drivers: regulator: fix missing header file in stm32mp13_regulator_iod

Add missing inclusion of kernel/dt_driver.h that is needed by
stm32mp13_regulator_iod driver.

Signed-off-by: Etienne Carriere

drivers: regulator: fix missing header file in stm32mp13_regulator_iod

Add missing inclusion of kernel/dt_driver.h that is needed by
stm32mp13_regulator_iod driver.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

driver: crypto: hisilicon: add RSA algorithm

Add RSA support in Hisilicon crypto drivers.

Signed-off-by: yuzexi <yuzexi@hisilicon.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acke

driver: crypto: hisilicon: add RSA algorithm

Add RSA support in Hisilicon crypto drivers.

Signed-off-by: yuzexi <yuzexi@hisilicon.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: firewall: stm32_etzpc: add check_access handler

Implement .check_access handler in stm32_etzpc driver.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Patrick D

drivers: firewall: stm32_etzpc: add check_access handler

Implement .check_access handler in stm32_etzpc driver.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

drivers: stm32_cryp: remove registering to shared_resource driver

Remove registering of STM32 CRYP driver to shared_resources driver that
is deprecated since integration of the firewall framework an

drivers: stm32_cryp: remove registering to shared_resource driver

Remove registering of STM32 CRYP driver to shared_resources driver that
is deprecated since integration of the firewall framework and will soon
be removed.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

drivers: stm32_uart: remove registering to shared_resources driver

Remove registering of STM32 UART driver to shared_resources driver that
is deprecated since integration of the firewall framework a

drivers: stm32_uart: remove registering to shared_resources driver

Remove registering of STM32 UART driver to shared_resources driver that
is deprecated since integration of the firewall framework and will soon
be removed.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

drivers: stm32_rng: remove registering to shared_resources driver

Remove registering of STM32 RNG driver to shared_resources driver that
is deprecated since integration of the firewall framework and

drivers: stm32_rng: remove registering to shared_resources driver

Remove registering of STM32 RNG driver to shared_resources driver that
is deprecated since integration of the firewall framework and will soon
be removed.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

drivers: stm32_iwdg: remove useless device list

STM32 watchdog driver does not manage several instances of IWDG hence
remove the useless code. To simplify code, remove stm32_iwdg_register()
local fu

drivers: stm32_iwdg: remove useless device list

STM32 watchdog driver does not manage several instances of IWDG hence
remove the useless code. To simplify code, remove stm32_iwdg_register()
local function.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

drivers: stm32_iwdg: remove registering to shared_resources driver

Remove registering of STM32 IWDG driver to platform shared_resources
driver that is deprecated since integration of the firewall fr

drivers: stm32_iwdg: remove registering to shared_resources driver

Remove registering of STM32 IWDG driver to platform shared_resources
driver that is deprecated since integration of the firewall framework
in stm32mp1 platforms. Since this integration, OP-TEE only consider
IWDG secure instances hence remove the useless code for IWDG assigned
to non-secure world.

As watchdog drivers are only used when registering to OP-TEE watchdog
services (CFG_WDT_SM_HANDLER) simplify the code to always register
IWDG instance.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

drivers: scmi-msg: fix clock min/max/step triplet description support

The return value of plat_scmi_clock_rates_array() is one of "SCMI_DENIED",
"SCMI_GENERIC_ERROR" and "SCMI_SUCCESS".
The code in

drivers: scmi-msg: fix clock min/max/step triplet description support

The return value of plat_scmi_clock_rates_array() is one of "SCMI_DENIED",
"SCMI_GENERIC_ERROR" and "SCMI_SUCCESS".
The code in scmi_clock_describe_rates() for clock min/max/step triplet
description support would never be executed due to the return value of
plat_scmi_clock_rates_array() could never be "SCMI_NOT_SUPPORTED".
Fix by modifying the return value of plat_scmi_clock_rates_array().

Signed-off-by: Tony Han <tony.han@microchip.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp1: shared_resources: remove pin/GPIO secure state management

Remove the pin and GPIO secure state management from shared_resources
platform driver since this is now managed using the fir

plat-stm32mp1: shared_resources: remove pin/GPIO secure state management

Remove the pin and GPIO secure state management from shared_resources
platform driver since this is now managed using the firewall framework.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

drivers: stm32_gpio: remove gpio/pinctrl API function to set secure state

Remove stm32_gpio_set_secure_cfg() and stm32_pinctrl_set_secure_cfg()
functions that are no more used since the STM32 GPIO a

drivers: stm32_gpio: remove gpio/pinctrl API function to set secure state

Remove stm32_gpio_set_secure_cfg() and stm32_pinctrl_set_secure_cfg()
functions that are no more used since the STM32 GPIO and pins secure
configurations are managed only through the firewall framework
facilities.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

drivers: stm32_uart: remove use of shared_resource for pinctlr

Remove use of shared_resources platform driver to manage the secure
state of the pins of a pinctrl state since this is now managed usin

drivers: stm32_uart: remove use of shared_resource for pinctlr

Remove use of shared_resources platform driver to manage the secure
state of the pins of a pinctrl state since this is now managed using
the firewall framework.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

drivers: stm32_uart: remove use of stm32_pinctrl_set_secure_cfg()

Remove use of stm32_pinctrl_set_secure_cfg() to set the secure state
of the pins of a pinctrl state since this is now handled from S

drivers: stm32_uart: remove use of stm32_pinctrl_set_secure_cfg()

Remove use of stm32_pinctrl_set_secure_cfg() to set the secure state
of the pins of a pinctrl state since this is now handled from STM32
GPIO driver based on the firewall framework.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

drivers: stm32_i2c: remove use of stm32_pinctrl_set_secure_cfg()

Remove use of stm32_pinctrl_set_secure_cfg() to set the secure state
of the pins of a pinctrl state since this is now handled from ST

drivers: stm32_i2c: remove use of stm32_pinctrl_set_secure_cfg()

Remove use of stm32_pinctrl_set_secure_cfg() to set the secure state
of the pins of a pinctrl state since this is now handled from STM32
GPIO driver based on the firewall framework.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

drivers: stm32_gpio: check secure state of pinctrl states

Make STM32 GPIO driver to verify that any all pins of applied pinctrl
states be accessed and has the expected secure hardening configuration

drivers: stm32_gpio: check secure state of pinctrl states

Make STM32 GPIO driver to verify that any all pins of applied pinctrl
states be accessed and has the expected secure hardening configuration
when used.

Non-secure pins must have the STM32_PIN_NSEC bit set in the pin
handler argument unless what the pin is expected to be secure. The
driver returns an error when the expected secure state of a pin does
not match its effective secure state or it cannot be accessed, unless
CFG_INSECURE is enabled in which case the driver only prints an info
level trace message.

If a driver attempts to consume a pinctrl with pins that do not exist,
core panics.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

drivers: stm32_gpio: check secure state of consumed GPIOs

STM32 GPIO driver now verifies that any GPIO consumed by OP-TEE can
be accessed and has the expected secure hardening configuration.
If a dr

drivers: stm32_gpio: check secure state of consumed GPIOs

STM32 GPIO driver now verifies that any GPIO consumed by OP-TEE can
be accessed and has the expected secure hardening configuration.
If a driver attempts to consume a GPIO that cannot be accessed
by OP-TEE, core panics. When a GPIO is used with an inappropriate
secure configuration state, STM32 GPIO driver panics or prints an
info level message, depending on CFG_INSECURE.

This change is based on the recently added GPIO_STM32_NSEC bindings macro
in STM32 GPIO driver DT bindings header file that is a hint on whether
a consumed GPIO is expected secure or shared with non-secure world.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

drivers: stm32_gpio: acquire semaphore when GPIO/pinctrl are used

Release RIF semaphore taken at GPIO bank initialization and acquire
them only when the GPIO or pinctrl is used or when a firewall
co

drivers: stm32_gpio: acquire semaphore when GPIO/pinctrl are used

Release RIF semaphore taken at GPIO bank initialization and acquire
them only when the GPIO or pinctrl is used or when a firewall
configuration is requested.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

drivers: stm32_gpio: register to firewall framework

Register secure aware STM32 GPIO banks to the firewall framework
as a firewall controller to allow GPIO and pinctrl consumer devices
to load alter

drivers: stm32_gpio: register to firewall framework

Register secure aware STM32 GPIO banks to the firewall framework
as a firewall controller to allow GPIO and pinctrl consumer devices
to load alternate configurations for pins.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

drivers: stm32_gpio: factorize apply_rif_config()

Change apply_rif_config() to be able to call it for a subset of pins
in a GPIO bank.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

drivers: stm32_gpio: factorize apply_rif_config()

Change apply_rif_config() to be able to call it for a subset of pins
in a GPIO bank.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

drivers: stm32_gpio: check GPIO is not already consumed

Check that a GPIO requested by a consumer is not already consumed by
another device.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.s

drivers: stm32_gpio: check GPIO is not already consumed

Check that a GPIO requested by a consumer is not already consumed by
another device.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

clk: stm32mp25: add support for RIF configuration application

This driver now implements RIF configuration for RCC, which is a RIF
aware IP. It means that the RCC driver is in charge of configuring

clk: stm32mp25: add support for RIF configuration application

This driver now implements RIF configuration for RCC, which is a RIF
aware IP. It means that the RCC driver is in charge of configuring its
own RIF restrictions and that the RCC has dedicated RIF configuration
registers.

To avoid issues when manipulating clocks during OP-TEE boot or low-power
sequences, apply the RIF configuration for RCC resources at
driver_init_late level.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: caam: sm: fix SM partition permission in SMAG registers

SM partition SMAG1 permissions were wrongly set for generating DEK blob
which results in error while decapsulating DEK blob during HA

drivers: caam: sm: fix SM partition permission in SMAG registers

SM partition SMAG1 permissions were wrongly set for generating DEK blob
which results in error while decapsulating DEK blob during HAB
encrypted boot.
Setting the permissions correctly fix this issue.

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Fixes: 2a12ae237796 ("drivers: caam: add CAAM secure memory driver")

show more ...

drivers: stm32_tamp: configure the backup registers when driver is probing

Update the driver to be able to configure the backup registers when
the driver is probing and remove call to stm32_tamp_set

drivers: stm32_tamp: configure the backup registers when driver is probing

Update the driver to be able to configure the backup registers when
the driver is probing and remove call to stm32_tamp_set_secure_bkpregs()
in plat-stm32mp1 main.c.

Remove old implementation of stm32_bkpregs_conf structure and rename
stm32_bkpregs_conf_new to stm32_bkpregs_conf.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_tamp: add stm32mp25 support for RIF configuration

Add support for the RIF configuration of the TAMP peripheral. It covers
the TAMP resources such as monotonic counters but also backup

drivers: stm32_tamp: add stm32mp25 support for RIF configuration

Add support for the RIF configuration of the TAMP peripheral. It covers
the TAMP resources such as monotonic counters but also backup registers
regions and sub-regions.

Create a stm32_tamp_platdata structure to hold platform data.

Add temporary stm32_bkpregs_conf_new structure that will be used by the
new implementation and renamed to stm32_bkpregs_conf when the old one
disappear.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: caam: enable/disable prediction resistance based on CONFIG flag

With prediction resistance enabled, on every random number request
CAAM is forced to do reseeding of DRBG, which is time taki

drivers: caam: enable/disable prediction resistance based on CONFIG flag

With prediction resistance enabled, on every random number request
CAAM is forced to do reseeding of DRBG, which is time taking process
which leads to lower Random number generation performance.
So to give user the flexibility to enable/disable this feature a flag
CFG_CAAM_RNG_RUNTIME_PR is introduced.
By default it will be disabled and user can enable it as per its
requirement.

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...