Merge "fix(bl1): invalidate SP in data cache during secure SMC" into integration

fix(bl1): invalidate SP in data cache during secure SMC

Invalidate the SP holding `smc_ctx_t` prior to enabling the data cache
when handling SMCs from the secure world. Enabling the data cache
witho

fix(bl1): invalidate SP in data cache during secure SMC

Invalidate the SP holding `smc_ctx_t` prior to enabling the data cache
when handling SMCs from the secure world. Enabling the data cache
without doing so results in dirty data either being evicted into main
memory, or being used directly from bl1. This corrupted data causes
system failure as the SMC handler attempts to use it.

Change-Id: I5b7225a6fdd1fcfe34ee054ca46dffea06b84b7d
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>

show more ...

Merge "aarch32: stop speculative execution past exception returns" into integration

aarch32: stop speculative execution past exception returns

aarch32 CPUs speculatively execute instructions following a
ERET as if it was not a jump instruction. This could lead to
cache-based side c

aarch32: stop speculative execution past exception returns

aarch32 CPUs speculatively execute instructions following a
ERET as if it was not a jump instruction. This could lead to
cache-based side channel vulnerabilities. The software fix is
to place barrier instructions following ERET.

The counterpart patch for aarch64 is merged:
https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/commit/?id=f461fe346b728d0e88142fd7b8f2816415af18bc

Change-Id: I2aa3105bee0b92238f389830b3a3b8650f33af3d
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>

show more ...

Merge pull request #1877 from bryanodonoghue/integration+bl2-el3-eret-fix-v2

bl2-el3: Fix exit to bl32 by ensuring full write to SPSR

bl1-smc-handler: Ensure the lower-order 16 bits of SPSR are programmed

A bug recently fixed in bl2/aarch32/bl2_el3_entrypoint.S relates to
programming the lower-order 16 bits of the SPSR to populate

bl1-smc-handler: Ensure the lower-order 16 bits of SPSR are programmed

A bug recently fixed in bl2/aarch32/bl2_el3_entrypoint.S relates to
programming the lower-order 16 bits of the SPSR to populate into the CPSR
on eret.

The BL1 smc-handler code is identical and has the same shortfall in
programming the SPSR from the platform defined struct
entry_point_info->spsr.

msr spsr, r1 will only update bits f->[31:24] and c->[7:0] respectively. In
order to ensure the 16 lower-order processor mode bits x->[15:8] and
c->[7:0] this patch changes msr spsr, r1 to msr spsr_xc, r1.

This change ensures we capture the x field, which we are interested in and
not the f field which we are not.

Fixes: f3b4914be3b4 ('AArch32: Add generic changes in BL1')

Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>

show more ...

Merge pull request #1726 from antonio-nino-diaz-arm/an/includes

Sanitise includes across codebase

Sanitise includes across codebase

Enforce full include path for includes. Deprecate old paths.

The following folders inside include/lib have been left unchanged:

- include/lib/cpus/${ARCH}
- inclu

Sanitise includes across codebase

Enforce full include path for includes. Deprecate old paths.

The following folders inside include/lib have been left unchanged:

- include/lib/cpus/${ARCH}
- include/lib/el3_runtime/${ARCH}

The reason for this change is that having a global namespace for
includes isn't a good idea. It defeats one of the advantages of having
folders and it introduces problems that are sometimes subtle (because
you may not know the header you are actually including if there are two
of them).

For example, this patch had to be created because two headers were
called the same way: e0ea0928d5b7 ("Fix gpio includes of mt8173 platform
to avoid collision."). More recently, this patch has had similar
problems: 46f9b2c3a282 ("drivers: add tzc380 support").

This problem was introduced in commit 4ecca33988b9 ("Move include and
source files to logical locations"). At that time, there weren't too
many headers so it wasn't a real issue. However, time has shown that
this creates problems.

Platforms that want to preserve the way they include headers may add the
removed paths to PLAT_INCLUDES, but this is discouraged.

Change-Id: I39dc53ed98f9e297a5966e723d1936d6ccf2fc8f
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

show more ...

Merge pull request #1519 from antonio-nino-diaz-arm/an/xlat-el2

xlat v2: Support EL2 translation regime

xlat v2: Support the EL2 translation regime

The translation library is useful elsewhere. Even though this repository
doesn't exercise the EL2 support of the library, it is better to have it
here as

xlat v2: Support the EL2 translation regime

The translation library is useful elsewhere. Even though this repository
doesn't exercise the EL2 support of the library, it is better to have it
here as well to make it easier to maintain.

enable_mmu_secure() and enable_mmu_direct() have been deprecated. The
functions are still present, but they are behind ERROR_DEPRECATED and
they call the new functions enable_mmu_svc_mon() and
enable_mmu_direct_svc_mon().

Change-Id: I13ad10cd048d9cc2d55e0fff9a5133671b67dcba
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

show more ...

Merge pull request #1314 from antonio-nino-diaz-arm/an/smccc-header

Rename 'smcc' to 'smccc'

Rename 'smcc' to 'smccc'

When the source code says 'SMCC' it is talking about the SMC Calling
Convention. The correct acronym is SMCCC. This affects a few definitions
and file names.

Some files hav

Rename 'smcc' to 'smccc'

When the source code says 'SMCC' it is talking about the SMC Calling
Convention. The correct acronym is SMCCC. This affects a few definitions
and file names.

Some files have been renamed (smcc.h, smcc_helpers.h and smcc_macros.S)
but the old files have been kept for compatibility, they include the
new ones with an ERROR_DEPRECATED guard.

Change-Id: I78f94052a502436fdd97ca32c0fe86bd58173f2f
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

show more ...

Merge pull request #1173 from etienne-lms/armv7-qemu

support to boot OP-TEE on AArch32/Armv7+example with Cortex-A15/Qemu

aarch32: use lr as bl32 boot argument on aarch32 only systems

Add 'lr_svc' as a boot parameter in AArch32 bl1. This is used by Optee
and Trusty to get the non-secure entry point on AArch32 platforms

aarch32: use lr as bl32 boot argument on aarch32 only systems

Add 'lr_svc' as a boot parameter in AArch32 bl1. This is used by Optee
and Trusty to get the non-secure entry point on AArch32 platforms.

This change is not ported in AArch64 mode where the BL31, not BL32,
is in charge of booting the non secure image (BL33).

Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>

show more ...

Merge pull request #939 from dp-arm/dp/AArch32_tbbr

Add TBBR and FWU support for AArch32

AArch32: Add `TRUSTED_BOARD_BOOT` support

This patch adds `TRUSTED_BOARD_BOOT` support for AArch32 mode.

To build this patch the "mbedtls/include/mbedtls/bignum.h"
needs to be modified to remove `#

AArch32: Add `TRUSTED_BOARD_BOOT` support

This patch adds `TRUSTED_BOARD_BOOT` support for AArch32 mode.

To build this patch the "mbedtls/include/mbedtls/bignum.h"
needs to be modified to remove `#define MBEDTLS_HAVE_UDBL`
when `MBEDTLS_HAVE_INT32` is defined. This is a workaround
for "https://github.com/ARMmbed/mbedtls/issues/708"

NOTE: TBBR support on Juno AArch32 is not currently supported.

Change-Id: I86d80e30b9139adc4d9663f112801ece42deafcf
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
Co-Authored-By: Yatharth Kochar <yatharth.kochar@arm.com>

show more ...

Merge pull request #925 from dp-arm/dp/spdx

Use SPDX license identifiers

Use SPDX license identifiers

To make software license auditing simpler, use SPDX[0] license
identifiers instead of duplicating the license text in every file.

NOTE: Files that have been imported by

Use SPDX license identifiers

To make software license auditing simpler, use SPDX[0] license
identifiers instead of duplicating the license text in every file.

NOTE: Files that have been imported by FreeBSD have not been modified.

[0]: https://spdx.org/

Change-Id: I80a00e1f641b8cc075ca5a95b10607ed9ed8761a
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>

show more ...

Merge pull request #713 from yatharth-arm/yk/AArch32_porting

Add basic AArch32 support for BL1 & BL2

AArch32: Add generic changes in BL1

This patch adds generic changes in BL1 to support AArch32 state.
New AArch32 specific assembly/C files are introduced and
some files are moved to AArch32/64 speci

AArch32: Add generic changes in BL1

This patch adds generic changes in BL1 to support AArch32 state.
New AArch32 specific assembly/C files are introduced and
some files are moved to AArch32/64 specific folders.
BL1 for AArch64 is refactored but functionally identical.
BL1 executes in Secure Monitor mode in AArch32 state.

NOTE: BL1 in AArch32 state ONLY handles BL1_RUN_IMAGE SMC.

Change-Id: I6e2296374c7efbf3cf2aa1a0ce8de0732d8c98a5

show more ...