Merge changes from topic "decouple-tb-mb" into integration

* changes:
refactor(renesas): disable CRYPTO_SUPPORT option
refactor(fvp): avoid Measured-Boot dependency on Trusted-Boot
refactor(me

Merge changes from topic "decouple-tb-mb" into integration

* changes:
refactor(renesas): disable CRYPTO_SUPPORT option
refactor(fvp): avoid Measured-Boot dependency on Trusted-Boot
refactor(measured-boot): avoid Measured-Boot dependency on Trusted-Boot
build: introduce CRYPTO_SUPPORT build option

show more ...

refactor(fvp): avoid Measured-Boot dependency on Trusted-Boot

As Measured-Boot and Trusted-Boot are orthogonal, removed
Trusted-Boot's dependency on Measured-Boot by allowing them
to apply the Crypt

refactor(fvp): avoid Measured-Boot dependency on Trusted-Boot

As Measured-Boot and Trusted-Boot are orthogonal, removed
Trusted-Boot's dependency on Measured-Boot by allowing them
to apply the Crypto module changes independently using the
CRYPTO_SUPPORT build flag.

Change-Id: I5a420e5d84f3fefe0c0092d822dab981e6390bbf
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

Merge changes from topic "za/feat_rme" into integration

* changes:
refactor(gpt): productize and refactor GPT library
feat(rme): disable Watchdog for Arm platforms if FEAT_RME enabled
docs(rme

Merge changes from topic "za/feat_rme" into integration

* changes:
refactor(gpt): productize and refactor GPT library
feat(rme): disable Watchdog for Arm platforms if FEAT_RME enabled
docs(rme): add build and run instructions for FEAT_RME
fix(plat/fvp): bump BL2 stack size
fix(plat/fvp): allow changing the kernel DTB load address
refactor(plat/arm): rename ARM_DTB_DRAM_NS region macros
refactor(plat/fvp): update FVP platform DTS for FEAT_RME
feat(plat/arm): add GPT initialization code for Arm platforms
feat(plat/fvp): add memory map for FVP platform for FEAT_RME
refactor(plat/arm): modify memory region attributes to account for FEAT_RME
feat(plat/fvp): add RMM image support for FVP platform
feat(rme): add GPT Library
feat(rme): add ENABLE_RME build option and support for RMM image
refactor(makefile): remove BL prefixes in build macros
feat(rme): add context management changes for FEAT_RME
feat(rme): add Test Realm Payload (TRP)
feat(rme): add RMM dispatcher (RMMD)
feat(rme): run BL2 in root world when FEAT_RME is enabled
feat(rme): add xlat table library changes for FEAT_RME
feat(rme): add Realm security state definition
feat(rme): add register definitions and helper functions for FEAT_RME

show more ...

feat(plat/fvp): add memory map for FVP platform for FEAT_RME

When FEAT_RME is enabled, memory is divided into four Physical
Address Spaces (PAS): Root, Realm, Secure and Non-secure.
This patch intro

feat(plat/fvp): add memory map for FVP platform for FEAT_RME

When FEAT_RME is enabled, memory is divided into four Physical
Address Spaces (PAS): Root, Realm, Secure and Non-secure.
This patch introduces new carveouts for the Trusted SRAM and DRAM
for the FVP platform accordingly.

The following new regions are introduced with this change:

ARM_MAP_L0_GPT_REGION: Trusted SRAM region used to store Level 0
Granule Protection Table (GPT). This region resides in the Root PAS.

ARM_MAP_GPT_L1_DRAM: DRAM region used to store Level 1 GPT. It
resides in the Root PAS.

ARM_MAP_RMM_DRAM: DRAM region used to store RMM image. It
resides in the Realm PAS.

The L0 GPT is stored on Trusted SRAM next to firmware configuration
memory. The DRAM carveout when RME is enable is modified as follow:

--------------------
| |
| AP TZC (~28MB) |
--------------------
| |
| REALM (32MB) |
--------------------
| |
| EL3 TZC (3MB) |
--------------------
| L1 GPT + SCP TZC |
| (~1MB) |
0xFFFF_FFFF --------------------

During initialization of the TrustZone controller, Root regions
are configured as Secure regions. Then they are later reconfigured
to Root upon GPT initialization.

Signed-off-by: Zelalem Aweke <zelalem.aweke@arm.com>
Change-Id: If2e257141d51f51f715b70d4a06f18af53607254

show more ...

feat(plat/fvp): add RMM image support for FVP platform

This patch adds the necessary changes needed to build
and load RMM image for the FVP platform. RMM image is
loaded by BL2 after BL32 (if BL32 e

feat(plat/fvp): add RMM image support for FVP platform

This patch adds the necessary changes needed to build
and load RMM image for the FVP platform. RMM image is
loaded by BL2 after BL32 (if BL32 exists) and before BL33.

Signed-off-by: Zelalem Aweke <zelalem.aweke@arm.com>
Change-Id: I1ac9eade84c2e35c7479a322ca1d090b4e626819

show more ...

Merge changes from topic "fwu-refactor" into integration

* changes:
refactor(plat/arm): use mmio* functions to read/write NVFLAGS registers
refactor(plat/arm): mark the flash region as read-only

Merge changes from topic "fwu-refactor" into integration

* changes:
refactor(plat/arm): use mmio* functions to read/write NVFLAGS registers
refactor(plat/arm): mark the flash region as read-only
refactor(plat/arm): update NV flags on image load/authentication failure

show more ...

refactor(plat/arm): mark the flash region as read-only

In the FVP platform, BL1 uses flash only for read purpose
hence marked this flash region as read-only.

Change-Id: I3b57130fd4f3b4df522ac075f66

refactor(plat/arm): mark the flash region as read-only

In the FVP platform, BL1 uses flash only for read purpose
hence marked this flash region as read-only.

Change-Id: I3b57130fd4f3b4df522ac075f66e9799f237ebb7
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

Merge changes from topic "soc_id" into integration

* changes:
refactor(plat/nvidia): use SOC_ID defines
refactor(plat/mediatek): use SOC_ID defines
refactor(plat/arm): use SOC_ID defines
fea

Merge changes from topic "soc_id" into integration

* changes:
refactor(plat/nvidia): use SOC_ID defines
refactor(plat/mediatek): use SOC_ID defines
refactor(plat/arm): use SOC_ID defines
feat(plat/st): implement platform functions for SMCCC_ARCH_SOC_ID
refactor(plat/st): export functions to get SoC information
feat(smccc): add bit definition for SMCCC_ARCH_SOC_ID

show more ...

refactor(plat/arm): use SOC_ID defines

Use the macros that are now defined in include/lib/smccc.h.

Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: I688a76277b729672835d51fafb68d1d

refactor(plat/arm): use SOC_ID defines

Use the macros that are now defined in include/lib/smccc.h.

Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: I688a76277b729672835d51fafb68d1d6205b6ae4

show more ...

Merge changes from topic "GIC-work" into integration

* changes:
plat/arm: fvp: Protect GICR frames for fused/unused cores
doc: Build option to protect GICR frame
plat/arm: fvp: Do not map GIC

Merge changes from topic "GIC-work" into integration

* changes:
plat/arm: fvp: Protect GICR frames for fused/unused cores
doc: Build option to protect GICR frame
plat/arm: fvp: Do not map GIC region in BL1 and BL2

show more ...

plat/arm: fvp: Protect GICR frames for fused/unused cores

Currently, BLs are mapping the GIC memory region as read-write
for all cores on boot-up.

This opens up the security hole where the active c

plat/arm: fvp: Protect GICR frames for fused/unused cores

Currently, BLs are mapping the GIC memory region as read-write
for all cores on boot-up.

This opens up the security hole where the active core can write
the GICR frame of fused/inactive core. To avoid this issue, disable
the GICR frame of all inactive cores as below:

1. After primary CPU boots up, map GICR region of all cores as
read-only.
2. After primary CPU boots up, map its GICR region as read-write
and initialize its redistributor interface.
3. After secondary CPU boots up, map its GICR region as read-write
and initialize its redistributor interface.
4. All unused/fused core's redistributor regions remain read-only and
write attempt to such protected regions results in an exception.

As mentioned above, this patch offers only the GICR memory-mapped
region protection considering there is no facility at the GIC IP
level to avoid writing the redistributor area.

These changes are currently done in BL31 of Arm FVP and guarded under
the flag 'FVP_GICR_REGION_PROTECTION'.

As of now, this patch is tested manually as below:
1. Disable the FVP cores (core 1, 2, 3) with core 0 as an active core.
2. Verify data abort triggered by manually updating the ‘GICR_CTLR’
register of core 1’s(fused) redistributor from core 0(active).

Change-Id: I86c99c7b41bae137b2011cf2ac17fad0a26e776d
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

plat/arm: fvp: Do not map GIC region in BL1 and BL2

GIC memory region is not getting used in BL1 and BL2.
Hence avoid its mapping in BL1 and BL2 that freed some
page table entries to map other memor

plat/arm: fvp: Do not map GIC region in BL1 and BL2

GIC memory region is not getting used in BL1 and BL2.
Hence avoid its mapping in BL1 and BL2 that freed some
page table entries to map other memory regions in the
future.

Retains mapping of CCN interconnect region in BL1 and BL2
overlapped with the GIC memory region.

Change-Id: I880dd0690f94b140e59e4ff0c0d436961b9cb0a7
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

Merge changes from topic "soc-id" into integration

* changes:
plat/arm: juno: Implement methods to retrieve soc-id information
plat/arm: fvp: Implement methods to retrieve soc-id information
p

Merge changes from topic "soc-id" into integration

* changes:
plat/arm: juno: Implement methods to retrieve soc-id information
plat/arm: fvp: Implement methods to retrieve soc-id information
plat/arm: remove common code for soc-id feature

show more ...

plat/arm: fvp: Implement methods to retrieve soc-id information

Implemented platform functions to retrieve the soc-id information
for FVP platform.

Change-Id: Id3df02ab290a210310e8d34ec9d706a59d817

plat/arm: fvp: Implement methods to retrieve soc-id information

Implemented platform functions to retrieve the soc-id information
for FVP platform.

Change-Id: Id3df02ab290a210310e8d34ec9d706a59d817517
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

Merge "plat/arm: Use common build flag for using generic sp804 driver" into integration

plat/arm: Use common build flag for using generic sp804 driver

SP804 TIMER is not platform specific, and current code base adds
multiple defines to use this driver. Like FVP_USE_SP804_TIMER and
FVP_

plat/arm: Use common build flag for using generic sp804 driver

SP804 TIMER is not platform specific, and current code base adds
multiple defines to use this driver. Like FVP_USE_SP804_TIMER and
FVP_VE_USE_SP804_TIMER.

This patch removes platform specific build flag and adds generic
flag `USE_SP804_TIMER` to be set to 1 by platform if needed.

Change-Id: I5ab792c189885fd1b98ddd187f3a38ebdd0baba2
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>

show more ...

Merge "spm-mm: fix MISRA C-2012 Rule 2.3 spm_mm_boot_info_t defined but never used." into integration

spm-mm: fix MISRA C-2012 Rule 2.3 spm_mm_boot_info_t defined but never used.

Following merge of patchset [1] the spm_mm_boot_info_t structure is
included in few platform files unconditionally even w

spm-mm: fix MISRA C-2012 Rule 2.3 spm_mm_boot_info_t defined but never used.

Following merge of patchset [1] the spm_mm_boot_info_t structure is
included in few platform files unconditionally even when SPM_MM option
is disabled.

[1] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/2647

Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I68bc034c9348b5d9bcfd2e5217b781df5ad1b369

show more ...

Merge "FVP: In BL31/SP_MIN, map only the needed DRAM region statically" into integration

FVP: In BL31/SP_MIN, map only the needed DRAM region statically

Rather than creating entry in plat_arm_mmap array to map the
entire DRAM region in BL31/SP_MIN, only map a smaller region holding
HW_C

FVP: In BL31/SP_MIN, map only the needed DRAM region statically

Rather than creating entry in plat_arm_mmap array to map the
entire DRAM region in BL31/SP_MIN, only map a smaller region holding
HW_CONFIG DTB. Consequently, an increase in number of sub-translation
tables(level-2 and level-3) i.e., MAX_XLAT_TABLES is necessary to map
the new region in memory.

In order to accommodate the increased code size in BL31 i.e.,
PROGBITS, the max size of BL31 image is increased by 0x1000(4K).

Change-Id: I540b8ee550588e22a3a9fb218183d2ab8061c851
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>

show more ...

Merge changes from topic "mp/enhanced_pal_hw" into integration

* changes:
plat/arm/fvp: populate pwr domain descriptor dynamically
fconf: Extract topology node properties from HW_CONFIG dtb
fc

Merge changes from topic "mp/enhanced_pal_hw" into integration

* changes:
plat/arm/fvp: populate pwr domain descriptor dynamically
fconf: Extract topology node properties from HW_CONFIG dtb
fconf: necessary modifications to support fconf in BL31 & SP_MIN
fconf: enhancements to firmware configuration framework

show more ...

fconf: necessary modifications to support fconf in BL31 & SP_MIN

Necessary infrastructure added to integrate fconf framework in BL31 & SP_MIN.
Created few populator() functions which parse HW_CONFIG

fconf: necessary modifications to support fconf in BL31 & SP_MIN

Necessary infrastructure added to integrate fconf framework in BL31 & SP_MIN.
Created few populator() functions which parse HW_CONFIG device tree
and registered them with fconf framework. Many of the changes are
only applicable for fvp platform.

This patch:
1. Adds necessary symbols and sections in BL31, SP_MIN linker script
2. Adds necessary memory map entry for translation in BL31, SP_MIN
3. Creates an abstraction layer for hardware configuration based on
fconf framework
4. Adds necessary changes to build flow (makefiles)
5. Minimal callback to read hw_config dtb for capturing properties
related to GIC(interrupt-controller node)
6. updates the fconf documentation

Change-Id: Ib6292071f674ef093962b9e8ba0d322b7bf919af
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>

show more ...

Merge changes from topic "spmd" into integration

* changes:
SPMD: enable SPM dispatcher support
SPMD: hook SPMD into standard services framework
SPMD: add SPM dispatcher based upon SPCI Beta 0

Merge changes from topic "spmd" into integration

* changes:
SPMD: enable SPM dispatcher support
SPMD: hook SPMD into standard services framework
SPMD: add SPM dispatcher based upon SPCI Beta 0 spec
SPMD: add support to run BL32 in TDRAM and BL31 in secure DRAM on Arm FVP
SPMD: add support for an example SPM core manifest
SPMD: add SPCI Beta 0 specification header file

show more ...

SPMD: add support to run BL32 in TDRAM and BL31 in secure DRAM on Arm FVP

This patch reserves and maps the Trusted DRAM for SPM core execution.
It also configures the TrustZone address space control

SPMD: add support to run BL32 in TDRAM and BL31 in secure DRAM on Arm FVP

This patch reserves and maps the Trusted DRAM for SPM core execution.
It also configures the TrustZone address space controller to run BL31
in secure DRAM.

Signed-off-by: Achin Gupta <achin.gupta@arm.com>
Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com>
Change-Id: I7e1bb3bbc61a0fec6a9cb595964ff553620c21dc

show more ...

Merge "debugfs: add SMC channel" into integration