The failure was caused by missing a variable definition, `status`
in the RSE initialisation patch.
Change-Id: I937a39e20fae39f3a6d14fe66af578c166545301
Signed-off-by: Icen.Zeyada <Icen.Zeyada2@arm.com>
Implements mitigation for CVE-2024-5660 that affects Cortex-X925
revisions r0p0, r0p1.
The workaround is to disable the hardware page aggregation at
EL3 by setting CPUECTLR_EL1[46] = 1'b1.
Public Documentation:
https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-5660
Change-Id: I9d5a07ca6b89b27d8876f4349eff2af26c962d8a
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
Implements mitigation for CVE-2024-5660 that affects Cortex-X2
revisions r0p0, r1p0, r2p0, r2p1.
The workaround is to disable the hardware page aggregation at
EL3 by setting CPUECTLR_EL1[46] = 1'b1
Public Documentation:
https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-5660
Change-Id: If28804e154617a39d7d52c40b3a00a14a39df929
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
Implements mitigation for CVE-2024-5660 that affects Cortex-A77
revisions r0p0, r1p0, r1p1.
The workaround is to disable the hardware page aggregation at
EL3 by setting CPUECTLR_EL1[46] = 1'b1.
Public Documentation:
https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-5660
Change-Id: Ic71b163883ea624e9f2f77deb8b30c69612938b9
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
Implements mitigation for CVE-2024-5660 that affects Neoverse-V1
revisions r0p0, r1p0, r1p1, r1p2.
The workaround is to disable the hardware page aggregation at
EL3 by setting CPUECTLR_EL1[46] = 1'b1.
Public Documentation:
https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-5660
Change-Id: Ia59452ea38c66b291790956d7f2880bfcd56d45f
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
Implements mitigation for CVE-2024-5660 that affects Cortex-A78_AE
revisions r0p0, r0p1, r0p2, r0p3.
The workaround is to disable the hardware page aggregation at
EL3 by setting CPUECTLR_EL1[46] = 1'b1.
Public Documentation:
https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-5660
Change-Id: I33ac653fcb45f687fe9ace1c76a3eb2000459751
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
Implements mitigation for CVE-2024-5660 that affects Cortex-A78C
revisions r0p0, r0p1, r0p2.
The workaround is to disable the hardware page aggregation at
EL3 by setting CPUECTLR_EL1[46] = 1'b1.
Public Documentation:
https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-5660
Change-Id: Ieb8d7b122320d16bf8987a43dc683ca41227beb5
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
Implements mitigation for CVE-2024-5660 that affects Cortex-A78
revisions r0p0, r1p0, r1p1, r1p2.
The workaround is to disable the hardware page aggregation at
EL3 by setting CPUECTLR_EL1[46] = 1'b1.
Public Documentation:
https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-5660
Change-Id: I4e40388bef814481943b2459fe35dd7267c625a2
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
Implements mitigation for CVE-2024-5660 that affects Cortex-X1
revisions r0p0, r1p0, r1p1, r1p2.
The workaround is to disable the hardware page aggregation at
EL3 by setting CPUECTLR_EL1[46] = 1'b1.
Public Documentation:
https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-5660
Change-Id: I3124db3980f2786412369a010ca6abbbbaa3b601
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
Implements mitigation for CVE-2024-5660 that affects Neoverse-N2
revisions r0p0, r0p1, r0p2, r0p3.
The workaround is to disable the hardware page aggregation at
EL3 by setting CPUECTLR_EL1[46] = 1'b1.
This patch implements the erratum mitigation for Neoverse-N2.
Public Documentation:
https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-5660
Change-Id: I2b9dea78771cc159586a03ff563c0ec79591ea64
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
Implements mitigation for CVE-2024-5660 that affects Cortex-A710
revisions r0p0, r1p0, r2p0, r2p1.
The workaround is to disable the hardware page aggregation at
EL3 by setting CPUECTLR_EL1[46] = 1'b1.
Public Documentation:
https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-5660
Change-Id: I10feea238600dcceaac7bb75a59db7913ca65cf1
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
Implements mitigation for CVE-2024-5660 that affects Neoverse-V2
revisions r0p0, r0p1, r0p2.
The workaround is to disable the hardware page aggregation at
EL3 by setting CPUECTLR_EL1[46] = 1'b1.
Public Documentation:
https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-5660
Change-Id: If66687add52d16f68ce54fe5433dd3b3f067ee04
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
Implements mitigation for CVE-2024-5660 that affects Cortex-X3
revisions r0p0, r1p0, r1p1, r1p2.
The workaround is to disable the hardware page aggregation at
EL3 by setting CPUECTLR_EL1[46] = 1'b1.
Public Documentation:
https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-5660
Change-Id: Ibe90313948102ece3469f2cfe3faccc7f4beeabe
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
Implements mitigation for CVE-2024-5660 that affects Neoverse-V3
revisions r0p0, r0p1.
The workaround is to disable the hardware page aggregation at
EL3 by setting CPUECTLR_EL1[46] = 1'b1.
Public Documentation:
https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-5660
Change-Id: I9ed2590bf1215bf6a692f01dfd351e469ff072f8
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
Implements mitigation for CVE-2024-5660 that affects Cortex-X4
revisions r0p0, r0p1, r0p2.
The workaround is to disable the hardware page aggregation at
EL3 by setting CPUECTLR_EL1[46] = 1'b1.
Public Documentation:
https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-5660
Change-Id: I378cb4978919cced03e7febc2ad431c572eac72d
Signed-off-by: Sona Mathew <sonarebecca.mathew@arm.com>
We never directly reference the event handlers so they look like fair
game to be garbage collected when building with LTO.
Tell the compiler that we definitely need them and to leave them alone.
Change-Id: Iac672ce85e20328d25acbc3f5e544ad157eebf48
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
When GICR_WAKER.ProcessorSleep == 1 (i.e. after gicv3_cpuif_disable())
the GIC will assert the WakeRequest signal to try and wake the core up
instead of delivering an interrupt. This is useful when a core is in
some kind of suspend state.
However, when the core is properly off (CPU_OFF), it shouldn't get woken
up in any way other than a CPU_ON call. In the general case interrupts
would be routed away so this doesn't matter. But in case they aren't, we
want the core to stay off.
So turn the redistributor off on CPU_OFF calls. This will prevent the
WakeRequest from being sent.
Change-Id: I7f20591d1c83a4a9639281ef86caa79d6669b536
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
* changes:
feat(qemu-sbsa): add support for RME on SBSA machine
feat(qemu-sbsa): configure RMM manifest based on system RAM
feat(qemu-sbsa): configure GPT based on system RAM
feat(qemu-sbsa): adjust DT memory start address when supporting RME
feat(qemu-sbsa): relocate DT after the RMM when RME is enabled
feat(qemu-sbsa): dissociate QEMU NS start address and NS_DRAM0_BASE
feat(qemu-sbsa): increase maximum FIP size
refactor(qemu-sbsa): move all DT related functions to sbsa_platform.c
refactor(qemu-sbsa): create accessor functions for platform info
refactor(qemu-sbsa): rename function sip_svc_init() to something more meaningful
refactor(qemu-sbsa): move DT related structures to their own header
refactor(qemu-sbsa): rename struct dynamic_platform_info
refactor(qemu): make L0GPT size configurable
refactor(qemu): move GPT setup to BL31
fix(qemu-sbsa): fix compilation error when accessing DT functions
This patch fixes a bug which was introduced in commit
3065513 related to improper saving of EL1 context in the
context management library code when using 128-bit
system registers.
Bug explanation:
The function el1_sysregs_context_save still used the normal
macros that read all the system registers related to the EL1
context, which then involved casting them to uint64_t and
eventually writing them to a memory structure. This means that
the context management library was saving EL1-related SYSREG128
registers with the upper 64 bits zeroed out.
Alternative macros had previously been introduced for the EL2
context in the aforementioned commit, but not for EL1.
Some refactoring has also been done as part of this patch:
- Re-added "common" back to write_el2_ctx_common_sysreg128
- Added dummy SYSREG128 macros for cases when some features
are disabled
- Removed some newlines
Change-Id: I15aa2190794ac099a493e5f430220b1c81e1b558
Signed-off-by: Igor Podgainõi <igor.podgainoi@arm.com>
* changes:
feat(stm32mp2): add a runtime service for STGEN configuration
feat(stm32mp2): add common SMC runtime services
feat(stm32mp1): rework SVC services
Just like for SPE, we need to synchronize TRBE samples before we change
the context to ensure everything goes where it was intended to. If that
is not done, the in-flight entries might use any piece of now incorrect
context as there are no implicit ordering requirements.
Prior to root context, the buffer drain hooks would have done that. But
now that must happen much earlier. So add a tsb to prepare_el3_entry as
well.
Annoyingly, the barrier can be reordered relative to other instructions
by default (rule RCKVWP). So add an isb after the psb/tsb to assure that
they are ordered, at least as far as context is concerned.
Then, drop the buffer draining hooks. Everything they need to do is
already done by now. There's a notable difference in that there are no
dsb-s now. Since EL3 does not access the buffers or the feature
specific context, we don't need to wait for them to finish.
Finally, drop a stray isb in the context saving macro. It is now
absorbed into root context, but was missed.
Change-Id: I30797a40ac7f91d0bb71ad271a1597e85092ccd5
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
In the chapter about FEAT_SPE (D16.4 specifically) it is stated that
"Sampling is always disabled at EL3". That means that disabling sampling
(writing PMBLIMITR_EL1.E to 0) is redundant and can be removed. The only
reason we save/restore SPE context is because of that disable, so those
can be removed too.
There's the issue of draining the profiling buffer though. No new
samples will have been generated since entering EL3. However, old
samples might still be in-flight. Unless synchronised by a psb csync,
those might be affected by our extensive context mutation. Adding a psb
in prepare_el3_entry should cater for that. Note that prior to the
introduction of root context this was not a problem as context remained
unchanged and the hooks took care of the rest.
Then, the only time we care about the buffer actually making it to
memory is when we exit coherency. On HW_ASSISTED_COHERENCY systems we
don't have to do anything, it should be handled for us. Systems without
it need a dsb to wait for them to complete. There should be one already
in each cpu's powerdown hook which should work.
While on the topic of barriers, the esb barrier is no longer used.
Remove it.
Change-Id: I9736fc7d109702c63e7d403dc9e2a4272828afb2
Signed-off-by: Boyan Karatotev <boyan.karatotev@arm.com>
Updated the code to ensure the Event Log in the DLME meets
the minimum size requirement of 64KB, as specified in the
specification.
Change-Id: If0b179a97c0dca489edc0047da401bbb4ce09f39
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
The rse_platform_api.h file includes certain MbedTLS headers,
introducing an unnecessary dependency when building the TC
platform with RSE support unconditionally.
However, these headers are not required, as the BL31
implementation only initializes RSE communication,
which does not rely on MbedTLS.
Change-Id: If45122aaf158be128f8978422fd870dbb0a0d090
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
It is excepted that kernel vcp can request the vcp hw do
some security setting via SMC call services.
Signed-off-by: Xiangzhi Tang <xiangzhi.tang@mediatek.corp-partner.google.com>
Change-Id: Ib5c01c1d72b3483262dcd821878e6e53ba9c681c
* changes:
build(rk3399): m0: Makefile: respect verbosity for linkerfile
build(rk3399): m0: fail linker and assembler on warnings
build(rk3399): m0: remove redundant M0_CROSS_COMPILE
feat(build): rk3399: m0: add support for new binutils versions
fix(rk3399): m0: Makefile: fix outside array bounds warning
refactor(rk3399): m0: Makefile: use same tools as in build_macros.mk
refactor(rk3399): m0: Makefile: specify ARCH to be rk3399-m0
fix(rk3588): pmu: fix assembly symbol redefinition
fix(rockchip): pmu: Do not mark already defined functions as weak
fix(rk3399): dram: Fix build with gcc 11
fix(rk3288): remove unused function
fix(px30): remove unused function
On STM32MP15 ST boards, RTC clock configuration by OPTEE is not ready
yet. Re-enable it temporary to get LSE as clock source of RTC.
Signed-off-by: Valentin Caron <valentin.caron@foss.st.com>
Change-Id: Ib6071229552e456faffb4fdfc8db9808140d54a7
Other component such as OP-TEE may have the responsibility for
STGEN configuration but updating Arm CNTFRQ can only be done from
EL3. Therefore, implement a SiP SMC handler for this purpose and
a runtime service to catch SIP SMCs.
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Maxime Méré <maxime.mere@foss.st.com>
Change-Id: I7854e1ae6328f149798b43d52bb1ecdf71a5aa69
Implement the common SMC runtime services for stm32mp2 platforms.
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Maxime Méré <maxime.mere@foss.st.com>
Change-Id: I214e4b2bfba439572c079bbc9ffb62bc87793ce9
Having two generations of STM32MPX using the same SMCCC protocol,
rework the SVC services setup to put in common what can be put
in common and implement platform-specific handlers.
Signed-off-by: Gatien Chevallier <gatien.chevallier@foss.st.com>
Signed-off-by: Maxime Méré <maxime.mere@foss.st.com>
Signed-off-by: Yann Gautier <yann.gautier@st.com>
Change-Id: I000573e50d55dc70163c2657c12cc84085416f6b
This patch enables support of FEAT_FPMR by enabling access
to FPMR register. It achieves it by setting the EnFPM bit of
SCR_EL3. This feature is currently enabled for NS world only.
Reference:
https://developer.arm.com/documentation/109697/2024_09/
Feature-descriptions/The-Armv9-5-architecture-extension?lang=en
Change-Id: I580c409b9b22f8ead0737502280fb9093a3d5dd2
Signed-off-by: Arvind Ram Prakash <arvind.ramprakash@arm.com>
