diff --git a/.versionrc.js b/.versionrc.js index c7ee4a223f..ac473b0994 100644 --- a/.versionrc.js +++ b/.versionrc.js @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021-2023, Arm Limited. All rights reserved. + * Copyright (c) 2021-2024, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -84,9 +84,9 @@ module.exports = { "filename": "pyproject.toml", "updater": { "readVersion": function (contents) { - const _ver = contents.match(/version\s=.*"(\d)\.(\d)\.(\d)/); + const _ver = contents.match(/version\s=.*"(\d+?)\.(\d+?)\.(\d+?)/); - return `${_ver[1]}.${_ver[2]}.${_ver[2]}`; + return `${_ver[1]}.${_ver[2]}.${_ver[3]}`; }, "writeVersion": function (contents, version) { @@ -104,9 +104,9 @@ module.exports = { "filename": "docs/conf.py", "updater": { "readVersion": function (contents) { - const _ver = contents.match(/version\s=.*"(\d)\.(\d)\.(\d)/); + const _ver = contents.match(/version\s=.*"(\d+?)\.(\d+?)\.(\d+?)/); - return `${_ver[1]}.${_ver[2]}.${_ver[2]}`; + return `${_ver[1]}.${_ver[2]}.${_ver[3]}`; }, "writeVersion": function (contents, version) { diff --git a/Makefile b/Makefile index 97c3c1548a..ce79a7586b 100644 --- a/Makefile +++ b/Makefile @@ -9,7 +9,8 @@ # VERSION_MAJOR := 2 VERSION_MINOR := 10 -VERSION_PATCH := 0 # Only used for LTS releases +# VERSION_PATCH is only used for LTS releases +VERSION_PATCH := 4 VERSION := ${VERSION_MAJOR}.${VERSION_MINOR}.${VERSION_PATCH} # Default goal is build all images @@ -130,7 +131,7 @@ ENCTOOL ?= ${ENCTOOLPATH}/encrypt_fw${BIN_EXT} # Variables for use with Firmware Image Package FIPTOOLPATH ?= tools/fiptool -FIPTOOL ?= ${FIPTOOLPATH}/fiptool${BIN_EXT} +FIPTOOL ?= ${BUILD_PLAT}/fiptool${BIN_EXT} # Variables for use with sptool SPTOOLPATH ?= tools/sptool @@ -308,6 +309,10 @@ WARNINGS += -Wunused-but-set-variable -Wmaybe-uninitialized \ # https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105523 TF_CFLAGS += $(call cc_option, --param=min-pagesize=0) +ifeq ($(HARDEN_SLS), 1) + TF_CFLAGS_aarch64 += $(call cc_option, -mharden-sls=all) +endif + else # using clang WARNINGS += -Wshift-overflow -Wshift-sign-overflow \ @@ -1185,6 +1190,7 @@ $(eval $(call assert_booleans,\ GENERATE_COT \ GICV2_G0_FOR_EL3 \ HANDLE_EA_EL3_FIRST_NS \ + HARDEN_SLS \ HW_ASSISTED_COHERENCY \ MEASURED_BOOT \ DRTM_SUPPORT \ diff --git a/bl31/ehf.c b/bl31/ehf.c index 6f3d9412eb..c1d28b293c 100644 --- a/bl31/ehf.c +++ b/bl31/ehf.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017-2023, Arm Limited and Contributors. All rights reserved. + * Copyright (c) 2017-2024, Arm Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -203,10 +203,20 @@ void ehf_deactivate_priority(unsigned int priority) * one stashed earlier if there are no more to deactivate. */ cur_pri_idx = get_pe_highest_active_idx(pe_data); - if (cur_pri_idx == EHF_INVALID_IDX) + +#if GIC600_ERRATA_WA_2384374 + if (cur_pri_idx == EHF_INVALID_IDX) { + old_mask = plat_ic_deactivate_priority(pe_data->init_pri_mask); + } else { + old_mask = plat_ic_deactivate_priority(priority); + } +#else + if (cur_pri_idx == EHF_INVALID_IDX) { old_mask = plat_ic_set_priority_mask(pe_data->init_pri_mask); - else + } else { old_mask = plat_ic_set_priority_mask(priority); + } +#endif if (old_mask > priority) { ERROR("Deactivation priority (0x%x) lower than Priority Mask (0x%x)\n", diff --git a/changelog.yaml b/changelog.yaml index 1467ab4caf..20417b15a8 100644 --- a/changelog.yaml +++ b/changelog.yaml @@ -24,47 +24,38 @@ sections: - title: Build System description: Changes that affect the build system or external dependencies type: build - hidden: true - title: Continuous Integration description: Changes to our CI configuration files and scripts type: ci - hidden: true - title: Documentation description: Documentation-only changes type: docs - hidden: true - title: Performance Improvements description: A code change that improves performance type: perf - hidden: true - title: Code Refactoring description: A code change that neither fixes a bug nor adds a feature type: refactor - hidden: true - title: Reverted Changes description: Changes that revert a previous change type: revert - hidden: true - title: Style description: Changes that do not affect the meaning of the code (white-space, formatting, missing semi-colons, etc.) type: style - hidden: true - title: Tests description: Adding missing tests or correcting existing tests type: test - hidden: true - title: Miscellaneous description: Any other change type: chore - hidden: true # # The following block describes the sub-sections of the changelog. These sub-sections may appear in @@ -569,6 +560,9 @@ subsections: - rockchip/rk3399 - rk3399/suspend + - title: RK3328 + scope: rk3328 + - title: Socionext scope: socionext diff --git a/docs/change-log.md b/docs/change-log.md index cfc8c564cc..8ebe519205 100644 --- a/docs/change-log.md +++ b/docs/change-log.md @@ -3,6 +3,177 @@ This document contains a summary of the new features, changes, fixes and known issues in each release of Trusted Firmware-A. +## [lts-2.10.4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/tags/lts-v2.10.3..refs/tags/lts-v2.10.4) (2024-04-26) + +### Documentation + +- decrease the minimum supported OpenSSL ([f491e09](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f491e09e664088c6f777277b4f82f8fac8c328a8)) + +### Resolved Issues + +- **Architecture** + + - **Performance Monitors Extension (FEAT_PMUv3)** + + - fix breakage on ARMv7 CPUs with SP_min as BL32 ([867271f](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/867271ff8135b1f904ff46a09835283648f392c9)) + +- **Libraries** + + - **CPU Support** + + - workaround for Cortex-A715 erratum 2728106 ([1edbf2a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/1edbf2ae58df6b55fe58c7d723ec7bb61dac32dd)) + - workaround for Cortex-X4 erratum 2740089 ([3609b0a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/3609b0a953958356c4ac6dad38b501b386bfdd96)) + - workaround for Cortex-X4 erratum 2763018 ([200931d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/200931d2dcecdb7960813f66aace21899ac59640)) + +## [lts-2.10.3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/tags/lts-v2.10.2..refs/tags/lts-v2.10.3) (2024-04-05) + +### Code Refactoring + +- **Services** + + - **ERRATA ABI** + + - optimize errata ABI using errata framework ([9fe6507](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/9fe65073d4425a626447a2aff3646f65935e89d8)) + - workaround platforms non-arm interconnect ([a24c800](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a24c8006ea39be65e156283407fa45f7c7592f6e)) + +### New Features + +- **Libraries** + + - **CPU Support** + + - add support for Poseidon V CPU ([a6256d7](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a6256d7a2638bfb9bdbb10ca907f891eea3f0829)) + +### Miscellaneous + +- rearrange the fvp_cpu_errata.mk file ([5864630](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/58646309aedfa89f3df51e8d4b0be199948f1543)) +- rename Poseidon to Neoverse V3 ([bafc27c](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/bafc27c8d7cfb5ba44ea132e3a7d92ab76678516)) +- update status of Cortex-X3 erratum 2615812 ([635c83e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/635c83eb456a8ee2191d820c642dfbc0d23ae32c)) + +### Documentation + +- **threat_model:** mark power analysis threats out-of-scope ([11cb096](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/11cb0962f7ac35cfecd8e731cee4e7b6095c0faa)) + +- **Miscellaneous** + + - **SDEI** + + - provide security guidelines when using SDEI ([44f36c4](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/44f36c48f2806c25c8ebc7b4ac9b80f0a356a551)) + +- **Documentation** + + - **Changelog** + + - display all sections ([4a10950](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4a10950a8538b0469e08e95af079fefe9ee5c895)) + +### Resolved Issues + +- **readme:** dummy commit for sandbox release ([d6b1d48](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d6b1d4807bf5a3c638c33684c377eb018e765964)) + +- **Libraries** + + - **CPU Support** + + - correct variant name for default Poseidon CPU ([ef393a3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/ef393a3f9fa216f76e96c2dd7493ea448d11ba7a)) + - add erratum 2701951 to Cortex-X3's list ([a234f54](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/a234f540b7271406aeea2fb742dddaeaeafed612)) + - fix a defect in Cortex-A715 erratum 2561034 ([e86990d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e86990d0911d20ec9bf2701485e5b22db774bb54)) + - workaround for Cortex-A715 erratum 2331818 ([940ebbe](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/940ebbe2d1d07ea8187db5b5c3b94e463a5e5dbb)) + - workaround for Cortex-A715 erratum 2344187 ([3e3ff29](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/3e3ff298a61473ce7536484a592fa74670b1ae84)) + - workaround for Cortex-A715 erratum 2413290 ([81931a1](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/81931a13a83564dea387f22b0006aaf57e94b000)) + - workaround for Cortex-A715 erratum 2413290 ([b59307e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b59307ef8efd723edac5c2ab244a370d86dcd821)) + - workaround for Cortex-A715 erratum 2420947 ([04c60d5](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/04c60d5ef31ccee6178036611e796c9d20da1729)) + - workaround for Cortex-A715 erratum 2429384 ([301698e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/301698e15bc87b8dc300fdd3f07bcc2781364c67)) + - workaround for Cortex-A720 erratum 2926083 ([baf1474](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/baf14745f1173621a20e2e190b596af9579bc031)) + - workaround for Cortex-A720 erratum 2940794 ([03636f2](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/03636f2c3d60a7be28898aae5ec6d3e56d1c05ca)) + - workaround for Cortex-X3 erratum 2372204 ([5f8f745](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5f8f745c7e996d2767d6567d2beda6bca185de1c)) + - workaround for Cortex-X4 erratum 2701112 ([d466c5d](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d466c5d4d27b5d24510a314efe8f6ddb3dd44ff8)) + +- **Drivers** + + - **Arm** + + - **GIC** + + - **GICv3** + + - **GIC-600** + + - workaround for Part 1 of GIC600 erratum 2384374 ([b7ed781](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b7ed781eea7478a724183de93a741fc3aa9f7914)) + +## [lts-2.10.2](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/tags/lts-v2.10.1..refs/tags/lts-v2.10.2) (2024-02-08) + +### Resolved Issues + +- **Build System** + + - move comment for VERSION_PATCH ([822bfa3](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/822bfa39ce6b961736e4f91a95f8b5d950ffb9ee)) + - properly manage versions in .versionrc.js ([7bccacd](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/7bccacddee0b5c42a0f6c112ee23679248314499)) + - update versions ([e8e5c77](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e8e5c775929d90df3395701bfef3f50591d1c28e)) + +## [lts-2.10.1](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/tags/v2.10.0..refs/tags/lts-v2.10.1) (2024-02-07) + +### New Features + +- **Platforms** + + - **Xilinx** + + - **Versal** + + - enable errata management feature ([4f5ce87](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4f5ce871f6d741329f46af024198d60370d69a28)) + +- **Services** + + - **SPM** + + - **SPMD** + + - initialize SCR_EL3.EEL2 bit at RESET ([5c972df](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/5c972dfdff0de24580dee78953f02810685e7c7f)) + +- **Miscellaneous** + + - **Security** + + - add support for SLS mitigation ([9cec549](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/9cec5496d3b01da4b6120f8498ac84fcd3877b32)) + +### Resolved Issues + +- **Platforms** + + - **Arm** + + - **SGI** + + - apply workarounds for N2 CPU erratum ([bdedd84](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/bdedd844c51c32067a71ab837525981f95665243)) + + - **Rockchip** + + - **RK3328** + + - apply ERRATA_A53_1530924 erratum ([b7591e1](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b7591e16fc3ef8cf68fca2b1eaa4add4d47feaf7)) + +- **Libraries** + + - **CPU Support** + + - workaround for Cortex X3 erratum 2641945 ([84fcd04](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/84fcd04294a6ddac422cf6bd018ee43e18b10044)) + - workaround for Cortex X3 erratum 2743088 ([88a8cd0](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/88a8cd0e542ea1eaa92dcd8b5f6115dc9ed8d525)) + - workaround for Cortex-A520 erratum 2630792 ([4a9ed7a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/4a9ed7a29aaec5653918409b2a48f1612b5bec89)) + - workaround for Cortex-A520 erratum 2858100 ([8d45e30](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/8d45e30a7cf3d14d601f69d0b7e64d6440cf6747)) + - workaround for Cortex-A710 erratum 2778471 ([e27b8ec](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/e27b8ecc73509f34e505cb54844b13499666753c)) + - workaround for Cortex-A715 erratum 2561034 ([2624951](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/2624951d205e557f17ee92d2e69bebfebdd3a6b0)) + - workaround for Cortex-A78C erratum 2683027 ([0e5e994](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0e5e994764330d26b80036b31a23143f109ed59d)) + - workaround for Cortex-A78C erratum 2743232 ([6becda5](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/6becda5d11b135a3b3d59082b7f6b90fe88c5b3f)) + - workaround for Cortex-X2 erratum 2778471 ([b312fa0](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/b312fa066209cd19e7f414c9dea19d267bc0431e)) + - workaround for Cortex-X3 erratum 2266875 ([7c227dc](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/7c227dc447e80fa387796a613eb0e95c84f2d2b7)) + - workaround for Cortex-X3 erratum 2302506 ([744f07a](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/744f07ae75471cabb232ff5a7e06b6c4bc70567b)) + - workaround for Cortex-X3 erratum 2779509 ([402b9a9](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/402b9a9c0c6cb953508840685a7e5138d10d31aa)) + - workaround for Neoverse V1 erratum 2348377 ([25cf284](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/25cf2844bc7c450ce3f5d7ea18d8b9f88d8cf96e)) + - workaround for Neoverse V2 erratum 2618597 ([f98185e](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f98185e1e3c5c3cd0bfb974cea723a194c1b2be2)) + - workaround for Neoverse V2 erratum 2662553 ([d36d167](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/d36d167516432566918892e38569e4d1ac534fb8)) + - add Cortex-A520 definitions ([0685a91](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/0685a91fd00555340205f18fb163656ad9b32d5f)) + - check for SCU before accessing DSU ([f940537](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/f9405375addac24e0b4640c8618e0e5a7f5debef)) + ## [2.10.0](https://review.trustedfirmware.org/plugins/gitiles/TF-A/trusted-firmware-a/+/refs/tags/v2.9.0..refs/tags/v2.10.0) (2023-11-21) ### ⚠ BREAKING CHANGES @@ -8839,7 +9010,7 @@ releases of TF-A. ______________________________________________________________________ -*Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved.* +*Copyright (c) 2013-2024, Arm Limited and Contributors. All rights reserved.* [mbed tls releases]: https://tls.mbed.org/tech-updates/releases [pr#1002]: https://github.com/ARM-software/arm-trusted-firmware/pull/1002#issuecomment-312650193 diff --git a/docs/components/platform-interrupt-controller-API.rst b/docs/components/platform-interrupt-controller-API.rst index 4de39d1e5a..8cd4bae9fd 100644 --- a/docs/components/platform-interrupt-controller-API.rst +++ b/docs/components/platform-interrupt-controller-API.rst @@ -282,9 +282,28 @@ may be signalled to the PE. The API should return the current priority value that it's overwriting. In case of Arm standard platforms using GIC, the implementation of the API -inserts to order memory updates before updating mask, then writes to the GIC -*Priority Mask Register*, and make sure memory updates are visible before -potential trigger due to mask update. +inserts barriers to order memory updates before updating mask, +then writes to the GIC *Priority Mask Register*, and make sure memory updates +are visible before potential trigger due to mask update. + +Function: unsigned int plat_ic_deactivate_priority(unsigned int id); [optional] +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +:: + + Argument : unsigned int + Return : int + +This API performs the operations of plat_ic_set_priority_mask along with +calling the errata workaround gicv3_apply_errata_wa_2384374(). This is +performed when priority mask is restored to it's older value. This API returns +the current priority value that it's overwriting. + +In case of Arm standard platforms using GIC, the implementation of the API +inserts barriers to order memory updates before updating mask, then writes +to the GIC *Priority Mask Register*, and make sure memory updates +are visible before potential trigger due to mask update, and +applies 2384374 GIC errata workaround to process pending interrupt packets. .. _plat_ic_get_interrupt_id: diff --git a/docs/components/rmm-el3-comms-spec.rst b/docs/components/rmm-el3-comms-spec.rst index 009ac28c24..5f0b5abac1 100644 --- a/docs/components/rmm-el3-comms-spec.rst +++ b/docs/components/rmm-el3-comms-spec.rst @@ -159,8 +159,8 @@ as per the following table: ``E_RMM_BOOT_SUCCESS``,Boot successful,0 ``E_RMM_BOOT_ERR_UNKNOWN``,Unknown error,-1 ``E_RMM_BOOT_VERSION_NOT_VALID``,Boot Interface version reported by EL3 is not supported by RMM,-2 - ``E_RMM_BOOT_CPUS_OUT_OF_RAGE``,Number of CPUs reported by EL3 larger than maximum supported by RMM,-3 - ``E_RMM_BOOT_CPU_ID_OUT_OF_RAGE``,Current CPU Id is higher or equal than the number of CPUs supported by RMM,-4 + ``E_RMM_BOOT_CPUS_OUT_OF_RANGE``,Number of CPUs reported by EL3 larger than maximum supported by RMM,-3 + ``E_RMM_BOOT_CPU_ID_OUT_OF_RANGE``,Current CPU Id is higher or equal than the number of CPUs supported by RMM,-4 ``E_RMM_BOOT_INVALID_SHARED_BUFFER``,Invalid pointer to shared memory area,-5 ``E_RMM_BOOT_MANIFEST_VERSION_NOT_SUPPORTED``,Version reported by the Boot Manifest not supported by RMM,-6 ``E_RMM_BOOT_MANIFEST_DATA_ERROR``,Error parsing core Boot Manifest,-7 diff --git a/docs/components/sdei.rst b/docs/components/sdei.rst index 60259c8301..309375f939 100644 --- a/docs/components/sdei.rst +++ b/docs/components/sdei.rst @@ -354,7 +354,51 @@ implemented in assembly, following a similar pattern as below: -------------- -*Copyright (c) 2017-2019, Arm Limited and Contributors. All rights reserved.* +Security Considerations +----------------------- + +SDEI introduces concept of providing software based non-maskable interrupts to +Hypervisor/OS. In doing so, it modifies the priority scheme defined by Interrupt +controllers and relies on Non-Secure clients, Hypervisor or OS, to create/manage +high priority events. + +Considering a Non-secure client is involved in SDEI state management, there exists +some security considerations which needs to be taken care of in both client and EL3 +when using SDEI. Few of them are mentioned below. + +Bound events +~~~~~~~~~~~~ + +A bound event is an SDEI event that corresponds to a client interrupt. +The binding of event is done using ``SDEI_INTERRUPT_BIND`` SMC call to associate +an SDEI event with a client interrupt. There is a possibility that a rogue +client can request an invalid interrupt to be bound. This may potentially +cause out-of-bound memory read. + +Even though TF-A implementation has checks to ensure that interrupt ID passed +by client is architecturally valid, Non-secure client should also ensure the +validity of interrupts. + +Recurring events +~~~~~~~~~~~~~~~~ + +For a given event source, if the events are generated continuously, then NS client +may be unusable. To mitigate against this, the Non-secure client must have +mechanism in place to remove such interrupt source from the system. + +One of the examples is a memory region which continuously generates RAS errors. +This may result in unusable Non-secure client. + +Dispatched events +~~~~~~~~~~~~~~~~~ + +For a dispatched event, it is the client's responsibility to ensure that the +handling finishes in finite time and notify the dispatcher through +``SDEI_EVENT_COMPLETE`` or ``SDEI_EVENT_COMPLETE_AND_RESUME``. If the client +fails to complete the event handling, it might result in ``UNPREDICTABLE`` behavior +in the client and potentially end up in unusable PE. + +*Copyright (c) 2017-2024, Arm Limited and Contributors. All rights reserved.* .. rubric:: Footnotes diff --git a/docs/conf.py b/docs/conf.py index d4e5423915..ef7fe7ef6f 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -14,8 +14,8 @@ project = "Trusted Firmware-A" author = "Trusted Firmware-A contributors" -version = "2.10.0" -release = "2.10.0" +version = "2.10.4" +release = "2.10.4" # -- General configuration --------------------------------------------------- diff --git a/docs/design/cpu-specific-build-macros.rst b/docs/design/cpu-specific-build-macros.rst index d03daf89f7..6147c1f099 100644 --- a/docs/design/cpu-specific-build-macros.rst +++ b/docs/design/cpu-specific-build-macros.rst @@ -384,11 +384,19 @@ For Cortex-A78C, the following errata build flags are defined : Cortex-A78C CPU. This needs to be enabled for revisions r0p1 and r0p2. This erratum is still open. +- ``ERRATA_A78C_2683027`` : This applies errata 2683027 workaround to + Cortex-A78C CPU. This needs to be enabled for revisions r0p1 and r0p2. This + erratum is still open. + - ``ERRATA_A78C_2712575`` : This applies erratum 2712575 workaround to Cortex-A78C CPU, this erratum affects system configurations that do not use an ARM interconnect IP. This needs to be enabled for revisions r0p1 and r0p2 and is still open. +- ``ERRATA_A78C_2743232`` : This applies erratum 2743232 workaround to + Cortex-A78C CPU. This needs to be enabled for revisions r0p1 and r0p2. + This erratum is still open. + - ``ERRATA_A78C_2772121`` : This applies errata 2772121 workaround to Cortex-A78C CPU. This needs to be enabled for revisions r0p0, r0p1 and r0p2. This erratum is still open. @@ -501,6 +509,10 @@ For Neoverse V1, the following errata build flags are defined : CPU. This needs to be enabled for revisions r0p0, r1p0, and r1p1 and r1p2 of the CPU. +- ``ERRATA_V1_2348377``: This applies errata 2348377 workaroud to Neoverse-V1 + CPU. This needs to be enabled for revisions r0p0, r1p0 and r1p1 of the CPU. + It has been fixed in r1p2. + - ``ERRATA_V1_2372203``: This applies errata 2372203 workaround to Neoverse-V1 CPU. This needs to be enabled for revisions r0p0, r1p0 and r1p1 of the CPU. It is still open. @@ -528,6 +540,14 @@ For Neoverse V2, the following errata build flags are defined : CPU. This needs to be enabled for revisions r0p0, r0p1 and r0p2. It is still open. +- ``ERRATA_V2_2618597``: This applies errata 2618597 workaround to Neoverse-V2 + CPU. This needs to be enabled for revisions r0p0 and r0p1. It is fixed in + r0p2. + +- ``ERRATA_V2_2662553``: This applies errata 2662553 workaround to Neoverse-V2 + CPU. This needs to be enabled for revisions r0p0 and r0p1. It is fixed in + r0p2. + - ``ERRATA_V2_2719103``: This applies errata 2719103 workaround to Neoverse-V2 CPU, this affects system configurations that do not use and ARM interconnect IP. This needs to be enabled for revisions r0p0 and r0p1. It has been fixed @@ -620,6 +640,10 @@ For Cortex-A710, the following errata build flags are defined : Cortex-A710 CPU. This needs to be enabled for revisions r0p0, r1p0, r2p0 and r2p1 of the CPU and is still open. +- ``ERRATA_A710_2778471``: This applies errata 2778471 workaround to Cortex-A710 + CPU. This needs to be enabled for revisions r0p0, r1p0, r2p0 and r2p1 of the + CPU and is still open. + For Neoverse N2, the following errata build flags are defined : - ``ERRATA_N2_2002655``: This applies errata 2002655 workaround to Neoverse-N2 @@ -741,24 +765,74 @@ For Cortex-X2, the following errata build flags are defined : CPU. This needs to be enabled for revisions r0p0, r1p0, r2p0 and r2p1 of the CPU and is still open. +- ``ERRATA_X2_2778471``: This applies errata 2778471 workaround to Cortex-X2 + CPU. This needs to be enabled for revisions r0p0, r1p0, r2p0 and r2p1 of the + CPU and it is still open. + For Cortex-X3, the following errata build flags are defined : - ``ERRATA_X3_2070301``: This applies errata 2070301 workaround to the Cortex-X3 CPU. This needs to be enabled only for revisions r0p0, r1p0, r1p1 and r1p2 of the CPU and is still open. +- ``ERRATA_X3_2266875``: This applies errata 2266875 workaround to the Cortex-X3 + CPU. This needs to be enabled only for revisions r0p0 and r1p0 of the CPU, it + is fixed in r1p1. + +- ``ERRATA_X3_2302506``: This applies errata 2302506 workaround to the Cortex-X3 + CPU. This needs to be enabled only for revisions r0p0, r1p0 and r1p1, it is + fixed in r1p2. + - ``ERRATA_X3_2313909``: This applies errata 2313909 workaround to Cortex-X3 CPU. This needs to be enabled only for revisions r0p0 and r1p0 of the CPU, it is fixed in r1p1. +- ``ERRATA_X3_2372204``: This applies errata 2372204 workaround to + Cortex-X3 CPU. This needs to be enabled only for revisions r0p0 and r1p0 + of the CPU, it is fixed in r1p1. + - ``ERRATA_X3_2615812``: This applies errata 2615812 workaround to Cortex-X3 CPU. This needs to be enabled only for revisions r0p0, r1p0 and r1p1 of the - CPU, it is still open. + CPU, it is fixed in r1p2. + +- ``ERRATA_X3_2641945``: This applies errata 2641945 workaround to Cortex-X3 + CPU. This needs to be enabled only for revisions r0p0 and r1p0 of the CPU. + It is fixed in r1p1. + +- ``ERRATA_X3_2701951``: This applies erratum 2701951 workaround to Cortex-X3 + CPU and affects system configurations that do not use an ARM interconnect + IP. This needs to be applied to revisions r0p0, r1p0 and r1p1. It is fixed + in r1p2. - ``ERRATA_X3_2742421``: This applies errata 2742421 workaround to Cortex-X3 CPU. This needs to be enabled only for revisions r0p0, r1p0 and r1p1. It is fixed in r1p2. +- ``ERRATA_X3_2743088``: This applies errata 2743088 workaround to Cortex-X3 + CPU. This needs to be enabled only for revisions r0p0, r1p0 and r1p1. It is + fixed in r1p2. + +- ``ERRATA_X3_2779509``: This applies errata 2779509 workaround to Cortex-X3 + CPU. This needs to be enabled only for revisions r0p0, r1p0 and r1p1 of the + CPU. It is fixed in r1p2. + +For Cortex-X4, the following errata build flags are defined : + +- ``ERRATA_X4_2701112``: This applies erratum 2701112 workaround to Cortex-X4 + CPU and affects system configurations that do not use an Arm interconnect IP. + This needs to be enabled for revisions r0p0 and is fixed in r0p1. + The workaround for this erratum is not implemented in EL3, but the flag can + be enabled/disabled at the platform level. The flag is used when the errata ABI + feature is enabled and can assist the Kernel in the process of + mitigation of the erratum. + +- ``ERRATA_X4_2740089``: This applies errata 2740089 workaround to Cortex-X4 + CPU. This needs to be enabled for revisions r0p0 and r0p1. It is fixed + in r0p2. + +- ``ERRATA_X4_2763018``: This applies errata 2763018 workaround to Cortex-X4 + CPU. This needs to be enabled for revisions r0p0 and r0p1. It is fixed in r0p2. + For Cortex-A510, the following errata build flags are defined : - ``ERRATA_A510_1922240``: This applies errata 1922240 workaround to @@ -812,12 +886,56 @@ For Cortex-A510, the following errata build flags are defined : Cortex-A510 CPU. This needs to be applied to revision r0p0, r0p1, r0p2, r0p3, r1p0, r1p1 and r1p2. It is fixed in r1p3. +For Cortex-A520, the following errata build flags are defined : + +- ``ERRATA_A520_2630792``: This applies errata 2630792 workaround to + Cortex-A520 CPU. This needs to applied for revisions r0p0, r0p1 of the + CPU and is still open. + +- ``ERRATA_A520_2858100``: This applies errata 2858100 workaround to + Cortex-A520 CPU. This needs to be enabled for revisions r0p0 and r0p1. + It is still open. + For Cortex-A715, the following errata build flags are defined : -- ``ERRATA_A715_2701951``: This applies erratum 2701951 workaround to Cortex-A715 - CPU and affects system configurations that do not use an ARM interconnect - IP. This needs to be applied to revisions r0p0, r1p0 and r1p1. It is fixed - in r1p2. +- ``ERRATA_A715_2331818``: This applies errata 2331818 workaround to + Cortex-A715 CPU. This needs to be enabled for revisions r0p0 and r1p0. + It is fixed in r1p1. + +- ``ERRATA_A715_2344187``: This applies errata 2344187 workaround to + Cortex-A715 CPU. This needs to be enabled for revisions r0p0 and r1p0. It is + fixed in r1p1. + +- ``ERRATA_A715_2413290``: This applies errata 2413290 workaround to + Cortex-A715 CPU. This needs to be enabled only for revision r1p0 and + when SPE(Statistical profiling extension)=True. The errata is fixed + in r1p1. + +- ``ERRATA_A715_2420947``: This applies errata 2420947 workaround to + Cortex-A715 CPU. This needs to be enabled only for revision r1p0. + It is fixed in r1p1. + +- ``ERRATA_A715_2429384``: This applies errata 2429384 workaround to + Cortex-A715 CPU. This needs to be enabled for revision r1p0. There is no + workaround for revision r0p0. It is fixed in r1p1. + +- ``ERRATA_A715_2561034``: This applies errata 2561034 workaround to + Cortex-A715 CPU. This needs to be enabled only for revision r1p0. + It is fixed in r1p1. + +- ``ERRATA_A715_2728106``: This applies errata 2728106 workaround to + Cortex-A715 CPU. This needs to be enabled for revisions r0p0, r1p0 + and r1p1. It is fixed in r1p2. + +For Cortex-A720, the following errata build flags are defined : + +- ``ERRATA_A720_2926083``: This applies errata 2926083 workaround to + Cortex-A720 CPU. This needs to be enabled for revisions r0p0 and r0p1. + It is fixed in r0p2. + +- ``ERRATA_A720_2940794``: This applies errata 2940794 workaround to + Cortex-A720 CPU. This needs to be enabled for revisions r0p0 and r0p1. + It is fixed in r0p2. DSU Errata Workarounds ---------------------- @@ -904,7 +1022,7 @@ GIC Errata Workarounds -------------- -*Copyright (c) 2014-2023, Arm Limited and Contributors. All rights reserved.* +*Copyright (c) 2014-2024, Arm Limited and Contributors. All rights reserved.* .. _CVE-2017-5715: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715 .. _CVE-2018-3639: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639 diff --git a/docs/getting_started/build-options.rst b/docs/getting_started/build-options.rst index 80baf9cdd9..5ba5d0a4b1 100644 --- a/docs/getting_started/build-options.rst +++ b/docs/getting_started/build-options.rst @@ -671,6 +671,19 @@ Common build options MARCH_DIRECTIVE := -march=armv8.5-a +- ``HARDEN_SLS``: used to pass -mharden-sls=all from the TF-A build + options to the compiler currently supporting only of the options. + GCC documentation: + https://gcc.gnu.org/onlinedocs/gcc/AArch64-Options.html#index-mharden-sls + + An example usage: + + .. code:: make + + HARDEN_SLS := 1 + + This option defaults to 0. + - ``NON_TRUSTED_WORLD_KEY``: This option is used when ``GENERATE_COT=1``. It specifies a file that contains the Non-Trusted World private key in PEM format or a PKCS11 URI. If ``SAVE_KEYS=1``, only a file is accepted and it diff --git a/docs/getting_started/prerequisites.rst b/docs/getting_started/prerequisites.rst index 573abdfe49..5a4e5033fe 100644 --- a/docs/getting_started/prerequisites.rst +++ b/docs/getting_started/prerequisites.rst @@ -64,7 +64,7 @@ The following tools are required to obtain and build |TF-A|: The following libraries must be available to build one or more components or supporting tools: -- OpenSSL >= 1.1.1 (v3.0.0 to v3.0.6 highly discouraged due to security issues) +- OpenSSL >= 1.0.0 (1.0.x, v3.0.0 to v3.0.6 highly discouraged due to security issues) Required to build the cert_create, encrypt_fw, and fiptool tools. diff --git a/docs/process/security.rst b/docs/process/security.rst index c6429ad5b2..c4f3ff2b59 100644 --- a/docs/process/security.rst +++ b/docs/process/security.rst @@ -73,6 +73,8 @@ Security Advisories | |TFV-10| | Incorrect validation of X.509 certificate extensions can result | | | in an out-of-bounds read | +-----------+------------------------------------------------------------------+ +| |TFV-11| | A Malformed SDEI SMC can cause out of bound memory read | ++-----------+------------------------------------------------------------------+ .. _issue tracker: https://developer.trustedfirmware.org/project/board/1/ .. _mailing list: https://lists.trustedfirmware.org/mailman3/lists/tf-a.lists.trustedfirmware.org/ @@ -87,6 +89,7 @@ Security Advisories .. |TFV-8| replace:: :ref:`Advisory TFV-8 (CVE-2018-19440)` .. |TFV-9| replace:: :ref:`Advisory TFV-9 (CVE-2022-23960)` .. |TFV-10| replace:: :ref:`Advisory TFV-10 (CVE-2022-47630)` +.. |TFV-11| replace:: :ref:`Advisory TFV-11 (CVE-2023-49100)` .. _TrustedFirmware.org security incident process: https://developer.trustedfirmware.org/w/collaboration/security_center/ diff --git a/docs/security_advisories/index.rst b/docs/security_advisories/index.rst index c9b0f7819e..ad55546721 100644 --- a/docs/security_advisories/index.rst +++ b/docs/security_advisories/index.rst @@ -15,3 +15,4 @@ Security Advisories security-advisory-tfv-8.rst security-advisory-tfv-9.rst security-advisory-tfv-10.rst + security-advisory-tfv-11.rst diff --git a/docs/security_advisories/security-advisory-tfv-11.rst b/docs/security_advisories/security-advisory-tfv-11.rst new file mode 100644 index 0000000000..b5063f09e2 --- /dev/null +++ b/docs/security_advisories/security-advisory-tfv-11.rst @@ -0,0 +1,86 @@ +Advisory TFV-11 (CVE-2023-49100) +================================ + ++----------------+-------------------------------------------------------------+ +| Title | A Malformed SDEI SMC can cause out of bound memory read. | ++================+=============================================================+ +| CVE ID | `CVE-2023-49100`_ | ++----------------+-------------------------------------------------------------+ +| Date | Reported on 12 Oct 2023 | ++----------------+-------------------------------------------------------------+ +| Versions | TF-A releases v1.5 to v2.9 | +| Affected | LTS releases lts-v2.8.0 to lts-v2.8.11 | ++----------------+-------------------------------------------------------------+ +| Configurations | Platforms with SDEI support | +| Affected | | ++----------------+-------------------------------------------------------------+ +| Impact | Denial of Service (secure world panic) | ++----------------+-------------------------------------------------------------+ +| Fix Version | `a7eff3477`_ "fix(sdei): ensure that interrupt ID is valid" | ++----------------+-------------------------------------------------------------+ +| Credit | Christian Lindenmeier `@_chli_`_ | +| | Marcel Busch `@0ddc0de`_ | +| | `IT Security Infrastructures Lab`_ | ++----------------+-------------------------------------------------------------+ + +This security advisory describes a vulnerability in the SDEI services, where a +rogue Non-secure caller invoking a SDEI_INTERRUPT_BIND SMC call with an invalid +interrupt ID causes out of bound memory read. + +SDEI_INTERRUPT_BIND is used to bind any physical interrupt into a normal +priority SDEI event. The interrupt can be a private peripheral interrupt +(PPI) or a shared peripheral interrupt (SPI). +Refer to SDEI_INTERRUPT_BIND in the `SDEI Specification`_ for further details. + +The vulnerability exists when the SDEI client passes an interrupt ID which +is not implemented by the GIC. This will result in a data abort exception +or a EL3 panic depending on the GIC version used in the system. + +- **GICv2 systems:** + +.. code:: c + + Call stack: + sdei_interrupt_bind(interrupt ID) + -> plat_ic_get_interrupt_type(interrupt ID) + -> gicv2_get_interrupt_group(interrupt ID) + -> gicd_get_igroupr(distributor base, interrupt ID) + -> gicd_read_igroupr(distributor base, interrupt ID). + + gicd_read_igroupr() will eventually do a MMIO read to an unimplemented IGROUPR + register. Which may cause a data abort or an access to a random EL3 memory region. + +- **GICv3 systems:** + +.. code:: c + + Call stack: + sdei_interrupt_bind(interrupt ID) + -> plat_ic_get_interrupt_type(interrupt ID) + -> gicv3_get_interrupt_group(interrupt ID, core ID) + -> is_sgi_ppi(interrupt ID) + + is_sgi_ppi() will end up in an EL3 panic on encountering an invalid interrupt ID. + +The vulnerability is fixed by ensuring that the Interrupt ID provided by the +SDEI client is a valid PPI or SPI, otherwise return an error code indicating +that the parameter is invalid. + +.. code:: c + + /* Bind an SDEI event to an interrupt */ + static int sdei_interrupt_bind(unsigned int intr_num) + { + sdei_ev_map_t *map; + bool retry = true, shared_mapping; + + /* Interrupt must be either PPI or SPI */ + if (!(plat_ic_is_ppi(intr_num) || plat_ic_is_spi(intr_num))) + return SDEI_EINVAL; + +.. _CVE-2023-49100: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49100 +.. _a7eff3477: https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/commit/?id=a7eff3477dcf3624c74f5217419b1a27b7ebd2aa +.. _IT Security Infrastructures Lab: https://www.cs1.tf.fau.de/ +.. _SDEI Specification: https://developer.arm.com/documentation/den0054/latest/ +.. _@_chli_: https://twitter.com/_chli_ +.. _@0ddc0de: https://twitter.com/0ddc0de diff --git a/docs/security_advisories/security-advisory-tfv-9.rst b/docs/security_advisories/security-advisory-tfv-9.rst index 762801d71c..014221e388 100644 --- a/docs/security_advisories/security-advisory-tfv-9.rst +++ b/docs/security_advisories/security-advisory-tfv-9.rst @@ -87,7 +87,7 @@ revisions of Cortex-A73 and Cortex-A75 that implements FEAT_CSV2). +----------------------+ | Neoverse-V2 | +----------------------+ -| Neoverse-Poseidon | +| Neoverse-V3 | +----------------------+ For all other cores impacted by Spectre-BHB, some of which that do not implement diff --git a/docs/threat_model/threat_model.rst b/docs/threat_model/threat_model.rst index 0da2558549..58ca2812ef 100644 --- a/docs/threat_model/threat_model.rst +++ b/docs/threat_model/threat_model.rst @@ -161,6 +161,15 @@ in scope of this threat model. ion beam (FIB) workstation or decapsulate the chip using chemicals) is considered out-of-scope. + Certain non-invasive physical attacks that do not need modifications to the + chip, notably those like Power Analysis Attacks, are out-of-scope. Power + analysis side-channel attacks represent a category of security threats that + capitalize on information leakage through a device's power consumption during + its normal operation. These attacks leverage the correlation between a + device's power usage and its internal data processing activities. This + correlation provides attackers with the means to extract sensitive + information, including cryptographic keys. + Threat Types ============ diff --git a/drivers/arm/gic/v3/gicv3_main.c b/drivers/arm/gic/v3/gicv3_main.c index 3c995171f5..efd976773d 100644 --- a/drivers/arm/gic/v3/gicv3_main.c +++ b/drivers/arm/gic/v3/gicv3_main.c @@ -1297,6 +1297,31 @@ unsigned int gicv3_set_pmr(unsigned int mask) return old_mask; } +/******************************************************************************* + * This function restores the PMR register to old value and also triggers + * gicv3_apply_errata_wa_2384374() that flushes the GIC buffer allowing any + * pending interrupts to processed. Returns the original PMR. + ******************************************************************************/ +unsigned int gicv3_deactivate_priority(unsigned int mask) +{ + + unsigned int old_mask, proc_num; + uintptr_t gicr_base; + + old_mask = gicv3_set_pmr(mask); + + proc_num = plat_my_core_pos(); + gicr_base = gicv3_driver_data->rdistif_base_addrs[proc_num]; + assert(gicr_base != 0UL); + + /* Add DSB to ensure visibility of System register writes */ + dsb(); + + gicv3_apply_errata_wa_2384374(gicr_base); + + return old_mask; +} + /******************************************************************************* * This function delegates the responsibility of discovering the corresponding * Redistributor frames to each CPU itself. It is a modified version of diff --git a/include/arch/aarch64/arch.h b/include/arch/aarch64/arch.h index e9d22b61d1..7d6ff5f892 100644 --- a/include/arch/aarch64/arch.h +++ b/include/arch/aarch64/arch.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved. + * Copyright (c) 2013-2024, Arm Limited and Contributors. All rights reserved. * Copyright (c) 2020-2022, NVIDIA Corporation. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause @@ -1357,6 +1357,8 @@ #define RGSR_EL1 S3_0_C1_C0_5 #define GCR_EL1 S3_0_C1_C0_6 +#define GCR_EL1_RRND_BIT (UL(1) << 16) + /******************************************************************************* * Armv8.5 - Random Number Generator Registers ******************************************************************************/ diff --git a/include/arch/aarch64/el3_common_macros.S b/include/arch/aarch64/el3_common_macros.S index a78837f23f..26c7578929 100644 --- a/include/arch/aarch64/el3_common_macros.S +++ b/include/arch/aarch64/el3_common_macros.S @@ -64,9 +64,21 @@ * * SCR_EL3.EA: Set to one to route External Aborts and SError Interrupts * to EL3 when executing at any EL. + * + * SCR_EL3.EEL2: Set to one if S-EL2 is present and enabled. + * + * NOTE: Modifying EEL2 bit along with EA bit ensures that we mitigate + * against ERRATA_V2_3099206. * --------------------------------------------------------------------- */ mov_imm x0, (SCR_RESET_VAL | SCR_EA_BIT | SCR_SIF_BIT) +#if IMAGE_BL31 && defined(SPD_spmd) && SPMD_SPM_AT_SEL2 + mrs x1, id_aa64pfr0_el1 + and x1, x1, #(ID_AA64PFR0_SEL2_MASK << ID_AA64PFR0_SEL2_SHIFT) + cbz x1, 1f + orr x0, x0, #SCR_EEL2_BIT +#endif +1: msr scr_el3, x0 /* --------------------------------------------------------------------- diff --git a/include/drivers/arm/gicv3.h b/include/drivers/arm/gicv3.h index cf6a7465a3..bfda31bbfd 100644 --- a/include/drivers/arm/gicv3.h +++ b/include/drivers/arm/gicv3.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2024, Arm Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -588,6 +588,7 @@ void gicv3_set_spi_routing(unsigned int id, unsigned int irm, void gicv3_set_interrupt_pending(unsigned int id, unsigned int proc_num); void gicv3_clear_interrupt_pending(unsigned int id, unsigned int proc_num); unsigned int gicv3_set_pmr(unsigned int mask); +unsigned int gicv3_deactivate_priority(unsigned int mask); void gicv3_get_component_prodid_rev(const uintptr_t gicd_base, unsigned int *gic_prod_id, diff --git a/include/lib/cpus/aarch64/cortex_a520.h b/include/lib/cpus/aarch64/cortex_a520.h index 417698152d..619a15d1c8 100644 --- a/include/lib/cpus/aarch64/cortex_a520.h +++ b/include/lib/cpus/aarch64/cortex_a520.h @@ -12,8 +12,15 @@ /******************************************************************************* * CPU Extended Control register specific definitions ******************************************************************************/ +#define CORTEX_A520_CPUACTLR_EL1 S3_0_C15_C1_0 + #define CORTEX_A520_CPUECTLR_EL1 S3_0_C15_C1_4 +/******************************************************************************* + * CPU Auxiliary Control register 1 specific definitions. + ******************************************************************************/ +#define CORTEX_A520_CPUACTLR_EL1 S3_0_C15_C1_0 + /******************************************************************************* * CPU Power Control register specific definitions ******************************************************************************/ diff --git a/include/lib/cpus/aarch64/cortex_a710.h b/include/lib/cpus/aarch64/cortex_a710.h index 432e17aba4..9df8d471b1 100644 --- a/include/lib/cpus/aarch64/cortex_a710.h +++ b/include/lib/cpus/aarch64/cortex_a710.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021-2022, Arm Limited. All rights reserved. + * Copyright (c) 2021-2023, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -38,6 +38,11 @@ #define CORTEX_A710_CPUACTLR2_EL1_BIT_40 (ULL(1) << 40) #define CORTEX_A710_CPUACTLR2_EL1_BIT_36 (ULL(1) << 36) +/******************************************************************************* + * CPU Auxiliary Control register 3 specific definitions. + ******************************************************************************/ +#define CORTEX_A710_CPUACTLR3_EL1 S3_0_C15_C1_2 + /******************************************************************************* * CPU Auxiliary Control register 5 specific definitions. ******************************************************************************/ diff --git a/include/lib/cpus/aarch64/cortex_a715.h b/include/lib/cpus/aarch64/cortex_a715.h index 950d02f325..c7f50db349 100644 --- a/include/lib/cpus/aarch64/cortex_a715.h +++ b/include/lib/cpus/aarch64/cortex_a715.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021-2023, Arm Limited. All rights reserved. + * Copyright (c) 2021-2024, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -12,11 +12,26 @@ /* Cortex-A715 loop count for CVE-2022-23960 mitigation */ #define CORTEX_A715_BHB_LOOP_COUNT U(38) +/******************************************************************************* + * CPU Auxiliary Control register 1 specific definitions. + ******************************************************************************/ +#define CORTEX_A715_CPUACTLR_EL1 S3_0_C15_C1_0 + +/******************************************************************************* + * CPU Auxiliary Control register 2 specific definitions. + ******************************************************************************/ +#define CORTEX_A715_CPUACTLR2_EL1 S3_0_C15_C1_1 + /******************************************************************************* * CPU Extended Control register specific definitions ******************************************************************************/ #define CORTEX_A715_CPUECTLR_EL1 S3_0_C15_C1_4 +#define CORTEX_A715_CPUPSELR_EL3 S3_6_C15_C8_0 +#define CORTEX_A715_CPUPCR_EL3 S3_6_C15_C8_1 +#define CORTEX_A715_CPUPOR_EL3 S3_6_C15_C8_2 +#define CORTEX_A715_CPUPMR_EL3 S3_6_C15_C8_3 + /******************************************************************************* * CPU Power Control register specific definitions ******************************************************************************/ diff --git a/include/lib/cpus/aarch64/cortex_a720.h b/include/lib/cpus/aarch64/cortex_a720.h index 47bbbc0799..fb27f79123 100644 --- a/include/lib/cpus/aarch64/cortex_a720.h +++ b/include/lib/cpus/aarch64/cortex_a720.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021-2023, Arm Limited. All rights reserved. + * Copyright (c) 2021-2024, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -12,6 +12,16 @@ /* Cortex A720 loop count for CVE-2022-23960 mitigation */ #define CORTEX_A720_BHB_LOOP_COUNT U(132) +/******************************************************************************* + * CPU Auxiliary Control register 1 specific definitions. + ******************************************************************************/ +#define CORTEX_A720_CPUACTLR_EL1 S3_0_C15_C1_0 + +/******************************************************************************* + * CPU Auxiliary Control register 2 specific definitions. + ******************************************************************************/ +#define CORTEX_A720_CPUACTLR2_EL1 S3_0_C15_C1_1 + /******************************************************************************* * CPU Extended Control register specific definitions ******************************************************************************/ diff --git a/include/lib/cpus/aarch64/cortex_a78c.h b/include/lib/cpus/aarch64/cortex_a78c.h index 301be69a4b..d600ecab53 100644 --- a/include/lib/cpus/aarch64/cortex_a78c.h +++ b/include/lib/cpus/aarch64/cortex_a78c.h @@ -47,4 +47,9 @@ #define CORTEX_A78C_IMP_CPUPOR_EL3 S3_6_C15_C8_2 #define CORTEX_A78C_IMP_CPUPMR_EL3 S3_6_C15_C8_3 +/******************************************************************************* + * CPU Auxiliary Control register 5 specific definitions. + ******************************************************************************/ +#define CORTEX_A78C_ACTLR5_EL1 S3_0_C15_C9_0 + #endif /* CORTEX_A78C_H */ diff --git a/include/lib/cpus/aarch64/cortex_x2.h b/include/lib/cpus/aarch64/cortex_x2.h index 863b8c8d37..0f97b1e115 100644 --- a/include/lib/cpus/aarch64/cortex_x2.h +++ b/include/lib/cpus/aarch64/cortex_x2.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021-2022, Arm Limited. All rights reserved. + * Copyright (c) 2021-2023, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -27,6 +27,11 @@ #define CORTEX_X2_CPUECTLR2_EL1_PF_MODE_WIDTH U(4) #define CORTEX_X2_CPUECTLR2_EL1_PF_MODE_CNSRV ULL(0x9) +/******************************************************************************* + * CPU Auxiliary Control register 3 specific definitions. + ******************************************************************************/ +#define CORTEX_X2_CPUACTLR3_EL1 S3_0_C15_C1_2 + /******************************************************************************* * CPU Power Control register specific definitions ******************************************************************************/ diff --git a/include/lib/cpus/aarch64/cortex_x3.h b/include/lib/cpus/aarch64/cortex_x3.h index 04548eae4e..c5f820cf4d 100644 --- a/include/lib/cpus/aarch64/cortex_x3.h +++ b/include/lib/cpus/aarch64/cortex_x3.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021-2023, Arm Limited. All rights reserved. + * Copyright (c) 2021-2024, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -25,6 +25,11 @@ #define CORTEX_X3_CPUPWRCTLR_EL1_WFI_RET_CTRL_BITS_SHIFT U(4) #define CORTEX_X3_CPUPWRCTLR_EL1_WFE_RET_CTRL_BITS_SHIFT U(7) +/******************************************************************************* + * CPU Auxiliary Control register specific definitions. + ******************************************************************************/ +#define CORTEX_X3_CPUACTLR_EL1 S3_0_C15_C1_0 + /******************************************************************************* * CPU Auxiliary Control register 2 specific definitions. ******************************************************************************/ @@ -38,6 +43,11 @@ #define CORTEX_X3_CPUACTLR5_EL1_BIT_55 (ULL(1) << 55) #define CORTEX_X3_CPUACTLR5_EL1_BIT_56 (ULL(1) << 56) +/******************************************************************************* + * CPU Auxiliary Control register 6 specific definitions. + ******************************************************************************/ +#define CORTEX_X3_CPUACTLR6_EL1 S3_0_C15_C8_1 + /******************************************************************************* * CPU Extended Control register 2 specific definitions. ******************************************************************************/ @@ -47,4 +57,10 @@ #define CORTEX_X3_CPUECTLR2_EL1_PF_MODE_WIDTH U(4) #define CORTEX_X3_CPUECTLR2_EL1_PF_MODE_CNSRV ULL(0x9) +/******************************************************************************* + * CPU Auxiliary Control register 3 specific definitions. + ******************************************************************************/ +#define CORTEX_X3_CPUACTLR3_EL1 S3_0_C15_C1_2 +#define CORTEX_X3_CPUACTLR3_EL1_BIT_47 (ULL(1) << 47) + #endif /* CORTEX_X3_H */ diff --git a/include/lib/cpus/aarch64/cortex_x4.h b/include/lib/cpus/aarch64/cortex_x4.h index 17d07c8b17..433687bd27 100644 --- a/include/lib/cpus/aarch64/cortex_x4.h +++ b/include/lib/cpus/aarch64/cortex_x4.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022-2023, Arm Limited. All rights reserved. + * Copyright (c) 2022-2024, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -23,4 +23,9 @@ #define CORTEX_X4_CPUPWRCTLR_EL1 S3_0_C15_C2_7 #define CORTEX_X4_CPUPWRCTLR_EL1_CORE_PWRDN_BIT U(1) +/******************************************************************************* + * CPU Auxiliary control register specific definitions + ******************************************************************************/ +#define CORTEX_X4_CPUACTLR3_EL1 S3_0_C15_C1_2 + #endif /* CORTEX_X4_H */ diff --git a/include/lib/cpus/aarch64/neoverse_poseidon.h b/include/lib/cpus/aarch64/neoverse_poseidon.h deleted file mode 100644 index 202ef5cb82..0000000000 --- a/include/lib/cpus/aarch64/neoverse_poseidon.h +++ /dev/null @@ -1,27 +0,0 @@ -/* - * Copyright (c) 2022, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#ifndef NEOVERSE_POSEIDON_H -#define NEOVERSE_POSEIDON_H - - -#define NEOVERSE_POSEIDON_MIDR U(0x410FD830) - -/* Neoverse Poseidon loop count for CVE-2022-23960 mitigation */ -#define NEOVERSE_POSEIDON_BHB_LOOP_COUNT U(132) - -/******************************************************************************* - * CPU Extended Control register specific definitions. - ******************************************************************************/ -#define NEOVERSE_POSEIDON_CPUECTLR_EL1 S3_0_C15_C1_4 - -/******************************************************************************* - * CPU Power Control register specific definitions - ******************************************************************************/ -#define NEOVERSE_POSEIDON_CPUPWRCTLR_EL1 S3_0_C15_C2_7 -#define NEOVERSE_POSEIDON_CPUPWRCTLR_EL1_CORE_PWRDN_BIT U(1) - -#endif /* NEOVERSE_POSEIDON_H */ diff --git a/include/lib/cpus/aarch64/neoverse_v1.h b/include/lib/cpus/aarch64/neoverse_v1.h index d61899428b..1e2d7eaf95 100644 --- a/include/lib/cpus/aarch64/neoverse_v1.h +++ b/include/lib/cpus/aarch64/neoverse_v1.h @@ -47,5 +47,6 @@ #define NEOVERSE_V1_ACTLR5_EL1 S3_0_C15_C9_0 #define NEOVERSE_V1_ACTLR5_EL1_BIT_55 (ULL(1) << 55) #define NEOVERSE_V1_ACTLR5_EL1_BIT_56 (ULL(1) << 56) +#define NEOVERSE_V1_ACTLR5_EL1_BIT_61 (ULL(1) << 61) #endif /* NEOVERSE_V1_H */ diff --git a/include/lib/cpus/aarch64/neoverse_v2.h b/include/lib/cpus/aarch64/neoverse_v2.h index 68c15587f8..39a6607132 100644 --- a/include/lib/cpus/aarch64/neoverse_v2.h +++ b/include/lib/cpus/aarch64/neoverse_v2.h @@ -22,6 +22,10 @@ ******************************************************************************/ #define NEOVERSE_V2_CPUPWRCTLR_EL1 S3_0_C15_C2_7 #define NEOVERSE_V2_CPUPWRCTLR_EL1_CORE_PWRDN_BIT U(1) +#define NEOVERSE_V2_CPUPWRCTLR_EL1_WFI_RET_CTRL_SHIFT U(4) +#define NEOVERSE_V2_CPUPWRCTLR_EL1_WFI_RET_CTRL_WIDTH U(3) +#define NEOVERSE_V2_CPUPWRCTLR_EL1_WFE_RET_CTRL_SHIFT U(7) +#define NEOVERSE_V2_CPUPWRCTLR_EL1_WFE_RET_CTRL_WIDTH U(3) /******************************************************************************* * CPU Extended Control register 2 specific definitions. @@ -30,6 +34,9 @@ #define NEOVERSE_V2_CPUECTLR2_EL1_PF_MODE_CNSRV ULL(9) #define NEOVERSE_V2_CPUECTLR2_EL1_PF_MODE_LSB U(11) #define NEOVERSE_V2_CPUECTLR2_EL1_PF_MODE_WIDTH U(4) +#define NEOVERSE_V2_CPUECTLR2_EL1_TXREQ_STATIC_FULL ULL(0) +#define NEOVERSE_V2_CPUECTLR2_EL1_TXREQ_LSB U(0) +#define NEOVERSE_V2_CPUECTLR2_EL1_TXREQ_WIDTH U(3) /******************************************************************************* * CPU Auxiliary Control register 2 specific definitions. diff --git a/include/lib/cpus/aarch64/neoverse_v3.h b/include/lib/cpus/aarch64/neoverse_v3.h new file mode 100644 index 0000000000..e5f75ba9b3 --- /dev/null +++ b/include/lib/cpus/aarch64/neoverse_v3.h @@ -0,0 +1,28 @@ +/* + * Copyright (c) 2022-2024, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#ifndef NEOVERSE_V3_H +#define NEOVERSE_V3_H + + +#define NEOVERSE_V3_VNAE_MIDR U(0x410FD830) +#define NEOVERSE_V3_MIDR U(0x410FD840) + +/* Neoverse V3 loop count for CVE-2022-23960 mitigation */ +#define NEOVERSE_V3_BHB_LOOP_COUNT U(132) + +/******************************************************************************* + * CPU Extended Control register specific definitions. + ******************************************************************************/ +#define NEOVERSE_V3_CPUECTLR_EL1 S3_0_C15_C1_4 + +/******************************************************************************* + * CPU Power Control register specific definitions + ******************************************************************************/ +#define NEOVERSE_V3_CPUPWRCTLR_EL1 S3_0_C15_C2_7 +#define NEOVERSE_V3_CPUPWRCTLR_EL1_CORE_PWRDN_BIT U(1) + +#endif /* NEOVERSE_V3_H */ diff --git a/include/plat/common/platform.h b/include/plat/common/platform.h index 4d1b1c17cf..2bb23c450f 100644 --- a/include/plat/common/platform.h +++ b/include/plat/common/platform.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2013-2023, Arm Limited and Contributors. All rights reserved. + * Copyright (c) 2013-2024, Arm Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -136,6 +136,7 @@ void plat_ic_set_spi_routing(unsigned int id, unsigned int routing_mode, void plat_ic_set_interrupt_pending(unsigned int id); void plat_ic_clear_interrupt_pending(unsigned int id); unsigned int plat_ic_set_priority_mask(unsigned int mask); +unsigned int plat_ic_deactivate_priority(unsigned int mask); unsigned int plat_ic_get_interrupt_id(unsigned int raw); /******************************************************************************* diff --git a/lib/cpus/aarch64/cortex_a520.S b/lib/cpus/aarch64/cortex_a520.S index 6c2f33e85b..74ecbf7c9c 100644 --- a/lib/cpus/aarch64/cortex_a520.S +++ b/lib/cpus/aarch64/cortex_a520.S @@ -21,6 +21,17 @@ #error "Cortex A520 supports only AArch64. Compile with CTX_INCLUDE_AARCH32_REGS=0" #endif +workaround_reset_start cortex_a520, ERRATUM(2630792), ERRATA_A520_2630792 + sysreg_bit_set CORTEX_A520_CPUACTLR_EL1, BIT(38) +workaround_reset_end cortex_a520, ERRATUM(2630792) + +check_erratum_ls cortex_a520, ERRATUM(2630792), CPU_REV(0, 1) + +workaround_reset_start cortex_a520, ERRATUM(2858100), ERRATA_A520_2858100 + sysreg_bit_set CORTEX_A520_CPUACTLR_EL1, BIT(29) +workaround_reset_end cortex_a520, ERRATUM(2858100) + +check_erratum_ls cortex_a520, ERRATUM(2858100), CPU_REV(0, 1) /* ---------------------------------------------------- * HW will do the cache maintenance while powering down * ---------------------------------------------------- diff --git a/lib/cpus/aarch64/cortex_a710.S b/lib/cpus/aarch64/cortex_a710.S index f3931d743c..b99fbb3c10 100644 --- a/lib/cpus/aarch64/cortex_a710.S +++ b/lib/cpus/aarch64/cortex_a710.S @@ -193,6 +193,12 @@ workaround_runtime_end cortex_a710, ERRATUM(2768515), NO_ISB check_erratum_ls cortex_a710, ERRATUM(2768515), CPU_REV(2, 1) +workaround_reset_start cortex_a710, ERRATUM(2778471), ERRATA_A710_2778471 + sysreg_bit_set CORTEX_A710_CPUACTLR3_EL1, BIT(47) +workaround_reset_end cortex_a710, ERRATUM(2778471) + +check_erratum_ls cortex_a710, ERRATUM(2778471), CPU_REV(2, 1) + workaround_reset_start cortex_a710, CVE(2022, 23960), WORKAROUND_CVE_2022_23960 #if IMAGE_BL31 /* diff --git a/lib/cpus/aarch64/cortex_a715.S b/lib/cpus/aarch64/cortex_a715.S index dd4c307f76..16be161eb6 100644 --- a/lib/cpus/aarch64/cortex_a715.S +++ b/lib/cpus/aarch64/cortex_a715.S @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021-2023, Arm Limited. All rights reserved. + * Copyright (c) 2021-2024, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -26,6 +26,95 @@ wa_cve_2022_23960_bhb_vector_table CORTEX_A715_BHB_LOOP_COUNT, cortex_a715 #endif /* WORKAROUND_CVE_2022_23960 */ +workaround_reset_start cortex_a715, ERRATUM(2331818), ERRATA_A715_2331818 + sysreg_bit_set CORTEX_A715_CPUACTLR2_EL1, BIT(20) +workaround_reset_end cortex_a715, ERRATUM(2331818) + +check_erratum_ls cortex_a715, ERRATUM(2331818), CPU_REV(1, 0) + +workaround_reset_start cortex_a715, ERRATUM(2344187), ERRATA_A715_2344187 + /* GCR_EL1 is only present with FEAT_MTE2. */ + mrs x1, ID_AA64PFR1_EL1 + ubfx x0, x1, ID_AA64PFR1_EL1_MTE_SHIFT, #4 + cmp x0, #MTE_IMPLEMENTED_ELX + bne #1f + sysreg_bit_set GCR_EL1, GCR_EL1_RRND_BIT + +1: + /* Mitigation upon ERETAA and ERETAB. */ + mov x0, #2 + msr CORTEX_A715_CPUPSELR_EL3, x0 + isb + ldr x0, =0xd69f0bff + msr CORTEX_A715_CPUPOR_EL3, x0 + ldr x0, =0xfffffbff + msr CORTEX_A715_CPUPMR_EL3, x0 + mov x1, #0 + orr x1, x1, #(1<<0) + orr x1, x1, #(3<<4) + orr x1, x1, #(0xf<<6) + orr x1, x1, #(1<<13) + orr x1, x1, #(1<<53) + msr CORTEX_A715_CPUPCR_EL3, x1 +workaround_reset_end cortex_a715, ERRATUM(2344187) + +check_erratum_ls cortex_a715, ERRATUM(2344187), CPU_REV(1, 0) + +workaround_reset_start cortex_a715, ERRATUM(2413290), ERRATA_A715_2413290 +/* Erratum 2413290 workaround is required only if SPE is enabled */ +#if ENABLE_SPE_FOR_NS != 0 + /* Check if Static profiling extension is implemented or present. */ + mrs x1, id_aa64dfr0_el1 + ubfx x0, x1, ID_AA64DFR0_PMS_SHIFT, #4 + cbz x0, 1f + /* Apply the workaround by setting CPUACTLR_EL1[58:57] = 0b11. */ + sysreg_bit_set CORTEX_A715_CPUACTLR_EL1, BIT(57) + sysreg_bit_set CORTEX_A715_CPUACTLR_EL1, BIT(58) +1: +#endif +workaround_reset_end cortex_a715, ERRATUM(2413290) + +check_erratum_range cortex_a715, ERRATUM(2413290), CPU_REV(1,0), CPU_REV(1, 0) + +workaround_reset_start cortex_a715, ERRATUM(2420947), ERRATA_A715_2420947 + sysreg_bit_set CORTEX_A715_CPUACTLR2_EL1, BIT(33) +workaround_reset_end cortex_a715, ERRATUM(2420947) + +check_erratum_range cortex_a715, ERRATUM(2420947), CPU_REV(1, 0), CPU_REV(1, 0) + +workaround_reset_start cortex_a715, ERRATUM(2429384), ERRATA_A715_2429384 + sysreg_bit_set CORTEX_A715_CPUACTLR2_EL1, BIT(27) +workaround_reset_end cortex_a715, ERRATUM(2429384) + +check_erratum_range cortex_a715, ERRATUM(2429384), CPU_REV(1, 0), CPU_REV(1, 0) + +workaround_reset_start cortex_a715, ERRATUM(2561034), ERRATA_A715_2561034 + sysreg_bit_set CORTEX_A715_CPUACTLR2_EL1, BIT(26) +workaround_reset_end cortex_a715, ERRATUM(2561034) + +check_erratum_range cortex_a715, ERRATUM(2561034), CPU_REV(1, 0), CPU_REV(1, 0) + +workaround_reset_start cortex_a715, ERRATUM(2728106), ERRATA_A715_2728106 + mov x0, #3 + msr CORTEX_A715_CPUPSELR_EL3, x0 + isb + ldr x0, =0xd503339f + msr CORTEX_A715_CPUPOR_EL3, x0 + ldr x0, =0xfffff3ff + msr CORTEX_A715_CPUPMR_EL3, x0 + mov x0, #1 + orr x0, x0, #(3<<4) + orr x0, x0, #(0xf<<6) + orr x0, x0, #(1<<13) + orr x0, x0, #(1<<20) + orr x0, x0, #(1<<22) + orr x0, x0, #(1<<31) + orr x0, x0, #(1<<50) + msr CORTEX_A715_CPUPCR_EL3, x0 +workaround_reset_end cortex_a715, ERRATUM(2728106) + +check_erratum_ls cortex_a715, ERRATUM(2728106), CPU_REV(1, 1) + workaround_reset_start cortex_a715, CVE(2022, 23960), WORKAROUND_CVE_2022_23960 #if IMAGE_BL31 /* diff --git a/lib/cpus/aarch64/cortex_a720.S b/lib/cpus/aarch64/cortex_a720.S index 4b28fdb09f..53a1b7897d 100644 --- a/lib/cpus/aarch64/cortex_a720.S +++ b/lib/cpus/aarch64/cortex_a720.S @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021-2023, Arm Limited. All rights reserved. + * Copyright (c) 2021-2024, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -26,6 +26,28 @@ wa_cve_2022_23960_bhb_vector_table CORTEX_A720_BHB_LOOP_COUNT, cortex_a720 #endif /* WORKAROUND_CVE_2022_23960 */ +workaround_reset_start cortex_a720, ERRATUM(2926083), ERRATA_A720_2926083 +/* Erratum 2926083 workaround is required only if SPE is enabled */ +#if ENABLE_SPE_FOR_NS != 0 + /* Check if Static profiling extension is implemented or present. */ + mrs x1, id_aa64dfr0_el1 + ubfx x0, x1, ID_AA64DFR0_PMS_SHIFT, #4 + cbz x0, 1f + /* Apply the workaround by setting CPUACTLR_EL1[58:57] = 0b11. */ + sysreg_bit_set CORTEX_A720_CPUACTLR_EL1, BIT(57) + sysreg_bit_set CORTEX_A720_CPUACTLR_EL1, BIT(58) +1: +#endif +workaround_reset_end cortex_a720, ERRATUM(2926083) + +check_erratum_ls cortex_a720, ERRATUM(2926083), CPU_REV(0, 1) + +workaround_reset_start cortex_a720, ERRATUM(2940794), ERRATA_A720_2940794 + sysreg_bit_set CORTEX_A720_CPUACTLR2_EL1, BIT(37) +workaround_reset_end cortex_a720, ERRATUM(2940794) + +check_erratum_ls cortex_a720, ERRATUM(2940794), CPU_REV(0, 1) + workaround_reset_start cortex_a720, CVE(2022, 23960), WORKAROUND_CVE_2022_23960 #if IMAGE_BL31 /* diff --git a/lib/cpus/aarch64/cortex_a78c.S b/lib/cpus/aarch64/cortex_a78c.S index d19c69386e..0dc34f7ac3 100644 --- a/lib/cpus/aarch64/cortex_a78c.S +++ b/lib/cpus/aarch64/cortex_a78c.S @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021-2023, Arm Limited. All rights reserved. + * Copyright (c) 2021-2024, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -72,6 +72,27 @@ workaround_reset_end cortex_a78c, ERRATUM(2395411) check_erratum_range cortex_a78c, ERRATUM(2395411), CPU_REV(0, 1), CPU_REV(0, 2) +workaround_reset_start cortex_a78c, ERRATUM(2683027), ERRATA_A78C_2683027 + ldr x0, =0x3 + msr CORTEX_A78C_IMP_CPUPSELR_EL3, x0 + ldr x0, =0xEE010F10 + msr CORTEX_A78C_IMP_CPUPOR_EL3, x0 + ldr x0, =0xFF1F0FFE + msr CORTEX_A78C_IMP_CPUPMR_EL3, x0 + ldr x0, =0x100000004003FF + msr CORTEX_A78C_IMP_CPUPCR_EL3, x0 +workaround_reset_end cortex_a78c, ERRATUM(2683027) + +check_erratum_range cortex_a78c, ERRATUM(2683027), CPU_REV(0, 1), CPU_REV(0, 2) + +workaround_reset_start cortex_a78c, ERRATUM(2743232), ERRATA_A78C_2743232 + /* Set CPUACTLR5_EL1[56:55] to 2'b01 */ + sysreg_bit_set CORTEX_A78C_ACTLR5_EL1, BIT(55) + sysreg_bit_clear CORTEX_A78C_ACTLR5_EL1, BIT(56) +workaround_reset_end cortex_a78c, ERRATUM(2743232) + +check_erratum_range cortex_a78c, ERRATUM(2743232), CPU_REV(0, 1), CPU_REV(0, 2) + workaround_runtime_start cortex_a78c, ERRATUM(2772121), ERRATA_A78C_2772121 /* dsb before isb of power down sequence */ dsb sy diff --git a/lib/cpus/aarch64/cortex_x2.S b/lib/cpus/aarch64/cortex_x2.S index 258288c654..d018182cca 100644 --- a/lib/cpus/aarch64/cortex_x2.S +++ b/lib/cpus/aarch64/cortex_x2.S @@ -133,6 +133,12 @@ workaround_reset_end cortex_x2, ERRATUM(2768515) check_erratum_ls cortex_x2, ERRATUM(2768515), CPU_REV(2, 1) +workaround_reset_start cortex_x2, ERRATUM(2778471), ERRATA_X2_2778471 + sysreg_bit_set CORTEX_X2_CPUACTLR3_EL1, BIT(47) +workaround_reset_end cortex_x2, ERRATUM(2778471) + +check_erratum_ls cortex_x2, ERRATUM(2778471), CPU_REV(2, 1) + workaround_reset_start cortex_x2, CVE(2022, 23960), WORKAROUND_CVE_2022_23960 #if IMAGE_BL31 /* diff --git a/lib/cpus/aarch64/cortex_x3.S b/lib/cpus/aarch64/cortex_x3.S index 0cb3b976bf..49e9ad1d33 100644 --- a/lib/cpus/aarch64/cortex_x3.S +++ b/lib/cpus/aarch64/cortex_x3.S @@ -1,5 +1,5 @@ /* - * Copyright (c) 2021-2023, Arm Limited. All rights reserved. + * Copyright (c) 2021-2024, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -33,12 +33,31 @@ workaround_reset_end cortex_x3, ERRATUM(2070301) check_erratum_ls cortex_x3, ERRATUM(2070301), CPU_REV(1, 2) +workaround_reset_start cortex_x3, ERRATUM(2266875), ERRATA_X3_2266875 + sysreg_bit_set CORTEX_X3_CPUACTLR_EL1, BIT(22) +workaround_reset_end cortex_x3, ERRATUM(2266875) + +check_erratum_ls cortex_x3, ERRATUM(2266875), CPU_REV(1, 0) + +workaround_runtime_start cortex_x3, ERRATUM(2302506), ERRATA_X3_2302506 + sysreg_bit_set CORTEX_X3_CPUACTLR2_EL1, BIT(0) +workaround_runtime_end cortex_x3, ERRATUM(2302506), NO_ISB + +check_erratum_ls cortex_x3, ERRATUM(2302506), CPU_REV(1, 1) + workaround_runtime_start cortex_x3, ERRATUM(2313909), ERRATA_X3_2313909 sysreg_bit_set CORTEX_X3_CPUACTLR2_EL1, CORTEX_X3_CPUACTLR2_EL1_BIT_36 workaround_runtime_end cortex_x3, ERRATUM(2313909), NO_ISB check_erratum_ls cortex_x3, ERRATUM(2313909), CPU_REV(1, 0) +workaround_reset_start cortex_x3, ERRATUM(2372204), ERRATA_X3_2372204 + /* Set bit 40 in CPUACTLR2_EL1 */ + sysreg_bit_set CORTEX_X3_CPUACTLR2_EL1, BIT(40) +workaround_reset_end cortex_x3, ERRATUM(2372204) + +check_erratum_ls cortex_x3, ERRATUM(2372204), CPU_REV(1, 0) + workaround_reset_start cortex_x3, ERRATUM(2615812), ERRATA_X3_2615812 /* Disable retention control for WFI and WFE. */ mrs x0, CORTEX_X3_CPUPWRCTLR_EL1 @@ -49,6 +68,12 @@ workaround_reset_end cortex_x3, ERRATUM(2615812) check_erratum_ls cortex_x3, ERRATUM(2615812), CPU_REV(1, 1) +workaround_runtime_start cortex_x3, ERRATUM(2641945), ERRATA_X3_2641945 + sysreg_bit_set CORTEX_X3_CPUACTLR6_EL1, BIT(41) +workaround_runtime_end cortex_x3, ERRATUM(2641945), NO_ISB + +check_erratum_ls cortex_x3, ERRATUM(2641945), CPU_REV(1, 0) + workaround_reset_start cortex_x3, ERRATUM(2742421), ERRATA_X3_2742421 /* Set CPUACTLR5_EL1[56:55] to 2'b01 */ sysreg_bit_set CORTEX_X3_CPUACTLR5_EL1, CORTEX_X3_CPUACTLR5_EL1_BIT_55 @@ -57,6 +82,20 @@ workaround_reset_end cortex_x3, ERRATUM(2742421) check_erratum_ls cortex_x3, ERRATUM(2742421), CPU_REV(1, 1) +workaround_runtime_start cortex_x3, ERRATUM(2743088), ERRATA_X3_2743088 + /* dsb before isb of power down sequence */ + dsb sy +workaround_runtime_end cortex_x3, ERRATUM(2743088), NO_ISB + +check_erratum_ls cortex_x3, ERRATUM(2743088), CPU_REV(1, 1) + +workaround_reset_start cortex_x3, ERRATUM(2779509), ERRATA_X3_2779509 + /* Set CPUACTLR3_EL1 bit 47 */ + sysreg_bit_set CORTEX_X3_CPUACTLR3_EL1, CORTEX_X3_CPUACTLR3_EL1_BIT_47 +workaround_reset_end cortex_x3, ERRATUM(2779509) + +check_erratum_ls cortex_x3, ERRATUM(2779509), CPU_REV(1, 1) + workaround_reset_start cortex_x3, CVE(2022, 23960), WORKAROUND_CVE_2022_23960 #if IMAGE_BL31 override_vector_table wa_cve_vbar_cortex_x3 @@ -75,12 +114,13 @@ cpu_reset_func_end cortex_x3 * ---------------------------------------------------- */ func cortex_x3_core_pwr_dwn -apply_erratum cortex_x3, ERRATUM(2313909), ERRATA_X3_2313909 + apply_erratum cortex_x3, ERRATUM(2313909), ERRATA_X3_2313909 /* --------------------------------------------------- * Enable CPU power down bit in power control register * --------------------------------------------------- */ sysreg_bit_set CORTEX_X3_CPUPWRCTLR_EL1, CORTEX_X3_CPUPWRCTLR_EL1_CORE_PWRDN_BIT + apply_erratum cortex_x3, ERRATUM(2743088), ERRATA_X3_2743088 isb ret endfunc cortex_x3_core_pwr_dwn diff --git a/lib/cpus/aarch64/cortex_x4.S b/lib/cpus/aarch64/cortex_x4.S index 7619f9cf25..20f1ae18d5 100644 --- a/lib/cpus/aarch64/cortex_x4.S +++ b/lib/cpus/aarch64/cortex_x4.S @@ -1,5 +1,5 @@ /* - * Copyright (c) 2022-2023, Arm Limited. All rights reserved. + * Copyright (c) 2022-2024, Arm Limited. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -26,6 +26,19 @@ wa_cve_2022_23960_bhb_vector_table CORTEX_X4_BHB_LOOP_COUNT, cortex_x4 #endif /* WORKAROUND_CVE_2022_23960 */ +workaround_runtime_start cortex_x4, ERRATUM(2740089), ERRATA_X4_2740089 + /* dsb before isb of power down sequence */ + dsb sy +workaround_runtime_end cortex_x4, ERRATUM(2740089) + +check_erratum_ls cortex_x4, ERRATUM(2740089), CPU_REV(0, 1) + +workaround_reset_start cortex_x4, ERRATUM(2763018), ERRATA_X4_2763018 + sysreg_bit_set CORTEX_X4_CPUACTLR3_EL1, BIT(47) +workaround_reset_end cortex_x4, ERRATUM(2763018) + +check_erratum_ls cortex_x4, ERRATUM(2763018), CPU_REV(0, 1) + workaround_reset_start cortex_x4, CVE(2022, 23960), WORKAROUND_CVE_2022_23960 #if IMAGE_BL31 /* @@ -53,6 +66,9 @@ func cortex_x4_core_pwr_dwn * --------------------------------------------------- */ sysreg_bit_set CORTEX_X4_CPUPWRCTLR_EL1, CORTEX_X4_CPUPWRCTLR_EL1_CORE_PWRDN_BIT + + apply_erratum cortex_x4, ERRATUM(2740089), ERRATA_X4_2740089 + isb ret endfunc cortex_x4_core_pwr_dwn diff --git a/lib/cpus/aarch64/dsu_helpers.S b/lib/cpus/aarch64/dsu_helpers.S index a34b9a6768..8e5b4598c9 100644 --- a/lib/cpus/aarch64/dsu_helpers.S +++ b/lib/cpus/aarch64/dsu_helpers.S @@ -151,13 +151,22 @@ endfunc errata_dsu_936184_wa * This function is called from both assembly and C environment. So it * follows AAPCS. * - * Clobbers: x0-x3 + * Clobbers: x0-x4 * ----------------------------------------------------------------------- */ .globl check_errata_dsu_2313941 .globl errata_dsu_2313941_wa func check_errata_dsu_2313941 + mov x4, x30 + bl is_scu_present_in_dsu + cmp x0, xzr + /* Default error status */ + mov x0, #ERRATA_NOT_APPLIES + + /* If SCU is not present, return without applying patch */ + b.eq 1f + mov x2, #ERRATA_APPLIES mov x3, #ERRATA_NOT_APPLIES @@ -170,7 +179,8 @@ func check_errata_dsu_2313941 mov x1, #(0x31 << CLUSTERIDR_REV_SHIFT) cmp x0, x1 csel x0, x2, x3, LS - ret +1: + ret x4 endfunc check_errata_dsu_2313941 /* -------------------------------------------------- diff --git a/lib/cpus/aarch64/neoverse_poseidon.S b/lib/cpus/aarch64/neoverse_poseidon.S deleted file mode 100644 index 3b3245d8ed..0000000000 --- a/lib/cpus/aarch64/neoverse_poseidon.S +++ /dev/null @@ -1,86 +0,0 @@ -/* - * Copyright (c) 2022-2023, Arm Limited. All rights reserved. - * - * SPDX-License-Identifier: BSD-3-Clause - */ - -#include -#include -#include -#include -#include -#include -#include "wa_cve_2022_23960_bhb_vector.S" - -/* Hardware handled coherency */ -#if HW_ASSISTED_COHERENCY == 0 -#error "Neoverse Poseidon must be compiled with HW_ASSISTED_COHERENCY enabled" -#endif - -/* 64-bit only core */ -#if CTX_INCLUDE_AARCH32_REGS == 1 -#error "Neoverse Poseidon supports only AArch64. Compile with CTX_INCLUDE_AARCH32_REGS=0" -#endif - -#if WORKAROUND_CVE_2022_23960 - wa_cve_2022_23960_bhb_vector_table NEOVERSE_POSEIDON_BHB_LOOP_COUNT, neoverse_poseidon -#endif /* WORKAROUND_CVE_2022_23960 */ - -workaround_reset_start neoverse_poseidon, CVE(2022,23960), WORKAROUND_CVE_2022_23960 -#if IMAGE_BL31 - /* - * The Neoverse-poseidon generic vectors are overridden to apply errata - * mitigation on exception entry from lower ELs. - */ - override_vector_table wa_cve_vbar_neoverse_poseidon - -#endif /* IMAGE_BL31 */ -workaround_reset_end neoverse_poseidon, CVE(2022,23960) - -check_erratum_chosen neoverse_poseidon, CVE(2022, 23960), WORKAROUND_CVE_2022_23960 - - /* --------------------------------------------- - * HW will do the cache maintenance while powering down - * --------------------------------------------- - */ -func neoverse_poseidon_core_pwr_dwn - /* --------------------------------------------- - * Enable CPU power down bit in power control register - * --------------------------------------------- - */ - sysreg_bit_set NEOVERSE_POSEIDON_CPUPWRCTLR_EL1, \ - NEOVERSE_POSEIDON_CPUPWRCTLR_EL1_CORE_PWRDN_BIT - - isb - ret -endfunc neoverse_poseidon_core_pwr_dwn - -cpu_reset_func_start neoverse_poseidon - /* Disable speculative loads */ - msr SSBS, xzr -cpu_reset_func_end neoverse_poseidon - -errata_report_shim neoverse_poseidon - - /* --------------------------------------------- - * This function provides Neoverse-Poseidon specific - * register information for crash reporting. - * It needs to return with x6 pointing to - * a list of register names in ascii and - * x8 - x15 having values of registers to be - * reported. - * --------------------------------------------- - */ -.section .rodata.neoverse_poseidon_regs, "aS" -neoverse_poseidon_regs: /* The ascii list of register names to be reported */ - .asciz "cpuectlr_el1", "" - -func neoverse_poseidon_cpu_reg_dump - adr x6, neoverse_poseidon_regs - mrs x8, NEOVERSE_POSEIDON_CPUECTLR_EL1 - ret -endfunc neoverse_poseidon_cpu_reg_dump - -declare_cpu_ops neoverse_poseidon, NEOVERSE_POSEIDON_MIDR, \ - neoverse_poseidon_reset_func, \ - neoverse_poseidon_core_pwr_dwn diff --git a/lib/cpus/aarch64/neoverse_v1.S b/lib/cpus/aarch64/neoverse_v1.S index 2a49134fce..c2fbb11108 100644 --- a/lib/cpus/aarch64/neoverse_v1.S +++ b/lib/cpus/aarch64/neoverse_v1.S @@ -196,6 +196,13 @@ workaround_reset_end neoverse_v1, ERRATUM(2294912) check_erratum_ls neoverse_v1, ERRATUM(2294912), CPU_REV(1, 2) +workaround_runtime_start neoverse_v1, ERRATUM(2348377), ERRATA_V1_2348377 + /* Set bit 61 in CPUACTLR5_EL1 */ + sysreg_bit_set NEOVERSE_V1_ACTLR5_EL1, NEOVERSE_V1_ACTLR5_EL1_BIT_61 +workaround_runtime_end neoverse_v1, ERRATUM(2348377) + +check_erratum_ls neoverse_v1, ERRATUM(2348377), CPU_REV(1, 1) + workaround_reset_start neoverse_v1, ERRATUM(2372203), ERRATA_V1_2372203 /* Set bit 40 in ACTLR2_EL1 */ sysreg_bit_set NEOVERSE_V1_ACTLR2_EL1, NEOVERSE_V1_ACTLR2_EL1_BIT_40 diff --git a/lib/cpus/aarch64/neoverse_v2.S b/lib/cpus/aarch64/neoverse_v2.S index bfd088d505..d4b3a96cd4 100644 --- a/lib/cpus/aarch64/neoverse_v2.S +++ b/lib/cpus/aarch64/neoverse_v2.S @@ -29,6 +29,25 @@ workaround_reset_end neoverse_v2, ERRATUM(2331132) check_erratum_ls neoverse_v2, ERRATUM(2331132), CPU_REV(0, 2) +workaround_reset_start neoverse_v2, ERRATUM(2618597), ERRATA_V2_2618597 + /* Disable retention control for WFI and WFE. */ + mrs x0, NEOVERSE_V2_CPUPWRCTLR_EL1 + bfi x0, xzr, #NEOVERSE_V2_CPUPWRCTLR_EL1_WFI_RET_CTRL_SHIFT, \ + #NEOVERSE_V2_CPUPWRCTLR_EL1_WFI_RET_CTRL_WIDTH + bfi x0, xzr, #NEOVERSE_V2_CPUPWRCTLR_EL1_WFE_RET_CTRL_SHIFT, \ + #NEOVERSE_V2_CPUPWRCTLR_EL1_WFE_RET_CTRL_WIDTH + msr NEOVERSE_V2_CPUPWRCTLR_EL1, x0 +workaround_reset_end neoverse_v2, ERRATUM(2618597) + +check_erratum_ls neoverse_v2, ERRATUM(2618597), CPU_REV(0, 1) + +workaround_reset_start neoverse_v2, ERRATUM(2662553), ERRATA_V2_2662553 + sysreg_bitfield_insert NEOVERSE_V2_CPUECTLR2_EL1, NEOVERSE_V2_CPUECTLR2_EL1_TXREQ_STATIC_FULL, \ + NEOVERSE_V2_CPUECTLR2_EL1_TXREQ_LSB, NEOVERSE_V2_CPUECTLR2_EL1_TXREQ_WIDTH +workaround_reset_end neoverse_v2, ERRATUM(2662553) + +check_erratum_ls neoverse_v2, ERRATUM(2662553), CPU_REV(0, 1) + workaround_reset_start neoverse_v2, ERRATUM(2719105), ERRATA_V2_2719105 sysreg_bit_set NEOVERSE_V2_CPUACTLR2_EL1, NEOVERSE_V2_CPUACTLR2_EL1_BIT_0 workaround_reset_end neoverse_v2, ERRATUM(2719105) diff --git a/lib/cpus/aarch64/neoverse_v3.S b/lib/cpus/aarch64/neoverse_v3.S new file mode 100644 index 0000000000..67258c8302 --- /dev/null +++ b/lib/cpus/aarch64/neoverse_v3.S @@ -0,0 +1,90 @@ +/* + * Copyright (c) 2022-2024, Arm Limited. All rights reserved. + * + * SPDX-License-Identifier: BSD-3-Clause + */ + +#include +#include +#include +#include +#include +#include +#include "wa_cve_2022_23960_bhb_vector.S" + +/* Hardware handled coherency */ +#if HW_ASSISTED_COHERENCY == 0 +#error "Neoverse V3 must be compiled with HW_ASSISTED_COHERENCY enabled" +#endif + +/* 64-bit only core */ +#if CTX_INCLUDE_AARCH32_REGS == 1 +#error "Neoverse V3 supports only AArch64. Compile with CTX_INCLUDE_AARCH32_REGS=0" +#endif + +#if WORKAROUND_CVE_2022_23960 + wa_cve_2022_23960_bhb_vector_table NEOVERSE_V3_BHB_LOOP_COUNT, neoverse_v3 +#endif /* WORKAROUND_CVE_2022_23960 */ + +workaround_reset_start neoverse_v3, CVE(2022,23960), WORKAROUND_CVE_2022_23960 +#if IMAGE_BL31 + /* + * The Neoverse V3 generic vectors are overridden to apply errata + * mitigation on exception entry from lower ELs. + */ + override_vector_table wa_cve_vbar_neoverse_v3 + +#endif /* IMAGE_BL31 */ +workaround_reset_end neoverse_v3, CVE(2022,23960) + +check_erratum_chosen neoverse_v3, CVE(2022, 23960), WORKAROUND_CVE_2022_23960 + + /* --------------------------------------------- + * HW will do the cache maintenance while powering down + * --------------------------------------------- + */ +func neoverse_v3_core_pwr_dwn + /* --------------------------------------------- + * Enable CPU power down bit in power control register + * --------------------------------------------- + */ + sysreg_bit_set NEOVERSE_V3_CPUPWRCTLR_EL1, \ + NEOVERSE_V3_CPUPWRCTLR_EL1_CORE_PWRDN_BIT + + isb + ret +endfunc neoverse_v3_core_pwr_dwn + +cpu_reset_func_start neoverse_v3 + /* Disable speculative loads */ + msr SSBS, xzr +cpu_reset_func_end neoverse_v3 + +errata_report_shim neoverse_v3 + + /* --------------------------------------------- + * This function provides Neoverse V3 specific + * register information for crash reporting. + * It needs to return with x6 pointing to + * a list of register names in ascii and + * x8 - x15 having values of registers to be + * reported. + * --------------------------------------------- + */ +.section .rodata.neoverse_v3_regs, "aS" +neoverse_v3_regs: /* The ascii list of register names to be reported */ + .asciz "cpuectlr_el1", "" + +func neoverse_v3_cpu_reg_dump + adr x6, neoverse_v3_regs + mrs x8, NEOVERSE_V3_CPUECTLR_EL1 + ret +endfunc neoverse_v3_cpu_reg_dump + +declare_cpu_ops neoverse_v3, NEOVERSE_V3_VNAE_MIDR, \ + neoverse_v3_reset_func, \ + neoverse_v3_core_pwr_dwn + +declare_cpu_ops neoverse_v3, NEOVERSE_V3_MIDR, \ + neoverse_v3_reset_func, \ + neoverse_v3_core_pwr_dwn diff --git a/lib/cpus/cpu-ops.mk b/lib/cpus/cpu-ops.mk index 434ee081c3..f736b5a6f8 100644 --- a/lib/cpus/cpu-ops.mk +++ b/lib/cpus/cpu-ops.mk @@ -1,5 +1,5 @@ # -# Copyright (c) 2014-2023, Arm Limited and Contributors. All rights reserved. +# Copyright (c) 2014-2024, Arm Limited and Contributors. All rights reserved. # Copyright (c) 2020-2022, NVIDIA Corporation. All rights reserved. # # SPDX-License-Identifier: BSD-3-Clause @@ -388,11 +388,19 @@ CPU_FLAG_LIST += ERRATA_A78C_2376749 # to revisions r0p1 and r0p2 of the A78C cpu. It is still open. CPU_FLAG_LIST += ERRATA_A78C_2395411 +# Flag to apply erratum 2683027 workaround during reset. This erratum applies +# to revisions r0p1 and r0p2 of the A78C cpu. It is still open. +CPU_FLAG_LIST += ERRATA_A78C_2683027 + # Flag to apply erratum 2712575 workaround for non-arm interconnect ip. This # erratum applies to revisions r0p1 and r0p2 of the A78C cpu. # It is still open. CPU_FLAG_LIST += ERRATA_A78C_2712575 +# Flag to apply erratum 2743232 workaround during reset. This erratum applies +# to revisions r0p1 and r0p2 of the A78C cpu. It is still open. +CPU_FLAG_LIST += ERRATA_A78C_2743232 + # Flag to apply erratum 2772121 workaround during powerdown. This erratum # applies to revisions r0p0, r0p1 and r0p2 of the A78C cpu. It is still open. CPU_FLAG_LIST += ERRATA_A78C_2772121 @@ -520,6 +528,10 @@ CPU_FLAG_LIST += ERRATA_V1_2216392 # to revisions r0p0, r1p0, and r1p1 and r1p2 of the Neoverse V1 cpu and is still open. CPU_FLAG_LIST += ERRATA_V1_2294912 +# Flag to apply erratum 2348377 workaround during reset. This erratum applies +# to revisions r0p0, r1p0 and r1p1 of the Neoverse V1 cpu and is fixed in r1p2. +CPU_FLAG_LIST += ERRATA_V1_2348377 + # Flag to apply erratum 2372203 workaround during reset. This erratum applies # to revisions r0p0, r1p0 and r1p1 of the Neoverse V1 cpu and is still open. CPU_FLAG_LIST += ERRATA_V1_2372203 @@ -617,6 +629,11 @@ CPU_FLAG_LIST += ERRATA_A710_2742423 # still open. CPU_FLAG_LIST += ERRATA_A710_2768515 +# Flag to apply erratum 2778471 workaround during reset. This erratum applies +# to revisions r0p0, r1p0, r2p0, r2p1 of the Cortex-A710 cpu and is still +# open. +CPU_FLAG_LIST += ERRATA_A710_2778471 + # Flag to apply erratum 2002655 workaround during reset. This erratum applies # to revisions r0p0 of the Neoverse-N2 cpu and is fixed in r0p1. CPU_FLAG_LIST += ERRATA_N2_2002655 @@ -752,23 +769,68 @@ CPU_FLAG_LIST += ERRATA_X2_2742423 # still open. CPU_FLAG_LIST += ERRATA_X2_2768515 +# Flag to apply erratum 2778471 workaround during reset. This erratum applies +# to revisions r0p0, r1p0, r2p0, r2p1 of the Cortex-X2 cpu and it is still open. +CPU_FLAG_LIST += ERRATA_X2_2778471 + # Flag to apply erratum 2070301 workaround on reset. This erratum applies # to revisions r0p0, r1p0, r1p1 and r1p2 of the Cortex-X3 cpu and is # still open. CPU_FLAG_LIST += ERRATA_X3_2070301 +# Flag to apply erratum 2266875 workaround during reset. This erratum applies +# to revisions r0p0 and r1p0 of the Cortex-X3 cpu, it is fixed in r1p1. +CPU_FLAG_LIST += ERRATA_X3_2266875 + +# Flag to apply erratum 2302506 workaround during reset. This erratum applies +# to revisions r0p0, r1p0 and r1p1 of the Cortex-X3 cpu, it is fixed in r1p2. +CPU_FLAG_LIST += ERRATA_X3_2302506 + # Flag to apply erratum 2313909 workaround on powerdown. This erratum applies # to revisions r0p0 and r1p0 of the Cortex-X3 cpu, it is fixed in r1p1. CPU_FLAG_LIST += ERRATA_X3_2313909 +# Flag to apply erratum 2372204 workaround during reset. This erratum applies +# to revisions r0p0 and r1p0 of the Cortex-X3 cpu, it is fixed in r1p1. +CPU_FLAG_LIST += ERRATA_X3_2372204 + # Flag to apply erratum 2615812 workaround on powerdown. This erratum applies -# to revisions r0p0, r1p0, r1p1 of the Cortex-X3 cpu, it is still open. +# to revisions r0p0, r1p0, r1p1 of the Cortex-X3 cpu, it is fixed in r1p2. CPU_FLAG_LIST += ERRATA_X3_2615812 +# Flag to apply erratum 2641945 workaround on reset. This erratum applies +# to revisions r0p0 and r1p0 of the Cortex-X3 cpu, it is fixed in r1p1. +CPU_FLAG_LIST += ERRATA_X3_2641945 + +# Flag to apply erratum 2701951 workaround for non-arm interconnect ip. +# This erratum applies to revisions r0p0, r1p0, and r1p1. Its is fixed in r1p2. +CPU_FLAG_LIST += ERRATA_X3_2701951 + # Flag to apply erratum 2742421 workaround on reset. This erratum applies # to revisions r0p0, r1p0 and r1p1 of the Cortex-X3 cpu, it is fixed in r1p2. CPU_FLAG_LIST += ERRATA_X3_2742421 +# Flag to apply erratum 2743088 workaround on powerdown. This erratum applies +# to revisions r0p0, r1p0 and r1p1 of the Cortex-X3 cpu, it is fixed in r1p2. +CPU_FLAG_LIST += ERRATA_X3_2743088 + +# Flag to apply erratum 2779509 workaround on reset. This erratum applies +# to revisions r0p0, r1p0, r1p1 of the Cortex-X3 cpu, it is fixed in r1p2. +CPU_FLAG_LIST += ERRATA_X3_2779509 + +# Flag to apply erratum 2701112 workaround for platforms that do not use an +# Arm interconnect IP. This erratum applies to revisions r0p0 of the Cortex-X4 +# cpu and is fixed in r0p1. +CPU_FLAG_LIST += ERRATA_X4_2701112 + +# Flag to apply erratum 2740089 workaround during powerdown. This erratum +# applies to all revisions <= r0p1 of the Cortex-X4 cpu, it is fixed in r0p2. +CPU_FLAG_LIST += ERRATA_X4_2740089 + +# Flag to apply erratum 2763018 workaround on reset. This erratum applies +# to revisions r0p0 and r0p1 of the Cortex-X4 cpu. It is fixed in r0p2. +CPU_FLAG_LIST += ERRATA_X4_2763018 + # Flag to apply erratum 1922240 workaround during reset. This erratum applies # to revision r0p0 of the Cortex-A510 cpu and is fixed in r0p1. CPU_FLAG_LIST += ERRATA_A510_1922240 @@ -822,10 +884,26 @@ CPU_FLAG_LIST += ERRATA_A510_2666669 # Cortex-A510 cpu and is fixed in r1p3. CPU_FLAG_LIST += ERRATA_A510_2684597 +# Flag to apply erratum 2630792 workaround during reset. This erratum applies +# to revisions r0p0, r0p1 of the Cortex-A520 cpu and is still open. +CPU_FLAG_LIST += ERRATA_A520_2630792 + +# Flag to apply erratum 2858100 workaround during reset. This erratum +# applies to revision r0p0 and r0p1 of the Cortex-A520 cpu and is still open. +CPU_FLAG_LIST += ERRATA_A520_2858100 + # Flag to apply erratum 2331132 workaround during reset. This erratum applies # to revisions r0p0, r0p1 and r0p2. It is still open. CPU_FLAG_LIST += ERRATA_V2_2331132 +# Flag to apply erratum 2618597 workaround during reset. This erratum applies +# to revisions r0p0 and r0p1. It is fixed in r0p2. +CPU_FLAG_LIST += ERRATA_V2_2618597 + +# Flag to apply erratum 2662553 workaround during reset. This erratum applies +# to revisions r0p0 and r0p1. It is fixed in r0p2. +CPU_FLAG_LIST += ERRATA_V2_2662553 + # Flag to apply erratum 2719103 workaround for non-arm interconnect ip. This # erratum applies to revisions r0p0, rop1. Fixed in r0p2. CPU_FLAG_LIST += ERRATA_V2_2719103 @@ -846,9 +924,41 @@ CPU_FLAG_LIST += ERRATA_V2_2779510 # This erratum applies to revisions r0p0, r0p1. Fixed in r0p2. CPU_FLAG_LIST += ERRATA_V2_2801372 -# Flag to apply erratum 2701951 workaround for non-arm interconnect ip. -# This erratum applies to revisions r0p0, r1p0, and r1p1. Its is fixed in r1p2. -CPU_FLAG_LIST += ERRATA_A715_2701951 +# Flag to apply erratum 2331818 workaround during reset. This erratum applies +# to revisions r0p0 and r1p0. It is fixed in r1p1. +CPU_FLAG_LIST += ERRATA_A715_2331818 + +# Flag to apply erratum 2344187 workaround during reset. This erratum applies +# to revisions r0p0, and r1p0. It is fixed in r1p1. +CPU_FLAG_LIST += ERRATA_A715_2344187 + +# Flag to apply erratum 2413290 workaround during reset. This erratum applies +# only to revision r1p0. It is fixed in r1p1. +CPU_FLAG_LIST += ERRATA_A715_2413290 + +# Flag to apply erratum 2420947 workaround during reset. This erratum applies +# only to revision r1p0. It is fixed in r1p1. +CPU_FLAG_LIST += ERRATA_A715_2420947 + +# Flag to apply erratum 2429384 workaround during reset. This erratum applies +# to revision r1p0. There is no workaround for r0p0. It is fixed in r1p1. +CPU_FLAG_LIST += ERRATA_A715_2429384 + +# Flag to apply erratum 2561034 workaround during reset. This erratum applies +# only to revision r1p0. It is fixed in r1p1. +CPU_FLAG_LIST += ERRATA_A715_2561034 + +# Flag to apply erratum 2728106 workaround during reset. This erratum applies +# only to revision r0p0, r1p0 and r1p1. It is fixed in r1p2. +CPU_FLAG_LIST += ERRATA_A715_2728106 + +# Flag to apply erratum 2926083 workaround during reset. This erratum applies +# to revisions r0p0 and r0p1. It is fixed in r0p2. +CPU_FLAG_LIST += ERRATA_A720_2926083 + +# Flag to apply erratum 2940794 workaround during reset. This erratum applies +# to revisions r0p0 and r0p1. It is fixed in r0p2. +CPU_FLAG_LIST += ERRATA_A720_2940794 # Flag to apply DSU erratum 798953. This erratum applies to DSUs revision r0p0. # Applying the workaround results in higher DSU power consumption on idle. diff --git a/lib/el3_runtime/aarch32/context_mgmt.c b/lib/el3_runtime/aarch32/context_mgmt.c index b60b8e0f05..4ae5e977e5 100644 --- a/lib/el3_runtime/aarch32/context_mgmt.c +++ b/lib/el3_runtime/aarch32/context_mgmt.c @@ -149,11 +149,9 @@ static void enable_extensions_nonsecure(bool el2_unused) trf_init_el3(); } - /* - * Also applies to PMU < v3. The PMU is only disabled for EL3 and Secure - * state execution. This does not affect lower NS ELs. - */ - pmuv3_init_el3(); + if (read_feat_pmuv3_id_field() >= 3U) { + pmuv3_init_el3(); + } #endif /* IMAGE_BL32 */ } diff --git a/lib/extensions/pmuv3/aarch32/pmuv3.c b/lib/extensions/pmuv3/aarch32/pmuv3.c index effb7e02dc..456a48efb0 100644 --- a/lib/extensions/pmuv3/aarch32/pmuv3.c +++ b/lib/extensions/pmuv3/aarch32/pmuv3.c @@ -25,10 +25,6 @@ static u_register_t mtpmu_disable_el3(u_register_t sdcr) return sdcr; } -/* - * Applies to all PMU versions. Name is PMUv3 for compatibility with aarch64 and - * to not clash with platforms which reuse the PMU name - */ void pmuv3_init_el3(void) { u_register_t sdcr = read_sdcr(); diff --git a/make_helpers/defaults.mk b/make_helpers/defaults.mk index f0f157c1f7..b0ff5f05eb 100644 --- a/make_helpers/defaults.mk +++ b/make_helpers/defaults.mk @@ -150,6 +150,10 @@ HANDLE_EA_EL3_FIRST_NS := 0 # Enable Handoff protocol using transfer lists TRANSFER_LIST := 0 +# Enables support for the gcc compiler option "-mharden-sls=all". +# By default, disables all SLS hardening. +HARDEN_SLS := 0 + # Secure hash algorithm flag, accepts 3 values: sha256, sha384 and sha512. # The default value is sha256. HASH_ALG := sha256 diff --git a/package-lock.json b/package-lock.json index e43fa657e4..f5c3665ec4 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "trusted-firmware-a", - "version": "2.10.0", + "version": "2.10.4", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "trusted-firmware-a", - "version": "2.10.0", + "version": "2.10.4", "hasInstallScript": true, "license": "BSD-3-Clause", "devDependencies": { diff --git a/package.json b/package.json index 1c557fdac0..d133075dc9 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "trusted-firmware-a", - "version": "2.10.0", + "version": "2.10.4", "license": "BSD-3-Clause", "private": true, "scripts": { diff --git a/plat/arm/board/fvp/fvp_cpu_errata.mk b/plat/arm/board/fvp/fvp_cpu_errata.mk index b8fa4ea8bd..b26fa803b3 100644 --- a/plat/arm/board/fvp/fvp_cpu_errata.mk +++ b/plat/arm/board/fvp/fvp_cpu_errata.mk @@ -1,63 +1,32 @@ # -# Copyright (c) 2023, Arm Limited and Contributors. All rights reserved. +# Copyright (c) 2023-2024, Arm Limited and Contributors. All rights reserved. # # SPDX-License-Identifier: BSD-3-Clause # - -#/* -# * TODO: below lines of code to be removed -# * after abi and framework are synchronized -# */ +# Flags to enable the cpu structures in the Errata ABI file +# file: services/std_svc/errata_abi/errata_abi_main.c. This is specifically +# for platforms that need to enable errata based on non-arm interconnect IP. ifeq (${ERRATA_ABI_SUPPORT}, 1) -# enable the cpu macros for errata abi interface -ifeq (${ARCH}, aarch64) -ifeq (${HW_ASSISTED_COHERENCY}, 0) -CORTEX_A35_H_INC := 1 -CORTEX_A53_H_INC := 1 -CORTEX_A57_H_INC := 1 -CORTEX_A72_H_INC := 1 -CORTEX_A73_H_INC := 1 -$(eval $(call add_define, CORTEX_A35_H_INC)) -$(eval $(call add_define, CORTEX_A53_H_INC)) -$(eval $(call add_define, CORTEX_A57_H_INC)) -$(eval $(call add_define, CORTEX_A72_H_INC)) -$(eval $(call add_define, CORTEX_A73_H_INC)) -else +ifeq (${ERRATA_NON_ARM_INTERCONNECT}, 1) ifeq (${CTX_INCLUDE_AARCH32_REGS}, 0) -CORTEX_A76_H_INC := 1 -CORTEX_A77_H_INC := 1 +CORTEX_A710_H_INC := 1 CORTEX_A78_H_INC := 1 -NEOVERSE_N1_H_INC := 1 -NEOVERSE_N2_H_INC := 1 -NEOVERSE_V1_H_INC := 1 CORTEX_A78_AE_H_INC := 1 -CORTEX_A510_H_INC := 1 -CORTEX_A710_H_INC := 1 -CORTEX_A715_H_INC := 1 CORTEX_A78C_H_INC := 1 -CORTEX_X2_H_INC := 1 -$(eval $(call add_define, CORTEX_A76_H_INC)) -$(eval $(call add_define, CORTEX_A77_H_INC)) +CORTEX_X3_H_INC := 1 +CORTEX_X4_H_INC := 1 +NEOVERSE_N2_H_INC := 1 +NEOVERSE_V1_H_INC := 1 +$(eval $(call add_define, CORTEX_A710_H_INC)) $(eval $(call add_define, CORTEX_A78_H_INC)) -$(eval $(call add_define, NEOVERSE_N1_H_INC)) -$(eval $(call add_define, NEOVERSE_N2_H_INC)) -$(eval $(call add_define, NEOVERSE_V1_H_INC)) $(eval $(call add_define, CORTEX_A78_AE_H_INC)) -$(eval $(call add_define, CORTEX_A510_H_INC)) -$(eval $(call add_define, CORTEX_A710_H_INC)) -$(eval $(call add_define, CORTEX_A715_H_INC)) $(eval $(call add_define, CORTEX_A78C_H_INC)) -$(eval $(call add_define, CORTEX_X2_H_INC)) -endif -CORTEX_A55_H_INC := 1 -CORTEX_A75_H_INC := 1 -$(eval $(call add_define, CORTEX_A55_H_INC)) -$(eval $(call add_define, CORTEX_A75_H_INC)) +$(eval $(call add_define, CORTEX_X3_H_INC)) +$(eval $(call add_define, CORTEX_X4_H_INC)) +$(eval $(call add_define, NEOVERSE_N2_H_INC)) +$(eval $(call add_define, NEOVERSE_V1_H_INC)) endif -else -CORTEX_A32_H_INC := 1 -$(eval $(call add_define, CORTEX_A32_H_INC)) endif endif diff --git a/plat/arm/board/fvp/platform.mk b/plat/arm/board/fvp/platform.mk index 2fdff34883..998350f718 100644 --- a/plat/arm/board/fvp/platform.mk +++ b/plat/arm/board/fvp/platform.mk @@ -205,12 +205,15 @@ else lib/cpus/aarch64/cortex_a78_ae.S \ lib/cpus/aarch64/cortex_a78c.S \ lib/cpus/aarch64/cortex_a710.S \ + lib/cpus/aarch64/cortex_a715.S \ + lib/cpus/aarch64/cortex_a720.S \ lib/cpus/aarch64/neoverse_n_common.S \ lib/cpus/aarch64/neoverse_n1.S \ lib/cpus/aarch64/neoverse_n2.S \ lib/cpus/aarch64/neoverse_v1.S \ lib/cpus/aarch64/neoverse_e1.S \ lib/cpus/aarch64/cortex_x2.S \ + lib/cpus/aarch64/cortex_x4.S \ lib/cpus/aarch64/cortex_gelas.S \ lib/cpus/aarch64/nevis.S \ lib/cpus/aarch64/travis.S diff --git a/plat/arm/board/rdn2/platform.mk b/plat/arm/board/rdn2/platform.mk index ef8f3d477b..f5fc1addbb 100644 --- a/plat/arm/board/rdn2/platform.mk +++ b/plat/arm/board/rdn2/platform.mk @@ -95,3 +95,25 @@ $(eval $(call TOOL_ADD_PAYLOAD,${NT_FW_CONFIG},--nt-fw-config)) override CTX_INCLUDE_AARCH32_REGS := 0 override ENABLE_FEAT_AMU := 1 + +# Enable N2 CPU errata workarounds +ERRATA_N2_2002655 := 1 +ERRATA_N2_2009478 := 1 +ERRATA_N2_2067956 := 1 +ERRATA_N2_2025414 := 1 +ERRATA_N2_2189731 := 1 +ERRATA_N2_2138956 := 1 +ERRATA_N2_2138953 := 1 +ERRATA_N2_2242415 := 1 +ERRATA_N2_2138958 := 1 +ERRATA_N2_2242400 := 1 +ERRATA_N2_2280757 := 1 +ERRATA_N2_2326639 := 1 +ERRATA_N2_2340933 := 1 +ERRATA_N2_2346952 := 1 +ERRATA_N2_2376738 := 1 +ERRATA_N2_2388450 := 1 +ERRATA_N2_2743014 := 1 +ERRATA_N2_2743089 := 1 +ERRATA_N2_2728475 := 1 +ERRATA_N2_2779511 := 1 diff --git a/plat/common/plat_gicv3.c b/plat/common/plat_gicv3.c index baa70e0ba1..d0c7a31e62 100644 --- a/plat/common/plat_gicv3.c +++ b/plat/common/plat_gicv3.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2015-2023, Arm Limited and Contributors. All rights reserved. + * Copyright (c) 2015-2024, Arm Limited and Contributors. All rights reserved. * Portions copyright (c) 2021-2022, ProvenRun S.A.S. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause @@ -344,6 +344,11 @@ unsigned int plat_ic_set_priority_mask(unsigned int mask) return gicv3_set_pmr(mask); } +unsigned int plat_ic_deactivate_priority(unsigned int mask) +{ + return gicv3_deactivate_priority(mask); +} + unsigned int plat_ic_get_interrupt_id(unsigned int raw) { unsigned int id = raw & INT_ID_MASK; diff --git a/plat/rockchip/rk3328/platform.mk b/plat/rockchip/rk3328/platform.mk index 5b4766d511..f96e18bb0a 100644 --- a/plat/rockchip/rk3328/platform.mk +++ b/plat/rockchip/rk3328/platform.mk @@ -65,6 +65,7 @@ include lib/libfdt/libfdt.mk # Enable workarounds for selected Cortex-A53 errata ERRATA_A53_855873 := 1 +ERRATA_A53_1530924 := 1 $(eval $(call add_define,PLAT_EXTRA_LD_SCRIPT)) $(eval $(call add_define,PLAT_SKIP_OPTEE_S_EL1_INT_REGISTER)) diff --git a/plat/xilinx/versal/platform.mk b/plat/xilinx/versal/platform.mk index 7c53daadde..612e956346 100644 --- a/plat/xilinx/versal/platform.mk +++ b/plat/xilinx/versal/platform.mk @@ -116,3 +116,9 @@ BL31_SOURCES += drivers/arm/cci/cci.c \ ifeq ($(HARDEN_SLS_ALL), 1) TF_CFLAGS_aarch64 += -mharden-sls=all endif + +ifeq (${ERRATA_ABI_SUPPORT}, 1) +# enable the cpu macros for errata abi interface +CORTEX_A72_H_INC := 1 +$(eval $(call add_define, CORTEX_A72_H_INC)) +endif diff --git a/pyproject.toml b/pyproject.toml index 0fe2383869..203e4d8b3b 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "trusted-firmware-a" -version = "2.10.0" +version = "2.10.4" description = "Trusted Firmware-A (TF-A) Python dependencies." authors = ["Arm Ltd."] license = "BSD-3-Clause" diff --git a/readme.rst b/readme.rst index 148d477a42..c68ccc7976 100644 --- a/readme.rst +++ b/readme.rst @@ -49,3 +49,4 @@ that is available through `trustedfirmware.org`_. .. _view the full documentation: https://www.trustedfirmware.org/docs/tf-a .. _trustedfirmware.org: http://www.trustedfirmware.org + diff --git a/services/std_svc/errata_abi/cpu_errata_info.h b/services/std_svc/errata_abi/cpu_errata_info.h index e24a6217ed..2d59fc932b 100644 --- a/services/std_svc/errata_abi/cpu_errata_info.h +++ b/services/std_svc/errata_abi/cpu_errata_info.h @@ -1,5 +1,5 @@ /* - * Copyright (c) 2023, Arm Limited and Contributors. All rights reserved. + * Copyright (c) 2023-2024, Arm Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -11,41 +11,25 @@ #include #if __aarch64__ -#include -#include -#include -#include -#include #include -#include -#include -#include -#include -#include #include #include #include -#include -#include #include #include -#include +#include #include #include #include -#else -#include -#include -#include -#include #endif -#define MAX_ERRATA_ENTRIES 32 +/* Max number of platform based errata with no workaround in EL3 */ +#define MAX_PLAT_CPU_ERRATA_ENTRIES 2 -#define ERRATA_LIST_END (MAX_ERRATA_ENTRIES - 1) +#define ERRATA_LIST_END (MAX_PLAT_CPU_ERRATA_ENTRIES - 1) /* Default values for unused memory in the array */ -#define UNDEF_ERRATA {UINT_MAX, UCHAR_MAX, UCHAR_MAX, false, false} +#define UNDEF_ERRATA {UINT_MAX, UCHAR_MAX, UCHAR_MAX} #define EXTRACT_PARTNUM(x) ((x >> MIDR_PN_SHIFT) & MIDR_PN_MASK) @@ -58,15 +42,11 @@ struct em_cpu{ unsigned int em_errata_id; unsigned char em_rxpx_lo; /* lowest revision of errata applicable for the cpu */ unsigned char em_rxpx_hi; /* highest revision of errata applicable for the cpu */ - bool errata_enabled; /* indicate if errata enabled */ - /* flag to indicate if errata query is based out of non-arm interconnect */ - bool non_arm_interconnect; }; struct em_cpu_list{ - /* field to hold cpu specific part number defined in midr reg */ - unsigned long cpu_partnumber; - struct em_cpu cpu_errata_list[MAX_ERRATA_ENTRIES]; + unsigned long cpu_partnumber; /* cpu specific part number defined in midr reg */ + struct em_cpu cpu_errata_list[MAX_PLAT_CPU_ERRATA_ENTRIES]; }; int32_t verify_errata_implemented(uint32_t errata_id, uint32_t forward_flag); diff --git a/services/std_svc/errata_abi/errata_abi_main.c b/services/std_svc/errata_abi/errata_abi_main.c index 0b263e5f1f..0a1d4f355b 100644 --- a/services/std_svc/errata_abi/errata_abi_main.c +++ b/services/std_svc/errata_abi/errata_abi_main.c @@ -1,11 +1,13 @@ /* - * Copyright (c) 2023, Arm Limited and Contributors. All rights reserved. + * Copyright (c) 2023-2024, Arm Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ #include #include "cpu_errata_info.h" +#include +#include #include #include #include @@ -17,197 +19,14 @@ */ struct em_cpu_list *cpu_ptr; -extern uint8_t cpu_get_rev_var(void); - /* Structure array that holds CPU specific errata information */ struct em_cpu_list cpu_list[] = { -#if CORTEX_A9_H_INC -{ - .cpu_partnumber = CORTEX_A9_MIDR, - .cpu_errata_list = { - [0] = {794073, 0x00, 0xFF, ERRATA_A9_794073}, - [1 ... ERRATA_LIST_END] = UNDEF_ERRATA, - } -}, -#endif /* CORTEX_A9_H_INC */ - -#if CORTEX_A15_H_INC -{ - .cpu_partnumber = CORTEX_A15_MIDR, - .cpu_errata_list = { - [0] = {816470, 0x30, 0xFF, ERRATA_A15_816470}, - [1] = {827671, 0x30, 0xFF, ERRATA_A15_827671}, - [2 ... ERRATA_LIST_END] = UNDEF_ERRATA, - } -}, -#endif /* CORTEX_A15_H_INC */ - -#if CORTEX_A17_H_INC -{ - .cpu_partnumber = CORTEX_A17_MIDR, - .cpu_errata_list = { - [0] = {852421, 0x00, 0x12, ERRATA_A17_852421}, - [1] = {852423, 0x00, 0x12, ERRATA_A17_852423}, - [2 ... ERRATA_LIST_END] = UNDEF_ERRATA, - } -}, -#endif /* CORTEX_A17_H_INC */ - -#if CORTEX_A35_H_INC -{ - .cpu_partnumber = CORTEX_A35_MIDR, - .cpu_errata_list = { - [0] = {855472, 0x00, 0x00, ERRATA_A35_855472}, - [1 ... ERRATA_LIST_END] = UNDEF_ERRATA, - } -}, -#endif /* CORTEX_A35_H_INC */ - -#if CORTEX_A53_H_INC -{ - .cpu_partnumber = CORTEX_A53_MIDR, - .cpu_errata_list = { - [0] = {819472, 0x00, 0x01, ERRATA_A53_819472}, - [1] = {824069, 0x00, 0x02, ERRATA_A53_824069}, - [2] = {826319, 0x00, 0x02, ERRATA_A53_826319}, - [3] = {827319, 0x00, 0x02, ERRATA_A53_827319}, - [4] = {835769, 0x00, 0x04, ERRATA_A53_835769}, - [5] = {836870, 0x00, 0x03, ERRATA_A53_836870}, - [6] = {843419, 0x00, 0x04, ERRATA_A53_843419}, - [7] = {855873, 0x03, 0xFF, ERRATA_A53_855873}, - [8] = {1530924, 0x00, 0xFF, ERRATA_A53_1530924}, - [9 ... ERRATA_LIST_END] = UNDEF_ERRATA, - } -}, -#endif /* CORTEX_A53_H_INC */ - -#if CORTEX_A55_H_INC -{ - .cpu_partnumber = CORTEX_A55_MIDR, - .cpu_errata_list = { - [0] = {768277, 0x00, 0x00, ERRATA_A55_768277}, - [1] = {778703, 0x00, 0x00, ERRATA_A55_778703}, - [2] = {798797, 0x00, 0x00, ERRATA_A55_798797}, - [3] = {846532, 0x00, 0x01, ERRATA_A55_846532}, - [4] = {903758, 0x00, 0x01, ERRATA_A55_903758}, - [5] = {1221012, 0x00, 0x10, ERRATA_A55_1221012}, - [6] = {1530923, 0x00, 0xFF, ERRATA_A55_1530923}, - [7 ... ERRATA_LIST_END] = UNDEF_ERRATA, - } -}, -#endif /* CORTEX_A55_H_INC */ - -#if CORTEX_A57_H_INC -{ - .cpu_partnumber = CORTEX_A57_MIDR, - .cpu_errata_list = { - [0] = {806969, 0x00, 0x00, ERRATA_A57_806969}, - [1] = {813419, 0x00, 0x00, ERRATA_A57_813419}, - [2] = {813420, 0x00, 0x00, ERRATA_A57_813420}, - [3] = {814670, 0x00, 0x00, ERRATA_A57_814670}, - [4] = {817169, 0x00, 0x01, ERRATA_A57_817169}, - [5] = {826974, 0x00, 0x11, ERRATA_A57_826974}, - [6] = {826977, 0x00, 0x11, ERRATA_A57_826977}, - [7] = {828024, 0x00, 0x11, ERRATA_A57_828024}, - [8] = {829520, 0x00, 0x12, ERRATA_A57_829520}, - [9] = {833471, 0x00, 0x12, ERRATA_A57_833471}, - [10] = {859972, 0x00, 0x13, ERRATA_A57_859972}, - [11] = {1319537, 0x00, 0xFF, ERRATA_A57_1319537}, - [12 ... ERRATA_LIST_END] = UNDEF_ERRATA, - } -}, -#endif /* CORTEX_A57_H_INC */ - -#if CORTEX_A72_H_INC -{ - .cpu_partnumber = CORTEX_A72_MIDR, - .cpu_errata_list = { - [0] = {859971, 0x00, 0x03, ERRATA_A72_859971}, - [1] = {1319367, 0x00, 0xFF, ERRATA_A72_1319367}, - [2 ... ERRATA_LIST_END] = UNDEF_ERRATA, - } -}, -#endif /* CORTEX_A72_H_INC */ - -#if CORTEX_A73_H_INC -{ - .cpu_partnumber = CORTEX_A73_MIDR, - .cpu_errata_list = { - [0] = {852427, 0x00, 0x00, ERRATA_A73_852427}, - [1] = {855423, 0x00, 0x01, ERRATA_A73_855423}, - [2 ... ERRATA_LIST_END] = UNDEF_ERRATA, - } -}, -#endif /* CORTEX_A73_H_INC */ - -#if CORTEX_A75_H_INC -{ - .cpu_partnumber = CORTEX_A75_MIDR, - .cpu_errata_list = { - [0] = {764081, 0x00, 0x00, ERRATA_A75_764081}, - [1] = {790748, 0x00, 0x00, ERRATA_A75_790748}, - [2 ... ERRATA_LIST_END] = UNDEF_ERRATA, - } -}, -#endif /* CORTEX_A75_H_INC */ - -#if CORTEX_A76_H_INC -{ - .cpu_partnumber = CORTEX_A76_MIDR, - .cpu_errata_list = { - [0] = {1073348, 0x00, 0x10, ERRATA_A76_1073348}, - [1] = {1130799, 0x00, 0x20, ERRATA_A76_1130799}, - [2] = {1165522, 0x00, 0xFF, ERRATA_A76_1165522}, - [3] = {1220197, 0x00, 0x20, ERRATA_A76_1220197}, - [4] = {1257314, 0x00, 0x30, ERRATA_A76_1257314}, - [5] = {1262606, 0x00, 0x30, ERRATA_A76_1262606}, - [6] = {1262888, 0x00, 0x30, ERRATA_A76_1262888}, - [7] = {1275112, 0x00, 0x30, ERRATA_A76_1275112}, - [8] = {1286807, 0x00, 0x30, ERRATA_A76_1286807}, - [9] = {1791580, 0x00, 0x40, ERRATA_A76_1791580}, - [10] = {1868343, 0x00, 0x40, ERRATA_A76_1868343}, - [11] = {1946160, 0x30, 0x41, ERRATA_A76_1946160}, - [12] = {2743102, 0x00, 0x41, ERRATA_A76_2743102}, - [13 ... ERRATA_LIST_END] = UNDEF_ERRATA, - } -}, -#endif /* CORTEX_A76_H_INC */ - -#if CORTEX_A77_H_INC -{ - .cpu_partnumber = CORTEX_A77_MIDR, - .cpu_errata_list = { - [0] = {1508412, 0x00, 0x10, ERRATA_A77_1508412}, - [1] = {1791578, 0x00, 0x11, ERRATA_A77_1791578}, - [2] = {1800714, 0x00, 0x11, ERRATA_A77_1800714}, - [3] = {1925769, 0x00, 0x11, ERRATA_A77_1925769}, - [4] = {1946167, 0x00, 0x11, ERRATA_A77_1946167}, - [5] = {2356587, 0x00, 0x11, ERRATA_A77_2356587}, - [6] = {2743100, 0x00, 0x11, ERRATA_A77_2743100}, - [7 ... ERRATA_LIST_END] = UNDEF_ERRATA, - } -}, -#endif /* CORTEX_A77_H_INC */ - #if CORTEX_A78_H_INC { .cpu_partnumber = CORTEX_A78_MIDR, .cpu_errata_list = { - [0] = {1688305, 0x00, 0x10, ERRATA_A78_1688305}, - [1] = {1821534, 0x00, 0x10, ERRATA_A78_1821534}, - [2] = {1941498, 0x00, 0x11, ERRATA_A78_1941498}, - [3] = {1951500, 0x10, 0x11, ERRATA_A78_1951500}, - [4] = {1952683, 0x00, 0x00, ERRATA_A78_1952683}, - [5] = {2132060, 0x00, 0x12, ERRATA_A78_2132060}, - [6] = {2242635, 0x10, 0x12, ERRATA_A78_2242635}, - [7] = {2376745, 0x00, 0x12, ERRATA_A78_2376745}, - [8] = {2395406, 0x00, 0x12, ERRATA_A78_2395406}, - [9] = {2712571, 0x00, 0x12, ERRATA_A78_2712571, \ - ERRATA_NON_ARM_INTERCONNECT}, - [10] = {2742426, 0x00, 0x12, ERRATA_A78_2742426}, - [11] = {2772019, 0x00, 0x12, ERRATA_A78_2772019}, - [12] = {2779479, 0x00, 0x12, ERRATA_A78_2779479}, - [13 ... ERRATA_LIST_END] = UNDEF_ERRATA, + [0] = {2712571, 0x00, 0x12}, + [1 ... ERRATA_LIST_END] = UNDEF_ERRATA, } }, #endif /* CORTEX_A78_H_INC */ @@ -216,13 +35,8 @@ struct em_cpu_list cpu_list[] = { { .cpu_partnumber = CORTEX_A78_AE_MIDR, .cpu_errata_list = { - [0] = {1941500, 0x00, 0x01, ERRATA_A78_AE_1941500}, - [1] = {1951502, 0x00, 0x01, ERRATA_A78_AE_1951502}, - [2] = {2376748, 0x00, 0x02, ERRATA_A78_AE_2376748}, - [3] = {2395408, 0x00, 0x01, ERRATA_A78_AE_2395408}, - [4] = {2712574, 0x00, 0x02, ERRATA_A78_AE_2712574, \ - ERRATA_NON_ARM_INTERCONNECT}, - [5 ... ERRATA_LIST_END] = UNDEF_ERRATA, + [0] = {2712574, 0x00, 0x02}, + [1 ... ERRATA_LIST_END] = UNDEF_ERRATA, } }, #endif /* CORTEX_A78_AE_H_INC */ @@ -231,79 +45,18 @@ struct em_cpu_list cpu_list[] = { { .cpu_partnumber = CORTEX_A78C_MIDR, .cpu_errata_list = { - [0] = {1827430, 0x00, 0x00, ERRATA_A78C_1827430}, - [1] = {1827440, 0x00, 0x00, ERRATA_A78C_1827440}, - [2] = {2132064, 0x01, 0x02, ERRATA_A78C_2132064}, - [3] = {2242638, 0x01, 0x02, ERRATA_A78C_2242638}, - [4] = {2376749, 0x01, 0x02, ERRATA_A78C_2376749}, - [5] = {2395411, 0x01, 0x02, ERRATA_A78C_2395411}, - [6] = {2712575, 0x01, 0x02, ERRATA_A78C_2712575, \ - ERRATA_NON_ARM_INTERCONNECT}, - [7] = {2772121, 0x00, 0x02, ERRATA_A78C_2772121}, - [8] = {2779484, 0x01, 0x02, ERRATA_A78C_2779484}, - [9 ... ERRATA_LIST_END] = UNDEF_ERRATA, + [0] = {2712575, 0x01, 0x02}, + [1 ... ERRATA_LIST_END] = UNDEF_ERRATA, } }, #endif /* CORTEX_A78C_H_INC */ -#if CORTEX_X1_H_INC -{ - .cpu_partnumber = CORTEX_X1_MIDR, - .cpu_errata_list = { - [0] = {1688305, 0x00, 0x10, ERRATA_X1_1688305}, - [1] = {1821534, 0x00, 0x10, ERRATA_X1_1821534}, - [2] = {1827429, 0x00, 0x10, ERRATA_X1_1827429}, - [3 ... ERRATA_LIST_END] = UNDEF_ERRATA, - } -}, -#endif /* CORTEX_X1_H_INC */ - -#if NEOVERSE_N1_H_INC -{ - .cpu_partnumber = NEOVERSE_N1_MIDR, - .cpu_errata_list = { - [0] = {1043202, 0x00, 0x10, ERRATA_N1_1043202}, - [1] = {1073348, 0x00, 0x10, ERRATA_N1_1073348}, - [2] = {1130799, 0x00, 0x20, ERRATA_N1_1130799}, - [3] = {1165347, 0x00, 0x20, ERRATA_N1_1165347}, - [4] = {1207823, 0x00, 0x20, ERRATA_N1_1207823}, - [5] = {1220197, 0x00, 0x20, ERRATA_N1_1220197}, - [6] = {1257314, 0x00, 0x30, ERRATA_N1_1257314}, - [7] = {1262606, 0x00, 0x30, ERRATA_N1_1262606}, - [8] = {1262888, 0x00, 0x30, ERRATA_N1_1262888}, - [9] = {1275112, 0x00, 0x30, ERRATA_N1_1275112}, - [10] = {1315703, 0x00, 0x30, ERRATA_N1_1315703}, - [11] = {1542419, 0x30, 0x40, ERRATA_N1_1542419}, - [12] = {1868343, 0x00, 0x40, ERRATA_N1_1868343}, - [13] = {1946160, 0x30, 0x41, ERRATA_N1_1946160}, - [14] = {2743102, 0x00, 0x41, ERRATA_N1_2743102}, - [15 ... ERRATA_LIST_END] = UNDEF_ERRATA, - } -}, -#endif /* NEOVERSE_N1_H_INC */ - #if NEOVERSE_V1_H_INC { .cpu_partnumber = NEOVERSE_V1_MIDR, .cpu_errata_list = { - [0] = {1618635, 0x00, 0x00, ERRATA_V1_1618635}, - [1] = {1774420, 0x00, 0x10, ERRATA_V1_1774420}, - [2] = {1791573, 0x00, 0x10, ERRATA_V1_1791573}, - [3] = {1852267, 0x00, 0x10, ERRATA_V1_1852267}, - [4] = {1925756, 0x00, 0x11, ERRATA_V1_1925756}, - [5] = {1940577, 0x10, 0x11, ERRATA_V1_1940577}, - [6] = {1966096, 0x10, 0x11, ERRATA_V1_1966096}, - [7] = {2108267, 0x00, 0x12, ERRATA_V1_2108267}, - [8] = {2139242, 0x00, 0x11, ERRATA_V1_2139242}, - [9] = {2216392, 0x10, 0x11, ERRATA_V1_2216392}, - [10] = {2294912, 0x00, 0x12, ERRATA_V1_2294912}, - [11] = {2372203, 0x00, 0x11, ERRATA_V1_2372203}, - [12] = {2701953, 0x00, 0x11, ERRATA_V1_2701953, \ - ERRATA_NON_ARM_INTERCONNECT}, - [13] = {2743093, 0x00, 0x12, ERRATA_V1_2743093}, - [14] = {2743233, 0x00, 0x12, ERRATA_V1_2743233}, - [15] = {2779461, 0x00, 0x12, ERRATA_V1_2779461}, - [16 ... ERRATA_LIST_END] = UNDEF_ERRATA, + [0] = {2701953, 0x00, 0x11}, + [1 ... ERRATA_LIST_END] = UNDEF_ERRATA, } }, #endif /* NEOVERSE_V1_H_INC */ @@ -312,25 +65,8 @@ struct em_cpu_list cpu_list[] = { { .cpu_partnumber = CORTEX_A710_MIDR, .cpu_errata_list = { - [0] = {1987031, 0x00, 0x20, ERRATA_A710_1987031}, - [1] = {2008768, 0x00, 0x20, ERRATA_A710_2008768}, - [2] = {2017096, 0x00, 0x20, ERRATA_A710_2017096}, - [3] = {2055002, 0x10, 0x20, ERRATA_A710_2055002}, - [4] = {2058056, 0x00, 0x21, ERRATA_A710_2058056}, - [5] = {2081180, 0x00, 0x20, ERRATA_A710_2081180}, - [6] = {2083908, 0x20, 0x20, ERRATA_A710_2083908}, - [7] = {2136059, 0x00, 0x20, ERRATA_A710_2136059}, - [8] = {2147715, 0x20, 0x20, ERRATA_A710_2147715}, - [9] = {2216384, 0x00, 0x20, ERRATA_A710_2216384}, - [10] = {2267065, 0x00, 0x20, ERRATA_A710_2267065}, - [11] = {2282622, 0x00, 0x21, ERRATA_A710_2282622}, - [12] = {2291219, 0x00, 0x20, ERRATA_A710_2291219}, - [13] = {2371105, 0x00, 0x20, ERRATA_A710_2371105}, - [14] = {2701952, 0x00, 0x21, ERRATA_A710_2701952, \ - ERRATA_NON_ARM_INTERCONNECT}, - [15] = {2742423, 0x00, 0x21, ERRATA_A710_2742423}, - [16] = {2768515, 0x00, 0x21, ERRATA_A710_2768515}, - [17 ... ERRATA_LIST_END] = UNDEF_ERRATA, + [0] = {2701952, 0x00, 0x21}, + [1 ... ERRATA_LIST_END] = UNDEF_ERRATA, } }, #endif /* CORTEX_A710_H_INC */ @@ -339,28 +75,8 @@ struct em_cpu_list cpu_list[] = { { .cpu_partnumber = NEOVERSE_N2_MIDR, .cpu_errata_list = { - [0] = {2002655, 0x00, 0x00, ERRATA_N2_2002655}, - [1] = {2009478, 0x00, 0x00, ERRATA_N2_2009478}, - [2] = {2025414, 0x00, 0x00, ERRATA_N2_2025414}, - [3] = {2067956, 0x00, 0x00, ERRATA_N2_2067956}, - [4] = {2138953, 0x00, 0x03, ERRATA_N2_2138953}, - [5] = {2138956, 0x00, 0x00, ERRATA_N2_2138956}, - [6] = {2138958, 0x00, 0x00, ERRATA_N2_2138958}, - [7] = {2189731, 0x00, 0x00, ERRATA_N2_2189731}, - [8] = {2242400, 0x00, 0x00, ERRATA_N2_2242400}, - [9] = {2242415, 0x00, 0x00, ERRATA_N2_2242415}, - [10] = {2280757, 0x00, 0x00, ERRATA_N2_2280757}, - [11] = {2326639, 0x00, 0x00, ERRATA_N2_2326639}, - [12] = {2340933, 0x00, 0x00, ERRATA_N2_2340933}, - [13] = {2346952, 0x00, 0x02, ERRATA_N2_2346952}, - [14] = {2376738, 0x00, 0x00, ERRATA_N2_2376738}, - [15] = {2388450, 0x00, 0x00, ERRATA_N2_2388450}, - [16] = {2728475, 0x00, 0x02, ERRATA_N2_2728475, \ - ERRATA_NON_ARM_INTERCONNECT}, - [17] = {2743014, 0x00, 0x02, ERRATA_N2_2743014}, - [18] = {2743089, 0x00, 0x02, ERRATA_N2_2743089}, - [19] = {2779511, 0x00, 0x02, ERRATA_N2_2779511}, - [20 ... ERRATA_LIST_END] = UNDEF_ERRATA, + [0] = {2728475, 0x00, 0x02}, + [1 ... ERRATA_LIST_END] = UNDEF_ERRATA, } }, #endif /* NEOVERSE_N2_H_INC */ @@ -369,164 +85,126 @@ struct em_cpu_list cpu_list[] = { { .cpu_partnumber = CORTEX_X2_MIDR, .cpu_errata_list = { - [0] = {2002765, 0x00, 0x20, ERRATA_X2_2002765}, - [1] = {2017096, 0x00, 0x20, ERRATA_X2_2017096}, - [2] = {2058056, 0x00, 0x21, ERRATA_X2_2058056}, - [3] = {2081180, 0x00, 0x20, ERRATA_X2_2081180}, - [4] = {2083908, 0x20, 0x20, ERRATA_X2_2083908}, - [5] = {2147715, 0x20, 0x20, ERRATA_X2_2147715}, - [6] = {2216384, 0x00, 0x20, ERRATA_X2_2216384}, - [7] = {2282622, 0x00, 0x21, ERRATA_X2_2282622}, - [8] = {2371105, 0x00, 0x20, ERRATA_X2_2371105}, - [9] = {2701952, 0x00, 0x21, ERRATA_X2_2701952, \ - ERRATA_NON_ARM_INTERCONNECT}, - [10] = {2742423, 0x00, 0x21, ERRATA_X2_2742423}, - [11] = {2768515, 0x00, 0x21, ERRATA_X2_2768515}, - [12 ... ERRATA_LIST_END] = UNDEF_ERRATA, + [0] = {2701952, 0x00, 0x21}, + [1 ... ERRATA_LIST_END] = UNDEF_ERRATA, } }, #endif /* CORTEX_X2_H_INC */ -#if CORTEX_A510_H_INC -{ - .cpu_partnumber = CORTEX_A510_MIDR, - .cpu_errata_list = { - [0] = {1922240, 0x00, 0x00, ERRATA_A510_1922240}, - [1] = {2041909, 0x02, 0x02, ERRATA_A510_2041909}, - [2] = {2042739, 0x00, 0x02, ERRATA_A510_2042739}, - [3] = {2080326, 0x02, 0x02, ERRATA_A510_2080326}, - [4] = {2172148, 0x00, 0x10, ERRATA_A510_2172148}, - [5] = {2218950, 0x00, 0x10, ERRATA_A510_2218950}, - [6] = {2250311, 0x00, 0x10, ERRATA_A510_2250311}, - [7] = {2288014, 0x00, 0x10, ERRATA_A510_2288014}, - [8] = {2347730, 0x00, 0x11, ERRATA_A510_2347730}, - [9] = {2371937, 0x00, 0x11, ERRATA_A510_2371937}, - [10] = {2666669, 0x00, 0x11, ERRATA_A510_2666669}, - [11] = {2684597, 0x00, 0x12, ERRATA_A510_2684597}, - [12 ... ERRATA_LIST_END] = UNDEF_ERRATA, - } -}, -#endif /* CORTEX_A510_H_INC */ - #if NEOVERSE_V2_H_INC { .cpu_partnumber = NEOVERSE_V2_MIDR, .cpu_errata_list = { - [0] = {2331132, 0x00, 0x02, ERRATA_V2_2331132}, - [1] = {2719103, 0x00, 0x01, ERRATA_V2_2719103, \ - ERRATA_NON_ARM_INTERCONNECT}, - [2] = {2719105, 0x00, 0x01, ERRATA_V2_2719105}, - [3] = {2743011, 0x00, 0x01, ERRATA_V2_2743011}, - [4] = {2779510, 0x00, 0x01, ERRATA_V2_2779510}, - [5] = {2801372, 0x00, 0x01, ERRATA_V2_2801372}, - [6 ... ERRATA_LIST_END] = UNDEF_ERRATA, + [0] = {2719103, 0x00, 0x01}, + [1 ... ERRATA_LIST_END] = UNDEF_ERRATA, } }, #endif /* NEOVERSE_V2_H_INC */ -#if CORTEX_A715_H_INC +#if CORTEX_X3_H_INC { - .cpu_partnumber = CORTEX_A715_MIDR, + .cpu_partnumber = CORTEX_X3_MIDR, .cpu_errata_list = { - [0] = {2701951, 0x00, 0x11, ERRATA_A715_2701951, \ - ERRATA_NON_ARM_INTERCONNECT}, + [0] = {2701951, 0x00, 0x11}, [1 ... ERRATA_LIST_END] = UNDEF_ERRATA, } }, -#endif /* CORTEX_A715_H_INC */ +#endif /* CORTEX_X3_H_INC */ -#if CORTEX_X3_H_INC +#if CORTEX_X4_H_INC { - .cpu_partnumber = CORTEX_X3_MIDR, + .cpu_partnumber = CORTEX_X4_MIDR, .cpu_errata_list = { - [0] = {2070301, 0x00, 0x12, ERRATA_X3_2070301}, - [1] = {2313909, 0x00, 0x10, ERRATA_X3_2313909}, - [2] = {2615812, 0x00, 0x11, ERRATA_X3_2615812}, - [3] = {2742421, 0x00, 0x11, ERRATA_X3_2742421}, - [4 ... ERRATA_LIST_END] = UNDEF_ERRATA, + [0] = {2701112, 0x00, 0x00}, + [1 ... ERRATA_LIST_END] = UNDEF_ERRATA, } }, -#endif /* CORTEX_X3_H_INC */ -}; - -/* - * Function to do binary search and check for the specific errata ID - * in the array of structures specific to the cpu identified. - */ -int32_t binary_search(struct em_cpu_list *ptr, uint32_t erratum_id, uint8_t rxpx_val) -{ - int low_index = 0U, mid_index = 0U; +#endif /* CORTEX_X4_H_INC */ - int high_index = MAX_ERRATA_ENTRIES - 1; +}; - assert(ptr != NULL); +#if ERRATA_NON_ARM_INTERCONNECT - /* - * Pointer to the errata list of the cpu that matches - * extracted partnumber in the cpu list - */ - struct em_cpu *erratum_ptr = NULL; +/* Check if the errata is enabled for non-arm interconnect */ +static int32_t non_arm_interconnect_errata(uint32_t errata_id, long rev_var) +{ + int32_t ret_val = EM_UNKNOWN_ERRATUM; - while (low_index <= high_index) { - mid_index = (low_index + high_index) / 2; + /* Determine the number of cpu listed in the cpu list */ + uint8_t size_cpulist = ARRAY_SIZE(cpu_list); - erratum_ptr = &ptr->cpu_errata_list[mid_index]; - assert(erratum_ptr != NULL); + /* Read the midr reg to extract cpu, revision and variant info */ + uint32_t midr_val = read_midr(); - if (erratum_id < erratum_ptr->em_errata_id) { - high_index = mid_index - 1; - } else if (erratum_id > erratum_ptr->em_errata_id) { - low_index = mid_index + 1; - } else if (erratum_id == erratum_ptr->em_errata_id) { - if (RXPX_RANGE(rxpx_val, erratum_ptr->em_rxpx_lo, \ - erratum_ptr->em_rxpx_hi)) { - if ((erratum_ptr->errata_enabled) && \ - (!(erratum_ptr->non_arm_interconnect))) { - return EM_HIGHER_EL_MITIGATION; + for (uint8_t i = 0U; i < size_cpulist; i++) { + cpu_ptr = &cpu_list[i]; + /* + * If the cpu partnumber in the cpu list, matches the midr + * part number, check to see if the errata ID matches + */ + if (EXTRACT_PARTNUM(midr_val) == EXTRACT_PARTNUM(cpu_ptr->cpu_partnumber)) { + + struct em_cpu *ptr = NULL; + + for (int j = 0; j < MAX_PLAT_CPU_ERRATA_ENTRIES; j++) { + ptr = &cpu_ptr->cpu_errata_list[j]; + assert(ptr != NULL); + if (errata_id == ptr->em_errata_id) { + if (RXPX_RANGE(rev_var, ptr->em_rxpx_lo, ptr->em_rxpx_hi)) { + ret_val = EM_AFFECTED; + break; + } + ret_val = EM_NOT_AFFECTED; + break; } - return EM_AFFECTED; } - return EM_NOT_AFFECTED; + break; } } - /* no matching errata ID */ - return EM_UNKNOWN_ERRATUM; + return ret_val; } +#endif /* Function to check if the errata exists for the specific CPU and rxpx */ int32_t verify_errata_implemented(uint32_t errata_id, uint32_t forward_flag) { - /* - * Read MIDR value and extract the revision, variant and partnumber - */ - static uint32_t midr_val, cpu_partnum; - static uint8_t cpu_rxpx_val; - int32_t ret_val = EM_UNKNOWN_ERRATUM; + int32_t ret_val; + struct cpu_ops *cpu_ops; + struct erratum_entry *entry, *end; + long rev_var; + + ret_val = EM_UNKNOWN_ERRATUM; + rev_var = cpu_get_rev_var(); + +#if ERRATA_NON_ARM_INTERCONNECT + ret_val = non_arm_interconnect_errata(errata_id, rev_var); + if (ret_val != EM_UNKNOWN_ERRATUM) { + return ret_val; + } +#endif - /* Determine the number of cpu listed in the cpu list */ - uint8_t size_cpulist = ARRAY_SIZE(cpu_list); + cpu_ops = get_cpu_ops_ptr(); + assert(cpu_ops != NULL); - /* Read the midr reg to extract cpu, revision and variant info */ - midr_val = read_midr(); + entry = cpu_ops->errata_list_start; + assert(entry != NULL); - /* Extract revision and variant from the MIDR register */ - cpu_rxpx_val = cpu_get_rev_var(); + end = cpu_ops->errata_list_end; + assert(end != NULL); - /* Extract the cpu partnumber and check if the cpu is in the cpu list */ - cpu_partnum = EXTRACT_PARTNUM(midr_val); + end--; /* point to the last erratum entry of the queried cpu */ - for (uint8_t i = 0; i < size_cpulist; i++) { - cpu_ptr = &cpu_list[i]; - uint16_t partnum_extracted = EXTRACT_PARTNUM(cpu_ptr->cpu_partnumber); - - if (partnum_extracted == cpu_partnum) { - /* - * If the midr value is in the cpu list, binary search - * for the errata ID and specific revision in the list. - */ - ret_val = binary_search(cpu_ptr, errata_id, cpu_rxpx_val); - break; + while ((entry <= end) && (ret_val == EM_UNKNOWN_ERRATUM)) { + if (entry->id == errata_id) { + if (entry->check_func(rev_var)) { + if (entry->chosen) + return EM_HIGHER_EL_MITIGATION; + else + return EM_AFFECTED; + } + return EM_NOT_AFFECTED; } + entry += 1; } return ret_val; } diff --git a/tools/conventional-changelog-tf-a/package.json b/tools/conventional-changelog-tf-a/package.json index d0efab8fe1..e00cbd6fb9 100644 --- a/tools/conventional-changelog-tf-a/package.json +++ b/tools/conventional-changelog-tf-a/package.json @@ -1,6 +1,6 @@ { "name": "conventional-changelog-tf-a", - "version": "2.10.0", + "version": "2.10.4", "license": "BSD-3-Clause", "private": true, "main": "index.js", diff --git a/tools/fiptool/Makefile b/tools/fiptool/Makefile index fda7c7795f..64371d6835 100644 --- a/tools/fiptool/Makefile +++ b/tools/fiptool/Makefile @@ -10,8 +10,9 @@ include ${MAKE_HELPERS_DIRECTORY}build_env.mk include ${MAKE_HELPERS_DIRECTORY}defaults.mk FIPTOOL ?= fiptool${BIN_EXT} -PROJECT := $(notdir ${FIPTOOL}) -OBJECTS := fiptool.o tbbr_config.o +PROJECT := ${FIPTOOL} +PROJECT_DIR := $(dir ${FIPTOOL}) +OBJECTS := ${PROJECT_DIR}/fiptool.o ${PROJECT_DIR}/tbbr_config.o V ?= 0 STATIC ?= 0 @@ -86,7 +87,7 @@ ${PROJECT}: ${OBJECTS} Makefile @echo "Built $@ successfully" @${ECHO_BLANK_LINE} -%.o: %.c Makefile +${PROJECT_DIR}/%.o: %.c Makefile @echo " HOSTCC $<" ${Q}${HOSTCC} -c ${CPPFLAGS} ${HOSTCCFLAGS} ${INCLUDE_PATHS} -MD -MP $< -o $@ diff --git a/zephyr/module.yml b/zephyr/module.yml new file mode 100644 index 0000000000..1311345328 --- /dev/null +++ b/zephyr/module.yml @@ -0,0 +1,9 @@ +name: trusted-firmware-a + +build: + cmake-ext: True + kconfig-ext: True +security: + external-references: + - cpe:2.3:o:arm:trusted_firmware-a:2.10.4:*:*:*:lts:*:*:* + - pkg:github/ARM-software/arm-trusted-firmware@lts-v2.10.4