- 01 Feb, 2018 18 commits
-
-
Masahiro Yamada authored
When we add a new callback, we need to duplicate fallbacks among plat/common/{aarch32,aarch64}/platform_helpers.S This is tedious. I created a new C file, then moved 3 functions: plat_error_handler bl2_plat_preload_setup plat_try_next_boot_source They are called from C, so I do not see a good reason to implement them in assembly. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
This commit adds some more files to use zlib from TF. To use zlib, ->zalloc and ->zfree hooks are needed. The implementation depends on the system. For user-space, the libc provides malloc() and friends. Unfortunately, ARM Trusted Firmware does not provide malloc() or any concept of dynamic memory allocation. I implemented very simple calloc() and free() for this. Stupidly, zfree() never frees memory, but it works enough for this. The purpose of using zlib is to implement gunzip() - this function takes compressed data from in_buf, then dumps the decompressed data to oub_buf. The work_buf is used for memory allocation during the decompress. Upon exit, it updates in_buf and out_buf. If successful, in_buf points to the end of input data, out_buf to the end of the decompressed data. To use this feature, you need to do: - include lib/zlib/zlib.mk from your platform.mk - add $(ZLIB_SOURCES) to your BL*_SOURCES Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
Import the following files from zlib 1.2.11: adler32.c crc32.c crc32.h inffast.c inffast.h inffixed.h inflate.c inflate.h inftrees.c inftrees.h zconf.h zlib.h zutil.c zutil.h The original tarball is available from http://zlib.net/ The zlib is free software, distributed under the zlib license. The license text is included in the "zlib.h" file. It should be compatible with BSD-3-Clause. The zlib license is included in the SPDX license list available at https://spdx.org/licenses/ , but I did not add the SPDX license tag to the imported files above, to keep them as they are in the upstream project. This seems the general policy for ARM Trusted Firmware, as SPDX License Identifier was not added to files imported from FreeBSD. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
One typical usage of the pre-tool image filter is data compression, and GZIP is one of the most commonly used compression methods. I guess this is generic enough to be put in the common script instead of platform.mk. If you want to use this, you can add something like follows to your platform.mk: BL32_PRE_TOOL_FILTER := GZIP BL33_PRE_TOOL_FILTER := GZIP Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
There are cases where we want to process images before they are passed to cert_create / fiptool. My main motivation is data compression. By compressing images, we can save data storage, and possibly speed up loading images. The image verification will also get faster because certificates are generated based on compressed images. Other image transformation filters (for ex. encryption), and their combinations would be possible. So, our build system should support transformation filters in a generic manner. The choice of applied filters is up to platforms (so specified in platform.mk) To define a new filter, <FILTER_NAME>_RULE and <FILTER_NAME>_SUFFIX are needed. For example, the GZIP compression filter can be implemented as follows: ------------------------>8------------------------ define GZIP_RULE $(1): $(2) @echo " GZIP $$@" $(Q)gzip -n -f -9 $$< --stdout > $$@ endef GZIP_SUFFIX := .gz ------------------------>8------------------------ The _RULE defines how to create the target $(1) from the source $(2). The _SUFFIX defines the extension appended to the processed image path. The suffix is not so important because the file name information is not propagated to FIP, but adding a sensible suffix will be good to classify the data file. Platforms can specify which filter is applied to which BL image, like this: ------------------------>8------------------------ BL32_PRE_TOOL_FILTER := GZIP BL33_PRE_TOOL_FILTER := GZIP ------------------------>8------------------------ <IMAGE_NAME>_PRE_TOOL_FILTER specifies per-image filter. With this, different images can be transformed differently. For the case above, only BL32 and BL33 are GZIP-compressed. Nothing is done for other images. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
In the next commit, I need the image name in lowercase because output files are generally named in lowercase. Unfortunately, TOOL_ADD_IMG takes the first argument in uppercase since we generally use uppercase Make variables. make_helpers/build_macros.mk provides 'uppercase' macro to convert a string into uppercase, but 'lowercase' does not exist. We can implement it if we like, but it would be more straightforward to change the argument of TOOL_ADD_IMG. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
The PHONY target "bl*" generate $(BIN) and $(DUMP), but host tools (fiptool, cert_create) only need $(BIN). Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
The third argument was given "true" by images, but it was moved to TOOL_ADD_PAYLOAD. No more caller of CERT_ADD_CMD_OPT uses this. So, the third argument is always empty. Remove it. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
Now FIP_ADD_IMG takes care of both fiptool and cert_create symmetrically. Rename it so that it matches the behavior. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
Now FIP_ADD_PAYLOAD takes care of both fiptool and cert_create symmetrically. Rename it so that it matches the behavior. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
The fiptool and cert_create use the same command options for images. It is pretty easy to handle both in the same, symmetrical way. Move CRT_ARGS and CRT_DEPS to FIP_ADD_PAYLOAD. This refactoring makes sense because FIP_ADD_PAYLOAD is called from MAKE_BL (when building images from source), and from FIP_ADD_IMG (when including external images). (FIP_ADD_PAYLOAD will be renamed later on since it now caters to both fiptool and cert_create). We can delete CERT_ADD_CMD_OPT for images in tbbr.mk. It still needs to call CERT_ADD_CMD_OPT directly for certificates. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
The callers of these macros are supposed to use $(eval $(call, ...)). The $(eval ...) on the callee side is unneeded. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
The build system supports generating two FIP images, fip and fwu_fip. Accordingly, we have similar build macros. FIP_ADD_PAYLOAD <--> FWU_FIP_ADD_PAYLOAD CERT_ADD_CMD_OPT <--> FWU_CERT_ADD_CMD_OPT FIP_ADD_IMG <--> FWU_FIP_ADD_IMG The duplicated code increases the maintenance burden. Also, the build rule of BL2U looks clumsy - we want to call MAKE_BL to compile it from source files, but we want to put it in fwu_fip. We can not do it in a single macro call since the current MAKE_BL does not support fwu_fip. To refactor those in a clean way is to support one more argument to specify the FIP prefix. If it is empty, the images are targeted to fip, whereas if the argument is "FWU_", targeted to fwu_fip. The build macros prefixed with FWU_ go away. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
Now, MAKE_TOOL_ARGS is only called from MAKE_BL. Squash it. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
This complicated if-conditional combo was introduced by commit 70d1fc53 ("Fix build error when `BL32` is not defined") in order to fix the compile error of "make all" when SPD=opteed is given. The requirement for the build system is like follows: - If both BL32 and BL32_SOURCES are defined, the former takes precedence. - If BL32 is undefined but BL32_SOURCES is defined, we compile BL32 from the source files. - We want to let the build fail if neither of them is defined, but we want to check it only when we are building FIP. Refactor the code to not call FIP_ADD_IMG twice. The behavior is still the same. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
We use $(call MAKE_TOOL_ARGS,...) or $(call FIP_ADD_IMG,...) where we expect externally built images. The difference between the two is check_* target. It now checks if the given path exists, so it is a good thing to use $(call FIP_ADD_IMG,...) in all the places. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
check_* targets check if the required option are given, but do not check the validity of the argument. If the specified file does not exist, let the build fail immediately instead of passing the invalid file path to tools. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
davidcunado-arm authored
RK3399 GIC save/restore
-
- 30 Jan, 2018 4 commits
-
-
davidcunado-arm authored
fiptool: Fix use after free
-
davidcunado-arm authored
Makefile: Use ld.bfd linker if available
-
davidcunado-arm authored
Correct the Makefile logic for disabling PIE
-
davidcunado-arm authored
Fix udelay issues that can make duration slightly too short
-
- 29 Jan, 2018 8 commits
-
-
davidcunado-arm authored
SPM: Map devices in the 1st GB
-
davidcunado-arm authored
Fix documentation for CnP bit
-
davidcunado-arm authored
docs: hikey: Fix typo
-
Julius Werner authored
Some toolchain distributions install both the BFD and GOLD linkers under the names <target>-ld.bfd and <target>-ld.gold. <target>-ld will then be a symlink that may point to either one of these. Trusted Firmware should always be linked with the BFD linker, since GOLD is meant primarily for userspace programs and doesn't support many of the more obscure linker script features that may be needed for firmware. With this patch the Makefile will auto-detect if ld.bfd is available and use it explicitly in that case. Change-Id: I7017055f67db3bd57d191d20a7af06ca646937d7 Signed-off-by: Julius Werner <jwerner@chromium.org>
-
Sandrine Bailleux authored
The CnP bit documentation in the Firmware Design Guide incorrectly used the term "Page Entries" instead of "Processing Elements". Fix that. Change-Id: Ie44ee99c281b7b1a9ad90fba2c7d109f12425507 Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
-
davidcunado-arm authored
hikey: fix assert in sec_protect()
-
Sandrine Bailleux authored
This patch maps the devices in the first GB of the system address map on the FVP into the S-EL1&0 translation regime when SPM support is enabled. This grants the Secure Partition access to the devices in this region, for example the memory-mapped Generic Timer device. Change-Id: I3aeea65f859ecbe83efde2acee20c55500c451bc Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
-
Andreas Färber authored
The correct name of the manufacturer is LeMaker. Signed-off-by: Andreas Färber <afaerber@suse.de>
-
- 27 Jan, 2018 2 commits
-
-
Andreas Färber authored
Commit 880b9e8b (Add padding at the end of the last entry) added code using toc_entry pointer, whose memory is already freed via variable buf. This causes enormous padding on openSUSE. Free the memory buffer only after padding is done. Signed-off-by: Andreas Färber <afaerber@suse.de>
-
Victor Chong authored
`assert(e)` was used in place of `if (e) ERROR()` when sec_protect() was ported from hikey fork so the logic should have been reversed. Fixes: 3d5d9f5a ("hikey: configure the top 16MB of DRAM as secure") Fixes: 52988b38 ("hikey: configure 4 MB of secure DRAM for OP-TEE Secure Data Path") Signed-off-by: Victor Chong <victor.chong@linaro.org> Tested-by: Victor Chong <victor.chong@linaro.org>
-
- 26 Jan, 2018 2 commits
-
-
davidcunado-arm authored
Hikey protect optee / sdp memory
-
Derek Basehore authored
This disables the redistributor before either of the pwr_dm_suspend functions are called. This is because the rdist save code in the rk3399 rockchip_soc_sys_pwr_dm_suspend function requires that each redistributor be disabled before saving state. Signed-off-by: Derek Basehore <dbasehore@chromium.org>
-
- 25 Jan, 2018 5 commits
-
-
Julius Werner authored
Delay functions like udelay() are often used to ensure that the necessary time passed to allow some asynchronous event to finish, such as the stabilization delay for a power rail. For these use cases it is not very problematic if the delay is slightly longer than requested, but it is critical that the delay must never be shorter. The current udelay() implementation contains two hazards that may cause the delay to be slightly shorter than intended: Firstly, the amount of ticks to wait is calculated with an integer division, which may cut off the last fraction of ticks needed. Secondly, the delay may be short by a fraction of a tick because we do not know whether the initial ("start") sample of the timer was near the start or near the end of the current tick. Thus, if the code intends to wait for one tick, it might read the timer value close to the end of the current tick and then read it again right after the start of the next tick, concluding that the duration of a full tick has passed when it in fact was just a fraction of it. This patch rounds up the division and always adds one extra tick to counteract both problems and ensure that delays will always be larger but never smaller than requested. Change-Id: Ic5fe5f858b5cdf3c0dbf3e488d4d5702d9569433 Signed-off-by: Julius Werner <jwerner@chromium.org>
-
davidcunado-arm authored
uniphier: migrate to BL2-AT-EL3
-
davidcunado-arm authored
SPM: Declare explicit width based types in secure_partition_boot_info…
-
davidcunado-arm authored
Hikey960: Enable invalid FIQ handling
-
davidcunado-arm authored
Workarounds for CVE-2017-5715 on A9/A15 and A17 + serial console reporting
-
- 24 Jan, 2018 1 commit
-
-
davidcunado-arm authored
poplar: Enable emmc and recovery build support
-