| 0cc468d1 | 22-Oct-2024 |
Etienne Carriere <etienne.carriere@foss.st.com> |
drivers: remoteproc: stm32mp15: check Cortex-M isolation
Set Cortex-M RCC isolation (MCKPROT) configuration when STM32MP15 remote processor secure loading is embedded in the platform.
Signed-off-by
drivers: remoteproc: stm32mp15: check Cortex-M isolation
Set Cortex-M RCC isolation (MCKPROT) configuration when STM32MP15 remote processor secure loading is embedded in the platform.
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com>
show more ...
|
| 9c22da4b | 22-Oct-2024 |
Etienne Carriere <etienne.carriere@foss.st.com> |
firewall: stm32_etzpc: check consistency of RCC vs DECPROT secure config
Ensures that when an ETZPC DECPROT configuration is secure (resp. MCU isolated) that SoC RCC is also secure (resp. MCKPROT is
firewall: stm32_etzpc: check consistency of RCC vs DECPROT secure config
Ensures that when an ETZPC DECPROT configuration is secure (resp. MCU isolated) that SoC RCC is also secure (resp. MCKPROT isolated).
This change helps to remove dependency on shared_resource.c driver that is no longer needed since integration of the firewall framework.
By the way, fix include files order.
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com>
show more ...
|
| 51203030 | 04-Oct-2024 |
Etienne Carriere <etienne.carriere@foss.st.com> |
plat-ls: use fdt_reg_info()
Use fdt_reg_info() instead of fdt_reg_base_address() and fdt_reg_size() to optimize look up in the DT due to finding parent node.
Signed-off-by: Etienne Carriere <etienn
plat-ls: use fdt_reg_info()
Use fdt_reg_info() instead of fdt_reg_base_address() and fdt_reg_size() to optimize look up in the DT due to finding parent node.
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 6a0116ed | 04-Oct-2024 |
Etienne Carriere <etienne.carriere@foss.st.com> |
drivers: use fdt_reg_info()
Use fdt_reg_info() instead of fdt_reg_base_address() and fdt_reg_size() to optimize look up in the DT due to finding parent node.
Signed-off-by: Etienne Carriere <etienn
drivers: use fdt_reg_info()
Use fdt_reg_info() instead of fdt_reg_base_address() and fdt_reg_size() to optimize look up in the DT due to finding parent node.
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 32360649 | 04-Oct-2024 |
Etienne Carriere <etienne.carriere@foss.st.com> |
core: mm: use fdt_reg_info()
Use fdt_reg_info() instead of fdt_reg_base_address() and fdt_reg_size() to optimize look up in the DT due to finding parent node.
Signed-off-by: Etienne Carriere <etien
core: mm: use fdt_reg_info()
Use fdt_reg_info() instead of fdt_reg_base_address() and fdt_reg_size() to optimize look up in the DT due to finding parent node.
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| de56c16d | 04-Oct-2024 |
Etienne Carriere <etienne.carriere@foss.st.com> |
core: kernel: dt: add and use fdt_reg_info()
Implement fdt_reg_info() instead of fdt_reg_base_address() and fdt_reg_size() to optimize look up in the DT due to finding parent node.
Signed-off-by: E
core: kernel: dt: add and use fdt_reg_info()
Implement fdt_reg_info() instead of fdt_reg_base_address() and fdt_reg_size() to optimize look up in the DT due to finding parent node.
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| 578bc4fe | 01-Oct-2024 |
Etienne Carriere <etienne.carriere@foss.st.com> |
core: dt: cache embedded DTB node information
Optimize OP-TEE boot time regarding parsing of the embedded DTB content when using libfdt. The library functions fdt_parent_offset() and fdt_node_offset
core: dt: cache embedded DTB node information
Optimize OP-TEE boot time regarding parsing of the embedded DTB content when using libfdt. The library functions fdt_parent_offset() and fdt_node_offset_by_phandle() are not very efficient since they parse the DTB from root node to target node to look up for, respectively, the node offset of a node parent and the node offset related to a node phandle. Helper functions fdt_reg_base_address() and fdt_reg_size() are also affected since they are based on fdt_parent_offset() to find the #address-cells and #size-cells properties of a node parent.
Optimize this by parsing the embedded DT once and caching node information (parent node, phandle value, parent node #address-cells and #size-cells values) in a array. Parse the array instead of the DT for find these information.
We made few tests to use bisection or hash tables for look up the information in the cache array. The gain was very small, likely due to the number of DT node involved in the platform is relatively small (only several hundreds or nodes).
This feature is enabled upon configuration switch CFG_DT_CACHED_NODE_INFO.
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
show more ...
|
| db3e6bf9 | 22-Oct-2024 |
Etienne Carriere <etienne.carriere@foss.st.com> |
plat-stm32mp1: move sanity of RCC secure state against BSEC state
Move implementation that verifies STM32MP1 device Secure Closed state (read from BSEC OTP fuses) against RCC secure hardening config
plat-stm32mp1: move sanity of RCC secure state against BSEC state
Move implementation that verifies STM32MP1 device Secure Closed state (read from BSEC OTP fuses) against RCC secure hardening configuration. It is moved from shared_resource.c platform driver to platform main.c. This change prepares the removal of shared_resource.c driver that is no longer needed since integration of the firewall framework.
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
show more ...
|
| 9b2c7a62 | 28-Oct-2024 |
Rouven Czerwinski <r.czerwinski@pengutronix.de> |
drivers: imx_csu: add settings for i.MX6
Add the CSU SA settings for i.MX6(Q/D). This setting ensures that no non-TrustZone aware master is able to read secure memory. Information on the CSU SA regi
drivers: imx_csu: add settings for i.MX6
Add the CSU SA settings for i.MX6(Q/D). This setting ensures that no non-TrustZone aware master is able to read secure memory. Information on the CSU SA register values were taken from i.MX6 Security Reference Manual rev 0.
Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de> Reviewed-by: Sahil Malhotra <sahil.malhotra@nxp.com>
show more ...
|
| 7faa85d7 | 23-Oct-2024 |
Etienne Carriere <etienne.carriere@foss.st.com> |
plat-stm32mp1: remove unused stm32mp_nsec_can_access_pmic_regu()
Remove unused platform function stm32mp_nsec_can_access_pmic_regu().
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
plat-stm32mp1: remove unused stm32mp_nsec_can_access_pmic_regu()
Remove unused platform function stm32mp_nsec_can_access_pmic_regu().
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
show more ...
|
| da41b14d | 22-Oct-2024 |
Etienne Carriere <etienne.carriere@foss.st.com> |
plat-stm32mp1: scmi_server: remove useless assertion on rstctrl
Remove useless assertion on reset controller handle value.
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by
plat-stm32mp1: scmi_server: remove useless assertion on rstctrl
Remove useless assertion on reset controller handle value.
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com>
show more ...
|
| cfd9e05e | 11-Oct-2024 |
Etienne Carriere <etienne.carriere@foss.st.com> |
plat-stm32mp1: scmi_server: permit MCU reset upon remoteproc security
Forbid SCMI accesses to MCU reset controllers when remote processor is to be managed through OP-TEE remoteproc services.
Signed
plat-stm32mp1: scmi_server: permit MCU reset upon remoteproc security
Forbid SCMI accesses to MCU reset controllers when remote processor is to be managed through OP-TEE remoteproc services.
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com>
show more ...
|
| a0304431 | 11-Oct-2024 |
Etienne Carriere <etienne.carriere@foss.st.com> |
drivers: stm32_remote_proc: add stm32_rproc_is_secure()
Add stm32_remoteproc driver API function stm32_rproc_is_secure() that return whether of not remote processor management shall be handled throu
drivers: stm32_remote_proc: add stm32_rproc_is_secure()
Add stm32_remoteproc driver API function stm32_rproc_is_secure() that return whether of not remote processor management shall be handled through OP-TEE remoteproc secure services.
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com>
show more ...
|
| 3de913f6 | 21-Oct-2024 |
Jens Wiklander <jens.wiklander@linaro.org> |
core: mm: fix mobj_tee_ram_rw initialization
Until this patch, for CFG_CORE_RWDATA_NOEXEC=n and CFG_CORE_ASLR=y there's an error in mobj_init() when the length of the combined TEE_RAM_RWX is calcula
core: mm: fix mobj_tee_ram_rw initialization
Until this patch, for CFG_CORE_RWDATA_NOEXEC=n and CFG_CORE_ASLR=y there's an error in mobj_init() when the length of the combined TEE_RAM_RWX is calculated.
The relocatable address VCORE_UNPG_RW_PA is mixed with the absolute address TEE_RAM_START. Relocated addresses only changes with CFG_CORE_ASLR=y so before ASLR this expression was correct.
The combined TEE_RAM_RWX is only used with CFG_CORE_RWDATA_NOEXEC=n so that is also a prerequisite for the error. The calculated length field is usually not more wrong than code depending on mobj_tee_ram_rw/mobj_tee_ram_rx still works. So the error wasn't visible until length checks for phys_to_virt() was introduced with the commit c2e4eb43b7b7 ("core_mmu: fix phys_to_virt() to check length").
Fix this by using VCORE_START_VA instead of TEE_RAM_START since the former is a relocated address.
Fixes: c2e4eb43b7b7 ("core_mmu: fix phys_to_virt() to check length") Fixes: 170e9084a84f ("core: add support for CFG_CORE_ASLR") Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
show more ...
|
| 35c75f35 | 08-Feb-2024 |
Andrew Davis <afd@ti.com> |
plat-k3: disable PRNG by default for all K3
All K3 devices already have PRNG disabled, remove the check and set this unconditionally.
Signed-off-by: Andrew Davis <afd@ti.com> Acked-by: Jerome Foris
plat-k3: disable PRNG by default for all K3
All K3 devices already have PRNG disabled, remove the check and set this unconditionally.
Signed-off-by: Andrew Davis <afd@ti.com> Acked-by: Jerome Forissier <jerome.forissier@linaro.org> Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
show more ...
|
| 6efa483f | 02-Jul-2024 |
Etienne Carriere <etienne.carriere@foss.st.com> |
drivers: clk: don't mix error codes in stm32mp25 driver
Don't mix error codes in stm32mp25 clock driver: some function return a TEE_Result value, some return a 0/-1 integer value.
Signed-off-by: Et
drivers: clk: don't mix error codes in stm32mp25 driver
Don't mix error codes in stm32mp25 clock driver: some function return a TEE_Result value, some return a 0/-1 integer value.
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
show more ...
|
| 2604f62d | 02-Jul-2024 |
Etienne Carriere <etienne.carriere@foss.st.com> |
drivers: clk: fix error cases in STM32MP25 clocks
Fix missing test on some function return code in stm32mp25 clock driver.
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by
drivers: clk: fix error cases in STM32MP25 clocks
Fix missing test on some function return code in stm32mp25 clock driver.
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
show more ...
|
| 98642cf4 | 02-Jul-2024 |
Etienne Carriere <etienne.carriere@foss.st.com> |
drivers: clk: restore clock on clk_stm32_flexgen_get_round_rate() failure
Disable the enabled clock in clk_stm32_flexgen_get_round_rate() when the clock failed to enable.
Signed-off-by: Etienne Car
drivers: clk: restore clock on clk_stm32_flexgen_get_round_rate() failure
Disable the enabled clock in clk_stm32_flexgen_get_round_rate() when the clock failed to enable.
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com> Reviewed-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
show more ...
|
| 78363cc5 | 02-Oct-2024 |
Gatien Chevallier <gatien.chevallier@foss.st.com> |
dts: stm32: secure optee_framebuffer memory region on stm32mp135f-dk
Add support for the TZC400 configuration for the optee_framebuffer memory region on the stm32mp135f-dk board
Signed-off-by: Gati
dts: stm32: secure optee_framebuffer memory region on stm32mp135f-dk
Add support for the TZC400 configuration for the optee_framebuffer memory region on the stm32mp135f-dk board
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
show more ...
|
| 35a04c15 | 01-Oct-2024 |
Gatien Chevallier <gatien.chevallier@foss.st.com> |
plat-stm32mp1: update the plat_tzc400 driver to support device tree
Add the usage of device tree memory regions defined to configure the TZC400 firewall controller.
Signed-off-by: Gatien Chevallier
plat-stm32mp1: update the plat_tzc400 driver to support device tree
Add the usage of device tree memory regions defined to configure the TZC400 firewall controller.
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
show more ...
|
| d7bb00f5 | 01-Oct-2024 |
Gatien Chevallier <gatien.chevallier@foss.st.com> |
dts: stm32: add TZC400 node in the stm32mp151 SoC device tree file
Add the TZC400 node in the stm32mp151 SoC device tree file and default enable it.
Signed-off-by: Gatien Chevallier <gatien.chevall
dts: stm32: add TZC400 node in the stm32mp151 SoC device tree file
Add the TZC400 node in the stm32mp151 SoC device tree file and default enable it.
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
show more ...
|
| ecbdfb72 | 01-Oct-2024 |
Gatien Chevallier <gatien.chevallier@foss.st.com> |
dt-bindings: add stm32 bindings for TZC400 platform configuration
Add stm32 specific peripheral IDs for the TZC400 configuration.
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Re
dt-bindings: add stm32 bindings for TZC400 platform configuration
Add stm32 specific peripheral IDs for the TZC400 configuration.
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
show more ...
|
| 668c0368 | 02-Oct-2024 |
Gatien Chevallier <gatien.chevallier@foss.st.com> |
dt-bindings: add support for the TZC400 configuration
For added flexibility, the TZC400 configuration could be set through the device tree. Add macros to be able to do so.
Signed-off-by: Gatien Che
dt-bindings: add support for the TZC400 configuration
For added flexibility, the TZC400 configuration could be set through the device tree. Add macros to be able to do so.
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
show more ...
|
| 7e29b821 | 05-Nov-2024 |
Sahil Malhotra <sahil.malhotra@nxp.com> |
drivers: caam: Update comments in ECC driver
There were some typos in comments in the code, updated them
Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com> |
| e64a5512 | 05-Nov-2024 |
Sahil Malhotra <sahil.malhotra@nxp.com> |
drivers: caam: Update comments in RSA driver
There were some typos in comments in the code, updated them
Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com> |