@@ -260,14 +260,6 @@ qemuarmv5:
sgi575:
extends: .build
-tc1:
- extends: .build
- parallel:
- matrix:
- - TESTING: testimage
- tags:
- - x86_64
-
toolchains:
extends: .build
@@ -22,4 +22,3 @@ target:
- nativesdk-fvp-corstone1000
- nativesdk-fvp-n1-edge
- nativesdk-fvp-sgi575
- - nativesdk-fvp-tc1
deleted file mode 100644
@@ -1,11 +0,0 @@
-header:
- version: 14
- includes:
- - ci/base.yml
- - ci/fvp.yml
- - ci/meta-openembedded.yml
-
-machine: tc1
-
-target:
- - core-image-minimal
deleted file mode 100644
@@ -1,36 +0,0 @@
-TUNE_FEATURES = "aarch64"
-
-require conf/machine/include/arm/arch-armv8a.inc
-
-MACHINEOVERRIDES =. "tc:"
-
-# Das U-boot
-UBOOT_MACHINE ?= "total_compute_defconfig"
-UBOOT_RD_LOADADDRESS = "0x88000000"
-UBOOT_RD_ENTRYPOINT = "0x88000000"
-UBOOT_LOADADDRESS = "0x80080000"
-UBOOT_ENTRYPOINT = "0x80080000"
-
-PREFERRED_PROVIDER_virtual/kernel ?= "linux-yocto"
-
-# OP-TEE
-PREFERRED_VERSION_optee-os ?= "3.20%"
-PREFERRED_VERSION_optee-client ?= "3.20%"
-PREFERRED_VERSION_optee-test ?= "3.20%"
-
-# Cannot use the default zImage on arm64
-KERNEL_IMAGETYPE = "Image"
-KERNEL_IMAGETYPES += "fitImage"
-KERNEL_CLASSES = " kernel-fitimage "
-
-IMAGE_FSTYPES += "cpio.gz"
-INITRAMFS_IMAGE ?= "core-image-minimal"
-IMAGE_NAME_SUFFIX = ""
-
-SERIAL_CONSOLES = "115200;ttyAMA0"
-
-EXTRA_IMAGEDEPENDS += "trusted-firmware-a optee-os"
-PREFERRED_VERSION_trusted-firmware-a ?= "2.8.%"
-# FIXME - there is signed image dependency/race with testimage.
-# This should be fixed in oe-core
-TESTIMAGEDEPENDS:append = " virtual/kernel:do_deploy"
deleted file mode 100644
@@ -1,31 +0,0 @@
-# Configuration for TC1
-
-#@TYPE: Machine
-#@NAME: TC1
-#@DESCRIPTION: Machine configuration for TC1
-
-require conf/machine/include/tc.inc
-
-TEST_TARGET = "OEFVPTarget"
-TEST_SUITES = "fvp_boot"
-
-# FVP Config
-FVP_PROVIDER ?= "fvp-tc1-native"
-FVP_EXE ?= "FVP_TC1"
-
-# FVP Parameters
-FVP_CONFIG[css.scp.ROMloader.fname] ?= "scp_romfw.bin"
-FVP_CONFIG[css.trustedBootROMloader.fname] ?= "bl1-tc.bin"
-FVP_CONFIG[board.flashloader0.fname] ?= "fip_gpt-tc.bin"
-
-#FVP_CONFIG[board.hostbridge.userNetworking] ?= "true"
-#FVP_CONFIG[board.hostbridge.userNetPorts] ?= "2222=22"
-#smsc ethernet takes a very long time to come up. disable now to prevent testimage timeout
-#FVP_CONFIG[board.smsc_91c111.enabled] ?= "1"
-
-FVP_CONSOLE = "terminal_s1"
-FVP_TERMINALS[soc.terminal_s0] ?= "Secure Console"
-FVP_TERMINALS[soc.terminal_s1] ?= "Console"
-
-# Boot image
-FVP_DATA ?= "board.dram=fitImage-core-image-minimal-tc1-tc1@0x20000000"
deleted file mode 100644
@@ -1,32 +0,0 @@
-# TC1 Platform Support in meta-arm-bsp
-
-## Overview
-The Total Compute platform provides an envelope for all of Arm's latest IP and
-software solutions, optimised to work together. Further information can be
-found on the Total Compute community page:
-https://community.arm.com/developer/tools-software/oss-platforms/w/docs/606/total-compute
-
-The user guide for TC1 platform with detailed instructions for
-syncing and building the source code and running on TC1 Fixed Virtual Platform
-for poky and android distributions is available at:
-https://git.linaro.org/landing-teams/working/arm/arm-reference-platforms.git/tree/docs/tc1/user-guide.rst
-
-## Building
-In the local.conf file, MACHINE should be set as follows:
-MACHINE = "tc1"
-
-To build the required binaries for tc1, run the commmand:
-```bash$ bitbake tc-artifacts-image```
-
-Trusted-firmware-a is the final component to be built with the rest of the
-components dependent of it, therefore building tc-artifacts-image which depends
-on trusted-firmware-a will build all the required binaries.
-
-## Running
-To run the produced binaries in a TC1 Fixed Virtual Platform please get
-the run scripts at:
-https://git.linaro.org/landing-teams/working/arm/model-scripts.git/
-
-and follow the instructions in the user-guide.rst available in:
-https://git.linaro.org/landing-teams/working/arm/arm-reference-platforms.git/tree/docs/tc1/user-guide.rst
-
deleted file mode 100644
@@ -1,8 +0,0 @@
-# TC specific configuration
-
-COMPATIBLE_MACHINE = "(tc?)"
-HAFNIUM_PLATFORM = "secure_tc"
-
-do_compile() {
- PATH="${S}/prebuilts/linux-x64/clang/bin:$PATH" oe_runmake -C ${S}
-}
deleted file mode 100644
@@ -1,6 +0,0 @@
-# TC specific SCP configuration
-
-COMPATIBLE_MACHINE = "(tc1)"
-SCP_PRODUCT_GROUP = "totalcompute"
-
-FW_TARGETS = "scp"
deleted file mode 100644
@@ -1,134 +0,0 @@
-# TC0 specific TFA configuration
-
-DEPENDS += "scp-firmware util-linux-native gptfdisk-native"
-
-FILESEXTRAPATHS:prepend := "${THISDIR}/files/tc:"
-SRC_URI:append = " \
- file://generate_metadata.py \
- "
-
-COMPATIBLE_MACHINE = "(tc?)"
-
-TFA_PLATFORM = "tc"
-TFA_BUILD_TARGET = "all fip"
-TFA_UBOOT = "1"
-TFA_INSTALL_TARGET = "bl1 fip"
-TFA_MBEDTLS = "1"
-TFA_DEBUG = "1"
-
-TFA_SPD = "spmd"
-TFA_SPMD_SPM_AT_SEL2 = "1"
-
-TFA_TARGET_PLATFORM:tc0 = "0"
-TFA_TARGET_PLATFORM:tc1 = "1"
-
-EXTRA_OEMAKE += "TARGET_PLATFORM=${TFA_TARGET_PLATFORM}"
-
-# Set optee as SP. Set spmc manifest and sp layout file to optee
-DEPENDS += "optee-os"
-
-TFA_SP_LAYOUT_FILE = "${RECIPE_SYSROOT}/${nonarch_base_libdir}/firmware/sp_layout.json"
-TFA_ARM_SPMC_MANIFEST_DTS = "plat/arm/board/tc/fdts/tc_spmc_optee_sp_manifest.dts"
-
-EXTRA_OEMAKE += "SCP_BL2=${RECIPE_SYSROOT}/firmware/scp_ramfw.bin"
-EXTRA_OEMAKE += "TRUSTED_BOARD_BOOT=1 GENERATE_COT=1 ARM_ROTPK_LOCATION=devel_rsa \
- ROT_KEY=plat/arm/board/common/rotpk/arm_rotprivk_rsa.pem"
-EXTRA_OEMAKE += "PSA_FWU_SUPPORT=1 ARM_GPT_SUPPORT=1"
-EXTRA_OEMAKE += "CTX_INCLUDE_MTE_REGS=1"
-
-do_generate_gpt() {
- gpt_image="${BUILD_DIR}/fip_gpt.bin"
- fip_bin="${BUILD_DIR}/fip.bin"
- # the FIP partition type is not standardized, so generate one
- fip_type_uuid=`uuidgen --sha1 --namespace @dns --name "fip_type_uuid"`
- # metadata partition type UUID, specified by the document:
- # Platform Security Firmware Update for the A-profile Arm Architecture
- # version: 1.0BET0
- metadata_type_uuid="8a7a84a0-8387-40f6-ab41-a8b9a5a60d23"
- location_uuid=`uuidgen`
- FIP_A_uuid=`uuidgen`
- FIP_B_uuid=`uuidgen`
-
- # maximum FIP size 4MB. This is the current size of the FIP rounded up to an integer number of MB.
- fip_max_size=4194304
- fip_bin_size=$(stat -c %s $fip_bin)
- if [ $fip_max_size -lt $fip_bin_size ]; then
- bberror "FIP binary ($fip_bin_size bytes) is larger than the GPT partition ($fip_max_size bytes)"
- fi
-
- # maximum metadata size 512B. This is the current size of the metadata rounded up to an integer number of sectors.
- metadata_max_size=512
- metadata_file="${BUILD_DIR}/metadata.bin"
- python3 ${WORKDIR}/generate_metadata.py --metadata_file $metadata_file \
- --img_type_uuids $fip_type_uuid \
- --location_uuids $location_uuid \
- --img_uuids $FIP_A_uuid $FIP_B_uuid
-
- # create GPT image. The GPT contains 2 FIP partitions: FIP_A and FIP_B, and 2 metadata partitions: FWU-Metadata and Bkup-FWU-Metadata.
- # the GPT layout is the following:
- # -----------------------
- # Protective MBR
- # -----------------------
- # Primary GPT Header
- # -----------------------
- # FIP_A
- # -----------------------
- # FIP_B
- # -----------------------
- # FWU-Metadata
- # -----------------------
- # Bkup-FWU-Metadata
- # -----------------------
- # Secondary GPT Header
- # -----------------------
-
- sector_size=512
- gpt_header_size=33 # valid only for 512-byte sectors
- num_sectors_fip=`expr $fip_max_size / $sector_size`
- num_sectors_metadata=`expr $metadata_max_size / $sector_size`
- start_sector_1=`expr 1 + $gpt_header_size` # size of MBR is 1 sector
- start_sector_2=`expr $start_sector_1 + $num_sectors_fip`
- start_sector_3=`expr $start_sector_2 + $num_sectors_fip`
- start_sector_4=`expr $start_sector_3 + $num_sectors_metadata`
- num_sectors_gpt=`expr $start_sector_4 + $num_sectors_metadata + $gpt_header_size`
- gpt_size=`expr $num_sectors_gpt \* $sector_size`
-
- # create raw image
- dd if=/dev/zero of=$gpt_image bs=$gpt_size count=1
-
- # create the GPT layout
- sgdisk $gpt_image \
- --set-alignment 1 \
- --disk-guid $location_uuid \
- \
- --new 1:$start_sector_1:+$num_sectors_fip \
- --change-name 1:FIP_A \
- --typecode 1:$fip_type_uuid \
- --partition-guid 1:$FIP_A_uuid \
- \
- --new 2:$start_sector_2:+$num_sectors_fip \
- --change-name 2:FIP_B \
- --typecode 2:$fip_type_uuid \
- --partition-guid 2:$FIP_B_uuid \
- \
- --new 3:$start_sector_3:+$num_sectors_metadata \
- --change-name 3:FWU-Metadata \
- --typecode 3:$metadata_type_uuid \
- \
- --new 4:$start_sector_4:+$num_sectors_metadata \
- --change-name 4:Bkup-FWU-Metadata \
- --typecode 4:$metadata_type_uuid
-
- # populate the GPT partitions
- dd if=$fip_bin of=$gpt_image bs=$sector_size seek=$start_sector_1 count=$num_sectors_fip conv=notrunc
- dd if=$fip_bin of=$gpt_image bs=$sector_size seek=$start_sector_2 count=$num_sectors_fip conv=notrunc
- dd if=$metadata_file of=$gpt_image bs=$sector_size seek=$start_sector_3 count=$num_sectors_metadata conv=notrunc
- dd if=$metadata_file of=$gpt_image bs=$sector_size seek=$start_sector_4 count=$num_sectors_metadata conv=notrunc
-}
-
-addtask do_generate_gpt after do_compile before do_install
-
-do_install:append() {
- install -m 0644 ${BUILD_DIR}/fip_gpt.bin ${D}/firmware/fip_gpt-tc.bin
- ln -sf fip_gpt-tc.bin ${D}/firmware/fip_gpt.bin
-}
deleted file mode 100644
@@ -1,19 +0,0 @@
-require recipes-bsp/trusted-firmware-a/trusted-firmware-a.inc
-
-# TF-A v2.8.6
-SRCREV_tfa = "ff0bd5f9bb2ba2f31fb9cec96df917747af9e92d"
-SRCBRANCH = "lts-v2.8"
-
-SRC_URI += "file://rwx-segments.patch"
-
-LIC_FILES_CHKSUM += "file://docs/license.rst;md5=b2c740efedc159745b9b31f88ff03dde"
-
-# mbed TLS v2.28.2
-SRC_URI_MBEDTLS = "git://github.com/ARMmbed/mbedtls.git;name=mbedtls;protocol=https;destsuffix=git/mbedtls;branch=mbedtls-2.28"
-SRCREV_mbedtls = "89f040a5c938985c5f30728baed21e49d0846a53"
-
-LIC_FILES_CHKSUM_MBEDTLS = "file://mbedtls/LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57"
-
-do_compile:prepend() {
- sed -i '/^LDLIBS/ s,$, \$\{BUILD_LDFLAGS},' ${S}/tools/fiptool/Makefile
-}
deleted file mode 100644
@@ -1,5 +0,0 @@
-# TC0 and TC1 specific U-boot support
-
-SRC_URI:append = " \
- file://bootargs.cfg \
- "
deleted file mode 100644
@@ -1,120 +0,0 @@
-From f449f6fdcbd987e18a26f0daeccfa447fe76821a Mon Sep 17 00:00:00 2001
-From: Olivier Deprez <olivier.deprez@arm.com>
-Date: Mon, 16 Nov 2020 10:14:02 +0100
-Subject: [PATCH] WIP: Enable managed exit
-
-This change declares OP-TEE SP as supporting managed exit in response to
-a NS interrupt triggering while the SWd runs.
-
-At init OP-TEE enables (HF_INTERRUPT_ENABLE) the managed exit virtual
-interrupt through the Hafnium para-virtualized interface.
-
-Physical interrupts are trapped to the SPMC which injects a managed exit
-interrupt to OP-TEE. The managed exit interrupt is acknowledged by
-OP-TEE by HF_INTERUPT_GET hvc call.
-
-Note: this code change is meant with in mind the SPMC runs at SEL2. It
-needs slight refactoring such that it does not break the SEL1 SPMC
-configuration.
-
-Change-Id: I9a95f36cf517c11048ff04680007f40259c4f636
-Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
-Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
-
-Upstream-Status: Pending [Not submitted to upstream yet]
-Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
-
----
- core/arch/arm/kernel/boot.c | 12 ++++++++++++
- core/arch/arm/kernel/thread_a64.S | 11 ++++++++++-
- core/arch/arm/kernel/thread_spmc.c | 11 +++++++++++
- .../arm/plat-totalcompute/fdts/optee_sp_manifest.dts | 1 +
- 4 files changed, 34 insertions(+), 1 deletion(-)
-
-diff --git a/core/arch/arm/kernel/boot.c b/core/arch/arm/kernel/boot.c
-index dd34173e8..7d2ac74e8 100644
---- a/core/arch/arm/kernel/boot.c
-+++ b/core/arch/arm/kernel/boot.c
-@@ -1424,6 +1424,18 @@ static void init_secondary_helper(unsigned long nsec_entry)
- init_vfp_sec();
- init_vfp_nsec();
-
-+ /* Enable managed exit interrupt for secondary core. */
-+ __asm__ volatile (
-+ "mov x0, %0;"
-+ "mov x1, %1;"
-+ "mov x2, %2;"
-+ "mov x3, %3;"
-+ "hvc #0"
-+ : : "i" (0xff03), "i" (4), "i" (1), "i" (1));
-+
-+ IMSG("%s core %lu: enabled managed exit interrupt.",
-+ __func__, get_core_pos());
-+
- IMSG("Secondary CPU %zu switching to normal world boot", get_core_pos());
- }
-
-diff --git a/core/arch/arm/kernel/thread_a64.S b/core/arch/arm/kernel/thread_a64.S
-index 4fa97de24..4facc7631 100644
---- a/core/arch/arm/kernel/thread_a64.S
-+++ b/core/arch/arm/kernel/thread_a64.S
-@@ -1162,6 +1162,14 @@ END_FUNC el0_sync_abort
- bl dcache_op_louis
- ic iallu
- #endif
-+
-+ /* HF_INTERRUPT_GET */
-+ mov x0, #0xff04
-+ hvc #0
-+ /* Expect managed exit interrupt */
-+ cmp x0, #4
-+ bne .
-+
- /*
- * Mark current thread as suspended
- */
-@@ -1318,8 +1326,9 @@ LOCAL_FUNC elx_irq , :
- #endif
- END_FUNC elx_irq
-
-+#define HF_MANAGED_EXIT 1
- LOCAL_FUNC elx_fiq , :
--#if defined(CFG_ARM_GICV3)
-+#if defined(CFG_ARM_GICV3) || defined (HF_MANAGED_EXIT)
- foreign_intr_handler fiq
- #else
- native_intr_handler fiq
-diff --git a/core/arch/arm/kernel/thread_spmc.c b/core/arch/arm/kernel/thread_spmc.c
-index 3b4ac0b4e..8f7c18dfa 100644
---- a/core/arch/arm/kernel/thread_spmc.c
-+++ b/core/arch/arm/kernel/thread_spmc.c
-@@ -1517,6 +1517,17 @@ static TEE_Result spmc_init(void)
- my_endpoint_id = spmc_get_id();
- DMSG("My endpoint ID %#x", my_endpoint_id);
-
-+ /* Enable managed exit interrupt for boot core. */
-+ __asm__ volatile (
-+ "mov x0, %0;"
-+ "mov x1, %1;"
-+ "mov x2, %2;"
-+ "mov x3, %3;"
-+ "hvc #0"
-+ : : "i" (0xff03), "i" (4), "i" (1), "i" (1));
-+
-+ IMSG("%s enabled managed exit interrupt.", __func__);
-+
- return TEE_SUCCESS;
- }
- #endif /* !defined(CFG_CORE_SEL1_SPMC) */
-diff --git a/core/arch/arm/plat-totalcompute/fdts/optee_sp_manifest.dts b/core/arch/arm/plat-totalcompute/fdts/optee_sp_manifest.dts
-index 3ebbaddc8..56e69f372 100644
---- a/core/arch/arm/plat-totalcompute/fdts/optee_sp_manifest.dts
-+++ b/core/arch/arm/plat-totalcompute/fdts/optee_sp_manifest.dts
-@@ -24,6 +24,7 @@
- xlat-granule = <0>; /* 4KiB */
- boot-order = <0>;
- messaging-method = <0x3>; /* Direct request/response supported */
-+ managed-exit; /* Managed exit supported */
-
- device-regions {
- compatible = "arm,ffa-manifest-device-regions";
deleted file mode 100644
@@ -1,34 +0,0 @@
-From 5ddda749c60dce834bcd79e8b8d904858319adc0 Mon Sep 17 00:00:00 2001
-From: Rupinderjit Singh <rupinderjit.singh@arm.com>
-Date: Tue, 7 Feb 2023 09:45:02 +0000
-Subject: [PATCH] plat-totalcompute: update TZDRAM_SIZE
-
-For CFG_CORE_SEL2_SPMC, manifest size is increased from 0x1000 to
-0x4000 for boot protocol support.
-
-Signed-off-by: Rupinderjit Singh <rupinderjit.singh@arm.com>
-Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
-
-Upstream-Status: Backport
-Signed-off-by: Jon Mason <jon.mason@arm.com>
-
----
- core/arch/arm/plat-totalcompute/conf.mk | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/core/arch/arm/plat-totalcompute/conf.mk b/core/arch/arm/plat-totalcompute/conf.mk
-index b39ac0f0667f..2f6c0ee1460a 100644
---- a/core/arch/arm/plat-totalcompute/conf.mk
-+++ b/core/arch/arm/plat-totalcompute/conf.mk
-@@ -32,8 +32,9 @@ ifeq ($(CFG_CORE_SEL1_SPMC),y)
- CFG_TZDRAM_START ?= 0xfd000000
- CFG_TZDRAM_SIZE ?= 0x02000000
- else ifeq ($(CFG_CORE_SEL2_SPMC),y)
--CFG_TZDRAM_START ?= 0xfd281000
--CFG_TZDRAM_SIZE ?= 0x01d7f000
-+CFG_TZDRAM_START ?= 0xfd284000
-+# TZDRAM size 0x1980000 - 0x4000 manifest size
-+CFG_TZDRAM_SIZE ?= 0x0197c000
- else
- CFG_TZDRAM_START ?= 0xff000000
- CFG_TZDRAM_SIZE ?= 0x01000000
deleted file mode 100644
@@ -1,55 +0,0 @@
-From 73bef38c5697cd6bd3ddbe9046681087f4f6454e Mon Sep 17 00:00:00 2001
-From: Ben Horgan <ben.horgan@arm.com>
-Date: Thu, 27 Jan 2022 10:33:04 +0000
-Subject: [PATCH] xtest: Limit tests to a single thread
-
-Signed-off-by: Ben Horgan <ben.horgan@arm.com>
-Upstream-Status: Inappropriate [Workaround for intermittent failures]
----
- host/xtest/regression_1000.c | 2 +-
- host/xtest/regression_2000.c | 2 +-
- host/xtest/regression_6000.c | 2 +-
- 3 files changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/host/xtest/regression_1000.c b/host/xtest/regression_1000.c
-index 9ee9d02..82d1def 100644
---- a/host/xtest/regression_1000.c
-+++ b/host/xtest/regression_1000.c
-@@ -1080,7 +1080,7 @@ static void *test_1013_thread(void *arg)
- return NULL;
- }
-
--#define NUM_THREADS 3
-+#define NUM_THREADS 1
-
- static void xtest_tee_test_1013_single(ADBG_Case_t *c, double *mean_concurrency,
- const TEEC_UUID *uuid)
-diff --git a/host/xtest/regression_2000.c b/host/xtest/regression_2000.c
-index 0591a42..a9f4b95 100644
---- a/host/xtest/regression_2000.c
-+++ b/host/xtest/regression_2000.c
-@@ -499,7 +499,7 @@ out:
- return NULL;
- }
-
--#define NUM_THREADS 3
-+#define NUM_THREADS 1
-
- static void xtest_tee_test_2002(ADBG_Case_t *c)
- {
-diff --git a/host/xtest/regression_6000.c b/host/xtest/regression_6000.c
-index ca1c254..d67ea7f 100644
---- a/host/xtest/regression_6000.c
-+++ b/host/xtest/regression_6000.c
-@@ -1568,7 +1568,7 @@ exit:
- }
-
-
--#define NUM_THREADS 4
-+#define NUM_THREADS 1
- static void xtest_tee_test_6016_loop(ADBG_Case_t *c, uint32_t storage_id)
- {
- struct test_6016_thread_arg arg[NUM_THREADS] = { };
-2.17.1
-
deleted file mode 100644
@@ -1,7 +0,0 @@
-require recipes-security/optee/optee-client.inc
-
-SRCREV = "dd2d39b49975d2ada7870fe2b7f5a84d0d3860dc"
-
-inherit pkgconfig
-DEPENDS += "util-linux"
-EXTRA_OEMAKE += "PKG_CONFIG=pkg-config"
deleted file mode 100644
@@ -1,34 +0,0 @@
-From 843eb2ef918d5ae3d09de088110cb026ca25306b Mon Sep 17 00:00:00 2001
-From: Ross Burton <ross.burton@arm.com>
-Date: Tue, 26 May 2020 14:38:02 -0500
-Subject: [PATCH] allow setting sysroot for libgcc lookup
-
-Explicitly pass the new variable LIBGCC_LOCATE_CFLAGS variable when searching
-for the compiler libraries as there's no easy way to reliably pass --sysroot
-otherwise.
-
-Upstream-Status: Pending [https://github.com/OP-TEE/optee_os/issues/4188]
-Signed-off-by: Ross Burton <ross.burton@arm.com>
----
- mk/gcc.mk | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/mk/gcc.mk b/mk/gcc.mk
-index adc77a24f25e..81bfa78ad8d7 100644
---- a/mk/gcc.mk
-+++ b/mk/gcc.mk
-@@ -13,11 +13,11 @@ nostdinc$(sm) := -nostdinc -isystem $(shell $(CC$(sm)) \
- -print-file-name=include 2> /dev/null)
-
- # Get location of libgcc from gcc
--libgcc$(sm) := $(shell $(CC$(sm)) $(CFLAGS$(arch-bits-$(sm))) \
-+libgcc$(sm) := $(shell $(CC$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CFLAGS$(arch-bits-$(sm))) \
- -print-libgcc-file-name 2> /dev/null)
--libstdc++$(sm) := $(shell $(CXX$(sm)) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \
-+libstdc++$(sm) := $(shell $(CXX$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \
- -print-file-name=libstdc++.a 2> /dev/null)
--libgcc_eh$(sm) := $(shell $(CXX$(sm)) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \
-+libgcc_eh$(sm) := $(shell $(CXX$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CXXFLAGS$(arch-bits-$(sm))) $(comp-cxxflags$(sm)) \
- -print-file-name=libgcc_eh.a 2> /dev/null)
-
- # Define these to something to discover accidental use
deleted file mode 100644
@@ -1,29 +0,0 @@
-From 0ca5ef7c8256dbd9690a01a82397bc16a123e179 Mon Sep 17 00:00:00 2001
-From: Brett Warren <brett.warren@arm.com>
-Date: Wed, 23 Sep 2020 09:27:34 +0100
-Subject: [PATCH] optee: enable clang support
-
-When compiling with clang, the LIBGCC_LOCATE_CFLAG variable used
-to provide a sysroot wasn't included, which results in not locating
-compiler-rt. This is mitigated by including the variable as ammended.
-
-Upstream-Status: Pending
-ChangeId: 8ba69a4b2eb8ebaa047cb266c9aa6c2c3da45701
-Signed-off-by: Brett Warren <brett.warren@arm.com>
----
- mk/clang.mk | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/mk/clang.mk b/mk/clang.mk
-index a045beee8482..1ebe2f702dcd 100644
---- a/mk/clang.mk
-+++ b/mk/clang.mk
-@@ -30,7 +30,7 @@ comp-cflags-warns-clang := -Wno-language-extension-token \
-
- # Note, use the compiler runtime library (libclang_rt.builtins.*.a) instead of
- # libgcc for clang
--libgcc$(sm) := $(shell $(CC$(sm)) $(CFLAGS$(arch-bits-$(sm))) \
-+libgcc$(sm) := $(shell $(CC$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CFLAGS$(arch-bits-$(sm))) \
- -rtlib=compiler-rt -print-libgcc-file-name 2> /dev/null)
-
- # Core ASLR relies on the executable being ready to run from its preferred load
deleted file mode 100644
@@ -1,62 +0,0 @@
-From 741df4df0ec7b69b0573cff265dc1ae7cb70b55c Mon Sep 17 00:00:00 2001
-From: Jerome Forissier <jerome.forissier@linaro.org>
-Date: Fri, 5 Aug 2022 09:48:03 +0200
-Subject: [PATCH] core: link: add --no-warn-rwx-segments
-
-Signed-off-by: Anton Antonov <Anton.Antonov@arm.com>
-Upstream-Status: Backport [https://github.com/OP-TEE/optee_os/pull/5474]
-
-binutils ld.bfd generates one RWX LOAD segment by merging several sections
-with mixed R/W/X attributes (.text, .rodata, .data). After version 2.38 it
-also warns by default when that happens [1], which breaks the build due to
---fatal-warnings. The RWX segment is not a problem for the TEE core, since
-that information is not used to set memory permissions. Therefore, silence
-the warning.
-
-Link: [1] https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=ba951afb99912da01a6e8434126b8fac7aa75107
-Link: https://sourceware.org/bugzilla/show_bug.cgi?id=29448
-Reported-by: Dominique Martinet <dominique.martinet@atmark-techno.com>
-Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
-Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
----
- core/arch/arm/kernel/link.mk | 6 ++++--
- 1 file changed, 4 insertions(+), 2 deletions(-)
-
-diff --git a/core/arch/arm/kernel/link.mk b/core/arch/arm/kernel/link.mk
-index 0e96e606cd9d..3fbcb6804c6f 100644
---- a/core/arch/arm/kernel/link.mk
-+++ b/core/arch/arm/kernel/link.mk
-@@ -37,6 +37,7 @@ link-ldflags += --sort-section=alignment
- link-ldflags += --fatal-warnings
- link-ldflags += --gc-sections
- link-ldflags += $(link-ldflags-common)
-+link-ldflags += $(call ld-option,--no-warn-rwx-segments)
-
- link-ldadd = $(LDADD)
- link-ldadd += $(ldflags-external)
-@@ -61,6 +62,7 @@ link-script-cppflags := \
- $(cppflagscore))
-
- ldargs-all_objs := -T $(link-script-dummy) --no-check-sections \
-+ $(call ld-option,--no-warn-rwx-segments) \
- $(link-ldflags-common) \
- $(link-objs) $(link-ldadd) $(libgcccore)
- cleanfiles += $(link-out-dir)/all_objs.o
-@@ -75,7 +77,7 @@ $(link-out-dir)/unpaged_entries.txt: $(link-out-dir)/all_objs.o
- $(AWK) '/ ____keep_pager/ { printf "-u%s ", $$3 }' > $@
-
- unpaged-ldargs := -T $(link-script-dummy) --no-check-sections --gc-sections \
-- $(link-ldflags-common)
-+ $(link-ldflags-common) $(call ld-option,--no-warn-rwx-segments)
- unpaged-ldadd := $(objs) $(link-ldadd) $(libgcccore)
- cleanfiles += $(link-out-dir)/unpaged.o
- $(link-out-dir)/unpaged.o: $(link-out-dir)/unpaged_entries.txt
-@@ -104,7 +106,7 @@ $(link-out-dir)/init_entries.txt: $(link-out-dir)/all_objs.o
- $(AWK) '/ ____keep_init/ { printf "-u%s ", $$3 }' > $@
-
- init-ldargs := -T $(link-script-dummy) --no-check-sections --gc-sections \
-- $(link-ldflags-common)
-+ $(link-ldflags-common) $(call ld-option,--no-warn-rwx-segments)
- init-ldadd := $(link-objs-init) $(link-out-dir)/version.o $(link-ldadd) \
- $(libgcccore)
- cleanfiles += $(link-out-dir)/init.o
deleted file mode 100644
@@ -1,240 +0,0 @@
-From 162493e5b212b9d7391669a55be09b69b97a9cf8 Mon Sep 17 00:00:00 2001
-From: Emekcan Aras <emekcan.aras@arm.com>
-Date: Wed, 21 Dec 2022 10:55:58 +0000
-Subject: [PATCH] core: Define section attributes for clang
-
-Clang's attribute section is not same as gcc, here we need to add flags
-to sections so they can be eventually collected by linker into final
-output segments. Only way to do so with clang is to use
-
-pragma clang section ...
-
-The behavious is described here [1], this allows us to define names bss
-sections. This was not an issue until clang-15 where LLD linker starts
-to detect the section flags before merging them and throws the following
-errors
-
-| ld.lld: error: section type mismatch for .nozi.kdata_page
-| >>> /mnt/b/yoe/master/build/tmp/work/qemuarm64-yoe-linux/optee-os-tadevkit/3.17.0-r0/build/core/arch/arm/kernel/thread.o:(.nozi.kdata_page): SHT_PROGBITS
-| >>> output section .nozi: SHT_NOBITS
-|
-| ld.lld: error: section type mismatch for .nozi.mmu.l2
-| >>> /mnt/b/yoe/master/build/tmp/work/qemuarm64-yoe-linux/optee-os-tadevkit/3.17.0-r0/build/core/arch/arm/mm/core_mmu_lpae.o:(.nozi.mmu.l2): SHT_PROGBITS
-| >>> output section .nozi: SHT_NOBITS
-
-These sections should be carrying SHT_NOBITS but so far it was not
-possible to do so, this patch tries to use clangs pragma to get this
-going and match the functionality with gcc.
-
-[1] https://intel.github.io/llvm-docs/clang/LanguageExtensions.html#specifying-section-names-for-global-objects-pragma-clang-section
-
-Upstream-Status: Pending
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
- core/arch/arm/kernel/thread.c | 19 +++++++++++++++--
- core/arch/arm/mm/core_mmu_lpae.c | 35 +++++++++++++++++++++++++++----
- core/arch/arm/mm/core_mmu_v7.c | 36 +++++++++++++++++++++++++++++---
- core/arch/arm/mm/pgt_cache.c | 12 ++++++++++-
- core/kernel/thread.c | 13 +++++++++++-
- 5 files changed, 104 insertions(+), 11 deletions(-)
-
-diff --git a/core/arch/arm/kernel/thread.c b/core/arch/arm/kernel/thread.c
-index 1cf76a0ca690..1e7f9f96b558 100644
---- a/core/arch/arm/kernel/thread.c
-+++ b/core/arch/arm/kernel/thread.c
-@@ -44,15 +44,30 @@ static size_t thread_user_kcode_size __nex_bss;
- #if defined(CFG_CORE_UNMAP_CORE_AT_EL0) && \
- defined(CFG_CORE_WORKAROUND_SPECTRE_BP_SEC) && defined(ARM64)
- long thread_user_kdata_sp_offset __nex_bss;
-+#ifdef __clang__
-+#ifndef CFG_VIRTUALIZATION
-+#pragma clang section bss=".nozi.kdata_page"
-+#else
-+#pragma clang section bss=".nex_nozi.kdata_page"
-+#endif
-+#endif
- static uint8_t thread_user_kdata_page[
- ROUNDUP(sizeof(struct thread_core_local) * CFG_TEE_CORE_NB_CORE,
- SMALL_PAGE_SIZE)]
- __aligned(SMALL_PAGE_SIZE)
-+#ifndef __clang__
- #ifndef CFG_VIRTUALIZATION
-- __section(".nozi.kdata_page");
-+ __section(".nozi.kdata_page")
- #else
-- __section(".nex_nozi.kdata_page");
-+ __section(".nex_nozi.kdata_page")
- #endif
-+#endif
-+ ;
-+#endif
-+
-+/* reset BSS section to default ( .bss ) */
-+#ifdef __clang__
-+#pragma clang section bss=""
- #endif
-
- #ifdef ARM32
-diff --git a/core/arch/arm/mm/core_mmu_lpae.c b/core/arch/arm/mm/core_mmu_lpae.c
-index 3f08eec623f3..e6dc9261c41e 100644
---- a/core/arch/arm/mm/core_mmu_lpae.c
-+++ b/core/arch/arm/mm/core_mmu_lpae.c
-@@ -233,19 +233,46 @@ typedef uint16_t l1_idx_t;
- typedef uint64_t base_xlat_tbls_t[CFG_TEE_CORE_NB_CORE][NUM_BASE_LEVEL_ENTRIES];
- typedef uint64_t xlat_tbl_t[XLAT_TABLE_ENTRIES];
-
-+#ifdef __clang__
-+#pragma clang section bss=".nozi.mmu.base_table"
-+#endif
- static base_xlat_tbls_t base_xlation_table[NUM_BASE_TABLES]
- __aligned(NUM_BASE_LEVEL_ENTRIES * XLAT_ENTRY_SIZE)
-- __section(".nozi.mmu.base_table");
-+#ifndef __clang__
-+ __section(".nozi.mmu.base_table")
-+#endif
-+;
-+#ifdef __clang__
-+#pragma clang section bss=""
-+#endif
-
-+#ifdef __clang__
-+#pragma clang section bss=".nozi.mmu.l2"
-+#endif
- static xlat_tbl_t xlat_tables[MAX_XLAT_TABLES]
-- __aligned(XLAT_TABLE_SIZE) __section(".nozi.mmu.l2");
-+ __aligned(XLAT_TABLE_SIZE)
-+#ifndef __clang__
-+ __section(".nozi.mmu.l2")
-+#endif
-+;
-+#ifdef __clang__
-+#pragma clang section bss=""
-+#endif
-
- #define XLAT_TABLES_SIZE (sizeof(xlat_tbl_t) * MAX_XLAT_TABLES)
-
-+#ifdef __clang__
-+#pragma clang section bss=".nozi.mmu.l2"
-+#endif
- /* MMU L2 table for TAs, one for each thread */
- static xlat_tbl_t xlat_tables_ul1[CFG_NUM_THREADS]
-- __aligned(XLAT_TABLE_SIZE) __section(".nozi.mmu.l2");
--
-+#ifndef __clang__
-+ __aligned(XLAT_TABLE_SIZE) __section(".nozi.mmu.l2")
-+#endif
-+;
-+#ifdef __clang__
-+#pragma clang section bss=""
-+#endif
- /*
- * TAs page table entry inside a level 1 page table.
- *
-diff --git a/core/arch/arm/mm/core_mmu_v7.c b/core/arch/arm/mm/core_mmu_v7.c
-index cd85bd22d385..3e18f54f6cf8 100644
---- a/core/arch/arm/mm/core_mmu_v7.c
-+++ b/core/arch/arm/mm/core_mmu_v7.c
-@@ -204,16 +204,46 @@ typedef uint32_t l1_xlat_tbl_t[NUM_L1_ENTRIES];
- typedef uint32_t l2_xlat_tbl_t[NUM_L2_ENTRIES];
- typedef uint32_t ul1_xlat_tbl_t[NUM_UL1_ENTRIES];
-
-+#ifdef __clang__
-+#pragma clang section bss=".nozi.mmu.l1"
-+#endif
- static l1_xlat_tbl_t main_mmu_l1_ttb
-- __aligned(L1_ALIGNMENT) __section(".nozi.mmu.l1");
-+ __aligned(L1_ALIGNMENT)
-+#ifndef __clang__
-+ __section(".nozi.mmu.l1")
-+#endif
-+;
-+#ifdef __clang__
-+#pragma clang section bss=""
-+#endif
-
- /* L2 MMU tables */
-+#ifdef __clang__
-+#pragma clang section bss=".nozi.mmu.l2"
-+#endif
- static l2_xlat_tbl_t main_mmu_l2_ttb[MAX_XLAT_TABLES]
-- __aligned(L2_ALIGNMENT) __section(".nozi.mmu.l2");
-+ __aligned(L2_ALIGNMENT)
-+#ifndef __clang__
-+ __section(".nozi.mmu.l2")
-+#endif
-+;
-+#ifdef __clang__
-+#pragma clang section bss=""
-+#endif
-
- /* MMU L1 table for TAs, one for each thread */
-+#ifdef __clang__
-+#pragma clang section bss=".nozi.mmu.ul1"
-+#endif
- static ul1_xlat_tbl_t main_mmu_ul1_ttb[CFG_NUM_THREADS]
-- __aligned(UL1_ALIGNMENT) __section(".nozi.mmu.ul1");
-+ __aligned(UL1_ALIGNMENT)
-+#ifndef __clang__
-+ __section(".nozi.mmu.ul1")
-+#endif
-+;
-+#ifdef __clang__
-+#pragma clang section bss=""
-+#endif
-
- struct mmu_partition {
- l1_xlat_tbl_t *l1_table;
-diff --git a/core/arch/arm/mm/pgt_cache.c b/core/arch/arm/mm/pgt_cache.c
-index 79553c6d2183..b9efdf42780b 100644
---- a/core/arch/arm/mm/pgt_cache.c
-+++ b/core/arch/arm/mm/pgt_cache.c
-@@ -410,8 +410,18 @@ void pgt_init(void)
- * has a large alignment, while .bss has a small alignment. The current
- * link script is optimized for small alignment in .bss
- */
-+#ifdef __clang__
-+#pragma clang section bss=".nozi.mmu.l2"
-+#endif
- static uint8_t pgt_tables[PGT_CACHE_SIZE][PGT_SIZE]
-- __aligned(PGT_SIZE) __section(".nozi.pgt_cache");
-+ __aligned(PGT_SIZE)
-+#ifndef __clang__
-+ __section(".nozi.pgt_cache")
-+#endif
-+ ;
-+#ifdef __clang__
-+#pragma clang section bss=""
-+#endif
- size_t n;
-
- for (n = 0; n < ARRAY_SIZE(pgt_tables); n++) {
-diff --git a/core/kernel/thread.c b/core/kernel/thread.c
-index d1f2f3823be7..8de124ae5357 100644
---- a/core/kernel/thread.c
-+++ b/core/kernel/thread.c
-@@ -38,13 +38,24 @@ struct thread_core_local thread_core_local[CFG_TEE_CORE_NB_CORE] __nex_bss;
- name[stack_num][sizeof(name[stack_num]) / sizeof(uint32_t) - 1]
- #endif
-
-+#define DO_PRAGMA(x) _Pragma (#x)
-+
-+#ifdef __clang__
-+#define DECLARE_STACK(name, num_stacks, stack_size, linkage) \
-+DO_PRAGMA (clang section bss=".nozi_stack." #name) \
-+linkage uint32_t name[num_stacks] \
-+ [ROUNDUP(stack_size + STACK_CANARY_SIZE + STACK_CHECK_EXTRA, \
-+ STACK_ALIGNMENT) / sizeof(uint32_t)] \
-+ __attribute__((aligned(STACK_ALIGNMENT))); \
-+DO_PRAGMA(clang section bss="")
-+#else
- #define DECLARE_STACK(name, num_stacks, stack_size, linkage) \
- linkage uint32_t name[num_stacks] \
- [ROUNDUP(stack_size + STACK_CANARY_SIZE + STACK_CHECK_EXTRA, \
- STACK_ALIGNMENT) / sizeof(uint32_t)] \
- __attribute__((section(".nozi_stack." # name), \
- aligned(STACK_ALIGNMENT)))
--
-+#endif
- #define GET_STACK(stack) ((vaddr_t)(stack) + STACK_SIZE(stack))
-
- DECLARE_STACK(stack_tmp, CFG_TEE_CORE_NB_CORE, STACK_TMP_SIZE,
deleted file mode 100644
@@ -1,89 +0,0 @@
-From d0e32b6e202cde672c2b38dc568122a52be716b4 Mon Sep 17 00:00:00 2001
-From: Jens Wiklander <jens.wiklander@linaro.org>
-Date: Mon, 21 Nov 2022 18:17:33 +0100
-Subject: [PATCH] core: arm: S-EL1 SPMC: boot ABI update
-
-Updates the boot ABI for S-EL1 SPMC to align better with other SPMCs,
-like Hafnium, but also with the non-FF-A configuration.
-
-Register usage:
-X0 - TOS FW config [1] address, if not NULL
-X2 - System DTB, if not NULL
-
-Adds check in the default get_aslr_seed() to see if the system DTB is
-present before trying to read kaslr-seed from secure-chosen.
-
-Note that this is an incompatible change and requires corresponding
-change in TF-A ("feat(qemu): update abi between spmd and spmc") [2].
-
-[1] A TF-A concept: TOS_FW_CONFIG - Trusted OS Firmware configuration
- file. Used by Trusted OS (BL32), that is, OP-TEE in this case
-Link: [2] https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/commit/?id=25ae7ad1878244f78206cc7c91f7bdbd267331a1
-
-Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
-Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
-
-Upstream-Status: Backport [f1f431c7a92671b4fa397976d381cc5ad8adacc4]
-Signed-off-by: Gyorgy Szing <Gyorgy.Szing@arm.com>
----
- core/arch/arm/kernel/boot.c | 8 +++++++-
- core/arch/arm/kernel/entry_a64.S | 17 ++++++++---------
- 2 files changed, 15 insertions(+), 10 deletions(-)
-
-diff --git a/core/arch/arm/kernel/boot.c b/core/arch/arm/kernel/boot.c
-index dd34173e838d..e02c02b6097d 100644
---- a/core/arch/arm/kernel/boot.c
-+++ b/core/arch/arm/kernel/boot.c
-@@ -1502,11 +1502,17 @@ struct ns_entry_context *boot_core_hpen(void)
- #if defined(CFG_DT)
- unsigned long __weak get_aslr_seed(void *fdt)
- {
-- int rc = fdt_check_header(fdt);
-+ int rc = 0;
- const uint64_t *seed = NULL;
- int offs = 0;
- int len = 0;
-
-+ if (!fdt) {
-+ DMSG("No fdt");
-+ goto err;
-+ }
-+
-+ rc = fdt_check_header(fdt);
- if (rc) {
- DMSG("Bad fdt: %d", rc);
- goto err;
-diff --git a/core/arch/arm/kernel/entry_a64.S b/core/arch/arm/kernel/entry_a64.S
-index 4c6e9d75ca45..047ae1f25cc9 100644
---- a/core/arch/arm/kernel/entry_a64.S
-+++ b/core/arch/arm/kernel/entry_a64.S
-@@ -143,21 +143,20 @@
- .endm
-
- FUNC _start , :
--#if defined(CFG_CORE_SEL1_SPMC)
- /*
-- * With OP-TEE as SPMC at S-EL1 the SPMD (SPD_spmd) in TF-A passes
-- * the DTB in x0, pagaeble part in x1 and the rest of the registers
-- * are unused
-+ * If CFG_CORE_FFA is enabled, then x0 if non-NULL holds the TOS FW
-+ * config [1] address, else x0 if non-NULL holds the pagable part
-+ * address.
-+ *
-+ * [1] A TF-A concept: TOS_FW_CONFIG - Trusted OS Firmware
-+ * configuration file. Used by Trusted OS (BL32), that is, OP-TEE
-+ * here.
- */
-- mov x19, x1 /* Save pagable part */
-- mov x20, x0 /* Save DT address */
--#else
-- mov x19, x0 /* Save pagable part address */
-+ mov x19, x0
- #if defined(CFG_DT_ADDR)
- ldr x20, =CFG_DT_ADDR
- #else
- mov x20, x2 /* Save DT address */
--#endif
- #endif
-
- adr x0, reset_vect_table
deleted file mode 100644
@@ -1,247 +0,0 @@
-From 9da324001fd93e1b3d9bca076e4afddbb5cac289 Mon Sep 17 00:00:00 2001
-From: Balint Dobszay <balint.dobszay@arm.com>
-Date: Fri, 10 Feb 2023 11:07:27 +0100
-Subject: [PATCH] core: ffa: add TOS_FW_CONFIG handling
-
-At boot TF-A passes two DT addresses (HW_CONFIG and TOS_FW_CONFIG), but
-currently only the HW_CONFIG address is saved, the other one is dropped.
-This commit adds functionality to save the TOS_FW_CONFIG too, so we can
-retrieve it later. This is necessary for the CFG_CORE_SEL1_SPMC use
-case, because the SPMC manifest is passed in this DT.
-
-Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
-Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>
-
-Upstream-Status: Backport [809fa817ae6331d98b55f7afaa3c20f8407822e4]
-Signed-off-by: Gyorgy Szing <Gyorgy.Szing@arm.com>
----
- core/arch/arm/kernel/boot.c | 60 ++++++++++++++++++++++-
- core/arch/arm/kernel/entry_a32.S | 3 +-
- core/arch/arm/kernel/entry_a64.S | 13 ++++-
- core/arch/arm/kernel/link_dummies_paged.c | 4 +-
- core/arch/arm/kernel/secure_partition.c | 2 +-
- core/include/kernel/boot.h | 7 ++-
- 6 files changed, 81 insertions(+), 8 deletions(-)
-
-diff --git a/core/arch/arm/kernel/boot.c b/core/arch/arm/kernel/boot.c
-index e02c02b6097d..98e13c072d8e 100644
---- a/core/arch/arm/kernel/boot.c
-+++ b/core/arch/arm/kernel/boot.c
-@@ -1,6 +1,7 @@
- // SPDX-License-Identifier: BSD-2-Clause
- /*
- * Copyright (c) 2015-2022, Linaro Limited
-+ * Copyright (c) 2023, Arm Limited
- */
-
- #include <arm.h>
-@@ -83,6 +84,9 @@ struct dt_descriptor {
- };
-
- static struct dt_descriptor external_dt __nex_bss;
-+#ifdef CFG_CORE_SEL1_SPMC
-+static struct dt_descriptor tos_fw_config_dt __nex_bss;
-+#endif
- #endif
-
- #ifdef CFG_SECONDARY_INIT_CNTFRQ
-@@ -1224,6 +1228,54 @@ static struct core_mmu_phys_mem *get_nsec_memory(void *fdt __unused,
- #endif /*CFG_CORE_DYN_SHM*/
- #endif /*!CFG_DT*/
-
-+#if defined(CFG_CORE_SEL1_SPMC) && defined(CFG_DT)
-+void *get_tos_fw_config_dt(void)
-+{
-+ if (!IS_ENABLED(CFG_MAP_EXT_DT_SECURE))
-+ return NULL;
-+
-+ assert(cpu_mmu_enabled());
-+
-+ return tos_fw_config_dt.blob;
-+}
-+
-+static void init_tos_fw_config_dt(unsigned long pa)
-+{
-+ struct dt_descriptor *dt = &tos_fw_config_dt;
-+ void *fdt = NULL;
-+ int ret = 0;
-+
-+ if (!IS_ENABLED(CFG_MAP_EXT_DT_SECURE))
-+ return;
-+
-+ if (!pa)
-+ panic("No TOS_FW_CONFIG DT found");
-+
-+ fdt = core_mmu_add_mapping(MEM_AREA_EXT_DT, pa, CFG_DTB_MAX_SIZE);
-+ if (!fdt)
-+ panic("Failed to map TOS_FW_CONFIG DT");
-+
-+ dt->blob = fdt;
-+
-+ ret = fdt_open_into(fdt, fdt, CFG_DTB_MAX_SIZE);
-+ if (ret < 0) {
-+ EMSG("Invalid Device Tree at %#lx: error %d", pa, ret);
-+ panic();
-+ }
-+
-+ IMSG("TOS_FW_CONFIG DT found");
-+}
-+#else
-+void *get_tos_fw_config_dt(void)
-+{
-+ return NULL;
-+}
-+
-+static void init_tos_fw_config_dt(unsigned long pa __unused)
-+{
-+}
-+#endif /*CFG_CORE_SEL1_SPMC && CFG_DT*/
-+
- #ifdef CFG_CORE_DYN_SHM
- static void discover_nsec_memory(void)
- {
-@@ -1361,10 +1413,16 @@ static bool cpu_nmfi_enabled(void)
- * Note: this function is weak just to make it possible to exclude it from
- * the unpaged area.
- */
--void __weak boot_init_primary_late(unsigned long fdt)
-+void __weak boot_init_primary_late(unsigned long fdt,
-+ unsigned long tos_fw_config)
- {
- init_external_dt(fdt);
-+ init_tos_fw_config_dt(tos_fw_config);
-+#ifdef CFG_CORE_SEL1_SPMC
-+ tpm_map_log_area(get_tos_fw_config_dt());
-+#else
- tpm_map_log_area(get_external_dt());
-+#endif
- discover_nsec_memory();
- update_external_dt();
- configure_console_from_dt();
-diff --git a/core/arch/arm/kernel/entry_a32.S b/core/arch/arm/kernel/entry_a32.S
-index 0f14ca2f6ad9..3758fd8b7674 100644
---- a/core/arch/arm/kernel/entry_a32.S
-+++ b/core/arch/arm/kernel/entry_a32.S
-@@ -1,7 +1,7 @@
- /* SPDX-License-Identifier: BSD-2-Clause */
- /*
- * Copyright (c) 2014, Linaro Limited
-- * Copyright (c) 2021, Arm Limited
-+ * Copyright (c) 2021-2023, Arm Limited
- */
-
- #include <arm32_macros.S>
-@@ -560,6 +560,7 @@ shadow_stack_access_ok:
- str r0, [r8, #THREAD_CORE_LOCAL_FLAGS]
- #endif
- mov r0, r6 /* DT address */
-+ mov r1, #0 /* unused */
- bl boot_init_primary_late
- #ifndef CFG_VIRTUALIZATION
- mov r0, #THREAD_CLF_TMP
-diff --git a/core/arch/arm/kernel/entry_a64.S b/core/arch/arm/kernel/entry_a64.S
-index 047ae1f25cc9..fa76437fb73c 100644
---- a/core/arch/arm/kernel/entry_a64.S
-+++ b/core/arch/arm/kernel/entry_a64.S
-@@ -1,7 +1,7 @@
- /* SPDX-License-Identifier: BSD-2-Clause */
- /*
- * Copyright (c) 2015-2022, Linaro Limited
-- * Copyright (c) 2021, Arm Limited
-+ * Copyright (c) 2021-2023, Arm Limited
- */
-
- #include <platform_config.h>
-@@ -320,7 +320,11 @@ clear_nex_bss:
- bl core_mmu_set_default_prtn_tbl
- #endif
-
-+#ifdef CFG_CORE_SEL1_SPMC
-+ mov x0, xzr /* pager not used */
-+#else
- mov x0, x19 /* pagable part address */
-+#endif
- mov x1, #-1
- bl boot_init_primary_early
-
-@@ -337,7 +341,12 @@ clear_nex_bss:
- mov x22, x0
- str wzr, [x22, #THREAD_CORE_LOCAL_FLAGS]
- #endif
-- mov x0, x20 /* DT address */
-+ mov x0, x20 /* DT address also known as HW_CONFIG */
-+#ifdef CFG_CORE_SEL1_SPMC
-+ mov x1, x19 /* TOS_FW_CONFIG DT address */
-+#else
-+ mov x1, xzr /* unused */
-+#endif
- bl boot_init_primary_late
- #ifdef CFG_CORE_PAUTH
- init_pauth_per_cpu
-diff --git a/core/arch/arm/kernel/link_dummies_paged.c b/core/arch/arm/kernel/link_dummies_paged.c
-index 3b8287e06a11..023a5f3f558b 100644
---- a/core/arch/arm/kernel/link_dummies_paged.c
-+++ b/core/arch/arm/kernel/link_dummies_paged.c
-@@ -1,6 +1,7 @@
- // SPDX-License-Identifier: BSD-2-Clause
- /*
- * Copyright (c) 2017-2021, Linaro Limited
-+ * Copyright (c) 2023, Arm Limited
- */
- #include <compiler.h>
- #include <initcall.h>
-@@ -27,7 +28,8 @@ void __section(".text.dummy.call_finalcalls") call_finalcalls(void)
- }
-
- void __section(".text.dummy.boot_init_primary_late")
--boot_init_primary_late(unsigned long fdt __unused)
-+boot_init_primary_late(unsigned long fdt __unused,
-+ unsigned long tos_fw_config __unused)
- {
- }
-
-diff --git a/core/arch/arm/kernel/secure_partition.c b/core/arch/arm/kernel/secure_partition.c
-index 1d36e90b1cf7..d386f1e4d211 100644
---- a/core/arch/arm/kernel/secure_partition.c
-+++ b/core/arch/arm/kernel/secure_partition.c
-@@ -1212,7 +1212,7 @@ static TEE_Result fip_sp_map_all(void)
- int subnode = 0;
- int root = 0;
-
-- fdt = get_external_dt();
-+ fdt = get_tos_fw_config_dt();
- if (!fdt) {
- EMSG("No SPMC manifest found");
- return TEE_ERROR_GENERIC;
-diff --git a/core/include/kernel/boot.h b/core/include/kernel/boot.h
-index 260854473b8b..941e093b29a1 100644
---- a/core/include/kernel/boot.h
-+++ b/core/include/kernel/boot.h
-@@ -1,7 +1,7 @@
- /* SPDX-License-Identifier: BSD-2-Clause */
- /*
- * Copyright (c) 2015-2020, Linaro Limited
-- * Copyright (c) 2021, Arm Limited
-+ * Copyright (c) 2021-2023, Arm Limited
- */
- #ifndef __KERNEL_BOOT_H
- #define __KERNEL_BOOT_H
-@@ -46,7 +46,7 @@ extern const struct core_mmu_config boot_mmu_config;
- /* @nsec_entry is unused if using CFG_WITH_ARM_TRUSTED_FW */
- void boot_init_primary_early(unsigned long pageable_part,
- unsigned long nsec_entry);
--void boot_init_primary_late(unsigned long fdt);
-+void boot_init_primary_late(unsigned long fdt, unsigned long tos_fw_config);
- void boot_init_memtag(void);
-
- void __panic_at_smc_return(void) __noreturn;
-@@ -103,6 +103,9 @@ void *get_embedded_dt(void);
- /* Returns external DTB if present, otherwise NULL */
- void *get_external_dt(void);
-
-+/* Returns TOS_FW_CONFIG DTB if present, otherwise NULL */
-+void *get_tos_fw_config_dt(void);
-+
- /*
- * get_aslr_seed() - return a random seed for core ASLR
- * @fdt: Pointer to a device tree if CFG_DT_ADDR=y
deleted file mode 100644
@@ -1,275 +0,0 @@
-From 18ad0cce24addd45271edf3172ab9ce873186d7a Mon Sep 17 00:00:00 2001
-From: Imre Kis <imre.kis@arm.com>
-Date: Tue, 18 Apr 2023 16:41:51 +0200
-Subject: [PATCH] core: spmc: handle non-secure interrupts
-
-Add FFA_INTERRUPT and FFA_RUN support for signaling non-secure
-interrupts and for resuming to the secure world. If a secure partition
-is preempted by a non-secure interrupt OP-TEE saves the SP's state and
-sends an FFA_INTERRUPT to the normal world. After handling the interrupt
-the normal world should send an FFA_RUN to OP-TEE so it can continue
-running the SP.
-If OP-TEE is the active FF-A endpoint (i.e. it is running TAs) the
-non-secure interrupts are signaled by the existing
-OPTEE_FFA_YIELDING_CALL_RETURN_INTERRUPT message instead of
-FFA_INTERRUPT.
-
-Upstream-Status: Submitted [https://github.com/OP-TEE/optee_os/pull/6002]
-
-Signed-off-by: Imre Kis <imre.kis@arm.com>
-Change-Id: I577ebe86d416ee494963216a66a3bfc8206921b4
----
- core/arch/arm/include/ffa.h | 2 +-
- .../arch/arm/include/kernel/spmc_sp_handler.h | 11 +++++++
- core/arch/arm/kernel/secure_partition.c | 17 ++++++++++
- core/arch/arm/kernel/spmc_sp_handler.c | 26 ++++++++++++++++
- core/arch/arm/kernel/thread.c | 7 +++++
- core/arch/arm/kernel/thread_spmc.c | 31 ++++++++++++++++++-
- core/arch/arm/kernel/thread_spmc_a64.S | 30 ++++++++++++++++++
- 7 files changed, 122 insertions(+), 2 deletions(-)
-
-diff --git a/core/arch/arm/include/ffa.h b/core/arch/arm/include/ffa.h
-index 5a19fb0c7ff3..b3d1d354735d 100644
---- a/core/arch/arm/include/ffa.h
-+++ b/core/arch/arm/include/ffa.h
-@@ -50,7 +50,7 @@
- #define FFA_ID_GET U(0x84000069)
- #define FFA_MSG_WAIT U(0x8400006B)
- #define FFA_MSG_YIELD U(0x8400006C)
--#define FFA_MSG_RUN U(0x8400006D)
-+#define FFA_RUN U(0x8400006D)
- #define FFA_MSG_SEND U(0x8400006E)
- #define FFA_MSG_SEND_DIRECT_REQ_32 U(0x8400006F)
- #define FFA_MSG_SEND_DIRECT_REQ_64 U(0xC400006F)
-diff --git a/core/arch/arm/include/kernel/spmc_sp_handler.h b/core/arch/arm/include/kernel/spmc_sp_handler.h
-index f5bda7bfe7d0..30c1e4691273 100644
---- a/core/arch/arm/include/kernel/spmc_sp_handler.h
-+++ b/core/arch/arm/include/kernel/spmc_sp_handler.h
-@@ -25,6 +25,8 @@ void spmc_sp_start_thread(struct thread_smc_args *args);
- int spmc_sp_add_share(struct ffa_rxtx *rxtx,
- size_t blen, uint64_t *global_handle,
- struct sp_session *owner_sp);
-+void spmc_sp_set_to_preempted(struct ts_session *ts_sess);
-+int spmc_sp_resume_from_preempted(uint16_t endpoint_id);
- #else
- static inline void spmc_sp_start_thread(struct thread_smc_args *args __unused)
- {
-@@ -37,6 +39,15 @@ static inline int spmc_sp_add_share(struct ffa_rxtx *rxtx __unused,
- {
- return FFA_NOT_SUPPORTED;
- }
-+
-+static inline void spmc_sp_set_to_preempted(struct ts_session *ts_sess __unused)
-+{
-+}
-+
-+static inline int spmc_sp_resume_from_preempted(uint16_t endpoint_id __unused)
-+{
-+ return FFA_NOT_SUPPORTED;
-+}
- #endif
-
- #endif /* __KERNEL_SPMC_SP_HANDLER_H */
-diff --git a/core/arch/arm/kernel/secure_partition.c b/core/arch/arm/kernel/secure_partition.c
-index d386f1e4d211..740be6d22e47 100644
---- a/core/arch/arm/kernel/secure_partition.c
-+++ b/core/arch/arm/kernel/secure_partition.c
-@@ -999,6 +999,8 @@ static TEE_Result sp_enter_invoke_cmd(struct ts_session *s,
- struct sp_session *sp_s = to_sp_session(s);
- struct ts_session *sess = NULL;
- struct thread_ctx_regs *sp_regs = NULL;
-+ uint32_t thread_id = THREAD_ID_INVALID;
-+ uint32_t rpc_target_info = 0;
- uint32_t panicked = false;
- uint32_t panic_code = 0;
-
-@@ -1011,8 +1013,23 @@ static TEE_Result sp_enter_invoke_cmd(struct ts_session *s,
- sp_regs->cpsr = read_daif() & (SPSR_64_DAIF_MASK << SPSR_64_DAIF_SHIFT);
-
- exceptions = thread_mask_exceptions(THREAD_EXCP_ALL);
-+
-+ /*
-+ * Store endpoint ID and thread ID in rpc_target_info. This will be used
-+ * as w1 in FFA_INTERRUPT in case of a NWd interrupt.
-+ */
-+ rpc_target_info = thread_get_tsd()->rpc_target_info;
-+ thread_id = thread_get_id();
-+ assert((thread_id & ~0xffff) == 0);
-+ thread_get_tsd()->rpc_target_info = (sp_s->endpoint_id << 16) |
-+ (thread_id & 0xffff);
-+
- __thread_enter_user_mode(sp_regs, &panicked, &panic_code);
-+
- sp_regs->cpsr = cpsr;
-+ /* Restore rpc_target_info */
-+ thread_get_tsd()->rpc_target_info = rpc_target_info;
-+
- thread_unmask_exceptions(exceptions);
-
- thread_user_clear_vfp(&ctx->uctx);
-diff --git a/core/arch/arm/kernel/spmc_sp_handler.c b/core/arch/arm/kernel/spmc_sp_handler.c
-index 46a15646ecf0..12681151a796 100644
---- a/core/arch/arm/kernel/spmc_sp_handler.c
-+++ b/core/arch/arm/kernel/spmc_sp_handler.c
-@@ -366,6 +366,32 @@ cleanup:
- return res;
- }
-
-+void spmc_sp_set_to_preempted(struct ts_session *ts_sess)
-+{
-+ if (ts_sess && is_sp_ctx(ts_sess->ctx)) {
-+ struct sp_session *sp_sess = to_sp_session(ts_sess);
-+
-+ assert(sp_sess->state == sp_busy);
-+
-+ sp_sess->state = sp_preempted;
-+ }
-+}
-+
-+int spmc_sp_resume_from_preempted(uint16_t endpoint_id)
-+{
-+ struct sp_session *sp_sess = sp_get_session(endpoint_id);
-+
-+ if (!sp_sess)
-+ return FFA_INVALID_PARAMETERS;
-+
-+ if (sp_sess->state != sp_preempted)
-+ return FFA_DENIED;
-+
-+ sp_sess->state = sp_busy;
-+
-+ return FFA_OK;
-+}
-+
- static bool check_rxtx(struct ffa_rxtx *rxtx)
- {
- return rxtx && rxtx->rx && rxtx->tx && rxtx->size > 0;
-diff --git a/core/arch/arm/kernel/thread.c b/core/arch/arm/kernel/thread.c
-index 1e7f9f96b558..8cd4dc961b02 100644
---- a/core/arch/arm/kernel/thread.c
-+++ b/core/arch/arm/kernel/thread.c
-@@ -531,6 +531,13 @@ int thread_state_suspend(uint32_t flags, uint32_t cpsr, vaddr_t pc)
- core_mmu_set_user_map(NULL);
- }
-
-+ if (IS_ENABLED(CFG_SECURE_PARTITION)) {
-+ struct ts_session *ts_sess =
-+ TAILQ_FIRST(&threads[ct].tsd.sess_stack);
-+
-+ spmc_sp_set_to_preempted(ts_sess);
-+ }
-+
- l->curr_thread = THREAD_ID_INVALID;
-
- if (IS_ENABLED(CFG_VIRTUALIZATION))
-diff --git a/core/arch/arm/kernel/thread_spmc.c b/core/arch/arm/kernel/thread_spmc.c
-index 3b4ac0b4e35c..bc4e7687d618 100644
---- a/core/arch/arm/kernel/thread_spmc.c
-+++ b/core/arch/arm/kernel/thread_spmc.c
-@@ -45,7 +45,7 @@ struct mem_frag_state {
- #endif
-
- /* Initialized in spmc_init() below */
--static uint16_t my_endpoint_id;
-+uint16_t my_endpoint_id;
-
- /*
- * If struct ffa_rxtx::size is 0 RX/TX buffers are not mapped or initialized.
-@@ -437,6 +437,32 @@ out:
- FFA_PARAM_MBZ, FFA_PARAM_MBZ);
- cpu_spin_unlock(&rxtx->spinlock);
- }
-+
-+static void spmc_handle_run(struct thread_smc_args *args)
-+{
-+ uint16_t endpoint = (args->a1 >> 16) & 0xffff;
-+ uint16_t thread_id = (args->a1 & 0xffff);
-+ uint32_t rc = 0;
-+
-+ if (endpoint != my_endpoint_id) {
-+ /*
-+ * The endpoint should be an SP, try to resume the SP from
-+ * preempted into busy state.
-+ */
-+ rc = spmc_sp_resume_from_preempted(endpoint);
-+ if (rc)
-+ goto out;
-+ }
-+
-+ thread_resume_from_rpc(thread_id, 0, 0, 0, 0);
-+
-+ /* thread_resume_from_rpc return only of the thread_id is invalid */
-+ rc = FFA_INVALID_PARAMETERS;
-+
-+out:
-+ spmc_set_args(args, FFA_ERROR, FFA_PARAM_MBZ, rc, FFA_PARAM_MBZ,
-+ FFA_PARAM_MBZ, FFA_PARAM_MBZ);
-+}
- #endif /*CFG_CORE_SEL1_SPMC*/
-
- static void handle_yielding_call(struct thread_smc_args *args)
-@@ -970,6 +996,9 @@ void thread_spmc_msg_recv(struct thread_smc_args *args)
- case FFA_PARTITION_INFO_GET:
- spmc_handle_partition_info_get(args, &nw_rxtx);
- break;
-+ case FFA_RUN:
-+ spmc_handle_run(args);
-+ break;
- #endif /*CFG_CORE_SEL1_SPMC*/
- case FFA_INTERRUPT:
- itr_core_handler();
-diff --git a/core/arch/arm/kernel/thread_spmc_a64.S b/core/arch/arm/kernel/thread_spmc_a64.S
-index 21cb62513a42..7297005a6038 100644
---- a/core/arch/arm/kernel/thread_spmc_a64.S
-+++ b/core/arch/arm/kernel/thread_spmc_a64.S
-@@ -14,6 +14,20 @@
- #include <kernel/thread.h>
- #include <optee_ffa.h>
-
-+#if CFG_SECURE_PARTITION
-+LOCAL_FUNC thread_ffa_interrupt , :
-+ mov_imm x0, FFA_INTERRUPT /* FID */
-+ /* X1: Endpoint/vCPU IDs is set by caller */
-+ mov x2, #FFA_PARAM_MBZ /* Param MBZ */
-+ mov x3, #FFA_PARAM_MBZ /* Param MBZ */
-+ mov x4, #FFA_PARAM_MBZ /* Param MBZ */
-+ mov x5, #FFA_PARAM_MBZ /* Param MBZ */
-+ mov x6, #FFA_PARAM_MBZ /* Param MBZ */
-+ mov x7, #FFA_PARAM_MBZ /* Param MBZ */
-+ b .ffa_msg_loop
-+END_FUNC thread_ffa_msg_wait
-+#endif /* CFG_SECURE_PARTITION */
-+
- FUNC thread_ffa_msg_wait , :
- mov_imm x0, FFA_MSG_WAIT /* FID */
- mov x1, #FFA_TARGET_INFO_MBZ /* Target info MBZ */
-@@ -171,6 +185,14 @@ END_FUNC thread_rpc
- * The current thread as indicated by @thread_index has just been
- * suspended. The job here is just to inform normal world the thread id to
- * resume when returning.
-+ * If the active FF-A endpoint is OP-TEE (or a TA) then an this function send an
-+ * OPTEE_FFA_YIELDING_CALL_RETURN_INTERRUPT message to the normal world via the
-+ * FFA_MSG_SEND_DIRECT_RESP interface. This is handled by the OP-TEE
-+ * driver in Linux so it can schedule task to the thread.
-+ * If the active endpoint is an SP the function sends an FFA_INTERRUPT. This is
-+ * handled by the FF-A driver and after taking care of the NWd interrupts it
-+ * returns via an FFA_RUN call.
-+ * The active endpoint is determined by the upper 16 bits of rpc_target_info.
- */
- FUNC thread_foreign_intr_exit , :
- /* load threads[w0].tsd.rpc_target_info into w1 */
-@@ -178,6 +200,14 @@ FUNC thread_foreign_intr_exit , :
- adr_l x2, threads
- madd x1, x1, x0, x2
- ldr w1, [x1, #THREAD_CTX_TSD_RPC_TARGET_INFO]
-+#if CFG_SECURE_PARTITION
-+ adr_l x2, my_endpoint_id
-+ ldrh w2, [x2]
-+ lsr w3, w1, #16
-+ cmp w2, w3
-+ /* (threads[w0].tsd.rpc_target_info >> 16) != my_endpoint_id */
-+ bne thread_ffa_interrupt
-+#endif /* CFG_SECURE_PARTITION */
- mov x2, #FFA_PARAM_MBZ
- mov w3, #FFA_PARAM_MBZ
- mov w4, #OPTEE_FFA_YIELDING_CALL_RETURN_INTERRUPT
deleted file mode 100644
@@ -1,148 +0,0 @@
-From e7835c526aabd8e5b6db335619a0d86165c587ed Mon Sep 17 00:00:00 2001
-From: Imre Kis <imre.kis@arm.com>
-Date: Tue, 25 Apr 2023 14:19:14 +0200
-Subject: [PATCH] core: spmc: configure SP's NS interrupt action based on the
- manifest
-
-Used mandatory ns-interrupts-action SP manifest property to configure
-signaled or queued non-secure interrupt handling.
-
-Upstream-Status: Submitted [https://github.com/OP-TEE/optee_os/pull/6002]
-
-Signed-off-by: Imre Kis <imre.kis@arm.com>
-Change-Id: I843e69e5dbb9613ecd8b95654e8ca1730a594ca6
----
- .../arm/include/kernel/secure_partition.h | 2 +
- core/arch/arm/kernel/secure_partition.c | 66 +++++++++++++++++--
- 2 files changed, 63 insertions(+), 5 deletions(-)
-
-diff --git a/core/arch/arm/include/kernel/secure_partition.h b/core/arch/arm/include/kernel/secure_partition.h
-index 24b0a8cc07d2..51f6b697e5eb 100644
---- a/core/arch/arm/include/kernel/secure_partition.h
-+++ b/core/arch/arm/include/kernel/secure_partition.h
-@@ -43,6 +43,8 @@ struct sp_session {
- unsigned int spinlock;
- const void *fdt;
- bool is_initialized;
-+ uint32_t ns_interrupts_action;
-+ uint32_t ns_interrupts_action_inherited;
- TAILQ_ENTRY(sp_session) link;
- };
-
-diff --git a/core/arch/arm/kernel/secure_partition.c b/core/arch/arm/kernel/secure_partition.c
-index 740be6d22e47..b644e1c72e6a 100644
---- a/core/arch/arm/kernel/secure_partition.c
-+++ b/core/arch/arm/kernel/secure_partition.c
-@@ -46,6 +46,10 @@
- SP_MANIFEST_ATTR_WRITE | \
- SP_MANIFEST_ATTR_EXEC)
-
-+#define SP_MANIFEST_NS_INT_QUEUED (0x0)
-+#define SP_MANIFEST_NS_INT_MANAGED_EXIT (0x1)
-+#define SP_MANIFEST_NS_INT_SIGNALED (0x2)
-+
- #define SP_PKG_HEADER_MAGIC (0x474b5053)
- #define SP_PKG_HEADER_VERSION_V1 (0x1)
- #define SP_PKG_HEADER_VERSION_V2 (0x2)
-@@ -907,6 +911,30 @@ static TEE_Result sp_init_uuid(const TEE_UUID *uuid, const void * const fdt)
- return res;
- DMSG("endpoint is 0x%"PRIx16, sess->endpoint_id);
-
-+ res = sp_dt_get_u32(fdt, 0, "ns-interrupts-action",
-+ &sess->ns_interrupts_action);
-+
-+ if (res) {
-+ EMSG("Mandatory property is missing: ns-interrupts-action");
-+ return res;
-+ }
-+
-+ switch (sess->ns_interrupts_action) {
-+ case SP_MANIFEST_NS_INT_QUEUED:
-+ case SP_MANIFEST_NS_INT_SIGNALED:
-+ /* OK */
-+ break;
-+
-+ case SP_MANIFEST_NS_INT_MANAGED_EXIT:
-+ EMSG("Managed exit is not implemented");
-+ return TEE_ERROR_NOT_IMPLEMENTED;
-+
-+ default:
-+ EMSG("Invalid ns-interrupts-action value: %d",
-+ sess->ns_interrupts_action);
-+ return TEE_ERROR_BAD_PARAMETERS;
-+ }
-+
- return TEE_SUCCESS;
- }
-
-@@ -989,17 +1017,45 @@ TEE_Result sp_enter(struct thread_smc_args *args, struct sp_session *sp)
- return res;
- }
-
-+/*
-+ * According to FF-A v1.1 section 8.3.1.4 if a caller requires less permissive
-+ * active on NS interrupt than the callee, the callee must inherit the caller's
-+ * configuration.
-+ * Each SP's own NS action setting is stored in ns_interrupts_action. The
-+ * effective action will be MIN([self action], [caller's action]) which is
-+ * stored in the ns_interrupts_action_inherited field.
-+ */
-+static void sp_cpsr_configure_foreing_interrupts(struct sp_session *s,
-+ struct ts_session *caller,
-+ uint64_t *cpsr)
-+{
-+ if (caller) {
-+ struct sp_session *caller_sp = to_sp_session(caller);
-+
-+ s->ns_interrupts_action_inherited =
-+ MIN(caller_sp->ns_interrupts_action_inherited,
-+ s->ns_interrupts_action);
-+ } else {
-+ s->ns_interrupts_action_inherited = s->ns_interrupts_action;
-+ }
-+
-+ if (s->ns_interrupts_action_inherited == SP_MANIFEST_NS_INT_QUEUED)
-+ *cpsr |= (THREAD_EXCP_FOREIGN_INTR << ARM32_CPSR_F_SHIFT);
-+ else
-+ *cpsr &= ~(THREAD_EXCP_FOREIGN_INTR << ARM32_CPSR_F_SHIFT);
-+}
-+
- static TEE_Result sp_enter_invoke_cmd(struct ts_session *s,
- uint32_t cmd __unused)
- {
- struct sp_ctx *ctx = to_sp_ctx(s->ctx);
- TEE_Result res = TEE_SUCCESS;
- uint32_t exceptions = 0;
-- uint64_t cpsr = 0;
- struct sp_session *sp_s = to_sp_session(s);
- struct ts_session *sess = NULL;
- struct thread_ctx_regs *sp_regs = NULL;
- uint32_t thread_id = THREAD_ID_INVALID;
-+ struct ts_session *caller = NULL;
- uint32_t rpc_target_info = 0;
- uint32_t panicked = false;
- uint32_t panic_code = 0;
-@@ -1009,11 +1065,12 @@ static TEE_Result sp_enter_invoke_cmd(struct ts_session *s,
- sp_regs = &ctx->sp_regs;
- ts_push_current_session(s);
-
-- cpsr = sp_regs->cpsr;
-- sp_regs->cpsr = read_daif() & (SPSR_64_DAIF_MASK << SPSR_64_DAIF_SHIFT);
--
- exceptions = thread_mask_exceptions(THREAD_EXCP_ALL);
-
-+ /* Enable/disable foreign interrupts in CPSR/SPSR */
-+ caller = ts_get_calling_session();
-+ sp_cpsr_configure_foreing_interrupts(sp_s, caller, &sp_regs->cpsr);
-+
- /*
- * Store endpoint ID and thread ID in rpc_target_info. This will be used
- * as w1 in FFA_INTERRUPT in case of a NWd interrupt.
-@@ -1026,7 +1083,6 @@ static TEE_Result sp_enter_invoke_cmd(struct ts_session *s,
-
- __thread_enter_user_mode(sp_regs, &panicked, &panic_code);
-
-- sp_regs->cpsr = cpsr;
- /* Restore rpc_target_info */
- thread_get_tsd()->rpc_target_info = rpc_target_info;
-
deleted file mode 100644
@@ -1,634 +0,0 @@
-From 800627f054959aac0dd3527495ee3fad0137600a Mon Sep 17 00:00:00 2001
-From: Jihwan Park <jihwp@amazon.com>
-Date: Mon, 3 Jul 2023 08:51:47 +0200
-Subject: [PATCH] core: crypto_bignum_free(): add indirection and set pointer
- to NULL
-
-To prevent human mistake, crypto_bignum_free() sets the location of the
-bignum pointer to NULL after freeing it.
-
-Signed-off-by: Jihwan Park <jihwp@amazon.com>
-Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
-Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
-Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
-Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
-
-CVE: CVE-2023-41325
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@arm.com>
----
- core/crypto/crypto.c | 4 +--
- core/drivers/crypto/caam/acipher/caam_dh.c | 8 ++---
- core/drivers/crypto/caam/acipher/caam_dsa.c | 14 ++++----
- core/drivers/crypto/caam/acipher/caam_ecc.c | 10 +++---
- core/drivers/crypto/caam/acipher/caam_rsa.c | 24 ++++++-------
- core/drivers/crypto/se050/core/ecc.c | 14 ++++----
- core/drivers/crypto/se050/core/rsa.c | 38 ++++++++++-----------
- core/drivers/crypto/versal/ecc.c | 6 ++--
- core/include/crypto/crypto.h | 2 +-
- core/lib/libtomcrypt/dh.c | 8 ++---
- core/lib/libtomcrypt/dsa.c | 14 ++++----
- core/lib/libtomcrypt/ecc.c | 10 +++---
- core/lib/libtomcrypt/mpi_desc.c | 9 +++--
- core/lib/libtomcrypt/rsa.c | 22 ++++++------
- core/tee/tee_svc_cryp.c | 7 ++--
- lib/libmbedtls/core/bignum.c | 9 +++--
- lib/libmbedtls/core/dh.c | 8 ++---
- lib/libmbedtls/core/ecc.c | 10 +++---
- lib/libmbedtls/core/rsa.c | 22 ++++++------
- 19 files changed, 122 insertions(+), 117 deletions(-)
-
-diff --git a/core/crypto/crypto.c b/core/crypto/crypto.c
-index 9f7d35097..60cb89a31 100644
---- a/core/crypto/crypto.c
-+++ b/core/crypto/crypto.c
-@@ -498,9 +498,9 @@ void crypto_bignum_copy(struct bignum *to __unused,
- bignum_cant_happen();
- }
-
--void crypto_bignum_free(struct bignum *a)
-+void crypto_bignum_free(struct bignum **a)
- {
-- if (a)
-+ if (a && *a)
- panic();
- }
-
-diff --git a/core/drivers/crypto/caam/acipher/caam_dh.c b/core/drivers/crypto/caam/acipher/caam_dh.c
-index 6131ff0ef..35fc44541 100644
---- a/core/drivers/crypto/caam/acipher/caam_dh.c
-+++ b/core/drivers/crypto/caam/acipher/caam_dh.c
-@@ -195,10 +195,10 @@ static TEE_Result do_allocate_keypair(struct dh_keypair *key, size_t size_bits)
- err:
- DH_TRACE("Allocation error");
-
-- crypto_bignum_free(key->g);
-- crypto_bignum_free(key->p);
-- crypto_bignum_free(key->x);
-- crypto_bignum_free(key->y);
-+ crypto_bignum_free(&key->g);
-+ crypto_bignum_free(&key->p);
-+ crypto_bignum_free(&key->x);
-+ crypto_bignum_free(&key->y);
-
- return TEE_ERROR_OUT_OF_MEMORY;
- }
-diff --git a/core/drivers/crypto/caam/acipher/caam_dsa.c b/core/drivers/crypto/caam/acipher/caam_dsa.c
-index 2696f0b3c..d60bb8e89 100644
---- a/core/drivers/crypto/caam/acipher/caam_dsa.c
-+++ b/core/drivers/crypto/caam/acipher/caam_dsa.c
-@@ -309,10 +309,10 @@ static TEE_Result do_allocate_keypair(struct dsa_keypair *key, size_t l_bits,
- err:
- DSA_TRACE("Allocation error");
-
-- crypto_bignum_free(key->g);
-- crypto_bignum_free(key->p);
-- crypto_bignum_free(key->q);
-- crypto_bignum_free(key->x);
-+ crypto_bignum_free(&key->g);
-+ crypto_bignum_free(&key->p);
-+ crypto_bignum_free(&key->q);
-+ crypto_bignum_free(&key->x);
-
- return TEE_ERROR_OUT_OF_MEMORY;
- }
-@@ -358,9 +358,9 @@ static TEE_Result do_allocate_publickey(struct dsa_public_key *key,
- err:
- DSA_TRACE("Allocation error");
-
-- crypto_bignum_free(key->g);
-- crypto_bignum_free(key->p);
-- crypto_bignum_free(key->q);
-+ crypto_bignum_free(&key->g);
-+ crypto_bignum_free(&key->p);
-+ crypto_bignum_free(&key->q);
-
- return TEE_ERROR_OUT_OF_MEMORY;
- }
-diff --git a/core/drivers/crypto/caam/acipher/caam_ecc.c b/core/drivers/crypto/caam/acipher/caam_ecc.c
-index 90e87c20a..6b12b6cbe 100644
---- a/core/drivers/crypto/caam/acipher/caam_ecc.c
-+++ b/core/drivers/crypto/caam/acipher/caam_ecc.c
-@@ -169,8 +169,8 @@ static TEE_Result do_allocate_keypair(struct ecc_keypair *key, size_t size_bits)
- err:
- ECC_TRACE("Allocation error");
-
-- crypto_bignum_free(key->d);
-- crypto_bignum_free(key->x);
-+ crypto_bignum_free(&key->d);
-+ crypto_bignum_free(&key->x);
-
- return TEE_ERROR_OUT_OF_MEMORY;
- }
-@@ -204,7 +204,7 @@ static TEE_Result do_allocate_publickey(struct ecc_public_key *key,
- err:
- ECC_TRACE("Allocation error");
-
-- crypto_bignum_free(key->x);
-+ crypto_bignum_free(&key->x);
-
- return TEE_ERROR_OUT_OF_MEMORY;
- }
-@@ -216,8 +216,8 @@ err:
- */
- static void do_free_publickey(struct ecc_public_key *key)
- {
-- crypto_bignum_free(key->x);
-- crypto_bignum_free(key->y);
-+ crypto_bignum_free(&key->x);
-+ crypto_bignum_free(&key->y);
- }
-
- /*
-diff --git a/core/drivers/crypto/caam/acipher/caam_rsa.c b/core/drivers/crypto/caam/acipher/caam_rsa.c
-index e860c641c..b59ab0b6e 100644
---- a/core/drivers/crypto/caam/acipher/caam_rsa.c
-+++ b/core/drivers/crypto/caam/acipher/caam_rsa.c
-@@ -86,14 +86,14 @@ static uint8_t caam_era;
- */
- static void do_free_keypair(struct rsa_keypair *key)
- {
-- crypto_bignum_free(key->e);
-- crypto_bignum_free(key->d);
-- crypto_bignum_free(key->n);
-- crypto_bignum_free(key->p);
-- crypto_bignum_free(key->q);
-- crypto_bignum_free(key->qp);
-- crypto_bignum_free(key->dp);
-- crypto_bignum_free(key->dq);
-+ crypto_bignum_free(&key->e);
-+ crypto_bignum_free(&key->d);
-+ crypto_bignum_free(&key->n);
-+ crypto_bignum_free(&key->p);
-+ crypto_bignum_free(&key->q);
-+ crypto_bignum_free(&key->qp);
-+ crypto_bignum_free(&key->dp);
-+ crypto_bignum_free(&key->dq);
- }
-
- /*
-@@ -435,8 +435,8 @@ static TEE_Result do_allocate_publickey(struct rsa_public_key *key,
- err_alloc_publickey:
- RSA_TRACE("Allocation error");
-
-- crypto_bignum_free(key->e);
-- crypto_bignum_free(key->n);
-+ crypto_bignum_free(&key->e);
-+ crypto_bignum_free(&key->n);
-
- return TEE_ERROR_OUT_OF_MEMORY;
- }
-@@ -448,8 +448,8 @@ err_alloc_publickey:
- */
- static void do_free_publickey(struct rsa_public_key *key)
- {
-- crypto_bignum_free(key->e);
-- crypto_bignum_free(key->n);
-+ crypto_bignum_free(&key->e);
-+ crypto_bignum_free(&key->n);
- }
-
- /*
-diff --git a/core/drivers/crypto/se050/core/ecc.c b/core/drivers/crypto/se050/core/ecc.c
-index d74334760..52f82c69d 100644
---- a/core/drivers/crypto/se050/core/ecc.c
-+++ b/core/drivers/crypto/se050/core/ecc.c
-@@ -752,9 +752,9 @@ static TEE_Result do_alloc_keypair(struct ecc_keypair *s,
- goto err;
- return TEE_SUCCESS;
- err:
-- crypto_bignum_free(s->d);
-- crypto_bignum_free(s->x);
-- crypto_bignum_free(s->y);
-+ crypto_bignum_free(&s->d);
-+ crypto_bignum_free(&s->x);
-+ crypto_bignum_free(&s->y);
- return TEE_ERROR_OUT_OF_MEMORY;
- }
-
-@@ -768,8 +768,8 @@ static TEE_Result do_alloc_publickey(struct ecc_public_key *s,
- goto err;
- return TEE_SUCCESS;
- err:
-- crypto_bignum_free(s->x);
-- crypto_bignum_free(s->y);
-+ crypto_bignum_free(&s->x);
-+ crypto_bignum_free(&s->y);
- return TEE_ERROR_OUT_OF_MEMORY;
- }
-
-@@ -778,8 +778,8 @@ static void do_free_publickey(struct ecc_public_key *s)
- if (!s)
- return;
-
-- crypto_bignum_free(s->x);
-- crypto_bignum_free(s->y);
-+ crypto_bignum_free(&s->x);
-+ crypto_bignum_free(&s->y);
- }
-
- static struct drvcrypt_ecc driver_ecc = {
-diff --git a/core/drivers/crypto/se050/core/rsa.c b/core/drivers/crypto/se050/core/rsa.c
-index 815abb3cd..475d2b99a 100644
---- a/core/drivers/crypto/se050/core/rsa.c
-+++ b/core/drivers/crypto/se050/core/rsa.c
-@@ -537,14 +537,14 @@ static TEE_Result do_alloc_keypair(struct rsa_keypair *s,
-
- return TEE_SUCCESS;
- err:
-- crypto_bignum_free(s->e);
-- crypto_bignum_free(s->d);
-- crypto_bignum_free(s->n);
-- crypto_bignum_free(s->p);
-- crypto_bignum_free(s->q);
-- crypto_bignum_free(s->qp);
-- crypto_bignum_free(s->dp);
-- crypto_bignum_free(s->dq);
-+ crypto_bignum_free(&s->e);
-+ crypto_bignum_free(&s->d);
-+ crypto_bignum_free(&s->n);
-+ crypto_bignum_free(&s->p);
-+ crypto_bignum_free(&s->q);
-+ crypto_bignum_free(&s->qp);
-+ crypto_bignum_free(&s->dp);
-+ crypto_bignum_free(&s->dq);
-
- return TEE_ERROR_OUT_OF_MEMORY;
- }
-@@ -556,7 +556,7 @@ static TEE_Result do_alloc_publickey(struct rsa_public_key *s,
- if (!bn_alloc_max(&s->e))
- return TEE_ERROR_OUT_OF_MEMORY;
- if (!bn_alloc_max(&s->n)) {
-- crypto_bignum_free(s->e);
-+ crypto_bignum_free(&s->e);
- return TEE_ERROR_OUT_OF_MEMORY;
- }
-
-@@ -566,8 +566,8 @@ static TEE_Result do_alloc_publickey(struct rsa_public_key *s,
- static void do_free_publickey(struct rsa_public_key *s)
- {
- if (s) {
-- crypto_bignum_free(s->n);
-- crypto_bignum_free(s->e);
-+ crypto_bignum_free(&s->n);
-+ crypto_bignum_free(&s->e);
- }
- }
-
-@@ -587,14 +587,14 @@ static void do_free_keypair(struct rsa_keypair *s)
- sss_se05x_key_store_erase_key(se050_kstore, &k_object);
- }
-
-- crypto_bignum_free(s->e);
-- crypto_bignum_free(s->d);
-- crypto_bignum_free(s->n);
-- crypto_bignum_free(s->p);
-- crypto_bignum_free(s->q);
-- crypto_bignum_free(s->qp);
-- crypto_bignum_free(s->dp);
-- crypto_bignum_free(s->dq);
-+ crypto_bignum_free(&s->e);
-+ crypto_bignum_free(&s->d);
-+ crypto_bignum_free(&s->n);
-+ crypto_bignum_free(&s->p);
-+ crypto_bignum_free(&s->q);
-+ crypto_bignum_free(&s->qp);
-+ crypto_bignum_free(&s->dp);
-+ crypto_bignum_free(&s->dq);
- }
-
- static TEE_Result do_gen_keypair(struct rsa_keypair *key, size_t kb)
-diff --git a/core/drivers/crypto/versal/ecc.c b/core/drivers/crypto/versal/ecc.c
-index 3d5454509..18ec4f78d 100644
---- a/core/drivers/crypto/versal/ecc.c
-+++ b/core/drivers/crypto/versal/ecc.c
-@@ -284,9 +284,9 @@ static TEE_Result sign(uint32_t algo, struct ecc_keypair *key,
-
- versal_mbox_alloc(bytes, NULL, &k);
- crypto_bignum_bn2bin_eswap(key->curve, ephemeral.d, k.buf);
-- crypto_bignum_free(ephemeral.d);
-- crypto_bignum_free(ephemeral.x);
-- crypto_bignum_free(ephemeral.y);
-+ crypto_bignum_free(&ephemeral.d);
-+ crypto_bignum_free(&ephemeral.x);
-+ crypto_bignum_free(&ephemeral.y);
-
- /* Private key*/
- versal_mbox_alloc(bytes, NULL, &d);
-diff --git a/core/include/crypto/crypto.h b/core/include/crypto/crypto.h
-index 71a287ec6..0e6c139ce 100644
---- a/core/include/crypto/crypto.h
-+++ b/core/include/crypto/crypto.h
-@@ -98,7 +98,7 @@ size_t crypto_bignum_num_bytes(struct bignum *a);
- size_t crypto_bignum_num_bits(struct bignum *a);
- void crypto_bignum_bn2bin(const struct bignum *from, uint8_t *to);
- void crypto_bignum_copy(struct bignum *to, const struct bignum *from);
--void crypto_bignum_free(struct bignum *a);
-+void crypto_bignum_free(struct bignum **a);
- void crypto_bignum_clear(struct bignum *a);
-
- /* return -1 if a<b, 0 if a==b, +1 if a>b */
-diff --git a/core/lib/libtomcrypt/dh.c b/core/lib/libtomcrypt/dh.c
-index 4eb9916f2..b1d0a4d00 100644
---- a/core/lib/libtomcrypt/dh.c
-+++ b/core/lib/libtomcrypt/dh.c
-@@ -28,10 +28,10 @@ TEE_Result crypto_acipher_alloc_dh_keypair(struct dh_keypair *s,
- goto err;
- return TEE_SUCCESS;
- err:
-- crypto_bignum_free(s->g);
-- crypto_bignum_free(s->p);
-- crypto_bignum_free(s->y);
-- crypto_bignum_free(s->x);
-+ crypto_bignum_free(&s->g);
-+ crypto_bignum_free(&s->p);
-+ crypto_bignum_free(&s->y);
-+ crypto_bignum_free(&s->x);
- return TEE_ERROR_OUT_OF_MEMORY;
- }
-
-diff --git a/core/lib/libtomcrypt/dsa.c b/core/lib/libtomcrypt/dsa.c
-index a2dc720ed..d6243c469 100644
---- a/core/lib/libtomcrypt/dsa.c
-+++ b/core/lib/libtomcrypt/dsa.c
-@@ -30,10 +30,10 @@ TEE_Result crypto_acipher_alloc_dsa_keypair(struct dsa_keypair *s,
- goto err;
- return TEE_SUCCESS;
- err:
-- crypto_bignum_free(s->g);
-- crypto_bignum_free(s->p);
-- crypto_bignum_free(s->q);
-- crypto_bignum_free(s->y);
-+ crypto_bignum_free(&s->g);
-+ crypto_bignum_free(&s->p);
-+ crypto_bignum_free(&s->q);
-+ crypto_bignum_free(&s->y);
- return TEE_ERROR_OUT_OF_MEMORY;
- }
-
-@@ -52,9 +52,9 @@ TEE_Result crypto_acipher_alloc_dsa_public_key(struct dsa_public_key *s,
- goto err;
- return TEE_SUCCESS;
- err:
-- crypto_bignum_free(s->g);
-- crypto_bignum_free(s->p);
-- crypto_bignum_free(s->q);
-+ crypto_bignum_free(&s->g);
-+ crypto_bignum_free(&s->p);
-+ crypto_bignum_free(&s->q);
- return TEE_ERROR_OUT_OF_MEMORY;
- }
-
-diff --git a/core/lib/libtomcrypt/ecc.c b/core/lib/libtomcrypt/ecc.c
-index 938378247..fa645e17a 100644
---- a/core/lib/libtomcrypt/ecc.c
-+++ b/core/lib/libtomcrypt/ecc.c
-@@ -18,8 +18,8 @@ static void _ltc_ecc_free_public_key(struct ecc_public_key *s)
- if (!s)
- return;
-
-- crypto_bignum_free(s->x);
-- crypto_bignum_free(s->y);
-+ crypto_bignum_free(&s->x);
-+ crypto_bignum_free(&s->y);
- }
-
- /*
-@@ -465,8 +465,8 @@ TEE_Result crypto_asym_alloc_ecc_keypair(struct ecc_keypair *s,
- err:
- s->ops = NULL;
-
-- crypto_bignum_free(s->d);
-- crypto_bignum_free(s->x);
-+ crypto_bignum_free(&s->d);
-+ crypto_bignum_free(&s->x);
-
- return TEE_ERROR_OUT_OF_MEMORY;
- }
-@@ -541,7 +541,7 @@ TEE_Result crypto_asym_alloc_ecc_public_key(struct ecc_public_key *s,
- err:
- s->ops = NULL;
-
-- crypto_bignum_free(s->x);
-+ crypto_bignum_free(&s->x);
-
- return TEE_ERROR_OUT_OF_MEMORY;
- }
-diff --git a/core/lib/libtomcrypt/mpi_desc.c b/core/lib/libtomcrypt/mpi_desc.c
-index 235fbe630..ff8dd13c7 100644
---- a/core/lib/libtomcrypt/mpi_desc.c
-+++ b/core/lib/libtomcrypt/mpi_desc.c
-@@ -763,10 +763,13 @@ struct bignum *crypto_bignum_allocate(size_t size_bits)
- return (struct bignum *)bn;
- }
-
--void crypto_bignum_free(struct bignum *s)
-+void crypto_bignum_free(struct bignum **s)
- {
-- mbedtls_mpi_free((mbedtls_mpi *)s);
-- free(s);
-+ assert(s);
-+
-+ mbedtls_mpi_free((mbedtls_mpi *)*s);
-+ free(*s);
-+ *s = NULL;
- }
-
- void crypto_bignum_clear(struct bignum *s)
-diff --git a/core/lib/libtomcrypt/rsa.c b/core/lib/libtomcrypt/rsa.c
-index 8d0443f36..13ed23934 100644
---- a/core/lib/libtomcrypt/rsa.c
-+++ b/core/lib/libtomcrypt/rsa.c
-@@ -131,7 +131,7 @@ TEE_Result sw_crypto_acipher_alloc_rsa_public_key(struct rsa_public_key *s,
- goto err;
- return TEE_SUCCESS;
- err:
-- crypto_bignum_free(s->e);
-+ crypto_bignum_free(&s->e);
- return TEE_ERROR_OUT_OF_MEMORY;
- }
-
-@@ -143,8 +143,8 @@ void sw_crypto_acipher_free_rsa_public_key(struct rsa_public_key *s)
- {
- if (!s)
- return;
-- crypto_bignum_free(s->n);
-- crypto_bignum_free(s->e);
-+ crypto_bignum_free(&s->n);
-+ crypto_bignum_free(&s->e);
- }
-
-
-@@ -155,14 +155,14 @@ void sw_crypto_acipher_free_rsa_keypair(struct rsa_keypair *s)
- {
- if (!s)
- return;
-- crypto_bignum_free(s->e);
-- crypto_bignum_free(s->d);
-- crypto_bignum_free(s->n);
-- crypto_bignum_free(s->p);
-- crypto_bignum_free(s->q);
-- crypto_bignum_free(s->qp);
-- crypto_bignum_free(s->dp);
-- crypto_bignum_free(s->dq);
-+ crypto_bignum_free(&s->e);
-+ crypto_bignum_free(&s->d);
-+ crypto_bignum_free(&s->n);
-+ crypto_bignum_free(&s->p);
-+ crypto_bignum_free(&s->q);
-+ crypto_bignum_free(&s->qp);
-+ crypto_bignum_free(&s->dp);
-+ crypto_bignum_free(&s->dq);
- }
-
- TEE_Result crypto_acipher_gen_rsa_key(struct rsa_keypair *key,
-diff --git a/core/tee/tee_svc_cryp.c b/core/tee/tee_svc_cryp.c
-index 534e5ac39..880809753 100644
---- a/core/tee/tee_svc_cryp.c
-+++ b/core/tee/tee_svc_cryp.c
-@@ -869,8 +869,7 @@ static void op_attr_bignum_free(void *attr)
- {
- struct bignum **bn = attr;
-
-- crypto_bignum_free(*bn);
-- *bn = NULL;
-+ crypto_bignum_free(bn);
- }
-
- static TEE_Result op_attr_value_from_user(void *attr, const void *buffer,
-@@ -3445,8 +3444,8 @@ TEE_Result syscall_cryp_derive_key(unsigned long state,
- } else {
- res = TEE_ERROR_OUT_OF_MEMORY;
- }
-- crypto_bignum_free(pub);
-- crypto_bignum_free(ss);
-+ crypto_bignum_free(&pub);
-+ crypto_bignum_free(&ss);
- } else if (TEE_ALG_GET_MAIN_ALG(cs->algo) == TEE_MAIN_ALGO_ECDH) {
- struct ecc_public_key key_public;
- uint8_t *pt_secret;
-diff --git a/lib/libmbedtls/core/bignum.c b/lib/libmbedtls/core/bignum.c
-index 61f6c5c60..dea30f61a 100644
---- a/lib/libmbedtls/core/bignum.c
-+++ b/lib/libmbedtls/core/bignum.c
-@@ -87,10 +87,13 @@ struct bignum *crypto_bignum_allocate(size_t size_bits)
- return (struct bignum *)bn;
- }
-
--void crypto_bignum_free(struct bignum *s)
-+void crypto_bignum_free(struct bignum **s)
- {
-- mbedtls_mpi_free((mbedtls_mpi *)s);
-- free(s);
-+ assert(s);
-+
-+ mbedtls_mpi_free((mbedtls_mpi *)*s);
-+ free(*s);
-+ *s = NULL;
- }
-
- void crypto_bignum_clear(struct bignum *s)
-diff --git a/lib/libmbedtls/core/dh.c b/lib/libmbedtls/core/dh.c
-index b3415aaa7..e95aa1495 100644
---- a/lib/libmbedtls/core/dh.c
-+++ b/lib/libmbedtls/core/dh.c
-@@ -35,10 +35,10 @@ TEE_Result crypto_acipher_alloc_dh_keypair(struct dh_keypair *s,
- goto err;
- return TEE_SUCCESS;
- err:
-- crypto_bignum_free(s->g);
-- crypto_bignum_free(s->p);
-- crypto_bignum_free(s->y);
-- crypto_bignum_free(s->x);
-+ crypto_bignum_free(&s->g);
-+ crypto_bignum_free(&s->p);
-+ crypto_bignum_free(&s->y);
-+ crypto_bignum_free(&s->x);
- return TEE_ERROR_OUT_OF_MEMORY;
- }
-
-diff --git a/lib/libmbedtls/core/ecc.c b/lib/libmbedtls/core/ecc.c
-index fd4a51b9d..46cd9fd1c 100644
---- a/lib/libmbedtls/core/ecc.c
-+++ b/lib/libmbedtls/core/ecc.c
-@@ -40,8 +40,8 @@ static void ecc_free_public_key(struct ecc_public_key *s)
- if (!s)
- return;
-
-- crypto_bignum_free(s->x);
-- crypto_bignum_free(s->y);
-+ crypto_bignum_free(&s->x);
-+ crypto_bignum_free(&s->y);
- }
-
- /*
-@@ -484,8 +484,8 @@ TEE_Result crypto_asym_alloc_ecc_keypair(struct ecc_keypair *s,
- return TEE_SUCCESS;
-
- err:
-- crypto_bignum_free(s->d);
-- crypto_bignum_free(s->x);
-+ crypto_bignum_free(&s->d);
-+ crypto_bignum_free(&s->x);
-
- return TEE_ERROR_OUT_OF_MEMORY;
- }
-@@ -581,7 +581,7 @@ TEE_Result crypto_asym_alloc_ecc_public_key(struct ecc_public_key *s,
- return TEE_SUCCESS;
-
- err:
-- crypto_bignum_free(s->x);
-+ crypto_bignum_free(&s->x);
-
- return TEE_ERROR_OUT_OF_MEMORY;
- }
-diff --git a/lib/libmbedtls/core/rsa.c b/lib/libmbedtls/core/rsa.c
-index c3b5be509..a8aeb2c04 100644
---- a/lib/libmbedtls/core/rsa.c
-+++ b/lib/libmbedtls/core/rsa.c
-@@ -183,7 +183,7 @@ TEE_Result sw_crypto_acipher_alloc_rsa_public_key(struct rsa_public_key *s,
- goto err;
- return TEE_SUCCESS;
- err:
-- crypto_bignum_free(s->e);
-+ crypto_bignum_free(&s->e);
- return TEE_ERROR_OUT_OF_MEMORY;
- }
-
-@@ -194,8 +194,8 @@ void sw_crypto_acipher_free_rsa_public_key(struct rsa_public_key *s)
- {
- if (!s)
- return;
-- crypto_bignum_free(s->n);
-- crypto_bignum_free(s->e);
-+ crypto_bignum_free(&s->n);
-+ crypto_bignum_free(&s->e);
- }
-
- void crypto_acipher_free_rsa_keypair(struct rsa_keypair *s)
-@@ -205,14 +205,14 @@ void sw_crypto_acipher_free_rsa_keypair(struct rsa_keypair *s)
- {
- if (!s)
- return;
-- crypto_bignum_free(s->e);
-- crypto_bignum_free(s->d);
-- crypto_bignum_free(s->n);
-- crypto_bignum_free(s->p);
-- crypto_bignum_free(s->q);
-- crypto_bignum_free(s->qp);
-- crypto_bignum_free(s->dp);
-- crypto_bignum_free(s->dq);
-+ crypto_bignum_free(&s->e);
-+ crypto_bignum_free(&s->d);
-+ crypto_bignum_free(&s->n);
-+ crypto_bignum_free(&s->p);
-+ crypto_bignum_free(&s->q);
-+ crypto_bignum_free(&s->qp);
-+ crypto_bignum_free(&s->dp);
-+ crypto_bignum_free(&s->dq);
- }
-
- TEE_Result crypto_acipher_gen_rsa_key(struct rsa_keypair *key,
-2.34.1
-
deleted file mode 100644
@@ -1,33 +0,0 @@
-# TC0 specific configuration
-
-# Total Compute (tc) specific configuration for optee-os and optee-os-tadevkit
-
-FILESEXTRAPATHS:prepend := "${THISDIR}/files/optee-os/tc:"
-SRC_URI:append:tc = " file://sp_layout.json \
- file://0001-WIP-Enable-managed-exit.patch \
- file://0002-plat-totalcompute-fix-TZDRAM-start-and-size.patch \
- "
-
-COMPATIBLE_MACHINE = "(tc?)"
-
-OPTEEMACHINE:tc1 = "totalcompute-tc1"
-
-# Enable optee memory layout and boot logs
-EXTRA_OEMAKE += " CFG_TEE_CORE_LOG_LEVEL=3"
-
-# default disable latency benchmarks (over all OP-TEE layers)
-EXTRA_OEMAKE += " CFG_TEE_BENCHMARK=n"
-
-# Enable stats
-EXTRA_OEMAKE += " CFG_WITH_STATS=y"
-
-EXTRA_OEMAKE += " CFG_CORE_SEL2_SPMC=y"
-
-# Copy optee manifest file
-do_install:append() {
- install -d ${D}${nonarch_base_libdir}/firmware/
- install -m 644 ${WORKDIR}/sp_layout.json ${D}${nonarch_base_libdir}/firmware/
- install -m 644 \
- ${S}/core/arch/arm/plat-totalcompute/fdts/optee_sp_manifest.dts \
- ${D}${nonarch_base_libdir}/firmware/
-}
deleted file mode 100644
@@ -1,30 +0,0 @@
-From 59d4c190eae11c93b26cca5a7b005a17dadc8248 Mon Sep 17 00:00:00 2001
-From: Brett Warren <brett.warren@arm.com>
-Date: Wed, 23 Sep 2020 09:27:34 +0100
-Subject: [PATCH] optee: enable clang support
-
-When compiling with clang, the LIBGCC_LOCATE_CFLAG variable used
-to provide a sysroot wasn't included, which results in not locating
-compiler-rt. This is mitigated by including the variable as ammended.
-
-Upstream-Status: Pending
-ChangeId: 8ba69a4b2eb8ebaa047cb266c9aa6c2c3da45701
-Signed-off-by: Brett Warren <brett.warren@arm.com>
-
----
- mk/clang.mk | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/mk/clang.mk b/mk/clang.mk
-index a045beee8..1ebe2f702 100644
---- a/mk/clang.mk
-+++ b/mk/clang.mk
-@@ -30,7 +30,7 @@ comp-cflags-warns-clang := -Wno-language-extension-token \
-
- # Note, use the compiler runtime library (libclang_rt.builtins.*.a) instead of
- # libgcc for clang
--libgcc$(sm) := $(shell $(CC$(sm)) $(CFLAGS$(arch-bits-$(sm))) \
-+libgcc$(sm) := $(shell $(CC$(sm)) $(LIBGCC_LOCATE_CFLAGS) $(CFLAGS$(arch-bits-$(sm))) \
- -rtlib=compiler-rt -print-libgcc-file-name 2> /dev/null)
-
- # Core ASLR relies on the executable being ready to run from its preferred load
deleted file mode 100644
@@ -1,18 +0,0 @@
-require recipes-security/optee/optee-os.inc
-
-DEPENDS += "dtc-native"
-
-FILESEXTRAPATHS:prepend := "${THISDIR}/${P}:"
-
-SRCREV = "8e74d47616a20eaa23ca692f4bbbf917a236ed94"
-SRC_URI += " \
- file://0001-allow-setting-sysroot-for-libgcc-lookup.patch \
- file://0002-optee-enable-clang-support.patch \
- file://0003-core-link-add-no-warn-rwx-segments.patch \
- file://0004-core-Define-section-attributes-for-clang.patch \
- file://0005-core-arm-S-EL1-SPMC-boot-ABI-update.patch \
- file://0006-core-ffa-add-TOS_FW_CONFIG-handling.patch \
- file://0007-core-spmc-handle-non-secure-interrupts.patch \
- file://0008-core-spmc-configure-SP-s-NS-interrupt-action-based-o.patch \
- file://CVE-2023-41325.patch \
- "
deleted file mode 100644
@@ -1,6 +0,0 @@
-# Machine specific configurations
-
-MACHINE_OPTEE_OS_REQUIRE ?= ""
-MACHINE_OPTEE_OS_REQUIRE:tc = "optee-os-tc.inc"
-
-require ${MACHINE_OPTEE_OS_REQUIRE}
deleted file mode 100644
@@ -1,8 +0,0 @@
-# TC specific configuration
-
-FILESEXTRAPATHS:prepend := "${THISDIR}/files/optee-test/tc:"
-SRC_URI:append:tc = " \
- file://0001-xtest-Limit-tests-to-a-single-thread.patch \
- "
-
-COMPATIBLE_MACHINE = "(tc?)"
deleted file mode 100644
@@ -1,34 +0,0 @@
-From 53642dc98630b9c725977ab935c5bdd9c401e1aa Mon Sep 17 00:00:00 2001
-From: Jon Mason <jon.mason@arm.com>
-Date: Sat, 15 Jul 2023 15:08:43 -0400
-Subject: [PATCH] xtest: regression_1000: remove unneeded stat.h include
-
-Hack to work around musl compile error:
- In file included from optee-test/3.17.0-r0/recipe-sysroot/usr/include/sys/stat.h:23,
- from optee-test/3.17.0-r0/git/host/xtest/regression_1000.c:25:
- optee-test/3.17.0-r0/recipe-sysroot/usr/include/bits/stat.h:17:26: error: expected identifier or '(' before '[' token
- 17 | unsigned __unused[2];
- | ^
-
-stat.h is not needed, since it is not being used in this file. So removing it.
-
-Upstream-Status: Backport
-Signed-off-by: Jon Mason <jon.mason@arm.com>
-Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
-Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
----
- host/xtest/regression_1000.c | 1 -
- 1 file changed, 1 deletion(-)
-
-diff --git a/host/xtest/regression_1000.c b/host/xtest/regression_1000.c
-index de32c4184fd8..25b4721cdc45 100644
---- a/host/xtest/regression_1000.c
-+++ b/host/xtest/regression_1000.c
-@@ -22,7 +22,6 @@
- #include <stdio.h>
- #include <stdlib.h>
- #include <string.h>
--#include <sys/stat.h>
- #include <sys/types.h>
- #include <ta_arm_bti.h>
- #include <ta_concurrent.h>
deleted file mode 100644
@@ -1,160 +0,0 @@
-From 717ff43f0d58e5f5a87893bd0cf3274a1e0164dc Mon Sep 17 00:00:00 2001
-From: Gabor Toth <gabor.toth2@arm.com>
-Date: Fri, 3 Mar 2023 12:25:58 +0100
-Subject: [PATCH] ffa_spmc: Add arm_ffa_user driver compatibility check
-
-Check the version of the arm_ffa_user Kernel Driver and fail with a
-meaningful message if incompatible driver is detected.
-
-Upstream-Status: Backport
-
-Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
-Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
----
- host/xtest/ffa_spmc_1000.c | 68 ++++++++++++++++++++++++++++++++++----
- 1 file changed, 61 insertions(+), 7 deletions(-)
-
-diff --git a/host/xtest/ffa_spmc_1000.c b/host/xtest/ffa_spmc_1000.c
-index 15f4a468a775..1839d03f29be 100644
---- a/host/xtest/ffa_spmc_1000.c
-+++ b/host/xtest/ffa_spmc_1000.c
-@@ -1,11 +1,12 @@
- // SPDX-License-Identifier: BSD-3-Clause
- /*
-- * Copyright (c) 2022, Arm Limited and Contributors. All rights reserved.
-+ * Copyright (c) 2022-2023, Arm Limited and Contributors. All rights reserved.
- */
- #include <fcntl.h>
- #include <ffa.h>
- #include <stdio.h>
- #include <string.h>
-+#include <errno.h>
- #include <sys/ioctl.h>
- #include <unistd.h>
- #include "include/uapi/linux/arm_ffa_user.h"
-@@ -17,6 +18,10 @@
- #define INCORRECT_ENDPOINT_ID 0xffff
- #define NORMAL_WORLD_ENDPOINT_ID 0
-
-+#define FFA_USER_REQ_VER_MAJOR 5
-+#define FFA_USER_REQ_VER_MINOR 0
-+#define FFA_USER_REQ_VER_PATCH 1
-+
- /* Get the 32 least significant bits of a handle.*/
- #define MEM_SHARE_HANDLE_LOW(x) ((x) & 0xffffffff)
- /* Get the 32 most significant bits of a handle.*/
-@@ -62,6 +67,50 @@ static struct ffa_ioctl_ep_desc test_endpoint3 = {
- .uuid_ptr = (uint64_t)test_endpoint3_uuid,
- };
-
-+static bool check_ffa_user_version(void)
-+{
-+ FILE *f = NULL;
-+ int ver_major = -1;
-+ int ver_minor = -1;
-+ int ver_patch = -1;
-+ int scan_cnt = 0;
-+
-+ f = fopen("/sys/module/arm_ffa_user/version", "r");
-+ if (f) {
-+ scan_cnt = fscanf(f, "%d.%d.%d",
-+ &ver_major, &ver_minor, &ver_patch);
-+ fclose(f);
-+ if (scan_cnt != 3) {
-+ printf("error: failed to parse arm_ffa_user version\n");
-+ return false;
-+ }
-+ } else {
-+ printf("error: failed to read arm_ffa_user module info - %s\n",
-+ strerror(errno));
-+ return false;
-+ }
-+
-+ if (ver_major != FFA_USER_REQ_VER_MAJOR)
-+ goto err;
-+
-+ if (ver_minor < FFA_USER_REQ_VER_MINOR)
-+ goto err;
-+
-+ if (ver_minor == FFA_USER_REQ_VER_MINOR)
-+ if (ver_patch < FFA_USER_REQ_VER_PATCH)
-+ goto err;
-+
-+ return true;
-+
-+err:
-+ printf("error: Incompatible arm_ffa_user driver detected.");
-+ printf("Found v%d.%d.%d wanted >= v%d.%d.%d)\n",
-+ ver_major, ver_minor, ver_patch, FFA_USER_REQ_VER_MAJOR,
-+ FFA_USER_REQ_VER_MINOR, FFA_USER_REQ_VER_PATCH);
-+
-+ return false;
-+}
-+
- static void close_debugfs(void)
- {
- int err = 0;
-@@ -76,6 +125,9 @@ static void close_debugfs(void)
-
- static bool init_sp_xtest(ADBG_Case_t *c)
- {
-+ if (!check_ffa_user_version())
-+ return false;
-+
- if (ffa_fd < 0) {
- ffa_fd = open(FFA_DRIVER_FS_PATH, O_RDWR);
- if (ffa_fd < 0) {
-@@ -83,6 +135,7 @@ static bool init_sp_xtest(ADBG_Case_t *c)
- return false;
- }
- }
-+
- return true;
- }
-
-@@ -99,7 +152,7 @@ static uint16_t get_endpoint_id(uint64_t endp)
- struct ffa_ioctl_ep_desc sid = { .uuid_ptr = endp };
-
- /* Get ID of destination SP based on UUID */
-- if(ioctl(ffa_fd, FFA_IOC_GET_PART_ID, &sid))
-+ if (ioctl(ffa_fd, FFA_IOC_GET_PART_ID, &sid))
- return INCORRECT_ENDPOINT_ID;
-
- return sid.id;
-@@ -213,14 +266,15 @@ static int set_up_mem(struct ffa_ioctl_ep_desc *endp,
- rc = share_mem(endpoint, handle);
- ADBG_EXPECT_COMPARE_SIGNED(c, rc, ==, 0);
-
-- if (!ADBG_EXPECT_TRUE(c, handle != NULL))
-- return TEEC_ERROR_GENERIC;
-+ if (!ADBG_EXPECT_NOT_NULL(c, handle))
-+ return TEEC_ERROR_GENERIC;
-
- /* SP will retrieve the memory region. */
- memset(args, 0, sizeof(*args));
- args->dst_id = endpoint;
- args->args[MEM_SHARE_HANDLE_LOW_INDEX] = MEM_SHARE_HANDLE_LOW(*handle);
-- args->args[MEM_SHARE_HANDLE_HIGH_INDEX] = MEM_SHARE_HANDLE_HIGH(*handle);
-+ args->args[MEM_SHARE_HANDLE_HIGH_INDEX] =
-+ MEM_SHARE_HANDLE_HIGH(*handle);
- args->args[MEM_SHARE_HANDLE_ENDPOINT_INDEX] = NORMAL_WORLD_ENDPOINT_ID;
-
- rc = start_sp_test(endpoint, EP_RETRIEVE, args);
-@@ -254,7 +308,7 @@ static void xtest_ffa_spmc_test_1002(ADBG_Case_t *c)
- rc = start_sp_test(endpoint1_id, EP_TEST_SP, &args);
- ADBG_EXPECT_COMPARE_SIGNED(c, rc, ==, 0);
- if (!ADBG_EXPECT_COMPARE_UNSIGNED(c, args.args[0], ==, SPMC_TEST_OK))
-- goto out;
-+ goto out;
-
- /* Set up memory and have the SP retrieve it. */
- Do_ADBG_BeginSubCase(c, "Test memory set-up");
-@@ -469,7 +523,7 @@ static void xtest_ffa_spmc_test_1005(ADBG_Case_t *c)
- memset(&args, 0, sizeof(args));
- args.args[1] = endpoint2;
- args.args[2] = endpoint3;
-- rc = start_sp_test(endpoint1, EP_SP_MEM_SHARING_MULTI,&args);
-+ rc = start_sp_test(endpoint1, EP_SP_MEM_SHARING_MULTI, &args);
- ADBG_EXPECT_COMPARE_SIGNED(c, rc, ==, 0);
- ADBG_EXPECT_COMPARE_UNSIGNED(c, args.args[0], ==, SPMC_TEST_OK);
-
deleted file mode 100644
@@ -1,36 +0,0 @@
-From 3de910a19f01a2a9e1c9a6bd6feee1aef547f676 Mon Sep 17 00:00:00 2001
-From: Gabor Toth <gabor.toth2@arm.com>
-Date: Fri, 3 Mar 2023 12:23:45 +0100
-Subject: [PATCH] Update arm_ffa_user driver dependency
-
-Updating arm-ffa-user to v5.0.1 to get the following changes:
- - move to 64 bit direct messages
- - add Linux Kernel v6.1 compatibility
-The motivation is to update x-test to depend on the same driver
-version as TS uefi-test and thus to enable running these in a single
-configuration.
-Note: arm_ffa_user.h was copied from:
- - URL:https://git.gitlab.arm.com/linux-arm/linux-trusted-services.git
- - SHA:18e3be71f65a405dfb5d97603ae71b3c11759861
-
-Upstream-Status: Backport
-
-Signed-off-by: Gabor Toth <gabor.toth2@arm.com>
-Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
----
- host/xtest/include/uapi/linux/arm_ffa_user.h | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/host/xtest/include/uapi/linux/arm_ffa_user.h b/host/xtest/include/uapi/linux/arm_ffa_user.h
-index 9ef0be3e1664..0acde4fb2020 100644
---- a/host/xtest/include/uapi/linux/arm_ffa_user.h
-+++ b/host/xtest/include/uapi/linux/arm_ffa_user.h
-@@ -33,7 +33,7 @@ struct ffa_ioctl_ep_desc {
- * @dst_id: [in] 16-bit ID of destination endpoint.
- */
- struct ffa_ioctl_msg_args {
-- __u32 args[5];
-+ __u64 args[5];
- __u16 dst_id;
- };
- #define FFA_IOC_MSG_SEND _IOWR(FFA_IOC_MAGIC, FFA_IOC_BASE + 1, \
deleted file mode 100644
@@ -1,8 +0,0 @@
-require recipes-security/optee/optee-test.inc
-
-SRC_URI += " \
- file://0001-xtest-regression_1000-remove-unneeded-stat.h-include.patch \
- file://0002-ffa_spmc-Add-arm_ffa_user-driver-compatibility-check.patch \
- file://0003-Update-arm_ffa_user-driver-dependency.patch \
- "
-SRCREV = "5db8ab4c733d5b2f4afac3e9aef0a26634c4b444"
deleted file mode 100644
@@ -1,6 +0,0 @@
-# Machine specific configurations
-
-MACHINE_OPTEE_TEST_REQUIRE ?= ""
-MACHINE_OPTEE_TEST_REQUIRE:tc = "optee-test-tc.inc"
-
-require ${MACHINE_OPTEE_TEST_REQUIRE}
deleted file mode 100644
@@ -1,11 +0,0 @@
-require fvp-ecosystem.inc
-
-MODEL = "TC1"
-MODEL_CODE = "FVP_TC1"
-PV = "11.18.28_Linux64"
-
-SRC_URI = "https://developer.arm.com/-/media/Arm%20Developer%20Community/Downloads/OSS/FVP/TotalCompute/Total%20Compute%20Update%202022/${MODEL_CODE}_${PV_URL}.tgz;subdir=${BP}"
-SRC_URI[sha256sum] = "3a2b32ecf34dc9581482d6fc682a9378ba6ed151ea9b68914b4ebad39fb5cacf"
-
-LIC_FILES_CHKSUM = "file://license_terms/license_agreement.txt;md5=a50d186fffa51ed55599183aad911298 \
- file://license_terms/third_party_licenses/third_party_licenses.txt;md5=34a1ba318d745f05e6197def68ea5411"
Remove tc1 and related recipes that are unique to it (and generally unused ones). Signed-off-by: Jon Mason <jon.mason@arm.com> --- .gitlab-ci.yml | 8 - ci/fvps.yml | 1 - ci/tc1.yml | 11 - meta-arm-bsp/conf/machine/include/tc.inc | 36 - meta-arm-bsp/conf/machine/tc1.conf | 31 - meta-arm-bsp/documentation/tc1.md | 32 - .../recipes-bsp/hafnium/hafnium-tc.inc | 8 - .../scp-firmware/scp-firmware-tc.inc | 6 - .../trusted-firmware-a-tc.inc | 134 ---- .../trusted-firmware-a_2.8.6.bb | 19 - meta-arm-bsp/recipes-bsp/u-boot/u-boot-tc.inc | 5 - .../tc/0001-WIP-Enable-managed-exit.patch | 120 ---- ...talcompute-fix-TZDRAM-start-and-size.patch | 34 - ...xtest-Limit-tests-to-a-single-thread.patch | 55 -- .../optee/optee-client_3.20.0.bb | 7 - ...ow-setting-sysroot-for-libgcc-lookup.patch | 34 - .../0002-optee-enable-clang-support.patch | 29 - ...3-core-link-add-no-warn-rwx-segments.patch | 62 -- ...-Define-section-attributes-for-clang.patch | 240 ------- ...-core-arm-S-EL1-SPMC-boot-ABI-update.patch | 89 --- ...-core-ffa-add-TOS_FW_CONFIG-handling.patch | 247 ------- ...re-spmc-handle-non-secure-interrupts.patch | 275 -------- ...ure-SP-s-NS-interrupt-action-based-o.patch | 148 ---- .../optee-os-3.20.0/CVE-2023-41325.patch | 634 ------------------ .../recipes-security/optee/optee-os-tc.inc | 33 - .../0003-optee-enable-clang-support.patch | 30 - .../recipes-security/optee/optee-os_3.20.0.bb | 18 - .../optee/optee-os_3.20.0.bbappend | 6 - .../recipes-security/optee/optee-test-tc.inc | 8 - ..._1000-remove-unneeded-stat.h-include.patch | 34 - ..._ffa_user-driver-compatibility-check.patch | 160 ----- ...pdate-arm_ffa_user-driver-dependency.patch | 36 - .../optee/optee-test_3.20.0.bb | 8 - .../optee/optee-test_3.20.0.bbappend | 6 - meta-arm/recipes-devtools/fvp/fvp-tc1.bb | 11 - 35 files changed, 2615 deletions(-) delete mode 100644 ci/tc1.yml delete mode 100644 meta-arm-bsp/conf/machine/include/tc.inc delete mode 100644 meta-arm-bsp/conf/machine/tc1.conf delete mode 100644 meta-arm-bsp/documentation/tc1.md delete mode 100644 meta-arm-bsp/recipes-bsp/hafnium/hafnium-tc.inc delete mode 100644 meta-arm-bsp/recipes-bsp/scp-firmware/scp-firmware-tc.inc delete mode 100644 meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a-tc.inc delete mode 100644 meta-arm-bsp/recipes-bsp/trusted-firmware-a/trusted-firmware-a_2.8.6.bb delete mode 100644 meta-arm-bsp/recipes-bsp/u-boot/u-boot-tc.inc delete mode 100644 meta-arm-bsp/recipes-security/optee/files/optee-os/tc/0001-WIP-Enable-managed-exit.patch delete mode 100644 meta-arm-bsp/recipes-security/optee/files/optee-os/tc/0002-plat-totalcompute-fix-TZDRAM-start-and-size.patch delete mode 100644 meta-arm-bsp/recipes-security/optee/files/optee-test/tc/0001-xtest-Limit-tests-to-a-single-thread.patch delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-client_3.20.0.bb delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0001-allow-setting-sysroot-for-libgcc-lookup.patch delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0002-optee-enable-clang-support.patch delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0003-core-link-add-no-warn-rwx-segments.patch delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0004-core-Define-section-attributes-for-clang.patch delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0005-core-arm-S-EL1-SPMC-boot-ABI-update.patch delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0006-core-ffa-add-TOS_FW_CONFIG-handling.patch delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0007-core-spmc-handle-non-secure-interrupts.patch delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/0008-core-spmc-configure-SP-s-NS-interrupt-action-based-o.patch delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-os-3.20.0/CVE-2023-41325.patch delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-os-tc.inc delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-os/0003-optee-enable-clang-support.patch delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-os_3.20.0.bb delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-os_3.20.0.bbappend delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-test-tc.inc delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-test/0001-xtest-regression_1000-remove-unneeded-stat.h-include.patch delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-test/0002-ffa_spmc-Add-arm_ffa_user-driver-compatibility-check.patch delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-test/0003-Update-arm_ffa_user-driver-dependency.patch delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-test_3.20.0.bb delete mode 100644 meta-arm-bsp/recipes-security/optee/optee-test_3.20.0.bbappend delete mode 100644 meta-arm/recipes-devtools/fvp/fvp-tc1.bb