drivers: stm32_uart: remove use of stm32_pinctrl_set_secure_cfg()

Remove use of stm32_pinctrl_set_secure_cfg() to set the secure state
of the pins of a pinctrl state since this is now handled from S

drivers: stm32_uart: remove use of stm32_pinctrl_set_secure_cfg()

Remove use of stm32_pinctrl_set_secure_cfg() to set the secure state
of the pins of a pinctrl state since this is now handled from STM32
GPIO driver based on the firewall framework.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

drivers: stm32_i2c: remove use of stm32_pinctrl_set_secure_cfg()

Remove use of stm32_pinctrl_set_secure_cfg() to set the secure state
of the pins of a pinctrl state since this is now handled from ST

drivers: stm32_i2c: remove use of stm32_pinctrl_set_secure_cfg()

Remove use of stm32_pinctrl_set_secure_cfg() to set the secure state
of the pins of a pinctrl state since this is now handled from STM32
GPIO driver based on the firewall framework.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

plat-stm32mp1: shared_resources: do not manage pins secure state

Remove management of GPIO and pinctrl secure state since this is
now handled from STM32 ETZPC driver based through the firewall
frame

plat-stm32mp1: shared_resources: do not manage pins secure state

Remove management of GPIO and pinctrl secure state since this is
now handled from STM32 ETZPC driver based through the firewall
framework.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

drivers: stm32_gpio: check secure state of pinctrl states

Make STM32 GPIO driver to verify that any all pins of applied pinctrl
states be accessed and has the expected secure hardening configuration

drivers: stm32_gpio: check secure state of pinctrl states

Make STM32 GPIO driver to verify that any all pins of applied pinctrl
states be accessed and has the expected secure hardening configuration
when used.

Non-secure pins must have the STM32_PIN_NSEC bit set in the pin
handler argument unless what the pin is expected to be secure. The
driver returns an error when the expected secure state of a pin does
not match its effective secure state or it cannot be accessed, unless
CFG_INSECURE is enabled in which case the driver only prints an info
level trace message.

If a driver attempts to consume a pinctrl with pins that do not exist,
core panics.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

drivers: stm32_gpio: check secure state of consumed GPIOs

STM32 GPIO driver now verifies that any GPIO consumed by OP-TEE can
be accessed and has the expected secure hardening configuration.
If a dr

drivers: stm32_gpio: check secure state of consumed GPIOs

STM32 GPIO driver now verifies that any GPIO consumed by OP-TEE can
be accessed and has the expected secure hardening configuration.
If a driver attempts to consume a GPIO that cannot be accessed
by OP-TEE, core panics. When a GPIO is used with an inappropriate
secure configuration state, STM32 GPIO driver panics or prints an
info level message, depending on CFG_INSECURE.

This change is based on the recently added GPIO_STM32_NSEC bindings macro
in STM32 GPIO driver DT bindings header file that is a hint on whether
a consumed GPIO is expected secure or shared with non-secure world.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

drivers: stm32_gpio: acquire semaphore when GPIO/pinctrl are used

Release RIF semaphore taken at GPIO bank initialization and acquire
them only when the GPIO or pinctrl is used or when a firewall
co

drivers: stm32_gpio: acquire semaphore when GPIO/pinctrl are used

Release RIF semaphore taken at GPIO bank initialization and acquire
them only when the GPIO or pinctrl is used or when a firewall
configuration is requested.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

drivers: stm32_gpio: register to firewall framework

Register secure aware STM32 GPIO banks to the firewall framework
as a firewall controller to allow GPIO and pinctrl consumer devices
to load alter

drivers: stm32_gpio: register to firewall framework

Register secure aware STM32 GPIO banks to the firewall framework
as a firewall controller to allow GPIO and pinctrl consumer devices
to load alternate configurations for pins.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

drivers: stm32_gpio: factorize apply_rif_config()

Change apply_rif_config() to be able to call it for a subset of pins
in a GPIO bank.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

drivers: stm32_gpio: factorize apply_rif_config()

Change apply_rif_config() to be able to call it for a subset of pins
in a GPIO bank.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

drivers: stm32_gpio: check GPIO is not already consumed

Check that a GPIO requested by a consumer is not already consumed by
another device.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.s

drivers: stm32_gpio: check GPIO is not already consumed

Check that a GPIO requested by a consumer is not already consumed by
another device.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

dts: stm32: refine STM32MP25 secure/non-secure USART2 pinctrl states

Explicitly state that legacy pinctrl phandles usart2_pins_a
refer to non-secure USART2 pin muxing, used in STM32MP23 and
STM32MP2

dts: stm32: refine STM32MP25 secure/non-secure USART2 pinctrl states

Explicitly state that legacy pinctrl phandles usart2_pins_a
refer to non-secure USART2 pin muxing, used in STM32MP23 and
STM32MP25 based boards for OP-TEE console using a non-secure UART bus.

Define secure USART2 bus pinctrl states for board that needs
to use the USART2 bus in secure state.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

dts: stm32: refine STM32MP13 secure/non-secure USART4 pinctrl states

Explicitly state that legacy pinctrl phandles usart4_pins_a
refer to non-secure USART4 pin muxing, used in STM32MP13 based
boards

dts: stm32: refine STM32MP13 secure/non-secure USART4 pinctrl states

Explicitly state that legacy pinctrl phandles usart4_pins_a
refer to non-secure USART4 pin muxing, used in STM32MP13 based
boards for OP-TEE console using a non-secure UART bus.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

dts: stm32: refine STM32MP15 secure/non-secure I2C4 pinctrl states

Explicitly state that legacy pinctrl phandles i2c4_pins_a and
i2c4_sleep_pins_a refer to non-secure I2C4 pin muxing on STM32MP15
ba

dts: stm32: refine STM32MP15 secure/non-secure I2C4 pinctrl states

Explicitly state that legacy pinctrl phandles i2c4_pins_a and
i2c4_sleep_pins_a refer to non-secure I2C4 pin muxing on STM32MP15
based platforms.

Define secure I2C4 bus pinctrl states for boards that use the I2C4 bus
in secure state on STM32MP15 SoCs.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

dts: stm32: most stm32mp15 UARTs pinctrl are non-secure

On STM32MP15 based devices, UART2/3/4/5/6/7/8 cannot be secured.
Explicitly state that in the pinctrl nodes. This change ease the use
of a non

dts: stm32: most stm32mp15 UARTs pinctrl are non-secure

On STM32MP15 based devices, UART2/3/4/5/6/7/8 cannot be secured.
Explicitly state that in the pinctrl nodes. This change ease the use
of a non-secure UART for OP-TEE output console on STM32MP15 based boards.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

dts: stm32: define SoC GPIO banks that are firewall controllers

Add property #access-controller-cells to GPIO banks that register
to the firewall framework.

Signed-off-by: Etienne Carriere <etienne

dts: stm32: define SoC GPIO banks that are firewall controllers

Add property #access-controller-cells to GPIO banks that register
to the firewall framework.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

dt-bindings: pinctrl: stm32mp: flags for non-secure pins

Define stm32 pinctrl DT bindings bit flags for pins that are
expected to be used in non-secure state.

Signed-off-by: Etienne Carriere <etien

dt-bindings: pinctrl: stm32mp: flags for non-secure pins

Define stm32 pinctrl DT bindings bit flags for pins that are
expected to be used in non-secure state.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

dt-bindings: gpio: stm32mp: flags for non-secure GPIOs

Define STM32 GPIO DT bindings bit flags for GPIOs that are to be used
in non-secure state.

Signed-off-by: Etienne Carriere <etienne.carriere@f

dt-bindings: gpio: stm32mp: flags for non-secure GPIOs

Define STM32 GPIO DT bindings bit flags for GPIOs that are to be used
in non-secure state.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

plat-rockchip: add support for Rockchip rk3588

Enables support for NanoPC-T6
Based on support for ROCK 4

Signed-off-by: Ed Tubbs <ectubbs@gmail.com>
Acked-by: Jerome Forissier <jerome.forissier@lin

plat-rockchip: add support for Rockchip rk3588

Enables support for NanoPC-T6
Based on support for ROCK 4

Signed-off-by: Ed Tubbs <ectubbs@gmail.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Heiko Stuebner <heiko.stuebner@cherry.de> (BSD-3)
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: stm32: add RCC RIF configuration for the stm32mp257f-ev1 board

Add the RIF configuration for the stm32mp257f-ev1 board. Some clocks
are in semaphore mode with only CID1 authorized. This is a tr

dts: stm32: add RCC RIF configuration for the stm32mp257f-ev1 board

Add the RIF configuration for the stm32mp257f-ev1 board. Some clocks
are in semaphore mode with only CID1 authorized. This is a trick to
benefit from a hardware synchronization in low-power sequences.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

clk: stm32mp25: add support for RIF configuration application

This driver now implements RIF configuration for RCC, which is a RIF
aware IP. It means that the RCC driver is in charge of configuring

clk: stm32mp25: add support for RIF configuration application

This driver now implements RIF configuration for RCC, which is a RIF
aware IP. It means that the RCC driver is in charge of configuring its
own RIF restrictions and that the RCC has dedicated RIF configuration
registers.

To avoid issues when manipulating clocks during OP-TEE boot or low-power
sequences, apply the RIF configuration for RCC resources at
driver_init_late level.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: riscv: Improve macros for set/clear bits CSR operations

Rename `set_csr` to `read_set_csr` and `clear_csr` to `read_clear_csr`
because they perform atomic reads and set/clear bits in the CSR.

core: riscv: Improve macros for set/clear bits CSR operations

Rename `set_csr` to `read_set_csr` and `clear_csr` to `read_clear_csr`
because they perform atomic reads and set/clear bits in the CSR. These
two macros will return the previous value of the CSR.

Introduce new macros `set_csr` and `clear_csr`: `set_csr` uses the
RISC-V `csrs` assembler pseudoinstruction to set bits in the CSR when
the old value is not needed, while `clear_csr` uses the `csrc`
pseudoinstruction to clear bits in the CSR, also discarding the old
value.

Signed-off-by: Huang Borong <huangborong@bosc.ac.cn>
Reviewed-by: Alvin Chang <alvinga@andestech.com>

show more ...

core: ltc: Ed25519 sign correctly returns TEE_ERROR_SHORT_BUFFER

Returns TEE_ERROR_SHORT_BUFFER when there is not enough space to hold
signature so applications using the API can determine the requi

core: ltc: Ed25519 sign correctly returns TEE_ERROR_SHORT_BUFFER

Returns TEE_ERROR_SHORT_BUFFER when there is not enough space to hold
signature so applications using the API can determine the required
buffer size when supplying 0 sized signature buffer.

This is happening from PKCS#11 TA when client library uses 1. method
from "5.2 Conventions for functions returning output in a
variable-length buffer" defined in PKCS#11 v3.0 spec.

Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Matej Zachar <zachar.matej@gmail.com>

show more ...

plat-imx: Add phyBOARD-Pollux support

phyBOARD-Pollux i.MX 8M Plus is an SBC based on the i.MX 8M Plus SoC.
Add the board to the mx8mp-flavorlist and set board specific configs.

Signed-off-by: Yann

plat-imx: Add phyBOARD-Pollux support

phyBOARD-Pollux i.MX 8M Plus is an SBC based on the i.MX 8M Plus SoC.
Add the board to the mx8mp-flavorlist and set board specific configs.

Signed-off-by: Yannic Moog <y.moog@phytec.de>
Acked-by: Sahil Malhotra <sahil.malhotra@nxp.com>

show more ...

plat-versal2: add support for AMD Versal Gen 2

Add support for AMD Versal Gen 2 platform.
AMD Versal Gen 2 is a new SoC based on ARM A78AE with GICv3 and UART
over pl011.

Signed-off-by: Akshay Bels

plat-versal2: add support for AMD Versal Gen 2

Add support for AMD Versal Gen 2 platform.
AMD Versal Gen 2 is a new SoC based on ARM A78AE with GICv3 and UART
over pl011.

Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>
Signed-off-by: Amey Avinash Raghatate <ameyavinash.raghatate@amd.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: caam: sm: fix SM partition permission in SMAG registers

SM partition SMAG1 permissions were wrongly set for generating DEK blob
which results in error while decapsulating DEK blob during HA

drivers: caam: sm: fix SM partition permission in SMAG registers

SM partition SMAG1 permissions were wrongly set for generating DEK blob
which results in error while decapsulating DEK blob during HAB
encrypted boot.
Setting the permissions correctly fix this issue.

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Fixes: 2a12ae237796 ("drivers: caam: add CAAM secure memory driver")

show more ...

plat-stm32mp2: default enable TAMP peripheral support

Default enable TAMP peripheral support for stm32mp2x platforms.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: E

plat-stm32mp2: default enable TAMP peripheral support

Default enable TAMP peripheral support for stm32mp2x platforms.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...