fix(plat/tc0): enable AMU extension

Recent changes to enable SVE for the secure world have disabled AMU
extension by default in the reset value of CPTR_EL3 register. So the
platform has to enable th

fix(plat/tc0): enable AMU extension

Recent changes to enable SVE for the secure world have disabled AMU
extension by default in the reset value of CPTR_EL3 register. So the
platform has to enable this extension explicitly.

Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Change-Id: I7d930d96ec22d7c3db961411370564bece0ce272

show more ...

feat: disabling non volatile counters in diphda

At this stage of development Non Volatile counters are not implemented
in the Diphda platform.

This commit disables their use during the Trusted Boar

feat: disabling non volatile counters in diphda

At this stage of development Non Volatile counters are not implemented
in the Diphda platform.

This commit disables their use during the Trusted Board Boot by
overriding the NV counters get/set functions.

Change-Id: I8dcbebe0281cc4d0837c283ff637e20b850988ef
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>

show more ...

feat: adding the diphda platform

This commit enables trusted-firmware-a with Trusted Board Boot support
for the Diphda 64-bit platform.

Diphda uses a FIP image located in the flash. The FIP contain

feat: adding the diphda platform

This commit enables trusted-firmware-a with Trusted Board Boot support
for the Diphda 64-bit platform.

Diphda uses a FIP image located in the flash. The FIP contains the
following components:

- BL2
- BL31
- BL32
- BL32 SPMC manifest
- BL33
- The TBB certificates

The board boot relies on CoT (chain of trust). The trusted-firmware-a
BL2 is extracted from the FIP and verified by the Secure Enclave
processor. BL2 verification relies on the signature area at the
beginning of the BL2 image. This area is needed by the SecureEnclave
bootloader.

Then, the application processor is released from reset and starts by
executing BL2.

BL2 performs the actions described in the trusted-firmware-a TBB design
document.

Signed-off-by: Rui Miguel Silva <rui.silva@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Change-Id: Iddb1cb9c2a0324a9635e23821c210ac81dfc305d

show more ...

feat(ff-a): change manifest messaging method

Align documentation with changes of messaging method for partition
manifest:
- Bit[0]: support for receiving direct message requests
- Bit[1]

feat(ff-a): change manifest messaging method

Align documentation with changes of messaging method for partition
manifest:
- Bit[0]: support for receiving direct message requests
- Bit[1]: support for sending direct messages
- Bit[2]: support for indirect messaging
- Bit[3]: support for managed exit
Change the optee_sp_manifest to align with the new messaging method
description.

Signed-off-by: Maksims Svecovs <maksims.svecovs@arm.com>
Change-Id: I333e82c546c03698c95f0c77293018f8dca5ba9c

show more ...

refactor(plat/arm): use mmio* functions to read/write NVFLAGS registers

Used mmio* functions to read/write NVFLAGS registers to avoid
possibile reordering of instructions by compiler.

Change-Id: Ia

refactor(plat/arm): use mmio* functions to read/write NVFLAGS registers

Used mmio* functions to read/write NVFLAGS registers to avoid
possibile reordering of instructions by compiler.

Change-Id: Iae50ac30e5413259cf8554f0fff47512ad83b0fd
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

refactor(plat/arm): mark the flash region as read-only

In the FVP platform, BL1 uses flash only for read purpose
hence marked this flash region as read-only.

Change-Id: I3b57130fd4f3b4df522ac075f66

refactor(plat/arm): mark the flash region as read-only

In the FVP platform, BL1 uses flash only for read purpose
hence marked this flash region as read-only.

Change-Id: I3b57130fd4f3b4df522ac075f66e9799f237ebb7
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

refactor(plat/arm): update NV flags on image load/authentication failure

Erasing the FIP TOC header present in a flash is replaced by updating NV
flags with an error code on image load/authenticatio

refactor(plat/arm): update NV flags on image load/authentication failure

Erasing the FIP TOC header present in a flash is replaced by updating NV
flags with an error code on image load/authentication failure.
BL1 component uses these NV flags to detect whether a firmware update is
needed or not.
These NV flags get cleared once the firmware update gets completed.

Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I6232a0db07c89b2373b7b9d28acd37df6203d914

show more ...

Merge changes from topic "sb/measured-boot" into integration

* changes:
refactor(plat/fvp): tidy up list of images to measure
docs: explain Measured Boot dependency on Trusted Boot

Merge "feat(spm): add Ivy partition to tb fw config" into integration

feat(spm): add Ivy partition to tb fw config

The partition layout description JSON file generated by TF-A tests
declares a fourth test partition called Ivy demonstrating the
implementation of a S-EL

feat(spm): add Ivy partition to tb fw config

The partition layout description JSON file generated by TF-A tests
declares a fourth test partition called Ivy demonstrating the
implementation of a S-EL0 partition supported by a S-EL1 shim.

Change-Id: If8562acfc045d6496dfdb3df0524b3a069357f8e
Signed-off-by: Daniel Boulby <daniel.boulby@arm.com>
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>

show more ...

Merge "feat(plat/arm): enable PIE when RESET_TO_SP_MIN=1" into integration

refactor(plat/fvp): tidy up list of images to measure

We don't ever expect to load a binary with an STM32 header on the Arm
FVP platform so remove this type of image from the list of
measurements.

refactor(plat/fvp): tidy up list of images to measure

We don't ever expect to load a binary with an STM32 header on the Arm
FVP platform so remove this type of image from the list of
measurements.

Also remove the GPT image type from the list, as it does not get
measured. GPT is a container, just like FIP is. We don't measure the FIP
but rather the images inside it. It would seem logical to treat GPT the
same way.

Besides, only images that get loaded through load_auth_image() get
measured right now. GPT processing happens before that and is handled in
a different way (see partition_init()).

Change-Id: Iac4de75380ed625b228e69ee4564cf9e67e19336
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>

show more ...

feat(plat/arm): enable PIE when RESET_TO_SP_MIN=1

For Arm platforms PIE is enabled when RESET_TO_BL31=1 in aarch64 mode on
the similar lines enable PIE when RESET_TO_SP_MIN=1 in aarch32 mode.
The un

feat(plat/arm): enable PIE when RESET_TO_SP_MIN=1

For Arm platforms PIE is enabled when RESET_TO_BL31=1 in aarch64 mode on
the similar lines enable PIE when RESET_TO_SP_MIN=1 in aarch32 mode.
The underlying changes for enabling PIE in aarch32 is submitted in
commit 4324a14bf

Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ib8bb860198b3f97cdc91005503a3184d63e15469

show more ...

fix(tc0): set cactus-tertiary vcpu count to 1

Third instance of cactus is a UP SP. Set its vcpu count to 1.

Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Change-Id: I34b7feb2

fix(tc0): set cactus-tertiary vcpu count to 1

Third instance of cactus is a UP SP. Set its vcpu count to 1.

Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Change-Id: I34b7feb2915e6d335e690e89dea466e75944ed1b

show more ...

fix(tc0): change UUID to string format

Change OP-TEE, Cactus SPs UUID to string format

Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Change-Id: I32dbf40e4c5aa959bb92d3e853072

fix(tc0): change UUID to string format

Change OP-TEE, Cactus SPs UUID to string format

Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Change-Id: I32dbf40e4c5aa959bb92d3e853072aea63409ddc

show more ...

Merge changes from topic "soc_id" into integration

* changes:
refactor(plat/nvidia): use SOC_ID defines
refactor(plat/mediatek): use SOC_ID defines
refactor(plat/arm): use SOC_ID defines
fea

Merge changes from topic "soc_id" into integration

* changes:
refactor(plat/nvidia): use SOC_ID defines
refactor(plat/mediatek): use SOC_ID defines
refactor(plat/arm): use SOC_ID defines
feat(plat/st): implement platform functions for SMCCC_ARCH_SOC_ID
refactor(plat/st): export functions to get SoC information
feat(smccc): add bit definition for SMCCC_ARCH_SOC_ID

show more ...

Merge changes from topic "od/cleanup-changes" into integration

* changes:
perf(spmd): omit sel1 context save if sel2 present
fix(fvp): spmc optee manifest remove SMC allowlist
fix: random typo

Merge changes from topic "od/cleanup-changes" into integration

* changes:
perf(spmd): omit sel1 context save if sel2 present
fix(fvp): spmc optee manifest remove SMC allowlist
fix: random typos in tf-a code base

show more ...

fix(fvp): spmc optee manifest remove SMC allowlist

Fix a remainder from early prototyping. OP-TEE as a secure partition
does not need specific SMC function id pass through to EL3.

Signed-off-by: Ol

fix(fvp): spmc optee manifest remove SMC allowlist

Fix a remainder from early prototyping. OP-TEE as a secure partition
does not need specific SMC function id pass through to EL3.

Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I2843d1b9a5eb4c966f82790e1655fb569c2de7d4

show more ...

fix(plat/arm): correct UUID strings in FVP DT

The UUID strings used in FW_CONFIG DT are not aligned with UUIDs defined
in include/tools_share/firmware_image_package.h for BL32_EXTRA1 and
TRUSTED_KEY

fix(plat/arm): correct UUID strings in FVP DT

The UUID strings used in FW_CONFIG DT are not aligned with UUIDs defined
in include/tools_share/firmware_image_package.h for BL32_EXTRA1 and
TRUSTED_KEY_CERT.

Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: I517f8f9311585931f2cb931e0588414da449b694

show more ...

Merge "feat(tc0): add support for trusted services" into integration

Merge "fix: rename Matterhorn, Matterhorn ELP, and Klein CPUs" into integration

fix: rename Matterhorn, Matterhorn ELP, and Klein CPUs

This patch renames the Matterhorn, Matterhorn ELP, and Klein CPUs to
Cortex A710, Cortex X2, and Cortex A510 respectively.

Signed-off-by: John

fix: rename Matterhorn, Matterhorn ELP, and Klein CPUs

This patch renames the Matterhorn, Matterhorn ELP, and Klein CPUs to
Cortex A710, Cortex X2, and Cortex A510 respectively.

Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: I056d3114210db71c2840a24562b51caf2546e195

show more ...

refactor(plat/arm): use SOC_ID defines

Use the macros that are now defined in include/lib/smccc.h.

Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: I688a76277b729672835d51fafb68d1d

refactor(plat/arm): use SOC_ID defines

Use the macros that are now defined in include/lib/smccc.h.

Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: I688a76277b729672835d51fafb68d1d6205b6ae4

show more ...

Merge "feat(plat/sgi): enable AMU for RD-V1-MC" into integration

refactor(juno): disable non-invasive debug of secure state

Disable non-invasive debug of secure state for Juno
in release builds. This makes sure that PMU counts
only Non-secure events.

Signed-off-

refactor(juno): disable non-invasive debug of secure state

Disable non-invasive debug of secure state for Juno
in release builds. This makes sure that PMU counts
only Non-secure events.

Signed-off-by: Zelalem Aweke <zelalem.aweke@arm.com>
Change-Id: I0d1c3f96f3b4e48360a7211ae55851d65d291025

show more ...