1. 22 May, 2019 4 commits
    • Paul Beesley's avatar
      doc: Reorganise images and update links · a2c320a8
      Paul Beesley authored
      
      
      Change-Id: I679d1499376a524bef1cfc33df995b0a719b5ac8
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      a2c320a8
    • Paul Beesley's avatar
      doc: Set correct syntax highlighting style · 29c02529
      Paul Beesley authored
      
      
      Several code blocks do not specify a language for syntax
      highlighting. This results in Sphinx using a default highlighter
      which is Python.
      
      This patch adds the correct language to each code block that doesn't
      already specify it.
      
      Change-Id: Icce1949aabfdc11a334a42d49edf55fa673cddc3
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      29c02529
    • Paul Beesley's avatar
      doc: Remove per-page contents lists · 57354abb
      Paul Beesley authored
      
      
      These are no longer needed as there will always be a table of contents
      rendered to the left of every page.
      
      Some of these lists can be quite long and, when opening a page, the
      reader sees nothing but a huge list of contents! After this patch,
      the document contents are front-and-centre and the contents are
      nicely rendered in the sidebar without duplication.
      
      Change-Id: I444754d548ec91d00f2b04e861de8dde8856aa62
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      57354abb
    • Paul Beesley's avatar
      doc: Reword document titles · 8aa05055
      Paul Beesley authored
      
      
      This patch attempts to standardise the document titles as well as
      adding titles to documents that were missing one. The aim is to
      remove needless references to "TF-A" or "Trusted Firmware" in the
      title of every document and to make sure that the title matches
      with the document content.
      
      Change-Id: I9b93ccf43b5d57e8dc793a5311b8ed7c4dd245cc
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      8aa05055
  2. 21 May, 2019 1 commit
    • Paul Beesley's avatar
      doc: Move documents into subdirectories · 40d553cf
      Paul Beesley authored
      
      
      This change creates the following directories under docs/
      in order to provide a grouping for the content:
      
      - components
      - design
      - getting_started
      - perf
      - process
      
      In each of these directories an index.rst file is created
      and this serves as an index / landing page for each of the
      groups when the pages are compiled. Proper layout of the
      top-level table of contents relies on this directory/index
      structure.
      
      Without this patch it is possible to build the documents
      correctly with Sphinx but the output looks messy because
      there is no overall hierarchy.
      
      Change-Id: I3c9f4443ec98571a56a6edf775f2c8d74d7f429f
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      40d553cf
  3. 25 Apr, 2019 1 commit
  4. 18 Mar, 2019 1 commit
    • Alexei Fedorov's avatar
      Declare PAuth for Secure world as experimental · 06715f85
      Alexei Fedorov authored
      
      
      Declare ENABLE_PAUTH and CTX_INCLUDE_PAUTH_REGS
      build options as experimental.
      Pointer Authentication is enabled for Non-secure world
      irrespective of the value of these build flags if the
      CPU supports it.
      The patch also fixes the description of fiptool 'help' command.
      
      Change-Id: I46de3228fbcce774a2624cd387798680d8504c38
      Signed-off-by: default avatarAlexei Fedorov <Alexei.Fedorov@arm.com>
      06715f85
  5. 12 Mar, 2019 1 commit
  6. 06 Mar, 2019 1 commit
  7. 28 Feb, 2019 1 commit
  8. 27 Feb, 2019 2 commits
    • Antonio Nino Diaz's avatar
      Add support for pointer authentication · b86048c4
      Antonio Nino Diaz authored
      
      
      The previous commit added the infrastructure to load and save
      ARMv8.3-PAuth registers during Non-secure <-> Secure world switches, but
      didn't actually enable pointer authentication in the firmware.
      
      This patch adds the functionality needed for platforms to provide
      authentication keys for the firmware, and a new option (ENABLE_PAUTH) to
      enable pointer authentication in the firmware itself. This option is
      disabled by default, and it requires CTX_INCLUDE_PAUTH_REGS to be
      enabled.
      
      Change-Id: I35127ec271e1198d43209044de39fa712ef202a5
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      b86048c4
    • Antonio Nino Diaz's avatar
      Add ARMv8.3-PAuth registers to CPU context · 5283962e
      Antonio Nino Diaz authored
      
      
      ARMv8.3-PAuth adds functionality that supports address authentication of
      the contents of a register before that register is used as the target of
      an indirect branch, or as a load.
      
      This feature is supported only in AArch64 state.
      
      This feature is mandatory in ARMv8.3 implementations.
      
      This feature adds several registers to EL1. A new option called
      CTX_INCLUDE_PAUTH_REGS has been added to select if the TF needs to save
      them during Non-secure <-> Secure world switches. This option must be
      enabled if the hardware has the registers or the values will be leaked
      during world switches.
      
      To prevent leaks, this patch also disables pointer authentication in the
      Secure world if CTX_INCLUDE_PAUTH_REGS is 0. Any attempt to use it will
      be trapped in EL3.
      
      Change-Id: I27beba9907b9a86c6df1d0c5bf6180c972830855
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      5283962e
  9. 19 Feb, 2019 2 commits
  10. 08 Feb, 2019 2 commits
  11. 23 Jan, 2019 1 commit
    • Sathees Balya's avatar
      plat/arm: Save BL2 descriptors to reserved memory. · 5b8d50e4
      Sathees Balya authored
      
      
      On ARM platforms, the BL2 memory can be overlaid by BL31/BL32. The memory
      descriptors describing the list of executable images are created in BL2
      R/W memory, which could be possibly corrupted later on by BL31/BL32 due
      to overlay. This patch creates a reserved location in SRAM for these
      descriptors and are copied over by BL2 before handing over to next BL
      image.
      
      Also this patch increases the PLAT_ARM_MAX_BL2_SIZE for juno when TBBR
      is enabled.
      
      Fixes ARM-Software/tf-issues#626
      
      Change-Id: I755735706fa702024b4032f51ed4895b3687377f
      Signed-off-by: default avatarSathees Balya <sathees.balya@arm.com>
      5b8d50e4
  12. 15 Jan, 2019 1 commit
    • Paul Beesley's avatar
      Correct typographical errors · 8aabea33
      Paul Beesley authored
      
      
      Corrects typos in core code, documentation files, drivers, Arm
      platforms and services.
      
      None of the corrections affect code; changes are limited to comments
      and other documentation.
      
      Change-Id: I5c1027b06ef149864f315ccc0ea473e2a16bfd1d
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      8aabea33
  13. 26 Nov, 2018 1 commit
  14. 16 Oct, 2018 1 commit
    • Jeenu Viswambharan's avatar
      AArch64: Enable lower ELs to use pointer authentication · 3ff4aaac
      Jeenu Viswambharan authored
      
      
      Pointer authentication is an Armv8.3 feature that introduces
      instructions that can be used to authenticate and verify pointers.
      
      Pointer authentication instructions are allowed to be accessed from all
      ELs but only when EL3 explicitly allows for it; otherwise, their usage
      will trap to EL3. Since EL3 doesn't have trap handling in place, this
      patch unconditionally disables all related traps to EL3 to avoid
      potential misconfiguration leading to an unhandled EL3 exception.
      
      Fixes ARM-software/tf-issues#629
      
      Change-Id: I9bd2efe0dc714196f503713b721ffbf05672c14d
      Signed-off-by: default avatarJeenu Viswambharan <jeenu.viswambharan@arm.com>
      3ff4aaac
  15. 03 Oct, 2018 1 commit
    • Daniel Boulby's avatar
      Introduce RECLAIM_INIT_CODE build flag · 1dcc28cf
      Daniel Boulby authored
      
      
      This patch introduces a build flag "RECLAIM_INIT_CODE" to mark boot time
      code which allows platforms to place this memory in an appropriate
      section to be reclaimed later. This features is primarily targeted for
      BL31. Appropriate documentation updates are also done.
      
      Change-Id: If0ca062851614805d769c332c771083d46599194
      Signed-off-by: default avatarDaniel Boulby <daniel.boulby@arm.com>
      1dcc28cf
  16. 01 Oct, 2018 1 commit
  17. 28 Sep, 2018 2 commits
  18. 26 Jun, 2018 1 commit
  19. 11 Jun, 2018 1 commit
  20. 07 Jun, 2018 1 commit
  21. 15 Mar, 2018 1 commit
  22. 13 Mar, 2018 1 commit
  23. 29 Jan, 2018 1 commit
  24. 18 Jan, 2018 1 commit
  25. 03 Jan, 2018 1 commit
  26. 15 Nov, 2017 1 commit
    • David Cunado's avatar
      Move FPEXC32_EL2 to FP Context · 91089f36
      David Cunado authored
      
      
      The FPEXC32_EL2 register controls SIMD and FP functionality when the
      lower ELs are executing in AArch32 mode. It is architecturally mapped
      to AArch32 system register FPEXC.
      
      This patch removes FPEXC32_EL2 register from the System Register context
      and adds it to the floating-point context. EL3 only saves / restores the
      floating-point context if the build option CTX_INCLUDE_FPREGS is set to 1.
      
      The rationale for this change is that if the Secure world is using FP
      functionality and EL3 is not managing the FP context, then the Secure
      world will save / restore the appropriate FP registers.
      
      NOTE - this is a break in behaviour in the unlikely case that
      CTX_INCLUDE_FPREGS is set to 0 and the platform contains an AArch32
      Secure Payload that modifies FPEXC, but does not save and restore
      this register
      
      Change-Id: Iab80abcbfe302752d52b323b4abcc334b585c184
      Signed-off-by: default avatarDavid Cunado <david.cunado@arm.com>
      91089f36
  27. 08 Nov, 2017 1 commit
    • Etienne Carriere's avatar
      ARMv7 target is driven by ARM_ARCH_MAJOR==7 · 26e63c44
      Etienne Carriere authored
      
      
      External build environment shall sets directive ARM_ARCH_MAJOR to 7
      to specify a target ARMv7-A core.
      
      As ARM-TF expects AARCH to be set, ARM_ARCH_MAJOR==7 mandates
      AARCH=aarch32.
      
      The toolchain target architecture/cpu is delegated after the platform
      configuration is parsed. Platform shall define target core through
      ARM_CORTEX_A<x>=yes, <x> being 5, 7, 9, 12, 15 and/or 17.
      
      Platform can bypass ARM_CORTEX_A<x>=yes directive and provide straight
      the toolchain target directive through MARCH32_DIRECTIVE.
      Signed-off-by: default avatarEtienne Carriere <etienne.carriere@linaro.org>
      26e63c44
  28. 31 Oct, 2017 1 commit
  29. 23 Oct, 2017 2 commits
  30. 16 Oct, 2017 2 commits
    • Jeenu Viswambharan's avatar
      GIC: Allow specifying interrupt properties · c639e8eb
      Jeenu Viswambharan authored
      
      
      The GIC driver initialization currently allows an array of interrupts to
      be configured as secure. Future use cases would require more interrupt
      configuration other than just security, such as priority.
      
      This patch introduces a new interrupt property array as part of both
      GICv2 and GICv3 driver data. The platform can populate the array with
      interrupt numbers and respective properties. The corresponding driver
      initialization iterates through the array, and applies interrupt
      configuration as required.
      
      This capability, and the current way of supplying array (or arrays, in
      case of GICv3) of secure interrupts, are however mutually exclusive.
      Henceforth, the platform should supply either:
      
        - A list of interrupts to be mapped as secure (the current way).
          Platforms that do this will continue working as they were. With this
          patch, this scheme is deprecated.
      
        - A list of interrupt properties (properties include interrupt group).
          Individual interrupt properties are specified via. descriptors of
          type 'interrupt_prop_desc_t', which can be populated with the macro
          INTR_PROP_DESC().
      
      A run time assert checks that the platform doesn't specify both.
      
      Henceforth the old scheme of providing list of secure interrupts is
      deprecated. When built with ERROR_DEPRECATED=1, GIC drivers will require
      that the interrupt properties are supplied instead of an array of secure
      interrupts.
      
      Add a section to firmware design about configuring secure interrupts.
      
      Fixes ARM-software/tf-issues#262
      
      Change-Id: I8eec29e72eb69dbb6bce77879febf32c95376942
      Signed-off-by: default avatarJeenu Viswambharan <jeenu.viswambharan@arm.com>
      c639e8eb
    • Qixiang Xu's avatar
      docs: Update Trusted Board Boot Requirements document number · 67b66903
      Qixiang Xu authored
      
      
      Update DEN0006B-5(2013) to DEN0006C-1(2015)
      
      Change-Id: I753a14214dde827d004fd04c47b5ba112df38d73
      Signed-off-by: default avatarQixiang Xu <qixiang.xu@arm.com>
      67b66903
  31. 13 Oct, 2017 1 commit