[RFC,0/7] Introduce STM32 system bus

Document STM32 System Bus. This bus is intended to control firewall
access for the peripherals connected to it.

For every peripheral, the bus checks the firewall registers to see
if the peripheral is configured as non-secure. If the peripheral
is configured as secure, the node is marked populated, so the
device won't be probed.

This is useful as a firewall configuration sanity check and avoid
platform crashes in case peripherals are incorrectly configured.

The STM32 System Bus implements the feature-domain-controller
bindings. It is used by peripherals to reference a domain
controller, in this case the firewall feature domain.
The bus uses the ID referenced by the feature-domains property to
know where to look in the firewall to get the security configuration
for the peripheral. This allows a device tree description rather
than a hardcoded peripheral table in the bus driver.

On STM32MP13/15 platforms, the firewall bus is represented by the
ETZPC node, which is responsible for the securing / MCU isolating
the capable peripherals.

STM32MP13/15 device trees are updated in this series to implement
the bus. All peripherals that are securable or MCU isolation capable
by the ETZPC are connected to the bus.

Gatien Chevallier (6):
  dt-bindings: bus: add STM32 System Bus
  dt-bindings: bus: add STM32MP15 ETZPC firewall bus bindings
  dt-bindings: bus: add STM32MP13 ETZPC firewall bus bindings
  bus: stm32_sys_bus: add support for STM32MP15 and STM32MP13 system bus
  ARM: dts: stm32: add ETZPC as a system bus for STM32MP15x boards
  ARM: dts: stm32: add ETZPC as a system bus for STM32MP13x boards

Oleksii Moisieiev (1):
  dt-bindings: Document common device controller bindings

 .../devicetree/bindings/bus/st,sys-bus.yaml   |   88 +
 .../feature-domain-controller.yaml            |   84 +
 MAINTAINERS                                   |    6 +
 arch/arm/boot/dts/stm32mp131.dtsi             |  242 +-
 arch/arm/boot/dts/stm32mp151.dtsi             | 2737 +++++++++--------
 drivers/bus/Kconfig                           |    9 +
 drivers/bus/Makefile                          |    1 +
 drivers/bus/stm32_sys_bus.c                   |  180 ++
 include/dt-bindings/bus/stm32mp13_sys_bus.h   |   60 +
 include/dt-bindings/bus/stm32mp15_sys_bus.h   |   98 +
 10 files changed, 2062 insertions(+), 1443 deletions(-)
 create mode 100644 Documentation/devicetree/bindings/bus/st,sys-bus.yaml
 create mode 100644 Documentation/devicetree/bindings/feature-controllers/feature-domain-controller.yaml
 create mode 100644 drivers/bus/stm32_sys_bus.c
 create mode 100644 include/dt-bindings/bus/stm32mp13_sys_bus.h
 create mode 100644 include/dt-bindings/bus/stm32mp15_sys_bus.h

On Wed, 21 Dec 2022 18:30:50 +0100, Gatien Chevallier wrote:
> Document STM32 System Bus. This bus is intended to control firewall
> access for the peripherals connected to it.
> 
> Signed-off-by: Loic PALLARDY <loic.pallardy@st.com>
> Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
> ---
>  .../devicetree/bindings/bus/st,sys-bus.yaml   | 88 +++++++++++++++++++
>  1 file changed, 88 insertions(+)
>  create mode 100644 Documentation/devicetree/bindings/bus/st,sys-bus.yaml
> 

My bot found errors running 'make DT_CHECKER_FLAGS=-m dt_binding_check'
on your patch (DT_CHECKER_FLAGS is new in v5.13):

yamllint warnings/errors:
./Documentation/devicetree/bindings/bus/st,sys-bus.yaml:7:8: [warning] too many spaces after colon (colons)

dtschema/dtc warnings/errors:
/builds/robherring/dt-review-ci/linux/Documentation/devicetree/bindings/bus/st,sys-bus.yaml: $id: 'http://devicetree.org/schemas/bus/stm32,sys-bus.yaml' does not match 'http://devicetree.org/schemas/.*\\.yaml#'
	from schema $id: http://devicetree.org/meta-schemas/base.yaml#
/builds/robherring/dt-review-ci/linux/Documentation/devicetree/bindings/bus/st,sys-bus.yaml: properties:#feature-domain-cells: 'minItems' is not one of ['description', 'deprecated', 'const', 'enum', 'minimum', 'maximum', 'multipleOf', 'default', '$ref', 'oneOf']
	from schema $id: http://devicetree.org/meta-schemas/core.yaml#
./Documentation/devicetree/bindings/bus/st,sys-bus.yaml: $id: relative path/filename doesn't match actual path or filename
	expected: http://devicetree.org/schemas/bus/st,sys-bus.yaml#

doc reference errors (make refcheckdocs):

See https://patchwork.ozlabs.org/project/devicetree-bindings/patch/20221221173055.11719-3-gatien.chevallier@foss.st.com

The base for the series is generally the latest rc1. A different dependency
should be noted in *this* patch.

If you already ran 'make dt_binding_check' and didn't see the above
error(s), then make sure 'yamllint' is installed and dt-schema is up to
date:

pip3 install dtschema --upgrade

Please check and re-submit after running the above command yourself. Note
that DT_SCHEMA_FILES can be set to your schema file to speed up checking
your schema. However, it must be unset to test all examples with your schema.

On 21/12/2022 18:30, Gatien Chevallier wrote:
> Document STM32 System Bus. This bus is intended to control firewall
> access for the peripherals connected to it.
> 
> Signed-off-by: Loic PALLARDY <loic.pallardy@st.com>
> Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>

Please use scripts/get_maintainers.pl to get a list of necessary people
and lists to CC.  It might happen, that command when run on an older
kernel, gives you outdated entries.  Therefore please be sure you base
your patches on recent Linux kernel.

> ---
>  .../devicetree/bindings/bus/st,sys-bus.yaml   | 88 +++++++++++++++++++
>  1 file changed, 88 insertions(+)
>  create mode 100644 Documentation/devicetree/bindings/bus/st,sys-bus.yaml
> 
> diff --git a/Documentation/devicetree/bindings/bus/st,sys-bus.yaml b/Documentation/devicetree/bindings/bus/st,sys-bus.yaml
> new file mode 100644
> index 000000000000..9c0e86612695
> --- /dev/null
> +++ b/Documentation/devicetree/bindings/bus/st,sys-bus.yaml
> @@ -0,0 +1,88 @@
> +# SPDX-License-Identifier: GPL-2.0-only OR BSD-2-Clause
> +%YAML 1.2
> +---
> +$id: http://devicetree.org/schemas/bus/stm32,sys-bus.yaml
> +$schema: http://devicetree.org/meta-schemas/core.yaml#
> +
> +title:  STM32 System Bus

Only one space.

> +
> +description: |
> +  The STM32 System Bus is an internal bus to which some internal peripherals
> +  are connected. STM32 System Bus integrates a firewall controlling access to each
> +  device. This bus prevents non-accessible devices to be probed.
> +
> +  To see which peripherals are securable, please check the SoC reference manual.
> +
> +maintainers:
> +  - Gatien Chevallier <gatien.chevallier@foss.st.com>
> +
> +allOf:
> +  - $ref: /schemas/feature-controllers/feature-domain-controller.yaml#
> +
> +properties:
> +  compatible:
> +    enum:
> +      - st,stm32mp13-sys-bus
> +      - st,stm32mp15-sys-bus
> +
> +  reg:
> +    maxItems: 1
> +
> +  "#address-cells":
> +    const: 1
> +
> +  "#size-cells":
> +    const: 1
> +
> +  '#feature-domain-cells':

Use consistent quotes, either ' or "

> +    minItems: 1

No. Cells must be const. This does not match cells at all...

> +
> +  ranges: true
> +
> +  feature-domain-controller: true
> +
> +patternProperties:
> +  "^.*@[0-9a-f]+$":
> +    description: Devices attached to system bus
> +    type: object
> +    properties:
> +      feature-domains:
> +        $ref: /schemas/feature-controllers/feature-domain-controller.yaml#/properties/feature-domains

maxItems

> +
> +required:
> +  - compatible
> +  - reg
> +  - "#address-cells"
> +  - "#size-cells"
> +  - feature-domain-controller
> +  - '#feature-domain-cells'
> +  - ranges
> +
> +additionalProperties: false
> +
> +examples:
> +  - |
> +    // In this example,
> +    // - the foo1 device refers to etzpc as his domain controller.
> +    // - same goes for foo2.
> +    // Access rights are verified before creating devices.
> +
> +    etzpc: etzpc@5c007000 {

Node names should be generic.
https://devicetree-specification.readthedocs.io/en/latest/chapter2-devicetree-basics.html#generic-names-recommendation

> +        compatible = "st,stm32mp15-sys-bus";
> +        reg = <0x5c007000 0x400>;
> +        #address-cells = <1>;
> +        #size-cells = <1>;
> +        ranges;
> +        feature-domain-controller;
> +        #feature-domain-cells = <1>;
> +
> +        foo1: foo@1000000 {

Node names should be generic.
https://devicetree-specification.readthedocs.io/en/latest/chapter2-devicetree-basics.html#generic-names-recommendation

> +          reg = <0x0 0x1000000>;

Missing compatible, missing proper device name. Don't use fake names,
but describe real case.

> +          feature-domains = <&etzpc 0>;
> +        };
> +
> +        foo2: foo@2000000 {
> +          reg = <0x0 0x2000000>;
> +          feature-domains = <&etzpc 0>;
> +        };
> +    };

Best regards,
Krzysztof

On 21/12/2022 18:30, Gatien Chevallier wrote:
> Adds the list of peripherals IDs under firewall bus on STM32MP13.
> 
> Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
> ---
>  include/dt-bindings/bus/stm32mp13_sys_bus.h | 60 +++++++++++++++++++++
>  1 file changed, 60 insertions(+)
>  create mode 100644 include/dt-bindings/bus/stm32mp13_sys_bus.h
> 
> diff --git a/include/dt-bindings/bus/stm32mp13_sys_bus.h b/include/dt-bindings/bus/stm32mp13_sys_bus.h
> new file mode 100644
> index 000000000000..1160de87bc4a
> --- /dev/null
> +++ b/include/dt-bindings/bus/stm32mp13_sys_bus.h
> @@ -0,0 +1,60 @@
> +/* SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause) */
> +/*
> + * Copyright (C) STMicroelectronics 2022 - All Rights Reserved
> + */
> +#ifndef _DT_BINDINGS_BUS_STM32MP13_SYS_BUS_H
> +#define _DT_BINDINGS_BUS_STM32MP13_SYS_BUS_H
> +
> +/* ETZPC IDs */
> +#define STM32MP1_ETZPC_VREFBUF_ID	0
> +#define STM32MP1_ETZPC_LPTIM2_ID	1
> +#define STM32MP1_ETZPC_LPTIM3_ID	2
> +#define STM32MP1_ETZPC_LTDC_ID		3
> +#define STM32MP1_ETZPC_DCMIPP_ID	4
> +#define STM32MP1_ETZPC_USBPHYCTRL_ID	5
> +#define STM32MP1_ETZPC_DDRCTRLPHY_ID	6
> +/* IDs 7-11 reserved */
> +#define STM32MP1_ETZPC_IWDG1_ID		12
> +#define STM32MP1_ETZPC_STGENC_ID	13
> +/* IDs 14-15 reserved */
> +#define STM32MP1_ETZPC_USART1_ID	16
> +#define STM32MP1_ETZPC_USART2_ID	17
> +#define STM32MP1_ETZPC_SPI4_ID		18
> +#define STM32MP1_ETZPC_SPI5_ID		19
> +#define STM32MP1_ETZPC_I2C3_ID		20
> +#define STM32MP1_ETZPC_I2C4_ID		21
> +#define STM32MP1_ETZPC_I2C5_ID		22
> +#define STM32MP1_ETZPC_TIM12_ID		23
> +#define STM32MP1_ETZPC_TIM13_ID		24
> +#define STM32MP1_ETZPC_TIM14_ID		25
> +#define STM32MP1_ETZPC_TIM15_ID		26
> +#define STM32MP1_ETZPC_TIM16_ID		27
> +#define STM32MP1_ETZPC_TIM17_ID		28
> +/* IDs 29-31 reserved */

Same comments (all of them). IDs cannot be reserved.

Best regards,
Krzysztof

On 22/12/2022 14:01, Gatien CHEVALLIER wrote:
> 

>>
>> Anyway you duplicate work here:
>> https://lore.kernel.org/all/c869d2751125181a55bc8a88c96e3a892b42f37a.1668070216.git.oleksii_moisieiev@epam.com/
>> and maybe you duplicate comments.
>>
>> I don't think there is point to review things twice, so NAK.
> This is a result of me not knowing how to handle this particular case. 
> It is a patch that I need to have in my patch set in order to pass Rob's 
> bindings check. Otherwise, feature domains bindings defined here will 
> not be known in the STM32 System Bus binding file, where they are used.
> 
> I wanted to illustrate the use of Oleksii's binding with a practical 
> use-case that we want to implement.

Mention patch dependency in the path changelog (---) and that's it. No
tests will be done. You are expected to run tests anyway on your side,
before sending.

> 
> What would be the correct way of managing this dependency?
> -Specify something like "On top of ...." in the cover letter/patch and 
> reference the other thread?
> -Use a "Depends-On" tag on the YAML binding commit?
> -Something else?

Best regards,
Krzysztof

Hello,

On 12/22/22 11:26, Krzysztof Kozlowski wrote:
> On 21/12/2022 18:30, Gatien Chevallier wrote:
>> Adds the list of peripherals IDs under firewall bus on STM32MP13.
>>
>> Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
>> ---
>>   include/dt-bindings/bus/stm32mp13_sys_bus.h | 60 +++++++++++++++++++++
>>   1 file changed, 60 insertions(+)
>>   create mode 100644 include/dt-bindings/bus/stm32mp13_sys_bus.h
>>
>> diff --git a/include/dt-bindings/bus/stm32mp13_sys_bus.h b/include/dt-bindings/bus/stm32mp13_sys_bus.h
>> new file mode 100644
>> index 000000000000..1160de87bc4a
>> --- /dev/null
>> +++ b/include/dt-bindings/bus/stm32mp13_sys_bus.h
>> @@ -0,0 +1,60 @@
>> +/* SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause) */
>> +/*
>> + * Copyright (C) STMicroelectronics 2022 - All Rights Reserved
>> + */
>> +#ifndef _DT_BINDINGS_BUS_STM32MP13_SYS_BUS_H
>> +#define _DT_BINDINGS_BUS_STM32MP13_SYS_BUS_H
>> +
>> +/* ETZPC IDs */
>> +#define STM32MP1_ETZPC_VREFBUF_ID	0
>> +#define STM32MP1_ETZPC_LPTIM2_ID	1
>> +#define STM32MP1_ETZPC_LPTIM3_ID	2
>> +#define STM32MP1_ETZPC_LTDC_ID		3
>> +#define STM32MP1_ETZPC_DCMIPP_ID	4
>> +#define STM32MP1_ETZPC_USBPHYCTRL_ID	5
>> +#define STM32MP1_ETZPC_DDRCTRLPHY_ID	6
>> +/* IDs 7-11 reserved */
>> +#define STM32MP1_ETZPC_IWDG1_ID		12
>> +#define STM32MP1_ETZPC_STGENC_ID	13
>> +/* IDs 14-15 reserved */
>> +#define STM32MP1_ETZPC_USART1_ID	16
>> +#define STM32MP1_ETZPC_USART2_ID	17
>> +#define STM32MP1_ETZPC_SPI4_ID		18
>> +#define STM32MP1_ETZPC_SPI5_ID		19
>> +#define STM32MP1_ETZPC_I2C3_ID		20
>> +#define STM32MP1_ETZPC_I2C4_ID		21
>> +#define STM32MP1_ETZPC_I2C5_ID		22
>> +#define STM32MP1_ETZPC_TIM12_ID		23
>> +#define STM32MP1_ETZPC_TIM13_ID		24
>> +#define STM32MP1_ETZPC_TIM14_ID		25
>> +#define STM32MP1_ETZPC_TIM15_ID		26
>> +#define STM32MP1_ETZPC_TIM16_ID		27
>> +#define STM32MP1_ETZPC_TIM17_ID		28
>> +/* IDs 29-31 reserved */
> 
> Same comments (all of them). IDs cannot be reserved.

My response on patch [RFC PATCH 4/7] applies to this as well

> 
> Best regards,
> Krzysztof
> 

Best regards,
Gatien

Hello,


On 12/22/22 11:30, Krzysztof Kozlowski wrote:
> On 21/12/2022 18:30, Gatien Chevallier wrote:
>> The STM32 System Bus is an internal bus on which devices are connected.
>> ETZPC is a peripheral overseeing the firewall bus that configures
>> and control access to the peripherals connected on it.
>>
>> For more information on which peripheral is securable, please read
>> the STM32MP15 reference manual.
>>
>> Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
>> ---
>>   arch/arm/boot/dts/stm32mp151.dtsi | 2737 +++++++++++++++--------------
>>   1 file changed, 1406 insertions(+), 1331 deletions(-)
>>   
>> -		lptimer1: timer@40009000 {
>> +		etzpc: etzpc@5c007000 {
> 
> Node names should be generic.
> https://devicetree-specification.readthedocs.io/en/latest/chapter2-devicetree-basics.html#generic-names-recommendation

Will change to etzpc: bus@5c007000 in V3

> 
>> +			compatible = "st,stm32mp15-sys-bus";
>> +			reg = <0x5c007000 0x400>;
>>   			#address-cells = <1>;
>> -			#size-cells = <0>;
>> -			compatible = "st,stm32-lptimer";
>> -			reg = <0x40009000 0x400>;
>> -			interrupts-extended = <&exti 47 IRQ_TYPE_LEVEL_HIGH>;
>> -			clocks = <&rcc LPTIM1_K>;
>> -			clock-names = "mux";
>> -			wakeup-source;
>> -			status = "disabled";
> 
> Why entire bus is disabled? What resources do you miss?

Here, I did not want to modify the status of the nodes in the device 
tree. Nodes that are default enabled in the SoC device tree stay enabled 
and vice-versa. IMO think this patch should not include these kind of 
changes in its scope. I describe the bus and the peripherals connected 
to it, nothing more :)

> 
>> +			#size-cells = <1>;
>> +			feature-domain-controller;
>> +			#feature-domain-cells = <2>;
>> +			ranges;
>>   
> Best regards,
> Krzysztof
> 

Best regards,
Gatien