Merge changes from topic "mb/deprecate-rss-for-fvp" into integration

* changes:
refactor(fvp): remove RSS usage
refactor(rss)!: remove PLAT_RSS_NOT_SUPPORTED build option

docs(changelog): changelog for v2.10 release

Added changelog for v2.10 release.

Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>

docs(changelog): changelog for v2.10 release

Added changelog for v2.10 release.

Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
Change-Id: Id06263047fcc1ec60e82f85cd09e2e4bc95830f5

show more ...

feat(security): add support for SLS mitigation

This patch enables support for the gcc compiler option "-mharden-sls",
the default is not to use this option. Setting HARDEN_SLS=1 sets
"-mharden-sls=a

feat(security): add support for SLS mitigation

This patch enables support for the gcc compiler option "-mharden-sls",
the default is not to use this option. Setting HARDEN_SLS=1 sets
"-mharden-sls=all" that enables all hardening against straight line
speculation.

Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: I59f5963c22431571f5aebe7e0c5642b32362f4c9

show more ...

fix(cpus): workaround for Neoverse V2 erratum 2662553

Neoverse V2 erratum 2662553 is a Cat B erratum that applies to all
revisions <= r0p1 and is fixed in r0p2.
The workaround is to set L2 TQ size s

fix(cpus): workaround for Neoverse V2 erratum 2662553

Neoverse V2 erratum 2662553 is a Cat B erratum that applies to all
revisions <= r0p1 and is fixed in r0p2.
The workaround is to set L2 TQ size statically to it's full size.

SDEN documentation:
https://developer.arm.com/documentation/SDEN-2332927/latest

Change-Id: I3bc43e7299c17db8a6771a547515ffb2a172fa0f
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>

show more ...

Merge "Revert "docs(changelog): changelog for v2.10 release"" into integration

Revert "docs(changelog): changelog for v2.10 release"

This reverts commit 0abbfab320344d4f2110e95d64863a3e82a51ec9.

Reason for revert: Changelog was based on rc0 tag but we got few more patches aft

Revert "docs(changelog): changelog for v2.10 release"

This reverts commit 0abbfab320344d4f2110e95d64863a3e82a51ec9.

Reason for revert: Changelog was based on rc0 tag but we got few more patches after that which were not captured.

Change-Id: I9829f2b6dc09f0bd5c538845cbae051f6e4c8a75

show more ...

Merge "docs(threat-model): add a threat model for TF-A with Arm CCA" into integration

Merge "refactor(tc): deprecate Arm TC1 FVP platform" into integration

fix(cpus): workaround for Cortex-A78C erratum 2743232

Cortex-A78C erratum 2743232 is a Cat B erratum that applies
to revisions r0p1 and r0p2 and is still open.
The workaround is to set CPUACTLR5_EL1

fix(cpus): workaround for Cortex-A78C erratum 2743232

Cortex-A78C erratum 2743232 is a Cat B erratum that applies
to revisions r0p1 and r0p2 and is still open.
The workaround is to set CPUACTLR5_EL1[56:55] to 2'b01.

SDEN Documentation:
https://developer.arm.com/documentation/SDEN-2004089/latest

Change-Id: Ic62579c2dd69b7a8cbbeaa936f45b2cc9436439a
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>

show more ...

fix(cpus): workaround for Neoverse V1 erratum 2348377

Neoverse V1 erratum 2348377 is a Cat B erratum that applies to
all revisions <= r1p1 and is fixed in r1p2. The workaround is to
set CPUACTLR5_EL

fix(cpus): workaround for Neoverse V1 erratum 2348377

Neoverse V1 erratum 2348377 is a Cat B erratum that applies to
all revisions <= r1p1 and is fixed in r1p2. The workaround is to
set CPUACTLR5_EL1[61] to 1.

SDEN documentation:
https://developer.arm.com/documentation/SDEN-1401781/latest

Change-Id: Ica402494f78811c85e56a262e1f60b09915168fe
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>

show more ...

fix(cpus): workaround for Cortex-X3 erratum 2779509

Cortex-X3 erratum 2779509 is a Cat B erratum that applies to
all revisions <= r1p1 and is fixed in r1p2. The workaround is
to set chicken bit CPUA

fix(cpus): workaround for Cortex-X3 erratum 2779509

Cortex-X3 erratum 2779509 is a Cat B erratum that applies to
all revisions <= r1p1 and is fixed in r1p2. The workaround is
to set chicken bit CPUACTLR3_EL1[47], this might have a small
impact on power and has negligible impact on performance.

SDEN documentation:
https://developer.arm.com/documentation/2055130/latest

Change-Id: Id92dbae6f1f313b133ffaa018fbf9c078da55d75
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>

show more ...

Merge "docs(changelog): changelog for v2.10 release" into integration

refactor(tc): deprecate Arm TC1 FVP platform

Arm has made the strategic decision to deprecate the TC1 platform.
Consequently, software development and the creation of fast models
for the TC1 platfor

refactor(tc): deprecate Arm TC1 FVP platform

Arm has made the strategic decision to deprecate the TC1 platform.
Consequently, software development and the creation of fast models
for the TC1 platform have been officially discontinued.
The TC1 platform, now considered obsolete, has been succeeded by
the TC2 platform. It's noteworthy that the TC2 platform is already
integrated and supported in both TF-A and CI repositories.

Change-Id: Ia196a5fc975b4dbf3c913333daf595199968d95d
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

docs(changelog): changelog for v2.10 release

Change-Id: I44b88c3232d099b85ff71ee14c4918c4f8180146
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>

Merge changes from topic "hm/rt-instr" into integration

* changes:
docs(juno): update PSCI instrumentation data
docs(n1sdp): update N1SDP PSCI instrumentation data

Merge "docs: add a section for experimental build options" into integration

Merge "docs(fvp): update model version documentation" into integration

docs: add a section for experimental build options

A number of features are marked experimental in the build system through
makefiles but there wasn't an explicit document to list them.
Added a dedi

docs: add a section for experimental build options

A number of features are marked experimental in the build system through
makefiles but there wasn't an explicit document to list them.
Added a dedicated experimental build options section and moved
existing experimental build option descriptions in this section.

Restoring the change from [1] removing the experimental flag on the EL3
SPMC (this has been lost in rebasing a later change).

[1] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/24713

Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I2c458c6857c347114b265404e8b9ede9ac588463

show more ...

Merge "fix(docs): update maintainers list" into integration

fix(docs): update maintainers list

As part of the release process, revisit the list of maintainers to
keep it updated.

Change-Id: Ifdbbe0d0dd1c8db3e5fbc84affcceb6d3c7716d4
Signed-off-by: Bipin Ravi

fix(docs): update maintainers list

As part of the release process, revisit the list of maintainers to
keep it updated.

Change-Id: Ifdbbe0d0dd1c8db3e5fbc84affcceb6d3c7716d4
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>

show more ...

docs(fvp): update model version documentation

This change updates the model versions that we claim to be testing with
to reflect what the reality in the CI.

Change-Id: Ieb44f3f21cd0ba7149d47f768869

docs(fvp): update model version documentation

This change updates the model versions that we claim to be testing with
to reflect what the reality in the CI.

Change-Id: Ieb44f3f21cd0ba7149d47f7688698831c9eab487
Signed-off-by: Chris Kay <chris.kay@arm.com>

show more ...

docs(juno): update PSCI instrumentation data

Change-Id: Iadbaf3d52c5e86f53b05c09e2decce3c089ab83c
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>

docs(n1sdp): update N1SDP PSCI instrumentation data

Change-Id: I11c747acfdd376668b44a116258ee75e8cba214d
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>

Merge changes from topic "od/hf-doc-migration" into integration

* changes:
docs(spm-mm): remove reference to SEL2 SPMC
docs: remove SEL2 SPMC threat model
docs: remove unused SPM related diagr

Merge changes from topic "od/hf-doc-migration" into integration

* changes:
docs(spm-mm): remove reference to SEL2 SPMC
docs: remove SEL2 SPMC threat model
docs: remove unused SPM related diagrams

show more ...

docs(threat-model): add a threat model for TF-A with Arm CCA

Arm Confidential Compute Architecture (Arm CCA) support, underpinned by
Arm Realm Management Extension (RME) support, brings in a few imp

docs(threat-model): add a threat model for TF-A with Arm CCA

Arm Confidential Compute Architecture (Arm CCA) support, underpinned by
Arm Realm Management Extension (RME) support, brings in a few important
software and hardware architectural changes in TF-A, which warrants a
new security analysis of the code base. Results of this analysis are
captured in a new threat model document, provided in this patch.

The main changes introduced in TF-A to support Arm CCA / RME are:

- Presence of a new threat agent: realm world clients.

- Availability of Arm CCA Hardware Enforced Security (HES) to support
measured boot and trusted boot.

- Configuration of the Granule Protection Tables (GPT) for
inter-world memory protection.

This is only an initial version of the threat model and we expect to
enrich it in the future.

Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Co-authored-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Iab84dc724df694511508f90dc76b6d469c4cccd5

show more ...