plat: imx8mm: Add in BL2 with FIP

Adds bl2 with FIP to the build required for mbed Linux booting where
we do:

BootROM -> SPL -> BL2 -> OPTEE -> u-boot

If NEED_BL2 is specified then BL2 will be bui

plat: imx8mm: Add in BL2 with FIP

Adds bl2 with FIP to the build required for mbed Linux booting where
we do:

BootROM -> SPL -> BL2 -> OPTEE -> u-boot

If NEED_BL2 is specified then BL2 will be built and BL31 will have
its address range modified upwards to accommodate. BL31 must be
loaded from a FIP in this case.

If NEED_BL2 is not specified then the current BL31 boot flow is
unaffected and u-boot SPL will load and execute BL31 directly.

Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Signed-off-by: Ying-Chun Liu (PaulLiu) <paulliu@debian.org>
Change-Id: I655343b3b689b1fc57cfbedda4d3dc2fbd549a96

show more ...

plat: imx8mm: Add image load logic for TBBR FIP booting

Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Signed-off-by: Ying-Chun Liu (PaulLiu) <paulliu@debian.org>
Change-Id: I0557ce6d0

plat: imx8mm: Add image load logic for TBBR FIP booting

Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Signed-off-by: Ying-Chun Liu (PaulLiu) <paulliu@debian.org>
Change-Id: I0557ce6d0aa5ab321cac1ee25280b96762024396

show more ...

plat: imx8mm: Enable Trusted Boot

This patch enables Trusted Boot on the i.MX8MM with BL2 doing image
verification from a FIP prior to hand-over to BL31.

Signed-off-by: Bryan O'Donoghue <bryan.odon

plat: imx8mm: Enable Trusted Boot

This patch enables Trusted Boot on the i.MX8MM with BL2 doing image
verification from a FIP prior to hand-over to BL31.

Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Signed-off-by: Ying-Chun Liu (PaulLiu) <paulliu@debian.org>
Change-Id: I3c22783a5c49544d0bace8ef3724784b9b7cc64a

show more ...

plat: imx8mm: Add initial defintions to facilitate FIP layout

Adds a number of definitions consistent with the established WaRP7
equivalents specifying number of io_handles and block devices.

Signe

plat: imx8mm: Add initial defintions to facilitate FIP layout

Adds a number of definitions consistent with the established WaRP7
equivalents specifying number of io_handles and block devices.

Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Signed-off-by: Ying-Chun Liu (PaulLiu) <paulliu@debian.org>
Change-Id: If1d7ef1ad3ac3dfc860f949392c7534ce8d206e3

show more ...

plat: imx8mm: Add image io-storage logic for TBBR FIP booting

Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Signed-off-by: Ying-Chun Liu (PaulLiu) <paulliu@debian.org>
Change-Id: I983

plat: imx8mm: Add image io-storage logic for TBBR FIP booting

Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Signed-off-by: Ying-Chun Liu (PaulLiu) <paulliu@debian.org>
Change-Id: I9833a54d0938d70886ac88b1922b17edf1dee8e0

show more ...

plat: imx8mm: Add imx8mm_private.h to the build

Allows for exporting of FIP related methods cleanly in a private header.

Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Signed-off-by:

plat: imx8mm: Add imx8mm_private.h to the build

Allows for exporting of FIP related methods cleanly in a private header.

Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
Signed-off-by: Ying-Chun Liu (PaulLiu) <paulliu@debian.org>
Change-Id: I8523f1370312ed22ff7ca710cd916be52f725e3c

show more ...

stm32mp1: add TZC400 interrupt management

TZC400 is configured to raise an interrupt in case of faulty access.
Call the new added tzc400_it_handler, in case this interrupt occurs.

Change-Id: Iaf4fa

stm32mp1: add TZC400 interrupt management

TZC400 is configured to raise an interrupt in case of faulty access.
Call the new added tzc400_it_handler, in case this interrupt occurs.

Change-Id: Iaf4fa408a8eff99498042e11e2d6177bad39868c
Signed-off-by: Yann Gautier <yann.gautier@st.com>

show more ...

stm32mp1: use TZC400 macro to describe filters

On STM32MP15, only filters 0 and 1 are used.
Use TZC_400_REGION_ATTR_FILTER_BIT() macro for those 2 filters 0 and 1
instead of U(3).

Change-Id: Ibc618

stm32mp1: use TZC400 macro to describe filters

On STM32MP15, only filters 0 and 1 are used.
Use TZC_400_REGION_ATTR_FILTER_BIT() macro for those 2 filters 0 and 1
instead of U(3).

Change-Id: Ibc61823842ade680f59d5b66b8db59b6a30080e4
Signed-off-by: Yann Gautier <yann.gautier@st.com>

show more ...

tzc400: add support for interrupts

A new function tzc400_it_handler() is created to manage TZC400
interrupts. The required helpers to read and clear interrupts are added
as well.
In case DEBUG is en

tzc400: add support for interrupts

A new function tzc400_it_handler() is created to manage TZC400
interrupts. The required helpers to read and clear interrupts are added
as well.
In case DEBUG is enabled, more information about the faulty access
(address, NSAID, type of access) is displayed.

Change-Id: Ie9ab1c199a8f12b2c9472d7120efbdf35711284a
Signed-off-by: Yann Gautier <yann.gautier@st.com>

show more ...

Merge "SPM: Fix error codes size in SPMD handler" into integration

rpi4: Switch to gicv2.mk and GICV2_SOURCES

Addresses the deprecation warning produced by
drivers/arm/gic/common/gic_common.c.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Change-Id: I1a3ff483

rpi4: Switch to gicv2.mk and GICV2_SOURCES

Addresses the deprecation warning produced by
drivers/arm/gic/common/gic_common.c.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Change-Id: I1a3ff4835d0f94c74b405db10622e99875ded82b

show more ...

Merge "plat: xilinx: versal: Mark IPI calls secure/non-secure" into integration

plat: xilinx: versal: Mark IPI calls secure/non-secure

BIT24 of IPI command header is used to determine if caller is
secure or non-secure.

Mark BIT24 of IPI command header as non-secure if SMC call

plat: xilinx: versal: Mark IPI calls secure/non-secure

BIT24 of IPI command header is used to determine if caller is
secure or non-secure.

Mark BIT24 of IPI command header as non-secure if SMC caller
is non-secure.

Signed-off-by: Tejas Patel <tejas.patel@xilinx.com>
Signed-off-by: Abhyuday Godhasara <abhyuday.godhasara@xilinx.com>
Change-Id: Iec25af8f4b202093f58e858ee47cd9cd46890267

show more ...

SPM: Fix error codes size in SPMD handler

FF-A specification states that error codes should be typed int32_t.
SPMD's uses uint64_t for return values, which if assigned with a signed
type would have

SPM: Fix error codes size in SPMD handler

FF-A specification states that error codes should be typed int32_t.
SPMD's uses uint64_t for return values, which if assigned with a signed
type would have sign extension, and change the size of the return from
32-bit to 64-bit.

Signed-off-by: J-Alves <joao.alves@arm.com>
Change-Id: I288ab2ffec8330a2fe1f21df14e22c34bd83ced3

show more ...

plat/allwinner: do not setup 'disabled' regulators

If a PMIC regulator has its DT node disabled, leave the regulator off.

Change-Id: I895f740328e8f11d485829c3a89a9b9f8e5644be
Signed-off-by: Roman B

plat/allwinner: do not setup 'disabled' regulators

If a PMIC regulator has its DT node disabled, leave the regulator off.

Change-Id: I895f740328e8f11d485829c3a89a9b9f8e5644be
Signed-off-by: Roman Beranek <roman.beranek@prusa3d.com>

show more ...

Merge "Bug fix in tspd interrupt handling when TSP_NS_INTR_ASYNC_PREEMPT is enabled" into integration

Merge "tools_share/uuid: Add EFI_GUID representation" into integration

Merge "plat: xilinx: versal: Remove cortex-a53 compilation" into integration

Bug fix in tspd interrupt handling when TSP_NS_INTR_ASYNC_PREEMPT is enabled

Typically, interrupts for a specific security state get handled in the
same security execption level if the execution is

Bug fix in tspd interrupt handling when TSP_NS_INTR_ASYNC_PREEMPT is enabled

Typically, interrupts for a specific security state get handled in the
same security execption level if the execution is in the same security
state. For example, if a non-secure interrupt gets fired when CPU is
executing in NS-EL2 it gets handled in the non-secure world.

However, interrupts belonging to the opposite security state typically
demand a world(context) switch. This is inline with the security
principle which states a secure interrupt has to be handled in the
secure world. Hence, the TSPD in EL3 expects the context(handle) for a
secure interrupt to be non-secure and vice versa.

The function "tspd_sel1_interrupt_handler" is the handler registered
for S-EL1 interrupts by the TSPD. Based on the above assumption, it
provides an assertion to validate if the interrupt originated from
non-secure world and upon success arranges entry into the TSP at
'tsp_sel1_intr_entry' for handling the interrupt.

However, a race condition between non-secure and secure interrupts can
lead to a scenario where the above assumptions do not hold true and
further leading to following assert fail.

This patch fixes the bug which causes this assert fail:

ASSERT: services/spd/tspd/tspd_main.c:105
BACKTRACE: START: assert
0: EL3: 0x400c128
1: EL3: 0x400faf8
2: EL3: 0x40099a4
3: EL3: 0x4010d54
BACKTRACE: END: assert

Change-Id: I359d30fb5dbb1429a4a3c3fff37fdc64c07e9414
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>

show more ...

Merge "plat: xilinx: Add timeout while waiting for IPI Ack" into integration

tools_share/uuid: Add EFI_GUID representation

The UEFI specification details the represenatation
for the EFI_GUID type. Add this representation to the
uuid_helper_t union type so that GUID definitio

tools_share/uuid: Add EFI_GUID representation

The UEFI specification details the represenatation
for the EFI_GUID type. Add this representation to the
uuid_helper_t union type so that GUID definitions
can be shared verbatim between UEFI and TF-A header
files.

Change-Id: Ie44ac141f70dd0025e186581d26dce1c1c29fce6
Signed-off-by: Tomas Pilar <tomas@nuviainc.com>

show more ...

Merge "mmc:prevent accessing to the released space in case of wrong usage" into integration

arch: Enable `FEAT_SB` for supported non-Armv8.5-A platforms

The speculation barrier feature (`FEAT_SB`) was introduced with and
made mandatory in the Armv8.5-A extension. It was retroactively made

arch: Enable `FEAT_SB` for supported non-Armv8.5-A platforms

The speculation barrier feature (`FEAT_SB`) was introduced with and
made mandatory in the Armv8.5-A extension. It was retroactively made
optional in prior extensions, but the checks in our code-base do not
reflect that, assuming that it is only available in Armv8.5-A or later.

This change introduces the `ENABLE_FEAT_SB` definition, which derives
support for the `sb` instruction in the assembler from the feature
flags passed to it. Note that we assume that if this feature is enabled
then all the cores in the system support it - enabling speculation
barriers for only a subset of the cores is unsupported.

Signed-off-by: Chris Kay <chris.kay@arm.com>
Change-Id: I978ed38829385b221b10ba56d49b78f4756e20ea

show more ...

Merge "tzc400: correct FAIL_CONTROL Privileged bit" into integration

mmc:prevent accessing to the released space in case of wrong usage

1.Since in mmc_init, the most of mmc_device_info passed in are temporary variables.
In order to avoid referencing the released sp

mmc:prevent accessing to the released space in case of wrong usage

1.Since in mmc_init, the most of mmc_device_info passed in are temporary variables.
In order to avoid referencing the released space on the stack when maybe MISUSED,
it`s better to use global variables to store mmc_device_info in mmc.c
2.Delete redundant;

Signed-off-by: deqi.hu@siengine.com
Change-Id: I51ae90e7f878b19b4963508b3f7ec66339015ebc

show more ...