u-boot.git/lib/optee, branch v2021.04 Unnamed repository; edit this file 'description' to name the repository. common: Drop asm/global_data.h from common header 2021-02-02T20:33:42+00:00 Simon Glass sjg@chromium.org 2020-10-31T03:38:53+00:00 401d1c4f5d2d29c4bc4beaec95402ca23eb63295 Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com> 
Move this out of the common header and include it only where needed.  In
a number of cases this requires adding "struct udevice;" to avoid adding
another large header or in other cases replacing / adding missing header
files that had been pulled in, very indirectly.   Finally, we have a few
cases where we did not need to include <asm/global_data.h> at all, so
remove that include.

Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
optee: add property no-map to secure reserved memory 2020-09-22T18:54:13+00:00 Etienne Carriere etienne.carriere@st.com 2020-09-10T08:50:01+00:00 3e15c315f97401f394ae83ed17fbef72b765222a OP-TEE reserved memory node must set property "no-map" to prevent Linux kernel from mapping secure memory unless what non-secure world speculative accesses of the CPU can violate the memory firmware configuration. Fixes: 6ccb05eae01b ("image: fdt: copy possible optee nodes to a loaded devicetree") Signed-off-by: Etienne Carriere <etienne.carriere@st.com> Signed-off-by: Patrice Chotard <patrice.chotard@st.com> 
OP-TEE reserved memory node must set property "no-map" to prevent
Linux kernel from mapping secure memory unless what non-secure world
speculative accesses of the CPU can violate the memory firmware
configuration.

Fixes: 6ccb05eae01b ("image: fdt: copy possible optee nodes to a loaded devicetree")
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Signed-off-by: Patrice Chotard <patrice.chotard@st.com>
fdtdec: optionally add property no-map to created reserved memory node 2020-09-22T18:54:13+00:00 Etienne Carriere etienne.carriere@st.com 2020-09-10T08:49:59+00:00 ccaa5747bdeae4261199dd7e80771e4de1c550ca Add boolean input argument @no_map to helper function fdtdec_add_reserved_memory() to add or not "no-map" property for an added reserved memory node. Property no-map is used by the Linux kernel to not not map memory in its static memory mapping. It is needed for example for the| consistency of system non-cached memory and to prevent speculative accesses to some firewalled memory. No functional change. A later change will update to OPTEE library to add no-map property to OP-TEE reserved memory nodes. Signed-off-by: Etienne Carriere <etienne.carriere@st.com> Signed-off-by: Patrice Chotard <patrice.chotard@st.com> Reviewed-by: Simon Glass <sjg@chromium.org> 
Add boolean input argument @no_map to helper function
fdtdec_add_reserved_memory() to add or not "no-map" property
for an added reserved memory node.

Property no-map is used by the Linux kernel to not not map memory
in its static memory mapping. It is needed for example for the|
consistency of system non-cached memory and to prevent speculative
accesses to some firewalled memory.

No functional change. A later change will update to OPTEE library to
add no-map property to OP-TEE reserved memory nodes.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Signed-off-by: Patrice Chotard <patrice.chotard@st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
optee: fix copy of optee reserved-memory node 2020-06-15T15:23:40+00:00 Etienne Carriere etienne.carriere@linaro.org 2020-06-05T07:22:11+00:00 05f0c746069fc950243c108ac90bc1a221c903c5 Fix the loop that parses FDT for a reserved memory node named "optee". Before this change, if at least one subnode was found in the reserved-memory node, the function endlessly looped since instruction continue returned back in the loop without updating variable subnode. This change fixes the issue by using a for loop. Fixes: 6ccb05eae01b ("image: fdt: copy possible optee nodes to a loaded devicetree") Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com> 
Fix the loop that parses FDT for a reserved memory node named "optee".

Before this change, if at least one subnode was found in the
reserved-memory node, the function endlessly looped since instruction
continue returned back in the loop without updating variable subnode.
This change fixes the issue by using a for loop.

Fixes: 6ccb05eae01b ("image: fdt: copy possible optee nodes to a loaded devicetree")
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
common: Drop log.h from common header 2020-05-19T01:19:18+00:00 Simon Glass sjg@chromium.org 2020-05-10T17:40:05+00:00 f7ae49fc4f363a803dab3be078e93ead8e75a8e9 Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org> 
Move this header out of the common header.

Signed-off-by: Simon Glass <sjg@chromium.org>
optee: Replace uninitialized return variable by proper one. 2020-01-30T18:30:35+00:00 Christoph Müllner christoph.muellner@theobroma-systems.com 2020-01-26T22:20:54+00:00 0f97e923d4921a057e1a7bbfac170cadefde5624 As hinted by GCC 9, there is a return statement that returns an uninitialized variable in optee_copy_firmware_node(). This patch addresses this. Signed-off-by: Christoph Müllner <christoph.muellner@theobroma-systems.com> Reviewed-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com> 
As hinted by GCC 9, there is a return statement that returns
an uninitialized variable in optee_copy_firmware_node().
This patch addresses this.

Signed-off-by: Christoph Müllner <christoph.muellner@theobroma-systems.com>
Reviewed-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com>
common: Move the image globals into image.h 2020-01-17T19:02:35+00:00 Simon Glass sjg@chromium.org 2019-12-28T17:45:03+00:00 8e8ccfe1aa1a3ea0cb88b4438c7a687fcf8632a1 These three globals relate to image handling. Move them to the image header file. Signed-off-by: Simon Glass <sjg@chromium.org> 
These three globals relate to image handling. Move them to the image
header file.

Signed-off-by: Simon Glass <sjg@chromium.org>
image: fdt: copy possible optee nodes to a loaded devicetree 2019-11-14T13:09:34+00:00 Heiko Stuebner heiko.stuebner@theobroma-systems.com 2019-10-23T14:46:40+00:00 6ccb05eae01b660b0585accf338302af1069f419 The loading convention for optee or any other tee on arm64 is as bl32 parameter to the trusted-firmware. So TF-A gets invoked with the TEE as bl32 and main u-boot as bl33. Once it has done its startup TF-A jumps into the bl32 for the TEE startup, returns to TF-A and then jumps to bl33. All of them get passed a devicetree as parameter and all components often get loaded from a FIT image. OP-TEE will create additional nodes in that devicetree namely a firmware node and possibly multiple reserved-memory nodes. While this devicetree is used in main u-boot, in most cases it won't be the one passed to the actual kernel. Instead most boot commands will load a new devicetree from somewhere like mass storage of the network, so if that happens u-boot should transfer the optee nodes to that new devicetree. To make that happen introduce optee_copy_fdt_nodes() called from the dt setup function in image-fdt which after checking for the optee presence in the u-boot dt will make sure a optee node is present in the kernel dt and transfer any reserved-memory regions it can find. Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> 
The loading convention for optee or any other tee on arm64 is as bl32
parameter to the trusted-firmware. So TF-A gets invoked with the TEE as
bl32 and main u-boot as bl33. Once it has done its startup TF-A jumps
into the bl32 for the TEE startup, returns to TF-A and then jumps to bl33.

All of them get passed a devicetree as parameter and all components often
get loaded from a FIT image.

OP-TEE will create additional nodes in that devicetree namely a firmware
node and possibly multiple reserved-memory nodes.

While this devicetree is used in main u-boot, in most cases it won't be
the one passed to the actual kernel. Instead most boot commands will load
a new devicetree from somewhere like mass storage of the network, so if
that happens u-boot should transfer the optee nodes to that new devicetree.

To make that happen introduce optee_copy_fdt_nodes() called from the dt
setup function in image-fdt which after checking for the optee presence
in the u-boot dt will make sure a optee node is present in the kernel dt
and transfer any reserved-memory regions it can find.

Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
optee: Make TZDRAM config options contingent on CONFIG_OPTEE 2019-07-19T13:12:07+00:00 Bryan O'Donoghue bryan.odonoghue@linaro.org 2019-05-04T00:08:23+00:00 7e7cc90e33f556f047b469e48a41fc5c130df2d8 Commit c7b3a7ee5351 ("optee: adjust dependencies and default values for dram") makes the TZDRAM defines for OPTEE show up for all configs as a side-effect. While not harmful its not what we really want. This patch makes the following defines contingent on CONFIG_OPTEE=y CONFIG_OPTEE_TZDRAM_BASE CONFIG_OPTEE_TZDRAM_SIZE Rightly, if you don't have CONFIG_OPTEE=y you don't care about the above two defines. Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Rui Miguel Silva <rui.silva@linaro.org> Acked-by: Rui Miguel Silva <rui.silva@linaro.org> 
Commit c7b3a7ee5351 ("optee: adjust dependencies and default values for
dram") makes the TZDRAM defines for OPTEE show up for all configs as a
side-effect. While not harmful its not what we really want.

This patch makes the following defines contingent on CONFIG_OPTEE=y

CONFIG_OPTEE_TZDRAM_BASE
CONFIG_OPTEE_TZDRAM_SIZE

Rightly, if you don't have CONFIG_OPTEE=y you don't care about the above
two defines.

Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Cc: Rui Miguel Silva <rui.silva@linaro.org>
Acked-by: Rui Miguel Silva <rui.silva@linaro.org>
optee: adjust dependencies and default values for dram 2018-10-22T12:37:28+00:00 Rui Miguel Silva rui.silva@linaro.org 2018-09-05T10:56:06+00:00 c7b3a7ee53512380a80a029e8a993ff470ff5b61 We may have, the not yet considered, scenario where OPTEE is loaded before u-boot and *not* by u-boot, e.g, the boot flow using the ARM Trusted Firmware (ATF), where in the 32bit flow is: BootRom->ATF(BL2)->Optee(BL32)->u-boot(BL33) In this case we need still to reserve the memory used by optee, to avoid for example to realocate ourself to the same address at the end of DRAM. So, we change here the dependencies on the OPTEE lib and we set the default size and base of TZRAM to zero. Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org> Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Fabio Estevam <fabio.estevam@nxp.com> Cc: Ryan Harkin <ryan.harkin@linaro.org> Cc: u-boot@lists.denx.de 
We may have, the not yet considered, scenario where OPTEE is loaded before
u-boot and *not* by u-boot, e.g, the boot flow using the ARM Trusted
Firmware (ATF), where in the 32bit flow is:
BootRom->ATF(BL2)->Optee(BL32)->u-boot(BL33)

In this case we need still to reserve the memory used by optee, to avoid
for example to realocate ourself to the same address at the end of DRAM.
So, we change here the dependencies on the OPTEE lib and we set the default
size and base of TZRAM to zero.

Signed-off-by: Rui Miguel Silva <rui.silva@linaro.org>
Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Cc: Fabio Estevam <fabio.estevam@nxp.com>
Cc: Ryan Harkin <ryan.harkin@linaro.org>
Cc: u-boot@lists.denx.de