- 29 Jun, 2021 1 commit
-
-
Sandrine Bailleux authored
We don't ever expect to load a binary with an STM32 header on the Arm FVP platform so remove this type of image from the list of measurements. Also remove the GPT image type from the list, as it does not get measured. GPT is a container, just like FIP is. We don't measure the FIP but rather the images inside it. It would seem logical to treat GPT the same way. Besides, only images that get loaded through load_auth_image() get measured right now. GPT processing happens before that and is handled in a different way (see partition_init()). Change-Id: Iac4de75380ed625b228e69ee4564cf9e67e19336 Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
-
- 03 Jun, 2021 1 commit
-
-
Olivier Deprez authored
Fix a remainder from early prototyping. OP-TEE as a secure partition does not need specific SMC function id pass through to EL3. Signed-off-by: Olivier Deprez <olivier.deprez@arm.com> Change-Id: I2843d1b9a5eb4c966f82790e1655fb569c2de7d4
-
- 02 Jun, 2021 1 commit
-
-
Yann Gautier authored
The UUID strings used in FW_CONFIG DT are not aligned with UUIDs defined in include/tools_share/firmware_image_package.h for BL32_EXTRA1 and TRUSTED_KEY_CERT. Signed-off-by: Yann Gautier <yann.gautier@foss.st.com> Change-Id: I517f8f9311585931f2cb931e0588414da449b694
-
- 28 May, 2021 1 commit
-
-
johpow01 authored
This patch renames the Matterhorn, Matterhorn ELP, and Klein CPUs to Cortex A710, Cortex X2, and Cortex A510 respectively. Signed-off-by: John Powell <john.powell@arm.com> Change-Id: I056d3114210db71c2840a24562b51caf2546e195
-
- 27 May, 2021 1 commit
-
-
Yann Gautier authored
Use the macros that are now defined in include/lib/smccc.h. Signed-off-by: Yann Gautier <yann.gautier@foss.st.com> Change-Id: I688a76277b729672835d51fafb68d1d6205b6ae4
-
- 29 Apr, 2021 1 commit
-
-
Manish V Badarkhe authored
Added GPT parser support in BL2 for Arm platforms to get the entry address and length of the FIP in the GPT image. Also, increased BL2 maximum size for FVP platform to successfully compile ROM-enabled build with this change. Verified this change using a patch: https://review.trustedfirmware.org/c/ci/tf-a-ci-scripts/+/9654 Change-Id: Ie8026db054966653b739a82d9ba106d283f534d0 Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
-
- 28 Apr, 2021 2 commits
-
-
David Horstmann authored
NOTE: Breaking change to the way UUIDs are stored in the DT Currently, UUIDs are stored in the device tree as sequences of 4 integers. There is a mismatch in endianness between the way UUIDs are represented in memory and the way they are parsed from the device tree. As a result, we must either store the UUIDs in little-endian format in the DT (which means that they do not match up with their string representations) or perform endianness conversion after parsing them. Currently, TF-A chooses the second option, with unwieldy endianness-conversion taking place after reading a UUID. To fix this problem, and to make it convenient to copy and paste UUIDs from other tools, change to store UUIDs in string format, using a new wrapper function to parse them from the device tree. Change-Id: I38bd63c907be14e412f03ef0aab9dcabfba0eaa0 Signed-off-by: David Horstmann <david.horstmann@arm.com>
-
Manish V Badarkhe authored
Replaced PLAT_ARM_FIP_BASE and PLAT_ARM_FIP_MAX_SIZE macro with a generic name PLAT_ARM_FLASH_IMAGE_BASE and PLAT_ARM_FLASH_IMAGE_MAX_SIZE so that these macros can be reused in the subsequent GPT based support changes. Change-Id: I88fdbd53e1966578af4f1e8e9d5fef42c27b1173 Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
-
- 26 Apr, 2021 1 commit
-
-
Manish Pandey authored
This will help in keeping source file generic and conditional compilation can be contained in platform provided dt files. Signed-off-by: Manish Pandey <manish.pandey2@arm.com> Change-Id: I3c6e0a429073f0afb412b9ba521ce43f880b57fe
-
- 20 Apr, 2021 1 commit
-
-
johpow01 authored
ELP processors can sometimes have different MIDR values or features so we are adding the "_arm" suffix to differentiate the reference implementation from other future versions. Signed-off-by: John Powell <john.powell@arm.com> Change-Id: Ieea444288587c7c18a397d279ee4b22b7ad79e20
-
- 09 Apr, 2021 1 commit
-
-
Manish Pandey authored
NT_FW_CONFIG file is meant to be passed from BL31 to be consumed by BL33, fvp platforms use this to pass measured boot configuration and the x0 register is used to pass the base address of it. In case of hafnium used as hypervisor in normal world, hypervisor manifest is expected to be passed from BL31 and its base address is passed in x0 register. As only one of NT_FW_CONFIG or hypervisor manifest base address can be passed in x0 register and also measured boot is not required for SPM so disable passing NT_FW_CONFIG. Signed-off-by: Manish Pandey <manish.pandey2@arm.com> Change-Id: Ifad9d3658f55ba7d70f468a88997d5272339e53e
-
- 31 Mar, 2021 1 commit
-
-
Bipin Ravi authored
Add basic support for Cortex_A78C CPU. Signed-off-by: Bipin Ravi <bipin.ravi@arm.com> Change-Id: Id9e41cbe0580a68c6412d194a5ee67940e8dae56
-
- 24 Mar, 2021 1 commit
-
-
johpow01 authored
Add basic support for Makalu ELP processor core. Signed-off-by: John Powell <john.powell@arm.com> Change-Id: I7b1ddbb8dd43326ecb8ff188f6f8fcf239826a93
-
- 15 Mar, 2021 1 commit
-
-
Olivier Deprez authored
The FF-A v1.0 spec allows two configurations for the number of EC/vCPU instantiated in a Secure Partition: -A MultiProcessor (MP) SP instantiates as many ECs as the number of PEs. An EC is pinned to a corresponding physical CPU. -An UniProcessor (UP) SP instantiates a single EC. The EC is migrated to the physical CPU from which the FF-A call is originating. This change permits exercising the latter case within the TF-A-tests framework. Signed-off-by: Olivier Deprez <olivier.deprez@arm.com> Change-Id: I7fae0e7b873f349b34e57de5cea496210123aea0
-
- 01 Mar, 2021 1 commit
-
-
johpow01 authored
Add basic support for Makalu CPU. Signed-off-by: John Powell <john.powell@arm.com> Change-Id: I4e85d425eedea499adf585eb8ab548931185043d
-
- 09 Feb, 2021 2 commits
-
-
Manish V Badarkhe authored
Currently, BLs are mapping the GIC memory region as read-write for all cores on boot-up. This opens up the security hole where the active core can write the GICR frame of fused/inactive core. To avoid this issue, disable the GICR frame of all inactive cores as below: 1. After primary CPU boots up, map GICR region of all cores as read-only. 2. After primary CPU boots up, map its GICR region as read-write and initialize its redistributor interface. 3. After secondary CPU boots up, map its GICR region as read-write and initialize its redistributor interface. 4. All unused/fused core's redistributor regions remain read-only and write attempt to such protected regions results in an exception. As mentioned above, this patch offers only the GICR memory-mapped region protection considering there is no facility at the GIC IP level to avoid writing the redistributor area. These changes are currently done in BL31 of Arm FVP and guarded under the flag 'FVP_GICR_REGION_PROTECTION'. As of now, this patch is tested manually as below: 1. Disable the FVP cores (core 1, 2, 3) with core 0 as an active core. 2. Verify data abort triggered by manually updating the ‘GICR_CTLR’ register of core 1’s(fused) redistributor from core 0(active). Change-Id: I86c99c7b41bae137b2011cf2ac17fad0a26e776d Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
-
Manish V Badarkhe authored
GIC memory region is not getting used in BL1 and BL2. Hence avoid its mapping in BL1 and BL2 that freed some page table entries to map other memory regions in the future. Retains mapping of CCN interconnect region in BL1 and BL2 overlapped with the GIC memory region. Change-Id: I880dd0690f94b140e59e4ff0c0d436961b9cb0a7 Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
-
- 08 Dec, 2020 4 commits
-
-
Olivier Deprez authored
The primary VM concept is removed from the SPMC. Update the SPMC manifests with number of Execution Contexts and SP workspace size for the first Secure Partition (as it is done for NWd secondary VMs and other SPs). Signed-off-by: Olivier Deprez <olivier.deprez@arm.com> Change-Id: I3b9c52666f7dfe74ab1f7d2148ad0070ee44b54e
-
Olivier Deprez authored
The chosen node is no longer required as the SPMC implements a specific boot flow which no longer requires this node. Signed-off-by: Olivier Deprez <olivier.deprez@arm.com> Change-Id: Ib566b602a7f83003a1b2d0ba5f6ebf4d8b7a9156
-
Olivier Deprez authored
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com> Change-Id: I0981c43e2ef8172138f65d95eac7b20f8969394e
-
Olivier Deprez authored
The PVM concept is removed from the SPMC so the device-memory node which is specifying the device memory range for the PVM is no longer applicable. Signed-off-by: Olivier Deprez <olivier.deprez@arm.com> Change-Id: If0cb956e0197028b24ecb78952c66ec454904516
-
- 30 Nov, 2020 1 commit
-
-
Javier Almansa Sobrino authored
Enable basic support for Neoverse-N2 CPUs. Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com> Change-Id: I498adc2d9fc61ac6e1af8ece131039410872e8ad
-
- 21 Oct, 2020 1 commit
-
-
Olivier Deprez authored
For the first partition, mark first 2GB as device memory excluding the Trusted DRAM region reserved for the SPMC. Signed-off-by: Olivier Deprez <olivier.deprez@arm.com> Change-Id: I3ff110b3facf5b6d41ac2519ff6ca5e30a0a502b
-
- 20 Oct, 2020 1 commit
-
-
Arunachalam Ganapathy authored
To support platforms without Trusted DRAM this patch defines PLAT_ARM_SPMC_BASE and enables platform to use either Trusted DRAM or DRAM region behind TZC. Change-Id: Icaa5c7d33334258ff27e8e0bfd0812c304e68ae4 Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
-
- 09 Oct, 2020 1 commit
-
-
Jimmy Brisson authored
And from crash_console_flush. We ignore the error information return by console_flush in _every_ place where we call it, and casting the return type to void does not work around the MISRA violation that this causes. Instead, we collect the error information from the driver (to avoid changing that API), and don't return it to the caller. Change-Id: I1e35afe01764d5c8f0efd04f8949d333ffb688c1 Signed-off-by: Jimmy Brisson <jimmy.brisson@arm.com>
-
- 05 Oct, 2020 2 commits
-
-
Jimmy Brisson authored
Change-Id: Ieb411e2f8092fa82062e619305b680673a8f184f Signed-off-by: Jimmy Brisson <jimmy.brisson@arm.com>
-
Jimmy Brisson authored
Change-Id: Ic0ca51a855660509264ff0d084c068e1421ad09a Signed-off-by: Jimmy Brisson <jimmy.brisson@arm.com>
-
- 15 Sep, 2020 2 commits
-
-
Olivier Deprez authored
According to [1] and in context of FF-A v1.0 a secure partition must have either one EC (migratable UP) or a number of ECs equal to the number of PEs (pinned MP). Adjust the SPMC manifest such that the number of ECs is equal to the number of PEs. [1] https://trustedfirmware-a.readthedocs.io/en/latest/components/ secure-partition-manager.html#platform-topology Signed-off-by: Olivier Deprez <olivier.deprez@arm.com> Change-Id: Ie8c7d96ae7107cb27f5b97882d8f476c18e026d4
-
Manish V Badarkhe authored
Increased BL2 maximum size when CoT descriptors are placed in device tree. Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com> Change-Id: I6466d2841e189e7f15eb4f1a8db070542893cb5b
-
- 10 Sep, 2020 1 commit
-
-
Ruari Phipps authored
UUID's in the device tree files were stored in little endian. So to keep all entries in these files RFC 4122 compliant, store them in big endian then convert it to little endian when they are read so they can be used in the UUID data structure. Signed-off-by: Ruari Phipps <ruari.phipps@arm.com> Change-Id: I5674159b82b245104381df10a4e3291160d9b3b5
-
- 02 Sep, 2020 1 commit
-
-
Anders Dellien authored
This patch adds dependencies to the generated configuration files that are included in the FIP. This fixes occasional build errors that occur when the FIP happens to be built first. Change-Id: I5a2bf724ba3aee13954403b141f2f19b4fd51d1b Signed-off-by: Anders Dellien <anders.dellien@arm.com>
-
- 28 Aug, 2020 1 commit
-
-
Manish V Badarkhe authored
Using the Fconf, register base address of the various nv-counters (currently, trusted, non-trusted nv-counters) are moved to the device tree and retrieved during run-time. This feature is enabled using the build option COT_DESC_IN_DTB. Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com> Change-Id: I236f532e63cea63b179f60892cb406fc05cd5830
-
- 20 Aug, 2020 1 commit
-
-
Olivier Deprez authored
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com> Signed-off-by: Max Shvetsov <maksims.svecovs@arm.com> Change-Id: Icf90c2ccce75257908ba3d4703926041d64b1dd3
-
- 19 Aug, 2020 1 commit
-
-
Ruari Phipps authored
Add information about the third partition so it can be loaded into SPM when running the tests Signed-off-by: Ruari Phipps <ruari.phipps@arm.com> Change-Id: I5544e88df391ef294ddf6b5750d468d3e74892b1
-
- 18 Aug, 2020 1 commit
-
-
Manish V Badarkhe authored
Implemented platform functions to retrieve the soc-id information for FVP platform. Change-Id: Id3df02ab290a210310e8d34ec9d706a59d817517 Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
-
- 17 Aug, 2020 1 commit
-
-
Madhukar Pappireddy authored
SP804 TIMER is not platform specific, and current code base adds multiple defines to use this driver. Like FVP_USE_SP804_TIMER and FVP_VE_USE_SP804_TIMER. This patch removes platform specific build flag and adds generic flag `USE_SP804_TIMER` to be set to 1 by platform if needed. Change-Id: I5ab792c189885fd1b98ddd187f3a38ebdd0baba2 Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
-
- 14 Aug, 2020 2 commits
-
-
Ruari Phipps authored
For supporting dualroot CoT for Secure Partitions a new optional field "owner" is introduced which will be used to sign the SP with corresponding signing domain. To demonstrate its usage, this patch adds owners to cactus Secure Partitions. Signed-off-by: Ruari Phipps <ruari.phipps@arm.com> Change-Id: I7b760580355fc92edf5402cecc38c38125dc1cae
-
Jimmy Brisson authored
This resolves MISRA defects such as: plat/common/plat_bl1_common.c:63:[MISRA C-2012 Rule 14.4 (required)] The condition expression "1" does not have an essentially boolean type. Change-Id: I679411980ad661191fbc834a44a5eca5494fd0e2 Signed-off-by: Jimmy Brisson <jimmy.brisson@arm.com>
-
- 31 Jul, 2020 1 commit
-
-
Olivier Deprez authored
Following merge of patchset [1] the spm_mm_boot_info_t structure is included in few platform files unconditionally even when SPM_MM option is disabled. [1] https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/2647 Signed-off-by: Olivier Deprez <olivier.deprez@arm.com> Change-Id: I68bc034c9348b5d9bcfd2e5217b781df5ad1b369
-
- 30 Jul, 2020 1 commit
-
-
Olivier Deprez authored
Provide manifest and build options to boot OP-TEE as a guest S-EL1 Secure Partition on top of Hafnium in S-EL2. Increase ARM_SP_MAX_SIZE to cope with OP-TEE debug build image. Signed-off-by: Olivier Deprez <olivier.deprez@arm.com> Change-Id: Idd2686fa689a78fe2d05ed92b1d23c65e2edd4cb
-