1. 18 Aug, 2020 2 commits
    • Manish V Badarkhe's avatar
      runtime_exceptions: Update AT speculative workaround · 3b8456bd
      Manish V Badarkhe authored
      As per latest mailing communication [1], we decided to
      update AT speculative workaround implementation in order to
      disable page table walk for lower ELs(EL1 or EL0) immediately
      after context switching to EL3 from lower ELs.
      
      Previous implementation of AT speculative workaround is available
      here: 45aecff0
      
      AT speculative workaround is updated as below:
      1. Avoid saving and restoring of SCTLR and TCR registers for EL1
         in context save and restore routine respectively.
      2. On EL3 entry, save SCTLR and TCR registers for EL1.
      3. On EL3 entry, update EL1 system registers to disable stage 1
         page table walk for lower ELs (EL1 and EL0) and enable EL1
         MMU.
      4. On EL3 exit, restore SCTLR and TCR registers for EL1 which
         are saved in step 2.
      
      [1]:
      https://lists.trustedfirmware.org/pipermail/tf-a/2020-July/000586.html
      
      
      
      Change-Id: Iee8de16f81dc970a8f492726f2ddd57e7bd9ffb5
      Signed-off-by: default avatarManish V Badarkhe <Manish.Badarkhe@arm.com>
      3b8456bd
    • Manish V Badarkhe's avatar
      Add wrapper for AT instruction · 86ba5853
      Manish V Badarkhe authored
      
      
      In case of AT speculative workaround applied, page table walk
      is disabled for lower ELs (EL1 and EL0) in EL3.
      Hence added a wrapper function which temporarily enables page
      table walk to execute AT instruction for lower ELs and then
      disables page table walk.
      
      Execute AT instructions directly for lower ELs (EL1 and EL0)
      assuming page table walk is enabled always when AT speculative
      workaround is not applied.
      
      Change-Id: I4ad4c0bcbb761448af257e9f72ae979473c0dde8
      Signed-off-by: default avatarManish V Badarkhe <Manish.Badarkhe@arm.com>
      86ba5853
  2. 10 Aug, 2020 1 commit
    • Alexei Fedorov's avatar
      TF-A AMU extension: fix detection of group 1 counters. · f3ccf036
      Alexei Fedorov authored
      
      
      This patch fixes the bug when AMUv1 group1 counters was
      always assumed being implemented without checking for its
      presence which was causing exception otherwise.
      The AMU extension code was also modified as listed below:
      - Added detection of AMUv1 for ARMv8.6
      - 'PLAT_AMU_GROUP1_NR_COUNTERS' build option is removed and
      number of group1 counters 'AMU_GROUP1_NR_COUNTERS' is now
      calculated based on 'AMU_GROUP1_COUNTERS_MASK' value
      - Added bit fields definitions and access functions for
      AMCFGR_EL0/AMCFGR and AMCGCR_EL0/AMCGCR registers
      - Unification of amu.c Aarch64 and Aarch32 source files
      - Bug fixes and TF-A coding style compliant changes.
      
      Change-Id: I14e407be62c3026ebc674ec7045e240ccb71e1fb
      Signed-off-by: default avatarAlexei Fedorov <Alexei.Fedorov@arm.com>
      f3ccf036
  3. 12 Jun, 2020 1 commit
  4. 02 Jun, 2020 2 commits
    • Jimmy Brisson's avatar
      Enable ARMv8.6-ECV Self-Synch when booting to EL2 · 29d0ee54
      Jimmy Brisson authored
      
      
      Enhanced Counter Virtualization, ECV, is an architecture extension introduced
      in ARMv8.6. This extension allows the hypervisor, at EL2, to setup
      self-synchronizing views of the timers for it's EL1 Guests. This patch pokes the
      control register to enable this extension when booting a hypervisor at EL2.
      
      Change-Id: I4e929ecdf400cea17eff1de5cf8704aa7e40973d
      Signed-off-by: default avatarJimmy Brisson <jimmy.brisson@arm.com>
      29d0ee54
    • Jimmy Brisson's avatar
      Enable ARMv8.6-FGT when booting to EL2 · 110ee433
      Jimmy Brisson authored
      
      
      The Fine Grained Traps (FGT) architecture extension was added to aarch64 in
      ARMv8.6. This extension primarily allows hypervisors, at EL2, to trap specific
      instructions in a more fine grained manner, with an enable bit for each
      instruction. This patch adds support for this extension by enabling the
      extension when booting an hypervisor at EL2.
      
      Change-Id: Idb9013ed118b6a1b7b76287237096de992ca4da3
      Signed-off-by: default avatarJimmy Brisson <jimmy.brisson@arm.com>
      110ee433
  5. 26 May, 2020 1 commit
  6. 19 May, 2020 1 commit
    • johpow01's avatar
      Enable v8.6 WFE trap delays · 6cac724d
      johpow01 authored
      
      
      This patch enables the v8.6 extension to add a delay before WFE traps
      are taken. A weak hook plat_arm_set_twedel_scr_el3 has been added in
      plat/common/aarch64/plat_common.c that disables this feature by default
      but platform-specific code can override it when needed.
      
      The only hook provided sets the TWED fields in SCR_EL3, there are similar
      fields in HCR_EL2, SCTLR_EL2, and SCTLR_EL1 to control WFE trap delays in
      lower ELs but these should be configured by code running at EL2 and/or EL1
      depending on the platform configuration and is outside the scope of TF-A.
      Signed-off-by: default avatarJohn Powell <john.powell@arm.com>
      Change-Id: I0a9bb814205efeab693a3d0a0623e62144abba2d
      6cac724d
  7. 17 May, 2020 1 commit
    • Varun Wadekar's avatar
      Fix compilation error when ENABLE_PIE=1 · 1a04b2e5
      Varun Wadekar authored
      
      
      This patch fixes compilation errors when ENABLE_PIE=1.
      
      <snip>
      bl31/aarch64/bl31_entrypoint.S: Assembler messages:
      bl31/aarch64/bl31_entrypoint.S:61: Error: invalid operand (*UND* section) for `~'
      bl31/aarch64/bl31_entrypoint.S:61: Error: invalid immediate
      Makefile:1079: recipe for target 'build/tegra/t194/debug/bl31/bl31_entrypoint.o' failed
      <snip>
      
      Verified by setting 'ENABLE_PIE=1' for Tegra platform builds.
      Signed-off-by: default avatarVarun Wadekar <vwadekar@nvidia.com>
      Change-Id: Ifd184f89b86b4360fda86a6ce83fd8495f930bbc
      1a04b2e5
  8. 14 May, 2020 1 commit
    • Manish V Badarkhe's avatar
      Implement workaround for AT speculative behaviour · 45aecff0
      Manish V Badarkhe authored
      During context switching from higher EL (EL2 or higher)
      to lower EL can cause incorrect translation in TLB due to
      speculative execution of AT instruction using out-of-context
      translation regime.
      
      Workaround is implemented as below during EL's (EL1 or EL2)
      "context_restore" operation:
      1. Disable page table walk using SCTLR.M and TCR.EPD0 & EPD1
         bits for EL1 or EL2 (stage1 and stage2 disabled)
      2. Save all system registers except TCR and SCTLR (for EL1 and EL2)
      3. Do memory barrier operation (isb) to ensure all
         system register writes are done.
      4. Restore TCR and SCTLR registers (for EL1 and EL2)
      
      Errata details are available for various CPUs as below:
      Cortex-A76: 1165522
      Cortex-A72: 1319367
      Cortex-A57: 1319537
      Cortex-A55: 1530923
      Cortex-A53: 1530924
      
      More details can be found in mail-chain:
      https://lists.trustedfirmware.org/pipermail/tf-a/2020-April/000445.html
      
      
      
      Currently, Workaround is implemented as build option which is default
      disabled.
      Signed-off-by: default avatarManish V Badarkhe <Manish.Badarkhe@arm.com>
      Change-Id: If8545e61f782cb0c2dda7ffbaf50681c825bd2f0
      45aecff0
  9. 13 May, 2020 1 commit
    • Olivier Deprez's avatar
      SPMD: code/comments cleanup · 52696946
      Olivier Deprez authored
      As a follow-up to bdd2596d
      
      , and related to SPM Dispatcher
      EL3 component and SPM Core S-EL2/S-EL1 component: update
      with cosmetic and coding rules changes. In addition:
      -Add Armv8.4-SecEL2 arch detection helper.
      -Add an SPMC context (on current core) get helper.
      -Return more meaningful error return codes.
      -Remove complexity in few spmd_smc_handler switch-cases.
      -Remove unused defines and structures from spmd_private.h
      Signed-off-by: default avatarOlivier Deprez <olivier.deprez@arm.com>
      Change-Id: I99e642450b0dafb19d3218a2f0e2d3107e8ca3fe
      52696946
  10. 15 Apr, 2020 1 commit
  11. 07 Apr, 2020 1 commit
    • Masahiro Yamada's avatar
      locks: bakery: use is_dcache_enabled() helper · 11504163
      Masahiro Yamada authored
      
      
      bakery_lock_normal.c uses the raw register accessor, read_sctlr(_el3)
      to check whether the dcache is enabled.
      
      Using is_dcache_enabled() is cleaner, and a good abstraction for
      the library code like this.
      
      A problem is is_dcache_enabled() is declared in the local header,
      lib/xlat_tables_v2/xlat_tables_private.h
      
      I searched for a good place to declare this helper. Moving it to
      arch_helpers.h, closed to cache operation helpers, looks good enough
      to me.
      
      I also changed the type of 'is_cached' to bool for consistency,
      and to avoid MISRA warnings.
      
      Change-Id: I9b016f67bc8eade25c316aa9c0db0fa4cd375b79
      Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      11504163
  12. 03 Apr, 2020 1 commit
    • John Powell's avatar
      Fix MISRA C issues in BL1/BL2/BL31 · 3443a702
      John Powell authored
      
      
      Attempts to address MISRA compliance issues in BL1, BL2, and BL31 code.
      Mainly issues like not using boolean expressions in conditionals,
      conflicting variable names, ignoring return values without (void), adding
      explicit casts, etc.
      
      Change-Id: If1fa18ab621b9c374db73fa6eaa6f6e5e55c146a
      Signed-off-by: default avatarJohn Powell <john.powell@arm.com>
      3443a702
  13. 31 Mar, 2020 1 commit
    • Masahiro Yamada's avatar
      Add get_current_el_maybe_constant() · fd092be2
      Masahiro Yamada authored
      
      
      There are some cases where we want to run EL-dependent code in the
      shared code.
      
      We could use #ifdef, but it leaves slight possibility where we do not
      know the exception level at the build-time (e.g. library code).
      
      The counter approach is to use get_current_el(), but it is run-time
      detection, so all EL code is linked, some of which might be unneeded.
      
      This commit adds get_current_el_maybe_constant(). This is a static
      inline function that returns a constant value if we know the exception
      level at build-time. This is mostly the case.
      
          if (get_current_el_maybe_constant() == 1) {
                  /* do something for EL1 */
          } else if (get_current_el_maybe_constant() == 3) {
                  /* do something for EL3 */
          }
      
      If get_current_el_maybe_constant() is build-time constant, the compiler
      will optimize out the unreachable code.
      
      If such code is included from the library code, it is not built-time
      constant. In this case, it falls back to get_current_el(), so it still
      works.
      
      Change-Id: Idb03c20342a5b5173fe2d6b40e1fac7998675ad3
      Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      fd092be2
  14. 11 Mar, 2020 1 commit
  15. 06 Mar, 2020 1 commit
  16. 03 Mar, 2020 1 commit
    • Max Shvetsov's avatar
      SPMD: Adds partially supported EL2 registers. · 2825946e
      Max Shvetsov authored
      
      
      This patch adds EL2 registers that are supported up to ARMv8.6.
      ARM_ARCH_MINOR has to specified to enable save/restore routine.
      
      Note: Following registers are still not covered in save/restore.
       * AMEVCNTVOFF0<n>_EL2
       * AMEVCNTVOFF1<n>_EL2
       * ICH_AP0R<n>_EL2
       * ICH_AP1R<n>_EL2
       * ICH_LR<n>_EL2
      
      Change-Id: I4813f3243e56e21cb297b31ef549a4b38d4876e1
      Signed-off-by: default avatarMax Shvetsov <maksims.svecovs@arm.com>
      2825946e
  17. 02 Mar, 2020 1 commit
  18. 01 Mar, 2020 1 commit
  19. 21 Feb, 2020 1 commit
    • Yann Gautier's avatar
      el3_entrypoint_common: avoid overwriting arg3 · 30f31005
      Yann Gautier authored
      
      
      At each BL entry point, the registers r9 to r12 are used to save info from
      the previous BL parameters put in r0 to r3. But zeromem uses r12, leading
      to a corruption of arg3. Therefore this change copies r12 to r7 before
      zeromem() call and restores r12 afterwards. It may be better to save it
      in r7 in el3_arch_init_common and not at the entrypoint as r7 could be used
      in other functions, especially platform ones.
      This is a fix for Task T661.
      
      Change-Id: Icc11990c69b5d4c542d08aca1a77b1f754b61a53
      Signed-off-by: default avatarYann Gautier <yann.gautier@st.com>
      30f31005
  20. 20 Feb, 2020 1 commit
    • Varun Wadekar's avatar
      Tegra: delay_timer: support for physical secure timer · dd4f0885
      Varun Wadekar authored
      
      
      This patch modifies the delay timer driver to switch to the ARM
      secure physical timer instead of using Tegra's on-chip uS timer.
      
      The secure timer is not accessible to the NS world and so eliminates
      an important attack vector, where the Tegra timer source gets switched
      off from the NS world leading to a DoS attack for the trusted world.
      
      This timer is shared with the S-EL1 layer for now, but later patches
      will mark it as exclusive to the EL3 exception mode.
      
      Change-Id: I2c00f8cb4c48b25578971c626c314603906ad7cc
      Signed-off-by: default avatarVarun Wadekar <vwadekar@nvidia.com>
      dd4f0885
  21. 07 Feb, 2020 1 commit
    • Alexei Fedorov's avatar
      Make PAC demangling more generic · 68c76088
      Alexei Fedorov authored
      
      
      At the moment, address demangling is only used by the backtrace
      functionality. However, at some point, other parts of the TF-A
      codebase may want to use it.
      The 'demangle_address' function is replaced with a single XPACI
      instruction which is also added in 'do_crash_reporting()'.
      Signed-off-by: default avatarAlexei Fedorov <Alexei.Fedorov@arm.com>
      Change-Id: I4424dcd54d5bf0a5f9b2a0a84c4e565eec7329ec
      68c76088
  22. 22 Jan, 2020 1 commit
  23. 29 Dec, 2019 1 commit
    • Samuel Holland's avatar
      bl31: Split into two separate memory regions · f8578e64
      Samuel Holland authored
      
      
      Some platforms are extremely memory constrained and must split BL31
      between multiple non-contiguous areas in SRAM. Allow the NOBITS
      sections (.bss, stacks, page tables, and coherent memory) to be placed
      in a separate region of RAM from the loaded firmware image.
      
      Because the NOBITS region may be at a lower address than the rest of
      BL31, __RW_{START,END}__ and __BL31_{START,END}__ cannot include this
      region, or el3_entrypoint_common would attempt to invalidate the dcache
      for the entire address space. New symbols __NOBITS_{START,END}__ are
      added when SEPARATE_NOBITS_REGION is enabled, and the dcached for the
      NOBITS region is invalidated separately.
      Signed-off-by: default avatarSamuel Holland <samuel@sholland.org>
      Change-Id: Idedfec5e4dbee77e94f2fdd356e6ae6f4dc79d37
      f8578e64
  24. 12 Dec, 2019 1 commit
    • Manish Pandey's avatar
      PIE: make call to GDT relocation fixup generalized · da90359b
      Manish Pandey authored
      When a Firmware is complied as Position Independent Executable it needs
      to request GDT fixup by passing size of the memory region to
      el3_entrypoint_common macro.
      The Global descriptor table fixup will be done early on during cold boot
      process of primary core.
      
      Currently only BL31 supports PIE, but in future when BL2_AT_EL3 will be
      compiled as PIE, it can simply pass fixup size to the common el3
      entrypoint macro to fixup GDT.
      
      The reason for this patch was to overcome the bug introduced by SHA
      330ead80
      
       which called fixup routine for each core causing
      re-initializing of global pointers thus overwriting any changes
      done by the previous core.
      
      Change-Id: I55c792cc3ea9e7eef34c2e4653afd04572c4f055
      Signed-off-by: default avatarManish Pandey <manish.pandey2@arm.com>
      da90359b
  25. 06 Dec, 2019 2 commits
  26. 26 Nov, 2019 1 commit
  27. 07 Oct, 2019 1 commit
  28. 02 Oct, 2019 1 commit
  29. 26 Sep, 2019 1 commit
    • Alexei Fedorov's avatar
      AArch32: Disable Secure Cycle Counter · c3e8b0be
      Alexei Fedorov authored
      
      
      This patch changes implementation for disabling Secure Cycle
      Counter. For ARMv8.5 the counter gets disabled by setting
      SDCR.SCCD bit on CPU cold/warm boot. For the earlier
      architectures PMCR register is saved/restored on secure
      world entry/exit from/to Non-secure state, and cycle counting
      gets disabled by setting PMCR.DP bit.
      In 'include\aarch32\arch.h' header file new
      ARMv8.5-PMU related definitions were added.
      
      Change-Id: Ia8845db2ebe8de940d66dff479225a5b879316f8
      Signed-off-by: default avatarAlexei Fedorov <Alexei.Fedorov@arm.com>
      c3e8b0be
  30. 13 Sep, 2019 1 commit
    • Alexei Fedorov's avatar
      Refactor ARMv8.3 Pointer Authentication support code · ed108b56
      Alexei Fedorov authored
      
      
      This patch provides the following features and makes modifications
      listed below:
      - Individual APIAKey key generation for each CPU.
      - New key generation on every BL31 warm boot and TSP CPU On event.
      - Per-CPU storage of APIAKey added in percpu_data[]
        of cpu_data structure.
      - `plat_init_apiakey()` function replaced with `plat_init_apkey()`
        which returns 128-bit value and uses Generic timer physical counter
        value to increase the randomness of the generated key.
        The new function can be used for generation of all ARMv8.3-PAuth keys
      - ARMv8.3-PAuth specific code placed in `lib\extensions\pauth`.
      - New `pauth_init_enable_el1()` and `pauth_init_enable_el3()` functions
        generate, program and enable APIAKey_EL1 for EL1 and EL3 respectively;
        pauth_disable_el1()` and `pauth_disable_el3()` functions disable
        PAuth for EL1 and EL3 respectively;
        `pauth_load_bl31_apiakey()` loads saved per-CPU APIAKey_EL1 from
        cpu-data structure.
      - Combined `save_gp_pauth_registers()` function replaces calls to
        `save_gp_registers()` and `pauth_context_save()`;
        `restore_gp_pauth_registers()` replaces `pauth_context_restore()`
        and `restore_gp_registers()` calls.
      - `restore_gp_registers_eret()` function removed with corresponding
        code placed in `el3_exit()`.
      - Fixed the issue when `pauth_t pauth_ctx` structure allocated space
        for 12 uint64_t PAuth registers instead of 10 by removal of macro
        CTX_PACGAKEY_END from `include/lib/el3_runtime/aarch64/context.h`
        and assigning its value to CTX_PAUTH_REGS_END.
      - Use of MODE_SP_ELX and MODE_SP_EL0 macro definitions
        in `msr	spsel`  instruction instead of hard-coded values.
      - Changes in documentation related to ARMv8.3-PAuth and ARMv8.5-BTI.
      
      Change-Id: Id18b81cc46f52a783a7e6a09b9f149b6ce803211
      Signed-off-by: default avatarAlexei Fedorov <Alexei.Fedorov@arm.com>
      ed108b56
  31. 12 Sep, 2019 1 commit
  32. 11 Sep, 2019 1 commit
    • Justin Chadwell's avatar
      Add UBSAN support and handlers · 1f461979
      Justin Chadwell authored
      
      
      This patch adds support for the Undefined Behaviour sanitizer. There are
      two types of support offered - minimalistic trapping support which
      essentially immediately crashes on undefined behaviour and full support
      with full debug messages.
      
      The full support relies on ubsan.c which has been adapted from code used
      by OPTEE.
      
      Change-Id: I417c810f4fc43dcb56db6a6a555bfd0b38440727
      Signed-off-by: default avatarJustin Chadwell <justin.chadwell@arm.com>
      1f461979
  33. 09 Sep, 2019 1 commit
    • Justin Chadwell's avatar
      Enable MTE support in both secure and non-secure worlds · 9dd94382
      Justin Chadwell authored
      
      
      This patch adds support for the new Memory Tagging Extension arriving in
      ARMv8.5. MTE support is now enabled by default on systems that support
      at EL0. To enable it at ELx for both the non-secure and the secure
      world, the compiler flag CTX_INCLUDE_MTE_REGS includes register saving
      and restoring when necessary in order to prevent register leakage
      between the worlds.
      
      Change-Id: I2d4ea993d6b11654ea0d4757d00ca20d23acf36c
      Signed-off-by: default avatarJustin Chadwell <justin.chadwell@arm.com>
      9dd94382
  34. 21 Aug, 2019 1 commit
    • Alexei Fedorov's avatar
      AArch64: Disable Secure Cycle Counter · e290a8fc
      Alexei Fedorov authored
      
      
      This patch fixes an issue when secure world timing information
      can be leaked because Secure Cycle Counter is not disabled.
      For ARMv8.5 the counter gets disabled by setting MDCR_El3.SCCD
      bit on CPU cold/warm boot.
      For the earlier architectures PMCR_EL0 register is saved/restored
      on secure world entry/exit from/to Non-secure state, and cycle
      counting gets disabled by setting PMCR_EL0.DP bit.
      'include\aarch64\arch.h' header file was tided up and new
      ARMv8.5-PMU related definitions were added.
      
      Change-Id: I6f56db6bc77504634a352388990ad925a69ebbfa
      Signed-off-by: default avatarAlexei Fedorov <Alexei.Fedorov@arm.com>
      e290a8fc
  35. 16 Aug, 2019 1 commit
    • Alexei Fedorov's avatar
      FVP_Base_AEMv8A platform: Fix cache maintenance operations · ef430ff4
      Alexei Fedorov authored
      
      
      This patch fixes FVP_Base_AEMv8A model hang issue with
      ARMv8.4+ with cache modelling enabled configuration.
      Incorrect L1 cache flush operation to PoU, using CLIDR_EL1
      LoUIS field, which is required by the architecture to be
      zero for ARMv8.4-A with ARMv8.4-S2FWB feature is replaced
      with L1 to L2 and L2 to L3 (if L3 is present) cache flushes.
      FVP_Base_AEMv8A model can be configured with L3 enabled by
      setting `cluster0.l3cache-size` and `cluster1.l3cache-size`
      to non-zero values, and presence of L3 is checked in
      `aem_generic_core_pwr_dwn` function by reading
      CLIDR_EL1.Ctype3 field value.
      
      Change-Id: If3de3d4eb5ed409e5b4ccdbc2fe6d5a01894a9af
      Signed-off-by: default avatarAlexei Fedorov <Alexei.Fedorov@arm.com>
      ef430ff4
  36. 01 Aug, 2019 1 commit
    • Julius Werner's avatar
      Replace __ASSEMBLY__ with compiler-builtin __ASSEMBLER__ · d5dfdeb6
      Julius Werner authored
      
      
      NOTE: __ASSEMBLY__ macro is now deprecated in favor of __ASSEMBLER__.
      
      All common C compilers predefine a macro called __ASSEMBLER__ when
      preprocessing a .S file. There is no reason for TF-A to define it's own
      __ASSEMBLY__ macro for this purpose instead. To unify code with the
      export headers (which use __ASSEMBLER__ to avoid one extra dependency),
      let's deprecate __ASSEMBLY__ and switch the code base over to the
      predefined standard.
      
      Change-Id: Id7d0ec8cf330195da80499c68562b65cb5ab7417
      Signed-off-by: default avatarJulius Werner <jwerner@chromium.org>
      d5dfdeb6
  37. 24 Jul, 2019 1 commit
    • John Tsichritzis's avatar
      SSBS: init SPSR register with default SSBS value · c250cc3b
      John Tsichritzis authored
      
      
      This patch introduces an additional precautionary step to further
      enhance protection against variant 4. During the context initialisation
      before we enter the various BL stages, the SPSR.SSBS bit is explicitly
      set to zero. As such, speculative loads/stores are by default disabled
      for all BL stages when they start executing. Subsequently, each BL
      stage, can choose to enable speculative loads/stores or keep them
      disabled.
      
      This change doesn't affect the initial execution context of BL33 which
      is totally platform dependent and, thus, it is intentionally left up to
      each platform to initialise.
      
      For Arm platforms, SPSR.SSBS is set to zero for BL33 too. This means
      that, for Arm platforms, all BL stages start with speculative
      loads/stores disabled.
      
      Change-Id: Ie47d39c391d3f20fc2852fc59dbd336f8cacdd6c
      Signed-off-by: default avatarJohn Tsichritzis <john.tsichritzis@arm.com>
      c250cc3b