drivers: imx: tzc380: do not dump TZASC state before lockdown

Remove the TZASC state dump before the region lockdown.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier

drivers: imx: tzc380: do not dump TZASC state before lockdown

Remove the TZASC state dump before the region lockdown.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers: imx: tzc380: add support for 8mscale platforms

Add the TZASC support for all 8mscale platforms.
The TZASC regions on these platforms have an offset equals to
the DRAM base address.

Signed-

drivers: imx: tzc380: add support for 8mscale platforms

Add the TZASC support for all 8mscale platforms.
The TZASC regions on these platforms have an offset equals to
the DRAM base address.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: ffa: add TOS_FW_CONFIG handling

At boot TF-A passes two DT addresses (HW_CONFIG and TOS_FW_CONFIG), but
currently only the HW_CONFIG address is saved, the other one is dropped.
This commit add

core: ffa: add TOS_FW_CONFIG handling

At boot TF-A passes two DT addresses (HW_CONFIG and TOS_FW_CONFIG), but
currently only the HW_CONFIG address is saved, the other one is dropped.
This commit adds functionality to save the TOS_FW_CONFIG too, so we can
retrieve it later. This is necessary for the CFG_CORE_SEL1_SPMC use
case, because the SPMC manifest is passed in this DT.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>

show more ...

core: crypto: fix memory leak in Ed25519 support

The software implementation of ED25519 algorithm has a memory leak in the
key and key pair allocation. Upon every public key allocation, a key pair
i

core: crypto: fix memory leak in Ed25519 support

The software implementation of ED25519 algorithm has a memory leak in the
key and key pair allocation. Upon every public key allocation, a key pair
is allocated (public and private components). When freeing the public
key, only the public component is freed. To reproduce the issue:

$ while xtest 4016; do :; done

Until the following error:

* regression_4016 Test TEE Internal API ED25519 sign/verify
E/LD: copy_section_headers:1124 sys_copy_from_ta_bin
E/TC:? 0 ldelf_init_with_ldelf:131 ldelf failed with res: 0xffff000c /usr/src/debug/optee-test/master.imx-r0/host/xtest/regression_4000.c:6062: xtest_teec_open_session(&session, &crypt_user_ta_uuid, ((void *)0), &ret_orig) has an unexpected value: 0xffff000c = TEEC_ERROR_OUT_OF_MEMORY, expected 0x0 = TEEC_SUCCESS
regression_4016 FAILED

To fix the memory leak, a separate public key allocation function must
be defined along a ED25519 public key structure.

Fixes: 0aaad418ac8b ("core: crypto: add Ed25519 support")
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

mk/lib.mk: use full path to shared library in flags variable

To add link flags for a shared library, a makefile variable is used
that is called lib-ldflags$(libuuid). That's incorrect because the
UU

mk/lib.mk: use full path to shared library in flags variable

To add link flags for a shared library, a makefile variable is used
that is called lib-ldflags$(libuuid). That's incorrect because the
UUID is not enough to uniquely identify a shared library in the build.
For example when both 32-bit and 64-bit user space is generated there
are two versions of the shared library with the same UUID. It is not
a problem at the moment because lib-ldflags$(libuuid) is used only
for one target: ta_arm64, but fix this anyways so that the variable
may be used for more complex cases.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: link.mk: produce tee-raw.bin by default

Adds tee-raw.bin as a dependency of all. This produces a tee-raw.bin for
all platforms when building. tee-raw.bin is more useful than for
instance

core: arm: link.mk: produce tee-raw.bin by default

Adds tee-raw.bin as a dependency of all. This produces a tee-raw.bin for
all platforms when building. tee-raw.bin is more useful than for
instance tee-pager_v2.bin which often is used when a raw binary is
needed. Platforms with a link.mk only to produce tee-raw.bin have their
link.mk removed since the generic version suffices now.

Acked-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutils: add stubs for pthread functions

When building with GCC 11.3.1 [1], the linker reports undefined symbols
in the C++ test TA:

$ make 2>&1 | grep -E "(in function|undefined reference)" | se

libutils: add stubs for pthread functions

When building with GCC 11.3.1 [1], the linker reports undefined symbols
in the C++ test TA:

$ make 2>&1 | grep -E "(in function|undefined reference)" | sed 's@.*/@@'
libstdc++.a(eh_alloc.o): in function `(anonymous namespace)::pool::free(void*) [clone .constprop.0]':
gthr-default.h:749: undefined reference to `pthread_mutex_lock'
gthr-default.h:779: undefined reference to `pthread_mutex_unlock'
libstdc++.a(eh_alloc.o): in function `(anonymous namespace)::pool::allocate(unsigned long) [clone .constprop.0]':
gthr-default.h:749: undefined reference to `pthread_mutex_lock'
gthr-default.h:779: undefined reference to `pthread_mutex_unlock'
libgcc_eh.a(unwind-dw2-fde-dip.o): in function `__gthread_mutex_lock':
gthr-default.h:749: undefined reference to `pthread_mutex_lock'
libgcc_eh.a(unwind-dw2-fde-dip.o): in function `__gthread_mutex_unlock':
gthr-default.h:779: undefined reference to `pthread_mutex_unlock'
[more of the same follow]

To fix that issue, introduce no-op stubs as weak symbols in libutils.
Doing so is valid because TAs are single threaded and non-reentrant.

Link: [1] https://developer.arm.com/-/media/Files/downloads/gnu/11.3.rel1/binrel/arm-gnu-toolchain-11.3.rel1-x86_64-aarch64-none-linux-gnu.tar.xz
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Sumit Garg <sumit.garg@linaro.org>

show more ...

plat-totalcompute: update TZDRAM_SIZE

For CFG_CORE_SEL2_SPMC, manifest size is increased from 0x1000 to
0x4000 for boot protocol support.

Signed-off-by: Rupinderjit Singh <rupinderjit.singh@arm.com

plat-totalcompute: update TZDRAM_SIZE

For CFG_CORE_SEL2_SPMC, manifest size is increased from 0x1000 to
0x4000 for boot protocol support.

Signed-off-by: Rupinderjit Singh <rupinderjit.singh@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: stm32_*: remove code for when DT is not supported

This change removes implementation managing cases when CFG_EMBED_DTB or
CFG_DT are disabled. This change aims to simplify source files and

drivers: stm32_*: remove code for when DT is not supported

This change removes implementation managing cases when CFG_EMBED_DTB or
CFG_DT are disabled. This change aims to simplify source files and is
related to commit [1] from which stm32mp1 platform requires DTB for the
drivers configuration.

Link: [1] 474ad1856b56 ("plat-stm32mp1: conf: mandate the use of device tree on STM32MP1x platforms")
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-stm32mp1: remove code for when DT is not supported

This change removes implementation managing cases when CFG_EMBED_DTB is
disabled. This change aims to simplify source files and is related to

plat-stm32mp1: remove code for when DT is not supported

This change removes implementation managing cases when CFG_EMBED_DTB is
disabled. This change aims to simplify source files and is related to
commit [1] from which stm32mp1 platform requires DTB for the drivers
configuration.

Link: [1] 474ad1856b56 ("plat-stm32mp1: conf: mandate the use of device tree on STM32MP1x platforms")
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

libutee: add CNTVCT to user system registers

Adds CNTVCT to user system registers. Needed when compiling with
CFG_CORE_SEL2_SPMC=y and CFG_MEMTAG=y.

Reviewed-by: Jerome Forissier <jerome.forissier@

libutee: add CNTVCT to user system registers

Adds CNTVCT to user system registers. Needed when compiling with
CFG_CORE_SEL2_SPMC=y and CFG_MEMTAG=y.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: tpm: fix syntax in trace message

Fixes build warning (trace message below) when CFG_CORE_TPM_EVENT_LOG=y.

core/kernel/tpm.c:115:8: warning: format ‘%lu’ expects argument of type ‘long unsigne

core: tpm: fix syntax in trace message

Fixes build warning (trace message below) when CFG_CORE_TPM_EVENT_LOG=y.

core/kernel/tpm.c:115:8: warning: format ‘%lu’ expects argument of type ‘long unsigned int’, but argument 7 has type ‘size_t’ {aka ‘unsigned int’} [-Wformat=]
115 | EMSG("TPM: Not enough space for the log: %zu, %lu",
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
116 | buf_size, tpm_log_size);
| ~~~~~~~~~~~~
| |
| size_t {aka unsigned int}


Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

libutee: add TEE_MAIN_ALGO_SHAKE values

The CAAM driver relies on TEE_ALG_GET_MAIN_ALG() macro to retrieve the
main algorithm ID from the TEE_ALG_* value.

With the addition of TEE_ALG_SHAKE128 and

libutee: add TEE_MAIN_ALGO_SHAKE values

The CAAM driver relies on TEE_ALG_GET_MAIN_ALG() macro to retrieve the
main algorithm ID from the TEE_ALG_* value.

With the addition of TEE_ALG_SHAKE128 and TEE_ALG_SHAKE256,
TEE_ALG_GET_MAIN_ALG() would return 0x01 (TEE_MAIN_ALGO_MD5) and 0x02
(TEE_MAIN_ALGO_SHA1). These returned values are wrong.

Add TEE_MAIN_ALGO_SHAKE128 and TEE_MAIN_ALGO_SHAKE256 values for
respectively TEE_ALG_SHAKE128 and TEE_ALG_SHAKE256.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-vexpress: enable CFG_PCKS11_TA by default

Enable the PKCS#11 TA in plat-vexpress for easier testing (such as in
CI). With this, the PKCS#11 in-tree TA is built with optee_os and
CFG_PKCS11_TA i

plat-vexpress: enable CFG_PCKS11_TA by default

Enable the PKCS#11 TA in plat-vexpress for easier testing (such as in
CI). With this, the PKCS#11 in-tree TA is built with optee_os and
CFG_PKCS11_TA is exported in the host_include folder of the TA dev kit
(host_include/conf.{mk,h,cmake}) where optee_test will find it and
also enable the PKCS#11 tests.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

qemu_armv8a: set default-user-ta-target ?= ta_arm64

Update platform vexpress-qemu_armv8a to build in-tree TAs in 64 bit
mode (ta_arm64) by default instead of 32-bit. This makes more sense
because th

qemu_armv8a: set default-user-ta-target ?= ta_arm64

Update platform vexpress-qemu_armv8a to build in-tree TAs in 64 bit
mode (ta_arm64) by default instead of 32-bit. This makes more sense
because that is the default setting in the OP-TEE development/test
environment [1].

Link: [1] https://github.com/OP-TEE/build/blob/3.20.0/qemu_v8.mk#L8
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-k3: remove duplicate comments

Removing duplicated comments in the existing as well as newly added
functions.

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
Acked-by: Etienne Carriere <eti

plat-k3: remove duplicate comments

Removing duplicated comments in the existing as well as newly added
functions.

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-k3: add config for building extended OTP PTA

Add the config to build it for K3 platforms. It is still an optional
support and can be disabled if necessary.

Signed-off-by: Manorit Chawdhry <m-c

plat-k3: add config for building extended OTP PTA

Add the config to build it for K3 platforms. It is still an optional
support and can be disabled if necessary.

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: pta: Add K3 specific PTA for writing into extended OTP

Writing into the extended OTP has been a vendor specific thing and no
generic drivers exists for it in the OP-TEE framework.

Add a PTA t

core: pta: Add K3 specific PTA for writing into extended OTP

Writing into the extended OTP has been a vendor specific thing and no
generic drivers exists for it in the OP-TEE framework.

Add a PTA to write into the custom extended OTP bits in K3 architecture.

This header should be exported out of optee-os to be used by the host
binary for interacting with the PTA.

Includes OTP keywriting PTA header file in libutee

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-k3: drivers: add TISCI calls for extended OTP

Extended OTP are a set of bits in our efuses that can be programmed for
user specific cases which deal with authentication/encryption.

This patch

plat-k3: drivers: add TISCI calls for extended OTP

Extended OTP are a set of bits in our efuses that can be programmed for
user specific cases which deal with authentication/encryption.

This patch adds support for calling extended OTP APIs using TISCI.

Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

virt: rename CFG_VIRTUALIZATION to CFG_NS_VIRTUALIZATION

With the advent of virtualization support at S-EL2 in the Armv8.4-A
architecture, CFG_VIRTUALIZATION has become ambiguous. Let's rename
it to

virt: rename CFG_VIRTUALIZATION to CFG_NS_VIRTUALIZATION

With the advent of virtualization support at S-EL2 in the Armv8.4-A
architecture, CFG_VIRTUALIZATION has become ambiguous. Let's rename
it to CFG_NS_VIRTUALIZATION to indicate more clearly that it is about
supporting virtualization on the non-secure side.

This commit is the result of the following command:

$ for f in $(git grep -l -w CFG_VIRTUALIZATION); do \
sed -i -e 's/CFG_VIRTUALIZATION/CFG_NS_VIRTUALIZATION/g' $f; \
done

...plus the compatibility line in mk/config.mk:

CFG_NS_VIRTUALIZATION ?= $(CFG_VIRTUALIZATION)

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>

show more ...

core: arm: fix external DT when async notif interrupt is a GIC PPI

Fixes values loaded in interrupt properties of the optee node created
in external DT for cases where the interrupt used is a PPI.

core: arm: fix external DT when async notif interrupt is a GIC PPI

Fixes values loaded in interrupt properties of the optee node created
in external DT for cases where the interrupt used is a PPI.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: gic: rename macros GIC_SGI, GIC_PPI and GIC_SPI

Renames OP-TEE core macros GIC_SGI(), GIC_PPI() and GIC_SPI() to
GIC_xxx_TO_ITNUM() to prevent collision with macros GIC_SPI and CFG_PPI
defined

core: gic: rename macros GIC_SGI, GIC_PPI and GIC_SPI

Renames OP-TEE core macros GIC_SGI(), GIC_PPI() and GIC_SPI() to
GIC_xxx_TO_ITNUM() to prevent collision with macros GIC_SPI and CFG_PPI
defined in GIC DT bindings.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: sp: Allow to embed binary SPs to OP-TEE binary

If the ELF header is not found in the file, then assume it's a binary
format SP.

Signed-off-by: Imre Kis <imre.kis@arm.com>
Acked-by: Jens Wikla

core: sp: Allow to embed binary SPs to OP-TEE binary

If the ELF header is not found in the file, then assume it's a binary
format SP.

Signed-off-by: Imre Kis <imre.kis@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: spmc: Add support for raw binary format SPs

The current SP loading mechanism is using a similar ELF format as
GP TAs. The new SP format is a flat binary which doesn't require the
presence of a

core: spmc: Add support for raw binary format SPs

The current SP loading mechanism is using a similar ELF format as
GP TAs. The new SP format is a flat binary which doesn't require the
presence of an ELF loader and it doesn't have any SPMC specific ties.
These properties make the format the one that can be used across
different SPMC implementations. Combined with the load address relative
memory regions the sections of the binary can be mapped in a similar
way as with ELF files.
The elf-format field of the SP manifest selects the ELF based or the
binary format loading mechanism.

Signed-off-by: Imre Kis <imre.kis@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: spmc: Add support for load address relative memory regions

Add support for memory regions where the required VA is set as an
offset from the SP's load address. The mapping of memory regions is

core: spmc: Add support for load address relative memory regions

Add support for memory regions where the required VA is set as an
offset from the SP's load address. The mapping of memory regions is
done in two phases. First the load address relative memory regions
are being mapped to the given VA and then ones where the VA is
selected by the system. This way conflicts between the memory regions
in the VA space can be prevented.
The NOBITS load-flags value is similar to the NOBITS ELF sections. If
this bit is set then the SPMC allocates new area otherwise it will set
the access rights of already mapped areas.

Signed-off-by: Imre Kis <imre.kis@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...