1. 13 Dec, 2016 1 commit
    • Antonio Nino Diaz's avatar
      Add PLAT_xxx_ADDR_SPACE_SIZE definitions · 0029624f
      Antonio Nino Diaz authored
      
      
      Added the definitions `PLAT_PHY_ADDR_SPACE_SIZE` and
      `PLAT_VIRT_ADDR_SPACE_SIZE` which specify respectively the physical
      and virtual address space size a platform can use.
      
      `ADDR_SPACE_SIZE` is now deprecated. To maintain compatibility, if any
      of the previous defines aren't present, the value of `ADDR_SPACE_SIZE`
      will be used instead.
      
      For AArch64, register ID_AA64MMFR0_EL1 is checked to calculate the
      max PA supported by the hardware and to verify that the previously
      mentioned definition is valid. For AArch32, a 40 bit physical
      address space is considered.
      
      Added asserts to check for overflows.
      
      Porting guide updated.
      
      Change-Id: Ie8ce1da5967993f0c94dbd4eb9841fc03d5ef8d6
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      0029624f
  2. 22 Nov, 2016 1 commit
  3. 17 Nov, 2016 1 commit
    • Douglas Raillard's avatar
      Docs: Clarify IRQ/FIQ handler API in Interrupt Design Guide · 94a8ca24
      Douglas Raillard authored
      
      
      The API description currently states that interrupt handlers
      (interrupt_type_handler_t pointers) SHOULD return a pointer
      to the target cpu_context.
      
      This patch rewords the description of the interrupts handlers to state
      that it MUST return a pointer to the target security context. It also
      warns about potential portability issue. Specifically, this pointer is
      not used on AArch64 and calls to context library APIs must be used to
      ask BL31 to return to a specific context. However, this could change in
      the future and interrupt handlers must always return the pointer.
      
      Change-Id: I3f82a046de4d7a5b51a8cbebe7eb2a00dbbdb4f0
      Signed-off-by: default avatarDouglas Raillard <douglas.raillard@arm.com>
      94a8ca24
  4. 14 Nov, 2016 2 commits
  5. 08 Nov, 2016 2 commits
  6. 03 Nov, 2016 2 commits
  7. 24 Oct, 2016 1 commit
  8. 13 Oct, 2016 2 commits
  9. 12 Oct, 2016 2 commits
    • dp-arm's avatar
      PMF: Add documentation · 514a94c2
      dp-arm authored
      
      
      Add a Performance Measurement Framework (PMF) section
      to the firmware design document.
      
      Change-Id: I5953bd3b1067501f190164c8827d2b0d8022fc0b
      Signed-off-by: default avatardp-arm <dimitris.papastamos@arm.com>
      514a94c2
    • Antonio Nino Diaz's avatar
      Fix documentation of bootwrapper boot on juno · 7486eb04
      Antonio Nino Diaz authored
      
      
      The user guide incorrectly claimed that it is possible to load a
      bootwrapped kernel over JTAG on Juno in the same manner as an EL3
      payload. In the EL3 payload boot flow, some of the platform
      initialisations in BL2 are modified. In particular, the TZC settings
      are modified to allow unrestricted access to DRAM. This in turn allows
      the debugger to access the DRAM and therefore to load the image there.
      
      In the BL33-preloaded boot flow though, BL2 uses the default TZC
      programming, which prevent access to most of the DRAM from secure state.
      When execution reaches the SPIN_ON_BL1_EXIT loop, the MMU is disabled
      and thus DS-5 presumably issues secure access transactions while trying
      to load the image, which fails.
      
      One way around it is to stop execution at the end of BL2 instead. At
      this point, the MMU is still enabled and the DRAM is mapped as
      non-secure memory. Therefore, the debugger is allowed to access this
      memory in this context and to sucessfully load the bootwrapped kernel in
      DRAM. The user guide is updated to suggest this alternative method.
      Co-Authored-By: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
      Signed-off-by: default avatarDan Handley <dan.handley@arm.com>
      
      Change-Id: I537ea1c6d2f96edc06bc3f512e770c748bcabe94
      7486eb04
  10. 11 Oct, 2016 3 commits
    • Soby Mathew's avatar
      AArch32: Update user-guide and add DTBs · 5e21d795
      Soby Mathew authored
      This patch adds necessary updates for building and running Trusted
      Firmware for AArch32 to user-guide.md. The instructions for running
      on both `FVP_Base_AEMv8A-AEMv8A` in AArch32 mode and
      `FVP_Base_Cortex-A32x4` models are added. The device tree files for
      AArch32 Linux kernel are also added in the `fdts` folder.
      
      Change-Id: I0023b6b03e05f32637cb5765fdeda8c8df2d0d3e
      5e21d795
    • Yatharth Kochar's avatar
      AArch32: Update firmware-design.md · 9a3236ea
      Yatharth Kochar authored
      This patch updates the firmware-design.md for AArch32 related changes.
      
      Change-Id: Idf392a44861ab9c1f59f3de4f3435f508b17c678
      9a3236ea
    • Jeenu Viswambharan's avatar
      Docs: Rename duplicate title in porting guide · ec2653a7
      Jeenu Viswambharan authored
      Fix one of the two titles that ended up being the same, although both
      describe different things.
      
      Change-Id: I66ecf369643709898ee4c014659d8f85c0480643
      ec2653a7
  11. 28 Sep, 2016 1 commit
    • Soby Mathew's avatar
      Docs: Add the PSCI library integration guide · 9e534b20
      Soby Mathew authored
      This patch adds the PSCI library integration guide for AArch32 ARMv8-A
      systems `psci-lib-integration-guide.md` to the documentation. The
      patch also adds appropriate reference to the new document in
      the `firmware-design.md` document.
      
      Change-Id: I2d5b5c6b612452371713399702e318e3c73a8ee0
      9e534b20
  12. 27 Sep, 2016 1 commit
    • Sandrine Bailleux's avatar
      Upgrade Linaro release, FVPs and mbed TLS versions · 605a4fc7
      Sandrine Bailleux authored
      This patch updates the User Guide to recommend the latest version
      of some of the software dependencies of ARM Trusted Firmware.
      
       - Upgrade Linaro release:     16.02 -> 16.06
      
       - Upgrade FVPs
          - Foundation v8 FVP:       9.5 -> 10.1
          - Base FVPs:               7.6 -> 7.7
      
       - Upgrade mbed TLS library:   2.2.0 -> 2.2.1
      
      Note that the latest release of mbed TLS as of today is 2.3.0 but it has
      compilations issues with the set of library configuration options that
      Trusted Firmware uses. 2.2.1 is the next most recent release known to
      build with TF.
      
      This patch also fixes the markdown formatting of a link in the
      User Guide.
      
      Change-Id: Ieb7dd336f4d3110fba060afec4ad580ae707a8f1
      605a4fc7
  13. 21 Sep, 2016 1 commit
    • Yatharth Kochar's avatar
      AArch32: Common changes needed for BL1/BL2 · 1a0a3f06
      Yatharth Kochar authored
      This patch adds common changes to support AArch32 state in
      BL1 and BL2. Following are the changes:
      
      * Added functions for disabling MMU from Secure state.
      * Added AArch32 specific SMC function.
      * Added semihosting support.
      * Added reporting of unhandled exceptions.
      * Added uniprocessor stack support.
      * Added `el3_entrypoint_common` macro that can be
        shared by BL1 and BL32 (SP_MIN) BL stages. The
        `el3_entrypoint_common` is similar to the AArch64
        counterpart with the main difference in the assembly
        instructions and the registers that are relevant to
        AArch32 execution state.
      * Enabled `LOAD_IMAGE_V2` flag in Makefile for
        `ARCH=aarch32` and added check to make sure that
        platform has not overridden to disable it.
      
      Change-Id: I33c6d8dfefb2e5d142fdfd06a0f4a7332962e1a3
      1a0a3f06
  14. 20 Sep, 2016 2 commits
    • Yatharth Kochar's avatar
      Add new version of image loading. · 72600226
      Yatharth Kochar authored
      This patch adds capability to load BL images based on image
      descriptors instead of hard coded way of loading BL images.
      This framework is designed such that it can be readily adapted
      by any BL stage that needs to load images.
      
      In order to provide the above capability the following new
      platform functions are introduced:
      
        bl_load_info_t *plat_get_bl_image_load_info(void);
          This function returns pointer to the list of images that the
          platform has populated to load.
      
        bl_params_t *plat_get_next_bl_params(void);
          This function returns a pointer to the shared memory that the
          platform has kept aside to pass trusted firmware related
          information that next BL image needs.
      
        void plat_flush_next_bl_params(void);
          This function flushes to main memory all the params that
          are passed to next image.
      
        int bl2_plat_handle_post_image_load(unsigned int image_id)
          This function can be used by the platforms to update/use
          image information for given `image_id`.
      
      `desc_image_load.c` contains utility functions which can be used
      by the platforms to generate, load and executable, image list
      based on the registered image descriptors.
      
      This patch also adds new version of `load_image/load_auth_image`
      functions in-order to achieve the above capability.
      
      Following are the changes for the new version as compared to old:
        - Refactor the signature and only keep image_id and image_info_t
          arguments. Removed image_base argument as it is already passed
          through image_info_t. Given that the BL image base addresses and
          limit/size are already provided by the platforms, the meminfo_t
          and entry_point_info arguments are not needed to provide/reserve
          the extent of free memory for the given BL image.
      
        - Added check for the image size against the defined max size.
          This is needed because the image size could come from an
          unauthenticated source (e.g. the FIP header).
          To make this check, new member is added to the image_info_t
          struct for identifying the image maximum size.
      
      New flag `LOAD_IMAGE_V2` is added in the Makefile.
      Default value is 0.
      
      NOTE: `TRUSTED_BOARD_BOOT` is currently not supported when
            `LOAD_IMAGE_V2` is enabled.
      
      Change-Id: Ia7b643f4817a170d5a2fbf479b9bc12e63112e79
      72600226
    • Haojian Zhuang's avatar
      Document: add PLAT_PARTITION_MAX_ENTRIES define · 7813aae4
      Haojian Zhuang authored
      
      
      Partition driver requires the "PLAT_PARTITION_MAX_ENTRIES" definition.
      
      By default, it's defined to 128 in partition driver. But it costs a lot
      of memory, and only a few partition entries are really used in platform
      partition table. If user wants use memory efficiently, user should
      define the build flag in platform.mk instead.
      Signed-off-by: default avatarHaojian Zhuang <haojian.zhuang@linaro.org>
      7813aae4
  15. 15 Sep, 2016 1 commit
    • Jeenu Viswambharan's avatar
      PSCI: Add support for PSCI NODE_HW_STATE API · 28d3d614
      Jeenu Viswambharan authored
      This patch adds support for NODE_HW_STATE PSCI API by introducing a new
      PSCI platform hook (get_node_hw_state). The implementation validates
      supplied arguments, and then invokes this platform-defined hook and
      returns its result to the caller. PSCI capabilities are updated
      accordingly.
      
      Also updates porting and firmware design guides.
      
      Change-Id: I808e55bdf0c157002a7c104b875779fe50a68a30
      28d3d614
  16. 12 Sep, 2016 1 commit
    • dp-arm's avatar
      fiptool: Add support for printing the sha256 digest with info command · 9df69ba3
      dp-arm authored
      This feature allows one to quickly verify that the expected
      image is contained in the FIP without extracting the image and
      running sha256sum(1) on it.
      
      The sha256 digest is only shown when the verbose flag is used.
      
      This change requires libssl-dev to be installed in order to build
      Trusted Firmware. Previously, libssl-dev was optionally needed only
      to support Trusted Board Boot configurations.
      
      Fixes ARM-Software/tf-issues#124
      
      Change-Id: Ifb1408d17f483d482bb270a589ee74add25ec5a6
      9df69ba3
  17. 16 Aug, 2016 1 commit
  18. 15 Aug, 2016 1 commit
    • Soby Mathew's avatar
      AArch32: Enable build at top level Makefile for FVP · 9d29c227
      Soby Mathew authored
      This patch enables the AArch32 build including SP_MIN in the
      top level Makefile. The build flag `ARCH` now can specify either
      `aarch64`(default) or `aarch32`. Currently only FVP AEM model is
      supported for AArch32 build. Another new build flag `AARCH32_SP`
      is introduced to specify the AArch32 secure payload to be built.
      
      Change-Id: Ie1198cb9e52d7da1b79b93243338fc3868b08faa
      9d29c227
  19. 29 Jul, 2016 1 commit
    • dp-arm's avatar
      Replace fip_create with fiptool · 819281ee
      dp-arm authored
      fiptool provides a more consistent and intuitive interface compared to
      the fip_create program.  It serves as a better base to build on more
      features in the future.
      
      fiptool supports various subcommands.  Below are the currently
      supported subcommands:
      
      1) info   - List the images contained in a FIP file.
      2) create - Create a new FIP file with the given images.
      3) update - Update an existing FIP with the given images.
      4) unpack - Extract a selected set or all the images from a FIP file.
      5) remove - Remove images from a FIP file.  This is a new command that
         was not present in fip_create.
      
      To create a new FIP file, replace "fip_create" with "fiptool create".
      
      To update a FIP file, replace "fip_create" with "fiptool update".
      
      To dump the contents of a FIP file, replace "fip_create --dump" with
      "fiptool info".
      
      A compatibility script that emulates the basic functionality of
      fip_create is provided.  Existing scripts might or might not work with
      the compatibility script.  Users are strongly encouraged to migrate to
      fiptool.
      
      Fixes ARM-Software/tf-issues#87
      Fixes ARM-Software/tf-issues#108
      Fixes ARM-Software/tf-issues#361
      
      Change-Id: I7ee4da7ac60179cc83cf46af890fd8bc61a53330
      819281ee
  20. 28 Jul, 2016 1 commit
  21. 25 Jul, 2016 1 commit
    • Antonio Nino Diaz's avatar
      ARM platforms: Define common image sizes · 0289970d
      Antonio Nino Diaz authored
      Compile option `ARM_BOARD_OPTIMISE_MMAP` has been renamed to
      `ARM_BOARD_OPTIMISE_MEM` because it now applies not only to defines
      related to the translation tables but to the image size as well.
      
      The defines `PLAT_ARM_MAX_BL1_RW_SIZE`, `PLAT_ARM_MAX_BL2_SIZE` and
      `PLAT_ARM_MAX_BL31_SIZE` have been moved to the file board_arm_def.h.
      This way, ARM platforms no longer have to set their own values if
      `ARM_BOARD_OPTIMISE_MEM=0` and they can specify optimized values
      otherwise. The common sizes have been set to the highest values used
      for any of the current build configurations.
      
      This is needed because in some build configurations some images are
      running out of space. This way there is a common set of values known
      to work for all of them and it can be optimized for each particular
      platform if needed.
      
      The space reserved for BL2 when `TRUSTED_BOARD_BOOT=0` has been
      increased. This is needed because when memory optimisations are
      disabled the values for Juno of `PLAT_ARM_MMAP_ENTRIES` and
      `MAX_XLAT_TABLES` are higher. If in this situation the code is
      compiled in debug mode and with "-O0", the code won't fit.
      
      Change-Id: I70a3d8d3a0b0cad1d6b602c01a7ea334776e718e
      0289970d
  22. 19 Jul, 2016 1 commit
    • Soby Mathew's avatar
      Introduce PSCI Library Interface · cf0b1492
      Soby Mathew authored
      This patch introduces the PSCI Library interface. The major changes
      introduced are as follows:
      
      * Earlier BL31 was responsible for Architectural initialization during cold
      boot via bl31_arch_setup() whereas PSCI was responsible for the same during
      warm boot. This functionality is now consolidated by the PSCI library
      and it does Architectural initialization via psci_arch_setup() during both
      cold and warm boots.
      
      * Earlier the warm boot entry point was always `psci_entrypoint()`. This was
      not flexible enough as a library interface. Now PSCI expects the runtime
      firmware to provide the entry point via `psci_setup()`. A new function
      `bl31_warm_entrypoint` is introduced in BL31 and the previous
      `psci_entrypoint()` is deprecated.
      
      * The `smc_helpers.h` is reorganized to separate the SMC Calling Convention
      defines from the Trusted Firmware SMC helpers. The former is now in a new
      header file `smcc.h` and the SMC helpers are moved to Architecture specific
      header.
      
      * The CPU context is used by PSCI for context initialization and
      restoration after power down (PSCI Context). It is also used by BL31 for SMC
      handling and context management during Normal-Secure world switch (SMC
      Context). The `psci_smc_handler()` interface is redefined to not use SMC
      helper macros thus enabling to decouple the PSCI context from EL3 runtime
      firmware SMC context. This enables PSCI to be integrated with other runtime
      firmware using a different SMC context.
      
      NOTE: With this patch the architectural setup done in `bl31_arch_setup()`
      is done as part of `psci_setup()` and hence `bl31_platform_setup()` will be
      invoked prior to architectural setup. It is highly unlikely that the platform
      setup will depend on architectural setup and cause any failure. Please be
      be aware of this change in sequence.
      
      Change-Id: I7f497a08d33be234bbb822c28146250cb20dab73
      cf0b1492
  23. 18 Jul, 2016 2 commits
    • Soby Mathew's avatar
      Introduce `el3_runtime` and `PSCI` libraries · 532ed618
      Soby Mathew authored
      This patch moves the PSCI services and BL31 frameworks like context
      management and per-cpu data into new library components `PSCI` and
      `el3_runtime` respectively. This enables PSCI to be built independently from
      BL31. A new `psci_lib.mk` makefile is introduced which adds the relevant
      PSCI library sources and gets included by `bl31.mk`. Other changes which
      are done as part of this patch are:
      
      * The runtime services framework is now moved to the `common/` folder to
        enable reuse.
      * The `asm_macros.S` and `assert_macros.S` helpers are moved to architecture
        specific folder.
      * The `plat_psci_common.c` is moved from the `plat/common/aarch64/` folder
        to `plat/common` folder. The original file location now has a stub which
        just includes the file from new location to maintain platform compatibility.
      
      Most of the changes wouldn't affect platform builds as they just involve
      changes to the generic bl1.mk and bl31.mk makefiles.
      
      NOTE: THE `plat_psci_common.c` FILE HAS MOVED LOCATION AND THE STUB FILE AT
      THE ORIGINAL LOCATION IS NOW DEPRECATED. PLATFORMS SHOULD MODIFY THEIR
      MAKEFILES TO INCLUDE THE FILE FROM THE NEW LOCATION.
      
      Change-Id: I6bd87d5b59424995c6a65ef8076d4fda91ad5e86
      532ed618
    • Soby Mathew's avatar
      Rework type usage in Trusted Firmware · 4c0d0390
      Soby Mathew authored
      This patch reworks type usage in generic code, drivers and ARM platform files
      to make it more portable. The major changes done with respect to
      type usage are as listed below:
      
      * Use uintptr_t for storing address instead of uint64_t or unsigned long.
      * Review usage of unsigned long as it can no longer be assumed to be 64 bit.
      * Use u_register_t for register values whose width varies depending on
        whether AArch64 or AArch32.
      * Use generic C types where-ever possible.
      
      In addition to the above changes, this patch also modifies format specifiers
      in print invocations so that they are AArch64/AArch32 agnostic. Only files
      related to upcoming feature development have been reworked.
      
      Change-Id: I9f8c78347c5a52ba7027ff389791f1dad63ee5f8
      4c0d0390
  24. 08 Jul, 2016 2 commits
    • Sandrine Bailleux's avatar
      Introduce SEPARATE_CODE_AND_RODATA build flag · 5d1c104f
      Sandrine Bailleux authored
      At the moment, all BL images share a similar memory layout: they start
      with their code section, followed by their read-only data section.
      The two sections are contiguous in memory. Therefore, the end of the
      code section and the beginning of the read-only data one might share
      a memory page. This forces both to be mapped with the same memory
      attributes. As the code needs to be executable, this means that the
      read-only data stored on the same memory page as the code are
      executable as well. This could potentially be exploited as part of
      a security attack.
      
      This patch introduces a new build flag called
      SEPARATE_CODE_AND_RODATA, which isolates the code and read-only data
      on separate memory pages. This in turn allows independent control of
      the access permissions for the code and read-only data.
      
      This has an impact on memory footprint, as padding bytes need to be
      introduced between the code and read-only data to ensure the
      segragation of the two. To limit the memory cost, the memory layout
      of the read-only section has been changed in this case.
      
       - When SEPARATE_CODE_AND_RODATA=0, the layout is unchanged, i.e.
         the read-only section still looks like this (padding omitted):
      
         |        ...        |
         +-------------------+
         | Exception vectors |
         +-------------------+
         |  Read-only data   |
         +-------------------+
         |       Code        |
         +-------------------+ BLx_BASE
      
         In this case, the linker script provides the limits of the whole
         read-only section.
      
       - When SEPARATE_CODE_AND_RODATA=1, the exception vectors and
         read-only data are swapped, such that the code and exception
         vectors are contiguous, followed by the read-only data. This
         gives the following new layout (padding omitted):
      
         |        ...        |
         +-------------------+
         |  Read-only data   |
         +-------------------+
         | Exception vectors |
         +-------------------+
         |       Code        |
         +-------------------+ BLx_BASE
      
         In this case, the linker script now exports 2 sets of addresses
         instead: the limits of the code and the limits of the read-only
         data. Refer to the Firmware Design guide for more details. This
         provides platform code with a finer-grained view of the image
         layout and allows it to map these 2 regions with the appropriate
         access permissions.
      
      Note that SEPARATE_CODE_AND_RODATA applies to all BL images.
      
      Change-Id: I936cf80164f6b66b6ad52b8edacadc532c935a49
      5d1c104f
    • Sandrine Bailleux's avatar
      BL1: Add linker symbol identifying end of ROM content · c02fcc4a
      Sandrine Bailleux authored
      This patch adds a new linker symbol in BL1's linker script named
      '__BL1_ROM_END__', which marks the end of BL1's ROM content. This
      covers BL1's code, read-only data and read-write data to relocate
      in Trusted SRAM. The address of this new linker symbol is exported
      to C code through the 'BL1_ROM_END' macro.
      
      The section related to linker symbols in the Firmware Design guide
      has been updated and improved.
      
      Change-Id: I5c442ff497c78d865ffba1d7d044511c134e11c7
      c02fcc4a
  25. 16 Jun, 2016 2 commits
    • Yatharth Kochar's avatar
      Add optional PSCI STAT residency & count functions · 170fb93d
      Yatharth Kochar authored
      This patch adds following optional PSCI STAT functions:
      
      - PSCI_STAT_RESIDENCY: This call returns the amount of time spent
        in power_state in microseconds, by the node represented by the
        `target_cpu` and the highest level of `power_state`.
      
      - PSCI_STAT_COUNT: This call returns the number of times a
        `power_state` has been used by the node represented by the
        `target_cpu` and the highest power level of `power_state`.
      
      These APIs provides residency statistics for power states that has
      been used by the platform. They are implemented according to v1.0
      of the PSCI specification.
      
      By default this optional feature is disabled in the PSCI
      implementation. To enable it, set the boolean flag
      `ENABLE_PSCI_STAT` to 1. This also sets `ENABLE_PMF` to 1.
      
      Change-Id: Ie62e9d37d6d416ccb1813acd7f616d1ddd3e8aff
      170fb93d
    • Yatharth Kochar's avatar
      Add Performance Measurement Framework(PMF) · a31d8983
      Yatharth Kochar authored
      This patch adds Performance Measurement Framework(PMF) in the
      ARM Trusted Firmware. PMF is implemented as a library and the
      SMC interface is provided through ARM SiP service.
      
      The PMF provides capturing, storing, dumping and retrieving the
      time-stamps, by enabling the development of services by different
      providers, that can be easily integrated into ARM Trusted Firmware.
      The PMF capture and retrieval APIs can also do appropriate cache
      maintenance operations to the timestamp memory when the caller
      indicates so.
      
      `pmf_main.c` consists of core functions that implement service
      registration, initialization, storing, dumping and retrieving
      the time-stamp.
      `pmf_smc.c` consists SMC handling for registered PMF services.
      `pmf.h` consists of the macros that can be used by the PMF service
      providers to register service and declare time-stamp functions.
      `pmf_helpers.h` consists of internal macros that are used by `pmf.h`
      
      By default this feature is disabled in the ARM trusted firmware.
      To enable it set the boolean flag `ENABLE_PMF` to 1.
      
      NOTE: The caller is responsible for specifying the appropriate cache
      maintenance flags and for acquiring/releasing appropriate locks
      before/after capturing/retrieving the time-stamps.
      
      Change-Id: Ib45219ac07c2a81b9726ef6bd9c190cc55e81854
      a31d8983
  26. 15 Jun, 2016 1 commit
  27. 09 Jun, 2016 1 commit
  28. 03 Jun, 2016 2 commits
    • Soby Mathew's avatar
      Allow dynamic overriding of ROTPK verification · 04943d33
      Soby Mathew authored
      A production ROM with TBB enabled must have the ability to boot test software
      before a real ROTPK is deployed (e.g. manufacturing mode). Previously the
      function plat_get_rotpk_info() must return a valid ROTPK for TBB to succeed.
      This patch adds an additional bit `ROTPK_NOT_DEPLOYED` in the output `flags`
      parameter from plat_get_rotpk_info(). If this bit is set, then the ROTPK
      in certificate is used without verifying against the platform value.
      
      Fixes ARM-software/tf-issues#381
      
      Change-Id: Icbbffab6bff8ed76b72431ee21337f550d8fdbbb
      04943d33
    • Dan Handley's avatar
      Move stdlib header files to include/lib/stdlib · f0b489c1
      Dan Handley authored
      * Move stdlib header files from include/stdlib to include/lib/stdlib for
        consistency with other library headers.
      * Fix checkpatch paths to continue excluding stdlib files.
      * Create stdlib.mk to define the stdlib source files and include directories.
      * Include stdlib.mk from the top level Makefile.
      * Update stdlib header path in the fip_create Makefile.
      * Update porting-guide.md with the new paths.
      
      Change-Id: Ia92c2dc572e9efb54a783e306b5ceb2ce24d27fa
      f0b489c1