refactor(fvp): add missing header guard in fvp_critical_data.h

Change-Id: If7d1a9dd756164c8e31e29d9e36973f1a21fc8b6
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>

feat(tc): move start address for BL1 to 0x1000

Locate BL1 at 0x1000 to compensate for the MCUBoot
header size.

Signed-off-by: Anders Dellien <anders.dellien@arm.com>
Change-Id: I30a5ccf8212786479bf

feat(tc): move start address for BL1 to 0x1000

Locate BL1 at 0x1000 to compensate for the MCUBoot
header size.

Signed-off-by: Anders Dellien <anders.dellien@arm.com>
Change-Id: I30a5ccf8212786479bff8286f3d0abb9dec4b7d0

show more ...

feat(versal): get the handoff params using IPI

Use the IPI command GET_HANDOFF_PARAM to get the TF-A handoff
params, rather than using the PLM's PPU RAM area. With this
approach this resolves the is

feat(versal): get the handoff params using IPI

Use the IPI command GET_HANDOFF_PARAM to get the TF-A handoff
params, rather than using the PLM's PPU RAM area. With this
approach this resolves the issue when XPPU is enabled.

Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
Reviewed-by: Michal Simek <michal.simek@amd.com>
Change-Id: I6828c391ad696d2d36e994684aa21b023711ba2d

show more ...

refactor(xilinx): move the atf handoff structure

Move the ATF handoff structure from the plat_startup.c to the
header file plat_startup.h, as these can be used by the platform code.

Signed-off-by:

refactor(xilinx): move the atf handoff structure

Move the ATF handoff structure from the plat_startup.c to the
header file plat_startup.h, as these can be used by the platform code.

Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
Reviewed-by: Michal Simek <michal.simek@amd.com>
Change-Id: Ifb425d444eb65fe8648952d2ff64d4e92c2b340a

show more ...

refactor(versal): move payload and module ID macros

Move the payload and module ID macros from the pm_api_sys.c file and
add it in the header file, as these macros can be used other than PM.

Signe

refactor(versal): move payload and module ID macros

Move the payload and module ID macros from the pm_api_sys.c file and
add it in the header file, as these macros can be used other than PM.

Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
Reviewed-by: Michal Simek <michal.simek@amd.com>
Change-Id: I678444b79ac3799a82bd93915e4639b3babf5fb9

show more ...

Merge changes Iec22dcab,Ib88b4b5d,I50cd6b82,If1167785,I9b3a08ef, ... into integration

* changes:
feat(imx8m): keep pu domains in default state during boot stage
feat(imx8m): add the PU power dom

Merge changes Iec22dcab,Ib88b4b5d,I50cd6b82,If1167785,I9b3a08ef, ... into integration

* changes:
feat(imx8m): keep pu domains in default state during boot stage
feat(imx8m): add the PU power domain support on imx8mm/mn
feat(imx8m): add the anamix pll override setting
feat(imx8m): add the ddr frequency change support for imx8m family
feat(imx8mn): enable dram retention suuport on imx8mn
feat(imx8mm): enable dram retention suuport on imx8mm
feat(imx8m): add dram retention flow for imx8m family

show more ...

refactor(arm): add debug logs to show the reason behind skipping firmware config loading

Added debug logs to show the reason behind skipping firmware
configuration loading, and also a few debug stri

refactor(arm): add debug logs to show the reason behind skipping firmware config loading

Added debug logs to show the reason behind skipping firmware
configuration loading, and also a few debug strings were corrected.
Additionally, a panic will be triggered if the configuration sanity
fails.

Change-Id: I6bbd67b72801e178a14cbe677a8831b25a907d0c
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

Merge "fix(morello): move BL31 to run from DRAM space" into integration

Merge changes from topic "sgi-updates-jul-2022" into integration

* changes:
feat(sgi): bump bl1 rw size
refactor(sgi): rewrite address space size definitions

feat(sgi): bump bl1 rw size

Increase BL1 RW size by 16 KiB to accommodate for future development.

Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
Change-Id: I21626a97de

feat(sgi): bump bl1 rw size

Increase BL1 RW size by 16 KiB to accommodate for future development.

Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
Change-Id: I21626a97de4a6c98c25b93b9f79e16325c6e4349

show more ...

refactor(sgi): rewrite address space size definitions

The value of the macro CSS_SGI_REMOTE_CHIP_MEM_OFFSET can be different
across all the Neoverse reference design platforms. This value depends
on

refactor(sgi): rewrite address space size definitions

The value of the macro CSS_SGI_REMOTE_CHIP_MEM_OFFSET can be different
across all the Neoverse reference design platforms. This value depends
on the number of address bits used per chip. So let all platforms define
CSS_SGI_ADDR_BITS_PER_CHIP which specifies the number of address bits
used per chip.

In addition to this, reuse the definition of CSS_SGI_ADDR_BITS_PER_CHIP
for single chip platforms and CSS_SGI_REMOTE_CHIP_MEM_OFFSET for multi-
chip platforms to determine the maximum address space size. Also,
increase the RD-N2 multi-chip address space per chip from 4TB to 64TB.

Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
Change-Id: If5e69ec26c2389304c71911729d4addbdf8b2686

show more ...

fix(morello): move BL31 to run from DRAM space

The EL3 runtime firmware has been running from internal trusted
SRAM space on the Morello platform. Due to unavailability of tag
support for the intern

fix(morello): move BL31 to run from DRAM space

The EL3 runtime firmware has been running from internal trusted
SRAM space on the Morello platform. Due to unavailability of tag
support for the internal trusted SRAM this becomes a problem if
we enable capability pointers in BL31.

To support capability pointers in BL31 it has to be run from the
main DDR memory space. This patch updates the Morello platform
configuration such that BL31 is loaded and run from DDR space.

Signed-off-by: Manoj Kumar <manoj.kumar3@arm.com>
Change-Id: I16d4d757fb6f58c364f5133236d50fc06845e0b4

show more ...

feat(zynqmp): resolve the misra 10.1 warnings

MISRA Violation: MISRA-C:2012 R.10.1
1) The expression of non-boolean essential type is being interpreted as a
boolean value for the operator.
2) The op

feat(zynqmp): resolve the misra 10.1 warnings

MISRA Violation: MISRA-C:2012 R.10.1
1) The expression of non-boolean essential type is being interpreted as a
boolean value for the operator.
2) The operand to the operator does not have an essentially unsigned type.

Signed-off-by: Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com>
Change-Id: I97bbc056f4fee167742429e144144ba793bf77b3

show more ...

fix(stm32mp13): correct USART addresses

On STM32MP13, USART1 and USART2 addresses are 0x4C000000 and 0x4C001000.
Whereas on STM32MP15, the addresses were 0x5C000000 and 0x4000E000.
Use dedicated fla

fix(stm32mp13): correct USART addresses

On STM32MP13, USART1 and USART2 addresses are 0x4C000000 and 0x4C001000.
Whereas on STM32MP15, the addresses were 0x5C000000 and 0x4000E000.
Use dedicated flags to choose the correct address, that could be use
for early or crash console.

Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: I98bd97a0ac8b0408a50376801e2a1961b241a3d6

show more ...

feat(stm32mp13): change BL33 memory mapping

U-Boot is loaded at the beginning of the DDR:
STM32MP_DDR_BASE = 0xC0000000.

This patch remove the need to use the 0x100000 offset, reserved
on STM32MP15

feat(stm32mp13): change BL33 memory mapping

U-Boot is loaded at the beginning of the DDR:
STM32MP_DDR_BASE = 0xC0000000.

This patch remove the need to use the 0x100000 offset, reserved
on STM32MP15 for flashlayout.

Signed-off-by: Patrick Delaunay <patrick.delaunay@foss.st.com>
Change-Id: I8d0a93f4db411cf59838e635a315c729cccee269

show more ...

feat(stm32mp1): retrieve FIP partition by type UUID

Modify the function to retrieve the FIP partition looking
the UUID type define for FIP. If not defined, compatibility
used to find the FIP partiti

feat(stm32mp1): retrieve FIP partition by type UUID

Modify the function to retrieve the FIP partition looking
the UUID type define for FIP. If not defined, compatibility
used to find the FIP partition by name.

Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Change-Id: I76634dea891f51d913a549fb9a077cf7284d5cb2

show more ...

refactor(stm32mp1): update PLAT_PARTITION_MAX_ENTRIES

Fix the maximum partition number to a default value. It must
also take care of the extra partition when FWU feature is enabled.

Change-Id: Ib64

refactor(stm32mp1): update PLAT_PARTITION_MAX_ENTRIES

Fix the maximum partition number to a default value. It must
also take care of the extra partition when FWU feature is enabled.

Change-Id: Ib64b1f19f1f0514f7e89d35fc367facd6df54bed
Signed-off-by: Lionel Debieve <lionel.debieve@foss.st.com>
Signed-off-by: Yann Gautier <yann.gautier@st.com>

show more ...

Merge changes from topic "jas/rmm-el3-ifc" into integration

* changes:
docs(rmmd): document EL3-RMM Interfaces
feat(rmmd): add support to create a boot manifest
fix(rme): use RMM shared buffer

Merge changes from topic "jas/rmm-el3-ifc" into integration

* changes:
docs(rmmd): document EL3-RMM Interfaces
feat(rmmd): add support to create a boot manifest
fix(rme): use RMM shared buffer for attest SMCs
feat(rmmd): add support for RMM Boot interface

show more ...

Merge "feat(arm): forbid running RME-enlightened BL31 from DRAM" into integration

feat(rmmd): add support to create a boot manifest

This patch also adds an initial RMM Boot Manifest (v0.1) for fvp
platform.

Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Ch

feat(rmmd): add support to create a boot manifest

This patch also adds an initial RMM Boot Manifest (v0.1) for fvp
platform.

Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Change-Id: I1374f8f9cb207028f1820953cd2a5cf6d6c3b948

show more ...

fix(rme): use RMM shared buffer for attest SMCs

Use the RMM shared buffer to attestation token and signing key SMCs.

Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Change-Id:

fix(rme): use RMM shared buffer for attest SMCs

Use the RMM shared buffer to attestation token and signing key SMCs.

Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Change-Id: I313838b26d3d9334fb0fe8cd4b229a326440d2f4

show more ...

feat(rmmd): add support for RMM Boot interface

This patch adds the infrastructure needed to pass boot arguments from
EL3 to RMM and allocates a shared buffer between both worlds that can
be used, am

feat(rmmd): add support for RMM Boot interface

This patch adds the infrastructure needed to pass boot arguments from
EL3 to RMM and allocates a shared buffer between both worlds that can
be used, among others, to pass a boot manifest to RMM. The buffer is
composed a single memory page be used by a later EL3 <-> RMM interface
by all CPUs.

The RMM boot manifest is not implemented by this patch.

In addition to that, this patch also enables support for RMM when
RESET_TO_BL31 is enabled.

Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Change-Id: I855cd4758ee3843eadd9fb482d70a6d18954d82a

show more ...

feat(arm): forbid running RME-enlightened BL31 from DRAM

According to Arm CCA security model [1],

"Root world firmware, including Monitor, is the most trusted CCA
component on application PE. It en

feat(arm): forbid running RME-enlightened BL31 from DRAM

According to Arm CCA security model [1],

"Root world firmware, including Monitor, is the most trusted CCA
component on application PE. It enforces CCA security guarantees for
not just Realm world, but also for Secure world and for itself.

It is expected to be small enough to feasibly fit in on-chip memory,
and typically needs to be available early in the boot process when
only on-chip memory is available."

For these reasons, it is expected that "monitor code executes entirely
from on-chip memory."

This precludes usage of ARM_BL31_IN_DRAM for RME-enlightened firmware.

[1] Arm DEN0096 A.a, section 7.3 "Use of external memory by CCA".

Change-Id: I752eb45f1e6ffddc7a6f53aadcc92a3e71c1759f
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>

show more ...

Merge changes from topics "binary-format-sp", "od/meas-boot-spmc" into integration

* changes:
feat(spm): add tpm event log node to spmc manifest
fix(measured-boot): add SP entries to event_log_m

Merge changes from topics "binary-format-sp", "od/meas-boot-spmc" into integration

* changes:
feat(spm): add tpm event log node to spmc manifest
fix(measured-boot): add SP entries to event_log_metadata

show more ...

feat(stm32mp15): manage OP-TEE shared memory

On STM32MP15, there is currently an OP-TEE shared memory area at the end
of the DDR. But this area will in term be removed. To allow a smooth
transition,

feat(stm32mp15): manage OP-TEE shared memory

On STM32MP15, there is currently an OP-TEE shared memory area at the end
of the DDR. But this area will in term be removed. To allow a smooth
transition, a new flag is added (STM32MP15_OPTEE_RSV_SHM). It reflects
the OP-TEE flag: CFG_CORE_RESERVED_SHM. The flag is enabled by default
(no behavior change). It will be set to 0 when OP-TEE is aligned, and
then later be removed.

Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I91146cd8a26a24be22143c212362294c1e880264

show more ...