lib: libutils: trace.c: make print_core_id() architecture-independent

The function print_core_id() in is calling architecture-specific routines
to retrieve the core id. It is more relevant to create

lib: libutils: trace.c: make print_core_id() architecture-independent

The function print_core_id() in is calling architecture-specific routines
to retrieve the core id. It is more relevant to create a new abstract
function trace_ext_get_core_id() in lib/libutee/trace_ext.c that needs to
be implemented in the architecture-specific code. This is similar to
print_thread_id() which calls trace_ext_get_thread_id() implemented in
core/arch/arm/kernel/trace_ext.c

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: caam: acipher: initialize driver with the JR base address

Instead of systematically using the job ring 0 registers to initialize
the CAAM acipher drivers, use the job ring allocated to OPTE

drivers: caam: acipher: initialize driver with the JR base address

Instead of systematically using the job ring 0 registers to initialize
the CAAM acipher drivers, use the job ring allocated to OPTEE OS.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

drivers: caam: hash: initialize driver with the JR base address

Instead of systematically using the job ring 0 registers to initialize
the CAAM hash driver, use the job ring allocated to OPTEE OS.

drivers: caam: hash: initialize driver with the JR base address

Instead of systematically using the job ring 0 registers to initialize
the CAAM hash driver, use the job ring allocated to OPTEE OS.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: arm: lpae: fix build with large number of CPU cores

A compile time assertion is triggered by the following command:

$ make -j10 -s PLATFORM=vexpress-qemu_armv8a CFG_TEE_CORE_NB_CORE=128 \

core: arm: lpae: fix build with large number of CPU cores

A compile time assertion is triggered by the following command:

$ make -j10 -s PLATFORM=vexpress-qemu_armv8a CFG_TEE_CORE_NB_CORE=128 \
CFG_LPAE_ADDR_SPACE_BITS=40
In file included from core/arch/arm/mm/core_mmu_lpae.c:61:
core/arch/arm/mm/core_mmu_lpae.c: In function ‘core_init_mmu_prtn_ta_core’:
lib/libutils/isoc/include/assert.h:30:24: error: duplicate case value
30 | switch (0) { case 0: case ((x) ? 1: 0): default : break; } \
| ^~~~
core/arch/arm/mm/core_mmu_lpae.c:697:2: note: in expansion of macro ‘COMPILE_TIME_ASSERT’
697 | COMPILE_TIME_ASSERT(MAX_XLAT_TABLES <
| ^~~~~~~~~~~~~~~~~~~
lib/libutils/isoc/include/assert.h:30:16: note: previously used here
30 | switch (0) { case 0: case ((x) ? 1: 0): default : break; } \
| ^~~~
core/arch/arm/mm/core_mmu_lpae.c:697:2: note: in expansion of macro ‘COMPILE_TIME_ASSERT’
697 | COMPILE_TIME_ASSERT(MAX_XLAT_TABLES <
| ^~~~~~~~~~~~~~~~~~~
core/arch/arm/mm/core_mmu_lpae.c:708:8: warning: unused variable ‘ret’ [-Wunused-variable]
708 | bool ret = false;
| ^~~

The type used for struct mmu_partition::user_l1_table_idx, currently
uint8_t, is not wide enough. Fix the issue by using uint8_t or uint16_t
based on the value of MAX_XLAT_TABLES.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: dt_driver: probe drivers before/after crypto services

Changes drivers probing sequence to probe before and after core crypto
services that are initialized at service_init initcall level. It in

core: dt_driver: probe drivers before/after crypto services

Changes drivers probing sequence to probe before and after core crypto
services that are initialized at service_init initcall level. It intends
to support probing of drivers the crypto layer depends on (as those
registering to drvcrypt framework) as well as drivers that depend on
crypto services.

At early_init_late initcall level, root node is parsed and the
driver probing loop is run as prior this change. With this change
the probing loop may end-up unresolved dependencies hence another
round of driver probing is done at driver_init initcall level. Drivers
dependencies are expected to be resolved at that stage.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: dt_driver: helper for dependency on crypt service

Adds dt_driver_get_crypto() function to allow drivers to request
probe deferral when depending on core crypto services. For that purpose
tee_c

core: dt_driver: helper for dependency on crypt service

Adds dt_driver_get_crypto() function to allow drivers to request
probe deferral when depending on core crypto services. For that purpose
tee_cryp_init() is changed to call dt_driver_crypt_init_complete() once
crypt layer initialization completes.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

driver: atmel_trng: remove wrong assertion

Remove mistakenly added assert which will always trigger in debug
mode.

Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Clément Léger <cl

driver: atmel_trng: remove wrong assertion

Remove mistakenly added assert which will always trigger in debug
mode.

Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>

show more ...

core: imx: fix CAAM base address for i.MX8Q platforms

Fix CAAM base address for i.MX8QM/QXP platforms.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@

core: imx: fix CAAM base address for i.MX8Q platforms

Fix CAAM base address for i.MX8QM/QXP platforms.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: imx: add SC driver for i.MX8QM/QXP

Add the secure controller driver that implements:
- SCFW API
- SCU IPC functions
- SCU secure IPC initialization
The SCU driver relies on the MU driver

drivers: imx: add SC driver for i.MX8QM/QXP

Add the secure controller driver that implements:
- SCFW API
- SCU IPC functions
- SCU secure IPC initialization
The SCU driver relies on the MU driver to communicate with the security
controller.

Signed-off-by: Remi Koman <remi.koman@nxp.com>
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: imx_wdog: fix defined but not used with CFG_DT=n

Fix a defined but not used error when building with CFG_DT by moving
dt_wdog_match_table under the same ifdef block used by the device-tree

drivers: imx_wdog: fix defined but not used with CFG_DT=n

Fix a defined but not used error when building with CFG_DT by moving
dt_wdog_match_table under the same ifdef block used by the device-tree
block.

Acked-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Signed-off-by: Ricardo Salveti <ricardo@foundries.io>

show more ...

core: pm: fix incorrect flag check in pm_callback

Fix test error check that always return true with current
condition. The check must be done to identify if the
SUSPENDED flag has been set.

Fixes:

core: pm: fix incorrect flag check in pm_callback

Fix test error check that always return true with current
condition. The check must be done to identify if the
SUSPENDED flag has been set.

Fixes: 5920ec258f16 ("core: kernel: pm: refine suspend/resume sequence order")
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: atmel-rstc: add support for reset controller

This reset controller will be used by PSCI to reset the SoC.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <j

drivers: atmel-rstc: add support for reset controller

This reset controller will be used by PSCI to reset the SoC.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>

show more ...

drivers: stm32_cryp: prevent error trace when disabled

Changes stm32_crypt initialization function to not report an error
when the device is not defined or disabled in the embedded DT.

Prevents err

drivers: stm32_cryp: prevent error trace when disabled

Changes stm32_crypt initialization function to not report an error
when the device is not defined or disabled in the embedded DT.

Prevents error trace message seen at boot time:
E/TC:0 0 call_initcalls:43 Initcall __text_start + 0x0002b958 failed

Fixes: 5c3bcc386415 ("dts: stm32mp1: disable CRYP1 device")
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: dt: prevent build failure when CFG_DT is disabled

Fixes dt.h to prevent build failure when dt_driver.h is pre-compiled
while CFG_DT is disabled. Below are examples of such build error traces:

core: dt: prevent build failure when CFG_DT is disabled

Fixes dt.h to prevent build failure when dt_driver.h is pre-compiled
while CFG_DT is disabled. Below are examples of such build error traces:

core/include/kernel/dt_driver.h:61:29: warning: ‘enum dt_driver_type’ declared inside parameter list will not be visible outside of this definition or declaration
61 | void *data, enum dt_driver_type type);
| ^~~~~~~~~~~~~~
core/include/drivers/clk_dt.h: In function ‘clk_dt_register_clk_provider’:
core/include/drivers/clk_dt.h:101:15: error: ‘DT_DRIVER_CLK’ undeclared (first use in this function); did you mean ‘CFG_DRIVERS_CLK’?
101 | data, DT_DRIVER_CLK);
| ^~~~~~~~~~~~~

Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: move functions from tee_svc_storage.c to tee_rpmb_fs.c

tee_svc_storage_create_filename() and tee_svc_storage_create_dirname() are
only used in core/tee/tee_rpmb_fs.c, so move them there and ma

core: move functions from tee_svc_storage.c to tee_rpmb_fs.c

tee_svc_storage_create_filename() and tee_svc_storage_create_dirname() are
only used in core/tee/tee_rpmb_fs.c, so move them there and make them
static. Since they now have file scope they may as well be given shorter
names.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: move FS files out of CFG_WITH_USER_TA

Some files which are currently guarded with CFG_WITH_USER_TA should be
guarded with _CFG_WITH_SECURE_STORAGE or FS-specific configs (CFG_RPMB_FS,
CFG_RPMB

core: move FS files out of CFG_WITH_USER_TA

Some files which are currently guarded with CFG_WITH_USER_TA should be
guarded with _CFG_WITH_SECURE_STORAGE or FS-specific configs (CFG_RPMB_FS,
CFG_RPMB_FS). This will allow the use of secure storage from kernel code
when CFG_WITH_USER_TA=n.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: fix build dependencies for fs_htree.c

core/tee/fs_htree.c is used when CFG_REE_FS=y, and is also used by the
test PTA core/pta/tests/fs_htree.c. Rather than make the implementation
depend on t

core: fix build dependencies for fs_htree.c

core/tee/fs_htree.c is used when CFG_REE_FS=y, and is also used by the
test PTA core/pta/tests/fs_htree.c. Rather than make the implementation
depend on the test (CFG_TEE_CORE_EMBED_INTERNAL_TESTS), do the opposite.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: move tee_svc_storage_create_filename_dfh() to core/tee/tee_fs_rpc.c

tee_svc_storage_create_filename_dfh() is only used in
core/tee/tee_fs_rpc.c, so move it there, make it static and give it a

core: move tee_svc_storage_create_filename_dfh() to core/tee/tee_fs_rpc.c

tee_svc_storage_create_filename_dfh() is only used in
core/tee/tee_fs_rpc.c, so move it there, make it static and give it a
shorter name: create_filename().

Fundamentally, this function is needed when CFG_REE_FS=y but the whole
file core/tee/tee_svc_storage.c (which is the current location of this
function) essentially defines the storage syscalls for TAs and is
therefore not needed when CFG_WITH_USER_TA=n. If we want to later be
able to exclude it from the build while still providing secure storage
to kernel code, the function has to move.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: mmu: fix compile time assertion to allow 48-bit VA space

The compile time assertion on CFG_LPAE_ADDR_SPACE_BITS is inconsistent
with the one in <mm/core_mmu.h>. It should allow a 48-bit s

core: arm: mmu: fix compile time assertion to allow 48-bit VA space

The compile time assertion on CFG_LPAE_ADDR_SPACE_BITS is inconsistent
with the one in <mm/core_mmu.h>. It should allow a 48-bit size.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: lpae: remove always true conditional

The runtime conditional: 'if (CORE_MMU_BASE_TABLE_LEVEL == 0)' in
core_init_mmu_prtn_ta_core() is redundant with the preprocessor
conditional: '#if (CORE_M

core: lpae: remove always true conditional

The runtime conditional: 'if (CORE_MMU_BASE_TABLE_LEVEL == 0)' in
core_init_mmu_prtn_ta_core() is redundant with the preprocessor
conditional: '#if (CORE_MMU_BASE_TABLE_LEVEL == 0)'. Remove it.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: lpae: delete unused variable

Variable 'ret' in is not used so remove it. Fixes the following warning:

$ make -j10 -s PLATFORM=vexpress-qemu_armv8a CFG_LPAE_ADDR_SPACE_BITS=40
core/arch/arm/

core: lpae: delete unused variable

Variable 'ret' in is not used so remove it. Fixes the following warning:

$ make -j10 -s PLATFORM=vexpress-qemu_armv8a CFG_LPAE_ADDR_SPACE_BITS=40
core/arch/arm/mm/core_mmu_lpae.c: In function ‘core_init_mmu_prtn_ta_core’:
core/arch/arm/mm/core_mmu_lpae.c:708:22: warning: unused variable ‘ret’ [-Wunused-variable]
708 | bool ret = false;
| ^~~

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-sam: enable Atmel TRNG driver

Default embed Atmel TRNG in sama5d2 platform.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed

plat-sam: enable Atmel TRNG driver

Default embed Atmel TRNG in sama5d2 platform.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>

show more ...

drivers: add Atmel TRNG driver

This driver uses the device tree to probe the TRNG and then allows
random data to be queried using both hw_get_random_byte() and
crypto_rng_read().

Acked-by: Etienne

drivers: add Atmel TRNG driver

This driver uses the device tree to probe the TRNG and then allows
random data to be queried using both hw_get_random_byte() and
crypto_rng_read().

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>

show more ...

plat-sam: include sama5d2.h file necessary for some values

Defines that are in platform_config.h uses values from sama5d2.h file.
Include it to avoid dependency problems.

Acked-by: Etienne Carriere

plat-sam: include sama5d2.h file necessary for some values

Defines that are in platform_config.h uses values from sama5d2.h file.
Include it to avoid dependency problems.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>

show more ...

crypto: drivers: se050: object identifier range

With the introduction of the se050 APDU driver, external clients can
create persistent objects on the secure element non-volatile memory.

The unique

crypto: drivers: se050: object identifier range

With the introduction of the se050 APDU driver, external clients can
create persistent objects on the secure element non-volatile memory.

The unique identifiers for these objects do not necessarily need to
fall within the range defined for objects created using the
cyptographic operation interfaces (keypair_gen).

This commit fixes the use case where a key stored in the SE05x device
(for example via a cloud service communicating to the optee-client's
libseteec) is imported into the pkcs#11 database and then used for
authentication (ie, EC sign)

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...