- 24 Mar, 2021 10 commits
-
-
Pankaj Gupta authored
NXP: Added warm reset handler to handle SMC PSCI_SYSTEM_RESET2 raised from kernel (> 5.4). As part of first cold boot, DDR training data is stored in NV storage. As part of this SMC handling, following things are done: - DDR is put in self-refresh mode to retain the content of DDR. - Reset cause is saved. - Reset is triggered. On next boot to last warm-reset, DDR training is restored from the NV storage. Signed-off-by:
Ashish Kumar <ashish.kumar@nxp.com> Signed-off-by:
Kuldeep Singh <kuldeep.singh@nxp.com> Signed-off-by:
Udit Agarwal <udit.agarwal@nxp.com> Signed-off-by:
Priyanka Singh <priyanka.singh@nxp.com> Signed-off-by:
Pankaj Gupta <pankaj.gupta@nxp.com> Change-Id: I8e4fb0824887af49e959c93825e2ab0ba887fc9d
-
Pankaj Gupta authored
NV storage API(s) for NXP platforms, supported on: - flexspi-nor - SecMon - General Purpose Registers at Low-Power section, retains their content if backed by coined battery. Signed-off-by: -
Pankaj Gupta authored
NXP SoC supports two TBB mode: - MBED_TLS based -- ROTK key hash is placed as part of the BL2 binary at section: --- .rodata.nxp_rotpk_hash -- Supporting non-volatile counter via SFP. -- platform function used by TFA common authentication code. - NXP CSF based -- ROTK key deployment vary from MBEDTLS Signed-off-by:Ruchika Gupta <ruchika.gupta@nxp.com> Signed-off-by:
-
Pankaj Gupta authored
All of the NXP SoC, needs fip_fuse image to be loaded additionally as part of preparation for Trusted board boot - fip_fuse.bin contains an image for auto fuse provisioning. - Auto fuse provisioning is based on the input file with values for: -- SRK Hash -- OTPMK -- misc. refer board manual for more details. Signed-off-by: -
Pankaj Gupta authored
Few of the NXP SoC like LX2160A, needs ddr-phy images to be loaded additionally before DDR initialization - fip_ddr.bin is created containing upto 6 ddr images. - With TRUSTED_BOARD_BOOT = 1, fip_ddr.bin is authenticated first before loading and starting DDR initialization. - To successfully compile this image, platform-defined header files needs to be defined: -- include/common/tbbr/tbbr_img_def.h uses: --- plat_tbbr_img_def.h: platform specific new FIP image macros. -- include/tools/share/firmware_image_package.h uses: --- plat_def_fip_uuid.h: platform specific new UUID macros. ---- Added UUID for DDR images to create FIP-DDR. ---- Added UUID for FUSE provisioning images to create FIP-fuse. -- include/tools/share/tbbr_oid.h uses: --- platform_oid.h: platform specific new OID macros. Signed-off-by: -
Pankaj Gupta authored
function load_img(), is dependent on: - Recursively calling load_image() defined in common/bl_common.c - for each image in the fip. Signed-off-by: -
Pankaj Gupta authored
SMC call handling at EL3 due SIP and SVC calls. Signed-off-by:
rocket <rod.dorris@nxp.com> Signed-off-by:
-
Pankaj Gupta authored
Signed-off-by:
-
Pankaj Gupta authored
Signed-off-by:
-
Pankaj Gupta authored
bl31-data file written in assembly helps to manage data at bl31. Signed-off-by:
-
- 19 Mar, 2021 1 commit
-
-
Tejas Patel authored
BIT24 of IPI command header is used to determine if caller is secure or non-secure. Mark BIT24 of IPI command header as non-secure if SMC caller is non-secure. Signed-off-by:
Tejas Patel <tejas.patel@xilinx.com> Signed-off-by:
Abhyuday Godhasara <abhyuday.godhasara@xilinx.com> Change-Id: Iec25af8f4b202093f58e858ee47cd9cd46890267
-
- 16 Mar, 2021 1 commit
-
-
Michal Simek authored
Versal is a72 based that's why there is no reason to build low level assemble code for a53. Signed-off-by:Michal Simek <michal.simek@xilinx.com> Change-Id: Iff9cf2582102d951825b87fd9af18e831ca717d6
-
- 15 Mar, 2021 1 commit
-
-
Olivier Deprez authored
The FF-A v1.0 spec allows two configurations for the number of EC/vCPU instantiated in a Secure Partition: -A MultiProcessor (MP) SP instantiates as many ECs as the number of PEs. An EC is pinned to a corresponding physical CPU. -An UniProcessor (UP) SP instantiates a single EC. The EC is migrated to the physical CPU from which the FF-A call is originating. This change permits exercising the latter case within the TF-A-tests framework. Signed-off-by:Olivier Deprez <olivier.deprez@arm.com> Change-Id: I7fae0e7b873f349b34e57de5cea496210123aea0
-
- 10 Mar, 2021 1 commit
-
-
Usama Arif authored
Signed-off-by:Usama Arif <usama.arif@arm.com> Change-Id: Ie199c60553477c43d1665548ae78cdfd1aa7ffcf
-
- 09 Mar, 2021 1 commit
-
-
Heiko Stuebner authored
Compiling BL31 for the Rockchip platform now produces a message about the deprecation of gic_common.c. Follow the advice and use include gicv2.mk instead. Signed-off-by:Heiko Stuebner <heiko.stuebner@theobroma-systems.com> Change-Id: I396b977d57975dba27cfed801ad5264bbbde2b5e
-
- 08 Mar, 2021 1 commit
-
-
Roger Lu authored
The case for value "VCOREFS_SMC_CMD_INIT" is not terminated by a "break" statement. Signed-off-by:Roger Lu <roger.lu@mediatek.com> Change-Id: I56cc7c1648e101c0da6e77e592e6edbd5d37724e
-
- 03 Mar, 2021 6 commits
-
-
Xi Chen authored
1 Only enable domain D0 and D1:PCIe access 0xC0000000~0xC4000000; 2 Only enable domain D0 and D3(SCP) access 0x50000000~0x51400000; Signed-off-by:Xi Chen <xixi.chen@mediatek.com> Change-Id: Ic4f9e6d85bfd1cebdb24ffc1d14309c89c103b2a
-
Roger Lu authored
Change-Id: I4bd4612a7c7727a5be70957ae940e5f51c7ca5e6 Signed-off-by: -
Roger Lu authored
Supports dram/mainpll/26m off when system suspend Signed-off-by: -
Roger Lu authored
Signed-off-by: -
Roger Lu authored
Low Power Management (LPM) helps find a suitable configuration for letting system entering idle or suspend with the most resources off. Change-Id: Ie6a7063b666cf338cff5bc972c9025b26de482eb Signed-off-by: -
Venkatesh Yadav Abbarapu authored
Add support for ZU43DR, ZU46DR and ZU47DR to the list of zynqmp devices. The ZU43DR, ZU46DR and ZU47DR RFSoC silicon id values are 0x7d, 0x78 and 0x7f. Signed-off-by:
Sandeep Gundlupet Raju <sandeep.gundlupet-raju@xilinx.com> Signed-off-by:
Venkatesh Yadav Abbarapu <venkatesh.abbarapu@xilinx.com> Acked-by:
-
- 02 Mar, 2021 1 commit
-
-
Tejas Patel authored
Return timeout error if, IPI is not acked in specified timeout. Signed-off-by:
-
- 01 Mar, 2021 3 commits
-
-
johpow01 authored
Add basic support for Makalu CPU. Signed-off-by:John Powell <john.powell@arm.com> Change-Id: I4e85d425eedea499adf585eb8ab548931185043d
-
Masahisa Kojima authored
This commit fixes the wrong memory type, secure NOR flash shall be mapped as MT_DEVICE. Signed-off-by:Masahisa Kojima <masahisa.kojima@linaro.org> Change-Id: I9c9ed51675d84ded675bb56b2e4ec7a08184c602
-
Masahisa Kojima authored
sbsa-ref in QEMU may create up to 512 cores. This commit prepares the MP information to support 512 cores. The number of xlat tables for spm_mm is also increased. Signed-off-by:
-
- 25 Feb, 2021 2 commits
-
-
Konstantin Porotchkin authored
This patch cleans up the MSS SRAM if it was used for MSS image copy (secure boot mode). Change-Id: I23f600b512050f75e63d59541b9c21cef21ed313 Signed-off-by:
Konstantin Porotchkin <kostap@marvell.com> Reviewed-on: https://sj1git1.cavium.com/c/IP/SW/boot/atf/+/30099 Reviewed-by:
Stefan Chulski <stefanc@marvell.com> Tested-by:
sa_ip-sw-jenkins <sa_ip-sw-jenkins@marvell.com>
-
Konstantin Porotchkin authored
Map IO WIN to CP1 and CP2 at all stages including the BLE. Do not map CP1/CP2 if CP_NUM is lower than 2 and 3 accordingly. This patch allows access to CP1/CP2 internal registers at BLE stage if CP1/CP2 are connected. Signed-off-by:
Nadav Haklai <nadavh@marvell.com> Reviewed-by:
Yi Guo <yi.guo@cavium.com> Reviewed-by:
Ofer Heifetz <oferh@marvell.com>
-
- 24 Feb, 2021 2 commits
-
-
Konstantin Porotchkin authored
The CP MSS IRAM is only accessible by CM3 CPU and MSS DMA. In secure boot mode the MSS DMA is unable to directly load the MSS FW image from DRAM to IRAM. This patch adds support for using the MSS SRAM as intermediate storage. The MSS FW image is loaded by application CPU into the MSS SRAM first, then transferred to MSS IRAM by MSS DMA. Such change allows the CP MSS image load in secure mode. Change-Id: Iee7a51d157743a0bdf8acb668ee3d599f760a712 Signed-off-by:
Grzegorz Jaszczyk <jaszczyk@marvell.com>
-
Venkatesh Yadav Abbarapu authored
Removing the custom crash implementation and use plat/common/aarch64/crash_console_helpers.S. Signed-off-by:
-
- 17 Feb, 2021 1 commit
-
-
Aditya Angadi authored
Rename rd_n1e1_edge_scmi_plat_info array to plat_rd_scmi_info as the same array is used to provide SCMI platform info across mulitple RD platforms and is not resitricted to only RD-N1 and RD-E1 platforms. Signed-off-by:Aditya Angadi <aditya.angadi@arm.com> Change-Id: I42ba33e0afa3003c731ce513c6a5754b602ec01f
-
- 16 Feb, 2021 1 commit
-
-
Andre Przywara authored
Now that we have a framework for the SMCCC TRNG interface, and the existing Juno entropy code has been prepared, add the few remaining bits to implement this interface for the Juno Trusted Entropy Source. We retire the existing Juno specific RNG interface, and use the generic one for the stack canary generation. Change-Id: Ib6a6e5568cb8e0059d71740e2d18d6817b07127d Signed-off-by:Andre Przywara <andre.przywara@arm.com>
-
- 15 Feb, 2021 1 commit
-
-
Andre Przywara authored
The Juno Trusted Entropy Source has a bias, which makes the generated raw numbers fail a FIPS 140-2 statistic test. To improve the quality of the numbers, we can use the CPU's CRC instructions, which do a decent job on conditioning the bits. This adds a *very* simple version of arm_acle.h, which is typically provided by the compiler, and contains the CRC instrinsics definitions we need. We need the original version by using -nostdinc. Change-Id: I83d3e6902d6a1164aacd5060ac13a38f0057bd1a Signed-off-by:
-
- 12 Feb, 2021 1 commit
-
-
Pankaj Gupta authored
NXP specifc macro SET_NXP_MAKE_FLAG is added. NXP has pool of multiple IPs. This macro helps: - In soc.mk, this macro help the selected IP source files to be included for that SoC. -- The set of IPs required for one NXP SoC is different to the set of IPs required by another NXP SoC. - For the same SoC, -- For one feature, the IP may be required in both BL2 and BL31. -- Without the above feature, that IP may be required in one. This macro help in selecting the inclusion of source and header files to: --- BL2 only --- BL31 only --- COMM (used by BL2 and BL31) Signed-off-by:
-
- 11 Feb, 2021 4 commits
-
-
Andre Przywara authored
Currently we use the Juno's TRNG hardware entropy source to initialise the stack canary. The current function allows to fill a buffer of any size, but we will actually only ever request 16 bytes, as this is what the hardware implements. Out of this, we only need at most 64 bits for the canary. In preparation for the introduction of the SMCCC TRNG interface, we can simplify this Juno specific interface by making it compatible with the generic one: We just deliver 64 bits of entropy on each call. This reduces the complexity of the code. As the raw entropy register readouts seem to be biased, it makes sense to do some conditioning inside the juno_getentropy() function already. Also initialise the TRNG hardware, if not already done. Change-Id: I11b977ddc5417d52ac38709a9a7b61499eee481f Signed-off-by: -
Konstantin Porotchkin authored
The DRAM port code issues a dummy write to SPD page-0 i2c address in order to select this page for the forthcoming read transaction. If the write buffer length supplied to i2c_write is not zero, this call is translated to 2 bus transations: - set the target offset - write the data to the target However no actual data should be transferred to SPD page-0 in order to select it. Actually, the second transation never receives an ACK from the target device, which caused the following error report: ERROR: Status 30 in write transaction This patch sets the buffer length in page-0 select writes to zero, leading to bypass the data transfer to the target device. Issuing the target offset command to SPD page-0 address effectively selects this page for the read operation. Change-Id: I4bf8e8c09da115ee875f934bc8fbc9349b995017 Signed-off-by:
Moti Buskila <motib@marvell.com>
-
Konstantin Porotchkin authored
Add initialization for TRNG-IP-76 driver and support SMC call 0xC200FF11 used for reading HW RNG value by secondary bootloader software for KASLR support. Signed-off-by:
-
Vijayenthiran Subramaniam authored
Update TZC base address to align with the recent changes in the platform memory map. Signed-off-by:Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com> Change-Id: I0d0ad528a2e236607c744979e1ddc5c6d426687a
-
- 09 Feb, 2021 2 commits
-
-
Manish V Badarkhe authored
Currently, BLs are mapping the GIC memory region as read-write for all cores on boot-up. This opens up the security hole where the active core can write the GICR frame of fused/inactive core. To avoid this issue, disable the GICR frame of all inactive cores as below: 1. After primary CPU boots up, map GICR region of all cores as read-only. 2. After primary CPU boots up, map its GICR region as read-write and initialize its redistributor interface. 3. After secondary CPU boots up, map its GICR region as read-write and initialize its redistributor interface. 4. All unused/fused core's redistributor regions remain read-only and write attempt to such protected regions results in an exception. As mentioned above, this patch offers only the GICR memory-mapped region protection considering there is no facility at the GIC IP level to avoid writing the redistributor area. These changes are currently done in BL31 of Arm FVP and guarded under the flag 'FVP_GICR_REGION_PROTECTION'. As of now, this patch is tested manually as below: 1. Disable the FVP cores (core 1, 2, 3) with core 0 as an active core. 2. Verify data abort triggered by manually updating the ‘GICR_CTLR’ register of core 1’s(fused) redistributor from core 0(active). Change-Id: I86c99c7b41bae137b2011cf2ac17fad0a26e776d Signed-off-by:Manish V Badarkhe <Manish.Badarkhe@arm.com>
-
Manish V Badarkhe authored
GIC memory region is not getting used in BL1 and BL2. Hence avoid its mapping in BL1 and BL2 that freed some page table entries to map other memory regions in the future. Retains mapping of CCN interconnect region in BL1 and BL2 overlapped with the GIC memory region. Change-Id: I880dd0690f94b140e59e4ff0c0d436961b9cb0a7 Signed-off-by:
-
