- 17 Mar, 2015 5 commits
-
-
danh-arm authored
Documentation fixes in 'make help' message and User Guide
-
danh-arm authored
Juno: Disable workaround for Cortex-A57 erratum #806969
-
danh-arm authored
TBB: fix build target 'all' dependency on certificates
-
danh-arm authored
Enable type-checking of arguments passed to printf() et al.
-
danh-arm authored
checkpatch: ignore GIT_COMMIT_ID
-
- 11 Mar, 2015 2 commits
-
-
Juan Castillo authored
By default, the checkpatch script requires that commit references included in commit messages follow a predefined format. Github merge commits do not follow this convention, causing the code style test to fail when a new pull request is created. This patch adds the ignore GIT_COMMIT_ID option to the checkpatch parameters. This flag indicates the tool to ignore the commit message format. Change-Id: I37133cc5cf803f664b8ff00f62d458b39f06918c
-
Sandrine Bailleux authored
Cortex-A57 erratum #806969 applies to revision r0p0 of the CPU but does not manifest itself on Juno r0. It is not applicable to Juno r1 in any case. This patch modifies the Juno platform Makefile to no longer compile this erratum workaround in. Change-Id: I32b16835b2ac897e639e869ab2b78b62a51a0139
-
- 10 Mar, 2015 2 commits
-
-
Sandrine Bailleux authored
The 'libssl-dev' package must be installed on the host to build the certificate generation tool. This patch adds it to the list of required tools in the User Guide. Change-Id: I018381fb14b7c2d2bd6f2b7929aaad0571f7eb2e
-
Sandrine Bailleux authored
The message printed by 'make help' is incomplete. It doesn't mention all relevant supported targets. This patch updates it. The format of the first line of the help message has been changed so that it no longer lists all supported targets. This eases the maintenance as we don't need to update the list in 2 places anymore whenever a new target is added. Also add a reference to the user guide to get the list of supported options. Change-Id: I79d8b815b0ffc0c43b4c05124378fce0e938365c
-
- 06 Mar, 2015 2 commits
-
-
Sandrine Bailleux authored
This patch modifies the declarations of the functions printf() et al. and adds the right GCC attribute to request the compiler to check the type of the arguments passed to these functions against the given format string. This will ensure that the compiler outputs warning messages like the following whenever it detects an inconsistency: file.c:42: warning: format ‘%d’ expects type ‘int’, but argument 3 has type ‘long int’ It also fixes the type mismatch inconsistencies that it revealed across the code base. NOTE: THIS PATCH MAY FORCE PLATFORM PORTS OR SP/SPDS THAT USE THE PRINTF FAMILY OF FUNCTIONS TO FIX ANY TYPE MISMATCH INCONSISTENCIES. Change-Id: If36bb54ec7d6dd2cb4791d89b02a24ac13fd2df6
-
danh-arm authored
TBB: use SHA256 to generate the certificate signatures
-
- 05 Mar, 2015 5 commits
-
-
Juan Castillo authored
This patch replaces SHA1 by SHA256 in the 'cert_create' tool, so certificate signatures are generated according to the NSA Suite B cryptographic algorithm requirements. Documentation updated accordingly. Change-Id: I7be79e6b2b62dac8dc78a4f4f5006e37686bccf6
-
Juan Castillo authored
Build target 'all' fails when GENERATE_COT=1 and no BL3-3 or BL3-0 (if required) images are specified. The reason is that, when GENERATE_COT=1, a dependency on the certificates is added to the target 'all', and the certificates depend on the BL3-3 and BL3-0 images, causing the build process to fail if the images are not specified. This patch moves the dependency on the certificates from 'all' to 'fip'. Target 'all' may be used to build the individual images. The certificates will be created by calling the target 'fip', where BL3-3 and BL3-0 (if required) must be specified. Change-Id: I870beb4e8f9f1bfad1d35b09c850a7ce3c9f4ec6
-
danh-arm authored
Ignore C library files when checking coding style Fix violations to the coding style
-
Sandrine Bailleux authored
All coding style violations have been fixed in a previous patch and since then, each individual patch has been checked in this regard. However, the latest version of the checkpatch.pl script from the Linux kernel is more advanced and it is able to flag new errors in the Trusted Firmware codebase. This patch fixes them. Change-Id: I1f332f2440984be85d36b231bb83260368987077
-
Sandrine Bailleux authored
The C library source files embedded into the Trusted Firmware tree are not required to comply to the Linux Coding Style. Unfortunately, 'make checkpatch' does take them into account. This patch modifies the Makefile so that the C library source and header files are now ignored by 'make checkpatch'. It also instructs the checkpatch.pl script to not treat the presence of a 'Change-Id' line in the commit message as an error. Change-Id: I38196202efe518bae3a57c2affe2ed7758c9f69c
-
- 25 Feb, 2015 2 commits
- 19 Feb, 2015 1 commit
-
-
danh-arm authored
Minimize MAX_MMAP_REGIONS for each BL stage
-
- 16 Feb, 2015 1 commit
-
-
Robin Murphy authored
By default the SMMU for the DMA-330 is configured to mark some stream IDs as always belonging to the Secure world. As a result, if EL1 software turns the SMMU on, certain Non-Secure accesses get rewritten as Secure, making them bypass translation and access Secure physical addresses directly. Since the current Juno board firmware configures the DMA-330 hardware as Non-Secure, rewrite the SMMU's default SSD table as well to prevent any unexpected behaviour in EL1. Change-Id: Iaa81d883eecf28d80eb182b9ce475684bf9c718c
-
- 12 Feb, 2015 2 commits
-
-
Soby Mathew authored
This patch removes the plat_get_max_afflvl() platform API and instead replaces it with a platform macro PLATFORM_MAX_AFFLVL. This is done because the maximum affinity level for a platform is a static value and it is more efficient for it to be defined as a platform macro. NOTE: PLATFORM PORTS NEED TO BE UPDATED ON MERGE OF THIS COMMIT Fixes ARM-Software/tf-issues#265 Change-Id: I31d89b30c2ccda30d28271154d869060d50df7bf
-
Soby Mathew authored
This patch defines MAX_MMAP_REGIONS separately for each BL stage as per its requirements. This minimizes the size of the mmap[] array. Fixes ARM-Software/tf-issues#201 Change-Id: I19b15e1a91a8365b2ecf24e2cd71937cb73916b2
-
- 04 Feb, 2015 2 commits
-
-
achingupta authored
Fix model command line for legacy VE memory map
-
Achin Gupta authored
The command line options specified in the User Guide to run the AEMv8 Base FVP with the legacy VE memory map apply only when the model is configured to use GIC v2.0. This patch adds the 'gicv3.gicv2-only=1' to the command line to ensure that the right version of GIC is used. Change-Id: I34c44e19fd42c29818b734ac8f6aa9bf97b4e891
-
- 03 Feb, 2015 4 commits
-
-
danh-arm authored
Documentation for version 1.1
-
danh-arm authored
TBB: Add documentation for Trusted Board Boot
-
Achin Gupta authored
This patch updates the user-guide.md with the various build options related to Trusted Board Boot and steps to build a FIP image which includes this support. It also adds a trusted-board-boot.md which describes the scope and design of this feature. Change-Id: Ifb421268ebf7e06a135684c8ebb04c94835ce061
-
Achin Gupta authored
Final updates to readme.md and change-log.md for ARM Trusted Firmware version 1.1. Also increment the version in the Makefile. Change-Id: Ib001a6ec9a9c570985841d06f0ff80ed76c2996b
-
- 02 Feb, 2015 4 commits
-
-
danh-arm authored
Move up dependency versions in user guide
-
Sandrine Bailleux authored
Move up the version numbers in the user guide of: * DS-5 (to v5.20) * EDK2 (to v2.1-rc0) * Linux Kernel (to 1.3-Juno) * Linaro file-system (to 14.12) * Juno SCP binary (to 1.5.0-rc0 within board recovery image 0.10.1). Also remove duplicate information that is available from the ARM Connected Community website. * Base FVP (to 6.2) * Foundation FVP (to 9.1). Also update the name of the Foundation FVP binary since it has changed since version 2.1. Co-Authored-By: Dan Handley <dan.handley@arm.com> Change-Id: I1cf2f2b1a3f1b997ac905a4ab440876d265698c0
-
danh-arm authored
Miscellaneous doc fixes for v1.1
-
Sandrine Bailleux authored
Change-Id: Iaf9d6305edc478d39cf1b37c8a70ccdf723e8ef9
-
- 30 Jan, 2015 2 commits
-
-
danh-arm authored
Fix the Cortex-A57 reset handler register usage v2
-
Soby Mathew authored
The CPU specific reset handlers no longer have the freedom of using any general purpose register because it is being invoked by the BL3-1 entry point in addition to BL1. The Cortex-A57 CPU specific reset handler was overwriting x20 register which was being used by the BL3-1 entry point to save the entry point information. This patch fixes this bug by reworking the register allocation in the Cortex-A57 reset handler to avoid using x20. The patch also explicitly mentions the register clobber list for each of the callee functions invoked by the reset handler Change-Id: I28fcff8e742aeed883eaec8f6c4ee2bd3fce30df
-
- 28 Jan, 2015 6 commits
-
-
danh-arm authored
Trusted Board Boot Prototype
-
Juan Castillo authored
This patch adds support to authenticate the Trusted Key certificate and the BL3-x certificates and images at BL2. Change-Id: I69a8c13a14c8da8b75f93097d3a4576aed71c5dd
-
Juan Castillo authored
This patch moves fvp_io_setup() to bl2_early_platform_setup() in order to allow BL2 to use the IO framework before bl2_platform_setup(). Change-Id: I75e1a772ab5f9b4727f6727822a2527c30f3c63d
-
Juan Castillo authored
This patch adds support to authenticate the BL2 content certificate and image using the authentication module in BL1. The FIP driver has been extended to include the BL2 certificate UUID. FVP and Juno ports include the BL2 certificate FIP file definition. Change-Id: I32680e9bd123c8db4a4193c14448c9b32b0e9325
-
Juan Castillo authored
This patch provides an API to access the authentication module that will be used to verify the authenticity of the images loaded into memory as part of the Trusted Board Boot process. To include the authentication module as part of the build, set the boolean build option TRUSTED_BOARD_BOOT. One single authentication module must be registered at build time by setting the build option AUTH_MOD=<mod_name>. All authentication modules will be located in 'common/auth/<mod_name>' and must present the <mod_name>.mk file that will be included by the build system to compile the module sources. To create an authentication module, an instance of auth_mod_t called 'auth_mod' must be declared in the module sources. The initialization and verification functions provided by the module will be exported through the function pointers specified when declaring this instance. If an authentication module includes third party sources that do not adhere to the C99 standard, the -pedantic option may be removed from the build options by setting the flag DISABLE_PEDANTIC in the module file <mod_name>.mk. Change-Id: I080bb04bd421029bcdf22ec2c63807afbf061dcd
-
Juan Castillo authored
This patch implements an authentication module based on the PolarSSL library (v1.3.9) to verify the Chain of Trust when Trusted Boot is enabled. PolarSSL sources must be fetched separately. The POLARSSL_DIR build option may be used to indicate the path to the PolarSSL main directory (this directory must contain the 'include' and 'library' subdirectories). To be able to build PolarSSL sources as a part of the Trusted Firmware build process, the DISABLE_PEDANTIC flag in polarssl.mk will tell the build system to remove the -pedantic option from the CFLAGS. Inclusion of PolarSSL increases the memory requirements of the BL1 and BL2 images. The following are the changes made to the FVP and Juno platforms to cater for this when TRUSTED_BOARD_BOOT is defined: Changes on FVP: - BL1 and BL2 stacks have been increased to 4 KB - BL1(rw) section has been increased to 32 KB. - BL2 memory region has been increased to 112 KB Changes on Juno: - BL1 and BL2 stacks have been increased to 4 KB - BL1(rw) section has been increased to 32 KB. - Trusted ROM region in Flash has been increased to 128 KB. - BL2 memory region has been increased to 116 KB Change-Id: Ie87d80d43408eb6239c4acd0ec5ab2120e4e9e80
-