driver: crypto: hisilicon: Add the mailbox operation lock

refactor function of mailbox operation to ensure atomaticity

Fixes: c7f9abcee87f ("drivers: implement HiSilicon Queue Management (QM) modul

driver: crypto: hisilicon: Add the mailbox operation lock

refactor function of mailbox operation to ensure atomaticity

Fixes: c7f9abcee87f ("drivers: implement HiSilicon Queue Management (QM) module")
Signed-off-by: Zexi Yu <yuzexi@hisilicon.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm64: read_64bit_pair()

Implement read_64bit_pair that read two 64 bits data together.

Signed-off-by: Zexi Yu <yuzexi@hisilicon.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

plat-sam: force CFG_EXTERNAL_DT to n

Because this feature isn't used on SAM platforms and to disable DT
insecure warning.

Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
Acked-by: Jens Wik

plat-sam: force CFG_EXTERNAL_DT to n

Because this feature isn't used on SAM platforms and to disable DT
insecure warning.

Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

dts: stm32: secure pins for peripherals used in the secure world

These pins are used by RCC MCO and the I2C4. As these peripherals are
used in OP-TEE, secure them.

Signed-off-by: Gatien Chevallier

dts: stm32: secure pins for peripherals used in the secure world

These pins are used by RCC MCO and the I2C4. As these peripherals are
used in OP-TEE, secure them.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_gpio: add secure configuration for GPIOs

This change adds security support for GPIOS. A bank of GPIO now has a
secure support and configuration.

Secure support is defined in the devi

drivers: stm32_gpio: add secure configuration for GPIOs

This change adds security support for GPIOS. A bank of GPIO now has a
secure support and configuration.

Secure support is defined in the device tree. If a GPIO bank is defined
as secure, the secure configuration is read through st,protreg device
tree property and is applied during probe.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dt-bindings: add TZPROT macro

Add TZPROT macro to define the security level for GPIOs

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carrier

dt-bindings: add TZPROT macro

Add TZPROT macro to define the security level for GPIOs

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_gpio: fix coding style issues

Prefer U(x) in definition of macros for unsigned ints.

Signed-off-by: Gatien Chevallier <gatien.chevallier@st.com>
Reviewed-by: Etienne Carriere <etienn

drivers: stm32_gpio: fix coding style issues

Prefer U(x) in definition of macros for unsigned ints.

Signed-off-by: Gatien Chevallier <gatien.chevallier@st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_gpio: fix iteration in set_bank_gpio_non_secure()

The for loop iterates over one too many elements.

Fixes: be53ee7b15f6 ("plat-stm32mp1: fix default setting GPIO as non-secure")
Sign

drivers: stm32_gpio: fix iteration in set_bank_gpio_non_secure()

The for loop iterates over one too many elements.

Fixes: be53ee7b15f6 ("plat-stm32mp1: fix default setting GPIO as non-secure")
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp2: fix test on CFG_STM32_UART

Fix test directive on CFG_STM32_UART that boolean CFG_ configuration
switches do not have a meaningful value.

Fixes: bd1fffe512ce ("plat-stm32mp2: add new

plat-stm32mp2: fix test on CFG_STM32_UART

Fix test directive on CFG_STM32_UART that boolean CFG_ configuration
switches do not have a meaningful value.

Fixes: bd1fffe512ce ("plat-stm32mp2: add new platform support")
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: arm: kernel_spmc: correct CFG_SECURE_PARTITION test

Replace occurrences of #if CFG_SECURE_PARTITION to a #ifdef test
as boolean CFG_ configuration switches do not have a meaningful value.

Fix

core: arm: kernel_spmc: correct CFG_SECURE_PARTITION test

Replace occurrences of #if CFG_SECURE_PARTITION to a #ifdef test
as boolean CFG_ configuration switches do not have a meaningful value.

Fixes: 4d0288475267 ("core: spmc: handle non-secure interrupts")
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_iwdg: enable state helper functions

Add iwdg_wdt_set_enabled() to register the watchdog is activated
and rename is_enable() to iwdg_wdt_is_enabled() for consistency.

Acked-by: Jerome

drivers: stm32_iwdg: enable state helper functions

Add iwdg_wdt_set_enabled() to register the watchdog is activated
and rename is_enable() to iwdg_wdt_is_enabled() for consistency.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_iwdg: enable bus clock once for all

Enable STM32 IWDG driver bus clock together with the IWDG kernel
clock when the driver is initialized. This clock is needed to propagate
IWDG early

drivers: stm32_iwdg: enable bus clock once for all

Enable STM32 IWDG driver bus clock together with the IWDG kernel
clock when the driver is initialized. This clock is needed to propagate
IWDG early interrupt to the system.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Antonio Borneo <antonio.borneo@foss.st.com>

show more ...

drivers: stm32_iwdg: rename bus clock to clk_pclk

Rename STM32 IWDG watchdog bus clock clk_pclk, matching the reference
manual naming instead of clock.

Acked-by: Jerome Forissier <jerome.forissier@

drivers: stm32_iwdg: rename bus clock to clk_pclk

Rename STM32 IWDG watchdog bus clock clk_pclk, matching the reference
manual naming instead of clock.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_iwdg: remove stm32_iwdg_refresh()

Remove unused stm32_iwdg_refresh() intended to refresh all registered
watchdog devices.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Rev

drivers: stm32_iwdg: remove stm32_iwdg_refresh()

Remove unused stm32_iwdg_refresh() intended to refresh all registered
watchdog devices.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_iwdg: provide timeout range

Implement watchdog service init handler that is needed by U-Boot
to get min/max timeout range.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Re

drivers: stm32_iwdg: provide timeout range

Implement watchdog service init handler that is needed by U-Boot
to get min/max timeout range.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>

show more ...

drivers: stm32_iwdg: fix timeout configuration

Fix test on watchdog refresh command success used to program the
watchdog timeout.

Fixes: 0bdd7f5ba821 ("drivers: stm32_iwdg: implementation of indepe

drivers: stm32_iwdg: fix timeout configuration

Fix test on watchdog refresh command success used to program the
watchdog timeout.

Fixes: 0bdd7f5ba821 ("drivers: stm32_iwdg: implementation of independent watchdog")
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-sam: add the header file for sama7g5

Include <sama7g5.h> in platform_config.h and add definitions to adapt
names already used by sama5d2.

Signed-off-by: Tony Han <tony.han@microchip.com>
Acked

plat-sam: add the header file for sama7g5

Include <sama7g5.h> in platform_config.h and add definitions to adapt
names already used by sama5d2.

Signed-off-by: Tony Han <tony.han@microchip.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-sam: matrix: update code to be reuseable for sama7g5

Besides sama5d2, sama7g5 also has the matrix. Following changes are done
to make the code reuseable for supporting sama7g5:
- move definitio

plat-sam: matrix: update code to be reuseable for sama7g5

Besides sama5d2, sama7g5 also has the matrix. Following changes are done
to make the code reuseable for supporting sama7g5:
- move definition of "peri_security_array[]" from matrix.c to main.c
- replace "matrix32_base()" and "matrix64_base()" with "matrix_base()"
- update code according to the above changes

Signed-off-by: Tony Han <tony.han@microchip.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: add stm32mp15*-scmi.dts files for when RCC is secure

For legacy reason and compatibility with existing platforms embedding
OP-TEE with RCC secure hardening being disabled, introduce -scmi.dts f

dts: add stm32mp15*-scmi.dts files for when RCC is secure

For legacy reason and compatibility with existing platforms embedding
OP-TEE with RCC secure hardening being disabled, introduce -scmi.dts for
the 4 ST boards STM32MP15x: DK1, DK2, ED1 and EV1 where we enable RCC
security require non-secure world to use SCMI resources. Add platform
flavors 157x_XXX_SCMI to ease DTS selection.

stm32mp15*-<board>.dts applies an insecure RCC configuration.
stm32mp15*-<board>-scmi.dts applies the secure RCC configuration.
This better reflects the configurations supported in the Linux kernel
and U-Boot source trees.

Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: clk_dt: include missing clk.h header file

clk resources are used in this file. Add missing include.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Jerome Foriss

drivers: clk_dt: include missing clk.h header file

clk resources are used in this file. Add missing include.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

dts: stm32: update m4_rproc to support the remoteproc OP-TEE framework

Update device tree to support the load of the remoteproc firmware
by OP-TEE.
- declare m_ipc_shm memory region that can contain

dts: stm32: update m4_rproc to support the remoteproc OP-TEE framework

Update device tree to support the load of the remoteproc firmware
by OP-TEE.
- declare m_ipc_shm memory region that can contain the remote processor
resource table and trace buffer,
- update reset to align declaration with the Linux devicetree

To enable the load of the coprocessor firmware by OP-TEE, user have
to update the m4_rproc node compatible property:
-"st,stm32mp1-m4": the load is managed by Linux or U-boot,
-"st,stm32mp1-m4-tee": the load is managed by OP-TEE.

Signed-off-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

plat-stm32mp1: Add the remoteproc TA in early TA list

On the stm32mp1 platform, it is possible to load firmware during the
bootloader stage, for instance, by U-boot. To enable this feature,
The remo

plat-stm32mp1: Add the remoteproc TA in early TA list

On the stm32mp1 platform, it is possible to load firmware during the
bootloader stage, for instance, by U-boot. To enable this feature,
The remoteproc TA should be added to the list of early-TAs.

Signed-off-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

pta: stm32mp: add new remoteproc PTA

Add remoteproc PTA for the stm32mp1 platform.
The PTA relies on the stm32_remoteproc driver for the remoteproc
management.
It is charge of providing interface fo

pta: stm32mp: add new remoteproc PTA

Add remoteproc PTA for the stm32mp1 platform.
The PTA relies on the stm32_remoteproc driver for the remoteproc
management.
It is charge of providing interface for authenticating firmware images
and managing the remote processor live cycle.

Signed-off-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers: Add stm32mp1 remoteproc driver

This driver is responsible for configuring the registers and memories of
the remote processor.
- It stores information about memories assigned to the remote p

drivers: Add stm32mp1 remoteproc driver

This driver is responsible for configuring the registers and memories of
the remote processor.
- It stores information about memories assigned to the remote processor
based on the device tree.
- It ensures consistency between the registered memory and the addresses
of the firmware segments to be loaded.
- Additionally, it is responsible for starting and stopping the remote
processor core.

Signed-off-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers: caam: provide plat_rng_init if CFG_WITH_SOFTWARE_PRNG=y

With CFG_NXP_CAAM_RNG_DRV enabled, OP-TEE will use the CAAM
to generate random numbers. Normal world access to the RNG is still
possi

drivers: caam: provide plat_rng_init if CFG_WITH_SOFTWARE_PRNG=y

With CFG_NXP_CAAM_RNG_DRV enabled, OP-TEE will use the CAAM
to generate random numbers. Normal world access to the RNG is still
possible as the CAAM is TrustZone aware and provides multiple separate
job rings.

For complete isolation, however, access to CAAM reset and clocks need to
be managed as well. This could be done in theory by restricting access
to the reset and clock controller peripherals to the secure world and
exporting limited access to some resources via SCMI. There is no such
support yet for the i.MX and thus some setups may prefer to avoid using
the CAAM in OP-TEE to stay safe from normal world inducing glitches.

These setups may still need random numbers in OP-TEE. Therefore, access
so have them
access the CAAM only once at startup to initialize OP-TEE's PRNG and
defer subsequent use of the CAAM to the normal world, whenever
CFG_WITH_SOFTWARE_PRNG=y.

Reviewed-by: Clement Faure <clement.faure@nxp.com>
Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>

show more ...