Commits · 543f0d8b0864b232f014a0fb9d98e46ed52d4442 · adam.huang / Arm Trusted Firmware

11 Feb, 2021 2 commits

plat/arm: juno: Refactor juno_getentropy() · 543f0d8b

Andre Przywara authored Oct 08, 2020



Currently we use the Juno's TRNG hardware entropy source to initialise
the stack canary. The current function allows to fill a buffer of any
size, but we will actually only ever request 16 bytes, as this is what
the hardware implements. Out of this, we only need at most 64 bits for
the canary.

In preparation for the introduction of the SMCCC TRNG interface, we
can simplify this Juno specific interface by making it compatible with
the generic one: We just deliver 64 bits of entropy on each call.
This reduces the complexity of the code. As the raw entropy register
readouts seem to be biased, it makes sense to do some conditioning
inside the juno_getentropy() function already.
Also initialise the TRNG hardware, if not already done.

Change-Id: I11b977ddc5417d52ac38709a9a7b61499eee481f
Signed-off-by: Andre Przywara <andre.przywara@arm.com>

543f0d8b

bl32: Enable TRNG service build · 0e14948e

Andre Przywara authored Feb 08, 2021



The Trusted Random Number Generator service is using the standard SMC
service dispatcher, running in BL31. For that reason we list the files
implementing the service in bl31.mk.
However when building for a 32-bit TF-A runtime, sp_min.mk is the
Makefile snippet used, so we have to add the files into there as well.

This fixes 32-bit builds of platforms that provide the TRNG service.

Change-Id: I8be61522300d36477a9ee0a9ce159a140390b254
Signed-off-by: Andre Przywara <andre.przywara@arm.com>

0e14948e

10 Feb, 2021 3 commits

Merge "services: TRNG: Fix -O0 compilation" into integration · 04c12231
bipin.ravi authored Feb 10, 2021

04c12231

services: TRNG: Fix -O0 compilation · 323b6c63

Andre Przywara authored Feb 10, 2021



The code to check for the presence of the TRNG service relies on
toolchain garbage collection, which is not enabled with -O0.

Add #ifdef guards around the call to the TRNG service handler to
cover builds without optimisation as well.

Change-Id: I08ece2005ea1c8fa96afa13904a851dec6b24216
Signed-off-by: Andre Przywara <andre.przywara@arm.com>

323b6c63

Merge changes from topic "GIC-work" into integration · 925477ec

Madhukar Pappireddy authored Feb 10, 2021

* changes:
  plat/arm: fvp: Protect GICR frames for fused/unused cores
  doc: Build option to protect GICR frame
  plat/arm: fvp: Do not map GIC region in BL1 and BL2

925477ec

09 Feb, 2021 5 commits

plat/arm: fvp: Protect GICR frames for fused/unused cores · f98630fb

Manish V Badarkhe authored Jan 24, 2021



Currently, BLs are mapping the GIC memory region as read-write
for all cores on boot-up.

This opens up the security hole where the active core can write
the GICR frame of fused/inactive core. To avoid this issue, disable
the GICR frame of all inactive cores as below:

1. After primary CPU boots up, map GICR region of all cores as
   read-only.
2. After primary CPU boots up, map its GICR region as read-write
   and initialize its redistributor interface.
3. After secondary CPU boots up, map its GICR region as read-write
   and initialize its redistributor interface.
4. All unused/fused core's redistributor regions remain read-only and
   write attempt to such protected regions results in an exception.

As mentioned above, this patch offers only the GICR memory-mapped
region protection considering there is no facility at the GIC IP
level to avoid writing the redistributor area.

These changes are currently done in BL31 of Arm FVP and guarded under
the flag 'FVP_GICR_REGION_PROTECTION'.

As of now, this patch is tested manually as below:
1. Disable the FVP cores (core 1, 2, 3) with core 0 as an active core.
2. Verify data abort triggered by manually updating the ‘GICR_CTLR’
   register of core 1’s(fused) redistributor from core 0(active).

Change-Id: I86c99c7b41bae137b2011cf2ac17fad0a26e776d
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

f98630fb

doc: Build option to protect GICR frame · d30a6615

Manish V Badarkhe authored Jan 24, 2021



Added a build option 'FVP_GICR_REGION_PROTECTION' to make
redistributor frame of fused/unused cores as read only.

Change-Id: Ie85f86e2465b93321a92a888ce8712a3144e4ccb
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

d30a6615

plat/arm: fvp: Do not map GIC region in BL1 and BL2 · e0cea783

Manish V Badarkhe authored Jan 23, 2021



GIC memory region is not getting used in BL1 and BL2.
Hence avoid its mapping in BL1 and BL2 that freed some
page table entries to map other memory regions in the
future.

Retains mapping of CCN interconnect region in BL1 and BL2
overlapped with the GIC memory region.

Change-Id: I880dd0690f94b140e59e4ff0c0d436961b9cb0a7
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>

e0cea783

Merge "fdts: use scmi_dvfs clock index 1 for cores 4-7" into integration · bb9ecd0d
Sandrine Bailleux authored Feb 09, 2021

bb9ecd0d

fdts: use scmi_dvfs clock index 1 for cores 4-7 · a97c390b

Usama Arif authored Feb 03, 2021



This allows Matterhorn cores to operate at their optimal OPPs.
Signed-off-by: Usama Arif <usama.arif@arm.com>
Change-Id: I2e1b784da10154a1f1f65dd0e3a39213e7683116

a97c390b

05 Feb, 2021 5 commits

Merge "ddr: stm32mp1_ddr: correct SELFREF_TO_X32 mask" into integration · 8098d544
Madhukar Pappireddy authored Feb 05, 2021

8098d544
Merge "rainier: remove cpu workaround for errata 1542419" into integration · 8c7f156f
Lauren Wehrmeister authored Feb 05, 2021

8c7f156f
Merge "Add TRNG Firmware Interface service" into integration · 6080aac9
André Przywara authored Feb 05, 2021

6080aac9

Add TRNG Firmware Interface service · 7dfb9911

Jimmy Brisson authored Jun 22, 2020



This adds the TRNG Firmware Interface Service to the standard
service dispatcher. This includes a method for dispatching entropy
requests to platforms and includes an entropy pool implementation to
avoid dropping any entropy requested from the platform.

Change-Id: I71cadb3cb377a507652eca9e0d68714c973026e9
Signed-off-by: Jimmy Brisson <jimmy.brisson@arm.com>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>

7dfb9911

rainier: remove cpu workaround for errata 1542419 · 041d7c7b

Manoj Kumar authored Jan 27, 2021



This patch removes the Neoverse N1 CPU errata workaround for
bug 1542419 as the bug is not present in Rainier R0P0 core.

Change-Id: Icaca299b13ef830b2ee5129576aae655a6288e69
Signed-off-by: Manoj Kumar <manoj.kumar3@arm.com>

041d7c7b

04 Feb, 2021 1 commit

ddr: stm32mp1_ddr: correct SELFREF_TO_X32 mask · edaaa98f

Yann Gautier authored Feb 01, 2021



In DDR controller PWRTMG register, the mask for field SELFREF_TO_X32 is
wrong. This field is from bit 16 to 23.

Change-Id: Id336fb08c88f0a153df186dd819e41af72febb88
Signed-off-by: Yann Gautier <yann.gautier@st.com>

edaaa98f

03 Feb, 2021 4 commits
- Merge changes from topic "RD_INFRA_POWER_MODING" into integration · d5105d99
  Lauren Wehrmeister authored Feb 03, 2021
```
* changes:
  plat/arm/board: enable AMU for RD-N2
  plat/arm/board: enable AMU for RD-V1
  plat/arm/sgi: allow all PSCI callbacks on RD-V1
```
  d5105d99
- Merge "plat/arm:juno: fix parallel build issue for romlib config" into integration · 6d0dcc7d
  Manish Pandey authored Feb 03, 2021
  
  6d0dcc7d
- Merge "product/tc0: Enable Theodul DSU in TC platform" into integration · 9bc3007d
  Manish Pandey authored Feb 03, 2021
  
  9bc3007d
- product/tc0: Enable Theodul DSU in TC platform · e5da15e0
  Avinash Mehta authored Oct 28, 2020
```
Increase the core count and add respective entries in DTS.
Add Klein assembly file to cpu sources for core initialization.
Add SCMI entries for cores.
Signed-off-by: Avinash Mehta <avinash.mehta@arm.com>
Change-Id: I14dc1d87df6dcc8d560ade833ce1f92507054747
```
  e5da15e0
02 Feb, 2021 10 commits

plat/arm:juno: fix parallel build issue for romlib config · 5e508f06

Zelalem authored Feb 02, 2021

When building TF-A with USE_ROMLIB=1 and -j make options, the build fails with the following error:
make[1]: *** No rule to make target '/build/juno/debug/romlib/romlib.bin', needed by 'bl1_romlib.bin'.
This patch fixes that issue.
Signed-off-by: Zelalem <zelalem.aweke@arm.com>
Change-Id: I0cca416f3f50f400759164e0735c2d6b520ebf84

5e508f06

Merge "Fix exception handlers in BL31: Use DSB to synchronize pending EA" into integration · 96edbe03
Madhukar Pappireddy authored Feb 02, 2021

96edbe03

Merge changes from topic "marvell-armada-docs" into integration · 477e28de

Manish Pandey authored Feb 02, 2021

* changes:
  docs: marvell: Replace ESPRESSObin-Ultra TF-A build example by full example how to build production release of Marvell firmware image
  docs: marvell: Fix description of flash-image.bin image
  docs: marvell: Add information into CLOCKSPRESET option how to identify CPU frequency
  docs: marvell: Reformat DDR_TOPOLOGY option and mention EspressoBin-Ultra board
  docs: marvell: Move Supported Marvell platforms to PLAT build option

477e28de

Merge changes from topic "marvell-a3k-separate-flash-and-uart" into integration · 6803d989
Manish Pandey authored Feb 02, 2021
```
* changes:
  plat: marvell: armada: a3k: Do not use 'echo -e' in Makefile
  docs: marvell: Update info about BOOTDEV=SATA
```
6803d989

Merge changes from topic "marvell-a3k-separate-flash-and-uart" into integration · 72645d5b

Manish Pandey authored Feb 02, 2021

* changes:
  docs: marvell: Update info about WTMI_IMG option
  plat: marvell: armada: a3k: Remove unused variable WTMI_SYSINIT_IMG from Makefile
  plat: marvell: armada: Show informative build messages and blank lines
  plat: marvell: armada: Move definition of mrvl_flash target to common marvell_common.mk file
  plat: marvell: armada: a3k: Use $(Q) instead of @
  plat: marvell: armada: a3k: Add a new target mrvl_uart which builds UART image
  plat: marvell: armada: a3k: Build UART image files directly in $(BUILD_UART) subdirectory
  plat: marvell: armada: a3k: Build intermediate files in $(BUILD_PLAT) directory
  plat: marvell: armada: a3k: Correctly set DDR_TOPOLOGY and CLOCKSPRESET for WTMI
  plat: marvell: armada: a3k: Allow use of the system Crypto++ library
  docs: marvell: Update info about WTP and MV_DDR_PATH parameters
  plat: marvell: armada: a3k: Add checks that WTP, MV_DDR_PATH and CRYPTOPP_PATH are correctly defined
  docs: marvell: Update mv-ddr-marvell and A3700-utils-marvell branches

72645d5b

docs: marvell: Replace ESPRESSObin-Ultra TF-A build example by full example... · ff46a41d

Pali Rohár authored Feb 01, 2021

docs: marvell: Replace ESPRESSObin-Ultra TF-A build example by full example how to build production release of Marvell firmware image

ESPRESSObin-Ultra TF-A build example was now just a copy+paste of previous
mentioned example. It produced debug binary with custom log level, which
was not described. So rather replace this duplicate build example by a full
example with all steps how to build production release of Marvell firmware
image for EspressoBin with 1GHz CPU and 1GB DDR4 RAM.
Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: Ief1b8bc96a3035ebd8421bd68dca5eb5c8d8fd52

ff46a41d

docs: marvell: Fix description of flash-image.bin image · f60f1e84
Pali Rohár authored Feb 01, 2021
```
Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: I192acab2a7f42cd80069faeac2d7823a05558dc6
```
f60f1e84
docs: marvell: Add information into CLOCKSPRESET option how to identify CPU frequency · 23abf07c
Pali Rohár authored Feb 01, 2021
```
Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: I5310c30051703bbf9f377762a00eb6a8188c6fa1
```
23abf07c
docs: marvell: Reformat DDR_TOPOLOGY option and mention EspressoBin-Ultra board · 9c3fffdc
Pali Rohár authored Feb 01, 2021
```
Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: I96c2d9d5bc6c69a1a66a29bf586a23375d63ab5a
```
9c3fffdc

docs: marvell: Move Supported Marvell platforms to PLAT build option · 24e6e10b

Pali Rohár authored Feb 01, 2021



Reformat list of boards, remove unsupported OcteonTX2 and mention
supported Turris MOX board.
Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: I22cea7f77fd078554c7f0ed4108781626209e563

24e6e10b

30 Jan, 2021 1 commit

Merge changes from topic "sunxi-split-psci" into integration · 9192f34e

André Przywara authored Jan 30, 2021

* changes:
  allwinner: Leave CPU power alone during BL31 setup
  allwinner: psci: Invert check in .validate_ns_entrypoint
  allwinner: psci: Drop MPIDR check from .pwr_domain_on
  allwinner: psci: Drop .get_node_hw_state callback

9192f34e

29 Jan, 2021 9 commits

plat/arm/board: enable AMU for RD-N2 · f7bab276

Pranav Madhu authored Jan 27, 2021



AMU counters are used for monitoring the CPU performance. RD-N2 platform
has architected AMU available for each core. Enable the use of AMU by
non-secure OS for supporting the use of counters for processor
performance control (ACPI CPPC).

Change-Id: I5cc749cf63c18fc5c7563dd754c2f42990a97e23
Signed-off-by: Pranav Madhu <pranav.madhu@arm.com>

f7bab276

plat/arm/board: enable AMU for RD-V1 · c9bf2cf5

Pranav Madhu authored Nov 11, 2020



AMU counters are used for monitoring the CPU performance. RD-V1 platform
has architected AMU available for each core. Enable the use of AMU by
non-secure OS for supporting the use of counters for processor
performance control (ACPI CPPC).

Change-Id: I4003d21407953f65b3ce99eaa8f496d6052546e0
Signed-off-by: Pranav Madhu <pranav.madhu@arm.com>

c9bf2cf5

plat/arm/sgi: allow all PSCI callbacks on RD-V1 · 92264f86

Pranav Madhu authored Jan 16, 2021



Some of the PSCI platform callbacks were restricted on RD-V1 platform
because the idle was not functional. Now that it is functional, remove
all the restrictions on the use PSCI platform callbacks.

Change-Id: I4cb97cb54de7ee166c30f28df8fea653b6b425c7
Signed-off-by: Pranav Madhu <pranav.madhu@arm.com>

92264f86

plat: marvell: armada: a3k: Do not use 'echo -e' in Makefile · e01658ea

Pali Rohár authored Jan 29, 2021



It does not have to be supported by the current shell used in Makefile.
Replace it by a simple echo with implicit newline.
Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: I97fe44986ac36d3079d5258c67f0c9184537e7f0

e01658ea

docs: marvell: Update info about WTMI_IMG option · 711a6bb7

Pali Rohár authored Jan 27, 2021



Default WTMI_IMG value was documented incorrectly. Also WTMI_IMG name may
be misleading as this option does not specify full WTMI image, just a main
loop (e.g. fuse.bin or custom RTOS image) without hardware initialization
code (DDR, CPU and clocks).
Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: I3de4a27ce2165b962fa628c992fd8f80151efd7c

711a6bb7

docs: marvell: Update info about BOOTDEV=SATA · 33af2937

Pali Rohár authored Jan 28, 2021

Information is taken from the post https://lists.denx.de/pipermail/u-boot/2017-July/299351.html

Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: I5f608e135ec56685a3e2b986a52670540d48a4bf

33af2937

plat: marvell: armada: a3k: Remove unused variable WTMI_SYSINIT_IMG from Makefile · 4e80d151
Pali Rohár authored Jan 26, 2021
```
Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: I322c8aa65437abb61385f58b700a06b3e2e22e4f
```
4e80d151
plat: marvell: armada: Show informative build messages and blank lines · 07924f82
Pali Rohár authored Jan 26, 2021
```
Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: Ibc15db07c581eca29c1b1fbfb145cee50dc42605
```
07924f82
plat: marvell: armada: Move definition of mrvl_flash target to common marvell_common.mk file · c0f60e78
Pali Rohár authored Jan 26, 2021
```
Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: If545b3812787cc97b95dbd61ed51c37d30c5d412
```
c0f60e78