| 608bbb36 | 28-Mar-2025 |
Yu-Chien Peter Lin <peter.lin@sifive.com> |
core: fix configuration to disable stack protector
Fix the configuration to explicitly disable the compile
option of core stack protector.
Signed-off-by: Yu-Chien Peter Lin <peter.lin@sifive.com>
R
core: fix configuration to disable stack protector
Fix the configuration to explicitly disable the compile
option of core stack protector.
Signed-off-by: Yu-Chien Peter Lin <peter.lin@sifive.com>
Reviewed-by: Alvin Chang <alvinga@andestech.com>
show more ...
|
| 7d5b298b | 09-Apr-2025 |
Jens Wiklander <jens.wiklander@linaro.org> |
core: fix discovered ns-mem check
When discovering or assigning available non-secure physical memory it's
checked against overlaps with other memory types. Memory types reserving
virtual memory spac
core: fix discovered ns-mem check
When discovering or assigning available non-secure physical memory it's
checked against overlaps with other memory types. Memory types reserving
virtual memory space should be excluded including the two recently added
types MEM_AREA_NEX_DYN_VASPACE and MEM_AREA_TEE_DYN_VASPACE. This was
missed when the memory types where added so add the check to exclude
them now.
This fixes an error like:
E/TC:0 check_phys_mem_is_outside:455 Non-sec mem (0:0x60000000) overlaps map (type 10 0:0x100000)
E/TC:0 Panic at core/mm/core_mmu.c:459 <check_phys_mem_is_outside>
Fixes: 96f43358c593 ("core: add nex_dyn_vaspace and tee_dyn_vaspace areas")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
show more ...
|
| 205e39dd | 27-Mar-2025 |
Ricardo Salveti <ricardo@foundries.io> |
core: imx: disable CFG_CORE_HUK_SUBKEY_COMPAT_USE_OTP_DIE_ID with se05x
Commit fc80dabbd5a7 ("core: imx: enable
CFG_CORE_HUK_SUBKEY_COMPAT_USE_OTP_DIE_ID by default") created a
regression when se05x
core: imx: disable CFG_CORE_HUK_SUBKEY_COMPAT_USE_OTP_DIE_ID with se05x
Commit fc80dabbd5a7 ("core: imx: enable
CFG_CORE_HUK_SUBKEY_COMPAT_USE_OTP_DIE_ID by default") created a
regression when se05x is used on iMX platforms, as its own
implementation of tee_otp_get_die_id cannot be called so early in the
boot process, since the stack itself is not properly initialized at that
time.
Forcely disable CFG_CORE_HUK_SUBKEY_COMPAT_USE_OTP_DIE_ID when se05x is
used to restore back to the previous working behavior.
Signed-off-by: Ricardo Salveti <ricardo@foundries.io>
Acked-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Sahil Malhotra <sahil.malhotra@nxp.com>
show more ...
|
| e4662c01 | 02-Jan-2025 |
Gatien Chevallier <gatien.chevallier@foss.st.com> |
drivers: stm32_rifsc: remove semaphore acquisition when applying the conf
Remove the semaphore acquisition when applying the configuration
so that they are taken, if necessary, during the firewall b
drivers: stm32_rifsc: remove semaphore acquisition when applying the conf
Remove the semaphore acquisition when applying the configuration
so that they are taken, if necessary, during the firewall bus probe.
This avoids semaphores from being taken by OP-TEE when the peripheral
isn't used.
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
show more ...
|
| 0ae5ef34 | 03-Apr-2025 |
Thomas Bourgoin <thomas.bourgoin@foss.st.com> |
tree wide: fix header files dependencies in linker files
When linking with a generated linker script like kern.ld.S, dependencies
with header file are not regenerated.
Same issue as
commit acdc32afe
tree wide: fix header files dependencies in linker files
When linking with a generated linker script like kern.ld.S, dependencies
with header file are not regenerated.
Same issue as
commit acdc32afe18f ("mk/compile.mk: fix header dependency in .d file")
Add option -MP used to fix error generated when removing header files.
Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| a29ff3cf | 02-Apr-2025 |
Jens Wiklander <jens.wiklander@linaro.org> |
core: arm: ffa: enable FF-A version 1.2 for virtualization
With Xen version 4.20 released we can announce version 1.2 for OP-TEE
when negotiating the version to use. So remove the special check for
core: arm: ffa: enable FF-A version 1.2 for virtualization
With Xen version 4.20 released we can announce version 1.2 for OP-TEE
when negotiating the version to use. So remove the special check for
CFG_NS_VIRTUALIZATION=y when exchanging versions.
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
show more ...
|
| 71958437 | 26-Mar-2025 |
Rouven Czerwinski <r.czerwinski@pengutronix.de> |
drivers: imx_csu: add SA settings for i.MX6ULL
Add the CSU SA settings for i.MX6ULL. The i.MX6ULL implements the same
non-Trustzone aware masters as the i.MX6UL, so the same settings can be
used. Th
drivers: imx_csu: add SA settings for i.MX6ULL
Add the CSU SA settings for i.MX6ULL. The i.MX6ULL implements the same
non-Trustzone aware masters as the i.MX6UL, so the same settings can be
used. This setting ensures that no non-TrustZone aware master is able
to read secure memory. Information on the CSU SA register values were
taken from i.MX6ULL Security Reference Manual rev 0.
Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Sahil Malhotra <sahil.malhotra@nxp.com>
show more ...
|
| 49c6ad2a | 06-Jan-2025 |
Yu-Chien Peter Lin <peter.lin@sifive.com> |
core: riscv: add SiFive Unleashed and Unmatched board support
Add SiFive Unleashed and Unmatched board support.
Signed-off-by: Yu-Chien Peter Lin <peter.lin@sifive.com>
Reviewed-by: Samuel Holland
core: riscv: add SiFive Unleashed and Unmatched board support
Add SiFive Unleashed and Unmatched board support.
Signed-off-by: Yu-Chien Peter Lin <peter.lin@sifive.com>
Reviewed-by: Samuel Holland <samuel.holland@sifive.com>
Reviewed-by: Zong Li <zong.li@sifive.com>
Acked-by: Alvin Chang <alvinga@andestech.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
show more ...
|
| 298fa2db | 23-Jan-2025 |
Yu-Chien Peter Lin <peter.lin@sifive.com> |
core: drivers: support SiFive UART
Add sifive uart support.
Signed-off-by: Yu-Chien Peter Lin <peter.lin@sifive.com>
Reviewed-by: Samuel Holland <samuel.holland@sifive.com>
Reviewed-by: Zong Li <zo
core: drivers: support SiFive UART
Add sifive uart support.
Signed-off-by: Yu-Chien Peter Lin <peter.lin@sifive.com>
Reviewed-by: Samuel Holland <samuel.holland@sifive.com>
Reviewed-by: Zong Li <zong.li@sifive.com>
Acked-by: Alvin Chang <alvinga@andestech.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
show more ...
|
| 2e27ec6c | 12-Jan-2025 |
Yu-Chien Peter Lin <peter.lin@sifive.com> |
riscv: kernel: support booting non-contiguous non-zero-based hart IDs
Currently, OP-TEE assumes 0 <= hartid < CFG_TEE_CORE_NB_CORE,
and must be contiguous, which fails to accommodate different
CPU t
riscv: kernel: support booting non-contiguous non-zero-based hart IDs
Currently, OP-TEE assumes 0 <= hartid < CFG_TEE_CORE_NB_CORE,
and must be contiguous, which fails to accommodate different
CPU topologies. For example, some RISC-V platforms, such as
the HiFive Unmatched board, do not run Linux and OP-TEE on
hart0, as it is a monitor core without supervisor mode support.
To address this, introduce hart_index, which is used to index
per-hart structures, such as thread_core_local and root_pgt.
The hart_index will range from 0 to (CFG_TEE_CORE_NB_CORE - 1),
and the primary hart will have an index of 0.
Additionally, a new function, boot_primary_init_core_ids(),
is added to initialize secondary hart IDs for booting via
sbi_hsm_hart_start().
Signed-off-by: Yu-Chien Peter Lin <peter.lin@sifive.com>
Reviewed-by: Samuel Holland <samuel.holland@sifive.com>
Reviewed-by: Zong Li <zong.li@sifive.com>
Reviewed-by: Alvin Chang <alvinga@andestech.com>
show more ...
|
| 72fc7d74 | 12-Jan-2025 |
Yu-Chien Peter Lin <peter.lin@sifive.com> |
riscv: kernel: sbi: introduce sbi_hsm_hart_get_status() function
Introduce sbi_hsm_hart_get_status() function and add comment for
sbi_hsm_hart_start().
Signed-off-by: Yu-Chien Peter Lin <peter.lin@
riscv: kernel: sbi: introduce sbi_hsm_hart_get_status() function
Introduce sbi_hsm_hart_get_status() function and add comment for
sbi_hsm_hart_start().
Signed-off-by: Yu-Chien Peter Lin <peter.lin@sifive.com>
Reviewed-by: Samuel Holland <samuel.holland@sifive.com>
Reviewed-by: Zong Li <zong.li@sifive.com>
Reviewed-by: Alvin Chang <alvinga@andestech.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
show more ...
|
| e27b0796 | 25-Jan-2025 |
Yu-Chien Peter Lin <peter.lin@sifive.com> |
riscv: plat-virt: move stack alignment definition
The 16-byte stack alignment is a RISC-V ABI requirement
that applies to all RISC-V platforms. Move this definition
from the virt platform configurat
riscv: plat-virt: move stack alignment definition
The 16-byte stack alignment is a RISC-V ABI requirement
that applies to all RISC-V platforms. Move this definition
from the virt platform configuration to riscv.h.
Signed-off-by: Yu-Chien Peter Lin <peter.lin@sifive.com>
Reviewed-by: Samuel Holland <samuel.holland@sifive.com>
Reviewed-by: Zong Li <zong.li@sifive.com>
Reviewed-by: Alvin Chang <alvinga@andestech.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
show more ...
|
| e413d9ee | 12-Jan-2025 |
Yu-Chien Peter Lin <peter.lin@sifive.com> |
riscv: kernel: entry.S: remove unused boot_args array
The boot_args array is unused anywhere and its contents
are cleared during the zeroing of the .bss section, so it
serves no purpose. Removing it
riscv: kernel: entry.S: remove unused boot_args array
The boot_args array is unused anywhere and its contents
are cleared during the zeroing of the .bss section, so it
serves no purpose. Removing it simplifies the code.
Signed-off-by: Yu-Chien Peter Lin <peter.lin@sifive.com>
Reviewed-by: Samuel Holland <samuel.holland@sifive.com>
Reviewed-by: Zong Li <zong.li@sifive.com>
Reviewed-by: Alvin Chang <alvinga@andestech.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
show more ...
|
| 44388d37 | 01-Apr-2025 |
Sahil Malhotra <sahil.malhotra@nxp.com> |
core: imx: disable ELE on i.MX8ULP by default
On i.MX8ULP, there is only one MU to communicate with ELE,
which cannot be dedicated on OP-TEE side all the time.
There may be ELE services running on L
core: imx: disable ELE on i.MX8ULP by default
On i.MX8ULP, there is only one MU to communicate with ELE,
which cannot be dedicated on OP-TEE side all the time.
There may be ELE services running on Linux side, which can
cause conflict with OP-TEE, So disabling ELE by default.
Moreover i.MX8ULP also has CAAM, so HUK and Random number
are coming from CAAM.
Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 68059d72 | 23-Jan-2025 |
Ed Tubbs <ectubbs@gmail.com> |
plat-rockchip: rk3588: add OTP_S support and HUK
Add OTP_S support for Rockchip rk3588
Add tee_otp_get_hw_unique_key()
Signed-off-by: Ed Tubbs <ectubbs@gmail.com>
Acked-by: Etienne Carriere <etienn
plat-rockchip: rk3588: add OTP_S support and HUK
Add OTP_S support for Rockchip rk3588
Add tee_otp_get_hw_unique_key()
Signed-off-by: Ed Tubbs <ectubbs@gmail.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
show more ...
|
| 289ab1b4 | 26-Mar-2025 |
Jens Wiklander <jens.wiklander@linaro.org> |
core: pta: fix virt_to_phys() self tests
Only test on VCORE_FREE_* addresses if CFG_DYN_CONFIG=y since those
addresses otherwise are unmapped or even unassigned.
Fixes: a05b3a459a3b ("core: pta: ad
core: pta: fix virt_to_phys() self tests
Only test on VCORE_FREE_* addresses if CFG_DYN_CONFIG=y since those
addresses otherwise are unmapped or even unassigned.
Fixes: a05b3a459a3b ("core: pta: add self tests for virt_to_phys()")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
show more ...
|
| 949b0c0c | 15-Jan-2025 |
Aleksandr Iashchenko <aleksandr.iashchenko@linutronix.de> |
ta: enable ubsan support for TAs
Introduce CFG_TA_SANITIZE_UNDEFINED config to sanitize trusted
applications. If CFG_TA_SANITIZE_UNDEFINED is set sanitize flags are
propagated to internal TAs (avb,
ta: enable ubsan support for TAs
Introduce CFG_TA_SANITIZE_UNDEFINED config to sanitize trusted
applications. If CFG_TA_SANITIZE_UNDEFINED is set sanitize flags are
propagated to internal TAs (avb, pkcs11, remoteproc, trusted_keys) and
external TAs, which are built with the devkit.
Signed-off-by: Aleksandr Iashchenko <aleksandr.iashchenko@linutronix.de>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
show more ...
|
| ff3ed644 | 15-Jan-2025 |
Aleksandr Iashchenko <aleksandr.iashchenko@linutronix.de> |
ldelf: enable ubsan support
Ubsan support was previously limited to core code. This commit moves the
ubsan runtime implementation to libutils, making it available for ldelf
and trusted applications.
ldelf: enable ubsan support
Ubsan support was previously limited to core code. This commit moves the
ubsan runtime implementation to libutils, making it available for ldelf
and trusted applications.
As a result, ldelf will now be built with ubsan support when
CFG_CORE_SANITIZE_UNDEFINED is enabled.
Additionally, to avoid potential infinite recursion, ubsan
instrumentation is explicitly disabled for ubsan.c.
Signed-off-by: Aleksandr Iashchenko <aleksandr.iashchenko@linutronix.de>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
show more ...
|
| ea991d74 | 21-Mar-2025 |
Jens Wiklander <jens.wiklander@linaro.org> |
core: arm: remove THREAD_CORE_LOCAL_STACKCHECK_RECURSION
THREAD_CORE_LOCAL_STACKCHECK_RECURSION was introduced in the commit
b5ec8152f3e5 ("core: arm: refactor boot"). However, clearing the
stackche
core: arm: remove THREAD_CORE_LOCAL_STACKCHECK_RECURSION
THREAD_CORE_LOCAL_STACKCHECK_RECURSION was introduced in the commit
b5ec8152f3e5 ("core: arm: refactor boot"). However, clearing the
stackcheck_recursion flag from assembly during boot isn't needed since
the stack pointer is set up in synch with the recorded information in
thread_core_local. So remove the unnecessary clearing and remove
THREAD_CORE_LOCAL_STACKCHECK_RECURSION.
Reported-by: Alvin Chang <alvinga@andestech.com>
Closes: https://github.com/OP-TEE/optee_os/commit/b5ec8152f3e5ad8cc111952f0483f5cf903aac7c#r154088026
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
show more ...
|
| bace849d | 16-Dec-2024 |
Pascal Paillet <p.paillet@foss.st.com> |
plat-stm32mp1: conf: enable SCMI PERF for stm32mp13
Enable CFG_SCMI_MSG_PERF_DOMAIN for STM32MP13 that is used
to provide CPU OPP to linux.
Signed-off-by: Pascal Paillet <p.paillet@foss.st.com>
Rev
plat-stm32mp1: conf: enable SCMI PERF for stm32mp13
Enable CFG_SCMI_MSG_PERF_DOMAIN for STM32MP13 that is used
to provide CPU OPP to linux.
Signed-off-by: Pascal Paillet <p.paillet@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
show more ...
|
| 0cffa1df | 25-Nov-2024 |
Pascal Paillet <p.paillet@foss.st.com> |
plat-stm32mp1: SCMI performance domain for CPU DVFS
Implement scmi-msg perf protocol platform handlers to drive CPU
voltage/frequency scaling support.
Co-developed-by: Etienne Carriere <etienne.car
plat-stm32mp1: SCMI performance domain for CPU DVFS
Implement scmi-msg perf protocol platform handlers to drive CPU
voltage/frequency scaling support.
Co-developed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Pascal Paillet <p.paillet@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
show more ...
|
| f1cec17a | 25-Nov-2024 |
Pascal Paillet <p.paillet@foss.st.com> |
drivers: scmi-msg: support performance domains for DVFS
Implement some of the SCMI performance domain management messages
in scmi-msg drivers to support basic DVFS scenario.
Co-developed-by: Etienn
drivers: scmi-msg: support performance domains for DVFS
Implement some of the SCMI performance domain management messages
in scmi-msg drivers to support basic DVFS scenario.
Co-developed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Pascal Paillet <p.paillet@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
show more ...
|
| 2bfcd5de | 29-Jan-2025 |
Pascal Paillet <p.paillet@foss.st.com> |
drivers: stm32_cpu_opp: skip OPP unsupported by SOC
Use device ID to remove not supported OPP.
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Pascal Paillet <p.paillet@fos
drivers: stm32_cpu_opp: skip OPP unsupported by SOC
Use device ID to remove not supported OPP.
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Pascal Paillet <p.paillet@foss.st.com>
show more ...
|
| d87bbb8a | 25-Nov-2024 |
Pascal Paillet <p.paillet@foss.st.com> |
dts: stm32: describe supported-hw on CPU OPP for STM32MP13
Describe supported hardware for each OPP.
Signed-off-by: Pascal Paillet <p.paillet@foss.st.com>
Acked-by: Etienne Carriere <etienne.carrie
dts: stm32: describe supported-hw on CPU OPP for STM32MP13
Describe supported hardware for each OPP.
Signed-off-by: Pascal Paillet <p.paillet@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
show more ...
|
| d8aa45cc | 09-Dec-2024 |
Pascal Paillet <p.paillet@foss.st.com> |
plat-stm32mp1: chip and STM32MP15 platform identification
New platform function to get the chip identification using
DBGMCU SoC register.
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
plat-stm32mp1: chip and STM32MP15 platform identification
New platform function to get the chip identification using
DBGMCU SoC register.
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Pascal Paillet <p.paillet@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
show more ...
|