pta: veraison_attestation: integrate Veraison remote attestation PTA

Copy remote attestation PTA functionality from the repository:
https://github.com/iisec-suzaki/optee-ra (commit: 80ca8ef), and ma

pta: veraison_attestation: integrate Veraison remote attestation PTA

Copy remote attestation PTA functionality from the repository:
https://github.com/iisec-suzaki/optee-ra (commit: 80ca8ef), and make
the following adjustments for integration:

- Add build configuration for remote attestation PTA by introducing
the CFG_VERAISON_ATTESTATION_PTA option to align with the new naming
convention.
- Replace the custom base64 implementation with the base64 library
added in PR OP-TEE#7007.
- Update QCBOR integration by removing custom QCBOR files and using
the standard library, adjusting paths as necessary.
- Apply region validation improvements introduced in PR OP-TEE#6195.
- Update API calls in sign.c to align with libmbedtls changes from
PR OP-TEE#6151.
- Calculate the required buffer size at runtime to minimize memory
allocation.
- Refactor code to improve readability and maintainability.
- Add SPDX license identifier (BSD-2-Clause) and copyright notice.

Signed-off-by: Yuichi Sugiyama <yuichis@ricsec.co.jp>
Reviewed-by: Thomas Fossati <thomas.fossati@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: lib: qcbor: add build configuration for QCBOR library

Add the necessary build configuration for integrating the QCBOR
library. Update to core.mk ensure that the library is included
when CFG_QC

core: lib: qcbor: add build configuration for QCBOR library

Add the necessary build configuration for integrating the QCBOR
library. Update to core.mk ensure that the library is included
when CFG_QCBOR is enabled. A sub.mk file is also added to define
the source files and global include directories for QCBOR.

Signed-off-by: Yuichi Sugiyama <yuichis@ricsec.co.jp>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: lib: qcbor: add SPDX license identifiers to QCBOR files

Add SPDX license identifiers to QCBOR files as per
BSD-3-Clause licensing requirements, ensuring clear license
information across both h

core: lib: qcbor: add SPDX license identifiers to QCBOR files

Add SPDX license identifiers to QCBOR files as per
BSD-3-Clause licensing requirements, ensuring clear license
information across both header and source files.

Signed-off-by: Yuichi Sugiyama <yuichis@ricsec.co.jp>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: import QCBOR library

Import QCBOR v1.4.1 from https://github.com/laurencelundblade/QCBOR
Commit 4487f10e1bf258434fb8a39e4f59c29e31910ad0 (tag v1.4.1)

Certain files will never be needed and ar

core: import QCBOR library

Import QCBOR v1.4.1 from https://github.com/laurencelundblade/QCBOR
Commit 4487f10e1bf258434fb8a39e4f59c29e31910ad0 (tag v1.4.1)

Certain files will never be needed and are thus removed (reducing number
of lines to almost 60%):
rm -f CMakeLists.txt Makefile SECURITY.md
rm -f .gitignore
rm -f cmd_line_main.c example.c example.h ub-example.c ub-example.h
rm -rf QCBOR.xcodeproj doc doxygen test
rm -rf .git .github

Signed-off-by: Yuichi Sugiyama <yuichis@ricsec.co.jp>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

libutee: fix TEE_MemMove()'s return type

In all the published versions of the TEE Internal API Specification,
the return type of TEE_MemMove() has always been void, not void *.

Fixes: b01047730e77

libutee: fix TEE_MemMove()'s return type

In all the published versions of the TEE Internal API Specification,
the return type of TEE_MemMove() has always been void, not void *.

Fixes: b01047730e77 ("Open-source the TEE Core")
Signed-off-by: Vincent Mailhol <mailhol.vincent@wanadoo.fr>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: regulator: change tree trace level

Change regulator trace level of print tree so that
it can bee seen when it is requested by
xtest --stats --regulators.

Signed-off-by: Pascal Paillet <p.p

drivers: regulator: change tree trace level

Change regulator trace level of print tree so that
it can bee seen when it is requested by
xtest --stats --regulators.

Signed-off-by: Pascal Paillet <p.paillet@foss.st.com>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: clk: change tree trace level

Change clock trace level of print tree so that
it can bee seen when it is requested by
xtest --stats --clocks.

Signed-off-by: Pascal Paillet <p.paillet@foss.st

drivers: clk: change tree trace level

Change clock trace level of print tree so that
it can bee seen when it is requested by
xtest --stats --clocks.

Signed-off-by: Pascal Paillet <p.paillet@foss.st.com>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: stm32: fix stm32mp257f-ev1 clock tree configuration

Fix some mux and flexgen configurations for the stm32mp257f-ev1 board.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Revi

dts: stm32: fix stm32mp257f-ev1 clock tree configuration

Fix some mux and flexgen configurations for the stm32mp257f-ev1 board.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Fixes: 9223d8a0fc1d ("dts: st: add RCC support on stm32mp257f-ev1")

show more ...

dts: stm32: support some RIF-aware peripherals

Update the RIF configuration of the stm32mp257f-ev1 board so to support
the configuration of HPDMA1/2/3, IPCC1/2 and HSEM peripherals.
While there, upd

dts: stm32: support some RIF-aware peripherals

Update the RIF configuration of the stm32mp257f-ev1 board so to support
the configuration of HPDMA1/2/3, IPCC1/2 and HSEM peripherals.
While there, update other parts of the RIF configuration.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: stm32: update some RIF-aware peripherals nodes in stm32mp251

Add clock, interrupt and reset properties for HPDMA1/2/3, IPCC1/2,
FMC and HSEM.

Signed-off-by: Gatien Chevallier <gatien.chevallie

dts: stm32: update some RIF-aware peripherals nodes in stm32mp251

Add clock, interrupt and reset properties for HPDMA1/2/3, IPCC1/2,
FMC and HSEM.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_gpio: update and fix RIF configuration handling

The conditions to acquire or release RIF semaphores when applying
the CID filtering configuration were incorrect. Add
handle_available_

drivers: stm32_gpio: update and fix RIF configuration handling

The conditions to acquire or release RIF semaphores when applying
the CID filtering configuration were incorrect. Add
handle_available_semaphores() to handle correctly the RIF semaphores.
Also remove FMC_NB_MAX_CID_SUPPORTED and use generic MAX_CID_SUPPORTED.

Also add a dummy apply_rif_config() when CFG_STM32_RIF is not defined.

Fix unfreed banks when they are removed from the bank list.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Fixes: bd03c8c3d70f ("drivers: stm32_gpio: add stm32mp25x support")

show more ...

drivers: stm32_hsem: fix HSEM group CID filtering configuration

Move the check on HSEM group CID filtering configuration consistency
before the continuing if the CID filtering is disabled for the fi

drivers: stm32_hsem: fix HSEM group CID filtering configuration

Move the check on HSEM group CID filtering configuration consistency
before the continuing if the CID filtering is disabled for the first
semaphore of the group.

The HSEM group CID filtering was also broken as it didn't allow more
than one CID to access a semaphore group. Fix this by using the semaphore
bit-field in the RIFPROT macro to determine what are the processors that
should be authorized to take the semaphores.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Fixes: ec9aa1a4114f ("drivers: add RIF support driver for HSEM")

show more ...

drivers: stm32_hsem: fix unfreed memory

Free hsem_d if parse_dt() fails.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com

drivers: stm32_hsem: fix unfreed memory

Free hsem_d if parse_dt() fails.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Fixes: ec9aa1a4114f ("drivers: add RIF support driver for HSEM")

show more ...

drivers: stm32_ipcc: update and fix RIF configuration

Rework the RIF configuration application to apply privilege
and secure level configuration only when CID filtering permits it.
Also remove unuse

drivers: stm32_ipcc: update and fix RIF configuration

Rework the RIF configuration application to apply privilege
and secure level configuration only when CID filtering permits it.
Also remove unused IPCC_NB_MAX_CID_SUPPORTED and put the tdcid state
in the ipcc_pdata to simplify the driver.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Fixes: e26b8e0f3e4c ("drivers: add IPCC driver and its RIF support")

show more ...

drivers: stm32_ipcc: do not make RIF configuration mandatory

It should not be mandatory to apply a RIF configuration for an IPCC.
Remove this constraint by allocating a RIF configuration structure o

drivers: stm32_ipcc: do not make RIF configuration mandatory

It should not be mandatory to apply a RIF configuration for an IPCC.
Remove this constraint by allocating a RIF configuration structure only
when the "st,protreg" property is present in the device tree to be
able to check if it has been allocated later.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_fmc: fix check_fmc_rif_conf() and its use

Fix check_fmc_rif_conf() so that it correctly returns with success upon
controller 0 being secure. Fix the assert by inverting the logic.

Si

drivers: stm32_fmc: fix check_fmc_rif_conf() and its use

Fix check_fmc_rif_conf() so that it correctly returns with success upon
controller 0 being secure. Fix the assert by inverting the logic.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Fixes: 778a36bf91d2 ("drivers: add FMC driver with RIF support")

show more ...

drivers: stm32_fmc: use PM_HINT_IS_STATE macro in pm callbacks

Use dedicated PM_HINT_IS_STATE macro in pm callbacks to determine
the targeted pm state.

Signed-off-by: Gatien Chevallier <gatien.chev

drivers: stm32_fmc: use PM_HINT_IS_STATE macro in pm callbacks

Use dedicated PM_HINT_IS_STATE macro in pm callbacks to determine
the targeted pm state.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_fmc: update and fix CID filtering configuration

The conditions to acquire or release RIF semaphores when applying
the CID filtering configuration were incorrect. Add
handle_available_

drivers: stm32_fmc: update and fix CID filtering configuration

The conditions to acquire or release RIF semaphores when applying
the CID filtering configuration were incorrect. Add
handle_available_semaphores() to handle correctly the RIF semaphores.
Also remove FMC_NB_MAX_CID_SUPPORTED and use generic MAX_CID_SUPPORTED.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Fixes: 778a36bf91d2 ("drivers: add FMC driver with RIF support")

show more ...

drivers: stm32_fmc: do not make RIF configuration mandatory

It should not be mandatory to apply a RIF configuration for a FMC.
Remove this constraint by allocating a RIF configuration structure only

drivers: stm32_fmc: do not make RIF configuration mandatory

It should not be mandatory to apply a RIF configuration for a FMC.
Remove this constraint by allocating a RIF configuration structure only
when the "st,protreg" property is present in the device tree to be
able to check if it has been allocated later.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_hpdma: update and fix CID filtering configuration

The conditions to acquire or release RIF semaphores when applying
the CID filtering configuration were incorrect. Add
handle_availabl

drivers: stm32_hpdma: update and fix CID filtering configuration

The conditions to acquire or release RIF semaphores when applying
the CID filtering configuration were incorrect. Add
handle_available_semaphores() to handle correctly the RIF semaphores.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Fixes: 0cf1cd13ceb6 ("drivers: add HPDMA driver with RIF support")

show more ...

drivers: stm32_hpdma: do not make RIF configuration mandatory

It should not be mandatory to apply a RIF configuration for a HPDMA.
Remove this constraint by allocating a RIF configuration structure

drivers: stm32_hpdma: do not make RIF configuration mandatory

It should not be mandatory to apply a RIF configuration for a HPDMA.
Remove this constraint by allocating a RIF configuration structure only
when the "st,protreg" property is present in the device tree to be
able to check if it has been allocated later.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_rif: update and fix RIF configuration parsing

Fix the parsing of the RIF configuration by using device tree bindings,
when necessary. Generalize RIF bit fields and use them when deali

drivers: stm32_rif: update and fix RIF configuration parsing

Fix the parsing of the RIF configuration by using device tree bindings,
when necessary. Generalize RIF bit fields and use them when dealing
with generic RIF functions. Update drivers that use stm32_rif_parse_cfg()
accordingly.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Fixes: 1506f47af917 ("drivers: firewall: add stm32_rif driver for common RIF features")

show more ...

core: thread: clarify thread_rpc_alloc_*_payload() inline description

The thread_rpc_alloc_*_payload APIs are consistent with the thread_shm_type
enumerations, as seen in the alloc_shm function. How

core: thread: clarify thread_rpc_alloc_*_payload() inline description

The thread_rpc_alloc_*_payload APIs are consistent with the thread_shm_type
enumerations, as seen in the alloc_shm function. However, the name and
comments of thread_rpc_alloc_payload might be misleading, suggesting it is
a universal API. To maintain backward compatibility, only the code comments
have been updated for clarity.

Signed-off-by: Yitong Cheng <santongding@foxmail.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ci: qemuv8: add configurations with CFG_ULIBS_SHARED=y

Add configurations to the QEMUv8 job to test shared library support with
GCC as well as Clang. Shared libraries are somewhat already tested by

ci: qemuv8: add configurations with CFG_ULIBS_SHARED=y

Add configurations to the QEMUv8 job to test shared library support with
GCC as well as Clang. Shared libraries are somewhat already tested by
xtest 1022 which performs dlopen()/dlsym() on a custom library, but
CFG_ULIBS_SHARED=y will thoroughly test the loading and symbol resolution
at TA load time.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

sign_encrypt.py: fix typo in stitch usage message

Fix typo in stitch usage message.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jerome Forissier <jerome.forissier@li

sign_encrypt.py: fix typo in stitch usage message

Fix typo in stitch usage message.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...