plat-stm32mp1: platform driver for stpmic1

Implement STPMIC1 as PMIC (Power Management Integrated Circuit)
accessed through an I2C bus for stm32mp1 platforms. PMIC
configuration mandate device tree

plat-stm32mp1: platform driver for stpmic1

Implement STPMIC1 as PMIC (Power Management Integrated Circuit)
accessed through an I2C bus for stm32mp1 platforms. PMIC
configuration mandate device tree support as configuration
can be complex and specific per board.

At initialization Core looks for a PMIC I2C node in the FDT. If
found, it checks it can communicate with the PMIC and dump some
regulators for some debug support.

Save PMIC low power transition configuration as these information
will be needed from an unpaged execution context.

stm32mp_get_pmic()/stm32mp_put_pmic() helper functions are needed
to get/put PMIC resources.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

plat-stm32mp1: stm32mp_with_pmic() helper

Helper function stm32mp_with_pmic() tells if platform uses
a PMIC or not.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Fo

plat-stm32mp1: stm32mp_with_pmic() helper

Helper function stm32mp_with_pmic() tells if platform uses
a PMIC or not.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

imx: enable BLOB for i.MX SoCs

Unconditionally enable the BLOB driver to provide a HuK on i.MX
platforms.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Clement Faure <cle

imx: enable BLOB for i.MX SoCs

Unconditionally enable the BLOB driver to provide a HuK on i.MX
platforms.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Clement Faure <clement.faure@nxp.com>

show more ...

caam: add BLOB module for MKVB retrieval

The BLOB module currently only implements the retrieval of the MKVB to
provide a HUK implementation for i.MX platforms. The
tee_otp_get_hw_unique_key() funct

caam: add BLOB module for MKVB retrieval

The BLOB module currently only implements the retrieval of the MKVB to
provide a HUK implementation for i.MX platforms. The
tee_otp_get_hw_unique_key() function is also implemented in this module
and caches the key, since it can't be generated again at runtime.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Clement Faure <clement.faure@nxp.com>

show more ...

caam: hal: add function to increment priblob

Add a common hal function to increment the priblob. This can
conditionally be enabled with CFG_CAAM_INC_PRIBLOB to use this as a
workaround on SoCs which

caam: hal: add function to increment priblob

Add a common hal function to increment the priblob. This can
conditionally be enabled with CFG_CAAM_INC_PRIBLOB to use this as a
workaround on SoCs which can't distinguish secure and normal world in
the CAAM, i.e. i.MX6Q.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Clement Faure <clement.faure@nxp.com>

show more ...

caam: move to early init calls

Initialize the CAAM early to enable the retrieval of the MKVB.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Jerome Forissier <jerome@foris

caam: move to early init calls

Initialize the CAAM early to enable the retrieval of the MKVB.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Clement Faure <clement.faure@nxp.com>

show more ...

core: add early initcalls

The early initcalls can be used to initialize hardware which should run
before services are initialized. This can include cryptographic or
random number generation hardware

core: add early initcalls

The early initcalls can be used to initialize hardware which should run
before services are initialized. This can include cryptographic or
random number generation hardware to generate randomness or to perform
cryptographic operations for hardware unique key generation.

Signed-off-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Acked-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Clement Faure <clement.faure@nxp.com>

show more ...

core: rename KEEP_INIT() and KEEP_PAGER()

The KEEP_INIT() and KEEP_PAGER() macros are quite often used in C files
immediately after the definition of a function or a structure without a
blank line i

core: rename KEEP_INIT() and KEEP_PAGER()

The KEEP_INIT() and KEEP_PAGER() macros are quite often used in C files
immediately after the definition of a function or a structure without a
blank line in between. This style mimics what the Linux kernel does for
a similar use cases: EXPORT_SYMBOL().

Unfortunately, the checkpatch.pl tool expects a blank line after
structure and function definitions, except for a few special cases such
as EXPORT_SYMBOL(). As a result we often get unwanted warnings when we
use KEEP_INIT() and KEEP_PAGER(). Among the exceptions are all words
starting with DECLARE_ or DEFINE_, so by renaming our macros we could
avoid the checkpatch warnings.

This commit renames KEEP_INIT() and KEEP_PAGER() to DECLARE_KEEP_INIT()
and DECLARE_KEEP_PAGER(), respectively. The assembler macros are also
renamed for consistency. No functional change is expected.

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: keep.h: add parentheses around sym argument in KEEP_* macros

It is good practice to use parentheses when using macro arguments to
avoid precedence issues. Do it for KEEP_PAGER() and KEEP_INIT(

core: keep.h: add parentheses around sym argument in KEEP_* macros

It is good practice to use parentheses when using macro arguments to
avoid precedence issues. Do it for KEEP_PAGER() and KEEP_INIT().

Signed-off-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

plat-stm32mp1: clock: enable some secure clocks at initialization

With this change some system clocks are enabled by Core at
boot time and have a reference counter synchronized with
the clock hardwa

plat-stm32mp1: clock: enable some secure clocks at initialization

With this change some system clocks are enabled by Core at
boot time and have a reference counter synchronized with
the clock hardware state. RTCAPB must be enabled for secondary
cores to boot, if any.

This change also ensures these secure clocks are derived from
secure clocks.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

drivers: caam: implement NXP CAAM Driver - HMAC

Add the NXP CAAM driver:
- HMAC

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by:

drivers: caam: implement NXP CAAM Driver - HMAC

Add the NXP CAAM driver:
- HMAC

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

drivers: crypto: generic resources for crypto MAC driver - MAC

Add a generic cryptographic driver MAC interface connecting
TEE Crypto generic APIs to HW driver interface

Signed-off-by: Cedric Neveu

drivers: crypto: generic resources for crypto MAC driver - MAC

Add a generic cryptographic driver MAC interface connecting
TEE Crypto generic APIs to HW driver interface

Signed-off-by: Cedric Neveux <cedric.neveux@nxp.com>
Signed-off-by: Clement Faure <clement.faure@nxp.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

plat-stm32mp1: clock: fix MPUDIV support

Fix implementation that divides clock with a value that in fact is
a bit shift value.

Fix implementation for getting MPU clock: when PMUDIV is zero,
MPU clo

plat-stm32mp1: clock: fix MPUDIV support

Fix implementation that divides clock with a value that in fact is
a bit shift value.

Fix implementation for getting MPU clock: when PMUDIV is zero,
MPU clock is disabled.

Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
Acked-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ta: pksc11: update for trace and command exit

Use character flag '#' instead of plain "0x" prefix.

Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Reviewed-by: Jerome Forissier <jerome

ta: pksc11: update for trace and command exit

Use character flag '#' instead of plain "0x" prefix.

Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

ta: pkcs11: rename PKCS11_UNAVAILABLE_INFORMATION

Rename PKCS11_UNAVAILABLE_INFORMATION to PKCS11_CK_UNAVAILABLE_INFORMATION
as it relates to Cryptoki CK_UNAVAILABLE_INFORMATION identifier.

Reviewe

ta: pkcs11: rename PKCS11_UNAVAILABLE_INFORMATION

Rename PKCS11_UNAVAILABLE_INFORMATION to PKCS11_CK_UNAVAILABLE_INFORMATION
as it relates to Cryptoki CK_UNAVAILABLE_INFORMATION identifier.

Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
[jw: fixup PKCS11_UNDEFINED_ID]
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ta: pkcs11: token_capabilities.h: add missing includes

Adds missing includes in token_capabilities.h.

Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Reviewed-by: Jerome Forissier <jer

ta: pkcs11: token_capabilities.h: add missing includes

Adds missing includes in token_capabilities.h.

Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Co-developed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ta: pkcs11: replace complicated params pointer calculation

Replaces params pointer calculations on the form
ctrl = &params[0];
out = &params[2];
with a plain
ctrl = params;
out = params + 2;
in all

ta: pkcs11: replace complicated params pointer calculation

Replaces params pointer calculations on the form
ctrl = &params[0];
out = &params[2];
with a plain
ctrl = params;
out = params + 2;
in all entry function still using this form.

Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

ta: pkcs11: use enum pkcs11_rc instead of uint32_t

Uses enum pkcs11_rc instead of uint32_t where appropriate, that is, as
function return type and local return value type.

Reviewed-by: Rouven Czerw

ta: pkcs11: use enum pkcs11_rc instead of uint32_t

Uses enum pkcs11_rc instead of uint32_t where appropriate, that is, as
function return type and local return value type.

Reviewed-by: Rouven Czerwinski <r.czerwinski@pengutronix.de>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: sm: remove #ifdef around CFG_SM_PLATFORM_HANDLER

Use IS_ENABLED() and weak attribute to remove conditional statement
at pre-compilation time. Keep IS_ENABLED(CFG_SM_PLATFORM_HANDLER)
in the de

core: sm: remove #ifdef around CFG_SM_PLATFORM_HANDLER

Use IS_ENABLED() and weak attribute to remove conditional statement
at pre-compilation time. Keep IS_ENABLED(CFG_SM_PLATFORM_HANDLER)
in the decision to ensure weak function is not even called when
CFG_SM_PLATFORM_HANDLER is disabled, for fast path consideration of
secure monitor traversal.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: sm: support SMCCC v1.1 specification

SMCCC v1.1 specification: support defined function IDs with weak
handlers platform can override, as other PSCI function handler.
We could state we support

core: sm: support SMCCC v1.1 specification

SMCCC v1.1 specification: support defined function IDs with weak
handlers platform can override, as other PSCI function handler.
We could state we support v1.2 but Linux kernel v5.7-rc1 expects
strict v1.1 support.

unsigned long arm_arch_version(void);
returns SMCCC_V_1_1

unsigned long arm_arch_feature(unsigned long a1);
default supports version only

unsigned long arm_arch_soc_id(void);
unsigned long arm_arch_workaround_1(void);
unsigned long arm_arch_workaround_2(void);
default return ARM_SMCCC_RET_NOT_SUPPORTED

This helper is needed by Linux kernel (U-Boot) drivers that rely on
arm_smccc_v1_1() supports.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...

stpmic1: fix missing parentheses in boot-on config

Fix error reported by GCC [1]:

core/drivers/stpmic1.c: In function ‘stpmic1_bo_voltage_unpg’:
core/drivers/stpmic1.c:720:24: error: suggest parent

stpmic1: fix missing parentheses in boot-on config

Fix error reported by GCC [1]:

core/drivers/stpmic1.c: In function ‘stpmic1_bo_voltage_unpg’:
core/drivers/stpmic1.c:720:24: error: suggest parentheses around comparison in operand of ‘&’ [-Werror=parentheses]
if (value & cfg->mask >= cfg->min_value)
~~~~~~~~~~^~~~~~~~~~~~~~~~~

[1] arm-buildroot-linux-uclibcgnueabihf-gcc.br_real (Buildroot
2019.11-git-01409-gab8f872d0e-dirty) 8.3.0

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>
[jf: wrap compiler description line]
Signed-off-by: Jerome Forissier <jerome@forissier.org>

show more ...

libmbedtls: mbedtls_mpi_shrink(): fix possible unwanted truncation

If mbedtls_mpi_shrink() is passed a value for nblimbs that is smaller
than the minimum number of limbs required to store the big nu

libmbedtls: mbedtls_mpi_shrink(): fix possible unwanted truncation

If mbedtls_mpi_shrink() is passed a value for nblimbs that is smaller
than the minimum number of limbs required to store the big number, the
current implementation will unexpectedly truncate the number to the
requested size. It should use the minimal size instead in order not to
corrupt the bigum value.

This issue was introduced in [1] probably as a result of a bad copy
and paste from mbedtls_mpi_grow().

Fixes: [1] commit 98bd5fe350be ("libmbedtls: add mbedtls_mpi_init_mempool()")
Reported-by: Zhenke Ma <zhenke.ma@armchina.com>
Signed-off-by: Jerome Forissier <jerome@forissier.org>
Reviewed-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>

show more ...

core: scmi-msg: reset: fix return value on domain IDs not found

Fix reset cycle message in SCMI reset domain to return NOT_FOUND on
invalid domain ID instead of INVALID_PARAMETERS.

Signed-off-by: E

core: scmi-msg: reset: fix return value on domain IDs not found

Fix reset cycle message in SCMI reset domain to return NOT_FOUND on
invalid domain ID instead of INVALID_PARAMETERS.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

core: scmi-msg: minor cleanup

Remove useless local headers file inclusion as "common.h" is included.
Remove a useless inclusion of speculation_barrier.h.
Use BIT() in clock.h.
Refine inline descript

core: scmi-msg: minor cleanup

Remove useless local headers file inclusion as "common.h" is included.
Remove a useless inclusion of speculation_barrier.h.
Use BIT() in clock.h.
Refine inline description of scmi_msg_channel::agent_name in scmi-msg.h.
Fix typo in scmi_smt_fastcall_smc_entry() description inline comment.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jerome Forissier <jerome@forissier.org>

show more ...

stpmic1: assert regulator support at API function entries

Assert the regulator as a register offset defined (non zero) for the
target support.

Low power modes mandate a non-zero low_power_reg offse

stpmic1: assert regulator support at API function entries

Assert the regulator as a register offset defined (non zero) for the
target support.

Low power modes mandate a non-zero low_power_reg offset value in
regulator description. Offset is stored in lp_reg for unpaged
accesses to regulator.

Pull down support mandates a non-zero pull_down_reg offset value
in regulator description. Offset in stored in pd_reg for unpaged
accessed to regulator.

Mask reset support mandates a non-zero mask_reset_reg offset value
in regulator description. Offset in stored in mrst_reg for unpaged
accessed to regulator.

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
Acked-by: Jerome Forissier <jerome@forissier.org>

show more ...