Merge "fix(build): set linker to lld before evaluating ld_option" into integration

fix(build): shell-escape toolchain wrapper commands

When we split toolchain tool commands into their wrapper and program
shell fragments, we do so by iterating over each shell word and
forwarding it

fix(build): shell-escape toolchain wrapper commands

When we split toolchain tool commands into their wrapper and program
shell fragments, we do so by iterating over each shell word and
forwarding it to `toolchain-guess-tool`.

However, we receive each word in its raw form, but we pass it to a
function which expects a fragment. If the raw word contains characters
which are syntactically-meaningful to the shell, then the command can
misbehave, and the build system can unwittingly do some funky things.

This small change just ensures that we re-quote the shell word we
receive before forwarding it on.

Change-Id: I325e1c135fee97d749da927c08e181775b14d146
Signed-off-by: Chris Kay <chris.kay@arm.com>

show more ...

fix(build): fix incorrect parentheses expansion in `shell-map`

The previous commit which attempted to fix the expansions in `shell-map`
doubled up on the dollar signs for all of the escape substitut

fix(build): fix incorrect parentheses expansion in `shell-map`

The previous commit which attempted to fix the expansions in `shell-map`
doubled up on the dollar signs for all of the escape substitutions; this
"fixed" the Windows build.

However, the expansion of the parentheses is actually still wrong.
Consider the following example:

print = $(warning $(1))

$(call shell-map,print,'$$' '$(lparen)' '$(rparen)')

... which prints:

make_helpers/utilities.mk:620: $
make_helpers/utilities.mk:620: ${lparen}
make_helpers/utilities.mk:620: ${rparen}

However, what we expect to see is:

make_helpers/utilities.mk:620: $
make_helpers/utilities.mk:620: (
make_helpers/utilities.mk:620: )

The reason we do these substitutions is because, behind the scenes, the
function generates a small snippet of Make which calls the map function
provided by the user. To do that safely, we need to escape characters
which can cause premature expansion (`$`), and any characters which can
interfere with the syntax of the `call` function (`(` and `)`).

The shell snippet that we *expected* the example above to generate was:

$(call print,$$,1)
$(call print,${lparen},2)
$(call print,${rparen},3)

However, as of the last "fix", what it is actually generating is:

$(call print,$$,1)
$(call print,$${lparen},2)
$(call print,$${rparen},3)

This breaks the Windows build again but that's because this bug was
actually three bugs from the start.

Change-Id: Ibaf044806101334ddf4080df8da18f9aac8667e5
Signed-off-by: Chris Kay <chris.kay@arm.com>

show more ...

Merge "fix(build): fix incorrect expansions in `shell-map`" into integration

fix(build): fix incorrect expansions in `shell-map`

The `shell-map` function needs to pass values it receives from the shell
back into Make for evaluation, which requires certain special characters

fix(build): fix incorrect expansions in `shell-map`

The `shell-map` function needs to pass values it receives from the shell
back into Make for evaluation, which requires certain special characters
to be escaped.

This escaping is currently resulting in those characters *not* being
escaped, and consequently instead generates some funky (unhelpful)
syntax errors half-way through reading the Makefile.

This change corrects the escape substitutions so that they are evaluated
as expected within Make.

Change-Id: I7b47a48342f626efe362e05283ee59520673375f
Signed-off-by: Chris Kay <chris.kay@arm.com>

show more ...

fix(build): set linker to lld before evaluating ld_option

This ensures ld_option is called with valid -fuse-ld option, therefore
filtering options against ones supported by lld and not the
system de

fix(build): set linker to lld before evaluating ld_option

This ensures ld_option is called with valid -fuse-ld option, therefore
filtering options against ones supported by lld and not the
system default linker Clang chooses without the option specified.

This change should not affect toolchains other than llvm-clang, since it
only moves a conditional concerning the said toolchain.

Resolves the following linking error that manifests itself when using
Clang versions 21 and higher for building TF-A:

> ld.lld: error: unknown argument '--no-warn-rwx-segments'

Change-Id: I466f733377327a7c38ee27899be6681debf61e11
Signed-off-by: Dmitrii Sharshakov <d3dx12.xx@gmail.com>

show more ...

feat(cpufeat): add support for FEAT_IDTE3

This patch adds support for FEAT_IDTE3, which introduces support
for handling the trapping of Group 3 and Group 5 (only GMID_EL1)
registers to EL3 (unless t

feat(cpufeat): add support for FEAT_IDTE3

This patch adds support for FEAT_IDTE3, which introduces support
for handling the trapping of Group 3 and Group 5 (only GMID_EL1)
registers to EL3 (unless trapped to EL2). IDTE3 allows EL3 to
modify the view of ID registers for lower ELs, and this capability
is used to disable fields of ID registers tied to disabled features.

The ID registers are initially read as-is and stored in context.
Then, based on the feature enablement status for each world, if a
particular feature is disabled, its corresponding field in the
cached ID register is set to Res0. When lower ELs attempt to read
an ID register, the cached ID register value is returned. This
allows EL3 to prevent lower ELs from accessing feature-specific
system registers that are disabled in EL3, even though the hardware
implements them.

The emulated ID register values are stored primarily in per-world
context, except for certain debug-related ID registers such as
ID_AA64DFR0_EL1 and ID_AA64DFR1_EL1, which are stored in the
cpu_data and are unique to each PE. This is done to support feature
asymmetry that is commonly seen in debug features.

FEAT_IDTE3 traps all Group 3 ID registers in the range
op0 == 3, op1 == 0, CRn == 0, CRm == {2–7}, op2 == {0–7} and the
Group 5 GMID_EL1 register. However, only a handful of ID registers
contain fields used to detect features enabled in EL3. Hence, we
only cache those ID registers, while the rest are transparently
returned as is to the lower EL.

This patch updates the CREATE_FEATURE_FUNCS macro to generate
update_feat_xyz_idreg_field() functions that disable ID register
fields on a per-feature basis. The enabled_worlds scope is used to
disable ID register fields for security states where the feature is
not enabled.

This EXPERIMENTAL feature is controlled by the ENABLE_FEAT_IDTE3
build flag and is currently disabled by default.

Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I5f998eeab81bb48c7595addc5595313a9ebb96d5

show more ...

feat(per-cpu): introduce linker changes for NUMA aware per-cpu framework

This commit introduces linker changes for NUMA aware per-cpu objects in
the BL31 and BL32 images. The per-cpu framework is de

feat(per-cpu): introduce linker changes for NUMA aware per-cpu framework

This commit introduces linker changes for NUMA aware per-cpu objects in
the BL31 and BL32 images. The per-cpu framework is designed to minimise
cache thrashing, and the linker layout ensures each CPU’s per-cpu data
is placed on a separate cache line. This isolation is expected to
improve performance when the per-cpu framework is enabled.

Signed-off-by: Sammit Joshi <sammit.joshi@arm.com>
Signed-off-by: Rohit Mathew <rohit.mathew@arm.com>
Change-Id: Ie4d8b4e444971adbd9dba0446d1ab8cafaca1556

show more ...

feat(cpufeat): introduce FEAT_RME_GDI support

This patch adds a new build flag ENABLE_FEAT_RME_GDI to enable this
feature, along with defining various related register fields. At this
point, when en

feat(cpufeat): introduce FEAT_RME_GDI support

This patch adds a new build flag ENABLE_FEAT_RME_GDI to enable this
feature, along with defining various related register fields. At this
point, when enabled, this feature enables the SA and NSP GPI encodings
by setting the corresponding bits in GPCCR_EL3.

Change-Id: I54152fbb3d19b176264e5d16acbcc866725dc290
Signed-off-by: John Powell <john.powell@arm.com>
Signed-off-by: Timothy Hayes <timothy.hayes@arm.com>

show more ...

fix(cpufeat): extend FEAT_EBEP handling to delegate PMU control to EL2

Currently, the FEAT_EBEP feature presence check is only used for UNDEF
injection into lower ELs. However, this feature also aff

fix(cpufeat): extend FEAT_EBEP handling to delegate PMU control to EL2

Currently, the FEAT_EBEP feature presence check is only used for UNDEF
injection into lower ELs. However, this feature also affects the access
behavior of MDCR_EL2. Specifically, if the PMEE bits in MDCR_EL3 are not
set to 0b01, then the MDCR_EL2.PMEE bits cannot be configured by EL2.

This patch extends the use of FEAT_EBEP to delegate PMU IRQ and
profiling exception control to EL2 by setting MDCR_EL3.PMEE = 0b01.This
ensures that lower ELs can manage PMU configuration.

Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ib7e1d5c72f017b8ffc2131fc57309dd9d811c973

show more ...

Merge changes from topic "little-build-fixes" into integration

* changes:
fix(build): don't rely on Event Log build tree
fix(build): link Event Log library directly
fix(build): scan symbols un

Merge changes from topic "little-build-fixes" into integration

* changes:
fix(build): don't rely on Event Log build tree
fix(build): link Event Log library directly
fix(build): scan symbols until all are resolved
fix(build): add include directory dependencies

show more ...

Merge changes Ie8453359,Icd58a49c into integration

* changes:
docs: deprecate SPM_MM build option
docs: deprecate NS_TIMER_SWITCH build option

Merge changes from topic "fix-compiler-wrappers" into integration

* changes:
fix(build): fix compiler wrapper detection
feat(build): update `shell-map` to also pass indices

fix(build): scan symbols until all are resolved

This small change ensures that unresolved references between object
files are resolved regardless of the order that they are provided to the
linker. T

fix(build): scan symbols until all are resolved

This small change ensures that unresolved references between object
files are resolved regardless of the order that they are provided to the
linker. This is beneficial for us, because it allows us to append
libraries to variables like `BLx_LIBS` without concern for ordering.

No update is necessary for armlink, which already implements this
behaviour by default.

Change-Id: I2fd2aa04f5911a1d45162c065dfe2a5049b5b14f
Signed-off-by: Chris Kay <chris.kay@arm.com>

show more ...

fix(build): add include directory dependencies

The bootloader images and their sources are missing dependencies on
their include directories. This can trigger errors and/or race
conditions when a ta

fix(build): add include directory dependencies

The bootloader images and their sources are missing dependencies on
their include directories. This can trigger errors and/or race
conditions when a target is dependent on generated headers.

Change-Id: I71a65669aa0107445d5dda1bd237b87c99c9c8fd
Signed-off-by: Chris Kay <chris.kay@arm.com>

show more ...

docs: deprecate SPM_MM build option

Following the ML post [1] deprecating the SPM-MM build option.

[1] https://lists.trustedfirmware.org/archives/list/tf-a@lists.trustedfirmware.org/thread/Z6GAD7OG

docs: deprecate SPM_MM build option

Following the ML post [1] deprecating the SPM-MM build option.

[1] https://lists.trustedfirmware.org/archives/list/tf-a@lists.trustedfirmware.org/thread/Z6GAD7OGKNDPNKECJ63HQZ4XEYUJXTNM/

Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: Ie845335989a6b11382ebe2f32962f534ad1bf8c6

show more ...

fix(build): fix compiler wrapper detection

A late change in the recently-merged compiler wrapper detection change
stack introduced two issues:

Firstly, the `irange` function - a dependency of the c

fix(build): fix compiler wrapper detection

A late change in the recently-merged compiler wrapper detection change
stack introduced two issues:

Firstly, the `irange` function - a dependency of the compiler wrapper
detection implementation - was taken out of the change stack, which
meant uses of it evaluated to empty.

Secondly, the shell command used by the `shell-slice` function was
replaced with an alternative implementation which incorrectly sliced the
shell words inclusively rather than exclusively.

This change resolves the issues caused by these changes by replacing the
use of the `irange` function with `shell-map`, and by ensuring that the
`shell-slice` function correctly uses an exclusive end value.

Change-Id: Ic6ef007d3a3c5da1152775634fbeb5fc6ccd41d8
Signed-off-by: Chris Kay <chris.kay@arm.com>

show more ...

feat(build): update `shell-map` to also pass indices

This small change updates the `shell-map` function to also provide the
word index to the map function.

Change-Id: I636dcdb9945681208b9b64a7532a3

feat(build): update `shell-map` to also pass indices

This small change updates the `shell-map` function to also provide the
word index to the map function.

Change-Id: I636dcdb9945681208b9b64a7532a31f6130ac500
Signed-off-by: Chris Kay <chris.kay@arm.com>

show more ...

fix(security): add clrbhb support

TF-A mitigates spectre-bhb(CVE-2022-23960) issue with loop
workaround based on - https://developer.arm.com/documentation/110280/latest/

On platforms that support `

fix(security): add clrbhb support

TF-A mitigates spectre-bhb(CVE-2022-23960) issue with loop
workaround based on - https://developer.arm.com/documentation/110280/latest/

On platforms that support `clrbhb` instruction it is recommended to
use `clrbhb` instruction instead of the loop workaround.

Ref- https://developer.arm.com/documentation/102898/0108/

Change-Id: Ie6e56e96378503456a1617d5e5d51bc64c2e0f0b
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

Merge changes from topic "ck/tf-a/cmake-cc-fix" into integration

* changes:
fix(build): forward compiler launcher to CMake
fix(build): force CMake to cross-compile
fix(build): correctly forwar

Merge changes from topic "ck/tf-a/cmake-cc-fix" into integration

* changes:
fix(build): forward compiler launcher to CMake
fix(build): force CMake to cross-compile
fix(build): correctly forward C compiler to CMake
feat(build): add helpers for managing compiler launchers
refactor(build): track toolchain tool origin
refactor(build): unify toolchain derivation

show more ...

Merge changes from topic "comp_build_macro" into integration

* changes:
feat(build): setting CRYPTO_LIB via CRYPTO_SUPPORT
feat(build): set CRYPTO_SUPPORT macro per BL
feat(build): create defi

Merge changes from topic "comp_build_macro" into integration

* changes:
feat(build): setting CRYPTO_LIB via CRYPTO_SUPPORT
feat(build): set CRYPTO_SUPPORT macro per BL
feat(build): create define macro to be used by BL

show more ...

feat(build): add helpers for managing compiler launchers

With the introduction of the Event Log library, we now need to forward
some of our toolchain information to CMake. However, CMake always trea

feat(build): add helpers for managing compiler launchers

With the introduction of the Event Log library, we now need to forward
some of our toolchain information to CMake. However, CMake always treats
the first shell word in `CC` as the path to the compiler, which is
problematic for users of compiler launchers like `ccache`.

This change introduces some additional heuristics to the toolchain
interface to detect compiler launchers and isolate their arguments from
the underlying compiler command, which can then be forwarded separately
to CMake.

Change-Id: I783833c523380b989bbac05b57503bc76881f6a4
Signed-off-by: Chris Kay <chris.kay@arm.com>

show more ...

refactor(build): track toolchain tool origin

If a toolchain tool cannot be identified, the warning now includes a
report describing whether the program was given by a user-specified
parameter, the C

refactor(build): track toolchain tool origin

If a toolchain tool cannot be identified, the warning now includes a
report describing whether the program was given by a user-specified
parameter, the C compiler, or a default value.

Change-Id: Ic71ad33d3123f17433a3c176a93310b39bfa5fff
Signed-off-by: Chris Kay <chris.kay@arm.com>

show more ...

refactor(build): unify toolchain derivation

At the moment, the process we go through to derive the value for the
toolchain tool variables is fairly complicated and not particularly
consistent. This

refactor(build): unify toolchain derivation

At the moment, the process we go through to derive the value for the
toolchain tool variables is fairly complicated and not particularly
consistent. This change brings the three mechanisms we support into
alignment in terms of their inputs and outputs via three helpers:

- `toolchain-from-parameter`: load the command from its parameter
- `toolchain-from-cc`: load the command from its C compiler
- `toolchain-from-default`: load the command from its built-in defaults

These functions take a toolchain identifier and a tool class identifer,
and return either a program name/path or a shell command. Sanitisation
is then done inside `toolchain-determine-tool`, which now makes a
stronger guarantee that the toolchain tools are correctly escaped for
the shell.

Change-Id: I3ce73134824e805e8ee47a119c982e7fe4923fae
Signed-off-by: Chris Kay <chris.kay@arm.com>

show more ...

Merge changes from topic "ck/tf-a/shell-utilities" into integration

* changes:
feat(build): add shell program reference utility (`shell-program`)
feat(build): add shell word map utility (`shell-

Merge changes from topic "ck/tf-a/shell-utilities" into integration

* changes:
feat(build): add shell program reference utility (`shell-program`)
feat(build): add shell word map utility (`shell-map`)
feat(build): add shell fragment joining utility (`shell-join`)
feat(build): add shell fragment slicing utility (`shell-slice`)
feat(build): add shell fragment length utility (`shell-words`)
feat(build): add shell word extraction utility (`shell-word`)
feat(build): add shell quoting utility (`shell-quote`)
feat(build): add temporary variable binding utility (`with`)

show more ...