core: always save manifest DT with CFG_CORE_SEL2_SPMC=y

With CFG_CORE_SEL2_SPMC=y the manifest device tree is passed via boot
info from the SPMC at S-EL2. This manifest can contain configuration
nee

core: always save manifest DT with CFG_CORE_SEL2_SPMC=y

With CFG_CORE_SEL2_SPMC=y the manifest device tree is passed via boot
info from the SPMC at S-EL2. This manifest can contain configuration
needed later during boot, so save it always regardless of
CFG_CORE_PHYS_RELOCATABLE.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Leisen <leisen1@huawei.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

crypto: introduce CFG_CRYPTO_HW_PBKDF2

Add a new configuration flag to support hardware implementation of
PBKDF2.

Signed-off-by: loubaihui <loubaihui1@huawei.com>
Acked-by: Jens Wiklander <jens.wik

crypto: introduce CFG_CRYPTO_HW_PBKDF2

Add a new configuration flag to support hardware implementation of
PBKDF2.

Signed-off-by: loubaihui <loubaihui1@huawei.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: riscv: Support Privileged Access Never by CSR status.SUM bit

The SUM (Supervisor User Memory access) bit modifies the privilege with
which S-mode loads and stores the user virtual memory. When

core: riscv: Support Privileged Access Never by CSR status.SUM bit

The SUM (Supervisor User Memory access) bit modifies the privilege with
which S-mode loads and stores the user virtual memory. When SUM bit is
0, S-mode accesses to pages whose U bit of corresponding PTE is set will
fault. When SUM bit is 1, these accesses are permitted.

When CFG_PAN is disabled in RISC-V architecture, the status.SUM bit is
initialized as 1 by default. Therefore all accesses to user pages will
succeed. When CFG_PAN is enabled, the status.SUM bit is initialized as
0, and only set to 1 when kernel needs to access user pages.

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Tested-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Marouene Boubakri <marouene.boubakri@nxp.com>

show more ...

core: asan: KASAN and ASLR are incompatible

The address sanitizer shadow offset address is given at compile time
(CFG_ASAN_SHADOW_OFFSET) and is hard-coded by the compiler into the
prologue of instr

core: asan: KASAN and ASLR are incompatible

The address sanitizer shadow offset address is given at compile time
(CFG_ASAN_SHADOW_OFFSET) and is hard-coded by the compiler into the
prologue of instrumented functions, for the purpose of initializing
the shadow area for the stack (local variables). With ASLR turned on,
this offset becomes invalid because of the random ASLR offset.

For KASAN to work with ASLR, we would need to either keep the shadow
area at the expected offset (which may not be very easy, I have not
investigated in more details) or provide the shadow offset dynamically.
An attempt was made three years ago to extend the GCC compiler with
such a feature [1] but there was no feedback from the maintainers [2].

Add a check in mk/config.mk so that KASAN and ASLR may not be enabled
simultaneously.

Link: https://blogs.coreboot.org/blog/2020/08/31/gsoc-address-sanitizer-wrap-up/ [1]
Link: https://gcc.gnu.org/pipermail/gcc-patches/2020-July/550176.html [2]
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

arm64: Introduce permissive PAN implementation

Privileged Access Never (PAN) is a part of ARMv8.1 extension that
restricts accesses to unprivileged memory from privileged mode
in order to prevent un

arm64: Introduce permissive PAN implementation

Privileged Access Never (PAN) is a part of ARMv8.1 extension that
restricts accesses to unprivileged memory from privileged mode
in order to prevent unintended accesses to potentially malicious
memory.

This introduces configuration of PAN and helper functions
enter_user_access() and exit_user_access() that toggles PSTATE.PAN
that controls the behavior of PAN.

Current OP-TEE impelmentation is not ready to apply strict PAN policy
due to missing user-access function uses, etc.

Hence, this patch takes a very permissive approach (yet better
than nothing), where PAN is deactivated in the entire lifetime of
thread_svc_handler (i.e., system call).

Signed-off-by: Seonghyun Park <seonghp@amazon.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

Update CHANGELOG for 3.22.0

Update CHANGELOG for 3.22.0 and collect Tested-by tags.

Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6dlsabresd)
Tested-by: Clement Faure <clement.faure@nxp.c

Update CHANGELOG for 3.22.0

Update CHANGELOG for 3.22.0 and collect Tested-by tags.

Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6dlsabresd)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6qsabresd)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6sllevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6sxsabresd)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6ulevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6ullevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6ulzevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx7dsabresd)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx7ulpevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx8mmevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx8mnevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx8mpevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx8mqevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx8qmmek)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx8qxpmek)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx8ulpevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx93evk)
Tested-by: Etienne Carriere <etienne.carriere@foss.st.com> (stm32mp1-135F_DK)
Tested-by: Etienne Carriere <etienne.carriere@foss.st.com> (stm32mp1-157C_DK2)
Tested-by: Etienne Carriere <etienne.carriere@foss.st.com> (stm32mp1-157C_EV1)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (FVP)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (Juno)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (imx-mx8mqevk)
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (rockchip-rk3399) (RockPi4B)
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (vexpress-qemu_armv8a)
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (vexpress-qemu_virt)
Tested-by: Joakim Bech <joakim.bech@linaro.org> (Rpi3B)
Tested-by: Jorge Ramirez-Ortiz <jorge@foundries.io> (versal)
Tested-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com> (rcar-salvator_m3_2x4g / virt)
Signed-off-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

ftrace: change implementation to use binary circular buffer

The current implementation of function tracing (CFG_FTRACE_SUPPORT)
produces human-readable text into the output buffer that is passed to

ftrace: change implementation to use binary circular buffer

The current implementation of function tracing (CFG_FTRACE_SUPPORT)
produces human-readable text into the output buffer that is passed to
tee-supplicant and ultimately saved to the Linux filesystem. Two main
issues with that:

1. The string formatting code is somewhat complex. It introduces
significant overhead in the execution time of the instrumented
functions.
2. The various policies about how to handle a buffer full condition
(CFG_FTRACE_BUF_WHEN_FULL) are not very convenient. In particular,
"shift" is typically the most desirable option because it always
keeps the most recent entries, but it is very inefficient to the
point of not being usable in practice.

This commit addresses the above concerns by making the ftrace buffer
circular one, each entry being 64-bit value. The formatting code is
offloaded to a new Python script: scripts/ftrace_format.py. The
output is unchanged except for an added field showing the current
depth in the call stack.

Typical usage (captured on QEMUv8):

build$ mkdir -p ../tmp
build$ chmod a+w ../tmp
build$ make CFG_FTRACE_SUPPORT=y CFG_FTRACE_BUF_SIZE=15000 \
CFG_TA_MCOUNT=y CFG_ULIBS_MCOUNT=y CFG_SYSCALL_FTRACE=y \
QEMU_VIRTFS_AUTOMOUNT=y run
$ xtest regression_1004
...
$ cp /tmp/ftrace-cb3e5ba0-adf1-11e0-998b-0002a5d5c51b.out /mnt/host/tmp
build$ cd ..
optee$ optee_os/scripts/ftrace_format.py \
tmp/ftrace-cb3e5ba0-adf1-11e0-998b-0002a5d5c51b.out |
optee_os/scripts/symbolize.py \
-d optee_os/out/arm/core \
-d out-br/build/optee_test_ext-1.0/ta/*/out | less
TEE load address @ 0x5ab04000
Function graph for TA: cb3e5ba0-adf1-11e0-998b-0002a5d5c51b @ 80085000
| 1 | __ta_entry() {
| 2 | __utee_entry() {
43.840 us | 3 | ta_header_get_session()
7.216 us | 3 | tahead_get_trace_level()
14.480 us | 3 | trace_set_level()
| 3 | malloc_add_pool() {
| 4 | raw_malloc_add_pool() {
46.032 us | 5 | bpool()
| 5 | raw_realloc() {
166.256 us | 6 | bget()
23.056 us | 6 | raw_malloc_return_hook()
267.952 us | 5 | }
398.720 us | 4 | }
426.992 us | 3 | }
| 3 | TEE_GetPropertyAsU32() {
23.600 us | 4 | is_propset_pseudo_handle()
| 4 | __utee_check_instring_annotation() {
26.416 us | 5 | strlen()
| 5 | check_access() {
| 6 | TEE_CheckMemoryAccessRights() {
| 7 | _utee_check_access_rights() {
| 8 | syscall_check_access_rights() {
| 9 | ts_get_current_session() {
4.304 us | 10 | ts_get_current_session_may_fail()
10.976 us | 9 | }
| 9 | to_user_ta_ctx() {
2.496 us | 10 | is_user_ta_ctx()
8.096 us | 9 | }
| 9 | vm_check_access_rights() {
| 10 | vm_buf_is_inside_um_private() {
| 11 | core_is_buffer_inside() {
...

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Sumit Garg <sumit.garg@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: pinctrl: add pinctrl support

Add support for pinctrl support using device-tree. The device-tree
"pinctrl-<x>" and "pinctrl-names" properties are supported and
allows to apply a pinctrl conf

drivers: pinctrl: add pinctrl support

Add support for pinctrl support using device-tree. The device-tree
"pinctrl-<x>" and "pinctrl-names" properties are supported and
allows to apply a pinctrl configuration based on this. This support
also includes a way to register pin muxing controllers that can apply
these states.
A few properties of the pinctrl nodes are supported such as
"bias-disable", "bias-pull-up" and "bias-pull-down".

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

mk: config.mk: fix some typos

Fix some spelling mistakes in mk/config.mk.

Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

dt_driver_test: add tests for gpio controller framework

Add various tests for the GPIO dt controller framework much like what was
done for the rstclr system.

Signed-off-by: Clément Léger <clement.l

dt_driver_test: add tests for gpio controller framework

Add various tests for the GPIO dt controller framework much like what was
done for the rstclr system.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: gpio: add device-tree based gpio controller framework

Build a small gpio framework based on the device-tree infrastructure and
on top of the existing gpio.h content. This framework allows t

drivers: gpio: add device-tree based gpio controller framework

Build a small gpio framework based on the device-tree infrastructure and
on top of the existing gpio.h content. This framework allows to register
gpio controllers and to retrieve gpio struct based on a "<name>-gpios"
properties.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: scmi-msg: add support for clock using generic clock framework

Integrating the clock framework with SCMI allows to avoid boilerplate
code to do so in platform specific files. This patch adds

drivers: scmi-msg: add support for clock using generic clock framework

Integrating the clock framework with SCMI allows to avoid boilerplate
code to do so in platform specific files. This patch adds a generic
layer that uses the generic clock framework to access and expose clocks.
SCMI clocks can be added from platform code using scmi_clk_add().
A new CFG_SCMI_MSG_USE_CLK configuration option is added to enable
this generic clock support.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: notif: fix input comment typo

Fixes inline comment typo in OP-TEE standard SMCs description and
CFG_CORE_ASYNC_NOTIF switch description.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org

core: notif: fix input comment typo

Fixes inline comment typo in OP-TEE standard SMCs description and
CFG_CORE_ASYNC_NOTIF switch description.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

driver: tpm2: remove TPM2 driver

Remove TPM2 driver from OP-TEE core. OP-TEE will instead rely on a
remote REE TPM2 driver allowing REE OS to embed TPM2 software stack
and leverage TPM2 features.

A

driver: tpm2: remove TPM2 driver

Remove TPM2 driver from OP-TEE core. OP-TEE will instead rely on a
remote REE TPM2 driver allowing REE OS to embed TPM2 software stack
and leverage TPM2 features.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: move CFG_WITH_SOFTWARE_PRNG default definition

Move CFG_WITH_SOFTWARE_PRNG default definition to crypto.mk to make it
overide-able by the HW crypto implementation.
Without this fix, forcing CF

core: move CFG_WITH_SOFTWARE_PRNG default definition

Move CFG_WITH_SOFTWARE_PRNG default definition to crypto.mk to make it
overide-able by the HW crypto implementation.
Without this fix, forcing CFG_WITH_SOFTWARE_PRNG to n in a crypto driver
configuration file will trigger the following compilation issue:

core/drivers/crypto/<driver>/crypto.mk:140: *** CFG_WITH_SOFTWARE_PRNG is set to 'y' (from file) but its value must be 'n' [Mandated by xxx]. Stop.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: i2c: add a simple framework to handle i2c devices

Add simple i2c support which provides support for I2C controllers and
devices using the generic DT mechanisms that already exists. I2C
cont

drivers: i2c: add a simple framework to handle i2c devices

Add simple i2c support which provides support for I2C controllers and
devices using the generic DT mechanisms that already exists. I2C
controllers needs to implement i2c_ctrl_ops to provide i2c operations
such as read, write and smbus commands depending on their capabilities.
I2C devices driver can then be defined using DEFINE_I2C_DEV_DRIVER().
This macros will use a default i2c probe function (__i2c_probe()) which
will then call the I2C device probe function by passing a i2c_dev struct
that can be used to communicate with the I2C device defined in the
device-tree.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

Update CHANGELOG for 3.21.0

Update CHANGELOG for 3.21.0 and collect Tested-by tags.

Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6dlsabresd)
Tested-by: Clement Faure <clement.faure@nxp.c

Update CHANGELOG for 3.21.0

Update CHANGELOG for 3.21.0 and collect Tested-by tags.

Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6dlsabresd)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6qsabresd)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6sllevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6sxsabresd)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6ulevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6ullevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6ulzevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx7dsabresd)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx7ulpevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx8mmevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx8mnevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx8mqevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx8mpevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx8qmmek)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx8qxpmek)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx8ulpevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx93evk)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (Juno)
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (vexpress-qemu_virt)
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (vexpress-qemu_armv8a)
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (rockchip-rk3399) (RockPi4B)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (imx-mx8mqevk)
Tested-by: Igor Opaniuk <igor.opaniuk@foundries.io> (Poplar)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (vexpress-fvp)
Tested-by: Etienne Carriere <etienne.carriere@linaro.org> (stm32mp1-157C_DK2)
Tested-by: Etienne Carriere <etienne.carriere@linaro.org> (stm32mp1-157C_EV1)
Tested-by: Joakim Bech <joakim.bech@linaro.org> (RPi3B)
Tested-by: Ricardo Salveti <ricardo@foundries.io> (ZynqMP)
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: crypto: change supported HMAC key size ranges

Change supported HMAC key size range from 64 to 1024 when
CFG_HMAC_64_1024_RANGE config is enabled, This is required
to successfully pass AOSP Key

core: crypto: change supported HMAC key size ranges

Change supported HMAC key size range from 64 to 1024 when
CFG_HMAC_64_1024_RANGE config is enabled, This is required
to successfully pass AOSP Keymaster VTS tests.

From TEE Internal Core API specificaion:
"Table 5-9, support for other sizes or algorithms
is implementation-defined."

Signed-off-by: Igor Opaniuk <igor.opaniuk@linaro.org>
Signed-off-by: Safae Ouajih <souajih@baylibre.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

virt: rename CFG_VIRTUALIZATION to CFG_NS_VIRTUALIZATION

With the advent of virtualization support at S-EL2 in the Armv8.4-A
architecture, CFG_VIRTUALIZATION has become ambiguous. Let's rename
it to

virt: rename CFG_VIRTUALIZATION to CFG_NS_VIRTUALIZATION

With the advent of virtualization support at S-EL2 in the Armv8.4-A
architecture, CFG_VIRTUALIZATION has become ambiguous. Let's rename
it to CFG_NS_VIRTUALIZATION to indicate more clearly that it is about
supporting virtualization on the non-secure side.

This commit is the result of the following command:

$ for f in $(git grep -l -w CFG_VIRTUALIZATION); do \
sed -i -e 's/CFG_VIRTUALIZATION/CFG_NS_VIRTUALIZATION/g' $f; \
done

...plus the compatibility line in mk/config.mk:

CFG_NS_VIRTUALIZATION ?= $(CFG_VIRTUALIZATION)

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>

show more ...

Upgrade in-tree TAs to use latest version of TEE Internal Core API

Upgrades in-tree TAs to use latest version of TEE Internal Core API and
the compatibility flag is by default turned off.

Upgrading

Upgrade in-tree TAs to use latest version of TEE Internal Core API

Upgrades in-tree TAs to use latest version of TEE Internal Core API and
the compatibility flag is by default turned off.

Upgrading the TAs is basically a matter of replacing a few uint32_t
pointers with size_t pointers instead. This is done in as few places as
possible. So in particular the PKCS#11 TA might benefit from another
round of refactoring now that the contagious use of uint32_t as size
field is removed.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

config: add CFG_BUILD_IN_TREE_TA flag

This flag allows us to enable or disable building "User TAs".
By disabling "User TAs" we could build "TA_DEV_KIT" without
building TAs present in optee-os proje

config: add CFG_BUILD_IN_TREE_TA flag

This flag allows us to enable or disable building "User TAs".
By disabling "User TAs" we could build "TA_DEV_KIT" without
building TAs present in optee-os project under ta/*/user_ta.mk.

Signed-off-by: Julien Masson <jmasson@baylibre.com>
Signed-off-by: Balsam CHIHI <bchihi@baylibre.com>
Signed-off-by: Safae Ouajih <souajih@baylibre.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

Update CHANGELOG for 3.20.0

Update CHANGELOG for 3.20.0 and collect Tested-by tags.

Tested-by: Johann Neuhauser <jneuhauser@dh-electronics.com> (stm32mp1-157A_DHCOR_AVENGER96)
Tested-by: Johann Neu

Update CHANGELOG for 3.20.0

Update CHANGELOG for 3.20.0 and collect Tested-by tags.

Tested-by: Johann Neuhauser <jneuhauser@dh-electronics.com> (stm32mp1-157A_DHCOR_AVENGER96)
Tested-by: Johann Neuhauser <jneuhauser@dh-electronics.com> (stm32mp1-157C_DHCOM_PDK2)
Tested-by: Joakim Bech <joakim.bech@linaro.org> (RPi3)
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (vexpress-qemu_armv8a)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (imx-mx8mqevk)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (Hikey)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (Juno)
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (RockPi4)
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (vexpress-qemu_virt)
Tested-by: Etienne Carriere <etienne.carriere@linaro.org> (stm32mp1-157C_DK2)
Tested-by: Etienne Carriere <etienne.carriere@linaro.org> (stm32mp1-157C_EV1)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6dlsabresd)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6qsabresd)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6sllevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6sxsabresd)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6ulevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6ullevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6ulzevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx7dsabresd)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx7ulpevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx8mmevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx8mnevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx8mqevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx8mpevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx8qmmek)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx8qxpmek)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx8ulpevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx93evk)
Tested-by: Ricardo Salveti <ricardo@foundries.io> (k3-am64x)
Tested-by: Ricardo Salveti <ricardo@foundries.io> (ZynqMP)
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: lib: scmi-server: Build a SCMI server from SCP-firmware

Adds build of an SCMI server library using SCP-firmware source tree
upon boolean configuration switch CFG_SCMI_SCPFW. Platform must set

core: lib: scmi-server: Build a SCMI server from SCP-firmware

Adds build of an SCMI server library using SCP-firmware source tree
upon boolean configuration switch CFG_SCMI_SCPFW. Platform must set
the SCP firmware target product with CFG_SCMI_SCPFW_PRODUCT and the
root path of the SCP-firmware source tree with CFG_SCP_FIRMWARE.

CFG_SCMI_SCPFW and CFG_SCMI_MSG_DRIVERS are exclusives alternate
implementations of SCMI services. The former implements almost all
the SCMI specification while the later implements only basic SCMI
services.

SCP-firmware is configured with CMake as an external project to
generate the embedded module resource source and header files to
be built with SCP-firmware.

This commit integrates the 2 SCP-firmware products designed for OP-TEE
in SCP-firmware source tree. Product optee-fvp targets platform vexpress
flavors FVP and Qemus. Product optee-stm32mp1 targets platform stm32mp1.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Vincent Guittot <vincent.guittot@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: pta: scmi: internal switches for supported transports

Adds internal configuration switch _CFG_SMCI_PTA_SMT_HEADER
and _CFG_SCMI_PTA_MSG_HEADER to specify which are supported.
This change will

core: pta: scmi: internal switches for supported transports

Adds internal configuration switch _CFG_SMCI_PTA_SMT_HEADER
and _CFG_SCMI_PTA_MSG_HEADER to specify which are supported.
This change will ease integration of the alternate SCMI server
build from SCP-firmware.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

Update reported version to GP Core Internal API v1.3.1

Updates the reported version to 1.3.1. Three new defines:
- TEE_CORE_API_REQUIRED_MAJOR_VERSION
- TEE_CORE_API_REQUIRED_MINOR_VERSION
- TEE_COR

Update reported version to GP Core Internal API v1.3.1

Updates the reported version to 1.3.1. Three new defines:
- TEE_CORE_API_REQUIRED_MAJOR_VERSION
- TEE_CORE_API_REQUIRED_MINOR_VERSION
- TEE_CORE_API_REQUIRED_MAINTENANCE_VERSION
are added by the standard as a way for the TA to specify required
version of the API. OP-TEE only supports downgrading to version 1.1.

A simplified OP-TEE specific method is also provided:
Adds the configuration option CFG_TA_OPTEE_CORE_API_COMPAT_1_1 which
enables TEE Internal Core API v1.1 compatibility for in-tree TAs.

The TA dev kit is also updated to recognize
CFG_TA_OPTEE_CORE_API_COMPAT_1_1 and set define
__OPTEE_CORE_API_COMPAT_1_1 to 1 if set.

These new defines does not do anything yet, but in following commits
functions and types will be updated gradually until all functions and
types changed in version 1.3.1 compared to the ones in v1.1 have been
updated.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...