core: core_mmu_v7: core_mmu_get_user_pgdir: remove duplicated code

core_mmu_set_info_table already set num_entries, no need to set it
again.

Signed-off-by: Peng Fan <peng.fan@nxp.com>
Reviewed-by:

core: core_mmu_v7: core_mmu_get_user_pgdir: remove duplicated code

core_mmu_set_info_table already set num_entries, no need to set it
again.

Signed-off-by: Peng Fan <peng.fan@nxp.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Dump call stack on TA panic

Adds support for dumping the call stack of a user-mode TA when it
panics. Stack unwinding happens in kernel mode by re-using
abort_print_error() in core/arch/arm/kernel/a

Dump call stack on TA panic

Adds support for dumping the call stack of a user-mode TA when it
panics. Stack unwinding happens in kernel mode by re-using
abort_print_error() in core/arch/arm/kernel/abort.c. Like for abort
dumps, the helper script scripts/symbolize.py may be used to obtain
source-level information.

This feature is enabled by default. Set CFG_UNWIND=n to disable it
(or CFG_TEE_CORE_DEBUG=n).

In libutee, the utee_panic() syscall wrapper is renamed __utee_panic()
and now takes an additional parameters: a stack pointer, in addition to
the panic code. utee_panic() is written in assembly and pushes some
registers onto the stack before calling __utee_panic(). When it is time
to return from syscall_panic(), tee_svc_sys_return_helper() uses the
stack pointer to get the information needed to unwind the TA stack.
A struct abort_info is created and abort_print_error() is called.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (QEMU)
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey 32/64)
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (QEMUv8)

show more ...

arm: build user-mode assembler files with -g

$(platform-aflags-generic) is used only in $(core-platform-aflags),
not in $(ta_arm32-platform-aflags) or $(ta_arm64-platform-aflags). As a
result, only

arm: build user-mode assembler files with -g

$(platform-aflags-generic) is used only in $(core-platform-aflags),
not in $(ta_arm32-platform-aflags) or $(ta_arm64-platform-aflags). As a
result, only the TEE core is built with -g. The user-mode libraries are
not. Fix this so that symbolize.py can correctly find file and line
information when it encounters an assembler file in a call stack.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core:mmu: rename _divide_block into _prepare_small_page_mapping

core_mmu_divide_block() label is misleading.

core_mmu_prepare_small_page_mapping() is used to allocate required
mmu table(s) and init

core:mmu: rename _divide_block into _prepare_small_page_mapping

core_mmu_divide_block() label is misleading.

core_mmu_prepare_small_page_mapping() is used to allocate required
mmu table(s) and init the mmu to that a full pdgir area can be
used the map 4kB small pages from a single table entry (mmu descriptor).

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmaill.com>

show more ...

core: fix case core_mmu_divide_block runs out of xlat table

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Volodymyr Babc

core: fix case core_mmu_divide_block runs out of xlat table

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmaill.com>

show more ...

core: core_mmu_divide_block shall not unmap memory

Since the function is not expected to unmap anything, it should simply
check that nothing is mapped instead of restoring the previous mapping
one t

core: core_mmu_divide_block shall not unmap memory

Since the function is not expected to unmap anything, it should simply
check that nothing is mapped instead of restoring the previous mapping
one the overall pgdir entries.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Etienne Carriere <etienne.carriere@linaro.org> (b2260)
Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmaill.com>

show more ...

core: fix core_mmu_divide_block() against 32bit mmu constraint

core_mmu_divide_block() is used to prepare a MMU pgdir mapping table
when no pgdir MMU table was previous allocated/filled to map a
sma

core: fix core_mmu_divide_block() against 32bit mmu constraint

core_mmu_divide_block() is used to prepare a MMU pgdir mapping table
when no pgdir MMU table was previous allocated/filled to map a
small page mapped address range.

On non-LPAE (32bit mmu), a pgdir entry cannot be used to map both
secure and non-secure pages. The pgdir descriptor defines whether
the small pages inside the pgdir range will map secure or non-secure
memory. Hence the core_mmu_divide_block() function takes an extra
argument: the target secure/non-secure attribute of the pgdir. This
argument in unused on LPAE mapping as a pgdir can hold secure as well
as non-secure entries.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmaill.com>

show more ...

core/mmu v7: move code inside core_mmu_divide_block

This change allocates the L2 table only once it is useful. This change
allows to eventually exit the function without freeing the L2 is
something

core/mmu v7: move code inside core_mmu_divide_block

This change allocates the L2 table only once it is useful. This change
allows to eventually exit the function without freeing the L2 is
something fails before we are filling the L2 table content.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmaill.com>

show more ...

core: tee_mmu: avoid resource leak

If calloc fails, need to free the asid bit in g_asid.

Signed-off-by: Peng Fan <peng.fan@nxp.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

core: user_ta: use TEE_MMU_UMAP_STACK_IDX

Use TEE_MMU_UMAP_STACK_IDX to replace the number 0.

Signed-off-by: Peng Fan <peng.fan@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

plat-ti: Configure and enable Secure Data Path by default

Enable SDP by default on TI platforms and reserve 4 MiB from the end of
the TZDRAM area that is already reserved for OP-TEE and firewalled.

plat-ti: Configure and enable Secure Data Path by default

Enable SDP by default on TI platforms and reserve 4 MiB from the end of
the TZDRAM area that is already reserved for OP-TEE and firewalled.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

plat-ti: Add Suspend/Resume support for AM43xx

When the non-secure world is attempting to suspend it will call into the
secure side using a platform service call. We implement this here in
OP-TEE by

plat-ti: Add Suspend/Resume support for AM43xx

When the non-secure world is attempting to suspend it will call into the
secure side using a platform service call. We implement this here in
OP-TEE by saving the needed secure side registers.

On resume the ROM will restore the secure side to its original
configuration and OP-TEE will be re-entered from its boot reset vector.
Add a check for the resume case and restore the secure registers if we
are resuming.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: thread: clarify syscalls return and panic

Updates comments describing how syscall_sys_return() and syscall_panic()
manages to return from the TA in order to resume execution in OP-TEE OS.

Ack

core: thread: clarify syscalls return and panic

Updates comments describing how syscall_sys_return() and syscall_panic()
manages to return from the TA in order to resume execution in OP-TEE OS.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

qemu_v8: move SHM region

With the current setup, qemu puts initrd in the midst of reserved
SHM region. This confuses linux kernel, because it forbids self
to access that reserved region.
As there ar

qemu_v8: move SHM region

With the current setup, qemu puts initrd in the midst of reserved
SHM region. This confuses linux kernel, because it forbids self
to access that reserved region.
As there are no easy way tell qemu where to put initrd, it is easier
to move SHM in the optee-os.

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Suggested-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

TUI: remove frame buffer

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

TUI: remove ps2mouse

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

TUI: remove clcd pl111

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

TUI: remove PL050

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

plat-ti: Disable TRNG use on AM43xx

On AM43xx family devices the non-secure side may IDLE hardware IP
that are not in use. This will prevent the correct operation of these
IP on the secure side. Unt

plat-ti: Disable TRNG use on AM43xx

On AM43xx family devices the non-secure side may IDLE hardware IP
that are not in use. This will prevent the correct operation of these
IP on the secure side. Until a solution to share management of IPs is
developed, disable the secure driver for this platform.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-mediatek: Use CFG_CORE_CLUSTER_SHIFT to remove get_core_pos_mpidr()

Use the new CFG_CORE_CLUSTER_SHIFT to remove the platform specific
core_pos() helpers.

Signed-off-by: Andrew F. Davis <afd@t

plat-mediatek: Use CFG_CORE_CLUSTER_SHIFT to remove get_core_pos_mpidr()

Use the new CFG_CORE_CLUSTER_SHIFT to remove the platform specific
core_pos() helpers.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: Make core_pos more generic

The function core_pos() assumes 4 cores per cluster, this may not
be true for all platforms. Define CFG_CORE_CLUSTER_SHIFT to be
=log2(cores/cluster) and allow setti

core: Make core_pos more generic

The function core_pos() assumes 4 cores per cluster, this may not
be true for all platforms. Define CFG_CORE_CLUSTER_SHIFT to be
=log2(cores/cluster) and allow setting this from platform config.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

rpmb: mask off RPV/CRC fields in CID to derive rpmb key

PRV (Product revision) [55:48] and CRC field [7:1] in CID would be
changed when doing eMMC FFU.
It is reasonable to mask off PRV and CRC in CI

rpmb: mask off RPV/CRC fields in CID to derive rpmb key

PRV (Product revision) [55:48] and CRC field [7:1] in CID would be
changed when doing eMMC FFU.
It is reasonable to mask off PRV and CRC in CID when using CID to
derive RPMB key.

Signed-off-by: Peifu Jiang <peifu.jiang@amlogic.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

dts: pass PA of reserved region

config_nsmem() used VA of SHM region. This is wrong and it confused
linux kernel. We need to pass physical address.

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gm

dts: pass PA of reserved region

config_nsmem() used VA of SHM region. This is wrong and it confused
linux kernel. We need to pass physical address.

Signed-off-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Suggested-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: psci: Split PM config from PSCI

Not all platforms need PM when implementing PSCI, also some
platforms may need PM but do not implement PSCI. As PSCI has
no direct dependence on PM, split

core: arm: psci: Split PM config from PSCI

Not all platforms need PM when implementing PSCI, also some
platforms may need PM but do not implement PSCI. As PSCI has
no direct dependence on PM, split these config options.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: fix core_mmu_map_pages()

Adds missing dsb_ishst() at the end of core_mmu_map_pages() needed to
guarantee that changes to translation tables are visible.

Reviewed-by: Etienne Carriere <etienne

core: fix core_mmu_map_pages()

Adds missing dsb_ishst() at the end of core_mmu_map_pages() needed to
guarantee that changes to translation tables are visible.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Stuart Yoder <stuart.yoder@arm.com>
Reported-by: Stuart Yoder <stuart.yoder@arm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...