kernel: pm: add suspend type hint

When entering suspend type, the suspend level is platform dependent and
can be set to various values depending on these platform. In order to
allow platforms settin

kernel: pm: add suspend type hint

When entering suspend type, the suspend level is platform dependent and
can be set to various values depending on these platform. In order to
allow platforms setting it in a generic way when entering suspend,
reserve some bits in the suspend/resume hint to pass this information.
Driver can then used it in a platform independent way to execute
specific code depending on it.

Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: ffa: handle VM availability messages for SPs

The VM availability messages sent by the hypervisor to an SP should be
forwarded to the SP, if the SP has subscribed for these based on the SP
mani

core: ffa: handle VM availability messages for SPs

The VM availability messages sent by the hypervisor to an SP should be
forwarded to the SP, if the SP has subscribed for these based on the SP
manifest.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>

show more ...

core: ffa: read S-EL0 SP properties from manifest

So far the properties of S-EL0 SPs have been hardcoded when queried by
FFA_PARTITION_INFO_GET. This was supposed to be a temporary workaround,
so re

core: ffa: read S-EL0 SP properties from manifest

So far the properties of S-EL0 SPs have been hardcoded when queried by
FFA_PARTITION_INFO_GET. This was supposed to be a temporary workaround,
so replace this with reading the properties from the SP's manifest which
is the proper solution.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>

show more ...

core: arm: kern.ld.S: align .ARM.ex* sections

Make sure that the .ARM.exidx and .ARM.extab sections are 8 byte aligned
to work with CFG_CORE_SANITIZE_KADDRESS=y.

Signed-off-by: Jens Wiklander <jens

core: arm: kern.ld.S: align .ARM.ex* sections

Make sure that the .ARM.exidx and .ARM.extab sections are 8 byte aligned
to work with CFG_CORE_SANITIZE_KADDRESS=y.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: don't instrument asan functions

Don't instrument the functions used by CFG_CORE_SANITIZE_KADDRESS=y
since it may cause recursive calls together with
CFG_CORE_DEBUG_CHECK_STACKS=y.

Signed-off-

core: don't instrument asan functions

Don't instrument the functions used by CFG_CORE_SANITIZE_KADDRESS=y
since it may cause recursive calls together with
CFG_CORE_DEBUG_CHECK_STACKS=y.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: riscv: core_mmu_arch: fix PPN field extraction from PTE

The upper bits of page table entry may contain other fields
introduced since Priv. ISA spec. v1.11 (20211203), such as PBMT
and N bits,

core: riscv: core_mmu_arch: fix PPN field extraction from PTE

The upper bits of page table entry may contain other fields
introduced since Priv. ISA spec. v1.11 (20211203), such as PBMT
and N bits, thus PPN field should be masked out with PTE_PPN.

Signed-off-by: Yu Chien Peter Lin <peterlin@andestech.com>
Reviewed-by: Alvin Chang <alvinga@andestech.com>
Tested-by: Alvin Chang <alvinga@andestech.com>
Reviewed-by: Marouene Boubakri <marouene.boubakri@nxp.com>

show more ...

driver: crypto: hisilicon: replace free() and memzero() by free_wipe()

replace free() and memzero() by free_wipe()

Signed-off-by: Zexi Yu <yuzexi@hisilicon.com>
Acked-by: Jerome Forissier <jerome.f

driver: crypto: hisilicon: replace free() and memzero() by free_wipe()

replace free() and memzero() by free_wipe()

Signed-off-by: Zexi Yu <yuzexi@hisilicon.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

driver: crypto: hisilicon: delete msg->result which is not used

delete msg->result which is not used

Signed-off-by: Zexi Yu <yuzexi@hisilicon.com>
Acked-by: Jerome Forissier <jerome.forissier@linar

driver: crypto: hisilicon: delete msg->result which is not used

delete msg->result which is not used

Signed-off-by: Zexi Yu <yuzexi@hisilicon.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

driver: crypto: hisilicon: add ECC sign and verify

add ECC sign and verify

Signed-off-by: yuzexi <yuzexi@hisilicon.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

drivers: ele: enable support for i.MX91

Enable ELE driver support for i.MX91.

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

drivers: imx_mu: enable support for i.MX91

Enable MU driver support for i.MX91

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

core: imx: add support for i.MX91 EVK

Add the support for i.MX91 EVK

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

core: imx: add i.MX91 SoC ID

add i.MX91 SoC ID

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

core: imx: use i.MX93 register file for i.MX91

Since i.MX91 is similar to i.MX93, use i.MX93 register file
for i.MX91.

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jerome Foriss

core: imx: use i.MX93 register file for i.MX91

Since i.MX91 is similar to i.MX93, use i.MX93 register file
for i.MX91.

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

link.mk: generate version.o in link-out-dir

When source code is piped to compiler, then the
current working directory is left into debug
data. If the working directory is not the output
directory, t

link.mk: generate version.o in link-out-dir

When source code is piped to compiler, then the
current working directory is left into debug
data. If the working directory is not the output
directory, then mappings which strip absolute output
directory paths don't work.

Removes absolute build time paths from version.o
debug info.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>

show more ...

link.mk: use CFLAGS with version.o

Should be used by all compilations.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>

core: imx: add support for i.MX95 EVK

Add the support for i.MX95 EVK

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

core: imx: add i.MX95 SoC ID

add i.MX95 SoC ID

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

core: imx: add i.MX95 registers

Add i.MX95 registers

Signed-off-by: Sahil Malhotra <sahil.malhotra@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

core: kernel: Fix checking register convention r1/x1 value of transfer_list

According to recently firmware handsoff spec [1]'s
"Register usage at handoff boundary", Transfer List's signature value
w

core: kernel: Fix checking register convention r1/x1 value of transfer_list

According to recently firmware handsoff spec [1]'s
"Register usage at handoff boundary", Transfer List's signature value
was changed from 0x40_b10b (3 bytes) to 4a0f_b10b (4 bytes).

As updating of TL's signature, register value of x1/r1 should be:

In aarch32's r1 value should be
R1[23:0]: set to the TL signature (4a0f_b10b->masked value: 0f_b10b)
R1[31:24]: version of the register convention == 1
and
In aarch64's x1 value should be
X1[31:0]: set to the TL signature (4a0f_b10b)
X1[39:32]: version of the register convention == 1
X1[63:40]: MBZ
(See the [2] and [3]).

Therefore, it requires to separate mask and shift value for register
convention version field when checking each r1/x1 value.

This patch fix two problems:
1. breaking X1 value with updated specification in aarch64
- change of length of signature field.

2. previous error value set in R1 in arm32.
- length of signature should be 24, but it uses 32bit signature.

This patch is a breaking change. It works only TF-A is updated.

Link: https://github.com/FirmwareHandoff/firmware_handoff [1]
Link: https://github.com/FirmwareHandoff/firmware_handoff/issues/32 [2]
Link: https://github.com/FirmwareHandoff/firmware_handoff/commit/5aa7aa1d3a1db75213e458d392b751f0707de027 [3]
Fixes: 508e2476b232 ("core: update transfer list header and signature")
Signed-off-by: Levi Yun <yeoreum.yun@arm.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

dts: sama5d2: update NVMEM cells

According to the customer Fuse Matrix of sama5d2, the cell length
is 32 bytes.

Fixes: 6c6c4d9eb45d ("dts: sama5d2: add NVMEM die_id node")
Fixes: 8bd542fcb2ae ("dts

dts: sama5d2: update NVMEM cells

According to the customer Fuse Matrix of sama5d2, the cell length
is 32 bytes.

Fixes: 6c6c4d9eb45d ("dts: sama5d2: add NVMEM die_id node")
Fixes: 8bd542fcb2ae ("dts: sama5d2: add huk node for the NVMEM hardware unique key")
Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: nvmem: nvmem-huk: fix cell size and memory allocation issues

No longer free the HUK cell after at the end of the
"tee_otp_get_hw_unique_key" execution, because for the regression
test 4013,

drivers: nvmem: nvmem-huk: fix cell size and memory allocation issues

No longer free the HUK cell after at the end of the
"tee_otp_get_hw_unique_key" execution, because for the regression
test 4013, the "tee_otp_get_hw_unique_key" callback isn't
re-called then an invalid huk_cell pointer is used, leading the
following issue:

E/TC:0 0 Core data-abort at address 0x0 (translation fault)
E/TC:0 0 fsr 0x00000005 ttbr0 0x20087859 ttbr1 0x20080059 cidr 0x2
E/TC:0 0 cpu #0 cpsr 0x60000133
E/TC:0 0 r0 0x2007d8e8 r4 0x2007d8e8 r8 0x00102010 r12 0xfffc2a40
E/TC:0 0 r1 0x20089528 r5 0x2008954c r9 0x00000010 sp 0x20089508
E/TC:0 0 r2 0x20059164 r6 0x20060188 r10 0x00000020 lr 0x2000bcb3
E/TC:0 0 r3 0x00000000 r7 0x2008954c r11 0x20089684 pc 0x2000baa2
E/TC:0 0 TEE load address @ 0x20000000
E/TC:0 0 Call stack:
E/TC:0 0 0x2000baa2 nvmem_cell_malloc_and_read at core/drivers/nvmem/nvmem.c:62
E/TC:0 0 0x2000bcb3 tee_otp_get_hw_unique_key at core/drivers/nvmem/nvmem_huk.c:23
E/TC:0 0 0x20010e9f __huk_subkey_derive at core/kernel/huk_subkey.c:78
E/TC:0 0 0x200178c9 system_derive_ta_unique_key at core/pta/system.c:122
E/TC:0 0 0x2001382b pseudo_ta_enter_invoke_cmd at core/kernel/pseudo_ta.c:209
E/TC:0 0 0x20010d95 tee_ta_invoke_command at core/kernel/tee_ta_manager.c:765
E/TC:0 0 0x20019567 syscall_invoke_ta_command at core/tee/tee_svc.c:871
E/TC:0 0 0x20002178 scall_do_call at core/arch/arm/kernel/arch_scall_a32.S:54
E/TC:0 0 Panic 'unhandled pageable abort' at core/arch/arm/kernel/abort.c:582 <abort_handler>
E/TC:0 0 TEE load address @ 0x20000000
E/TC:0 0 Call stack:
E/TC:0 0 0x200039b1 print_kernel_stack at core/arch/arm/kernel/unwind_arm32.c:109
E/TC:0 0 0x2000ff05 __do_panic at core/kernel/panic.c:80
E/TC:0 0 0x20002f01 get_fault_type at core/arch/arm/kernel/abort.c:498
E/TC:0 0 0x2000077c thread_excp_vect at core/arch/arm/kernel/thread_a32.S:758

Moreover, the length of the HW unique key must be 16 bytes.
But the size of NVMEM cells can be larger than 16 bytes, for
example on samad5 the SFC is using 32 bytes cells. These changes
also allow the use of a NVMEM cell larger to the HW unique key
length, using the first 16 bytes of a cell.

Finally, the instance of the NVMEM cell data will be allocated once,
in the probe. Before, a new instance was allocated at each call
to tee_otp_get_hw_unique_key().

Fixes: fc7169686724 ("drivers: nvmem: add nvmem-huk driver")
Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: nvmem: nvmem-die-id: fix cell length

Obviously, the cell length wasn't set during nvmem-die-id
driver probe and the subkey length was always used.

Signed-off-by: Thomas Perrot <thomas.perr

drivers: nvmem: nvmem-die-id: fix cell length

Obviously, the cell length wasn't set during nvmem-die-id
driver probe and the subkey length was always used.

Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: nvmem: atmel_sfc: check the length before read cell

Check requested NVMEM cells length in Atmel SFC driver to
prevent issues in case the length is greater than the fuse
size.

Signed-off-by

drivers: nvmem: atmel_sfc: check the length before read cell

Check requested NVMEM cells length in Atmel SFC driver to
prevent issues in case the length is greater than the fuse
size.

Signed-off-by: Thomas Perrot <thomas.perrot@bootlin.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: riscv: Translate to PA when allocating PGT with MMU enabled

If MMU is enabled, core_mmu_pgt_alloc() returns virtual address of PGT
instead of physical address. Thus, it leads to some errors wh

core: riscv: Translate to PA when allocating PGT with MMU enabled

If MMU is enabled, core_mmu_pgt_alloc() returns virtual address of PGT
instead of physical address. Thus, it leads to some errors when we
invoke pa_to_ppn() with returned PGT which is actually the virtual
address of that PGT.

Fix it by checking whether MMU is enabled or not. If MMU is enabled, we
translate the returned PGT to its physical address.

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Reviewed-by: Yu Chien Peter Lin <peterlin@andestech.com>
Reviewed-by: Marouene Boubakri <marouene.boubakri@nxp.com>

show more ...