Update CHANGELOG for 3.15.0

Update CHANGELOG for 3.15.0 and collect Tested-by tags.

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6

Update CHANGELOG for 3.15.0

Update CHANGELOG for 3.15.0 and collect Tested-by tags.

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6dlsabreauto)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6dlsabresd)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6qpsabreauto)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6qsabresd)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6sllevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6sxsabresd)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6ulevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6ullevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6ulzevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx7dsabresd)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx7ulpevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx8mmevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx8mnevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx8mpevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx8mqevk)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx8qmmek)
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx8qxpmek)
Tested-by: Etienne Carriere <etienne.carriere@linaro.org> (stm32mp1-157C_DK2 gp pkcs11)
Tested-by: Etienne Carriere <etienne.carriere@linaro.org> (stm32mp1-157C_EV1 gp pkcs11 StMM)
Tested-by: Igor Opaniuk <igor.opaniuk@foundries.io> (Poplar)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (FVP)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (Juno)
Tested-by: Jens Wiklander <jens.wiklander@linaro.org> (imx-mx8mqevk)
Tested-by: Jerome Forissier <jerome@forissier.org> (hikey-hikey)
Tested-by: Jerome Forissier <jerome@forissier.org> (hikey-hikey960)
Tested-by: Jerome Forissier <jerome@forissier.org> (vexpress-qemu_armv8a)
Tested-by: Jerome Forissier <jerome@forissier.org> (vexpress-qemu_virt)
Tested-by: Joakim Bech <joakim.bech@linaro.org> (RPi3B)
Tested-by: Ricardo Salveti <ricardo@foundries.io> (ZynqMP)
Tested-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> (imx-mx6qsabrelite barebox kernel 5.14.9)
Tested-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> (imx-mx6ulccimx6ulsbcpro barebox kernel 5.14.9)
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (LS1012A-RDB)
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (LS1028A-RDB)
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (LS1043A-RDB)
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (LS1046A-RDB)
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (LS1088A-RDB)
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (LS2088A-RDB)
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (LX2160A-RDB)
Tested-by: Sumit Garg <sumit.garg@linaro.org> (Developerbox)
Tested-by: Victor Chong <victor.chong@linaro.org> (QEMUv8 AOSP)
Tested-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com> (rcar-salvator_m3_2x4g / virt)
Tested-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com> (rcar-salvator_m3_2x4g)
Tested-by: Ying-Chun Liu (PaulLiu) <paul.liu@linaro.org> (bpi0)
Tested-by: Ying-Chun Liu (PaulLiu) <paul.liu@linaro.org> (mx8mm_cl_iot_gate)

show more ...

plat-stm32mp1: fix securing clock tree

Fix bug introduced in commit [1] that added HCLK5 parent clock
identifier but did not handle it from secure_parent_clocks() resulting
in core panic when RCC se

plat-stm32mp1: fix securing clock tree

Fix bug introduced in commit [1] that added HCLK5 parent clock
identifier but did not handle it from secure_parent_clocks() resulting
in core panic when RCC security hardening is enabled.

Fixes: [1] commit ea6f231cbdfa ("plat-stm32mp1: fix clock rate computation for CRYP1/GPIOZ/HASH1/MDMA")
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: call mapped_shm_init() via preinit()

Calls mapped_shm_init() and mobj_mapped_shm_init() a bit earlier by
registering it with preinit().

Acked-by: Jerome Forissier <jerome@forissier.org>
Revie

core: call mapped_shm_init() via preinit()

Calls mapped_shm_init() and mobj_mapped_shm_init() a bit earlier by
registering it with preinit().

Acked-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: virt: initialize heap via preinit_early()

Registers a function to initialize the heap used by OP-TEE partitions
instead of doing it via init_tee_runtime(). With this the malloc() works
a bit e

core: virt: initialize heap via preinit_early()

Registers a function to initialize the heap used by OP-TEE partitions
instead of doing it via init_tee_runtime(). With this the malloc() works
a bit earlier when an OP-TEE partition is initialized.

Acked-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add call_preinitcalls()

Adds call_preinitcalls() for really early initcalls. This function is
supposed to be called before call_initcalls() is called. With
virtualization enabled it is called

core: add call_preinitcalls()

Adds call_preinitcalls() for really early initcalls. This function is
supposed to be called before call_initcalls() is called. With
virtualization enabled it is called in a blocking context when the
OP-TEE partition is created.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: update reference link to PrimeCell Cache Controller

Update broken link

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome@forissier.org>

drivers: imx_ocotp: fix clock enablement for imx7 platforms

Set the correct CCM clock domain ID to enabled the OCOTP clock
on imx7 platforms.

Fixes: e4ca953c38 ("drivers: imx: add OCOTP driver")
Si

drivers: imx_ocotp: fix clock enablement for imx7 platforms

Set the correct CCM clock domain ID to enabled the OCOTP clock
on imx7 platforms.

Fixes: e4ca953c38 ("drivers: imx: add OCOTP driver")
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

drivers: crypto: fix RSAES-OAEP encryption length check

According to PKCS#1 v2.2: RSA Cryptography Standard, for RSAES-OAEP
Encryption operation function, the following length check must be done
pri

drivers: crypto: fix RSAES-OAEP encryption length check

According to PKCS#1 v2.2: RSA Cryptography Standard, for RSAES-OAEP
Encryption operation function, the following length check must be done
prior the encryptioon operation [1]:

Return error if mLen > k - 2*hlen - 2

Because (k - 2*hlen - 2) must be superior or equal to zero, return an
error also if 2*hlen >= k - 2

Links: [1] https://datatracker.ietf.org/doc/html/rfc8017
Fixes: f5a70e3efb ("drivers: crypto: generic resources for crypto device driver - RSA")
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: caam: check destination buffer size before copying message

At the end of the RSA-OAEP decryption operation, check if the
destination message buffer is big enough to hold the output of the
d

drivers: caam: check destination buffer size before copying message

At the end of the RSA-OAEP decryption operation, check if the
destination message buffer is big enough to hold the output of the
decryption operation.
If the buffer is too small, return TEE_ERROR_SHORT_BUFFER error code
along the expected buffer size.

Fixes: 796ea6d867 ("drivers: caam: implement NXP CAAM Driver - RSA")
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ARM: dts: stm32mp15: secure-status from RCC node

Remove specific secure-status property from RCC clock/reset device
node in the DT since useless now that RCC secure hardening configuration
is driven

ARM: dts: stm32mp15: secure-status from RCC node

Remove specific secure-status property from RCC clock/reset device
node in the DT since useless now that RCC secure hardening configuration
is driven from the node compatible property, not from status/secure-status
state.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

plat-stm32mp1: clk: split clock initialization sequence

Move clock initialization sequence from function stm32mp1_clk_early_init()
to a new local function stm32mp1_clk_init() that get all FDT refere

plat-stm32mp1: clk: split clock initialization sequence

Move clock initialization sequence from function stm32mp1_clk_early_init()
to a new local function stm32mp1_clk_init() that get all FDT references.
This change will allow to factorize clock initialization when generic
clock framework will be supported.

Implement enable_rcc_tzen() and disable_rcc_tzen() helper functions
for the same purpose.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

plat-stm32mp1: clk: new compatible st,stm32mp1-rcc-secure

Update to Linux v5.14 DT bindings on RCC clock driver. Legacy compatible
"st,stm32mp1-rcc" relates to RCC with security hardening disabled.

plat-stm32mp1: clk: new compatible st,stm32mp1-rcc-secure

Update to Linux v5.14 DT bindings on RCC clock driver. Legacy compatible
"st,stm32mp1-rcc" relates to RCC with security hardening disabled. New
compatible "st,stm32mp1-rcc-secure" relates to platforms where RCC
security hardening is enabled. The new compatible was introduced in
Linux kernel v5.14 from [1].

Link: [1] https://lore.kernel.org/r/20210617051814.12018-11-gabriel.fernandez@foss.st.com
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

drivers: stm32_gpio: inline function when without GPIO support

Provide an implementation for GPIO configuration when the driver
is not embedded (CFG_STM32_GPIO!=y). In such configuration, platform
c

drivers: stm32_gpio: inline function when without GPIO support

Provide an implementation for GPIO configuration when the driver
is not embedded (CFG_STM32_GPIO!=y). In such configuration, platform
cannot configure the GPIO pins hence place an assert() instruction.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

plat-stm32mp1: fix dependencies in shared resources

GPIO pin counting depends on embedded DTB, not CFG_DT.
Process GPIO configuration upon CFG_STM32_GPIO=y.

Signed-off-by: Etienne Carriere <etienne

plat-stm32mp1: fix dependencies in shared resources

GPIO pin counting depends on embedded DTB, not CFG_DT.
Process GPIO configuration upon CFG_STM32_GPIO=y.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

plat-stm32mp1: GPIO and SCMI mandate embedded DTB


Mandate embedded DTB support for stm32mp1 GPIO driver and SCMI server.

Platform stm32mp1 can be build without embedded DTB support in which
case m

plat-stm32mp1: GPIO and SCMI mandate embedded DTB


Mandate embedded DTB support for stm32mp1 GPIO driver and SCMI server.

Platform stm32mp1 can be build without embedded DTB support in which
case most peripheral cannot be used. This configuration is used for
development purpose for which the platform security hardening is
disabled.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

plat-stm32mp1: embed GPIO banks helper upon CFG_STM32_GPIO

Embed platform functions stm32_*_gpio_bank_*() upon CFG_STM32_GPIO.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by

plat-stm32mp1: embed GPIO banks helper upon CFG_STM32_GPIO

Embed platform functions stm32_*_gpio_bank_*() upon CFG_STM32_GPIO.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

plat-stm32mp1: pmic: release constraint on non-secure I2C clock parent

Remove constraints securing the parents of a non-secure clock.
This constraints adds no value on such unsafe configuration.

Si

plat-stm32mp1: pmic: release constraint on non-secure I2C clock parent

Remove constraints securing the parents of a non-secure clock.
This constraints adds no value on such unsafe configuration.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

plat-stm32mp1: fix typo in parent clock trace string ID

Fix debug string identifier for parent clock HCLK6.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <j

plat-stm32mp1: fix typo in parent clock trace string ID

Fix debug string identifier for parent clock HCLK6.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-stm32mp1: fix clock rate computation for CRYP1/GPIOZ/HASH1/MDMA

Fix parent clock identifier in stm32mp15 clock driver for CRYP1, GPIOZ,
HASH1 and MDMA clocks. The issue affected only clock rate

plat-stm32mp1: fix clock rate computation for CRYP1/GPIOZ/HASH1/MDMA

Fix parent clock identifier in stm32mp15 clock driver for CRYP1, GPIOZ,
HASH1 and MDMA clocks. The issue affected only clock rate computation
for these 4 clocks, not the clock gating support.

CRYP1, GPIOZ and HASH1 clocks are fed by HCLK5, not PCLK5. MDMA clock
is fed by HCLK6, not PCLK5.

Reported-by: Chaemin Lim <vn.cmlim@gmail.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: move debug info and CC optimization level to config.mk

Move configuration switches CFG_DEBUG_INFO and CFG_CC_OPT_LEVEL
default values from arm.mk to config.mk and add a short description.

Sig

core: move debug info and CC optimization level to config.mk

Move configuration switches CFG_DEBUG_INFO and CFG_CC_OPT_LEVEL
default values from arm.mk to config.mk and add a short description.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: remove deprecated CFG_CC_OPTIMIZE_FOR_SIZE

Remove CFG_CC_OPTIMIZE_FOR_SIZE configuration size that is not used
and is incorrectly tested here (should be tested against != y).

Signed-off-

core: arm: remove deprecated CFG_CC_OPTIMIZE_FOR_SIZE

Remove CFG_CC_OPTIMIZE_FOR_SIZE configuration size that is not used
and is incorrectly tested here (should be tested against != y).

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ta: pkcs11: Add certificate object support

Adds support for:

PKCS #11 Cryptographic Token Interface Base Specification Version 2.40
Plus Errata 01

4.6 Certificate objects
4.6.3 X.509 public key ce

ta: pkcs11: Add certificate object support

Adds support for:

PKCS #11 Cryptographic Token Interface Base Specification Version 2.40
Plus Errata 01

4.6 Certificate objects
4.6.3 X.509 public key certificate objects

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-vexpress: enable CFG_ENABLE_EMBEDDED_TESTS by default

The vexpress platform family is mainly used for development and testing
so it makes sense to enable internal tests by default. What this do

plat-vexpress: enable CFG_ENABLE_EMBEDDED_TESTS by default

The vexpress platform family is mainly used for development and testing
so it makes sense to enable internal tests by default. What this does
currently is xtest 1001 runs core internal tests and xtest 1006 runs
TA bget tests.

As a result, remove redundant CFG_ENABLE_EMBEDDED_TESTS=y in the Azure
CI build script and add one configuration with tests disabled.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: new config switch CFG_PREALLOC_RPC_CACHE

CFG_PREALLOC_RPC_CACHE=y enables preallocation of an RPC shared memory
reference per secure thread. It is default enabled for backward
configuration co

core: new config switch CFG_PREALLOC_RPC_CACHE

CFG_PREALLOC_RPC_CACHE=y enables preallocation of an RPC shared memory
reference per secure thread. It is default enabled for backward
configuration compatibility.

Disabling CFG_PREALLOC_RPC_CACHE can be useful when CFG_WITH_PAGER=y
and the pager page pool is somewhat small as RPC cache shm consumes
several kByte of unpaged memory.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: arm: mm: add pager constraint on dynamic shm release functions

Fix missing pager constraints on dynamic shm release function. These
are needed since SMC function ID OPTEE_SMC_DISABLE_SHM_CACHE

core: arm: mm: add pager constraint on dynamic shm release functions

Fix missing pager constraints on dynamic shm release function. These
are needed since SMC function ID OPTEE_SMC_DISABLE_SHM_CACHE executes
in a fastcall SMC unpaged context and may call dynamic shm release
functions to release RPC preallocated shm.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...