- 24 Jul, 2018 1 commit
-
-
Daniel Boulby authored
Change arm_setup_page_tables() to take a variable number of memory regions. Remove coherent memory region from BL1, BL2 and BL2U as their coherent memory region doesn't contain anything and therefore has a size of 0. Add check to ensure this doesn't change without us knowing. Change-Id: I790054e3b20b056dda1043a4a67bd7ac2d6a3bc0 Signed-off-by: Daniel Boulby <daniel.boulby@arm.com>
-
- 01 May, 2018 1 commit
-
-
Roberto Vargas authored
Previously mem_protect used to be only supported from BL2. This is not helpful in the case when ARM TF-A BL2 is not used. This patch demonstrates mem_protect from el3_runtime firmware on ARM Platforms specifically when RESET_TO_BL31 or RESET_TO_SP_MIN flag is set as BL2 may be absent in these cases. The Non secure DRAM is dynamically mapped into EL3 mmap tables temporarily and then the protected regions are then cleared. This avoids the need to map the non secure DRAM permanently to BL31/sp_min. The stack size is also increased, because DYNAMIC_XLAT_TABLES require a bigger stack. Change-Id: Ia44c594192ed5c5adc596c0cff2c7cc18c001fde Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
-
- 08 Mar, 2018 1 commit
-
-
Soby Mathew authored
Previously, Juno used to depend on the SSC_GPRETN register to inform about the reset syndrome. This method was removed when SCP migrated to the SDS framework. But even the SDS framework doesn't report the reset syndrome correctly and hence Juno failed to enter Firmware update mode if BL2 authentication failed. In addition to that, the error code populated in V2M_SYS_NVFLAGS register does not seem to be retained any more on Juno across resets. This could be down to the motherboard firmware not doing the necessary to preserve the value. Hence this patch modifies the Juno platform to use the same mechanism to trigger firmware update as FVP which is to corrupt the FIP TOC on authentication failure. The implementation in `fvp_err.c` is made common for ARM platforms and is moved to the new `arm_err.c` file in plat/arm/common folder. The BL1 and BL2 mmap table entries for Juno are modified to allow write to the Flash memory address. Change-Id: Ica7d49a3e8a46a90efd4cf340f19fda3b549e945 Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
- 25 Sep, 2017 2 commits
-
-
Roberto Vargas authored
On ARM platforms, the maximum size of the address space is limited to 32-bits as defined in arm_def.h. In order to access DRAM2, which is defined beyond the 32-bit address space, the maximum address space is increased to 36-bits in AArch64. It is possible to increase the virtual space for AArch32, but it is more difficult and not supported for now. NOTE - the actual maximum memory address space is platform dependent and is checked at run-time by querying the PARange field in the ID_AA64MMFR0_EL1 register. Change-Id: I6cb05c78a63b1fed96db9a9773faca04a5b93d67 Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
-
Roberto Vargas authored
mem_protect needs some kind of non-volatile memory because it has to remember its state across reset and power down events. The most suitable electronic part for this feature is a NVRAM which should be only accesible from the secure world. Juno and FVP lack such hardware and for this reason the MEM_PROTECT functionality is implemented with Flash EEPROM memory on both boards, even though this memory is accesible from the non-secure world. This is done only to show a full implementation of these PSCI features, but an actual system shouldn't use a non-secure NVRAM to implement it. The EL3 runtime software will write the mem_protect flag and BL2 will read and clear the memory ranges if enabled. It is done in BL2 because it reduces the time that TF needs access to the full non-secure memory. The memory layout of both boards is defined using macros which take different values in Juno and FVP platforms. Generic platform helpers are added that use the platform specific macros to generate a mem_region_t that is valid for the platform. Change-Id: I2c6818ac091a2966fa07a52c5ddf8f6fde4941e9 Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
-
- 22 Sep, 2017 1 commit
-
-
Qixiang Xu authored
- fixed compile error when KEY_ALG=ecdsa - add new option ecdsa for TF_MBEDTLS_KEY_ALG - add new option devel_ecdsa for ARM_ROTPK_LOCATION - add ecdsa key at plat/arm/board/common/rotpk/ - reduce the mbedtls heap memory size to 13k Change-Id: I3f7a6170af93fdbaaa7bf2fffb4680a9f6113c13 Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>
-
- 06 Sep, 2017 1 commit
-
-
Soby Mathew authored
This patch does the required changes to enable CSS platforms to build and use the SDS framework. Since SDS is always coupled with SCMI protocol, the preexisting SCMI build flag is now renamed to `CSS_USE_SCMI_SDS_DRIVER` which will enable both SCMI and SDS on CSS platforms. Also some of the workarounds applied for SCMI are now removed with SDS in place. Change-Id: I94e8b93f05e3fe95e475c5501c25bec052588a9c Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
- 05 Sep, 2017 1 commit
-
-
Soby Mathew authored
The commit 3eb2d672 optimizes the memory map for BL2 when TSP is not present. But this also broke OP-TEE as it was reusing the TSP mapping. This patch fixes this problem by adding a separate mapping for OP-TEE in the BL2 memory map table. Change-Id: I130a2ea552b7b62d8478081feb1f4ddf5292a118 Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
- 31 Aug, 2017 1 commit
-
-
Sandrine Bailleux authored
This patch ensures that the ARM_MAP_TSP_SEC_MEM memory region is mapped in BL2 only if the TSPD has been included in the build. This saves one entry in the plat_arm_mmap[] array and avoids to map extra memory when it's not needed. Change-Id: I6ae60822ff8f0de198145925b0b0d45355179a94 Signed-off-by: Achin Gupta <achin.gupta@arm.com> Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
-
- 23 Aug, 2017 1 commit
-
-
Roberto Vargas authored
The nor_XXXXX functions may fail due to different reasons, and it is convenient to do a full check to detect any failure. It is also a good idea to have a specific function to do a full status check, because new checks can be added to this function and they will be incorporated automatically to any function calling it. Change-Id: I54fed913e37ef574c1608e94139a519426348d12 Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
-
- 22 Aug, 2017 4 commits
-
-
Roberto Vargas authored
NOR memory only supports setting bits to 1. To clear a bit, set to zero, the NOR memory needs to be erased. Change-Id: Ia82eb15a5af9a6d4fc7e5ea2b58e6db87226b351 Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
-
Roberto Vargas authored
The status register bits remain until explicitly cleared, which means that a command can be incorrectly considered to have generated an error - for example, after reset the status register contents may be unknown or if a previous command had failed. This patch clears the status register before beginning any command to be sure that the status register only represents information about the current operation. Change-Id: I9e98110ee24179937215461c00b6543a3467b350 Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
-
Roberto Vargas authored
lock/unlock operation must wait until WSM bit is set. Since we do not allow to loop forever then these functions must return an error if WSM bit isn't enabled after a number of tries. Change-Id: I21c9e292b514b28786ff4a225128bcd8c1bfa999 Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
-
Roberto Vargas authored
- Add comments to all the functions - Simplify nor_poll_dws - Simplify nor_word_program Change-Id: I29c0199d2908a4fceb1ac3430fcfdd699be22bb3 Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
-
- 09 Aug, 2017 1 commit
-
-
Summer Qin authored
Trusted OS may have extra images to be loaded. Load them one by one and do the parsing. In this patch, ARM TF need to load up to 3 images for optee os: header, pager and paged images. Header image is the info about optee os and images. Pager image include pager code and data. Paged image include the paging parts using virtual memory. Change-Id: Ia3bcfa6d8a3ed7850deb5729654daca7b00be394 Signed-off-by: Summer Qin <summer.qin@arm.com>
-
- 25 Jul, 2017 1 commit
-
-
Sandrine Bailleux authored
The DEVICE2 memory range is needed to access the Root of Trust Public Key registers. This is not needed when Trusted Board Boot is disabled so it's safer to not map it in this case. This also saves one level-2 page table in each of BL1 and BL2 images. Also add some comments. Change-Id: I67456b44f3fd5e145f6510a8499b7fdf720a7273 Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
-
- 28 Jun, 2017 1 commit
-
-
Soby Mathew authored
This patch implements the platform APIs plat_get_rotpk_info, plat_get_nv_ctr, plat_set_nv_ctr to invoke CryptoCell SBROM APIs when ARM_CRYPTOCELL_INT is set. Change-Id: I693556b3c7f42eceddd527abbe6111e499f55c45 Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
- 05 Jun, 2017 1 commit
-
-
Soby Mathew authored
This patch adds the memory map region for the SCMI payload memory and maps the Juno core indices to SCMI power domains via the `plat_css_core_pos_to_scmi_dmn_id_map` array. Change-Id: I0d2bb2a719ff5b6a9d8e22e91e1625ab14453665 Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
- 24 May, 2017 1 commit
-
-
dp-arm authored
This function was removed long ago. Remove remaining pragma reference. Change-Id: I66c556863d47dc17d2ffdc6c23aa524df6aade80 Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
-
- 23 May, 2017 1 commit
-
-
Masahiro Yamada authored
The header tbbr_oid.h contains OIDs obtained by ARM Ltd. so there is no good reason to use platform_oid.h Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
- 03 May, 2017 1 commit
-
-
dp-arm authored
To make software license auditing simpler, use SPDX[0] license identifiers instead of duplicating the license text in every file. NOTE: Files that have been imported by FreeBSD have not been modified. [0]: https://spdx.org/ Change-Id: I80a00e1f641b8cc075ca5a95b10607ed9ed8761a Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
-
- 20 Apr, 2017 1 commit
-
-
Yatharth Kochar authored
This patch adds support for SP_MIN on JUNO platform. The changes include addition of AArch32 assembly files, JUNO specific SP_MIN make file and miscellaneous changes in ARM platform files to enable support for SP_MIN. Change-Id: Id1303f422fc9b98b9362c757b1a4225a16fffc0b Signed-off-by: Yatharth Kochar <yatharth.kochar@arm.com> Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
-
- 23 Jan, 2017 1 commit
-
-
Masahiro Yamada authored
One nasty part of ATF is some of boolean macros are always defined as 1 or 0, and the rest of them are only defined under certain conditions. For the former group, "#if FOO" or "#if !FOO" must be used because "#ifdef FOO" is always true. (Options passed by $(call add_define,) are the cases.) For the latter, "#ifdef FOO" or "#ifndef FOO" should be used because checking the value of an undefined macro is strange. Here, IMAGE_BL* is handled by make_helpers/build_macro.mk like follows: $(eval IMAGE := IMAGE_BL$(call uppercase,$(3))) $(OBJ): $(2) @echo " CC $$<" $$(Q)$$(CC) $$(TF_CFLAGS) $$(CFLAGS) -D$(IMAGE) -c $$< -o $$@ This means, IMAGE_BL* is defined when building the corresponding image, but *undefined* for the other images. So, IMAGE_BL* belongs to the latter group where we should use #ifdef or #ifndef. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
- 21 Sep, 2016 1 commit
-
-
Yatharth Kochar authored
This patch adds common changes to support AArch32 state in BL1 and BL2. Following are the changes: * Added functions for disabling MMU from Secure state. * Added AArch32 specific SMC function. * Added semihosting support. * Added reporting of unhandled exceptions. * Added uniprocessor stack support. * Added `el3_entrypoint_common` macro that can be shared by BL1 and BL32 (SP_MIN) BL stages. The `el3_entrypoint_common` is similar to the AArch64 counterpart with the main difference in the assembly instructions and the registers that are relevant to AArch32 execution state. * Enabled `LOAD_IMAGE_V2` flag in Makefile for `ARCH=aarch32` and added check to make sure that platform has not overridden to disable it. Change-Id: I33c6d8dfefb2e5d142fdfd06a0f4a7332962e1a3
-
- 10 Aug, 2016 1 commit
-
-
Soby Mathew authored
This patch adds AArch32 support for FVP and implements common platform APIs like `plat_get_my_stack`, `plat_set_my_stack`, `plat_my_core_cos` for AArch32. Only Multi Processor(MP) implementations of these functions are considered in this patch. The ARM Standard platform layer helpers are implemented for AArch32 and the common makefiles are modified to cater for both AArch64 and AArch32 builds. Compatibility with the deprecated platform API is not supported for AArch32. Change-Id: Iad228400613eec91abf731b49e21a15bcf2833ea
-
- 09 Aug, 2016 1 commit
-
-
Soby Mathew authored
This patch migrates the upstream platform makefiles to include the console drivers from the new location in ARM Trusted Firmware code base. Change-Id: I866d6c4951e475de1f836ce8a8c1d5e6da9577e3
-
- 25 Jul, 2016 1 commit
-
-
Antonio Nino Diaz authored
Compile option `ARM_BOARD_OPTIMISE_MMAP` has been renamed to `ARM_BOARD_OPTIMISE_MEM` because it now applies not only to defines related to the translation tables but to the image size as well. The defines `PLAT_ARM_MAX_BL1_RW_SIZE`, `PLAT_ARM_MAX_BL2_SIZE` and `PLAT_ARM_MAX_BL31_SIZE` have been moved to the file board_arm_def.h. This way, ARM platforms no longer have to set their own values if `ARM_BOARD_OPTIMISE_MEM=0` and they can specify optimized values otherwise. The common sizes have been set to the highest values used for any of the current build configurations. This is needed because in some build configurations some images are running out of space. This way there is a common set of values known to work for all of them and it can be optimized for each particular platform if needed. The space reserved for BL2 when `TRUSTED_BOARD_BOOT=0` has been increased. This is needed because when memory optimisations are disabled the values for Juno of `PLAT_ARM_MMAP_ENTRIES` and `MAX_XLAT_TABLES` are higher. If in this situation the code is compiled in debug mode and with "-O0", the code won't fit. Change-Id: I70a3d8d3a0b0cad1d6b602c01a7ea334776e718e
-
- 08 Jul, 2016 1 commit
-
-
Sandrine Bailleux authored
This patch introduces the arm_setup_page_tables() function to set up page tables on ARM platforms. It replaces the arm_configure_mmu_elx() functions and does the same thing except that it doesn't enable the MMU at the end. The idea is to reduce the amount of per-EL code that is generated by the C preprocessor by splitting the memory regions definitions and page tables creation (which is generic) from the MMU enablement (which is the only per-EL configuration). As a consequence, the call to the enable_mmu_elx() function has been moved up into the plat_arch_setup() hook. Any other ARM standard platforms that use the functions `arm_configure_mmu_elx()` must be updated. Change-Id: I6f12a20ce4e5187b3849a8574aac841a136de83d
-
- 03 Jun, 2016 1 commit
-
-
Antonio Nino Diaz authored
Replaced placeholder implementation of plat_set_nv_ctr for FVP platforms by a working one. On FVP, the mapping of region DEVICE2 has been changed from RO to RW to prevent exceptions when writing to the NV counter, which is contained in this region. Change-Id: I56a49631432ce13905572378cbdf106f69c82f57
-
- 31 Mar, 2016 1 commit
-
-
Juan Castillo authored
This patch adds support for non-volatile counter authentication to the Authentication Module. This method consists of matching the counter values provided in the certificates with the ones stored in the platform. If the value from the certificate is lower than the platform, the boot process is aborted. This mechanism protects the system against rollback. The TBBR CoT has been updated to include this method as part of the authentication process. Two counters are used: one for the trusted world images and another for the non trusted world images. ** NEW PLATFORM APIs (mandatory when TBB is enabled) ** int plat_get_nv_ctr(void *cookie, unsigned int *nv_ctr); This API returns the non-volatile counter value stored in the platform. The cookie in the first argument may be used to select the counter in case the platform provides more than one (i.e. TBSA compliant platforms must provide trusted and non-trusted counters). This cookie is specified in the CoT. int plat_set_nv_ctr(void *cookie, unsigned int nv_ctr); This API sets a new counter value. The cookie may be used to select the counter to be updated. An implementation of these new APIs for ARM platforms is also provided. The values are obtained from the Trusted Non-Volatile Counters peripheral. The cookie is used to pass the extension OID. This OID may be interpreted by the platform to know which counter must return. On Juno, The trusted and non-trusted counter values have been tied to 31 and 223, respectively, and cannot be modified. ** IMPORTANT ** THIS PATCH BREAKS THE BUILD WHEN TRUSTED_BOARD_BOOT IS ENABLED. THE NEW PLATFORM APIs INTRODUCED IN THIS PATCH MUST BE IMPLEMENTED IN ORDER TO SUCCESSFULLY BUILD TF. Change-Id: Ic943b76b25f2a37f490eaaab6d87b4a8b3cbc89a
-
- 22 Feb, 2016 1 commit
-
-
Vikram Kanigiri authored
`board_arm_def.h` contains multiple definitions of `PLAT_ARM_MMAP_ENTRIES` and `MAX_XLAT_TABLES` that are optimised for memory usage depending upon the chosen build configuration. To ease maintenance of these constants, this patch replaces their multiple definitions with a single set of definitions that will work on all ARM platforms. Platforms can override the defaults with optimal values by enabling the `ARM_BOARD_OPTIMISE_MMAP` build option. An example has been provided in the Juno ADP port. Additionally, `PLAT_ARM_MMAP_ENTRIES` is increased by one to accomodate future ARM platforms. Change-Id: I5ba6490fdd1e118cc9cc2d988ad7e9c38492b6f0
-
- 09 Dec, 2015 2 commits
-
-
Yatharth Kochar authored
This patch adds support for Firmware update in BL2U for ARM platforms such that TZC initialization is performed on all ARM platforms and (optionally) transfer of SCP_BL2U image on ARM CSS platforms. BL2U specific functions are added to handle early_platform and plat_arch setup. The MMU is configured to map in the BL2U code/data area and other required memory. Change-Id: I57863295a608cc06e6cbf078b7ce34cbd9733e4f
-
Yatharth Kochar authored
This patch adds Firmware Update support for ARM platforms. New files arm_bl1_fwu.c and juno_bl1_setup.c were added to provide platform specific Firmware update code. BL1 now includes mmap entry for `ARM_MAP_NS_DRAM1` to map DRAM for authenticating NS_BL2U image(For both FVP and JUNO platform). Change-Id: Ie116cd83f5dc00aa53d904c2f1beb23d58926555
-
- 02 Dec, 2015 1 commit
-
-
Juan Castillo authored
This patch adds watchdog support on ARM platforms (FVP and Juno). A secure instance of SP805 is used as Trusted Watchdog. It is entirely managed in BL1, being enabled in the early platform setup hook and disabled in the exit hook. By default, the watchdog is enabled in every build (even when TBB is disabled). A new ARM platform specific build option `ARM_DISABLE_TRUSTED_WDOG` has been introduced to allow the user to disable the watchdog at build time. This feature may be used for testing or debugging purposes. Specific error handlers for Juno and FVP are also provided in this patch. These handlers will be called after an image load or authentication error. On FVP, the Table of Contents (ToC) in the FIP is erased. On Juno, the corresponding error code is stored in the V2M Non-Volatile flags register. In both cases, the CPU spins until a watchdog reset is generated after 256 seconds (as specified in the TBBR document). Change-Id: I9ca11dcb0fe15af5dbc5407ab3cf05add962f4b4
-
- 27 Nov, 2015 1 commit
-
-
Juan Castillo authored
FVP and Juno platforms include a NOR flash memory to store and load the FIP, the kernel or a ramdisk. This NOR flash is arranged as 2 x 16 bit flash devices and can be programmed using CFI standard commands. This patch provides a basic API to write single 32 bit words of data into the NOR flash. Functions to lock/unlock blocks against erase or write operations are also provided. Change-Id: I1da7ad3105b1ea409c976adc863954787cbd90d2
-
- 25 Jun, 2015 2 commits
-
-
Juan Castillo authored
The authentication framework deprecates plat_match_rotpk() in favour of plat_get_rotpk_info(). This patch removes plat_match_rotpk() from the platform port. Change-Id: I2250463923d3ef15496f9c39678b01ee4b33883b
-
Juan Castillo authored
This patch extends the platform port by adding an API that returns either the Root of Trust public key (ROTPK) or its hash. This is usually stored in ROM or eFUSE memory. The ROTPK returned must be encoded in DER format according to the following ASN.1 structure: SubjectPublicKeyInfo ::= SEQUENCE { algorithm AlgorithmIdentifier, subjectPublicKey BIT STRING } In case the platform returns a hash of the key: DigestInfo ::= SEQUENCE { digestAlgorithm AlgorithmIdentifier, keyDigest OCTET STRING } An implementation for ARM development platforms is provided in this patch. When TBB is enabled, the ROTPK hash location must be specified using the build option 'ARM_ROTPK_LOCATION'. Available options are: - 'regs' : return the ROTPK hash stored in the Trusted root-key storage registers. - 'devel_rsa' : return a ROTPK hash embedded in the BL1 and BL2 binaries. This hash has been obtained from the development RSA public key located in 'plat/arm/board/common/rotpk'. On FVP, the number of MMU tables has been increased to map and access the ROTPK registers. A new file 'board_common.mk' has been added to improve code sharing in the ARM develelopment platforms. Change-Id: Ib25862e5507d1438da10773e62bd338da8f360bf
-
- 28 Apr, 2015 1 commit
-
-
Dan Handley authored
This major change pulls out the common functionality from the FVP and Juno platform ports into the following categories: * (include/)plat/common. Common platform porting functionality that typically may be used by all platforms. * (include/)plat/arm/common. Common platform porting functionality that may be used by all ARM standard platforms. This includes all ARM development platforms like FVP and Juno but may also include non-ARM-owned platforms. * (include/)plat/arm/board/common. Common platform porting functionality for ARM development platforms at the board (off SoC) level. * (include/)plat/arm/css/common. Common platform porting functionality at the ARM Compute SubSystem (CSS) level. Juno is an example of a CSS-based platform. * (include/)plat/arm/soc/common. Common platform porting functionality at the ARM SoC level, which is not already defined at the ARM CSS level. No guarantees are made about the backward compatibility of functionality provided in (include/)plat/arm. Also remove any unnecessary variation between the ARM development platform ports, including: * Unify the way BL2 passes `bl31_params_t` to BL3-1. Use the Juno implementation, which copies the information from BL2 memory instead of expecting it to persist in shared memory. * Unify the TZC configuration. There is no need to add a region for SCP in Juno; it's enough to simply not allow any access to this reserved region. Also set region 0 to provide no access by default instead of assuming this is the case. * Unify the number of memory map regions required for ARM development platforms, although the actual ranges mapped for each platform may be different. For the FVP port, this reduces the mapped peripheral address space. These latter changes will only be observed when the platform ports are migrated to use the new common platform code in subsequent patches. Change-Id: Id9c269dd3dc6e74533d0e5116fdd826d53946dc8
-