1. 28 Jul, 2021 1 commit
    • Jeremy Linton's avatar
      rpi4: enable RPi4 PCI SMC conduit · 6e63cdc5
      Jeremy Linton authored
      
      
      Now that we have adjusted the address map, added the
      SMC conduit code, and the RPi4 PCI callbacks, lets
      add the flags to enable everything in the build.
      
      By default this service is disabled because the
      expectation is that its only useful in a UEFI+ACPI
      environment.
      Signed-off-by: default avatarJeremy Linton <jeremy.linton@arm.com>
      Change-Id: I2a3cac6d63ba8119d3b711db121185816b89f8a2
      6e63cdc5
  2. 23 Jul, 2021 5 commits
  3. 22 Jul, 2021 2 commits
    • Abdellatif El Khlifi's avatar
      feat: disabling non volatile counters in diphda · 7f70cd29
      Abdellatif El Khlifi authored
      
      
      At this stage of development Non Volatile counters are not implemented
      in the Diphda platform.
      
      This commit disables their use during the Trusted Board Boot by
      overriding the NV counters get/set functions.
      
      Change-Id: I8dcbebe0281cc4d0837c283ff637e20b850988ef
      Signed-off-by: default avatarAbdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
      7f70cd29
    • Abdellatif El Khlifi's avatar
      feat: adding the diphda platform · bf3ce993
      Abdellatif El Khlifi authored
      
      
      This commit enables trusted-firmware-a with Trusted Board Boot support
      for the Diphda 64-bit platform.
      
      Diphda uses a FIP image located in the flash. The FIP contains the
      following components:
      
      - BL2
      - BL31
      - BL32
      - BL32 SPMC manifest
      - BL33
      - The TBB certificates
      
      The board boot relies on CoT (chain of trust). The trusted-firmware-a
      BL2 is extracted from the FIP and verified by the Secure Enclave
      processor. BL2 verification relies on the signature area at the
      beginning of the BL2 image. This area is needed by the SecureEnclave
      bootloader.
      
      Then, the application processor is released from reset and starts by
      executing BL2.
      
      BL2 performs the actions described in the trusted-firmware-a TBB design
      document.
      Signed-off-by: default avatarRui Miguel Silva <rui.silva@arm.com>
      Signed-off-by: default avatarAbdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
      Change-Id: Iddb1cb9c2a0324a9635e23821c210ac81dfc305d
      bf3ce993
  4. 21 Jul, 2021 1 commit
  5. 20 Jul, 2021 1 commit
  6. 19 Jul, 2021 1 commit
  7. 16 Jul, 2021 1 commit
    • Pali Rohár's avatar
      fix(plat/marvell/a3k): fix printing info messages on output · 9f6d1540
      Pali Rohár authored
      
      
      INFO() macro for every call prepends "INFO:   " string. Therefore
      current code prints unreadable debug messages:
      
          "INFO:    set_io_addr_dec 0 result: ctrl(0x3fff3d01) base(0x0)INFO:    "
          "INFO:    Set IO decode window successfully, base(0xc000)INFO:     win_attr(3d) max_dram_win(2) max_remap(0)INFO:     win_offset(8)"
      
      Fix it by calling exactly one INFO() call for one line. After this
      change output is:
      
          "INFO:    set_io_addr_dec 0 result: ctrl(0x3fff3d01) base(0x0) remap(0x0)"
          "INFO:    Set IO decode window successfully, base(0xc000) win_attr(3d) max_dram_win(2) max_remap(0) win_offset(8)"
      Signed-off-by: default avatarPali Rohár <pali@kernel.org>
      Change-Id: I6084e64c6f4da6c1929e5300588e4ba2608ca745
      9f6d1540
  8. 11 Jul, 2021 2 commits
    • Pali Rohár's avatar
      fix(plat/marvell/a3k): Fix building uart-images.tgz.bin archive · d3f8db07
      Pali Rohár authored
      
      
      For UART secure boot it is required also TIMN image, so pack it into
      uart-images.tgz.bin archive which is created by mrvl_uart target.
      
      $(TIMN_IMAGE) and $(TIM_IMAGE) variables are used only for UART images
      so their content needs to be initialized from $(TIMN_UART_CFG) and
      $(TIM_UART_CFG) config files. And not from $(TIMN_CFG) and $(TIM_CFG) as
      it is now because they are not generated during mrvl_uart target. Fix it
      to allow building mrvl_uart target before mrvl_flash target.
      
      To match usage of these variables, rename them to $(TIMN_UART_IMAGE) and
      $(TIM_UART_IMAGE).
      
      To not complicate rule for building uart-images.tgz.bin archive, set
      list of image files into a new $(UART_IMAGES) variable.
      Signed-off-by: default avatarPali Rohár <pali@kernel.org>
      Change-Id: I83b980abb4047a3afb3ce3026842e1d873c490bf
      d3f8db07
    • Pali Rohár's avatar
      refactor(plat/marvell/a3k): Rename *_CFG and *_SIG variables · 618287da
      Pali Rohár authored
      
      
      For TIM config file use TIM name instead of DOIMAGE and use underscores
      to make variable names more readable.
      Signed-off-by: default avatarPali Rohár <pali@kernel.org>
      Change-Id: I1282ce11f1431c15458a143ae7bfcee85eed2432
      618287da
  9. 10 Jul, 2021 6 commits
    • Pali Rohár's avatar
      refactor(plat/marvell/a3k): Rename DOIMAGETOOL to TBB · 7937b3c7
      Pali Rohár authored
      
      
      Armada 3700 uses external TBB tool for creating images and does not use
      internal TF-A doimage tool from tools/marvell/doimage/
      
      Therefore set correct name of variable.
      Signed-off-by: default avatarPali Rohár <pali@kernel.org>
      Change-Id: I38a94dca78d483de4c79da597c032e1e5d06d92d
      7937b3c7
    • Pali Rohár's avatar
      refactor(plat/marvell/a3k): Remove useless DOIMAGEPATH variable · 7b209717
      Pali Rohár authored
      
      
      Armada 3700 uses WTP so use WTP variable directly.
      Signed-off-by: default avatarPali Rohár <pali@kernel.org>
      Change-Id: I216b40ffee1f3f8abba4677f050ab376c2224ede
      7b209717
    • Pali Rohár's avatar
      fix(plat/marvell/a3k): Fix check for external dependences · 2baf5038
      Pali Rohár authored
      
      
      Old Marvell a3700_utils and mv-ddr tarballs do not have to work with
      latest TF-A code base. Marvell do not provide these old tarballs on
      Extranet anymore. Public version on github repository contains all
      patches and is working fine, so for public TF-A builds use only public
      external dependencies from git.
      Signed-off-by: default avatarPali Rohár <pali@kernel.org>
      Change-Id: Iee5ac6daa9a1826a5b80a8d54968bdbb8fe72f61
      2baf5038
    • Pali Rohár's avatar
      fix(plat/marvell/a8k): Add missing build dependency for BLE target · 04738e69
      Pali Rohár authored
      
      
      BLE source files depend on external Marvell mv-ddr-marvell tree
      (specified in $(MV_DDR_PATH) variable) and its header files. Add
      dependency on $(MV_DDR_LIB) target which checks that variable
      $(MV_DDR_PATH) is correctly set and ensures that make completes
      compilation of mv-ddr-marvell tree.
      Signed-off-by: default avatarPali Rohár <pali@kernel.org>
      Change-Id: I73968b24c45d9af1e3500b8db7a24bb4eb2bfa47
      04738e69
    • Pali Rohár's avatar
      fix(plat/marvell/a8k): Correctly set include directories for individual targets · 559ab2df
      Pali Rohár authored
      
      
      Do not set all include directories, including those for external targets
      in one PLAT_INCLUDES variable.
      
      Instead split them into variables:
      * $(PLAT_INCLUDES) for all TF-A BL images
      * BLE target specific $(PLAT_INCLUDES) only for Marvell BLE image
      * $(MV_DDR_INCLUDES) for targets in external Marvell mv-ddr-marvell tree
      
      Include directory $(CURDIR)/drivers/marvell is required by TF-A BL
      images, so move it from ble.mk to a8k_common.mk.
      
      Include directory $(MV_DDR_PATH) is needed only by Marvell BLE image, so
      move it into BLE target specific $(PLAT_INCLUDES) variable.
      
      And remaining include directories specified in ble.mk are needed only
      for building external dependences from Marvell mv-ddr tree, so move them
      into $(MV_DDR_INCLUDES) variable and correctly use it in $(MV_DDR_LIB)
      target.
      Signed-off-by: default avatarPali Rohár <pali@kernel.org>
      Change-Id: I331f7de675dca2bc70733d56b768f00d56ae4a67
      559ab2df
    • Pali Rohár's avatar
      fix(plat/marvell/a8k): Require that MV_DDR_PATH is correctly set · 528dafc3
      Pali Rohár authored
      
      
      Target mrvl_flash depends on external mv_ddr source code which is not
      part of TF-A project. Do not expect that it is pre-downloaded at some
      specific location and require user to specify correct path to mv_ddr
      source code via MV_DDR_PATH build option.
      
      TF-A code for Armada 37x0 platform also depends on mv_ddr source code
      and already requires passing correct MV_DDR_PATH build option.
      
      So for A8K implement same checks for validity of MV_DDR_PATH option as
      are already used by TF-A code for Armada 37x0 platform.
      Signed-off-by: default avatarPali Rohár <pali@kernel.org>
      Change-Id: I792f2bfeab0cec89b1b64e88d7b2c456e22de43a
      528dafc3
  10. 08 Jul, 2021 2 commits
  11. 06 Jul, 2021 4 commits
  12. 05 Jul, 2021 1 commit
  13. 02 Jul, 2021 5 commits
  14. 30 Jun, 2021 2 commits
  15. 29 Jun, 2021 2 commits
    • Sandrine Bailleux's avatar
      refactor(plat/fvp): tidy up list of images to measure · 64dd1dee
      Sandrine Bailleux authored
      
      
      We don't ever expect to load a binary with an STM32 header on the Arm
      FVP platform so remove this type of image from the list of
      measurements.
      
      Also remove the GPT image type from the list, as it does not get
      measured. GPT is a container, just like FIP is. We don't measure the FIP
      but rather the images inside it. It would seem logical to treat GPT the
      same way.
      
      Besides, only images that get loaded through load_auth_image() get
      measured right now. GPT processing happens before that and is handled in
      a different way (see partition_init()).
      
      Change-Id: Iac4de75380ed625b228e69ee4564cf9e67e19336
      Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
      64dd1dee
    • Manish Pandey's avatar
      feat(plat/arm): enable PIE when RESET_TO_SP_MIN=1 · 7285fd5f
      Manish Pandey authored
      For Arm platforms PIE is enabled when RESET_TO_BL31=1 in aarch64 mode on
      the similar lines enable PIE when RESET_TO_SP_MIN=1 in aarch32 mode.
      The underlying changes for enabling PIE in aarch32 is submitted in
      commit 4324a14b
      
      Signed-off-by: default avatarManish Pandey <manish.pandey2@arm.com>
      Change-Id: Ib8bb860198b3f97cdc91005503a3184d63e15469
      7285fd5f
  16. 28 Jun, 2021 2 commits
  17. 25 Jun, 2021 2 commits