Revert "feat(sgi): route TF-A logs via secure uart"

Revert submission 14286-uart_segregation

Reason for revert: Need to wait for companion patches in CI and UEFI/Linux to be upstreamed.

Reverted C

Revert "feat(sgi): route TF-A logs via secure uart"

Revert submission 14286-uart_segregation

Reason for revert: Need to wait for companion patches in CI and UEFI/Linux to be upstreamed.

Reverted Changes:
I8574b31d5:feat(sgi): add page table translation entry for se...
I8896ae05e:feat(sgi): route TF-A logs via secure uart
I39170848e:feat(sgi): deviate from arm css common uart relate...

Change-Id: I7c488aed9fcb70c55686d705431b3fe017b8927d

show more ...

Revert "feat(sgi): add page table translation entry for secure uart"

Revert submission 14286-uart_segregation

Reason for revert: Need to wait for companion patches in CI and UEFI/Linux to be upstre

Revert "feat(sgi): add page table translation entry for secure uart"

Revert submission 14286-uart_segregation

Reason for revert: Need to wait for companion patches in CI and UEFI/Linux to be upstreamed.

Reverted Changes:
I8574b31d5:feat(sgi): add page table translation entry for se...
I8896ae05e:feat(sgi): route TF-A logs via secure uart
I39170848e:feat(sgi): deviate from arm css common uart relate...

Change-Id: I9bec02496f826e184c6efa643f869b2eb3b52539

show more ...

Merge "fix(st): don't try to read boot partition on SD cards" into integration

feat(mt8186): add DFD control in SiP service

DFD (Design for Debug) is a debugging tool, which scans flip-flops and
dumps to internal RAM on the WDT reset. After system reboots, those
values could b

feat(mt8186): add DFD control in SiP service

DFD (Design for Debug) is a debugging tool, which scans flip-flops and
dumps to internal RAM on the WDT reset. After system reboots, those
values could be showed for debugging.

BUG=b:222217317
TEST=build pass

Signed-off-by: Rex-BC Chen <rex-bc.chen@mediatek.com>
Change-Id: I659ea1e0789cf135a71a13b752edaa35123e0941

show more ...

fix(st): don't try to read boot partition on SD cards

When trying to boot from an SD card with STM32MP_EMMC_BOOT enabled,
booting fails with:

ERROR: Got unexpected value for active boot partitio

fix(st): don't try to read boot partition on SD cards

When trying to boot from an SD card with STM32MP_EMMC_BOOT enabled,
booting fails with:

ERROR: Got unexpected value for active boot partition, 0
ASSERT: plat/st/common/bl2_stm32_io_storage.c:285

because SD cards don't provide a boot partition. So only try reading
from such a partition when booting from eMMC.

Fixes: 214c8a8d08b2 ("feat(plat/st): add STM32MP_EMMC_BOOT option")
Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
Change-Id: I354b737a3ae3ea577e83dfeb7096df22275d852d

show more ...

Merge "fix(brcm): allow build to specify mbedTLS absolute path" into integration

fix(security): loop workaround for CVE-2022-23960 for Cortex-A76

Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: I8d433b39a5c0f9e1cef978df8a2986d7a35d3745

refactor(el3-runtime): change Cortex-A76 implementation of CVE-2018-3639

Re-factored the prior implementation of workaround for CVE-2018-3639
using branch and link instruction to save vector space t

refactor(el3-runtime): change Cortex-A76 implementation of CVE-2018-3639

Re-factored the prior implementation of workaround for CVE-2018-3639
using branch and link instruction to save vector space to include the
workaround for CVE-2022-23960.

Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: Ib3fe949583160429b5de8f0a4a8e623eb91d87d4

show more ...

fix(security): workaround for CVE-2022-23960

Implements the loop workaround for Cortex-A77, Cortex-A78,
Cortex-A710, Cortex-X2, Neoverse N1, Neoverse N2 and Neoverse V1
CPUs.

Signed-off-by: Bipin R

fix(security): workaround for CVE-2022-23960

Implements the loop workaround for Cortex-A77, Cortex-A78,
Cortex-A710, Cortex-X2, Neoverse N1, Neoverse N2 and Neoverse V1
CPUs.

Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: I11d342df7a2068a15e18f4974c645af3b341235b

show more ...

Merge "fix(fvp): op-tee sp manifest doesn't map gicd" into integration

Merge "fix(fvp): FCONF Trace Not Shown" into integration

Merge changes from topic "uart_segregation" into integration

* changes:
feat(sgi): add page table translation entry for secure uart
feat(sgi): route TF-A logs via secure uart
feat(sgi): deviat

Merge changes from topic "uart_segregation" into integration

* changes:
feat(sgi): add page table translation entry for secure uart
feat(sgi): route TF-A logs via secure uart
feat(sgi): deviate from arm css common uart related definitions

show more ...

fix(brcm): allow build to specify mbedTLS absolute path

Updated makefile so that build can accept absolute mbedTLS path.

Change-Id: Ife73266a01d7ed938aafc5e370240023237ebf61
Signed-off-by: Manish V

fix(brcm): allow build to specify mbedTLS absolute path

Updated makefile so that build can accept absolute mbedTLS path.

Change-Id: Ife73266a01d7ed938aafc5e370240023237ebf61
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

show more ...

fix(fvp): FCONF Trace Not Shown

Updating call order for arm_console_boot_init() and arm_bl31_early_platform_setup().

Signed-off-by:  Juan Pablo Conde <juanpablo.conde@arm.com>
Change-Id: If932fff2

fix(fvp): FCONF Trace Not Shown

Updating call order for arm_console_boot_init() and arm_bl31_early_platform_setup().

Signed-off-by:  Juan Pablo Conde <juanpablo.conde@arm.com>
Change-Id: If932fff2ee4282a0aacf8751fa81e7665b886467

show more ...

Merge "fix(brcm): fix the build failure with mbedTLS config" into integration

Merge "fix(gpt_rme): rework delegating/undelegating sequence" into integration

fix(brcm): fix the build failure with mbedTLS config

Patch [1] introduces a mechanism to provide the platform
specified mbedTLS config file, but that result in build failure
for Broadcom platform.
T

fix(brcm): fix the build failure with mbedTLS config

Patch [1] introduces a mechanism to provide the platform
specified mbedTLS config file, but that result in build failure
for Broadcom platform.
This build failure is due to the absence of the mbedTLS configuration
file i.e. brcm_mbedtls_config.h in the TF-A source code repository.
"fatal error: brcm_mbedtls_config.h: No such file or directory"

This problem was resolved by removing the 'brcm_mbedtls_config.h' entry
from the broadcom platform makefile, allowing this platform to use
the default mbedtls_config.h file.

[1]: https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/13726

Signed-off-by: Manish V Badarkhe <manish.badarkhe@arm.com>
Change-Id: I7cc2efc049aefd3ebce1ae513df9b265fe31ded6

show more ...

feat(sgi): add page table translation entry for secure uart

Add page table translation entry for secure uart so that logs from
secure partition can be routed via the same.

Signed-off-by: Rohit Math

feat(sgi): add page table translation entry for secure uart

Add page table translation entry for secure uart so that logs from
secure partition can be routed via the same.

Signed-off-by: Rohit Mathew <rohit.mathew@arm.com>
Change-Id: I8574b31d5d138d9f94972deb903124f8c5b70ce4

show more ...

feat(sgi): route TF-A logs via secure uart

Route the boot, runtime and crash stage logs via secure UART port
instead of the existing use of non-secure UART. This aligns with the
security state the P

feat(sgi): route TF-A logs via secure uart

Route the boot, runtime and crash stage logs via secure UART port
instead of the existing use of non-secure UART. This aligns with the
security state the PE is in when logs are put out. In addition to this,
this allows consolidation of the UART related macros across all the
variants of the Neoverse reference design platforms.

Signed-off-by: Rohit Mathew <rohit.mathew@arm.com>
Change-Id: I8896ae05eaedf06dead520659375af0329f31015

show more ...

feat(sgi): deviate from arm css common uart related definitions

The Neoverse reference design platforms will migrate to use different
set of secure and non-secure UART ports. This implies that the b

feat(sgi): deviate from arm css common uart related definitions

The Neoverse reference design platforms will migrate to use different
set of secure and non-secure UART ports. This implies that the board
specific macros defined in the common Arm platform code will no longer
be usable for Neoverse reference design platforms.

In preparation for migrating to a different set of UART ports, add a
Neoverse reference design platform specific copy of the board
definitions. The value of these definitions will be changed in
subsequent patches.

Signed-off-by: Rohit Mathew <rohit.mathew@arm.com>
Change-Id: I39170848ecd81a7c1bbd3689bd905e45f9435f5c

show more ...

fix(gpt_rme): rework delegating/undelegating sequence

The previous delegating/undelegating sequence was incorrect as per the
specification DDI0615, "Architecture Reference Manual Supplement, The
Rea

fix(gpt_rme): rework delegating/undelegating sequence

The previous delegating/undelegating sequence was incorrect as per the
specification DDI0615, "Architecture Reference Manual Supplement, The
Realm Management Extension (RME), for Armv9-A" Sections A1.1.1 and
A1.1.2

Off topic:
- cleaning the gpt_is_gpi_valid and gpt_check_pass_overlap

Change-Id: Idb64d0a2e6204f1708951137062847938ab5e0ac
Signed-off-by: Robert Wakim <robert.wakim@arm.com>

show more ...

Merge changes I713f6e93,Iac4fbf4d,I43d02c77,Iadecd544,Ib31f9c4a, ... into integration

* changes:
build(intel): enable access to on-chip ram in BL31 for N5X
fix(intel): make FPGA memory configura

Merge changes I713f6e93,Iac4fbf4d,I43d02c77,Iadecd544,Ib31f9c4a, ... into integration

* changes:
build(intel): enable access to on-chip ram in BL31 for N5X
fix(intel): make FPGA memory configurations platform specific
fix(intel): fix ECC Double Bit Error handling
build(intel): define a macro for SIMICS build
build(intel): add N5X as a new Intel platform
build(intel): initial commit for crypto driver

show more ...

fix(plat/arm): fix SP count limit without dual root CoT

Remove reserved range for platform provider owned SPs if the dual root
CoT is disabled and allow SPs to populate the range up to MAX_SP_IDS.

fix(plat/arm): fix SP count limit without dual root CoT

Remove reserved range for platform provider owned SPs if the dual root
CoT is disabled and allow SPs to populate the range up to MAX_SP_IDS.

Signed-off-by: Imre Kis <imre.kis@arm.com>
Change-Id: Ib4ec18f6530d2515ada21d2c0c388d55aa479d26

show more ...

fix(fvp): op-tee sp manifest doesn't map gicd

Following I2d274fa897171807e39b0ce9c8a28824ff424534:
Remove GICD registers S2 mapping from OP-TEE partition when it runs in a
secure partition on top of

fix(fvp): op-tee sp manifest doesn't map gicd

Following I2d274fa897171807e39b0ce9c8a28824ff424534:
Remove GICD registers S2 mapping from OP-TEE partition when it runs in a
secure partition on top of Hafnium.
The partition is not meant to access the GIC directly but use the
Hafnium provided interfaces.

Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I1a38101f6ae9911662828734a3c9572642123f32

show more ...

fix(xilinx): fix coding style violations

Fix coding style violations and alignments:
- Remove additional newlines in headers
- Remove additional newlines in code
- Add newline to separate variable f

fix(xilinx): fix coding style violations

Fix coding style violations and alignments:
- Remove additional newlines in headers
- Remove additional newlines in code
- Add newline to separate variable from the code
- Use the same indentation in platform.mk
- Align function parameters
- Use tabs for indentation in kernel-doc format

Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Change-Id: I0b12804ff63bc19778e8f21041f9accba5b488b9

show more ...