Merge changes from topic "ar/smccc_arch_wa_4" into integration

* changes:
docs(security): update CVE-2024-7881 affected CPU revisions
fix(security): update Neoverse-V2 fix version for CVE-2024-7

Merge changes from topic "ar/smccc_arch_wa_4" into integration

* changes:
docs(security): update CVE-2024-7881 affected CPU revisions
fix(security): update Neoverse-V2 fix version for CVE-2024-7881
fix(security): update Cortex-X3 fix version for CVE-2024-7881
fix(security): update Neoverse-V3/V3AE fix version for CVE-2024-7881
fix(security): update Cortex-X925 fix version for CVE-2024-7881
fix(security): update Cortex-X4 fix version for CVE-2024-7881

show more ...

fix(security): update Cortex-X925 fix version for CVE-2024-7881

This patch updates the Cortex-X925 revisions for which the
CVE-2024-7881 [1] / Cat B erratum 3692980 [2] applies. The erratum
applies

fix(security): update Cortex-X925 fix version for CVE-2024-7881

This patch updates the Cortex-X925 revisions for which the
CVE-2024-7881 [1] / Cat B erratum 3692980 [2] applies. The erratum
applies to r0p0, r0p1 and is fixed in r0p2.

[1] https://developer.arm.com/documentation/110326/latest/
[2] https://developer.arm.com/documentation/109180/latest/

Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: Ice7a939bed60d44cff5706a08b2b59d6777760b0

show more ...

Merge "fix(cpus): put back the global declaration for erratum #3701747" into integration

fix(cpus): put back the global declaration for erratum #3701747

Patch 89dba82df accidentally removed it. Put it back.

Change-Id: Ic7a5a13ae89b0b86ccbea56fecfe12bef57a90b9
Signed-off-by: Boyan Karat

fix(cpus): put back the global declaration for erratum #3701747

Patch 89dba82df accidentally removed it. Put it back.

Change-Id: Ic7a5a13ae89b0b86ccbea56fecfe12bef57a90b9
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>

show more ...

Merge "feat(errata): implement workaround for DSU-120 erratum 2900952" into integration

feat(errata): implement workaround for DSU-120 erratum 2900952

DSU Erratum 2900952 is a Cat B erratum that applies to some
DSU-120 implementations of revision r2p0 and is fixed in r2p1.
This erratum

feat(errata): implement workaround for DSU-120 erratum 2900952

DSU Erratum 2900952 is a Cat B erratum that applies to some
DSU-120 implementations of revision r2p0 and is fixed in r2p1.
This erratum is fixed in certain implementations of r2p0 which can be
determined by reading the IMP_CLUSTERREVIDR_EL1[1] register field
where a set bit indicates that the erratum is fixed in this part.

The workaround is to set the CLUSTERACTLR_EL1 bits [21:20] to 0x3
which ignores CBusy from the system interconnect and
setting CLUSTERACTLR_EL1 bit [8] to 1 to assert CBusy from DSU to
all the cores when DSU is busy.

SDEN: https://developer.arm.com/documentation/SDEN-2453103/1200/?lang=en

Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I87aa440ab5c35121aff703032f5cf7a62d0b0bb4

show more ...

Merge changes from topic "ar/cve_wa_refactor" into integration

* changes:
refactor(cpus): optimize CVE checking
refactor(cpus): move errata check to common code
refactor(cpus): drop unused arg

Merge changes from topic "ar/cve_wa_refactor" into integration

* changes:
refactor(cpus): optimize CVE checking
refactor(cpus): move errata check to common code
refactor(cpus): drop unused argument forward_flag

show more ...

refactor(cpus): optimize CVE checking

This patch replaces the use of EXTRA functions
with using erratum entries check
to verify CVE mitigation application for some of
the SMCCC_ARCH_WORKAROUND_* cal

refactor(cpus): optimize CVE checking

This patch replaces the use of EXTRA functions
with using erratum entries check
to verify CVE mitigation application for some of
the SMCCC_ARCH_WORKAROUND_* calls.

Previously, EXTRA functions were individually implemented for
each SMCCC_ARCH_WORKAROUND_*, an approach that becomes unmanageable
with the increasing number of workarounds.
By looking up erratum entries for CVE check, the process is streamlined,
reducing overhead associated with creating and
maintaining EXTRA functions for each new workaround.

New Errata entries are created for SMC workarounds and
that is used to target cpus that are uniquely impacted
by SMC workarounds.

Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I873534e367a35c99461d0a616ff7bf856a0000af

show more ...

Merge changes I3d950e72,Id315a8fe,Ib62e6e9b,I1d0475b2 into integration

* changes:
perf(cm): drop ZCR_EL3 saving and some ISBs and replace them with root context
perf(psci): get PMF timestamps wi

Merge changes I3d950e72,Id315a8fe,Ib62e6e9b,I1d0475b2 into integration

* changes:
perf(cm): drop ZCR_EL3 saving and some ISBs and replace them with root context
perf(psci): get PMF timestamps with no cache flushes if possible
perf(amu): greatly simplify AMU context management
perf(mpmm): greatly simplify MPMM enablement

show more ...

perf(mpmm): greatly simplify MPMM enablement

MPMM is a core-specific microarchitectural feature. It has been present
in every Arm core since the Cortex-A510 and has been implemented in
exactly the s

perf(mpmm): greatly simplify MPMM enablement

MPMM is a core-specific microarchitectural feature. It has been present
in every Arm core since the Cortex-A510 and has been implemented in
exactly the same way. Despite that, it is enabled more like an
architectural feature with a top level enable flag. This utilised the
identical implementation.

This duality has left MPMM in an awkward place, where its enablement
should be generic, like an architectural feature, but since it is not,
it should also be core-specific if it ever changes. One choice to do
this has been through the device tree.

This has worked just fine so far, however, recent implementations expose
a weakness in that this is rather slow - the device tree has to be read,
there's a long call stack of functions with many branches, and system
registers are read. In the hot path of PSCI CPU powerdown, this has a
significant and measurable impact. Besides it being a rather large
amount of code that is difficult to understand.

Since MPMM is a microarchitectural feature, its correct placement is in
the reset function. The essence of the current enablement is to write
CPUPPMCR_EL3.MPMM_EN if CPUPPMCR_EL3.MPMMPINCTL == 0. Replacing the C
enablement with an assembly macro in each CPU's reset function achieves
the same effect with just a single close branch and a grand total of 6
instructions (versus the old 2 branches and 32 instructions).

Having done this, the device tree entry becomes redundant. Should a core
that doesn't support MPMM arise, this can cleanly be handled in the
reset function. As such, the whole ENABLE_MPMM_FCONF and platform hooks
mechanisms become obsolete and are removed.

Change-Id: I1d0475b21a1625bb3519f513ba109284f973ffdf
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>

show more ...

Merge changes from topic "bk/errata_speed" into integration

* changes:
refactor(cpus): declare runtime errata correctly
perf(cpus): make reset errata do fewer branches
perf(cpus): inline the i

Merge changes from topic "bk/errata_speed" into integration

* changes:
refactor(cpus): declare runtime errata correctly
perf(cpus): make reset errata do fewer branches
perf(cpus): inline the init_cpu_data_ptr function
perf(cpus): inline the reset function
perf(cpus): inline the cpu_get_rev_var call
perf(cpus): inline cpu_rev_var checks
refactor(cpus): register DSU errata with the errata framework's wrappers
refactor(cpus): convert checker functions to standard helpers
refactor(cpus): convert the Cortex-A65 to use the errata framework
fix(cpus): declare reset errata correctly

show more ...

perf(cpus): make reset errata do fewer branches

Errata application is painful for performance. For a start, it's done
when the core has just come out of reset, which means branch predictors
and cach

perf(cpus): make reset errata do fewer branches

Errata application is painful for performance. For a start, it's done
when the core has just come out of reset, which means branch predictors
and caches will be empty so a branch to a workaround function must be
fetched from memory and that round trip is very slow. Then it also runs
with the I-cache off, which means that the loop to iterate over the
workarounds must also be fetched from memory on each iteration.

We can remove both branches. First, we can simply apply every erratum
directly instead of defining a workaround function and jumping to it.
Currently, no errata that need to be applied at both reset and runtime,
with the same workaround function, exist. If the need arose in future,
this should be achievable with a reset + runtime wrapper combo.

Then, we can construct a function that applies each erratum linearly
instead of looping over the list. If this function is part of the reset
function, then the only "far" branches at reset will be for the checker
functions. Importantly, this mitigates the slowdown even when an erratum
is disabled.

The result is ~50% speedup on N1SDP and ~20% on AArch64 Juno on wakeup
from PSCI calls that end in powerdown. This is roughly back to the
baseline of v2.9, before the errata framework regressed on performance
(or a little better). It is important to note that there are other
slowdowns since then that remain unknown.

Change-Id: Ie4d5288a331b11fd648e5c4a0b652b74160b07b9
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>

show more ...

Merge changes from topic "gr/errata_mpidr" into integration

* changes:
fix(cpus): workaround for Cortex-X925 erratum 2963999
fix(cpus): workaround for Neoverse-V3 erratum 2970647
fix(cpus): wo

Merge changes from topic "gr/errata_mpidr" into integration

* changes:
fix(cpus): workaround for Cortex-X925 erratum 2963999
fix(cpus): workaround for Neoverse-V3 erratum 2970647
fix(cpus): workaround for Cortex-X4 erratum 2957258

show more ...

fix(cpus): workaround for Cortex-X925 erratum 2963999

Cortex-X925 erratum 2963999 that applies to r0p0 and is fixed in
r0p1.

In EL3, reads of MPIDR_EL1 and MIDR_EL1 might incorrectly virtualize
whi

fix(cpus): workaround for Cortex-X925 erratum 2963999

Cortex-X925 erratum 2963999 that applies to r0p0 and is fixed in
r0p1.

In EL3, reads of MPIDR_EL1 and MIDR_EL1 might incorrectly virtualize
which register to return when reading the value of
MPIDR_EL1/VMPIDR_EL2 and MIDR_EL1/VPIDR_EL2, respectively.

The workaround is to do an ISB prior to an MRS read to either
MPIDR_EL1 and MIDR_EL1.

SDEN documentation:
https://developer.arm.com/documentation/109180/latest/

Change-Id: I447fd359ea32e1d274e1245886e1de57d14f082c
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

Merge changes from topic "gr/errata_ICH_VMCR_EL2" into integration

* changes:
fix(cpus): workaround for Neoverse-V3 erratum 3701767
fix(cpus): workaround for Neoverse-N3 erratum 3699563
fix(cp

Merge changes from topic "gr/errata_ICH_VMCR_EL2" into integration

* changes:
fix(cpus): workaround for Neoverse-V3 erratum 3701767
fix(cpus): workaround for Neoverse-N3 erratum 3699563
fix(cpus): workaround for Neoverse-N2 erratum 3701773
fix(cpus): workaround for Cortex-X925 erratum 3701747
fix(cpus): workaround for Cortex-X4 erratum 3701758
fix(cpus): workaround for Cortex-X3 erratum 3701769
fix(cpus): workaround for Cortex-X2 erratum 3701772
fix(cpus): workaround for Cortex-A725 erratum 3699564
fix(cpus): workaround for Cortex-A720-AE erratum 3699562
fix(cpus): workaround for Cortex-A720 erratum 3699561
fix(cpus): workaround for Cortex-A715 erratum 3699560
fix(cpus): workaround for Cortex-A710 erratum 3701772
fix(cpus): workaround for accessing ICH_VMCR_EL2
chore(cpus): fix incorrect header macro

show more ...

fix(cpus): workaround for Cortex-X925 erratum 3701747

Cortex-X925 erratum 3701747 that applies to r0p0, r0p1 and is still
Open.

The workaround is for EL3 software that performs context save/restore

fix(cpus): workaround for Cortex-X925 erratum 3701747

Cortex-X925 erratum 3701747 that applies to r0p0, r0p1 and is still
Open.

The workaround is for EL3 software that performs context save/restore
on a change of Security state to use a value of SCR_EL3.NS when
accessing ICH_VMCR_EL2 that reflects the Security state that owns the
data being saved or restored.

SDEN documentation:
https://developer.arm.com/documentation/109180/latest/

Change-Id: I080296666f89276b3260686c2bdb8de63fc174c1
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

Merge changes from topic "ar/smccc_arch_wa_4" into integration

* changes:
fix(security): apply SMCCC_ARCH_WORKAROUND_4 to affected cpus
fix(security): add support in cpu_ops for CVE-2024-7881

Merge changes from topic "ar/smccc_arch_wa_4" into integration

* changes:
fix(security): apply SMCCC_ARCH_WORKAROUND_4 to affected cpus
fix(security): add support in cpu_ops for CVE-2024-7881
fix(security): add CVE-2024-7881 mitigation to Cortex-X3
fix(security): add CVE-2024-7881 mitigation to Neoverse-V3
fix(security): add CVE-2024-7881 mitigation to Neoverse-V2
fix(security): add CVE-2024-7881 mitigation to Cortex-X925
fix(security): add CVE-2024-7881 mitigation to Cortex-X4
fix(security): enable WORKAROUND_CVE_2024_7881 build option

show more ...

fix(security): apply SMCCC_ARCH_WORKAROUND_4 to affected cpus

This patch implements SMCCC_ARCH_WORKAROUND_4 and
allows discovery through SMCCC_ARCH_FEATURES.
This mechanism is enabled if CVE_2024_78

fix(security): apply SMCCC_ARCH_WORKAROUND_4 to affected cpus

This patch implements SMCCC_ARCH_WORKAROUND_4 and
allows discovery through SMCCC_ARCH_FEATURES.
This mechanism is enabled if CVE_2024_7881 [1] is enabled
by the platform. If CVE_2024_7881 mitigation
is implemented, the discovery call returns 0,
if not -1 (SMC_ARCH_CALL_NOT_SUPPORTED).

For more information about SMCCC_ARCH_WORKAROUND_4 [2], please
refer to the SMCCC Specification reference provided below.

[1]: https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-7881
[2]: https://developer.arm.com/documentation/den0028/latest

Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I1b1ffaa1f806f07472fd79d5525f81764d99bc79

show more ...

fix(security): add CVE-2024-7881 mitigation to Cortex-X925

This patch mitigates CVE-2024-7881 [1] by setting CPUACTLR6_EL1[41] to 1
for Cortex-X925 CPU.

[1]: https://developer.arm.com/Arm%20Securit

fix(security): add CVE-2024-7881 mitigation to Cortex-X925

This patch mitigates CVE-2024-7881 [1] by setting CPUACTLR6_EL1[41] to 1
for Cortex-X925 CPU.

[1]: https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-7881

Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I53e72e4dbc8937cea3c344a5ba04664c50a0792a

show more ...

Merge changes from topic "sm/fix_erratum" into integration

* changes:
fix(cpus): workaround for CVE-2024-5660 for Cortex-X925
fix(cpus): workaround for CVE-2024-5660 for Cortex-X2
fix(cpus): w

Merge changes from topic "sm/fix_erratum" into integration

* changes:
fix(cpus): workaround for CVE-2024-5660 for Cortex-X925
fix(cpus): workaround for CVE-2024-5660 for Cortex-X2
fix(cpus): workaround for CVE-2024-5660 for Cortex-A77
fix(cpus): workaround for CVE-2024-5660 for Neoverse-V1
fix(cpus): workaround for CVE-2024-5660 for Cortex-A78_AE
fix(cpus): workaround for CVE-2024-5660 for Cortex-A78C
fix(cpus): workaround for CVE-2024-5660 for Cortex-A78
fix(cpus): workaround for CVE-2024-5660 for Cortex-X1
fix(cpus): workaround for CVE-2024-5660 for Neoverse-N2
fix(cpus): workaround for CVE-2024-5660 for Cortex-A710
fix(cpus): workaround for CVE-2024-5660 for Neoverse-V2
fix(cpus): workaround for CVE-2024-5660 for Cortex-X3
fix(cpus): workaround for CVE-2024-5660 for Neoverse-V3
fix(cpus): workaround for CVE-2024-5660 for Cortex-X4

show more ...

fix(cpus): workaround for CVE-2024-5660 for Cortex-X925

Implements mitigation for CVE-2024-5660 that affects Cortex-X925
revisions r0p0, r0p1.
The workaround is to disable the hardware page aggregat

fix(cpus): workaround for CVE-2024-5660 for Cortex-X925

Implements mitigation for CVE-2024-5660 that affects Cortex-X925
revisions r0p0, r0p1.
The workaround is to disable the hardware page aggregation at
EL3 by setting CPUECTLR_EL1[46] = 1'b1.

Public Documentation:
https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-5660

Change-Id: I9d5a07ca6b89b27d8876f4349eff2af26c962d8a
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>

show more ...

Merge changes from topic "clean-up-errata-compatibility" into integration

* changes:
refactor(cpus): remove cpu specific errata funcs
refactor(cpus): directly invoke errata reporter

refactor(cpus): remove cpu specific errata funcs

Errata printing is done directly via generic_errata_report.
This commit removes the unused \_cpu\()_errata_report
functions for all cores, and remove

refactor(cpus): remove cpu specific errata funcs

Errata printing is done directly via generic_errata_report.
This commit removes the unused \_cpu\()_errata_report
functions for all cores, and removes errata_func from cpu_ops.

Change-Id: I04fefbde5f0ff63b1f1cd17c864557a14070d68c
Signed-off-by: Ryan Everett <ryan.everett@arm.com>

show more ...

Merge changes from topic "gr/cpu_ren" into integration

* changes:
chore: rename Blackhawk to Cortex-X925
chore: rename Chaberton to Cortex-A725

chore: rename Blackhawk to Cortex-X925

Rename Blackhawk to Cortex-X925.

Change-Id: I51e40a7bc6b8871c53c40d1f341853b1fd7fdf71
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>