core: introduce STPMIC1 driver

STPMIC1 is a power management chip for the stm32mp1 platform. It is
accessed through an I2C bus. STPMIC1 provides regulators and other
features as interrupt sources an

core: introduce STPMIC1 driver

STPMIC1 is a power management chip for the stm32mp1 platform. It is
accessed through an I2C bus. STPMIC1 provides regulators and other
features as interrupt sources and watchdogs.

STPMIC1 configuration is expected from a secure device tree blob, that
currently is the embedded DTB.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

stm32mp1: update DTS files to Linux kernel 5.2-rc1

Synchronize stm32mp1 DTS files with those published in Linux kernel
source tree at commit a188339ca5a3 ("Linux 5.2-rc1").

This change updates plat

stm32mp1: update DTS files to Linux kernel 5.2-rc1

Synchronize stm32mp1 DTS files with those published in Linux kernel
source tree at commit a188339ca5a3 ("Linux 5.2-rc1").

This change updates platforms EV1 and ED1 and introduces DK1 and DK2
known as DiscoveryKit board. It also introduces stpmic1 bindings header
file needed for platform DTS files compilation.

Among other changes, this commit introduces STPMIC1 and BSEC description
nodes. STPMIC1 defines regulators. BSEC describes fuses and uses the
status / secure-status to define fuse access scope in the scope of BSEC
support.

This change strictly dumps Linux kernel DTS files into OP-TEE but
regarding stm32mp157c.dtsi for which the OP-TEE DTS file adds node
for the ETZPC device which is mandated by OP-TEE but not defined in
non-secure Linux kernel scope.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: provide struct user_ta_store_ops in public .h file

Moves struct user_ta_store_ops definition into the new
<kernel/user_ta_store.h> file.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro

core: provide struct user_ta_store_ops in public .h file

Moves struct user_ta_store_ops definition into the new
<kernel/user_ta_store.h> file.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Move reg_pair_*() to util.h

Moves the two functions reg_pair_to_64() and reg_pair_from_64() from the
core only .h file <kernel/misc.h> to the libutils .h file util.h to make
the functions available

Move reg_pair_*() to util.h

Moves the two functions reg_pair_to_64() and reg_pair_from_64() from the
core only .h file <kernel/misc.h> to the libutils .h file util.h to make
the functions available from TAs.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: pager: check utc->areas before assigning tables

In tee_pager_assign_uta_tables() check that utc->areas are allocated
before assigning tables. If utc->areas are not allocated, skip the
operatio

core: pager: check utc->areas before assigning tables

In tee_pager_assign_uta_tables() check that utc->areas are allocated
before assigning tables. If utc->areas are not allocated, skip the
operation.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: handle_db: add ptr_destructor argument

Adds ptr_destructor argument to handle_db_destroy() which is called for
each registered pointer.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.

core: handle_db: add ptr_destructor argument

Adds ptr_destructor argument to handle_db_destroy() which is called for
each registered pointer.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Link user libraries with 4K page size

Set the linker flag max-page-size to 4K when linking shared user
libraries. This is used to avoid unnecessary large holes in the virtual
memory map between segm

Link user libraries with 4K page size

Set the linker flag max-page-size to 4K when linking shared user
libraries. This is used to avoid unnecessary large holes in the virtual
memory map between segments with different attributes.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: vm_set_prot(): skip prot bits already set

In vm_set_prot() skip a region which already has the requested
protection bits set as requested.

Acked-by: Etienne Carriere <etienne.carriere@linaro.

core: vm_set_prot(): skip prot bits already set

In vm_set_prot() skip a region which already has the requested
protection bits set as requested.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: imx: Add in calls to set CAAM job-ring permissions

This patch adds a call to set CAAM job-ring permissions for i.MX6 and i.MX7
processors. Since the iMX6ULL does not have a CAAM it will be ski

core: imx: Add in calls to set CAAM job-ring permissions

This patch adds a call to set CAAM job-ring permissions for i.MX6 and i.MX7
processors. Since the iMX6ULL does not have a CAAM it will be skipped but,
all other i.MX6 and i.MX7 SoCs will have their default CAAM job-ring
permissions set to normal-world.

Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Reviewed-by: Peng Fan <peng.fan@nxp.com>

show more ...

core: imx: Add simple CAAM permissions set routine

When we transition to secure-world certain parts of the CAAM become opaque
to normal world. This patch adds a simple routine to set CAAM job-ring
p

core: imx: Add simple CAAM permissions set routine

When we transition to secure-world certain parts of the CAAM become opaque
to normal world. This patch adds a simple routine to set CAAM job-ring
permissions to normal-world by default.

Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Reviewed-by: Peng Fan <peng.fan@nxp.com>

show more ...

libmbedtls: mbedtls_mpi_exp_mod(): optimize mempool usage

d5572fade852 ("libmbedtls: mbedtls_mpi_exp_mod(): optimize mempool
usage") from branch import/mbedtls-2.16.0

With W allocated in the mempoo

libmbedtls: mbedtls_mpi_exp_mod(): optimize mempool usage

d5572fade852 ("libmbedtls: mbedtls_mpi_exp_mod(): optimize mempool
usage") from branch import/mbedtls-2.16.0

With W allocated in the mempool instead of the stack it is more important
to utilize the mempool in a stack like way.

With this patch allocation and initialization of W is moved to a point
where all following mempool allocations are free before the function
returns.

This reduces maximum memory consumption of mempool in regression case
8101 for an AArch64 TA in from 17280 to 7640 bytes. Figures for an
AArch32 TA are 12040 to 5288 bytes.

Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

github: update GitHub PR and issue templates

Update URLs to point to the new location for the OP-TEE documentation
and also add some minor clarifications.

Signed-off-by: Joakim Bech <joakim.bech@li

github: update GitHub PR and issue templates

Update URLs to point to the new location for the OP-TEE documentation
and also add some minor clarifications.

Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

pta: fix spelling error in comment

Fix a spelling error in validate_in_param().

Signed-off-by: Joakim Bech <joakim.bech@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

stm32_i2c: save DTB status

This change saves DTB status value found in the I2C node and
introduces i2c_is_secure() to state the bus state.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>

stm32_i2c: save DTB status

This change saves DTB status value found in the I2C node and
introduces i2c_is_secure() to state the bus state.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

MAINTAINERS: Update list of maintainers

Linaro takes over maintenance of Hisilicon platforms.

Signed-off-by: Joakim Bech <joakim.bech@linaro.org>

mk/cleandirs.mk: avoid print spurious empty lines

Fixes the macro do-rm-f from outputting spurious empty lines if supplied
a large list of files.

Reviewed-by: Jerome Forissier <jerome@forissier.org

mk/cleandirs.mk: avoid print spurious empty lines

Fixes the macro do-rm-f from outputting spurious empty lines if supplied
a large list of files.

Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-imx: conf: add ccimx6ulsbcpro

The Digi CCIMX6UL SBC Pro board support 256MB of RAM and the default
UART is UART5.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Reviewed-by: Pe

plat-imx: conf: add ccimx6ulsbcpro

The Digi CCIMX6UL SBC Pro board support 256MB of RAM and the default
UART is UART5.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Reviewed-by: Peng Fan <peng.fan@nxp.com>

show more ...

virt: kern.ld.S: remove PROVIDE() keyword

The linker script for the TEE core exports two symbols using the
PROVIDE() keyword. This keyword is not needed; it makes no difference
because when CFG_VIRT

virt: kern.ld.S: remove PROVIDE() keyword

The linker script for the TEE core exports two symbols using the
PROVIDE() keyword. This keyword is not needed; it makes no difference
because when CFG_VIRTUALIZATION=y the symbols are *not* defined
elsewhere, and they *are* used by a C file, so that a normal symbol will
do the same [1]. Therefore, remove the keyword.

[1]: https://sourceware.org/binutils/docs/ld/PROVIDE.html#PROVIDE
"The PROVIDE keyword may be used to define a symbol [...] only if it is
referenced but not defined."

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Volodymyr Babchuk <vlad.babchuk@gmail.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

stm32_i2c: optimized I2C 1 byte memory transfer

Introduce stm32_i2c_read_write_membyte() to operate a single byte
data transfer in memory mode. This function will be used by the
power management seq

stm32_i2c: optimized I2C 1 byte memory transfer

Introduce stm32_i2c_read_write_membyte() to operate a single byte
data transfer in memory mode. This function will be used by the
power management sequence in order to relax pager resident memory
footprint when I2C need to execute in an unpaged context.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

libmbedtls: mbedtls_mpi_exp_mod(): reduce stack usage

68df6eb0f256 ("libmbedtls: mbedtls_mpi_exp_mod(): reduce stack usage")
from branch import/mbedtls-2.16.0

The W variable is 3072 bytes on AArch6

libmbedtls: mbedtls_mpi_exp_mod(): reduce stack usage

68df6eb0f256 ("libmbedtls: mbedtls_mpi_exp_mod(): reduce stack usage")
from branch import/mbedtls-2.16.0

The W variable is 3072 bytes on AArch64 with MBEDTLS_MPI_WINDOW_SIZE set
to 6 for maximum performance. Instead of allocating such a large
variable on the stack use mempool_alloc().

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutee: increase MPI mempool size

Increases MPI mempool size from 8Kb to 12Kb to be compensate for changes
in the (future) commit "libmbedtls: mbedtls_mpi_exp_mod(): reduce stack
usage" where mbedt

libutee: increase MPI mempool size

Increases MPI mempool size from 8Kb to 12Kb to be compensate for changes
in the (future) commit "libmbedtls: mbedtls_mpi_exp_mod(): reduce stack
usage" where mbedtls_mpi_exp_mod() is allocating an additional ~3Kb.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

config.mk: fix CFG_OPTEE_REVISION_MINOR

The current release is 3.5.0, change the revision to match.

Fixes https://github.com/OP-TEE/optee_os/issues/3028

Signed-off-by: Rouven Czerwinski <r.czerwin

config.mk: fix CFG_OPTEE_REVISION_MINOR

The current release is 3.5.0, change the revision to match.

Fixes https://github.com/OP-TEE/optee_os/issues/3028

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>

show more ...

Remove redundant __noreturn from __utee_entry()

As __ta_entry() acts as function entry point, it makes sense to
logically return from this api only via utee_return(). So remove
redundant __noreturn

Remove redundant __noreturn from __utee_entry()

As __ta_entry() acts as function entry point, it makes sense to
logically return from this api only via utee_return(). So remove
redundant __noreturn from __utee_entry().

Fixes: eeb866c431db ("Add TA entry point function: __ta_entry()")
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

stm32mp1: fix stm32_get_gpio_bank_base()

Correct missing return in function stm32_get_gpio_bank_base(). Prior
this change, platform may fail to boot with debug trace:

E/TC:0 0 assertion 'bank <= GP

stm32mp1: fix stm32_get_gpio_bank_base()

Correct missing return in function stm32_get_gpio_bank_base(). Prior
this change, platform may fail to boot with debug trace:

E/TC:0 0 assertion 'bank <= GPIO_BANK_K' failed at core/arch/arm/plat-stm32mp1/main.c:311 <stm32_get_gpio_bank_base>

Fixes: 68c4a16b37c7 ("stm32mp1: use phys_to_virt_io_secure() where expected")

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

stm32mp1: power management for GPIOz

Ensure secure hardening of GPIOz bank pins is restored when resuming
from a low power state where configuration might be lost.

Signed-off-by: Etienne Carriere <

stm32mp1: power management for GPIOz

Ensure secure hardening of GPIOz bank pins is restored when resuming
from a low power state where configuration might be lost.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...