1. 20 Dec, 2019 2 commits
    • Paul Beesley's avatar
      spm: Remove SPM Alpha 1 prototype and support files · 538b0020
      Paul Beesley authored
      
      
      The Secure Partition Manager (SPM) prototype implementation is
      being removed. This is preparatory work for putting in place a
      dispatcher component that, in turn, enables partition managers
      at S-EL2 / S-EL1.
      
      This patch removes:
      
      - The core service files (std_svc/spm)
      - The Resource Descriptor headers (include/services)
      - SPRT protocol support and service definitions
      - SPCI protocol support and service definitions
      
      Change-Id: Iaade6f6422eaf9a71187b1e2a4dffd7fb8766426
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      Signed-off-by: default avatarArtsem Artsemenka <artsem.artsemenka@arm.com>
      538b0020
    • Paul Beesley's avatar
      Remove dependency between SPM_MM and ENABLE_SPM build flags · 3f3c341a
      Paul Beesley authored
      
      
      There are two different implementations of Secure Partition
      management in TF-A. One is based on the "Management Mode" (MM)
      design, the other is based on the Secure Partition Client Interface
      (SPCI) specification. Currently there is a dependency between their
      build flags that shouldn't exist, making further development
      harder than it should be. This patch removes that
      dependency, making the two flags function independently.
      
      Before: ENABLE_SPM=1 is required for using either implementation.
              By default, the SPCI-based implementation is enabled and
              this is overridden if SPM_MM=1.
      
      After: ENABLE_SPM=1 enables the SPCI-based implementation.
             SPM_MM=1 enables the MM-based implementation.
             The two build flags are mutually exclusive.
      
      Note that the name of the ENABLE_SPM flag remains a bit
      ambiguous - this will be improved in a subsequent patch. For this
      patch the intention was to leave the name as-is so that it is
      easier to track the changes that were made.
      
      Change-Id: I8e64ee545d811c7000f27e8dc8ebb977d670608a
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      3f3c341a
  2. 19 Nov, 2019 1 commit
    • Justin Chadwell's avatar
      Enable -Wshadow always · b7f6525d
      Justin Chadwell authored
      
      
      Variable shadowing is, according to the C standard, permitted and valid
      behaviour. However, allowing a local variable to take the same name as a
      global one can cause confusion and can make refactoring and bug hunting
      more difficult.
      
      This patch moves -Wshadow from WARNING2 into the general warning group
      so it is always used. It also fixes all warnings that this introduces
      by simply renaming the local variable to a new name
      
      Change-Id: I6b71bdce6580c6e58b5e0b41e4704ab0aa38576e
      Signed-off-by: default avatarJustin Chadwell <justin.chadwell@arm.com>
      b7f6525d
  3. 06 Aug, 2019 1 commit
  4. 01 Aug, 2019 2 commits
    • Julius Werner's avatar
      Switch AARCH32/AARCH64 to __aarch64__ · 402b3cf8
      Julius Werner authored
      
      
      NOTE: AARCH32/AARCH64 macros are now deprecated in favor of __aarch64__.
      
      All common C compilers pre-define the same macros to signal which
      architecture the code is being compiled for: __arm__ for AArch32 (or
      earlier versions) and __aarch64__ for AArch64. There's no need for TF-A
      to define its own custom macros for this. In order to unify code with
      the export headers (which use __aarch64__ to avoid another dependency),
      let's deprecate the AARCH32 and AARCH64 macros and switch the code base
      over to the pre-defined standard macro. (Since it is somewhat
      unintuitive that __arm__ only means AArch32, let's standardize on only
      using __aarch64__.)
      
      Change-Id: Ic77de4b052297d77f38fc95f95f65a8ee70cf200
      Signed-off-by: default avatarJulius Werner <jwerner@chromium.org>
      402b3cf8
    • Julius Werner's avatar
      Replace __ASSEMBLY__ with compiler-builtin __ASSEMBLER__ · d5dfdeb6
      Julius Werner authored
      
      
      NOTE: __ASSEMBLY__ macro is now deprecated in favor of __ASSEMBLER__.
      
      All common C compilers predefine a macro called __ASSEMBLER__ when
      preprocessing a .S file. There is no reason for TF-A to define it's own
      __ASSEMBLY__ macro for this purpose instead. To unify code with the
      export headers (which use __ASSEMBLER__ to avoid one extra dependency),
      let's deprecate __ASSEMBLY__ and switch the code base over to the
      predefined standard.
      
      Change-Id: Id7d0ec8cf330195da80499c68562b65cb5ab7417
      Signed-off-by: default avatarJulius Werner <jwerner@chromium.org>
      d5dfdeb6
  5. 09 Apr, 2019 1 commit
    • Paul Beesley's avatar
      services/spm: Fix service UUID lookup · 00e51ca3
      Paul Beesley authored
      
      
      The spm_sp_get_by_uuid() function is used to look up the secure
      partition that provides a given service.
      
      Within this function, memcmp() is used to compare the service
      UUIDs but it uses the size of the rdsvc->uuid pointer instead of
      the size of its content (missing dereference). This means that only
      a partial comparison is performed as UUIDs are 128 bits in length and
      rdsvc->uuid is a uint32_t typed pointer.
      
      Instead, use the size of the array pointed to by the svc_uuid parameter,
      which will be the full 128 bits, for the comparison.
      
      Change-Id: I258fb0cca3bf19f97b8f2a4c133981647cd050e4
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      00e51ca3
  6. 03 Apr, 2019 3 commits
    • Antonio Nino Diaz's avatar
      SPM: Adjust size of virtual address space per partition · 75f364b3
      Antonio Nino Diaz authored
      
      
      Rather than using a fixed virtual address space size, read all regions
      in the resource description of each partition and restrict the virtual
      address space size to the one the partition actually needs.
      
      This also allows SPM to take advantage of the extension ARMv8.4-TTST if
      the virtual address space size is small enough.
      
      Change-Id: I8646aa95e659136b58b44b040364cdee631f7e82
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      75f364b3
    • Antonio Nino Diaz's avatar
      SPM: Refactor xlat context creation · 014df18b
      Antonio Nino Diaz authored
      
      
      Right now the virtual address space is fixed to
      PLAT_VIRT_ADDR_SPACE_SIZE, so all base translation tables are the same
      size and need the same alignment. The current code allocates the exact
      space needed by this initial table.
      
      However, a following patch is going to allow each partition to choose
      the size of its address space based on the memory regions defined in
      their resource description, so it isn't possible to determine this at
      build time. As this optimization no longer applies, it has to be
      removed.
      
      Change-Id: Ia8d19f4981e1017e4ffe0ba136de73d701044cb0
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      014df18b
    • Antonio Nino Diaz's avatar
      SPM: Move shim layer to TTBR1_EL1 · 6de6965b
      Antonio Nino Diaz authored
      
      
      This gives each Secure Partition complete freedom on its address space.
      Previously, the memory used by the exception vectors was reserved and
      couldn't be used. Also, it always had to be mapped, forcing SPM to
      generate translation tables that included the exception vectors as well
      as the Partition memory regions. With this change, partitions can reduce
      their address space size easily.
      
      Change-Id: I67fb5e9bdf2870b73347f23bff702fab0a8f8711
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      6de6965b
  7. 02 Apr, 2019 1 commit
  8. 01 Apr, 2019 3 commits
  9. 14 Feb, 2019 1 commit
  10. 08 Feb, 2019 1 commit
    • Antonio Nino Diaz's avatar
      Make setjmp.h prototypes comply with the C standard · e0566305
      Antonio Nino Diaz authored
      
      
      Instead of having a custom implementation of setjmp() and longjmp() it
      is better to follow the C standard.
      
      The comments in setjmp.h are no longer needed as there are no deviations
      from the expected one, so they have been removed.
      
      All SDEI code that relied on them has been fixed to use the new function
      prototypes and structs.
      
      Change-Id: I6cd2e21cb5a5bcf81ba12283f2e4c067bd5172ca
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      e0566305
  11. 30 Jan, 2019 1 commit
  12. 22 Jan, 2019 2 commits
  13. 15 Jan, 2019 3 commits
  14. 08 Jan, 2019 2 commits
  15. 04 Jan, 2019 1 commit
    • Antonio Nino Diaz's avatar
      Sanitise includes across codebase · 09d40e0e
      Antonio Nino Diaz authored
      Enforce full include path for includes. Deprecate old paths.
      
      The following folders inside include/lib have been left unchanged:
      
      - include/lib/cpus/${ARCH}
      - include/lib/el3_runtime/${ARCH}
      
      The reason for this change is that having a global namespace for
      includes isn't a good idea. It defeats one of the advantages of having
      folders and it introduces problems that are sometimes subtle (because
      you may not know the header you are actually including if there are two
      of them).
      
      For example, this patch had to be created because two headers were
      called the same way: e0ea0928 ("Fix gpio includes of mt8173 platform
      to avoid collision."). More recently, this patch has had similar
      problems: 46f9b2c3 ("drivers: add tzc380 support").
      
      This problem was introduced in commit 4ecca339
      
       ("Move include and
      source files to logical locations"). At that time, there weren't too
      many headers so it wasn't a real issue. However, time has shown that
      this creates problems.
      
      Platforms that want to preserve the way they include headers may add the
      removed paths to PLAT_INCLUDES, but this is discouraged.
      
      Change-Id: I39dc53ed98f9e297a5966e723d1936d6ccf2fc8f
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      09d40e0e
  16. 11 Dec, 2018 15 commits