Merge "fix(deps): remove deprecated husky commands" into integration
diff --git a/Makefile b/Makefile
index 88f5071..f457453 100644
--- a/Makefile
+++ b/Makefile
@@ -615,6 +615,22 @@
endif
################################################################################
+# Verify FEAT_RME, FEAT_SCTLR2 and FEAT_TCR2 are enabled if FEAT_MEC is enabled.
+################################################################################
+
+ifneq (${ENABLE_FEAT_MEC},0)
+ ifeq (${ENABLE_RME},0)
+ $(error FEAT_RME must be enabled when FEAT_MEC is enabled.)
+ endif
+ ifeq (${ENABLE_FEAT_TCR2},0)
+ $(error FEAT_TCR2 must be enabled when FEAT_MEC is enabled.)
+ endif
+ ifeq (${ENABLE_FEAT_SCTLR2},0)
+ $(error FEAT_SCTLR2 must be enabled when FEAT_MEC is enabled.)
+ endif
+endif
+
+################################################################################
# Make 128-Bit sysreg read/writes availabe when FEAT_D128 is enabled.
################################################################################
ifneq (${ENABLE_FEAT_D128}, 0)
@@ -1297,6 +1313,7 @@
ENABLE_FEAT_FPMR \
ENABLE_FEAT_HCX \
ENABLE_FEAT_LS64_ACCDATA \
+ ENABLE_FEAT_MEC \
ENABLE_FEAT_MOPS \
ENABLE_FEAT_MTE2 \
ENABLE_FEAT_PAN \
@@ -1466,6 +1483,7 @@
ENABLE_FEAT_CSV2_2 \
ENABLE_FEAT_CSV2_3 \
ENABLE_FEAT_LS64_ACCDATA \
+ ENABLE_FEAT_MEC \
ENABLE_FEAT_PAN \
ENABLE_FEAT_TCR2 \
ENABLE_FEAT_THE \
diff --git a/docs/getting_started/build-options.rst b/docs/getting_started/build-options.rst
index 2b36fda..740f3a6 100644
--- a/docs/getting_started/build-options.rst
+++ b/docs/getting_started/build-options.rst
@@ -1382,6 +1382,12 @@
Management Extension. This flag can take the values 0 to 2, to align with
the ``ENABLE_FEAT`` mechanism. Default value is 0.
+- ``ENABLE_FEAT_MEC``: Numeric value to enable support for the ARMv9.2 Memory
+ Encryption Contexts (MEC). This flag can take the values 0 to 2, to align
+ with the ``ENABLE_FEAT`` mechanism. MEC supports multiple encryption
+ contexts for Realm security state and only one encryption context for the
+ rest of the security states. Default value is 0.
+
- ``RMMD_ENABLE_EL3_TOKEN_SIGN``: Numeric value to enable support for singing
realm attestation token signing requests in EL3. This flag can take the
values 0 and 1. The default value is ``0``. When set to ``1``, this option
diff --git a/include/arch/aarch64/arch.h b/include/arch/aarch64/arch.h
index 85b33aa..627416f 100644
--- a/include/arch/aarch64/arch.h
+++ b/include/arch/aarch64/arch.h
@@ -410,6 +410,9 @@
#define ID_AA64MMFR3_EL1_D128_MASK ULL(0xf)
#define D128_IMPLEMENTED ULL(0x1)
+#define ID_AA64MMFR3_EL1_MEC_SHIFT U(28)
+#define ID_AA64MMFR3_EL1_MEC_MASK ULL(0xf)
+
#define ID_AA64MMFR3_EL1_S2POE_SHIFT U(20)
#define ID_AA64MMFR3_EL1_S2POE_MASK ULL(0xf)
@@ -617,6 +620,7 @@
#define SCR_FGTEN2_BIT (UL(1) << 59)
#define SCR_NSE_BIT (ULL(1) << SCR_NSE_SHIFT)
#define SCR_EnFPM_BIT (ULL(1) << 50)
+#define SCR_MECEn_BIT (UL(1) << 49)
#define SCR_GPF_BIT (UL(1) << 48)
#define SCR_D128En_BIT (UL(1) << 47)
#define SCR_TWEDEL_SHIFT U(30)
diff --git a/include/arch/aarch64/arch_features.h b/include/arch/aarch64/arch_features.h
index a580213..43ff2cc 100644
--- a/include/arch/aarch64/arch_features.h
+++ b/include/arch/aarch64/arch_features.h
@@ -373,6 +373,10 @@
CREATE_FEATURE_PRESENT(feat_sb, id_aa64isar1_el1, ID_AA64ISAR1_SB_SHIFT,
ID_AA64ISAR1_SB_MASK, 1U)
+/* FEAT_MEC: Memory Encryption Contexts */
+CREATE_FEATURE_FUNCS(feat_mec, id_aa64mmfr3_el1, ID_AA64MMFR3_EL1_MEC_SHIFT,
+ ID_AA64MMFR3_EL1_MEC_MASK, 1U, ENABLE_FEAT_MEC)
+
/*
* FEAT_CSV2: Cache Speculation Variant 2. This checks bit fields[56-59]
* of id_aa64pfr0_el1 register and can be used to check for below features:
diff --git a/include/lib/utils_def.h b/include/lib/utils_def.h
index c3f767e..6d8a06a 100644
--- a/include/lib/utils_def.h
+++ b/include/lib/utils_def.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016-2024, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2025, Arm Limited and Contributors. All rights reserved.
* Copyright (c) 2020, NVIDIA Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
@@ -218,4 +218,17 @@
*/
#define KHZ_TICKS_PER_SEC U(1000)
+/**
+ * EXTRACT_FIELD - Extracts a specific bit field from a value.
+ *
+ * @val: The input value containing the field.
+ * @mask: A bitmask representing the maximum value of the field
+ * @shift: The starting bit position of the field.
+ *
+ * This macro shifts the input value (@val) to the right by @shift bits,
+ * aligning the target field to the least significant bits (LSB).
+ * It then applies @mask to extract only the relevant bits.
+ */
+#define EXTRACT_FIELD(val, mask, shift) (((val) >> (shift)) & (mask))
+
#endif /* UTILS_DEF_H */
diff --git a/include/services/arm_arch_svc.h b/include/services/arm_arch_svc.h
index eab4b60..699a8d7 100644
--- a/include/services/arm_arch_svc.h
+++ b/include/services/arm_arch_svc.h
@@ -125,6 +125,12 @@
#define SCR_FEAT_RAS (0)
#endif
+#if ENABLE_FEAT_MEC
+#define SCR_FEAT_MEC SCR_MECEn_BIT
+#else
+#define SCR_FEAT_MEC (0)
+#endif
+
#ifndef SCR_PLAT_FEATS
#define SCR_PLAT_FEATS (0)
#endif
@@ -195,6 +201,7 @@
SCR_IRQ_BIT | \
SCR_NS_BIT | \
SCR_RES1_BITS | \
+ SCR_FEAT_MEC | \
SCR_PLAT_IGNORED)
CASSERT((SCR_EL3_FEATS & SCR_EL3_IGNORED) == 0, scr_feat_is_ignored);
CASSERT((SCR_EL3_FLIPPED & SCR_EL3_FEATS) == SCR_EL3_FLIPPED, scr_flipped_not_a_feat);
diff --git a/include/services/drtm_svc.h b/include/services/drtm_svc.h
index 3503fa4..86110db 100644
--- a/include/services/drtm_svc.h
+++ b/include/services/drtm_svc.h
@@ -14,6 +14,8 @@
#ifndef ARM_DRTM_SVC_H
#define ARM_DRTM_SVC_H
+#include <lib/utils_def.h>
+
/*
* SMC function IDs for DRTM Service
* Upper word bits set: Fast call, SMC64, Standard Secure Svc. Call (OEN = 4)
@@ -239,6 +241,21 @@
<< ARM_DRTM_REGION_SIZE_TYPE_4K_PAGE_NUM_SHIFT)); \
} while (false)
+#define DRTM_LAUNCH_FEAT_DLME_IMG_AUTH_SHIFT U(6)
+#define DRTM_LAUNCH_FEAT_MEM_PROTECTION_TYPE_SHIFT U(3)
+#define DRTM_LAUNCH_FEAT_PCR_USAGE_SCHEMA_SHIFT U(1)
+#define DRTM_LAUNCH_FEAT_HASHING_TYPE_SHIFT U(0)
+
+#define DRTM_LAUNCH_FEAT_DLME_IMG_AUTH_MASK U(0x1)
+#define DRTM_LAUNCH_FEAT_MEM_PROTECTION_TYPE_MASK U(0x7)
+#define DRTM_LAUNCH_FEAT_PCR_USAGE_SCHEMA_MASK U(0x3)
+#define DRTM_LAUNCH_FEAT_HASHING_TYPE_MASK U(0x1)
+
+#define DLME_IMG_AUTH U(0x1)
+#define REG_MEM_PROTECTION_TYPE U(0x1)
+#define DLME_AUTH_SCHEMA U(0x1)
+#define TPM_BASED_HASHING U(0x1)
+
/* Initialization routine for the DRTM service */
int drtm_setup(void);
diff --git a/lib/el3_runtime/aarch64/context_mgmt.c b/lib/el3_runtime/aarch64/context_mgmt.c
index 3388f1c..c35aae9 100644
--- a/lib/el3_runtime/aarch64/context_mgmt.c
+++ b/lib/el3_runtime/aarch64/context_mgmt.c
@@ -548,6 +548,10 @@
}
#endif /* (IMAGE_BL31 && defined(SPD_spmd) && SPMD_SPM_AT_SEL2) */
+ if (is_feat_mec_supported()) {
+ scr_el3 |= SCR_MECEn_BIT;
+ }
+
/*
* Populate EL3 state so that we've the right context
* before doing ERET
diff --git a/make_helpers/arch_features.mk b/make_helpers/arch_features.mk
index 8dec522..56bfb64 100644
--- a/make_helpers/arch_features.mk
+++ b/make_helpers/arch_features.mk
@@ -419,6 +419,9 @@
# Flag to enable Floating point exception Mode Register Feature (FEAT_FPMR)
ENABLE_FEAT_FPMR ?= 0
+# Flag to enable Memory Encryption Contexts (FEAT_MEC).
+ENABLE_FEAT_MEC ?= 0
+
#----
# 9.3
#----
diff --git a/plat/arm/board/fvp/platform.mk b/plat/arm/board/fvp/platform.mk
index 7bd2a1d..e43d025 100644
--- a/plat/arm/board/fvp/platform.mk
+++ b/plat/arm/board/fvp/platform.mk
@@ -93,6 +93,10 @@
ENABLE_FEAT_MTE2 := 2
ENABLE_FEAT_LS64_ACCDATA := 2
+ifeq (${ENABLE_RME},1)
+ ENABLE_FEAT_MEC := 2
+endif
+
# The FVP platform depends on this macro to build with correct GIC driver.
$(eval $(call add_define,FVP_USE_GIC_DRIVER))
diff --git a/plat/xilinx/common/pm_service/pm_api_sys.c b/plat/xilinx/common/pm_service/pm_api_sys.c
index 9af8bb2..679f935 100644
--- a/plat/xilinx/common/pm_service/pm_api_sys.c
+++ b/plat/xilinx/common/pm_service/pm_api_sys.c
@@ -56,8 +56,7 @@
for (reg_num = 0U; reg_num < NUM_GICD_ISENABLER; reg_num++) {
uint32_t base_irq = reg_num << ISENABLER_SHIFT;
- isenabler1 += (reg_num << 2);
- uint32_t reg = mmio_read_32((uint64_t)isenabler1);
+ uint32_t reg = mmio_read_32((uint64_t)(isenabler1 + (reg_num << 2)));
if (reg == 0U) {
continue;
diff --git a/services/std_svc/drtm/drtm_main.c b/services/std_svc/drtm/drtm_main.c
index 117934f..c302863 100644
--- a/services/std_svc/drtm/drtm_main.c
+++ b/services/std_svc/drtm/drtm_main.c
@@ -34,6 +34,8 @@
/* DRTM-formatted memory map. */
static drtm_memory_region_descriptor_table_t *plat_drtm_mem_map;
+static const plat_drtm_dma_prot_features_t *plat_dma_prot_feat;
+static const plat_drtm_tpm_features_t *plat_tpm_feat;
/* DLME header */
struct_dlme_data_header dlme_data_hdr_init;
@@ -44,8 +46,6 @@
int drtm_setup(void)
{
bool rc;
- const plat_drtm_tpm_features_t *plat_tpm_feat;
- const plat_drtm_dma_prot_features_t *plat_dma_prot_feat;
INFO("DRTM service setup\n");
@@ -322,6 +322,43 @@
return SUCCESS;
}
+/* Function to check if the value is valid for each bit field */
+static int drtm_dl_check_features_sanity(uint32_t val)
+{
+ /**
+ * Ensure that if DLME Authorities Schema (Bits [2:1]) is set, then
+ * DLME image authentication (Bit[6]) must also be set
+ */
+ if ((EXTRACT_FIELD(val, DRTM_LAUNCH_FEAT_PCR_USAGE_SCHEMA_MASK,
+ DRTM_LAUNCH_FEAT_PCR_USAGE_SCHEMA_SHIFT) == DLME_AUTH_SCHEMA) &&
+ (EXTRACT_FIELD(val, DRTM_LAUNCH_FEAT_DLME_IMG_AUTH_MASK,
+ DRTM_LAUNCH_FEAT_DLME_IMG_AUTH_SHIFT) != DLME_IMG_AUTH)) {
+ return INVALID_PARAMETERS;
+ }
+
+ /**
+ * Check if Bits [5:3] (Memory protection type) matches with platform's
+ * memory protection type
+ */
+ if (EXTRACT_FIELD(val, DRTM_LAUNCH_FEAT_MEM_PROTECTION_TYPE_MASK,
+ DRTM_LAUNCH_FEAT_MEM_PROTECTION_TYPE_SHIFT) !=
+ __builtin_ctz(plat_dma_prot_feat->dma_protection_support)) {
+ return INVALID_PARAMETERS;
+ }
+
+ /**
+ * Check if Bits [0] (Type of hashing) matches with platform's
+ * supported hash type.
+ */
+ if (EXTRACT_FIELD(val, DRTM_LAUNCH_FEAT_HASHING_TYPE_MASK,
+ DRTM_LAUNCH_FEAT_HASHING_TYPE_SHIFT) !=
+ plat_tpm_feat->tpm_based_hash_support) {
+ return INVALID_PARAMETERS;
+ }
+
+ return 0;
+}
+
/*
* Note: accesses to the dynamic launch args, and to the DLME data are
* little-endian as required, thanks to TF-A BL31 init requirements.
@@ -369,7 +406,7 @@
args_buf = *a;
rc = mmap_remove_dynamic_region(va_mapping, va_mapping_size);
- if (rc) {
+ if (rc != 0) {
ERROR("%s(): mmap_remove_dynamic_region() failed unexpectedly"
" rc=%d\n", __func__, rc);
panic();
@@ -383,6 +420,13 @@
return NOT_SUPPORTED;
}
+ rc = drtm_dl_check_features_sanity(a->features);
+ if (rc != 0) {
+ ERROR("%s(): drtm_dl_check_features_sanity() failed.\n"
+ " rc=%d\n", __func__, rc);
+ return rc;
+ }
+
if (!(a->dlme_img_off < a->dlme_size &&
a->dlme_data_off < a->dlme_size)) {
ERROR("DRTM: argument offset is outside of the DLME region\n");