ta: riscv: Add MCOUNT_SYM definition

With the -pg option, the compiler inserts a call to _mcount into every
function prologue. Add definition for MCOUNT_SYM so that the linker
creates the additional

ta: riscv: Add MCOUNT_SYM definition

With the -pg option, the compiler inserts a call to _mcount into every
function prologue. Add definition for MCOUNT_SYM so that the linker
creates the additional space for ftrace buffer.

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Marouene Boubakri <marouene.boubakri@nxp.com>

show more ...

libutils: riscv: Update setjmp() and longjmp() for ftrace support

Fix the registers saving/restoring conventions. The length of jump
buffer is increased with one more slot to restore ftrace return s

libutils: riscv: Update setjmp() and longjmp() for ftrace support

Fix the registers saving/restoring conventions. The length of jump
buffer is increased with one more slot to restore ftrace return stack.

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Marouene Boubakri <marouene.boubakri@nxp.com>

show more ...

core: riscv: Implement timer related functions for ftrace support

Implement barrier_read_counter_timer() to read the timer value after a
barrier. Implement read_cntfrq() to get the frequency of mach

core: riscv: Implement timer related functions for ftrace support

Implement barrier_read_counter_timer() to read the timer value after a
barrier. Implement read_cntfrq() to get the frequency of machine timer
counter. The read_time() is moved from header to C source file to reduce
the code size.

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Marouene Boubakri <marouene.boubakri@nxp.com>

show more ...

libutils: riscv: Implement _mount() and __ftrace_return()

When the core and TA are compiled with the -pg option, the compiler
inserts a call to _mcount() into every function prologue. It can be used

libutils: riscv: Implement _mount() and __ftrace_return()

When the core and TA are compiled with the -pg option, the compiler
inserts a call to _mcount() into every function prologue. It can be used
to trace the function calls such as ftrace.

Implement the _mount() to prepare the necessary parameters for ftrace.
The __ftrace_return() is also implemented for returning from ftrace.

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Marouene Boubakri <marouene.boubakri@nxp.com>

show more ...

libutils: Add riscv.S to make it available for core and TA libs

Some assembly macros are necessary for both OP-TEE core and TA
libraries. Therefore, we add riscv specific assembly file into libutils

libutils: Add riscv.S to make it available for core and TA libs

Some assembly macros are necessary for both OP-TEE core and TA
libraries. Therefore, we add riscv specific assembly file into libutils
and move some assembly related macros from riscv.h to riscv.S.

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Sumit Garg <sumit.garg@linaro.org>
Reviewed-by: Marouene Boubakri <marouene.boubakri@nxp.com>

show more ...

core: spmc: handle missing FFA_MSG_SEND_VM_DESTROYED

Handles the previously missing FFA_MSG_SEND_VM_DESTROYED message used to
signal the destruction of a non-secure guest. This is the counter part
o

core: spmc: handle missing FFA_MSG_SEND_VM_DESTROYED

Handles the previously missing FFA_MSG_SEND_VM_DESTROYED message used to
signal the destruction of a non-secure guest. This is the counter part
of FFA_MSG_SEND_VM_CREATED that is used to signal the creation of a
non-secure guest.

Fixes: a65dd3a6b64d ("core: spmc: support virtualization with SPMC at S-EL1")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-k3: main: Print the provisioned key information

During provisioning these values are fused using the signing
certificate.

The maximum value of Key Count is 2 (when BMPK is used).

Signed-off-b

plat-k3: main: Print the provisioned key information

During provisioning these values are fused using the signing
certificate.

The maximum value of Key Count is 2 (when BMPK is used).

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-k3: drivers: add TISCI call to retrieve the Keycnt and Keyrev

Add TISCI call to retrieve the key count and key revision fused during
provisioning.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@fou

plat-k3: drivers: add TISCI call to retrieve the Keycnt and Keyrev

Add TISCI call to retrieve the key count and key revision fused during
provisioning.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-k3: main: coding standard consistency

The coding standard requires a line between function definitions.

Add such a line to make it visually consistent with the recently added
secure_boot_infor

plat-k3: main: coding standard consistency

The coding standard requires a line between function definitions.

Add such a line to make it visually consistent with the recently added
secure_boot_information(void).

This commit also removes a duplicated include directive.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-k3: main: Print the revision of the Secure Board Configuration

If the board is booting with hardware authentication, print the software
revision.

The Software Revision is the value written to

plat-k3: main: Print the revision of the Secure Board Configuration

If the board is booting with hardware authentication, print the software
revision.

The Software Revision is the value written to the OTP eFuse during board
provisioning and it is only available in HS boards.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-k3: drivers: add TISCI call to retrieve the SWREV

This call is only available to OTP_REV_ID_SEC_BRDCFG

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerom

plat-k3: drivers: add TISCI call to retrieve the SWREV

This call is only available to OTP_REV_ID_SEC_BRDCFG

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-k3: drivers: add OTP revision read/write message descriptions

Add the TISCI message identifiers required for reading and writing
Software Revision and Key Revision to/from eFuses.

Signed-off-b

plat-k3: drivers: add OTP revision read/write message descriptions

Add the TISCI message identifiers required for reading and writing
Software Revision and Key Revision to/from eFuses.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

libutils: malloc: fix raw_malloc_buffer_overlaps_heap()

When checking if there's an overlap between allocated buffer and
heap, raw_malloc_buffer_overlaps_heap() considers two cases: when
buffer come

libutils: malloc: fix raw_malloc_buffer_overlaps_heap()

When checking if there's an overlap between allocated buffer and
heap, raw_malloc_buffer_overlaps_heap() considers two cases: when
buffer comes before the pool and the opposite. On the first case,
overlap will happen if the buffer end after the loop start.
Since buf_end is computed as buf_start + len, it will point to
the address of the first byte after the memory region allocated to
the buffer.

Fix raw_malloc_buffer_overlaps_heap() by considering overlap only
when buffer end is bigger than the pool start.

Fixes: 12d739bd5028 ("libutils: use raw_malloc_*() as more primitive bget wrappers")
Signed-off-by: Vitor Sato Eschholz <vsatoes@baylibre.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: spmc: implement FFA_CONSOLE_LOG

Add FFA_CONSOLE_LOG interface support for enabling debug messages from
SPs as defined in FF-A v1.2. The message string is packed into the
registers of the call

core: spmc: implement FFA_CONSOLE_LOG

Add FFA_CONSOLE_LOG interface support for enabling debug messages from
SPs as defined in FF-A v1.2. The message string is packed into the
registers of the call so it doesn't require the existence of a shared
memory between the SPMC and the SPs. This makes it ideal for early debug
messages, however the length of the message is limited.
The received messages are forwarded to OP-TEE's trace output.

Signed-off-by: Imre Kis <imre.kis@arm.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: thread: Add support for canary value randomization

Currently hardcoded magic number is used as thread stack canary,
an attacker with full control over the overflow can embed the
hardcoded cana

core: thread: Add support for canary value randomization

Currently hardcoded magic number is used as thread stack canary,
an attacker with full control over the overflow can embed the
hardcoded canary value on the right location to bypass the overflow
detection.

To add extra layer of security, redefine the canary value as variable,
such that the canary can be initialized during runtime.

The canaries are initialized with static values from thread_init_canaries()
during the early boot stage. The plat_get_random_stack_canaries() is
refactored to support arbitrary-length random numbers, and a new function
called thread_update_canaries() is created to fetch the random values and
update the thread canaries. For CFG_NS_VIRTUALIZATION=y, the updated
function is disabled.

Signed-off-by: Vincent Chuang <Vincent.Chuang@mediatek.com>
Signed-off-by: Randy Hsu <Randy-CY.Hsu@mediatek.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

mk/aosp_optee.mk: fix build dependency for static libraries

The dependency set by $(local_module_deps) needs different file paths
for static libraries due to the commit [1]. Use the make variable,
L

mk/aosp_optee.mk: fix build dependency for static libraries

The dependency set by $(local_module_deps) needs different file paths
for static libraries due to the commit [1]. Use the make variable,
LOCAL_REQUIRED_MODULES [2], to properly set the dependencies for TA
to link with static and shared libraries.

Fixes: d1b003febbcd ("mk: Support user static lib for aosp build")
Link: https://android.googlesource.com/platform/build/+/refs/heads/android13-release/core/build-system.html#704 [2]
Signed-off-by: Tadd Kao <tadd.kao@mediatek.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: riscv: Use standard ABI Mnemonic for frame pointer

Some older toolchain might not recognize "fp". To fix it, we use
standard ABI Mnemonic "s0" instead of "fp".

Signed-off-by: Alvin Chang <alv

core: riscv: Use standard ABI Mnemonic for frame pointer

Some older toolchain might not recognize "fp". To fix it, we use
standard ABI Mnemonic "s0" instead of "fp".

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Tested-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Marouene Boubakri <marouene.boubakri@nxp.com>

show more ...

core: riscv: Update saving panic registers from _utee_panic()

The _utee_panic() function only saves ra and s0(fp) onto stack. So we
only get them from the stack and save them as epc and s0 as abort

core: riscv: Update saving panic registers from _utee_panic()

The _utee_panic() function only saves ra and s0(fp) onto stack. So we
only get them from the stack and save them as epc and s0 as abort
registers.

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Tested-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Marouene Boubakri <marouene.boubakri@nxp.com>

show more ...

libutee: riscv: Fix the arguments of __utee_panic() for unwinding

To unwind stack from synchronous panic, the ra and s0(fp) registers
should be saved onto stack, and the a1 should be assigned as sp.

libutee: riscv: Fix the arguments of __utee_panic() for unwinding

To unwind stack from synchronous panic, the ra and s0(fp) registers
should be saved onto stack, and the a1 should be assigned as sp.
The save_panic_regs_rv_ta() can handle these registers for abort usage.

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Tested-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Marouene Boubakri <marouene.boubakri@nxp.com>

show more ...

core: riscv: Add TA compiler flags for stack unwinding

When the CFG_UNWIND is enabled, the frame pointer should not be omitted
by compiler. Add "-fno-omit-frame-pointer" compiler flag when we enable

core: riscv: Add TA compiler flags for stack unwinding

When the CFG_UNWIND is enabled, the frame pointer should not be omitted
by compiler. Add "-fno-omit-frame-pointer" compiler flag when we enable
the CFG_UNWIND to let compiler not to omit the frame pointer when it
builds TA.

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Tested-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Marouene Boubakri <marouene.boubakri@nxp.com>

show more ...

ldelf: Add TA stack trace for RISC-V architecture

Implement ta_elf_stack_trace_riscv() to unwind the stack of TA. Also the
RISC-V architecture string of TA ELF is added into dump information.

Signe

ldelf: Add TA stack trace for RISC-V architecture

Implement ta_elf_stack_trace_riscv() to unwind the stack of TA. Also the
RISC-V architecture string of TA ELF is added into dump information.

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Marouene Boubakri <marouene.boubakri@nxp.com>

show more ...

drivers: stm32_bsec: fix timeouts initialization

If OP-TEE is rescheduled right after the timeouts are initialized in
power_down_safmem() and power_up_safmem(), the timeout might be elapsed
when res

drivers: stm32_bsec: fix timeouts initialization

If OP-TEE is rescheduled right after the timeouts are initialized in
power_down_safmem() and power_up_safmem(), the timeout might be elapsed
when resuming the function. This would cause the while loop to break
instantly and there will be no delay between configuring the registers
and reading the status.

Initializes the timeout after configuring the registers.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

scripts/symbolize.py: Fix crash when .elf file not found

The script will crash if the xxx.elf file cannot be found.

```
TypeError: expected str, bytes or os.PathLike object, not NoneType
```

This

scripts/symbolize.py: Fix crash when .elf file not found

The script will crash if the xxx.elf file cannot be found.

```
TypeError: expected str, bytes or os.PathLike object, not NoneType
```

This commit add check for None value.

Signed-off-by: Kun Lai <me@imlk.top>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

plat-stm32mp1: restore SYSRAM for SCMI message on STM32MP13

Restores use of SYSRAM last page for STM32MP13 for SCMI communication
as U-Boot and Linux kernel device trees are not yet updated to use O

plat-stm32mp1: restore SYSRAM for SCMI message on STM32MP13

Restores use of SYSRAM last page for STM32MP13 for SCMI communication
as U-Boot and Linux kernel device trees are not yet updated to use OP-TEE
native shared memory instead.

Fixes: 89ba3422ee80 ("plat-stm32mp1: scmi_server: default use OP-TEE shared memory")
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: stm32mp13: update stm32mp13 SoC and board DTS files

Updates STM32MP13* SoC DTSI files and STM32MP135F-DK board DTS file
and related DT binding header files.

Acked-by: Gatien Chevallier <gatien

dts: stm32mp13: update stm32mp13 SoC and board DTS files

Updates STM32MP13* SoC DTSI files and STM32MP135F-DK board DTS file
and related DT binding header files.

Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...