u-boot.git/lib/optee, branch master Unnamed repository; edit this file 'description' to name the repository. lib: optee: migration optee_copy_fdt_nodes for OF_LIVE support 2021-04-12T18:25:31+00:00 Patrick Delaunay patrick.delaunay@foss.st.com 2021-02-08T12:54:31+00:00 a2535243e0114a48a4225a38819aa7d9fdc3d02c The optee_copy_fdt_nodes is only used to copy op-tee nodes of U-Boot device tree (from gd->fdt_blob when OF_LIVE is not activated) to external device tree but it is not compatible with OF_LIVE. This patch migrates all used function fdt_ functions to read node on old_blob to ofnode functions, compatible with OF_LIVE and remove this parameter "old_blob". The generated "device tree" is checked on stm32mp platform with OF_LIVE activated. Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com> 
The optee_copy_fdt_nodes is only used to copy op-tee nodes
of U-Boot device tree (from gd->fdt_blob when OF_LIVE is not activated)
to external device tree but it is not compatible with OF_LIVE.

This patch migrates all used function fdt_ functions to read node on
old_blob to ofnode functions, compatible with OF_LIVE and remove this
parameter "old_blob".

The generated "device tree" is checked on stm32mp platform with OF_LIVE
activated.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
common: Drop asm/global_data.h from common header 2021-02-02T20:33:42+00:00 Simon Glass sjg@chromium.org 2020-10-31T03:38:53+00:00 401d1c4f5d2d29c4bc4beaec95402ca23eb63295 Move this out of the common header and include it only where needed. In a number of cases this requires adding "struct udevice;" to avoid adding another large header or in other cases replacing / adding missing header files that had been pulled in, very indirectly. Finally, we have a few cases where we did not need to include <asm/global_data.h> at all, so remove that include. Signed-off-by: Simon Glass <sjg@chromium.org> Signed-off-by: Tom Rini <trini@konsulko.com> 
Move this out of the common header and include it only where needed.  In
a number of cases this requires adding "struct udevice;" to avoid adding
another large header or in other cases replacing / adding missing header
files that had been pulled in, very indirectly.   Finally, we have a few
cases where we did not need to include <asm/global_data.h> at all, so
remove that include.

Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
optee: add property no-map to secure reserved memory 2020-09-22T18:54:13+00:00 Etienne Carriere etienne.carriere@st.com 2020-09-10T08:50:01+00:00 3e15c315f97401f394ae83ed17fbef72b765222a OP-TEE reserved memory node must set property "no-map" to prevent Linux kernel from mapping secure memory unless what non-secure world speculative accesses of the CPU can violate the memory firmware configuration. Fixes: 6ccb05eae01b ("image: fdt: copy possible optee nodes to a loaded devicetree") Signed-off-by: Etienne Carriere <etienne.carriere@st.com> Signed-off-by: Patrice Chotard <patrice.chotard@st.com> 
OP-TEE reserved memory node must set property "no-map" to prevent
Linux kernel from mapping secure memory unless what non-secure world
speculative accesses of the CPU can violate the memory firmware
configuration.

Fixes: 6ccb05eae01b ("image: fdt: copy possible optee nodes to a loaded devicetree")
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Signed-off-by: Patrice Chotard <patrice.chotard@st.com>
fdtdec: optionally add property no-map to created reserved memory node 2020-09-22T18:54:13+00:00 Etienne Carriere etienne.carriere@st.com 2020-09-10T08:49:59+00:00 ccaa5747bdeae4261199dd7e80771e4de1c550ca Add boolean input argument @no_map to helper function fdtdec_add_reserved_memory() to add or not "no-map" property for an added reserved memory node. Property no-map is used by the Linux kernel to not not map memory in its static memory mapping. It is needed for example for the| consistency of system non-cached memory and to prevent speculative accesses to some firewalled memory. No functional change. A later change will update to OPTEE library to add no-map property to OP-TEE reserved memory nodes. Signed-off-by: Etienne Carriere <etienne.carriere@st.com> Signed-off-by: Patrice Chotard <patrice.chotard@st.com> Reviewed-by: Simon Glass <sjg@chromium.org> 
Add boolean input argument @no_map to helper function
fdtdec_add_reserved_memory() to add or not "no-map" property
for an added reserved memory node.

Property no-map is used by the Linux kernel to not not map memory
in its static memory mapping. It is needed for example for the|
consistency of system non-cached memory and to prevent speculative
accesses to some firewalled memory.

No functional change. A later change will update to OPTEE library to
add no-map property to OP-TEE reserved memory nodes.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Signed-off-by: Patrice Chotard <patrice.chotard@st.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
optee: fix copy of optee reserved-memory node 2020-06-15T15:23:40+00:00 Etienne Carriere etienne.carriere@linaro.org 2020-06-05T07:22:11+00:00 05f0c746069fc950243c108ac90bc1a221c903c5 Fix the loop that parses FDT for a reserved memory node named "optee". Before this change, if at least one subnode was found in the reserved-memory node, the function endlessly looped since instruction continue returned back in the loop without updating variable subnode. This change fixes the issue by using a for loop. Fixes: 6ccb05eae01b ("image: fdt: copy possible optee nodes to a loaded devicetree") Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org> Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com> 
Fix the loop that parses FDT for a reserved memory node named "optee".

Before this change, if at least one subnode was found in the
reserved-memory node, the function endlessly looped since instruction
continue returned back in the loop without updating variable subnode.
This change fixes the issue by using a for loop.

Fixes: 6ccb05eae01b ("image: fdt: copy possible optee nodes to a loaded devicetree")
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Patrick Delaunay <patrick.delaunay@st.com>
common: Drop log.h from common header 2020-05-19T01:19:18+00:00 Simon Glass sjg@chromium.org 2020-05-10T17:40:05+00:00 f7ae49fc4f363a803dab3be078e93ead8e75a8e9 Move this header out of the common header. Signed-off-by: Simon Glass <sjg@chromium.org> 
Move this header out of the common header.

Signed-off-by: Simon Glass <sjg@chromium.org>
optee: Replace uninitialized return variable by proper one. 2020-01-30T18:30:35+00:00 Christoph Müllner christoph.muellner@theobroma-systems.com 2020-01-26T22:20:54+00:00 0f97e923d4921a057e1a7bbfac170cadefde5624 As hinted by GCC 9, there is a return statement that returns an uninitialized variable in optee_copy_firmware_node(). This patch addresses this. Signed-off-by: Christoph Müllner <christoph.muellner@theobroma-systems.com> Reviewed-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com> 
As hinted by GCC 9, there is a return statement that returns
an uninitialized variable in optee_copy_firmware_node().
This patch addresses this.

Signed-off-by: Christoph Müllner <christoph.muellner@theobroma-systems.com>
Reviewed-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com>
common: Move the image globals into image.h 2020-01-17T19:02:35+00:00 Simon Glass sjg@chromium.org 2019-12-28T17:45:03+00:00 8e8ccfe1aa1a3ea0cb88b4438c7a687fcf8632a1 These three globals relate to image handling. Move them to the image header file. Signed-off-by: Simon Glass <sjg@chromium.org> 
These three globals relate to image handling. Move them to the image
header file.

Signed-off-by: Simon Glass <sjg@chromium.org>
image: fdt: copy possible optee nodes to a loaded devicetree 2019-11-14T13:09:34+00:00 Heiko Stuebner heiko.stuebner@theobroma-systems.com 2019-10-23T14:46:40+00:00 6ccb05eae01b660b0585accf338302af1069f419 The loading convention for optee or any other tee on arm64 is as bl32 parameter to the trusted-firmware. So TF-A gets invoked with the TEE as bl32 and main u-boot as bl33. Once it has done its startup TF-A jumps into the bl32 for the TEE startup, returns to TF-A and then jumps to bl33. All of them get passed a devicetree as parameter and all components often get loaded from a FIT image. OP-TEE will create additional nodes in that devicetree namely a firmware node and possibly multiple reserved-memory nodes. While this devicetree is used in main u-boot, in most cases it won't be the one passed to the actual kernel. Instead most boot commands will load a new devicetree from somewhere like mass storage of the network, so if that happens u-boot should transfer the optee nodes to that new devicetree. To make that happen introduce optee_copy_fdt_nodes() called from the dt setup function in image-fdt which after checking for the optee presence in the u-boot dt will make sure a optee node is present in the kernel dt and transfer any reserved-memory regions it can find. Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com> Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> 
The loading convention for optee or any other tee on arm64 is as bl32
parameter to the trusted-firmware. So TF-A gets invoked with the TEE as
bl32 and main u-boot as bl33. Once it has done its startup TF-A jumps
into the bl32 for the TEE startup, returns to TF-A and then jumps to bl33.

All of them get passed a devicetree as parameter and all components often
get loaded from a FIT image.

OP-TEE will create additional nodes in that devicetree namely a firmware
node and possibly multiple reserved-memory nodes.

While this devicetree is used in main u-boot, in most cases it won't be
the one passed to the actual kernel. Instead most boot commands will load
a new devicetree from somewhere like mass storage of the network, so if
that happens u-boot should transfer the optee nodes to that new devicetree.

To make that happen introduce optee_copy_fdt_nodes() called from the dt
setup function in image-fdt which after checking for the optee presence
in the u-boot dt will make sure a optee node is present in the kernel dt
and transfer any reserved-memory regions it can find.

Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
optee: Make TZDRAM config options contingent on CONFIG_OPTEE 2019-07-19T13:12:07+00:00 Bryan O'Donoghue bryan.odonoghue@linaro.org 2019-05-04T00:08:23+00:00 7e7cc90e33f556f047b469e48a41fc5c130df2d8 Commit c7b3a7ee5351 ("optee: adjust dependencies and default values for dram") makes the TZDRAM defines for OPTEE show up for all configs as a side-effect. While not harmful its not what we really want. This patch makes the following defines contingent on CONFIG_OPTEE=y CONFIG_OPTEE_TZDRAM_BASE CONFIG_OPTEE_TZDRAM_SIZE Rightly, if you don't have CONFIG_OPTEE=y you don't care about the above two defines. Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org> Cc: Rui Miguel Silva <rui.silva@linaro.org> Acked-by: Rui Miguel Silva <rui.silva@linaro.org> 
Commit c7b3a7ee5351 ("optee: adjust dependencies and default values for
dram") makes the TZDRAM defines for OPTEE show up for all configs as a
side-effect. While not harmful its not what we really want.

This patch makes the following defines contingent on CONFIG_OPTEE=y

CONFIG_OPTEE_TZDRAM_BASE
CONFIG_OPTEE_TZDRAM_SIZE

Rightly, if you don't have CONFIG_OPTEE=y you don't care about the above
two defines.

Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Cc: Rui Miguel Silva <rui.silva@linaro.org>
Acked-by: Rui Miguel Silva <rui.silva@linaro.org>