drivers: stm32_gpio: use generic clock API

Replaces use of ST specific stm32mp_clk_xxx() clocks functions in
favor to OP-TEE generic clock API functions clk_xxx() using
struct clk * as clock referen

drivers: stm32_gpio: use generic clock API

Replaces use of ST specific stm32mp_clk_xxx() clocks functions in
favor to OP-TEE generic clock API functions clk_xxx() using
struct clk * as clock references. Updates STM32 GPIO driver.

Reviewed-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_uart: use generic clock API

Replaces use of ST specific stm32mp_clk_xxx() clocks functions in
favor to OP-TEE generic clock API functions clk_xxx() using
struct clk * as clock referen

drivers: stm32_uart: use generic clock API

Replaces use of ST specific stm32mp_clk_xxx() clocks functions in
favor to OP-TEE generic clock API functions clk_xxx() using
struct clk * as clock references. Updates STM32 UART driver and
platform stm32mp1 console support.

Reviewed-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_i2c: use generic clock API

Replaces use of ST specific stm32mp_clk_xxx() clocks functions in
favor to OP-TEE generic clock API functions clk_xxx() using
struct clk * as clock referenc

drivers: stm32_i2c: use generic clock API

Replaces use of ST specific stm32mp_clk_xxx() clocks functions in
favor to OP-TEE generic clock API functions clk_xxx() using
struct clk * as clock references. Updates I2C driver and PMIC
that is a consumer of an I2C bus.

Reviewed-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_i2c: stm32_i2c_get_setup_from_fdt() returns TEE_Result

Change stm32_i2c interface function stm32_i2c_get_setup_from_fdt()
to return a TEE_Result code rather than a FDT error code.

Re

drivers: stm32_i2c: stm32_i2c_get_setup_from_fdt() returns TEE_Result

Change stm32_i2c interface function stm32_i2c_get_setup_from_fdt()
to return a TEE_Result code rather than a FDT error code.

Reviewed-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: clk: stm32mp15: convert clock reference to clock ID/GPIO bank

Add stm32mp_clock_id_to_clk() to allow some platform specific functions
to act on clock while based only on the clock DT bindin

drivers: clk: stm32mp15: convert clock reference to clock ID/GPIO bank

Add stm32mp_clock_id_to_clk() to allow some platform specific functions
to act on clock while based only on the clock DT binding ID used in
stm32mp1 old clock API functions.

Add stm32_get_gpio_bank_clk() to return the clock reference related to
a GPIO bank.

Reviewed-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-stm32mp1: default enable CFG_ENABLE_EMBEDDED_TESTS

Changes platform stm32m1 to default enable CFG_ENABLE_EMBEDDED_TESTS
rather than CFG_TEE_CORE_EMBED_INTERNAL_TESTS to get all embedded tests
s

plat-stm32mp1: default enable CFG_ENABLE_EMBEDDED_TESTS

Changes platform stm32m1 to default enable CFG_ENABLE_EMBEDDED_TESTS
rather than CFG_TEE_CORE_EMBED_INTERNAL_TESTS to get all embedded tests
support including the test interface PTAs.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: ree_fs_open(): close dirfile on error

Updates ree_fs_open() to close the dirfile on error. This should take
care of the rare case were the internal file handle in the dirfile has
been closed d

core: ree_fs_open(): close dirfile on error

Updates ree_fs_open() to close the dirfile on error. This should take
care of the rare case were the internal file handle in the dirfile has
been closed due to an error.

Fixes an error like:
E/TC:1 1 Core data-abort at address 0xc0 (translation fault)
E/TC:1 1 esr 0x96000006 ttbr0 0x600000e19a020 ttbr1 0x00000000 cidr 0x0
E/TC:1 1 cpu #1 cpsr 0x00000004
E/TC:1 1 x0 00000000000000c0 x1 0000000000000078
E/TC:1 1 x2 000000000e1a0c88 x3 000000000e1a0c28
E/TC:1 1 x4 0000000000000078 x5 000000000e128220
E/TC:1 1 x6 000000000000001f x7 0000000000000000
E/TC:1 1 x8 0000000000000000 x9 0000000000000000
E/TC:1 1 x10 0000000000000000 x11 0000000000000000
E/TC:1 1 x12 0000000000000000 x13 0000000040014f80
E/TC:1 1 x14 0000000000000000 x15 0000000000000000
E/TC:1 1 x16 000000000e12f318 x17 0000000000000000
E/TC:1 1 x18 0000000000000000 x19 0000000000000078
E/TC:1 1 x20 0000000000000000 x21 000000000e1a0c28
E/TC:1 1 x22 00000000ffffffff x23 000000000e1a0c88
E/TC:1 1 x24 000000000e1891c4 x25 000000000e17d1b0
E/TC:1 1 x26 000000000e17de50 x27 000000000e1891c4
E/TC:1 1 x28 0000000000000000 x29 000000000e1a0b90
E/TC:1 1 x30 000000000e128254 elr 000000000e128260
E/TC:1 1 sp_el0 000000000e1a0b90
E/TC:1 1 TEE load address @ 0xe100000
E/TC:1 1 Call stack:
E/TC:1 1 0x0e128260 ree_fs_read_primitive at core/tee/tee_ree_fs.c:311
E/TC:1 1 0x0e129324 read_dent at core/tee/fs_dirfile.c:89
E/TC:1 1 0x0e129770 tee_fs_dirfile_find at core/tee/fs_dirfile.c:213
E/TC:1 1 0x0e128f1c set_name at core/tee/tee_ree_fs.c:664
E/TC:1 1 0x0e125954 tee_svc_storage_init_file at core/tee/tee_svc_storage.c:297
E/TC:1 1 0x0e10d514 tee_svc_do_call at core/arch/arm/tee/arch_svc_a64.S:140
E/TC:1 1 0x0e1062ec thread_svc_handler at core/arch/arm/kernel/thread.c:1585 (discriminator 4)
E/TC:1 1 0x0e103618 el0_svc at core/arch/arm/kernel/thread_a64.S:651

Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

crypto: drivers: se050: rsa: sign_ssa error handling

SE NVM keys shall only be deleted using either the pkcs#11 interface
(if the key was created by pkcs#11) or the free_keypair crypto API
interface

crypto: drivers: se050: rsa: sign_ssa error handling

SE NVM keys shall only be deleted using either the pkcs#11 interface
(if the key was created by pkcs#11) or the free_keypair crypto API
interface and never as a result of some error handling operation.

Notice that calling free_keypair will invalidate any copy made of that
keypair since the keypair for a SE only holds a handle to the key
stored in the SE NVM.

Fixes: a3ca687d03b4 ("drivers: implement se050 driver")
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

crypto: drivers: se050: rsa: decrypt_es, validate the output buffer

The size of the decrypted output is not known until decryption has
happened.

Use an intermediate buffer large enough to guarantee

crypto: drivers: se050: rsa: decrypt_es, validate the output buffer

The size of the decrypted output is not known until decryption has
happened.

Use an intermediate buffer large enough to guarantee that the
decrypted message will fit.

This allows the driver to validate the size of the output buffer
passed in the interface.

Fixes: xtest pkcs11_1023

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

crypto: drivers: se050: rsa: fix OAEP and revert regression

Revert a regression introduced in the encrypt operation when swapping
buffers (fixes part of 'commit e1c70d7c88ab ("crypto: drivers: se050

crypto: drivers: se050: rsa: fix OAEP and revert regression

Revert a regression introduced in the encrypt operation when swapping
buffers (fixes part of 'commit e1c70d7c88ab ("crypto: drivers: se050:
fix rsa encrypt/decrypt")'

Fix misuse of the hash_algo field during OAEP encrypt/decrypt.

All tests passing
* xtest -t regression 4006

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

crypto: drivers: se050: rsa: add RSA_NOPAD enc/dec support

Commit 8563cdc537a9 ("drivers: crypto: se050: limitations to RSA
crypto") removed RSA_NOPAD support based on the Plug And Trust MW
document

crypto: drivers: se050: rsa: add RSA_NOPAD enc/dec support

Commit 8563cdc537a9 ("drivers: crypto: se050: limitations to RSA
crypto") removed RSA_NOPAD support based on the Plug And Trust MW
documentation, Release v02,14,00 (Apr 03, 2020).

That documentation was incorrect as RSA_NOPAD is indeed supported by
the secure element as described in the SE050 APDU specification [1],
section 4.3.14, table 32.

This commit restores the functionality and fixes previous bugs.

Validated on xtest 4006 and 4011.

[1] https://www.nxp.com/docs/en/application-note/AN12413.pdf

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: clk: stm32mp1: fix index ordering parent clock array

Fix order in stm32mp1_clk_parent_name[].

Reviewed-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <etie

drivers: clk: stm32mp1: fix index ordering parent clock array

Fix order in stm32mp1_clk_parent_name[].

Reviewed-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: clk: stm32mp1: fix HCLK6 parent clock

Fix get_parent_id_parent() the return HCLK6 parent clock that previous
implementation forbade.

Reviewed-by: Lionel Debieve <lionel.debieve@foss.st.com

drivers: clk: stm32mp1: fix HCLK6 parent clock

Fix get_parent_id_parent() the return HCLK6 parent clock that previous
implementation forbade.

Reviewed-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: clk: stm32mp1: fix BRSRAM parent clock reference

Fix reference to BKPSRAM parent clock for platform stm32mp1. No
functional change as parent clock reference used prior the change
(_PCLK5) l

drivers: clk: stm32mp1: fix BRSRAM parent clock reference

Fix reference to BKPSRAM parent clock for platform stm32mp1. No
functional change as parent clock reference used prior the change
(_PCLK5) led to the same parent clock rate value.

Reviewed-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: clk: stm32mp15: support RTC and MPU clocks

Add RTC and MPU clocks support to platform stm32mp1.

Reviewed-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <et

drivers: clk: stm32mp15: support RTC and MPU clocks

Add RTC and MPU clocks support to platform stm32mp1.

Reviewed-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: clk: stm32mp15: split oscillator and parent clock IDs

Use specific identifiers for root oscillators (prefixed OSC_) while
parent clock IDs are left unchanged.

Reviewed-by: Lionel Debieve <

drivers: clk: stm32mp15: split oscillator and parent clock IDs

Use specific identifiers for root oscillators (prefixed OSC_) while
parent clock IDs are left unchanged.

Reviewed-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: crypto: TEE_PopulateTransientObject() should check key size

The GlobalPlatform TEE Internal Core API specification specifies the
panic reasons for TEE_PopulateTransientObject() as follows:
"If

core: crypto: TEE_PopulateTransientObject() should check key size

The GlobalPlatform TEE Internal Core API specification specifies the
panic reasons for TEE_PopulateTransientObject() as follows:
"If the implementation detects any other error associated with this
function that is not explicitly associated with a defined return code
for this function.". There is no explicit return code for the case of
an attribute that would be an invalid key length for the specified
algorithm, but it seems that panicking the TA would be permitted and
even desirable in order to prevent other issues with subsequent calls
using such a key.

Add a key size check to tee_svc_cryp_obj_populate_type() so that
syscall_cryp_obj_populate() will return TEE_ERROR_BAD_PARAMETER when
a key of invalid length is supplied. This error code is converted into
a panic by TEE_PopulateTransientObject().

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: crypto: DSA key size is given by TEE_ATTR_DSA_PRIME

The size of a DSA key is the size of the prime number (p) and not the
size of the subprime (q). Therefore the size indicator flag in the
def

core: crypto: DSA key size is given by TEE_ATTR_DSA_PRIME

The size of a DSA key is the size of the prime number (p) and not the
size of the subprime (q). Therefore the size indicator flag in the
definition of DSA cryptographic object attributes should be associated
with TEE_ATTR_DSA_PRIME, not with TEE_ATTR_DSA_SUBPRIME.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: caam: add imx8ulp CAAM HAL

Add imx8ulp CAAM HAL functions.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

core: imx: add support for i.MX8ULP

Add support for i.MX8ULP platform.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

drivers: caam: disable the use of interrupts for some platforms

On some i.MX platforms, all CAAM JRs share the same line of interrupts.
To avoid conflicts with the other job ring owners, skip the
en

drivers: caam: disable the use of interrupts for some platforms

On some i.MX platforms, all CAAM JRs share the same line of interrupts.
To avoid conflicts with the other job ring owners, skip the
enable/disable of job ring interruptions in OP-TEE CAAM driver.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: use a paged scattered array for DT drivers list

Fixes macro DEFINE_DT_DRIVER() to use SCATTERED_ARRAY_DEFINE_PG_ITEM()
that defines a pageable resources whereas SCATTERED_ARRAY_DEFINE_ITEM()
a

core: use a paged scattered array for DT drivers list

Fixes macro DEFINE_DT_DRIVER() to use SCATTERED_ARRAY_DEFINE_PG_ITEM()
that defines a pageable resources whereas SCATTERED_ARRAY_DEFINE_ITEM()
assumes array and its dependencies must be linked in the rodata_init
section. Indeed DT driver probing is done after pager is initialized.

Fixes: 61bdedea9452 ("core: define DT drivers using scattered arrays")
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

crypto: drivers: se050: ecc sign/verify padding

Pad small messages with zeroes during sign/verify.

Fixes xtest pkcs11_1019.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Etienn

crypto: drivers: se050: ecc sign/verify padding

Pad small messages with zeroes during sign/verify.

Fixes xtest pkcs11_1019.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: plat-ls: ls1028a: fix uart address

Fix UART0_BASE address for LS1028 platform

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

drivers: crypto: se050: build Plug-and-Trust using the TEE makefiles

Building the Plug-and-Trust library required building OP-TEE first in
order to get some architecture specific definitions.
This m

drivers: crypto: se050: build Plug-and-Trust using the TEE makefiles

Building the Plug-and-Trust library required building OP-TEE first in
order to get some architecture specific definitions.
This makes the integration with yocto metas unnecessarily complex.

The following commit simplifies the build sequence: the user would
need to clone the Plug-and-Trust tree [1] to an accessible location in
the filesystem and then build OP-TEE as usual passing the path to the
Plug-and-Trust tree in CFG_NXP_SE05X_PLUG_AND_TRUST.

[1] https://github.com/foundriesio/plug-and-trust.git

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...