optee_os - OpenGrok history log for /optee

Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
116d03ab	04-Nov-2024	Sahil Malhotra <sahil.malhotra@nxp.com>	drivers: caam: cache align Key blob modifier An array was used as Key blob modifier, changed it cache aligned dynamic memory. Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com> Acked-by: Jens W drivers: caam: cache align Key blob modifier An array was used as Key blob modifier, changed it cache aligned dynamic memory. Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... core/drivers/crypto/caam/caam_key.c
132151fb	10-Oct-2024	Etienne Carriere <etienne.carriere@foss.st.com>	plat-stm32mp1: use firewall framework to configure internal RAMs Use firewall API functions in stm32mp1 platform implementation to configure the secure state of internal RAMs. This change is a step plat-stm32mp1: use firewall framework to configure internal RAMs Use firewall API functions in stm32mp1 platform implementation to configure the secure state of internal RAMs. This change is a step in the removal of the shared_resource driver that will be deprecated once the stm32mp1 platform drivers fully move to the firewall framework resources. This change also removes local SCMI_SHM_IS_IN_SRAMX macro (for sake of simplicity) which can be replaced by testing CFG_STM32MP1_SCMI_SHM_BASE!=0 that denotes that the SCMI shared memory is not in an internal RAM in the platform configuration. Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com> Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com> show more ... core/arch/arm/plat-stm32mp1/main.c
f117e429	30-Oct-2024	Etienne Carriere <etienne.carriere@foss.st.com>	drivers: firewall: stm32_etzpc: add memory configuration firewall API Implement the .set_memory_conf() firewall ops that allows to reconfigure memory regions managed by the platform ETZPC firewall c drivers: firewall: stm32_etzpc: add memory configuration firewall API Implement the .set_memory_conf() firewall ops that allows to reconfigure memory regions managed by the platform ETZPC firewall controller. Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com> Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com> show more ... core/drivers/firewall/stm32_etzpc.c
b114c4af	30-Oct-2024	Etienne Carriere <etienne.carriere@foss.st.com>	plat-stm32mp1: define STM32MP13 SRAMs and STM32MP15 RETRAM Define some platform internal RAMs base address and sizes for STM32MP13 and STM32MP15 SoCs. Signed-off-by: Etienne Carriere <etienne.carri plat-stm32mp1: define STM32MP13 SRAMs and STM32MP15 RETRAM Define some platform internal RAMs base address and sizes for STM32MP13 and STM32MP15 SoCs. Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com> Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com> show more ... core/arch/arm/plat-stm32mp1/platform_config.h
d6b3f5f4	13-Jun-2024	Gatien Chevallier <gatien.chevallier@foss.st.com>	core: firewall: add memory range firewall controller ops Add a firewall driver operation handle and a firewall framework API function to configure memory access rights, base on physical address rang core: firewall: add memory range firewall controller ops Add a firewall driver operation handle and a firewall framework API function to configure memory access rights, base on physical address range arguments. Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com> Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com> show more ... core/drivers/firewall/firewall.c core/include/drivers/firewall.h core/include/drivers/firewall_device.h
bea4f8d3	10-Oct-2024	Etienne Carriere <etienne.carriere@foss.st.com>	drivers: firewall: stm32_etzpc: allow valid locked configuration Change stm32_etzpc driver to not trigger an error when the requested firewall configuration matches an already configured and locked drivers: firewall: stm32_etzpc: allow valid locked configuration Change stm32_etzpc driver to not trigger an error when the requested firewall configuration matches an already configured and locked configuration. Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com> Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com> show more ... core/drivers/firewall/stm32_etzpc.c
f74d3fff	10-Oct-2024	Etienne Carriere <etienne.carriere@foss.st.com>	drivers: firewall: stm32_etzpc: pager SRAMs must be secure STM32MP15 SRAMs used by pager can only be configured as secure access only. Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> drivers: firewall: stm32_etzpc: pager SRAMs must be secure STM32MP15 SRAMs used by pager can only be configured as secure access only. Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com> Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com> show more ... core/drivers/firewall/stm32_etzpc.c
beedc460	10-Oct-2024	Etienne Carriere <etienne.carriere@foss.st.com>	drivers: remoteproc: stm32_remoteproc: Don't use SRAMs used by pager Forbid stm32_remoteproc driver to use SRAMx that are used by OP-TEE pager. Signed-off-by: Etienne Carriere <etienne.carriere@fos drivers: remoteproc: stm32_remoteproc: Don't use SRAMs used by pager Forbid stm32_remoteproc driver to use SRAMx that are used by OP-TEE pager. Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com> Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com> show more ... core/drivers/remoteproc/stm32_remoteproc.c
a0cac862	10-Oct-2024	Etienne Carriere <etienne.carriere@foss.st.com>	plat-stm32mp1: add stm32mp1_ram_intersect_pager_ram() Add stm32mp1_ram_intersect_pager_ram() helper function to ease checking when a memory range falls into OP-TEE pager pool. This will be needed la plat-stm32mp1: add stm32mp1_ram_intersect_pager_ram() Add stm32mp1_ram_intersect_pager_ram() helper function to ease checking when a memory range falls into OP-TEE pager pool. This will be needed later to ensure memory used by OP-TEE pager is not re-assigned to another purpose. This change only consider STM32MP15 variant where OP-TEE pager can be used in internal RAMs. Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com> Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com> show more ... core/arch/arm/plat-stm32mp1/main.c core/arch/arm/plat-stm32mp1/stm32_util.h
2714147b	10-Oct-2024	Etienne Carriere <etienne.carriere@foss.st.com>	plat-stm32mp1: add stm32mp1_pa_or_sram_alias_pa() Add stm32mp1_pa_or_sram_alias_pa() helper function to ease handling SRAMx physical addresses that have aliases on STM32MP15 SoC. Signed-off-by: Eti plat-stm32mp1: add stm32mp1_pa_or_sram_alias_pa() Add stm32mp1_pa_or_sram_alias_pa() helper function to ease handling SRAMx physical addresses that have aliases on STM32MP15 SoC. Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com> Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com> show more ... core/arch/arm/plat-stm32mp1/main.c core/arch/arm/plat-stm32mp1/platform_config.h core/arch/arm/plat-stm32mp1/stm32_util.h
1bbb4042	30-Oct-2024	Etienne Carriere <etienne.carriere@foss.st.com>	drivers: firewall: stm32_etzpc: fix DECPROT values Correct sanitize_decprot_config() implementation: label values to enumerated type etzpc_decprot_attributes are prefixed ETZPC_. Fixes: 9c22da4b29d drivers: firewall: stm32_etzpc: fix DECPROT values Correct sanitize_decprot_config() implementation: label values to enumerated type etzpc_decprot_attributes are prefixed ETZPC_. Fixes: 9c22da4b29de ("firewall: stm32_etzpc: check consistency of RCC vs DECPROT secure config") Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com> Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com> show more ... core/drivers/firewall/stm32_etzpc.c
41f3fcbb	12-Nov-2024	Etienne Carriere <etienne.carriere@foss.st.com>	drivers: firewall: stm32_etzpc: print DECPROT values as strings Print ETZPC attribute strings instead of numerical value in trace messages. Signed-off-by: Etienne Carriere <etienne.carriere@foss.st drivers: firewall: stm32_etzpc: print DECPROT values as strings Print ETZPC attribute strings instead of numerical value in trace messages. Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com> Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com> show more ... core/drivers/firewall/stm32_etzpc.c
d735136f	31-Oct-2024	Etienne Carriere <etienne.carriere@foss.st.com>	drivers: firewall: stm32_etzpc: explicit index in DECPROT string names Explicit the indices assigned to DECPROT helper string names. Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> R drivers: firewall: stm32_etzpc: explicit index in DECPROT string names Explicit the indices assigned to DECPROT helper string names. Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com> Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com> show more ... core/drivers/firewall/stm32_etzpc.c
36179ff1	31-May-2024	Sahil Malhotra <sahil.malhotra@nxp.com>	drivers: caam: check only format bit in operation operation variable has been updated after entering the function so we cannot check against full RSA operations. Updated to check only format bit in drivers: caam: check only format bit in operation operation variable has been updated after entering the function so we cannot check against full RSA operations. Updated to check only format bit in operation Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... core/drivers/crypto/caam/acipher/caam_rsa.c core/drivers/crypto/caam/include/caam_desc_defines.h
cf865357	04-Nov-2024	Sahil Malhotra <sahil.malhotra@nxp.com>	drivers: caam: fix CFG_CORE_BIGNUM_MAX_BITS CFG_CORE_BIGNUM_MAX_BITS should be 4576 4096 (RSA Max key size) + 8 * 60 (Header serialization and Black blob overhead in bytes) Signed-off-by: Sahil Mal drivers: caam: fix CFG_CORE_BIGNUM_MAX_BITS CFG_CORE_BIGNUM_MAX_BITS should be 4576 4096 (RSA Max key size) + 8 * 60 (Header serialization and Black blob overhead in bytes) Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... core/drivers/crypto/caam/crypto.mk
f0489baa	04-Nov-2024	Sungbae Yoo <sungbaey@nvidia.com>	core: change get_core_pos_mpidr() to support hypervisor The secure hypervisor, such as Hafnium, is expected to manipulate MPIDR_EL1 to indicate a VCPU ID. This commit makes get_core_pos_mpidr() not core: change get_core_pos_mpidr() to support hypervisor The secure hypervisor, such as Hafnium, is expected to manipulate MPIDR_EL1 to indicate a VCPU ID. This commit makes get_core_pos_mpidr() not calculate a CPU ID using the affinity bitfields of MPIDR_EL1 when there is a hypervisor in SEL2. Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Acked-by: Etienne Carriere <etienne.carriere@foss.st.com> Signed-off-by: Sungbae Yoo <sungbaey@nvidia.com> show more ... core/arch/arm/include/arm.h core/arch/arm/kernel/misc_a64.S
dd7b51e5	06-Nov-2024	Jorge Ramirez-Ortiz <jorge@foundries.io>	crypto: se05x: improve object deletion logs For SE05x, only private keys are stored in the secure element: the OP-TEE secure storage REE/RPMB retains the full public key but just a handle to the pri crypto: se05x: improve object deletion logs For SE05x, only private keys are stored in the secure element: the OP-TEE secure storage REE/RPMB retains the full public key but just a handle to the private key. If the secure element's persistent storage is erased, but OP-TEE's secure storage remains, the public key can still be accessed while the private key is inaccessible. However, in such cases, the 'key' will still appear as present in the PKCS#11 database. When CFG_CORE_SE05X_BLOCK_OBJ_DEL_ON_ERROR is enabled (not by default) and the key pointed to by the handle is not present in the secure element, OP-TEE PKCS#11 clients will encounter an error when attempting to delete the private key information held in the OP-TEE secure storage. If the setting is disabled, the PKCS#11 storage clears the private key handle without errors. This commit removes some ambiguity, so users do not see error messages when operations complete successfully. It also fails on sss_se05x_key_object_init errors unconditionally since a failure on this function can only signify some form of stack corruption. Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... core/drivers/crypto/se050/core/storage.c
d0c71719	23-Oct-2024	Etienne Carriere <etienne.carriere@foss.st.com>	plat-stm32mp1: shared_resource stops checking clock dependencies Remove management of STM32MP15 secure clock support from the platform specific share_resource.c driver. It is not needed STM32 ETZPC plat-stm32mp1: shared_resource stops checking clock dependencies Remove management of STM32MP15 secure clock support from the platform specific share_resource.c driver. It is not needed STM32 ETZPC and RCC platform drivers now checks these dependencies. Therefore the change removes stm32mp_register_clock_parents_secure() and its related and ensures stm32mp_register_[non_]secure_xxx() (from shared_resource.c driver) is not used for a clock (here PLL3). Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com> show more ... core/arch/arm/plat-stm32mp1/shared_resources.c core/arch/arm/plat-stm32mp1/stm32_util.h core/drivers/clk/clk-stm32mp15.c
f0440c1f	30-Oct-2024	Etienne Carriere <etienne.carriere@foss.st.com>	drivers: clk: stm32mp15: default disable mckprot hardening Default disable RCC MCKPROT hardening configuration for STM32MP15 platforms since remoteproc driver enables it when required. Remove disab drivers: clk: stm32mp15: default disable mckprot hardening Default disable RCC MCKPROT hardening configuration for STM32MP15 platforms since remoteproc driver enables it when required. Remove disabling of RCC MCKPROT from STM32MP15 shared_resource driver since this is now done from the STM32MP15 clock driver. Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com> show more ... core/arch/arm/plat-stm32mp1/shared_resources.c core/drivers/clk/clk-stm32mp15.c
0cc468d1	22-Oct-2024	Etienne Carriere <etienne.carriere@foss.st.com>	drivers: remoteproc: stm32mp15: check Cortex-M isolation Set Cortex-M RCC isolation (MCKPROT) configuration when STM32MP15 remote processor secure loading is embedded in the platform. Signed-off-by drivers: remoteproc: stm32mp15: check Cortex-M isolation Set Cortex-M RCC isolation (MCKPROT) configuration when STM32MP15 remote processor secure loading is embedded in the platform. Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com> show more ... core/drivers/remoteproc/stm32_remoteproc.c
9c22da4b	22-Oct-2024	Etienne Carriere <etienne.carriere@foss.st.com>	firewall: stm32_etzpc: check consistency of RCC vs DECPROT secure config Ensures that when an ETZPC DECPROT configuration is secure (resp. MCU isolated) that SoC RCC is also secure (resp. MCKPROT is firewall: stm32_etzpc: check consistency of RCC vs DECPROT secure config Ensures that when an ETZPC DECPROT configuration is secure (resp. MCU isolated) that SoC RCC is also secure (resp. MCKPROT isolated). This change helps to remove dependency on shared_resource.c driver that is no longer needed since integration of the firewall framework. By the way, fix include files order. Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com> show more ... core/drivers/firewall/stm32_etzpc.c
51203030	04-Oct-2024	Etienne Carriere <etienne.carriere@foss.st.com>	plat-ls: use fdt_reg_info() Use fdt_reg_info() instead of fdt_reg_base_address() and fdt_reg_size() to optimize look up in the DT due to finding parent node. Signed-off-by: Etienne Carriere <etienn plat-ls: use fdt_reg_info() Use fdt_reg_info() instead of fdt_reg_base_address() and fdt_reg_size() to optimize look up in the DT due to finding parent node. Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... core/arch/arm/plat-ls/main.c
6a0116ed	04-Oct-2024	Etienne Carriere <etienne.carriere@foss.st.com>	drivers: use fdt_reg_info() Use fdt_reg_info() instead of fdt_reg_base_address() and fdt_reg_size() to optimize look up in the DT due to finding parent node. Signed-off-by: Etienne Carriere <etienn drivers: use fdt_reg_info() Use fdt_reg_info() instead of fdt_reg_base_address() and fdt_reg_size() to optimize look up in the DT due to finding parent node. Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... core/drivers/cbmem_console.c core/drivers/crypto/caam/hal/common/hal_cfg_dt.c core/drivers/crypto/stm32/stm32_saes.c core/drivers/firewall/stm32_rifsc.c core/drivers/firewall/stm32_risaf.c core/drivers/nvmem/nvmem.c core/drivers/regulator/stm32_vrefbuf.c core/drivers/remoteproc/stm32_remoteproc.c core/drivers/stm32_bsec.c core/drivers/stm32_gpio.c
32360649	04-Oct-2024	Etienne Carriere <etienne.carriere@foss.st.com>	core: mm: use fdt_reg_info() Use fdt_reg_info() instead of fdt_reg_base_address() and fdt_reg_size() to optimize look up in the DT due to finding parent node. Signed-off-by: Etienne Carriere <etien core: mm: use fdt_reg_info() Use fdt_reg_info() instead of fdt_reg_base_address() and fdt_reg_size() to optimize look up in the DT due to finding parent node. Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... core/mm/core_mmu.c
de56c16d	04-Oct-2024	Etienne Carriere <etienne.carriere@foss.st.com>	core: kernel: dt: add and use fdt_reg_info() Implement fdt_reg_info() instead of fdt_reg_base_address() and fdt_reg_size() to optimize look up in the DT due to finding parent node. Signed-off-by: E core: kernel: dt: add and use fdt_reg_info() Implement fdt_reg_info() instead of fdt_reg_base_address() and fdt_reg_size() to optimize look up in the DT due to finding parent node. Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org> show more ... core/include/kernel/dt.h core/kernel/dt.c
1...<<31 32 33 34 35 363738 39 40 >>...341