1. 04 Jun, 2019 1 commit
    • John Tsichritzis's avatar
      Apply compile-time check for AArch64-only cores · 629d04f5
      John Tsichritzis authored
      
      
      Some cores support only AArch64 mode. In those cores, only a limited
      subset of the AArch32 system registers are implemented. Hence, if TF-A
      is supposed to run on AArch64-only cores, it must be compiled with
      CTX_INCLUDE_AARCH32_REGS=0.
      
      Currently, the default settings for compiling TF-A are with the AArch32
      system registers included. So, if we compile TF-A the default way and
      attempt to run it on an AArch64-only core, we only get a runtime panic.
      
      Now a compile-time check has been added to ensure that this flag has the
      appropriate value when AArch64-only cores are included in the build.
      
      Change-Id: I298ec550037fafc9347baafb056926d149197d4c
      Signed-off-by: default avatarJohn Tsichritzis <john.tsichritzis@arm.com>
      629d04f5
  2. 28 May, 2019 1 commit
  3. 24 May, 2019 1 commit
    • Alexei Fedorov's avatar
      Add support for Branch Target Identification · 9fc59639
      Alexei Fedorov authored
      
      
      This patch adds the functionality needed for platforms to provide
      Branch Target Identification (BTI) extension, introduced to AArch64
      in Armv8.5-A by adding BTI instruction used to mark valid targets
      for indirect branches. The patch sets new GP bit [50] to the stage 1
      Translation Table Block and Page entries to denote guarded EL3 code
      pages which will cause processor to trap instructions in protected
      pages trying to perform an indirect branch to any instruction other
      than BTI.
      BTI feature is selected by BRANCH_PROTECTION option which supersedes
      the previous ENABLE_PAUTH used for Armv8.3-A Pointer Authentication
      and is disabled by default. Enabling BTI requires compiler support
      and was tested with GCC versions 9.0.0, 9.0.1 and 10.0.0.
      The assembly macros and helpers are modified to accommodate the BTI
      instruction.
      This is an experimental feature.
      Note. The previous ENABLE_PAUTH build option to enable PAuth in EL3
      is now made as an internal flag and BRANCH_PROTECTION flag should be
      used instead to enable Pointer Authentication.
      Note. USE_LIBROM=1 option is currently not supported.
      
      Change-Id: Ifaf4438609b16647dc79468b70cd1f47a623362e
      Signed-off-by: default avatarAlexei Fedorov <Alexei.Fedorov@arm.com>
      9fc59639
  4. 14 May, 2019 1 commit
  5. 07 May, 2019 2 commits
  6. 03 May, 2019 1 commit
    • John Tsichritzis's avatar
      Add compile-time errors for HW_ASSISTED_COHERENCY flag · 076b5f02
      John Tsichritzis authored
      This patch fixes this issue:
      https://github.com/ARM-software/tf-issues/issues/660
      
      
      
      The introduced changes are the following:
      
      1) Some cores implement cache coherency maintenance operation on the
      hardware level. For those cores, such as - but not only - the DynamIQ
      cores, it is mandatory that TF-A is compiled with the
      HW_ASSISTED_COHERENCY flag. If not, the core behaviour at runtime is
      unpredictable. To prevent this, compile time checks have been added and
      compilation errors are generated, if needed.
      
      2) To enable this change for FVP, a logical separation has been done for
      the core libraries. A system cannot contain cores of both groups, i.e.
      cores that manage coherency on hardware and cores that don't do it. As
      such, depending on the HW_ASSISTED_COHERENCY flag, FVP includes the
      libraries only of the relevant cores.
      
      3) The neoverse_e1.S file has been added to the FVP sources.
      
      Change-Id: I787d15819b2add4ec0d238249e04bf0497dc12f3
      Signed-off-by: default avatarJohn Tsichritzis <john.tsichritzis@arm.com>
      076b5f02
  7. 25 Apr, 2019 1 commit
  8. 18 Apr, 2019 1 commit
  9. 17 Apr, 2019 3 commits
  10. 08 Apr, 2019 1 commit
  11. 14 Mar, 2019 4 commits
  12. 28 Feb, 2019 9 commits
  13. 27 Feb, 2019 1 commit
    • Varun Wadekar's avatar
      Tegra: Support for scatterfile for the BL31 image · c2ad38ce
      Varun Wadekar authored
      
      
      This patch provides support for using the scatterfile format as
      the linker script with the 'armlink' linker for Tegra platforms.
      
      In order to enable the scatterfile usage the following changes
      have been made:
      
      * provide mapping for ld.S symbols in bl_common.h
      * include bl_common.h from all the affected files
      * update the makefile rules to use the scatterfile and armlink
        to compile BL31
      * update pubsub.h to add sections to the scatterfile
      
      NOTE: THIS CHANGE HAS BEEN VERIFIED WITH TEGRA PLATFORMS ONLY.
      
      Change-Id: I7bb78b991c97d74a842e5635c74cb0b18e0fce67
      Signed-off-by: default avatarVarun Wadekar <vwadekar@nvidia.com>
      c2ad38ce
  14. 26 Feb, 2019 6 commits
  15. 19 Feb, 2019 4 commits
  16. 04 Jan, 2019 1 commit
    • Antonio Nino Diaz's avatar
      Sanitise includes across codebase · 09d40e0e
      Antonio Nino Diaz authored
      Enforce full include path for includes. Deprecate old paths.
      
      The following folders inside include/lib have been left unchanged:
      
      - include/lib/cpus/${ARCH}
      - include/lib/el3_runtime/${ARCH}
      
      The reason for this change is that having a global namespace for
      includes isn't a good idea. It defeats one of the advantages of having
      folders and it introduces problems that are sometimes subtle (because
      you may not know the header you are actually including if there are two
      of them).
      
      For example, this patch had to be created because two headers were
      called the same way: e0ea0928 ("Fix gpio includes of mt8173 platform
      to avoid collision."). More recently, this patch has had similar
      problems: 46f9b2c3 ("drivers: add tzc380 support").
      
      This problem was introduced in commit 4ecca339
      
       ("Move include and
      source files to logical locations"). At that time, there weren't too
      many headers so it wasn't a real issue. However, time has shown that
      this creates problems.
      
      Platforms that want to preserve the way they include headers may add the
      removed paths to PLAT_INCLUDES, but this is discouraged.
      
      Change-Id: I39dc53ed98f9e297a5966e723d1936d6ccf2fc8f
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      09d40e0e
  17. 10 Dec, 2018 1 commit
    • Jeenu Viswambharan's avatar
      AArch64: Use SSBS for CVE_2018_3639 mitigation · 48e1d350
      Jeenu Viswambharan authored
      
      
      The Armv8.5 extensions introduces PSTATE.SSBS (Speculation Store Bypass
      Safe) bit to mitigate against Variant 4 vulnerabilities. Although an
      Armv8.5 feature, this can be implemented by CPUs implementing earlier
      version of the architecture.
      
      With this patch, when both PSTATE.SSBS is implemented and
      DYNAMIC_WORKAROUND_CVE_2018_3639 is active, querying for
      SMCCC_ARCH_WORKAROUND_2 via. SMCCC_ARCH_FEATURES call would return 1 to
      indicate that mitigation on the PE is either permanently enabled or not
      required.
      
      When SSBS is implemented, SCTLR_EL3.DSSBS is initialized to 0 at reset
      of every BL stage. This means that EL3 always executes with mitigation
      applied.
      
      For Cortex A76, if the PE implements SSBS, the existing mitigation (by
      using a different vector table, and tweaking CPU ACTLR2) is not used.
      
      Change-Id: Ib0386c5714184144d4747951751c2fc6ba4242b6
      Signed-off-by: default avatarJeenu Viswambharan <jeenu.viswambharan@arm.com>
      48e1d350
  18. 29 Oct, 2018 1 commit