core: pager: add struct tblidx

Adds struct tblidx when referring to entries associated with an area
(struct tee_pager_area). This should make a few table indexes a bit less
ambiguous.

Reviewed-by:

core: pager: add struct tblidx

Adds struct tblidx when referring to entries associated with an area
(struct tee_pager_area). This should make a few table indexes a bit less
ambiguous.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ls: set SGT properties for LS platforms

Set the following SGT properties for LS platforms:
* CFG_CAAM_SGT_ALIGN
* CFG_NXP_CAAM_SGT_V1/V2

Signed-off-by: Clement Faure <clement.faure@nxp.co

core: ls: set SGT properties for LS platforms

Set the following SGT properties for LS platforms:
* CFG_CAAM_SGT_ALIGN
* CFG_NXP_CAAM_SGT_V1/V2

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Sahil Malhotra <sahil.malhotra@nxp.com>

show more ...

core: imx: set SGT properties for imx platforms

Set the following SGT properties for imx platforms:
* CFG_CAAM_SGT_ALIGN
* CFG_NXP_CAAM_SGT_V1

Signed-off-by: Clement Faure <clement.faure@nxp.com>

core: imx: set SGT properties for imx platforms

Set the following SGT properties for imx platforms:
* CFG_CAAM_SGT_ALIGN
* CFG_NXP_CAAM_SGT_V1

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: caam: remove unused SGT functions

Remove not longer used SGT functions.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

drivers: caam: use CAAM DMA object in math driver

Update the math driver to use the CAAM DMA object

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@lin

drivers: caam: use CAAM DMA object in math driver

Update the math driver to use the CAAM DMA object

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: caam: use CAAM DMA object in RSA

Update the RSA driver to use the CAAM DMA object

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

drivers: caam: use CAAM DMA object in Cipher

Update Cipher driver to use the CAAM DMA object
- Cipher AES/DES/DES3 all modes
- Cipher MAC

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Sign

drivers: caam: use CAAM DMA object in Cipher

Update Cipher driver to use the CAAM DMA object
- Cipher AES/DES/DES3 all modes
- Cipher MAC

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: caam: use CAAM DMA object in HMAC

Update HMAC driver to use the CAAM DMA object

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Ac

drivers: caam: use CAAM DMA object in HMAC

Update HMAC driver to use the CAAM DMA object

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: caam: use CAAM DMA object in Hash

Update Hash driver to use the CAAM DMA object

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Ac

drivers: caam: use CAAM DMA object in Hash

Update Hash driver to use the CAAM DMA object

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: caam: add dmaobj descriptor functions

Add descriptor operation to handle caamdmaobj to set:
- SGT data type
- Extension length

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Acked-by

drivers: caam: add dmaobj descriptor functions

Add descriptor operation to handle caamdmaobj to set:
- SGT data type
- Extension length

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: caam: implement CAAM DMA Object

Implementation of a CAAM DMA object to:
- create a DMA object (SGT/buffer) based on input/output buffers
- reallocate a new buffer accessible from the CA

drivers: caam: implement CAAM DMA Object

Implementation of a CAAM DMA object to:
- create a DMA object (SGT/buffer) based on input/output buffers
- reallocate a new buffer accessible from the CAAM address space
- ensure buffer is cache aligned (for the output)

Implementation of CAAM DMA object functions to:
- cache maintenance
- free CAAM DMA object

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: caam: fix read of length of D component

Read the RSA D component with caam_read_val32() which handles
endianness.
The CAAM endianness might differ between IMX and LS platforms.

Signed-off-

drivers: caam: fix read of length of D component

Read the RSA D component with caam_read_val32() which handles
endianness.
The CAAM endianness might differ between IMX and LS platforms.

Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: mm: update description of vm.h exported functions

Update vm_va2pa() and vm_va2pa() inline description comments to
state these are not deprecated and add some details. These 2
functions are nee

core: mm: update description of vm.h exported functions

Update vm_va2pa() and vm_va2pa() inline description comments to
state these are not deprecated and add some details. These 2
functions are needed in debug mode to assert that va/pa conversion
is consistent with core implementation.

Move information about user mapping and ASID from core/mm/vm.h to
arm specific core_mmu.h since ASID is specific to Arm architectures.

Update style for vm_info_init() and vm_info_final() inline description
for consistency in the header file.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: mobj: some mobjs may have no physical address

Change mobj_with_fobj_get_pa() to return TEE_ERROR_NOT_SUPPORTED
when a virtual memory address has no assigned physical address.
This can occ

core: arm: mobj: some mobjs may have no physical address

Change mobj_with_fobj_get_pa() to return TEE_ERROR_NOT_SUPPORTED
when a virtual memory address has no assigned physical address.
This can occur when the related memory is pageable and pager is enabled.
This is the only memory object for which the object physical address
range is volatile because under pager control.

With this change, mobj_get_pa() now can return TEE_ERROR_NOT_SUPPORTED
for mapped addresses. Only check_pa_matches_va() must be updated, all
other calls to mobj_get_pa() already handle the return code values
they need to.

Update check_pa_matches_va() to not panic when vm_va2pa() returns this
code because it can't convert the virtual address because the effective
physical address of the memory cell is volatile as when target memory
is paged and pager is enabled.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: mm: change vm_pa2va() to return a virtual address

Change vm_pa2va() to return target virtual address or NULL if the
physical address cannot be resolved which can happen when pager is
enabled a

core: mm: change vm_pa2va() to return a virtual address

Change vm_pa2va() to return target virtual address or NULL if the
physical address cannot be resolved which can happen when pager is
enabled and the target physical page belongs to the pager page pool.
This change makes vm_pa2va() helper function simpler and its only caller
doesn't differentiate error return codes.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: mm: initialize local variables

Add missing default initializer for local variables of the functions
related to memory address conversion in core_mmu.c.

Signed-off-by: Etienne Carriere <e

core: arm: mm: initialize local variables

Add missing default initializer for local variables of the functions
related to memory address conversion in core_mmu.c.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: introduce CFG_CORE_PAGE_TAG_AND_IV

Introduces CFG_CORE_PAGE_TAG_AND_IV which defaults to enabled if TA
paging is enabled. Can be used to disable tag and IV paging for paged
read-write pages.

core: introduce CFG_CORE_PAGE_TAG_AND_IV

Introduces CFG_CORE_PAGE_TAG_AND_IV which defaults to enabled if TA
paging is enabled. Can be used to disable tag and IV paging for paged
read-write pages.

Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: fobj_rw_paged_alloc() store tags and IVs in paged area

fobj_rw_paged_alloc() is updated to store tags and IVs in a designated
paged area instead of storing them in the heap. This avoids large

core: fobj_rw_paged_alloc() store tags and IVs in paged area

fobj_rw_paged_alloc() is updated to store tags and IVs in a designated
paged area instead of storing them in the heap. This avoids large heap
allocations which also would suffer from a fragmented heap.

The previous ops_rw_paged and struct fobj_rwp are now replaced by
ops_rwp_unpaged_iv and struct fobj_rwp_unpaged_iv respectively. These
are now only used to support the area where other tags and IVs are
stored.

A new ops_rwp_paged_iv and struct fobj_rwp_paged_iv are added for
using the designated paged area.

A fobj based on the ops_rwp_unpaged_iv ops is allocated and registered
with the pager via a callback registered with driver_init_late().

This effectively enables paging of IV and tags for pages mapping a TA.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: pager: support paging of tag and IV

Adds support for paging of the tag and IV protecting some read-write
fobjs. The tag and IV needed to decrypt/encrypt a page are accessed by
the pager. Since

core: pager: support paging of tag and IV

Adds support for paging of the tag and IV protecting some read-write
fobjs. The tag and IV needed to decrypt/encrypt a page are accessed by
the pager. Since the pager can't handle page fault caused by itself
special measures are taken to make sure that the needed tag and IV are
accessible when needed.

tee_pager_get_page() and tee_pager_load_page() are replaced by
pager_get_page() which does what the previous functions used plus the
additional logic to handle paging of tag and IV.

A new function tee_pager_init_iv_area() is added. It enables
registration of a read/write paged fobj spanning the area used for
storing all tags and IVs. This fobj must store its tags and IVs in
unpaged memory, for instance the heap.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: pager: small simplifications

Adds pmem_clear() and make_dirty_page() as small helper functions to avoid
some duplication of code.

Changes tee_pager_unhide_page() to take the virtual address o

core: pager: small simplifications

Adds pmem_clear() and make_dirty_page() as small helper functions to avoid
some duplication of code.

Changes tee_pager_unhide_page() to take the virtual address of the page
to unhide instead of an index into the translation table.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add fobj_get_iv_vaddr()

Adds fobj_get_iv_vaddr() which returns the virtual address of the tag
and IV needed to restore a particular page.

Acked-by: Etienne Carriere <etienne.carriere@linaro.o

core: add fobj_get_iv_vaddr()

Adds fobj_get_iv_vaddr() which returns the virtual address of the tag
and IV needed to restore a particular page.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add abort_is_write_fault()

Adds abort_is_write_fault() which returns true if the exception is a
data abort caused by an instruction trying to write at an address.

Acked-by: Etienne Carriere <

core: add abort_is_write_fault()

Adds abort_is_write_fault() which returns true if the exception is a
data abort caused by an instruction trying to write at an address.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm32: increase abort stack without crypto accelerations

In case CFG_CRYPTO_WITH_CE=n choose a larger abort stack since the C
implementation of AES-GCM uses a bit more stack than the one using

core: arm32: increase abort stack without crypto accelerations

In case CFG_CRYPTO_WITH_CE=n choose a larger abort stack since the C
implementation of AES-GCM uses a bit more stack than the one using the
crypto extensions.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-mediatek: add support for MT8175 SoC

Add OP-TEE support for MT8175 SoC.

Signed-off-by: Fabien Parent <fparent@baylibre.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

core: use memzero_explicit() to clear sensitive data of tee object

Using preferred memzero_explicit() to clear the sensitive attribute
data, which prevents the compiler from optimizing the call away

core: use memzero_explicit() to clear sensitive data of tee object

Using preferred memzero_explicit() to clear the sensitive attribute
data, which prevents the compiler from optimizing the call away.

Signed-off-by: Stefan Schmidt <snst@meek.de>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...