drivers: stm32_rstctrl: fix unpaged resource

Fixes missing declaration of STM32MP1 reset controller compat data
as unpaged resource since it is used by stm32mp_rcc_reset_id_to_rstctrl()
function ca

drivers: stm32_rstctrl: fix unpaged resource

Fixes missing declaration of STM32MP1 reset controller compat data
as unpaged resource since it is used by stm32mp_rcc_reset_id_to_rstctrl()
function called by fastcall service psci_system_reset() that requires
to resized in the unpaged segment on STM32MP15 variant where pager
is enabled.

Fixes: 3ef177b4f153 ("drivers: stm32_rstctrl: move stm32mp1x controller in stm32mp1_rstcrl.c")
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

core: riscv: Improve the trap handler

In current RISC-V trap handler, we always save the context into struct
thread_trap_regs first, and copy the saved context into another specific
structure to han

core: riscv: Improve the trap handler

In current RISC-V trap handler, we always save the context into struct
thread_trap_regs first, and copy the saved context into another specific
structure to handle that trap. For example, thread_user_ecall_handler()
copies the struct thread_trap_regs to be struct thread_scall_regs before
handling this system call. In fact, such copies may drop the performance
and they should be eliminated.

In this commit, the specific data structure used to save the context is
determined early in the trap handler by checking the type of the trap
from CSR XCAUSE. Thus, the copies between context structures are
eliminated.

Signed-off-by: Alvin Chang <alvinga@andestech.com>
Reviewed-by: Yu Chien Peter Lin <peterlin@andestech.com>
Reviewed-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Tested-by: Yu Chien Peter Lin <peterlin@andestech.com>
Tested-by: Marouene Boubakri <marouene.boubakri@nxp.com>

show more ...

core/scmi: export sub.mk files in SCP-firmware

In order to ease the update of makefile when C or Header files of
SCP-firmware project changes, we integrate them in the optee subdirectory
of SCP-firm

core/scmi: export sub.mk files in SCP-firmware

In order to ease the update of makefile when C or Header files of
SCP-firmware project changes, we integrate them in the optee subdirectory
of SCP-firmware.

sub-optee-fvp.mk and sub-optee-stm32mp1.mk are moved unchanged in their
product directories of SCP-repository.

scmi-server/sub.mk is split:
- macro and compilation flags stay in optee-os
- srcs and incdirs are moved in product/optee directory

All modules and products related to optee are located in the
product/optee directory in the SCP-firmware repository, adding an "optee-"
prefix in the product name is useless. Remove it.

the ci will temporary point to the sha1 of the merged MR branch of
SCP-firmware. This will be replaced with next SCP-firmware tag v2.15.0
once released.

Signed-off-by: Vincent Guittot <vincent.guittot@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

plat-stm32mp1: fix SCP-firmware config when using OP-TEE share memory

Enable the required SCP-firmware module when using OP-TEE shared memory
or a piece of SRAM for SCMI communication which defined

plat-stm32mp1: fix SCP-firmware config when using OP-TEE share memory

Enable the required SCP-firmware module when using OP-TEE shared memory
or a piece of SRAM for SCMI communication which defined by the boolean
configuration switch CFG_STM32MP1_SCMI_SHM_SYSRAM.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

libtomcrypt: fix calloc() against GCC 14 -Wcalloc-transposed-args

Fix use of XCALLOC() macro against GCC 14 directive
-Wcalloc-transposed-args that makes GCC to complain with an warning/error
trace

libtomcrypt: fix calloc() against GCC 14 -Wcalloc-transposed-args

Fix use of XCALLOC() macro against GCC 14 directive
-Wcalloc-transposed-args that makes GCC to complain with an warning/error
trace message like:

warning: 'calloc' sizes specified with 'sizeof' in the earlier argument and not in the later argument [-Wcalloc-transposed-args]

This change was proposed and merged in mainline libtomcrypt repository.

No functional change.

Link: https://github.com/libtom/libtomcrypt/pull/647
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: arm: fix calloc() against GCC 14 -Wcalloc-transposed-args

Fix calloc() calls against GCC 14 directive -Wcalloc-transposed-args that
makes GCC to complain with an warning/error trace message li

core: arm: fix calloc() against GCC 14 -Wcalloc-transposed-args

Fix calloc() calls against GCC 14 directive -Wcalloc-transposed-args that
makes GCC to complain with an warning/error trace message like:

warning: 'calloc' sizes specified with 'sizeof' in the earlier argument and not in the later argument [-Wcalloc-transposed-args]

No functional change.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: mm: core_mmu: skip unmapped regions when searching by PA

Currently, OP-TEE OS on RISC-V platforms uses the external
device-tree located at 'Domain1 Next Arg1' passed by previous
boot stages (i

core: mm: core_mmu: skip unmapped regions when searching by PA

Currently, OP-TEE OS on RISC-V platforms uses the external
device-tree located at 'Domain1 Next Arg1' passed by previous
boot stages (i.e. U-Boot SPL and OpenSBI).
For example:

Domain1 Name : trusted-domain
...
Domain1 Next Address : 0x0000000010000000 // OP-TEE OS
> Domain1 Next Arg1 : 0x000000000187f760 // device-tree
Domain1 Next Mode : S-mode

In this case, 0x0187f760 lies in SHM_VASPACE, which is not yet
mapped and not intended to load an external DT:

type TEE_RAM_RX va 0x10000000..0x10092fff pa 0x10000000..0x10092fff
type TEE_RAM_RW va 0x10093000..0x101fffff pa 0x10093000..0x101fffff
type RES_VASPACE va 0x10200000..0x10bfffff pa 0x00000000..0x009fffff
> type SHM_VASPACE va 0x10c00000..0x12bfffff pa 0x00000000..0x01ffffff
type TA_RAM va 0x12c00000..0x139fffff pa 0x10200000..0x10ffffff
type IO_SEC va 0x13a00000..0x13bfffff pa 0xf0200000..0xf03fffff

To address this issue, add a memory region attribute check to
skip such regions. In this way, when init_external_dt() calls
core_mmu_get_type_by_pa(), it can properly return MEM_AREA_MAXTYPE
(i.e. valid region not found) and map a MEM_AREA_EXT_DT region.

Note that this bug cannot be reproduced on QEMU virt machine,
as its memory regions have no overlapping with the external DT.

Signed-off-by: Yu Chien Peter Lin <peterlin@andestech.com>
Reviewed-by: Alvin Chang <alvinga@andestech.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

dt-bindings: mfd: dual licensing for st,stpmic1 bindings

Change include/dt-bindings/mfd/st,stpmic1.h license model from GPLv2.0
only to dual GPLv2.0 or BSD-2-Clause. This change clarifies that
this

dt-bindings: mfd: dual licensing for st,stpmic1 bindings

Change include/dt-bindings/mfd/st,stpmic1.h license model from GPLv2.0
only to dual GPLv2.0 or BSD-2-Clause. This change clarifies that
this DT binding header file can be shared with software components as
bootloaders and OSes that are not published under GPLv2 terms as
OP-TEE OS is.

This change has been discussed and acked in the LKML [1].

Fixes: 1183a0aa2af0 ("stm32mp1: update DTS files to Linux kernel 5.2-rc1")
Link: https://lore.kernel.org/lkml/171941721004.2530174.778562710266249921.b4-ty@kernel.org/ [1]
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: ffa: Improve FF-A memory sharing compliance

* Deny memory regions with zero pages
* Validate total page count field
* Validate total descriptor size including memory regions descriptors
* Fix

core: ffa: Improve FF-A memory sharing compliance

* Deny memory regions with zero pages
* Validate total page count field
* Validate total descriptor size including memory regions descriptors
* Fix incorrect FFA_ERROR status codes

Signed-off-by: Imre Kis <imre.kis@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: ffa: Deny unsupported memory sharing operations

Fragmented memory sharing operations and memory sharing where the
transaction descriptors are forwarded in a custom buffer are not
supported for

core: ffa: Deny unsupported memory sharing operations

Fragmented memory sharing operations and memory sharing where the
transaction descriptors are forwarded in a custom buffer are not
supported for SP destinations. Return early FFA_ERROR if these
conditions are detected.
Add CFG_NS_VIRTUALIZATION condition for virt_unset_guest calls in
thread_spmc.c as a minor refactoring step.

Signed-off-by: Imre Kis <imre.kis@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: ffa: Return transaction type flag in retrieve response

Setting 'Memory management transaction type flag' in memory transaction
descriptor when returned in FFA_MEM_RETRIEVE_RESP.

Signed-off-by

core: ffa: Return transaction type flag in retrieve response

Setting 'Memory management transaction type flag' in memory transaction
descriptor when returned in FFA_MEM_RETRIEVE_RESP.

Signed-off-by: Imre Kis <imre.kis@arm.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: st: add RCC support on stm32mp257f-ev1

Configure the clock tree for stm32mp257f-ev1 board.

Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Reviewed-by: Etienne Carriere <etien

dts: st: add RCC support on stm32mp257f-ev1

Configure the clock tree for stm32mp257f-ev1 board.

Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: st: enable RCC driver in stm32mp251

Add the RCC node to support clock on stm32mp25 platform.

Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Reviewed-by: Etienne Carriere <eti

dts: st: enable RCC driver in stm32mp251

Add the RCC node to support clock on stm32mp25 platform.

Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: rstctrl: add reset controller for STM32MP25 platforms

Implement the STM32MP25 reset controller device by embedding it
with CFG_STM32_RSTCTRL=y and CFG_STM32MP25_RSTCTRL=y.

Signed-off-by: G

drivers: rstctrl: add reset controller for STM32MP25 platforms

Implement the STM32MP25 reset controller device by embedding it
with CFG_STM32_RSTCTRL=y and CFG_STM32MP25_RSTCTRL=y.

Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_rstctrl: move stm32mp1x controller in stm32mp1_rstcrl.c

This change prepares the STM32MP25 reset controller driver.
The binding for the STM32MP25 is different from that of the
STM32MP

drivers: stm32_rstctrl: move stm32mp1x controller in stm32mp1_rstcrl.c

This change prepares the STM32MP25 reset controller driver.
The binding for the STM32MP25 is different from that of the
STM32MP1x, so we will create a stm32mp25_rstcrl.c file.
This change factorizes STM32 API functions in stm32_rstcrl.c file
for probing and passing platform data.

Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

clk: stm32mp25: Introduce STM32MP25 clocks platform

This driver is based on clk-stm32-core API to manage STM32 gates, dividers
and muxes.

Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st

clk: stm32mp25: Introduce STM32MP25 clocks platform

This driver is based on clk-stm32-core API to manage STM32 gates, dividers
and muxes.

Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dt-bindings: add the STM32MP2 clock and reset bindings

Add the associated bindings for device tree and drivers.

Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Acked-by: Etienne Ca

dt-bindings: add the STM32MP2 clock and reset bindings

Add the associated bindings for device tree and drivers.

Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp2: add rcc helper function

Add dedicate include file for RCC to add helper function.

Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Reviewed-by: Etienne Carriere <etie

plat-stm32mp2: add rcc helper function

Add dedicate include file for RCC to add helper function.

Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp2: sysconfig: add Safe Reset functionality

Add possibility to manage safely master IP reset.
This is managed in SYSCFG safe reset control register (SYSCFG_SAFERSTCR)

Signed-off-by: Gabr

plat-stm32mp2: sysconfig: add Safe Reset functionality

Add possibility to manage safely master IP reset.
This is managed in SYSCFG safe reset control register (SYSCFG_SAFERSTCR)

Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp2: add stm32mp25 sysconfig driver

Driver to manage system configuration (sysconf) registers
the sysconf are identified by an ID to be able to be adapted for DT.

Signed-off-by: Arnaud Po

plat-stm32mp2: add stm32mp25 sysconfig driver

Driver to manage system configuration (sysconf) registers
the sysconf are identified by an ID to be able to be adapted for DT.

Signed-off-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com>
Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp2: conf: enable shared io driver

Default enable shared io driver for platform stm32mp2.

Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Reviewed-by: Etienne Carriere <e

plat-stm32mp2: conf: enable shared io driver

Default enable shared io driver for platform stm32mp2.

Signed-off-by: Gabriel Fernandez <gabriel.fernandez@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: mm: add CFG_PGT_CACHE_ENTRIES

Add CFG_PGT_CACHE_ENTRIES to allow platforms to customize the page
table cache size. This is needed for example when a platform is to
support very large TAs of se

core: mm: add CFG_PGT_CACHE_ENTRIES

Add CFG_PGT_CACHE_ENTRIES to allow platforms to customize the page
table cache size. This is needed for example when a platform is to
support very large TAs of several dozen of Mbytes of private memory
(code/data).

Move PGT_CACHE_SIZE macro definition from pgt_cache.h to pgt_cache.c
since it is used only in that source file.

By the way, fix pgt_cache.h layout to have header files includes first
followed by macro definitions.

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

Squashed commit upgrading to mbedtls-3.6.0

Squash merging branch import/mbedtls-3.6.0

0fc9291f4 ("libmbedtls: bignum: restore mbedtls_mpi_exp_mod() from v3.5.2")
0ef87b1e6 ("libmbedtls: reset minim

Squashed commit upgrading to mbedtls-3.6.0

Squash merging branch import/mbedtls-3.6.0

0fc9291f4 ("libmbedtls: bignum: restore mbedtls_mpi_exp_mod() from v3.5.2")
0ef87b1e6 ("libmbedtls: reset minimum rsa key size")
70b079496 ("libmbedtls: adjust use of rsa pk_wrap API")
6cf76464f ("libmbedtls: allow inclusion of arm_neon.h")
27df5c911 ("libmbedtls: fix cipher_wrap.c for NIST AES Key Wrap mode")
aa584f9ed ("libmbedtls: fix cipher_wrap.c for chacha20 and chachapoly")
523ae957e ("libmbedtls: add fault mitigation in mbedtls_rsa_rsassa_pkcs1_v15_verify()")
30bdb1bbf ("libmbedtls: add fault mitigation in mbedtls_rsa_rsassa_pss_verify_ext()")
e45cdab62 ("libmbedtls: add SM2 curve")
d2fda4fc2 ("libmbedtls: fix no CRT issue")
ab0eb5515 ("libmbedtls: add interfaces in mbedtls for context memory operation")
7925a6f26 ("libmedtls: mpi_miller_rabin: increase count limit")
8eaf69279 ("libmbedtls: add mbedtls_mpi_init_mempool()")
12e83fc8d ("libmbedtls: make mbedtls_mpi_mont*() available")
f9e261da5 ("mbedtls: configure mbedtls to reach for config")
7b6f378d7 ("mbedtls: remove default include/mbedtls/config.h")
c16331743 ("Import mbedtls-3.6.0")

Signed-off-by: Tom Van Eyck <tom.vaneyck@kuleuven.be>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: pass TEE_ATTR_RSA_OAEP_MGF_HASH to RSA-OAEP implementations

OP-TEE currently doesn't support using a different hash for MGF1
with RSA-OAEP. However, this is required for AOSP compatibility
(e.

core: pass TEE_ATTR_RSA_OAEP_MGF_HASH to RSA-OAEP implementations

OP-TEE currently doesn't support using a different hash for MGF1
with RSA-OAEP. However, this is required for AOSP compatibility
(e.g. in EncryptionOperationsTest.RsaOaepWithMGFDigestSuccess [1]).

Pass the MGF1 attribute to crypto implementations. Note that
only libtomcrypt supports this feature at the moment, so other
implementations will either fail or fall back to libtomcrypt when
passed a different MGF1 hash.

Link: https://android.googlesource.com/platform/hardware/interfaces/+/refs/heads/main/security/keymint/aidl/vts/functional/KeyMintTest.cpp#5552 [1]
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-sam: register CPU OPP clock for SCMI usage

Add the definitinon for 'AT91_SCMI_CLK_CPU_OPP'.
When the CPU OPP clock is available, add it to SCMI clock list.

Signed-off-by: Tony Han <tony.han@mi

plat-sam: register CPU OPP clock for SCMI usage

Add the definitinon for 'AT91_SCMI_CLK_CPU_OPP'.
When the CPU OPP clock is available, add it to SCMI clock list.

Signed-off-by: Tony Han <tony.han@microchip.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...