core: console: console initialization from embedded DTB

In case CFG_EMBED_DTB is enabled, get the chosen console from the
embedded DTB instead of the external DTB.

Signed-off-by: Sahil Malhotra <sa

core: console: console initialization from embedded DTB

In case CFG_EMBED_DTB is enabled, get the chosen console from the
embedded DTB instead of the external DTB.

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
[ec: simplify by calling get_dt(), slightly rephrase commit log]
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Sahil Malhotra <sahil.malhotra@nxp.com> (ls-lx2160ardb)

show more ...

core: boot: relax init sections from DT related resources

Move the initialization sequences that deal with device tree parsing
support out of the text_init and rodata_init sections to relax memory
p

core: boot: relax init sections from DT related resources

Move the initialization sequences that deal with device tree parsing
support out of the text_init and rodata_init sections to relax memory
pressure on them. To do so this change splits init_primary_helper()
in 2 helper functions: generic_init_primary() for resources expected
in the init sections and paged_init_primary() for resources that move
the pageable sections.

Updates inline comments to state generic_boot_init_primary() lies in
the init area, not in the unpaged area as wrongly stated prior this
change.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Etienne Carriere <etienne.carriere@linaro.org> (stm32mp1)

show more ...

plat-stm32mp1: check TZC400 configuration

Core checks TZC400 configuration during initialization to ensure
DDR firewall expectations are satisfied.

Signed-off-by: Etienne Carriere <etienne.carriere

plat-stm32mp1: check TZC400 configuration

Core checks TZC400 configuration during initialization to ensure
DDR firewall expectations are satisfied.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

tzc400: simplify tzc_configure_region() arguments

Change tzc_configure_region() to used the newly defined structure
tzc_region_config.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

tzc400: simplify tzc_configure_region() arguments

Change tzc_configure_region() to used the newly defined structure
tzc_region_config.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

tzc400: new api functions to print violation on device interrupt

Define new API function tzc_fail_dump() in TZC400 driver to print
a friendly trace when a failure is reported by the TZC400.

Define

tzc400: new api functions to print violation on device interrupt

Define new API function tzc_fail_dump() in TZC400 driver to print
a friendly trace when a failure is reported by the TZC400.

Define new API function tzc_int_clear() to clear the TZC400 interrupt
status.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

tzc400: remove useless traces from tzc_dump_state()

Remove "enter"/"exit" trace messages and those related to not
implemented filters from tzc_dump_state().

Signed-off-by: Etienne Carriere <etienne

tzc400: remove useless traces from tzc_dump_state()

Remove "enter"/"exit" trace messages and those related to not
implemented filters from tzc_dump_state().

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

tzc400: add API functions to get firewall configuration

This change modified TZC400 driver to export functions for a platform
to get memory region configuration.

On platform running OP-TEE from a s

tzc400: add API functions to get firewall configuration

This change modified TZC400 driver to export functions for a platform
to get memory region configuration.

On platform running OP-TEE from a secure DRAM protected from a TZC400
device, OP-TEE Core cannot reconfigure TZC400 for the region is executes
into. The new driver API functions allows such platform at least to
check that TZC400 configuration matches the configuration Core is
statically built with.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-stm32mp1: define platform flavors per DTS file

Identify platform flavors from targeted embedded DTS file.

Supported platform flavors are 157A_DK1, 157C_DK2, 157C_ED1 and
157C_EV1. They relate

plat-stm32mp1: define platform flavors per DTS file

Identify platform flavors from targeted embedded DTS file.

Supported platform flavors are 157A_DK1, 157C_DK2, 157C_ED1 and
157C_EV1. They relate to 2 SoC variants and 4 ST boards.

Supported SoC variants are 157A and 157C. The later implements a
cryptography computation hardware accelerator. Supported ST boards
are DK1, DK2, ED1 and EV1. The 2 first integrate a 500MByte DDR while
the 2 later integrate a 1GByte DDR.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

dts: stm32mp1: bump to Linux kernel v5.6.10 DTS files

Synchronize with STM32MP15 DTS files from Linux kernel v5.6.10.

Changes made on DTS/DTSI file from Linux kernel v5.6.10:
- stm32mp151.dtsi: add

dts: stm32mp1: bump to Linux kernel v5.6.10 DTS files

Synchronize with STM32MP15 DTS files from Linux kernel v5.6.10.

Changes made on DTS/DTSI file from Linux kernel v5.6.10:
- stm32mp151.dtsi: add ETZPC node, declare PSCI v1.0.
- stm32mp157a-dk1.dts: disable RCC secure-status.
- stm32mp157c-dk2.dts: disable RCC secure-status.
- stm32mp157c-ed1.dts (included by ev1): disable RCC secure-status.
- Remove resources related to input DT bindings using explicit inline
comments as those are under Linux kernel GPLv2 licensing model.

ETZPC node useless in non-secure Linux kernel but needed by secure
world.

RCC node remains disabled for the secure side so that RCC TZ
hardening is disabled since mainline Linux kernel and U-Boot
do not support SCMI clocks and reset domains. IWDG1, ETZPC, STGEN
and CRYP1 devices are described to ease their later integration.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

dt-bindings: update stm32-pinfunc.h

Update DT bindings for stm32 pin control with the Linux kernel v5.6.10
on which we want to synchronize DTS file with.

Signed-off-by: Etienne Carriere <etienne.ca

dt-bindings: update stm32-pinfunc.h

Update DT bindings for stm32 pin control with the Linux kernel v5.6.10
on which we want to synchronize DTS file with.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

drivers: stm32_i2c: fixup typo in sec_cfg field description

Fixup typo in i2c_cfg::sec_cfg description inline comment.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Jerome For

drivers: stm32_i2c: fixup typo in sec_cfg field description

Fixup typo in i2c_cfg::sec_cfg description inline comment.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

drivers: stm32_i2c: refine trace messages

Mostly change trace message from error level to debug level.
Remove useless 1st space character in trace messages.
Use PRI* and # flag characters were appli

drivers: stm32_i2c: refine trace messages

Mostly change trace message from error level to debug level.
Remove useless 1st space character in trace messages.
Use PRI* and # flag characters were applicable.
Fix indentation.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

drivers: stm32_i2c: allow any bus frequency

Do not limit I2C bus to 3 frequencies (100KHz, 400KHz, 1MHz). Instead
allow for any frequency up to 1MHz. Depending on the requested frequency
defined in

drivers: stm32_i2c: allow any bus frequency

Do not limit I2C bus to 3 frequencies (100KHz, 400KHz, 1MHz). Instead
allow for any frequency up to 1MHz. Depending on the requested frequency
defined in clock-frequency DT entry, use the I2C spec data from either
Standard, Fast or Fast Plus mode.

This change removes use of rate IDs and use instead the rate value
itself as identifiers, allowing more flexible implementation.

Changes local variable clock_src in i2c_setup_timing() from uint32_t
to unsigned long for consistency.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

drivers: stm32_i2c: don't recompute I2C timings setting

Save I2C timing configuration when computed and reused it when
needing the same frequency later on.

Signed-off-by: Etienne Carriere <etienne.

drivers: stm32_i2c: don't recompute I2C timings setting

Save I2C timing configuration when computed and reused it when
needing the same frequency later on.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

plat-stm32mp1: PSCI_SYSTEM_OFF support

Implement PSCI_SYSTEM_OFF command when STPMIC1 is used.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@foris

plat-stm32mp1: PSCI_SYSTEM_OFF support

Implement PSCI_SYSTEM_OFF command when STPMIC1 is used.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

plat-stm32mp1: platform driver for stpmic1

Implement STPMIC1 as PMIC (Power Management Integrated Circuit)
accessed through an I2C bus for stm32mp1 platforms. PMIC
configuration mandate device tree

plat-stm32mp1: platform driver for stpmic1

Implement STPMIC1 as PMIC (Power Management Integrated Circuit)
accessed through an I2C bus for stm32mp1 platforms. PMIC
configuration mandate device tree support as configuration
can be complex and specific per board.

At initialization Core looks for a PMIC I2C node in the FDT. If
found, it checks it can communicate with the PMIC and dump some
regulators for some debug support.

Save PMIC low power transition configuration as these information
will be needed from an unpaged execution context.

stm32mp_get_pmic()/stm32mp_put_pmic() helper functions are needed
to get/put PMIC resources.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

plat-stm32mp1: stm32mp_with_pmic() helper

Helper function stm32mp_with_pmic() tells if platform uses
a PMIC or not.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Fo

plat-stm32mp1: stm32mp_with_pmic() helper

Helper function stm32mp_with_pmic() tells if platform uses
a PMIC or not.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

imx: enable BLOB for i.MX SoCs

Unconditionally enable the BLOB driver to provide a HuK on i.MX
platforms.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Clement Faure <cle

imx: enable BLOB for i.MX SoCs

Unconditionally enable the BLOB driver to provide a HuK on i.MX
platforms.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Clement Faure <clement.faure@nxp.com>

show more ...

caam: add BLOB module for MKVB retrieval

The BLOB module currently only implements the retrieval of the MKVB to
provide a HUK implementation for i.MX platforms. The
tee_otp_get_hw_unique_key() funct

caam: add BLOB module for MKVB retrieval

The BLOB module currently only implements the retrieval of the MKVB to
provide a HUK implementation for i.MX platforms. The
tee_otp_get_hw_unique_key() function is also implemented in this module
and caches the key, since it can't be generated again at runtime.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Clement Faure <clement.faure@nxp.com>

show more ...

caam: hal: add function to increment priblob

Add a common hal function to increment the priblob. This can
conditionally be enabled with CFG_CAAM_INC_PRIBLOB to use this as a
workaround on SoCs which

caam: hal: add function to increment priblob

Add a common hal function to increment the priblob. This can
conditionally be enabled with CFG_CAAM_INC_PRIBLOB to use this as a
workaround on SoCs which can't distinguish secure and normal world in
the CAAM, i.e. i.MX6Q.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Clement Faure <clement.faure@nxp.com>

show more ...

caam: move to early init calls

Initialize the CAAM early to enable the retrieval of the MKVB.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Jerome Forissier <jerome@foris

caam: move to early init calls

Initialize the CAAM early to enable the retrieval of the MKVB.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Clement Faure <clement.faure@nxp.com>

show more ...

core: add early initcalls

The early initcalls can be used to initialize hardware which should run
before services are initialized. This can include cryptographic or
random number generation hardware

core: add early initcalls

The early initcalls can be used to initialize hardware which should run
before services are initialized. This can include cryptographic or
random number generation hardware to generate randomness or to perform
cryptographic operations for hardware unique key generation.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Clement Faure <clement.faure@nxp.com>

show more ...

core: rename KEEP_INIT() and KEEP_PAGER()

The KEEP_INIT() and KEEP_PAGER() macros are quite often used in C files
immediately after the definition of a function or a structure without a
blank line i

core: rename KEEP_INIT() and KEEP_PAGER()

The KEEP_INIT() and KEEP_PAGER() macros are quite often used in C files
immediately after the definition of a function or a structure without a
blank line in between. This style mimics what the Linux kernel does for
a similar use cases: EXPORT_SYMBOL().

Unfortunately, the checkpatch.pl tool expects a blank line after
structure and function definitions, except for a few special cases such
as EXPORT_SYMBOL(). As a result we often get unwanted warnings when we
use KEEP_INIT() and KEEP_PAGER(). Among the exceptions are all words
starting with DECLARE_ or DEFINE_, so by renaming our macros we could
avoid the checkpatch warnings.

This commit renames KEEP_INIT() and KEEP_PAGER() to DECLARE_KEEP_INIT()
and DECLARE_KEEP_PAGER(), respectively. The assembler macros are also
renamed for consistency. No functional change is expected.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: keep.h: add parentheses around sym argument in KEEP_* macros

It is good practice to use parentheses when using macro arguments to
avoid precedence issues. Do it for KEEP_PAGER() and KEEP_INIT(

core: keep.h: add parentheses around sym argument in KEEP_* macros

It is good practice to use parentheses when using macro arguments to
avoid precedence issues. Do it for KEEP_PAGER() and KEEP_INIT().

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-stm32mp1: clock: enable some secure clocks at initialization

With this change some system clocks are enabled by Core at
boot time and have a reference counter synchronized with
the clock hardwa

plat-stm32mp1: clock: enable some secure clocks at initialization

With this change some system clocks are enabled by Core at
boot time and have a reference counter synchronized with
the clock hardware state. RTCAPB must be enabled for secondary
cores to boot, if any.

This change also ensures these secure clocks are derived from
secure clocks.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...