Merge "chore: update status of Cortex-X3 erratum 2615812" into integration

Merge "fix(cpus): workaround for Cortex-A720 erratum 2940794" into integration

Merge changes from topic "st_docs_update" into integration

* changes:
docs(st): set OP-TEE as default BL32
docs(st): one device flag for ST platforms

chore: update status of Cortex-X3 erratum 2615812

SDEN documentation:
https://developer.arm.com/documentation/2055130/latest

Change-Id: Ied7150bab505a743401cf4afa9a0a5f81d5fdff1
Signed-off-by: Sona

chore: update status of Cortex-X3 erratum 2615812

SDEN documentation:
https://developer.arm.com/documentation/2055130/latest

Change-Id: Ied7150bab505a743401cf4afa9a0a5f81d5fdff1
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>

show more ...

fix(cpus): workaround for Cortex-A720 erratum 2940794

Cortex-A720 erratum 2940794 is a Cat B erratum that is present
in revision r0p0, r0p1 and is fixed in r0p2.

The workaround is to set bit[37] of

fix(cpus): workaround for Cortex-A720 erratum 2940794

Cortex-A720 erratum 2940794 is a Cat B erratum that is present
in revision r0p0, r0p1 and is fixed in r0p2.

The workaround is to set bit[37] of the CPUACTLR2_EL1 to 1.

SDEN documentation:
https://developer.arm.com/documentation/SDEN2439421/latest

Change-Id: I1488802e0ec7c16349c9633bb45de4d0e1faa9ad
Signed-off-by: Bipin Ravi <biprav01@u203721.austin.arm.com>

show more ...

docs(threat_model): cover the 'timing' side channel threat

Incorporate a timing side-channel attack into the TF-A generic
threat model. There is no software mitigation measures in TF-A
against this

docs(threat_model): cover the 'timing' side channel threat

Incorporate a timing side-channel attack into the TF-A generic
threat model. There is no software mitigation measures in TF-A
against this specific type of attack.

Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I10e53f8ed85a6da32de4fa6a210805f950018102

show more ...

docs(st): set OP-TEE as default BL32

Recommend OP-TEE as the default BL32 for STMicroelectronics platforms.
SP_MIN is no more supported in STMicroelectronics software [1].
It will then no more recei

docs(st): set OP-TEE as default BL32

Recommend OP-TEE as the default BL32 for STMicroelectronics platforms.
SP_MIN is no more supported in STMicroelectronics software [1].
It will then no more receive new features, but should still remain
as it is in the TF-A code.

[1]: https://wiki.st.com/stm32mpu/wiki/STM32_MPU_OpenSTLinux_release_note_-_v5.0.0#TF-A

Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: Ic49338dbba3fdcebcb1e477e6a1dbde32783482b

show more ...

docs(st): one device flag for ST platforms

Due to embedded SRAM used to load BL2 and BL31 or BL32 has a limited
size, only one storage device or serial device flag should be selected
in TF-A build c

docs(st): one device flag for ST platforms

Due to embedded SRAM used to load BL2 and BL31 or BL32 has a limited
size, only one storage device or serial device flag should be selected
in TF-A build command line for ST platforms.
This is in line with STMicroelectionics recommendation [1] about those
compilation flags.

[1]: https://wiki.st.com/stm32mpu/wiki/How_to_configure_TF-A_BL2#Build_command_details

Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I6f6ab17d45d00289989a606d15c143e5710c64ce

show more ...

Merge "refactor(mbedtls): remove mbedtls 2.x support" into integration

refactor(mbedtls): remove mbedtls 2.x support

Deprecation notice was sent to the community and no objection was
raised, so removing mbedtls 2.x support.

Change-Id: Id3eb98b55692df98aabe6a7c5a5ec910

refactor(mbedtls): remove mbedtls 2.x support

Deprecation notice was sent to the community and no objection was
raised, so removing mbedtls 2.x support.

Change-Id: Id3eb98b55692df98aabe6a7c5a5ec910222c8abd
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>

show more ...

docs(maintainers): add missing ST files

The files under tools/fiptool/plat_fiptool/st/ directory were not listed
as files maintained by STMicroelectronics.

Signed-off-by: Yann Gautier <yann.gautier

docs(maintainers): add missing ST files

The files under tools/fiptool/plat_fiptool/st/ directory were not listed
as files maintained by STMicroelectronics.

Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I4120368253447d4dadc4ce4b6957ffbe6310da86

show more ...

docs(maintainers): add Maxime as co-maintainer for ST platforms

Add Maxime Méré as a co-maintainer for STMicroelectronics platforms.

Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I05

docs(maintainers): add Maxime as co-maintainer for ST platforms

Add Maxime Méré as a co-maintainer for STMicroelectronics platforms.

Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I05dda2049000d99f0e482492ec43d02ad1d5d0c8

show more ...

docs(maintainers): update ST platform ports title

STM32MP1 is no more the only product to be supported in TF-A with the
new STM32MP2. Change "STM32MP1 platform port" to "STMicroelectronics
platform

docs(maintainers): update ST platform ports title

STM32MP1 is no more the only product to be supported in TF-A with the
new STM32MP2. Change "STM32MP1 platform port" to "STMicroelectronics
platform ports" to better reflect this.

Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I30b1fd4310d38092e3e815cb635b474fc84bdc30

show more ...

docs(maintainers): sort github aliases

The aliases for github were added either by alphabetical order or at the
end of list. Sort them alphabetically with Linux sort tool, regardless
of uppercase/lo

docs(maintainers): sort github aliases

The aliases for github were added either by alphabetical order or at the
end of list. Sort them alphabetically with Linux sort tool, regardless
of uppercase/lowercase letters.

Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: Ia247e102ab5fb0f7b8b6de76f23a869cc3f83d2c

show more ...

fix(cpus): workaround for Cortex-A715 erratum 2413290

Cortex-A715 erratum 2413290 is a Cat B erratum that is present
only in revision r1p0 and is fixed in r1p1. The errata is only
present when SPE(S

fix(cpus): workaround for Cortex-A715 erratum 2413290

Cortex-A715 erratum 2413290 is a Cat B erratum that is present
only in revision r1p0 and is fixed in r1p1. The errata is only
present when SPE(Statistical Profiling Extension) is enabled.

The workaround is to set bits[58:57] of the CPUACTLR_EL1 to 'b11
when SPE is enabled, ENABLE_SPE_FOR_NS=1.

SDEN documentation:
https://developer.arm.com/documentation/SDEN2148827/latest

Change-Id: Iaeb258c8b0a92e93d70b7dad6ba59d1056aeb135
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>

show more ...

docs: remove entries of the deleted platforms

Remove the details of the platforms from the 'deprecated
platforms' table those are already deleted.
This is in-sync with other depreaction tables [1] w

docs: remove entries of the deleted platforms

Remove the details of the platforms from the 'deprecated
platforms' table those are already deleted.
This is in-sync with other depreaction tables [1] which
only has deprecation entries and not deleted entries.

[1]: https://trustedfirmware-a.readthedocs.io/en/latest/about/release-information.html#removal-of-deprecated-interfaces

Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: If8c8e4ba4e7fa88ea83632202d17c7d35cdc200a

show more ...

feat(rpi): add Raspberry Pi 5 support

The Raspberry Pi 5 is a single-board computer based on BCM2712 that
contains four Arm Cortex-A76 cores.

This change introduces minimal BL31 support with PSCI t

feat(rpi): add Raspberry Pi 5 support

The Raspberry Pi 5 is a single-board computer based on BCM2712 that
contains four Arm Cortex-A76 cores.

This change introduces minimal BL31 support with PSCI that has been
validated to boot Linux and a private EDK2 build.

It's a drop-in replacement for the custom TF-A armstub now included in
the EEPROM images.

Change-Id: Id72a0370f54e71ac97c3daa1bacedacb7dec148f
Signed-off-by: Mario Bălănică <mariobalanica02@gmail.com>

show more ...

docs: add documentation for `entry_point_info`

Change-Id: I20b5f2cf70bfff09126f3c0645f40d3e410a4c70
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>

Merge changes from topic "xlnx_smc_doc" into integration

* changes:
docs(versal-net): update SMC convention
docs(versal): update SMC convention
docs(zynqmp): update SMC convention

Merge changes from topic "DPE" into integration

* changes:
feat(tc): group components into certificates
feat(dice): add cert_id argument to dpe_derive_context()
refactor(sds): modify log level

Merge changes from topic "DPE" into integration

* changes:
feat(tc): group components into certificates
feat(dice): add cert_id argument to dpe_derive_context()
refactor(sds): modify log level for region validity
feat(tc): add dummy TRNG support to be able to boot pVMs
feat(tc): get the parent component provided DPE context_handle
feat(tc): share DPE context handle with child component
feat(tc): add DPE context handle node to device tree
feat(tc): add DPE backend to the measured boot framework
feat(auth): add explicit entries for key OIDs
feat(dice): add DPE driver to measured boot
feat(dice): add client API for DICE Protection Environment
feat(dice): add QCBOR library as a dependency of DPE
feat(dice): add typedefs from the Open DICE repo
docs(changelog): add 'dice' scope
refactor(tc): align image identifier string macros
refactor(fvp): align image identifier string macros
refactor(imx8m): align image identifier string macros
refactor(qemu): align image identifier string macros
fix(measured-boot): add missing image identifier string
refactor(measured-boot): move metadata size macros to a common header
refactor(measured-boot): move image identifier strings to a common header

show more ...

Merge "fix(cpus): workaround for Cortex-A715 erratum 2344187" into integration

fix(cpus): workaround for Cortex-A715 erratum 2344187

Cortex-A715 erratum 2344187 is a Cat B erratum that applies to r0p0,
r1p0 and is fixed in r1p1. The workaround is to set GCR_EL1.RRND to
0b1, an

fix(cpus): workaround for Cortex-A715 erratum 2344187

Cortex-A715 erratum 2344187 is a Cat B erratum that applies to r0p0,
r1p0 and is fixed in r1p1. The workaround is to set GCR_EL1.RRND to
0b1, and apply an implementation specific patch sequence.

SDEN: https://developer.arm.com/documentation/SDEN2148827/latest

Change-Id: I78ea39a91254765c964bff89f771af33b23f29c1
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>

show more ...

fix(cpus): workaround for Cortex-X4 erratum 2701112

Cortex-X4 erratum 2701112 is cat B erratum that applies to
revision r0p0 and is fixed in r0p1. This erratum affects
system configurations that do

fix(cpus): workaround for Cortex-X4 erratum 2701112

Cortex-X4 erratum 2701112 is cat B erratum that applies to
revision r0p0 and is fixed in r0p1. This erratum affects
system configurations that do not use an Arm interconnect IP.

The workaround for this erratum is not implemented in EL3.
The erratum can be enabled/disabled on a platform level.
The flag is used when the errata ABI feature is enabled and can
assist the Kernel in the process of mitigation of the erratum.

SDEN Documentation:
https://developer.arm.com/documentation/SDEN2432808/latest

Change-Id: I8ede1ee75b0ea1658369a0646d8af91d44a8759b
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>

show more ...

Merge changes from topic "errata" into integration

* changes:
fix(cpus): workaround for Cortex-A715 erratum 2331818
fix(cpus): workaround for Cortex-A715 erratum 2420947

Merge "fix(gic600): workaround for Part 1 of GIC600 erratum 2384374" into integration