Skip to content

GitLab

Switch branch/tag
  1. 11 Dec, 2018 9 commits
  3. 10 Dec, 2018 3 commits
  5. 26 Nov, 2018 1 commit
    • Jeenu Viswambharan's avatar
      SDEI: Unconditionally resume Secure if it was interrupted · 90a9213b
      Jeenu Viswambharan authored 
      

Secure world execution nearly always expect a controlled exit to
Non-secure world. SDEI interrupts, although targets EL3, occur on behalf
of Non-secure world, and may have higher priority than Secure world
interrupts. Therefore they might preempt Secure execution, and yield
execution to Non-secure SDEI handler. Upon completion of SDEI event
handling (regardless of whether it's COPLETE or COMPLETE_AND_RESUME), we
must resume Secure execution if it was preempted.

Change-Id: I6edd991032588588427ba2fe6c3d7668f7080e3d
Signed-off-by: default avatarJeenu Viswambharan <jeenu.viswambharan@arm.com>
      90a9213b
  7. 14 Nov, 2018 1 commit
    • Sughosh Ganu's avatar
      SPM: Raise running priority of the core while in Secure Partition · 6e3bad36
      Sughosh Ganu authored 
      

The current secure partition design mandates that a) at a point, only
a single core can be executing in the secure partition, and b) a core
cannot be preempted by an interrupt while executing in secure
partition.

Ensure this by activating the SPM priority prior to entering the
parition. Deactivate the priority on return from the
partition.

Change-Id: Icb3473496d16b733564592eef06304a1028e4f5c
Signed-off-by: default avatarSughosh Ganu <sughosh.ganu@arm.com>
      6e3bad36
  9. 08 Nov, 2018 1 commit
    • Antonio Nino Diaz's avatar
      Standardise header guards across codebase · c3cf06f1
      Antonio Nino Diaz authored 
      

All identifiers, regardless of use, that start with two underscores are
reserved. This means they can't be used in header guards.

The style that this project is now to use the full name of the file in
capital letters followed by 'H'. For example, for a file called
"uart_example.h", the header guard is UART_EXAMPLE_H.

The exceptions are files that are imported from other projects:

- CryptoCell driver
- dt-bindings folders
- zlib headers

Change-Id: I50561bf6c88b491ec440d0c8385c74650f3c106e
Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      c3cf06f1
  11. 31 Oct, 2018 1 commit
    • Varun Wadekar's avatar
      sdei: include "context.h" to fix compilation errors · c4491aa9
      Varun Wadekar authored 
      

This patch includes context.h from sdei_private.h to fix the
following compilation errors:

<snip>
In file included from services/std_svc/sdei/sdei_event.c:9:0:
services/std_svc/sdei/sdei_private.h: In function 'sdei_client_el':
services/std_svc/sdei/sdei_private.h:164:2: error: unknown type name 'cpu_context_t'
  cpu_context_t *ns_ctx = cm_get_context(NON_SECURE);
  ^
services/std_svc/sdei/sdei_private.h:165:2: error: unknown type name 'el3_state_t'
  el3_state_t *el3_ctx = get_el3state_ctx(ns_ctx);
  ^
services/std_svc/sdei/sdei_private.h:165:2: error: implicit declaration of function 'get_el3state_ctx' [-Werror=implicit-function-declaration]
services/std_svc/sdei/sdei_private.h:165:25: error: initialization makes pointer from integer without a cast [-Werror]
  el3_state_t *el3_ctx = get_el3state_ctx(ns_ctx);
                         ^
services/std_svc/sdei/sdei_private.h:167:2: error: implicit declaration of function 'read_ctx_reg' [-Werror=implicit-function-declaration]
  return ((read_ctx_reg(el3_ctx, CTX_SCR_EL3) & SCR_HCE_BIT) != 0U) ?
  ^
services/std_svc/sdei/sdei_private.h:167:33: error: 'CTX_SCR_EL3' undeclared (first use in this function)
  return ((read_ctx_reg(el3_ctx, CTX_SCR_EL3) & SCR_HCE_BIT) != 0U) ?
                                 ^
services/std_svc/sdei/sdei_private.h:167:33: note: each undeclared identifier is reported only once for each function it appears in
cc1: all warnings being treated as errors
<snip>

Change-Id: Id0cad56accf81b19cb0d301784f3f086dd052722
Signed-off-by: default avatarVarun Wadekar <vwadekar@nvidia.com>
      c4491aa9
  13. 07 Sep, 2018 1 commit
  15. 22 Aug, 2018 1 commit
  17. 20 Aug, 2018 2 commits
  19. 06 Aug, 2018 1 commit
  21. 15 Jul, 2018 1 commit
  23. 13 Jul, 2018 1 commit
  25. 11 Jul, 2018 1 commit
    • Roberto Vargas's avatar
      Add end_vector_entry assembler macro · a9203eda
      Roberto Vargas authored 
      

Check_vector_size checks if the size of the vector fits
in the size reserved for it. This check creates problems in
the Clang assembler. A new macro, end_vector_entry, is added
and check_vector_size is deprecated.

This new macro fills the current exception vector until the next
exception vector. If the size of the current vector is bigger
than 32 instructions then it gives an error.

Change-Id: Ie8545cf1003a1e31656a1018dd6b4c28a4eaf671
Signed-off-by: default avatarRoberto Vargas <roberto.vargas@arm.com>
      a9203eda
  27. 22 Jun, 2018 3 commits
  29. 21 Jun, 2018 3 commits
    • Jeenu Viswambharan's avatar
      SDEI: Make dispatches synchronous · cdb6ac94
      Jeenu Viswambharan authored 
      

SDEI event dispatches currently only sets up the Non-secure context
before returning to the caller. The actual dispatch only happens upon
exiting EL3 next time.

However, for various error handling scenarios, it's beneficial to have
the dispatch happen synchronously. I.e. when receiving SDEI interrupt,
or for a successful sdei_dispatch_event() call, the event handler is
executed; and upon the event completion, dispatcher execution resumes
after the point of dispatch. The jump primitives introduced in the
earlier patch facilitates this feature.

With this patch:

  - SDEI interrupts and calls to sdei_dispatch_event prepares the NS
    context for event dispatch, then sets a jump point, and immediately
    exits EL3. This results in the client handler executing in
    Non-secure.

  - When the SDEI client completes the dispatched event, the SDEI
    dispatcher does a longjmp to the jump pointer created earlier. For
    the caller of the sdei_dispatch_event() in particular, this would
    appear as if call returned successfully.

The dynamic workaround for CVE_2018_3639 is slightly shifted around as
part of related minor refactoring. It doesn't affect the workaround
functionality.

Documentation updated.

NOTE: This breaks the semantics of the explicit dispatch API, and any
exiting usages should be carefully reviewed.

Change-Id: Ib9c876d27ea2af7fb22de49832e55a0da83da3f9
Signed-off-by: default avatarJeenu Viswambharan <jeenu.viswambharan@arm.com>
      cdb6ac94
    • Jeenu Viswambharan's avatar
      SDEI: Determine client EL from NS context's SCR_EL3 · 2ccfcb2e
      Jeenu Viswambharan authored 
      

Currently, the dispatcher reads from SCR_EL3 register directly to
determine the EL of SDEI client. This is with the assumption that
SCR_EL3 is not modified throughout. However, with RAS work flows, it's
possible that SCR_EL3 register contains values corresponding to Secure
world, and therefore EL determination can go wrong. To mitigate this,
always read the register from the saved Non-secure context.

Change-Id: Ic85e4021deb18eb58757f676f9a001174998543a
Signed-off-by: default avatarJeenu Viswambharan <jeenu.viswambharan@arm.com>
      2ccfcb2e
    • Jeenu Viswambharan's avatar
      SDEI: Allow platforms to define explicit events · af2c9ecd
      Jeenu Viswambharan authored 
      

The current macros only allow to define dynamic and statically-bound
SDEI events. However, there ought be a mechanism to define SDEI events
that are explicitly dispatched; i.e., events that are dispatched as a
result of a previous secure interrupt or other exception

This patch introduces SDEI_EXPLICIT_EVENT() macro to define an explicit
event. They must be placed under private mappings. Only the priority
flags are allowed to be additionally specified.

Documentation updated.

Change-Id: I2e12f5571381195d6234c9dfbd5904608ad41db3
Signed-off-by: default avatarJeenu Viswambharan <jeenu.viswambharan@arm.com>
      af2c9ecd
  31. 20 Jun, 2018 1 commit
  33. 15 Jun, 2018 1 commit
  35. 14 Jun, 2018 1 commit
    • Roberto Vargas's avatar
      Make TF UUID RFC 4122 compliant · 03364865
      Roberto Vargas authored 
      

RFC4122 defines that fields are stored in network order (big endian),
but TF-A stores them in machine order (little endian by default in TF-A).
We cannot change the future UUIDs that are already generated, but we can store
all the bytes using arrays and modify fiptool to generate the UUIDs with
the correct byte order.

Change-Id: I97be2d3168d91f4dee7ccfafc533ea55ff33e46f
Signed-off-by: default avatarRoberto Vargas <roberto.vargas@arm.com>
      03364865
  37. 13 Jun, 2018 2 commits
    • Antonio Nino Diaz's avatar
      xlat v2: Introduce xlat granule size helpers · a0b9bb79
      Antonio Nino Diaz authored 
      

The function xlat_arch_is_granule_size_supported() can be used to check
if a specific granule size is supported. In Armv8, AArch32 only supports
4 KiB pages. AArch64 supports 4 KiB, 16 KiB or 64 KiB depending on the
implementation, which is detected at runtime.

The function xlat_arch_get_max_supported_granule_size() returns the max
granule size supported by the implementation.

Even though right now they are only used by SPM, they may be useful in
other places in the future. This patch moves the code currently in SPM
to the xlat tables lib so that it can be reused.

Change-Id: If54624a5ecf20b9b9b7f38861b56383a03bbc8a4
Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      a0b9bb79
    • Antonio Nino Diaz's avatar
      SPM: Initialize SP args as expected by cm library · 83a393ba
      Antonio Nino Diaz authored 
      

In the context management library, cm_setup_context() takes the
information in ep_info to fill the registers x0-x7. This patch replaces
the current code that sets them manually by the correct initialization
code.

Change-Id: Id1fdf4681b154026c2e3af1f9b05b19582b7d16d
Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      83a393ba
  39. 08 Jun, 2018 1 commit
  41. 23 May, 2018 4 commits