crypto: drivers: se050-f: rsa: can fallback to softw-ops

The SE050-F device can select to fallback to specific unsupported
operations.

This allows xtests to run to completion without errors.

Signe

crypto: drivers: se050-f: rsa: can fallback to softw-ops

The SE050-F device can select to fallback to specific unsupported
operations.

This allows xtests to run to completion without errors.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

crypto: drivers: se050: ecc: fallback to softw-ops

Operations that require a public key might fallback to a software
based implementation.

Operations that require a private key might fallback to a

crypto: drivers: se050: ecc: fallback to softw-ops

Operations that require a public key might fallback to a software
based implementation.

Operations that require a private key might fallback to a software
based implementation as long as the private key is not in the secure
element.

Use CFG_NXP_SE05X_ECC_DRV_FALLBACK to enable this feature.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

crypto: drivers: se050: rsa: fallback to softw-ops

Operations that require a public key might fallback to a software
based implementation.

Operations that require a private key might fallback to a

crypto: drivers: se050: rsa: fallback to softw-ops

Operations that require a public key might fallback to a software
based implementation.

Operations that require a private key might fallback to a software
based implementation as long as the private key is not in the secure
element.

Use CFG_NXP_SE05X_RSA_DRV_FALLBACK to enable this feature.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

crypto: drivers: se050-f: rsa: fix support

The NXP SE050-F does not support raw RSA keys, only CRT types.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.

crypto: drivers: se050-f: rsa: fix support

The NXP SE050-F does not support raw RSA keys, only CRT types.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

crypto: drivers: se050: adaptor: provide the oefid interface

Not all the NXP SE05X secure elements provide the same level of
cryptographic support. This interface allows runtime identification
of th

crypto: drivers: se050: adaptor: provide the oefid interface

Not all the NXP SE05X secure elements provide the same level of
cryptographic support. This interface allows runtime identification
of the device under control

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_bsec: remove protection on debug configuration

Keeps stm32_bsec_write_debug_conf() out of CFG_STM32_BSEC_WRITE
purpose. This switch must protect OTP memory writes, not accesses
to BSE

drivers: stm32_bsec: remove protection on debug configuration

Keeps stm32_bsec_write_debug_conf() out of CFG_STM32_BSEC_WRITE
purpose. This switch must protect OTP memory writes, not accesses
to BSEC configuration registers.

CFG_STM32_BSEC_WRITE is now default enabled and not set to
CFG_TEE_CORE_DEBUG value.

Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_bsec: remove unused functions

Removes unused functions stm32_bsec_otp_lock() and
stm32_bsec_shadow_register().

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-o

drivers: stm32_bsec: remove unused functions

Removes unused functions stm32_bsec_otp_lock() and
stm32_bsec_shadow_register().

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_bsec: update for stm32mp13

Adds support for stm32mp13x platforms in BSEC driver.
Permanent lock status is updated without reset.

Signed-off-by: Patrick Delaunay <patrick.delaunay@fos

drivers: stm32_bsec: update for stm32mp13

Adds support for stm32mp13x platforms in BSEC driver.
Permanent lock status is updated without reset.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_bsec: add low power management

Adds low power management in BSEC driver to save and restore
the debug settings.

It is a preliminary step for BSEC support on STM32MP13.

Signed-off-by

drivers: stm32_bsec: add low power management

Adds low power management in BSEC driver to save and restore
the debug settings.

It is a preliminary step for BSEC support on STM32MP13.

Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_bsec: add new generic interfaces

Exports generic functions to retrieve the BSEC state and check
if a fuse can be read depending on the BSEC current state.
Adds some robustness in the

drivers: stm32_bsec: add new generic interfaces

Exports generic functions to retrieve the BSEC state and check
if a fuse can be read depending on the BSEC current state.
Adds some robustness in the driver to enforce security when
trying to access a fuse.

It is a preliminary step for BSEC PTA introduction.

Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: atmel_wdt: enable watchdog reset

In order to reset the system rather that using an interrupt handler, set
the WDT_MR_WDRSTEN bit which allows to reboot the system.

Signed-off-by: Clément L

drivers: atmel_wdt: enable watchdog reset

In order to reset the system rather that using an interrupt handler, set
the WDT_MR_WDRSTEN bit which allows to reboot the system.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Suggested-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: atmel-shdwc: check secure status

Check for the shutdown controller secure-status property and if true,
then set it as secure.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked

drivers: atmel-shdwc: check secure status

Check for the shutdown controller secure-status property and if true,
then set it as secure.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: atmel-rstc: check for secure status

Check for the reset controller secure-status property and if true, then
set it as secure.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked

drivers: atmel-rstc: check for secure status

Check for the reset controller secure-status property and if true, then
set it as secure.

Signed-off-by: Clément Léger <clement.leger@bootlin.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: versal: physical unclonable function

This driver uses the PLM xilpuf service to deliver the physical
unclonable function (PUF).

The Physical unclonable function (PUF) generates two device

drivers: versal: physical unclonable function

This driver uses the PLM xilpuf service to deliver the physical
unclonable function (PUF).

The Physical unclonable function (PUF) generates two device unique
signatures per die. One signature is used for the key encryption key
(KEK) and one signature is used as an unique identification value.

The Unique ID is fully accessible and its value can be cleared
(hidden) and regenerated.

The KEK is never accessible and only usable from the AES-GCM engine.

https://github.com/Xilinx/embeddedsw

[1] TRM: https://docs.xilinx.com/r/en-US/am011-versal-acap-trm

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: versal_pm: fix compilation issue

The "struct ipi_cmd" was used during the development of the
versal_mbox driver; during the mbox driver review, the struct was
renamed to versal_ipi_cmd.

Th

drivers: versal_pm: fix compilation issue

The "struct ipi_cmd" was used during the development of the
versal_mbox driver; during the mbox driver review, the struct was
renamed to versal_ipi_cmd.

The code being removed in this commit was merged by mistake.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers: stm32_bsec: support NVMEM cell description in device-tree

Support the nvmem cells description in device tree and
add the platform helper function stm32_bsec_find_otp_in_nvmem_layout()
that

drivers: stm32_bsec: support NVMEM cell description in device-tree

Support the nvmem cells description in device tree and
add the platform helper function stm32_bsec_find_otp_in_nvmem_layout()
that allows drivers to find an OTP location (BSEC word number and bit
size) from the OTP string identifier, name of the cell in device tree.

The bsec driver directly reads the nvmem cells sub node of bsec device.

This allow to remove the hardcoded OTP index in platform and is aligned
with linux kernel binding.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_bsec: move debug defines to include

Moves definition of DEBUG status macros from driver source file to
its header file to allow other drivers to control the debug level.
Introduces BS

drivers: stm32_bsec: move debug defines to include

Moves definition of DEBUG status macros from driver source file to
its header file to allow other drivers to control the debug level.
Introduces BSEC_DEBUG_ALL that is the default debug configuration.
Removes configuration masking as it has no use.

Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_bsec: use _fdt_reg* API

Changes bsec_dt_otp_nsec_access() to use _fdt_reg_base_address()
and _fdt_reg_size().

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewe

drivers: stm32_bsec: use _fdt_reg* API

Changes bsec_dt_otp_nsec_access() to use _fdt_reg_base_address()
and _fdt_reg_size().

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_bsec: correct address in lock support for any upper_base value

The address computed in stm32_bsec_permanent_lock_otp (with hardcoded
+2 offset) only supports OTP upper base offset 32.

drivers: stm32_bsec: correct address in lock support for any upper_base value

The address computed in stm32_bsec_permanent_lock_otp (with hardcoded
+2 offset) only supports OTP upper base offset 32. This patch corrects
to handle any value of OTP upper base.


This patch corrects to handle any value of OTP upper base.
and simplify this part by using division clearer than mask in this
context.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_bsec: use U() for unsigned constants

Updates with the U() macro as described in the coding guidelines.

Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Gatie

drivers: stm32_bsec: use U() for unsigned constants

Updates with the U() macro as described in the coding guidelines.

Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_bsec: rework and move BITS_PER_WORD

Transforms BITS_PER_WORD to BSEC_BITS_PER_WORD to specify it is
BSEC-related and move it to BSEC driver header file.

Adds BSEC_BYTES_PER_WORD for

drivers: stm32_bsec: rework and move BITS_PER_WORD

Transforms BITS_PER_WORD to BSEC_BITS_PER_WORD to specify it is
BSEC-related and move it to BSEC driver header file.

Adds BSEC_BYTES_PER_WORD for later use.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: implement lpc_uart driver

Support for lpc_uart that is a serial driver.

Signed-off-by: Xiaoxu Zeng <zengxiaoxu@huawei.com>
Signed-off-by: Zeng Tao <prime.zeng@hisilicon.com>
Reviewed-by: J

drivers: implement lpc_uart driver

Support for lpc_uart that is a serial driver.

Signed-off-by: Xiaoxu Zeng <zengxiaoxu@huawei.com>
Signed-off-by: Zeng Tao <prime.zeng@hisilicon.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: imx_lpuart: remove stubbed .flush() implementation

There is no need to provide function stubs for unimplemented functions
in struct serial_ops. Just let the compiler set the pointer to NULL

drivers: imx_lpuart: remove stubbed .flush() implementation

There is no need to provide function stubs for unimplemented functions
in struct serial_ops. Just let the compiler set the pointer to NULL.

Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: drivers: nxp: Add LX series SFP driver

- Implement reading and writing to the NXP LX2160-series Security Fuse
Processor (SFP).
- Add the CFG_LS_SFP flag to enable building the SFP driver.
-

core: drivers: nxp: Add LX series SFP driver

- Implement reading and writing to the NXP LX2160-series Security Fuse
Processor (SFP).
- Add the CFG_LS_SFP flag to enable building the SFP driver.
- The SFP driver should be able to:
- Read the entire SFP.
- Read the debug level.
- Read the Intent to Secure (ITS) and Secure Boot (SB) flags.
- Read individual OEM Unique Scratch Pad Fuse (OUID) registers.
- Read individual Super Root Key Hash (SRKH) registers.
- Set the debug level.
- Set the device to permanently program the fuse block by
setting the ITS and SB flags.
- Set individual OUID registers.
- Get the status of the SFP driver itself.
- Update fsl-lx2160a device tree with sfp and gpio nodes.

Signed-off-by: Andrew Mustea <andrew.mustea@microsoft.com>
Reviewed-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers: versal: SHA3-384 engine support

Enable the PLM controlled SHA3-384 cryptographic engine for TEE core
usage.

Since the engine does not have the concept of "context", it can't
provide the le

drivers: versal: SHA3-384 engine support

Enable the PLM controlled SHA3-384 cryptographic engine for TEE core
usage.

Since the engine does not have the concept of "context", it can't
provide the level support required by user-space (multiple parallel
contexts) hence why it is being provided just to the core.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Nathan Menhorn <nathan.menhorn@amd.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...