drivers: dra7_rng: Change dra7_rng_init to service_init_crypto

Since commit 11d8578d93f0 ("core: arm: call call_driver_initcalls()
late"), driver_init is deferred and thread_update_canaries tries to

drivers: dra7_rng: Change dra7_rng_init to service_init_crypto

Since commit 11d8578d93f0 ("core: arm: call call_driver_initcalls()
late"), driver_init is deferred and thread_update_canaries tries to get
random_stack_canaries which requires the TRNG driver to be setup. Since
it was being setup as part of driver_init, it lead to crash on DRA7
platforms.

Change driver_init to service_init_crypto which is meant to be used for
initialization of crypto operations.

While here, add an assert that checks for DRA7 TRNG being used before
initialization is complete.

Signed-off-by: Andrew Davis <afd@ti.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: dt: cached data for fdt_get_reg_props_by_index()

Factorize fdt_get_reg_props_by_index() and fdt_reg_info() to
add DT cache info support to the former.

Signed-off-by: Etienne Carriere <etienne

core: dt: cached data for fdt_get_reg_props_by_index()

Factorize fdt_get_reg_props_by_index() and fdt_reg_info() to
add DT cache info support to the former.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: pta: add more self tests for virt_to_phys()

Add positive and negative virt_to_phys() and phys_to_virt() tests
in the self test PTA.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
R

core: pta: add more self tests for virt_to_phys()

Add positive and negative virt_to_phys() and phys_to_virt() tests
in the self test PTA.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: pta: add self tests for virt_to_phys()

Add virt_to_phys() and phys_to_virt() tests in the self test PTA. The
tests are performed on the recently added VCORE_FREE memory range.

Signed-off-by:

core: pta: add self tests for virt_to_phys()

Add virt_to_phys() and phys_to_virt() tests in the self test PTA. The
tests are performed on the recently added VCORE_FREE memory range.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: fix partially unmapped MEM_AREA_TEE_RAM_RW

The commit 06a258064a92 ("core: mm: allow unmapping VCORE_FREE") allows
unmapping pages from the VCORE_FREE virtual memory range, but no
bookkeeping

core: fix partially unmapped MEM_AREA_TEE_RAM_RW

The commit 06a258064a92 ("core: mm: allow unmapping VCORE_FREE") allows
unmapping pages from the VCORE_FREE virtual memory range, but no
bookkeeping is added apart from what's recorded in the translation
tables. Later, the commit 7c9b85432343 ("core: allow partially unmapped
MEM_AREA_TEE_RAM_RW") does lookups the translation tables using
arch_va2pa_helper() to find out if pages in the VCORE_FREE virtual
memory range are mapped. This works well on arm, but not on riscv which
must traverse the translation tables in software and then is caught in
an infinite recursive loop.

Fix this problem by updating the memory regions in the struct memory_map
(splitting, shrinking, and removing) as needed.

Reported-by: Huang Borong <huangborong@bosc.ac.cn>
Closes: https://github.com/OP-TEE/optee_os/issues/7237
Fixes: 06a258064a92 ("core: mm: allow unmapping VCORE_FREE")
Fixes: 7c9b85432343 ("core: allow partially unmapped MEM_AREA_TEE_RAM_RW")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_stgen: fix type in debug trace

Fix the type in a debug trace in stm32_stgen_pm_resume() to fix a
compilation warning.

Fixes: b0b019b81314 ("drivers: counter: stm32_stgen: add STGEN d

drivers: stm32_stgen: fix type in debug trace

Fix the type in a debug trace in stm32_stgen_pm_resume() to fix a
compilation warning.

Fixes: b0b019b81314 ("drivers: counter: stm32_stgen: add STGEN driver")
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: stm32: add SAES dependency on RNG firewall configuration for stm32mp13

SAES is connected to RNG by an internal RNG bus to be DPA resistant.
We must ensure that RNG is allocated to the secure wo

dts: stm32: add SAES dependency on RNG firewall configuration for stm32mp13

SAES is connected to RNG by an internal RNG bus to be DPA resistant.
We must ensure that RNG is allocated to the secure world to prevent
the non secure to shut down the RNG peripheral.
Therefore add RNG to the access-controllers of SAES node in stm32mp13
SoC DTSI files.

Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

dts: stm32: enable PKA on stm32mp135f-dk

Sets PKA peripheral status to okay.

Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com

dts: stm32: enable PKA on stm32mp135f-dk

Sets PKA peripheral status to okay.

Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

plat-stm32mp1: conf: default enable PKA

Default enable PKA compilation.
Enable the STM32_CRYPTO_DRIVERS if PKA is compiled.

Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Reviewed-by:

plat-stm32mp1: conf: default enable PKA

Default enable PKA compilation.
Enable the STM32_CRYPTO_DRIVERS if PKA is compiled.

Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

crypto: stm32: use PKA IP for ECC algorithm

Add PKA IP drivers, and add hooks in OP-TEE crypto framework to use
PKA IP to do ECC process.

Truncate hash during ECDSA signature according to the NIST

crypto: stm32: use PKA IP for ECC algorithm

Add PKA IP drivers, and add hooks in OP-TEE crypto framework to use
PKA IP to do ECC process.

Truncate hash during ECDSA signature according to the NIST
recommendation:
https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf

Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Co-developed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

dts: stm32: add PKA dependency on RNG clock for stm32mp13

Adds missing RNG clock resource in PKA nodes in stm32mp13 SoC DTSI
files.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Si

dts: stm32: add PKA dependency on RNG clock for stm32mp13

Adds missing RNG clock resource in PKA nodes in stm32mp13 SoC DTSI
files.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

dts: stm32: fix compatible name of PKA peripheral

Use st,stm32mp13-pka instead of st,stm32mp13-pka64 to be aligned with
all other STMicroelectronics compatibles.

Signed-off-by: Thomas Bourgoin <tho

dts: stm32: fix compatible name of PKA peripheral

Use st,stm32mp13-pka instead of st,stm32mp13-pka64 to be aligned with
all other STMicroelectronics compatibles.

Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

ltc: ctr: fix counter increment when LTC_FAST is defined

In CTR mode the counter needs to be incremented upon completion of each
block. Unfortunately, if there is no crypto acceleration
(accel_ctr_e

ltc: ctr: fix counter increment when LTC_FAST is defined

In CTR mode the counter needs to be incremented upon completion of each
block. Unfortunately, if there is no crypto acceleration
(accel_ctr_encrypt == NULL) and if LTC_FAST is defined, this does not
happen. Add the missing call to fix the issue.

Reported-by: Jork Loeser <jork.loeser@microsoft.com>
Closes: https://lists.trustedfirmware.org/archives/list/op-tee@lists.trustedfirmware.org/thread/J4MMZPCM2MNKC2KWAXZUMTVEJP56U6OI/
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: fix potential crash when setting transfer entry size

Fix a potential crash when the rounded up end-of-entry exceeds the
boundary of the old end-of-transfer-list when setting the size of
a tran

core: fix potential crash when setting transfer entry size

Fix a potential crash when the rounded up end-of-entry exceeds the
boundary of the old end-of-transfer-list when setting the size of
a transfer entry.

The crash happens when the specified entry is the last one in the
transfer list and its rounded up end 'old_ev' exceeds the
'tl_old_ev' which is not rounded up, leading to a negative value
with (tl_old_ev - old_ev).

Logically, 'tl_old_ev > old_ev' is the only case that indicates
there are subsequent entries to be moved.

Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: stm32_i2c: use compatible st,stm32mp15-i2c-non-secure

Change STM32 I2C driver to rely on the compatible DT property of the
node to store whether the bus is expected assigned to secure or
no

drivers: stm32_i2c: use compatible st,stm32mp15-i2c-non-secure

Change STM32 I2C driver to rely on the compatible DT property of the
node to store whether the bus is expected assigned to secure or
non-secure world. Using a non-secure I2C bus in OP-TEE on stm32mp1
platforms is something expected only on STM32MP15 variant for
compatibility with platform already supported in upstream Linux/U-Boot
components, as defined by st,stm32mp15-i2c-non-secure specific
compatible string ID.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

dts: stm32: stm32mp15 DH board uses non-secure I2C4 bus

Update stm32mp15 based DH boards DTS file to explicitly use non-secure
I2C4 bus as set in the ETZPC node st,decprot property.

Signed-off-by:

dts: stm32: stm32mp15 DH board uses non-secure I2C4 bus

Update stm32mp15 based DH boards DTS file to explicitly use non-secure
I2C4 bus as set in the ETZPC node st,decprot property.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: pta: stats: Explicit Public DDR stats are deprecated

Explicitly mention in Public DDR allocation stats info that these
statistics are deprecated. With this change, the information
displayed by

core: pta: stats: Explicit Public DDR stats are deprecated

Explicitly mention in Public DDR allocation stats info that these
statistics are deprecated. With this change, the information
displayed by `xtest --stats --alloc` better show why the
printed values are all 0s for this pool.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: pta: stats: Explicit when nexus heap stats is not applicable

Explicitly mention in the nexus heap statistics info when the
nexus heap is disabled. With this change, the information displayed
b

core: pta: stats: Explicit when nexus heap stats is not applicable

Explicitly mention in the nexus heap statistics info when the
nexus heap is disabled. With this change, the information displayed
by `xtest --stats --alloc` better show why the printed values are all
0s for this pool.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: pta: stats: get RPMB secure storage allocation stats

Retrieve RPMB secure storage space allocation statistics from
PTA stats STATS_CMD_ALLOC_STATS command.

STATS_NB_POOLS is intentionally not

core: pta: stats: get RPMB secure storage allocation stats

Retrieve RPMB secure storage space allocation statistics from
PTA stats STATS_CMD_ALLOC_STATS command.

STATS_NB_POOLS is intentionally not incremented since it is
expected to give the number of pools which IDs start from 1
(ALLOC_ID_HEAP), not from 0 (ALLOC_ID_ALL) that is a magic
ID.

Ensure the stats are all 0 for when RPMB_FS is not supported or we
failed to get the stats info. For this, let's zero initialize the
shared buffer so that these default stats also apply on other stats
that may not be reachable (deprecate public DDR pool, Nexus heap).

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: rpmb: get RPMB storage space allocation stats

Add rpmb_mem_stats() to get the RPMB secure storage space allocation
statistics.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
A

core: rpmb: get RPMB storage space allocation stats

Add rpmb_mem_stats() to get the RPMB secure storage space allocation
statistics.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: expand the fdt transfer entry right before it is being used

Move the expanding of fdt transfer entry from boot_init_primary_early
to boot_init_primary_late.

Logically expanding of the fdt ent

core: expand the fdt transfer entry right before it is being used

Move the expanding of fdt transfer entry from boot_init_primary_early
to boot_init_primary_late.

Logically expanding of the fdt entry is not required until the
system needs to update it with new nodes which happens in init primary
late.

Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-stm32mp2: conf: default enable STGEN for STM32MP2 platforms

Default enable STGEN for STM32MP2 platforms.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne C

plat-stm32mp2: conf: default enable STGEN for STM32MP2 platforms

Default enable STGEN for STM32MP2 platforms.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: stm32: add STGEN node in stm32mp251.dtsi

Add the STGEN node in the stm32mp251.dtsi SoC device tree file and
default enable it as it is the source for the ARM generic timer
of the ARM cortexA35.

dts: stm32: add STGEN node in stm32mp251.dtsi

Add the STGEN node in the stm32mp251.dtsi SoC device tree file and
default enable it as it is the source for the ARM generic timer
of the ARM cortexA35.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: counter: stm32_stgen: add STGEN driver

STGEN is the platform timer. It generates a time-count value that provides
a consistent view of time for multiple processors and other blocks in a
dev

drivers: counter: stm32_stgen: add STGEN driver

STGEN is the platform timer. It generates a time-count value that provides
a consistent view of time for multiple processors and other blocks in a
device. It is physically linked to the ARM generic timer.

Add the STGEN driver that is in charge of configuring the ARM generic
timer source and send an SMC to the BL31 monitor to update the CP15
register. This driver is only compatible for 64bits platforms.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

clk: stm32mp25: configure STGEN flexgen in .enable ops

STGEN flexgen is skipped during RCC probe to prevent misalignment
between stgen_clk frequency and STGEN register. Configure the STGEN
flexgen i

clk: stm32mp25: configure STGEN flexgen in .enable ops

STGEN flexgen is skipped during RCC probe to prevent misalignment
between stgen_clk frequency and STGEN register. Configure the STGEN
flexgen in the .enable ops so that it is configured after the STGEN
itself is configured and started.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...