fix(gic600): workaround for Part 1 of GIC600 erratum 2384374

GIC600 erratum 2384374 is a Category B erratum. Part 1 is fixed
in this patch, and the Part 1 failure mode is described as
'If the packet

fix(gic600): workaround for Part 1 of GIC600 erratum 2384374

GIC600 erratum 2384374 is a Category B erratum. Part 1 is fixed
in this patch, and the Part 1 failure mode is described as
'If the packet to be sent is a SET packet, then a higher priority SET
may not be sent when it should be until an unblocking event occurs.'

This is handled by calling gicv3_apply_errata_wa_2384374() in the
ehf_deactivate_priority() path, so that when EHF restores the priority
to the original priority, the interrupt packet buffered
in the GIC can be sent.

gicv3_apply_errata_wa_2384374() is the workaround for
the Part 2 of erratum 2384374 which flush packets from the GIC buffer
and is being used in this patch.

SDEN can be found here:
https://developer.arm.com/documentation/sden892601/latest/

Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I4bb6dcf86c94125cbc574e0dc5119abe43e84731

show more ...

fix(cpus): workaround for Cortex-A715 erratum 2331818

Cortex-A715 erratum 2331818 is a cat B erratum that applies to
revisions r0p0 and r1p0 and is fixed in r1p1. The workaround is to
set bit[20] of

fix(cpus): workaround for Cortex-A715 erratum 2331818

Cortex-A715 erratum 2331818 is a cat B erratum that applies to
revisions r0p0 and r1p0 and is fixed in r1p1. The workaround is to
set bit[20] of CPUACTLR2_EL1. Setting this bit is expected to have
a negligible performance impact.

SDEN can be found here:
https://developer.arm.com/documentation/SDEN2148827/latest

Change-Id: If3b1ed78b145ab6515cdd41135314350ed556381
Signed-off-by: Bipin Ravi <biprav01@u203721.austin.arm.com>

show more ...

Merge "fix(arm): move console flush/switch in common function" into integration

fix(arm): move console flush/switch in common function

There are some CI configs which apply patch on the fly to test some
unusual test scenarios. After commit c864af989 there is one patch which
doe

fix(arm): move console flush/switch in common function

There are some CI configs which apply patch on the fly to test some
unusual test scenarios. After commit c864af989 there is one patch which
does not apply cleanly into arm_bl31_plat_runtime_setup().

To fix this issue move console flush/switch into the caller of this
function.

Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I4116044d53bef349a707c977cf26d1df65200045

show more ...

fix(cpus): workaround for Cortex-A715 erratum 2420947

Cortex-A715 erratum 2420947 is a cat B erratum that applies only
to revision r1p0 and is fixed in r1p1. The workaround is to set
bit[33] of CPUA

fix(cpus): workaround for Cortex-A715 erratum 2420947

Cortex-A715 erratum 2420947 is a cat B erratum that applies only
to revision r1p0 and is fixed in r1p1. The workaround is to set
bit[33] of CPUACTLR2_EL1. This will prevent store and store-release
to merge inside the write buffer, and it is not expected to have
much performance impacts.

SDEN can be found here:
https://developer.arm.com/documentation/SDEN2148827/latest

Change-Id: I01a71b878cd958e742ff8357f8cdfbfc5625de47
Signed-off-by: Bipin Ravi <biprav01@u203721.austin.arm.com>

show more ...

Merge changes from topic "drtm1.0-updates" into integration

* changes:
feat(drtm): update DRTM version to 1.0
feat(drtm): update references to DRTM beta0
feat(drtm): for TPM features fw hash a

Merge changes from topic "drtm1.0-updates" into integration

* changes:
feat(drtm): update DRTM version to 1.0
feat(drtm): update references to DRTM beta0
feat(drtm): for TPM features fw hash algorithm should be 16-bits
feat(drtm): add ACPI table region size to the DLME header
feat(drtm): update return code if secondary PE is not off
feat(drtm): add additional return codes

show more ...

feat(tc): group components into certificates

Set the cert_id argument to group the components
into certificates. The grouping reflects the likely units
of updateability.

Signed-off-by: Tamas Ban <t

feat(tc): group components into certificates

Set the cert_id argument to group the components
into certificates. The grouping reflects the likely units
of updateability.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Ie7a1f10c84af727d0cd39e3a78b0cb59cbc2e457

show more ...

feat(dice): add cert_id argument to dpe_derive_context()

This custom argument is meant to simplify to group
components into certificates. Components with
the same cert_id contribute to the same cert

feat(dice): add cert_id argument to dpe_derive_context()

This custom argument is meant to simplify to group
components into certificates. Components with
the same cert_id contribute to the same certificate
regardless of the load order or the structure of the
derivation tree. This argument aims to flatten the tree
structure and make it easy to include branches or
subtrees in the main derivation line.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I83c4abc399616063a5eb04792d603899f7513627

show more ...

refactor(sds): modify log level for region validity

Modify the log level from WARNING to VERBOSE for the SDS region
validity check. An invalid region causes the initialization step
to fail, but norm

refactor(sds): modify log level for region validity

Modify the log level from WARNING to VERBOSE for the SDS region
validity check. An invalid region causes the initialization step
to fail, but normally it's only a temporary condition as the
actual initialization of the region (such as adding a valid region
descriptor structure) can happen asynchronously in another system
component. The goal of this tiny modification is to avoid flooding
the log with this message when we're waiting in a loop for the
region initialization to happen.

Change-Id: I180e35e25df3f31bbc816e6421ded17ba6ae1d85
Signed-off-by: David Vincze <david.vincze@arm.com>

show more ...

feat(tc): add dummy TRNG support to be able to boot pVMs

pVMs on Android 14 has a platform requirement to support
SMCCC TRNG discovery. This implementation add a
dummy TRNG support to TC2.

Signed-o

feat(tc): add dummy TRNG support to be able to boot pVMs

pVMs on Android 14 has a platform requirement to support
SMCCC TRNG discovery. This implementation add a
dummy TRNG support to TC2.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Iae0ca546cadf48a6a404ae578c7ccf5a84d057c4

show more ...

feat(tc): get the parent component provided DPE context_handle

Each client who wants to communicate with the DPE service
must own a valid context handle issued by the DPE service.
A context handle c

feat(tc): get the parent component provided DPE context_handle

Each client who wants to communicate with the DPE service
must own a valid context handle issued by the DPE service.
A context handle can be used for a single time then it will
be invalidated by the DPE service. In case of calls from
the same component, the next valid context handle is
returned in the response to a DPE command. When a component
finishes their job then the next component in the boot flow
inherits its first context handle from its parent.
How the inheritance is done can be client or
platform-dependent. It can be shared through shared
memory or be part of a DTB object passed to the next
bootloader stage.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Signed-off-by: David Vincze <david.vincze@arm.com>
Change-Id: Ic82f074f1c5b15953e78f9fa5404ed7f48674cbb

show more ...

feat(tc): share DPE context handle with child component

To be allowed to communicate with DPE service all
components must own a valid context handle. The first
valid context handle is inherited from

feat(tc): share DPE context handle with child component

To be allowed to communicate with DPE service all
components must own a valid context handle. The first
valid context handle is inherited from the parent
component via a DTB object.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Id357fab3586398b1933444e1d10d1ab6d8243ab9

show more ...

feat(tc): add DPE context handle node to device tree

Child software components are inheriting their first valid
DPE context handle from their parent components (who loaded
and measured them). The co

feat(tc): add DPE context handle node to device tree

Child software components are inheriting their first valid
DPE context handle from their parent components (who loaded
and measured them). The context handle is shared through
the device tree object the following way:
- BL1 -> BL2 via TB_FW_CONFIG
- BL2 -> BL33 via NT_FW_CONFIG

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I9bf7808fb13a310ad7ca1895674a0c7e6725e08b

show more ...

feat(tc): add DPE backend to the measured boot framework

The client platform relies on the DICE attestation
scheme. RSS provides the DICE Protection Environment
(DPE) service. TF-A measured boot fra

feat(tc): add DPE backend to the measured boot framework

The client platform relies on the DICE attestation
scheme. RSS provides the DICE Protection Environment
(DPE) service. TF-A measured boot framework supports
multiple backends. A given platform always enables
the corresponding backend which is required by the
attestation scheme.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Idc3360d0d7216e4859e99b5db3d377407e0aeee5

show more ...

Merge "docs(maintainers): add myself as SynQuacer platform co-maintainer" into integration

feat(auth): add explicit entries for key OIDs

Key-OIDs that authenticate SCP_BL2, BL32, BL33,
Trusted FW config and Non-trusted FW config images
have been explicitly entered.
Implementations of sign

feat(auth): add explicit entries for key OIDs

Key-OIDs that authenticate SCP_BL2, BL32, BL33,
Trusted FW config and Non-trusted FW config images
have been explicitly entered.
Implementations of signer-ID consume these entries.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Icfb4a4920792c475a92d190837fb24090a57ef89

show more ...

feat(dice): add DPE driver to measured boot

Implement a DPE specific backend within the
generic measured boot framework.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Ia3a0eac0ee6f7b4b337

feat(dice): add DPE driver to measured boot

Implement a DPE specific backend within the
generic measured boot framework.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Ia3a0eac0ee6f7b4b337a93d08286613e7c8186b4

show more ...

feat(dice): add client API for DICE Protection Environment

RSS provides the DICE Protection Environment
service (DPE). It partially implements the
DPE specification from TCG.

As a DPE profile, it s

feat(dice): add client API for DICE Protection Environment

RSS provides the DICE Protection Environment
service (DPE). It partially implements the
DPE specification from TCG.

As a DPE profile, it supports the
Open Profile for DICE specification.
https://pigweed.googlesource.com/open-dice/+/refs/heads/main/docs/specification.md

In order to communicate with the service, commands
must be CBOR encoded.
The API implementation:
- Expose a C API to the upper layer,
- Do the CBOR encoding, decoding of the DPE
commands,
- Rely on the PSA framework to communicate
with the RSS through an MHU.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I26a08f0c7cbffe07e725a7defbb6c60fd7735efe

show more ...

feat(dice): add QCBOR library as a dependency of DPE

DPE commands are CBOR encoded. QCBOR library is used
in TF-A for CBOR encoding.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Ifd01e1e

feat(dice): add QCBOR library as a dependency of DPE

DPE commands are CBOR encoded. QCBOR library is used
in TF-A for CBOR encoding.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Ifd01e1e6e1477cf991e765b97c446684fc6ef9b9

show more ...

feat(dice): add typedefs from the Open DICE repo

The DPE implementation in RSS is aligned with the
Open Profile for DICE specification:
https://pigweed.googlesource.com/open-dice/

Type definitions

feat(dice): add typedefs from the Open DICE repo

The DPE implementation in RSS is aligned with the
Open Profile for DICE specification:
https://pigweed.googlesource.com/open-dice/

Type definitions are needed to specify the input
values for the DPE service. Instead of mandating to
clone the entire open-dice repo, the following file
is copied from the repository:
https://pigweed.googlesource.com/open-dice/+/refs/heads/main/include/dice/dice.h
Git SHA of the source version: cf549422e39da872d64993be944099ac62ba22a9

This is external code, with Apache 2.0 license, therefore
the license.rst is updated accordingly and a copy of this
license is also added.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Signed-off-by: David Vincze <david.vincze@arm.com>
Change-Id: Ie84b8483034819d1143fe0ec812e66514ac7d4cb

show more ...

docs(changelog): add 'dice' scope

To cover the DICE related works such as
DICE Protection Environment (DPE) integration
with the measurd boot framework.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>

docs(changelog): add 'dice' scope

To cover the DICE related works such as
DICE Protection Environment (DPE) integration
with the measurd boot framework.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I9769b7bddbd1d269705ebff1d15870ab928fd8ef

show more ...

refactor(tc): align image identifier string macros

Macros were renamed, align with new names.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Id7a556da34381618577fed4039d9ca957754cd7c

refactor(fvp): align image identifier string macros

Macros were renamed, align with new names.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I85d03164f580d9c41b7955482914d20188e559e5

refactor(imx8m): align image identifier string macros

Macros were renamed, align with new names.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: I26be3bc52e176898700568fab5f6c19678978797

refactor(qemu): align image identifier string macros

Macros were renamed, align with new names.

Signed-off-by: Tamas Ban <tamas.ban@arm.com>
Change-Id: Iefcbf4aac9ce4b21f49a633749703f93d4e34250