plat-stm32mp1: conf: mandate the use of device tree on STM32MP1x platforms

STM32MP1x platforms now mandate an embedded device tree using
CFG_EMBED_DTB_SOURCE_FILE. This decision simplifies platform

plat-stm32mp1: conf: mandate the use of device tree on STM32MP1x platforms

STM32MP1x platforms now mandate an embedded device tree using
CFG_EMBED_DTB_SOURCE_FILE. This decision simplifies platform
configuration and complies with existing flavors that all define an
embedded DT. This change makes stm32mp157c-dk2.dts the default
embedded DTB when none is set.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_bsec: st,non-secure-otp-provisioning property

Implementation of a new "st,non-secure-provisioning-otp" property,
destined for non-secure OTP access with restrictions. At BSEC
initiali

drivers: stm32_bsec: st,non-secure-otp-provisioning property

Implementation of a new "st,non-secure-provisioning-otp" property,
destined for non-secure OTP access with restrictions. At BSEC
initialization, OTPs defined with this property will grant their access
to non-secure world only if the fuses are not permanently locked.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: kernel: move otp_stubs.c to core/kernel

otp_stubs.c is architecture-agnostic, therefore, move it
from core/arch/arm/kernel to core/kernel.

Signed-off-by: Marouene Boubakri <marouene.boubakri@

core: kernel: move otp_stubs.c to core/kernel

otp_stubs.c is architecture-agnostic, therefore, move it
from core/arch/arm/kernel to core/kernel.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: riscv.mk: disable unsupported configuration flags

Features which are not supported, or, specific to other
architectures are disabled.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.c

core: riscv.mk: disable unsupported configuration flags

Features which are not supported, or, specific to other
architectures are disabled.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: riscv: add plat-virt

Add Qemu Virt RISC-V platform.
Reference:
https://www.qemu.org/docs/master/system/riscv/virt.html

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: J

core: riscv: add plat-virt

Add Qemu Virt RISC-V platform.
Reference:
https://www.qemu.org/docs/master/system/riscv/virt.html

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-stm32mp1: restore BSEC SIP services on STM32MP15

U-Boot and Linux kernel use BSEC OP-TEE services on STM32MP15 but do
not yet integrate BSEC PTA drivers for OTP accesses and still rely on
OP-TE

plat-stm32mp1: restore BSEC SIP services on STM32MP15

U-Boot and Linux kernel use BSEC OP-TEE services on STM32MP15 but do
not yet integrate BSEC PTA drivers for OTP accesses and still rely on
OP-TEE BSEC SMC SiP service. Therefore restore the service for STM32MP15
platform flavors. The service will be default disabled once U-Boot and
Linux kernel are ready.

Fixes: eab9487631cc ("plat-stm32mp1: deprecate BSEC SIP services")
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: riscv: provide delay_arch.h

Implement timeout_init_us() and timeout_elapsed().

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@lin

core: riscv: provide delay_arch.h

Implement timeout_init_us() and timeout_elapsed().

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: kernel: delay: sort-out architecture-independant code from arch dir

This commit moves core/arch/arm/kernel/delay.c to core/kernel/delay.c.
Keeps architecture-dependant code in
core/arch/$ARCH/

core: kernel: delay: sort-out architecture-independant code from arch dir

This commit moves core/arch/arm/kernel/delay.c to core/kernel/delay.c.
Keeps architecture-dependant code in
core/arch/$ARCH/include/kernel/delay_arch.h and moves generic functions
to core/include/kernel/delay.h

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: riscv: add time source based on time registers

Implement a TEE time source based on CSR_TIME and CSR_HTIME for S-Mode
and CLINT MTIME register for M-Mode.
CFG_RISCV_TIME_SOURCE_RDTIME flag to

core: riscv: add time source based on time registers

Implement a TEE time source based on CSR_TIME and CSR_HTIME for S-Mode
and CLINT MTIME register for M-Mode.
CFG_RISCV_TIME_SOURCE_RDTIME flag to enable or not building the time
source. CFG_RISCV_MTIME_RATE defines the timer rate, default to 10MHz.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: move tee_time.c and tee_time_ree.c to core/kernel

tee_time.c and tee_time_ree.c are architecture-independant code therefore
move them from core/arch/arm/kernel to core/kernel.

Signed-off-by:

core: move tee_time.c and tee_time_ree.c to core/kernel

tee_time.c and tee_time_ree.c are architecture-independant code therefore
move them from core/arch/arm/kernel to core/kernel.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: riscv: provide <kernel/time.h>

Add read_time() function to get time based on CSR_TIME
and CSR_HTIME registers for S-Mode and CLINT MTIME register
for M-Mode.

Signed-off-by: Marouene Boubakri

core: riscv: provide <kernel/time.h>

Add read_time() function to get time based on CSR_TIME
and CSR_HTIME registers for S-Mode and CLINT MTIME register
for M-Mode.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: riscv: implement core local interruptor (clint) driver

An initial implementation of RISC-V CLINT driver with MTIMER
device to provide machine-level timer functionality.

Signed-off-by: Marouen

core: riscv: implement core local interruptor (clint) driver

An initial implementation of RISC-V CLINT driver with MTIMER
device to provide machine-level timer functionality.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm64: SM3 using ARMv8.2-A cryptographic extensions

Import SM3 assembly code from the Linux kernel (Linaro contribution).
Enabled with CFG_CRYPTO_SM3_ARM64_CE=y, set by default if
CFG_CRYPTO_W

core: arm64: SM3 using ARMv8.2-A cryptographic extensions

Import SM3 assembly code from the Linux kernel (Linaro contribution).
Enabled with CFG_CRYPTO_SM3_ARM64_CE=y, set by default if
CFG_CRYPTO_WITH_CE82=y.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm64: SHA-512 using ARMv8.2-A cryptographic extensions

Import SHA-512 assembly code from the Linux kernel (Linaro
contribution). Enabled with CFG_CRYPTO_SHA512_ARM64_CE=y, set by default
if C

core: arm64: SHA-512 using ARMv8.2-A cryptographic extensions

Import SHA-512 assembly code from the Linux kernel (Linaro
contribution). Enabled with CFG_CRYPTO_SHA512_ARM64_CE=y, set by default
if CFG_CRYPTO_WITH_CE82=y.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: riscv: provide kern.ld.S

Provide script to allow linking OP-TEE core for RISC-V.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linar

core: riscv: provide kern.ld.S

Provide script to allow linking OP-TEE core for RISC-V.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: riscv: riscv.mk: add mm and tee subdirectories to build tree

Add mm and tee subdirectories to core-platform-subdirs.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by:

core: riscv: riscv.mk: add mm and tee subdirectories to build tree

Add mm and tee subdirectories to core-platform-subdirs.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: riscv: kernel: provide link.mk

Link and generate tee.(elf,bin,dmp,map,symb_sizes).

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jens Wiklander <jens.wiklander@lin

core: riscv: kernel: provide link.mk

Link and generate tee.(elf,bin,dmp,map,symb_sizes).

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-stm32mp1: remove stm32mp_is_closed_device()

Removes stm32mp_is_closed_device() platform function and related
resources as it is superseded by BSEC driver API function
stm32_bsec_get_state().

S

plat-stm32mp1: remove stm32mp_is_closed_device()

Removes stm32mp_is_closed_device() platform function and related
resources as it is superseded by BSEC driver API function
stm32_bsec_get_state().

Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_bsec: remove protection on debug configuration

Keeps stm32_bsec_write_debug_conf() out of CFG_STM32_BSEC_WRITE
purpose. This switch must protect OTP memory writes, not accesses
to BSE

drivers: stm32_bsec: remove protection on debug configuration

Keeps stm32_bsec_write_debug_conf() out of CFG_STM32_BSEC_WRITE
purpose. This switch must protect OTP memory writes, not accesses
to BSEC configuration registers.

CFG_STM32_BSEC_WRITE is now default enabled and not set to
CFG_TEE_CORE_DEBUG value.

Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-stm32mp1: deprecate BSEC SIP services

As the interface is now managed using PTA BSEC, the
SMC SIP services can be set as deprecated.

It can be removed in few OP-TEE releases.

Signed-off-by: L

plat-stm32mp1: deprecate BSEC SIP services

As the interface is now managed using PTA BSEC, the
SMC SIP services can be set as deprecated.

It can be removed in few OP-TEE releases.

Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

pta: stm32mp: enable BSEC PTA

Default enables the BSEC PTA for STM32MP15x and STM32MP13x.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.che

pta: stm32mp: enable BSEC PTA

Default enables the BSEC PTA for STM32MP15x and STM32MP13x.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

dts: stm32: correct BSEC nodes compatible for stm32mp13

Device tree alignment with kernel and latest binding for BSEC node:
the rev2.0 is used on STM32MP13x devices with the new compatible
compatibl

dts: stm32: correct BSEC nodes compatible for stm32mp13

Device tree alignment with kernel and latest binding for BSEC node:
the rev2.0 is used on STM32MP13x devices with the new compatible
compatible = "st,stm32mp13-bsec".

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_bsec: update for stm32mp13

Adds support for stm32mp13x platforms in BSEC driver.
Permanent lock status is updated without reset.

Signed-off-by: Patrick Delaunay <patrick.delaunay@fos

drivers: stm32_bsec: update for stm32mp13

Adds support for stm32mp13x platforms in BSEC driver.
Permanent lock status is updated without reset.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_bsec: add new generic interfaces

Exports generic functions to retrieve the BSEC state and check
if a fuse can be read depending on the BSEC current state.
Adds some robustness in the

drivers: stm32_bsec: add new generic interfaces

Exports generic functions to retrieve the BSEC state and check
if a fuse can be read depending on the BSEC current state.
Adds some robustness in the driver to enforce security when
trying to access a fuse.

It is a preliminary step for BSEC PTA introduction.

Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

dts: at91: fix reg address for secure PIO

The secure PIO controller is located at 0xfc039000 not 0xfc038000. Fix
this in all at91 device-trees.

Signed-off-by: Clément Léger <clement.leger@bootlin.c

dts: at91: fix reg address for secure PIO

The secure PIO controller is located at 0xfc039000 not 0xfc038000. Fix
this in all at91 device-trees.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...