docs: mark PSA_CRYPTO as an experimental feature

Updated the documentation to mark PSA_CRYPTO as an experimental
feature.

Change-Id: I894b687d6727fe7f80df54e6b08937e171f459b6
Signed-off-by: Manish

docs: mark PSA_CRYPTO as an experimental feature

Updated the documentation to mark PSA_CRYPTO as an experimental
feature.

Change-Id: I894b687d6727fe7f80df54e6b08937e171f459b6
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

fix(mpam): refine MPAM initialization and enablement process

Restricts MPAM to only NS world and enables trap to EL3 for access of
MPAM registers from lower ELs of Secure and Realm world.

This patc

fix(mpam): refine MPAM initialization and enablement process

Restricts MPAM to only NS world and enables trap to EL3 for access of
MPAM registers from lower ELs of Secure and Realm world.

This patch removes MPAM enablement from global context and adds it to
EL3 State context which enables/disables MPAM during world switches.
Renamed ENABLE_MPAM_FOR_LOWER_ELS to ENABLE_FEAT_MPAM and
removed mpam_init_el3() as RESET behaviour is trapping.

Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I131f9dba5df236a71959b2d425ee11af7f3c38c4

show more ...

Merge changes from topic "st_remove_shm" into integration

* changes:
docs(stm32mp15): mark STM32MP15_OPTEE_RSV_SHM deprecated
feat(stm32mp15): disable OP-TEE shared memory

fix(cpus): workaround for Cortex-A510 erratum 2080326

Cortex-A510 erratum 2080326 is a Cat B erratum that applies
to all revisions <= r0p2 and is fixed in r0p3.
The workaround sequence helps perform

fix(cpus): workaround for Cortex-A510 erratum 2080326

Cortex-A510 erratum 2080326 is a Cat B erratum that applies
to all revisions <= r0p2 and is fixed in r0p3.
The workaround sequence helps perform a DSB after each TLBI
instruction and can be applied only for version r0p2 and has
minimal performance impact.
The workaround is not applicable for versions < r0p2.

SDEN documentation:
https://developer.arm.com/documentation/SDEN1873361/latest

Change-Id: Ib9bce8b711c25a79f7b2f891ae6f8b366fc80ddd
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>

show more ...

fix(cpus): fix the rev-var of Neoverse-V1

Update the revision and variant information in the
errata ABI file, neoverse_v1.S file for erratum ID - 2294912
to match the revision and variant in the lat

fix(cpus): fix the rev-var of Neoverse-V1

Update the revision and variant information in the
errata ABI file, neoverse_v1.S file for erratum ID - 2294912
to match the revision and variant in the latest SDEN.

SDEN documentation:
https://developer.arm.com/documentation/SDEN-1401781/latest

Change-Id: I38a0f53c3515860ba442b5c0872c8ab051fdda6f
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>

show more ...

fix(cpus): fix the rev-var of Cortex-X2

Update the revision and variant information in the
errata ABI file, cortex_X2.S file for erratum ID - 2058056
to match the revision and variant in the latest

fix(cpus): fix the rev-var of Cortex-X2

Update the revision and variant information in the
errata ABI file, cortex_X2.S file for erratum ID - 2058056
to match the revision and variant in the latest SDEN.

SDEN documentation:
https://developer.arm.com/documentation/SDEN-1775100/latest

Change-Id: I28ee39949d977c53d6f5243100f0c29bc3c0428c
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>

show more ...

fix(cpus): update the rev-var for Cortex-A78AE

Update the revision and variant information in the
cortex_a78_ae.s and errata ABI file for erratum ID - 2376748
based on the latest SDEN.

SDEN documen

fix(cpus): update the rev-var for Cortex-A78AE

Update the revision and variant information in the
cortex_a78_ae.s and errata ABI file for erratum ID - 2376748
based on the latest SDEN.

SDEN documentation:
https://developer.arm.com/documentation/SDEN-1707912/latest

Change-Id: I082aac41adf717b0d5d59046a8933a3f5a3de94f
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>

show more ...

fix(cpus): fix the rev-var for Cortex-A710

Update the revision and variant information in the
errata ABI file, cortex_A710.S file for erratum ID - 2058056
and erratum ID - 2055002 to match the revis

fix(cpus): fix the rev-var for Cortex-A710

Update the revision and variant information in the
errata ABI file, cortex_A710.S file for erratum ID - 2058056
and erratum ID - 2055002 to match the revision and variant
in the latest SDEN.

SDEN documentation:
https://developer.arm.com/documentation/SDEN-1775101/latest

Change-Id: Ie010dae90dabf8670f588a06f9a606cf41e22afa
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>

show more ...

Merge "docs(maintainers): remove Jorge Ramirez-Ortiz from rcar3 maintainers" into integration

docs(stm32mp15): mark STM32MP15_OPTEE_RSV_SHM deprecated

TF-A is no more in charge of configuring OP-TEE shared memory.
Set the STM32MP15_OPTEE_RSV_SHM flag as deprecated (as well as the code
depend

docs(stm32mp15): mark STM32MP15_OPTEE_RSV_SHM deprecated

TF-A is no more in charge of configuring OP-TEE shared memory.
Set the STM32MP15_OPTEE_RSV_SHM flag as deprecated (as well as the code
depending on it).

Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I863d9a1e45e0bfc2f45d9bd84b90d626738934ab

show more ...

docs: add code-owners for Firmare Handoff Library

Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I2c64e7582a744f54b54085d3a1d7ac91e269ce3d

docs(maintainers): remove Jorge Ramirez-Ortiz from rcar3 maintainers

On behalf of Jorge himself.

Change-Id: I2dca445a240f7bc16c02365e936b064f6a246d89
Signed-off-by: Sandrine Bailleux <sandrine.bail

docs(maintainers): remove Jorge Ramirez-Ortiz from rcar3 maintainers

On behalf of Jorge himself.

Change-Id: I2dca445a240f7bc16c02365e936b064f6a246d89
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>

show more ...

docs(cert-create): add key size options for ecdsa

Adding the possible key sizes for the ecdsa key algorithm.

Change-Id: I58947bc749fed911766a1462a0c2ba520b8f7c69
Signed-off-by: Lauren Wehrmeister <

docs(cert-create): add key size options for ecdsa

Adding the possible key sizes for the ecdsa key algorithm.

Change-Id: I58947bc749fed911766a1462a0c2ba520b8f7c69
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>

show more ...

feat(el3-spmc): add a flag to enable support to load SEL0 SP

Introduce a build flag for enabling the support for loading SEL0 SP in
EL3 SPMC.

Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>

feat(el3-spmc): add a flag to enable support to load SEL0 SP

Introduce a build flag for enabling the support for loading SEL0 SP in
EL3 SPMC.

Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: I1d63ae4d0d8374a732113565be90d58861506e39

show more ...

refactor(console): disable getc() by default

The ability to read a character from the console constitutes an attack
vector into TF-A, as it gives attackers a means to inject arbitrary
data into TF-A

refactor(console): disable getc() by default

The ability to read a character from the console constitutes an attack
vector into TF-A, as it gives attackers a means to inject arbitrary
data into TF-A. It is dangerous to keep that feature enabled if not
strictly necessary, especially in production firmware builds.

Thus, we need a way to disable this feature. Moreover, when it is
disabled, all related code should be eliminated from the firmware
binaries, such that no remnant/dead getc() code remains in memory,
which could otherwise be used as a gadget as part of a bigger security
attack.

This patch disables getc() feature by default. For legitimate getc()
use cases [1], it can be explicitly enabled by building TF-A with
ENABLE_CONSOLE_GETC=1.

The following changes are introduced when getc() is disabled:

- The multi-console framework no longer provides the console_getc()
function.

- If the console driver selected by the platform attempts to register
a getc() callback into the multi-console framework then TF-A will
now fail to build.

If registered through the assembly function finish_console_register():
- On AArch64, you'll get:
Error: undefined symbol CONSOLE_T_GETC used as an immediate value.
- On AArch32, you'll get:
Error: internal_relocation (type: OFFSET_IMM) not fixed up

If registered through the C function console_register(), this requires
populating a struct console with a getc field, which will trigger:
error: 'console_t' {aka 'struct console'} has no member named 'getc'

- All console drivers which previously registered a getc() callback
have been modified to do so only when ENABLE_CONSOLE_GETC=1.

[1] Example of such use cases would be:
- Firmware recovery: retrieving a golden BL2 image over the console in
order to repair a broken firmware on a bricked board.
- Factory CLI tool: Drive some soak tests through the console.

Discussed on TF-A mailing list here:
https://lists.trustedfirmware.org/archives/list/tf-a@lists.trustedfirmware.org/thread/YS7F6RCNTWBTEOBLAXIRTXWIOYINVRW7/

Change-Id: Icb412304cd23dbdd7662df7cf8992267b7975cc5
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Acked-by: Baruch Siach <baruch@tkos.co.il>

show more ...

docs(build): update GCC to 12.3.Rel1 version

Updating toolchain to the latest production release version
12.3.Rel1 publicly available on:
https://developer.arm.com/downloads/-/arm-gnu-toolchain-down

docs(build): update GCC to 12.3.Rel1 version

Updating toolchain to the latest production release version
12.3.Rel1 publicly available on:
https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads

We build TF-A in CI using x86_64 Linux hosted cross toolchains:
---------------------------------------------------------------
* AArch32 bare-metal target (arm-none-eabi)
* AArch64 bare-metal target (aarch64-none-elf)

Change-Id: Ifcabb7fb9d8e13b87e164c3c1be8c8d32c31b49a
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>

show more ...

Merge changes from topic "mb/psa-crypto-support" into integration

* changes:
feat(mbedtls-psa): use PSA crypto API during signature verification
feat(mbedtls-psa): use PSA crypto API during hash

Merge changes from topic "mb/psa-crypto-support" into integration

* changes:
feat(mbedtls-psa): use PSA crypto API during signature verification
feat(mbedtls-psa): use PSA crypto API during hash calculation
feat(mbedtls-psa): use PSA crypto API for hash verification
feat(mbedtls-psa): initialise mbedtls psa crypto
feat(mbedtls-psa): register an ad-hoc PSA crypto driver
feat(mbedtls-psa): introduce PSA_CRYPTO build option
docs(changelog): add scope for MbedTLS PSA Crypto

show more ...

Merge "fix(cpus): workaround for Cortex-X3 erratum 2070301" into integration

fix(docs): remove out-dated information about CI review comments

- Fix the name of the user account under which the CI bot posts
review comments.

- The CI has now transitioned to trustedfirmwa

fix(docs): remove out-dated information about CI review comments

- Fix the name of the user account under which the CI bot posts
review comments.

- The CI has now transitioned to trustedfirmware.org so CI results
are publically accessible.

Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: I53dd93e200c9e119b5df6bbaf2644485cde57ce5

show more ...

fix(cpus): workaround for Cortex-X3 erratum 2070301

Cortex-X3 erratum 2070301 is a Cat B erratum that applies to all
revisions <= r1p2 and is still open.
The workaround is to write the value 4'b1001

fix(cpus): workaround for Cortex-X3 erratum 2070301

Cortex-X3 erratum 2070301 is a Cat B erratum that applies to all
revisions <= r1p2 and is still open.
The workaround is to write the value 4'b1001 to the PF_MODE bits
in the IMP_CPUECTLR2_EL1 register. This places the data prefetcher
in the most conservative mode instead of disabling it.

SDEN documentation:
https://developer.arm.com/documentation/2055130/latest

Change-Id: I337c4c7bb9221715aaf973a55d0154e1c7555768
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>

show more ...

feat(mbedtls-psa): introduce PSA_CRYPTO build option

This is a preparatory patch to provide MbedTLS PSA Crypto
API support, with below changes -

1. Added a build macro PSA_CRYPTO to enable the Mbed

feat(mbedtls-psa): introduce PSA_CRYPTO build option

This is a preparatory patch to provide MbedTLS PSA Crypto
API support, with below changes -

1. Added a build macro PSA_CRYPTO to enable the MbedTLS PSA
Crypto API support in the subsequent patches.
2. Compile necessary PSA crypto files from MbedTLS source code
when PSA_CRYPTO=1.

Also, marked PSA_CRYPTO as an experimental feature.

Change-Id: I45188f56c5c98b169b2e21e365150b1825c6c450
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

Merge "feat(rmmd): enable SME for RMM" into integration

feat(rmmd): enable SME for RMM

This patch enables Scalable Matrix Extension (SME) for RMM. RMM will
save/restore required registers that are shared with SVE/FPU register
state so that Realm can use

feat(rmmd): enable SME for RMM

This patch enables Scalable Matrix Extension (SME) for RMM. RMM will
save/restore required registers that are shared with SVE/FPU register
state so that Realm can use FPU or SVE.

The Relevant RMM support can be found here :
https://github.com/TF-RMM/tf-rmm/commit/0ccd7ae58b00

Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Change-Id: I3bbdb840e7736dec00b71c85fcec3d5719413ffd

show more ...

Merge changes from topic "rm/handoff" into integration

* changes:
feat(qemu): implement firmware handoff on qemu
feat(handoff): introduce firmware handoff library

Merge "fix(docs): add missing line in the fiptool command for stm32mp1" into integration