Merge "Fix MISRA C issues in BL1/BL2/BL31" into integration

bl1/aarch32/bl1_context_mgmt.c

 /*
- * Copyright (c) 2016-2018, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2020, ARM Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -53,10 +53,10 @@ void *cm_get_context(uint32_t security_state)
 	return &bl1_cpu_context[security_state];
 }
 
-void cm_set_next_context(void *cpu_context)
+void cm_set_next_context(void *context)
 {
-	assert(cpu_context);
-	bl1_next_cpu_context_ptr = cpu_context;
+	assert(context != NULL);
+	bl1_next_cpu_context_ptr = context;
 }
 
 void *cm_get_next_context(void)
@@ -103,21 +103,21 @@ static void flush_smc_and_cpu_ctx(void)
 void bl1_prepare_next_image(unsigned int image_id)
 {
 	unsigned int security_state, mode = MODE32_svc;
-	image_desc_t *image_desc;
+	image_desc_t *desc;
 	entry_point_info_t *next_bl_ep;
 
 	/* Get the image descriptor. */
-	image_desc = bl1_plat_get_image_desc(image_id);
-	assert(image_desc);
+	desc = bl1_plat_get_image_desc(image_id);
+	assert(desc != NULL);
 
 	/* Get the entry point info. */
-	next_bl_ep = &image_desc->ep_info;
+	next_bl_ep = &desc->ep_info;
 
 	/* Get the image security state. */
 	security_state = GET_SECURITY_STATE(next_bl_ep->h.attr);
 
 	/* Prepare the SPSR for the next BL image. */
-	if ((security_state != SECURE) && (GET_VIRT_EXT(read_id_pfr1()))) {
+	if ((security_state != SECURE) && (GET_VIRT_EXT(read_id_pfr1()) != 0U)) {
 		mode = MODE32_hyp;
 	}
 
@@ -166,7 +166,7 @@ void bl1_prepare_next_image(unsigned int image_id)
 	flush_smc_and_cpu_ctx();
 
 	/* Indicate that image is in execution state. */
-	image_desc->state = IMAGE_STATE_EXECUTED;
+	desc->state = IMAGE_STATE_EXECUTED;
 
 	print_entry_point_info(next_bl_ep);
 }

bl1/aarch64/bl1_context_mgmt.c

@@ -43,7 +43,7 @@ void cm_set_context(void *context, uint32_t security_state)
 void bl1_prepare_next_image(unsigned int image_id)
 {
 	unsigned int security_state, mode = MODE_EL1;
-	image_desc_t *image_desc;
+	image_desc_t *desc;
 	entry_point_info_t *next_bl_ep;
 
 #if CTX_INCLUDE_AARCH32_REGS
@@ -59,11 +59,11 @@ void bl1_prepare_next_image(unsigned int image_id)
 #endif
 
 	/* Get the image descriptor. */
-	image_desc = bl1_plat_get_image_desc(image_id);
-	assert(image_desc);
+	desc = bl1_plat_get_image_desc(image_id);
+	assert(desc != NULL);
 
 	/* Get the entry point info. */
-	next_bl_ep = &image_desc->ep_info;
+	next_bl_ep = &desc->ep_info;
 
 	/* Get the image security state. */
 	security_state = GET_SECURITY_STATE(next_bl_ep->h.attr);
@@ -77,7 +77,7 @@ void bl1_prepare_next_image(unsigned int image_id)
 		mode = MODE_EL2;
 	}
 
-	next_bl_ep->spsr = SPSR_64(mode, MODE_SP_ELX,
+	next_bl_ep->spsr = (uint32_t)SPSR_64(mode, MODE_SP_ELX,
 		DISABLE_ALL_EXCEPTIONS);
 
 	/* Allow platform to make change */
@@ -88,7 +88,7 @@ void bl1_prepare_next_image(unsigned int image_id)
 	cm_prepare_el3_exit(security_state);
 
 	/* Indicate that image is in execution state. */
-	image_desc->state = IMAGE_STATE_EXECUTED;
+	desc->state = IMAGE_STATE_EXECUTED;
 
 	print_entry_point_info(next_bl_ep);
 }

bl1/bl1_fwu.c

@@ -67,28 +67,32 @@ u_register_t bl1_fwu_smc_handler(unsigned int smc_fid,
 
 	switch (smc_fid) {
 	case FWU_SMC_IMAGE_COPY:
-		SMC_RET1(handle, bl1_fwu_image_copy(x1, x2, x3, x4, flags));
+		SMC_RET1(handle, bl1_fwu_image_copy((uint32_t)x1, x2,
+			(uint32_t)x3, (uint32_t)x4, flags));
 
 	case FWU_SMC_IMAGE_AUTH:
-		SMC_RET1(handle, bl1_fwu_image_auth(x1, x2, x3, flags));
+		SMC_RET1(handle, bl1_fwu_image_auth((uint32_t)x1, x2,
+			(uint32_t)x3, flags));
 
 	case FWU_SMC_IMAGE_EXECUTE:
-		SMC_RET1(handle, bl1_fwu_image_execute(x1, &handle, flags));
+		SMC_RET1(handle, bl1_fwu_image_execute((uint32_t)x1, &handle,
+			flags));
 
 	case FWU_SMC_IMAGE_RESUME:
-		SMC_RET1(handle, bl1_fwu_image_resume((register_t)x1, &handle, flags));
+		SMC_RET1(handle, bl1_fwu_image_resume((register_t)x1, &handle,
+			flags));
 
 	case FWU_SMC_SEC_IMAGE_DONE:
 		SMC_RET1(handle, bl1_fwu_sec_image_done(&handle, flags));
 
 	case FWU_SMC_IMAGE_RESET:
-		SMC_RET1(handle, bl1_fwu_image_reset(x1, flags));
+		SMC_RET1(handle, bl1_fwu_image_reset((uint32_t)x1, flags));
 
 	case FWU_SMC_UPDATE_DONE:
 		bl1_fwu_done((void *)x1, NULL);
 
 	default:
-		assert(0); /* Unreachable */
+		assert(false); /* Unreachable */
 		break;
 	}
 
@@ -159,14 +163,14 @@ static int bl1_fwu_remove_loaded_id(unsigned int image_id)
  ******************************************************************************/
 static int bl1_fwu_image_check_overlaps(unsigned int image_id)
 {
-	const image_desc_t *image_desc, *checked_image_desc;
+	const image_desc_t *desc, *checked_desc;
 	const image_info_t *info, *checked_info;
 
 	uintptr_t image_base, image_end;
 	uintptr_t checked_image_base, checked_image_end;
 
-	checked_image_desc = bl1_plat_get_image_desc(image_id);
-	checked_info = &checked_image_desc->image_info;
+	checked_desc = bl1_plat_get_image_desc(image_id);
+	checked_info = &checked_desc->image_info;
 
 	/* Image being checked mustn't be empty. */
 	assert(checked_info->image_size != 0);
@@ -182,12 +186,12 @@ static int bl1_fwu_image_check_overlaps(unsigned int image_id)
 				(bl1_fwu_loaded_ids[i] == image_id))
 			continue;
 
-		image_desc = bl1_plat_get_image_desc(bl1_fwu_loaded_ids[i]);
+		desc = bl1_plat_get_image_desc(bl1_fwu_loaded_ids[i]);
 
 		/* Only check images that are loaded or being loaded. */
-		assert (image_desc && image_desc->state != IMAGE_STATE_RESET);
+		assert ((desc != NULL) && (desc->state != IMAGE_STATE_RESET));
 
-		info = &image_desc->image_info;
+		info = &desc->image_info;
 
 		/* There cannot be overlaps with an empty image. */
 		if (info->image_size == 0)
@@ -203,10 +207,10 @@ static int bl1_fwu_image_check_overlaps(unsigned int image_id)
 		assert (image_end > image_base);
 
 		/* Check if there are overlaps. */
-		if (!(image_end < checked_image_base ||
-		    checked_image_end < image_base)) {
+		if (!((image_end < checked_image_base) ||
+		    (checked_image_end < image_base))) {
 			VERBOSE("Image with ID %d overlaps existing image with ID %d",
-				checked_image_desc->image_id, image_desc->image_id);
+				checked_desc->image_id, desc->image_id);
 			return -EPERM;
 		}
 	}
@@ -225,10 +229,11 @@ static int bl1_fwu_image_copy(unsigned int image_id,
 {
 	uintptr_t dest_addr;
 	unsigned int remaining;
+	image_desc_t *desc;
 
 	/* Get the image descriptor. */
-	image_desc_t *image_desc = bl1_plat_get_image_desc(image_id);
-	if (!image_desc) {
+	desc = bl1_plat_get_image_desc(image_id);
+	if (desc == NULL) {
 		WARN("BL1-FWU: Invalid image ID %u\n", image_id);
 		return -EPERM;
 	}
@@ -241,66 +246,66 @@ static int bl1_fwu_image_copy(unsigned int image_id,
 		WARN("BL1-FWU: Copy not allowed from secure world.\n");
 		return -EPERM;
 	}
-	if (GET_SECURITY_STATE(image_desc->ep_info.h.attr) == NON_SECURE) {
+	if (GET_SECURITY_STATE(desc->ep_info.h.attr) == NON_SECURE) {
 		WARN("BL1-FWU: Copy not allowed for non-secure images.\n");
 		return -EPERM;
 	}
 
 	/* Check whether the FWU state machine is in the correct state. */
-	if ((image_desc->state != IMAGE_STATE_RESET) &&
-	    (image_desc->state != IMAGE_STATE_COPYING)) {
+	if ((desc->state != IMAGE_STATE_RESET) &&
+	    (desc->state != IMAGE_STATE_COPYING)) {
 		WARN("BL1-FWU: Copy not allowed at this point of the FWU"
 			" process.\n");
 		return -EPERM;
 	}
 
-	if ((!image_src) || (!block_size) ||
+	if ((image_src == 0U) || (block_size == 0U) ||
 	    check_uptr_overflow(image_src, block_size - 1)) {
 		WARN("BL1-FWU: Copy not allowed due to invalid image source"
 			" or block size\n");
 		return -ENOMEM;
 	}
 
-	if (image_desc->state == IMAGE_STATE_COPYING) {
+	if (desc->state == IMAGE_STATE_COPYING) {
 		/*
 		 * There must have been at least 1 copy operation for this image
 		 * previously.
 		 */
-		assert(image_desc->copied_size != 0);
+		assert(desc->copied_size != 0U);
 		/*
 		 * The image size must have been recorded in the 1st copy
 		 * operation.
 		 */
-		image_size = image_desc->image_info.image_size;
+		image_size = desc->image_info.image_size;
 		assert(image_size != 0);
-		assert(image_desc->copied_size < image_size);
+		assert(desc->copied_size < image_size);
 
 		INFO("BL1-FWU: Continuing image copy in blocks\n");
-	} else { /* image_desc->state == IMAGE_STATE_RESET */
+	} else { /* desc->state == IMAGE_STATE_RESET */
 		INFO("BL1-FWU: Initial call to copy an image\n");
 
 		/*
 		 * image_size is relevant only for the 1st copy request, it is
 		 * then ignored for subsequent calls for this image.
 		 */
-		if (!image_size) {
+		if (image_size == 0) {
 			WARN("BL1-FWU: Copy not allowed due to invalid image"
 				" size\n");
 			return -ENOMEM;
 		}
 
 		/* Check that the image size to load is within limit */
-		if (image_size > image_desc->image_info.image_max_size) {
+		if (image_size > desc->image_info.image_max_size) {
 			WARN("BL1-FWU: Image size out of bounds\n");
 			return -ENOMEM;
 		}
 
 		/* Save the given image size. */
-		image_desc->image_info.image_size = image_size;
+		desc->image_info.image_size = image_size;
 
 		/* Make sure the image doesn't overlap other images. */
-		if (bl1_fwu_image_check_overlaps(image_id)) {
-			image_desc->image_info.image_size = 0;
+		if (bl1_fwu_image_check_overlaps(image_id) != 0) {
+			desc->image_info.image_size = 0;
 			WARN("BL1-FWU: This image overlaps another one\n");
 			return -EPERM;
 		}
@@ -310,32 +315,32 @@ static int bl1_fwu_image_copy(unsigned int image_id,
 		 * FWU code doesn't necessarily do it when it resets the state
 		 * machine.
 		 */
-		image_desc->copied_size = 0;
+		desc->copied_size = 0;
 	}
 
 	/*
 	 * If the given block size is more than the total image size
 	 * then clip the former to the latter.
 	 */
-	remaining = image_size - image_desc->copied_size;
+	remaining = image_size - desc->copied_size;
 	if (block_size > remaining) {
 		WARN("BL1-FWU: Block size is too big, clipping it.\n");
 		block_size = remaining;
 	}
 
 	/* Make sure the source image is mapped in memory. */
-	if (bl1_plat_mem_check(image_src, block_size, flags)) {
+	if (bl1_plat_mem_check(image_src, block_size, flags) != 0) {
 		WARN("BL1-FWU: Source image is not mapped.\n");
 		return -ENOMEM;
 	}
 
-	if (bl1_fwu_add_loaded_id(image_id)) {
+	if (bl1_fwu_add_loaded_id(image_id) != 0) {
 		WARN("BL1-FWU: Too many images loaded at the same time.\n");
 		return -ENOMEM;
 	}
 
 	/* Allow the platform to handle pre-image load before copying */
-	if (image_desc->state == IMAGE_STATE_RESET) {
+	if (desc->state == IMAGE_STATE_RESET) {
 		if (bl1_plat_handle_pre_image_load(image_id) != 0) {
 			ERROR("BL1-FWU: Failure in pre-image load of image id %d\n",
 					image_id);
@@ -344,12 +349,12 @@ static int bl1_fwu_image_copy(unsigned int image_id,
 	}
 
 	/* Everything looks sane. Go ahead and copy the block of data. */
-	dest_addr = image_desc->image_info.image_base + image_desc->copied_size;
-	memcpy((void *) dest_addr, (const void *) image_src, block_size);
+	dest_addr = desc->image_info.image_base + desc->copied_size;
+	(void)memcpy((void *) dest_addr, (const void *) image_src, block_size);
 	flush_dcache_range(dest_addr, block_size);
 
-	image_desc->copied_size += block_size;
-	image_desc->state = (block_size == remaining) ?
+	desc->copied_size += block_size;
+	desc->state = (block_size == remaining) ?
 		IMAGE_STATE_COPIED : IMAGE_STATE_COPYING;
 
 	INFO("BL1-FWU: Copy operation successful.\n");
@@ -367,27 +372,28 @@ static int bl1_fwu_image_auth(unsigned int image_id,
 	int result;
 	uintptr_t base_addr;
 	unsigned int total_size;
+	image_desc_t *desc;
 
 	/* Get the image descriptor. */
-	image_desc_t *image_desc = bl1_plat_get_image_desc(image_id);
-	if (!image_desc)
+	desc = bl1_plat_get_image_desc(image_id);
+	if (desc ==  NULL)
 		return -EPERM;
 
 	if (GET_SECURITY_STATE(flags) == SECURE) {
-		if (image_desc->state != IMAGE_STATE_RESET) {
+		if (desc->state != IMAGE_STATE_RESET) {
 			WARN("BL1-FWU: Authentication from secure world "
 				"while in invalid state\n");
 			return -EPERM;
 		}
 	} else {
-		if (GET_SECURITY_STATE(image_desc->ep_info.h.attr) == SECURE) {
-			if (image_desc->state != IMAGE_STATE_COPIED) {
+		if (GET_SECURITY_STATE(desc->ep_info.h.attr) == SECURE) {
+			if (desc->state != IMAGE_STATE_COPIED) {
 				WARN("BL1-FWU: Authentication of secure image "
 					"from non-secure world while not in copied state\n");
 				return -EPERM;
 			}
 		} else {
-			if (image_desc->state != IMAGE_STATE_RESET) {
+			if (desc->state != IMAGE_STATE_RESET) {
 				WARN("BL1-FWU: Authentication of non-secure image "
 					"from non-secure world while in invalid state\n");
 				return -EPERM;
@@ -395,15 +401,15 @@ static int bl1_fwu_image_auth(unsigned int image_id,
 		}
 	}
 
-	if (image_desc->state == IMAGE_STATE_COPIED) {
+	if (desc->state == IMAGE_STATE_COPIED) {
 		/*
 		 * Image is in COPIED state.
 		 * Use the stored address and size.
 		 */
-		base_addr = image_desc->image_info.image_base;
-		total_size = image_desc->image_info.image_size;
+		base_addr = desc->image_info.image_base;
+		total_size = desc->image_info.image_size;
 	} else {
-		if ((!image_src) || (!image_size) ||
+		if ((image_src == 0U) || (image_size == 0U) ||
 		    check_uptr_overflow(image_src, image_size - 1)) {
 			WARN("BL1-FWU: Auth not allowed due to invalid"
 				" image source/size\n");
@@ -415,12 +421,12 @@ static int bl1_fwu_image_auth(unsigned int image_id,
 		 * Check the parameters and authenticate the source image in place.
 		 */
 		if (bl1_plat_mem_check(image_src, image_size,	\
-					image_desc->ep_info.h.attr)) {
+					desc->ep_info.h.attr) != 0) {
 			WARN("BL1-FWU: Authentication arguments source/size not mapped\n");
 			return -ENOMEM;
 		}
 
-		if (bl1_fwu_add_loaded_id(image_id)) {
+		if (bl1_fwu_add_loaded_id(image_id) != 0) {
 			WARN("BL1-FWU: Too many images loaded at the same time.\n");
 			return -ENOMEM;
 		}
@@ -429,7 +435,7 @@ static int bl1_fwu_image_auth(unsigned int image_id,
 		total_size = image_size;
 
 		/* Update the image size in the descriptor. */
-		image_desc->image_info.image_size = total_size;
+		desc->image_info.image_size = total_size;
 	}
 
 	/*
@@ -446,13 +452,13 @@ static int bl1_fwu_image_auth(unsigned int image_id,
 		 * This is to prevent an attack where this contains
 		 * some malicious code that can somehow be executed later.
 		 */
-		if (image_desc->state == IMAGE_STATE_COPIED) {
+		if (desc->state == IMAGE_STATE_COPIED) {
 			/* Clear the memory.*/
 			zero_normalmem((void *)base_addr, total_size);
 			flush_dcache_range(base_addr, total_size);
 
 			/* Indicate that image can be copied again*/
-			image_desc->state = IMAGE_STATE_RESET;
+			desc->state = IMAGE_STATE_RESET;
 		}
 
 		/*
@@ -460,12 +466,12 @@ static int bl1_fwu_image_auth(unsigned int image_id,
 		 * The image cannot be in RESET state here, it is checked at the
 		 * beginning of the function.
 		 */
-		bl1_fwu_remove_loaded_id(image_id);
+		(void)bl1_fwu_remove_loaded_id(image_id);
 		return -EAUTH;
 	}
 
 	/* Indicate that image is in authenticated state. */
-	image_desc->state = IMAGE_STATE_AUTHENTICATED;
+	desc->state = IMAGE_STATE_AUTHENTICATED;
 
 	/* Allow the platform to handle post-image load */
 	result = bl1_plat_handle_post_image_load(image_id);
@@ -483,7 +489,7 @@ static int bl1_fwu_image_auth(unsigned int image_id,
 	 * Flush image_info to memory so that other
 	 * secure world images can see changes.
 	 */
-	flush_dcache_range((uintptr_t)&image_desc->image_info,
+	flush_dcache_range((uintptr_t)&desc->image_info,
 		sizeof(image_info_t));
 
 	INFO("BL1-FWU: Authentication was successful\n");
@@ -499,7 +505,7 @@ static int bl1_fwu_image_execute(unsigned int image_id,
 			unsigned int flags)
 {
 	/* Get the image descriptor. */
-	image_desc_t *image_desc = bl1_plat_get_image_desc(image_id);
+	image_desc_t *desc = bl1_plat_get_image_desc(image_id);
 
 	/*
 	 * Execution is NOT allowed if:
@@ -509,11 +515,11 @@ static int bl1_fwu_image_execute(unsigned int image_id,
 	 * Image is Non-Executable OR
 	 * Image is NOT in AUTHENTICATED state.
 	 */
-	if ((!image_desc) ||
+	if ((desc == NULL) ||
 	    (GET_SECURITY_STATE(flags) == SECURE) ||
-	    (GET_SECURITY_STATE(image_desc->ep_info.h.attr) == NON_SECURE) ||
-	    (EP_GET_EXE(image_desc->ep_info.h.attr) == NON_EXECUTABLE) ||
-	    (image_desc->state != IMAGE_STATE_AUTHENTICATED)) {
+	    (GET_SECURITY_STATE(desc->ep_info.h.attr) == NON_SECURE) ||
+	    (EP_GET_EXE(desc->ep_info.h.attr) == NON_EXECUTABLE) ||
+	    (desc->state != IMAGE_STATE_AUTHENTICATED)) {
 		WARN("BL1-FWU: Execution not allowed due to invalid state/args\n");
 		return -EPERM;
 	}
@@ -547,37 +553,37 @@ static register_t bl1_fwu_image_resume(register_t image_param,
 			void **handle,
 			unsigned int flags)
 {
-	image_desc_t *image_desc;
+	image_desc_t *desc;
 	unsigned int resume_sec_state;
 	unsigned int caller_sec_state = GET_SECURITY_STATE(flags);
 
 	/* Get the image descriptor for last executed secure image id. */
-	image_desc = bl1_plat_get_image_desc(sec_exec_image_id);
+	desc = bl1_plat_get_image_desc(sec_exec_image_id);
 	if (caller_sec_state == NON_SECURE) {
-		if (!image_desc) {
+		if (desc == NULL) {
 			WARN("BL1-FWU: Resume not allowed due to no available"
 				"secure image\n");
 			return -EPERM;
 		}
 	} else {
-		/* image_desc must be valid for secure world callers */
-		assert(image_desc);
+		/* desc must be valid for secure world callers */
+		assert(desc != NULL);
 	}
 
-	assert(GET_SECURITY_STATE(image_desc->ep_info.h.attr) == SECURE);
-	assert(EP_GET_EXE(image_desc->ep_info.h.attr) == EXECUTABLE);
+	assert(GET_SECURITY_STATE(desc->ep_info.h.attr) == SECURE);
+	assert(EP_GET_EXE(desc->ep_info.h.attr) == EXECUTABLE);
 
 	if (caller_sec_state == SECURE) {
-		assert(image_desc->state == IMAGE_STATE_EXECUTED);
+		assert(desc->state == IMAGE_STATE_EXECUTED);
 
 		/* Update the flags. */
-		image_desc->state = IMAGE_STATE_INTERRUPTED;
+		desc->state = IMAGE_STATE_INTERRUPTED;
 		resume_sec_state = NON_SECURE;
 	} else {
-		assert(image_desc->state == IMAGE_STATE_INTERRUPTED);
+		assert(desc->state == IMAGE_STATE_INTERRUPTED);
 
 		/* Update the flags. */
-		image_desc->state = IMAGE_STATE_EXECUTED;
+		desc->state = IMAGE_STATE_EXECUTED;
 		resume_sec_state = SECURE;
 	}
 
@@ -612,7 +618,7 @@ static register_t bl1_fwu_image_resume(register_t image_param,
  ******************************************************************************/
 static int bl1_fwu_sec_image_done(void **handle, unsigned int flags)
 {
-	image_desc_t *image_desc;
+	image_desc_t *desc;
 
 	/* Make sure caller is from the secure world */
 	if (GET_SECURITY_STATE(flags) == NON_SECURE) {
@@ -621,13 +627,13 @@ static int bl1_fwu_sec_image_done(void **handle, unsigned int flags)
 	}
 
 	/* Get the image descriptor for last executed secure image id */
-	image_desc = bl1_plat_get_image_desc(sec_exec_image_id);
+	desc = bl1_plat_get_image_desc(sec_exec_image_id);
 
-	/* image_desc must correspond to a valid secure executing image */
-	assert(image_desc);
-	assert(GET_SECURITY_STATE(image_desc->ep_info.h.attr) == SECURE);
-	assert(EP_GET_EXE(image_desc->ep_info.h.attr) == EXECUTABLE);
-	assert(image_desc->state == IMAGE_STATE_EXECUTED);
+	/* desc must correspond to a valid secure executing image */
+	assert(desc != NULL);
+	assert(GET_SECURITY_STATE(desc->ep_info.h.attr) == SECURE);
+	assert(EP_GET_EXE(desc->ep_info.h.attr) == EXECUTABLE);
+	assert(desc->state == IMAGE_STATE_EXECUTED);
 
 #if ENABLE_ASSERTIONS
 	int rc = bl1_fwu_remove_loaded_id(sec_exec_image_id);
@@ -637,7 +643,7 @@ static int bl1_fwu_sec_image_done(void **handle, unsigned int flags)
 #endif
 
 	/* Update the flags. */
-	image_desc->state = IMAGE_STATE_RESET;
+	desc->state = IMAGE_STATE_RESET;
 	sec_exec_image_id = INVALID_IMAGE_ID;
 
 	INFO("BL1-FWU: Resuming Normal world context\n");
@@ -676,7 +682,7 @@ __dead2 static void bl1_fwu_done(void *client_cookie, void *reserved)
 	 * Call platform done function.
 	 */
 	bl1_plat_fwu_done(client_cookie, reserved);
-	assert(0);
+	assert(false);
 }
 
 /*******************************************************************************
@@ -685,14 +691,14 @@ __dead2 static void bl1_fwu_done(void *client_cookie, void *reserved)
  ******************************************************************************/
 static int bl1_fwu_image_reset(unsigned int image_id, unsigned int flags)
 {
-	image_desc_t *image_desc = bl1_plat_get_image_desc(image_id);
+	image_desc_t *desc = bl1_plat_get_image_desc(image_id);
 
-	if ((!image_desc) || (GET_SECURITY_STATE(flags) == SECURE)) {
+	if ((desc == NULL) || (GET_SECURITY_STATE(flags) == SECURE)) {
 		WARN("BL1-FWU: Reset not allowed due to invalid args\n");
 		return -EPERM;
 	}
 
-	switch (image_desc->state) {
+	switch (desc->state) {
 
 	case IMAGE_STATE_RESET:
 		/* Nothing to do. */
@@ -703,25 +709,26 @@ static int bl1_fwu_image_reset(unsigned int image_id, unsigned int flags)
 	case IMAGE_STATE_COPIED:
 	case IMAGE_STATE_COPYING:
 
-		if (bl1_fwu_remove_loaded_id(image_id)) {
+		if (bl1_fwu_remove_loaded_id(image_id) != 0) {
 			WARN("BL1-FWU: Image reset couldn't find the image ID\n");
 			return -EPERM;
 		}
 
-		if (image_desc->copied_size) {
+		if (desc->copied_size != 0U) {
 			/* Clear the memory if the image is copied */
-			assert(GET_SECURITY_STATE(image_desc->ep_info.h.attr) == SECURE);
+			assert(GET_SECURITY_STATE(desc->ep_info.h.attr)
+				== SECURE);
 
-			zero_normalmem((void *)image_desc->image_info.image_base,
-					image_desc->copied_size);
-			flush_dcache_range(image_desc->image_info.image_base,
-					image_desc->copied_size);
+			zero_normalmem((void *)desc->image_info.image_base,
+					desc->copied_size);
+			flush_dcache_range(desc->image_info.image_base,
+					desc->copied_size);
 		}
 
 		/* Reset status variables */
-		image_desc->copied_size = 0;
-		image_desc->image_info.image_size = 0;
-		image_desc->state = IMAGE_STATE_RESET;
+		desc->copied_size = 0;
+		desc->image_info.image_size = 0;
+		desc->state = IMAGE_STATE_RESET;
 
 		/* Clear authentication state */
 		auth_img_flags[image_id] = 0;
@@ -730,7 +737,7 @@ static int bl1_fwu_image_reset(unsigned int image_id, unsigned int flags)
 
 	case IMAGE_STATE_EXECUTED:
 	default:
-		assert(0); /* Unreachable */
+		assert(false); /* Unreachable */
 		break;
 	}
 

bl1/bl1_main.c

@@ -90,8 +90,7 @@ void bl1_main(void)
 	NOTICE("BL1: %s\n", version_string);
 	NOTICE("BL1: %s\n", build_message);
 
-	INFO("BL1: RAM %p - %p\n", (void *)BL1_RAM_BASE,
-					(void *)BL1_RAM_LIMIT);
+	INFO("BL1: RAM %p - %p\n", (void *)BL1_RAM_BASE, (void *)BL1_RAM_LIMIT);
 
 	print_errata_status();
 
@@ -105,9 +104,9 @@ void bl1_main(void)
 #else
 	val = read_sctlr();
 #endif
-	assert(val & SCTLR_M_BIT);
-	assert(val & SCTLR_C_BIT);
-	assert(val & SCTLR_I_BIT);
+	assert((val & SCTLR_M_BIT) != 0);
+	assert((val & SCTLR_C_BIT) != 0);
+	assert((val & SCTLR_I_BIT) != 0);
 	/*
 	 * Check that Cache Writeback Granule (CWG) in CTR_EL0 matches the
 	 * provided platform value
@@ -166,33 +165,33 @@ void bl1_main(void)
  ******************************************************************************/
 static void bl1_load_bl2(void)
 {
-	image_desc_t *image_desc;
-	image_info_t *image_info;
+	image_desc_t *desc;
+	image_info_t *info;
 	int err;
 
 	/* Get the image descriptor */
-	image_desc = bl1_plat_get_image_desc(BL2_IMAGE_ID);
-	assert(image_desc != NULL);
+	desc = bl1_plat_get_image_desc(BL2_IMAGE_ID);
+	assert(desc != NULL);
 
 	/* Get the image info */
-	image_info = &image_desc->image_info;
+	info = &desc->image_info;
 	INFO("BL1: Loading BL2\n");
 
 	err = bl1_plat_handle_pre_image_load(BL2_IMAGE_ID);
-	if (err) {
+	if (err != 0) {
 		ERROR("Failure in pre image load handling of BL2 (%d)\n", err);
 		plat_error_handler(err);
 	}
 
-	err = load_auth_image(BL2_IMAGE_ID, image_info);
-	if (err) {
+	err = load_auth_image(BL2_IMAGE_ID, info);
+	if (err != 0) {
 		ERROR("Failed to load BL2 firmware.\n");
 		plat_error_handler(err);
 	}
 
 	/* Allow platform to handle image information. */
 	err = bl1_plat_handle_post_image_load(BL2_IMAGE_ID);
-	if (err) {
+	if (err != 0) {
 		ERROR("Failure in post image load handling of BL2 (%d)\n", err);
 		plat_error_handler(err);
 	}
@@ -258,11 +257,9 @@ u_register_t bl1_smc_handler(unsigned int smc_fid,
 		SMC_RET1(handle, BL1_SMC_MAJOR_VER | BL1_SMC_MINOR_VER);
 
 	default:
-		break;
+		WARN("Unimplemented BL1 SMC Call: 0x%x\n", smc_fid);
+		SMC_RET1(handle, SMC_UNK);
 	}
-
-	WARN("Unimplemented BL1 SMC Call: 0x%x \n", smc_fid);
-	SMC_RET1(handle, SMC_UNK);
 }
 
 /*******************************************************************************

bl2/bl2_image_load_v2.c

@@ -47,8 +47,9 @@ struct entry_point_info *bl2_load_images(void)
 		 * if indicated in the image attributes AND if NOT
 		 * already done before.
 		 */
-		if (bl2_node_info->image_info->h.attr & IMAGE_ATTRIB_PLAT_SETUP) {
-			if (plat_setup_done) {
+		if ((bl2_node_info->image_info->h.attr &
+		    IMAGE_ATTRIB_PLAT_SETUP) != 0U) {
+			if (plat_setup_done != 0) {
 				WARN("BL2: Platform setup already done!!\n");
 			} else {
 				INFO("BL2: Doing platform setup\n");
@@ -58,16 +59,17 @@ struct entry_point_info *bl2_load_images(void)
 		}
 
 		err = bl2_plat_handle_pre_image_load(bl2_node_info->image_id);
-		if (err) {
+		if (err != 0) {
 			ERROR("BL2: Failure in pre image load handling (%i)\n", err);
 			plat_error_handler(err);
 		}
 
-		if (!(bl2_node_info->image_info->h.attr & IMAGE_ATTRIB_SKIP_LOADING)) {
+		if ((bl2_node_info->image_info->h.attr &
+		    IMAGE_ATTRIB_SKIP_LOADING) == 0U) {
 			INFO("BL2: Loading image id %d\n", bl2_node_info->image_id);
 			err = load_auth_image(bl2_node_info->image_id,
 				bl2_node_info->image_info);
-			if (err) {
+			if (err != 0) {
 				ERROR("BL2: Failed to load image id %d (%i)\n",
 				      bl2_node_info->image_id, err);
 				plat_error_handler(err);
@@ -78,7 +80,7 @@ struct entry_point_info *bl2_load_images(void)
 
 		/* Allow platform to handle image information. */
 		err = bl2_plat_handle_post_image_load(bl2_node_info->image_id);
-		if (err) {
+		if (err != 0) {
 			ERROR("BL2: Failure in post image load handling (%i)\n", err);
 			plat_error_handler(err);
 		}

bl2u/bl2u_main.c

 /*
- * Copyright (c) 2015-2018, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2015-2020, ARM Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -34,7 +34,7 @@ void bl2u_main(void)
 	int rc;
 	/* Load the subsequent bootloader images */
 	rc = bl2u_plat_handle_scp_bl2u();
-	if (rc) {
+	if (rc != 0) {
 		ERROR("Failed to load SCP_BL2U (%i)\n", rc);
 		panic();
 	}

include/arch/aarch32/arch.h

 /*
- * Copyright (c) 2016-2019, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2020, ARM Limited and Contributors. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
  */
@@ -388,13 +388,17 @@
 
 #define GET_M32(mode)		(((mode) >> MODE32_SHIFT) & MODE32_MASK)
 
-#define SPSR_MODE32(mode, isa, endian, aif)		\
-	((MODE_RW_32 << MODE_RW_SHIFT |			\
-	((mode) & MODE32_MASK) << MODE32_SHIFT |	\
-	((isa) & SPSR_T_MASK) << SPSR_T_SHIFT |		\
-	((endian) & SPSR_E_MASK) << SPSR_E_SHIFT |	\
-	((aif) & SPSR_AIF_MASK) << SPSR_AIF_SHIFT) &	\
-	(~(SPSR_SSBS_BIT)))
+#define SPSR_MODE32(mode, isa, endian, aif) \
+( \
+	( \
+		(MODE_RW_32 << MODE_RW_SHIFT) | \
+		(((mode) & MODE32_MASK) << MODE32_SHIFT) | \
+		(((isa) & SPSR_T_MASK) << SPSR_T_SHIFT) | \
+		(((endian) & SPSR_E_MASK) << SPSR_E_SHIFT) | \
+		(((aif) & SPSR_AIF_MASK) << SPSR_AIF_SHIFT) \
+	) & \
+	(~(SPSR_SSBS_BIT)) \
+)
 
 /*
  * TTBR definitions

include/arch/aarch64/arch.h

@@ -264,8 +264,8 @@
 			 (U(1) << 22) | (U(1) << 18) | (U(1) << 16) | \
 			 (U(1) << 11) | (U(1) << 5) | (U(1) << 4))
 
-#define SCTLR_EL1_RES1	((U(1) << 29) | (U(1) << 28) | (U(1) << 23) | \
-			 (U(1) << 22) | (U(1) << 20) | (U(1) << 11))
+#define SCTLR_EL1_RES1	((UL(1) << 29) | (UL(1) << 28) | (UL(1) << 23) | \
+			 (UL(1) << 22) | (UL(1) << 20) | (UL(1) << 11))
 #define SCTLR_AARCH32_EL1_RES1 \
 			((U(1) << 23) | (U(1) << 22) | (U(1) << 11) | \
 			 (U(1) << 4) | (U(1) << 3))

include/lib/smccc.h

@@ -122,18 +122,18 @@
  */
 #define DEFINE_SVC_UUID2(_name, _tl, _tm, _th, _cl, _ch,		\
 		_n0, _n1, _n2, _n3, _n4, _n5)				\
-	CASSERT((uint32_t)(_tl) != (uint32_t) SMC_UNK, invalid_svc_uuid);\
+	CASSERT((uint32_t)(_tl) != (uint32_t)SMC_UNK, invalid_svc_uuid);\
 	static const uuid_t _name = {					\
-		{(_tl >> 24) & 0xFF,					\
-		 (_tl >> 16) & 0xFF,					\
-		 (_tl >> 8)  & 0xFF,					\
-		 (_tl & 0xFF)},						\
-		{(_tm >> 8) & 0xFF,					\
-		 (_tm  & 0xFF)},					\
-		{(_th >> 8) & 0xFF,					\
-		 (_th & 0xFF)},						\
-		_cl, _ch,						\
-		{ _n0, _n1, _n2, _n3, _n4, _n5 }			\
+		{((_tl) >> 24) & 0xFF,					\
+		 ((_tl) >> 16) & 0xFF,					\
+		 ((_tl) >> 8)  & 0xFF,					\
+		 ((_tl) & 0xFF)},					\
+		{((_tm) >> 8) & 0xFF,					\
+		 ((_tm)  & 0xFF)},					\
+		{((_th) >> 8) & 0xFF,					\
+		 ((_th) & 0xFF)},					\
+		(_cl), (_ch),						\
+		{ (_n0), (_n1), (_n2), (_n3), (_n4), (_n5) }		\
 	}
 
 /*

include/lib/utils_def.h

 /*
- * Copyright (c) 2016-2019, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2016-2020, ARM Limited and Contributors. All rights reserved.
  * Copyright (c) 2020, NVIDIA Corporation. All rights reserved.
  *
  * SPDX-License-Identifier: BSD-3-Clause
@@ -17,7 +17,7 @@
 #define IS_POWER_OF_TWO(x)			\
 	(((x) & ((x) - 1)) == 0)
 
-#define SIZE_FROM_LOG2_WORDS(n)		(4 << (n))
+#define SIZE_FROM_LOG2_WORDS(n)		(U(4) << (n))
 
 #define BIT_32(nr)			(U(1) << (nr))
 #define BIT_64(nr)			(ULL(1) << (nr))