- 07 Feb, 2020 6 commits
-
-
Louis Mayencourt authored
Use the firmware configuration framework in arm dynamic configuration to retrieve mbedtls heap information between bl1 and bl2. For this, a new fconf getter is added to expose the device tree base address and size. Change-Id: Ifa5ac9366ae100e2cdd1f4c8e85fc591b170f4b6 Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
-
Louis Mayencourt authored
Use fconf to retrieve the `disable_authentication` property. Move this access from arm dynamic configuration to bl common. Change-Id: Ibf184a5c6245d04839222f5457cf5e651f252b86 Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
-
Louis Mayencourt authored
This patch introduces a better separation between the trusted-boot related properties, and the dynamic configuration DTBs loading information. The dynamic configuration DTBs properties are moved to a new node: `dtb-registry`. All the sub-nodes present will be provided to the dynamic config framework to be loaded. The node currently only contains the already defined configuration DTBs, but can be extended for future features if necessary. The dynamic config framework is modified to use the abstraction provided by the fconf framework, instead of directly accessing the DTBs. The trusted-boot properties are kept under the "arm,tb_fw" compatible string, but in a separate `tb_fw-config` node. The `tb_fw-config` property of the `dtb-registry` node simply points to the load address of `fw_config`, as the `tb_fw-config` is currently part of the same DTB. Change-Id: Iceb6c4c2cb92b692b6e28dbdc9fb060f1c46de82 Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
-
Louis Mayencourt authored
Use the dtb provided by bl1 as configuration file for fconf. Change-Id: I3f466ad9b7047e1a361d94e71ac6d693e31496d9 Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
-
Louis Mayencourt authored
Move the loading of the dtb from arm_dym_cfg to fconf. The new loading function is not associated to arm platform anymore, and can be moved to bl_main if wanted. Change-Id: I847d07eaba36d31d9d3ed9eba8e58666ea1ba563 Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
-
Louis Mayencourt authored
Introduce the Firmware CONfiguration Framework (fconf). The fconf is an abstraction layer for platform specific data, allowing a "property" to be queried and a value retrieved without the requesting entity knowing what backing store is being used to hold the data. The default backing store used is C structure. If another backing store has to be used, the platform integrator needs to provide a "populate()" function to fill the corresponding C structure. The "populate()" function must be registered to the fconf framework with the "FCONF_REGISTER_POPULATOR()". This ensures that the function would be called inside the "fconf_populate()" function. A two level macro is used as getter: - the first macro takes 3 parameters and converts it to a function call: FCONF_GET_PROPERTY(a,b,c) -> a__b_getter(c). - the second level defines a__b_getter(c) to the matching C structure, variable, array, function, etc.. Ex: Get a Chain of trust property: 1) FCONF_GET_PROPERY(tbbr, cot, BL2_id) -> tbbr__cot_getter(BL2_id) 2) tbbr__cot_getter(BL2_id) -> cot_desc_ptr[BL2_id] Change-Id: Id394001353ed295bc680c3f543af0cf8da549469 Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
-
- 06 Feb, 2020 1 commit
-
-
Max Shvetsov authored
Enables usage of ARM_ROTPK_LOCATION=regs for FVP board. Removes hard-coded developer keys. Instead, setting ARM_ROTPK_LOCATION=devel_* takes keys from default directory. In case of ROT_KEY specified - generates a new hash and replaces the original. Note: Juno board was tested by original feature author and was not tested for this patch since we don't have access to the private key. Juno implementation was moved to board-specific file without changing functionality. It is not known whether byte-swapping is still needed for this platform. Change-Id: I0fdbaca0415cdcd78f3a388551c2e478c01ed986 Signed-off-by: Max Shvetsov <maksims.svecovs@arm.com>
-
- 04 Feb, 2020 1 commit
-
-
Zelalem authored
This patch removes unnecessary header file includes discovered by Coverity HFA option. Change-Id: I2827c37c1c24866c87db0e206e681900545925d4 Signed-off-by: Zelalem <zelalem.aweke@arm.com>
-
- 03 Feb, 2020 1 commit
-
-
Alexei Fedorov authored
This patch adds 'fdtw_read_bytes' and 'fdtw_write_inplace_bytes' functions for read/write array of bytes from/to a given property. It also adds 'fdt_setprop_inplace_namelen_partial' to jmptbl.i files for builds with USE_ROMLIB=1 option. Change-Id: Ied7b5c8b38a0e21d508aa7bcf5893e656028b14d Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
-
- 29 Jan, 2020 1 commit
-
-
Sandrine Bailleux authored
Allows to select the chain of trust to use when the Trusted Boot feature is enabled. This affects both the cert_create tool and the firmware itself. Right now, the only available CoT is TBBR. Change-Id: I7ab54e66508a1416cb3fcd3dfb0f055696763b3d Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
-
- 28 Jan, 2020 1 commit
-
-
Louis Mayencourt authored
The Secure Configuration Register is 64-bits in AArch64 and 32-bits in AArch32. Use u_register_t instead of unsigned int to reflect this. Change-Id: I51b69467baba36bf0cfaec2595dc8837b1566934 Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
-
- 27 Jan, 2020 2 commits
-
-
Madhukar Pappireddy authored
In order to support SEPARATE_NOBITS_REGION for Arm platforms, we need to load BL31 PROGBITS into secure DRAM space and BL31 NOBITS into SRAM. Hence mandate the build to require that ARM_BL31_IN_DRAM is enabled as well. Naturally with SEPARATE_NOBITS_REGION enabled, the BL31 initialization code cannot be reclaimed to be used for runtime data such as secondary cpu stacks. Memory map for BL31 NOBITS region also has to be created. Change-Id: Ibbc8c9499a32e63fd0957a6e254608fbf6fa90c9 Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
-
Vijayenthiran Subramaniam authored
The platform topology description of the upcoming Arm's RD platforms have different topology than those listed in the sgi_topology.c file. So instead of adding platform specific topology into existing sgi_topology.c file, those can be added to respective board files. In order to maintain consistency with the upcoming platforms, move the existing platform topology description to respective board files. Change-Id: I4689c7d24cd0c75a3dc234370c34a85c08598abb Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
-
- 24 Jan, 2020 1 commit
-
-
Chris Kay authored
As on SGI platforms, SCPI is unsupported on SGM platforms. Change-Id: I556ed095b9eb55b72447230ee2725d3c76160a08 Signed-off-by: Chris Kay <chris.kay@arm.com>
-
- 23 Jan, 2020 1 commit
-
-
Mark Dykes authored
This reverts commit d433bbdd. Change-Id: I46c69dce704a1ce1b50452dd4d62425c4a67f7f0
-
- 22 Jan, 2020 1 commit
-
-
Madhukar Pappireddy authored
In order to support SEPARATE_NOBITS_REGION for Arm platforms, we need to load BL31 PROGBITS into secure DRAM space and BL31 NOBITS into SRAM. Hence mandate the build to require that ARM_BL31_IN_DRAM is enabled as well. Naturally with SEPARATE_NOBITS_REGION enabled, the BL31 initialization code cannot be reclaimed to be used for runtime data such as secondary cpu stacks. Memory map for BL31 NOBITS region also has to be created. Change-Id: Ibd480f82c1dc74e9cbb54eec07d7a8fecbf25433 Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
-
- 10 Jan, 2020 2 commits
-
-
Deepika Bhavnani authored
NOTE for platform integrators: API `plat_psci_stat_get_residency()` third argument `last_cpu_idx` is changed from "signed int" to the "unsigned int" type. Issue / Trouble points 1. cpu_idx is used as mix of `unsigned int` and `signed int` in code with typecasting at some places leading to coverity issues. 2. Underlying platform API's return cpu_idx as `unsigned int` and comparison is performed with platform specific defines `PLAFORM_xxx` which is not consistent Misra Rule 10.4: The value of a complex expression of integer type may only be cast to a type that is narrower and of the same signedness as the underlying type of the expression. Based on above points, cpu_idx is kept as `unsigned int` to match the API's and low-level functions and platform defines are updated where ever required Signed-off-by: Deepika Bhavnani <deepika.bhavnani@arm.com> Change-Id: Ib26fd16e420c35527204b126b9b91e8babcc3a5c
-
Alexei Fedorov authored
This patch removes re-definition of the following FVP build options from plat\arm\board\fvp\fvp_def.h: 'FVP_CLUSTER_COUNT' 'FVP_MAX_CPUS_PER_CLUSTER' 'FVP_MAX_PE_PER_CPU' which are set in platform.mk. This fixes a potential problem when a build option set in platform.mk file can be re-defined in fvp_def.h header file used by other build component with a different makefile which does not set this option. Ref. GENFW-3505. Change-Id: I4288629920516acf2c239c7b733f92a0c5a812ff Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
-
- 07 Jan, 2020 3 commits
-
-
Ambroise Vincent authored
The reclaim init code functionality relies on forward reference in the linker script. The LLVM linker does not process it correctly. Change-Id: I993aeb9587bfa07af25b60ed823a6a2c5e970c94 Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com> Signed-off-by: Zelalem Aweke <zelalem.aweke@arm.com>
-
Avinash Mehta authored
Point boot address to DDR location for booting A5DS FPGA FIP, Kernel and rootfs are sideloaded to DDR Also move BL2 to higher address in DDR Change-Id: Ia2a57a0bda776a1a0a96bcd3cfb5c6cd2cf4dc04 Signed-off-by: Avinash Mehta <avinash.mehta@arm.com>
-
Avinash Mehta authored
Correct the system, timer and uart frequencies to successfully run the stack on FPGA Correct Cortex-A5MPcore to 8 word granularity for Cache writeback Change-Id: I2c59c26b7dca440791ad39f2297c68ae513da7b6 Signed-off-by: Avinash Mehta <avinash.mehta@arm.com>
-
- 03 Jan, 2020 1 commit
-
-
Vishnu Banavath authored
The SCU connects one to four Cortex-A5/Cortex-A9 processors to the memory system through the AXI interfaces. The SCU functions are to: - maintain data cache coherency between the Cortex-A5/Cortex-A9 processors - initiate L2 AXI memory accesses - arbitrate between Cortex-A5/Cortex-A9 processors requesting L2 accesses - manage ACP accesses. Snoop Control Unit will enable to snoop on other CPUs caches. This is very important when it comes to synchronizing data between CPUs. As an example, there is a high chance that data might be cache'd and other CPUs can't see the change. In such cases, if snoop control unit is enabled, data is synchoronized immediately between CPUs and the changes are visible to other CPUs. This driver provides functionality to enable SCU as well as enabling user to know the following - number of CPUs present - is a particular CPU operating in SMP mode or AMP mode - data cache size of a particular CPU - does SCU has ACP port - is L2CPRESENT Change-Id: I0d977970154fa60df57caf449200d471f02312a0 Signed-off-by: Vishnu Banavath <vishnu.banavath@arm.com>
-
- 20 Dec, 2019 5 commits
-
-
Paul Beesley authored
The contents of this header have been merged into the spm_mm_svc.h header file. Change-Id: I01530b2e4ec1b4c091ce339758025e2216e740a4 Signed-off-by: Paul Beesley <paul.beesley@arm.com>
-
Paul Beesley authored
Change-Id: I91c192924433226b54d33e57d56d146c1c6df81b Signed-off-by: Paul Beesley <paul.beesley@arm.com>
-
Paul Beesley authored
Before adding any new SPM-related components we should first do some cleanup around the existing SPM-MM implementation. The aim is to make sure that any SPM-MM components have names that clearly indicate that they are MM-related. Otherwise, when adding new SPM code, it could quickly become confusing as it would be unclear to which component the code belongs. The secure_partition.h header is a clear example of this, as the name is generic so it could easily apply to any SPM-related code, when it is in fact SPM-MM specific. This patch renames the file and the two structures defined within it, and then modifies any references in files that use the header. Change-Id: I44bd95fab774c358178b3e81262a16da500fda26 Signed-off-by: Paul Beesley <paul.beesley@arm.com>
-
Paul Beesley authored
The Secure Partition Manager (SPM) prototype implementation is being removed. This is preparatory work for putting in place a dispatcher component that, in turn, enables partition managers at S-EL2 / S-EL1. This patch removes: - The core service files (std_svc/spm) - The Resource Descriptor headers (include/services) - SPRT protocol support and service definitions - SPCI protocol support and service definitions Change-Id: Iaade6f6422eaf9a71187b1e2a4dffd7fb8766426 Signed-off-by: Paul Beesley <paul.beesley@arm.com> Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com>
-
Paul Beesley authored
There are two different implementations of Secure Partition management in TF-A. One is based on the "Management Mode" (MM) design, the other is based on the Secure Partition Client Interface (SPCI) specification. Currently there is a dependency between their build flags that shouldn't exist, making further development harder than it should be. This patch removes that dependency, making the two flags function independently. Before: ENABLE_SPM=1 is required for using either implementation. By default, the SPCI-based implementation is enabled and this is overridden if SPM_MM=1. After: ENABLE_SPM=1 enables the SPCI-based implementation. SPM_MM=1 enables the MM-based implementation. The two build flags are mutually exclusive. Note that the name of the ENABLE_SPM flag remains a bit ambiguous - this will be improved in a subsequent patch. For this patch the intention was to leave the name as-is so that it is easier to track the changes that were made. Change-Id: I8e64ee545d811c7000f27e8dc8ebb977d670608a Signed-off-by: Paul Beesley <paul.beesley@arm.com>
-
- 19 Dec, 2019 1 commit
-
-
Alexei Fedorov authored
This patch fixes the bug in BL2 dynamic configuration initialisation which prevents loading NT_FW_CONFIG image (ref. GENFW-3471). It also adds parentheses around 'if' statement conditions to fix Coverity defect. Change-Id: I353566c29b84341887e13bf8098a4fedfc4e00ff Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
-
- 18 Dec, 2019 1 commit
-
-
Ambroise Vincent authored
Provide an SMC interface to the 9p filesystem. This permits accessing firmware drivers through a common interface, using standardized read/write/control operations. Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com> Signed-off-by: Olivier Deprez <olivier.deprez@arm.com> Change-Id: I9314662314bb060f6bc02714476574da158b2a7d
-
- 17 Dec, 2019 2 commits
-
-
Bence Szépkúti authored
Ported the pmf asm macros and the asm code in the bl31 entrypoint necessary for the instrumentation to AArch32. Since smc dispatch is handled by the bl32 payload on AArch32, we provide this service only if AARCH32_SP=sp_min is set. Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com> Change-Id: Id33b7e9762ae86a4f4b40d7f1b37a90e5130c8ac
-
Bence Szépkúti authored
Switching execution states is only possible if EL3 is AArch64. As such there is no need to validate the entrypoint on AArch32 builds. Signed-off-by: Bence Szépkúti <bence.szepkuti@arm.com> Change-Id: I3c1eb25b5df296a492870641d274bf65213c6608
-
- 10 Dec, 2019 1 commit
-
-
Ambroise Vincent authored
C99 standard: "What constitutes an access to an object that has volatile-qualified type is implementation-defined". GCC is not considering the cast to void of volatile structures as an access and so is not actually issuing reads. Clang does read those structures by copying them on the stack, which in this case creates an overflow because of their large size. This patch removes the cast to void and instead uses the USED attribute to tell the compiler to retain the static variables. Change-Id: I952b5056e3f6e91841e7ef9558434352710ab80d Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com> Zelalem Aweke <zelalem.aweke@arm.com>
-
- 09 Dec, 2019 2 commits
-
-
Ambroise Vincent authored
Previously the .init section was created even when the reclaim flag was manually set to 0. Change-Id: Ia9e7c7997261f54a4eca725d7ea605192f60bcf8 Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com> Zelalem Aweke <zelalem.aweke@arm.com>
-
Louis Mayencourt authored
Currently tb_fw_cfg_dtb size is fixed to max, which is generally a page (but depend on the platform). Instead, read the actual size of the dtb with the libfdt "fdt_totalsize" function. This avoid flushing extra memory after updating the dtb with mbedtls heap information when shared heap is used. Change-Id: Ibec727661116429f486464a0c9f15e9760d7afe2 Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
-
- 19 Nov, 2019 1 commit
-
-
Max Shvetsov authored
Change-Id: Ia120bcaacea3a462ab78db13f84ed23493033601 Signed-off-by: Max Shvetsov <maksims.svecovs@arm.com>
-
- 18 Nov, 2019 1 commit
-
-
Louis Mayencourt authored
ROMLIB extract functions code from BL images to put them inside ROM. This has for effect to reduce the size of the BL images. This patch take this size reduction into consideration to optimize the memory layout of BL2. A new "PLAT_ARM_BL2_ROMLIB_OPTIMIZATION" macro is defined and used to reduce "PLAT_ARM_MAX_BL2_SIZE". This allows to remove the gap between BL1 and BL2 when ROMLIB is used and provides more room for BL31. The current memory gain is 0x6000 for fvp and 0x8000 for juno. Change-Id: I71c2c2c63b57bce5b22a125efaefc486ff3e87be Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
-
- 15 Nov, 2019 1 commit
-
-
Imre Kis authored
The number of levels in the topology has not changed but the count of processing elements on the lowest layer is now multiplied by the value of FVP_MAX_PE_PER_CPU. Signed-off-by: Imre Kis <imre.kis@arm.com> Change-Id: Ia1568a40ea33dbbbcdfab6c8ab6d19f4db0b8eb4
-
- 11 Nov, 2019 1 commit
-
-
Manish Pandey authored
N1SDP supports multichip configuration wherein n1sdp boards are connected over high speed coherent CCIX link, for now only dual-chip is supported. Whether or not multiple chips are present is dynamically probed by SCP firmware and passed on to TF-A, routing table will be set up only if multiple chips are present. Initialize GIC-600 multichip operation by overriding the default GICR frames with array of GICR frames and setting the chip 0 as routing table owner. Change-Id: Ida35672be4bbf4c517469a5b330548d75e593ff2 Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
-
- 07 Nov, 2019 1 commit
-
-
Manish Pandey authored
Earlier PIE support was enabled for all arm platforms when RESET_TO_BL31=1, but later on it was restricted only to FVP with patch SHA d4580d17 because of n1sdp platform. Now it has been verified that PIE does work for n1sdp platform also, so enabling it again for all arm platforms. Change-Id: I05ad4f1775ef72e7cb578ec9245cde3fbce971a5 Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
-
- 05 Nov, 2019 1 commit
-
-
Vijayenthiran Subramaniam authored
ARM platform can have a non-contiguous GICR frames. For instance, a multi socket platform can have two or more GIC Redistributor frames which are 4TB apart. Hence it is necessary for the `gicv3_rdistif_probe` function to probe all the GICR frames available in the platform. Introduce `plat_arm_override_gicr_frames` function which platforms can use to override the default gicr_frames which holds the GICR base address of the primary cpu. Change-Id: I1f537b0d871a679cb256092944737f2e55ab866e Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
-