feat(intel): add SiP service for DCMF status

This patch adds 2 additional RSU SiP services for Intel SoCFPGA
platforms:
- INTEL_SIP_SMC_RSU_COPY_DCMF_STATUS stores current DCMF status in
BL31
- IN

feat(intel): add SiP service for DCMF status

This patch adds 2 additional RSU SiP services for Intel SoCFPGA
platforms:
- INTEL_SIP_SMC_RSU_COPY_DCMF_STATUS stores current DCMF status in
BL31
- INTEL_SIP_SMC_RSU_DCMF_STATUS is calling function for non-secure
software to retrieve stored DCMF status

Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: Ic7a3e6988c71ad4bf66c58a1d669956524dfdf11

show more ...

Merge changes from topic "qemu-measured-boot" into integration

* changes:
fix(arm): fix fvp and juno build with USE_ROMLIB option
feat(fdt-wrappers): add function to find or add a sudnode

feat(intel): add RSU 'Max Retry' SiP SMC services

Add SiP SMC services to store/retrieve 'Max Retry' counter
for Remote System Update (RSU).

Signed-off-by: Chee Hong Ang <chee.hong.ang@intel.com>
S

feat(intel): add RSU 'Max Retry' SiP SMC services

Add SiP SMC services to store/retrieve 'Max Retry' counter
for Remote System Update (RSU).

Signed-off-by: Chee Hong Ang <chee.hong.ang@intel.com>
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Change-Id: I17c1f0107ead64e6160954d26407f399003bcbd9

show more ...

feat(qemu): add support for measured boot

Add helper functions to generate event log for qemu
when MEASURED_BOOT=1.

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Change-Id: I17a098cb614a3

feat(qemu): add support for measured boot

Add helper functions to generate event log for qemu
when MEASURED_BOOT=1.

Signed-off-by: Ruchika Gupta <ruchika.gupta@linaro.org>
Change-Id: I17a098cb614a3a89fe0fe9577bed6edda8bfd070

show more ...

fix(arm): fix fvp and juno build with USE_ROMLIB option

Change-Id: I8a9b30a952be594435003f0d684e3faad484e8b8
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

feat(intel): enable SMC SoC FPGA bridges enable/disable

Enable SoC FPGA bridges enable/disable from non-secure world
through secure monitor calls

Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <

feat(intel): enable SMC SoC FPGA bridges enable/disable

Enable SoC FPGA bridges enable/disable from non-secure world
through secure monitor calls

Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Change-Id: I4474abab9731923a61ff0e7eb2c2fa32048001cb
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>

show more ...

feat(intel): add SMC/PSCI services for DCMF version support

Support get/store RSU DCMF version:
INTEL_SIP_SMC_RSU_DCMF_VERSION - Get current DCMF version
INTEL_SIP_SMC_RSU_COPY_DCMF_VERSION - Store

feat(intel): add SMC/PSCI services for DCMF version support

Support get/store RSU DCMF version:
INTEL_SIP_SMC_RSU_DCMF_VERSION - Get current DCMF version
INTEL_SIP_SMC_RSU_COPY_DCMF_VERSION - Store current DCMF version

Signed-off-by: Chee Hong Ang <chee.hong.ang@intel.com>
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Change-Id: I85ffbc0efc859736899d4812f040fd7be17c8d8d

show more ...

feat(intel): allow to access all register addresses if DEBUG=1

Allow to access all register addresses from SMC call if compile the code
with DEBUG=1 for debugging purpose.

Signed-off-by: Siew Chin

feat(intel): allow to access all register addresses if DEBUG=1

Allow to access all register addresses from SMC call if compile the code
with DEBUG=1 for debugging purpose.

Signed-off-by: Siew Chin Lim <elly.siew.chin.lim@intel.com>
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Change-Id: Idd31827fb71307efbdbcceeaa05f6cb072842e10

show more ...

fix(intel): modify how configuration type is handled

This patch creates macros to handle different configuration
types. These changes will help in adding new configuration
types in the future.

Sign

fix(intel): modify how configuration type is handled

This patch creates macros to handle different configuration
types. These changes will help in adding new configuration
types in the future.

Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Change-Id: I5826a8e5942228a9ed376212f0df43b1605c0199

show more ...

feat(intel): support SiP SVC version

This command supports to return SiP SVC major and minor version.

Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Signed-off-by: Jit Loon Lim <jit.loon.li

feat(intel): support SiP SVC version

This command supports to return SiP SVC major and minor version.

Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Change-Id: Ia8bf678b8de0278aeaae748f24bdd05f8c9f9b47

show more ...

feat(intel): enable firewall for OCRAM in BL31

Set OCRAM as secure region and required privileged access in BL31 to
prevent software running in normal world (non-secure) accessing memory
region in O

feat(intel): enable firewall for OCRAM in BL31

Set OCRAM as secure region and required privileged access in BL31 to
prevent software running in normal world (non-secure) accessing memory
region in OCRAM which may contain sensitive information (e.g. FSBL,
handoff data)

Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Change-Id: Ib6b24efd69f49cd3f9aa4ef2ea9f1af5ce582bd6
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>

show more ...

feat(intel): create source file for firewall configuration

Move codes that previously were part of system_manager driver into
firewall driver which are more appropriate based on their functionalitie

feat(intel): create source file for firewall configuration

Move codes that previously were part of system_manager driver into
firewall driver which are more appropriate based on their functionalities.

Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Change-Id: I35e9d792f35ee7491c2f306781417a0c8faae3fd
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>

show more ...

fix(intel): refactor NOC header

Refactor NOC header to be shareable across both Stratix 10 and Agilex
platforms. This patch also removes redundant NOC declarations in system
manager header file.

Si

fix(intel): refactor NOC header

Refactor NOC header to be shareable across both Stratix 10 and Agilex
platforms. This patch also removes redundant NOC declarations in system
manager header file.

Signed-off-by: Abdul Halim, Muhammad Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
Change-Id: I6348b67a8b54c2ad19327d6b8c25ae37d25e4b4a
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>

show more ...

feat(plat/mediatek/build_helpers): introduce mtk makefile

In order to modularize software libraries and platform drivers,
we create makefile helpers to treat a folder as a basic compile
unit.

Each

feat(plat/mediatek/build_helpers): introduce mtk makefile

In order to modularize software libraries and platform drivers,
we create makefile helpers to treat a folder as a basic compile
unit.

Each module has a build rule (rules.mk) to describe driver and software
library source codes to be built in.

Signed-off-by: Leon Chen <leon.chen@mediatek.com>
Change-Id: Ib2113b259dc97937b7295b265509025b43b14077

show more ...

feat(fvp): update HW_CONFIG DT loading mechanism

Currently, HW-config is loaded into non-secure memory, which mean
a malicious NS-agent could tamper with it. Ideally, this shouldn't
be an issue sinc

feat(fvp): update HW_CONFIG DT loading mechanism

Currently, HW-config is loaded into non-secure memory, which mean
a malicious NS-agent could tamper with it. Ideally, this shouldn't
be an issue since no software runs in non-secure world at this time
(non-secure world has not been started yet).

It does not provide a guarantee though since malicious external
NS-agents can take control of this memory region for update/corruption
after BL2 loads it and before BL31/BL32/SP_MIN consumes it. The threat
is mapped to Threat ID#3 (Bypass authentication scenario) in threat
model [1].

Hence modified the code as below -
1. BL2 loads the HW_CONFIG into secure memory
2. BL2 makes a copy of the HW_CONFIG in the non-secure memory at an
address provided by the newly added property(ns-load-address) in
the 'hw-config' node of the FW_CONFIG
3. SP_MIN receives the FW_CONFIG address from BL2 via arg1 so that
it can retrieve details (address and size) of HW_CONFIG from
FW_CONFIG
4. A secure and non-secure HW_CONFIG address will eventually be used
by BL31/SP_MIN/BL32 and BL33 components respectively
5. BL31/SP_MIN dynamically maps the Secure HW_CONFIG region and reads
information from it to local variables (structures) and then
unmaps it
6. Reduce HW_CONFIG maximum size from 16MB to 1MB; it appears
sufficient, and it will also create a free space for any future
components to be added to memory

[1]: https://trustedfirmware-a.readthedocs.io/en/latest/threat_model/threat_model.html

Change-Id: I1d431f3e640ded60616604b1c33aa638b9a1e55e
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

feat(ti): allow build config of low power mode support

Not all K3 platforms support low power mode, so to allow these
features to be included for platforms that do in build and
therefore reported in

feat(ti): allow build config of low power mode support

Not all K3 platforms support low power mode, so to allow these
features to be included for platforms that do in build and
therefore reported in the PSCI caps, define K3_PM_SYSTEM_SUSPEND
flag that can be set during build that will cause appropriate
space and functionality to be included in build for system
suspend support.

Change-Id: I821fbbd5232d91de6c40f63254b855e285d9b3e8
Signed-off-by: Dave Gerlach <d-gerlach@ti.com>

show more ...

feat(ti): increase SEC_SRAM_SIZE to 128k

Increase the lite platform SEC_SRAM_SIZE to 128k to allow space
for GIC context.

Change-Id: I6414309757ce9a9b7b3a9233a401312bfc459a3b
Signed-off-by: Dave Ge

feat(ti): increase SEC_SRAM_SIZE to 128k

Increase the lite platform SEC_SRAM_SIZE to 128k to allow space
for GIC context.

Change-Id: I6414309757ce9a9b7b3a9233a401312bfc459a3b
Signed-off-by: Dave Gerlach <d-gerlach@ti.com>

show more ...

feat(ti): add PSCI handlers for system suspend

Add necessary K3 PSCI handlers to enable system suspend to be reported
in the PSCI capabilities when asked during OS boot.

Additionally, have the hand

feat(ti): add PSCI handlers for system suspend

Add necessary K3 PSCI handlers to enable system suspend to be reported
in the PSCI capabilities when asked during OS boot.

Additionally, have the handlers provide information that all domains
should be off and also have the power domain suspend handler invoke the
TISCI_MSG_ENTER_SLEEP message to enter system suspend.

Change-Id: I351a16167770e9909e8ca525ee0d74fa93331194
Signed-off-by: Dave Gerlach <d-gerlach@ti.com>

show more ...

feat(ti): add gic save and restore calls

Add functions to save and restore GICv3 redist and dist contexts during
low power mode and then call these during the suspend entry and finish
psci handlers.

feat(ti): add gic save and restore calls

Add functions to save and restore GICv3 redist and dist contexts during
low power mode and then call these during the suspend entry and finish
psci handlers.

Change-Id: I26c2c0f3b7fc925de3b349499fa42d2405441577
Signed-off-by: Dave Gerlach <d-gerlach@ti.com>

show more ...

feat(ti): add enter sleep method

This TISCI API must be used to trigger entry into system suspend, and
this is done through the use of TI_SCI_MSG_ENTER_SLEEP. Introduce a
method to send this message

feat(ti): add enter sleep method

This TISCI API must be used to trigger entry into system suspend, and
this is done through the use of TI_SCI_MSG_ENTER_SLEEP. Introduce a
method to send this message.

Change-Id: Id7af5fb2a34623ad69e76764f389ff4d8d259fba
Signed-off-by: Dave Gerlach <d-gerlach@ti.com>

show more ...

Merge changes Ibe6fd206,Icdca3de6,I72016620,I57a2787c into integration

* changes:
fix(versal): fix coverity scan warnings
feat(versal): get version for ATF related EEMI APIs
feat(versal): enha

Merge changes Ibe6fd206,Icdca3de6,I72016620,I57a2787c into integration

* changes:
fix(versal): fix coverity scan warnings
feat(versal): get version for ATF related EEMI APIs
feat(versal): enhance PM_IOCTL EEMI API to support additional arg
feat(versal): add common interfaces to handle EEMI commands

show more ...

Merge "refactor(twed): improve TWED enablement in EL-3" into integration

fix(versal): fix coverity scan warnings

- Fix memory overrun issue
- include header file to fix Unknown macro warning

Change-Id: Ibe6fd206f44fbc22de746d255ff17c2b2325cd7b
Signed-off-by: Tanmay Shah

fix(versal): fix coverity scan warnings

- Fix memory overrun issue
- include header file to fix Unknown macro warning

Change-Id: Ibe6fd206f44fbc22de746d255ff17c2b2325cd7b
Signed-off-by: Tanmay Shah <tanmay.shah@xilinx.com>

show more ...

feat(versal): get version for ATF related EEMI APIs

The patch does below things.

1. As per current implementation, when Linux send a request to ATF to
get the version of APIs which are implemented

feat(versal): get version for ATF related EEMI APIs

The patch does below things.

1. As per current implementation, when Linux send a request to ATF to
get the version of APIs which are implemented in ATF then ATF wasn't
returning any version because there is a check for LIBPM module id.
The ATF is used to return version for the APIs which are implemented
in the firmware only.

Hence moved this switch-case before checking module id to get ATF
version.

Also, no need to pass Linux request to the firmware for the APIs
which are implemented in ATF instead return success after updating
version.

2. As per current implementation, higher 16-bit is used for ATF
version and lower 16-bit is used for firmware version. Now, removed
16-bit shift operation and send complete word i.e. 32-bit to Linux
user as there is no user who checks ATF version.

3. Add bit mask support in the feature check PM EEMI API for QUERY and
IOCTL ids.

Change-Id: Icdca3de6659f3b673b81a423ed79a3c20b678768
Signed-off-by: Ronak Jain <ronak.jain@xilinx.com>
Signed-off-by: Tanmay Shah <tanmay.shah@xilinx.com>

show more ...

feat(versal): enhance PM_IOCTL EEMI API to support additional arg

Currently, SMC handler is limited to parsing 5 arguments (1 API ID + 4
32-bit command args). Extend this handling to support one mor

feat(versal): enhance PM_IOCTL EEMI API to support additional arg

Currently, SMC handler is limited to parsing 5 arguments (1 API ID + 4
32-bit command args). Extend this handling to support one more 32-bit
command argument which is necessary to support new IOCTL IDs for
secure read/write interface.

Note that, this change is completely transparent and does not affect
existing functionality of any of the EEMI APIs.

Change-Id: I72016620eeeaf598f14853512120bfb30bb9a3e9
Signed-off-by: Izhar Ameer Shaikh <izhar.ameer.shaikh@xilinx.com>
Signed-off-by: Tanmay Shah <tanmay.shah@xilinx.com>

show more ...