Squashed commit upgrading to libtomcrypt-1.18.2-develop-20240412

Squash merging branch import/libtomcrypt-1.18.2-develop-20240412

165e1fe7816a ("core: ltc: update for libtomcrypt changes")
ff29487

Squashed commit upgrading to libtomcrypt-1.18.2-develop-20240412

Squash merging branch import/libtomcrypt-1.18.2-develop-20240412

165e1fe7816a ("core: ltc: update for libtomcrypt changes")
ff294871020d ("core: ltc: rsa_verify_hash: fix panic on hash mismatch")
43363afc3d5e ("core: ltc: add fault mitigation in crypto_acipher_rsassa_verify()")
d3040d8bc691 ("libtomcrypt: Remove prng_state* NULL pointer check from ed25519_make_key()")
a1e9686a20cf ("libtomcrypt: ctr_encrypt(): adjust for OP-TEE CE accelerated routines")
eba1524a3989 ("libtomcrypt: define LTC_MPI at the same time as LTC_DER")
e8f42d80d27f ("core: libtomcrypt: Remove prng_state* NULL pointer check from x25519_make_key()")
edb8618bfe6c ("core: ltc: add SM2 curve parameters")
1713825bebd1 ("core: ltc: make key in accel_ecb_encrypt() and accel_ecb_decrypt() const")
53d2509130ce ("core: ltc: fix 'switch case misses default'")
5c7e0de468d1 ("core: ltc: add custom DH key generation function dh_make_key()")
cba20f6a156e ("core: ltc: tomcrypt_custom.h: OP-TEE thread support")
7f247add8fd9 ("libtomcrypt: implement zeromem() with memzero_explicit()")
96ac368c5e68 ("LTC: add GHASH acceleration")
79bd5cb8391c ("ltc: make cipher_descriptor a pointer to descriptors")
a9f0d677e922 ("ltc: make hash_descriptor a pointer to descriptors")
82feb7ac9709 ("ltc: make prng_descriptor a pointer to descriptors")
ae75124e3113 ("libtomcrypt: tomcrypt_private.h: add HASH_PROCESS_NBLOCKS")
a4281f43ea65 ("ECC: optimize the pool of temporary variables")
b32f84118399 ("Import LibTomCrypt v1.18.2 branch "develop" (Apr 12, 2024)")
035c58eeb602 ("Remove LibTomCrypt")

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (vexpress-qemu_armv8a)

show more ...

core: spmc: fix direct request handler

The FF-A direct request handling has an error: if the destination ID is
the SPMC ID, the handler is trying to forward the message to an SP with
this ID, which

core: spmc: fix direct request handler

The FF-A direct request handling has an error: if the destination ID is
the SPMC ID, the handler is trying to forward the message to an SP with
this ID, which is obviously non-existent so this gives an error.

Fixes: 19ad526cb139 ("core: spmc, sp: cleanup FF-A ID handling")
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>

show more ...

drivers: pm: sam: map SFRBU with DT_MAP_SECURE attribute for sama7g5

As sama7g5's SFRBU is always secured map it as secured and do not
need to configure the security through the matrix.

Signed-off-

drivers: pm: sam: map SFRBU with DT_MAP_SECURE attribute for sama7g5

As sama7g5's SFRBU is always secured map it as secured and do not
need to configure the security through the matrix.

Signed-off-by: Tony Han <tony.han@microchip.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: pm: sam: rename pm_init functions for later sama7g5 support

PM support for sama7g5 will reuse some existing functions.
Rename sama5d2_pm_init() to sam_pm_init().
Rename sama5d2_pm_init_all(

drivers: pm: sam: rename pm_init functions for later sama7g5 support

PM support for sama7g5 will reuse some existing functions.
Rename sama5d2_pm_init() to sam_pm_init().
Rename sama5d2_pm_init_all() to sam_pm_init_all().

Signed-off-by: Tony Han <tony.han@microchip.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: atmel_shdwc: enable RTT (Real-time Timer) Wake-up

For sama7g5 the Wake-up can be caused by RTT.

Signed-off-by: Tony Han <tony.han@microchip.com>
Acked-by: Jens Wiklander <jens.wiklander@li

drivers: atmel_shdwc: enable RTT (Real-time Timer) Wake-up

For sama7g5 the Wake-up can be caused by RTT.

Signed-off-by: Tony Han <tony.han@microchip.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: atmel_shdwc: update to call the initialize for PM for sama7g5

For sama7g5 case do not return before calling the initialize function
for PM.

Signed-off-by: Tony Han <tony.han@microchip.com>

drivers: atmel_shdwc: update to call the initialize for PM for sama7g5

For sama7g5 case do not return before calling the initialize function
for PM.

Signed-off-by: Tony Han <tony.han@microchip.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutils: util.h: fix the GENMASK_32(h, l) macro

The macro has a problem when it is used in an assembly file:
.e.g ".word GENMASK_32(15, 8)" will be compiled to ".word 0xffffff00"

The issue is caus

libutils: util.h: fix the GENMASK_32(h, l) macro

The macro has a problem when it is used in an assembly file:
.e.g ".word GENMASK_32(15, 8)" will be compiled to ".word 0xffffff00"

The issue is caused by the compiler always treating ~0 as a 64-bit
value. Fix it by replacing '~UINT32_C(0)' with 'UINT32_C(0xffffffff)'.

Signed-off-by: Tony Han <tony.han@microchip.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: use fdt64_ld() to read possibly unaligned kaslr-seed

Read possibly unaligned kaslr-seed using `fdt64_ld()`
to avoid ubsan panic while booting with `CFG_CORE_ASLR=y`

Acked-by: Jens Wiklan

core: arm: use fdt64_ld() to read possibly unaligned kaslr-seed

Read possibly unaligned kaslr-seed using `fdt64_ld()`
to avoid ubsan panic while booting with `CFG_CORE_ASLR=y`

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Abhishek Revadekar <abhishek.rvdkr@yahoo.com>

show more ...

core: fix undefined references to ubsan functions

Add UBSan handlers for `__ubsan_handle_type_mismatch_v1` and
`__ubsan_handle_pointer_overflow` to remove undefined references error.

Acked-by: Jens

core: fix undefined references to ubsan functions

Add UBSan handlers for `__ubsan_handle_type_mismatch_v1` and
`__ubsan_handle_pointer_overflow` to remove undefined references error.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Abhishek Revadekar <abhishek.rvdkr@yahoo.com>

show more ...

core: callout: disable obsolete timeouts

In callout_service_cb() when a timeout interrupt is received there's a
check to see if this is the last scheduled CPU. If not the interrupt is
ignored, but n

core: callout: disable obsolete timeouts

In callout_service_cb() when a timeout interrupt is received there's a
check to see if this is the last scheduled CPU. If not the interrupt is
ignored, but not disabled causing it to trigger again and again. So fix
this by disabling the timeout too.

Fixes: cf707bd0d695 ("core: add callout service")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: mmu: fix memory regions found from ff-a manifest

Fix the 6th parameter of add_phys_mem() in collect_device_mem_ranges()
that has to be the size of memory region and not the end address of the

core: mmu: fix memory regions found from ff-a manifest

Fix the 6th parameter of add_phys_mem() in collect_device_mem_ranges()
that has to be the size of memory region and not the end address of the
region.

Fixes: 72a6827a6353 ("core: arm: SPMC obtain device memory info from DTB")
Signed-off-by: Sungbae Yoo <sungbaey@nvidia.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers:implement HiSilicon Security Engine(SEC) module.

HiSilicon SEC is used in security applications such as
authentication and data encryption and decryption. This
module implement the hardware

drivers:implement HiSilicon Security Engine(SEC) module.

HiSilicon SEC is used in security applications such as
authentication and data encryption and decryption. This
module implement the hardware initialization of the SEC.

Signed-off-by: leisen <leisen1@huawei.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: crypto: hisilicon: add DH algorithm

add operation of DH algorithm, including alloc_keypair,
gen_keypair and shared_secret

Signed-off-by: yuzexi <yuzexi@hisilicon.com>
Acked-by: Etienne Car

drivers: crypto: hisilicon: add DH algorithm

add operation of DH algorithm, including alloc_keypair,
gen_keypair and shared_secret

Signed-off-by: yuzexi <yuzexi@hisilicon.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: handle buffer_two_blocks correctly

For operations with buffer_two_blocks true, calculate the required size
of the out buffer (req_dlen) correctly in TEE_CipherUpdate().
tee_buffer_update()

libutee: handle buffer_two_blocks correctly

For operations with buffer_two_blocks true, calculate the required size
of the out buffer (req_dlen) correctly in TEE_CipherUpdate().
tee_buffer_update() is fixed with a matching update.

buffer_two_blocks set to true mandates buffering at least one block + a
byte and at most two full blocks.

Fix needed by TEE_ALG_AES_CTS and TEE_ALG_AES_XTS.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: arm64: fix ce_aes_xts_{de,en}crypt()

In ce_aes_xts_encrypt() and ce_aes_xts_decrypt(), if the main interleave
loop (.LxtsencNx or .LxtsdecNx) ends with all blocks completed the v7
register doe

core: arm64: fix ce_aes_xts_{de,en}crypt()

In ce_aes_xts_encrypt() and ce_aes_xts_decrypt(), if the main interleave
loop (.LxtsencNx or .LxtsdecNx) ends with all blocks completed the v7
register doesn't hold the needed .Lxts_mul_x needed to compute the next
tweak correctly. So fix this by loading .Lxts_mul_x in v7 before ending
the loop.

Fixes: 06d2e4167a6b ("core: add accelerated AES routines")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

libutee: process a full buffer immediately

In tee_buffer_update, libutee currently delays processing an input
block until more space is needed in the buffer, which is perfectly
valid behavior, but d

libutee: process a full buffer immediately

In tee_buffer_update, libutee currently delays processing an input
block until more space is needed in the buffer, which is perfectly
valid behavior, but doesn't match AOSP compatibility requirements.

Specifically, both CTS (testKatEncryptOneByteAtATime [1]) and VTS
(EncryptionOperationsTest.*OneByteAtATime [2]) expect block cipher
implementations to produce an output block as soon as a full block
of input has been received. Change libutee behavior to be AOSP
compatible.

Link: https://android.googlesource.com/platform/cts/+/refs/heads/main/tests/tests/keystore/src/android/keystore/cts/BlockCipherTestBase.java#779 [1]
Link: https://android.googlesource.com/platform/hardware/interfaces/+/refs/heads/main/security/keymint/aidl/vts/functional/KeyMintAidlTestBase.cpp#827 [2]
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: sub.mk: reorganize and simplify

Reorganize the LTC sub.mk by collecting configuration and files in
groups by algorithm or feature.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.or

core: ltc: sub.mk: reorganize and simplify

Reorganize the LTC sub.mk by collecting configuration and files in
groups by algorithm or feature.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: ltc: merge sub.mk's into a single sub.mk

Merge all sub.mk's below core/lib/libtomcrypt/src at the end of
core/lib/libtomcrypt/sub.mk.

It gives an easier overview of what is compiled, but it a

core: ltc: merge sub.mk's into a single sub.mk

Merge all sub.mk's below core/lib/libtomcrypt/src at the end of
core/lib/libtomcrypt/sub.mk.

It gives an easier overview of what is compiled, but it also makes it
easier when syncing core/lib/libtomcrypt/src with LTC upstream since
it's out of the way.

Unused sub.mk's are removed.

Removes the now unused _CFG_CORE_LTC_CIPHER, _CFG_CORE_LTC_AUTHENC and
_CFG_CORE_LTC_MAC from core/crypto.mk.

The global LTC build flag -Wno-declaration-after-statement is removed and
only supplied to the few source files that need it.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: add CFG_RSA_PUB_EXPONENT_3

When generating RSA key pairs, OP-TEE currently enforces a minimum public
exponent size of 65537 per NIST SP800-56B recommendations. However, AOSP
KeyMint VTS (Encry

core: add CFG_RSA_PUB_EXPONENT_3

When generating RSA key pairs, OP-TEE currently enforces a minimum public
exponent size of 65537 per NIST SP800-56B recommendations. However, AOSP
KeyMint VTS (EncryptionOperationsTest.RsaNoPaddingSuccess [1]) requires
implementations to support public exponent 3 for backwards compatibility.
Add CFG_RSA_PUB_EXPONENT_3 to allow public exponents >= 3.

Link: https://android.googlesource.com/platform/hardware/interfaces/+/refs/heads/main/security/keymint/aidl/vts/functional/KeyMintTest.cpp#5258 [1]
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: lib: scmi-server: add CMake defines for embedded modules

Enable CMake directive CMAKE_C_COMPILER_WORKS to prevent SCP-firmware
CMake configuration sequence to check the cross compilation toolc

core: lib: scmi-server: add CMake defines for embedded modules

Enable CMake directive CMAKE_C_COMPILER_WORKS to prevent SCP-firmware
CMake configuration sequence to check the cross compilation toolchain
since it is not needed here: OP-TEE only uses CMake to configure
SCP-firmware, not to build source files. This change is required when
building OP-TEE with CFG_SCMI_SCPFW=y and using a CMake >= 3.27.0.

Suggested-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers: include standard header files from stpmic1_regulator.h

Add missing inclusion of stdbool.h and stddef.h in stpmic1_regulator.h.
The issue was revealed when upgrading to latest SCP-firmware s

drivers: include standard header files from stpmic1_regulator.h

Add missing inclusion of stdbool.h and stddef.h in stpmic1_regulator.h.
The issue was revealed when upgrading to latest SCP-firmware source tree.

Fixes: 9cb0d51670f2 ("drivers: stpmic1: export regulators API in a specific header file")
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

plat-sam: remove CFG_PL310_LOCKED

When locking the PL310 cache, it behaves as disable which lead to poor
performances in Linux.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Signed-off-b

plat-sam: remove CFG_PL310_LOCKED

When locking the PL310 cache, it behaves as disable which lead to poor
performances in Linux.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Signed-off-by: Tony Han <tony.han@microchip.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

ldelf: Fix dumping physical address of ELF segment

Fix the strange values of "pa" when TA ELF mappings is dumped. The
function argument of print_seg() should be explicit physical address of
mapping

ldelf: Fix dumping physical address of ELF segment

Fix the strange values of "pa" when TA ELF mappings is dumped. The
function argument of print_seg() should be explicit physical address of
mapping rather than offset of the segment.

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Tested-by: Yu Chien Peter Lin <peterlin@andestech.com>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (vexpress-qemu_armv8a)
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

riscv: plat-virt: Enable CFG_HWRNG_PTA

Enable CFG_HWRNG_PTA with the implementation of the RISC-V
Zkr driver which provides the hardware entropy source.

Signed-off-by: Alvin Chang <alvinga@andestec

riscv: plat-virt: Enable CFG_HWRNG_PTA

Enable CFG_HWRNG_PTA with the implementation of the RISC-V
Zkr driver which provides the hardware entropy source.

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Reviewed-by: Yu Chien Peter Lin <peterlin@andestech.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: Add RISC-V Zkr hardware random number generator support

The RISC-V Zkr entropy source extension introduces a physical
entropy source compliant with NIST SP 800-90B or BSI AIS-31
standards v

drivers: Add RISC-V Zkr hardware random number generator support

The RISC-V Zkr entropy source extension introduces a physical
entropy source compliant with NIST SP 800-90B or BSI AIS-31
standards via the seed CSR.

Note that this driver cannot be used unless access is explicitly
granted by M-mode, e.g. OpenSBI have to set mseccfg.SSEED for
OP-TEE OS.

Signed-off-by: Yu Chien Peter Lin <peterlin@andestech.com>
Reviewed-by: Alvin Chang <alvinga@andestech.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...