| Age | Commit message (Collapse) | Author |
|---|
|
Move ::probe field from struct dt_driver_setup to struct dt_driver
and remove struct dt_driver_setup.
Acked-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Clément Léger <clement.leger@bootlin.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Implement dt_driver_device_from_node_idx_prop() for
clk_dt_get_by_idx_prop() to get target reference instance.
Move/rename clk_dt_get_from_provider() to
dt_driver_device_from_provider_prop()
Acked-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Clément Léger <clement.leger@bootlin.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Move rename clk_get_provider_by_{node|phandle}() to
dt_driver_get_provider_by_*().
Acked-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Clément Léger <clement.leger@bootlin.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Move/rename fdt_clock_cells() to fdt_get_dt_driver_cells().
and clk_dt_register_clk_provider() to dt_driver_register_provider().
Add helper function dt_driver_provider_cells() to get ::provider_cells
from a registered provider reference.
Acked-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Clément Léger <clement.leger@bootlin.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Move struct clk_dt_phandle_args and struct clk_dt_provider from clk_dt.h
to dt_driver.h and rename them to struct dt_driver_phandle_args and
struct dt_driver_provider.
Introduce type get_of_device_func for callback functions used to
retrieve a device instance reference from a DT phandle possible with
arguments.
Acked-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Clément Léger <clement.leger@bootlin.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Use the register map size from the dt_node_info structure
to call the phys_to_virt() function.
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Use the register map size from the dt_node_info structure
to call the phys_to_virt() function.
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Use directly the register map size from the dt_node_info
structure to call the io_pa_or_va() function.
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Add the register size read from device tree in the dt_node_info
structure. It may be used to map the IO registers with the
correct address range.
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Size is read from the reg device tree property as an unsigned value
coming from fdt32_to_cpu().
Use a size_t with associated error code DT_INFO_INVALID_REG_SIZE as
return in prototype. Update the current users according to this change.
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Enable the RPMB key when the HUK is generated from the PUF KEK.
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Tested-by: Ricardo Salveti <ricardo@foundries.io>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
If authenticated boot was disabled we allow generating the HUK using
the SHA-256 of the DNA unique identifier.
If authenticated boot was enabled, use the PUK KEK to generate the
HUK instead. The PUF KEK must be registered while securing the board
using the Xilinx tools. In this case, the HUK is generated by reading
the DNA eFuses. This 96 bits value is used to generate a 16 byte
digest which is then AES-GCM encrypted using the PUF KEK. The
resulting 16 byte value is the HUK. To prevent the HUK from being
leaked, the AES-GCM module must be reserved.
The HUK generation was validated on Zynqmp zu3cg using the Xilinx
Lightweight Provisioning Tool to enable authenticated boot and to
provision the PUF (burning a number of eFuses in the process).
Tested-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Tested-by: Ricardo Salveti <ricardo@foundries.io>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
These routines call TF-A exported SiP services that implement IPI
protocol for communication with PMUFW (Platform Management Unit).
To access eFuses, PMUFW should be built with -DENABLE_EFUSE_ACCESS=1.
Notice however that certain eFuses will not be available unless the
Xilskey library linked to the PMUFW is compiled removing some of those
security restrictions.
Signed-off-by: Igor Opaniuk <igor.opaniuk@foundries.io>
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Provide a mechanism to encrypt a red key using the KEK; the KEK is
only available on secured boards after the RSA_EN and PPK eFUSES have
been burnt (the system will only boot ROM authenticated bootloaders
from here on).
The main use case for OP-TEE would be to encode the zynqmp per device
unique identifier (DNA0, DNA1, DNA2 eFUSEs - ie, a red key) using the
KEK. The encryption key generated this way is cryptographically strong
and will be used as the device HUK (ie, black key).
Test code:
csu_aes_encrypt_data(src, dst, BLOB_DATA_SIZE, tag, GCM_TAG_SIZE,
iv, GCM_IV_SIZE, CSU_AES_KEY_SRC_DEV);
csu_aes_decrypt_data(dst, src, BLOB_DATA_SIZE, tag, GCM_TAG_SIZE,
iv, GCM_IV_SIZE, CSU_AES_KEY_SRC_DEV);
if (memcmp(src, buffer, BLOB_DATA_SIZE)) {
EMSG(" - encrypt/decrypt test failed");
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
This module provides a mechanism to transfer data between memory and
peripherals. The data path is selected in the Secure Stream Switch
register in the CSU.
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
This block is used to generate black keys via the AES-GCM module.
The PUF KEK - feeding the AES-GCM block - is also unique for each
device.
The KEK is only available once the board has been secured via
programmable eFUSES (RSA_EN authentication via the PPK fuses).
Registering the PUF should be done using the Xilinx tools so the
adequate eFUSES are written.
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
CSU registers and offsets for submodules
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
The CSU memory block that will be mapped from different drivers (ie,
PUF, AES-GCM, SHA..)
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Explicitily define the cache line length
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Add the base address definitions for the CSU and the CSUDMA modules
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Add Message Unit driver. This driver is needed to communicate with the
security controller.
Signed-off-by: Remi Koman <remi.koman@nxp.com>
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
FFA_PARTITION_INFO is used to query all the Secure Partitions loaded in
the system.
Signed-off-by: Jelle Sels <jelle.sels@arm.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Propagate out size for socket recv event when it's larger than the
supplied in size. Also enable passing a NULL buffer while querying the
size of the buffer.
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
With short-descriptor table mappings, that is without LPAE, the user va
range is defined at the lowest addresses. Depending on the seed supplied
this could conflict with chosen base address for core mappings. Add a
check early in assign_mem_va() to avoid such conflicts.
Without this patch there's a risk of occasional panics like:
E/TC:0 0 Panic 'issue in linear address space' at core/arch/arm/mm/core_mmu.c:2147 <check_pa_matches_va>
E/TC:0 0 TEE load address @ 0xa34000
E/TC:0 0 Call stack:
E/TC:0 0 0x00a3a901
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Register DDR based on the DRAM base and size definitions from
platform_config.h for supporting dynamic shared memory usage.
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Ricardo Salveti <ricardo@foundries.io>
|
|
To comply with the PKCS#11 convention for functions returning output
in a variable-length buffer, prefer to check the required size of the
output buffer before the existence of the output buffer itself.
This will save callers from having to allocate a buffer that might not
be used.
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Cedric Neveux <cedric.neveux@nxp.com>
|
|
Rename clock core and fixed_clk setup functions to probe functions and
update in-line description as per handler description in the framework.
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Rename type clk_dt_get_fn to clk_dt_get_func for consistency in OP-TEE
OS implementation where all other function prototype type definitions
use _func as suffix.
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Adds a missing buffer size check in pta_elog_load_nitro_fw(). This
prevents writing beyond the memory range reserved for the nitro
firmware.
Fixes: e605fbdfd7a0 ("pta: bcm: Add PTA to handle Broadcom error logs")
Acked-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Add clock API function clk_is_enabled(). It is not very useful at
runtime since clock state can change at any time. The API function
is useful during specific system sequences where OP-TEE core knows
is executes atomically (primary core boot, low power sequences).
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
|
|
Add a platform data reference field in struct dt_device_match so
that a driver knows data related to the compatible it is probed for.
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Since at91bootstrap load u-boot without device-tree, the only way to pass
information to U-Boot is to use a DTB overlay. This overlay is then
merged by U-Boot into the Linux dtb.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>
|
|
This define was used in an older version but not anymore.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>
|
|
sama5d2_xplained is used in various software (U-Boot, Linux, etc). Allow
using it and deprecate sama5d2xult.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>
|
|
sama5d2 xplained board is going to be deprecated. Switch to a board
that is going to be supported for a longer period, sama5d27_som1_ek.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>
|
|
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>
|
|
Since this board is newer and is going to be supported for a longer
period than the sama5d2_xplained.
Acked-by: Nicolas Ferre <nicolas.ferre@microchip.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>
|
|
Import device-tree from linux for sama5d2 and relicense them with dual
GPL/BSD 3-Clause
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Nicolas Ferre <nicolas.ferre@microchip.com>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>
|
|
fixed-clock are a really common clock types used in device tree and
when there is a clock hierarchy, they are needed to query the clock
rate. This driver is build by default when CFG_DRIVERS_CLK_DT is
enabled.
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>
|
|
When using a devicetree, it is often useful to have clocks parsing.
This support adds clocks properties parsing and allow having clock
providers and users. Clocks drivers can also be declared with
CLK_DT_DECLARE. They will be probed automatically by the clock core.
On the user side, function clk_dt_get_by_name and clk_dt_get_by_idx
allows to retrieve a clock from the device tree description and match
it with the provider clocks. The core ensure the clocks are probed
hierarchically.
This support is enabled using CFG_DRIVERS_CLK_DT.
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>
|
|
In order to ease clock support in OP-TEE, add a generic clock framework
which allows to add clocks driver and handle clock hierarchy.
This clock framework provides various functions to enable/disable clock
and to get their rate. Some basic behavior are supported such as gating
when parent or rate is set. This option is enabled using
CFG_DRIVERS_CLK which is disabled by default.
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>
|
|
In order to keep the current mechanism simple but allow parsing the
device tree by iterating on driver (clocks for instance), add a type
field to dt driver struct which will allow differentiating drivers
when iterating on entries and thus avoid casting struct
dt_driver::driver to the wrong type in case a bad DT is provided. This
will also allow adding a more generic driver model by probing generic
driver based on their compatible.
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>
|
|
Adds a comment in mobj_ffa_get_by_cookie() clarifying how
internal_offset and the page_offset kept in a struct mobj_ffa relates.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Uses the READ_ONCE() macro in thread_rpc_alloc() when reading fields
from non-secure shared memory to make sure that they are read only once.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
The new 6GB DRAM bank starts at 0x8080000000.
Signed-off-by: Usama Arif <usama.arif@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Update UUID to little endian:
The Hafnium SPMC expects a little endian representation of the UUID
as an array of four integers in the SP manifest.
Update messaging-method:
Fix the SP manifest to align with messaging method field changes
introduced in hafnium repository with commit
"fix(ff-a): use messaging info from the manifest"
Signed-off-by: Davidson K <davidson.kumaresan@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Prior to this patch did check_pa_matches_va() skip the final catchall
check on the physical address. It should be possible to perform this
check with virtualization enabled so enable it for virtualization too.
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Adds dummy static inline functions to replace the normal virt_*()
functions in virtualization.h when CFG_VIRTUALIZATION is not configured.
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Uses TEE_Result as return type for all virt_*() functions returning
anything but void in <kernel/virtualization.h>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|
|
Implement the renamed macro using the IS_ALIGNED definition.
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
|
