1. 18 Dec, 2019 1 commit
  2. 02 Dec, 2019 1 commit
    • zelalem-aweke's avatar
      Enable Link Time Optimization in GCC · edbce9aa
      zelalem-aweke authored
      
      
      This patch enables LTO for TF-A when compiled with GCC.
      LTO is disabled by default and is enabled by
      ENABLE_LTO=1 build option.
      
      LTO is enabled only for aarch64 as there seem to be
      a bug in the aarch32 compiler when LTO is enabled.
      
      The changes in the makefiles include:
      - Adding -flto and associated flags to enable LTO.
      - Using gcc as a wrapper at link time instead of ld.
        This is recommended when using LTO as gcc internally
        takes care of invoking the necessary plugins for LTO.
      - Adding switches to pass options to ld.
      - Adding a flag to disable fix for erratum cortex-a53-843419
        unless explicitly enabled. This is needed because GCC
        seem to automatically add the erratum fix when used
        as a wrapper for LD.
      
      Additionally, this patch updates the TF-A user guide with
      the new build option.
      Signed-off-by: default avatarzelalem-aweke <zelalem.aweke@arm.com>
      Change-Id: I1188c11974da98434b7dc9344e058cd1eacf5468
      edbce9aa
  3. 27 Nov, 2019 1 commit
    • Paul Beesley's avatar
      doc: Split the User Guide into multiple files · 43f35ef5
      Paul Beesley authored
      
      
      The User Guide document has grown organically over time and
      now covers a wide range of topics, making it difficult to
      skim read and extract information from. Currently, it covers
      these topics and maybe a couple more:
      
      - Requirements (hardware, tools, libs)
      - Checking out the repo
      - Basic build instructions
      - A comprehensive list of build flags
      - FIP packaging
      - Building specifically for Juno
      - Firmware update images
      - EL3 payloads
      - Preloaded BL33 boot flow
      - Running on FVPs
      - Running on Juno
      
      I have separated these out into a few groups that become new
      documents. Broadly speaking, build instructions for the tools,
      for TF-A generally, and for specific scenarios are separated.
      Content relating to specific platforms (Juno and the FVPs are
      Arm-specific platforms, essentially) has been moved into the
      documentation that is specific to those platforms, under
      docs/plat/arm.
      
      Change-Id: Ica87c52d8cd4f577332be0b0738998ea3ba3bbec
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      43f35ef5
  4. 26 Nov, 2019 1 commit
  5. 19 Nov, 2019 1 commit
  6. 18 Nov, 2019 1 commit
  7. 14 Nov, 2019 1 commit
  8. 13 Nov, 2019 1 commit
  9. 04 Nov, 2019 1 commit
  10. 28 Oct, 2019 1 commit
    • Sandrine Bailleux's avatar
      doc: Fix syntax erros in I/O storage layer plantuml diagrams · ec477e7d
      Sandrine Bailleux authored
      Some of the plantuml diagrams in the I/O storage abstraction layer
      documentation are absent from the rendered version of the porting
      guide. The build log (see [1] for example) reports a syntax error in
      these files. This is due to the usage of the 'order' keyword on the
      participants list, which does not seem to be supported by the version
      of plantuml installed on the ReadTheDocs server.
      
      Fix these syntax errors by removing the 'order' keyword altogether. We
      simply rely on the participants being declared in the desired order,
      which will be the order of display, according to the plantuml
      documentation.
      
      [1] https://readthedocs.org/api/v2/build/9870345.txt
      
      
      
      Change-Id: Ife35c74cb2f1dac28bda07df395244639a8d6a2b
      Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
      ec477e7d
  11. 22 Oct, 2019 3 commits
  12. 21 Oct, 2019 3 commits
    • laurenw-arm's avatar
      Update change log for v2.2 Release · 77caea29
      laurenw-arm authored
      
      Signed-off-by: default avatarLauren Wehrmeister <lauren.wehrmeister@arm.com>
      Change-Id: I53a7706016539e7de7fdbe87b786d99665bbe1d8
      77caea29
    • Paul Beesley's avatar
      doc: Move platform list to the Platform Ports index page · 5e6b4163
      Paul Beesley authored
      
      
      The list of upstream platforms on the index page is growing
      quite long, especially with all the FVP variants being listed
      individually.
      
      This patch leverages the "Platform Ports" chapter in the docs
      table of contents to condense this information. Almost all
      platform ports now have documentation, so the table of
      contents serves as the list of upstream platforms by itself.
      
      For those upstream platforms that do not have corresponding
      documentation, the top-level "Platform Ports" page mentions
      them individually. It also mentions each Arm FVP, just as
      the index page did before.
      
      Note that there is an in-progress patch that creates new
      platform port documentation for the Arm Juno and Arm FVP
      platforms, so this list of "other platforms" will soon be
      reduced further as those platforms become part of the
      table of contents as well.
      
      Change-Id: I6b1eab8cba71a599d85a6e22553a34b07f213268
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      5e6b4163
    • Paul Beesley's avatar
      doc: Move "About" content from index.rst to a new chapter · 8eb9490b
      Paul Beesley authored
      
      
      The index.rst page is now the primary landing page for the TF-A
      documentation. It contains quite a lot of content these days,
      including:
      
      - The project purpose and general intro
      - A list of functionality
      - A list of planned functionality
      - A list of supported platforms
      - "Getting started" links to other documents
      - Contact information for raising issues
      
      This patch creates an "About" chapter in the table
      of contents and moves some content there. In order,
      the above listed content:
      
      - Stayed where it is. This is the right place for it.
      - Moved to About->Features
      - Moved to About->Features (in subsection)
      - Stayed where it is. Moved in a later patch.
      - Was expanded in-place
      - Moved to About->Contact
      
      Change-Id: I254bb87560fd09140b9e485cf15246892aa45943
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      8eb9490b
  13. 17 Oct, 2019 1 commit
    • Paul Beesley's avatar
      doc: Remove version and release variables from conf.py · 206c077b
      Paul Beesley authored
      
      
      We would need to update this version for the release but, in fact,
      it is not required for our publishing workflow; the hosted version
      of the docs uses git commit/tag information in place of these
      variables anyway.
      
      Instead of updating the version, just remove these variables
      entirely.
      
      Change-Id: I424c4e45786e87604e91c7197b7983579afe4806
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      206c077b
  14. 15 Oct, 2019 2 commits
    • Artsem Artsemenka's avatar
      Fix documentation · 434d93d9
      Artsem Artsemenka authored
      
      
      User guide:
      1. Remove obsolete note saying only FVP is supported with AArch32
      2. Switch compiler for Juno AArch32 to arm-eabi
      3. Mention SOFTWARE folder in Juno Linaro release
      
      Index.rst:
      1. Switch default FVP model to Version 11.6 Build 45
      Signed-off-by: default avatarArtsem Artsemenka <artsem.artsemenka@arm.com>
      Change-Id: Ib47a2ea314e2b8394a20189bf91796de0e17de53
      434d93d9
    • Paul Beesley's avatar
      doc: Update Linaro release mentioned on index page · 9ec4afc8
      Paul Beesley authored
      The version of the Linaro release that is used for testing was
      updated in 35010bb8
      
       and the user guide was updated with the
      correct version, however the version is also mentioned on the
      index page and that was missed. Update the index page with the
      new version.
      
      We can come back and de-duplicate this content later, to ease
      future maintenance.
      
      Change-Id: I3fe83d7a1c59ab8d3ce2b18bcc23e16c93f7af97
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      9ec4afc8
  15. 11 Oct, 2019 1 commit
  16. 09 Oct, 2019 1 commit
  17. 08 Oct, 2019 2 commits
    • Paul Beesley's avatar
      doc: De-duplicate readme and license files · 8cc36aec
      Paul Beesley authored
      
      
      The readme.rst and license.rst files in the project root overlap
      with the index.rst and license.rst files in the docs/ folder. We
      need to use the latter when building the documentation, as Sphinx
      requires all included files to be under a common root. However,
      the files in the root are currently used by the cgit and Github
      viewers.
      
      Using symlinks in Git presents some difficulties so the best
      course of action is likely to leave these files but in stub form.
      
      The license.rst file in the root will simply tell the reader to
      refer to docs/license.rst.
      
      The readme.rst file will contain a small amount of content that
      is derived from the docs/index.rst file, so that the Github main
      page will have something valid to show, but it will also contain
      a link to the full documentation on ReadTheDocs.
      
      Change-Id: I6dc46f08777e8d7ecb32ca7afc07a28486c9f77a
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      8cc36aec
    • Paul Beesley's avatar
      doc: Convert internal links to RST format · 34760951
      Paul Beesley authored
      
      
      Currently links between documents are using the format:
      
      <path/to/><filename>.rst
      
      This was required for services like GitHub because they render each
      document in isolation - linking to another document is like linking
      to any other file, just provide the full path.
      
      However, with the new approach, the .rst files are only the raw
      source for the documents. Once the documents have been rendered
      the output is now in another format (HTML in our case) and so,
      when linking to another document, the link must point to the
      rendered version and not the .rst file.
      
      The RST spec provides a few methods for linking between content.
      The parent of this patch enabled the automatic creation of anchors
      for document titles - we will use these anchors as the targets for
      our links. Additional anchors can be added by hand if needed, on
      section and sub-section titles, for example.
      
      An example of this new format, for a document with the title
      "Firmware Design" is :ref:`Firmware Design`.
      
      One big advantage of this is that anchors are not dependent on
      paths. We can then move documents around, even between directories,
      without breaking any links between documents. Links will need to be
      updated only if the title of a document changes.
      
      Change-Id: I9e2340a61dd424cbd8fd1ecc2dc166f460d81703
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      34760951
  18. 07 Oct, 2019 1 commit
  19. 04 Oct, 2019 2 commits
    • laurenw-arm's avatar
      Neoverse N1 Errata Workaround 1542419 · 80942622
      laurenw-arm authored
      
      
      Coherent I-cache is causing a prefetch violation where when the core
      executes an instruction that has recently been modified, the core might
      fetch a stale instruction which violates the ordering of instruction
      fetches.
      
      The workaround includes an instruction sequence to implementation
      defined registers to trap all EL0 IC IVAU instructions to EL3 and a trap
      handler to execute a TLB inner-shareable invalidation to an arbitrary
      address followed by a DSB.
      Signed-off-by: default avatarLauren Wehrmeister <lauren.wehrmeister@arm.com>
      Change-Id: Ic3b7cbb11cf2eaf9005523ef5578a372593ae4d6
      80942622
    • Soby Mathew's avatar
      Fix the CAS spinlock implementation · c97cba4e
      Soby Mathew authored
      
      
      Make the spinlock implementation use ARMv8.1-LSE CAS instruction based
      on a platform build option. The CAS-based implementation used to be
      unconditionally selected for all ARM8.1+ platforms.
      
      The previous CAS spinlock implementation had a bug wherein the spin_unlock()
      implementation had an `sev` after `stlr` which is not sufficient. A dsb is
      needed to ensure that the stlr completes prior to the sev. Having a dsb is
      heavyweight and a better solution would be to use load exclusive semantics
      to monitor the lock and wake up from wfe when a store happens to the lock.
      The patch implements the same.
      
      Change-Id: I5283ce4a889376e4cc01d1b9d09afa8229a2e522
      Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      Signed-off-by: default avatarOlivier Deprez <olivier.deprez@arm.com>
      c97cba4e
  20. 02 Oct, 2019 1 commit
  21. 01 Oct, 2019 1 commit
    • Radoslaw Biernacki's avatar
      qemu/qemu_sbsa: Adding Qemu SBSA platform · 558a6f44
      Radoslaw Biernacki authored
      
      
      This patch introduces Qemu SBSA platform.
      Both platform specific files where copied from qemu/qemu with changes for
      DRAM base above 32bit and removal of ARMv7 conditional defines/code.
      Documentation is aligned to rest of SBSA patches along the series and
      planed changes in edk2-platform repo.
      
      Fixes ARM-software/tf-issues#602
      Signed-off-by: default avatarRadoslaw Biernacki <radoslaw.biernacki@linaro.org>
      Change-Id: I8ebc34eedb2268365e479ef05654b2df1b99128c
      558a6f44
  22. 30 Sep, 2019 1 commit
  23. 26 Sep, 2019 2 commits
  24. 25 Sep, 2019 2 commits
    • Paul Beesley's avatar
      doc: Fix platform port inclusion · f1e0f152
      Paul Beesley authored
      
      
      This patch:
      
      - Adds any leftover platform ports that were not having their
        documentation built (not in the index.rst table of contents)
      - Corrects a handful of RST formatting errors that cause poor
        rendering
      - Reorders the list of platforms so that they are displayed
        in alphabetical order
      
      Change-Id: If8c135a822d581c3c5c4fca2936d501ccfd2e94c
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      f1e0f152
    • Andre Przywara's avatar
      rpi4: Add initial documentation file · e0dea671
      Andre Przywara authored
      
      
      As the Raspberry Pi4 port is now in a usable state, add the build
      instructions together with some background information to the
      documentation directory.
      The port differs quite a bit from the Raspberry Pi 3, so we use a
      separate file for that.
      
      Change-Id: I7d9f5967fdf3ec3bfe97d78141f59cbcf03388d4
      Signed-off-by: default avatarAndre Przywara <andre.przywara@arm.com>
      e0dea671
  25. 20 Sep, 2019 1 commit
    • Paul Beesley's avatar
      doc: Render Marvell platform documents · 2966defa
      Paul Beesley authored
      
      
      The documentation for Marvell platforms was not included in the
      rendered document output until now because, while it was mostly
      valid RST format, the files were saved with a .txt extension.
      
      This patch corrects some RST formatting errors, creates a document
      tree (index page) for the Marvell documents, and adds the Marvell
      subtree to the main index.
      
      Change-Id: Id7d4ac37eded636f8f62322a153e1e5f652ff51a
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      2966defa
  26. 18 Sep, 2019 1 commit
  27. 13 Sep, 2019 1 commit
    • Alexei Fedorov's avatar
      Refactor ARMv8.3 Pointer Authentication support code · ed108b56
      Alexei Fedorov authored
      
      
      This patch provides the following features and makes modifications
      listed below:
      - Individual APIAKey key generation for each CPU.
      - New key generation on every BL31 warm boot and TSP CPU On event.
      - Per-CPU storage of APIAKey added in percpu_data[]
        of cpu_data structure.
      - `plat_init_apiakey()` function replaced with `plat_init_apkey()`
        which returns 128-bit value and uses Generic timer physical counter
        value to increase the randomness of the generated key.
        The new function can be used for generation of all ARMv8.3-PAuth keys
      - ARMv8.3-PAuth specific code placed in `lib\extensions\pauth`.
      - New `pauth_init_enable_el1()` and `pauth_init_enable_el3()` functions
        generate, program and enable APIAKey_EL1 for EL1 and EL3 respectively;
        pauth_disable_el1()` and `pauth_disable_el3()` functions disable
        PAuth for EL1 and EL3 respectively;
        `pauth_load_bl31_apiakey()` loads saved per-CPU APIAKey_EL1 from
        cpu-data structure.
      - Combined `save_gp_pauth_registers()` function replaces calls to
        `save_gp_registers()` and `pauth_context_save()`;
        `restore_gp_pauth_registers()` replaces `pauth_context_restore()`
        and `restore_gp_registers()` calls.
      - `restore_gp_registers_eret()` function removed with corresponding
        code placed in `el3_exit()`.
      - Fixed the issue when `pauth_t pauth_ctx` structure allocated space
        for 12 uint64_t PAuth registers instead of 10 by removal of macro
        CTX_PACGAKEY_END from `include/lib/el3_runtime/aarch64/context.h`
        and assigning its value to CTX_PAUTH_REGS_END.
      - Use of MODE_SP_ELX and MODE_SP_EL0 macro definitions
        in `msr	spsel`  instruction instead of hard-coded values.
      - Changes in documentation related to ARMv8.3-PAuth and ARMv8.5-BTI.
      
      Change-Id: Id18b81cc46f52a783a7e6a09b9f149b6ce803211
      Signed-off-by: default avatarAlexei Fedorov <Alexei.Fedorov@arm.com>
      ed108b56
  28. 12 Sep, 2019 3 commits
    • Justin Chadwell's avatar
      Remove RSA PKCS#1 v1.5 support from cert_tool · 6a415a50
      Justin Chadwell authored
      Support for PKCS#1 v1.5 was deprecated in SHA 1001202d and fully removed
      in SHA fe199e3b
      
      , however, cert_tool is still able to generate
      certificates in that form. This patch fully removes the ability for
      cert_tool to generate these certificates.
      
      Additionally, this patch also fixes a bug where the issuing certificate
      was a RSA and the issued certificate was EcDSA. In this case, the issued
      certificate would be signed using PKCS#1 v1.5 instead of RSAPSS per
      PKCS#1 v2.1, preventing TF-A from verifying the image signatures. Now
      that PKCS#1 v1.5 support is removed, all certificates that are signed
      with RSA now use the more modern padding scheme.
      
      Change-Id: Id87d7d915be594a1876a73080528d968e65c4e9a
      Signed-off-by: default avatarJustin Chadwell <justin.chadwell@arm.com>
      6a415a50
    • Justin Chadwell's avatar
      Add documentation for new KEY_SIZE option · f29213d9
      Justin Chadwell authored
      
      
      This patch adds documentation for the new KEY_SIZE build option that is
      exposed by cert_create, and instructions on how to use it.
      
      Change-Id: I09b9b052bfdeeaca837e0f0026e2b01144f2472c
      Signed-off-by: default avatarJustin Chadwell <justin.chadwell@arm.com>
      f29213d9
    • Hadi Asyrafi's avatar
      Invalidate dcache build option for bl2 entry at EL3 · b90f207a
      Hadi Asyrafi authored
      
      
      Some of the platform (ie. Agilex) make use of CCU IPs which will only be
      initialized during bl2_el3_early_platform_setup. Any operation to the
      cache beforehand will crash the platform. Hence, this will provide an
      option to skip the data cache invalidation upon bl2 entry at EL3
      Signed-off-by: default avatarHadi Asyrafi <muhammad.hadi.asyrafi.abdul.halim@intel.com>
      Change-Id: I2c924ed0589a72d0034714c31be8fe57237d1f06
      b90f207a
  29. 11 Sep, 2019 1 commit
    • Justin Chadwell's avatar
      Add UBSAN support and handlers · 1f461979
      Justin Chadwell authored
      
      
      This patch adds support for the Undefined Behaviour sanitizer. There are
      two types of support offered - minimalistic trapping support which
      essentially immediately crashes on undefined behaviour and full support
      with full debug messages.
      
      The full support relies on ubsan.c which has been adapted from code used
      by OPTEE.
      
      Change-Id: I417c810f4fc43dcb56db6a6a555bfd0b38440727
      Signed-off-by: default avatarJustin Chadwell <justin.chadwell@arm.com>
      1f461979