plat-stm32mp1: activate CFG_CORE_HALT_CORES_ON_PANIC

Default halt the other core when panicking on STM32MP15x platforms.
SGI15 is used for this purpose.

Signed-off-by: Gatien Chevallier <gatien.che

plat-stm32mp1: activate CFG_CORE_HALT_CORES_ON_PANIC

Default halt the other core when panicking on STM32MP15x platforms.
SGI15 is used for this purpose.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Gatien Chevallier <gatien.chevallier@foss.st.com> (stm32mp1-157C_DK2)

show more ...

core: interrupt: halt other cores when one is panicking

When one core panics, send an SGI (CFG_CORE_HALT_CORES_ON_PANIC_SGI)
to halt other cores if CFG_CORE_HALT_CORES_ON_PANIC is enabled.

Signed-o

core: interrupt: halt other cores when one is panicking

When one core panics, send an SGI (CFG_CORE_HALT_CORES_ON_PANIC_SGI)
to halt other cores if CFG_CORE_HALT_CORES_ON_PANIC is enabled.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: interrupt_raise_sgi() updates

Adds ITR_CPU_MASK_TO_THIS_CPU and ITR_CPU_MASK_TO_OTHER_CPUS to simplify
targeting CPUs in some use cases. The cpu_mask parameter is changed to a
uint32_t to make

core: interrupt_raise_sgi() updates

Adds ITR_CPU_MASK_TO_THIS_CPU and ITR_CPU_MASK_TO_OTHER_CPUS to simplify
targeting CPUs in some use cases. The cpu_mask parameter is changed to a
uint32_t to make room for the two new flags.

The gic driver is updated to support this new flag.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: print current guest ID in logs

If CFG_NS_VIRTUALIZATION is enabled include the current guest ID on each
log line. A number is added before the core number identifying the
currently set guest I

core: print current guest ID in logs

If CFG_NS_VIRTUALIZATION is enabled include the current guest ID on each
log line. A number is added before the core number identifying the
currently set guest ID, for example:
D/TC:2 0 0 call_initcalls:40 level 1 teecore_init_pub_ram()

Where the "2" indicates that this is done with guest ID 2 active.

Update the symbolize.py script accordingly to recognize and ignore an
eventual guest ID in a log entry.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

libutee: remove leftover references to libmpa

Removes references to libmpa removed since OP-TEE release tag 3.9.0,
by commit 7fb525f1f8a6 ("Remove libmpa in favor of libmbedtls").

This change remov

libutee: remove leftover references to libmpa

Removes references to libmpa removed since OP-TEE release tag 3.9.0,
by commit 7fb525f1f8a6 ("Remove libmpa in favor of libmbedtls").

This change removes configuration switch CFG_TA_MBEDTLS_MPI
and CFG_TA_MBEDTLS that are no more used by OP-TEE component.

Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

ta: pkcs11: Improve PIN counter handling robustness

Make sure PIN check attempt is saved persistently before continuing with
the actual PIN verification, improving counter and flags coherency in
cas

ta: pkcs11: Improve PIN counter handling robustness

Make sure PIN check attempt is saved persistently before continuing with
the actual PIN verification, improving counter and flags coherency in
case of subsequent failure with persistent saving.

Signed-off-by: Loic Poulain <loic.poulain@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

TA dev kit: Export ftrace_format.py

Commit 5c2c0fb31efb ("ftrace: change implementation to use binary circular
buffer") added script ftrace_format.py which is required to analyze ftrace
logs. So exp

TA dev kit: Export ftrace_format.py

Commit 5c2c0fb31efb ("ftrace: change implementation to use binary circular
buffer") added script ftrace_format.py which is required to analyze ftrace
logs. So export it as part of TA dev kit as well.

Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>

show more ...

core: pta: attestation: fix calls to tee_pobj_get()

Fixes calls to tee_pobj_get() that use boolean value false as argument
where an enum tee_pobj_usage argument is expected.

Between OP-TEE release

core: pta: attestation: fix calls to tee_pobj_get()

Fixes calls to tee_pobj_get() that use boolean value false as argument
where an enum tee_pobj_usage argument is expected.

Between OP-TEE release tags 2.4.0 and 3.11.0, tee_pobj_get() used to
take a boolean @temporary argument. The function prototype changed in
commit 6885abf2f7ef ("core: tee_pobj_get() takes an enum tee_pobj_usage")
and was merged in release tag 3.11.0 but attestation PTA initial
implementation of StMM sadly used the old prototype, using false (0)
instead of TEE_POBJ_USAGE_OPEN (0).

Fixes: 7e05ec25bd68 ("core: pta: add remote attestation PTA")
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: arm: stmm_sp: fix calls to tee_pobj_get()

Fixes calls to tee_pobj_get() that use boolean value false as argument
where an enum tee_pobj_usage argument is expected.

Between OP-TEE release tags

core: arm: stmm_sp: fix calls to tee_pobj_get()

Fixes calls to tee_pobj_get() that use boolean value false as argument
where an enum tee_pobj_usage argument is expected.

Between OP-TEE release tags 2.4.0 and 3.11.0, tee_pobj_get() used to
take a boolean @temporary argument. The function prototype changed in
commit 6885abf2f7ef ("core: tee_pobj_get() takes an enum tee_pobj_usage")
and was merged in release tag 3.11.0 but initial implementation of StMM
support [1] and its related source file renaming [2] sadly used the
old prototype, using false (0) instead of TEE_POBJ_USAGE_OPEN (0).

Fixes: 42471ecf25b7 ("core: load stmm via secure partition") [1]
Fixes: f9cd31c5310d ("core: rename secure_partition to stmm_sp") [2]
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

mk: config.mk: describe CFG_WITH_STATS

Adds a description for CFG_WITH_STATS and explicitly states that the
config switch is default disabled.

Acked-by: Jerome Forissier <jerome.forissier@linaro.or

mk: config.mk: describe CFG_WITH_STATS

Adds a description for CFG_WITH_STATS and explicitly states that the
config switch is default disabled.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

libutee: TEE_AllocateOperation(): maxKeySize of digests may take any value

Commit [1] introduced a check to enforce the "maxKeySize" parameter of
digest operations to always be zero. This is a viola

libutee: TEE_AllocateOperation(): maxKeySize of digests may take any value

Commit [1] introduced a check to enforce the "maxKeySize" parameter of
digest operations to always be zero. This is a violation of the Global
Platform specification [2].

Revert commit [1] to allow maxKeySize to take any value for digest
operations.

[1] commit cf5c060cec76 ("libutee: TEE_AllocateOperation(): digest
operations must have 0 max key size")
Link: https://github.com/OP-TEE/optee_os/commit/cf5c060cec76

[2] TEE Internal Core API Specification – Public Release v1.3.1,
§6.2.1 TEE_AllocateOperation:

The parameter maxKeySize SHALL be a valid value as defined in
Table 5-9 for the algorithm, for algorithms referenced in Table
5-9. For all other algorithms, the maxKeySize parameter may have
any value.

CC: Jens Wiklander <jens.wiklander@linaro.org>
Fixes: cf5c060cec76 ("libutee: TEE_AllocateOperation(): digest operations must have 0 max key size")
Signed-off-by: Vincent Mailhol <mailhol.vincent@wanadoo.fr>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ci: vexpress-qemu_armv8a: add transfer list build

Add CI multi-platform build with CFG_TRANSFER_LIST

Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere

ci: vexpress-qemu_armv8a: add transfer list build

Add CI multi-platform build with CFG_TRANSFER_LIST

Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: add support for transfer list

Add supports for Transfer List on both aarch32/64.
Fetch arguments from {x,r}{0-3} and check if a valid Transfer List
exists, which compliant to the Firmware Hand

core: add support for transfer list

Add supports for Transfer List on both aarch32/64.
Fetch arguments from {x,r}{0-3} and check if a valid Transfer List
exists, which compliant to the Firmware Handoff specification.
The Transfer List will be mapped during early initialization and
unmapped before exiting to next boot stage.
DTB and pagable address will be parsed from the Transfer List if
they exist as Transfer Entries.
If Transfer List does not exist or is invalid, legacy argument
handoff is backwards compatible.

Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: add transfer list API

Introduce Transfer List API into kernel to implement Firmware
Handoff specification

Link: https://github.com/FirmwareHandoff/firmware_handoff
Signed-off-by: Raymond Mao

core: add transfer list API

Introduce Transfer List API into kernel to implement Firmware
Handoff specification

Link: https://github.com/FirmwareHandoff/firmware_handoff
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: add memory area for transfer list

Adding a new area to map a transfer list if it is handed over
from previous boot stage

Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Jens

core: add memory area for transfer list

Adding a new area to map a transfer list if it is handed over
from previous boot stage

Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp1: enable async notif on stm32mp13

Enables async notif using GIC PPI 15 as non-secure interrupt notifier
for STM32MP13 variants.

Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.s

plat-stm32mp1: enable async notif on stm32mp13

Enables async notif using GIC PPI 15 as non-secure interrupt notifier
for STM32MP13 variants.

Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-stm32mp1: default disable CFG_STM32MP1_SCMI_SHM_SYSRAM

Default disable CFG_STM32MP1_SCMI_SHM_SYSRAM to sync with mainline
Linux kernel that uses OP-TEE shared memory for SCMI communication
on S

plat-stm32mp1: default disable CFG_STM32MP1_SCMI_SHM_SYSRAM

Default disable CFG_STM32MP1_SCMI_SHM_SYSRAM to sync with mainline
Linux kernel that uses OP-TEE shared memory for SCMI communication
on STM32MP13 platform instead a piece of SRAM [1].

Link: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f0f0682c384d81bf25e6f8b23971fb8f69122f72
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp1: default disable reserved shared memory

Changes stm32mp15 default configuration to not embed OP-TEE's reserved
static shared memory. This change is aligned with a recent change in
TF-A

plat-stm32mp1: default disable reserved shared memory

Changes stm32mp15 default configuration to not embed OP-TEE's reserved
static shared memory. This change is aligned with a recent change in
TF-A [1] that also default disables the related configuration switch.
Note that TF-A/stm32mp1 deprecates this configuration in order to fully
remove its support in the future [2].

Note that when CFG_CORE_RESERVED_SHM is disabled the default 2MB area
is now used by OP-TEE as secure memory.

Link: https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/commit/?id=fb1d3bd9330ce70f735a344dd4223faffb261118 [1]
Link: https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/commit/?id=12e683a68049f6a3d0985a2cd1564e00115e809f [2]
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: crypto: caam: fix job ring interruption number

The job ring interruption number is 356 for job ring 3.

Fixes: b21f12209671 ("drivers: crypto: caam: use job ring 3 on i.mx8dxlevk")
Signed-o

drivers: crypto: caam: fix job ring interruption number

The job ring interruption number is 356 for job ring 3.

Fixes: b21f12209671 ("drivers: crypto: caam: use job ring 3 on i.mx8dxlevk")
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: drivers: add HiSilicon TRNG implementation

Based on HiSilicon hardware, a matching TRNG module is added.
The driver is enabled for the D06 platform (PLATFORM=d06).

Signed-off-by: loubaihui <l

core: drivers: add HiSilicon TRNG implementation

Based on HiSilicon hardware, a matching TRNG module is added.
The driver is enabled for the D06 platform (PLATFORM=d06).

Signed-off-by: loubaihui <loubaihui1@huawei.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Xiaoxu Zeng <zengxiaoxu@huawei.com>
[jf: amend commit description]
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

ci: add STM32MP2x platforms default build

Adds STM32MP2x platform default build to the CI.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.ca

ci: add STM32MP2x platforms default build

Adds STM32MP2x platform default build to the CI.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

MAINTAINERS: update STMicroelectronics platforms and drivers entries

Add an entry for STM32MP2x platforms and STMicroelectronics drivers
with Etienne Carriere and myself as maintainers.

Update STM3

MAINTAINERS: update STMicroelectronics platforms and drivers entries

Add an entry for STM32MP2x platforms and STMicroelectronics drivers
with Etienne Carriere and myself as maintainers.

Update STM32MP1x platforms entry as ST drivers' maintenance is now
handle with the STMicroelectronics drivers entry.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp2: add new platform support

Initial configuration for STM32MP2x platforms.
Add the initial memory layout and the MMU bus reference
addresses. Default RAM size is 4GBytes
It adds also the

plat-stm32mp2: add new platform support

Initial configuration for STM32MP2x platforms.
Add the initial memory layout and the MMU bus reference
addresses. Default RAM size is 4GBytes
It adds also the console initialization and GIC support.

There are no shared resources on STM32MP25x platforms. Use
stm32_pinctrl_set_secure_cfg() API in the STM32 UART driver for now.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: stm32: add stm32mp257f-ev1 board support

Add STM32MP257F Evaluation board support. It embeds a STM32MP257FAI SoC,
with 4GB of DDR4, TSN switch (2+1 ports), 4*USB typeA, 1*USB2 typeC,
SNOR OctoS

dts: stm32: add stm32mp257f-ev1 board support

Add STM32MP257F Evaluation board support. It embeds a STM32MP257FAI SoC,
with 4GB of DDR4, TSN switch (2+1 ports), 4*USB typeA, 1*USB2 typeC,
SNOR OctoSPI, mini PCIe, STPMIC2 for power distribution ...

Signed-off-by: Alexandre Torgue <alexandre.torgue@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: stm32: introduce STM32MP25 SoCs family

STM32MP25 family is composed of 4 SoCs defined as following:

-STM32MP251: common part composed of 1*cortex-A35, common peripherals
like SDMMC, UART, SPI,

dts: stm32: introduce STM32MP25 SoCs family

STM32MP25 family is composed of 4 SoCs defined as following:

-STM32MP251: common part composed of 1*cortex-A35, common peripherals
like SDMMC, UART, SPI, I2C, PCIe, USB3, parallel and DSI display,
1*ETH ...

-STM32MP253: STM32MP251 + 1*cortex-A35 (dual CPU), a second ETH, CAN-FD
and LVDS display.

-STM32MP255: STM32MP253 + GPU/AI and video encode/decode.
-STM32MP257: STM32MP255 + ETH TSN switch (2+1 ports).

A second diversity layer exists for security features/ A35 frequency:
-STM32MP25xY, "Y" gives information:
-Y = A means A35@1.2GHz + no cryp IP and no secure boot.
-Y = C means A35@1.2GHz + cryp IP and secure boot.
-Y = D means A35@1.5GHz + no cryp IP and no secure boot.
-Y = F means A35@1.5GHz + cryp IP and secure boot.

Available packages are:

STM32MP25xAI: 18*18/FCBGA 172 ios
STM32MP25xAK: 14*14/FCBGA 144 ios
STM32MP25xAL: 10*10/TFBGA 144 ios

More information available at:
Link: https://www.st.com/content/st_com/en/campaigns/microprocessor-stm32mp2.html [1]

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Alexandre Torgue <alexandre.torgue@foss.st.com>
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...