plat: stm32mp2: sysconf: fix CA35SS register names

Align register names with the reference manuel for Arm Cortex-A35 (CA35SS)
- CA35SS SYSCFG registers (with 0x2000 offset)
- CA35SS Standardized sta

plat: stm32mp2: sysconf: fix CA35SS register names

Align register names with the reference manuel for Arm Cortex-A35 (CA35SS)
- CA35SS SYSCFG registers (with 0x2000 offset)
- CA35SS Standardized status and control (SSC) registers

This path removes the confusion between SSC and subsystem (SS).

Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Co-developed-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp2: sysconfig: fix ordering of SYSCFG defines

Reorder SYSCFG defines to prepare renaming so the defines use the same
name as the one in the reference manual.

Signed-off-by: Thomas Bourgo

plat-stm32mp2: sysconfig: fix ordering of SYSCFG defines

Reorder SYSCFG defines to prepare renaming so the defines use the same
name as the one in the reference manual.

Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: ffa_console: add support for multiple character at once

FFA console will use FFA_CONSOLE_LOG_32 as a default
if the current SPMD does not support FFA_CONSOLE_LOG_64.

Signed-off-by: Sungbae

drivers: ffa_console: add support for multiple character at once

FFA console will use FFA_CONSOLE_LOG_32 as a default
if the current SPMD does not support FFA_CONSOLE_LOG_64.

Signed-off-by: Sungbae Yoo <sungbaey@nvidia.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: stm32_tamp: implement reset on tamper event

In case the behavior on a tamper event detection is to reset the platform,
call the do_reset() API to force a system reset.

Signed-off-by: Gatie

drivers: stm32_tamp: implement reset on tamper event

In case the behavior on a tamper event detection is to reset the platform,
call the do_reset() API to force a system reset.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp1: implement do_reset() API to force a system reset

Implement the do_reset() API that traps all cores if the SoC has multiple
cores, then prints a message and forces a system reset.

Sig

plat-stm32mp1: implement do_reset() API to force a system reset

Implement the do_reset() API that traps all cores if the SoC has multiple
cores, then prints a message and forces a system reset.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp2: implement do_reset() API to force a system reset

Implement the do_reset() API that traps all cores if the SoC has multiple
cores, then prints a message and forces a system reset.

Sig

plat-stm32mp2: implement do_reset() API to force a system reset

Implement the do_reset() API that traps all cores if the SoC has multiple
cores, then prints a message and forces a system reset.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: panic: allow core halting on SGI in other cases than panic()

There may be cases where we want to halt several cores outside of a
panic() sequence.

Therefore, add CFG_MULTI_CORE_HALTING switch

core: panic: allow core halting on SGI in other cases than panic()

There may be cases where we want to halt several cores outside of a
panic() sequence.

Therefore, add CFG_MULTI_CORE_HALTING switch that allows to register
an interrupt handler for the CFG_HALT_CORES_SGI that is dedicated to
halt other cores.

This reduces the scope of CFG_HALT_CORES_ON_PANIC that is now used only
for halting other cores in a panic() sequence.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: stm32: add RTC RIF configuration for the stm32mp257f-ev1 board

Add the RTC RIF configuration for the stm32mp257f-ev1 board.

Signed-off-by: Clément Le Goffic <clement.legoffic@foss.st.com>
Revi

dts: stm32: add RTC RIF configuration for the stm32mp257f-ev1 board

Add the RTC RIF configuration for the stm32mp257f-ev1 board.

Signed-off-by: Clément Le Goffic <clement.legoffic@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

drivers: stm32_rtc: add the capability to wakeup the platform

During probe, we look for the property "wakeup-source" that
will trigger the feature "RTC_WAKEUP_ALARM" which will
be send to the caller

drivers: stm32_rtc: add the capability to wakeup the platform

During probe, we look for the property "wakeup-source" that
will trigger the feature "RTC_WAKEUP_ALARM" which will
be send to the callers of the framework `rtc_get_info()` PTA.

We also register the `stm32_rtc_alarm_wake_set_status()` callback.
This callback should be called when the callers knows that the platform
will go in sleep mode.

Signed-off-by: Clément Le Goffic <clement.legoffic@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

drivers: stm32_rtc: add alarm related operations

The RTC framework allows the registration of function :
- `read_alarm()`
- `set_alarm()`
- `alarm_enable()`
- `wait_alarm()`
- `cancel_wait()`

Signe

drivers: stm32_rtc: add alarm related operations

The RTC framework allows the registration of function :
- `read_alarm()`
- `set_alarm()`
- `alarm_enable()`
- `wait_alarm()`
- `cancel_wait()`

Signed-off-by: Clément Le Goffic <clement.legoffic@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

drivers: stm32_rtc: add init configuration function

The init function aims to contains init configurations of the RTC
peripheral such as prescalers, config or calibration registers.
Add "CFG_STM32_H

drivers: stm32_rtc: add init configuration function

The init function aims to contains init configurations of the RTC
peripheral such as prescalers, config or calibration registers.
Add "CFG_STM32_HIGH_ACCURACY" (default to no) config to enable the
high accuracy mode which allow the highest refresh rate of the subsecond
register.
Also merge the functions `stm32_rtc_wait_sync()` with
`stm32_exit_init_mode()` as every stm32 exit init mode was followed
by a wait sync.

Signed-off-by: Clément Le Goffic <clement.legoffic@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

plat-stm32mp2: enable async notif with GIC PPI 15

Enables OP-TEE async notif (asynchronous notification from OP-TEE
to the non-secure world) using GIC PPI 15 (GIC interrupt line 31).

Signed-off-by:

plat-stm32mp2: enable async notif with GIC PPI 15

Enables OP-TEE async notif (asynchronous notification from OP-TEE
to the non-secure world) using GIC PPI 15 (GIC interrupt line 31).

Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>
Signed-off-by: Clément Le Goffic <clement.legoffic@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

plat-stm32mp2: add support for RTC PTA

Compile the RTC PTA and the RTC driver if the RTC driver for stm32 is
enabled.

Signed-off-by: Clément Le Goffic <clement.legoffic@foss.st.com>
Reviewed-by: Et

plat-stm32mp2: add support for RTC PTA

Compile the RTC PTA and the RTC driver if the RTC driver for stm32 is
enabled.

Signed-off-by: Clément Le Goffic <clement.legoffic@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

plat-stm32mp1: add support for RTC PTA

Compile the RTC PTA and the RTC driver if the RTC driver for stm32 is
enabled.

Signed-off-by: Clément Le Goffic <clement.legoffic@foss.st.com>
Reviewed-by: Et

plat-stm32mp1: add support for RTC PTA

Compile the RTC PTA and the RTC driver if the RTC driver for stm32 is
enabled.

Signed-off-by: Clément Le Goffic <clement.legoffic@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

core: pta: add alarm-related operations to RTC PTA

Add `set_alarm()`, `read_alarm()`, `enable_alarm()`, `wait_alarm()`,
`cancel_wait()` and `set_wake_alarm_status()` operations.
Also update RTC feat

core: pta: add alarm-related operations to RTC PTA

Add `set_alarm()`, `read_alarm()`, `enable_alarm()`, `wait_alarm()`,
`cancel_wait()` and `set_wake_alarm_status()` operations.
Also update RTC features to include alarm and wakeup alarm capabilities.

Signed-off-by: Clément Le Goffic <clement.legoffic@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

core: pta: check struct alignment in RTC PTA API

Check buffer alignment against its pretended type before assignation.

Fixes: cea1eb0bc90e ("pta: add PTA for RTC")
Signed-off-by: Clément Le Goffic

core: pta: check struct alignment in RTC PTA API

Check buffer alignment against its pretended type before assignation.

Fixes: cea1eb0bc90e ("pta: add PTA for RTC")
Signed-off-by: Clément Le Goffic <clement.legoffic@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

drivers: rtc: add support of alarm in RTC API

Add set_alarm and read_alarm to the RTC API to set and read an alarm.

In parallel three others functions are added:
- `enable_alarm()`: Enable or not t

drivers: rtc: add support of alarm in RTC API

Add set_alarm and read_alarm to the RTC API to set and read an alarm.

In parallel three others functions are added:
- `enable_alarm()`: Enable or not the alarm
- `wait_alarm()`: This function is called by the non-secure world and waits
until an alarm happens. The wait alarm caller is blocked until an
asynchronous notification arrives.
- `set_alarm_wakeup_status()`: Allow to disable or not the wakeup
capability of the alarm in low power mode

Signed-off-by: Clément Le Goffic <clement.legoffic@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

.gitignore: remove specific IDE configurations directory

Every developer has its own configuration directory, vscode is not an
exception, so remove `.vscode` configuration directory from the
gitigno

.gitignore: remove specific IDE configurations directory

Every developer has its own configuration directory, vscode is not an
exception, so remove `.vscode` configuration directory from the
gitignore exception list.
VSCode's `extensions.json` file is not compulsory for OP-TEE
development.
Remove the file as it is used for an extension recommendation pop up
inside VSCode, and it can mess with people's VSCode own settings.

Signed-off-by: Clément Le Goffic <clement.legoffic@foss.st.com>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

show more ...

ci: add test run with ASan stack instrumentation

Setting CFG_DYN_CONFIG=n enables additional ASan stack
instrumentation, which helps detect stack memory errors.

Signed-off-by: Aleksandr Iashchenko

ci: add test run with ASan stack instrumentation

Setting CFG_DYN_CONFIG=n enables additional ASan stack
instrumentation, which helps detect stack memory errors.

Signed-off-by: Aleksandr Iashchenko <aleksandr.iashchenko@linutronix.de>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: asan: fix check_access()

The previous implementation of check_access() was not fully
correct and could fail to detect out-of-bounds accesses near
the end of an allocated buffer.

For example,

core: asan: fix check_access()

The previous implementation of check_access() was not fully
correct and could fail to detect out-of-bounds accesses near
the end of an allocated buffer.

For example, given a buffer of size 7 allocated at address A.
check_access(addr = A + 7, size = 1) would not trigger a panic,
because the check relied on va_is_well_aligned(end), which skips
validation when end is aligned.

The new check_access() implementation is based on the version from
FreeBSD's subr_asan.c and performs precise shadow memory validation.

In addition, asan_tag_access() behaviour was changed. The shadow byte
should encode the number of accessible bytes. (1 <= k <= 7) means that
the first k bytes are addressible.
This behaviour is in accordance with:

a) the stack instrumentation emitted by compiler
b) the original ASan paper, see [1] section 3.1 Shadow Memory
c) other kasan implementations from freebsd/linux-kernel

[1] https://www.usenix.org/system/files/conference/atc12/atc12-final39.pdf

Signed-off-by: Aleksandr Iashchenko <aleksandr.iashchenko@linutronix.de>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutils: drop redundant IS_ENABLED checks

The functions asan_tag_access() and asan_tag_heap_free() are
always defined. When CFG_CORE_SANITIZE_KADDRESS is disabled, they
are compiled as no-ops. Thus

libutils: drop redundant IS_ENABLED checks

The functions asan_tag_access() and asan_tag_heap_free() are
always defined. When CFG_CORE_SANITIZE_KADDRESS is disabled, they
are compiled as no-ops. Thus, the surrounding IS_ENABLED() checks
are unnecessary and removed.

Signed-off-by: Aleksandr Iashchenko <aleksandr.iashchenko@linutronix.de>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

libutils: tag only actual allocated size in ASan heap tagging

Tag exactly the requested allocation size (hdr_size + requested_size)
instead of the rounded-up buffer size. This ensures that ASan does

libutils: tag only actual allocated size in ASan heap tagging

Tag exactly the requested allocation size (hdr_size + requested_size)
instead of the rounded-up buffer size. This ensures that ASan does not
mark extra padding as valid memory.

Signed-off-by: Aleksandr Iashchenko <aleksandr.iashchenko@linutronix.de>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core, libutils: unpoison stack on longjmp for ASan

Adds support for unpoisoning the stack when performing longjmp,
to ensure correct ASan behavior.

When a longjmp unwinds the stack, parts of the st

core, libutils: unpoison stack on longjmp for ASan

Adds support for unpoisoning the stack when performing longjmp,
to ensure correct ASan behavior.

When a longjmp unwinds the stack, parts of the stack that were
poisoned during deeper calls may remain marked as inaccessible.
This can lead to false ASan reports after longjmp, as the new
frame reuses that memory.

To avoid this, a call to asan_handle_longjmp() is added to
setjmp_a64.S, which unpoisons the stack range between the current
SP and the old SP (saved during setjmp).

Signed-off-by: Aleksandr Iashchenko <aleksandr.iashchenko@linutronix.de>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: add ASan runtime tests to core self-tests

Adds a set of AddressSanitizer (ASan) runtime tests.
Covers stack overflow, global buffer overflow, heap overflow,
use-after-free, invalid memcpy/mems

core: add ASan runtime tests to core self-tests

Adds a set of AddressSanitizer (ASan) runtime tests.
Covers stack overflow, global buffer overflow, heap overflow,
use-after-free, invalid memcpy/memset cases.

These tests are important to ensure that ASan works correctly
when enabled. Implementation of functions such as memset() and memcpy()
may change in the future, or ASan support may silently break when
switching to a new compiler version. Having explicit tests provides
confidence that ASan instrumentation remains functional and correctly
detects memory errors.

Signed-off-by: Aleksandr Iashchenko <aleksandr.iashchenko@linutronix.de>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: asan: add support for custom panic callback

Add asan_set_panic_cb() to register a custom panic callback.

The ability to set a panic callback will be used in ASan tests to
capture and validate

core: asan: add support for custom panic callback

Add asan_set_panic_cb() to register a custom panic callback.

The ability to set a panic callback will be used in ASan tests to
capture and validate expected violations without triggering a full
system panic, which is important for automated testing.

Introduce asan_report() to provide more detailed reporting of
access violations, including nearby shadow memory dump.

Signed-off-by: Aleksandr Iashchenko <aleksandr.iashchenko@linutronix.de>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...