- 11 Mar, 2020 3 commits
-
-
Jeetesh Burman authored
The BL3-1 firmware code is stored in TZSRAM on Tegra194 platforms. This memory loses power when we enter System Suspend and so its contents are stored to TZDRAM, before entry. This opens up an attack vector where the TZDRAM contents might be tampered with when we are in the System Suspend mode. To mitigate this attack the SE engine calculates the hash of entire TZSRAM and stores it in PMC scratch, before we copy data to TZDRAM. The WB0 code will validate the TZDRAM and match the hash with the one in PMC scratch. This patch adds driver for the SE engine, with APIs to calculate the hash and store to PMC scratch registers. Change-Id: I04cc0eb7f54c69d64b6c34fc2ff62e4cfbdd43b2 Signed-off-by:Jeetesh Burman <jburman@nvidia.com>
-
Jeetesh Burman authored
This patch saves the TZDRAM base and size values to secure scratch registers, for the WB0. The WB0 reads these values and uses them to verify integrity of the TZDRAM aperture. Change-Id: I2f5fd11c87804d20e2698de33be977991c9f6f33 Signed-off-by: -
kalyani chidambaram authored
armclang displays warnings for extra parentheses, leading to build failures as warnings are treated as errors. This patch removes the extra parentheses to fix this issue. Change-Id: Id2fd6a3086590436eecabc55502f40752a018131 Signed-off-by:Kalyani Chidambaram <kalyanic@nvidia.com>
-
- 09 Mar, 2020 10 commits
-
-
Varun Wadekar authored
This patch saves the TZDRAM base and size values to secure scratch registers, for the WB0. The WB0 reads these values and uses them to verify integrity of the TZDRAM aperture. Change-Id: Ic70914cb958249f06cb58025a24d13734a85e16e Signed-off-by:
Varun Wadekar <vwadekar@nvidia.com>
-
Jeetesh Burman authored
The BL3-1 firmware code is stored in TZSRAM on Tegra186 platforms. This memory loses power when we enter System Suspend and so its contents are stored to TZDRAM, before entry. This opens up an attack vector where the TZDRAM contents might be tampered with when we are in the System Suspend mode. To mitigate this attack the SE engine calculates the hash of entire TZSRAM and stores it in PMC scratch, before we copy data to TZDRAM. The WB0 code will validate the TZDRAM and match the hash with the one in PMC scratch. This patch adds driver for the SE engine, with APIs to calculate the hash and store SE SHA256 hash-result to PMC scratch registers. Change-Id: Ib487d5629225d3d99bd35d44f0402d6d3cf27ddf Signed-off-by: -
Jeetesh Burman authored
This patch enables the bpmp-ipc driver for Tegra186 platforms, to ask BPMP firmware to toggle SE clock. Change-Id: Ie63587346c4d9b7e54767dbee17d0139fa2818ae Signed-off-by: -
Mithun Maragiri authored
ERRATA_A57_829520 disables "indirect branch prediction" for EL1 on cpu reset, leading to 15% drop in CPU performance with coremark benchmarks. Tegra210 already has a hardware fix for ARM BUG#829520,so this errata is not needed. This patch disables the errata to get increased performance numbers. Change-Id: I0b42e8badd19a8101f6a55d80eb2d953597d3c20 Signed-off-by:Mithun Maragiri <mmaragiri@nvidia.com>
-
Pravin authored
This patch adds support for memqual miu 4,5. The MEMQUAL engine has miu0 to miu7 in which miu6 and miu7 is hardwired to bypass SMMU. So only miu0 to miu5 support is provided. Change-Id: Ib350334eec521e65f395f1c3205e2cdaf464ebea Signed-off-by:Pravin <pt@nvidia.com>
-
Stefan Kristiansson authored
As bpmp-fw is running at the same time as ATF, and the mss client reconfiguration sequence involves performing a hot flush resets on bpmp, there is a chance that bpmp-fw is trying to perform accesses while the hot flush is active. Therefore, the mss client reconfigure has been moved to System Suspend resume fw and bootloader, and it can be removed from here. Change-Id: I34019ad12abea9681f5e180af6bc86f2c4c6fc74 Signed-off-by:Stefan Kristiansson <stefank@nvidia.com>
-
Varun Wadekar authored
This patch removes usage of bakery_locks from the FIQ handler, as it creates unnecessary dependency whenever the watchdog timer interrupt fires. All operations inside the interrupt handler are 'reads', so no need for serialization. Change-Id: I3f675e610e4dabc5b1435fdd24bc28e424f5a8e4 Signed-off-by: -
Harvey Hsieh authored
Tegra210B01 SoCs support atomic context save for the two SE hardware engines. Tegra210 SoCs have support for only one SE engine and support a software based save/restore mechanism instead. This patch updates the SE driver to make this change. Change-Id: Ia5e5ed75d0fe011f17809684bbc2ed2338925946 Signed-off-by:Harvey Hsieh <hhsieh@nvidia.com>
-
kalyani chidambaram authored
Update the list to include PMC registers that the NS world cannot access even with smc calls. Change-Id: I588179b56ebc0c29200b55e6d61535fd3a7a3b7e Signed-off-by: -
Varun Wadekar authored
This patch resets the macros to update the CPUACTLR_ELx to make them generic for all exception levels. Change-Id: I33e9b860efb543934b654a2f5d775135df7f1aa6 Signed-off-by:
-
- 05 Mar, 2020 1 commit
-
-
Varun Wadekar authored
Commit ac71344e moved the base address for the MMIO aperture of the console inside the console_t struct. As a result, the driver should now save the MMIO base address to console_t at offset marked by the CONSOLE_T_BASE macro. This patch updates the SPE console driver to use the CONSOLE_T_BASE macro to save/access the MMIO base address. Signed-off-by:
-
- 03 Mar, 2020 1 commit
-
-
Max Shvetsov authored
Renamed the structure according to a SPMD refactoring introduced in <c585d07aa> since this structure is used to service both EL1 and EL2 as opposed to serving only EL1. Change-Id: I23b7c089e53f617157a4b4e6443acce50d85c3b5 Signed-off-by:Max Shvetsov <maksims.svecovs@arm.com>
-
- 25 Feb, 2020 3 commits
-
-
Andre Przywara authored
Since now the generic console_t structure holds the UART base address as well, let's use that generic location and drop the UART driver specific data structure at all. Change-Id: I75dbfafb67849833b3f7b5047e237651e3f553cd Signed-off-by:Andre Przywara <andre.przywara@arm.com>
-
Andre Przywara authored
Since now the generic console_t structure holds the UART base address as well, let's use that generic location and drop the UART driver specific data structure at all. Change-Id: Ifd6aff1064ba1c3c029cdd8a83f715f7a9976db5 Signed-off-by: -
Andre Przywara authored
Since now the generic console_t structure holds the UART base address as well, let's use that generic location and drop the UART driver specific data structure at all. Change-Id: I5c2fe3b6a667acf80c808cfec4a64059a2c9c25f Signed-off-by:
-
- 20 Feb, 2020 12 commits
-
-
Varun Wadekar authored
There are chances a denial-of-service attack, if an attacker removes the SPE firmware from the system. The console driver would end up waiting for the firmware to respond indefinitely. The console driver must detect such scenarios and uninit the interface as a result. This patch adds a timeout to the interaction with the SPE firmware and uninits the interface if it times out. Change-Id: I06f27a858baed25711d41105b4110865f1a01727 Signed-off-by: -
Varun Wadekar authored
Tegra210 SoCs need the sc7entry-fw to enter System Suspend mode, but there might be certain boards that do not have this firmware blob. To stop the NS world from issuing System suspend entry commands on such devices, we ned to disable System Suspend from the PSCI "features". This patch removes the System suspend handler from the Tegra PSCI ops, so that the framework will disable support for "System Suspend" from the PSCI "features". Original change by: kalyani chidambaram <kalyanic@nvidia.com> Change-Id: Ie029f82f55990a8b3a6debb73e95e0e218bfd1f5 Signed-off-by: -
Varun Wadekar authored
Code complexity is a good indication of maintainability versus testability of a piece of software. ISO26262 introduces the following thresholds: complexity < 10 is accepted 10 <= complexity < 20 has to be justified complexity >= 20 cannot be accepted Rationale is that number of test cases to fully test a piece of software can (depending on the coverage metrics) grow exponentially with the number of branches in the software. This patch removes redundant conditionals from 'ipc_send_req_atomic' handler to reduce the McCabe Cyclomatic Complexity for this function Change-Id: I20fef79a771301e1c824aea72a45ff83f97591d5 Signed-off-by: -
Varun Wadekar authored
This patch provides platforms an opportunity to relocate the BL32 image, during cold boot. Tegra186 platforms, for example, relocate BL32 images to TZDRAM memory as the previous bootloader relies on BL31 to do so. Change-Id: Ibb864901e43aca5bf55d8c79e918b598c12e8a28 Signed-off-by: -
Varun Wadekar authored
Code complexity is a good indication of maintainability versus testability of a piece of software. ISO26262 introduces the following thresholds: complexity < 10 is accepted 10 <= complexity < 20 has to be justified complexity >= 20 cannot be accepted Rationale is that number of test cases to fully test a piece of software can (depending on the coverage metrics) grow exponentially with the number of branches in the software. This patch removes redundant conditionals from 'bl31_early_platform_setup' handler to reduce the McCabe Cyclomatic Complexity for this function. Change-Id: Ifb628e33269b388f9323639cd97db761a7e049c4 Signed-off-by: -
kalyani chidambaram authored
This patch sets the "secure" bit to mark the PMC hardware block as accessible only from the secure world. This setting must be programmed during cold boot and System Resume. The sc7entry-fw, running on the COP, needs access to the PMC block to enter System Suspend state, so "unlock" the PMC block before passing control to the COP. Change-Id: I00e39a49ae6b9f8c8eafe0cf7ff63fe6a67fdccf Signed-off-by: -
Varun Wadekar authored
This patch modifies the delay timer driver to switch to the ARM secure physical timer instead of using Tegra's on-chip uS timer. The secure timer is not accessible to the NS world and so eliminates an important attack vector, where the Tegra timer source gets switched off from the NS world leading to a DoS attack for the trusted world. This timer is shared with the S-EL1 layer for now, but later patches will mark it as exclusive to the EL3 exception mode. Change-Id: I2c00f8cb4c48b25578971c626c314603906ad7cc Signed-off-by: -
Pritesh Raithatha authored
This patch locks most of the stream id security config registers as per HW guidance. This patch keeps the stream id configs unlocked for the following clients, to allow some platforms to still function, until they make the transition to the latest guidance. - ISPRA - ISPFALR - ISPFALW - ISPWA - ISPWA1 - ISPWB - XUSB_DEVR - XUSB_DEVW - XUSB_HOSTR - XUSB_HOSTW - VIW - VIFALR - VIFALW Change-Id: I66192b228a0a237035938f498babc0325764d5df Signed-off-by:Pritesh Raithatha <praithatha@nvidia.com>
-
kalyani chidambaram authored
The PMC hardware block resume handler was called for Tegra210 platforms, only if the sc7entry-fw was present on the device. This would cause problems for devices that do not support this firmware. This patch fixes this logic and resumes the PMC block even if the sc7entry-fw is not present on the device. Change-Id: I6f0eb7878126f624ea98392f583ed45a231d27db Signed-off-by: -
Varun Wadekar authored
This patch adds the macro to enable legacy FIQ handling to the common Tegra makefile. The default value of this macro is '0'. Platforms that need this support should enable it from their makefiles. This patch also helps fix violation of Rule 20.9. Rule 20.9 "All identifiers used in the controlling expression of #if of #elif preprocessing directives shall be #define'd before evaluation" Change-Id: I4f0c9917c044b5b1967fb5e79542cd3bf6e91f18 Signed-off-by: -
Varun Wadekar authored
This patch enables higher performance non-cacheable load forwarding for Tegra186 platforms. Change-Id: Ifceb304bfbd805f415bb6205c9679602ecb47b53 Signed-off-by: -
Varun Wadekar authored
This patch enables higher performance non-cacheable load forwarding for Tegra210 platforms. Change-Id: I11d0ffc09aca97d37386f283f2fbd2483d51fd28 Signed-off-by:
-
- 05 Feb, 2020 1 commit
-
-
Varun Wadekar authored
This patch adds the nvg_roc_clean_cache_trbits() function prototype to mce_private.h to fix compilation failures seen with the Tegra194 builds. Change-Id: I313556f6799792fc0141afb5822cc157db80bc47 Signed-off-by:
-
- 31 Jan, 2020 9 commits
-
-
Pritesh Raithatha authored
Tegra186 is in production so lock stream id security configs for all the clients. Change-Id: I64bdd5a9f12319a543291bfdbbfc1559d7a44113 Signed-off-by: -
Varun Wadekar authored
This patch removes support for simulated system suspend for Tegra194 platforms as we have actual silicon platforms that support this feature now. Change-Id: I9ed1b002886fed7bbc3d890a82d6cad67e900bae Signed-off-by: -
Varun Wadekar authored
This patch fixes violations of the following MISRA rules * Rule 8.5 "An external object or function shall be declared once in one and only one file" * Rule 10.3 "The value of an expression shall not be assigned to an object with a narrower essential type or of a different esential type category" Change-Id: I4314cd4fea0a4adc6665868dd31e619b4f367e14 Signed-off-by: -
Varun Wadekar authored
This patch fixes violations for the following MISRA rules * Rule 5.7 "A tag name shall be a unique identifier" * Rule 10.1 "Operands shall not be of an inappropriate essential type" * Rule 10.3 "The value of an expression shall not be assigned to an object with a narrower essential type or of a different essential type category" * Rule 10.4 "Both operands of an operator in which the usual arithmetic conversions are performed shall have the same essential type category" * Rule 20.7 "Expressions resulting from the expansion of macro parameters shall be enclosed in parentheses" * Rule 21.1 "#define and #undef shall not be used on a reserved identifier or reserved macro name" Change-Id: I83cbe659c2d72e76dd4759959870b57c58adafdf Signed-off-by: -
Varun Wadekar authored
This patch fixes violations for the following MISRA rules * Rule 8.4 "A compatible declaration shall be visible when an object or function with external linkage is defined" * Rule 10.1 "Operands shall not be of an inappropriate essential type" * Rule 10.6 "Both operands of an operator in which the usual arithmetic conversions are perdormed shall have the same essential type category" * Rule 17.7 "The value returned by a function having non-void return type shall be used" Change-Id: I171ac8340de729fd7be928fa0c0694e9bb8569f0 Signed-off-by: -
Varun Wadekar authored
The PMC driver is used only by Tegra210 and Tegra132 platforms. This patch removes pmc.c from the common makefile and moves it to the platform specific makefiles. As a result, the PMC code from common code has been moved to Tegra132 and Tegra210 platform ports. Change-Id: Ia157f70e776b3eff3c12eb8f0f02d30102670a98 Signed-off-by: -
Varun Wadekar authored
This patch removes the per-platform, weakly defined TZDRAM setup handler, as all affected platforms implement the actual handler. Change-Id: I95d04b2a771bc5d673e56b097d45c493fa388ee8 Signed-off-by: -
Varun Wadekar authored
This patch removes the weakly defined per-platform SiP handler as all platforms implement this handler, defeating the need for a weak definition. Change-Id: Id4c7e69163d2635de1813f5a385ac874253a8da9 Signed-off-by: -
Varun Wadekar authored
This patch removes all the weakly defined PSCI handlers defined per-platform, to improve code coverage numbers and reduce MISRA defects. Change-Id: I0f9c0caa0a6071d0360d07454b19dcc7340da8c2 Signed-off-by:
-
