fix(zynqmp): handle invalid entry point in cpu hotplug scenario

Invalid addresses are from 2G-4G and also address where TF-A is.

Change-Id: Iedb817a2f9667b7d0b9a3ac03891a5b93295bf87
Signed-off-by:

fix(zynqmp): handle invalid entry point in cpu hotplug scenario

Invalid addresses are from 2G-4G and also address where TF-A is.

Change-Id: Iedb817a2f9667b7d0b9a3ac03891a5b93295bf87
Signed-off-by: Maheedhar Bollapalli <maheedharsai.bollapalli@amd.com>

show more ...

Merge "refactor(mediatek): fix mcusys off issue for MTK GIC v3 driver" into integration

Merge "feat(rme): add SMMU and PCIe information to Boot manifest" into integration

feat(rme): add SMMU and PCIe information to Boot manifest

- Define information structures for SMMU, root complex,
root port and BDF mappings.
- Add entries for SMMU and PCIe root complexes to Boot

feat(rme): add SMMU and PCIe information to Boot manifest

- Define information structures for SMMU, root complex,
root port and BDF mappings.
- Add entries for SMMU and PCIe root complexes to Boot manifest.
- Update RMMD_MANIFEST_VERSION_MINOR from 4 to 5.

Change-Id: I0a76dc18edbaaff40116f376aeb56c750d57c7c1
Signed-off-by: AlexeiFedorov <Alexei.Fedorov@arm.com>

show more ...

fix(qemu): ignore TPM error

If firmware is configured with TPM support but it's missing
on HW, e.g. swtpm not started and/or configured with qemu,
then continue booting. Missing TPM is not a fatal e

fix(qemu): ignore TPM error

If firmware is configured with TPM support but it's missing
on HW, e.g. swtpm not started and/or configured with qemu,
then continue booting. Missing TPM is not a fatal error.
Enables testing boot without TPM device to see that
missing TPM is detected further up the SW stack and correct
fallback actions are taken.

Change-Id: Ibf35ae84383dc87ad65385ecb9e07fd81dce88f2
Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org>

show more ...

Merge changes from topic "hm/handoff-aarch32" into integration

* changes:
refactor(arm): simplify early platform setup functions
feat(bl32): enable r3 usage for boot args
feat(handoff): add li

Merge changes from topic "hm/handoff-aarch32" into integration

* changes:
refactor(arm): simplify early platform setup functions
feat(bl32): enable r3 usage for boot args
feat(handoff): add lib to sp-min sources
feat(handoff): add 32-bit variant of SRAM layout
feat(handoff): add 32-bit variant of ep info
fix(aarch32): avoid using r12 to store boot params
fix(arm): reinit secure and non-secure tls
refactor(handoff): downgrade error messages

show more ...

chore(versal2): realign address printing

Secure code address to be printed only when TF-A is
compiled with supported dispatcher service.

Change-Id: Ifb31f07981c00a9fddc7470aa991773266840400
Signed-

chore(versal2): realign address printing

Secure code address to be printed only when TF-A is
compiled with supported dispatcher service.

Change-Id: Ifb31f07981c00a9fddc7470aa991773266840400
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>

show more ...

fix(amd): update transfer list args for OP-TEE

Populate the boot arguments for handoff to OP-TEE, along with secure
endpoint information, from the transfer list only when
SPD is set to opteed.

Fix

fix(amd): update transfer list args for OP-TEE

Populate the boot arguments for handoff to OP-TEE, along with secure
endpoint information, from the transfer list only when
SPD is set to opteed.

Fix for MISRA Violation: MISRA-C:2012 R.14.4:
- The controlling expression of an if statement and the controlling
expression of an iteration-statement shall have essentially Boolean
type.

Change-Id: I645205da3cb8ef9eea7d2c8d9a4200b485274e8a
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>

show more ...

Merge "feat(zynqmp): add pin group for lower qspi interface" into integration

Merge "fix(rdv3): correctly handle FP regs context saving" into integration

refactor(mediatek): fix mcusys off issue for MTK GIC v3 driver

When mcusys is off, rdist_ctx will save the rdist data of the last core.
In the case of the last core plug off, the data of other cores

refactor(mediatek): fix mcusys off issue for MTK GIC v3 driver

When mcusys is off, rdist_ctx will save the rdist data of the last core.
In the case of the last core plug off, the data of other cores will be
inconsistent with the data in rdist_ctx.

Therefore, each core needs to use a dedicated context.

Signed-off-by: Runyang Chen <runyang.chen@mediatek.com>
Change-Id: Ic9501f4da219cf906c0e348982be3f550c3ba30b

show more ...

refactor(arm): simplify early platform setup functions

Refactor `arm_sp_min_early_platform_setup` to accept generic
`u_register_r` values to support receiving firmware handoff boot
arguments in comm

refactor(arm): simplify early platform setup functions

Refactor `arm_sp_min_early_platform_setup` to accept generic
`u_register_r` values to support receiving firmware handoff boot
arguments in common code. This has the added benefit of simplifying the
interface into common early platform setup.

Change-Id: Idfc3d41f94f2bf3a3a0c7ca39f6b9b0013836e3a
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>

show more ...

fix(rdv3): correctly handle FP regs context saving

Commit fe488c3796e01187fb6cffdd27a1bee1a33e0931 added an override to
force `CTX_INCLUDE_SVE_REGS` to 0 when `SPD == spmd` and
`SPMD_SPM_AT_SEL2 ==

fix(rdv3): correctly handle FP regs context saving

Commit fe488c3796e01187fb6cffdd27a1bee1a33e0931 added an override to
force `CTX_INCLUDE_SVE_REGS` to 0 when `SPD == spmd` and
`SPMD_SPM_AT_SEL2 == 1`.
Since there is an architectural dependency between FP and SVE registers,
`CTX_INCLUDE_FPREGS` must also be overridden to 0 when
CTX_INCLUDE_SVE_REGS is 0.

Signed-off-by: Rakshit Goyal <rakshit.goyal@arm.com>
Change-Id: I1cd834241a2d5a5368ac532a348d8729a701bbcd

show more ...

Merge changes from topic "dtpm_poc" into integration

* changes:
feat(docs): update mboot threat model with dTPM
docs(tpm): add design documentation for dTPM
fix(rpi3): expose BL1_RW to BL2 ma

Merge changes from topic "dtpm_poc" into integration

* changes:
feat(docs): update mboot threat model with dTPM
docs(tpm): add design documentation for dTPM
fix(rpi3): expose BL1_RW to BL2 map for mboot
feat(rpi3): add dTPM backed measured boot
feat(tpm): add Infineon SLB9670 GPIO SPI config
feat(tpm): add tpm drivers and framework
feat(io): add generic gpio spi bit-bang driver
feat(rpi3): implement eventlog handoff to BL33
feat(rpi3): implement mboot for rpi3

show more ...

Merge changes from topic "mec" into integration

* changes:
feat(qemu): add plat_rmmd_mecid_key_update()
feat(rmmd): add RMM_MECID_KEY_UPDATE call

feat(qemu): add plat_rmmd_mecid_key_update()

Add an implementation of the plat_rmmd_mecid_key_update() callback, that
updates the MEC keys associated with a MECID. Leave it empty for now,
since QEMU

feat(qemu): add plat_rmmd_mecid_key_update()

Add an implementation of the plat_rmmd_mecid_key_update() callback, that
updates the MEC keys associated with a MECID. Leave it empty for now,
since QEMU doesn't yet implement an MPE (Memory Protection Engine).

Change-Id: I2746f6024f28e4fd487726de9e43e14d8cad57a0
Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>

show more ...

feat(rmmd): add RMM_MECID_KEY_UPDATE call

With this addition, TF-A now has an SMC call to handle the
update of MEC keys associated to MECIDs.

The behavior of this newly added call is empty for now

feat(rmmd): add RMM_MECID_KEY_UPDATE call

With this addition, TF-A now has an SMC call to handle the
update of MEC keys associated to MECIDs.

The behavior of this newly added call is empty for now until an
implementation for the MPE (Memory Protection Engine) driver is
available. Only parameter sanitization has been implemented.

Signed-off-by: Tushar Khandelwal <tushar.khandelwal@arm.com>
Signed-off-by: Jean-Philippe Brucker <jean-philippe@linaro.org>
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
Change-Id: I2a969310b47e8c6da1817a79be0cd56158c6efc3

show more ...

fix(rpi3): expose BL1_RW to BL2 map for mboot

BL2 requires the ability to access the TCG Event Log during
Measured Boot. Currently the Platform hangs since the Event Log
is not exposed to BL2's mma

fix(rpi3): expose BL1_RW to BL2 map for mboot

BL2 requires the ability to access the TCG Event Log during
Measured Boot. Currently the Platform hangs since the Event Log
is not exposed to BL2's mmap. Define a RPI3_BL1_RW region to be
added to the BL2 Image, if Measured Boot is enabled.

Change-Id: Ic236a80e73ea342b4590cfb65bafbb8ffac17085
Signed-off-by: Abhi Singh <abhi.singh@arm.com>

show more ...

feat(rpi3): add dTPM backed measured boot

In BL1 and BL2 add support for the use of an Infineon Optiga SLB 9670
TPM2.0.
The platform utilizes the gpio_spi.c driver to bit-bang gpio pins in
order to

feat(rpi3): add dTPM backed measured boot

In BL1 and BL2 add support for the use of an Infineon Optiga SLB 9670
TPM2.0.
The platform utilizes the gpio_spi.c driver to bit-bang gpio pins in
order to send commands and receive responses to/from the TPM.
In BL1 & BL2:
-utilize TPM commands to initialize the gpio pins for "spi"
communication, and extend image hashes to the TPM's PCR 0,
at the end of the measured boot phase for the bootloader,
the TPM locality is released.
-Bl1 executes a tpm_startup command in order to flush the TPM.

Change-Id: I2f2fa28f60a262a0aa25a674c72a9904b3cf4d8a
Signed-off-by: Tushar Khandelwal <tushar.khandelwal@arm.com>
Signed-off-by: Abhi Singh <abhi.singh@arm.com>

show more ...

feat(rpi3): implement eventlog handoff to BL33

At the end of BL2 measured boot, write the address
and size of the TCG Event Log to NT_FW_CONFIG so
that the log can be consumed later by BL33.
-add dy

feat(rpi3): implement eventlog handoff to BL33

At the end of BL2 measured boot, write the address
and size of the TCG Event Log to NT_FW_CONFIG so
that the log can be consumed later by BL33.
-add dynamic configuration helpers for the fdt
-write the eventlog address and size to the fdt

Change-Id: I099dd9cc96d740ae13cb8b8e8c6b9f2e6c02accc
Signed-off-by: Abhi Singh <abhi.singh@arm.com>

show more ...

feat(rpi3): implement mboot for rpi3

Add Measured Boot support using the Event Log backend for the rpi3
platform.
-Implement measured boot infrastructure in BL1 & BL2, including
the init, measure i

feat(rpi3): implement mboot for rpi3

Add Measured Boot support using the Event Log backend for the rpi3
platform.
-Implement measured boot infrastructure in BL1 & BL2, including
the init, measure image, and finish phases.
-Pass the eventlog addr and size from BL1 to BL2 using the
image entry point args.
-dump the eventlog after measuring BL2, and after all images are
measured in BL2.

Signed-off-by: Tushar Khandelwal <tushar.khandelwal@arm.com>
Signed-off-by: Abhi Singh <abhi.singh@arm.com>
Change-Id: I7c040c4a2d001a933fefb0b16f0fdf2a43a11be9

show more ...

fix(versal2): rename console build arg to generic

Rename VERSAL2_CONSOLE build argument to CONSOLE to
keep it aligned with generic build arguments.

Change-Id: I0f4967aa262f0300d8f76f6638030a1839901

fix(versal2): rename console build arg to generic

Rename VERSAL2_CONSOLE build argument to CONSOLE to
keep it aligned with generic build arguments.

Change-Id: I0f4967aa262f0300d8f76f6638030a1839901234
Signed-off-by: Maheedhar Bollapalli <maheedharsai.bollapalli@amd.com>

show more ...

fix(arm): reinit secure and non-secure tls

Initializing the transfer list using `transfer_list_ensure` allows reuse
of an already initialized transfer list. While this is beneficial when
receiving a

fix(arm): reinit secure and non-secure tls

Initializing the transfer list using `transfer_list_ensure` allows reuse
of an already initialized transfer list. While this is beneficial when
receiving a transfer list and ensuring one exists, it causes issues
during a system RESET if the old content of SRAM is not cleared.

To prevent this, at least one step in the reset path must zero intialise
the transfer list memory. Unless a previous stage explicitly provides a
transfer list via boot arguments, a fresh transfer list should be
created.

This change ensures that BL1 and BL31 properly reinitialize the transfer
lists, preserving correctness for secure and non-secure handoffs in
TF-A.

Change-Id: I3bfaa9e76df932a637031d645e4a22d857a094a5
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>

show more ...

feat(intel): support FCS commands with SiPSVC V3 framework

Support all the FCS(FPGA Crypto Service) commands with
SiPSVC verson3 framework.

Change-Id: I1dfb95aaddf7111325ce0082eb26f7a201001141
Sign

feat(intel): support FCS commands with SiPSVC V3 framework

Support all the FCS(FPGA Crypto Service) commands with
SiPSVC verson3 framework.

Change-Id: I1dfb95aaddf7111325ce0082eb26f7a201001141
Signed-off-by: Girisha Dengi <girisha.dengi@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@altera.com>

show more ...

feat(intel): implementation of SiPSVC-V3 protocol framework

- Develop SiPSVC-V3 framework to support async/yielding SMC calls.
- Add support for multi clients with multiple jobs running together.
-

feat(intel): implementation of SiPSVC-V3 protocol framework

- Develop SiPSVC-V3 framework to support async/yielding SMC calls.
- Add support for multi clients with multiple jobs running together.
- Add support for SDM doorbell interrupt handling.
- Keep the framework backward compatible with V1 clients.
- Enable the framework on all the platform Agilex7, Agilex5, N5X,
and Stratix10.

Change-Id: I9eb61c48be89867b4227e084493bfcf67cbe7924
Signed-off-by: Girisha Dengi <girisha.dengi@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@altera.com>

show more ...