AArch64: Use SSBS for CVE_2018_3639 mitigation

The Armv8.5 extensions introduces PSTATE.SSBS (Speculation Store Bypass
Safe) bit to mitigate against Variant 4 vulnerabilities. Although an
Armv8.5 fe

AArch64: Use SSBS for CVE_2018_3639 mitigation

The Armv8.5 extensions introduces PSTATE.SSBS (Speculation Store Bypass
Safe) bit to mitigate against Variant 4 vulnerabilities. Although an
Armv8.5 feature, this can be implemented by CPUs implementing earlier
version of the architecture.

With this patch, when both PSTATE.SSBS is implemented and
DYNAMIC_WORKAROUND_CVE_2018_3639 is active, querying for
SMCCC_ARCH_WORKAROUND_2 via. SMCCC_ARCH_FEATURES call would return 1 to
indicate that mitigation on the PE is either permanently enabled or not
required.

When SSBS is implemented, SCTLR_EL3.DSSBS is initialized to 0 at reset
of every BL stage. This means that EL3 always executes with mitigation
applied.

For Cortex A76, if the PE implements SSBS, the existing mitigation (by
using a different vector table, and tweaking CPU ACTLR2) is not used.

Change-Id: Ib0386c5714184144d4747951751c2fc6ba4242b6
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>

show more ...

Merge pull request #1700 from jwerner-chromium/JW_crashfix

MULTI_CONSOLE_API fixes and cleanups

console: Fix console_unregister() signature

console_unregister() has always returned a pointer to the console that
was removed on success, not just an integer. Fix the C prototype to
match the assem

console: Fix console_unregister() signature

console_unregister() has always returned a pointer to the console that
was removed on success, not just an integer. Fix the C prototype to
match the assembly implementation.

Change-Id: Iafc43de0767a5c87c9ae5c3aba53761dd28d51e6
Signed-off-by: Julius Werner <jwerner@chromium.org>

show more ...

Merge pull request #1653 from JackyBai/master

Add NXP i.MX8MQ basic support

Merge pull request #1702 from MISL-EBU-System-SW/patches-18.12

Update code with latest changes from Marvell LSP 18.12

ble: ap807: Switch to PLL mode and update CPU frequency

- Update CPU frequency on AP807 to 2GHz for SAR 0x0.
- Increase AVS to 0.88V for 2GHz clock

Change-Id: Ic945b682ab2f8543e34294bfc56c3eae2c5e0

ble: ap807: Switch to PLL mode and update CPU frequency

- Update CPU frequency on AP807 to 2GHz for SAR 0x0.
- Increase AVS to 0.88V for 2GHz clock

Change-Id: Ic945b682ab2f8543e34294bfc56c3eae2c5e0c8e
Signed-off-by: Christine Gharzuzi <chrisg@marvell.com>
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>

show more ...

drivers: add tzc380 support

Add tzc380 support.

Signed-off-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Bai Ping <ping.bai@nxp.com>

Merge pull request #1699 from chandnich/sgi-mt-support

Add support to implement multi-threaded platforms for SGI

Merge pull request #1688 from JoelHutton/jh/variant_1_mitigations

Initial Spectre V1 mitigations (CVE-2017-5753).

Merge pull request #1679 from pangupta/master

ccn: Introduce API to set and read value of node register

plat/arm/common: add an additional platform power level

For platforms using multi-threaded CPUs, there can be upto four
platform power domain levels. At present, there are three platform
power domai

plat/arm/common: add an additional platform power level

For platforms using multi-threaded CPUs, there can be upto four
platform power domain levels. At present, there are three platform
power domain levels that are defined for the CSS platforms. Define a
fourth level 'ARM_PWR_LVL3' as well to provide support for an
additional platform power domain level.

Change-Id: I40cc17a10f4690a560776f504364fd7277a7e72a
Signed-off-by: Chandni Cherukuri <chandni.cherukuri@arm.com>

show more ...

plat/css: allow platforms to define the system power domain level

The CSS_SYSTEM_PWR_DMN_LVL macro that defines the system power domain
level is fixed at ARM_PWR_LVL2 for all CSS platforms. However,

plat/css: allow platforms to define the system power domain level

The CSS_SYSTEM_PWR_DMN_LVL macro that defines the system power domain
level is fixed at ARM_PWR_LVL2 for all CSS platforms. However, the
system power domain level can be different for CSS platforms that
use multi-threaded CPUs.

So, in preparation towards adding support for platforms that use
multi-threaded CPUs, refactor the definition of CSS_SYSTEM_PWR_DMN_LVL
such that CSS_SYSTEM_PWR_DMN_LVL is uniquely defined for each of the
CSS platform.

Change-Id: Ia837b13f6865e71da01780993c048b45b7f36d85
Signed-off-by: Chandni Cherukuri <chandni.cherukuri@arm.com>

show more ...

Initial Spectre V1 mitigations (CVE-2017-5753).

Initial Spectre Variant 1 mitigations (CVE-2017-5753).
A potential speculative data leak was found in PSCI code, this depends
on a non-robust implemen

Initial Spectre V1 mitigations (CVE-2017-5753).

Initial Spectre Variant 1 mitigations (CVE-2017-5753).
A potential speculative data leak was found in PSCI code, this depends
on a non-robust implementation of the `plat_get_core_pos_by_mpidr()`
function. This is considered very low-risk. This patch adds a macro to
mitigate this. Note not all code paths could be analyzed with current
tools.

Add a macro which makes a variable 'speculation safe', using the
__builtin_speculation_safe_value function of GCC and llvm. This will be
available in GCC 9, and is planned for llvm, but is not currently in
mainline GCC or llvm. In order to implement this mitigation the compiler
must support this builtin. Support is indicated by the
__HAVE_SPECULATION_SAFE_VALUE flag.

The -mtrack-speculation option maintains a 'tracker' register, which
determines if the processor is in false speculation at any point. This
adds instructions and increases code size, but avoids the performance
impact of a hard barrier.

Without the -mtrack-speculation option, __builtin_speculation_safe_value
expands to a

ISB
DSB SY

sequence after a conditional branch, before the
speculation safe variable is used. With -mtrack-speculation a

CSEL tracker, tracker, XZR, [cond];
AND safeval,tracker;
CSDB

sequence is added instead, clearing the vulnerable variable by
AND'ing it with the tracker register, which is zero during speculative
execution. [cond] are the status flags which will only be true during
speculative execution. For more information on
__builtin_speculation_safe_value and the -mtrack-speculation option see
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/compiler-support-for-mitigations

The -mtracking option was not added, as the performance impact of the
mitigation is low, and there is only one occurence.

Change-Id: Ic9e66d1f4a5155e42e3e4055594974c230bfba3c
Signed-off-by: Joel Hutton <Joel.Hutton@Arm.com>

show more ...

Merge pull request #1697 from antonio-nino-diaz-arm/an/arch

Synchronise arch.h and arch_helpers.h with TF-A-Tests

Synchronise arch.h and arch_helpers.h with TF-A-Tests

The headers forked at some point in the past and have diverged a lot. In
order to make it easier to share code between TF-A-Tests and TF-A, this

Synchronise arch.h and arch_helpers.h with TF-A-Tests

The headers forked at some point in the past and have diverged a lot. In
order to make it easier to share code between TF-A-Tests and TF-A, this
patch synchronises most of the definitions in the mentioned headers.

This is not a complete sync, it has to be followed by more cleanup.

This patch also removes the read helpers for the AArch32 instructions
ats1cpr and ats1hr (they are write-only).

Change-Id: Id13ecd7aeb83bd2318cd47156d71a42f1c9f6ba2
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

show more ...

ccn: Introduce API to set and read value of node register

Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com>

Merge pull request #1691 from vijayenthiran-arm/sgi-dmc620-tzc

Add support for dmc620 tzc driver

Revert "aarch32: Apply workaround for errata 813419 of Cortex-A57"

This reverts commit 6f512a3dfd61662dbdae4912fb6a320ae4d754d5.

According to the 'Cortex-A57 MPCore Software Developers Errata Notic

Revert "aarch32: Apply workaround for errata 813419 of Cortex-A57"

This reverts commit 6f512a3dfd61662dbdae4912fb6a320ae4d754d5.

According to the 'Cortex-A57 MPCore Software Developers Errata Notice':

This bug will only affect secure AArch64 EL3. If the above
conditions occur, the CPU will not invalidate the targeted EL3 TLB
entries and incorrect translations might occur.

For this reason it is not needed in AArch32.

Change-Id: I6f7b333817515499723e8f306145790ad6af9975
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

show more ...

xlat v2: Support mapping regions with allocated VA

Provide new APIs to add new regions without specifying the base VA.

- `mmap_add_region_alloc_va` adds a static region to mmap choosing as
base V

xlat v2: Support mapping regions with allocated VA

Provide new APIs to add new regions without specifying the base VA.

- `mmap_add_region_alloc_va` adds a static region to mmap choosing as
base VA the first possible address after all the currently mapped
regions. It is aligned to an appropriate boundary in relation to the
size and base PA of the requested region. No attempt is made to fill
any unused VA holes.

- `mmap_add_dynamic_region_alloc_va` it adds a region the same way as
`mmap_add_region_alloc_va` does, but it's dynamic instead of static.

- `mmap_add_alloc_va` takes an array of non const `mmap_region_t`,
maps them in the same way as `mmap_add_region_alloc_va` and fills
their `base_va` field. A helper macro has been created to help create
the array, called `MAP_REGION_ALLOC_VA`.

Change-Id: I5ef3f82ca0dfd0013d2e8034aa22f13ca528ba37
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

show more ...

drivers/tzc-dmc620: add driver to setup DMC-620 TZC controller

ARM CoreLink DMC-620 Dynamic Memory Controller includes a TZC controller
to setup secure or non-secure regions of DRAM memory. The TZC

drivers/tzc-dmc620: add driver to setup DMC-620 TZC controller

ARM CoreLink DMC-620 Dynamic Memory Controller includes a TZC controller
to setup secure or non-secure regions of DRAM memory. The TZC controller
allows to setup upto eight such regions of memory in DRAM. This driver
provides helper functions to setup the TZC controller within DMC-620.

Change-Id: Iee7692417c2080052bdb7b1c2873a024bc5d1d10
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>

show more ...

Merge pull request #1682 from MISL-EBU-System-SW/migrate-multi-console

Marvell: Migrate to multi console API

plat/marvell: Migrate to multi-console API

Migrate Marvell platforms from legacy console API to
multi-console API.

Change-Id: I647f5f49148b463a257a747af05b5f0c967f267c
Signed-off-by: Konstantin Por

plat/marvell: Migrate to multi-console API

Migrate Marvell platforms from legacy console API to
multi-console API.

Change-Id: I647f5f49148b463a257a747af05b5f0c967f267c
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>

show more ...

drivers: st: update console driver to support MULTI_CONSOLE_API

Signed-off-by: Yann Gautier <yann.gautier@st.com>

stm32mp1: add a new file for UART registers definition

Signed-off-by: Yann Gautier <yann.gautier@st.com>

utils_def: add an assembly version for GENMASK

When compiling assembly files, stdint.h is not included.
UINT32_C and UINT64_C are then not defined.
A new GENMASK macro for assembly is then created.

utils_def: add an assembly version for GENMASK

When compiling assembly files, stdint.h is not included.
UINT32_C and UINT64_C are then not defined.
A new GENMASK macro for assembly is then created.

Signed-off-by: Yann Gautier <yann.gautier@st.com>

show more ...