plat-k3: main: Print the revision of the Secure Board Configuration

If the board is booting with hardware authentication, print the software
revision.

The Software Revision is the value written to

plat-k3: main: Print the revision of the Secure Board Configuration

If the board is booting with hardware authentication, print the software
revision.

The Software Revision is the value written to the OTP eFuse during board
provisioning and it is only available in HS boards.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-k3: drivers: add TISCI call to retrieve the SWREV

This call is only available to OTP_REV_ID_SEC_BRDCFG

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerom

plat-k3: drivers: add TISCI call to retrieve the SWREV

This call is only available to OTP_REV_ID_SEC_BRDCFG

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-k3: drivers: add OTP revision read/write message descriptions

Add the TISCI message identifiers required for reading and writing
Software Revision and Key Revision to/from eFuses.

Signed-off-b

plat-k3: drivers: add OTP revision read/write message descriptions

Add the TISCI message identifiers required for reading and writing
Software Revision and Key Revision to/from eFuses.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: spmc: implement FFA_CONSOLE_LOG

Add FFA_CONSOLE_LOG interface support for enabling debug messages from
SPs as defined in FF-A v1.2. The message string is packed into the
registers of the call

core: spmc: implement FFA_CONSOLE_LOG

Add FFA_CONSOLE_LOG interface support for enabling debug messages from
SPs as defined in FF-A v1.2. The message string is packed into the
registers of the call so it doesn't require the existence of a shared
memory between the SPMC and the SPs. This makes it ideal for early debug
messages, however the length of the message is limited.
The received messages are forwarded to OP-TEE's trace output.

Signed-off-by: Imre Kis <imre.kis@arm.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: thread: Add support for canary value randomization

Currently hardcoded magic number is used as thread stack canary,
an attacker with full control over the overflow can embed the
hardcoded cana

core: thread: Add support for canary value randomization

Currently hardcoded magic number is used as thread stack canary,
an attacker with full control over the overflow can embed the
hardcoded canary value on the right location to bypass the overflow
detection.

To add extra layer of security, redefine the canary value as variable,
such that the canary can be initialized during runtime.

The canaries are initialized with static values from thread_init_canaries()
during the early boot stage. The plat_get_random_stack_canaries() is
refactored to support arbitrary-length random numbers, and a new function
called thread_update_canaries() is created to fetch the random values and
update the thread canaries. For CFG_NS_VIRTUALIZATION=y, the updated
function is disabled.

Signed-off-by: Vincent Chuang <Vincent.Chuang@mediatek.com>
Signed-off-by: Randy Hsu <Randy-CY.Hsu@mediatek.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp1: restore SYSRAM for SCMI message on STM32MP13

Restores use of SYSRAM last page for STM32MP13 for SCMI communication
as U-Boot and Linux kernel device trees are not yet updated to use O

plat-stm32mp1: restore SYSRAM for SCMI message on STM32MP13

Restores use of SYSRAM last page for STM32MP13 for SCMI communication
as U-Boot and Linux kernel device trees are not yet updated to use OP-TEE
native shared memory instead.

Fixes: 89ba3422ee80 ("plat-stm32mp1: scmi_server: default use OP-TEE shared memory")
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: stm32mp13: update stm32mp13 SoC and board DTS files

Updates STM32MP13* SoC DTSI files and STM32MP135F-DK board DTS file
and related DT binding header files.

Acked-by: Gatien Chevallier <gatien

dts: stm32mp13: update stm32mp13 SoC and board DTS files

Updates STM32MP13* SoC DTSI files and STM32MP135F-DK board DTS file
and related DT binding header files.

Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp1: allow use of SRAMs as TZSRAM

Allows CFG_TZSRAM_BASE/_SIZE to cover SRAM1, SRAM2, SRAM3 and SRAM4
to enlarge pager page pool and enhance pager performances. When so,
the SRAMs which TZ

plat-stm32mp1: allow use of SRAMs as TZSRAM

Allows CFG_TZSRAM_BASE/_SIZE to cover SRAM1, SRAM2, SRAM3 and SRAM4
to enlarge pager page pool and enhance pager performances. When so,
the SRAMs which TZSRAM lie in are registered as secure.

Using these internal memory requires SCMI communication to not use
SYSRAM last page for example by using OP-TEE native shared memory instead.

Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp1: shared_resources: consider SRAMs

Adds SRAMs to the STM32MP15 shared resources.

Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.ca

plat-stm32mp1: shared_resources: consider SRAMs

Adds SRAMs to the STM32MP15 shared resources.

Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp1: scmi_server: default use OP-TEE shared memory

Adds configuration switch CFG_STM32MP1_SCMI_SHM_SYSRAM that is default
disabled. When disabled, CFG_STM32MP1_SCMI_SHM_BASE defaults to 0

plat-stm32mp1: scmi_server: default use OP-TEE shared memory

Adds configuration switch CFG_STM32MP1_SCMI_SHM_SYSRAM that is default
disabled. When disabled, CFG_STM32MP1_SCMI_SHM_BASE defaults to 0
which means OP-TEE SMCI server uses OP-TEE native shared memory
registered by clients. When CFG_STM32MP1_SCMI_SHM_SYSRAM is enabled
CFG_STM32MP1_SCMI_SHM_BASE is force the base address of the SYRAM
last 4KByte page.

Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp1: scmi_server: support use of OP-TEE shared memory

Updates scmi_server configuration and implementation for the platform
to use OP-TEE native shared memory instead of device memory mapp

plat-stm32mp1: scmi_server: support use of OP-TEE shared memory

Updates scmi_server configuration and implementation for the platform
to use OP-TEE native shared memory instead of device memory mapped
SRAM for SCMI messages transfer. With this change, configuring
CFG_STM32MP1_SCMI_SHM_BASE to 0 allows such setup.

This change moves registration of CFG_STM32MP1_SCMI_SHM_BASE as
non-secure mapped device memory from main.c to scmi_server.c
to have all SCMI related platform resources defined from that
source file.

Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp1: add missing braces in IO compensation function

Adds missing braces in stm32mp_syscfg_enable_io_compensation().

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Gati

plat-stm32mp1: add missing braces in IO compensation function

Adds missing braces in stm32mp_syscfg_enable_io_compensation().

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp1: fix timeout initializations

Fixes timeout initialization to ensure timeout monitoring starts
only once PWR regulator is enabled in stm32mp1_pwr driver and
once IO compensation is enab

plat-stm32mp1: fix timeout initializations

Fixes timeout initialization to ensure timeout monitoring starts
only once PWR regulator is enabled in stm32mp1_pwr driver and
once IO compensation is enabled in stm32mp1_syscfg driver.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: mm: Rename "mva" to "va" for TLB operations

The terminology "mva" is specific for older ARM architecture which has
FCSE extension. To support multiple architecture, it would be good to
rename

core: mm: Rename "mva" to "va" for TLB operations

The terminology "mva" is specific for older ARM architecture which has
FCSE extension. To support multiple architecture, it would be good to
rename "mva" to common terminology, such as "va". This PR renames "mva"
to "va" in TLB operations for ARM64 and RISC-V. For ARM32, "mva" is
reserved because it is really defined in ARM32's documentations.

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: mm: Introduce next_level field of struct core_mmu_table_info

The address translation rule is architecture specific, e.g., ARM adopts
increasing style while the address is translated to finer-g

core: mm: Introduce next_level field of struct core_mmu_table_info

The address translation rule is architecture specific, e.g., ARM adopts
increasing style while the address is translated to finer-grained table,
while RISC-V adopts decreasing style. Therefore, we add a "next_level"
field into the struct core_mmu_table_info, which represents the next
finer-grained translation level. By doing this, we can decouple the
core address translation rule from architecture specific manner.

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: mm: Introduce core_mmu_level_in_range()

Since the checking of the valid translation level is architecture
specific, the core_mmu_level_in_range() is introduced and every
architecture could imp

core: mm: Introduce core_mmu_level_in_range()

Since the checking of the valid translation level is architecture
specific, the core_mmu_level_in_range() is introduced and every
architecture could implement the function with their own translation
rules.

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: sp: implement FF-A v1.1 boot protocol

Implement passing the boot info to Secure Partitions in the new format
defined by FF-A v1.1. The change is backwards compatible by keeping the
already exi

core: sp: implement FF-A v1.1 boot protocol

Implement passing the boot info to Secure Partitions in the new format
defined by FF-A v1.1. The change is backwards compatible by keeping the
already existing FF-A v1.0 format too. Which format to use is decided
based on the "ffa-version" field in the SP's manifest. The register to
use for passing the boot info blob's address is based on the
"gp-register-num" field.

Link: https://trustedfirmware-a.readthedocs.io/en/latest/components/ffa-manifest-binding.html#partition-properties
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>

show more ...

core: sp: fix session handling in sp_first_run

Currently the error handling after sp_enter() calls vm_unmap() without
activating the correct session with ts_push_current_session(), fix this.
Also fi

core: sp: fix session handling in sp_first_run

Currently the error handling after sp_enter() calls vm_unmap() without
activating the correct session with ts_push_current_session(), fix this.
Also fix the returned error code to use TEE_* instead of FFA_*.

Fixes: 6d618ba1d612 ("core: sp: map device regions from SP manifest")
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>

show more ...

core: sp: fix unmap in sp_first_run

Fix the usage of vm_unmap() in sp_first_run. The functions expects the
memory size as the last argument, but currently the number of pages is
passed instead.

Fix

core: sp: fix unmap in sp_first_run

Fix the usage of vm_unmap() in sp_first_run. The functions expects the
memory size as the last argument, but currently the number of pages is
passed instead.

Fixes: 7e8d05e4c35d ("core: sp: Pass manifest fdt to SP")
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>

show more ...

plat-stm32mp1: fix default setting GPIO as non-secure

Fixes STM32MP13 sequence that default configures GPIO as non-secure
from set_all_gpios_non_secure() registered at early_init_late initcall
level

plat-stm32mp1: fix default setting GPIO as non-secure

Fixes STM32MP13 sequence that default configures GPIO as non-secure
from set_all_gpios_non_secure() registered at early_init_late initcall
level, that is at same level driver are initially probed by dt_driver
framework. This result on set_all_gpios_non_secure() possibly needing
a bank resource before it is probed. Fix that by removing initcall
function set_all_gpios_non_secure() and default configuring GPIO pins
for STM32MP13 variant on their GPIO bank registering.

Fixes: 077d486ef09d ("drivers: stm32_gpio: add helper function stm32_gpio_get_bank()")
Acked-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp1: enable CFG_DRIVERS_GPIO

Enables CFG_DRIVERS_GPIO for platform stm32mp1.

Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@

plat-stm32mp1: enable CFG_DRIVERS_GPIO

Enables CFG_DRIVERS_GPIO for platform stm32mp1.

Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp1: remove unused gpio bank base address helper function

Removes stm32mp1 platform helper function stm32_get_gpio_bank_base().

Acked-by: Lionel Debieve <lionel.debieve@foss.st.com>
Acked

plat-stm32mp1: remove unused gpio bank base address helper function

Removes stm32mp1 platform helper function stm32_get_gpio_bank_base().

Acked-by: Lionel Debieve <lionel.debieve@foss.st.com>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp1: remove unused gpio bank clock helper functions

Removes stm32mp1 platform helper functions stm32_get_gpio_bank_clock()
and stm32_get_gpio_bank_clk().

Acked-by: Lionel Debieve <lionel.

plat-stm32mp1: remove unused gpio bank clock helper functions

Removes stm32mp1 platform helper functions stm32_get_gpio_bank_clock()
and stm32_get_gpio_bank_clk().

Acked-by: Lionel Debieve <lionel.debieve@foss.st.com>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

arm: Add Aspeed AST2700 platform support

Aspeed AST2700 is a quad-core SoC with ARM Cortex-A35 CPU.
This patch adds the platform support for AST2700 to execute
64-bits OP-TEE on top of ARMv8 TrustZo

arm: Add Aspeed AST2700 platform support

Aspeed AST2700 is a quad-core SoC with ARM Cortex-A35 CPU.
This patch adds the platform support for AST2700 to execute
64-bits OP-TEE on top of ARMv8 TrustZone features.

Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: add plat-nuvoton

Adds support to Nuvoton npcm845x

Co-developed-by: Hila Miranda-Kuzi <hila.miranda.kuzi1@gmail.com>
Signed-off-by: Hila Miranda-Kuzi <hila.miranda.kuzi1@gmail.com>
Signed-off-

core: add plat-nuvoton

Adds support to Nuvoton npcm845x

Co-developed-by: Hila Miranda-Kuzi <hila.miranda.kuzi1@gmail.com>
Signed-off-by: Hila Miranda-Kuzi <hila.miranda.kuzi1@gmail.com>
Signed-off-by: Margarita Glushkin <rutigl@gmail.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...