fix(security): apply SMCCC_ARCH_WORKAROUND_3 to A73/A75/A72/A57

This patch applies CVE-2022-23960 workarounds for Cortex-A75,
Cortex-A73, Cortex-A72 & Cortex-A57. This patch also implements
the new

fix(security): apply SMCCC_ARCH_WORKAROUND_3 to A73/A75/A72/A57

This patch applies CVE-2022-23960 workarounds for Cortex-A75,
Cortex-A73, Cortex-A72 & Cortex-A57. This patch also implements
the new SMCCC_ARCH_WORKAROUND_3 and enables necessary discovery
hooks for Coxtex-A72, Cortex-A57, Cortex-A73 and Cortex-A75 to
enable discovery of this SMC via SMC_FEATURES. SMCCC_ARCH_WORKAROUND_3
is implemented for A57/A72 because some revisions are affected by both
CVE-2022-23960 and CVE-2017-5715 and this allows callers to replace
SMCCC_ARCH_WORKAROUND_1 calls with SMCCC_ARCH_WORKAROUND_3. For details
of SMCCC_ARCH_WORKAROUND_3, please refer SMCCCv1.4 specification.

Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: Ifa6d9c7baa6764924638efe3c70468f98d60ed7c

show more ...

Merge changes from topic "od/cleanup-changes" into integration

* changes:
perf(spmd): omit sel1 context save if sel2 present
fix(fvp): spmc optee manifest remove SMC allowlist
fix: random typo

Merge changes from topic "od/cleanup-changes" into integration

* changes:
perf(spmd): omit sel1 context save if sel2 present
fix(fvp): spmc optee manifest remove SMC allowlist
fix: random typos in tf-a code base

show more ...

fix: random typos in tf-a code base

Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: Id610f7e4398e799a2fbd74861274fd684c32db53

Merge "arm_fpga: Add support for unknown MPIDs" into integration

arm_fpga: Add support for unknown MPIDs

This patch allows the system to fallback to a default CPU library
in case the MPID does not match with any of the supported ones.

This feature can be enabled

arm_fpga: Add support for unknown MPIDs

This patch allows the system to fallback to a default CPU library
in case the MPID does not match with any of the supported ones.

This feature can be enabled by setting SUPPORT_UNKNOWN_MPID build
option to 1 (enabled by default only on arm_fpga platform).

This feature can be very dangerous on a production image and
therefore it MUST be disabled for Release images.

Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Change-Id: I0df7ef2b012d7d60a4fd5de44dea1fbbb46881ba

show more ...

Merge changes from topic "tegra-downstream-07092020" into integration

* changes:
Tegra194: remove AON_WDT IRQ mapping
Tegra: smmu: add smmu_verify function
Tegra: TZDRAM setup from soc specifi

Merge changes from topic "tegra-downstream-07092020" into integration

* changes:
Tegra194: remove AON_WDT IRQ mapping
Tegra: smmu: add smmu_verify function
Tegra: TZDRAM setup from soc specific early_boot handlers
Tegra: remove "platform_get_core_pos" function
Tegra: print GICC registers conditionally
lib: cpus: sanity check pointers before use
Tegra: spe: do not flush console in console_putc
Tegra: verify platform compatibility

show more ...

lib: cpus: sanity check pointers before use

The cpu_ops structure contains a lot of function pointers. It
is a good idea to verify that the function pointer is not NULL
before executing it.

This pa

lib: cpus: sanity check pointers before use

The cpu_ops structure contains a lot of function pointers. It
is a good idea to verify that the function pointer is not NULL
before executing it.

This patch sanity checks each pointer before use to prevent any
unforeseen crashes. These checks have been enabled for debug
builds only.

Change-Id: Ib208331c20e60f0c7c582a20eb3d8cc40fb99d21
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>

show more ...

Merge "Neoverse N1 Errata Workaround 1542419" into integration

Neoverse N1 Errata Workaround 1542419

Coherent I-cache is causing a prefetch violation where when the core
executes an instruction that has recently been modified, the core might
fetch a stale instr

Neoverse N1 Errata Workaround 1542419

Coherent I-cache is causing a prefetch violation where when the core
executes an instruction that has recently been modified, the core might
fetch a stale instruction which violates the ordering of instruction
fetches.

The workaround includes an instruction sequence to implementation
defined registers to trap all EL0 IC IVAU instructions to EL3 and a trap
handler to execute a TLB inner-shareable invalidation to an arbitrary
address followed by a DSB.

Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Change-Id: Ic3b7cbb11cf2eaf9005523ef5578a372593ae4d6

show more ...

Merge pull request #1751 from vwadekar/tegra-scatter-file-support

Tegra scatter file support

Tegra: Support for scatterfile for the BL31 image

This patch provides support for using the scatterfile format as
the linker script with the 'armlink' linker for Tegra platforms.

In order to enable

Tegra: Support for scatterfile for the BL31 image

This patch provides support for using the scatterfile format as
the linker script with the 'armlink' linker for Tegra platforms.

In order to enable the scatterfile usage the following changes
have been made:

* provide mapping for ld.S symbols in bl_common.h
* include bl_common.h from all the affected files
* update the makefile rules to use the scatterfile and armlink
to compile BL31
* update pubsub.h to add sections to the scatterfile

NOTE: THIS CHANGE HAS BEEN VERIFIED WITH TEGRA PLATFORMS ONLY.

Change-Id: I7bb78b991c97d74a842e5635c74cb0b18e0fce67
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>

show more ...

Merge pull request #1726 from antonio-nino-diaz-arm/an/includes

Sanitise includes across codebase

Sanitise includes across codebase

Enforce full include path for includes. Deprecate old paths.

The following folders inside include/lib have been left unchanged:

- include/lib/cpus/${ARCH}
- inclu

Sanitise includes across codebase

Enforce full include path for includes. Deprecate old paths.

The following folders inside include/lib have been left unchanged:

- include/lib/cpus/${ARCH}
- include/lib/el3_runtime/${ARCH}

The reason for this change is that having a global namespace for
includes isn't a good idea. It defeats one of the advantages of having
folders and it introduces problems that are sometimes subtle (because
you may not know the header you are actually including if there are two
of them).

For example, this patch had to be created because two headers were
called the same way: e0ea0928d5b7 ("Fix gpio includes of mt8173 platform
to avoid collision."). More recently, this patch has had similar
problems: 46f9b2c3a282 ("drivers: add tzc380 support").

This problem was introduced in commit 4ecca33988b9 ("Move include and
source files to logical locations"). At that time, there weren't too
many headers so it wasn't a real issue. However, time has shown that
this creates problems.

Platforms that want to preserve the way they include headers may add the
removed paths to PLAT_INCLUDES, but this is discouraged.

Change-Id: I39dc53ed98f9e297a5966e723d1936d6ccf2fc8f
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

show more ...

Merge pull request #1392 from dp-arm/dp/cve_2018_3639

Implement workaround for CVE-2018-3639 on Cortex A57/A72/A73 and A75

Add support for dynamic mitigation for CVE-2018-3639

Some CPUS may benefit from using a dynamic mitigation approach for
CVE-2018-3639. A new SMC interface is defined to allow software
executing in

Add support for dynamic mitigation for CVE-2018-3639

Some CPUS may benefit from using a dynamic mitigation approach for
CVE-2018-3639. A new SMC interface is defined to allow software
executing in lower ELs to enable or disable the mitigation for their
execution context.

It should be noted that regardless of the state of the mitigation for
lower ELs, code executing in EL3 is always mitigated against
CVE-2018-3639.

NOTE: This change is a compatibility break for any platform using
the declare_cpu_ops_workaround_cve_2017_5715 macro. Migrate to
the declare_cpu_ops_wa macro instead.

Change-Id: I3509a9337ad217bbd96de9f380c4ff8bf7917013
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>

show more ...

Rename symbols and files relating to CVE-2017-5715

This patch renames symbols and files relating to CVE-2017-5715 to make
it easier to introduce new symbols and files for new CVE mitigations.

Chang

Rename symbols and files relating to CVE-2017-5715

This patch renames symbols and files relating to CVE-2017-5715 to make
it easier to introduce new symbols and files for new CVE mitigations.

Change-Id: I24c23822862ca73648c772885f1690bed043dbc7
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>

show more ...

Merge pull request #1355 from jonathanwright-ARM/jw/REVIDR-errata-workaround

Check presence of hardware fix for 2 errata on Cortex A53

Check presence of fix for errata 843419 in Cortex-A53

A fix for errata 843419 may be available in revision r0p4 of the
Cortex-A53 processor. The presence of the fix is determined by checking
bit 8 i

Check presence of fix for errata 843419 in Cortex-A53

A fix for errata 843419 may be available in revision r0p4 of the
Cortex-A53 processor. The presence of the fix is determined by checking
bit 8 in the REVIDR register.

If the fix is present we report ERRATA_NOT_APPLIES which silences the
erroneous 'missing workaround' warning.

Change-Id: Ibd2a478df3e2a6325442a6a48a0bb0259dcfc1d7
Signed-off-by: Jonathan Wright <jonathan.wright@arm.com>

show more ...

Merge pull request #1305 from dp-arm/dp/smccc

Implement support for v1.2 of firmware interfaces spec (ARM DEN 0070A)

Fixup `SMCCC_ARCH_FEATURES` semantics

When querying `SMCCC_ARCH_WORKAROUND_1` through `SMCCC_ARCH_FEATURES`,
return either:
* -1 to indicate the PE on which `SMCCC_ARCH_FEATURES` is called
req

Fixup `SMCCC_ARCH_FEATURES` semantics

When querying `SMCCC_ARCH_WORKAROUND_1` through `SMCCC_ARCH_FEATURES`,
return either:
* -1 to indicate the PE on which `SMCCC_ARCH_FEATURES` is called
requires firmware mitigation for CVE-2017-5715 but the mitigation
is not compiled in.
* 0 to indicate that firmware mitigation is required, or
* 1 to indicate that no firmware mitigation is required.

This patch complies with v1.2 of the firmware interfaces
specification (ARM DEN 0070A).

Change-Id: Ibc32d6620efdac6c340758ec502d95554a55f02a
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>

show more ...

Merge pull request #1200 from robertovargas-arm/bl2-el3

Add BL2_AT_EL3 build option

bl2-el3: Add BL2_EL3 image

This patch enables BL2 to execute at the highest exception level
without any dependancy on TF BL1. This enables platforms which already
have a non-TF Boot ROM to directly

bl2-el3: Add BL2_EL3 image

This patch enables BL2 to execute at the highest exception level
without any dependancy on TF BL1. This enables platforms which already
have a non-TF Boot ROM to directly load and execute BL2 and subsequent BL
stages without need for BL1. This is not currently possible because
BL2 executes at S-EL1 and cannot jump straight to EL3.

Change-Id: Ief1efca4598560b1b8c8e61fbe26d1f44e929d69
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>

show more ...

Merge pull request #941 from dp-arm/dp/clang

Allow TF to be built using clang or ARM Compiler 6

Use a callee-saved register to be AAPCS-compliant

x8 is not a callee-saved register and can be corrupted.
Use x19 instead to be AAPCS-compliant.

Fixes ARM-software/tf-issues#478

Change-Id: Ib4f114

Use a callee-saved register to be AAPCS-compliant

x8 is not a callee-saved register and can be corrupted.
Use x19 instead to be AAPCS-compliant.

Fixes ARM-software/tf-issues#478

Change-Id: Ib4f114c36f4c11351ae856f953c45dca92b27c3b
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>

show more ...

Merge pull request #925 from dp-arm/dp/spdx

Use SPDX license identifiers