Merge changes I6e4cd8b5,Id5086b3c,I070d62bb into integration

* changes:
fix(el3-runtime): allow RNDR access at EL3 even when RNG_TRAP is enabled
fix(smccc): don't panic on a feature availability

Merge changes I6e4cd8b5,Id5086b3c,I070d62bb into integration

* changes:
fix(el3-runtime): allow RNDR access at EL3 even when RNG_TRAP is enabled
fix(smccc): don't panic on a feature availability call with FEAT_RNG_TRAP
fix(bl1): use per-world context correctly

show more ...

fix(smccc): don't panic on a feature availability call with FEAT_RNG_TRAP

FEAT_RNG_TRAP requires a little bit of extra care to be reported
correctly, which we do. However, the check value isn't upda

fix(smccc): don't panic on a feature availability call with FEAT_RNG_TRAP

FEAT_RNG_TRAP requires a little bit of extra care to be reported
correctly, which we do. However, the check value isn't updated
accordingly leading to a panic. Update it to avoid.

Change-Id: Id5086b3cd1c6dd74287397b9636088fe1ccb5703
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>

show more ...

Merge "refactor(el3-runtime): move context security states to context.h" into integration

refactor(el3-runtime): move context security states to context.h

The three security states (S, NS, RL) are architecturally quite
consistent - anything that uses them has the same numerical assignmen

refactor(el3-runtime): move context security states to context.h

The three security states (S, NS, RL) are architecturally quite
consistent - anything that uses them has the same numerical assignments
(0, 1, 2) and they are quite convenient for indexing. However, we're not
as consistent in tf-a and this is defined in a few places. Since
cpu_data has a dependency on the context management library, use its
security state convention in a few more places and take away this
responsibility from cpu_data.

Change-Id: Iec73b2be2eef91975554767557de72424d0031f1
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>

show more ...

Merge changes from topic "xlnx_fix_gen_unused_var" into integration

* changes:
fix(console): create unique variable name
fix(bl31): declare function as static
fix(psci): initialise variable to

Merge changes from topic "xlnx_fix_gen_unused_var" into integration

* changes:
fix(console): create unique variable name
fix(bl31): declare function as static
fix(psci): initialise variable to default zero
fix(services): declare unused parameters as void
fix(lib): declare unused parameters as void
fix(platforms): declare unused parameters as void

show more ...

fix(services): declare unused parameters as void

This corrects the MISRA violation C2012-2.7:
There should be no unused parameters in functions.
Declared unused function parameters as void.

Change-

fix(services): declare unused parameters as void

This corrects the MISRA violation C2012-2.7:
There should be no unused parameters in functions.
Declared unused function parameters as void.

Change-Id: I44aa576a081f0925aa29b42d7432faec46605a87
Signed-off-by: Nithin G <nithing@amd.com>
Signed-off-by: Maheedhar Bollapalli <maheedharsai.bollapalli@amd.com>

show more ...

Merge "fix(smccc): modify feat discovery to use aarch64 value" into integration

fix(smccc): modify feat discovery to use aarch64 value

Fix SMCCC_ARCH_FEAT_AVAILABILITY to use aarch64 value

Change-Id: I0ff49a388070c90fd0d7d7c071b4109a7d59a9c9
Signed-off-by: Sona Mathew <SonaReb

fix(smccc): modify feat discovery to use aarch64 value

Fix SMCCC_ARCH_FEAT_AVAILABILITY to use aarch64 value

Change-Id: I0ff49a388070c90fd0d7d7c071b4109a7d59a9c9
Signed-off-by: Sona Mathew <SonaRebecca.Mathew@arm.com>

show more ...

Merge changes from topic "ar/soc_name" into integration

* changes:
feat(fvp): add SoC name support to FVP
feat(smccc): add SoC name support to SMCCC_ARCH_SOC_ID

feat(smccc): add SoC name support to SMCCC_ARCH_SOC_ID

This patch adds support for getting the SoC name string
using the SMCCC_ARCH_SOC_ID interface. The SoC name query
was introduced in SMCCC versi

feat(smccc): add SoC name support to SMCCC_ARCH_SOC_ID

This patch adds support for getting the SoC name string
using the SMCCC_ARCH_SOC_ID interface. The SoC name query
was introduced in SMCCC version 1.6. It is available only
through SMC64 calls.

A new function ID, SMCCC_GET_SOC_NAME, is added. It returns
the SoC name as a null-terminated ASCII string, spread across
registers X1 to X17 in little endian order.
The total length is 136 bytes, including the null byte.
Any space after the null terminator is filled
with zeros.

A platform hook plat_get_soc_name() is added to return the
SoC name. A weak default version is also provided that returns
SMC_ARCH_CALL_NOT_SUPPORTED for platforms that do not support
this feature.

The name should follow the SMCCC rule that it must not expose
any information that is not already reported
by the SoC version and revision calls.

Reference: https://developer.arm.com/documentation/den0028/latest/

Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: Idc69997c509bcbfb1cecb38ed1003b29627ade4b

show more ...

Merge changes from topic "xlnx_fix_gen_op_datatype" into integration

* changes:
fix(services): typecast operands to match data type
fix(psci): typecast operands to match data type
fix(common):

Merge changes from topic "xlnx_fix_gen_op_datatype" into integration

* changes:
fix(services): typecast operands to match data type
fix(psci): typecast operands to match data type
fix(common): typecast operands to match data type
fix(arm-drivers): typecast operands to match data type
fix(bl31): typecast operands to match data type

show more ...

fix(services): typecast operands to match data type

This corrects the MISRA violation C2012-10.3:
The value of an expression shall not be assigned to an object with a
narrower essential type or of a

fix(services): typecast operands to match data type

This corrects the MISRA violation C2012-10.3:
The value of an expression shall not be assigned to an object with a
narrower essential type or of a different essential type category.
The condition is explicitly checked against 0U, appending 'U' and
typecasting for unsigned comparison.

Change-Id: I202cff6a02554fc15965c3906bbb81db97c01d18
Signed-off-by: Nithin G <nithing@amd.com>
Signed-off-by: Maheedhar Bollapalli <maheedharsai.bollapalli@amd.com>

show more ...

Merge changes from topic "ar/cve_wa_refactor" into integration

* changes:
refactor(cpus): optimize CVE checking
refactor(cpus): move errata check to common code
refactor(cpus): drop unused arg

Merge changes from topic "ar/cve_wa_refactor" into integration

* changes:
refactor(cpus): optimize CVE checking
refactor(cpus): move errata check to common code
refactor(cpus): drop unused argument forward_flag

show more ...

refactor(cpus): optimize CVE checking

This patch replaces the use of EXTRA functions
with using erratum entries check
to verify CVE mitigation application for some of
the SMCCC_ARCH_WORKAROUND_* cal

refactor(cpus): optimize CVE checking

This patch replaces the use of EXTRA functions
with using erratum entries check
to verify CVE mitigation application for some of
the SMCCC_ARCH_WORKAROUND_* calls.

Previously, EXTRA functions were individually implemented for
each SMCCC_ARCH_WORKAROUND_*, an approach that becomes unmanageable
with the increasing number of workarounds.
By looking up erratum entries for CVE check, the process is streamlined,
reducing overhead associated with creating and
maintaining EXTRA functions for each new workaround.

New Errata entries are created for SMC workarounds and
that is used to target cpus that are uniquely impacted
by SMC workarounds.

Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I873534e367a35c99461d0a616ff7bf856a0000af

show more ...

Merge changes from topic "ar/smccc_arch_wa_4" into integration

* changes:
fix(security): apply SMCCC_ARCH_WORKAROUND_4 to affected cpus
fix(security): add support in cpu_ops for CVE-2024-7881

Merge changes from topic "ar/smccc_arch_wa_4" into integration

* changes:
fix(security): apply SMCCC_ARCH_WORKAROUND_4 to affected cpus
fix(security): add support in cpu_ops for CVE-2024-7881
fix(security): add CVE-2024-7881 mitigation to Cortex-X3
fix(security): add CVE-2024-7881 mitigation to Neoverse-V3
fix(security): add CVE-2024-7881 mitigation to Neoverse-V2
fix(security): add CVE-2024-7881 mitigation to Cortex-X925
fix(security): add CVE-2024-7881 mitigation to Cortex-X4
fix(security): enable WORKAROUND_CVE_2024_7881 build option

show more ...

fix(security): apply SMCCC_ARCH_WORKAROUND_4 to affected cpus

This patch implements SMCCC_ARCH_WORKAROUND_4 and
allows discovery through SMCCC_ARCH_FEATURES.
This mechanism is enabled if CVE_2024_78

fix(security): apply SMCCC_ARCH_WORKAROUND_4 to affected cpus

This patch implements SMCCC_ARCH_WORKAROUND_4 and
allows discovery through SMCCC_ARCH_FEATURES.
This mechanism is enabled if CVE_2024_7881 [1] is enabled
by the platform. If CVE_2024_7881 mitigation
is implemented, the discovery call returns 0,
if not -1 (SMC_ARCH_CALL_NOT_SUPPORTED).

For more information about SMCCC_ARCH_WORKAROUND_4 [2], please
refer to the SMCCC Specification reference provided below.

[1]: https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-7881
[2]: https://developer.arm.com/documentation/den0028/latest

Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I1b1ffaa1f806f07472fd79d5525f81764d99bc79

show more ...

Merge changes from topic "bk/smccc_feature" into integration

* changes:
feat(smccc): implement SMCCC_ARCH_FEATURE_AVAILABILITY
refactor(cm): clean up per-world context
refactor(cm): change own

Merge changes from topic "bk/smccc_feature" into integration

* changes:
feat(smccc): implement SMCCC_ARCH_FEATURE_AVAILABILITY
refactor(cm): clean up per-world context
refactor(cm): change owning security state when a feature is disabled

show more ...

feat(smccc): implement SMCCC_ARCH_FEATURE_AVAILABILITY

SMCCC_ARCH_FEATURE_AVAILABILITY [1] is a call to query firmware about
the features it is aware of and enables. This is useful when a feature
is

feat(smccc): implement SMCCC_ARCH_FEATURE_AVAILABILITY

SMCCC_ARCH_FEATURE_AVAILABILITY [1] is a call to query firmware about
the features it is aware of and enables. This is useful when a feature
is not enabled at EL3, eg due to an older FW image, but it is present in
hardware. In those cases, the EL1 ID registers do not reflect the usable
feature set and this call should provide the necessary information to
remedy that.

The call itself is very lightweight - effectively a sanitised read of
the relevant system register. Bits that are not relevant to feature
enablement are masked out and active low bits are converted to active
high.

The implementation is also very simple. All relevant, irrelevant, and
inverted bits combined into bitmasks at build time. Then at runtime the
masks are unconditionally applied to produce the right result. This
assumes that context managers will make sure that disabled features
do not have their bits set and the registers are context switched if
any fields in them make enablement ambiguous.

Features that are not yet supported in TF-A have not been added. On
debug builds, calling this function will fail an assert if any bits that
are not expected are set. In combination with CI this should allow for
this feature to to stay up to date as new architectural features are
added.

If a call for MPAM3_EL3 is made when MPAM is not enabled, the call
will return INVALID_PARAM, while if it is FEAT_STATE_CHECK, it will
return zero. This should be fairly consistent with feature detection.

The bitmask is meant to be interpreted as the logical AND of the
relevant ID registers. It would be permissible for this to return 1
while the ID returns 0. Despite this, this implementation takes steps
not to. In the general case, the two should match exactly.

Finally, it is not entirely clear whether this call replies to SMC32
requests. However, it will not, as the return values are all 64 bits.

[1]: https://developer.arm.com/documentation/den0028/galp1/?lang=en

Co-developed-by: Charlie Bareham <charlie.bareham@arm.com>
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: I1a74e7d0b3459b1396961b8fa27f84e3f0ad6a6f

show more ...

Merge changes from topic "sm/feat_detect" into integration

* changes:
refactor(cpufeat): restore functions in detect_arch_features
refactor(cpufeat): add macro to simplify is_feat_xx_present
c

Merge changes from topic "sm/feat_detect" into integration

* changes:
refactor(cpufeat): restore functions in detect_arch_features
refactor(cpufeat): add macro to simplify is_feat_xx_present
chore: simplify the macro names in ENABLE_FEAT mechanism

show more ...

chore: simplify the macro names in ENABLE_FEAT mechanism

Currently, the macros used to denote feature implementation
in hardware follow a random pattern with a few macros having
suffix as SUPPORTED

chore: simplify the macro names in ENABLE_FEAT mechanism

Currently, the macros used to denote feature implementation
in hardware follow a random pattern with a few macros having
suffix as SUPPORTED and a few using the suffix IMPLEMENTED.
This patch aligns the macro names uniformly using the suffix
IMPLEMENTED across all the features and removes unused macros
pertaining to the Enable feat mechanism.

FEAT_SUPPORTED --> FEAT_IMPLEMENTED
FEAT_NOT_SUPPORTED --> FEAT_NOT_IMPLEMENTED

Change-Id: I61bb7d154b23f677b80756a4b6a81f74b10cd24f
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>

show more ...

Merge changes I2f4961fe,I0039c724,Iaa3076c1,Ic19973a8 into integration

* changes:
feat(bl32): print entry point before exiting SP_MIN
fix(bl32): avoid clearing argument registers in RESET_TO_SP_

Merge changes I2f4961fe,I0039c724,Iaa3076c1,Ic19973a8 into integration

* changes:
feat(bl32): print entry point before exiting SP_MIN
fix(bl32): avoid clearing argument registers in RESET_TO_SP_MIN case
fix(bl32): always include arm_arch_svc in SP_MIN
fix(services): disable workaround discovery on aarch32 for now

show more ...

fix(services): disable workaround discovery on aarch32 for now

The Arm Architecture Service (arm_arch_svc) is required for SP_MIN on
AArch32 because the PSCI_FEATURES call implementation in TF-A alw

fix(services): disable workaround discovery on aarch32 for now

The Arm Architecture Service (arm_arch_svc) is required for SP_MIN on
AArch32 because the PSCI_FEATURES call implementation in TF-A always
indicates support for SMCCC_VERSION. However, currently it cannot be
built for AArch32 because all the workaround check functions
(check_wa_cve_2017_5715(), check_smccc_arch_wa3_applies(), ...)
are not implemented for AArch32.

While this should be ideally fixed at some point, disable the
SMCCC_ARCH_WORKAROUND implementations for AArch32 for now so at least
the rest of the calls can be built correctly. This still helps overall
because implementing SMCCC_VERSION is mandatory while the workaround
calls are optional.

Change-Id: Ic19973a8e4d50a97f274d4461794c117b337396b
Signed-off-by: Stephan Gerhold <stephan@gerhold.net>

show more ...

Merge changes from topic "bk/errata_refactor" into integration

* changes:
feat(cpus): wrappers to propagate AArch32 errata info
feat(cpus): add a way to automatically report errata
feat(cpus):

Merge changes from topic "bk/errata_refactor" into integration

* changes:
feat(cpus): wrappers to propagate AArch32 errata info
feat(cpus): add a way to automatically report errata
feat(cpus): add a concise way to implement AArch64 errata
refactor(cpus): convert print_errata_status to C
refactor(cpus): rename errata_report.h to errata.h
refactor(cpus): move cpu_ops field defines to a header

show more ...

refactor(cpus): rename errata_report.h to errata.h

The ERRATA_XXX macros, used in cpu_helpers.S, are necessary for the
check_errata_xxx family of functions. The CPU_REV should be used in the
cpu fil

refactor(cpus): rename errata_report.h to errata.h

The ERRATA_XXX macros, used in cpu_helpers.S, are necessary for the
check_errata_xxx family of functions. The CPU_REV should be used in the
cpu files but for whatever reason the values have been hard-coded so far
(at the cost of readability). It's evident this file is not strictly for
status reporting.

The new purpose of this file is to make it a one-stop-shop for all
things errata.

Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: I1ce22dd36df5aa0bcfc5f2772251f91af8703dfb

show more ...

Merge changes from topic "spectre_bhb" into integration

* changes:
fix(security): apply SMCCC_ARCH_WORKAROUND_3 to A73/A75/A72/A57
fix(security): workaround for CVE-2022-23960 for Cortex-A57, Co

Merge changes from topic "spectre_bhb" into integration

* changes:
fix(security): apply SMCCC_ARCH_WORKAROUND_3 to A73/A75/A72/A57
fix(security): workaround for CVE-2022-23960 for Cortex-A57, Cortex-A72
fix(fvp): disable reclaiming init code by default

show more ...