core: imx: add TZASC_SIZE for imx6, imx7 and imx8m

Add TZASC_SIZE value for all i.MX platforms.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@lin

core: imx: add TZASC_SIZE for imx6, imx7 and imx8m

Add TZASC_SIZE value for all i.MX platforms.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

plat-versal: add support for Xilinx's Versal ACAP platform

Initial support for the Versal ACAP validated on the AI Core Series VKC190
Evaluation Kit.

The following BIF file is used by bootgen to ge

plat-versal: add support for Xilinx's Versal ACAP platform

Initial support for the Versal ACAP validated on the AI Core Series VKC190
Evaluation Kit.

The following BIF file is used by bootgen to generate the Versal boot.bin
image.

the_ROM_image:
{
image {
{ type=bootimage, file=vpl_gen_fixed.pdi }
{ type=bootloader, file=plm.elf }
{ core=psm, file=psmfw.elf }
}

image {
id = 0x1c000000, name=apu_subsystem
{ type=raw, load=0x00001000, file=system.dtb }
{ core=a72-0, exception_level=el-3, trustzone, file=bl31.elf }
{ core=a72-0, exception_level=el-2, file=u-boot.elf }
{ core=a72-0, exception_level=el-1, trustzone, file=tee.elf }
}
}

$ ./bootgen -arch versal -image boot.bif -o BOOT.BIN

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Signed-off-by: John Linn <linnj@xilinx.com>
Signed-off-by: Ibai Erkiaga <ibai.erkiaga-elorza@xilinx.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

plat-stm32mp1: scmi: export some STPMIC1 regulators as voltage domains

Exposes STPMIC1 regulators through agent channel SCMI for platform
stm32mp1.

Acked-by: Jens Wiklander <jens.wiklander@linaro.o

plat-stm32mp1: scmi: export some STPMIC1 regulators as voltage domains

Exposes STPMIC1 regulators through agent channel SCMI for platform
stm32mp1.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stpmic1: export regulators API in a specific header file

Split stpmic1.h in 2 parts, one specifically for STPMIC1 regulator
interface.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

drivers: stpmic1: export regulators API in a specific header file

Split stpmic1.h in 2 parts, one specifically for STPMIC1 regulator
interface.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: imx_i2c: add support for MX8MP

Add I2C driver support for iMX8MP.

Signed-off-by: Vanessa Maegima <vanessa.maegima@foundries.io>
Acked-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jo

drivers: imx_i2c: add support for MX8MP

Add I2C driver support for iMX8MP.

Signed-off-by: Vanessa Maegima <vanessa.maegima@foundries.io>
Acked-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jorge Ramirez-Ortiz <jorge@foundries.io>

show more ...

plat-stm32mp1: fix apb3/4 iomem static mapping

Fixes APB3 device memory mapping size and adds APB4 device memory to
core static mapping.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Sig

plat-stm32mp1: fix apb3/4 iomem static mapping

Fixes APB3 device memory mapping size and adds APB4 device memory to
core static mapping.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-vexpress: Use the correct MACRO for TPM2

Replace CFG_TPM2_MMIO with CFG_DRIVERS_TPM2_MMIO.

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@l

plat-vexpress: Use the correct MACRO for TPM2

Replace CFG_TPM2_MMIO with CFG_DRIVERS_TPM2_MMIO.

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: FF-A: Map TPM event log for FF-A SPs

Enable passing the TPM event log to FF-A SPs if their manifest has an
"arm,tpm_event_log" compatible node. The event log is mapped to the
SP's address spac

core: FF-A: Map TPM event log for FF-A SPs

Enable passing the TPM event log to FF-A SPs if their manifest has an
"arm,tpm_event_log" compatible node. The event log is mapped to the
SP's address space and the address and size fields are updated in the
SP manifest.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Imre Kis <imre.kis@arm.com>

show more ...

core: arm: spectre-bhb software workaround

Expands the config option CFG_CORE_WORKAROUND_SPECTRE_BP_SEC to cover
CVE-2022-23960 (aka Spectre-BHB) too since both have much in common.

Spectre-BHB is

core: arm: spectre-bhb software workaround

Expands the config option CFG_CORE_WORKAROUND_SPECTRE_BP_SEC to cover
CVE-2022-23960 (aka Spectre-BHB) too since both have much in common.

Spectre-BHB is another speculation attack on branch prediction. Further
details can be found at [1].

The software workaround added for CPUs vulnerable to Spectre-V2 covers
Spectre-BHB too. New software workaround is only needed for CPUs immune to
Spectre-V2, but not so to Spectre-BHB.

The Spectre-V2 workaround is to invalidate the entire branch predictor
table. Most new CPU immune to Spectre-V2 but vulnerable to Spectre-BHB
can avoid invalidating the entire branch predictor table, instead is
this invalidation replaced by a loop designed to exhaust the branch
predictor in a way that the exploit isn't possible any longer.

Link: [1] https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/spectre-bhb

Fixes: CVE-2022-23960
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: refactor spectre-v2 workarounds

Refactors the Spectre-V2 workarounds to make room for further workarounds.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wikl

core: refactor spectre-v2 workarounds

Refactors the Spectre-V2 workarounds to make room for further workarounds.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add arm cortex and neoverse CPU part numbers

Adds part numbers for a few Arm Cortex and Neoverse CPUs. Also adds
defines helping to extract Variant and Revision from MIDR or MIDR_EL1.

Acked-b

core: add arm cortex and neoverse CPU part numbers

Adds part numbers for a few Arm Cortex and Neoverse CPUs. Also adds
defines helping to extract Variant and Revision from MIDR or MIDR_EL1.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: fix unused set_core_local_kcode_offset() warning

When compiling with CFG_CORE_UNMAP_CORE_AT_EL0=n there's a warning:
core/arch/arm/kernel/thread.c:529:13: error: ‘set_core_local_kcode_offset’

core: fix unused set_core_local_kcode_offset() warning

When compiling with CFG_CORE_UNMAP_CORE_AT_EL0=n there's a warning:
core/arch/arm/kernel/thread.c:529:13: error: ‘set_core_local_kcode_offset’ defined but not used [-Werror=unused-function]

Fix this with by adding a __maybe_unused to the function.

Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-vexpress: qemu: initialize TPM driver

QEMU implements a TPM emulation with TPM TIS/PTP interface. The PTP
interface is exposed via a memory mapped region to the TEE (MMIO
interface).

QEMU TPM

plat-vexpress: qemu: initialize TPM driver

QEMU implements a TPM emulation with TPM TIS/PTP interface. The PTP
interface is exposed via a memory mapped region to the TEE (MMIO
interface).

QEMU TPM emulation can be used with a virtualized TPM2.0 device
(sw-tpm).

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: mm: fix core virtual address range constraint in lpae

Changes strategy to set core virtual memory addresses in case pager
is enabled (CFG_WITH_PAGER=y) with LPAE (CFG_WITH_LPAE=y). In this
con

core: mm: fix core virtual address range constraint in lpae

Changes strategy to set core virtual memory addresses in case pager
is enabled (CFG_WITH_PAGER=y) with LPAE (CFG_WITH_LPAE=y). In this
configuration the virtual memory addresses are expected to fit in a
single base translation table in order to save 4kB translation pages.
This change makes core to fallback to the generic layout, possibly
spreading virtual addresses over several base translation tables if
the virtual memory addresses do not fit in the optimized address
range preferred for that configuration.

Fixes: https://github.com/OP-TEE/optee_os/issues/5201
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-vexpress: embed dt_driver test in qemu_virt and qemu_armv8a

Default embeds DT_DRIVER probing test with companion DTS file in
vexpress qemu_virt and qemu_armv8a. These platforms do not embed
any

plat-vexpress: embed dt_driver test in qemu_virt and qemu_armv8a

Default embeds DT_DRIVER probing test with companion DTS file in
vexpress qemu_virt and qemu_armv8a. These platforms do not embed
any DTB so we can set straight CFG_EMBED_DTB_SOURCE_FILE.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: dt_driver: drivers to test probe deferral

Implements driver providers for some emulated resource (clocks and reset
controllers), consumer drivers and a embedded test DTSI file to
test the DT_D

core: dt_driver: drivers to test probe deferral

Implements driver providers for some emulated resource (clocks and reset
controllers), consumer drivers and a embedded test DTSI file to
test the DT_DRIVER probe sequence.

The driver consumer run few tests and logs results locally. The
result participates in core self test result reported by the
PTA test interface.

One can test with vexpress platform flavor qemu_virt and qemu_v8 using,
for example, the build instruction below:
make PLATFORM=vexpress-qemu_virt \
CFG_DT_DRIVER_EMBEDDED_TEST=y \
CFG_EMBED_DTB_SOURCE_FILE=embedded_dtb_test.dts

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

arm: aspeed: fix kernel panic while getting gicd & gicc va

commit 60801696667d ("plat: arm: refactor GIC initialization") unifies
GIC initialization flow into common gic code and get GIC distributor

arm: aspeed: fix kernel panic while getting gicd & gicc va

commit 60801696667d ("plat: arm: refactor GIC initialization") unifies
GIC initialization flow into common gic code and get GIC distributor/CPU
interface virtual addresses with 64KB granularity.

However, Aspeed SoC hardware design only used 4KB granularity for
each of them. Revise register GICD/GICC physical memory size to meet
gic init requirement. (from 4KB to 64KB)
This commit would result in memory map overlaps warning.

Signed-off-by: Neal Liu <neal_liu@aspeedtech.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

dts: stm32mp1: add IWDG1/2 watchdogs support

Add the IWDG1 and IWDG2 watchdog support in stm32mp15 SoCs and define
the watchdog timeout configuration.

On ED1/EV1/DK1/DK2 boards, IWDG1 is default di

dts: stm32mp1: add IWDG1/2 watchdogs support

Add the IWDG1 and IWDG2 watchdog support in stm32mp15 SoCs and define
the watchdog timeout configuration.

On ED1/EV1/DK1/DK2 boards, IWDG1 is default disabled while IWDG2 is
enabled and assigned to non-secure world. Despite IWDG2 is assigned
to non-secure world, TEE may need to kick the watchdog during
transitions when non-secure is not able to do so as some power
management transitions.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>

show more ...

plat-stm32mp1: conf: enable watchdog support

Add the watchdog enable by default on STM32MP1 platform.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Lionel Debieve <lionel.debi

plat-stm32mp1: conf: enable watchdog support

Add the watchdog enable by default on STM32MP1 platform.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>

show more ...

plat-stm32mp1: add watchdog platform functions

Add the platform function to retrieve the watchdog OTP
configuration. Register the debug function to dump
register in case of watchdog detected event.

plat-stm32mp1: add watchdog platform functions

Add the platform function to retrieve the watchdog OTP
configuration. Register the debug function to dump
register in case of watchdog detected event.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@st.com>

show more ...

core: sp: map device regions from SP manifest

Map the device regions defined in the SP manifest file into the SP's
context. In the manifest fdt the device's PA is overwritten with the VA
after mappi

core: sp: map device regions from SP manifest

Map the device regions defined in the SP manifest file into the SP's
context. In the manifest fdt the device's PA is overwritten with the VA
after mapping. This fdt is passed to the SP on boot and can be used by
the SP to determine the VA of the device.

The content of the SP manifest is defined in the FF-A specification.
The devicetree binding for the SP manifest is defined at the link below.

Link: https://trustedfirmware-a.readthedocs.io/en/latest/components/ffa-manifest-binding.html
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>
Signed-off-by: Jelle Sels <jelle.sels@arm.com>

show more ...

core: sp_mem: add security attribute

Currently sp_mem only supports non-secure memory. This patch enables
using it for secure memory too.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed

core: sp_mem: add security attribute

Currently sp_mem only supports non-secure memory. This patch enables
using it for secure memory too.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>
Signed-off-by: Jelle Sels <jelle.sels@arm.com>

show more ...

core: sp_mem: add memory type attribute

Currently sp_mem only supports TEE_MATTR_MEM_TYPE_CACHE memory type.
This patch adds support for using it with any type so it can be used
for device memory to

core: sp_mem: add memory type attribute

Currently sp_mem only supports TEE_MATTR_MEM_TYPE_CACHE memory type.
This patch adds support for using it with any type so it can be used
for device memory too.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>
Signed-off-by: Jelle Sels <jelle.sels@arm.com>

show more ...

plat-stm32mp1: define backup register secure accesses

Implements access permissions for stm32mp1 backup registers accesses.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: E

plat-stm32mp1: define backup register secure accesses

Implements access permissions for stm32mp1 backup registers accesses.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-stm32mp1: default embed stm32_tamp driver

Default enable CFG_STM32_TAMP in stm32mp1 platform configuration
with there is an embedded DTB.

Acked-by: Jerome Forissier <jerome.forissier@linaro.or

plat-stm32mp1: default embed stm32_tamp driver

Default enable CFG_STM32_TAMP in stm32mp1 platform configuration
with there is an embedded DTB.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...