subtree updates
meta-security: b9bc938785..1856a7cf43:
Armin Kuster (1):
scap-security-guide: update to 0.1.69+
Lei Maohui (2):
paxctl: Fix do_package QA Issue.
ccs-tools: Fix do_package QA Issue.
Martin Jansa (1):
layer.conf: update LAYERSERIES_COMPAT for nanbield
Yi Zhao (1):
scap-security-guide: pass the correct cpe/schemas/xsl paths to oscap
meta-arm: 992c07f7c0..bd0953cc60:
Abdellatif El Khlifi (1):
arm-bsp/u-boot: corstone1000: detect the kernel size automatically
Anusmita Dutta Mazumder (5):
arm-bsp/u-boot: corstone1000: add unique firmware GUID
arm-bsp/trusted-firmware-m: corstone1000: add unique firmware GUID
arm-bsp/scp-firmware: Update N1SDP scp-firmware version
arm-bsp/n1sdp: Enable tests with pseudo trusted application
CI: Build custom image for N1SDP optee-xtest
Delane Brandy (1):
arm-bsp/corstone1000: mmc2-enablement
Emekcan Aras (2):
arm-bsp/trusted-firmware-a: corstone1000: Update TF-A v2.9
arm-bsp/optee-os: corstone1000: Update optee-os v3.22
Javier Tia (1):
optee-client: Add path condition to tee-supplicant.service
Jon Mason (14):
arm/trusted-firmware-a: update to 2.9.0
arm-bsp/juno: update kernel to 6.4
arm/linux-yocto: change defconfig patch for 6.4
arm/hafnium: update to v2.8
arm/linux-yocto: update kernel patches
arm/trusted-services: add SRCREV_FORMAT
arm-bsp/tc1: update optee
arm-bsp/fvp-baser-aemv8r64: update u-boot to 2023.01
arm-bsp/corstone500: upgrade u-boot to the latest
arm-bsp/corstone500: removal of support
arm: patch clean-ups
arm/edk2: update to 202305 version
arm/sbsa-acs: update to v7.1.2
arm-bsp/trusted-firmware-a: remove unneeded patches
Mariam Elshakfy (2):
arm-bsp/trusted-firmware-a: Update TF-A version for N1SDP
arm-bsp/n1sdp: Update edk2-firmware version for N1SDP to 202305
Ross Burton (3):
kas/: pass through DISPLAY from environment
Remove explicit SRCPV
arm-bsp/external-system: set PACKAGE_ARCH as this is machine-specific
meta-raspberrypi: 5e2f79a6fa..6501ec892c:
Andrei Gherzan (2):
ci: Add usrmerge to distro features
docs: Fix documentation theme
Sangmo Kang (1):
omxplayer: fix an error caused by new srcrev fetcher API
Change-Id: Ibfc1e039975c1d20358c861af19fc8538125118e
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
diff --git a/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0001-feat-vhe-enable-vhe-and-disable-branch-protection-fo.patch b/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0001-feat-vhe-enable-vhe-and-disable-branch-protection-fo.patch
new file mode 100644
index 0000000..9627a76
--- /dev/null
+++ b/meta-arm/meta-arm-bsp/recipes-bsp/hafnium/files/tc/0001-feat-vhe-enable-vhe-and-disable-branch-protection-fo.patch
@@ -0,0 +1,32 @@
+From 1fef5bd2504ce3a203c56a3b66dba773cd4893c6 Mon Sep 17 00:00:00 2001
+From: Davidson K <davidson.kumaresan@arm.com>
+Date: Thu, 8 Sep 2022 10:47:10 +0530
+Subject: [PATCH] feat(vhe): enable vhe and disable branch protection for TC
+
+Signed-off-by: Davidson K <davidson.kumaresan@arm.com>
+Change-Id: I60cd607d9f2bf0114b482980e7ca68e24aaf4d1f
+Upstream-Status: Pending [Not submitted to upstream yet]
+---
+ BUILD.gn | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/BUILD.gn b/BUILD.gn
+index cc6a78f4fdb8..acd1f9d1634b 100644
+--- a/BUILD.gn
++++ b/BUILD.gn
+@@ -245,7 +245,6 @@ aarch64_toolchains("secure_tc") {
+ heap_pages = 180
+ max_cpus = 8
+ max_vms = 16
+- branch_protection = "standard"
+ toolchain_args = {
+ plat_ffa = "//src/arch/aarch64/plat/ffa:spmc"
+ plat_psci = "//src/arch/aarch64/plat/psci:spmc"
+@@ -254,6 +253,7 @@ aarch64_toolchains("secure_tc") {
+ secure_world = "1"
+ pl011_base_address = "0x7ff80000"
+ enable_mte = "1"
++ enable_vhe = "1"
+ plat_log_level = "LOG_LEVEL_INFO"
+ }
+ }