Merge "feat(intel): support SDM mailbox safe inject seu error for Linux" into integration

feat(intel): enable SDMMC frontdoor load for ATF->Linux

SDMMC is 1 of the boot source for Agilex5 and legacy products.
By enabling this, ATF is able to read out the DTB binary and
loaded it to DDR f

feat(intel): enable SDMMC frontdoor load for ATF->Linux

SDMMC is 1 of the boot source for Agilex5 and legacy products.
By enabling this, ATF is able to read out the DTB binary and
loaded it to DDR for Linux boot.

Change-Id: Ida303fb43ea63013a08083ce65952c5ad4e28f93
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>

show more ...

fix(intel): fix hardcoded mpu frequency ticks

This patch is used to update the hardcoded mpu freq ticks
to obtain the freqq from the hardware setting itself.

Change-Id: I7b9eb49f2512b85fb477110f06a

fix(intel): fix hardcoded mpu frequency ticks

This patch is used to update the hardcoded mpu freq ticks
to obtain the freqq from the hardware setting itself.

Change-Id: I7b9eb49f2512b85fb477110f06ae86ef289aee58
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>

show more ...

feat(intel): support SDM mailbox safe inject seu error for Linux

Linux RAS shall handle the SEU error received from SDM and report
an error message to user

Change-Id: I89181a388063ce9bd6f56b45b1851

feat(intel): support SDM mailbox safe inject seu error for Linux

Linux RAS shall handle the SEU error received from SDM and report
an error message to user

Change-Id: I89181a388063ce9bd6f56b45b1851ccb08582437
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>

show more ...

fix(intel): update DDR range checking for Agilex5

Update DDR range checking for Agilex when total max size of
DRAM_BASE and DRAM_SIZE overflow unsigned 64bit.

Change-Id: Iaecfa5daae48da0af46cc1831d

fix(intel): update DDR range checking for Agilex5

Update DDR range checking for Agilex when total max size of
DRAM_BASE and DRAM_SIZE overflow unsigned 64bit.

Change-Id: Iaecfa5daae48da0af46cc1831d10c0e6a79613c2
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>

show more ...

fix(intel): update fcs functions to check ddr range

The src addr and dest addr of fcs functions are not checked against
their valid ddr range. Thus adding the ddr range checking to avoid
overlap/ove

fix(intel): update fcs functions to check ddr range

The src addr and dest addr of fcs functions are not checked against
their valid ddr range. Thus adding the ddr range checking to avoid
overlap/overwritten ddr address.

Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I9b4d4155dd16d9d5d36e0c91e4a2600c17867daf

show more ...

fix(intel): update fcs crypto init code to check for mode

The shall code only limit ECB, CBC and CTR mode to flow through the init
function. Anything other than that, the code shall reject to preven

fix(intel): update fcs crypto init code to check for mode

The shall code only limit ECB, CBC and CTR mode to flow through the init
function. Anything other than that, the code shall reject to prevent
security vulnerability.

Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I702ce90e229188830f8936bee2999610e9559b8b

show more ...

fix(rcar3): change RAM protection configurations

Change RAM protection control not to overwrite the images by DSMAC.

Signed-off-by: Toshiyuki Ogasahara <toshiyuki.ogasahara.bo@hitachi.com>
Signed-o

fix(rcar3): change RAM protection configurations

Change RAM protection control not to overwrite the images by DSMAC.

Signed-off-by: Toshiyuki Ogasahara <toshiyuki.ogasahara.bo@hitachi.com>
Signed-off-by: Yoshifumi Hosoya <yoshifumi.hosoya.wj@renesas.com>
Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org>
Change-Id: I038dc2bf90e721692d392ea4de5441647aa62029
---
Marek: - Move axi DRAM out and merge AXI_SPTCR15 setting into it
- Set AXI_SPTCR1 from 0x0E000E0EU to 0x0E000000U to let
TEE pick TFA DT

show more ...

fix(rcar3): fix load address range check

Fixed the check of the address range which the program is loaded to.
Use the addresses and sizes in the BL31 and BL32 certificates to check
that they are wit

fix(rcar3): fix load address range check

Fixed the check of the address range which the program is loaded to.
Use the addresses and sizes in the BL31 and BL32 certificates to check
that they are within the range of the target address and size
defined inside the TF-A.
It also uses the addresses and sizes in the BL33x certificates to check
that they are outside the protected area defined inside the TF-A.

Signed-off-by: Hideyuki Nitta <hideyuki.nitta.jf@hitachi.com>
Signed-off-by: Toshiyuki Ogasahara <toshiyuki.ogasahara.bo@hitachi.com>
Signed-off-by: Yoshifumi Hosoya <yoshifumi.hosoya.wj@renesas.com>
Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org> # Code clean up
Change-Id: Iade15431fc86587489fb0ca9106f6baaf7e926e2

show more ...

fix(rcar3-drivers): check loaded NS image area

Check if next NS image invades a previous loaded image.
Correct non secure image area to avoid loading a NS image to secure

Move GZ compressed payload

fix(rcar3-drivers): check loaded NS image area

Check if next NS image invades a previous loaded image.
Correct non secure image area to avoid loading a NS image to secure

Move GZ compressed payload at 32 * compressed payload size offset,
so it is loaded in non-secure area and can be decompressed into
non-secure area too. It is unlikely that the up to 2 MiB compressed
BL33 blob would decompress to payload larger than 64 MiB .

Signed-off-by: Tobias Rist <tobias.rist@joynext.com>
Signed-off-by: Yoshifumi Hosoya <yoshifumi.hosoya.wj@renesas.com>
Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org> # Fix for compressed BL33
Change-Id: I52fd556aab50687e4791e5dbc45d425f802c8757

show more ...

fix(sgi): apply workarounds for N2 CPU erratum

For RD-N2 and variant platforms, enable workarounds available for the
N2 CPU erratum.

Signed-off-by: Thomas Abraham <thomas.abraham@arm.com>
Change-Id

fix(sgi): apply workarounds for N2 CPU erratum

For RD-N2 and variant platforms, enable workarounds available for the
N2 CPU erratum.

Signed-off-by: Thomas Abraham <thomas.abraham@arm.com>
Change-Id: Ib0240f56813a913309e5a6a1902e2990979e9617

show more ...

Merge changes If2743827,I163f8169,I97a69650 into integration

* changes:
feat(imx8m): add 3600 MTps DDR PLL rate
fix(imx8m): align 3200 MTps rate with U-Boot
fix(imx8m): handle 3734 in addition

Merge changes If2743827,I163f8169,I97a69650 into integration

* changes:
feat(imx8m): add 3600 MTps DDR PLL rate
fix(imx8m): align 3200 MTps rate with U-Boot
fix(imx8m): handle 3734 in addition to 3733 and 3732 MTps rates

show more ...

Merge "feat(versal-net): add bufferless IPI Support" into integration

Merge "build(versal-net): reorganize platform source files" into integration

feat(rdn2): update power message value to 0

Standalone MM used by RD-N2 platfrom does not have power messaging
support. Set the value to 0.

Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Ch

feat(rdn2): update power message value to 0

Standalone MM used by RD-N2 platfrom does not have power messaging
support. Set the value to 0.

Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: Icdb16ea1976ce751071ce3df0e4bd86f3fb8ab8b

show more ...

Merge "fix(tc): guard PSA crypto headers under TF-M test-suite define" into integration

Merge "fix(intel): update HPS bridges for Agilex5 SoC FPGA" into integration

fix(tc): guard PSA crypto headers under TF-M test-suite define

The inclusion of PSA crypto headers is specifically required
during the building of TF-M test-suite platform tests for TC2.
Hence guard

fix(tc): guard PSA crypto headers under TF-M test-suite define

The inclusion of PSA crypto headers is specifically required
during the building of TF-M test-suite platform tests for TC2.
Hence guarded the inclusion of these headers under the define
PLATFORM_TEST_TFM_TESTSUITE.

Change-Id: Ia5dcadb93f308d2248d9768d373a87316ceb983c
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

feat(versal-net): add bufferless IPI Support

There exist inter-processor interrupts on Versal-Net that do not have
corresponding message buffers. These bufferless IPI's on Versal NET
SOC are added t

feat(versal-net): add bufferless IPI Support

There exist inter-processor interrupts on Versal-Net that do not have
corresponding message buffers. These bufferless IPI's on Versal NET
SOC are added to static IPI Tables.

In hardware description there exists two IPI's called 'IPI6' without
buffers that have respective system interrupt values 95 and 101. For
these append the string '_95' or '_101' to denote the difference for
each.

Change-Id: I22bf1a68cb0ed68913eb868f1c197856fc7d82d5
Signed-off-by: Ben Levinsky <ben.levinsky@amd.com>

show more ...

feat(tc): provide a mock mbedtls-random generation function

Simulated the utilization of an external RNG through the
MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG configuration option in mbedTLS.
Consequently, an

feat(tc): provide a mock mbedtls-random generation function

Simulated the utilization of an external RNG through the
MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG configuration option in mbedTLS.
Consequently, an implementation of mbedtls_psa_external_get_random()
is provided. Given the absence of actual external RNG support,
we provide a mock implementation by utilizing the system counter to
fill the the buffer to provide a random number, specifically tailored
for the use exclusively within the TF-M testsuite.
While this method is not ideal for generating random numbers,
alternatives like the 'rand' library function are not feasible due to
lack of support in TF-A. Additionally, the architectural 'rand'
instruction is not viable, as it is only supported for platforms with
Armv8.5-a+ architecture as an optional feature.
mbedtls_psa_external_get_random() function comes into play during the
exportation of the public portion of the delegated attestation key.

This helps in using mbedTLS-3.4.1 for running the delegated attestation
tests on TC platform.

Change-Id: Ifcf4e3231aad93595e00c353a4b0c606c0ef9fc2
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

build(versal-net): reorganize platform source files

Reorganize the platform source files necessary across various
Bootloader (BL) configurations within the platform makefile.
This reordering aims to

build(versal-net): reorganize platform source files

Reorganize the platform source files necessary across various
Bootloader (BL) configurations within the platform makefile.
This reordering aims to prevent redundant inclusions of these files
across multiple makefiles used for distinct features.

Change-Id: I9c5525dd8522cb8c8e3ad6add70189dcb7cfcc29
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>

show more ...

feat(imx8m): add 3600 MTps DDR PLL rate

Add 3600 MTps DRAM and its 900 MHz PLL setting M=300 P=8 S=0 , so
24 MHz * 300 / 8 / 2^0 = 900 MHz ~ 3600 MTps (x4) .

Signed-off-by: Marek Vasut <marex@denx.

feat(imx8m): add 3600 MTps DDR PLL rate

Add 3600 MTps DRAM and its 900 MHz PLL setting M=300 P=8 S=0 , so
24 MHz * 300 / 8 / 2^0 = 900 MHz ~ 3600 MTps (x4) .

Signed-off-by: Marek Vasut <marex@denx.de>
Change-Id: If2743827294efc0f981718f04b772cc462846195

show more ...

fix(imx8m): align 3200 MTps rate with U-Boot

The 3200 MTps DRAM and its 800 MHz PLL setting in U-Boot is set to
M=300 P=9 S=0 , so 24 MHz * 300 / 9 / 2^0 = 800 MHz ~ 3200 MTps (x4) .
Make sure the P

fix(imx8m): align 3200 MTps rate with U-Boot

The 3200 MTps DRAM and its 800 MHz PLL setting in U-Boot is set to
M=300 P=9 S=0 , so 24 MHz * 300 / 9 / 2^0 = 800 MHz ~ 3200 MTps (x4) .
Make sure the PLL settings are aligned across software components.

Signed-off-by: Marek Vasut <marex@denx.de>
Change-Id: I163f81696be213acf6ecebe89ff2c76d41484cc5

show more ...

fix(imx8m): handle 3734 in addition to 3733 and 3732 MTps rates

The new MX8M DDR tool 3.31 now generates a programming file which uses
data rate 3734 instead of 3733 or 3732 . Handle another roundin

fix(imx8m): handle 3734 in addition to 3733 and 3732 MTps rates

The new MX8M DDR tool 3.31 now generates a programming file which uses
data rate 3734 instead of 3733 or 3732 . Handle another rounding option .

Signed-off-by: Marek Vasut <marex@denx.de>
Change-Id: I97a69650c12d78dfff9dcdb23e27fd6590f57fc0

show more ...

Merge "feat(ff-a): update FF-A version to v1.2" into integration