Merge changes from topic "feat_state_part2" into integration

* changes:
refactor(trf): enable FEAT_TRF for FEAT_STATE_CHECKED
refactor(brbe): enable FEAT_BRBE for FEAT_STATE_CHECKED
refactor(t

Merge changes from topic "feat_state_part2" into integration

* changes:
refactor(trf): enable FEAT_TRF for FEAT_STATE_CHECKED
refactor(brbe): enable FEAT_BRBE for FEAT_STATE_CHECKED
refactor(trbe): enable FEAT_TRBE for FEAT_STATE_CHECKED
fix(cpufeat): context-switch: move FGT availability check to callers
feat(cpufeat): extend check_feature() to deal with min/max
refactor(cpufeat): wrap CPU ID register field isolation

show more ...

refactor(trf): enable FEAT_TRF for FEAT_STATE_CHECKED

At the moment we only support FEAT_TRF to be either unconditionally
compiled in, or to be not supported at all.

Add support for runtime detecti

refactor(trf): enable FEAT_TRF for FEAT_STATE_CHECKED

At the moment we only support FEAT_TRF to be either unconditionally
compiled in, or to be not supported at all.

Add support for runtime detection (ENABLE_TRF_FOR_NS=2), by splitting
is_feat_trf_present() into an ID register reading function and a second
function to report the support status. That function considers both
build time settings and runtime information (if needed), and is used
before we access TRF related registers.
Also move the context saving code from assembly to C, and use the new
is_feat_trf_supported() function to guard its execution.

The FVP platform decided to compile in support unconditionally (=1),
even though FEAT_TRF is an ARMv8.4 feature, so is not available with the
FVP model's default command line.
Change that to the now supported dynamic option (=2), so the right
decision can be made by the code at runtime.

Change-Id: Ia97b01adbe24970a4d837afd463dc5506b7295a3
Signed-off-by: Andre Przywara <andre.przywara@arm.com>

show more ...

Merge changes from topic "mixed-rwx" into integration

* changes:
build: permit multiple linker scripts
build: clarify linker script generation
style: normalize linker script code style
fix(p

Merge changes from topic "mixed-rwx" into integration

* changes:
build: permit multiple linker scripts
build: clarify linker script generation
style: normalize linker script code style
fix(pie): pass `-fpie` to the preprocessor as well

show more ...

build: clarify linker script generation

The following build system variables have been renamed:

- `LINKERFILE` -> `DEFAULT_LINKER_SCRIPT`
- `BL_LINKERFILE` -> `DEFAULT_LINKER_SCRIPT_SOURCE`
- `<IMA

build: clarify linker script generation

The following build system variables have been renamed:

- `LINKERFILE` -> `DEFAULT_LINKER_SCRIPT`
- `BL_LINKERFILE` -> `DEFAULT_LINKER_SCRIPT_SOURCE`
- `<IMAGE>_LINKERFILE` -> `<IMAGE>_DEFAULT_LINKER_SCRIPT_SOURCE`

These new names better reflect how each variable is used:

1. the default linker script is passed via `-dT` instead of `-T`
2. linker script source files are first preprocessed

Additionally, linker scripts are now placed in the build directory
relative to where they exist in the source directory. For example,
the `bl32/sp_min/sp_min.ld.S` would now preprocess to
`sp_min/sp_min.ld` instead of just `bl32.ld`

BREAKING-CHANGE: The `LINKERFILE`, `BL_LINKERFILE` and
`<IMAGE_LINKERFILE>` build system variables have been renamed. See the
commit message for more information.

Change-Id: If8cef65dcb8820e8993736702c8741e97a66e6cc
Signed-off-by: Chris Kay <chris.kay@arm.com>

show more ...

Merge "fix(security): update Cortex-A15 CPU lib files for CVE-2022-23960" into integration

fix(security): update Cortex-A15 CPU lib files for CVE-2022-23960

Cortex-A15 does not support FEAT_CSV2 so the existing workaround for
Spectre V2 is sufficient to mitigate against Spectre BHB attack

fix(security): update Cortex-A15 CPU lib files for CVE-2022-23960

Cortex-A15 does not support FEAT_CSV2 so the existing workaround for
Spectre V2 is sufficient to mitigate against Spectre BHB attacks,
however the code needed to be updated to work with the new build flag.

Also, some code was refactored several years ago and not updated in
the Cortex-A15 library file so this patch fixes that as well.

Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: I768c88a38c561c91019b038ac6c22b291955f18e

show more ...

Merge changes from topic "ck/mpmm" into integration

* changes:
docs(maintainers): add Chris Kay to AMU and MPMM
feat(tc): enable MPMM
feat(mpmm): add support for MPMM
feat(amu): enable per-c

Merge changes from topic "ck/mpmm" into integration

* changes:
docs(maintainers): add Chris Kay to AMU and MPMM
feat(tc): enable MPMM
feat(mpmm): add support for MPMM
feat(amu): enable per-core AMU auxiliary counters
docs(amu): add AMU documentation
refactor(amu): refactor enablement and context switching
refactor(amu): detect auxiliary counters at runtime
refactor(amu): detect architected counters at runtime
refactor(amu): conditionally compile auxiliary counter support
refactor(amu): factor out register accesses
refactor(amu)!: privatize unused AMU APIs
refactor(amu)!: remove `PLAT_AMU_GROUP1_COUNTERS_MASK`
build(amu): introduce `amu.mk`
build(fconf)!: clean up source collection
feat(fdt-wrappers): add CPU enumeration utility function
build(fdt-wrappers): introduce FDT wrappers makefile
build(bl2): deduplicate sources
build(bl1): deduplicate sources

show more ...

build(amu): introduce `amu.mk`

This change introduces the `amu.mk` Makefile, used to remove the need
to manually include AMU sources into the various build images.
Makefiles requiring the list of AM

build(amu): introduce `amu.mk`

This change introduces the `amu.mk` Makefile, used to remove the need
to manually include AMU sources into the various build images.
Makefiles requiring the list of AMU sources are expected to include
this file and use `${AMU_SOURCES}` to retrieve them.

Change-Id: I3d174033ecdce6439a110d776f0c064c67abcfe0
Signed-off-by: Chris Kay <chris.kay@arm.com>

show more ...

Merge changes from topic "TrcDbgExt" into integration

* changes:
feat(plat/fvp): enable trace extension features by default
feat(trf): enable trace filter control register access from lower NS E

Merge changes from topic "TrcDbgExt" into integration

* changes:
feat(plat/fvp): enable trace extension features by default
feat(trf): enable trace filter control register access from lower NS EL
feat(trf): initialize trap settings of trace filter control registers access
feat(sys_reg_trace): enable trace system registers access from lower NS ELs
feat(sys_reg_trace): initialize trap settings of trace system registers access
feat(trbe): enable access to trace buffer control registers from lower NS EL
feat(trbe): initialize trap settings of trace buffer control registers access

show more ...

feat(trf): enable trace filter control register access from lower NS EL

Introduced a build flag 'ENABLE_TRF_FOR_NS' to enable trace filter
control registers access in NS-EL2, or NS-EL1 (when NS-EL2

feat(trf): enable trace filter control register access from lower NS EL

Introduced a build flag 'ENABLE_TRF_FOR_NS' to enable trace filter
control registers access in NS-EL2, or NS-EL1 (when NS-EL2 is
implemented but unused).

Change-Id: If3f53b8173a5573424b9a405a4bd8c206ffdeb8c
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

feat(sys_reg_trace): enable trace system registers access from lower NS ELs

Introduced a build flag 'ENABLE_SYS_REG_TRACE_FOR_NS' to enable trace
system registers access in NS-EL2, or NS-EL1 (when N

feat(sys_reg_trace): enable trace system registers access from lower NS ELs

Introduced a build flag 'ENABLE_SYS_REG_TRACE_FOR_NS' to enable trace
system registers access in NS-EL2, or NS-EL1 (when NS-EL2 is
implemented but unused).

Change-Id: Idc1acede4186e101758cbf7bed5af7b634d7d18d
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

Merge "bl32: Enable TRNG service build" into integration

bl32: Enable TRNG service build

The Trusted Random Number Generator service is using the standard SMC
service dispatcher, running in BL31. For that reason we list the files
implementing the service

bl32: Enable TRNG service build

The Trusted Random Number Generator service is using the standard SMC
service dispatcher, running in BL31. For that reason we list the files
implementing the service in bl31.mk.
However when building for a 32-bit TF-A runtime, sp_min.mk is the
Makefile snippet used, so we have to add the files into there as well.

This fixes 32-bit builds of platforms that provide the TRNG service.

Change-Id: I8be61522300d36477a9ee0a9ce159a140390b254
Signed-off-by: Andre Przywara <andre.przywara@arm.com>

show more ...

Merge "Add support for FEAT_MTPMU for Armv8.6" into integration

Add support for FEAT_MTPMU for Armv8.6

If FEAT_PMUv3 is implemented and PMEVTYPER<n>(_EL0).MT bit is implemented
as well, it is possible to control whether PMU counters take into account
events happ

Add support for FEAT_MTPMU for Armv8.6

If FEAT_PMUv3 is implemented and PMEVTYPER<n>(_EL0).MT bit is implemented
as well, it is possible to control whether PMU counters take into account
events happening on other threads.

If FEAT_MTPMU is implemented, EL3 (or EL2) can override the MT bit
leaving it to effective state of 0 regardless of any write to it.

This patch introduces the DISABLE_MTPMU flag, which allows to diable
multithread event count from EL3 (or EL2). The flag is disabled
by default so the behavior is consistent with those architectures
that do not implement FEAT_MTPMU.

Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Change-Id: Iee3a8470ae8ba13316af1bd40c8d4aa86e0cb85e

show more ...

Merge pull request #1392 from dp-arm/dp/cve_2018_3639

Implement workaround for CVE-2018-3639 on Cortex A57/A72/A73 and A75

Rename symbols and files relating to CVE-2017-5715

This patch renames symbols and files relating to CVE-2017-5715 to make
it easier to introduce new symbols and files for new CVE mitigations.

Chang

Rename symbols and files relating to CVE-2017-5715

This patch renames symbols and files relating to CVE-2017-5715 to make
it easier to introduce new symbols and files for new CVE mitigations.

Change-Id: I24c23822862ca73648c772885f1690bed043dbc7
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>

show more ...

Merge pull request #1297 from soby-mathew/sm/fix_aarch32_plat_cmn

Remove sp_min functions from plat_common.c

Remove sp_min functions from plat_common.c

This patch removes default platform implementations of sp_min
platform APIs from plat/common/aarch32/plat_common.c. The APIs
are now implemented in `plat_s

Remove sp_min functions from plat_common.c

This patch removes default platform implementations of sp_min
platform APIs from plat/common/aarch32/plat_common.c. The APIs
are now implemented in `plat_sp_min_common.c` file within the
same folder.

The ARM platform layer had a weak definition of sp_min_platform_setup2()
which conflicted with the weak definition in the common file. Hence this
patch fixes that by introducing a `plat_arm_` version of the API thus
allowing individual boards within ARM platforms to override it if they
wish to.

Fixes ARM-software/tf-issues#559

Change-Id: I11a74ecae8191878ccc7ea03f12bdd5ae88faba5
Signed-off-by: Soby Mathew <soby.mathew@arm.com>

show more ...

Merge pull request #1253 from dp-arm/dp/amu32

AMUv1 support for AArch32

AMU: Add assembler helper functions for aarch32

Change-Id: Id6dfe885a63561b1d2649521bd020367b96ae1af
Signed-off-by: Joel Hutton <joel.hutton@arm.com>

Merge pull request #1228 from dp-arm/dp/cve_2017_5715

Workarounds for CVE-2017-5715 on A9/A15 and A17 + serial console reporting

sp_min: Implement workaround for CVE-2017-5715

This patch introduces two workarounds for ARMv7 systems. The
workarounds need to be applied prior to any `branch` instruction in
secure world. This i

sp_min: Implement workaround for CVE-2017-5715

This patch introduces two workarounds for ARMv7 systems. The
workarounds need to be applied prior to any `branch` instruction in
secure world. This is achieved using a custom vector table where each
entry is an `add sp, sp, #1` instruction.

On entry to monitor mode, once the sequence of `ADD` instructions is
executed, the branch target buffer (BTB) is invalidated. The bottom
bits of `SP` are then used to decode the exception entry type.

A side effect of this change is that the exception vectors are
installed before the CPU specific reset function. This is now
consistent with how it is done on AArch64.

Note, on AArch32 systems, the exception vectors are typically tightly
integrated with the secure payload (e.g. the Trusted OS). This
workaround will need porting to each secure payload that requires it.

The patch to modify the AArch32 per-cpu vbar to the corresponding
workaround vector table according to the CPU type will be done in a
later patch.

Change-Id: I5786872497d359e496ebe0757e8017fa98f753fa
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>

show more ...

Merge pull request #1170 from dp-arm/dp/amu

Add support for Activity Monitors

AMU: Implement support for aarch32

The `ENABLE_AMU` build option can be used to enable the
architecturally defined AMU counters. At present, there is no support
for the auxiliary counter group.

Ch

AMU: Implement support for aarch32

The `ENABLE_AMU` build option can be used to enable the
architecturally defined AMU counters. At present, there is no support
for the auxiliary counter group.

Change-Id: Ifc7532ef836f83e629f2a146739ab61e75c4abc8
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>

show more ...