- 13 Sep, 2019 12 commits
-
-
Andre Przywara authored
If a firmware component like TF-A reserves special memory regions for its own or secure payload services, it should announce the location and size of those regions to the non-secure world. This will avoid disappointment when some rich OS tries to acccess this memory, which will likely end in a crash. The traditional way of advertising reserved memory using device tree is using the special memreserve feature of the device tree blob (DTB). However by definition those regions mentioned there do not prevent the rich OS to map this memory, which may lead to speculative accesses to this memory and hence spurious bus errors. A safer way of carving out memory is to use the /reserved-memory node as part of the normal DT structure. Besides being easier to setup, this also defines an explicit "no-map" property to signify the secure-only nature of certain memory regions, which avoids the rich OS to accidentally step on it. Add a helper function to allow platform ports to easily add a region. Change-Id: I2b92676cf48fd3bdacda05b5c6b1c7952ebed68c Signed-off-by: Andre Przywara <andre.przywara@arm.com>
-
Andre Przywara authored
The QEMU platform port scans its device tree to advertise PSCI as the CPU enable method. It does this by scanning *every* node in the DT and check whether its compatible string starts with "arm,cortex-a". Then it sets the enable-method to PSCI, if it doesn't already have one. Other platforms might want to use this functionality as well, so let's move it out of the QEMU platform directory and make it more robust by fixing some shortcomings: - A compatible string starting with a certain prefix is not a good way to find the CPU nodes. For instance a "arm,cortex-a72-pmu" node will match as well and is in turn favoured with an enable-method. - If the DT already has an enable-method, we won't change this to PSCI. Those two issues will for instance fail on the Raspberry Pi 4 DT. To fix those problems, we adjust the scanning method: The DT spec says that all CPU nodes are subnodes of the mandatory /cpus node, which is a subnode of the root node. Also each CPU node has to have a device_type = "cpu" property. So we find the /cpus node, then scan for a subnode with the proper device_type, forcing the enable-method to "psci". We have to restart this search after a property has been patched, as the node offsets might have changed meanwhile. This allows this routine to be reused for the Raspberry Pi 4 later. Change-Id: I00cae16cc923d9f8bb96a9b2a2933b9a79b06139 Signed-off-by: Andre Przywara <andre.przywara@arm.com>
-
Andre Przywara authored
To allow sharing the driver between the RPi3 and RPi4, move the random number generator driver into the generic driver directory. Change-Id: Iae94d7cb22c6bce3af9bff709d76d4caf87b14d1 Signed-off-by: Andre Przywara <andre.przywara@arm.com>
-
Andre Przywara authored
To allow sharing the driver between the RPi3 and RPi4, move the mailbox driver into the generic driver directory. Change-Id: I463e49acf82b02bf004f3d56482b7791f3020bc0 Signed-off-by: Andre Przywara <andre.przywara@arm.com>
-
Andre Przywara authored
With the advent of Raspberry Pi 4 support, we need to separate some board specific headers between the RPi3 and RPi4. Rename and move the "rpi3_hw.h" header, so that .c files just include rpi_hw.h, and automatically get the correct version. Change-Id: I03b39063028d2bee1429bffccde71dddfe2dcde8 Signed-off-by: Andre Przywara <andre.przywara@arm.com>
-
Andre Przywara authored
With the incoming support for the Raspberry Pi 4 boards, one directory to serve both versions will not end up well. Create an additional layer by inserting a "rpi" directory betweeen /plat and rpi3, so that we can more easily share or separate files between the two later. Change-Id: I75adbb054fe7902f34db0fd5e579a55612dd8a5f Signed-off-by: Andre Przywara <andre.przywara@arm.com>
-
Soby Mathew authored
-
Soby Mathew authored
-
Soby Mathew authored
* changes: Remove RSA PKCS#1 v1.5 support from cert_tool Add documentation for new KEY_SIZE option Add cert_create tool support for RSA key sizes Support larger RSA key sizes when using MBEDTLS
-
Soby Mathew authored
* changes: mediatek: mt8183: Support coreboot configuration mediatek: mt8183: support system reset mediatek: mt8183: pass platform parameters mediatek: mt8183: add GPIO driver mediatek: mt8183: support system off mediatek: mt8183: support CPU hotplug mediatek: mt8183: refine GIC driver
-
Soby Mathew authored
-
Sandrine Bailleux authored
-
- 12 Sep, 2019 20 commits
-
-
Deepika Bhavnani authored
cpu_idx is used as mix of `unsigned int` and `signed int` in code with typecasting at some places. This change is to unify the cpu_idx as `unsigned int` as underlying API;s `plat_my_core_pos` returns `unsigned int` It was discovered via coverity issue CID 354715 Signed-off-by: Deepika Bhavnani <deepika.bhavnani@arm.com> Change-Id: I4f0adb0c596ff1177210c5fe803bff853f2e54ce
-
kenny liang authored
- Switch uart driver from Mediatek 8250 to TI 16550 - Enable MULTI_CONSOLE Signed-off-by: kenny liang <kenny.liang@mediatek.com> Change-Id: Ie3948d9e64d05d29a1f69592792e277b680c4ed4
-
Soby Mathew authored
-
Soby Mathew authored
-
Soby Mathew authored
-
Justin Chadwell authored
Support for PKCS#1 v1.5 was deprecated in SHA 1001202d and fully removed in SHA fe199e3b , however, cert_tool is still able to generate certificates in that form. This patch fully removes the ability for cert_tool to generate these certificates. Additionally, this patch also fixes a bug where the issuing certificate was a RSA and the issued certificate was EcDSA. In this case, the issued certificate would be signed using PKCS#1 v1.5 instead of RSAPSS per PKCS#1 v2.1, preventing TF-A from verifying the image signatures. Now that PKCS#1 v1.5 support is removed, all certificates that are signed with RSA now use the more modern padding scheme. Change-Id: Id87d7d915be594a1876a73080528d968e65c4e9a Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>
-
Justin Chadwell authored
This patch adds documentation for the new KEY_SIZE build option that is exposed by cert_create, and instructions on how to use it. Change-Id: I09b9b052bfdeeaca837e0f0026e2b01144f2472c Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>
-
Justin Chadwell authored
cert_tool is now able to accept a command line option for specifying the key size. It now supports the following options: 1024, 2048 (default), 3072 and 4096. This is also modifiable by TFA using the build flag KEY_SIZE. Change-Id: Ifadecf84ade3763249ee8cc7123a8178f606f0e5 Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>
-
Justin Chadwell authored
Previously, TF-A could not support large RSA key sizes as the configuration options passed to MBEDTLS prevented storing and performing calculations with the larger, higher-precision numbers required. With these changes to the arguments passed to MBEDTLS, TF-A now supports using 3072 (3K) and 4096 (4K) keys in certificates. Change-Id: Ib73a6773145d2faa25c28d04f9a42e86f2fd555f Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>
-
Hadi Asyrafi authored
Some of the platform (ie. Agilex) make use of CCU IPs which will only be initialized during bl2_el3_early_platform_setup. Any operation to the cache beforehand will crash the platform. Hence, this will provide an option to skip the data cache invalidation upon bl2 entry at EL3 Signed-off-by: Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com> Change-Id: I2c924ed0589a72d0034714c31be8fe57237d1f06
-
Soby Mathew authored
-
Soby Mathew authored
-
Soby Mathew authored
-
Soby Mathew authored
* changes: Add documentation for CTX_INCLUDE_MTE_REGS Enable MTE support in both secure and non-secure worlds
-
Soby Mathew authored
-
Soby Mathew authored
-
Soby Mathew authored
-
Soby Mathew authored
* changes: rcar_gen3: drivers: ddr_b: Update DDR setting for H3, M3, M3N rcar_gen3: drivers: qos: update QoS setting rcar_gen3: drivers: ddr_b: Fix checkpatch errors in headers rcar_gen3: drivers: ddr_b: Fix line-over-80s rcar_gen3: drivers: ddr_b: Further checkpatch cleanups rcar_gen3: drivers: ddr_b: Clean up camel case rcar_get3: drivers: ddr_b: Basic checkpatch fixes rcar_get3: drivers: ddr: Partly unify register macros between DDR A and B rcar_get3: drivers: ddr: Clean up common code
-
Soby Mathew authored
* changes: amlogic: Fix includes order amlogic: Fix header guards amlogic: Fix prefixes in the SoC specific files amlogic: Fix prefixes in the PM code amlogic: Fix prefixes in the SCPI related code amlogic: Fix prefixes in the MHU code amlogic: Fix prefixes in the SIP/SVC code amlogic: Fix prefixes in the thermal driver amlogic: Fix prefixes in the private header file amlogic: Fix prefixes in the efuse driver amlogic: Fix prefixes in the platform macros file amlogic: Fix prefixes in the helpers file amlogic: Rework Makefiles amlogic: Move the SIP SVC code to common directory amlogic: Move topology file to common directory amlogic: Move thermal code to common directory amlogic: Move MHU code to common directory amlogic: Move efuse code to common directory amlogic: Move platform macros assembly file to common directory amlogic: Introduce unified private header file amlogic: Move SCPI code to common directory amlogic: Move the SHA256 DMA driver to common directory amlogic: Move assembly helpers to common directory amlogic: Introduce directory parameters in the makefiles meson: Rename platform directory to amlogic
-
Hadi Asyrafi authored
Disable gic cpu interface for powered down cpu. This patch also removes core reset during power off as core reset will be done during power on Signed-off-by: Hadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com> Change-Id: I2ca96d876b6e71e56d24a9a7e184b6d6226b8673
-
- 11 Sep, 2019 6 commits
-
-
Carlo Caione authored
As part of the code refactoring fix the order of the include files across all the source files. Signed-off-by: Carlo Caione <ccaione@baylibre.com> Change-Id: Ice72f687cc26ee881a9051168149467688100cfb
-
Carlo Caione authored
Make the header guards more generic and contextually remove the GXBB_BL31_PLAT_PARAM_VAL value that is unused on the GXL platform. Signed-off-by: Carlo Caione <ccaione@baylibre.com> Change-Id: I842fa2e084e71280ae17b39c67877e844821a171
-
Soby Mathew authored
-
John Tsichritzis authored
Zeus supports the SSBS mechanism and also the new MSR instruction to immediately apply the mitigation. Hence, the new instruction is utilised in the Zeus-specific reset function. Change-Id: I962747c28afe85a15207a0eba4146f9a115b27e7 Signed-off-by: John Tsichritzis <john.tsichritzis@arm.com>
-
Justin Chadwell authored
This patch adds support for the Undefined Behaviour sanitizer. There are two types of support offered - minimalistic trapping support which essentially immediately crashes on undefined behaviour and full support with full debug messages. The full support relies on ubsan.c which has been adapted from code used by OPTEE. Change-Id: I417c810f4fc43dcb56db6a6a555bfd0b38440727 Signed-off-by: Justin Chadwell <justin.chadwell@arm.com>
-
Masahiro Yamada authored
Sparse warns this: lib/libc/assert.c:29:6: error: symbol '__assert' redeclared with different type (originally declared at include/lib/libc/assert.h:36) - different modifiers Add __dead2 to match the header declaration and C definition. I also changed '__dead2 void' to 'void __dead2' for the consistency with other parts. Change-Id: Iefa4f0e787c24fa7e7e499d2e7baf54d4deb49ef Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
- 10 Sep, 2019 2 commits
-
-
Jolly Shah authored
Common ipi_table needs to be initialized before using any IPI command (i.e send/receive). Move zynqmp ipi config table initialization from sip_svc_setup() to zynqmp_config_setup(). Change-Id: Ic8aaa0728a43936cd4c6e1ed590e01ba8f0fbf5b Signed-off-by: Tejas Patel <tejas.patel@xilinx.com> Signed-off-by: Jolly Shah <jolly.shah@xilinx.com>
-
Yann Gautier authored
The STM32 console driver was pre-pending '\r' before '\n'. It is now managed by the framework with the flag: CONSOLE_FLAG_TRANSLATE_CRLF. Remove the code in driver, and add the flag for STM32MP1. Change-Id: I5d0d5d5c4abee0b7dc11c2f8707b1b5cf10149ab Signed-off-by: Yann Gautier <yann.gautier@st.com>
-