core: pager: small simplifications

Adds pmem_clear() and make_dirty_page() as small helper functions to avoid
some duplication of code.

Changes tee_pager_unhide_page() to take the virtual address o

core: pager: small simplifications

Adds pmem_clear() and make_dirty_page() as small helper functions to avoid
some duplication of code.

Changes tee_pager_unhide_page() to take the virtual address of the page
to unhide instead of an index into the translation table.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add fobj_get_iv_vaddr()

Adds fobj_get_iv_vaddr() which returns the virtual address of the tag
and IV needed to restore a particular page.

Acked-by: Etienne Carriere <etienne.carriere@linaro.o

core: add fobj_get_iv_vaddr()

Adds fobj_get_iv_vaddr() which returns the virtual address of the tag
and IV needed to restore a particular page.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add abort_is_write_fault()

Adds abort_is_write_fault() which returns true if the exception is a
data abort caused by an instruction trying to write at an address.

Acked-by: Etienne Carriere <

core: add abort_is_write_fault()

Adds abort_is_write_fault() which returns true if the exception is a
data abort caused by an instruction trying to write at an address.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm32: increase abort stack without crypto accelerations

In case CFG_CRYPTO_WITH_CE=n choose a larger abort stack since the C
implementation of AES-GCM uses a bit more stack than the one using

core: arm32: increase abort stack without crypto accelerations

In case CFG_CRYPTO_WITH_CE=n choose a larger abort stack since the C
implementation of AES-GCM uses a bit more stack than the one using the
crypto extensions.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-mediatek: add support for MT8175 SoC

Add OP-TEE support for MT8175 SoC.

Signed-off-by: Fabien Parent <fparent@baylibre.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

core: use memzero_explicit() to clear sensitive data of tee object

Using preferred memzero_explicit() to clear the sensitive attribute
data, which prevents the compiler from optimizing the call away

core: use memzero_explicit() to clear sensitive data of tee object

Using preferred memzero_explicit() to clear the sensitive attribute
data, which prevents the compiler from optimizing the call away.

Signed-off-by: Stefan Schmidt <snst@meek.de>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

ta: pkcs11: fix comment stating no mechanism is supported

Remove the inline comment that states the implementation does not yet
support any mechanism as is it not true.

Signed-off-by: Etienne Carri

ta: pkcs11: fix comment stating no mechanism is supported

Remove the inline comment that states the implementation does not yet
support any mechanism as is it not true.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Reviewed-by: Ruchika Gupta <ruchika.gupta@linaro.org>

show more ...

ta: pkcs11: Add restriction in C_GetAttributeValue()

Support for getting indirect template attributes using
C_GetAttributeValue() is not supported as of now. Explicitly
return error if such attribut

ta: pkcs11: Add restriction in C_GetAttributeValue()

Support for getting indirect template attributes using
C_GetAttributeValue() is not supported as of now. Explicitly
return error if such attribute value is requested.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>

show more ...

ta: pkcs11: Add sanitize function for symmetric keys

The specification [1] mandates some rules for CKA_VALUE and
CKA_VALUE_LEN for keys of type CKO_GENERIC_SECRET in Table 45,
Table 47. These checks

ta: pkcs11: Add sanitize function for symmetric keys

The specification [1] mandates some rules for CKA_VALUE and
CKA_VALUE_LEN for keys of type CKO_GENERIC_SECRET in Table 45,
Table 47. These checks were missing in current implementation.
Add explicit checks for this when creating such objects.

[1] - PKCS #11 Cryptographic Token Interface Current Mechanisms
Specification Version 2.40 Plus Errata 01

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>

show more ...

ta: pkcs11: Modify optional attributes for symmetric key

CKA_VALUE_LEN attribute may not be required for some
CKO_GENERIC_SECRET type keys eg CKK_DES etc. So, move the
attribute from opt_or_null arr

ta: pkcs11: Modify optional attributes for symmetric key

CKA_VALUE_LEN attribute may not be required for some
CKO_GENERIC_SECRET type keys eg CKK_DES etc. So, move the
attribute from opt_or_null array to optional so that this attribute
doesn't get added by default as NULL if not present in the
user supplied template.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>

show more ...

drivers: scmi-msg: remove unused SCMI channel agent name

Remove field agent_name from struct scmi_msg_channel since unused.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by

drivers: scmi-msg: remove unused SCMI channel agent name

Remove field agent_name from struct scmi_msg_channel since unused.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

drivers: scmi-msg: fix header file inline comments

Fix inline comments for scmi-msg API functions description.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Fori

drivers: scmi-msg: fix header file inline comments

Fix inline comments for scmi-msg API functions description.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

drivers: scmi-msg: rename agent_id to channel_id

Rename agent_id reference to channel_id to avoid confusion with the
agent identifiers used in SCMI protocol to identify agent, whereas
the drivers on

drivers: scmi-msg: rename agent_id to channel_id

Rename agent_id reference to channel_id to avoid confusion with the
agent identifiers used in SCMI protocol to identify agent, whereas
the drivers only reference an SCMI channel, whatever the agent ID
associated with the channel and knowing that an SCMI agent can have
several channels to communicate with the SCMI platform/server.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

drivers: scmi-msg: define CFG_SCMI_MSG_VOLTAGE_DOMAIN in mk/config.mk

Define CFG_SCMI_MSG_VOLTAGE_DOMAIN in mk/config.mk next to the other
CFG_SCMI_MSG_* configuration switches.

Signed-off-by: Etie

drivers: scmi-msg: define CFG_SCMI_MSG_VOLTAGE_DOMAIN in mk/config.mk

Define CFG_SCMI_MSG_VOLTAGE_DOMAIN in mk/config.mk next to the other
CFG_SCMI_MSG_* configuration switches.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

ci: delete .shippable.yml

The Microsoft Azure DevOps Pipelines CI script (.azure-pipelines.yml)
has now been tested with GitHub pull requests for 15 days with only one
minor issue [1], so it is time

ci: delete .shippable.yml

The Microsoft Azure DevOps Pipelines CI script (.azure-pipelines.yml)
has now been tested with GitHub pull requests for 15 days with only one
minor issue [1], so it is time to retire Shippable which only slows
down the CI loop at this point.

Link: [1] https://developercommunity.visualstudio.com/t/1361137
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

libutee: fix memory leak in bigint_binary_mod()

The modulus variable (mpi_n) in bigint_binary_mod() is never released,
causing a memory leak in TEE_BigIntAddMod(), TEE_BigIntSubMod(),
TEE_BigIntMulM

libutee: fix memory leak in bigint_binary_mod()

The modulus variable (mpi_n) in bigint_binary_mod() is never released,
causing a memory leak in TEE_BigIntAddMod(), TEE_BigIntSubMod(),
TEE_BigIntMulMod() and TEE_BigIntSquareMod(). Add the missing call.

Signed-off-by: Matthieu BERTIN <matthieu.bertin@viaccess-orca.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: arm: enforce LTC multi-threading protection

Remove CFG_LTC_OPTEE_THREAD switch and enable or disable
_CFG_CORE_LTC_OPTEE_THREAD based on multi-thread support
since multi-threading mandates thr

core: arm: enforce LTC multi-threading protection

Remove CFG_LTC_OPTEE_THREAD switch and enable or disable
_CFG_CORE_LTC_OPTEE_THREAD based on multi-thread support
since multi-threading mandates thread protection means.

Suggested-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-stm32mp1: simplify device memory mapping

Register device memory by cluster range rather than by device interface
as the later is likely to grow as new devices are added whereas the
overall stat

plat-stm32mp1: simplify device memory mapping

Register device memory by cluster range rather than by device interface
as the later is likely to grow as new devices are added whereas the
overall static mapped may not change.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

plat-stm32mp1: update from deprecated register_dynamic_shm()

Use macro register_ddr() rather than register_dynamic_shm() that is
deprecated.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro

plat-stm32mp1: update from deprecated register_dynamic_shm()

Use macro register_ddr() rather than register_dynamic_shm() that is
deprecated.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

azure: add CFG_IMX_RNGB

Validate RNGB on the imx6ullevk pipeline

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander

azure: add CFG_IMX_RNGB

Validate RNGB on the imx6ullevk pipeline

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

shippable: add CFG_IMX_RNGB

Validate imx_rngb.c

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@l

shippable: add CFG_IMX_RNGB

Validate imx_rngb.c

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

MAINTAINERS: imx_rngb maintained

imx_rngb maintained.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wikla

MAINTAINERS: imx_rngb maintained

imx_rngb maintained.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: imx_rngb: random number generator

Add support for the RNG(B) as described in the i.MX 6ULL Applications
Processor Reference Manual, Rev 1, 11/2017.

Tested on an imx6ull based board.

Signe

drivers: imx_rngb: random number generator

Add support for the RNG(B) as described in the i.MX 6ULL Applications
Processor Reference Manual, Rev 1, 11/2017.

Tested on an imx6ull based board.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: drivers: stm32_rng.c: include thread.h

The implementation makes use of thread_mask_exceptions() and
thread_unmask_exceptions() functions, therefore, include thread.h to avoid
compilation error

core: drivers: stm32_rng.c: include thread.h

The implementation makes use of thread_mask_exceptions() and
thread_unmask_exceptions() functions, therefore, include thread.h to avoid
compilation errors.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: driver: stpmic1: do not use TEE_Result as return type

stpmic1_regulator_levels_mv() uses TEE_Result as return type.
The caller on core/arch/arm/plat-stm32mp1/scmi_server.c does
not check the r

core: driver: stpmic1: do not use TEE_Result as return type

stpmic1_regulator_levels_mv() uses TEE_Result as return type.
The caller on core/arch/arm/plat-stm32mp1/scmi_server.c does
not check the return value, therefore, change it to void.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...