* changes:
docs(imx9): add imx93 platform
feat(imx93): add OPTEE support
feat(imx93): protect OPTEE memory to secure access only
feat(imx93): add cpuidle and basic suspend support
feat(imx93): add reset & poweroff support
feat(imx93): allow SoC masters access to system TCM
feat(imx93): update the ocram trdc config for did10
feat(imx93): add the basic support
feat(imx93): add the trdc driver
build(changelog): add new scopes for nxp imx platform
This patch is used to implement sdmmc/nand/combo-phy
driver to support Cadence IP for Agilex5 SoC FPGA.
1. Added SDMMC/NAND/COMBO-PHY support.
2. Updated product name -> Agilex5
3. Updated QSPI base address
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Change-Id: I6db689d2b784c9f59a25701ab34517f6f6b0a0e6
Currently, Measured Boot RSS driver gathers data from platform calls,
specifically RSS metadata. Generally, the driver should use the least
amount of platform calls possible, and the platform should provide the
data directly to the driver via the driver interface.
For this purpose, RSS Measured Boot driver interface APIs were updated
and platform calls were removed from RSS Measured Boot driver.
Change-Id: I6c797d9ac2d70215f32a084a7643884b399ee28c
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
The framework currently supports QE feature only for Macronix devices.
Kioxia devices also support this feature, but this feature can not be
set based on the manufacturer ID as Kioxia first SPI NAND generation
does not support the QE feature when the second generation does.
Use a flag to manage QE feature. This flag will be added at board level
to manage the device.
Change-Id: I7a3683a2df8739967b17b4abbec32c51bf206b93
Signed-off-by: Christophe Kerello <christophe.kerello@foss.st.com>
* changes:
build!: check boolean flags are not empty
fix(build): add a default value for INVERTED_MEMMAP
fix(a5ds): add default value for ARM_DISABLE_TRUSTED_WDOG
fix(st-crypto): move flag control into source code
fix(stm32mp1): always define PKA algos flags
fix(stm32mp1): remove boolean check on PLAT_TBBR_IMG_DEF
This patch adds a helper API to explicitly refresh SBSA secure watchdog
timer. Please refer section A.3 of the following spec:
https://developer.arm.com/documentation/den0029/latest/
Change-Id: I2d0943792aea0092bee1e51d74b908348587e66b
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
Remove the control from the include file to avoid compilation
issue. Add the check in the source code instead.
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Change-Id: I533f829607f76389399a3e8dbc3c6095278562ab
Have only one definition for REGISTER_CRYPTO_LIB macro, with all the
possible fields. Worst case adds 4 u64 to crypto_lib_desc.
While at it, correct some MISRA violations:
MC3R1.R12.1: (advisory) The precedence of operators within expressions
should be made explicit.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I1342a20e6eef2354753182c2a81ff959e03e5c81
Following discussions in the reviews of the patch that introduced
plat_convert_pk() function [1], it was decided to deprecate it to
avoid weak function declaration.
A new optional function pointer convert_pk is added to crypto_lib_desc_t.
A new function crypto_mod_convert_pk() will either call
crypto_lib_desc.convert_pk() if it is defined, or do the same
as what was done by the weak function otherwise.
[1] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/17174
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: I9358867f8bfd5e96b5ee238c066877da368e43c6
Add initial configuration parameters for Rasperry Pi 3's sdhost
controller, and then configure and use those parameters.
This change allows warm reboots of UEFI on Raspberry Pi 3B+ where
existing code often fails with "unknown error". See discussion at:
https://github.com/pftf/RPi3/issues/24
The basic idea is that some initial configuration parameters
(clock rate, bus width) aren't configured into the hardware before
commands start being sent. I suspect that the particular setting
that matters is the "slow card" bit, but the initial clock setting
also seemed wrong to me.
Change-Id: I526def340def143f23f3422f1fc14c12c937ca7f
Signed-off-by: Rob Newberry <robthedude@mac.com>
When the Arm(R) Ethos(TM)-N NPU driver is built with TZMP1 support, the
NPU should use the firmware that has been loaded into the protected
memory by BL2. The Linux Kernel NPU driver in the non-secure world is
not allowed to configure the NPU to do this in a TZMP1 build so the SiP
service will now configure the NPU to boot with the firmware in the
protected memory.
BREAKING CHANGE: The Linux Kernel NPU driver can no longer directly
configure and boot the NPU in a TZMP1 build. The API version has
therefore been given a major version bump with this change.
Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I65d00f54b3ade3665d7941e270da7a3dec02281a
The SiP service for the Arm(R) Ethos(TM)-N NPU driver will now handle
setting up the address extension and attribute control for the NPU's
streams. The non-secure world will still be allowed to read the address
extension for stream0 but non-secure access to all other streams have
been removed.
The API version has been given a minor bump with this change to indicate
the added functionality.
Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I2b041ca4a0a2b5cd6344a4ae144f75e137c72592
The SiP service for the Arm(R) Ethos(TM)-N NPU driver will now handle
setting up the NPU's event and aux control registers during the SMC
reset call. The aux control register will no longer be accessible by the
non-secure world.
The API version has been given a minor bump with this change to indicate
the added functionality.
Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I5b099e25978aa4089c384eb17c5060c5b4eaf373
When the Arm(R) Ethos(TM)-N NPU firmware is loaded by BL2 into protected
memory, the Linux kernel NPU driver cannot access the firmware. To still
allow the kernel driver to access some information about the firmware,
SMC calls have been added so it can check compatibility and get the
necessary information to map the firmware into the SMMU for the NPU.
The API version has been given a minor version bump with this change to
indicate the added functionality.
Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: Idb076b7bcf54ed7e8eb39be80114dc1d1c45336d
The SiP service in the Arm(R) Ethos(TM)-N NPU driver requires that there
is at least one NPU available. If there is no NPU available, the driver
is either used incorrectly or the HW config is incorrect.
To ensure that the SiP service is not incorrectly used, a setup handler
has been added to the service that will validate that there is at least
one NPU available.
Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I8139a652f265cfc0db4a37464f39f1fb92868e10
To workaround Arm(R) Ethos(TM)-N NPU erratum 2838783, the NPU has been
configured to allow being woken up by both secure and non-secure events
to make sure that an event always wakes up the NPU.
The API version has been given a minor version bump with this change to
indicate that this fix is included.
Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I429cdd6bf1e633b4dedf2e94af28937dd892a0ba
Add Juno specific Makefile to the certificate tool build. That
Makefile is included by the certificate tool Makefile to add
information about the authentication data for the
Arm(R) Ethos(TM)-N NPU's firmware binary.
Signed-off-by: Mohamed Elzahhar <Mohamed.Elzahhar@arm.com>
Signed-off-by: Rob Hughes <robert.hughes@arm.com>
Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: Ie4b6a1c29d73b3ed5041b57f2cd88033be18a63a
Add platform specific Makefile to add UUIDs and command options
for the Arm(R) Ethos(TM)-N NPU firmware binary and certificate
data to the FIP so that the TF-A's BL2 can later be used to load
the Arm(R) Ethos(TM)-N NPU firmware binary into memory and verify
its integrity.
Add separate driver specific include header file for the
Arm(R) Ethos(TM)-N NPU images containing UUIDs and command options
to make it easy to port the FIP support to other platforms.
Signed-off-by: Daniele Castro <daniele.castro@arm.com>
Signed-off-by: Rob Hughes <robert.hughes@arm.com>
Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I8cd64fb20d58f8bd539facb085606213d6cead05
The non-secure world delegation of the register needed to determine if
the Arm(R) Ethos(TM)-N NPU is active or sleeping will be removed in the
future. In preparation for the change, a new SMC call has been added to
allow the non-secure world to ask the SiP service for the state instead.
A minor API version bump has been done with this change to indicate
support for the new functionality.
Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I1338341be385cf1891f4809efb7083fae6d928bc
Adds a reset type argument for the soft and hard reset SMC calls to
indicate whether to perform a full reset and setup or only halt the
Arm(R) Ethos(TM)-N NPU. For use in cases where the NPU will not be
used but must be put into a known state, such as suspending the NPU
as part of power management.
Signed-off-by: Joshua Pimm <joshua.pimm@arm.com>
Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I6018af85a28b0e977166ec29d26f04739123140c
The purpose of this patch is to address the T241 erratum T241-FABRIC-4,
which causes unexpected behavior in the GIC when multiple transactions
are received simultaneously from different sources. This hardware issue
impacts NVIDIA server platforms that use more than two T241 chips
interconnected. Each chip has support for 320 {E}SPIs.
This issue occurs when multiple packets from different GICs are
incorrectly interleaved at the target chip. The erratum text below
specifies exactly what can cause multiple transfer packets susceptible
to interleaving and GIC state corruption. GIC state corruption can
lead to a range of problems, including kernel panics, and unexpected
behavior.
Erratum documentation:
https://developer.nvidia.com/docs/t241-fabric-4/nvidia-t241-fabric-4-errata.pdf
The workaround is to ensure that MMIO accesses target the GIC on the
socket that holds the data, for example SPI ranges owned by the socket’s
GIC. This ensures that the GIC will not utilize the inter-socket AXI
Stream interface for servicing these GIC MMIO accesses.
This patch updates the functions that use the GICD_In{E} registers to
ensure that the accesses are directed to the chip that owns the SPI,
instead of using the global alias.
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
Change-Id: I04e33ba64eb306bd5fdabb56e63cbe273d8cd632
Adds a common function to poll for interrupt status which reports errors
and returns error codes
Signed-off-by: Anand Saminathan <anans@google.com>
Change-Id: Ie5df036dc979e984871de4ae7e974b994296ca4c
The PRDT length field contains the count of the entries in the PRDT. See
JEDEC Standard No. 223E, section 6.1.1, "UTP Transfer Request
Descriptor," page 66. Previously we were setting the PRDT length field
to the number of bytes in the PRDT divided by four (the size in units of
32 bits). This was incorrect according to the spec.
Signed-off-by: Jorge Troncoso <jatron@google.com>
Change-Id: I960771e6ce57002872392993042fae9ec505447e
TF-A support for mbedtls3.x has been overdue by number of releases.
As per mbedtls support it was advised to use latest and greatest
mbedtls-3.3. But mbedtls-3.x breaks API compatibility with
mbedtls-2.x
To maintain comptability for mbedtls-2.x and enable mbedtls-3.x
support add a functionality into makefile to determine the major version
of mbedtls and use that to selective include or compile files
that are present.
With mbedtls-3.x numerous other config changes have been done.
Some of the config options deprecated or enabled by default.
Thus we decided to introduce a new 3.x config file part of this
change for building TF-A with mbedtls-3.3.
For futher information on migrating to mbedtls 3.x refer to:
https://github.com/Mbed-TLS/mbedtls/blob/development/docs/3.0-migration-guide.md
Change-Id: Ia8106d6f526809df927d608db27fe149623258ed
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Currently we include MBEDTLS_CONFIG_FILE directly and if a custom
config file is used it will included.
However from mbedtls-3.x onwards it discourages usage of
MBEDTLS_CONFIG_FILE include directly, so to resolve this and keep 2.28
compatibility include version.h which would include the custom config
file if present and also would expose us with mbedtls-major-version
number which could be used for selecting features and functions for
mbedtls 2.28 or 3.3
Change-Id: I029992311be2a38b588ebbb350875b03ea29acdb
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
* changes:
fix(mmc): align part config type
fix(mmc): do not modify r_data in mmc_send_cmd()
fix(mmc): explicitly check operators precedence
fix(partition): add U suffix for unsigned numbers
fix(partition): add missing curly braces
* changes:
fix(libc): remove __putchar alias
fix(console): correct scopes for console symbols
fix(auth): use NULL instead of 0 for pointer check
fix(io): compare function pointers with NULL
fix(fdt-wrappers): use correct prototypes
console_state is only used in multi_console.c, it is then declared as
static. console_list is used by several files, declare it as extern.
This corrects the 2 sparse warnings:
drivers/console/multi_console.c:13:11: warning: symbol 'console_list'
was not declared. Should it be static?
drivers/console/multi_console.c:14:9: warning: symbol 'console_state'
was not declared. Should it be static?
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: Id1891595906c258e8cb8aa325226f0a43723ca0e
This driver was used when STM32MP_USE_STM32IMAGE was enabled. This flag
is now removed, so the ST io_mmc driver can now be removed.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I3c1280dec8926b921534c81e143e86cfe6d4ee0d
Change function prototype of plat_css_get_scmi_info() to fix the GCC
sign conversion error "comparison between signed and unsigned integer
expressions". Changing channel_id type to unsigned int since it can
never be a negative value.
Signed-off-by: Tony K Nadackal <tony.nadackal@arm.com>
Change-Id: I579b21497329db40897c10d86c8fc68e4877f3db
This corrects MISRA c2012-7.2 violation:
A "u" or "U" suffix shall be applied to all integer constants that are
represented in an unsigned type.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I5508a7d482213fc4d22e3e7ac53defb4135af596
This patch is to fix Errata #841119 and #826419 failed apply in linux
because of SMMU_CBn_ACTLR register can't be modified in non-secure
states.
Signed-off-by: Howard Lu <howard.lu@nxp.com>
Signed-off-by: Jiafei Pan <Jiafei.Pan@nxp.com>
Change-Id: I2b23e7c8baa809f385917eb45b10ec6b26a9ada8
Updated the event log driver's function to accept metadata as an
argument, to remove the platform function usage from the event log
driver to make it a standalone driver.
Change-Id: I512cf693d51dc3c0b9d2c1bfde4f89414e273049
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
The code managing legacy boot (without FIP) that was under
STM32MP_USE_STM32IMAGE flag is remove.
Change-Id: I04452453ed84567b0de39e900594a81526562259
Signed-off-by: Yann Gautier <yann.gautier@st.com>
This driver manages the STM32 Random Number Generator
peripheral.
Change-Id: I4403ebb2dbdaa8df993a4413f1ef48eeba00427c
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Add code to be able to use STMicroelectronics SAES IP. This driver
can manage many AES algorithms (CBC, ECB, CCM, GCM). It will be used
by the authenticated decryption framework (AES-GCM only).
Change-Id: Ibd4030719fb12877dcecd5d2c395d13b4b15c260
Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@st.com>
Add code to be able to use STMicroelectronics PKA peripheral
in the authentication framework.
Change-Id: Ifeafe84c68db483cd18674f2280576cc065f92ee
Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@st.com>
Introduce new flag to manage hardware version.
STM32MP15 currently uses the HASH_V2 and STM32MP13 uses the HASH_V4.
For STM32_HASH_V4: remove MD5 algorithm (no more supported) and
add SHA384 and SHA512.
For STM32_HASH_V2: no change.
Change-Id: I3a9ae9e38249a2421c657232cb0877004d04dae1
Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@st.com>
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
