Merge changes from topic "xlnx_security_flag_change" into integration

* changes:
  fix(versal-net): make pmc ipi channel as secure
  fix(versal): make pmc ipi channel as secure
  fix(versal-net): add redundant call to avoid glitches
  fix(versal-net): change flag to increase security

plat/xilinx/common/include/pm_svc_main.h

@@ -10,6 +10,26 @@
 
 #include <pm_common.h>
 
+/******************************************************************************/
+/**
+ * SECURE_REDUNDANT_CALL() - Adds redundancy to the function call. This is to
+ *			     avoid glitches which can skip a function call
+ *			     and cause altering of the code flow in security
+ *			     critical functions.
+ * @status: Variable which holds the return value of function executed
+ * @status_tmp: Variable which holds the return value of redundant function
+ *		call executed
+ * @function: Function to be executed
+ *
+ * Return: None
+ *
+ ******************************************************************************/
+#define SECURE_REDUNDANT_CALL(status, status_tmp, function, ...)   \
+	{ \
+		status = function(__VA_ARGS__); \
+		status_tmp = function(__VA_ARGS__); \
+	}
+
 int32_t pm_setup(void);
 uint64_t pm_smc_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2, uint64_t x3,
 			uint64_t x4, const void *cookie, void *handle,

plat/xilinx/common/pm_service/pm_svc_main.c

@@ -23,6 +23,7 @@
 #include "pm_api_sys.h"
 #include "pm_client.h"
 #include "pm_ipi.h"
+#include "pm_svc_main.h"
 
 #define MODE				0x80000000U
 
@@ -399,8 +400,9 @@ uint64_t pm_smc_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2, uint64_t x3,
 {
 	uintptr_t ret;
 	uint32_t pm_arg[PAYLOAD_ARG_CNT] = {0};
-	uint32_t security_flag = SECURE_FLAG;
+	uint32_t security_flag = NON_SECURE_FLAG;
 	uint32_t api_id;
+	bool status = false, status_tmp = false;
 
 	/* Handle case where PM wasn't initialized properly */
 	if (pm_up == false) {
@@ -408,11 +410,14 @@ uint64_t pm_smc_handler(uint32_t smc_fid, uint64_t x1, uint64_t x2, uint64_t x3,
 	}
 
 	/*
-	 * Mark BIT24 payload (i.e 1st bit of pm_arg[3] ) as non-secure (1)
-	 * if smc called is non secure
+	 * Mark BIT24 payload (i.e 1st bit of pm_arg[3] ) as secure (0)
+	 * if smc called is secure
+	 *
+	 * Add redundant macro call to immune the code from glitches
 	 */
-	if (is_caller_non_secure(flags) != 0) {
-		security_flag = NON_SECURE_FLAG;
+	SECURE_REDUNDANT_CALL(status, status_tmp, is_caller_secure, flags);
+	if ((status != false) && (status_tmp != false)) {
+		security_flag = SECURE_FLAG;
 	}
 
 	pm_arg[0] = (uint32_t)x1;

plat/xilinx/versal/versal_ipi.c

@@ -20,7 +20,7 @@ static const struct ipi_config versal_ipi_table[] = {
 	[IPI_ID_PMC] = {
 		.ipi_bit_mask = PMC_IPI_TRIG_BIT,
 		.ipi_reg_base = PMC_REG_BASE,
-		.secure_only = 0U,
+		.secure_only = IPI_SECURE_MASK,
 	},
 
 	/* A72 IPI */

plat/xilinx/versal_net/versal_net_ipi.c

@@ -26,7 +26,7 @@ static const struct ipi_config versal_net_ipi_table[IPI_ID_MAX] = {
 	[IPI_ID_PMC] = {
 		.ipi_bit_mask = PMC_IPI_TRIG_BIT,
 		.ipi_reg_base = IPI0_REG_BASE,
-		.secure_only = 0,
+		.secure_only = IPI_SECURE_MASK,
 	},
 
 	/* RPU0 IPI */