Skip to content

GitLab

Switch branch/tag
  1. 10 May, 2019 1 commit
    • Alexei Fedorov's avatar
      SMMUv3: Abort DMA transactions · 1461ad9f
      Alexei Fedorov authored 
      

For security DMA should be blocked at the SMMU by default
unless explicitly enabled for a device. SMMU is disabled
after reset with all streams bypassing the SMMU, and
abortion of all incoming transactions implements a default
deny policy on reset.
This patch also moves "bl1_platform_setup()" function from
arm_bl1_setup.c to FVP platforms' fvp_bl1_setup.c and
fvp_ve_bl1_setup.c files.

Change-Id: Ie0ffedc10219b1b884eb8af625bd4b6753749b1a
Signed-off-by: default avatarAlexei Fedorov <Alexei.Fedorov@arm.com>
      1461ad9f
  3. 03 May, 2019 2 commits
    • John Tsichritzis's avatar
      Add compile-time errors for HW_ASSISTED_COHERENCY flag · 076b5f02
      John Tsichritzis authored 
      This patch fixes this issue:
https://github.com/ARM-software/tf-issues/issues/660



The introduced changes are the following:

1) Some cores implement cache coherency maintenance operation on the
hardware level. For those cores, such as - but not only - the DynamIQ
cores, it is mandatory that TF-A is compiled with the
HW_ASSISTED_COHERENCY flag. If not, the core behaviour at runtime is
unpredictable. To prevent this, compile time checks have been added and
compilation errors are generated, if needed.

2) To enable this change for FVP, a logical separation has been done for
the core libraries. A system cannot contain cores of both groups, i.e.
cores that manage coherency on hardware and cores that don't do it. As
such, depending on the HW_ASSISTED_COHERENCY flag, FVP includes the
libraries only of the relevant cores.

3) The neoverse_e1.S file has been added to the FVP sources.

Change-Id: I787d15819b2add4ec0d238249e04bf0497dc12f3
Signed-off-by: default avatarJohn Tsichritzis <john.tsichritzis@arm.com>
      076b5f02
    • Alexei Fedorov's avatar
      SMMUv3: refactor the driver code · ccd4d475
      Alexei Fedorov authored 
      

This patch is a preparation for the subsequent changes in
SMMUv3 driver. It introduces a new "smmuv3_poll" function
and replaces inline functions for accessing SMMU registers
with mmio read/write operations. Also the infinite loop
for the poll has been replaced with a counter based timeout.

Change-Id: I7a0547beb1509601f253e126b1a7a6ab3b0307e7
Signed-off-by: default avatarAlexei Fedorov <Alexei.Fedorov@arm.com>
      ccd4d475
  5. 30 Apr, 2019 1 commit
  7. 24 Apr, 2019 1 commit
  9. 17 Apr, 2019 1 commit
    • Aditya Angadi's avatar
      plat/arm: introduce wrapper functions to setup secure watchdog · b0c97daf
      Aditya Angadi authored 
      

The BL1 stage setup code for ARM platforms sets up the SP805 watchdog
controller as the secure watchdog. But not all ARM platforms use SP805
as the secure watchdog controller.

So introduce two new ARM platform code specific wrapper functions to
start and stop the secure watchdog. These functions then replace the
calls to SP805 driver in common BL1 setup code. All the ARM platforms
implement these wrapper functions by either calling into SP805 driver
or the SBSA watchdog driver.

Change-Id: I1a9a11b124cf3fac2a84f22ca40acd440a441257
Signed-off-by: default avatarAditya Angadi <aditya.angadi@arm.com>
      b0c97daf
  11. 16 Apr, 2019 1 commit
  13. 12 Apr, 2019 1 commit
    • Ambroise Vincent's avatar
      Mbed TLS: Remove weak heap implementation · 2374ab17
      Ambroise Vincent authored 
      

The implementation of the heap function plat_get_mbedtls_heap() becomes
mandatory for platforms supporting TRUSTED_BOARD_BOOT.

The shared Mbed TLS heap default weak function implementation is
converted to a helper function get_mbedtls_heap_helper() which can be
used by the platforms for their own function implementation.

Change-Id: Ic8f2994e25e3d9fcd371a21ac459fdcafe07433e
Signed-off-by: default avatarAmbroise Vincent <ambroise.vincent@arm.com>
      2374ab17
  15. 11 Apr, 2019 2 commits
    • Ambroise Vincent's avatar
      sgm: Fix bl2 sources · e5be1f95
      Ambroise Vincent authored 
      

The weak version of plat_get_mbedtls_heap() was being used.

Change-Id: I6da331a098dd1af5bb64729d5b914cfb74b8869e
Signed-off-by: default avatarAmbroise Vincent <ambroise.vincent@arm.com>
      e5be1f95
    • Paul Beesley's avatar
      plat/sgm: Remove redundant platform_oid.h · 551631aa
      Paul Beesley authored 
      This file is used when building the cert_create tool without using
the 'standard' set of Arm OID values as defined in the TBBR
specification (see tbbr_oid.h). This configuration is enabled by
setting USE_TBBR_DEFS to 0 during build.

At the moment this will fail because the header file included by
this file was removed in commit bb41eb7a

 ("cert: move
platform_oid.h to include/tools_share for all platforms"). For
the SGM platform this means that there is no current use for
this file.

Change-Id: I3c82983ada62330f1ab6be6d6c0cf489adabae7b
Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      551631aa
  17. 08 Apr, 2019 1 commit
  19. 01 Apr, 2019 2 commits
  21. 21 Mar, 2019 1 commit
    • John Tsichritzis's avatar
      ROMLIB bug fixes · ae2e01b8
      John Tsichritzis authored 
      

Fixed the below bugs:
1) Bug related to build flag V=1: if the flag was V=0, building with
ROMLIB would fail.
2) Due to a syntax bug in genwrappers.sh, index file entries marked as
"patch" or "reserved" were ignored.
3) Added a prepending hash to constants that genwrappers is generating.
4) Due to broken dependencies, currently the inclusion functionality is
intentionally not utilised. This is why the contents of romlib/jmptbl.i
have been copied to platform specific jmptbl.i files. As a result of the
broken dependencies, when changing the index files, e.g. patching
functions, a clean build is always required. This is a known issue that
will be fixed in the future.

Change-Id: I9d92aa9724e86d8f90fcd3e9f66a27aa3cab7aaa
Signed-off-by: default avatarJohn Tsichritzis <john.tsichritzis@arm.com>
      ae2e01b8
  23. 14 Mar, 2019 3 commits
    • Louis Mayencourt's avatar
      fvp: Increase the size of the stack for FVP · 01aa5247
      Louis Mayencourt authored 
      

When RECLAIM_INIT_CODE is 1, the stack is used to contain the .text.init
section. This is by default enable on FVP. Due to the size increase of
the .text.init section, the stack had to be adjusted contain it.

Change-Id: Ia392341970fb86c0426cf2229b1a7295453e2e32
Signed-off-by: default avatarLouis Mayencourt <louis.mayencourt@arm.com>
      01aa5247
    • Sandrine Bailleux's avatar
      Put Pointer Authentication key value in BSS section · 47102b35
      Sandrine Bailleux authored 
      

The dummy implementation of the plat_init_apiakey() platform API uses
an internal 128-bit buffer to store the initial key value used for
Pointer Authentication support.

The intent - as stated in the file comments - was for this buffer to
be write-protected by the MMU. Initialization of the buffer would be
performed before enabling the MMU, thus bypassing write protection
checks.

However, the key buffer ended up into its own read-write section by
mistake due to a typo on the section name ('rodata.apiakey' instead of
'.rodata.apiakey', note the leading dot). As a result, the linker
script was not pulling it into the .rodata output section.

One way to address this issue could have been to fix the section
name. However, this approach does not work well for BL1. Being the
first image in the boot flow, it typically is sitting in real ROM
so we don't have the capacity to update the key buffer at any time.

The dummy implementation of plat_init_apiakey() provided at the moment
is just there to demonstrate the Pointer Authentication feature in
action. Proper key management and key generation would have to be a
lot more careful on a production system.

Therefore, the approach chosen here to leave the key buffer in
writable memory but move it to the BSS section. This does mean that
the key buffer could be maliciously updated for intalling unintended
keys on the warm boot path but at the feature is only at an
experimental stage right now, this is deemed acceptable.

Change-Id: I121ccf35fe7bc86c73275a4586b32d4bc14698d6
Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
      47102b35
    • John Tsichritzis's avatar
      Introduce preliminary support for Neoverse Zeus · a4546e80
      John Tsichritzis authored 
      

Change-Id: If56d1e200a31bd716726d7fdc1cc0ae8a63ba3ee
Signed-off-by: default avatarJohn Tsichritzis <john.tsichritzis@arm.com>
      a4546e80
  25. 13 Mar, 2019 1 commit
  27. 28 Feb, 2019 2 commits
  29. 27 Feb, 2019 3 commits
  31. 19 Feb, 2019 4 commits
  33. 18 Feb, 2019 1 commit
  35. 12 Feb, 2019 1 commit
  37. 01 Feb, 2019 3 commits
  39. 25 Jan, 2019 8 commits