GitLab

Update libfdt to version 1.4.2

Clear static variables in X509 parser on error

In mbedtls_x509_parser.c there are some static arrays that are filled
during the integrity check and then read whenever an authentication
parameter is requested. However, they aren't cleared in case of an
integrity check failure, which can be problematic from a security
point of view. This patch clears these arrays in the case of failure.

Change-Id: I9d48f5bc71fa13e5a75d6c45b5e34796ef13aaa2
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

Fix the parameter type of the maintenance functions of data cache.

Add missing declarations for AArch32 versions of dcsw_op_louis and
dcsw_op_all to match the AAch64 ones.

Change-Id: I4226e8ea4f8b2b5bc2972992c83de659ee0da52c

Macro cleanups

Correct system include order

mt8173: Correct SPM MCDI firmware length

add utility macros to utils.h

I do not see any line that references BL32_SIZE.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

We have lots of duplicated defines (and comment blocks too).
Move them to include/plat/common/common_def.h.

While we are here, suffix the end address with _END instead of
_LIMIT.  The _END is a better fit to indicate the linker-derived
real end address.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

The usage of _LIMIT seems odd here, so rename as follows:
  BL_CODE_LIMIT     --> BL_CODE_END
  BL_RO_DATA_LIMIT  --> BL_RO_DATA_END
  BL1_CODE_LIMIT    --> BL1_CODE_END
  BL1_RO_DATA_LIMIT --> BL1_RO_DATA_END

Basically, we want to use _LIMIT and _END properly as follows:
  *_SIZE + *_MAX_SIZE = *_LIMIT
  *_SIZE + *_SIZE     = *_END

The _LIMIT is generally defined by platform_def.h to indicate the
platform-dependent memory constraint.  So, its typical usage is
  ASSERT(. <= BL31_LIMIT, "BL31 image has exceeded its limit.")
in a linker script.

On the other hand, _END is used to indicate the end address of the
compiled image, i.e. we do not know it until the image is linked.

Here, all of these macros belong to the latter, so should be
suffixed with _END.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

NOTE - this is patch does not address all occurrences of system
includes not being in alphabetical order, just this one case.

Change-Id: I3cd23702d69b1f60a4a9dd7fd4ae27418f15b7a3

Delete old version of libfdt at lib/libfdt. Move new libfdt API
headers to include/lib/libfdt and all other files to lib/libfdt.

Change-Id: I32b7888f1f20d62205310e363accbef169ad7b1b
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

* Add libfdt.mk helper makefile
* Remove unused libfdt files
* Minor changes to fdt.h and libfdt.h to make them C99 compliant

Adapted from 754d78b1

.

Change-Id: I0847f1c2e6e11f0c899b0b7ecc522c0ad7de210c
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

Import libfdt code from https://git.kernel.org/cgit/utils/dtc/dtc.git


tag "v1.4.2" commit ec02b34c05be04f249ffaaca4b666f5246877dea.

This version includes commit d0b3ab0a0f46ac929b4713da46f7fdcd893dd3bd,
which fixes a buffer overflow in fdt_offset_ptr().

Change-Id: I05a30511ea68417ee7ff26477da3f99e0bd4e06b
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

When generating the list of files to check by checkpatch.pl, the list
generated by `git ls-files` is filtered by a regular expression with
grep. Due to a malformed regex, the dot of `.md` was considered a
wildcard instead of a dot. This patch fixes this so that it matches
only dots, thus allowing the two following files to be checked:

* tools/cert_create/include/cmd_opt.h
* tools/cert_create/src/cmd_opt.c

Also extended the list of library directories to check by checkpatch
to exclude any folder starting with libfdt.

Change-Id: Ie7bf18efe4df29e364e5d67ba1118515304ed9a4
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

The actual length of the firmware is 1001 32 bit words.
Signed-off-by: Paul Kocialkowski <contact@paulk.fr>

uart: 16550: Fix getc

fiptool: Add support for operating on binary blobs using the UUID

We are duplicating this macro define, and it is useful enough
to be placed in the common place.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

Improve dependency file generation

tbz check for RDR status is to check for a bit being zero.
Unfortunately, we are using a mask rather than the bit position.

Further as per http://www.ti.com/lit/ds/symlink/pc16550d.pdf

 (page 17),
LSR register bit 0 is Data ready status (RDR), not bit position 2.

Update the same to match the specification.
Reported-by: Sekhar Nori <nsekhar@ti.com>
Signed-off-by: Nishanth Menon <nm@ti.com>

zynqmp: Migrate to new address space macros

TBB: fix comment about MBEDTLS_KEY_ALG default

rockchip: Build m0 firmware without standard libraries

Commit 0029624f

 ("Add
PLAT_xxx_ADDR_SPACE_SIZE definition") deprecates 'ADDR_SPACE_SIZE' in
favor of PLAT_(PHY|VIRT)_ADDRESS_SPACE_SIZE. Migrate the zynqmp platform
to use the new interface.
Signed-off-by: Soren Brinkmann <soren.brinkmann@xilinx.com>

This comment block says the default algorithm is ESDSA, while the
code obviously sets the default to RSA:

  ifeq (${MBEDTLS_KEY_ALG},)
      MBEDTLS_KEY_ALG            :=      rsa
  endif

The git log of commit 7d37aa17

 ("TBB: add mbedTLS authentication
related libraries") states available options are:

  * 'rsa' (for RSA-2048) (default option)
  * 'ecdsa' (for ECDSA-SECP256R1)

So, my best guess is the comment block is wrong.

The mismatch between the code and the comment is confusing. Fix it.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

This adds a phony target for each dependency other than the main
file, causing each to depend on nothing.

Without this, the incremental build will fail when a header file
is removed.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

Currently, .d files are generated before any objects are built.
So, IS_ANYTHING_TO_BUILD flag is needed to avoid such processing for
non-build targets.

There is a cleverer way; just create a .d file simultaneously when
the corresponding object is created.  No need to have separate rules
for .d files.

This commit will also fix a bug; -D$(IMAGE) is defined for $(OBJ),
but not for $(PREREQUISITES).  So, .d files are generated with
different macro sets from those for .o files, then wrong .d files
are generated.

For example, in lib/cpus/aarch64/cpu_helpers.S

  #if IMAGE_BL31
  #include <cpu_data.h>
  #endif

<cpu_data.h> is parsed for the object when built for BL31, but the
.d file does not pick up that dependency.

With this commit, the compiler will generate .o and .d at the same
time, guaranteeing they are generated under the same circumstances.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

Using AS for pre-processing looks a bit weird, and some assembly
specific options are given for nothing.  Rather, use CPP.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

The -c flag should not be included in the global variable TF_CFLAGS;
it should be specified in the build rule only when its target is a
*.o file.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>

Depending on the compiler used, it might try to link in libc even though
it's not required. Stop it from doing that.
Signed-off-by: Patrick Georgi <pgeorgi@google.com>

An image descriptor contains an action and an argument.  The action
indicates the intended operation, as requested by the user.  It can be
pack, unpack or remove.  Factor out setting those fields to a separate
function to minimize code duplication across the various commands that
modify these fields.

Change-Id: I1682958e8e83c4884e435cff6d0833c67726461f
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>

Change-Id: If279680a71e7fa1f801d79b8bc2cd47cd9905d33
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>

Change-Id: Ife8f198b4c45961e85ed6f4d463daa59009dab1c
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>

Previously, fiptool only understood a fixed set of images as
specified in tbbr_config.c.  It preserved unknown images during
the update, unpack and remove operations but it was not possible to
explicitly refer to one of those unknown images.

Add a new --blob option to create/update/unpack/remove images that
are not known at compile time.  This is accomplished by specifying
the UUID and filename pair as shown below:

$ ./fiptool create --blob uuid=01234567-89ab-cdef-0123-456789abcdef,file=foo.bin fip.bin
$ ./fiptool info fip.bin
01234567-89ab-cdef-0123-456789abcdef: offset=0x60, size=0x1AA68

Fixes ARM-software/tf-issues#420

Change-Id: Iaac2504b9a4252289c09e73d29645cbe240f3a82
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>

To allow operating on images with unknown UUIDs, fiptool needs to
be able to track an arbitrary amount of images and not be limited
to the set of images described by the builtin table.

Convert the table to a list to accommodate this scenario.

Change-Id: I0e6d738eece7795d74fc72d165a3098f223d4414
Signed-off-by: dp-arm <dimitris.papastamos@arm.com>

Abort preempted TSP STD SMC after PSCI CPU suspend

Standard SMC requests that are handled in the secure-world by the Secure
Payload can be preempted by interrupts that must be handled in the
normal world. When the TSP is preempted the secure context is stored and
control is passed to the normal world to handle the non-secure
interrupt. Once completed the preempted secure context is restored. When
restoring the preempted context, the dispatcher assumes that the TSP
preempted context is still stored as the SECURE context by the context
management library.

However, PSCI power management operations causes synchronous entry into
TSP. This overwrites the preempted SECURE context in the context
management library. When restoring back the SECURE context, the Secure
Payload crashes because this context is not the preempted context
anymore.

This patch avoids corruption of the preempted SECURE context by aborting
any preempted SMC during PSCI power management calls. The
abort_std_smc_entry hook of the TSP is called when aborting the SMC
request.

It also exposes this feature as a FAST SMC callable from normal world to
abort preempted SMC with FID TSP_FID_ABORT.

Change-Id: I7a70347e9293f47d87b5de20484b4ffefb56b770
Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>

Fix TSP_STD_FID macro