(STM32) ETZPC firewall controller updates #7066
Open
Commits on Oct 21, 2024
-
dts: stm32: default disable DMA at SoC level for stm32mp15 platforms
DMA node in stm32mp15* SoC DTSI files shouldn't be enabled by default, we don't even have a driver to handle it. Therefore default disable it. Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
-
dts: stm32: disable ADC2 on stm32mp135f-dk
Remove ADC2 configuration in stm32mp135-dk.dts since OP-TEE does not use the device. Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
-
dts: stm32: disable VREFBUF on stm32mp15-dkx platforms
VREFBUF is currently not used on stm32mp15-dkx platforms, so disable it. Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
-
dts: stm32: use st,stm32mp15-i2c-non-secure compatible for the I2C4
Use st,stm32mp15-i2c-non-secure compatible for the I2C4 as it is currently non-secure on stm32mp15 dkx and evx platforms. Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
-
dt-bindings: add platform specific ETZPC bindings
Define ETZPC bindings for STM32MP15 and STM32MP13 and add these header files into the stm32mp_dt_bindings helper. While there, also update some includes to fix the path errors. Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
-
dts: stm32: add the ETZPC configuration table for stm32mp1x boards
Add the tables defining the ETZPC firewall controller configuration that will be set at boot time on stm32mp1x boards. Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com> Acked-by: Johann Neuhauser <jneuhauser@dh-electronics.com>
-
dts: stm32: define ETZPC as an access controller for stm32mp15 platforms
ETZPC is a firewall controller. Add the access-controllers property to all ETZPC sub-nodes on stm32mp15x platforms. Also add the "simple-bus" compatible for backward compatibility and "#access-controllers-cells" to the ETZPC node. Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
-
dts: stm32: define ETZPC as an access controller for stm32mp13 platforms
ETZPC is a firewall controller. Add the access-controllers property to all ETZPC sub-nodes on stm32mp13 platforms. Also add the "simple-bus" compatible for backward compatibility and "#access-controllers-cells" to the ETZPC node. Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
-
plat-stm32mp1: default enable CFG_DRIVERS_FIREWALL
Default enable the CFG_DRIVERS_FIREWALL switch that is used to enable the support of the firewall framework. On this platform, only the ETZPC is a firewall controller for now. Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
-
drivers: stm32_etzpc: update driver to set ETZPC configuration from DT
Remove old implementation where the ETZPC configuration was a hard coded table in the shared resources file and use the device tree to get it. Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
-
drivers: stm32_etzpc: move the stm32_etzpc driver to the firewall folder
The ETZPC is a firewall controller. Therefore, move the stm32_etzpc driver to the firewall folder. Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
-
plat-stm32mp1: add CFG_STM32_ALLOW_UNSAFE_PROBE to probe unsafe perip…
…herals Add CFG_STM32_ALLOW_UNSAFE_PROBE that allows to unsafely probe peripherals. This means that the firewall configuration will not be checked before probing a peripheral. Default enable this switch for DH platforms that use non-securable peripherals in OP-TEE. Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
-
drivers: stm32_etzpc: new driver to use firewall API
Implement stm32_etzpc.c driver in the firewall driver directory. Use the new firewall API to populate the firewall bus and register the ETZPC as a firewall provider. Implement a driver specific firewall bus probe that will only probe secure peripherals and implement firewall exceptions for which no firewall operations will be done when CFG_INSECURE is set. This allows, for example, to share a console with the non-secure world for development purposes. The ETZPC driver register the following ops: -set_conf -acquire_access -acquire_memory_access Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
-
drivers: stm32_rng: embed ETZPC functions when CFG_STM32_ETZPC is set
On platforms when CFG_STM32_ETZPC is disabled, ETZPC cannot be interrogated to get decprot attributes. Therefore do not embed ETZPC related code. While there, revert commit 326382a ("drivers: stm32_rng: MP15 RNG is non-secure when PRNG is enable") and prefer to use ETZPC API. Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com> Fixes: d773ec0 ("drivers: stm32_rng: update clock and power management") Reviewed-by: Etienne Carriere <etienne.carriere@foss.st.com>
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.