1. 19 May, 2020 1 commit
  2. 07 Apr, 2020 1 commit
    • Julius Werner's avatar
      coreboot: Add memory range parsing · 579d1e90
      Julius Werner authored
      
      
      This patch adds code to parse memory range information passed by
      coreboot, and a simple helper to test whether a specific address belongs
      to a range. This may be useful for coreboot-using platforms that need to
      know information about the system's memory layout (e.g. to check whether
      an address passed in via SMC targets valid DRAM).
      Signed-off-by: default avatarJulius Werner <jwerner@chromium.org>
      Change-Id: I3bea326c426db27d1a8b7d6e17418e4850e884b4
      579d1e90
  3. 03 Apr, 2020 2 commits
    • John Powell's avatar
      Fix MISRA C issues in BL1/BL2/BL31 · 3443a702
      John Powell authored
      
      
      Attempts to address MISRA compliance issues in BL1, BL2, and BL31 code.
      Mainly issues like not using boolean expressions in conditionals,
      conflicting variable names, ignoring return values without (void), adding
      explicit casts, etc.
      
      Change-Id: If1fa18ab621b9c374db73fa6eaa6f6e5e55c146a
      Signed-off-by: default avatarJohn Powell <john.powell@arm.com>
      3443a702
    • Pramod Kumar's avatar
      xlat lib v2: Add support to pass shareability attribute for normal memory region · 06aca857
      Pramod Kumar authored
      
      
      Present framework restricts platform to pass desired shareability attribute
      for normal memory region mapped in MMU. it defaults to inner shareability.
      
      There are platforms where memories (like SRAM) are not placed at snoopable
      region in advaned interconnect like CCN/CMN hence snoopable transaction is
      not possible to these memory. Though These memories could be mapped in MMU
      as MT_NON_CACHEABLE, data caches benefits won't be available.
      
      If these memories are mapped as cacheable with non-shareable attribute,
      when only one core is running like at boot time, MMU data cached could be
      used for faster execution. Hence adding support to pass the shareability
      attribute for memory regions.
      Signed-off-by: default avatarPramod Kumar <pramod.kumar@broadcom.com>
      Change-Id: I678cb50120a28dae4aa9d1896e8faf1dd5cf1754
      06aca857
  4. 02 Apr, 2020 3 commits
    • Sandrine Bailleux's avatar
      Check for out-of-bound accesses in the CoT description · 6f8a2565
      Sandrine Bailleux authored
      
      
      The chain of trust array is now always accessed through a fconf getter.
      This gives us an ideal spot to check for out-of-bound accesses.
      
      Change-Id: Ic5ea20e43cf8ca959bb7f9b60de7c0839b390add
      Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
      6f8a2565
    • Masahiro Yamada's avatar
      Pass more -D options to BL*_CPPFLAGS instead of BL*_CFLAGS · 9cefb4b1
      Masahiro Yamada authored
      Commit d5e97a1d ("Build: define IMAGE_AT_EL1 or IMAGE_AT_EL3
      globally for C files") does not have commit 848a7e8c ("Build:
      introduce per-BL CPPFLAGS and ASFLAGS") as an ancestor because
      they were pulled almost at the same time.
      
      This is a follow-up conversion to be consistent with commit
      11a3c5ee
      
       ("plat: pass -D option to BL*_CPPFLAGS instead of
      BL*_CFLAGS").
      
      With this change, the command line option, IMAGE_AT_EL3, will be
      passed to .S files as well.
      
      I remove the definition in include/lib/cpus/aarch64/cpu_macros.S
      
      Otherwise, the following error would happen.
      
        include/lib/cpus/aarch64/cpu_macros.S:29:0: error: "IMAGE_AT_EL3" redefined [-Werror]
      
      Change-Id: I943c8f22356483c2ae3c57b515c69243a8fa6889
      Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      9cefb4b1
    • Masahiro Yamada's avatar
      xlat_tables_v2: fix assembler warning of PLAT_RO_XLAT_TABLES · 268131c2
      Masahiro Yamada authored
      
      
      If PLAT_RO_XLAT_TABLES is defined, the base xlat table goes to the
      .rodata section instead of .bss section.
      
      This causes a warning like:
      
      /tmp/ccswitLr.s: Assembler messages:
      /tmp/ccswitLr.s:297: Warning: setting incorrect section attributes for .rodata
      
      It is practically no problem, but I want to keep the build log clean.
      
      Put the base table into the "base_xlat_table" section to suppress the
      assembler warnings.
      
      The linker script determines its final destination; rodata section if
      PLAT_RO_XLAT_TABLES=1, or bss section otherwise. So, the result is the
      same.
      
      Change-Id: Ic85d1d2dddd9b5339289fc2378cbcb21dd7db02e
      Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      268131c2
  5. 01 Apr, 2020 1 commit
    • Varun Wadekar's avatar
      include: fixup 'cm_setup_context' prototype · 25d819a3
      Varun Wadekar authored
      
      
      This patch changes the prototype cm_setup_context() to use struct entry_point_info
      rather than the typedef'ed version of it. This fixes the following compilation error
      seen with EL3_EXCEPTION_HANDLING = 1.
      
      <snip>
      In file included from bl31/ehf.c:19:
      include/lib/el3_runtime/context_mgmt.h:35:49: error: unknown type name 'entry_point_info_t'
         35 | void cm_setup_context(cpu_context_t *ctx, const entry_point_info_t *ep);
            |                                                 ^~~~~~~~~~~~~~~~~~
      <snip>
      Signed-off-by: default avatarVarun Wadekar <vwadekar@nvidia.com>
      Change-Id: I73b059ff2dade2259cefd0f9a097c7ea4a88055d
      25d819a3
  6. 31 Mar, 2020 1 commit
  7. 25 Mar, 2020 1 commit
    • Manish V Badarkhe's avatar
      Fix 'tautological-constant-compare' error · 4c4a1327
      Manish V Badarkhe authored
      
      
      Fixed below 'tautological-constant-compare' error when building the source
      code with latest clang compiler <clang version 11.0.0>.
      
      plat/common/plat_psci_common.c:36:2:
      error: converting the result of '<<' to a boolean always evaluates
      to true [-Werror,-Wtautological-constant-compare]
              PMF_STORE_ENABLE)
              ^
      include/lib/pmf/pmf.h:28:29: note: expanded from macro 'PMF_STORE_ENABLE'
      PMF_STORE_ENABLE        (1 << 0)
      
      This error is observed beacuse of CASSERT placed in
      "PMF_DEFINE_CAPTURE_TIMESTAMP" which do below stuff:
      CASSERT(_flags, select_proper_config);
      where _flags = PMF_STORE_ENABLE (1 << 0) which always results true.
      Signed-off-by: default avatarManish V Badarkhe <Manish.Badarkhe@arm.com>
      Change-Id: Ifa82ea202496a23fdf1d27ea1798d1f1b583a021
      4c4a1327
  8. 20 Mar, 2020 1 commit
  9. 19 Mar, 2020 1 commit
  10. 11 Mar, 2020 3 commits
    • Madhukar Pappireddy's avatar
      fconf: enhancements to firmware configuration framework · 25d740c4
      Madhukar Pappireddy authored
      
      
      A populate() function essentially captures the value of a property,
      defined by a platform, into a fconf related c structure. Such a
      callback is usually platform specific and is associated to a specific
      configuration source.
      For example, a populate() function which captures the hardware topology
      of the platform can only parse HW_CONFIG DTB. Hence each populator
      function must be registered with a specific 'config_type' identifier.
      It broadly represents a logical grouping of configuration properties
      which is usually a device tree source file.
      
      Example:
      > TB_FW: properties related to trusted firmware such as IO policies,
      	 base address of other DTBs, mbedtls heap info etc.
      > HW_CONFIG: properties related to hardware configuration of the SoC
      	 such as topology, GIC controller, PSCI hooks, CPU ID etc.
      
      This patch modifies FCONF_REGISTER_POPULATOR macro and fconf_populate()
      to register and invoke the appropriate callbacks selectively based on
      configuration type.
      
      Change-Id: I6f63b1fd7a8729c6c9137d5b63270af1857bb44a
      Signed-off-by: default avatarMadhukar Pappireddy <madhukar.pappireddy@arm.com>
      25d740c4
    • Masahiro Yamada's avatar
      xlat_tables_v2: use ARRAY_SIZE in REGISTER_XLAT_CONTEXT_FULL_SPEC · e2822458
      Masahiro Yamada authored
      
      
      With this, it is clearer that .base_table_entries and .tables_num
      are the array size of .base_table and .tables, respectively.
      
      Change-Id: I634e65aba835ab9908cc3919355df6bc6e18d42a
      Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      e2822458
    • Masahiro Yamada's avatar
      xlat_tables_v2: merge REGISTER_XLAT_CONTEXT_{FULL_SPEC,RO_BASE_TABLE} · 363830df
      Masahiro Yamada authored
      
      
      xlat_tables_v2_helpers.h defines two quite similar macros,
      REGISTER_XLAT_CONTEXT_FULL_SPEC and REGISTER_XLAT_CONTEXT_RO_BASE_TABLE.
      
      Only the difference is the section of _ctx_name##_base_xlat_table.
      
      Parameterize it and unify these two macros.
      
      The base xlat table goes into the .bss section by default.
      If PLAT_RO_XLAT_TABLES is defined, it goes into the .rodata section.
      
      Change-Id: I8b02f4da98f0c272e348a200cebd89f479099c55
      Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      363830df
  11. 03 Mar, 2020 1 commit
    • Max Shvetsov's avatar
      SPMD: Adds partially supported EL2 registers. · 2825946e
      Max Shvetsov authored
      
      
      This patch adds EL2 registers that are supported up to ARMv8.6.
      ARM_ARCH_MINOR has to specified to enable save/restore routine.
      
      Note: Following registers are still not covered in save/restore.
       * AMEVCNTVOFF0<n>_EL2
       * AMEVCNTVOFF1<n>_EL2
       * ICH_AP0R<n>_EL2
       * ICH_AP1R<n>_EL2
       * ICH_LR<n>_EL2
      
      Change-Id: I4813f3243e56e21cb297b31ef549a4b38d4876e1
      Signed-off-by: default avatarMax Shvetsov <maksims.svecovs@arm.com>
      2825946e
  12. 02 Mar, 2020 1 commit
  13. 27 Feb, 2020 1 commit
    • Louis Mayencourt's avatar
      fconf: Fix misra issues · 845db722
      Louis Mayencourt authored
      
      
      MISRA C-2012 Rule 20.7:
      Macro parameter expands into an expression without being wrapped by parentheses.
      
      MISRA C-2012 Rule 12.1:
      Missing explicit parentheses on sub-expression.
      
      MISRA C-2012 Rule 18.4:
      Essential type of the left hand operand is not the same as that of the right
      operand.
      
      Include does not provide any needed symbols.
      
      Change-Id: Ie1c6451cfbc8f519146c28b2cf15c50b1f36adc8
      Signed-off-by: default avatarLouis Mayencourt <louis.mayencourt@arm.com>
      845db722
  14. 24 Feb, 2020 1 commit
    • Petre-Ionut Tudor's avatar
      Read-only xlat tables for BL31 memory · 60e8f3cf
      Petre-Ionut Tudor authored
      
      
      This patch introduces a build flag which allows the xlat tables
      to be mapped in a read-only region within BL31 memory. It makes it
      much harder for someone who has acquired the ability to write to
      arbitrary secure memory addresses to gain control of the
      translation tables.
      
      The memory attributes of the descriptors describing the tables
      themselves are changed to read-only secure data. This change
      happens at the end of BL31 runtime setup. Until this point, the
      tables have read-write permissions. This gives a window of
      opportunity for changes to be made to the tables with the MMU on
      (e.g. reclaiming init code). No changes can be made to the tables
      with the MMU turned on from this point onwards. This change is also
      enabled for sp_min and tspd.
      
      To make all this possible, the base table was moved to .rodata. The
      penalty we pay is that now .rodata must be aligned to the size of
      the base table (512B alignment). Still, this is better than putting
      the base table with the higher level tables in the xlat_table
      section, as that would cost us a full 4KB page.
      
      Changing the tables from read-write to read-only cannot be done with
      the MMU on, as the break-before-make sequence would invalidate the
      descriptor which resolves the level 3 page table where that very
      descriptor is located. This would make the translation required for
      writing the changes impossible, generating an MMU fault.
      
      The caches are also flushed.
      Signed-off-by: default avatarPetre-Ionut Tudor <petre-ionut.tudor@arm.com>
      Change-Id: Ibe5de307e6dc94c67d6186139ac3973516430466
      60e8f3cf
  15. 20 Feb, 2020 2 commits
    • Varun Wadekar's avatar
      include: move MHZ_TICKS_PER_SEC to utils_def.h · d4b29105
      Varun Wadekar authored
      
      
      This patch moves the MHZ_TICKS_PER_SEC macro to utils_def.h
      for other platforms to use.
      Signed-off-by: default avatarVarun Wadekar <vwadekar@nvidia.com>
      Change-Id: I6c4dc733f548d73cfdb3515ec9ad89a9efaf4407
      d4b29105
    • Varun Wadekar's avatar
      cpus: higher performance non-cacheable load forwarding · cd0ea184
      Varun Wadekar authored
      
      
      The CPUACTLR_EL1 register on Cortex-A57 CPUs supports a bit to enable
      non-cacheable streaming enhancement. Platforms can set this bit only
      if their memory system meets the requirement that cache line fill
      requests from the Cortex-A57 processor are atomic.
      
      This patch adds support to enable higher performance non-cacheable load
      forwarding for such platforms. Platforms must enable this support by
      setting the 'A57_ENABLE_NONCACHEABLE_LOAD_FWD' flag from their
      makefiles. This flag is disabled by default.
      
      Change-Id: Ib27e55dd68d11a50962c0bbc5b89072208b4bac5
      Signed-off-by: default avatarVarun Wadekar <vwadekar@nvidia.com>
      cd0ea184
  16. 18 Feb, 2020 3 commits
  17. 07 Feb, 2020 6 commits
    • Louis Mayencourt's avatar
      fconf: Add mbedtls shared heap as property · 6c972317
      Louis Mayencourt authored
      
      
      Use the firmware configuration framework in arm dynamic configuration
      to retrieve mbedtls heap information between bl1 and bl2.
      
      For this, a new fconf getter is added to expose the device tree base
      address and size.
      
      Change-Id: Ifa5ac9366ae100e2cdd1f4c8e85fc591b170f4b6
      Signed-off-by: default avatarLouis Mayencourt <louis.mayencourt@arm.com>
      6c972317
    • Louis Mayencourt's avatar
      fconf: Add TBBR disable_authentication property · ce852841
      Louis Mayencourt authored
      
      
      Use fconf to retrieve the `disable_authentication` property.
      Move this access from arm dynamic configuration to bl common.
      
      Change-Id: Ibf184a5c6245d04839222f5457cf5e651f252b86
      Signed-off-by: default avatarLouis Mayencourt <louis.mayencourt@arm.com>
      ce852841
    • Louis Mayencourt's avatar
      fconf: Add dynamic config DTBs info as property · 25ac8794
      Louis Mayencourt authored
      
      
      This patch introduces a better separation between the trusted-boot
      related properties, and the dynamic configuration DTBs loading
      information.
      
      The dynamic configuration DTBs properties are moved to a new node:
      `dtb-registry`. All the sub-nodes present will be provided to the
      dynamic config framework to be loaded. The node currently only contains
      the already defined configuration DTBs, but can be extended for future
      features if necessary.
      The dynamic config framework is modified to use the abstraction provided
      by the fconf framework, instead of directly accessing the DTBs.
      
      The trusted-boot properties are kept under the "arm,tb_fw" compatible
      string, but in a separate `tb_fw-config` node.
      The `tb_fw-config` property of the `dtb-registry` node simply points
      to the load address of `fw_config`, as the `tb_fw-config` is currently
      part of the same DTB.
      
      Change-Id: Iceb6c4c2cb92b692b6e28dbdc9fb060f1c46de82
      Signed-off-by: default avatarLouis Mayencourt <louis.mayencourt@arm.com>
      25ac8794
    • Louis Mayencourt's avatar
      fconf: Populate properties from dtb during bl2 setup · 9814bfc1
      Louis Mayencourt authored
      
      
      Use the dtb provided by bl1 as configuration file for fconf.
      
      Change-Id: I3f466ad9b7047e1a361d94e71ac6d693e31496d9
      Signed-off-by: default avatarLouis Mayencourt <louis.mayencourt@arm.com>
      9814bfc1
    • Louis Mayencourt's avatar
      fconf: Load config dtb from bl1 · 3b5ea741
      Louis Mayencourt authored
      
      
      Move the loading of the dtb from arm_dym_cfg to fconf. The new loading
      function is not associated to arm platform anymore, and can be moved
      to bl_main if wanted.
      
      Change-Id: I847d07eaba36d31d9d3ed9eba8e58666ea1ba563
      Signed-off-by: default avatarLouis Mayencourt <louis.mayencourt@arm.com>
      3b5ea741
    • Louis Mayencourt's avatar
      fconf: initial commit · ab1981db
      Louis Mayencourt authored
      
      
      Introduce the Firmware CONfiguration Framework (fconf).
      
      The fconf is an abstraction layer for platform specific data, allowing
      a "property" to be queried and a value retrieved without the requesting
      entity knowing what backing store is being used to hold the data.
      
      The default backing store used is C structure. If another backing store
      has to be used, the platform integrator needs to provide a "populate()"
      function to fill the corresponding C structure.
      The "populate()" function must be registered to the fconf framework with
      the "FCONF_REGISTER_POPULATOR()". This ensures that the function would
      be called inside the "fconf_populate()" function.
      
      A two level macro is used as getter:
      - the first macro takes 3 parameters and converts it to a function
        call: FCONF_GET_PROPERTY(a,b,c) -> a__b_getter(c).
      - the second level defines a__b_getter(c) to the matching C structure,
        variable, array, function, etc..
      
      Ex: Get a Chain of trust property:
          1) FCONF_GET_PROPERY(tbbr, cot, BL2_id) -> tbbr__cot_getter(BL2_id)
          2) tbbr__cot_getter(BL2_id) -> cot_desc_ptr[BL2_id]
      
      Change-Id: Id394001353ed295bc680c3f543af0cf8da549469
      Signed-off-by: default avatarLouis Mayencourt <louis.mayencourt@arm.com>
      ab1981db
  18. 28 Jan, 2020 1 commit
  19. 27 Jan, 2020 1 commit
  20. 23 Jan, 2020 1 commit
  21. 20 Jan, 2020 1 commit
  22. 10 Jan, 2020 1 commit
    • Deepika Bhavnani's avatar
      Unify type of "cpu_idx" across PSCI module. · 5b33ad17
      Deepika Bhavnani authored
      
      
      NOTE for platform integrators:
         API `plat_psci_stat_get_residency()` third argument
         `last_cpu_idx` is changed from "signed int" to the
         "unsigned int" type.
      
      Issue / Trouble points
      1. cpu_idx is used as mix of `unsigned int` and `signed int` in code
      with typecasting at some places leading to coverity issues.
      
      2. Underlying platform API's return cpu_idx as `unsigned int`
      and comparison is performed with platform specific defines
      `PLAFORM_xxx` which is not consistent
      
      Misra Rule 10.4:
      The value of a complex expression of integer type may only be cast to
      a type that is narrower and of the same signedness as the underlying
      type of the expression.
      
      Based on above points, cpu_idx is kept as `unsigned int` to match
      the API's and low-level functions and platform defines are updated
      where ever required
      Signed-off-by: default avatarDeepika Bhavnani <deepika.bhavnani@arm.com>
      Change-Id: Ib26fd16e420c35527204b126b9b91e8babcc3a5c
      5b33ad17
  23. 09 Jan, 2020 2 commits
  24. 23 Dec, 2019 2 commits
  25. 20 Dec, 2019 1 commit
    • Paul Beesley's avatar
      spm: Remove SPM Alpha 1 prototype and support files · 538b0020
      Paul Beesley authored
      
      
      The Secure Partition Manager (SPM) prototype implementation is
      being removed. This is preparatory work for putting in place a
      dispatcher component that, in turn, enables partition managers
      at S-EL2 / S-EL1.
      
      This patch removes:
      
      - The core service files (std_svc/spm)
      - The Resource Descriptor headers (include/services)
      - SPRT protocol support and service definitions
      - SPCI protocol support and service definitions
      
      Change-Id: Iaade6f6422eaf9a71187b1e2a4dffd7fb8766426
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      Signed-off-by: default avatarArtsem Artsemenka <artsem.artsemenka@arm.com>
      538b0020