1. 28 Jun, 2019 1 commit
  2. 24 May, 2019 4 commits
    • Alexei Fedorov's avatar
      Add support for Branch Target Identification · 9fc59639
      Alexei Fedorov authored
      
      
      This patch adds the functionality needed for platforms to provide
      Branch Target Identification (BTI) extension, introduced to AArch64
      in Armv8.5-A by adding BTI instruction used to mark valid targets
      for indirect branches. The patch sets new GP bit [50] to the stage 1
      Translation Table Block and Page entries to denote guarded EL3 code
      pages which will cause processor to trap instructions in protected
      pages trying to perform an indirect branch to any instruction other
      than BTI.
      BTI feature is selected by BRANCH_PROTECTION option which supersedes
      the previous ENABLE_PAUTH used for Armv8.3-A Pointer Authentication
      and is disabled by default. Enabling BTI requires compiler support
      and was tested with GCC versions 9.0.0, 9.0.1 and 10.0.0.
      The assembly macros and helpers are modified to accommodate the BTI
      instruction.
      This is an experimental feature.
      Note. The previous ENABLE_PAUTH build option to enable PAuth in EL3
      is now made as an internal flag and BRANCH_PROTECTION flag should be
      used instead to enable Pointer Authentication.
      Note. USE_LIBROM=1 option is currently not supported.
      
      Change-Id: Ifaf4438609b16647dc79468b70cd1f47a623362e
      Signed-off-by: default avatarAlexei Fedorov <Alexei.Fedorov@arm.com>
      9fc59639
    • Ambroise Vincent's avatar
      Makefile: Add default warning flags · 00296576
      Ambroise Vincent authored
      
      
      The flags are taken from the different warning levels of the build
      system when they do not generate any error with the current upstreamed
      platforms.
      
      Change-Id: Ia70cff83bedefb6d2f0dd266394ef77fe47e7f65
      Signed-off-by: default avatarAmbroise Vincent <ambroise.vincent@arm.com>
      00296576
    • John Tsichritzis's avatar
      Introduce BTI support in ROMLIB · bbb24f61
      John Tsichritzis authored
      
      
      When TF-A is compiled with BTI enabled, the branches in the ROMLIB
      jumptable must be preceded by a "bti j" instruction.
      
      Moreover, when the additional "bti" instruction is inserted, the
      jumptable entries have a distance of 8 bytes between them instead of 4.
      Hence, the wrappers are also modified accordinly.
      
      If TF-A is compiled without BTI enabled, the ROMLIB jumptable and
      wrappers are generated as before.
      
      Change-Id: Iaa59897668f8e59888d39046233300c2241d8de7
      Signed-off-by: default avatarJohn Tsichritzis <john.tsichritzis@arm.com>
      bbb24f61
    • John Tsichritzis's avatar
      Beautify "make help" · 7c23126c
      John Tsichritzis authored
      
      
      Changes to make the help text a bit more readable:
      1) The "usage" part is now a one-liner
      2) The supported platforms list is printed separately
      
      Change-Id: I93e48a6cf1d28f0ef9f3db16ce17725e4dff33c9
      Signed-off-by: default avatarJohn Tsichritzis <john.tsichritzis@arm.com>
      7c23126c
  3. 22 May, 2019 1 commit
  4. 09 May, 2019 1 commit
  5. 03 Apr, 2019 1 commit
  6. 26 Mar, 2019 1 commit
  7. 18 Mar, 2019 1 commit
    • Alexei Fedorov's avatar
      Declare PAuth for Secure world as experimental · 06715f85
      Alexei Fedorov authored
      
      
      Declare ENABLE_PAUTH and CTX_INCLUDE_PAUTH_REGS
      build options as experimental.
      Pointer Authentication is enabled for Non-secure world
      irrespective of the value of these build flags if the
      CPU supports it.
      The patch also fixes the description of fiptool 'help' command.
      
      Change-Id: I46de3228fbcce774a2624cd387798680d8504c38
      Signed-off-by: default avatarAlexei Fedorov <Alexei.Fedorov@arm.com>
      06715f85
  8. 12 Mar, 2019 2 commits
  9. 11 Mar, 2019 1 commit
  10. 27 Feb, 2019 3 commits
    • Varun Wadekar's avatar
      Tegra: Support for scatterfile for the BL31 image · c2ad38ce
      Varun Wadekar authored
      
      
      This patch provides support for using the scatterfile format as
      the linker script with the 'armlink' linker for Tegra platforms.
      
      In order to enable the scatterfile usage the following changes
      have been made:
      
      * provide mapping for ld.S symbols in bl_common.h
      * include bl_common.h from all the affected files
      * update the makefile rules to use the scatterfile and armlink
        to compile BL31
      * update pubsub.h to add sections to the scatterfile
      
      NOTE: THIS CHANGE HAS BEEN VERIFIED WITH TEGRA PLATFORMS ONLY.
      
      Change-Id: I7bb78b991c97d74a842e5635c74cb0b18e0fce67
      Signed-off-by: default avatarVarun Wadekar <vwadekar@nvidia.com>
      c2ad38ce
    • Antonio Nino Diaz's avatar
      Add support for pointer authentication · b86048c4
      Antonio Nino Diaz authored
      
      
      The previous commit added the infrastructure to load and save
      ARMv8.3-PAuth registers during Non-secure <-> Secure world switches, but
      didn't actually enable pointer authentication in the firmware.
      
      This patch adds the functionality needed for platforms to provide
      authentication keys for the firmware, and a new option (ENABLE_PAUTH) to
      enable pointer authentication in the firmware itself. This option is
      disabled by default, and it requires CTX_INCLUDE_PAUTH_REGS to be
      enabled.
      
      Change-Id: I35127ec271e1198d43209044de39fa712ef202a5
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      b86048c4
    • Antonio Nino Diaz's avatar
      Add ARMv8.3-PAuth registers to CPU context · 5283962e
      Antonio Nino Diaz authored
      
      
      ARMv8.3-PAuth adds functionality that supports address authentication of
      the contents of a register before that register is used as the target of
      an indirect branch, or as a load.
      
      This feature is supported only in AArch64 state.
      
      This feature is mandatory in ARMv8.3 implementations.
      
      This feature adds several registers to EL1. A new option called
      CTX_INCLUDE_PAUTH_REGS has been added to select if the TF needs to save
      them during Non-secure <-> Secure world switches. This option must be
      enabled if the hardware has the registers or the values will be leaked
      during world switches.
      
      To prevent leaks, this patch also disables pointer authentication in the
      Secure world if CTX_INCLUDE_PAUTH_REGS is 0. Any attempt to use it will
      be trapped in EL3.
      
      Change-Id: I27beba9907b9a86c6df1d0c5bf6180c972830855
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      5283962e
  11. 05 Feb, 2019 1 commit
  12. 30 Jan, 2019 1 commit
  13. 24 Jan, 2019 1 commit
    • Manish Pandey's avatar
      Make device tree pre-processing similar to U-boot/Linux · 7e94a699
      Manish Pandey authored
      
      
      Following changes are done to make DT pre-processing similar to that of
      U-boot/Linux kernel.
      
      1. Creating seperate CPPFLAGS for DT preprocessing so that compiler
      options specific to it can be accommodated.
      e.g: "-undef" compiler option avoids replacing "linux" string(used in
      device trees) with "1" as "linux" is a pre-defined macro in gnu99
      standard.
      
      2. Replace CPP with PP for DT pre-processing, as CPP in U-boot/Linux is
      exported as "${CROSS_COMPILE}gcc -E" while in TF-A it is exported as
      "${CROSS_COMPILE}cpp".
      
      Change-Id: If4c61a249d51614d9f53ae30b602036d50c02349
      Signed-off-by: default avatarManish Pandey <manish.pandey2@arm.com>
      7e94a699
  14. 22 Jan, 2019 1 commit
  15. 21 Jan, 2019 1 commit
  16. 04 Jan, 2019 3 commits
    • Antonio Nino Diaz's avatar
      Remove ASM_ASSERTION check in Makefile · 5c3bda7c
      Antonio Nino Diaz authored
      
      
      ASM_ASSERTION was deprecated long ago, this check is no longer needed.
      
      Change-Id: I2a5770f76ea1317461c0059dad8dba9dc0e5af32
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      5c3bda7c
    • Antonio Nino Diaz's avatar
      Sanitise includes across codebase · 09d40e0e
      Antonio Nino Diaz authored
      Enforce full include path for includes. Deprecate old paths.
      
      The following folders inside include/lib have been left unchanged:
      
      - include/lib/cpus/${ARCH}
      - include/lib/el3_runtime/${ARCH}
      
      The reason for this change is that having a global namespace for
      includes isn't a good idea. It defeats one of the advantages of having
      folders and it introduces problems that are sometimes subtle (because
      you may not know the header you are actually including if there are two
      of them).
      
      For example, this patch had to be created because two headers were
      called the same way: e0ea0928 ("Fix gpio includes of mt8173 platform
      to avoid collision."). More recently, this patch has had similar
      problems: 46f9b2c3 ("drivers: add tzc380 support").
      
      This problem was introduced in commit 4ecca339
      
       ("Move include and
      source files to logical locations"). At that time, there weren't too
      many headers so it wasn't a real issue. However, time has shown that
      this creates problems.
      
      Platforms that want to preserve the way they include headers may add the
      removed paths to PLAT_INCLUDES, but this is discouraged.
      
      Change-Id: I39dc53ed98f9e297a5966e723d1936d6ccf2fc8f
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      09d40e0e
    • Antonio Nino Diaz's avatar
      Reorganize architecture-dependent header files · f5478ded
      Antonio Nino Diaz authored
      
      
      The architecture dependant header files in include/lib/${ARCH} and
      include/common/${ARCH} have been moved to /include/arch/${ARCH}.
      
      Change-Id: I96f30fdb80b191a51448ddf11b1d4a0624c03394
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      f5478ded
  17. 18 Dec, 2018 2 commits
  18. 12 Dec, 2018 1 commit
  19. 11 Dec, 2018 1 commit
  20. 10 Dec, 2018 3 commits
    • Yann Gautier's avatar
      Makefile: add a possibility to disable -Werror · 6336b07a
      Yann Gautier authored
      
      
      Setting E=0 in the make command line disables -Werror in CPPFLAGS.
      Signed-off-by: default avatarYann Gautier <yann.gautier@st.com>
      6336b07a
    • Yann Gautier's avatar
      Add the possibility to compile TF-A with more warnings · e7c645b5
      Yann Gautier authored
      
      
      The list of warning is taken from kernel and also divided in 3.
      The option to activate that is W=x, with x=1, 2 or 3.
      Signed-off-by: default avatarYann Gautier <yann.gautier@st.com>
      e7c645b5
    • Antonio Nino Diaz's avatar
      SPM: Deprecate the current implementation · 2d7b9e5e
      Antonio Nino Diaz authored
      
      
      The current SPM is a prototype that only supports one secure partition
      in EL0. The objective of SPM is to have multiple partitions. The current
      MM interface isn't adequate for this, so it is needed to modify heavily
      the code to add proper support for it.
      
      However, there are platforms which are already using this (like SGI) and
      removing the code would break it.  For this reason, the current SPM code
      has been duplicated in order to temporarily preserve compatibility. All
      new improvements/changes to SPM will be done in the non-deprecated copy,
      that may change without notice.
      
      The new build option SPM_DEPRECATED has been introduced to select the SPM
      implementation. It defaults to 1, that selects the deprecated SPM.
      
      Change-Id: Ic9f80b53b450e97b4d3f47e4ef4a138ee8d87443
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      2d7b9e5e
  21. 07 Dec, 2018 2 commits
    • Julius Werner's avatar
      drivers/console: Reimplement MUTLI_CONSOLE_API framework in C · 91b48c9f
      Julius Werner authored
      
      
      Now that we have switched to using the stack in MULTI_CONSOLE_API
      framework functions and have factored all code involved in crash
      reporting out into a separate file, there's really no reason to keep the
      main framework code in assembly anymore. This patch rewrites it in C
      which allows us to have a single implementation across aarch32/64 and
      should be much easier to maintain going forward.
      
      Change-Id: I6c85a01e89a79e8b233f3f8bee812f0dbd026221
      Signed-off-by: default avatarJulius Werner <jwerner@chromium.org>
      91b48c9f
    • Julius Werner's avatar
      drivers/console: Link console framework code by default · 985ee0b7
      Julius Werner authored
      
      
      This patch makes the build system link the console framework code by
      default, like it already does with other common libraries (e.g. cache
      helpers). This should not make a difference in practice since TF is
      linked with --gc-sections, so the linker will garbage collect all
      functions and data that are not referenced by any other code. Thus, if a
      platform doesn't want to include console code for size reasons and
      doesn't make any references to console functions, the code will not be
      included in the final binary.
      
      To avoid compatibility issues with older platform ports, only make this
      change for the MULTI_CONSOLE_API.
      
      Change-Id: I153a9dbe680d57aadb860d1c829759ba701130d3
      Signed-off-by: default avatarJulius Werner <jwerner@chromium.org>
      985ee0b7
  22. 19 Nov, 2018 1 commit
  23. 29 Oct, 2018 1 commit
  24. 19 Oct, 2018 1 commit
  25. 08 Oct, 2018 1 commit
    • Andre Przywara's avatar
      Makefile: Support totally quiet output with -s · ee1ba6d4
      Andre Przywara authored
      
      
      "-s" is a command line option to the make tool, to suppress normal output,
      something to the effect of prepending every line with '@' in the Makefile.
      However with our V={0|1} support, we now print the shortened command line
      output in any case (even with V=1, in addition to the long line!).
      Normally -s helps to not miss non-fatal warnings, which tend to scroll out
      of the window easily.
      
      Introduce a new Makefile variable ECHO, to control the shortened output.
      We only set it in the (current default) V=0 case, and replace every
      occurence of "@echo" with that variable.
      When the user specifies "-s", we set ECHO to some magic string which
      changes the output line into a comment, so the output is suppressed.
      
      Beside suppressing every output for "-s", we also avoid the redundant
      short output when compiling with V=1.
      
      This changes the output to:
      ==========
      $ make -s PLAT=.... bl31
      
      Built build/.../release/bl31.bin
      
      ==========
      $ make PLAT=.... bl31
      ...
        CC      lib/libc/strncmp.c
        CC      lib/libc/strnlen.c
      ...
      ==========
      $ make V=1 PLAT=.... bl31
      ...
      gcc -DDEBUG=0 .... -o build/.../release/libc/strncmp.o
      gcc -DDEBUG=0 .... -o build/.../release/libc/strnlen.o
      ...
      ==========
      Signed-off-by: default avatarAndre Przywara <andre.przywara@arm.com>
      ee1ba6d4
  26. 03 Oct, 2018 2 commits
    • Sandrine Bailleux's avatar
      Remove incorrect tabulation in Makefile · 44a87380
      Sandrine Bailleux authored
      
      
      When attempting to compile TF-A with "SPD=something ARCH=aarch32", the
      following error message is printed:
      
       Makefile:291: *** recipe commences before first target.  Stop.
      
      This is because the call to the error function is indented using a tab
      whereas it's not part of a rule's recipe. Replace the tab by spaces.
      
      Change-Id: Ic9b603837a0e43f2f7070cb39137541c332365d2
      Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
      44a87380
    • Daniel Boulby's avatar
      Introduce RECLAIM_INIT_CODE build flag · 1dcc28cf
      Daniel Boulby authored
      
      
      This patch introduces a build flag "RECLAIM_INIT_CODE" to mark boot time
      code which allows platforms to place this memory in an appropriate
      section to be reclaimed later. This features is primarily targeted for
      BL31. Appropriate documentation updates are also done.
      
      Change-Id: If0ca062851614805d769c332c771083d46599194
      Signed-off-by: default avatarDaniel Boulby <daniel.boulby@arm.com>
      1dcc28cf
  27. 01 Oct, 2018 1 commit