Merge changes from topic "romlib-fixes" into integration

* changes:
fix(romlib): wrap indirectly included functions
fix(arm): remove duplicate jumptable entry

Merge "fix(cpus): workaround for Cortex-A720 erratum 2844092" into integration

Merge "fix(cpus): workaround for Cortex-X4 erratum 2816013" into integration

fix(romlib): wrap indirectly included functions

The problem that this resolves is a bit involved; the following
must be met at the same time for some function <to_be_wrapped>:

* to_be_wrapped must

fix(romlib): wrap indirectly included functions

The problem that this resolves is a bit involved; the following
must be met at the same time for some function <to_be_wrapped>:

* to_be_wrapped must be specified as part of the romlib
* to_be_wrapped must _not_ be referenced by any translation unit
in TF-A
* to_be_wrapped must be referenced by a translation unit in a
dependent library, mbedtls for example.

Under these circumstances, to_be_wrapped will not be wrapped, and
will instead reference its original definition while simultaneously
residing in romlib.

This is a side effect of two issues with romlib prior to this patch:

1 to_be_wrapped is expected to wrap by duplicating its definition.
This causes any condition that links against both the base and
wrapper functions to be a link error (duplicate symbol definition).
2 to_be_wrapped is in its own translation unit
This causes the wrappers to be used by TF-A in an as needed.

The duplicate function definitions can be worked around using the
linker's `--wrap` flag, which redirects all references to a symbol
to resolve to `__wrap_<symbol>` and the original symbol to be
available as `__real_<symbol>`. Most of the changes handle creating
this arguments and passing them to the linker.

Further, once you use the linker's wrap, you will encounter another
issue: if TF-A does not use a function, its wrapper is not present.
This causes link issues when a library and not TF-A uses the wrapper.
Note that this issue would have been resolved previously by ignoring
the wrapper and using the base definition.

This further issue is worked around by concatenating the assembly for
all of the wrappers into a single translation unit. It's possible to
work around this issue in a few other ways, including reordering the
libraries passed to the linker to place libwrapper.a last or grouping
the libraries so that symbols from later libraries may be resolved
with prior libraries.

I chose the translation unit concatenation approach as it revealed
that a jumptable has duplicate symbols within it.

Change-Id: Ie57b5ae69bde2fc8705bdc7a93fae3ddb5341ed9
Signed-off-by: Jimmy Brisson <jimmy.brisson@arm.com>

show more ...

fix(psci): fix parent parsing in psci_is_last_cpu_to_idle_at_pwrlvl

The function always checks the first parent of the current core
instead parse the tree topology to find the parent at parent level

fix(psci): fix parent parsing in psci_is_last_cpu_to_idle_at_pwrlvl

The function always checks the first parent of the current core
instead parse the tree topology to find the parent at parent level
of the CPU. It is because the current loop has no effect as it uses
a fixed parameter 'my_idx' and returns the FIRST parent of CPU.
Also, it looks for the parent nodes in the array of CPU nodes, but
actually they are in a separate array.

This update allows to parse the PSCI topology tree to find
the parent at parent level of the CPU identified by my_idx.

Fixes: 606b7430077c ("feat(psci): add support for OS-initiated mode")
Change-Id: I96fb5ecc154a76b16adca5b5055217b8626c9e66
Signed-off-by: Charlie Bareham <charlie.bareham@arm.com>

show more ...

Merge changes from topic "ar/asymmetricSupport" into integration

* changes:
feat(trbe): introduce trbe_disable() function
feat(spe): introduce spe_disable() function
chore(spe): rename spe_dis

Merge changes from topic "ar/asymmetricSupport" into integration

* changes:
feat(trbe): introduce trbe_disable() function
feat(spe): introduce spe_disable() function
chore(spe): rename spe_disable() to spe_stop()

show more ...

fix(cpus): workaround for Cortex-A720 erratum 2844092

Cortex-A720 erratum 2844092 is a Cat B erratum that is present
in revisions r0p0, r0p1 and is fixed in r0p2.

The workaround is to set bit[11] o

fix(cpus): workaround for Cortex-A720 erratum 2844092

Cortex-A720 erratum 2844092 is a Cat B erratum that is present
in revisions r0p0, r0p1 and is fixed in r0p2.

The workaround is to set bit[11] of CPUACTLR4_EL1 register.

SDEN documentation:
https://developer.arm.com/documentation/SDEN-2439421/latest

Change-Id: I3d8eacb26cba42774f1f31c3aae2a0e6fecec614
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>

show more ...

fix(cpus): workaround for Cortex-X4 erratum 2816013

Cortex-X4 erratum 2816013 is a Cat B erratum that applies
to all revisions <= r0p1 and is fixed in r0p2. This erratum
is only present when memory

fix(cpus): workaround for Cortex-X4 erratum 2816013

Cortex-X4 erratum 2816013 is a Cat B erratum that applies
to all revisions <= r0p1 and is fixed in r0p2. This erratum
is only present when memory tagging is enabled.

The workaround is to set CPUACTLR5_EL1[14] to 1.

SDEN documentation:
https://developer.arm.com/documentation/SDEN-2432808/latest

Change-Id: I546044bde6e5eedd0abf61643d25e2dd2036df5c
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>

show more ...

feat(trbe): introduce trbe_disable() function

This patch adds trbe_disable() which disables Trace buffer access
from lower ELs in all security state. This function makes Secure
state the owner of Tr

feat(trbe): introduce trbe_disable() function

This patch adds trbe_disable() which disables Trace buffer access
from lower ELs in all security state. This function makes Secure
state the owner of Trace buffer and access from EL2/EL1 generate
trap exceptions to EL3.

Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: If3e3bd621684b3c28f44c3ed2fe3df30b143f8cd

show more ...

feat(spe): introduce spe_disable() function

Introduce a function to disable SPE feature for Non-secure state and do
the default setting of making Secure state the owner of profiling
buffers and trap

feat(spe): introduce spe_disable() function

Introduce a function to disable SPE feature for Non-secure state and do
the default setting of making Secure state the owner of profiling
buffers and trap access of profiling and profiling buffer control
registers from lower ELs to EL3.

This functionality is required to handle asymmetric cores where SPE has
to disabled at runtime.

Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I2f99e922e8df06bfc900c153137aef7c9dcfd759

show more ...

chore(spe): rename spe_disable() to spe_stop()

During CPU power down, we stop the profiling by calling spe_disable()
function. From TF-A point of view, enable/disable means the avaibility
of the fea

chore(spe): rename spe_disable() to spe_stop()

During CPU power down, we stop the profiling by calling spe_disable()
function. From TF-A point of view, enable/disable means the avaibility
of the feature for lower EL. In this case we are not actully disabling
the feautre but stoping it before power down.

Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I6e3b39c5c35d330c51e7ac715446a8b36bf9531f

show more ...

Merge changes from topic "jc/refact_el1_ctx" into integration

* changes:
refactor(cm): convert el1-ctx assembly offset entries to c structure
feat(cm): add explicit context entries for ERRATA_SP

Merge changes from topic "jc/refact_el1_ctx" into integration

* changes:
refactor(cm): convert el1-ctx assembly offset entries to c structure
feat(cm): add explicit context entries for ERRATA_SPECULATIVE_AT

show more ...

Merge "build: consolidate directory creation rules" into integration

refactor(cm): convert el1-ctx assembly offset entries to c structure

Currently the EL1 part of the context structure (el1_sysregs_t),
is coupled with feature flags reducing the context memory alloca

refactor(cm): convert el1-ctx assembly offset entries to c structure

Currently the EL1 part of the context structure (el1_sysregs_t),
is coupled with feature flags reducing the context memory allocation
for platforms, that don't enable/support all the architectural
features at once.

Similar to the el2 context optimization commit-"d6af234" this patch
further improves this section by converting the assembly context-offset
entries into a c structure. It relies on garbage collection of the
linker removing unreferenced structures from memory, as well as aiding
in readability and future maintenance. Additionally, it eliminates
the #ifs usage in 'context_mgmt.c' source file.

Change-Id: If6075931cec994bc89231241337eccc7042c5ede
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>

show more ...

feat(cm): add explicit context entries for ERRATA_SPECULATIVE_AT

* Currently, "ERRATA_SPECUALTIVE_AT" errata is enabled by default
for few cores and they need context entries for saving and
rest

feat(cm): add explicit context entries for ERRATA_SPECULATIVE_AT

* Currently, "ERRATA_SPECUALTIVE_AT" errata is enabled by default
for few cores and they need context entries for saving and
restoring EL1 regs "SCTLR_EL1 and TCR_EL1" registers at all times.

* This prevents the mechanism of decoupling EL1 and EL2 registers,
as EL3 firmware shouldn't be handling both simultaneously.

* Depending on the build configuration either EL1 or EL2 context
structures need to included, which would result in saving a good
amount of context memory.

* In order to achieve this it's essential to have explicit context
entries for registers supporting "ERRATA_SPECULATIVE_AT".

* This patch adds two context entries under "errata_speculative_at"
structure to assist this errata and thereby allows decoupling
EL1 and EL2 context structures.

Change-Id: Ia50626eea8fb64899a2e2d81622adbe07fe77d65
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>

show more ...

refactor(cpus): remove cpu specific errata funcs

Errata printing is done directly via generic_errata_report.
This commit removes the unused \_cpu\()_errata_report
functions for all cores, and remove

refactor(cpus): remove cpu specific errata funcs

Errata printing is done directly via generic_errata_report.
This commit removes the unused \_cpu\()_errata_report
functions for all cores, and removes errata_func from cpu_ops.

Change-Id: I04fefbde5f0ff63b1f1cd17c864557a14070d68c
Signed-off-by: Ryan Everett <ryan.everett@arm.com>

show more ...

refactor(cpus): directly invoke errata reporter

In all non-trivial cases the CPU specific errata functions
already call generic_errata_report, this cuts out the middleman
by directly calling generic

refactor(cpus): directly invoke errata reporter

In all non-trivial cases the CPU specific errata functions
already call generic_errata_report, this cuts out the middleman
by directly calling generic_errata_report from
print_errata_status.

The CPU specific errata functions (cpu_ops->errata_func)
can now be removed from all cores, and this field can be
removed from cpu_ops.

Also removes the now unused old errata reporting
function and macros.

Change-Id: Ie4a4fd60429aca37cf434e79c0ce2992a5ff5d68
Signed-off-by: Ryan Everett <ryan.everett@arm.com>

show more ...

Merge "feat(handoff): fix register convention r1/x1 value on transfer list" into integration

Merge "fix(xlat): correct attribute retrieval in a RME enabled system" into integration

Merge "feat(fgt2): add support for FEAT_FGT2" into integration

fix(context-mgmt): keep actlr_el2 value in the init context

The system register actlr_el2 can be set during CPU or platform reset
handler. E.g. on Arm Total Compute platform, the CLUSTERPMUEN bit of

fix(context-mgmt): keep actlr_el2 value in the init context

The system register actlr_el2 can be set during CPU or platform reset
handler. E.g. on Arm Total Compute platform, the CLUSTERPMUEN bit of
actlr_el2 is set in the platform reset handler to enable the write
access to DSU PMU registers from EL1. However, as EL2 context gets
restored without saving it beforehand during jump to SPM and next NS
image, therefore, the initialized value of actlr_el2 is not retained.

To fix this issue, keep track of actlr_el2 value during the EL2 context
initialization. This applies for both secure and non-secure security
state.

Change-Id: I1bd7b984216c042c056ad20c6724bedce5a6a3e2
Signed-off-by: Jagdish Gediya <jagdish.gediya@arm.com>
Signed-off-by: Leo Yan <leo.yan@arm.com>

show more ...

Merge "feat(debugv8p9): add support for FEAT_Debugv8p9" into integration

feat(handoff): fix register convention r1/x1 value on transfer list

According to recently firmware handsoff spec [1]'s "Register usage at handoff
boundary", Transfer List's signature value was chang

feat(handoff): fix register convention r1/x1 value on transfer list

According to recently firmware handsoff spec [1]'s "Register usage at handoff
boundary", Transfer List's signature value was changed from 0x40_b10b
(3 bytes) to 4a0f_b10b (4 bytes).

As updating of TL's signature, register value of x1/r1 should be:

In aarch32's r1 value should be
R1[23:0]: set to the TL signature (4a0f_b10b -> masked range value: 0f_b10b)
R1[31:24]: version of the register convention == 1
and
In aarch64's x1 value should be
X1[31:0]: set to the TL signature (4a0f_b10b)
X1[39:32]: version of the register convention == 1
X1[63:40]: MBZ
(See the [2] and [3]).

Therefore, it requires to separate mask and shift value for register
convention version field when sets each r1/x1.

This patch fix two problems:
1. breaking X1 value with updated specification in aarch64
- change of length of signature field.

2. previous error value set in R1 in arm32.
- length of signature should be 24, but it uses 32bit signature.

This change is breaking change. It requires some patch for other
softwares (u-boot[4], optee[5]).

Link: https://github.com/FirmwareHandoff/firmware_handoff [1]
Link: https://github.com/FirmwareHandoff/firmware_handoff/issues/32 [2]
Link: https://github.com/FirmwareHandoff/firmware_handoff/commit/5aa7aa1d3a1db75213e458d392b751f0707de027 [3]
Link: https://lists.denx.de/pipermail/u-boot/2024-July/558628.html [4]
Link: https://github.com/OP-TEE/optee_os/pull/6933 [5]
Signed-off-by: Levi Yun <yeoreum.yun@arm.com>
Change-Id: Ie417e054a7a4c192024a2679419e99efeded1705

show more ...

fix(xlat): correct attribute retrieval in a RME enabled system

In a system enabled with RME, the function
'xlat_get_mem_attributes_internal' fails to accurately provide
'output PA space' for Realm a

fix(xlat): correct attribute retrieval in a RME enabled system

In a system enabled with RME, the function
'xlat_get_mem_attributes_internal' fails to accurately provide
'output PA space' for Realm and Root memory because it does not
consider the 'nse' bit in page table descriptor.
This patch resolves the issue by extracting the 'nse' bit value.
As a result, it ensures correct retrieval of attributes
in RME-enabled systems while maintaining unaffected attribute
retrieval for non-RME systems.

Change-Id: If2d01545b921c9074f48c52a98027ff331e14237
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

build: consolidate directory creation rules

This commit streamlines directory creation by introducing a single
pattern rule to automatically make directories for which there is a
dependency.

We cur

build: consolidate directory creation rules

This commit streamlines directory creation by introducing a single
pattern rule to automatically make directories for which there is a
dependency.

We currently use several macros to generate rules to create directories
upon dependence, which is a significant amount of code and a lot of
redundancy. The rule introduced by this change represents a catch-all:
any rule dependency on a path ending in a forward slash is automatically
created.

Now, rules can rely on an unordered dependency (`|`) on `$$(@D)/` which,
when secondary expansion is enabled, expands to the directory of the
target being built, e.g.:

build/main.o: main.c | $$(@D)/ # automatically creates `build/`

Change-Id: I7e554efa2ac850e779bb302fd9c7fbb239886c9f
Signed-off-by: Chris Kay <chris.kay@arm.com>

show more ...