core: ltc: use SHA1 crypto accelerated function

Uses the recently provided accelerated SHA1 function in LTC.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <

core: ltc: use SHA1 crypto accelerated function

Uses the recently provided accelerated SHA1 function in LTC.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: use AES crypto accelerated routines

Uses the recently provided accelerated AES crypto routines in LTC.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklan

core: ltc: use AES crypto accelerated routines

Uses the recently provided accelerated AES crypto routines in LTC.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add accelerated SHA-256 routines

Adds an Arm CE accelerated SHA-256 function to core/arch/arm/crypto. The
code originates from the previous implementation inside LTC library.
With this multipl

core: add accelerated SHA-256 routines

Adds an Arm CE accelerated SHA-256 function to core/arch/arm/crypto. The
code originates from the previous implementation inside LTC library.
With this multiple crypto libraries can share the function.

The old CFG_CRYPTO_SHA256_ARM64_CE and CFG_CRYPTO_SHA256_ARM32_CE are
replaced by CFG_CRYPTO_SHA256_ARM_CE.

CFG_CORE_CRYPTO_SHA256_ACCEL is introduced as to indicate that some kind of
SHA-256 acceleration is available, not necessarily based on Arm CE.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add accelerated SHA1 routines

Adds an Arm CE accelerated SHA1 function to core/arch/arm/crypto. The code
originates from the previous implementation inside LTC library. With
this multiple cryp

core: add accelerated SHA1 routines

Adds an Arm CE accelerated SHA1 function to core/arch/arm/crypto. The code
originates from the previous implementation inside LTC library. With
this multiple crypto libraries can share the function.

The old CFG_CRYPTO_SHA1_ARM64_CE and CFG_CRYPTO_SHA1_ARM32_CE are
replaced by CFG_CRYPTO_SHA1_ARM_CE.

CFG_CORE_CRYPTO_SHA1_ACCEL is introduced as to indicate that some kind of
SHA-1 acceleration is available, not necessarily based on Arm CE.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add accelerated AES routines

Adds Arm CE accelerated AES routines to core/arch/arm/crypto. The code
originates from the previous implementation inside LTC library. With
this multiple crypto li

core: add accelerated AES routines

Adds Arm CE accelerated AES routines to core/arch/arm/crypto. The code
originates from the previous implementation inside LTC library. With
this multiple crypto library can share these routines.

A new header file, <crypto/crypto_accel.h>, is added with primitive
functions implementing crypto accelerated ciphers.

The old CFG_CRYPTO_AES_ARM64_CE and CFG_CRYPTO_AES_ARM32_CE are
replaced by CFG_CRYPTO_AES_ARM_CE.

CFG_CORE_CRYPTO_AES_ACCEL is introduced as to indicate that some kind of
AES acceleration is available, not necessarily based on Arm CE.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: remove Arm SHA-256 CE routines

Removes the Arm CE routines accelerating SHA-256 in the LTC library.

This will later be added in common code to be shared with other crypto
libraries etc.

core: ltc: remove Arm SHA-256 CE routines

Removes the Arm CE routines accelerating SHA-256 in the LTC library.

This will later be added in common code to be shared with other crypto
libraries etc.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: remove Arm SHA1 CE routines

Removes the Arm CE routines accelerating SHA1 in the LTC library.

This will later be added in common code to be shared with other crypto
libraries etc.

Acked

core: ltc: remove Arm SHA1 CE routines

Removes the Arm CE routines accelerating SHA1 in the LTC library.

This will later be added in common code to be shared with other crypto
libraries etc.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: remove Arm AES CE routines

Removes the Arm AES CE routines from the library.

This will later be added in common code to be shared with other crypto
libraries etc.

Acked-by: Etienne Carr

core: ltc: remove Arm AES CE routines

Removes the Arm AES CE routines from the library.

This will later be added in common code to be shared with other crypto
libraries etc.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: ltc: simplify _CFG_CORE_LTC_*_DESC logic

If a SHA-{256,384,512} or AES algorithm is needed in LTC a matching
_CFG_CORE_LTC_*_DESC variable will be set. So only check the
_CFG_CORE_LTC_*_DESC v

core: ltc: simplify _CFG_CORE_LTC_*_DESC logic

If a SHA-{256,384,512} or AES algorithm is needed in LTC a matching
_CFG_CORE_LTC_*_DESC variable will be set. So only check the
_CFG_CORE_LTC_*_DESC variable to see if a certain algorithm is needed.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core/crypto.mk: simplify _CFG_CORE_LTC_*_DESC logic

Simplifies _CFG_CORE_LTC_*_DESC logic by always defining the
corresponding _CFG_CORE_LTC_*_DESC variable to the algorithm needed
inside LTC.

Acke

core/crypto.mk: simplify _CFG_CORE_LTC_*_DESC logic

Simplifies _CFG_CORE_LTC_*_DESC logic by always defining the
corresponding _CFG_CORE_LTC_*_DESC variable to the algorithm needed
inside LTC.

Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

pta: invoke_test.pta: add aes performance test

Adds test PTA function to run performance test with xtest --aes-perf.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wikland

pta: invoke_test.pta: add aes performance test

Adds test PTA function to run performance test with xtest --aes-perf.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers/scmi-msg: smt entry points for incoming messages

This change implements SCMI channels for reading a SCMI message from a
shared memory and call the SCMI message drivers to route the message
t

drivers/scmi-msg: smt entry points for incoming messages

This change implements SCMI channels for reading a SCMI message from a
shared memory and call the SCMI message drivers to route the message
to the target platform services.

SMT refers to the shared memory management protocol which is used
to get/put message/response in shared memory. SMT is a 28byte header
stating shared memory state and exchanged protocol data.

The processing entry for a SCMI message can be a secure interrupt
(CFG_SCMI_MSG_SMT_INTERRUPT_ENTRY=y), and fastcall SMC
(CFG_SCMI_MSG_SMT_FASTCALL_ENTRY=y) or a threaded execution
context entry (CFG_SCMI_MSG_SMT_THREAD_ENTRY=y).

SMT description in this implementation is based on the SCP-firmware
implementation [1].

Link: [1] https://github.com/ARM-software/SCP-firmware.git

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers/scmi-msg: support for reset domain protocol

Adds SCMI reset domain protocol support in the SCMI message drivers
as defined in SCMI specification v2.0 [1]. Not all the messages
defined in the

drivers/scmi-msg: support for reset domain protocol

Adds SCMI reset domain protocol support in the SCMI message drivers
as defined in SCMI specification v2.0 [1]. Not all the messages
defined in the specification are supported.

Embedded upon CFG_SCMI_MSG_RESET_DOMAIN=y.

scmi_msg_get_rd_handler() sanitizes the message_id value
against any speculative use of reset domain ID as a index since by
SCMI specification, IDs are indices.

SCMI resource in this implementation are dumped or inspired by the
SCP-firmware implementation [2] of the SCMI protocol, server side.

Link: [1] http://infocenter.arm.com/help/topic/com.arm.doc.den0056a/DEN0056A_System_Control_and_Management_Interface.pdf
Link: [2] https://github.com/ARM-software/SCP-firmware.git

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers/scmi-msg: support for clock protocol

Adds SCMI clock protocol support in the SCMI message drivers as
defined in SCMI specification v2.0 [1]. Not all the messages
defined in the specification

drivers/scmi-msg: support for clock protocol

Adds SCMI clock protocol support in the SCMI message drivers as
defined in SCMI specification v2.0 [1]. Not all the messages
defined in the specification are supported.

Embedded upon CFG_SCMI_MSG_CLOCK=y.

Platform can provide one of the plat_scmi_clock_*() handler for the
supported operations set/get state/rate and others.

scmi_msg_get_clock_handler() sanitizes the message_id value
against any speculative use of clock ID as a index since by
SCMI specification, IDs are indices.

SCMI resource in this implementation are dumped or inspired by the
SCP-firmware implementation [2] of the SCMI protocol, server side.

Link: [1] http://infocenter.arm.com/help/topic/com.arm.doc.den0056a/DEN0056A_System_Control_and_Management_Interface.pdf
Link: [2] https://github.com/ARM-software/SCP-firmware.git

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers/scmi-msg: driver for processing scmi messages

This change introduces drivers to allow a platform to create a SCMI
service and register handlers for client request (SCMI agent) on
system reso

drivers/scmi-msg: driver for processing scmi messages

This change introduces drivers to allow a platform to create a SCMI
service and register handlers for client request (SCMI agent) on
system resources. This is the first piece of the drivers: an entry
function, the SCMI base protocol support and helpers for create
the response message.

With this change, scmi_process_message() is the entry function to
process an incoming SCMI message. The function expect the message
is already copied from shared memory into secure memory. The message
structure stores message reference and output buffer reference where
response message shall be stored.

scmi_process_message() calls the SCMI protocol driver according to
the protocol ID in the message. The SCMI protocol driver will call
defined platform handlers according to the message content.

This change introduces only the SCMI base protocol as defined in
SCMI specification v2.0 [1]. Not all the messages defined
in the specification are supported.

SCMI resource in this implementation are dumped or inspired by the
SCP-firmware implementation [2] of the SCMI protocol, server side.

Link: [1] http://infocenter.arm.com/help/topic/com.arm.doc.den0056a/DEN0056A_System_Control_and_Management_Interface.pdf
Link: [2] https://github.com/ARM-software/SCP-firmware.git

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: TEE capability for null sized memrefs support

Introduce a new capability OPTEE_SMC_SEC_CAP_MEMREF_NULL to reflect
support for null shared memory references that is buffer references
with null

core: TEE capability for null sized memrefs support

Introduce a new capability OPTEE_SMC_SEC_CAP_MEMREF_NULL to reflect
support for null shared memory references that is buffer references
with null size and null address reference.

Signed-off-by: Michael Whitfield <michael.whitfield@nxp.com>
Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Tested-by: Joakim Bech <joakim.bech@linaro.org> (QEMU)

show more ...

libutee: Remove ae_tag_len from __TEE_OperationHandle

Remove ae_tag_len from __TEE_OperationHandle structure, since
that information is available in the TEE_OperationInfo.digestLength
field.

Signed

libutee: Remove ae_tag_len from __TEE_OperationHandle

Remove ae_tag_len from __TEE_OperationHandle structure, since
that information is available in the TEE_OperationInfo.digestLength
field.

Signed-off-by: Albert Schwarzkopf <a.schwarzkopf@phytec.de>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: merge tee_*_get_digest_size() into a single function

Rename tee_hash_get_digest_size() to tee_alg_get_digest_size().

Change tee_alg_get_digest_size() to use new libutee macro
TEE_ALG_GET_DIGE

core: merge tee_*_get_digest_size() into a single function

Rename tee_hash_get_digest_size() to tee_alg_get_digest_size().

Change tee_alg_get_digest_size() to use new libutee macro
TEE_ALG_GET_DIGEST_SIZE.

Remove tee_mac_get_digest_size() as its functionality
is handled by tee_alg_get_digest_size() now.

Signed-off-by: Albert Schwarzkopf <a.schwarzkopf@phytec.de>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: Set digestLength value in TEE_OperationInfo structure

Set digestLength as specified in TEE Internal Core API,
section 6.2.3.

Introduce a new macro TEE_ALG_GET_DIGEST_SIZE() to utee_defines

libutee: Set digestLength value in TEE_OperationInfo structure

Set digestLength as specified in TEE Internal Core API,
section 6.2.3.

Introduce a new macro TEE_ALG_GET_DIGEST_SIZE() to utee_defines.h,
combining the implementation of tee_hash_get_digest_size() and
tee_mac_get_digest_size()

Fixes: https://github.com/OP-TEE/optee_os/issues/3471

Signed-off-by: Albert Schwarzkopf <a.schwarzkopf@phytec.de>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ta: pkcs11: remove inline comment about persistent object database

Remove inline comment that is not relevant since PKCS11 object
database is not implemented yet.

Signed-off-by: Etienne Carriere <e

ta: pkcs11: remove inline comment about persistent object database

Remove inline comment that is not relevant since PKCS11 object
database is not implemented yet.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ta: pkcs11: fixup header file inclusion ordering

Fix order of included header files where applicable.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Rouven Czerwinski <r

ta: pkcs11: fixup header file inclusion ordering

Fix order of included header files where applicable.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ta: pkcs11: fixup user id in init_pin_key()

Minor simplification of init_pin_keys() prototype. Change argument
unsigned int uid to enum pkcs11_user_type type since it's what is
provided by the calle

ta: pkcs11: fixup user id in init_pin_key()

Minor simplification of init_pin_keys() prototype. Change argument
unsigned int uid to enum pkcs11_user_type type since it's what is
provided by the called and expected by the function.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-stm32mp1: clock: allow tree lookup for several system clocks

Oscillators, PLLs and some system clocks can be related straight to
a parent clock identifier. Prior this change were only oscillato

plat-stm32mp1: clock: allow tree lookup for several system clocks

Oscillators, PLLs and some system clocks can be related straight to
a parent clock identifier. Prior this change were only oscillators
and few clocks supported by this look up scheme. This changes makes all
parent IDs covered supported. This enables for flexible use of clock
tree exploration when computing a clock frequency value.

Introduces helper function clock_id2parent_id() for clock ID
to parent ID conversion and defines helper right above parent clock
resources for consistency.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>

show more ...

plat-stm32mp1: allow fdt to disable root clocks

Assign a null frequency value to root clocks when FDT defines them
as disabled.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: R

plat-stm32mp1: allow fdt to disable root clocks

Assign a null frequency value to root clocks when FDT defines them
as disabled.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>

show more ...

plat-stm32mp1: clock: handle always-on clocks

Oscillators, PLLs and AXI/MPU/MCU clocks are not gated from
functions stm32_clock_enable() and stm32_clock_disable(). This change
allows these functions

plat-stm32mp1: clock: handle always-on clocks

Oscillators, PLLs and AXI/MPU/MCU clocks are not gated from
functions stm32_clock_enable() and stm32_clock_disable(). This change
allows these functions and stm32_clock_is_enabled() to blindly handle
clock gating for such always-on clocks. Gating these clocks is out of
the scope of this change even if preferred for power consumption
optimization considerations.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...