- 09 Apr, 2019 1 commit
-
-
Paul Beesley authored
The spm_sp_get_by_uuid() function is used to look up the secure partition that provides a given service. Within this function, memcmp() is used to compare the service UUIDs but it uses the size of the rdsvc->uuid pointer instead of the size of its content (missing dereference). This means that only a partial comparison is performed as UUIDs are 128 bits in length and rdsvc->uuid is a uint32_t typed pointer. Instead, use the size of the array pointed to by the svc_uuid parameter, which will be the full 128 bits, for the comparison. Change-Id: I258fb0cca3bf19f97b8f2a4c133981647cd050e4 Signed-off-by: Paul Beesley <paul.beesley@arm.com>
-
- 03 Apr, 2019 4 commits
-
-
Ambroise Vincent authored
Now it is needed to use the full path of the common header files. Commit 09d40e0e ("Sanitise includes across codebase") provides more information. Change-Id: Ifedc79d9f664d208ba565f5736612a3edd94c647 Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>
-
Antonio Nino Diaz authored
Rather than using a fixed virtual address space size, read all regions in the resource description of each partition and restrict the virtual address space size to the one the partition actually needs. This also allows SPM to take advantage of the extension ARMv8.4-TTST if the virtual address space size is small enough. Change-Id: I8646aa95e659136b58b44b040364cdee631f7e82 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Antonio Nino Diaz authored
Right now the virtual address space is fixed to PLAT_VIRT_ADDR_SPACE_SIZE, so all base translation tables are the same size and need the same alignment. The current code allocates the exact space needed by this initial table. However, a following patch is going to allow each partition to choose the size of its address space based on the memory regions defined in their resource description, so it isn't possible to determine this at build time. As this optimization no longer applies, it has to be removed. Change-Id: Ia8d19f4981e1017e4ffe0ba136de73d701044cb0 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Antonio Nino Diaz authored
This gives each Secure Partition complete freedom on its address space. Previously, the memory used by the exception vectors was reserved and couldn't be used. Also, it always had to be mapped, forcing SPM to generate translation tables that included the exception vectors as well as the Partition memory regions. With this change, partitions can reduce their address space size easily. Change-Id: I67fb5e9bdf2870b73347f23bff702fab0a8f8711 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 02 Apr, 2019 1 commit
-
-
Antonio Nino Diaz authored
Instead of letting the code run until another error is reached, return early. Change-Id: I6277a8c65101d3e39b0540099c2a3063584a7dbd Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 01 Apr, 2019 3 commits
-
-
Ambroise Vincent authored
Fix variable shadowing warnings and prevent code duplication. Change-Id: Idb29cc95d6b6943bc012d7bd430afa0e4a7cbf8c Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>
-
Ambroise Vincent authored
Improved support for W=2 compilation flag by solving some nested-extern and sign-compare warnings. The libraries are compiling with warnings (which turn into errors with the Werror flag). Outside of libraries, some warnings cannot be fixed. Change-Id: I06b1923857f2a6a50e93d62d0274915b268cef05 Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>
-
Ambroise Vincent authored
Improved support for W=1 compilation flag by solving missing-prototypes and old-style-definition warnings. The libraries are compiling with warnings (which turn into errors with the Werror flag). Outside of libraries, some warnings cannot be fixed without heavy structural changes. Change-Id: I1668cf99123ac4195c2a6a1d48945f7a64c67f16 Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>
-
- 04 Mar, 2019 1 commit
-
-
Dimitris Papastamos authored
SSBS support is determined by checking ID_AA64PFR1_EL1 and not ID_AA64PFR0_EL1. Fixes ARM-Software/tf-issues#679 Change-Id: I8ecba13b850995ec6a6ede3c2a1e02e69a3a95db Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
-
- 27 Feb, 2019 1 commit
-
-
Antonio Nino Diaz authored
The GIC definitions used in this file have to be provided by the platform but platform_def.h wasn't included. Change-Id: I858cdf7e60c50577c8e798d64ec2cbc4f067f33b Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 14 Feb, 2019 1 commit
-
-
Antonio Nino Diaz authored
Since commit 01fc1c24 ("BL31: Use helper function to save registers in SMC handler") all the general-purpose registers are saved when entering EL3. It isn't needed to save them here. Change-Id: Ic540a5441b89b70888da587ab8fc3b2508cef8cc Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 12 Feb, 2019 2 commits
-
-
Antonio Nino Diaz authored
Rather than letting the Trusty makefile set the option to enable dynamic translation tables, make platforms do it themselves. This also allows platforms to replace the implementation of the translation tables library as long as they use the same function prototypes. Change-Id: Ia60904f61709ac323addcb57f7a83391d9e21cd0 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Antonio Nino Diaz authored
Commit 09d40e0e ("Sanitise includes across codebase") modified the include paths of the TSP includes but it didn't remove the include path from the makefile or did the same for TLK. This patch does the remaining work. Change-Id: Iecee2e88fabcd06989d35568c3a4c1f4e7d93572 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 08 Feb, 2019 1 commit
-
-
Antonio Nino Diaz authored
Instead of having a custom implementation of setjmp() and longjmp() it is better to follow the C standard. The comments in setjmp.h are no longer needed as there are no deviations from the expected one, so they have been removed. All SDEI code that relied on them has been fixed to use the new function prototypes and structs. Change-Id: I6cd2e21cb5a5bcf81ba12283f2e4c067bd5172ca Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 06 Feb, 2019 1 commit
-
-
Antonio Nino Diaz authored
Trusty requires dynamic translation tables support, so the makefile of Trusty itself should request it. Not doing so causes platforms such as FVP to fail to build with Trusty. Other platforms like Tegra still build because they use dynamic translation tables by default. Change-Id: Id67d3b9e1f7d0547fa81e81cefa3faf1e0e6f876 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 05 Feb, 2019 1 commit
-
-
Varun Wadekar authored
This patch dynamically maps the first page of trusty's code memory, before accessing it to find out if we are running a 32-bit or 64-bit image. On Tegra platforms, this means we have to increase the mappings to accomodate the new memmap entry. Change-Id: If370d1e6cfcccd69b260134c1b462d8d17bee03d Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
-
- 31 Jan, 2019 3 commits
-
-
Stephen Wolfe authored
During System Suspend, the entire system loses its state. To allow Trusty to save/restore its context and allow its TAs to participate in the suspend process, it needs to look at the max affinity level being suspended. This patch passes the max affinity level to Trusty to enable to do so. Change-Id: If7838dae10c3f5a694baedb15ec56fbad41f2b36 Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
-
Mihir Joshi authored
c_rt_ctx is used to store current SP before the system goes into suspend. The assert for its value being zero is not really necessary as the value gets over-written eventually. This patch removes assert(tlk_ctx->c_rt_ctx == 0) from the System Suspend path, as a result. Change-Id: If41f15e74ebbbfd82958d8e179114899b2ffb0a7 Signed-off-by: Mihir Joshi <mihirj@nvidia.com>
-
Mihir Joshi authored
This patch adds support to handle following TLK SMCs: {TLK_SS_REGISTER_HANDLER, TLK_REGISTER_NS_DRAM_RANGES, TLK_SET_ROOT_OF_TRUST} These SMCs need to be supported in ATF in order to forward them to TLK. Otherwise, these functionalities won't work. Brief: TLK_SS_REGISTER_HANDLER: This SMC is issued by TLK Linux Driver to set up secure storage buffers. TLK_REGISTER_NS_DRAM_RANGES: Cboot performs this SMC during boot to pass NS memory ranges to TLK. TLK_SET_ROOT_OF_TRUST: Cboot performs this SMC during boot to pass Verified Boot parameters to TLK. Change-Id: I18af35f6dd6f510dfc22c1d1d1d07f643c7b82bc Reviewed-on: https://git-master.nvidia.com/r/1643851 Signed-off-by: Mihir Joshi <mihirj@nvidia.com>
-
- 30 Jan, 2019 1 commit
-
-
Antonio Nino Diaz authored
This reverts commit 2f370465 ("Add support for the SMC Calling Convention 2.0"). SMCCC v2.0 is no longer required for SPM, and won't be needed in the future. Removing it makes the SMC handling code less complicated. The SPM implementation based on SPCI and SPRT was using it, but it has been adapted to SMCCC v1.0. Change-Id: I36795b91857b2b9c00437cfbfed04b3c1627f578 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 24 Jan, 2019 1 commit
-
-
David Lin authored
When an unknown Trusty image is found, there's no point of still trying to register the BL32 init handler. Instead, we just should bail out of the trusty_setup() and allow the system to continue to boot. Signed-off-by: David Lin <dtwlin@google.com>
-
- 23 Jan, 2019 1 commit
-
-
Anthony Zhou authored
Main Fixes: Use int32_t replace int [Rule 4.6] Added explicit casts (e.g. 0U) to integers in order for them to be compatible with whatever operation they're used in [Rule 10.1] Force operands of an operator to the same type category [Rule 10.4] Fixed if statement conditional to be essentially boolean [Rule 14.4] Voided non c-library functions whose return types are not used [Rule 17.7] Change-Id: I98caa330c371757eb2dfb9438448cb99115ed907 Signed-off-by: Anthony Zhou <anzhou@nvidia.com>
-
- 22 Jan, 2019 2 commits
-
-
Antonio Nino Diaz authored
This implementation is no longer deprecated. Change-Id: I68552d0fd5ba9f08fad4345e4657e8e3c5362a36 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Antonio Nino Diaz authored
The SPM implementation based on MM is going to be kept for the foreseeable future. Change-Id: I11e96778a4f52a1aa803e7e048d9a7cb24a53954 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com> Acked-by: Sumit Garg <sumit.garg@linaro.org>
-
- 15 Jan, 2019 3 commits
-
-
Ard Biesheuvel authored
Registered init handlers return a boolean int, not a return code, so convert the result from the SPM init call before returning it. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
-
Ard Biesheuvel authored
Permit unaligned accesses while executing the secure partition payload, so that we don't have to modify existing code that we will host there. (The UEFI spec explicitly permits unaligned accesses) Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
-
Paul Beesley authored
Corrects typos in core code, documentation files, drivers, Arm platforms and services. None of the corrections affect code; changes are limited to comments and other documentation. Change-Id: I5c1027b06ef149864f315ccc0ea473e2a16bfd1d Signed-off-by: Paul Beesley <paul.beesley@arm.com>
-
- 08 Jan, 2019 2 commits
-
-
Ard Biesheuvel authored
Expose the timer registers that are accessible at EL0 per the architecture to the SPM payload running in secure EL0. Note that this requires NS_TIMER_SWITCH to be enable for all users of this code. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
-
Ard Biesheuvel authored
Update some asserts that refer to #defines that only occur in ARM platforms, preventing this code to be used on other platforms. Instead, use a platform agnostic name, and update all the existing users. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
-
- 04 Jan, 2019 1 commit
-
-
Antonio Nino Diaz authored
Enforce full include path for includes. Deprecate old paths. The following folders inside include/lib have been left unchanged: - include/lib/cpus/${ARCH} - include/lib/el3_runtime/${ARCH} The reason for this change is that having a global namespace for includes isn't a good idea. It defeats one of the advantages of having folders and it introduces problems that are sometimes subtle (because you may not know the header you are actually including if there are two of them). For example, this patch had to be created because two headers were called the same way: e0ea0928 ("Fix gpio includes of mt8173 platform to avoid collision."). More recently, this patch has had similar problems: 46f9b2c3 ("drivers: add tzc380 support"). This problem was introduced in commit 4ecca339 ("Move include and source files to logical locations"). At that time, there weren't too many headers so it wasn't a real issue. However, time has shown that this creates problems. Platforms that want to preserve the way they include headers may add the removed paths to PLAT_INCLUDES, but this is discouraged. Change-Id: I39dc53ed98f9e297a5966e723d1936d6ccf2fc8f Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 11 Dec, 2018 9 commits
-
-
Antonio Nino Diaz authored
Rename files prefixed by sp_ to spm_. Change-Id: Ie3016a4c4ac5987fe6fdd734c6b470c60954e23d Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Antonio Nino Diaz authored
Also, add a disclaimer to explain that the current implementation of SPM is a prototype that is going to undergo a lot of rework. Change-Id: I303c1e61c51d9f286cc599fea565fc9ba5a996bf Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Antonio Nino Diaz authored
The old SMCs SP_MEMORY_ATTRIBUTES_{GET,SET}_AARCH64 have been removed in favour of SPRT_MEMORY_PERM_ATTR_{GET,SET}_AARCH64. Change-Id: Idb93cfa5461d0098df941037c5653f7c44b65227 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Antonio Nino Diaz authored
Change-Id: I1fdc2285a3f6517a715ad6159322543fd5a37a37 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Antonio Nino Diaz authored
Note that the arguments passed during the SMC call don't comply with the SPCI specifications. This will be fixed in following patches, but it is needed to implement a few more SPCI SMCs to be able to do it. The current code allows us to start testing it. Change-Id: Ic13dcc54c40327df03be1b0f52e8a44f468f06b4 Co-authored-by: Jean-Paul Etienne <jean-paul.etienne@arm.com> Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Antonio Nino Diaz authored
This buffer is where all the responses from Secure Partitions are stored until they are requested. Change-Id: Iafeb8f0848c5ff6f3e187060cd3a47702484dc45 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Antonio Nino Diaz authored
Blocking calls can only succeed if the target Secure Partition is idle. Change-Id: Iabeaa0b8d3e653fd8581fa086758936abfc1c772 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Antonio Nino Diaz authored
Note that the arguments passed during the SMC call don't comply with the SPCI specifications. This will be fixed in following patches, but it is needed to implement a few more SPCI SMCs to be able to do it. The current code allows us to start testing it. Change-Id: Ief0e75d072b311737fcdb0c6a60ba5b7406a9ee5 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Antonio Nino Diaz authored
Change-Id: If57ec9cc0791f49d9ade83dff9d24ef9047963a8 Co-authored-by: Jean-Paul Etienne <jean-paul.etienne@arm.com> Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-