- 24 Jun, 2020 1 commit
-
-
Manish V Badarkhe authored
Cleaned up confused naming between TB_FW and FW_CONFIG. Signed-off-by:
Louis Mayencourt <louis.mayencourt@arm.com> Signed-off-by:
Manish V Badarkhe <Manish.Badarkhe@arm.com> Change-Id: I9e9f6e6ca076d38fee0388f97d370431ae067f08
-
- 09 Jun, 2020 1 commit
-
-
Madhukar Pappireddy authored
Using the fconf framework, the Group 0 and Group 1 secure interrupt descriptors are moved to device tree and retrieved in runtime. This feature is enabled by the build flag SEC_INT_DESC_IN_FCONF. Change-Id: I360c63a83286c7ecc2426cd1ff1b4746d61e633c Signed-off-by:Madhukar Pappireddy <madhukar.pappireddy@arm.com>
-
- 06 Jun, 2020 1 commit
-
-
Grzegorz Jaszczyk authored
This commit is a preparation for upcoming support for OcteonTX and OcteonTX2 product families. Armada platform related files (docs, plat, include/plat) are moved to the new "armada" sub-folder. Change-Id: Icf03356187078ad6a2e56c9870992be3ca4c9655 Signed-off-by:
Grzegorz Jaszczyk <jaz@semihalf.com> Signed-off-by:
Marcin Wojtas <mw@semihalf.com>
-
- 31 May, 2020 1 commit
-
-
Alexei Fedorov authored
The patch fixes BL31 linker script error "Init code ends past the end of the stacks" for platforms with number of CPUs less than 4, which is caused by __STACKS_END__ address being lower than __INIT_CODE_END__. The modified BL31 linker script detects such cases and increases the total amount of stack memory, setting __STACKS_END__ = __INIT_CODE_END__, and CPUs' stacks are calculated by BL31 'plat_get_my_stack' function accordingly. For platforms with more than 4 CPUs and __INIT_CODE_END__ < __STACKS_END__ stack memory does not increase and allocated CPUs' stacks match the existing implementation. The patch removes exclusion of PSCI initialization functions from the reclaimed .init section in 'arm_reclaim_init.ld.S' script, which increases the size of reclaimed memory region. Change-Id: I927773e00dd84e1ffe72f9ee534f4f2fc7b6153c Signed-off-by:Alexei Fedorov <Alexei.Fedorov@arm.com>
-
- 15 May, 2020 1 commit
-
-
Balint Dobszay authored
This patch introduces dynamic configuration for SDEI setup and is supported when the new build flag SDEI_IN_FCONF is enabled. Instead of using C arrays and processing the configuration at compile time, the config is moved to dts files. It will be retrieved at runtime during SDEI init, using the fconf layer. Change-Id: If5c35a7517ba00a9f258d7f3e7c8c20cee169a31 Signed-off-by:
Balint Dobszay <balint.dobszay@arm.com> Co-authored-by:
-
- 13 May, 2020 2 commits
-
-
Olivier Deprez authored
Currently BL2 passes TOS_FW_CONFIG address and size through registers to BL31. This corresponds to SPMC manifest load address and size. The SPMC manifest is mapped in BL31 by dynamic mapping. This patch removes BL2 changes from generic code (which were enclosed by SPD=spmd) and retrieves SPMC manifest size directly from within SPMD. The SPMC manifest load address is still passed through a register by generic code. Signed-off-by:Olivier Deprez <olivier.deprez@arm.com> Change-Id: I35c5abd95c616ae25677302f0b1d0c45c51c042f
-
Olivier Deprez authored
As a follow-up to bdd2596d , and related to SPM Dispatcher EL3 component and SPM Core S-EL2/S-EL1 component: update with cosmetic and coding rules changes. In addition: -Add Armv8.4-SecEL2 arch detection helper. -Add an SPMC context (on current core) get helper. -Return more meaningful error return codes. -Remove complexity in few spmd_smc_handler switch-cases. -Remove unused defines and structures from spmd_private.h Signed-off-by:
-
- 03 Apr, 2020 3 commits
-
-
Sheetal Tigadoli authored
Change-Id: I5daa3f2b4b9d85cb857547a588571a9aa8ad05c2 Signed-off-by:Sheetal Tigadoli <sheetal.tigadoli@broadcom.com>
-
Sheetal Tigadoli authored
Signed-off-by: -
Sheetal Tigadoli authored
Signed-off-by:
-
- 02 Apr, 2020 1 commit
-
-
Sandrine Bailleux authored
The platform io policies array is now always accessed through a fconf getter. This gives us an ideal spot to check for out-of-bound accesses. Remove the assertion in plat_get_image_source(), which is now redundant. Change-Id: Iefe808d530229073b68cbd164d927b8b6662a217 Signed-off-by:Sandrine Bailleux <sandrine.bailleux@arm.com>
-
- 30 Mar, 2020 1 commit
-
-
Manish V Badarkhe authored
Moved SMCCC defines from plat_arm.h to new <smccc_def.h> header and include this header in all ARM platforms. Signed-off-by:
-
- 25 Mar, 2020 1 commit
-
-
Alexei Fedorov authored
This patch provides support for measured boot by adding calculation of BL2 image hash in BL1 and writing these data in TB_FW_CONFIG DTB. Change-Id: Ic074a7ed19b14956719c271c805b35d147b7cec1 Signed-off-by:
-
- 17 Mar, 2020 1 commit
-
-
Manish V Badarkhe authored
Implemented SMCCC_ARCH_SOC_ID call in order to get below SOC information: 1. SOC revision 2. SOC version Implementation done using below SMCCC specification document: https://developer.arm.com/docs/den0028/c Signed-off-by:
-
- 11 Mar, 2020 1 commit
-
-
Madhukar Pappireddy authored
Necessary infrastructure added to integrate fconf framework in BL31 & SP_MIN. Created few populator() functions which parse HW_CONFIG device tree and registered them with fconf framework. Many of the changes are only applicable for fvp platform. This patch: 1. Adds necessary symbols and sections in BL31, SP_MIN linker script 2. Adds necessary memory map entry for translation in BL31, SP_MIN 3. Creates an abstraction layer for hardware configuration based on fconf framework 4. Adds necessary changes to build flow (makefiles) 5. Minimal callback to read hw_config dtb for capturing properties related to GIC(interrupt-controller node) 6. updates the fconf documentation Change-Id: Ib6292071f674ef093962b9e8ba0d322b7bf919af Signed-off-by:
-
- 06 Mar, 2020 2 commits
-
-
Sumit Garg authored
TBBR spec advocates for optional encryption of firmwares (see optional requirement: R060_TBBR_FUNCTION). So add an IO abstaction layer to support firmware decryption that can be stacked above any underlying IO/ packaging layer like FIP etc. It aims to provide a framework to load any encrypted IO payload. Also, add plat_get_enc_key_info() to be implemented in a platform specific manner as handling of encryption key may vary from one platform to another. Signed-off-by:Sumit Garg <sumit.garg@linaro.org> Change-Id: I9892e0ddf00ebecb8981301dbfa41ea23e078b03
-
Sumit Garg authored
Add framework for autheticated decryption of data. Currently this patch optionally imports mbedtls library as a backend if build option "DECRYPTION_SUPPORT = aes_gcm" is set to perform authenticated decryption using AES-GCM algorithm. Signed-off-by:
-
- 04 Mar, 2020 1 commit
-
-
Manish Pandey authored
This patch implements loading of Secure Partition packages using existing framework of loading other bl images. The current framework uses a statically defined array to store all the possible image types and at run time generates a link list and traverse through it to load different images. To load SPs, a new array of fixed size is introduced which will be dynamically populated based on number of SPs available in the system and it will be appended to the loadable images list. Change-Id: I8309f63595f2a71b28a73b922d20ccba9c4f6ae4 Signed-off-by:Manish Pandey <manish.pandey2@arm.com>
-
- 03 Mar, 2020 1 commit
-
-
Olivier Deprez authored
Use the firmware configuration framework to retrieve information about Secure Partitions to facilitate loading them into memory. To load a SP image we need UUID look-up into FIP and the load address where it needs to be loaded in memory. This patch introduces a SP populator function which gets UUID and load address from firmware config device tree and updates its C data structure. Change-Id: I17faec41803df9a76712dcc8b67cadb1c9daf8cd Signed-off-by:
-
- 24 Feb, 2020 2 commits
-
-
Petre-Ionut Tudor authored
This patch introduces a build flag which allows the xlat tables to be mapped in a read-only region within BL31 memory. It makes it much harder for someone who has acquired the ability to write to arbitrary secure memory addresses to gain control of the translation tables. The memory attributes of the descriptors describing the tables themselves are changed to read-only secure data. This change happens at the end of BL31 runtime setup. Until this point, the tables have read-write permissions. This gives a window of opportunity for changes to be made to the tables with the MMU on (e.g. reclaiming init code). No changes can be made to the tables with the MMU turned on from this point onwards. This change is also enabled for sp_min and tspd. To make all this possible, the base table was moved to .rodata. The penalty we pay is that now .rodata must be aligned to the size of the base table (512B alignment). Still, this is better than putting the base table with the higher level tables in the xlat_table section, as that would cost us a full 4KB page. Changing the tables from read-write to read-only cannot be done with the MMU on, as the break-before-make sequence would invalidate the descriptor which resolves the level 3 page table where that very descriptor is located. This would make the translation required for writing the changes impossible, generating an MMU fault. The caches are also flushed. Signed-off-by:Petre-Ionut Tudor <petre-ionut.tudor@arm.com> Change-Id: Ibe5de307e6dc94c67d6186139ac3973516430466
-
Sandrine Bailleux authored
The cookie will be leveraged in the next commit. Change-Id: Ie8bad275d856d84c27466461cf815529dd860446 Signed-off-by:
-
- 19 Feb, 2020 3 commits
-
-
Suyash Pathak authored
For platforms that have two or more TZC400 controllers instantiated, allow the TZC400 driver to be usable with all those instances. This is achieved by allowing 'arm_tzc400_setup' function to accept the base address of the TZC400 controller. Change-Id: I4add470e6ddb58432cd066145e644112400ab924 Signed-off-by:Suyash Pathak <suyash.pathak@arm.com>
-
Suyash Pathak authored
The base address for second DRAM varies across different platforms. So allow platforms to define second DRAM by moving Juno/SGM-775 specific definition of second DRAM base address to Juno/SGM-775 board definition respectively, SGI/RD specific definition of DRAM 2 base address to SGI board definition. Change-Id: I0ecd3a2bd600b6c7019c7f06f8c452952bd07cae Signed-off-by: -
Suyash Pathak authored
A TZC400 can have upto 4 filters and the number of filters instantiated within a TZC400 is platform dependent. So allow platforms to define the value of PLAT_ARM_TZC_FILTERS by moving the existing Juno specific definition of PLAT_ARM_TZC_FILTERS to Juno board definitions. Change-Id: I67a63d7336595bbfdce3163f9a9473e15e266f40 Signed-off-by:
-
- 10 Feb, 2020 2 commits
-
-
Achin Gupta authored
This patch reserves and maps the Trusted DRAM for SPM core execution. It also configures the TrustZone address space controller to run BL31 in secure DRAM. Signed-off-by:
Achin Gupta <achin.gupta@arm.com> Signed-off-by:
Artsem Artsemenka <artsem.artsemenka@arm.com> Change-Id: I7e1bb3bbc61a0fec6a9cb595964ff553620c21dc
-
Achin Gupta authored
This patch repurposes the TOS FW configuration file as the manifest for the SPM core component which will reside at the secure EL adjacent to EL3. The SPM dispatcher component will use the manifest to determine how the core component must be initialised. Routines and data structure to parse the manifest have also been added. Signed-off-by:
-
- 07 Feb, 2020 9 commits
-
-
Aditya Angadi authored
On systems that have multiple platform components that can interpret the SCMI messages, there is a need to support multiple SCMI channels (one each to those platform components). Extend the existing SCMI interface that currently supports only a single SCMI channel to support multiple SCMI channels. Change-Id: Ice4062475b903aef3b5e5bc37df364c9778a62c5 Signed-off-by:Aditya Angadi <aditya.angadi@arm.com>
-
Vijayenthiran Subramaniam authored
Multi-chip platforms have two or more identical chips connected using a high speed coherent link. In order to identify such platforms, add chip_id and multi_chip_mode information in the platform variant info structure. The values of these two new elements is populated during boot. Change-Id: Ie6e89cb33b3f0f408814f6239cd06647053e23ed Signed-off-by:Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
-
Louis Mayencourt authored
Currently, an IO setup failure will be ignored on arm platform release build. Change this to panic instead. Change-Id: I027a045bce2422b0a0fc4ff9e9d4c6e7bf5d2f98 Signed-off-by: -
Louis Mayencourt authored
Change the return type of "arm_io_is_toc_valid()" and "plat_arm_bl1_fwu_needed()" to bool, to match function behavior. Change-Id: I503fba211219a241cb263149ef36ca14e3362a1c Signed-off-by: -
Louis Mayencourt authored
Use the firmware configuration framework to store the io_policies information inside the configuration device tree instead of the static structure in the code base. The io_policies required by BL1 can't be inside the dtb, as this one is loaded by BL1, and only available at BL2. This change currently only applies to FVP platform. Change-Id: Ic9c1ac3931a4a136aa36f7f58f66d3764c1bfca1 Signed-off-by: -
Louis Mayencourt authored
Use the firmware configuration framework in arm dynamic configuration to retrieve mbedtls heap information between bl1 and bl2. For this, a new fconf getter is added to expose the device tree base address and size. Change-Id: Ifa5ac9366ae100e2cdd1f4c8e85fc591b170f4b6 Signed-off-by: -
Louis Mayencourt authored
Use fconf to retrieve the `disable_authentication` property. Move this access from arm dynamic configuration to bl common. Change-Id: Ibf184a5c6245d04839222f5457cf5e651f252b86 Signed-off-by: -
Louis Mayencourt authored
This patch introduces a better separation between the trusted-boot related properties, and the dynamic configuration DTBs loading information. The dynamic configuration DTBs properties are moved to a new node: `dtb-registry`. All the sub-nodes present will be provided to the dynamic config framework to be loaded. The node currently only contains the already defined configuration DTBs, but can be extended for future features if necessary. The dynamic config framework is modified to use the abstraction provided by the fconf framework, instead of directly accessing the DTBs. The trusted-boot properties are kept under the "arm,tb_fw" compatible string, but in a separate `tb_fw-config` node. The `tb_fw-config` property of the `dtb-registry` node simply points to the load address of `fw_config`, as the `tb_fw-config` is currently part of the same DTB. Change-Id: Iceb6c4c2cb92b692b6e28dbdc9fb060f1c46de82 Signed-off-by: -
Louis Mayencourt authored
Move the loading of the dtb from arm_dym_cfg to fconf. The new loading function is not associated to arm platform anymore, and can be moved to bl_main if wanted. Change-Id: I847d07eaba36d31d9d3ed9eba8e58666ea1ba563 Signed-off-by:
-
- 06 Feb, 2020 1 commit
-
-
Max Shvetsov authored
Enables usage of ARM_ROTPK_LOCATION=regs for FVP board. Removes hard-coded developer keys. Instead, setting ARM_ROTPK_LOCATION=devel_* takes keys from default directory. In case of ROT_KEY specified - generates a new hash and replaces the original. Note: Juno board was tested by original feature author and was not tested for this patch since we don't have access to the private key. Juno implementation was moved to board-specific file without changing functionality. It is not known whether byte-swapping is still needed for this platform. Change-Id: I0fdbaca0415cdcd78f3a388551c2e478c01ed986 Signed-off-by:Max Shvetsov <maksims.svecovs@arm.com>
-
- 27 Jan, 2020 1 commit
-
-
Madhukar Pappireddy authored
In order to support SEPARATE_NOBITS_REGION for Arm platforms, we need to load BL31 PROGBITS into secure DRAM space and BL31 NOBITS into SRAM. Hence mandate the build to require that ARM_BL31_IN_DRAM is enabled as well. Naturally with SEPARATE_NOBITS_REGION enabled, the BL31 initialization code cannot be reclaimed to be used for runtime data such as secondary cpu stacks. Memory map for BL31 NOBITS region also has to be created. Change-Id: Ibbc8c9499a32e63fd0957a6e254608fbf6fa90c9 Signed-off-by:
-
- 23 Jan, 2020 1 commit
-
-
Mark Dykes authored
This reverts commit d433bbdd. Change-Id: I46c69dce704a1ce1b50452dd4d62425c4a67f7f0
-
- 22 Jan, 2020 1 commit
-
-
Madhukar Pappireddy authored
In order to support SEPARATE_NOBITS_REGION for Arm platforms, we need to load BL31 PROGBITS into secure DRAM space and BL31 NOBITS into SRAM. Hence mandate the build to require that ARM_BL31_IN_DRAM is enabled as well. Naturally with SEPARATE_NOBITS_REGION enabled, the BL31 initialization code cannot be reclaimed to be used for runtime data such as secondary cpu stacks. Memory map for BL31 NOBITS region also has to be created. Change-Id: Ibd480f82c1dc74e9cbb54eec07d7a8fecbf25433 Signed-off-by:
-
- 15 Jan, 2020 1 commit
-
-
Luka Kovacic authored
Implements a way to add platform specific power off code to a Marvell Armada 8K platform. Marvell Armada 8K boards can now add a board/system_power.c file that contains a system_power_off() function. This function can now send a command to a power management MCU or other board periferals before shutting the board down. Signed-off-by:Luka Kovacic <luka.kovacic@sartura.hr> Cc: Luka Perkov <luka.perkov@sartura.hr> Change-Id: Iaba20bc2f603195679c54ad12c0c18962dd8e3db --- I am working on a device that will be ported later, which has a custom power management MCU that handles LEDs, board power and fans and requires this separation.
-
