feat(rcar3): enable the stack protection

This commit changes ENABLE_STACK_PROTECTOR value to "strong" for
enabling the stack protector by canary.

Signed-off-by: Koichi Yamaguchi <koichi.yamaguchi.z

feat(rcar3): enable the stack protection

This commit changes ENABLE_STACK_PROTECTOR value to "strong" for
enabling the stack protector by canary.

Signed-off-by: Koichi Yamaguchi <koichi.yamaguchi.zb@hitachi.com>
Signed-off-by: Toshiyuki Ogasahara <toshiyuki.ogasahara.bo@hitachi.com>
Signed-off-by: Yoshifumi Hosoya <yoshifumi.hosoya.wj@renesas.com>
Change-Id: Ice351d23c98daf12737a5e65cef743035d62dabe

show more ...

Merge changes from topic "cca_dtb" into integration

* changes:
feat(arm): add COT_DESC_IN_DTB option for CCA CoT
feat(fvp): add CCA CoT in DTB support
docs(arm): update TBBR CoT dtsi file name

Merge changes from topic "cca_dtb" into integration

* changes:
feat(arm): add COT_DESC_IN_DTB option for CCA CoT
feat(fvp): add CCA CoT in DTB support
docs(arm): update TBBR CoT dtsi file name in doc
feat(dt-bindings): introduce CCA CoT, rename TBBR

show more ...

Merge "feat(intel): enable SDMMC frontdoor load for ATF->Linux" into integration

Merge changes Iaa189c54,I8856b495 into integration

* changes:
feat(intel): enable query of fip offset on RSU
feat(intel): support query of fip offset using RSU

feat(arm): add COT_DESC_IN_DTB option for CCA CoT

Add support for BL2 to get the CCA chain of trust description
through the Firmware Configuration Framework (FCONF). This makes
it possible to export

feat(arm): add COT_DESC_IN_DTB option for CCA CoT

Add support for BL2 to get the CCA chain of trust description
through the Firmware Configuration Framework (FCONF). This makes
it possible to export the part of the CCA chain of trust enforced
by BL2 in BL2's configuration file (TB_FW_CONFIG DTB file). BL2
will parse it when setting up the platform.

This feature can be enabled through the COT_DESC_IN_DTB=1 option.
The default behaviour (COT_DESC_IN_DTB=0) remains to hard-code
the CCA CoT into BL2 image.

Change-Id: Iec4f623d5e42b7c166beeb3ad6b35d918969f7e2
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>

show more ...

feat(fvp): add CCA CoT in DTB support

Adding support for CCA CoT in DTB. This makes it possible for BL2
to retrieve its chain of trust description from a configuration file
in DTB format. With this,

feat(fvp): add CCA CoT in DTB support

Adding support for CCA CoT in DTB. This makes it possible for BL2
to retrieve its chain of trust description from a configuration file
in DTB format. With this, the CoT description may be updated without
rebuilding BL2 image. This feature can be enabled by building BL2
with COT_DESC_IN_DTB=1 and COT=cca. The default behaviour remains to
embed the CoT description into BL2 image.

Change-Id: I5912aad5ae529281a93a76e6b8f4b89d867445fe
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>

show more ...

build: remove the `NM` variable

No part of the build system uses the `NM` variable, which is usually
used to dump symbol tables from compiled images. This change removes all
declarations of it.

Cha

build: remove the `NM` variable

No part of the build system uses the `NM` variable, which is usually
used to dump symbol tables from compiled images. This change removes all
declarations of it.

Change-Id: I796ff365e6a7f97d21678f1c8cf8b59bfbb1ae9c
Signed-off-by: Chris Kay <chris.kay@arm.com>

show more ...

build: prefer `gcc-ar` over `ar`

The `gcc-ar` wrapper exists to make it easier to support LTO on some
versions of GCC. The two commands are compatible, accepting exactly the
same arguments, so this

build: prefer `gcc-ar` over `ar`

The `gcc-ar` wrapper exists to make it easier to support LTO on some
versions of GCC. The two commands are compatible, accepting exactly the
same arguments, so this change moves us to `gcc-ar` to ensure that we
are configuring LTO correctly.

Change-Id: I24a4cfaad29d35b09f847299081f83ca9b41aa8a
Signed-off-by: Chris Kay <chris.kay@arm.com>

show more ...

build: always use the C compiler to preprocess

We're a bit inconsistent about which tool we use to preprocess source
files; in some places we use `$(CC) -E` whilst in others we use `cpp`.

This chan

build: always use the C compiler to preprocess

We're a bit inconsistent about which tool we use to preprocess source
files; in some places we use `$(CC) -E` whilst in others we use `cpp`.

This change forces all invocations of the C preprocessor to use the
first scheme, which ensures that the preprocessor behaves the same way
as the C compiler used when compiling C source files.

Change-Id: Iede2f25ff86ea8b43d7a523e32648058d5023832
Signed-off-by: Chris Kay <chris.kay@arm.com>

show more ...

Merge "refactor(juno): move plat_def_uuid_config to fiptool" into integration

fix(stm32mp2): add missing include

Without #include <plat/common/platform.h>, we have the following warning
with sparse:
plat/st/stm32mp2/bl2_plat_setup.c:15:6: warning: symbol
'bl2_el3_early_platf

fix(stm32mp2): add missing include

Without #include <plat/common/platform.h>, we have the following warning
with sparse:
plat/st/stm32mp2/bl2_plat_setup.c:15:6: warning: symbol
'bl2_el3_early_platform_setup' was not declared. Should it be static?
plat/st/stm32mp2/bl2_plat_setup.c:23:6: warning: symbol
'bl2_platform_setup' was not declared. Should it be static?
plat/st/stm32mp2/bl2_plat_setup.c:27:6: warning: symbol
'bl2_el3_plat_arch_setup' was not declared. Should it be static?

Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I18f9265c1eef1f8e8e0eac3d6c37a959e5c9e8b6

show more ...

feat(st): do not directly call BSEC functions in common code

When STM32MP2 boots on Cortex-M33, the Cortex-A35 do no more have access
to BSEC peripheral. New static inline stm32_otp_* wrappers are a

feat(st): do not directly call BSEC functions in common code

When STM32MP2 boots on Cortex-M33, the Cortex-A35 do no more have access
to BSEC peripheral. New static inline stm32_otp_* wrappers are added,
which just redirect to BSEC functions.

While at it remove a useless bsec.h include.

Change-Id: Ie0f917c02e48acf456634f455dae41805bf6adbf
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>

show more ...

feat(st): use stm32_get_otp_value_from_idx() in BL31

The shadowing of the OTP is done in BL2.
As for BL32 on AARCH32 systems, stm32_get_otp_value_from_idx()
should also use bsec_read_otp() in BL31.

feat(st): use stm32_get_otp_value_from_idx() in BL31

The shadowing of the OTP is done in BL2.
As for BL32 on AARCH32 systems, stm32_get_otp_value_from_idx()
should also use bsec_read_otp() in BL31.

Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: Ib406cfc154339e6d3cde3c925bc6e9416d77b689

show more ...

refactor(st): update test for closed chip

The function stm32mp_is_closed_device() is replaced with
stm32mp_check_closed_device(), which return an uint32_t, either
STM32MP_CHIP_SEC_OPEN or STM32MP_CH

refactor(st): update test for closed chip

The function stm32mp_is_closed_device() is replaced with
stm32mp_check_closed_device(), which return an uint32_t, either
STM32MP_CHIP_SEC_OPEN or STM32MP_CHIP_SEC_CLOSED.

Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: Ie0790cdc36c4b6522083bc1f0e7c38e8061e6adf

show more ...

refactor(st-bsec): improve BSEC driver

In order to ease the introduction of a new BSEC3 driver for STM32MP25,
the BSEC2 driver is reworked. Unused functions are removed. The
bsec_base global variabl

refactor(st-bsec): improve BSEC driver

In order to ease the introduction of a new BSEC3 driver for STM32MP25,
the BSEC2 driver is reworked. Unused functions are removed. The
bsec_base global variable is removed in favor of the macro BSEC_BASE.
A rework is also done around function checking the state of BSEC.

Change-Id: I1ad76cb67333ab9a8fa1d65db34d74a712bf1190
Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Signed-off-by: Yann Gautier <yann.gautier@st.com>

show more ...

refactor(st): use dashes for BSEC node names

This is something commonly asked by Linux kernel DT maintainers [1].
The mentioned doc is not upstreamed, but may be checked with dtbs_check.
While at it

refactor(st): use dashes for BSEC node names

This is something commonly asked by Linux kernel DT maintainers [1].
The mentioned doc is not upstreamed, but may be checked with dtbs_check.
While at it align some nodes with Linux or OP-TEE.

[1] https://lore.kernel.org/linux-arm-kernel/20231125184422.12315-1-krzysztof.kozlowski@linaro.org/

Change-Id: I63e983c2a00eda3cd8b81c66c0cd1a97cf8249b7
Signed-off-by: Yann Gautier <yann.gautier@st.com>

show more ...

feat(qemu): enable transfer list to BL31/32

Enable handoff to BL31 and BL32 using transfer list.
Encode TL_TAG_OPTEE_PAGABLE_PART as transfer entry.
Fallback to default handoff args when transfer li

feat(qemu): enable transfer list to BL31/32

Enable handoff to BL31 and BL32 using transfer list.
Encode TL_TAG_OPTEE_PAGABLE_PART as transfer entry.
Fallback to default handoff args when transfer list is disabled or
fails to archieve args from transfer entries.
Refactor handoff from BL2 to BL33.
Minor fixes of comment style.

Change-Id: I55d92ca7f5c4727bacc9725a7216c0ac70d16aec
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>

show more ...

Merge "fix(ti): do not stop non-secure timer on world switch" into integration

Merge changes from topic "st-asm-helpers" into integration

* changes:
feat(stm32mp2): put back core 1 in wfi after debugger's halt
feat(stm32mp2): add plat_my_core_pos
fix(stm32mp2): correct e

Merge changes from topic "st-asm-helpers" into integration

* changes:
feat(stm32mp2): put back core 1 in wfi after debugger's halt
feat(stm32mp2): add plat_my_core_pos
fix(stm32mp2): correct early/crash console init

show more ...

feat(intel): enable query of fip offset on RSU

Enable query of fip offset from QSPI on RSU boot for
Intel agilex and intel agilex5 platform

Change-Id: Iaa189c54723a8656b9691da5849fd86b9986cfa1
Sign

feat(intel): enable query of fip offset on RSU

Enable query of fip offset from QSPI on RSU boot for
Intel agilex and intel agilex5 platform

Change-Id: Iaa189c54723a8656b9691da5849fd86b9986cfa1
Signed-off-by: Mahesh Rao <mahesh.rao@intel.com>

show more ...

feat(intel): support query of fip offset using RSU

Query the fip binary from SPT table on RSU boot on Intel Agilex series.

Change-Id: I8856b49539f33272625d4c0a8c26b81b5864c4eb
Signed-off-by: Mahesh

feat(intel): support query of fip offset using RSU

Query the fip binary from SPT table on RSU boot on Intel Agilex series.

Change-Id: I8856b49539f33272625d4c0a8c26b81b5864c4eb
Signed-off-by: Mahesh Rao <mahesh.rao@intel.com>

show more ...

fix(xilinx): deprecate SiP service count query

As per SMCCC Section 6.2, the call count query for all the services
has been deprecated from SMCCC v1.2 onwards.

Inline with above change, AMD-Xilinx

fix(xilinx): deprecate SiP service count query

As per SMCCC Section 6.2, the call count query for all the services
has been deprecated from SMCCC v1.2 onwards.

Inline with above change, AMD-Xilinx SiP service count query has
been deprecated and now onwards will return unknown function
identifier error.

Change-Id: I296d119d65549fdb01718d08351d255550e4ead0
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>

show more ...

feat(qemu-sbsa): mpidr needs to be present

Coverity Scan reminded that we need to take care of MPIDR properly.
We need to make sure that we get MPIDR values from QEMU.

No MPIDR == panic() in case w

feat(qemu-sbsa): mpidr needs to be present

Coverity Scan reminded that we need to take care of MPIDR properly.
We need to make sure that we get MPIDR values from QEMU.

No MPIDR == panic() in case which should not happen.

Signed-off-by: Marcin Juszkiewicz <marcin.juszkiewicz@linaro.org>
Change-Id: Idb5fe7d958f0bcecd3d66a643743f478538f4a8b

show more ...

fix(ti): do not stop non-secure timer on world switch

As stated in the commit introducing the NS_TIMER_SWITCH build flag,
saving/restoring this registers causes the non-secure timer to stop
while in

fix(ti): do not stop non-secure timer on world switch

As stated in the commit introducing the NS_TIMER_SWITCH build flag,
saving/restoring this registers causes the non-secure timer to stop
while in the secure world and non-secure timer interrupts are prevented
from asserting until we return to the non-secure world. This breaks
any realtime OS on the non-secure side that uses this timer for
realtime scheduling.

This flag is by default off, but OP-TEE SPD enables it. The K3 OP-TEE
platform makes no use of these registers and we would like to have
support for realtime OSs while also supporting the OP-TEE SPD. Disable
this flag in our platform definition.

Signed-off-by: Andrew Davis <afd@ti.com>
Change-Id: I65055512d897b93b7690fd63c734f4731a6e09e6

show more ...

feat(stm32mp2): put back core 1 in wfi after debugger's halt

The core 1 is put in wfi for pen holding. If a debugger halts the
core, it causes the core to exit from wfi.

Let the core to jump back i

feat(stm32mp2): put back core 1 in wfi after debugger's halt

The core 1 is put in wfi for pen holding. If a debugger halts the
core, it causes the core to exit from wfi.

Let the core to jump back in wfi when the debugger resumes the
core's execution.

Signed-off-by: Antonio Borneo <antonio.borneo@foss.st.com>
Change-Id: I9b5607b05cdcde905dc4047af8d6f1292d53d701

show more ...