From e0272de38ce87f2a9b0e2bac4162d87d11735992 Mon Sep 17 00:00:00 2001
From: Khang Nguyen <khang.nguyen.xw@renesas.com>
Date: Mon, 3 Sep 2018 23:50:35 -0400
Subject: rcar-gen3: IPL: Update IPL to the latest version

This commit updates IPL/Secure Monitor for the following changes:

Update IPL and Secure Monitor Rev1.0.22
[IPL]
- Update CPG setting.
- Add support Ebisu-4D board.
- Change the timing to invalidate of instruction cache.
- Fixed a bug in the exception handler.
- Update DDR setting for E3.
[Secure Monitor]
- Add the wait processing that is placed in the system RAM area for
Suspend To RAM.

Update optee_os Rev1.0.15
- Fix the polling process of the HyperFlash driver waiting for HW
completion.
- Fix incorrect memory access in RSA processing using a provider for
a HW engine driver.
- Fix a conditional branch in a mutex_destroy function.

Signed-off-by: Khang Nguyen <khang.nguyen.xw@renesas.com>
Signed-off-by: Duy Dang <duy.dang.yw@rvc.renesas.com>
Signed-off-by: Takamitsu Honda <takamitsu.honda.pv@renesas.com>
---
 ...DER-188185-Fix-a-contxt-size-allocated-by.patch |  29 ++++++
 ...DER-188122-Fix-to-exclusive-control-for-R.patch | 105 +++++++++++++++++++++
 meta-rcar-gen3/recipes-bsp/optee/optee-os_git.bb   |  12 ++-
 3 files changed, 144 insertions(+), 2 deletions(-)
 create mode 100644 meta-rcar-gen3/recipes-bsp/optee/optee-os/0001-OPTEE_PROVIDER-188185-Fix-a-contxt-size-allocated-by.patch
 create mode 100644 meta-rcar-gen3/recipes-bsp/optee/optee-os/0002-OPTEE_PROVIDER-188122-Fix-to-exclusive-control-for-R.patch

(limited to 'meta-rcar-gen3/recipes-bsp/optee')

diff --git a/meta-rcar-gen3/recipes-bsp/optee/optee-os/0001-OPTEE_PROVIDER-188185-Fix-a-contxt-size-allocated-by.patch b/meta-rcar-gen3/recipes-bsp/optee/optee-os/0001-OPTEE_PROVIDER-188185-Fix-a-contxt-size-allocated-by.patch
new file mode 100644
index 0000000..eada5c5
--- /dev/null
+++ b/meta-rcar-gen3/recipes-bsp/optee/optee-os/0001-OPTEE_PROVIDER-188185-Fix-a-contxt-size-allocated-by.patch
@@ -0,0 +1,29 @@
+From 88085caf87cf1060c0db269f021efdea617fbef9 Mon Sep 17 00:00:00 2001
+From: Tomohiro Fujiwara <tomohiro.fujiwara.cw@hitachi.com>
+Date: Wed, 26 Sep 2018 10:12:02 +0900
+Subject: [PATCH 1/2] [OPTEE_PROVIDER][#188185] Fix a contxt size allocated by
+ the OP-TEE OS
+
+This commit adds a compile option for deciding a context size used by
+HASH algorithm of SS6.3-Secure Driver.
+
+Signed-off-by: Tomohiro Fujiwara <tomohiro.fujiwara.cw@hitachi.com>
+---
+ core/core.mk | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/core/core.mk b/core/core.mk
+index c428cd00..405b1e76 100644
+--- a/core/core.mk
++++ b/core/core.mk
+@@ -90,6 +90,7 @@ base-prefix :=
+ 
+ ifeq ($(CFG_CRYPT_HW_CRYPTOENGINE),y)
+ core-platform-cflags += -DENABLE_CRYPTOENGINE
++core-platform-cflags += -DDX_CC_TEE -DCRYS_NO_CRYS_COMBINED_SUPPORT
+ 
+ ifeq ($(CFG_CRYPT_ENABLE_CEPKA),y)
+ libname = crypto_engine_pka
+-- 
+2.14.1.windows.1
+
diff --git a/meta-rcar-gen3/recipes-bsp/optee/optee-os/0002-OPTEE_PROVIDER-188122-Fix-to-exclusive-control-for-R.patch b/meta-rcar-gen3/recipes-bsp/optee/optee-os/0002-OPTEE_PROVIDER-188122-Fix-to-exclusive-control-for-R.patch
new file mode 100644
index 0000000..bac23ad
--- /dev/null
+++ b/meta-rcar-gen3/recipes-bsp/optee/optee-os/0002-OPTEE_PROVIDER-188122-Fix-to-exclusive-control-for-R.patch
@@ -0,0 +1,105 @@
+From f6ba4b6f808158a9daf39bc7224da806a9e3547d Mon Sep 17 00:00:00 2001
+From: Tomohiro Fujiwara <tomohiro.fujiwara.cw@hitachi.com>
+Date: Wed, 26 Sep 2018 23:12:17 +0900
+Subject: [PATCH 2/2] [OPTEE_PROVIDER][#188122] Fix to exclusive control for
+ RSA/ECDSA
+
+This commit fixes to be exclusive in order to other processes are not
+executed between build key process and sign/verify/enc/dec process.
+
+Signed-off-by: Tomohiro Fujiwara <tomohiro.fujiwara.cw@hitachi.com>
+---
+ core/lib/libcryptoengine/tee_pka_provider.c    | 4 ++++
+ core/lib/libcryptoengine/tee_provider_common.h | 1 +
+ core/lib/libcryptoengine/tee_ss_provider.c     | 6 ++++++
+ 3 files changed, 11 insertions(+)
+
+diff --git a/core/lib/libcryptoengine/tee_pka_provider.c b/core/lib/libcryptoengine/tee_pka_provider.c
+index 453bc31a..c5df6737 100644
+--- a/core/lib/libcryptoengine/tee_pka_provider.c
++++ b/core/lib/libcryptoengine/tee_pka_provider.c
+@@ -20,6 +20,8 @@ static SSError_t pka_get_ecc_keysize(uint32_t curve,
+ static void userProcessCompletedFunc(CRYSError_t opStatus __unused,
+ 		void* pVerifContext __unused);
+ 
++static struct mutex pka_ecdsa_mutex = MUTEX_INITIALIZER;
++
+ /*
+  * brief:	Translate  CRYS API AES error into SS provider error.
+  *
+@@ -239,6 +241,7 @@ TEE_Result ss_ecc_verify_pka(struct ecc_public_key *key, const uint8_t *msg,
+ 		res = pka_get_ecc_digest(messageSizeInBytes, &eccHash);
+ 	}
+ 
++	mutex_lock(&pka_ecdsa_mutex);
+ 	if (res == SS_SUCCESS) {
+ 		/* build public key */
+ 		*publKeyIn_ptr = (uint8_t)CRYS_EC_PointUncompressed;
+@@ -274,6 +277,7 @@ TEE_Result ss_ecc_verify_pka(struct ecc_public_key *key, const uint8_t *msg,
+ 		res = pka_translate_error_pka2ss_ecc(pka_res);
+ 		PROV_DMSG("Result: res=0x%08x\n", res);
+ 	}
++	mutex_unlock(&pka_ecdsa_mutex);
+ 
+ 	ss_free((void *)publKeyX_ptr);
+ 	ss_free((void *)publKeyY_ptr);
+diff --git a/core/lib/libcryptoengine/tee_provider_common.h b/core/lib/libcryptoengine/tee_provider_common.h
+index 823c7bfa..ed2de568 100644
+--- a/core/lib/libcryptoengine/tee_provider_common.h
++++ b/core/lib/libcryptoengine/tee_provider_common.h
+@@ -8,6 +8,7 @@
+ 
+ #include <crypto/crypto.h>
+ #include <tee/tee_cryp_utl.h>
++#include <kernel/mutex.h>
+ #include <mpalib.h>
+ #include <stdlib.h>
+ #include <string.h>
+diff --git a/core/lib/libcryptoengine/tee_ss_provider.c b/core/lib/libcryptoengine/tee_ss_provider.c
+index 77a12d7c..3e9f93a1 100644
+--- a/core/lib/libcryptoengine/tee_ss_provider.c
++++ b/core/lib/libcryptoengine/tee_ss_provider.c
+@@ -282,6 +282,8 @@ static SSError_t ss_crys_aesccm_update(void *ctx, uint8_t *dataIn_ptr,
+ static void ss_backup_cb(enum suspend_to_ram_state state, uint32_t cpu_id);
+ static TEE_Result crypto_hw_init_crypto_engine(void);
+ 
++static struct mutex secure_ecdsa_mutex = MUTEX_INITIALIZER;
++
+ static SSError_t ss_crys_aes_update(void *ctx, uint8_t *dataIn_ptr,
+ 		uint32_t dataInSize, uint8_t *dataOut_ptr, CRYSError_t *crysRes)
+ {
+@@ -3090,6 +3092,7 @@ TEE_Result crypto_hw_acipher_ecc_sign(struct ecc_keypair *key,
+ 		res = ss_get_ecc_digest(messageSizeInBytes, &eccHashMode);
+ 	}
+ 
++	mutex_lock(&secure_ecdsa_mutex);
+ 	if (res == SS_SUCCESS) {
+ 		PROV_DMSG("CALL:  CRYS_ECPKI_BuildPrivKey()\n");
+ 		crys_res = CRYS_ECPKI_BuildPrivKey(domain_id, privKeySizeIn_ptr,
+@@ -3107,6 +3110,7 @@ TEE_Result crypto_hw_acipher_ecc_sign(struct ecc_keypair *key,
+ 		res = ss_translate_error_crys2ss_ecc(crys_res);
+ 		PROV_DMSG("Result: crys_res=0x%08x -> res=0x%08x\n",crys_res,res);
+ 	}
++	mutex_unlock(&secure_ecdsa_mutex);
+ 
+ 	ss_free((void *)signUserContext_ptr);
+ 	ss_free((void *)privKeySizeIn_ptr);
+@@ -3193,6 +3197,7 @@ static SSError_t ss_ecc_verify_secure(struct ecc_public_key *key,
+ 		res = ss_get_ecc_digest(messageSizeInBytes, &eccHashMode);
+ 	}
+ 
++	mutex_lock(&secure_ecdsa_mutex);
+ 	if (res == SS_SUCCESS) {
+ 		/* build public key */
+ 		*publKeyIn_ptr = (uint8_t)CRYS_EC_PointUncompressed;
+@@ -3217,6 +3222,7 @@ static SSError_t ss_ecc_verify_secure(struct ecc_public_key *key,
+ 		PROV_DMSG("Result: crys_res=0x%08x -> res=0x%08x\n", crys_res,
+ 				res);
+ 	}
++	mutex_unlock(&secure_ecdsa_mutex);
+ 
+ 	ss_free((void *)publKeyX_ptr);
+ 	ss_free((void *)publKeyY_ptr);
+-- 
+2.14.1.windows.1
+
diff --git a/meta-rcar-gen3/recipes-bsp/optee/optee-os_git.bb b/meta-rcar-gen3/recipes-bsp/optee/optee-os_git.bb
index 30f430e..765e24d 100644
--- a/meta-rcar-gen3/recipes-bsp/optee/optee-os_git.bb
+++ b/meta-rcar-gen3/recipes-bsp/optee/optee-os_git.bb
@@ -13,8 +13,8 @@ inherit deploy pythonnative
 PV = "3.1.0+renesas+git${SRCPV}"
 
 BRANCH = "rcar_gen3"
-SRCREV_renesas = "5524832ca895973a372223a6bff9cc3fc7df4b15"
-SRCREV_officialgit = "0ab9388c0d553a6bb5ae04e41b38ba40cf0474bf"
+SRCREV_renesas = "459c612224e123658a2ad29a91a3d186342d24a9"
+SRCREV_officialgit = "e77020396508fc086d7a4d6137388b116e4a662f"
 SRCREV_FORMAT = "renesas_officialgit"
 
 SRC_URI = " \
@@ -22,6 +22,12 @@ SRC_URI = " \
     git://github.com/OP-TEE/optee_os.git;branch=master;name=officialgit;destsuffix=git_official \
 "
 
+# Patch for Yv3.9.0.1
+SRC_URI_append = " \
+    file://0001-OPTEE_PROVIDER-188185-Fix-a-contxt-size-allocated-by.patch \
+    file://0002-OPTEE_PROVIDER-188122-Fix-to-exclusive-control-for-R.patch \
+"
+
 COMPATIBLE_MACHINE = "(salvator-x|h3ulcb|m3ulcb|ebisu)"
 PLATFORM = "rcar"
 
@@ -43,6 +49,8 @@ S = "${WORKDIR}/git"
 EXTRA_OEMAKE = "-e MAKEFLAGS="
 
 do_configure() {
+    git -C ${WORKDIR}/git_official checkout -B official 3.1.0
+    git -C ${WORKDIR}/git_official cherry-pick ${SRCREV_officialgit}
     cp -rn ${WORKDIR}/git_official/core/lib/libtomcrypt ${B}/core/lib/.
 }
 
-- 
cgit 1.2.3-korg