Re: [PATCH 2/2] tee: optee: don't enumerate services if there ain't any

; Fixes: 94ccfb78a4d6 ("drivers: tee: optee: discover OP-TEE services") > Signed-off-by: Etienne Carriere > --- > drivers/tee/optee/core.c | 10 -- > 1 file changed, 8 insertions(+), 2 deletions(-) Reviewed-by: Jens Wiklander Thanks, Jens > > diff --g

Re: [PATCH 1/2] tee: optee: don't fail on services enumeration failure

v); > if (ret) > - return ret; > + dev_warn(dev, "optee service enumeration failed: > %d\n", ret); > } else if (IS_ENABLED(CONFIG_RNG_OPTEE)) { > /* > * Discover

Re: [PATCH v17 09/10] arm_ffa: efi: introduce FF-A MM communication

Hi Abdellatif, On Mon, Jul 31, 2023 at 1:46 PM Abdellatif El Khlifi wrote: > > Hi Ilias, > > On Mon, Jul 31, 2023 at 12:38:16PM +0300, Ilias Apalodimas wrote: > > > > > > ... > > > > > > Changelog: > > > > > > === > > > > > > > > > > > > v17: > > > > > > > > > > > > * show a debug

[PATCH 8/8] asm-generic: simplify unaligned.h

y asm/unaligned.h") by Arnd Bergmann. Signed-off-by: Jens Wiklander --- include/asm-generic/unaligned.h | 89 +++-- 1 file changed, 73 insertions(+), 16 deletions(-) diff --git a/include/asm-generic/unaligned.h b/include/asm-generic/unaligned.h index 3d

[PATCH 7/8] linux/unaligned: remove unused access_ok.h

linux/unaligned/access_ok.h is unused, so remove it. Signed-off-by: Jens Wiklander --- include/linux/unaligned/access_ok.h | 66 - 1 file changed, 66 deletions(-) delete mode 100644 include/linux/unaligned/access_ok.h diff --git a/include/linux/unaligned

[PATCH 6/8] fs/btrfs: use asm/unaligned.h

Use asm/unaligned.h instead of linux/unaligned/access_ok.h for unaligned access. This is needed on architectures that doesn't handle unaligned accesses directly. Signed-off-by: Jens Wiklander --- fs/btrfs/crypto/hash.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fs/btrfs

[PATCH 5/8] powerpc: use asm-generic/unaligned.h

Powerpc configurations are apparently able to do unaligned accesses. But in an attempt to clean up and handle unaligned accesses in the same way we ignore that and use the common asm-generic/unaligned.h directly instead. Signed-off-by: Jens Wiklander --- arch/powerpc/include/asm/unaligned.h

[PATCH 4/8] m68k: use asm-generic/unaligned.h

asm-generic/unaligned.h directly instead. Signed-off-by: Jens Wiklander --- arch/m68k/include/asm/unaligned.h | 17 ++--- 1 file changed, 2 insertions(+), 15 deletions(-) diff --git a/arch/m68k/include/asm/unaligned.h b/arch/m68k/include/asm/unaligned.h index 328aa0c316c9

[PATCH 3/8] mips: use asm-generic/unaligned.h

Mips essentially duplicates the content of asm-generic/unaligned.h, so use that file directly instead. Signed-off-by: Jens Wiklander --- arch/mips/include/asm/unaligned.h | 23 +-- 1 file changed, 1 insertion(+), 22 deletions(-) diff --git a/arch/mips/include/asm

[PATCH 2/8] sh: use asm-generic/unaligned.h

Sh essentially duplicates the content of asm-generic/unaligned.h, so use that file directly instead. Signed-off-by: Jens Wiklander --- arch/sh/include/asm/unaligned.h | 22 ++ 1 file changed, 2 insertions(+), 20 deletions(-) diff --git a/arch/sh/include/asm/unaligned.h b

[PATCH 0/8] Cleanup unaligned access macros

in this Linux kernel by Arnd Bergman, https://lore.kernel.org/lkml/20210514100106.3404011-1-a...@kernel.org/ Thanks, Jens Jens Wiklander (8): arm: use asm-generic/unaligned.h sh: use asm-generic/unaligned.h mips: use asm-generic/unaligned.h m68k: use asm-generic/unaligned.h powerpc: use

[PATCH 1/8] arm: use asm-generic/unaligned.h

Arm duplicates the content of asm-generic/unaligned.h, so use that file directly instead. Signed-off-by: Jens Wiklander --- arch/arm/include/asm/unaligned.h | 21 ++--- 1 file changed, 2 insertions(+), 19 deletions(-) diff --git a/arch/arm/include/asm/unaligned.h b/arch/arm

Re: [PATCH v4] common: avb_verify: prevent opening incorrect session

On Fri, Jan 27, 2023 at 9:02 PM Ivan Khoronzhuk wrote: > > The arg->session is not valid if arg->ret != NULL, so can't be > assigned, correct this. > > Signed-off-by: Ivan Khoronzhuk > --- > common/avb_verify.c | 9 + > 1 file changed, 5 insertions(+), 4 d

Re: [PATCH v2] common: avb_verify: prevent opening incorrect session

On Mon, Jan 23, 2023 at 5:09 PM Ivan Khoronzhuk wrote: > > On Mon, Jan 23, 2023 at 04:34:33PM +0100, Jens Wiklander wrote: > >On Mon, Jan 23, 2023 at 04:51:29PM +0200, Ivan Khoronzhuk wrote: > >> The arg->session is not valid if arg->ret != NULL, so can't be > >

Re: [PATCH v2] common: avb_verify: prevent opening incorrect session

On Mon, Jan 23, 2023 at 04:51:29PM +0200, Ivan Khoronzhuk wrote: > The arg->session is not valid if arg->ret != NULL, so can't be > assigned. Leave retry for just "ret" error to save same behaviour. > > Signed-off-by: Ivan Khoronzhuk > --- > common/avb_verify.c | 12 > 1 file

Re: [PATCH] common: avb_verify: prevent opening incorrect session

On Sun, Jan 22, 2023 at 3:41 AM Ivan Khoronzhuk wrote: > > The arg->session is not valid if arg->ret != NULL, so can't be > assigned. Leave retry for just "ret" error to save same behaviour. > > Signed-off-by: Ivan Khoronzhuk > --- > common/avb_verify.c | 12 > 1 file changed, 8

Re: [PATCH] MAINTAINERS: add a new entry on TEE MAINTAINERS

ee from now on. > for TPM > > Signed-off-by: Ilias Apalodimas > --- > MAINTAINERS | 3 +++ > 1 file changed, 3 insertions(+) With the spelling error in the commit message fixed. Reviewed-by: Jens Wiklander Cheers, Jens > > diff --git a/MAINTAINERS b/MAINTAINERS >

Re: [PATCH] tpm2: ftpm: add the device in the OP-TEE services list

pm_tis.h" > #include "tpm2_ftpm_tee.h" > > +OPTEE_SERVICE_DRIVER(optee_ftpm, TA_FTPM_UUID, "ftpm_tee"); > /** > * ftpm_tee_transceive() - send fTPM commands and retrieve fTPM response. > * @sendbuf - address of the data to send, byte by byte > -- > 2.38.1 > With the spelling error in the commit message fixed. Reviewed-by: Jens Wiklander Cheers, Jens

Re: [PATCH] tee: optee: fix uuid comparisons on service discovery

Apalodimas > --- > drivers/tee/optee/core.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) Reviewed-by: Jens Wiklander Cheers, Jens > > diff --git a/drivers/tee/optee/core.c b/drivers/tee/optee/core.c > index 88e23d252bcd..9a9b697e91f5 100644 > --- a/drivers/

Re: [PATCH] tee: optee: fix a print error on rng probing

dev_warn(dev, "optee-rng failed to bind: %d\n", > > > > ret); > > > > } > > > > > > > > return 0; > > > > > > > > > I think you can add: > > > > > > Fixes: 476a3d58dfeb ("tee: optee: don't fail probe because of optee-rng") > > > > > > > > > Reviewed-by: Patrick Delaunay > > > > Sure I'll wait for additional reviews etc and respin > > Reviewed-by: Etienne Carriere Reviewed-by: Jens Wiklander Cheers, Jens > Sorry for that :| > > etienne > > > > > Cheers > > /Ilias > > > > > > Thanks > > > Patrick > > > > > >

Re: [PATCH 1/2] tee: optee: don't fail probe because of optee-rng

t; > Signed-off-by: Etienne Carriere > --- > drivers/tee/optee/core.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) Reviewed-by: Jens Wiklander Thanks, Jens > > diff --git a/drivers/tee/optee/core.c b/drivers/tee/optee/core.c > index 9240277579..604fd1414f 100644 >

Re: [PATCH 2/2] tee: optee: discover services dependent on tee-supplicant

: Etienne Carriere > --- > drivers/tee/optee/core.c | 32 +++- > 1 file changed, 23 insertions(+), 9 deletions(-) Reviewed-by: Jens Wiklander Thanks, Jens > > diff --git a/drivers/tee/optee/core.c b/drivers/tee/optee/core.c > index 604fd1414f..b21031d

Re: [PATCH v7 03/10] arm_ffa: introduce Arm FF-A low-level driver

On Fri, Nov 11, 2022 at 02:36:11PM +, Abdellatif El Khlifi wrote: > On Wed, Nov 09, 2022 at 12:51:26PM +0100, Jens Wiklander wrote: > > On Mon, Nov 07, 2022 at 07:20:48PM +, Abdellatif El Khlifi wrote: [snip] > > > +/** > > > + * ffa_msg_send_direct_req - FF

Re: [PATCH v7 03/10] arm_ffa: introduce Arm FF-A low-level driver

> For more details please refer to the driver documentation [2]. > > [1]: https://developer.arm.com/documentation/den0077/latest/ > [2]: doc/arch/arm64.ffa.rst > > Signed-off-by: Abdellatif El Khlifi > Cc: Tom Rini > Cc: Simon Glass > Cc: Ilias Apalodimas &g

Re: [PATCH v6 03/10] arm_ffa: introduce Arm FF-A low-level driver

; - partition_info_get > - sync_send_receive > - rxtx_unmap > > [1]: https://developer.arm.com/documentation/den0077/latest/ > > Signed-off-by: Abdellatif El Khlifi > Cc: Tom Rini > Cc: Simon Glass > Cc: Ilias Apalodimas > Cc: Jens Wiklander > > --- > > Changelog:

Re: [PATCH v6 01/10] arm64: smccc: add support for SMCCCv1.2 x0-x17 registers

commit: > > arm64: smccc: Add support for SMCCCv1.2 extended input/output registers > > [1]: > https://documentation-service.arm.com/static/5f8edaeff86e16515cdbe4c6?token= > > Signed-off-by: Abdellatif El Khlifi > Cc: Tom Rini > Cc: Simon Glass

Re: [PATCH v5 04/10] arm_ffa: introduce Arm FF-A low-level driver

sync_send_receive > - rxtx_unmap > > This implementation provides an optional feature to copy the driver data > to EFI runtime area. > > [1]: https://developer.arm.com/documentation/den0077/latest/ > > Signed-off-by: Abdellatif El Khlifi > Cc: Tom Rini > Cc

Re: [PATCH v5 02/10] arm64: smccc: clear the Xn registers after SMC calls

n each register. > > The leakage we are referring to is data leakage across exception > levels. The intent is to prevent lower exception levels (EL1/EL0) > from reading the SMC data exchanged at EL2. > > Signed-off-by: Abdellatif El Khlifi > Cc: Tom Rini > Cc: Simon Glass >

Re: [PATCH v2] tee: optee: rework TA bus scanning code

On Fri, Sep 2, 2022 at 9:11 PM Ilias Apalodimas wrote: > > Thanks Jens > > On Wed, 31 Aug 2022 at 08:59, Jens Wiklander > wrote: > > > > On Mon, Aug 29, 2022 at 8:34 AM Ilias Apalodimas > > wrote: > > > > > > Late versions of OP-TEE suppo

Re: [PATCH v2] tee: optee: rework TA bus scanning code

at it change the behaviour of the tee core itself wrt to device > binding. If some device binding fails, print a warning instead of > disabling OP-TEE. > > Signed-off-by: Ilias Apalodimas > --- Reviewed-by: Jens Wiklander Cheers, Jens > Changes since v1: > - remove

Re: [PATCH] tee: optee: rework TA bus scanning code

On Tue, Aug 23, 2022 at 10:11 AM Ilias Apalodimas wrote: > > Late versions of OP-TEE support a pseudo bus. TAs that behave as > hardware blocks (e.g TPM, RNG etc) present themselves on a bus which we can > scan. Unfortunately U-Boot doesn't support that yet. It's worth noting > that we already

Re: [PATCH v3 2/4] arm64: smccc: clear the Xn registers after SMC calls

er. > > Signed-off-by: Abdellatif El Khlifi > Cc: Tom Rini > Cc: Ilias Apalodimas > Cc: Jens Wiklander > --- > arch/arm/cpu/armv8/smccc-call.S | 20 > 1 file changed, 20 insertions(+) > > diff --git a/arch/arm/cpu/armv8/smccc-call.S b/arch/arm/cpu/a

Re: [PATCH] mach-rockchip: make_fit_atf.py: support OP-TEE tee.bin v1 format

Hi, On Thu, Jun 2, 2022 at 9:50 AM Jerome Forissier wrote: > > > > On 5/29/22 18:08, Alper Nebi Yasak wrote: > > On 28/05/2022 01:08, Jerome Forissier wrote: > >> On 5/27/22 21:24, Alper Nebi Yasak wrote: > >>> On 11/05/2022 18:35, Jerome Forissier wrote: > +if paged_sz != 0: >

Re: [PATCH 2/3] imx8m: Automatically add the optee firmware node to the FDT

Hi, On Mon, May 16, 2022 at 12:00 PM Michael Nazzareno Trimarchi wrote: > > Hi Alban > > On Mon, May 16, 2022 at 10:23 AM Alban Bedel wrote: > > > > If optee is running add the firmware node to the FDT to allow the > > kernel to use a more generic device tree. > > > > Signed-off-by: Alban Bedel

Re: [PATCH v2 1/6] arm_ffa: introduce Arm FF-A low-level driver

On Fri, Apr 15, 2022 at 01:27:58PM +0100, abdellatif.elkhl...@arm.com wrote: > From: Abdellatif El Khlifi > > Add the driver implementing Arm Firmware Framework for Armv8-A v1.0 > > The Firmware Framework for Arm A-profile processors (FF-A) > describes interfaces (ABIs) that standardize

Re: [PATCH v2] efi_loader: Don't limit the StMM buffer size explicitly

Hi Ilias, On Sat, Dec 25, 2021 at 8:39 PM Ilias Apalodimas wrote: > > On Sat, Dec 25, 2021 at 05:13:23PM +0100, Heinrich Schuchardt wrote: > > On 12/25/21 16:04, Ilias Apalodimas wrote: > > > > > > > > > On Sat, 25 Dec 2021, 16:28 Heinrich Schuchardt, > > > wrote: > >

Re: [PATCH 3/5] tee: optee: define TEE error code TEE_ERROR_SHORT_BUFFER

On Thu, Nov 4, 2021 at 3:15 PM Etienne Carriere wrote: > > Adds TEE_ERROR_SHORT_BUFFER as TEE error code. This error code is > commonly used by TEEs to inform caller that the buffer(s) it provided > is too small for the desired operation. > > Cc: Jens Wiklander > Signed-off

Re: [PATCH 1/5] tee: define session login identifiers

On Thu, Nov 4, 2021 at 3:14 PM Etienne Carriere wrote: > > Define identifiers for clnt_login field in struct tee_open_session_arg > based in GlobalPlatform Device TEE IDs and on the REE_KERNEL identifier > extension from OP-TEE OS. > > Cc: Jens Wiklander > Signed-off

Re: [PATCH 2/5] tee: optee: remove unused duplicated login Id macros

On Thu, Nov 4, 2021 at 3:15 PM Etienne Carriere wrote: > > Remove unused OPTEE_MSG_LOGIN_* ID macros as suitable TEE_LOGIN_* ID > macros are already defined tee.h. > > Cc: Jens Wiklander > Signed-off-by: Etienne Carriere > --- > This change was previously discussed

Re: [PATCH 2/2] tee: add a stub for tee_find_device

; Signed-off-by: Patrick Delaunay > --- > > arch/arm/mach-stm32mp/fdt.c| 1 - > board/st/common/stm32mp_mtdparts.c | 3 +-- > include/tee.h | 11 +++ > 3 files changed, 12 insertions(+), 3 deletions(-) Reviewed-by: Jens Wiklander

Re: [PATCH v2 2/2] tee: optee: support session login as REE kernel

On Wed, May 19, 2021 at 4:27 PM Etienne Carriere wrote: > > Remove unused OPTEE_MSG_LOGIN_* IDs and rely on the ones introduced in > tee.h. Change optee core to treat invalid client IDs as public login. > > Signed-off-by: Etienne Carriere > --- > Changes since v1: > - Remove ID conversion. I

Re: [PATCH v2 1/2] tee: define session login identifiers

On Wed, May 19, 2021 at 4:27 PM Etienne Carriere wrote: > > Define identifiers for clnt_login field in struct tee_open_session_arg > based in GlobalPlatform Device TEE IDs and on the REE_KERNEL identifier > extension from OP-TEE OS. > > Signed-off-by: Etienne Carriere > --- > Changes since v1: >

Re: [PATCH v2] tee: optee: sync cache on pre-reloc OP-TEE invocation

> --- > drivers/tee/optee/core.c | 21 - > drivers/tee/tee-uclass.c | 19 ++- > include/tee.h| 6 ++ > 3 files changed, 44 insertions(+), 2 deletions(-) With the spell error in the commit message fixed: Reviewed-by: Jens Wiklander Cheers, Jens

Re: [PATCH] tee: optee: sync cache on pre-reloc OP-TEE invocation

On Wed, May 12, 2021 at 5:08 PM Etienne Carriere wrote: > > This change ensures both U-Boot and OP-TEE see the same content > from shared memory when OP-TEE is invoked prior U-Boot relocation. > > This change is required since U-Boot may execute with data cahce off > while OP-TEE always enables

Re: [PATCH 2/2] tee: optee: support session login as REE kernel

On Wed, May 12, 2021 at 5:06 PM Etienne Carriere wrote: > > OP-TEE supports an API extension to allow client to open a TEE session > as REE kernel which OP-TEE uses to differentiate client application > services from system services that only the REE OS kernel can access. > > This change allows

Re: [PATCH 1/2] tee: define session login identifiers

On Wed, May 12, 2021 at 5:06 PM Etienne Carriere wrote: > > TEE header file defines a clnt_login field in struct tee_open_session_arg > but does not define the values expected. This change define identifiers > for the field using a enumerated type. Back end TEE driver is expected to > convert

Re: [RFC PATCH v2 1/2] optee: obtain emmc rpmb info from dt

On Mon, Jan 25, 2021 at 12:50 PM Igor Opaniuk wrote: > > Hi Jens, > > On Mon, Jan 25, 2021 at 10:50 AM Jens Wiklander > wrote: > > > > Hi Igor, > > > > On Sun, Jan 24, 2021 at 11:39:45AM +0200, Igor Opaniuk wrote: > > > From: Igor Opaniuk > &

Re: [RFC PATCH v2 1/2] optee: obtain emmc rpmb info from dt

Hi Igor, On Sun, Jan 24, 2021 at 11:39:45AM +0200, Igor Opaniuk wrote: > From: Igor Opaniuk > > Add support for rpmb-dev property in optee node. > Prioritize that provided eMMC info from DT for RPMB operations over > the one provided by OP-TEE OS core in RPC calls. > > Signed-off-by: Igor

Re: [PATCH v6 3/4] drivers: tee: sandbox: add rpc test ta emulation

ned-off-by: Igor Opaniuk > Reviewed-by: Simon Glass > --- Reviewed-by: Jens Wiklander Thanks, Jens

Re: [PATCH] smcc: fix sign bit expansion

of > 32-bit calls. > > We need to make ARM_SMCCC_FAST_CALL unsigned long, so it would work properly > on 32 bit architectures. > > Signed-off-by: Volodymyr Babchuk > --- > include/linux/arm-smccc.h | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) Rev

Re: [PATCHv3 3/4] drivers: tee: sandbox: add rpc test ta emulation

Hi Igor, On Wed, Jan 20, 2021 at 11:39:35AM +0200, Igor Opaniuk wrote: > Hi Jens, > > On Wed, Jan 20, 2021 at 10:49 AM Jens Wiklander > wrote: > > > > On Tue, Jan 12, 2021 at 09:43:39AM +0100, Jorge Ramirez-Ortiz wrote: > > > From: Igor Opaniuk > >

Re: [PATCHv3 3/4] drivers: tee: sandbox: add rpc test ta emulation

On Tue, Jan 12, 2021 at 09:43:39AM +0100, Jorge Ramirez-Ortiz wrote: > From: Igor Opaniuk > > This adds support for RPC test trusted application emulation, which > permits to test reverse RPC calls to TEE supplicant. Currently it covers > requests to the I2C bus from TEE. > > Signed-off-by:

Re: [PATCH] drivers: tee: i2c trampoline driver

Hi Simon, On Tue, Dec 29, 2020 at 4:32 PM Simon Glass wrote: > > Hi Jorge, > > On Mon, 21 Dec 2020 at 11:15, Jorge Ramirez-Ortiz wrote: > > > > This commit gives the secure world access to the I2C bus so it can > > communicate with I2C slaves (tipically those would be secure elements > > like

Re: [PATCH] drivers: tee: i2c trampoline driver

On Sun, Dec 27, 2020 at 6:07 PM Jorge Ramirez-Ortiz, Foundries wrote: > > On 23/12/20, Jens Wiklander wrote: > > Hi Jorge, > > hey > > > > > On Mon, Dec 21, 2020 at 07:15:40PM +0100, Jorge Ramirez-Ortiz wrote: > > > This commit gives the se

Re: [PATCH] drivers: tee: i2c trampoline driver

Hi Jorge, On Mon, Dec 21, 2020 at 07:15:40PM +0100, Jorge Ramirez-Ortiz wrote: > This commit gives the secure world access to the I2C bus so it can > communicate with I2C slaves (tipically those would be secure elements > like the NXP SE050). > > Tested on imx8mmevk. > > Signed-off-by: Jorge

Re: [PATCH] tee: optee: use dev_info in print_os_revision

--- > 1 file changed, 7 insertions(+), 6 deletions(-) Acked-by: Jens Wiklander Cheers, Jens

Re: [PATCH v2 01/15] dm: fdt: scan for devices under /firmware too

Hi Michal, On Tue, Jan 7, 2020 at 9:49 AM Michal Simek wrote: > > Hi Jens and Simon, > > čt 23. 8. 2018 v 12:43 odesílatel Jens Wiklander > napsal: > > > > Just as /chosen may contain devices /firmware may contain devices, scan > > for devices under /firmware

Re: [U-Boot] [PATCH] drivers: optee: rpmb: fix returning CID to TEE

endian systems, the value returned by the > linux kernel mmc driver differed from the one returned by u-boot. > This meant that if linux provisioned the RPMB key, u-boot would not > have access to the partition (and the other way around). > > Signed-off-by: Jorge Ramirez-Ortiz Looks

Re: [U-Boot] [PATCH] drivers: optee: rpmb: fix returning CID to TEE

On Tue, Nov 26, 2019 at 09:22:38AM +0100, Jorge Ramirez-Ortiz, Foundries wrote: > On 20/11/19 11:33:10, Jens Wiklander wrote: > > On Wed, Nov 20, 2019 at 09:21:35AM +0100, Jorge Ramirez-Ortiz wrote: > > > On 11/20/19 8:20 AM, Jens Wiklander wrote: > > > > On Tue, No

Re: [U-Boot] [PATCH] drivers: optee: rpmb: fix returning CID to TEE

On Wed, Nov 20, 2019 at 09:21:35AM +0100, Jorge Ramirez-Ortiz wrote: > On 11/20/19 8:20 AM, Jens Wiklander wrote: > > On Tue, Nov 19, 2019 at 06:21:34PM +0100, Jorge Ramirez-Ortiz wrote: > >> On 11/19/19 12:53 PM, Jorge Ramirez-Ortiz wrote: > >>> On 11/19/19

Re: [U-Boot] [PATCH] drivers: optee: rpmb: fix returning CID to TEE

On Tue, Nov 19, 2019 at 06:21:34PM +0100, Jorge Ramirez-Ortiz wrote: > On 11/19/19 12:53 PM, Jorge Ramirez-Ortiz wrote: > > On 11/19/19 10:02 AM, Jens Wiklander wrote: > >> On Mon, Nov 18, 2019 at 02:18:55PM +0100, Jorge Ramirez-Ortiz wrote: > >>> On 11/18/19

Re: [U-Boot] [PATCH] drivers: optee: rpmb: fix returning CID to TEE

On Mon, Nov 18, 2019 at 02:18:55PM +0100, Jorge Ramirez-Ortiz wrote: > On 11/18/19 1:42 PM, Jens Wiklander wrote: > > [+ Igor and Sam] > > > > On Mon, Nov 18, 2019 at 12:18:27PM +0100, Jorge Ramirez-Ortiz wrote: > >> On 11/18/19 10:36 AM, Jens Wiklander wrote: >

Re: [U-Boot] [PATCH] drivers: optee: rpmb: fix returning CID to TEE

[+ Igor and Sam] On Mon, Nov 18, 2019 at 12:18:27PM +0100, Jorge Ramirez-Ortiz wrote: > On 11/18/19 10:36 AM, Jens Wiklander wrote: > > Hi Jorge, > > > hey! > > > > > On Fri, Nov 15, 2019 at 10:37 PM Jorge Ramirez-Ortiz > > wrote: > >>

Re: [U-Boot] [PATCH] drivers: optee: rpmb: fix returning CID to TEE

Hi Jorge, On Fri, Nov 15, 2019 at 10:37 PM Jorge Ramirez-Ortiz wrote: > > The MMC CID value is one of the input parameters to unequivocally > provision the the RPMB key. > > Before this patch, the value returned by the mmc driver in the Linux > kernel differs from the one returned by uboot to

Re: [U-Boot] [PATCH v2 3/4] image: fdt: copy possible optee nodes to a loaded devicetree

ommon/image-fdt.c | 8 +++ > include/tee/optee.h | 9 +++ > lib/optee/optee.c | 132 ++++ > 3 files changed, 149 insertions(+) > [snip] Looks good to me: Reviewed-by: Jens Wiklander Cheers, Jens ___ U-Boot mailing list U-Boot@lists.denx.de https://lists.denx.de/listinfo/u-boot

Re: [U-Boot] [PATCH 3/3] image: fdt: copy possible optee nodes to a loaded devicetree

Hi Heiko, [+Igor] On Tue, Oct 8, 2019 at 2:22 AM Heiko Stuebner wrote: > > The loading convention for optee or any other tee on arm64 is as bl32 > parameter to the trusted-firmware. So TF-A gets invoked with the TEE as > bl32 and main u-boot as bl33. Once it has done its startup TF-A jumps >

Re: [U-Boot] "optee" Kbuild seems to have weird dependencies

values for dram"). If OPTEE_TZDRAM_SIZE and OPTEE_TZDRAM_BASE are needed or not depends on the platform and should be selected in some way by the platform. > > rday > > p.s. the MAINTAINERS entry for TEE seems incomplete as well: > > TEE > M: Jens Wiklander > S:

Re: [U-Boot] [PATCH v2 1/1] avb: add support for named persistent values

Hi Igor, Some comments below. On Fri, Dec 14, 2018 at 07:45:03PM +0200, Igor Opaniuk wrote: > AVB version 1.1 introduces support for named persistent values > that must be tamper evident and allows AVB to store arbitrary key-value > pairs [1]. > > Introduce implementation of two additional AVB

Re: [U-Boot] [PATCH 1/1] tee: change return code for REE FS supplicant cmd

34,6 +34,7 @@ > * struct tee_version_data::gen_caps > */ > #define TEE_SUCCESS0x > +#define TEE_ERROR_STORAGE_NOT_AVAILABLE0xf013 > #define TEE_ERROR_GENERIC 0x > #define TEE_ERROR_BAD_PARAMETERS 0x0006 &

[U-Boot] [PATCH] test: tee: fix resource leak in dm_test_tee()

Fixes possible resource leak in dm_test_tee() reported by Coverity. Reported-by: Coverity (CID: 184175) Signed-off-by: Jens Wiklander --- test/dm/tee.c | 35 ++- 1 file changed, 26 insertions(+), 9 deletions(-) diff --git a/test/dm/tee.c b/test/dm/tee.c index

Re: [U-Boot] [PATCH v4 00/19] AVB using OP-TEE

Hi Simon, On Tue, Oct 2, 2018 at 1:21 PM, Simon Glass wrote: > Hi Jen, > > On 25 September 2018 at 07:40, Jens Wiklander > wrote: >> Hi, >> >> This adds support for storing AVB rollback indexes in the RPMB partition. >> The RPMB partition (content and

[U-Boot] [PATCH v4 19/19] Kconfig: sandbox: enable cmd_avb and dependencies

Enables cmd_avb and its dependencies need to run the AVB tests. Reviewed-by: Simon Glass Signed-off-by: Jens Wiklander --- arch/Kconfig | 4 drivers/fastboot/Kconfig | 2 ++ 2 files changed, 6 insertions(+) diff --git a/arch/Kconfig b/arch/Kconfig index 8f10f3fc06e8

[U-Boot] [PATCH v4 17/19] test_avb: Update pymark.buildconfigspec information for the AVB tests

Update the pymark.buildconfigspec to depend on 'cmd_mmc' in addition to 'cmd_avb' for those tests that needs more a more complete MMC implementation or the "mmc" command. Reviewed-by: Simon Glass Signed-off-by: Jens Wiklander --- test/py/tests/test_avb.py | 8 +--- 1 file

[U-Boot] [PATCH v4 15/19] test: tee: test TEE uclass

Tests the TEE uclass with a sandbox tee driver. Reviewed-by: Simon Glass Signed-off-by: Jens Wiklander --- test/dm/Makefile | 1 + test/dm/tee.c| 98 2 files changed, 99 insertions(+) create mode 100644 test/dm/tee.c diff --git a/test/dm

[U-Boot] [PATCH v4 16/19] avb_verify: support using OP-TEE TA AVB

With CONFIG_OPTEE_TA_AVB use the trusted application AVB provided by OP-TEE to manage rollback indexes and device-lock status. Reviewed-by: Simon Glass Signed-off-by: Jens Wiklander --- common/avb_verify.c | 118 ++- doc/README.avb2 | 13

[U-Boot] [PATCH v4 18/19] avb_verify: support sandbox configuration

Change get_sector_buf() to use map_sysmem() to get a pointer to the CONFIG_FASTBOOT_BUF_ADDR in memory. Signed-off-by: Jens Wiklander --- include/avb_verify.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/include/avb_verify.h b/include/avb_verify.h index a532a2331aea

[U-Boot] [PATCH v4 13/19] sandbox: imply CONFIG_TEE (TEE uclass)

Reviewed-by: Simon Glass Signed-off-by: Jens Wiklander --- arch/Kconfig | 1 + 1 file changed, 1 insertion(+) diff --git a/arch/Kconfig b/arch/Kconfig index bf1b4a9afac6..8f10f3fc06e8 100644 --- a/arch/Kconfig +++ b/arch/Kconfig @@ -91,6 +91,7 @@ config SANDBOX imply HASH_VERIFY

[U-Boot] [PATCH v4 12/19] sandbox: dt: add sandbox_tee node

Adds a sandbox_tee node to enable the sandbox tee driver in all the sandbox dts files. Reviewed-by: Simon Glass Signed-off-by: Jens Wiklander --- arch/sandbox/dts/sandbox.dts | 4 arch/sandbox/dts/sandbox64.dts | 4 arch/sandbox/dts/test.dts | 4 3 files changed, 12

[U-Boot] [PATCH v4 11/19] tee: optee: support AVB trusted application

Adds configuration option OPTEE_TA_AVB and a header file describing the interface to the Android Verified Boot 2.0 (AVB) trusted application provided by OP-TEE. Tested-by: Igor Opaniuk Reviewed-by: Igor Opaniuk Signed-off-by: Jens Wiklander --- MAINTAINERS| 1 + drivers/tee

[U-Boot] [PATCH v4 10/19] optee: support routing of rpmb data frames to mmc

Adds support in optee supplicant to route signed (MACed) RPMB frames from OP-TEE Secure OS to MMC and vice versa to manipulate the RPMB partition. Tested-by: Igor Opaniuk Signed-off-by: Jens Wiklander --- drivers/tee/optee/Makefile| 1 + drivers/tee/optee/core.c | 8

[U-Boot] [PATCH v4 14/19] tee: add sandbox driver

Adds a sandbox tee driver which emulates a generic TEE with the OP-TEE AVB TA. Reviewed-by: Simon Glass Signed-off-by: Jens Wiklander --- drivers/tee/Kconfig | 18 ++- drivers/tee/Makefile | 1 + drivers/tee/optee/Kconfig | 2 +- drivers/tee/sandbox.c | 308

[U-Boot] [PATCH v4 07/19] tee: add OP-TEE driver

Adds a OP-TEE driver. * Targets ARM and ARM64 * Supports using any U-Boot memory as shared memory * Probes OP-TEE version using SMCs * Uses OPTEE message protocol version 2 to communicate with secure world Reviewed-by: Simon Glass Tested-by: Igor Opaniuk Signed-off-by: Jens Wiklander

[U-Boot] [PATCH v4 08/19] Documentation: tee uclass and op-tee driver

Reviewed-by: Simon Glass Signed-off-by: Jens Wiklander --- doc/README.tee | 112 + 1 file changed, 112 insertions(+) create mode 100644 doc/README.tee diff --git a/doc/README.tee b/doc/README.tee new file mode 100644 index

[U-Boot] [PATCH v4 09/19] arm: dt: hikey: Add optee node

Sync with 14e21cb8f811 ("arm64: dt: hikey: Add optee node" from Linux kernel. Reviewed-by: Simon Glass Signed-off-by: Jens Wiklander --- arch/arm/dts/hi6220-hikey.dts | 7 +++ 1 file changed, 7 insertions(+) diff --git a/arch/arm/dts/hi6220-hikey.dts b/arch/arm/dts/hi6220-hikey

[U-Boot] [PATCH v4 05/19] Add UCLASS_TEE for Trusted Execution Environment

Platform compliant TEE, but it's not limited to only Global Platform TEEs. The over all design is based on the TEE subsystem in the Linux kernel, tailored for U-Boot. Reviewed-by: Simon Glass Tested-by: Igor Opaniuk Signed-off-by: Jens Wiklander --- MAINTAINERS | 6 + drivers

[U-Boot] [PATCH v4 06/19] dt/bindings: add bindings for optee

Sync with c8bfafb15944 ("dt/bindings: add bindings for optee") from Linux kernel. Introduces linaro prefix and adds bindings for ARM TrustZone based OP-TEE implementation. Reviewed-by: Simon Glass Signed-off-by: Jens Wiklander --- .../firmware/linaro,optee-tz.txt

[U-Boot] [PATCH v4 04/19] mmc: rpmb: add mmc_rpmb_route_frames()

Adds mmc_rpmb_route_frames() to route RPMB data frames from/to an external entity. Tested-by: Igor Opaniuk Signed-off-by: Jens Wiklander --- drivers/mmc/rpmb.c | 160 + include/mmc.h | 19 ++ 2 files changed, 179 insertions(+) diff --git

[U-Boot] [PATCH v4 03/19] cmd: avb: print error message if command fails

Reviewed-by: Simon Glass Signed-off-by: Jens Wiklander --- cmd/avb.c | 17 + 1 file changed, 17 insertions(+) diff --git a/cmd/avb.c b/cmd/avb.c index ca4b26d5d7b3..ff00be4cee38 100644 --- a/cmd/avb.c +++ b/cmd/avb.c @@ -35,6 +35,8 @@ int do_avb_init(cmd_tbl_t *cmdtp, int flag

[U-Boot] [PATCH v4 02/19] cmd: avb read_rb: print rb_idx in hexadecimal

Signed-off-by: Jens Wiklander --- cmd/avb.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cmd/avb.c b/cmd/avb.c index f045a0c64c4a..ca4b26d5d7b3 100644 --- a/cmd/avb.c +++ b/cmd/avb.c @@ -158,7 +158,7 @@ int do_avb_read_rb(cmd_tbl_t *cmdtp, int flag, int argc, char * const

[U-Boot] [PATCH v4 01/19] dm: fdt: scan for devices under /firmware too

Just as /chosen may contain devices /firmware may contain devices, scan for devices under /firmware too. Reviewed-by: Simon Glass Signed-off-by: Jens Wiklander --- drivers/core/root.c | 15 ++- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/drivers/core/root.c b

[U-Boot] [PATCH v4 00/19] AVB using OP-TEE

functions * Added documentation for the TEE uclass and the OP-TEE driver with the new commit ("Documentation: tee uclass and op-tee driver") * Added documentation for the changes in avb_verify * Addressed review comments from Simon Glass * Added the commit ("cmd: avb: print error messa

Re: [U-Boot] [PATCH v3 19/20] avb_verify: support sandbox configuration

Hi Simon, On Fri, Sep 14, 2018 at 12:54 PM, Simon Glass wrote: > Hi Jens, > > On 3 September 2018 at 16:47, Jens Wiklander > wrote: >> With CONFIG_SANDBOX malloc a buffer in get_sector_buf() and return that >> instead of returning CONFIG_FASTBOOT_BUF_ADDR since t

Re: [U-Boot] [PATCH v3 17/20] avb_verify: support using OP-TEE TA AVB

On Fri, Sep 14, 2018 at 12:54 PM, Simon Glass wrote: > On 3 September 2018 at 16:47, Jens Wiklander > wrote: >> With CONFIG_OPTEE_TA_AVB use the trusted application AVB provided by >> OP-TEE to manage rollback indexes and device lock status. > > Should this be device-loc

Re: [U-Boot] [PATCH v3 15/20] tee: add sandbox driver

Hi Simon, I have one question inline below. On Fri, Sep 14, 2018 at 12:53 PM, Simon Glass wrote: > Hi Jens, > > On 3 September 2018 at 16:47, Jens Wiklander > wrote: >> Adds a sandboxtee driver which emulates a generic TEE with the OP-TEE > > sandbox tee > >>

Re: [U-Boot] [PATCH v3 05/20] mmc: rpmb: add mmc_rpmb_route_frames()

Hi Simon, On Fri, Sep 14, 2018 at 12:53 PM, Simon Glass wrote: > Hi Jens, > > On 3 September 2018 at 16:46, Jens Wiklander > wrote: >> Adds mmc_rpmb_route_frames() to route RPMB data frames from/to an >> external entity. >> >> Tested-by: Igor Opani

Re: [U-Boot] [PATCH 2/2] fdt: fdtdec_setup_memory_banksize() use livetree

Hi Simon, On Tue, Sep 18, 2018 at 4:05 AM, Simon Glass wrote: > Hi Jen, > > On 17 August 2018 at 14:48, Simon Glass wrote: >> >> On 10 August 2018 at 06:54, Jens Wiklander wrote: >> > Converts fdtdec_setup_memory_banksize() to use ofnode functions instead.

[U-Boot] [PATCH v3 18/20] test_avb: Update pymark.buildconfigspec information for the AVB tests

Update the pymark.buildconfigspec to depend on 'cmd_mmc' in addition to 'cmd_avb' for those tests that needs more a more complete MMC implementation or the "mmc" command. Signed-off-by: Jens Wiklander --- test/py/tests/test_avb.py | 8 +--- 1 file changed, 5 insertions(+), 3

[U-Boot] [PATCH v3 20/20] Kconfig: sandbox: enable cmd_avb and dependencies

Enables cmd_avb and its dependencies need to run the AVB tests. Signed-off-by: Jens Wiklander --- arch/Kconfig | 4 drivers/fastboot/Kconfig | 2 ++ 2 files changed, 6 insertions(+) diff --git a/arch/Kconfig b/arch/Kconfig index 8f10f3fc06e8..543362578f50 100644 --- a/arch

[U-Boot] [PATCH v3 16/20] test: tee: test TEE uclass

Tests the TEE uclass with a sandbox tee driver. Reviewed-by: Simon Glass Signed-off-by: Jens Wiklander --- test/dm/Makefile | 1 + test/dm/tee.c| 98 2 files changed, 99 insertions(+) create mode 100644 test/dm/tee.c diff --git a/test/dm

[U-Boot] [PATCH v3 19/20] avb_verify: support sandbox configuration

With CONFIG_SANDBOX malloc a buffer in get_sector_buf() and return that instead of returning CONFIG_FASTBOOT_BUF_ADDR since there's no such buffer reserved. Signed-off-by: Jens Wiklander --- include/avb_verify.h | 9 + 1 file changed, 9 insertions(+) diff --git a/include/avb_verify.h b

  1   2   >