Merge changes from topic "hm/memmap-feat" into integration
* changes:
build(bl32): add symbols for memory layout
build(bl31): add symbols for memory layout
build(bl2): add symbols for memory layout
build(bl1): add symbols for memory layout
refactor: improve readability of symbol table
diff --git a/.readthedocs.yaml b/.readthedocs.yaml
index 450d6be..6207066 100644
--- a/.readthedocs.yaml
+++ b/.readthedocs.yaml
@@ -17,10 +17,10 @@
- plantuml
jobs:
post_create_environment:
- - pip install poetry
+ - pip install poetry=="1.3.2"
- poetry config virtualenvs.create false
post_install:
- - poetry install --with docs
+ - poetry install --with doc
sphinx:
configuration: docs/conf.py
diff --git a/Makefile b/Makefile
index a925300..3dbf28e 100644
--- a/Makefile
+++ b/Makefile
@@ -8,7 +8,7 @@
# Trusted Firmware Version
#
VERSION_MAJOR := 2
-VERSION_MINOR := 8
+VERSION_MINOR := 9
VERSION := ${VERSION_MAJOR}.${VERSION_MINOR}
# Default goal is build all images
@@ -152,7 +152,7 @@
ARM_ARCH_MINOR := 5
ENABLE_FEAT_ECV = 1
ENABLE_FEAT_FGT = 1
-
+CTX_INCLUDE_PAUTH_REGS := 1
# RME enables CSV2_2 extension by default.
ENABLE_FEAT_CSV2_2 = 1
@@ -710,16 +710,23 @@
BL32_LDFLAGS += $(PIE_LDFLAGS)
endif
-ifeq (${ARCH},aarch64)
+BL1_CPPFLAGS += -DREPORT_ERRATA=${DEBUG}
+BL31_CPPFLAGS += -DREPORT_ERRATA=${DEBUG}
+BL32_CPPFLAGS += -DREPORT_ERRATA=${DEBUG}
+
BL1_CPPFLAGS += -DIMAGE_AT_EL3
ifeq ($(RESET_TO_BL2),1)
BL2_CPPFLAGS += -DIMAGE_AT_EL3
else
BL2_CPPFLAGS += -DIMAGE_AT_EL1
endif
+
+ifeq (${ARCH},aarch64)
BL2U_CPPFLAGS += -DIMAGE_AT_EL1
BL31_CPPFLAGS += -DIMAGE_AT_EL3
BL32_CPPFLAGS += -DIMAGE_AT_EL1
+else
+BL32_CPPFLAGS += -DIMAGE_AT_EL3
endif
# Include the CPU specific operations makefile, which provides default
diff --git a/bl1/bl1_main.c b/bl1/bl1_main.c
index 7399bc8..3f64e27 100644
--- a/bl1/bl1_main.c
+++ b/bl1/bl1_main.c
@@ -17,7 +17,7 @@
#include <drivers/auth/auth_mod.h>
#include <drivers/auth/crypto_mod.h>
#include <drivers/console.h>
-#include <lib/cpus/errata_report.h>
+#include <lib/cpus/errata.h>
#include <lib/utils.h>
#include <plat/common/platform.h>
#include <smccc_helpers.h>
diff --git a/bl2/bl2.mk b/bl2/bl2.mk
index 41bcd12..19b955f 100644
--- a/bl2/bl2.mk
+++ b/bl2/bl2.mk
@@ -41,8 +41,7 @@
BL2_SOURCES += bl2/${ARCH}/bl2_el3_entrypoint.S \
bl2/${ARCH}/bl2_el3_exceptions.S \
bl2/${ARCH}/bl2_run_next_image.S \
- lib/cpus/${ARCH}/cpu_helpers.S \
- lib/cpus/errata_report.c
+ lib/cpus/${ARCH}/cpu_helpers.S
ifeq (${DISABLE_MTPMU},1)
BL2_SOURCES += lib/extensions/mtpmu/${ARCH}/mtpmu.S
diff --git a/bl32/tsp/tsp_main.c b/bl32/tsp/tsp_main.c
index 0878ea4..1ab2260 100644
--- a/bl32/tsp/tsp_main.c
+++ b/bl32/tsp/tsp_main.c
@@ -50,6 +50,8 @@
tsp_stats[linear_id].smc_count,
tsp_stats[linear_id].eret_count,
tsp_stats[linear_id].cpu_on_count);
+
+ console_flush();
return (uint64_t) &tsp_vector_table;
}
diff --git a/changelog.yaml b/changelog.yaml
index 9114dad..0c4644d 100644
--- a/changelog.yaml
+++ b/changelog.yaml
@@ -165,11 +165,15 @@
- plat/arm
subsections:
+ - title: A5DS
+ scope: a5ds
+
- title: CSS
scope: css
deprecated:
- plat/arm/css
+ - plat/css
- title: FPGA
scope: fpga
@@ -208,6 +212,9 @@
scope: rd
subsections:
+ - title: RD-N1 Edge
+ scope: rdn1edge
+
- title: RD-N2
scope: rdn2
@@ -224,6 +231,9 @@
- title: TC
scope: tc
+ deprecated:
+ - plat/tc
+
subsections:
- title: TC0
scope: tc0
@@ -335,6 +345,9 @@
- title: Tegra 194
scope: tegra194
+ - title: Tegra 210
+ scope: tegra210
+
- title: NXP
scope: nxp
@@ -383,6 +396,9 @@
deprecated:
- plat/imx/imx8m/imx8mq
+ - title: i.MX 8
+ scope: imx8
+
- title: Layerscape
scope: layerscape
@@ -465,6 +481,10 @@
deprecated:
- plat/qemu
+ subsections:
+ - title: SBSA
+ scope: qemu-sbsa
+
- title: QTI
scope: qti
@@ -640,6 +660,9 @@
- title: RMMD
scope: rmmd
+ - title: RMM
+ scope: rmm
+
- title: SPM
scope: spm
@@ -811,6 +834,9 @@
- title: GUID Partition Tables Support
scope: guid-partition
+ deprecated:
+ - partition
+
- title: SCMI
scope: scmi
@@ -1178,6 +1204,9 @@
- title: PIE
scope: pie
+ - title: PIE/POR
+ scope: pie/por
+
- title: Security
scope: security
@@ -1248,6 +1277,9 @@
- title: Git Hooks
scope: hooks
+ deprecated:
+ - git-hooks
+
- title: Tools
subsections:
diff --git a/docs/about/features.rst b/docs/about/features.rst
index cb8b552..4a2c77e 100644
--- a/docs/about/features.rst
+++ b/docs/about/features.rst
@@ -22,8 +22,8 @@
Cache Coherent Network (CCN), Network Interconnect (NIC) and TrustZone
Controller (TZC).
-- A generic |SCMI| driver to interface with conforming power controllers, for
- example the Arm System Control Processor (SCP).
+- Secure Monitor library code such as world switching, EL2/EL1 context
+ management and interrupt routing.
- SMC (Secure Monitor Call) handling, conforming to the `SMC Calling
Convention`_ using an EL3 runtime services framework.
@@ -34,14 +34,22 @@
is also suitable for integration with other AArch32 EL3 Runtime Software,
for example an AArch32 Secure OS.
+- A generic |SCMI| driver to interface with conforming power controllers, for
+ example the Arm System Control Processor (SCP).
+
- A minimal AArch32 Secure Payload (*SP_MIN*) to demonstrate |PSCI| library
integration with AArch32 EL3 Runtime Software.
-- Secure Monitor library code such as world switching, EL1 context management
- and interrupt routing.
- When a Secure-EL1 Payload (SP) is present, for example a Secure OS, the
- AArch64 EL3 Runtime Software must be integrated with a Secure Payload
- Dispatcher (SPD) component to customize the interaction with the SP.
+- Secure partition manager dispatcher(SPMD) with following two configurations:
+
+ - S-EL2 SPMC implementation, widely compliant with FF-A v1.1 EAC0 and initial
+ support of FF-A v1.2.
+
+ - EL3 SPMC implementation, compliant with a subset of FF-A v1.1 EAC0.
+
+- Support for Arm CCA based on FEAT_RME which supports authenticated boot and
+ execution of RMM with the necessary routing of RMI commands as specified in
+ RMM Beta 0 Specification.
- A Test SP and SPD to demonstrate AArch64 Secure Monitor functionality and SP
interaction with PSCI.
@@ -50,12 +58,20 @@
`Trusty Secure OS`_ and `ProvenCore Secure OS`_.
- A Trusted Board Boot implementation, conforming to all mandatory TBBR
- requirements. This includes image authentication, Firmware Update (or
- recovery mode), and packaging of the various firmware images into a
+ requirements. This includes image authentication, Firmware recovery,
+ Firmware encryption and packaging of the various firmware images into a
Firmware Image Package (FIP).
-- Pre-integration of TBB with the Arm CryptoCell product, to take advantage of
- its hardware Root of Trust and crypto acceleration services.
+- Measured boot support with PoC to showcase its interaction with firmware TPM
+ (fTPM) service implemneted on top of OP-TEE.
+
+- Support for Dynamic Root of Trust for Measurement (DRTM).
+
+- Following firmware update mechanisms available:
+
+ - PSA Firmware Update (PSA FWU)
+
+ - TBBR Firmware Update (TBBR FWU)
- Reliability, Availability, and Serviceability (RAS) functionality, including
@@ -81,6 +97,8 @@
secure system processor, or where a non-TF-A ROM expects BL2 to be loaded
at EL3.
+- Support for Errata management firmware interface.
+
- Support for the GCC, LLVM and Arm Compiler 6 toolchains.
- Support for combining several libraries into a "romlib" image that may be
@@ -88,27 +106,13 @@
in ROM but is accessed through a jump-table that may be stored
in read-write memory, allowing for the library code to be patched.
-- Support for the Secure Partition Manager Dispatcher (SPMD) component as a
- new standard service.
-
-- Support for ARMv8.3 pointer authentication in the normal and secure worlds.
- The use of pointer authentication in the normal world is enabled whenever
- architectural support is available, without the need for additional build
- flags.
-
-- Position-Independent Executable (PIE) support. Currently for BL2, BL31, and
- TSP, with further support to be added in a future release.
+- Position-Independent Executable (PIE) support.
Still to come
-------------
- Support for additional platforms.
-- Refinements to Position Independent Executable (PIE) support.
-
-- Continued support for the FF-A v1.0 (formally known as SPCI) specification, to enable the
- use of secure partition management in the secure world.
-
- Documentation enhancements.
- Ongoing support for new architectural features, CPUs and System IP.
@@ -125,4 +129,4 @@
--------------
-*Copyright (c) 2019-2021, Arm Limited. All rights reserved.*
+*Copyright (c) 2019-2023, Arm Limited. All rights reserved.*
diff --git a/docs/about/maintainers.rst b/docs/about/maintainers.rst
index 02dae05..b591f2a 100644
--- a/docs/about/maintainers.rst
+++ b/docs/about/maintainers.rst
@@ -2,12 +2,11 @@
===================
Trusted Firmware-A (TF-A) is an open governance community project. All
-contributions are ultimately merged by the maintainers listed below. Technical
-ownership of most parts of the codebase falls on the code owners listed
-below. An acknowledgement from these code owners is required before the
-maintainers merge a contribution.
+contributions are reviewed and merged by the community members listed below.
-More details may be found in the `Project Maintenance Process`_ document.
+For more details on the roles of `maintainers`, `code owners` and general
+information about code reviews in TF-A project, please refer to the :ref:`Code
+Review Guidelines`.
.. |M| replace:: **Mail**
.. |G| replace:: **GitHub ID**
@@ -18,6 +17,10 @@
Maintainers
-----------
+.. note::
+ If you wish to become a maintainer for TF-A project, please refer to the
+ :ref:`Project Maintenance Processes`.
+
:|M|: Dan Handley <dan.handley@arm.com>
:|G|: `danh-arm`_
:|M|: Soby Mathew <soby.mathew@arm.com>
@@ -50,6 +53,8 @@
:|G|: `raghuncstate`_
:|M|: Manish Badarkhe <manish.badarkhe@arm.com>
:|G|: `ManishVB-Arm`_
+:|M|: Yann Gautier <yann.gautier@st.com>
+:|G|: `Yann-lms`_
LTS Maintainers
---------------
@@ -978,5 +983,3 @@
.. _bytefire: https://github.com/bytefire
.. _rupsin01: https://github.com/rupsin01
.. _jimmy-brisson: https://github.com/theotherjimmy
-
-.. _Project Maintenance Process: https://developer.trustedfirmware.org/w/collaboration/project-maintenance-process/
diff --git a/docs/change-log.md b/docs/change-log.md
index bb05afb..b660c73 100644
--- a/docs/change-log.md
+++ b/docs/change-log.md
@@ -3,6 +3,1024 @@
This document contains a summary of the new features, changes, fixes and known
issues in each release of Trusted Firmware-A.
+## [2.9.0](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/tags/v2.8.0..refs/tags/v2.9.0) (2023-05-16)
+
+### ⚠ BREAKING CHANGES
+
+- **Libraries**
+
+ - **EL3 Runtime**
+
+ - **RAS**
+
+ - The previous RAS_EXTENSION is now deprecated. The equivalent functionality can be achieved by the following 2 options:
+ - ENABLE_FEAT_RAS
+ - RAS_FFH_SUPPORT
+
+ **See:** replace RAS_EXTENSION with FEAT_RAS ([9202d51](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/9202d51990c192e8bc041e6f53d5ce63ee908665))
+
+- **Drivers**
+
+ - **Authentication**
+
+ - unify REGISTER_CRYPTO_LIB
+
+ **See:** unify REGISTER_CRYPTO_LIB ([dee99f1](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/dee99f10b1dcea09091f4a1d53185153802dfb64))
+
+ - **Arm**
+
+ - **Ethos-N**
+
+ - The Linux Kernel NPU driver can no longer directly configure and boot the NPU in a TZMP1 build. The API version has therefore been given a major version bump with this change.
+
+ **See:** add protected NPU firmware setup ([6dcf3e7](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6dcf3e774457cf00b91abda715adfbefce822877))
+
+ - Building the FIP when TZMP1 support is enabled in the NPU driver now requires a parameter to specify the NPU firmware file.
+
+ **See:** load NPU firmware at BL2 ([33bcaed](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/33bcaed1211ab27968433b546979687bc1182630))
+
+- **Build System**
+
+ - BL2_AT_EL3 renamed to RESET_TO_BL2 across the repository.
+
+ **See:** distinguish BL2 as TF-A entry point and BL2 running at EL3 ([42d4d3b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/42d4d3baacb3b11c68163ec85de1bf2e34e0c882))
+
+ - check boolean flags are not empty
+
+ **See:** check boolean flags are not empty ([1369fb8](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1369fb82c8e809c1a59a0d99184dbfd2d0b81afa))
+
+ - All input and output linker section names have been prefixed with the period character, e.g. `cpu_ops` -> `.cpu_ops`.
+
+ **See:** always prefix section names with `.` ([da04341](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/da04341ed52d214139fe2d16667ef5b58c38e502))
+
+ - The `EXTRA_LINKERFILE` build system variable has been replaced with the `<IMAGE>_LINKER_SCRIPT_SOURCES` variable. See the commit message for more information.
+
+ **See:** permit multiple linker scripts ([a6ff006](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a6ff0067ab57d848d3fb28a3eb2b47e6cf2a6092))
+
+ - The `LINKERFILE`, `BL_LINKERFILE` and `<IMAGE_LINKERFILE>` build system variables have been renamed. See the commit message for more information.
+
+ **See:** clarify linker script generation ([8227493](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/82274936374bf630bf5256370e93a531fdda6372))
+
+### Resolved Issues
+
+- **Architecture**
+
+ - **CPU feature / ID register handling in general**
+
+ - context-switch: move FGT availability check to callers ([de8c489](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/de8c489247458c00f7b48301fb5c5273c7a628fc))
+ - make stub enable functions "static inline" ([d7f3ed3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d7f3ed3655b85223583d8c2d9e719f364266ef26))
+ - resolve build errors due to compiler optimization ([e8f0dd5](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e8f0dd58da231b81ba0ce6f27aaf1e31b4d4c429))
+
+ - **Memory Partitioning and Monitoring (MPAM) Extension (FEAT_MPAM)**
+
+ - feat_detect: support major/minor ([1f8be7f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1f8be7fc66fb59b197dde3b4ea83314b1728c6b8))
+ - remove unwanted param for "endfunc" macro ([0e0bd25](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0e0bd250ef08ba70b34db9eb0cab0f6ef4d08edf))
+ - run-time checks for mpam save/restore routines ([ed80440](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ed804406bf2ee04bde1c17683cec6f679ea1e160))
+
+ - **Pointer Authentication Extension**
+
+ - make pauth_helpers linking generic ([90ce8b8](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/90ce8b8718d079b9e906d06bdd6a72da6cc5b636))
+
+ - **Performance Monitors Extension (FEAT_PMUv3)**
+
+ - switch FVP PMUv3 SPIs to PPI ([d7c455d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d7c455d8cca85de4a520da33db6523c9c8a7ee38))
+ - unconditionally save PMCR_EL0 ([1d6d680](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1d6d6802dd547c8b378a9a47572ee72e68cceb3b))
+
+ - **Scalable Matrix Extension (FEAT_SME, FEAT_SME2)**
+
+ - disable SME for SPD=spmd ([2fd2fce](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2fd2fcedff0595a7050328fa60dc4850d6b424bf))
+
+ - **Statistical profiling Extension (FEAT_SPE)**
+
+ - drop SPE EL2 context switch code ([16e3ddb](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/16e3ddba1f049106387dfe21989243d2fc4cf061))
+
+- **Platforms**
+
+ - **Allwinner**
+
+ - check RSB availability in DT on H6 ([658b315](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/658b3154d5b06a467b65cb79d31da751ffc6f5a4))
+
+ - **Arm**
+
+ - arm_rotpk_header undefined reference ([95302e4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/95302e4b234589e0487996a5c0f1e111c21ffedc))
+
+ - **A5DS**
+
+ - add default value for ARM_DISABLE_TRUSTED_WDOG ([115ab63](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/115ab63872ab36f8202f4c4aab093c4e9182d4e7))
+
+ - **CSS**
+
+ - fix invalid redistributor poweroff ([60719e4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/60719e4e0965aead49d927f12bf2a37bd2629012))
+
+ - **FPGA**
+
+ - include missing header file ([b7253a1](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b7253a14cdc633a606472ec4e5aa4123158e2013))
+
+ - **FVP**
+
+ - correct ehf priority for SPM_MM ([fb2fd55](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/fb2fd558d8102ad79e5970714e0afec31a6138d7))
+ - incorrect UUID name in FVP tb_fw_config ([7f2bf23](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/7f2bf23dec6e6467704d7d71ec44bee030912987))
+ - unconditionally include lib/psa headers ([72db458](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/72db45852d84db6ade0da2a232a44df3e5228b6d))
+ - work around BL31 progbits exceeded ([138221c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/138221c2457b9d04101b84084c07d576b0eb5a51))
+ - work around DRTM_SUPPORT BL31 progbits exceeded ([7762e5d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/7762e5d0ed5c28b0a77dc25cc566cf54a69af7e6))
+
+ - **Morello**
+
+ - add platform-specific power domain functions ([02a5bcb](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/02a5bcb0bc3c8596894b6d0ec8c979b330db387a))
+
+ - **N1SDP**
+
+ - add platform-specific power domain functions ([5bdafc4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5bdafc4099b446609965f9132e6c52a7bdeb9ac8))
+
+ - **RD**
+
+ - **RD-N1 Edge**
+
+ - change variable type to fix gcc sign conversion error ([3a3e0e5](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/3a3e0e5371e99b3764fd8e8d98a447911f3bb915))
+
+ - **TC**
+
+ - increase TC_TZC_DRAM1_SIZE ([7e3f6a8](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/7e3f6a87d74efec780c0832c0535dd64ef830cfa))
+ - change the FIP offset to 8 KiB boundary ([d07b8aa](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d07b8aac39abc3026233e316686f4643d076f8d6))
+ - change the properties of optee reserved memory ([2fff46c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2fff46c80fe4aa27cd55ad4bfbe43c3823095259))
+ - enable dynamic feature detection of FEAT_SVE for NormalWorld ([67265f2](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/67265f2f6d7604147080033a1c99150e9a020f28))
+ - enable the execution of both platform tests ([657b90e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/657b90ea1aa2831a7feed31f07fc8e92213e6465))
+ - only suspend booting after running plat tests ([9b26655](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/9b266556d308c0af6f932fedd1c41fbda05204aa))
+ - unify TC ROM start addresses ([f9e11c7](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f9e11c724bb7c919dc9bd5dd8fca1e04140374d2))
+ - update the name of mbedtls config header ([d5fc899](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d5fc8992c7b63675b6fc4b2c00a1e1acfdaaeee2))
+
+ - **Broadcom**
+
+ - add braces around bodies of conditionals ([9f58bfb](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/9f58bfbbe90d2891c289cd27ab7d2ede8b5572d4))
+
+ - **Intel**
+
+ - add mailbox error return status for FCS_DECRYPTION ([76ed322](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/76ed32236aa396cb0e15eb049bea03710ca1992d))
+ - agilex bitstream pre-authenticate ([4b3d323](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4b3d323acdd21d8853e38e135bf990b3767ca354))
+ - fix Agilex and N5X clock manager to main PLL C0 ([5f06bff](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5f06bffa831638fd95d2160209000ef36d2a22ce))
+ - fix fcs_client crashed when increased param size ([c42402c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c42402cdf8a3dfc6f6e62a92b2898066e8cc46f6))
+ - fix pinmux handoff bug on Agilex ([e6c0389](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e6c038909193b83bc293de9b1eb65440e75f8c91))
+ - fix print out ERROR when encounter SEU_Err ([1a0bf6e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1a0bf6e1d8fe899359535c0a0a68c2be5e5acaf4))
+ - fix sp_timer0 is not disabled in firewall on Agilex ([8de7167](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8de7167eb661ff730a79bd2c6db15c22fdc62c8a))
+ - fix the pointer of block memory to fill in and bytes being set ([afe9fcc](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/afe9fcc3d262ca279a747c8ab6fa8bacf79c76fb))
+ - flash dcache before mmio read ([731622f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/731622fe757ab2bcc0492ad27bafecf24206ddac))
+ - mailbox store QSPI ref clk in scratch reg ([7f9e9e4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/7f9e9e4b40152c0cb52bcc53ac3d32fd1c978416))
+ - missing NCORE CCU snoop filter fix in BL2 ([b34a48c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b34a48c1ce0dd7e44eac4ceb0537b337857b057f))
+ - remove checking on TEMP and VOLT checking for HWMON ([68ac5fe](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/68ac5fe14c0220673d7ee88a99b3d02be1fef530))
+ - update boot scratch to indicate to Uboot is PSCI ON ([7f7a16a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/7f7a16a6c0a49af593fa080eb66f72a20bb07299))
+
+ - **NVIDIA**
+
+ - **Tegra**
+
+ - append major revision to the chip_id value ([33c4766](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/33c476601cf48a4b02259b8cb43819acd824804f))
+ - remove dependency on CPU registers to get boot parameters ([0b9f05f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0b9f05fcaea069bff6894d99ec5babc4be29ca67))
+
+ - **Tegra 210**
+
+ - support legacy SMC_ID 0xC2FEFE00 ([40a4e2d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/40a4e2d84c38ffae899eaa2c33c1e280312919cf))
+
+ - **NXP**
+
+ - **i.MX**
+
+ - **i.MX 8M**
+
+ - add ddr4 dvfs sw workaround for ERR050712 ([e00fe11](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e00fe11df3fee04c7f3137817294d464466dab22))
+ - backup mr12/14 value from lpddr4 chip ([a2655f4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a2655f48697416b8350ba5b3f7f44f1f0be79d4e))
+ - correct the rank info get fro mstr ([5277c09](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5277c09606450daaffa43f3cf15fcc427d7ba612))
+ - fix coverity out of bound access issue ([0331b1c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0331b1c6111d198195298a2885dbd93cac1ad26a))
+ - fix the current fsp init ([25c4323](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/25c43233e866326326f9f82bfae03357c396a99f))
+ - fix the dfiphymaster setting after dvfs ([ad0cbbf](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ad0cbbf513dfabe51a401c06be504e57d6b143ca))
+ - fix the dram retention random hang on some imx8mq Rev2.0 ([4bf5019](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4bf5019228cf89e0cbc2cd03627f755d51e3e198))
+ - fix the rank to rank space issue ([3330084](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/3330084979e4c1a39a92f0642000664c79a00dda))
+
+ - **i.MX 8Q**
+
+ - fix compilation with gcc >= 12.x ([e75a3b6](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e75a3b6e89c4bce11d1885426f22262def9bd664))
+
+ - **Layerscape**
+
+ - fix errata a008850 ([c45791b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c45791b2f20909c9a9d2bae84dafc17f55892fc8))
+ - fix nv_storage assert checking ([5d599b7](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5d599b71ea6e0020f4f9d0e7af303726483217bc))
+ - unlock write access SMMU_CBn_ACTLR ([0ca1d8f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0ca1d8fba3bee32242b123ae28ad5c83a657aa0d))
+
+ - **LX2**
+
+ - init global data before using it ([50aa0ea](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/50aa0ea7acd21e7e9920a91a14db14a9f8c63700))
+
+ - **LS1046A**
+
+ - 4 keys secureboot failure resolved ([c0c157a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c0c157a680fcb100afed3e1ea9d342deea72ea05))
+
+ - **QEMU**
+
+ - enable dynamic feature detection of FEAT_SVE for NormalWorld ([fc259b6](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/fc259b6c3a551efbc810c8e08e82b7b5378f57ba))
+
+ - **SBSA**
+
+ - enable FGT ([c598692](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c598692d0c6a79dd10c34d5a4a740c90261cfc65))
+ - enable SVE and SME ([9bff7ce](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/9bff7ce37545162d417953ac36c6878216815b94))
+
+ - **QTI**
+
+ - **MSM8916**
+
+ - add timeout for crash console TX flush ([7e002c8](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/7e002c8a13172c44f55ab49062861479b6622884))
+ - drop unneeded initialization of CNTACR ([d833af3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d833af3ab50cd2cfecb8868c3d5340df1572f042))
+ - flush dcache after writing msm8916_entry_point ([01ba69c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/01ba69cd9b833047653186858a6929e6c9379989))
+ - print \r before \n on UART console ([3fb7e40](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/3fb7e40a21b1570a8ce1cd1708134fa7a05d94fb))
+
+ - **Raspberry Pi**
+
+ - **Raspberry Pi 3**
+
+ - initialize SD card host controller ([bd96d53](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/bd96d533dc28c4c938aa54905787688823cbccac))
+
+ - **Renesas**
+
+ - align incompatible function pointers ([90c4b3b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/90c4b3b62d5303c22fdc5f65f0db784de0f4ac95))
+
+ - **Rockchip**
+
+ - use semicolon instead of comma ([8557d49](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8557d491b6dbd6cbf27cc2ae6425f6cb29ca2c35))
+
+ - **ST**
+
+ - add U suffix for unsigned numbers ([9c1aa12](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/9c1aa1253c9c77487b73d46a89941e81e80864eb))
+ - explicitly check operators precedence ([56048fe](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/56048fe215997ab6788ebd251e8cde094392dfc7))
+ - include utils.h to solve compilation error ([377846b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/377846b65e8eb946a6560f1200ca4ca0e1eb8b99))
+ - make metadata_block_spec static ([d1d8a9b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d1d8a9bad0be53792e219625b0d327cc4855378f))
+ - rework secure-status check in fdt_get_status() ([0ebaf22](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0ebaf222899c1c33fe8bd0e69bd2c287ebe1154b))
+ - use Boolean type for tests ([45d2d49](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/45d2d495e77c9c8f3e80774e48a80e4882c8ac0d))
+ - use indices when counting GPIOs in DT ([e7d7544](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e7d75448b9e46dee22fe23b37c28a522b9ec3a6c))
+
+ - **STM32MP1**
+
+ - add const for strings in stm32mp_get_soc_name() ([d7f5bed](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d7f5bed90eaacee0a223bcf23438dfb76dee08e6))
+ - add missing platform.h include ([6e55f9e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6e55f9e2cde0426c39ccda87b00047f85d30f97d))
+ - always define PKA algos flags ([e0e2d64](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e0e2d64f47654e4d86d0e400977eab0e4a01523e))
+ - remove boolean check on PLAT_TBBR_IMG_DEF ([231a0ad](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/231a0adb6abc35c125d4177749af37042575eca2))
+ - rework DWL buffer cache invalidation ([127ed00](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/127ed0008e03abb98b5447cb80c5634dfa554e7d))
+
+ - **Texas Instruments**
+
+ - do not take system power reference in bl31_platform_setup() ([9977948](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/9977948112d732935362a3fe8518e3b2e4b7f6b7))
+ - fix typo in boot authentication message name ([81f525e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/81f525ecc75a3d8b344a27881098fcaab65f2d8f))
+
+ - **Xilinx**
+
+ - fix misra defects ([964e559](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/964e55928c8f966633cc57e41987aa00890f5da7))
+ - handle CRC failure in IPI ([5e92be5](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5e92be5121e8ecd81a0f89eaae0d1a7ac8f4bfd7))
+ - handle CRC failure in IPI callback ([6173d91](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6173d914d673249ec47c080909c31a1654545913))
+ - initialize values to device enum members ([5c62d59](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5c62d599274b5d9facd4996b50c1a1e153b247a4))
+ - remove asserts around arg0/arg1 ([8be2044](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8be20446706c6b2fe911804385f308817495d2d4))
+ - remove unnecessary condition ([c984123](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c984123669a7ba7b8d1dc168db8e130ee52bbb1e))
+ - remove unused mailbox macros ([15f49cb](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/15f49cb49d7daf2cd771c80d3dd80ff15874b40b))
+ - resolve integer handling issue ([4e46db4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4e46db40fc86ddc0556c42ba01198d13002fcf14))
+ - use lib/smccc.h macros instead of trusty spd ([0ee07d7](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0ee07d796cece8074eb296415c88872504dee682))
+
+ - **Versal**
+
+ - check smc_fid 23:16 bits ([4a50363](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4a50363aaeaa16edafcff17486006049b30e1e2f))
+ - fix incorrect regbase for PMC IPI ([c4185d5](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c4185d5103080621393edb770a56aa274f9af1a7))
+ - initialize the variable with value 0 in pm code ([cd73d62](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/cd73d62b0e0920ca4e6c4fea7ab65bcbd63e07de))
+ - print proper atf handoff source ([0fe002c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0fe002c9be899f005316ea196ad4c6b08815d482))
+ - replace FPD_MAINCCI* macros ([245d30e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/245d30efe617af68c674b411d63c680dca1c21dd))
+ - sync location based on IPI_ID macros ([92a43bd](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/92a43bdf366502c6919bbd2c8e4f687c51d9738c))
+
+ - **Versal NET**
+
+ - fix irq for IPI0 ([95bbfbc](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/95bbfbc6e0789cba871e2518dba76ff9bf712331))
+ - clear power down bit during wakeup ([5f0f7e4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5f0f7e47e05f98587d424c2162d1ce20af4f588d))
+ - clear power down interrupt status before enable ([2d056db](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2d056db4e4981e0f8a58de0d1e44e46058b308f4))
+ - correct aff level for cpu off ([6ada9dc](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6ada9dc325aaa29e2f4c87575093401197856639))
+ - disable wakeup interrupt during client wakeup ([e663f09](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e663f09b3cc2a3c933191c110557c6ffe5db6d6c))
+ - enable wake interrupt during client suspend ([39fffe5](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/39fffe552fb04028de750e6080d9a8ba46e89b8c))
+ - fix setting power down state ([1f79bdf](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1f79bdfd9ae105135a0192017d6f9368045228e9))
+ - populate gic v3 rdist data statically ([355dc3d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/355dc3d4deacf73a3d354682bcda454e6d13ed66))
+ - resolve misra 10.6 warnings ([8c23775](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8c23775e88bfc4ffa2b0eaf815d4f79992d344e6))
+ - resolve misra rule 20.7 warnings ([21d1966](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/21d1966a23b57425a400730270c8694e37b1a85c))
+ - use spin_lock instead of bakery_lock ([0b3a2cf](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0b3a2cf0226878ad7098cc6cd1a97ade74fd9c38))
+
+ - **ZynqMP**
+
+ - add bitmask for get_op_char API ([ad4b667](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ad4b667d3ba7ece4cf28106aef6f91259b5b06ee))
+ - check return status of pm_get_api_version ([c92ad36](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c92ad369ca3a548ecbf30add110b1561fe416c10))
+ - check smc_fid 23:16 bits ([09b342a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/09b342a9d3aa030bde6d52e39203b9b8c8e6b106))
+ - conditional reservation of memory in DTB ([c52a142](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c52a142b7ceb397b4d66cc90f2bc717acc7263cd))
+ - enable A53 workaround(errata 1530924) ([d8133d7](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d8133d7785969b417cbace293db6393c55844fac))
+ - fix bl31_zynqmp_setup.c coding style ([26ef5c2](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/26ef5c29c62def3a21591dd216180d86063acdb4))
+ - fix DT reserved allocated size ([2c03915](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2c03915322ede112030fcfb8097d4697b92fcc2f))
+ - fix xck24 silicon ID ([f156590](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f156590767d5f80e942fa3f88a9b6a94c13ceb55))
+ - initialize uint32 with value 0U in pm code ([e65584a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e65584a017fadf002d5bdd1e95527c48610a6963))
+ - move EM SMC range to SIP range ([acbae39](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/acbae3998bd829ae4b31ea9da59055e3624991a5))
+ - panic w/o handoff structure in !JTAG ([fbe4dbe](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/fbe4dbeec906038795f72d8f9284a812bd6a852d))
+ - remove redundant api_version check ([d0b58c8](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d0b58c8a9bff3cabfdb59e052ab7eaecfe64b305))
+ - remove unused PLAT_NUM_POWER_DOMAINS ([72c3124](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/72c3124f584609275424bf52a20fd707d4f1af6a))
+ - separate EM from PM SMCs ([a911396](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a9113966c35af281e9c8972b1209646963ff55d0))
+ - update MAX_XLAT_TABLES for DDR memory range ([12446ce](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/12446ce89e351959aebb610eb2e35cdc7eb84d26))
+ - update the conflicting EEMI API IDs ([bcc1348](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/bcc1348b6bb2fcd987c8f047fa9f526f32768258))
+ - with DEBUG=1 move bl31 to DDR range ([2537f07](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2537f0725ee7d8f46bef3e5b49134419b5c3367b))
+
+- **Bootloader Images**
+
+ - **BL31**
+
+ - avoid clearing of argument registers in RESET_TO_BL31 case ([3e14df6](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/3e14df6f63303adb134d525b373ec7f08c1b1dc6))
+
+ - **BL32**
+
+ - **TSP**
+
+ - loop / crash if mmap of region fails ([8c353e0](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8c353e0058e95cfa20c9a760ebd0908a9a9aa1c1))
+ - use verbose for power logs ([3354915](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/3354915fff2ad5f97551c22a44a90f4ff7b7cc9b))
+
+- **Services**
+
+ - **RME**
+
+ - update sample platform attestation token ([19c1dce](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/19c1dcef88cb837abe175b89739e75e27539a561))
+
+ - **TRP**
+
+ - preserve RMI SMC X4 when not used as return ([b96253d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b96253db08383c3edfb417c505c8da6f7b1dbe75))
+
+ - **RMMD**
+
+ - add missing padding to RMM Boot Manifest and initialize it ([dc0ca64](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/dc0ca64e4b6c86090eee025293e7ae7f1fe1cf12))
+
+ - **SPM**
+
+ - **EL3 SPMC**
+
+ - fix coverity scan warnings ([1543d17](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1543d17b9876add1cb89c1f5ffe0e6a129f5809e))
+ - improve bound check for descriptor ([def7590](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/def7590b3e34ff69b297c239cb8948d0bdc9c691))
+ - report execution state in partition info get ([62cd8f3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/62cd8f3147ed7fb146168c59cab3ba0e006210ad))
+
+ - **SPMD**
+
+ - fix build error with spmd ([fd51b21](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/fd51b21573ec2e0d815caecb89cc323aac0fca6d))
+
+- **Libraries**
+
+ - **CPU Support**
+
+ - do not put RAS check before using esb ([9ec2ca2](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/9ec2ca2d453176179f923d7e0fbaac05341ebdc6))
+ - use hint instruction for "tsb csync" ([7a181b7](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/7a181b7d046a710db5238fb37047816636d2bb8a))
+ - workaround for Cortex-A510 erratum 2684597 ([aea4ccf](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/aea4ccf8d9f3eabbc931f0e82df65ffca28c25e5))
+ - workaround for Cortex-A710 erratum 2282622 ([89d85ad](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/89d85ad0aad4fef7f56a9e18968b49e2b843ca9d))
+ - workaround for Cortex-A710 erratum 2768515 ([b87b02c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b87b02cf1d93f2be2113192cd5f1927e33121a80))
+ - workaround for Cortex-A78 erratum 2742426 ([a63332c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a63332c517ac5699644d3e2fbf159d3e35c32549))
+ - workaround for Cortex-A78 erratum 2772019 ([b10afcc](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b10afcce5ff1202e1cd922dbd3c1e5980b478429))
+ - workaround for Cortex-A78 erratum 2779479 ([7d1700c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/7d1700c4d475358539c9a84cb325183c86a06f33))
+ - workaround for Cortex-A78C erratum 1827430 ([672eb21](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/672eb21e26a41657b8146372d4283e794b430c5f))
+ - workaround for Cortex-A78C erratum 1827440 ([b01a59e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b01a59eb2a0456ca3ae6b8d020068ba846f813d4))
+ - workaround for Cortex-A78C erratum 2772121 ([00230e3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/00230e37e3c21fed4a46eeb69dea9d808f8402b4))
+ - workaround for Cortex-A78C erratum 2779484 ([66bf3ba](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/66bf3ba482e46137e19f368f1386436a33eaba74))
+ - workaround for Cortex-X2 erratum 2282622 ([f9c6301](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f9c6301d743405bd91b9a1fe433ce14fa60a830f))
+ - workaround for Cortex-X2 erratum 2768515 ([1cfde82](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1cfde82227558a8cc1792c068bc7a7cdf8feab43))
+ - workaround for Cortex-X3 erratum 2615812 ([c7e698c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c7e698cfdedbe2b1c8212dd71477f289f7644953))
+ - workaround for Neoverse N2 erratum 2743089 ([1ee7c82](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1ee7c8232c153203d104f148a33e6f641d503f96))
+ - workaround for Neoverse V1 errata 2743233 ([f1c3eae](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f1c3eae9e091a63b42eebae8b03d4d470c9c3f75))
+ - workaround for Neoverse V1 errata 2779461 ([2757da0](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2757da06149238041308060e5cb51f0870a02a15))
+ - workaround for Neoverse V1 erratum 2743093 ([31747f0](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/31747f057b13b5934b607b7021139e58a55f7766))
+ - workaround platforms non-arm interconnect ([ab062f0](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ab062f0510d42b2019667e3f4df82a1f57121412))
+
+ - **EL3 Runtime**
+
+ - allow SErrors when executing in EL3 ([1cbe42a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1cbe42a510812a4a4415a26ba46821cad1c04b68))
+ - do not save scr_el3 during EL3 entry ([e61713b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e61713b00715fc988a970687f9bf53418b81b0ca))
+ - restore SPSR/ELR/SCR after esb ([ff1d2ef](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ff1d2ef387f085fdada4a122284b3b044fdde09c))
+
+ - **RAS**
+
+ - do not put RAS check before esb macro ([7d5036b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/7d5036b8ec911d83ede6eb73f1693b6f160d90ed))
+
+ - **FCONF**
+
+ - fix FCONF_ARM_IO_UUID_NUMBER value ([e208f32](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e208f3244b311a23b3e7fa1c03b3e98a6228714a))
+ - make struct fconf_populator static ([40e740d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/40e740dc14e807455d8db99dc758af355aa7fa8f))
+
+ - **OP-TEE**
+
+ - address late comments and fix bad rc ([8d7c80f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8d7c80fa4c5ab17e25d6d82ff0b1e67795e903fb))
+ - return UUID for image loading service ([85ab882](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/85ab88238183be1e27835e14e3588fb73e0f6aa7))
+
+ - **PSCI**
+
+ - do not panic on illegal MPIDR ([8a6d0d2](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8a6d0d262ae03db0a0bedd047a2df6f95e8823f6))
+ - potential array overflow with cpu on ([6632741](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/66327414fb1e3248d443f4eb2835f437625fb92c))
+ - remove unreachable switch/case blocks ([ad27f4b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ad27f4b5d918bbd1feb9a2deed3cb0e2ae39616e))
+ - tighten psci_power_down_wfi behaviour ([695a48b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/695a48b5b4366d1005f8b9a0fc83726914668fb5))
+
+ - **GPT**
+
+ - fix compilation error for gpt_rme.c ([a0d5147](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a0d5147b8282374e107461421bb229272fde924b))
+
+ - **SMCCC**
+
+ - check smc_fid [23:17] bits ([f8a3579](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f8a35797b919d8ea041480bd5eb2a334e7056e0b))
+
+ - **C Standard Library**
+
+ - properly define SCHAR_MIN ([06c01b0](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/06c01b085fb28fcfe26d747da2ba33415dbd52b9))
+ - remove __putchar alias ([28dc825](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/28dc82580e50961f9b76933b20d576a6afc5035c))
+
+ - **Context Management**
+
+ - enable SCXTNUM access ([01cf14d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/01cf14dd41cae9c68cb5e76a815747a0d2a19a4a))
+
+- **Drivers**
+
+ - **Authentication**
+
+ - avoid out-of-bounds read in auth_nvctr() ([abb8f93](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/abb8f936fd0ad085b1966bdc2cddf040ba3865e3))
+ - forbid junk after extensions ([fd37982](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/fd37982a19a4a2911912ce321b9468993a0919ad))
+ - only accept v3 X.509 certificates ([e9e4a2a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e9e4a2a6fd33d8fc21b00cfc9816a3dd3fef47fe))
+ - properly validate X.509 extensions ([f5c5185](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f5c51855d36e399e6e22cc1eb94f6b58e51b3b6d))
+ - reject invalid padding in digests ([f47547b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f47547b35462571636a76b737602e827ae43bc24))
+ - reject junk after certificates ([ca34dbc](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ca34dbc0cdb1c4e1ab62aa4dd195cf9389b9edb7))
+ - reject padding after BIT STRING in signatures ([a8c8c5e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a8c8c5ef2a8f5a27772eb708f2201429dd8d32b2))
+ - require at least one extension to be present ([72460f5](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/72460f50e2437a85ce5229c430931aab8f4a0d5b))
+ - require bit strings to have no unused bits ([8816dbb](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8816dbb3819e626d14e1bb9702f6446cb80e26f0))
+ - use NULL instead of 0 for pointer check ([654b65b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/654b65b36d60a9c08e1d0cd88b35cd7bc2c813af))
+
+ - **mbedTLS**
+
+ - fix mbedtls coverity issues ([a9edc32](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a9edc32c8964ffe047909b4847edd710b5879f35))
+
+ - **Console**
+
+ - correct scopes for console symbols ([03bd481](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/03bd48102b575a9c86eed73866a5f9cd4d03e2d5))
+ - fix crash on spin_unlock with cache disabled ([5fb6946](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5fb6946ad70f5c6e82502a704633bba1dd82e507))
+
+ - **I/O**
+
+ - compare function pointers with NULL ([06d223c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/06d223cb4f54543299b96d40a682e33f9147e192))
+
+ - **MMC**
+
+ - align part config type ([53cbc94](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/53cbc949670877d1b661782ab452f6fac2302ce3))
+ - do not modify r_data in mmc_send_cmd() ([bf78a65](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/bf78a6504254be9bf2cee38828a72f84773d4aa7))
+ - explicitly check operators precedence ([14cda51](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/14cda5168de45bbbcce1a5152140111d4fc8fd21))
+ - remove redundant reset_to_idle call ([bc0a738](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/bc0a73866f3e4f7138892b228eb592be118b40d2))
+
+ - **GUID Partition Tables Support**
+
+ - add missing curly braces ([1290662](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1290662034578b4e52443c79f34dfd7c284c0435))
+ - add U suffix for unsigned numbers ([d1c6c49](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d1c6c495541b6e387179f987acbef274a12c7535))
+
+ - **SCMI**
+
+ - change function prototype to fix gcc error ([f0f2c90](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f0f2c90365d933ee0a160b4bf5723fc303d9ab73))
+ - fix compilation error in scmi base ([7c38934](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/7c3893423d6ba5088f92f4ebdb626285759a1bcd))
+
+ - **UFS**
+
+ - device present (DP) field is set to '1' ([83103d1](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/83103d1264fe3cd7d54f3a89121d6889b4d33980))
+ - flush the entire PRDT ([83ef869](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/83ef8698f9d1477c892cad15b4e48574ed634903))
+ - only allow using one slot ([56db7b8](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/56db7b8b08d5bb350a02e1f794dc6eb02827917f))
+ - poll UCRDY for all commands ([6e57b2f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6e57b2f00e36e63da765e3aa1650b03772999726))
+ - set the PRDT length field properly ([20fdbcf](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/20fdbcf502bd457a4b74ffa9a610d573594f1f6c))
+
+ - **Arm**
+
+ - **Ethos-N**
+
+ - add workaround for erratum 2838783 ([5a89947](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5a89947ab3ef8541b7adb6058af9ef141073043d))
+
+ - **GIC**
+
+ - wrap cache enabled assert under plat_can_cmo ([78fbb0e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/78fbb0ec8372a638b2b2a0276776892141ff43f8))
+
+ - **GICv3**
+
+ - fixed bug in the initialization of GICv3 SGIs/(E)PPIs interrupt priorities ([5d68e89](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5d68e8913ea983b21eb4a1163e6215ff8f8e96e4))
+ - restore scr_el3 after changing it ([1d0d5e4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1d0d5e40206c693e24b0a4de7dbcfc4b79f3138e))
+ - workaround for NVIDIA erratum T241-FABRIC-4 ([a02a45d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a02a45dfef4b02fa363a5f843ba6a0aac52d181f))
+
+ - **RSS**
+
+ - do not consider MHU_ERR_ALREADY_INIT as error ([55a7aa9](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/55a7aa9252acfc9712a914e74bcddefc3a8d6390))
+ - fix msg deserialization bugs in comms ([dda0528](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/dda052851a78fad150b6565ea4bb75644bd37dce))
+ - remove null-terminator from RSS metadata ([85a14bc](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/85a14bc0a9598668c4678f9eda2ba497acba5ced))
+
+ - **NXP**
+
+ - fix fspi coverity issue ([5199b3b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5199b3b93c6ada8dd830f625f77987d3474a6f98))
+ - fix sd secure boot failure ([236ca56](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/236ca5667e8ac82aa53d4e933a78e6ca1ebf456e))
+ - fix tzc380 memory regions config ([07d8e34](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/07d8e34fdd5a81b6fe5f805560be44c1063cea79))
+ - use semicolon instead of comma ([50b8ea1](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/50b8ea115f117e17646d73fe7606bee14bd02630))
+
+ - **NXP Crypto**
+
+ - fix coverity issue ([e492299](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e49229911f4e08e317453883886a113f3332b776))
+ - fix secure boot assert inclusion ([334badb](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/334badb50f3ad55762785a6ba0266c2eb4d93e8e))
+
+ - **DDR**
+
+ - add checking return value ([e83812f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e83812f11a2d725931de88308c5b520d88bcca86))
+ - apply Max CDD values for warm boot ([00bb8c3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/00bb8c37e0fe57ae2126857ce2d2700106a76884))
+ - fix coverity issue ([2d541cb](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2d541cbcbe90217df107e1ac0c4adb76d647b283))
+ - fix underrun coverity issue ([87612ea](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/87612eaefff34548b72fed0d8c93dcf73f9b8c81))
+ - use CDDWW for write to read delay ([fa01056](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/fa0105693c85eacf6eda22eca63f220d304f7768))
+
+ - **ST**
+
+ - **Clock**
+
+ - avoid arithmetics on pointers ([4198fa1](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4198fa1db7297d8385bb6624d4bd475870e5bf12))
+ - give the size for parent_mp13 and dividers_mp13 tables ([ee21709](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ee21709e98a9e0f60a46d79caf5b702a0b7941cc))
+ - remove useless switch ([69a2e32](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/69a2e320b6798ce3cf5cb27bf70e3384cfac3ebb))
+ - use Boolean type for tests ([c3ae7da](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c3ae7da02dd8b358239dde47c3325e333af81056))
+
+ - **Crypto**
+
+ - move flag control into source code ([6a187a0](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6a187a002ee72ef865222870b2ecf99cf4d4efb8))
+ - remove platdata functions ([6b3ca0a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6b3ca0a81723290e2d9b33c406c0e65c1870baa8))
+ - set get_plain_pk_from_asn1() static ([70a422b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/70a422ba83df3f572af1d2931e950feb78592ca3))
+
+ - **GPIO**
+
+ - define shift as uint32_t ([5d942ff](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5d942ff1964131bf33f445f66175fe8211c77e23))
+
+ - **SDMMC2**
+
+ - check transfer size before filling register ([029f81e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/029f81e04c0232843f3e546fa080778a1008a9c5))
+
+ - **ST PMIC**
+
+ - define pmic_regs table size ([3cebeec](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/3cebeec2ae452d33ec0cea322f4ab18137e41631))
+ - enclose macro parameter in parentheses ([be7195d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/be7195d06cb7731fe0d906c6eabe6cb6f39f29b1))
+
+ - **Regulator**
+
+ - enclose macro parameters in parentheses ([91af163](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/91af163cbbfab936e70568998e8b9dcb10203b8e))
+ - explicitly check operators precedence ([68083e7](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/68083e7ad5ded7adbeca147546bbda6c14cab049))
+ - rework for_each_*rdev macros ([6a3ffb5](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6a3ffb53910f136d14ddad5042da01a03e5087c4))
+ - use Boolean type for tests ([9a00daf](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/9a00daf9dd0a25da45a43142ca27126e6e26a622))
+
+ - **USB**
+
+ - replace redundant checks with asserts ([02af589](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/02af589cfa8d8aefaffeef3390e3fb8fdf51978f))
+
+- **Style**
+
+ - correct some typos ([1b491ee](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1b491eead580d7849a45a38f2c6a935a5d8d1160))
+
+- **Miscellaneous**
+
+ - **AArch64**
+
+ - allow build with ARM_ARCH_MINOR=4 ([78f56ee](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/78f56ee71c9ffe7a6ee36268f0fe1f7ca7d01738))
+
+ - **FDT Wrappers**
+
+ - use correct prototypes ([e0c56fd](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e0c56fd71fbd7e8ef307777db8940fb2cf3c9957))
+
+ - **FDTs**
+
+ - **STM32MP1**
+
+ - **STM32MP15**
+
+ - use /omit-if-no-ref/ for spi and i2c ([d480df2](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d480df2116fc0d629d52f654bc218ee36251cb33))
+ - use interrupts-extended for i2c2 ([600c8f7](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/600c8f7d953d466e0ec5fd04bd6ef2e44c9c9125))
+
+ - **PIE**
+
+ - pass `-fpie` to the preprocessor as well ([966660e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/966660ecd0c8a3d6e4d18a5352bb431e71a9a793))
+
+ - **UUID**
+
+ - add missing `#include` directives ([12562af](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/12562af369e897c67aa45bfeb97cd7bb5d500cf6))
+
+ - add missing click dependency ([ff12683](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ff12683e87e44ead813600fac5415e05e7f95700))
+ - add parenthesis for tests in MIN, MAX and CLAMP macros ([8406db1](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8406db14fbba19c25d000eaeab538a0474795da1))
+ - increase BL32 limit ([c2a7612](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c2a76122c88e9ba5de493e1aa765ad170614a31d))
+ - remove old-style declarations ([f4b8470](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f4b8470feee4437fb3984baeee8c61ed91f63f51))
+ - remove useless "return" at void functions ([af4d8c6](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/af4d8c6d505c001ee78ea9dd9d8dd76ba039af9b))
+ - unify fallthrough annotations ([e138400](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e138400d1c19a561eaf9f23b0cadc07226684561))
+
+- **Documentation**
+
+ - add a build.tools.python entry ([4052d95](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4052d9583c850feeb8add29734bda0ef0343c238))
+ - add few missed links for Security Advisories ([43f3a9c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/43f3a9c4d67da76a00f9050e7cfe1333da51ff92))
+ - add plantuml as a dependency ([65982a9](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/65982a94ef113d5d652d8e1a521b219be75fca42))
+ - add readthedocs configuration file ([8a84776](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8a84776340bf4215d235b7b6dc09cf94aed8c6b3))
+ - deprecate plat_convert_pk() in v2.9 ([e0f58c7](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e0f58c7fb685560933e3583cb1dfab8fb2963692))
+ - make required compiler version == rather than >= ([415195c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/415195c03e6e1b3a5335ee242ab4116d2d1ac0b1))
+ - python version must be string ([3aa919e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/3aa919eb278e7e0b23742ea043d79e1b1f1d75c6))
+ - specify python version to 3.10 ([a7773c5](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a7773c590d0319bdf3b4ddc67c7b22180020224b))
+
+- **Build System**
+
+ - add a default value for INVERTED_MEMMAP ([4d32f91](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4d32f9138d61719bbaab57fdd853877a7e06b1cd))
+ - allow lower address access with gcc-12 ([dea23e2](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/dea23e245fb890c6c06eff7d1aed8fffa981fc05))
+ - allow warnings when using lld ([ebac692](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ebac6922d1f6fc16c5d3953dfb512553001dcdd3))
+ - partially fix qemu aarch32 build ([c68736d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c68736dab5631af3d9a1d33cb911e90e67e8ee34))
+
+- **Tools**
+
+ - **NXP Tools**
+
+ - fix coverity issue ([4fa0f09](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4fa0f097399c7d396bc14a6692476ada6981c458))
+
+ - **Secure Partition Tool**
+
+ - add dependency to SP image ([4daeaf3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4daeaf341a347a60fd481fb4a1530f18f8e4c058))
+
+ - **Certificate Creation Tool**
+
+ - change WARN to VERBOSE ([76a85cf](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/76a85cfa0ab5e7093ad18601b7e73a1e425d8025))
+
+- **Dependencies**
+
+ - add missing aeabi_memset.S ([bdedee5](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/bdedee5a0f156d05eb62c704e702bfd1c506dc5d))
+
+### New Features
+
+- **Architecture**
+
+ - **Extended Translation Control Register (FEAT_TCR2).**
+
+ - add FEAT_TCR2 to the changelog ([a366640](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a366640cf22d7d0e610564f81e189f6037ff9473))
+ - support FEAT_TCR2 ([d333160](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d3331603664ca7d4ab1510df09e722e6ffb1df29))
+
+ - **CPU feature / ID register handling in general**
+
+ - enable FEAT_SME for FEAT_STATE_CHECKED ([45007ac](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/45007acd46981b9f289f03b283eb53e7ba37bb67))
+ - enable FEAT_SVE for FEAT_STATE_CHECKED ([2b0bc4e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2b0bc4e028a75d75c6d6942ddd404ef331db29be))
+ - extend check_feature() to deal with min/max ([a4cccb4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a4cccb4f6cbbb35d12bd5f8779f3c6d8d762619c))
+
+ - **Guarded Control Stack (FEAT_GCS)**
+
+ - support guarded control stack ([688ab57](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/688ab57b9349adb19277d88f2469ceeadb8ba083))
+
+ - **Support for the `HCRX_EL2` register (FEAT_HCX)**
+
+ - initialize HCRX_EL2 to its default value ([ddb615b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ddb615b419074727ac0a1430cf0f88bd018ac8df))
+
+ - **Scalable Matrix Extension (FEAT_SME, FEAT_SME2)**
+
+ - enable SME2 functionality for NS world ([03d3c0d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/03d3c0d729e24713d657209bedf74d255550babb))
+
+- **Platforms**
+
+ - **Allwinner**
+
+ - add extra CPU control registers ([b15e2cd](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b15e2cda14b3ffddebd8b40cc5c31c1c0e9cbf0d))
+ - add function to detect H616 die variant ([fbde260](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/fbde260b11171f0f67afbc631e22fe26366ff448))
+ - add support for Allwinner T507 SoC ([018c1d8](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/018c1d878fbfd696ebeda52b5188e4658b87bf75))
+
+ - **Arm**
+
+ - add ARM_ROTPK_LOCATION variant full key ([5f89928](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5f899286eac994b8337959ad924a43c1a4a543c9))
+ - carveout DRAM1 area for Event Log ([6b2e961](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6b2e961fb1428c3fe213c524164a00fcaee495c4))
+
+ - **FVP**
+
+ - add Event Log maximum size property in DT ([1cf3e2f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1cf3e2f0a8eb0d6324ce3db68dd5c78bdb690a8a))
+ - copy the Event Log to TZC secured DRAM area ([191aa5d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/191aa5d3fc793c5c4cd8960d1ef7b95010cc9d87))
+ - define ns memory in the SPMC manifest ([7f28179](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/7f28179a46b40ede461326dd329eb832c0d72b0d))
+ - emulate trapped RNDR ([1ae7552](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1ae75529bc2e5a213c3e458898c219c34aa99f65))
+ - enable errata management interface ([d3bed15](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d3bed15851a1b35b2608f7275f1294c8d4f7aee7))
+ - enable FEAT_FGT by default ([15107da](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/15107daad6b83b4ee1edfebf420b6779a054318e))
+ - enable FEAT_HCX by default ([2e12418](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2e1241888ee82a5a9b3b30acd83a1f4ea6732f1b))
+ - enable support for PSCI OS-initiated mode ([e75cc24](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e75cc247c744d21e52f834a442bf1c26d0ab6161))
+ - increase BL1_RW and BL2 size ([dbb9c1f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/dbb9c1f5b69134ca43c944d84b413331a64fba15))
+ - introduce PLATFORM_TEST_EA_FFH config ([fe38cc6](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/fe38cc68975b23084b4ba512254926941c865a07))
+ - introduce PLATFORM_TEST_RAS_FFH config ([5602ce1](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5602ce1d8db3256a7766776cb908b1f716c2d463))
+ - update device tree with load addresses of TOS_FW config ([1779762](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/177976286e347acd905d8082f31c201b9900d28e))
+
+ - **Juno**
+
+ - support ARM_IO_IN_DTB option for Juno ([2fad320](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2fad320f5623edcdd23297ab57c4b9b0b0ef872c))
+
+ - **Morello**
+
+ - add GPU DT node ([cd94c3d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/cd94c3d6ad5e738c2583486b7a973bd8e516089b))
+ - add support for HW_CONFIG ([be79071](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/be79071ef73b4b08cca310ec7e7d915faea8f036))
+ - implement methods to retrieve soc-id information ([cc266bc](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/cc266bcd8c0a1d839151b69436fdf2c1ad07b0a1))
+
+ - **RD**
+
+ - **RD-N2**
+
+ - add platform id value for rdn2 variant 3 ([028c619](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/028c6190d9f3d892a84b5b9cbfdbbab808a73acb))
+
+ - **TC**
+
+ - enable MPAM functionality of L3 DSU cache ([b45ec8c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b45ec8cea483a38e358146b99205504ff7f98001))
+ - add delegated attest and measurement tests ([25dd217](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/25dd2172ae564c74b7e8b42aa96d5ee9a865ec75))
+ - allow secure watchdog timer to trigger periodically ([28b2d86](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/28b2d86cd28ffc54c6272defcd6f123a925012f1))
+ - use smmu 700 ([ed80eab](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ed80eab6a686ce1042300cfbdb90e13366aa08d4))
+
+ - **Intel**
+
+ - extending to support SMMU in FCS ([4687021](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4687021d2eedea880ad8596b32e85da72f8cba02))
+ - fix bridge disable and reset ([9ce8251](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/9ce82519c65f0dd93d2673ebb967d02f52b19a04))
+ - implement timer init divider via CPU frequency for N5X ([02a9d70](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/02a9d70c4deaa2102386611ac6b305838003148d))
+ - setup FPGA interface for Agilex ([3905f57](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/3905f57134853f47f6e859b8b6322a7dbbfc49f7))
+
+ - **MediaTek**
+
+ - add APU init flow ([5243091](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5243091633b8fe8057cec176ac31adb72fdf3506))
+ - add new features of LPM ([917abdd](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/917abdd99012d01ef4fa804ecec1503bef68ed9b))
+ - add SiP service for OP-TEE ([621eaab](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/621eaab5cc3c9d98783700b7515b1da118b3d21c))
+ - add SMC handler for EMI MPU ([c842cc0](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c842cc0e5d1432a681cbddce62a852ff282169ae))
+ - add SPM's SSPM notifier ([c234ad1](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c234ad17d7d7278e1afa0f416982bb0f60a04dcf))
+
+ - **MT8188**
+
+ - add apu power on/off control ([8e38b92](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8e38b928490516d308bdceebc4ad032852bf2716))
+ - add MT8188 SPM debug logs ([f85b34b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f85b34b112eec006c14afab0eadbd45d1b0d0e7e))
+ - add MT8188 SPM support ([45d5075](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/45d507599e213f8f3a26502c3ca8de6b1cfdc611))
+ - add SPM feature support ([f299efb](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f299efbea685aa8075ec4d6d0f70d189cce3ee07))
+ - add the register definitions accessed by SPM ([1a64689](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1a64689df5e7bf78aa8724c1d75f414ea62750eb))
+ - enable SPM and LPM ([380f64b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/380f64b2e39c60cb9a1f751b25cbce11c5e03e20))
+ - keep infra and peri on when system suspend ([e56a939](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e56a939cabb5ae0fe967c19ddacf97304c563f37))
+ - update INFRA IOMMU enable flow ([98415e1](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/98415e1a80ca025a000241cf3fc175272890c0e8))
+
+ - **MT8195**
+
+ - add support for SMC from OP-TEE ([ccc61e1](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ccc61e10029b8ddfcb5cb65201862a18ebbc953d))
+
+ - **NVIDIA**
+
+ - **Tegra**
+
+ - implement 'pwr_domain_off_early' handler ([96d07af](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/96d07af402a5d191b7d1200a75c1b206f21cc395))
+
+ - **NXP**
+
+ - **i.MX**
+
+ - **i.MX 8M**
+
+ - add more dram pll setting ([4234b90](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4234b902ae37ca05640888e31405ec97c8cde316))
+ - fix the ddr4 dvfs random hang on imx8m ([093888c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/093888caaf54cbfe38d4b68406d98fbcf5c7d81f))
+ - update the ddr4 dvfs flow to include ddr3l support ([0e39488](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0e39488ff3f2edac04d7f5acb58d9a22baa3a69e))
+ - use non-fast wakeup stop mode for system suspend ([ef4e5f0](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ef4e5f0f105f184f02ad4d1cc17cecec9b45502a))
+
+ - **i.MX 8Q**
+
+ - add anamix pll override setting for DSM mode ([387a1df](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/387a1df18e0b5bf1d305c72df284b1b89f3c1cd3))
+ - add BL31 PIE support ([8cfa94b](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8cfa94b7a7fc398cc0ea803891f6277065bb7575))
+ - add the dram retention support for imx8mq ([dd108c3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/dd108c3c1fe3f958a38ae255e57b41e5453d077f))
+ - add version for B2 ([99475c5](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/99475c5dcc14123dda51bda32d21753f0b4c357d))
+ - add workaround code for ERR11171 on imx8mq ([88a2646](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/88a264657fad2f71369fec4b53478e8a595d10e9))
+ - always set up console ([36be108](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/36be10861e851e7e4df06bb08aab60d8e878d2b2))
+ - correct the slot ack setting for STOP mode ([724ac3e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/724ac3e2c23441d11f642f2ae91c8a8834ea179f))
+ - enable dram dvfs support on imx8mq ([8962bdd](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8962bdd603508f649fd7a332e580c0e456ccc0ad))
+ - make IMX_BOOT_UART_BASE configurable via build parameter ([202737e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/202737efda85b2ea61934123b8ffa492f5dc3679))
+ - remove empty bl31_plat_runtime_setup ([7698dba](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/7698dbab96072881e0912322db5036529bf8553c))
+
+ - **i.MX 8**
+
+ - add support for debug uart on lpuart1 ([8406447](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8406447f13c65fe93aab7ed641b7e8fe3eb47a0b))
+
+ - **Layerscape**
+
+ - **LX2**
+
+ - enable OCRAM ECC ([e8faff3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e8faff3da962ce112e32d8f1fdb8155e078eae75))
+ - support more variants ([c07f5e9](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c07f5e9e50959a3667e5a96ac808d1d16bb72698))
+
+ - **QEMU**
+
+ - add "neoverse-n1" cpu support ([226f4c8](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/226f4c8e35c4441e80ad523b9105eab4ca630396))
+ - add A76/N1 cpu support for virt ([6b66693](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6b66693685f828a51c7f78bfa402d6b192169a6d))
+ - combine TF-A artefacts into ROM file ([63bb905](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/63bb90569792893a4e7401004c23cde488fda0cc))
+ - increase max cpus per cluster to 16 ([73a7aca](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/73a7aca2a53d4dbb62909c5741830eee9eac5ee8))
+ - increase size of bl2 ([db2bf3a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/db2bf3ac193f66f365b962b911e7bb2ffbde0a25))
+ - make coherent memory section optional ([af994ae](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/af994ae8a089ead6082ca82036d30074f554ed52))
+ - support el3 spmc ([302f053](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/302f05354f5aab340c315e0d04915367c65c6b27))
+ - support pointer authentication ([cffc956](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/cffc956edf3a14508ed5740c1ed093326ca67e72))
+ - support s-el2 spmc ([36802e2](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/36802e2c792f79ab630b53298dfd4f1e5a95d173))
+ - update abi between spmd and spmc ([25ae7ad](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/25ae7ad1878244f78206cc7c91f7bdbd267331a1))
+
+ - **QTI**
+
+ - **SC7280**
+
+ - add support for PSCI_OS_INIT_MODE ([e528bbe](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e528bbec74af359714203c7f8d356074733ea9cd))
+
+ - **MSM8916**
+
+ - expose more timer frames ([1781bf1](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1781bf1c40594e3a3f36404da793d5c7a6bca533))
+
+ - **ST**
+
+ - mandate dtc version 1.4.7 ([38ac8bb](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/38ac8bbbe450343e8545a44f370ff9da57cbed26))
+
+ - **STM32MP1**
+
+ - add mbedtls-3.3 support config ([c9498c8](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c9498c8f56387ad23530dcc6e57940d2b118d907))
+
+ - **Texas Instruments**
+
+ - add PSCI system_off support ([0bdef26](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0bdef264c2bd356e2a89fc5ac7c438694618d272))
+ - add sub and patch version number support ([852378f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/852378fd60d8cc536799639774f1e4ffe124131d))
+ - disable L2 dataless UniqueClean evictions ([10d5cf1](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/10d5cf1b26f03d61a90cdcff5163965fa48e291c))
+ - do not handle EAs in EL3 ([2fcd408](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2fcd408bb3a6756767a43c073c597cef06e7f2d5))
+ - set L2 cache data ram latency on A72 cores to 4 cycles ([aee2f33](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/aee2f33a675891f660fc0d06e739ce85f3472075))
+ - set L2 cache ECC and and parity on A72 cores ([81858a3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/81858a353f8e45f5cc57ce855188043b1745ea08))
+ - set snoop-delayed exclusive handling on A72 cores ([5668db7](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5668db72b724dc256d9b300f6938a08625624a48))
+ - synchronize access to secure proxy threads ([312eec3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/312eec3ecde9837f61fc0d7b46b4197ec2257ee7))
+
+ - **Xilinx**
+
+ - add device node indexes ([407eb6f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/407eb6fda06d7be034dc7f1c537183f64126f074))
+ - sync copyright format ([2774965](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/27749653c7dbea1bd5b34a39085bc7cb12d46501))
+
+ - **Versal**
+
+ - replace irq array with switch case ([0ec6c31](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0ec6c31320c6d86e89dce8775af2bbdfa7a302fa))
+ - switch to xlat_v2 ([0e9f54e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0e9f54e5bb7f4b44bca9c63cce37913070fea23a))
+
+ - **Versal NET**
+
+ - add jtag dcc support ([30e8bc3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/30e8bc365c1007da97f93c71e5fa16b6be56b679))
+ - add support for set wakeup source ([c38d90f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c38d90f7964ddf186f4cbaad6da91dd0a44627e3))
+ - add support for uart1 console ([2f1b4c5](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2f1b4c55502262dba0ccd147f87cdb38cf4131f2))
+
+ - **ZynqMP**
+
+ - add hooks for custom runtime setup ([88a8938](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/88a8938e62989b7319b20c46c046aa8845852ce9))
+ - add hooks for mmap and early setup ([7013400](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/70134000842cbc7c052031dd453bdec8f4cb73f1))
+ - add SMCCC_ARCH_SOC_ID support ([8f9ba3f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8f9ba3f344545740fc44e90fb8322c7728ae94ec))
+ - add support for custom sip service ([496d708](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/496d708154d893fb9f412390acd433337faccecc))
+ - build pm code as library ([3af2ee9](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/3af2ee906842378ee91f07aa4ea5565cd1a0f8c2))
+ - bump up version of query_data API ([aaf5ce7](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/aaf5ce77fb22f54a8ca7bc8d3be6172dacbfc0c1))
+ - make stack size configurable ([5753665](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/57536653e62765f9529d045b118ad881369bc73a))
+
+- **Services**
+
+ - **RME**
+
+ - read DRAM information from FVP DTB ([8268590](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/826859049859a5bd88e142695e10a559d85721c1))
+ - set DRAM information in Boot Manifest platform data ([a97bfa5](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a97bfa5ff18b2682e3b9c528cbd5fb16ceec3393))
+
+ - **RMM**
+
+ - add support for the 2nd DRAM bank ([346cfe2](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/346cfe2b46a83bc9e6656f43ec55a196503b154a))
+
+ - **SPM**
+
+ - **EL3 SPMC**
+
+ - make platform logical partition optional ([555677f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/555677fe81c5e1888254ac36acb0a02b3850dc46))
+
+ - **SPMD**
+
+ - add support for FFA_EL3_INTR_HANDLE_32 ABI ([6671b3d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6671b3d8224a8c4c3fea7cbe66b56945c432393f))
+ - copy tos_fw_config in secure region ([0cea2ae](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0cea2ae07db089e60322677021da4743a084f9ca))
+ - fail safe if SPM fails to initialize ([0d33649](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0d33649e3e2a21def73327522b9861b4619fc5c2))
+ - introduce FFA_PARTITION_INFO_GET_REGS ([eaaf517](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/eaaf517cd1bd8c9d5e3e6d2d202a69a0cbcb45bf))
+ - introduce platform handler for Group0 interrupt ([f0b64e5](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f0b64e507e9105813d9a5d16f70101cf0d8ca5a4))
+ - map SPMC manifest region as EL3_PAS ([8c829a9](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8c829a9240109dd7a66a3c26f734f23477b12551))
+ - register handler for group0 interrupt from NWd ([a1e0e87](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a1e0e871f10201a9dbdc1dadfd27904888246adc))
+
+ - **ERRATA_ABI**
+
+ - errata management firmware interface ([ffea384](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ffea3844c00daf8dee466840a4932cac04b3eb57))
+
+- **Libraries**
+
+ - **CPU Support**
+
+ - add support for blackhawk cpu ([6578343](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6578343bb2aab6ec5ae309097047a83445aa12da))
+ - add support for chaberton cpu ([516a52f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/516a52f6f5cda6acb311ffd6e8fb77f2e09c1357))
+
+ - **EL3 Runtime**
+
+ - handle traps for IMPDEF registers accesses ([0ed3be6](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0ed3be6fc2c8d275862959d1ee6a0354cc01ad5d))
+ - introduce system register trap handler ([ccd81f1](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ccd81f1e097c3eafe38523110c8eebabbe662508))
+
+ - **FCONF**
+
+ - rename 'ns-load-address' to 'secondary-load-address' ([05e5503](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/05e550302103a527b9f8d3869942c203c7b2dd65))
+
+ - **OP-TEE**
+
+ - add device tree for coreboot table ([f4bbf43](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f4bbf435554e87de31c0a70039aa03b19962aaea))
+ - add loading OP-TEE image via an SMC ([05c69cf](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/05c69cf75edf53478e23fce157fea72372b49597))
+
+ - **PSCI**
+
+ - add support for OS-initiated mode ([606b743](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/606b7430077c15695a5b3bcfbad4975f00c9bf95))
+ - add support for PSCI_SET_SUSPEND_MODE ([b88a441](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b88a4416b5e5f2bda2240c632ba79e15a9a75c45))
+ - introduce 'pwr_domain_off_early' hook ([6cf4ae9](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6cf4ae979a5f8be23927b97ecfe789dabcb53dbd))
+ - update PSCI_FEATURES ([9a70e69](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/9a70e69e059863d7aec11883e6345b54058264e0))
+
+ - **C Standard Library**
+
+ - add %c to printf/snprintf ([44d9706](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/44d9706e5428d8e3588d04565c7cd738ffc1e472))
+ - add support for fallthrough statement ([023f1be](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/023f1bed1dde23564e3b66a99c4a45b09e38992b))
+
+ - **PSA**
+
+ - add read_measurement API ([6d0525a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6d0525aafe17e7affb0f71e86a5121989c150c42))
+ - interface with RSS for NV counters ([8374508](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8374508b00909cdffbe6233cf8fddcb49924faed))
+
+- **Drivers**
+
+ - **Authentication**
+
+ - compare platform and certificate ROTPK for authentication ([f1e693a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f1e693a77548950cfffcb1d5a4b67cf349e0aed9))
+
+ - **mbedTLS**
+
+ - add support for mbedtls-3.3 ([51e0615](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/51e061591bbf13af2486c3bb5f37ed609578d145))
+
+ - **UFS**
+
+ - adds timeout and error handling ([2c5bce3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2c5bce3833848dac4fbb2ae19be418145e68c8a1))
+
+ - **Arm**
+
+ - **Ethos-N**
+
+ - add check for NPU in SiP setup ([a2cdbb1](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a2cdbb1df088cde410aea1d5989dfc500aaf7939))
+ - add event and aux control support ([7820777](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/7820777fa3c8ca454ab40d5d8a8ba0e311bbb6f9))
+ - add multiple asset allocators ([8a921e3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8a921e354575cd16aaa6f2f5a2aeaaaea35ab886))
+ - add NPU firmware validation ([313b776](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/313b776f851ed184abb265df2b6269fe78f48ecd))
+ - add NPU sleeping SMC call ([2a2e3e8](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2a2e3e87706b56fd1b8e787d3a552cfc12725934))
+ - add NPU support in fiptool ([c91b08c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c91b08c8a44aafac4f72c64aa8d4777b8c73647e))
+ - add protected NPU firmware setup ([6dcf3e7](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6dcf3e774457cf00b91abda715adfbefce822877))
+ - add protected NPU TZMP1 regions ([d77c11e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d77c11e896e04be93caa4a56e50646af6806843f))
+ - add reserved memory address support ([a19a024](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a19a0241a6f1573e11d4d747dabb756d15ac4801))
+ - add reset type to reset SMC calls ([fa37d30](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/fa37d30856fef6742bd82e4e0a3252a4d0b9e091))
+ - add separate RO and RW NSAIDs ([986c4e9](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/986c4e991ace5cb40bed35145184e66863c47152))
+ - add SMC call to get FW properties ([e9812dd](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e9812ddca6e72c0501ef1e84753f335dcafb74cd))
+ - add stream extends and attr support ([e64abe7](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e64abe7bdaeed99093ae5b4aab8956a04ff4075a))
+ - add support for NPU to cert_create ([f309607](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f309607229e049a6ff9cbc858efa4dd0c0b921b8))
+ - add support to set up NSAID ([70a296e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/70a296ee8641802dc60754aec5b18d8347820a5c))
+ - load NPU firmware at BL2 ([33bcaed](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/33bcaed1211ab27968433b546979687bc1182630))
+
+ - **GIC**
+
+ - **GICv3**
+
+ - enlarge the range for intr_num of structure interrupt_prop_t ([d5eee8f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d5eee8f3fbf53fce84c979e68433a27c93e3e96b))
+
+ - **RSS**
+
+ - add TC platform UUIDs for RSS images ([6ef63af](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6ef63af65f55e9402e4cdc534928faceb9c6e003))
+
+ - **SBSA**
+
+ - helper api for refreshing watchdog timer ([e8166d3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e8166d3e5937b8db43921b5049672b16af7f58e0))
+
+- **Miscellaneous**
+
+ - **AArch64**
+
+ - make ID system register reads non-volatile ([c2fb8ef](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/c2fb8ef66ccc8222c70ab802cdaf29f1592cbbb6))
+
+ - **FDTs**
+
+ - **STM32MP1**
+
+ - use /omit-if-no-ref/ for pins nodes ([0aae96c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0aae96cfb9ef826d207f2d18d4a9f21fa1a5dee7))
+
+ - **STM32MP15**
+
+ - add support for prtt1x board family ([3812ceb](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/3812ceba8fcd682faeed6e71190a848771fd2022))
+
+ - **PIE/POR**
+
+ - support permission indirection and overlay ([062b6c6](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/062b6c6bf23f9656332b0aa3fed59c15f34f9361))
+
+- **Documentation**
+
+ - allow verbose build ([f771a34](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f771a3446356d92c6c27df5c4f3bb07a2561b36b))
+
+- **Build System**
+
+ - add support for new binutils versions ([1f49db5](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1f49db5f25cdd4e43825c9bcc0575070b80f628c))
+ - allow additional CFLAGS for library build ([5a65fcd](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5a65fcd5f9c67baa681f664e4596760ca1f2606a))
+
+ - **Git Hooks**
+
+ - add pre-commit hook ([cf9346c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/cf9346cb83804feb083b56a668eb0a462983e038))
+
+ - add support for poetry ([793f72c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/793f72c06ca1c2782f800c9f20980ca6b7870072))
+
+- **Tools**
+
+ - **Firmware Image Package Tool**
+
+ - handle FIP in a disk partition ([06e69f7](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/06e69f7c94637c693ea5eb26038096c196d10f07))
+
+- **Dependencies**
+
+ - **Compiler runtime libraries**
+
+ - update source files ([658ce7a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/658ce7ad8eceb40741cd40f1639a6d923f922fad))
+
## [2.8.0](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/tags/v2.7.0..refs/tags/v2.8.0) (2022-11-15)
### ⚠ BREAKING CHANGES
@@ -3580,7 +4598,7 @@
- Platforms
- Arm
- - Fixed missing copyrights in arm-gic.h file
+ - Fixed missing copyrights in Arm-gic.h file
- Fixed the order of header files in several dts files
- Fixed error message printing in board makefile
- Fixed bug of overriding the last node in image load helper API
@@ -6842,7 +7860,7 @@
______________________________________________________________________
-*Copyright (c) 2013-2022, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.*
[mbed tls releases]: https://tls.mbed.org/tech-updates/releases
[pr#1002]: https://github.com/ARM-software/arm-trusted-firmware/pull/1002#issuecomment-312650193
diff --git a/docs/components/rmm-el3-comms-spec.rst b/docs/components/rmm-el3-comms-spec.rst
index 6b57c0e..009ac28 100644
--- a/docs/components/rmm-el3-comms-spec.rst
+++ b/docs/components/rmm-el3-comms-spec.rst
@@ -52,7 +52,7 @@
- ``RES0``: Bit 31 of the version number is reserved 0 as to maintain
consistency with the versioning schemes used in other parts of RMM.
-This document specifies the 0.1 version of Boot Interface ABI and RMM-EL3
+This document specifies the 0.2 version of Boot Interface ABI and RMM-EL3
services specification and the 0.2 version of the Boot Manifest.
.. _rmm_el3_boot_interface:
@@ -503,6 +503,10 @@
and it is the responsibility of RMM to preserve this or use this as a return argument.
EL3 will always copy x0-x4 from Realm context to NS Context.
+EL3 must save and restore the following as part of world switch:
+ #. EL2 system registers with the exception of ``zcr_el2`` register.
+ #. PAuth key registers (APIA, APIB, APDA, APDB, APGA).
+
EL3 will not save some registers as mentioned in the below list. It is the
responsibility of RMM to ensure that these are appropriately saved if the
Realm World makes use of them:
@@ -510,10 +514,11 @@
#. FP/SIMD registers
#. SVE registers
#. SME registers
- #. EL1/0 registers
+ #. EL1/0 registers with the exception of PAuth key registers as mentioned above.
+ #. zcr_el2 register.
-It is the responsibility of EL3 that any other registers other than the ones mentioned above
-will not be leaked to the NS Host and to maintain the confidentiality of the Realm World.
+It is essential that EL3 honors this contract to maintain the Confidentiality and integrity
+of the Realm world.
SMCCC v1.3 allows NS world to specify whether SVE context is in use. In this
case, RMM could choose to not save the incoming SVE context but must ensure
diff --git a/docs/components/secure-partition-manager.rst b/docs/components/secure-partition-manager.rst
index 8dc1c61..d4f0b00 100644
--- a/docs/components/secure-partition-manager.rst
+++ b/docs/components/secure-partition-manager.rst
@@ -203,6 +203,7 @@
Sample TF-A build command line when FEAT_SEL2 architecture extension is
implemented and the SPMC is located at S-EL2:
+
.. code:: shell
make \
@@ -220,6 +221,7 @@
Sample TF-A build command line when FEAT_SEL2 architecture extension is
implemented, the SPMC is located at S-EL2, and enabling secure boot:
+
.. code:: shell
make \
@@ -461,8 +463,15 @@
- *cpus* node provide the platform topology and allows MPIDR to VMPIDR mapping.
Note the primary core is declared first, then secondary cores are declared
in reverse order.
-- The *memory* node provides platform information on the ranges of memory
- available to the SPMC.
+- The *memory* nodes provide platform information on the ranges of memory
+ available for use by SPs at runtime. These ranges relate to either
+ secure or non-secure memory, depending on the *device_type* field.
+ If the field specifies "memory" the range is secure, else if it specifies
+ "ns-memory" the memory is non-secure. The system integrator must exclude
+ the memory used by other components that are not SPs, such as the monitor,
+ or the SPMC itself, the OS Kernel/Hypervisor, or other NWd VMs. The SPMC
+ limits the SP's address space such that they do not access memory outside
+ of those ranges.
SPMC boot
~~~~~~~~~
@@ -562,7 +571,12 @@
- Memory regions are mapped in the SP EL1&0 Stage-2 translation regime at
load time (or EL1&0 Stage-1 for an S-EL1 SPMC). A memory region node can
specify RX/TX buffer regions in which case it is not necessary for an SP
- to explicitly invoke the ``FFA_RXTX_MAP`` interface.
+ to explicitly invoke the ``FFA_RXTX_MAP`` interface. The memory referred
+ shall be contained within the memory ranges defined in SPMC manifest. The
+ NS bit in the attributes field should be consistent with the security
+ state of the range that it relates to. I.e. non-secure memory shall be
+ part of a non-secure memory range, and secure memory shall be contained
+ in a secure memory range of a given platform.
- Device regions are mapped in the SP EL1&0 Stage-2 translation regime (or
EL1&0 Stage-1 for an S-EL1 SPMC) as peripherals and possibly allocate
additional resources (e.g. interrupts).
@@ -1029,6 +1043,68 @@
This is used in particular to convey power management messages.
+Memory Sharing
+--------------
+
+Hafnium implements the following memory sharing interfaces:
+
+ - ``FFA_MEM_SHARE`` - for shared access between lender and borrower.
+ - ``FFA_MEM_LEND`` - borrower to obtain exclusive access, though lender
+ retains ownership of the memory.
+ - ``FFA_MEM_DONATE`` - lender permanently relinquishes ownership of memory
+ to the borrower.
+
+The ``FFA_MEM_RETRIEVE_REQ`` interface is for the borrower to request the
+memory to be mapped into its address space: for S-EL1 partitions the SPM updates
+their stage 2 translation regime; for S-EL0 partitions the SPM updates their
+stage 1 translation regime. On a successful call, the SPMC responds back with
+``FFA_MEM_RETRIEVE_RESP``.
+
+The ``FFA_MEM_RELINQUISH`` interface is for when the borrower is done with using
+a memory region.
+
+The ``FFA_MEM_RECLAIM`` interface is for the owner of the memory to reestablish
+its ownership and exclusive access to the memory shared.
+
+The memory transaction descriptors are transmitted via RX/TX buffers. In
+situations where the size of the memory transaction descriptor exceeds the
+size of the RX/TX buffers, Hafnium provides support for fragmented transmission
+of the full transaction descriptor. The ``FFA_MEM_FRAG_RX`` and ``FFA_MEM_FRAG_TX``
+interfaces are for receiving and transmitting the next fragment, respectively.
+
+If lender and borrower(s) are SPs, all memory sharing operations are supported.
+
+Hafnium also supports memory sharing operations between the normal world and the
+secure world. If there is an SP involved, the SPMC allocates data to track the
+state of the operation.
+
+The SPMC is also the designated allocator for the memory handle. The hypervisor
+or OS kernel has the possibility to rely on the SPMC to maintain the state
+of the operation, thus saving memory.
+A lender SP can only donate NS memory to a borrower from the normal world.
+
+The SPMC supports the hypervisor retrieve request, as defined by the FF-A
+v1.1 EAC0 specification, in section 16.4.3. The intent is to aid with operations
+that the hypervisor must do for a VM retriever. For example, when handling
+an FFA_MEM_RECLAIM, if the hypervisor relies on SPMC to keep the state
+of the operation, the hypervisor retrieve request can be used to obtain
+that state information, do the necessary validations, and update stage 2
+memory translation.
+
+Hafnium also supports memory lend and share targetting multiple borrowers.
+This is the case for a lender SP to multiple SPs, and for a lender VM to
+multiple endpoints (from both secure world and normal world). If there is
+at least one borrower VM, the hypervisor is in charge of managing its
+stage 2 translation on a successful memory retrieve.
+The semantics of ``FFA_MEM_DONATE`` implies ownership transmission,
+which should target only one partition.
+
+The memory share interfaces are backwards compatible with memory transaction
+descriptors from FF-A v1.0. These get translated to FF-A v1.1 descriptors for
+Hafnium's internal processing of the operation. If the FF-A version of a
+borrower is v1.0, Hafnium provides FF-A v1.0 compliant memory transaction
+descriptors on memory retrieve response.
+
PE MMU configuration
--------------------
diff --git a/docs/design/firmware-design.rst b/docs/design/firmware-design.rst
index 2c9b76a..8ac1c3e 100644
--- a/docs/design/firmware-design.rst
+++ b/docs/design/firmware-design.rst
@@ -25,12 +25,12 @@
:ref:`Translation (XLAT) Tables Library`.
TF-A can be built to support either AArch64 or AArch32 execution state.
-.. note::
- The descriptions in this chapter are for the Arm TrustZone architecture.
- For changes to the firmware design for the
- `Arm Confidential Compute Architecture (Arm CCA)`_ please refer to the
- chapter :ref:`Realm Management Extension (RME)`.
+.. note::
+ The descriptions in this chapter are for the Arm TrustZone architecture.
+ For changes to the firmware design for the `Arm Confidential Compute
+ Architecture (Arm CCA)`_ please refer to the chapter :ref:`Realm Management
+ Extension (RME)`.
Cold boot
---------
@@ -2622,16 +2622,29 @@
section lists the usage of Architecture Extensions, and build flags
controlling them.
+Build options
+~~~~~~~~~~~~~
+
+``ARM_ARCH_MAJOR`` and ``ARM_ARCH_MINOR``
+
-In general, and unless individually mentioned, the build options
-``ARM_ARCH_MAJOR`` and ``ARM_ARCH_MINOR`` select the Architecture Extension to
-target when building TF-A. Subsequent Arm Architecture Extensions are backward
-compatible with previous versions.
+These build options serve dual purpose
+
+- Determine the architecture extension support in TF-A build: All the mandatory
+ architectural features up to ``ARM_ARCH_MAJOR.ARM_ARCH_MINOR`` are included
+ and unconditionally enabled by TF-A build system.
+
+- Passed to compiler via "-march" option to generate binary target : Tell the
+ compiler to emit instructions upto ``ARM_ARCH_MAJOR.ARM_ARCH_MINOR``
+
+The build system requires that the platform provides a valid numeric value based on
+CPU architecture extension, otherwise it defaults to base Armv8.0-A architecture.
+Subsequent Arm Architecture versions also support extensions which were introduced
+in previous versions.
-The build system only requires that ``ARM_ARCH_MAJOR`` and ``ARM_ARCH_MINOR`` have a
-valid numeric value. These build options only control whether or not
-Architecture Extension-specific code is included in the build. Otherwise, TF-A
-targets the base Armv8.0-A architecture; i.e. as if ``ARM_ARCH_MAJOR`` == 8
-and ``ARM_ARCH_MINOR`` == 0, which are also their respective default values.
+**TO-DO** : Its planned to decouple the two functionalities and introduce a new macro
+for compiler usage. The requirement for this decoupling arises becasue TF-A code
+always provides support for the latest and greatest architecture features but this
+is not the case for the target compiler.
.. seealso:: :ref:`Build Options`
diff --git a/docs/getting_started/prerequisites.rst b/docs/getting_started/prerequisites.rst
index a3f8cc8..f4c3c28 100644
--- a/docs/getting_started/prerequisites.rst
+++ b/docs/getting_started/prerequisites.rst
@@ -14,7 +14,7 @@
|TF-A| can be built using either a Linux or a Windows machine as the build host.
A relatively recent Linux distribution is recommended for building |TF-A|. We
-have performed tests using Ubuntu 20.04 LTS (64-bit) but other distributions
+have performed tests using Ubuntu 22.04 LTS (64-bit) but other distributions
should also work fine as a base, provided that the necessary tools and libraries
can be installed.
@@ -77,11 +77,11 @@
The following libraries are required for Trusted Board Boot and Measured Boot
support:
-- mbed TLS == 2.28.1 (tag: ``mbedtls-2.28.1``)
+- mbed TLS == 3.4.0 (tag: ``mbedtls-3.4.0``)
These tools are optional:
-- Device Tree Compiler (DTC) >= 1.4.6
+- Device Tree Compiler (DTC) >= 1.4.7
Needed if you want to rebuild the provided Flattened Device Tree (FDT)
source files (``.dts`` files). DTC is available for Linux through the package
diff --git a/docs/perf/index.rst b/docs/perf/index.rst
index b83c6e3..0938a17 100644
--- a/docs/perf/index.rst
+++ b/docs/perf/index.rst
@@ -7,6 +7,7 @@
psci-performance-instr
psci-performance-juno
+ psci-performance-n1sdp
psci-performance-methodology
tsp
performance-monitoring-unit
diff --git a/docs/perf/psci-performance-juno.rst b/docs/perf/psci-performance-juno.rst
index 7418669..7a484b8 100644
--- a/docs/perf/psci-performance-juno.rst
+++ b/docs/perf/psci-performance-juno.rst
@@ -25,62 +25,189 @@
Juno supports CPU, cluster and system power down states, corresponding to power
levels 0, 1 and 2 respectively. It does not support any retention states.
-We used the upstream `TF master as of 31/01/2017`_, building the platform using
-the ``ENABLE_RUNTIME_INSTRUMENTATION`` option:
+Given that runtime instrumentation using PMF is invasive, there is a small
+(unquantified) overhead on the results. PMF uses the generic counter for
+timestamps, which runs at 50MHz on Juno.
-.. code:: shell
+The following source trees and binaries were used:
- make PLAT=juno ENABLE_RUNTIME_INSTRUMENTATION=1 \
- SCP_BL2=<path/to/scp-fw.bin> \
- BL33=<path/to/test-fw.bin> \
- all fip
+- TF-A [`v2.9-rc0`_]
+- TFTF [`v2.9-rc0`_]
-When using the debug build of TF, there was no noticeable difference in the
-results.
+Please see the Runtime Instrumentation `Testing Methodology`_ page for more
+details.
-The tests are based on an ARM-internal test framework. The release build of this
-framework was used because the results in the debug build became skewed; the
-console output prevented some of the tests from executing in parallel.
+Procedure
+---------
-The tests consist of both parallel and sequential tests, which are broadly
-described as follows:
+#. Build TFTF with runtime instrumentation enabled:
-- **Parallel Tests** This type of test powers on all the non-lead CPUs and
- brings them and the lead CPU to a common synchronization point. The lead CPU
- then initiates the test on all CPUs in parallel.
+ .. code:: shell
-- **Sequential Tests** This type of test powers on each non-lead CPU in
- sequence. The lead CPU initiates the test on a non-lead CPU then waits for the
- test to complete before proceeding to the next non-lead CPU. The lead CPU then
- executes the test on itself.
+ make CROSS_COMPILE=aarch64-none-elf- PLAT=juno \
+ TESTS=runtime-instrumentation all
-In the results below, CPUs 0-3 refer to CPUs in the little cluster (A53) and
-CPUs 4-5 refer to CPUs in the big cluster (A57). In all cases CPU 4 is the lead
-CPU.
+#. Fetch Juno's SCP binary from TF-A's archive:
-``PSCI_ENTRY`` refers to the time taken from entering the TF PSCI implementation
-to the point the hardware enters the low power state (WFI). Referring to the TF
-runtime instrumentation points, this corresponds to:
-``(RT_INSTR_ENTER_HW_LOW_PWR - RT_INSTR_ENTER_PSCI)``.
+ .. code:: shell
-``PSCI_EXIT`` refers to the time taken from the point the hardware exits the low
-power state to exiting the TF PSCI implementation. This corresponds to:
-``(RT_INSTR_EXIT_PSCI - RT_INSTR_EXIT_HW_LOW_PWR)``.
+ curl --fail --connect-timeout 5 --retry 5 -sLS -o scp_bl2.bin \
+ https://downloads.trustedfirmware.org/tf-a/css_scp_2.12.0/juno/release/juno-bl2.bin
-``CFLUSH_OVERHEAD`` refers to the part of ``PSCI_ENTRY`` taken to flush the
-caches. This corresponds to: ``(RT_INSTR_EXIT_CFLUSH - RT_INSTR_ENTER_CFLUSH)``.
+#. Build TF-A with the following build options:
-Note there is very little variance observed in the values given (~1us), although
-the values for each CPU are sometimes interchanged, depending on the order in
-which locks are acquired. Also, there is very little variance observed between
-executing the tests sequentially in a single boot or rebooting between tests.
+ .. code:: shell
-Given that runtime instrumentation using PMF is invasive, there is a small
-(unquantified) overhead on the results. PMF uses the generic counter for
-timestamps, which runs at 50MHz on Juno.
+ make CROSS_COMPILE=aarch64-none-elf- PLAT=juno \
+ BL33="/path/to/tftf.bin" SCP_BL2="scp_bl2.bin" \
+ ENABLE_RUNTIME_INSTRUMENTATION=1 fiptool all fip
+
+#. Load the following images onto the development board: ``fip.bin``,
+ ``scp_bl2.bin``.
+
+Results
+-------
+
+``CPU_SUSPEND`` to deepest power level
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+.. table:: ``CPU_SUSPEND`` latencies (µs) to deepest power level in
+ parallel
+
+ +---------+------+-----------+---------+-------------+
+ | Cluster | Core | Powerdown | Wakekup | Cache Flush |
+ +=========+======+===========+=========+=============+
+ | 0 | 0 | 243.76 | 239.92 | 6.32 |
+ +---------+------+-----------+---------+-------------+
+ | 0 | 1 | 663.5 | 30.32 | 167.82 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 0 | 105.12 | 22.84 | 5.88 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 1 | 384.16 | 19.06 | 4.7 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 2 | 523.98 | 270.46 | 4.74 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 3 | 950.54 | 220.9 | 89.2 |
+ +---------+------+-----------+---------+-------------+
+
+.. table:: ``CPU_SUSPEND`` latencies (µs) to deepest power level in
+ serial
+
+ +---------+------+-----------+---------+-------------+
+ | Cluster | Core | Powerdown | Wakekup | Cache Flush |
+ +=========+======+===========+=========+=============+
+ | 0 | 0 | 266.96 | 31.74 | 167.92 |
+ +---------+------+-----------+---------+-------------+
+ | 0 | 1 | 266.9 | 31.52 | 167.82 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 0 | 279.86 | 23.42 | 87.52 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 1 | 101.38 | 18.8 | 4.64 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 2 | 101.18 | 19.28 | 4.64 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 3 | 101.32 | 19.02 | 4.62 |
+ +---------+------+-----------+---------+-------------+
+
+``CPU_SUSPEND`` to power level 0
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-Results and Commentary
-----------------------
+.. table:: ``CPU_SUSPEND`` latencies (µs) to power level 0 in
+ parallel
+
+ +---------+------+-----------+---------+-------------+
+ | Cluster | Core | Powerdown | Wakekup | Cache Flush |
+ +=========+======+===========+=========+=============+
+ +---------+------+-----------+---------+-------------+
+ | 0 | 0 | 661.94 | 22.88 | 9.66 |
+ +---------+------+-----------+---------+-------------+
+ | 0 | 1 | 801.64 | 23.38 | 9.62 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 0 | 105.56 | 16.02 | 8.12 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 1 | 245.42 | 16.26 | 7.78 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 2 | 384.42 | 16.1 | 7.84 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 3 | 523.74 | 15.4 | 8.02 |
+ +---------+------+-----------+---------+-------------+
+
+.. table:: ``CPU_SUSPEND`` latencies (µs) to power level 0 in serial
+
+ +---------+------+-----------+---------+-------------+
+ | Cluster | Core | Powerdown | Wakekup | Cache Flush |
+ +=========+======+===========+=========+=============+
+ | 0 | 0 | 102.16 | 23.64 | 6.7 |
+ +---------+------+-----------+---------+-------------+
+ | 0 | 1 | 101.66 | 23.78 | 6.6 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 0 | 277.74 | 15.96 | 4.66 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 1 | 98.0 | 15.88 | 4.64 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 2 | 97.66 | 15.88 | 4.62 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 3 | 97.76 | 15.38 | 4.64 |
+ +---------+------+-----------+---------+-------------+
+
+``CPU_OFF`` on all non-lead CPUs
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+``CPU_OFF`` on all non-lead CPUs in sequence then, ``CPU_SUSPEND`` on the lead
+core to the deepest power level.
+
+.. table:: ``CPU_OFF`` latencies (µs) on all non-lead CPUs
+
+ +---------+------+-----------+---------+-------------+
+ | Cluster | Core | Powerdown | Wakekup | Cache Flush |
+ +=========+======+===========+=========+=============+
+ | 0 | 0 | 265.38 | 34.12 | 167.36 |
+ +---------+------+-----------+---------+-------------+
+ | 0 | 1 | 265.72 | 33.98 | 167.48 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 0 | 185.3 | 23.18 | 87.42 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 1 | 101.58 | 23.46 | 4.48 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 2 | 101.66 | 22.02 | 4.72 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 3 | 101.48 | 22.22 | 4.52 |
+ +---------+------+-----------+---------+-------------+
+
+``CPU_VERSION`` in parallel
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+.. table:: ``CPU_VERSION`` latency (µs) in parallel on all cores
+
+ +-------------+--------+--------------+
+ | Cluster | Core | Latency |
+ +=============+========+==============+
+ | 0 | 0 | 1.22 |
+ +-------------+--------+--------------+
+ | 0 | 1 | 1.2 |
+ +-------------+--------+--------------+
+ | 1 | 0 | 0.6 |
+ +-------------+--------+--------------+
+ | 1 | 1 | 1.08 |
+ +-------------+--------+--------------+
+ | 1 | 2 | 1.04 |
+ +-------------+--------+--------------+
+ | 1 | 3 | 1.04 |
+ +-------------+--------+--------------+
+
+Annotated Historic Results
+--------------------------
+
+The following results are based on the upstream `TF master as of 31/01/2017`_.
+TF-A was built using the same build instructions as detailed in the procedure
+above.
+
+In the results below, CPUs 0-3 refer to CPUs in the little cluster (A53) and
+CPUs 4-5 refer to CPUs in the big cluster (A57). In all cases CPU 4 is the lead
+CPU.
+
+``PSCI_ENTRY`` corresponds to the powerdown latency, ``PSCI_EXIT`` the wakeup latency, and
+``CFLUSH_OVERHEAD`` the latency of the cache flush operation.
``CPU_SUSPEND`` to deepest power level on all CPUs in parallel
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -290,3 +417,5 @@
.. _Juno R1 platform: https://developer.arm.com/documentation/100122/latest/
.. _TF master as of 31/01/2017: https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/?id=c38b36d
+.. _v2.9-rc0: https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/tree/?h=v2.9-rc0
+.. _Testing Methodology: ../perf/psci-performance-methodology.html
diff --git a/docs/perf/psci-performance-n1sdp.rst b/docs/perf/psci-performance-n1sdp.rst
new file mode 100644
index 0000000..70a1436
--- /dev/null
+++ b/docs/perf/psci-performance-n1sdp.rst
@@ -0,0 +1,203 @@
+Runtime Instrumentation Testing - N1SDP
+=======================================
+
+For this test we used the N1 System Development Platform (`N1SDP`_), which
+contains an SoC consisting of two dual-core Arm N1 clusters.
+
+The following source trees and binaries were used:
+
+- TF-A [`v2.9-rc0-16-g666aec401`_]
+- TFTF [`v2.9-rc0`_]
+- SCP/MCP `Prebuilt Images`_
+
+Please see the Runtime Instrumentation `Testing Methodology`_ page for more
+details.
+
+Procedure
+---------
+
+#. Build TFTF with runtime instrumentation enabled:
+
+ .. code:: shell
+
+ make CROSS_COMPILE=aarch64-none-elf- PLAT=n1sdp \
+ TESTS=runtime-instrumentation all
+
+#. Build TF-A with the following build options:
+
+ .. code:: shell
+
+ make CROSS_COMPILE=aarch64-none-elf- PLAT=n1sdp \
+ ENABLE_RUNTIME_INSTRUMENTATION=1 fiptool all
+
+#. Fetch the SCP firmware images:
+
+ .. code:: shell
+
+ curl --fail --connect-timeout 5 --retry 5 \
+ -sLS -o build/n1sdp/release/scp_rom.bin \
+ https://downloads.trustedfirmware.org/tf-a/css_scp_2.12.0/n1sdp/release/n1sdp-bl1.bin
+ curl --fail --connect-timeout 5 \
+ --retry 5 -sLS -o build/n1sdp/release/scp_ram.bin \
+ https://downloads.trustedfirmware.org/tf-a/css_scp_2.12.0/n1sdp/release/n1sdp-bl2.bin
+
+#. Fetch the MCP firmware images:
+
+ .. code:: shell
+
+ curl --fail --connect-timeout 5 --retry 5 \
+ -sLS -o build/n1sdp/release/mcp_rom.bin \
+ https://downloads.trustedfirmware.org/tf-a/css_scp_2.12.0/n1sdp/release/n1sdp-mcp-bl1.bin
+ curl --fail --connect-timeout 5 --retry 5 \
+ -sLS -o build/n1sdp/release/mcp_ram.bin \
+ https://downloads.trustedfirmware.org/tf-a/css_scp_2.12.0/n1sdp/release/n1sdp-mcp-bl2.bin
+
+#. Using the fiptool, create a new FIP package and append the SCP ram image onto
+ it.
+
+ .. code:: shell
+
+ ./tools/fiptool/fiptool create --blob \
+ uuid=cfacc2c4-15e8-4668-82be-430a38fad705,file=build/n1sdp/release/bl1.bin \
+ --scp-fw build/n1sdp/release/scp_ram.bin build/n1sdp/release/scp_fw.bin
+
+#. Append the MCP image to the FIP.
+
+ .. code:: shell
+
+ ./tools/fiptool/fiptool create \
+ --blob uuid=54464222-a4cf-4bf8-b1b6-cee7dade539e,file=build/n1sdp/release/mcp_ram.bin \
+ build/n1sdp/release/mcp_fw.bin
+
+#. Then, add TFTF as the Non-Secure workload in the FIP image:
+
+ .. code:: shell
+
+ make CROSS_COMPILE=aarch64-none-elf- PLAT=n1sdp \
+ ENABLE_RUNTIME_INSTRUMENTATION=1 SCP_BL2=/dev/null \
+ BL33=<path/to/tftf.bin> fip
+
+#. Load the following images onto the development board: ``fip.bin``,
+ ``scp_rom.bin``, ``scp_ram.bin``, ``mcp_rom.bin``, and ``mcp_ram.bin``.
+
+.. note::
+
+ These instructions presume you have a complete firmware stack. The N1SDP
+ `user guide`_ provides a detailed explanation on how to get setup from
+ scratch.
+
+Results
+-------
+
+``CPU_SUSPEND`` to deepest power level
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+.. table:: ``CPU_SUSPEND`` latencies (µs) to deepest power level in
+ parallel
+
+ +---------+------+-----------+---------+-------------+
+ | Cluster | Core | Powerdown | Wakekup | Cache Flush |
+ +=========+======+===========+=========+=============+
+ | 0 | 0 | 3.44 | 10.04 | 0.4 |
+ +---------+------+-----------+---------+-------------+
+ | 0 | 1 | 4.98 | 12.72 | 0.16 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 0 | 3.58 | 15.42 | 0.2 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 1 | 5.24 | 17.78 | 0.18 |
+ +---------+------+-----------+---------+-------------+
+
+.. table:: ``CPU_SUSPEND`` latencies (µs) to deepest power level in
+ serial
+
+ +---------+------+-----------+---------+-------------+
+ | Cluster | Core | Powerdown | Wakekup | Cache Flush |
+ +=========+======+===========+=========+=============+
+ | 0 | 0 | 1.82 | 9.98 | 0.32 |
+ +---------+------+-----------+---------+-------------+
+ | 0 | 1 | 1.96 | 9.96 | 0.18 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 0 | 2.0 | 10.5 | 0.16 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 1 | 2.22 | 10.56 | 0.16 |
+ +---------+------+-----------+---------+-------------+
+
+``CPU_SUSPEND`` to power level 0
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+.. table:: ``CPU_SUSPEND`` latencies (µs) to power level 0 in
+ parallel
+
+ +---------+------+-----------+---------+-------------+
+ | Cluster | Core | Powerdown | Wakekup | Cache Flush |
+ +=========+======+===========+=========+=============+
+ | 0 | 0 | 1.52 | 11.84 | 0.34 |
+ +---------+------+-----------+---------+-------------+
+ | 0 | 1 | 1.1 | 13.66 | 0.14 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 0 | 2.18 | 9.48 | 0.18 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 1 | 2.06 | 14.4 | 0.16 |
+ +---------+------+-----------+---------+-------------+
+
+.. table:: ``CPU_SUSPEND`` latencies (µs) to power level 0 in serial
+
+ +---------+------+-----------+---------+-------------+
+ | Cluster | Core | Powerdown | Wakekup | Cache Flush |
+ +=========+======+===========+=========+=============+
+ | 0 | 0 | 1.54 | 9.34 | 0.3 |
+ +---------+------+-----------+---------+-------------+
+ | 0 | 1 | 1.88 | 9.5 | 0.16 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 0 | 1.86 | 9.86 | 0.2 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 1 | 2.02 | 9.64 | 0.18 |
+ +---------+------+-----------+---------+-------------+
+
+``CPU_OFF`` on all non-lead CPUs
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+``CPU_OFF`` on all non-lead CPUs in sequence then, ``CPU_SUSPEND`` on the lead
+core to the deepest power level.
+
+.. table:: ``CPU_OFF`` latencies (µs) on all non-lead CPUs
+
+ +---------+------+-----------+---------+-------------+
+ | Cluster | Core | Powerdown | Wakekup | Cache Flush |
+ +=========+======+===========+=========+=============+
+ | 0 | 0 | 1.86 | 9.88 | 0.32 |
+ +---------+------+-----------+---------+-------------+
+ | 0 | 1 | 21.1 | 12.44 | 0.42 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 0 | 21.22 | 13.2 | 0.32 |
+ +---------+------+-----------+---------+-------------+
+ | 1 | 1 | 21.56 | 13.18 | 0.54 |
+ +---------+------+-----------+---------+-------------+
+
+``CPU_VERSION`` in parallel
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+.. table:: ``CPU_VERSION`` latency (µs) in parallel on all cores
+
+ +-------------+--------+--------------+
+ | Cluster | Core | Latency |
+ +=============+========+==============+
+ | 0 | 0 | 0.08 |
+ +-------------+--------+--------------+
+ | 0 | 1 | 0.22 |
+ +-------------+--------+--------------+
+ | 1 | 0 | 0.28 |
+ +-------------+--------+--------------+
+ | 1 | 1 | 0.26 |
+ +-------------+--------+--------------+
+
+--------------
+
+*Copyright (c) 2023, Arm Limited. All rights reserved.*
+
+.. _v2.9-rc0-16-g666aec401: https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/heads/v2.9-rc0-16-g666aec401
+.. _v2.9-rc0: https://review.trustedfirmware.org/plugins/gitiles/TF-A/tf-a-tests/+/refs/tags/v2.9-rc0
+.. _user guide: https://gitlab.arm.com/arm-reference-solutions/arm-reference-solutions-docs/-/blob/master/docs/n1sdp/user-guide.rst
+.. _Prebuilt Images: https://downloads.trustedfirmware.org/tf-a/css_scp_2.11.0/n1sdp/release/
+.. _N1SDP: https://developer.arm.com/documentation/101489/latest
+.. _Testing Methodology: ../perf/psci-performance-methodology.html
\ No newline at end of file
diff --git a/docs/process/code-review-guidelines.rst b/docs/process/code-review-guidelines.rst
index 67a211f..ccdd110 100644
--- a/docs/process/code-review-guidelines.rst
+++ b/docs/process/code-review-guidelines.rst
@@ -1,11 +1,6 @@
Code Review Guidelines
======================
-This document provides TF-A specific details about the project's code review
-process. It should be read in conjunction with the `Project Maintenance
-Process`_, which it supplements.
-
-
Why do we do code reviews?
--------------------------
@@ -23,8 +18,34 @@
unfairly criticizing or belittling the work of any contributor.
-Good practices
---------------
+Overview of the code review process
+-----------------------------------
+
+All contributions to Trusted Firmware-A project are reviewed by the community to
+ensure they meet the project's expectations before they get merged, according to
+the `Project Maintenance Process`_ defined for all `Trusted Firmware` projects.
+
+Technical ownership of most parts of the codebase falls on the :ref:`code
+owners`. All patches are ultimately merged by the :ref:`maintainers`.
+
+Approval of a patch is tracked using Gerrit `labels`. For a patch to be merged,
+it must get all of the following votes:
+
+- At least one ``Code-Owner-Review+1`` up-vote, and no ``Code-Owner-Review-1``
+ down-vote.
+
+- At least one ``Maintainer-Review+1`` up-vote, and no ``Maintainer-Review-1``
+ down-vote.
+
+- ``Verified+1`` vote applied by the automated Continuous Integration (CI)
+ system.
+
+Note that, in some instances, the maintainers might give a waiver for some of
+the CI failures and manually override the ``Verified+1`` score.
+
+
+Good practices for all reviewers
+--------------------------------
To ensure the code review gives the greatest possible benefit, participants in
the project should:
@@ -211,6 +232,6 @@
--------------
-*Copyright (c) 2020, Arm Limited. All rights reserved.*
+*Copyright (c) 2020-2023, Arm Limited. All rights reserved.*
.. _Project Maintenance Process: https://developer.trustedfirmware.org/w/collaboration/project-maintenance-process/
diff --git a/docs/process/index.rst b/docs/process/index.rst
index 7914a4e..9b669c0 100644
--- a/docs/process/index.rst
+++ b/docs/process/index.rst
@@ -13,4 +13,5 @@
contributing
code-review-guidelines
faq
+ maintenance
security-hardening
diff --git a/docs/process/maintenance.rst b/docs/process/maintenance.rst
new file mode 100644
index 0000000..45aada2
--- /dev/null
+++ b/docs/process/maintenance.rst
@@ -0,0 +1,55 @@
+Project Maintenance Processes
+=============================
+
+Trusted Firmware-A (TF-A) project follows the generic `trustedfirmware.org
+Project Maintenance Process`_. The present document complements it by defining
+TF-A project-specific decisions.
+
+How to become a maintainer?
+---------------------------
+
+Qualifying Criteria
+~~~~~~~~~~~~~~~~~~~
+
+To be elligible to become a maintainer for TF-A project, all criteria outlined
+`here`_ must be fullfilled. These are:
+
+- Being an active member of the project for at least a couple of years.
+
+- Having contributed a substantial number of non-trivial and high-quality
+ patches.
+
+- Having reviewed a substantial number of non-trivial patches, preferably in the
+ generic layer, with high-quality constructive feedback.
+
+- Behaving in a professional and polite way, with the best interests of the
+ project at heart.
+
+- Showing a strong will to improve the project and to do the right thing, rather
+ than going for the quick and easy path.
+
+- Participating in design discussions on the development mailing list and during
+ TF-A tech forums calls.
+
+- Having appropriate bandwidth (minimum 2 hours per week) to deal with the workload.
+
+Election Process
+~~~~~~~~~~~~~~~~
+
+To put an individual's name up for election,
+
+#. Send an email to all existing TF-A maintainers, asking whether they have any
+ objections to this individual becoming a TF-A maintainer.
+
+#. Give existing maintainers one calendar week to participate in the discussion.
+
+#. If there are objections, the existing maintainers should try to resolve them
+ amongst themselves. If they cannot, this should be escalated to the
+ trustedfirmware.org Technical Steering Commitee (TSC).
+
+#. If there are no (more) objections, announce the news on the TF-A mailing list
+ and update the list of maintainers on the :ref:`Project
+ Maintenance<maintainers>` page.
+
+.. _trustedfirmware.org Project Maintenance Process: https://developer.trustedfirmware.org/w/collaboration/project-maintenance-process/
+.. _here: https://developer.trustedfirmware.org/w/collaboration/project-maintenance-process/#how-to-become-a-maintainer
diff --git a/docs/threat_model/threat_model_spm.rst b/docs/threat_model/threat_model_spm.rst
index 98dbf76..9458a9f 100644
--- a/docs/threat_model/threat_model_spm.rst
+++ b/docs/threat_model/threat_model_spm.rst
@@ -35,7 +35,7 @@
- The TF-A implementation for the S-EL2 SPMC based on the Hafnium hypervisor
running in the secure world of TrustZone (at S-EL2 exception level).
The threat model is not related to the normal world Hypervisor or VMs.
- The S-EL1 SPMC solution is not covered.
+ The S-EL1 and EL3 SPMC solutions are not covered.
- The implementation complies with the FF-A v1.0 specification, and a few
features of FF-A v1.1 specification.
- Secure partitions are statically provisioned at boot time.
@@ -235,8 +235,8 @@
+------------------------+------------------+-----------------+---------------+
| ``Total Risk Rating`` | High (16) | High (16) | |
+------------------------+------------------+-----------------+---------------+
-| ``Mitigations`` | In context of FF-A v1.0 this is the case of sharing|
-| | the RX/TX buffer pair and usage in the |
+| ``Mitigations`` | In context of FF-A v1.0 and v1.1 this is the case |
+| | of sharing the RX/TX buffer pair and usage in the |
| | PARTITION_INFO_GET or mem sharing primitives. |
| | The SPMC must copy the contents of the TX buffer |
| | to an internal temporary buffer before processing |
@@ -1151,11 +1151,189 @@
| | interrupted. |
+------------------------+----------------------------------------------------+
++------------------------+----------------------------------------------------+
+| ID | 25 |
++========================+====================================================+
+| ``Threat`` | **A rogue FF-A endpoint can use memory sharing |
+| | calls to exhaust SPMC resources.** |
+| | For each on-going operation that involves an SP, |
+| | the SPMC allocates resources to track its state. |
+| | If the operation is never concluded, the resources |
+| | are never freed. |
+| | In the worst scenario, multiple operations that |
+| | never conclude may exhaust the SPMC resources to a |
+| | point in which renders memory sharing operations |
+| | impossible. This could affect other, non-harmful |
+| | FF-A endpoints, from legitimately using memory |
+| | share functionality. The intent might even be |
+| | to cause the SPMC to consume excessive CPU cycles, |
+| | attempting to make it deny its service to the NWd. |
++------------------------+----------------------------------------------------+
+| ``Diagram Elements`` | DF1, DF2 |
++------------------------+----------------------------------------------------+
+| ``Affected TF-A | SPMC, SPMD |
+| Components`` | |
++------------------------+----------------------------------------------------+
+| ``Assets`` | SPMC state |
++------------------------+----------------------------------------------------+
+| ``Threat Agent`` | NS-Endpoint, S-Endpoint |
++------------------------+----------------------------------------------------+
+| ``Threat Type`` | Denial of Service |
++------------------------+------------------+-----------------+---------------+
+| ``Application`` | ``Server`` | ``Mobile`` | |
++------------------------+------------------+-----------------+---------------+
+| ``Impact`` | High (4) | Medium (3) | |
++------------------------+------------------+-----------------+---------------+
+| ``Likelihood`` | High (4) | Medium (3) | |
++------------------------+------------------+-----------------+---------------+
+| ``Total Risk Rating`` | High (16) | Medium (9) | |
++------------------------+------------------+-----------------+---------------+
+| ``Mitigations`` | The TF-A SPMC uses a statically allocated pool of |
+| | memory to keep track of on-going memory sharing |
+| | operations. After a possible attack, this could |
+| | fail due to insufficient memory, and return an |
+| | error to the caller. At this point, any other |
+| | endpoint that requires use of memory sharing for |
+| | its operation could get itself in an unusable |
+| | state. |
+| | Regarding CPU cycles starving threat, the SPMC |
+| | doesn't provide any mitigation for this, as any |
+| | FF-A endpoint, at the virtual FF-A instance is |
+| | allowed to invoke memory share/lend/donate. |
++------------------------+----------------------------------------------------+
+
++------------------------+----------------------------------------------------+
+| ID | 26 |
++========================+====================================================+
+| ``Threat`` | **A borrower may interfere with lender's |
+| | operation, if it terminates due to a fatal error |
+| | condition without releasing the memory |
+| | shared/lent.** |
+| | Such scenario may render the lender inoperable. |
++------------------------+----------------------------------------------------+
+| ``Diagram Elements`` | DF1, DF2 |
++------------------------+----------------------------------------------------+
+| ``Affected TF-A | SPMC |
+| Components`` | |
++------------------------+----------------------------------------------------+
+| ``Assets`` | SP state |
++------------------------+----------------------------------------------------+
+| ``Threat Agent`` | NS-Endpoint, S-Endpoint |
++------------------------+----------------------------------------------------+
+| ``Threat Type`` | Denial of Service |
++------------------------+------------------+-----------------+---------------+
+| ``Application`` | ``Server`` | ``Mobile`` | |
++------------------------+------------------+-----------------+---------------+
+| ``Impact`` | High (4) | Low (2) | |
++------------------------+------------------+-----------------+---------------+
+| ``Likelihood`` | Medium (3) | Medium (3) | |
++------------------------+------------------+-----------------+---------------+
+| ``Total Risk Rating`` | High (12) | Medium(6) | |
++------------------------+------------------+-----------------+---------------+
+| ``Mitigations`` | The TF-A SPMC does not provide mitigation for such |
+| | scenario. The FF-A endpoints must attempt to |
+| | relinquish memory shared/lent themselves in |
+| | case of failure. The memory used to track the |
+| | operation in the SPMC will also remain usuable. |
++------------------------+----------------------------------------------------+
+
++------------------------+----------------------------------------------------+
+| ID | 27 |
++========================+====================================================+
+| ``Threat`` | **A rogue FF-A endpoint may attempt to tamper with |
+| | the content of the memory shared/lent, whilst |
+| | being accessed by other FF-A endpoints.** |
+| | It might attempt to do so: using one of the clear |
+| | flags, when either retrieving or relinquishing |
+| | access to the memory via the respective FF-A |
+| | calls; or directly accessing memory without |
+| | respecting the synchronization protocol between |
+| | all involved endpoints. |
++------------------------+----------------------------------------------------+
+| ``Diagram Elements`` | DF1, DF2 |
++------------------------+----------------------------------------------------+
+| ``Affected TF-A | SPMC, FF-A endpoint |
+| Components`` | |
++------------------------+----------------------------------------------------+
+| ``Assets`` | SP state |
++------------------------+----------------------------------------------------+
+| ``Threat Agent`` | NS-Endpoint, S-Endpoint |
++------------------------+----------------------------------------------------+
+| ``Threat Type`` | Denial of Service, Tampering |
++------------------------+------------------+-----------------+---------------+
+| ``Application`` | ``Server`` | ``Mobile`` | |
++------------------------+------------------+-----------------+---------------+
+| ``Impact`` | Low (2) | Low (2) | |
++------------------------+------------------+-----------------+---------------+
+| ``Likelihood`` | Medium (3) | Medium (3) | |
++------------------------+------------------+-----------------+---------------+
+| ``Total Risk Rating`` | Medium (6) | Medium(6) | |
++------------------------+------------------+-----------------+---------------+
+| ``Mitigations`` | The first case defined in the threat, the TF-A |
+| | SPMC mitigates it, by ensuring a memory is cleared |
+| | only when all borrowers have relinquished access |
+| | to the memory, in a scenario involving multiple |
+| | borrowers. Also, if the receiver is granted RO, |
+| | permissions, the SPMC will reject any request |
+| | to clear memory on behalf of the borrower, by |
+| | returning an error to the respective FF-A call. |
+| | The second case defined in the threat can't be |
+| | mitigated by the SPMC. It is up to the NS/S FF-A |
+| | endpoints to establish a robust protocol for using |
+| | the shared memory. |
++------------------------+----------------------------------------------------+
+
++------------------------+----------------------------------------------------+
+| ID | 28 |
++========================+====================================================+
+| ``Threat`` | **A rogue FF-A endpoint may attempt to share |
+| | memory that is not in its translation regime, or |
+| | attempt to specify attributes more permissive than |
+| | those it possesses at a given time.** |
+| | Both ways could be an attempt for escalating its |
+| | privileges. |
++------------------------+----------------------------------------------------+
+| ``Diagram Elements`` | DF1, DF2 |
++------------------------+----------------------------------------------------+
+| ``Affected TF-A | SPMC, FF-A endpoint |
+| Components`` | |
++------------------------+----------------------------------------------------+
+| ``Assets`` | SP state |
++------------------------+----------------------------------------------------+
+| ``Threat Agent`` | NS-Endpoint, S-Endpoint |
++------------------------+----------------------------------------------------+
+| ``Threat Type`` | Denial of Service, Tampering |
++------------------------+------------------+-----------------+---------------+
+| ``Application`` | ``Server`` | ``Mobile`` | |
++------------------------+------------------+-----------------+---------------+
+| ``Impact`` | High (4) | Low (2) | |
++------------------------+------------------+-----------------+---------------+
+| ``Likelihood`` | Medium (3) | Low (2) | |
++------------------------+------------------+-----------------+---------------+
+| ``Total Risk Rating`` | High (12) | Low (2) | |
++------------------------+------------------+-----------------+---------------+
+| ``Mitigations`` | The TF-A SPMC mitigates this threat by performing |
+| | sanity checks to the provided memory region |
+| | descriptor. |
+| | For operations at the virtual FF-A instance, and |
+| | once the full memory descriptor is provided, |
+| | the SPMC validates that the memory is part of the |
+| | caller's translation regime. The SPMC also checks |
+| | that the memory attributes provided are within |
+| | those the owner possesses, in terms of |
+| | permissiveness. If more permissive attributes are |
+| | specified, the SPMC returns an error |
+| | FFA_INVALID_PARAMETERS. The permissiveness rules |
+| | are enforced in any call to share/lend or donate |
+| | the memory, and in retrieve requests. |
++------------------------+----------------------------------------------------+
+
--------------
-*Copyright (c) 2021-2022, Arm Limited. All rights reserved.*
+*Copyright (c) 2021-2023, Arm Limited. All rights reserved.*
.. _Arm Firmware Framework for Arm A-profile: https://developer.arm.com/docs/den0077/latest
.. _Secure Partition Manager: ../components/secure-partition-manager.html
.. _Generic TF-A threat model: ./threat_model.html#threat-analysis
.. _FF-A ACS: https://github.com/ARM-software/ff-a-acs/releases
+
diff --git a/drivers/st/crypto/stm32_pka.c b/drivers/st/crypto/stm32_pka.c
index 1e7c42c..9124cf2 100644
--- a/drivers/st/crypto/stm32_pka.c
+++ b/drivers/st/crypto/stm32_pka.c
@@ -33,10 +33,10 @@
#define UINT8_LEN 8U
#define UINT64_LEN (UINT8_LEN * sizeof(uint64_t))
-#define WORD_SIZE (sizeof(uint64_t))
+#define PKA_WORD_SIZE (sizeof(uint64_t))
#define OP_NBW_FROM_LEN(len) (DIV_ROUND_UP_2EVAL((len), UINT64_LEN) + 1)
#define OP_NBW_FROM_SIZE(s) OP_NBW_FROM_LEN((s) * UINT8_LEN)
-#define OP_SIZE_FROM_SIZE(s) (OP_NBW_FROM_SIZE(s) * WORD_SIZE)
+#define OP_SIZE_FROM_SIZE(s) (OP_NBW_FROM_SIZE(s) * PKA_WORD_SIZE)
#define DT_PKA_COMPAT "st,stm32-pka64"
diff --git a/include/arch/aarch32/asm_macros.S b/include/arch/aarch32/asm_macros.S
index 483f9fe..83e94ca 100644
--- a/include/arch/aarch32/asm_macros.S
+++ b/include/arch/aarch32/asm_macros.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2016-2018, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -8,6 +8,7 @@
#include <arch.h>
#include <common/asm_macros_common.S>
+#include <lib/cpus/cpu_ops.h>
#include <lib/spinlock.h>
/*
@@ -24,8 +25,6 @@
stcopr _reg, _coproc
#endif
-#define WORD_SIZE 4
-
/*
* Co processor register accessors
*/
@@ -49,14 +48,14 @@
.macro dcache_line_size reg, tmp
ldcopr \tmp, CTR
ubfx \tmp, \tmp, #CTR_DMINLINE_SHIFT, #CTR_DMINLINE_WIDTH
- mov \reg, #WORD_SIZE
+ mov \reg, #CPU_WORD_SIZE
lsl \reg, \reg, \tmp
.endm
.macro icache_line_size reg, tmp
ldcopr \tmp, CTR
and \tmp, \tmp, #CTR_IMINLINE_MASK
- mov \reg, #WORD_SIZE
+ mov \reg, #CPU_WORD_SIZE
lsl \reg, \reg, \tmp
.endm
diff --git a/include/lib/cpus/aarch32/cpu_macros.S b/include/lib/cpus/aarch32/cpu_macros.S
index ab2f2c6..096e0b1 100644
--- a/include/lib/cpus/aarch32/cpu_macros.S
+++ b/include/lib/cpus/aarch32/cpu_macros.S
@@ -1,82 +1,13 @@
/*
- * Copyright (c) 2016-2023, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#ifndef CPU_MACROS_S
#define CPU_MACROS_S
-#include <arch.h>
-#include <lib/cpus/errata_report.h>
-
-#if defined(IMAGE_BL1) || defined(IMAGE_BL32) \
- || (defined(IMAGE_BL2) && RESET_TO_BL2)
-#define IMAGE_AT_EL3
-#endif
-
-#define CPU_IMPL_PN_MASK (MIDR_IMPL_MASK << MIDR_IMPL_SHIFT) | \
- (MIDR_PN_MASK << MIDR_PN_SHIFT)
-
-/* The number of CPU operations allowed */
-#define CPU_MAX_PWR_DWN_OPS 2
-
-/* Special constant to specify that CPU has no reset function */
-#define CPU_NO_RESET_FUNC 0
-
-/* Word size for 32-bit CPUs */
-#define CPU_WORD_SIZE 4
-
-/*
- * Whether errata status needs reporting. Errata status is printed in debug
- * builds for both BL1 and BL32 images.
- */
-#if (defined(IMAGE_BL1) || defined(IMAGE_BL32)) && DEBUG
-# define REPORT_ERRATA 1
-#else
-# define REPORT_ERRATA 0
-#endif
-
-
- .equ CPU_MIDR_SIZE, CPU_WORD_SIZE
- .equ CPU_RESET_FUNC_SIZE, CPU_WORD_SIZE
- .equ CPU_PWR_DWN_OPS_SIZE, CPU_WORD_SIZE * CPU_MAX_PWR_DWN_OPS
- .equ CPU_ERRATA_FUNC_SIZE, CPU_WORD_SIZE
- .equ CPU_ERRATA_LOCK_SIZE, CPU_WORD_SIZE
- .equ CPU_ERRATA_PRINTED_SIZE, CPU_WORD_SIZE
-
-#ifndef IMAGE_AT_EL3
- .equ CPU_RESET_FUNC_SIZE, 0
-#endif
-
-/* The power down core and cluster is needed only in BL32 */
-#ifndef IMAGE_BL32
- .equ CPU_PWR_DWN_OPS_SIZE, 0
-#endif
-
-/* Fields required to print errata status */
-#if !REPORT_ERRATA
- .equ CPU_ERRATA_FUNC_SIZE, 0
-#endif
-
-/* Only BL32 requires mutual exclusion and printed flag. */
-#if !(REPORT_ERRATA && defined(IMAGE_BL32))
- .equ CPU_ERRATA_LOCK_SIZE, 0
- .equ CPU_ERRATA_PRINTED_SIZE, 0
-#endif
-
-
-/*
- * Define the offsets to the fields in cpu_ops structure.
- * Every offset is defined based on the offset and size of the previous
- * field.
- */
- .equ CPU_MIDR, 0
- .equ CPU_RESET_FUNC, CPU_MIDR + CPU_MIDR_SIZE
- .equ CPU_PWR_DWN_OPS, CPU_RESET_FUNC + CPU_RESET_FUNC_SIZE
- .equ CPU_ERRATA_FUNC, CPU_PWR_DWN_OPS + CPU_PWR_DWN_OPS_SIZE
- .equ CPU_ERRATA_LOCK, CPU_ERRATA_FUNC + CPU_ERRATA_FUNC_SIZE
- .equ CPU_ERRATA_PRINTED, CPU_ERRATA_LOCK + CPU_ERRATA_LOCK_SIZE
- .equ CPU_OPS_SIZE, CPU_ERRATA_PRINTED + CPU_ERRATA_PRINTED_SIZE
+#include <lib/cpus/cpu_ops.h>
+#include <lib/cpus/errata.h>
/*
* Write given expressions as words
@@ -142,6 +73,29 @@
fill_constants CPU_MAX_PWR_DWN_OPS, \_power_down_ops
#endif
+ /*
+ * It is possible (although unlikely) that a cpu may have no errata in
+ * code. In that case the start label will not be defined. The list is
+ * inteded to be used in a loop, so define it as zero-length for
+ * predictable behaviour. Since this macro is always called at the end
+ * of the cpu file (after all errata have been parsed) we can be sure
+ * that we are at the end of the list. Some cpus call the macro twice,
+ * so only do this once.
+ */
+ .pushsection .rodata.errata_entries
+ .ifndef \_name\()_errata_list_start
+ \_name\()_errata_list_start:
+ .endif
+ /* some call this multiple times, so only do this once */
+ .ifndef \_name\()_errata_list_end
+ \_name\()_errata_list_end:
+ .endif
+ .popsection
+
+ /* and now put them in cpu_ops */
+ .word \_name\()_errata_list_start
+ .word \_name\()_errata_list_end
+
#if REPORT_ERRATA
.ifndef \_name\()_cpu_str
/*
@@ -166,6 +120,7 @@
* this class.
*/
.word \_name\()_errata_report
+ .word \_name\()_cpu_str
#ifdef IMAGE_BL32
/* Pointers to errata lock and reported flag */
@@ -228,4 +183,77 @@
beq \_label
.endm
+/*
+ * NOTE an erratum and CVE id could clash. However, both numbers are very large
+ * and the probablity is minuscule. Working around this makes code very
+ * complicated and extremely difficult to read so it is not considered. In the
+ * unlikely event that this does happen, prepending the CVE id with a 0 should
+ * resolve the conflict
+ */
+
+/*
+ * Add an entry for this erratum to the errata framework
+ *
+ * _cpu:
+ * Name of cpu as given to declare_cpu_ops
+ *
+ * _cve:
+ * Whether erratum is a CVE. CVE year if yes, 0 otherwise
+ *
+ * _id:
+ * Erratum or CVE number. Please combine with the previous field with the
+ * ERRATUM or CVE macros
+ *
+ * _chosen:
+ * Compile time flag on whether the erratum is included
+ *
+ * _special:
+ * The special non-standard name of an erratum
+ */
+.macro add_erratum_entry _cpu:req, _cve:req, _id:req, _chosen:req, _special
+ .pushsection .rodata.errata_entries
+ .align 2
+ .ifndef \_cpu\()_errata_list_start
+ \_cpu\()_errata_list_start:
+ .endif
+
+ /* unused on AArch32, maintain for portability */
+ .word 0
+ /* TODO(errata ABI): this prevents all checker functions from
+ * being optimised away. Can be done away with unless the ABI
+ * needs them */
+ .ifnb \_special
+ .word check_errata_\_special
+ .elseif \_cve
+ .word check_errata_cve_\_cve\()_\_id
+ .else
+ .word check_errata_\_id
+ .endif
+ /* Will fit CVEs with up to 10 character in the ID field */
+ .word \_id
+ .hword \_cve
+ .byte \_chosen
+ /* TODO(errata ABI): mitigated field for known but unmitigated
+ * errata*/
+ .byte 0x1
+ .popsection
+.endm
+
+/*
+ * Maintain compatibility with the old scheme of "each cpu has its own reporter".
+ * TODO remove entirely once all cpus have been converted. This includes the
+ * cpu_ops entry, as print_errata_status can call this directly for all cpus
+ */
+.macro errata_report_shim _cpu:req
+ #if REPORT_ERRATA
+ func \_cpu\()_errata_report
+ push {r12, lr}
+
+ bl generic_errata_report
+
+ pop {r12, lr}
+ bx lr
+ endfunc \_cpu\()_errata_report
+ #endif
+.endm
#endif /* CPU_MACROS_S */
diff --git a/include/lib/cpus/aarch64/cpu_macros.S b/include/lib/cpus/aarch64/cpu_macros.S
index 041be51..724624c 100644
--- a/include/lib/cpus/aarch64/cpu_macros.S
+++ b/include/lib/cpus/aarch64/cpu_macros.S
@@ -1,95 +1,14 @@
/*
- * Copyright (c) 2014-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2014-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#ifndef CPU_MACROS_S
#define CPU_MACROS_S
-#include <arch.h>
#include <assert_macros.S>
-#include <lib/cpus/errata_report.h>
-
-#define CPU_IMPL_PN_MASK (MIDR_IMPL_MASK << MIDR_IMPL_SHIFT) | \
- (MIDR_PN_MASK << MIDR_PN_SHIFT)
-
-/* The number of CPU operations allowed */
-#define CPU_MAX_PWR_DWN_OPS 2
-
-/* Special constant to specify that CPU has no reset function */
-#define CPU_NO_RESET_FUNC 0
-
-#define CPU_NO_EXTRA1_FUNC 0
-#define CPU_NO_EXTRA2_FUNC 0
-#define CPU_NO_EXTRA3_FUNC 0
-
-/* Word size for 64-bit CPUs */
-#define CPU_WORD_SIZE 8
-
-/*
- * Whether errata status needs reporting. Errata status is printed in debug
- * builds for both BL1 and BL31 images.
- */
-#if (defined(IMAGE_BL1) || defined(IMAGE_BL31)) && DEBUG
-# define REPORT_ERRATA 1
-#else
-# define REPORT_ERRATA 0
-#endif
-
-
- .equ CPU_MIDR_SIZE, CPU_WORD_SIZE
- .equ CPU_EXTRA1_FUNC_SIZE, CPU_WORD_SIZE
- .equ CPU_EXTRA2_FUNC_SIZE, CPU_WORD_SIZE
- .equ CPU_EXTRA3_FUNC_SIZE, CPU_WORD_SIZE
- .equ CPU_E_HANDLER_FUNC_SIZE, CPU_WORD_SIZE
- .equ CPU_RESET_FUNC_SIZE, CPU_WORD_SIZE
- .equ CPU_PWR_DWN_OPS_SIZE, CPU_WORD_SIZE * CPU_MAX_PWR_DWN_OPS
- .equ CPU_ERRATA_FUNC_SIZE, CPU_WORD_SIZE
- .equ CPU_ERRATA_LOCK_SIZE, CPU_WORD_SIZE
- .equ CPU_ERRATA_PRINTED_SIZE, CPU_WORD_SIZE
- .equ CPU_REG_DUMP_SIZE, CPU_WORD_SIZE
-
-#ifndef IMAGE_AT_EL3
- .equ CPU_RESET_FUNC_SIZE, 0
-#endif
-
-/* The power down core and cluster is needed only in BL31 */
-#ifndef IMAGE_BL31
- .equ CPU_PWR_DWN_OPS_SIZE, 0
-#endif
-
-/* Fields required to print errata status. */
-#if !REPORT_ERRATA
- .equ CPU_ERRATA_FUNC_SIZE, 0
-#endif
-
-/* Only BL31 requieres mutual exclusion and printed flag. */
-#if !(REPORT_ERRATA && defined(IMAGE_BL31))
- .equ CPU_ERRATA_LOCK_SIZE, 0
- .equ CPU_ERRATA_PRINTED_SIZE, 0
-#endif
-
-#if !defined(IMAGE_BL31) || !CRASH_REPORTING
- .equ CPU_REG_DUMP_SIZE, 0
-#endif
-
-/*
- * Define the offsets to the fields in cpu_ops structure.
- * Every offset is defined based in the offset and size of the previous
- * field.
- */
- .equ CPU_MIDR, 0
- .equ CPU_RESET_FUNC, CPU_MIDR + CPU_MIDR_SIZE
- .equ CPU_EXTRA1_FUNC, CPU_RESET_FUNC + CPU_RESET_FUNC_SIZE
- .equ CPU_EXTRA2_FUNC, CPU_EXTRA1_FUNC + CPU_EXTRA1_FUNC_SIZE
- .equ CPU_EXTRA3_FUNC, CPU_EXTRA2_FUNC + CPU_EXTRA2_FUNC_SIZE
- .equ CPU_E_HANDLER_FUNC, CPU_EXTRA3_FUNC + CPU_EXTRA3_FUNC_SIZE
- .equ CPU_PWR_DWN_OPS, CPU_E_HANDLER_FUNC + CPU_E_HANDLER_FUNC_SIZE
- .equ CPU_ERRATA_FUNC, CPU_PWR_DWN_OPS + CPU_PWR_DWN_OPS_SIZE
- .equ CPU_ERRATA_LOCK, CPU_ERRATA_FUNC + CPU_ERRATA_FUNC_SIZE
- .equ CPU_ERRATA_PRINTED, CPU_ERRATA_LOCK + CPU_ERRATA_LOCK_SIZE
- .equ CPU_REG_DUMP, CPU_ERRATA_PRINTED + CPU_ERRATA_PRINTED_SIZE
- .equ CPU_OPS_SIZE, CPU_REG_DUMP + CPU_REG_DUMP_SIZE
+#include <lib/cpus/cpu_ops.h>
+#include <lib/cpus/errata.h>
/*
* Write given expressions as quad words
@@ -172,6 +91,27 @@
/* Insert list of functions */
fill_constants CPU_MAX_PWR_DWN_OPS, \_power_down_ops
#endif
+ /*
+ * It is possible (although unlikely) that a cpu may have no errata in
+ * code. In that case the start label will not be defined. The list is
+ * intended to be used in a loop, so define it as zero-length for
+ * predictable behaviour. Since this macro is always called at the end
+ * of the cpu file (after all errata have been parsed) we can be sure
+ * that we are at the end of the list. Some cpus call declare_cpu_ops
+ * twice, so only do this once.
+ */
+ .pushsection .rodata.errata_entries
+ .ifndef \_name\()_errata_list_start
+ \_name\()_errata_list_start:
+ .endif
+ .ifndef \_name\()_errata_list_end
+ \_name\()_errata_list_end:
+ .endif
+ .popsection
+
+ /* and now put them in cpu_ops */
+ .quad \_name\()_errata_list_start
+ .quad \_name\()_errata_list_end
#if REPORT_ERRATA
.ifndef \_name\()_cpu_str
@@ -192,18 +132,20 @@
.popsection
.endif
+
/*
* Mandatory errata status printing function for CPUs of
* this class.
*/
.quad \_name\()_errata_report
+ .quad \_name\()_cpu_str
#ifdef IMAGE_BL31
/* Pointers to errata lock and reported flag */
.quad \_name\()_errata_lock
.quad \_name\()_errata_reported
-#endif
-#endif
+#endif /* IMAGE_BL31 */
+#endif /* REPORT_ERRATA */
#if defined(IMAGE_BL31) && CRASH_REPORTING
.quad \_name\()_cpu_reg_dump
@@ -229,6 +171,7 @@
\_extra1, \_extra2, \_extra3, 0, \_power_down_ops
.endm
+/* TODO can be deleted once all CPUs have been converted */
#if REPORT_ERRATA
/*
* Print status of a CPU errata
@@ -311,4 +254,322 @@
b.eq \_label
.endm
+
+/*
+ * Workaround wrappers for errata that apply at reset or runtime. Reset errata
+ * will be applied automatically
+ *
+ * _cpu:
+ * Name of cpu as given to declare_cpu_ops
+ *
+ * _cve:
+ * Whether erratum is a CVE. CVE year if yes, 0 otherwise
+ *
+ * _id:
+ * Erratum or CVE number. Please combine with previous field with ERRATUM
+ * or CVE macros
+ *
+ * _chosen:
+ * Compile time flag on whether the erratum is included
+ *
+ * _apply_at_reset:
+ * Whether the erratum should be automatically applied at reset
+ */
+.macro add_erratum_entry _cpu:req, _cve:req, _id:req, _chosen:req, _apply_at_reset:req
+ .pushsection .rodata.errata_entries
+ .align 3
+ .ifndef \_cpu\()_errata_list_start
+ \_cpu\()_errata_list_start:
+ .endif
+
+ /* check if unused and compile out if no references */
+ .if \_apply_at_reset && \_chosen
+ .quad erratum_\_cpu\()_\_id\()_wa
+ .else
+ .quad 0
+ .endif
+ /* TODO(errata ABI): this prevents all checker functions from
+ * being optimised away. Can be done away with unless the ABI
+ * needs them */
+ .quad check_erratum_\_cpu\()_\_id
+ /* Will fit CVEs with up to 10 character in the ID field */
+ .word \_id
+ .hword \_cve
+ .byte \_chosen
+ /* TODO(errata ABI): mitigated field for known but unmitigated
+ * errata */
+ .byte 0x1
+ .popsection
+.endm
+
+.macro _workaround_start _cpu:req, _cve:req, _id:req, _chosen:req, _apply_at_reset:req
+ add_erratum_entry \_cpu, \_cve, \_id, \_chosen, \_apply_at_reset
+
+ func erratum_\_cpu\()_\_id\()_wa
+ mov x8, x30
+
+ /* save rev_var for workarounds that might need it but don't
+ * restore to x0 because few will care */
+ mov x7, x0
+ bl check_erratum_\_cpu\()_\_id
+ cbz x0, erratum_\_cpu\()_\_id\()_skip
+.endm
+
+.macro _workaround_end _cpu:req, _id:req
+ erratum_\_cpu\()_\_id\()_skip:
+ ret x8
+ endfunc erratum_\_cpu\()_\_id\()_wa
+.endm
+
+/*******************************************************************************
+ * Errata workaround wrappers
+ ******************************************************************************/
+/*
+ * Workaround wrappers for errata that apply at reset or runtime. Reset errata
+ * will be applied automatically
+ *
+ * _cpu:
+ * Name of cpu as given to declare_cpu_ops
+ *
+ * _cve:
+ * Whether erratum is a CVE. CVE year if yes, 0 otherwise
+ *
+ * _id:
+ * Erratum or CVE number. Please combine with previous field with ERRATUM
+ * or CVE macros
+ *
+ * _chosen:
+ * Compile time flag on whether the erratum is included
+ *
+ * in body:
+ * clobber x0 to x7 (please only use those)
+ * argument x7 - cpu_rev_var
+ *
+ * _wa clobbers: x0-x8 (PCS compliant)
+ */
+.macro workaround_reset_start _cpu:req, _cve:req, _id:req, _chosen:req
+ _workaround_start \_cpu, \_cve, \_id, \_chosen, 1
+.endm
+
+/*
+ * See `workaround_reset_start` for usage info. Additional arguments:
+ *
+ * _midr:
+ * Check if CPU's MIDR matches the CPU it's meant for. Must be specified
+ * for errata applied in generic code
+ */
+.macro workaround_runtime_start _cpu:req, _cve:req, _id:req, _chosen:req, _midr
+ /*
+ * Let errata specify if they need MIDR checking. Sadly, storing the
+ * MIDR in an .equ to retrieve automatically blows up as it stores some
+ * brackets in the symbol
+ */
+ .ifnb \_midr
+ jump_if_cpu_midr \_midr, 1f
+ b erratum_\_cpu\()_\_id\()_skip
+
+ 1:
+ .endif
+ _workaround_start \_cpu, \_cve, \_id, \_chosen, 0
+.endm
+
+/*
+ * Usage and arguments identical to `workaround_reset_start`. The _cve argument
+ * is kept here so the same #define can be used as that macro
+ */
+.macro workaround_reset_end _cpu:req, _cve:req, _id:req
+ _workaround_end \_cpu, \_id
+.endm
+
+/*
+ * See `workaround_reset_start` for usage info. The _cve argument is kept here
+ * so the same #define can be used as that macro. Additional arguments:
+ *
+ * _no_isb:
+ * Optionally do not include the trailing isb. Please disable with the
+ * NO_ISB macro
+ */
+.macro workaround_runtime_end _cpu:req, _cve:req, _id:req, _no_isb
+ /*
+ * Runtime errata do not have a reset function to call the isb for them
+ * and missing the isb could be very problematic. It is also likely as
+ * they tend to be scattered in generic code.
+ */
+ .ifb \_no_isb
+ isb
+ .endif
+ _workaround_end \_cpu, \_id
+.endm
+
+/*******************************************************************************
+ * Errata workaround helpers
+ ******************************************************************************/
+/*
+ * Set a bit in a system register. Can set multiple bits but is limited by the
+ * way the ORR instruction encodes them.
+ *
+ * _reg:
+ * Register to write to
+ *
+ * _bit:
+ * Bit to set. Please use a descriptive #define
+ *
+ * _assert:
+ * Optionally whether to read back and assert that the bit has been
+ * written. Please disable with NO_ASSERT macro
+ *
+ * clobbers: x1
+ */
+.macro sysreg_bit_set _reg:req, _bit:req, _assert=1
+ mrs x1, \_reg
+ orr x1, x1, #\_bit
+ msr \_reg, x1
+.endm
+
+/*
+ * Apply erratum
+ *
+ * _cpu:
+ * Name of cpu as given to declare_cpu_ops
+ *
+ * _cve:
+ * Whether erratum is a CVE. CVE year if yes, 0 otherwise
+ *
+ * _id:
+ * Erratum or CVE number. Please combine with previous field with ERRATUM
+ * or CVE macros
+ *
+ * _chosen:
+ * Compile time flag on whether the erratum is included
+ *
+ * clobbers: x0-x9 (PCS compliant)
+ */
+.macro apply_erratum _cpu:req, _cve:req, _id:req, _chosen:req
+ .if \_chosen
+ mov x9, x30
+ bl cpu_get_rev_var
+ bl erratum_\_cpu\()_\_id\()_wa
+ mov x30, x9
+
+ .endif
+.endm
+
+/*
+ * Helpers to select which revisions errata apply to. Don't leave a link
+ * register as the cpu_rev_var_*** will call the ret and we can save on one.
+ *
+ * _cpu:
+ * Name of cpu as given to declare_cpu_ops
+ *
+ * _cve:
+ * Whether erratum is a CVE. CVE year if yes, 0 otherwise
+ *
+ * _id:
+ * Erratum or CVE number. Please combine with previous field with ERRATUM
+ * or CVE macros
+ *
+ * _rev_num:
+ * Revision to apply to
+ *
+ * in body:
+ * clobber: x0 to x4
+ * argument: x0 - cpu_rev_var
+ */
+.macro check_erratum_ls _cpu:req, _cve:req, _id:req, _rev_num:req
+ func check_erratum_\_cpu\()_\_id
+ mov x1, #\_rev_num
+ b cpu_rev_var_ls
+ endfunc check_erratum_\_cpu\()_\_id
+.endm
+
+.macro check_erratum_hs _cpu:req, _cve:req, _id:req, _rev_num:req
+ func check_erratum_\_cpu\()_\_id
+ mov x1, #\_rev_num
+ b cpu_rev_var_hs
+ endfunc check_erratum_\_cpu\()_\_id
+.endm
+
+.macro check_erratum_range _cpu:req, _cve:req, _id:req, _rev_num_lo:req, _rev_num_hi:req
+ func check_erratum_\_cpu\()_\_id
+ mov x1, #\_rev_num_lo
+ mov x2, #\_rev_num_hi
+ b cpu_rev_var_range
+ endfunc check_erratum_\_cpu\()_\_id
+.endm
+
+/*******************************************************************************
+ * CPU reset function wrapper
+ ******************************************************************************/
+
+/*
+ * Wrapper to automatically apply all reset-time errata. Will end with an isb.
+ *
+ * _cpu:
+ * Name of cpu as given to declare_cpu_ops
+ *
+ * in body:
+ * clobber x8 to x14
+ * argument x14 - cpu_rev_var
+ */
+.macro cpu_reset_func_start _cpu:req
+ func \_cpu\()_reset_func
+ mov x15, x30
+ bl cpu_get_rev_var
+ mov x14, x0
+
+ /* short circuit the location to avoid searching the list */
+ adrp x12, \_cpu\()_errata_list_start
+ add x12, x12, :lo12:\_cpu\()_errata_list_start
+ adrp x13, \_cpu\()_errata_list_end
+ add x13, x13, :lo12:\_cpu\()_errata_list_end
+
+ errata_begin:
+ /* if head catches up with end of list, exit */
+ cmp x12, x13
+ b.eq errata_end
+
+ ldr x10, [x12, #ERRATUM_WA_FUNC]
+ /* TODO(errata ABI): check mitigated and checker function fields
+ * for 0 */
+ ldrb w11, [x12, #ERRATUM_CHOSEN]
+
+ /* skip if not chosen */
+ cbz x11, 1f
+ /* skip if runtime erratum */
+ cbz x10, 1f
+
+ /* put cpu revision in x0 and call workaround */
+ mov x0, x14
+ blr x10
+ 1:
+ add x12, x12, #ERRATUM_ENTRY_SIZE
+ b errata_begin
+ errata_end:
+.endm
+
+.macro cpu_reset_func_end _cpu:req
+ isb
+ ret x15
+ endfunc \_cpu\()_reset_func
+.endm
+
+/*
+ * Maintain compatibility with the old scheme of each cpu has its own reporting.
+ * TODO remove entirely once all cpus have been converted. This includes the
+ * cpu_ops entry, as print_errata_status can call this directly for all cpus
+ */
+.macro errata_report_shim _cpu:req
+ #if REPORT_ERRATA
+ func \_cpu\()_errata_report
+ /* normal stack frame for pretty debugging */
+ stp x29, x30, [sp, #-16]!
+ mov x29, sp
+
+ bl generic_errata_report
+
+ ldp x29, x30, [sp], #16
+ ret
+ endfunc \_cpu\()_errata_report
+ #endif
+.endm
#endif /* CPU_MACROS_S */
diff --git a/include/lib/cpus/cpu_ops.h b/include/lib/cpus/cpu_ops.h
new file mode 100644
index 0000000..8b36ff1
--- /dev/null
+++ b/include/lib/cpus/cpu_ops.h
@@ -0,0 +1,152 @@
+/*
+ * Copyright (c) 2023, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef CPU_OPS_H
+#define CPU_OPS_H
+
+#include <arch.h>
+
+#define CPU_IMPL_PN_MASK (MIDR_IMPL_MASK << MIDR_IMPL_SHIFT) | \
+ (MIDR_PN_MASK << MIDR_PN_SHIFT)
+
+/* Hardcode to keep compatible with assembly. sizeof(uintptr_t) */
+#if __aarch64__
+#define CPU_WORD_SIZE 8
+#else
+#define CPU_WORD_SIZE 4
+#endif /* __aarch64__ */
+
+/* The number of CPU operations allowed */
+#define CPU_MAX_PWR_DWN_OPS 2
+/* Special constant to specify that CPU has no reset function */
+#define CPU_NO_RESET_FUNC 0
+
+#if __aarch64__
+#define CPU_NO_EXTRA1_FUNC 0
+#define CPU_NO_EXTRA2_FUNC 0
+#define CPU_NO_EXTRA3_FUNC 0
+#endif /* __aarch64__ */
+
+
+/*
+ * Define the sizes of the fields in the cpu_ops structure. Word size is set per
+ * Aarch so keep these definitions the same and each can include whatever it
+ * needs.
+ */
+#define CPU_MIDR_SIZE CPU_WORD_SIZE
+#ifdef IMAGE_AT_EL3
+#define CPU_RESET_FUNC_SIZE CPU_WORD_SIZE
+#else
+#define CPU_RESET_FUNC_SIZE 0
+#endif /* IMAGE_AT_EL3 */
+#define CPU_EXTRA1_FUNC_SIZE CPU_WORD_SIZE
+#define CPU_EXTRA2_FUNC_SIZE CPU_WORD_SIZE
+#define CPU_EXTRA3_FUNC_SIZE CPU_WORD_SIZE
+#define CPU_E_HANDLER_FUNC_SIZE CPU_WORD_SIZE
+/* The power down core and cluster is needed only in BL31 and BL32 */
+#if defined(IMAGE_BL31) || defined(IMAGE_BL32)
+#define CPU_PWR_DWN_OPS_SIZE CPU_WORD_SIZE * CPU_MAX_PWR_DWN_OPS
+#else
+#define CPU_PWR_DWN_OPS_SIZE 0
+#endif /* defined(IMAGE_BL31) || defined(IMAGE_BL32) */
+
+#define CPU_ERRATA_LIST_START_SIZE CPU_WORD_SIZE
+#define CPU_ERRATA_LIST_END_SIZE CPU_WORD_SIZE
+/* Fields required to print errata status */
+#if REPORT_ERRATA
+#define CPU_ERRATA_FUNC_SIZE CPU_WORD_SIZE
+#define CPU_CPU_STR_SIZE CPU_WORD_SIZE
+/* BL1 doesn't require mutual exclusion and printed flag. */
+#if defined(IMAGE_BL31) || defined(IMAGE_BL32)
+#define CPU_ERRATA_LOCK_SIZE CPU_WORD_SIZE
+#define CPU_ERRATA_PRINTED_SIZE CPU_WORD_SIZE
+#else
+#define CPU_ERRATA_LOCK_SIZE 0
+#define CPU_ERRATA_PRINTED_SIZE 0
+#endif /* defined(IMAGE_BL31) || defined(IMAGE_BL32) */
+#else
+#define CPU_ERRATA_FUNC_SIZE 0
+#define CPU_CPU_STR_SIZE 0
+#define CPU_ERRATA_LOCK_SIZE 0
+#define CPU_ERRATA_PRINTED_SIZE 0
+#endif /* REPORT_ERRATA */
+
+#if defined(IMAGE_BL31) && CRASH_REPORTING
+#define CPU_REG_DUMP_SIZE CPU_WORD_SIZE
+#else
+#define CPU_REG_DUMP_SIZE 0
+#endif /* defined(IMAGE_BL31) && CRASH_REPORTING */
+
+
+/*
+ * Define the offsets to the fields in cpu_ops structure. Every offset is
+ * defined based on the offset and size of the previous field.
+ */
+#define CPU_MIDR 0
+#define CPU_RESET_FUNC CPU_MIDR + CPU_MIDR_SIZE
+#if __aarch64__
+#define CPU_EXTRA1_FUNC CPU_RESET_FUNC + CPU_RESET_FUNC_SIZE
+#define CPU_EXTRA2_FUNC CPU_EXTRA1_FUNC + CPU_EXTRA1_FUNC_SIZE
+#define CPU_EXTRA3_FUNC CPU_EXTRA2_FUNC + CPU_EXTRA2_FUNC_SIZE
+#define CPU_E_HANDLER_FUNC CPU_EXTRA3_FUNC + CPU_EXTRA3_FUNC_SIZE
+#define CPU_PWR_DWN_OPS CPU_E_HANDLER_FUNC + CPU_E_HANDLER_FUNC_SIZE
+#else
+#define CPU_PWR_DWN_OPS CPU_RESET_FUNC + CPU_RESET_FUNC_SIZE
+#endif /* __aarch64__ */
+#define CPU_ERRATA_LIST_START CPU_PWR_DWN_OPS + CPU_PWR_DWN_OPS_SIZE
+#define CPU_ERRATA_LIST_END CPU_ERRATA_LIST_START + CPU_ERRATA_LIST_START_SIZE
+#define CPU_ERRATA_FUNC CPU_ERRATA_LIST_END + CPU_ERRATA_LIST_END_SIZE
+#define CPU_CPU_STR CPU_ERRATA_FUNC + CPU_ERRATA_FUNC_SIZE
+#define CPU_ERRATA_LOCK CPU_CPU_STR + CPU_CPU_STR_SIZE
+#define CPU_ERRATA_PRINTED CPU_ERRATA_LOCK + CPU_ERRATA_LOCK_SIZE
+#if __aarch64__
+#define CPU_REG_DUMP CPU_ERRATA_PRINTED + CPU_ERRATA_PRINTED_SIZE
+#define CPU_OPS_SIZE CPU_REG_DUMP + CPU_REG_DUMP_SIZE
+#else
+#define CPU_OPS_SIZE CPU_ERRATA_PRINTED + CPU_ERRATA_PRINTED_SIZE
+#endif /* __aarch64__ */
+
+#ifndef __ASSEMBLER__
+#include <lib/cassert.h>
+#include <lib/spinlock.h>
+
+struct cpu_ops {
+ unsigned long midr;
+#ifdef IMAGE_AT_EL3
+ void (*reset_func)(void);
+#endif /* IMAGE_AT_EL3 */
+#if __aarch64__
+ void (*extra1_func)(void);
+ void (*extra2_func)(void);
+ void (*extra3_func)(void);
+ void (*e_handler_func)(long es);
+#endif /* __aarch64__ */
+#if (defined(IMAGE_BL31) || defined(IMAGE_BL32)) && CPU_MAX_PWR_DWN_OPS
+ void (*pwr_dwn_ops[CPU_MAX_PWR_DWN_OPS])(void);
+#endif /* (defined(IMAGE_BL31) || defined(IMAGE_BL32)) && CPU_MAX_PWR_DWN_OPS */
+ void *errata_list_start;
+ void *errata_list_end;
+#if REPORT_ERRATA
+ void (*errata_func)(void);
+ char *cpu_str;
+#if defined(IMAGE_BL31) || defined(IMAGE_BL32)
+ spinlock_t *errata_lock;
+ unsigned int *errata_reported;
+#endif /* defined(IMAGE_BL31) || defined(IMAGE_BL32) */
+#endif /* REPORT_ERRATA */
+#if defined(IMAGE_BL31) && CRASH_REPORTING
+ void (*reg_dump)(void);
+#endif /* defined(IMAGE_BL31) && CRASH_REPORTING */
+} __packed;
+
+CASSERT(sizeof(struct cpu_ops) == CPU_OPS_SIZE,
+ assert_cpu_ops_asm_c_different_sizes);
+
+long cpu_get_rev_var(void);
+void *get_cpu_ops_ptr(void);
+
+#endif /* __ASSEMBLER__ */
+#endif /* CPU_OPS_H */
diff --git a/include/lib/cpus/errata.h b/include/lib/cpus/errata.h
new file mode 100644
index 0000000..f8f9555
--- /dev/null
+++ b/include/lib/cpus/errata.h
@@ -0,0 +1,78 @@
+/*
+ * Copyright (c) 2017-2023, Arm Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#ifndef ERRATA_REPORT_H
+#define ERRATA_REPORT_H
+
+#include <lib/cpus/cpu_ops.h>
+
+
+#define ERRATUM_WA_FUNC_SIZE CPU_WORD_SIZE
+#define ERRATUM_CHECK_FUNC_SIZE CPU_WORD_SIZE
+#define ERRATUM_ID_SIZE 4
+#define ERRATUM_CVE_SIZE 2
+#define ERRATUM_CHOSEN_SIZE 1
+#define ERRATUM_MITIGATED_SIZE 1
+
+#define ERRATUM_WA_FUNC 0
+#define ERRATUM_CHECK_FUNC ERRATUM_WA_FUNC + ERRATUM_WA_FUNC_SIZE
+#define ERRATUM_ID ERRATUM_CHECK_FUNC + ERRATUM_CHECK_FUNC_SIZE
+#define ERRATUM_CVE ERRATUM_ID + ERRATUM_ID_SIZE
+#define ERRATUM_CHOSEN ERRATUM_CVE + ERRATUM_CVE_SIZE
+#define ERRATUM_MITIGATED ERRATUM_CHOSEN + ERRATUM_CHOSEN_SIZE
+#define ERRATUM_ENTRY_SIZE ERRATUM_MITIGATED + ERRATUM_MITIGATED_SIZE
+
+#ifndef __ASSEMBLER__
+#include <lib/cassert.h>
+
+void print_errata_status(void);
+void errata_print_msg(unsigned int status, const char *cpu, const char *id);
+
+/*
+ * NOTE that this structure will be different on AArch32 and AArch64. The
+ * uintptr_t will reflect the change and the alignment will be correct in both.
+ */
+struct erratum_entry {
+ uintptr_t (*wa_func)(uint64_t cpu_rev);
+ uintptr_t (*check_func)(uint64_t cpu_rev);
+ /* Will fit CVEs with up to 10 character in the ID field */
+ uint32_t id;
+ /* Denote CVEs with their year or errata with 0 */
+ uint16_t cve;
+ uint8_t chosen;
+ /* TODO(errata ABI): placeholder for the mitigated field */
+ uint8_t _mitigated;
+} __packed;
+
+CASSERT(sizeof(struct erratum_entry) == ERRATUM_ENTRY_SIZE,
+ assert_erratum_entry_asm_c_different_sizes);
+#else
+
+/*
+ * errata framework macro helpers
+ *
+ * NOTE an erratum and CVE id could clash. However, both numbers are very large
+ * and the probablity is minuscule. Working around this makes code very
+ * complicated and extremely difficult to read so it is not considered. In the
+ * unlikely event that this does happen, prepending the CVE id with a 0 should
+ * resolve the conflict
+ */
+#define ERRATUM(id) 0, id
+#define CVE(year, id) year, id
+#define NO_ISB 1
+#define NO_ASSERT 0
+
+#endif /* __ASSEMBLER__ */
+
+/* Errata status */
+#define ERRATA_NOT_APPLIES 0
+#define ERRATA_APPLIES 1
+#define ERRATA_MISSING 2
+
+/* Macro to get CPU revision code for checking errata version compatibility. */
+#define CPU_REV(r, p) ((r << 4) | p)
+
+#endif /* ERRATA_REPORT_H */
diff --git a/include/lib/cpus/errata_report.h b/include/lib/cpus/errata_report.h
deleted file mode 100644
index efdedf0..0000000
--- a/include/lib/cpus/errata_report.h
+++ /dev/null
@@ -1,36 +0,0 @@
-/*
- * Copyright (c) 2017-2018, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-#ifndef ERRATA_REPORT_H
-#define ERRATA_REPORT_H
-
-#ifndef __ASSEMBLER__
-
-#include <arch.h>
-#include <arch_helpers.h>
-#include <lib/spinlock.h>
-#include <lib/utils_def.h>
-
-#if DEBUG
-void print_errata_status(void);
-#else
-static inline void print_errata_status(void) {}
-#endif
-
-void errata_print_msg(unsigned int status, const char *cpu, const char *id);
-int errata_needs_reporting(spinlock_t *lock, uint32_t *reported);
-
-#endif /* __ASSEMBLER__ */
-
-/* Errata status */
-#define ERRATA_NOT_APPLIES 0
-#define ERRATA_APPLIES 1
-#define ERRATA_MISSING 2
-
-/* Macro to get CPU revision code for checking errata version compatibility. */
-#define CPU_REV(r, p) ((r << 4) | p)
-
-#endif /* ERRATA_REPORT_H */
diff --git a/include/services/el3_spmc_ffa_memory.h b/include/services/el3_spmc_ffa_memory.h
index 2037eca..5d3af5d 100644
--- a/include/services/el3_spmc_ffa_memory.h
+++ b/include/services/el3_spmc_ffa_memory.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2022-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -217,6 +217,8 @@
struct ffa_emad_v1_0 emad[];
};
CASSERT(sizeof(struct ffa_mtd_v1_0) == 32, assert_ffa_mtd_size_v1_0_mismatch);
+CASSERT(offsetof(struct ffa_mtd_v1_0, emad) == 32,
+ assert_ffa_mtd_size_v1_0_mismatch_2);
/**
* struct ffa_mtd - Memory transaction descriptor for FF-A v1.1.
@@ -254,5 +256,8 @@
uint64_t reserved_40_47;
};
CASSERT(sizeof(struct ffa_mtd) == 48, assert_ffa_mtd_size_mismatch);
+CASSERT(offsetof(struct ffa_mtd, emad_count) ==
+ offsetof(struct ffa_mtd_v1_0, emad_count),
+ assert_ffa_mtd_emad_count_offset_mismatch);
#endif /* EL3_SPMC_FFA_MEM_H */
diff --git a/include/services/rmmd_svc.h b/include/services/rmmd_svc.h
index de7181c..55d778e 100644
--- a/include/services/rmmd_svc.h
+++ b/include/services/rmmd_svc.h
@@ -152,7 +152,7 @@
* Increase this when a bug is fixed, or a feature is added without
* breaking compatibility.
*/
-#define RMM_EL3_IFC_VERSION_MINOR (U(1))
+#define RMM_EL3_IFC_VERSION_MINOR (U(2))
#define RMM_EL3_INTERFACE_VERSION \
(((RMM_EL3_IFC_VERSION_MAJOR << 16) & 0x7FFFF) | \
diff --git a/lib/cpus/aarch32/cpu_helpers.S b/lib/cpus/aarch32/cpu_helpers.S
index e25ce2a..05bc5d9 100644
--- a/lib/cpus/aarch32/cpu_helpers.S
+++ b/lib/cpus/aarch32/cpu_helpers.S
@@ -9,6 +9,7 @@
#include <assert_macros.S>
#include <cpu_macros.S>
#include <common/bl_common.h>
+#include <lib/cpus/cpu_ops.h>
#include <lib/el3_runtime/cpu_data.h>
#if defined(IMAGE_BL1) || defined(IMAGE_BL32) || \
@@ -204,62 +205,3 @@
movlt r0, #ERRATA_NOT_APPLIES
bx lr
endfunc cpu_rev_var_hs
-
-#if REPORT_ERRATA
-/*
- * void print_errata_status(void);
- *
- * Function to print errata status for CPUs of its class. Must be called only:
- *
- * - with MMU and data caches are enabled;
- * - after cpu_ops have been initialized in per-CPU data.
- */
- .globl print_errata_status
-func print_errata_status
- /* r12 is pushed only for the sake of 8-byte stack alignment */
- push {r4, r5, r12, lr}
-#ifdef IMAGE_BL1
- /*
- * BL1 doesn't have per-CPU data. So retrieve the CPU operations
- * directly.
- */
- bl get_cpu_ops_ptr
- ldr r0, [r0, #CPU_ERRATA_FUNC]
- cmp r0, #0
- blxne r0
-#else
- /*
- * Retrieve pointer to cpu_ops, and further, the errata printing
- * function. If it's non-NULL, jump to the function in turn.
- */
- bl _cpu_data
-#if ENABLE_ASSERTIONS
- cmp r0, #0
- ASM_ASSERT(ne)
-#endif
- ldr r1, [r0, #CPU_DATA_CPU_OPS_PTR]
-#if ENABLE_ASSERTIONS
- cmp r1, #0
- ASM_ASSERT(ne)
-#endif
- ldr r0, [r1, #CPU_ERRATA_FUNC]
- cmp r0, #0
- beq 1f
-
- mov r4, r0
-
- /*
- * Load pointers to errata lock and printed flag. Call
- * errata_needs_reporting to check whether this CPU needs to report
- * errata status pertaining to its class.
- */
- ldr r0, [r1, #CPU_ERRATA_LOCK]
- ldr r1, [r1, #CPU_ERRATA_PRINTED]
- bl errata_needs_reporting
- cmp r0, #0
- blxne r4
-1:
-#endif
- pop {r4, r5, r12, pc}
-endfunc print_errata_status
-#endif
diff --git a/lib/cpus/aarch64/cortex_a53.S b/lib/cpus/aarch64/cortex_a53.S
index df11d86..ecaf422 100644
--- a/lib/cpus/aarch64/cortex_a53.S
+++ b/lib/cpus/aarch64/cortex_a53.S
@@ -9,8 +9,8 @@
#include <common/debug.h>
#include <cortex_a53.h>
#include <cpu_macros.S>
-#include <lib/cpus/errata_report.h>
#include <plat_macros.S>
+#include <lib/cpus/errata.h>
#if A53_DISABLE_NON_TEMPORAL_HINT
#undef ERRATA_A53_836870
diff --git a/lib/cpus/aarch64/cpu_helpers.S b/lib/cpus/aarch64/cpu_helpers.S
index 0a03e38..a4285ed 100644
--- a/lib/cpus/aarch64/cpu_helpers.S
+++ b/lib/cpus/aarch64/cpu_helpers.S
@@ -10,7 +10,8 @@
#include <common/bl_common.h>
#include <common/debug.h>
#include <cpu_macros.S>
-#include <lib/cpus/errata_report.h>
+#include <lib/cpus/cpu_ops.h>
+#include <lib/cpus/errata.h>
#include <lib/el3_runtime/cpu_data.h>
/* Reset fn is needed in BL at reset vector */
@@ -279,72 +280,6 @@
ret
endfunc cpu_rev_var_range
-#if REPORT_ERRATA
-/*
- * void print_errata_status(void);
- *
- * Function to print errata status for CPUs of its class. Must be called only:
- *
- * - with MMU and data caches are enabled;
- * - after cpu_ops have been initialized in per-CPU data.
- */
- .globl print_errata_status
-func print_errata_status
-#ifdef IMAGE_BL1
- /*
- * BL1 doesn't have per-CPU data. So retrieve the CPU operations
- * directly.
- */
- stp xzr, x30, [sp, #-16]!
- bl get_cpu_ops_ptr
- ldp xzr, x30, [sp], #16
- ldr x1, [x0, #CPU_ERRATA_FUNC]
- cbnz x1, .Lprint
-#else
- /*
- * Retrieve pointer to cpu_ops from per-CPU data, and further, the
- * errata printing function. If it's non-NULL, jump to the function in
- * turn.
- */
- mrs x0, tpidr_el3
-#if ENABLE_ASSERTIONS
- cmp x0, #0
- ASM_ASSERT(ne)
-#endif
- ldr x1, [x0, #CPU_DATA_CPU_OPS_PTR]
-#if ENABLE_ASSERTIONS
- cmp x1, #0
- ASM_ASSERT(ne)
-#endif
- ldr x0, [x1, #CPU_ERRATA_FUNC]
- cbz x0, .Lnoprint
-
- /*
- * Printing errata status requires atomically testing the printed flag.
- */
- stp x19, x30, [sp, #-16]!
- mov x19, x0
-
- /*
- * Load pointers to errata lock and printed flag. Call
- * errata_needs_reporting to check whether this CPU needs to report
- * errata status pertaining to its class.
- */
- ldr x0, [x1, #CPU_ERRATA_LOCK]
- ldr x1, [x1, #CPU_ERRATA_PRINTED]
- bl errata_needs_reporting
- mov x1, x19
- ldp x19, x30, [sp], #16
- cbnz x0, .Lprint
-#endif
-.Lnoprint:
- ret
-.Lprint:
- /* Jump to errata reporting function for this CPU */
- br x1
-endfunc print_errata_status
-#endif
-
/*
* int check_wa_cve_2017_5715(void);
*
diff --git a/lib/cpus/aarch64/dsu_helpers.S b/lib/cpus/aarch64/dsu_helpers.S
index 419b6ea..b7e028a 100644
--- a/lib/cpus/aarch64/dsu_helpers.S
+++ b/lib/cpus/aarch64/dsu_helpers.S
@@ -6,7 +6,7 @@
#include <asm_macros.S>
#include <dsu_def.h>
-#include <lib/cpus/errata_report.h>
+#include <lib/cpus/errata.h>
/* -----------------------------------------------------------------------
* DSU erratum 798953 check function
diff --git a/lib/cpus/errata_report.c b/lib/cpus/errata_report.c
index 5f41aee..a37ba81 100644
--- a/lib/cpus/errata_report.c
+++ b/lib/cpus/errata_report.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2017-2023, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2023, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -11,7 +11,8 @@
#include <arch_helpers.h>
#include <common/debug.h>
-#include <lib/cpus/errata_report.h>
+#include <lib/cpus/cpu_ops.h>
+#include <lib/cpus/errata.h>
#include <lib/el3_runtime/cpu_data.h>
#include <lib/spinlock.h>
@@ -30,11 +31,93 @@
/* Errata format: BL stage, CPU, errata ID, message */
#define ERRATA_FORMAT "%s: %s: CPU workaround for %s was %s\n"
+#define CVE_FORMAT "%s: %s: CPU workaround for CVE %u_%u was %s\n"
+#define ERRATUM_FORMAT "%s: %s: CPU workaround for erratum %u was %s\n"
+
+#define PRINT_STATUS_DISPATCH(status, ...) \
+ do { \
+ assert(status <= ERRATA_MISSING); \
+ switch (status) { \
+ case ERRATA_NOT_APPLIES: \
+ VERBOSE(__VA_ARGS__, "not applied"); \
+ break; \
+ case ERRATA_APPLIES: \
+ INFO(__VA_ARGS__, "applied"); \
+ break; \
+ case ERRATA_MISSING: \
+ WARN(__VA_ARGS__, "missing!"); \
+ break; \
+ } \
+ } while (0)
+
+
+#if !REPORT_ERRATA
+void print_errata_status(void) {}
+#else /* !REPORT_ERRATA */
+/* New errata status message printer */
+void __unused generic_errata_report(void)
+{
+ struct cpu_ops *cpu_ops = get_cpu_ops_ptr();
+ struct erratum_entry *entry = cpu_ops->errata_list_start;
+ struct erratum_entry *end = cpu_ops->errata_list_end;
+ long rev_var = cpu_get_rev_var();
+ uint32_t last_erratum_id = 0;
+ uint16_t last_cve_yr = 0;
+ bool check_cve = false;
+ /* unused because assert goes away on release */
+ bool failed __unused = false;
+
+ for (; entry != end; entry += 1) {
+ uint64_t status = entry->check_func(rev_var);
+
+ assert(entry->id != 0);
+
+ /*
+ * Errata workaround has not been compiled in. If the errata
+ * would have applied had it been compiled in, print its status
+ * as missing.
+ */
+ if (status == ERRATA_APPLIES && entry->chosen == 0) {
+ status = ERRATA_MISSING;
+ }
+
+ if (entry->cve) {
+ PRINT_STATUS_DISPATCH(status, CVE_FORMAT, BL_STRING,
+ cpu_ops->cpu_str, entry->cve, entry->id);
+
+ if (last_cve_yr > entry->cve ||
+ (last_cve_yr == entry->cve && last_erratum_id >= entry->id)) {
+ ERROR("CVE %u_%u was out of order!\n",
+ entry->cve, entry->id);
+ failed = true;
+ }
+ check_cve = true;
+ last_cve_yr = entry->cve;
+ } else {
+ PRINT_STATUS_DISPATCH(status, ERRATUM_FORMAT, BL_STRING,
+ cpu_ops->cpu_str, entry->id);
+
+ if (last_erratum_id >= entry->id || check_cve) {
+ ERROR("Erratum %u was out of order!\n",
+ entry->id);
+ failed = true;
+ }
+ }
+ last_erratum_id = entry->id;
+ }
+
+ /*
+ * enforce errata and CVEs are in ascending order and that CVEs are
+ * after errata
+ */
+ assert(!failed);
+}
+
/*
* Returns whether errata needs to be reported. Passed arguments are private to
* a CPU type.
*/
-int errata_needs_reporting(spinlock_t *lock, uint32_t *reported)
+static __unused int errata_needs_reporting(spinlock_t *lock, uint32_t *reported)
{
bool report_now;
@@ -56,14 +139,44 @@
}
/*
- * Print errata status message.
- *
- * Unknown: WARN
- * Missing: WARN
- * Applied: INFO
- * Not applied: VERBOSE
+ * Function to print errata status for the calling CPU (and others of the same
+ * type). Must be called only:
+ * - when MMU and data caches are enabled;
+ * - after cpu_ops have been initialized in per-CPU data.
+ */
+void print_errata_status(void)
+{
+ struct cpu_ops *cpu_ops;
+#ifdef IMAGE_BL1
+ /*
+ * BL1 doesn't have per-CPU data. So retrieve the CPU operations
+ * directly.
+ */
+ cpu_ops = get_cpu_ops_ptr();
+
+ if (cpu_ops->errata_func != NULL) {
+ cpu_ops->errata_func();
+ }
+#else /* IMAGE_BL1 */
+ cpu_ops = (void *) get_cpu_data(cpu_ops_ptr);
+
+ assert(cpu_ops != NULL);
+
+ if (cpu_ops->errata_func == NULL) {
+ return;
+ }
+
+ if (errata_needs_reporting(cpu_ops->errata_lock, cpu_ops->errata_reported)) {
+ cpu_ops->errata_func();
+ }
+#endif /* IMAGE_BL1 */
+}
+
+/*
+ * Old errata status message printer
+ * TODO: remove once all cpus have been converted to the new printing method
*/
-void errata_print_msg(unsigned int status, const char *cpu, const char *id)
+void __unused errata_print_msg(unsigned int status, const char *cpu, const char *id)
{
/* Errata status strings */
static const char *const errata_status_str[] = {
@@ -99,3 +212,4 @@
break;
}
}
+#endif /* !REPORT_ERRATA */
diff --git a/lib/psci/psci_setup.c b/lib/psci/psci_setup.c
index 16d6e45..1f93cc9 100644
--- a/lib/psci/psci_setup.c
+++ b/lib/psci/psci_setup.c
@@ -11,8 +11,8 @@
#include <arch_helpers.h>
#include <common/bl_common.h>
#include <context.h>
+#include <lib/cpus/errata.h>
#include <lib/el3_runtime/context_mgmt.h>
-#include <lib/cpus/errata_report.h>
#include <plat/common/platform.h>
#include "psci_private.h"
diff --git a/package-lock.json b/package-lock.json
index a3e0ff9..89ebd51 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,12 +1,12 @@
{
"name": "trusted-firmware-a",
- "version": "2.8.0",
+ "version": "2.9.0",
"lockfileVersion": 2,
"requires": true,
"packages": {
"": {
"name": "trusted-firmware-a",
- "version": "2.8.0",
+ "version": "2.9.0",
"hasInstallScript": true,
"license": "BSD-3-Clause",
"devDependencies": {
diff --git a/package.json b/package.json
index 8d4dd54..8b724dae 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
{
"name": "trusted-firmware-a",
- "version": "2.8.0",
+ "version": "2.9.0",
"license": "BSD-3-Clause",
"private": true,
"scripts": {
diff --git a/plat/arm/board/fvp_r/fvp_r_bl1_main.c b/plat/arm/board/fvp_r/fvp_r_bl1_main.c
index 841a176..252fc31 100644
--- a/plat/arm/board/fvp_r/fvp_r_bl1_main.c
+++ b/plat/arm/board/fvp_r/fvp_r_bl1_main.c
@@ -15,7 +15,7 @@
#include <common/debug.h>
#include <drivers/auth/auth_mod.h>
#include <drivers/console.h>
-#include <lib/cpus/errata_report.h>
+#include <lib/cpus/errata.h>
#include <lib/utils.h>
#include <smccc_helpers.h>
#include <tools_share/uuid.h>
diff --git a/plat/arm/board/fvp_r/platform.mk b/plat/arm/board/fvp_r/platform.mk
index 5dd28b9..f14ea54 100644
--- a/plat/arm/board/fvp_r/platform.mk
+++ b/plat/arm/board/fvp_r/platform.mk
@@ -83,6 +83,7 @@
drivers/io/io_storage.c \
drivers/io/io_semihosting.c \
lib/cpus/aarch64/cpu_helpers.S \
+ lib/cpus/errata_report.c \
lib/fconf/fconf_dyn_cfg_getter.c \
lib/semihosting/semihosting.c \
lib/semihosting/${ARCH}/semihosting_call.S \
diff --git a/plat/arm/board/morello/morello_bl31_setup.c b/plat/arm/board/morello/morello_bl31_setup.c
index e13a38b..8469cd1 100644
--- a/plat/arm/board/morello/morello_bl31_setup.c
+++ b/plat/arm/board/morello/morello_bl31_setup.c
@@ -35,7 +35,6 @@
const plat_psci_ops_t *plat_arm_psci_override_pm_ops(plat_psci_ops_t *ops)
{
ops->pwr_domain_off = morello_pwr_domain_off;
- ops->pwr_domain_suspend = morello_pwr_domain_suspend;
return css_scmi_override_pm_ops(ops);
}
diff --git a/plat/arm/board/morello/morello_pm.c b/plat/arm/board/morello/morello_pm.c
index dda006e..fa7bd1d 100644
--- a/plat/arm/board/morello/morello_pm.c
+++ b/plat/arm/board/morello/morello_pm.c
@@ -11,19 +11,13 @@
#include "morello_private.h"
/*******************************************************************************
- * Morello specific functions called when turning off or suspending a power
- * domain. Both additionally disable the GIC redistributor interface as cores
- * are disabled to let cluster-PPU state transition to completion when a
- * cluster is powered down.
+ * Morello specific function called when turning off a power domain.
+ * Additionally disables the GIC redistributor interface as cores are disabled
+ * to let cluster-PPU state transition to completion when a cluster is
+ * powered down.
******************************************************************************/
void morello_pwr_domain_off(const psci_power_state_t *target_state)
{
css_pwr_domain_off(target_state);
plat_arm_gic_redistif_off();
}
-
-void morello_pwr_domain_suspend(const psci_power_state_t *target_state)
-{
- css_pwr_domain_suspend(target_state);
- plat_arm_gic_redistif_off();
-}
diff --git a/plat/arm/board/morello/morello_private.h b/plat/arm/board/morello/morello_private.h
index ea2fce9..dea70fb 100644
--- a/plat/arm/board/morello/morello_private.h
+++ b/plat/arm/board/morello/morello_private.h
@@ -10,6 +10,5 @@
#include <lib/psci/psci.h>
void morello_pwr_domain_off(const psci_power_state_t *target_state);
-void morello_pwr_domain_suspend(const psci_power_state_t *target_state);
#endif /* MORELLO_PRIVATE_H */
diff --git a/plat/arm/board/n1sdp/n1sdp_bl31_setup.c b/plat/arm/board/n1sdp/n1sdp_bl31_setup.c
index db7215f..2b9ed25 100644
--- a/plat/arm/board/n1sdp/n1sdp_bl31_setup.c
+++ b/plat/arm/board/n1sdp/n1sdp_bl31_setup.c
@@ -71,7 +71,6 @@
const plat_psci_ops_t *plat_arm_psci_override_pm_ops(plat_psci_ops_t *ops)
{
ops->pwr_domain_off = n1sdp_pwr_domain_off;
- ops->pwr_domain_suspend = n1sdp_pwr_domain_suspend;
return css_scmi_override_pm_ops(ops);
}
diff --git a/plat/arm/board/n1sdp/n1sdp_pm.c b/plat/arm/board/n1sdp/n1sdp_pm.c
index e43832a..8d45354 100644
--- a/plat/arm/board/n1sdp/n1sdp_pm.c
+++ b/plat/arm/board/n1sdp/n1sdp_pm.c
@@ -11,19 +11,13 @@
#include "n1sdp_private.h"
/*******************************************************************************
- * N1SDP specific functions called when turning off or suspending a power
- * domain. Both additionally disable the GIC redistributor interface as cores
- * are disabled to let cluster-PPU state transition to completion when a
- * cluster is powered down.
+ * N1SDP specific function called when turning off a power domain. Additionally
+ * disables the GIC redistributor interface as cores are disabled to
+ * let cluster-PPU state transition to completion when a cluster is powered
+ * down.
******************************************************************************/
void n1sdp_pwr_domain_off(const psci_power_state_t *target_state)
{
css_pwr_domain_off(target_state);
plat_arm_gic_redistif_off();
}
-
-void n1sdp_pwr_domain_suspend(const psci_power_state_t *target_state)
-{
- css_pwr_domain_suspend(target_state);
- plat_arm_gic_redistif_off();
-}
diff --git a/plat/arm/board/n1sdp/n1sdp_private.h b/plat/arm/board/n1sdp/n1sdp_private.h
index 7a5c51d..4e48c0f 100644
--- a/plat/arm/board/n1sdp/n1sdp_private.h
+++ b/plat/arm/board/n1sdp/n1sdp_private.h
@@ -10,6 +10,5 @@
#include <lib/psci/psci.h>
void n1sdp_pwr_domain_off(const psci_power_state_t *target_state);
-void n1sdp_pwr_domain_suspend(const psci_power_state_t *target_state);
#endif /* N1SDP_PRIVATE_H */
diff --git a/plat/arm/board/tc/fdts/tc_spmc_optee_sp_manifest.dts b/plat/arm/board/tc/fdts/tc_spmc_optee_sp_manifest.dts
index 92e2ddd..382f0e1 100644
--- a/plat/arm/board/tc/fdts/tc_spmc_optee_sp_manifest.dts
+++ b/plat/arm/board/tc/fdts/tc_spmc_optee_sp_manifest.dts
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2021, Arm Limited. All rights reserved.
+ * Copyright (c) 2020-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -8,7 +8,7 @@
/ {
compatible = "arm,ffa-core-manifest-1.0";
#address-cells = <2>;
- #size-cells = <1>;
+ #size-cells = <2>;
attribute {
spmc_id = <0x8000>;
@@ -116,9 +116,14 @@
};
};
- /* 32MB of TC_TZC_DRAM1_BASE */
- memory@fd000000 {
+ memory@0 {
device_type = "memory";
- reg = <0x0 0xfd000000 0x2000000>;
+ reg = <0x0 0xfd000000 0x0 0x2000000>;
+ };
+
+ memory@1 {
+ device_type = "ns-memory";
+ reg = <0x0 0x80000000 0x0 0x79000000>,
+ <0x80 0x80000000 0x1 0x80000000>;
};
};
diff --git a/plat/arm/board/tc/include/tc_plat.h b/plat/arm/board/tc/include/tc_plat.h
index 195366e..117fbb4 100644
--- a/plat/arm/board/tc/include/tc_plat.h
+++ b/plat/arm/board/tc/include/tc_plat.h
@@ -10,10 +10,11 @@
void tc_bl31_common_platform_setup(void);
#ifdef PLATFORM_TEST_TFM_TESTSUITE
-void run_platform_tests(void);
+int run_platform_tests(void);
#endif
+
#ifdef PLATFORM_TEST_NV_COUNTERS
-void nv_counter_test(void);
+int nv_counter_test(void);
#endif
#endif /* TC_PLAT_H */
diff --git a/plat/arm/board/tc/nv_counter_test.c b/plat/arm/board/tc/nv_counter_test.c
index 76c9915..f9e001e 100644
--- a/plat/arm/board/tc/nv_counter_test.c
+++ b/plat/arm/board/tc/nv_counter_test.c
@@ -13,7 +13,7 @@
#include <platform_def.h>
-void nv_counter_test(void)
+int nv_counter_test(void)
{
psa_status_t status;
uint32_t old_val;
@@ -23,7 +23,7 @@
status = rss_comms_init(PLAT_RSS_AP_SND_MHU_BASE, PLAT_RSS_AP_RCV_MHU_BASE);
if (status != PSA_SUCCESS) {
printf("Failed to initialize RSS communication channel\n");
- plat_error_handler(-1);
+ return -1;
}
for (id = 0; id < 3; id++) {
@@ -31,28 +31,30 @@
if (status != PSA_SUCCESS) {
printf("Failed during first id=(%d) rss_platform_nv_counter_read\n",
id);
- plat_error_handler(-1);
+ return -1;
}
status = rss_platform_nv_counter_increment(id);
if (status != PSA_SUCCESS) {
printf("Failed during id=(%d) rss_platform_nv_counter_increment\n",
id);
- plat_error_handler(-1);
+ return -1;
}
status = rss_platform_nv_counter_read(id, sizeof(new_val), (uint8_t *)&new_val);
if (status != PSA_SUCCESS) {
printf("Failed during second id=(%d) rss_platform_nv_counter_read\n",
id);
- plat_error_handler(-1);
+ return -1;
}
if (old_val + 1 != new_val) {
printf("Failed nv_counter_test: old_val (%d) + 1 != new_val (%d)\n",
old_val, new_val);
- plat_error_handler(-1);
+ return -1;
}
}
printf("Passed nv_counter_test\n");
+
+ return 0;
}
diff --git a/plat/arm/board/tc/platform.mk b/plat/arm/board/tc/platform.mk
index 98c2e0e..c29537c 100644
--- a/plat/arm/board/tc/platform.mk
+++ b/plat/arm/board/tc/platform.mk
@@ -196,28 +196,32 @@
endif
-ifeq (${PLATFORM_TEST},rss-nv-counters)
- include drivers/arm/rss/rss_comms.mk
+ifneq (${PLATFORM_TEST},)
+ $(eval $(call add_define,PLATFORM_TESTS))
- # Test code.
- BL31_SOURCES += plat/arm/board/tc/nv_counter_test.c
+ ifeq (${PLATFORM_TEST},rss-nv-counters)
+ include drivers/arm/rss/rss_comms.mk
- # Code under testing.
- BL31_SOURCES += lib/psa/rss_platform.c \
+ # Test code.
+ BL31_SOURCES += plat/arm/board/tc/nv_counter_test.c
+
+ # Code under testing.
+ BL31_SOURCES += lib/psa/rss_platform.c \
drivers/arm/rss/rss_comms.c \
${RSS_COMMS_SOURCES}
- PLAT_INCLUDES += -Iinclude/lib/psa
+ PLAT_INCLUDES += -Iinclude/lib/psa
- $(eval $(call add_define,PLATFORM_TEST_NV_COUNTERS))
-else ifeq (${PLATFORM_TEST},tfm-testsuite)
- # Add this include as first, before arm_common.mk. This is necessary
- # because arm_common.mk builds Mbed TLS, and platform_test.mk can
- # change the list of Mbed TLS files that are to be compiled
- # (LIBMBEDTLS_SRCS).
- include plat/arm/board/tc/platform_test.mk
-else ifneq (${PLATFORM_TEST},)
- $(error "Unsupported PLATFORM_TEST value")
+ $(eval $(call add_define,PLATFORM_TEST_NV_COUNTERS))
+ else ifeq (${PLATFORM_TEST},tfm-testsuite)
+ # Add this include as first, before arm_common.mk. This is necessary
+ # because arm_common.mk builds Mbed TLS, and platform_test.mk can
+ # change the list of Mbed TLS files that are to be compiled
+ # (LIBMBEDTLS_SRCS).
+ include plat/arm/board/tc/platform_test.mk
+ else
+ $(error "Unsupported PLATFORM_TEST value")
+ endif
endif
diff --git a/plat/arm/board/tc/rss_ap_tests.c b/plat/arm/board/tc/rss_ap_tests.c
index b62043e..8c40271 100644
--- a/plat/arm/board/tc/rss_ap_tests.c
+++ b/plat/arm/board/tc/rss_ap_tests.c
@@ -19,21 +19,28 @@
{.freg = register_testsuite_measured_boot},
};
-static void run_tests(void)
+/*
+ * Return 0 if we could run all tests.
+ * Note that this does not mean that all tests passed - only that they all run.
+ * One should then look at each individual test result inside the
+ * test_suites[].val field.
+ */
+static int run_tests(void)
{
enum test_suite_err_t ret;
psa_status_t status;
size_t i;
+ /* Initialize test environment. */
rss_comms_init(PLAT_RSS_AP_SND_MHU_BASE, PLAT_RSS_AP_RCV_MHU_BASE);
mbedtls_init();
status = psa_crypto_init();
if (status != PSA_SUCCESS) {
printf("\n\npsa_crypto_init failed (status = %d)\n", status);
- assert(false);
- plat_error_handler(-1);
+ return -1;
}
+ /* Run all tests. */
for (i = 0; i < ARRAY_SIZE(test_suites); ++i) {
struct test_suite_t *suite = &(test_suites[i]);
@@ -41,22 +48,33 @@
ret = run_testsuite(suite);
if (ret != TEST_SUITE_ERR_NO_ERROR) {
printf("\n\nError during executing testsuite '%s'.\n", suite->name);
- assert(false);
- plat_error_handler(-1);
+ return -1;
}
}
printf("\nAll tests are run.\n");
+
+ return 0;
}
void run_platform_tests(void)
{
size_t i;
+ int ret;
+ int failures = 0;
- run_tests();
+ ret = run_tests();
+ if (ret != 0) {
+ /* For some reason, we could not run all tests. */
+ return ret;
+ }
printf("\n\n");
- /* Print a summary of all the tests that had been run. */
+ /*
+ * Print a summary of all the tests that had been run.
+ * Also count the number of tests failure and report that back to the
+ * caller.
+ */
printf("SUMMARY:\n");
for (i = 0; i < ARRAY_SIZE(test_suites); ++i) {
@@ -67,6 +85,7 @@
printf(" %s PASSED.\n", suite->name);
break;
case TEST_FAILED:
+ failures++;
printf(" %s FAILED.\n", suite->name);
break;
case TEST_SKIPPED:
@@ -79,4 +98,6 @@
}
printf("\n\n");
+
+ return failures;
}
diff --git a/plat/arm/board/tc/tc_bl31_setup.c b/plat/arm/board/tc/tc_bl31_setup.c
index 6afbd99..ca3a032 100644
--- a/plat/arm/board/tc/tc_bl31_setup.c
+++ b/plat/arm/board/tc/tc_bl31_setup.c
@@ -50,18 +50,34 @@
fconf_populate("FW_CONFIG", arg1);
}
-void tc_bl31_common_platform_setup(void)
+#ifdef PLATFORM_TESTS
+static __dead2 void tc_run_platform_tests(void)
{
- arm_bl31_platform_setup();
+ int tests_failed;
+
+ printf("\nStarting platform tests...\n");
-#if defined(PLATFORM_TEST_NV_COUNTERS) || defined(PLATFORM_TEST_TFM_TESTSUITE)
#ifdef PLATFORM_TEST_NV_COUNTERS
- nv_counter_test();
+ tests_failed = nv_counter_test();
#elif PLATFORM_TEST_TFM_TESTSUITE
- run_platform_tests();
+ tests_failed = run_platform_tests();
#endif
- /* Suspend booting */
+
+ printf("Platform tests %s.\n",
+ (tests_failed != 0) ? "failed" : "succeeded");
+
+ /* Suspend booting, no matter the tests outcome. */
+ printf("Suspend booting...\n");
plat_error_handler(-1);
+}
+#endif
+
+void tc_bl31_common_platform_setup(void)
+{
+ arm_bl31_platform_setup();
+
+#ifdef PLATFORM_TESTS
+ tc_run_platform_tests();
#endif
}
diff --git a/plat/brcm/board/stingray/include/scp_cmd.h b/plat/brcm/board/stingray/include/scp_cmd.h
index 806ef56..a7ab0e5 100644
--- a/plat/brcm/board/stingray/include/scp_cmd.h
+++ b/plat/brcm/board/stingray/include/scp_cmd.h
@@ -5,7 +5,7 @@
*/
#ifndef SCP_CMD_H
-#define SCP_SMD_H
+#define SCP_CMD_H
#include <stdint.h>
diff --git a/plat/intel/soc/agilex/include/agilex_memory_controller.h b/plat/intel/soc/agilex/include/agilex_memory_controller.h
index 3746d92..9db4292 100644
--- a/plat/intel/soc/agilex/include/agilex_memory_controller.h
+++ b/plat/intel/soc/agilex/include/agilex_memory_controller.h
@@ -158,6 +158,19 @@
#define AGX_SDRAM_0_LB_ADDR 0x0
#define AGX_DDR_SIZE 0x40000000
+/* Macros */
+#define SOCFPGA_MEMCTRL_ECCCTRL1 0x008
+#define SOCFPGA_MEMCTRL_ERRINTEN 0x010
+#define SOCFPGA_MEMCTRL_ERRINTENS 0x014
+#define SOCFPGA_MEMCTRL_ERRINTENR 0x018
+#define SOCFPGA_MEMCTRL_INTMODE 0x01C
+#define SOCFPGA_MEMCTRL_INTSTAT 0x020
+#define SOCFPGA_MEMCTRL_DIAGINTTEST 0x024
+#define SOCFPGA_MEMCTRL_DERRADDRA 0x02C
+
+#define SOCFPGA_MEMCTRL(_reg) (SOCFPGA_MEMCTRL_REG_BASE \
+ + (SOCFPGA_MEMCTRL_##_reg))
+
int init_hard_memory_controller(void);
#endif
diff --git a/plat/intel/soc/agilex/include/agilex_system_manager.h b/plat/intel/soc/agilex/include/agilex_system_manager.h
new file mode 100644
index 0000000..cb9222d
--- /dev/null
+++ b/plat/intel/soc/agilex/include/agilex_system_manager.h
@@ -0,0 +1,195 @@
+/*
+ * Copyright (c) 2019-2023, Intel Corporation. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+#ifndef AGX_SOCFPGA_SYSTEMMANAGER_H
+#define AGX_SOCFPGA_SYSTEMMANAGER_H
+
+#include "socfpga_plat_def.h"
+
+/* System Manager Register Map */
+#define SOCFPGA_SYSMGR_SILICONID_1 0x00
+#define SOCFPGA_SYSMGR_SILICONID_2 0x04
+#define SOCFPGA_SYSMGR_WDDBG 0x08
+#define SOCFPGA_SYSMGR_MPU_STATUS 0x10
+#define SOCFPGA_SYSMGR_SDMMC_L3_MASTER 0x2C
+#define SOCFPGA_SYSMGR_NAND_L3_MASTER 0x34
+#define SOCFPGA_SYSMGR_USB0_L3_MASTER 0x38
+#define SOCFPGA_SYSMGR_USB1_L3_MASTER 0x3C
+#define SOCFPGA_SYSMGR_TSN_GLOBAL 0x40
+#define SOCFPGA_SYSMGR_EMAC_0 0x44 /* TSN_0 */
+#define SOCFPGA_SYSMGR_EMAC_1 0x48 /* TSN_1 */
+#define SOCFPGA_SYSMGR_EMAC_2 0x4C /* TSN_2 */
+#define SOCFPGA_SYSMGR_TSN_0_ACE 0x50
+#define SOCFPGA_SYSMGR_TSN_1_ACE 0x54
+#define SOCFPGA_SYSMGR_TSN_2_ACE 0x58
+#define SOCFPGA_SYSMGR_FPGAINTF_EN_1 0x68
+#define SOCFPGA_SYSMGR_FPGAINTF_EN_2 0x6C
+#define SOCFPGA_SYSMGR_FPGAINTF_EN_3 0x70
+#define SOCFPGA_SYSMGR_DMAC0_L3_MASTER 0x74
+#define SOCFPGA_SYSMGR_ETR_L3_MASTER 0x78
+#define SOCFPGA_SYSMGR_DMAC1_L3_MASTER 0x7C
+#define SOCFPGA_SYSMGR_SEC_CTRL_SLT 0x80
+#define SOCFPGA_SYSMGR_OSC_TRIM 0x84
+#define SOCFPGA_SYSMGR_DMAC0_CTRL_STATUS_REG 0x88
+#define SOCFPGA_SYSMGR_DMAC1_CTRL_STATUS_REG 0x8C
+#define SOCFPGA_SYSMGR_ECC_INTMASK_VALUE 0x90
+#define SOCFPGA_SYSMGR_ECC_INTMASK_SET 0x94
+#define SOCFPGA_SYSMGR_ECC_INTMASK_CLR 0x98
+#define SOCFPGA_SYSMGR_ECC_INTMASK_SERR 0x9C
+#define SOCFPGA_SYSMGR_ECC_INTMASK_DERR 0xA0
+/* NOC configuration value for Agilex5 */
+#define SOCFPGA_SYSMGR_NOC_TIMEOUT 0xC0
+#define SOCFPGA_SYSMGR_NOC_IDLEREQ_SET 0xC4
+#define SOCFPGA_SYSMGR_NOC_IDLEREQ_CLR 0xC8
+#define SOCFPGA_SYSMGR_NOC_IDLEREQ_VAL 0xCC
+#define SOCFPGA_SYSMGR_NOC_IDLEACK 0xD0
+#define SOCFPGA_SYSMGR_NOC_IDLESTATUS 0xD4
+#define SOCFPGA_SYSMGR_FPGA2SOC_CTRL 0xD8
+#define SOCFPGA_SYSMGR_FPGA_CFG 0xDC
+#define SOCFPGA_SYSMGR_GPO 0xE4
+#define SOCFPGA_SYSMGR_GPI 0xE8
+#define SOCFPGA_SYSMGR_MPU 0xF0
+#define SOCFPGA_SYSMGR_SDM_HPS_SPARE 0xF4
+#define SOCFPGA_SYSMGR_HPS_SDM_SPARE 0xF8
+#define SOCFPGA_SYSMGR_DFI_INTF 0xFC
+#define SOCFPGA_SYSMGR_NAND_DD_CTRL 0x100
+#define SOCFPGA_SYSMGR_NAND_PHY_CTRL_REG 0x104
+#define SOCFPGA_SYSMGR_NAND_PHY_TSEL_REG 0x108
+#define SOCFPGA_SYSMGR_NAND_DQ_TIMING_REG 0x10C
+#define SOCFPGA_SYSMGR_PHY_DQS_TIMING_REG 0x110
+#define SOCFPGA_SYSMGR_NAND_PHY_GATE_LPBK_CTRL_REG 0x114
+#define SOCFPGA_SYSMGR_NAND_PHY_DLL_MASTER_CTRL_REG 0x118
+#define SOCFPGA_SYSMGR_NAND_PHY_DLL_SLAVE_CTRL_REG 0x11C
+#define SOCFPGA_SYSMGR_NAND_DD_DEFAULT_SETTING_REG0 0x120
+#define SOCFPGA_SYSMGR_NAND_DD_DEFAULT_SETTING_REG1 0x124
+#define SOCFPGA_SYSMGR_NAND_DD_STATUS_REG 0x128
+#define SOCFPGA_SYSMGR_NAND_DD_ID_LOW_REG 0x12C
+#define SOCFPGA_SYSMGR_NAND_DD_ID_HIGH_REG 0x130
+#define SOCFPGA_SYSMGR_NAND_WRITE_PROT_EN_REG 0x134
+#define SOCFPGA_SYSMGR_SDMMC_CMD_QUEUE_SETTING_REG 0x138
+#define SOCFPGA_SYSMGR_I3C_SLV_PID_LOW 0x13C
+#define SOCFPGA_SYSMGR_I3C_SLV_PID_HIGH 0x140
+#define SOCFPGA_SYSMGR_I3C_SLV_CTRL_0 0x144
+#define SOCFPGA_SYSMGR_I3C_SLV_CTRL_1 0x148
+#define SOCFPGA_SYSMGR_F2S_BRIDGE_CTRL 0x14C
+#define SOCFPGA_SYSMGR_DMA_TBU_STASH_CTRL_REG_0_DMA0 0x150
+#define SOCFPGA_SYSMGR_DMA_TBU_STASH_CTRL_REG_0_DMA1 0x154
+#define SOCFPGA_SYSMGR_SDM_TBU_STASH_CTRL_REG_1_SDM 0x158
+#define SOCFPGA_SYSMGR_IO_TBU_STASH_CTRL_REG_2_USB2 0x15C
+#define SOCFPGA_SYSMGR_IO_TBU_STASH_CTRL_REG_2_USB3 0x160
+#define SOCFPGA_SYSMGR_IO_TBU_STASH_CTRL_REG_2_SDMMC 0x164
+#define SOCFPGA_SYSMGR_IO_TBU_STASH_CTRL_REG_2_NAND 0x168
+#define SOCFPGA_SYSMGR_IO_TBU_STASH_CTRL_REG_2_ETR 0x16C
+#define SOCFPGA_SYSMGR_TSN_TBU_STASH_CTRL_REG_3_TSN0 0x170
+#define SOCFPGA_SYSMGR_TSN_TBU_STASH_CTRL_REG_3_TSN1 0x174
+#define SOCFPGA_SYSMGR_TSN_TBU_STASH_CTRL_REG_3_TSN2 0x178
+#define SOCFPGA_SYSMGR_DMA_TBU_STREAM_CTRL_REG_0_DMA0 0x17C
+#define SOCFPGA_SYSMGR_DMA_TBU_STREAM_CTRL_REG_0_DMA1 0x180
+#define SOCFPGA_SYSMGR_SDM_TBU_STREAM_CTRL_REG_1_SDM 0x184
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_CTRL_REG_2_USB2 0x188
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_CTRL_REG_2_USB3 0x18C
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_CTRL_REG_2_SDMMC 0x190
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_CTRL_REG_2_NAND 0x194
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_CTRL_REG_2_ETR 0x198
+#define SOCFPGA_SYSMGR_TSN_TBU_STREAM_CTRL_REG_3_TSN0 0x19C
+#define SOCFPGA_SYSMGR_TSN_TBU_STREAM_CTRL_REG_3_TSN1 0x1A0
+#define SOCFPGA_SYSMGR_TSN_TBU_STREAM_CTRL_REG_3_TSN2 0x1A4
+#define SOCFPGA_SYSMGR_DMA_TBU_STREAM_ID_AX_REG_0_DMA0 0x1A8
+#define SOCFPGA_SYSMGR_DMA_TBU_STREAM_ID_AX_REG_0_DMA1 0x1AC
+#define SOCFPGA_SYSMGR_SDM_TBU_STREAM_ID_AX_REG_1_SDM 0x1B0
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_ID_AX_REG_2_USB2 0x1B4
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_ID_AX_REG_2_USB3 0x1B8
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_ID_AX_REG_2_SDMMC 0x1BC
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_ID_AX_REG_2_NAND 0x1C0
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_ID_AX_REG_2_ETR 0x1C4
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_ID_AX_REG_2_TSN0 0x1C8
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_ID_AX_REG_2_TSN1 0x1CC
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_ID_AX_REG_2_TSN2 0x1D0
+#define SOCFPGA_SYSMGR_USB3_MISC_CTRL_REG0 0x1F0
+#define SOCFPGA_SYSMGR_USB3_MISC_CTRL_REG1 0x1F4
+
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_0 0x200
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_1 0x204
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_2 0x208
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_3 0x20C
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_4 0x210
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_5 0x214
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_6 0x218
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_7 0x21C
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_8 0x220
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_9 0x224
+#define SOCFPGA_SYSMGR_MPFE_CONFIG 0x228
+#define SOCFPGA_SYSMGR_MPFE_status 0x22C
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_0 0x230
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_1 0x234
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_2 0x238
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_3 0x23C
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_4 0x240
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_5 0x244
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_6 0x248
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_7 0x24C
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_8 0x250
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_9 0x254
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_0 0x258
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_1 0x25C
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_2 0x260
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_3 0x264
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_4 0x268
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_5 0x26C
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_6 0x270
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_7 0x274
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_8 0x278
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_9 0x27C
+
+#define DMA0_STREAM_CTRL_REG 0x10D1217C
+#define DMA1_STREAM_CTRL_REG 0x10D12180
+#define SDM_STREAM_CTRL_REG 0x10D12184
+#define USB2_STREAM_CTRL_REG 0x10D12188
+#define USB3_STREAM_CTRL_REG 0x10D1218C
+#define SDMMC_STREAM_CTRL_REG 0x10D12190
+#define NAND_STREAM_CTRL_REG 0x10D12194
+#define ETR_STREAM_CTRL_REG 0x10D12198
+#define TSN0_STREAM_CTRL_REG 0x10D1219C
+#define TSN1_STREAM_CTRL_REG 0x10D121A0
+#define TSN2_STREAM_CTRL_REG 0x10D121A4
+
+/* Stream ID configuration value for Agilex5 */
+#define TSN0 0x00010001
+#define TSN1 0x00020002
+#define TSN2 0x00030003
+#define NAND 0x00040004
+#define SDMMC 0x00050005
+#define USB0 0x00060006
+#define USB1 0x00070007
+#define DMA0 0x00080008
+#define DMA1 0x00090009
+#define SDM 0x000A000A
+#define CORE_SIGHT_DEBUG 0x000B000B
+
+/* Field Masking */
+#define SYSMGR_SDMMC_DRVSEL(x) (((x) & 0x7) << 0)
+#define SYSMGR_SDMMC_SMPLSEL(x) (((x) & 0x7) << 4)
+#define IDLE_DATA_LWSOC2FPGA BIT(4)
+#define IDLE_DATA_SOC2FPGA BIT(0)
+#define IDLE_DATA_MASK (IDLE_DATA_LWSOC2FPGA | IDLE_DATA_SOC2FPGA)
+#define SYSMGR_ECC_OCRAM_MASK BIT(1)
+#define SYSMGR_ECC_DDR0_MASK BIT(16)
+#define SYSMGR_ECC_DDR1_MASK BIT(17)
+#define WSTREAMIDEN_REG_CTRL BIT(0)
+#define RSTREAMIDEN_REG_CTRL BIT(1)
+#define WMMUSECSID_REG_VAL BIT(4)
+#define RMMUSECSID_REG_VAL BIT(5)
+
+/* Macros */
+#define SOCFPGA_SYSMGR(_reg) (SOCFPGA_SYSMGR_REG_BASE \
+ + (SOCFPGA_SYSMGR_##_reg))
+
+#define ENABLE_STREAMID WSTREAMIDEN_REG_CTRL | \
+ RSTREAMIDEN_REG_CTRL
+#define ENABLE_STREAMID_SECURE_TX WSTREAMIDEN_REG_CTRL | \
+ RSTREAMIDEN_REG_CTRL | \
+ WMMUSECSID_REG_VAL | RMMUSECSID_REG_VAL
+
+#endif /* AGX5_SOCFPGA_SYSTEMMANAGER_H */
diff --git a/plat/intel/soc/agilex/include/socfpga_plat_def.h b/plat/intel/soc/agilex/include/socfpga_plat_def.h
index 4d7198c..85dfeab 100644
--- a/plat/intel/soc/agilex/include/socfpga_plat_def.h
+++ b/plat/intel/soc/agilex/include/socfpga_plat_def.h
@@ -1,6 +1,6 @@
/*
* Copyright (c) 2019-2022, ARM Limited and Contributors. All rights reserved.
- * Copyright (c) 2019-2022, Intel Corporation. All rights reserved.
+ * Copyright (c) 2019-2023, Intel Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -8,22 +8,30 @@
#ifndef PLAT_SOCFPGA_DEF_H
#define PLAT_SOCFPGA_DEF_H
+#include "agilex_system_manager.h"
#include <platform_def.h>
/* Platform Setting */
-#define PLATFORM_MODEL PLAT_SOCFPGA_AGILEX
-#define BOOT_SOURCE BOOT_SOURCE_SDMMC
+#define PLATFORM_MODEL PLAT_SOCFPGA_AGILEX
+#define BOOT_SOURCE BOOT_SOURCE_SDMMC
+#define PLAT_PRIMARY_CPU 0
+#define PLAT_CLUSTER_ID_MPIDR_AFF_SHIFT MPIDR_AFF1_SHIFT
+#define PLAT_CPU_ID_MPIDR_AFF_SHIFT MPIDR_AFF0_SHIFT
/* FPGA config helpers */
#define INTEL_SIP_SMC_FPGA_CONFIG_ADDR 0x400000
#define INTEL_SIP_SMC_FPGA_CONFIG_SIZE 0x2000000
+/* QSPI Setting */
+#define CAD_QSPIDATA_OFST 0xff900000
+#define CAD_QSPI_OFFSET 0xff8d2000
+
/* Register Mapping */
#define SOCFPGA_CCU_NOC_REG_BASE 0xf7000000
#define SOCFPGA_F2SDRAMMGR_REG_BASE U(0xf8024000)
#define SOCFPGA_MMC_REG_BASE 0xff808000
-
+#define SOCFPGA_MEMCTRL_REG_BASE 0xf8011100
#define SOCFPGA_RSTMGR_REG_BASE 0xffd11000
#define SOCFPGA_SYSMGR_REG_BASE 0xffd12000
@@ -32,6 +40,53 @@
#define SOCFPGA_SOC2FPGA_SCR_REG_BASE 0xffd21200
#define SOCFPGA_LWSOC2FPGA_SCR_REG_BASE 0xffd21300
+/*******************************************************************************
+ * Platform memory map related constants
+ ******************************************************************************/
+#define DRAM_BASE (0x0)
+#define DRAM_SIZE (0x80000000)
+
+#define OCRAM_BASE (0xFFE00000)
+#define OCRAM_SIZE (0x00040000)
+
+#define MEM64_BASE (0x0100000000)
+#define MEM64_SIZE (0x1F00000000)
+
+#define DEVICE1_BASE (0x80000000)
+#define DEVICE1_SIZE (0x60000000)
+
+#define DEVICE2_BASE (0xF7000000)
+#define DEVICE2_SIZE (0x08E00000)
+
+#define DEVICE3_BASE (0xFFFC0000)
+#define DEVICE3_SIZE (0x00008000)
+
+#define DEVICE4_BASE (0x2000000000)
+#define DEVICE4_SIZE (0x0100000000)
+
+#define BL2_BASE (0xffe00000)
+#define BL2_LIMIT (0xffe1b000)
+
+#define BL31_BASE (0x1000)
+#define BL31_LIMIT (0x81000)
+
+/*******************************************************************************
+ * UART related constants
+ ******************************************************************************/
+#define PLAT_UART0_BASE (0xFFC02000)
+#define PLAT_UART1_BASE (0xFFC02100)
+
+/*******************************************************************************
+ * GIC related constants
+ ******************************************************************************/
+#define PLAT_GIC_BASE (0xFFFC0000)
+#define PLAT_GICC_BASE (PLAT_GIC_BASE + 0x2000)
+#define PLAT_GICD_BASE (PLAT_GIC_BASE + 0x1000)
+#define PLAT_GICR_BASE 0
+
+#define PLAT_SYS_COUNTER_FREQ_IN_TICKS (400000000)
+#define PLAT_HZ_CONVERT_TO_MHZ (1000000)
+
/* Platform specific system counter */
#define PLAT_SYS_COUNTER_FREQ_IN_MHZ get_cpu_clk()
diff --git a/plat/intel/soc/agilex/soc/agilex_clock_manager.c b/plat/intel/soc/agilex/soc/agilex_clock_manager.c
index 10ef11b..d32c3f1 100644
--- a/plat/intel/soc/agilex/soc/agilex_clock_manager.c
+++ b/plat/intel/soc/agilex/soc/agilex_clock_manager.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2022, Intel Corporation. All rights reserved.
+ * Copyright (c) 2019-2023, Intel Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -11,8 +11,8 @@
#include <lib/mmio.h>
#include "agilex_clock_manager.h"
+#include "agilex_system_manager.h"
#include "socfpga_handoff.h"
-#include "socfpga_system_manager.h"
uint32_t wait_pll_lock(void)
diff --git a/plat/intel/soc/agilex/soc/agilex_pinmux.c b/plat/intel/soc/agilex/soc/agilex_pinmux.c
index 96e1ade..d2a06fb 100644
--- a/plat/intel/soc/agilex/soc/agilex_pinmux.c
+++ b/plat/intel/soc/agilex/soc/agilex_pinmux.c
@@ -7,7 +7,7 @@
#include <lib/mmio.h>
#include "agilex_pinmux.h"
-#include "socfpga_system_manager.h"
+#include "agilex_system_manager.h"
const uint32_t sysmgr_pinmux_array_sel[] = {
0x00000000, 0x00000001, /* usb */
diff --git a/plat/intel/soc/common/aarch64/plat_helpers.S b/plat/intel/soc/common/aarch64/plat_helpers.S
index 213fd3c..6bf2d82 100644
--- a/plat/intel/soc/common/aarch64/plat_helpers.S
+++ b/plat/intel/soc/common/aarch64/plat_helpers.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2019-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
diff --git a/plat/intel/soc/common/drivers/ccu/ncore_ccu.c b/plat/intel/soc/common/drivers/ccu/ncore_ccu.c
index 99d48d2..38f8b94 100644
--- a/plat/intel/soc/common/drivers/ccu/ncore_ccu.c
+++ b/plat/intel/soc/common/drivers/ccu/ncore_ccu.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2022, Intel Corporation. All rights reserved.
+ * Copyright (c) 2019-2023, Intel Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -8,8 +8,11 @@
#include <common/debug.h>
#include <errno.h>
#include <lib/mmio.h>
+#include <platform_def.h>
#include "ncore_ccu.h"
+#include "socfpga_plat_def.h"
+#include "socfpga_system_manager.h"
uint32_t poll_active_bit(uint32_t dir);
diff --git a/plat/intel/soc/common/include/platform_def.h b/plat/intel/soc/common/include/platform_def.h
index 4e50156..78deebc 100644
--- a/plat/intel/soc/common/include/platform_def.h
+++ b/plat/intel/soc/common/include/platform_def.h
@@ -12,12 +12,15 @@
#include <common/interrupt_props.h>
#include <common/tbbr/tbbr_img_def.h>
#include <plat/common/common_def.h>
+#include "socfpga_plat_def.h"
/* Platform Type */
#define PLAT_SOCFPGA_STRATIX10 1
#define PLAT_SOCFPGA_AGILEX 2
#define PLAT_SOCFPGA_N5X 3
-#define PLAT_SOCFPGA_EMULATOR 0
+#define PLAT_SOCFPGA_AGILEX5 4
+#define SIMICS_RUN 1
+#define MAX_IO_MTD_DEVICES U(1)
/* sysmgr.boot_scratch_cold4 & 5 used for CPU release address for SPL */
#define PLAT_CPU_RELEASE_ADDR 0xffd12210
@@ -32,8 +35,20 @@
#define L2_RESET_DONE_STATUS 0x1228E5E7
/* Define next boot image name and offset */
+/* Get non-secure image entrypoint for BL33. Zephyr and Linux */
+#if PLATFORM_MODEL == PLAT_SOCFPGA_AGILEX5
+
+#ifndef PRELOADED_BL33_BASE
+#define PLAT_NS_IMAGE_OFFSET 0x80200000
+#else
+#define PLAT_NS_IMAGE_OFFSET PRELOADED_BL33_BASE
+#endif
+#define PLAT_HANDOFF_OFFSET 0x0003F000
+
+#else
#define PLAT_NS_IMAGE_OFFSET 0x10000000
#define PLAT_HANDOFF_OFFSET 0xFFE3F000
+#endif
/*******************************************************************************
* Platform binary types for linking
@@ -49,7 +64,6 @@
/*******************************************************************************
* Generic platform constants
******************************************************************************/
-#define PLAT_PRIMARY_CPU 0
#define PLAT_SECONDARY_ENTRY_BASE 0x01f78bf0
/* Size of cacheable stacks */
@@ -64,49 +78,27 @@
#define PLATFORM_CLUSTER_COUNT U(1)
#define PLATFORM_CLUSTER0_CORE_COUNT U(4)
#define PLATFORM_CLUSTER1_CORE_COUNT U(0)
-#define PLATFORM_CORE_COUNT (PLATFORM_CLUSTER1_CORE_COUNT + \
- PLATFORM_CLUSTER0_CORE_COUNT)
+#define PLATFORM_CORE_COUNT (PLATFORM_CLUSTER1_CORE_COUNT + \
+ PLATFORM_CLUSTER0_CORE_COUNT)
#define PLATFORM_MAX_CPUS_PER_CLUSTER U(4)
/* Interrupt related constant */
#define INTEL_SOCFPGA_IRQ_SEC_PHY_TIMER 29
-#define INTEL_SOCFPGA_IRQ_SEC_SGI_0 8
-#define INTEL_SOCFPGA_IRQ_SEC_SGI_1 9
-#define INTEL_SOCFPGA_IRQ_SEC_SGI_2 10
-#define INTEL_SOCFPGA_IRQ_SEC_SGI_3 11
-#define INTEL_SOCFPGA_IRQ_SEC_SGI_4 12
-#define INTEL_SOCFPGA_IRQ_SEC_SGI_5 13
-#define INTEL_SOCFPGA_IRQ_SEC_SGI_6 14
-#define INTEL_SOCFPGA_IRQ_SEC_SGI_7 15
-
-#define TSP_IRQ_SEC_PHY_TIMER INTEL_SOCFPGA_IRQ_SEC_PHY_TIMER
-#define TSP_SEC_MEM_BASE BL32_BASE
-#define TSP_SEC_MEM_SIZE (BL32_LIMIT - BL32_BASE + 1)
-/*******************************************************************************
- * Platform memory map related constants
- ******************************************************************************/
-#define DRAM_BASE (0x0)
-#define DRAM_SIZE (0x80000000)
-
-#define OCRAM_BASE (0xFFE00000)
-#define OCRAM_SIZE (0x00040000)
-
-#define MEM64_BASE (0x0100000000)
-#define MEM64_SIZE (0x1F00000000)
-
-#define DEVICE1_BASE (0x80000000)
-#define DEVICE1_SIZE (0x60000000)
+#define INTEL_SOCFPGA_IRQ_SEC_SGI_0 8
+#define INTEL_SOCFPGA_IRQ_SEC_SGI_1 9
+#define INTEL_SOCFPGA_IRQ_SEC_SGI_2 10
+#define INTEL_SOCFPGA_IRQ_SEC_SGI_3 11
+#define INTEL_SOCFPGA_IRQ_SEC_SGI_4 12
+#define INTEL_SOCFPGA_IRQ_SEC_SGI_5 13
+#define INTEL_SOCFPGA_IRQ_SEC_SGI_6 14
+#define INTEL_SOCFPGA_IRQ_SEC_SGI_7 15
-#define DEVICE2_BASE (0xF7000000)
-#define DEVICE2_SIZE (0x08E00000)
+#define TSP_IRQ_SEC_PHY_TIMER INTEL_SOCFPGA_IRQ_SEC_PHY_TIMER
+#define TSP_SEC_MEM_BASE BL32_BASE
+#define TSP_SEC_MEM_SIZE (BL32_LIMIT - BL32_BASE + 1)
-#define DEVICE3_BASE (0xFFFC0000)
-#define DEVICE3_SIZE (0x00008000)
-
-#define DEVICE4_BASE (0x2000000000)
-#define DEVICE4_SIZE (0x0100000000)
/*******************************************************************************
* BL31 specific defines.
@@ -117,33 +109,28 @@
* little space for growth.
*/
-
-#define FIRMWARE_WELCOME_STR "Booting Trusted Firmware\n"
-
-#define BL1_RO_BASE (0xffe00000)
-#define BL1_RO_LIMIT (0xffe0f000)
-#define BL1_RW_BASE (0xffe10000)
-#define BL1_RW_LIMIT (0xffe1ffff)
-#define BL1_RW_SIZE (0x14000)
+#define FIRMWARE_WELCOME_STR "Booting Trusted Firmware\n"
-#define BL2_BASE (0xffe00000)
-#define BL2_LIMIT (0xffe1b000)
+#define BL1_RO_BASE (0xffe00000)
+#define BL1_RO_LIMIT (0xffe0f000)
+#define BL1_RW_BASE (0xffe10000)
+#define BL1_RW_LIMIT (0xffe1ffff)
+#define BL1_RW_SIZE (0x14000)
-#define BL31_BASE (0x1000)
-#define BL31_LIMIT (0x81000)
+#define BL_DATA_LIMIT PLAT_HANDOFF_OFFSET
-#define BL_DATA_LIMIT PLAT_HANDOFF_OFFSET
+#define PLAT_CPUID_RELEASE (BL_DATA_LIMIT - 16)
+#define PLAT_SEC_ENTRY (BL_DATA_LIMIT - 8)
-#define PLAT_CPUID_RELEASE (BL_DATA_LIMIT - 16)
-#define PLAT_SEC_ENTRY (BL_DATA_LIMIT - 8)
+#define CMP_ENTRY 0xFFE3EFF8
-#define PLAT_SEC_WARM_ENTRY 0
+#define PLAT_SEC_WARM_ENTRY 0
/*******************************************************************************
* Platform specific page table and MMU setup constants
******************************************************************************/
-#define MAX_XLAT_TABLES 8
-#define MAX_MMAP_REGIONS 16
+#define MAX_XLAT_TABLES 8
+#define MAX_MMAP_REGIONS 16
/*******************************************************************************
* Declarations and constants to access the mailboxes safely. Each mailbox is
@@ -155,46 +142,34 @@
* a valid mailbox address.
******************************************************************************/
#define CACHE_WRITEBACK_SHIFT 6
-#define CACHE_WRITEBACK_GRANULE (1 << CACHE_WRITEBACK_SHIFT)
-
-#define PLAT_GIC_BASE (0xFFFC0000)
-#define PLAT_GICC_BASE (PLAT_GIC_BASE + 0x2000)
-#define PLAT_GICD_BASE (PLAT_GIC_BASE + 0x1000)
-#define PLAT_GICR_BASE 0
+#define CACHE_WRITEBACK_GRANULE (1 << CACHE_WRITEBACK_SHIFT)
/*******************************************************************************
* UART related constants
******************************************************************************/
-#define PLAT_UART0_BASE (0xFFC02000)
-#define PLAT_UART1_BASE (0xFFC02100)
+#define CRASH_CONSOLE_BASE PLAT_UART0_BASE
+#define PLAT_INTEL_UART_BASE PLAT_UART0_BASE
-#define CRASH_CONSOLE_BASE PLAT_UART0_BASE
-#define PLAT_INTEL_UART_BASE PLAT_UART0_BASE
-
-#if PLAT_SOCFPGA_EMULATOR
-#define PLAT_BAUDRATE (4800)
-#define PLAT_UART_CLOCK (76800)
-#else
-#define PLAT_BAUDRATE (115200)
-#define PLAT_UART_CLOCK (100000000)
-#endif
+#define PLAT_BAUDRATE (115200)
+#define PLAT_UART_CLOCK (100000000)
/*******************************************************************************
* PHY related constants
******************************************************************************/
-#define EMAC0_PHY_MODE PHY_INTERFACE_MODE_RGMII
-#define EMAC1_PHY_MODE PHY_INTERFACE_MODE_RGMII
-#define EMAC2_PHY_MODE PHY_INTERFACE_MODE_RGMII
+#define EMAC0_PHY_MODE PHY_INTERFACE_MODE_RGMII
+#define EMAC1_PHY_MODE PHY_INTERFACE_MODE_RGMII
+#define EMAC2_PHY_MODE PHY_INTERFACE_MODE_RGMII
/*******************************************************************************
- * System counter frequency related constants
+ * GIC related constants
******************************************************************************/
-#define PLAT_SYS_COUNTER_FREQ_IN_TICKS (400000000)
-#define PLAT_HZ_CONVERT_TO_MHZ (1000000)
+#define PLAT_INTEL_SOCFPGA_GICD_BASE PLAT_GICD_BASE
+#define PLAT_INTEL_SOCFPGA_GICC_BASE PLAT_GICC_BASE
-#define PLAT_INTEL_SOCFPGA_GICD_BASE PLAT_GICD_BASE
-#define PLAT_INTEL_SOCFPGA_GICC_BASE PLAT_GICC_BASE
+/*******************************************************************************
+ * System counter frequency related constants
+ ******************************************************************************/
/*
* Define a list of Group 1 Secure and Group 0 interrupts as per GICv3
@@ -223,9 +198,9 @@
#define PLAT_INTEL_SOCFPGA_G0_IRQ_PROPS(grp)
-#define MAX_IO_HANDLES 4
-#define MAX_IO_DEVICES 4
-#define MAX_IO_BLOCK_DEVICES 2
+#define MAX_IO_HANDLES 4
+#define MAX_IO_DEVICES 4
+#define MAX_IO_BLOCK_DEVICES 2
#ifndef __ASSEMBLER__
struct socfpga_bl31_params {
@@ -239,4 +214,3 @@
#endif
#endif /* PLATFORM_DEF_H */
-
diff --git a/plat/intel/soc/common/include/socfpga_fcs.h b/plat/intel/soc/common/include/socfpga_fcs.h
index 8a8f348..6bb70e0 100644
--- a/plat/intel/soc/common/include/socfpga_fcs.h
+++ b/plat/intel/soc/common/include/socfpga_fcs.h
@@ -72,6 +72,9 @@
#define FCS_AES_MIN_DATA_SIZE 0x20 /* 32 Byte */
#define FCS_AES_CMD_MAX_WORD_SIZE 15U
+#define FCS_MAX_DATA_SIZE 0x20000000 /* 512 MB */
+#define FCS_MIN_DATA_SIZE 0x8 /* 8 Bytes */
+
#define FCS_GET_DIGEST_CMD_MAX_WORD_SIZE 7U
#define FCS_GET_DIGEST_RESP_MAX_WORD_SIZE 19U
#define FCS_MAC_VERIFY_CMD_MAX_WORD_SIZE 23U
diff --git a/plat/intel/soc/common/include/socfpga_mailbox.h b/plat/intel/soc/common/include/socfpga_mailbox.h
index 3abf39d..564b4ee 100644
--- a/plat/intel/soc/common/include/socfpga_mailbox.h
+++ b/plat/intel/soc/common/include/socfpga_mailbox.h
@@ -63,6 +63,9 @@
#define MBOX_CMD_QSPI_SET_CS 0x34
#define MBOX_CMD_QSPI_DIRECT 0x3B
+/* SEU Commands */
+#define MBOX_CMD_SEU_ERR_READ 0x3C
+
/* RSU Commands */
#define MBOX_GET_SUBPARTITION_TABLE 0x5A
#define MBOX_RSU_STATUS 0x5B
@@ -241,5 +244,6 @@
int mailbox_hps_stage_notify(uint32_t execution_stage);
int mailbox_hwmon_readtemp(uint32_t chan, uint32_t *resp_buf);
int mailbox_hwmon_readvolt(uint32_t chan, uint32_t *resp_buf);
+int mailbox_seu_err_status(uint32_t *resp_buf, uint32_t resp_buf_len);
#endif /* SOCFPGA_MBOX_H */
diff --git a/plat/intel/soc/common/include/socfpga_sip_svc.h b/plat/intel/soc/common/include/socfpga_sip_svc.h
index 21169f7..6708edb 100644
--- a/plat/intel/soc/common/include/socfpga_sip_svc.h
+++ b/plat/intel/soc/common/include/socfpga_sip_svc.h
@@ -15,6 +15,7 @@
#define INTEL_SIP_SMC_STATUS_NO_RESPONSE 0x3
#define INTEL_SIP_SMC_STATUS_ERROR 0x4
#define INTEL_SIP_SMC_RSU_ERROR 0x7
+#define INTEL_SIP_SMC_SEU_ERR_READ_ERROR 0x8
/* SiP mailbox error code */
#define GENERIC_RESPONSE_ERROR 0x3FF
@@ -138,6 +139,9 @@
#define INTEL_SIP_SMC_FCS_ECDH_REQUEST_INIT 0xC200008C
#define INTEL_SIP_SMC_FCS_ECDH_REQUEST_FINALIZE 0xC200008E
+/* SEU ERR */
+#define INTEL_SIP_SMC_SEU_ERR_STATUS 0xC2000099
+
#define INTEL_SIP_SMC_FCS_SHA_MODE_MASK 0xF
#define INTEL_SIP_SMC_FCS_DIGEST_SIZE_MASK 0xF
#define INTEL_SIP_SMC_FCS_DIGEST_SIZE_OFFSET 4U
diff --git a/plat/intel/soc/common/include/socfpga_system_manager.h b/plat/intel/soc/common/include/socfpga_system_manager.h
index 69ee6d3..8d9ba70 100644
--- a/plat/intel/soc/common/include/socfpga_system_manager.h
+++ b/plat/intel/soc/common/include/socfpga_system_manager.h
@@ -13,26 +13,6 @@
#define SOCFPGA_SYSMGR_SDMMC 0x28
-#define SOCFPGA_SYSMGR_FPGAINTF_EN_2 0x6c
-
-#define SOCFPGA_SYSMGR_EMAC_0 0x44
-#define SOCFPGA_SYSMGR_EMAC_1 0x48
-#define SOCFPGA_SYSMGR_EMAC_2 0x4c
-#define SOCFPGA_SYSMGR_FPGAINTF_EN_3 0x70
-
-#define SOCFPGA_SYSMGR_NOC_TIMEOUT 0xc0
-#define SOCFPGA_SYSMGR_NOC_IDLEREQ_SET 0xc4
-#define SOCFPGA_SYSMGR_NOC_IDLEREQ_CLR 0xc8
-#define SOCFPGA_SYSMGR_NOC_IDLEREQ_VAL 0xcc
-#define SOCFPGA_SYSMGR_NOC_IDLEACK 0xd0
-#define SOCFPGA_SYSMGR_NOC_IDLESTATUS 0xd4
-
-#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_0 0x200
-#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_1 0x204
-#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_2 0x208
-#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_8 0x220
-#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_9 0x224
-
/* Field Masking */
#define SYSMGR_SDMMC_DRVSEL(x) (((x) & 0x7) << 0)
diff --git a/plat/intel/soc/common/sip/socfpga_sip_ecc.c b/plat/intel/soc/common/sip/socfpga_sip_ecc.c
index c4e06a6..c444d48 100644
--- a/plat/intel/soc/common/sip/socfpga_sip_ecc.c
+++ b/plat/intel/soc/common/sip/socfpga_sip_ecc.c
@@ -1,6 +1,6 @@
// SPDX-License-Identifier: BSD-3-Clause
/*
- * Copyright (c) 2020-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2020-2023, ARM Limited and Contributors. All rights reserved.
*/
#include <assert.h>
@@ -11,10 +11,12 @@
#include "socfpga_fcs.h"
#include "socfpga_mailbox.h"
+#include "socfpga_plat_def.h"
#include "socfpga_reset_manager.h"
#include "socfpga_sip_svc.h"
#include "socfpga_system_manager.h"
+
uint32_t intel_ecc_dbe_notification(uint64_t dbe_value)
{
dbe_value &= WARM_RESET_WFI_FLAG;
diff --git a/plat/intel/soc/common/sip/socfpga_sip_fcs.c b/plat/intel/soc/common/sip/socfpga_sip_fcs.c
index d99026b..beaa720 100644
--- a/plat/intel/soc/common/sip/socfpga_sip_fcs.c
+++ b/plat/intel/soc/common/sip/socfpga_sip_fcs.c
@@ -1073,6 +1073,7 @@
uint32_t resp_len;
uint32_t payload[FCS_MAC_VERIFY_CMD_MAX_WORD_SIZE] = {0U};
uintptr_t mac_offset;
+ uint32_t dst_size_check = 0;
if (dst_size == NULL || mbox_error == NULL) {
return INTEL_SIP_SMC_STATUS_REJECTED;
@@ -1097,6 +1098,14 @@
return INTEL_SIP_SMC_STATUS_REJECTED;
}
+ dst_size_check = *dst_size;
+ if ((dst_size_check > FCS_MAX_DATA_SIZE ||
+ dst_size_check < FCS_MIN_DATA_SIZE) ||
+ (src_size > FCS_MAX_DATA_SIZE ||
+ src_size < FCS_MIN_DATA_SIZE)) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
resp_len = *dst_size / MBOX_WORD_BYTE;
/* Prepare crypto header */
@@ -1149,6 +1158,12 @@
FCS_CS_FIELD_FLAG_FINALIZE) {
/* Copy mac data to command */
mac_offset = src_addr + data_size;
+
+ if ((i + ((src_size - data_size) / MBOX_WORD_BYTE)) >
+ FCS_MAC_VERIFY_CMD_MAX_WORD_SIZE) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
memcpy((uint8_t *) &payload[i], (uint8_t *) mac_offset,
src_size - data_size);
@@ -1189,7 +1204,7 @@
uint32_t resp_len;
uint32_t payload[FCS_MAC_VERIFY_CMD_MAX_WORD_SIZE] = {0U};
uintptr_t mac_offset;
-
+ uint32_t dst_size_check = 0;
/*
* Source data must be 4 bytes aligned
* User data must be 8 bytes aligned
@@ -1214,6 +1229,14 @@
return INTEL_SIP_SMC_STATUS_REJECTED;
}
+ dst_size_check = *dst_size;
+ if ((dst_size_check > FCS_MAX_DATA_SIZE ||
+ dst_size_check < FCS_MIN_DATA_SIZE) ||
+ (src_size > FCS_MAX_DATA_SIZE ||
+ src_size < FCS_MIN_DATA_SIZE)) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
resp_len = *dst_size / MBOX_WORD_BYTE;
/* Prepare crypto header */
@@ -1269,6 +1292,12 @@
* mac_offset = MAC data
*/
mac_offset = dst_addr;
+
+ if ((i + ((src_size - data_size) / MBOX_WORD_BYTE)) >
+ FCS_MAC_VERIFY_CMD_MAX_WORD_SIZE) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
memcpy((uint8_t *) &payload[i], (uint8_t *) mac_offset,
src_size - data_size);
@@ -1316,6 +1345,7 @@
uint32_t payload[FCS_ECDSA_HASH_SIGN_CMD_MAX_WORD_SIZE] = {0U};
uint32_t resp_len;
uintptr_t hash_data_addr;
+ uint32_t dst_size_check = 0;
if ((dst_size == NULL) || (mbox_error == NULL)) {
return INTEL_SIP_SMC_STATUS_REJECTED;
@@ -1331,6 +1361,14 @@
return INTEL_SIP_SMC_STATUS_REJECTED;
}
+ dst_size_check = *dst_size;
+ if ((dst_size_check > FCS_MAX_DATA_SIZE ||
+ dst_size_check < FCS_MIN_DATA_SIZE) ||
+ (src_size > FCS_MAX_DATA_SIZE ||
+ src_size < FCS_MIN_DATA_SIZE)) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
resp_len = *dst_size / MBOX_WORD_BYTE;
/* Prepare command payload */
@@ -1357,6 +1395,12 @@
/* Hash Data */
i++;
hash_data_addr = src_addr;
+
+ if ((i + ((src_size) / MBOX_WORD_BYTE)) >
+ FCS_ECDSA_HASH_SIGN_CMD_MAX_WORD_SIZE) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
memcpy((uint8_t *) &payload[i], (uint8_t *) hash_data_addr,
src_size);
@@ -1400,6 +1444,7 @@
uint32_t payload[FCS_ECDSA_HASH_SIG_VERIFY_CMD_MAX_WORD_SIZE] = {0U};
uint32_t resp_len;
uintptr_t hash_sig_pubkey_addr;
+ uint32_t dst_size_check = 0;
if ((dst_size == NULL) || (mbox_error == NULL)) {
return INTEL_SIP_SMC_STATUS_REJECTED;
@@ -1415,6 +1460,14 @@
return INTEL_SIP_SMC_STATUS_REJECTED;
}
+ dst_size_check = *dst_size;
+ if ((dst_size_check > FCS_MAX_DATA_SIZE ||
+ dst_size_check < FCS_MIN_DATA_SIZE) ||
+ (src_size > FCS_MAX_DATA_SIZE ||
+ src_size < FCS_MIN_DATA_SIZE)) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
resp_len = *dst_size / MBOX_WORD_BYTE;
/* Prepare command payload */
@@ -1443,6 +1496,12 @@
/* Hash Data Word, Signature Data Word and Public Key Data word */
i++;
hash_sig_pubkey_addr = src_addr;
+
+ if ((i + ((src_size) / MBOX_WORD_BYTE)) >
+ FCS_ECDSA_HASH_SIG_VERIFY_CMD_MAX_WORD_SIZE) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
memcpy((uint8_t *) &payload[i],
(uint8_t *) hash_sig_pubkey_addr, src_size);
@@ -1690,6 +1749,7 @@
uint32_t payload[FCS_ECDSA_SHA2_DATA_SIG_VERIFY_CMD_MAX_WORD_SIZE] = {0U};
uint32_t resp_len;
uintptr_t sig_pubkey_offset;
+ uint32_t dst_size_check = 0;
if ((dst_size == NULL) || (mbox_error == NULL)) {
return INTEL_SIP_SMC_STATUS_REJECTED;
@@ -1700,6 +1760,10 @@
return INTEL_SIP_SMC_STATUS_REJECTED;
}
+ if (data_size > src_size) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
if (!is_size_4_bytes_aligned(src_size)) {
return INTEL_SIP_SMC_STATUS_REJECTED;
}
@@ -1714,6 +1778,14 @@
return INTEL_SIP_SMC_STATUS_REJECTED;
}
+ dst_size_check = *dst_size;
+ if ((dst_size_check > FCS_MAX_DATA_SIZE ||
+ dst_size_check < FCS_MIN_DATA_SIZE) ||
+ (src_size > FCS_MAX_DATA_SIZE ||
+ src_size < FCS_MIN_DATA_SIZE)) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
resp_len = *dst_size / MBOX_WORD_BYTE;
/* Prepare crypto header */
@@ -1761,6 +1833,12 @@
FCS_CS_FIELD_FLAG_FINALIZE) {
/* Signature + Public Key Data */
sig_pubkey_offset = src_addr + data_size;
+
+ if ((i + ((src_size - data_size) / MBOX_WORD_BYTE)) >
+ FCS_ECDSA_SHA2_DATA_SIG_VERIFY_CMD_MAX_WORD_SIZE) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
memcpy((uint8_t *) &payload[i], (uint8_t *) sig_pubkey_offset,
src_size - data_size);
@@ -1801,6 +1879,7 @@
uint32_t payload[FCS_ECDSA_SHA2_DATA_SIG_VERIFY_CMD_MAX_WORD_SIZE] = {0U};
uint32_t resp_len;
uintptr_t sig_pubkey_offset;
+ uint32_t dst_size_check = 0;
/*
* Source data must be 4 bytes aligned
@@ -1819,11 +1898,23 @@
return INTEL_SIP_SMC_STATUS_REJECTED;
}
+ if (data_size > src_size) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
if (!is_address_in_ddr_range(src_addr, src_size) ||
!is_address_in_ddr_range(dst_addr, *dst_size)) {
return INTEL_SIP_SMC_STATUS_REJECTED;
}
+ dst_size_check = *dst_size;
+ if ((dst_size_check > FCS_MAX_DATA_SIZE ||
+ dst_size_check < FCS_MIN_DATA_SIZE) ||
+ (src_size > FCS_MAX_DATA_SIZE ||
+ src_size < FCS_MIN_DATA_SIZE)) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
resp_len = *dst_size / MBOX_WORD_BYTE;
/* Prepare crypto header */
@@ -1874,6 +1965,12 @@
* sig_pubkey_offset is Signature + Public Key Data
*/
sig_pubkey_offset = dst_addr;
+
+ if ((i + ((src_size - data_size) / MBOX_WORD_BYTE)) >
+ FCS_ECDSA_SHA2_DATA_SIG_VERIFY_CMD_MAX_WORD_SIZE) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
memcpy((uint8_t *) &payload[i], (uint8_t *) sig_pubkey_offset,
src_size - data_size);
@@ -1990,11 +2087,13 @@
uint32_t payload[FCS_ECDH_REQUEST_CMD_MAX_WORD_SIZE] = {0U};
uint32_t resp_len;
uintptr_t pubkey;
+ uint32_t dst_size_check = 0;
if ((dst_size == NULL) || (mbox_error == NULL)) {
return INTEL_SIP_SMC_STATUS_REJECTED;
}
+
if (fcs_ecdh_request_param.session_id != session_id ||
fcs_ecdh_request_param.context_id != context_id) {
return INTEL_SIP_SMC_STATUS_REJECTED;
@@ -2005,6 +2104,14 @@
return INTEL_SIP_SMC_STATUS_REJECTED;
}
+ dst_size_check = *dst_size;
+ if ((dst_size_check > FCS_MAX_DATA_SIZE ||
+ dst_size_check < FCS_MIN_DATA_SIZE) ||
+ (src_size > FCS_MAX_DATA_SIZE ||
+ src_size < FCS_MIN_DATA_SIZE)) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
resp_len = *dst_size / MBOX_WORD_BYTE;
/* Prepare command payload */
@@ -2028,6 +2135,12 @@
i++;
/* Public key data */
pubkey = src_addr;
+
+ if ((i + ((src_size) / MBOX_WORD_BYTE)) >
+ FCS_ECDH_REQUEST_CMD_MAX_WORD_SIZE) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
memcpy((uint8_t *) &payload[i], (uint8_t *) pubkey, src_size);
i += src_size / MBOX_WORD_BYTE;
@@ -2162,6 +2275,11 @@
fcs_aes_crypt_payload[i] = fcs_aes_init_payload.key_id;
i++;
+ if ((i + ((fcs_aes_init_payload.param_size) / MBOX_WORD_BYTE)) >
+ FCS_AES_CMD_MAX_WORD_SIZE) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
memcpy((uint8_t *) &fcs_aes_crypt_payload[i],
(uint8_t *) fcs_aes_init_payload.crypto_param,
fcs_aes_init_payload.param_size);
diff --git a/plat/intel/soc/common/soc/socfpga_emac.c b/plat/intel/soc/common/soc/socfpga_emac.c
index cacfd53..02ff89e 100644
--- a/plat/intel/soc/common/soc/socfpga_emac.c
+++ b/plat/intel/soc/common/soc/socfpga_emac.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020, Intel Corporation. All rights reserved.
+ * Copyright (c) 2020-2023, Intel Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -8,6 +8,7 @@
#include <platform_def.h>
#include "socfpga_emac.h"
+#include "socfpga_plat_def.h"
#include "socfpga_reset_manager.h"
#include "socfpga_system_manager.h"
diff --git a/plat/intel/soc/common/soc/socfpga_handoff.c b/plat/intel/soc/common/soc/socfpga_handoff.c
index 4bb3a96..a3146b4 100644
--- a/plat/intel/soc/common/soc/socfpga_handoff.c
+++ b/plat/intel/soc/common/soc/socfpga_handoff.c
@@ -4,6 +4,7 @@
* SPDX-License-Identifier: BSD-3-Clause
*/
+#include <errno.h>
#include <string.h>
#include "socfpga_handoff.h"
@@ -17,6 +18,10 @@
uint32_t *buffer;
handoff *handoff_ptr = (handoff *) PLAT_HANDOFF_OFFSET;
+ if (sizeof(*handoff_ptr) > sizeof(handoff)) {
+ return -EOVERFLOW;
+ }
+
memcpy(reverse_hoff_ptr, handoff_ptr, sizeof(handoff));
buffer = (uint32_t *)reverse_hoff_ptr;
diff --git a/plat/intel/soc/common/soc/socfpga_mailbox.c b/plat/intel/soc/common/soc/socfpga_mailbox.c
index 7010d81..525ac2b 100644
--- a/plat/intel/soc/common/soc/socfpga_mailbox.c
+++ b/plat/intel/soc/common/soc/socfpga_mailbox.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2020-2022, Intel Corporation. All rights reserved.
+ * Copyright (c) 2020-2023, Intel Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,8 +7,10 @@
#include <lib/mmio.h>
#include <common/debug.h>
#include <drivers/delay_timer.h>
+#include <platform_def.h>
#include "socfpga_mailbox.h"
+#include "socfpga_plat_def.h"
#include "socfpga_sip_svc.h"
#include "socfpga_system_manager.h"
@@ -183,6 +185,7 @@
uint32_t resp_data;
uint32_t ret_resp_len = 0;
uint8_t is_done = 0;
+ uint32_t resp_len_check = 0;
if ((mailbox_resp_ctr.flag & MBOX_PAYLOAD_FLAG_BUSY) != 0) {
ret_resp_len = MBOX_RESP_LEN(
@@ -242,6 +245,12 @@
*resp_len = ret_resp_len;
}
+ resp_len_check = (uint32_t) *resp_len;
+
+ if (resp_len_check > MBOX_DATA_MAX_LEN) {
+ return MBOX_RET_ERROR;
+ }
+
memcpy((uint8_t *) response,
(uint8_t *) mailbox_resp_ctr.payload->data,
*resp_len * MBOX_WORD_BYTE);
@@ -669,3 +678,10 @@
CMD_CASUAL, resp_buf,
&resp_len);
}
+
+int mailbox_seu_err_status(uint32_t *resp_buf, uint32_t resp_buf_len)
+{
+ return mailbox_send_cmd(MBOX_JOB_ID, MBOX_CMD_SEU_ERR_READ, NULL, 0U,
+ CMD_CASUAL, resp_buf,
+ &resp_buf_len);;
+}
diff --git a/plat/intel/soc/common/soc/socfpga_reset_manager.c b/plat/intel/soc/common/soc/socfpga_reset_manager.c
index 77d9a73..a546638 100644
--- a/plat/intel/soc/common/soc/socfpga_reset_manager.c
+++ b/plat/intel/soc/common/soc/socfpga_reset_manager.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2022, Intel Corporation. All rights reserved.
+ * Copyright (c) 2019-2023, Intel Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -8,9 +8,11 @@
#include <common/debug.h>
#include <drivers/delay_timer.h>
#include <lib/mmio.h>
+#include <platform_def.h>
#include "socfpga_f2sdram_manager.h"
#include "socfpga_mailbox.h"
+#include "socfpga_plat_def.h"
#include "socfpga_reset_manager.h"
#include "socfpga_system_manager.h"
diff --git a/plat/intel/soc/common/socfpga_psci.c b/plat/intel/soc/common/socfpga_psci.c
index bdece93..3b96dfc 100644
--- a/plat/intel/soc/common/socfpga_psci.c
+++ b/plat/intel/soc/common/socfpga_psci.c
@@ -1,12 +1,16 @@
/*
- * Copyright (c) 2019-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2019-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <arch_helpers.h>
#include <common/debug.h>
+#ifndef SOCFPGA_GIC_V3
#include <drivers/arm/gicv2.h>
+#else
+#include <drivers/arm/gicv3.h>
+#endif
#include <lib/mmio.h>
#include <lib/psci/psci.h>
#include <plat/common/platform.h>
@@ -14,8 +18,8 @@
#include "socfpga_mailbox.h"
#include "socfpga_plat_def.h"
#include "socfpga_reset_manager.h"
-#include "socfpga_system_manager.h"
#include "socfpga_sip_svc.h"
+#include "socfpga_system_manager.h"
/*******************************************************************************
@@ -146,11 +150,11 @@
memcpy(addr_buf, &intel_rsu_update_address,
sizeof(intel_rsu_update_address));
-
- if (intel_rsu_update_address)
+ if (intel_rsu_update_address) {
mailbox_rsu_update(addr_buf);
- else
+ } else {
mailbox_reset_cold();
+ }
while (1)
wfi();
diff --git a/plat/intel/soc/common/socfpga_sip_svc.c b/plat/intel/soc/common/socfpga_sip_svc.c
index 79f743f..ff050e4 100644
--- a/plat/intel/soc/common/socfpga_sip_svc.c
+++ b/plat/intel/soc/common/socfpga_sip_svc.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2019-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -12,9 +12,10 @@
#include "socfpga_fcs.h"
#include "socfpga_mailbox.h"
+#include "socfpga_plat_def.h"
#include "socfpga_reset_manager.h"
#include "socfpga_sip_svc.h"
-
+#include "socfpga_system_manager.h"
/* Total buffer the driver can hold */
#define FPGA_CONFIG_BUFFER_SIZE 4
@@ -443,6 +444,10 @@
static uint32_t intel_rsu_update(uint64_t update_address)
{
+ if (update_address > SIZE_MAX) {
+ return INTEL_SIP_SMC_STATUS_REJECTED;
+ }
+
intel_rsu_update_address = update_address;
return INTEL_SIP_SMC_STATUS_OK;
}
@@ -648,6 +653,16 @@
return INTEL_SIP_SMC_STATUS_OK;
}
+/* SDM SEU Error services */
+static uint32_t intel_sdm_seu_err_read(uint64_t *respbuf, unsigned int respbuf_sz)
+{
+ if (mailbox_seu_err_status((uint32_t *)respbuf, respbuf_sz) < 0) {
+ return INTEL_SIP_SMC_SEU_ERR_READ_ERROR;
+ }
+
+ return INTEL_SIP_SMC_STATUS_OK;
+}
+
/*
* This function is responsible for handling all SiP calls from the NS world
*/
@@ -664,7 +679,7 @@
uint32_t retval = 0, completed_addr[3];
uint32_t retval2 = 0;
uint32_t mbox_error = 0;
- uint64_t retval64, rsu_respbuf[9];
+ uint64_t retval64, rsu_respbuf[9], seu_respbuf[3];
int status = INTEL_SIP_SMC_STATUS_OK;
int mbox_status;
unsigned int len_in_resp;
@@ -1170,6 +1185,15 @@
SIP_SVC_VERSION_MAJOR,
SIP_SVC_VERSION_MINOR);
+ case INTEL_SIP_SMC_SEU_ERR_STATUS:
+ status = intel_sdm_seu_err_read(seu_respbuf,
+ ARRAY_SIZE(seu_respbuf));
+ if (status) {
+ SMC_RET1(handle, status);
+ } else {
+ SMC_RET3(handle, seu_respbuf[0], seu_respbuf[1], seu_respbuf[2]);
+ }
+
default:
return socfpga_sip_handler(smc_fid, x1, x2, x3, x4,
cookie, handle, flags);
diff --git a/plat/intel/soc/common/socfpga_storage.c b/plat/intel/soc/common/socfpga_storage.c
index a2f2c18..79e15d7 100644
--- a/plat/intel/soc/common/socfpga_storage.c
+++ b/plat/intel/soc/common/socfpga_storage.c
@@ -1,6 +1,6 @@
/*
* Copyright (c) 2019, ARM Limited and Contributors. All rights reserved.
- * Copyright (c) 2019, Intel Corporation. All rights reserved.
+ * Copyright (c) 2019-2023, Intel Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
diff --git a/plat/intel/soc/n5x/include/n5x_system_manager.h b/plat/intel/soc/n5x/include/n5x_system_manager.h
new file mode 100644
index 0000000..b628219
--- /dev/null
+++ b/plat/intel/soc/n5x/include/n5x_system_manager.h
@@ -0,0 +1,197 @@
+/*
+ * Copyright (c) 2019-2023, Intel Corporation. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+#ifndef N5X_SOCFPGA_SYSTEMMANAGER_H
+#define N5X_SOCFPGA_SYSTEMMANAGER_H
+
+#include "socfpga_plat_def.h"
+
+/* System Manager Register Map */
+#define SOCFPGA_SYSMGR_SILICONID_1 0x00
+#define SOCFPGA_SYSMGR_SILICONID_2 0x04
+#define SOCFPGA_SYSMGR_WDDBG 0x08
+#define SOCFPGA_SYSMGR_MPU_STATUS 0x10
+#define SOCFPGA_SYSMGR_SDMMC_L3_MASTER 0x2C
+#define SOCFPGA_SYSMGR_NAND_L3_MASTER 0x34
+#define SOCFPGA_SYSMGR_USB0_L3_MASTER 0x38
+#define SOCFPGA_SYSMGR_USB1_L3_MASTER 0x3C
+#define SOCFPGA_SYSMGR_TSN_GLOBAL 0x40
+#define SOCFPGA_SYSMGR_EMAC_0 0x44 /* TSN_0 */
+#define SOCFPGA_SYSMGR_EMAC_1 0x48 /* TSN_1 */
+#define SOCFPGA_SYSMGR_EMAC_2 0x4C /* TSN_2 */
+#define SOCFPGA_SYSMGR_TSN_0_ACE 0x50
+#define SOCFPGA_SYSMGR_TSN_1_ACE 0x54
+#define SOCFPGA_SYSMGR_TSN_2_ACE 0x58
+#define SOCFPGA_SYSMGR_FPGAINTF_EN_1 0x68
+#define SOCFPGA_SYSMGR_FPGAINTF_EN_2 0x6C
+#define SOCFPGA_SYSMGR_FPGAINTF_EN_3 0x70
+#define SOCFPGA_SYSMGR_DMAC0_L3_MASTER 0x74
+#define SOCFPGA_SYSMGR_ETR_L3_MASTER 0x78
+#define SOCFPGA_SYSMGR_DMAC1_L3_MASTER 0x7C
+#define SOCFPGA_SYSMGR_SEC_CTRL_SLT 0x80
+#define SOCFPGA_SYSMGR_OSC_TRIM 0x84
+#define SOCFPGA_SYSMGR_DMAC0_CTRL_STATUS_REG 0x88
+#define SOCFPGA_SYSMGR_DMAC1_CTRL_STATUS_REG 0x8C
+#define SOCFPGA_SYSMGR_ECC_INTMASK_VALUE 0x90
+#define SOCFPGA_SYSMGR_ECC_INTMASK_SET 0x94
+#define SOCFPGA_SYSMGR_ECC_INTMASK_CLR 0x98
+#define SOCFPGA_SYSMGR_ECC_INTMASK_SERR 0x9C
+#define SOCFPGA_SYSMGR_ECC_INTMASK_DERR 0xA0
+/* NOC configuration value for Agilex5 */
+#define SOCFPGA_SYSMGR_NOC_TIMEOUT 0xC0
+#define SOCFPGA_SYSMGR_NOC_IDLEREQ_SET 0xC4
+#define SOCFPGA_SYSMGR_NOC_IDLEREQ_CLR 0xC8
+#define SOCFPGA_SYSMGR_NOC_IDLEREQ_VAL 0xCC
+#define SOCFPGA_SYSMGR_NOC_IDLEACK 0xD0
+#define SOCFPGA_SYSMGR_NOC_IDLESTATUS 0xD4
+#define SOCFPGA_SYSMGR_FPGA2SOC_CTRL 0xD8
+#define SOCFPGA_SYSMGR_FPGA_CFG 0xDC
+#define SOCFPGA_SYSMGR_GPO 0xE4
+#define SOCFPGA_SYSMGR_GPI 0xE8
+#define SOCFPGA_SYSMGR_MPU 0xF0
+#define SOCFPGA_SYSMGR_SDM_HPS_SPARE 0xF4
+#define SOCFPGA_SYSMGR_HPS_SDM_SPARE 0xF8
+#define SOCFPGA_SYSMGR_DFI_INTF 0xFC
+#define SOCFPGA_SYSMGR_NAND_DD_CTRL 0x100
+#define SOCFPGA_SYSMGR_NAND_PHY_CTRL_REG 0x104
+#define SOCFPGA_SYSMGR_NAND_PHY_TSEL_REG 0x108
+#define SOCFPGA_SYSMGR_NAND_DQ_TIMING_REG 0x10C
+#define SOCFPGA_SYSMGR_PHY_DQS_TIMING_REG 0x110
+#define SOCFPGA_SYSMGR_NAND_PHY_GATE_LPBK_CTRL_REG 0x114
+#define SOCFPGA_SYSMGR_NAND_PHY_DLL_MASTER_CTRL_REG 0x118
+#define SOCFPGA_SYSMGR_NAND_PHY_DLL_SLAVE_CTRL_REG 0x11C
+#define SOCFPGA_SYSMGR_NAND_DD_DEFAULT_SETTING_REG0 0x120
+#define SOCFPGA_SYSMGR_NAND_DD_DEFAULT_SETTING_REG1 0x124
+#define SOCFPGA_SYSMGR_NAND_DD_STATUS_REG 0x128
+#define SOCFPGA_SYSMGR_NAND_DD_ID_LOW_REG 0x12C
+#define SOCFPGA_SYSMGR_NAND_DD_ID_HIGH_REG 0x130
+#define SOCFPGA_SYSMGR_NAND_WRITE_PROT_EN_REG 0x134
+#define SOCFPGA_SYSMGR_SDMMC_CMD_QUEUE_SETTING_REG 0x138
+#define SOCFPGA_SYSMGR_I3C_SLV_PID_LOW 0x13C
+#define SOCFPGA_SYSMGR_I3C_SLV_PID_HIGH 0x140
+#define SOCFPGA_SYSMGR_I3C_SLV_CTRL_0 0x144
+#define SOCFPGA_SYSMGR_I3C_SLV_CTRL_1 0x148
+#define SOCFPGA_SYSMGR_F2S_BRIDGE_CTRL 0x14C
+#define SOCFPGA_SYSMGR_DMA_TBU_STASH_CTRL_REG_0_DMA0 0x150
+#define SOCFPGA_SYSMGR_DMA_TBU_STASH_CTRL_REG_0_DMA1 0x154
+#define SOCFPGA_SYSMGR_SDM_TBU_STASH_CTRL_REG_1_SDM 0x158
+#define SOCFPGA_SYSMGR_IO_TBU_STASH_CTRL_REG_2_USB2 0x15C
+#define SOCFPGA_SYSMGR_IO_TBU_STASH_CTRL_REG_2_USB3 0x160
+#define SOCFPGA_SYSMGR_IO_TBU_STASH_CTRL_REG_2_SDMMC 0x164
+#define SOCFPGA_SYSMGR_IO_TBU_STASH_CTRL_REG_2_NAND 0x168
+#define SOCFPGA_SYSMGR_IO_TBU_STASH_CTRL_REG_2_ETR 0x16C
+#define SOCFPGA_SYSMGR_TSN_TBU_STASH_CTRL_REG_3_TSN0 0x170
+#define SOCFPGA_SYSMGR_TSN_TBU_STASH_CTRL_REG_3_TSN1 0x174
+#define SOCFPGA_SYSMGR_TSN_TBU_STASH_CTRL_REG_3_TSN2 0x178
+#define SOCFPGA_SYSMGR_DMA_TBU_STREAM_CTRL_REG_0_DMA0 0x17C
+#define SOCFPGA_SYSMGR_DMA_TBU_STREAM_CTRL_REG_0_DMA1 0x180
+#define SOCFPGA_SYSMGR_SDM_TBU_STREAM_CTRL_REG_1_SDM 0x184
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_CTRL_REG_2_USB2 0x188
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_CTRL_REG_2_USB3 0x18C
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_CTRL_REG_2_SDMMC 0x190
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_CTRL_REG_2_NAND 0x194
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_CTRL_REG_2_ETR 0x198
+#define SOCFPGA_SYSMGR_TSN_TBU_STREAM_CTRL_REG_3_TSN0 0x19C
+#define SOCFPGA_SYSMGR_TSN_TBU_STREAM_CTRL_REG_3_TSN1 0x1A0
+#define SOCFPGA_SYSMGR_TSN_TBU_STREAM_CTRL_REG_3_TSN2 0x1A4
+#define SOCFPGA_SYSMGR_DMA_TBU_STREAM_ID_AX_REG_0_DMA0 0x1A8
+#define SOCFPGA_SYSMGR_DMA_TBU_STREAM_ID_AX_REG_0_DMA1 0x1AC
+#define SOCFPGA_SYSMGR_SDM_TBU_STREAM_ID_AX_REG_1_SDM 0x1B0
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_ID_AX_REG_2_USB2 0x1B4
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_ID_AX_REG_2_USB3 0x1B8
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_ID_AX_REG_2_SDMMC 0x1BC
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_ID_AX_REG_2_NAND 0x1C0
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_ID_AX_REG_2_ETR 0x1C4
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_ID_AX_REG_2_TSN0 0x1C8
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_ID_AX_REG_2_TSN1 0x1CC
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_ID_AX_REG_2_TSN2 0x1D0
+#define SOCFPGA_SYSMGR_USB3_MISC_CTRL_REG0 0x1F0
+#define SOCFPGA_SYSMGR_USB3_MISC_CTRL_REG1 0x1F4
+
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_0 0x200
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_1 0x204
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_2 0x208
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_3 0x20C
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_4 0x210
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_5 0x214
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_6 0x218
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_7 0x21C
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_8 0x220
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_9 0x224
+#define SOCFPGA_SYSMGR_MPFE_CONFIG 0x228
+#define SOCFPGA_SYSMGR_MPFE_status 0x22C
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_0 0x230
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_1 0x234
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_2 0x238
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_3 0x23C
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_4 0x240
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_5 0x244
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_6 0x248
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_7 0x24C
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_8 0x250
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_9 0x254
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_0 0x258
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_1 0x25C
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_2 0x260
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_3 0x264
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_4 0x268
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_5 0x26C
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_6 0x270
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_7 0x274
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_8 0x278
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_9 0x27C
+
+#define DMA0_STREAM_CTRL_REG 0x10D1217C
+#define DMA1_STREAM_CTRL_REG 0x10D12180
+#define SDM_STREAM_CTRL_REG 0x10D12184
+#define USB2_STREAM_CTRL_REG 0x10D12188
+#define USB3_STREAM_CTRL_REG 0x10D1218C
+#define SDMMC_STREAM_CTRL_REG 0x10D12190
+#define NAND_STREAM_CTRL_REG 0x10D12194
+#define ETR_STREAM_CTRL_REG 0x10D12198
+#define TSN0_STREAM_CTRL_REG 0x10D1219C
+#define TSN1_STREAM_CTRL_REG 0x10D121A0
+#define TSN2_STREAM_CTRL_REG 0x10D121A4
+
+/* Stream ID configuration value for Agilex5 */
+#define TSN0 0x00010001
+#define TSN1 0x00020002
+#define TSN2 0x00030003
+#define NAND 0x00040004
+#define SDMMC 0x00050005
+#define USB0 0x00060006
+#define USB1 0x00070007
+#define DMA0 0x00080008
+#define DMA1 0x00090009
+#define SDM 0x000A000A
+#define CORE_SIGHT_DEBUG 0x000B000B
+
+
+
+
+/* Field Masking */
+#define SYSMGR_SDMMC_DRVSEL(x) (((x) & 0x7) << 0)
+#define SYSMGR_SDMMC_SMPLSEL(x) (((x) & 0x7) << 4)
+#define IDLE_DATA_LWSOC2FPGA BIT(4)
+#define IDLE_DATA_SOC2FPGA BIT(0)
+#define IDLE_DATA_MASK (IDLE_DATA_LWSOC2FPGA | IDLE_DATA_SOC2FPGA)
+#define SYSMGR_ECC_OCRAM_MASK BIT(1)
+#define SYSMGR_ECC_DDR0_MASK BIT(16)
+#define SYSMGR_ECC_DDR1_MASK BIT(17)
+#define WSTREAMIDEN_REG_CTRL BIT(0)
+#define RSTREAMIDEN_REG_CTRL BIT(1)
+#define WMMUSECSID_REG_VAL BIT(4)
+#define RMMUSECSID_REG_VAL BIT(5)
+
+/* Macros */
+#define SOCFPGA_SYSMGR(_reg) (SOCFPGA_SYSMGR_REG_BASE \
+ + (SOCFPGA_SYSMGR_##_reg))
+#define ENABLE_STREAMID WSTREAMIDEN_REG_CTRL | \
+ RSTREAMIDEN_REG_CTRL
+#define ENABLE_STREAMID_SECURE_TX WSTREAMIDEN_REG_CTRL | \
+ RSTREAMIDEN_REG_CTRL | \
+ WMMUSECSID_REG_VAL | RMMUSECSID_REG_VAL
+
+#endif /* N5X_SOCFPGA_SYSTEMMANAGER_H */
diff --git a/plat/intel/soc/n5x/include/socfpga_plat_def.h b/plat/intel/soc/n5x/include/socfpga_plat_def.h
index eec8411..197bbca 100644
--- a/plat/intel/soc/n5x/include/socfpga_plat_def.h
+++ b/plat/intel/soc/n5x/include/socfpga_plat_def.h
@@ -1,6 +1,6 @@
/*
* Copyright (c) 2020-2022, ARM Limited and Contributors. All rights reserved.
- * Copyright (c) 2020-2022, Intel Corporation. All rights reserved.
+ * Copyright (c) 2020-2023, Intel Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -8,16 +8,24 @@
#ifndef PLAT_SOCFPGA_DEF_H
#define PLAT_SOCFPGA_DEF_H
+#include "n5x_system_manager.h"
#include <platform_def.h>
/* Platform Setting */
-#define PLATFORM_MODEL PLAT_SOCFPGA_N5X
-#define BOOT_SOURCE BOOT_SOURCE_SDMMC
+#define PLATFORM_MODEL PLAT_SOCFPGA_N5X
+#define BOOT_SOURCE BOOT_SOURCE_SDMMC
+#define PLAT_PRIMARY_CPU 0
+#define PLAT_CLUSTER_ID_MPIDR_AFF_SHIFT MPIDR_AFF1_SHIFT
+#define PLAT_CPU_ID_MPIDR_AFF_SHIFT MPIDR_AFF0_SHIFT
/* FPGA config helpers */
#define INTEL_SIP_SMC_FPGA_CONFIG_ADDR 0x400000
#define INTEL_SIP_SMC_FPGA_CONFIG_SIZE 0x2000000
+/* QSPI Setting */
+#define CAD_QSPIDATA_OFST 0xff900000
+#define CAD_QSPI_OFFSET 0xff8d2000
+
/* Register Mapping */
#define SOCFPGA_CCU_NOC_REG_BASE U(0xf7000000)
#define SOCFPGA_F2SDRAMMGR_REG_BASE U(0xf8024000)
@@ -32,6 +40,55 @@
#define SOCFPGA_SOC2FPGA_SCR_REG_BASE U(0xffd21200)
#define SOCFPGA_LWSOC2FPGA_SCR_REG_BASE U(0xffd21300)
+
+/*******************************************************************************
+ * Platform memory map related constants
+ ******************************************************************************/
+#define DRAM_BASE (0x0)
+#define DRAM_SIZE (0x80000000)
+
+#define OCRAM_BASE (0xFFE00000)
+#define OCRAM_SIZE (0x00040000)
+
+#define MEM64_BASE (0x0100000000)
+#define MEM64_SIZE (0x1F00000000)
+
+#define DEVICE1_BASE (0x80000000)
+#define DEVICE1_SIZE (0x60000000)
+
+#define DEVICE2_BASE (0xF7000000)
+#define DEVICE2_SIZE (0x08E00000)
+
+#define DEVICE3_BASE (0xFFFC0000)
+#define DEVICE3_SIZE (0x00008000)
+
+#define DEVICE4_BASE (0x2000000000)
+#define DEVICE4_SIZE (0x0100000000)
+
+#define BL2_BASE (0xffe00000)
+#define BL2_LIMIT (0xffe1b000)
+
+#define BL31_BASE (0x1000)
+#define BL31_LIMIT (0x81000)
+
+/*******************************************************************************
+ * UART related constants
+ ******************************************************************************/
+#define PLAT_UART0_BASE (0xFFC02000)
+#define PLAT_UART1_BASE (0xFFC02100)
+
+/*******************************************************************************
+ * GIC related constants
+ ******************************************************************************/
+#define PLAT_GIC_BASE (0xFFFC0000)
+#define PLAT_GICC_BASE (PLAT_GIC_BASE + 0x2000)
+#define PLAT_GICD_BASE (PLAT_GIC_BASE + 0x1000)
+#define PLAT_GICR_BASE 0
+
+#define PLAT_SYS_COUNTER_FREQ_IN_TICKS (400000000)
+#define PLAT_HZ_CONVERT_TO_MHZ (1000000)
+
+/* Platform specific system counter */
#define PLAT_SYS_COUNTER_FREQ_IN_MHZ get_cpu_clk()
#endif /* PLAT_SOCFPGA_DEF_H */
diff --git a/plat/intel/soc/n5x/soc/n5x_clock_manager.c b/plat/intel/soc/n5x/soc/n5x_clock_manager.c
index f8ff2c5..f32e0f8 100644
--- a/plat/intel/soc/n5x/soc/n5x_clock_manager.c
+++ b/plat/intel/soc/n5x/soc/n5x_clock_manager.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2023, Intel Corporation. All rights reserved.
+ * Copyright (c) 2019-2022, Intel Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -11,9 +11,10 @@
#include <lib/mmio.h>
#include "n5x_clock_manager.h"
-#include "socfpga_system_manager.h"
+#include "n5x_system_manager.h"
+
uint64_t clk_get_pll_output_hz(void)
{
uint32_t clksrc;
@@ -87,6 +88,7 @@
default:
return 0;
+ break;
}
clock /= BIT(((get_clk_freq(CLKMGR_MAINPLL_NOCDIV)) >>
@@ -125,6 +127,7 @@
default:
return 0;
+ break;
}
clock /= BIT(((get_clk_freq(CLKMGR_MAINPLL_NOCDIV)) >>
diff --git a/plat/intel/soc/stratix10/include/s10_clock_manager.h b/plat/intel/soc/stratix10/include/s10_clock_manager.h
index 661e204..5f76375 100644
--- a/plat/intel/soc/stratix10/include/s10_clock_manager.h
+++ b/plat/intel/soc/stratix10/include/s10_clock_manager.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2022, Intel Corporation. All rights reserved.
+ * Copyright (c) 2019-2023, Intel Corporation. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -7,6 +7,7 @@
#ifndef __CLOCKMANAGER_H__
#define __CLOCKMANAGER_H__
+#include "s10_system_manager.h"
#include "socfpga_handoff.h"
#define ALT_CLKMGR 0xffd10000
diff --git a/plat/intel/soc/stratix10/include/s10_system_manager.h b/plat/intel/soc/stratix10/include/s10_system_manager.h
new file mode 100644
index 0000000..88c0b46
--- /dev/null
+++ b/plat/intel/soc/stratix10/include/s10_system_manager.h
@@ -0,0 +1,194 @@
+/*
+ * Copyright (c) 2019-2023, Intel Corporation. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+#ifndef S10_SOCFPGA_SYSTEMMANAGER_H
+#define S10_SOCFPGA_SYSTEMMANAGER_H
+
+#include "socfpga_plat_def.h"
+
+/* System Manager Register Map */
+#define SOCFPGA_SYSMGR_SILICONID_1 0x00
+#define SOCFPGA_SYSMGR_SILICONID_2 0x04
+#define SOCFPGA_SYSMGR_WDDBG 0x08
+#define SOCFPGA_SYSMGR_MPU_STATUS 0x10
+#define SOCFPGA_SYSMGR_SDMMC_L3_MASTER 0x2C
+#define SOCFPGA_SYSMGR_NAND_L3_MASTER 0x34
+#define SOCFPGA_SYSMGR_USB0_L3_MASTER 0x38
+#define SOCFPGA_SYSMGR_USB1_L3_MASTER 0x3C
+#define SOCFPGA_SYSMGR_TSN_GLOBAL 0x40
+#define SOCFPGA_SYSMGR_EMAC_0 0x44 /* TSN_0 */
+#define SOCFPGA_SYSMGR_EMAC_1 0x48 /* TSN_1 */
+#define SOCFPGA_SYSMGR_EMAC_2 0x4C /* TSN_2 */
+#define SOCFPGA_SYSMGR_TSN_0_ACE 0x50
+#define SOCFPGA_SYSMGR_TSN_1_ACE 0x54
+#define SOCFPGA_SYSMGR_TSN_2_ACE 0x58
+#define SOCFPGA_SYSMGR_FPGAINTF_EN_1 0x68
+#define SOCFPGA_SYSMGR_FPGAINTF_EN_2 0x6C
+#define SOCFPGA_SYSMGR_FPGAINTF_EN_3 0x70
+#define SOCFPGA_SYSMGR_DMAC0_L3_MASTER 0x74
+#define SOCFPGA_SYSMGR_ETR_L3_MASTER 0x78
+#define SOCFPGA_SYSMGR_DMAC1_L3_MASTER 0x7C
+#define SOCFPGA_SYSMGR_SEC_CTRL_SLT 0x80
+#define SOCFPGA_SYSMGR_OSC_TRIM 0x84
+#define SOCFPGA_SYSMGR_DMAC0_CTRL_STATUS_REG 0x88
+#define SOCFPGA_SYSMGR_DMAC1_CTRL_STATUS_REG 0x8C
+#define SOCFPGA_SYSMGR_ECC_INTMASK_VALUE 0x90
+#define SOCFPGA_SYSMGR_ECC_INTMASK_SET 0x94
+#define SOCFPGA_SYSMGR_ECC_INTMASK_CLR 0x98
+#define SOCFPGA_SYSMGR_ECC_INTMASK_SERR 0x9C
+#define SOCFPGA_SYSMGR_ECC_INTMASK_DERR 0xA0
+/* NOC configuration value for Agilex5 */
+#define SOCFPGA_SYSMGR_NOC_TIMEOUT 0xC0
+#define SOCFPGA_SYSMGR_NOC_IDLEREQ_SET 0xC4
+#define SOCFPGA_SYSMGR_NOC_IDLEREQ_CLR 0xC8
+#define SOCFPGA_SYSMGR_NOC_IDLEREQ_VAL 0xCC
+#define SOCFPGA_SYSMGR_NOC_IDLEACK 0xD0
+#define SOCFPGA_SYSMGR_NOC_IDLESTATUS 0xD4
+#define SOCFPGA_SYSMGR_FPGA2SOC_CTRL 0xD8
+#define SOCFPGA_SYSMGR_FPGA_CFG 0xDC
+#define SOCFPGA_SYSMGR_GPO 0xE4
+#define SOCFPGA_SYSMGR_GPI 0xE8
+#define SOCFPGA_SYSMGR_MPU 0xF0
+#define SOCFPGA_SYSMGR_SDM_HPS_SPARE 0xF4
+#define SOCFPGA_SYSMGR_HPS_SDM_SPARE 0xF8
+#define SOCFPGA_SYSMGR_DFI_INTF 0xFC
+#define SOCFPGA_SYSMGR_NAND_DD_CTRL 0x100
+#define SOCFPGA_SYSMGR_NAND_PHY_CTRL_REG 0x104
+#define SOCFPGA_SYSMGR_NAND_PHY_TSEL_REG 0x108
+#define SOCFPGA_SYSMGR_NAND_DQ_TIMING_REG 0x10C
+#define SOCFPGA_SYSMGR_PHY_DQS_TIMING_REG 0x110
+#define SOCFPGA_SYSMGR_NAND_PHY_GATE_LPBK_CTRL_REG 0x114
+#define SOCFPGA_SYSMGR_NAND_PHY_DLL_MASTER_CTRL_REG 0x118
+#define SOCFPGA_SYSMGR_NAND_PHY_DLL_SLAVE_CTRL_REG 0x11C
+#define SOCFPGA_SYSMGR_NAND_DD_DEFAULT_SETTING_REG0 0x120
+#define SOCFPGA_SYSMGR_NAND_DD_DEFAULT_SETTING_REG1 0x124
+#define SOCFPGA_SYSMGR_NAND_DD_STATUS_REG 0x128
+#define SOCFPGA_SYSMGR_NAND_DD_ID_LOW_REG 0x12C
+#define SOCFPGA_SYSMGR_NAND_DD_ID_HIGH_REG 0x130
+#define SOCFPGA_SYSMGR_NAND_WRITE_PROT_EN_REG 0x134
+#define SOCFPGA_SYSMGR_SDMMC_CMD_QUEUE_SETTING_REG 0x138
+#define SOCFPGA_SYSMGR_I3C_SLV_PID_LOW 0x13C
+#define SOCFPGA_SYSMGR_I3C_SLV_PID_HIGH 0x140
+#define SOCFPGA_SYSMGR_I3C_SLV_CTRL_0 0x144
+#define SOCFPGA_SYSMGR_I3C_SLV_CTRL_1 0x148
+#define SOCFPGA_SYSMGR_F2S_BRIDGE_CTRL 0x14C
+#define SOCFPGA_SYSMGR_DMA_TBU_STASH_CTRL_REG_0_DMA0 0x150
+#define SOCFPGA_SYSMGR_DMA_TBU_STASH_CTRL_REG_0_DMA1 0x154
+#define SOCFPGA_SYSMGR_SDM_TBU_STASH_CTRL_REG_1_SDM 0x158
+#define SOCFPGA_SYSMGR_IO_TBU_STASH_CTRL_REG_2_USB2 0x15C
+#define SOCFPGA_SYSMGR_IO_TBU_STASH_CTRL_REG_2_USB3 0x160
+#define SOCFPGA_SYSMGR_IO_TBU_STASH_CTRL_REG_2_SDMMC 0x164
+#define SOCFPGA_SYSMGR_IO_TBU_STASH_CTRL_REG_2_NAND 0x168
+#define SOCFPGA_SYSMGR_IO_TBU_STASH_CTRL_REG_2_ETR 0x16C
+#define SOCFPGA_SYSMGR_TSN_TBU_STASH_CTRL_REG_3_TSN0 0x170
+#define SOCFPGA_SYSMGR_TSN_TBU_STASH_CTRL_REG_3_TSN1 0x174
+#define SOCFPGA_SYSMGR_TSN_TBU_STASH_CTRL_REG_3_TSN2 0x178
+#define SOCFPGA_SYSMGR_DMA_TBU_STREAM_CTRL_REG_0_DMA0 0x17C
+#define SOCFPGA_SYSMGR_DMA_TBU_STREAM_CTRL_REG_0_DMA1 0x180
+#define SOCFPGA_SYSMGR_SDM_TBU_STREAM_CTRL_REG_1_SDM 0x184
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_CTRL_REG_2_USB2 0x188
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_CTRL_REG_2_USB3 0x18C
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_CTRL_REG_2_SDMMC 0x190
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_CTRL_REG_2_NAND 0x194
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_CTRL_REG_2_ETR 0x198
+#define SOCFPGA_SYSMGR_TSN_TBU_STREAM_CTRL_REG_3_TSN0 0x19C
+#define SOCFPGA_SYSMGR_TSN_TBU_STREAM_CTRL_REG_3_TSN1 0x1A0
+#define SOCFPGA_SYSMGR_TSN_TBU_STREAM_CTRL_REG_3_TSN2 0x1A4
+#define SOCFPGA_SYSMGR_DMA_TBU_STREAM_ID_AX_REG_0_DMA0 0x1A8
+#define SOCFPGA_SYSMGR_DMA_TBU_STREAM_ID_AX_REG_0_DMA1 0x1AC
+#define SOCFPGA_SYSMGR_SDM_TBU_STREAM_ID_AX_REG_1_SDM 0x1B0
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_ID_AX_REG_2_USB2 0x1B4
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_ID_AX_REG_2_USB3 0x1B8
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_ID_AX_REG_2_SDMMC 0x1BC
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_ID_AX_REG_2_NAND 0x1C0
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_ID_AX_REG_2_ETR 0x1C4
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_ID_AX_REG_2_TSN0 0x1C8
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_ID_AX_REG_2_TSN1 0x1CC
+#define SOCFPGA_SYSMGR_IO_TBU_STREAM_ID_AX_REG_2_TSN2 0x1D0
+#define SOCFPGA_SYSMGR_USB3_MISC_CTRL_REG0 0x1F0
+#define SOCFPGA_SYSMGR_USB3_MISC_CTRL_REG1 0x1F4
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_0 0x200
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_1 0x204
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_2 0x208
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_3 0x20C
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_4 0x210
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_5 0x214
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_6 0x218
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_7 0x21C
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_8 0x220
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_COLD_9 0x224
+#define SOCFPGA_SYSMGR_MPFE_CONFIG 0x228
+#define SOCFPGA_SYSMGR_MPFE_status 0x22C
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_0 0x230
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_1 0x234
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_2 0x238
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_3 0x23C
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_4 0x240
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_5 0x244
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_6 0x248
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_7 0x24C
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_8 0x250
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_WARM_9 0x254
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_0 0x258
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_1 0x25C
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_2 0x260
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_3 0x264
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_4 0x268
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_5 0x26C
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_6 0x270
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_7 0x274
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_8 0x278
+#define SOCFPGA_SYSMGR_BOOT_SCRATCH_POR_9 0x27C
+
+#define DMA0_STREAM_CTRL_REG 0x10D1217C
+#define DMA1_STREAM_CTRL_REG 0x10D12180
+#define SDM_STREAM_CTRL_REG 0x10D12184
+#define USB2_STREAM_CTRL_REG 0x10D12188
+#define USB3_STREAM_CTRL_REG 0x10D1218C
+#define SDMMC_STREAM_CTRL_REG 0x10D12190
+#define NAND_STREAM_CTRL_REG 0x10D12194
+#define ETR_STREAM_CTRL_REG 0x10D12198
+#define TSN0_STREAM_CTRL_REG 0x10D1219C
+#define TSN1_STREAM_CTRL_REG 0x10D121A0
+#define TSN2_STREAM_CTRL_REG 0x10D121A4
+
+/* Stream ID configuration value for Agilex5 */
+#define TSN0 0x00010001
+#define TSN1 0x00020002
+#define TSN2 0x00030003
+#define NAND 0x00040004
+#define SDMMC 0x00050005
+#define USB0 0x00060006
+#define USB1 0x00070007
+#define DMA0 0x00080008
+#define DMA1 0x00090009
+#define SDM 0x000A000A
+#define CORE_SIGHT_DEBUG 0x000B000B
+
+/* Field Masking */
+#define SYSMGR_SDMMC_DRVSEL(x) (((x) & 0x7) << 0)
+#define SYSMGR_SDMMC_SMPLSEL(x) (((x) & 0x7) << 4)
+#define IDLE_DATA_LWSOC2FPGA BIT(4)
+#define IDLE_DATA_SOC2FPGA BIT(0)
+#define IDLE_DATA_MASK (IDLE_DATA_LWSOC2FPGA | IDLE_DATA_SOC2FPGA)
+#define SYSMGR_ECC_OCRAM_MASK BIT(1)
+#define SYSMGR_ECC_DDR0_MASK BIT(16)
+#define SYSMGR_ECC_DDR1_MASK BIT(17)
+#define WSTREAMIDEN_REG_CTRL BIT(0)
+#define RSTREAMIDEN_REG_CTRL BIT(1)
+#define WMMUSECSID_REG_VAL BIT(4)
+#define RMMUSECSID_REG_VAL BIT(5)
+
+/* Macros */
+
+#define SOCFPGA_SYSMGR(_reg) (SOCFPGA_SYSMGR_REG_BASE \
+ + (SOCFPGA_SYSMGR_##_reg))
+#define ENABLE_STREAMID WSTREAMIDEN_REG_CTRL | \
+ RSTREAMIDEN_REG_CTRL
+#define ENABLE_STREAMID_SECURE_TX WSTREAMIDEN_REG_CTRL | \
+ RSTREAMIDEN_REG_CTRL | \
+ WMMUSECSID_REG_VAL | RMMUSECSID_REG_VAL
+
+#endif /* S10_SOCFPGA_SYSTEMMANAGER_H */
diff --git a/plat/intel/soc/stratix10/include/socfpga_plat_def.h b/plat/intel/soc/stratix10/include/socfpga_plat_def.h
index da6414f..8a5d4a4 100644
--- a/plat/intel/soc/stratix10/include/socfpga_plat_def.h
+++ b/plat/intel/soc/stratix10/include/socfpga_plat_def.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2019-2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2019-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -8,15 +8,23 @@
#define PLAT_SOCFPGA_DEF_H
#include <platform_def.h>
+#include "s10_system_manager.h"
/* Platform Setting */
-#define PLATFORM_MODEL PLAT_SOCFPGA_STRATIX10
-#define BOOT_SOURCE BOOT_SOURCE_SDMMC
+#define PLATFORM_MODEL PLAT_SOCFPGA_STRATIX10
+#define BOOT_SOURCE BOOT_SOURCE_SDMMC
+#define PLAT_PRIMARY_CPU 0
+#define PLAT_CLUSTER_ID_MPIDR_AFF_SHIFT MPIDR_AFF1_SHIFT
+#define PLAT_CPU_ID_MPIDR_AFF_SHIFT MPIDR_AFF0_SHIFT
/* FPGA config helpers */
#define INTEL_SIP_SMC_FPGA_CONFIG_ADDR 0x400000
#define INTEL_SIP_SMC_FPGA_CONFIG_SIZE 0x1000000
+/* QSPI Setting */
+#define CAD_QSPIDATA_OFST 0xff900000
+#define CAD_QSPI_OFFSET 0xff8d2000
+
/* Register Mapping */
#define SOCFPGA_CCU_NOC_REG_BASE 0xf7000000
#define SOCFPGA_F2SDRAMMGR_REG_BASE U(0xf8024000)
@@ -31,6 +39,53 @@
#define SOCFPGA_SOC2FPGA_SCR_REG_BASE 0xffd21200
#define SOCFPGA_LWSOC2FPGA_SCR_REG_BASE 0xffd21300
+/*******************************************************************************
+ * Platform memory map related constants
+ ******************************************************************************/
+#define DRAM_BASE (0x0)
+#define DRAM_SIZE (0x80000000)
+
+#define OCRAM_BASE (0xFFE00000)
+#define OCRAM_SIZE (0x00040000)
+
+#define MEM64_BASE (0x0100000000)
+#define MEM64_SIZE (0x1F00000000)
+
+#define DEVICE1_BASE (0x80000000)
+#define DEVICE1_SIZE (0x60000000)
+
+#define DEVICE2_BASE (0xF7000000)
+#define DEVICE2_SIZE (0x08E00000)
+
+#define DEVICE3_BASE (0xFFFC0000)
+#define DEVICE3_SIZE (0x00008000)
+
+#define DEVICE4_BASE (0x2000000000)
+#define DEVICE4_SIZE (0x0100000000)
+
+#define BL2_BASE (0xffe00000)
+#define BL2_LIMIT (0xffe1b000)
+
+#define BL31_BASE (0x1000)
+#define BL31_LIMIT (0x81000)
+
+/*******************************************************************************
+ * UART related constants
+ ******************************************************************************/
+#define PLAT_UART0_BASE (0xFFC02000)
+#define PLAT_UART1_BASE (0xFFC02100)
+
+/*******************************************************************************
+ * GIC related constants
+ ******************************************************************************/
+#define PLAT_GIC_BASE (0xFFFC0000)
+#define PLAT_GICC_BASE (PLAT_GIC_BASE + 0x2000)
+#define PLAT_GICD_BASE (PLAT_GIC_BASE + 0x1000)
+#define PLAT_GICR_BASE 0
+
+#define PLAT_SYS_COUNTER_FREQ_IN_TICKS (400000000)
+#define PLAT_HZ_CONVERT_TO_MHZ (1000000)
+
/* Platform specific system counter */
#define PLAT_SYS_COUNTER_FREQ_IN_MHZ get_cpu_clk()
diff --git a/plat/nvidia/tegra/soc/t210/plat_sip_calls.c b/plat/nvidia/tegra/soc/t210/plat_sip_calls.c
index 93d1283..f3ebd4b 100644
--- a/plat/nvidia/tegra/soc/t210/plat_sip_calls.c
+++ b/plat/nvidia/tegra/soc/t210/plat_sip_calls.c
@@ -33,8 +33,7 @@
/*******************************************************************************
* Tegra210 SiP SMCs
******************************************************************************/
-#define TEGRA_SIP_PMC_COMMANDS_LEGACY U(0xC2FEFE00)
-#define TEGRA_SIP_PMC_COMMANDS U(0xC2FFFE00)
+#define TEGRA_SIP_PMC_COMMANDS U(0xC200FE00)
/*******************************************************************************
* This function is responsible for handling all T210 SiP calls
@@ -55,10 +54,12 @@
if (!ns)
SMC_RET1(handle, SMC_UNK);
- if ((smc_fid == TEGRA_SIP_PMC_COMMANDS) || (smc_fid == TEGRA_SIP_PMC_COMMANDS_LEGACY)) {
+ if (smc_fid == TEGRA_SIP_PMC_COMMANDS) {
+
/* check the address is within PMC range and is 4byte aligned */
- if ((x2 >= TEGRA_PMC_SIZE) || (x2 & 0x3))
+ if ((x2 >= TEGRA_PMC_SIZE) || (x2 & 0x3)) {
return -EINVAL;
+ }
switch (x2) {
/* Black listed PMC registers */
diff --git a/plat/ti/k3/common/k3_bl31_setup.c b/plat/ti/k3/common/k3_bl31_setup.c
index 242b1ea..bbfb5bb 100644
--- a/plat/ti/k3/common/k3_bl31_setup.c
+++ b/plat/ti/k3/common/k3_bl31_setup.c
@@ -63,10 +63,6 @@
void bl31_early_platform_setup2(u_register_t arg0, u_register_t arg1,
u_register_t arg2, u_register_t arg3)
{
- /* There are no parameters from BL2 if BL31 is a reset vector */
- assert(arg0 == 0U);
- assert(arg1 == 0U);
-
/* Initialize the console to provide early debug support */
k3_console_setup();
diff --git a/plat/xilinx/common/include/plat_common.h b/plat/xilinx/common/include/plat_common.h
new file mode 100644
index 0000000..676baa2
--- /dev/null
+++ b/plat/xilinx/common/include/plat_common.h
@@ -0,0 +1,17 @@
+/*
+ * Copyright (c) 2023, Advanced Micro Devices, Inc. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+/* Header file to contain common macros across different platforms */
+#ifndef PLAT_COMMON_H
+#define PLAT_COMMON_H
+
+#define __bf_shf(x) (__builtin_ffsll(x) - 1U)
+#define FIELD_GET(_mask, _reg) \
+ ({ \
+ (typeof(_mask))(((_reg) & (_mask)) >> __bf_shf(_mask)); \
+ })
+
+#endif /* PLAT_COMMON_H */
diff --git a/plat/xilinx/common/include/pm_api_sys.h b/plat/xilinx/common/include/pm_api_sys.h
index baed43d..e8a9627 100644
--- a/plat/xilinx/common/include/pm_api_sys.h
+++ b/plat/xilinx/common/include/pm_api_sys.h
@@ -66,6 +66,7 @@
enum pm_ret_status pm_register_notifier(uint32_t device_id, uint32_t event,
uint32_t wake, uint32_t enable,
uint32_t flag);
+enum pm_ret_status pm_get_chipid(uint32_t *value);
/**
* Assigning of argument values into array elements.
diff --git a/plat/xilinx/common/pm_service/pm_api_sys.c b/plat/xilinx/common/pm_service/pm_api_sys.c
index c36a0ec..2f47cca 100644
--- a/plat/xilinx/common/pm_service/pm_api_sys.c
+++ b/plat/xilinx/common/pm_service/pm_api_sys.c
@@ -648,3 +648,19 @@
return pm_ipi_send_sync(primary_proc, payload, NULL, 0);
}
+
+/**
+ * pm_get_chipid() - Read silicon ID registers
+ * @value: Buffer for two 32bit words.
+ *
+ * @return: Returns status, either success or error+reason and,
+ * optionally, @value.
+ */
+enum pm_ret_status pm_get_chipid(uint32_t *value)
+{
+ uint32_t payload[PAYLOAD_ARG_CNT];
+
+ PM_PACK_PAYLOAD1(payload, LIBPM_MODULE_ID, SECURE_FLAG, PM_GET_CHIPID);
+
+ return pm_ipi_send_sync(primary_proc, payload, value, 2);
+}
diff --git a/plat/xilinx/common/versal.c b/plat/xilinx/common/versal.c
new file mode 100644
index 0000000..019c862
--- /dev/null
+++ b/plat/xilinx/common/versal.c
@@ -0,0 +1,63 @@
+/*
+ * Copyright (c) 2023, Advanced Micro Devices, Inc. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+#include <common/debug.h>
+#include <lib/mmio.h>
+#include <lib/smccc.h>
+#include <services/arm_arch_svc.h>
+
+#include <plat_private.h>
+#include <plat_startup.h>
+#include <pm_api_sys.h>
+
+/**
+ * plat_is_smccc_feature_available() - This function checks whether SMCCC
+ * feature is availabile for platform.
+ * @fid: SMCCC function id
+ *
+ * Return:
+ * * SMC_ARCH_CALL_SUCCESS - if SMCCC feature is available
+ * * SMC_ARCH_CALL_NOT_SUPPORTED - Otherwise
+ */
+int32_t plat_is_smccc_feature_available(u_register_t fid)
+{
+ switch (fid) {
+ case SMCCC_ARCH_SOC_ID:
+ return SMC_ARCH_CALL_SUCCESS;
+ default:
+ return SMC_ARCH_CALL_NOT_SUPPORTED;
+ }
+}
+
+/**
+ * plat_get_soc_version() - Get the SOC version of the platform
+ *
+ * This function is called when the SoC_ID_type == 0.
+ * For further details please refer to section 7.4 of SMC Calling Convention
+ *
+ * Return: SiP defined SoC version in JEP-106
+ */
+int32_t plat_get_soc_version(void)
+{
+ uint32_t manfid;
+
+ manfid = SOC_ID_SET_JEP_106(JEDEC_XILINX_BKID, JEDEC_XILINX_MFID);
+
+ return (int32_t)(manfid | (platform_version & SOC_ID_IMPL_DEF_MASK));
+}
+
+/**
+ * plat_get_soc_revision() - Get the SOC revision for the platform
+ *
+ * This function is called when the SoC_ID_type == 1
+ * For further details please refer to section 7.4 of SMC Calling Convention
+ *
+ * Return: SiP defined SoC revision
+ */
+int32_t plat_get_soc_revision(void)
+{
+ return (platform_id & SOC_ID_REV_MASK);
+}
diff --git a/plat/xilinx/versal/aarch64/versal_common.c b/plat/xilinx/versal/aarch64/versal_common.c
index 88da279..93deedc 100644
--- a/plat/xilinx/versal/aarch64/versal_common.c
+++ b/plat/xilinx/versal/aarch64/versal_common.c
@@ -5,15 +5,20 @@
* SPDX-License-Identifier: BSD-3-Clause
*/
-#include <plat_ipi.h>
-#include <versal_def.h>
-#include <plat_private.h>
#include <common/debug.h>
#include <drivers/generic_delay_timer.h>
#include <lib/mmio.h>
#include <lib/xlat_tables/xlat_tables_v2.h>
#include <plat/common/platform.h>
+#include <plat_common.h>
+#include <plat_ipi.h>
+#include <plat_private.h>
+#include <pm_api_sys.h>
+#include <versal_def.h>
+
+uint32_t platform_id, platform_version;
+
/*
* Table of regions to map using the MMU.
* This doesn't include TZRAM as the 'mem_layout' argument passed to
@@ -53,3 +58,18 @@
return VERSAL_CPU_CLOCK;
}
+void board_detection(void)
+{
+ uint32_t plat_info[2];
+
+ if (pm_get_chipid(plat_info) != PM_RET_SUCCESS) {
+ /* If the call is failed we cannot proceed with further
+ * setup. TF-A to panic in this situation.
+ */
+ NOTICE("Failed to read the chip information");
+ panic();
+ }
+
+ platform_id = FIELD_GET(PLATFORM_MASK, plat_info[1]);
+ platform_version = FIELD_GET(PLATFORM_VERSION_MASK, plat_info[1]);
+}
diff --git a/plat/xilinx/versal/bl31_versal_setup.c b/plat/xilinx/versal/bl31_versal_setup.c
index add8dc4..54ebc22 100644
--- a/plat/xilinx/versal/bl31_versal_setup.c
+++ b/plat/xilinx/versal/bl31_versal_setup.c
@@ -1,7 +1,7 @@
/*
* Copyright (c) 2018-2021, Arm Limited and Contributors. All rights reserved.
* Copyright (c) 2018-2022, Xilinx, Inc. All rights reserved.
- * Copyright (c) 2022, Advanced Micro Devices, Inc. All rights reserved.
+ * Copyright (c) 2022-2023, Advanced Micro Devices, Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -98,6 +98,9 @@
/* Initialize the platform config for future decision making */
versal_config_setup();
+ /* Get platform related information */
+ board_detection();
+
/*
* Do initial security configuration to allow DRAM/device access. On
* Base VERSAL only DRAM security is programmable (via TrustZone), but
diff --git a/plat/xilinx/versal/include/plat_ipi.h b/plat/xilinx/versal/include/plat_ipi.h
index 9143dc6..e4922e4 100644
--- a/plat/xilinx/versal/include/plat_ipi.h
+++ b/plat/xilinx/versal/include/plat_ipi.h
@@ -1,5 +1,6 @@
/*
- * Copyright (c) 2019, Xilinx, Inc. All rights reserved.
+ * Copyright (c) 2019-2022, Xilinx, Inc. All rights reserved.
+ * Copyright (c) 2022-2023, Advanced Micro Devices, Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -28,16 +29,14 @@
********************************************************************/
#define IPI_BUFFER_BASEADDR 0xFF3F0000U
-#define IPI_BUFFER_APU_BASE (IPI_BUFFER_BASEADDR + 0x400U)
-#define IPI_BUFFER_PMC_BASE (IPI_BUFFER_BASEADDR + 0x200U)
+#define IPI_LOCAL_ID IPI_ID_APU
+#define IPI_REMOTE_ID IPI_ID_PMC
-#define IPI_BUFFER_TARGET_APU_OFFSET 0x80U
-#define IPI_BUFFER_TARGET_PMC_OFFSET 0x40U
+#define IPI_BUFFER_LOCAL_BASE (IPI_BUFFER_BASEADDR + (IPI_LOCAL_ID * 0x200U))
+#define IPI_BUFFER_REMOTE_BASE (IPI_BUFFER_BASEADDR + (IPI_REMOTE_ID * 0x200U))
-#define IPI_BUFFER_REMOTE_BASE IPI_BUFFER_PMC_BASE
-
-#define IPI_BUFFER_TARGET_LOCAL_OFFSET IPI_BUFFER_TARGET_APU_OFFSET
-#define IPI_BUFFER_TARGET_REMOTE_OFFSET IPI_BUFFER_TARGET_PMC_OFFSET
+#define IPI_BUFFER_TARGET_LOCAL_OFFSET (IPI_LOCAL_ID * 0x40U)
+#define IPI_BUFFER_TARGET_REMOTE_OFFSET (IPI_REMOTE_ID * 0x40U)
#define IPI_BUFFER_MAX_WORDS 8
@@ -51,4 +50,20 @@
/* Configure IPI table for versal */
void versal_ipi_config_table_init(void);
+/* IPI registers and bitfields */
+#define PMC_REG_BASE U(0xFF320000)
+#define PMC_IPI_TRIG_BIT (1U << 1U)
+#define IPI0_REG_BASE U(0xFF330000)
+#define IPI0_TRIG_BIT (1U << 2U)
+#define IPI1_REG_BASE U(0xFF340000)
+#define IPI1_TRIG_BIT (1U << 3U)
+#define IPI2_REG_BASE U(0xFF350000)
+#define IPI2_TRIG_BIT (1U << 4U)
+#define IPI3_REG_BASE U(0xFF360000)
+#define IPI3_TRIG_BIT (1U << 5U)
+#define IPI4_REG_BASE U(0xFF370000)
+#define IPI4_TRIG_BIT (1U << 5U)
+#define IPI5_REG_BASE U(0xFF380000)
+#define IPI5_TRIG_BIT (1U << 6U)
+
#endif /* PLAT_IPI_H */
diff --git a/plat/xilinx/versal/include/plat_private.h b/plat/xilinx/versal/include/plat_private.h
index a6c9e9a..b3f6aca 100644
--- a/plat/xilinx/versal/include/plat_private.h
+++ b/plat/xilinx/versal/include/plat_private.h
@@ -1,7 +1,7 @@
/*
* Copyright (c) 2018-2019, Arm Limited and Contributors. All rights reserved.
* Copyright (c) 2018-2022, Xilinx, Inc. All rights reserved.
- * Copyright (c) 2022, Advanced Micro Devices, Inc. All rights reserved.
+ * Copyright (c) 2022-2023, Advanced Micro Devices, Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -21,6 +21,9 @@
const mmap_region_t *plat_versal_get_mmap(void);
+extern uint32_t platform_id, platform_version;
+
+void board_detection(void);
void plat_versal_gic_driver_init(void);
void plat_versal_gic_init(void);
void plat_versal_gic_cpuif_enable(void);
diff --git a/plat/xilinx/versal/include/platform_def.h b/plat/xilinx/versal/include/platform_def.h
index b7a94c1..6c1d8b6 100644
--- a/plat/xilinx/versal/include/platform_def.h
+++ b/plat/xilinx/versal/include/platform_def.h
@@ -33,12 +33,12 @@
*/
#ifndef VERSAL_ATF_MEM_BASE
# define BL31_BASE U(0xfffe0000)
-# define BL31_LIMIT U(0xffffffff)
+# define BL31_LIMIT U(0x100000000)
#else
# define BL31_BASE (VERSAL_ATF_MEM_BASE)
-# define BL31_LIMIT (VERSAL_ATF_MEM_BASE + VERSAL_ATF_MEM_SIZE - 1)
+# define BL31_LIMIT (VERSAL_ATF_MEM_BASE + VERSAL_ATF_MEM_SIZE)
# ifdef VERSAL_ATF_MEM_PROGBITS_SIZE
-# define BL31_PROGBITS_LIMIT (VERSAL_ATF_MEM_BASE + VERSAL_ATF_MEM_PROGBITS_SIZE - 1)
+# define BL31_PROGBITS_LIMIT (VERSAL_ATF_MEM_BASE + VERSAL_ATF_MEM_PROGBITS_SIZE)
# endif
#endif
@@ -47,10 +47,10 @@
******************************************************************************/
#ifndef VERSAL_BL32_MEM_BASE
# define BL32_BASE U(0x60000000)
-# define BL32_LIMIT U(0x7fffffff)
+# define BL32_LIMIT U(0x80000000)
#else
# define BL32_BASE (VERSAL_BL32_MEM_BASE)
-# define BL32_LIMIT (VERSAL_BL32_MEM_BASE + VERSAL_BL32_MEM_SIZE - 1)
+# define BL32_LIMIT (VERSAL_BL32_MEM_BASE + VERSAL_BL32_MEM_SIZE)
#endif
/*******************************************************************************
@@ -66,7 +66,7 @@
* TSP specific defines.
******************************************************************************/
#define TSP_SEC_MEM_BASE BL32_BASE
-#define TSP_SEC_MEM_SIZE (BL32_LIMIT - BL32_BASE + 1)
+#define TSP_SEC_MEM_SIZE (BL32_LIMIT - BL32_BASE)
/* ID of the secure physical generic timer interrupt used by the TSP */
#define TSP_IRQ_SEC_PHY_TIMER ARM_IRQ_SEC_PHY_TIMER
diff --git a/plat/xilinx/versal/include/versal_def.h b/plat/xilinx/versal/include/versal_def.h
index fb90aa0..a8cf0df 100644
--- a/plat/xilinx/versal/include/versal_def.h
+++ b/plat/xilinx/versal/include/versal_def.h
@@ -1,7 +1,7 @@
/*
* Copyright (c) 2018-2022, Arm Limited and Contributors. All rights reserved.
* Copyright (c) 2019-2022, Xilinx, Inc. All rights reserved.
- * Copyright (c) 2022, Advanced Micro Devices, Inc. All rights reserved.
+ * Copyright (c) 2022-2023, Advanced Micro Devices, Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -12,6 +12,9 @@
#include <plat/arm/common/smccc_def.h>
#include <plat/common/common_def.h>
+#define PLATFORM_MASK GENMASK(27U, 24U)
+#define PLATFORM_VERSION_MASK GENMASK(31U, 28U)
+
/* number of interrupt handlers. increase as required */
#define MAX_INTR_EL3 2
/* List all consoles */
@@ -126,20 +129,4 @@
#define PMC_GLOBAL_BASE 0xF1110000U
#define PMC_GLOBAL_GLOB_GEN_STORAGE4 (PMC_GLOBAL_BASE + 0x40U)
-/* IPI registers and bitfields */
-#define PMC_REG_BASE U(0xFF320000)
-#define PMC_IPI_TRIG_BIT (1U << 1U)
-#define IPI0_REG_BASE U(0xFF330000)
-#define IPI0_TRIG_BIT (1U << 2U)
-#define IPI1_REG_BASE U(0xFF340000)
-#define IPI1_TRIG_BIT (1U << 3U)
-#define IPI2_REG_BASE U(0xFF350000)
-#define IPI2_TRIG_BIT (1U << 4U)
-#define IPI3_REG_BASE U(0xFF360000)
-#define IPI3_TRIG_BIT (1U << 5U)
-#define IPI4_REG_BASE U(0xFF370000)
-#define IPI4_TRIG_BIT (1U << 5U)
-#define IPI5_REG_BASE U(0xFF380000)
-#define IPI5_TRIG_BIT (1U << 6U)
-
#endif /* VERSAL_DEF_H */
diff --git a/plat/xilinx/versal/platform.mk b/plat/xilinx/versal/platform.mk
index 67ee7bf..0b6aea0 100644
--- a/plat/xilinx/versal/platform.mk
+++ b/plat/xilinx/versal/platform.mk
@@ -85,6 +85,7 @@
plat/xilinx/common/pm_service/pm_ipi.c \
plat/xilinx/common/pm_service/pm_api_sys.c \
plat/xilinx/common/pm_service/pm_svc_main.c \
+ plat/xilinx/common/versal.c \
plat/xilinx/versal/bl31_versal_setup.c \
plat/xilinx/versal/plat_psci.c \
plat/xilinx/versal/plat_versal.c \
diff --git a/plat/xilinx/versal/pm_service/pm_client.c b/plat/xilinx/versal/pm_service/pm_client.c
index ecec405..81a5445 100644
--- a/plat/xilinx/versal/pm_service/pm_client.c
+++ b/plat/xilinx/versal/pm_service/pm_client.c
@@ -29,9 +29,9 @@
DEFINE_BAKERY_LOCK(pm_client_secure_lock);
static const struct pm_ipi apu_ipi = {
- .local_ipi_id = IPI_ID_APU,
- .remote_ipi_id = IPI_ID_PMC,
- .buffer_base = IPI_BUFFER_APU_BASE,
+ .local_ipi_id = IPI_LOCAL_ID,
+ .remote_ipi_id = IPI_REMOTE_ID,
+ .buffer_base = IPI_BUFFER_LOCAL_BASE,
};
/* Order in pm_procs_all array must match cpu ids */
diff --git a/plat/xilinx/versal/versal_ipi.c b/plat/xilinx/versal/versal_ipi.c
index 67915f4..51eb759 100644
--- a/plat/xilinx/versal/versal_ipi.c
+++ b/plat/xilinx/versal/versal_ipi.c
@@ -1,5 +1,6 @@
/*
- * Copyright (c) 2019-2021, Xilinx, Inc. All rights reserved.
+ * Copyright (c) 2019-2022, Xilinx, Inc. All rights reserved.
+ * Copyright (c) 2022-2023, Advanced Micro Devices, Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -8,15 +9,9 @@
* Versal IPI agent registers access management
*/
-#include <errno.h>
+#include <lib/utils_def.h>
#include <ipi.h>
#include <plat_ipi.h>
-#include <plat_private.h>
-#include <string.h>
-#include <common/debug.h>
-#include <common/runtime_svc.h>
-#include <lib/bakery_lock.h>
-#include <lib/mmio.h>
/* versal ipi configuration table */
static const struct ipi_config versal_ipi_table[] = {
diff --git a/plat/xilinx/versal_net/aarch64/versal_net_common.c b/plat/xilinx/versal_net/aarch64/versal_net_common.c
index 1a57330..b2de411 100644
--- a/plat/xilinx/versal_net/aarch64/versal_net_common.c
+++ b/plat/xilinx/versal_net/aarch64/versal_net_common.c
@@ -1,7 +1,7 @@
/*
* Copyright (c) 2021-2022, Arm Limited and Contributors. All rights reserved.
* Copyright (c) 2018-2022, Xilinx, Inc. All rights reserved.
- * Copyright (c) 2022, Advanced Micro Devices, Inc. All rights reserved.
+ * Copyright (c) 2022-2023, Advanced Micro Devices, Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -12,6 +12,7 @@
#include <lib/mmio.h>
#include <lib/xlat_tables/xlat_tables_v2.h>
#include <plat/common/platform.h>
+#include <plat_common.h>
#include <plat_ipi.h>
#include <plat_private.h>
diff --git a/plat/xilinx/versal_net/include/plat_ipi.h b/plat/xilinx/versal_net/include/plat_ipi.h
index 30c51b5..9f9947e 100644
--- a/plat/xilinx/versal_net/include/plat_ipi.h
+++ b/plat/xilinx/versal_net/include/plat_ipi.h
@@ -1,6 +1,6 @@
/*
* Copyright (c) 2022, Xilinx, Inc. All rights reserved.
- * Copyright (c) 2022, Advanced Micro Devices, Inc. All rights reserved.
+ * Copyright (c) 2022-2023, Advanced Micro Devices, Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -31,16 +31,14 @@
********************************************************************/
#define IPI_BUFFER_BASEADDR (0xEB3F0000U)
-#define IPI_BUFFER_APU_BASE (IPI_BUFFER_BASEADDR + 0x400U)
-#define IPI_BUFFER_PMC_BASE (IPI_BUFFER_BASEADDR + 0x200U)
+#define IPI_LOCAL_ID IPI_ID_APU
+#define IPI_REMOTE_ID IPI_ID_PMC
-#define IPI_BUFFER_TARGET_APU_OFFSET 0x80U
-#define IPI_BUFFER_TARGET_PMC_OFFSET 0x40U
+#define IPI_BUFFER_LOCAL_BASE (IPI_BUFFER_BASEADDR + (IPI_LOCAL_ID * 0x200U))
+#define IPI_BUFFER_REMOTE_BASE (IPI_BUFFER_BASEADDR + (IPI_REMOTE_ID * 0x200U))
-#define IPI_BUFFER_REMOTE_BASE IPI_BUFFER_PMC_BASE
-
-#define IPI_BUFFER_TARGET_LOCAL_OFFSET IPI_BUFFER_TARGET_APU_OFFSET
-#define IPI_BUFFER_TARGET_REMOTE_OFFSET IPI_BUFFER_TARGET_PMC_OFFSET
+#define IPI_BUFFER_TARGET_LOCAL_OFFSET (IPI_LOCAL_ID * 0x40U)
+#define IPI_BUFFER_TARGET_REMOTE_OFFSET (IPI_REMOTE_ID * 0x40U)
#define IPI_BUFFER_MAX_WORDS 8
@@ -54,4 +52,21 @@
/* Configure IPI table for versal_net */
void versal_net_ipi_config_table_init(void);
+/*******************************************************************************
+ * IPI registers and bitfields
+ ******************************************************************************/
+#define IPI0_REG_BASE (0xEB330000U)
+#define IPI0_TRIG_BIT (1 << 2)
+#define PMC_IPI_TRIG_BIT (1 << 1)
+#define IPI1_REG_BASE (0xEB340000U)
+#define IPI1_TRIG_BIT (1 << 3)
+#define IPI2_REG_BASE (0xEB350000U)
+#define IPI2_TRIG_BIT (1 << 4)
+#define IPI3_REG_BASE (0xEB360000U)
+#define IPI3_TRIG_BIT (1 << 5)
+#define IPI4_REG_BASE (0xEB370000U)
+#define IPI4_TRIG_BIT (1 << 6)
+#define IPI5_REG_BASE (0xEB380000U)
+#define IPI5_TRIG_BIT (1 << 7)
+
#endif /* PLAT_IPI_H */
diff --git a/plat/xilinx/versal_net/include/platform_def.h b/plat/xilinx/versal_net/include/platform_def.h
index b3bc80b..b256b05 100644
--- a/plat/xilinx/versal_net/include/platform_def.h
+++ b/plat/xilinx/versal_net/include/platform_def.h
@@ -38,13 +38,13 @@
*/
#ifndef VERSAL_NET_ATF_MEM_BASE
# define BL31_BASE U(0xBBF00000)
-# define BL31_LIMIT U(0xBBFFFFFF)
+# define BL31_LIMIT U(0xBC000000)
#else
# define BL31_BASE U(VERSAL_NET_ATF_MEM_BASE)
-# define BL31_LIMIT U(VERSAL_NET_ATF_MEM_BASE + VERSAL_NET_ATF_MEM_SIZE - 1)
+# define BL31_LIMIT U(VERSAL_NET_ATF_MEM_BASE + VERSAL_NET_ATF_MEM_SIZE)
# ifdef VERSAL_NET_ATF_MEM_PROGBITS_SIZE
# define BL31_PROGBITS_LIMIT U(VERSAL_NET_ATF_MEM_BASE + \
- VERSAL_NET_ATF_MEM_PROGBITS_SIZE - 1)
+ VERSAL_NET_ATF_MEM_PROGBITS_SIZE)
# endif
#endif
@@ -53,10 +53,10 @@
******************************************************************************/
#ifndef VERSAL_NET_BL32_MEM_BASE
# define BL32_BASE U(0x60000000)
-# define BL32_LIMIT U(0x7FFFFFFF)
+# define BL32_LIMIT U(0x80000000)
#else
# define BL32_BASE U(VERSAL_NET_BL32_MEM_BASE)
-# define BL32_LIMIT U(VERSAL_NET_BL32_MEM_BASE + VERSAL_NET_BL32_MEM_SIZE - 1)
+# define BL32_LIMIT U(VERSAL_NET_BL32_MEM_BASE + VERSAL_NET_BL32_MEM_SIZE)
#endif
/*******************************************************************************
@@ -72,7 +72,7 @@
* TSP specific defines.
******************************************************************************/
#define TSP_SEC_MEM_BASE BL32_BASE
-#define TSP_SEC_MEM_SIZE (BL32_LIMIT - BL32_BASE + 1U)
+#define TSP_SEC_MEM_SIZE (BL32_LIMIT - BL32_BASE)
/* ID of the secure physical generic timer interrupt used by the TSP */
#define TSP_IRQ_SEC_PHY_TIMER ARM_IRQ_SEC_PHY_TIMER
diff --git a/plat/xilinx/versal_net/include/versal_net_def.h b/plat/xilinx/versal_net/include/versal_net_def.h
index 8fb71f9..758882c 100644
--- a/plat/xilinx/versal_net/include/versal_net_def.h
+++ b/plat/xilinx/versal_net/include/versal_net_def.h
@@ -13,12 +13,6 @@
#include <plat/common/common_def.h>
#define MAX_INTR_EL3 2
-/* This part is taken from U-Boot project under GPL that's why dual license above */
-#define __bf_shf(x) (__builtin_ffsll(x) - 1U)
-#define FIELD_GET(_mask, _reg) \
- ({ \
- (typeof(_mask))(((_reg) & (_mask)) >> __bf_shf(_mask)); \
- })
/* List all consoles */
#define VERSAL_NET_CONSOLE_ID_pl011 U(1)
@@ -154,23 +148,6 @@
#define PLAT_VERSAL_NET_CRASH_UART_CLK_IN_HZ VERSAL_NET_UART_CLOCK
#define VERSAL_NET_CONSOLE_BAUDRATE VERSAL_NET_UART_BAUDRATE
-/*******************************************************************************
- * IPI registers and bitfields
- ******************************************************************************/
-#define IPI0_REG_BASE (0xEB330000U)
-#define IPI0_TRIG_BIT (1 << 2)
-#define PMC_IPI_TRIG_BIT (1 << 1)
-#define IPI1_REG_BASE (0xEB340000U)
-#define IPI1_TRIG_BIT (1 << 3)
-#define IPI2_REG_BASE (0xEB350000U)
-#define IPI2_TRIG_BIT (1 << 4)
-#define IPI3_REG_BASE (0xEB360000U)
-#define IPI3_TRIG_BIT (1 << 5)
-#define IPI4_REG_BASE (0xEB370000U)
-#define IPI4_TRIG_BIT (1 << 6)
-#define IPI5_REG_BASE (0xEB380000U)
-#define IPI5_TRIG_BIT (1 << 7)
-
/* Processor core device IDs */
#define PM_DEV_CLUSTER0_ACPU_0 (0x1810C0AFU)
#define PM_DEV_CLUSTER0_ACPU_1 (0x1810C0B0U)
diff --git a/plat/xilinx/versal_net/platform.mk b/plat/xilinx/versal_net/platform.mk
index be1200b..398ef85 100644
--- a/plat/xilinx/versal_net/platform.mk
+++ b/plat/xilinx/versal_net/platform.mk
@@ -17,6 +17,7 @@
SEPARATE_CODE_AND_RODATA := 1
override RESET_TO_BL31 := 1
PL011_GENERIC_UART := 1
+IPI_CRC_CHECK := 0
GIC_ENABLE_V4_EXTN := 0
GICV3_SUPPORT_GIC600 := 1
TFA_NO_PM := 0
@@ -49,6 +50,10 @@
$(eval $(call add_define,VERSAL_NET_BL32_MEM_SIZE))
endif
+ifdef IPI_CRC_CHECK
+ $(eval $(call add_define,IPI_CRC_CHECK))
+endif
+
USE_COHERENT_MEM := 0
HW_ASSISTED_COHERENCY := 1
@@ -99,6 +104,7 @@
BL31_SOURCES += plat/xilinx/common/plat_startup.c \
plat/xilinx/common/ipi.c \
plat/xilinx/common/ipi_mailbox_service/ipi_mailbox_svc.c \
+ plat/xilinx/common/versal.c \
${PLAT_PATH}/bl31_versal_net_setup.c \
${PLAT_PATH}/plat_topology.c \
common/fdt_fixup.c \
diff --git a/plat/xilinx/versal_net/pm_service/pm_client.c b/plat/xilinx/versal_net/pm_service/pm_client.c
index 2741d47..3387891 100644
--- a/plat/xilinx/versal_net/pm_service/pm_client.c
+++ b/plat/xilinx/versal_net/pm_service/pm_client.c
@@ -60,9 +60,9 @@
#endif
static const struct pm_ipi apu_ipi = {
- .local_ipi_id = IPI_ID_APU,
- .remote_ipi_id = IPI_ID_PMC,
- .buffer_base = IPI_BUFFER_APU_BASE,
+ .local_ipi_id = IPI_LOCAL_ID,
+ .remote_ipi_id = IPI_REMOTE_ID,
+ .buffer_base = IPI_BUFFER_LOCAL_BASE,
};
/* Order in pm_procs_all array must match cpu ids */
diff --git a/plat/xilinx/versal_net/versal_net_ipi.c b/plat/xilinx/versal_net/versal_net_ipi.c
index cf897e3..ed3f2bb 100644
--- a/plat/xilinx/versal_net/versal_net_ipi.c
+++ b/plat/xilinx/versal_net/versal_net_ipi.c
@@ -1,6 +1,6 @@
/*
* Copyright (c) 2022, Xilinx, Inc. All rights reserved.
- * Copyright (c) 2022, Advanced Micro Devices, Inc. All rights reserved.
+ * Copyright (c) 2022-2023, Advanced Micro Devices, Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -9,17 +9,9 @@
* Versal NET IPI agent registers access management
*/
-#include <errno.h>
-#include <string.h>
-
-#include <common/debug.h>
-#include <common/runtime_svc.h>
-#include <lib/bakery_lock.h>
-#include <lib/mmio.h>
-
+#include <lib/utils_def.h>
#include <ipi.h>
#include <plat_ipi.h>
-#include <plat_private.h>
/* versal_net ipi configuration table */
static const struct ipi_config versal_net_ipi_table[IPI_ID_MAX] = {
diff --git a/plat/xilinx/zynqmp/aarch64/zynqmp_common.c b/plat/xilinx/zynqmp/aarch64/zynqmp_common.c
index 8d83c3e..18ccafd 100644
--- a/plat/xilinx/zynqmp/aarch64/zynqmp_common.c
+++ b/plat/xilinx/zynqmp/aarch64/zynqmp_common.c
@@ -60,11 +60,11 @@
#if LOG_LEVEL >= LOG_LEVEL_NOTICE
static const struct {
- uint32_t id;
- uint32_t ver;
- char *name;
+ uint8_t id;
bool evexists;
-} zynqmp_devices[] = {
+ uint16_t ver;
+ char *name;
+} __packed zynqmp_devices[] = {
{
.id = 0x10,
.name = "XCZU3EG",
diff --git a/plat/xilinx/zynqmp/bl31_zynqmp_setup.c b/plat/xilinx/zynqmp/bl31_zynqmp_setup.c
index c5dbf41..2197b96 100644
--- a/plat/xilinx/zynqmp/bl31_zynqmp_setup.c
+++ b/plat/xilinx/zynqmp/bl31_zynqmp_setup.c
@@ -132,21 +132,29 @@
}
#if ZYNQMP_WDT_RESTART
-static interrupt_type_handler_t type_el3_interrupt_table[MAX_INTR_EL3];
+static zynmp_intr_info_type_el3_t type_el3_interrupt_table[MAX_INTR_EL3];
int request_intr_type_el3(uint32_t id, interrupt_type_handler_t handler)
{
+ static uint32_t index;
+ uint32_t i;
+
/* Validate 'handler' and 'id' parameters */
- if (!handler || id >= MAX_INTR_EL3) {
+ if (!handler || index >= MAX_INTR_EL3) {
return -EINVAL;
}
/* Check if a handler has already been registered */
- if (type_el3_interrupt_table[id]) {
- return -EALREADY;
+ for (i = 0; i < index; i++) {
+ if (id == type_el3_interrupt_table[i].id) {
+ return -EALREADY;
+ }
}
- type_el3_interrupt_table[id] = handler;
+ type_el3_interrupt_table[index].id = id;
+ type_el3_interrupt_table[index].handler = handler;
+
+ index++;
return 0;
}
@@ -155,12 +163,19 @@
void *handle, void *cookie)
{
uint32_t intr_id;
- interrupt_type_handler_t handler;
+ uint32_t i;
+ interrupt_type_handler_t handler = NULL;
intr_id = plat_ic_get_pending_interrupt_id();
- handler = type_el3_interrupt_table[intr_id];
+
+ for (i = 0; i < MAX_INTR_EL3; i++) {
+ if (intr_id == type_el3_interrupt_table[i].id) {
+ handler = type_el3_interrupt_table[i].handler;
+ }
+ }
+
if (handler != NULL) {
- handler(intr_id, flags, handle, cookie);
+ return handler(intr_id, flags, handle, cookie);
}
return 0;
diff --git a/plat/xilinx/zynqmp/include/plat_ipi.h b/plat/xilinx/zynqmp/include/plat_ipi.h
index dc39d32..4007b91 100644
--- a/plat/xilinx/zynqmp/include/plat_ipi.h
+++ b/plat/xilinx/zynqmp/include/plat_ipi.h
@@ -1,5 +1,7 @@
/*
* Copyright (c) 2017-2018, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2019-2022, Xilinx, Inc. All rights reserved.
+ * Copyright (c) 2022-2023, Advanced Micro Devices, Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -32,10 +34,11 @@
********************************************************************/
#define IPI_BUFFER_BASEADDR 0xFF990000U
-#define IPI_BUFFER_APU_BASE (IPI_BUFFER_BASEADDR + 0x400U)
-#define IPI_BUFFER_PMU_BASE (IPI_BUFFER_BASEADDR + 0xE00U)
+#define IPI_LOCAL_ID IPI_ID_APU
+#define IPI_REMOTE_ID IPI_ID_PMU0
-#define IPI_BUFFER_REMOTE_BASE IPI_BUFFER_PMU_BASE
+#define IPI_BUFFER_LOCAL_BASE (IPI_BUFFER_BASEADDR + 0x400U)
+#define IPI_BUFFER_REMOTE_BASE (IPI_BUFFER_BASEADDR + 0xE00U)
#define IPI_BUFFER_TARGET_LOCAL_OFFSET 0x80U
#define IPI_BUFFER_TARGET_REMOTE_OFFSET 0x1C0U
diff --git a/plat/xilinx/zynqmp/include/plat_private.h b/plat/xilinx/zynqmp/include/plat_private.h
index 9ea052d..3526b94 100644
--- a/plat/xilinx/zynqmp/include/plat_private.h
+++ b/plat/xilinx/zynqmp/include/plat_private.h
@@ -1,5 +1,6 @@
/*
* Copyright (c) 2014-2020, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2023, Advanced Micro Devices, Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -21,8 +22,12 @@
uint32_t zynqmp_get_uart_clk(void);
uint32_t zynqmp_get_bootmode(void);
-
#if ZYNQMP_WDT_RESTART
+typedef struct zynqmp_intr_info_type_el3 {
+ uint32_t id;
+ interrupt_type_handler_t handler;
+} zynmp_intr_info_type_el3_t;
+
/*
* Register handler to specific GIC entrance
* for INTR_TYPE_EL3 type of interrupt
diff --git a/plat/xilinx/zynqmp/include/platform_def.h b/plat/xilinx/zynqmp/include/platform_def.h
index d623420..f6d9ce1 100644
--- a/plat/xilinx/zynqmp/include/platform_def.h
+++ b/plat/xilinx/zynqmp/include/platform_def.h
@@ -44,13 +44,13 @@
# define BL31_LIMIT U(0x100000000)
#else
# define BL31_BASE U(0x1000)
-# define BL31_LIMIT U(0x7ffff)
+# define BL31_LIMIT U(0x80000)
#endif
#else
# define BL31_BASE (ZYNQMP_ATF_MEM_BASE)
-# define BL31_LIMIT (ZYNQMP_ATF_MEM_BASE + ZYNQMP_ATF_MEM_SIZE - 1)
+# define BL31_LIMIT (ZYNQMP_ATF_MEM_BASE + ZYNQMP_ATF_MEM_SIZE)
# ifdef ZYNQMP_ATF_MEM_PROGBITS_SIZE
-# define BL31_PROGBITS_LIMIT (ZYNQMP_ATF_MEM_BASE + ZYNQMP_ATF_MEM_PROGBITS_SIZE - 1)
+# define BL31_PROGBITS_LIMIT (ZYNQMP_ATF_MEM_BASE + ZYNQMP_ATF_MEM_PROGBITS_SIZE)
# endif
#endif
@@ -59,10 +59,10 @@
******************************************************************************/
#ifndef ZYNQMP_BL32_MEM_BASE
# define BL32_BASE U(0x60000000)
-# define BL32_LIMIT U(0x7fffffff)
+# define BL32_LIMIT U(0x80000000)
#else
# define BL32_BASE (ZYNQMP_BL32_MEM_BASE)
-# define BL32_LIMIT (ZYNQMP_BL32_MEM_BASE + ZYNQMP_BL32_MEM_SIZE - 1)
+# define BL32_LIMIT (ZYNQMP_BL32_MEM_BASE + ZYNQMP_BL32_MEM_SIZE)
#endif
/*******************************************************************************
@@ -78,7 +78,7 @@
* TSP specific defines.
******************************************************************************/
#define TSP_SEC_MEM_BASE BL32_BASE
-#define TSP_SEC_MEM_SIZE (BL32_LIMIT - BL32_BASE + 1)
+#define TSP_SEC_MEM_SIZE (BL32_LIMIT - BL32_BASE)
/* ID of the secure physical generic timer interrupt used by the TSP */
#define TSP_IRQ_SEC_PHY_TIMER ARM_IRQ_SEC_PHY_TIMER
diff --git a/plat/xilinx/zynqmp/include/zynqmp_def.h b/plat/xilinx/zynqmp/include/zynqmp_def.h
index 1de82b8..c9f555a 100644
--- a/plat/xilinx/zynqmp/include/zynqmp_def.h
+++ b/plat/xilinx/zynqmp/include/zynqmp_def.h
@@ -135,7 +135,8 @@
#define ARM_IRQ_SEC_SGI_6 14
#define ARM_IRQ_SEC_SGI_7 15
-#define MAX_INTR_EL3 128
+/* number of interrupt handlers. increase as required */
+#define MAX_INTR_EL3 2
/*******************************************************************************
* UART related constants
diff --git a/plat/xilinx/zynqmp/pm_service/pm_client.c b/plat/xilinx/zynqmp/pm_service/pm_client.c
index 2c7834d..853e9e1 100644
--- a/plat/xilinx/zynqmp/pm_service/pm_client.c
+++ b/plat/xilinx/zynqmp/pm_service/pm_client.c
@@ -35,12 +35,10 @@
DEFINE_BAKERY_LOCK(pm_client_secure_lock);
-extern const struct pm_ipi apu_ipi;
-
-const struct pm_ipi apu_ipi = {
- .local_ipi_id = IPI_ID_APU,
- .remote_ipi_id = IPI_ID_PMU0,
- .buffer_base = IPI_BUFFER_APU_BASE,
+static const struct pm_ipi apu_ipi = {
+ .local_ipi_id = IPI_LOCAL_ID,
+ .remote_ipi_id = IPI_REMOTE_ID,
+ .buffer_base = IPI_BUFFER_LOCAL_BASE,
};
static uint32_t suspend_mode = PM_SUSPEND_MODE_STD;
diff --git a/plat/xilinx/zynqmp/zynqmp_ipi.c b/plat/xilinx/zynqmp/zynqmp_ipi.c
index b14e3fd..c7d2c08 100644
--- a/plat/xilinx/zynqmp/zynqmp_ipi.c
+++ b/plat/xilinx/zynqmp/zynqmp_ipi.c
@@ -1,5 +1,7 @@
/*
* Copyright (c) 2017-2018, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2022, Xilinx, Inc. All rights reserved.
+ * Copyright (c) 2022-2023, Advanced Micro Devices, Inc. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -8,17 +10,9 @@
* Zynq UltraScale+ MPSoC IPI agent registers access management
*/
-#include <errno.h>
-#include <string.h>
-
-#include <common/debug.h>
-#include <common/runtime_svc.h>
-#include <lib/bakery_lock.h>
-#include <lib/mmio.h>
-
+#include <lib/utils_def.h>
#include <ipi.h>
#include <plat_ipi.h>
-#include <plat_private.h>
/* Zynqmp ipi configuration table */
static const struct ipi_config zynqmp_ipi_table[] = {
diff --git a/pyproject.toml b/pyproject.toml
index 46353b4..44e78d3 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -1,6 +1,6 @@
[tool.poetry]
name = "trusted-firmware-a"
-version = "2.8.0"
+version = "2.9.0"
description = "Trusted Firmware-A (TF-A) Python dependencies."
authors = ["Arm Ltd."]
license = "BSD-3-Clause"
diff --git a/services/arm_arch_svc/arm_arch_svc_setup.c b/services/arm_arch_svc/arm_arch_svc_setup.c
index 46ccd9e..bb042c7 100644
--- a/services/arm_arch_svc/arm_arch_svc_setup.c
+++ b/services/arm_arch_svc/arm_arch_svc_setup.c
@@ -6,7 +6,7 @@
#include <common/debug.h>
#include <common/runtime_svc.h>
-#include <lib/cpus/errata_report.h>
+#include <lib/cpus/errata.h>
#include <lib/cpus/wa_cve_2017_5715.h>
#include <lib/cpus/wa_cve_2018_3639.h>
#include <lib/cpus/wa_cve_2022_23960.h>
diff --git a/services/std_svc/spm/el3_spmc/spmc_shared_mem.c b/services/std_svc/spm/el3_spmc/spmc_shared_mem.c
index c039350..1f8e7ff 100644
--- a/services/std_svc/spm/el3_spmc/spmc_shared_mem.c
+++ b/services/std_svc/spm/el3_spmc/spmc_shared_mem.c
@@ -1,10 +1,11 @@
/*
- * Copyright (c) 2022, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2022-2023, ARM Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
#include <assert.h>
#include <errno.h>
+#include <inttypes.h>
#include <common/debug.h>
#include <common/runtime_svc.h>
@@ -195,24 +196,23 @@
uint32_t ffa_version, size_t *emad_size)
{
uint8_t *emad;
+
+ assert(index < desc->emad_count);
+
/*
* If the caller is using FF-A v1.0 interpret the descriptor as a v1.0
* format, otherwise assume it is a v1.1 format.
*/
if (ffa_version == MAKE_FFA_VERSION(1, 0)) {
- /* Cast our descriptor to the v1.0 format. */
- struct ffa_mtd_v1_0 *mtd_v1_0 =
- (struct ffa_mtd_v1_0 *) desc;
- emad = (uint8_t *) &(mtd_v1_0->emad);
+ emad = (uint8_t *)desc + offsetof(struct ffa_mtd_v1_0, emad);
*emad_size = sizeof(struct ffa_emad_v1_0);
} else {
- if (!is_aligned(desc->emad_offset, 16)) {
- WARN("Emad offset is not aligned.\n");
- return NULL;
- }
+ assert(is_aligned(desc->emad_offset, 16));
emad = ((uint8_t *) desc + desc->emad_offset);
*emad_size = desc->emad_size;
}
+
+ assert(((uint64_t)index * (uint64_t)*emad_size) <= UINT32_MAX);
return (emad + (*emad_size * index));
}
@@ -236,10 +236,6 @@
struct ffa_emad_v1_0 *emad = spmc_shmem_obj_get_emad(&obj->desc, 0,
ffa_version,
&emad_size);
- /* Ensure the emad array was found. */
- if (emad == NULL) {
- return NULL;
- }
/* Ensure the composite descriptor offset is aligned. */
if (!is_aligned(emad->comp_mrd_offset, 8)) {
@@ -699,6 +695,87 @@
return 0;
}
+static int
+spmc_validate_mtd_start(struct ffa_mtd *desc, uint32_t ffa_version,
+ size_t fragment_length, size_t total_length)
+{
+ unsigned long long emad_end;
+ unsigned long long emad_size;
+ unsigned long long emad_offset;
+ unsigned int min_desc_size;
+
+ /* Determine the appropriate minimum descriptor size. */
+ if (ffa_version == MAKE_FFA_VERSION(1, 0)) {
+ min_desc_size = sizeof(struct ffa_mtd_v1_0);
+ } else if (ffa_version == MAKE_FFA_VERSION(1, 1)) {
+ min_desc_size = sizeof(struct ffa_mtd);
+ } else {
+ return FFA_ERROR_INVALID_PARAMETER;
+ }
+ if (fragment_length < min_desc_size) {
+ WARN("%s: invalid length %zu < %u\n", __func__, fragment_length,
+ min_desc_size);
+ return FFA_ERROR_INVALID_PARAMETER;
+ }
+
+ if (desc->emad_count == 0U) {
+ WARN("%s: unsupported attribute desc count %u.\n",
+ __func__, desc->emad_count);
+ return FFA_ERROR_INVALID_PARAMETER;
+ }
+
+ /*
+ * If the caller is using FF-A v1.0 interpret the descriptor as a v1.0
+ * format, otherwise assume it is a v1.1 format.
+ */
+ if (ffa_version == MAKE_FFA_VERSION(1, 0)) {
+ emad_offset = emad_size = sizeof(struct ffa_emad_v1_0);
+ } else {
+ if (!is_aligned(desc->emad_offset, 16)) {
+ WARN("%s: Emad offset %" PRIx32 " is not 16-byte aligned.\n",
+ __func__, desc->emad_offset);
+ return FFA_ERROR_INVALID_PARAMETER;
+ }
+ if (desc->emad_offset < sizeof(struct ffa_mtd)) {
+ WARN("%s: Emad offset too small: 0x%" PRIx32 " < 0x%zx.\n",
+ __func__, desc->emad_offset,
+ sizeof(struct ffa_mtd));
+ return FFA_ERROR_INVALID_PARAMETER;
+ }
+ emad_offset = desc->emad_offset;
+ if (desc->emad_size < sizeof(struct ffa_emad_v1_0)) {
+ WARN("%s: Bad emad size (%" PRIu32 " < %zu).\n", __func__,
+ desc->emad_size, sizeof(struct ffa_emad_v1_0));
+ return FFA_ERROR_INVALID_PARAMETER;
+ }
+ if (!is_aligned(desc->emad_size, 16)) {
+ WARN("%s: Emad size 0x%" PRIx32 " is not 16-byte aligned.\n",
+ __func__, desc->emad_size);
+ return FFA_ERROR_INVALID_PARAMETER;
+ }
+ emad_size = desc->emad_size;
+ }
+
+ /*
+ * Overflow is impossible: the arithmetic happens in at least 64-bit
+ * precision, but all of the operands are bounded by UINT32_MAX, and
+ * ((2^32 - 1)^2 + (2^32 - 1) + (2^32 - 1)) = ((2^32 - 1) * (2^32 + 1))
+ * = (2^64 - 1).
+ */
+ CASSERT(sizeof(desc->emad_count == 4), assert_emad_count_max_too_large);
+ emad_end = (desc->emad_count * (unsigned long long)emad_size) +
+ (unsigned long long)sizeof(struct ffa_comp_mrd) +
+ (unsigned long long)emad_offset;
+
+ if (emad_end > total_length) {
+ WARN("%s: Composite memory region extends beyond descriptor: 0x%llx > 0x%zx\n",
+ __func__, emad_end, total_length);
+ return FFA_ERROR_INVALID_PARAMETER;
+ }
+
+ return 0;
+}
+
/**
* spmc_shmem_check_obj - Check that counts in descriptor match overall size.
* @obj: Object containing ffa_memory_region_descriptor.
@@ -724,7 +801,6 @@
size_t expected_size;
size_t total_page_count;
size_t emad_size;
- size_t desc_size;
size_t header_emad_size;
uint32_t offset;
struct ffa_comp_mrd *comp;
@@ -732,10 +808,6 @@
emad = spmc_shmem_obj_get_emad(&obj->desc, emad_num,
ffa_version, &emad_size);
- if (emad == NULL) {
- WARN("%s: invalid emad structure.\n", __func__);
- return -EINVAL;
- }
/*
* Validate the calculated emad address resides within the
@@ -749,13 +821,23 @@
offset = emad->comp_mrd_offset;
- if (ffa_version == MAKE_FFA_VERSION(1, 0)) {
- desc_size = sizeof(struct ffa_mtd_v1_0);
+ /*
+ * The offset provided to the composite memory region descriptor
+ * should be consistent across endpoint descriptors. Store the
+ * first entry and compare against subsequent entries.
+ */
+ if (comp_mrd_offset == 0) {
+ comp_mrd_offset = offset;
} else {
- desc_size = sizeof(struct ffa_mtd);
+ if (comp_mrd_offset != offset) {
+ ERROR("%s: mismatching offsets provided, %u != %u\n",
+ __func__, offset, comp_mrd_offset);
+ return -EINVAL;
+ }
+ continue; /* Remainder only executed on first iteration. */
}
- header_emad_size = desc_size +
+ header_emad_size = (size_t)((uint8_t *)emad - (uint8_t *)&obj->desc) +
(obj->desc.emad_count * emad_size);
if (offset < header_emad_size) {
@@ -805,29 +887,6 @@
return -EINVAL;
}
- if (obj->desc_filled < obj->desc_size) {
- /*
- * The whole descriptor has not yet been received.
- * Skip final checks.
- */
- return 0;
- }
-
- /*
- * The offset provided to the composite memory region descriptor
- * should be consistent across endpoint descriptors. Store the
- * first entry and compare against subsequent entries.
- */
- if (comp_mrd_offset == 0) {
- comp_mrd_offset = offset;
- } else {
- if (comp_mrd_offset != offset) {
- ERROR("%s: mismatching offsets provided, %u != %u\n",
- __func__, offset, comp_mrd_offset);
- return -EINVAL;
- }
- }
-
total_page_count = 0;
for (size_t i = 0; i < count; i++) {
@@ -960,16 +1019,17 @@
if (obj->desc_filled == 0U) {
/* First fragment, descriptor header has been copied */
+ ret = spmc_validate_mtd_start(&obj->desc, ffa_version,
+ fragment_length, obj->desc_size);
+ if (ret != 0) {
+ goto err_bad_desc;
+ }
+
obj->desc.handle = spmc_shmem_obj_state.next_handle++;
obj->desc.flags |= mtd_flag;
}
obj->desc_filled += fragment_length;
- ret = spmc_shmem_check_obj(obj, ffa_version);
- if (ret != 0) {
- ret = FFA_ERROR_INVALID_PARAMETER;
- goto err_bad_desc;
- }
handle_low = (uint32_t)obj->desc.handle;
handle_high = obj->desc.handle >> 32;
@@ -982,6 +1042,12 @@
/* The full descriptor has been received, perform any final checks. */
+ ret = spmc_shmem_check_obj(obj, ffa_version);
+ if (ret != 0) {
+ ret = FFA_ERROR_INVALID_PARAMETER;
+ goto err_bad_desc;
+ }
+
/*
* If a partition ID resides in the secure world validate that the
* partition ID is for a known partition. Ignore any partition ID
@@ -991,10 +1057,6 @@
for (size_t i = 0; i < obj->desc.emad_count; i++) {
emad = spmc_shmem_obj_get_emad(&obj->desc, i, ffa_version,
&emad_size);
- if (emad == NULL) {
- ret = FFA_ERROR_INVALID_PARAMETER;
- goto err_bad_desc;
- }
ffa_endpoint_id16_t ep_id = emad->mapd.endpoint_id;
@@ -1012,18 +1074,11 @@
for (size_t i = 0; i < obj->desc.emad_count; i++) {
emad = spmc_shmem_obj_get_emad(&obj->desc, i, ffa_version,
&emad_size);
- if (emad == NULL) {
- ret = FFA_ERROR_INVALID_PARAMETER;
- goto err_bad_desc;
- }
+
for (size_t j = i + 1; j < obj->desc.emad_count; j++) {
other_emad = spmc_shmem_obj_get_emad(&obj->desc, j,
ffa_version,
&emad_size);
- if (other_emad == NULL) {
- ret = FFA_ERROR_INVALID_PARAMETER;
- goto err_bad_desc;
- }
if (emad->mapd.endpoint_id ==
other_emad->mapd.endpoint_id) {
@@ -1142,6 +1197,7 @@
struct mailbox *mbox = spmc_get_mbox_desc(secure_origin);
ffa_mtd_flag32_t mtd_flag;
uint32_t ffa_version = get_partition_ffa_version(secure_origin);
+ size_t min_desc_size;
if (address != 0U || page_count != 0U) {
WARN("%s: custom memory region for message not supported.\n",
@@ -1156,11 +1212,18 @@
FFA_ERROR_INVALID_PARAMETER);
}
- /*
- * Check if the descriptor is smaller than the v1.0 descriptor. The
- * descriptor cannot be smaller than this structure.
- */
- if (fragment_length < sizeof(struct ffa_mtd_v1_0)) {
+ if (ffa_version == MAKE_FFA_VERSION(1, 0)) {
+ min_desc_size = sizeof(struct ffa_mtd_v1_0);
+ } else if (ffa_version == MAKE_FFA_VERSION(1, 1)) {
+ min_desc_size = sizeof(struct ffa_mtd);
+ } else {
+ WARN("%s: bad FF-A version.\n", __func__);
+ return spmc_ffa_error_return(handle,
+ FFA_ERROR_INVALID_PARAMETER);
+ }
+
+ /* Check if the descriptor is too small for the FF-A version. */
+ if (fragment_length < min_desc_size) {
WARN("%s: bad first fragment size %u < %zu\n",
__func__, fragment_length, sizeof(struct ffa_mtd_v1_0));
return spmc_ffa_error_return(handle,
@@ -1482,11 +1545,6 @@
emad = spmc_shmem_obj_get_emad(req, i, ffa_version,
&emad_size);
- if (emad == NULL) {
- WARN("%s: invalid emad structure.\n", __func__);
- ret = FFA_ERROR_INVALID_PARAMETER;
- goto err_unlock_all;
- }
if ((uintptr_t) emad >= (uintptr_t)
((uint8_t *) req + total_length)) {
@@ -1510,21 +1568,12 @@
emad = spmc_shmem_obj_get_emad(req, i, ffa_version,
&emad_size);
- if (emad == NULL) {
- ret = FFA_ERROR_INVALID_PARAMETER;
- goto err_unlock_all;
- }
for (size_t j = 0; j < obj->desc.emad_count; j++) {
other_emad = spmc_shmem_obj_get_emad(
&obj->desc, j, MAKE_FFA_VERSION(1, 1),
&emad_size);
- if (other_emad == NULL) {
- ret = FFA_ERROR_INVALID_PARAMETER;
- goto err_unlock_all;
- }
-
if (req->emad_count &&
emad->mapd.endpoint_id ==
other_emad->mapd.endpoint_id) {
diff --git a/tools/conventional-changelog-tf-a/package.json b/tools/conventional-changelog-tf-a/package.json
index 3dd9877..116b28b 100644
--- a/tools/conventional-changelog-tf-a/package.json
+++ b/tools/conventional-changelog-tf-a/package.json
@@ -1,6 +1,6 @@
{
"name": "conventional-changelog-tf-a",
- "version": "2.8.0",
+ "version": "2.9.0",
"license": "BSD-3-Clause",
"private": true,
"main": "index.js",