am57xx: fix build error

Fix "#elif with no expression" error when building with ti-am57xx flavor
Add am57xx to .travic.yml as supported platform

Reviewed-by: Jerome Forissier <jerome.forissier@lina

am57xx: fix build error

Fix "#elif with no expression" error when building with ti-am57xx flavor
Add am57xx to .travic.yml as supported platform

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Andrew F. Davis <afd@ti.com>
Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>

show more ...

core: thread: allocate RPC arg data on demand

Delays the RPC arg data allocation until it's needed to avoid doing RPC
when the caller in normal world isn't prepared to handle it.

Reviewed-by: Jerom

core: thread: allocate RPC arg data on demand

Delays the RPC arg data allocation until it's needed to avoid doing RPC
when the caller in normal world isn't prepared to handle it.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey)
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-ti: Add support for using HUK on DRA7xx/AM57xx

On DRA7xx/AM57xx the initial secure software will pass OP-TEE a
Hardware Unique Key (HUK), use this key when requested.

Signed-off-by: Andrew F.

plat-ti: Add support for using HUK on DRA7xx/AM57xx

On DRA7xx/AM57xx the initial secure software will pass OP-TEE a
Hardware Unique Key (HUK), use this key when requested.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

plat-ti: Read and store HUK sent by initial secure software

Some TI platforms pass the HUK to OP-TEE via a secure memory stack. Read
and store this key for later use. On platforms without CFG_OTP_SU

plat-ti: Read and store HUK sent by initial secure software

Some TI platforms pass the HUK to OP-TEE via a secure memory stack. Read
and store this key for later use. On platforms without CFG_OTP_SUPPORT
this key is ignored.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

plat-ti: Rename platform context to platform boot arguments

Currently the non-secure context is passed in from our initial secure
software as part of the OP-TEE load process. This passed-in data wil

plat-ti: Rename platform context to platform boot arguments

Currently the non-secure context is passed in from our initial secure
software as part of the OP-TEE load process. This passed-in data will
not only contain the non-secure context but also any additional data we
may need to give to OP-TEE. Rename these structures and group the context
data into a struct for future expansion.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

Support ARM GICv3 mode

In ARM GICv3 mode, the interrupts are used as below for optee_os.
* FIQ - Foreign interrupts not handled by optee_os. This includes
the non-secure interrupts that should be ha

Support ARM GICv3 mode

In ARM GICv3 mode, the interrupts are used as below for optee_os.
* FIQ - Foreign interrupts not handled by optee_os. This includes
the non-secure interrupts that should be handled by the REE and the
secure interrupts assigned to the monitor (aarch32 Monitor mode or
aarch64 EL3).
* IRQ - Native interrupts for optee_os.

And optee_os should use the system register interface to access the GICC
registers in GICv3 mode.

A new build flag `CFG_ARM_GICV3=y` should be set to support GICv3 mode.

Signed-off-by: David Wang <david.wang@arm.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Refine the interrupt handlers

The handlers of native and foreign interrupts are hardcoded in FIQ and
IRQ handlers.
This patch generalizes these handlers in macros.
For ARM GICv2 mode, FIQ handler ca

Refine the interrupt handlers

The handlers of native and foreign interrupts are hardcoded in FIQ and
IRQ handlers.
This patch generalizes these handlers in macros.
For ARM GICv2 mode, FIQ handler calls native interrupt handler and IRQ
handler calls foreign interrupt handler.

Signed-off-by: David Wang <david.wang@arm.com>
Tested-by: David Wang <david.wang@arm.com> (juno arm32 and arm64)
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

otp: convert to use weak default

There is no longer any point in having CFG_OTP_SUPPORT.

It's always supported either by the weak implementation
or any platform override.

Since there exists a plat

otp: convert to use weak default

There is no longer any point in having CFG_OTP_SUPPORT.

It's always supported either by the weak implementation
or any platform override.

Since there exists a platform 'sunxi' that does not have
CFG_GENERIC_BOOT and doesn't build generic_boot.c, this
is plaved in a new file 'otp_stubs.c'. Since this is
just copied Linaro code at this point, keep Linaro
copyright message on the new file.

Signed-off-by: Andy Green <andy@warmcat.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

dtb: no need to print trace with an ! if we were given a dtb with expected nodes

Signed-off-by: Andy Green <andy@warmcat.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

Add one IMSG line before OP-TEE init message

Otherwise at least on Hikey, it comes partway through an ARM TF
message and is hard to parse.

Signed-off-by: Andy Green <andy@warmcat.com>
[jf: s/a-t-f/

Add one IMSG line before OP-TEE init message

Otherwise at least on Hikey, it comes partway through an ARM TF
message and is hard to parse.

Signed-off-by: Andy Green <andy@warmcat.com>
[jf: s/a-t-f/ARM TF/ in commit log]
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: REE FS: use the new dirfile interface

Uses the new dirfile interface to keep track of persistent objects.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Etienne Carrie

core: REE FS: use the new dirfile interface

Uses the new dirfile interface to keep track of persistent objects.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Etienne Carriere <etienne.carriere@linaro.org> (b2260)
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: FS: key manager takes supplied UUID

The FS key manager takes a supplied UUID instead of extracting it from
current session in order to be more flexible.

Reviewed-by: Jerome Forissier <jerome.

core: FS: key manager takes supplied UUID

The FS key manager takes a supplied UUID instead of extracting it from
current session in order to be more flexible.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: FS: add helpers for tee_fs_dirfile_fileh

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jen

core: FS: add helpers for tee_fs_dirfile_fileh

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: FS: introduce dirfile interface

Introduces the dirfile interface which keeps a list of secure storage
objects. Each object is represented by the UUID of the owning TA, a hash
of the object, an

core: FS: introduce dirfile interface

Introduces the dirfile interface which keeps a list of secure storage
objects. Each object is represented by the UUID of the owning TA, a hash
of the object, and a handle to the name used in normal world to store
the encrypted data of the object.

The interface allows queued atomic updates to avoid difficult races
during creation and renaming of objects.

By keeping the list of the secure object files in a single database the
collected state of the objects can be represented by a single hash or
even a counter. This gives some flexibility when implementing
anti-rollback protection.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: htree: export/import hash of object

The hash-tree can be verified based on a known hash of the root node of
a secure storage object. When syncing the hash tree the hash of the root
node is sto

core: htree: export/import hash of object

The hash-tree can be verified based on a known hash of the root node of
a secure storage object. When syncing the hash tree the hash of the root
node is stored in an external location for further protection.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: Do not handle unsupported interrupts

Trying to handle an interrupt with an ID above the maximum will result
in a kernel panic as the itr_handle() function will try to disable this
unhand

core: arm: Do not handle unsupported interrupts

Trying to handle an interrupt with an ID above the maximum will result
in a kernel panic as the itr_handle() function will try to disable this
unhandled interruption.

Interrupts with a high ID will now be simply ignored.

Signed-off-by: Mathieu Briand <mbriand@witekio.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-ti: Add AM43xx platform services

The AM43xx ROM has a different monitor API set than DRA7xx/AM57xx
devices, implement these services here.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-

plat-ti: Add AM43xx platform services

The AM43xx ROM has a different monitor API set than DRA7xx/AM57xx
devices, implement these services here.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

plat-ti: Add support for PL310 in AM43xx

AM43xx family devices use the ARM PL310 Cache Controller, add
support for this here.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Joakim Bech <j

plat-ti: Add support for PL310 in AM43xx

AM43xx family devices use the ARM PL310 Cache Controller, add
support for this here.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

plat-ti: Add AM43xx platform flavor

Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

plat-ti: Cleanup platform configuration

Reorganize platform configuration to assist in addition of new
platforms. No functional changes.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Joa

plat-ti: Cleanup platform configuration

Reorganize platform configuration to assist in addition of new
platforms. No functional changes.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

core: mm: print memory type name instead of numerical value

Improve the legibility of the memory manager debug traces by
converting the memory types to strings before printing them in
dump_mmap_tabl

core: mm: print memory type name instead of numerical value

Improve the legibility of the memory manager debug traces by
converting the memory types to strings before printing them in
dump_mmap_table(), add_phys_mem() and add_va_space().

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>

show more ...

core_mmu_v7: Allow cache memory attributes to match non-SMP Linux

On non-SMP ARM Linux the default cache policy is inner/outer write-back,
no write-allocate not sharable. When compiled with SMP supp

core_mmu_v7: Allow cache memory attributes to match non-SMP Linux

On non-SMP ARM Linux the default cache policy is inner/outer write-back,
no write-allocate not sharable. When compiled with SMP support the
policy is updated to inner/outer write-back with write-allocate sharable.

OP-TEE makes the assumption that SMP will be enabled, allow overriding
this for the non-SMP cases.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core_mmu_v7: Rename index to normal cached memory

The index into cache attribute registers for device memory is called
ATTR_DEVICE_INDEX, but the normal cached memory is referred to as
ATTR_IWBWA_OW

core_mmu_v7: Rename index to normal cached memory

The index into cache attribute registers for device memory is called
ATTR_DEVICE_INDEX, but the normal cached memory is referred to as
ATTR_IWBWA_OWBWA_INDEX, this implies the caching type. This is not
always the type of cache we will use. Rename it to a more generic
ATTR_NORMAL_CACHED_INDEX.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-ti: Move TZDRAM area to better align with other DRAM uses

The area currently reserved for OP-TEE overlaps an area that is used
by another existing device use-case, move OP-TEE to a non-interfer

plat-ti: Move TZDRAM area to better align with other DRAM uses

The area currently reserved for OP-TEE overlaps an area that is used
by another existing device use-case, move OP-TEE to a non-interfering
address.

Signed-off-by: Andrew F. Davis <afd@ti.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: assert no null physical address is used in core static mapping

Current implementation of core mapping assumes value 0 denotes an
invalid physical address. Hence this change asserts (in debug m

core: assert no null physical address is used in core static mapping

Current implementation of core mapping assumes value 0 denotes an
invalid physical address. Hence this change asserts (in debug mode)
that no null physical address is used in the core static mapping.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...