Commit graph

424 commits

Author SHA1 Message Date
Govindraj Raja
0a33adc058 refactor(mte): deprecate CTX_INCLUDE_MTE_REGS
Currently CTX_INCLUDE_MTE_REGS is used for dual purpose,
to enable allocation tags register and to context save and restore
them and also to check if mte feature is available.

To make it more meaningful, remove CTX_INCLUDE_MTE_REGS
and introduce FEAT_MTE. This would enable allocation tags register
when FEAT_MTE is enabled and also supported from platform.

Also arch features can be conditionally enabled disabled based on
arch version from `make_helpers/arch_features.mk`

Change-Id: Ibdd2d43874634ad7ddff93c7edad6044ae1631ed
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
2024-01-23 11:58:55 -06:00
Chris Kay
86e489c190 build: add --no-warn-rwx-segments when linking with GCC
This flag is currently not included when linking with BFD via GCC.
Without it, builds can fail when linking via GCC.

Change-Id: Id37e05f6fb4eea4620861eb1bc8668c41f21ba20
Signed-off-by: Chris Kay <chris.kay@arm.com>
2024-01-18 13:58:03 +00:00
Chris Kay
781cb31439 build: always use the C compiler to preprocess
We're a bit inconsistent about which tool we use to preprocess source
files; in some places we use `$(CC) -E` whilst in others we use `cpp`.

This change forces all invocations of the C preprocessor to use the
first scheme, which ensures that the preprocessor behaves the same way
as the C compiler used when compiling C source files.

Change-Id: Iede2f25ff86ea8b43d7a523e32648058d5023832
Signed-off-by: Chris Kay <chris.kay@arm.com>
2024-01-18 13:58:03 +00:00
Juan Pablo Conde
bfef8b908e feat(context-mgmt): report context memory usage
This patch provides a reporting functionality to display the memory
consumed by the context in each security state and for each exception
level. Flag PLATFORM_REPORT_CTX_MEM_USE enables or disables this
feature.

Change-Id: I1515366bf87561dcedf2b3206be167804df681d4
Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
2023-12-29 14:37:14 +00:00
Arvind Ram Prakash
9acff28ae4 build(mpam): add new build option CTX_INCLUDE_MPAM_REGS
New build option CTX_INCLUDE_MPAM_REGS is added to select
if the firmware needs to save the MPAM EL2 registers during world
switches. This option is currently disabled as MPAM is only
enabled for NS world.

Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: Ie2e5e184cdb65f7e1a98d8fe81590253fd859679
2023-12-27 11:50:41 -06:00
André Przywara
8ddb02d5af Merge changes from topic "fix-lto-build" into integration
* changes:
  fix(build): don't generate build-id
  fix(build): add forgotten BL_LDFLAGS to lto command line
  feat(build): check that .text section starts at page boundary
2023-11-30 16:36:40 +01:00
Mark Dykes
ad8669426e Merge "feat(security): add support for SLS mitigation" into integration 2023-11-29 00:11:29 +01:00
Bipin Ravi
538516f5d3 feat(security): add support for SLS mitigation
This patch enables support for the gcc compiler option "-mharden-sls",
the default is not to use this option. Setting HARDEN_SLS=1 sets
"-mharden-sls=all" that enables all hardening against straight line
speculation.

Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: I59f5963c22431571f5aebe7e0c5642b32362f4c9
2023-11-21 15:27:00 -06:00
Manish V Badarkhe
878354a845 refactor(rss)!: remove PLAT_RSS_NOT_SUPPORTED build option
Removed the PLAT_RSS_NOT_SUPPORTED build option, which was initially
introduced for building the Base AEM FVP platform platform with RSS.
However, we now have a well-defined TC2 platform with RSS, making it
unnecessary to keep this flag.

Note -
Theoretically this is a breaking change. Other platforms could be
using the PLAT_RSS_NOT_SUPPORTED build option. Among upstream platforms,
only the Base AEM FVP uses it right now but we don't know about
downstream platforms.

Change-Id: I931905a4c6ac1ebe3895ab6e0287d0fa07721707
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
2023-11-13 16:30:21 +00:00
Arvind Ram Prakash
183329a584 refactor(cm): introduce INIT_UNUSED_NS_EL2 macro
Introducing INIT_UNUSED_NS_EL2 macro which guards the code that
disables the unused EL2 when a platform hands off from EL3
to NS-EL1 instead of NS-EL2. Platforms without NS-EL2 in use
must enable this flag.

BREAKING CHANGE: Initialisation code for handoff from EL3 to NS-EL1
disabled by default. Platforms which do that need to enable this macro
going forward

Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I61431cc4f7e2feb568d472828e5fd79cc73e51f5
2023-11-06 22:57:16 +01:00
Andrey Skvortsov
49ba1df522 fix(build): add forgotten BL_LDFLAGS to lto command line
as a result of missing BL_LDFLAGS '-Wl,--sort-section=alignment' was
missing in link arguments for bl31.

Signed-off-by: Andrey Skvortsov <andrej.skvortzov@gmail.com>
Change-Id: I78878e49da21fdc565abb3072e4abaf9face49f4
2023-11-06 23:22:25 +03:00
Manish Pandey
f87e54f73c fix(ras): remove RAS_FFH_SUPPORT and introduce FFH_SUPPORT
This patch removes RAS_FFH_SUPPORT macro which is the combination of
ENABLE_FEAT_RAS and HANDLE_EA_EL3_FIRST_NS. Instead introduce an
internal macro FFH_SUPPORT which gets enabled when platforms wants
to enable lower EL EA handling at EL3. The internal macro FFH_SUPPORT
will be automatically enabled if HANDLE_EA_EL3_FIRST_NS is enabled.
FFH_SUPPORT along with ENABLE_FEAT_RAS will be used in source files
to provide equivalent check which was provided by RAS_FFH_SUPPORT
earlier. In generic code we needed a macro which could abstract both
HANDLE_EA_EL3_FIRST_NS and RAS_FFH_SUPPORT macros that had limitations.
Former was tied up with NS world only while the latter was tied to RAS
feature.

This is to allow Secure/Realm world to have their own FFH macros
in future.

Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ie5692ccbf462f5dcc3f005a5beea5aa35124ac73
2023-11-01 17:45:56 +00:00
Harrison Mutai
72f027c335 fix(build): convert tabs and ifdef comparisons
Make interprets lines prefixed with the tab characters as recipes
(commands to run in the shell). Convert the use of ifdef as this
incorrectly interprets when a flag is disabled i.e.
`ENABLE_FEAT_MPAM=0`.

Change-Id: I5173d18a20ef0e3ffc32f0ffb1e70dc30aa4c4a9
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
2023-10-31 20:46:08 +01:00
Govindraj Raja
f0c813b7e8 build(refactor): avoid ifdef comparison
During build 'ENABLE_SPE_FOR_NS=0' is a valid build option however
using ifdef would incorrectly translate this as enabled.

Change-Id: I1c516fb68f6e382bb83c578e499cbb86869d9eca
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
2023-10-30 18:23:23 +02:00
Govindraj Raja
fb7301170e refactor(build): reorder arch features handling
With commit@f5211420b(refactor(cpufeat): refactor arch feature build
options all mandatory options are enabled with
'make_helpers/arch_features.mk'

However the commit makes it impossible for enabling of mandatory
features through command line and platform make files, So re-order
handling of mandatory features in 'make_helpers/arch_features.mk'

Use below order to enable mandatory features.

1.) first enable mandatory features by arch major/minor
2.) check if features were not earlier defined in platform makefile or
through cmdline if defined earlier don't initialise them to '0' but
retain their values from prior initialisation.

Change-Id: Icea3180c9dda0cd6e0b59316add9f3290ae51972
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
2023-10-30 10:34:44 -05:00
Govindraj Raja
3547270f59 refactor(build): reorder platform Makefile evaluation
Commit(f5211420b refactor(cpufeat): refactor arch feature build
options) ensures mandatory arch features are enabled based on
ARM_ARCH_MAJOR and ARM_ARCH_MINOR, which would be expected to be
provided from platform makefile. However it missed ensuring platform
makefile is included before parsing and enabling any mandatory arch
features.

Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Change-Id: Ia0ccb7d73b2d24c87d3d235babed4704230bec28
2023-10-30 10:34:44 -05:00
Manish Pandey
0e1dc0f2bc Merge "fix(mpam): refine MPAM initialization and enablement process" into integration 2023-10-25 19:14:06 +02:00
Arvind Ram Prakash
edebefbcbc fix(mpam): refine MPAM initialization and enablement process
Restricts MPAM to only NS world and enables trap to EL3 for access of
MPAM registers from lower ELs of Secure and Realm world.

This patch removes MPAM enablement from global context and adds it to
EL3 State context which enables/disables MPAM during world switches.
Renamed ENABLE_MPAM_FOR_LOWER_ELS to ENABLE_FEAT_MPAM and
removed mpam_init_el3() as RESET behaviour is trapping.

Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
Change-Id: I131f9dba5df236a71959b2d425ee11af7f3c38c4
2023-10-25 09:04:29 -05:00
Govindraj Raja
1ca73b4f4a fix(build): convert tabs to spaces
Convert any used tabs in arch_features.mk to spaces to avoid makefile
build issues. Only recipes should be indented with tabs.

ENABLE_TRBE_FOR_NS should be enabled only for aarch64 but accidentally
its enabled for aarch32 as well in FVP makefile.

Change-Id: Iee913a04d6b60a4738183a17421754c2638e8e6d
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
2023-10-23 08:12:30 -05:00
Harrison Mutai
430be4396b fix(build): pass parameters through response files
CMD.exe limits prompts to 8191 characters [1], unfortunately our command
line lengths when building with make get really long and in certain
instances exceed this limit. Get around this by passing options to the
compiler and linker via the response file mechanism.

[1] https://learn.microsoft.com/en-us/troubleshoot/windows-client/shell-experience/command-line-string-limitation

Change-Id: I6fee83c5892542f887daf25227fcb595a36f26b9
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
2023-10-19 15:35:59 +01:00
Nishant Sharma
801cd3c84a feat(el3-spmc): add a flag to enable support to load SEL0 SP
Introduce a build flag for enabling the support for loading SEL0 SP in
EL3 SPMC.

Signed-off-by: Nishant Sharma <nishant.sharma@arm.com>
Change-Id: I1d63ae4d0d8374a732113565be90d58861506e39
2023-10-12 10:35:57 +01:00
Sandrine Bailleux
85bebe18da refactor(console): disable getc() by default
The ability to read a character from the console constitutes an attack
vector into TF-A, as it gives attackers a means to inject arbitrary
data into TF-A. It is dangerous to keep that feature enabled if not
strictly necessary, especially in production firmware builds.

Thus, we need a way to disable this feature. Moreover, when it is
disabled, all related code should be eliminated from the firmware
binaries, such that no remnant/dead getc() code remains in memory,
which could otherwise be used as a gadget as part of a bigger security
attack.

This patch disables getc() feature by default. For legitimate getc()
use cases [1], it can be explicitly enabled by building TF-A with
ENABLE_CONSOLE_GETC=1.

The following changes are introduced when getc() is disabled:

- The multi-console framework no longer provides the console_getc()
  function.

- If the console driver selected by the platform attempts to register
  a getc() callback into the multi-console framework then TF-A will
  now fail to build.

  If registered through the assembly function finish_console_register():
  - On AArch64, you'll get:
      Error: undefined symbol CONSOLE_T_GETC used as an immediate value.
  - On AArch32, you'll get:
      Error: internal_relocation (type: OFFSET_IMM) not fixed up

  If registered through the C function console_register(), this requires
  populating a struct console with a getc field, which will trigger:
    error: 'console_t' {aka 'struct console'} has no member named 'getc'

- All console drivers which previously registered a getc() callback
  have been modified to do so only when ENABLE_CONSOLE_GETC=1.

[1] Example of such use cases would be:
    - Firmware recovery: retrieving a golden BL2 image over the console in
      order to repair a broken firmware on a bricked board.
    - Factory CLI tool: Drive some soak tests through the console.

Discussed on TF-A mailing list here:
https://lists.trustedfirmware.org/archives/list/tf-a@lists.trustedfirmware.org/thread/YS7F6RCNTWBTEOBLAXIRTXWIOYINVRW7/

Change-Id: Icb412304cd23dbdd7662df7cf8992267b7975cc5
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Acked-by: Baruch Siach <baruch@tkos.co.il>
2023-10-11 08:40:14 +02:00
Manish V Badarkhe
5782b890d2 feat(mbedtls-psa): introduce PSA_CRYPTO build option
This is a preparatory patch to provide MbedTLS PSA Crypto
API support, with below changes -

1. Added a build macro PSA_CRYPTO to enable the MbedTLS PSA
   Crypto API support in the subsequent patches.
2. Compile necessary PSA crypto files from MbedTLS source code
   when PSA_CRYPTO=1.

Also, marked PSA_CRYPTO as an experimental feature.

Change-Id: I45188f56c5c98b169b2e21e365150b1825c6c450
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
2023-10-04 08:51:40 +01:00
Raymond Mao
3ba2c15147 feat(handoff): introduce firmware handoff library
Add transfer list APIs and firmware handoff build option.

Change-Id: I68a0ace22c7e50fcdacd101eb76b271d7b76d8ff
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
2023-09-22 10:56:51 +01:00
Govindraj Raja
8b2048c1c0 fix(cpufeat): move nested virtualization support to optionals
Commit(f5211420b refactor(cpufeat): refactor arch feature build
options) accidentally added nested virtualization support to mandatory
8.4 features move this to optional 8.4 features list.

Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
Change-Id: I3eb84ea489b6a5cc419359bc056aaadcced0ad0e
2023-09-19 08:46:09 -05:00
Govindraj Raja
f5211420b5 refactor(cpufeat): refactor arch feature build options
Current build infra defaults all cpufeats in defaults.mk and some
mandatory features are enabled in arch_features.mk and optional
arch features are enabled in platform specific makefile.
This fragmentation is sometime confusing to figure out which feature
is tied to which ARCH_MAJOR.ARCH_MINOR.

So, consolidating and grouping them for tracking and enabling makes
more sense. With this change we consolidate all ARCH feature handling
within arch_features.mk and disable all optional features that need
to be enabled to platform makefile.

This is an ongoing series of effort to consolidate and going forward
platform makefile should just specify ARCH_MAJOR and ARCH MINOR and
all mandatory feature should be selected based on arch_features.mk
any optional feature needed by the platform support can be enabled
by platform makefile.

It also makes it easier for platform ports to look upto arch_features.mk
and enable any optional feature that platform may need which are
supported from TF-A.

Change-Id: I18764008856d81414256b6cbabdfa42a16b8040d
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
2023-09-15 14:53:08 +02:00
Manish V Badarkhe
f1cb5bd190 fix(tbbr): unrecognised 'tos-fw-key-cert' option
CCA CoT uses 'core-swd-cert' for signing all secure software, so when
using cert_create tool to generate its certificate, it throws an
error:  "tools/cert_create/cert_create: unrecognized option
'--tos-fw-key-cert'".
The issue has not been seen so far since "SPM+RME+TBB+Measured-Boot"
combination is not tested in CI/local-setup. It is now resolved by
guarding usage of '--tos-fw-key-cert' for non-CCA CoTs.

Change-Id: I5e61d851a71c251920171cf410cbd0129e0e0aad
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
2023-09-07 11:14:52 +01:00
Chris Kay
bb22fb8402 build: sort bootloader image sources
To avoid duplicate symbol errors when compiling bootloader images which
pull in the same source file multiple times, sort source files before
generating bootloader image build rules in order to remove duplicates.

Change-Id: I03a60d9f752f8fe85f17ec14e265fd4a6223de32
Signed-off-by: Chris Kay <chris.kay@arm.com>
2023-08-29 15:03:21 +02:00
Chris Kay
1ab8c10909 build: allow platform-defined flags
Similarly to the earlier patch enabling BL-specific additions to include
directories, preprocessor definitions and toolchain flags, this change
allows platforms to add options common to all images.

This is required because some platforms inject dependencies via the
`<platform_def.h>` header, and we don't currently have a clean way to
model that in build system code.

Change-Id: Ib0b38f9236cba6f56745cb3c756dfc81547da8bd
Signed-off-by: Chris Kay <chris.kay@arm.com>
2023-08-29 15:03:11 +02:00
Raghu Krishnamurthy
890b508820 feat(spmd): add spmd logical partitions
Add header file to help with creation of SPMD logical partitions. Also
update linker files to create sections to record SPMD logical partitions
declared. This follows the same pattern as the EL3 SPMC's logical
partitions. This patch also adds initialization of SPMD logical
partitions when the SPMD comes up.
ENABLE_SPMD_LP is a build flag that is used to enable support for
SPMD logical partitions.
Note that the approach chosen is to keep SPMD and SPMC logical
partition support separate, as opposed to extend the existing SPMC
logical partition support since the code would need to have a number of
ifdefs and the interactions with various build options such as
SPMC_AT_EL3 needs to be accounted for, which would make code more
complicated.

Signed-off-by: Raghu Krishnamurthy <raghu.ncstate@gmail.com>
Change-Id: I9642ddbf6ea26dd3f4a283baec598d61c07e3661
2023-08-03 07:03:13 -07:00
Maksims Svecovs
4d0b66323b feat(mte): adds feature detection for MTE_PERM
Adds feature detection for v8.9 feature FEAT_MTE_PERM. Adds respective
ID_AA64PFR2_EL1 definitions and ENABLE_FEAT_MTE_PERM define.

Change-Id: If24b42f1207154e639016b0b840b2d91c6ee13d4
Signed-off-by: Maksims Svecovs <maksims.svecovs@arm.com>
Signed-off-by: Harrison Mutai <harrison.mutai@arm.com>
2023-07-20 09:00:22 +01:00
Govindraj Raja
7794d6c8f8 feat(build): march option selection
Current build infra uses ARM_ARCH_MAJOR/MINOR to come up with march
version and uses that march version with the compiler.

However in certain situations this is not ideal, like for example when
we build with gcc-11 which supports only till march=armv8.5 but
we need to build for 8.8 build, this means we need to bump down
MAJOR/MINOR and we can't rely on major and minor values from the
platform to select march value and build infra doesn't even try
to compile and fails with not supported MAJOR/MINOR.

By adding a march build helper we try to check if compiler supports
given march value from MAJOR/MINOR values from platform, if compiler
doesn't support then we try to check what's the max or best supported
march version by compiler and choose that march value and try to
compile with that.

This is a supportive mechanism which will decouple march reliance on
MAJOR/MINOR values from platform and will pave way for setting up
enabling of features based on MAJOR/MINOR without worrying about the
compiler not supporting given MAJOR/MINOR.

Also in TF-A we use generic instructions without much reliance or need
for exact march necessity. So enabling and building features from
armv-8.8 using an armv-8.5 march value is still going to be fine.

Please note: Platforms are free to freeze their march values using
`MARCH_DIRECTIVE`. In absence of this define we are going to poke
the compiler and come up with a potential march value.

Change-Id: I673061a269ec9018ff12e75dc375979f5e33b7d1
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
2023-07-03 14:24:40 -05:00
Govindraj Raja
d4089fb8d8 refactor(build): merge march32/64 directives
Both march32-directive and march64-directive eventually generate the
same march option that will passed to compiler.

Merge this two separate directives to a common one as march-directive.

Change-Id: I220d2b782eb3b54e13ffd5b6a581d0e6da68756a
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
2023-06-22 16:37:03 -05:00
laurenw-arm
0f19b7aada feat(build): pass CCA NV ctr option to cert_create
Modifying build system to pass the new CCA NV counter options
ccafw_nvctr to  cert_create tool in context of CCA COT

Change-Id: I9de2cdc041d96bc19180c3189628ed23e68a992b
Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com>
2023-05-25 16:40:43 -05:00
Manish Pandey
269f3daefb Merge changes from topic "mp/feat_ras" into integration
* changes:
  refactor(cpufeat): enable FEAT_RAS for FEAT_STATE_CHECKED
  refactor(ras): replace RAS_EXTENSION with FEAT_RAS
2023-05-09 21:48:45 +02:00
Madhukar Pappireddy
fdf9d768ea Merge changes from topic "srm/Errata_ABI_El3" into integration
* changes:
  docs(errata_abi): document the errata abi changes
  feat(fvp): enable errata management interface
  fix(cpus): workaround platforms non-arm interconnect
  refactor(errata_abi): factor in non-arm interconnect
  feat(errata_abi): errata management firmware interface
2023-05-09 21:15:54 +02:00
Manish V Badarkhe
c214ced421 Merge changes from topic "bk/context_refactor" into integration
* changes:
  fix(gicv3): restore scr_el3 after changing it
  refactor(cm): make SVE and SME build dependencies logical
2023-05-09 18:15:01 +02:00
Manish Pandey
9202d51990 refactor(ras): replace RAS_EXTENSION with FEAT_RAS
The current usage of RAS_EXTENSION in TF-A codebase is to cater for two
things in TF-A :
1. Pull in necessary framework and platform hooks for Firmware first
   handling(FFH) of RAS errors.
2. Manage the FEAT_RAS extension when switching the worlds.

FFH means that all the EAs from NS are trapped in EL3 first and signaled
to NS world later after the first handling is done in firmware. There is
an alternate way of handling RAS errors viz Kernel First handling(KFH).
Tying FEAT_RAS to RAS_EXTENSION build flag was not correct as the
feature is needed for proper handling KFH in as well.

This patch breaks down the RAS_EXTENSION flag into a flag to denote the
CPU architecture `ENABLE_FEAT_RAS` which is used in context management
during world switch and another flag `RAS_FFH_SUPPORT` to pull in
required framework and platform hooks for FFH.

Proper support for KFH will be added in future patches.

BREAKING CHANGE: The previous RAS_EXTENSION is now deprecated. The
equivalent functionality can be achieved by the following
2 options:
 - ENABLE_FEAT_RAS
 - RAS_FFH_SUPPORT

Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: I1abb9ab6622b8f1b15712b12f17612804d48a6ec
2023-05-09 13:19:22 +01:00
Manish Pandey
3e2923199d Merge changes from topic "assert_boolean_set" into integration
* changes:
  build!: check boolean flags are not empty
  fix(build): add a default value for INVERTED_MEMMAP
  fix(a5ds): add default value for ARM_DISABLE_TRUSTED_WDOG
  fix(st-crypto): move flag control into source code
  fix(stm32mp1): always define PKA algos flags
  fix(stm32mp1): remove boolean check on PLAT_TBBR_IMG_DEF
2023-05-09 11:26:11 +02:00
Govindraj Raja
dea23e245f fix(build): allow lower address access with gcc-12
With gcc-12 any lower address access can trigger a warning/error
this would be useful in other parts of system but in TF-A
there are various reasons to access to the lower address ranges,
example using mmio_read_*/writes_*

So setup to allow access to lower addresses while using gcc-12

Change-Id: Id1b4012b13bc6876d83b90a347fee12478a1921d
Signed-off-by: Govindraj Raja <govindraj.raja@arm.com>
2023-05-09 10:01:02 +01:00
Sona Mathew
ef63f5be6d refactor(errata_abi): factor in non-arm interconnect
Workaround to help enable the kernel to query errata status using the
errata abi feature for platforms with a non-arm interconnect.

Change-Id: I47b03eaee5a0a763056ae71883fa30dfacb9b3f7
Signed-off-by: Sona Mathew <SonaRebecca.Mathew@arm.com>
2023-05-05 13:23:10 -05:00
Sona Mathew
ffea3844c0 feat(errata_abi): errata management firmware interface
This patch adds the errata management firmware interface for lower ELs
to discover details about CPU erratum. Based on the CPU erratum
identifier the interface enables the OS to find the mitigation of an
erratum in EL3.

The ABI can only be present in a system that is compliant with SMCCCv1.1
or higher. This implements v1.0 of the errata ABI spec.

For details on all possible return values, refer the design
documentation below:

ABI design documentation:
https://developer.arm.com/documentation/den0100/1-0?lang=en

Signed-off-by: Sona Mathew <SonaRebecca.Mathew@arm.com>
Change-Id: I70f0e2569cf92e6e02ad82e3e77874546232b89a
2023-05-05 13:23:10 -05:00
Boyan Karatotev
0d1229473e refactor(cm): make SVE and SME build dependencies logical
Currently, enabling SME forces SVE off. However, the SME enablement
requires SVE to be enabled, which is reflected in code. This is the
opposite of what the build flags require.

Further, the few platforms that enable SME also explicitly enable SVE.
Their platform.mk runs after the defaults.mk file so this override never
materializes. As a result, the override is only present on the
commandline.

Change it to something sensible where if SME is on then code can rely on
SVE being on too. Do this with a check in the Makefile as it is the more
widely used pattern. This maintains all valid use cases but subtly
changes corner cases no one uses at the moment to require a slightly
different combination of flags.

Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Change-Id: If7ca3972ebc3c321e554533d7bc81af49c2472be
2023-05-05 13:16:18 +01:00
Yann Gautier
1369fb82c8 build!: check boolean flags are not empty
For numeric flags, there is a check for the value to be set. Do the same
for boolean flags. This avoids issues where a flag is defined but
without a value, leading to potential unexpected behaviors.

Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: Ib00da2784339471058887e93434d96ccba2aebb2
2023-05-03 18:02:09 +01:00
Chris Kay
a123cb143f build: allow BL-specific includes/definitions
This change introduces the `BLx_INCLUDE_DIRS` and `BLx_DEFINES`
Makefile variables, which can be used to append include directories
and preprocessor definitions to specific images created using the
`MAKE_BL` Makefile macro.

Change-Id: I9431f9d1cbde5b0b2624d9ce128a4f043c74c87f
Signed-off-by: Chris Kay <chris.kay@arm.com>
2023-05-03 15:36:08 +02:00
Manish Pandey
d494b0eff5 Merge "feat(el3-runtime): handle traps for IMPDEF registers accesses" into integration 2023-05-02 16:51:14 +02:00
Varun Wadekar
0ed3be6fc2 feat(el3-runtime): handle traps for IMPDEF registers accesses
This patch introduces support to handle traps from lower ELs for
IMPDEF system register accesses. The actual support is left to the
platforms to implement.

Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
Change-Id: I623d5c432b4ce4328b68f238c15b1c83df97c1e5
2023-04-30 11:04:59 +01:00
Jayanth Dodderi Chidanand
03d3c0d729 feat(sme): enable SME2 functionality for NS world
FEAT_SME2 is an extension of FEAT_SME and an optional feature
from v9.2. Its an extension of SME, wherein it not only
processes matrix operations efficiently, but also provides
outer-product instructions to accelerate matrix operations.
It affords instructions for multi-vector operations.
Further, it adds an 512 bit architectural register ZT0.

This patch implements all the changes introduced with FEAT_SME2
to ensure that the instructions are allowed to access ZT0
register from Non-secure lower exception levels.

Additionally, it adds support to ensure FEAT_SME2 is aligned
with the existing FEATURE DETECTION mechanism, and documented.

Change-Id: Iee0f61943304a9cfc3db8f986047b1321d0a6463
Signed-off-by: Jayanth Dodderi Chidanand <jayanthdodderi.chidanand@arm.com>
2023-04-27 16:02:27 +01:00
Mark Brown
688ab57b93 feat(gcs): support guarded control stack
Arm v9.4 introduces support for Guarded Control Stack, providing
mitigations against some forms of RPO attacks and an efficient mechanism
for obtaining the current call stack without requiring a full stack
unwind. Enable access to this feature for EL2 and below, context
switching the newly added EL2 registers as appropriate.

Change the FVP platform to default to handling this as a dynamic option
so the right decision can be made by the code at runtime.

Signed-off-by: Mark Brown <broonie@kernel.org>
Change-Id: I691aa7c22e3547bb3abe98d96993baf18c5f0e7b
2023-04-18 12:36:52 +01:00
Mark Brown
062b6c6bf2 feat(pie/por): support permission indirection and overlay
Arm v8.9 introduces a series of features providing a new way to set memory
permissions. Instead of directly encoding the permissions in the page
tables the PTEs contain indexes into an array of permissions stored in
system registers, allowing greater flexibility and density of encoding.

Enable access to these features for EL2 and below, context switching the
newly added EL2 registers as appropriate. Since all of FEAT_S[12]P[IO]E
are separately discoverable we have separate build time options for
enabling them, but note that there is overlap in the registers that they
implement and the enable bit required for lower EL access.

Change the FVP platform to default to handling them as dynamic options so
the right decision can be made by the code at runtime.

Signed-off-by: Mark Brown <broonie@kernel.org>
Change-Id: Icf89e444e39e1af768739668b505661df18fb234
2023-04-12 15:03:22 +01:00