- 24 Feb, 2020 1 commit
-
-
Petre-Ionut Tudor authored
This patch introduces a build flag which allows the xlat tables to be mapped in a read-only region within BL31 memory. It makes it much harder for someone who has acquired the ability to write to arbitrary secure memory addresses to gain control of the translation tables. The memory attributes of the descriptors describing the tables themselves are changed to read-only secure data. This change happens at the end of BL31 runtime setup. Until this point, the tables have read-write permissions. This gives a window of opportunity for changes to be made to the tables with the MMU on (e.g. reclaiming init code). No changes can be made to the tables with the MMU turned on from this point onwards. This change is also enabled for sp_min and tspd. To make all this possible, the base table was moved to .rodata. The penalty we pay is that now .rodata must be aligned to the size of the base table (512B alignment). Still, this is better than putting the base table with the higher level tables in the xlat_table section, as that would cost us a full 4KB page. Changing the tables from read-write to read-only cannot be done with the MMU on, as the break-before-make sequence would invalidate the descriptor which resolves the level 3 page table where that very descriptor is located. This would make the translation required for writing the changes impossible, generating an MMU fault. The caches are also flushed. Signed-off-by: Petre-Ionut Tudor <petre-ionut.tudor@arm.com> Change-Id: Ibe5de307e6dc94c67d6186139ac3973516430466
-
- 01 Aug, 2019 1 commit
-
-
Julius Werner authored
NOTE: AARCH32/AARCH64 macros are now deprecated in favor of __aarch64__. All common C compilers pre-define the same macros to signal which architecture the code is being compiled for: __arm__ for AArch32 (or earlier versions) and __aarch64__ for AArch64. There's no need for TF-A to define its own custom macros for this. In order to unify code with the export headers (which use __aarch64__ to avoid another dependency), let's deprecate the AARCH32 and AARCH64 macros and switch the code base over to the pre-defined standard macro. (Since it is somewhat unintuitive that __arm__ only means AArch32, let's standardize on only using __aarch64__.) Change-Id: Ic77de4b052297d77f38fc95f95f65a8ee70cf200 Signed-off-by: Julius Werner <jwerner@chromium.org>
-
- 04 Jan, 2019 1 commit
-
-
Antonio Nino Diaz authored
Enforce full include path for includes. Deprecate old paths. The following folders inside include/lib have been left unchanged: - include/lib/cpus/${ARCH} - include/lib/el3_runtime/${ARCH} The reason for this change is that having a global namespace for includes isn't a good idea. It defeats one of the advantages of having folders and it introduces problems that are sometimes subtle (because you may not know the header you are actually including if there are two of them). For example, this patch had to be created because two headers were called the same way: e0ea0928 ("Fix gpio includes of mt8173 platform to avoid collision."). More recently, this patch has had similar problems: 46f9b2c3 ("drivers: add tzc380 support"). This problem was introduced in commit 4ecca339 ("Move include and source files to logical locations"). At that time, there weren't too many headers so it wasn't a real issue. However, time has shown that this creates problems. Platforms that want to preserve the way they include headers may add the removed paths to PLAT_INCLUDES, but this is discouraged. Change-Id: I39dc53ed98f9e297a5966e723d1936d6ccf2fc8f Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 22 Nov, 2018 1 commit
-
-
Antonio Nino Diaz authored
Provide new APIs to add new regions without specifying the base VA. - `mmap_add_region_alloc_va` adds a static region to mmap choosing as base VA the first possible address after all the currently mapped regions. It is aligned to an appropriate boundary in relation to the size and base PA of the requested region. No attempt is made to fill any unused VA holes. - `mmap_add_dynamic_region_alloc_va` it adds a region the same way as `mmap_add_region_alloc_va` does, but it's dynamic instead of static. - `mmap_add_alloc_va` takes an array of non const `mmap_region_t`, maps them in the same way as `mmap_add_region_alloc_va` and fills their `base_va` field. A helper macro has been created to help create the array, called `MAP_REGION_ALLOC_VA`. Change-Id: I5ef3f82ca0dfd0013d2e8034aa22f13ca528ba37 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 03 Oct, 2018 1 commit
-
-
Daniel Boulby authored
Mark the xlat tables code only used in BL31 initialization as __init to be reclaimed once no longer needed Change-Id: I3106bfd994706a57c578624573bcfa525fbbd3c4 Signed-off-by: Daniel Boulby <daniel.boulby@arm.com>
-
- 28 Sep, 2018 1 commit
-
-
Antonio Nino Diaz authored
Change-Id: I83de2ae3e0795e6fec3c1e5b37c441b64b0c9cb6 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 10 Aug, 2018 1 commit
-
-
Antonio Nino Diaz authored
The translation library is useful elsewhere. Even though this repository doesn't exercise the EL2 support of the library, it is better to have it here as well to make it easier to maintain. enable_mmu_secure() and enable_mmu_direct() have been deprecated. The functions are still present, but they are behind ERROR_DEPRECATED and they call the new functions enable_mmu_svc_mon() and enable_mmu_direct_svc_mon(). Change-Id: I13ad10cd048d9cc2d55e0fff9a5133671b67dcba Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 06 Aug, 2018 1 commit
-
-
Antonio Nino Diaz authored
Changed the names for consistency with the rest of the library. Introduced new helpers that manipulate the active translation tables context. Change-Id: Icaca56b67fcf6a96e88aa3c7e47411162e8e6856 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 30 Jul, 2018 1 commit
-
-
Antonio Nino Diaz authored
Fix defects of MISRA C-2012 rules 8.13, 10.1, 10.3, 10.4, 10.8, 11.6, 14.4, 15.7, 17.8, 20.10, 20.12, 21.1 and Directive 4.9. Change-Id: I7ff61e71733908596dbafe2e99d99b4fce9765bd Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 15 Jul, 2018 1 commit
-
-
Antonio Nino Diaz authored
This allows other parts of the code to reuse it. No functional changes. Change-Id: Ib052ae235c422d9179958bd3016c3e678779ae9b Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 13 Jul, 2018 1 commit
-
-
Antonio Nino Diaz authored
The Exception Level is now detected at runtime. This means that it is not needed to hardcode the EL used by each image. This doesn't result in a substantial increase of the image size because the initialization functions that aren't used are garbage-collected by the linker. In AArch32 the current EL has been changed from EL3 to EL1 because the the AArch32 PL1&0 translation regime behaves more like the AArch64 EL1&0 translation regime than the EL3 one. Change-Id: I941404299ebe7666ca17619207c923b49a55cb73 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 03 Jul, 2018 1 commit
-
-
Antonio Nino Diaz authored
Instead of having one big file with all the code, it's better to have a few smaller files that are more manageable: - xlat_tables_core.c: Code related to the core functionality of the library (map and unmap regions, initialize xlat context). - xlat_tables_context.c: Instantiation of the active image context as well as APIs to manipulate it. - xlat_tables_utils.c: Helper code that isn't part of the core functionality (change attributes, debug print messages). Change-Id: I3ea956fc1afd7473c0bb5e7c6aab3b2e5d88c711 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-