Merge changes Idb78cba3,Iee5cbea5,I46a7ad12 into integration

* changes:
  fix(rmm): add 'ipa_bound' check
  fix(rmm): add 'level_bound' failure condition
  fix(rmm): fix static_checks warnings and errors

docs/about/change-log.rst

@@ -49,7 +49,7 @@ Build/Testing improvements
   attestation initialization flow. Also a sample minimal Realm create, run and
   destroy sequence is added to showcase the RMI calls involved.
 
-- Further improvements to the the unit test framework :
+- Further improvements to the unit test framework :
 
   * Restore the sysreg state between test runs so each test gets a known
     sysreg state.

lib/attestation/include/attestation_token.h

@@ -113,9 +113,9 @@ attest_realm_token_sign(struct attest_token_encode_ctx *me,
  * Combine realm token and platform token to top-level cca token
  *
  * attest_token_buf		Pointer to the buffer where the token will be
- * 				written.
+ *				written.
  * attest_token_buf_size	Size of the buffer where the token will be
- * 				written.
+ *				written.
  * realm_token_buf	Pointer to the realm token.
  * realm_token_len	Length of the realm token.
  *

lib/attestation/src/attestation_rnd.c

@@ -55,8 +55,8 @@ static int get_random_seed(unsigned char *output, size_t len)
  * For details see `MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG` in mbedtls/mbedtls_config.h
  */
 psa_status_t mbedtls_psa_external_get_random(
-    mbedtls_psa_external_random_context_t *context,
-    uint8_t *output, size_t output_size, size_t *output_length)
+	mbedtls_psa_external_random_context_t *context,
+	uint8_t *output, size_t output_size, size_t *output_length)
 {
 	int ret;
 	unsigned int cpu_id = my_cpuid();

lib/measurement/src/measurement.c

@@ -15,6 +15,7 @@ static void measurement_print(unsigned char *measurement,
 			      const enum hash_algo algorithm)
 {
 	unsigned int size = 0U;
+
 	assert(measurement != NULL);
 
 	VERBOSE("Measurement ");

lib/realm/src/buffer.c

@@ -227,9 +227,6 @@ void buffer_unmap(void *buf)
 	buffer_arch_unmap(buf);
 }
 
-bool memcpy_ns_read(void *dest, const void *ns_src, size_t size);
-bool memcpy_ns_write(void *ns_dest, const void *src, size_t size);
-
 /*
  * Map a Non secure granule @g into the slot @slot and read data from
  * this granule to @dest. Unmap the granule once the read is done.

lib/realm/src/include/buffer_private.h

@@ -21,3 +21,5 @@
 
 struct xlat_llt_info *get_cached_llt_info(void);
 uintptr_t slot_to_va(enum buffer_slot slot);
+bool memcpy_ns_read(void *dest, const void *ns_src, size_t size);
+bool memcpy_ns_write(void *ns_dest, const void *src, size_t size);

lib/xlat/src/xlat_tables_core.c

@@ -125,15 +125,13 @@ static action_t xlat_tables_map_region_action(const struct xlat_mmap_region *mm,
 				 * overwrite.
 				 */
 				return ACTION_NONE;
-			} else {
-				if (desc_type != INVALID_DESC) {
-					ERROR("%s (%u): Expected invalid descriptor\n",
-						__func__, __LINE__);
-					panic();
-				}
-				return ACTION_WRITE_BLOCK_ENTRY;
 			}
-
+			if (desc_type != INVALID_DESC) {
+				ERROR("%s (%u): Expected invalid descriptor\n",
+					__func__, __LINE__);
+				panic();
+			}
+			return ACTION_WRITE_BLOCK_ENTRY;
 		} else {
 
 			/*

plat/fvp/src/include/fvp_dram.h

@@ -6,9 +6,9 @@
 #ifndef FVP_DRAM_H
 #define FVP_DRAM_H
 
+#include <rmm_el3_ifc.h>
 #include <stddef.h>
 #include <stdint.h>
-#include <rmm_el3_ifc.h>
 
 /* Maximum number of DRAM banks supported */
 #define MAX_DRAM_NUM_BANKS	2UL

plat/host/host_test/src/test_helpers.c

@@ -17,10 +17,6 @@
 #include <utest_exit.h>
 #include <xlat_tables.h>
 
-/* Implemented in init.c and needed here */
-void rmm_warmboot_main(void);
-void rmm_main(void);
-
 /*
  * Define and set the Boot Interface arguments.
  */

plat/host/host_test/src/test_private.h

@@ -13,4 +13,8 @@
  */
 uintptr_t get_cb(enum cb_ids id);
 
+/* Implemented in init.c and needed in test_helpers.c */
+void rmm_warmboot_main(void);
+void rmm_main(void);
+
 #endif /* TEST_PRIVATE_H */

plat/host/host_test/src/utest_exit.cpp

@@ -16,5 +16,4 @@ extern "C" {
 	{
 		TEST_EXIT;
 	}
-
 }

runtime/rmi/rtt.c

@@ -709,6 +709,10 @@ unsigned long smc_rtt_map_unprotected(unsigned long rd_addr,
 	long level = (long)ulevel;
 	struct smc_result res;
 
+	if ((level < RTT_MIN_BLOCK_LEVEL) || (level > RTT_PAGE_LEVEL)) {
+		return RMI_ERROR_INPUT;
+	}
+
 	if (!host_ns_s2tte_is_valid(s2tte, level)) {
 		return RMI_ERROR_INPUT;
 	}
@@ -722,7 +726,14 @@ void smc_rtt_unmap_unprotected(unsigned long rd_addr,
 				unsigned long ulevel,
 				struct smc_result *res)
 {
-	return map_unmap_ns(rd_addr, map_addr, (long)ulevel, 0UL, UNMAP_NS, res);
+	long level = (long)ulevel;
+
+	if ((level < RTT_MIN_BLOCK_LEVEL) || (level > RTT_PAGE_LEVEL)) {
+		res->x[0] = RMI_ERROR_INPUT;
+		return;
+	}
+
+	map_unmap_ns(rd_addr, map_addr, level, 0UL, UNMAP_NS, res);
 }
 
 void smc_rtt_read_entry(unsigned long rd_addr,
@@ -1011,7 +1022,8 @@ void smc_data_destroy(unsigned long rd_addr,
 	rd = granule_map(g_rd, SLOT_RD);
 	assert(rd != NULL);
 
-	if (!validate_map_addr(map_addr, RTT_PAGE_LEVEL, rd)) {
+	if (!addr_in_par(rd, map_addr) ||
+	    !validate_map_addr(map_addr, RTT_PAGE_LEVEL, rd)) {
 		buffer_unmap(rd);
 		granule_unlock(g_rd);
 		res->x[0] = RMI_ERROR_INPUT;

runtime/rmi/run.c

@@ -215,13 +215,11 @@ unsigned long smc_rec_enter(unsigned long rec_addr,
 	case REALM_STATE_NEW:
 		ret = pack_return_code(RMI_ERROR_REALM, 0U);
 		goto out_unmap_buffers;
-		break;
 	case REALM_STATE_ACTIVE:
 		break;
 	case REALM_STATE_SYSTEM_OFF:
 		ret = pack_return_code(RMI_ERROR_REALM, 1U);
 		goto out_unmap_buffers;
-		break;
 	default:
 		assert(false);
 		break;

runtime/rsi/psci.c

@@ -111,6 +111,7 @@ static unsigned long rd_map_read_rec_count(struct granule *g_rd)
 {
 	unsigned long rec_count;
 	struct rd *rd = granule_map(g_rd, SLOT_RD);
+
 	assert(rd != NULL);
 
 	rec_count = get_rd_rec_count_unlocked(rd);