Merge "Enable -Wshadow always" into integration

Merge "Remove unnecessary warning options" into integration

Merge "Refactor the warning flags" into integration

Enable Link Time Optimization in GCC

This patch enables LTO for TF-A when compiled with GCC.
LTO is disabled by default and is enabled by
ENABLE_LTO=1 build option.

LTO is enabled only for aarch64

Enable Link Time Optimization in GCC

This patch enables LTO for TF-A when compiled with GCC.
LTO is disabled by default and is enabled by
ENABLE_LTO=1 build option.

LTO is enabled only for aarch64 as there seem to be
a bug in the aarch32 compiler when LTO is enabled.

The changes in the makefiles include:
- Adding -flto and associated flags to enable LTO.
- Using gcc as a wrapper at link time instead of ld.
This is recommended when using LTO as gcc internally
takes care of invoking the necessary plugins for LTO.
- Adding switches to pass options to ld.
- Adding a flag to disable fix for erratum cortex-a53-843419
unless explicitly enabled. This is needed because GCC
seem to automatically add the erratum fix when used
as a wrapper for LD.

Additionally, this patch updates the TF-A user guide with
the new build option.

Signed-off-by: zelalem-aweke <zelalem.aweke@arm.com>
Change-Id: I1188c11974da98434b7dc9344e058cd1eacf5468

show more ...

Add memory_map tools as a target for Make

Create a new "memmap" target for the Makefile, which prints a
representation of the memory map for the build. The information are
extracted from the .map fi

Add memory_map tools as a target for Make

Create a new "memmap" target for the Makefile, which prints a
representation of the memory map for the build. The information are
extracted from the .map files by the "print_memory_map.py" tools.

Change-Id: Id5ebc7ce8a3a571c7ac4848be14657cf2fd711f4
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>

show more ...

Enable -Wlogical-op always

-Wlogical-op prevents common errors with using numerical constants where
a boolean one is expected as well as when the operands of a logical
operator are the same. While t

Enable -Wlogical-op always

-Wlogical-op prevents common errors with using numerical constants where
a boolean one is expected as well as when the operands of a logical
operator are the same. While these are perfectly valid behavior, they
can be a sign that something is slightly off.

This patch adds this warning to gcc and it's closest equivalent to
clang, while also fixing any warnings that enabling them causes.

Change-Id: Iabadfc1e6ee0c44eef6685a23b0aed8abef8ce89
Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>

show more ...

Enable -Wshadow always

Variable shadowing is, according to the C standard, permitted and valid
behaviour. However, allowing a local variable to take the same name as a
global one can cause confusion

Enable -Wshadow always

Variable shadowing is, according to the C standard, permitted and valid
behaviour. However, allowing a local variable to take the same name as a
global one can cause confusion and can make refactoring and bug hunting
more difficult.

This patch moves -Wshadow from WARNING2 into the general warning group
so it is always used. It also fixes all warnings that this introduces
by simply renaming the local variable to a new name

Change-Id: I6b71bdce6580c6e58b5e0b41e4704ab0aa38576e
Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>

show more ...

Remove unnecessary warning options

Both -Wmissing-field-initializers and -Wsign-compare are both covered by
-Wextra which is enabled at W=1 anyway. Therefore, the explicit options
are not required.

Remove unnecessary warning options

Both -Wmissing-field-initializers and -Wsign-compare are both covered by
-Wextra which is enabled at W=1 anyway. Therefore, the explicit options
are not required.

Change-Id: I2e7d95b5fc14af7c70895859a7ebbeac5bc0d2a4
Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>

show more ...

Refactor the warning flags

This patch keeps the same warnings, and simply reorders them to keep all
the warning options together in one place.

Change-Id: Ibb655dcabc84f3af01a0d7f71f5af7e0479c2521
S

Refactor the warning flags

This patch keeps the same warnings, and simply reorders them to keep all
the warning options together in one place.

Change-Id: Ibb655dcabc84f3af01a0d7f71f5af7e0479c2521
Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>

show more ...

Merge "Update TF-A version to 2.2" into integration

Update TF-A version to 2.2

Signed-off-by: Deepika Bhavnani <deepika.bhavnani@arm.com>
Change-Id: Ia03701e2e37e3a00a501b144960a4a65aedbfde9

Merge "Fix the CAS spinlock implementation" into integration

Fix the CAS spinlock implementation

Make the spinlock implementation use ARMv8.1-LSE CAS instruction based
on a platform build option. The CAS-based implementation used to be
unconditionally selecte

Fix the CAS spinlock implementation

Make the spinlock implementation use ARMv8.1-LSE CAS instruction based
on a platform build option. The CAS-based implementation used to be
unconditionally selected for all ARM8.1+ platforms.

The previous CAS spinlock implementation had a bug wherein the spin_unlock()
implementation had an `sev` after `stlr` which is not sufficient. A dsb is
needed to ensure that the stlr completes prior to the sev. Having a dsb is
heavyweight and a better solution would be to use load exclusive semantics
to monitor the lock and wake up from wfe when a store happens to the lock.
The patch implements the same.

Change-Id: I5283ce4a889376e4cc01d1b9d09afa8229a2e522
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>

show more ...

Merge changes from topic "jc/rsa-pkcs" into integration

* changes:
Remove RSA PKCS#1 v1.5 support from cert_tool
Add documentation for new KEY_SIZE option
Add cert_create tool support for RSA

Merge changes from topic "jc/rsa-pkcs" into integration

* changes:
Remove RSA PKCS#1 v1.5 support from cert_tool
Add documentation for new KEY_SIZE option
Add cert_create tool support for RSA key sizes
Support larger RSA key sizes when using MBEDTLS

show more ...

Merge "Invalidate dcache build option for bl2 entry at EL3" into integration

Support larger RSA key sizes when using MBEDTLS

Previously, TF-A could not support large RSA key sizes as the
configuration options passed to MBEDTLS prevented storing and performing
calculations wi

Support larger RSA key sizes when using MBEDTLS

Previously, TF-A could not support large RSA key sizes as the
configuration options passed to MBEDTLS prevented storing and performing
calculations with the larger, higher-precision numbers required. With
these changes to the arguments passed to MBEDTLS, TF-A now supports
using 3072 (3K) and 4096 (4K) keys in certificates.

Change-Id: Ib73a6773145d2faa25c28d04f9a42e86f2fd555f
Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>

show more ...

Invalidate dcache build option for bl2 entry at EL3

Some of the platform (ie. Agilex) make use of CCU IPs which will only be
initialized during bl2_el3_early_platform_setup. Any operation to the
cac

Invalidate dcache build option for bl2 entry at EL3

Some of the platform (ie. Agilex) make use of CCU IPs which will only be
initialized during bl2_el3_early_platform_setup. Any operation to the
cache beforehand will crash the platform. Hence, this will provide an
option to skip the data cache invalidation upon bl2 entry at EL3

Signed-off-by: Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Change-Id: I2c924ed0589a72d0034714c31be8fe57237d1f06

show more ...

Merge changes from topic "jc/mte_enable" into integration

* changes:
Add documentation for CTX_INCLUDE_MTE_REGS
Enable MTE support in both secure and non-secure worlds

Merge "Add UBSAN support and handlers" into integration

Add UBSAN support and handlers

This patch adds support for the Undefined Behaviour sanitizer. There are
two types of support offered - minimalistic trapping support which
essentially immediately cra

Add UBSAN support and handlers

This patch adds support for the Undefined Behaviour sanitizer. There are
two types of support offered - minimalistic trapping support which
essentially immediately crashes on undefined behaviour and full support
with full debug messages.

The full support relies on ubsan.c which has been adapted from code used
by OPTEE.

Change-Id: I417c810f4fc43dcb56db6a6a555bfd0b38440727
Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>

show more ...

Enable MTE support in both secure and non-secure worlds

This patch adds support for the new Memory Tagging Extension arriving in
ARMv8.5. MTE support is now enabled by default on systems that suppor

Enable MTE support in both secure and non-secure worlds

This patch adds support for the new Memory Tagging Extension arriving in
ARMv8.5. MTE support is now enabled by default on systems that support
at EL0. To enable it at ELx for both the non-secure and the secure
world, the compiler flag CTX_INCLUDE_MTE_REGS includes register saving
and restoring when necessary in order to prevent register leakage
between the worlds.

Change-Id: I2d4ea993d6b11654ea0d4757d00ca20d23acf36c
Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>

show more ...

Merge "Switch AARCH32/AARCH64 to __aarch64__" into integration

Merge "Replace __ASSEMBLY__ with compiler-builtin __ASSEMBLER__" into integration

Switch AARCH32/AARCH64 to __aarch64__

NOTE: AARCH32/AARCH64 macros are now deprecated in favor of __aarch64__.

All common C compilers pre-define the same macros to signal which
architecture the cod

Switch AARCH32/AARCH64 to __aarch64__

NOTE: AARCH32/AARCH64 macros are now deprecated in favor of __aarch64__.

All common C compilers pre-define the same macros to signal which
architecture the code is being compiled for: __arm__ for AArch32 (or
earlier versions) and __aarch64__ for AArch64. There's no need for TF-A
to define its own custom macros for this. In order to unify code with
the export headers (which use __aarch64__ to avoid another dependency),
let's deprecate the AARCH32 and AARCH64 macros and switch the code base
over to the pre-defined standard macro. (Since it is somewhat
unintuitive that __arm__ only means AArch32, let's standardize on only
using __aarch64__.)

Change-Id: Ic77de4b052297d77f38fc95f95f65a8ee70cf200
Signed-off-by: Julius Werner <jwerner@chromium.org>

show more ...

Replace __ASSEMBLY__ with compiler-builtin __ASSEMBLER__

NOTE: __ASSEMBLY__ macro is now deprecated in favor of __ASSEMBLER__.

All common C compilers predefine a macro called __ASSEMBLER__ when
pre

Replace __ASSEMBLY__ with compiler-builtin __ASSEMBLER__

NOTE: __ASSEMBLY__ macro is now deprecated in favor of __ASSEMBLER__.

All common C compilers predefine a macro called __ASSEMBLER__ when
preprocessing a .S file. There is no reason for TF-A to define it's own
__ASSEMBLY__ macro for this purpose instead. To unify code with the
export headers (which use __ASSEMBLER__ to avoid one extra dependency),
let's deprecate __ASSEMBLY__ and switch the code base over to the
predefined standard.

Change-Id: Id7d0ec8cf330195da80499c68562b65cb5ab7417
Signed-off-by: Julius Werner <jwerner@chromium.org>

show more ...