1. 07 Feb, 2020 2 commits
  2. 06 Feb, 2020 2 commits
    • Max Shvetsov's avatar
      Adds option to read ROTPK from registers for FVP · a6ffddec
      Max Shvetsov authored
      
      
      Enables usage of ARM_ROTPK_LOCATION=regs for FVP board.
      Removes hard-coded developer keys. Instead, setting
      ARM_ROTPK_LOCATION=devel_* takes keys from default directory.
      In case of ROT_KEY specified - generates a new hash and replaces the
      original.
      
      Note: Juno board was tested by original feature author and was not tested
      for this patch since we don't have access to the private key. Juno
      implementation was moved to board-specific file without changing
      functionality. It is not known whether byte-swapping is still needed
      for this platform.
      
      Change-Id: I0fdbaca0415cdcd78f3a388551c2e478c01ed986
      Signed-off-by: default avatarMax Shvetsov <maksims.svecovs@arm.com>
      a6ffddec
    • Paul Beesley's avatar
      doc: Split and expand coding style documentation · e63f5d12
      Paul Beesley authored
      
      
      This patch expands the coding style documentation, splitting it
      into two documents: the core style rules and extended guidelines.
      Note that it does not redefine or change the coding style (aside
      from section 4.6.2) - generally, it is only documenting the
      existing style in more detail.
      
      The aim is for the coding style to be more readable and, in turn,
      for it to be followed by more people. We can use this as a more
      concrete reference when discussing the accepted style with external
      contributors.
      
      Change-Id: I87405ace9a879d7f81e6b0b91b93ca69535e50ff
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      Signed-off-by: default avatarPetre-Ionut Tudor <petre-ionut.tudor@arm.com>
      e63f5d12
  3. 03 Feb, 2020 2 commits
    • Imre Kis's avatar
      doc: Remove backquotes from external hyperlinks · 8d52e16b
      Imre Kis authored
      
      
      Since Sphinx 2.3.0 backquotes are replaced to \textasciigrave{} during
      building latexpdf. Using this element in a \sphinxhref{} breaks the
      build. In order to avoid this error backquotes must not be used in
      external hyperlinks.
      Signed-off-by: default avatarImre Kis <imre.kis@arm.com>
      Change-Id: Ie3cf454427e3d5a7b7f9829b42be45aebda7f0dd
      8d52e16b
    • Masahiro Yamada's avatar
      doc: qemu: fix and update documentation · 62038be7
      Masahiro Yamada authored
      
      
      The current URL for QEMU_EFI.fd is not found. Update the link to
      point to the new one.
      
      If you run the shell command as instructed, you will see this error:
        qemu-system-aarch64: keep_bootcon: Could not open 'keep_bootcon': No such file or directory
      
      The part "console=ttyAMA0,38400 keep_bootcon root=/dev/vda2" is the
      kernel parameter, so it must be quoted.
      
      As of writing, QEMU v4.2.0 is the latest, but it does not work for
      TF-A (It has been fixed in the mainline.) QEMU v4.1.0 works fine.
      
      With those issues addressed, I succeeded in booting the latest kernel.
      
      Tested with QEMU v4.1.0 and Linux 5.5 (defconfig with no modification).
      Update the tested versions.
      
      Change-Id: Ic85db0e688d67b1803ff890047d37de3f3db2daa
      Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      62038be7
  4. 29 Jan, 2020 2 commits
  5. 28 Jan, 2020 1 commit
  6. 27 Jan, 2020 1 commit
  7. 24 Jan, 2020 2 commits
  8. 23 Jan, 2020 3 commits
  9. 20 Jan, 2020 1 commit
  10. 17 Jan, 2020 2 commits
  11. 15 Jan, 2020 1 commit
  12. 14 Jan, 2020 1 commit
  13. 10 Jan, 2020 2 commits
    • Madhukar Pappireddy's avatar
      docs: GCC toolchain upgrade to version 9.2-2019.12 · f35e5ab3
      Madhukar Pappireddy authored
      
      
      This toolchain provides multiple cross compilers and are publicly
      available on developer.arm.com
      
      We build TF-A in CI using:
      AArch32 bare-metal target (arm-none-eabi)
      AArch64 ELF bare-metal target (aarch64-none-elf)
      
      Change-Id: I910200174d5bad985504d1af4a1ae5819b524003
      Signed-off-by: default avatarMadhukar Pappireddy <madhukar.pappireddy@arm.com>
      f35e5ab3
    • Deepika Bhavnani's avatar
      Unify type of "cpu_idx" across PSCI module. · 5b33ad17
      Deepika Bhavnani authored
      
      
      NOTE for platform integrators:
         API `plat_psci_stat_get_residency()` third argument
         `last_cpu_idx` is changed from "signed int" to the
         "unsigned int" type.
      
      Issue / Trouble points
      1. cpu_idx is used as mix of `unsigned int` and `signed int` in code
      with typecasting at some places leading to coverity issues.
      
      2. Underlying platform API's return cpu_idx as `unsigned int`
      and comparison is performed with platform specific defines
      `PLAFORM_xxx` which is not consistent
      
      Misra Rule 10.4:
      The value of a complex expression of integer type may only be cast to
      a type that is narrower and of the same signedness as the underlying
      type of the expression.
      
      Based on above points, cpu_idx is kept as `unsigned int` to match
      the API's and low-level functions and platform defines are updated
      where ever required
      Signed-off-by: default avatarDeepika Bhavnani <deepika.bhavnani@arm.com>
      Change-Id: Ib26fd16e420c35527204b126b9b91e8babcc3a5c
      5b33ad17
  14. 08 Jan, 2020 2 commits
  15. 03 Jan, 2020 1 commit
  16. 29 Dec, 2019 1 commit
    • Samuel Holland's avatar
      bl31: Split into two separate memory regions · f8578e64
      Samuel Holland authored
      
      
      Some platforms are extremely memory constrained and must split BL31
      between multiple non-contiguous areas in SRAM. Allow the NOBITS
      sections (.bss, stacks, page tables, and coherent memory) to be placed
      in a separate region of RAM from the loaded firmware image.
      
      Because the NOBITS region may be at a lower address than the rest of
      BL31, __RW_{START,END}__ and __BL31_{START,END}__ cannot include this
      region, or el3_entrypoint_common would attempt to invalidate the dcache
      for the entire address space. New symbols __NOBITS_{START,END}__ are
      added when SEPARATE_NOBITS_REGION is enabled, and the dcached for the
      NOBITS region is invalidated separately.
      Signed-off-by: default avatarSamuel Holland <samuel@sholland.org>
      Change-Id: Idedfec5e4dbee77e94f2fdd356e6ae6f4dc79d37
      f8578e64
  17. 23 Dec, 2019 1 commit
  18. 20 Dec, 2019 4 commits
    • Paul Beesley's avatar
      spm-mm: Refactor spm_svc.h and its contents · 0bf9f567
      Paul Beesley authored
      
      
      Change-Id: I91c192924433226b54d33e57d56d146c1c6df81b
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      0bf9f567
    • Paul Beesley's avatar
      spm-mm: Refactor secure_partition.h and its contents · aeaa225c
      Paul Beesley authored
      
      
      Before adding any new SPM-related components we should first do
      some cleanup around the existing SPM-MM implementation. The aim
      is to make sure that any SPM-MM components have names that clearly
      indicate that they are MM-related. Otherwise, when adding new SPM
      code, it could quickly become confusing as it would be unclear to
      which component the code belongs.
      
      The secure_partition.h header is a clear example of this, as the
      name is generic so it could easily apply to any SPM-related code,
      when it is in fact SPM-MM specific.
      
      This patch renames the file and the two structures defined within
      it, and then modifies any references in files that use the header.
      
      Change-Id: I44bd95fab774c358178b3e81262a16da500fda26
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      aeaa225c
    • Paul Beesley's avatar
      spm: Remove SPM Alpha 1 prototype and support files · 538b0020
      Paul Beesley authored
      
      
      The Secure Partition Manager (SPM) prototype implementation is
      being removed. This is preparatory work for putting in place a
      dispatcher component that, in turn, enables partition managers
      at S-EL2 / S-EL1.
      
      This patch removes:
      
      - The core service files (std_svc/spm)
      - The Resource Descriptor headers (include/services)
      - SPRT protocol support and service definitions
      - SPCI protocol support and service definitions
      
      Change-Id: Iaade6f6422eaf9a71187b1e2a4dffd7fb8766426
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      Signed-off-by: default avatarArtsem Artsemenka <artsem.artsemenka@arm.com>
      538b0020
    • Paul Beesley's avatar
      Remove dependency between SPM_MM and ENABLE_SPM build flags · 3f3c341a
      Paul Beesley authored
      
      
      There are two different implementations of Secure Partition
      management in TF-A. One is based on the "Management Mode" (MM)
      design, the other is based on the Secure Partition Client Interface
      (SPCI) specification. Currently there is a dependency between their
      build flags that shouldn't exist, making further development
      harder than it should be. This patch removes that
      dependency, making the two flags function independently.
      
      Before: ENABLE_SPM=1 is required for using either implementation.
              By default, the SPCI-based implementation is enabled and
              this is overridden if SPM_MM=1.
      
      After: ENABLE_SPM=1 enables the SPCI-based implementation.
             SPM_MM=1 enables the MM-based implementation.
             The two build flags are mutually exclusive.
      
      Note that the name of the ENABLE_SPM flag remains a bit
      ambiguous - this will be improved in a subsequent patch. For this
      patch the intention was to leave the name as-is so that it is
      easier to track the changes that were made.
      
      Change-Id: I8e64ee545d811c7000f27e8dc8ebb977d670608a
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      3f3c341a
  19. 18 Dec, 2019 1 commit
  20. 17 Dec, 2019 1 commit
  21. 16 Dec, 2019 2 commits
    • Sandrine Bailleux's avatar
      Update list of main maintainers · 01534e85
      Sandrine Bailleux authored
      
      
      Change-Id: Ia4faf873f8946992737f76870ac92bc5cb3f4020
      Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
      01534e85
    • Justin Chadwell's avatar
      Remove -Wpadded warning · 11a96e0e
      Justin Chadwell authored
      
      
      -Wpadded warns whenever the C compiler automatically includes any
      padding in a structure. Because TF-A has a large number of structures,
      this occurs fairly frequently and is incredibly verbose, and as such is
      unlikely to ever be fixed.
      
      The utility of this warning is also extremely limited - knowing that a
      structure includes padding does not point to the existence of an error,
      and is probably quite unlikely to indicate actually buggy behaviour.
      Therefore, it's probably best to keep this warning off at all times.
      
      Change-Id: I0797cb75f06b4fea0d2fdc16fd5ad978a31d76ec
      Signed-off-by: default avatarJustin Chadwell <justin.chadwell@arm.com>
      11a96e0e
  22. 11 Dec, 2019 1 commit
  23. 10 Dec, 2019 1 commit
  24. 02 Dec, 2019 1 commit
    • zelalem-aweke's avatar
      Enable Link Time Optimization in GCC · edbce9aa
      zelalem-aweke authored
      
      
      This patch enables LTO for TF-A when compiled with GCC.
      LTO is disabled by default and is enabled by
      ENABLE_LTO=1 build option.
      
      LTO is enabled only for aarch64 as there seem to be
      a bug in the aarch32 compiler when LTO is enabled.
      
      The changes in the makefiles include:
      - Adding -flto and associated flags to enable LTO.
      - Using gcc as a wrapper at link time instead of ld.
        This is recommended when using LTO as gcc internally
        takes care of invoking the necessary plugins for LTO.
      - Adding switches to pass options to ld.
      - Adding a flag to disable fix for erratum cortex-a53-843419
        unless explicitly enabled. This is needed because GCC
        seem to automatically add the erratum fix when used
        as a wrapper for LD.
      
      Additionally, this patch updates the TF-A user guide with
      the new build option.
      Signed-off-by: default avatarzelalem-aweke <zelalem.aweke@arm.com>
      Change-Id: I1188c11974da98434b7dc9344e058cd1eacf5468
      edbce9aa
  25. 27 Nov, 2019 1 commit
    • Paul Beesley's avatar
      doc: Split the User Guide into multiple files · 43f35ef5
      Paul Beesley authored
      
      
      The User Guide document has grown organically over time and
      now covers a wide range of topics, making it difficult to
      skim read and extract information from. Currently, it covers
      these topics and maybe a couple more:
      
      - Requirements (hardware, tools, libs)
      - Checking out the repo
      - Basic build instructions
      - A comprehensive list of build flags
      - FIP packaging
      - Building specifically for Juno
      - Firmware update images
      - EL3 payloads
      - Preloaded BL33 boot flow
      - Running on FVPs
      - Running on Juno
      
      I have separated these out into a few groups that become new
      documents. Broadly speaking, build instructions for the tools,
      for TF-A generally, and for specific scenarios are separated.
      Content relating to specific platforms (Juno and the FVPs are
      Arm-specific platforms, essentially) has been moved into the
      documentation that is specific to those platforms, under
      docs/plat/arm.
      
      Change-Id: Ica87c52d8cd4f577332be0b0738998ea3ba3bbec
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      43f35ef5
  26. 26 Nov, 2019 1 commit