arm32: kernel: Add common itr_core_handler() for NMFI workaround

Should we receive FIQ interrupt treat it always as panic to indicate to
platform developer that FIQ interrupts must be disabled in sy

arm32: kernel: Add common itr_core_handler() for NMFI workaround

Should we receive FIQ interrupt treat it always as panic to indicate to
platform developer that FIQ interrupts must be disabled in system level.

Function itr_core_handler() is defined without __weak to make sure that
there are no other function trying to handle the FIQ.

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

arm.mk: Add CFG_CORE_WORKAROUND_ARM_NMFI for NMFI problem

If the ARMv7 Cortex-A core is configured with Non-maskable FIQ (NMFI)
support there are side effects that FIQ can only be masked during
exce

arm.mk: Add CFG_CORE_WORKAROUND_ARM_NMFI for NMFI problem

If the ARMv7 Cortex-A core is configured with Non-maskable FIQ (NMFI)
support there are side effects that FIQ can only be masked during
exception entry and once unmasked by software it cannot anymore be masked.

Side effects of this is that critical sections within the code cannot
re-enable FIQ mask.

FIQ is recommended to be masked during secure monitor execution.

ARMv8 architecture is not affected as the Non-maskable FIQ support is not
available in there.

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

arm32: correct bit define for SCTLR.NMFI setting

In SCTLR register definition NMFI bit is 27th bit. Correct the define.

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Reviewed-by:

arm32: correct bit define for SCTLR.NMFI setting

In SCTLR register definition NMFI bit is 27th bit. Correct the define.

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: mm: fix error flushing unused pgt's

With commit b1df82f10633 ("core: use set_um_region() to update
translation tables") a "populated" value is used for each pgt
(translation table) to tell if

core: mm: fix error flushing unused pgt's

With commit b1df82f10633 ("core: use set_um_region() to update
translation tables") a "populated" value is used for each pgt
(translation table) to tell if it's up to date or if
core_mmu_populate_user_map() should initialize it.

When a pgt becomes unused it must be marked as unused. Prior to this
patch an error in the logic prevented pgt's to be marked as unused
properly. This can prevent core_mmu_populate_user_map() from
initializing a pgt. This can cause some new mappings to not be
established properly.

So fix this by giving the correct arguments for pgt_flush_range() in
rem_um_region() and core_is_buffer_inside() in pgt_entry_matches().

Fixes: b1df82f10633 ("core: use set_um_region() to update translation tables")
Acked-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

crypto: se050: SCP03 enabled only session.

The SE050F FIPS 140-2 certified device makes SCP03 mandatory from
boot.

To support this use case, we introduce CFG_CORE_SCP03_ONLY. Its
functionality is d

crypto: se050: SCP03 enabled only session.

The SE050F FIPS 140-2 certified device makes SCP03 mandatory from
boot.

To support this use case, we introduce CFG_CORE_SCP03_ONLY. Its
functionality is described in crypto.mk.

Some information regarding the SE050F device below [1]

[1] https://www.nxp.com/docs/en/application-note/AN12436.pdf

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

crypto: se050: add support for the SE050F

Add the SCP03 keys to support the NXP SE050F device

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@li

crypto: se050: add support for the SE050F

Add the SCP03 keys to support the NXP SE050F device

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

crypto: se050: fix SE050F2 identifier

Used the wrong identifier for the SE050F2 board. This would cause the
SCP03 symmetric keys to be rejected by the Secure Element and so the
secure session could

crypto: se050: fix SE050F2 identifier

Used the wrong identifier for the SE050F2 board. This would cause the
SCP03 symmetric keys to be rejected by the Secure Element and so the
secure session could not be started.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

libmbedtls: mbedtls_config_uta.h: enable chacha20 and chachapoly support

Extend the mbedtls UTA configuration to support the ciphers chacha20 and
chachapoly for usage in custom TAs, as they are supp

libmbedtls: mbedtls_config_uta.h: enable chacha20 and chachapoly support

Extend the mbedtls UTA configuration to support the ciphers chacha20 and
chachapoly for usage in custom TAs, as they are supported by common
protocols, such as TLS1.3, IPsec or WireGuard

Signed-off-by: Simon Ott <simon.ott@aisec.fraunhofer.de>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

libmbedtls: fix cipher_wrap.c for chacha20 and chachapoly

For chacha20 and chachapoly, the *_ctx_clone() function is missing
and therefore the wrong function pointers are assigned to
.ctx_clone_func

libmbedtls: fix cipher_wrap.c for chacha20 and chachapoly

For chacha20 and chachapoly, the *_ctx_clone() function is missing
and therefore the wrong function pointers are assigned to
.ctx_clone_func and .ctx_free_func when MBEDTLS_CHACHA20_C
or MBEDTLS_CHACHAPOLY_C is enabled.

Signed-off-by: Simon Ott <simon.ott@aisec.fraunhofer.de>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: crypto-api: rsa: pass algorithm to implementation

This is required for drivers that might only support some
of the algorithms and want to delegate the operation to
their software implementatio

core: crypto-api: rsa: pass algorithm to implementation

This is required for drivers that might only support some
of the algorithms and want to delegate the operation to
their software implementations

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Clement Faure <clement.faure@nxp.com>

show more ...

lib: mbedtls: rsa: support the crypto driver

Allow the software implementation to coexist with the crypto driver
API.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Jens Wikla

lib: mbedtls: rsa: support the crypto driver

Allow the software implementation to coexist with the crypto driver
API.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: rsa: support the crypto driver

Allow the software implementations to coexist with the crypto driver
API.

This way drivers using the Crypto API can fallback to their software
based implem

core: ltc: rsa: support the crypto driver

Allow the software implementations to coexist with the crypto driver
API.

This way drivers using the Crypto API can fallback to their software
based implementations if they need to.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: rsa: support the crypto driver

Provide an explicit interface to software cryptographic operations to
allow accessing them whenever the Crypto driver API is enabled.

Signed-off-by: Jorge Ramir

core: rsa: support the crypto driver

Provide an explicit interface to software cryptographic operations to
allow accessing them whenever the Crypto driver API is enabled.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutils: compiler.h: introduce __alias(x)

Improve readability with an __alias definition.
Supports the __weak __alias("g") use case

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed

libutils: compiler.h: introduce __alias(x)

Improve readability with an __alias definition.
Supports the __weak __alias("g") use case

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-k3: am62x: add SA2UL and TRNG support

Add SA2UL and TRNG support for TI SoC AM62X through OP-TEE.

Signed-off-by: Kamlesh Gurudasani <kamlesh@ti.com>
Acked-by: Jerome Forissier <jerome.forissie

plat-k3: am62x: add SA2UL and TRNG support

Add SA2UL and TRNG support for TI SoC AM62X through OP-TEE.

Signed-off-by: Kamlesh Gurudasani <kamlesh@ti.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

Add STAILQ_HEAD() and STAILQ_ENTRY() to typedefs.checkpatch

When using BSD queues from <sys/queues.h>, a singly linked tail queue
entry is declared with a macro:

STAILQ_ENTRY(type) var;

This makes

Add STAILQ_HEAD() and STAILQ_ENTRY() to typedefs.checkpatch

When using BSD queues from <sys/queues.h>, a singly linked tail queue
entry is declared with a macro:

STAILQ_ENTRY(type) var;

This makes checkpatch.pl unhappy because the type is unknown:

WARNING: Missing a blank line after declarations
+ struct file *file;
+ STAILQ_ENTRY(load_seg) link;

Checkpatch has the same problem with the macro STAILQ_HEAD().

This patch adds a regular expression to typedefs.checkpatch that
matches the macro part, thus fixing the warning.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ci: code_style: run pycodestyle even if checkpatch has failed

When checkpatch reports issues, it returns an error status which make
the code_style job fail as expected. However, by default when a jo

ci: code_style: run pycodestyle even if checkpatch has failed

When checkpatch reports issues, it returns an error status which make
the code_style job fail as expected. However, by default when a job step
fails the subsequent ones are not executed. Therefore, pycodestyle is
skipped which is bad because we sometimes want to ignore some checkpatch
errors and we still want to detect Python issues.

This problem is fixed by adding a condition to the "Run pycodestyle"
step.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: avoid TA panic when secure storage is corrupt

init_head_from_data() triggers a TA panic in case corrupt data is read
from the secure storage, for instance by request from the PKCS#11
trusted a

core: avoid TA panic when secure storage is corrupt

init_head_from_data() triggers a TA panic in case corrupt data is read
from the secure storage, for instance by request from the PKCS#11
trusted application.
"Every Trusted Storage implementation is expected to return
TEE_ERROR_CORRUPT_OBJECT if a Trusted Application attempts to open
an object and the TEE determines that its contents (or those of the
storage itself) have been tampered with or rolled back."
See TEE Internal Core API Specification v1.1.2, section 5.7.1.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Zengxx <zengxiaoxu@huawei.com>
Signed-off-by: Joakim Nordell <joakim.nordell@axis.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: ts_manager: remove unneeded check

The function ts_get_current_session() can not return NULL as panic()
would abort the execution in that case.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundr

core: ts_manager: remove unneeded check

The function ts_get_current_session() can not return NULL as panic()
would abort the execution in that case.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: ffa: Process manifest endpoint_id

The manifest can specify the endpoint ID for a SP. Process it and make
sure that 2 SPs don't have the same endpoint ID.
The sp_init_uuid() has been split into

core: ffa: Process manifest endpoint_id

The manifest can specify the endpoint ID for a SP. Process it and make
sure that 2 SPs don't have the same endpoint ID.
The sp_init_uuid() has been split into 2 functions (sp_init_uuid() and
sp_first_run()), this is needed to make sure that the SPs has the
correct endpoint ID during it's first run.

Signed-off-by: Jelle Sels <jelle.sels@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

ci: zynqmp: Add compilation for optional drivers

Test compile optional Xiphera TRNG and HUK drivers (and its related
drivers).

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Acked

ci: zynqmp: Add compilation for optional drivers

Test compile optional Xiphera TRNG and HUK drivers (and its related
drivers).

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

libutils: brel: bugfix memset scope larger than expected

In the case of wipe = true and previous buffer is free, memset
the current buffer, rather then current buffer with previous free
buffer.

Sig

libutils: brel: bugfix memset scope larger than expected

In the case of wipe = true and previous buffer is free, memset
the current buffer, rather then current buffer with previous free
buffer.

Signed-off-by: Zengxx <zengxiaoxu@huawei.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Guangwei Zhou <zhouguangwei5@huawei.com>

show more ...

drivers: xiphera_trng: Allow interrupts while waiting for random

If for some reason getting new random values take a bit longer toggle
interrupt masks on/off while waiting.

This allows pending inte

drivers: xiphera_trng: Allow interrupts while waiting for random

If for some reason getting new random values take a bit longer toggle
interrupt masks on/off while waiting.

This allows pending interrupts to be served faster in REE side as getting
new random might not be that important. At the same time it gives more
time for random number generation to complete and not just performing
spinning and waiting.

It was originally recommended by TRNG vendor not to cache previous partial
results in memory. TRNG itself is rather fast so there should
be always fresh bytes available for consumption. Thus to simplify the code
remove the FIFO construct.

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

libutils: util.h: fix the ROUNDUP_OVERFLOW() macro

Some parenthesis are missing in the ROUNDUP_OVERFLOW expression.
The macro can only return false.

Fixes: 2e48af989133 ("util.h: add the macro ROUN

libutils: util.h: fix the ROUNDUP_OVERFLOW() macro

Some parenthesis are missing in the ROUNDUP_OVERFLOW expression.
The macro can only return false.

Fixes: 2e48af989133 ("util.h: add the macro ROUNDUP_OVERFLOW()")
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: drivers: stm32mp15 Hardware Unique Key driver

Generate a secret Hardware Unique Key from BSEC OTPs.

The algorithm used simplifies the device provisioning phase because
it does not require a u

core: drivers: stm32mp15 Hardware Unique Key driver

Generate a secret Hardware Unique Key from BSEC OTPs.

The algorithm used simplifies the device provisioning phase because
it does not require a unique per device secret to be fused: just a key
common to all devices.

The algorithm uses a 128 bit symmetric key stored as four 32 bit words
read from OTP fuses.

The HUK is calculated by AES-GCM encrypting the device UID (96 bits).

Since the UID is persistent - and so should be the key - the NONCE can
be reused and hold any value.

The OTP values must be secrets but don't need to be unique per-device.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...