1. 04 Jan, 2019 1 commit
    • Antonio Nino Diaz's avatar
      Sanitise includes across codebase · 09d40e0e
      Antonio Nino Diaz authored
      Enforce full include path for includes. Deprecate old paths.
      
      The following folders inside include/lib have been left unchanged:
      
      - include/lib/cpus/${ARCH}
      - include/lib/el3_runtime/${ARCH}
      
      The reason for this change is that having a global namespace for
      includes isn't a good idea. It defeats one of the advantages of having
      folders and it introduces problems that are sometimes subtle (because
      you may not know the header you are actually including if there are two
      of them).
      
      For example, this patch had to be created because two headers were
      called the same way: e0ea0928 ("Fix gpio includes of mt8173 platform
      to avoid collision."). More recently, this patch has had similar
      problems: 46f9b2c3 ("drivers: add tzc380 support").
      
      This problem was introduced in commit 4ecca339
      
       ("Move include and
      source files to logical locations"). At that time, there weren't too
      many headers so it wasn't a real issue. However, time has shown that
      this creates problems.
      
      Platforms that want to preserve the way they include headers may add the
      removed paths to PLAT_INCLUDES, but this is discouraged.
      
      Change-Id: I39dc53ed98f9e297a5966e723d1936d6ccf2fc8f
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      09d40e0e
  2. 07 Aug, 2018 1 commit
    • Antonio Nino Diaz's avatar
      xlat v2: Flush xlat tables after being modified · 3e318e40
      Antonio Nino Diaz authored
      During cold boot, the initial translation tables are created with data
      caches disabled, so all modifications go to memory directly. After the
      MMU is enabled and data cache is enabled, any modification to the tables
      goes to data cache, and eventually may get flushed to memory.
      
      If CPU0 modifies the tables while CPU1 is off, CPU0 will have the
      modified tables in its data cache. When CPU1 is powered on, the MMU is
      enabled, then it enables coherency, and then it enables the data cache.
      Until this is done, CPU1 isn't in coherency, and the translation tables
      it sees can be outdated if CPU0 still has some modified entries in its
      data cache.
      
      This can be a problem in some cases. For example, the warm boot code
      uses only the tables mapped during cold boot, which don't normally
      change. However, if they are modified (and a RO page is made RW, or a XN
      page is made executable) the CPU will see the old attributes and crash
      when it tries to access it.
      
      This doesn't happen in systems with HW_ASSISTED_COHERENCY or
      WARMBOOT_ENABLE_DCACHE_EARLY. In these systems, the data cache is
      enabled at the same time as the MMU. As soon as this happens, the CPU is
      in coherency.
      
      There was an attempt of a fix in psci_helpers.S, but it didn't solve the
      problem. That code has been deleted. The code was introduced in commit
      <26441030
      
      > ("Invalidate TLB entries during warm boot").
      
      Now, during a map or unmap operation, the memory associated to each
      modified table is flushed. Traversing a table will also flush it's
      memory, as there is no way to tell in the current implementation if the
      table that has been traversed has also been modified.
      
      Change-Id: I4b520bca27502f1018878061bc5fb82af740bb92
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      3e318e40
  3. 02 Aug, 2018 1 commit
  4. 30 Jul, 2018 1 commit
  5. 15 Jul, 2018 1 commit
  6. 13 Jul, 2018 3 commits
    • Antonio Nino Diaz's avatar
      xlat v2: Remove IMAGE_EL define · aa1d5f60
      Antonio Nino Diaz authored
      
      
      The Exception Level is now detected at runtime. This means that it is not
      needed to hardcode the EL used by each image.
      
      This doesn't result in a substantial increase of the image size because
      the initialization functions that aren't used are garbage-collected by
      the linker.
      
      In AArch32 the current EL has been changed from EL3 to EL1 because the
      the AArch32 PL1&0 translation regime behaves more like the AArch64 EL1&0
      translation regime than the EL3 one.
      
      Change-Id: I941404299ebe7666ca17619207c923b49a55cb73
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      aa1d5f60
    • Antonio Nino Diaz's avatar
      xlat v2: Remove unused tlbi helper · 8d164bc6
      Antonio Nino Diaz authored
      
      
      xlat_arch_tlbi_va_regime() isn't used, so it has been renamed to
      xlat_arch_tlbi_va() and the previous implementation has been removed.
      
      Change-Id: Ic118bed3fb68234748d86b2e9e95b25650289276
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      8d164bc6
    • Antonio Nino Diaz's avatar
      xlat v2: Remove architectural headers · 468e2382
      Antonio Nino Diaz authored
      
      
      They only contained one function that is easily integrated in the private
      library header and the existing architectural C files.
      
      This also helps making the library more portable, as the Makefile of the
      library now doesn't use the variable INCLUDES, which is specific to this
      codebase and doesn't respect the namespace of the library.
      
      Change-Id: I22228e6a97e9b4f346f5cd8947609263e8df71d8
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      468e2382
  7. 03 Jul, 2018 1 commit
    • Antonio Nino Diaz's avatar
      xlat v2: Split code into separate files · fd2299e6
      Antonio Nino Diaz authored
      
      
      Instead of having one big file with all the code, it's better to have
      a few smaller files that are more manageable:
      
      - xlat_tables_core.c: Code related to the core functionality of the
        library (map and unmap regions, initialize xlat context).
      - xlat_tables_context.c: Instantiation of the active image context
        as well as APIs to manipulate it.
      - xlat_tables_utils.c: Helper code that isn't part of the core
        functionality (change attributes, debug print messages).
      
      Change-Id: I3ea956fc1afd7473c0bb5e7c6aab3b2e5d88c711
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      fd2299e6
  8. 27 Jun, 2018 1 commit
    • Jeenu Viswambharan's avatar
      xlat v2: Split MMU setup and enable · 0cc7aa89
      Jeenu Viswambharan authored
      
      
      At present, the function provided by the translation library to enable
      MMU constructs appropriate values for translation library, and programs
      them to the right registers. The construction of initial values,
      however, is only required once as both the primary and secondaries
      program the same values.
      
      Additionally, the MMU-enabling function is written in C, which means
      there's an active stack at the time of enabling MMU. On some systems,
      like Arm DynamIQ, having active stack while enabling MMU during warm
      boot might lead to coherency problems.
      
      This patch addresses both the above problems by:
      
        - Splitting the MMU-enabling function into two: one that sets up
          values to be programmed into the registers, and another one that
          takes the pre-computed values and writes to the appropriate
          registers. With this, the primary effectively calls both functions
          to have the MMU enabled, but secondaries only need to call the
          latter.
      
        - Rewriting the function that enables MMU in assembly so that it
          doesn't use stack.
      
      This patch fixes a bunch of MISRA issues on the way.
      
      Change-Id: I0faca97263a970ffe765f0e731a1417e43fbfc45
      Signed-off-by: default avatarJeenu Viswambharan <jeenu.viswambharan@arm.com>
      0cc7aa89
  9. 22 Jun, 2018 1 commit
    • Antonio Nino Diaz's avatar
      xlat: Remove mmap_attr_t enum type · 3a1b7b10
      Antonio Nino Diaz authored
      
      
      The values defined in this type are used in logical operations, which
      goes against MISRA Rule 10.1: "Operands shall not be of an inappropriate
      essential type".
      
      Now, `unsigned int` is used instead. This also allows us to move the
      dynamic mapping bit from 30 to 31. It was an undefined behaviour in the
      past because an enum is signed by default, and bit 31 corresponds to the
      sign bit. It is undefined behaviour to modify the sign bit. Now, bit 31
      is free to use as it was originally meant to be.
      
      mmap_attr_t is now defined as an `unsigned int` for backwards
      compatibility.
      
      Change-Id: I6b31218c14b9c7fdabebe432de7fae6e90a97f34
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      3a1b7b10
  10. 28 Feb, 2018 1 commit
  11. 05 Oct, 2017 3 commits
  12. 26 Jul, 2017 3 commits
    • Sandrine Bailleux's avatar
      xlat lib v2: Remove hard-coded virtual address space size · 347621bb
      Sandrine Bailleux authored
      
      
      Previous patches have made it possible to specify the physical and
      virtual address spaces sizes for each translation context. However,
      there are still some places in the code where the physical (resp.
      virtual) address space size is assumed to be PLAT_PHY_ADDR_SPACE_SIZE
      (resp. PLAT_VIRT_ADDR_SPACE_SIZE).
      
      This patch removes them and reads the relevant address space size
      from the translation context itself instead. This information is now
      passed in argument to the enable_mmu_arch() function, which needs it
      to configure the TCR_ELx.T0SZ field (in AArch64) or the TTBCR.T0SZ
      field (in AArch32) appropriately.
      
      Change-Id: I20b0e68b03a143e998695d42911d9954328a06aa
      Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
      347621bb
    • Sandrine Bailleux's avatar
      xlat lib v2: Remove init_xlat_tables_arch() function · 99f60798
      Sandrine Bailleux authored
      
      
      In both the AArch32 and AArch64 versions, this function used to check
      the sanity of the PLAT_PHY_ADDR_SPACE_SIZE in regard to the
      architectural maximum value. Instead, export the
      xlat_arch_get_max_supported_pa() function and move the debug
      assertion in AArch-agnostic code.
      
      The AArch64 used to also precalculate the TCR.PS field value, based
      on the size of the physical address space. This is now done directly
      by enable_mmu_arch(), which now receives the physical address space size
      in argument.
      
      Change-Id: Ie77ea92eb06db586f28784fdb479c6e27dd1acc1
      Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
      99f60798
    • Sandrine Bailleux's avatar
      xlat lib v2: Expose *_ctx() APIs · a9ad848c
      Sandrine Bailleux authored
      
      
      In a previous patch, the xlat_ctx_t type has been made public.
      This patch now makes the *_ctx() APIs public.
      
      Each API now has a *_ctx() variant. Most of them were already implemented
      and this patch just makes them public. However, some of them were missing
      so this patch introduces them.
      
      Now that all these APIs are public, there's no good reason for splitting
      them accross 2 files (xlat_tables_internal.c and xlat_tables_common.c).
      Therefore, this patch moves all code into xlat_tables_internal.c and
      removes xlat_tables_common.c. It removes it from the library's makefile
      as well.
      
      This last change introduces a compatibility break for platform ports
      that specifically include the xlat_tables_common.c file instead of
      including the library's Makefile. The UniPhier platform makefile has
      been updated to now omit this file from the list of source files.
      
      The prototype of mmap_add_region_ctx() has been slightly changed. The
      mmap_region_t passed in argument needs to be constant because it gets
      called from map_add(), which receives a constant region. The former
      implementation of mmap_add() used to cast the const qualifier away,
      which is not a good practice.
      
      Also remove init_xlation_table(), which was a sub-function of
      init_xlat_tables(). Now there's just init_xlat_tables() (and
      init_xlat_tables_ctx()). Both names were too similar, which was
      confusing. Besides, now that all the code is in a single file,
      it's no longer needed to have 2 functions for that.
      
      Change-Id: I4ed88c68e44561c3902fbebb89cb197279c5293b
      Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
      a9ad848c
  13. 25 Jul, 2017 2 commits
    • Sandrine Bailleux's avatar
      xlat lib v2: Export translation context as an opaque type · 55c84964
      Sandrine Bailleux authored
      
      
      At the moment, the translation context type (xlat_ctx_t) is a private
      type reserved for the internal usage of the translation table library.
      All exported APIs (implemented in xlat_tables_common.c) are wrappers
      over the internal implementations that use such a translation context.
      
      These wrappers unconditionally pass the current translation context
      representing the memory mappings of the executing BL image. This means
      that the caller has no control over which translation context the
      library functions act on.
      
      As a first step to make this code more flexible, this patch exports
      the 'xlat_ctx_t' type. Note that, although the declaration of this type
      is now public, its definition stays private. A macro is introduced to
      statically allocate and initialize such a translation context.
      
      The library now internally uses this macro to allocate the default
      translation context for the running BL image.
      
      Change-Id: Icece1cde4813fac19452c782b682c758142b1489
      Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
      55c84964
    • Sandrine Bailleux's avatar
      xlat lib: Reorganize architectural defs · 8933c34b
      Sandrine Bailleux authored
      
      
      Move the header files that provide translation tables architectural
      definitions from the library v2 source files to the library include
      directory. This allows to share these definitions between both
      versions (v1 and v2) of the library.
      
      Create a new header file that includes the AArch32 or AArch64
      definitions based on the AARCH32 build flag, so that the library user
      doesn't have to worry about handling it on their side.
      
      Also repurpose some of the definitions the header files provide to
      concentrate on the things that differ between AArch32 and AArch64.
      As a result they now contain the following information:
       - the first table level that allows block descriptors;
       - the architectural limits of the virtual address space;
       - the initial lookup level to cover the entire address space.
      
      Additionally, move the XLAT_TABLE_LEVEL_MIN macro from
      xlat_tables_defs.h to the AArch32/AArch64 architectural definitions.
      
      This new organisation eliminates duplicated information in the AArch32
      and AArch64 versions. It also decouples these architectural files from
      any platform-specific information. Previously, they were dependent on
      the address space size, which is platform-specific.
      
      Finally, for the v2 of the library, move the compatibility code for
      ADDR_SPACE_SIZE into a C file as it is not needed outside of this
      file. For v1, this code hasn't been changed and stays in a header
      file because it's needed by several files.
      
      Change-Id: If746c684acd80eebf918abd3ab6e8481d004ac68
      Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
      8933c34b
  14. 14 Jun, 2017 1 commit
  15. 09 May, 2017 1 commit
  16. 03 May, 2017 1 commit
  17. 02 May, 2017 1 commit
    • Antonio Nino Diaz's avatar
      Fix execute-never permissions in xlat tables libs · a5640252
      Antonio Nino Diaz authored
      
      
      Translation regimes that only support one virtual address space (such as
      the ones for EL2 and EL3) can flag memory regions as execute-never by
      setting to 1 the XN bit in the Upper Attributes field in the translation
      tables descriptors. Translation regimes that support two different
      virtual address spaces (such as the one shared by EL1 and EL0) use bits
      PXN and UXN instead.
      
      The Trusted Firmware runs at EL3 and EL1, it has to handle translation
      tables of both translation regimes, but the previous code handled both
      regimes the same way, as if both had only 1 VA range.
      
      When trying to set a descriptor as execute-never it would set the XN
      bit correctly in EL3, but it would set the XN bit in EL1 as well. XN is
      at the same bit position as UXN, which means that EL0 was being
      prevented from executing code at this region, not EL1 as the code
      intended. Therefore, the PXN bit was unset to 0 all the time. The result
      is that, in AArch64 mode, read-only data sections of BL2 weren't
      protected from being executed.
      
      This patch adds support of translation regimes with two virtual address
      spaces to both versions of the translation tables library, fixing the
      execute-never permissions for translation tables in EL1.
      
      The library currently does not support initializing translation tables
      for EL0 software, therefore it does not set/unset the UXN bit. If EL1
      software needs to initialize translation tables for EL0 software, it
      should use a different library instead.
      
      Change-Id: If27588f9820ff42988851d90dc92801c8ecbe0c9
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      a5640252
  18. 29 Apr, 2017 1 commit
    • Scott Branden's avatar
      Move defines in utils.h to utils_def.h to fix shared header compile issues · 53d9c9c8
      Scott Branden authored
      
      
      utils.h is included in various header files for the defines in it.
      Some of the other header files only contain defines.  This allows the
      header files to be shared between host and target builds for shared defines.
      
      Recently types.h has been included in utils.h as well as some function
      prototypes.
      
      Because of the inclusion of types.h conflicts exist building host tools
      abd these header files now.  To solve this problem,
      move the defines to utils_def.h and have this included by utils.h and
      change header files to only include utils_def.h and not pick up the new
      types.h being introduced.
      
      Fixes ARM-software/tf-issues#461
      Signed-off-by: default avatarScott Branden <scott.branden@broadcom.com>
      
      Remove utils_def.h from utils.h
      
      This patch removes utils_def.h from utils.h as it is not required.
      And also makes a minor change to ensure Juno platform compiles.
      
      Change-Id: I10cf1fb51e44a8fa6dcec02980354eb9ecc9fa29
      53d9c9c8
  19. 08 Mar, 2017 2 commits
    • Antonio Nino Diaz's avatar
      Add dynamic region support to xlat tables lib v2 · 0b64f4ef
      Antonio Nino Diaz authored
      
      
      Added APIs to add and remove regions to the translation tables
      dynamically while the MMU is enabled. Only static regions are allowed
      to overlap other static ones (for backwards compatibility).
      
      A new private attribute (MT_DYNAMIC / MT_STATIC) has been added to
      flag each region as such.
      
      The dynamic mapping functionality can be enabled or disabled when
      compiling by setting the build option PLAT_XLAT_TABLES_DYNAMIC to 1
      or 0. This can be done per-image.
      
      TLB maintenance code during dynamic table mapping and unmapping has
      also been added.
      
      Fixes ARM-software/tf-issues#310
      
      Change-Id: I19e8992005c4292297a382824394490c5387aa3b
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      0b64f4ef
    • Antonio Nino Diaz's avatar
      Add version 2 of xlat tables library · 7bb01fb2
      Antonio Nino Diaz authored
      
      
      The folder lib/xlat_tables_v2 has been created to store a new version
      of the translation tables library for further modifications in patches
      to follow. At the moment it only contains a basic implementation that
      supports static regions.
      
      This library allows different translation tables to be modified by
      using different 'contexts'. For now, the implementation defaults to
      the translation tables used by the current image, but it is possible
      to modify other tables than the ones in use.
      
      Added a new API to print debug information for the current state of
      the translation tables, rather than printing the information while
      the tables are being created. This allows subsequent debug printing
      of the xlat tables after they have been changed, which will be useful
      when dynamic regions are implemented in a patch to follow.
      
      The common definitions stored in `xlat_tables.h` header have been moved
      to a new file common to both versions, `xlat_tables_defs.h`.
      
      All headers related to the translation tables library have been moved to
      a the subfolder `xlat_tables`.
      
      Change-Id: Ia55962c33e0b781831d43a548e505206dffc5ea9
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      7bb01fb2
  20. 13 Dec, 2016 2 commits
    • Antonio Nino Diaz's avatar
      Forbid block descriptors in initial xlat table levels · 2240f45b
      Antonio Nino Diaz authored
      
      
      In AArch64, depending on the granularity of the translation tables,
      level 0 and/or level 1 of the translation tables may not support block
      descriptors, only table descriptors.
      
      This patch introduces a check to make sure that, even if theoretically
      it could be possible to create a block descriptor to map a big memory
      region, a new subtable will be created to describe its mapping.
      
      Change-Id: Ieb9c302206bfa33fbaf0cdc6a5a82516d32ae2a7
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      2240f45b
    • Antonio Nino Diaz's avatar
      Add PLAT_xxx_ADDR_SPACE_SIZE definitions · 0029624f
      Antonio Nino Diaz authored
      
      
      Added the definitions `PLAT_PHY_ADDR_SPACE_SIZE` and
      `PLAT_VIRT_ADDR_SPACE_SIZE` which specify respectively the physical
      and virtual address space size a platform can use.
      
      `ADDR_SPACE_SIZE` is now deprecated. To maintain compatibility, if any
      of the previous defines aren't present, the value of `ADDR_SPACE_SIZE`
      will be used instead.
      
      For AArch64, register ID_AA64MMFR0_EL1 is checked to calculate the
      max PA supported by the hardware and to verify that the previously
      mentioned definition is valid. For AArch32, a 40 bit physical
      address space is considered.
      
      Added asserts to check for overflows.
      
      Porting guide updated.
      
      Change-Id: Ie8ce1da5967993f0c94dbd4eb9841fc03d5ef8d6
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      0029624f
  21. 23 Aug, 2016 1 commit
    • Antonio Nino Diaz's avatar
      Automatically select initial xlation lookup level · e8719552
      Antonio Nino Diaz authored
      Instead of hardcoding a level 1 table as the base translation level
      table, let the code decide which level is the most appropriate given
      the virtual address space size.
      
      As the table granularity is 4 KB, this allows the code to select
      level 0, 1 or 2 as base level for AArch64. This way, instead of
      limiting the virtual address space width to 39-31 bits, widths of
      48-25 bit can be used.
      
      For AArch32, this change allows the code to select level 1 or 2
      as the base translation level table and use virtual address space
      width of 32-25 bits.
      
      Also removed some unused definitions related to translation tables.
      
      Fixes ARM-software/tf-issues#362
      
      Change-Id: Ie3bb5d6d1a4730a26700b09827c79f37ca3cdb65
      e8719552
  22. 13 Apr, 2016 1 commit
    • Soby Mathew's avatar
      Refactor the xlat_tables library code · 3ca9928d
      Soby Mathew authored
      The AArch32 long descriptor format and the AArch64 descriptor format
      correspond to each other which allows possible sharing of xlat_tables
      library code between AArch64 and AArch32. This patch refactors the
      xlat_tables library code to seperate the common functionality from
      architecture specific code. Prior to this patch, all of the xlat_tables
      library code were in `lib/aarch64/xlat_tables.c` file. The refactored code
      is now in `lib/xlat_tables/` directory. The AArch64 specific programming
      for xlat_tables is in `lib/xlat_tables/aarch64/xlat_tables.c` and the rest
      of the code common to AArch64 and AArch32 is in
      `lib/xlat_tables/xlat_tables_common.c`. Also the data types used in
      xlat_tables library APIs are reworked to make it compatible between AArch64
      and AArch32.
      
      The `lib/aarch64/xlat_tables.c` file now includes the new xlat_tables
      library files to retain compatibility for existing platform ports.
      The macros related to xlat_tables library are also moved from
      `include/lib/aarch64/arch.h` to the header `include/lib/xlat_tables.h`.
      
      NOTE: THE `lib/aarch64/xlat_tables.c` FILE IS DEPRECATED AND PLATFORM PORTS
      ARE EXPECTED TO INCLUDE THE NEW XLAT_TABLES LIBRARY FILES IN THEIR MAKEFILES.
      
      Change-Id: I3d17217d24aaf3a05a4685d642a31d4d56255a0f
      3ca9928d
  23. 12 Feb, 2016 1 commit
  24. 25 Jun, 2015 1 commit
    • Juan Castillo's avatar
      TBB: add TBBR Chain of Trust · dff93c86
      Juan Castillo authored
      This patch adds a CoT based on the Trusted Board Boot Requirements
      document*. The CoT consists of an array of authentication image
      descriptors indexed by the image identifiers.
      
      A new header file with TBBR image identifiers has been added.
      Platforms that use the TBBR (i.e. ARM platforms) may reuse these
      definitions as part of their platform porting.
      
      PLATFORM PORT - IMPORTANT:
      
      Default image IDs have been removed from the platform common
      definitions file (common_def.h). As a consequence, platforms that
      used those common definitons must now either include the IDs
      provided by the TBBR header file or define their own IDs.
      
      *The NVCounter authentication method has not been implemented yet.
      
      Change-Id: I7c4d591863ef53bb0cd4ce6c52a60b06fa0102d5
      dff93c86
  25. 28 Jan, 2015 1 commit
    • Juan Castillo's avatar
      TBB: add tool to generate certificates · 6f971622
      Juan Castillo authored
      This patch adds a tool that generates all the necessary elements
      to establish the chain of trust (CoT) between the images.
      
      The tool reads the binary images and signing keys and outputs the
      corresponding certificates that will be used by the target at run
      time to verify the authenticity of the images.
      
      Note: the platform port must provide the file platform_oid.h. This
      file will define the OIDs of the x509 extensions that will be added
      to the certificates in order to establish the CoT.
      
      Change-Id: I2734d6808b964a2107ab3a4805110698066a04be
      6f971622
  26. 21 Aug, 2014 2 commits
    • Sandrine Bailleux's avatar
      Juno: Add support for Test Secure-EL1 Payload · edfda10a
      Sandrine Bailleux authored
      This patch implements the TSP on Juno. It executes from on-chip Trusted
      SRAM.
      
      Also, the other bootloader images (i.e. BL1 R/W, BL2 and BL3-1) have
      been moved around. The reason is, although there was enough space
      overall to store the TSP in SRAM, there was no contiguous free chunk
      of SRAM big enough to hold it.
      
      This patch keeps the overall memory layout (i.e. keeping BL1 R/W at
      the bottom, BL2 at the top and BL3-1 in between) but moves the base
      addresses of all the bootloader images in such a way that:
       - memory fragmentation is reduced enough to fit BL3-2 in;
       - new base addresses are suitable for release builds as well as debug
         ones;
       - each image has a few extra kilobytes for future growth.
         BL3-1 and BL3-2 are the images which received the biggest allocations
         since they will most probably grow the most.
      
      This patch also adds instruction synchronization barriers around the code which
      handles the timer interrupt in the TSP. This ensures that the interrupt is not
      acknowledged after or EOIed before it is deactivated at the peripheral.
      
      Change-Id: I1c5b51858700027ee283ac85d18e06863a27c72e
      edfda10a
    • Sandrine Bailleux's avatar
      Juno: Implement initial platform port · 01b916bf
      Sandrine Bailleux authored
      This patch adds the initial port of the ARM Trusted Firmware on the Juno
      development platform. This port does not support a BL3-2 image or any PSCI APIs
      apart from PSCI_VERSION and PSCI_CPU_ON. It enables workarounds for selected
      Cortex-A57 (#806969 & #813420) errata and implements the workaround for a Juno
      platform errata (Defect id 831273).
      
      Change-Id: Ib3d92df3af53820cfbb2977582ed0d7abf6ef893
      01b916bf
  27. 14 Aug, 2014 1 commit
    • Dan Handley's avatar
      Move IO storage source to drivers directory · 935db693
      Dan Handley authored
      Move the remaining IO storage source file (io_storage.c) from the
      lib to the drivers directory. This requires that platform ports
      explicitly add this file to the list of source files.
      
      Also move the IO header files to a new sub-directory, include/io.
      
      Change-Id: I862b1252a796b3bcac0d93e50b11e7fb2ded93d6
      935db693
  28. 06 May, 2014 3 commits
    • Dan Handley's avatar
      Remove variables from .data section · 625de1d4
      Dan Handley authored
      Update code base to remove variables from the .data section,
      mainly by using const static data where possible and adding
      the const specifier as required. Most changes are to the IO
      subsystem, including the framework APIs. The FVP power
      management code is also affected.
      
      Delay initialization of the global static variable,
      next_image_type in bl31_main.c, until it is realy needed.
      Doing this moves the variable from the .data to the .bss
      section.
      
      Also review the IO interface for inconsistencies, using
      uintptr_t where possible instead of void *. Remove the
      io_handle and io_dev_handle typedefs, which were
      unnecessary, replacing instances with uintptr_t.
      
      Fixes ARM-software/tf-issues#107.
      
      Change-Id: I085a62197c82410b566e4698e5590063563ed304
      625de1d4
    • Dan Handley's avatar
      Reduce deep nesting of header files · 97043ac9
      Dan Handley authored
      Reduce the number of header files included from other header
      files as much as possible without splitting the files. Use forward
      declarations where possible. This allows removal of some unnecessary
      "#ifndef __ASSEMBLY__" statements.
      
      Also, review the .c and .S files for which header files really need
      including and reorder the #include statements alphabetically.
      
      Fixes ARM-software/tf-issues#31
      
      Change-Id: Iec92fb976334c77453e010b60bcf56f3be72bd3e
      97043ac9
    • Dan Handley's avatar
      Move include and source files to logical locations · 4ecca339
      Dan Handley authored
      Move almost all system include files to a logical sub-directory
      under ./include. The only remaining system include directories
      not under ./include are specific to the platform. Move the
      corresponding source files to match the include directory
      structure.
      
      Also remove pm.h as it is no longer used.
      
      Change-Id: Ie5ea6368ec5fad459f3e8a802ad129135527f0b3
      4ecca339