drivers: stm32_remote_proc: fix definition of stm32_rproc_compat_data

Fix compilation error of core/drivers/remoteproc/stm32_remoteproc.c
Move bool ns_loading from "struct stm32_rproc_instance" to
"

drivers: stm32_remote_proc: fix definition of stm32_rproc_compat_data

Fix compilation error of core/drivers/remoteproc/stm32_remoteproc.c
Move bool ns_loading from "struct stm32_rproc_instance" to
"struct stm32_rproc_compat_data".

Fixes: a03044318866 ("drivers: stm32_remote_proc: add stm32_rproc_is_secure()")
Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: boot: add boot_init_primary_runtime()

Split the early parts of boot_init_primary_final() into
boot_init_primary_runtime(). boot_init_primary_runtime() initializes the
runtime, part of that is

core: boot: add boot_init_primary_runtime()

Split the early parts of boot_init_primary_final() into
boot_init_primary_runtime(). boot_init_primary_runtime() initializes the
runtime, part of that is to generate the PAUTH keys. The PAUTH keys are
loaded in assembly before boot_init_primary_final() is called.

This fixes an error when SPs are initialized by entering and exiting
S-EL0 from boot_init_primary_final() but the PAUTH registers hasn't been
initialized with the right values.
E/TC:0 0 Core undef-abort at address 0xe106be4
E/TC:0 0 esr 0x72000000 ttbr0 0x200000e27d000 ttbr1 0x00000000 cidr 0x0
E/TC:0 0 cpu #0 cpsr 0x60000144
E/TC:0 0 x0 0000000000000000 x1 0000000000000000
E/TC:0 0 x2 0000000000000000 x3 0000000000000000
E/TC:0 0 x4 000000000e27a060 x5 000000000e27a05c
E/TC:0 0 x6 000000000000009f x7 0000000000000083
E/TC:0 0 x8 0000000000000000 x9 0000000000004367
E/TC:0 0 x10 000000000000009f x11 0000000000000000
E/TC:0 0 x12 0000000000000000 x13 0000000040006f80
E/TC:0 0 x14 0000000000000000 x15 0000000000000000
E/TC:0 0 x16 000000000e107460 x17 0000000000000000
E/TC:0 0 x18 0000000000000000 x19 000000000e002000
E/TC:0 0 x20 000000000e300000 x21 0000000040000000
E/TC:0 0 x22 0000000000000000 x23 000000000e272830
E/TC:0 0 x24 000000000e22c250 x25 0000000000000000
E/TC:0 0 x26 0000000000000000 x27 0000000000000000
E/TC:0 0 x28 0000000000000000 x29 000000000e27a020
E/TC:0 0 x30 0a2ed3b10e1314e8 elr 000000000e106be4
E/TC:0 0 sp_el0 000000000e27a010
E/TC:0 0 TEE load address @ 0xe100000
E/TC:0 0 Core undef-abort at address 0xe106be4 .debug_info+27620
E/TC:0 0 Call stack:
E/TC:0 0 0x0e106be4 thread_enter_user_mode at core/arch/arm/kernel/thread.c:1049
E/TC:0 0 0x0e110628 sp_open_session at core/arch/arm/kernel/secure_partition.c:635
E/TC:0 0 0x0e112508 sp_init_uuid at core/arch/arm/kernel/secure_partition.c:1583
E/TC:0 0 0x0e1135f8 sp_init_all at core/arch/arm/kernel/secure_partition.c:2018
E/TC:0 0 0x0e137950 do_init_calls at core/kernel/initcall.c:20
E/TC:0 0 0x0e137b0c call_finalcalls at core/kernel/initcall.c:73

Fixes: b5ec8152f3e5 ("core: arm: refactor boot")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-rockchip: rk3588: Correct TZDRAM_START and SHMEM_START

Update the TZDRAM_START and SHMEM_START values to match the PX30 and
RK3399 values. If this is not done, a compressed kernel using the
def

plat-rockchip: rk3588: Correct TZDRAM_START and SHMEM_START

Update the TZDRAM_START and SHMEM_START values to match the PX30 and
RK3399 values. If this is not done, a compressed kernel using the
default value of kernel_comp_addr_r (0x0a000000) within U-Boot and
having a decompressed size greater than 28MiB puts the decompressed
kernel in the reserved address space for OP-TEE that starts at
0x08400000. Using the values for the RK3399 and PX30 avoids this
problem.

Fixes: 14754b93b1b7 ("plat-rockchip: add support for Rockchip rk3588")
Signed-off-by: Chris Morgan <macromorgan@hotmail.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

plat-rockchip: rk3588: Increase FDT Max Size to 384KiB

Increase the maximum size of the FDT to 384KiB to match the proposed
changes with Arm Trusted Firmware. This allows us to pass and parse
the FD

plat-rockchip: rk3588: Increase FDT Max Size to 384KiB

Increase the maximum size of the FDT to 384KiB to match the proposed
changes with Arm Trusted Firmware. This allows us to pass and parse
the FDT within OP-TEE. When doing this, we also need to allow OP-TEE
to detect the maximum PA bits so that allocating RAM above 4GiB does
not fail.

With these two changes, OP-TEE can parse and add the correct memory
nodes to the devicetree passed to it automatically.

Associated A-TF commit:
https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/34997

Signed-off-by: Chris Morgan <macromorgan@hotmail.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

plat-stm32mp1: conf: default enable HASH

Default enable HASH compilation.
Enable CFG_STM32_CRYPTO_DRIVERS if any crypto IP is compiled.

Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>

plat-stm32mp1: conf: default enable HASH

Default enable HASH compilation.
Enable CFG_STM32_CRYPTO_DRIVERS if any crypto IP is compiled.

Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: stm32: enable HASH on stm32mp135f-dk

Sets HASH peripheral status to okay.

Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

crypto: stm32: use HASH IP for HASH and HMAC algorithm

Add HASH IP drivers, and add hooks in OP-TEE crypto framework to use
HASH IP to do HASH and HMAC process

Signed-off-by: Nicolas Toromanoff <ni

crypto: stm32: use HASH IP for HASH and HMAC algorithm

Add HASH IP drivers, and add hooks in OP-TEE crypto framework to use
HASH IP to do HASH and HMAC process

Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com>
Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: riscv: mm: Support dynamic allocation of translation tables

With CFG_DYN_CONFIG enabled allocate translation tables using the
boot_mem_*() functions. Static allocation from global variables is

core: riscv: mm: Support dynamic allocation of translation tables

With CFG_DYN_CONFIG enabled allocate translation tables using the
boot_mem_*() functions. Static allocation from global variables is still
used with CFG_DYN_CONFIG disabled.

This commit is referenced from ARM introduced in commit a28e4a0fe48d
("core: arm: mm: dynamic allocation of LPAE translation tables").

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Yu-Chien Peter Lin <peter.lin@sifive.com>

show more ...

core: riscv: mm: Minor refactoring and add missing code

Add core_pos as argument of core_mmu_get_root_pgt_va() and clean up
relevant code. Add missing code of printing memory map into
core_init_mmu_

core: riscv: mm: Minor refactoring and add missing code

Add core_pos as argument of core_mmu_get_root_pgt_va() and clean up
relevant code. Add missing code of printing memory map into
core_init_mmu_prtn_tee().

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Yu-Chien Peter Lin <peter.lin@sifive.com>

show more ...

core: riscv: Add boot mem paddings to the heap

Add the paddings added due to requested alignment in boot mem
allocations to the heap.

This commit is referenced from ARM architecture introduced in c

core: riscv: Add boot mem paddings to the heap

Add the paddings added due to requested alignment in boot mem
allocations to the heap.

This commit is referenced from ARM architecture introduced in commit
0799b137207b ("core: arm: add boot mem paddings to the heap").

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Yu-Chien Peter Lin <peter.lin@sifive.com>

show more ...

core: Implicitly enable CFG_BOOT_MEM

Now both ARM and RISC-V architectures support and enable CFG_BOOT_MEM by
default. It's unnecessary to define CFG_BOOT_MEM. This commit removes
CFG_BOOT_MEM and r

core: Implicitly enable CFG_BOOT_MEM

Now both ARM and RISC-V architectures support and enable CFG_BOOT_MEM by
default. It's unnecessary to define CFG_BOOT_MEM. This commit removes
CFG_BOOT_MEM and relevant dead code.

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Yu-Chien Peter Lin <peter.lin@sifive.com>

show more ...

core: riscv: Preparation to support CFG_BOOT_MEM

Refer to commit d461c892a15a ("core: arm: enable CFG_BOOT_MEM
unconditionally") and commit f12843460d47 ("core: mm: allocate
temporary memory map arr

core: riscv: Preparation to support CFG_BOOT_MEM

Refer to commit d461c892a15a ("core: arm: enable CFG_BOOT_MEM
unconditionally") and commit f12843460d47 ("core: mm: allocate
temporary memory map array"), call the boot_mem_*() functions as
needed from entry.S and boot.c for RISC-V architecture.

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Yu-Chien Peter Lin <peter.lin@sifive.com>

show more ...

core: imx: enable ELE by default

Enable ELE by default on all ELE supported devices

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked

core: imx: enable ELE by default

Enable ELE by default on all ELE supported devices

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: ele: rng: get random number from ELE

TEE_GenerateRandom() supported by ELE get random command on imx93 & imx91.

Issues in the ELE FW have been found when both, secure and
non-secure worlds

drivers: ele: rng: get random number from ELE

TEE_GenerateRandom() supported by ELE get random command on imx93 & imx91.

Issues in the ELE FW have been found when both, secure and
non-secure worlds are communicating with ELE.

To prevent any issue, rely on RNG software in OPTEE. The compilation of
hw_get_random_bytes() is conditioned by CFG_WITH_SOFTWARE_PRNG.
Set CFG_WITH_SOFTWARE_PRNG=y by default.

With CFG_WITH_SOFTWARE_PRNG enabled in OP-TEE, ELE will not be used
in OP-TEE at runtime and Linux can access the ELE without conflicts.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Signed-off-by: Olivier Masse <olivier.masse@nxp.com>
Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: ele: enable TRUST MU in OP-TEE for i.MX93-EVK/i.MX91-EVK

There is TRUST MU available on i.MX91 and i.MX93 platforms.

TRUST MU can be used to access some HW features of Edgelock Enclave whi

drivers: ele: enable TRUST MU in OP-TEE for i.MX93-EVK/i.MX91-EVK

There is TRUST MU available on i.MX91 and i.MX93 platforms.

TRUST MU can be used to access some HW features of Edgelock Enclave which
Normal MU cannot, but for now it is configured to be used to communicate
with ELE FW.

So Kernel will use Normal MU and OP-TEE will use TRUST MU.

There is special setup needed to write to Trust MU.
* First for TRUST-MU we must write a valid command to TR0 before we can
write any of the remaining registers, and TR15 is reserved for special
USM command.
* The CMD field for TR0 is bits 31:26 and must be greater than
the value of the watermark set in SCM_CR2[31:22]. Typically
if you just set the MSB (bit 31) its enough.
* SIZE must be programmed in bits 19:16 of TR0, we cannot write
TRn past the specified size in this bit field

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: ele: add SAB init command

There has been addition of SAB init command for initializing
the Edgeleock enclave services.

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jens

drivers: ele: add SAB init command

There has been addition of SAB init command for initializing
the Edgeleock enclave services.

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: ele: update session open command parameters

Update session open command parameters to be compatible with
ELE FW API doc

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jen

drivers: ele: update session open command parameters

Update session open command parameters to be compatible with
ELE FW API doc

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: ele: allocate data in heap for HUK derivation

Use the heap and the ELE memory allocator instead of using the stack.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Signed-off-by: Sahi

drivers: ele: allocate data in heap for HUK derivation

Use the heap and the ELE memory allocator instead of using the stack.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: ele: use the baseline API to retrieve the UID

Use the baseline API instead of the HSM to retrieve the UID. These two
API calls are duplicates and the HSM call is soon deprecated.

Signed-of

drivers: ele: use the baseline API to retrieve the UID

Use the baseline API instead of the HSM to retrieve the UID. These two
API calls are duplicates and the HSM call is soon deprecated.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: ele: disable ASLR for imx8ulp

On imx8ulp, the RNG code from ELE is not available at resume. Disable
the ASLR feature and make it available for imx93 only.

Signed-off-by: Clement Faure <cle

drivers: ele: disable ASLR for imx8ulp

On imx8ulp, the RNG code from ELE is not available at resume. Disable
the ASLR feature and make it available for imx93 only.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: ele: add memory management functions

Add memory management function

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Et

drivers: ele: add memory management functions

Add memory management function

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: ele: getting common macros and functions in header file

Taking out macros and functions from c file and put them in
header file for being used by the other files of crypto driver.

Signed-o

drivers: ele: getting common macros and functions in header file

Taking out macros and functions from c file and put them in
header file for being used by the other files of crypto driver.

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: ele: move ELE to a dedicated directory

Created a new folder in core/drivers/crypto named ele
and moved ele.c in that folder.
This is done for making the base for further crypto driver
based

drivers: ele: move ELE to a dedicated directory

Created a new folder in core/drivers/crypto named ele
and moved ele.c in that folder.
This is done for making the base for further crypto driver
based on ELE.

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

riscv: plat-virt: add APLIC and IMSIC support for QEMU virt platform

- Add APLIC and IMSIC configurations for the QEMU virt platform.
- Override the interrupt controller initialization and interrupt

riscv: plat-virt: add APLIC and IMSIC support for QEMU virt platform

- Add APLIC and IMSIC configurations for the QEMU virt platform.
- Override the interrupt controller initialization and interrupt handler
functions when using APLIC or IMSIC.

Signed-off-by: Huang Borong <huangborong@bosc.ac.cn>
Reviewed-by: Alvin Chang <alvinga@andestech.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: add RISC-V APLIC interrupt driver

The RISC-V Advanced Interrupt Architecture (AIA) specification introduces
the APLIC, which can serve as a new external interrupt controller to
replace the

drivers: add RISC-V APLIC interrupt driver

The RISC-V Advanced Interrupt Architecture (AIA) specification introduces
the APLIC, which can serve as a new external interrupt controller to
replace the original Platform-Level Interrupt Controller (PLIC) or as a
device to convert wired interrupts into message-signaled interrupts
(MSIs) and forward them to the Incoming MSI Controller (IMSIC).

The APLIC driver supports both "direct delivery mode" and
"MSI delivery mode." Use the `CFG_RISCV_APLIC` flag to enable the
APLIC driver in "direct delivery mode," and use the
`CFG_RISCV_APLIC_MSI` flag to enable the APLIC driver in "MSI
delivery mode" when selecting `CFG_RISCV_IMSIC`.

APLIC initialization can be done through the device tree.

For more details, see: https://github.com/riscv/riscv-aia

Signed-off-by: Huang Borong <huangborong@bosc.ac.cn>
Reviewed-by: Alvin Chang <alvinga@andestech.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...