Merge changes I8d332dbe,I9d30b6f9,I2fd7eece,Ibcd65f39,I86cc5e97 into integration

* changes:
feat(bl2): support RESET_TO_BL2 and ENABLE_RME
fix(build): fix BL2_CPPFLAGS when ENABLE_RME is set
f

Merge changes I8d332dbe,I9d30b6f9,I2fd7eece,Ibcd65f39,I86cc5e97 into integration

* changes:
feat(bl2): support RESET_TO_BL2 and ENABLE_RME
fix(build): fix BL2_CPPFLAGS when ENABLE_RME is set
fix(fvp): increase resident text size of BL2
fix(arm): support FCONF when TRANSFER_LIST and RESET_BL2 is set
fix(arm): update next image's ep info with the FW config address

show more ...

feat(bl2): support RESET_TO_BL2 and ENABLE_RME

When RSE is used as the root of trust along with CPU that supports RME
there is a need to enable both RESET_TO_BL2 and ENABLE_RME.

In current bl2_main

feat(bl2): support RESET_TO_BL2 and ENABLE_RME

When RSE is used as the root of trust along with CPU that supports RME
there is a need to enable both RESET_TO_BL2 and ENABLE_RME.

In current bl2_main there are two different code paths for RESET_BL2,
one handles BL2 running in EL1 and other for BL2 running in EL3.

When RME is enabled, BL2 always runs at EL3 but the current flow calls
bl2_early_platform_setup2, bl2_plat_arch_setup instead of
bl2_el3_early_platform_setup, bl2_el3_plat_arch_setup. Adding RME,
TRANSFER_LIST, ROMLIB support in bl2_el3_* helpers makes
arm_bl2_el3_setup.c almost identical to arm_bl2_setup.c.

This patch removes bl2_el3_plat helpers and related files. Now different
combinations of RESET_TO_BL2, ENABLE_RME are handled in common bl2_setup
routines in arm_bl2_setup.c. This helps to have common place to support
new features and build flags for BL2 irrespective of which EL the BL2
runs.

BREAKING-CHANGE: This patch also changes all existing platform files and
functions that use format bl2_el3_* to bl2_plat helpers. If any platform
or out-of-tree platforms that need to support running BL2 in EL1 or EL3
must now handle it in bl2_early_platform_setup2 and bl2_plat_arch_setup.

Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Change-Id: I8d332dbe2de1db3b69319496c8d04626cdcf4140

show more ...

fix(fvp): increase resident text size of BL2

Enabling new CPU library code like Venom requires to set build flags
HW_ASSISTED_COHERENCY=1 USE_COHERENT_MEM=0. When build along with
RESET_TO_BL=1 (BL2

fix(fvp): increase resident text size of BL2

Enabling new CPU library code like Venom requires to set build flags
HW_ASSISTED_COHERENCY=1 USE_COHERENT_MEM=0. When build along with
RESET_TO_BL=1 (BL2 in EL3 case) causes increase in resident text size
of BL2.

This is applicable in case of PLAT=fvp as it includes a lot of CPU_LIBS
and might not be the case of other platforms as it includes only
specific CPU libs.

Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Change-Id: I2fd7eecebd9a2bdcbdc9fbbf4cecc2d659740931

show more ...

fix(tc): add missing platform.h include

This include is required for plat_panic_handler.

Change-Id: Ifad8ff294c396929979969a0115866030342f1f5
Signed-off-by: Jackson Cooper-Driver <jackson.cooper-dr

fix(tc): add missing platform.h include

This include is required for plat_panic_handler.

Change-Id: Ifad8ff294c396929979969a0115866030342f1f5
Signed-off-by: Jackson Cooper-Driver <jackson.cooper-driver@arm.com>

show more ...

Merge changes I6deddab4,I432b05b2,I4af7371d,I2318ea4b into integration

* changes:
feat(rdv3): use SFCP PSA call instead of RSE comms
feat(tc): use SFCP PSA call instead of RSE comms
feat(tc):

Merge changes I6deddab4,I432b05b2,I4af7371d,I2318ea4b into integration

* changes:
feat(rdv3): use SFCP PSA call instead of RSE comms
feat(tc): use SFCP PSA call instead of RSE comms
feat(tc): add tc_sfcp.c
feat(sfcp): add SFCP stack and PSA call

show more ...

fix(arm): support FCONF when TRANSFER_LIST and RESET_BL2 is set

Enable reading HW_CONFIG device tree from transfer list entry when
RESET_BL2 is enabled.

Signed-off-by: Arunachalam Ganapathy <arunac

fix(arm): support FCONF when TRANSFER_LIST and RESET_BL2 is set

Enable reading HW_CONFIG device tree from transfer list entry when
RESET_BL2 is enabled.

Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Change-Id: Ibcd65f3946924670ede3ba354db5bc574c70b4be

show more ...

fix(arm): update next image's ep info with the FW config address

When RESET_TO_BL2=1 and ARM_FW_CONFIG_LOAD_ENABLE=1, BL2 loads FW_CONFIG
but it fails to update the next image entry point with FW co

fix(arm): update next image's ep info with the FW config address

When RESET_TO_BL2=1 and ARM_FW_CONFIG_LOAD_ENABLE=1, BL2 loads FW_CONFIG
but it fails to update the next image entry point with FW config
address.

This fix also enables populating HW_CONFIG from platform setup routines
in BL31.

Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Change-Id: I86cc5e97cfdb0f18be647b867b1e1d82d53cdafd

show more ...

Merge changes I2485d583,I1374c482,I07e29dbb,I949e6486 into integration

* changes:
feat(qemu): enable ENABLE_FEAT_RAS and ENABLE_FEAT_SB
feat(cpufeat): update FEAT_SB's FEAT_STATE_CHECKED status

Merge changes I2485d583,I1374c482,I07e29dbb,I949e6486 into integration

* changes:
feat(qemu): enable ENABLE_FEAT_RAS and ENABLE_FEAT_SB
feat(cpufeat): update FEAT_SB's FEAT_STATE_CHECKED status
feat(cpufeat): advertise support for FEAT_RASv2
feat(cpufeat): enable FEAT_RAS for FEAT_STATE_CHECKED again

show more ...

Merge "fix(arm): build fails on RESET_TO_BL2=1 and ARM_FW_CONFIG_LOAD_ENABLE=1" into integration

feat(rdv3): use SFCP PSA call instead of RSE comms

In a similar manner to the TC platform, add the SFCP platform
definitions for RDV3. SFCP is then used instead of RSE comms for making
PSA calls int

feat(rdv3): use SFCP PSA call instead of RSE comms

In a similar manner to the TC platform, add the SFCP platform
definitions for RDV3. SFCP is then used instead of RSE comms for making
PSA calls into the RSE.

Change-Id: I6deddab452026ba24bd2462bcf2f11846af6f80b
Signed-off-by: Jackson Cooper-Driver <jackson.cooper-driver@arm.com>

show more ...

feat(tc): use SFCP PSA call instead of RSE comms

Add the platform specific implementation for SFCP (the implementation of
the functions in sfcp_platform.h). This includes functions which specify
the

feat(tc): use SFCP PSA call instead of RSE comms

Add the platform specific implementation for SFCP (the implementation of
the functions in sfcp_platform.h). This includes functions which specify
the device structures and also the routing tables.

Note that, because initially the SFCP stack is only used to make PSA
calls to the RSE, routing is only implemented for the TF-A <-> RSE
nodes. The only MHU devices defined in the SFCP platform implementation
are for this link and all other routes, as defined in the routing table,
as invalid.

This patch also removes compilation of RSE comms in favour of SFCP for
TC.

Change-Id: I432b05b2955c790c4a5ecff04764605c6ff0ceea
Signed-off-by: Jackson Cooper-Driver <jackson.cooper-driver@arm.com>

show more ...

feat(tc): add tc_sfcp.c

Add the SFCP platform configuration file for TC. This file defines the
functions in declared in sfcp_platform.h; these are used in
sfcp_link_hal.c.

Note that these functions

feat(tc): add tc_sfcp.c

Add the SFCP platform configuration file for TC. This file defines the
functions in declared in sfcp_platform.h; these are used in
sfcp_link_hal.c.

Note that these functions are expected to be implemented by any TF-A
platform which makes use of the SFCP library, they define the underlying
device driver structures and the routing layout of the platform.

Change-Id: I4af7371decd1faabbd0ed7bc186339668a0c6b1a
Signed-off-by: Jackson Cooper-Driver <jackson.cooper-driver@arm.com>

show more ...

feat(cpufeat): update FEAT_SB's FEAT_STATE_CHECKED status

FEAT_SB is mostly FEAT_STATE_CHECKED enabled but that is not apparent
from docs and code's check is sub-optimal. Update docs to make this
ap

feat(cpufeat): update FEAT_SB's FEAT_STATE_CHECKED status

FEAT_SB is mostly FEAT_STATE_CHECKED enabled but that is not apparent
from docs and code's check is sub-optimal. Update docs to make this
apparent and update code to have a proper FEAT_STATE_CHECKED fallback.

Also enable it for FVP so it's tested a bit more.

Change-Id: I1374c4828b235ad16904f6c4ac9e39b9c2596a37
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>

show more ...

feat(cpufeat): enable FEAT_RAS for FEAT_STATE_CHECKED again

FEAT_RAS was originally converted to FEAT_STATE_CHECKED in 6503ff291.
However, the ability to use it was removed with 970a4a8d8 by simply

feat(cpufeat): enable FEAT_RAS for FEAT_STATE_CHECKED again

FEAT_RAS was originally converted to FEAT_STATE_CHECKED in 6503ff291.
However, the ability to use it was removed with 970a4a8d8 by simply
saying it impacts execution at EL3. That's true, but FEAT_STATE_CHECKED
can still be allowed by being a bit clever about it.

First, the remainder of common code can be converted to use the
is_feat_ras_supported() helper instead of the `#if FEATURE` pattern.
There are no corner cases to consider there. The feature is either
present (and appropriate action must be taken) or the feature is not (so
we can skip RAS code).

A conscious choice is taken to check the RAS code in synchronize_errors
despite it being in a hot path. Any fixed platform that seeks to be
performant should be setting features to 0 or 1. Then, the
SCTLR_EL3.IESB bit is always set if ENABLE_FEAT_RAS != 0 since we expect
FEAT_IESB to be present if FEAT_RAS is (despite the architecture not
guaranteeing it). If FEAT_RAS isn't present then we don't particularly
care about the status of FEAT_IESB.

Second, platforms that don't set ENABLE_FEAT_RAS must continue to work.
This is true out of the box with the is_feat_xyz_supported() helpers, as
they make sure to fully disable code within them.

Third, platforms that do set ENABLE_FEAT_RAS=1 must continue to work.
This is also true out of the box and no logical change is undertaken in
common code.

Finally, ENABLE_FEAT_RAS is set to 2 on FVP. Having RAS implies that the
whole handling machinery will be built-in and registered as appropriate.
However, when RAS is built-in but not present in hardware, these
registrations can still happen, they will only never be invoked at
runtime.

Change-Id: I949e648601dc0951ef9c2b217f34136b6ea4b3dc
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>

show more ...

feat(cpus): add support for Rosillo cpu

Add basic CPU library code to support Rosillo CPU

Change-Id: I0e11e511511562297e4dccd2745842ebcfa2bff4
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

fix(arm): build fails on RESET_TO_BL2=1 and ARM_FW_CONFIG_LOAD_ENABLE=1

Use ARM_FW_CONFIG_BASE and ARM_FW_CONFIG_MAX_SIZE instead of platform
macros PLAT_FW_CONFIG_BASE and PLAT_FW_CONFIG_MAX_SIZE w

fix(arm): build fails on RESET_TO_BL2=1 and ARM_FW_CONFIG_LOAD_ENABLE=1

Use ARM_FW_CONFIG_BASE and ARM_FW_CONFIG_MAX_SIZE instead of platform
macros PLAT_FW_CONFIG_BASE and PLAT_FW_CONFIG_MAX_SIZE when
RESET_TO_BL2 and ARM_FW_CONFIG_LOAD_ENABLE are set to 1.

Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Change-Id: I0848852250eba5a3328e25cbea4fff413f344327

show more ...

feat(rdaspen/ras): dump the CPER buffer contents

Print the contents of the buffer to verify the fields set.

Change-Id: Ibb0683c99eed17d40ed5ce410fe19fab7e6bb9e6
Signed-off-by: Sanjana Virupakshagou

feat(rdaspen/ras): dump the CPER buffer contents

Print the contents of the buffer to verify the fields set.

Change-Id: Ibb0683c99eed17d40ed5ce410fe19fab7e6bb9e6
Signed-off-by: Sanjana Virupakshagouda <sanjana.virupakshagouda@arm.com>
Signed-off-by: Ahmed Tiba <ahmed.tiba@arm.com>

show more ...

feat(rdaspen/ras): generate CPER at TF-A EL3

Generate CPER buffer at TF-A EL3, that emits the error data,
when there is a CPU RAS error in the system.

The CPER record consists of:
ESB Header
ESB Da

feat(rdaspen/ras): generate CPER at TF-A EL3

Generate CPER buffer at TF-A EL3, that emits the error data,
when there is a CPU RAS error in the system.

The CPER record consists of:
ESB Header
ESB Data Entry
CPER CPU Error Section
- Arm Processor Error Record
- Arm Processor Error Information
- Arm Processor Context Information

Change-Id: I7e9703a69edec15cbb6f0522333700bb8d7007bf
Signed-off-by: Sanjana Virupakshagouda <sanjana.virupakshagouda@arm.com>
Signed-off-by: Ahmed Tiba <ahmed.tiba@arm.com>

show more ...

feat(rdaspen/ras): add DT buffer and IRQ setup

Added node to map reserved memory for CPER.
Interrupt set from TF-A for RAS error notification.

Change-Id: Id7e296772275cdf76c81d8d62294b0bce94bbf57
S

feat(rdaspen/ras): add DT buffer and IRQ setup

Added node to map reserved memory for CPER.
Interrupt set from TF-A for RAS error notification.

Change-Id: Id7e296772275cdf76c81d8d62294b0bce94bbf57
Signed-off-by: Sanjana Virupakshagouda <sanjana.virupakshagouda@arm.com>

show more ...

feat(rdaspen): event handler for CPU RAS

This patch introduces assembly helpers for cleaning CPU
RAS, and introduces a way to deassert FAULT IRQ generated
from CE injection.

This also enables all i

feat(rdaspen): event handler for CPU RAS

This patch introduces assembly helpers for cleaning CPU
RAS, and introduces a way to deassert FAULT IRQ generated
from CE injection.

This also enables all inband errors to be handled on AP according
to a CPU RAS event handler:

- Skips spurious entries – returns early when
`ERXSTATUS.{V|CE}` is already clear, disposing of queued phantom
interrupts.

- Clears the error record – rewrites `ERXSTATUS_EL1`, zeros
`ERXMISC0`, `PFG_CTL`, and `PFG_CDN`, then logs the post clear state
for firmware trace.

Inband errors only consist of:
- Corrected Errors
- Deferred Errors

- Change the RAS CPU intr handler logs from VERBOSE to WARN.

Change-Id: I7eb8fecb42095551f51c9d1c5752775f1b577970
Signed-off-by: Ahmed Azeem <ahmed.azeem@arm.com>
Signed-off-by: Ahmed Tiba <ahmed.tiba@arm.com>

show more ...

feat(rdaspen/ras): intr RAS handling for PC CPU

This introduces and enables the RAS framework and enables
the RAS for CPU handling.

This commit ensures that RAS settings are initialized on
all CPU

feat(rdaspen/ras): intr RAS handling for PC CPU

This introduces and enables the RAS framework and enables
the RAS for CPU handling.

This commit ensures that RAS settings are initialized on
all CPU cores during the firmware boot stage. Previously,
the initialization for RAS processing was only done on
the primary CPU core.

This also introduces a custom bl31_platform_setup to
allow RAS specific intialisations.

Change-Id: Ia3258aed63b8994c53ec8cc49bd27d0d907e218e
Signed-off-by: Ahmed Azeem <ahmed.azeem@arm.com>
Signed-off-by: Ahmed Tiba <ahmed.tiba@arm.com>

show more ...

fix(build): use ARM_ARCH_FEATURE instead of -march directly

The -march compiler flag is owned by make_helpers/march.mk and its
output is controlled by ARM_ARCH_MAJOR, ARM_ARCH_MINOR, and
ARM_ARCH_FE

fix(build): use ARM_ARCH_FEATURE instead of -march directly

The -march compiler flag is owned by make_helpers/march.mk and its
output is controlled by ARM_ARCH_MAJOR, ARM_ARCH_MINOR, and
ARM_ARCH_FEATURE. Setting -march directly can lead to unexpected results
when using the above flags and is generally not recommended within tfa.

This patch migrates all instances of -march=armv8-a+crc to
ARM_ARCH_FEATURE=crc. Arm platforms (via arm_common.mk) are checked and
those that support cores greater than arm8.1 do not get the flag as it
is automatically pulled in.

Change-Id: I846f97367eab9529524a2805d5b87d34cce2360f
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>

show more ...

fix(tc): configure mte addresses and sizes

- Use the carveout address specified by the MCN Top-level
design spec. The total size of the MTE carveout is 1/32 of
the available DRAM.
- MTE carveout

fix(tc): configure mte addresses and sizes

- Use the carveout address specified by the MCN Top-level
design spec. The total size of the MTE carveout is 1/32 of
the available DRAM.
- MTE carveout is not included when building FVP.
FVP's do not require a physical carveout to
emulate MTE, so we can save the memory.
- Add memory map diagrams to platform_def.h
- Tidy up existing memory map macros.

Change-Id: I4d31aa27e470344d4ed6469939331d0e2ced9d54
Signed-off-by: Ben Horgan <ben.horgan@arm.com>
Signed-off-by: Vishnu Satheesh <vishnu.satheesh@arm.com>
Signed-off-by: Jackson Cooper-Driver <jackson.cooper-driver@arm.com>
Signed-off-by: Ryan Everett <ryan.everett@arm.com>

show more ...

Merge "fix(juno): restrict measured boot to a single algo" into integration

fix(juno): restrict measured boot to a single algo

Juno is already quite space constrained. This makes enabling all
algorithms provided by Mbed-TLS by default a no-go. Similar to TC,
constrain the b

fix(juno): restrict measured boot to a single algo

Juno is already quite space constrained. This makes enabling all
algorithms provided by Mbed-TLS by default a no-go. Similar to TC,
constrain the board to a single algorithm when measured boot is enabled.

Change-Id: I848241b75a6c791c2bdfa42434de446c9e8c75de
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>

show more ...