core: arm: plat-versal: Add maybe_unused attribute to constant strings

If log level is set to print only EMSGs, constant strings can be unused.
Add maybe_unused attribute to prevent compilation erro

core: arm: plat-versal: Add maybe_unused attribute to constant strings

If log level is set to print only EMSGs, constant strings can be unused.
Add maybe_unused attribute to prevent compilation errors.

Signed-off-by: Sriram Sriram <sriramsriram@microsoft.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

crypto: stm32: use generic macro in authenc.c

Replace TOBE32 and FROMBE32 macros with generic TEE_U32_TO_BIG_ENDIAN and
TEE_U32_FROM_BIG_ENDIAN respectively.

Signed-off-by: Thomas Bourgoin <thomas.

crypto: stm32: use generic macro in authenc.c

Replace TOBE32 and FROMBE32 macros with generic TEE_U32_TO_BIG_ENDIAN and
TEE_U32_FROM_BIG_ENDIAN respectively.

Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp1: conf: default enable SAES

Default enable SAES compilation.
Enable the STM32_CRYPTO_DRIVERS if any crypto SAES or CRYP is compiled.

Signed-off-by: Thomas Bourgoin <thomas.bourgoin@fos

plat-stm32mp1: conf: default enable SAES

Default enable SAES compilation.
Enable the STM32_CRYPTO_DRIVERS if any crypto SAES or CRYP is compiled.

Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_saes: redefine huk_subkey_derive()

We set huk_subkey_derive() as a weak function and we define it in SAES
driver to be able to use SAES IP to make a secure key derivation from
the SAE

drivers: stm32_saes: redefine huk_subkey_derive()

We set huk_subkey_derive() as a weak function and we define it in SAES
driver to be able to use SAES IP to make a secure key derivation from
the SAES only accessible SOC unique secret key.

We use the Key Derivation function (KDF) in counter mode defined in [1]
using as the PRF (pseudo random function) the PRF(AES-CMAC).
PRF(AES-CMAC) is hardware accelerated by SAES, and use the secure DHUK
(derived hardware unique key) only readable by the SAES IP.

Link: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-108r1.pdf [1]
Co-developed-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com>
Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com>
Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: allow redefinition of function huk_subkey_derive()

Set the function huk_subkey_derive() as weak to allow platform custom
implementation.
We add __huk_subkey_derive() with the implementation of

core: allow redefinition of function huk_subkey_derive()

Set the function huk_subkey_derive() as weak to allow platform custom
implementation.
We add __huk_subkey_derive() with the implementation of
HUK derivation so the default implementation is still accessible
when huk_subkey_derive() is overridden.
This is useful if the key derivation is implemented using hardware
discovered during intilization.
If the substem used to derive a key is disabled, the function
__huk_subkey_derive() can be used as a fallback.

Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

crypto: stm32: SAES cipher support

Add SAES HW driver, and update OP-TEE cipher hooks to be able to use
SAES or CRYP for cipher algorithms.
SAES and CRYP cannot be enabled at the same time in OP-TEE

crypto: stm32: SAES cipher support

Add SAES HW driver, and update OP-TEE cipher hooks to be able to use
SAES or CRYP for cipher algorithms.
SAES and CRYP cannot be enabled at the same time in OP-TEE.

Co-developed-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com>
Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com>
Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp1: allocate SAES to secure world

SAES was allocated to non-secure world but it should be allocated to
OP-TEE.

Fixes: b5ec47ff7668 ("plat-stm32mp1: temporary ETZPC configuration")
Signed

plat-stm32mp1: allocate SAES to secure world

SAES was allocated to non-secure world but it should be allocated to
OP-TEE.

Fixes: b5ec47ff7668 ("plat-stm32mp1: temporary ETZPC configuration")
Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-nuvoton: force CFG_EXTERNAL_DT=n

Disables DT insecure warning

Co-developed-by: Hila Miranda-Kuzi <hila.miranda.kuzi1@gmail.com>
Signed-off-by: Hila Miranda-Kuzi <hila.miranda.kuzi1@gmail.com>

plat-nuvoton: force CFG_EXTERNAL_DT=n

Disables DT insecure warning

Co-developed-by: Hila Miranda-Kuzi <hila.miranda.kuzi1@gmail.com>
Signed-off-by: Hila Miranda-Kuzi <hila.miranda.kuzi1@gmail.com>
Signed-off-by: Margarita Glushkin <rutigl@gmail.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

plat-nuvoton: add HUK reading

Implements HUK reading from DME PCR0 located in the PCI mailbox

Co-developed-by: Hila Miranda-Kuzi <hila.miranda.kuzi1@gmail.com>
Signed-off-by: Hila Miranda-Kuzi <hil

plat-nuvoton: add HUK reading

Implements HUK reading from DME PCR0 located in the PCI mailbox

Co-developed-by: Hila Miranda-Kuzi <hila.miranda.kuzi1@gmail.com>
Signed-off-by: Hila Miranda-Kuzi <hila.miranda.kuzi1@gmail.com>
Signed-off-by: Margarita Glushkin <rutigl@gmail.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

plat-nuvoton: change load address, shared memory and SDP memory

Changes load address of OPTEE-OS from 0x36000000 to 0x02100000
Moves shared memory to 0x06000000
Moves SDP memory to 0x05F00000

Co-de

plat-nuvoton: change load address, shared memory and SDP memory

Changes load address of OPTEE-OS from 0x36000000 to 0x02100000
Moves shared memory to 0x06000000
Moves SDP memory to 0x05F00000

Co-developed-by: Hila Miranda-Kuzi <hila.miranda.kuzi1@gmail.com>
Signed-off-by: Hila Miranda-Kuzi <hila.miranda.kuzi1@gmail.com>
Signed-off-by: Margarita Glushkin <rutigl@gmail.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

changelog: remove duplicate section

When doing the 3.22 release, the changelog by mistake got the 3.22
section duplicated. Fix this by removing one of them.

Signed-off-by: Joakim Bech <joakim.bech@

changelog: remove duplicate section

When doing the 3.22 release, the changelog by mistake got the 3.22
section duplicated. Fix this by removing one of them.

Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

ci: QEMUv8_check: enable attestation PTA

Enables the attestation PTA for all configurations in the QEMU_v8 job.
This would have caught the issue fixed by the parent commit.

Signed-off-by: Jerome Fo

ci: QEMUv8_check: enable attestation PTA

Enables the attestation PTA for all configurations in the QEMU_v8 job.
This would have caught the issue fixed by the parent commit.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: pta: attestation: fixes for CFG_PAN=y

- Add missing enter_user_access()/exit_user_access() to
cmd_hash_ta_memory() so that the PTA is allowed to access the TA
directly.
- Use to_bounce_par

core: pta: attestation: fixes for CFG_PAN=y

- Add missing enter_user_access()/exit_user_access() to
cmd_hash_ta_memory() so that the PTA is allowed to access the TA
directly.
- Use to_bounce_params() and from_bounce_params() in the invoke entry
point in order to use bounce buffers for memref parameters when the
caller is a user space TA and PAN is enabled.

Fixes xtest 1037 with CFG_ATTESTATION_PTA=y CFG_PAN=y.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: pta: add helper functions to support calls from TA when CFG_PAN=y

Introduce helper function to make it easier to use bounce buffers in a
PTA entry point to support calls with memrefs from user

core: pta: add helper functions to support calls from TA when CFG_PAN=y

Introduce helper function to make it easier to use bounce buffers in a
PTA entry point to support calls with memrefs from user space TAs when
PAN is enabled.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

pta: attestation: exclude memory regions without VM_FLAG_READONLY

When selecting which memory region of a TA should be hashed, exclude
those without VM_FLAG_READONLY in their flag field instead of r

pta: attestation: exclude memory regions without VM_FLAG_READONLY

When selecting which memory region of a TA should be hashed, exclude
those without VM_FLAG_READONLY in their flag field instead of requiring
the absence of TEE_MATTR_UW in attr. This makes the code more
consistent and fixes an issue triggered by commit 52e7b1a67f8f ("core:
use user-access functions in ldelf interaction"). With that commit, an
additional region is mapped read-only (i.e., no TEE_MATTR_UW) but does
not have a fixed content for the TA. It can be excluded easily since it
does not have the VM_FLAG_READONLY flag.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

optee-fvp: Enable CFG_SCPFW_SCMI_PERF_PROTOCOL_OPS

Enable the SCMI-Perf protocol operations for the optee-fvp target.

Signed-off-by: Nicola Mazzucato <nicola.mazzucato@arm.com>
Acked-by: Etienne Ca

optee-fvp: Enable CFG_SCPFW_SCMI_PERF_PROTOCOL_OPS

Enable the SCMI-Perf protocol operations for the optee-fvp target.

Signed-off-by: Nicola Mazzucato <nicola.mazzucato@arm.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: scmi-server: Add support for conditional options for SCMI-Perf

SCMI-Server is built upon the SCP-firmware source tree and
a recent change [1] being proposed is moving functionalities
into side

core: scmi-server: Add support for conditional options for SCMI-Perf

SCMI-Server is built upon the SCP-firmware source tree and
a recent change [1] being proposed is moving functionalities
into side source files.

This patch adds support to fetch those additional files based
on two options:
CFG_SCPFW_SCMI_PERF_FAST_CHANNELS (existing)
CFG_SCPFW_SCMI_PERF_PROTOCOL_OPS (new)

[1] https://github.com/ARM-software/SCP-firmware/pull/812

Signed-off-by: Nicola Mazzucato <nicola.mazzucato@arm.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

ci.yml: Temporarily don't build libscmi-server

PR812 in SCP-firmware [1] has added some source files into
mod_scmi_perf directory, but it currently fails when building for the
optee-os case.
This is

ci.yml: Temporarily don't build libscmi-server

PR812 in SCP-firmware [1] has added some source files into
mod_scmi_perf directory, but it currently fails when building for the
optee-os case.
This is due to the fact that the current build system in optee, for
building the scmi-server fetched from SCP-firmware codebase, works well
under the assumption that only one source file is required.

To unlock the circular dependency between build systems and source
codes, temporarily remove the build for the scmi-server.

This will allow the following two patches to be safely merged into the
optee_os repo:
core: scmi-server: Add support for conditional options for SCMI-Perf
optee-fvp: Enable CFG_SCPFW_SCMI_PERF_PROTOCOL_OPS

Subsequently, PR812 in SCP-firmware can be merged, and immediately
a revert patch for this present one will follow to reintroduce the
libscmi-server build.

Link: https://github.com/ARM-software/SCP-firmware/pull/812 [1]
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Nicola Mazzucato <nicola.mazzucato@arm.com>

show more ...

core: crypto_api: fixes typo "bytes" to "bits"

Fixes a typo for *gen_keypair() in struct drvcrypt_ecc where the last
parameter was "size_bytes" while the value represents bits, so fix this by
renami

core: crypto_api: fixes typo "bytes" to "bits"

Fixes a typo for *gen_keypair() in struct drvcrypt_ecc where the last
parameter was "size_bytes" while the value represents bits, so fix this by
renaming it to "size_bits".

Fixes: d29cd2efcd46 ("core: driver: generic resources for crypto device driver - ECC")
Signed-off-by: Katsunori Kikuchi <Katsunori.Kikuchi@sony.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: crypto: fix to extract DH secret length from modulus

Prior to this patch, the DH secret, due to its mechanism, becomes a value
less than the key length of the Private key. Consequently, whe

drivers: crypto: fix to extract DH secret length from modulus

Prior to this patch, the DH secret, due to its mechanism, becomes a value
less than the key length of the Private key. Consequently, when obtaining
the maximum size of the secret from the current key length of the Public
key, the secret length falls short. So change this to extract DH secret
length from modulus instead of public key length.

Fixes: f6e2b9e2d1a2 ("drivers: crypto: implement crypto driver - DH")
Signed-off-by: Katsunori Kikuchi <Katsunori.Kikuchi@sony.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: drivers: ls_dspi: Make dspi_flush_fifo() static

Make dspi_flush_fifo() static as it gets exposed via ls_dspi_ops
structure.

Signed-off-by: Sriram Sriram <sriramsriram@microsoft.com>
Acked-by:

core: drivers: ls_dspi: Make dspi_flush_fifo() static

Make dspi_flush_fifo() static as it gets exposed via ls_dspi_ops
structure.

Signed-off-by: Sriram Sriram <sriramsriram@microsoft.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Sahil Malhotra <sahil.malhotra@nxp.com>

show more ...

core: drivers: ls_dspi: Move SPI mode flag defines to header file

SPI mode flags are used by NXP SoC specific functions for MS PTA.

Signed-off-by: Sriram Sriram <sriramsriram@microsoft.com>
Acked-b

core: drivers: ls_dspi: Move SPI mode flag defines to header file

SPI mode flags are used by NXP SoC specific functions for MS PTA.

Signed-off-by: Sriram Sriram <sriramsriram@microsoft.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Sahil Malhotra <sahil.malhotra@nxp.com>

show more ...

core: drivers: ls_dspi: Add flush DSPI module

Add flush DSPI module. This is called in ls_dspi_ops structure.

Signed-off-by: Carl Lamb <calamb@microsoft.com>
Acked-by: Jens Wiklander <jens.wiklande

core: drivers: ls_dspi: Add flush DSPI module

Add flush DSPI module. This is called in ls_dspi_ops structure.

Signed-off-by: Carl Lamb <calamb@microsoft.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Sahil Malhotra <sahil.malhotra@nxp.com>

show more ...

core: arm: plat-ls: Add CFG_WITH_ARM_TRUSTED_FW flag

If using ARM Trusted Firmware-A, then the GIC initialization is done in
BL31.

Fixes: 2b9f23923175 ("plat-ls: Add support for armv8 platform flav

core: arm: plat-ls: Add CFG_WITH_ARM_TRUSTED_FW flag

If using ARM Trusted Firmware-A, then the GIC initialization is done in
BL31.

Fixes: 2b9f23923175 ("plat-ls: Add support for armv8 platform flavours")
Signed-off-by: Carl Lamb <calamb@microsoft.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Sahil Malhotra <sahil.malhotra@nxp.com>

show more ...

core: arm: plat-bcm: Force CFG_CORE_ARM64_PA_BITS=48

Set CFG_CORE_ARM64_PA_BITS in Broadcom platform file. This fixes a crash
when setting up memory addresses on the Broadcom stingray NS3 platform.

core: arm: plat-bcm: Force CFG_CORE_ARM64_PA_BITS=48

Set CFG_CORE_ARM64_PA_BITS in Broadcom platform file. This fixes a crash
when setting up memory addresses on the Broadcom stingray NS3 platform.

Signed-off-by: Stephen Carlson <stcarlso@microsoft.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...