Merge changes from topic "mb/psa-crypto-support" into integration

* changes:
feat(mbedtls-psa): use PSA crypto API during signature verification
feat(mbedtls-psa): use PSA crypto API during hash

Merge changes from topic "mb/psa-crypto-support" into integration

* changes:
feat(mbedtls-psa): use PSA crypto API during signature verification
feat(mbedtls-psa): use PSA crypto API during hash calculation
feat(mbedtls-psa): use PSA crypto API for hash verification
feat(mbedtls-psa): initialise mbedtls psa crypto
feat(mbedtls-psa): register an ad-hoc PSA crypto driver
feat(mbedtls-psa): introduce PSA_CRYPTO build option
docs(changelog): add scope for MbedTLS PSA Crypto

show more ...

refactor(cm): enable S-EL2 globally for all contexts

Currently, S-EL2 is being enabled specifically while we are in
secure context and gets toggled up when we exit secure world.
This behavior is not

refactor(cm): enable S-EL2 globally for all contexts

Currently, S-EL2 is being enabled specifically while we are in
secure context and gets toggled up when we exit secure world.
This behavior is not ideal and needs correction.

Enabling the S-EL2 via SCR_EL3.EEL2 register setting should be
global and this patch addresses it.

Change-Id: If6c39ca258f2fefa835c4b51e0f6b68165fd2e35
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>

show more ...

Merge "fix(cpus): workaround for Cortex-X3 erratum 2070301" into integration

refactor(cm): remove world differentiation for EL2 context restore

The EL2 context save/restore functions have an optimisation to not
bother with the EL2 context when SEL2 is not in use. However, th

refactor(cm): remove world differentiation for EL2 context restore

The EL2 context save/restore functions have an optimisation to not
bother with the EL2 context when SEL2 is not in use. However, this
decision is made on the current value of SCR_EL3.EEL2, which is not
the value for the selected security state, but rather, for the
security state that came before it. This relies on the EEL2 bit's
value to propagate identically to all worlds.

This has an unintended side effect that for the first entry into
secure world, the restoring of the context is fully skipped, because
SCR_EL3 is only initialized after the call to the restoring routine
which means the EEL2 bit is not initialized (except when FEAT_RME
is present). This is inconsistent with normal and realm worlds which
always get their EL2 registers zeroed.

Remove this optimization to remove all the complexity with managing
the EEL2 bit's value. Instead unconditionally save/restore all
registers. It is worth noting that there is no performance penalty
in the case where SEL2 is empty with this change. This is because
SEL2 will never be entered, and as such no secure save/restore will
happen anyway, while normal world remains unchanged.

Removing the value management of the EEL2 bit causes the
CTX_ICC_SRE_EL2 register to be inaccessible in Secure world for some
configurations.
Make the SCR_EL3.NS workaround in cm_prepare_el3_exit_ns() generic
on every access to the register.

Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: I1f56d85814c5897b468e82d4bd4a08e3a90a7f8f

show more ...

fix(cm): make ICC_SRE_EL2 fixup generic to all worlds

For ICC_SRE_EL2.SRE the Arm ARM specifies that "If software changes this
bit from 1 to 0, the results are UNPREDICTABLE". However, the
indiscrim

fix(cm): make ICC_SRE_EL2 fixup generic to all worlds

For ICC_SRE_EL2.SRE the Arm ARM specifies that "If software changes this
bit from 1 to 0, the results are UNPREDICTABLE". However, the
indiscriminate zeroing of the EL2 context does just that for Secure and
Realm worlds. Make this fixup generic to avoid the problem.

Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
Change-Id: Iee21ace17faf10eae52a046e6dfafc5141fa7f85

show more ...

refactor(cm): clean up SCR_EL3 and CPTR_EL3 initialization

As with MDCR_EL3, setting some bits of these registers is redundant at
reset since they do not matter for EL3 execution and the registers g

refactor(cm): clean up SCR_EL3 and CPTR_EL3 initialization

As with MDCR_EL3, setting some bits of these registers is redundant at
reset since they do not matter for EL3 execution and the registers get
context switched so they get overwritten anyway.

The SCR_EL3.{TWE, TWI, SMD, API, APK} bits only affect lower ELs so
their place is in context management. The API and APK bits are a bit
special as they would get implicitly unset for secure world when
CTX_INCLUDE_PAUTH_REGS is unset. This is now explicit with their normal
world values being always set as PAuth defaults to enabled. The same
sequence is also added to realm world too. The reasoning is the same as
for Secure world - PAuth will be enabled for NS, and unless explicitly
handled by firmware, it should not leak to realm.

The CPTR_EL3.{ESM, EZ, TAM} bits are set by the relevant
feat_enable()s in lib/extensions so they can be skipped too.

CPTR_EL3.TFP is special as it's needed for access to generic floating
point registers even when SVE is not present. So keep it but move to
context management.

This leaves CPTR_EL3.TCPAC which affects several extensions. This bit
was set centrally at reset, however the earliest need for it is in BL2.
So set it in cm_setup_context_common(). However, this CPTR_EL3 is only
restored for BL31 which is clearly not the case. So always restore it.

Finally, setting CPTR_EL3 to a fresh RESET_VAL for each security state
prevents any bits from leaking between them.

Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
Change-Id: Ie7095e967bd4a6d6ca6acf314c7086d89fec8900

show more ...

fix(imx8m): map BL32 memory only if SPD_opteed or SPD_trusty is enabled

Always map the BL32 memory can interfere with the BL33 mapping if the
BL33 is not aware of the mapping, e.g. different memory

fix(imx8m): map BL32 memory only if SPD_opteed or SPD_trusty is enabled

Always map the BL32 memory can interfere with the BL33 mapping if the
BL33 is not aware of the mapping, e.g. different memory tagging
secure/non-secure. Therefore map the memory only if BL32 (opteed,
trusty) is enabled and BL33 is aware of this memory mapping.

Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>
Change-Id: I9c2bf78aa6e88c93e749a9248724186fee9df864

show more ...

feat(imx8mn): add workaround for errata ERR050362

Port the workaround from the downstream imx-atf [1]:

| commit 1990081264f40822d1564f4562f05bbbc0c2941b
| Author: Ji Luo <ji.luo@nxp.com>
| Date:

feat(imx8mn): add workaround for errata ERR050362

Port the workaround from the downstream imx-atf [1]:

| commit 1990081264f40822d1564f4562f05bbbc0c2941b
| Author: Ji Luo <ji.luo@nxp.com>
| Date: Thu May 20 16:26:55 2021 +0800
|
| MA-19071 imx8mn: workaround for errata ERR050362
|
| Configure the force_incr programmable bit in GPV_5 of PL301_display,
| which fixes partial write issue. This workaround was done in MCU FW
| before, move it to TF-A now as MCU should not touch secure world.
|
| Change-Id: I2e5bbc764640afeab6ac2f4b202939b59bd3b3f2
| Signed-off-by: Ji Luo <ji.luo@nxp.com>

[1] https://github.com/nxp-imx/imx-atf.git

Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>
Change-Id: Iaff5f1faa143204d64c075b288f8dd13eb2902d8

show more ...

feat(imx8m): enable snvs privileged registers access

Allow non-privileged access to all SNVS registers in case of no TEE is
available.

Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>
Change-I

feat(imx8m): enable snvs privileged registers access

Allow non-privileged access to all SNVS registers in case of no TEE is
available.

Signed-off-by: Marco Felsch <m.felsch@pengutronix.de>
Change-Id: I44686a3639a68c72c7eacc80691c294d5c32c9ae

show more ...

Merge "fix(docs): remove out-dated information about CI review comments" into integration

fix(docs): remove out-dated information about CI review comments

- Fix the name of the user account under which the CI bot posts
review comments.

- The CI has now transitioned to trustedfirmwa

fix(docs): remove out-dated information about CI review comments

- Fix the name of the user account under which the CI bot posts
review comments.

- The CI has now transitioned to trustedfirmware.org so CI results
are publically accessible.

Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: I53dd93e200c9e119b5df6bbaf2644485cde57ce5

show more ...

feat(mbedtls-psa): use PSA crypto API during signature verification

A PSA crypto API is used for signature verification, namely
psa_verify_message, which calculates the signature and verify it
for t

feat(mbedtls-psa): use PSA crypto API during signature verification

A PSA crypto API is used for signature verification, namely
psa_verify_message, which calculates the signature and verify it
for the given signed message.

Note, this functionality is as of now tested for RSA based Key
algorithm, subsequent patches will provide the signature verification
support for all the key algorithms available in TF-A (provided by KEY_ALG
build option).

Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I16214e3cac6a7af445530a6dbd66cfc6ceedcfc6

show more ...

feat(mbedtls-psa): use PSA crypto API during hash calculation

A PSA crypto API is used for hash verification, namely
'psa_hash_compute', which internally calculates hash of the given
data payload.

feat(mbedtls-psa): use PSA crypto API during hash calculation

A PSA crypto API is used for hash verification, namely
'psa_hash_compute', which internally calculates hash of the given
data payload.

Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ic90e43e68b836ee2add4b868663cfca2340c8108

show more ...

feat(mbedtls-psa): use PSA crypto API for hash verification

A PSA crypto API is used for hash verification, namely
psa_hash_verify, which internally calculates and verifies the hash
of the given dat

feat(mbedtls-psa): use PSA crypto API for hash verification

A PSA crypto API is used for hash verification, namely
psa_hash_verify, which internally calculates and verifies the hash
of the given data payload.

Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ib48aa6b74b59aea6036333ff00f6ca566b910e60

show more ...

feat(mbedtls-psa): initialise mbedtls psa crypto

Initialised Mbedtls PSA cryto during Crypto init using
function call 'psa_crypto_init'.

MbedTLS currently requires a Random Number Generator (RNG) o

feat(mbedtls-psa): initialise mbedtls psa crypto

Initialised Mbedtls PSA cryto during Crypto init using
function call 'psa_crypto_init'.

MbedTLS currently requires a Random Number Generator (RNG) once
PSA Crypto support is enabled. However, TF-A itself doesn't engage
in cryptographic operations that demand randomness. Consequently,
we simulate the presence of an external TRNG (through the configuration
option 'MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG) while, in reality, we offer
a dummy implementation of mbedtls_psa_external_get_random() that always
returns an error.

Change-Id: Ife6d03909c0e6081438d2b2519ef500e5dcdb88f
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

feat(mbedtls-psa): register an ad-hoc PSA crypto driver

An ad-hoc MbedTLS PSA crypto driver is registered by compiling
a new driver file, namely mbedtls_psa_crypto.c when PSA_CRYPTO=1.
As of now, th

feat(mbedtls-psa): register an ad-hoc PSA crypto driver

An ad-hoc MbedTLS PSA crypto driver is registered by compiling
a new driver file, namely mbedtls_psa_crypto.c when PSA_CRYPTO=1.
As of now, this file is the same as mbedtls_crypto.c, but subsequent
patches will update crypto functions in this file to trigger
PSA crypto APIs.

Change-Id: I404c347990661d87dcf5d0501d238e36914ec3ee
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

fix(cpus): workaround for Cortex-X3 erratum 2070301

Cortex-X3 erratum 2070301 is a Cat B erratum that applies to all
revisions <= r1p2 and is still open.
The workaround is to write the value 4'b1001

fix(cpus): workaround for Cortex-X3 erratum 2070301

Cortex-X3 erratum 2070301 is a Cat B erratum that applies to all
revisions <= r1p2 and is still open.
The workaround is to write the value 4'b1001 to the PF_MODE bits
in the IMP_CPUECTLR2_EL1 register. This places the data prefetcher
in the most conservative mode instead of disabling it.

SDEN documentation:
https://developer.arm.com/documentation/2055130/latest

Change-Id: I337c4c7bb9221715aaf973a55d0154e1c7555768
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>

show more ...

Merge "feat(build): manage patch version in Makefile" into integration

feat(build): manage patch version in Makefile

Add VERSION_PATCH macro in Makefile. This will help LTS releases.
While at it, handle VERSION_PATCH macro in .versionrc.js script.

Change-Id: Id3ec359f

feat(build): manage patch version in Makefile

Add VERSION_PATCH macro in Makefile. This will help LTS releases.
While at it, handle VERSION_PATCH macro in .versionrc.js script.

Change-Id: Id3ec359f7768a90ba5c67e35d29736a46eb402b5
Signed-off-by: Yann Gautier <yann.gautier@st.com>

show more ...

Merge "fix(versal-net): use correct macro name for uart baudrate" into integration

fix(versal-net): use correct macro name for uart baudrate

Address an issue where incorrect macro name is being used for
setting the UART buad rate. Updated the code to use the
appropriate macro name

fix(versal-net): use correct macro name for uart baudrate

Address an issue where incorrect macro name is being used for
setting the UART buad rate. Updated the code to use the
appropriate macro name, ensuring that baud rate name is proper.

Fixes: 04a483359fef ("feat(xilinx): sync macro names")
Signed-off-by: Prasad Kummari <prasad.kummari@amd.com>
Change-Id: I27dd8b1559beb0cf7b872de037adc95a948ecc2f

show more ...

feat(mbedtls-psa): introduce PSA_CRYPTO build option

This is a preparatory patch to provide MbedTLS PSA Crypto
API support, with below changes -

1. Added a build macro PSA_CRYPTO to enable the Mbed

feat(mbedtls-psa): introduce PSA_CRYPTO build option

This is a preparatory patch to provide MbedTLS PSA Crypto
API support, with below changes -

1. Added a build macro PSA_CRYPTO to enable the MbedTLS PSA
Crypto API support in the subsequent patches.
2. Compile necessary PSA crypto files from MbedTLS source code
when PSA_CRYPTO=1.

Also, marked PSA_CRYPTO as an experimental feature.

Change-Id: I45188f56c5c98b169b2e21e365150b1825c6c450
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

docs(changelog): add scope for MbedTLS PSA Crypto

Added scope for MbedTLS PSA Crypto API implementation.

Change-Id: I0a7c6242841dfb94f6ca5e9174ffd520c5fe00fa
Signed-off-by: Manish V Badarkhe <Manis

docs(changelog): add scope for MbedTLS PSA Crypto

Added scope for MbedTLS PSA Crypto API implementation.

Change-Id: I0a7c6242841dfb94f6ca5e9174ffd520c5fe00fa
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

Merge changes from topic "st_fixes" into integration

* changes:
fix(st): enable RTC clock before accessing nv counter
fix(st-crypto): use GENMASK_32 to define PKA registers masks
fix(st): upda

Merge changes from topic "st_fixes" into integration

* changes:
fix(st): enable RTC clock before accessing nv counter
fix(st-crypto): use GENMASK_32 to define PKA registers masks
fix(st): update comment on encryption key
fix(st): allow crypto lib compilation in aarch64
fix(st-uart): allow 64 bit compilation
fix(st): reduce MMC block_buffer
fix(stm32mp13-fdts): cosmetic fixes in PLL nodes
fix(st): update dt_get_ddr_size() type
fix(nand): reset the SLC NAND
fix(st-crypto): do not read RNG data if it's not ready

show more ...

Merge "feat(mt8188): add DSB before udelay" into integration