lib: libutils: ext: mempool.c: remove unused thread.h

This commit removes thread.h from lib/libutils/ext/mempool.c since it is
not used, but also to eliminate the dependency between generic librarie

lib: libutils: ext: mempool.c: remove unused thread.h

This commit removes thread.h from lib/libutils/ext/mempool.c since it is
not used, but also to eliminate the dependency between generic libraries
code and architecture-specific core functions.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutils: trace: support more than 100 threads and cores

Add code to support printing thread and core number on 3 digits when
needed.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed

libutils: trace: support more than 100 threads and cores

Add code to support printing thread and core number on 3 digits when
needed.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

libutils: trace: fix off-by-one when switching to 2 digits for thread id

Threads are numbered starting from zero so when CFG_NUM_THREADS == 10
the number still fits on one digit. Fix the conditional

libutils: trace: fix off-by-one when switching to 2 digits for thread id

Threads are numbered starting from zero so when CFG_NUM_THREADS == 10
the number still fits on one digit. Fix the conditional in
print_thread_id().

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: caam: acipher: initialize driver with the JR base address

Instead of systematically using the job ring 0 registers to initialize
the CAAM acipher drivers, use the job ring allocated to OPTE

drivers: caam: acipher: initialize driver with the JR base address

Instead of systematically using the job ring 0 registers to initialize
the CAAM acipher drivers, use the job ring allocated to OPTEE OS.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

drivers: caam: hash: initialize driver with the JR base address

Instead of systematically using the job ring 0 registers to initialize
the CAAM hash driver, use the job ring allocated to OPTEE OS.

drivers: caam: hash: initialize driver with the JR base address

Instead of systematically using the job ring 0 registers to initialize
the CAAM hash driver, use the job ring allocated to OPTEE OS.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: arm: lpae: fix build with large number of CPU cores

A compile time assertion is triggered by the following command:

$ make -j10 -s PLATFORM=vexpress-qemu_armv8a CFG_TEE_CORE_NB_CORE=128 \

core: arm: lpae: fix build with large number of CPU cores

A compile time assertion is triggered by the following command:

$ make -j10 -s PLATFORM=vexpress-qemu_armv8a CFG_TEE_CORE_NB_CORE=128 \
CFG_LPAE_ADDR_SPACE_BITS=40
In file included from core/arch/arm/mm/core_mmu_lpae.c:61:
core/arch/arm/mm/core_mmu_lpae.c: In function ‘core_init_mmu_prtn_ta_core’:
lib/libutils/isoc/include/assert.h:30:24: error: duplicate case value
30 | switch (0) { case 0: case ((x) ? 1: 0): default : break; } \
| ^~~~
core/arch/arm/mm/core_mmu_lpae.c:697:2: note: in expansion of macro ‘COMPILE_TIME_ASSERT’
697 | COMPILE_TIME_ASSERT(MAX_XLAT_TABLES <
| ^~~~~~~~~~~~~~~~~~~
lib/libutils/isoc/include/assert.h:30:16: note: previously used here
30 | switch (0) { case 0: case ((x) ? 1: 0): default : break; } \
| ^~~~
core/arch/arm/mm/core_mmu_lpae.c:697:2: note: in expansion of macro ‘COMPILE_TIME_ASSERT’
697 | COMPILE_TIME_ASSERT(MAX_XLAT_TABLES <
| ^~~~~~~~~~~~~~~~~~~
core/arch/arm/mm/core_mmu_lpae.c:708:8: warning: unused variable ‘ret’ [-Wunused-variable]
708 | bool ret = false;
| ^~~

The type used for struct mmu_partition::user_l1_table_idx, currently
uint8_t, is not wide enough. Fix the issue by using uint8_t or uint16_t
based on the value of MAX_XLAT_TABLES.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutils: qsort.c: fix undefined pointer subtraction

Clang 13.0.0 produces the following warning:

lib/libutils/isoc/qsort.c:81:8: warning: performing pointer subtraction with a null pointer has un

libutils: qsort.c: fix undefined pointer subtraction

Clang 13.0.0 produces the following warning:

lib/libutils/isoc/qsort.c:81:8: warning: performing pointer subtraction with a null pointer has undefined behavior [-Wnull-pointer-subtraction]
loop: SWAPINIT(a, es);
^~~~~~~~~~~~~~~
lib/libutils/isoc/qsort.c:50:47: note: expanded from macro 'SWAPINIT'
#define SWAPINIT(a, es) swaptype = ((char *)a - (char *)0) % sizeof(long)
^ ~~~~~~~~~

Replace the subtraction with a simple cast to uintptr_t.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: dt_driver: probe drivers before/after crypto services

Changes drivers probing sequence to probe before and after core crypto
services that are initialized at service_init initcall level. It in

core: dt_driver: probe drivers before/after crypto services

Changes drivers probing sequence to probe before and after core crypto
services that are initialized at service_init initcall level. It intends
to support probing of drivers the crypto layer depends on (as those
registering to drvcrypt framework) as well as drivers that depend on
crypto services.

At early_init_late initcall level, root node is parsed and the
driver probing loop is run as prior this change. With this change
the probing loop may end-up unresolved dependencies hence another
round of driver probing is done at driver_init initcall level. Drivers
dependencies are expected to be resolved at that stage.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: dt_driver: helper for dependency on crypt service

Adds dt_driver_get_crypto() function to allow drivers to request
probe deferral when depending on core crypto services. For that purpose
tee_c

core: dt_driver: helper for dependency on crypt service

Adds dt_driver_get_crypto() function to allow drivers to request
probe deferral when depending on core crypto services. For that purpose
tee_cryp_init() is changed to call dt_driver_crypt_init_complete() once
crypt layer initialization completes.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

driver: atmel_trng: remove wrong assertion

Remove mistakenly added assert which will always trigger in debug
mode.

Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Clément Léger <cl

driver: atmel_trng: remove wrong assertion

Remove mistakenly added assert which will always trigger in debug
mode.

Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>

show more ...

core: imx: fix CAAM base address for i.MX8Q platforms

Fix CAAM base address for i.MX8QM/QXP platforms.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@

core: imx: fix CAAM base address for i.MX8Q platforms

Fix CAAM base address for i.MX8QM/QXP platforms.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: imx: add SC driver for i.MX8QM/QXP

Add the secure controller driver that implements:
- SCFW API
- SCU IPC functions
- SCU secure IPC initialization
The SCU driver relies on the MU driver

drivers: imx: add SC driver for i.MX8QM/QXP

Add the secure controller driver that implements:
- SCFW API
- SCU IPC functions
- SCU secure IPC initialization
The SCU driver relies on the MU driver to communicate with the security
controller.

Signed-off-by: Remi Koman <remi.koman@nxp.com>
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: imx_wdog: fix defined but not used with CFG_DT=n

Fix a defined but not used error when building with CFG_DT by moving
dt_wdog_match_table under the same ifdef block used by the device-tree

drivers: imx_wdog: fix defined but not used with CFG_DT=n

Fix a defined but not used error when building with CFG_DT by moving
dt_wdog_match_table under the same ifdef block used by the device-tree
block.

Acked-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Signed-off-by: Ricardo Salveti <ricardo@foundries.io>

show more ...

core: pm: fix incorrect flag check in pm_callback

Fix test error check that always return true with current
condition. The check must be done to identify if the
SUSPENDED flag has been set.

Fixes:

core: pm: fix incorrect flag check in pm_callback

Fix test error check that always return true with current
condition. The check must be done to identify if the
SUSPENDED flag has been set.

Fixes: 5920ec258f16 ("core: kernel: pm: refine suspend/resume sequence order")
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: atmel-rstc: add support for reset controller

This reset controller will be used by PSCI to reset the SoC.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <j

drivers: atmel-rstc: add support for reset controller

This reset controller will be used by PSCI to reset the SoC.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>

show more ...

ta: pkcs11: Fix memory leak

When sanitizing indirect templates, obj2 was getting allocated
twice leading to memory leak.

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Reviewed-by: Etienne

ta: pkcs11: Fix memory leak

When sanitizing indirect templates, obj2 was getting allocated
twice leading to memory leak.

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Fixes: https://github.com/OP-TEE/optee_os/issues/5022

show more ...

ta: pkcs11: increase default heap size to 32kB

In some test cases, 16kB memory configured is not enough, specifically
while generating RSA keys, so increasing the default heap size to 32kB.

Signed-

ta: pkcs11: increase default heap size to 32kB

In some test cases, 16kB memory configured is not enough, specifically
while generating RSA keys, so increasing the default heap size to 32kB.

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_cryp: prevent error trace when disabled

Changes stm32_crypt initialization function to not report an error
when the device is not defined or disabled in the embedded DT.

Prevents err

drivers: stm32_cryp: prevent error trace when disabled

Changes stm32_crypt initialization function to not report an error
when the device is not defined or disabled in the embedded DT.

Prevents error trace message seen at boot time:
E/TC:0 0 call_initcalls:43 Initcall __text_start + 0x0002b958 failed

Fixes: 5c3bcc386415 ("dts: stm32mp1: disable CRYP1 device")
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: dt: prevent build failure when CFG_DT is disabled

Fixes dt.h to prevent build failure when dt_driver.h is pre-compiled
while CFG_DT is disabled. Below are examples of such build error traces:

core: dt: prevent build failure when CFG_DT is disabled

Fixes dt.h to prevent build failure when dt_driver.h is pre-compiled
while CFG_DT is disabled. Below are examples of such build error traces:

core/include/kernel/dt_driver.h:61:29: warning: ‘enum dt_driver_type’ declared inside parameter list will not be visible outside of this definition or declaration
61 | void *data, enum dt_driver_type type);
| ^~~~~~~~~~~~~~
core/include/drivers/clk_dt.h: In function ‘clk_dt_register_clk_provider’:
core/include/drivers/clk_dt.h:101:15: error: ‘DT_DRIVER_CLK’ undeclared (first use in this function); did you mean ‘CFG_DRIVERS_CLK’?
101 | data, DT_DRIVER_CLK);
| ^~~~~~~~~~~~~

Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: move functions from tee_svc_storage.c to tee_rpmb_fs.c

tee_svc_storage_create_filename() and tee_svc_storage_create_dirname() are
only used in core/tee/tee_rpmb_fs.c, so move them there and ma

core: move functions from tee_svc_storage.c to tee_rpmb_fs.c

tee_svc_storage_create_filename() and tee_svc_storage_create_dirname() are
only used in core/tee/tee_rpmb_fs.c, so move them there and make them
static. Since they now have file scope they may as well be given shorter
names.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: move FS files out of CFG_WITH_USER_TA

Some files which are currently guarded with CFG_WITH_USER_TA should be
guarded with _CFG_WITH_SECURE_STORAGE or FS-specific configs (CFG_RPMB_FS,
CFG_RPMB

core: move FS files out of CFG_WITH_USER_TA

Some files which are currently guarded with CFG_WITH_USER_TA should be
guarded with _CFG_WITH_SECURE_STORAGE or FS-specific configs (CFG_RPMB_FS,
CFG_RPMB_FS). This will allow the use of secure storage from kernel code
when CFG_WITH_USER_TA=n.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

build: introduce _CFG_WITH_SECURE_STORAGE

Adds _CFG_WITH_SECURE_STORAGE set to 'y' when at least one secure
storage backend is enabled.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Review

build: introduce _CFG_WITH_SECURE_STORAGE

Adds _CFG_WITH_SECURE_STORAGE set to 'y' when at least one secure
storage backend is enabled.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: fix build dependencies for fs_htree.c

core/tee/fs_htree.c is used when CFG_REE_FS=y, and is also used by the
test PTA core/pta/tests/fs_htree.c. Rather than make the implementation
depend on t

core: fix build dependencies for fs_htree.c

core/tee/fs_htree.c is used when CFG_REE_FS=y, and is also used by the
test PTA core/pta/tests/fs_htree.c. Rather than make the implementation
depend on the test (CFG_TEE_CORE_EMBED_INTERNAL_TESTS), do the opposite.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: move tee_svc_storage_create_filename_dfh() to core/tee/tee_fs_rpc.c

tee_svc_storage_create_filename_dfh() is only used in
core/tee/tee_fs_rpc.c, so move it there, make it static and give it a

core: move tee_svc_storage_create_filename_dfh() to core/tee/tee_fs_rpc.c

tee_svc_storage_create_filename_dfh() is only used in
core/tee/tee_fs_rpc.c, so move it there, make it static and give it a
shorter name: create_filename().

Fundamentally, this function is needed when CFG_REE_FS=y but the whole
file core/tee/tee_svc_storage.c (which is the current location of this
function) essentially defines the storage syscalls for TAs and is
therefore not needed when CFG_WITH_USER_TA=n. If we want to later be
able to exclude it from the build while still providing secure storage
to kernel code, the function has to move.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

scripts: add dump_ta_header.py

Add a Python script to dump the information contained in the header of
a TA file (*.ta). One use case is to extract struct shdr::hash, which is
returned by the attesta

scripts: add dump_ta_header.py

Add a Python script to dump the information contained in the header of
a TA file (*.ta). One use case is to extract struct shdr::hash, which is
returned by the attestation PTA to be added in a later commit.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...