core: crypto: refactor aes-gcm implementation

Adds struct internal_ghash_key to represent the ghash key instead of
some lose fields inside struct internal_aes_gcm_state.

Software of CE configuratio

core: crypto: refactor aes-gcm implementation

Adds struct internal_ghash_key to represent the ghash key instead of
some lose fields inside struct internal_aes_gcm_state.

Software of CE configuration is done explicitly in
core/crypto/aes-gcm-sw.c, dropping the __weak attribute for all
functions but internal_aes_gcm_update_payload_block_aligned() which
is only overridden with CFG_CRYPTO_WITH_CE=y in AArch64.

Content of aes-gcm-private.h is moved into internal_aes-gcm.h.

internal_aes_gcm_gfmul() is made available for generic GF
multiplication.

The CE versions of internal_aes_gcm_expand_enc_key() and
internal_aes_gcm_encrypt_block() are now only wrappers around
crypto_accel_aes_expand_keys() and crypto_accel_aes_ecb_enc().

Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: fobj.c: use crypto_aes_expand_enc_key()

fobj_generate_authenc_key() uses crypto_aes_expand_enc_key() instead
to prepare the key used for paging.

Acked-by: Etienne Carriere <etienne.carriere@l

core: fobj.c: use crypto_aes_expand_enc_key()

fobj_generate_authenc_key() uses crypto_aes_expand_enc_key() instead
to prepare the key used for paging.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: use SHA-256 crypto accelerated function

Uses the recently provided accelerated SHA-256 function in LTC.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wikla

core: ltc: use SHA-256 crypto accelerated function

Uses the recently provided accelerated SHA-256 function in LTC.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: use SHA1 crypto accelerated function

Uses the recently provided accelerated SHA1 function in LTC.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <

core: ltc: use SHA1 crypto accelerated function

Uses the recently provided accelerated SHA1 function in LTC.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: use AES crypto accelerated routines

Uses the recently provided accelerated AES crypto routines in LTC.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklan

core: ltc: use AES crypto accelerated routines

Uses the recently provided accelerated AES crypto routines in LTC.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add accelerated SHA-256 routines

Adds an Arm CE accelerated SHA-256 function to core/arch/arm/crypto. The
code originates from the previous implementation inside LTC library.
With this multipl

core: add accelerated SHA-256 routines

Adds an Arm CE accelerated SHA-256 function to core/arch/arm/crypto. The
code originates from the previous implementation inside LTC library.
With this multiple crypto libraries can share the function.

The old CFG_CRYPTO_SHA256_ARM64_CE and CFG_CRYPTO_SHA256_ARM32_CE are
replaced by CFG_CRYPTO_SHA256_ARM_CE.

CFG_CORE_CRYPTO_SHA256_ACCEL is introduced as to indicate that some kind of
SHA-256 acceleration is available, not necessarily based on Arm CE.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add accelerated SHA1 routines

Adds an Arm CE accelerated SHA1 function to core/arch/arm/crypto. The code
originates from the previous implementation inside LTC library. With
this multiple cryp

core: add accelerated SHA1 routines

Adds an Arm CE accelerated SHA1 function to core/arch/arm/crypto. The code
originates from the previous implementation inside LTC library. With
this multiple crypto libraries can share the function.

The old CFG_CRYPTO_SHA1_ARM64_CE and CFG_CRYPTO_SHA1_ARM32_CE are
replaced by CFG_CRYPTO_SHA1_ARM_CE.

CFG_CORE_CRYPTO_SHA1_ACCEL is introduced as to indicate that some kind of
SHA-1 acceleration is available, not necessarily based on Arm CE.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add accelerated AES routines

Adds Arm CE accelerated AES routines to core/arch/arm/crypto. The code
originates from the previous implementation inside LTC library. With
this multiple crypto li

core: add accelerated AES routines

Adds Arm CE accelerated AES routines to core/arch/arm/crypto. The code
originates from the previous implementation inside LTC library. With
this multiple crypto library can share these routines.

A new header file, <crypto/crypto_accel.h>, is added with primitive
functions implementing crypto accelerated ciphers.

The old CFG_CRYPTO_AES_ARM64_CE and CFG_CRYPTO_AES_ARM32_CE are
replaced by CFG_CRYPTO_AES_ARM_CE.

CFG_CORE_CRYPTO_AES_ACCEL is introduced as to indicate that some kind of
AES acceleration is available, not necessarily based on Arm CE.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: remove Arm SHA-256 CE routines

Removes the Arm CE routines accelerating SHA-256 in the LTC library.

This will later be added in common code to be shared with other crypto
libraries etc.

core: ltc: remove Arm SHA-256 CE routines

Removes the Arm CE routines accelerating SHA-256 in the LTC library.

This will later be added in common code to be shared with other crypto
libraries etc.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: remove Arm SHA1 CE routines

Removes the Arm CE routines accelerating SHA1 in the LTC library.

This will later be added in common code to be shared with other crypto
libraries etc.

Acked

core: ltc: remove Arm SHA1 CE routines

Removes the Arm CE routines accelerating SHA1 in the LTC library.

This will later be added in common code to be shared with other crypto
libraries etc.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: remove Arm AES CE routines

Removes the Arm AES CE routines from the library.

This will later be added in common code to be shared with other crypto
libraries etc.

Acked-by: Etienne Carr

core: ltc: remove Arm AES CE routines

Removes the Arm AES CE routines from the library.

This will later be added in common code to be shared with other crypto
libraries etc.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: simplify _CFG_CORE_LTC_*_DESC logic

If a SHA-{256,384,512} or AES algorithm is needed in LTC a matching
_CFG_CORE_LTC_*_DESC variable will be set. So only check the
_CFG_CORE_LTC_*_DESC v

core: ltc: simplify _CFG_CORE_LTC_*_DESC logic

If a SHA-{256,384,512} or AES algorithm is needed in LTC a matching
_CFG_CORE_LTC_*_DESC variable will be set. So only check the
_CFG_CORE_LTC_*_DESC variable to see if a certain algorithm is needed.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core/crypto.mk: simplify _CFG_CORE_LTC_*_DESC logic

Simplifies _CFG_CORE_LTC_*_DESC logic by always defining the
corresponding _CFG_CORE_LTC_*_DESC variable to the algorithm needed
inside LTC.

Acke

core/crypto.mk: simplify _CFG_CORE_LTC_*_DESC logic

Simplifies _CFG_CORE_LTC_*_DESC logic by always defining the
corresponding _CFG_CORE_LTC_*_DESC variable to the algorithm needed
inside LTC.

Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

pta: invoke_test.pta: add aes performance test

Adds test PTA function to run performance test with xtest --aes-perf.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wikland

pta: invoke_test.pta: add aes performance test

Adds test PTA function to run performance test with xtest --aes-perf.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers/scmi-msg: smt entry points for incoming messages

This change implements SCMI channels for reading a SCMI message from a
shared memory and call the SCMI message drivers to route the message
t

drivers/scmi-msg: smt entry points for incoming messages

This change implements SCMI channels for reading a SCMI message from a
shared memory and call the SCMI message drivers to route the message
to the target platform services.

SMT refers to the shared memory management protocol which is used
to get/put message/response in shared memory. SMT is a 28byte header
stating shared memory state and exchanged protocol data.

The processing entry for a SCMI message can be a secure interrupt
(CFG_SCMI_MSG_SMT_INTERRUPT_ENTRY=y), and fastcall SMC
(CFG_SCMI_MSG_SMT_FASTCALL_ENTRY=y) or a threaded execution
context entry (CFG_SCMI_MSG_SMT_THREAD_ENTRY=y).

SMT description in this implementation is based on the SCP-firmware
implementation [1].

Link: [1] https://github.com/ARM-software/SCP-firmware.git

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers/scmi-msg: support for reset domain protocol

Adds SCMI reset domain protocol support in the SCMI message drivers
as defined in SCMI specification v2.0 [1]. Not all the messages
defined in the

drivers/scmi-msg: support for reset domain protocol

Adds SCMI reset domain protocol support in the SCMI message drivers
as defined in SCMI specification v2.0 [1]. Not all the messages
defined in the specification are supported.

Embedded upon CFG_SCMI_MSG_RESET_DOMAIN=y.

scmi_msg_get_rd_handler() sanitizes the message_id value
against any speculative use of reset domain ID as a index since by
SCMI specification, IDs are indices.

SCMI resource in this implementation are dumped or inspired by the
SCP-firmware implementation [2] of the SCMI protocol, server side.

Link: [1] http://infocenter.arm.com/help/topic/com.arm.doc.den0056a/DEN0056A_System_Control_and_Management_Interface.pdf
Link: [2] https://github.com/ARM-software/SCP-firmware.git

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers/scmi-msg: support for clock protocol

Adds SCMI clock protocol support in the SCMI message drivers as
defined in SCMI specification v2.0 [1]. Not all the messages
defined in the specification

drivers/scmi-msg: support for clock protocol

Adds SCMI clock protocol support in the SCMI message drivers as
defined in SCMI specification v2.0 [1]. Not all the messages
defined in the specification are supported.

Embedded upon CFG_SCMI_MSG_CLOCK=y.

Platform can provide one of the plat_scmi_clock_*() handler for the
supported operations set/get state/rate and others.

scmi_msg_get_clock_handler() sanitizes the message_id value
against any speculative use of clock ID as a index since by
SCMI specification, IDs are indices.

SCMI resource in this implementation are dumped or inspired by the
SCP-firmware implementation [2] of the SCMI protocol, server side.

Link: [1] http://infocenter.arm.com/help/topic/com.arm.doc.den0056a/DEN0056A_System_Control_and_Management_Interface.pdf
Link: [2] https://github.com/ARM-software/SCP-firmware.git

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers/scmi-msg: driver for processing scmi messages

This change introduces drivers to allow a platform to create a SCMI
service and register handlers for client request (SCMI agent) on
system reso

drivers/scmi-msg: driver for processing scmi messages

This change introduces drivers to allow a platform to create a SCMI
service and register handlers for client request (SCMI agent) on
system resources. This is the first piece of the drivers: an entry
function, the SCMI base protocol support and helpers for create
the response message.

With this change, scmi_process_message() is the entry function to
process an incoming SCMI message. The function expect the message
is already copied from shared memory into secure memory. The message
structure stores message reference and output buffer reference where
response message shall be stored.

scmi_process_message() calls the SCMI protocol driver according to
the protocol ID in the message. The SCMI protocol driver will call
defined platform handlers according to the message content.

This change introduces only the SCMI base protocol as defined in
SCMI specification v2.0 [1]. Not all the messages defined
in the specification are supported.

SCMI resource in this implementation are dumped or inspired by the
SCP-firmware implementation [2] of the SCMI protocol, server side.

Link: [1] http://infocenter.arm.com/help/topic/com.arm.doc.den0056a/DEN0056A_System_Control_and_Management_Interface.pdf
Link: [2] https://github.com/ARM-software/SCP-firmware.git

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: TEE capability for null sized memrefs support

Introduce a new capability OPTEE_SMC_SEC_CAP_MEMREF_NULL to reflect
support for null shared memory references that is buffer references
with null

core: TEE capability for null sized memrefs support

Introduce a new capability OPTEE_SMC_SEC_CAP_MEMREF_NULL to reflect
support for null shared memory references that is buffer references
with null size and null address reference.

Signed-off-by: Michael Whitfield <michael.whitfield@nxp.com>
Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Joakim Bech <joakim.bech@linaro.org> (QEMU)

show more ...

core: merge tee_*_get_digest_size() into a single function

Rename tee_hash_get_digest_size() to tee_alg_get_digest_size().

Change tee_alg_get_digest_size() to use new libutee macro
TEE_ALG_GET_DIGE

core: merge tee_*_get_digest_size() into a single function

Rename tee_hash_get_digest_size() to tee_alg_get_digest_size().

Change tee_alg_get_digest_size() to use new libutee macro
TEE_ALG_GET_DIGEST_SIZE.

Remove tee_mac_get_digest_size() as its functionality
is handled by tee_alg_get_digest_size() now.

Signed-off-by: Albert Schwarzkopf <a.schwarzkopf@phytec.de>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-stm32mp1: clock: allow tree lookup for several system clocks

Oscillators, PLLs and some system clocks can be related straight to
a parent clock identifier. Prior this change were only oscillato

plat-stm32mp1: clock: allow tree lookup for several system clocks

Oscillators, PLLs and some system clocks can be related straight to
a parent clock identifier. Prior this change were only oscillators
and few clocks supported by this look up scheme. This changes makes all
parent IDs covered supported. This enables for flexible use of clock
tree exploration when computing a clock frequency value.

Introduces helper function clock_id2parent_id() for clock ID
to parent ID conversion and defines helper right above parent clock
resources for consistency.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>

show more ...

plat-stm32mp1: allow fdt to disable root clocks

Assign a null frequency value to root clocks when FDT defines them
as disabled.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: R

plat-stm32mp1: allow fdt to disable root clocks

Assign a null frequency value to root clocks when FDT defines them
as disabled.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>

show more ...

plat-stm32mp1: clock: handle always-on clocks

Oscillators, PLLs and AXI/MPU/MCU clocks are not gated from
functions stm32_clock_enable() and stm32_clock_disable(). This change
allows these functions

plat-stm32mp1: clock: handle always-on clocks

Oscillators, PLLs and AXI/MPU/MCU clocks are not gated from
functions stm32_clock_enable() and stm32_clock_disable(). This change
allows these functions and stm32_clock_is_enabled() to blindly handle
clock gating for such always-on clocks. Gating these clocks is out of
the scope of this change even if preferred for power consumption
optimization considerations.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Remove '.section .text.<name>' and use function macros instead

Assembler functions are normally defined using the FUNC/LOCAL_FUNC
macros from <asm.S>. The macros takes care of several things, includ

Remove '.section .text.<name>' and use function macros instead

Assembler functions are normally defined using the FUNC/LOCAL_FUNC
macros from <asm.S>. The macros takes care of several things, including
putting the function in a specific section for later garbage collection
by the linker (--gc-sections).

A few files do not follow this convention, let's fix them. Two
functions in ghash-ce-core_a64.S (pmull_gcm_load_round_keys() and
pmull_gcm_aes_sub()) totally lack a .section directive, which I think
is a mistake. Fix them at the same time.

No functional change is expected.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-stm32mp1: clock: don't embed unused non-secure uart clocks

Embed UART parent clock resource upon CFG_WITH_NSEC_UARTS=y.
This configuration switch was already used to embed or not
the non-secure

plat-stm32mp1: clock: don't embed unused non-secure uart clocks

Embed UART parent clock resource upon CFG_WITH_NSEC_UARTS=y.
This configuration switch was already used to embed or not
the non-secure UART clocks but not the resources used to
look for their parent clock.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...