1. 15 Feb, 2017 2 commits
    • dp-arm's avatar
      Juno: Disable SPIDEN in release builds · 09fad498
      dp-arm authored
      
      
      On Juno, the secure privileged invasive debug authentication signal
      (SPIDEN) is controlled by board SCC registers, which by default enable
      SPIDEN.  Disable secure privileged external debug in release builds by
      programming the appropriate Juno SoC registers.
      
      Change-Id: I61045f09a47dc647bbe95e1b7a60e768f5499f49
      Signed-off-by: default avatardp-arm <dimitris.papastamos@arm.com>
      09fad498
    • dp-arm's avatar
      Disable secure self-hosted debug via MDCR_EL3/SDCR · 85e93ba0
      dp-arm authored
      
      
      Trusted Firmware currently has no support for secure self-hosted
      debug.  To avoid unexpected exceptions, disable software debug
      exceptions, other than software breakpoint instruction exceptions,
      from all exception levels in secure state.  This applies to both
      AArch32 and AArch64 EL3 initialization.
      
      Change-Id: Id097e54a6bbcd0ca6a2be930df5d860d8d09e777
      Signed-off-by: default avatardp-arm <dimitris.papastamos@arm.com>
      85e93ba0
  2. 13 Feb, 2017 1 commit
  3. 10 Feb, 2017 1 commit
    • David Cunado's avatar
      Update AEM and Cortex Models versions · dbd1ab8e
      David Cunado authored
      
      
      AEMv8-A Model release v8.2 has been made available and Trusted Firmware
      has been tested against these versions as part of its CI system. This
      patch updates the user guide documentation to reflect the version of AEM
      and Cortex Models that Trusted Firmware has been tested against.
      
      Also, the Linaro Release Notes link was broken and this patch updates the
      link.
      
      Change-Id: I88729cef909a69fff629036f480fd6168ad7dc9a
      Signed-off-by: default avatarDavid Cunado <david.cunado@arm.com>
      dbd1ab8e
  4. 07 Feb, 2017 1 commit
  5. 06 Feb, 2017 3 commits
  6. 03 Feb, 2017 1 commit
  7. 02 Feb, 2017 1 commit
    • dp-arm's avatar
      PMF: Fixup PMF constants · 888037e5
      dp-arm authored
      
      
      `PMF_ARM_TIF_IMPL_ID` should be set to 0x41.  The code already left
      shifts it by 24 bit positions so this was overflowing.
      
      This fixes a build error with GCC 6.2 when
      `ENABLE_RUNTIME_INSTRUMENTATION` is set.
      
      Change-Id: I4c99d48ea7ce3d76e9edd1325b1979994db2c0fb
      Signed-off-by: default avatardp-arm <dimitris.papastamos@arm.com>
      888037e5
  8. 31 Jan, 2017 7 commits
  9. 30 Jan, 2017 3 commits
    • Jeenu Viswambharan's avatar
      Report errata workaround status to console · 10bcd761
      Jeenu Viswambharan authored
      
      
      The errata reporting policy is as follows:
      
        - If an errata workaround is enabled:
      
          - If it applies (i.e. the CPU is affected by the errata), an INFO
            message is printed, confirming that the errata workaround has been
            applied.
      
          - If it does not apply, a VERBOSE message is printed, confirming
            that the errata workaround has been skipped.
      
        - If an errata workaround is not enabled, but would have applied had
          it been, a WARN message is printed, alerting that errata workaround
          is missing.
      
      The CPU errata messages are printed by both BL1 (primary CPU only) and
      runtime firmware on debug builds, once for each CPU/errata combination.
      
      Relevant output from Juno r1 console when ARM Trusted Firmware is built
      with PLAT=juno LOG_LEVEL=50 DEBUG=1:
      
        VERBOSE: BL1: cortex_a57: errata workaround for 806969 was not applied
        VERBOSE: BL1: cortex_a57: errata workaround for 813420 was not applied
        INFO:    BL1: cortex_a57: errata workaround for disable_ldnp_overread was applied
        WARNING: BL1: cortex_a57: errata workaround for 826974 was missing!
        WARNING: BL1: cortex_a57: errata workaround for 826977 was missing!
        WARNING: BL1: cortex_a57: errata workaround for 828024 was missing!
        WARNING: BL1: cortex_a57: errata workaround for 829520 was missing!
        WARNING: BL1: cortex_a57: errata workaround for 833471 was missing!
        ...
        VERBOSE: BL31: cortex_a57: errata workaround for 806969 was not applied
        VERBOSE: BL31: cortex_a57: errata workaround for 813420 was not applied
        INFO:    BL31: cortex_a57: errata workaround for disable_ldnp_overread was applied
        WARNING: BL31: cortex_a57: errata workaround for 826974 was missing!
        WARNING: BL31: cortex_a57: errata workaround for 826977 was missing!
        WARNING: BL31: cortex_a57: errata workaround for 828024 was missing!
        WARNING: BL31: cortex_a57: errata workaround for 829520 was missing!
        WARNING: BL31: cortex_a57: errata workaround for 833471 was missing!
        ...
        VERBOSE: BL31: cortex_a53: errata workaround for 826319 was not applied
        INFO:    BL31: cortex_a53: errata workaround for disable_non_temporal_hint was applied
      
      Also update documentation.
      
      Change-Id: Iccf059d3348adb876ca121cdf5207bdbbacf2aba
      Signed-off-by: default avatarJeenu Viswambharan <jeenu.viswambharan@arm.com>
      10bcd761
    • Jeenu Viswambharan's avatar
      Allow spin locks to be defined from assembly · b38bc68b
      Jeenu Viswambharan authored
      
      
      At present, spin locks can only defined from C files. Add some macros
      such that they can be defined from assembly files too.
      
      Change-Id: I64f0c214062f5c15b3c8b412c7f25c908e87d970
      Signed-off-by: default avatarJeenu Viswambharan <jeenu.viswambharan@arm.com>
      b38bc68b
    • Douglas Raillard's avatar
      Add -fno-builtin to CFLAGS · e507f8e7
      Douglas Raillard authored
      
      
      Disable the automatic substitution of functions with builtins. The
      existing -ffreestanding option should already do this but explicitly
      adding -fno-builtin reduces the risk of compiler variation. With this
      option, GCC is not supposed to be able to make assumptions on what the
      function does, which could otherwise lead to security-sensitive code
      removal.
      
      This can lead to potentially less efficient code but improves
      predictability of what code is actually compiled into the binary.
      
      Change-Id: I06ad151c61318bd1b00d84976f051d2d94314acc
      Signed-off-by: default avatarDouglas Raillard <douglas.raillard@arm.com>
      e507f8e7
  10. 28 Jan, 2017 2 commits
    • Masahiro Yamada's avatar
      fiptool: support --align option to add desired alignment to image offset · 1c75d5df
      Masahiro Yamada authored
      
      
      The current fiptool packs all the images without any padding between
      them.  So, the offset to each image has no alignment.  This is not
      efficient, for example, when the FIP is read from a block-oriented
      device.
      
      For example, (e)MMC is accessed by block-addressing.  The block size
      is 512 byte.  So, the best case is each image is aligned by 512 byte
      since the DMA engine can transfer the whole of the image to its load
      address directly.  The worst case is the offset does not have even
      DMA-capable alignment (this is where we stand now).  In this case,
      we need to transfer every block to a bounce buffer, then do memcpy()
      from the bounce buffer to our final destination.  At least, this
      should work with the abstraction by the block I/O layer, but the
      CPU-intervention for the whole data transfer makes it really slow.
      
      This commit adds a new option --align to the fiptool.  This option,
      if given, requests the tool to align each component in the FIP file
      by the specified byte.  Also, add a new Make option FIP_ALIGN for
      easier access to this feature; users can give something like
      FIP_ALIGN=512 from the command line, or add "FIP_ALIGN := 512" to
      their platform.mk file.
      Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      1c75d5df
    • Masahiro Yamada's avatar
      fiptool: embed fip_toc_entry in struct image · 65caa3d0
      Masahiro Yamada authored
      
      
      The struct image has "uuid" and "size" to memorize the field values
      they had in the TOC entry.  So, parse_fip() copies them from struct
      fip_toc_entry to struct image, then pack_images() copies them back
      to struct fip_toc_entry.
      
      The next commit (support --align option) will require to save the
      "offset" field as well.  This makes me realize that struct image
      can embed struct fip_toc_entry.
      
      This commit will allow the "flags" field to persevere the "update"
      command.  At this moment, the "flags" is not used in a useful way.
      (Yet, platforms can save their own parameters in the flags field.)
      It makes sense to save it unless users explicitly replace the image.
      Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      65caa3d0
  11. 27 Jan, 2017 8 commits
  12. 26 Jan, 2017 3 commits
    • danh-arm's avatar
      Merge pull request #814 from freedomtan/patches-for-8173-crbook-osi-0110 · c38b36d8
      danh-arm authored
      Patches for 8173 crbook 
      c38b36d8
    • Jeenu Viswambharan's avatar
      user-guide.md: Fix FVP references · 186cbd08
      Jeenu Viswambharan authored
      
      
      The current user guide mentions that Foundation model doesn't support
      debugger interface. Clarify that all FVPs support --cadi-server option
      such that a CADI-compliant debugger can connect to and control model
      execution.
      
      Also fix broken URL to FVP home page.
      
      Change-Id: Ia14d618a4e0abb4b228eb1616040f9b51fb3f6f9
      Signed-off-by: default avatarJeenu Viswambharan <jeenu.viswambharan@arm.com>
      186cbd08
    • David Cunado's avatar
      Resolve build errors flagged by GCC 6.2 · 9edac047
      David Cunado authored
      
      
      With GCC 6.2 compiler, more C undefined behaviour is being flagged as
      warnings, which result in build errors in ARM TF build.
      
      The specific issue that this patch resolves is the use of (1 << 31),
      which is predominantly used in case statements, where 1 is represented
      as a signed int. When shifted to msb the behaviour is undefined.
      
      The resolution is to specify 1 as an unsigned int using a convenience
      macro ULL(). A duplicate macro MAKE_ULL() is replaced.
      
      Fixes ARM-software/tf-issues#438
      
      Change-Id: I08e3053bbcf4c022ee2be33a75bd0056da4073e1
      Signed-off-by: default avatarDavid Cunado <david.cunado@arm.com>
      9edac047
  13. 24 Jan, 2017 7 commits