core: fix loading of encrypted TA

The total size of headers for TAs signed with a subkey varies, take that
into account when sanity checking the img_size field of the signed
header.

Fixes: 19b1ce2b

core: fix loading of encrypted TA

The total size of headers for TAs signed with a subkey varies, take that
into account when sanity checking the img_size field of the signed
header.

Fixes: 19b1ce2b2b2b ("core: ree_fs: check ta size before use")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Jerome Forissier <jerome.forissier@linaro.org> (vexpress-qemu_armv8a)

show more ...

core: dump_ta_memstats(): check TA initialization completion before accessing it

Problem: In some concurrent cases, TA dump will try to
dump a TA which has not completed TA initialization and
the TA

core: dump_ta_memstats(): check TA initialization completion before accessing it

Problem: In some concurrent cases, TA dump will try to
dump a TA which has not completed TA initialization and
the TA stack pointer isn't set. That causes a data abort
when accessing its stack.

Solution: Check the user TA initialization is completed or not.
If it is still being initialized, return TEE_ERROR_BAD_STATE.
https://github.com/OP-TEE/optee_os/issues/5905

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Tested-by: Weizhao Jiang <weizhaoj@amazon.com>
Signed-off-by: Weizhao Jiang <weizhaoj@amazon.com>

show more ...

ci: se05x crypto driver: update plug-and-trust

Take security updates from Plug-and-Trust

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.

ci: se05x crypto driver: update plug-and-trust

Take security updates from Plug-and-Trust

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: se050: allow configuring the Secure Element applet

Add CFG_CORE_SE05X_VER to allow configuring the desirable applet
version.
This enables making the driver compatible with newer elements.

drivers: se050: allow configuring the Secure Element applet

Add CFG_CORE_SE05X_VER to allow configuring the desirable applet
version.
This enables making the driver compatible with newer elements.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

dts: stm32: add OTP index for HUK on stm32mp15 platform

Add the OTP index on stm32mp15 platform to indicate where to find the
previously provisioned HUK.

Signed-off-by: Nicolas Toromanoff <nicolas.

dts: stm32: add OTP index for HUK on stm32mp15 platform

Add the OTP index on stm32mp15 platform to indicate where to find the
previously provisioned HUK.

Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com>
Signed-off-by: Thomas BOURGOIN <thomas.bourgoin@foss.st.com>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32mp15_huk: use DT HUK NVMEM layout API

Adds the possibility to get the HUK from OTP definition in the device tree
using the function stm32_bsec_find_otp_in_nvmem_layout().

Signed-off-b

drivers: stm32mp15_huk: use DT HUK NVMEM layout API

Adds the possibility to get the HUK from OTP definition in the device tree
using the function stm32_bsec_find_otp_in_nvmem_layout().

Signed-off-by: Thomas BOURGOIN <thomas.bourgoin@foss.st.com>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

se050: ecc: SE050-F shared secret

The SE050-F does not support shared secret generation.
Allow this operation to also fallback to its software implementation.

Fixes: 6cc77cdd73aa ("crypto: drivers:

se050: ecc: SE050-F shared secret

The SE050-F does not support shared secret generation.
Allow this operation to also fallback to its software implementation.

Fixes: 6cc77cdd73aa ("crypto: drivers: se050-f: ecc: can fallback to softw-ops")
Test: xtest regression_4009
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

ci: compile-test as many PTAs as possible on QEMU/QEMUv8

Enable as many PTAs as possible in the QEMU/QEMUv8 CI builds in order to
catch compile issues. Some PTAs are not applicable to QEMU though.

ci: compile-test as many PTAs as possible on QEMU/QEMUv8

Enable as many PTAs as possible in the QEMU/QEMUv8 CI builds in order to
catch compile issues. Some PTAs are not applicable to QEMU though.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

pta: attestation: fix compilation incompatible pointer warning

To reproduce (any 64bits platform will do):
$ make PLATFORM=imx-mx8mmevk CFG_ATTESTATION_PTA=y CFG_WERROR=y

core/pta/attestation.c: In

pta: attestation: fix compilation incompatible pointer warning

To reproduce (any 64bits platform will do):
$ make PLATFORM=imx-mx8mmevk CFG_ATTESTATION_PTA=y CFG_WERROR=y

core/pta/attestation.c: In function ‘cmd_get_pubkey’:
core/pta/attestation.c:358:30: warning: initialization of ‘uint32_t *’ {aka ‘unsigned int *’} from incompatible pointer type ‘size_t *’ {aka ‘long unsigned int *’} [-Wincompatible-pointer-types]
358 | uint32_t *e_out_sz = &params[0].memref.size;
| ^
core/pta/attestation.c:360:30: warning: initialization of ‘uint32_t *’ {aka ‘unsigned int *’} from incompatible pointer type ‘size_t *’ {aka ‘long unsigned int *’} [-Wincompatible-pointer-types]
360 | uint32_t *n_out_sz = &params[1].memref.size;
| ^

Fixes: 7509620b8b95 ("GP131: Update TEE_Param")
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ffa: Allow multiple SPs with same UUID

The FF-A spec allows multiple SPs to have the same UUID. This makes
it possible to use the FF-A UUID as a identifier for the protocol on
top of the FF-A

core: ffa: Allow multiple SPs with same UUID

The FF-A spec allows multiple SPs to have the same UUID. This makes
it possible to use the FF-A UUID as a identifier for the protocol on
top of the FF-A layer.
To achieve this we have to make sure that the FFA_PARTITION_INFO_GET can
return more then one endpoint id if we pass a UUID.
To make sure that there is no collision between the SP binaries names,
we distinguish between the FF-A UUID and the SP UUID. The SP UUID is used
to identify the SP itself. While the FF-A UUID is used as part of the
FF-A protocol.

Signed-off-by: Jelle Sels <jelle.sels@arm.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: imx_ele: add ELE driver

Add EdgeLock Enclave (or ELE) driver support.
ELE is a built-in security subsystem available on imx8ulp and imx93
providing security features to the Cortex-A.

Signe

drivers: imx_ele: add ELE driver

Add EdgeLock Enclave (or ELE) driver support.
ELE is a built-in security subsystem available on imx8ulp and imx93
providing security features to the Cortex-A.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: imx_mu: add MU base address and size for imx93

Add definition of MU_BASE and MU_SIZE for imx93.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.fori

drivers: imx_mu: add MU base address and size for imx93

Add definition of MU_BASE and MU_SIZE for imx93.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: imx_mu: add MU base address and size for imx8ulp

Add definition of MU_BASE and MU_SIZE for imx8ulp.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.

drivers: imx_mu: add MU base address and size for imx8ulp

Add definition of MU_BASE and MU_SIZE for imx8ulp.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: imx_mu: increase maximum MU message size

Increase MU message maximum size to 17 words. It corresponds to the
biggest message of the ELE API.

Signed-off-by: Clement Faure <clement.faure@nxp

drivers: imx_mu: increase maximum MU message size

Increase MU message maximum size to 17 words. It corresponds to the
biggest message of the ELE API.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: imx_mu: add support for imx93

Add MU support for imx93.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carr

drivers: imx_mu: add support for imx93

Add MU support for imx93.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: spmc: move FIP SP deinit call

Move the FIP SP deinit call to before starting the SPs. This change does
not affect functionality, it's just to make the SP packages' lifetime
clearer in the code

core: spmc: move FIP SP deinit call

Move the FIP SP deinit call to before starting the SPs. This change does
not affect functionality, it's just to make the SP packages' lifetime
clearer in the code.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>

show more ...

core: spmc: fix FIP SP loading

The memory management in process_sp_pkg() function contains errors. It
tries to add new mappings for the SP packages that reside in the TA_RAM
PA range, but this range

core: spmc: fix FIP SP loading

The memory management in process_sp_pkg() function contains errors. It
tries to add new mappings for the SP packages that reside in the TA_RAM
PA range, but this range is already mapped so this is unnecessary and
wrong. Fix the code by simply using phys_to_virt() instead.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>

show more ...

core: ltc: use SHA-3 crypto accelerated function

Uses the recently provided accelerated SHA-3 function in LTC

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <j

core: ltc: use SHA-3 crypto accelerated function

Uses the recently provided accelerated SHA-3 function in LTC

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: arm64: SHAKE128 using ARMv8.2-A cryptographic extensions

Adds support for SHAKE128 or SHA3-128 sized blocks in
sha3_ce_transform().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
A

core: arm64: SHAKE128 using ARMv8.2-A cryptographic extensions

Adds support for SHAKE128 or SHA3-128 sized blocks in
sha3_ce_transform().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: arm64: SHA-3 using ARMv8.2-A cryptographic extensions

Import SHA-3 assembly code from the Linux kernel (Linaro contribution).
Enabled with CFG_CRYPTO_SHA3_ARM_CE=y, set by default if
CFG_CRYPT

core: arm64: SHA-3 using ARMv8.2-A cryptographic extensions

Import SHA-3 assembly code from the Linux kernel (Linaro contribution).
Enabled with CFG_CRYPTO_SHA3_ARM_CE=y, set by default if
CFG_CRYPTO_WITH_CE82=y.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: arm64: SM4 CE optimization for ARMv8.2

Enabled with CFG_CRYPTO_SM4_ARM_CE=y, set by default if
CFG_CRYPTO_WITH_CE82=y.

Signed-off-by: Xu Yizhou <xuyizhou1@huawei.com>
Acked-by: Tianjia Zhang

core: arm64: SM4 CE optimization for ARMv8.2

Enabled with CFG_CRYPTO_SM4_ARM_CE=y, set by default if
CFG_CRYPTO_WITH_CE82=y.

Signed-off-by: Xu Yizhou <xuyizhou1@huawei.com>
Acked-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: arm64: SM4-AESE optimization for ARMv8

Enabled with CFG_CRYPTO_SM4_ARM_AESE=y, set by default if
CFG_CRYPTO_WITH_CE=y.

Signed-off-by: Xu Yizhou <xuyizhou1@huawei.com>
Acked-by: Tianjia Zhang

core: arm64: SM4-AESE optimization for ARMv8

Enabled with CFG_CRYPTO_SM4_ARM_AESE=y, set by default if
CFG_CRYPTO_WITH_CE=y.

Signed-off-by: Xu Yizhou <xuyizhou1@huawei.com>
Acked-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Revert "ci: disable QEMUv8_check_rust job"

This reverts commit 450963c289fe ("ci: disable QEMUv8_check_rust job").
The optee_rust project has been updated in [1] and the Rust tests are
now successfu

Revert "ci: disable QEMUv8_check_rust job"

This reverts commit 450963c289fe ("ci: disable QEMUv8_check_rust job").
The optee_rust project has been updated in [1] and the Rust tests are
now successful, therefore CI can be re-enabled.

Link: [1] https://github.com/OP-TEE/manifest/commit/beb79c27be83f7a4b90a898552569eb1a7638df8
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Remove checked in .checkpatch-camelcase.git.

Removes a previously checked in copy of .checkpatch-camelcase.git.

Fixes: 0db2982068aa ("core: pta: imx: add manufacturing protection")
Signed-off-by: J

Remove checked in .checkpatch-camelcase.git.

Removes a previously checked in copy of .checkpatch-camelcase.git.

Fixes: 0db2982068aa ("core: pta: imx: add manufacturing protection")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

ldelf: syscall: support RISC-V ldelf sycall

Added 32-bit and 64-bit RISC-V ldelf system calls.

Signed-off-by: liushiwei <liushiwei@eswincomputing.com>
Acked-by: Jerome Forissier <jerome.forissier@l

ldelf: syscall: support RISC-V ldelf sycall

Added 32-bit and 64-bit RISC-V ldelf system calls.

Signed-off-by: liushiwei <liushiwei@eswincomputing.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Marouene Boubakri <marouene.boubakri@nxp.com>

show more ...