fix(cpus): workaround for Cortex-A78 erratum 2772019

Cortex-A78 erratum 2772019 is a Cat B erratum that applies to
all revisions <=r1p2 and is still open. The workaround is to
insert a dsb before th

fix(cpus): workaround for Cortex-A78 erratum 2772019

Cortex-A78 erratum 2772019 is a Cat B erratum that applies to
all revisions <=r1p2 and is still open. The workaround is to
insert a dsb before the isb in the power down sequence.

SDEN documentation:
https://developer.arm.com/documentation/SDEN1401784/latest

Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: I0362da463eca777aa7a385bcdeb39b8549799f02

show more ...

fix(cpus): workaround for Neoverse V1 erratum 2743093

Neoverse V1 erratum 2743093 is a Cat B erratum that applies to
all revisions <=r1p2 and is still open. The workaround is to
insert a dsb before

fix(cpus): workaround for Neoverse V1 erratum 2743093

Neoverse V1 erratum 2743093 is a Cat B erratum that applies to
all revisions <=r1p2 and is still open. The workaround is to
insert a dsb before the isb in the power down sequence.

SDEN documentation:
https://developer.arm.com/documentation/SDEN1401781/latest

Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: I8ee7c16c14c4fd6ee35d20c855273ecfce0d1b32

show more ...

docs: deprecate io_dummy driver

This drivers was only used by one upstream platform: STM32MP1 but only
when enabling the flag STM32MP_USE_STM32IMAGE. This flag and the
corresponding code is now remo

docs: deprecate io_dummy driver

This drivers was only used by one upstream platform: STM32MP1 but only
when enabling the flag STM32MP_USE_STM32IMAGE. This flag and the
corresponding code is now removed from TF-A. The driver can then be
set to deprecated. It will be removed after v2.9 tag.

Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: Ib8242a7291c7011d7f96a6a83609ec1996dce520

show more ...

Merge changes from topic "qemu_sel2" into integration

* changes:
docs(build): describes the SPMC_OPTEE build option
feat(qemu): support el3 spmc
feat(el3-spmc): make platform logical partition

Merge changes from topic "qemu_sel2" into integration

* changes:
docs(build): describes the SPMC_OPTEE build option
feat(qemu): support el3 spmc
feat(el3-spmc): make platform logical partition optional
feat(qemu): support s-el2 spmc
feat(qemu): update abi between spmd and spmc
fix(sptool): add dependency to SP image

show more ...

Merge changes Ib02688f7,If17fe04d into integration

* changes:
fix(cpus): workaround for Cortex-X2 erratum 2768515
fix(cpus): workaround for Cortex-A710 erratum 2768515

docs(build): describes the SPMC_OPTEE build option

Explains that the SPMC_OPTEE build option is used to load the SPMC at
S-EL1 using an OP-TEE specific mechanism.

Signed-off-by: Jens Wiklander <jen

docs(build): describes the SPMC_OPTEE build option

Explains that the SPMC_OPTEE build option is used to load the SPMC at
S-EL1 using an OP-TEE specific mechanism.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Change-Id: I71757d2d9ac98caf0ac6d8e64b221adaa0f70846

show more ...

Merge changes from topic "full_dev_rsa_key" into integration

* changes:
docs(arm): add ARM_ROTPK_LOCATION variant full key
feat(arm): add ARM_ROTPK_LOCATION variant full key

docs: describe the new warning levels

When -Wextra was added, the warning levels changed their meaning. Add a
description in the build option section and leave the security hardening
section as most

docs: describe the new warning levels

When -Wextra was added, the warning levels changed their meaning. Add a
description in the build option section and leave the security hardening
section as mostly a pointer to it.

Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Iabf2f598d0bf3e865c9b991c5d44d2acb9572bd5

show more ...

docs(arm): add ARM_ROTPK_LOCATION variant full key

Updating documentation to reflect the new ARM_ROTPK_LOCATION variant of
the full ROTPK, as opposed to the hash of it.

Change-Id: I0f83c519bd607ef1

docs(arm): add ARM_ROTPK_LOCATION variant full key

Updating documentation to reflect the new ARM_ROTPK_LOCATION variant of
the full ROTPK, as opposed to the hash of it.

Change-Id: I0f83c519bd607ef1270c7d30ee9bc55451ce4ae2
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>

show more ...

docs: add threat model for AP-RSS interface

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Ic818da12584503e1a96396c4b55a8db14ae7584a

Merge "fix(rmmd): add missing padding to RMM Boot Manifest and initialize it" into integration

Merge "docs: extend generic tf-a threat model" into integration

fix(cpus): workaround for Cortex-X2 erratum 2768515

Cortex-X2 erratum 2768515 is a Cat B erratum that applies to
all revisions <=r2p1 and is still open. The workaround is to
insert a dsb before the

fix(cpus): workaround for Cortex-X2 erratum 2768515

Cortex-X2 erratum 2768515 is a Cat B erratum that applies to
all revisions <=r2p1 and is still open. The workaround is to
insert a dsb before the isb in the power down sequence.

SDEN documentation:
https://developer.arm.com/documentation/SDEN1775100/latest

Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: Ib02688f7b6dc7f6ec305e68e8895174f6fd577a0

show more ...

fix(cpus): workaround for Cortex-A710 erratum 2768515

Cortex-A710 erratum 2768515 is a Cat B erratum that applies to
all revisions <=r2p1 and is still open. The workaround is to
insert a dsb before

fix(cpus): workaround for Cortex-A710 erratum 2768515

Cortex-A710 erratum 2768515 is a Cat B erratum that applies to
all revisions <=r2p1 and is still open. The workaround is to
insert a dsb before the isb in the power down sequence.

SDEN documentation:
https://developer.arm.com/documentation/SDEN1775101/latest

Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: If17fe04d3fda0dba6b8aabdd837a1c53e1830ed5

show more ...

fix(rmmd): add missing padding to RMM Boot Manifest and initialize it

This patch also:
* Enforces the check of RES0 fields on EL3-RMM boot interface
and manifest
* Fixes a couple of

fix(rmmd): add missing padding to RMM Boot Manifest and initialize it

This patch also:
* Enforces the check of RES0 fields on EL3-RMM boot interface
and manifest
* Fixes a couple of nits on the EL3-RMM Boot Interface
documentation.

Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Change-Id: Idb9e38f9fcda2ba0655646a1e2c4fdbabd5cdc40

show more ...

Merge "feat(rmm): add support for the 2nd DRAM bank" into integration

feat(rmm): add support for the 2nd DRAM bank

This patch adds support for RMM granules allocation
in FVP 2nd DRAM 2GB bank at 0x880000000 base address.
For ENABLE_RME = 1 case it also removes "mem=1G

feat(rmm): add support for the 2nd DRAM bank

This patch adds support for RMM granules allocation
in FVP 2nd DRAM 2GB bank at 0x880000000 base address.
For ENABLE_RME = 1 case it also removes "mem=1G"
Linux kernel command line option in fvp-base-psci-common.dsti
to allow memory layout discovery from the FVP device tree.
FVP parameter 'bp.dram_size' - size of main memory in gigabytes
documented in docs/components/realm-management-extension.rst
is changed from 2 to 4.

Signed-off-by: AlexeiFedorov <Alexei.Fedorov@arm.com>
Change-Id: I174da4416ad5a8d41bf0ac89f356dba7c0cd3fe7

show more ...

docs(porting-guide): update a reference

The BL31 part has been there forever and the PSCI reference is neither
at section 3.3 or directly below. Update this to locate the section more
easily.

Signe

docs(porting-guide): update a reference

The BL31 part has been there forever and the PSCI reference is neither
at section 3.3 or directly below. Update this to locate the section more
easily.

Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: I9a86e4ef13d1ac5da743917493f63ddd7690e087

show more ...

docs: extend generic tf-a threat model

Adding a new threat which is about leaving
sensitive information in internal buffers
which could be stolen by an attacker.

Signed-off-by: Tamas Ban <tamas.ban

docs: extend generic tf-a threat model

Adding a new threat which is about leaving
sensitive information in internal buffers
which could be stolen by an attacker.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I737e802c0adc9b00c89a0e21779745c51afb4b17

show more ...

Merge "build: restrict usage of CTX_INCLUDE_EL2_REGS" into integration

build: restrict usage of CTX_INCLUDE_EL2_REGS

CTX_INCLUDE_EL2_REGS is used to save/restore EL2 registers and
it should be only used when there is SPMD or RME enabled.

Make CTX_INCLUDE_EL2_REGS an i

build: restrict usage of CTX_INCLUDE_EL2_REGS

CTX_INCLUDE_EL2_REGS is used to save/restore EL2 registers and
it should be only used when there is SPMD or RME enabled.

Make CTX_INCLUDE_EL2_REGS an internal macro and remove
from documentation.

Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Change-Id: I6a70edfd88163423ff0482de094601cf794246d6

show more ...

Merge "fix(cpus): workaround for Cortex-X3 erratum 2615812" into integration

fix(docs): deprecate plat_convert_pk() in v2.9

The deprecation was tagged "Next release after 2.8". Now there is a 2.9
planned, directly use this version.

Signed-off-by: Yann Gautier <yann.gautier@

fix(docs): deprecate plat_convert_pk() in v2.9

The deprecation was tagged "Next release after 2.8". Now there is a 2.9
planned, directly use this version.

Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I0727eebc4a3800dafafc4166b0c2c40a12c90b4b

show more ...

Merge "docs(spm): update threat model" into integration

Merge "docs(qemu): document steps to run in OpenCI" into integration