drivers: Add stm32mp1 remoteproc driver

This driver is responsible for configuring the registers and memories of
the remote processor.
- It stores information about memories assigned to the remote p

drivers: Add stm32mp1 remoteproc driver

This driver is responsible for configuring the registers and memories of
the remote processor.
- It stores information about memories assigned to the remote processor
based on the device tree.
- It ensures consistency between the registered memory and the addresses
of the firmware segments to be loaded.
- Additionally, it is responsible for starting and stopping the remote
processor core.

Signed-off-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

libutee: add new remoteproc PTA API

The remoteproc PTA is charge of providing interface to authenticate
firmware images and managing the remote processor live cycle.
The remoteproc PTA supports plat

libutee: add new remoteproc PTA API

The remoteproc PTA is charge of providing interface to authenticate
firmware images and managing the remote processor live cycle.
The remoteproc PTA supports platform specificity in the
management of a remote processor:
- firmware authentication based on a platform key,
- load of the segments in remote processor memories,
- start/stop of the remote processor,
- remote processor addresses conversion.

Signed-off-by: Arnaud Pouliquen <arnaud.pouliquen@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers: caam: provide plat_rng_init if CFG_WITH_SOFTWARE_PRNG=y

With CFG_NXP_CAAM_RNG_DRV enabled, OP-TEE will use the CAAM
to generate random numbers. Normal world access to the RNG is still
possi

drivers: caam: provide plat_rng_init if CFG_WITH_SOFTWARE_PRNG=y

With CFG_NXP_CAAM_RNG_DRV enabled, OP-TEE will use the CAAM
to generate random numbers. Normal world access to the RNG is still
possible as the CAAM is TrustZone aware and provides multiple separate
job rings.

For complete isolation, however, access to CAAM reset and clocks need to
be managed as well. This could be done in theory by restricting access
to the reset and clock controller peripherals to the secure world and
exporting limited access to some resources via SCMI. There is no such
support yet for the i.MX and thus some setups may prefer to avoid using
the CAAM in OP-TEE to stay safe from normal world inducing glitches.

These setups may still need random numbers in OP-TEE. Therefore, access
so have them
access the CAAM only once at startup to initialize OP-TEE's PRNG and
defer subsequent use of the CAAM to the normal world, whenever
CFG_WITH_SOFTWARE_PRNG=y.

Reviewed-by: Clement Faure <clement.faure@nxp.com>
Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>

show more ...

drivers: caam: rng: enable prediction resistance if possible

OP-TEE sets the PR bit on shared descriptors since commit 4ff2ce818e56
("drivers: caam: instantiate RNG state handle with prediction resi

drivers: caam: rng: enable prediction resistance if possible

OP-TEE sets the PR bit on shared descriptors since commit 4ff2ce818e56
("drivers: caam: instantiate RNG state handle with prediction resistance"),
but did not make use of it for random number generation with the reason
explained inside the commit message:

Note: current patch does not deal with RNG state handles that have
already been initialized, but without PR support (this could happen if
U-boot would run before OP-TEE etc.). In this case, RNG state handle
would have to be deinstantiated first, and then reinstantiated with
PR support.

There is a simpler workaround than deinstantiation however: Check if the
state handles have been initialized with prediction resistance (whether
from OP-TEE or outside) and if they were, just set the prediction
resistance bit.

Reviewed-by: Clement Faure <clement.faure@nxp.com>
Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>

show more ...

drivers: caam: support querying whether prediction resistance was setup

CAAM shared descriptors initialization may happen inside OP-TEE or
beforehand, either in the bootloader or system controller.

drivers: caam: support querying whether prediction resistance was setup

CAAM shared descriptors initialization may happen inside OP-TEE or
beforehand, either in the bootloader or system controller.

As it's not known at compile-time whether the shared descriptors were
initialized with prediction resistance or not, OP-TEE use of the CAAM
for random number generation omitted requesting prediction resistance.

In preparation for changing that, provide a caam_hal_rng_pr_enabled()
function that queries the state of the PR bits in the shared descriptors.

Reviewed-by: Clement Faure <clement.faure@nxp.com>
Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>

show more ...

core: fixup of transfer list header size

Add 4 reserved bytes at the tail of the transfer list header.
This fixes a non-8-bytes aligned header when "flags" was introduced
into the header.

Fixes: 50

core: fixup of transfer list header size

Add 4 reserved bytes at the tail of the transfer list header.
This fixes a non-8-bytes aligned header when "flags" was introduced
into the header.

Fixes: 508e2476b232 ("core: update transfer list header and signature")
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

driver: crypto: hisilicon: fix an issue of multiple tasks using the same qp

Flag in the qp structure is used to indicate whether
the qp is occupied.The new task can find an unused qp
and use it.

Fi

driver: crypto: hisilicon: fix an issue of multiple tasks using the same qp

Flag in the qp structure is used to indicate whether
the qp is occupied.The new task can find an unused qp
and use it.

Fixes: c7f9abcee87f ("drivers: implement HiSilicon Queue Management (QM) module")
Signed-off-by: Zexi Yu <yuzexi@hisilicon.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

ta: pkcs11: pkcs11_attributes.c: support PKCS11_CKA_CHECK_VALUE

Add PKCS11_CKA_CHECK_VALUE as an optional attribute of symmetric
key and certificate objects . As per the PKCS#11 specification, key
c

ta: pkcs11: pkcs11_attributes.c: support PKCS11_CKA_CHECK_VALUE

Add PKCS11_CKA_CHECK_VALUE as an optional attribute of symmetric
key and certificate objects . As per the PKCS#11 specification, key
check value attribute is optional therefore add pkcs11 TA configuration
switch CFG_PKCS11_TA_CHECK_VALUE_ATTRIBUTE to embed or not the support.

When supported, as per the spec, the attribute can be either the
legitimate value recomputed by the PKCS#11 token or a zero-sized value
called a no-value for when client does not want the attribute to set
in an object.

This change adds the support for the pcks11 TA commands related to
Cryptoki API functions C_GenerateKey(), C_CreateObject(), C_CopyObject(),
C_SetAttributeValue(), C_UnwrapKey() and C_DeriveKey(). TA command
related to C_FindOjects() support the attribute without any change.

Signed-off-by: Marouene Boubakri <marouene.boubakri@nxp.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: remove unused deprecated gic_cpu_init()

Remove the unused deprecated function gic_cpu_init().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.

core: remove unused deprecated gic_cpu_init()

Remove the unused deprecated function gic_cpu_init().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-zynq7k: use gic_init_per_cpu()

Call gic_init_per_cpu() instead of the now deprecated gic_cpu_init().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

plat-ti: use gic_init_per_cpu()

Call gic_init_per_cpu() instead of the now deprecated gic_cpu_init().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Andrew Davis <afd@ti.com>

plat-sunxi: use gic_init_per_cpu()

Call gic_init_per_cpu() instead of the now deprecated gic_cpu_init().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

plat-stm: use gic_init_per_cpu()

Call gic_init_per_cpu() instead of the now deprecated gic_cpu_init().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etien

plat-stm: use gic_init_per_cpu()

Call gic_init_per_cpu() instead of the now deprecated gic_cpu_init().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp2: use gic_init_per_cpu()

Call gic_init_per_cpu() instead of the now deprecated gic_cpu_init().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <

plat-stm32mp2: use gic_init_per_cpu()

Call gic_init_per_cpu() instead of the now deprecated gic_cpu_init().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp1: use gic_init_per_cpu()

Call gic_init_per_cpu() instead of the now deprecated gic_cpu_init().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <

plat-stm32mp1: use gic_init_per_cpu()

Call gic_init_per_cpu() instead of the now deprecated gic_cpu_init().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-rzn1: use gic_init_per_cpu()

Call gic_init_per_cpu() instead of the now deprecated gic_cpu_init().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Sumit Garg <sumit.garg@li

plat-rzn1: use gic_init_per_cpu()

Call gic_init_per_cpu() instead of the now deprecated gic_cpu_init().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Sumit Garg <sumit.garg@linaro.org>

show more ...

plat-rockchip: use gic_init_per_cpu()

Call gic_init_per_cpu() instead of the now deprecated gic_cpu_init().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

plat-rcar: use gic_init_per_cpu()

Call gic_init_per_cpu() instead of the now deprecated gic_cpu_init().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Volodymyr Babchuk <vol

plat-rcar: use gic_init_per_cpu()

Call gic_init_per_cpu() instead of the now deprecated gic_cpu_init().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Volodymyr Babchuk <volodymyr_babchuk@epam.com>

show more ...

plat-ls: use gic_init_per_cpu()

Call gic_init_per_cpu() instead of the now deprecated gic_cpu_init().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Sahil Malhotra <sahil.ma

plat-ls: use gic_init_per_cpu()

Call gic_init_per_cpu() instead of the now deprecated gic_cpu_init().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Sahil Malhotra <sahil.malhotra@nxp.com>

show more ...

plat-k3: use gic_init_per_cpu()

Call gic_init_per_cpu() instead of the now deprecated gic_cpu_init().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Andrew Davis <afd@ti.com>

plat-imx: use gic_init_per_cpu()

Call gic_init_per_cpu() instead of the now deprecated gic_cpu_init()

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Clement Faure <clement.fau

plat-imx: use gic_init_per_cpu()

Call gic_init_per_cpu() instead of the now deprecated gic_cpu_init()

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Tested-by: Clement Faure <clement.faure@nxp.com> (imx-mx6qsabresd, imx-mx6ulevk, imx-mx8qmmek, imx-mx8mnevk)

show more ...

plat-corstone1000: use gic_init_per_cpu()

Call gic_init_per_cpu() instead of the now deprecated gic_cpu_init().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

plat-aspeed: use gic_init_per_cpu()

Call gic_init_per_cpu() instead of the now deprecated gic_cpu_init().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Chia-Wei Wang <chiaw

plat-aspeed: use gic_init_per_cpu()

Call gic_init_per_cpu() instead of the now deprecated gic_cpu_init().

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>

show more ...

plat-vexpress: use CFG_AUTO_MAX_PA_BITS on virtual platforms

By default set CFG_AUTO_MAX_PA_BITS=y on the virtual platforms fvp and
qemu_armv8a to allow automatic configuration of the maximal suppor

plat-vexpress: use CFG_AUTO_MAX_PA_BITS on virtual platforms

By default set CFG_AUTO_MAX_PA_BITS=y on the virtual platforms fvp and
qemu_armv8a to allow automatic configuration of the maximal supported
physical address.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: add CFG_AUTO_MAX_PA_BITS

Add the configuration variable CFG_AUTO_MAX_PA_BITS that enables
automatic discovery of maximal PA supported by the hardware.

Signed-off-by: Jens Wiklander <jens.wikl

core: add CFG_AUTO_MAX_PA_BITS

Add the configuration variable CFG_AUTO_MAX_PA_BITS that enables
automatic discovery of maximal PA supported by the hardware.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...