summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
...
* | Merge "fix(el3_runtime): restore SPSR/ELR/SCR after esb" into lts-v2.8Bipin Ravi2023-02-061-21/+21
|\ \ | |/
| * fix(el3_runtime): restore SPSR/ELR/SCR after esbManish Pandey2023-02-031-21/+21
| | | | | | | | | | | | | | | | | | | | | | SCR_EL3 register is restored before esb issued and it is assumed that EAs are unmasked at that point, which is wrong, as the SCR_EL3 value at that time is restored from the context of the world where it is returning to. Signed-off-by: Manish Pandey <manish.pandey2@arm.com> Change-Id: Id1c7150a70b5f589b0dc7c50c359b4d23ee9f256 (cherry picked from commit ff1d2ef387f085fdada4a122284b3b044fdde09c)
* | Merge "fix(console): fix crash on spin_unlock with cache disabled" into lts-v2.8Bipin Ravi2023-02-061-3/+3
|\ \ | |/
| * fix(console): fix crash on spin_unlock with cache disabledBaruch Siach2023-02-031-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | Current code skips load of spinlock address when cache is disabled. The following call to spin_unlock stores into the random location that x0 points to. Move spinlock address load earlier so that x0 is always valid on spin_unlock call. Change-Id: Iac640289725dce2518f2fed483d7d36ca748ffe8 Signed-off-by: Baruch Siach <baruch@tkos.co.il> (cherry picked from commit 5fb6946ad70f5c6e82502a704633bba1dd82e507)
* | Merge "fix(sptool): add dependency to SP image" into lts-v2.8Bipin Ravi2023-02-061-2/+3
|\ \ | |/
| * fix(sptool): add dependency to SP imageJens Wiklander2023-02-031-2/+3
| | | | | | | | | | | | | | | | | | | | In the generated sp_gen.mk, add a dependency to the image described in the sp_layout.json file to make sure that the pkg file is re-generated if the SP image is updated. Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> Change-Id: Id936f907d6baa6b0627c4bb9608323e5157c7a9b (cherry picked from commit 4daeaf341a347a60fd481fb4a1530f18f8e4c058)
* | Merge "fix(intel): fix fcs_client crashed when increased param size" into ↵Bipin Ravi2023-02-062-0/+31
|\ \ | |/ | | | | lts-v2.8
| * fix(intel): fix fcs_client crashed when increased param sizeJit Loon Lim2023-02-032-0/+31
| | | | | | | | | | | | | | | | | | No overflow buffer checking for param size. There is a security threat. Update code to check for param size according to cryto param mode. Signed-off-by: Jit Loon Lim <jit.loon.lim@intel.com> Change-Id: I37a2d047edd9ff835b3f0986d85309c402887bef (cherry picked from commit c42402cdf8a3dfc6f6e62a92b2898066e8cc46f6)
* | Merge "fix(cpus): workaround for Neoverse V1 errata 2779461" into lts-v2.8Bipin Ravi2023-02-064-2/+52
|\ \ | |/
| * fix(cpus): workaround for Neoverse V1 errata 2779461Sona Mathew2023-02-034-2/+52
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Neoverse V1 erratum 2779461 is a Cat B erratum that applies to all revisions <=r1p2 and is still open. The workaround sets CPUACTLR3_EL1[47] bit to 1. Setting this bit might have a small impact on power and negligible impact on performance. SDEN documentation: https://developer.arm.com/documentation/SDEN1401781/latest Change-Id: I367cda1779684638063d7292fda20ca6734e6f10 Signed-off-by: Sona Mathew <SonaRebecca.Mathew@arm.com> (cherry picked from commit 2757da06149238041308060e5cb51f0870a02a15)
* | Merge "fix(cpus): workaround for Cortex-A78 erratum 2779479" into lts-v2.8Bipin Ravi2023-02-064-2/+51
|\ \ | |/
| * fix(cpus): workaround for Cortex-A78 erratum 2779479Sona Mathew2023-02-034-2/+51
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Cortex-A78 erratum 2779479 is a Cat B erratum that applies to all revisions <= r1p2 and is still open. The workaround is to set the CPUACTLR3_EL1[47] bit to 1. Setting this bit might have a small impact on power and negligible impact on performance. SDEN documentation: https://developer.arm.com/documentation/SDEN1401784/latest Change-Id: I3779fd1eff3017c5961ffa101b357918070b3b36 Signed-off-by: Sona Mathew <SonaRebecca.Mathew@arm.com> (cherry picked from commit 7d1700c4d475358539c9a84cb325183c86a06f33)
* | Merge "fix(cpus): workaround for Cortex-X2 erratum 2282622" into lts-v2.8Bipin Ravi2023-02-063-35/+84
|\ \ | |/
| * fix(cpus): workaround for Cortex-X2 erratum 2282622Bipin Ravi2023-02-033-35/+84
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Cortex-X2 erratum 2282622 is a Cat B erratum that applies to all revisions <=r2p1 and is still open. The workaround is to set CPUACTLR2_EL1[0] to 1 to force PLDW/PFRM ST to behave like PLD/PRFM LD and not cause invalidations to other PE caches. SDEN documentation: https://developer.arm.com/documentation/SDEN1775100/latest Signed-off-by: Bipin Ravi <bipin.ravi@arm.com> Change-Id: I43956aa4898a8608eedc5d0dd1471172c641a0c6 (cherry picked from commit f9c6301d743405bd91b9a1fe433ce14fa60a830f)
* | Merge "fix(auth): properly validate X.509 extensions" into lts-v2.8Bipin Ravi2023-02-061-6/+12
|\ \ | |/
| * fix(auth): properly validate X.509 extensionsDemi Marie Obenour2023-02-031-6/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | get_ext() does not check the return value of the various mbedtls_* functions, as cert_parse() is assumed to have guaranteed that they will always succeed. However, it passes the end of an extension as the end pointer to these functions, whereas cert_parse() passes the end of the TBSCertificate. Furthermore, cert_parse() does *not* check that the contents of the extension have the same length as the extension itself. Before fd37982a19a4a291 ("fix(auth): forbid junk after extensions"), cert_parse() also does not check that the extension block extends to the end of the TBSCertificate. This is a problem, as mbedtls_asn1_get_tag() leaves *p and *len undefined on failure. In practice, this results in get_ext() continuing to parse at different offsets than were used (and validated) by cert_parse(), which means that the in-bounds guarantee provided by cert_parse() no longer holds. This patch fixes the remaining flaw by enforcing that the contents of an extension are the same length as the extension itself. Change-Id: Id4570f911402e34d5d6c799ae01a01f184c68d7c Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com> Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com> (cherry picked from commit f5c51855d36e399e6e22cc1eb94f6b58e51b3b6d)
* | Merge "fix(auth): avoid out-of-bounds read in auth_nvctr()" into lts-v2.8Bipin Ravi2023-02-061-6/+14
|\ \ | |/
| * fix(auth): avoid out-of-bounds read in auth_nvctr()Demi Marie Obenour2023-02-031-6/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | auth_nvctr() does not check that the buffer provided is long enough to hold an ASN.1 INTEGER, or even that the buffer is non-empty. Since auth_nvctr() will only ever read 6 bytes, it is possible to read up to 6 bytes past the end of the buffer. This out-of-bounds read turns out to be harmless. The only caller of auth_nvctr() always passes a pointer into an X.509 TBSCertificate, and all in-tree chains of trust require that the certificate’s signature has already been validated. This means that the signature algorithm identifier is at least 4 bytes and the signature itself more than that. Therefore, the data read will be from the certificate itself. Even if the certificate signature has not been validated, an out-of-bounds read is still not possible. Since there are at least two bytes (tag and length) in both the signature algorithm ID and the signature itself, an out-of-bounds read would require that the tag byte of the signature algorithm ID would need to be either the tag or length byte of the DER-encoded nonvolatile counter. However, this byte must be (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE) (0x30), which is greater than 4 and not equal to MBEDTLS_ASN1_INTEGER (2). Therefore, auth_nvctr() will error out before reading the integer itself, preventing an out-of-bounds read. Change-Id: Ibdf1af702fbeb98a94c0c96456ebddd3d392ad44 Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com> (cherry picked from commit abb8f936fd0ad085b1966bdc2cddf040ba3865e3)
* | Merge "fix(cpus): workaround for Cortex-A710 erratum 2282622" into lts-v2.8Bipin Ravi2023-02-063-9/+10
|\ \ | |/
| * fix(cpus): workaround for Cortex-A710 erratum 2282622Bipin Ravi2023-02-033-9/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Cortex-A710 erratum 2282622 is a Cat B erratum that applies to all revisions <=r2p1 and is still open. The workaround was earlier applied to all revisions <= r2p0, this patch extends it to r2p1. This was thought to have been fixed in r2p1 which is not the case. SDEN documentation: https://developer.arm.com/documentation/SDEN1775101/latest Signed-off-by: Bipin Ravi <bipin.ravi@arm.com> Change-Id: Iad38a7fe57bec3f2d8977995acd601dcd9ae69c0 (cherry picked from commit 89d85ad0aad4fef7f56a9e18968b49e2b843ca9d)
* | Merge "fix(auth): require at least one extension to be present" into lts-v2.8Bipin Ravi2023-02-061-4/+18
|\ \ | |/
| * fix(auth): require at least one extension to be presentDemi Marie Obenour2023-02-031-4/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | X.509 and RFC5280 allow omitting the extensions entirely, but require that if the extensions field is present at all, it must contain at least one certificate. TF-A already requires the extensions to be present, but allows them to be empty. However, a certificate with an empty extensions field will always fail later on, as the extensions contain the information needed to validate the next stage in the boot chain. Therefore, it is simpler to require the extension field to be present and contain at least one extension. Also add a comment explaining why the extensions field is required, even though it is OPTIONAL in the ASN.1 syntax. Change-Id: Ie26eed8a7924bf50937a6b27ccdf7cc9a390588d Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com> (cherry picked from commit 72460f50e2437a85ce5229c430931aab8f4a0d5b)
* | Merge "fix(auth): forbid junk after extensions" into lts-v2.8Bipin Ravi2023-02-061-3/+5
|\ \ | |/
| * fix(auth): forbid junk after extensionsDemi Marie Obenour2023-02-031-3/+5
| | | | | | | | | | | | | | | | The extensions must use all remaining bytes in the TBSCertificate. Change-Id: Idf48f7168e146d050ba62dbc732638946fcd6c92 Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com> (cherry picked from commit fd37982a19a4a2911912ce321b9468993a0919ad)
* | Merge "fix(cpus): workaround for Neoverse V1 erratum 2743093" into lts-v2.8Bipin Ravi2023-02-063-0/+44
|\ \ | |/
| * fix(cpus): workaround for Neoverse V1 erratum 2743093Bipin Ravi2023-02-033-0/+44
| | | | | | | | | | | | | | | | | | | | | | | | | | Neoverse V1 erratum 2743093 is a Cat B erratum that applies to all revisions <=r1p2 and is still open. The workaround is to insert a dsb before the isb in the power down sequence. SDEN documentation: https://developer.arm.com/documentation/SDEN1401781/latest Signed-off-by: Bipin Ravi <bipin.ravi@arm.com> Change-Id: I8ee7c16c14c4fd6ee35d20c855273ecfce0d1b32 (cherry picked from commit 31747f057b13b5934b607b7021139e58a55f7766)
* | Merge "fix(cpus): workaround for Cortex-A78 erratum 2772019" into lts-v2.8Bipin Ravi2023-02-063-0/+45
|\ \ | |/
| * fix(cpus): workaround for Cortex-A78 erratum 2772019Bipin Ravi2023-02-033-0/+45
| | | | | | | | | | | | | | | | | | | | | | | | | | Cortex-A78 erratum 2772019 is a Cat B erratum that applies to all revisions <=r1p2 and is still open. The workaround is to insert a dsb before the isb in the power down sequence. SDEN documentation: https://developer.arm.com/documentation/SDEN1401784/latest Signed-off-by: Bipin Ravi <bipin.ravi@arm.com> Change-Id: I0362da463eca777aa7a385bcdeb39b8549799f02 (cherry picked from commit b10afcce5ff1202e1cd922dbd3c1e5980b478429)
* | Merge "fix(cpus): workaround for Neoverse N2 erratum 2743089" into lts-v2.8Bipin Ravi2023-02-063-8/+51
|\ \ | |/
| * fix(cpus): workaround for Neoverse N2 erratum 2743089Bipin Ravi2023-02-033-8/+51
| | | | | | | | | | | | | | | | | | | | | | | | | | Neoverse N2 erratum 2743089 is a Cat B erratum that applies to all revisions <=r0p2 and is fixed in r0p3. The workaround is to insert a dsb before the isb in the power down sequence. SDEN documentation: https://developer.arm.com/documentation/SDEN1982442/latest Signed-off-by: Bipin Ravi <bipin.ravi@arm.com> Change-Id: Idec862226bd32c91374a8bbd5d73d7ee480a34d9 (cherry picked from commit 1ee7c8232c153203d104f148a33e6f641d503f96)
* | Merge "fix(cpus): workaround for Cortex-X2 erratum 2768515" into lts-v2.8Bipin Ravi2023-02-063-0/+44
|\ \ | |/
| * fix(cpus): workaround for Cortex-X2 erratum 2768515Bipin Ravi2023-02-033-0/+44
| | | | | | | | | | | | | | | | | | | | | | | | | | Cortex-X2 erratum 2768515 is a Cat B erratum that applies to all revisions <=r2p1 and is still open. The workaround is to insert a dsb before the isb in the power down sequence. SDEN documentation: https://developer.arm.com/documentation/SDEN1775100/latest Signed-off-by: Bipin Ravi <bipin.ravi@arm.com> Change-Id: Ib02688f7b6dc7f6ec305e68e8895174f6fd577a0 (cherry picked from commit 1cfde82227558a8cc1792c068bc7a7cdf8feab43)
* | Merge "fix(cpus): workaround for Cortex-A710 erratum 2768515" into lts-v2.8Bipin Ravi2023-02-063-0/+44
|\ \ | |/
| * fix(cpus): workaround for Cortex-A710 erratum 2768515Bipin Ravi2023-02-033-0/+44
| | | | | | | | | | | | | | | | | | | | | | | | | | Cortex-A710 erratum 2768515 is a Cat B erratum that applies to all revisions <=r2p1 and is still open. The workaround is to insert a dsb before the isb in the power down sequence. SDEN documentation: https://developer.arm.com/documentation/SDEN1775101/latest Signed-off-by: Bipin Ravi <bipin.ravi@arm.com> Change-Id: If17fe04d3fda0dba6b8aabdd837a1c53e1830ed5 (cherry picked from commit b87b02cf1d93f2be2113192cd5f1927e33121a80)
* | Merge "fix(layerscape): unlock write access SMMU_CBn_ACTLR" into lts-v2.8Bipin Ravi2023-02-069-12/+40
|\ \ | |/
| * fix(layerscape): unlock write access SMMU_CBn_ACTLRHoward Lu2023-02-039-12/+40
| | | | | | | | | | | | | | | | | | | | | | This patch is to fix Errata #841119 and #826419 failed apply in linux because of SMMU_CBn_ACTLR register can't be modified in non-secure states. Signed-off-by: Howard Lu <howard.lu@nxp.com> Signed-off-by: Jiafei Pan <Jiafei.Pan@nxp.com> Change-Id: I2b23e7c8baa809f385917eb45b10ec6b26a9ada8 (cherry picked from commit 0ca1d8fba3bee32242b123ae28ad5c83a657aa0d)
* | Merge "feat(lx2): enable OCRAM ECC" into lts-v2.8Bipin Ravi2023-02-062-0/+9
|\ \ | |/
| * feat(lx2): enable OCRAM ECCJiafei Pan2023-02-032-0/+9
| | | | | | | | | | | | | | | | Fix OCRAM ECC for lx2 platform. Signed-off-by: Jiafei Pan <Jiafei.Pan@nxp.com> Change-Id: Ic46de7a40c611764a6f24400663da50e6b477ae5 (cherry picked from commit e8faff3da962ce112e32d8f1fdb8155e078eae75)
* | Merge "feat(lx2): support more variants" into lts-v2.8Bipin Ravi2023-02-062-0/+46
|\ \ | |/
| * feat(lx2): support more variantsJiafei Pan2023-02-032-0/+46
| | | | | | | | | | | | | | | | Add more lx2 variants support. Signed-off-by: Jiafei Pan <Jiafei.Pan@nxp.com> Change-Id: Iac19b2532531616f638fd8f42bb6953bd1e83eda (cherry picked from commit c07f5e9e50959a3667e5a96ac808d1d16bb72698)
* | Merge "fix(lx2): init global data before using it" into lts-v2.8Bipin Ravi2023-02-061-1/+1
|\ \ | |/
| * fix(lx2): init global data before using itJiafei Pan2023-02-031-1/+1
| | | | | | | | | | | | | | | | Need to initialize global data firstly. Signed-off-by: Jiafei Pan <Jiafei.Pan@nxp.com> Change-Id: I18c3ccc2d0c8175bf479889aa03bc1f737df678b (cherry picked from commit 50aa0ea7acd21e7e9920a91a14db14a9f8c63700)
* | Merge "fix(nxp-drivers): fix tzc380 memory regions config" into lts-v2.8Bipin Ravi2023-02-061-5/+22
|\ \ | |/
| * fix(nxp-drivers): fix tzc380 memory regions configJiafei Pan2023-02-031-5/+22
| | | | | | | | | | | | | | | | Setting 2MB shared memory and following 64MB secure memory. Signed-off-by: Jiafei Pan <Jiafei.Pan@nxp.com> Change-Id: Ia992d21f205d305a6fff92fc11435634ce7c9d21 (cherry picked from commit 07d8e34fdd5a81b6fe5f805560be44c1063cea79)
* | Merge "fix(ls1046a): 4 keys secureboot failure resolved" into lts-v2.8Bipin Ravi2023-02-061-2/+2
|\ \ | |/
| * fix(ls1046a): 4 keys secureboot failure resolvedKshitiz Varshney2023-02-031-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | Changed the size of OCRAM reserved by ROM code and increased the size of CSF header. Earlier, 4 keys image was exceeding boundaries and landing in OCRAM location reserved for ROM usage. Signed-off by:- Kshitiz Varshney <kshitiz.varshney@nxp.com> Signed-off-by: Jiafei Pan <Jiafei.Pan@nxp.com> Change-Id: I628ff7464fe0184d0553a7962d592aafd42e8137 (cherry picked from commit c0c157a680fcb100afed3e1ea9d342deea72ea05)
* | Merge "fix(nxp-ddr): apply Max CDD values for warm boot" into lts-v2.8Bipin Ravi2023-02-062-8/+68
|\ \ | |/
| * fix(nxp-ddr): apply Max CDD values for warm bootManinder Singh2023-02-032-8/+68
| | | | | | | | | | | | | | | | | | | | | | Timing CFG 0 and Timing CFG 4 are ddr controller registers that have been affected by 1d phy training during cold boot. They are needed to be stored and restored along with phy training values. Signed-off-by: Maninder Singh <maninder.singh_1@nxp.com> Signed-off-by: Jiafei Pan <Jiafei.Pan@nxp.com> Change-Id: I29c55256e74456515aaeb098e2e0e3475697a466 (cherry picked from commit 00bb8c37e0fe57ae2126857ce2d2700106a76884)
* | Merge "fix(nxp-ddr): use CDDWW for write to read delay" into lts-v2.8Bipin Ravi2023-02-061-21/+2
|\ \ | |/
| * fix(nxp-ddr): use CDDWW for write to read delayManinder Singh2023-02-031-21/+2
| | | | | | | | | | | | | | | | | | | | | | we need to apply the value of CDD write to write for the write to read CDD delay calculations. Since the current implementation always provide a negative value of CDDwr so a value of zero was selected. Signed-off-by: Maninder Singh <maninder.singh_1@nxp.com> Signed-off-by: Jiafei Pan <Jiafei.Pan@nxp.com> Change-Id: I6829997d2ea6ba6cddaaab8332b82b8c66752d7e (cherry picked from commit fa0105693c85eacf6eda22eca63f220d304f7768)
View Lorry Controller Status