docs: el3 token signing

Add documentation for the feature where EL3 can be used to sign realm
attestation token requests using RMM_EL3_TOKEN_SIGN command.
This patch also adds documentation for the

docs: el3 token signing

Add documentation for the feature where EL3 can be used to sign realm
attestation token requests using RMM_EL3_TOKEN_SIGN command.
This patch also adds documentation for the RMM_EL3_FEATURES features
command that can be used to discover support for features such as
RMM_EL3_TOKEN_SIGN.

Change-Id: Iab5a157761ed17931210c3702f813198fc9c4b3a
Signed-off-by: Raghu Krishnamurthy <raghupathyk@nvidia.com>

show more ...

Merge "refactor(rmmd): plat token requests in pieces" into integration

refactor(rmmd): plat token requests in pieces

Until now, the attestation token size was limited by the size of the
shared buffer between RMM and TF-A. With this change, RMM can now
request the token

refactor(rmmd): plat token requests in pieces

Until now, the attestation token size was limited by the size of the
shared buffer between RMM and TF-A. With this change, RMM can now
request the token in pieces, so they fit in the shared buffer. A new
output parameter was added to the SMC call, which will return (along
with the size of bytes copied into the buffer) the number of bytes
of the token that remain to be retrieved.

TF-A will keep an offset variable that will indicate the position in
the token where the next call will retrieve bytes from. This offset
will be increased on every call by adding the number number of bytes
copied. If the received hash size is not 0, TF-A will reset the
offset to 0 and copy from that position on.

The SMC call will now return at most the size of the shared buffer
in bytes on every call. Therefore, from now on, multiple SMC calls
may be needed to be issued if the token size exceeds the shared
buffer size.

Change-Id: I591f7013d06f64e98afaf9535dbea6f815799723
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>

show more ...

Merge changes from topic "st-nand-backup-fwu" into integration

* changes:
refactor(st): rename plat_set_image_source
feat(st): add FWU with boot from NAND
feat(st): manage backup partitions fo

Merge changes from topic "st-nand-backup-fwu" into integration

* changes:
refactor(st): rename plat_set_image_source
feat(st): add FWU with boot from NAND
feat(st): manage backup partitions for NAND devices
feat(bl): add plat handler for image loading
refactor(bl)!: remove unused plat_try_next_boot_source

show more ...

feat(bl): add plat handler for image loading

In case of load error, platform may need to try another instance, either
from another storage, or from the same storage in case of PSA FWU. On
MTD device

feat(bl): add plat handler for image loading

In case of load error, platform may need to try another instance, either
from another storage, or from the same storage in case of PSA FWU. On
MTD devices such as NAND, it is required to define backup partitions.
A new function plat_setup_try_img_ops() should be called by platform
code to register handlers (plat_try_images_ops) to manage loading
other images.

Signed-off-by: Yann Gautier <yann.gautier@st.com>
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Change-Id: Ideaecaf296c0037a26fb4e6680f33e507111378a

show more ...

refactor(bl)!: remove unused plat_try_next_boot_source

The plat_try_next_boot_source() API is not used by any upstream platform
and not used by platforms that asked for this API. It is then removed.

refactor(bl)!: remove unused plat_try_next_boot_source

The plat_try_next_boot_source() API is not used by any upstream platform
and not used by platforms that asked for this API. It is then removed.
It will be replaced with a more generic interface in next patch.

Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I298c7acace8c5efb3c66422d8d9280ecd08e5ade

show more ...

Merge changes from topic "early_console" into integration

* changes:
feat(stm32mp2): use early traces
feat(st-bsec): use early traces
refactor(st): replace STM32MP_EARLY_CONSOLE with EARLY_CON

Merge changes from topic "early_console" into integration

* changes:
feat(stm32mp2): use early traces
feat(st-bsec): use early traces
refactor(st): replace STM32MP_EARLY_CONSOLE with EARLY_CONSOLE
feat(console): introduce EARLY_CONSOLE
feat(bl32): create an sp_min_setup function

show more ...

Merge changes from topic "rss_rse_rename" into integration

* changes:
refactor(changelog): change all occurrences of RSS to RSE
refactor(qemu): change all occurrences of RSS to RSE
refactor(fv

Merge changes from topic "rss_rse_rename" into integration

* changes:
refactor(changelog): change all occurrences of RSS to RSE
refactor(qemu): change all occurrences of RSS to RSE
refactor(fvp): change all occurrences of RSS to RSE
refactor(fiptool): change all occurrences of RSS to RSE
refactor(psa): change all occurrences of RSS to RSE
refactor(fvp): remove leftovers from rss measured boot support
refactor(tc): change all occurrences of RSS to RSE
docs: change all occurrences of RSS to RSE
refactor(measured-boot): change all occurrences of RSS to RSE
refactor(rse): change all occurrences of RSS to RSE
refactor(psa): rename all 'rss' files to 'rse'
refactor(tc): rename all 'rss' files to 'rse'
docs: rename all 'rss' files to 'rse'
refactor(measured-boot): rename all 'rss' files to 'rse'
refactor(rss): rename all 'rss' files to 'rse'

show more ...

Merge changes from topic "hm/handoff" into integration

* changes:
feat(handoff): add support for RESET_TO_BL2
feat(arm): support FW handoff b/w BL1 & BL2
feat(handoff): add TL source files to

Merge changes from topic "hm/handoff" into integration

* changes:
feat(handoff): add support for RESET_TO_BL2
feat(arm): support FW handoff b/w BL1 & BL2
feat(handoff): add TL source files to BL1
feat(handoff): add TE's for BL1 handoff interface
refactor(bl1): clean up bl2 layout calculation
feat(arm): support FW handoff b/w BL2 & BL31

show more ...

refactor(bl1): clean up bl2 layout calculation

Layout calculation is spread out between core BL1 logic and common
platform code. Relocate these into common platform code so they are
organised logica

refactor(bl1): clean up bl2 layout calculation

Layout calculation is spread out between core BL1 logic and common
platform code. Relocate these into common platform code so they are
organised logically.

Change-Id: I8b05403e41b800957a0367316cecd373d10bb1a4
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>

show more ...

feat(console): introduce EARLY_CONSOLE

This is a generic porting of what was done on ST platforms with flag
STM32MP_EARLY_CONSOLE. It creates the flag and the prototype for
plat_setup_early_console(

feat(console): introduce EARLY_CONSOLE

This is a generic porting of what was done on ST platforms with flag
STM32MP_EARLY_CONSOLE. It creates the flag and the prototype for
plat_setup_early_console(). This function depends on platform
implementation. This function call is added at the beginning of each BL
image early setup function.
The patch also introduce an extra log macro: EARLY_ERROR. This can
replace ERROR macro in code that will only be executed before the
default console is enabled, and will do nothing when the EARLY_CONSOLE
is not enabled. This can then save some space in memory.

Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I77bf0a0c4289b4c7df94e4bfb783a938e05bf023

show more ...

docs: change all occurrences of RSS to RSE

Changes all occurrences of "RSS" and "rss" in the documentation
to "RSE" and "rse".

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Ia42078f5faa1d

docs: change all occurrences of RSS to RSE

Changes all occurrences of "RSS" and "rss" in the documentation
to "RSE" and "rse".

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Ia42078f5faa1db331b1e5a35f01faeaf1afacb5f

show more ...

Merge changes from topic "sb/remove-cryptocell" into integration

* changes:
chore(npcm845x): remove CryptoCell-712/713 support
chore(auth)!: remove CryptoCell-712/713 support

chore(auth)!: remove CryptoCell-712/713 support

CryptoCell-712 and CryptoCell-713 drivers have been deprecated since
TF-A v2.9 and their removal was announced for TF-A v2.10 release.
See [1].

As th

chore(auth)!: remove CryptoCell-712/713 support

CryptoCell-712 and CryptoCell-713 drivers have been deprecated since
TF-A v2.9 and their removal was announced for TF-A v2.10 release.
See [1].

As the release is approaching, this patch deletes these drivers' code as
well as all references to them in the documentation and Arm platforms
code (Nuvoton platform is taken care in a subsequent patch). Associated
build options (ARM_CRYPTOCELL_INTEG and PLAT_CRYPTOCELL_BASE) have also
been removed and thus will have no effect if defined.

This is a breaking change for downstream platforms which use these
drivers.

[1] https://trustedfirmware-a.readthedocs.io/en/v2.9/about/release-information.html#removal-of-deprecated-drivers
Note that TF-A v3.0 release later got renumbered into v2.10.

Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: Idabbc9115f6732ac1a0e52b273d3380677a39813

show more ...

Merge changes from topic "mp/exceptions" into integration

* changes:
docs(ras): update RAS documentation
docs(el3-runtime): update BL31 exception vector handling
fix(el3-runtime): restrict low

Merge changes from topic "mp/exceptions" into integration

* changes:
docs(ras): update RAS documentation
docs(el3-runtime): update BL31 exception vector handling
fix(el3-runtime): restrict lower el EA handlers in FFH mode
fix(ras): remove RAS_FFH_SUPPORT and introduce FFH_SUPPORT
fix(ras): restrict ENABLE_FEAT_RAS to have only two states
feat(ras): use FEAT_IESB for error synchronization
feat(el3-runtime): modify vector entry paths

show more ...

fix(ras): remove RAS_FFH_SUPPORT and introduce FFH_SUPPORT

This patch removes RAS_FFH_SUPPORT macro which is the combination of
ENABLE_FEAT_RAS and HANDLE_EA_EL3_FIRST_NS. Instead introduce an
inter

fix(ras): remove RAS_FFH_SUPPORT and introduce FFH_SUPPORT

This patch removes RAS_FFH_SUPPORT macro which is the combination of
ENABLE_FEAT_RAS and HANDLE_EA_EL3_FIRST_NS. Instead introduce an
internal macro FFH_SUPPORT which gets enabled when platforms wants
to enable lower EL EA handling at EL3. The internal macro FFH_SUPPORT
will be automatically enabled if HANDLE_EA_EL3_FIRST_NS is enabled.
FFH_SUPPORT along with ENABLE_FEAT_RAS will be used in source files
to provide equivalent check which was provided by RAS_FFH_SUPPORT
earlier. In generic code we needed a macro which could abstract both
HANDLE_EA_EL3_FIRST_NS and RAS_FFH_SUPPORT macros that had limitations.
Former was tied up with NS world only while the latter was tied to RAS
feature.

This is to allow Secure/Realm world to have their own FFH macros
in future.

Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ie5692ccbf462f5dcc3f005a5beea5aa35124ac73

show more ...

Merge "refactor(cpufeat): refactor arch feature build options" into integration

refactor(cpufeat): refactor arch feature build options

Current build infra defaults all cpufeats in defaults.mk and some
mandatory features are enabled in arch_features.mk and optional
arch features

refactor(cpufeat): refactor arch feature build options

Current build infra defaults all cpufeats in defaults.mk and some
mandatory features are enabled in arch_features.mk and optional
arch features are enabled in platform specific makefile.
This fragmentation is sometime confusing to figure out which feature
is tied to which ARCH_MAJOR.ARCH_MINOR.

So, consolidating and grouping them for tracking and enabling makes
more sense. With this change we consolidate all ARCH feature handling
within arch_features.mk and disable all optional features that need
to be enabled to platform makefile.

This is an ongoing series of effort to consolidate and going forward
platform makefile should just specify ARCH_MAJOR and ARCH MINOR and
all mandatory feature should be selected based on arch_features.mk
any optional feature needed by the platform support can be enabled
by platform makefile.

It also makes it easier for platform ports to look upto arch_features.mk
and enable any optional feature that platform may need which are
supported from TF-A.

Change-Id: I18764008856d81414256b6cbabdfa42a16b8040d
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

Merge changes I2c4e826f,I388e8dcd,I6fd20225 into integration

* changes:
chore(ethos-n): use non blocking soft reset on npu
docs(ethos-n): update build-options.rst
refactor(ethos-n): move build

Merge changes I2c4e826f,I388e8dcd,I6fd20225 into integration

* changes:
chore(ethos-n): use non blocking soft reset on npu
docs(ethos-n): update build-options.rst
refactor(ethos-n): move build flags to ethosn_npu.mk

show more ...

docs(ethos-n): update build-options.rst

Move documentation related to Arm(R) Ethos(TM)-N NPU driver from
docs/plat/arm/arm-build-options.rst to
docs/getting_started/build-options.rst.

Signed-off-by

docs(ethos-n): update build-options.rst

Move documentation related to Arm(R) Ethos(TM)-N NPU driver from
docs/plat/arm/arm-build-options.rst to
docs/getting_started/build-options.rst.

Signed-off-by: Rajasekaran Kalidoss <rajasekaran.kalidoss@arm.com>
Change-Id: I388e8dcd3950b11bc3305f5e6396ee2e49c04493

show more ...

Merge changes from topic "mb/mb-design" into integration

* changes:
docs: remove redundant Measured Boot interface info
docs: add Measured Boot design

docs: remove redundant Measured Boot interface info

A separate design document for Measured Boot covers the porting
guidelines for the Measured Boot interfaces. As a result,
the Measured Boot interf

docs: remove redundant Measured Boot interface info

A separate design document for Measured Boot covers the porting
guidelines for the Measured Boot interfaces. As a result,
the Measured Boot interfaces have been removed from the porting
guide and a link to the Measured Boot design document has been
provided.

Change-Id: Ia6bd2620d830aea6aececab4af7e10a6d737f025
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

Merge "docs: update PSCI reference" into integration

docs: update PSCI reference

PSCI specification reference in the documentation is updated
to point to latest specification and duplicate PSCI references are
removed.

Change-Id: I35ee365f08c557f3017a

docs: update PSCI reference

PSCI specification reference in the documentation is updated
to point to latest specification and duplicate PSCI references are
removed.

Change-Id: I35ee365f08c557f3017af4d51f6d063a7501b27e
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

Merge changes from topic "psci-osi" into integration

* changes:
fix(psci): add optional pwr_domain_validate_suspend to plat_psci_ops_t
fix(sc7280): update pwr_domain_suspend
fix(fvp): update p

Merge changes from topic "psci-osi" into integration

* changes:
fix(psci): add optional pwr_domain_validate_suspend to plat_psci_ops_t
fix(sc7280): update pwr_domain_suspend
fix(fvp): update pwr_domain_suspend

show more ...