Skip to content

GitLab

Switch branch/tag
  1. 20 Jul, 2017 3 commits
    • Soby Mathew's avatar
      CSS: Prevent SCP_BL2/2U from overwriting BL1 RW data · 1ea63d77
      Soby Mathew authored 
      

On ARM CSS platforms, the SCP_BL2/2U image is loaded below
BL1 read-write data. This same memory is used to load BL31
later on. But sufficient checks were not done to ensure that the
SCP_BL2 would not overwrite BL1 rw data. This patch adds the
required CASSERT checks to prevent overwrite into BL1 or BL2
memory by load of SCP_BL2/2U. Also the size of BL31 is increased
and SCP_BL2/2U size is decreased to accomodate it within the
allocated region.

Change-Id: I23b28b5e1589e91150852a06452bd52b273216ee
Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      1ea63d77
    • Soby Mathew's avatar
      CSS: Reorganize the SCP Image transfer functionality · 74d44a49
      Soby Mathew authored 
      

The SCP_BL2 is transferred to SCP during BL2 image load and authenticate
sequence. The Boot-Over-MHU (BOM) protocol is used as transport for this. After
the SCP boots using the transferred image, the AP CPU waits till the `READY`
message is received from SCP. This patch separates the API for transport of
image from the wait for `READY` message and also moves the related files to
the `css/drivers` folder. The previous API `scp_bootloader_transfer` is
renamed to `css_scp_boot_image_xfer` to reflect the css naming convention.
This reorganisation also allows easier switch to a different transport
(eg: Shared Data Structure based transfer) in future

Change-Id: I8a96f9c4616ffde6dbfdf7c18f6f6f8bfa40bbf0
Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      74d44a49
    • Soby Mathew's avatar
      Resize the BL2 size limit for Juno · 6c401f31
      Soby Mathew authored 
      

Recent patches to reduce the memory footprint of BL images have
resulted in saving several pages of memory. This patch reduces
the BL2 size limit by 20KB for Juno when ARM_BOARD_OPTIMISE_MEM=1
so that more free space can be freed up for Trusted OS (BL32). Also
SCP_BL2/SCP_BL2U size is now restricted to 80K.

Change-Id: I1573d7a34e24d15e4abce8a14da40dbb5dc81e37
Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      6c401f31
  3. 10 Jul, 2017 4 commits
  5. 07 Jul, 2017 3 commits
  7. 06 Jul, 2017 7 commits
  9. 05 Jul, 2017 4 commits
  11. 02 Jul, 2017 1 commit
  13. 30 Jun, 2017 1 commit
    • Caesar Wang's avatar
      rockchip/rk3399: fixes the typo and the WARNINGS during suspend/resume · c3710ee7
      Caesar Wang authored 
      

This patch fixes the two things as follows:

1) rk3399_flash_l2_b" seems to be a typo. That's "flush", not "flash".

2) fixes the warnings log.
We always hit the warnings thing during the suspend, as below log:
..
[   51.022334] CPU5: shutdown
[   51.025069] psci: CPU5 killed.
INFO:    sdram_params->ddr_freq = 928000000
WARNING: rk3399_flash_l2_b:reg 28830380,wait

When the L2 completes the clean and invalidate sequence, it asserts the
L2FLUSHDONE signal. The SoC can now deassert L2FLUSHREQ signal and then
the L2 deasserts L2FLUSHDONE.

Then, a loop without a delay isn't really great to measure time. We should
probably add a udelay(10) or so in there and then maybe replace the WARN()
after the loop. In the actual tests, the L2 cache will take ~4ms by
default for big cluster.

In the real world that give 10ms for the enough margin, like the
ddr/cpu/cci frequency and other factors that will affect it.

Change-Id: I55788c897be232bf72e8c7b0e10cf9b06f7aa50d
Signed-off-by: default avatarCaesar Wang <wxt@rock-chips.com>
      c3710ee7
  15. 29 Jun, 2017 4 commits
  17. 28 Jun, 2017 13 commits
    • danh-arm's avatar
      Merge pull request #1007 from soby-mathew/sm/ccint · aa5b843f
      danh-arm authored 
      Enable integration of ARM TrustZone Cryptocell for TBB
      aa5b843f
    • Soby Mathew's avatar
      Use CryptoCell to set/get NVcounters and ROTPK · f143cafe
      Soby Mathew authored 
      

This patch implements the platform APIs plat_get_rotpk_info,
plat_get_nv_ctr, plat_set_nv_ctr to invoke CryptoCell SBROM
APIs when ARM_CRYPTOCELL_INT is set.

Change-Id: I693556b3c7f42eceddd527abbe6111e499f55c45
Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      f143cafe
    • Soby Mathew's avatar
      Do basic CryptoCell LCS check · fd2b42f4
      Soby Mathew authored 
      

This patch implements the basic lifecycle state check when CryptoCell
SBROM is initialized. Currently the check ensures that if the lifecycle
state is Security Disabled (SD), the boot process does not proceed
further.

Change-Id: I5101335453cd3ea413e97bcfb9138a96c05e1aea
Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      fd2b42f4
    • Soby Mathew's avatar
      ARM plat changes to enable CryptoCell integration · e60f2af9
      Soby Mathew authored 
      

This patch makes the necessary changes to enable ARM platform to
successfully integrate CryptoCell during Trusted Board Boot. The
changes are as follows:

* A new build option `ARM_CRYPTOCELL_INTEG` is introduced to select
  the CryptoCell crypto driver for Trusted Board boot.

* The TrustZone filter settings for Non Secure DRAM is modified
  to allow CryptoCell to read this memory. This is required to
  authenticate BL33 which is loaded into the Non Secure DDR.

* The CSS platforms are modified to use coherent stacks in BL1 and BL2
  when CryptoCell crypto is selected. This is because CryptoCell makes
  use of DMA to transfer data and the CryptoCell SBROM library allocates
  buffers on the stack during signature/hash verification.

Change-Id: I1e6f6dcd1899784f1edeabfa2a9f279bbfb90e31
Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      e60f2af9
    • Soby Mathew's avatar
      Add CC crypto driver to the Auth module · 4eb20d99
      Soby Mathew authored 
      

This patch adds a crypto driver which utilizes the ARM® TrustZone®
CryptoCell-712 to verify signature and hash during Trusted Board Boot. Along
with this driver, the CryptoCell SBROM library is required to successfully
build the BL image. The path to this library is specified via
the `CCSBROM_LIB_PATH` variable. Please note that, mbedTLS is still required
to do the X509 certificate ASN.1 parsing and CryptoCell is only utilized for
signature and hash verification.

Change-Id: If82dfbae0d7772ba1c64839f0b27850c103fe253
Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      4eb20d99
    • Soby Mathew's avatar
      Add headers to enable CryptoCell integration · bdd1cbf5
      Soby Mathew authored 
      

This patch adds header files with required declarations and
macro definitions to enable integration with CryptoCell SBROM
version `CC712 – Release 1.0.0.1061`. These headers enable ARM
Trusted Firmware to build and link with CryptoCell SBROM
library.

Change-Id: I501eda7fe1429acb61db8e1cab78cc9aee9c1871
Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      bdd1cbf5
    • Soby Mathew's avatar
      Add support to link an external lib with ARM TF · 048531d7
      Soby Mathew authored 
      

This patch defines the variable `LDLIBS` which allows external
libraries to be specified to 'ld' to enable it to link the
libraries.

Change-Id: I02a490eca1074063d00153ccb0ee974ef8859a0e
Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      048531d7
    • danh-arm's avatar
      Merge pull request #1008 from douglas-raillard-arm/dr/add_TF_LDFLAGS · 1979ee13
      danh-arm authored 
      Introduce TF_LDFLAGS and improve CFLAGS documentation
      1979ee13
    • Douglas Raillard's avatar
      Document CFLAGS make option · f7ad7a63
      Douglas Raillard authored 
      

CFLAGS content can be set on the command line to allow passing extra
options to the compiler. Its content is appended after the options set
by the Makefile (TF_CFLAGS).

The Makefiles must use TF_CFLAGS instead of CFLAGS, as the latter can be
completely overriden by setting it on the command line.

Also tell about LDFLAGS in the "Debugging options" section.

Change-Id: Iaf27b424002898ef3040133f78cb133983a37aee
Signed-off-by: default avatarDouglas Raillard <douglas.raillard@arm.com>
      f7ad7a63
    • Douglas Raillard's avatar
      Introduce TF_LDFLAGS · c2b8806f
      Douglas Raillard authored 
      

Use TF_LDFLAGS from the Makefiles, and still append LDFLAGS as well to
the compiler's invocation. This allows passing extra options from the
make command line using LDFLAGS.

Document new LDFLAGS Makefile option.

Change-Id: I88c5ac26ca12ac2b2d60a6f150ae027639991f27
Signed-off-by: default avatarDouglas Raillard <douglas.raillard@arm.com>
      c2b8806f
    • danh-arm's avatar
      Merge pull request #1009 from islmit01/im/aarch32_juno · 6bf36249
      danh-arm authored 
      Add Juno AArch32 and AArch64 User Guide instructions
      6bf36249
    • Isla Mitchell's avatar
      Add Juno AArch32 and AArch64 User Guide instructions · f5f1f9f2
      Isla Mitchell authored 
      

Updated section 6, building a FIP for Juno and FVP, adding
instructions for AArch32 and AArch64.

Updated section 4.1, summary of build options, to include a
description of the `JUNO_AARCH32_EL3_RUNTIME` build flag.

Change-Id: I4ed006522cab981371c382859063f088fbfcb8f7
Signed-off-by: default avatarIsla Mitchell <isla.mitchell@arm.com>
      f5f1f9f2
    • danh-arm's avatar
      Merge pull request #1006 from robertovargas-arm/doc-format · d6c26ade
      danh-arm authored 
      Improve format of exception vectors in BL1 description
      d6c26ade