| c6d43088 | 27-Jan-2026 |
Manish V Badarkhe <manish.badarkhe@arm.com> |
Merge "fix(tc): add missing platform.h include" into integration |
| 1cd04ded | 27-Jan-2026 |
Olivier Deprez <olivier.deprez@arm.com> |
Merge "docs(maintainers): add George Cherian as Marvell platforms maintainer" into integration |
| 8a389bad | 27-Jan-2026 |
Jackson Cooper-Driver <jackson.cooper-driver@arm.com> |
fix(tc): add missing platform.h include
This include is required for plat_panic_handler.
Change-Id: Ifad8ff294c396929979969a0115866030342f1f5 Signed-off-by: Jackson Cooper-Driver <jackson.cooper-dr
fix(tc): add missing platform.h include
This include is required for plat_panic_handler.
Change-Id: Ifad8ff294c396929979969a0115866030342f1f5 Signed-off-by: Jackson Cooper-Driver <jackson.cooper-driver@arm.com>
show more ...
|
| 9a017850 | 04-Jan-2026 |
Marek Vasut <marek.vasut+renesas@mailbox.org> |
fix(rcar5): prevent boot CPU hot unplug
The boot CPU runs both TFA and later also Trusted OS, which is UP and can not be migrated to another CPU. Report MIGRATE_INFO_TYPE "Uniprocessor (UP) not migr
fix(rcar5): prevent boot CPU hot unplug
The boot CPU runs both TFA and later also Trusted OS, which is UP and can not be migrated to another CPU. Report MIGRATE_INFO_TYPE "Uniprocessor (UP) not migrate capable 1" to the OS, so any attempts at CPU_OFF and MIGRATE of the boot CPU would be DENIED. This has an effect also e.g. on the Linux kernel, where it prevents stopping boot CPU (CPU0) using CPU hotplug, which must not be allowed, as it would interfere with the Trusted OS.
Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org> Change-Id: I9265115fc721e813d51f9c14e8ebe0471b12928c
show more ...
|
| b88d17a6 | 27-Jan-2026 |
Yann Gautier <yann.gautier@st.com> |
Merge "fix(mt8196): check apusys_ace_he_config address is valid" into integration |
| 31428041 | 27-Jan-2026 |
Manish V Badarkhe <manish.badarkhe@arm.com> |
Merge changes I01e59e3a,I2fe22b37,I6b1a4aca,I10bda793,I45d2b6b2, ... into integration
* changes: feat(stm32mp2): manage core 1 enabling feat(st): add stm32mp_gic_cpuif_enable/disable feat(stm3
Merge changes I01e59e3a,I2fe22b37,I6b1a4aca,I10bda793,I45d2b6b2, ... into integration
* changes: feat(stm32mp2): manage core 1 enabling feat(st): add stm32mp_gic_cpuif_enable/disable feat(stm32mp2): add a ca35ss driver feat(stm32mp2): stub PM code in serial boot feat(st): add STM32MP_SUPPORT_PM flag feat(st): disable FWU on serial boot devices
show more ...
|
| 12d80bbb | 27-Jan-2026 |
Yann Gautier <yann.gautier@st.com> |
Merge "feat(marvell): add odyssey platform header files" into integration |
| fbf9688a | 23-Jan-2026 |
Yuan-chang Hsieh <yuan-chang.hsieh@mediatek.corp-partner.google.com> |
fix(mt8196): check apusys_ace_he_config address is valid
The apusys_ace_he_config address is set by the image loaded by the kernel. The address should be verified to ensure that it is valid.
Change
fix(mt8196): check apusys_ace_he_config address is valid
The apusys_ace_he_config address is set by the image loaded by the kernel. The address should be verified to ensure that it is valid.
Change-Id: Ia811992505247944a47c7a47ae4fa0decc8f165e Signed-off-by: Yuan-chang Hsieh <yuan-chang.hsieh@mediatek.corp-partner.google.com>
show more ...
|
| 672e0a1c | 27-Jan-2026 |
Yann Gautier <yann.gautier@st.com> |
Merge changes from topic "xlnx_misra_fixes_series1" into integration
* changes: fix(versal2): fix misra rule 8.4 violation fix(versal2): fix misra rule 5.7 violations fix(versal2): fix misra r
Merge changes from topic "xlnx_misra_fixes_series1" into integration
* changes: fix(versal2): fix misra rule 8.4 violation fix(versal2): fix misra rule 5.7 violations fix(versal2): fix misra rule 18.1 violations fix(versal2): fix misra rule 10.4 violations fix(versal2): fix misra rule 10.3 violations
show more ...
|
| 28014279 | 26-Jan-2026 |
Manish V Badarkhe <manish.badarkhe@arm.com> |
Merge changes I6deddab4,I432b05b2,I4af7371d,I2318ea4b into integration
* changes: feat(rdv3): use SFCP PSA call instead of RSE comms feat(tc): use SFCP PSA call instead of RSE comms feat(tc):
Merge changes I6deddab4,I432b05b2,I4af7371d,I2318ea4b into integration
* changes: feat(rdv3): use SFCP PSA call instead of RSE comms feat(tc): use SFCP PSA call instead of RSE comms feat(tc): add tc_sfcp.c feat(sfcp): add SFCP stack and PSA call
show more ...
|
| a36ee52e | 20-Oct-2025 |
Arunachalam Ganapathy <arunachalam.ganapathy@arm.com> |
fix(arm): support FCONF when TRANSFER_LIST and RESET_BL2 is set
Enable reading HW_CONFIG device tree from transfer list entry when RESET_BL2 is enabled.
Signed-off-by: Arunachalam Ganapathy <arunac
fix(arm): support FCONF when TRANSFER_LIST and RESET_BL2 is set
Enable reading HW_CONFIG device tree from transfer list entry when RESET_BL2 is enabled.
Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com> Change-Id: Ibcd65f3946924670ede3ba354db5bc574c70b4be
show more ...
|
| 010f458e | 16-Oct-2025 |
Arunachalam Ganapathy <arunachalam.ganapathy@arm.com> |
fix(arm): update next image's ep info with the FW config address
When RESET_TO_BL2=1 and ARM_FW_CONFIG_LOAD_ENABLE=1, BL2 loads FW_CONFIG but it fails to update the next image entry point with FW co
fix(arm): update next image's ep info with the FW config address
When RESET_TO_BL2=1 and ARM_FW_CONFIG_LOAD_ENABLE=1, BL2 loads FW_CONFIG but it fails to update the next image entry point with FW config address.
This fix also enables populating HW_CONFIG from platform setup routines in BL31.
Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com> Change-Id: I86cc5e97cfdb0f18be647b867b1e1d82d53cdafd
show more ...
|
| c83fb4c3 | 26-Jan-2026 |
Marek Vasut <marek.vasut+renesas@mailbox.org> |
feat(rcar): test only for SCIF TX FIFO empty before writing the FIFO
Currently, the code tests both whether the SCIF TX FIFO is empty using TDFE bit and whether the current byte transfer ended using
feat(rcar): test only for SCIF TX FIFO empty before writing the FIFO
Currently, the code tests both whether the SCIF TX FIFO is empty using TDFE bit and whether the current byte transfer ended using TEND bit, both before and after writing the TX FIFO. Starting with Renesas RZ/A2 platform, the TEND bit is not set after the SCIF IP is reset, it is set only after the TX FIFO was written for the first time.
Relax the first test before TX FIFO is written such, that it only uses the TDFE bit to verify that the TX FIFO is empty and safe to be written, but keep both TDFE and TEND check in the second test to assure that the character was properly transmitted after it was written into the TX FIFO. This allows both current platforms and RZ/A2 and newer to share the same code.
Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org> Change-Id: I313703bd61b51b52e689fb2bb895b96096d30f22
show more ...
|
| ded1b9c7 | 21-Jan-2026 |
Marek Vasut <marek.vasut+renesas@mailbox.org> |
feat(rcar): rewrite console_renesas_register() in C
Replace assembler implementation of console_renesas_register() with matching C implementation. Since it is now easily possible to pass flags into
feat(rcar): rewrite console_renesas_register() in C
Replace assembler implementation of console_renesas_register() with matching C implementation. Since it is now easily possible to pass flags into console_renesas_register() and then onward to the console initialization, adjust the signature of console_renesas_register() and include the flags in it. Adjust both rcar_console_boot_init() and rcar_console_runtime_init() to call console_renesas_register() with its new combined set of parameters and drop console_set_scope() invocation which is no longer needed, because the flags are passed directly into console_renesas_register().
Drop console_renesas_flush() which is always a noop. Drop return value from console_renesas_init() which is always 1.
Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org> Change-Id: I1c7d1a81b6922138b6e2e80f2635fcc8558685c7
show more ...
|
| 31cc3476 | 24-Jan-2026 |
Bipin Ravi <bipin.ravi@arm.com> |
Merge changes from topic "jp/cve-2025-0647" into integration
* changes: fix(security): add CVE-2025-0647 for C1-Premium fix(security): add CVE-2025-0647 for C1-Ultra fix(security): add CVE-202
Merge changes from topic "jp/cve-2025-0647" into integration
* changes: fix(security): add CVE-2025-0647 for C1-Premium fix(security): add CVE-2025-0647 for C1-Ultra fix(security): add CVE-2025-0647 for Neoverse-V3 fix(security): add CVE-2025-0647 for Neoverse-V2 fix(security): add CVE-2025-0647 for Neoverse-N2 fix(security): add CVE-2025-0647 for Cortex-X925 fix(security): add CVE-2025-0647 for Cortex-X4 fix(security): add CVE-2025-0647 for Cortex-X3 fix(security): add CVE-2025-0647 for Cortex-X2 fix(security): add CVE-2025-0647 for Cortex-A710
show more ...
|
| 666a488b | 24-Jan-2026 |
Bipin Ravi <bipin.ravi@arm.com> |
Merge "fix(security): add workaround for CVE-2025-0647" into integration |
| 42453995 | 22-Jan-2026 |
Govindraj Raja <govindraj.raja@arm.com> |
fix(security): add CVE-2025-0647 for C1-Premium
This patch mitigates CVE-2025-0647 for C1-Premium CPU.
Arm Security Bulletin Document: https://developer.arm.com/documentation/111546
Change-Id: Iec
fix(security): add CVE-2025-0647 for C1-Premium
This patch mitigates CVE-2025-0647 for C1-Premium CPU.
Arm Security Bulletin Document: https://developer.arm.com/documentation/111546
Change-Id: Iec070b6e2a73c6218d150e32149b25ba4c94ea3a Signed-off-by: John Powell <john.powell@arm.com> Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
show more ...
|
| 416b8613 | 05-Mar-2025 |
John Powell <john.powell@arm.com> |
fix(security): add workaround for CVE-2025-0647
This workaround fixes an issue with the CPP RCTX instruction by issuing an instruction patch sequence to trap uses of the CPP RCTX instruction from EL
fix(security): add workaround for CVE-2025-0647
This workaround fixes an issue with the CPP RCTX instruction by issuing an instruction patch sequence to trap uses of the CPP RCTX instruction from EL0, EL1, and EL2 to EL3 and perform a workaround procedure using the implementation defined trap handler to ensure the correct behavior of the system. In addition, it includes an EL3 API to be used if EL3 firmware needs to use the CPP RCTX instruction. This saves the overhead of exception handling, and EL3 does not generically support trapping EL3->EL3, and adding support for that is not trivial due to the implications for context management.
The issue affects the following CPUs:
C1-Premium C1-Ultra Cortex-A710 Cortex-X2 Cortex-X3 Cortex-X4 Cortex-X925 Neoverse N2 Neoverse V2 Neoverse V3 Neoverse V3AE (handled same as V3 CPU in TF-A CPU-Lib)
Arm Security Bulletin Document: https://developer.arm.com/documentation/111546
Change-Id: I5e7589afbeb69ebb79c01bec80e29f572aff3d89 Signed-off-by: John Powell <john.powell@arm.com> Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
show more ...
|
| 2bf674ef | 22-Jan-2026 |
Govindraj Raja <govindraj.raja@arm.com> |
fix(security): add CVE-2025-0647 for C1-Ultra
This patch mitigates CVE-2025-0647 for C1-Ultra CPU.
Arm Security Bulletin Document: https://developer.arm.com/documentation/111546
Change-Id: I506007
fix(security): add CVE-2025-0647 for C1-Ultra
This patch mitigates CVE-2025-0647 for C1-Ultra CPU.
Arm Security Bulletin Document: https://developer.arm.com/documentation/111546
Change-Id: I506007ec8702b183e377be50eede72d6803b344b Signed-off-by: Govindraj Raja <govindraj.raja@arm.com> Signed-off-by: John Powell <john.powell@arm.com>
show more ...
|
| efdd8ce6 | 22-Jan-2026 |
Govindraj Raja <govindraj.raja@arm.com> |
fix(security): add CVE-2025-0647 for Neoverse-V3
This patch mitigates CVE-2025-0647 for Neoverse-V3 CPU.
Arm Security Bulletin Document: https://developer.arm.com/documentation/111546
Change-Id: I
fix(security): add CVE-2025-0647 for Neoverse-V3
This patch mitigates CVE-2025-0647 for Neoverse-V3 CPU.
Arm Security Bulletin Document: https://developer.arm.com/documentation/111546
Change-Id: Ic52ad93474c5f81e01eb4839ece726c84c3348ff Signed-off-by: John Powell <john.powell@arm.com> Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
show more ...
|
| 145603e9 | 22-Jan-2026 |
Govindraj Raja <govindraj.raja@arm.com> |
fix(security): add CVE-2025-0647 for Neoverse-V2
This patch mitigates CVE-2025-0647 for Neoverse-V2 CPU.
Arm Security Bulletin Document: https://developer.arm.com/documentation/111546
Change-Id: I
fix(security): add CVE-2025-0647 for Neoverse-V2
This patch mitigates CVE-2025-0647 for Neoverse-V2 CPU.
Arm Security Bulletin Document: https://developer.arm.com/documentation/111546
Change-Id: I7ec215a9dd168eb045366b589a02b54148f587c2 Signed-off-by: John Powell <john.powell@arm.com> Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
show more ...
|
| a142b102 | 22-Jan-2026 |
Govindraj Raja <govindraj.raja@arm.com> |
fix(security): add CVE-2025-0647 for Neoverse-N2
This patch mitigates CVE-2025-0647 for Neoverse-N2 CPU.
Arm Security Bulletin Document: https://developer.arm.com/documentation/111546
Change-Id: I
fix(security): add CVE-2025-0647 for Neoverse-N2
This patch mitigates CVE-2025-0647 for Neoverse-N2 CPU.
Arm Security Bulletin Document: https://developer.arm.com/documentation/111546
Change-Id: I366c2683cca22403d33f0761487e1ffa62e964ce Signed-off-by: Govindraj Raja <govindraj.raja@arm.com> Signed-off-by: John Powell <john.powell@arm.com>
show more ...
|
| f26fb932 | 22-Jan-2026 |
Govindraj Raja <govindraj.raja@arm.com> |
fix(security): add CVE-2025-0647 for Cortex-X925
This patch mitigates CVE-2025-0647 for Cortex-X925 CPU.
Arm Security Bulletin Document: https://developer.arm.com/documentation/111546
Change-Id: I
fix(security): add CVE-2025-0647 for Cortex-X925
This patch mitigates CVE-2025-0647 for Cortex-X925 CPU.
Arm Security Bulletin Document: https://developer.arm.com/documentation/111546
Change-Id: I4c1ac2be3620566813c90f5815ffcc7205bb5ac9 Signed-off-by: John Powell <john.powell@arm.com> Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
show more ...
|
| 680a74b1 | 22-Jan-2026 |
Govindraj Raja <govindraj.raja@arm.com> |
fix(security): add CVE-2025-0647 for Cortex-X4
This patch mitigates CVE-2025-0647 for Cortex-X4 CPU.
Arm Security Bulletin Document: https://developer.arm.com/documentation/111546
Change-Id: I585a
fix(security): add CVE-2025-0647 for Cortex-X4
This patch mitigates CVE-2025-0647 for Cortex-X4 CPU.
Arm Security Bulletin Document: https://developer.arm.com/documentation/111546
Change-Id: I585a7ea516515fe16a3eca907695728068cef611 Signed-off-by: John Powell <john.powell@arm.com> Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
show more ...
|
| 7fe900e3 | 22-Jan-2026 |
Govindraj Raja <govindraj.raja@arm.com> |
fix(security): add CVE-2025-0647 for Cortex-X3
This patch mitigates CVE-2025-0647 for Cortex-X3 CPU.
Arm Security Bulletin Document: https://developer.arm.com/documentation/111546
Change-Id: Ic276
fix(security): add CVE-2025-0647 for Cortex-X3
This patch mitigates CVE-2025-0647 for Cortex-X3 CPU.
Arm Security Bulletin Document: https://developer.arm.com/documentation/111546
Change-Id: Ic276befafc1ca0b456826532437ca453eb7717a6 Signed-off-by: John Powell <john.powell@arm.com> Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
show more ...
|