drivers: stm32_rng: register as hwrng source

Implements RNG as hardware entropy source when CFG_STM32_RNG
is enable and CFG_WITH_SOFTWARE_PRNG is disable.

This is realised by implementing crypto_rn

drivers: stm32_rng: register as hwrng source

Implements RNG as hardware entropy source when CFG_STM32_RNG
is enable and CFG_WITH_SOFTWARE_PRNG is disable.

This is realised by implementing crypto_rng_read() and
hw_get_random_byte() in driver.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_rng: helper trace in rng path

Adds helper flow level trace messages in random sample generation
sequence.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne

drivers: stm32_rng: helper trace in rng path

Adds helper flow level trace messages in random sample generation
sequence.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_rng: remove millisecond timeout with interrupts masked

Removes the 10ms timeout monitored waiting loop in stm32_rng_read_raw()
that was called with interrupts masked. stm32_rng_read_r

drivers: stm32_rng: remove millisecond timeout with interrupts masked

Removes the 10ms timeout monitored waiting loop in stm32_rng_read_raw()
that was called with interrupts masked. stm32_rng_read_raw() is
renamed read_available() and does not pool a hardware status: it
either returns or reads samples according to RNG state.

Changes stm32_rng_read() to monitor RNG burst generation with a 100ms
timeout. This timeout threshold targets that at least few REE ticks
(dozen of ms) allow RNG to conceal and synchronize upon bad conditions.

As change rewrites function stm32_rng_read(), it also removes a zeroing
of the buffer on sample generation error. The wiping is removed since
pointless.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_rng: don't export stm32_rng_read_raw()

No need to export stm32_rng function stm32_rng_read_raw(). It is only
called from stm32_rng_read(). Also removes re-enabling of RNG in
stm32_rng

drivers: stm32_rng: don't export stm32_rng_read_raw()

No need to export stm32_rng function stm32_rng_read_raw(). It is only
called from stm32_rng_read(). Also removes re-enabling of RNG in
stm32_rng_read_raw() since already handled by caller function.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_rng: init rng before service initcall level

Initializes stm32_rng driver before service initcall level so that
device driver is ready when plat_rng_init() is called.

At this stage, r

drivers: stm32_rng: init rng before service initcall level

Initializes stm32_rng driver before service initcall level so that
device driver is ready when plat_rng_init() is called.

At this stage, resource firewall may not be initialized therefore
choose to always map RNG IOMEM with secure attribute which conforms
to firewall configuration. When RNG is assigned to non-secure, RNG
resources are released once boot completes.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_rng: remove thread exceptions masking under spinlock

Fixes stm32_rng.c to not mask thread exceptions in function
stm32_rng_read_raw() that is called with a spinlock held and
interrupt

drivers: stm32_rng: remove thread exceptions masking under spinlock

Fixes stm32_rng.c to not mask thread exceptions in function
stm32_rng_read_raw() that is called with a spinlock held and
interrupts already masked.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

imx_ocotp: correct ocotp fuse address computation

Not all the imx platforms have the same bank spacing. In particular
the imx6 and imx7ulp both have bank sizes that are twice as large
as the imx8m.

imx_ocotp: correct ocotp fuse address computation

Not all the imx platforms have the same bank spacing. In particular
the imx6 and imx7ulp both have bank sizes that are twice as large
as the imx8m.

The ocotp_get_die_id_mx7ulp() function was written with the
old computation, so bank 2, work 6 would be 0x4e0 offset.
Using the new calc, bank 1, word 6 would be 0x4e0 offset.

So all the bank values should move to bank 1.

This will set the correct computation.

Signed-off-by: Tim Anderson <tim.anderson@foundries.io>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Clement Faure <clement.faure@nxp.com>

show more ...

drivers: imx: dcp: disable the use of UNIQUE KEY after HUK generation

Disable the use of DCP unique key (0xfe in the DCP key selection) after
the HUK generation.
The DCP unique key is used to genera

drivers: imx: dcp: disable the use of UNIQUE KEY after HUK generation

Disable the use of DCP unique key (0xfe in the DCP key selection) after
the HUK generation.
The DCP unique key is used to generate the HUK at boot time. Disabling
the use of the unique key prevents the non-secure world from
re-generating the HUK.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Ricardo Salveti <ricardo@foundries.io> (imx-mx6ullevk)

show more ...

drivers: imx: dcp: clear OTP_KEY bit for unique key selection

The use of the unique key for the HUK generation requires the OTP_KEY
bit to be cleared in the DCP control0 bit field.

Signed-off-by: C

drivers: imx: dcp: clear OTP_KEY bit for unique key selection

The use of the unique key for the HUK generation requires the OTP_KEY
bit to be cleared in the DCP control0 bit field.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Ricardo Salveti <ricardo@foundries.io> (imx-mx6ullevk)

show more ...

drivers: imx: dcp: workaround DCP errata 051292

The internal boot ROM should reset the DCP controller prior jumping to
bootloader execution. The current boot ROM implementation does not
assert a DCP

drivers: imx: dcp: workaround DCP errata 051292

The internal boot ROM should reset the DCP controller prior jumping to
bootloader execution. The current boot ROM implementation does not
assert a DCP reset.

To mitigate the issue, users can implement a DCP reset by setting
SFTRST[31] and CTRL_CLKGATE[30] bits in the DCP_CTRL_SET registers.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Tested-by: Ricardo Salveti <ricardo@foundries.io> (imx-mx6ullevk)

show more ...

drivers: imx_snvs: re-work security state for imx8m platforms

The current implementation of snvs_get_security_cfg() for
imx8m platforms includes the read of SYS_SECURE_BOOT bit.
This fourth bit show

drivers: imx_snvs: re-work security state for imx8m platforms

The current implementation of snvs_get_security_cfg() for
imx8m platforms includes the read of SYS_SECURE_BOOT bit.
This fourth bit shows if the board boots from internal
ROM. This bit will reset to 1 for a board in the field
and 0 for a test chip.

The read of this bit is out of scope of the snvs_get_security_cfg()
purpose which is to return the system security configuration.
The SYS_SECURE_BOOT bit (msb) can be discarded.

Fixes: 5cd93c5a75 (drivers: imx_snvs: fix SNVS security configuration values)
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_shared_io: introduce shared io driver

This commit implements shared registers support, previously handled in
core/arch/arm/plat-stm32mp1/shared_resources.c, at platform level.

Defaul

drivers: stm32_shared_io: introduce shared io driver

This commit implements shared registers support, previously handled in
core/arch/arm/plat-stm32mp1/shared_resources.c, at platform level.

Default enable CFG_STM32_SHARED_IO.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: caam: map the CAAM registers with the CAAM_SIZE value

Add the CAAM register MMU mapping with the appropriate size CAAM_SIZE.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by:

drivers: caam: map the CAAM registers with the CAAM_SIZE value

Add the CAAM register MMU mapping with the appropriate size CAAM_SIZE.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-stm32mp1: use helper header file stm32mp_dt_bindings.h

Changes plat-stm32mp1 and its drivers to rely on stm32mp_dt_bindings.h
which simplifies support of both variants STM32MP15 and STM32MP13 t

plat-stm32mp1: use helper header file stm32mp_dt_bindings.h

Changes plat-stm32mp1 and its drivers to rely on stm32mp_dt_bindings.h
which simplifies support of both variants STM32MP15 and STM32MP13 that
will use each specific DT bindings.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: scmi-msg: Fix parameter type

In order to make clock.c and voltage_domain.c compile on
64 bit architecture, we cannot use unsigned int in the
function prototype and size_t in the function de

drivers: scmi-msg: Fix parameter type

In order to make clock.c and voltage_domain.c compile on
64 bit architecture, we cannot use unsigned int in the
function prototype and size_t in the function definition.

Signed-off-by: Ludvig Pärsson <ludvig.parsson@axis.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: clk: remove stm32_clock_*() helpers

Removes function that were deprecated: stm32_clock_is_enabled(),
stm32_clock_enable(), stm32_clock_disable() and stm32_clock_get_rate().

Signed-off-by:

drivers: clk: remove stm32_clock_*() helpers

Removes function that were deprecated: stm32_clock_is_enabled(),
stm32_clock_enable(), stm32_clock_disable() and stm32_clock_get_rate().

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers: se050: scp: add support for more boards

Add the board specific persistent keys required to stablish the SCP03
sessions with the secure element.

See https://www.nxp.com/docs/en/application-

drivers: se050: scp: add support for more boards

Add the board specific persistent keys required to stablish the SCP03
sessions with the secure element.

See https://www.nxp.com/docs/en/application-note/AN12436.pdf

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: pm: sam: clarify that the pm_suspend.S file was relicensed

Clarify that this file was imported from Linux and relicensed to avoid
any licensing issue.

Acked-by: Nicolas Ferre <nicolas.ferr

drivers: pm: sam: clarify that the pm_suspend.S file was relicensed

Clarify that this file was imported from Linux and relicensed to avoid
any licensing issue.

Acked-by: Nicolas Ferre <nicolas.ferre@microchip.com>
Acked-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>

show more ...

drivers: smccc_trng: get entropy from secure monitor

Implements random noise generation interface from Arm SMCCC TRNG
specification. Configuration switch CFG_ARM_SMCCC_TRNG must be enabled
to embed

drivers: smccc_trng: get entropy from secure monitor

Implements random noise generation interface from Arm SMCCC TRNG
specification. Configuration switch CFG_ARM_SMCCC_TRNG must be enabled
to embed the RNG driver that use this interface.

When CFG_ARM_SMCCC_TRNG is enable and CFG_WITH_SOFTWARE_PRNG is
disable, use SMCCC TRNG driver as entropy source. When
both CFG_ARM_SMCCC_TRNG and CFG_WITH_SOFTWARE_PRNG are enable, seed
OP-TEE PRNG with 32byte of TRNG entropy.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-sam: add timer clock driver

Add support for the TCB block that are present on the samad2. This
series add support for the TCB as a time source and register it using
REGISTER_TIME_SOURCE(). More

plat-sam: add timer clock driver

Add support for the TCB block that are present on the samad2. This
series add support for the TCB as a time source and register it using
REGISTER_TIME_SOURCE(). Moreover, on Linux, the tick is done using the
TCB since the sama5d2 does not have the ARM architected timers. Since
the time source used for the tick clocksource is probed early in the
boot process, the SCMI clock support which uses a platform driver is
not yet probed and thus the TCB can't be probe properly. To workaround
that problem, this driver enables the TCB clocks and the Linux
device-tree is modified to use "fixed-clock" clock instead of the TCB
SCMI ones.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>

show more ...

drivers: atmel_piobu: add driver

Add piobu driver which handle secumod GPIOs. This driver also handle
tampering interrupts on GPIOs which are configured as input with the
device-tree. For instance,

drivers: atmel_piobu: add driver

Add piobu driver which handle secumod GPIOs. This driver also handle
tampering interrupts on GPIOs which are configured as input with the
device-tree. For instance, the following device-tree excerpt allows to
set an input as an intrusion detection pin:

gpios = <0 PIOBU_PIN_INPUT(1, 1, PIOBU_PIN_PULL_DOWN,
PIOBU_PIN_DEF_LEVEL_LOW, PIOBU_PIN_WAKEUP_ENABLE)>;

In case of a tamper event, the source of the tampering will be
displayed.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>

show more ...

drivers: atmel_rtc: add atmel_rtc_get_tamper_timestamp()

The sama5d2 RTC actually hold the timestamp of the last tampering
attempt. Add a function to get the last time of tampering detection.

Acked

drivers: atmel_rtc: add atmel_rtc_get_tamper_timestamp()

The sama5d2 RTC actually hold the timestamp of the last tampering
attempt. Add a function to get the last time of tampering detection.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>

show more ...

drivers: xiphera_trng: Add support for XIP8001B TRNG

Adds support for Xiphera's XIP8001B true random number generator.

XIP8001B is a FPGA IP core that can be synthesized in FPGA devices to
provide

drivers: xiphera_trng: Add support for XIP8001B TRNG

Adds support for Xiphera's XIP8001B true random number generator.

XIP8001B is a FPGA IP core that can be synthesized in FPGA devices to
provide TRNG source for device where it is missing like Xilinx Zynq-7000
and Xilinx Zynq MPSoC.

Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com>
Co-developed-by: Atte Tommiska <atte.tommiska@xiphera.com>
Signed-off-by: Atte Tommiska <atte.tommiska@xiphera.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: imx_snvs: fix the is_otpmk_valid() logic

The logic wanted was the inverse of the one implemented.

Fixes: ea4f7ad67d ("drivers: imx_snvs: add master key selection")
Signed-off-by: Franck LE

drivers: imx_snvs: fix the is_otpmk_valid() logic

The logic wanted was the inverse of the one implemented.

Fixes: ea4f7ad67d ("drivers: imx_snvs: add master key selection")
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers: imx_snvs: fix SNVS register read operation

A coding mistake in the precedence order of C operators is causing
an incorrect read of the SNVS register. This error would return a wrong
board l

drivers: imx_snvs: fix SNVS register read operation

A coding mistake in the precedence order of C operators is causing
an incorrect read of the SNVS register. This error would return a wrong
board lifecycle state by snvs_get_security_cfg().

Fixes: 5cd93c5a ("drivers: imx_snvs: fix SNVS security configuration values")
Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...