GIC600 erratum 2384374 is a Category B erratum. Part 1 is fixed
in this patch, and the Part 1 failure mode is described as
'If the packet to be sent is a SET packet, then a higher priority SET
may not be sent when it should be until an unblocking event occurs.'
This is handled by calling gicv3_apply_errata_wa_2384374() in the
ehf_deactivate_priority() path, so that when EHF restores the priority
to the original priority, the interrupt packet buffered
in the GIC can be sent.
gicv3_apply_errata_wa_2384374() is the workaround for
the Part 2 of erratum 2384374 which flush packets from the GIC buffer
and is being used in this patch.
SDEN can be found here:
https://developer.arm.com/documentation/sden892601/latest/
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I4bb6dcf86c94125cbc574e0dc5119abe43e84731
Erratum ID 2701951 is an erratum that could affect platforms that
do not use an Arm interconnect IP. This was originally added to the list
of Cortex-A715 in the errata ABI files.
Fixed this by adding it to the Cortex-X3 list.
SDEN documentation:
https://developer.arm.com/documentation/2055130/latest
Change-Id: I6ffaf4360a4a2d0a23c253a2326c178e010c8e45
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
The workarounds for these below mentioned errata are not implemented
in EL3, but the flags can be enabled/disabled at a platform level
based on arm/non-arm interconnect IP flag. The ABI helps assist the
Kernel in the process of mitigation for the following errata:
Cortex-A715: erratum 2701951
Neoverse V2: erratum 2719103
Cortex-A710: erratum 2701952
Cortex-X2: erratum 2701952
Neoverse N2: erratum 2728475
Neoverse V1: erratum 2701953
Cortex-A78: erratum 2712571
Cortex-A78AE: erratum 2712574
Cortex-A78C: erratum 2712575
Change-Id: Ie86b7212d731a79e2a0c07649e69234e733cd78d
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
Errata ABI feature introduced per CPU based errata structures
in the errata_abi_main.c, these can be removed by re-using
the structures created by the errata framework.
Change-Id: I1a60d3e4f116b6254fb45426f43ff1b21771af89
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
* changes:
build(fpga): correctly handle gcc as linker for LTO
fix(build): enforce single partition for LTO build
fix(rockchip): add support for building with LTO enabled
Flush the FIFO before switching to runtime. This is so that there are
no lingering chars in the FIFO when we move to the runtime console.
TF-A plans to refactor the console_Switch_state(CONSOLE_FLAG_RUNTIME)
and console_flush() calls and make them the last calls in bl31_main()
(before BL31 exits). Until then they are being left as the last calls
in bl31_plat_runtime_setup() for testing before refactoring.
This patch only affects the Allwinner platform.
Change-Id: I15b4a459a280822a01c60e3b0c856b530db6efab
Signed-off-by: Salman Nabi <salman.nabi@arm.com>
Any BL31 setup and Runtime initialization within BL31 is still part of
the BOOT process. As such, the console flush and switch must be the
last calls before BL31 exit. Flush the console print buffer before
switching to runtime. This is so that there is no lingering chars in
the print buffer when we move to the runtime console.
This patch adds console flush before switching to runtime in
bl31_plat_runtime_setup() function (before BL31 exits). The plan is to
move flush and switch calls to bl31_main before BL31 exits, until then
console_flush() in bl31_main.c has been left as is.
This patch affects the Arm platform only.
Change-Id: I4d367b9e9640686ac15246ad24318ae4685c12c5
Signed-off-by: Salman Nabi <salman.nabi@arm.com>
TF-A plans to move console_flush() and
console_switch_state(CONSOLE_FLAG_RUNTIME) to the end of bl31_main()
before BL31 exits.
Add console_flush() in the generic implementation of
bl31_plat_runtime_setup() call so that platforms can implement or
follow the generic pattern to test this implementation before
console_flush() and console_switch_state() move to bl31_main().
This patch affects the generic implementation of
bl31_plat_runtime_setup()
Change-Id: I92b4176022bfb84558dec5a83386e8ecef49516a
Signed-off-by: Salman Nabi <salman.nabi@arm.com>
* changes:
style(fwu): change the metadata fields to align with specification
style(partition): use GUID values for GPT partition fields
feat(st): add logic to boot the platform from an alternate bank
feat(st): add a function to clear the FWU trial state counter
feat(fwu): add a function to obtain an alternate FWU bank to boot
feat(fwu): add some sanity checks for the FWU metadata
feat(fwu): modify the check for getting the FWU bank's state
feat(st): get the state of the active bank directly
feat(fwu): add a config flag for including image info in the FWU metadata
feat(fwu): migrate FWU metadata structure to version 2
feat(fwu): document the config flag for including image info in the FWU metadata
feat(fwu): update the URL links for the FWU specification
* changes:
refactor(sgi): replace references to "SGI"/"sgi" for neoverse_rd
refactor(sgi): rename "CSS_SGI"" macro prefixes to "NRD"
refactor(sgi): move apis and types to "nrd" prefix
refactor(sgi): replace build-option prefix to "NRD"
refactor(sgi): move neoverse_rd out of css
refactor(sgi): move from "sgi" to "neoverse_rd"
feat(sgi): remove unused SGI_PLAT build-option
fix(sgi): align to misra rule for braces
feat(rde1edge): remove support for RD-E1-Edge
fix(rdn2): populate TOS_CONFIG only when SPMC_AT_EL3 is enabled
fix(board): update spi_id max for sgi multichip platforms
Cortex-A715 erratum 2429384 is a cat B erratum that applies to
revision r1p0 and is fixed in r1p1. The workaround is to set
bit[27] of CPUACTLR2_EL1. There is no workaround for revision
r0p0.
SDEN can be found here:
https://developer.arm.com/documentation/SDEN2148827/latest
Change-Id: I3cdb1b71567542174759f6946e9c81f77d0d993d
Signed-off-by: Bipin Ravi <biprav01@u203721.austin.arm.com>
* changes:
docs(maintainers): add the maintainers for imx8ulp
docs(imx8ulp): add imx8ulp platform
fix(imx8ulp): increase the mmap region num
feat(imx8ulp): adjust the dram mapped region
feat(imx8ulp): ddrc switch auto low power and software interface
feat(imx8ulp): add some delay before cmc1 access
feat(imx8ulp): add a flag check for the ddr status
fix(imx8ulp): add sw workaround for csi/hotplug test hang
feat(imx8ulp): adjust the voltage when sys dvfs enabled
feat(imx8ulp): enable the DDR frequency scaling support
fix(imx8ulp): fix suspend/resume issue when DBD owner is s400 only
feat(imx8ulp): update XRDC for ELE to access DDR with CA35 DID
feat(imx8ulp): add memory region policy
feat(imx8ulp): protect TEE region for secure access only
feat(imx8ulp): add trusty support
feat(imx8ulp): add OPTEE support
feat(imx8ulp): update the upower config for power optimization
feat(imx8ulp): allow RTD to reset APD through MU
feat(imx8ulp): not power off LPAV PD when LPAV owner is RTD
feat(imx8ulp): add system power off support
feat(imx8ulp): add APD power down mode(PD) support in system suspend
feat(imx8ulp): add the basic support for idle & system suspned
feat(imx8ulp): enable 512KB cache after resume on imx8ulp
feat(imx8ulp): add the initial XRDC support
feat(imx8ulp): allocated caam did for the non secure world
feat(imx8ulp): add i.MX8ULP basic support
build(changelog): add new scopes for nxp imx8ulp platform
feat(scmi): add scmi sensor support
Change the names of some FWU metadata structure members to have them
align with the wording used in the corresponding specification. Use
the GUID type instead of UUID as the fields described in the
specification are GUIDs. Make corresponding changes to the code that
accesses these fields. No functional changes are introduced by the
patch.
Change-Id: Id3544ed1633811b0eeee2bf99477f9b7e6667044
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
The GPT partition uses GUID values for identification of partition
types and partitions. Change the relevant functions to use GUID values
instead of UUID's.
Change-Id: I30df66a8a02fb502e04b0285f34131b65977988e
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
In a few scenarios, there is a need to boot the platform from an
alernate bank which is not the active bank. Call the API
fwu_get_alernate_boot_bank() to select an alternate bank to boot the
platform from. Calling this API function might be required in a couple
of cases. One, in the unlikely scenario of the active bank being in an
invalid state, or if the number of times the platform boots in trial
state exceeds a pre-set count.
Also add a debug print that indicates the bank that
the platform is booting from.
Change-Id: I688406540e64d1719af8d5c121821f5bb6335c06
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Add an API stm32_clear_fwu_trial_boot_cnt() function to clear the
trial state counter. This is called in the corner case scenario when
the active index is in an Invalid state, thus needing a reset of the
trial state counter.
Change-Id: I2980135da88d0d947c222655c7958b51eb572d69
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Add a function fwu_get_alternate_boot_bank() to return a valid bank to
boot from. This function can be called by a platform to get an
alternate bank to try to boot the platform in the unlikely scenario of
the active bank being in an invalid state, or if the number of times
the platform boots in trial state exceeds a pre-set count.
Change-Id: I4bcd88e68e334c452882255bf028e01b090369d1
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Add some sanity checks on the values read from the FWU metadata
structure. This ensures that values in the metadata structure are
inline with certain config symbol values.
Change-Id: Ic4415da9048ac3980f8f811ed7852beb90683f7d
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
The version 2 of the FWU metadata structure has a field bank_state in
the top level of the structure which can be used to check if a given
bank is in the either of Trial State, Accepted State, or in an Invalid
State. This is different from the binary states of Valid/Accepted
States that the bank could be in, as defined in the earlier version of
the specification.
Replace the fwu_is_trial_run_state() API with
fwu_get_active_bank_state() to get the state the current active bank
is in. The value returned by this API is then used by the caller to
take appropriate action.
Change-Id: I764f486840a3713bfe5f8e03d0634bfe09b23590
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
With version 2 of the FWU metadata structure, the state that a bank is
in can be obtained from the bank_state field in the top level
structure. Read the state of the active bank by referencing this field
directly, instead of making an API call.
Change-Id: Ib22c56acbe172923b1323c544801ded81f1598ec
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
The version 2 of the FWU metadata structure is designed such that the
information on the updatable images can be omitted from the metadata
structure. Add a configuration flag, PSA_FWU_METADATA_FW_STORE_DESC,
which is used to select whether the metadata structure has this
information included or not. It's value is set to 1 by default.
Change-Id: I4463a20c94d2c745ddb0b2cc8932c12d418fbd42
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
The latest version of the FWU specification [1] has changes to the
metadata structure. This is version 2 of the structure.
Primary changes include
- bank_state field in the top level structure
- Total metadata size in the top level structure
- Image description structures now optional
- Number of banks and images per bank values part of the structure
Make changes to the structure to align with version 2 of the structure
defined in the specification. These changes also remove support for
version 1 of the metadata structure.
[1] - https://developer.arm.com/documentation/den0118/latest/
Change-Id: I84b4e742e463cae92375dde8b4603b4a581d62d8
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
The version 2 of the FWU metadata structure is designed such that the
information on the updatable images can be omitted from the metadata
structure. Add a config flag, PSA_FWU_METADATA_FW_STORE_DESC, which is
used to select whether the metadata structure has this information
included or not. It's value is set to 1 by default.
Change-Id: Id6c99455db768edd59b0a316051432a900d30076
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Update the links for accessing the FWU Multi Bank update specification
to point to the latest revision of the specification.
Change-Id: I25f35556a94ca81ca0a7463aebfcbc2d84595e8f
Signed-off-by: Sughosh Ganu <sughosh.ganu@linaro.org>
Flush the FIFO before switching to runtime. This is so that there are
no lingering chars in the FIFO when we move to the runtime console.
TF-A plans to refactor the console_Switch_state(CONSOLE_FLAG_RUNTIME)
and console_flush() calls and make them the last calls in bl31_main()
(before BL31 exits). Until then they are being left as the last calls
in bl31_plat_runtime_setup() for testing before refactoring.
This patch affects the QEMU platform only.
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
Change-Id: I6188d73dd3f3c97f41bb25de543f8c46a972adf0
Datastore symbol used by EL3 SPMC is not relocated at
boot time when using ENABLE_PIE=1.
Use linker script markers instead of symbol.
Signed-off-by: Shruti Gupta <shruti.gupta@arm.com>
Change-Id: If22d2fc8deacc74c73d7dc51bb70093935d9fa2b
Cortex-X3 erratum 2372204 is a Cat B erratum that applies to revisions
r0p0 and r1p0. It is fixed in r1p1.
The workaround is to set bit[40] of CPUACTLR2_EL1 to disable folding
of demand requests into older prefetches with L2 miss requests
outstanding.
SDEN can be found here:
https://developer.arm.com/documentation/SDEN2055130/latest
Change-Id: Iad28f8625c84186fbd8049406d139d4f15c6e069
Signed-off-by: Bipin Ravi <biprav01@u203721.austin.arm.com>
For a feature to be used at lower ELs, EL3 generally needs to disable
the trap so that lower ELs can access the system registers associated
with the feature. Lower ELs generally check ID registers to dynamically
detect if a feature is present (in HW) or not while EL3 Firmware relies
statically on feature build macros to enable a feature.
If a lower EL accesses a system register for a feature that EL3 FW is
unaware of, EL3 traps the access and panics. This happens mostly with
EL2 but sometimes VMs can also cause EL3 panic.
To provide platforms with capability to mitigate this problem, UNDEF
injection support has been introduced which injects a synchronous
exception into the lower EL which is supposed to handle the
synchronous exception.
The current support is only provided for aarch64.
The implementation does the following on encountering sys reg trap
- Get the target EL, which can be either EL2 or EL1
- Update ELR_ELx with ELR_EL3, so that after UNDEF handling in lower EL
control returns to original location.
- ESR_ELx with EC_UNKNOWN
- Update ELR_EL3 with vector address of sync exception handler with
following possible causes
- Current EL with SP0
- Current EL with SPx
- Lower EL using AArch64
- Re-create SPSR_EL3 which will be used to generate PSTATE at ERET
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I1b7bf6c043ce7aec1ee4fc1121c389b490b7bfb7
Following utility functions/bit definitions done
- Write a helper function to return the presence of following features
- FEAT_UAO
- FEAT_EBEP
- FEAT_SEBEP
- FEAT_SSBS
- FEAT_NMI
- FEAT_PAN
- Add definition of some missing bits of SPSR.
- Add GCSCR_EL1 register encoding and accessor function.
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ifcead0dd8e3b32096e4ab810dde5d582a889785a
This change updates the Node Version Manager version file to the latest
long-term release version of Node.js, v20.11.1, and the Node.js Package
Manager package file to require Node.js version v20 or later.
Additionally, all Node.js modules have been updated, as some packages
required additional accommodations to be made compatible with this
version of Node.js.
As part of this, the `.commitlintrc.js` has been rewritten from CommonJS
to ECMAScript. There should be no impact on the behaviour of Commitlint,
but this was was a requirement to allow Commitlint to continue using it
for configuration.
Change-Id: I7043faabc516c58edda9e58848b0569e2158b271
Signed-off-by: Chris Kay <chris.kay@arm.com>
While loading partition entries, calculate CRC using tf_crc32() for each
entry to find the full CRC value of the partition entry array.
The start of the GPT partition entry array is located at the LBA
indicated by the partition entry array LBA field in the GPT header. The
size of the partition entry array is indicated by the size of partition
entry multiplied by the number of partition entries.
Compare the calculated CRC with the partition entry array CRC in the GPT
header, error out if the values do not match.
Change-Id: I4bfed8cf903125c1ef3fac2f0f4c0fb87d63aa78
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
Alter the function parameter to pass the full GPT header to be filled
instead of the starting LBA of the array of partion entries to
load_partition_gpt()
Change-Id: Ib3dde62d5b9996e74157714634bea748bd3b55aa
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
* changes:
refactor(tc): correlate secure world addresses with platform_def
feat(tc): add memory node in the device tree
feat(tc): pass the DTB address to BL33 in R0
feat(tc): add arm_ffa node in dts
chore(tc): add dummy entropy to speed up the Linux boot
feat(tc): choose the DPU address and irq based on the target
feat(tc): add SCMI power domain and IOMMU toggles
refactor(tc): move the FVP RoS to a separate file
feat(tc): factor in FVP/FPGA differences
feat(tc): introduce an FPGA subvariant and TC3 CPUs
feat(tc): add TC3 platform definitions
refactor(tc): sanitise the device tree
feat(tc): add PMU entry
feat(tc): allow booting from DRAM
chore(tc): remove unused hdlcd
feat(tc): add firmware update secure partition
feat(tc): add spmc manifest with trusty sp
refactor(tc): unify all the spmc manifests
feat(arm): add trusty_sp_fw_config build option
fix(tc): do not enable MPMM and Aux AMU counters always
fix(tc): correct interrupts
feat(tc): interrupt numbers for `smmu_700`
feat(tc): enable gpu/dpu scmi power domain and also gpu perf domain
