1. 24 Jun, 2020 2 commits
    • Louis Mayencourt's avatar
      tbbr/dualroot: Add fw_config image in chain of trust · 243875ea
      Louis Mayencourt authored
      
      
      fw_config image is authenticated using secure boot framework by
      adding it into the single root and dual root chain of trust.
      
      The COT for fw_config image looks as below:
      
      +------------------+       +-------------------+
      | ROTPK/ROTPK Hash |------>| Trusted Boot fw   |
      +------------------+       | Certificate       |
                                 | (Auth Image)      |
                                /+-------------------+
                               /                   |
                              /                    |
                             /                     |
                            /                      |
                           L                       v
      +------------------+       +-------------------+
      | fw_config hash   |------>| fw_config         |
      |                  |       | (Data Image)      |
      +------------------+       +-------------------+
      Signed-off-by: default avatarLouis Mayencourt <louis.mayencourt@arm.com>
      Signed-off-by: default avatarManish V Badarkhe <Manish.Badarkhe@arm.com>
      Change-Id: I08fc8ee95c29a95bb140c807dd06e772474c7367
      243875ea
    • Manish V Badarkhe's avatar
      plat/arm: Rentroduce tb_fw_config device tree · 3cb84a54
      Manish V Badarkhe authored
      
      
      Moved BL2 configuration nodes from fw_config to newly
      created tb_fw_config device tree.
      
      fw_config device tree's main usage is to hold properties shared
      across all BLx images.
      An example is the "dtb-registry" node, which contains the
      information about the other device tree configurations
      (load-address, size).
      
      Also, Updated load-address of tb_fw_config which is now located
      after fw_config in SRAM.
      Signed-off-by: default avatarManish V Badarkhe <Manish.Badarkhe@arm.com>
      Change-Id: Ic398c86a4d822dacd55b5e25fd41d4fe3888d79a
      3cb84a54
  2. 21 Jun, 2020 1 commit
    • Varun Wadekar's avatar
      Tegra: sanity check NS address and size before use · 685e5609
      Varun Wadekar authored
      
      
      This patch updates the 'bl31_check_ns_address()' helper function to
      check that the memory address and size passed by the NS world are not
      zero.
      
      The helper fucntion also returns the error code as soon as it detects
      inconsistencies, to avoid multiple error paths from kicking in for the
      same input parameters.
      Signed-off-by: default avatarVarun Wadekar <vwadekar@nvidia.com>
      
      Change-Id: I46264f913954614bedcbde12e47ea0c70cd19be0
      685e5609
  3. 19 Jun, 2020 2 commits
    • Varun Wadekar's avatar
      Tegra: introduce support for GICv3 · 5e1b83aa
      Varun Wadekar authored
      
      
      This patch provides the platform level support to enable GICv3
      drivers on future Tegra platforms.
      Signed-off-by: default avatarVarun Wadekar <vwadekar@nvidia.com>
      Change-Id: I966a4502b2a4a7bd1ce66da843997c9ed605c59f
      5e1b83aa
    • Varun Wadekar's avatar
      Tegra: memctrl_v2: fixup sequence to resize video memory · a7749acc
      Varun Wadekar authored
      
      
      The previous sequence used by the driver to program the new memory
      aperture settings and clear the non-overlapping memory was faulty.
      The sequence locked the non-overlapping regions twice, leading to
      faults when trying to clear it.
      
      This patch modifies the sequence to follow these steps:
      
      * move the previous memory region to a new firewall register
      * program the new memory aperture settings
      * clean the non-overlapping memory
      
      This patch also maps the non-overlapping memory as Device memory to
      follow guidance from the arch. team.
      Signed-off-by: default avatarVarun Wadekar <vwadekar@nvidia.com>
      Change-Id: I7cf6e05b2dd372103dc7229e37b1b3fc269a57ae
      a7749acc
  4. 17 Jun, 2020 1 commit
    • Manish V Badarkhe's avatar
      plat/arm: Fix load address of TB_FW_CONFIG · 15865870
      Manish V Badarkhe authored
      
      
      Load address of tb_fw_config is incorrectly mentioned
      in below device trees:
      1. rdn1edge_fw_config.dts
      2. tc0_fw_config.dts
      
      Till now, tb_fw_config load-address is not being retrieved from
      device tree and hence never exeprienced any issue for tc0 and
      rdn1edge platform.
      
      For tc0 and rdn1edge platform, Load-address of tb_fw_config should
      be the SRAM base address + 0x300 (size of fw_config device tree)
      Hence updated these platform's fw_config.dts accordingly to reflect
      this load address change.
      
      Change-Id: I2ef8b05d49be10767db31384329f516df11ca817
      Signed-off-by: default avatarManish V Badarkhe <Manish.Badarkhe@arm.com>
      15865870
  5. 12 Jun, 2020 3 commits
  6. 09 Jun, 2020 4 commits
    • Philipp Tomsich's avatar
      rockchip: rk3368: fix PLAT_RK_CLST_TO_CPUID_SHIFT · 198a705f
      Philipp Tomsich authored
      
      
      The RK3368 has two clusters of 4 cores and it's cluster id starts at
      bit 8 of the MPIDR.  To convert from the cluster id (0 or 1) to the
      lowest CPU-ID in the respective cluster, we thus need to shift by 6
      (i.e. shift by 8 to extract the cluster-id and multiply by 4).
      
      This change is required to ensure the PSCI support can index the
      per-cpu entry-address array correctly.
      Signed-off-by: default avatarPhilipp Tomsich <philipp.tomsich@theobroma-systems.com>
      Signed-off-by: default avatarHeiko Stuebner <heiko.stuebner@theobroma-systems.com>
      Change-Id: I64a76038f090a85a47067f09f750e96e3946e756
      198a705f
    • Madhukar Pappireddy's avatar
      plat/fvp: Add support for dynamic description of secure interrupts · 452d5e5e
      Madhukar Pappireddy authored
      
      
      Using the fconf framework, the Group 0 and Group 1 secure interrupt
      descriptors are moved to device tree and retrieved in runtime. This
      feature is enabled by the build flag SEC_INT_DESC_IN_FCONF.
      
      Change-Id: I360c63a83286c7ecc2426cd1ff1b4746d61e633c
      Signed-off-by: default avatarMadhukar Pappireddy <madhukar.pappireddy@arm.com>
      452d5e5e
    • Andre Przywara's avatar
      GICv3: GIC-600: Detect GIC-600 at runtime · b4ad365a
      Andre Przywara authored
      
      
      The only difference between GIC-500 and GIC-600 relevant to TF-A is the
      differing power management sequence.
      A certain GIC implementation is detectable at runtime, for instance by
      checking the IIDR register. Let's add that test before initiating the
      GIC-600 specific sequence, so the code can be used on both GIC-600 and
      GIC-500 chips alike, without deciding on a GIC chip at compile time.
      
      This means that the GIC-500 "driver" is now redundant. To allow minimal
      platform support, add a switch to disable GIC-600 support.
      
      Change-Id: I17ea97d9fb05874772ebaa13e6678b4ba3415557
      Signed-off-by: default avatarAndre Przywara <andre.przywara@arm.com>
      b4ad365a
    • Manish Pandey's avatar
      dualroot: add chain of trust for secure partitions · 44f1aa8e
      Manish Pandey authored
      
      
      A new certificate "sip-sp-cert" has been added for Silicon Provider(SiP)
      owned Secure Partitions(SP). A similar support for Platform owned SP can
      be added in future. The certificate is also protected against anti-
      rollback using the trusted Non-Volatile counter.
      
      To avoid deviating from TBBR spec, support for SP CoT is only provided
      in dualroot.
      Secure Partition content certificate is assigned image ID 31 and SP
      images follows after it.
      
      The CoT for secure partition look like below.
      +------------------+       +-------------------+
      | ROTPK/ROTPK Hash |------>| Trusted Key       |
      +------------------+       | Certificate       |
                                 | (Auth Image)      |
                                /+-------------------+
                               /                   |
                              /                    |
                             /                     |
                            /                      |
                           L                       v
      +------------------+       +-------------------+
      | Trusted World    |------>| SiP owned SPs     |
      | Public Key       |       | Content Cert      |
      +------------------+       | (Auth Image)      |
                              /   +-------------------+
                             /                      |
                            /                      v|
      +------------------+ L     +-------------------+
      | SP_PKG1 Hash     |------>| SP_PKG1           |
      |                  |       | (Data Image)      |
      +------------------+       +-------------------+
              .                           .
              .                           .
              .                           .
      +------------------+       +-------------------+
      | SP_PKG8 Hash     |------>| SP_PKG8           |
      |                  |       | (Data Image)      |
      +------------------+       +-------------------+
      Signed-off-by: default avatarManish Pandey <manish.pandey2@arm.com>
      Change-Id: Ia31546bac1327a3e0b5d37e8b99c808442d5e53f
      44f1aa8e
  7. 08 Jun, 2020 7 commits
  8. 06 Jun, 2020 11 commits
  9. 05 Jun, 2020 1 commit
  10. 03 Jun, 2020 3 commits
  11. 02 Jun, 2020 1 commit
    • Masahisa Kojima's avatar
      xlat_tables_v2: add base table section name parameter for spm_mm · 0922e481
      Masahisa Kojima authored
      Core spm_mm code expects the translation tables are located in the
      inner & outer WBWA & shareable memory.
      REGISTER_XLAT_CONTEXT2 macro is used to specify the translation
      table section in spm_mm.
      
      In the commit 363830df
      
       (xlat_tables_v2: merge
      REGISTER_XLAT_CONTEXT_{FULL_SPEC,RO_BASE_TABLE}), REGISTER_XLAT_CONTEXT2
      macro explicitly specifies the base xlat table goes into .bss by default.
      This change affects the existing SynQuacer spm_mm implementation.
      plat/socionext/synquacer/include/plat.ld.S linker script intends to
      locate ".bss.sp_base_xlat_table" into "sp_xlat_table" section,
      but this implementation is no longer available.
      
      This patch adds the base table section name parameter for
      REGISTER_XLAT_CONTEXT2 so that platform can specify the
      inner & outer WBWA & shareable memory for spm_mm base xlat table.
      If PLAT_SP_IMAGE_BASE_XLAT_SECTION_NAME is not defined, base xlat table
      goes into .bss by default, the result is same as before.
      
      Change-Id: Ie0e1a235e5bd4288dc376f582d6c44c5df6d31b2
      Signed-off-by: default avatarMasahisa Kojima <masahisa.kojima@linaro.org>
      0922e481
  12. 01 Jun, 2020 3 commits
  13. 31 May, 2020 1 commit
    • Alexei Fedorov's avatar
      TF-A: Fix BL31 linker script error · 34dd1e96
      Alexei Fedorov authored
      
      
      The patch fixes BL31 linker script error
      "Init code ends past the end of the stacks"
      for platforms with number of CPUs less than 4,
      which is caused by __STACKS_END__ address being
      lower than __INIT_CODE_END__.
      The modified BL31 linker script detects such cases
      and increases the total amount of stack memory,
      setting __STACKS_END__ = __INIT_CODE_END__, and
      CPUs' stacks are calculated by BL31 'plat_get_my_stack'
      function accordingly. For platforms with more than 4 CPUs
      and __INIT_CODE_END__ < __STACKS_END__ stack memory does not
      increase and allocated CPUs' stacks match the existing
      implementation.
      The patch removes exclusion of PSCI initialization
      functions from the reclaimed .init section in
      'arm_reclaim_init.ld.S' script, which increases the
      size of reclaimed memory region.
      
      Change-Id: I927773e00dd84e1ffe72f9ee534f4f2fc7b6153c
      Signed-off-by: default avatarAlexei Fedorov <Alexei.Fedorov@arm.com>
      34dd1e96