clk: stm32mp25: Introduce STM32MP25 clocks platform

This driver is based on clk-stm32-core API to manage STM32 gates, dividers
and muxes.

Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st

clk: stm32mp25: Introduce STM32MP25 clocks platform

This driver is based on clk-stm32-core API to manage STM32 gates, dividers
and muxes.

Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dt-bindings: add the STM32MP2 clock and reset bindings

Add the associated bindings for device tree and drivers.

Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Acked-by: Etienne Ca

dt-bindings: add the STM32MP2 clock and reset bindings

Add the associated bindings for device tree and drivers.

Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp2: add rcc helper function

Add dedicate include file for RCC to add helper function.

Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Reviewed-by: Etienne Carriere <etie

plat-stm32mp2: add rcc helper function

Add dedicate include file for RCC to add helper function.

Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp2: sysconfig: add Safe Reset functionality

Add possibility to manage safely master IP reset.
This is managed in SYSCFG safe reset control register (SYSCFG_SAFERSTCR)

Signed-off-by: Gabr

plat-stm32mp2: sysconfig: add Safe Reset functionality

Add possibility to manage safely master IP reset.
This is managed in SYSCFG safe reset control register (SYSCFG_SAFERSTCR)

Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp2: add stm32mp25 sysconfig driver

Driver to manage system configuration (sysconf) registers
the sysconf are identified by an ID to be able to be adapted for DT.

Signed-off-by: Arnaud Po

plat-stm32mp2: add stm32mp25 sysconfig driver

Driver to manage system configuration (sysconf) registers
the sysconf are identified by an ID to be able to be adapted for DT.

Signed-off-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com>
Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp2: conf: enable shared io driver

Default enable shared io driver for platform stm32mp2.

Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Reviewed-by: Etienne Carriere <e

plat-stm32mp2: conf: enable shared io driver

Default enable shared io driver for platform stm32mp2.

Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: mm: add CFG_PGT_CACHE_ENTRIES

Add CFG_PGT_CACHE_ENTRIES to allow platforms to customize the page
table cache size. This is needed for example when a platform is to
support very large TAs of se

core: mm: add CFG_PGT_CACHE_ENTRIES

Add CFG_PGT_CACHE_ENTRIES to allow platforms to customize the page
table cache size. This is needed for example when a platform is to
support very large TAs of several dozen of Mbytes of private memory
(code/data).

Move PGT_CACHE_SIZE macro definition from pgt_cache.h to pgt_cache.c
since it is used only in that source file.

By the way, fix pgt_cache.h layout to have header files includes first
followed by macro definitions.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Squashed commit upgrading to mbedtls-3.6.0

Squash merging branch import/mbedtls-3.6.0

0fc9291f4 ("libmbedtls: bignum: restore mbedtls_mpi_exp_mod() from v3.5.2")
0ef87b1e6 ("libmbedtls: reset minim

Squashed commit upgrading to mbedtls-3.6.0

Squash merging branch import/mbedtls-3.6.0

0fc9291f4 ("libmbedtls: bignum: restore mbedtls_mpi_exp_mod() from v3.5.2")
0ef87b1e6 ("libmbedtls: reset minimum rsa key size")
70b079496 ("libmbedtls: adjust use of rsa pk_wrap API")
6cf76464f ("libmbedtls: allow inclusion of arm_neon.h")
27df5c911 ("libmbedtls: fix cipher_wrap.c for NIST AES Key Wrap mode")
aa584f9ed ("libmbedtls: fix cipher_wrap.c for chacha20 and chachapoly")
523ae957e ("libmbedtls: add fault mitigation in mbedtls_rsa_rsassa_pkcs1_v15_verify()")
30bdb1bbf ("libmbedtls: add fault mitigation in mbedtls_rsa_rsassa_pss_verify_ext()")
e45cdab62 ("libmbedtls: add SM2 curve")
d2fda4fc2 ("libmbedtls: fix no CRT issue")
ab0eb5515 ("libmbedtls: add interfaces in mbedtls for context memory operation")
7925a6f26 ("libmedtls: mpi_miller_rabin: increase count limit")
8eaf69279 ("libmbedtls: add mbedtls_mpi_init_mempool()")
12e83fc8d ("libmbedtls: make mbedtls_mpi_mont*() available")
f9e261da5 ("mbedtls: configure mbedtls to reach for config")
7b6f378d7 ("mbedtls: remove default include/mbedtls/config.h")
c16331743 ("Import mbedtls-3.6.0")

Signed-off-by: Tom Van Eyck <tom.vaneyck@kuleuven.be>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: pass TEE_ATTR_RSA_OAEP_MGF_HASH to RSA-OAEP implementations

OP-TEE currently doesn't support using a different hash for MGF1
with RSA-OAEP. However, this is required for AOSP compatibility
(e.

core: pass TEE_ATTR_RSA_OAEP_MGF_HASH to RSA-OAEP implementations

OP-TEE currently doesn't support using a different hash for MGF1
with RSA-OAEP. However, this is required for AOSP compatibility
(e.g. in EncryptionOperationsTest.RsaOaepWithMGFDigestSuccess [1]).

Pass the MGF1 attribute to crypto implementations. Note that
only libtomcrypt supports this feature at the moment, so other
implementations will either fail or fall back to libtomcrypt when
passed a different MGF1 hash.

Link: https://android.googlesource.com/platform/hardware/interfaces/+/refs/heads/main/security/keymint/aidl/vts/functional/KeyMintTest.cpp#5552 [1]
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-sam: register CPU OPP clock for SCMI usage

Add the definitinon for 'AT91_SCMI_CLK_CPU_OPP'.
When the CPU OPP clock is available, add it to SCMI clock list.

Signed-off-by: Tony Han <tony.han@mi

plat-sam: register CPU OPP clock for SCMI usage

Add the definitinon for 'AT91_SCMI_CLK_CPU_OPP'.
When the CPU OPP clock is available, add it to SCMI clock list.

Signed-off-by: Tony Han <tony.han@microchip.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: clk: sam: add the implement of CPU OPP clock

Register CPU OPP clock with the following operations:
- set_rate: call the operation of its parent
- get_rates_array: return the rates got fro

drivers: clk: sam: add the implement of CPU OPP clock

Register CPU OPP clock with the following operations:
- set_rate: call the operation of its parent
- get_rates_array: return the rates got from DT.
Skip CPU OPP clock register when OPP is not supported.

Signed-off-by: Tony Han <tony.han@microchip.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-sam: prepare for CPU OPP (Operating Performance Points) support

Initialize clock rates array by parsing the device tree.

Signed-off-by: Tony Han <tony.han@microchip.com>
Acked-by: Etienne Carr

plat-sam: prepare for CPU OPP (Operating Performance Points) support

Initialize clock rates array by parsing the device tree.

Signed-off-by: Tony Han <tony.han@microchip.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: at91: add assigned-clock settings for sama7g5 qspi0

Assign QSPI0's clock to SYSPLL GCK 133MHz.

Signed-off-by: Tony Han <tony.han@microchip.com>
Acked-by: Etienne Carriere <etienne.carriere@fos

dts: at91: add assigned-clock settings for sama7g5 qspi0

Assign QSPI0's clock to SYSPLL GCK 133MHz.

Signed-off-by: Tony Han <tony.han@microchip.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

scripts: fix invalid escape sequence

A backslash-character pair that is not a valid
escape sequence is generating a SyntaxWarning in
Python 3.12 and could generate a SyntaxError in a
future version.

scripts: fix invalid escape sequence

A backslash-character pair that is not a valid
escape sequence is generating a SyntaxWarning in
Python 3.12 and could generate a SyntaxError in a
future version.

Use a raw string to avoid the escape.

Signed-off-by: Shen Jiamin <shen_jiamin@comp.nus.edu.sg>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

plat-mediatek: add support to extend MAX_XLAT_TABLE

When using the reserved virtual memory space, it is necessary to
increase MAX_XLAT_TABLE based on its size.

Signed-off-by: Gavin Liu <gavin.liu@m

plat-mediatek: add support to extend MAX_XLAT_TABLE

When using the reserved virtual memory space, it is necessary to
increase MAX_XLAT_TABLE based on its size.

Signed-off-by: Gavin Liu <gavin.liu@mediatek.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ree_fs: fix dirfile handle refcount

The counter ree_fs_dirh_refcount is used to determine when ree_fs_dirh
should be free, not as a guarantee that ree_fs_dirh is still valid. This
wasn't the a

core: ree_fs: fix dirfile handle refcount

The counter ree_fs_dirh_refcount is used to determine when ree_fs_dirh
should be free, not as a guarantee that ree_fs_dirh is still valid. This
wasn't the assumption in ree_fs_readdir_rpc(), ree_fs_closedir_rpc(),
and ree_fs_opendir_rpc(). So fix that by using get_dirh() in
ree_fs_readdir_rpc as needed.

Reported-by: Gavin Liu <gavin.liu@mediatek.com>
Closes: https://github.com/OP-TEE/optee_os/issues/6895
Fixes: ace6039fd434 ("core: REE_FS: refcount dirfile handle")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

libutils, zlib: fix Clang warnings

Clang 18.1.6 reports the following warnings:

CC out/arm/ldelf-lib/libutils/isoc/bget_malloc.o
In file included from lib/libutils/isoc/bget_malloc.c:127:

libutils, zlib: fix Clang warnings

Clang 18.1.6 reports the following warnings:

CC out/arm/ldelf-lib/libutils/isoc/bget_malloc.o
In file included from lib/libutils/isoc/bget_malloc.c:127:
lib/libutils/isoc/bget.c:607:7: warning: a function definition without a prototype is deprecated in all versions of C and is not supported in C23 [-Wdeprecated-non-prototype]
607 | void *bget(requested_align, hdr_size, requested_size, poolset)
| ^

And same with lib/zlib/{adler32.c,inffast.c,inflate.c,zutil.c}.

In addition, zutil.c causes:

CC out/arm/core/lib/zlib/zutil.o
core/lib/zlib/zutil.c:28:33: warning: a function declaration without a prototype is deprecated in all versions of C [-Wstrict-prototypes]
28 | const char * ZEXPORT zlibVersion()
| ^
| void

Add -Wno-deprecated-non-prototype to libutils' bget_malloc.c to silence
the first series, and simply remove -Wstrict-prototypes (added by
default by mk/compile.mk) when building zlib.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

arm64.h: fix compile error with Clang

Clang 18.1.6 fails to compile OP-TEE OS with the following error:

CC out/arm/core/arch/arm/kernel/vfp.o
In file included from core/arch/arm/kernel/vfp

arm64.h: fix compile error with Clang

Clang 18.1.6 fails to compile OP-TEE OS with the following error:

CC out/arm/core/arch/arm/kernel/vfp.o
In file included from core/arch/arm/kernel/vfp.c:6:
In file included from core/arch/arm/include/arm.h:137:
core/arch/arm/include/arm64.h:455:1: error: expected readable system register
455 | DEFINE_U32_REG_READWRITE_FUNCS(fpcr)
| ^
core/arch/arm/include/arm64.h:436:3: note: expanded from macro 'DEFINE_U32_REG_READWRITE_FUNCS'
436 | DEFINE_U32_REG_READ_FUNC(reg) \
| ^
core/arch/arm/include/arm64.h:430:3: note: expanded from macro 'DEFINE_U32_REG_READ_FUNC'
430 | DEFINE_REG_READ_FUNC_(reg, uint32_t, reg)
| ^
core/arch/arm/include/arm64.h:417:15: note: expanded from macro 'DEFINE_REG_READ_FUNC_'
417 | asm volatile("mrs %0, " #asmreg : "=r" (val64)); \
| ^
<inline asm>:1:10: note: instantiated into assembly here
1 | mrs x8, fpcr
| ^

...and similar ones for fpcr write, as well as fpsr read and write.

Clang 12.0.0 does not have any problem with this code which makes me
think that it's a Clang/LLVM issue.

Work around the problem by using the coded system register identifiers
S3_3_c4_c4_0 and S3_3_c4_c4_1 instead of fpcr and fpsr, respectively.
The values 3-3-4-4-0 and 3-3-4-4-1 are taken from the Arm ARM sections
C.5.2.8 and C.5.2.9.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: fix race condition on TA/PTA/StMM context loading

Fix race condition on creation of a context for single instance TAs,
PTAs or StMM application. Such race condition could occur and lead to
dup

core: fix race condition on TA/PTA/StMM context loading

Fix race condition on creation of a context for single instance TAs,
PTAs or StMM application. Such race condition could occur and lead to
duplicated contexts if connected close enough that they are created
after tee_ta_init_session() calls tee_ta_init_session_with_context()
and before the context are added in the centralized context list.

This is realized by keeping tee_ta_mutex held while tee_ctxes list is
looked up for matching a context or a new context is added into that
list with its .is_initializing field activated. For that purpose
user TA and StMM application initialization function are split in
2 functions, the 2nd one used to finalizes the context creation
started in the 1st function.

By the way, add inline description comments and fix indentation issues
in uaer_ta.h and remove the inline comment in pseudo_ta.c that refers
to TA loading whereas the function relates to PTA contexts creation.

Closes: https://github.com/OP-TEE/optee_os/issues/6801
Suggested-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: add mutex_is_locked() helper function

Add mutex_is_locked() helper function to return whether a mutex is
locked or not. This helper function must be use with care since it
does not guarantee t

core: add mutex_is_locked() helper function

Add mutex_is_locked() helper function to return whether a mutex is
locked or not. This helper function must be use with care since it
does not guarantee that the mutex is held by the executing thread.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: make is_initializing field a generic service context

Replace fields is_initializing from struct user_mode_ctx and
struct stmm_ctx with a common new field is_initialing in generic
struct tee_ta

core: make is_initializing field a generic service context

Replace fields is_initializing from struct user_mode_ctx and
struct stmm_ctx with a common new field is_initialing in generic
struct tee_ta_ctx so that it can be used in generic context loading
functions for contexts which initialization is done with tee_ta_mutex
released.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: plat-corstone1000: Remove MMCOMM buffer address

Remove MMCOMM buffer address and mapping, as it is not
being used anymore

Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>

core: plat-corstone1000: Remove MMCOMM buffer address

Remove MMCOMM buffer address and mapping, as it is not
being used anymore

Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Emekcan Aras <emekcan.aras@arm.com>

show more ...

core: rename tee_mm_shm to core_virt_shm_pool

Rename tee_mm_shm to core_virt_shm_pool to make it clear that it handles
virtual memory allocations for shared memory.

Signed-off-by: Jens Wiklander <j

core: rename tee_mm_shm to core_virt_shm_pool

Rename tee_mm_shm to core_virt_shm_pool to make it clear that it handles
virtual memory allocations for shared memory.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: rename tee_mm_vcore to core_virt_mem_pool

Rename tee_mm_vcore to core_virt_mem_pool to make it clear that it
handles virtual memory allocations.

Signed-off-by: Jens Wiklander <jens.wiklander@

core: rename tee_mm_vcore to core_virt_mem_pool

Rename tee_mm_vcore to core_virt_mem_pool to make it clear that it
handles virtual memory allocations.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: move tee_mm_{sec_ddr,vcore,shm}

Move tee_mm_sec_ddr, tee_mm_vcore, and tee_mm_shm into core/mm/core_mmu.c.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Foriss

core: move tee_mm_{sec_ddr,vcore,shm}

Move tee_mm_sec_ddr, tee_mm_vcore, and tee_mm_shm into core/mm/core_mmu.c.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...