drivers: se050: Fix incorrect handling of se050 cipher operation mode

A boolean encrypt flag was being passed to the cipher init function
that instead expects a TEE_OperationMode enum. Given that th

drivers: se050: Fix incorrect handling of se050 cipher operation mode

A boolean encrypt flag was being passed to the cipher init function
that instead expects a TEE_OperationMode enum. Given that the enum
TEE_MODE_ENCRYPT has as a value of 0, encrypt and decrypt operations
were effectively swapped. This error has no practical effect on current
se050 mainline code because the only AES mode currently supported for
se050 is CTR, which ignores the passed value and always performs an
encrypt. But it needs to be fixed before adding support for ECB or CBC,
for example.

Signed-off-by: Dave Herron <dave.herron@gallagher.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jorge Ramirez-Ortiz <jorge@foundries.org>

show more ...

core: stmm: Remove pager constraint on stmm_sp_ops

Fix a memory layout issue when CFG_WITH_STMM_SP=y and CFG_WITH_PAGER=y.

Before this change were all StMM operation function handlers their
related

core: stmm: Remove pager constraint on stmm_sp_ops

Fix a memory layout issue when CFG_WITH_STMM_SP=y and CFG_WITH_PAGER=y.

Before this change were all StMM operation function handlers their
related resources being linked into the pager unpaged sections despite
they could be pageable. The reason is stmm_sp_ops is referenced in
helper function is_stmm_ctx() which is referenced in unpaged helper
function is_user_mode_ctx().

This change removes stmm_sp_ops reference pager constraint by using
an indirect reference in is_stmm_ctx().

Declare stmm_dump_state() in pager unpaged section and preserve
__rodata_unpaged attribute for stmm_sp_ops since ::dump_state
operation is called from unpaged context by abort_print_current_ts().

Co-developed-by: Timothée Cercueil <timothee.cercueil@st.com>
Signed-off-by: Timothée Cercueil <timothee.cercueil@st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core/link.mk, plat-rcar: introduce SRECFLAGS variable

.srec files are used to flash OPTEE on Rcar Gen3 using serial
mode. Serial mode downloader in Rcar does not recognize S2 records in
.srec files

core/link.mk, plat-rcar: introduce SRECFLAGS variable

.srec files are used to flash OPTEE on Rcar Gen3 using serial
mode. Serial mode downloader in Rcar does not recognize S2 records in
.srec files that objcopy generates by default. It allows only S3
records. Also, it requires correct load address present in .srec
files.

So, we need to provide additional flags to objcopy during tee.srec
file generation. This change introduces makefile variable SRECFLAGS
that can be used exactly for this task. Also it provides the correct
flags for rcar platform.

Note: at the begging tee.srec file was generated directly from tee.elf
and had correct load addresses. As the load address is wider than 24
bits, objcopy automatically used S3 records. But, later tee-raw.bin
were introduced and I changed source for tee.srec, so now it is
generated from tee-raw.bin. As tee-raw.bin have no load address
information this leads to incorrect tee.srec file.

Strictly speaking, only --adjust-vma option is required. As current
load address is wider than 24 bits, objcopy will switch to S3 records
automatically. But I prefer to have --srec-forceS3 option anyways: for
that unlikely chance that CFG_TZDRAM_START would be changed to
something much lower.

Fixes: e66c2639b6b ("plat: rcar: generate .srec file using gen_tee_bin")

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>

show more ...

core: arm: Add FF-A rxtx buffer for SPs

Rx/Rx buffers are used for SPs and the SPMC to exchange information.
This change implements the following FF-A messages for SPs:
FFA_RXTX_MAP_64 and FFA_RXTX_

core: arm: Add FF-A rxtx buffer for SPs

Rx/Rx buffers are used for SPs and the SPMC to exchange information.
This change implements the following FF-A messages for SPs:
FFA_RXTX_MAP_64 and FFA_RXTX_MAP_32 to have a SP map a rxtx buffer
FFA_RXTX_UNMAP to unmap the rxtx buffer
FFA_RX_RELEASE to release have the SP release the rx buffer

Signed-off-by: Jelle Sels <jelle.sels@arm.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: tee: move entry_std.c to core/tee

entry_std.* are not architecture-specific codes, therefore move
entry_std.c to core/tee and entry_std.h to core/include/tee.

Signed-off-by: Marouene Boubakri

core: tee: move entry_std.c to core/tee

entry_std.* are not architecture-specific codes, therefore move
entry_std.c to core/tee and entry_std.h to core/include/tee.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

core_mmu: Initialize MMU partition table after relocation

For virtualization support, we have multiple MMU partitions, one per
virtual machine. These partitions should be mapped to the default
parti

core_mmu: Initialize MMU partition table after relocation

For virtualization support, we have multiple MMU partitions, one per
virtual machine. These partitions should be mapped to the default
partition initially. With CFG_ASLR=y, the default_partition will be
relocated to a different VA. Hence shift the initialization of the
partition table after relocation.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>

show more ...

plat-stm32mp1: CFG_STM32MP1_SCMI_SIP=y embeds SCMI SiP SMC entry

Define configuration switch CFG_STM32MP1_SCMI_SIP=y/n to enable
SiP SMC platform entries in SCMI server.

Signed-off-by: Etienne Carr

plat-stm32mp1: CFG_STM32MP1_SCMI_SIP=y embeds SCMI SiP SMC entry

Define configuration switch CFG_STM32MP1_SCMI_SIP=y/n to enable
SiP SMC platform entries in SCMI server.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

drivers: scmi-msg: add scmi_smt_set_shared_buffer()

Dynamically set/release SCMI SMT shared buffer reference. This can be
used when the caller passes the SCMI SMT shared memory reference as part
of

drivers: scmi-msg: add scmi_smt_set_shared_buffer()

Dynamically set/release SCMI SMT shared buffer reference. This can be
used when the caller passes the SCMI SMT shared memory reference as part
of OP-TEE invocation parameters instead of using a statically allocated
buffer.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

drivers: scmi-msg: stub exported API functions

Stub exported API functions from SCMI message drivers to make
the implementation more flexible.

Signed-off-by: Etienne Carriere <etienne.carriere@lina

drivers: scmi-msg: stub exported API functions

Stub exported API functions from SCMI message drivers to make
the implementation more flexible.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: mm: move mobj.c to core/mm

mobj is abstract and it is used by many sources which are not
architecture-specific such as core/kernel, core/pta and
core/tee. Therefore, move mobj.c to core/mm and

core: mm: move mobj.c to core/mm

mobj is abstract and it is used by many sources which are not
architecture-specific such as core/kernel, core/pta and
core/tee. Therefore, move mobj.c to core/mm and its
corresponding header file mobj.h to core/include/mm.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: kernel: move embedded_ts.c to core/kernel

The embedded_ts.c code is not architecture-specific, therefore, move
it to core/kernel and move embedded_ts.h to core/include/kernel.

Signed-off-by:

core: kernel: move embedded_ts.c to core/kernel

The embedded_ts.c code is not architecture-specific, therefore, move
it to core/kernel and move embedded_ts.h to core/include/kernel.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: kernel: early_ta.c: remove unused zlib.h

The early_ta.c source includes zlib.h without using any code from it.
Moreover it may causes compilation errors due to the dependency to
CFG_EMBEDDED_T

core: kernel: early_ta.c: remove unused zlib.h

The early_ta.c source includes zlib.h without using any code from it.
Moreover it may causes compilation errors due to the dependency to
CFG_EMBEDDED_TS flag.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

mk: core: ta: make early TA compress optional

Define CFG_EARLY_TA_COMPRESS configuration switch to
allow platform to disable early TAs compression at build time.
Disabling the compression drasticall

mk: core: ta: make early TA compress optional

Define CFG_EARLY_TA_COMPRESS configuration switch to
allow platform to disable early TAs compression at build time.
Disabling the compression drastically reduces the amount of the
core heap required in the embedded part.

Enable the configuration by default for backward compatibility.

Suggested-by: Arnaud Pouliquen <arnaud.pouliquen@st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: fix compilation problem with trace level 0

- if CFG_TEE_CORE_LOG_LEVEL in build/common.mk set to zero,
optee_os doesn't compile
- error is:
core/arch/arm/kernel/unwind_arm64.c:77:6: Error: r

core: fix compilation problem with trace level 0

- if CFG_TEE_CORE_LOG_LEVEL in build/common.mk set to zero,
optee_os doesn't compile
- error is:
core/arch/arm/kernel/unwind_arm64.c:77:6: Error: redefinition of 'print_kernel_stack'
77 | void print_kernel_stack(void)
| ^~~~~~~~~~~~~~~~~~
in file, included from core/arch/arm/kernel/unwind_arm64.c:35:
core/include/kernel/unwind.h:15:20: Warning: previous definition of 'print_kernel_stack' was here
15 | static inline void print_kernel_stack(void)
| ^~~~~~~~~~~~~~~~~~

To avoid this error we assure the function is not redefined.

Signed-off-by: Moritz Lummerzheim <moritz.lummerzheim@campus.tu-berlin.de>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: arm: thread: use THREAD_ID_INVALID

Use macro THREAD_ID_INVALID instead of -1 in thread.c.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@f

core: arm: thread: use THREAD_ID_INVALID

Use macro THREAD_ID_INVALID instead of -1 in thread.c.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: fix wrong conditional expression in tee_ta_clear_busy()

When a ctx of a single instance user TA is first created,
lock_single_instance() is called in tee_ta_try_set_busy().
However, unlock_sin

core: fix wrong conditional expression in tee_ta_clear_busy()

When a ctx of a single instance user TA is first created,
lock_single_instance() is called in tee_ta_try_set_busy().
However, unlock_single_instance() is not called in
tee_ta_clear_busy() since ctx->initializing is still false.
It results that tee_ta_single_instance_thread is not reset
when CFG_CONCURRENT_SINGLE_INSTANCE_TA is not enabled.
So remove the wrong conditional expression and remove
"initializing" from tee_ta_ctx since it's no longer used.

Signed-off-by: RueiAnHu <Rayan.Hu@mediatek.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: kernel: move secstor_ta.c to core/tee

secstor_ta.c is not architecture-specific code, therefore
move it to core/tee.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by:

core: kernel: move secstor_ta.c to core/tee

secstor_ta.c is not architecture-specific code, therefore
move it to core/tee.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: kernel: move ree_fs_ta.c to core/tee

ree_fs_ta.c is not architecture-specific code, therefore
move it to core/tee.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Je

core: kernel: move ree_fs_ta.c to core/tee

ree_fs_ta.c is not architecture-specific code, therefore
move it to core/tee.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: kernel: move early_ta.c to core/tee

early_ta.c is not architecture-specific code,
therefore move it to core/tee.
Moves early_ta.h to core/include/kernel as well.

Signed-off-by: Marouene Bouba

core: kernel: move early_ta.c to core/tee

early_ta.c is not architecture-specific code,
therefore move it to core/tee.
Moves early_ta.h to core/include/kernel as well.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: kernel: move pseudo_ta.c to core/tee

pseudo_ta.c is not architecture-specific code,
therefore move it to core/tee.
pseudo_ta.h is already located under core/include/kernel

Signed-off-by: Maro

core: kernel: move pseudo_ta.c to core/tee

pseudo_ta.c is not architecture-specific code,
therefore move it to core/tee.
pseudo_ta.h is already located under core/include/kernel

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: kernel: move user_ta.c to core/tee

user_ta.c is not architecture-specific code, therefore
move it to core/tee.
user_ta.h is already located under core/include/kernel.

Signed-off-by: Marouene

core: kernel: move user_ta.c to core/tee

user_ta.c is not architecture-specific code, therefore
move it to core/tee.
user_ta.h is already located under core/include/kernel.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ls: enable CAAM ECC

Enabled CAAM ECC algorithm for all LS platforms.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

core: imx: enable CAAM ECC

Enabled CAAM ECC algorithm for all i.MX platforms.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

drivers: caam: implement NXP CAAM Driver - ECC

Add ECC CAAM driver.

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklande

drivers: caam: implement NXP CAAM Driver - ECC

Add ECC CAAM driver.

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: mm: Use nexus memory allocation api's in carve_out_phys_mem()

During discovery of the non-secure memory, the memory attributes like
address and size are stored as part of the core_mmu_phys_mem

core: mm: Use nexus memory allocation api's in carve_out_phys_mem()

During discovery of the non-secure memory, the memory attributes like
address and size are stored as part of the core_mmu_phys_mem
structure. Memory for this structure is allocated on the nexus heap
area. Subsequently, when memory for this structure is reallocated,
this is done using the plain realloc call. Use the nex_realloc api for
the reallocation.

Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>

show more ...