1. 20 Feb, 2020 2 commits
    • Manish Pandey's avatar
      SPMD: generate and add Secure Partition blobs into FIP · ce2b1ec6
      Manish Pandey authored
      
      
      Till now TF-A allows limited number of external images to be made part
      of FIP. With SPM coming along, there may exist multiple SP packages
      which need to be inserted into FIP. To achieve this we need a more
      scalable approach to feed SP packages to FIP.
      
      This patch introduces changes in build system to generate and add SP
      packages into FIP based on information provided by platform.
      Platform provides information in form of JSON which contains layout
      description of available Secure Partitions.
      JSON parser script is invoked by build system early on and generates
      a makefile which updates FIP, SPTOOL and FDT arguments which will be
      used by build system later on for final packaging.
      
      "SP_LAYOUT_FILE" passed as a build argument and can be outside of TF-A
      tree. This option will be used only when SPD=spmd.
      
      For each SP, generated makefile will have following entries
           - FDT_SOURCES	+=	sp1.dts
           - SPTOOL_ARGS	+= 	-i sp1.img:sp1.dtb -o sp1.pkg
           - FIP_ARGS		+=	--blob uuid=XXXX-XXX...,file=SP1.pkg
      Signed-off-by: default avatarManish Pandey <manish.pandey2@arm.com>
      Change-Id: Ib6a9c064400caa3cd825d9886008a3af67741af7
      ce2b1ec6
    • Varun Wadekar's avatar
      cpus: higher performance non-cacheable load forwarding · cd0ea184
      Varun Wadekar authored
      
      
      The CPUACTLR_EL1 register on Cortex-A57 CPUs supports a bit to enable
      non-cacheable streaming enhancement. Platforms can set this bit only
      if their memory system meets the requirement that cache line fill
      requests from the Cortex-A57 processor are atomic.
      
      This patch adds support to enable higher performance non-cacheable load
      forwarding for such platforms. Platforms must enable this support by
      setting the 'A57_ENABLE_NONCACHEABLE_LOAD_FWD' flag from their
      makefiles. This flag is disabled by default.
      
      Change-Id: Ib27e55dd68d11a50962c0bbc5b89072208b4bac5
      Signed-off-by: default avatarVarun Wadekar <vwadekar@nvidia.com>
      cd0ea184
  2. 18 Feb, 2020 1 commit
    • Alexei Fedorov's avatar
      FVP: Fix BL31 load address and image size for RESET_TO_BL31=1 · 6227cca9
      Alexei Fedorov authored
      
      
      When TF-A is built with RESET_TO_BL31=1 option, BL31 is the
      first image to be run and should have all the memory allocated
      to it except for the memory reserved for Shared RAM at the start
      of Trusted SRAM.
      This patch fixes FVP BL31 load address and its image size for
      RESET_TO_BL31=1 option. BL31 startup address should be set to
      0x400_1000 and its maximum image size to the size of Trusted SRAM
      minus the first 4KB of shared memory.
      Loading BL31 at 0x0402_0000 as it is currently stated in
      '\docs\plat\arm\fvp\index.rst' causes EL3 exception when the
      image size gets increased (i.e. building with LOG_LEVEL=50)
      but doesn't exceed 0x3B000 not causing build error.
      
      Change-Id: Ie450baaf247f1577112f8d143b24e76c39d33e91
      Signed-off-by: default avatarAlexei Fedorov <Alexei.Fedorov@arm.com>
      6227cca9
  3. 12 Feb, 2020 2 commits
  4. 07 Feb, 2020 4 commits
    • Alexei Fedorov's avatar
      Make PAC demangling more generic · 68c76088
      Alexei Fedorov authored
      
      
      At the moment, address demangling is only used by the backtrace
      functionality. However, at some point, other parts of the TF-A
      codebase may want to use it.
      The 'demangle_address' function is replaced with a single XPACI
      instruction which is also added in 'do_crash_reporting()'.
      Signed-off-by: default avatarAlexei Fedorov <Alexei.Fedorov@arm.com>
      Change-Id: I4424dcd54d5bf0a5f9b2a0a84c4e565eec7329ec
      68c76088
    • Vijayenthiran Subramaniam's avatar
      plat/arm/sgi: introduce number of chips macro · 4d37aa76
      Vijayenthiran Subramaniam authored
      
      
      Introduce macro 'CSS_SGI_CHIP_COUNT' to allow Arm CSS platforms with
      multi-chip support to define number of chiplets on the platform. By
      default, this flag is set to 1 and does not affect the existing single
      chip platforms.
      
      For multi-chip platforms, override the default value of
      CSS_SGI_CHIP_COUNT with the number of chiplets supported on the
      platform. As an example, the command below sets the number of chiplets
      to two on the RD-N1-Edge multi-chip platform:
      
      export CROSS_COMPILE=<path-to-cross-compiler>
      make PLAT=rdn1edge CSS_SGI_CHIP_COUNT=2 ARCH=aarch64 all
      
      Change-Id: If364dc36bd34b30cc356f74b3e97633933e6c8ee
      Signed-off-by: default avatarVijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
      4d37aa76
    • Louis Mayencourt's avatar
      fconf: Add documentation · 326150b9
      Louis Mayencourt authored
      
      
      Change-Id: I606f9491fb6deebc6845c5b9d7db88fc5c895bd9
      Signed-off-by: default avatarLouis Mayencourt <louis.mayencourt@arm.com>
      326150b9
    • Louis Mayencourt's avatar
      fconf: Move platform io policies into fconf · 0a6e7e3b
      Louis Mayencourt authored
      
      
      Use the firmware configuration framework to store the io_policies
      information inside the configuration device tree instead of the static
      structure in the code base.
      
      The io_policies required by BL1 can't be inside the dtb, as this one is
      loaded by BL1, and only available at BL2.
      
      This change currently only applies to FVP platform.
      
      Change-Id: Ic9c1ac3931a4a136aa36f7f58f66d3764c1bfca1
      Signed-off-by: default avatarLouis Mayencourt <louis.mayencourt@arm.com>
      0a6e7e3b
  5. 06 Feb, 2020 4 commits
    • Max Shvetsov's avatar
      Adds option to read ROTPK from registers for FVP · a6ffddec
      Max Shvetsov authored
      
      
      Enables usage of ARM_ROTPK_LOCATION=regs for FVP board.
      Removes hard-coded developer keys. Instead, setting
      ARM_ROTPK_LOCATION=devel_* takes keys from default directory.
      In case of ROT_KEY specified - generates a new hash and replaces the
      original.
      
      Note: Juno board was tested by original feature author and was not tested
      for this patch since we don't have access to the private key. Juno
      implementation was moved to board-specific file without changing
      functionality. It is not known whether byte-swapping is still needed
      for this platform.
      
      Change-Id: I0fdbaca0415cdcd78f3a388551c2e478c01ed986
      Signed-off-by: default avatarMax Shvetsov <maksims.svecovs@arm.com>
      a6ffddec
    • Paul Beesley's avatar
      doc: Split and expand coding style documentation · e63f5d12
      Paul Beesley authored
      
      
      This patch expands the coding style documentation, splitting it
      into two documents: the core style rules and extended guidelines.
      Note that it does not redefine or change the coding style (aside
      from section 4.6.2) - generally, it is only documenting the
      existing style in more detail.
      
      The aim is for the coding style to be more readable and, in turn,
      for it to be followed by more people. We can use this as a more
      concrete reference when discussing the accepted style with external
      contributors.
      
      Change-Id: I87405ace9a879d7f81e6b0b91b93ca69535e50ff
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      Signed-off-by: default avatarPetre-Ionut Tudor <petre-ionut.tudor@arm.com>
      e63f5d12
    • Carlo Caione's avatar
      amlogic: axg: Add a build flag when using ATOS as BL32 · 72d2535a
      Carlo Caione authored
      
      
      BL2 is unconditionally setting 0 (OPTEE_AARCH64) in arg0 even when the
      BL32 image is 32bit (OPTEE_AARCH32). This is causing the boot to hang
      when ATOS (32bit Amlogic BL32 binary-only TEE OS) is used.
      
      Since we are not aware of any Amlogic platform shipping a 64bit version
      of ATOS we can hardcode OPTEE_AARCH32 / MODE_RW_32 when using ATOS.
      Signed-off-by: default avatarCarlo Caione <ccaione@baylibre.com>
      Change-Id: Iaea47cf6dc48bf8a646056761f02fb81b41c78a3
      72d2535a
    • Carlo Caione's avatar
      amlogic: axg: Add support for the A113D (AXG) platform · afd241e7
      Carlo Caione authored
      
      
      Introduce the preliminary support for the Amlogic A113D (AXG) SoC.
      
      This port is a minimal implementation of BL31 capable of booting
      mainline U-Boot, Linux and chainloading BL32 (ATOS).
      
      Tested on a A113D board.
      Signed-off-by: default avatarCarlo Caione <ccaione@baylibre.com>
      Change-Id: Ic4548fa2f7c48d61b485b2a6517ec36c53c20809
      afd241e7
  6. 03 Feb, 2020 2 commits
    • Imre Kis's avatar
      doc: Remove backquotes from external hyperlinks · 8d52e16b
      Imre Kis authored
      
      
      Since Sphinx 2.3.0 backquotes are replaced to \textasciigrave{} during
      building latexpdf. Using this element in a \sphinxhref{} breaks the
      build. In order to avoid this error backquotes must not be used in
      external hyperlinks.
      Signed-off-by: default avatarImre Kis <imre.kis@arm.com>
      Change-Id: Ie3cf454427e3d5a7b7f9829b42be45aebda7f0dd
      8d52e16b
    • Masahiro Yamada's avatar
      doc: qemu: fix and update documentation · 62038be7
      Masahiro Yamada authored
      
      
      The current URL for QEMU_EFI.fd is not found. Update the link to
      point to the new one.
      
      If you run the shell command as instructed, you will see this error:
        qemu-system-aarch64: keep_bootcon: Could not open 'keep_bootcon': No such file or directory
      
      The part "console=ttyAMA0,38400 keep_bootcon root=/dev/vda2" is the
      kernel parameter, so it must be quoted.
      
      As of writing, QEMU v4.2.0 is the latest, but it does not work for
      TF-A (It has been fixed in the mainline.) QEMU v4.1.0 works fine.
      
      With those issues addressed, I succeeded in booting the latest kernel.
      
      Tested with QEMU v4.1.0 and Linux 5.5 (defconfig with no modification).
      Update the tested versions.
      
      Change-Id: Ic85db0e688d67b1803ff890047d37de3f3db2daa
      Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      62038be7
  7. 29 Jan, 2020 2 commits
  8. 28 Jan, 2020 1 commit
  9. 27 Jan, 2020 1 commit
  10. 24 Jan, 2020 2 commits
  11. 23 Jan, 2020 3 commits
  12. 20 Jan, 2020 1 commit
  13. 17 Jan, 2020 2 commits
  14. 15 Jan, 2020 1 commit
  15. 14 Jan, 2020 1 commit
  16. 10 Jan, 2020 2 commits
    • Madhukar Pappireddy's avatar
      docs: GCC toolchain upgrade to version 9.2-2019.12 · f35e5ab3
      Madhukar Pappireddy authored
      
      
      This toolchain provides multiple cross compilers and are publicly
      available on developer.arm.com
      
      We build TF-A in CI using:
      AArch32 bare-metal target (arm-none-eabi)
      AArch64 ELF bare-metal target (aarch64-none-elf)
      
      Change-Id: I910200174d5bad985504d1af4a1ae5819b524003
      Signed-off-by: default avatarMadhukar Pappireddy <madhukar.pappireddy@arm.com>
      f35e5ab3
    • Deepika Bhavnani's avatar
      Unify type of "cpu_idx" across PSCI module. · 5b33ad17
      Deepika Bhavnani authored
      
      
      NOTE for platform integrators:
         API `plat_psci_stat_get_residency()` third argument
         `last_cpu_idx` is changed from "signed int" to the
         "unsigned int" type.
      
      Issue / Trouble points
      1. cpu_idx is used as mix of `unsigned int` and `signed int` in code
      with typecasting at some places leading to coverity issues.
      
      2. Underlying platform API's return cpu_idx as `unsigned int`
      and comparison is performed with platform specific defines
      `PLAFORM_xxx` which is not consistent
      
      Misra Rule 10.4:
      The value of a complex expression of integer type may only be cast to
      a type that is narrower and of the same signedness as the underlying
      type of the expression.
      
      Based on above points, cpu_idx is kept as `unsigned int` to match
      the API's and low-level functions and platform defines are updated
      where ever required
      Signed-off-by: default avatarDeepika Bhavnani <deepika.bhavnani@arm.com>
      Change-Id: Ib26fd16e420c35527204b126b9b91e8babcc3a5c
      5b33ad17
  17. 08 Jan, 2020 2 commits
  18. 03 Jan, 2020 1 commit
  19. 29 Dec, 2019 1 commit
    • Samuel Holland's avatar
      bl31: Split into two separate memory regions · f8578e64
      Samuel Holland authored
      
      
      Some platforms are extremely memory constrained and must split BL31
      between multiple non-contiguous areas in SRAM. Allow the NOBITS
      sections (.bss, stacks, page tables, and coherent memory) to be placed
      in a separate region of RAM from the loaded firmware image.
      
      Because the NOBITS region may be at a lower address than the rest of
      BL31, __RW_{START,END}__ and __BL31_{START,END}__ cannot include this
      region, or el3_entrypoint_common would attempt to invalidate the dcache
      for the entire address space. New symbols __NOBITS_{START,END}__ are
      added when SEPARATE_NOBITS_REGION is enabled, and the dcached for the
      NOBITS region is invalidated separately.
      Signed-off-by: default avatarSamuel Holland <samuel@sholland.org>
      Change-Id: Idedfec5e4dbee77e94f2fdd356e6ae6f4dc79d37
      f8578e64
  20. 23 Dec, 2019 1 commit
  21. 20 Dec, 2019 4 commits
    • Paul Beesley's avatar
      spm-mm: Refactor spm_svc.h and its contents · 0bf9f567
      Paul Beesley authored
      
      
      Change-Id: I91c192924433226b54d33e57d56d146c1c6df81b
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      0bf9f567
    • Paul Beesley's avatar
      spm-mm: Refactor secure_partition.h and its contents · aeaa225c
      Paul Beesley authored
      
      
      Before adding any new SPM-related components we should first do
      some cleanup around the existing SPM-MM implementation. The aim
      is to make sure that any SPM-MM components have names that clearly
      indicate that they are MM-related. Otherwise, when adding new SPM
      code, it could quickly become confusing as it would be unclear to
      which component the code belongs.
      
      The secure_partition.h header is a clear example of this, as the
      name is generic so it could easily apply to any SPM-related code,
      when it is in fact SPM-MM specific.
      
      This patch renames the file and the two structures defined within
      it, and then modifies any references in files that use the header.
      
      Change-Id: I44bd95fab774c358178b3e81262a16da500fda26
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      aeaa225c
    • Paul Beesley's avatar
      spm: Remove SPM Alpha 1 prototype and support files · 538b0020
      Paul Beesley authored
      
      
      The Secure Partition Manager (SPM) prototype implementation is
      being removed. This is preparatory work for putting in place a
      dispatcher component that, in turn, enables partition managers
      at S-EL2 / S-EL1.
      
      This patch removes:
      
      - The core service files (std_svc/spm)
      - The Resource Descriptor headers (include/services)
      - SPRT protocol support and service definitions
      - SPCI protocol support and service definitions
      
      Change-Id: Iaade6f6422eaf9a71187b1e2a4dffd7fb8766426
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      Signed-off-by: default avatarArtsem Artsemenka <artsem.artsemenka@arm.com>
      538b0020
    • Paul Beesley's avatar
      Remove dependency between SPM_MM and ENABLE_SPM build flags · 3f3c341a
      Paul Beesley authored
      
      
      There are two different implementations of Secure Partition
      management in TF-A. One is based on the "Management Mode" (MM)
      design, the other is based on the Secure Partition Client Interface
      (SPCI) specification. Currently there is a dependency between their
      build flags that shouldn't exist, making further development
      harder than it should be. This patch removes that
      dependency, making the two flags function independently.
      
      Before: ENABLE_SPM=1 is required for using either implementation.
              By default, the SPCI-based implementation is enabled and
              this is overridden if SPM_MM=1.
      
      After: ENABLE_SPM=1 enables the SPCI-based implementation.
             SPM_MM=1 enables the MM-based implementation.
             The two build flags are mutually exclusive.
      
      Note that the name of the ENABLE_SPM flag remains a bit
      ambiguous - this will be improved in a subsequent patch. For this
      patch the intention was to leave the name as-is so that it is
      easier to track the changes that were made.
      
      Change-Id: I8e64ee545d811c7000f27e8dc8ebb977d670608a
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      3f3c341a