feat(ethos-n): add support to set up NSAID

For the TZC to allow the Arm(R) Ethos(TM)-N NPU to access the buffers
allocated in a protected memory region, it must include the correct
NSAID for that re

feat(ethos-n): add support to set up NSAID

For the TZC to allow the Arm(R) Ethos(TM)-N NPU to access the buffers
allocated in a protected memory region, it must include the correct
NSAID for that region in its transactions to the memory. This change
updates the SiP service to configure the NSAIDs specified by a platform
define. When doing a protected access the SiP service now configures the
NSAIDs specified by the platform define. For unprotected access the
NSAID is set to zero.

Signed-off-by: Rajasekaran Kalidoss <rajasekaran.kalidoss@arm.com>
Signed-off-by: Rob Hughes <robert.hughes@arm.com>
Signed-off-by: Mikael Olsson <mikael.olsson@arm.com>
Change-Id: I3360ef33705162aba5c67670386922420869e331

show more ...

docs(sve): update defaults for FEAT_SVE

FEAT_SVE build macro, "ENABLE_SVE_FOR_NS" default value has been updated
to 2, to support its existing behavior of dynamic detection as well as
keep it aligne

docs(sve): update defaults for FEAT_SVE

FEAT_SVE build macro, "ENABLE_SVE_FOR_NS" default value has been updated
to 2, to support its existing behavior of dynamic detection as well as
keep it aligned with the changes concerning STATE=FEAT_STATE_CHECKED(2),
part of Feature Detection procedure.

Change-Id: Iee43e899f19dc9d5eb57c235998758f462a8c397
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>

show more ...

feat(cpufeat): enable FEAT_SVE for FEAT_STATE_CHECKED

Add support for runtime detection (ENABLE_SVE_FOR_NS=2), by splitting
sve_supported() into an ID register reading function and a
second function

feat(cpufeat): enable FEAT_SVE for FEAT_STATE_CHECKED

Add support for runtime detection (ENABLE_SVE_FOR_NS=2), by splitting
sve_supported() into an ID register reading function and a
second function to report the support status. That function considers
both build time settings and runtime information (if needed), and is
used before we do SVE specific setup.

Change the FVP platform default to the now supported dynamic
option (=2), so the right decision can be made by the code at runtime.

Change-Id: I1caaba2216e8e2a651452254944a003607503216
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>

show more ...

feat(cpufeat): enable FEAT_SME for FEAT_STATE_CHECKED

Add support for runtime detection (ENABLE_SME_FOR_NS=2), by splitting
feat_sme_supported() into an ID register reading function and a
second fun

feat(cpufeat): enable FEAT_SME for FEAT_STATE_CHECKED

Add support for runtime detection (ENABLE_SME_FOR_NS=2), by splitting
feat_sme_supported() into an ID register reading function and a
second function to report the support status. That function considers
both build time settings and runtime information (if needed), and is
used before we do SME specific setup.

Change the FVP platform default to the now supported dynamic option
(=2),so the right decision can be made by the code at runtime.

Change-Id: Ida9ccf737db5be20865b84f42b1f9587be0626ab
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>

show more ...

Merge changes from topic "psci-osi" into integration

* changes:
feat(sc7280): add support for PSCI_OS_INIT_MODE
feat(fvp): enable support for PSCI OS-initiated mode
feat(psci): update PSCI_FEA

Merge changes from topic "psci-osi" into integration

* changes:
feat(sc7280): add support for PSCI_OS_INIT_MODE
feat(fvp): enable support for PSCI OS-initiated mode
feat(psci): update PSCI_FEATURES
feat(psci): add support for OS-initiated mode
feat(psci): add support for PSCI_SET_SUSPEND_MODE
build(psci): add build option for OS-initiated mode
docs(psci): add design proposal for OS-initiated mode

show more ...

refactor(amu): unify ENABLE_AMU and ENABLE_FEAT_AMUv1

So far we have the ENABLE_AMU build option to include AMU register
handling code for enabling and context switch. There is also an
ENABLE_FEAT_A

refactor(amu): unify ENABLE_AMU and ENABLE_FEAT_AMUv1

So far we have the ENABLE_AMU build option to include AMU register
handling code for enabling and context switch. There is also an
ENABLE_FEAT_AMUv1 option, solely to protect the HAFGRTR_EL2 system
register handling. The latter needs some alignment with the new feature
scheme, but it conceptually overlaps with the ENABLE_AMU option.

Since there is no real need for two separate options, unify both into a
new ENABLE_FEAT_AMU name in a first step. This is mostly just renaming at
this point, a subsequent patch will make use of the new feature handling
scheme.

Change-Id: I97d8a55bdee2ed1e1509fa9f2b09fd0bdd82736e
Signed-off-by: Andre Przywara <andre.przywara@arm.com>

show more ...

refactor(cpufeat): align FEAT_SB to new feature handling

FEAT_SB introduces a new speculation barrier instruction, that is more
lightweight than a "dsb; isb" combination. We use that in a hot path,

refactor(cpufeat): align FEAT_SB to new feature handling

FEAT_SB introduces a new speculation barrier instruction, that is more
lightweight than a "dsb; isb" combination. We use that in a hot path,
so cannot afford and don't want a runtime detection mechanism.
Nevertheless align the implementation of the feature detection part
with the other features, but renaming the detection function, and
updating the FEAT_DETECTION code. Also update the documentation.

Change-Id: I2b86dfd1ad259c3bb99ab5186e2911ace454b54c
Signed-off-by: Andre Przywara <andre.przywara@arm.com>

show more ...

refactor(cpufeat): enable SYS_REG_TRACE for FEAT_STATE_CHECKED

At the moment we only support access to the trace unit by system
registers (SYS_REG_TRACE) to be either unconditionally compiled in, or

refactor(cpufeat): enable SYS_REG_TRACE for FEAT_STATE_CHECKED

At the moment we only support access to the trace unit by system
registers (SYS_REG_TRACE) to be either unconditionally compiled in, or
to be not supported at all.

Add support for runtime detection (ENABLE_SYS_REG_TRACE_FOR_NS=2), by
adding is_feat_sys_reg_trace_supported(). That function considers both
build time settings and runtime information (if needed), and is used
before we access SYS_REG_TRACE related registers.

The FVP platform decided to compile in support unconditionally (=1),
even though this is an optional feature, so it is not available with the
FVP model's default command line.
Change that to the now supported dynamic option (=2), so the right
decision can be made by the code at runtime.

Change-Id: I450a574a4f6bd9fc269887037049c94c906f54b2
Signed-off-by: Andre Przywara <andre.przywara@arm.com>

show more ...

feat(psci): add support for OS-initiated mode

This patch adds a `psci_validate_state_coordination` function that is
called by `psci_cpu_suspend_start` in OS-initiated mode.

This function validates

feat(psci): add support for OS-initiated mode

This patch adds a `psci_validate_state_coordination` function that is
called by `psci_cpu_suspend_start` in OS-initiated mode.

This function validates the request per sections 4.2.3.2, 5.4.5, and 6.3
of the PSCI spec (DEN0022D.b):
- The requested power states are consistent with the system's state
- The calling core is the last running core at the requested power level

This function differs from `psci_do_state_coordination` in that:
- The `psci_req_local_pwr_states` map is not modified if the request
were to be denied
- The `state_info` argument is never modified since it contains the
power states requested by the calling OS

This is conditionally compiled into the build depending on the value of
the `PSCI_OS_INIT_MODE` build option.

Change-Id: I667041c842d2856e9d128c98db4d5ae4e4552df3
Signed-off-by: Wing Li <wingers@google.com>

show more ...

build(psci): add build option for OS-initiated mode

Change-Id: Ie4f7b6a36926ab075ebb9c6507a3ff48ce5538fe
Signed-off-by: Wing Li <wingers@google.com>

refactor(spe): enable FEAT_SPE for FEAT_STATE_CHECKED

At the moment we only support FEAT_SPE to be either unconditionally
compiled in, or to be not supported at all.

Add support for runtime detecti

refactor(spe): enable FEAT_SPE for FEAT_STATE_CHECKED

At the moment we only support FEAT_SPE to be either unconditionally
compiled in, or to be not supported at all.

Add support for runtime detection (ENABLE_SPE_FOR_NS=2), by splitting
is_armv8_2_feat_spe_present() into an ID register reading function and
a second function to report the support status. That function considers
both build time settings and runtime information (if needed), and is
used before we access SPE related registers.

Previously SPE was enabled unconditionally for all platforms, change
this now to the runtime detection version.

Change-Id: I830c094107ce6a398bf1f4aef7ffcb79d4f36552
Signed-off-by: Andre Przywara <andre.przywara@arm.com>

show more ...

refactor(cpufeat): rename ENABLE_SPE_FOR_LOWER_ELS to ENABLE_SPE_FOR_NS

At the moment we hardcode the SPE functionality to be available on the
non-secure side only, by setting MDCR_EL2.E2PB accordin

refactor(cpufeat): rename ENABLE_SPE_FOR_LOWER_ELS to ENABLE_SPE_FOR_NS

At the moment we hardcode the SPE functionality to be available on the
non-secure side only, by setting MDCR_EL2.E2PB accordingly.

This should be reflected in the feature selection symbol, so rename that
to ENABLE_SPE_FOR_NS, to make it clearer that SPE is not supported in
the secure world.

Change-Id: I3f9b48eab1a45d6ccfcbb9c90a11eeb66867ad9a
Signed-off-by: Andre Przywara <andre.przywara@arm.com>

show more ...

Merge "feat(tcr2): support FEAT_TCR2" into integration

feat(tcr2): support FEAT_TCR2

Arm v8.9 introduces FEAT_TCR2, adding extended translation control
registers. Support this, context switching TCR2_EL2 and disabling
traps so lower ELs can access the n

feat(tcr2): support FEAT_TCR2

Arm v8.9 introduces FEAT_TCR2, adding extended translation control
registers. Support this, context switching TCR2_EL2 and disabling
traps so lower ELs can access the new registers.

Change the FVP platform to default to handling this as a dynamic option so
the right decision can be made by the code at runtime.

Signed-off-by: Mark Brown <broonie@kernel.org>
Change-Id: I297452acd8646d58bac64fc15e05b06a543e5148

show more ...

refactor(build): distinguish BL2 as TF-A entry point and BL2 running at EL3

BL2_AT_EL3 is an overloaded macro which has two uses:
1. When BL2 is entry point into TF-A(no BL1)
2. When BL2 is runnin

refactor(build): distinguish BL2 as TF-A entry point and BL2 running at EL3

BL2_AT_EL3 is an overloaded macro which has two uses:
1. When BL2 is entry point into TF-A(no BL1)
2. When BL2 is running at EL3 exception level
These two scenarios are not exactly same even though first implicitly
means second to be true. To distinguish between these two use cases we
introduce new macros.
BL2_AT_EL3 is renamed to RESET_TO_BL2 to better convey both 1. and 2.
Additional macro BL2_RUNS_AT_EL3 is added to cover all scenarious where
BL2 runs at EL3 (including four world systems).

BREAKING CHANGE: BL2_AT_EL3 renamed to RESET_TO_BL2 across the
repository.

Change-Id: I477e1d0f843b44b799c216670e028fcb3509fb72
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Signed-off-by: Maksims Svecovs <maksims.svecovs@arm.com>

show more ...

Revert "docs(bl31): aarch64: RESET_TO_BL31_WITH_PARAMS"

Adopted RESET_TO_BL31_WITH_PARAMS functionality in RESET_TO_BL31
in the subsequent patches hence reverted this patch.
This reverts commit ac4a

Revert "docs(bl31): aarch64: RESET_TO_BL31_WITH_PARAMS"

Adopted RESET_TO_BL31_WITH_PARAMS functionality in RESET_TO_BL31
in the subsequent patches hence reverted this patch.
This reverts commit ac4ac38c5443afdef38e38e9247c96359de3a2ea.

Change-Id: I5fb8eaea47d0fd6d0171260c6d834ec8de588fad
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

Merge "docs(drtm): mention DRTM_SUPPORT as an experimental build option" into integration

docs: discourage usage of weak functions

As a coding guideline, we now discourage introducing new weak
functions in platform-agnostic code going forward and provide the
rationale for this.

This was

docs: discourage usage of weak functions

As a coding guideline, we now discourage introducing new weak
functions in platform-agnostic code going forward and provide the
rationale for this.

This was already enforced most of the time in code reviews but this
patch makes it explicit in the project's documentation.

Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: I88f4a55788899fb4146c4d26afb3a7418376b30c

show more ...

Merge changes from topic "panic_cleanup" into integration

* changes:
refactor(bl31): use elx_panic for sysreg_handler64
refactor(aarch64): rename do_panic and el3_panic
refactor(aarch64): remo

Merge changes from topic "panic_cleanup" into integration

* changes:
refactor(bl31): use elx_panic for sysreg_handler64
refactor(aarch64): rename do_panic and el3_panic
refactor(aarch64): remove weak links to el3_panic
refactor(aarch64): refactor usage of elx_panic
refactor(aarch64): cleanup HANDLE_EA_EL3_FIRST_NS usage

show more ...

refactor(bl31): use elx_panic for sysreg_handler64

When we reach sysreg_handler64 from any trap handling we are entering
this path from lower EL and thus we should be calling lower_el_panic
reportin

refactor(bl31): use elx_panic for sysreg_handler64

When we reach sysreg_handler64 from any trap handling we are entering
this path from lower EL and thus we should be calling lower_el_panic
reporting mechanism to print panic report.

Make report_elx_panic available through assembly func elx_panic which
could be used for reporting any lower_el_panic.

Change-Id: Ieb260cf20ea327a59db84198b2c6a6bfc9ca9537
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

refactor(aarch64): rename do_panic and el3_panic

Current panic call invokes do_panic which calls el3_panic, but now panic
handles only panic from EL3 anid clear separation to use lower_el_panic()
wh

refactor(aarch64): rename do_panic and el3_panic

Current panic call invokes do_panic which calls el3_panic, but now panic
handles only panic from EL3 anid clear separation to use lower_el_panic()
which handles panic from lower ELs.

So now we can remove do_panic and just call el3_panic for all panics.

Change-Id: I739c69271b9fb15c1176050877a9b0c0394dc739
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

docs(drtm): mention DRTM_SUPPORT as an experimental build option

In spite of the fact that makefile [1] indicates that DRTM_SUPPORT is
an experimental feature, it is better to mention the same in th

docs(drtm): mention DRTM_SUPPORT as an experimental build option

In spite of the fact that makefile [1] indicates that DRTM_SUPPORT is
an experimental feature, it is better to mention the same in the
documentation of the build option as well.

[1]:
https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/Makefile#n897

Change-Id: Ibfa328ec8ed685ce715d144d979ba37e4f49f82e
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

build: always prefix section names with `.`

Some of our specialized sections are not prefixed with the conventional
period. The compiler uses input section names to derive certain other
section name

build: always prefix section names with `.`

Some of our specialized sections are not prefixed with the conventional
period. The compiler uses input section names to derive certain other
section names (e.g. `.rela.text`, `.relacpu_ops`), and these can be
difficult to select in linker scripts when there is a lack of a
delimiter.

This change introduces the period prefix to all specialized section
names.

BREAKING-CHANGE: All input and output linker section names have been
prefixed with the period character, e.g. `cpu_ops` -> `.cpu_ops`.

Change-Id: I51c13c5266d5975fbd944ef4961328e72f82fc1c
Signed-off-by: Chris Kay <chris.kay@arm.com>

show more ...

fix(docs): make required compiler version == rather than >=

TF-A carries its own compiler-rt so higher versions of the compilers may
not necessarily work. Because TF-A is only tested on the specifie

fix(docs): make required compiler version == rather than >=

TF-A carries its own compiler-rt so higher versions of the compilers may
not necessarily work. Because TF-A is only tested on the specified
versions in the CI, any breakage remains unknown. Update the
prerequisites guide to make it more apparent that this is the case.

Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Ia5da9c5ff505ead99f579f3f5fbe3a480d697c1d

show more ...

Merge changes from topic "bk/warnings" into integration

* changes:
docs: describe the new warning levels
build: add -Wunused-const-variable=2 to W=2
build: include -Wextra in generic builds

Merge changes from topic "bk/warnings" into integration

* changes:
docs: describe the new warning levels
build: add -Wunused-const-variable=2 to W=2
build: include -Wextra in generic builds
docs(porting-guide): update a reference
fix(st-usb): replace redundant checks with asserts
fix(brcm): add braces around bodies of conditionals
fix(renesas): align incompatible function pointers
fix(zynqmp): remove redundant api_version check
fix: remove old-style declarations
fix: unify fallthrough annotations

show more ...