Merge "feat(morello): implement methods to retrieve soc-id information" into integration

Merge "refactor(build): distinguish BL2 as TF-A entry point and BL2 running at EL3" into integration

refactor(build): distinguish BL2 as TF-A entry point and BL2 running at EL3

BL2_AT_EL3 is an overloaded macro which has two uses:
1. When BL2 is entry point into TF-A(no BL1)
2. When BL2 is runnin

refactor(build): distinguish BL2 as TF-A entry point and BL2 running at EL3

BL2_AT_EL3 is an overloaded macro which has two uses:
1. When BL2 is entry point into TF-A(no BL1)
2. When BL2 is running at EL3 exception level
These two scenarios are not exactly same even though first implicitly
means second to be true. To distinguish between these two use cases we
introduce new macros.
BL2_AT_EL3 is renamed to RESET_TO_BL2 to better convey both 1. and 2.
Additional macro BL2_RUNS_AT_EL3 is added to cover all scenarious where
BL2 runs at EL3 (including four world systems).

BREAKING CHANGE: BL2_AT_EL3 renamed to RESET_TO_BL2 across the
repository.

Change-Id: I477e1d0f843b44b799c216670e028fcb3509fb72
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Signed-off-by: Maksims Svecovs <maksims.svecovs@arm.com>

show more ...

feat(morello): implement methods to retrieve soc-id information

Added silicon revision in the platform information SDS structure.

Implemented platform functions to retrieve the soc-id information
f

feat(morello): implement methods to retrieve soc-id information

Added silicon revision in the platform information SDS structure.

Implemented platform functions to retrieve the soc-id information
for the morello SoC platform. SoC revision, which is same as
silicon revision, is fetched from the morello_plat_info structure
and SoC version is populated with the part number from SSC_VERSION
register, and is reflected in bits[0:15] of soc-id.

Signed-off-by: Chandni Cherukuri <chandni.cherukuri@arm.com>
Change-Id: I8e0c5b2bc21e393e6d638858cc2ea9f4638f04b9

show more ...

style: remove useless trailing semicolon and line continuations

found using checkpatch.pl[1]

[1]: https://review.coreboot.org/plugins/gitiles/coreboot/+/refs/heads/master/util/lint/checkpatch.pl

S

style: remove useless trailing semicolon and line continuations

found using checkpatch.pl[1]

[1]: https://review.coreboot.org/plugins/gitiles/coreboot/+/refs/heads/master/util/lint/checkpatch.pl

Signed-off-by: Elyes Haouas <ehaouas@noos.fr>
Change-Id: I7957c9694300fefb85d11f7819c43af95271f14c

show more ...

feat(fvp): copy the Event Log to TZC secured DRAM area

Copied the Event Log from internal SRAM to the TZC secured DRAM
reserved area. Also passed this Trusted DRAM address to OPTEE via
NT FW configu

feat(fvp): copy the Event Log to TZC secured DRAM area

Copied the Event Log from internal SRAM to the TZC secured DRAM
reserved area. Also passed this Trusted DRAM address to OPTEE via
NT FW configuration, and to SPMC via TOS FW configuration,
which is eventually used to extend PCR via fTPM application running
on top of OPTEE/SPMC.

Furthermore, this patch makes it easier to access Event Log in RME
enabled systems where Secure World firmware does not have access to
internal(Root) SRAM.

Change-Id: I005e9da1e6075511f412bdf4d8b541fa543df9ab
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

feat(arm): carveout DRAM1 area for Event Log

Reserved 4KB area for Event Log in DRAM1. This area is used by BL2
to copy Event Log from internal SRAM to this carved out DRAM region
in the subsequent

feat(arm): carveout DRAM1 area for Event Log

Reserved 4KB area for Event Log in DRAM1. This area is used by BL2
to copy Event Log from internal SRAM to this carved out DRAM region
in the subsequent patch.

Change-Id: I7b405775c66d249e31edf7688d95770e6c05c175
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

test(tc): test for AP/RSS NV counter interface

Change in PLATFORM_TEST build flag from boolean -> string, with the
current string options being tfm-testsuite and rss-nv-counters.

To get the old beh

test(tc): test for AP/RSS NV counter interface

Change in PLATFORM_TEST build flag from boolean -> string, with the
current string options being tfm-testsuite and rss-nv-counters.

To get the old behavior, i.e. where we used to use PLATFORM_TEST=1,
we now need to pass PLATFORM_TEST=tfm-testsuite.

Adding new test of the AP/RSS interface for non-volatile counters.
The test reads, increments, and reads again each 3 types of NV
counters for: CCA, secure, and non-secure firmware. Enabled by
PLATFORM_TEST=rss-nv-counters.

Change-Id: I2044cc9b2f37984697e0754c9c824eab51a11e7f
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Signed-off-by: Raef Coles <raef.coles@arm.com>

show more ...

fix(tc): change the FIP offset to 8 KiB boundary

* This change overrides the default PLAT_ARM_FIP_OFFSET_IN_GPT

* This aligns the FIP base in GPT image to the RSS ATU page size
boundary (8 KiB).

fix(tc): change the FIP offset to 8 KiB boundary

* This change overrides the default PLAT_ARM_FIP_OFFSET_IN_GPT

* This aligns the FIP base in GPT image to the RSS ATU page size
boundary (8 KiB). RSS XIP feature requires the FIP to be aligned to
the page size boundary. TC platform will require the XIP feature.

* The aligned FIP_A is starting at sector 48. Hence the offset will be
48*512 = 0x6000.

Signed-off-by: Tintu Thomas <tintu.thomas@arm.com>
Change-Id: I8135ecd4168231847c80151c33ef8353a1586b9a

show more ...

Merge "fix(rme): update sample platform attestation token" into integration

fix(pauth): make pauth_helpers linking generic

Pauth is a generic Arm feature that can be enabled on any platform that
implements it. It only needs a platform specific key generation hook. As
such,

fix(pauth): make pauth_helpers linking generic

Pauth is a generic Arm feature that can be enabled on any platform that
implements it. It only needs a platform specific key generation hook. As
such, the generic Pauth enablement can be included in the generic build.

Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Ibf32f79addab3515214594bb8d7168151b450f59

show more ...

Merge changes from topic "feat_state_part2" into integration

* changes:
refactor(trf): enable FEAT_TRF for FEAT_STATE_CHECKED
refactor(brbe): enable FEAT_BRBE for FEAT_STATE_CHECKED
refactor(t

Merge changes from topic "feat_state_part2" into integration

* changes:
refactor(trf): enable FEAT_TRF for FEAT_STATE_CHECKED
refactor(brbe): enable FEAT_BRBE for FEAT_STATE_CHECKED
refactor(trbe): enable FEAT_TRBE for FEAT_STATE_CHECKED
fix(cpufeat): context-switch: move FGT availability check to callers
feat(cpufeat): extend check_feature() to deal with min/max
refactor(cpufeat): wrap CPU ID register field isolation

show more ...

refactor(trf): enable FEAT_TRF for FEAT_STATE_CHECKED

At the moment we only support FEAT_TRF to be either unconditionally
compiled in, or to be not supported at all.

Add support for runtime detecti

refactor(trf): enable FEAT_TRF for FEAT_STATE_CHECKED

At the moment we only support FEAT_TRF to be either unconditionally
compiled in, or to be not supported at all.

Add support for runtime detection (ENABLE_TRF_FOR_NS=2), by splitting
is_feat_trf_present() into an ID register reading function and a second
function to report the support status. That function considers both
build time settings and runtime information (if needed), and is used
before we access TRF related registers.
Also move the context saving code from assembly to C, and use the new
is_feat_trf_supported() function to guard its execution.

The FVP platform decided to compile in support unconditionally (=1),
even though FEAT_TRF is an ARMv8.4 feature, so is not available with the
FVP model's default command line.
Change that to the now supported dynamic option (=2), so the right
decision can be made by the code at runtime.

Change-Id: Ia97b01adbe24970a4d837afd463dc5506b7295a3
Signed-off-by: Andre Przywara <andre.przywara@arm.com>

show more ...

refactor(brbe): enable FEAT_BRBE for FEAT_STATE_CHECKED

At the moment we only support FEAT_BRBE to be either unconditionally
compiled in, or to be not supported at all.

Add support for runtime dete

refactor(brbe): enable FEAT_BRBE for FEAT_STATE_CHECKED

At the moment we only support FEAT_BRBE to be either unconditionally
compiled in, or to be not supported at all.

Add support for runtime detection (ENABLE_BRBE_FOR_NS=2), by splitting
is_feat_brbe_present() into an ID register reading function and a second
function to report the support status. That function considers both
build time settings and runtime information (if needed), and is used
before we access BRBE related registers.

The FVP platform decided to compile in support unconditionally (=1),
even though FEAT_BRBE is an ARMv9 feature, so is not available with the
FVP model's default command line.
Change that to the now supported dynamic option (=2), so the right
decision can be made by the code at runtime.

Change-Id: I5f2e2c9648300f65f0fa9a5f8e2f34e73529d053
Signed-off-by: Andre Przywara <andre.przywara@arm.com>

show more ...

refactor(trbe): enable FEAT_TRBE for FEAT_STATE_CHECKED

At the moment we only support FEAT_TRBE to be either unconditionally
compiled in, or to be not supported at all.

Add support for runtime dete

refactor(trbe): enable FEAT_TRBE for FEAT_STATE_CHECKED

At the moment we only support FEAT_TRBE to be either unconditionally
compiled in, or to be not supported at all.

Add support for runtime detection (ENABLE_TRBE_FOR_NS=2), by splitting
is_feat_trbe_present() into an ID register reading function and a second
function to report the support status. That function considers both
build time settings and runtime information (if needed), and is used
before we access TRBE related registers.

The FVP platform decided to compile in support unconditionally (=1),
even though FEAT_TRBE is an ARMv9 feature, so is not available with the
FVP model's default command line.
Change that to the now supported dynamic option (=2), so the right
decision can be made by the code at runtime.

Change-Id: Iee7f88ea930119049543a8a4a105389997e7692c
Signed-off-by: Andre Przywara <andre.przywara@arm.com>

show more ...

Merge changes from topic "mbedtls3_support" into integration

* changes:
feat(stm32mp1): add mbedtls-3.3 support config
refactor(fvp): minor cleanup with TRUSTED_BOARD_BOOT
style(crypto): add b

Merge changes from topic "mbedtls3_support" into integration

* changes:
feat(stm32mp1): add mbedtls-3.3 support config
refactor(fvp): minor cleanup with TRUSTED_BOARD_BOOT
style(crypto): add braces for if statement
feat(fvp): increase BL1_RW and BL2 size
feat(mbedtls): add support for mbedtls-3.3
refactor(crypto): avoid using struct mbedtls_pk_rsassa_pss_options
refactor(mbedtls): avoid including MBEDTLS_CONFIG_FILE

show more ...

fix(rme): update sample platform attestation token

Update FVP platform attestation token to comply with RMM Beta0
specification. The changes are:
- change platform implementation id claim value from

fix(rme): update sample platform attestation token

Update FVP platform attestation token to comply with RMM Beta0
specification. The changes are:
- change platform implementation id claim value from 64 to 32 bits
- change Realm Challenge
- update Hash Algorithm Identifier claim value
- add protected header
- change signing algotithm to ECDSA ES384

Change-Id: I1c5907d1a4961ce08a1408d25128de125b3f2e7f
Signed-off-by: Mate Toth-Pal <mate.toth-pal@arm.com>

show more ...

Merge changes from topic "panic_cleanup" into integration

* changes:
refactor(bl31): use elx_panic for sysreg_handler64
refactor(aarch64): rename do_panic and el3_panic
refactor(aarch64): remo

Merge changes from topic "panic_cleanup" into integration

* changes:
refactor(bl31): use elx_panic for sysreg_handler64
refactor(aarch64): rename do_panic and el3_panic
refactor(aarch64): remove weak links to el3_panic
refactor(aarch64): refactor usage of elx_panic
refactor(aarch64): cleanup HANDLE_EA_EL3_FIRST_NS usage

show more ...

refactor(aarch64): rename do_panic and el3_panic

Current panic call invokes do_panic which calls el3_panic, but now panic
handles only panic from EL3 anid clear separation to use lower_el_panic()
wh

refactor(aarch64): rename do_panic and el3_panic

Current panic call invokes do_panic which calls el3_panic, but now panic
handles only panic from EL3 anid clear separation to use lower_el_panic()
which handles panic from lower ELs.

So now we can remove do_panic and just call el3_panic for all panics.

Change-Id: I739c69271b9fb15c1176050877a9b0c0394dc739
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

refactor(fvp): minor cleanup with TRUSTED_BOARD_BOOT

CRYPTO_SUPPORT is enabled by default when TRUSTED_BOARD_BOOT is
enabled so usage CRYPTO_SUPPORT in conjunction with TRUSTED_BOARD_BOOT
might some

refactor(fvp): minor cleanup with TRUSTED_BOARD_BOOT

CRYPTO_SUPPORT is enabled by default when TRUSTED_BOARD_BOOT is
enabled so usage CRYPTO_SUPPORT in conjunction with TRUSTED_BOARD_BOOT
might sometime be confusing to look at.

Adding minor cleanup to make it look simpler with conditions.
No functionality changes.

Change-Id: I800524d54ea56dc27b6c6da26c75a07f5f6de984
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

feat(fvp): increase BL1_RW and BL2 size

To support mbedtls3.3 increase BL1_RW and BL2 size rsa+ecdsa alg.

Increase both by one page size. In mbedtls3.3 numerous config options
have been tweaked and

feat(fvp): increase BL1_RW and BL2 size

To support mbedtls3.3 increase BL1_RW and BL2 size rsa+ecdsa alg.

Increase both by one page size. In mbedtls3.3 numerous config options
have been tweaked and made defaults[1] thus a small increase in size
can result for mbedtls-3.3

This size limitation is observed when we build TF-A with
TF_MBEDTLS_KEY_ALG=rsa+ecdsa this approach is used in juno as well,
so use similar approach for FVP.

[1]: https://github.com/Mbed-TLS/mbedtls/blob/development/docs/3.0-migration-guide.md

Change-Id: I8a423711ac50b3d615c1d9650086cdbca5051c8e
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

refactor(mbedtls): avoid including MBEDTLS_CONFIG_FILE

Currently we include MBEDTLS_CONFIG_FILE directly and if a custom
config file is used it will included.

However from mbedtls-3.x onwards it di

refactor(mbedtls): avoid including MBEDTLS_CONFIG_FILE

Currently we include MBEDTLS_CONFIG_FILE directly and if a custom
config file is used it will included.

However from mbedtls-3.x onwards it discourages usage of
MBEDTLS_CONFIG_FILE include directly, so to resolve this and keep 2.28
compatibility include version.h which would include the custom config
file if present and also would expose us with mbedtls-major-version
number which could be used for selecting features and functions for
mbedtls 2.28 or 3.3

Change-Id: I029992311be2a38b588ebbb350875b03ea29acdb
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

build: always prefix section names with `.`

Some of our specialized sections are not prefixed with the conventional
period. The compiler uses input section names to derive certain other
section name

build: always prefix section names with `.`

Some of our specialized sections are not prefixed with the conventional
period. The compiler uses input section names to derive certain other
section names (e.g. `.rela.text`, `.relacpu_ops`), and these can be
difficult to select in linker scripts when there is a lack of a
delimiter.

This change introduces the period prefix to all specialized section
names.

BREAKING-CHANGE: All input and output linker section names have been
prefixed with the period character, e.g. `cpu_ops` -> `.cpu_ops`.

Change-Id: I51c13c5266d5975fbd944ef4961328e72f82fc1c
Signed-off-by: Chris Kay <chris.kay@arm.com>

show more ...

fix(tc): unify TC ROM start addresses

Because RSS now does not map the header into the TC2 ROM, it is no
longer necessary to have the code start at 0x1000, so unify with other
TC platforms at 0x0.

fix(tc): unify TC ROM start addresses

Because RSS now does not map the header into the TC2 ROM, it is no
longer necessary to have the code start at 0x1000, so unify with other
TC platforms at 0x0.

Change-Id: I7ec34bb814865ba39678f4da0412294d4679052d
Signed-off-by: Raef Coles <raef.coles@arm.com>

show more ...

Merge changes from topic "mb/tos-fw-config-load-refactor" into integration

* changes:
feat(spmd): map SPMC manifest region as EL3_PAS
feat(fvp): update device tree with load addresses of TOS_FW

Merge changes from topic "mb/tos-fw-config-load-refactor" into integration

* changes:
feat(spmd): map SPMC manifest region as EL3_PAS
feat(fvp): update device tree with load addresses of TOS_FW config
refactor(fvp): rename the DTB info structure member
feat(fconf): rename 'ns-load-address' to 'secondary-load-address'

show more ...