refactor(bl31): use elx_panic for sysreg_handler64

When we reach sysreg_handler64 from any trap handling we are entering
this path from lower EL and thus we should be calling lower_el_panic
reportin

refactor(bl31): use elx_panic for sysreg_handler64

When we reach sysreg_handler64 from any trap handling we are entering
this path from lower EL and thus we should be calling lower_el_panic
reporting mechanism to print panic report.

Make report_elx_panic available through assembly func elx_panic which
could be used for reporting any lower_el_panic.

Change-Id: Ieb260cf20ea327a59db84198b2c6a6bfc9ca9537
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

Merge "docs: add interrupts-target field to sp manifest" into integration

fix(zynqmp): add bitmask for get_op_char API

As per the current functionality, there are a couple of types like
PM_OPCHAR_TYPE_TEMP, PM_OPCHAR_TYPE_POWER and PM_OPCHAR_TYPE_LATENCY
for the PM_GET_OP

fix(zynqmp): add bitmask for get_op_char API

As per the current functionality, there are a couple of types like
PM_OPCHAR_TYPE_TEMP, PM_OPCHAR_TYPE_POWER and PM_OPCHAR_TYPE_LATENCY
for the PM_GET_OP_CHARACTERISTIC EEMI API which is mismatched across
the Versal and ZynqMP platforms.

So added the bitmask functionality for PM_GET_OP_CHARACTERISTIC API
in feature check in the firmware and as part of that the firmware fill
up payload[1] with the bitmask value of supported types of the
PM_GET_OP_CHARACTERISTIC EEMI API but from TF-A based on the current
codebase it is just returning the version. So filling up the bitmask
buffer which is received from the firmware and returned the same to
the user.

Signed-off-by: Ronak Jain <ronak.jain@amd.com>
Change-Id: I2c55f3e902a5f89eed899e99a97ad9b3f0a12796

show more ...

Merge changes I51c13c52,I3358c51e into integration

* changes:
build: always prefix section names with `.`
build: communicate correct page size to linker

Merge "feat(gicv3): enlarge the range for intr_num of structure interrupt_prop_t" into integration

Merge "fix(zynqmp): panic w/o handoff structure in !JTAG" into integration

Merge "fix(zynqmp): move EM SMC range to SIP range" into integration

Merge "fix(ufs): device present (DP) field is set to '1'" into integration

refactor(aarch64): rename do_panic and el3_panic

Current panic call invokes do_panic which calls el3_panic, but now panic
handles only panic from EL3 anid clear separation to use lower_el_panic()
wh

refactor(aarch64): rename do_panic and el3_panic

Current panic call invokes do_panic which calls el3_panic, but now panic
handles only panic from EL3 anid clear separation to use lower_el_panic()
which handles panic from lower ELs.

So now we can remove do_panic and just call el3_panic for all panics.

Change-Id: I739c69271b9fb15c1176050877a9b0c0394dc739
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

refactor(aarch64): remove weak links to el3_panic

Cleanup weak links to el3_panic and restrict crash_reporting usage
to bl31.

Crash reporting is not used with bl1, bl2 and weak linkage to el3_panic

refactor(aarch64): remove weak links to el3_panic

Cleanup weak links to el3_panic and restrict crash_reporting usage
to bl31.

Crash reporting is not used with bl1, bl2 and weak linkage to el3_panic
is used, this can cause ambiguity in understanding the code so remove
this weak linkage and introduce funcs that should be used when we have
crash reporting for el3 panics.

Change-Id: Ic5c711143ba36898ef9574a078b8fa02effceb12
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

refactor(aarch64): refactor usage of elx_panic

Currently we call el3_panic for panics from EL3 and elx_panic for
panics from lower ELs.

When we boot into a rich OS environment and interact with BL3

refactor(aarch64): refactor usage of elx_panic

Currently we call el3_panic for panics from EL3 and elx_panic for
panics from lower ELs.

When we boot into a rich OS environment and interact with BL31 using
SMC/ABI calls and we can also decide to handle any lower EL panics in
EL3. Panic can occur in lower EL from rich OS or during SMC/ABI calls
after context switch to EL3.

But after booting into any rich OS we may land in panic either from
rich OS or while servicing any SMC call, here the logic to use
el3_panic or elx_panic is flawed as spsr_el3[3:0] is always EL3h
and end up in elx_panic even if panic occurred from EL3 during
SMC handling.

We try to decouple the elx_panic usage for its intended purpose,
introduce lower_el_panic which would call elx_panic, currently
lower_el_panic is called from default platform_ea_handle which
would be called due to panic from any of the lower ELs.

Also remove the weak linkage for elx_panic and rename it to
report_elx_panic which could be used with lower_el_panic.

Change-Id: I268bca89c01c60520d127ef6c7ba851460edc747
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

refactor(aarch64): cleanup HANDLE_EA_EL3_FIRST_NS usage

Remove usage of HANDLE_EA_EL3_FIRST_NS in plat_default_ea_handler

Change-Id: I2bf4788960d20a090d66cf39c7bbbdea1d3243ca
Signed-off-by: Govindr

refactor(aarch64): cleanup HANDLE_EA_EL3_FIRST_NS usage

Remove usage of HANDLE_EA_EL3_FIRST_NS in plat_default_ea_handler

Change-Id: I2bf4788960d20a090d66cf39c7bbbdea1d3243ca
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

Merge "fix(gicv3): fixed bug in the initialization of GICv3 SGIs/(E)PPIs interrupt priorities" into integration

Merge changes I63b584cf,I617f3d41 into integration

* changes:
refactor(el3_runtime): unify handle/enter_lower_el_async_ea
refactor(el3_runtime): introduce save_x30 macro

refactor(fvp): minor cleanup with TRUSTED_BOARD_BOOT

CRYPTO_SUPPORT is enabled by default when TRUSTED_BOARD_BOOT is
enabled so usage CRYPTO_SUPPORT in conjunction with TRUSTED_BOARD_BOOT
might some

refactor(fvp): minor cleanup with TRUSTED_BOARD_BOOT

CRYPTO_SUPPORT is enabled by default when TRUSTED_BOARD_BOOT is
enabled so usage CRYPTO_SUPPORT in conjunction with TRUSTED_BOARD_BOOT
might sometime be confusing to look at.

Adding minor cleanup to make it look simpler with conditions.
No functionality changes.

Change-Id: I800524d54ea56dc27b6c6da26c75a07f5f6de984
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

docs(drtm): mention DRTM_SUPPORT as an experimental build option

In spite of the fact that makefile [1] indicates that DRTM_SUPPORT is
an experimental feature, it is better to mention the same in th

docs(drtm): mention DRTM_SUPPORT as an experimental build option

In spite of the fact that makefile [1] indicates that DRTM_SUPPORT is
an experimental feature, it is better to mention the same in the
documentation of the build option as well.

[1]:
https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/Makefile#n897

Change-Id: Ibfa328ec8ed685ce715d144d979ba37e4f49f82e
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

feat(build): allow additional CFLAGS for library build

Current CFLAGS if set for library builds could impact entire build, so
allow to pass additional CFLAGs for library builds based on format
<LIBN

feat(build): allow additional CFLAGS for library build

Current CFLAGS if set for library builds could impact entire build, so
allow to pass additional CFLAGs for library builds based on format
<LIBNAME>_CFLAGS.

This support is currently needed to avoid 'redundant declaration'
error from latest mbedtls-3.3, the issue is reported to mbedtls[1]
and is under consideration to remove any redundant declarations.
But till then we have to disable that compiler option while building
for mbedtls-3.3

[1]: https://github.com/Mbed-TLS/mbedtls/issues/6910

Change-Id: Ic99af22b229f8089c82110d6545f762c14a62f5c
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

style(crypto): add braces for if statement

As per TF-A coding style[1] braces around single if statement is preferred.
Minor cleanup to adhere to it.

[1]: https://trustedfirmware-a.readthedocs.io/e

style(crypto): add braces for if statement

As per TF-A coding style[1] braces around single if statement is preferred.
Minor cleanup to adhere to it.

[1]: https://trustedfirmware-a.readthedocs.io/en/latest/process/coding-style.html#conditional-statement-bodies

Change-Id: I771fdcbf105eac9377002ac67d0615ef29440904
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

feat(fvp): increase BL1_RW and BL2 size

To support mbedtls3.3 increase BL1_RW and BL2 size rsa+ecdsa alg.

Increase both by one page size. In mbedtls3.3 numerous config options
have been tweaked and

feat(fvp): increase BL1_RW and BL2 size

To support mbedtls3.3 increase BL1_RW and BL2 size rsa+ecdsa alg.

Increase both by one page size. In mbedtls3.3 numerous config options
have been tweaked and made defaults[1] thus a small increase in size
can result for mbedtls-3.3

This size limitation is observed when we build TF-A with
TF_MBEDTLS_KEY_ALG=rsa+ecdsa this approach is used in juno as well,
so use similar approach for FVP.

[1]: https://github.com/Mbed-TLS/mbedtls/blob/development/docs/3.0-migration-guide.md

Change-Id: I8a423711ac50b3d615c1d9650086cdbca5051c8e
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

feat(mbedtls): add support for mbedtls-3.3

TF-A support for mbedtls3.x has been overdue by number of releases.
As per mbedtls support it was advised to use latest and greatest
mbedtls-3.3. But mbedt

feat(mbedtls): add support for mbedtls-3.3

TF-A support for mbedtls3.x has been overdue by number of releases.
As per mbedtls support it was advised to use latest and greatest
mbedtls-3.3. But mbedtls-3.x breaks API compatibility with
mbedtls-2.x

To maintain comptability for mbedtls-2.x and enable mbedtls-3.x
support add a functionality into makefile to determine the major version
of mbedtls and use that to selective include or compile files
that are present.

With mbedtls-3.x numerous other config changes have been done.
Some of the config options deprecated or enabled by default.
Thus we decided to introduce a new 3.x config file part of this
change for building TF-A with mbedtls-3.3.

For futher information on migrating to mbedtls 3.x refer to:
https://github.com/Mbed-TLS/mbedtls/blob/development/docs/3.0-migration-guide.md

Change-Id: Ia8106d6f526809df927d608db27fe149623258ed
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

refactor(crypto): avoid using struct mbedtls_pk_rsassa_pss_options

In preparation for supporting mbedtls 3.3, usage of
mbedtls_pk_rsassa_pss_options[1] is made private and is broken on 3.3

However

refactor(crypto): avoid using struct mbedtls_pk_rsassa_pss_options

In preparation for supporting mbedtls 3.3, usage of
mbedtls_pk_rsassa_pss_options[1] is made private and is broken on 3.3

However looking closely into the usage in 'verify_signature' function
is no hard reason behind usage of this struct and they could be easily
replaced with independent variables.

This Minor refactor to avoid using the struct mbedtls_pk_rsassa_pss_options
and use independent variable will provide compatibility with both 2.x
and 3.x

[1]: https://github.com/Mbed-TLS/mbedtls/issues/7040

Change-Id: If0107d860d11d13cba7fd5d7941e7142e70c7b11
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

refactor(mbedtls): avoid including MBEDTLS_CONFIG_FILE

Currently we include MBEDTLS_CONFIG_FILE directly and if a custom
config file is used it will included.

However from mbedtls-3.x onwards it di

refactor(mbedtls): avoid including MBEDTLS_CONFIG_FILE

Currently we include MBEDTLS_CONFIG_FILE directly and if a custom
config file is used it will included.

However from mbedtls-3.x onwards it discourages usage of
MBEDTLS_CONFIG_FILE include directly, so to resolve this and keep 2.28
compatibility include version.h which would include the custom config
file if present and also would expose us with mbedtls-major-version
number which could be used for selecting features and functions for
mbedtls 2.28 or 3.3

Change-Id: I029992311be2a38b588ebbb350875b03ea29acdb
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>

show more ...

fix(zynqmp): panic w/o handoff structure in !JTAG

In case that FSBL (or SPL) doesn't provide valid handoff structure don't
fallback to default image location. In non JTAG boot mode all the time
stru

fix(zynqmp): panic w/o handoff structure in !JTAG

In case that FSBL (or SPL) doesn't provide valid handoff structure don't
fallback to default image location. In non JTAG boot mode all the time
structure should be passed. If it is not it can be opportunity to inject
any code to default locations and start it. That's why panic in all
these cases.

Change-Id: Ib3e11e2ae9ffec7406002cce4997b12b97bdc396
Signed-off-by: Michal Simek <michal.simek@amd.com>

show more ...

fix(ufs): device present (DP) field is set to '1'

The Device Present (DP) field is set to '1' after host controller
receive 'SUCCESS' return code on the response of the DME_LINKSTARTUP UIC
CMD durin

fix(ufs): device present (DP) field is set to '1'

The Device Present (DP) field is set to '1' after host controller
receive 'SUCCESS' return code on the response of the DME_LINKSTARTUP UIC
CMD during host controller initialization.

JEDEC Standard No. 223E
Page 28

Signed-off-by: Jorge Troncoso <jatron@google.com>
Change-Id: I9db0374c1df3530d64187b9e449cde3b27d63072

show more ...

build: always prefix section names with `.`

Some of our specialized sections are not prefixed with the conventional
period. The compiler uses input section names to derive certain other
section name

build: always prefix section names with `.`

Some of our specialized sections are not prefixed with the conventional
period. The compiler uses input section names to derive certain other
section names (e.g. `.rela.text`, `.relacpu_ops`), and these can be
difficult to select in linker scripts when there is a lack of a
delimiter.

This change introduces the period prefix to all specialized section
names.

BREAKING-CHANGE: All input and output linker section names have been
prefixed with the period character, e.g. `cpu_ops` -> `.cpu_ops`.

Change-Id: I51c13c5266d5975fbd944ef4961328e72f82fc1c
Signed-off-by: Chris Kay <chris.kay@arm.com>

show more ...