Merge changes from topic "ns/spmc_at_el3" into integration

* changes:
feat(rdn2): introduce platform handler for Group0 interrupt
feat(rdn2): add plat hook for memory transaction
feat(rdn2): i

Merge changes from topic "ns/spmc_at_el3" into integration

* changes:
feat(rdn2): introduce platform handler for Group0 interrupt
feat(rdn2): add plat hook for memory transaction
feat(rdn2): introduce accessor function to obtain datastore
feat(spm): separate StMM SP specifics to add support for a S-EL0 SP
feat(rdn2): add defines needed for spmc-el3
feat(ras): reuse SPM_MM specific defines for SPMC_AT_EL3
feat(bl31): reuse SPM_MM specific defines for SPMC_AT_EL3
feat(arm): reuse SPM_MM specific defines for SPMC_AT_EL3
feat(el3-spmc): add a flag to enable support to load SEL0 SP
refactor(spm-mm): reorganize secure partition manager shim code

show more ...

feat(rdn2): introduce platform handler for Group0 interrupt

This patch introduces a handler for RDN2 platform to triage Group0
secure interrupts. Currently, it is empty but serves as a
placeholder f

feat(rdn2): introduce platform handler for Group0 interrupt

This patch introduces a handler for RDN2 platform to triage Group0
secure interrupts. Currently, it is empty but serves as a
placeholder for future Group0 interrupt sources.

Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: If0b64e507e9105813d9a5d16f70101cf0d8ca5a4

show more ...

feat(rdn2): add plat hook for memory transaction

RdN2 does not make MEM_SHARE/LEND requests. Instead, add a dummy
implementation of memory management related platform hooks.

Signed-off-by: Nishant

feat(rdn2): add plat hook for memory transaction

RdN2 does not make MEM_SHARE/LEND requests. Instead, add a dummy
implementation of memory management related platform hooks.

Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: Ifce55b6661f03d379e2fd2dc5625200d550d8038

show more ...

feat(rdn2): introduce accessor function to obtain datastore

In order to provide the EL3 SPMC a sufficient datastore to
record memory descriptor, introduce an accessor function
so that the backing me

feat(rdn2): introduce accessor function to obtain datastore

In order to provide the EL3 SPMC a sufficient datastore to
record memory descriptor, introduce an accessor function
so that the backing memory can be allocated in a platform
defined manner to accommodate memory constraints and
desired usecases.

Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: If5842e79c2ad22ccc17362b114f47d9900d82f7e

show more ...

feat(spm): separate StMM SP specifics to add support for a S-EL0 SP

This patch separates the code from SPM_MM to get xlat table context and
move it to a common location. In addition, only APIs requi

feat(spm): separate StMM SP specifics to add support for a S-EL0 SP

This patch separates the code from SPM_MM to get xlat table context and
move it to a common location. In addition, only APIs required from both
SPM_MM and FF-A EL3 SPMC are moved to the common location.

This allows understanding better what is required to support a S-EL0 SP
instead of trying to retrofit what already exists.

Signed-off-by: Achin Gupta <achin.gupta@arm.com>
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: I142d7fbef5239869176d0de93842c66051d7ed78

show more ...

feat(rdn2): add defines needed for spmc-el3

Add the following platform specific flags to enable SPMC build.

SECURE_PARTITION_COUNT: Number of secure partitions supported
NS_PARTITION_COUNT: Number

feat(rdn2): add defines needed for spmc-el3

Add the following platform specific flags to enable SPMC build.

SECURE_PARTITION_COUNT: Number of secure partitions supported
NS_PARTITION_COUNT: Number of non secure partitions supported
MAX_EL3_LP_DESCS_COUNT: Number of logical partitions supported

Signed-off-by: Sayanta Pattanayak <sayanta.pattanayak@arm.com>
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: I33d46be9dffd0acfc088bc1701dc0b1ed92dbf46

show more ...

feat(ras): reuse SPM_MM specific defines for SPMC_AT_EL3

For EL3 SPMC configuration enabled platforms, allow the reuse of
SPM_MM specific definitions.

Signed-off-by: Nishant Sharma <nishant.sharma@

feat(ras): reuse SPM_MM specific defines for SPMC_AT_EL3

For EL3 SPMC configuration enabled platforms, allow the reuse of
SPM_MM specific definitions.

Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: Ic88db49d4f854c718d064b2c301a639fc2df2857

show more ...

feat(bl31): reuse SPM_MM specific defines for SPMC_AT_EL3

For EL3 SPMC configuration enabled platforms, allow the reuse of
SPM_MM specific definitions.

Signed-off-by: Nishant Sharma <nishant.sharma

feat(bl31): reuse SPM_MM specific defines for SPMC_AT_EL3

For EL3 SPMC configuration enabled platforms, allow the reuse of
SPM_MM specific definitions.

Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: I5ef694f7e2f6d48ec7db26f92ccb350ed537e3f1

show more ...

feat(arm): reuse SPM_MM specific defines for SPMC_AT_EL3

For EL3 SPMC configuration enabled platforms, allow the reuse of
SPM_MM specific definitions.

Signed-off-by: Sayanta Pattanayak <sayanta.pat

feat(arm): reuse SPM_MM specific defines for SPMC_AT_EL3

For EL3 SPMC configuration enabled platforms, allow the reuse of
SPM_MM specific definitions.

Signed-off-by: Sayanta Pattanayak <sayanta.pattanayak@arm.com>
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: Ia24b97343c7b8c6b22a4d54c5bb9cee2c480241f

show more ...

feat(el3-spmc): add a flag to enable support to load SEL0 SP

Introduce a build flag for enabling the support for loading SEL0 SP in
EL3 SPMC.

Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>

feat(el3-spmc): add a flag to enable support to load SEL0 SP

Introduce a build flag for enabling the support for loading SEL0 SP in
EL3 SPMC.

Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: I1d63ae4d0d8374a732113565be90d58861506e39

show more ...

refactor(spm-mm): reorganize secure partition manager shim code

In preparation for adding the support for SEL0 SP in EL3 SPMC,
restructure the existing SPM_MM shim code in a way that allows reuse
of

refactor(spm-mm): reorganize secure partition manager shim code

In preparation for adding the support for SEL0 SP in EL3 SPMC,
restructure the existing SPM_MM shim code in a way that allows reuse
of the code for both SPM_MM interface and FF-A EL3 SPMC interface. The
code for changing exception levels is identical for both.

With this restructuring of the code, the shim exception code is moved to
the common sub-directory.

Signed-off-by: Sayanta Pattanayak <sayanta.pattanayak@arm.com>
Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: Iadda9cf73f12b56e6a1d31fc21b5ba5dc355867f

show more ...

Merge "refactor(console): disable getc() by default" into integration

feat(mt8188): add EMI MPU support for SCP and DSP

1. Allow domain D8 (SCP c0) access to the region 0x50000000~0x528FFFFF.
2. Allow domain D8 (SCP c1) access to the region 0x70000000~0x729FFFFF.
3. A

feat(mt8188): add EMI MPU support for SCP and DSP

1. Allow domain D8 (SCP c0) access to the region 0x50000000~0x528FFFFF.
2. Allow domain D8 (SCP c1) access to the region 0x70000000~0x729FFFFF.
3. Allow domain D4 (DSP) access to the region 0x60000000~0x610FFFFF.

Change-Id: Iea92eebaea4d7dd2968cf51f41d07c2479168e7e
Signed-off-by: Jason Chen <Jason-ch.Chen@mediatek.com>

show more ...

refactor(console): disable getc() by default

The ability to read a character from the console constitutes an attack
vector into TF-A, as it gives attackers a means to inject arbitrary
data into TF-A

refactor(console): disable getc() by default

The ability to read a character from the console constitutes an attack
vector into TF-A, as it gives attackers a means to inject arbitrary
data into TF-A. It is dangerous to keep that feature enabled if not
strictly necessary, especially in production firmware builds.

Thus, we need a way to disable this feature. Moreover, when it is
disabled, all related code should be eliminated from the firmware
binaries, such that no remnant/dead getc() code remains in memory,
which could otherwise be used as a gadget as part of a bigger security
attack.

This patch disables getc() feature by default. For legitimate getc()
use cases [1], it can be explicitly enabled by building TF-A with
ENABLE_CONSOLE_GETC=1.

The following changes are introduced when getc() is disabled:

- The multi-console framework no longer provides the console_getc()
function.

- If the console driver selected by the platform attempts to register
a getc() callback into the multi-console framework then TF-A will
now fail to build.

If registered through the assembly function finish_console_register():
- On AArch64, you'll get:
Error: undefined symbol CONSOLE_T_GETC used as an immediate value.
- On AArch32, you'll get:
Error: internal_relocation (type: OFFSET_IMM) not fixed up

If registered through the C function console_register(), this requires
populating a struct console with a getc field, which will trigger:
error: 'console_t' {aka 'struct console'} has no member named 'getc'

- All console drivers which previously registered a getc() callback
have been modified to do so only when ENABLE_CONSOLE_GETC=1.

[1] Example of such use cases would be:
- Firmware recovery: retrieving a golden BL2 image over the console in
order to repair a broken firmware on a bricked board.
- Factory CLI tool: Drive some soak tests through the console.

Discussed on TF-A mailing list here:
https://lists.trustedfirmware.org/archives/list/tf-a@lists.trustedfirmware.org/thread/YS7F6RCNTWBTEOBLAXIRTXWIOYINVRW7/

Change-Id: Icb412304cd23dbdd7662df7cf8992267b7975cc5
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Acked-by: Baruch Siach <baruch@tkos.co.il>

show more ...

Merge "docs(build): update GCC to 12.3.Rel1 version" into integration

feat(versal-net): retrieval of console information from dtb

Introduces functionality to retrieve console information from the
device tree (DTB) and use it in TF-A code.

Comparing early console info

feat(versal-net): retrieval of console information from dtb

Introduces functionality to retrieve console information from the
device tree (DTB) and use it in TF-A code.

Comparing early console information and the data populated from
the DTB. In case of a mistmatch, the changes takes care of
unregistering the build time console configuration and registering the
DTB-based console.

Reorganizes the console configuration setup in BL31 by moving it to a
dedicated function called setup_console() in the plat_console.c
file. This change improves code readability by isolating console-
related settings, making it easier to manage and extend the console
configuration in the future.

Signed-off-by: Prasad Kummari <prasad.kummari@amd.com>
Change-Id: I7b6ebad0e91133ab5fbda8f3a8663abfb6dd2458

show more ...

feat(versal): retrieval of console information from dtb

Introduces functionality to retrieve console information from the
device tree (DTB) and use it in TF-A code.

Comparing early console informat

feat(versal): retrieval of console information from dtb

Introduces functionality to retrieve console information from the
device tree (DTB) and use it in TF-A code.

Comparing early console information and the data populated from
the DTB. In case of a mistmatch, the changes takes care of
unregistering the build time console configuration and registering the
DTB-based console.

Reorganizes the console configuration setup in BL31 by moving it to a
dedicated function called setup_console() in the plat_console.c
file. This change improves code readability by isolating console-related
settings, making it easier to manage and extend the console
configuration in the future.

Signed-off-by: Prasad Kummari <prasad.kummari@amd.com>
Change-Id: I617c846d753e73d2433edf15b3286f1a650f01b3

show more ...

refactor(xilinx): create generic function for clock retrieval

Refactors the code in the AMD-Xilinx platform for Versal and Versal NET
to create a more generic function for obtaining clock signals
fr

refactor(xilinx): create generic function for clock retrieval

Refactors the code in the AMD-Xilinx platform for Versal and Versal NET
to create a more generic function for obtaining clock signals
from the platform. The new function get_uart_clk is specific to each
platform and providing greater flexibility for clock signal retrieval
in various parts of the codebase.

Signed-off-by: Prasad Kummari <prasad.kummari@amd.com>
Change-Id: Iff67315339b2651c9bea73af0d89fcbad2bb332a

show more ...

feat(zynqmp): retrieval of console information from dtb

Introduces functionality to retrieve console information from the
device tree (DTB) and use it in TF-A code.

With fdt_get_stdout_node_offset(

feat(zynqmp): retrieval of console information from dtb

Introduces functionality to retrieve console information from the
device tree (DTB) and use it in TF-A code.

With fdt_get_stdout_node_offset() function, which reads the 'secure-chosen'
first,'chosen' and 'stdout-path' properties from the DTB, providing a
convenient and standardized way to access serial console information.

Implemented a comparison mechanism between early console information
and the data populated from the DTB. In case of a mismatch, the commit
takes care of unregistering the build-time console configuration and
registering the DTB-based console.

Reorganizes the console configuration setup in BL31 by moving it to a
dedicated function called setup_console() in the plat_console.c
file. This change improves code readability by isolating
console-related settings, making it easier to manage and extend the
console configuration in the future.

Signed-off-by: Prasad Kummari <prasad.kummari@amd.com>
Change-Id: I857042fc0fb8f070bbc11f6b47aa57a72fbe5392

show more ...

Merge changes I9c2bf78a,Iaff5f1fa,I44686a36 into integration

* changes:
fix(imx8m): map BL32 memory only if SPD_opteed or SPD_trusty is enabled
feat(imx8mn): add workaround for errata ERR050362

Merge changes I9c2bf78a,Iaff5f1fa,I44686a36 into integration

* changes:
fix(imx8m): map BL32 memory only if SPD_opteed or SPD_trusty is enabled
feat(imx8mn): add workaround for errata ERR050362
feat(imx8m): enable snvs privileged registers access

show more ...

docs(build): update GCC to 12.3.Rel1 version

Updating toolchain to the latest production release version
12.3.Rel1 publicly available on:
https://developer.arm.com/downloads/-/arm-gnu-toolchain-down

docs(build): update GCC to 12.3.Rel1 version

Updating toolchain to the latest production release version
12.3.Rel1 publicly available on:
https://developer.arm.com/downloads/-/arm-gnu-toolchain-downloads

We build TF-A in CI using x86_64 Linux hosted cross toolchains:
---------------------------------------------------------------
* AArch32 bare-metal target (arm-none-eabi)
* AArch64 bare-metal target (aarch64-none-elf)

Change-Id: Ifcabb7fb9d8e13b87e164c3c1be8c8d32c31b49a
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>

show more ...

Merge changes from topic "refactor_prepare_dtb" into integration

* changes:
refactor(zynqmp): use common code for prepare_dtb
refactor(xilinx): remove multiple return paths in prepare_dtb

refactor(zynqmp): use common code for prepare_dtb

use common code definition and remove zynqmp local definition
for prepare_dtb in dtb flows.

Change-Id: I362b90b96852e9afccc8a2e23d3b7f709280fba7
Si

refactor(zynqmp): use common code for prepare_dtb

use common code definition and remove zynqmp local definition
for prepare_dtb in dtb flows.

Change-Id: I362b90b96852e9afccc8a2e23d3b7f709280fba7
Signed-off-by: Amit Nagal <amit.nagal@amd.com>

show more ...

refactor(xilinx): remove multiple return paths in prepare_dtb

presence of multiple return path in prepare_dtb results in misra c
violation 15.5: this return statement is not the final statement
in t

refactor(xilinx): remove multiple return paths in prepare_dtb

presence of multiple return path in prepare_dtb results in misra c
violation 15.5: this return statement is not the final statement
in the compound statement that forms the body of the function.
prepare_dtb is refactored to address the same.

Change-Id: I17ca4314202d6ca8d6fb0c4ea2ed9d31a152371b
Signed-off-by: Amit Nagal <amit.nagal@amd.com>

show more ...

Merge changes from topic "bk/context_refactor" into integration

* changes:
refactor(cm): enable S-EL2 globally for all contexts
refactor(cm): remove world differentiation for EL2 context restore

Merge changes from topic "bk/context_refactor" into integration

* changes:
refactor(cm): enable S-EL2 globally for all contexts
refactor(cm): remove world differentiation for EL2 context restore
fix(cm): make ICC_SRE_EL2 fixup generic to all worlds
refactor(cm): clean up SCR_EL3 and CPTR_EL3 initialization

show more ...