arm64: Disable outline-atomics when compiling

Disables the automatic detection of LSE (Large System Extension)
instructions when compiling AArch64 code. GCC 10 implements this
detection in libgcc us

arm64: Disable outline-atomics when compiling

Disables the automatic detection of LSE (Large System Extension)
instructions when compiling AArch64 code. GCC 10 implements this
detection in libgcc using __getauxval(), which OP-TEE doesn't implement.
This requires that the proper -mcpu is passed to GCC so that the code
can be correctly compiled to use either LSE or load-store-exclusive.

Fixes linker errors like the following when compiling with GCC 10:

aarch64-linux-ld.bfd: libgcc.a(lse-init.o):
in function `init_have_lse_atomics':
lse-init.c:44: undefined reference to `__getauxval'
core/arch/arm/kernel/link.mk:38:
recipe for target 'build/core/all_objs.o' failed

Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
[jf: s/optee/OP-TEE/]
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: tee_mmu: fix use after free bug in vm_unmap()

vm_unmap() uses r->va and r->size after it is freed and can cause the
end VA address calculation to be wrong and the while loop keep going
till it

core: tee_mmu: fix use after free bug in vm_unmap()

vm_unmap() uses r->va and r->size after it is freed and can cause the
end VA address calculation to be wrong and the while loop keep going
till it unmaps the rest of the regions. This bug can cause TA to
crash with a translation fault since vm_unmap() unmapped text and data

Signed-off-by: Khoa Hoang <admin@khoahoang.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: aslr: suppress R_AARCH64_ABS64 and R_ARM_ABS32 relocations

The following errors were observed when building with GCC 6.2.1:

- 64 bits:
GEN out/arm/core/tee.bin
Unexpected relocation t

core: aslr: suppress R_AARCH64_ABS64 and R_ARM_ABS32 relocations

The following errors were observed when building with GCC 6.2.1:

- 64 bits:
GEN out/arm/core/tee.bin
Unexpected relocation type 0x101

- 32 bits:
GEN out/arm/core/tee.bin
Unexpected relocation type 0x2

Relocation type 0x101 is R_AARCH64_ABS64 and 0x2 is R_ARM_ABS32. The
errors are output by scripts/gen_tee_bin.py which expects only relative
relocations (the ones that are necessary for ASLR).

This patch adds the -Bsymbolic linker option to avoid these
relocations. More information can be found in Linux commit [1].

Link: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=08cc55b2afd97a654f71b3bebf8bb0ec89fdc498
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-imx: psci: support Arm SMCCC_VERSION function ID

As per Arm SMCCC v1.1 specification [1], PSCI PSCI_FEATURES function ID
should report Arm Architecture Call SMCCC_VERSION as supported when
the

plat-imx: psci: support Arm SMCCC_VERSION function ID

As per Arm SMCCC v1.1 specification [1], PSCI PSCI_FEATURES function ID
should report Arm Architecture Call SMCCC_VERSION as supported when
the secure firmware supports both PSCI PSCI_FEATURES function ID and
Arm SMCCC_VERSION function ID.

Link: [1] https://developer.arm.com/docs/den0028/latest
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Cedric Neveux <cedric.neveux@nxp.com>

show more ...

core: make core_is_buffer_*() paddr_t compatible

The core_is_buffer_*() helpers are sometimes used with physical
addresses (type paddr_t). This can cause problem on platforms where
sizeof(paddr_t) >

core: make core_is_buffer_*() paddr_t compatible

The core_is_buffer_*() helpers are sometimes used with physical
addresses (type paddr_t). This can cause problem on platforms where
sizeof(paddr_t) > sizeof(vaddr_t), that is on ARM32 systems with
CFG_CORE_LARGE_PHYS_ADDR=y. The FVP platform compiled for AArch32 is one
such system which as a consequence fails with:
E/TC:0 0 check_phys_mem_is_outside:335 Non-sec mem (0x880000000:0x180000000) ove
rlaps map (type 12 0xff000000:0x1000000)
E/TC:0 0 Panic at core/arch/arm/mm/core_mmu.c:336 <check_phys_mem_is_outside>

This patch fixes this problem by taking input addresses as paddr_t and
sizes as paddr_ssize_t instead. The wrapper macros which did some
automatic casting removed. The requires updates at some of the places
where these functions are called.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: simple typo fixes in comments in core/include tree

* changed "the the" to "the" in crypto.h
* changed "the the" to "if the" in handle.h

Signed-off-by: Markus S. Wamser <github-dev@mail2013.wa

core: simple typo fixes in comments in core/include tree

* changed "the the" to "the" in crypto.h
* changed "the the" to "if the" in handle.h

Signed-off-by: Markus S. Wamser <github-dev@mail2013.wamser.eu>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: simple typo fix in comments in core/drivers tree

* changed "a input" to "an input"

Signed-off-by: Markus S. Wamser <github-dev@mail2013.wamser.eu>
Reviewed-by: Etienne Carriere <etienne.carri

core: simple typo fix in comments in core/drivers tree

* changed "a input" to "an input"

Signed-off-by: Markus S. Wamser <github-dev@mail2013.wamser.eu>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: simple typo fixes in comments in core/arch tree

* changed "the the" to "the" in thread.h
* changed "the the" to "to the" in wait_queue.c
* changed "Optinally" to "Optionally" in generic_entry_

core: simple typo fixes in comments in core/arch tree

* changed "the the" to "the" in thread.h
* changed "the the" to "to the" in wait_queue.c
* changed "Optinally" to "Optionally" in generic_entry_a32.S

Signed-off-by: Markus S. Wamser <github-dev@mail2013.wamser.eu>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-stm32mp1: ack SCMI SiP SMC entry with 0 return code

Load STM32_SIP_SVC_OK in output argument a0 on return from
SCMI message notification from SiP SMC function IDs. It simplifies
non-secure worl

plat-stm32mp1: ack SCMI SiP SMC entry with 0 return code

Load STM32_SIP_SVC_OK in output argument a0 on return from
SCMI message notification from SiP SMC function IDs. It simplifies
non-secure world to consider any non-zero values,
including standard unknown function error code (-1), as
reporting a failure.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>

show more ...

core: device pta: add flag to indicate dependency on tee-supplicant

Some TAs require tee-supplicant to be run. For example fTPM requires
storage services provided by tee-supplicant. When scanning an

core: device pta: add flag to indicate dependency on tee-supplicant

Some TAs require tee-supplicant to be run. For example fTPM requires
storage services provided by tee-supplicant. When scanning and
probe() devices on tee bus we can initialize early drivers which
do not require tee-supplicant and after mount fs and tee-supplicant
run do probe() drivers witch require tee-supplicant.

Signed-off-by: Maxim Uvarov <maxim.uvarov@linaro.org>
Suggested-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-imx: generate tee-raw.bin

We have observed that existing ARM-TF for iMX8QM treats OP-TEE binary
as headerless image. So, to create proper boot image we need raw
OP-TEE binary image.

Signed-off

plat-imx: generate tee-raw.bin

We have observed that existing ARM-TF for iMX8QM treats OP-TEE binary
as headerless image. So, to create proper boot image we need raw
OP-TEE binary image.

Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
Acked-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Peng Fan <peng.fan@nxp.com>

show more ...

plat-imx: describe non-secure DDR in i.MX8Q* platforms

Add NSEC_DDR definition for for i.MX8QM and i.MX8QX SoCs.
This was tested on i.MX8QM platform.

Signed-off-by: Volodymyr Babchuk <volodymyr_bab

plat-imx: describe non-secure DDR in i.MX8Q* platforms

Add NSEC_DDR definition for for i.MX8QM and i.MX8QX SoCs.
This was tested on i.MX8QM platform.

Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
Acked-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Peng Fan <peng.fan@nxp.com>

show more ...

plat-imx: describe non-secure DDR memory

To enable dynamic SHM on iMX platform we need to describe
which memory regions belong to non-secure memory areas.

Signed-off-by: Volodymyr Babchuk <volodymy

plat-imx: describe non-secure DDR memory

To enable dynamic SHM on iMX platform we need to describe
which memory regions belong to non-secure memory areas.

Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
Acked-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Peng Fan <peng.fan@nxp.com>

show more ...

plat-imx: move platform-specific data to nexus memory

This is needed to enable virtualization support iMX platforms.

Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
Acked-by: Clement

plat-imx: move platform-specific data to nexus memory

This is needed to enable virtualization support iMX platforms.

Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
Acked-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Peng Fan <peng.fan@nxp.com>

show more ...

core: move static IRQC data to nexus memory

itr_chip and handlers list should reside in nexus memory
to ensure that irq controller is working.

Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@ep

core: move static IRQC data to nexus memory

itr_chip and handlers list should reside in nexus memory
to ensure that irq controller is working.

Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
Acked-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-stm32mp1: enable IO compensation at boot time

Implement platform functions stm32mp_syscfg_enable_io_compensation()
and stm32mp_syscfg_disable_io_compensation() to enable/disable
STM23MP1 IO com

plat-stm32mp1: enable IO compensation at boot time

Implement platform functions stm32mp_syscfg_enable_io_compensation()
and stm32mp_syscfg_disable_io_compensation() to enable/disable
STM23MP1 IO compensation. Enable IO compensation when platform boots.

This change defines SYSCFG clock that is needed and moves definition
of the RCC compatible string DT_RCC_CLK_COMPAT to RCC header file so
that it can be shared with stm32mp1_syscfg.c.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: always build libfdt

libfdt is built only when CFG_DT=y. As a result, the libfdt header
files are only available when CFG_DT=y and any source file that makes
optional use of the library has to

core: always build libfdt

libfdt is built only when CFG_DT=y. As a result, the libfdt header
files are only available when CFG_DT=y and any source file that makes
optional use of the library has to guard the #include <libfdt.h> with
a #ifdef CFG_DT ... #endif block. This contrasts with other features
which don't require such guards.

This patch builds libfdt unconditionally and removes the include
guards. No change is expected in the binaries.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

rpmb: fix building when TRACE_LEVEL >= TRACE_FLOW

Building with CFG_RPMB_FS=y and CFG_TEE_CORE_LOG_LEVEL=4 yields a
compile-time error due to a typo.

Replacing TEE_RESULT with TEE_Result fixes the

rpmb: fix building when TRACE_LEVEL >= TRACE_FLOW

Building with CFG_RPMB_FS=y and CFG_TEE_CORE_LOG_LEVEL=4 yields a
compile-time error due to a typo.

Replacing TEE_RESULT with TEE_Result fixes the issue.

Signed-off-by: Gianguido Sorà <me@gsora.xyz>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>

show more ...

plat-hisilicon: psci: support Arm SMCCC_VERSION function ID

As per Arm SMCCC v1.1 specification [1], PSCI PSCI_FEATURES function ID
should report Arm Architecture Call SMCCC_VERSION as supported whe

plat-hisilicon: psci: support Arm SMCCC_VERSION function ID

As per Arm SMCCC v1.1 specification [1], PSCI PSCI_FEATURES function ID
should report Arm Architecture Call SMCCC_VERSION as supported when
the secure firmware supports both PSCI PSCI_FEATURES function ID and
Arm SMCCC_VERSION function ID.

Link: [1] https://developer.arm.com/docs/den0028/latest
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

plat-stm32mp1: SiP SMC service for BSEC access

Implement a SiP SMC based interface fàr the non-secure world to access
BSEC words. The service is embedded upon CFG_STM32_BSEC_SIP=y. If not
embedded,

plat-stm32mp1: SiP SMC service for BSEC access

Implement a SiP SMC based interface fàr the non-secure world to access
BSEC words. The service is embedded upon CFG_STM32_BSEC_SIP=y. If not
embedded, the service simply reports a failure.

This service is used by U-boot package since its release v2019.07-rc1 [1]
to retrieve information such as the device MAC address [2].

Link: [1] https://github.com/u-boot/u-boot/blob/v2019.07-rc1/arch/arm/mach-stm32mp/include/mach/stm32mp1_smc.h
Link: [2] https://github.com/u-boot/u-boot/blob/v2019.07-rc1/arch/arm/mach-stm32mp/cpu.c#L475

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

dts: stm32mp1: non-secure can access MAC address and board ID OTPs

Add property st,non-secure-otp to MAC address NVMEM cells in stm32mp1
SoC DTSI and to board ID NVMEM cells in stm32mp1 ST boards DT

dts: stm32mp1: non-secure can access MAC address and board ID OTPs

Add property st,non-secure-otp to MAC address NVMEM cells in stm32mp1
SoC DTSI and to board ID NVMEM cells in stm32mp1 ST boards DTS files
since non-secure world is allowed to access these OTPs despite they
are located in the upper BSEC words (secure) area.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

stm32_bsec: grant BSEC words non-secure access from embedded DTB

Change BSEC driver to allow non-secure world to access specific BSEC
upper words that have the ST NVMEM property "st,non-secure-otp".

stm32_bsec: grant BSEC words non-secure access from embedded DTB

Change BSEC driver to allow non-secure world to access specific BSEC
upper words that have the ST NVMEM property "st,non-secure-otp". The
property is presented to the LKML in [1].

During BSEC driver initialization, a bit fields array is allocated to
store whether each 32bit BSEC upper words is allowed to be accessed by
the non-secure world.

Link: [1] https://lkml.org/lkml/2020/5/8/1258
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

plat-stm32mp1: psci: support Arm SMCCC_VERSION function ID

As per Arm SMCCC v1.1 specification [1], PSCI PSCI_FEATURES function ID
should report Arm Architecture Call SMCCC_VERSION as supported when

plat-stm32mp1: psci: support Arm SMCCC_VERSION function ID

As per Arm SMCCC v1.1 specification [1], PSCI PSCI_FEATURES function ID
should report Arm Architecture Call SMCCC_VERSION as supported when
the secure firmware supports both PSCI PSCI_FEATURES function ID and
Arm SMCCC_VERSION function ID.

Link: [1] https://developer.arm.com/docs/den0028/latest
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: generic_boot: use "%#lx" to print unsigned long, not "0x%"PRIxPA

In 32-bit builds with CFG_CORE_LARGE_PHYS_ADDR=y, PRIxPA is "llx"
which is not the recommended format to print an unsigned long

core: generic_boot: use "%#lx" to print unsigned long, not "0x%"PRIxPA

In 32-bit builds with CFG_CORE_LARGE_PHYS_ADDR=y, PRIxPA is "llx"
which is not the recommended format to print an unsigned long int.
Use "lx" instead to avoid warnings with some compilers.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: plat-ls: Enable CAAM driver for PLATFORM lx2160ardb

Enable and test CAAM driver on lx2160ardb platform for
hash, ciphers and RSA

Signed-off-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-

core: plat-ls: Enable CAAM driver for PLATFORM lx2160ardb

Enable and test CAAM driver on lx2160ardb platform for
hash, ciphers and RSA

Signed-off-by: Ruchika Gupta <ruchika.gupta@nxp.com>
Reviewed-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Reviewed-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...