1. 20 Apr, 2017 2 commits
  2. 19 Apr, 2017 1 commit
    • Antonio Nino Diaz's avatar
      Add `ENABLE_ASSERTIONS` build option · cc8b5632
      Antonio Nino Diaz authored
      
      
      Add the new build option `ENABLE_ASSERTIONS` that controls whether or
      not assert functions are compiled out. It defaults to 1 for debug builds
      and to 0 for release builds.
      
      Additionally, a following patch will be done to allow this build option
      to hide auxiliary code used for the checks done in an `assert()`. This
      code is is currently under the DEBUG build flag.
      
      Assert messages are now only printed if LOG_LEVEL >= LOG_LEVEL_INFO,
      which is the default for debug builds.
      
      This patch also updates the User Guide.
      
      Change-Id: I1401530b56bab25561bb0f274529f1d12c5263bc
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      cc8b5632
  3. 13 Apr, 2017 1 commit
    • Vignesh Radhakrishnan's avatar
      Tegra: Add support for fake system suspend · a9e0260c
      Vignesh Radhakrishnan authored
      
      
      This patch adds support for fake system suspend (SC7).
      This is a debug mode, to ensure that a different code path is
      executed for cases like pre-silicon development, where a
      full-fledged SC7 is not possible in early stages.
      
      This particular patch ensures that, if fake system suspend is
      enabled (denoted by tegra_fake_system_suspend variable
      having a non-zero value), instead of calling WFI, a request
      for a warm reset is made for starting the SC7 exit procedure.
      
      This ensures that the code path of kernel->ATF and back to
      kernel is executed without depending on other components
      involved in SC7 code path.
      
      Additionally, this patch also adds support for SMC call
      from kernel, enabling fake system suspend mode.
      Signed-off-by: default avatarVignesh Radhakrishnan <vigneshr@nvidia.com>
      Signed-off-by: default avatarVarun Wadekar <vwadekar@nvidia.com>
      a9e0260c
  4. 03 Apr, 2017 1 commit
    • Douglas Raillard's avatar
      Fix ARM_BL31_IN_DRAM build · f9608bc8
      Douglas Raillard authored
      
      
      Some header files using the ULL() macro were not directly including
      utils.h where the macro definition resides. As a consequence, a linker
      script with values using this macro did not see the macro definition
      and kept the "ULL(<value>)" call in the preprocessed file, which lead to
      link error.
      
      Files using ULL() macro now include utils.h directly.
      
      Change-Id: I433a7f36bd21a156c20e69bc2a2bb406140ebdf9
      Signed-off-by: default avatarDouglas Raillard <douglas.raillard@arm.com>
      f9608bc8
  5. 31 Mar, 2017 4 commits
    • dp-arm's avatar
      Introduce MIN()/MAX() macros in utils.h · 233d83d0
      dp-arm authored
      
      
      Change-Id: If88270bc9edb32634a793b1e1be6c4829f39b9c5
      Signed-off-by: default avatardp-arm <dimitris.papastamos@arm.com>
      233d83d0
    • Douglas Raillard's avatar
      Add support for GCC stack protection · 51faada7
      Douglas Raillard authored
      
      
      Introduce new build option ENABLE_STACK_PROTECTOR. It enables
      compilation of all BL images with one of the GCC -fstack-protector-*
      options.
      
      A new platform function plat_get_stack_protector_canary() is introduced.
      It returns a value that is used to initialize the canary for stack
      corruption detection. Returning a random value will prevent an attacker
      from predicting the value and greatly increase the effectiveness of the
      protection.
      
      A message is printed at the ERROR level when a stack corruption is
      detected.
      
      To be effective, the global data must be stored at an address
      lower than the base of the stacks. Failure to do so would allow an
      attacker to overwrite the canary as part of an attack which would void
      the protection.
      
      FVP implementation of plat_get_stack_protector_canary is weak as
      there is no real source of entropy on the FVP. It therefore relies on a
      timer's value, which could be predictable.
      
      Change-Id: Icaaee96392733b721fa7c86a81d03660d3c1bc06
      Signed-off-by: default avatarDouglas Raillard <douglas.raillard@arm.com>
      51faada7
    • Antonio Nino Diaz's avatar
      Add and use plat_crash_console_flush() API · 801cf93c
      Antonio Nino Diaz authored
      
      
      This API makes sure that all the characters sent to the crash console
      are output before returning from it.
      
      Porting guide updated.
      
      Change-Id: I1785f970a40f6aacfbe592b6a911b1f249bb2735
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      801cf93c
    • Antonio Nino Diaz's avatar
      Add console_flush() to console API · 73e05284
      Antonio Nino Diaz authored
      
      
      This function ensures that console output is flushed, for example
      before shutting down or use by another component
      
      In line with other console APIs, console_flush() wraps
      console_core_flush().
      
      Also implement console_core_flush() for PL011.
      
      Change-Id: I3db365065e4de04a454a5c2ce21be335a23a01e4
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      73e05284
  6. 28 Mar, 2017 1 commit
  7. 27 Mar, 2017 2 commits
    • Soby Mathew's avatar
      Re-factor header files for easier PSCI library integration · 5dffb46c
      Soby Mathew authored
      
      
      This patch re-factors the following headers to make it easier to
      integrate the PSCI library with an AArch32 Secure Payload :
      
        *  bl_common.h : The entry point information and the param
           header data structures are factored out into separate
           headers ep_info.h and param_headers.h
        *  psci.h : The PSCI library interfaces are factored out
           into the new header psci_lib.h
        *  context_mgmt.h : The header file is modified to not include
           arch.h when compiled for AArch32 mode.
      
      No functional changes are introduced by this patch.
      
      Change-Id: I5e21a843c0af2ba8e47dee4e577cf95929be8cd4
      Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      5dffb46c
    • Summer Qin's avatar
      ARM platforms: Add support for MT bit in MPIDR · d8d6cf24
      Summer Qin authored
      
      
      This patch modifies some of the functions in ARM platform layer to cater
      for the case when multi-threading `MT` is set in MPIDR. A new build flag
      `ARM_PLAT_MT` is added, and when enabled, the functions accessing MPIDR
      now assume that the `MT` bit is set for the platform and access the bit
      fields accordingly.
      
      Also, a new API plat_arm_get_cpu_pe_count is added when `ARM_PLAT_MT` is
      enabled, returning the PE count within the physical cpu corresponding to
      `mpidr`.
      
      Change-Id: I04ccf212ac3054a60882761f4087bae299af13cb
      Signed-off-by: default avatarSummer Qin <summer.qin@arm.com>
      d8d6cf24
  8. 22 Mar, 2017 1 commit
    • dp-arm's avatar
      mbedtls: Namespace TF specific macros · 66b4c166
      dp-arm authored
      
      
      These macros are not part of mbed TLS so they should not be prefixed
      with `MBEDTLS_` to avoid potential collision in the future. Use the
      `TBBR_` suffix to highlight that they only used in TF.
      
      `MBEDTLS_KEY_ALG` was not modified because that is documented and used
      by platforms to select the key algorithm.
      
      Change-Id: Ief224681715c481691c80810501830ce16e210b0
      Signed-off-by: default avatardp-arm <dimitris.papastamos@arm.com>
      66b4c166
  9. 20 Mar, 2017 1 commit
    • Andre Przywara's avatar
      Add workaround for ARM Cortex-A53 erratum 855873 · b75dc0e4
      Andre Przywara authored
      
      
      ARM erratum 855873 applies to all Cortex-A53 CPUs.
      The recommended workaround is to promote "data cache clean"
      instructions to "data cache clean and invalidate" instructions.
      For core revisions of r0p3 and later this can be done by setting a bit
      in the CPUACTLR_EL1 register, so that hardware takes care of the promotion.
      As CPUACTLR_EL1 is both IMPLEMENTATION DEFINED and can be trapped to EL3,
      we set the bit in firmware.
      Also we dump this register upon crashing to provide more debug
      information.
      
      Enable the workaround for the Juno boards.
      
      Change-Id: I3840114291958a406574ab6c49b01a9d9847fec8
      Signed-off-by: default avatarAndre Przywara <andre.przywara@arm.com>
      b75dc0e4
  10. 08 Mar, 2017 4 commits
    • Antonio Nino Diaz's avatar
      ARM platforms: Enable xlat tables lib v2 · bf75a371
      Antonio Nino Diaz authored
      
      
      Modify ARM common makefile to use version 2 of the translation tables
      library and include the new header in C files.
      
      Simplify header dependencies related to this library to simplify the
      change.
      
      The following table contains information about the size increase in
      bytes for BL1 after applying this patch. The code has been compiled for
      different configurations of FVP in AArch64 mode with compiler GCC 4.9.3
      20150413. The sizes have been calculated with the output of `nm` by
      adding the size of all regions and comparing the total size before and
      after the change. They are sumarized in the table below:
      
                                     text   bss   data  total
              Release                +660   -20    +88   +728
              Debug                  +740   -20   +242   +962
              Debug (LOG_LEVEL=50)  +1120   -20   +317  +1417
      
      Change-Id: I539e307f158ab71e3a8b771640001fc1bf431b29
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      bf75a371
    • Antonio Nino Diaz's avatar
      Apply workaround for errata 813419 of Cortex-A57 · ccbec91c
      Antonio Nino Diaz authored
      
      
      TLBI instructions for EL3 won't have the desired effect under specific
      circumstances in Cortex-A57 r0p0. The workaround is to execute DSB and
      TLBI twice each time.
      
      Even though this errata is only needed in r0p0, the current errata
      framework is not prepared to apply run-time workarounds. The current one
      is always applied if compiled in, regardless of the CPU or its revision.
      
      This errata has been enabled for Juno.
      
      The `DSB` instruction used when initializing the translation tables has
      been changed to `DSB ISH` as an optimization and to be consistent with
      the barriers used for the workaround.
      
      Change-Id: Ifc1d70b79cb5e0d87e90d88d376a59385667d338
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      ccbec91c
    • Antonio Nino Diaz's avatar
      Add dynamic region support to xlat tables lib v2 · 0b64f4ef
      Antonio Nino Diaz authored
      
      
      Added APIs to add and remove regions to the translation tables
      dynamically while the MMU is enabled. Only static regions are allowed
      to overlap other static ones (for backwards compatibility).
      
      A new private attribute (MT_DYNAMIC / MT_STATIC) has been added to
      flag each region as such.
      
      The dynamic mapping functionality can be enabled or disabled when
      compiling by setting the build option PLAT_XLAT_TABLES_DYNAMIC to 1
      or 0. This can be done per-image.
      
      TLB maintenance code during dynamic table mapping and unmapping has
      also been added.
      
      Fixes ARM-software/tf-issues#310
      
      Change-Id: I19e8992005c4292297a382824394490c5387aa3b
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      0b64f4ef
    • Antonio Nino Diaz's avatar
      Add version 2 of xlat tables library · 7bb01fb2
      Antonio Nino Diaz authored
      
      
      The folder lib/xlat_tables_v2 has been created to store a new version
      of the translation tables library for further modifications in patches
      to follow. At the moment it only contains a basic implementation that
      supports static regions.
      
      This library allows different translation tables to be modified by
      using different 'contexts'. For now, the implementation defaults to
      the translation tables used by the current image, but it is possible
      to modify other tables than the ones in use.
      
      Added a new API to print debug information for the current state of
      the translation tables, rather than printing the information while
      the tables are being created. This allows subsequent debug printing
      of the xlat tables after they have been changed, which will be useful
      when dynamic regions are implemented in a patch to follow.
      
      The common definitions stored in `xlat_tables.h` header have been moved
      to a new file common to both versions, `xlat_tables_defs.h`.
      
      All headers related to the translation tables library have been moved to
      a the subfolder `xlat_tables`.
      
      Change-Id: Ia55962c33e0b781831d43a548e505206dffc5ea9
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      7bb01fb2
  11. 06 Mar, 2017 1 commit
  12. 02 Mar, 2017 1 commit
  13. 28 Feb, 2017 2 commits
  14. 23 Feb, 2017 1 commit
  15. 22 Feb, 2017 1 commit
  16. 15 Feb, 2017 2 commits
    • dp-arm's avatar
      Juno: Disable SPIDEN in release builds · 09fad498
      dp-arm authored
      
      
      On Juno, the secure privileged invasive debug authentication signal
      (SPIDEN) is controlled by board SCC registers, which by default enable
      SPIDEN.  Disable secure privileged external debug in release builds by
      programming the appropriate Juno SoC registers.
      
      Change-Id: I61045f09a47dc647bbe95e1b7a60e768f5499f49
      Signed-off-by: default avatardp-arm <dimitris.papastamos@arm.com>
      09fad498
    • dp-arm's avatar
      Disable secure self-hosted debug via MDCR_EL3/SDCR · 85e93ba0
      dp-arm authored
      
      
      Trusted Firmware currently has no support for secure self-hosted
      debug.  To avoid unexpected exceptions, disable software debug
      exceptions, other than software breakpoint instruction exceptions,
      from all exception levels in secure state.  This applies to both
      AArch32 and AArch64 EL3 initialization.
      
      Change-Id: Id097e54a6bbcd0ca6a2be930df5d860d8d09e777
      Signed-off-by: default avatardp-arm <dimitris.papastamos@arm.com>
      85e93ba0
  17. 13 Feb, 2017 1 commit
    • dp-arm's avatar
      PSCI: Decouple PSCI stat residency calculation from PMF · 04c1db1e
      dp-arm authored
      
      
      This patch introduces the following three platform interfaces:
      
      * void plat_psci_stat_accounting_start(const psci_power_state_t *state_info)
      
        This is an optional hook that platforms can implement in order
        to perform accounting before entering a low power state.  This
        typically involves capturing a timestamp.
      
      * void plat_psci_stat_accounting_stop(const psci_power_state_t *state_info)
      
        This is an optional hook that platforms can implement in order
        to perform accounting after exiting from a low power state.  This
        typically involves capturing a timestamp.
      
      * u_register_t plat_psci_stat_get_residency(unsigned int lvl,
      	const psci_power_state_t *state_info,
      	unsigned int last_cpu_index)
      
        This is an optional hook that platforms can implement in order
        to calculate the PSCI stat residency.
      
      If any of these interfaces are overridden by the platform, it is
      recommended that all of them are.
      
      By default `ENABLE_PSCI_STAT` is disabled.  If `ENABLE_PSCI_STAT`
      is set but `ENABLE_PMF` is not set then an alternative PSCI stat
      collection backend must be provided.  If both are set, then default
      weak definitions of these functions are provided, using PMF to
      calculate the residency.
      
      NOTE: Previously, platforms did not have to explicitly set
      `ENABLE_PMF` since this was automatically done by the top-level
      Makefile.
      
      Change-Id: I17b47804dea68c77bc284df15ee1ccd66bc4b79b
      Signed-off-by: default avatardp-arm <dimitris.papastamos@arm.com>
      04c1db1e
  18. 06 Feb, 2017 1 commit
    • Douglas Raillard's avatar
      Introduce unified API to zero memory · 308d359b
      Douglas Raillard authored
      
      
      Introduce zeromem_dczva function on AArch64 that can handle unaligned
      addresses and make use of DC ZVA instruction to zero a whole block at a
      time. This zeroing takes place directly in the cache to speed it up
      without doing external memory access.
      
      Remove the zeromem16 function on AArch64 and replace it with an alias to
      zeromem. This zeromem16 function is now deprecated.
      
      Remove the 16-bytes alignment constraint on __BSS_START__ in
      firmware-design.md as it is now not mandatory anymore (it used to comply
      with zeromem16 requirements).
      
      Change the 16-bytes alignment constraints in SP min's linker script to a
      8-bytes alignment constraint as the AArch32 zeromem implementation is now
      more efficient on 8-bytes aligned addresses.
      
      Introduce zero_normalmem and zeromem helpers in platform agnostic header
      that are implemented this way:
      * AArch32:
      	* zero_normalmem: zero using usual data access
      	* zeromem: alias for zero_normalmem
      * AArch64:
      	* zero_normalmem: zero normal memory  using DC ZVA instruction
      	                  (needs MMU enabled)
      	* zeromem: zero using usual data access
      
      Usage guidelines: in most cases, zero_normalmem should be preferred.
      
      There are 2 scenarios where zeromem (or memset) must be used instead:
      * Code that must run with MMU disabled (which means all memory is
        considered device memory for data accesses).
      * Code that fills device memory with null bytes.
      
      Optionally, the following rule can be applied if performance is
      important:
      * Code zeroing small areas (few bytes) that are not secrets should use
        memset to take advantage of compiler optimizations.
      
        Note: Code zeroing security-related critical information should use
        zero_normalmem/zeromem instead of memset to avoid removal by
        compilers' optimizations in some cases or misbehaving versions of GCC.
      
      Fixes ARM-software/tf-issues#408
      
      Change-Id: Iafd9663fc1070413c3e1904e54091cf60effaa82
      Signed-off-by: default avatarDouglas Raillard <douglas.raillard@arm.com>
      308d359b
  19. 02 Feb, 2017 1 commit
    • dp-arm's avatar
      PMF: Fixup PMF constants · 888037e5
      dp-arm authored
      
      
      `PMF_ARM_TIF_IMPL_ID` should be set to 0x41.  The code already left
      shifts it by 24 bit positions so this was overflowing.
      
      This fixes a build error with GCC 6.2 when
      `ENABLE_RUNTIME_INSTRUMENTATION` is set.
      
      Change-Id: I4c99d48ea7ce3d76e9edd1325b1979994db2c0fb
      Signed-off-by: default avatardp-arm <dimitris.papastamos@arm.com>
      888037e5
  20. 30 Jan, 2017 2 commits
    • Jeenu Viswambharan's avatar
      Report errata workaround status to console · 10bcd761
      Jeenu Viswambharan authored
      
      
      The errata reporting policy is as follows:
      
        - If an errata workaround is enabled:
      
          - If it applies (i.e. the CPU is affected by the errata), an INFO
            message is printed, confirming that the errata workaround has been
            applied.
      
          - If it does not apply, a VERBOSE message is printed, confirming
            that the errata workaround has been skipped.
      
        - If an errata workaround is not enabled, but would have applied had
          it been, a WARN message is printed, alerting that errata workaround
          is missing.
      
      The CPU errata messages are printed by both BL1 (primary CPU only) and
      runtime firmware on debug builds, once for each CPU/errata combination.
      
      Relevant output from Juno r1 console when ARM Trusted Firmware is built
      with PLAT=juno LOG_LEVEL=50 DEBUG=1:
      
        VERBOSE: BL1: cortex_a57: errata workaround for 806969 was not applied
        VERBOSE: BL1: cortex_a57: errata workaround for 813420 was not applied
        INFO:    BL1: cortex_a57: errata workaround for disable_ldnp_overread was applied
        WARNING: BL1: cortex_a57: errata workaround for 826974 was missing!
        WARNING: BL1: cortex_a57: errata workaround for 826977 was missing!
        WARNING: BL1: cortex_a57: errata workaround for 828024 was missing!
        WARNING: BL1: cortex_a57: errata workaround for 829520 was missing!
        WARNING: BL1: cortex_a57: errata workaround for 833471 was missing!
        ...
        VERBOSE: BL31: cortex_a57: errata workaround for 806969 was not applied
        VERBOSE: BL31: cortex_a57: errata workaround for 813420 was not applied
        INFO:    BL31: cortex_a57: errata workaround for disable_ldnp_overread was applied
        WARNING: BL31: cortex_a57: errata workaround for 826974 was missing!
        WARNING: BL31: cortex_a57: errata workaround for 826977 was missing!
        WARNING: BL31: cortex_a57: errata workaround for 828024 was missing!
        WARNING: BL31: cortex_a57: errata workaround for 829520 was missing!
        WARNING: BL31: cortex_a57: errata workaround for 833471 was missing!
        ...
        VERBOSE: BL31: cortex_a53: errata workaround for 826319 was not applied
        INFO:    BL31: cortex_a53: errata workaround for disable_non_temporal_hint was applied
      
      Also update documentation.
      
      Change-Id: Iccf059d3348adb876ca121cdf5207bdbbacf2aba
      Signed-off-by: default avatarJeenu Viswambharan <jeenu.viswambharan@arm.com>
      10bcd761
    • Jeenu Viswambharan's avatar
      Allow spin locks to be defined from assembly · b38bc68b
      Jeenu Viswambharan authored
      
      
      At present, spin locks can only defined from C files. Add some macros
      such that they can be defined from assembly files too.
      
      Change-Id: I64f0c214062f5c15b3c8b412c7f25c908e87d970
      Signed-off-by: default avatarJeenu Viswambharan <jeenu.viswambharan@arm.com>
      b38bc68b
  21. 26 Jan, 2017 1 commit
    • David Cunado's avatar
      Resolve build errors flagged by GCC 6.2 · 9edac047
      David Cunado authored
      
      
      With GCC 6.2 compiler, more C undefined behaviour is being flagged as
      warnings, which result in build errors in ARM TF build.
      
      The specific issue that this patch resolves is the use of (1 << 31),
      which is predominantly used in case statements, where 1 is represented
      as a signed int. When shifted to msb the behaviour is undefined.
      
      The resolution is to specify 1 as an unsigned int using a convenience
      macro ULL(). A duplicate macro MAKE_ULL() is replaced.
      
      Fixes ARM-software/tf-issues#438
      
      Change-Id: I08e3053bbcf4c022ee2be33a75bd0056da4073e1
      Signed-off-by: default avatarDavid Cunado <david.cunado@arm.com>
      9edac047
  22. 24 Jan, 2017 2 commits
  23. 23 Jan, 2017 2 commits
    • Masahiro Yamada's avatar
      Use #ifdef for IMAGE_BL* instead of #if · 3d8256b2
      Masahiro Yamada authored
      
      
      One nasty part of ATF is some of boolean macros are always defined
      as 1 or 0, and the rest of them are only defined under certain
      conditions.
      
      For the former group, "#if FOO" or "#if !FOO" must be used because
      "#ifdef FOO" is always true.  (Options passed by $(call add_define,)
      are the cases.)
      
      For the latter, "#ifdef FOO" or "#ifndef FOO" should be used because
      checking the value of an undefined macro is strange.
      
      Here, IMAGE_BL* is handled by make_helpers/build_macro.mk like
      follows:
      
        $(eval IMAGE := IMAGE_BL$(call uppercase,$(3)))
      
        $(OBJ): $(2)
                @echo "  CC      $$<"
                $$(Q)$$(CC) $$(TF_CFLAGS) $$(CFLAGS) -D$(IMAGE) -c $$< -o $$@
      
      This means, IMAGE_BL* is defined when building the corresponding
      image, but *undefined* for the other images.
      
      So, IMAGE_BL* belongs to the latter group where we should use #ifdef
      or #ifndef.
      Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      3d8256b2
    • Haojian Zhuang's avatar
      drivers: add designware emmc driver · 5dbdb7da
      Haojian Zhuang authored
      
      
      Support Designware eMMC driver. It's based on both IO block
      and eMMC driver.
      Signed-off-by: default avatarHaojian Zhuang <haojian.zhuang@linaro.org>
      5dbdb7da
  24. 19 Jan, 2017 1 commit
    • Antonio Nino Diaz's avatar
      Fix declarations of cache maintenance functions · c8d64c54
      Antonio Nino Diaz authored
      Fix the parameter type of the maintenance functions of data cache.
      
      Add missing declarations for AArch32 versions of dcsw_op_louis and
      dcsw_op_all to match the AAch64 ones.
      
      Change-Id: I4226e8ea4f8b2b5bc2972992c83de659ee0da52c
      c8d64c54
  25. 18 Jan, 2017 2 commits
    • Masahiro Yamada's avatar
      Move BL_COHERENT_RAM_BASE/END defines to common_def.h · 47497053
      Masahiro Yamada authored
      
      
      We have lots of duplicated defines (and comment blocks too).
      Move them to include/plat/common/common_def.h.
      
      While we are here, suffix the end address with _END instead of
      _LIMIT.  The _END is a better fit to indicate the linker-derived
      real end address.
      Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      47497053
    • Masahiro Yamada's avatar
      Use *_END instead of *_LIMIT for linker derived end addresses · ecdc898d
      Masahiro Yamada authored
      
      
      The usage of _LIMIT seems odd here, so rename as follows:
        BL_CODE_LIMIT     --> BL_CODE_END
        BL_RO_DATA_LIMIT  --> BL_RO_DATA_END
        BL1_CODE_LIMIT    --> BL1_CODE_END
        BL1_RO_DATA_LIMIT --> BL1_RO_DATA_END
      
      Basically, we want to use _LIMIT and _END properly as follows:
        *_SIZE + *_MAX_SIZE = *_LIMIT
        *_SIZE + *_SIZE     = *_END
      
      The _LIMIT is generally defined by platform_def.h to indicate the
      platform-dependent memory constraint.  So, its typical usage is
        ASSERT(. <= BL31_LIMIT, "BL31 image has exceeded its limit.")
      in a linker script.
      
      On the other hand, _END is used to indicate the end address of the
      compiled image, i.e. we do not know it until the image is linked.
      
      Here, all of these macros belong to the latter, so should be
      suffixed with _END.
      Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      ecdc898d
  26. 16 Jan, 2017 1 commit