Merge changes I13fa93a6,I2bf9e675,I9c610777,I048b8308,I2c8577e3, ... into lts-v2.10
* changes:
docs(security): security advisory for CVE-2023-49100
fix(cpus): workaround for Cortex-A78C erratum 2683027
fix(cpus): workaround for Cortex-X3 erratum 2266875
fix(cpus): workaround for Cortex-X3 erratum 2302506
fix(cpus): workaround for Cortex X3 erratum 2743088
feat(versal): enable errata management feature
fix(cpus): workaround for Cortex-A520 erratum 2858100
fix(errata): add Cortex-A520 definitions
fix(cpus): workaround for Cortex-A520 erratum 2630792
fix(cpus): workaround for Cortex-X2 erratum 2778471
fix(cpus): workaround for Cortex-A710 erratum 2778471
fix(sgi): apply workarounds for N2 CPU erratum
docs: fix errata in RMM-EL3 Communication Interface documentation
fix(cpus): workaround for Neoverse V2 erratum 2618597
fix(rk3328): apply ERRATA_A53_1530924 erratum
fix(errata): check for SCU before accessing DSU
feat(security): add support for SLS mitigation
fix(cpus): workaround for Neoverse V2 erratum 2662553
fix(cpus): workaround for Cortex-A78C erratum 2743232
fix(cpus): workaround for Neoverse V1 erratum 2348377
fix(cpus): workaround for Cortex-X3 erratum 2779509
diff --git a/Makefile b/Makefile
index 97c3c15..a991454 100644
--- a/Makefile
+++ b/Makefile
@@ -308,6 +308,10 @@
# https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105523
TF_CFLAGS += $(call cc_option, --param=min-pagesize=0)
+ifeq ($(HARDEN_SLS), 1)
+ TF_CFLAGS_aarch64 += $(call cc_option, -mharden-sls=all)
+endif
+
else
# using clang
WARNINGS += -Wshift-overflow -Wshift-sign-overflow \
@@ -1185,6 +1189,7 @@
GENERATE_COT \
GICV2_G0_FOR_EL3 \
HANDLE_EA_EL3_FIRST_NS \
+ HARDEN_SLS \
HW_ASSISTED_COHERENCY \
MEASURED_BOOT \
DRTM_SUPPORT \
diff --git a/changelog.yaml b/changelog.yaml
index 1467ab4..c5e157d 100644
--- a/changelog.yaml
+++ b/changelog.yaml
@@ -569,6 +569,9 @@
- rockchip/rk3399
- rk3399/suspend
+ - title: RK3328
+ scope: rk3328
+
- title: Socionext
scope: socionext
diff --git a/docs/components/rmm-el3-comms-spec.rst b/docs/components/rmm-el3-comms-spec.rst
index 009ac28..5f0b5ab 100644
--- a/docs/components/rmm-el3-comms-spec.rst
+++ b/docs/components/rmm-el3-comms-spec.rst
@@ -159,8 +159,8 @@
``E_RMM_BOOT_SUCCESS``,Boot successful,0
``E_RMM_BOOT_ERR_UNKNOWN``,Unknown error,-1
``E_RMM_BOOT_VERSION_NOT_VALID``,Boot Interface version reported by EL3 is not supported by RMM,-2
- ``E_RMM_BOOT_CPUS_OUT_OF_RAGE``,Number of CPUs reported by EL3 larger than maximum supported by RMM,-3
- ``E_RMM_BOOT_CPU_ID_OUT_OF_RAGE``,Current CPU Id is higher or equal than the number of CPUs supported by RMM,-4
+ ``E_RMM_BOOT_CPUS_OUT_OF_RANGE``,Number of CPUs reported by EL3 larger than maximum supported by RMM,-3
+ ``E_RMM_BOOT_CPU_ID_OUT_OF_RANGE``,Current CPU Id is higher or equal than the number of CPUs supported by RMM,-4
``E_RMM_BOOT_INVALID_SHARED_BUFFER``,Invalid pointer to shared memory area,-5
``E_RMM_BOOT_MANIFEST_VERSION_NOT_SUPPORTED``,Version reported by the Boot Manifest not supported by RMM,-6
``E_RMM_BOOT_MANIFEST_DATA_ERROR``,Error parsing core Boot Manifest,-7
diff --git a/docs/design/cpu-specific-build-macros.rst b/docs/design/cpu-specific-build-macros.rst
index d03daf8..3485dc9 100644
--- a/docs/design/cpu-specific-build-macros.rst
+++ b/docs/design/cpu-specific-build-macros.rst
@@ -384,11 +384,19 @@
Cortex-A78C CPU. This needs to be enabled for revisions r0p1 and r0p2. This
erratum is still open.
+- ``ERRATA_A78C_2683027`` : This applies errata 2683027 workaround to
+ Cortex-A78C CPU. This needs to be enabled for revisions r0p1 and r0p2. This
+ erratum is still open.
+
- ``ERRATA_A78C_2712575`` : This applies erratum 2712575 workaround to
Cortex-A78C CPU, this erratum affects system configurations that do not use
an ARM interconnect IP. This needs to be enabled for revisions r0p1 and r0p2
and is still open.
+- ``ERRATA_A78C_2743232`` : This applies erratum 2743232 workaround to
+ Cortex-A78C CPU. This needs to be enabled for revisions r0p1 and r0p2.
+ This erratum is still open.
+
- ``ERRATA_A78C_2772121`` : This applies errata 2772121 workaround to
Cortex-A78C CPU. This needs to be enabled for revisions r0p0, r0p1 and r0p2.
This erratum is still open.
@@ -501,6 +509,10 @@
CPU. This needs to be enabled for revisions r0p0, r1p0, and r1p1 and r1p2 of
the CPU.
+- ``ERRATA_V1_2348377``: This applies errata 2348377 workaroud to Neoverse-V1
+ CPU. This needs to be enabled for revisions r0p0, r1p0 and r1p1 of the CPU.
+ It has been fixed in r1p2.
+
- ``ERRATA_V1_2372203``: This applies errata 2372203 workaround to Neoverse-V1
CPU. This needs to be enabled for revisions r0p0, r1p0 and r1p1 of the CPU.
It is still open.
@@ -528,6 +540,14 @@
CPU. This needs to be enabled for revisions r0p0, r0p1 and r0p2. It is still
open.
+- ``ERRATA_V2_2618597``: This applies errata 2618597 workaround to Neoverse-V2
+ CPU. This needs to be enabled for revisions r0p0 and r0p1. It is fixed in
+ r0p2.
+
+- ``ERRATA_V2_2662553``: This applies errata 2662553 workaround to Neoverse-V2
+ CPU. This needs to be enabled for revisions r0p0 and r0p1. It is fixed in
+ r0p2.
+
- ``ERRATA_V2_2719103``: This applies errata 2719103 workaround to Neoverse-V2
CPU, this affects system configurations that do not use and ARM interconnect
IP. This needs to be enabled for revisions r0p0 and r0p1. It has been fixed
@@ -620,6 +640,10 @@
Cortex-A710 CPU. This needs to be enabled for revisions r0p0, r1p0, r2p0 and
r2p1 of the CPU and is still open.
+- ``ERRATA_A710_2778471``: This applies errata 2778471 workaround to Cortex-A710
+ CPU. This needs to be enabled for revisions r0p0, r1p0, r2p0 and r2p1 of the
+ CPU and is still open.
+
For Neoverse N2, the following errata build flags are defined :
- ``ERRATA_N2_2002655``: This applies errata 2002655 workaround to Neoverse-N2
@@ -741,12 +765,24 @@
CPU. This needs to be enabled for revisions r0p0, r1p0, r2p0 and r2p1 of the
CPU and is still open.
+- ``ERRATA_X2_2778471``: This applies errata 2778471 workaround to Cortex-X2
+ CPU. This needs to be enabled for revisions r0p0, r1p0, r2p0 and r2p1 of the
+ CPU and it is still open.
+
For Cortex-X3, the following errata build flags are defined :
- ``ERRATA_X3_2070301``: This applies errata 2070301 workaround to the Cortex-X3
CPU. This needs to be enabled only for revisions r0p0, r1p0, r1p1 and r1p2 of
the CPU and is still open.
+- ``ERRATA_X3_2266875``: This applies errata 2266875 workaround to the Cortex-X3
+ CPU. This needs to be enabled only for revisions r0p0 and r1p0 of the CPU, it
+ is fixed in r1p1.
+
+- ``ERRATA_X3_2302506``: This applies errata 2302506 workaround to the Cortex-X3
+ CPU. This needs to be enabled only for revisions r0p0, r1p0 and r1p1, it is
+ fixed in r1p2.
+
- ``ERRATA_X3_2313909``: This applies errata 2313909 workaround to
Cortex-X3 CPU. This needs to be enabled only for revisions r0p0 and r1p0
of the CPU, it is fixed in r1p1.
@@ -759,6 +795,14 @@
Cortex-X3 CPU. This needs to be enabled only for revisions r0p0, r1p0 and
r1p1. It is fixed in r1p2.
+- ``ERRATA_X3_2743088``: This applies errata 2743088 workaround to Cortex-X3
+ CPU. This needs to be enabled only for revisions r0p0, r1p0 and r1p1. It is
+ fixed in r1p2.
+
+- ``ERRATA_X3_2779509``: This applies errata 2779509 workaround to Cortex-X3
+ CPU. This needs to be enabled only for revisions r0p0, r1p0 and r1p1 of the
+ CPU. It is fixed in r1p2.
+
For Cortex-A510, the following errata build flags are defined :
- ``ERRATA_A510_1922240``: This applies errata 1922240 workaround to
@@ -812,6 +856,16 @@
Cortex-A510 CPU. This needs to be applied to revision r0p0, r0p1, r0p2,
r0p3, r1p0, r1p1 and r1p2. It is fixed in r1p3.
+For Cortex-A520, the following errata build flags are defined :
+
+- ``ERRATA_A520_2630792``: This applies errata 2630792 workaround to
+ Cortex-A520 CPU. This needs to applied for revisions r0p0, r0p1 of the
+ CPU and is still open.
+
+- ``ERRATA_A520_2858100``: This applies errata 2858100 workaround to
+ Cortex-A520 CPU. This needs to be enabled for revisions r0p0 and r0p1.
+ It is still open.
+
For Cortex-A715, the following errata build flags are defined :
- ``ERRATA_A715_2701951``: This applies erratum 2701951 workaround to Cortex-A715
@@ -904,7 +958,7 @@
--------------
-*Copyright (c) 2014-2023, Arm Limited and Contributors. All rights reserved.*
+*Copyright (c) 2014-2024, Arm Limited and Contributors. All rights reserved.*
.. _CVE-2017-5715: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715
.. _CVE-2018-3639: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3639
diff --git a/docs/getting_started/build-options.rst b/docs/getting_started/build-options.rst
index 80baf9c..5ba5d0a 100644
--- a/docs/getting_started/build-options.rst
+++ b/docs/getting_started/build-options.rst
@@ -671,6 +671,19 @@
MARCH_DIRECTIVE := -march=armv8.5-a
+- ``HARDEN_SLS``: used to pass -mharden-sls=all from the TF-A build
+ options to the compiler currently supporting only of the options.
+ GCC documentation:
+ https://gcc.gnu.org/onlinedocs/gcc/AArch64-Options.html#index-mharden-sls
+
+ An example usage:
+
+ .. code:: make
+
+ HARDEN_SLS := 1
+
+ This option defaults to 0.
+
- ``NON_TRUSTED_WORLD_KEY``: This option is used when ``GENERATE_COT=1``. It
specifies a file that contains the Non-Trusted World private key in PEM
format or a PKCS11 URI. If ``SAVE_KEYS=1``, only a file is accepted and it
diff --git a/docs/process/security.rst b/docs/process/security.rst
index c6429ad..c4f3ff2 100644
--- a/docs/process/security.rst
+++ b/docs/process/security.rst
@@ -73,6 +73,8 @@
| |TFV-10| | Incorrect validation of X.509 certificate extensions can result |
| | in an out-of-bounds read |
+-----------+------------------------------------------------------------------+
+| |TFV-11| | A Malformed SDEI SMC can cause out of bound memory read |
++-----------+------------------------------------------------------------------+
.. _issue tracker: https://developer.trustedfirmware.org/project/board/1/
.. _mailing list: https://lists.trustedfirmware.org/mailman3/lists/tf-a.lists.trustedfirmware.org/
@@ -87,6 +89,7 @@
.. |TFV-8| replace:: :ref:`Advisory TFV-8 (CVE-2018-19440)`
.. |TFV-9| replace:: :ref:`Advisory TFV-9 (CVE-2022-23960)`
.. |TFV-10| replace:: :ref:`Advisory TFV-10 (CVE-2022-47630)`
+.. |TFV-11| replace:: :ref:`Advisory TFV-11 (CVE-2023-49100)`
.. _TrustedFirmware.org security incident process: https://developer.trustedfirmware.org/w/collaboration/security_center/
diff --git a/docs/security_advisories/index.rst b/docs/security_advisories/index.rst
index c9b0f78..ad55546 100644
--- a/docs/security_advisories/index.rst
+++ b/docs/security_advisories/index.rst
@@ -15,3 +15,4 @@
security-advisory-tfv-8.rst
security-advisory-tfv-9.rst
security-advisory-tfv-10.rst
+ security-advisory-tfv-11.rst
diff --git a/docs/security_advisories/security-advisory-tfv-11.rst b/docs/security_advisories/security-advisory-tfv-11.rst
new file mode 100644
index 0000000..b5063f0
--- /dev/null
+++ b/docs/security_advisories/security-advisory-tfv-11.rst
@@ -0,0 +1,86 @@
+Advisory TFV-11 (CVE-2023-49100)
+================================
+
++----------------+-------------------------------------------------------------+
+| Title | A Malformed SDEI SMC can cause out of bound memory read. |
++================+=============================================================+
+| CVE ID | `CVE-2023-49100`_ |
++----------------+-------------------------------------------------------------+
+| Date | Reported on 12 Oct 2023 |
++----------------+-------------------------------------------------------------+
+| Versions | TF-A releases v1.5 to v2.9 |
+| Affected | LTS releases lts-v2.8.0 to lts-v2.8.11 |
++----------------+-------------------------------------------------------------+
+| Configurations | Platforms with SDEI support |
+| Affected | |
++----------------+-------------------------------------------------------------+
+| Impact | Denial of Service (secure world panic) |
++----------------+-------------------------------------------------------------+
+| Fix Version | `a7eff3477`_ "fix(sdei): ensure that interrupt ID is valid" |
++----------------+-------------------------------------------------------------+
+| Credit | Christian Lindenmeier `@_chli_`_ |
+| | Marcel Busch `@0ddc0de`_ |
+| | `IT Security Infrastructures Lab`_ |
++----------------+-------------------------------------------------------------+
+
+This security advisory describes a vulnerability in the SDEI services, where a
+rogue Non-secure caller invoking a SDEI_INTERRUPT_BIND SMC call with an invalid
+interrupt ID causes out of bound memory read.
+
+SDEI_INTERRUPT_BIND is used to bind any physical interrupt into a normal
+priority SDEI event. The interrupt can be a private peripheral interrupt
+(PPI) or a shared peripheral interrupt (SPI).
+Refer to SDEI_INTERRUPT_BIND in the `SDEI Specification`_ for further details.
+
+The vulnerability exists when the SDEI client passes an interrupt ID which
+is not implemented by the GIC. This will result in a data abort exception
+or a EL3 panic depending on the GIC version used in the system.
+
+- **GICv2 systems:**
+
+.. code:: c
+
+ Call stack:
+ sdei_interrupt_bind(interrupt ID)
+ -> plat_ic_get_interrupt_type(interrupt ID)
+ -> gicv2_get_interrupt_group(interrupt ID)
+ -> gicd_get_igroupr(distributor base, interrupt ID)
+ -> gicd_read_igroupr(distributor base, interrupt ID).
+
+ gicd_read_igroupr() will eventually do a MMIO read to an unimplemented IGROUPR
+ register. Which may cause a data abort or an access to a random EL3 memory region.
+
+- **GICv3 systems:**
+
+.. code:: c
+
+ Call stack:
+ sdei_interrupt_bind(interrupt ID)
+ -> plat_ic_get_interrupt_type(interrupt ID)
+ -> gicv3_get_interrupt_group(interrupt ID, core ID)
+ -> is_sgi_ppi(interrupt ID)
+
+ is_sgi_ppi() will end up in an EL3 panic on encountering an invalid interrupt ID.
+
+The vulnerability is fixed by ensuring that the Interrupt ID provided by the
+SDEI client is a valid PPI or SPI, otherwise return an error code indicating
+that the parameter is invalid.
+
+.. code:: c
+
+ /* Bind an SDEI event to an interrupt */
+ static int sdei_interrupt_bind(unsigned int intr_num)
+ {
+ sdei_ev_map_t *map;
+ bool retry = true, shared_mapping;
+
+ /* Interrupt must be either PPI or SPI */
+ if (!(plat_ic_is_ppi(intr_num) || plat_ic_is_spi(intr_num)))
+ return SDEI_EINVAL;
+
+.. _CVE-2023-49100: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49100
+.. _a7eff3477: https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/commit/?id=a7eff3477dcf3624c74f5217419b1a27b7ebd2aa
+.. _IT Security Infrastructures Lab: https://www.cs1.tf.fau.de/
+.. _SDEI Specification: https://developer.arm.com/documentation/den0054/latest/
+.. _@_chli_: https://twitter.com/_chli_
+.. _@0ddc0de: https://twitter.com/0ddc0de
diff --git a/include/lib/cpus/aarch64/cortex_a520.h b/include/lib/cpus/aarch64/cortex_a520.h
index 4176981..619a15d 100644
--- a/include/lib/cpus/aarch64/cortex_a520.h
+++ b/include/lib/cpus/aarch64/cortex_a520.h
@@ -12,9 +12,16 @@
/*******************************************************************************
* CPU Extended Control register specific definitions
******************************************************************************/
+#define CORTEX_A520_CPUACTLR_EL1 S3_0_C15_C1_0
+
#define CORTEX_A520_CPUECTLR_EL1 S3_0_C15_C1_4
/*******************************************************************************
+ * CPU Auxiliary Control register 1 specific definitions.
+ ******************************************************************************/
+#define CORTEX_A520_CPUACTLR_EL1 S3_0_C15_C1_0
+
+/*******************************************************************************
* CPU Power Control register specific definitions
******************************************************************************/
#define CORTEX_A520_CPUPWRCTLR_EL1 S3_0_C15_C2_7
diff --git a/include/lib/cpus/aarch64/cortex_a710.h b/include/lib/cpus/aarch64/cortex_a710.h
index 432e17a..9df8d47 100644
--- a/include/lib/cpus/aarch64/cortex_a710.h
+++ b/include/lib/cpus/aarch64/cortex_a710.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -39,6 +39,11 @@
#define CORTEX_A710_CPUACTLR2_EL1_BIT_36 (ULL(1) << 36)
/*******************************************************************************
+ * CPU Auxiliary Control register 3 specific definitions.
+ ******************************************************************************/
+#define CORTEX_A710_CPUACTLR3_EL1 S3_0_C15_C1_2
+
+/*******************************************************************************
* CPU Auxiliary Control register 5 specific definitions.
******************************************************************************/
#define CORTEX_A710_CPUACTLR5_EL1 S3_0_C15_C8_0
diff --git a/include/lib/cpus/aarch64/cortex_a78c.h b/include/lib/cpus/aarch64/cortex_a78c.h
index 301be69..d600eca 100644
--- a/include/lib/cpus/aarch64/cortex_a78c.h
+++ b/include/lib/cpus/aarch64/cortex_a78c.h
@@ -47,4 +47,9 @@
#define CORTEX_A78C_IMP_CPUPOR_EL3 S3_6_C15_C8_2
#define CORTEX_A78C_IMP_CPUPMR_EL3 S3_6_C15_C8_3
+/*******************************************************************************
+ * CPU Auxiliary Control register 5 specific definitions.
+ ******************************************************************************/
+#define CORTEX_A78C_ACTLR5_EL1 S3_0_C15_C9_0
+
#endif /* CORTEX_A78C_H */
diff --git a/include/lib/cpus/aarch64/cortex_x2.h b/include/lib/cpus/aarch64/cortex_x2.h
index 863b8c8..0f97b1e 100644
--- a/include/lib/cpus/aarch64/cortex_x2.h
+++ b/include/lib/cpus/aarch64/cortex_x2.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2022, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2023, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -28,6 +28,11 @@
#define CORTEX_X2_CPUECTLR2_EL1_PF_MODE_CNSRV ULL(0x9)
/*******************************************************************************
+ * CPU Auxiliary Control register 3 specific definitions.
+ ******************************************************************************/
+#define CORTEX_X2_CPUACTLR3_EL1 S3_0_C15_C1_2
+
+/*******************************************************************************
* CPU Power Control register specific definitions
******************************************************************************/
#define CORTEX_X2_CPUPWRCTLR_EL1 S3_0_C15_C2_7
diff --git a/include/lib/cpus/aarch64/cortex_x3.h b/include/lib/cpus/aarch64/cortex_x3.h
index 04548ea..5429078 100644
--- a/include/lib/cpus/aarch64/cortex_x3.h
+++ b/include/lib/cpus/aarch64/cortex_x3.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2023, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2024, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -26,6 +26,11 @@
#define CORTEX_X3_CPUPWRCTLR_EL1_WFE_RET_CTRL_BITS_SHIFT U(7)
/*******************************************************************************
+ * CPU Auxiliary Control register specific definitions.
+ ******************************************************************************/
+#define CORTEX_X3_CPUACTLR_EL1 S3_0_C15_C1_0
+
+/*******************************************************************************
* CPU Auxiliary Control register 2 specific definitions.
******************************************************************************/
#define CORTEX_X3_CPUACTLR2_EL1 S3_0_C15_C1_1
@@ -47,4 +52,10 @@
#define CORTEX_X3_CPUECTLR2_EL1_PF_MODE_WIDTH U(4)
#define CORTEX_X3_CPUECTLR2_EL1_PF_MODE_CNSRV ULL(0x9)
+/*******************************************************************************
+ * CPU Auxiliary Control register 3 specific definitions.
+ ******************************************************************************/
+#define CORTEX_X3_CPUACTLR3_EL1 S3_0_C15_C1_2
+#define CORTEX_X3_CPUACTLR3_EL1_BIT_47 (ULL(1) << 47)
+
#endif /* CORTEX_X3_H */
diff --git a/include/lib/cpus/aarch64/neoverse_v1.h b/include/lib/cpus/aarch64/neoverse_v1.h
index d618994..1e2d7ea 100644
--- a/include/lib/cpus/aarch64/neoverse_v1.h
+++ b/include/lib/cpus/aarch64/neoverse_v1.h
@@ -47,5 +47,6 @@
#define NEOVERSE_V1_ACTLR5_EL1 S3_0_C15_C9_0
#define NEOVERSE_V1_ACTLR5_EL1_BIT_55 (ULL(1) << 55)
#define NEOVERSE_V1_ACTLR5_EL1_BIT_56 (ULL(1) << 56)
+#define NEOVERSE_V1_ACTLR5_EL1_BIT_61 (ULL(1) << 61)
#endif /* NEOVERSE_V1_H */
diff --git a/include/lib/cpus/aarch64/neoverse_v2.h b/include/lib/cpus/aarch64/neoverse_v2.h
index 68c1558..39a6607 100644
--- a/include/lib/cpus/aarch64/neoverse_v2.h
+++ b/include/lib/cpus/aarch64/neoverse_v2.h
@@ -22,6 +22,10 @@
******************************************************************************/
#define NEOVERSE_V2_CPUPWRCTLR_EL1 S3_0_C15_C2_7
#define NEOVERSE_V2_CPUPWRCTLR_EL1_CORE_PWRDN_BIT U(1)
+#define NEOVERSE_V2_CPUPWRCTLR_EL1_WFI_RET_CTRL_SHIFT U(4)
+#define NEOVERSE_V2_CPUPWRCTLR_EL1_WFI_RET_CTRL_WIDTH U(3)
+#define NEOVERSE_V2_CPUPWRCTLR_EL1_WFE_RET_CTRL_SHIFT U(7)
+#define NEOVERSE_V2_CPUPWRCTLR_EL1_WFE_RET_CTRL_WIDTH U(3)
/*******************************************************************************
* CPU Extended Control register 2 specific definitions.
@@ -30,6 +34,9 @@
#define NEOVERSE_V2_CPUECTLR2_EL1_PF_MODE_CNSRV ULL(9)
#define NEOVERSE_V2_CPUECTLR2_EL1_PF_MODE_LSB U(11)
#define NEOVERSE_V2_CPUECTLR2_EL1_PF_MODE_WIDTH U(4)
+#define NEOVERSE_V2_CPUECTLR2_EL1_TXREQ_STATIC_FULL ULL(0)
+#define NEOVERSE_V2_CPUECTLR2_EL1_TXREQ_LSB U(0)
+#define NEOVERSE_V2_CPUECTLR2_EL1_TXREQ_WIDTH U(3)
/*******************************************************************************
* CPU Auxiliary Control register 2 specific definitions.
diff --git a/lib/cpus/aarch64/cortex_a520.S b/lib/cpus/aarch64/cortex_a520.S
index 6c2f33e..74ecbf7 100644
--- a/lib/cpus/aarch64/cortex_a520.S
+++ b/lib/cpus/aarch64/cortex_a520.S
@@ -21,6 +21,17 @@
#error "Cortex A520 supports only AArch64. Compile with CTX_INCLUDE_AARCH32_REGS=0"
#endif
+workaround_reset_start cortex_a520, ERRATUM(2630792), ERRATA_A520_2630792
+ sysreg_bit_set CORTEX_A520_CPUACTLR_EL1, BIT(38)
+workaround_reset_end cortex_a520, ERRATUM(2630792)
+
+check_erratum_ls cortex_a520, ERRATUM(2630792), CPU_REV(0, 1)
+
+workaround_reset_start cortex_a520, ERRATUM(2858100), ERRATA_A520_2858100
+ sysreg_bit_set CORTEX_A520_CPUACTLR_EL1, BIT(29)
+workaround_reset_end cortex_a520, ERRATUM(2858100)
+
+check_erratum_ls cortex_a520, ERRATUM(2858100), CPU_REV(0, 1)
/* ----------------------------------------------------
* HW will do the cache maintenance while powering down
* ----------------------------------------------------
diff --git a/lib/cpus/aarch64/cortex_a710.S b/lib/cpus/aarch64/cortex_a710.S
index f3931d7..b99fbb3 100644
--- a/lib/cpus/aarch64/cortex_a710.S
+++ b/lib/cpus/aarch64/cortex_a710.S
@@ -193,6 +193,12 @@
check_erratum_ls cortex_a710, ERRATUM(2768515), CPU_REV(2, 1)
+workaround_reset_start cortex_a710, ERRATUM(2778471), ERRATA_A710_2778471
+ sysreg_bit_set CORTEX_A710_CPUACTLR3_EL1, BIT(47)
+workaround_reset_end cortex_a710, ERRATUM(2778471)
+
+check_erratum_ls cortex_a710, ERRATUM(2778471), CPU_REV(2, 1)
+
workaround_reset_start cortex_a710, CVE(2022, 23960), WORKAROUND_CVE_2022_23960
#if IMAGE_BL31
/*
diff --git a/lib/cpus/aarch64/cortex_a78c.S b/lib/cpus/aarch64/cortex_a78c.S
index d19c693..0dc34f7 100644
--- a/lib/cpus/aarch64/cortex_a78c.S
+++ b/lib/cpus/aarch64/cortex_a78c.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2023, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2024, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -72,6 +72,27 @@
check_erratum_range cortex_a78c, ERRATUM(2395411), CPU_REV(0, 1), CPU_REV(0, 2)
+workaround_reset_start cortex_a78c, ERRATUM(2683027), ERRATA_A78C_2683027
+ ldr x0, =0x3
+ msr CORTEX_A78C_IMP_CPUPSELR_EL3, x0
+ ldr x0, =0xEE010F10
+ msr CORTEX_A78C_IMP_CPUPOR_EL3, x0
+ ldr x0, =0xFF1F0FFE
+ msr CORTEX_A78C_IMP_CPUPMR_EL3, x0
+ ldr x0, =0x100000004003FF
+ msr CORTEX_A78C_IMP_CPUPCR_EL3, x0
+workaround_reset_end cortex_a78c, ERRATUM(2683027)
+
+check_erratum_range cortex_a78c, ERRATUM(2683027), CPU_REV(0, 1), CPU_REV(0, 2)
+
+workaround_reset_start cortex_a78c, ERRATUM(2743232), ERRATA_A78C_2743232
+ /* Set CPUACTLR5_EL1[56:55] to 2'b01 */
+ sysreg_bit_set CORTEX_A78C_ACTLR5_EL1, BIT(55)
+ sysreg_bit_clear CORTEX_A78C_ACTLR5_EL1, BIT(56)
+workaround_reset_end cortex_a78c, ERRATUM(2743232)
+
+check_erratum_range cortex_a78c, ERRATUM(2743232), CPU_REV(0, 1), CPU_REV(0, 2)
+
workaround_runtime_start cortex_a78c, ERRATUM(2772121), ERRATA_A78C_2772121
/* dsb before isb of power down sequence */
dsb sy
diff --git a/lib/cpus/aarch64/cortex_x2.S b/lib/cpus/aarch64/cortex_x2.S
index 258288c..d018182 100644
--- a/lib/cpus/aarch64/cortex_x2.S
+++ b/lib/cpus/aarch64/cortex_x2.S
@@ -133,6 +133,12 @@
check_erratum_ls cortex_x2, ERRATUM(2768515), CPU_REV(2, 1)
+workaround_reset_start cortex_x2, ERRATUM(2778471), ERRATA_X2_2778471
+ sysreg_bit_set CORTEX_X2_CPUACTLR3_EL1, BIT(47)
+workaround_reset_end cortex_x2, ERRATUM(2778471)
+
+check_erratum_ls cortex_x2, ERRATUM(2778471), CPU_REV(2, 1)
+
workaround_reset_start cortex_x2, CVE(2022, 23960), WORKAROUND_CVE_2022_23960
#if IMAGE_BL31
/*
diff --git a/lib/cpus/aarch64/cortex_x3.S b/lib/cpus/aarch64/cortex_x3.S
index 0cb3b97..ea89267 100644
--- a/lib/cpus/aarch64/cortex_x3.S
+++ b/lib/cpus/aarch64/cortex_x3.S
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2021-2023, Arm Limited. All rights reserved.
+ * Copyright (c) 2021-2024, Arm Limited. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -33,6 +33,18 @@
check_erratum_ls cortex_x3, ERRATUM(2070301), CPU_REV(1, 2)
+workaround_reset_start cortex_x3, ERRATUM(2266875), ERRATA_X3_2266875
+ sysreg_bit_set CORTEX_X3_CPUACTLR_EL1, BIT(22)
+workaround_reset_end cortex_x3, ERRATUM(2266875)
+
+check_erratum_ls cortex_x3, ERRATUM(2266875), CPU_REV(1, 0)
+
+workaround_runtime_start cortex_x3, ERRATUM(2302506), ERRATA_X3_2302506
+ sysreg_bit_set CORTEX_X3_CPUACTLR2_EL1, BIT(0)
+workaround_runtime_end cortex_x3, ERRATUM(2302506), NO_ISB
+
+check_erratum_ls cortex_x3, ERRATUM(2302506), CPU_REV(1, 1)
+
workaround_runtime_start cortex_x3, ERRATUM(2313909), ERRATA_X3_2313909
sysreg_bit_set CORTEX_X3_CPUACTLR2_EL1, CORTEX_X3_CPUACTLR2_EL1_BIT_36
workaround_runtime_end cortex_x3, ERRATUM(2313909), NO_ISB
@@ -57,6 +69,20 @@
check_erratum_ls cortex_x3, ERRATUM(2742421), CPU_REV(1, 1)
+workaround_runtime_start cortex_x3, ERRATUM(2743088), ERRATA_X3_2743088
+ /* dsb before isb of power down sequence */
+ dsb sy
+workaround_runtime_end cortex_x3, ERRATUM(2743088), NO_ISB
+
+check_erratum_ls cortex_x3, ERRATUM(2743088), CPU_REV(1, 1)
+
+workaround_reset_start cortex_x3, ERRATUM(2779509), ERRATA_X3_2779509
+ /* Set CPUACTLR3_EL1 bit 47 */
+ sysreg_bit_set CORTEX_X3_CPUACTLR3_EL1, CORTEX_X3_CPUACTLR3_EL1_BIT_47
+workaround_reset_end cortex_x3, ERRATUM(2779509)
+
+check_erratum_ls cortex_x3, ERRATUM(2779509), CPU_REV(1, 1)
+
workaround_reset_start cortex_x3, CVE(2022, 23960), WORKAROUND_CVE_2022_23960
#if IMAGE_BL31
override_vector_table wa_cve_vbar_cortex_x3
@@ -75,12 +101,13 @@
* ----------------------------------------------------
*/
func cortex_x3_core_pwr_dwn
-apply_erratum cortex_x3, ERRATUM(2313909), ERRATA_X3_2313909
+ apply_erratum cortex_x3, ERRATUM(2313909), ERRATA_X3_2313909
/* ---------------------------------------------------
* Enable CPU power down bit in power control register
* ---------------------------------------------------
*/
sysreg_bit_set CORTEX_X3_CPUPWRCTLR_EL1, CORTEX_X3_CPUPWRCTLR_EL1_CORE_PWRDN_BIT
+ apply_erratum cortex_x3, ERRATUM(2743088), ERRATA_X3_2743088
isb
ret
endfunc cortex_x3_core_pwr_dwn
diff --git a/lib/cpus/aarch64/dsu_helpers.S b/lib/cpus/aarch64/dsu_helpers.S
index a34b9a6..8e5b459 100644
--- a/lib/cpus/aarch64/dsu_helpers.S
+++ b/lib/cpus/aarch64/dsu_helpers.S
@@ -151,13 +151,22 @@
* This function is called from both assembly and C environment. So it
* follows AAPCS.
*
- * Clobbers: x0-x3
+ * Clobbers: x0-x4
* -----------------------------------------------------------------------
*/
.globl check_errata_dsu_2313941
.globl errata_dsu_2313941_wa
func check_errata_dsu_2313941
+ mov x4, x30
+ bl is_scu_present_in_dsu
+ cmp x0, xzr
+ /* Default error status */
+ mov x0, #ERRATA_NOT_APPLIES
+
+ /* If SCU is not present, return without applying patch */
+ b.eq 1f
+
mov x2, #ERRATA_APPLIES
mov x3, #ERRATA_NOT_APPLIES
@@ -170,7 +179,8 @@
mov x1, #(0x31 << CLUSTERIDR_REV_SHIFT)
cmp x0, x1
csel x0, x2, x3, LS
- ret
+1:
+ ret x4
endfunc check_errata_dsu_2313941
/* --------------------------------------------------
diff --git a/lib/cpus/aarch64/neoverse_v1.S b/lib/cpus/aarch64/neoverse_v1.S
index 2a49134..c2fbb11 100644
--- a/lib/cpus/aarch64/neoverse_v1.S
+++ b/lib/cpus/aarch64/neoverse_v1.S
@@ -196,6 +196,13 @@
check_erratum_ls neoverse_v1, ERRATUM(2294912), CPU_REV(1, 2)
+workaround_runtime_start neoverse_v1, ERRATUM(2348377), ERRATA_V1_2348377
+ /* Set bit 61 in CPUACTLR5_EL1 */
+ sysreg_bit_set NEOVERSE_V1_ACTLR5_EL1, NEOVERSE_V1_ACTLR5_EL1_BIT_61
+workaround_runtime_end neoverse_v1, ERRATUM(2348377)
+
+check_erratum_ls neoverse_v1, ERRATUM(2348377), CPU_REV(1, 1)
+
workaround_reset_start neoverse_v1, ERRATUM(2372203), ERRATA_V1_2372203
/* Set bit 40 in ACTLR2_EL1 */
sysreg_bit_set NEOVERSE_V1_ACTLR2_EL1, NEOVERSE_V1_ACTLR2_EL1_BIT_40
diff --git a/lib/cpus/aarch64/neoverse_v2.S b/lib/cpus/aarch64/neoverse_v2.S
index bfd088d..d4b3a96 100644
--- a/lib/cpus/aarch64/neoverse_v2.S
+++ b/lib/cpus/aarch64/neoverse_v2.S
@@ -29,6 +29,25 @@
check_erratum_ls neoverse_v2, ERRATUM(2331132), CPU_REV(0, 2)
+workaround_reset_start neoverse_v2, ERRATUM(2618597), ERRATA_V2_2618597
+ /* Disable retention control for WFI and WFE. */
+ mrs x0, NEOVERSE_V2_CPUPWRCTLR_EL1
+ bfi x0, xzr, #NEOVERSE_V2_CPUPWRCTLR_EL1_WFI_RET_CTRL_SHIFT, \
+ #NEOVERSE_V2_CPUPWRCTLR_EL1_WFI_RET_CTRL_WIDTH
+ bfi x0, xzr, #NEOVERSE_V2_CPUPWRCTLR_EL1_WFE_RET_CTRL_SHIFT, \
+ #NEOVERSE_V2_CPUPWRCTLR_EL1_WFE_RET_CTRL_WIDTH
+ msr NEOVERSE_V2_CPUPWRCTLR_EL1, x0
+workaround_reset_end neoverse_v2, ERRATUM(2618597)
+
+check_erratum_ls neoverse_v2, ERRATUM(2618597), CPU_REV(0, 1)
+
+workaround_reset_start neoverse_v2, ERRATUM(2662553), ERRATA_V2_2662553
+ sysreg_bitfield_insert NEOVERSE_V2_CPUECTLR2_EL1, NEOVERSE_V2_CPUECTLR2_EL1_TXREQ_STATIC_FULL, \
+ NEOVERSE_V2_CPUECTLR2_EL1_TXREQ_LSB, NEOVERSE_V2_CPUECTLR2_EL1_TXREQ_WIDTH
+workaround_reset_end neoverse_v2, ERRATUM(2662553)
+
+check_erratum_ls neoverse_v2, ERRATUM(2662553), CPU_REV(0, 1)
+
workaround_reset_start neoverse_v2, ERRATUM(2719105), ERRATA_V2_2719105
sysreg_bit_set NEOVERSE_V2_CPUACTLR2_EL1, NEOVERSE_V2_CPUACTLR2_EL1_BIT_0
workaround_reset_end neoverse_v2, ERRATUM(2719105)
diff --git a/lib/cpus/cpu-ops.mk b/lib/cpus/cpu-ops.mk
index 434ee08..a99c082 100644
--- a/lib/cpus/cpu-ops.mk
+++ b/lib/cpus/cpu-ops.mk
@@ -1,5 +1,5 @@
#
-# Copyright (c) 2014-2023, Arm Limited and Contributors. All rights reserved.
+# Copyright (c) 2014-2024, Arm Limited and Contributors. All rights reserved.
# Copyright (c) 2020-2022, NVIDIA Corporation. All rights reserved.
#
# SPDX-License-Identifier: BSD-3-Clause
@@ -388,11 +388,19 @@
# to revisions r0p1 and r0p2 of the A78C cpu. It is still open.
CPU_FLAG_LIST += ERRATA_A78C_2395411
+# Flag to apply erratum 2683027 workaround during reset. This erratum applies
+# to revisions r0p1 and r0p2 of the A78C cpu. It is still open.
+CPU_FLAG_LIST += ERRATA_A78C_2683027
+
# Flag to apply erratum 2712575 workaround for non-arm interconnect ip. This
# erratum applies to revisions r0p1 and r0p2 of the A78C cpu.
# It is still open.
CPU_FLAG_LIST += ERRATA_A78C_2712575
+# Flag to apply erratum 2743232 workaround during reset. This erratum applies
+# to revisions r0p1 and r0p2 of the A78C cpu. It is still open.
+CPU_FLAG_LIST += ERRATA_A78C_2743232
+
# Flag to apply erratum 2772121 workaround during powerdown. This erratum
# applies to revisions r0p0, r0p1 and r0p2 of the A78C cpu. It is still open.
CPU_FLAG_LIST += ERRATA_A78C_2772121
@@ -520,6 +528,10 @@
# to revisions r0p0, r1p0, and r1p1 and r1p2 of the Neoverse V1 cpu and is still open.
CPU_FLAG_LIST += ERRATA_V1_2294912
+# Flag to apply erratum 2348377 workaround during reset. This erratum applies
+# to revisions r0p0, r1p0 and r1p1 of the Neoverse V1 cpu and is fixed in r1p2.
+CPU_FLAG_LIST += ERRATA_V1_2348377
+
# Flag to apply erratum 2372203 workaround during reset. This erratum applies
# to revisions r0p0, r1p0 and r1p1 of the Neoverse V1 cpu and is still open.
CPU_FLAG_LIST += ERRATA_V1_2372203
@@ -617,6 +629,11 @@
# still open.
CPU_FLAG_LIST += ERRATA_A710_2768515
+# Flag to apply erratum 2778471 workaround during reset. This erratum applies
+# to revisions r0p0, r1p0, r2p0, r2p1 of the Cortex-A710 cpu and is still
+# open.
+CPU_FLAG_LIST += ERRATA_A710_2778471
+
# Flag to apply erratum 2002655 workaround during reset. This erratum applies
# to revisions r0p0 of the Neoverse-N2 cpu and is fixed in r0p1.
CPU_FLAG_LIST += ERRATA_N2_2002655
@@ -752,11 +769,23 @@
# still open.
CPU_FLAG_LIST += ERRATA_X2_2768515
+# Flag to apply erratum 2778471 workaround during reset. This erratum applies
+# to revisions r0p0, r1p0, r2p0, r2p1 of the Cortex-X2 cpu and it is still open.
+CPU_FLAG_LIST += ERRATA_X2_2778471
+
# Flag to apply erratum 2070301 workaround on reset. This erratum applies
# to revisions r0p0, r1p0, r1p1 and r1p2 of the Cortex-X3 cpu and is
# still open.
CPU_FLAG_LIST += ERRATA_X3_2070301
+# Flag to apply erratum 2266875 workaround during reset. This erratum applies
+# to revisions r0p0 and r1p0 of the Cortex-X3 cpu, it is fixed in r1p1.
+CPU_FLAG_LIST += ERRATA_X3_2266875
+
+# Flag to apply erratum 2302506 workaround during reset. This erratum applies
+# to revisions r0p0, r1p0 and r1p1 of the Cortex-X3 cpu, it is fixed in r1p2.
+CPU_FLAG_LIST += ERRATA_X3_2302506
+
# Flag to apply erratum 2313909 workaround on powerdown. This erratum applies
# to revisions r0p0 and r1p0 of the Cortex-X3 cpu, it is fixed in r1p1.
CPU_FLAG_LIST += ERRATA_X3_2313909
@@ -769,6 +798,14 @@
# to revisions r0p0, r1p0 and r1p1 of the Cortex-X3 cpu, it is fixed in r1p2.
CPU_FLAG_LIST += ERRATA_X3_2742421
+# Flag to apply erratum 2743088 workaround on powerdown. This erratum applies
+# to revisions r0p0, r1p0 and r1p1 of the Cortex-X3 cpu, it is fixed in r1p2.
+CPU_FLAG_LIST += ERRATA_X3_2743088
+
+# Flag to apply erratum 2779509 workaround on reset. This erratum applies
+# to revisions r0p0, r1p0, r1p1 of the Cortex-X3 cpu, it is fixed in r1p2.
+CPU_FLAG_LIST += ERRATA_X3_2779509
+
# Flag to apply erratum 1922240 workaround during reset. This erratum applies
# to revision r0p0 of the Cortex-A510 cpu and is fixed in r0p1.
CPU_FLAG_LIST += ERRATA_A510_1922240
@@ -822,10 +859,26 @@
# Cortex-A510 cpu and is fixed in r1p3.
CPU_FLAG_LIST += ERRATA_A510_2684597
+# Flag to apply erratum 2630792 workaround during reset. This erratum applies
+# to revisions r0p0, r0p1 of the Cortex-A520 cpu and is still open.
+CPU_FLAG_LIST += ERRATA_A520_2630792
+
+# Flag to apply erratum 2858100 workaround during reset. This erratum
+# applies to revision r0p0 and r0p1 of the Cortex-A520 cpu and is still open.
+CPU_FLAG_LIST += ERRATA_A520_2858100
+
# Flag to apply erratum 2331132 workaround during reset. This erratum applies
# to revisions r0p0, r0p1 and r0p2. It is still open.
CPU_FLAG_LIST += ERRATA_V2_2331132
+# Flag to apply erratum 2618597 workaround during reset. This erratum applies
+# to revisions r0p0 and r0p1. It is fixed in r0p2.
+CPU_FLAG_LIST += ERRATA_V2_2618597
+
+# Flag to apply erratum 2662553 workaround during reset. This erratum applies
+# to revisions r0p0 and r0p1. It is fixed in r0p2.
+CPU_FLAG_LIST += ERRATA_V2_2662553
+
# Flag to apply erratum 2719103 workaround for non-arm interconnect ip. This
# erratum applies to revisions r0p0, rop1. Fixed in r0p2.
CPU_FLAG_LIST += ERRATA_V2_2719103
diff --git a/make_helpers/defaults.mk b/make_helpers/defaults.mk
index f0f157c..b0ff5f0 100644
--- a/make_helpers/defaults.mk
+++ b/make_helpers/defaults.mk
@@ -150,6 +150,10 @@
# Enable Handoff protocol using transfer lists
TRANSFER_LIST := 0
+# Enables support for the gcc compiler option "-mharden-sls=all".
+# By default, disables all SLS hardening.
+HARDEN_SLS := 0
+
# Secure hash algorithm flag, accepts 3 values: sha256, sha384 and sha512.
# The default value is sha256.
HASH_ALG := sha256
diff --git a/plat/arm/board/rdn2/platform.mk b/plat/arm/board/rdn2/platform.mk
index ef8f3d4..f5fc1ad 100644
--- a/plat/arm/board/rdn2/platform.mk
+++ b/plat/arm/board/rdn2/platform.mk
@@ -95,3 +95,25 @@
override CTX_INCLUDE_AARCH32_REGS := 0
override ENABLE_FEAT_AMU := 1
+
+# Enable N2 CPU errata workarounds
+ERRATA_N2_2002655 := 1
+ERRATA_N2_2009478 := 1
+ERRATA_N2_2067956 := 1
+ERRATA_N2_2025414 := 1
+ERRATA_N2_2189731 := 1
+ERRATA_N2_2138956 := 1
+ERRATA_N2_2138953 := 1
+ERRATA_N2_2242415 := 1
+ERRATA_N2_2138958 := 1
+ERRATA_N2_2242400 := 1
+ERRATA_N2_2280757 := 1
+ERRATA_N2_2326639 := 1
+ERRATA_N2_2340933 := 1
+ERRATA_N2_2346952 := 1
+ERRATA_N2_2376738 := 1
+ERRATA_N2_2388450 := 1
+ERRATA_N2_2743014 := 1
+ERRATA_N2_2743089 := 1
+ERRATA_N2_2728475 := 1
+ERRATA_N2_2779511 := 1
diff --git a/plat/rockchip/rk3328/platform.mk b/plat/rockchip/rk3328/platform.mk
index 5b4766d..f96e18b 100644
--- a/plat/rockchip/rk3328/platform.mk
+++ b/plat/rockchip/rk3328/platform.mk
@@ -65,6 +65,7 @@
# Enable workarounds for selected Cortex-A53 errata
ERRATA_A53_855873 := 1
+ERRATA_A53_1530924 := 1
$(eval $(call add_define,PLAT_EXTRA_LD_SCRIPT))
$(eval $(call add_define,PLAT_SKIP_OPTEE_S_EL1_INT_REGISTER))
diff --git a/plat/xilinx/versal/platform.mk b/plat/xilinx/versal/platform.mk
index 7c53daa..612e956 100644
--- a/plat/xilinx/versal/platform.mk
+++ b/plat/xilinx/versal/platform.mk
@@ -116,3 +116,9 @@
ifeq ($(HARDEN_SLS_ALL), 1)
TF_CFLAGS_aarch64 += -mharden-sls=all
endif
+
+ifeq (${ERRATA_ABI_SUPPORT}, 1)
+# enable the cpu macros for errata abi interface
+CORTEX_A72_H_INC := 1
+$(eval $(call add_define, CORTEX_A72_H_INC))
+endif
diff --git a/services/std_svc/errata_abi/cpu_errata_info.h b/services/std_svc/errata_abi/cpu_errata_info.h
index e24a621..02dd3a8 100644
--- a/services/std_svc/errata_abi/cpu_errata_info.h
+++ b/services/std_svc/errata_abi/cpu_errata_info.h
@@ -13,6 +13,7 @@
#if __aarch64__
#include <cortex_a35.h>
#include <cortex_a510.h>
+#include <cortex_a520.h>
#include <cortex_a53.h>
#include <cortex_a57.h>
#include <cortex_a55.h>
diff --git a/services/std_svc/errata_abi/errata_abi_main.c b/services/std_svc/errata_abi/errata_abi_main.c
index 0b263e5..f1342ad 100644
--- a/services/std_svc/errata_abi/errata_abi_main.c
+++ b/services/std_svc/errata_abi/errata_abi_main.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2023, Arm Limited and Contributors. All rights reserved.
+ * Copyright (c) 2023-2024, Arm Limited and Contributors. All rights reserved.
*
* SPDX-License-Identifier: BSD-3-Clause
*/
@@ -237,11 +237,13 @@
[3] = {2242638, 0x01, 0x02, ERRATA_A78C_2242638},
[4] = {2376749, 0x01, 0x02, ERRATA_A78C_2376749},
[5] = {2395411, 0x01, 0x02, ERRATA_A78C_2395411},
- [6] = {2712575, 0x01, 0x02, ERRATA_A78C_2712575, \
+ [6] = {2683027, 0x01, 0x02, ERRATA_A78C_2683027},
+ [7] = {2712575, 0x01, 0x02, ERRATA_A78C_2712575, \
ERRATA_NON_ARM_INTERCONNECT},
- [7] = {2772121, 0x00, 0x02, ERRATA_A78C_2772121},
- [8] = {2779484, 0x01, 0x02, ERRATA_A78C_2779484},
- [9 ... ERRATA_LIST_END] = UNDEF_ERRATA,
+ [8] = {2743232, 0x01, 0x02, ERRATA_A78C_2743232},
+ [9] = {2772121, 0x00, 0x02, ERRATA_A78C_2772121},
+ [10] = {2779484, 0x01, 0x02, ERRATA_A78C_2779484},
+ [11 ... ERRATA_LIST_END] = UNDEF_ERRATA,
}
},
#endif /* CORTEX_A78C_H_INC */
@@ -297,13 +299,14 @@
[8] = {2139242, 0x00, 0x11, ERRATA_V1_2139242},
[9] = {2216392, 0x10, 0x11, ERRATA_V1_2216392},
[10] = {2294912, 0x00, 0x12, ERRATA_V1_2294912},
- [11] = {2372203, 0x00, 0x11, ERRATA_V1_2372203},
- [12] = {2701953, 0x00, 0x11, ERRATA_V1_2701953, \
+ [11] = {2348377, 0x00, 0x11, ERRATA_V1_2348377},
+ [12] = {2372203, 0x00, 0x11, ERRATA_V1_2372203},
+ [13] = {2701953, 0x00, 0x11, ERRATA_V1_2701953, \
ERRATA_NON_ARM_INTERCONNECT},
- [13] = {2743093, 0x00, 0x12, ERRATA_V1_2743093},
- [14] = {2743233, 0x00, 0x12, ERRATA_V1_2743233},
- [15] = {2779461, 0x00, 0x12, ERRATA_V1_2779461},
- [16 ... ERRATA_LIST_END] = UNDEF_ERRATA,
+ [14] = {2743093, 0x00, 0x12, ERRATA_V1_2743093},
+ [15] = {2743233, 0x00, 0x12, ERRATA_V1_2743233},
+ [16] = {2779461, 0x00, 0x12, ERRATA_V1_2779461},
+ [17 ... ERRATA_LIST_END] = UNDEF_ERRATA,
}
},
#endif /* NEOVERSE_V1_H_INC */
@@ -330,7 +333,8 @@
ERRATA_NON_ARM_INTERCONNECT},
[15] = {2742423, 0x00, 0x21, ERRATA_A710_2742423},
[16] = {2768515, 0x00, 0x21, ERRATA_A710_2768515},
- [17 ... ERRATA_LIST_END] = UNDEF_ERRATA,
+ [17] = {2778471, 0x00, 0x21, ERRATA_A710_2778471},
+ [18 ... ERRATA_LIST_END] = UNDEF_ERRATA,
}
},
#endif /* CORTEX_A710_H_INC */
@@ -382,7 +386,8 @@
ERRATA_NON_ARM_INTERCONNECT},
[10] = {2742423, 0x00, 0x21, ERRATA_X2_2742423},
[11] = {2768515, 0x00, 0x21, ERRATA_X2_2768515},
- [12 ... ERRATA_LIST_END] = UNDEF_ERRATA,
+ [12] = {2778471, 0x00, 0x21, ERRATA_X2_2778471},
+ [13 ... ERRATA_LIST_END] = UNDEF_ERRATA,
}
},
#endif /* CORTEX_X2_H_INC */
@@ -413,13 +418,15 @@
.cpu_partnumber = NEOVERSE_V2_MIDR,
.cpu_errata_list = {
[0] = {2331132, 0x00, 0x02, ERRATA_V2_2331132},
- [1] = {2719103, 0x00, 0x01, ERRATA_V2_2719103, \
+ [1] = {2618597, 0x00, 0x01, ERRATA_V2_2618597},
+ [2] = {2662553, 0x00, 0x01, ERRATA_V2_2662553},
+ [3] = {2719103, 0x00, 0x01, ERRATA_V2_2719103, \
ERRATA_NON_ARM_INTERCONNECT},
- [2] = {2719105, 0x00, 0x01, ERRATA_V2_2719105},
- [3] = {2743011, 0x00, 0x01, ERRATA_V2_2743011},
- [4] = {2779510, 0x00, 0x01, ERRATA_V2_2779510},
- [5] = {2801372, 0x00, 0x01, ERRATA_V2_2801372},
- [6 ... ERRATA_LIST_END] = UNDEF_ERRATA,
+ [4] = {2719105, 0x00, 0x01, ERRATA_V2_2719105},
+ [5] = {2743011, 0x00, 0x01, ERRATA_V2_2743011},
+ [6] = {2779510, 0x00, 0x01, ERRATA_V2_2779510},
+ [7] = {2801372, 0x00, 0x01, ERRATA_V2_2801372},
+ [8 ... ERRATA_LIST_END] = UNDEF_ERRATA,
}
},
#endif /* NEOVERSE_V2_H_INC */
@@ -440,13 +447,29 @@
.cpu_partnumber = CORTEX_X3_MIDR,
.cpu_errata_list = {
[0] = {2070301, 0x00, 0x12, ERRATA_X3_2070301},
- [1] = {2313909, 0x00, 0x10, ERRATA_X3_2313909},
- [2] = {2615812, 0x00, 0x11, ERRATA_X3_2615812},
- [3] = {2742421, 0x00, 0x11, ERRATA_X3_2742421},
- [4 ... ERRATA_LIST_END] = UNDEF_ERRATA,
+ [1] = {2266875, 0x00, 0x10, ERRATA_X3_2266875},
+ [2] = {2302506, 0x00, 0x11, ERRATA_X3_2302506},
+ [3] = {2313909, 0x00, 0x10, ERRATA_X3_2313909},
+ [4] = {2615812, 0x00, 0x11, ERRATA_X3_2615812},
+ [5] = {2742421, 0x00, 0x11, ERRATA_X3_2742421},
+ [6] = {2743088, 0x00, 0x11, ERRATA_X3_2743088},
+ [7] = {2779509, 0x00, 0x11, ERRATA_X3_2779509},
+ [8 ... ERRATA_LIST_END] = UNDEF_ERRATA,
}
},
#endif /* CORTEX_X3_H_INC */
+
+#if CORTEX_A520_H_INC
+{
+ .cpu_partnumber = CORTEX_A520_MIDR,
+ .cpu_errata_list = {
+ [0] = {2630792, 0x00, 0x01, ERRATA_A520_2630792},
+ [1] = {2858100, 0x00, 0x01, ERRATA_A520_2858100},
+ [2 ... ERRATA_LIST_END] = UNDEF_ERRATA,
+ }
+},
+#endif /* CORTEX_A520_H_INC */
+
};
/*