Feb-2022 |
Volodymyr Babchuk <volodymyr_babchuk@epam.com> |
drivers: gic: replace spaces with tabs
No functional changes.
Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Etie
drivers: gic: replace spaces with tabs
No functional changes.
Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| 60801696 | 15-Feb-2022 |
Volodymyr Babchuk <volodymyr_babchuk@epam.com> |
plat: arm: refactor GIC initialization
All platforms (except STM32MP1) follow the same pattern during GIC initialization: get virtual addresses for distributor (and optionally, for CPU interface), c
plat: arm: refactor GIC initialization
All platforms (except STM32MP1) follow the same pattern during GIC initialization: get virtual addresses for distributor (and optionally, for CPU interface), check that they are not NULL, call either gic_init() or gic_init_base_addr().
We can move most of this logic into gic_init_base_addr(), while platform-specific code will supply only base physical addresses for distributor and CPU interface. This will simplify and align platform code.
ST32MP1 had more complex logic, as it used io_pa_or_va_secure() to get MMIO range addresses. However, as main_init_gic() called assert(cpu_mmu_enabled()), there is no sense in using io_pa_or_va_secure(), because we already ensured that VA will be always used. Thus assert() call was moved to gic_init_base_addr(), and STM32MP1 were aligned with other platforms.
Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| 6fdc9662 | 22-Feb-2022 |
Loïc Bauer <loic.bauer@socomec.com> |
drivers: stm32_gpio: Fix register access before enabling clocks
The valid_gpio_config() function accesses the GPIO register before the clock is enabled, which leads to the assert always failing when
drivers: stm32_gpio: Fix register access before enabling clocks
The valid_gpio_config() function accesses the GPIO register before the clock is enabled, which leads to the assert always failing when using stm32_gpio_set_output_level().
Signed-off-by: Loïc Bauer <loic.bauer@socomec.com> Acked-by: Jerome Forissier <jerome@forissier.org> Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
show more ...
|
| d7bbf3bd | 18-Feb-2022 |
Jorge Ramirez-Ortiz <jorge@foundries.io> |
drivers: crypto: se050: panic on initialization error
Failure to initialize the SE05x device is a critical operation as it will effectively disable ciphers configured at build time.
This also match
drivers: crypto: se050: panic on initialization error
Failure to initialize the SE05x device is a critical operation as it will effectively disable ciphers configured at build time.
This also matches the behaviour implemented by the other crypto drivers.
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Reviewed-by: Jerome Forissier <jerome@forissier.org>
show more ...
|
| 45800c40 | 23-Dec-2020 |
Sahil Malhotra <sahil.malhotra@nxp.com> |
core: ls: fix GIC offset for ls1043a rev1 and rev1.1
GIC offsets are different on ls1043a depending of the SoC revision 1 or 1.1
Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com> Signed-off-by
core: ls: fix GIC offset for ls1043a rev1 and rev1.1
GIC offsets are different on ls1043a depending of the SoC revision 1 or 1.1
Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com> Signed-off-by: Clement Faure <clement.faure@nxp.com> Acked-by: Jerome Forissier <jerome@forissier.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 0b983b2e | 16-Apr-2021 |
Clement Faure <clement.faure@nxp.com> |
core: ls: remove CAAM endianness definitions from conf.mk
Remove CAAM endianness definition (CFG_CAAM_LITTLE_ENDIAN and CFG_CAAM_BIG_ENDIAN) from conf.mk as it is already defined in crypto_conf.mk
core: ls: remove CAAM endianness definitions from conf.mk
Remove CAAM endianness definition (CFG_CAAM_LITTLE_ENDIAN and CFG_CAAM_BIG_ENDIAN) from conf.mk as it is already defined in crypto_conf.mk
Signed-off-by: Clement Faure <clement.faure@nxp.com> Acked-by: Jerome Forissier <jerome@forissier.org> Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| e752c173 | 11-Feb-2022 |
Chia-Wei Wang <chiawei_wang@aspeedtech.com> |
crypto/aspeed: ast2600: Add HACE HW hash support
Aspeed AST2600 Hash and Crypto Engine (HACE) is designated to accelerate the throughput of hash and symmetric encryption/decryption.
This patch adds
crypto/aspeed: ast2600: Add HACE HW hash support
Aspeed AST2600 Hash and Crypto Engine (HACE) is designated to accelerate the throughput of hash and symmetric encryption/decryption.
This patch adds the driver support for AST2600 HACE to provide HW-assisted hash for the SHA family. The initial driver structure for Aspeed crypto engines is also constructed.
Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com> Acked-by: Jerome Forissier <jerome@forissier.org>
show more ...
|
| 453d8327 | 14-Feb-2022 |
Jens Wiklander <jens.wiklander@linaro.org> |
core: change return type for tee_entry_std() TEE_Result
Changes the return type for the function tee_entry_std() to TEE_Result in order to make it independent of optee_smc.h. tee_entry_std() is also
core: change return type for tee_entry_std() TEE_Result
Changes the return type for the function tee_entry_std() to TEE_Result in order to make it independent of optee_smc.h. tee_entry_std() is also called from yielding_call_with_arg() and it doesn't make sense for that function to return values based on the SMC ABI.
With this we're doing an ABI change for FF-A, but that should not make a difference for the driver since that only test for 0 or !0. In addition if !0 is returned the communication has broken down completely so there not much left to recover from. Note that this patch does not require changes in the Linux kernel driver.
Acked-by: Marouene Boubakri <marouene.boubakri@nxp.com> Acked-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| d8158fea | 14-Feb-2022 |
Jens Wiklander <jens.wiklander@linaro.org> |
core: remove references to OPTEE_SMC_SHM_CACHED
Removes references to OPTEE_SMC_SHM_CACHED in architecture independent code, the references are replaces by TEE_MATTR_CACHE_CACHED which is more accur
core: remove references to OPTEE_SMC_SHM_CACHED
Removes references to OPTEE_SMC_SHM_CACHED in architecture independent code, the references are replaces by TEE_MATTR_CACHE_CACHED which is more accurate.
Acked-by: Marouene Boubakri <marouene.boubakri@nxp.com> Reviewed-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| aac71369 | 14-Feb-2022 |
Jens Wiklander <jens.wiklander@linaro.org> |
core: move NOTIF_VALUE_DO_BOTTOM_HALF assert to thread_optee_smc.c
Moves the compile assertion that NOTIF_VALUE_DO_BOTTOM_HALF matches OPTEE_SMC_ASYNC_NOTIF_VALUE_DO_BOTTOM_HALF in core/kernel/notif
core: move NOTIF_VALUE_DO_BOTTOM_HALF assert to thread_optee_smc.c
Moves the compile assertion that NOTIF_VALUE_DO_BOTTOM_HALF matches OPTEE_SMC_ASYNC_NOTIF_VALUE_DO_BOTTOM_HALF in core/kernel/notif.c to core/arch/arm/kernel/thread_optee_smc.c to keep dependencies to optee_smc.h in architecture specific code.
Acked-by: Marouene Boubakri <marouene.boubakri@nxp.com> Reviewed-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| db01e12d | 14-Feb-2022 |
Jens Wiklander <jens.wiklander@linaro.org> |
core: vm.c: don't include sm/optee_smc.h
sm/optee_smc.h isn't needed in this file any longer so remove the include statement.
Acked-by: Marouene Boubakri <marouene.boubakri@nxp.com> Reviewed-by: Je
core: vm.c: don't include sm/optee_smc.h
sm/optee_smc.h isn't needed in this file any longer so remove the include statement.
Acked-by: Marouene Boubakri <marouene.boubakri@nxp.com> Reviewed-by: Jerome Forissier <jerome@forissier.org> Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 44c8e3cb | 17-Sep-2018 |
Cedric Neveux <cedric.neveux@nxp.com> |
core: crypto: fix the RSA public key size for TA signature verification
The size of the RSA public key allocation should be based on the modulus size in bits.
Fixes: 064663e8b ("core: crypto: add s
core: crypto: fix the RSA public key size for TA signature verification
The size of the RSA public key allocation should be based on the modulus size in bits.
Fixes: 064663e8b ("core: crypto: add struct shdr helper functions") Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|