drivers: caam: instantiate RNG state handle with prediction resistance

Instantiate RNG state handles with Prediction Resistance (PR) support.
This way SW further downstream (e.g. Rich OS, boot loade

drivers: caam: instantiate RNG state handle with prediction resistance

Instantiate RNG state handles with Prediction Resistance (PR) support.
This way SW further downstream (e.g. Rich OS, boot loader etc.) is able
to use the "PR" bit in RNG generation descriptors (forcing TRNG
re-seeding before PRNG / DRBG outputs random data).

Note: current patch does not deal with RNG state handles that have
already been initialized, but without PR support (this could happen if
U-boot would run before OP-TEE etc.). In this case, RNG state handle
would have to be deinstantiated first, and then reinstantiated with
PR support.

Signed-off-by: Franck LENORMAND <franck.lenormand@nxp.com>
Signed-off-by: Horia Geantă <horia.geanta@nxp.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

crypto: drivers: se050: remove implicit dependency

The SE05X device is platform independent and therefore does not need
the iMX I2C driver but the actual driver for the particular platform
is connec

crypto: drivers: se050: remove implicit dependency

The SE05X device is platform independent and therefore does not need
the iMX I2C driver but the actual driver for the particular platform
is connected into.

Implementing these changes required a fix in the Plug-and-Trust tree
(the addition of a missing dependency), therefore we will also bump
the Plug-and-Trust version used in the Azure pipeline.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

drivers: atmel_saic: add SAIC driver

Add a driver to handle interrupt that are targeting the secure
interrupt controller. This driver will be used to handle watchdog and
matrix interrupts.

Acked-by

drivers: atmel_saic: add SAIC driver

Add a driver to handle interrupt that are targeting the secure
interrupt controller. This driver will be used to handle watchdog and
matrix interrupts.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>

show more ...

drivers: atmel_shdwc: add call to suspend init

Since there is no "suspend" controller per se and that the general
controller used for suspend is the shutdown controller, call suspend
init from shdwc

drivers: atmel_shdwc: add call to suspend init

Since there is no "suspend" controller per se and that the general
controller used for suspend is the shutdown controller, call suspend
init from shdwc driver.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>

show more ...

drivers: pm: sam: add suspend support

Add suspend support for sama5d2 platform. This support allows to use
all the available modes of suspend present on the sama5d2 platform:
- STANDBY
- ULP0
- ULP0

drivers: pm: sam: add suspend support

Add suspend support for sama5d2 platform. This support allows to use
all the available modes of suspend present on the sama5d2 platform:
- STANDBY
- ULP0
- ULP0 Fast
- ULP1
- BACKUP

By default, STANDBY mode is used as default suspend mode.
This support is meant to be used by PSCI.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>

show more ...

drivers: clk: sam: add suspend support

PMC register contents needs to be restored after resuming. Add support
for this using PM callbacks.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
A

drivers: clk: sam: add suspend support

PMC register contents needs to be restored after resuming. Add support
for this using PM callbacks.

Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Clément Léger <clement.leger@bootlin.com>

show more ...

drivers: stm32_rng: use generic clock API

Replaces use of ST specific stm32mp_clk_xxx() clocks functions in
favor to OP-TEE generic clock API functions clk_xxx() using
struct clk * as clock referenc

drivers: stm32_rng: use generic clock API

Replaces use of ST specific stm32mp_clk_xxx() clocks functions in
favor to OP-TEE generic clock API functions clk_xxx() using
struct clk * as clock references. Updates STM32 RNG driver.

Reviewed-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_gpio: use generic clock API

Replaces use of ST specific stm32mp_clk_xxx() clocks functions in
favor to OP-TEE generic clock API functions clk_xxx() using
struct clk * as clock referen

drivers: stm32_gpio: use generic clock API

Replaces use of ST specific stm32mp_clk_xxx() clocks functions in
favor to OP-TEE generic clock API functions clk_xxx() using
struct clk * as clock references. Updates STM32 GPIO driver.

Reviewed-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_uart: use generic clock API

Replaces use of ST specific stm32mp_clk_xxx() clocks functions in
favor to OP-TEE generic clock API functions clk_xxx() using
struct clk * as clock referen

drivers: stm32_uart: use generic clock API

Replaces use of ST specific stm32mp_clk_xxx() clocks functions in
favor to OP-TEE generic clock API functions clk_xxx() using
struct clk * as clock references. Updates STM32 UART driver and
platform stm32mp1 console support.

Reviewed-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_i2c: use generic clock API

Replaces use of ST specific stm32mp_clk_xxx() clocks functions in
favor to OP-TEE generic clock API functions clk_xxx() using
struct clk * as clock referenc

drivers: stm32_i2c: use generic clock API

Replaces use of ST specific stm32mp_clk_xxx() clocks functions in
favor to OP-TEE generic clock API functions clk_xxx() using
struct clk * as clock references. Updates I2C driver and PMIC
that is a consumer of an I2C bus.

Reviewed-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: stm32_i2c: stm32_i2c_get_setup_from_fdt() returns TEE_Result

Change stm32_i2c interface function stm32_i2c_get_setup_from_fdt()
to return a TEE_Result code rather than a FDT error code.

Re

drivers: stm32_i2c: stm32_i2c_get_setup_from_fdt() returns TEE_Result

Change stm32_i2c interface function stm32_i2c_get_setup_from_fdt()
to return a TEE_Result code rather than a FDT error code.

Reviewed-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: clk: stm32mp15: convert clock reference to clock ID/GPIO bank

Add stm32mp_clock_id_to_clk() to allow some platform specific functions
to act on clock while based only on the clock DT bindin

drivers: clk: stm32mp15: convert clock reference to clock ID/GPIO bank

Add stm32mp_clock_id_to_clk() to allow some platform specific functions
to act on clock while based only on the clock DT binding ID used in
stm32mp1 old clock API functions.

Add stm32_get_gpio_bank_clk() to return the clock reference related to
a GPIO bank.

Reviewed-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

crypto: drivers: se050: rsa: sign_ssa error handling

SE NVM keys shall only be deleted using either the pkcs#11 interface
(if the key was created by pkcs#11) or the free_keypair crypto API
interface

crypto: drivers: se050: rsa: sign_ssa error handling

SE NVM keys shall only be deleted using either the pkcs#11 interface
(if the key was created by pkcs#11) or the free_keypair crypto API
interface and never as a result of some error handling operation.

Notice that calling free_keypair will invalidate any copy made of that
keypair since the keypair for a SE only holds a handle to the key
stored in the SE NVM.

Fixes: a3ca687d03b4 ("drivers: implement se050 driver")
Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

crypto: drivers: se050: rsa: decrypt_es, validate the output buffer

The size of the decrypted output is not known until decryption has
happened.

Use an intermediate buffer large enough to guarantee

crypto: drivers: se050: rsa: decrypt_es, validate the output buffer

The size of the decrypted output is not known until decryption has
happened.

Use an intermediate buffer large enough to guarantee that the
decrypted message will fit.

This allows the driver to validate the size of the output buffer
passed in the interface.

Fixes: xtest pkcs11_1023

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

crypto: drivers: se050: rsa: fix OAEP and revert regression

Revert a regression introduced in the encrypt operation when swapping
buffers (fixes part of 'commit e1c70d7c88ab ("crypto: drivers: se050

crypto: drivers: se050: rsa: fix OAEP and revert regression

Revert a regression introduced in the encrypt operation when swapping
buffers (fixes part of 'commit e1c70d7c88ab ("crypto: drivers: se050:
fix rsa encrypt/decrypt")'

Fix misuse of the hash_algo field during OAEP encrypt/decrypt.

All tests passing
* xtest -t regression 4006

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

crypto: drivers: se050: rsa: add RSA_NOPAD enc/dec support

Commit 8563cdc537a9 ("drivers: crypto: se050: limitations to RSA
crypto") removed RSA_NOPAD support based on the Plug And Trust MW
document

crypto: drivers: se050: rsa: add RSA_NOPAD enc/dec support

Commit 8563cdc537a9 ("drivers: crypto: se050: limitations to RSA
crypto") removed RSA_NOPAD support based on the Plug And Trust MW
documentation, Release v02,14,00 (Apr 03, 2020).

That documentation was incorrect as RSA_NOPAD is indeed supported by
the secure element as described in the SE050 APDU specification [1],
section 4.3.14, table 32.

This commit restores the functionality and fixes previous bugs.

Validated on xtest 4006 and 4011.

[1] https://www.nxp.com/docs/en/application-note/AN12413.pdf

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: clk: stm32mp1: fix index ordering parent clock array

Fix order in stm32mp1_clk_parent_name[].

Reviewed-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <etie

drivers: clk: stm32mp1: fix index ordering parent clock array

Fix order in stm32mp1_clk_parent_name[].

Reviewed-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: clk: stm32mp1: fix HCLK6 parent clock

Fix get_parent_id_parent() the return HCLK6 parent clock that previous
implementation forbade.

Reviewed-by: Lionel Debieve <lionel.debieve@foss.st.com

drivers: clk: stm32mp1: fix HCLK6 parent clock

Fix get_parent_id_parent() the return HCLK6 parent clock that previous
implementation forbade.

Reviewed-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: clk: stm32mp1: fix BRSRAM parent clock reference

Fix reference to BKPSRAM parent clock for platform stm32mp1. No
functional change as parent clock reference used prior the change
(_PCLK5) l

drivers: clk: stm32mp1: fix BRSRAM parent clock reference

Fix reference to BKPSRAM parent clock for platform stm32mp1. No
functional change as parent clock reference used prior the change
(_PCLK5) led to the same parent clock rate value.

Reviewed-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: clk: stm32mp15: support RTC and MPU clocks

Add RTC and MPU clocks support to platform stm32mp1.

Reviewed-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <et

drivers: clk: stm32mp15: support RTC and MPU clocks

Add RTC and MPU clocks support to platform stm32mp1.

Reviewed-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: clk: stm32mp15: split oscillator and parent clock IDs

Use specific identifiers for root oscillators (prefixed OSC_) while
parent clock IDs are left unchanged.

Reviewed-by: Lionel Debieve <

drivers: clk: stm32mp15: split oscillator and parent clock IDs

Use specific identifiers for root oscillators (prefixed OSC_) while
parent clock IDs are left unchanged.

Reviewed-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: caam: add imx8ulp CAAM HAL

Add imx8ulp CAAM HAL functions.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

drivers: caam: disable the use of interrupts for some platforms

On some i.MX platforms, all CAAM JRs share the same line of interrupts.
To avoid conflicts with the other job ring owners, skip the
en

drivers: caam: disable the use of interrupts for some platforms

On some i.MX platforms, all CAAM JRs share the same line of interrupts.
To avoid conflicts with the other job ring owners, skip the
enable/disable of job ring interruptions in OP-TEE CAAM driver.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

crypto: drivers: se050: ecc sign/verify padding

Pad small messages with zeroes during sign/verify.

Fixes xtest pkcs11_1019.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Etienn

crypto: drivers: se050: ecc sign/verify padding

Pad small messages with zeroes during sign/verify.

Fixes xtest pkcs11_1019.

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: crypto: se050: build Plug-and-Trust using the TEE makefiles

Building the Plug-and-Trust library required building OP-TEE first in
order to get some architecture specific definitions.
This m

drivers: crypto: se050: build Plug-and-Trust using the TEE makefiles

Building the Plug-and-Trust library required building OP-TEE first in
order to get some architecture specific definitions.
This makes the integration with yocto metas unnecessarily complex.

The following commit simplifies the build sequence: the user would
need to clone the Plug-and-Trust tree [1] to an accessible location in
the filesystem and then build OP-TEE as usual passing the path to the
Plug-and-Trust tree in CFG_NXP_SE05X_PLUG_AND_TRUST.

[1] https://github.com/foundriesio/plug-and-trust.git

Signed-off-by: Jorge Ramirez-Ortiz <jorge@foundries.io>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...