core: remove boot_get_handlers()

struct thread_handlers is used to pass the entry functions
for different power management events. In practice only .cpu_on is used
and with the default function at t

core: remove boot_get_handlers()

struct thread_handlers is used to pass the entry functions
for different power management events. In practice only .cpu_on is used
and with the default function at that. In the ARMv7 case where the
secure monitor replaces TF-A not even that function entry is used.

Remove struct thread_handlers and boot_get_handlers(). When configured
with TF-A initialize thread_*_handler_ptr with __weak default functions.

The __weak default PM functions
- thread_cpu_off_handler()
- thread_cpu_suspend_handler()
- thread_cpu_resume_handler()
- thread_system_off_handler()
- thread_system_reset_handler()
can be overridden by platforms when needed.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: log message when secure storage corruption is detected

When CFG_REE_FS and CFG_RPMB_FS are both 'y', the data stored by OP-TEE
in the REE filesystem (typically, under /data/tee) are protected

core: log message when secure storage corruption is detected

When CFG_REE_FS and CFG_RPMB_FS are both 'y', the data stored by OP-TEE
in the REE filesystem (typically, under /data/tee) are protected by
hashes stored in the RPMB. Any modifications to the REE files via
external means are therefore detected and TEE_ERROR_SECURITY is
returned. However, no error or debug message is printed to the secure
console which makes troubleshooting more difficult than needed. This
commit adds a debug message.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

mk: core: ta: Configurable Python interpreter

Build systems that manage multiple different python interpreters need
explicit control over which version of the interpreter to use.
This patch enables

mk: core: ta: Configurable Python interpreter

Build systems that manage multiple different python interpreters need
explicit control over which version of the interpreter to use.
This patch enables one to override the default interpreter with the path
to a specific one.

Signed-off-by: Dick Olsson <hi@senzilla.io>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

plat-imx: fix CSU SA settings for i.MX6UL

io_write32() would replace the settings bits while writing the lock
bits, replace the setting of the lock bits with io_setbits32() to ensure
that the access

plat-imx: fix CSU SA settings for i.MX6UL

io_write32() would replace the settings bits while writing the lock
bits, replace the setting of the lock bits with io_setbits32() to ensure
that the access bits won't be overwritten. The lock bit mask also
contained access value bits, remove those.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Clement Faure <clement.faure@nxp.com>

show more ...

core: ff-a: clear shm buffer caching after yielding call

In __thread_std_smc_entry() for the legacy SMC interface the RPC SHM
cache is cleared when a thread is done. Add the same handling to the
FF-

core: ff-a: clear shm buffer caching after yielding call

In __thread_std_smc_entry() for the legacy SMC interface the RPC SHM
cache is cleared when a thread is done. Add the same handling to the
FF-A case.

Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add generic rpc shared memory buffer caching

Replaces tee_fs_rpc_cache_alloc() with thread_rpc_shm_alloc() which also
takes a shared memory type as argument. This allows allocating an kernel
p

core: add generic rpc shared memory buffer caching

Replaces tee_fs_rpc_cache_alloc() with thread_rpc_shm_alloc() which also
takes a shared memory type as argument. This allows allocating an kernel
private RPC buffer when needed.

Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: ff-a: add dummy thread_rpc_{alloc,free}_global_payload()

OP-TEE doesn't support "global" shm allocations with FF-A yet. Provide
dummy implementations of the functions to simplify configur

core: arm: ff-a: add dummy thread_rpc_{alloc,free}_global_payload()

OP-TEE doesn't support "global" shm allocations with FF-A yet. Provide
dummy implementations of the functions to simplify configuration.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: allocate kernel payload

Request shared memory allocation of TYPE_KERNEL memory

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io

core: arm: allocate kernel payload

Request shared memory allocation of TYPE_KERNEL memory

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
[jw: add spmc counter part]
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: enable FF-A with SPM Core at S-EL1

Adds support for using FF-A as transport instead of using the
proprietary SMCs defined in optee_smc.h.

The configuration support the case where SPM Core is

core: enable FF-A with SPM Core at S-EL1

Adds support for using FF-A as transport instead of using the
proprietary SMCs defined in optee_smc.h.

The configuration support the case where SPM Core is implementation at
S-EL1, that is, inside OP-TEE. This configuration is also know as "S-EL1
SPMC" in the FF-A 1.0 specification [1].

Compile with CFG_CORE_SEL1_SPMC=y

Note that this is an experimental feature, ABIs etc may have
incompatible changes

Link: [1] https://static.docs.arm.com/den0077/a/DEN0077A_PSA_Firmware_Framework_Arm_v8-A_1.0_EAC.pdf

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-vexpress: spci: add support to register secondary CPU entrypoints using PSCI_CPU_ON

This patch adds support to use the PSCI_CPU_ON function to register the
entry point for each OP-TEE context o

plat-vexpress: spci: add support to register secondary CPU entrypoints using PSCI_CPU_ON

This patch adds support to use the PSCI_CPU_ON function to register the
entry point for each OP-TEE context on a secondary CPU. This function is
invoked on the boot CPU during initialisation. When the physical CPU is
turned on by the Normal world, the SPMD in EL3 arranges for the entry
point to be invoked to perform OP-TEE initialisation.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Achin Gupta <achin.gupta@arm.com>
[jw: small edits + AAarch32 support]
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add mobj_ffa

Adds a new mobj, mobj_ffa, tailored to handle shared memory
registrations over FF-A.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.

core: add mobj_ffa

Adds a new mobj, mobj_ffa, tailored to handle shared memory
registrations over FF-A.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add optee_ffa.h defining the OP-TEE ABI for FF-A

Adds optee_ffa.h which defines the OP-TEE ABI when Arm Platform Security
Architecture Firmware Framework for Arm V8-A [1] is used as transport

core: add optee_ffa.h defining the OP-TEE ABI for FF-A

Adds optee_ffa.h which defines the OP-TEE ABI when Arm Platform Security
Architecture Firmware Framework for Arm V8-A [1] is used as transport
instead of raw proprietary SMCs. This ABI where OP-TEE specific
implementation is used to fill the implementation specific gaps in the
specification is called OP-TEE FF-A, or sometimes just FF-A.

A new memref type, struct optee_msg_param_fmem, is added to carry
information needed to create new shared memory mobjs.

Link: [1] https://static.docs.arm.com/den0077/a/DEN0077A_PSA_Firmware_Framework_Arm_v8-A_1.0_EAC.pdf
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add FF-A 1.0 definitions

This patch adds FF-A 1.0 definitions based on [1] and an earlier version
of this .h file [2] from TF-A.

Link: [1] https://static.docs.arm.com/den0077/a/DEN0077A_PSA_F

core: add FF-A 1.0 definitions

This patch adds FF-A 1.0 definitions based on [1] and an earlier version
of this .h file [2] from TF-A.

Link: [1] https://static.docs.arm.com/den0077/a/DEN0077A_PSA_Firmware_Framework_Arm_v8-A_1.0_EAC.pdf
Link: [2] https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/plain/include/services/spci_beta0.h?h=topics/spci_beta0_spmd&id=c5afe561f653449f4fd9df1d50cf70c60fc0d343

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Co-developed-by: Achin Gupta <achin.gupta@arm.com>
Signed-off-by: Achin Gupta <achin.gupta@arm.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: psci.h: add PSCI_CPU_ON_SMC64

Adds PSCI_CPU_ON_SMC64 which is using the 64-bit calling convention as a
complement to define PSCI_CPU_ON using the 32-bit calling convention.

Acked-by: Etienne

core: psci.h: add PSCI_CPU_ON_SMC64

Adds PSCI_CPU_ON_SMC64 which is using the 64-bit calling convention as a
complement to define PSCI_CPU_ON using the 32-bit calling convention.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

stm32_etzpc: rename internal function init_device_from_hw_config()

Fix typo in function label: init_devive_from_hw_config() is renamed
init_device_from_hw_config().

Fix also a typo in source file i

stm32_etzpc: rename internal function init_device_from_hw_config()

Fix typo in function label: init_devive_from_hw_config() is renamed
init_device_from_hw_config().

Fix also a typo in source file inline comment.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

subdir.mk: clear aflags-remove-y after processing

After processing a sub.mk by subdir.mk also clear aflags-remove-y
together with the rest of the variables to clear.

Reviewed-by: Jerome Forissier <

subdir.mk: clear aflags-remove-y after processing

After processing a sub.mk by subdir.mk also clear aflags-remove-y
together with the rest of the variables to clear.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: mempool: use recursive mutex

The mempool code can be simplified by using a recursive mutex.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carri

core: mempool: use recursive mutex

The mempool code can be simplified by using a recursive mutex.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: introduce recursive mutexes

Adds support for recursive mutex objects. A recursive mutex may be
locked several times by the same thread without causing a deadlock.
The implementation is copied

core: introduce recursive mutexes

Adds support for recursive mutex objects. A recursive mutex may be
locked several times by the same thread without causing a deadlock.
The implementation is copied from the get_pool()/put_pool() functions
in lib/libutils/ext/mempool.c, which will be updated to use the new
mutex type in a later commit.

In order to avoid the overhead associated with recursive mutexes when
not needed, a new struct recursive_mutex is introduced as well as
specific functions: mutex_init_recursive(), mutex_destroy_recursive(),
mutex_lock_recursive() and mutex_unlock_recursive(). A static initializer
is also available (RECURSIVE_MUTEX_INITIALIZER).
mutex_get_recursive_lock_depth() returns the current lock depth (only
valid to call from the thread holding the lock).

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutils: atomic.h: add atomic_{load,store}_short()

Adds atomic functions operating on the 'short int' type.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <et

libutils: atomic.h: add atomic_{load,store}_short()

Adds atomic functions operating on the 'short int' type.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: mutex: replace -1 with THREAD_ID_INVALID

Code cleanup: use THREAD_ID_INVALID rather that its value (-1).

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <

core: mutex: replace -1 with THREAD_ID_INVALID

Code cleanup: use THREAD_ID_INVALID rather that its value (-1).

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: make thread ID a short int

Changes thread_get_id() and thread_get_id_may_fail() to return 'short
int' instead of 'int'. That is, 16 bits instead of 32 on all supported
architectures which is m

core: make thread ID a short int

Changes thread_get_id() and thread_get_id_may_fail() to return 'short
int' instead of 'int'. That is, 16 bits instead of 32 on all supported
architectures which is more than enough since the largest thread ID
value is (CFG_NUM_THREADS - 1). Note, struct wait_queue_elem::handle
is already a short int.

trace_ext_get_thread_id() is not changed (still returns an int) because
it is part of the TA API and modifying it would needlessly introduce
incompatibilities.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ta: pkcs11: persistent object support

A persistent object (token object in PKCS#11 spec) is stored as
a binary blob of attribute list identified by a UUID.

The persistent database stores the UUIDs

ta: pkcs11: persistent object support

A persistent object (token object in PKCS#11 spec) is stored as
a binary blob of attribute list identified by a UUID.

The persistent database stores the UUIDs of the persistent objects
of the token.

Reviewed-by: Ricardo Salveti <ricardo@foundries.io>
Co-developed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ta: pkcs11: support command to import and destroy object

Implement commands PKCS11_CMD_CREATE_OBJECT and PKCS11_CMD_DESTROY_OBJECT.

Reviewed-by: Ricardo Salveti <ricardo@foundries.io>
Co-developed-

ta: pkcs11: support command to import and destroy object

Implement commands PKCS11_CMD_CREATE_OBJECT and PKCS11_CMD_DESTROY_OBJECT.

Reviewed-by: Ricardo Salveti <ricardo@foundries.io>
Co-developed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ta: pkcs11: attribute helper functions

* Helper functions for object attributes management.
* Helper functions to safely parse client attributes template
to create a list of attributes for a objec

ta: pkcs11: attribute helper functions

* Helper functions for object attributes management.
* Helper functions to safely parse client attributes template
to create a list of attributes for a object in the PKCS11 ta.
* Helper functions for assigning or checking object attributes
according to PKCS#11 specification.
* Add id-to-string conversion for attribute/class/key types.
* Helper functions to analyze object attributes.

Reviewed-by: Ricardo Salveti <ricardo@foundries.io>
Co-developed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ta: pkcs11: helper for serial arguments with allocation

Helper functions for serial arguments that expect memory allocation.

Reviewed-by: Ricardo Salveti <ricardo@foundries.io>
Co-developed-by: Eti

ta: pkcs11: helper for serial arguments with allocation

Helper functions for serial arguments that expect memory allocation.

Reviewed-by: Ricardo Salveti <ricardo@foundries.io>
Co-developed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...