plat-stm32mp2: add RISAF4 base address in platform config helper

Add RISAF4 base address in platform configuration helper.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-

plat-stm32mp2: add RISAF4 base address in platform config helper

Add RISAF4 base address in platform configuration helper.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dt-bindings: add stm32mp25 RISAF bindings

Add stm32mp25 specific RISAF device tree bindings. This file contains
device tree contains helpers and RISAFPROT macro that is used to
define the RIF config

dt-bindings: add stm32mp25 RISAF bindings

Add stm32mp25 specific RISAF device tree bindings. This file contains
device tree contains helpers and RISAFPROT macro that is used to
define the RIF configuration for a RISAF region.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

clk: stm32-core: set clock number to 0 if node is not found

If fdt_clk_stm32_parse_by_name() is called for a clock node that is not
present, the fdt_getprop() may return an error value for len. In t

clk: stm32-core: set clock number to 0 if node is not found

If fdt_clk_stm32_parse_by_name() is called for a clock node that is not
present, the fdt_getprop() may return an error value for len. In this
case, set *nb to 0 instead of returning an error code.

Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Gabriel FERNANDEZ <gabriel.fernandez@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

clk: implement multi-gate management at core level

The majority of all peripherals have their bus and kernel clocks with
the same clock gating register bit. Therefore it is mandatory to handle
a cou

clk: implement multi-gate management at core level

The majority of all peripherals have their bus and kernel clocks with
the same clock gating register bit. Therefore it is mandatory to handle
a counter on the gates.

Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

clk: stm32mp1: add dsb in clock driver

Add memory barriers in RCC clock driver to ensure the system is in the
expected state when requests are proceeded by RCC. No pending register
operation before

clk: stm32mp1: add dsb in clock driver

Add memory barriers in RCC clock driver to ensure the system is in the
expected state when requests are proceeded by RCC. No pending register
operation before disabling the clocks and return to caller only when
clock is enabled, so before any accesses to the clocked devices.

As the registers are mapped as device memory (shareable, bufferable),
the order of operation is guaranteed only at outer shareable limit
and not on each device, for example when they are not on the same bus.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: stm32_gpio: add GPIO banks RIF configurations for stm32mp257f-ev1

Add initial RIF GPIO configuration for stm32mp257f-ev1 board.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

dts: stm32_gpio: add GPIO banks RIF configurations for stm32mp257f-ev1

Add initial RIF GPIO configuration for stm32mp257f-ev1 board.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: stm32: add console support on USART2 for stm32mp257f-ev1

Populate USART2 node and enable console support on USART2 on
stm32mp257f-ev1 board.

Signed-off-by: Gatien Chevallier <gatien.chevallier

dts: stm32: add console support on USART2 for stm32mp257f-ev1

Populate USART2 node and enable console support on USART2 on
stm32mp257f-ev1 board.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_gpio: save/restore consumed GPIOs in PM sequence

Save and restore during PM suspend/resume sequences the state of the
consumed GPIOs.

Consumers are expected to get their GPIOs using

drivers: stm32_gpio: save/restore consumed GPIOs in PM sequence

Save and restore during PM suspend/resume sequences the state of the
consumed GPIOs.

Consumers are expected to get their GPIOs using the DT resources hence
register a PM handle when the GPIO is requested (stm32_gpio_get_dt()) so
that the dependency order established during drivers initialization is
satisfied during PM suspend and resume sequences. PM handle is
unregistered when consumer releases the GPIO which requires the handles
to be referenced in a list so that we can find it back.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: pm: add unregister_pm_cb()

Add unregister_pm_cb() API function and its helper variants to
allow unregistering a PM callback entry. This can be needed for
example in the GPIO framework where gp

core: pm: add unregister_pm_cb()

Add unregister_pm_cb() API function and its helper variants to
allow unregistering a PM callback entry. This can be needed for
example in the GPIO framework where gpio_put() can release a GPIO
that a driver no more consumed. In case a PM callback was previously
registered for such a GPIO, consumer driver needs mean to unregister
it.

This change implies that the PM callbacks list is protected from
concurrent accesses hence add a lock for that purpose.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers: stm32_gpio: add stm32mp25x support

Add support for stm32mp25x platforms by adding RIF support to the driver.
GPIO banks are RIF-aware peripherals, meaning that they are responsible
for sett

drivers: stm32_gpio: add stm32mp25x support

Add support for stm32mp25x platforms by adding RIF support to the driver.
GPIO banks are RIF-aware peripherals, meaning that they are responsible
for setting their own RIF configuration.

While there, remove the use of set_bank_gpio_non_secure() as it is of no
use since a pin not configured as secured in the device tree will already
result being non-secure.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_rif: tag unused parameters as __unused

When CFG_STM32_RIF is not set, inclusion of this header file causes
warnings because of function parameters not being tagged as unused.
Tag them

drivers: stm32_rif: tag unused parameters as __unused

When CFG_STM32_RIF is not set, inclusion of this header file causes
warnings because of function parameters not being tagged as unused.
Tag them properly.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Fixes: 1506f47af917 ("drivers: firewall: add stm32_rif driver for common RIF features")
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: riscv: Remove thread_exit_user_mode()

Currently, the user mode abort and some system calls return to kernel
mode by thread_exit_user_mode(). Although this function creates a
shorter path to re

core: riscv: Remove thread_exit_user_mode()

Currently, the user mode abort and some system calls return to kernel
mode by thread_exit_user_mode(). Although this function creates a
shorter path to return to kernel mode, it leads to some problems because
the function does not update the core local flags. Especially when
CFG_CORE_DEBUG_CHECK_STACKS=y, some checks will fail due to wrong type
of stack recorded in the core local flags.

Fix it by removing thread_exit_user_mode(). So that the core local flags
can be correctly updated in the common trap handler.

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Reviewed-by: Yu Chien Peter Lin <peterlin@andestech.com>

show more ...

core: riscv: Use sp as base register of load instructions

Use sp as base register of load instructions can reduce code size if RVC
extension is enabled to generate 16-bit instructions. The following

core: riscv: Use sp as base register of load instructions

Use sp as base register of load instructions can reduce code size if RVC
extension is enabled to generate 16-bit instructions. The following code
shows the difference after applying this commit.

Before:
f10009da: 0d053d83 ld s11,208(a0)
f10009de: 0c853d03 ld s10,200(a0)
f10009e2: 0c053c83 ld s9,192(a0)
f10009e6: 0b853c03 ld s8,184(a0)
f10009ea: 0b053b83 ld s7,176(a0)
f10009ee: 0a853b03 ld s6,168(a0)
f10009f2: 0a053a83 ld s5,160(a0)
f10009f6: 09853a03 ld s4,152(a0)
f10009fa: 09053983 ld s3,144(a0)
f10009fe: 08853903 ld s2,136(a0)

After:
f10009a6: 6dce ld s11,208(sp)
f10009a8: 6d2e ld s10,200(sp)
f10009aa: 6c8e ld s9,192(sp)
f10009ac: 7c6a ld s8,184(sp)
f10009ae: 7bca ld s7,176(sp)
f10009b0: 7b2a ld s6,168(sp)
f10009b2: 7a8a ld s5,160(sp)
f10009b4: 6a6a ld s4,152(sp)
f10009b6: 69ca ld s3,144(sp)
f10009b8: 692a ld s2,136(sp)

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Reviewed-by: Yu Chien Peter Lin <peterlin@andestech.com>

show more ...

core: riscv: Fix misconfiguration of XSCRATCH when XRET to kernel mode

When the program wants to XRET to kernel mode, the value of XSCRATCH
must be cleared to zero.

Signed-off-by: Alvin Chang <alvi

core: riscv: Fix misconfiguration of XSCRATCH when XRET to kernel mode

When the program wants to XRET to kernel mode, the value of XSCRATCH
must be cleared to zero.

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Reviewed-by: Yu Chien Peter Lin <peterlin@andestech.com>

show more ...

core: riscv: Set exception return PC into XEPC for entering user mode

Instead of setting exception return PC into "ra" register and assign it
to XEPC, we should directly set exception return PC into

core: riscv: Set exception return PC into XEPC for entering user mode

Instead of setting exception return PC into "ra" register and assign it
to XEPC, we should directly set exception return PC into "XEPC" CSR to
improve code redability.

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Reviewed-by: Yu Chien Peter Lin <peterlin@andestech.com>

show more ...

core: plat-corstone1000: Increase TZDRAM size

Increased TZDRAM size using space.

NS_SHARED_RAM region is not used by Corstone1000 platform. It is
removed to create more space in secure RAM for BL32

core: plat-corstone1000: Increase TZDRAM size

Increased TZDRAM size using space.

NS_SHARED_RAM region is not used by Corstone1000 platform. It is
removed to create more space in secure RAM for BL32 image.
Thus, there is more space in the secure RAM that can be used by OP-TEE.

Signed-off-by: Ali Can Ozaslan <ali.oezaslan@arm.com>
Signed-off-by: Emekcan Aras <Emekcan.Aras@arm.com>
Signed-off-by: Harsimran Singh Tungal <harsimransingh.tungal@arm.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers: stm32_rng: use default PRNG init if RNG is disabled in the DT

In case RNG peripheral is not enabled in device tree, fallback to the
default RNG initialization implementation.

Signed-off-by

drivers: stm32_rng: use default PRNG init if RNG is disabled in the DT

In case RNG peripheral is not enabled in device tree, fallback to the
default RNG initialization implementation.

Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: define plat_rng_init() as a weak alias of __plat_rng_init()

Rename the function plat_rng_init() to __plat_rng_init() and define
plat_rng_init() as a weak alias of __plat_rng_init().
This allow

core: define plat_rng_init() as a weak alias of __plat_rng_init()

Rename the function plat_rng_init() to __plat_rng_init() and define
plat_rng_init() as a weak alias of __plat_rng_init().
This allow to use the default RNG initialization in the platform
plat_rng_init() function.

Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: timeout_elapsed(): fix expiration threshold

Fix timeout threshold that should return once the time expires,
not 1 tick after it has expired. This change makes udelay(0) to
immediately return a

core: timeout_elapsed(): fix expiration threshold

Fix timeout threshold that should return once the time expires,
not 1 tick after it has expired. This change makes udelay(0) to
immediately return and not wait a generic timer counter increment.

This change fixes an issue where a driver stops the counter feeding
Arm generic timer counter and indirectly calls IO_READ32_POLL_TIMEOUT()
with a delay of 0us. It that case, since counter never increments, the
udelay(0) call in IO_READ32_POLL_TIMEOUT() never returns while we expect
the macro to endlessly poll (as timeout would never be detected) until
poll condition is met or system watchdog is triggered.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

riscv: plat-virt: allow enabling CFG_TEE_CORE_DEBUG for virt machine

Allow enabling CFG_TEE_CORE_DEBUG to make assertions useful.

Signed-off-by: Yu Chien Peter Lin <peterlin@andestech.com>
Reviewed

riscv: plat-virt: allow enabling CFG_TEE_CORE_DEBUG for virt machine

Allow enabling CFG_TEE_CORE_DEBUG to make assertions useful.

Signed-off-by: Yu Chien Peter Lin <peterlin@andestech.com>
Reviewed-by: Alvin Chang <alvinga@andestech.com>
Tested-by: Alvin Chang <alvinga@andestech.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: mm: core_mmu: don't use check_va_matches_pa() on RISC-V

The arch_va2pa_helper() in the RISC-V implements a software page table
walker. It requires phys_to_virt() to convert the physical page o

core: mm: core_mmu: don't use check_va_matches_pa() on RISC-V

The arch_va2pa_helper() in the RISC-V implements a software page table
walker. It requires phys_to_virt() to convert the physical page on the
PTE to the virtual address of the next level page table. The process
can lead to a stack overflow caused by indirect recursion as below:

phys_to_virt() <--------------------------------.
-> check_va_matches_pa() |
-> virt_to_phys() |
-> arch_va2pa_helper() |
-> core_mmu_xlat_table_entry_pa2va()-'

As arch_va2pa_helper() can return true if va matches pa, we
don't use and check_va_matches_pa() when CFG_TEE_CORE_DEBUG
is enabled.

Signed-off-by: Yu Chien Peter Lin <peterlin@andestech.com>
Reviewed-by: Alvin Chang <alvinga@andestech.com>
Tested-by: Alvin Chang <alvinga@andestech.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: mm: core_mmu: add core_mmu_user_va_range_is_defined() for RISC-V

The function hasn't been implemented for RISC-V, so move the
core_mmu_user_va_range_is_defined() definition to generic
core_mmu

core: mm: core_mmu: add core_mmu_user_va_range_is_defined() for RISC-V

The function hasn't been implemented for RISC-V, so move the
core_mmu_user_va_range_is_defined() definition to generic
core_mmu.h and function implementations to arch-specific files.

Also, update the assertions where checks if user va range is defined.

Signed-off-by: Yu Chien Peter Lin <peterlin@andestech.com>
Reviewed-by: Alvin Chang <alvinga@andestech.com>
Tested-by: Alvin Chang <alvinga@andestech.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: riscv: core_mmu_arch: fix compile error for bit_test()

Fix the compile error in the bit_test() macro, which mistakenly
uses the address of g_asid as the parameter.

Signed-off-by: Yu Chien Pet

core: riscv: core_mmu_arch: fix compile error for bit_test()

Fix the compile error in the bit_test() macro, which mistakenly
uses the address of g_asid as the parameter.

Signed-off-by: Yu Chien Peter Lin <peterlin@andestech.com>
Reviewed-by: Alvin Chang <alvinga@andestech.com>
Tested-by: Alvin Chang <alvinga@andestech.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: riscv: mm: fix arch_va2pa_helper() on superpage translation

Any level of PTE may be a leaf PTE in RISC-V page table, if the
page is not 4KiB, the page offset should be extended to VPN fields
o

core: riscv: mm: fix arch_va2pa_helper() on superpage translation

Any level of PTE may be a leaf PTE in RISC-V page table, if the
page is not 4KiB, the page offset should be extended to VPN fields
of virtual address.

e.g. on Sv39, if there is a leaf PTE on level-1 (2MiB megapage),
it maps to physical page with (va[20:12] | va[11:0]) as the page
offset.

Sv39 Virtual address:
|<--- superpage offset --->|
38_______30_29______21|20______12_11____________0|
| VPN[2] | VPN[1] | VPN[0] | page offset |
‾‾‾‾9‾‾‾‾‾‾‾‾‾‾9‾‾‾‾‾|‾‾‾‾9‾‾‾‾‾‾‾‾‾‾‾‾12‾‾‾‾‾‾‾|
| |
Physical address: | |
| |
55___________30_29______21|20______12_11____________0|
| PPN[2] | PPN[1] | PPN[0] | page offset |
‾‾‾‾‾‾26‾‾‾‾‾‾‾‾‾‾‾9‾‾‾‾‾'‾‾‾‾9‾‾‾‾‾‾‾‾‾‾‾‾12‾‾‾‾‾‾‾'

Signed-off-by: Yu Chien Peter Lin <peterlin@andestech.com>
Reviewed-by: Alvin Chang <alvinga@andestech.com>
Tested-by: Alvin Chang <alvinga@andestech.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: add CFG_RPMB_ANNOUNCE_PROBE_CAP

Add CFG_RPMB_ANNOUNCE_PROBE_CAP to control whether RPMB probe capability
should be announced to the kernel. For the kernel driver to enable
in-kernel RPMB routi

core: add CFG_RPMB_ANNOUNCE_PROBE_CAP

Add CFG_RPMB_ANNOUNCE_PROBE_CAP to control whether RPMB probe capability
should be announced to the kernel. For the kernel driver to enable
in-kernel RPMB routing it must know in advance that OP-TEE supports it.
By masking the capability the kernel will route all RPMB commands to
tee-supplicant.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...