drivers: stm32_gpio: support CFG_DRIVERS_PINCTRL

Changes stm32_gpio driver to support generic pin control framework
(CFG_DRIVERS_PINCTRL=y).

Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.c

drivers: stm32_gpio: support CFG_DRIVERS_PINCTRL

Changes stm32_gpio driver to support generic pin control framework
(CFG_DRIVERS_PINCTRL=y).

Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

riscv: driver: implement platform-level interrupt controller (PLIC) driver

An initial implementation of RISC-V PLIC driver conforming
to the specification. CFG_RISCV_PLIC flag allows building it
or

riscv: driver: implement platform-level interrupt controller (PLIC) driver

An initial implementation of RISC-V PLIC driver conforming
to the specification. CFG_RISCV_PLIC flag allows building it
or not for platforms with custom PLIC IP.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: rename interrupt controller functions

This commit renames interrupt controller function names
to be more generic:
- Rename main_init_gic() to primary_init_intc()
- Rename secondary_init_gic()

core: rename interrupt controller functions

This commit renames interrupt controller function names
to be more generic:
- Rename main_init_gic() to primary_init_intc()
- Rename secondary_init_gic() to secondary_init_intc()

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers: stm32_bsec: implement the get otp by phandle

Add a new interface stm32_bsec_find_otp_by_phandle() to retrieve
localization of an OTP from a given node phandle.

When the node phandle is abs

drivers: stm32_bsec: implement the get otp by phandle

Add a new interface stm32_bsec_find_otp_by_phandle() to retrieve
localization of an OTP from a given node phandle.

When the node phandle is absent in the NVMEM node, layout_cell->phandle = 0
and reference to this OTP with this API function is not possible.

Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>

show more ...

drivers: stm32_bsec: add support for bits property in the DT

Adds the possibility to specify the number of managed bit in the NVMEM
cell device tree description, using the optional bits property
and

drivers: stm32_bsec: add support for bits property in the DT

Adds the possibility to specify the number of managed bit in the NVMEM
cell device tree description, using the optional bits property
and removes restriction on aligned NVMEM cell on 32-bit word by supporting
bit offset in stm32_bsec_find_otp_in_nvmem_layout().

Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>

show more ...

drivers: stm32_bsec: keep stm32_bsec_permanent_lock_otp() under flag

Keep the function to access the OTP lock under the CFG_STM32_BSEC_WRITE
flag to align with the write function.

Reviewed-by: Etie

drivers: stm32_bsec: keep stm32_bsec_permanent_lock_otp() under flag

Keep the function to access the OTP lock under the CFG_STM32_BSEC_WRITE
flag to align with the write function.

Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>

show more ...

core: kernel: Refine variable declarations and return values in dt.c

Provide initialization values for local variables. The return values of
libfdt functions are returned instead of -1 since libfdt

core: kernel: Refine variable declarations and return values in dt.c

Provide initialization values for local variables. The return values of
libfdt functions are returned instead of -1 since libfdt has its own
error codes and they are useful for debug.

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: arm: Move some DT functions to common kernel

Some existed functions for device tree in ARM could be also used for
other architectures. This commit moves most of functions from ARM
architecture

core: arm: Move some DT functions to common kernel

Some existed functions for device tree in ARM could be also used for
other architectures. This commit moves most of functions from ARM
architecture into "core/kernel/dt.c", including external DT descriptor,
DT overlay, external DT initialization, API for adding DT child nodes
and reserved-memory nodes. Since "core/kernel/dt.c" is dependent with
CFG_DT, other functions which are independent with CFG_DT are put into
new file "core/kernel/boot.c".

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: use user-access functions in ldelf interaction

When interacting with LDELF, replace implicit user space accesses from
privileged mode using proper user-access functions.

Co-developed-by: Seon

core: use user-access functions in ldelf interaction

When interacting with LDELF, replace implicit user space accesses from
privileged mode using proper user-access functions.

Co-developed-by: Seonghyun Park <seonghp@amazon.com>
Signed-off-by: Seonghyun Park <seonghp@amazon.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: add bb_strndup_user()

Adds bb_strndup_user() to copy a user space string into a bounce buffer
large enough to hold the string.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Review

core: add bb_strndup_user()

Adds bb_strndup_user() to copy a user space string into a bounce buffer
large enough to hold the string.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: add more user access functions

Add more user access functions: clear_user(), strnlen_user() and
bb_memdup_user(), which can be used to manipulate, check or duplicate
given user space buffers.

core: add more user access functions

Add more user access functions: clear_user(), strnlen_user() and
bb_memdup_user(), which can be used to manipulate, check or duplicate
given user space buffers.

Signed-off-by: Seonghyun Park <seonghp@amazon.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: add bounce buffer to user mode context

Adds a bounce buffer for user space buffer to be used during syscall
processing to avoid unchecked privileged access into user space memory.

bb_alloc(),

core: add bounce buffer to user mode context

Adds a bounce buffer for user space buffer to be used during syscall
processing to avoid unchecked privileged access into user space memory.

bb_alloc(), bb_free(), and bb_reset() are added to manage memory
allocation from the bounce buffer.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

arm64: Introduce permissive PAN implementation

Privileged Access Never (PAN) is a part of ARMv8.1 extension that
restricts accesses to unprivileged memory from privileged mode
in order to prevent un

arm64: Introduce permissive PAN implementation

Privileged Access Never (PAN) is a part of ARMv8.1 extension that
restricts accesses to unprivileged memory from privileged mode
in order to prevent unintended accesses to potentially malicious
memory.

This introduces configuration of PAN and helper functions
enter_user_access() and exit_user_access() that toggles PSTATE.PAN
that controls the behavior of PAN.

Current OP-TEE impelmentation is not ready to apply strict PAN policy
due to missing user-access function uses, etc.

Hence, this patch takes a very permissive approach (yet better
than nothing), where PAN is deactivated in the entire lifetime of
thread_svc_handler (i.e., system call).

Signed-off-by: Seonghyun Park <seonghp@amazon.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: crypto_bignum_free(): add indirection and set pointer to NULL

To prevent human mistake, crypto_bignum_free() sets the location of the
bignum pointer to NULL after freeing it.

Signed-off-by: J

core: crypto_bignum_free(): add indirection and set pointer to NULL

To prevent human mistake, crypto_bignum_free() sets the location of the
bignum pointer to NULL after freeing it.

Signed-off-by: Jihwan Park <jihwp@amazon.com>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: thread: Add support for canary value randomization

Currently hardcoded magic number is used as thread stack canary,
an attacker with full control over the overflow can embed the
hardcoded cana

core: thread: Add support for canary value randomization

Currently hardcoded magic number is used as thread stack canary,
an attacker with full control over the overflow can embed the
hardcoded canary value on the right location to bypass the overflow
detection.

To add extra layer of security, redefine the canary value as variable,
such that the canary can be initialized during runtime.

The canaries are initialized with static values from thread_init_canaries()
during the early boot stage. The plat_get_random_stack_canaries() is
refactored to support arbitrary-length random numbers, and a new function
called thread_update_canaries() is created to fetch the random values and
update the thread canaries. For CFG_NS_VIRTUALIZATION=y, the updated
function is disabled.

Signed-off-by: Vincent Chuang <Vincent.Chuang@mediatek.com>
Signed-off-by: Randy Hsu <Randy-CY.Hsu@mediatek.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: stm32mp13: update stm32mp13 SoC and board DTS files

Updates STM32MP13* SoC DTSI files and STM32MP135F-DK board DTS file
and related DT binding header files.

Acked-by: Gatien Chevallier <gatien

dts: stm32mp13: update stm32mp13 SoC and board DTS files

Updates STM32MP13* SoC DTSI files and STM32MP135F-DK board DTS file
and related DT binding header files.

Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_etzpc: register to dt_driver as simple bus

Registers stm32_etzpc driver to dt_drver as simple bus as expected
by forth coming update of STM32MP13 SoC variant DTSI files.

Removes stm3

drivers: stm32_etzpc: register to dt_driver as simple bus

Registers stm32_etzpc driver to dt_drver as simple bus as expected
by forth coming update of STM32MP13 SoC variant DTSI files.

Removes stm32_etzpc_init() that is not used by the platform.

Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: interrupt: interrupt chip framework

Extends itr_chip framework to allow interrupt controllers to register
as interrupt chip and other interrupt management methods it their
owns interrupt consu

core: interrupt: interrupt chip framework

Extends itr_chip framework to allow interrupt controllers to register
as interrupt chip and other interrupt management methods it their
owns interrupt consumer through the interrupt_xxx() API function.

This change does not modify the existing interrupt API function that
allow a driver to get an interrupt from the CPU main interrupt controller.
A later change will remove these old API functions.

This changes adds fields in existing structures defined in interrupt.h:
- itr_handler::chip back references the interrupt controller
- itr_chip::handlers is a list head for controller registered handlers
- itr_chip::name for debug trace purpose
- itr_ops::mask and itr_ops::unmask to mask/unmask an interrupt

The new API functions exposed to interrupt consumers are:
- interrupt_add_configure_handler(), interrupt_remove_handler() and
helper functions interrupt_add_handler() and
interrupt_add_handler_with_chip();
- interrupt_alloc_add_handler() and interrupt_remove_free_handler();
- interrupt_configure(), interrupt_enable(), interrupt_disable(),
interrupt_mask() and interrupt_unmask();

Interrupt controllers shall call generic API function
interrupt_call_handlers() to have their registered consumer handlers
called upon their related interrupt occurrences.

Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: mm: Rename "mva" to "va" for TLB operations

The terminology "mva" is specific for older ARM architecture which has
FCSE extension. To support multiple architecture, it would be good to
rename

core: mm: Rename "mva" to "va" for TLB operations

The terminology "mva" is specific for older ARM architecture which has
FCSE extension. To support multiple architecture, it would be good to
rename "mva" to common terminology, such as "va". This PR renames "mva"
to "va" in TLB operations for ARM64 and RISC-V. For ARM32, "mva" is
reserved because it is really defined in ARM32's documentations.

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: pinctrl: fix line breaks in propotypes

Fixes pin ctrl.h header file prototype declaration as per preferred
by toolchains as clang.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Sign

drivers: pinctrl: fix line breaks in propotypes

Fixes pin ctrl.h header file prototype declaration as per preferred
by toolchains as clang.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: dt_driver: swap TEE_result and retrieved device reference

Changes dt_driver callback function to return a TEE_Result value
and pass retrieved device reference by a output argument rather
than

core: dt_driver: swap TEE_result and retrieved device reference

Changes dt_driver callback function to return a TEE_Result value
and pass retrieved device reference by a output argument rather
than the opposite.

This change updates dt_driver.c, dt_driver.h and all drivers
implementing related dt_driver callback function.

As a consequence, this change removes all type definition related
to device specific callback handler function types which are useless
as all these now comply with type dt_driver_probe_func defined in
dt_driver.h.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: mm: Introduce next_level field of struct core_mmu_table_info

The address translation rule is architecture specific, e.g., ARM adopts
increasing style while the address is translated to finer-g

core: mm: Introduce next_level field of struct core_mmu_table_info

The address translation rule is architecture specific, e.g., ARM adopts
increasing style while the address is translated to finer-grained table,
while RISC-V adopts decreasing style. Therefore, we add a "next_level"
field into the struct core_mmu_table_info, which represents the next
finer-grained translation level. By doing this, we can decouple the
core address translation rule from architecture specific manner.

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: mm: Reduce size of struct core_mmu_table_info

The level and shift of struct core_mmu_table_info could be uint8_t to
reduce the size of the structure.

Signed-off-by: Alvin Chang <alvinga@andes

core: mm: Reduce size of struct core_mmu_table_info

The level and shift of struct core_mmu_table_info could be uint8_t to
reduce the size of the structure.

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: dt_driver: add helper for old fashion interrupt bindings

Adds a helper function dt_driver_device_from_node_idx_prop_phandle()
in device tree driver probing framework for when a DT node propert

core: dt_driver: add helper for old fashion interrupt bindings

Adds a helper function dt_driver_device_from_node_idx_prop_phandle()
in device tree driver probing framework for when a DT node property
contains a resource references but not the related device phandle as
first property cell, as for property "interrupts" which should get the
interrupt controller phandle from property "interrupt-parent". This
change aims at supporting "interrupts" property DT bindings.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

core: dt_driver: define interrupt controller drivers identifier

Defines identifier DT_DRIVER_INTERRUPT in dt_driver_type enumerated type
for interrupt controller drivers.

Acked-by: Jens Wiklander <

core: dt_driver: define interrupt controller drivers identifier

Defines identifier DT_DRIVER_INTERRUPT in dt_driver_type enumerated type
for interrupt controller drivers.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...