core: arm: add boot_cached_mem_end

Add boot_cached_mem_end in C code, replacing the previous read-only
mapped cached_mem_end. This allows updates to boot_cached_mem_end after
MMU has been enabled.

core: arm: add boot_cached_mem_end

Add boot_cached_mem_end in C code, replacing the previous read-only
mapped cached_mem_end. This allows updates to boot_cached_mem_end after
MMU has been enabled.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: arm,pager: make __vcore_init_ro_start follow __vcore_init_rx_end

This concerns configurations with CFG_WITH_PAGER=y. Until this patch,
even if __vcore_init_ro_size (VCORE_INIT_RO_SZ) is 0 for

core: arm,pager: make __vcore_init_ro_start follow __vcore_init_rx_end

This concerns configurations with CFG_WITH_PAGER=y. Until this patch,
even if __vcore_init_ro_size (VCORE_INIT_RO_SZ) is 0 for
CFG_CORE_RODATA_NOEXEC=n, __vcore_init_ro_start was using some value
smaller than __vcore_init_rx_end. To simplify code trying to find the
end of VCORE_INIT_RX and VCORE_INIT_RO parts of the binary, make sure
that __vcore_init_ro_start follows right after __vcore_init_rx_end.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: arm: core_mmu_v7.c: increase MAX_XLAT_TABLES by 2

Increase MAX_XLAT_TABLES by 2 to be able to map all TEE memory with 4k
pages.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Revie

core: arm: core_mmu_v7.c: increase MAX_XLAT_TABLES by 2

Increase MAX_XLAT_TABLES by 2 to be able to map all TEE memory with 4k
pages.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: mm: replace MEM_AREA_TA_RAM

Replace MEM_AREA_TA_RAM with MEM_AREA_SEC_RAM_OVERALL.

All read/write secure memory is covered by MEM_AREA_SEC_RAM_OVERALL,
sometimes using an aliased map. But sec

core: mm: replace MEM_AREA_TA_RAM

Replace MEM_AREA_TA_RAM with MEM_AREA_SEC_RAM_OVERALL.

All read/write secure memory is covered by MEM_AREA_SEC_RAM_OVERALL,
sometimes using an aliased map. But secure read-only or execute core
memory is not covered as that would defeat the purpose of
CFG_CORE_RWDATA_NOEXEC.

Since the partition TA memory isn't accessed via MEM_AREA_TA_RAM any
longer, don't map it using the partition specific map.

This is needed later where unification of OP-TEE core and physical TA
memory is possible.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: add VCORE_FREE_{PA,SZ,END_PA}

Add VCORE_FREE_{PA,SZ,END_PA} defines to identify the unused and free
memory range at the end of TEE_RAM_START..(TEE_RAM_START +
TEE_RAM_VA_SIZE).

VCORE_FREE_SZ

core: add VCORE_FREE_{PA,SZ,END_PA}

Add VCORE_FREE_{PA,SZ,END_PA} defines to identify the unused and free
memory range at the end of TEE_RAM_START..(TEE_RAM_START +
TEE_RAM_VA_SIZE).

VCORE_FREE_SZ is 0 in a pager configuration since all the memory is
used by the pager.

The VCORE_FREE range is excluded from the TEE_RAM_RW area for
CFG_NS_VIRTUALIZATION=y and instead put in a separate NEX_RAM_RW area.
This makes each partition use a bit less memory and leaves the
VCORE_FREE range available for the Nexus.

The VCORE_FREE range is added to the TEE_RAM_RW area for the normal
configuration with CFG_NS_VIRTUALIZATION=n and CFG_WITH_PAGER=n. It's in
practice unchanged behaviour in this configuration.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: arm64: increase thread stack size for debug

Increase STACK_THREAD_SIZE when CFG_CORE_DEBUG_CHECK_STACKS=y.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Foriss

core: arm64: increase thread stack size for debug

Increase STACK_THREAD_SIZE when CFG_CORE_DEBUG_CHECK_STACKS=y.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-k3: drivers: Add some trace message for TI-SCI calls

These could be good for debugging tracing of TI-SCI messages

Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Manor

plat-k3: drivers: Add some trace message for TI-SCI calls

These could be good for debugging tracing of TI-SCI messages

Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>

show more ...

plat-k3: drivers: Remove ti_sci_get_response function

Currently since all the code is under mutex, it makes sense to remove
this function and keep it all under ti_sci_do_xfer for easier
readability.

plat-k3: drivers: Remove ti_sci_get_response function

Currently since all the code is under mutex, it makes sense to remove
this function and keep it all under ti_sci_do_xfer for easier
readability.

Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>

show more ...

plat-k3: drivers: Move message_sequence updates inside ti_sci_do_xfer

To avoid potential race condition, set the message_sequence inside
ti_sci_do_xfer itself as the send and receive paths are prote

plat-k3: drivers: Move message_sequence updates inside ti_sci_do_xfer

To avoid potential race condition, set the message_sequence inside
ti_sci_do_xfer itself as the send and receive paths are protected by a
mutex and avoid race conditions on message_sequence.

Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>

show more ...

plat-k3: drivers: Add mutex lock for ti_sci_do_xfer

Current TI-SCI calls are not protected by any locks. OP-TEE running on
multiple threads can end up receiving different message response then
the o

plat-k3: drivers: Add mutex lock for ti_sci_do_xfer

Current TI-SCI calls are not protected by any locks. OP-TEE running on
multiple threads can end up receiving different message response then
the one they sent due to no queuing model.

*I/TC: Message with sequence ID <> is not expected

Add mutex lock to prevent such issues.

Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Manorit Chawdhry <m-chawdhry@ti.com>

show more ...

plat-rockchip: allow specifying DRAM via CFG options

It's currently not possible to use CFG_CORE_DYN_SHM with the Rockchip
platforms, because OP-TEE doesn't know what non-secure memory is
available;

plat-rockchip: allow specifying DRAM via CFG options

It's currently not possible to use CFG_CORE_DYN_SHM with the Rockchip
platforms, because OP-TEE doesn't know what non-secure memory is
available; Device tree is not used and no DDR ranges are registered.

This precludes interacting with OP-TEE from barebox and U-Boot, which
currently only implement OP-TEE communication with dynamic shared
memory.

Make it possible to use CFG_CORE_DYN_SHM=y by adding two sets of config
variables to register memory:

CFG_DRAM_BASE, CFG_DRAM_SIZE:
For the main memory in the first 4G up to the MMIO range beyond
the end of the first RAM bank

CFG_NSEC_DDR_1_BASE, CFG_NSEC_DDR_1_SIZE:
For the remainder of the main memory above the MMIO regions.

OP-TEE will take care to carve out the secure memory ranges.

This has been tested on an RK3399 with barebox using OP-TEE's HWRNG TA.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Ahmad Fatoum <ahmad@a3f.at>

show more ...

plat-stm32mp1: shared_resources: remove pin/GPIO secure state management

Remove the pin and GPIO secure state management from shared_resources
platform driver since this is now managed using the fir

plat-stm32mp1: shared_resources: remove pin/GPIO secure state management

Remove the pin and GPIO secure state management from shared_resources
platform driver since this is now managed using the firewall framework.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

plat-stm32mp1: stm32mp1_stpmic: remove use of shared_resource for pinctrl

Remove use of shared_resources platform driver in STM32MP15 PMIC driver
to manage the secure state of the pins of a pinctrl

plat-stm32mp1: stm32mp1_stpmic: remove use of shared_resource for pinctrl

Remove use of shared_resources platform driver in STM32MP15 PMIC driver
to manage the secure state of the pins of a pinctrl state since this is
now managed using the firewall framework.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

plat-stm32mp1: shared_resources: do not manage pins secure state

Remove management of GPIO and pinctrl secure state since this is
now handled from STM32 ETZPC driver based through the firewall
frame

plat-stm32mp1: shared_resources: do not manage pins secure state

Remove management of GPIO and pinctrl secure state since this is
now handled from STM32 ETZPC driver based through the firewall
framework.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

dts: stm32: refine STM32MP25 secure/non-secure USART2 pinctrl states

Explicitly state that legacy pinctrl phandles usart2_pins_a
refer to non-secure USART2 pin muxing, used in STM32MP23 and
STM32MP2

dts: stm32: refine STM32MP25 secure/non-secure USART2 pinctrl states

Explicitly state that legacy pinctrl phandles usart2_pins_a
refer to non-secure USART2 pin muxing, used in STM32MP23 and
STM32MP25 based boards for OP-TEE console using a non-secure UART bus.

Define secure USART2 bus pinctrl states for board that needs
to use the USART2 bus in secure state.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

dts: stm32: refine STM32MP13 secure/non-secure USART4 pinctrl states

Explicitly state that legacy pinctrl phandles usart4_pins_a
refer to non-secure USART4 pin muxing, used in STM32MP13 based
boards

dts: stm32: refine STM32MP13 secure/non-secure USART4 pinctrl states

Explicitly state that legacy pinctrl phandles usart4_pins_a
refer to non-secure USART4 pin muxing, used in STM32MP13 based
boards for OP-TEE console using a non-secure UART bus.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

dts: stm32: refine STM32MP15 secure/non-secure I2C4 pinctrl states

Explicitly state that legacy pinctrl phandles i2c4_pins_a and
i2c4_sleep_pins_a refer to non-secure I2C4 pin muxing on STM32MP15
ba

dts: stm32: refine STM32MP15 secure/non-secure I2C4 pinctrl states

Explicitly state that legacy pinctrl phandles i2c4_pins_a and
i2c4_sleep_pins_a refer to non-secure I2C4 pin muxing on STM32MP15
based platforms.

Define secure I2C4 bus pinctrl states for boards that use the I2C4 bus
in secure state on STM32MP15 SoCs.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

dts: stm32: most stm32mp15 UARTs pinctrl are non-secure

On STM32MP15 based devices, UART2/3/4/5/6/7/8 cannot be secured.
Explicitly state that in the pinctrl nodes. This change ease the use
of a non

dts: stm32: most stm32mp15 UARTs pinctrl are non-secure

On STM32MP15 based devices, UART2/3/4/5/6/7/8 cannot be secured.
Explicitly state that in the pinctrl nodes. This change ease the use
of a non-secure UART for OP-TEE output console on STM32MP15 based boards.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

dts: stm32: define SoC GPIO banks that are firewall controllers

Add property #access-controller-cells to GPIO banks that register
to the firewall framework.

Signed-off-by: Etienne Carriere <etienne

dts: stm32: define SoC GPIO banks that are firewall controllers

Add property #access-controller-cells to GPIO banks that register
to the firewall framework.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

plat-rockchip: add support for Rockchip rk3588

Enables support for NanoPC-T6
Based on support for ROCK 4

Signed-off-by: Ed Tubbs <ectubbs@gmail.com>
Acked-by: Jerome Forissier <jerome.forissier@lin

plat-rockchip: add support for Rockchip rk3588

Enables support for NanoPC-T6
Based on support for ROCK 4

Signed-off-by: Ed Tubbs <ectubbs@gmail.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Heiko Stuebner <heiko.stuebner@cherry.de> (BSD-3)
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: stm32: add RCC RIF configuration for the stm32mp257f-ev1 board

Add the RIF configuration for the stm32mp257f-ev1 board. Some clocks
are in semaphore mode with only CID1 authorized. This is a tr

dts: stm32: add RCC RIF configuration for the stm32mp257f-ev1 board

Add the RIF configuration for the stm32mp257f-ev1 board. Some clocks
are in semaphore mode with only CID1 authorized. This is a trick to
benefit from a hardware synchronization in low-power sequences.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-imx: Add phyBOARD-Pollux support

phyBOARD-Pollux i.MX 8M Plus is an SBC based on the i.MX 8M Plus SoC.
Add the board to the mx8mp-flavorlist and set board specific configs.

Signed-off-by: Yann

plat-imx: Add phyBOARD-Pollux support

phyBOARD-Pollux i.MX 8M Plus is an SBC based on the i.MX 8M Plus SoC.
Add the board to the mx8mp-flavorlist and set board specific configs.

Signed-off-by: Yannic Moog <y.moog@phytec.de>
Acked-by: Sahil Malhotra <sahil.malhotra@nxp.com>

show more ...

plat-versal2: add support for AMD Versal Gen 2

Add support for AMD Versal Gen 2 platform.
AMD Versal Gen 2 is a new SoC based on ARM A78AE with GICv3 and UART
over pl011.

Signed-off-by: Akshay Bels

plat-versal2: add support for AMD Versal Gen 2

Add support for AMD Versal Gen 2 platform.
AMD Versal Gen 2 is a new SoC based on ARM A78AE with GICv3 and UART
over pl011.

Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>
Signed-off-by: Amey Avinash Raghatate <ameyavinash.raghatate@amd.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-stm32mp2: default enable TAMP peripheral support

Default enable TAMP peripheral support for stm32mp2x platforms.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: E

plat-stm32mp2: default enable TAMP peripheral support

Default enable TAMP peripheral support for stm32mp2x platforms.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_tamp: configure the backup registers when driver is probing

Update the driver to be able to configure the backup registers when
the driver is probing and remove call to stm32_tamp_set

drivers: stm32_tamp: configure the backup registers when driver is probing

Update the driver to be able to configure the backup registers when
the driver is probing and remove call to stm32_tamp_set_secure_bkpregs()
in plat-stm32mp1 main.c.

Remove old implementation of stm32_bkpregs_conf structure and rename
stm32_bkpregs_conf_new to stm32_bkpregs_conf.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...