1. 09 Dec, 2015 2 commits
    • Yatharth Kochar's avatar
      FWU: Add Generic Firmware Update framework support in BL1 · 48bfb88e
      Yatharth Kochar authored
      Firmware update(a.k.a FWU) feature is part of the TBB architecture.
      BL1 is responsible for carrying out the FWU process if platform
      specific code detects that it is needed.
      
      This patch adds support for FWU feature support in BL1 which is
      included by enabling `TRUSTED_BOARD_BOOT` compile time flag.
      
      This patch adds bl1_fwu.c which contains all the core operations
      of FWU, which are; SMC handler, image copy, authentication, execution
      and resumption. It also adds bl1.h introducing #defines for all
      BL1 SMCs.
      
      Following platform porting functions are introduced:
      
      int bl1_plat_mem_check(uintptr_t mem_base, unsigned int mem_size,
      unsigned int flags);
      	This function can be used to add platform specific memory checks
      	for the provided base/size for the given security state.
      	The weak definition will invoke `assert()` and return -ENOMEM.
      
      __dead2 void bl1_plat_fwu_done(void *cookie, void *reserved);
      	This function can be used to initiate platform specific procedure
      	to mark completion of the FWU process.
      	The weak definition waits forever calling `wfi()`.
      
      plat_bl1_common.c contains weak definitions for above functions.
      
      FWU process starts when platform detects it and return the image_id
      other than BL2_IMAGE_ID by using `bl1_plat_get_next_image_id()` in
      `bl1_main()`.
      
      NOTE: User MUST provide platform specific real definition for
      bl1_plat_mem_check() in order to use it for Firmware update.
      
      Change-Id: Ice189a0885d9722d9e1dd03f76cac1aceb0e25ed
      48bfb88e
    • Soby Mathew's avatar
      Introduce console_uninit() API in ARM Trusted Firmware · 487461cb
      Soby Mathew authored
      Allowing console base address to be set to NULL conveniently
      allows console driver to ignore further invocations to console_putc()
      and console_getc(). This patch adds `console_uninit()` API to the
      console driver which sets console base address as NULL. The BL images can
      invoke this API to finish the use of console and ignore any further
      invocations to print to the console.
      
      Change-Id: I00a1762b3e0b7c55f2be2f9c4c9bee3967189dde
      487461cb
  2. 08 Dec, 2015 1 commit
  3. 04 Dec, 2015 1 commit
    • Soby Mathew's avatar
      Rename GICv3 interrupt group macros · 03ffb6bd
      Soby Mathew authored
      This patch renames the GICv3 interrupt group macros from
      INT_TYPE_G0, INT_TYPE_G1S and INT_TYPE_G1NS to INTR_GROUP0,
      INTR_GROUP1S and INTR_GROUP1NS respectively.
      
      Change-Id: I40c66f589ce6234fa42205adcd91f7d6ad8f33d4
      03ffb6bd
  4. 27 Nov, 2015 2 commits
    • Vikram Kanigiri's avatar
      Fix TZC-400 peripheral detection · 609ebce4
      Vikram Kanigiri authored
      The TZC-400 driver implementation incorrectly uses the component
      ID registers to detect the TZC-400 peripheral. As all ARM
      peripherals share the same component ID, it doesn't allow to
      uniquely identify the TZC-400 peripheral. This patch fixes the
      TZC-400 driver by relying on the `part_number_0` and
      `part_number_1` fields in the `PID` registers instead.
      The `tzc_read_component_id` function has been replaced by
      `tzc_read_peripheral_id`, which reads the 'part_number' values
      and compares them with the TZC-400 peripheral ID.
      
      Also, it adds a debug assertion to detect when the TZC driver
      initialisation function is called multiple times.
      
      Change-Id: I35949f6501a51c0a794144cd1c3a6db62440dce6
      609ebce4
    • Juan Castillo's avatar
      Add a simple ARM SP805 watchdog driver · 38041973
      Juan Castillo authored
      Based on SP805 Programmer's model (ARM DDI 0270B). This driver
      provides three public APIs:
      
          void sp805_start(uintptr_t base, unsigned long ticks);
          void sp805_stop(uintptr_t base);
          void sp805_refresh(uintptr_t base, unsigned long ticks);
      
      Upon start, the watchdog starts counting down from the number of
      ticks specified. When the count reaches 0 an interrupt is triggered.
      The watchdog restarts counting down from the number of ticks
      specified. If the count reaches 0 again, the system is reset. A
      mechanism to handle the interrupt has not been implemented. Instead,
      the API to refresh the watchdog should be used instead to prevent a
      system reset.
      
      Change-Id: I799d53f8d1213b10b341a4a67fde6486e89a3dab
      38041973
  5. 26 Nov, 2015 2 commits
    • Soby Mathew's avatar
      Add ARM GICv2 driver · 464ce2bb
      Soby Mathew authored
      This patch adds a driver for ARM GICv2 systems, example GIC-400. Unlike
      the existing GIC driver in `include/drivers/arm/arm_gic.h`, this driver
      is optimised for GICv2 and does not support GICv3 systems in GICv2
      compatibility mode. The driver interface has been implemented in
      `drivers/arm/gic/v2/gicv2_main.c`. The corresponding header is in
      `include/drivers/arm/gicv2.h`. Helper functions are implemented in
      `drivers/arm/gic/v2/gicv2_helpers.c` and are accessible through the
      `drivers/arm/gic/v2/gicv2_private.h` header.
      
      Change-Id: I09fffa4e621fb99ba3c01204839894816cd89a2a
      464ce2bb
    • Achin Gupta's avatar
      Add ARM GICv3 driver without support for legacy operation · df373737
      Achin Gupta authored
      This patch adds a driver for ARM GICv3 systems that need to run software
      stacks where affinity routing is enabled across all privileged exception
      levels for both security states. This driver is a partial implementation
      of the ARM Generic Interrupt Controller Architecture Specification, GIC
      architecture version 3.0 and version 4.0 (ARM IHI 0069A). The driver does
      not cater for legacy support of interrupts and asymmetric configurations.
      
      The existing GIC driver has been preserved unchanged. The common code for
      GICv2 and GICv3 systems has been refactored into a new file,
      `drivers/arm/gic/common/gic_common.c`. The corresponding header is in
      `include/drivers/arm/gic_common.h`.
      
      The driver interface is implemented in `drivers/arm/gic/v3/gicv3_main.c`.
      The corresponding header is in `include/drivers/arm/gicv3.h`. Helper
      functions are implemented in `drivers/arm/gic/v3/arm_gicv3_helpers.c`
      and are accessible through the `drivers/arm/gic/v3/gicv3_private.h`
      header.
      
      Change-Id: I8c3c834a1d049d05b776b4dcb76b18ccb927444a
      df373737
  6. 02 Nov, 2015 1 commit
    • Juan Castillo's avatar
      Remove deprecated IO return definitions · e098e244
      Juan Castillo authored
      Patch 7e26fe1f deprecates IO specific return definitions in favour
      of standard errno codes. This patch removes those definitions
      and its usage from the IO framework, IO drivers and IO platform
      layer. Following this patch, standard errno codes must be used
      when checking the return value of an IO function.
      
      Change-Id: Id6e0e9d0a7daf15a81ec598cf74de83d5768650f
      e098e244
  7. 12 Oct, 2015 1 commit
    • Sandrine Bailleux's avatar
      Fix debug assertion in deprecated CCI-400 driver · 22b0eda5
      Sandrine Bailleux authored
      This patch fixes a copy and paste issue that resulted in the cluster
      indexes not being checked as intended. Note that this fix applies to
      the deprecated CCI-400 driver, not the unified one.
      
      Change-Id: I497132a91c236690e5eaff908f2db5c8c65e85ab
      22b0eda5
  8. 14 Sep, 2015 1 commit
    • Achin Gupta's avatar
      Add a generic driver for ARM CCN IP · fd6007de
      Achin Gupta authored
      This patch adds a device driver which can be used to program the following
      aspects of ARM CCN IP:
      
      1. Specify the mapping between ACE/ACELite/ACELite+DVM/CHI master interfaces and
         Request nodes.
      2. Add and remove master interfaces from the snoop and dvm
         domains.
      3. Place the L3 cache in a given power state.
      4. Configuring system adress map and enabling 3 SN striping mode of memory
         controller operation.
      
      Change-Id: I0f665c6a306938e5b66f6a92f8549b529aa8f325
      fd6007de
  9. 01 Sep, 2015 1 commit
    • Vikram Kanigiri's avatar
      Remove EL2/EL1 GICv3 register updates · 889fce42
      Vikram Kanigiri authored
      From Linux 3.17 onwards, the mainline kernel has support for GICv3
      systems and if EL3 exists, it only needs to initialise ICC_SRE_EL3.SRE
      and ICC_SRE_EL3.Enable to 1. Hence, this patch removes the redundant
      updates of ICC_SRE_EL2 and ICC_PMR_EL1.
      
      NOTE: For partner software's which enter kernel in EL1,
      ICC_SRE_EL2.Enable and ICC_SRE_EL2.SRE bit needs to be set to 1
      in EL2 before jumping to linux.
      
      Change-Id: I09ed47869351b08a3b034735f532bc677eaa6917
      889fce42
  10. 16 Jul, 2015 1 commit
    • Juan Castillo's avatar
      Fix bug in semihosting write function · 31833aff
      Juan Castillo authored
      The return value from the SYS_WRITE semihosting operation is 0 if
      the call is successful or the number of bytes not written, if there
      is an error. The implementation of the write function in the
      semihosting driver treats the return value as the number of bytes
      written, which is wrong. This patch fixes it.
      
      Change-Id: Id39dac3d17b5eac557408b8995abe90924c85b85
      31833aff
  11. 09 Jul, 2015 1 commit
    • Juan Castillo's avatar
      Use uintptr_t as base address type in ARM driver APIs · 02462972
      Juan Castillo authored
      This patch changes the type of the base address parameter in the
      ARM device driver APIs to uintptr_t (GIC, CCI, TZC400, PL011). The
      uintptr_t type allows coverage of the whole memory space and to
      perform arithmetic operations on the addresses. ARM platform code
      has also been updated to use uintptr_t as GIC base address in the
      configuration.
      
      Fixes ARM-software/tf-issues#214
      
      Change-Id: I1b87daedadcc8b63e8f113477979675e07d788f1
      02462972
  12. 25 Jun, 2015 4 commits
    • Juan Castillo's avatar
      TBB: add TBBR Chain of Trust · dff93c86
      Juan Castillo authored
      This patch adds a CoT based on the Trusted Board Boot Requirements
      document*. The CoT consists of an array of authentication image
      descriptors indexed by the image identifiers.
      
      A new header file with TBBR image identifiers has been added.
      Platforms that use the TBBR (i.e. ARM platforms) may reuse these
      definitions as part of their platform porting.
      
      PLATFORM PORT - IMPORTANT:
      
      Default image IDs have been removed from the platform common
      definitions file (common_def.h). As a consequence, platforms that
      used those common definitons must now either include the IDs
      provided by the TBBR header file or define their own IDs.
      
      *The NVCounter authentication method has not been implemented yet.
      
      Change-Id: I7c4d591863ef53bb0cd4ce6c52a60b06fa0102d5
      dff93c86
    • Juan Castillo's avatar
      TBB: add mbedTLS authentication related libraries · 7d37aa17
      Juan Castillo authored
      This patch adds the following mbedTLS based libraries:
      
      * Cryptographic library
      
      It is used by the crypto module to verify a digital signature
      and a hash. This library relies on mbedTLS to perform the
      cryptographic operations. mbedTLS sources must be obtained
      separately.
      
      Two key algorithms are currently supported:
      
          * RSA-2048
          * ECDSA-SECP256R1
      
      The platform is responsible for picking up the required
      algorithm by defining the 'MBEDTLS_KEY_ALG' variable in the
      platform makefile. Available options are:
      
          * 'rsa' (for RSA-2048) (default option)
          * 'ecdsa' (for ECDSA-SECP256R1)
      
      Hash algorithm currently supported is SHA-256.
      
      * Image parser library
      
      Used by the image parser module to extract the authentication
      parameters stored in X509v3 certificates.
      
      Change-Id: I597c4be3d29287f2f18b82846973afc142ee0bf0
      7d37aa17
    • Juan Castillo's avatar
      TBB: add authentication framework · 05799ae0
      Juan Castillo authored
      This patch adds the authentication framework that will be used as
      the base to implement Trusted Board Boot in the Trusted Firmware.
      The framework comprises the following modules:
      
      - Image Parser Module (IPM)
      
          This module is responsible for interpreting images, check
          their integrity and extract authentication information from
          them during Trusted Board Boot.
      
          The module currently supports three types of images i.e.
          raw binaries, X509v3 certificates and any type specific to
          a platform. An image parser library must be registered for
          each image type (the only exception is the raw image parser,
          which is included in the main module by default).
      
          Each parser library (if used) must export a structure in a
          specific linker section which contains function pointers to:
      
              1. Initialize the library
              2. Check the integrity of the image type supported by
                 the library
              3. Extract authentication information from the image
      
      - Cryptographic Module (CM)
      
          This module is responsible for verifying digital signatures
          and hashes. It relies on an external cryptographic library
          to perform the cryptographic operations.
      
          To register a cryptographic library, the library must use the
          REGISTER_CRYPTO_LIB macro, passing function pointers to:
      
              1. Initialize the library
              2. Verify a digital signature
              3. Verify a hash
      
          Failing to register a cryptographic library will generate
          a build time error.
      
      - Authentication Module (AM)
      
          This module provides methods to authenticate an image, like
          hash comparison or digital signatures. It uses the image parser
          module to extract authentication parameters, the crypto module
          to perform cryptographic operations and the Chain of Trust to
          authenticate the images.
      
          The Chain of Trust (CoT) is a data structure that defines the
          dependencies between images and the authentication methods
          that must be followed to authenticate an image.
      
      The Chain of Trust, when added, must provide a header file named
      cot_def.h with the following definitions:
      
      - COT_MAX_VERIFIED_PARAMS
      
          Integer value indicating the maximum number of authentication
          parameters an image can present. This value will be used by the
          authentication module to allocate the memory required to load
          the parameters in the image descriptor.
      
      Change-Id: Ied11bd5cd410e1df8767a1df23bb720ce7e58178
      05799ae0
    • Juan Castillo's avatar
      Use numbers to identify images instead of names · 16948ae1
      Juan Castillo authored
      The Trusted firmware code identifies BL images by name. The platform
      port defines a name for each image e.g. the IO framework uses this
      mechanism in the platform function plat_get_image_source(). For
      a given image name, it returns the handle to the image file which
      involves comparing images names. In addition, if the image is
      packaged in a FIP, a name comparison is required to find the UUID
      for the image. This method is not optimal.
      
      This patch changes the interface between the generic and platform
      code with regard to identifying images. The platform port must now
      allocate a unique number (ID) for every image. The generic code will
      use the image ID instead of the name to access its attributes.
      
      As a result, the plat_get_image_source() function now takes an image
      ID as an input parameter. The organisation of data structures within
      the IO framework has been rationalised to use an image ID as an index
      into an array which contains attributes of the image such as UUID and
      name. This prevents the name comparisons.
      
      A new type 'io_uuid_spec_t' has been introduced in the IO framework
      to specify images identified by UUID (i.e. when the image is contained
      in a FIP file). There is no longer need to maintain a look-up table
      [iname_name --> uuid] in the io_fip driver code.
      
      Because image names are no longer mandatory in the platform port, the
      debug messages in the generic code will show the image identifier
      instead of the file name. The platforms that support semihosting to
      load images (i.e. FVP) must provide the file names as definitions
      private to the platform.
      
      The ARM platform ports and documentation have been updated accordingly.
      All ARM platforms reuse the image IDs defined in the platform common
      code. These IDs will be used to access other attributes of an image in
      subsequent patches.
      
      IMPORTANT: applying this patch breaks compatibility for platforms that
      use TF BL1 or BL2 images or the image loading code. The platform port
      must be updated to match the new interface.
      
      Change-Id: I9c1b04cb1a0684c6ee65dee66146dd6731751ea5
      16948ae1
  13. 18 Jun, 2015 1 commit
    • Ryan Harkin's avatar
      Add SP804 delay timer driver · cc58b2d0
      Ryan Harkin authored
      
      
      Add a delay timer driver for the ARM SP804 dual timer.
      
      This driver only uses the first timer, called timer 1 in the
      SP804 Technical Reference Manual (ARM DDI 0271D).
      
      To use this driver, the BSP must provide three constants:
      
      *   The base address of the SP804 dual timer
      *   The clock multiplier
      *   The clock divider
      
      The BSP is responsible for calling sp804_timer_init(). The SP804
      driver instantiates a constant timer_ops_t and calls the generic
      timer_init().
      
      Change-Id: I49ba0a52bdf6072f403d1d0a20e305151d4bc086
      Co-authored-by: default avatarDan Handley <dan.handley@arm.com>
      cc58b2d0
  14. 17 Jun, 2015 1 commit
    • Ryan Harkin's avatar
      Add a simple delay timer driver API · 9055c7d1
      Ryan Harkin authored
      
      
      The API is simple. The BSP or specific timer driver creates an
      instance of timer_ops_t, fills in the timer specific data, then calls
      timer_init(). The timer specific data includes a function pointer
      to return the timer value and a clock multiplier/divider. The ratio
      of the multiplier and the divider is the clock frequency in MHz.
      
      After that, mdelay() or udelay() can be called to delay execution for
      the specified time (milliseconds or microseconds, respectively).
      
      Change-Id: Icf8a295e1d25874f789bf28b7412156329dc975c
      Co-authored-by: default avatarDan Handley <dan.handley@arm.com>
      9055c7d1
  15. 29 May, 2015 1 commit
  16. 19 May, 2015 1 commit
    • Achin Gupta's avatar
      Fix reporting of interrupt ID in ARM GIC driver · ca0225a5
      Achin Gupta authored
      The ARM GIC driver treats the entire contents of the GICC_HPPIR as the interrupt
      ID instead of just bits[9:0]. This could result in an SGI being treated as a
      Group 1 interrupt on a GICv2 system.
      
      This patch introduces a mask to retrieve only the ID from a read of GICC_HPPIR,
      GICC_IAR and similar registers. The value read from these registers is masked
      with this constant prior to use as an interrupt ID.
      
      Fixes ARM-software/tf-issues#306
      
      Change-Id: Ie3885157de33b71df9781a41f6ef015a30c4608d
      ca0225a5
  17. 28 Apr, 2015 1 commit
    • Dan Handley's avatar
      Separate out common console functionality · d3b638cb
      Dan Handley authored
      Separate out the common console functionality in
      `drivers/arm/pl011/pl011_console.S` into a new source file
      `drivers/console/console.S`. The former includes the latter to
      provide backwards compatibility for platform make files.
      
      Also add a skeleton console implementation for platforms that do not
      want to use PL011.
      
      Change-Id: I1ff963b2b54a872fbcf1eb0700797b9e9afa2538
      d3b638cb
  18. 27 Apr, 2015 1 commit
    • Dan Handley's avatar
      Add TZC function to configure region 0 · 71a84445
      Dan Handley authored
      Region 0 is special in TZC-400. It is possible to set the access
      permissions for this but not the address range or filters to which
      the permissions apply. Add a function for setting the region 0
      access permissions.
      
      Also add some VERBOSE logging and allow assembly files to include
      the TZC header.
      
      Change-Id: I4389261ba10a6e5e2e43ee93d55318dc507b6648
      71a84445
  19. 08 Apr, 2015 1 commit
    • Kévin Petit's avatar
      Add support to indicate size and end of assembly functions · 8b779620
      Kévin Petit authored
      
      
      In order for the symbol table in the ELF file to contain the size of
      functions written in assembly, it is necessary to report it to the
      assembler using the .size directive.
      
      To fulfil the above requirements, this patch introduces an 'endfunc'
      macro which contains the .endfunc and .size directives. It also adds
      a .func directive to the 'func' assembler macro.
      
      The .func/.endfunc have been used so the assembler can fail if
      endfunc is omitted.
      
      Fixes ARM-Software/tf-issues#295
      
      Change-Id: If8cb331b03d7f38fe7e3694d4de26f1075b278fc
      Signed-off-by: default avatarKévin Petit <kevin.petit@arm.com>
      8b779620
  20. 20 Mar, 2015 1 commit
    • Achin Gupta's avatar
      Set group status of PPIs and SGIs correctly on GICv3 systems · 8cfc3fd2
      Achin Gupta authored
      On a GICv2 system, the group status of PPIs and SGIs is set in the GICD_IGROUPR0
      register. On a GICv3 system, if affinity routing is enabled for the non-secure
      state, then the group status of PPIs and SGIs should be set in the GICR_IGROUPR0
      register. ARM Trusted firmware sets the group status using the GICv2
      sequence. On a GICv3 system, if the group status of an interrupt is set to Group
      1 through a write to the GICD_IGROUPR0, then the GICR_IGROUPR0 is updated as
      well.
      
      The current sequence is incorrect since it first marks all PPIs and SGIs as
      Group 1. It then clears the bits in GICD_IGROUPR0 corresponding to secure
      interrupts to set their group status to Group 0. This operation is a no-op. It
      leaves the secure generic timer interrupt (#29) used by the TSP marked as Group
      1. This causes the interrupt to interfere with the execution of non-secure
      software. Once an interrupt has been marked as Group 1, the GICR_IGROUPR0 should
      be programmed to change its group status.
      
      This patch rectifies this issue by setting the group status of only the
      non-secure PPI and SGIs to Group 1 in the first place. GICD_IGROUPR0 resets to
      0. So secure interrupts are marked as Group 0 by default.
      
      Change-Id: I958b4b15f3e2b2444ce4c17764def36216498d00
      8cfc3fd2
  21. 16 Mar, 2015 2 commits
    • Vikram Kanigiri's avatar
      Common driver for ARM Cache Coherent Interconnects · 23e47ede
      Vikram Kanigiri authored
      Even though both CCI-400 and CCI-500 IPs have different configurations
      with respect to the number and types of supported interfaces, their
      register offsets and programming sequences are similar. This patch
      creates a common driver for enabling and disabling snoop transactions
      and DVMs with both the IPs.
      
      New platform ports which implement one of these IPs should use this
      common driver. Existing platform ports which implement CCI-400 should
      migrate to the common driver as the standalone CCI-400 will be
      deprecated in the future.
      
      Change-Id: I3ccd0eb7b062922d2e4a374ff8c21e79fa357556
      23e47ede
    • Vikram Kanigiri's avatar
      Add macro to calculate number of elements in an array · a7e98ad5
      Vikram Kanigiri authored
      This patch defines the ARRAY_SIZE macro for calculating number of elements
      in an array and uses it where appropriate.
      
      Change-Id: I72746a9229f0b259323972b498b9a3999731bc9b
      a7e98ad5
  22. 28 Jan, 2015 2 commits
    • Juan Castillo's avatar
      TBB: authenticate BL3-x images and certificates · dec840af
      Juan Castillo authored
      This patch adds support to authenticate the Trusted Key certificate
      and the BL3-x certificates and images at BL2.
      
      Change-Id: I69a8c13a14c8da8b75f93097d3a4576aed71c5dd
      dec840af
    • Juan Castillo's avatar
      TBB: authenticate BL2 image and certificate · 01df3c14
      Juan Castillo authored
      This patch adds support to authenticate the BL2 content certificate
      and image using the authentication module in BL1.
      
      The FIP driver has been extended to include the BL2 certificate
      UUID.
      
      FVP and Juno ports include the BL2 certificate FIP file
      definition.
      
      Change-Id: I32680e9bd123c8db4a4193c14448c9b32b0e9325
      01df3c14
  23. 31 Oct, 2014 1 commit
    • Juan Castillo's avatar
      Improvements to ARM GIC driver · eb57fa56
      Juan Castillo authored
      This patch introduces several improvements to the ARM GIC driver:
      
      * In function gicd_set_itargetsr(), target CPU is specified using
        the same bit mask detailed in the GICD_ITARGETSRn register instead
        of the CPU linear ID, removing the dependency between bit position
        and linear ID in the platform porting. The current CPU bit mask
        may be obtained by reading GICD_ITARGETSR0.
      
      * PPIs and SGIs are initialized in arm_gic_pcpu_distif_setup().
        SPIs are initialized in arm_gic_distif_setup().
      
      * By default, non secure interrupts are assigned the maximum
        priority allowed to a non secure interrupt (defined by
        GIC_HIGHEST_NS_PRIORITY).
      
      * GICR base address is allowed to be NULL for GICv1 and GICv2.
      
      Change-Id: Ie2837fe860d43b2282e582dfdb13c39c6186f232
      eb57fa56
  24. 14 Oct, 2014 1 commit
    • Juan Castillo's avatar
      Juno: Reserve some DDR-DRAM for secure use · 740134e6
      Juan Castillo authored
      This patch configures the TrustZone Controller in Juno to split
      the 2GB DDR-DRAM memory at 0x80000000 into Secure and Non-Secure
      regions:
      
      - Secure DDR-DRAM: top 16 MB, except for the last 2 MB which are
        used by the SCP for DDR retraining
      - Non-Secure DDR-DRAM: remaining DRAM starting at base address
      
      Build option PLAT_TSP_LOCATION selects the location of the secure
      payload (BL3-2):
      
      - 'tsram' : Trusted SRAM (default option)
      - 'dram'  : Secure region in the DDR-DRAM (set by the TrustZone
                  controller)
      
      The MMU memory map has been updated to give BL2 permission to load
      BL3-2 into the DDR-DRAM secure region.
      
      Fixes ARM-software/tf-issues#233
      
      Change-Id: I6843fc32ef90aadd3ea6ac4c7f314f8ecbd5d07b
      740134e6
  25. 14 Aug, 2014 3 commits
    • Dan Handley's avatar
      Simplify interface to TZC-400 driver · 3279f625
      Dan Handley authored
      The TZC-400 driver previously allowed the possibility of multiple
      controller instances to be present in the same executable. This
      was unnecessary since there will only ever be one instance.
      
      This change simplifies the tzc_init() function to only take the
      base address argument needed by implementation, conforming to the
      driver initialization model of other drivers. It also hides some
      of the implementation details that were previously exposed by the
      API.
      
      The FVP port has been updated accordingly.
      
      THIS CHANGE REQUIRES ALL PLATFORM PORTS THAT USE THE TZC-400
      DRIVER TO BE UPDATED
      
      Fixes ARM-software/tf-issues#181
      
      Change-Id: I7b721edf947064989958d8f457d6462d92e742c8
      3279f625
    • Dan Handley's avatar
      Move IO storage source to drivers directory · 935db693
      Dan Handley authored
      Move the remaining IO storage source file (io_storage.c) from the
      lib to the drivers directory. This requires that platform ports
      explicitly add this file to the list of source files.
      
      Also move the IO header files to a new sub-directory, include/io.
      
      Change-Id: I862b1252a796b3bcac0d93e50b11e7fb2ded93d6
      935db693
    • Dan Handley's avatar
      Remove platform dependency in CCI-400 driver · cae3ef99
      Dan Handley authored
      * Create cci_init() function in CCI-400 driver to allow platform
        to provide arguments needed by the driver (i.e. base address
        and cluster indices for the ACE slave interfaces).
      
      * Rename cci_(en|dis)able_coherency to
        cci_(en|dis)able_cluster_coherency to make it clear that
        the driver only enables/disables the coherency of CPU
        clusters and not other devices connected to the CCI-400.
      
      * Update FVP port to use new cci_init() function and remove
        unnecessary CCI defintions from platform_def.h. Also rename
        fvp_cci_setup() to fvp_cci_enable() to more clearly
        differentiate between CCI initialization and enabling.
      
      THIS CHANGE REQUIRES PLATFORM PORTS THAT USE THE CCI-400 DRIVER
      TO BE UPDATED
      
      Fixes ARM-software/tf-issues#168
      
      Change-Id: I1946a51409b91217b92285b6375082619f607fec
      cae3ef99
  26. 12 Aug, 2014 1 commit
    • Dan Handley's avatar
      Rationalize console log output · 6ad2e461
      Dan Handley authored
      Fix the following issues with the console log output:
      
      * Make sure the welcome string is the first thing in the log output
      (during normal boot).
      * Prefix each message with the BL image name so it's clear which
      BL the output is coming from.
      * Ensure all output is wrapped in one of the log output macros so it can
      be easily compiled out if necessary. Change some of the INFO() messages
      to VERBOSE(), especially in the TSP.
      * Create some extra NOTICE() and INFO() messages during cold boot.
      * Remove all usage of \r in log output.
      
      Fixes ARM-software/tf-issues#231
      
      Change-Id: Ib24f7acb36ce64bbba549f204b9cde2dbb46c8a3
      6ad2e461
  27. 28 Jul, 2014 3 commits
    • Juan Castillo's avatar
      Rework incorrect use of assert() and panic() in codebase · d3280beb
      Juan Castillo authored
      Assert a valid security state using the macro sec_state_is_valid().
      Replace assert() with panic() in those cases that might arise
      because of runtime errors and not programming errors.
      Replace panic() with assert() in those cases that might arise
      because of programming errors.
      
      Fixes ARM-software/tf-issues#96
      
      Change-Id: I51e9ef0439fd5ff5e0edfef49050b69804bf14d5
      d3280beb
    • Soby Mathew's avatar
      Parametrize baudrate and UART clock during console_init() · 462c8350
      Soby Mathew authored
      This patch adds baud rate and UART clock frequency as parameters
      to the pl011 driver api console_init(). This allows each platform
      to specify UART clock and baud rate according to their specific
      hardware implementation.
      
      Fixes ARM-software/tf-issues#215
      
      Change-Id: Id13eef70a1c530e709b34dd1e6eb84db0797ced2
      462c8350
    • Soby Mathew's avatar
      Introduce asm console functions in TF · fce5f750
      Soby Mathew authored
      This patch replaces the pl011 console family of functions
      with their equivalents defined in assembly. The baud rate is
      defined by the PL011_BAUDRATE macro and IBRD and FBRD values
      for pl011 are computed statically. This patch will enable
      us to invoke the console functions without the C Runtime Stack.
      
      Change-Id: Ic3f7b7370ded38bf9020bf746b362081b76642c7
      fce5f750
  28. 10 Jul, 2014 1 commit
    • Sandrine Bailleux's avatar
      Add support for BL3-0 image · 93d81d64
      Sandrine Bailleux authored
       - Add support for loading a BL3-0 image in BL2. Information about
         memory extents is populated by platform-specific code. Subsequent
         handling of BL3-0 is also platform specific.
         The BL2 main function has been broken down to improve readability.
         The BL3-2 image is now loaded before the BL3-3 image to align with
         the boot flow.
      
       - Build system: Add support for specifying a BL3-0 image that will be
         included into the FIP image.
      
       - IO FIP driver: Add support for identifying a BL3-0 image inside a
         FIP image.
      
       - Update the documentation to reflect the above changes.
      
      Change-Id: I067c184afd52ccaa86569f13664757570c86fc48
      93d81d64