fix(ras): restrict RAS support for NS world

Current RAS framework in TF-A only supports handling errors originating
from NS world but the HANDLE_EA_EL3_FIRST flag configures it for all
lower Els. To

fix(ras): restrict RAS support for NS world

Current RAS framework in TF-A only supports handling errors originating
from NS world but the HANDLE_EA_EL3_FIRST flag configures it for all
lower Els. To make the current design of RAS explicit, rename this macro
to HANDLE_EA_EL3_FIRST_NS and set EA bit in scr_el3 only when
switching to NS world.

Note: I am unaware of any platform which traps errors originating in
Secure world to EL3, if there is any such platform then it need to
be explicitly implemented in TF-A

Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: If58eb201d8fa792c16325c85c26056e9b409b750

show more ...

Merge "fix(build): fix arch32 build issue for clang" into integration

Merge changes from topic "db/deps" into integration

* changes:
feat(compiler-rt): update compiler-rt source files
fix(deps): add missing aeabi_memcpy.S
feat(zlib): update zlib source files
d

Merge changes from topic "db/deps" into integration

* changes:
feat(compiler-rt): update compiler-rt source files
fix(deps): add missing aeabi_memcpy.S
feat(zlib): update zlib source files
docs(changelog): add zlib and compiler-rt scope
feat(libfdt): upgrade libfdt source files
docs(prerequisites): upgrade to Mbed TLS 2.28.1

show more ...

fix(build): fix arch32 build issue for clang

Fixed the qemu 32 bit clang build fail caused because of
no march32 directives in TF_CFLAGS_aarch32 variable

march32_directive is initialized later in M

fix(build): fix arch32 build issue for clang

Fixed the qemu 32 bit clang build fail caused because of
no march32 directives in TF_CFLAGS_aarch32 variable

march32_directive is initialized later in Makefile and since clang build
uses Immediate set instead of Lazy set , TF_CFLAGS_aarch32 doesn't
have mcpu variable.

Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I09094a0912ee2d9d0e11f65135a352de8a135936

show more ...

feat(zlib): update zlib source files

Upgrade the zlib source files to the ones present in the version 1.2.13
of zlib [1]. Since 1.2.11 the use of Arm crc32 instructions has been
introduced so update

feat(zlib): update zlib source files

Upgrade the zlib source files to the ones present in the version 1.2.13
of zlib [1]. Since 1.2.11 the use of Arm crc32 instructions has been
introduced so update the files to make use of this.

[1] https://github.com/madler/zlib/tree/v1.2.13

Change-Id: Ideef78c56f05ae7daec390d00dcaa8f66b18729e
Signed-off-by: Daniel Boulby <daniel.boulby@arm.com>

show more ...

Merge "fix(rme): relax RME compiler requirements" into integration

fix(rme): relax RME compiler requirements

Currently building TF-A for the FVP with RME enabled requires a
toolchain that understands the -march=armv8.6-a command line option,
even though we actually

fix(rme): relax RME compiler requirements

Currently building TF-A for the FVP with RME enabled requires a
toolchain that understands the -march=armv8.6-a command line option,
even though we actually don't need any ARMv8.6 features from the
compiler.

Relax the requirement to use ARMv8.5, since this is what's the GCC
shipped with Ubuntu 20.04 understands. This is in line what the current
RMM implementation uses as well.

Change-Id: I3806dcff90319a87f003fe2c86b7cdcdebd625e4
Signed-off-by: Andre Przywara <andre.przywara@arm.com>

show more ...

Merge changes from topic "mb/drtm-preparatory-patches" into integration

* changes:
docs(drtm): steps to run DRTM implementation
docs(drtm): add platform APIs for DRTM
feat(drtm): flush dcache

Merge changes from topic "mb/drtm-preparatory-patches" into integration

* changes:
docs(drtm): steps to run DRTM implementation
docs(drtm): add platform APIs for DRTM
feat(drtm): flush dcache before DLME launch
feat(drtm): invalidate icache before DLME launch
feat(drtm): ensure that passed region lies within Non-Secure region of DRAM
feat(fvp): add plat API to validate that passed region is non-secure
feat(drtm): ensure that no SDEI event registered during dynamic launch
feat(drtm): prepare EL state during dynamic launch
feat(drtm): prepare DLME data for DLME launch
feat(drtm): take DRTM components measurements before DLME launch
feat(drtm): add a few DRTM DMA protection APIs
feat(drtm): add remediation driver support in DRTM
feat(fvp): add plat API to set and get the DRTM error
feat(drtm): add Event Log driver support for DRTM
feat(drtm): check drtm arguments during dynamic launch
feat(drtm): introduce drtm dynamic launch function
refactor(measured-boot): split out a few Event Log driver functions
feat(drtm): retrieve DRTM features
feat(drtm): add platform functions for DRTM
feat(sdei): add a function to return total number of events registered
feat(drtm): add PCR entries for DRTM
feat(drtm): update drtm setup function
refactor(crypto): change CRYPTO_SUPPORT flag to numeric
feat(mbedtls): update mbedTLS driver for DRTM support
feat(fvp): add crypto support in BL31
feat(crypto): update crypto module for DRTM support
build(changelog): add new scope for mbedTLS and Crypto module
feat(drtm): add standard DRTM service
build(changelog): add new scope for DRTM service
feat(fvp): increase MAX_XLAT_TABLES entries for DRTM support
feat(fvp): increase BL31's stack size for DRTM support
feat(fvp): add platform hooks for DRTM DMA protection

show more ...

Merge "build: forbid `ENABLE_RME=1` when `SEPARATE_CODE_AND_RODATA=0`" into integration

refactor(crypto): change CRYPTO_SUPPORT flag to numeric

Updated CRYPTO_SUPPORT flag to numeric to provide below
supports -
1. CRYPTO_SUPPORT = 1 -> Authentication verification only
2. CRYPTO_SUPPORT

refactor(crypto): change CRYPTO_SUPPORT flag to numeric

Updated CRYPTO_SUPPORT flag to numeric to provide below
supports -
1. CRYPTO_SUPPORT = 1 -> Authentication verification only
2. CRYPTO_SUPPORT = 2 -> Hash calculation only
3. CRYPTO_SUPPORT = 3 -> Authentication verification and
hash calculation

Change-Id: Ib34f31457a6c87d2356d736ad2d048dc787da56f
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

feat(crypto): update crypto module for DRTM support

Updated crypto module to include crypto calls necessary for a
DRTM supported build.

Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com>
Ch

feat(crypto): update crypto module for DRTM support

Updated crypto module to include crypto calls necessary for a
DRTM supported build.

Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com>
Change-Id: I4f945997824393f46864b7fb7fd380308a025452

show more ...

build: forbid `ENABLE_RME=1` when `SEPARATE_CODE_AND_RODATA=0`

This change mitigates against read-only data being used for malicious
execution on platforms utilizing the RME/CCA.

Change-Id: I006853

build: forbid `ENABLE_RME=1` when `SEPARATE_CODE_AND_RODATA=0`

This change mitigates against read-only data being used for malicious
execution on platforms utilizing the RME/CCA.

Change-Id: I0068535aeaa5d2515c7c54ee0dc19200c7a86ba5
Signed-off-by: Chris Kay <chris.kay@arm.com>

show more ...

Merge "fix(ras): trap "RAS error record" accesses only for NS" into integration

fix(ras): trap "RAS error record" accesses only for NS

RAS_TRAP_LOWER_EL_ERR_ACCESS was used to prevent access to RAS error
record registers (RAS ERR* & RAS ERX*) from lower EL's in any security
sta

fix(ras): trap "RAS error record" accesses only for NS

RAS_TRAP_LOWER_EL_ERR_ACCESS was used to prevent access to RAS error
record registers (RAS ERR* & RAS ERX*) from lower EL's in any security
state. To give more fine grain control per world basis re-purpose this
macro to RAS_TRAP_NS_ERR_REC_ACCESS, which will enable the trap only
if Error record registers are accessed from NS.
This will also help in future scenarios when RAS handling(in Firmware
first handling paradigm)can be offloaded to a secure partition.

This is first patch in series to refactor RAS framework in TF-A.

Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ifa7f60bc8c82c9960adf029001bc36c443016d5d

show more ...

Merge "feat(rng-trap): add EL3 support for FEAT_RNG_TRAP" into integration

feat(rng-trap): add EL3 support for FEAT_RNG_TRAP

FEAT_RNG_TRAP introduces support for EL3 trapping of reads of the
RNDR and RNDRRS registers, which is enabled by setting the
SCR_EL3.TRNDR bit. This

feat(rng-trap): add EL3 support for FEAT_RNG_TRAP

FEAT_RNG_TRAP introduces support for EL3 trapping of reads of the
RNDR and RNDRRS registers, which is enabled by setting the
SCR_EL3.TRNDR bit. This patch adds a new build flag
ENABLE_FEAT_RNG_TRAP that enables the feature.
This feature is supported only in AArch64 state from Armv8.5 onwards.

Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
Change-Id: Ia9f17aef3444d3822bf03809036a1f668c9f2d89

show more ...

Merge "fix(build): disable default PIE when linking" into integration

Merge "feat(bl): add interface to query TF-A semantic ver" into integration

fix(build): disable default PIE when linking

Commit f7ec31db2d ("Disable PIE compilation option") allowed building a
non-relocatable firmware with a default-PIE toolchain by disabling PIE
at compila

fix(build): disable default PIE when linking

Commit f7ec31db2d ("Disable PIE compilation option") allowed building a
non-relocatable firmware with a default-PIE toolchain by disabling PIE
at compilation time. This prevents the compiler from generating
relocations against a GOT.

However, when a default-PIE GCC is used as the linker, the final binary
will still be a PIE, containing an (unused) GOT and dynamic symbol
table. These structures do not affect execution, but they waste space in
the firmware binary. Disable PIE at link time to recover this space.

Change-Id: I2be7ac9c1a957f6db8d75efe6e601e9a5760a925
Signed-off-by: Samuel Holland <samuel@sholland.org>

show more ...

Merge "feat(sve): support full SVE vector length" into integration

feat(bl): add interface to query TF-A semantic ver

Adding interface for stand-alone semantic version of TF-A
for exporting to RSS attestation, and potentially other areas
as well.

Signed-off-by: La

feat(bl): add interface to query TF-A semantic ver

Adding interface for stand-alone semantic version of TF-A
for exporting to RSS attestation, and potentially other areas
as well.

Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: Ib4a2c47aa1e42a3b850185e674c90708a05cda53

show more ...

feat(sve): support full SVE vector length

Currently the SVE code hard codes a maximum vector length of 512 bits
when configuring SVE rather than the architecture supported maximum.
While this is fin

feat(sve): support full SVE vector length

Currently the SVE code hard codes a maximum vector length of 512 bits
when configuring SVE rather than the architecture supported maximum.
While this is fine for current physical implementations the architecture
allows for vector lengths up to 2048 bits and emulated implementations
generally allow any length up to this maximum.

Since there may be system specific reasons to limit the maximum vector
length make the limit configurable, defaulting to the architecture
maximum. The default should be suitable for most implementations since
the hardware will limit the actual vector length selected to what is
physically supported in the system.

Signed-off-by: Mark Brown <broonie@kernel.org>
Change-Id: I22c32c98a81c0cf9562411189d8a610a5b61ca12

show more ...

Merge changes from topic "jc/detect_feat" into integration

* changes:
feat(trbe): add trbe under feature detection mechanism
feat(brbe): add brbe under feature detection mechanism

feat(trbe): add trbe under feature detection mechanism

This change adds "FEAT_TRBE" to be part of feature detection mechanism.

Previously feature enablement flags were of boolean type, containing
e

feat(trbe): add trbe under feature detection mechanism

This change adds "FEAT_TRBE" to be part of feature detection mechanism.

Previously feature enablement flags were of boolean type, containing
either 0 or 1. With the introduction of feature detection procedure
we now support three states for feature enablement build flags(0 to 2).

Accordingly, "ENABLE_TRBE_FOR_NS" flag is now modified from boolean
to numeric type to align with the feature detection.

Change-Id: I53d3bc8dc2f6eac63feef22dfd627f3a48480afc
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>

show more ...

feat(brbe): add brbe under feature detection mechanism

This change adds "FEAT_BRBE" to be part of feature detection mechanism.

Previously feature enablement flags were of boolean type, possessing
e

feat(brbe): add brbe under feature detection mechanism

This change adds "FEAT_BRBE" to be part of feature detection mechanism.

Previously feature enablement flags were of boolean type, possessing
either 0 or 1. With the introduction of feature detection procedure
we now support three states for feature enablement build flags(0 to 2).

Accordingly, "ENABLE_BRBE_FOR_NS" flag is now modified from boolean
to numeric type to align with the feature detection.

Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
Change-Id: I1eb52863b4afb10b808e2f0b6584a8a210d0f38c

show more ...