]> git.baikalelectronics.ru Git - arm-tf.git/log
arm-tf.git
2 years agoMerge "fix(mpam): remove unwanted param for "endfunc" macro" into integration
Manish Pandey [Fri, 13 Jan 2023 09:07:42 +0000 (10:07 +0100)]
Merge "fix(mpam): remove unwanted param for "endfunc" macro" into integration

2 years agoMerge changes from topic "tonnad01/rdn2cfg3" into integration
Manish V Badarkhe [Thu, 12 Jan 2023 21:15:40 +0000 (22:15 +0100)]
Merge changes from topic "tonnad01/rdn2cfg3" into integration

* changes:
  feat(rdn2): add platform id value for rdn2 variant 3
  refactor(rdn2): reduce use of CSS_SGI_PLATFORM_VARIANT build flag

2 years agoMerge changes Id4570f91,Ibdf1af70 into integration
Sandrine Bailleux [Thu, 12 Jan 2023 19:36:08 +0000 (20:36 +0100)]
Merge changes Id4570f91,Ibdf1af70 into integration

* changes:
  fix(auth): properly validate X.509 extensions
  fix(auth): avoid out-of-bounds read in auth_nvctr()

2 years agofeat(rdn2): add platform id value for rdn2 variant 3
Tony K Nadackal [Wed, 24 Nov 2021 16:09:26 +0000 (16:09 +0000)]
feat(rdn2): add platform id value for rdn2 variant 3

The RD-N2-Cfg3 platform is a variant of the RD-N2 platform with the
significant difference being the number of ITS blocks and the use of a
different part number.

Signed-off-by: Tony K Nadackal <tony.nadackal@arm.com>
Change-Id: Id4c5faeae44f21da79cb59540558192d0b02b124

2 years agorefactor(rdn2): reduce use of CSS_SGI_PLATFORM_VARIANT build flag
Tony K Nadackal [Sat, 12 Nov 2022 23:21:20 +0000 (23:21 +0000)]
refactor(rdn2): reduce use of CSS_SGI_PLATFORM_VARIANT build flag

The core count is one of the significant difference between the various
RD-N2 platform variants. The PLAT_ARM_CLUSTER_COUNT macro defines the
number of core/cluster for a variant. In preparation to add another
variant of RD-N2 platform, replace the use of CSS_SGI_PLATFORM_VARIANT
build flag, where applicable, with the PLAT_ARM_CLUSTER_COUNT macro.
This helps to reduce the changes required to add support for a new
variant.

Signed-off-by: Tony K Nadackal <tony.nadackal@arm.com>
Change-Id: I89b168308d1b5f7edd402205dd25d6c3a355e100

2 years agoMerge changes from topic "fix-power-up-dwn-issue" into integration
Joanna Farley [Thu, 12 Jan 2023 10:11:28 +0000 (11:11 +0100)]
Merge changes from topic "fix-power-up-dwn-issue" into integration

* changes:
  fix(versal-net): enable wake interrupt during client suspend
  fix(versal-net): disable wakeup interrupt during client wakeup
  fix(versal-net): clear power down bit during wakeup
  fix(versal-net): fix setting power down state
  fix(versal-net): clear power down interrupt status before enable
  fix(versal-net): resolve misra rule 20.7 warnings
  fix(versal-net): resolve misra 10.6 warnings

2 years agoMerge "fix(versal): print proper atf handoff source" into integration
Joanna Farley [Thu, 12 Jan 2023 10:08:52 +0000 (11:08 +0100)]
Merge "fix(versal): print proper atf handoff source" into integration

2 years agoMerge "fix(cpus): workaround for Cortex-X2 erratum 2282622" into integration
Madhukar Pappireddy [Wed, 11 Jan 2023 21:06:28 +0000 (22:06 +0100)]
Merge "fix(cpus): workaround for Cortex-X2 erratum 2282622" into integration

2 years agoMerge "fix(cpus): workaround for Cortex-A710 erratum 2282622" into integration
Lauren Wehrmeister [Wed, 11 Jan 2023 19:57:27 +0000 (20:57 +0100)]
Merge "fix(cpus): workaround for Cortex-A710 erratum 2282622" into integration

2 years agofix(cpus): workaround for Cortex-X2 erratum 2282622
Bipin Ravi [Thu, 22 Dec 2022 20:19:59 +0000 (14:19 -0600)]
fix(cpus): workaround for Cortex-X2 erratum 2282622

Cortex-X2 erratum 2282622 is a Cat B erratum that applies to
all revisions <=r2p1 and is still open. The workaround is to set
CPUACTLR2_EL1[0] to 1 to force PLDW/PFRM ST to behave like
PLD/PRFM LD and not cause invalidations to other PE caches.

SDEN documentation:
https://developer.arm.com/documentation/SDEN1775100/latest

Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: I43956aa4898a8608eedc5d0dd1471172c641a0c6

2 years agofix(versal): print proper atf handoff source
Akshay Belsare [Wed, 11 Jan 2023 06:15:25 +0000 (11:45 +0530)]
fix(versal): print proper atf handoff source

Versal uses PLM in the boot flow and printing FSBL in the log for
handoff parameters is misleading. Print proper source of TF-A
handoff parameters.

Change-Id: I331e2eac2f5d30beed8573940ae02094254a759b
Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>
2 years agofix(auth): properly validate X.509 extensions
Demi Marie Obenour [Fri, 9 Dec 2022 22:19:08 +0000 (17:19 -0500)]
fix(auth): properly validate X.509 extensions

get_ext() does not check the return value of the various mbedtls_*
functions, as cert_parse() is assumed to have guaranteed that they will
always succeed.  However, it passes the end of an extension as the end
pointer to these functions, whereas cert_parse() passes the end of the
TBSCertificate.  Furthermore, cert_parse() does *not* check that the
contents of the extension have the same length as the extension itself.
Before fd37982a19a4a291 ("fix(auth): forbid junk after extensions"),
cert_parse() also does not check that the extension block extends to the
end of the TBSCertificate.

This is a problem, as mbedtls_asn1_get_tag() leaves *p and *len
undefined on failure.  In practice, this results in get_ext() continuing
to parse at different offsets than were used (and validated) by
cert_parse(), which means that the in-bounds guarantee provided by
cert_parse() no longer holds.

This patch fixes the remaining flaw by enforcing that the contents of an
extension are the same length as the extension itself.

Change-Id: Id4570f911402e34d5d6c799ae01a01f184c68d7c
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
2 years agofix(auth): avoid out-of-bounds read in auth_nvctr()
Demi Marie Obenour [Fri, 9 Dec 2022 23:21:47 +0000 (18:21 -0500)]
fix(auth): avoid out-of-bounds read in auth_nvctr()

auth_nvctr() does not check that the buffer provided is long enough to
hold an ASN.1 INTEGER, or even that the buffer is non-empty.  Since
auth_nvctr() will only ever read 6 bytes, it is possible to read up to
6 bytes past the end of the buffer.

This out-of-bounds read turns out to be harmless.  The only caller of
auth_nvctr() always passes a pointer into an X.509 TBSCertificate, and
all in-tree chains of trust require that the certificate’s signature has
already been validated.  This means that the signature algorithm
identifier is at least 4 bytes and the signature itself more than that.
Therefore, the data read will be from the certificate itself.  Even if
the certificate signature has not been validated, an out-of-bounds read
is still not possible.  Since there are at least two bytes (tag and
length) in both the signature algorithm ID and the signature itself, an
out-of-bounds read would require that the tag byte of the signature
algorithm ID would need to be either the tag or length byte of the
DER-encoded nonvolatile counter.  However, this byte must be
(MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE) (0x30), which is
greater than 4 and not equal to MBEDTLS_ASN1_INTEGER (2).  Therefore,
auth_nvctr() will error out before reading the integer itself,
preventing an out-of-bounds read.

Change-Id: Ibdf1af702fbeb98a94c0c96456ebddd3d392ad44
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
2 years agoMerge changes from topic "bk/warnings" into integration
Manish Pandey [Tue, 10 Jan 2023 10:56:42 +0000 (11:56 +0100)]
Merge changes from topic "bk/warnings" into integration

* changes:
  docs: describe the new warning levels
  build: add -Wunused-const-variable=2 to W=2
  build: include -Wextra in generic builds
  docs(porting-guide): update a reference
  fix(st-usb): replace redundant checks with asserts
  fix(brcm): add braces around bodies of conditionals
  fix(renesas): align incompatible function pointers
  fix(zynqmp): remove redundant api_version check
  fix: remove old-style declarations
  fix: unify fallthrough annotations

2 years agofix(versal-net): enable wake interrupt during client suspend
Jay Buddhabhatti [Fri, 30 Dec 2022 05:54:44 +0000 (21:54 -0800)]
fix(versal-net): enable wake interrupt during client suspend

Wakeup interrupt should be set during power down sequence to wake
processor. So enable wakeup interrupt during power down sequence.

Signed-off-by: Jay Buddhabhatti <jay.buddhabhatti@amd.com>
Change-Id: I1154495c25e0468496f6e112996fd182aa516d88

2 years agofix(versal-net): disable wakeup interrupt during client wakeup
Jay Buddhabhatti [Fri, 30 Dec 2022 06:21:00 +0000 (22:21 -0800)]
fix(versal-net): disable wakeup interrupt during client wakeup

Clear and disable wakeup interrupt during client wakeup to avoid
multiple wakeup events.

Signed-off-by: Jay Buddhabhatti <jay.buddhabhatti@amd.com>
Change-Id: Iebc644ae582da03001830b96e3190fce10dbac42

2 years agofix(versal-net): clear power down bit during wakeup
Jay Buddhabhatti [Fri, 30 Dec 2022 06:15:19 +0000 (22:15 -0800)]
fix(versal-net): clear power down bit during wakeup

Power down bit and power down interrupt needs to be cleared once core
is wakeup to avoid unnecessary power down events. So disable power down
interrupt and clear power down bit during client wakeup.

Signed-off-by: Jay Buddhabhatti <jay.buddhabhatti@amd.com>
Change-Id: I3445991692c441831e4ea8dae112e23b19f185a9

2 years agofix(versal-net): fix setting power down state
Jay Buddhabhatti [Fri, 30 Dec 2022 05:58:35 +0000 (21:58 -0800)]
fix(versal-net): fix setting power down state

Versal NET is supporting max power state to AFF_LVL_2 so set power state
for all affinity level instead of setting for only AFF_LVL_0.

Signed-off-by: Jay Buddhabhatti <jay.buddhabhatti@amd.com>
Change-Id: I55a91e798b7566d2f34d7cb1fe28ca25993a7d8e

2 years agofix(versal-net): clear power down interrupt status before enable
Jay Buddhabhatti [Fri, 30 Dec 2022 05:47:54 +0000 (21:47 -0800)]
fix(versal-net): clear power down interrupt status before enable

Currently power down interrupt status is set by default before its
getting enabled. Because of that Linux is getting crashed since its
triggering interrupt before core goes to WFI state. So clear interrupt
status before enabling power down interrupt.

Signed-off-by: Jay Buddhabhatti <jay.buddhabhatti@amd.com>
Change-Id: Ia8d047b6078a49ab3dbe3e0bf24422357f0138c2

2 years agofix(versal-net): resolve misra rule 20.7 warnings
Jay Buddhabhatti [Mon, 9 Jan 2023 12:46:54 +0000 (04:46 -0800)]
fix(versal-net): resolve misra rule 20.7 warnings

Fix below MISRA violation from versal_net_def.h:
 - MISRA Violation: MISRA-C:2012 R.10.6:
   - Macro parameter expands into an expression without being wrapped
     by parentheses.

Signed-off-by: Jay Buddhabhatti <jay.buddhabhatti@amd.com>
Change-Id: Ie365d24c02bb38163005a3c073642d5c96412e2d

2 years agofix(versal-net): resolve misra 10.6 warnings
Jay Buddhabhatti [Mon, 9 Jan 2023 12:33:25 +0000 (04:33 -0800)]
fix(versal-net): resolve misra 10.6 warnings

Fix below MISRA violation from versal_net_def.h:
 - MISRA Violation: MISRA-C:2012 R.10.6
  - The value of a composite expression shall not be assigned to an
    object with wider essential type

Signed-off-by: Jay Buddhabhatti <jay.buddhabhatti@amd.com>
Change-Id: I74f8e5d63523f33d245a21f8e4f04d30e40b05e7

2 years agofix(cpus): workaround for Cortex-A710 erratum 2282622
Bipin Ravi [Thu, 22 Dec 2022 19:31:46 +0000 (13:31 -0600)]
fix(cpus): workaround for Cortex-A710 erratum 2282622

Cortex-A710 erratum 2282622 is a Cat B erratum that applies to
all revisions <=r2p1 and is still open. The workaround was earlier
applied to all revisions <= r2p0, this patch extends it to r2p1.
This was thought to have been fixed in r2p1 which is not the case.

SDEN documentation:
https://developer.arm.com/documentation/SDEN1775101/latest

Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: Iad38a7fe57bec3f2d8977995acd601dcd9ae69c0

2 years agofix(mpam): remove unwanted param for "endfunc" macro
Rohit Mathew [Tue, 18 Oct 2022 21:57:06 +0000 (22:57 +0100)]
fix(mpam): remove unwanted param for "endfunc" macro

"endfunc" macro is used to mark the end of a function. It takes the
function label as an argument. For el2_sysregs_context_save_mpam
function, "endfunc" has been called with an assumed typo, "func", along
with the function label. Remove this unwanted param to fix the endfunc
call.

Signed-off-by: Rohit Mathew <rohit.mathew@arm.com>
Change-Id: I05f958a285f936df579f01500b6fd7cb2b7753a8

2 years agoMerge "docs(changelog): add console scope" into integration
Madhukar Pappireddy [Mon, 9 Jan 2023 15:45:52 +0000 (16:45 +0100)]
Merge "docs(changelog): add console scope" into integration

2 years agoMerge "fix(libc): properly define SCHAR_MIN" into integration
Madhukar Pappireddy [Mon, 9 Jan 2023 15:14:42 +0000 (16:14 +0100)]
Merge "fix(libc): properly define SCHAR_MIN" into integration

2 years agoMerge "docs(maintainers): update maintainers for total compute" into integration
Manish V Badarkhe [Mon, 9 Jan 2023 14:32:16 +0000 (15:32 +0100)]
Merge "docs(maintainers): update maintainers for total compute" into integration

2 years agodocs(maintainers): update maintainers for total compute
Rupinderjit Singh [Thu, 5 Jan 2023 14:34:59 +0000 (14:34 +0000)]
docs(maintainers): update maintainers for total compute

Signed-off-by: Rupinderjit Singh <rupinderjit.singh@arm.com>
Change-Id: I64e7b036f404da110339d9013aa5c17ed8bf100f

2 years agoMerge "fix(plat/tc): increase TC_TZC_DRAM1_SIZE" into integration
Manish V Badarkhe [Mon, 9 Jan 2023 13:15:49 +0000 (14:15 +0100)]
Merge "fix(plat/tc): increase TC_TZC_DRAM1_SIZE" into integration

2 years agodocs(changelog): add console scope
Yann Gautier [Fri, 6 Jan 2023 16:05:48 +0000 (17:05 +0100)]
docs(changelog): add console scope

Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: Ie9426509ee4f0a4c4f0fe0296d7a7378cc8828f5

2 years agoMerge "fix(fconf): make struct fconf_populator static" into integration
Madhukar Pappireddy [Fri, 6 Jan 2023 15:44:20 +0000 (16:44 +0100)]
Merge "fix(fconf): make struct fconf_populator static" into integration

2 years agofix(libc): properly define SCHAR_MIN
Yann Gautier [Fri, 6 Jan 2023 13:18:25 +0000 (14:18 +0100)]
fix(libc): properly define SCHAR_MIN

SCHAR_MIN definition should use SCHAR_MAX, and not itself.

Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: If8c1751a381dac50fe3ec5fdf19d6a4918470b58

2 years agofix(fconf): make struct fconf_populator static
Yann Gautier [Fri, 18 Nov 2022 13:04:03 +0000 (14:04 +0100)]
fix(fconf): make struct fconf_populator static

In FCONF_REGISTER_POPULATOR macro, add static for the fconf_populator
struct. This avoids this kind of sparse warning:
plat/st/common/stm32mp_fconf_io.c:181:1: warning:
 symbol 'stm32mp_io__populator' was not declared. Should it be static?

Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: Icaa7da3079e82497e112585150f6348ef2ebf5e6

2 years agoMerge "feat(mt8188): update INFRA IOMMU enable flow" into integration
Olivier Deprez [Fri, 6 Jan 2023 08:38:25 +0000 (09:38 +0100)]
Merge "feat(mt8188): update INFRA IOMMU enable flow" into integration

2 years agofeat(mt8188): update INFRA IOMMU enable flow
Chengci.Xu [Fri, 30 Dec 2022 05:33:04 +0000 (13:33 +0800)]
feat(mt8188): update INFRA IOMMU enable flow

IOMMU kernel driver has changed the function parameters, so update
IOMMU TF-A driver to be consistent with it.

Change-Id: I2adda69bdbdc31833781fac5e6c1f4b10da161be
Signed-off-by: Chengci.Xu <chengci.xu@mediatek.com>
2 years agoMerge changes from topic "fvp_trap_rng" into integration
Manish Pandey [Wed, 4 Jan 2023 17:51:40 +0000 (18:51 +0100)]
Merge changes from topic "fvp_trap_rng" into integration

* changes:
  feat(fvp): emulate trapped RNDR
  feat(el3-runtime): introduce system register trap handler

2 years agoMerge "refactor(trng): discarding the used entropy bits" into integration
Manish Pandey [Wed, 4 Jan 2023 10:41:46 +0000 (11:41 +0100)]
Merge "refactor(trng): discarding the used entropy bits" into integration

2 years agofix(plat/tc): increase TC_TZC_DRAM1_SIZE
Arunachalam Ganapathy [Mon, 11 Apr 2022 16:38:17 +0000 (17:38 +0100)]
fix(plat/tc): increase TC_TZC_DRAM1_SIZE

Increase TC_TZC_DRAM1_SIZE for Trusty image and its memory size.
Update OP-TEE reserved memory range in DTS

Change-Id: Iad433c3c155f28860b15bde2398df653487189dd
Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Signed-off-by: Davidson K <davidson.kumaresan@arm.com>
2 years agoMerge "refactor(auth): avoid parsing signature algorithm twice" into integration
Sandrine Bailleux [Wed, 4 Jan 2023 09:16:10 +0000 (10:16 +0100)]
Merge "refactor(auth): avoid parsing signature algorithm twice" into integration

2 years agoMerge changes I794d2927,Ie33205fb,Ifdbe3b4c into integration
Sandrine Bailleux [Tue, 3 Jan 2023 16:55:02 +0000 (17:55 +0100)]
Merge changes I794d2927,Ie33205fb,Ifdbe3b4c into integration

* changes:
  refactor(auth): do not include SEQUENCE tag in saved extensions
  fix(auth): reject junk after certificates
  fix(auth): require bit strings to have no unused bits

2 years agorefactor(auth): do not include SEQUENCE tag in saved extensions
Demi Marie Obenour [Thu, 8 Dec 2022 20:24:36 +0000 (15:24 -0500)]
refactor(auth): do not include SEQUENCE tag in saved extensions

This makes the code a little bit smaller.  No functional change
intended.

Change-Id: I794d2927fcd034a79e29c9bba1f8e4410203f547
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
2 years agofix(auth): reject junk after certificates
Demi Marie Obenour [Thu, 8 Dec 2022 20:24:31 +0000 (15:24 -0500)]
fix(auth): reject junk after certificates

Certificates must not allow trailing junk after them.

Change-Id: Ie33205fb051fc63af5b72c326822da7f62eec1d1
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
2 years agofix(auth): require bit strings to have no unused bits
Demi Marie Obenour [Thu, 8 Dec 2022 20:24:27 +0000 (15:24 -0500)]
fix(auth): require bit strings to have no unused bits

This is already checked by the crypto module or by mbedTLS, but checking
it in the X.509 parser is harmless.

Change-Id: Ifdbe3b4c6d04481bb8e93106ee04b49a70f50d5d
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
2 years agoMerge changes Ia748b6ae,Id8a48e14,Id25ab231,Ie26eed8a,Idf48f716, ... into integration
Sandrine Bailleux [Tue, 3 Jan 2023 16:48:09 +0000 (17:48 +0100)]
Merge changes Ia748b6ae,Id8a48e14,Id25ab231,Ie26eed8a,Idf48f716, ... into integration

* changes:
  refactor(auth): partially validate SubjectPublicKeyInfo early
  fix(auth): reject padding after BIT STRING in signatures
  fix(auth): reject invalid padding in digests
  fix(auth): require at least one extension to be present
  fix(auth): forbid junk after extensions
  fix(auth): only accept v3 X.509 certificates

2 years agoMerge changes from topic "st_fix_sparse_warnings" into integration
Manish Pandey [Tue, 3 Jan 2023 13:27:07 +0000 (14:27 +0100)]
Merge changes from topic "st_fix_sparse_warnings" into integration

* changes:
  fix(st-crypto): remove platdata functions
  fix(st-crypto): set get_plain_pk_from_asn1() static
  fix(stm32mp1): add missing platform.h include
  fix(st): make metadata_block_spec static

2 years agorefactor(auth): avoid parsing signature algorithm twice
Demi Marie Obenour [Thu, 8 Dec 2022 20:24:23 +0000 (15:24 -0500)]
refactor(auth): avoid parsing signature algorithm twice

Since the two instances of the signature algorithm in a certificate must
be bitwise identical, it is not necessary to parse both of them.
Instead, it suffices to parse one of them, and then check that the other
fits in the remaining buffer space and is equal to the first.

Change-Id: Id0a0663165f147879ac83b6a540378fd4873b0dd
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
2 years agorefactor(auth): partially validate SubjectPublicKeyInfo early
Demi Marie Obenour [Thu, 8 Dec 2022 20:24:18 +0000 (15:24 -0500)]
refactor(auth): partially validate SubjectPublicKeyInfo early

This reduces the likelihood of future problems later.

Change-Id: Ia748b6ae31a7a48f17ec7f0fc08310a50cd1b135
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
2 years agofix(auth): reject padding after BIT STRING in signatures
Demi Marie Obenour [Thu, 8 Dec 2022 20:24:10 +0000 (15:24 -0500)]
fix(auth): reject padding after BIT STRING in signatures

It is forbidden by ASN.1 DER.

Change-Id: Id8a48e14bb8a1a17a6481ea3fde0803723c05e31
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
2 years agofix(auth): reject invalid padding in digests
Demi Marie Obenour [Thu, 8 Dec 2022 20:24:01 +0000 (15:24 -0500)]
fix(auth): reject invalid padding in digests

Digests must not have padding after the SEQUENCE or OCTET STRING.

Change-Id: Id25ab23111781f8c8a97c2c3c8edf1cc4a4384c0
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
2 years agofix(auth): require at least one extension to be present
Demi Marie Obenour [Thu, 8 Dec 2022 20:23:58 +0000 (15:23 -0500)]
fix(auth): require at least one extension to be present

X.509 and RFC5280 allow omitting the extensions entirely, but require
that if the extensions field is present at all, it must contain at least
one certificate.  TF-A already requires the extensions to be present,
but allows them to be empty.  However, a certificate with an empty
extensions field will always fail later on, as the extensions contain
the information needed to validate the next stage in the boot chain.
Therefore, it is simpler to require the extension field to be present
and contain at least one extension.  Also add a comment explaining why
the extensions field is required, even though it is OPTIONAL in the
ASN.1 syntax.

Change-Id: Ie26eed8a7924bf50937a6b27ccdf7cc9a390588d
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
2 years agofix(auth): forbid junk after extensions
Demi Marie Obenour [Thu, 8 Dec 2022 20:23:56 +0000 (15:23 -0500)]
fix(auth): forbid junk after extensions

The extensions must use all remaining bytes in the TBSCertificate.

Change-Id: Idf48f7168e146d050ba62dbc732638946fcd6c92
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
2 years agofix(auth): only accept v3 X.509 certificates
Demi Marie Obenour [Thu, 8 Dec 2022 20:23:50 +0000 (15:23 -0500)]
fix(auth): only accept v3 X.509 certificates

v1 and v2 are forbidden as at least one extension is required.  Instead
of actually parsing the version number, just compare it with a
hard-coded string.

Change-Id: Ib8fd34304a0049787db77ec8c2359d0930cd4ba1
Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>
2 years agoMerge "fix(qemu-sbsa): enable SVE and SME" into integration
Bipin Ravi [Thu, 22 Dec 2022 22:38:58 +0000 (23:38 +0100)]
Merge "fix(qemu-sbsa): enable SVE and SME" into integration

2 years agoMerge changes Ia14738de,I6f4cffdc into integration
Manish V Badarkhe [Thu, 22 Dec 2022 11:53:04 +0000 (12:53 +0100)]
Merge changes Ia14738de,I6f4cffdc into integration

* changes:
  fix(tc): change the properties of optee reserved memory
  feat(tc): use smmu 700

2 years agoMerge "fix(cpus): workaround for Neoverse N2 erratum 2743089" into integration
Madhukar Pappireddy [Wed, 21 Dec 2022 16:27:21 +0000 (17:27 +0100)]
Merge "fix(cpus): workaround for Neoverse N2 erratum 2743089" into integration

2 years agofix(cpus): workaround for Neoverse N2 erratum 2743089
Bipin Ravi [Wed, 7 Dec 2022 23:01:26 +0000 (17:01 -0600)]
fix(cpus): workaround for Neoverse N2 erratum 2743089

Neoverse N2 erratum 2743089 is a Cat B erratum that applies to
all revisions <=r0p2 and is fixed in r0p3. The workaround is to
insert a dsb before the isb in the power down sequence.

SDEN documentation:
https://developer.arm.com/documentation/SDEN1982442/latest

Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: Idec862226bd32c91374a8bbd5d73d7ee480a34d9

2 years agoMerge changes I0362da46,I8ee7c16c into integration
Madhukar Pappireddy [Wed, 21 Dec 2022 15:01:16 +0000 (16:01 +0100)]
Merge changes I0362da46,I8ee7c16c into integration

* changes:
  fix(cpus): workaround for Cortex-A78 erratum 2772019
  fix(cpus): workaround for Neoverse V1 erratum 2743093

2 years agofeat(fvp): emulate trapped RNDR
Andre Przywara [Mon, 21 Nov 2022 17:07:25 +0000 (17:07 +0000)]
feat(fvp): emulate trapped RNDR

When a platform decides to use FEAT_RNG_TRAP, every RNDR or RNDRSS read
will trap into EL3. The platform can then emulate those instructions, by
either executing the real CPU instructions, potentially conditioning the
results, or use rate-limiting or filtering to protect the hardware
entropy pool. Another possiblitiy would be to use some platform specific
TRNG device to get entropy and returning this.

To demonstrate platform specific usage, add a demo implementation for the
FVP: It will execute the actual CPU instruction and just return the
result. This should serve as reference code to implement platform specific
policies.

We change the definition of read_rndr() and read_rndrrs() to use the
alternative sysreg encoding, so that all assemblers can handle that.

Add documentation about the new platform specific RNG handler function.

Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Change-Id: Ibce817b3b06ad20129d15531b81402e3cc3e9a9e

2 years agofeat(el3-runtime): introduce system register trap handler
Andre Przywara [Mon, 21 Nov 2022 17:04:10 +0000 (17:04 +0000)]
feat(el3-runtime): introduce system register trap handler

At the moment we only handle SMC traps from lower ELs, but ignore any
other synchronous traps and just panic.
To cope with system register traps, which we might need to emulate,
introduce a C function to handle those traps, and wire that up in the
exception handler to be called.

We provide a dispatcher function (in C), that will call platform
specific implementation for certain (classes of) system registers.
For now this is empty.

Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Change-Id: If147bcb49472eb02791498700300926afbcf75ff

2 years agofix(cpus): workaround for Cortex-A78 erratum 2772019
Bipin Ravi [Thu, 15 Dec 2022 20:48:21 +0000 (14:48 -0600)]
fix(cpus): workaround for Cortex-A78 erratum 2772019

Cortex-A78 erratum 2772019 is a Cat B erratum that applies to
all revisions <=r1p2 and is still open. The workaround is to
insert a dsb before the isb in the power down sequence.

SDEN documentation:
https://developer.arm.com/documentation/SDEN1401784/latest

Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: I0362da463eca777aa7a385bcdeb39b8549799f02

2 years agofix(cpus): workaround for Neoverse V1 erratum 2743093
Bipin Ravi [Thu, 15 Dec 2022 17:57:53 +0000 (11:57 -0600)]
fix(cpus): workaround for Neoverse V1 erratum 2743093

Neoverse V1 erratum 2743093 is a Cat B erratum that applies to
all revisions <=r1p2 and is still open. The workaround is to
insert a dsb before the isb in the power down sequence.

SDEN documentation:
https://developer.arm.com/documentation/SDEN1401781/latest

Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: I8ee7c16c14c4fd6ee35d20c855273ecfce0d1b32

2 years agoMerge "fix(el3-spmc): report execution state in partition info get" into integration
Olivier Deprez [Tue, 20 Dec 2022 16:30:16 +0000 (17:30 +0100)]
Merge "fix(el3-spmc): report execution state in partition info get" into integration

2 years agoMerge "feat(tc): add delegated attest and measurement tests" into integration
Sandrine Bailleux [Tue, 20 Dec 2022 14:58:06 +0000 (15:58 +0100)]
Merge "feat(tc): add delegated attest and measurement tests" into integration

2 years agofix(tc): change the properties of optee reserved memory
Davidson K [Wed, 14 Dec 2022 12:08:14 +0000 (17:38 +0530)]
fix(tc): change the properties of optee reserved memory

make it part of the restricted dma pool to ensure it is not used for
general dma operations.

Change-Id: Ia14738de70b4d7719d7460ed8d16e727aea8d8c4
Signed-off-by: Davidson K <davidson.kumaresan@arm.com>
2 years agofeat(tc): use smmu 700
Davidson K [Mon, 21 Nov 2022 12:19:51 +0000 (17:49 +0530)]
feat(tc): use smmu 700

Enable smmu for gpu and dpu

Signed-off-by: Davidson K <davidson.kumaresan@arm.com>
Change-Id: I6f4cffdc835dc542904b0a15b1db9a3382b78c08

2 years agoMerge "fix(gic): wrap cache enabled assert under plat_can_cmo" into integration
Manish Pandey [Mon, 19 Dec 2022 10:44:45 +0000 (11:44 +0100)]
Merge "fix(gic): wrap cache enabled assert under plat_can_cmo" into integration

2 years agoMerge "fix(intel): add mailbox error return status for FCS_DECRYPTION" into integration
Sandrine Bailleux [Mon, 19 Dec 2022 07:37:23 +0000 (08:37 +0100)]
Merge "fix(intel): add mailbox error return status for FCS_DECRYPTION" into integration

2 years agoMerge "fix(arm): arm_rotpk_header undefined reference" into integration
Manish V Badarkhe [Sat, 17 Dec 2022 10:44:21 +0000 (11:44 +0100)]
Merge "fix(arm): arm_rotpk_header undefined reference" into integration

2 years agofix(arm): arm_rotpk_header undefined reference
laurenw-arm [Tue, 13 Dec 2022 15:42:40 +0000 (09:42 -0600)]
fix(arm): arm_rotpk_header undefined reference

Moving ARM_ROTPK_S to default to arm_dev_rotpk.S as it was not being
set for Juno cryptocell and this should be the value in most cases.

Change-Id: I56a5a4e61f1ca728b87322b0b09a0d73ed1d5ee0
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
2 years agofeat(tc): add delegated attest and measurement tests
Mate Toth-Pal [Fri, 21 Oct 2022 12:24:49 +0000 (14:24 +0200)]
feat(tc): add delegated attest and measurement tests

This patch adds Delegated Attestation and Measured Boot tests to the
plat/arm/board/tc platform.
The test suite can be activated by adding the build time option
`PLATFORM_TEST=1` to the make command. In this case the boot sequence is
not finished, plat_error_handler is called after the tests are run
(regardless of the test result.)

The actual test code is coming from the Trusted-Firmware-M project. Some
of the files of the tf-m-tests and tf-m-extras repo are linked to the
BL31 image.

Versions used for testing:
https://git.trustedfirmware.org/TF-M/tf-m-tests
    614e8c358377e4146e8ee13d1246e59d01b4bf1b

https: //git.trustedfirmware.org/TF-M/tf-m-extras
    3be9fdd557e6df449de93c2101973fb011699b3d

Change-Id: I98f0f5f760a39d2d7e0dd11d33663ddb75f0b6fc
Signed-off-by: Mate Toth-Pal <mate.toth-pal@arm.com>
2 years agoMerge "fix(xilinx): resolve integer handling issue" into integration
Joanna Farley [Fri, 16 Dec 2022 15:59:44 +0000 (16:59 +0100)]
Merge "fix(xilinx): resolve integer handling issue" into integration

2 years agoMerge "fix(intel): missing NCORE CCU snoop filter fix in BL2" into integration
Sandrine Bailleux [Fri, 16 Dec 2022 14:37:07 +0000 (15:37 +0100)]
Merge "fix(intel): missing NCORE CCU snoop filter fix in BL2" into integration

2 years agofix(xilinx): resolve integer handling issue
Akshay Belsare [Thu, 15 Dec 2022 10:26:23 +0000 (15:56 +0530)]
fix(xilinx): resolve integer handling issue

OEN Number 48 to 63 is for Trusted App and OS.
GET_SMC_OEN limits the return value of OEN number to 63 by bitwise AND
operation with 0x3F. Thus the upper limit check for OEN value returned
by GET_SMC_OEN is not required.
Removing the upper limit check for the OEN value returned by GET_SMC_OEN
resolves integer handling issue CONSTANT_EXPRESSION_RESULT

Signed-off-by: Akshay Belsare <akshay.belsare@amd.com>
Change-Id: Ie04a4e2fb7cc85ec6055a5662736a805a89f7085

2 years agoMerge changes Ibb593369,I9cc984dd into integration
Bipin Ravi [Thu, 15 Dec 2022 15:51:32 +0000 (16:51 +0100)]
Merge changes Ibb593369,I9cc984dd into integration

* changes:
  fix(el3_runtime): allow SErrors when executing in EL3
  fix(el3_runtime): do not save scr_el3 during EL3 entry

2 years agoMerge changes I2b23e7c8,I779587af,Ic46de7a4,If753e987,I00171b05, ... into integration
Madhukar Pappireddy [Thu, 15 Dec 2022 15:38:07 +0000 (16:38 +0100)]
Merge changes I2b23e7c8,I779587af,Ic46de7a4,If753e987,I00171b05, ... into integration

* changes:
  fix(layerscape): unlock write access SMMU_CBn_ACTLR
  fix(nxp-ddr): add checking return value
  feat(lx2): enable OCRAM ECC
  fix(nxp-tools): fix coverity issue
  fix(nxp-ddr): fix coverity issue
  fix(nxp-ddr): fix underrun coverity issue
  fix(nxp-drivers): fix sd secure boot failure
  feat(lx2): support more variants
  fix(lx2): init global data before using it
  fix(ls1046a): 4 keys secureboot failure resolved
  fix(nxp-crypto): fix secure boot assert inclusion
  fix(nxp-crypto): fix coverity issue
  fix(nxp-drivers): fix fspi coverity issue
  fix(nxp-drivers): fix tzc380 memory regions config
  fix(layerscape): fix nv_storage assert checking
  fix(nxp-ddr): apply Max CDD values for warm boot
  fix(nxp-ddr): use CDDWW for write to read delay
  fix(layerscape): fix errata a008850

2 years agoMerge "fix(gpt_rme): fix compilation error for gpt_rme.c" into integration
Soby Mathew [Thu, 15 Dec 2022 14:52:42 +0000 (15:52 +0100)]
Merge "fix(gpt_rme): fix compilation error for gpt_rme.c" into integration

2 years agoMerge changes from topic "qemu_sel2" into integration
Olivier Deprez [Thu, 15 Dec 2022 13:25:16 +0000 (14:25 +0100)]
Merge changes from topic "qemu_sel2" into integration

* changes:
  docs(build): describes the SPMC_OPTEE build option
  feat(qemu): support el3 spmc
  feat(el3-spmc): make platform logical partition optional
  feat(qemu): support s-el2 spmc
  feat(qemu): update abi between spmd and spmc
  fix(sptool): add dependency to SP image

2 years agofix(intel): add mailbox error return status for FCS_DECRYPTION
Sieu Mun Tang [Sat, 3 Dec 2022 17:43:35 +0000 (01:43 +0800)]
fix(intel): add mailbox error return status for FCS_DECRYPTION

Add 2 more mailbox error return status for FCS_DECRYPTION when sending
mailbox command to SDM

Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: Ifff4faa397232cc0080f9fca6f6948ac305915c4

2 years agofix(intel): missing NCORE CCU snoop filter fix in BL2
Jit Loon Lim [Thu, 10 Nov 2022 14:08:13 +0000 (22:08 +0800)]
fix(intel): missing NCORE CCU snoop filter fix in BL2

Clear Ncore CCU snoop filter. There is hardware bug in NCORE CCU IP
and it is causing an issue in the coherent directory tracking of
outstanding cache lines.

Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Change-Id: I9ee67c94e6379d318516ae8f660a62323ce8d563

2 years agoMerge changes Ib02688f7,If17fe04d into integration
Madhukar Pappireddy [Wed, 14 Dec 2022 16:44:00 +0000 (17:44 +0100)]
Merge changes Ib02688f7,If17fe04d into integration

* changes:
  fix(cpus): workaround for Cortex-X2 erratum 2768515
  fix(cpus): workaround for Cortex-A710 erratum 2768515

2 years agodocs(build): describes the SPMC_OPTEE build option
Jens Wiklander [Wed, 14 Dec 2022 16:02:16 +0000 (17:02 +0100)]
docs(build): describes the SPMC_OPTEE build option

Explains that the SPMC_OPTEE build option is used to load the SPMC at
S-EL1 using an OP-TEE specific mechanism.

Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Change-Id: I71757d2d9ac98caf0ac6d8e64b221adaa0f70846

2 years agofix(el3_runtime): allow SErrors when executing in EL3
Manish Pandey [Thu, 17 Nov 2022 15:47:05 +0000 (15:47 +0000)]
fix(el3_runtime): allow SErrors when executing in EL3

SCR_EL3.EA is set to 1 in BL31 initialization and is cleared before
entering to lower ELs(except for RAS FFH case "HANDLE_EA_EL3_FIRST_NS").
The cleared value persist even during run time when execution comes
back to EL3.

When SCR_EL3.EA is 0 and execution state is EL3, Async EAs(delivered
as SErrors) are implicitly masked and hence any Async EA by EL3 will
remain pending and will trap at the exception level EA is targeted
to and unmasked when entering lower EL.
This causes unexpected EA at lower EL. This is a very rare
to get SError in EL3 until unless there is any programming error.

This patch sets SCR_EL3.EA to 1 when entering EL3 from lower EL.

Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ibb593369edb034f670fd85ee79adc9829b900a83

2 years agofix(el3_runtime): do not save scr_el3 during EL3 entry
Manish Pandey [Wed, 7 Dec 2022 13:04:20 +0000 (13:04 +0000)]
fix(el3_runtime): do not save scr_el3 during EL3 entry

scr_el3 registers cannot be modified in lower ELs which means it retains
the same value which is stored in the EL3 cpu context structure for the
given world. So, we should not save the register when entering to EL3
from lower EL as we have the copy of it present in cpu context.

During EL3 execution SCR_EL3 value can be modifed for following cases
 1. Changes which is required for EL3 execution, this change is temp
    and do not need to be saved.
 2. Changes which affects lower EL execution, these changes need to be
    written to cpu context as well and will be retrieved when scr_el3
    is restored as part of exiting EL3

Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I9cc984ddf50e27d09e361bd83b1b3c9f068cf2fd

2 years agoMerge changes from topic "ffa_el3_spmc_fixes" into integration
Olivier Deprez [Tue, 13 Dec 2022 17:53:57 +0000 (18:53 +0100)]
Merge changes from topic "ffa_el3_spmc_fixes" into integration

* changes:
  fix(tsp): use verbose for power logs
  fix(el3-spmc): fix coverity scan warnings
  fix(el3-spmc): improve bound check for descriptor

2 years agoMerge changes Ie6a13e4a,I517074b8,Ifd29b748,I1279d9cb,I3b78e0c5, ... into integration
Madhukar Pappireddy [Tue, 13 Dec 2022 14:13:48 +0000 (15:13 +0100)]
Merge changes Ie6a13e4a,I517074b8,Ifd29b748,I1279d9cb,I3b78e0c5, ... into integration

* changes:
  feat(imx8mq): add BL31 PIE support
  refactor(imx8mq): introduce BL31_SIZE
  refactor(imx8mq): make use of setup_page_tables()
  feat(imx8mq): always set up console
  feat(imx8mq): remove empty bl31_plat_runtime_setup
  feat(imx8mq): make IMX_BOOT_UART_BASE configurable via build parameter

2 years agofeat(imx8mq): add BL31 PIE support
Lucas Stach [Thu, 8 Dec 2022 15:44:00 +0000 (16:44 +0100)]
feat(imx8mq): add BL31 PIE support

Enable PIE support so the BL31 firmware can be loaded from anywhere
within the OCRAM (SRAM). For the PIE support we only need to replace
the BL31_BASE define by the BL31_START symbol which is a relocatable
and we need to enable it by setting ENABLE_PIE := 1.

Signed-off-by: Lucas Stach <l.stach@pengutronix.de>
Change-Id: Ie6a13e4ae0fdc6627a94798d7a86df7d5b310896

2 years agorefactor(imx8mq): introduce BL31_SIZE
Lucas Stach [Thu, 8 Dec 2022 15:37:44 +0000 (16:37 +0100)]
refactor(imx8mq): introduce BL31_SIZE

No functional change.

Introduce BL31_SIZE define and calculate the limits based on the
BL31_BASE and the BL31_SIZE define. Also make use of SZ_64K to make
it easier to read. This is required for later BL31 PIE support since
it drops the calculation based on the BL31_LIMIT and BL31_BASE.

Signed-off-by: Lucas Stach <l.stach@pengutronix.de>
Change-Id: I517074b866b5bf11841b51777f87c926b304488d

2 years agorefactor(imx8mq): make use of setup_page_tables()
Lucas Stach [Thu, 8 Dec 2022 15:35:11 +0000 (16:35 +0100)]
refactor(imx8mq): make use of setup_page_tables()

Improve code readability and align with other i.MX8M* platforms.

Signed-off-by: Lucas Stach <l.stach@pengutronix.de>
Change-Id: Ifd29b74872e3a567288d208de4827403078164e9

2 years agofeat(imx8mq): always set up console
Lucas Stach [Thu, 8 Dec 2022 15:00:04 +0000 (16:00 +0100)]
feat(imx8mq): always set up console

This aligns the i.MX8MQ platform behaviour with the other i.MX8M*
platforms by always setting up the console UART.

Signed-off-by: Lucas Stach <l.stach@pengutronix.de>
Change-Id: I1279d9cb4feb6e789422b9844cab711b8daae74e

2 years agofeat(imx8mq): remove empty bl31_plat_runtime_setup
Lucas Stach [Thu, 8 Dec 2022 16:51:17 +0000 (17:51 +0100)]
feat(imx8mq): remove empty bl31_plat_runtime_setup

Having this empty definition is actively harmful, as it prevents the
default weak function to be used, which does a switch of the console
state.

Signed-off-by: Lucas Stach <l.stach@pengutronix.de>
Change-Id: I3b78e0c524c4907714036dba573a44d8f9c48b09

2 years agofeat(imx8mq): make IMX_BOOT_UART_BASE configurable via build parameter
Lucas Stach [Thu, 8 Dec 2022 14:54:26 +0000 (15:54 +0100)]
feat(imx8mq): make IMX_BOOT_UART_BASE configurable via build parameter

This aligns the i.MX8MQ build with the other i.MX8M platforms by
allowing to override the default IMX_BOOT_UART_BASE value via a make
parameter.

Signed-off-by: Lucas Stach <l.stach@pengutronix.de>
Change-Id: Iad9b844517209fc7d051c61767f71ac9fa2b55c7

2 years agofix(st-crypto): remove platdata functions
Yann Gautier [Tue, 13 Dec 2022 09:51:56 +0000 (10:51 +0100)]
fix(st-crypto): remove platdata functions

The functions stm32_pka_get_platdata() and stm32_saes_get_platdata()
are not used. They can be removed as we always use DT to retrieve
the device configuration.
This issue was triggered by sparse tool or when enabling warning
-Wmissing-prototypes.

Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I5cce9a0765144d694e8ddece37361ccbb85d1734

2 years agofix(st-crypto): set get_plain_pk_from_asn1() static
Yann Gautier [Mon, 12 Dec 2022 13:56:39 +0000 (14:56 +0100)]
fix(st-crypto): set get_plain_pk_from_asn1() static

The issue is triggered when enabling -Wmissing-prototypes warning:
plat/st/common/stm32mp_crypto_lib.c:81:5: warning:
 no previous prototype for 'get_plain_pk_from_asn1'
 [-Wmissing-prototypes]
   81 | int get_plain_pk_from_asn1(void *pk_ptr, unsigned int pk_len,
      |     ^~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: Ia36bbaba6e187ab47c203ddf0d7d017b210545cf

2 years agofix(stm32mp1): add missing platform.h include
Yann Gautier [Fri, 18 Nov 2022 13:08:10 +0000 (14:08 +0100)]
fix(stm32mp1): add missing platform.h include

This includes the functions definitions, and avoids sparse warnings:
plat/st/stm32mp1/plat_image_load.c:13:6: warning:
 symbol 'plat_flush_next_bl_params' was not declared.
 Should it be static?
plat/st/stm32mp1/plat_image_load.c:21:16: warning:
 symbol 'plat_get_bl_image_load_info' was not declared.
 Should it be static?
plat/st/stm32mp1/plat_image_load.c:29:13: warning:
 symbol 'plat_get_next_bl_params' was not declared.
 Should it be static?

The issue was also found when enabling -Wmissing-prototypes warning:
plat/st/stm32mp1/plat_image_load.c:13:6: error:
 no previous prototype for 'plat_flush_next_bl_params'
 [-Werror=missing-prototypes]
   13 | void plat_flush_next_bl_params(void)
      |      ^~~~~~~~~~~~~~~~~~~~~~~~~
plat/st/stm32mp1/plat_image_load.c:21:17: error:
 no previous prototype for 'plat_get_bl_image_load_info'
 [-Werror=missing-prototypes]
   21 | bl_load_info_t *plat_get_bl_image_load_info(void)
      |                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~
plat/st/stm32mp1/plat_image_load.c:29:14: error:
 no previous prototype for 'plat_get_next_bl_params'
 [-Werror=missing-prototypes]
   29 | bl_params_t *plat_get_next_bl_params(void)
      |              ^~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I0bb3052f6efd888462eab2fd8f18862e7fbf02b9

2 years agofix(st): make metadata_block_spec static
Yann Gautier [Fri, 18 Nov 2022 13:05:10 +0000 (14:05 +0100)]
fix(st): make metadata_block_spec static

This issue was triggered by sparse tool:
plat/st/common/stm32mp_fconf_io.c:31:17: warning:
 symbol 'metadata_block_spec' was not declared. Should it be static?

Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I283d15792ed0e7ac5181e18aaf54010a0e61b370

2 years agoMerge changes from topic "full_dev_rsa_key" into integration
Lauren Wehrmeister [Mon, 12 Dec 2022 21:18:26 +0000 (22:18 +0100)]
Merge changes from topic "full_dev_rsa_key" into integration

* changes:
  docs(arm): add ARM_ROTPK_LOCATION variant full key
  feat(arm): add ARM_ROTPK_LOCATION variant full key

2 years agofix(gic): wrap cache enabled assert under plat_can_cmo
Channagoud kadabi [Wed, 30 Nov 2022 00:03:47 +0000 (16:03 -0800)]
fix(gic): wrap cache enabled assert under plat_can_cmo

with reference to feature 04c730 (feat(cpus): make cache ops conditional),
booting with caches in debug recovery means SCTLR_C_BIT will be 0.
Wrap the assert for the d-cache enabled check in CONDITIONAL_CMO and
plat_can_cmo calls to allow booting with d-cache disabled.

Signed-off-by: Channagoud kadabi <kadabi@google.com>
Change-Id: I80153df493d1ec9e5e354c7c2e6a14322d22c446

2 years agoMerge changes from topic "fix_misra_st_drivers" into integration
Manish Pandey [Mon, 12 Dec 2022 16:03:23 +0000 (17:03 +0100)]
Merge changes from topic "fix_misra_st_drivers" into integration

* changes:
  fix(st-gpio): define shift as uint32_t
  fix(st-sdmmc): check transfer size before filling register

2 years agoMerge "fix(st): include utils.h to solve compilation error" into integration
Manish Pandey [Mon, 12 Dec 2022 15:58:58 +0000 (16:58 +0100)]
Merge "fix(st): include utils.h to solve compilation error" into integration

2 years agofix(st): include utils.h to solve compilation error
Yann Gautier [Mon, 12 Dec 2022 13:53:45 +0000 (14:53 +0100)]
fix(st): include utils.h to solve compilation error

If compiling with STM32MP13 with DECRYPTION_SUPPORT != none, there is
a compilation error:
plat/st/common/stm32mp_crypto_lib.c:
 In function 'plat_get_enc_key_info':
plat/st/common/stm32mp_crypto_lib.c:532:25:
 error: implicit declaration of function 'zeromem'
 [-Werror=implicit-function-declaration]
  532 |                         zeromem(key, *key_len);
      |                         ^~~~~~~

Adding #include <lib/utils.h> solves the error.

Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I0a20c5632f0379612149333e69875369d4cfca15

2 years agodocs: describe the new warning levels
Boyan Karatotev [Wed, 7 Dec 2022 10:26:48 +0000 (10:26 +0000)]
docs: describe the new warning levels

When -Wextra was added, the warning levels changed their meaning. Add a
description in the build option section and leave the security hardening
section as mostly a pointer to it.

Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Iabf2f598d0bf3e865c9b991c5d44d2acb9572bd5