NS EL1 context save and restore is taken by SPMC upon entering and
exiting S-EL2
BREAKING CHANGE: Corresponding support is needed in Hafnium SPMC
Change-Id: I8524f1229b3e13c2df4e4b5be3f12436289c30c7
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
An "Incorrect expression (SIZEOF_MISMATCH)" bug was raised by coverity
on the memset for clearing the manifest structure. This patch resolves
that issue.
Signed-off-by: Harry Moulton <harry.moulton@arm.com>
Change-Id: I40431b972fc434d2b33f597813f22126d5d4cb70
This patch modifies the boot manifest to add console information to
be passed from EL3 to RMM.
Boot manifest version is bumped to v0.3
Signed-off-by: Harry Moulton <harry.moulton@arm.com>
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Change-Id: Iedc4e640fb7a4450ce5ce966ae76936d1b7b742d
For platforms that do not support EL3 interrupts, such as ones with
GICV2 controller, do not register handler for Group0 interrupt.
Change-Id: I34536c0db9806c7b4c12dd398c0e5c12119c7457
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
The current SPSR updation code as part of the SDEI interrupt handler
code is outdated. This patch replaces the legacy code with a call to
an up-to-date create_spsr()
Change-Id: I1f5fdd41dd14f4b09601310fe881fa3783d7f505
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Currently the EL2 part of the context structure (el2_sysregs_t), is
mostly feature dependent.
For instance, CTX_HCRX_EL2 is only needed when FEAT_HCX
(ENABLE_FEAT_HCX=1) is set, but the entry is unconditionally added
in the EL2 context structure and thereby consuming memory even in
build configurations where FEAT_HCX is disabled.
Henceforth, all such context entries should be coupled/tied with
their respective feature enables and be optimized away when unused.
This would reduce the context memory allocation for platforms, that
dont enable/support all the architectural features at once.
Further, converting the assembly context-offset entries into
a c structure relies on garbage collection of the linker
removing unreferenced structures from memory, as well as aiding
in readability and future maintenance.
Change-Id: I0cf49498ee3033cb6f3ee3810331121b26627783
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
Cortex-X4 erratum 2701112 is cat B erratum that applies to
revision r0p0 and is fixed in r0p1. This erratum affects
system configurations that do not use an Arm interconnect IP.
The workaround for this erratum is not implemented in EL3.
The erratum can be enabled/disabled on a platform level.
The flag is used when the errata ABI feature is enabled and can
assist the Kernel in the process of mitigation of the erratum.
SDEN Documentation:
https://developer.arm.com/documentation/SDEN2432808/latest
Change-Id: I8ede1ee75b0ea1658369a0646d8af91d44a8759b
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
* changes:
feat(drtm): update DRTM version to 1.0
feat(drtm): update references to DRTM beta0
feat(drtm): for TPM features fw hash algorithm should be 16-bits
feat(drtm): add ACPI table region size to the DLME header
feat(drtm): update return code if secondary PE is not off
feat(drtm): add additional return codes
Update all references to DRTM beta0 to be 1.0 instead.
Signed-off-by: Stuart Yoder <stuart.yoder@arm.com>
Change-Id: Ieda70f26f3be42f4705e9b267706674c94f120f2
The DRTM 1.0 spec defines an additional field in the DLME
header for an optional region in the DLME to hold ACPI tables.
Signed-off-by: Stuart Yoder <stuart.yoder@arm.com>
Change-Id: Idba7fa6bd0fb4ef2bdffc24f4588720e1661e58c
DRTM 1.0 specifies that if any secondary PEs are not off
during a dynamic launch the return code must be
SECONDARY_PE_NOT_OFF.
Signed-off-by: Stuart Yoder <stuart.yoder@arm.com>
Change-Id: Idcb1f3c60daa63a5bc994bdeacca8aab7066f628
Add additional return codes defined in the DRTM 1.0 spec.
Signed-off-by: Stuart Yoder <stuart.yoder@arm.com>
Change-Id: I1620e098edf4f070ac759a26ce3c7272faf2d8b2
Erratum ID 2701951 is an erratum that could affect platforms that
do not use an Arm interconnect IP. This was originally added to the list
of Cortex-A715 in the errata ABI files.
Fixed this by adding it to the Cortex-X3 list.
SDEN documentation:
https://developer.arm.com/documentation/2055130/latest
Change-Id: I6ffaf4360a4a2d0a23c253a2326c178e010c8e45
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
The workarounds for these below mentioned errata are not implemented
in EL3, but the flags can be enabled/disabled at a platform level
based on arm/non-arm interconnect IP flag. The ABI helps assist the
Kernel in the process of mitigation for the following errata:
Cortex-A715: erratum 2701951
Neoverse V2: erratum 2719103
Cortex-A710: erratum 2701952
Cortex-X2: erratum 2701952
Neoverse N2: erratum 2728475
Neoverse V1: erratum 2701953
Cortex-A78: erratum 2712571
Cortex-A78AE: erratum 2712574
Cortex-A78C: erratum 2712575
Change-Id: Ie86b7212d731a79e2a0c07649e69234e733cd78d
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
Errata ABI feature introduced per CPU based errata structures
in the errata_abi_main.c, these can be removed by re-using
the structures created by the errata framework.
Change-Id: I1a60d3e4f116b6254fb45426f43ff1b21771af89
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
Cortex-A715 erratum 2429384 is a cat B erratum that applies to
revision r1p0 and is fixed in r1p1. The workaround is to set
bit[27] of CPUACTLR2_EL1. There is no workaround for revision
r0p0.
SDEN can be found here:
https://developer.arm.com/documentation/SDEN2148827/latest
Change-Id: I3cdb1b71567542174759f6946e9c81f77d0d993d
Signed-off-by: Bipin Ravi <biprav01@u203721.austin.arm.com>
Cortex-X3 erratum 2372204 is a Cat B erratum that applies to revisions
r0p0 and r1p0. It is fixed in r1p1.
The workaround is to set bit[40] of CPUACTLR2_EL1 to disable folding
of demand requests into older prefetches with L2 miss requests
outstanding.
SDEN can be found here:
https://developer.arm.com/documentation/SDEN2055130/latest
Change-Id: Iad28f8625c84186fbd8049406d139d4f15c6e069
Signed-off-by: Bipin Ravi <biprav01@u203721.austin.arm.com>
This is an effort to optimise the unused members in the cpu_context_t
structure. TF-A statically allocates memory for context entry for
each wolrd per PE. Some of the members in this struct are not used
for all the build combinations.
RMM in particular, is not using this context member and henceforth
removing them.
Change-Id: Ia5bf9c8dfef6e856ba6d88fa678876c704d42858
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
Fixes a dangling pointer bug in `spmc_ffa_console_log`.
`chars` was assigned to an array which went out of scope at the end of
the `if`/`else` block.
The solution is to `memcmpy` from the temporary array into `chars`,
which is now an array.
Signed-off-by: Karl Meakin <karl.meakin@arm.com>
Change-Id: I67d19ea25d09b72f38fcc67dab4acf449aa8f1b1
A normal world caller can emit an SMC with the SVE hint bit set such
that the callee can perform an optimization by omitting to save/restore
the SVE context. Update the SPMD to pass this information to the SPMC
when set by the caller in the SMC flags parameter.
For now, restrict this behavior to the SPMC living at S-EL2.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: Icf46eb8a391dd3ddd2ee6aff8581a2f1c8a1c274
The toolchain refactor change introduces the `${toolchain}-${tool}-id`
variables, which provide identifiers for all of the toolchain tools used
by the build system. This change replaces the various conditions that
are in use to identify these tools based on the path with a standard set
of comparisons against these new identifier variables.
Change-Id: Ib60e592359fa6e415c19a012e68d660f87436ca7
Signed-off-by: Chris Kay <chris.kay@arm.com>
This change migrates the values of `CC`, `CPP`, `AS` and other toolchain
variables to the new `$(toolchain)-$(tool)` variables, which were
introduced by the toolchain refactor patch. These variables should be
equivalent to the values that they're replacing.
Change-Id: I644fe4ce82ef1894bed129ddb4b6ab94fb04985d
Signed-off-by: Chris Kay <chris.kay@arm.com>
Added SiP calls to FVP platform to protect/unprotect a
memory range.
These leverage rme features to change the PAS of a given
memory range from non-secure to secure.
The mentioned call is leveraged by the SPMC in the memory
sharing flow, when memory is shared from the normal world
onto the secure world.
More details in the SPM related patches.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Signed-off-by: J-Alves <joao.alves@arm.com>
Change-Id: Iaf15d8603a549d247ffb1fc14c16bfb94d0e178a
Cortex-A715 erratum 2561034 is a Cat B erratum that applies to
revision r1p0 and is fixed in r1p1.
The workaround is to set bit[26] in CPUACTLR2_EL1. Setting this
bit is not expected to have a significant performance impact.
SDEN documentation:
https://developer.arm.com/documentation/SDEN2148827/latest
Change-Id: I377f250a2994b6ced3ac7d93f947af6ceb690d49
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
The ChromeOS will use the SMC to pass some secrets from firmware to
optee.
Change-Id: Iaf3357d40a7ed22415926acd9d7979df24dd81f1
Signed-off-by: Yi Chou <yich@google.com>
Cortex X3 erratum 2641945 is a Cat B erratum that applies to all
revisions <= r1p0 and is fixed in r1p1.
The workaround is to disable the affected L1 data cache prefetcher
by setting CPUACTLR6_EL1[41] to 1. Doing so will incur a performance
penalty of ~1%. Contact Arm for an alternate workaround that impacts
power.
SDEN documentation:
https://developer.arm.com/documentation/2055130/latest
Change-Id: Ia6d6ac8a66936c63b8aa8d7698b937f42ba8f044
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Currently CTX_INCLUDE_MTE_REGS is used for dual purpose,
to enable allocation tags register and to context save and restore
them and also to check if mte feature is available.
To make it more meaningful, remove CTX_INCLUDE_MTE_REGS
and introduce FEAT_MTE. This would enable allocation tags register
when FEAT_MTE is enabled and also supported from platform.
Also arch features can be conditionally enabled disabled based on
arch version from `make_helpers/arch_features.mk`
Change-Id: Ibdd2d43874634ad7ddff93c7edad6044ae1631ed
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Add handling for FF-A 1.2 FFA_MSG_SEND_DIR_REQ2 interface.
Handler validates security states of sender/receiver pairs
and forwards the call to other world if necessary.
Signed-off-by: Kathleen Capella <kathleen.capella@arm.com>
Change-Id: I02a60362d8d9a50fcc0b6a84753cba274ba5eb1b
Cortex-A78C erratum 2683027 is a cat B erratum that applies to
revisions r0p1 - r0p2 and is still open. The workaround is to
execute a specific code sequence in EL3 during reset.
SDEN can be found here:
https://developer.arm.com/documentation/SDEN-2004089/latest
Change-Id: I2bf9e675f48b62b4cd203100f7df40f4846aafa8
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Cortex-X3 erratum 2266875 is a Cat B erratum that applies to
all revisions <= r1p0 and is fixed in r1p1. The workaround is to
set CPUACTLR_EL1[22]=1 which will cause the CFP instruction to
invalidate all branch predictor resources regardless of context.
SDEN Documentation:
https://developer.arm.com/documentation/2055130/latest
Change-Id: I9c610777e222f57f520d223bb03fc5ad05af1077
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Cortex-X3 erratum 2302506 is a cat B erratum that applies to
revisions r0p0-r1p1 and is fixed in r1p2. The workaround is to
set bit[0] of CPUACTLR2 which will force PLDW/PFRM ST to behave
like PLD/PRFM LD and not cause invalidation to other PE caches.
There might be a small performance degradation to this workaround
for certain workloads that share data.
SDEN can be found here:
https://developer.arm.com/documentation/2055130/latest
Change-Id: I048b830867915b88afa36582c6da05734a56d22a
Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Enable handoff to OP-TEE using transfer list.
Create transfer list when loading OP-TEE image via non-secure SMC call.
Fallback to default handoff args when transfer list is disabled or
transfer list signature does not exist.
Change-Id: I94bb5b7fdfbb8829016a9d5d9ef5aff993d7cc99
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
Add support for FFA_CONSOLE_LOG in EL3 SPMC,
Disallow forwarding FFA_CONSOLE_LOG across worlds.
Add support for FFA_CONSOLE_LOG in FFA_FEATURES.
Input parameters:
w0/x0 - FFA_CONSOLE_LOG_32/64
w1/x1 - Character count
w2/x2-w7/x7 - 24 or 48 characters depending upon whether a SMC32 or
SMC64 FID was used.
Output parameters in case of success:
w0/x0 - FFA_SUCCESS
Output parameters in case of error:
w0/x0 - FFA_ERROR
w2/x2 - NOT_SUPPORTED: ABI is not implemented
INVALID_PARAMETERS: Parameters are incorrectly encoded
Signed-off-by: Shruti Gupta <shruti.gupta@arm.com>
Change-Id: I004c043729e77d1b9aa396c42d25c73d9268169a
The Test Realm Package (TRP) is a small payload that runs at R-EL2 if an
external RMM image path is not provided. Currently, the TRP makefile is
included if RME is enabled, regardless of whether an external RMM
image path is defined or not. This fix ensures that TRP is included
only when an external RMM path is not defined.
Signed-off-by: Rohit Mathew <Rohit.Mathew@arm.com>
Change-Id: I3cc3d2a636e65071e45c5c82cc125290887ffc09
Cortex X3 erratum 2743088 is a Cat B erratum that applies to all
revisions <= r1p1 and is fixed in r1p2. The workaround is to add a DSB
instruction before the ISB of the powerdown code sequence specified in
the TRM.
SDEN documentation: https://developer.arm.com/documentation/2055130
Change-Id: I2c8577e3ca0781af8b1c3912e577d3bd77f92709
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
Currently, the registers which are maintained per-world, does not
take into account the reset value while configuring the context for
the respective world.
This leads to an issue, wherein the register retains the same value
across world switch, which is an error.
This patch addresses this problem, by configuring the register
(cptr_el3) precisely according to the world, the cpu is in
execution via resetting it before initializing the world specific context.
Change-Id: I592d82af373155fca67eed109c199341c305f0b9
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
Cortex-A520 erratum 2858100 is a Cat B erratum that applies to
all revisions <=r0p1 and is still open. The workaround is to
set bit[29] of CPUACTLR_EL1.
SDEN Documentation:
https://developer.arm.com/documentation/SDEN-2444153/latest
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I5a07163f919352583b03328abd5659bf7b268677
