- 29 Jun, 2020 2 commits
-
-
Manish V Badarkhe authored
Added assert in the code to check valid address of dtb information structure retrieved from fw_config device tree. This patch fixes coverity defect:360213. Also, removed conditional calling of "fconf_populate" as "fconf_populate" function already checks the validity of the device tree address received and go to panic in case of address is NULL. Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com> Change-Id: Ib83e4e84a95e2456a12c7a2bb3fe70461d882cba
-
Samuel Holland authored
The non-secure world has no business accessing the CPU power switches in the PRCM; those are handled by TF-A or the SCP. Only allow access to the clock control part of the PRCM. Signed-off-by: Samuel Holland <samuel@sholland.org> Change-Id: I657b97f4ea8a0073448ad3343fbc66ba168ed89e
-
- 26 Jun, 2020 1 commit
-
-
Manish V Badarkhe authored
Passed the address of fw_config instead of soc_fw_config as arg1 to BL31 from BL2 for ARM fvp platform. BL31 then retrieve load-address of other device trees from fw_config device tree. Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com> Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com> Change-Id: Ib7e9581cd765d76111dcc3b7e0dafc12503c83c1
-
- 25 Jun, 2020 2 commits
-
-
Manish V Badarkhe authored
Increased the size of firmware configuration area to accommodate all configs. Updated maximum size of following bootloaders due to increase in firmware configs size and addition of the code in the BL2. 1. Increased maximum size of BL2 for Juno platform in no optimisation case. 2. Reduced maximum size of BL31 for fvp and Juno platform. 3. Reduced maximum size of BL32 for Juno platform. Change-Id: Ifba0564df0d1fe86175bed9fae87fdcf013b1831 Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
-
Manish V Badarkhe authored
Modified the code to do below changes: 1. Load tb_fw_config along with fw_config by BL1. 2. Populate fw_config device tree information in the BL1 to load tb_fw_config. 3. In BL2, populate fw_config information to retrieve the address of tb_fw_config and then tb_fw_config gets populated using retrieved address. 4. Avoid processing of configuration file in case of error value returned from "fw_config_load" function. 5. Updated entrypoint information for BL2 image so that it's arg0 should point to fw_config address. Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com> Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com> Change-Id: Ife6f7b673a074e7f544ee3d1bda7645fd5b2886c
-
- 24 Jun, 2020 6 commits
-
-
laurenw-arm authored
Query clock frequency in runtime using FCONF getter API Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com> Change-Id: Ie6a8a62d8d190b9994feffb167a1d48829913e9b
-
laurenw-arm authored
Extract Timer clock frequency from the timer node in HW_CONFIG dtb. The first timer is a per-core architected timer attached to a GIC to deliver its per-processor interrupts via PPIs. Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com> Change-Id: I2f4b27c48e4c79208dab9f03c768d9221ba6ca86
-
Manish V Badarkhe authored
Modified the code to do below changes: 1. Migrates the Arm platforms to the API changes introduced in the previous patches by fixing the fconf_load_config() call. 2. Retrieve dynamically the address of tb_fw_config using fconf getter api which is subsequently used to write mbedTLS heap address and BL2 hash data in the tb_fw_config DTB. Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com> Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com> Change-Id: I3c9d9345dcbfb99127c61d5589b4aa1532fbf4be
-
Manish V Badarkhe authored
Cleaned up confused naming between TB_FW and FW_CONFIG. Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com> Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com> Change-Id: I9e9f6e6ca076d38fee0388f97d370431ae067f08
-
Louis Mayencourt authored
fw_config image is authenticated using secure boot framework by adding it into the single root and dual root chain of trust. The COT for fw_config image looks as below: +------------------+ +-------------------+ | ROTPK/ROTPK Hash |------>| Trusted Boot fw | +------------------+ | Certificate | | (Auth Image) | /+-------------------+ / | / | / | / | L v +------------------+ +-------------------+ | fw_config hash |------>| fw_config | | | | (Data Image) | +------------------+ +-------------------+ Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com> Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com> Change-Id: I08fc8ee95c29a95bb140c807dd06e772474c7367
-
Manish V Badarkhe authored
Moved BL2 configuration nodes from fw_config to newly created tb_fw_config device tree. fw_config device tree's main usage is to hold properties shared across all BLx images. An example is the "dtb-registry" node, which contains the information about the other device tree configurations (load-address, size). Also, Updated load-address of tb_fw_config which is now located after fw_config in SRAM. Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com> Change-Id: Ic398c86a4d822dacd55b5e25fd41d4fe3888d79a
-
- 23 Jun, 2020 5 commits
-
-
Sheetal Tigadoli authored
Signed-off-by: Sheetal Tigadoli <sheetal.tigadoli@broadcom.com> Change-Id: Ic387630c096361ea9a963cde0018a0efb63e3bd2
-
Etienne Carriere authored
Embed Arch Architecture SMCCC services in stm32mp1 SP_MIN. This service is needed by Linux kernel to setup the SMCCC conduit used by its SCMI SMC transport driver. Change-Id: I454a7ef3048a77ab73fff945e8115b60445d5841 Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
-
Etienne Carriere authored
SCMI shared memory is used to exchange message payloads between secure SCMI services and non-secure SCMI agents. It is mapped uncached (device) mainly to conform to existing support in the Linux kernel. Note that executive messages are mostly short (few 32bit words) hence not using cache will not penalize much performances. Platform stm32mp1 shall configure ETZPC to harden properly the secure and non-secure areas of the SYSRAM address space, that before CPU accesses the shared memory when mapped non-secure. This change defines STM32MP_SEC_SYSRAM_BASE/STM32MP_SEC_SYSRAM_SIZE and STM32MP_NS_SYSRAM_BASE/STM32MP_NS_SYSRAM_SIZE. Change-Id: I71ff02a359b9668ae1c5a71b5f102cf3d310f289 Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
-
Etienne Carriere authored
When using SP_min as monitor, only sp_min_warm_entrypoint() is a valid secure entry point. Change-Id: I440cec798e901b11a34dd482c33b2e378a8328ab Signed-off-by: Etienne Carriere <etienne.carriere@st.com> Signed-off-by: Nicolas Toromanoff <nicolas.toromanoff@st.com>
-
Etienne Carriere authored
Disable use of Neon VFP support for platform stm32mp1 when building with SP_MIN runtime services as these can conflict with non-secure world use of NEON support. This is preferred over a systematic backup/restore of NEON context when switching between non-secure and secure worlds. When NEON support is disabled, this is done for both BL2 and BL32 as build process uses common libraries built once for both binaries. Change-Id: I4e8808dcb6ef58fc839e6f85fd6e45cfbaa34be0 Signed-off-by: Etienne Carriere <etienne.carriere@st.com>
-
- 21 Jun, 2020 1 commit
-
-
Varun Wadekar authored
This patch updates the 'bl31_check_ns_address()' helper function to check that the memory address and size passed by the NS world are not zero. The helper fucntion also returns the error code as soon as it detects inconsistencies, to avoid multiple error paths from kicking in for the same input parameters. Signed-off-by: Varun Wadekar <vwadekar@nvidia.com> Change-Id: I46264f913954614bedcbde12e47ea0c70cd19be0
-
- 19 Jun, 2020 13 commits
-
-
Konstantin Porotchkin authored
Adjust the latest OP-TEE memory definitions to the newest TF-A baseline. Change-Id: Ib9c82b85f868adaf3c7285eb340486bda9c59c36 Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
-
Konstantin Porotchkin authored
Add llc_sram_enable() and llc_sram_disable() APIs to Marvell cache_lls driver. Add LLC_SRAM definition to Marvell common makefile - disabled by the default. Add description of LLC_SRAM flag to the build documentation. Change-Id: Ib348e09752ce1206d29268ef96c9018b781db182 Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
-
Konstantin Porotchkin authored
Extend the CCU tables with secure SRAM window in all board setups that uses SoCs based on AP806/AP807 North Bridges Change-Id: I4dc315e4ea847562ac8648d8a8739244b548c70e Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
-
Marcin Wojtas authored
It is not needed to reserve 64MB for FIP. Limit this to 4MB for both supported Armada SoC families. Change-Id: I58a8ce4408a646fe1afd3c1ea1ed54007c8d205d Signed-off-by: Konstantin Porotchkin <kostap@marvell.com> [Extract from bigger commit] Signed-off-by: Marcin Wojtas <mw@semihalf.com>
-
Konstantin Porotchkin authored
- Remove TRUSTED_DRAM_BASE TRUSTED_DRAM_SIZE MARVELL_TRUSTED_SRAM_BASE - Rename PLAT_MARVELL_TRUSTED_DRAM_* -> PLAT_MARVELL_TRUSTED_RAM_* PLAT_MARVELL_TRUSTED_SRAM_* -> MARVELL_TRUSTED_DRAM_* MARVELL_MAP_SHARED_RAM -> MARVELL_MAP_SECURE_RAM - Move MARVELL_TRUSTED_DRAM_SIZE to marvell_def.h - Enable MARVELL_MAP_SECURE_RAM region in BL2U memory map - Add dependency of MARVELL_MAP_SHARED_RAM on LLC_SRAM - Add minor style improvents Change-Id: Iebc03361e4f88489af1597f54e137b27c241814c Signed-off-by: Konstantin Porotchkin <kostap@marvell.com> [Improve patch after rebase] Signed-off-by: Marcin Wojtas <mw@semihalf.com>
-
Konstantin Porotchkin authored
Make sure the current CCU window is not in use before adding a new address map during MSS BL2 image load preparations. At BL2 stage the CCU Win-2 points to DRAM. If additional mapping is added to MSS BL2 stage initialization, the DDR entry will be destroyed and lead to the system hang. Change-Id: I215e83508acc37d54dab6954d791b9a74cc883ca Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
-
Konstantin Porotchkin authored
Make all LLC-related macros to start with the same prefix Add more LLC control registers definitions This patch is a preparation step for LLC SRAM support Change-Id: I0a4f0fc83e8ef35be93dd239a85f2a9f88d1ab19 Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
-
Ben Peled authored
The configuration space of each standalone CP was updated in BL31. Loading FW procedure take places earlier in SCP_BL2. It needs to be done after access to each CP is provided. Moving the proper configuration from BL31 to BL2 solves it. Change-Id: I44cf88dfd4ebf09130544332bfdd3d16ef2674ea Signed-off-by: Ben Peled <bpeled@marvell.com>
-
Konstantin Porotchkin authored
As a preparation to support proper loading the OPTEE OS image, enable the BL32 specific defines in case the SPD is used. On the occasion move two BL32-related macros to marvell_def.h and fix BL32_LIMIT definition. Change-Id: Id4e2d81833bc1895650cca8b0fc0bfc341cf77f3 Signed-off-by: Konstantin Porotchkin <kostap@marvell.com> Signed-off-by: Marcin Wojtas <mw@semihalf.com>
-
Grzegorz Jaszczyk authored
The phy porting layer uses defaults defined in "phy-default-porting-layer.h" when board specific file "phy-porting-layer.h" is not found. Because of the regression the board specific directory was not included, therefore all boards used default parameters. Change-Id: I66e5e6eb8a39cca5aeeb4de6dab2ceddc39c1e31 Signed-off-by: Grzegorz Jaszczyk <jaz@semihalf.com>
-
Grzegorz Jaszczyk authored
Before this patch the configuration took place only for CP0 and CP1, but since new platforms can contains up to 3 CPs update is required. Change-Id: Iebd50bbe7b9772063e2c4efb3a7ecbfd593e950d Signed-off-by: Grzegorz Jaszczyk <jaz@semihalf.com>
-
Varun Wadekar authored
This patch provides the platform level support to enable GICv3 drivers on future Tegra platforms. Signed-off-by: Varun Wadekar <vwadekar@nvidia.com> Change-Id: I966a4502b2a4a7bd1ce66da843997c9ed605c59f
-
Varun Wadekar authored
The previous sequence used by the driver to program the new memory aperture settings and clear the non-overlapping memory was faulty. The sequence locked the non-overlapping regions twice, leading to faults when trying to clear it. This patch modifies the sequence to follow these steps: * move the previous memory region to a new firewall register * program the new memory aperture settings * clean the non-overlapping memory This patch also maps the non-overlapping memory as Device memory to follow guidance from the arch. team. Signed-off-by: Varun Wadekar <vwadekar@nvidia.com> Change-Id: I7cf6e05b2dd372103dc7229e37b1b3fc269a57ae
-
- 18 Jun, 2020 1 commit
-
-
Marcin Wojtas authored
The Marvell Armada 37xx SoCs-based platforms contain a bit awkward directory structure because the currently only one supported PLAT and PLAT_FAMILY are the same. Modify the latter to 'a3k' in order to improve it and keep plat/marvell/armada tree more consistent: plat/marvell/ ├── armada │ ├── a3k │ │ ├── a3700 [...] │ ├── a8k │ │ ├── a70x0 [...] Change-Id: I693a6ef88e6ce49a326a3328875c90bbc186066a Signed-off-by: Marcin Wojtas <mw@semihalf.com>
-
- 17 Jun, 2020 1 commit
-
-
Manish V Badarkhe authored
Load address of tb_fw_config is incorrectly mentioned in below device trees: 1. rdn1edge_fw_config.dts 2. tc0_fw_config.dts Till now, tb_fw_config load-address is not being retrieved from device tree and hence never exeprienced any issue for tc0 and rdn1edge platform. For tc0 and rdn1edge platform, Load-address of tb_fw_config should be the SRAM base address + 0x300 (size of fw_config device tree) Hence updated these platform's fw_config.dts accordingly to reflect this load address change. Change-Id: I2ef8b05d49be10767db31384329f516df11ca817 Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
-
- 12 Jun, 2020 3 commits
-
-
David Pu authored
This patch provides verbose prints for RAS SErrors handled by the firmware, for improved debugging. Change-Id: Iaad8d183054d884f606dc4621da2cc6b2375bcf9 Signed-off-by: David Pu <dpu@nvidia.com> Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
-
Varun Wadekar authored
This patch introduces a function ID to clear all the RAS error records for corrected errors. Per latest requirement, ARM RAS corrected errors will be reported to lower ELs via interrupts and cleared via SMC. This patch provides required function to clear RAS error status. This patch also sets up all required RAS Corrected errors in order to route RAS corrected errors to lower ELs. Change-Id: I554ba1d0797b736835aa27824782703682c91e51 Signed-off-by: Varun Wadekar <vwadekar@nvidia.com> Signed-off-by: David Pu <dpu@nvidia.com>
-
David Pu authored
This patch adds all Tegra194 RAS nodes definitions and support to handle all uncorrectable RAS errors. Change-Id: I109b5a8dbca91d92752dc282c4ca30f273c475f9 Signed-off-by: David Pu <dpu@nvidia.com> Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
-
- 09 Jun, 2020 4 commits
-
-
Philipp Tomsich authored
The RK3368 has two clusters of 4 cores and it's cluster id starts at bit 8 of the MPIDR. To convert from the cluster id (0 or 1) to the lowest CPU-ID in the respective cluster, we thus need to shift by 6 (i.e. shift by 8 to extract the cluster-id and multiply by 4). This change is required to ensure the PSCI support can index the per-cpu entry-address array correctly. Signed-off-by: Philipp Tomsich <philipp.tomsich@theobroma-systems.com> Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com> Change-Id: I64a76038f090a85a47067f09f750e96e3946e756
-
Madhukar Pappireddy authored
Using the fconf framework, the Group 0 and Group 1 secure interrupt descriptors are moved to device tree and retrieved in runtime. This feature is enabled by the build flag SEC_INT_DESC_IN_FCONF. Change-Id: I360c63a83286c7ecc2426cd1ff1b4746d61e633c Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
-
Andre Przywara authored
The only difference between GIC-500 and GIC-600 relevant to TF-A is the differing power management sequence. A certain GIC implementation is detectable at runtime, for instance by checking the IIDR register. Let's add that test before initiating the GIC-600 specific sequence, so the code can be used on both GIC-600 and GIC-500 chips alike, without deciding on a GIC chip at compile time. This means that the GIC-500 "driver" is now redundant. To allow minimal platform support, add a switch to disable GIC-600 support. Change-Id: I17ea97d9fb05874772ebaa13e6678b4ba3415557 Signed-off-by: Andre Przywara <andre.przywara@arm.com>
-
Manish Pandey authored
A new certificate "sip-sp-cert" has been added for Silicon Provider(SiP) owned Secure Partitions(SP). A similar support for Platform owned SP can be added in future. The certificate is also protected against anti- rollback using the trusted Non-Volatile counter. To avoid deviating from TBBR spec, support for SP CoT is only provided in dualroot. Secure Partition content certificate is assigned image ID 31 and SP images follows after it. The CoT for secure partition look like below. +------------------+ +-------------------+ | ROTPK/ROTPK Hash |------>| Trusted Key | +------------------+ | Certificate | | (Auth Image) | /+-------------------+ / | / | / | / | L v +------------------+ +-------------------+ | Trusted World |------>| SiP owned SPs | | Public Key | | Content Cert | +------------------+ | (Auth Image) | / +-------------------+ / | / v| +------------------+ L +-------------------+ | SP_PKG1 Hash |------>| SP_PKG1 | | | | (Data Image) | +------------------+ +-------------------+ . . . . . . +------------------+ +-------------------+ | SP_PKG8 Hash |------>| SP_PKG8 | | | | (Data Image) | +------------------+ +-------------------+ Signed-off-by: Manish Pandey <manish.pandey2@arm.com> Change-Id: Ia31546bac1327a3e0b5d37e8b99c808442d5e53f
-
- 08 Jun, 2020 1 commit
-
-
Tien Hock Loh authored
There are additional instruction needed to enable the global timer. This fixes the global timer initialization Signed-off-by: Tien Hock Loh <tien.hock.loh@intel.com> Change-Id: Idaf2d23359aacc417e2b7d8cdf1688b5cd17ca98
-