drivers: stm32_tamp: configure the backup registers when driver is probing

Update the driver to be able to configure the backup registers when
the driver is probing and remove call to stm32_tamp_set

drivers: stm32_tamp: configure the backup registers when driver is probing

Update the driver to be able to configure the backup registers when
the driver is probing and remove call to stm32_tamp_set_secure_bkpregs()
in plat-stm32mp1 main.c.

Remove old implementation of stm32_bkpregs_conf structure and rename
stm32_bkpregs_conf_new to stm32_bkpregs_conf.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: stm32: add TAMP RIF configuration for stm32mp257f-ev1 board

Add a TAMP RIF configuration for stm32mp257f-ev1 board to configure
backup registers and TAMP resources.

Signed-off-by: Gatien Cheva

dts: stm32: add TAMP RIF configuration for stm32mp257f-ev1 board

Add a TAMP RIF configuration for stm32mp257f-ev1 board to configure
backup registers and TAMP resources.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: stm32: add TAMP peripheral node in stm32mp251.dtsi

Add TAMP peripheral node in stm32mp251.dtsi. The TAMP peripheral manages
monotonic counters, tamper events and backup registers.

Signed-off-b

dts: stm32: add TAMP peripheral node in stm32mp251.dtsi

Add TAMP peripheral node in stm32mp251.dtsi. The TAMP peripheral manages
monotonic counters, tamper events and backup registers.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_tamp: add stm32mp25 support for RIF configuration

Add support for the RIF configuration of the TAMP peripheral. It covers
the TAMP resources such as monotonic counters but also backup

drivers: stm32_tamp: add stm32mp25 support for RIF configuration

Add support for the RIF configuration of the TAMP peripheral. It covers
the TAMP resources such as monotonic counters but also backup registers
regions and sub-regions.

Create a stm32_tamp_platdata structure to hold platform data.

Add temporary stm32_bkpregs_conf_new structure that will be used by the
new implementation and renamed to stm32_bkpregs_conf when the old one
disappear.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: stm32: add st,backup-zones property in TAMP node in stm32mp151.dtsi

Add st,backup-zones property in TAMP node in stm32mp151.dtsi.
It defines the topology of the backup registers zones. The numb

dts: stm32: add st,backup-zones property in TAMP node in stm32mp151.dtsi

Add st,backup-zones property in TAMP node in stm32mp151.dtsi.
It defines the topology of the backup registers zones. The number of zones
on stm32mp13x platforms is 3.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: stm32: add st,backup-zones property in TAMP node in stm32mp131.dtsi

Add st,backup-zones property in TAMP node in stm32mp131.dtsi.
It defines the topology of the backup registers zones. The numb

dts: stm32: add st,backup-zones property in TAMP node in stm32mp131.dtsi

Add st,backup-zones property in TAMP node in stm32mp131.dtsi.
It defines the topology of the backup registers zones. The number of zones
on stm32mp13x platforms is 3.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: mm: check return value from tee_mm_init()

Check return value from tee_mm_init() function.

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Reviewed-by: Etienne Carriere <etienne.carrier

core: mm: check return value from tee_mm_init()

Check return value from tee_mm_init() function.

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Fixes: c596d8359eb3 ("core: add phys_mem allocation functions")

show more ...

drivers: caam: enable/disable prediction resistance based on CONFIG flag

With prediction resistance enabled, on every random number request
CAAM is forced to do reseeding of DRBG, which is time taki

drivers: caam: enable/disable prediction resistance based on CONFIG flag

With prediction resistance enabled, on every random number request
CAAM is forced to do reseeding of DRBG, which is time taking process
which leads to lower Random number generation performance.
So to give user the flexibility to enable/disable this feature a flag
CFG_CAAM_RNG_RUNTIME_PR is introduced.
By default it will be disabled and user can enable it as per its
requirement.

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

driver: caam: disable RNG buffering

Previous design of keeping RNG data in a buffer and giving random number
to user from that buffer is vulnerable to attacks and also not NIST/FIPS
compliant.
So to

driver: caam: disable RNG buffering

Previous design of keeping RNG data in a buffer and giving random number
to user from that buffer is vulnerable to attacks and also not NIST/FIPS
compliant.
So to make it more secure and NIST/FIPS compliant, will get random
number from CAAM on each user request.

Reference: Section 2.7 of NIST SP 800-90C

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

pta: veraison_attestation: integrate Veraison remote attestation PTA

Copy remote attestation PTA functionality from the repository:
https://github.com/iisec-suzaki/optee-ra (commit: 80ca8ef), and ma

pta: veraison_attestation: integrate Veraison remote attestation PTA

Copy remote attestation PTA functionality from the repository:
https://github.com/iisec-suzaki/optee-ra (commit: 80ca8ef), and make
the following adjustments for integration:

- Add build configuration for remote attestation PTA by introducing
the CFG_VERAISON_ATTESTATION_PTA option to align with the new naming
convention.
- Replace the custom base64 implementation with the base64 library
added in PR OP-TEE#7007.
- Update QCBOR integration by removing custom QCBOR files and using
the standard library, adjusting paths as necessary.
- Apply region validation improvements introduced in PR OP-TEE#6195.
- Update API calls in sign.c to align with libmbedtls changes from
PR OP-TEE#6151.
- Calculate the required buffer size at runtime to minimize memory
allocation.
- Refactor code to improve readability and maintainability.
- Add SPDX license identifier (BSD-2-Clause) and copyright notice.

Signed-off-by: Yuichi Sugiyama <yuichis@ricsec.co.jp>
Reviewed-by: Thomas Fossati <thomas.fossati@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: lib: qcbor: add build configuration for QCBOR library

Add the necessary build configuration for integrating the QCBOR
library. Update to core.mk ensure that the library is included
when CFG_QC

core: lib: qcbor: add build configuration for QCBOR library

Add the necessary build configuration for integrating the QCBOR
library. Update to core.mk ensure that the library is included
when CFG_QCBOR is enabled. A sub.mk file is also added to define
the source files and global include directories for QCBOR.

Signed-off-by: Yuichi Sugiyama <yuichis@ricsec.co.jp>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: lib: qcbor: add SPDX license identifiers to QCBOR files

Add SPDX license identifiers to QCBOR files as per
BSD-3-Clause licensing requirements, ensuring clear license
information across both h

core: lib: qcbor: add SPDX license identifiers to QCBOR files

Add SPDX license identifiers to QCBOR files as per
BSD-3-Clause licensing requirements, ensuring clear license
information across both header and source files.

Signed-off-by: Yuichi Sugiyama <yuichis@ricsec.co.jp>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: import QCBOR library

Import QCBOR v1.4.1 from https://github.com/laurencelundblade/QCBOR
Commit 4487f10e1bf258434fb8a39e4f59c29e31910ad0 (tag v1.4.1)

Certain files will never be needed and ar

core: import QCBOR library

Import QCBOR v1.4.1 from https://github.com/laurencelundblade/QCBOR
Commit 4487f10e1bf258434fb8a39e4f59c29e31910ad0 (tag v1.4.1)

Certain files will never be needed and are thus removed (reducing number
of lines to almost 60%):
rm -f CMakeLists.txt Makefile SECURITY.md
rm -f .gitignore
rm -f cmd_line_main.c example.c example.h ub-example.c ub-example.h
rm -rf QCBOR.xcodeproj doc doxygen test
rm -rf .git .github

Signed-off-by: Yuichi Sugiyama <yuichis@ricsec.co.jp>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: regulator: change tree trace level

Change regulator trace level of print tree so that
it can bee seen when it is requested by
xtest --stats --regulators.

Signed-off-by: Pascal Paillet <p.p

drivers: regulator: change tree trace level

Change regulator trace level of print tree so that
it can bee seen when it is requested by
xtest --stats --regulators.

Signed-off-by: Pascal Paillet <p.paillet@foss.st.com>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: clk: change tree trace level

Change clock trace level of print tree so that
it can bee seen when it is requested by
xtest --stats --clocks.

Signed-off-by: Pascal Paillet <p.paillet@foss.st

drivers: clk: change tree trace level

Change clock trace level of print tree so that
it can bee seen when it is requested by
xtest --stats --clocks.

Signed-off-by: Pascal Paillet <p.paillet@foss.st.com>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: stm32: fix stm32mp257f-ev1 clock tree configuration

Fix some mux and flexgen configurations for the stm32mp257f-ev1 board.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Revi

dts: stm32: fix stm32mp257f-ev1 clock tree configuration

Fix some mux and flexgen configurations for the stm32mp257f-ev1 board.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Fixes: 9223d8a0fc1d ("dts: st: add RCC support on stm32mp257f-ev1")

show more ...

dts: stm32: support some RIF-aware peripherals

Update the RIF configuration of the stm32mp257f-ev1 board so to support
the configuration of HPDMA1/2/3, IPCC1/2 and HSEM peripherals.
While there, upd

dts: stm32: support some RIF-aware peripherals

Update the RIF configuration of the stm32mp257f-ev1 board so to support
the configuration of HPDMA1/2/3, IPCC1/2 and HSEM peripherals.
While there, update other parts of the RIF configuration.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: stm32: update some RIF-aware peripherals nodes in stm32mp251

Add clock, interrupt and reset properties for HPDMA1/2/3, IPCC1/2,
FMC and HSEM.

Signed-off-by: Gatien Chevallier <gatien.chevallie

dts: stm32: update some RIF-aware peripherals nodes in stm32mp251

Add clock, interrupt and reset properties for HPDMA1/2/3, IPCC1/2,
FMC and HSEM.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_gpio: update and fix RIF configuration handling

The conditions to acquire or release RIF semaphores when applying
the CID filtering configuration were incorrect. Add
handle_available_

drivers: stm32_gpio: update and fix RIF configuration handling

The conditions to acquire or release RIF semaphores when applying
the CID filtering configuration were incorrect. Add
handle_available_semaphores() to handle correctly the RIF semaphores.
Also remove FMC_NB_MAX_CID_SUPPORTED and use generic MAX_CID_SUPPORTED.

Also add a dummy apply_rif_config() when CFG_STM32_RIF is not defined.

Fix unfreed banks when they are removed from the bank list.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Fixes: bd03c8c3d70f ("drivers: stm32_gpio: add stm32mp25x support")

show more ...

drivers: stm32_hsem: fix HSEM group CID filtering configuration

Move the check on HSEM group CID filtering configuration consistency
before the continuing if the CID filtering is disabled for the fi

drivers: stm32_hsem: fix HSEM group CID filtering configuration

Move the check on HSEM group CID filtering configuration consistency
before the continuing if the CID filtering is disabled for the first
semaphore of the group.

The HSEM group CID filtering was also broken as it didn't allow more
than one CID to access a semaphore group. Fix this by using the semaphore
bit-field in the RIFPROT macro to determine what are the processors that
should be authorized to take the semaphores.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Fixes: ec9aa1a4114f ("drivers: add RIF support driver for HSEM")

show more ...

drivers: stm32_hsem: fix unfreed memory

Free hsem_d if parse_dt() fails.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com

drivers: stm32_hsem: fix unfreed memory

Free hsem_d if parse_dt() fails.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Fixes: ec9aa1a4114f ("drivers: add RIF support driver for HSEM")

show more ...

drivers: stm32_ipcc: update and fix RIF configuration

Rework the RIF configuration application to apply privilege
and secure level configuration only when CID filtering permits it.
Also remove unuse

drivers: stm32_ipcc: update and fix RIF configuration

Rework the RIF configuration application to apply privilege
and secure level configuration only when CID filtering permits it.
Also remove unused IPCC_NB_MAX_CID_SUPPORTED and put the tdcid state
in the ipcc_pdata to simplify the driver.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Fixes: e26b8e0f3e4c ("drivers: add IPCC driver and its RIF support")

show more ...

drivers: stm32_ipcc: do not make RIF configuration mandatory

It should not be mandatory to apply a RIF configuration for an IPCC.
Remove this constraint by allocating a RIF configuration structure o

drivers: stm32_ipcc: do not make RIF configuration mandatory

It should not be mandatory to apply a RIF configuration for an IPCC.
Remove this constraint by allocating a RIF configuration structure only
when the "st,protreg" property is present in the device tree to be
able to check if it has been allocated later.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_fmc: fix check_fmc_rif_conf() and its use

Fix check_fmc_rif_conf() so that it correctly returns with success upon
controller 0 being secure. Fix the assert by inverting the logic.

Si

drivers: stm32_fmc: fix check_fmc_rif_conf() and its use

Fix check_fmc_rif_conf() so that it correctly returns with success upon
controller 0 being secure. Fix the assert by inverting the logic.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Fixes: 778a36bf91d2 ("drivers: add FMC driver with RIF support")

show more ...

drivers: stm32_fmc: use PM_HINT_IS_STATE macro in pm callbacks

Use dedicated PM_HINT_IS_STATE macro in pm callbacks to determine
the targeted pm state.

Signed-off-by: Gatien Chevallier <gatien.chev

drivers: stm32_fmc: use PM_HINT_IS_STATE macro in pm callbacks

Use dedicated PM_HINT_IS_STATE macro in pm callbacks to determine
the targeted pm state.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...