chore(docs): explain what the plat_amu_aux_enables array does

Change-Id: I90f1bcaa8bec133d3be81785aea11948208ca0a5
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>

feat(rmmd): add RMM_MECID_KEY_UPDATE call

With this addition, TF-A now has an SMC call to handle the
update of MEC keys associated to MECIDs.

The behavior of this newly added call is empty for now

feat(rmmd): add RMM_MECID_KEY_UPDATE call

With this addition, TF-A now has an SMC call to handle the
update of MEC keys associated to MECIDs.

The behavior of this newly added call is empty for now until an
implementation for the MPE (Memory Protection Engine) driver is
available. Only parameter sanitization has been implemented.

Signed-off-by: Tushar Khandelwal <tushar.khandelwal@arm.com>
Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
Change-Id: I2a969310b47e8c6da1817a79be0cd56158c6efc3

show more ...

feat(docs): update mboot threat model with dTPM

Add the discrete TPM to the TCG event log section of the measured boot
threat model. Include the example of a physical vurnerability that can
be used

feat(docs): update mboot threat model with dTPM

Add the discrete TPM to the TCG event log section of the measured boot
threat model. Include the example of a physical vurnerability that can
be used to compromise a dTPM.

Signed-off-by: Abhi Singh <abhi.singh@arm.com>
Change-Id: I2c06edf5e9031adc970c24426a8ae52b06efb614

show more ...

docs(tpm): add design documentation for dTPM

-documentation for Discrete TPM drivers.
-documentation for a proof of concept on rpi3;
Measured Boot using Discrete TPM.

Signed-off-by: Abhi Singh <ab

docs(tpm): add design documentation for dTPM

-documentation for Discrete TPM drivers.
-documentation for a proof of concept on rpi3;
Measured Boot using Discrete TPM.

Signed-off-by: Abhi Singh <abhi.singh@arm.com>
Change-Id: If8e7c14a1c0b9776af872104aceeff21a13bd821

show more ...

fix(errata): workaround for Cortex-A510 erratum 2971420

Cortex-A510 erratum 2971420 applies to revisions r0p1, r0p2, r0p3,
r1p0, r1p1, r1p2 and r1p3, and is still open.

Under some conditions, data

fix(errata): workaround for Cortex-A510 erratum 2971420

Cortex-A510 erratum 2971420 applies to revisions r0p1, r0p2, r0p3,
r1p0, r1p1, r1p2 and r1p3, and is still open.

Under some conditions, data might be corrupted if Trace Buffer
Extension (TRBE) is enabled. The workaround is to disable trace
collection via TRBE by programming MDCR_EL3.NSTB[1] to the opposite
value of SCR_EL3.NS on a security state switch. Since we only enable
TRBE for non-secure world, the workaround is to disable TRBE by
setting the NSTB field to 00 so accesses are trapped to EL3 and
secure state owns the buffer.

SDEN: https://developer.arm.com/documentation/SDEN-1873361/latest/

Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: Ia77051f6b64c726a8c50596c78f220d323ab7d97

show more ...

fix(cpus): workaround for Cortex-A715 erratum 2804830

Cortex-A715 erratum 2804830 applies to r0p0, r1p0, r1p1 and r1p2,
and is fixed in r1p3.

Under some conditions, writes of a 64B-aligned, 64B gra

fix(cpus): workaround for Cortex-A715 erratum 2804830

Cortex-A715 erratum 2804830 applies to r0p0, r1p0, r1p1 and r1p2,
and is fixed in r1p3.

Under some conditions, writes of a 64B-aligned, 64B granule of
memory might cause data corruption without this workaround. See SDEN
for details.

Since this workaround disables write streaming, it is expected to
have a significant performance impact for code that is heavily
reliant on write streaming, such as memcpy or memset.

SDEN: https://developer.arm.com/documentation/SDEN-2148827/latest/

Change-Id: Ia12f6c7de7c92f6ea4aec3057b228b828d48724c
Signed-off-by: John Powell <john.powell@arm.com>

show more ...

Merge "feat(rmmd): add FEAT_MEC support" into integration

feat(rmmd): add FEAT_MEC support

This patch provides architectural support for further use of
Memory Encryption Contexts (MEC) by declaring the necessary
registers, bits, masks, helpers and values a

feat(rmmd): add FEAT_MEC support

This patch provides architectural support for further use of
Memory Encryption Contexts (MEC) by declaring the necessary
registers, bits, masks, helpers and values and modifying the
necessary registers to enable FEAT_MEC.

Signed-off-by: Tushar Khandelwal <tushar.khandelwal@arm.com>
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
Change-Id: I670dbfcef46e131dcbf3a0b927467ebf6f438fa4

show more ...

build(poetry): install dependencies with `--no-root`

More recent versions of Poetry introduced the `package-mode` key to
configure whether the project should be used for dependency management
only,

build(poetry): install dependencies with `--no-root`

More recent versions of Poetry introduced the `package-mode` key to
configure whether the project should be used for dependency management
only, but this is incompatible with the earlier versions of Poetry that
we still support.

Instead, we rely on installing with the `--no-root` flag, which behaves
similarly. Installing without passing the `--no-root` flag is
deprecated, and in recent versions of Poetry has become a hard error.

This change ensures that the build system always installs dependencies
with the required flag.

Change-Id: Ic1543511314dcd20c00b73fd9e8cfae3dd034a41
Signed-off-by: Chris Kay <chris.kay@arm.com>

show more ...

Merge changes I0396b597,I326f920f,I0437eec8,Ieadf01fc,I4e1d8c24, ... into integration

* changes:
feat(fvp): set defaults for build commandline
docs(arm): enable Linux boot from fip as BL33
fea

Merge changes I0396b597,I326f920f,I0437eec8,Ieadf01fc,I4e1d8c24, ... into integration

* changes:
feat(fvp): set defaults for build commandline
docs(arm): enable Linux boot from fip as BL33
feat(arm): enable Linux boot from fip as BL33
docs(fvp): update fvp build time options
docs(arm): add initrd props to dtb at build time
feat(arm): add initrd props to dtb at build time

show more ...

Merge "docs(ras): document RAS considerations with powerdown" into integration

docs(psci): add a mention to the pwr_domain_pwr_down_wfi()

The function got renamed to pwr_domain_pwr_down() but have a reference
to it for anyone wondering where it went.

Change-Id: Ica5fa11b9f18a

docs(psci): add a mention to the pwr_domain_pwr_down_wfi()

The function got renamed to pwr_domain_pwr_down() but have a reference
to it for anyone wondering where it went.

Change-Id: Ica5fa11b9f18a7446c188e37b9f1d5508f4cf749
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>

show more ...

docs(arm): enable Linux boot from fip as BL33

Document additional functionality of TF-A to package the Linux kernel in
the fip image as a BL33 and boot it. A ramdisk is used as a file system.
The ra

docs(arm): enable Linux boot from fip as BL33

Document additional functionality of TF-A to package the Linux kernel in
the fip image as a BL33 and boot it. A ramdisk is used as a file system.
The ramdisk properties are injected in to the device tree at build time.

Change-Id: I326f920fdac4bd20572f6f0da07d012def114274
Signed-off-by: Salman Nabi <salman.nabi@arm.com>

show more ...

docs(fvp): update fvp build time options

Add new fvp specific build time options. Specifically the below:

- INITRD_SIZE
- INITRD_PATH
- INITRD_BASE

Change-Id: Ieadf01fce7a0a0a8e9e7582d7b7e371b2472

docs(fvp): update fvp build time options

Add new fvp specific build time options. Specifically the below:

- INITRD_SIZE
- INITRD_PATH
- INITRD_BASE

Change-Id: Ieadf01fce7a0a0a8e9e7582d7b7e371b247207c2
Signed-off-by: Salman Nabi <salman.nabi@arm.com>

show more ...

docs(arm): add initrd props to dtb at build time

Document the ability of the FVP platform to boot a Linux Kernel as a
preloaded image. A preloaded Linux Kernel can be booted in a normal
flow as well

docs(arm): add initrd props to dtb at build time

Document the ability of the FVP platform to boot a Linux Kernel as a
preloaded image. A preloaded Linux Kernel can be booted in a normal
flow as well as in RESET_TO_BL31. This is made possible by updating
the device tree with initrd properties at build time.

Change-Id: I4e1d8c24f82510d21b2afa06b429a18da4d623bd
Signed-off-by: Salman Nabi <salman.nabi@arm.com>

show more ...

Merge "refactor(memmap): migrate to Poetry" into integration

docs(maintainers): update Sumit Garg's email address

Update Sumit Garg's email address to @kernel.org.

Change-Id: I405ce9b0f59643dd7cb05d69ceadd15dcd536eef
Signed-off-by: Sumit Garg <sumit.garg@lin

docs(maintainers): update Sumit Garg's email address

Update Sumit Garg's email address to @kernel.org.

Change-Id: I405ce9b0f59643dd7cb05d69ceadd15dcd536eef
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>

show more ...

refactor(memmap): migrate to Poetry

This change refactors the memmap tool into a Poetry project, with its
own dependencies. You can continue to run it manually with:

poetry run memory <args>

C

refactor(memmap): migrate to Poetry

This change refactors the memmap tool into a Poetry project, with its
own dependencies. You can continue to run it manually with:

poetry run memory <args>

Change-Id: I346283df1b8bfad4babc1f5a3861dab94d4a006a
Signed-off-by: Chris Kay <chris.kay@arm.com>

show more ...

feat(drtm): introduce plat API for DLME authentication features

This patch introduces a platform-specific function to provide DLME
authentication features. While no platforms currently support DLME

feat(drtm): introduce plat API for DLME authentication features

This patch introduces a platform-specific function to provide DLME
authentication features. While no platforms currently support DLME
authentication, this change offers a structured way for platforms
to define and expose their DLME authentication features, with the
flexibility to extend support in the future if needed.

Change-Id: Ia708914477c4d8cfee4809a9daade9a3e91ed073
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

feat(drtm): add platform API to retrieve ACPI tables region size

Introduces a platform-specific API to retrieve the ACPI table
region size. This will be used in a subsequent patch to specify
the min

feat(drtm): add platform API to retrieve ACPI tables region size

Introduces a platform-specific API to retrieve the ACPI table
region size. This will be used in a subsequent patch to specify
the minimum DLME size requirement for the DCE preamble.

Change-Id: I44ce9241733b22fea3cbce9d42f1c2cc5ef20852
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

docs(fvp): update FVP versions used

Patch series:
https://review.trustedfirmware.org/q/topic:%22gr/fvp_11_28_23%22

Migrated FVP's to use version 11.28.23 and also removed some model
testing that ar

docs(fvp): update FVP versions used

Patch series:
https://review.trustedfirmware.org/q/topic:%22gr/fvp_11_28_23%22

Migrated FVP's to use version 11.28.23 and also removed some model
testing that are now no more available or not working with newer model
configuration.

Change-Id: I58c5406ff49ad4c537391c61259d71d9610e875a
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

Merge "feat(rk3576): support rk3576" into integration

perf(cm): drop ZCR_EL3 saving and some ISBs and replace them with root context

SVE and SME aren't enabled symmetrically for all worlds, but EL3 needs
to context switch them nonetheless. Previously,

perf(cm): drop ZCR_EL3 saving and some ISBs and replace them with root context

SVE and SME aren't enabled symmetrically for all worlds, but EL3 needs
to context switch them nonetheless. Previously, this had to happen by
writing the enable bits just before reading/writing the relevant
context. But since the introduction of root context, this need not be
the case. We can have these enables always be present for EL3 and save
on some work (and ISBs!) on every context switch.

We can also hoist ZCR_EL3 to a never changing register, as we set its
value to be identical for every world, which happens to be the one we
want for EL3 too.

Change-Id: I3d950e72049a298008205ba32f230d5a5c02f8b0
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>

show more ...

perf(amu): greatly simplify AMU context management

The current code is incredibly resilient to updates to the spec and
has worked quite well so far. However, recent implementations expose a
weakness

perf(amu): greatly simplify AMU context management

The current code is incredibly resilient to updates to the spec and
has worked quite well so far. However, recent implementations expose a
weakness in that this is rather slow. A large part of it is written in
assembly, making it opaque to the compiler for optimisations. The
future proofness requires reading registers that are effectively
`volatile`, making it even harder for the compiler, as well as adding
lots of implicit barriers, making it hard for the microarchitecutre to
optimise as well.

We can make a few assumptions, checked by a few well placed asserts, and
remove a lot of this burden. For a start, at the moment there are 4
group 0 counters with static assignments. Contexting them is a trivial
affair that doesn't need a loop. Similarly, there can only be up to 16
group 1 counters. Contexting them is a bit harder, but we can do with a
single branch with a falling through switch. If/when both of these
change, we have a pair of asserts and the feature detection mechanism to
guard us against pretending that we support something we don't.

We can drop contexting of the offset registers. They are fully
accessible by EL2 and as such are its responsibility to preserve on
powerdown.

Another small thing we can do, is pass the core_pos into the hook.
The caller already knows which core we're running on, we don't need to
call this non-trivial function again.

Finally, knowing this, we don't really need the auxiliary AMUs to be
described by the device tree. Linux doesn't care at the moment, and any
information we need for EL3 can be neatly placed in a simple array.

All of this, combined with lifting the actual saving out of assembly,
reduces the instructions to save the context from 180 to 40, including a
lot fewer branches. The code is also much shorter and easier to read.

Also propagate to aarch32 so that the two don't diverge too much.

Change-Id: Ib62e6e9ba5be7fb9fb8965c8eee148d5598a5361
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>

show more ...

perf(mpmm): greatly simplify MPMM enablement

MPMM is a core-specific microarchitectural feature. It has been present
in every Arm core since the Cortex-A510 and has been implemented in
exactly the s

perf(mpmm): greatly simplify MPMM enablement

MPMM is a core-specific microarchitectural feature. It has been present
in every Arm core since the Cortex-A510 and has been implemented in
exactly the same way. Despite that, it is enabled more like an
architectural feature with a top level enable flag. This utilised the
identical implementation.

This duality has left MPMM in an awkward place, where its enablement
should be generic, like an architectural feature, but since it is not,
it should also be core-specific if it ever changes. One choice to do
this has been through the device tree.

This has worked just fine so far, however, recent implementations expose
a weakness in that this is rather slow - the device tree has to be read,
there's a long call stack of functions with many branches, and system
registers are read. In the hot path of PSCI CPU powerdown, this has a
significant and measurable impact. Besides it being a rather large
amount of code that is difficult to understand.

Since MPMM is a microarchitectural feature, its correct placement is in
the reset function. The essence of the current enablement is to write
CPUPPMCR_EL3.MPMM_EN if CPUPPMCR_EL3.MPMMPINCTL == 0. Replacing the C
enablement with an assembly macro in each CPU's reset function achieves
the same effect with just a single close branch and a grand total of 6
instructions (versus the old 2 branches and 32 instructions).

Having done this, the device tree entry becomes redundant. Should a core
that doesn't support MPMM arise, this can cleanly be handled in the
reset function. As such, the whole ENABLE_MPMM_FCONF and platform hooks
mechanisms become obsolete and are removed.

Change-Id: I1d0475b21a1625bb3519f513ba109284f973ffdf
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>

show more ...