core: drivers: ls_sfp: Add missing argument in dt_map_dev() function call

dt_map_dev() function call is missing an argument which results in
compilation error. Add the missing argument.

Fixes: 011c

core: drivers: ls_sfp: Add missing argument in dt_map_dev() function call

dt_map_dev() function call is missing an argument which results in
compilation error. Add the missing argument.

Fixes: 011c182a606b ("core: drivers: nxp: Add LX series SFP driver")
Signed-off-by: Sriram Sriram <sriramsriram@microsoft.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Sahil Malhotra <sahil.malhotra@nxp.com>

show more ...

core: arm64: preserve PSTATE.PAN when making SPSR

When setup_unwind_user_mode() prepares to resume execution after
syscall_sys_return() or when a thread is suspended a new SPSR is
fabricated base on

core: arm64: preserve PSTATE.PAN when making SPSR

When setup_unwind_user_mode() prepares to resume execution after
syscall_sys_return() or when a thread is suspended a new SPSR is
fabricated base on the current PSTATE.

Until now when remaining in S-EL1 to fabricate an SPSR only the
PSTATE.DAIF bits had to be taken into account. However, with PSTATE.PAN
there's yet another bit to consider. Since PSTATE has a few more bits
and more may be added as AArch64 evolves this problem is only going to
get worse. So implement this in a single internal C function to replace
current open codes C and assembly versions.

The AArch64 assembly versions of thread_rpc() are renamed to
thread_rpc_spsr() to indicate that SPSR is passed in the second argument
instead of having it open coded internally in the assembly function.

New C wrapper functions are added to preserve the old thread_rpc()
interface as needed.

handle_user_mode_panic() is still basing its created SPSR on the saved
SPSR from S-EL0, but now PAN bit is copied too.

Fixes: 6fa59c9a70dc ("arm64: Introduce permissive PAN implementation")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: arm: add feat_pan_implemented()

Adds the helper function feat_pan_implemented() to extract the
implemented PAN version. No version is 0 so this function can be used
tested as a boolean too.

S

core: arm: add feat_pan_implemented()

Adds the helper function feat_pan_implemented() to extract the
implemented PAN version. No version is 0 so this function can be used
tested as a boolean too.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

arm64: add read_pan() and SPSR_64_PAN

Adds the wrapper function read_pan() to read PSTATE.PAN, also adds a
SPSR_64_PAN define.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by:

arm64: add read_pan() and SPSR_64_PAN

Adds the wrapper function read_pan() to read PSTATE.PAN, also adds a
SPSR_64_PAN define.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: update FS storage API with user space buffer

Updates the create(), read(), and write() function pointers in struct
ts_store_ops to take a user space buffer in addition to the previous
core buf

core: update FS storage API with user space buffer

Updates the create(), read(), and write() function pointers in struct
ts_store_ops to take a user space buffer in addition to the previous
core buffer. Core buffers are normal secure memory while user space
buffers should only be accessed using the user_access.h functions.

The different FS storage implementations are updated accordingly.

Note that the RPMB FS storage implementation resorts to using
enter_user_access() and exit_user_access() due to internal complexities.

Fixes: 4e154320e47c ("core: Apply finer-grained PAN")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: syscall_storage_obj_rename(): fix direct user memory access

Fixes a direct user memory access in syscall_storage_obj_rename() which
can lead to a data abort if PAN is enabled.

Fixes: 84f78978

core: syscall_storage_obj_rename(): fix direct user memory access

Fixes a direct user memory access in syscall_storage_obj_rename() which
can lead to a data abort if PAN is enabled.

Fixes: 84f78978974b ("core: use user-access functions for storage svc")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: pta: socket: fix direct user memory access

Replaces direct user memory accesses in the socket PTA with
copy_to_user() and copy_from_user(). This avoids PAN errors when PAN is
active.

Fixes: 4

core: pta: socket: fix direct user memory access

Replaces direct user memory accesses in the socket PTA with
copy_to_user() and copy_from_user(). This avoids PAN errors when PAN is
active.

Fixes: 4e154320e47c ("core: Apply finer-grained PAN")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: fix reading result in ldelf_dlopen()

The commit 52e7b1a67f8f ("core: use user-access functions in ldelf
interaction") start to use a bounce buffer to initialize the argument
for LDELF_DL_ENTRY

core: fix reading result in ldelf_dlopen()

The commit 52e7b1a67f8f ("core: use user-access functions in ldelf
interaction") start to use a bounce buffer to initialize the argument
for LDELF_DL_ENTRY_DLSYM. However, it also reads the result of
LDELF_DL_ENTRY_DLSYM from the bounce buffer. This is an error since the
result of LDELF_DL_ENTRY_DLSYM still remains on the stack used by ldelf.
So fix this by reading the result from the ldelf stack.

Fixes: 52e7b1a67f8f ("core: use user-access functions in ldelf interaction")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: add user buffer to tee_invoke_supp_plugin_rpc()

Adds a user buffer to tee_invoke_supp_plugin_rpc() so direct user memory
access can be used when called with a buffer in user memory instead of

core: add user buffer to tee_invoke_supp_plugin_rpc()

Adds a user buffer to tee_invoke_supp_plugin_rpc() so direct user memory
access can be used when called with a buffer in user memory instead of
core memory. tee_invoke_supp_plugin_rpc() can still take a core memory
buffer as an argument if needed.

PTA_SYSTEM_SUPP_PLUGIN_INVOKE in the system PTA is updated to pass the
memref as a user memory buffer instead of a core memory buffer.

This fixes a direct privileged memory access to user space memory.

Fixes: 4e154320e47c ("core: Apply finer-grained PAN")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: add default copy_to_user{,_private}()

Adds default implementations for copy_to_user_private() and
copy_to_user() when CFG_WITH_USER_TA=n.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.

core: add default copy_to_user{,_private}()

Adds default implementations for copy_to_user_private() and
copy_to_user() when CFG_WITH_USER_TA=n.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: add check_user_access() helper function

Adds check_user_access() to simplify checking if a user mode memory
buffer may be accessed as expected.

Signed-off-by: Jens Wiklander <jens.wiklander@l

core: add check_user_access() helper function

Adds check_user_access() to simplify checking if a user mode memory
buffer may be accessed as expected.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

crypto: add drvcrypt_register_x25519() and drvcrypt_register_x448()

Add X25519 and X448 drvcrypt.

Signed-off-by: loubaihui <loubaihui1@huawei.com>
Acked-by: Jerome Forissier <jerome.forissier@linar

crypto: add drvcrypt_register_x25519() and drvcrypt_register_x448()

Add X25519 and X448 drvcrypt.

Signed-off-by: loubaihui <loubaihui1@huawei.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

crypto: add X448 support

Refer to the X25519 algorithm, add the X448 algorithm framework code.

Signed-off-by: loubaihui <loubaihui1@huawei.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.o

crypto: add X448 support

Refer to the X25519 algorithm, add the X448 algorithm framework code.

Signed-off-by: loubaihui <loubaihui1@huawei.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

crypto: rename struct x25519_keypair

Since X25519 and X448 have the same key pair structure,
so we rename struct x25519_keypair as struct montgomery_keypair.

Signed-off-by: loubaihui <loubaihui1@hu

crypto: rename struct x25519_keypair

Since X25519 and X448 have the same key pair structure,
so we rename struct x25519_keypair as struct montgomery_keypair.

Signed-off-by: loubaihui <loubaihui1@huawei.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ta: pkcs11: remove redundant comment about start and end date

PKCS#11 standard specifies that verification or usage of start and end
date for certificate objects is responsibility of the application

ta: pkcs11: remove redundant comment about start and end date

PKCS#11 standard specifies that verification or usage of start and end
date for certificate objects is responsibility of the application.

There is no other activity than storage needed for those.

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: arm: Rename primary_init_intc() to boot_primary_init_intc()

Since interrupt controllers are usually initialized in boot stage,
rename primary_init_intc() to boot_primary_init_intc().

Signed-o

core: arm: Rename primary_init_intc() to boot_primary_init_intc()

Since interrupt controllers are usually initialized in boot stage,
rename primary_init_intc() to boot_primary_init_intc().

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: arm: Rename main_secondary_init_intc() to boot_secondary_init_intc()

main_secondary_*() is an ambiguous name since it conveys no meaning
relative to the purpose of the function. Fix it by rena

core: arm: Rename main_secondary_init_intc() to boot_secondary_init_intc()

main_secondary_*() is an ambiguous name since it conveys no meaning
relative to the purpose of the function. Fix it by renameing to
boot_secondary_init_intc(), since interrupt controllers are always
initialized in boot stage.

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers: stm32_gpio: move definitions to source file

Moves macros and structures definitions from stm32_gpio.h header file
to the driver source file as these definition do not need to be
visible fro

drivers: stm32_gpio: move definitions to source file

Moves macros and structures definitions from stm32_gpio.h header file
to the driver source file as these definition do not need to be
visible from other drivers thank to pin control abstraction.

Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_i2c: remove cases when CFG_DRIVERS_PINCTRL is disabled

Removes implementation when CFG_DRIVERS_PINCTRL is disables as stm32mp1
platform configuration enforces the switch is enabled.

drivers: stm32_i2c: remove cases when CFG_DRIVERS_PINCTRL is disabled

Removes implementation when CFG_DRIVERS_PINCTRL is disables as stm32mp1
platform configuration enforces the switch is enabled.

Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_uart: remove cases when CFG_DRIVERS_PINCTRL is disabled

Removes implementation when CFG_DRIVERS_PINCTRL is disables as stm32mp1
platform configuration enforces the switch is enabled.

drivers: stm32_uart: remove cases when CFG_DRIVERS_PINCTRL is disabled

Removes implementation when CFG_DRIVERS_PINCTRL is disables as stm32mp1
platform configuration enforces the switch is enabled.

Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_gpio: remove cases when CFG_DRIVERS_PINCTRL is disabled

Removes implementation when CFG_DRIVERS_PINCTRL is disables as stm32mp1
platform configuration enforces the switch is enabled.

drivers: stm32_gpio: remove cases when CFG_DRIVERS_PINCTRL is disabled

Removes implementation when CFG_DRIVERS_PINCTRL is disables as stm32mp1
platform configuration enforces the switch is enabled.

Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp1: conf: enable CFG_DRIVERS_PINCTRL

Changes platform stm32mp1 configuration to always enable
CFG_DRIVERS_PINCTRL. The platform requires pinctrl_apply_state() to
be unpaged has it can be

plat-stm32mp1: conf: enable CFG_DRIVERS_PINCTRL

Changes platform stm32mp1 configuration to always enable
CFG_DRIVERS_PINCTRL. The platform requires pinctrl_apply_state() to
be unpaged has it can be used during PM suspend and resume sequences.

Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_i2c: support CFG_DRIVERS_PINCTRL

Updates stm32_i2c driver for when CFG_DRIVERS_PINCTRL is enabled making
I2C driver to get pin control configuration using the generic pin
control fram

drivers: stm32_i2c: support CFG_DRIVERS_PINCTRL

Updates stm32_i2c driver for when CFG_DRIVERS_PINCTRL is enabled making
I2C driver to get pin control configuration using the generic pin
control framework. When enabled, stm32_i2c driver get the active and
sleep pin control configuration from the device tree. Sleep pinctrl
configuration is optional.

SE050 and STM32MP1 PMIC drivers that use the stm32_i2c bus are both
updated accordingly.

Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_uart: support CFG_DRIVERS_PINCTRL

Updates stm32_uart driver for when CFG_DRIVERS_PINCTRL is enabled making
UART driver to get pin control configuration using the generic pin
control f

drivers: stm32_uart: support CFG_DRIVERS_PINCTRL

Updates stm32_uart driver for when CFG_DRIVERS_PINCTRL is enabled making
UART driver to get pin control configuration using the generic pin
control framework.

Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp1: shared_resources: support CFG_DRIVERS_PINCTRL

Adds shared resources helper functions stm32mp_register_secure_pinctrl()
and stm32mp_register_non_secure_pinctrl() for when a platform dr

plat-stm32mp1: shared_resources: support CFG_DRIVERS_PINCTRL

Adds shared resources helper functions stm32mp_register_secure_pinctrl()
and stm32mp_register_non_secure_pinctrl() for when a platform driver
registers pins from a pin control state with secure or non-secure
attribute. These function are required when CFG_DRIVERS_PINCTRL is
enabled.

Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...