fix(mmc): remove broken, unsecure, unused eMMC RPMB handling

Replay-protected memory block access is enabled by writing 0x3
to PARTITION_ACCESS (bit[2:0]). Instead the driver is using the
first boot

fix(mmc): remove broken, unsecure, unused eMMC RPMB handling

Replay-protected memory block access is enabled by writing 0x3
to PARTITION_ACCESS (bit[2:0]). Instead the driver is using the
first boot partition, which does not provide any playback protection.
Additionally, it unconditionally activates the first boot partition,
potentially breaking boot for SoCs that consult boot partitions,
require boot ack or downgrading to an old bootloader if the first
partition happens to be the inactive one.

Also, neither enabling or disabling the RPMB observes the
PARTITION_SWITCH_TIME. As there are no in-tree users for these
functions, drop them for now until a properly functional implementation
is added. That one will likely share most code with the existing boot
partition switch, which doesn't suffer from the described issues.

Change-Id: Ia4a3f738f60a0dbcc33782f868cfbb1e1c5b664a
Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>

show more ...

fix(rme/fid): refactor RME fid macros

Refactored RME FID macros to simplify usage.

Signed-off-by: Subhasish Ghosh <subhasish.ghosh@arm.com>
Change-Id: I68f51f43d6c100d90069577412c2e495fe7b7e40

feat(trbe): add trbe under feature detection mechanism

This change adds "FEAT_TRBE" to be part of feature detection mechanism.

Previously feature enablement flags were of boolean type, containing
e

feat(trbe): add trbe under feature detection mechanism

This change adds "FEAT_TRBE" to be part of feature detection mechanism.

Previously feature enablement flags were of boolean type, containing
either 0 or 1. With the introduction of feature detection procedure
we now support three states for feature enablement build flags(0 to 2).

Accordingly, "ENABLE_TRBE_FOR_NS" flag is now modified from boolean
to numeric type to align with the feature detection.

Change-Id: I53d3bc8dc2f6eac63feef22dfd627f3a48480afc
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>

show more ...

feat(brbe): add brbe under feature detection mechanism

This change adds "FEAT_BRBE" to be part of feature detection mechanism.

Previously feature enablement flags were of boolean type, possessing
e

feat(brbe): add brbe under feature detection mechanism

This change adds "FEAT_BRBE" to be part of feature detection mechanism.

Previously feature enablement flags were of boolean type, possessing
either 0 or 1. With the introduction of feature detection procedure
we now support three states for feature enablement build flags(0 to 2).

Accordingly, "ENABLE_BRBE_FOR_NS" flag is now modified from boolean
to numeric type to align with the feature detection.

Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
Change-Id: I1eb52863b4afb10b808e2f0b6584a8a210d0f38c

show more ...

refactor(mmc): replace magic value with new PART_CFG_BOOT_PARTITION_NO_ACCESS

Disabling access to the boot partition reverts the MMC to read from the
user area. Add a macro to make this clearer.

Su

refactor(mmc): replace magic value with new PART_CFG_BOOT_PARTITION_NO_ACCESS

Disabling access to the boot partition reverts the MMC to read from the
user area. Add a macro to make this clearer.

Suggested-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
Change-Id: I34a5a987980bb4690d08d255f465b11a4697ed5a

show more ...

refactor(mmc): export user/boot partition switch functions

At the moment, mmc_boot_part_read_blocks() takes care to switch
to the boot partition before transfer and back afterwards.
This can introdu

refactor(mmc): export user/boot partition switch functions

At the moment, mmc_boot_part_read_blocks() takes care to switch
to the boot partition before transfer and back afterwards.
This can introduce large overhead when reading small chunks.
Give consumers of the API more control by exporting
mmc_part_switch_current_boot() and mmc_part_switch_user().

Signed-off-by: Ahmad Fatoum <a.fatoum@pengutronix.de>
Change-Id: Ib641f188071bb8e0196f4af495ec9ad4a292284f

show more ...

fix(include/aarch64): fix encodings for MPAMVPM* registers

This patch fixes the following encodings in the System register
encoding space for the MPAM registers. The encodings now match
with the Arm

fix(include/aarch64): fix encodings for MPAMVPM* registers

This patch fixes the following encodings in the System register
encoding space for the MPAM registers. The encodings now match
with the Arm® Architecture Reference Manual Supplement for MPAM.

* MPAMVPM0_EL2
* MPAMVPM1_EL2
* MPAMVPM2_EL2
* MPAMVPM3_EL2
* MPAMVPM4_EL2
* MPAMVPM5_EL2
* MPAMVPM6_EL2
* MPAMVPM7_EL2
* MPAMVPMV_EL2

Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
Change-Id: Ib339412de6a9c945a3307f3f347fe7b2efabdc18

show more ...

fix(measured-boot): add SP entries to event_log_metadata

Add SP entries to event_log_metadata if SPD_spmd is enabled. Otherwise
the platform cannot boot with measured boot enabled.

Signed-off-by: I

fix(measured-boot): add SP entries to event_log_metadata

Add SP entries to event_log_metadata if SPD_spmd is enabled. Otherwise
the platform cannot boot with measured boot enabled.

Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: I525eb50e7bb60796b63a8c7f81962983017bbf87

show more ...

Merge changes from topic "ffa_el3_spmc" into integration

* changes:
feat(fvp): add plat hook for memory transactions
feat(spmc): enable handling of the NS bit
feat(spmc): add support for v1.1

Merge changes from topic "ffa_el3_spmc" into integration

* changes:
feat(fvp): add plat hook for memory transactions
feat(spmc): enable handling of the NS bit
feat(spmc): add support for v1.1 FF-A memory data structures
feat(spmc/mem): prevent duplicated sharing of memory regions
feat(spmc/mem): support multiple endpoints in memory transactions
feat(spmc): add support for v1.1 FF-A boot protocol
feat(plat/fvp): introduce accessor function to obtain datastore
feat(spmc/mem): add FF-A memory management code

show more ...

Merge changes from topic "gpt-crc" into integration

* changes:
feat(partition): verify crc while loading gpt header
build(hikey): platform changes for verifying gpt header crc
build(agilex): p

Merge changes from topic "gpt-crc" into integration

* changes:
feat(partition): verify crc while loading gpt header
build(hikey): platform changes for verifying gpt header crc
build(agilex): platform changes for verifying gpt header crc
build(stratix10): platform changes for verifying gpt header crc
build(stm32mp1): platform changes for verifying gpt header crc

show more ...

feat(spmc): enable handling of the NS bit

In FF-A v1.1 the NS bit is used by the SPMC to specify the
security state of a memory region retrieved by a SP.

Enable the SPMC to set the bit for v1.1 cal

feat(spmc): enable handling of the NS bit

In FF-A v1.1 the NS bit is used by the SPMC to specify the
security state of a memory region retrieved by a SP.

Enable the SPMC to set the bit for v1.1 callers or v1.0
callers that explicitly request the usage via FFA_FEATURES.

In this implementation the sender of the memory region must
reside in the normal world and the SPMC does not support
changing the security state of memory regions therefore
always set the NS bit if required by the caller.

Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: I215756b28e2382082933ba1dcc7584e7faf4b36b

show more ...

feat(spmc): add support for v1.1 FF-A memory data structures

Add support for the FF-A v1.1 data structures to the EL3 SPMC
and enable the ability to convert between v1.0 and the v1.1
forwards compat

feat(spmc): add support for v1.1 FF-A memory data structures

Add support for the FF-A v1.1 data structures to the EL3 SPMC
and enable the ability to convert between v1.0 and the v1.1
forwards compatible data structures.

The SPMC now uses the v1.1 data structures internally and will
convert descriptors as required depending on the FF-A version
supported by the calling partition.

Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: Ic14a95ea2e49c989aecf19b927a6b21ac50f863e

show more ...

feat(spmc/mem): support multiple endpoints in memory transactions

Enable FFA_MEM_LEND and FFA_MEM_SHARE transactions to support multiple
borrowers and add the appropriate validation. Since we curren

feat(spmc/mem): support multiple endpoints in memory transactions

Enable FFA_MEM_LEND and FFA_MEM_SHARE transactions to support multiple
borrowers and add the appropriate validation. Since we currently
only support a single S-EL1 partition, this functionality is to
support the use case where a VM shares or lends memory to one or
more VMs in the normal world as part of the same transaction to
the SP.

Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: Ia12c4357e9d015cb5f9b38e518b7a25b1ea2e30e

show more ...

feat(spmc): add support for v1.1 FF-A boot protocol

A partition can request the use of the FF-A boot protocol via
an entry in its manifest along with the register (0-3)
that should be populated with

feat(spmc): add support for v1.1 FF-A boot protocol

A partition can request the use of the FF-A boot protocol via
an entry in its manifest along with the register (0-3)
that should be populated with a pointer to a data structure
containing boot related information. Currently the boot
information consists of an allocated memory region
containing the SP's manifest, allowing it to map and parse
any extra information as required.

This implementation only supports the v1.1 data structures
and will return an error if a v1.0 client requests the usage
of the protocol.

Signed-off-by: Achin Gupta <achin.gupta@arm.com>
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: I67692553a90a7e7d94c64fe275edd247b512efca

show more ...

feat(plat/fvp): introduce accessor function to obtain datastore

In order to provide the EL3 SPMC a sufficient datastore to
record memory descriptors, a accessor function is used.
This allows for the

feat(plat/fvp): introduce accessor function to obtain datastore

In order to provide the EL3 SPMC a sufficient datastore to
record memory descriptors, a accessor function is used.
This allows for the backing memory to be allocated in a
platform defined manner, to accommodate memory constraints
and desired use cases.

Provide an implementation for the Arm FVP platform to
use a default value of 512KB memory allocated in the
TZC RAM section.

Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: I92bc55ba6e04bdad429eb52f0d2960ceda682804

show more ...

feat(spmc/mem): add FF-A memory management code

Originally taken from the downstream Trusty SPD [1]
implementation and modified to integrate with
the EL3 SPMC internals.

Add support to the EL3 SPMC

feat(spmc/mem): add FF-A memory management code

Originally taken from the downstream Trusty SPD [1]
implementation and modified to integrate with
the EL3 SPMC internals.

Add support to the EL3 SPMC for a subset of the FF-A
memory management ABIs:
- FFA_MEM_SHARE
- FFA_MEM_LEND
- FFA_MEM_RETRIEVE_REQ
- FFA_MEM_RETRIEVE_RESP
- FFA_MEM_RELINQUISH
- FFA_MEM_RECLAIM
- FFA_MEM_FRAG_RX
- FFA_MEM_FRAG_TX

This implementation relies on a datastore allocated in
platform specific code in order to store memory descriptors
about ongoing memory transactions. This mechanism
will be implemented in the following commit.

[1] https://android.googlesource.com/trusty/external/trusted-firmware-a/+/refs/heads/master/services/spd/trusty/

Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: Ib042f73c8a6e0f0aed00f6762be175cb9dedc042

show more ...

feat(smmu): add SMMU abort transaction function

Created a function to abort all pending NS DMA transactions to
engage complete DMA protection. This call will be used by the
subsequent DRTM implement

feat(smmu): add SMMU abort transaction function

Created a function to abort all pending NS DMA transactions to
engage complete DMA protection. This call will be used by the
subsequent DRTM implementation changes.

Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com>
Signed-off-by: Lucian Paul-Trifu <lucian.paultrifu@gmail.com>
Change-Id: I94992b54c570327d6746295073822a9c0ebdc85d

show more ...

feat(partition): verify crc while loading gpt header

This change makes use of 32-bit crc for calculating gpt header crc
and compares it with the given value.

Signed-off-by: Rohit Ner <rohitner@goog

feat(partition): verify crc while loading gpt header

This change makes use of 32-bit crc for calculating gpt header crc
and compares it with the given value.

Signed-off-by: Rohit Ner <rohitner@google.com>
Change-Id: I49bca7aab2c3884881c4b7d90d31786a895290e6

show more ...

Merge "fix(arm): remove reclamation of functions starting with "init"" into integration

Merge changes from topic "ffa_el3_spmc" into integration

* changes:
feat(spmd): allow forwarding of FFA_FRAG_RX/TX calls
feat(spmc): add support for FFA_SPM_ID_GET
feat(spmc): add support for

Merge changes from topic "ffa_el3_spmc" into integration

* changes:
feat(spmd): allow forwarding of FFA_FRAG_RX/TX calls
feat(spmc): add support for FFA_SPM_ID_GET
feat(spmc): add support for forwarding a secure interrupt to the SP
feat(spmc): add support for FF-A power mgmt. messages in the EL3 SPMC

show more ...

Merge changes from topic "ffa_el3_spmc" into integration

* changes:
feat(spmc): enable the SPMC to pass the linear core ID in a register
feat(spmc): add FFA_RX_RELEASE handler
feat(spmc): add

Merge changes from topic "ffa_el3_spmc" into integration

* changes:
feat(spmc): enable the SPMC to pass the linear core ID in a register
feat(spmc): add FFA_RX_RELEASE handler
feat(spmc): add FFA_RUN handler
feat(spmc): support FFA_ID_GET ABI
feat(spmc): add FFA_FEATURES handler
feat(spmc): add FFA_PARTITION_INFO_GET handler
feat(spmc): enable handling FF-A RX/TX Mapping ABIs
docs(maintainers): introduce SPMC maintainer section

show more ...

feat(spmd): allow forwarding of FFA_FRAG_RX/TX calls

Enable the SPMD to forward FFA_FRAG_RX/TX calls between
the normal world and the SPMC.

Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change

feat(spmd): allow forwarding of FFA_FRAG_RX/TX calls

Enable the SPMD to forward FFA_FRAG_RX/TX calls between
the normal world and the SPMC.

Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: I097a48552827a8527dd3efe1155bc601d7cbf887

show more ...

feat(spmc): add support for FF-A power mgmt. messages in the EL3 SPMC

This patch adds support for forwarding the following PSCI messages
received by the SPMC at EL3 to the S-EL1 SP if the SP has ind

feat(spmc): add support for FF-A power mgmt. messages in the EL3 SPMC

This patch adds support for forwarding the following PSCI messages
received by the SPMC at EL3 to the S-EL1 SP if the SP has indicated
that it wishes to receive the appropriate message via its manifest.

1. A PSCI CPU_OFF message in response to a cpu hot unplug request
from the OS.
2. A message to indicate warm boot of a cpu in response to a cpu
hot plug request from the OS.
3. A PSCI CPU_SUSPEND message in response to a cpu idle event
initiated from the OS.
4. A message to indicate warm boot of a cpu from a shallow power
state in response to a cpu resume power event.

This patch also implements the FFA_SECONDARY_EP_REGISTER function to
enable the SP specify its secondary entrypoint.

Signed-off-by: Achin Gupta <achin.gupta@arm.com>
Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: I375d0655b2c6fc27445facc39213d1d0678557f4

show more ...

feat(spmc): add FFA_PARTITION_INFO_GET handler

Enable the SPMC to handle calls to FFA_PARTITION_INFO_GET.
This allows the normal world to discover which partitions
are running in the secure world in

feat(spmc): add FFA_PARTITION_INFO_GET handler

Enable the SPMC to handle calls to FFA_PARTITION_INFO_GET.
This allows the normal world to discover which partitions
are running in the secure world including logical partitions
in EL3.

This implementation supports both the v1.0 and v1.1
implementations of the Partition Info Get Descriptor.
The SPMC populates the appropriate descriptor in the
partitions RX buffer, if requested, according to the
version of FF-A that the caller is using.

Additionally rename the common/uuid UUID_H include guard
due to a conflict with another header file.

Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
Change-Id: I0a85f1dae50fae1fe47a3cafb765fbe9f40619e1

show more ...

Merge changes from topic "rss/mboot-attest" into integration

* changes:
docs(maintainers): add PSA, MHU, RSS comms code owners
feat(plat/arm/fvp): enable RSS backend based measured boot
feat(l

Merge changes from topic "rss/mboot-attest" into integration

* changes:
docs(maintainers): add PSA, MHU, RSS comms code owners
feat(plat/arm/fvp): enable RSS backend based measured boot
feat(lib/psa): mock PSA APIs
feat(drivers/measured_boot): add RSS backend
feat(drivers/arm/rss): add RSS communication driver
feat(lib/psa): add initial attestation API
feat(lib/psa): add measured boot API
feat(drivers/arm/mhu): add MHU driver

show more ...