Commits · 48e1d350a0021a9a2f7e34041f28273dee9eb885 · adam.huang / Arm Trusted Firmware

10 Dec, 2018 1 commit

AArch64: Use SSBS for CVE_2018_3639 mitigation · 48e1d350

Jeenu Viswambharan authored Nov 15, 2018



The Armv8.5 extensions introduces PSTATE.SSBS (Speculation Store Bypass
Safe) bit to mitigate against Variant 4 vulnerabilities. Although an
Armv8.5 feature, this can be implemented by CPUs implementing earlier
version of the architecture.

With this patch, when both PSTATE.SSBS is implemented and
DYNAMIC_WORKAROUND_CVE_2018_3639 is active, querying for
SMCCC_ARCH_WORKAROUND_2 via. SMCCC_ARCH_FEATURES call would return 1 to
indicate that mitigation on the PE is either permanently enabled or not
required.

When SSBS is implemented, SCTLR_EL3.DSSBS is initialized to 0 at reset
of every BL stage. This means that EL3 always executes with mitigation
applied.

For Cortex A76, if the PE implements SSBS, the existing mitigation (by
using a different vector table, and tweaking CPU ACTLR2) is not used.

Change-Id: Ib0386c5714184144d4747951751c2fc6ba4242b6
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>

48e1d350

05 Dec, 2018 4 commits

Merge pull request #1711 from antonio-nino-diaz-arm/an/fix-imx · 19b56cf4
Antonio Niño Díaz authored Dec 05, 2018
```
tzc380: Fix some asserts
```
19b56cf4

tzc380: Fix some asserts · df54406d

Antonio Nino Diaz authored Dec 05, 2018



This driver can be compiled in release builds, but GCC generates warnings
for some comparisons and that prevents the firmware from being built in
debug builds.

Change-Id: Ic52e1b4a11896ecf086864fbe2b5bfc143ec9b1b
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

df54406d

Merge pull request #1653 from JackyBai/master · 36bc633e
Antonio Niño Díaz authored Dec 05, 2018
```
Add NXP i.MX8MQ basic support 
```
36bc633e

plat: imx: Add i.MX8MQ basic support · 81136819

Bai Ping authored Oct 28, 2018



i.MX8MQ is new SOC of NXP's i.MX8M family based on
A53. It can provide industry-leading audio, voice
and video processing for applications that scale
from consumer home audio to industrial building
automation and mobile computers

this patchset add the basic supoort to boot up
the 4 X A53. more feature will be added later.
Signed-off-by: Bai Ping <ping.bai@nxp.com>

81136819

04 Dec, 2018 14 commits

Merge pull request #1703 from oscardagrach/hikey960-dmac-fix · 03ce1620
Antonio Niño Díaz authored Dec 04, 2018
```
hikey960: initialize EDMAC and channels
```
03ce1620
Merge pull request #1705 from chandnich/platform-id · ae4a99b9
Antonio Nino Diaz authored Dec 04, 2018
```
plat/arm/sgi: Use platform specific functions to get platform ids
```
ae4a99b9
Merge pull request #1702 from MISL-EBU-System-SW/patches-18.12 · 6d422c3e
Antonio Niño Díaz authored Dec 04, 2018
```
Update code with latest changes from Marvell LSP 18.12
```
6d422c3e

plat/marvell: update platform LSP version to 18.12.0 · f32f3899

Konstantin Porotchkin authored Nov 29, 2018



Sync the platform code version with current Marvell LSP.
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>

f32f3899

a8k: pm: extend MSS_TRIGGER_TIMEOUT · ff82813a

Igal Liberman authored Sep 03, 2018



Very rarely, during cpuidle operations the following error
is seen: "PM MSG Trigger Timeout".
This is caused by slow handling of message interrutps
in the PM FW running on CM3 (under heavy PM operation load).

This is not a real issue, so we extend the timeout to
avoid the error prints.

Change-Id: I92fd6f2ff1ddf208b216c123880ded28a00b6e0e
Signed-off-by: Igal Liberman <igall@marvell.com>
Reviewed-on: http://vgitil04.il.marvell.com:8080/59670

Reviewed-by: Kostya Porotchkin <kostap@marvell.com>
Tested-by: iSoC Platform CI <ykjenk@marvell.com>

ff82813a

plat/marvell: comphy: Add support for SFI on Lane 4 · 5a9f00f7

Konstantin Porotchkin authored Oct 21, 2018



Add static configuration for SFI+ 10Gbps interface on SERDES
Lane 4.
This is just a copy of Lane 2 static values, not optimized.
Board-to-board iperf test shows up to 6Gbps transfer speed.

Change-Id: I024d2ac132f7fa6c342a64367f3dca2123a27e97
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
Reviewed-by: Igal Liberman <igall@marvell.com>

5a9f00f7

doc: marvell: Update build manual with new memory layouts · d03f7a31

Konstantin Porotchkin authored Nov 25, 2018



Add description for memory layouts used by EspressoBin v7 (DDR4)

Change-Id: I199d8b52580b26e560f14b503a6e99d32de4f284
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
Reviewed-on: http://vgitil04.il.marvell.com:8080/61279

Reviewed-by: Stefan Chulski <stefanc@marvell.com>
Tested-by: iSoC Platform CI <ykjenk@marvell.com>

d03f7a31

fix: a3900: pm: fix number of CPU power switches. · 5cf6fafe

Christine Gharzuzi authored Jul 25, 2018



- Number of open power switches for CPUs should be three
  and now two.

- This patch updates the value of open power switches from
  0xfd (two power-switches) to 0xfc (three power-switches).

Change-Id: I2783ab7f04bbbb6da78eeedcabe4636f9a774512
Signed-off-by: Christine Gharzuzi <chrisg@marvell.com>
Reviewed-by: Kostya Porotchkin <kostap@marvell.com>

5cf6fafe

svc: Update the EEPROM AVS values processing · c3544269

Konstantin Porotchkin authored Nov 06, 2018



Add support for SVC test builds for tuning AVS values.
Update the SVC procedure and add EEPROM access.
Add support for AP807 AVS values (10 bits wide).
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>

c3544269

ble: ap807: Switch to PLL mode and update CPU frequency · 1020e0d3

Christine Gharzuzi authored Jun 25, 2018



- Update CPU frequency on AP807 to 2GHz for SAR 0x0.
- Increase AVS to 0.88V for 2GHz clock

Change-Id: Ic945b682ab2f8543e34294bfc56c3eae2c5e0c8e
Signed-off-by: Christine Gharzuzi <chrisg@marvell.com>
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>

1020e0d3

mvebu: cp110: avoid pcie power on/off sequence when called from Linux · 55df84f9

Igal Liberman authored Nov 15, 2018



In Armada 8K DB boards, PCIe initialization can be executed only once
because PCIe reset performed during chip power on and it cannot be
executed via GPIO later.
This means that power on can be executed only once, when it's called
from the bootloader.
Power on:
	Read bit 21 of the mode, it marks if the caller is
	the bootloader or the Linux Kernel.
Power off:
	Check if the comphy was already configured to PCIe, if yes,
	check if the caller is bootloader, if both conditions are true
	(PCIe mode and called by Linux) - skip the power-off.

In addition, fix incorrect documentation describing mode fields -
PCIe width is 3 bits, not 2.

NOTE: with this patch, please use LK4.14.76 (LK4.4.120 may not work
with it).

Change-Id: I4b929011f97a0a1869a51ba378687e78b3eca4ff
Signed-off-by: Igal Liberman <igall@marvell.com>
Reviewed-by: Grzegorz Jaszczyk <jaz@semihalf.com>
Reviewed-by: Kostya Porotchkin <kostap@marvell.com>

55df84f9

plat: marvell: a3700: do not power off cpu due to errata ref #13 · 9cb6751d

Grzegorz Jaszczyk authored Nov 14, 2018



Do not power off the CPU1 since there is no way to wake it up
(wake-up is causing CPU0 reset as well duo to HW bug). Quote from errata
Ref #13 [In power saving mode, both cores must be powered off]:
"When Core 0 is on and Core 1 is in power-off state, a Core 1
wake-up resets Core 0 as well and puts Core 0 back to ROM".

To overcome described HW bug instead of powering the CPU off, let it
reach WFI instruction, which is invoked by generic psci_do_cpu_off
function after platform handler finishes. This will put the core in low
power state and give a chance to wake it up.

Before this change, after running secondary kernel via kexec, only one
core was up, now both cores are up.

Change-Id: I87f144867550728055d9b8a2edb84a14539acab7
Signed-off-by: Grzegorz Jaszczyk <jaz@semihalf.com>
Reviewed-by: Kostya Porotchkin <kostap@marvell.com>

9cb6751d

mvebu: cp110: fix phy selector configuration for XFI1 · 0529106c

Grzegorz Jaszczyk authored Oct 19, 2018



Extended phy selector configuration about XFI1 mode.

Change-Id: I1309770bbb5fdbfb0127b6f12ee78974d1d6b19f
Signed-off-by: Grzegorz Jaszczyk <jaz@semihalf.com>
Reviewed-by: Kostya Porotchkin <kostap@marvell.com>

0529106c

drivers: add tzc380 support · 46f9b2c3

Peng Fan authored Jul 05, 2017



Add tzc380 support.
Signed-off-by: Peng Fan <peng.fan@nxp.com>
Signed-off-by: Bai Ping <ping.bai@nxp.com>

46f9b2c3

03 Dec, 2018 2 commits

Merge pull request #1699 from chandnich/sgi-mt-support · 41771df8
Soby Mathew authored Dec 03, 2018
```
Add support to implement multi-threaded platforms for SGI
```
41771df8

plat/arm/sgi: Use platform specific functions to get platform ids · 699223a2

Chandni Cherukuri authored Nov 28, 2018



Add two new functions 'plat_arm_sgi_get_platform_id' and
'plat_arm_sgi_get_config_id' which will be implemented by all the
SGI platforms. These functions can be used to determine the part
number and configuration id of the SGI platforms.

In BL2, these functions are used to populate the 'system-id' node.
In BL31, these functions are used to populate the 'sgi_plat_info_t'
structure with the part number and configuration id of the platform.

Change-Id: I3bacda933527724a3b4074ad4ed5b53a81ea4689
Signed-off-by: Chandni Cherukuri <chandni.cherukuri@arm.com>

699223a2

30 Nov, 2018 1 commit
- Merge pull request #1701 from chandnich/psci-ops · 500db013
  Soby Mathew authored Nov 30, 2018
```
remove weak implemention of 'plat_arm_psci_override_pm_ops'
```
  500db013
29 Nov, 2018 5 commits

hikey960: initialize EDMAC and channels · 87f6740c

Ryan Grachek authored Nov 29, 2018



This is needed to utilize the DMA controller on the hikey960
Signed-off-by: Ryan Grachek <ryan@edited.us>

87f6740c

Merge pull request #1688 from JoelHutton/jh/variant_1_mitigations · 37e8ab53
Antonio Niño Díaz authored Nov 29, 2018
```
Initial Spectre V1 mitigations (CVE-2017-5753).
```
37e8ab53
Merge pull request #1698 from hzhuang1/rm_emmc_delay · 3af48da7
Antonio Niño Díaz authored Nov 29, 2018
```
Rm emmc delay
```
3af48da7
Merge pull request #1679 from pangupta/master · 051cf889
Antonio Niño Díaz authored Nov 29, 2018
```
ccn: Introduce API to set and read value of node register
```
051cf889

plat/arm: remove weak implemention of 'plat_arm_psci_override_pm_ops' function · 89f2e589

Chandni Cherukuri authored Nov 14, 2018



In order to allow Arm platforms to override the default list of PSCI
callbacks, remove the existing weak implementation of
'plat_arm_psci_override_pm_ops' function and let all the Arm platforms
implement their own 'plat_arm_psci_override_pm_ops' function.

For platforms that support SCMI protocol, the function
'css_scmi_override_pm_ops' can be additionally used as well to
override the default PSCI callbacks.

Change-Id: If7c27468bd51a00ea9c2a3716b5894163f5a9f3c
Signed-off-by: Chandni Cherukuri <chandni.cherukuri@arm.com>

89f2e589

28 Nov, 2018 1 commit
- Merge pull request #1693 from jeenu-arm/ehf-doc · 9345d9a0
  Antonio Niño Díaz authored Nov 28, 2018
```
EHF and RAS documentation
```
  9345d9a0
27 Nov, 2018 6 commits

Merge pull request #1696 from satheesbalya-arm/sb1/sb1_2406_romlib_juno · 48e32a13
Antonio Niño Díaz authored Nov 27, 2018
```
romlib: Add juno support for romlib
```
48e32a13
Merge pull request #1695 from satheesbalya-arm/sb1/sb1_2641_romlib_phase2 · 3b83c957
Antonio Niño Díaz authored Nov 27, 2018
```
romlib: Allow patching of romlib functions
```
3b83c957

plat/arm/sgi: allow value of PLAT_MAX_PWR_LVL to be platform specific · a83d4bd7

Chandni Cherukuri authored Oct 16, 2018



For platforms with multi-threaded CPUs, the number of power domains
supported would be more than the value currently defined by
PLAT_MAX_PWR_LVL. So move the PLAT_MAX_PWR_LVL macro to platform
specific code and let the platform define the number of power domain
levels.

Change-Id: I21c0682e62b397860b2999031a0c9c5ce0d28eed
Signed-off-by: Chandni Cherukuri <chandni.cherukuri@arm.com>

a83d4bd7

plat/arm/sgi: override weak implementation of plat_arm_get_cpu_pe_count · bd3d7b4a

Chandni Cherukuri authored Aug 16, 2018

To support platforms which are based on multi-threaded CPUs, override
the weak implementation of plat_arm_get_cpu_pe_count function to return
the number of threads supported by the CPU used in the platform.

Change-Id: Ia680773f1277b17e2d3d2414d87943dcece33e89
Signed-off-by: Chandni Cherukuri <chandni.cherukuri@arm.com>

bd3d7b4a

plat/arm/common: add an additional platform power level · 0e27faf4

Chandni Cherukuri authored Oct 16, 2018



For platforms using multi-threaded CPUs, there can be upto four
platform power domain levels. At present, there are three platform
power domain levels that are defined for the CSS platforms. Define a
fourth level 'ARM_PWR_LVL3' as well to provide support for an
additional platform power domain level.

Change-Id: I40cc17a10f4690a560776f504364fd7277a7e72a
Signed-off-by: Chandni Cherukuri <chandni.cherukuri@arm.com>

0e27faf4

plat/css: allow platforms to define the system power domain level · eff2f444

Chandni Cherukuri authored Oct 16, 2018



The CSS_SYSTEM_PWR_DMN_LVL macro that defines the system power domain
level is fixed at ARM_PWR_LVL2 for all CSS platforms. However, the
system power domain level can be different for CSS platforms that
use multi-threaded CPUs.

So, in preparation towards adding support for platforms that use
multi-threaded CPUs, refactor the definition of CSS_SYSTEM_PWR_DMN_LVL
such that CSS_SYSTEM_PWR_DMN_LVL is uniquely defined for each of the
CSS platform.

Change-Id: Ia837b13f6865e71da01780993c048b45b7f36d85
Signed-off-by: Chandni Cherukuri <chandni.cherukuri@arm.com>

eff2f444

26 Nov, 2018 6 commits

docs: Add RAS framework documentation · 63eb2410

Jeenu Viswambharan authored Oct 12, 2018



Change-Id: Ibf2b21b12ebc0af5815fc6643532a3be9100bf02
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>

63eb2410

Initial Spectre V1 mitigations (CVE-2017-5753). · 9edd8912

Joel Hutton authored Oct 09, 2018

Initial Spectre Variant 1 mitigations (CVE-2017-5753).
A potential speculative data leak was found in PSCI code, this depends
on a non-robust implementation of the `plat_get_core_pos_by_mpidr()`
function. This is considered very low-risk. This patch adds a macro to
mitigate this. Note not all code paths could be analyzed with current
tools.

Add a macro which makes a variable 'speculation safe', using the
__builtin_speculation_safe_value function of GCC and llvm. This will be
available in GCC 9, and is planned for llvm, but is not currently in
mainline GCC or llvm. In order to implement this mitigation the compiler
must support this builtin. Support is indicated by the
__HAVE_SPECULATION_SAFE_VALUE flag.

The -mtrack-speculation option maintains a 'tracker' register, which
determines if the processor is in false speculation at any point. This
adds instructions and increases code size, but avoids the performance
impact of a hard barrier.

Without the -mtrack-speculation option, __builtin_speculation_safe_value
expands to a

ISB
DSB SY

sequence after a conditional branch, before the
speculation safe variable is used. With -mtrack-speculation a

CSEL tracker, tracker, XZR, [cond];
AND safeval,tracker;
CSDB

sequence is added instead, clearing the vulnerable variable by
AND'ing it with the tracker register, which is zero during speculative
execution. [cond] are the status flags which will only be true during
speculative execution. For more information on
__builtin_speculation_safe_value and the -mtrack-speculation option see
https://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability/compiler-support-for-mitigations

The -mtracking option was not added, as the performance impact of the
mitigation is low, and there is only one occurence.

Change-Id: Ic9e66d1f4a5155e42e3e4055594974c230bfba3c
Signed-off-by: Joel Hutton <Joel.Hutton@Arm.com>

9edd8912

docs: Add Exception Handling Framework documentation · e31d76fd

Jeenu Viswambharan authored Oct 18, 2017



Change-Id: I77d38758d18ba6dda1652b1b1e644fbfb14386cc
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>

e31d76fd

SDEI: Unconditionally resume Secure if it was interrupted · 90a9213b

Jeenu Viswambharan authored Oct 11, 2018

Secure world execution nearly always expect a controlled exit to
Non-secure world. SDEI interrupts, although targets EL3, occur on behalf
of Non-secure world, and may have higher priority than Secure world
interrupts. Therefore they might preempt Secure execution, and yield
execution to Non-secure SDEI handler. Upon completion of SDEI event
handling (regardless of whether it's COPLETE or COMPLETE_AND_RESUME), we
must resume Secure execution if it was preempted.

Change-Id: I6edd991032588588427ba2fe6c3d7668f7080e3d
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>

90a9213b

Merge pull request #1697 from antonio-nino-diaz-arm/an/arch · 85397ec4
Antonio Niño Díaz authored Nov 26, 2018
```
Synchronise arch.h and arch_helpers.h with TF-A-Tests
```
85397ec4

Synchronise arch.h and arch_helpers.h with TF-A-Tests · 932b3ae2

Antonio Nino Diaz authored Nov 22, 2018

The headers forked at some point in the past and have diverged a lot. In
order to make it easier to share code between TF-A-Tests and TF-A, this
patch synchronises most of the definitions in the mentioned headers.

This is not a complete sync, it has to be followed by more cleanup.

This patch also removes the read helpers for the AArch32 instructions
ats1cpr and ats1hr (they are write-only).

Change-Id: Id13ecd7aeb83bd2318cd47156d71a42f1c9f6ba2
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

932b3ae2