Merge "docs: update TF-A v2.10 release information" into integration

fix(docs): add missing line in the fiptool command for stm32mp1

Add the missing trusted key certificate in the fiptool
command line.

Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Chang

fix(docs): add missing line in the fiptool command for stm32mp1

Add the missing trusted key certificate in the fiptool
command line.

Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Change-Id: Ife95b0261f04b7fd07a9b01488f9e5be9b87e841

show more ...

docs: update TF-A v2.10 release information

Update version and release schedule for the upcoming TF-A
release v2.10.

Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I505fbb034a74c

docs: update TF-A v2.10 release information

Update version and release schedule for the upcoming TF-A
release v2.10.

Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I505fbb034a74ce1cc6bc20efdd26803e6fb8c0c1

show more ...

Merge "refactor(ast2700): adopt RESET_TO_BL31 boot flow" into integration

refactor(ast2700): adopt RESET_TO_BL31 boot flow

Revise the AST2700 boot flow to the RESET_TO_BL31 scheme.
The execution of BL1/2 can be saved from ARM CA35 while most
low level platform initializat

refactor(ast2700): adopt RESET_TO_BL31 boot flow

Revise the AST2700 boot flow to the RESET_TO_BL31 scheme.
The execution of BL1/2 can be saved from ARM CA35 while most
low level platform initialization are moved to a preceding MCU.

This patch updates the build configuration and also adds
the SMP mailbox setup code to hold secondary cores until
they are being waken up.

Signed-off-by: Chia-Wei Wang <chiawei_wang@aspeedtech.com>
Change-Id: I7e0aa6416b92b97036153db1d9a26baaa41b7b18

show more ...

refactor(el3-runtime): plat_ic_has_interrupt_type returns bool

Rather than returning 0 or 1, the above function returns bool false
or true. No functional change.

Change-Id: Iea904ffc368568208fa8203

refactor(el3-runtime): plat_ic_has_interrupt_type returns bool

Rather than returning 0 or 1, the above function returns bool false
or true. No functional change.

Change-Id: Iea904ffc368568208fa8203e0d2e0cdaa500b1e0
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>

show more ...

Merge changes If9672598,I219c49d3 into integration

* changes:
feat(cert-create): add pkcs11 engine support
fix(cert-create): key: Avoid having a temporary value for pkey in key_load

Merge changes from topic "errata" into integration

* changes:
fix(cpus): workaround for Neoverse V2 erratum 2743011
fix(cpus): workaround for Neoverse V2 erratum 2779510
fix(cpus): workaround

Merge changes from topic "errata" into integration

* changes:
fix(cpus): workaround for Neoverse V2 erratum 2743011
fix(cpus): workaround for Neoverse V2 erratum 2779510
fix(cpus): workaround for Neoverse V2 erratum 2719105
fix(cpus): workaround for Neoverse V2 erratum 2331132

show more ...

feat(handoff): introduce firmware handoff library

Add transfer list APIs and firmware handoff build option.

Change-Id: I68a0ace22c7e50fcdacd101eb76b271d7b76d8ff
Signed-off-by: Raymond Mao <raymond.

feat(handoff): introduce firmware handoff library

Add transfer list APIs and firmware handoff build option.

Change-Id: I68a0ace22c7e50fcdacd101eb76b271d7b76d8ff
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>

show more ...

feat(cert-create): add pkcs11 engine support

Add pkcs11 engine support which allows using keys that are securely
stored on a HSM or TPM. To use this feature the user has to supply
an RFC 7512 compli

feat(cert-create): add pkcs11 engine support

Add pkcs11 engine support which allows using keys that are securely
stored on a HSM or TPM. To use this feature the user has to supply
an RFC 7512 compliant PKCS11 URI to a key instead of a file as an
argument to one of the key options. This change is fully backwards
compatible.

This change makes use of the openssl engine API which is deprecated
since openssl 3.0 and will most likely be removed in version 4. So
pkcs11 support will have to be updated to the openssl provider API
in the near future.

Signed-off-by: Robin van der Gracht <robin@protonic.nl>
Change-Id: If96725988ca62c5613ec59123943bf15922f5d1f

show more ...

Merge "chore: remove MULTI_CONSOLE_API references" into integration

fix(cpus): workaround for Neoverse V2 erratum 2743011

Neoverse V2 erratum 2743011 is a Cat B erratum that applies to
all revisions <= r0p1 and is fixed in r0p2. The workaround is to
set CPUACTLR5_EL

fix(cpus): workaround for Neoverse V2 erratum 2743011

Neoverse V2 erratum 2743011 is a Cat B erratum that applies to
all revisions <= r0p1 and is fixed in r0p2. The workaround is to
set CPUACTLR5_EL1[56:55] to 2'b01.

SDEN documentation:
https://developer.arm.com/documentation/SDEN2332927/latest

Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: I0e06ca723a1cce51fb027b7160f3dd06a4c93e64

show more ...

fix(cpus): workaround for Neoverse V2 erratum 2779510

Neoverse V2 erratum 2779510 is a Cat B erratum that applies to
all revisions <= r0p1 and is fixed in r0p2. The workaround is to
set bit[47] of C

fix(cpus): workaround for Neoverse V2 erratum 2779510

Neoverse V2 erratum 2779510 is a Cat B erratum that applies to
all revisions <= r0p1 and is fixed in r0p2. The workaround is to
set bit[47] of CPUACTLR3_EL1 which might have a small impact on
power and negligible impact on performance.

SDEN documentation:
https://developer.arm.com/documentation/SDEN2332927/latest

Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: I6d937747bdcbf2913a64c4037f99918cbc466e80

show more ...

fix(cpus): workaround for Neoverse V2 erratum 2719105

Neoverse V2 erratum 2719105 is a Cat B erratum that applies to all
revisions <= r0p1 and is fixed in r0p2.

The erratum is avoided by setting CP

fix(cpus): workaround for Neoverse V2 erratum 2719105

Neoverse V2 erratum 2719105 is a Cat B erratum that applies to all
revisions <= r0p1 and is fixed in r0p2.

The erratum is avoided by setting CPUACTLR2_EL1[0] to 1 to force
PLDW/PFRM ST to behave like PLD/PRFM LD and not cause invalidations
to other PE caches. There might be a small performance degradation
to this workaround for certain workloads that share data.

SDEN documentation:
https://developer.arm.com/documentation/SDEN2332927/latest

Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: Id026edcb7ee1ca93371ce0001d18f5a8282c49ba

show more ...

fix(cpus): workaround for Neoverse V2 erratum 2331132

Neoverse V2 erratum 2331132 is a Cat B erratum that applies to all
revisions <= r0p2 and is still open. The workaround is to write the
value 4'b

fix(cpus): workaround for Neoverse V2 erratum 2331132

Neoverse V2 erratum 2331132 is a Cat B erratum that applies to all
revisions <= r0p2 and is still open. The workaround is to write the
value 4'b1001 to the PF_MODE bits in the IMP_CPUECTLR2_EL1 register
which will place the data prefetcher in the most conservative mode
instead of disabling it.

SDEN documentation:
https://developer.arm.com/documentation/SDEN2332927/latest

Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: Ic6c76375df465a4ad2e20dd7add7037477d973c1

show more ...

Merge "refactor(cpufeat): refactor arch feature build options" into integration

docs(maintainers): update corstone1000 maintainers

Update maintainers list for corstone1000 platform.

Signed-off-by: Xueliang Zhong <xueliang.zhong@arm.com>
Change-Id: I779e3717f6a6e19d32e8568eda05

docs(maintainers): update corstone1000 maintainers

Update maintainers list for corstone1000 platform.

Signed-off-by: Xueliang Zhong <xueliang.zhong@arm.com>
Change-Id: I779e3717f6a6e19d32e8568eda05204cd46f35ea

show more ...

refactor(cpufeat): refactor arch feature build options

Current build infra defaults all cpufeats in defaults.mk and some
mandatory features are enabled in arch_features.mk and optional
arch features

refactor(cpufeat): refactor arch feature build options

Current build infra defaults all cpufeats in defaults.mk and some
mandatory features are enabled in arch_features.mk and optional
arch features are enabled in platform specific makefile.
This fragmentation is sometime confusing to figure out which feature
is tied to which ARCH_MAJOR.ARCH_MINOR.

So, consolidating and grouping them for tracking and enabling makes
more sense. With this change we consolidate all ARCH feature handling
within arch_features.mk and disable all optional features that need
to be enabled to platform makefile.

This is an ongoing series of effort to consolidate and going forward
platform makefile should just specify ARCH_MAJOR and ARCH MINOR and
all mandatory feature should be selected based on arch_features.mk
any optional feature needed by the platform support can be enabled
by platform makefile.

It also makes it easier for platform ports to look upto arch_features.mk
and enable any optional feature that platform may need which are
supported from TF-A.

Change-Id: I18764008856d81414256b6cbabdfa42a16b8040d
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

Merge changes from topic "stm32mp2" into integration

* changes:
feat(stm32mp2): generate stm32 file
feat(stm32mp2-fdts): add stm32mp257f-ev1 board
feat(stm32mp2-fdts): introduce stm32mp25 pinc

Merge changes from topic "stm32mp2" into integration

* changes:
feat(stm32mp2): generate stm32 file
feat(stm32mp2-fdts): add stm32mp257f-ev1 board
feat(stm32mp2-fdts): introduce stm32mp25 pinctrl files
feat(stm32mp2-fdts): introduce stm32mp25 SoCs family
feat(stm32mp2): add console configuration
feat(st): add RCC registers list
feat(st-uart): add AARCH64 stm32_console driver
feat(st): introduce new platform STM32MP2
feat(dt-bindings): add the STM32MP2 clock and reset bindings
docs(changelog): add scopes for STM32MP2
feat(docs): introduce STM32MP2 doc
refactor(docs): add a sub-menu for ST platforms
refactor(st): move plat_image_load.c
refactor(st): rename PLAT_NB_FIXED_REGS
refactor(st): move some storage definitions to common part
refactor(st): move SDMMC definitions to driver
feat(st-clock): stub fdt_get_rcc_secure_state
feat(st-clock): allow aarch64 compilation of STGEN functions
feat(st): allow AARCH64 compilation for common code
refactor(st): rename QSPI macros

show more ...

Merge "feat(mbedtls): update to 3.4.1" into integration

chore: remove MULTI_CONSOLE_API references

MULTI_CONSOLE_API have been removed long time ago by commit 5b6ebeec9c99
("Remove MULTI_CONSOLE_API flag and references to it") that's why remove
reference

chore: remove MULTI_CONSOLE_API references

MULTI_CONSOLE_API have been removed long time ago by commit 5b6ebeec9c99
("Remove MULTI_CONSOLE_API flag and references to it") that's why remove
references in platform.mk files and also in one rst which is not valid
anymore.

Change-Id: I45f8e7db0a14ce63de62509100d8159b7aca2657
Signed-off-by: Michal Simek <michal.simek@amd.com>

show more ...

Merge "docs(maintainers): add maintainers for i.MX9 SoCs" into integration

feat(mbedtls): update to 3.4.1

Update TF-A documentation to recommend using the latest and greatest
release of mbedTLS library to this date, i.e. version 3.4.1. The
upgrade was successfully tested b

feat(mbedtls): update to 3.4.1

Update TF-A documentation to recommend using the latest and greatest
release of mbedTLS library to this date, i.e. version 3.4.1. The
upgrade was successfully tested by the OpenCI running all existing
test configs, in particular trusted boot and measured boot related
ones.

The reason for this upgrade is simply to obey TF-A's guideline to
always use up-to-date security libraries. mbedTLS 3.4.1 release
notes [1] do not list any changes that should affect TF-A.

[1] https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.4.1

Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Change-Id: Ifc31c2fc825a2fc9ca318ea8baadd51b670e7a4e

show more ...

Merge changes from topic "sm/errata_X3" into integration

* changes:
fix(cpus): workaround for Cortex-X3 erratum 2742421
feat(errata_abi): add support for Cortex-X3

Merge "fix(docs): replace deprecated urls under tfa/docs" into integration