Ensure sctl programming before resuming system

The entry code programms the sctl register to enable
alignment check and disable I/D cache. Need to put an instruction
barrier to ensure sctl programmi

Ensure sctl programming before resuming system

The entry code programms the sctl register to enable
alignment check and disable I/D cache. Need to put an instruction
barrier to ensure sctl programming has taken place before
resuming the system.

Signed-off-by: Ashutosh Singh <ashutosh.singh@arm.com>
Tested-by: Ashutosh Singh <ashutosh.singh@arm.com>
Reviewed-by: James King <james.king@arm.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

arm: mutex: Add file and line to debuginfo

Adds file and line in the sleep and wake log line if CFG_MUTEX_DEBUG=y.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklande

arm: mutex: Add file and line to debuginfo

Adds file and line in the sleep and wake log line if CFG_MUTEX_DEBUG=y.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU,FVP)
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

core: arm: remove big lock

Removes big lock leaving TEE Core open to concurrent execution depending
on internal locks around all critical sections.

Signed-off-by: Jens Wiklander <jens.wiklander@lin

core: arm: remove big lock

Removes big lock leaving TEE Core open to concurrent execution depending
on internal locks around all critical sections.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

libutils: make malloc thread-safe

Makes malloc family of functions thread-safe by using an internal mutex
when compiled to be used in TEE Core.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.

libutils: make malloc thread-safe

Makes malloc family of functions thread-safe by using an internal mutex
when compiled to be used in TEE Core.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

core: arm: thread-safe sessions

Make session handling thread-safe with tee_ta_get_session(),
tee_ta_put_session() and tee_ta_unlink_session().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.o

core: arm: thread-safe sessions

Make session handling thread-safe with tee_ta_get_session(),
tee_ta_put_session() and tee_ta_unlink_session().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

core: ltc: enable thread-safety

Enables thread-safety by replacing empty macros for mutex handling with
a real implementation.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by:

core: ltc: enable thread-safety

Enables thread-safety by replacing empty macros for mutex handling with
a real implementation.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

core: ltc: add lock for memory pool

Adds a recursive lock for the memory pool, allowing only one thread at a
time to use the memory pool. This makes a predictable or consistent
worst case for memory

core: ltc: add lock for memory pool

Adds a recursive lock for the memory pool, allowing only one thread at a
time to use the memory pool. This makes a predictable or consistent
worst case for memory pool utilization. It also allows for a controlled
way of releasing memory from the pool to the pager when the pool is
unused.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

core: TEE_GetSystemTime() updates

- Set gpd.tee.systemTime.protectionLevel to 1000 when the time source
is the physical count register (CNTPCT), that is, when
CFG_SECURE_TIME_SOURCE_CNTPCT=y. The pr

core: TEE_GetSystemTime() updates

- Set gpd.tee.systemTime.protectionLevel to 1000 when the time source
is the physical count register (CNTPCT), that is, when
CFG_SECURE_TIME_SOURCE_CNTPCT=y. The protection level value is moved
into the time_source struct for better modularity.
- When the time source is REE (CFG_SECURE_TIME_SOURCE_REE=y), make sure
that successive calls return increasing values as required by the GP
TEE Core Internal API v1.1.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

plat-vexpress: bugfix reading char from uart

If debug prints aren't enabled plat-vexpress doesn't read characters
from the uart resulting in an endless loop.

This patch always reads the character r

plat-vexpress: bugfix reading char from uart

If debug prints aren't enabled plat-vexpress doesn't read characters
from the uart resulting in an endless loop.

This patch always reads the character regardless of debug prints.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (Juno)
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers/core/gic.c: Set priority mask to allow NS interrupts

The non-secure world's view of interrupt priorities only allows
it to set priorities between 0x80 and 0xff. This means that the
secure wo

drivers/core/gic.c: Set priority mask to allow NS interrupts

The non-secure world's view of interrupt priorities only allows
it to set priorities between 0x80 and 0xff. This means that the
secure world has to set the GICC_PMR (priority mask register) to
a value that allows NS interrupts, otherwise the non-secure
world will never see interrupts and has no way to set the
priorities so that it will ever see them.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers/core/gic.c: Fix indentation in gic_cpu_init()

The indentation in gic_cpu_init() is using spaces rather than
tabs. Since it's a very short function and we're about to add
some code to it, fix

drivers/core/gic.c: Fix indentation in gic_cpu_init()

The indentation in gic_cpu_init() is using spaces rather than
tabs. Since it's a very short function and we're about to add
some code to it, fix the indentation first.

Fix a comment typo while we're here.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

pager: bug fix boot time moving of hashes

Fixes problem with moving hashes of paged pages during boot. Before MMU is
initialize we invalidate all memory used by TEE Core. In the pager case we
had __

pager: bug fix boot time moving of hashes

Fixes problem with moving hashes of paged pages during boot. Before MMU is
initialize we invalidate all memory used by TEE Core. In the pager case we
had __init_end as end marker but that's not good now that we store the
hashes temporarily at that address. The new end is now __tmp_hashes_end.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (Juno)
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: enable paging with concurrent execution

* Updates the pager to handle concurrent execution.
* The pager now supports no execute and readonly pages too.

All physical pages used for paging is a

core: enable paging with concurrent execution

* Updates the pager to handle concurrent execution.
* The pager now supports no execute and readonly pages too.

All physical pages used for paging is also mapped in an aliased area
which is used when preparing a physical page to be mapped at another
virtual address.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU, FVP)
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

core: support concurrent use of VFP

Supports concurrent use of VFP by moving the VFP state into struct
thread_ctx. As a consequence VFP can only be used when a thread is
assigned to the CPU. This me

core: support concurrent use of VFP

Supports concurrent use of VFP by moving the VFP state into struct
thread_ctx. As a consequence VFP can only be used when a thread is
assigned to the CPU. This means that the pager can only verify pages
when a thread is active.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

core: wait_queue: sync obj address in debug print

Include address of sync object in wait queue debug prints to easier
locate a contended sync object.

Signed-off-by: Jens Wiklander <jens.wiklander@l

core: wait_queue: sync obj address in debug print

Include address of sync object in wait queue debug prints to easier
locate a contended sync object.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

core: arm: fix initcall alignment in link script

Increases initcall alignment to 8 to work on arm64.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@

core: arm: fix initcall alignment in link script

Increases initcall alignment to 8 to work on arm64.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

core: arm: initialize boot thread early

Initialize a boot thread early during boot to allow mutexes and other
objects depending on an active thread can be used during early boot
without any special

core: arm: initialize boot thread early

Initialize a boot thread early during boot to allow mutexes and other
objects depending on an active thread can be used during early boot
without any special quirks.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

core: split tee/entry.c

Split core/arch/arm/tee/entry.c into entry_fast.c and entry_std.c to
separate fast call code from standard call code. Fast call code must
not be paged, but standard code shou

core: split tee/entry.c

Split core/arch/arm/tee/entry.c into entry_fast.c and entry_std.c to
separate fast call code from standard call code. Fast call code must
not be paged, but standard code should be paged if possible.

The pager can only handle page faults for active threads.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

Convert remaining CRLF files

Converts the remaining CRLF files to LF, unix style.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Revie

Convert remaining CRLF files

Converts the remaining CRLF files to LF, unix style.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

Delete libutil_with_isoc

OP-TEE won't build unless $(libutil_with_isoc) is 'y', so this variable
is not needed.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bec

Delete libutil_with_isoc

OP-TEE won't build unless $(libutil_with_isoc) is 'y', so this variable
is not needed.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

plat-vexpress: Configure secure UART interrupt in qemu_virt startup

Configure the secure UART interrupt for the qemu_virt platform
flavour, rather than letting it default to non-secure.

Signed-off-

plat-vexpress: Configure secure UART interrupt in qemu_virt startup

Configure the secure UART interrupt for the qemu_virt platform
flavour, rather than letting it default to non-secure.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

qemu: update computation of TZDRAM_SIZE

TZDRAM_SIZE is computed from DRAM0_TEERES_SIZE, CFG_TEE_RAM_VA_SIZE
and CFG_SHMEM_SIZE, instead of using hard-coded values.

Change-Id: If4a21c1231e06d25c88dc

qemu: update computation of TZDRAM_SIZE

TZDRAM_SIZE is computed from DRAM0_TEERES_SIZE, CFG_TEE_RAM_VA_SIZE
and CFG_SHMEM_SIZE, instead of using hard-coded values.

Change-Id: If4a21c1231e06d25c88dca1ada535a06b0e80f4c
Signed-off-by: Pascal Brand <pascal.brand@st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Cedric Chaumont <cedric.chaumont@linaro.org>

show more ...

core: optionally enable concurrent execution of TAs

Enables concurrent execution of TAs unless CFG_DISABLE_CONCURRENT_EXEC
is y. Default is CFG_DISABLE_CONCURRENT_EXEC n, unless CFG_WITH_PAGER is
y.

core: optionally enable concurrent execution of TAs

Enables concurrent execution of TAs unless CFG_DISABLE_CONCURRENT_EXEC
is y. Default is CFG_DISABLE_CONCURRENT_EXEC n, unless CFG_WITH_PAGER is
y.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (QEMU)
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (HiKey)

show more ...

core/arm: rename TEESMC_RETURN_EBUSY

Renames TEESMC_RETURN_EBUSY to TEESMC_RETURN_ETHREAD_LIMIT to better
reflect the meaning.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by:

core/arm: rename TEESMC_RETURN_EBUSY

Renames TEESMC_RETURN_EBUSY to TEESMC_RETURN_ETHREAD_LIMIT to better
reflect the meaning.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...

plat-*/conf.mk cleanup

- Do not set CFG_ values that do not change the default
- Remove a few useless -D<flag>
- Always use '?=' as opposed to ':=' for consistent behavior with
'CFG_FOO=y make' an

plat-*/conf.mk cleanup

- Do not set CFG_ values that do not change the default
- Remove a few useless -D<flag>
- Always use '?=' as opposed to ':=' for consistent behavior with
'CFG_FOO=y make' and 'make CFG_FOO=y'
=> Use this form when both enabled and disabled are valid options
- Add macro: $(call force,CFG_FOO,y) to set a variable and make
sure it does not conflict with external values that may be given
on the command line or in the environment
=> Use this form when the variable can only have the specified value
(any other value would be invalid). 'override CFG_FOO := y' would
be correct, too, but would not detect conflicting values.
- Always include mk/conf.mk last so that the platform definitions
always take precedence over the global configuration

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Pascal Brand <pascal.brand@linaro.org>

show more ...