Update the mbed TLS submodule to the 3.6.6 release and bump
MBEDTLS_CONFIG_VERSION in default_mbedtls_config.h so the
Trusted Firmware-A configuration matches the imported version.
Change-Id: I9f90eecfbce203a89c61e864ef3f85677efad1c4
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
When AES-GCM is enabled, use the AESCE backend and set
MBEDTLS_AES_USE_HARDWARE_ONLY to avoid falling back to the
plain-C AES implementation when FEAT_CRYPTO is available.
Change-Id: I17750618646aea962a91c4fae551bff65acf30f3
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Remove flags used for configuring watchdog during low power phases.
The configuration to stop watchdog during standby and s2idle is done in
OP-TEE.
Signed-off-by: Thomas Bourgoin <thomas.bourgoin@foss.st.com>
Change-Id: Ib68d5bf31d7f97791af6b25327b374771b75fd4e
QTI SMMU driver is only enabled on Kodiak without QTISECLIB being
enabled. So clean up the driver inclusion and remove any #ifdefry
from common code to make it more readable.
Change-Id: I6d7d4b2f12e1e8fc1b4126895a6ddf6c9a516f7e
Signed-off-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
QTI xPU bypass driver is only needed on Kodiak when QTISECLIB is
enabled to workaround an issue observed during Linux boot. So clean
up the driver inclusion and remove any #ifdefry from common code to
make it more readable.
Change-Id: Ieca67a8298443a672b718dff34c79c1b49918251
Signed-off-by: Sumit Garg <sumit.garg@oss.qualcomm.com>
libeventlog provides its own tcg.h, and this should be used.
Remove old tcg.h from TF-A source tree.
Change-Id: I58c6af9480d4bee11751aeebd53829da0bde52c4
Signed-off-by: Matthew Ellis <Matthew.Ellis@arm.com>
Port the SMMU driver from QTISECLIB and format it to
prepare for upstreaming. SMMU driver in TF-A is necessary
for configuration of access control and other config
registers as listed in smmu_cfg.h on boot.
Change-Id: I938ca39c0d268b59002cef14b71e6ba9d78a30b5
Signed-off-by: Hailey Liney <hliney@qti.qualcomm.com>
* changes:
fix(firme): granule management service
feat(gpt): move gpt support under ENABLE_FEAT_RME
feat(rmmd): replace ENABLE_RME with ENABLE_RMM
feat(rme): split off ENABLE_FEAT_RME
Granule Protection Tables (GPT) library support is enabled only when
ENABLE_RMM is set (previously this build option was ENABLE_RME). Since
RME related support is now enabled using feature detection option
ENABLE_FEAT_RME, this patch moves GPT support under ENABLE_FEAT_RME.
This change brings in below benefits:
- single TF-A build that works for RME and non-RME systems, when
build with ENABLE_FEAT_RME=2 (FEAT_STATE_CHECK)
- RMM loading is optional on RME systems
- SiP calls that leverages RME features to change the PAS of a memory
range from non-secure to secure is supported without need to enable
Realm PAS or RMM.
- FIRME Granule Management Interface (GMI) ABIs that handles
FEAT_RME_GPC2/FEAT_RME_GDI can be enabled without need to enable RMM
Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Change-Id: I88d9d4e0491af2b4ae0307c018f2d4a71ee6693f
RME architectural requirements are now handled under the feature
detection option ENABLE_FEAT_RME. However, the existing ENABLE_RME build
option performs RMM-specific tasks such as GPT setup, loading the RMM,
and enabling RMMD support.
Since ENABLE_RME now only controls RMM-related functionality, rename it
to ENABLE_RMM to better reflect its purpose and avoid confusion with
ENABLE_FEAT_RME.
For backward compatibility, setting the legacy ENABLE_RME=1 (until it is
deprecated) will automatically enable both ENABLE_FEAT_RME and
ENABLE_RMM.
Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Change-Id: Iac945bdffe5002161bf1161b81a5aa7abec68192
Add helper to return the Nth GPT entry matching a type GUID.
Expose API in partition header for consumers needing type+index
selection.
Change-Id: Iba433e194a3b45d00a296761de76799b3a9cb82a
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
There is no need to include platform_def.h in stm32mp2_clk.h. However
we'll need stdint.h for some int types.
This was found by Coverity: Defect (PW.INCLUDE_RECURSION)
Change-Id: If68c6cb77a4f955cdc2260e7419171338f50eab8
Signed-off-by: Yann Gautier <yann.gautier@st.com>
While GIC setup is generic across platforms, its usage is not. Some
platforms won't use it at EL3, while others need to configure interrupts
(like RAS) in the standard platform hooks. To do that, the GIC needs to
be set up and ready to use before calling the platform hooks but
currently that is only done after. Annoyingly, a handful of platforms
need to set their GIC up before initialising it necessitating the
platform hooks to be called before GIC init.
This patch resolves this contradiction by moving the general GIC setup
calls to before the platform hooks and adding a GIC-specific platform
hook just before GIC per CPU init. This way both types of platforms can
do their business at the same time.
Change-Id: I361f587ab4603162ee880addb074800cbbb97b49
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Addition of tpm_pcr_read_single().
Platform interface as required.
Change-Id: I86dcf7b5cfee2f1bea1d88bb590505990cccf93b
Signed-off-by: Matthew Ellis <Matthew.Ellis@arm.com>
The eventlog library exposed macros TPM_ALG_SHA*. These will clash
with libTPM, so must be namespaced by prefixing them with EVLOG_
Change-Id: Id498d5882edda056c2d78c916193053655b3eb89
Signed-off-by: Matthew Ellis <Matthew.Ellis@arm.com>
This patch introduces the initial BL2 support for Renesas RZ/A
platforms. It adds platform-specific sources, drivers, build files,
and memory configuration needed to boot via BL2.
Key changes include:
- Board-specific makefiles for RZ/A3M board.
- Platform helpers and BL2 setup routines.
- Drivers for DDR, GPIO, and CPG drivers.
- Platform headers, register definitions, and configuration files.
- Scripts and makefiles for image generation.
Change-Id: I6cea17a76633998d746e7c7c429da9a5bd09ef0c
Signed-off-by: Nhut Nguyen <nhut.nguyen.kc@renesas.com>
Patch 19d6b6b776e2628fadd72b18f342bdedcd7c5b57 removed the A5DS
platform which was the only user of this driver. Remove it too as it is
now dead code.
Change-Id: Iac737e868e3cc15d955ee8b7de2eed2a7d99cff0
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Map DDR PHY and GPR regions to enable DDR
initialization. The DDR driver requires these
mappings to program the DDR controller and
system level configuration registers.
Change-Id: I0d6ac5643abd2966215ad9a27cd7bd09c4ffe720
Signed-off-by: Ghennadi Procopciuc <ghennadi.procopciuc@nxp.com>
Signed-off-by: Khristine Andreea Barbulescu <khristineandreea.barbulescu@nxp.com>
This is a port of patch cee0d3649 from TF-M. It is functionally
identical and the original commit message follows:
The MHU wrapper handles the data from and to the driver with a 4-byte
alignment. This may not fit the caller, which may need to transfer a
buffer or arbitrary size. Add some logic to internally handle the case
where the buffer size is not multiple of 4 bytes.
Change-Id: I07210385940f4e2de0728ae9235823e516d224f7
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
On STM32MP21, RISAF embeds a second encryption method, based on MCE
peripheral, specifically against side-channel attacks using a specific
key with two possible sizes: 128 or 256 bits.
Size can be configured via device tree.
Add stm32mp2_risaf_write_mce_key() service in RISAF driver.
Signed-off-by: Nicolas Le Bayon <nicolas.le.bayon@st.com>
Change-Id: I819385b0d9dcaa1081b51206211cec5b73b4d4b4
BSEC OTPCR register structure is different on STM32MP21.
Adapt register description.
Signed-off-by: Nicolas Le Bayon <nicolas.le.bayon@st.com>
Change-Id: Ie837b6e870e9c0980ae91c8e537482e8a0214ebb
Display the STPMIC version and product ID only in BL2.
No need to be displayed in BL31, when STPMIC drvier is used to switch off
the DDR power supplies.
This patch also move the 'pmic2->ref_id' initialization in
initialize_pmic_i2c().
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Change-Id: Ic414c735d16e2937d1435918843d3fad20e8bde5
Update STPMIC2 driver to use it on STM32MP1 especially
STM32MP_STPMIC1L.
Change-Id: I0db727a093a6a85dca7a74be280c0d1af0e54417
Signed-off-by: Pascal Paillet <p.paillet@foss.st.com>
Add the support for STPMIC1L and STPMIC2L.
- The BUCK1 can support an high voltage range like BUCK2 depending
on the NVM content.
- Those PMIC support GPO that are used to control external regulators.
Change-Id: I0ccd6aa0768873f8fc94fd514ddf70788ceea4bb
Signed-off-by: Pascal Paillet <p.paillet@foss.st.com>
This function calls the stpmic1_switch_off() function, waits for 100us
for the switch-off to occur. And panics in case it has not switched-off.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I51d1c145edae9d9272ea8ad0b9b9b89488bb5a39
There is no inheritance between PWR_CR11 and DDR RCC resources.
Disabling/re-enabling CID filtering of resource 104 (DDRCTRL)
before/after each access of PWR_CR11 (read or write) fixes
this lack.
Signed-off-by: Nicolas Le Bayon <nicolas.le.bayon@st.com>
Change-Id: Iea4502c9ceccd3002b0f5004f5e32d5cce57c2ed
stm32mp1_ddrphy_idone_wait() returns a negative status if any error
occurs in PGSR during loop.
Parse ZQ0SR0 done/err bit fields after calling stm32mp1_ddrphy_init().
Signed-off-by: Nicolas Le Bayon <nicolas.le.bayon@st.com>
Change-Id: I7536910c616580c488ec5574b3557d648f4fdb71
Add the QTI accesscontrol driver, which wraps the memory-assignment API
and initializes the VMIDMT and XPU subsystems (static config plus
interrupt registration, with fatal-error handling on failure).
To use this implementation, the access control support provided by
QTISECLIB must be disabled at build time. When the driver is not
enabled, the associated stub continues to call into QTISECLIB.
For Kodiak, iPMEM is reserved to the TZ.
For coverity purporses, enable the driver on the non-bootable build.
Change-Id: Ib5472ea2a3b41b75faa4c8766bc9f0ad3d23061a
Signed-off-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>
Add a Kodiak platform watchdog driver providing timeout programming,
bark/bite handling, and per-core tracking, integrating with QTimer and
the generic interrupt service.
For coverity purposes, enable the driver on the non-bootable build.
Change-Id: Ieb8cd5a597253553ac7f0f1b861cb78bff35a12d
Signed-off-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>
Introduce a minimal QTimer driver implementing basic initialization, raw
counter access, and a microsecond conversion helper.
For coverity purposes, enable the driver on the non-bootable build.
Change-Id: I8dbde26848642b697302508847a7812e32d146e0
Signed-off-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>
Sets the CPU reset start address (via a helper) and configures the
security/access policy for CPU/clock/power/timer blocks and the
interconnect so the rest of the boot flow and the non‑secure OS can
safely access what they need.
When this driver is enabled the Qualcomm propietary security library
(QTISECLIB) no longer needs to perform these actions.
For coverity purposes, include the driver in the non-bootable build.
Change-Id: I3fd6c62ce6b69f5d1e43f4207142ceaa07b9b370
Signed-off-by: Jorge Ramirez-Ortiz <jorge.ramirez@oss.qualcomm.com>
Add the top-level `ddr_init()` function
which is the entry point for initializing the DDR
subsystem.
Also, add support for loading the DDR firmware
from FIP to the `ddrss_config` structure.
It loads the configuration from memory and triggers
the full initialization sequence.
Change-Id: I8a4ce6f09e892adc3d6fba7b701582701ff01986
Signed-off-by: Ghennadi Procopciuc <ghennadi.procopciuc@nxp.com>
Signed-off-by: Andrei Cherechesu <andrei.cherechesu@nxp.com>
Signed-off-by: Khristine Andreea Barbulescu <khristineandreea.barbulescu@nxp.com>
Add new build flags ENABLE_FEAT_CRYPTO to enable SIMD crypto extension
for hash256 in bootflow authentication process and ENABLE_FEAT_CRYPTO_SHA3
to enable SIMD crypto extension for sha384 and sha512 in bootflow authentication
process for Arm platform greater than v8.0.
Change-Id: I6e52feb318136910d34cafd89319bf94f90e16fc
Signed-off-by: Xialin Liu <xialin.liu@arm.com>
Replace assembler implementation of console_renesas_register() with
matching C implementation. Since it is now easily possible to pass
flags into console_renesas_register() and then onward to the console
initialization, adjust the signature of console_renesas_register()
and include the flags in it. Adjust both rcar_console_boot_init()
and rcar_console_runtime_init() to call console_renesas_register()
with its new combined set of parameters and drop console_set_scope()
invocation which is no longer needed, because the flags are passed
directly into console_renesas_register().
Drop console_renesas_flush() which is always a noop. Drop return
value from console_renesas_init() which is always 1.
Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org>
Change-Id: I1c7d1a81b6922138b6e2e80f2635fcc8558685c7
Add the final configuration step after PHY
training, including CSR storage, memory
initialization and DDRC adjustments.
The post training setup is now integrated into
the DDR initialization flow.
Change-Id: I457d1f58479b282607c9d42773d6f922f563b2fb
Signed-off-by: Ghennadi Procopciuc <ghennadi.procopciuc@nxp.com>
Signed-off-by: Andrei Cherechesu <andrei.cherechesu@nxp.com>
Signed-off-by: Khristine Andreea Barbulescu <khristineandreea.barbulescu@nxp.com>
Add SFCP stack from trusted-firmware-m commit 8eb72a3bc5cc. SFCP is the
Simple Firmware Communication Protocol, which is a more substantial
software stack designed to replace the existing RSE comms (and indeed
wider communication between firmware components in the system). It has
support for both polling mode and interrupt driver communication
handling, and is able to support any underlying transport (this patch
adds MHU only). It requires a static routing layout between system
components.
This patch adds the link layer (with support for the MHU transport),
top-level SFCP API implementation and the implementation of PSA
call making use of the SFCP API.
Note that encryption support is not implemented and only the stub
encryption implementation is added in this patch. This can be
implemented when TF-A needs it.
The sfcp_link_hal.c implementation is the same as that in
trusted-firmware-m, and it makes use of the MHU V2 and V3 drivers
directly. This is possible as the underlying MHU driver APIs is the same
in trusted-firmware-m and trusted-firmware-a.
Change-Id: I2318ea4bdb4e533b8a4a5000040aec0635a83857
Signed-off-by: Jackson Cooper-Driver <jackson.cooper-driver@arm.com>
Extend the logic for executing the training stage
to include 1D and 2D PHY training.
Change-Id: If3445125d868e67cfcd81eaeeb20b2283731a4ea
Signed-off-by: Ghennadi Procopciuc <ghennadi.procopciuc@nxp.com>
Signed-off-by: Andrei Cherechesu <andrei.cherechesu@nxp.com>
Signed-off-by: Khristine Andreea Barbulescu <khristineandreea.barbulescu@nxp.com>
Introduce logic to load DDR firmware configuration
data from memory into internal structures.
Introduce the components required to initialize
the DDR controller and prepare for PHY training.
It includes controller setup and the training
orchestration function.
Change-Id: Icd8649516d9bad1a6d72616a774b8b60c6bae067
Signed-off-by: Ghennadi Procopciuc <ghennadi.procopciuc@nxp.com>
Signed-off-by: Andrei Cherechesu <andrei.cherechesu@nxp.com>
Signed-off-by: Khristine Andreea Barbulescu <khristineandreea.barbulescu@nxp.com>
Rename console_rcar_ to console_renesas_ prefix for SCIF-based console
driver to make it reusable by other Renesas platforms.
Due to the above renaming, function console_renesas_register is duplicated
in both scif.h and console.h, so it should be removed from scif.h
Change-Id: I42b44d1786578f7ed8db34e7da421836ea60b5e2
Signed-off-by: Nhut Nguyen <nhut.nguyen.kc@renesas.com>