When -Wextra was added, the warning levels changed their meaning. Add a
description in the build option section and leave the security hardening
section as mostly a pointer to it.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Iabf2f598d0bf3e865c9b991c5d44d2acb9572bd5
TF-A is quite strict with warnings and redundant code. This flag
furthers this so it would be useful to have it. Add it to W=2 as it sets
off a few platforms which require a somewhat involved fix.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Id52b3d477b4ada7dd69a36101ab22c575ab4ef19
TF-A is more strict with compiler warnings in comparison to other
projects (notably Linux) for security and -Wextra enables a lot of
desirable warnings. This patch enables -Wextra by default (from W=1
previously) and reorganises the warning levels so that they can useful
when enabled and not just a build failure. This will help us move
towards fixing the warnings that are too many to fix at once and
enabling all W={1, 2} warnings.
The warning levels get new meanings:
* W=1: warnings we want the generic build to include but are too time
consuming to fix at the moment. They re-enable warnings taken out for
generic builds.
* W=2: warnings we want the generic build to include but cannot be
enabled due to external libraries.
* W=3: warnings that are informative but not necessary and generally too
verbose and frequently ignored.
Quality expectations for new contributions mean that generally they
should have no warnings up to W=2. To allow code to be developed with
them in mind, -Werror is disabled when W=x is set. This way enabling
warnings will not just fail the build due to technicalities we have and
contributors will be able to actually see if they get any.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Ieb15ddd635d458a956a34b0f9d0ea2f81b9c0745
The BL31 part has been there forever and the PSCI reference is neither
at section 3.3 or directly below. Update this to locate the section more
easily.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: I9a86e4ef13d1ac5da743917493f63ddd7690e087
Returning enum usb_status in an enum usb_action function is wrong as
they have different meanings. However, usb_dwc2_ep0_out_start() and
usb_dwc2_activate_setup() only return USBD_OK so we will never get to
there. Replace these checks with asserts in case the code changes in
future.
This also silences a warning when compiling with -Wextra.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: I73dfd5c189a357544c15ceb3f4268da82ce272b9
On release builds EMMC_TRACE doesn't expand to anything. Some
conditionals with no braces end up with empty bodies. This produces a
warning when compiling with -Werror=empty-body (enabled by -Wextra).
Since TF-A coding guidelines require braces to comply with MISRA
guidelines anyway, add them in the whole file.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Ib4e691efc7acdb8fb8692278c7a9772fc894f77f
secure_boot_api_f is defined to take uint32_t, uint32_t, and void *
parameters. However rom_secure_boot_api_f is defined to take uint32_t *,
uint32_t *, void *. These are incompatible and cause a warning when
compiling with -Wextra. Align the rom definition to the more generic
definition from where it's called.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: Ia030803b3c2335d220aff09fc0eef5c7615276aa
The api_version is checked in pm_setup() and an error is returned. The
smc handlers will not be registered on error so doing the check again is
redundant. This also silences a warning when compiling with -Wextra.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: I09395e6a20e3f6eb22a1f81ec2f6bdf034eeb4bf
TF-A wants to eventually enable -Wold-style-definition globally. Convert
the rare few instances where this is still the case.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: I9c450fc875cf097e6de2ed577ea3b085821c9f5e
Compiling with -Wimplicit-fallthrough=3 (enabled by -Wextra) produces
many warnings about fallthrough comments either missing or being wrong.
Unify the comments so we comply with -Wextra.
Note that Coverity recommends against using the __attribute__ directive.
Also, zlib does not build with a higher value of -Wimplicit-fallthrough.
Finally, compilers strip comments before expanding macros. As such,
checkpatch's fallthrough annotation (or higher levels of the flag) isn't
really possible.
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: I060cf4f8dc04c02cbb45cf4ceb69569a8369ccee
Remove the null-terminator of the string-like data items
from the RSS measurement's metadata. The 'version' and
'sw_type' items have an associated length value which
should not include a null-terminator when storing the
measurement.
Change-Id: Ia91ace2fff8b6f75686dd2e1862475268300bbdb
Signed-off-by: David Vincze <david.vincze@arm.com>
MISRA Violation: MISRA C-2012 Rule 17.7
- Check the return status of function pm_get_api_version
and return error in case of failure.
Signed-off-by: Naman Patel <naman.patel@amd.com>
Change-Id: I69fb000c04f22996da7965a09a1797c7bfaad252
Remove zeromem function as the array is already initialized
with value 0.
MISRA Violation: MISRA C-2012 Rule 9.1
- Initialize the array/variable with a value 0 to resolve
the misra warnings in pm_service component.
Signed-off-by: Naman Patel <naman.patel@amd.com>
Change-Id: I1a3d44a7ae4088a3034eb0119d82b99cd4617ccd
Remove high level logic hardware channel checking on HWMON
TEMP and VOLT read.
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Change-Id: I9102b7b4334cb95f0b622c498a6569328f534d42
sp_timer0 is not disabled in firewall on Agilex causing Zephyr is facing
issue to access the timer.
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Change-Id: I0099e200d6c9ca435f46393c6ed9cbe387870af0
Incorrect number of FPGA pinmux registers was copied from handoff data.
This caused pinmux_emac0_usefpga register to always be zero meaning
"EMAC0 uses HPS IO Pins" even if handoff data for this register was one
meaning "EMAC0 uses the FPGA Inteface".
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Change-Id: Ia0bd832c61d25f66ef13f39fe28b054cb96af9a1
Print out ERROR message when system face encounter SEU_ERR
Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com>
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I744afbca23b74b164e47472039b5d6fbe5c3c764
The deprecation was tagged "Next release after 2.8". Now there is a 2.9
planned, directly use this version.
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I0727eebc4a3800dafafc4166b0c2c40a12c90b4b
Update SPM threat model for possible threats, from malicious
endpoints, related to interrupt management. The mitigations
are based on the guidance provided in FF-A v1.1 EAC0 spec.
Change-Id: Ib9e26e3f1c60fe3a2734a67de1dcf1cea4883d38
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
Add details on how to run QEMU in OpenCI, and what tests are currently
supported.
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Change-Id: I291e4eb64a58c766519ff7dcac4841ae75c3934e
Revise the UART baud rate and clock for general platform build,
SIMIC build and EMU build.
Signed-off-by: Sieu Mun Tang <sieu.mun.tang@intel.com>
Change-Id: I62fefe7b96d5124e75d2810b4fbc1640422b1353
Cortex-X3 erratum 2615812 is a Cat B erratum that applies to revisions
r0p0, r1p0, and r1p1, and is still open. The workaround is to disable
the use of the Full Retention power mode in the core (setting
WFI_RET_CTRL and WFE_RET_CTRL in CORTEX_X3_IMP_CPUPWRCTLR_EL1 to 0b000).
SDEN can be found here:
https://developer.arm.com/documentation/SDEN2055130/latest
Change-Id: I5ad66df3e18fc85a6b23f6662239494ee001d82f
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Increases BL2 size to have room to enable security features (like
measurement and TPM).
Signed-off-by: Leo Yan <leo.yan@linaro.org>
Change-Id: Iba5e8923e2e154315499e9bfce2e0aff0ccc8f95
This patch documents the actions taken by Hafnium SPMC in response
to non-secure and secure interrupts.
Change-Id: I97687f188ca97aeb255e3e5b55d44ddf5d66b6e0
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
This patch documents the support for partition runtime models, call
chains and schedule modes in Hafnium SPMC.
Change-Id: I91d5718bb2c21d475499e402f6f27076930336cb
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
* changes:
docs: add top level section numbering
docs(build): clarify getting started section
docs(build): clarify docs building instructions
fix(docs): prevent a sphinx warning
fix(docs): prevent a virtual environment from failing a build
Top level sections are not numbered. Adding numbers makes referring to
sections easier. For example the Maintainers page changes from
"about/3.1" to simply "1.3.1".
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: If90a18ee8d6a6858d58f0687f31ea62b69399e04
