core: sp: add DT UUID helper function

Adds helper function to read a UUID from the SP manifest DT and parse it
into a TEE_UUID struct.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-

core: sp: add DT UUID helper function

Adds helper function to read a UUID from the SP manifest DT and parse it
into a TEE_UUID struct.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>

show more ...

ci: harden permissions

GitHub Workflows security hardening

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Alex <aleksandrosansan@gmail.com>

drivers: stm32_i2c: optimize the master receive path

Early error detection prevents an invalid read request made to the
device from blocking the bus for the whole transfer timeout.

Signed-off-by: J

drivers: stm32_i2c: optimize the master receive path

Early error detection prevents an invalid read request made to the
device from blocking the bus for the whole transfer timeout.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

se050: glue: i2c_stm32

To add support in the device tree - since the NXP SE05x device node
has not been agreed yet - the user must provide an alias to the bus
where the device is located.

Once the

se050: glue: i2c_stm32

To add support in the device tree - since the NXP SE05x device node
has not been agreed yet - the user must provide an alias to the bus
where the device is located.

Once the SE05X node has been agreed, support will be added to all
OP-TEE supported platforms.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers: stm32_i2c: fix read operations on I2C_MODE_MASTER mode

One of the valid conditions that leads to the generation of a NACK
is when the controller-receiver signals the end of the transfer
to

drivers: stm32_i2c: fix read operations on I2C_MODE_MASTER mode

One of the valid conditions that leads to the generation of a NACK
is when the controller-receiver signals the end of the transfer
to the target transmitter.

The code being fixed - not clearing the NACK - was causing subsequent
write operations to fail.

This has been validated using the NXP SE050 device.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: rpc: log error when allocation fails in non-secure world

The error messages printed when the non-secure world fails to allocate
shared memory may be misleading misleading:

E/LD: init_elf:45

core: rpc: log error when allocation fails in non-secure world

The error messages printed when the non-secure world fails to allocate
shared memory may be misleading misleading:

E/LD: init_elf:453 sys_open_ta_bin(cb3e5ba0-adf1-11e0-998b-0002a5d5c51b)
E/TC:? 0 ldelf_init_with_ldelf:131 ldelf failed with res: 0xffff000c

This looks like an out-of-memory condition (0xffff000c =
TEE_ERROR_OUT_OF_MEMORY) in the TEE core ("E/TC"), in other words
insufficient core heap space. Add the following message to help pinpoint
the issue:

E/TC:? 0 get_rpc_alloc_res:645 RPC allocation failed. Non-secure world result: ret=0xffff000c ret_origin=0x2

This situation can be reproduced by killing tee-supplicant and invoking
a TA. When the CA is interrupted (Ctrl-C), the above log is printed.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Squashed commit upgrading to zlib v1.12.2

Squash merging branch import/zlib-1.12.2

67d1c836b46d ("core: zlib: fix build warning when _LFS64_LARGEFILE is not defined")
82826342c694 ("zlib: add SPD

Squashed commit upgrading to zlib v1.12.2

Squash merging branch import/zlib-1.12.2

67d1c836b46d ("core: zlib: fix build warning when _LFS64_LARGEFILE is not defined")
82826342c694 ("zlib: add SPDX license identifiers")
bbdade0f5924 ("zlib: set zconf.h options for embedded TS")
449dd56422ca ("Import zlib v1.12.2")

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add missing pauth key saving in foreign interrupt handler

When a foreign interrupt (non-secure) is trapped in OP-TEE the state of
the current thread is saved similarly to when an RPC is perfor

core: add missing pauth key saving in foreign interrupt handler

When a foreign interrupt (non-secure) is trapped in OP-TEE the state of
the current thread is saved similarly to when an RPC is performed.

With pointer authentication enabled two more registers which are part of
the current context, APIAKEYHI-EL1 and APIAKEYLO-EL1, are added. These
registers contains a key needed for pointer authentication. This key is
unique per context so it must always be saved and restored when
switching context.

Prior to this patch the step where this key is saved in the foreign
interrupt handler was missing, so fix this by adding the missing step.

Fixes: 2b06f9dede33 ("Add basic pointer authentication support for TA's")
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-versal: mmap regions

Increase the number of regions in preparation for the merge of
additional drivers.

The value has been chosen using the other more stable platforms
as a reference.

Signed-

plat-versal: mmap regions

Increase the number of regions in preparation for the merge of
additional drivers.

The value has been chosen using the other more stable platforms
as a reference.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

plat-versal: build tee-raw.bin image

This commit generates the tee-raw.bin image so the user can
pass the boot address on the bif file.

The bif file could look like this

the_ROM_image:
{
image {

plat-versal: build tee-raw.bin image

This commit generates the tee-raw.bin image so the user can
pass the boot address on the bif file.

The bif file could look like this

the_ROM_image:
{
image {
{ type=bootimage, file=vpl.pdi }
{ type=bootloader, file=plm.elf }
{ core=psm, file=psmfw.elf }
}

image {
id = 0x1c000000, name=apu_subsystem
{ type=raw, load=0x00001000, file=versal.dtb }
{ core=a72-0, exception_level=el-3, trustzone, file=bl31.elf }
{ core=a72-0, exception_level=el-2, file=u-boot.elf }
{ core=a72-0, exception_level=el-1, trustzone, load=0x60000000,
startup=0x60000000, file=tee-raw.bin }
}
}

For additional information on how to build this platform, please refer
to https://github.com/OP-TEE/build/versal.mk

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: drivers: nxp: Add LX2160A-series SecMon driver

- This driver implements reading the entire NXP LX2160-series Security
Monitor (SecMon) module.
- To enable the SecMon driver, the optee-os bui

core: drivers: nxp: Add LX2160A-series SecMon driver

- This driver implements reading the entire NXP LX2160-series Security
Monitor (SecMon) module.
- To enable the SecMon driver, the optee-os build requires the
CFG_LS_SEC_MON flag.

Signed-off-by: Andrew Mustea <andrew.mustea@microsoft.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

libutils:assert.h:add compiler check for static_assert

static_assert is belong to reserved word since C++11.
We only need this definition when not using C++ or
the C++ version less than C++11.

Sign

libutils:assert.h:add compiler check for static_assert

static_assert is belong to reserved word since C++11.
We only need this definition when not using C++ or
the C++ version less than C++11.

Signed-off-by: Gavin Liu <Gavin.Liu@mediatek.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-stm32mp1: reset platform with reset controller device

Change platform stm32mp1 PSCI_SYSTEM_RESET implementation to rely
on reset controller framework to proceed a full platform reset insead
of

plat-stm32mp1: reset platform with reset controller device

Change platform stm32mp1 PSCI_SYSTEM_RESET implementation to rely
on reset controller framework to proceed a full platform reset insead
of a platform specific sequence. This change makes MP13 variants to
now support PSCI system reset feature.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

dt-bindings: define system reset controller for stm32mp1 flavors

Define DT binding ID related to system reset controller, for both
STM32MP15 and STM32MP13 variants.

Acked-by: Jens Wiklander <jens.w

dt-bindings: define system reset controller for stm32mp1 flavors

Define DT binding ID related to system reset controller, for both
STM32MP15 and STM32MP13 variants.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: scmi-msg: Propagate errors from platform voltd_get_level

plat_scmi_voltd_get_level is refactored to return an SCMI error code and
retrieve the voltage via an out parameter. This allows erro

drivers: scmi-msg: Propagate errors from platform voltd_get_level

plat_scmi_voltd_get_level is refactored to return an SCMI error code and
retrieve the voltage via an out parameter. This allows errors from the
platform SCMI server implementation to be propagated to the REE.

The implementation for stm32mp1 is updated to handle at least some
possible errors.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Anton Eliasson <anton.eliasson@axis.com>

show more ...

plat-stm32mp1: add Avenger96 board with STM32MP157A based DHCOR SoM

The dts(i) files are imported from Linux 5.19-rc6.

Changes made to the imported dts(i) files:
- Enable rcc as on other boards
- A

plat-stm32mp1: add Avenger96 board with STM32MP157A based DHCOR SoM

The dts(i) files are imported from Linux 5.19-rc6.

Changes made to the imported dts(i) files:
- Enable rcc as on other boards
- Allow iwdg2 for usage in non-secure world

Signed-off-by: Johann Neuhauser <jneuhauser@dh-electronics.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-stm32mp1: add STM32MP157C based DHCOM SoM on PDK2 baseboard

The dts(i) files are imported from Linux 5.19-rc6.

Changes made to the imported dts(i) files:
- Drop GPLv2 licensed resources and/or

plat-stm32mp1: add STM32MP157C based DHCOM SoM on PDK2 baseboard

The dts(i) files are imported from Linux 5.19-rc6.

Changes made to the imported dts(i) files:
- Drop GPLv2 licensed resources and/or use their explicit values
- Drop cryp1 okay status as on other boards
- Drop unsupported special rcc clocks definition using comments
- Enable rcc as on other boards
- Allow iwdg2 for usage in non-secure world

Signed-off-by: Johann Neuhauser <jneuhauser@dh-electronics.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: versal: general purpose i/o

Provide access to the GPIO controller on Versal ACAP.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jens Wiklander <jens.wiklander@linaro.or

drivers: versal: general purpose i/o

Provide access to the GPIO controller on Versal ACAP.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: driver: rework the SC API to make compatible with the new MU driver

Rework the SC API to leverage the common MU driver.
This re-work implies the deletion of duplicate functions that are now
im

core: driver: rework the SC API to make compatible with the new MU driver

Rework the SC API to leverage the common MU driver.
This re-work implies the deletion of duplicate functions that are now
implemented in the MU driver instead

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: driver: add common i.MX MU driver

Add a common MU driver for i.MX platforms. This MU driver is used to
communicate with external security controllers.

This driver includes a generic part and

core: driver: add common i.MX MU driver

Add a common MU driver for i.MX platforms. This MU driver is used to
communicate with external security controllers.

This driver includes a generic part and an hardware abstraction layer
for low level MU functions.

The MU driver implements the HAL for the following platforms:
- mx8ulpevk
- mx8qmmek/imx8qxpmek

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat: rcar: fix core pos calculation for H3 boards

Due to mistake, cluster position wasn't shifted left if chip is not
M3W. This led to erroneous core ID calculation on chips that are not
M3W. Actua

plat: rcar: fix core pos calculation for H3 boards

Due to mistake, cluster position wasn't shifted left if chip is not
M3W. This led to erroneous core ID calculation on chips that are not
M3W. Actually, this affected only H3, as only this chip has two
clusters.

Fix this by always shifting x1 (cluster ID) to the left, before doing
one additional shift for non-M3W chips.

Fixes: 572afdce53ea ("plat: rcar: Derive core map from PRR")

Reported-by: Oleksandr Grytsov <oleksandr_grytsov@epam.com>
Tested-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com> (R-Car M3)
Tested-by: Oleksandr Grytsov <oleksandr_grytsov@epam.com> (R-Car H3)
Signed-off-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers: imx-i2c: add support for imx8mn

Add i2c support for imx8mn platforms

Signed-off-by: Gerard Koskamp <gerard.koskamp@nedap.com>
Reviewed-by: Robert Krikke <robert.krikke@nedap.com>
Acked-by:

drivers: imx-i2c: add support for imx8mn

Add i2c support for imx8mn platforms

Signed-off-by: Gerard Koskamp <gerard.koskamp@nedap.com>
Reviewed-by: Robert Krikke <robert.krikke@nedap.com>
Acked-by: Jorge Ramirez-Ortiz <jorge@foundries.io>

show more ...

core: plat-ls: remove OP-TEE support for LS1021A-QDS platform

LS1021A-QDS does not support OP-TEE anymore, removing its
support.

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jer

core: plat-ls: remove OP-TEE support for LS1021A-QDS platform

LS1021A-QDS does not support OP-TEE anymore, removing its
support.

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: plat-ls: remove OP-TEE support for LS1021A-TWR platform

LS1021A-TWR does not support OP-TEE anymore, removing its
support.
Since LS1021A-TWR was default platform for LS, updating default
platf

core: plat-ls: remove OP-TEE support for LS1021A-TWR platform

LS1021A-TWR does not support OP-TEE anymore, removing its
support.
Since LS1021A-TWR was default platform for LS, updating default
platform also to LS1012A-RDB

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

crypto_api: acipher: correct ECC NIST-P521 key size

NIST P521 uses 521-bit private keys.

This change might impact platforms that expect a certain alignment
on the key size (i.e. CAAM)

Signed-off-b

crypto_api: acipher: correct ECC NIST-P521 key size

NIST P521 uses 521-bit private keys.

This change might impact platforms that expect a certain alignment
on the key size (i.e. CAAM)

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...