core: stm32_gpio: register firewall controllers for GPIO access rights #7102
Commits on Nov 12, 2024
-
dt-bindings: gpio: stm32mp: flags for non-secure GPIOs
Define STM32 GPIO DT bindings bit flags for GPIOs that are to be used in non-secure state. Signed-off-by: Etienne Carriere <[email protected]>
-
dt-bindings: pinctrl: stm32mp: flags for non-secure pins
Define stm32 pinctrl DT bindings bit flags for pins that are expected to be used in non-secure state. Signed-off-by: Etienne Carriere <[email protected]>
-
dts: stm32: define SoC GPIO banks that are firewall controllers
Add property #access-controller-cells to GPIO banks that register to the firewall framework. Signed-off-by: Etienne Carriere <[email protected]>
-
dts: stm32: most stm32mp15 UARTs pinctrl are non-secure
On STM32MP15 based devices, UART2/3/4/5/6/7/8 cannot be secured. Explicitly state that in the pinctrl nodes. This change ease the use of a non-secure UART for OP-TEE output console on STM32MP15 based boards. Signed-off-by: Etienne Carriere <[email protected]>
-
dts: stm32: refine STM32MP15 secure/non-secure I2C4 pinctrl states
Explicitly state that legacy pinctrl phandles i2c4_pins_a and i2c4_sleep_pins_a refer to non-secure I2C4 pin muxing on STM32MP15 based platforms. Define secure I2C4 bus pinctrl states for boards that use the I2C4 bus in secure state on STM32MP15 SoCs. Signed-off-by: Etienne Carriere <[email protected]>
-
dts: stm32: refine STM32MP13 secure/non-secure USART4 pinctrl states
Explicitly state that legacy pinctrl phandles usart4_pins_a refer to non-secure USART4 pin muxing, used in STM32MP13 based boards for OP-TEE console using a non-secure UART bus. Define secure USART4 bus pinctrl states for board that needs to use the USART4 bus in secure state. Signed-off-by: Etienne Carriere <[email protected]>
-
dts: stm32: refine STM32MP25 secure/non-secure USART2 pinctrl states
Explicitly state that legacy pinctrl phandles usart2_pins_a refer to non-secure USART2 pin muxing, used in STM32MP23 and STM32MP25 based boards for OP-TEE console using a non-secure UART bus. Define secure USART2 bus pinctrl states for board that needs to use the USART2 bus in secure state. Signed-off-by: Etienne Carriere <[email protected]>
-
drivers: stm32_gpio: check GPIO is not already consumed
Check that a GPIO requested by a consumer is not already consumed by another device. Signed-off-by: Etienne Carriere <[email protected]>
-
drivers: stm32_gpio: factorize apply_rif_config()
Change apply_rif_config() to be able to call it for a subset of pins in a GPIO bank. Signed-off-by: Etienne Carriere <[email protected]>
-
drivers: stm32_gpio: register to firewall framework
Register secure aware STM32 GPIO banks to the firewall framework to allow GPIO and pinctrl consumer devices to load alternate configurations for pins. Signed-off-by: Etienne Carriere <[email protected]>
-
drivers: stm32_gpio: check secure state of consumed GPIOs
STM32 GPIO driver verifies that any GPIO consumed by OP-TEE can be accessed and has the expected secure hardening configuration. If a driver attempts to consume a GPIO that cannot be accessed by OP-TEE, core panics. Use newly added GPIO_STM32_NSEC bindings macro in STM32 GPIO driver DT bindings header file as hint on whether GPIO is expected secure or shared with non-secure world. When a GPIO is used with an inappropriate configuration state, STM32 GPIO driver panics or prints an info level message, depending on CFG_INSECURE. Signed-off-by: Etienne Carriere <[email protected]>
-
drivers: stm32_gpio: check secure state of pinctrl states
STM32 GPIO driver verifies that any pinctrl consumed by OP-TEE can be accessed and has the expected secure hardening configuration. If a driver attempts to consume a pinctrl with pins that cannot be accessed by OP-TEE, core panics. Non-secure pins must have the STM32_PIN_NSEC bit set in the pin handler argument unless what the pin is expected to be secure. The driver returns an error when the expected secure state of a pin does not match its effective secure state, unless CFG_INSECURE is enabled in which case the driver only prints an info level trace message. Signed-off-by: Etienne Carriere <[email protected]>
-
plat-stm32mp1: shared_resource: do not manage pins secure state
Remove management of GPIO and pinctrl secure state since this is now handled from STM32 ETZPC driver based through the firewall framework. Signed-off-by: Etienne Carriere <[email protected]>
-
drivers: stm32_i2c: remove use of stm32_pinctrl_set_secure_cfg()
Remove use of stm32_pinctrl_set_secure_cfg() to set the secure state of the pins of a pinctrl state since this is now handled from STM32 ETZPC driver based on the firewall framework. Signed-off-by: Etienne Carriere <[email protected]>
-
drivers: stm32_uart: remove use of stm32_pinctrl_set_secure_cfg()
Remove use of stm32_pinctrl_set_secure_cfg() to set the secure state of the pins of a pinctrl state since this is now handled from STM32 ETZPC driver based on the firewall framework. Signed-off-by: Etienne Carriere <[email protected]>
-
drivers: stm32_uart: remove use of shared_resource for pincltr
Remove use of shared_resources platform driver to manage the secure state of the pins of a pinctrl state since this is now managed using the firewall framework. Signed-off-by: Etienne Carriere <[email protected]>
-
plat-stm32mp1: stm32mp1_stpmic: remove use of shared_resource for pin…
…ctrl Remove use of shared_resources platform driver in STM32MP15 PMIC driver to manage the secure state of the pins of a pinctrl state since this is now managed using the firewall framework. Signed-off-by: Etienne Carriere <[email protected]>
-
drivers: stm32_gpio: remove gpio/pinctrl API function to set secure s…
…tate Remove stm32_gpio_set_secure_cfg() and stm32_pinctrl_set_secure_cfg() functions that are no more used since the GPIO and pins secure state is defined by the st,protreg registers already handled from get_pinctrl_from_fdt() and stm32_gpio_get_dt() callback functions. Signed-off-by: Etienne Carriere <[email protected]>
-
plat-stm32mp1: shared_resources: remove pin/GPIO secure state management
Remove the pin and GPIO secure state management from shared_resources platform driver since this is now managed using the firewall framework. Signed-off-by: Etienne Carriere <[email protected]>
-
[review] dt-bindings: gpio: stm32mp: flags for non-secure GPIOs
Make GPIO_STM32_NSEC consistent regarding TZPROT() definition. Signed-off-by: Etienne Carriere <[email protected]>
-
[review] dts: stm32: refine STM32MP13 secure/non-secure USART4 pinctr…
…l states USART4 cannot be secure on STM32MP13 devices hence remove USART4 secure pinctrl state. Signed-off-by: Etienne Carriere <[email protected]>
-
[review] drivers: stm32_gpio: register to firewall framework
s/#ifdef/#if defined()/ Signed-off-by: Etienne Carriere <[email protected]>
-
[review] drivers: stm32_gpio: check secure state of consumed GPIOs
s/#ifdef/#if defined()/ Signed-off-by: Etienne Carriere <[email protected]>
-
[review] drivers: stm32_gpio: check secure state of pinctrl states
Check each pins can be accessed when applying a pinctrl state. Return TEE_ERROR_SECURITY instead of TEE_ERROR_GENERIC when failing to apply a pinctrl state due to the pin configuration access rights. Signed-off-by: Etienne Carriere <[email protected]>
-
[review] drivers: stm32_gpio: factorize apply_rif_config()
Assert there is a GPIO configuration for the GPIOs for which apply_rif_config() is called. Signed-off-by: Etienne Carriere <[email protected]>
