- 26 Aug, 2020 1 commit
-
-
Sandeep Tripathy authored
'EHF' is used by RAS, SDEI, SPM_MM common frameworks. If platform needs to plug-in specific handlers then 'PLAT_EHF_DESC' can be used to populate platform specific priority levels. Signed-off-by: Sandeep Tripathy <sandeep.tripathy@broadcom.com> Change-Id: I37af7e0e48111f87b6982604bf5c15db3e05755d
-
- 21 Jul, 2020 1 commit
-
-
Alexei Fedorov authored
This patch adds support for Event Log generation required for Measured Boot functionality. Change-Id: I34f05a33565e6659e78499d62cc6fb00b7d6c2dc Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
-
- 27 May, 2020 1 commit
-
-
Manish V Badarkhe authored
Fixed build error for dualroot chain of trust. Build error were thrown as below while compiling the code for dualroot chain of trust: aarch64-none-elf-ld.bfd: ./build/fvp/debug/bl1/tbbr_cot_bl1.o: (.bss.auth_img_flags+0x0): multiple definition of `auth_img_flags'; ./build/fvp/debug/bl1/cot.o:(.bss.auth_img_flags+0x0): first defined here aarch64-none-elf-ld.bfd: ./build/fvp/debug/bl1/tbbr_cot_bl1.o: (.rodata.cot_desc_size+0x0): multiple definition of `cot_desc_size'; ./build/fvp/debug/bl1/cot.o:(.rodata.cot_desc_size+0x0): first defined here aarch64-none-elf-ld.bfd: ./build/fvp/debug/bl1/tbbr_cot_bl1.o: (.rodata.cot_desc_ptr+0x0): multiple definition of `cot_desc_ptr'; ./build/fvp/debug/bl1/cot.o:(.rodata.cot_desc_ptr+0x0): first defined here Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com> Change-Id: I1a426c4e7f5f8013d71dafc176c7467c1b329757
-
- 19 May, 2020 1 commit
-
-
Manish V Badarkhe authored
CoT used for BL1 and BL2 are moved to tbbr_cot_bl1.c and tbbr_cot_bl2.c respectively. Common CoT used across BL1 and BL2 are moved to tbbr_cot_common.c. Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com> Change-Id: I2252ac8a6960b3431bcaafdb3ea4fb2d01b79cf5
-
- 15 May, 2020 1 commit
-
-
Balint Dobszay authored
This patch introduces dynamic configuration for SDEI setup and is supported when the new build flag SDEI_IN_FCONF is enabled. Instead of using C arrays and processing the configuration at compile time, the config is moved to dts files. It will be retrieved at runtime during SDEI init, using the fconf layer. Change-Id: If5c35a7517ba00a9f258d7f3e7c8c20cee169a31 Signed-off-by: Balint Dobszay <balint.dobszay@arm.com> Co-authored-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
-
- 23 Mar, 2020 1 commit
-
-
Olivier Deprez authored
When SPD=spmd and SPMD_SPM_AT_SEL2=0, that is SPMC sits at S-EL1 then there is no need for TF-A to load secure partitions individually. In this configuration, SPMC handles secure partition loading at S-EL1/EL0 levels. Signed-off-by: Olivier Deprez <olivier.deprez@arm.com> Signed-off-by: Manish Pandey <manish.pandey2@arm.com> Change-Id: I06a0d88a4811274a8c347ce57b56bb5f64e345df
-
- 16 Mar, 2020 1 commit
-
-
Louis Mayencourt authored
Merge the previously introduced arm_fconf_io_storage into arm_io_storage. This removes the duplicate io_policies and functions definition. This patch: - replace arm_io_storage.c with the content of arm_fconf_io_storage.c - rename the USE_FCONF_BASED_IO option into ARM_IO_IN_DTB. - use the ARM_IO_IN_DTB option to compile out io_policies moved in dtb. - propagate DEFINES when parsing dts. - use ARM_IO_IN_DTB to include or not uuid nodes in fw_config dtb. - set the ARM_IO_IN_DTB to 0 by default for fvp. This ensure that the behavior of fvp stays the same as it was before the introduction of fconf. Change-Id: Ia774a96d1d3a2bccad29f7ce2e2b4c21b26c080e Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
-
- 03 Mar, 2020 1 commit
-
-
Olivier Deprez authored
Use the firmware configuration framework to retrieve information about Secure Partitions to facilitate loading them into memory. To load a SP image we need UUID look-up into FIP and the load address where it needs to be loaded in memory. This patch introduces a SP populator function which gets UUID and load address from firmware config device tree and updates its C data structure. Change-Id: I17faec41803df9a76712dcc8b67cadb1c9daf8cd Signed-off-by: Olivier Deprez <olivier.deprez@arm.com> Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
-
- 24 Feb, 2020 1 commit
-
-
Sandrine Bailleux authored
- Use the development PROTPK if using the dualroot CoT. Note that unlike the ROTPK, the PROTPK key hash file is not generated from the key file, instead it has to be provided. This might be enhanced in the future. - Define a CoT build flag for the platform code to provide different implementations where needed. Change-Id: Iaaf25183b94e77a99a5d8d875831d90c102a97ea Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
-
- 10 Feb, 2020 1 commit
-
-
Achin Gupta authored
This patch adds support to the build system to include support for the SPM dispatcher when the SPD configuration option is spmd. Signed-off-by: Achin Gupta <achin.gupta@arm.com> Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com> Change-Id: Ic1ae50ecd7403fcbcf1d318abdbd6ebdc642f732
-
- 07 Feb, 2020 3 commits
-
-
Louis Mayencourt authored
Use the firmware configuration framework to store the io_policies information inside the configuration device tree instead of the static structure in the code base. The io_policies required by BL1 can't be inside the dtb, as this one is loaded by BL1, and only available at BL2. This change currently only applies to FVP platform. Change-Id: Ic9c1ac3931a4a136aa36f7f58f66d3764c1bfca1 Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
-
Louis Mayencourt authored
Use fconf to retrieve the `disable_authentication` property. Move this access from arm dynamic configuration to bl common. Change-Id: Ibf184a5c6245d04839222f5457cf5e651f252b86 Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
-
Louis Mayencourt authored
Introduce the Firmware CONfiguration Framework (fconf). The fconf is an abstraction layer for platform specific data, allowing a "property" to be queried and a value retrieved without the requesting entity knowing what backing store is being used to hold the data. The default backing store used is C structure. If another backing store has to be used, the platform integrator needs to provide a "populate()" function to fill the corresponding C structure. The "populate()" function must be registered to the fconf framework with the "FCONF_REGISTER_POPULATOR()". This ensures that the function would be called inside the "fconf_populate()" function. A two level macro is used as getter: - the first macro takes 3 parameters and converts it to a function call: FCONF_GET_PROPERTY(a,b,c) -> a__b_getter(c). - the second level defines a__b_getter(c) to the matching C structure, variable, array, function, etc.. Ex: Get a Chain of trust property: 1) FCONF_GET_PROPERY(tbbr, cot, BL2_id) -> tbbr__cot_getter(BL2_id) 2) tbbr__cot_getter(BL2_id) -> cot_desc_ptr[BL2_id] Change-Id: Id394001353ed295bc680c3f543af0cf8da549469 Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
-
- 29 Jan, 2020 1 commit
-
-
Sandrine Bailleux authored
Allows to select the chain of trust to use when the Trusted Boot feature is enabled. This affects both the cert_create tool and the firmware itself. Right now, the only available CoT is TBBR. Change-Id: I7ab54e66508a1416cb3fcd3dfb0f055696763b3d Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
-
- 27 Jan, 2020 1 commit
-
-
Madhukar Pappireddy authored
In order to support SEPARATE_NOBITS_REGION for Arm platforms, we need to load BL31 PROGBITS into secure DRAM space and BL31 NOBITS into SRAM. Hence mandate the build to require that ARM_BL31_IN_DRAM is enabled as well. Naturally with SEPARATE_NOBITS_REGION enabled, the BL31 initialization code cannot be reclaimed to be used for runtime data such as secondary cpu stacks. Memory map for BL31 NOBITS region also has to be created. Change-Id: Ibbc8c9499a32e63fd0957a6e254608fbf6fa90c9 Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
-
- 23 Jan, 2020 1 commit
-
-
Mark Dykes authored
This reverts commit d433bbdd. Change-Id: I46c69dce704a1ce1b50452dd4d62425c4a67f7f0
-
- 22 Jan, 2020 1 commit
-
-
Madhukar Pappireddy authored
In order to support SEPARATE_NOBITS_REGION for Arm platforms, we need to load BL31 PROGBITS into secure DRAM space and BL31 NOBITS into SRAM. Hence mandate the build to require that ARM_BL31_IN_DRAM is enabled as well. Naturally with SEPARATE_NOBITS_REGION enabled, the BL31 initialization code cannot be reclaimed to be used for runtime data such as secondary cpu stacks. Memory map for BL31 NOBITS region also has to be created. Change-Id: Ibd480f82c1dc74e9cbb54eec07d7a8fecbf25433 Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
-
- 20 Dec, 2019 2 commits
-
-
Paul Beesley authored
The Secure Partition Manager (SPM) prototype implementation is being removed. This is preparatory work for putting in place a dispatcher component that, in turn, enables partition managers at S-EL2 / S-EL1. This patch removes: - The core service files (std_svc/spm) - The Resource Descriptor headers (include/services) - SPRT protocol support and service definitions - SPCI protocol support and service definitions Change-Id: Iaade6f6422eaf9a71187b1e2a4dffd7fb8766426 Signed-off-by: Paul Beesley <paul.beesley@arm.com> Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com>
-
Paul Beesley authored
There are two different implementations of Secure Partition management in TF-A. One is based on the "Management Mode" (MM) design, the other is based on the Secure Partition Client Interface (SPCI) specification. Currently there is a dependency between their build flags that shouldn't exist, making further development harder than it should be. This patch removes that dependency, making the two flags function independently. Before: ENABLE_SPM=1 is required for using either implementation. By default, the SPCI-based implementation is enabled and this is overridden if SPM_MM=1. After: ENABLE_SPM=1 enables the SPCI-based implementation. SPM_MM=1 enables the MM-based implementation. The two build flags are mutually exclusive. Note that the name of the ENABLE_SPM flag remains a bit ambiguous - this will be improved in a subsequent patch. For this patch the intention was to leave the name as-is so that it is easier to track the changes that were made. Change-Id: I8e64ee545d811c7000f27e8dc8ebb977d670608a Signed-off-by: Paul Beesley <paul.beesley@arm.com>
-
- 17 Dec, 2019 2 commits
-
-
Bence Szépkúti authored
Ported the pmf asm macros and the asm code in the bl31 entrypoint necessary for the instrumentation to AArch32. Since smc dispatch is handled by the bl32 payload on AArch32, we provide this service only if AARCH32_SP=sp_min is set. Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com> Change-Id: Id33b7e9762ae86a4f4b40d7f1b37a90e5130c8ac
-
Bence Szépkúti authored
Switching execution states is only possible if EL3 is AArch64. As such there is no need to validate the entrypoint on AArch32 builds. Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com> Change-Id: I3c1eb25b5df296a492870641d274bf65213c6608
-
- 07 Nov, 2019 1 commit
-
-
Manish Pandey authored
Earlier PIE support was enabled for all arm platforms when RESET_TO_BL31=1, but later on it was restricted only to FVP with patch SHA d4580d17 because of n1sdp platform. Now it has been verified that PIE does work for n1sdp platform also, so enabling it again for all arm platforms. Change-Id: I05ad4f1775ef72e7cb578ec9245cde3fbce971a5 Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
-
- 13 Sep, 2019 1 commit
-
-
Alexei Fedorov authored
This patch provides the following features and makes modifications listed below: - Individual APIAKey key generation for each CPU. - New key generation on every BL31 warm boot and TSP CPU On event. - Per-CPU storage of APIAKey added in percpu_data[] of cpu_data structure. - `plat_init_apiakey()` function replaced with `plat_init_apkey()` which returns 128-bit value and uses Generic timer physical counter value to increase the randomness of the generated key. The new function can be used for generation of all ARMv8.3-PAuth keys - ARMv8.3-PAuth specific code placed in `lib\extensions\pauth`. - New `pauth_init_enable_el1()` and `pauth_init_enable_el3()` functions generate, program and enable APIAKey_EL1 for EL1 and EL3 respectively; pauth_disable_el1()` and `pauth_disable_el3()` functions disable PAuth for EL1 and EL3 respectively; `pauth_load_bl31_apiakey()` loads saved per-CPU APIAKey_EL1 from cpu-data structure. - Combined `save_gp_pauth_registers()` function replaces calls to `save_gp_registers()` and `pauth_context_save()`; `restore_gp_pauth_registers()` replaces `pauth_context_restore()` and `restore_gp_registers()` calls. - `restore_gp_registers_eret()` function removed with corresponding code placed in `el3_exit()`. - Fixed the issue when `pauth_t pauth_ctx` structure allocated space for 12 uint64_t PAuth registers instead of 10 by removal of macro CTX_PACGAKEY_END from `include/lib/el3_runtime/aarch64/context.h` and assigning its value to CTX_PAUTH_REGS_END. - Use of MODE_SP_ELX and MODE_SP_EL0 macro definitions in `msr spsel` instruction instead of hard-coded values. - Changes in documentation related to ARMv8.3-PAuth and ARMv8.5-BTI. Change-Id: Id18b81cc46f52a783a7e6a09b9f149b6ce803211 Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
-
- 28 Jun, 2019 1 commit
-
-
Ambroise Vincent authored
The new API becomes the default one. Change-Id: Ic1d602da3dff4f4ebbcc158b885295c902a24fec Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>
-
- 17 Apr, 2019 1 commit
-
-
Aditya Angadi authored
The BL1 stage setup code for ARM platforms sets up the SP805 watchdog controller as the secure watchdog. But not all ARM platforms use SP805 as the secure watchdog controller. So introduce two new ARM platform code specific wrapper functions to start and stop the secure watchdog. These functions then replace the calls to SP805 driver in common BL1 setup code. All the ARM platforms implement these wrapper functions by either calling into SP805 driver or the SBSA watchdog driver. Change-Id: I1a9a11b124cf3fac2a84f22ca40acd440a441257 Signed-off-by: Aditya Angadi <aditya.angadi@arm.com>
-
- 27 Feb, 2019 1 commit
-
-
Antonio Nino Diaz authored
This feature is only supported on FVP. Change-Id: I4e265610211d92a84bd2773c34acfbe02a1a1826 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 25 Jan, 2019 1 commit
-
-
Antonio Nino Diaz authored
Use full include paths like it is done for common includes. This cleanup was started in commit d40e0e08283a ("Sanitise includes across codebase"), but it only cleaned common files and drivers. This patch does the same to Arm platforms. Change-Id: If982e6450bbe84dceb56d464e282bcf5d6d9ab9b Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 22 Jan, 2019 1 commit
-
-
Antonio Nino Diaz authored
The SPM implementation based on MM is going to be kept for the foreseeable future. Change-Id: I11e96778a4f52a1aa803e7e048d9a7cb24a53954 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com> Acked-by: Sumit Garg <sumit.garg@linaro.org>
-
- 07 Jan, 2019 1 commit
-
-
Soby Mathew authored
The patch SHA 55cf015c enabled PIE support when RESET_TO_BL31=1 for all ARM platforms. But it seems n1sdp platform doesn't work with PIE support yet. Hence restrict the ENABLE_PIE=1 to fvp platform. Change-Id: If44e42528e4b0b57c69084503f346576fe0748bd Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
- 19 Dec, 2018 1 commit
-
-
Antonio Nino Diaz authored
This option was removed in v2.0. Change-Id: I0c929fddb57d60c5eff9e45dd5ee8c636b28e6c3 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 11 Dec, 2018 1 commit
-
-
Antonio Nino Diaz authored
Load SP and RD from package instead of relying on RD being already loaded in memory and the SP being loaded as a BL32 image. Change-Id: I18d4fbf4597656c6a7e878e1d7c01a8a324f3f8a Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 10 Dec, 2018 1 commit
-
-
Antonio Nino Diaz authored
Introduce helpers to create resource description struct, as well as code to load the information from DTB files. Change-Id: I0f5bb94eb8b01c6cb53fe807a9db0c05a70d7a43 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 05 Nov, 2018 1 commit
-
-
Manish Pandey authored
This option allows the Trusted Firmware to directly jump to Linux kernel for aarch32 without the need of an intermediate loader such as U-Boot. Similar to AArch64 ARM_LINUX_KERNEL_AS_BL33 only available with RESET_TO_SP_MIN=1 as well as BL33 and DTB are preloaded in memory. Change-Id: I908bc1633696be1caad0ce2f099c34215c8e0633 Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
-
- 29 Oct, 2018 1 commit
-
-
Soby Mathew authored
This patch enabled PIE for FVP when RESET_TO_BL31=1. The references to BL31_BASE are replaced by BL31_START as being a symbol exported by the linker, will create a dynamic relocation entry in .rela.dyn and hence will be fixed up by dynamic linker at runtime. Also, we disable RECLAIM_INIT_CODE when PIE is enabled as the init section overlay creates some static relocations which cannot be handled by the dynamic linker currently. Change-Id: I86df1b0a8b2a8bbbe7c3f3c0b9a08c86c2963ec0 Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
- 03 Oct, 2018 1 commit
-
-
Daniel Boulby authored
Map the initialization code for BL31 to overlap with the memory required for the secondary cores stack. Once BL31 has been initialized the memory can be remapped to RW data so that it can be used for secondary cores stacks. By moving code from .text to .text.init the size of the BL31 image is decreased by a page. Split arm_common.ld.S into two linker scripts, one for tzc_dram (arm_tzc_dram.ld.S) and one for reclaiming initialization code (arm_reclaim_init.ld.S) so that platforms can chose which memory regions they wish to include. Change-Id: I648e88f3eda1aa71765744cf34343ecda9320b32 Signed-off-by: Daniel Boulby <daniel.boulby@arm.com>
-
- 28 Sep, 2018 1 commit
-
-
Antonio Nino Diaz authored
- Remove references to removed build options. - Remove support for legacy GIC driver. - Remove support for LOAD_IMAGE_V2=0. Change-Id: I72f8c05620bdf4a682765e6e53e2c04ca749a3d5 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 21 Sep, 2018 1 commit
-
-
Daniel Boulby authored
Set MULTI_CONSOLE_API=1 for both AArch64 and AArch32 by default. MULTI_CONSOLE_API=0 is still supported, but it has to be set from the command line. Change-Id: I4eeaa8e243a3fe93ed8a716e502666a26ad28f35 Signed-off-by: Daniel Boulby <daniel.boulby@arm.com>
-
- 18 Sep, 2018 1 commit
-
-
Soby Mathew authored
The patch d323af9e removed the support for coherent memory in BL1 and BL2 for ARM platforms. But the CryptoCell SBROM integration depends on use of coherent buffers for passing data from the AP CPU to the CryptoCell. Hence this patch reintroduces support for coherent memory in BL1 and BL2 if ARM_CRYPTOCELL_INTEG=1. Change-Id: I011482dda7f7a3ec9e3e79bfb3f4fa03796f7e02 Signed-Off-by: Soby Mathew <soby.mathew@arm.com>
-
- 03 Aug, 2018 1 commit
-
-
Roberto Vargas authored
TF Makefile was linking all the objects files generated for the fdt library instead of creating a static library that could be used in the linking stage. Change-Id: If3705bba188ec39e1fbf2322a7f2a9a941e1b90d Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
-
- 12 Jul, 2018 1 commit
-
-
Dimitris Papastamos authored
Change-Id: Iaebbeac1a1d6fbd531e5694b95ed068b7a193e62 Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
-