core: pta: attestation: fix calls to tee_pobj_get()

Fixes calls to tee_pobj_get() that use boolean value false as argument
where an enum tee_pobj_usage argument is expected.

Between OP-TEE release

core: pta: attestation: fix calls to tee_pobj_get()

Fixes calls to tee_pobj_get() that use boolean value false as argument
where an enum tee_pobj_usage argument is expected.

Between OP-TEE release tags 2.4.0 and 3.11.0, tee_pobj_get() used to
take a boolean @temporary argument. The function prototype changed in
commit 6885abf2f7ef ("core: tee_pobj_get() takes an enum tee_pobj_usage")
and was merged in release tag 3.11.0 but attestation PTA initial
implementation of StMM sadly used the old prototype, using false (0)
instead of TEE_POBJ_USAGE_OPEN (0).

Fixes: 7e05ec25bd68 ("core: pta: add remote attestation PTA")
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: arm: stmm_sp: fix calls to tee_pobj_get()

Fixes calls to tee_pobj_get() that use boolean value false as argument
where an enum tee_pobj_usage argument is expected.

Between OP-TEE release tags

core: arm: stmm_sp: fix calls to tee_pobj_get()

Fixes calls to tee_pobj_get() that use boolean value false as argument
where an enum tee_pobj_usage argument is expected.

Between OP-TEE release tags 2.4.0 and 3.11.0, tee_pobj_get() used to
take a boolean @temporary argument. The function prototype changed in
commit 6885abf2f7ef ("core: tee_pobj_get() takes an enum tee_pobj_usage")
and was merged in release tag 3.11.0 but initial implementation of StMM
support [1] and its related source file renaming [2] sadly used the
old prototype, using false (0) instead of TEE_POBJ_USAGE_OPEN (0).

Fixes: 42471ecf25b7 ("core: load stmm via secure partition") [1]
Fixes: f9cd31c5310d ("core: rename secure_partition to stmm_sp") [2]
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

mk: config.mk: describe CFG_WITH_STATS

Adds a description for CFG_WITH_STATS and explicitly states that the
config switch is default disabled.

Acked-by: Jerome Forissier <jerome.forissier@linaro.or

mk: config.mk: describe CFG_WITH_STATS

Adds a description for CFG_WITH_STATS and explicitly states that the
config switch is default disabled.

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

libutee: TEE_AllocateOperation(): maxKeySize of digests may take any value

Commit [1] introduced a check to enforce the "maxKeySize" parameter of
digest operations to always be zero. This is a viola

libutee: TEE_AllocateOperation(): maxKeySize of digests may take any value

Commit [1] introduced a check to enforce the "maxKeySize" parameter of
digest operations to always be zero. This is a violation of the Global
Platform specification [2].

Revert commit [1] to allow maxKeySize to take any value for digest
operations.

[1] commit cf5c060cec76 ("libutee: TEE_AllocateOperation(): digest
operations must have 0 max key size")
Link: https://github.com/OP-TEE/optee_os/commit/cf5c060cec76

[2] TEE Internal Core API Specification – Public Release v1.3.1,
§6.2.1 TEE_AllocateOperation:

The parameter maxKeySize SHALL be a valid value as defined in
Table 5-9 for the algorithm, for algorithms referenced in Table
5-9. For all other algorithms, the maxKeySize parameter may have
any value.

CC: Jens Wiklander <jens.wiklander@linaro.org>
Fixes: cf5c060cec76 ("libutee: TEE_AllocateOperation(): digest operations must have 0 max key size")
Signed-off-by: Vincent Mailhol <mailhol.vincent@wanadoo.fr>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ci: vexpress-qemu_armv8a: add transfer list build

Add CI multi-platform build with CFG_TRANSFER_LIST

Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere

ci: vexpress-qemu_armv8a: add transfer list build

Add CI multi-platform build with CFG_TRANSFER_LIST

Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: add support for transfer list

Add supports for Transfer List on both aarch32/64.
Fetch arguments from {x,r}{0-3} and check if a valid Transfer List
exists, which compliant to the Firmware Hand

core: add support for transfer list

Add supports for Transfer List on both aarch32/64.
Fetch arguments from {x,r}{0-3} and check if a valid Transfer List
exists, which compliant to the Firmware Handoff specification.
The Transfer List will be mapped during early initialization and
unmapped before exiting to next boot stage.
DTB and pagable address will be parsed from the Transfer List if
they exist as Transfer Entries.
If Transfer List does not exist or is invalid, legacy argument
handoff is backwards compatible.

Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: add transfer list API

Introduce Transfer List API into kernel to implement Firmware
Handoff specification

Link: https://github.com/FirmwareHandoff/firmware_handoff
Signed-off-by: Raymond Mao

core: add transfer list API

Introduce Transfer List API into kernel to implement Firmware
Handoff specification

Link: https://github.com/FirmwareHandoff/firmware_handoff
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: add memory area for transfer list

Adding a new area to map a transfer list if it is handed over
from previous boot stage

Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Jens

core: add memory area for transfer list

Adding a new area to map a transfer list if it is handed over
from previous boot stage

Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp1: enable async notif on stm32mp13

Enables async notif using GIC PPI 15 as non-secure interrupt notifier
for STM32MP13 variants.

Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.s

plat-stm32mp1: enable async notif on stm32mp13

Enables async notif using GIC PPI 15 as non-secure interrupt notifier
for STM32MP13 variants.

Reviewed-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Sumit Garg <sumit.garg@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-stm32mp1: default disable CFG_STM32MP1_SCMI_SHM_SYSRAM

Default disable CFG_STM32MP1_SCMI_SHM_SYSRAM to sync with mainline
Linux kernel that uses OP-TEE shared memory for SCMI communication
on S

plat-stm32mp1: default disable CFG_STM32MP1_SCMI_SHM_SYSRAM

Default disable CFG_STM32MP1_SCMI_SHM_SYSRAM to sync with mainline
Linux kernel that uses OP-TEE shared memory for SCMI communication
on STM32MP13 platform instead a piece of SRAM [1].

Link: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f0f0682c384d81bf25e6f8b23971fb8f69122f72
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp1: default disable reserved shared memory

Changes stm32mp15 default configuration to not embed OP-TEE's reserved
static shared memory. This change is aligned with a recent change in
TF-A

plat-stm32mp1: default disable reserved shared memory

Changes stm32mp15 default configuration to not embed OP-TEE's reserved
static shared memory. This change is aligned with a recent change in
TF-A [1] that also default disables the related configuration switch.
Note that TF-A/stm32mp1 deprecates this configuration in order to fully
remove its support in the future [2].

Note that when CFG_CORE_RESERVED_SHM is disabled the default 2MB area
is now used by OP-TEE as secure memory.

Link: https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/commit/?id=fb1d3bd9330ce70f735a344dd4223faffb261118 [1]
Link: https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/commit/?id=12e683a68049f6a3d0985a2cd1564e00115e809f [2]
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Acked-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: crypto: caam: fix job ring interruption number

The job ring interruption number is 356 for job ring 3.

Fixes: b21f12209671 ("drivers: crypto: caam: use job ring 3 on i.mx8dxlevk")
Signed-o

drivers: crypto: caam: fix job ring interruption number

The job ring interruption number is 356 for job ring 3.

Fixes: b21f12209671 ("drivers: crypto: caam: use job ring 3 on i.mx8dxlevk")
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

core: drivers: add HiSilicon TRNG implementation

Based on HiSilicon hardware, a matching TRNG module is added.
The driver is enabled for the D06 platform (PLATFORM=d06).

Signed-off-by: loubaihui <l

core: drivers: add HiSilicon TRNG implementation

Based on HiSilicon hardware, a matching TRNG module is added.
The driver is enabled for the D06 platform (PLATFORM=d06).

Signed-off-by: loubaihui <loubaihui1@huawei.com>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>
Acked-by: Xiaoxu Zeng <zengxiaoxu@huawei.com>
[jf: amend commit description]
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

ci: add STM32MP2x platforms default build

Adds STM32MP2x platform default build to the CI.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.ca

ci: add STM32MP2x platforms default build

Adds STM32MP2x platform default build to the CI.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

MAINTAINERS: update STMicroelectronics platforms and drivers entries

Add an entry for STM32MP2x platforms and STMicroelectronics drivers
with Etienne Carriere and myself as maintainers.

Update STM3

MAINTAINERS: update STMicroelectronics platforms and drivers entries

Add an entry for STM32MP2x platforms and STMicroelectronics drivers
with Etienne Carriere and myself as maintainers.

Update STM32MP1x platforms entry as ST drivers' maintenance is now
handle with the STMicroelectronics drivers entry.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

plat-stm32mp2: add new platform support

Initial configuration for STM32MP2x platforms.
Add the initial memory layout and the MMU bus reference
addresses. Default RAM size is 4GBytes
It adds also the

plat-stm32mp2: add new platform support

Initial configuration for STM32MP2x platforms.
Add the initial memory layout and the MMU bus reference
addresses. Default RAM size is 4GBytes
It adds also the console initialization and GIC support.

There are no shared resources on STM32MP25x platforms. Use
stm32_pinctrl_set_secure_cfg() API in the STM32 UART driver for now.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: stm32: add stm32mp257f-ev1 board support

Add STM32MP257F Evaluation board support. It embeds a STM32MP257FAI SoC,
with 4GB of DDR4, TSN switch (2+1 ports), 4*USB typeA, 1*USB2 typeC,
SNOR OctoS

dts: stm32: add stm32mp257f-ev1 board support

Add STM32MP257F Evaluation board support. It embeds a STM32MP257FAI SoC,
with 4GB of DDR4, TSN switch (2+1 ports), 4*USB typeA, 1*USB2 typeC,
SNOR OctoSPI, mini PCIe, STPMIC2 for power distribution ...

Signed-off-by: Alexandre Torgue <alexandre.torgue@foss.st.com>
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

dts: stm32: introduce STM32MP25 SoCs family

STM32MP25 family is composed of 4 SoCs defined as following:

-STM32MP251: common part composed of 1*cortex-A35, common peripherals
like SDMMC, UART, SPI,

dts: stm32: introduce STM32MP25 SoCs family

STM32MP25 family is composed of 4 SoCs defined as following:

-STM32MP251: common part composed of 1*cortex-A35, common peripherals
like SDMMC, UART, SPI, I2C, PCIe, USB3, parallel and DSI display,
1*ETH ...

-STM32MP253: STM32MP251 + 1*cortex-A35 (dual CPU), a second ETH, CAN-FD
and LVDS display.

-STM32MP255: STM32MP253 + GPU/AI and video encode/decode.
-STM32MP257: STM32MP255 + ETH TSN switch (2+1 ports).

A second diversity layer exists for security features/ A35 frequency:
-STM32MP25xY, "Y" gives information:
-Y = A means A35@1.2GHz + no cryp IP and no secure boot.
-Y = C means A35@1.2GHz + cryp IP and secure boot.
-Y = D means A35@1.5GHz + no cryp IP and no secure boot.
-Y = F means A35@1.5GHz + cryp IP and secure boot.

Available packages are:

STM32MP25xAI: 18*18/FCBGA 172 ios
STM32MP25xAK: 14*14/FCBGA 144 ios
STM32MP25xAL: 10*10/TFBGA 144 ios

More information available at:
Link: https://www.st.com/content/st_com/en/campaigns/microprocessor-stm32mp2.html [1]

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Alexandre Torgue <alexandre.torgue@foss.st.com>
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

drivers: stm32_gpio: remove unused APIs

Remove unused stm32_get_gpio_bank_offset() and stm32_get_gpio_count()
APIs.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Eti

drivers: stm32_gpio: remove unused APIs

Remove unused stm32_get_gpio_bank_offset() and stm32_get_gpio_count()
APIs.

Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: io: fix missing include of delay.h

Adds missing include of kernel/delay.h for udelay() used in
IO_READ32_POLL_TIMEOUT() macro.

Fixes: 97ea199a2ae8 ("core: io: IO_READ32_POLL_TIMEOUT()")
Revie

core: io: fix missing include of delay.h

Adds missing include of kernel/delay.h for udelay() used in
IO_READ32_POLL_TIMEOUT() macro.

Fixes: 97ea199a2ae8 ("core: io: IO_READ32_POLL_TIMEOUT()")
Reviewed-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: kernel: interrupt: fix inline description

Fixes the inline description comment for type get_of_device_func
and API function dt_driver_device_from_parent().

Fixes: b357d34fe91f ("core: dt_driv

core: kernel: interrupt: fix inline description

Fixes the inline description comment for type get_of_device_func
and API function dt_driver_device_from_parent().

Fixes: b357d34fe91f ("core: dt_driver: swap TEE_result and retrieved device reference")
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

core: ffa: remove AArch32 support

The FF-A and AArch32 configuration was prior to this patch not compile
tested and not used upstream. So remove the AArch32 support for FF-A
configurations so save m

core: ffa: remove AArch32 support

The FF-A and AArch32 configuration was prior to this patch not compile
tested and not used upstream. So remove the AArch32 support for FF-A
configurations so save maintenance effort.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@foss.st.com>

show more ...

MAINTAINERS: add AOSP build maintainer entry

Add AOSP build maintainer.

Signed-off-by: Tadd Kao <tadd.kao@mediatek.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

mk/aosp_optee.mk: Allow building OPTEE_BIN with early TAs in one shot

This change adds OPTEE_TA_DEV_KIT_MK target to replace OPTEE_BIN
target in TA build process. It helps to build OPTEE_BIN with
ea

mk/aosp_optee.mk: Allow building OPTEE_BIN with early TAs in one shot

This change adds OPTEE_TA_DEV_KIT_MK target to replace OPTEE_BIN
target in TA build process. It helps to build OPTEE_BIN with
early TAs in one shot since the cyclic dependency between TAs and
OPTEE_BIN is removed. It also allows to build TA with a preferred
TA_TARGET that is not included in the CFG_USER_TA_TARGETS when
building OPTEE_BIN. An AOSP common module for TAs in stripped elf
format is added to be referred as early TA files when building
OPTEE_BIN. For example, we can setup dependency and use the argument
below to build OPTEE_BIN with an early TA.

EARLY_TA_PATHS=$(abspath $(PRODUCT_OUT))/unsigned/<ta_uuid>.ta.unsigned

Signed-off-by: Tadd Kao <tadd.kao@mediatek.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...

drivers: crypto: caam: use job ring 3 on i.mx8dxlevk

Use the job ring #3 on i.mx8dxl to avoid resource conflict with other
software stacks.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acke

drivers: crypto: caam: use job ring 3 on i.mx8dxlevk

Use the job ring #3 on i.mx8dxl to avoid resource conflict with other
software stacks.

Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

show more ...