- 11 Jan, 2018 2 commits
-
-
Dimitris Papastamos authored
Invalidate the Branch Target Buffer (BTB) on entry to EL3 by temporarily dropping into AArch32 Secure-EL1 and executing the `BPIALL` instruction. This is achieved by using 3 vector tables. There is the runtime vector table which is used to handle exceptions and 2 additional tables which are required to implement this workaround. The additional tables are `vbar0` and `vbar1`. The sequence of events for handling a single exception is as follows: 1) Install vector table `vbar0` which saves the CPU context on entry to EL3 and sets up the Secure-EL1 context to execute in AArch32 mode with the MMU disabled and I$ enabled. This is the default vector table. 2) Before doing an ERET into Secure-EL1, switch vbar to point to another vector table `vbar1`. This is required to restore EL3 state when returning from the workaround, before proceeding with normal EL3 exception handling. 3) While in Secure-EL1, the `BPIALL` instruction is executed and an SMC call back to EL3 is performed. 4) On entry to EL3 from Secure-EL1, the saved context from step 1) is restored. The vbar is switched to point to `vbar0` in preparation to handle further exceptions. Finally a branch to the runtime vector table entry is taken to complete the handling of the original exception. This workaround is enabled by default on the affected CPUs. NOTE ==== There are 4 different stubs in Secure-EL1. Each stub corresponds to an exception type such as Sync/IRQ/FIQ/SError. Each stub will move a different value in `R0` before doing an SMC call back into EL3. Without this piece of information it would not be possible to know what the original exception type was as we cannot use `ESR_EL3` to distinguish between IRQs and FIQs. Change-Id: I90b32d14a3735290b48685d43c70c99daaa4b434 Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
-
Dimitris Papastamos authored
Invalidate the Branch Target Buffer (BTB) on entry to EL3 by disabling and enabling the MMU. To achieve this without performing any branch instruction, a per-cpu vbar is installed which executes the workaround and then branches off to the corresponding vector entry in the main vector table. A side effect of this change is that the main vbar is configured before any reset handling. This is to allow the per-cpu reset function to override the vbar setting. This workaround is enabled by default on the affected CPUs. Change-Id: I97788d38463a5840a410e3cea85ed297a1678265 Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
-
- 10 Jan, 2018 3 commits
-
-
davidcunado-arm authored
plat: xilinx: Add ZynqMP IPI mailbox service [v4]
-
davidcunado-arm authored
Build: trivial fixes
-
davidcunado-arm authored
hikey960: set isp clks as unsecure mode
-
- 09 Jan, 2018 4 commits
-
-
davidcunado-arm authored
Set alignment size to 512B for Hikey/Hikey960
-
Wendy Liang authored
Use zynqmp_ipi APIs to access IPI registers in pm_service. As the zynqmp_ipi APIs doesn't cover IPI buffers, the pm_ipi in pm_service will still directly access the IPI buffers. Signed-off-by: Wendy Liang <jliang@xilinx.com>
-
Wendy Liang authored
Add IPI mailbox service to manage Xilinx ZynqMP IPI(Inter Processors Interrupt) access. Signed-off-by: Wendy Liang <jliang@xilinx.com>
-
Wendy Liang authored
Previously, ZynqMP IPI in ATF is only for ZynqMP PM, This patch is to have a ZynqMP IPI implementation to handle both ZynqMP PM IPI requirement and IPI mailbox service requirement which will be introduced next. We control IPI agents registers access but not IPI buffers access in this implementation. Each IPI mailbox user will directly access the IPI buffers. Signed-off-by: Wendy Liang <jliang@xilinx.com>
-
- 08 Jan, 2018 3 commits
-
-
davidcunado-arm authored
SPM: Allow secondary CPUs to use the Secure Partition
-
Antonio Nino Diaz authored
The Secure Partition should be able to be used from any CPU, not just the lead one. This patch point the secure contexts of all secondary CPUs to the same one used by the lead CPU for the Secure Partition. This way, they can also use it. In order to prevent more than one CPU from using the Secure Partition at the same time, a lock has been added. Change-Id: Ica76373127c3626498b06c558a4874ce72201ff7 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Antonio Nino Diaz authored
Whether a Secure Partition is being initialized or not is something related to that specific partition, so it should be saved with the rest of the information related to it. Change-Id: Ie8a780f70df83fb03ef9c01ba37960208d9b5319 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 03 Jan, 2018 6 commits
-
-
davidcunado-arm authored
Add padding at the end of the last entry
-
davidcunado-arm authored
Update dependencies for ARM TF
-
Jett Zhou authored
Change-Id: I2e29a63f08aed3b8ea0bb10170a3d55b8d033e62 Signed-off-by: Jett Zhou <jett.zhou@arm.com> Signed-off-by: David Cunado <david.cunado@arm.com>
-
Roberto Vargas authored
This patch adds padding bytes at the end of the last image in the fip to be able to transfer by DMA the last image. Change-Id: I8c6f07dee389cb3d1dc919936d9d52841d7e5723 Signed-off-by: Roberto Vargas <roberto.vargas@arm.com> Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com> Signed-off-by: David Cunado <david.cunado@arm.com>
-
davidcunado-arm authored
Move TSP to TZC secured DRAM
-
Dimitris Papastamos authored
To allow BL31 to grow in SRAM, move TSP in TZC secured DRAM by default. Increase the BL31 max limit by one page. Change-Id: Idd3479be02f0f9bafac2f275376d7db0c2015431 Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
-
- 24 Dec, 2017 3 commits
-
-
davidcunado-arm authored
uniphier: a bundle of fixes
-
Masahiro Yamada authored
check_* targets just check necessary command line argument, not build any images. They should be specified as .PHONY. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
davidcunado-arm authored
ARM platforms: Allow platforms to define SDEI events
-
- 23 Dec, 2017 1 commit
-
-
Masahiro Yamada authored
Commit 8f0617ef ("Apply TBBR naming convention to the fip_create options") changed fiptool command options. We often forget to update documentation. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
- 21 Dec, 2017 1 commit
-
-
David Cunado authored
ARM TF has been tested as part of its CI system with the following dependencies updated: - Linaro binaries: 17.04 --> 17.10 - mbed TLS library: 2.4.2 --> 2.6.0 The version of AEM, Cortex-A and Foundation models that ARM TF is tested on has also been updated: - v11.1 build 11.1:22 --> v11.2 build 11.2:33 - v8.9 build 0.8:8805 --> v9.0 build 0.8:9005 This patch updates the user guide documentation to reflect these changes to the dependencies. Additionally, links to Linaro resources have been updated. Change-Id: I9ea5cb76e7443c9dbb0c9525069f450a02f59e58 Signed-off-by: David Cunado <david.cunado@arm.com>
-
- 20 Dec, 2017 4 commits
-
-
davidcunado-arm authored
Add Secure Partition Manager (SPM) design document
-
Masahiro Yamada authored
The build log should be indented with two spaces for correct alignment. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
The current IO block buffer overlaps with BL2 image location. So, BL2 may corrupt itself. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
Commit 6f625747 ("Convert documentation to reStructuredText") automatically converted all documents by a tool. I see some parts were converted in an ugly way (or, at least, it is not my intention). Also, the footnote is apparently broken. I checked this document by my eyes, and reformated it so that it looks nicer both in plain text and reST form. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
- 19 Dec, 2017 5 commits
-
-
davidcunado-arm authored
Add support to left-pad with zeroes in tf_printf
-
davidcunado-arm authored
Disable PIE compilation option
-
davidcunado-arm authored
io: block: fix block_read/write may read/write overlap buffer
-
davidcunado-arm authored
SPM: Fix MM_COMMUNICATE_AARCH32/64 parameters
-
Jeenu Viswambharan authored
With this patch, ARM platforms are expected to define the macros PLAT_ARM_SDEI_PRIVATE_EVENTS and PLAT_ARM_SDEI_SHARED_EVENTS as a list of private and shared events, respectively. This allows for individual platforms to define their own events. Change-Id: I66851fdcbff83fd9568c2777ade9eb12df284b49 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
-
- 18 Dec, 2017 2 commits
-
-
davidcunado-arm authored
poplar: Add BL32 (OP-TEE) support and misc updates
-
Haojian Zhuang authored
Signed-off-by: Haojian Zhuang <haojian.zhuang@linaro.org>
-
- 15 Dec, 2017 2 commits
-
-
Antonio Nino Diaz authored
Add support to formats %i, %d, %p, %x and %u for left-padding numbers with zeroes (e.g. `%08x`). Change-Id: Ifd4795a82a8d83da2c00b44b9e482a2d9be797e3 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Antonio Nino Diaz authored
This patch adds documentation that describes the design of the Secure Partition Manager and the specific choices in their current implementation. The document "SPM User Guide" has been integrated into the design document. Change-Id: I0a4f21a2af631c8aa6c739d97a5b634f3cb39991 Co-authored-by: Achin Gupta <achin.gupta@arm.com> Co-authored-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com> Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 14 Dec, 2017 2 commits
-
-
david cunado authored
ARM TF does not work correctly if built with a version of gcc that is configured to use PIE by default (e.g. Debian Stretch). This patch identifies when such a version of gcc is being used (by searching for --enable-default-pie) and adds -fno-PIE option to TF_CFLAGS. fixes arm-software/tf-issues#519 Change-Id: I2322122c49841746d35d152694e14f6f73beb0fd Signed-off-by: David Cunado <david.cunado@arm.com> Co-Authored-by: Evan Lloyd <evan.lloyd@arm.com> Tested-by: Steve Capper <steve.capper@arm.com> Tested-by: Alexei Fedorov <alexei.fedorov@arm.com>
-
davidcunado-arm authored
Makefile: Add ability to build dtb (v2)
-
- 13 Dec, 2017 1 commit
-
-
Roberto Vargas authored
The block operations were trying to optimize the number of memory copies, and it tried to use directly the buffer supplied by the user to them. This was a mistake because it created too many corner cases: 1- It was possible to generate unaligned operations to unaligned buffers. Drivers that were using DMA transfer failed in that case. 2- It was possible to generate read operations with sizes that weren't a multiple of the block size. Some low level drivers assumed that condition and they calculated the number of blocks dividing the number of bytes by the size of the block, without considering the remaining bytes. 3- The block_* operations didn't control the number of bytes actually copied to memory, because the low level drivers were writing directly to the user buffer. This patch rewrite block_read and block_write to use always the device buffer, which the platform ensures that has the correct aligment and the correct size. Change-Id: I5e479bb7bc137e6ec205a8573eb250acd5f40420 Signed-off-by: Qixiang Xu <qixiang.xu@arm.com> Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
-
- 12 Dec, 2017 1 commit
-
-
Sandrine Bailleux authored
This partially reverts commit d6b532b5 , keeping only the fixes to the assertions. The changes related to the order of arguments passed to the secure partition were not correct and violated the specification of the SP_EVENT_COMPLETE SMC. This patch also improves the MM_COMMUNICATE argument validation. The cookie argument, as it comes from normal world, can't be trusted and thus needs to always be validated at run time rather than using an assertion. Also validate the communication buffer address and return INVALID_PARAMETER if it is zero, as per the MM specification. Fix a few typos in comments and use the "secure partition" terminology rather than "secure payload". Change-Id: Ice6b7b5494b729dd44611f9a93d362c55ab244f7 Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
-