Squashed commit upgrading to mbedtls-2.28.1

Squash merging branch import/mbedtls-2.28.1

ebf1f6a58089 ("libmbedtls: compile new files added with 2.28.1")
3ffb51b58a54 ("libmbedtls: add SM2 curve")

Squashed commit upgrading to mbedtls-2.28.1

Squash merging branch import/mbedtls-2.28.1

ebf1f6a58089 ("libmbedtls: compile new files added with 2.28.1")
3ffb51b58a54 ("libmbedtls: add SM2 curve")
c425755720b4 ("libmbedtls: mbedtls_mpi_exp_mod(): optimize mempool usage")
23493c822a82 ("libmbedtls: mbedtls_mpi_exp_mod(): reduce stack usage")
dcdca2348dff ("libmbedtls: mbedtls_mpi_exp_mod() initialize W")
dc2994976958 ("libmbedtls: fix no CRT issue")
c6628873b281 ("libmbedtls: add interfaces in mbedtls for context memory operation")
8acd202d3e55 ("libmedtls: mpi_miller_rabin: increase count limit")
37284e28d5d9 ("libmbedtls: add mbedtls_mpi_init_mempool()")
b499a75f29f3 ("libmbedtls: make mbedtls_mpi_mont*() available")
2080a8c96a5d ("mbedtls: configure mbedtls to reach for config")
e0858334327a ("mbedtls: remove default include/mbedtls/config.h")
dd9688e6b8ce ("Import mbedtls-2.28.1")

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: tee_svc.c: add missing comma

Add missing comma to fix the following error:

$ make -s PLATFORM=vexpress-qemu_armv8a CFG_TA_PAUTH=y CFG_MEMTAG=y
core/tee/tee_svc.c:371:9: error: expected ‘}’

core: tee_svc.c: add missing comma

Add missing comma to fix the following error:

$ make -s PLATFORM=vexpress-qemu_armv8a CFG_TA_PAUTH=y CFG_MEMTAG=y
core/tee/tee_svc.c:371:9: error: expected ‘}’ before ‘{’ token
371 | {
| ^
core/tee/tee_svc.c:280:44: note: to match this ‘{’
280 | const struct tee_props tee_propset_tee[] = {
| ^

Fixes: a0e8ffe9ba8f ("core: add support for MTE")
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: imx_i2c: update the I2C initialization

NXP drivers in both u-boot and linux waits 50us after enabling
the bus controller to stabilize the bus.

Signed-off-by: Tim Anderson <tim.anderson@fou

drivers: imx_i2c: update the I2C initialization

NXP drivers in both u-boot and linux waits 50us after enabling
the bus controller to stabilize the bus.

Signed-off-by: Tim Anderson <tim.anderson@foundries.io>
Acked-by: Clement Faure <clement.faure@nxp.com>

show more ...

core: Avoid tee_ram_va equals 0 when CFG_CORE_ASLR is set

Optee OS use 0 as invalid va and tee_ram_va might equals 0 when
CFG_CORE_ASLR=y.
If tee_ram_va = 0, return directly to avoid it.

Signed-off

core: Avoid tee_ram_va equals 0 when CFG_CORE_ASLR is set

Optee OS use 0 as invalid va and tee_ram_va might equals 0 when
CFG_CORE_ASLR=y.
If tee_ram_va = 0, return directly to avoid it.

Signed-off-by: Ming-Jen Chang <ming-jen.chang@mediatek.com>
Signed-off-by: Mark-PK Tsai <mark-pk.tsai@mediatek.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: mm: return true for mattr_is_cached() and TEE_MATTR_MEM_TYPE_TAGGED

Memory areas tagged with TEE_MATTR_MEM_TYPE_TAGGED attributes are
cached. Modify mattr_is_cached() accordingly.

Fixes: 7c3a

core: mm: return true for mattr_is_cached() and TEE_MATTR_MEM_TYPE_TAGGED

Memory areas tagged with TEE_MATTR_MEM_TYPE_TAGGED attributes are
cached. Modify mattr_is_cached() accordingly.

Fixes: 7c3ab7744d ("core: mm: add TEE_MATTR_MEM_TYPE_TAGGED")
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ci: cancel obsolete workflows

When the CI workflow is triggered, we usually don't want previous jobs
related to the same branch or pull request to keep running; it is
just wasteful of resources. The

ci: cancel obsolete workflows

When the CI workflow is triggered, we usually don't want previous jobs
related to the same branch or pull request to keep running; it is
just wasteful of resources. Therefore add a special workflow to deal
with the situation [1].

An exception is made for CI workflows started by updates to the master
branch so that several PR merged in a row do not cancel previous CI runs
started on master.

Link: [1] https://github.com/marketplace/actions/cancel-workflow-action#advanced-pull-requests-from-forks
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: plat-bcm: remove virtual address lookup from main_init_gic()

- Commit 60801696667d ("plat: arm: refactor GIC initialization")
refactored GIC initialization to have gic_init_base_addr() take

core: plat-bcm: remove virtual address lookup from main_init_gic()

- Commit 60801696667d ("plat: arm: refactor GIC initialization")
refactored GIC initialization to have gic_init_base_addr() take in a
physical address instead of a virtual one, meaning that a virtual
address lookup is no longer necessary within a platform's gic_init().
- BCM's main_init_gic() would still perform a virtual memory lookup and
hand over its virtual address instead of the expected physical one.
This caused the lookup in gic_init_base_addr() to fail and panic.
- This new commit removes the virtual memory lookup from BCM's
main_gic_init() and instead hands gic_init_base_addr() a physical
address.

Signed-off-by: Andrew Mustea <andrew.mustea@microsoft.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ci: code_style: clone repository with full history

The code_style job runs checkpatch, which checks if commit references
found in commit descriptions are valid or not. In order for this to
work, the

ci: code_style: clone repository with full history

The code_style job runs checkpatch, which checks if commit references
found in commit descriptions are valid or not. In order for this to
work, the Git repo must contain the full history otherwise some IDs
might be reported as unknown. For example [1]:

WARNING: Unknown commit id '60801696667d', maybe rebased or not pulled?
#7:
- Commit 60801696667d ("plat: arm: refactor GIC initialization")

Link: [1] https://github.com/OP-TEE/optee_os/runs/7529955940?check_suite_focus=true#step:5:35
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: bcm_sotp: add sotp write support

- Added write support for bcm secure one time programmable fuses.
- bcm_iproc_sotp_mem_read() now takes in a bool value for sotp_add_ecc
instead of an int

drivers: bcm_sotp: add sotp write support

- Added write support for bcm secure one time programmable fuses.
- bcm_iproc_sotp_mem_read() now takes in a bool value for sotp_add_ecc
instead of an int to denote if error checking memory is supported.
- Updated debug and error messages to return TEE_result codes.

Signed-off-by: Vahid Dukandar <vahidd@microsoft.com>
Signed-off-by: Andrew Mustea <andrew.mustea@microsoft.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ci: migrate from Azure pipelines to GitHub actions

The Azure CI recently stopped working with frequent "no space left on
device" errors when fetching the Docker image used by the QEMUv8_check
and QE

ci: migrate from Azure pipelines to GitHub actions

The Azure CI recently stopped working with frequent "no space left on
device" errors when fetching the Docker image used by the QEMUv8_check
and QEMUv8_build_Rust jobs [1]. Take this opportunity to migrate to
GitHub Actions which has similar or better capabilities (better
integration with GitHub UI, no need for an Azure account or project,
built-in caching capability for build artifacts, more concurrent jobs
and longer timeouts [2]).

No functional change except for cosmetic things (job names) and the
handling of the build cache. Previously in the multi-platform build job
files could be uploaded to the cache server before the end of the
script. As a result, if a build would time out it would usually be
enough to just restart it, then the new run would obtain files from the
previous run and be fast enough to complete. With the GitHub cache
action used here, this doesn't happen. Data are only uploaded to the
cache when the build completes with no error. It means some manual work
may be needed if the maximum build time is reached: push a truncated
build job to a temporary branch, wait for it to complete, then restart
the timed out job. However, the full build currently takes about 1 hour
with an empty cache and the maximum build time is 6 hours so it should
not be a problem anytime soon. Caching is also enabled for the
QEMUv8_check job.

Link: [1] https://dev.azure.com/OPTEE/optee_os/_build/results?buildId=3395&view=logs&j=4b042fc3-edf6-5596-582e-7ecd0cce7842&t=9368a7c9-f53c-4bb5-bbbf-b04d402537af&l=53
Link: [2] https://docs.github.com/en/actions/learn-github-actions/usage-limits-billing-and-administration#usage-limits
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

dts: stm32mp15: bump to Linux v5.19-rc6 dts files
Synchronize with stm32mp15 dts(i) files from Linux v5.19-rc6.

Changes made to imported dts(i) files:
- stm32mp151.dtsi: add ETZPC node, declare PSCI

dts: stm32mp15: bump to Linux v5.19-rc6 dts files
Synchronize with stm32mp15 dts(i) files from Linux v5.19-rc6.

Changes made to imported dts(i) files:
- stm32mp151.dtsi: add ETZPC node, declare PSCI v1.0.
- stm32mp151.dtsi: add iwdg1 node as before
- stm32mp151.dtsi: add iwdg2 interrupt definition
- stm32mp151.dtsi: add tamp node clocks definition
- stm32mp151.dtsi: keep pin-controller{,-z} node names
- stm32mp157a-dk1.dts: disable RCC secure-status.
- stm32mp157c-dk2.dts: disable RCC secure-status.
- stm32mp157c-dk2.dts: drop cryp1 okay status
- stm32mp157c-ed1.dts (included by ev1): disable RCC secure-status.
- stm32mp157c-ed1.dts: (included by ev1): drop cryp1 okay status
- Remove resources related to input DT bindings using explicit inline
comments as those are under Linux kernel GPLv2 licensing model.

This update is required to add a new board based on Linux 5.19-rc6
dts file.

Signed-off-by: Johann Neuhauser <jneuhauser@dh-electronics.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

dt-bindings: gpio: add GPIO_PULL_{UP,DOWN} definitions

This is required to bump stm32mp15 dts(i) files to Linux 5.19-rc6.

Signed-off-by: Johann Neuhauser <jneuhauser@dh-electronics.com>
Reviewed-by

dt-bindings: gpio: add GPIO_PULL_{UP,DOWN} definitions

This is required to bump stm32mp15 dts(i) files to Linux 5.19-rc6.

Signed-off-by: Johann Neuhauser <jneuhauser@dh-electronics.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-totalcompute: Introduce TC2

Added TC2 platform support

Signed-off-by: Rupinderjit Singh <rupinderjit.singh@arm.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Fo

plat-totalcompute: Introduce TC2

Added TC2 platform support

Signed-off-by: Rupinderjit Singh <rupinderjit.singh@arm.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: rng_hw: Remove __weak attribute from HW RNG functions

These function are no longer overridden by platform HW RNG drivers.
Drivers only need implement hw_get_random_bytes().

Signed-off-by: And

core: rng_hw: Remove __weak attribute from HW RNG functions

These function are no longer overridden by platform HW RNG drivers.
Drivers only need implement hw_get_random_bytes().

Signed-off-by: Andrew Davis <afd@ti.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: rng_hw: Remove hw_get_random_byte()

Now that all everyone is moved over to hw_get_random_bytes()
we can remove the stub hw_get_random_byte() and the weak default
hw_get_random_bytes().

Signed

core: rng_hw: Remove hw_get_random_byte()

Now that all everyone is moved over to hw_get_random_bytes()
we can remove the stub hw_get_random_byte() and the weak default
hw_get_random_bytes().

Signed-off-by: Andrew Davis <afd@ti.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-stm: Switch to hw_get_random_bytes()

hw_get_random_byte() is no longer used. The default crypto_rng_read()
calls hw_get_random_bytes() now so implement just hw_get_random_bytes().

Signed-off-b

plat-stm: Switch to hw_get_random_bytes()

hw_get_random_byte() is no longer used. The default crypto_rng_read()
calls hw_get_random_bytes() now so implement just hw_get_random_bytes().

Signed-off-by: Andrew Davis <afd@ti.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-rcar: Switch to hw_get_random_bytes()

hw_get_random_byte() is no longer used. The default crypto_rng_read()
calls hw_get_random_bytes() now so implement just hw_get_random_bytes().

Signed-off-

plat-rcar: Switch to hw_get_random_bytes()

hw_get_random_byte() is no longer used. The default crypto_rng_read()
calls hw_get_random_bytes() now so implement just hw_get_random_bytes().

Signed-off-by: Andrew Davis <afd@ti.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-k3: Switch to hw_get_random_bytes()

hw_get_random_byte() is no longer used. The default crypto_rng_read()
calls hw_get_random_bytes() now so implement just hw_get_random_bytes().

Signed-off-by

plat-k3: Switch to hw_get_random_bytes()

hw_get_random_byte() is no longer used. The default crypto_rng_read()
calls hw_get_random_bytes() now so implement just hw_get_random_bytes().

Signed-off-by: Andrew Davis <afd@ti.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-k3: Factor out sa2ul_rng_read128()

The core function is a 128bit RNG read. Factor this out into
its own function to help with the switch to hw_get_random_bytes().

Signed-off-by: Andrew Davis <

plat-k3: Factor out sa2ul_rng_read128()

The core function is a 128bit RNG read. Factor this out into
its own function to help with the switch to hw_get_random_bytes().

Signed-off-by: Andrew Davis <afd@ti.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: xiphera_trng: Switch to hw_get_random_bytes()

hw_get_random_byte() is no longer used. The default crypto_rng_read()
calls hw_get_random_bytes() now so implement just hw_get_random_bytes().

drivers: xiphera_trng: Switch to hw_get_random_bytes()

hw_get_random_byte() is no longer used. The default crypto_rng_read()
calls hw_get_random_bytes() now so implement just hw_get_random_bytes().

Signed-off-by: Andrew Davis <afd@ti.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: hi16xx_rng: Switch to hw_get_random_bytes()

hw_get_random_byte() is no longer used. The default crypto_rng_read()
calls hw_get_random_bytes() now so implement just hw_get_random_bytes().

S

drivers: hi16xx_rng: Switch to hw_get_random_bytes()

hw_get_random_byte() is no longer used. The default crypto_rng_read()
calls hw_get_random_bytes() now so implement just hw_get_random_bytes().

Signed-off-by: Andrew Davis <afd@ti.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: dra7_rng: Switch to hw_get_random_bytes()

hw_get_random_byte() is no longer used. The default crypto_rng_read()
calls hw_get_random_bytes() now so implement just hw_get_random_bytes().

Sig

drivers: dra7_rng: Switch to hw_get_random_bytes()

hw_get_random_byte() is no longer used. The default crypto_rng_read()
calls hw_get_random_bytes() now so implement just hw_get_random_bytes().

Signed-off-by: Andrew Davis <afd@ti.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: dra7_rng: Factor out dra7_rng_read64()

The core function is a 64bit RNG read. Factor this out into
its own function to help with the switch to hw_get_random_bytes().

Signed-off-by: Andrew

drivers: dra7_rng: Factor out dra7_rng_read64()

The core function is a 64bit RNG read. Factor this out into
its own function to help with the switch to hw_get_random_bytes().

Signed-off-by: Andrew Davis <afd@ti.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: dra7_rng: Use cpu_spin_lock_xsave helper function

Does the same thing, saves us a line or two.

Signed-off-by: Andrew Davis <afd@ti.com>
Reviewed-by: Etienne Carriere <etienne.carriere@lina

drivers: dra7_rng: Use cpu_spin_lock_xsave helper function

Does the same thing, saves us a line or two.

Signed-off-by: Andrew Davis <afd@ti.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: dra7_rng: Only fetch RNG base VA once

No reason to do this every time we want to get a random byte.
Fetch this once on init and keep it in a static global.

Signed-off-by: Andrew Davis <afd

drivers: dra7_rng: Only fetch RNG base VA once

No reason to do this every time we want to get a random byte.
Fetch this once on init and keep it in a static global.

Signed-off-by: Andrew Davis <afd@ti.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...