mediatek: enable CFG_ARM64_core by default

MediaTek platforms are most likely going to be built using ARM64, so
set the default value for CFG_ARM64_core to be 'y'.

Suggested-by: Jerome Forissier <j

mediatek: enable CFG_ARM64_core by default

MediaTek platforms are most likely going to be built using ARM64, so
set the default value for CFG_ARM64_core to be 'y'.

Suggested-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Fabien Parent <fparent@baylibre.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: replace assembly directive .align with .balign

The assembly directive .align is replaced by .balign to harmonize with
the recently added align parameter of FUNC() and LOCAL_FUNC().

On the arm

core: replace assembly directive .align with .balign

The assembly directive .align is replaced by .balign to harmonize with
the recently added align parameter of FUNC() and LOCAL_FUNC().

On the arm architecture .align is number of low-order bits location
counter must have after advancement. While .balign always is advancement
to the next multiple of this number.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: sm_a32.S: add missing .cantunwind

Adds missing .cantunwind directives to the two alternative exception
vectors sm_vect_table_a15 and sm_vect_table_bpiall.

Reviewed-by: Jerome Forissier <jerom

core: sm_a32.S: add missing .cantunwind

Adds missing .cantunwind directives to the two alternative exception
vectors sm_vect_table_a15 and sm_vect_table_bpiall.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: correct alignment for exception vectors

The FUNC and LOCAL_FUNC macros changes section so specifying alignment
before the function will be lost. This may break for instance usage of
sm_vect_ta

core: correct alignment for exception vectors

The FUNC and LOCAL_FUNC macros changes section so specifying alignment
before the function will be lost. This may break for instance usage of
sm_vect_table, depending on configuration. Fix this by passing required
alignment as a parameter to the macro.

Fixes: a31e8303cf2e ("Remove '.section .text.<name>' and use function macros instead")
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: deprecate register_dynamic_shm()

register_dynamic_shm() and register_ddr() does almost the same thing but
they cannot be used both in the same platform build. To straighten out
this confusion

core: deprecate register_dynamic_shm()

register_dynamic_shm() and register_ddr() does almost the same thing but
they cannot be used both in the same platform build. To straighten out
this confusion we're switching to use only register_ddr() which is a bit
more flexible than register_dynamic_shm() since the former automatically
creates holes in the memory map where there otherwise would be a fatal
conflict.

register_dynamic_shm() is deprecated and for backwards compatibility
reimplemented as a special variant of register_ddr().

MEM_AREA_RAM_NSEC is kept only as a way of establish a static map of
non-secure memory. For example CFG_BCM_ELOG_BASE for plat-bcm.

Acked-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: rpmb: check return value of encrypt_block()

Added error handling if call of function encrypt_block() fails
in tee_rpmb_req_pack().

Signed-off-by: Stefan Schmidt <snst@meek.de>
Reviewed-by: Je

core: rpmb: check return value of encrypt_block()

Added error handling if call of function encrypt_block() fails
in tee_rpmb_req_pack().

Signed-off-by: Stefan Schmidt <snst@meek.de>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

early_ta: use scattered array helpers

Simplifies the core linker script by replacing the hard coded
.rodata.early_ta section with use of SCATTERED_ARRAY_DEFINE_PG_ITEM()
instead.

Reviewed-by: Jerom

early_ta: use scattered array helpers

Simplifies the core linker script by replacing the hard coded
.rodata.early_ta section with use of SCATTERED_ARRAY_DEFINE_PG_ITEM()
instead.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat: zynqmp: use generic_ram_layout for defining dram layout

Switch to the generic generic_ram_layout header file for defining the
default dram layout. This allow allows the user to easily customiz

plat: zynqmp: use generic_ram_layout for defining dram layout

Switch to the generic generic_ram_layout header file for defining the
default dram layout. This allow allows the user to easily customize the
default dram base and size via CFG_TZDRAM_START/CFG_TZDRAM_SIZE.

Default values are still the same as previously set by platform_config.

Signed-off-by: Ricardo Salveti <ricardo@foundries.io>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat: zynqmp: force disable core ALSR

Disable core ASLR for two reasons:
1. There is no source for ALSR seed, as ATF does not provide a
DTB to OP-TEE. Hardware RNG is also not currently supported

plat: zynqmp: force disable core ALSR

Disable core ASLR for two reasons:
1. There is no source for ALSR seed, as ATF does not provide a
DTB to OP-TEE. Hardware RNG is also not currently supported.
2. OP-TEE does not boot with enabled CFG_CORE_ASLR.

Further investigation is needed to see why enabled ASLR causes
OP-TEE to not boot properly.

Signed-off-by: Ricardo Salveti <ricardo@foundries.io>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: rpmb: fix off-by-one in block index check

The max block index check in tee_rpmb_req_pack() is incorrect and would
fail when trying to access the last block of the partition.

Signed-off-by: Je

core: rpmb: fix off-by-one in block index check

The max block index check in tee_rpmb_req_pack() is incorrect and would
fail when trying to access the last block of the partition.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: scmi-msg: refine local header files

Change scmi-msg drivers to define/declare protocol resources in
protocol specific local file instead of from local common.h file.

Signed-off-by: Etienne

drivers: scmi-msg: refine local header files

Change scmi-msg drivers to define/declare protocol resources in
protocol specific local file instead of from local common.h file.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

drivers: scmi-msg: fix indentation

Fix minor indentation issue in voltage_domain.h.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

drivers: scmi-msg: Set SCMI version to 3

Update SCMI version to 3 as supported voltage domain protocol is
introduced in the version 3 of the specification.

Fixes: 006d89b8f49f ("drivers: scmi-msg:

drivers: scmi-msg: Set SCMI version to 3

Update SCMI version to 3 as supported voltage domain protocol is
introduced in the version 3 of the specification.

Fixes: 006d89b8f49f ("drivers: scmi-msg: add SCMI Voltage Domain protocol")
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

plat-stm32mp1: scmi: expose PWR regulators

Expose SoC PWR regulators as SCMI voltage domains to the non-secure
world. They are exposed to SCMI agent scmi0 that exposes SoC resources
used by non-secu

plat-stm32mp1: scmi: expose PWR regulators

Expose SoC PWR regulators as SCMI voltage domains to the non-secure
world. They are exposed to SCMI agent scmi0 that exposes SoC resources
used by non-secure world but controlled by secure world since RCC TZ
hardening configuration.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-stm32mp1: scmi: prepare platform SCMI voltage regulators

Define generic resources for stm32mp1 platform to support voltage
regulators exposed to SCMI agents through the voltage domain protocol.

plat-stm32mp1: scmi: prepare platform SCMI voltage regulators

Define generic resources for stm32mp1 platform to support voltage
regulators exposed to SCMI agents through the voltage domain protocol.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-stm32mp1: introduce PWR regulators

Introduce a voltage regulator driver for the voltage controllers
driven through PWR interface of stm32mp1 SoCs.

Signed-off-by: Etienne Carriere <etienne.carr

plat-stm32mp1: introduce PWR regulators

Introduce a voltage regulator driver for the voltage controllers
driven through PWR interface of stm32mp1 SoCs.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ffa: Fix the FF-A version returned to Secure Partition

The current Firmware Framework(FF-A) specification defines the major
version of 0x1 and minor version of 0x0. Return these values when
re

core: ffa: Fix the FF-A version returned to Secure Partition

The current Firmware Framework(FF-A) specification defines the major
version of 0x1 and minor version of 0x0. Return these values when
requested through the FFA_VERSION call instead of returning the
FFA_VERSION function id

Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: refactor locking during PTA init

tee_ta_init_pseudo_ta_session() locks tee_ta_mutex only when needed.
This makes this function similar to sec_part_init_session() and
tee_ta_init_user_ta_sessio

core: refactor locking during PTA init

tee_ta_init_pseudo_ta_session() locks tee_ta_mutex only when needed.
This makes this function similar to sec_part_init_session() and
tee_ta_init_user_ta_session() in usage.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: refactor locking during StMM load

sec_part_init_session() locks tee_ta_mutex only when needed. This avoids
a window where deadlock can occur in case pgt_alloc() goes to sleep.

Reviewed-by: Je

core: refactor locking during StMM load

sec_part_init_session() locks tee_ta_mutex only when needed. This avoids
a window where deadlock can occur in case pgt_alloc() goes to sleep.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: refactor locking during user TA load

tee_ta_init_user_ta_session() unlocks tee_ta_mutex while loading ldelf
and the user TA. This avoids a window where deadlock can occur in case
pgt_alloc() g

core: refactor locking during user TA load

tee_ta_init_user_ta_session() unlocks tee_ta_mutex while loading ldelf
and the user TA. This avoids a window where deadlock can occur in case
pgt_alloc() goes to sleep.

A new condition variable, tee_ta_init_cv, is added to signal that a TA
has changed state while initializing.

tee_ta_init_session_with_context waits for a TA context be fully
initialized before assigning it to another session.

This also simplifies tee_ta_try_set_busy() since it now doesn't have to
handle the case where it has to wait for a TA context to be fully
initialized.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Suggested-by: Opensource <opensource@sequiturlabs.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add CFG_CORE_MAX_SYSCALL_RECURSION

Adds CFG_CORE_MAX_SYSCALL_RECURSION to define the limit for the number
of levels TAs may call each other. If this number is too high we may run
over the thre

core: add CFG_CORE_MAX_SYSCALL_RECURSION

Adds CFG_CORE_MAX_SYSCALL_RECURSION to define the limit for the number
of levels TAs may call each other. If this number is too high we may run
over the thread stack in OP-TEE Core.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: use vaddr_t instead of uint32_t for object IDs

Some function incorrectly use uint32_t for object identifiers:
tee_obj_get(), tee_svc_cryp_get_state() and tee_svc_storage_get_enum().
Those obje

core: use vaddr_t instead of uint32_t for object IDs

Some function incorrectly use uint32_t for object identifiers:
tee_obj_get(), tee_svc_cryp_get_state() and tee_svc_storage_get_enum().
Those object IDs are actually virtual addresses so they need to be of
type vaddr_t.

Link: https://github.com/OP-TEE/optee_os/issues/4035#issuecomment-680037072
Signed-off-by: Jerome Forissier <jerome@forissier.org>

show more ...

plat-stm32mp1: add inline descriptions in pmic drivers

Add a bit of inline description comments in STM32MP1 PMIC driver.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jero

plat-stm32mp1: add inline descriptions in pmic drivers

Add a bit of inline description comments in STM32MP1 PMIC driver.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

plat-stm32mp1: factorize FDT parsing in pmic driver

Factorize looping into the FDT regulator nodes for STM32MP1 PMIC driver.
Boot-on, low power and non-secure access configuration are done for
each

plat-stm32mp1: factorize FDT parsing in pmic driver

Factorize looping into the FDT regulator nodes for STM32MP1 PMIC driver.
Boot-on, low power and non-secure access configuration are done for
each regulator sub-node of the PMIC node.

This change merges save_power_configurations() sequence into
parse_regulator_fdt_nodes() implementation. The sequence panics on
error as the previous implementation did. Some error level traces
are changed to debug level.

No functional changes.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

plat-stm32mp1: store PMIC regulators secure assignment

Implement stm32mp_nsec_can_access_regu() for non-secure service to
get whether a voltage regulator driven by PMIC can be accessed.
The status i

plat-stm32mp1: store PMIC regulators secure assignment

Implement stm32mp_nsec_can_access_regu() for non-secure service to
get whether a voltage regulator driven by PMIC can be accessed.
The status is set according to embedded FDT, based status value.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...