drivers: caam: fix RSA key format number 3

Fix the RSA private key format number 3.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

core: core_mmu_v7.c: set TTBCR_PD1 in reduced mappings

When using reduced mappings set TTBCR_PD1 in order to disable table
walks using TTBR1 which holds the OP-TEE Core mappings. This saves us
from

core: core_mmu_v7.c: set TTBCR_PD1 in reduced mappings

When using reduced mappings set TTBCR_PD1 in order to disable table
walks using TTBR1 which holds the OP-TEE Core mappings. This saves us
from keeping an empty L1 translation table (16 KiB) with
CFG_CORE_UNMAP_CORE_AT_EL0=y.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: make main l1 translation tables static again

The main level 1 memory translation tables for both short and
longer descriptors are only accessed internally in respective
C file. So make the tab

core: make main l1 translation tables static again

The main level 1 memory translation tables for both short and
longer descriptors are only accessed internally in respective
C file. So make the tables static again.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: caam: fix compilation warning hal_jr.c

Fix compilation warning when CFG_NXP_CAAM=y and CFG_CRYPTO_DRIVER=n

core/drivers/crypto/caam/hal/common/hal_jr.c:19:29: warning:
‘jr_backup’ defined

drivers: caam: fix compilation warning hal_jr.c

Fix compilation warning when CFG_NXP_CAAM=y and CFG_CRYPTO_DRIVER=n

core/drivers/crypto/caam/hal/common/hal_jr.c:19:29: warning:
‘jr_backup’ defined but not used [-Wunused-const-variable=]
static const struct reglist jr_backup[] = {

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

drivers: crypto: fix compilation warning hash_oid.c

core/drivers/crypto/crypto_api/oid/hash_oid.c:37:10:
warning: return discards ‘const’ qualifier from pointer target
type [-Wdiscarded-qualifiers]

drivers: crypto: fix compilation warning hash_oid.c

core/drivers/crypto/crypto_api/oid/hash_oid.c:37:10:
warning: return discards ‘const’ qualifier from pointer target
type [-Wdiscarded-qualifiers]
return &drvcrypt_hash_oid[main_alg];

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

drivers: crypto: fix missing header hash_oid.c

Fix compilation error when CFG_NXP_CAAM=y

core/drivers/crypto/crypto_api/oid/hash_oid.c:34:22:
error: implicit declaration of function ‘TEE_ALG_GET_MA

drivers: crypto: fix missing header hash_oid.c

Fix compilation error when CFG_NXP_CAAM=y

core/drivers/crypto/crypto_api/oid/hash_oid.c:34:22:
error: implicit declaration of function ‘TEE_ALG_GET_MAIN_ALG’;
did you mean ‘TEE_ALG_HMAC_SM3’?
[-Werror=implicit-function-declaration]
uint32_t main_alg = TEE_ALG_GET_MAIN_ALG(algo);

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

drivers: caam: fix suspend/resume issue

Add missing save/restore of the Secure JR configuration (all devices).
On i.MX6Q/D fix the job ring resume to reconfigure the Software JR queues
and re-instan

drivers: caam: fix suspend/resume issue

Add missing save/restore of the Secure JR configuration (all devices).
On i.MX6Q/D fix the job ring resume to reconfigure the Software JR queues
and re-instantiate the RNG if needed.

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: init: ASLR offset leak in initcall error message

Initial call error message print out call pointer. This leak
the ASLR offset. Subtract VA start address to hide ASLR offset.

Signed-off-by: Kh

core: init: ASLR offset leak in initcall error message

Initial call error message print out call pointer. This leak
the ASLR offset. Subtract VA start address to hide ASLR offset.

Signed-off-by: Khoa Hoang <admin@khoahoang.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
[jf: s/Initial call/Initcall/, wrap line, uppercase ASLR in subject]
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

drivers: caam: implement NXP CAAM Driver - RSA

Add the NXP CAAM drivers:
- Asymmetric RSA:
- Encrypt/Decrypt
- Sign/Verify
- Mathematical operation XOR (mod N)

Signed-off-by: Cedric Neveux <cedric.

drivers: caam: implement NXP CAAM Driver - RSA

Add the NXP CAAM drivers:
- Asymmetric RSA:
- Encrypt/Decrypt
- Sign/Verify
- Mathematical operation XOR (mod N)

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: crypto: generic resources for crypto device driver - RSA

TEE Crypto generic APIs to HW driver interface

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Acked-by: Jens Wiklander <jens.

drivers: crypto: generic resources for crypto device driver - RSA

TEE Crypto generic APIs to HW driver interface

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: caam: change CAAM debug trace method

Change the method to enable the CAAM debug.
Split the debug compilation 32 bits word to 3x32 bits words, one for the
trace, one for the descriptor dump

drivers: caam: change CAAM debug trace method

Change the method to enable the CAAM debug.
Split the debug compilation 32 bits word to 3x32 bits words, one for the
trace, one for the descriptor dump and one for the buffer dump.

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: use adr_l to allow bigger data sections

Compiling for NXP lx2160ardb with debug enabled fails with:

$ make -j32 CFG_ARM64_core=y PLATFORM=ls-lx2160ardb DEBUG=1
...
LD out/arm-plat-l

core: use adr_l to allow bigger data sections

Compiling for NXP lx2160ardb with debug enabled fails with:

$ make -j32 CFG_ARM64_core=y PLATFORM=ls-lx2160ardb DEBUG=1
...
LD out/arm-plat-ls/core/all_objs.o
out/arm-plat-ls/core/arch/arm/kernel/thread_a64.o: in function `el0_sync_a64':
core/arch/arm/kernel/thread_a64.S:271:(.text.thread_excp_vect+0x424): relocation truncated to fit: R_AARCH64_ADR_PREL_LO21 against symbol `thread_user_kcode_offset' defined in COMMON section in out/arm-plat-ls/core/arch/arm/kernel/thread.o
core/arch/arm/kernel/thread_a64.S:271:(.text.thread_excp_vect+0x43c): relocation truncated to fit: R_AARCH64_ADR_PREL_LO21 against symbol `thread_user_kdata_sp_offset' defined in COMMON section in out/arm-plat-ls/core/arch/arm/kernel/thread.o
out/arm-plat-ls/core/arch/arm/kernel/thread_a64.o: in function `el0_irq_a64':
core/arch/arm/kernel/thread_a64.S:283:(.text.thread_excp_vect+0x4a4): relocation truncated to fit: R_AARCH64_ADR_PREL_LO21 against symbol `thread_user_kcode_offset' defined in COMMON section in out/arm-plat-ls/core/arch/arm/kernel/thread.o
core/arch/arm/kernel/thread_a64.S:283:(.text.thread_excp_vect+0x4bc): relocation truncated to fit: R_AARCH64_ADR_PREL_LO21 against symbol `thread_user_kdata_sp_offset' defined in COMMON section in out/arm-plat-ls/core/arch/arm/kernel/thread.o
out/arm-plat-ls/core/arch/arm/kernel/thread_a64.o: in function `el0_fiq_a64':
core/arch/arm/kernel/thread_a64.S:290:(.text.thread_excp_vect+0x524): relocation truncated to fit: R_AARCH64_ADR_PREL_LO21 against symbol `thread_user_kcode_offset' defined in COMMON section in out/arm-plat-ls/core/arch/arm/kernel/thread.o
core/arch/arm/kernel/thread_a64.S:290:(.text.thread_excp_vect+0x53c): relocation truncated to fit: R_AARCH64_ADR_PREL_LO21 against symbol `thread_user_kdata_sp_offset' defined in COMMON section in out/arm-plat-ls/core/arch/arm/kernel/thread.o
out/arm-plat-ls/core/arch/arm/kernel/thread_a64.o: in function `el0_sync_a32':
core/arch/arm/kernel/thread_a64.S:306:(.text.thread_excp_vect+0x624): relocation truncated to fit: R_AARCH64_ADR_PREL_LO21 against symbol `thread_user_kcode_offset' defined in COMMON section in out/arm-plat-ls/core/arch/arm/kernel/thread.o
core/arch/arm/kernel/thread_a64.S:306:(.text.thread_excp_vect+0x63c): relocation truncated to fit: R_AARCH64_ADR_PREL_LO21 against symbol `thread_user_kdata_sp_offset' defined in COMMON section in out/arm-plat-ls/core/arch/arm/kernel/thread.o
out/arm-plat-ls/core/arch/arm/kernel/thread_a64.o: in function `el0_irq_a32':
core/arch/arm/kernel/thread_a64.S:318:(.text.thread_excp_vect+0x6a4): relocation truncated to fit: R_AARCH64_ADR_PREL_LO21 against symbol `thread_user_kcode_offset' defined in COMMON section in out/arm-plat-ls/core/arch/arm/kernel/thread.o
core/arch/arm/kernel/thread_a64.S:318:(.text.thread_excp_vect+0x6bc): relocation truncated to fit: R_AARCH64_ADR_PREL_LO21 against symbol `thread_user_kdata_sp_offset' defined in COMMON section in out/arm-plat-ls/core/arch/arm/kernel/thread.o
out/arm-plat-ls/core/arch/arm/kernel/thread_a64.o: in function `el0_fiq_a32':
core/arch/arm/kernel/thread_a64.S:325:(.text.thread_excp_vect+0x724): additional relocation overflows omitted from the output

So let's replace adr with adr_l and apply a similar fix as
commit 82d398c0e05c ("core: generic_entry_a64.S: use adr_l to allow
bigger data sections") suggests.

Suggested-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
[jf: reformat commit description]
Signed-off-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: save_panic_stack(): make sure tsd is initialized

If a TA fails to load due to an assertion failure in ldelf, the user
stack might be inaccessible. save_panic_stack() detects this situation
but

core: save_panic_stack(): make sure tsd is initialized

If a TA fails to load due to an assertion failure in ldelf, the user
stack might be inaccessible. save_panic_stack() detects this situation
but fails to set abort information in the thread specific data (tsd).
As a result, the stack unwinding code can erroneously execute kernel
unwinding code and trigger an assertion:

E/TC:? 0 assertion 'thread_get_exceptions() & THREAD_EXCP_FOREIGN_INTR' failed at core/arch/arm/include/kernel/misc.h:22 <get_core_pos>

The fix consists in moving the tsd initialization above the user stack
accessibility check.

Suggested-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: exclude generic_boot_init_primary() from unpaged part

Excludes generic_boot_init_primary() from unpaged part and makes sure
it's still in the init part.

Reviewed-by: Jerome Forissier <jerome@

core: exclude generic_boot_init_primary() from unpaged part

Excludes generic_boot_init_primary() from unpaged part and makes sure
it's still in the init part.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: exclude core_init_mmu_map() from unpaged part

Excludes core_init_mmu_map() from unpaged part and makes sure it's still
in the init part.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
S

core: exclude core_init_mmu_map() from unpaged part

Excludes core_init_mmu_map() from unpaged part and makes sure it's still
in the init part.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: exclude get_aslr_seed() from unpaged part

Excludes get_aslr_seed() from unpaged part and makes sure it's still in
the init part.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-of

core: exclude get_aslr_seed() from unpaged part

Excludes get_aslr_seed() from unpaged part and makes sure it's still in
the init part.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: caam: RNG: provide plat_rng_init symbol

Not doing so calls the default implementation which generates
misleading RNG trace information (sample below)

E/TC:0 0 plat_rng_init:354 Warning: se

drivers: caam: RNG: provide plat_rng_init symbol

Not doing so calls the default implementation which generates
misleading RNG trace information (sample below)

E/TC:0 0 plat_rng_init:354 Warning: seeding RNG with zeroes

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>

show more ...

core: ree_fs_ta: fix bootstrap header size check

This change fix bootstrap header size check. Before it use
sizeof(bs_hdr) but bs_hdr is a struct pointer. Correct it
to sizeof(*bs_hdr)

Fixes: 18339

core: ree_fs_ta: fix bootstrap header size check

This change fix bootstrap header size check. Before it use
sizeof(bs_hdr) but bs_hdr is a struct pointer. Correct it
to sizeof(*bs_hdr)

Fixes: 183398139c9c ("core: enable rollback protection for REE-FS TAs")
Signed-off-by: Khoa Hoang <admin@khoahoang.com>
Acked-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: mmu: fix check of memory physical end address

Correct test on memory physical end address that was not consistent
in use of core_mmu_check_end_pa().

This change fixes core_mmu_set_discovered_

core: mmu: fix check of memory physical end address

Correct test on memory physical end address that was not consistent
in use of core_mmu_check_end_pa().

This change fixes core_mmu_set_discovered_nsec_ddr() where
core_mmu_check_end_pa() was called with a byte length argument
decreased by one whereas it should provide the effective byte size
of the memory area.

This change fixes core_mmu_check_end_pa() so that it computes
the end address as start address plus byte size minus one to
obtain the inclusive end address core_mmu_check_max_pa() expects
as input argument.

Fixes: 4518cdc1ff64 ("core: arm64: introduce CFG_CORE_ARM64_PA_BITS")
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: imx: add plat_rpmb_ready for i.MX6/7

For i.MX6/7 RPMB key writes should only be allowed if the device is in
the closed configuration and in the trusted or secure state.

Signed-off-by: Rouven

core: imx: add plat_rpmb_ready for i.MX6/7

For i.MX6/7 RPMB key writes should only be allowed if the device is in
the closed configuration and in the trusted or secure state.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Cedric Neveux <cedric.neveux@nxp.com>

show more ...

rpmb: function to block rpmb write per platform

Often the RPMB should only be written if the platform is in the correct
state where the Hardware Unique Key (HUK) for the platform works
correctly. As

rpmb: function to block rpmb write per platform

Often the RPMB should only be written if the platform is in the correct
state where the Hardware Unique Key (HUK) for the platform works
correctly. As an example on imx platforms with HUK derivation from the
OTPMK, the OTPMK is only accessible from the secure or trusted state.
Add a function and weak implementation for platforms to indicate that
the device is in the correct state to allow RPMB key writes.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Cedric Neveux <cedric.neveux@nxp.com>

show more ...

imx: snvs: rework snvs driver

Remove the unused SRTC functionality which is not wired up anywhere.
Instead add a function to read the device configuration and system
security monitor instead.

Signe

imx: snvs: rework snvs driver

Remove the unused SRTC functionality which is not wired up anywhere.
Instead add a function to read the device configuration and system
security monitor instead.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Cedric Neveux <cedric.neveux@nxp.com>

show more ...

core: Add support to access a TPM event log in secure memory.

Support for OPTEE to be able to receive a TPM event log through
a DTB so it can forward it to a TA (such as a TPM service)
in order to e

core: Add support to access a TPM event log in secure memory.

Support for OPTEE to be able to receive a TPM event log through
a DTB so it can forward it to a TA (such as a TPM service)
in order to extend the measurements.

CFG_CORE_TPM_EVENT_LOG enables this feature.
CFG_TPM_LOG_BASE_ADDR hardcodes the phys address of the event log
in case CFG_DT is not set.
CFG_TPM_MAX_LOG_SIZE harcodes the size of the event log in case
CFG_DT is not set.

When this feature is enabled, the PTA_SYSTEM_GET_TPM_EVENT_LOG
command is available to any TA.

Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

imx: enable CFG_TZC380 for supported SoCs

Enable the region autoconfiguration for supported SoCs by default.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Reviewed-by: Clement Faur

imx: enable CFG_TZC380 for supported SoCs

Enable the region autoconfiguration for supported SoCs by default.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Reviewed-by: Clement Faure <clement.faure@nxp.com>

show more ...

imx: tzc380: move to driver_init() initcall

Instead of configuring the tzc380 in plat_primary_init_early, handle the
configuration similar to all other drivers by using a driver_init()
initcall.

Si

imx: tzc380: move to driver_init() initcall

Instead of configuring the tzc380 in plat_primary_init_early, handle the
configuration similar to all other drivers by using a driver_init()
initcall.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Reviewed-by: Clement Faure <clement.faure@nxp.com>

show more ...