- 24 Jun, 2020 1 commit
-
-
Manish V Badarkhe authored
Moved BL2 configuration nodes from fw_config to newly created tb_fw_config device tree. fw_config device tree's main usage is to hold properties shared across all BLx images. An example is the "dtb-registry" node, which contains the information about the other device tree configurations (load-address, size). Also, Updated load-address of tb_fw_config which is now located after fw_config in SRAM. Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com> Change-Id: Ic398c86a4d822dacd55b5e25fd41d4fe3888d79a
-
- 09 Jun, 2020 2 commits
-
-
Madhukar Pappireddy authored
Using the fconf framework, the Group 0 and Group 1 secure interrupt descriptors are moved to device tree and retrieved in runtime. This feature is enabled by the build flag SEC_INT_DESC_IN_FCONF. Change-Id: I360c63a83286c7ecc2426cd1ff1b4746d61e633c Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
-
Andre Przywara authored
The only difference between GIC-500 and GIC-600 relevant to TF-A is the differing power management sequence. A certain GIC implementation is detectable at runtime, for instance by checking the IIDR register. Let's add that test before initiating the GIC-600 specific sequence, so the code can be used on both GIC-600 and GIC-500 chips alike, without deciding on a GIC chip at compile time. This means that the GIC-500 "driver" is now redundant. To allow minimal platform support, add a switch to disable GIC-600 support. Change-Id: I17ea97d9fb05874772ebaa13e6678b4ba3415557 Signed-off-by: Andre Przywara <andre.przywara@arm.com>
-
- 01 Jun, 2020 1 commit
-
-
Jimmy Brisson authored
This should allow git to easily track file moves Signed-off-by: Jimmy Brisson <jimmy.brisson@arm.com> Change-Id: I1592cf39a4f94209c560dc6d1a8bc1bfb21d8327
-
- 21 May, 2020 1 commit
-
-
Madhukar Pappireddy authored
We query the UART base address and clk frequency in runtime using fconf getter APIs. Change-Id: I5f4e84953be5f384472bf90720b706d45cb86260 Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
-
- 19 May, 2020 1 commit
-
-
laurenw-arm authored
Query the GICD and GICR base addresses in runtime using fconf getter APIs. Signed-off-by: Lauren Wehrmeister <lauren.wehrmeister@arm.com> Change-Id: I309fb2874f3329ddeb8677ddb53ed4c02199a1e9
-
- 07 Apr, 2020 1 commit
-
-
Alexei Fedorov authored
This patch adds support for GICv4 extension for FVP platform. Change-Id: Ia389b61266af669b1ca9b999a8b76476cab214f4 Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
-
- 02 Apr, 2020 1 commit
-
-
Masahiro Yamada authored
As GCC manual says, -D option defines a macro as 1, if =<value> is omitted. -D <name> Predefine <name> as a macro, with definition 1. The same applied with Clang, too. In the context of -D option, =1 is always redundant. Change-Id: I487489a1ea3eb51e734741619c1e65dab1420bc4 Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
- 31 Mar, 2020 1 commit
-
-
Masahiro Yamada authored
-D is a preprocessor flag that defines a macro. So, adding it to BL*_CPPFLAGS makes more sense. You can reference it not only from .c files but also from .S files. Change-Id: Ib4f2f27a3ed3eae476a6a32da7ab5225ad0649de Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
- 30 Mar, 2020 1 commit
-
-
Alexei Fedorov authored
This patch moves all GICv3 driver files into new added 'gicv3.mk' makefile for the benefit of the generic driver which can evolve in the future without affecting platforms. The patch adds GICv3 driver configuration flags 'GICV3_IMPL', 'GICV3_IMPL_GIC600_MULTICHIP' and 'GICV3_OVERRIDE_DISTIF_PWR_OPS' described in 'GICv3 driver options' section of 'build-option.rst' document. NOTE: Platforms with GICv3 driver need to be modified to include 'drivers/arm/gic/v3/gicv3.mk' in their makefiles. Change-Id: If055f6770ff20f5dee5a3c99ae7ced7cdcac5c44 Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
-
- 17 Mar, 2020 1 commit
-
-
Madhukar Pappireddy authored
Rather than creating entry in plat_arm_mmap array to map the entire DRAM region in BL31/SP_MIN, only map a smaller region holding HW_CONFIG DTB. Consequently, an increase in number of sub-translation tables(level-2 and level-3) i.e., MAX_XLAT_TABLES is necessary to map the new region in memory. In order to accommodate the increased code size in BL31 i.e., PROGBITS, the max size of BL31 image is increased by 0x1000(4K). Change-Id: I540b8ee550588e22a3a9fb218183d2ab8061c851 Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
-
- 16 Mar, 2020 1 commit
-
-
Louis Mayencourt authored
Merge the previously introduced arm_fconf_io_storage into arm_io_storage. This removes the duplicate io_policies and functions definition. This patch: - replace arm_io_storage.c with the content of arm_fconf_io_storage.c - rename the USE_FCONF_BASED_IO option into ARM_IO_IN_DTB. - use the ARM_IO_IN_DTB option to compile out io_policies moved in dtb. - propagate DEFINES when parsing dts. - use ARM_IO_IN_DTB to include or not uuid nodes in fw_config dtb. - set the ARM_IO_IN_DTB to 0 by default for fvp. This ensure that the behavior of fvp stays the same as it was before the introduction of fconf. Change-Id: Ia774a96d1d3a2bccad29f7ce2e2b4c21b26c080e Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
-
- 11 Mar, 2020 1 commit
-
-
Madhukar Pappireddy authored
Necessary infrastructure added to integrate fconf framework in BL31 & SP_MIN. Created few populator() functions which parse HW_CONFIG device tree and registered them with fconf framework. Many of the changes are only applicable for fvp platform. This patch: 1. Adds necessary symbols and sections in BL31, SP_MIN linker script 2. Adds necessary memory map entry for translation in BL31, SP_MIN 3. Creates an abstraction layer for hardware configuration based on fconf framework 4. Adds necessary changes to build flow (makefiles) 5. Minimal callback to read hw_config dtb for capturing properties related to GIC(interrupt-controller node) 6. updates the fconf documentation Change-Id: Ib6292071f674ef093962b9e8ba0d322b7bf919af Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
-
- 10 Mar, 2020 1 commit
-
-
Alexei Fedorov authored
This patch provides separation of GICD, GICR accessor functions and adds new macros for GICv3 registers access as a preparation for GICv3.1 and GICv4 support. NOTE: Platforms need to modify to include both 'gicdv3_helpers.c' and 'gicrv3_helpers.c' instead of the single helper file previously. Change-Id: I1641bd6d217d6eb7d1228be3c4177b2d556da60a Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
-
- 24 Feb, 2020 1 commit
-
-
Petre-Ionut Tudor authored
This patch introduces a build flag which allows the xlat tables to be mapped in a read-only region within BL31 memory. It makes it much harder for someone who has acquired the ability to write to arbitrary secure memory addresses to gain control of the translation tables. The memory attributes of the descriptors describing the tables themselves are changed to read-only secure data. This change happens at the end of BL31 runtime setup. Until this point, the tables have read-write permissions. This gives a window of opportunity for changes to be made to the tables with the MMU on (e.g. reclaiming init code). No changes can be made to the tables with the MMU turned on from this point onwards. This change is also enabled for sp_min and tspd. To make all this possible, the base table was moved to .rodata. The penalty we pay is that now .rodata must be aligned to the size of the base table (512B alignment). Still, this is better than putting the base table with the higher level tables in the xlat_table section, as that would cost us a full 4KB page. Changing the tables from read-write to read-only cannot be done with the MMU on, as the break-before-make sequence would invalidate the descriptor which resolves the level 3 page table where that very descriptor is located. This would make the translation required for writing the changes impossible, generating an MMU fault. The caches are also flushed. Signed-off-by: Petre-Ionut Tudor <petre-ionut.tudor@arm.com> Change-Id: Ibe5de307e6dc94c67d6186139ac3973516430466
-
- 18 Feb, 2020 2 commits
-
-
Jimmy Brisson authored
Also update copyright statements Change-Id: Iba0305522ac0f2ddc4da99127fd773f340e67300 Signed-off-by: Jimmy Brisson <jimmy.brisson@arm.com>
-
Jimmy Brisson authored
Change-Id: I686fd623b8264c85434853a2a26ecd71e9eeac01 Signed-off-by: Jimmy Brisson <jimmy.brisson@arm.com>
-
- 10 Feb, 2020 1 commit
-
-
Achin Gupta authored
This patch repurposes the TOS FW configuration file as the manifest for the SPM core component which will reside at the secure EL adjacent to EL3. The SPM dispatcher component will use the manifest to determine how the core component must be initialised. Routines and data structure to parse the manifest have also been added. Signed-off-by: Achin Gupta <achin.gupta@arm.com> Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com> Change-Id: Id94f8ece43b4e05609f0a1d364708a912f6203cb
-
- 07 Feb, 2020 2 commits
-
-
Louis Mayencourt authored
Use the firmware configuration framework to store the io_policies information inside the configuration device tree instead of the static structure in the code base. The io_policies required by BL1 can't be inside the dtb, as this one is loaded by BL1, and only available at BL2. This change currently only applies to FVP platform. Change-Id: Ic9c1ac3931a4a136aa36f7f58f66d3764c1bfca1 Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
-
Louis Mayencourt authored
This patch introduces a better separation between the trusted-boot related properties, and the dynamic configuration DTBs loading information. The dynamic configuration DTBs properties are moved to a new node: `dtb-registry`. All the sub-nodes present will be provided to the dynamic config framework to be loaded. The node currently only contains the already defined configuration DTBs, but can be extended for future features if necessary. The dynamic config framework is modified to use the abstraction provided by the fconf framework, instead of directly accessing the DTBs. The trusted-boot properties are kept under the "arm,tb_fw" compatible string, but in a separate `tb_fw-config` node. The `tb_fw-config` property of the `dtb-registry` node simply points to the load address of `fw_config`, as the `tb_fw-config` is currently part of the same DTB. Change-Id: Iceb6c4c2cb92b692b6e28dbdc9fb060f1c46de82 Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
-
- 06 Feb, 2020 1 commit
-
-
Max Shvetsov authored
Enables usage of ARM_ROTPK_LOCATION=regs for FVP board. Removes hard-coded developer keys. Instead, setting ARM_ROTPK_LOCATION=devel_* takes keys from default directory. In case of ROT_KEY specified - generates a new hash and replaces the original. Note: Juno board was tested by original feature author and was not tested for this patch since we don't have access to the private key. Juno implementation was moved to board-specific file without changing functionality. It is not known whether byte-swapping is still needed for this platform. Change-Id: I0fdbaca0415cdcd78f3a388551c2e478c01ed986 Signed-off-by: Max Shvetsov <maksims.svecovs@arm.com>
-
- 07 Jan, 2020 1 commit
-
-
Ambroise Vincent authored
The reclaim init code functionality relies on forward reference in the linker script. The LLVM linker does not process it correctly. Change-Id: I993aeb9587bfa07af25b60ed823a6a2c5e970c94 Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com> Signed-off-by: Zelalem Aweke <zelalem.aweke@arm.com>
-
- 20 Dec, 2019 2 commits
-
-
Paul Beesley authored
The Secure Partition Manager (SPM) prototype implementation is being removed. This is preparatory work for putting in place a dispatcher component that, in turn, enables partition managers at S-EL2 / S-EL1. This patch removes: - The core service files (std_svc/spm) - The Resource Descriptor headers (include/services) - SPRT protocol support and service definitions - SPCI protocol support and service definitions Change-Id: Iaade6f6422eaf9a71187b1e2a4dffd7fb8766426 Signed-off-by: Paul Beesley <paul.beesley@arm.com> Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com>
-
Paul Beesley authored
There are two different implementations of Secure Partition management in TF-A. One is based on the "Management Mode" (MM) design, the other is based on the Secure Partition Client Interface (SPCI) specification. Currently there is a dependency between their build flags that shouldn't exist, making further development harder than it should be. This patch removes that dependency, making the two flags function independently. Before: ENABLE_SPM=1 is required for using either implementation. By default, the SPCI-based implementation is enabled and this is overridden if SPM_MM=1. After: ENABLE_SPM=1 enables the SPCI-based implementation. SPM_MM=1 enables the MM-based implementation. The two build flags are mutually exclusive. Note that the name of the ENABLE_SPM flag remains a bit ambiguous - this will be improved in a subsequent patch. For this patch the intention was to leave the name as-is so that it is easier to track the changes that were made. Change-Id: I8e64ee545d811c7000f27e8dc8ebb977d670608a Signed-off-by: Paul Beesley <paul.beesley@arm.com>
-
- 18 Dec, 2019 1 commit
-
-
Ambroise Vincent authored
Provide an SMC interface to the 9p filesystem. This permits accessing firmware drivers through a common interface, using standardized read/write/control operations. Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com> Signed-off-by: Olivier Deprez <olivier.deprez@arm.com> Change-Id: I9314662314bb060f6bc02714476574da158b2a7d
-
- 07 Nov, 2019 1 commit
-
-
Manish Pandey authored
Earlier PIE support was enabled for all arm platforms when RESET_TO_BL31=1, but later on it was restricted only to FVP with patch SHA d4580d17 because of n1sdp platform. Now it has been verified that PIE does work for n1sdp platform also, so enabling it again for all arm platforms. Change-Id: I05ad4f1775ef72e7cb578ec9245cde3fbce971a5 Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
-
- 03 Oct, 2019 1 commit
-
-
Imre Kis authored
Change-Id: I1ea2bf088f1e001cdbd377cbfb7c6a2866af0422 Signed-off-by: Imre Kis <imre.kis@arm.com>
-
- 02 Oct, 2019 1 commit
-
-
Imre Kis authored
Change-Id: I645442d52a295706948e2cac88c36c1a3cb0bc47 Signed-off-by: Imre Kis <imre.kis@arm.com>
-
- 30 Sep, 2019 1 commit
-
-
Artsem Artsemenka authored
Not tested on FVP Model. Change-Id: Iedebc5c1fbc7ea577e94142b7feafa5546f1f4f9 Signed-off-by: Artsem Artsemenka <artsem.artsemenka@arm.com>
-
- 11 Sep, 2019 1 commit
-
-
John Tsichritzis authored
Some cores support only AArch64 from EL1 and above, e.g. A76, N1 etc. If TF-A is compiled with CTX_INCLUDE_AARCH32_REGS=0 so as to properly handle those cores, only the AArch64 cores' assembly is included in the TF-A binary. In other words, for FVP, TF-A assumes that AArch64 only cores will never exist in the same cluster with cores that also support AArch32. However, A55 and A75 can be used as AArch64 only cores, despite supporting AArch32, too. This patch enables A55 and A75 to exist in clusters together with AArch64 cores. Change-Id: I58750ad6c3d76ce77eb354784c2a42f2c179031d Signed-off-by: John Tsichritzis <john.tsichritzis@arm.com>
-
- 16 Aug, 2019 1 commit
-
-
Alexei Fedorov authored
SMMUv3 driver functions which are called from BL1 and BL31 currently use counter-based poll method for testing status bits. Adding Delay Timer driver to BL1 and BL31 is required for timeout-based implementation using timer delay functions for SMMU and other drivers. This patch adds new function `fvp_timer_init()` which initialises either System level generic or SP804 timer based on FVP_USE_SP804_TIMER build flag. In BL2U `bl2u_early_platform_setup()` function the call to `arm_bl2u_early_platform_setup()` (which calls `generic_delay_timer_init()` ignoring FVP_USE_SP804_TIMER flag), is replaced with `arm_console_boot_init()` and `fvp_timer_init()`. Change-Id: Ifd8dcebf4019e877b9bc5641551deef77a44c0d1 Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
-
- 23 Jul, 2019 1 commit
-
-
Ambroise Vincent authored
The watchdog is configured with a default value of 256 seconds in order to implement the Trusted Board Boot Requirements. For the FVP and Juno platforms, the FWU process relies on a watchdog reset. In order to automate the test of FWU, the length of this process needs to be as short as possible. Instead of waiting for those 4 minutes to have a reset by the watchdog, tell it to reset immediately. There are no side effects as the value of the watchdog's load register resets to 0xFFFFFFFF. Tested on Juno. Change-Id: Ib1aea80ceddc18ff1e0813a5b98dd141ba8a3ff2 Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>
-
- 16 Jul, 2019 1 commit
-
-
Louis Mayencourt authored
Change-Id: Iab767e9937f5c6c8150953fcdc3b37e8ee83fa63 Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
-
- 10 Jul, 2019 1 commit
-
-
Balint Dobszay authored
Change-Id: I755e4c42242d9a052570fd1132ca3d937acadb13 Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>
-
- 04 Jun, 2019 1 commit
-
-
John Tsichritzis authored
Some cores support only AArch64 mode. In those cores, only a limited subset of the AArch32 system registers are implemented. Hence, if TF-A is supposed to run on AArch64-only cores, it must be compiled with CTX_INCLUDE_AARCH32_REGS=0. Currently, the default settings for compiling TF-A are with the AArch32 system registers included. So, if we compile TF-A the default way and attempt to run it on an AArch64-only core, we only get a runtime panic. Now a compile-time check has been added to ensure that this flag has the appropriate value when AArch64-only cores are included in the build. Change-Id: I298ec550037fafc9347baafb056926d149197d4c Signed-off-by: John Tsichritzis <john.tsichritzis@arm.com>
-
- 10 May, 2019 1 commit
-
-
Alexei Fedorov authored
For security DMA should be blocked at the SMMU by default unless explicitly enabled for a device. SMMU is disabled after reset with all streams bypassing the SMMU, and abortion of all incoming transactions implements a default deny policy on reset. This patch also moves "bl1_platform_setup()" function from arm_bl1_setup.c to FVP platforms' fvp_bl1_setup.c and fvp_ve_bl1_setup.c files. Change-Id: Ie0ffedc10219b1b884eb8af625bd4b6753749b1a Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
-
- 03 May, 2019 1 commit
-
-
John Tsichritzis authored
This patch fixes this issue: https://github.com/ARM-software/tf-issues/issues/660 The introduced changes are the following: 1) Some cores implement cache coherency maintenance operation on the hardware level. For those cores, such as - but not only - the DynamIQ cores, it is mandatory that TF-A is compiled with the HW_ASSISTED_COHERENCY flag. If not, the core behaviour at runtime is unpredictable. To prevent this, compile time checks have been added and compilation errors are generated, if needed. 2) To enable this change for FVP, a logical separation has been done for the core libraries. A system cannot contain cores of both groups, i.e. cores that manage coherency on hardware and cores that don't do it. As such, depending on the HW_ASSISTED_COHERENCY flag, FVP includes the libraries only of the relevant cores. 3) The neoverse_e1.S file has been added to the FVP sources. Change-Id: I787d15819b2add4ec0d238249e04bf0497dc12f3 Signed-off-by: John Tsichritzis <john.tsichritzis@arm.com>
-
- 17 Apr, 2019 1 commit
-
-
Aditya Angadi authored
The BL1 stage setup code for ARM platforms sets up the SP805 watchdog controller as the secure watchdog. But not all ARM platforms use SP805 as the secure watchdog controller. So introduce two new ARM platform code specific wrapper functions to start and stop the secure watchdog. These functions then replace the calls to SP805 driver in common BL1 setup code. All the ARM platforms implement these wrapper functions by either calling into SP805 driver or the SBSA watchdog driver. Change-Id: I1a9a11b124cf3fac2a84f22ca40acd440a441257 Signed-off-by: Aditya Angadi <aditya.angadi@arm.com>
-
- 08 Apr, 2019 1 commit
-
-
Alexei Fedorov authored
Change-Id: I0a81f4ea94d41245cd5150de341b51fc70babffe Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
-
- 14 Mar, 2019 1 commit
-
-
John Tsichritzis authored
Change-Id: If56d1e200a31bd716726d7fdc1cc0ae8a63ba3ee Signed-off-by: John Tsichritzis <john.tsichritzis@arm.com>
-