core: update reference link to PrimeCell Cache Controller

Update broken link

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome@forissier.org>

drivers: imx_ocotp: fix clock enablement for imx7 platforms

Set the correct CCM clock domain ID to enabled the OCOTP clock
on imx7 platforms.

Fixes: e4ca953c38 ("drivers: imx: add OCOTP driver")
Si

drivers: imx_ocotp: fix clock enablement for imx7 platforms

Set the correct CCM clock domain ID to enabled the OCOTP clock
on imx7 platforms.

Fixes: e4ca953c38 ("drivers: imx: add OCOTP driver")
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

drivers: crypto: fix RSAES-OAEP encryption length check

According to PKCS#1 v2.2: RSA Cryptography Standard, for RSAES-OAEP
Encryption operation function, the following length check must be done
pri

drivers: crypto: fix RSAES-OAEP encryption length check

According to PKCS#1 v2.2: RSA Cryptography Standard, for RSAES-OAEP
Encryption operation function, the following length check must be done
prior the encryptioon operation [1]:

Return error if mLen > k - 2*hlen - 2

Because (k - 2*hlen - 2) must be superior or equal to zero, return an
error also if 2*hlen >= k - 2

Links: [1] https://datatracker.ietf.org/doc/html/rfc8017
Fixes: f5a70e3efb ("drivers: crypto: generic resources for crypto device driver - RSA")
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: caam: check destination buffer size before copying message

At the end of the RSA-OAEP decryption operation, check if the
destination message buffer is big enough to hold the output of the
d

drivers: caam: check destination buffer size before copying message

At the end of the RSA-OAEP decryption operation, check if the
destination message buffer is big enough to hold the output of the
decryption operation.
If the buffer is too small, return TEE_ERROR_SHORT_BUFFER error code
along the expected buffer size.

Fixes: 796ea6d867 ("drivers: caam: implement NXP CAAM Driver - RSA")
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ARM: dts: stm32mp15: secure-status from RCC node

Remove specific secure-status property from RCC clock/reset device
node in the DT since useless now that RCC secure hardening configuration
is driven

ARM: dts: stm32mp15: secure-status from RCC node

Remove specific secure-status property from RCC clock/reset device
node in the DT since useless now that RCC secure hardening configuration
is driven from the node compatible property, not from status/secure-status
state.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

plat-stm32mp1: clk: split clock initialization sequence

Move clock initialization sequence from function stm32mp1_clk_early_init()
to a new local function stm32mp1_clk_init() that get all FDT refere

plat-stm32mp1: clk: split clock initialization sequence

Move clock initialization sequence from function stm32mp1_clk_early_init()
to a new local function stm32mp1_clk_init() that get all FDT references.
This change will allow to factorize clock initialization when generic
clock framework will be supported.

Implement enable_rcc_tzen() and disable_rcc_tzen() helper functions
for the same purpose.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

plat-stm32mp1: clk: new compatible st,stm32mp1-rcc-secure

Update to Linux v5.14 DT bindings on RCC clock driver. Legacy compatible
"st,stm32mp1-rcc" relates to RCC with security hardening disabled.

plat-stm32mp1: clk: new compatible st,stm32mp1-rcc-secure

Update to Linux v5.14 DT bindings on RCC clock driver. Legacy compatible
"st,stm32mp1-rcc" relates to RCC with security hardening disabled. New
compatible "st,stm32mp1-rcc-secure" relates to platforms where RCC
security hardening is enabled. The new compatible was introduced in
Linux kernel v5.14 from [1].

Link: [1] https://lore.kernel.org/r/20210617051814.12018-11-gabriel.fernandez@foss.st.com
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

drivers: stm32_gpio: inline function when without GPIO support

Provide an implementation for GPIO configuration when the driver
is not embedded (CFG_STM32_GPIO!=y). In such configuration, platform
c

drivers: stm32_gpio: inline function when without GPIO support

Provide an implementation for GPIO configuration when the driver
is not embedded (CFG_STM32_GPIO!=y). In such configuration, platform
cannot configure the GPIO pins hence place an assert() instruction.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

plat-stm32mp1: fix dependencies in shared resources

GPIO pin counting depends on embedded DTB, not CFG_DT.
Process GPIO configuration upon CFG_STM32_GPIO=y.

Signed-off-by: Etienne Carriere <etienne

plat-stm32mp1: fix dependencies in shared resources

GPIO pin counting depends on embedded DTB, not CFG_DT.
Process GPIO configuration upon CFG_STM32_GPIO=y.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

plat-stm32mp1: GPIO and SCMI mandate embedded DTB


Mandate embedded DTB support for stm32mp1 GPIO driver and SCMI server.

Platform stm32mp1 can be build without embedded DTB support in which
case m

plat-stm32mp1: GPIO and SCMI mandate embedded DTB


Mandate embedded DTB support for stm32mp1 GPIO driver and SCMI server.

Platform stm32mp1 can be build without embedded DTB support in which
case most peripheral cannot be used. This configuration is used for
development purpose for which the platform security hardening is
disabled.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

plat-stm32mp1: embed GPIO banks helper upon CFG_STM32_GPIO

Embed platform functions stm32_*_gpio_bank_*() upon CFG_STM32_GPIO.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by

plat-stm32mp1: embed GPIO banks helper upon CFG_STM32_GPIO

Embed platform functions stm32_*_gpio_bank_*() upon CFG_STM32_GPIO.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

plat-stm32mp1: pmic: release constraint on non-secure I2C clock parent

Remove constraints securing the parents of a non-secure clock.
This constraints adds no value on such unsafe configuration.

Si

plat-stm32mp1: pmic: release constraint on non-secure I2C clock parent

Remove constraints securing the parents of a non-secure clock.
This constraints adds no value on such unsafe configuration.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

plat-stm32mp1: fix typo in parent clock trace string ID

Fix debug string identifier for parent clock HCLK6.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <j

plat-stm32mp1: fix typo in parent clock trace string ID

Fix debug string identifier for parent clock HCLK6.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-stm32mp1: fix clock rate computation for CRYP1/GPIOZ/HASH1/MDMA

Fix parent clock identifier in stm32mp15 clock driver for CRYP1, GPIOZ,
HASH1 and MDMA clocks. The issue affected only clock rate

plat-stm32mp1: fix clock rate computation for CRYP1/GPIOZ/HASH1/MDMA

Fix parent clock identifier in stm32mp15 clock driver for CRYP1, GPIOZ,
HASH1 and MDMA clocks. The issue affected only clock rate computation
for these 4 clocks, not the clock gating support.

CRYP1, GPIOZ and HASH1 clocks are fed by HCLK5, not PCLK5. MDMA clock
is fed by HCLK6, not PCLK5.

Reported-by: Chaemin Lim <vn.cmlim@gmail.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: move debug info and CC optimization level to config.mk

Move configuration switches CFG_DEBUG_INFO and CFG_CC_OPT_LEVEL
default values from arm.mk to config.mk and add a short description.

Sig

core: move debug info and CC optimization level to config.mk

Move configuration switches CFG_DEBUG_INFO and CFG_CC_OPT_LEVEL
default values from arm.mk to config.mk and add a short description.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: remove deprecated CFG_CC_OPTIMIZE_FOR_SIZE

Remove CFG_CC_OPTIMIZE_FOR_SIZE configuration size that is not used
and is incorrectly tested here (should be tested against != y).

Signed-off-

core: arm: remove deprecated CFG_CC_OPTIMIZE_FOR_SIZE

Remove CFG_CC_OPTIMIZE_FOR_SIZE configuration size that is not used
and is incorrectly tested here (should be tested against != y).

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ta: pkcs11: Add certificate object support

Adds support for:

PKCS #11 Cryptographic Token Interface Base Specification Version 2.40
Plus Errata 01

4.6 Certificate objects
4.6.3 X.509 public key ce

ta: pkcs11: Add certificate object support

Adds support for:

PKCS #11 Cryptographic Token Interface Base Specification Version 2.40
Plus Errata 01

4.6 Certificate objects
4.6.3 X.509 public key certificate objects

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-vexpress: enable CFG_ENABLE_EMBEDDED_TESTS by default

The vexpress platform family is mainly used for development and testing
so it makes sense to enable internal tests by default. What this do

plat-vexpress: enable CFG_ENABLE_EMBEDDED_TESTS by default

The vexpress platform family is mainly used for development and testing
so it makes sense to enable internal tests by default. What this does
currently is xtest 1001 runs core internal tests and xtest 1006 runs
TA bget tests.

As a result, remove redundant CFG_ENABLE_EMBEDDED_TESTS=y in the Azure
CI build script and add one configuration with tests disabled.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: new config switch CFG_PREALLOC_RPC_CACHE

CFG_PREALLOC_RPC_CACHE=y enables preallocation of an RPC shared memory
reference per secure thread. It is default enabled for backward
configuration co

core: new config switch CFG_PREALLOC_RPC_CACHE

CFG_PREALLOC_RPC_CACHE=y enables preallocation of an RPC shared memory
reference per secure thread. It is default enabled for backward
configuration compatibility.

Disabling CFG_PREALLOC_RPC_CACHE can be useful when CFG_WITH_PAGER=y
and the pager page pool is somewhat small as RPC cache shm consumes
several kByte of unpaged memory.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: arm: mm: add pager constraint on dynamic shm release functions

Fix missing pager constraints on dynamic shm release function. These
are needed since SMC function ID OPTEE_SMC_DISABLE_SHM_CACHE

core: arm: mm: add pager constraint on dynamic shm release functions

Fix missing pager constraints on dynamic shm release function. These
are needed since SMC function ID OPTEE_SMC_DISABLE_SHM_CACHE executes
in a fastcall SMC unpaged context and may call dynamic shm release
functions to release RPC preallocated shm.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

ta: pkcs11: Add support for AES CMAC mechanisms

Add support for CKM_AES_CMAC* mechanisms.

Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linar

ta: pkcs11: Add support for AES CMAC mechanisms

Add support for CKM_AES_CMAC* mechanisms.

Signed-off-by: Victor Chong <victor.chong@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Ruchika Gupta <ruchika.gupta@linaro.org>

show more ...

drivers: imx: add OCOTP driver

Add OCOTP driver for imx6, imx7, imx7ulp and imx8m platforms.
The implementation only supports the read of OCOTP shadow registers.
It also implements the tee_otp_get_d

drivers: imx: add OCOTP driver

Add OCOTP driver for imx6, imx7, imx7ulp and imx8m platforms.
The implementation only supports the read of OCOTP shadow registers.
It also implements the tee_otp_get_die_id() function.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

poplar: disable CFG_SECURE_DATA_PATH by default

Since linaro-swg/linux.git branch optee [1] was rebased onto kernel
v5.12, Secure Data Path is broken in xtest [2] because the client side
is based on

poplar: disable CFG_SECURE_DATA_PATH by default

Since linaro-swg/linux.git branch optee [1] was rebased onto kernel
v5.12, Secure Data Path is broken in xtest [2] because the client side
is based on the ION allocator, which was removed from the kernel.

Therefore, disable SDP support by default.

Link: [1] https://github.com/linaro-swg/linux/tree/optee-v5.12-20210628
Link: [2] https://github.com/OP-TEE/optee_test/blob/3.13.0/host/xtest/regression_1000.c#L1220-L1263

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Igor Opaniuk <igor.opaniuk@foundries.io>

show more ...

libutils: ta: provide malloc(), calloc() and realloc() when debug is on

When enabling malloc debug for TAs (CFG_TEE_TA_MALLOC_DEBUG=y), the
standard malloc entry points malloc(), calloc() and reallo

libutils: ta: provide malloc(), calloc() and realloc() when debug is on

When enabling malloc debug for TAs (CFG_TEE_TA_MALLOC_DEBUG=y), the
standard malloc entry points malloc(), calloc() and realloc() are
redirected by C macros to instrumented variants: mdbg_malloc(),
mdbg_calloc() and mdbg_realloc(). In addition, the 'normal' symbols are
not exported by libutils. That is a problem because a TA might still
reference them. For example the C++ code in optee_test requires libstdc++
which relies on malloc() etc.:

build (master)$ make -j10 CFG_TEE_TA_MALLOC_DEBUG=y CFG_TEE_TA_LOG_LEVEL=2
...
/home/jerome/work/optee_repo_qemu/build/../toolchains/aarch32/bin/arm-linux-gnueabihf-ld.bfd: /home/jerome/work/toolchains-gcc10.2/aarch32/bin/../lib/gcc/arm-none-linux-gnueabihf/10.2.1/../../../../arm-none-linux-gnueabihf/lib/libstdc++.a(eh_alloc.o): in function `__cxa_allocate_exception':
/tmp/dgboter/bbs/build03--cen7x86_64/buildbot/cen7x86_64--arm-none-linux-gnueabihf/build/src/gcc/libstdc++-v3/libsupc++/eh_alloc.cc:284: undefined reference to `malloc'
...

Fix the issue by defining the standard malloc() functions in libutils,
calling the debug variants.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

ta_dev_kit.mk: set CFLAGS32 and CFLAGS64 to $(CFLAGS) by default

Prior to commit 19fdfcf617e3 ("build: ldelf and TAs can rely on
CFLAGS32/CFLAGS64") was $(arch-bits-$(sm)) not set for TAs (note: $(s

ta_dev_kit.mk: set CFLAGS32 and CFLAGS64 to $(CFLAGS) by default

Prior to commit 19fdfcf617e3 ("build: ldelf and TAs can rely on
CFLAGS32/CFLAGS64") was $(arch-bits-$(sm)) not set for TAs (note: $(sm)
is the submodule name, i.e., ta_arm32 or ta_arm64 for TAs). As a result,
$$(CFLAGS$$(arch-bits-$$(comp-sm-$2))) expanded to the value of CFLAGS
in mk/compile.mk.
With the introduction of the above commit, $(arch-bits-$(sm)) is always
set to 32 or 64 depending on the TA architecture, so mk/compile.mk now
evaluates $(CFLAGS32) or $(CFLAGS64). In order to keep the previous
behavior while still allowing specific overrides for 32 or 64-bit, set
CFLAGS32 and CFLAGS64 to $(CFLAGS) by default. This is consistent with
what was done for other submodules in commit b09cddcab1ee ("Introduce
CFLAGS32 and CFLAGS64").

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...