Merge "docs(sdei): provide security guidelines when using SDEI" into integration

Merge "test(fvp): remove `FVP_Foundation` model support" into integration

docs(sdei): provide security guidelines when using SDEI

Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
Change-Id: I

docs(sdei): provide security guidelines when using SDEI

Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
Change-Id: Ic27bdc88186f6805adee2f452503856e213a4710

show more ...

docs(threat_model): mark power analysis threats out-of-scope

Exclude the threat of power analysis side-channel attacks
from consideration in the TF-A generic threat model.

Signed-off-by: Manish V B

docs(threat_model): mark power analysis threats out-of-scope

Exclude the threat of power analysis side-channel attacks
from consideration in the TF-A generic threat model.

Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I5b245f33609fe8948e473ce4484898db5ff8db4d

show more ...

docs: update FVP TC2 model version and build (11.23/17)

Update the FVP TC2 model version and build (11.23/17) to match
the version used for testing in TF-A OpenCI.

Signed-off-by: Manish V Badarkhe

docs: update FVP TC2 model version and build (11.23/17)

Update the FVP TC2 model version and build (11.23/17) to match
the version used for testing in TF-A OpenCI.

Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: Ic7411ee4863428b7dfbe43cf39abfc2269f3c3ae

show more ...

feat(mte): add mte2 feat

Add support for feat mte2. tfsr_el2 is available only with mte2,
however currently its context_save/restore is done with mte rather than
mte2, so introduce 'is_feat_mte2_sup

feat(mte): add mte2 feat

Add support for feat mte2. tfsr_el2 is available only with mte2,
however currently its context_save/restore is done with mte rather than
mte2, so introduce 'is_feat_mte2_supported' to check mte2.

Change-Id: I108d9989a8f5b4d1d2f3b9865a914056fa566cf2
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

test(fvp): remove `FVP_Foundation` model support

This model has been subsumed by the `FVP_Base` model, which is now
available publicly. We no longer have a need to test the Foundation
model, and can

test(fvp): remove `FVP_Foundation` model support

This model has been subsumed by the `FVP_Base` model, which is now
available publicly. We no longer have a need to test the Foundation
model, and can shave off a few minutes of CI time by removing it.

Change-Id: Iaa0f23f2efd9ba431d06c8da2be14b76f6974b0a
Signed-off-by: Chris Kay <chris.kay@arm.com>

show more ...

docs(auth): add more information about CoTs

Explain that platforms are free to define their own Chain of Trust (CoT)
based on their needs but default ones are provided in TF-A source code:
TBBR, dua

docs(auth): add more information about CoTs

Explain that platforms are free to define their own Chain of Trust (CoT)
based on their needs but default ones are provided in TF-A source code:
TBBR, dualroot and CCA.

Give a brief overview of the use case for each of these CoTs.

Simplified diagrams are also provided for the TBBR and dualroot CoTs -
CCA CoT is missing such a diagram right now, it should be provided as a
future improvement.

Also do some cosmetic changes along the way.

Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: I7c4014d4d12d852b0ae5632ba9c71a9ad266080a

show more ...

Merge "docs(auth): add missing AUTH_PARAM_NV_CTR value" into integration

Merge changes from topic "ja/spm_rme" into integration

* changes:
docs: change FVP argument in RME configuration
feat(fvp): added calls to unprotect/protect memory

Merge "docs: fix link to TBBR specification" into integration

Merge "fix(cpus): workaround for Cortex-A715 erratum 2561034" into integration

Merge "fix(rockchip): fix documentation in how build bl31 in AARCH64" into integration

docs: change FVP argument in RME configuration

In RME documentation use "bp.secure_memory=0" to disable TZC,
and avoid conflicts with SPM in 4-world configuration.

Signed-off-by: J-Alves <joao.alve

docs: change FVP argument in RME configuration

In RME documentation use "bp.secure_memory=0" to disable TZC,
and avoid conflicts with SPM in 4-world configuration.

Signed-off-by: J-Alves <joao.alves@arm.com>
Change-Id: I532bca8ab3bd3e6d4f18b5aa7e848c533e016f39

show more ...

fix(cpus): workaround for Cortex-A715 erratum 2561034

Cortex-A715 erratum 2561034 is a Cat B erratum that applies to
revision r1p0 and is fixed in r1p1.

The workaround is to set bit[26] in CPUACTLR

fix(cpus): workaround for Cortex-A715 erratum 2561034

Cortex-A715 erratum 2561034 is a Cat B erratum that applies to
revision r1p0 and is fixed in r1p1.

The workaround is to set bit[26] in CPUACTLR2_EL1. Setting this
bit is not expected to have a significant performance impact.

SDEN documentation:
https://developer.arm.com/documentation/SDEN2148827/latest

Change-Id: I377f250a2994b6ced3ac7d93f947af6ceb690d49
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>

show more ...

docs(auth): add missing AUTH_PARAM_NV_CTR value

Section "Describing the authentication method(s)" of the Authentication
Framework documentation shows the authentication parameters types
(auth_param_

docs(auth): add missing AUTH_PARAM_NV_CTR value

Section "Describing the authentication method(s)" of the Authentication
Framework documentation shows the authentication parameters types
(auth_param_type_t enum type) but is missing the AUTH_PARAM_NV_CTR
value. Add it.

Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: I7c9022badfb039bfa9f999ecee40f18b49e6764c

show more ...

docs: fix link to TBBR specification

The former link pointed to a page which displayed the following warning
message:

We could not find that page in the latest version, so we have taken
you to

docs: fix link to TBBR specification

The former link pointed to a page which displayed the following warning
message:

We could not find that page in the latest version, so we have taken
you to the first page instead

Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: Icf9277770e38bc5e602b75052c2386301984238d

show more ...

Merge "docs(contributing): various improvements" into integration

Merge "fix(cpus): workaround for Cortex X3 erratum 2641945" into integration

Merge "docs: import MISRA compliance spreadsheet" into integration

Merge changes from topic "plat_gpt_setup" into integration

* changes:
feat(arm): move GPT setup to common BL source
feat(arm): retrieve GPT related data from platform
refactor(arm): rename L0/

Merge changes from topic "plat_gpt_setup" into integration

* changes:
feat(arm): move GPT setup to common BL source
feat(arm): retrieve GPT related data from platform
refactor(arm): rename L0/L1 GPT base macros

show more ...

Merge "feat(cpufeat): add feature detection for FEAT_CSV2_3" into integration

docs(contributing): various improvements

- Warn contributors that they need to register their email address in
their Gerrit profile. Not doing so causes errors at patch submission
and is a re

docs(contributing): various improvements

- Warn contributors that they need to register their email address in
their Gerrit profile. Not doing so causes errors at patch submission
and is a recurrent question on the mailing list.

- Add some links where useful.

- Remove confusing CGit link to TF-A source code. In the context of
setting up a local copy of the repo for contributing patches,
developers should rather clone it through Gerrit and this is best
covered by the "Getting the TF-A Source" section of TF-A
documentation.

- Add references to the OpenCI documentation, which has a lot more
details on some of the topics we briefly cover in the contribution
guidelines.

- Encourage the user to use the 'git review' command for patch
submission, inline with OpenCI documentation instructions. This
automatically sorts out which Gerrit server to push to and against
which repo branch (thanks to the '.gitreview' configuration file in
TF-A root directory).

- Elaborate the Coverity Scan section.

Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: I1131662d8bc3502967b269a599869ea130897efb

show more ...

feat(cpufeat): add feature detection for FEAT_CSV2_3

This feature provides support to context save the
SCXTNUM_ELx register. FEAT_CSV2_3 implies the implementation
of FEAT_CSV2_2. FEAT_CSV2_3 is sup

feat(cpufeat): add feature detection for FEAT_CSV2_3

This feature provides support to context save the
SCXTNUM_ELx register. FEAT_CSV2_3 implies the implementation
of FEAT_CSV2_2. FEAT_CSV2_3 is supported in AArch64 state only
and is an optional feature in Arm v8.0 implementations.

This patch adds feature detection for v8.9 feature FEAT_CSV2_3,
adds macros for ID_AA64PFR0_EL1.CSV2 bits [59:56] for detecting
FEAT_CSV2_3 and macro for ENABLE_FEAT_CSV2_3.

Change-Id: Ida9f31e832b5f11bd89eebd6cc9f10ddad755c14
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>

show more ...

docs: import MISRA compliance spreadsheet

TF-A aims to comply with MISRA C:2012 Guidelines. We maintain a list of
all rules and directives and whether the project aims to comply with
them or not. A

docs: import MISRA compliance spreadsheet

TF-A aims to comply with MISRA C:2012 Guidelines. We maintain a list of
all rules and directives and whether the project aims to comply with
them or not. A rationale is given for each deviation.

This list used to be provided as an '.ods' spreadsheet file hosted on
developer.trustedfirmware.org. This raises the following issues:

- The list is not version-controlled under the same scheme as TF-A
source code. This could lead to synchronization issues between the
two.

- The file needs to be open in a separate program, which is not as
straightforward as reading it from TF-A documentation itself.

- developer.trustedfirmware.org is deprecated, thus the file cannot be
safely kept there for any longer.

To address these issues, convert the '.ods' file into a CSV (Comma
Separated Values) file, which we import into TF-A source tree itself.
Make use of Sphinx's ability to process and render CSV files as tables
to display that information directly into the Coding Guidelines
document.

Also make the following minor changes along the way:

- Remove dead link to MISRA C:2012 Guidelines page. Replace it with a
link to a Wikipedia page to give a bit of context to the reader.

- We no longer use Coverity for MISRA compliance checks. Instead, we
use ECLAIR nowadays. Reflect this in the document.

Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: I422fdd8246f4f9c2498c1be18115408a873b86ac

show more ...