drivers: gic: allow detection type configuration

Allow consumers to configure SPI interrupts when the provided type
is not IRQ_TYPE_NONE. The allowed value are then IRQ_TYPE_EDGE_RISING
and IRQ_TYPE

drivers: gic: allow detection type configuration

Allow consumers to configure SPI interrupts when the provided type
is not IRQ_TYPE_NONE. The allowed value are then IRQ_TYPE_EDGE_RISING
and IRQ_TYPE_LEVEL_HIGH, as per Arm GIC specification.

This change fixes an issue when using interrupt_dt_get_by_index()
or interrupt_dt_get_by_name() since these API functions tell the
interrupt is configured from DT phandle arguments whereas GIC driver
did not consider the interrupt detection type even if set in the
consumer DT node property.

Fixes: 14885eb1688b ("drivers: gic: register to dt_driver")
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: interrupt: fix property count in dt_get_irq_type_prio()

Fix the number of properties passed by dt_get_irq_type_prio()
to dt_get_irq handler of the interrupt main chip. The fixed issue
was not

core: interrupt: fix property count in dt_get_irq_type_prio()

Fix the number of properties passed by dt_get_irq_type_prio()
to dt_get_irq handler of the interrupt main chip. The fixed issue
was not seen since existing registered dt_get_irq handlers (atmel_wdt.c,
gic.c and plic.c) do not really care when this count value is too high.

Fixes: 702fe5a74327 ("core: kernel: interrupt: add type and prio for interrupts")
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: stm32: add RISAL configuration on the stm32mp257f-ev1 board

Configure the RISALs on the stm32mp257f-ev1 board so that the LPSRAM1/2/3
are accessible by both the ARM Cortex A-35 and ARM Cortex M

dts: stm32: add RISAL configuration on the stm32mp257f-ev1 board

Configure the RISALs on the stm32mp257f-ev1 board so that the LPSRAM1/2/3
are accessible by both the ARM Cortex A-35 and ARM Cortex M0+.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_rifsc: add RISAL support for stm32mp25x platforms

Add RISAL driver support.

RISAL is a sub-feature of the RISFC which is responsible for the
isolation of hardware resources like memo

drivers: stm32_rifsc: add RISAL support for stm32mp25x platforms

Add RISAL driver support.

RISAL is a sub-feature of the RISFC which is responsible for the
isolation of hardware resources like memory or peripherals. RISALs are
simplified version of the RISAFs firewall controllers and cover the
LPSRAM1/2/3 embedded memories.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Gwenael Treuveur <gwenael.treuveur@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dt-bindings: add RISAL bindings in the RIFSC file

Add the RISAL bindings in the RIFSC file as the RISAL is a sub-feature
of the RIFSC.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.co

dt-bindings: add RISAL bindings in the RIFSC file

Add the RISAL bindings in the RIFSC file as the RISAL is a sub-feature
of the RIFSC.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_risaf: upgrade RISAF as a firewall controller

Register RISAF instances as firewall controllers with ops:
-acquire_memory_access() that checks if OP-TEE can access a region
specified i

drivers: stm32_risaf: upgrade RISAF as a firewall controller

Register RISAF instances as firewall controllers with ops:
-acquire_memory_access() that checks if OP-TEE can access a region
specified in a firewall query.
-set_conf() that allows the reconfiguration of a region.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: stm32: declare RISAF instances as access controllers

Declare RISAFs as access controllers so that it's possible to check
firewall access rights on address ranges, and reconfigure dynamically
RI

dts: stm32: declare RISAF instances as access controllers

Declare RISAFs as access controllers so that it's possible to check
firewall access rights on address ranges, and reconfigure dynamically
RISAF regions.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: dra7_rng: Change dra7_rng_init to service_init_crypto

Since commit 11d8578d93f0 ("core: arm: call call_driver_initcalls()
late"), driver_init is deferred and thread_update_canaries tries to

drivers: dra7_rng: Change dra7_rng_init to service_init_crypto

Since commit 11d8578d93f0 ("core: arm: call call_driver_initcalls()
late"), driver_init is deferred and thread_update_canaries tries to get
random_stack_canaries which requires the TRNG driver to be setup. Since
it was being setup as part of driver_init, it lead to crash on DRA7
platforms.

Change driver_init to service_init_crypto which is meant to be used for
initialization of crypto operations.

While here, add an assert that checks for DRA7 TRNG being used before
initialization is complete.

Signed-off-by: Andrew Davis <afd@ti.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: dt: cached data for fdt_get_reg_props_by_index()

Factorize fdt_get_reg_props_by_index() and fdt_reg_info() to
add DT cache info support to the former.

Signed-off-by: Etienne Carriere <etienne

core: dt: cached data for fdt_get_reg_props_by_index()

Factorize fdt_get_reg_props_by_index() and fdt_reg_info() to
add DT cache info support to the former.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: pta: add more self tests for virt_to_phys()

Add positive and negative virt_to_phys() and phys_to_virt() tests
in the self test PTA.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
R

core: pta: add more self tests for virt_to_phys()

Add positive and negative virt_to_phys() and phys_to_virt() tests
in the self test PTA.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: pta: add self tests for virt_to_phys()

Add virt_to_phys() and phys_to_virt() tests in the self test PTA. The
tests are performed on the recently added VCORE_FREE memory range.

Signed-off-by:

core: pta: add self tests for virt_to_phys()

Add virt_to_phys() and phys_to_virt() tests in the self test PTA. The
tests are performed on the recently added VCORE_FREE memory range.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: fix partially unmapped MEM_AREA_TEE_RAM_RW

The commit 06a258064a92 ("core: mm: allow unmapping VCORE_FREE") allows
unmapping pages from the VCORE_FREE virtual memory range, but no
bookkeeping

core: fix partially unmapped MEM_AREA_TEE_RAM_RW

The commit 06a258064a92 ("core: mm: allow unmapping VCORE_FREE") allows
unmapping pages from the VCORE_FREE virtual memory range, but no
bookkeeping is added apart from what's recorded in the translation
tables. Later, the commit 7c9b85432343 ("core: allow partially unmapped
MEM_AREA_TEE_RAM_RW") does lookups the translation tables using
arch_va2pa_helper() to find out if pages in the VCORE_FREE virtual
memory range are mapped. This works well on arm, but not on riscv which
must traverse the translation tables in software and then is caught in
an infinite recursive loop.

Fix this problem by updating the memory regions in the struct memory_map
(splitting, shrinking, and removing) as needed.

Reported-by: Huang Borong <huangborong@bosc.ac.cn>
Closes: https://github.com/OP-TEE/optee_os/issues/7237
Fixes: 06a258064a92 ("core: mm: allow unmapping VCORE_FREE")
Fixes: 7c9b85432343 ("core: allow partially unmapped MEM_AREA_TEE_RAM_RW")
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_stgen: fix type in debug trace

Fix the type in a debug trace in stm32_stgen_pm_resume() to fix a
compilation warning.

Fixes: b0b019b81314 ("drivers: counter: stm32_stgen: add STGEN d

drivers: stm32_stgen: fix type in debug trace

Fix the type in a debug trace in stm32_stgen_pm_resume() to fix a
compilation warning.

Fixes: b0b019b81314 ("drivers: counter: stm32_stgen: add STGEN driver")
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: stm32: add SAES dependency on RNG firewall configuration for stm32mp13

SAES is connected to RNG by an internal RNG bus to be DPA resistant.
We must ensure that RNG is allocated to the secure wo

dts: stm32: add SAES dependency on RNG firewall configuration for stm32mp13

SAES is connected to RNG by an internal RNG bus to be DPA resistant.
We must ensure that RNG is allocated to the secure world to prevent
the non secure to shut down the RNG peripheral.
Therefore add RNG to the access-controllers of SAES node in stm32mp13
SoC DTSI files.

Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

dts: stm32: enable PKA on stm32mp135f-dk

Sets PKA peripheral status to okay.

Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com

dts: stm32: enable PKA on stm32mp135f-dk

Sets PKA peripheral status to okay.

Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

plat-stm32mp1: conf: default enable PKA

Default enable PKA compilation.
Enable the STM32_CRYPTO_DRIVERS if PKA is compiled.

Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Reviewed-by:

plat-stm32mp1: conf: default enable PKA

Default enable PKA compilation.
Enable the STM32_CRYPTO_DRIVERS if PKA is compiled.

Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

crypto: stm32: use PKA IP for ECC algorithm

Add PKA IP drivers, and add hooks in OP-TEE crypto framework to use
PKA IP to do ECC process.

Truncate hash during ECDSA signature according to the NIST

crypto: stm32: use PKA IP for ECC algorithm

Add PKA IP drivers, and add hooks in OP-TEE crypto framework to use
PKA IP to do ECC process.

Truncate hash during ECDSA signature according to the NIST
recommendation:
https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf

Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Co-developed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

dts: stm32: add PKA dependency on RNG clock for stm32mp13

Adds missing RNG clock resource in PKA nodes in stm32mp13 SoC DTSI
files.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Si

dts: stm32: add PKA dependency on RNG clock for stm32mp13

Adds missing RNG clock resource in PKA nodes in stm32mp13 SoC DTSI
files.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

dts: stm32: fix compatible name of PKA peripheral

Use st,stm32mp13-pka instead of st,stm32mp13-pka64 to be aligned with
all other STMicroelectronics compatibles.

Signed-off-by: Thomas Bourgoin <tho

dts: stm32: fix compatible name of PKA peripheral

Use st,stm32mp13-pka instead of st,stm32mp13-pka64 to be aligned with
all other STMicroelectronics compatibles.

Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

ltc: ctr: fix counter increment when LTC_FAST is defined

In CTR mode the counter needs to be incremented upon completion of each
block. Unfortunately, if there is no crypto acceleration
(accel_ctr_e

ltc: ctr: fix counter increment when LTC_FAST is defined

In CTR mode the counter needs to be incremented upon completion of each
block. Unfortunately, if there is no crypto acceleration
(accel_ctr_encrypt == NULL) and if LTC_FAST is defined, this does not
happen. Add the missing call to fix the issue.

Reported-by: Jork Loeser <jork.loeser@microsoft.com>
Closes: https://lists.trustedfirmware.org/archives/list/op-tee@lists.trustedfirmware.org/thread/J4MMZPCM2MNKC2KWAXZUMTVEJP56U6OI/
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: fix potential crash when setting transfer entry size

Fix a potential crash when the rounded up end-of-entry exceeds the
boundary of the old end-of-transfer-list when setting the size of
a tran

core: fix potential crash when setting transfer entry size

Fix a potential crash when the rounded up end-of-entry exceeds the
boundary of the old end-of-transfer-list when setting the size of
a transfer entry.

The crash happens when the specified entry is the last one in the
transfer list and its rounded up end 'old_ev' exceeds the
'tl_old_ev' which is not rounded up, leading to a negative value
with (tl_old_ev - old_ev).

Logically, 'tl_old_ev > old_ev' is the only case that indicates
there are subsequent entries to be moved.

Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: stm32_i2c: use compatible st,stm32mp15-i2c-non-secure

Change STM32 I2C driver to rely on the compatible DT property of the
node to store whether the bus is expected assigned to secure or
no

drivers: stm32_i2c: use compatible st,stm32mp15-i2c-non-secure

Change STM32 I2C driver to rely on the compatible DT property of the
node to store whether the bus is expected assigned to secure or
non-secure world. Using a non-secure I2C bus in OP-TEE on stm32mp1
platforms is something expected only on STM32MP15 variant for
compatibility with platform already supported in upstream Linux/U-Boot
components, as defined by st,stm32mp15-i2c-non-secure specific
compatible string ID.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

dts: stm32: stm32mp15 DH board uses non-secure I2C4 bus

Update stm32mp15 based DH boards DTS file to explicitly use non-secure
I2C4 bus as set in the ETZPC node st,decprot property.

Signed-off-by:

dts: stm32: stm32mp15 DH board uses non-secure I2C4 bus

Update stm32mp15 based DH boards DTS file to explicitly use non-secure
I2C4 bus as set in the ETZPC node st,decprot property.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: pta: stats: Explicit Public DDR stats are deprecated

Explicitly mention in Public DDR allocation stats info that these
statistics are deprecated. With this change, the information
displayed by

core: pta: stats: Explicit Public DDR stats are deprecated

Explicitly mention in Public DDR allocation stats info that these
statistics are deprecated. With this change, the information
displayed by `xtest --stats --alloc` better show why the
printed values are all 0s for this pool.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: pta: stats: Explicit when nexus heap stats is not applicable

Explicitly mention in the nexus heap statistics info when the
nexus heap is disabled. With this change, the information displayed
b

core: pta: stats: Explicit when nexus heap stats is not applicable

Explicitly mention in the nexus heap statistics info when the
nexus heap is disabled. With this change, the information displayed
by `xtest --stats --alloc` better show why the printed values are all
0s for this pool.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...