Skip to content

GitLab

Switch branch/tag
  1. 12 Jul, 2017 1 commit
    • Isla Mitchell's avatar
      Fix order of #includes · 2a4b4b71
      Isla Mitchell authored 
      

This fix modifies the order of system includes to meet the ARM TF coding
standard. There are some exceptions in order to retain header groupings,
minimise changes to imported headers, and where there are headers within
the #if and #ifndef statements.

Change-Id: I65085a142ba6a83792b26efb47df1329153f1624
Signed-off-by: default avatarIsla Mitchell <isla.mitchell@arm.com>
      2a4b4b71
  3. 28 Jun, 2017 2 commits
    • Soby Mathew's avatar
      ARM plat changes to enable CryptoCell integration · e60f2af9
      Soby Mathew authored 
      

This patch makes the necessary changes to enable ARM platform to
successfully integrate CryptoCell during Trusted Board Boot. The
changes are as follows:

* A new build option `ARM_CRYPTOCELL_INTEG` is introduced to select
  the CryptoCell crypto driver for Trusted Board boot.

* The TrustZone filter settings for Non Secure DRAM is modified
  to allow CryptoCell to read this memory. This is required to
  authenticate BL33 which is loaded into the Non Secure DDR.

* The CSS platforms are modified to use coherent stacks in BL1 and BL2
  when CryptoCell crypto is selected. This is because CryptoCell makes
  use of DMA to transfer data and the CryptoCell SBROM library allocates
  buffers on the stack during signature/hash verification.

Change-Id: I1e6f6dcd1899784f1edeabfa2a9f279bbfb90e31
Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      e60f2af9
    • Soby Mathew's avatar
      Add headers to enable CryptoCell integration · bdd1cbf5
      Soby Mathew authored 
      

This patch adds header files with required declarations and
macro definitions to enable integration with CryptoCell SBROM
version `CC712 – Release 1.0.0.1061`. These headers enable ARM
Trusted Firmware to build and link with CryptoCell SBROM
library.

Change-Id: I501eda7fe1429acb61db8e1cab78cc9aee9c1871
Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      bdd1cbf5
  5. 23 Jun, 2017 2 commits
  7. 22 Jun, 2017 2 commits
    • Dimitris Papastamos's avatar
      aarch32: Apply workaround for errata 813419 of Cortex-A57 · 6f512a3d
      Dimitris Papastamos authored 
      

TLBI instructions for monitor mode won't have the desired effect under
specific circumstances in Cortex-A57 r0p0. The workaround is to
execute DSB and TLBI twice each time.

Even though this errata is only needed in r0p0, the current errata
framework is not prepared to apply run-time workarounds. The current one
is always applied if compiled in, regardless of the CPU or its revision.

The `DSB` instruction used when initializing the translation tables has
been changed to `DSB ISH` as an optimization and to be consistent with
the barriers used for the workaround.

NOTE: This workaround is present in AArch64 TF and already enabled by
default on Juno.

Change-Id: I10b0baa304ed64b13b7b26ea766e61461e759dfa
Signed-off-by: default avatarDimitris Papastamos <dimitris.papastamos@arm.com>
      6f512a3d
    • dp-arm's avatar
      aarch64: Enable Statistical Profiling Extensions for lower ELs · d832aee9
      dp-arm authored 
      

SPE is only supported in non-secure state.  Accesses to SPE specific
registers from SEL1 will trap to EL3.  During a world switch, before
`TTBR` is modified the SPE profiling buffers are drained.  This is to
avoid a potential invalid memory access in SEL1.

SPE is architecturally specified only for AArch64.

Change-Id: I04a96427d9f9d586c331913d815fdc726855f6b0
Signed-off-by: default avatardp-arm <dimitris.papastamos@arm.com>
      d832aee9
  9. 21 Jun, 2017 1 commit
    • David Cunado's avatar
      Fully initialise essential control registers · 18f2efd6
      David Cunado authored 
      

This patch updates the el3_arch_init_common macro so that it fully
initialises essential control registers rather then relying on hardware
to set the reset values.

The context management functions are also updated to fully initialise
the appropriate control registers when initialising the non-secure and
secure context structures and when preparing to leave EL3 for a lower
EL.

This gives better alignement with the ARM ARM which states that software
must initialise RES0 and RES1 fields with 0 / 1.

This patch also corrects the following typos:

"NASCR definitions" -> "NSACR definitions"

Change-Id: Ia8940b8351dc27bc09e2138b011e249655041cfc
Signed-off-by: default avatarDavid Cunado <david.cunado@arm.com>
      18f2efd6
  11. 20 Jun, 2017 3 commits
  13. 15 Jun, 2017 1 commit
  15. 14 Jun, 2017 2 commits
  17. 09 Jun, 2017 1 commit
  19. 07 Jun, 2017 2 commits
    • Haojian Zhuang's avatar
      stdlib: support AARCH32 in endian head file · e6a993d4
      Haojian Zhuang authored 
      

Add the support of AARCH32 in endian head file. The code is also
imported from FreeBSD 11.0. It's based on commit in below.

commit 4e3a5b429989b4ff621682ff1462f801237bd551
Author: mmel <mmel@FreeBSD.org>
Date:   Tue Nov 10 12:02:41 2015 +0000

    ARM: Remove trailing whitespace from sys/arm/include
    No functional changes.

    Approved by:    kib (mentor)
Signed-off-by: default avatarHaojian Zhuang <haojian.zhuang@linaro.org>
      e6a993d4
    • Haojian Zhuang's avatar
      stdlib: import endian head file from freebsd · b15f31ac
      Haojian Zhuang authored 
      Import endian head files from FreeBSD 11.0. The link of FreeBSD source code
is https://github.com/freebsd/freebsd



Import machine/endian.h from sys/arm64/include/endian.h in FreeBSD.
commit d09ff72cef8e35dbf62f7363dcbf07b453f06243
Author: andrew <andrew@FreeBSD.org>
Date:   Mon Mar 23 11:54:56 2015 +0000

    Add the start of the arm64 machine headers. This is the subset needed to
    start getting userland libraries building.

    Reviewed by:        imp
    Sponsored by:       The FreeBSD Foundation

Import sys/endian.h from sys/sys/endian.h in FreeBSD.
commit 3c3fa2f5b0c7640373fcbcc3f667bf7794e8e609
Author: phk <phk@FreeBSD.org>
Date:   Thu May 20 06:16:13 2010 +0000

    Fix some way-past-brucification complaints from FlexeLint.
Signed-off-by: default avatarHaojian Zhuang <haojian.zhuang@linaro.org>
      b15f31ac
  21. 05 Jun, 2017 3 commits
    • Soby Mathew's avatar
      Add SCMI support for Juno platform · 40111d44
      Soby Mathew authored 
      

This patch adds the memory map region for the SCMI payload memory
and maps the Juno core indices to SCMI power domains via the
`plat_css_core_pos_to_scmi_dmn_id_map` array.

Change-Id: I0d2bb2a719ff5b6a9d8e22e91e1625ab14453665
Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      40111d44
    • Soby Mathew's avatar
      CSS: Add SCMI driver for SCP · c04a3b6c
      Soby Mathew authored 
      

This patch adds the SCMI driver for communicating with SCP. The power
domain management and system power management protocol of the SCMI
specification[1] is implemented in the driver. The SCP power management
abstraction layer for SCMI for CSS power management is also added.

A new buid option `CSS_USE_SCMI_DRIVER` is introduced to select SCMI
driver over SCPI.

[1] ARM System Control and Management Interface v1.0 (SCMI)
Document number: ARM DEN 0056A

Change-Id: I67265615a17e679a2afe810b9b0043711ba09dbb
Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      c04a3b6c
    • Soby Mathew's avatar
      Add support for RSASSAPSS algorithm in mbedtls crypto driver · 1001202d
      Soby Mathew authored 
      

This patch adds support for RSASSA-PSS Signature Algorithm for
X509 certificates in mbedtls crypto driver. Now the driver supports
RSA PKCS2_1 standard as mandated by TBBR.

NOTE: With this patch, the PKCS1_5 standard compliant RSA signature
is deprecated.

Change-Id: I9cf6d073370b710cc36a7b374a55ec96c0496461
Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      1001202d
  23. 01 Jun, 2017 2 commits
  25. 31 May, 2017 2 commits
  27. 24 May, 2017 4 commits
  29. 23 May, 2017 2 commits
    • Masahiro Yamada's avatar
      cert: move platform_oid.h to include/tools_share for all platforms · bb41eb7a
      Masahiro Yamada authored 
      

Platforms aligned with TBBR are supposed to use their own OIDs, but
defining the same macros with different OIDs does not provide any
value (at least technically).

For easier use of TBBR, this commit allows platforms to reuse the OIDs
obtained by ARM Ltd.  This will be useful for non-ARM vendors that
do not need their own extension fields in their certificate files.

The OIDs of ARM Ltd. have been moved to include/tools_share/tbbr_oid.h

Platforms can include <tbbr_oid.h> instead of <platform_oid.h> by
defining USE_TBBR_DEFS as 1.  USE_TBBR_DEFS is 0 by default to keep the
backward compatibility.

For clarification, I inserted a blank line between headers from the
include/ directory (#include <...>) and ones from a local directory
(#include "..." ).
Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      bb41eb7a
    • Masahiro Yamada's avatar
      fip: move headers shared between TF and fiptool to include/tools_share · 2a6c1a8f
      Masahiro Yamada authored 
      

Some header files need to be shared between TF and host programs.
For fiptool, two headers are copied to the tools/fiptool directory,
but it looks clumsy.

This commit introduces a new directory, include/tools_share, which
collects headers that should be shared between TF and host programs.

This will clarify the interface exposed to host tools.  We should
add new headers to this directory only when we really need to do so.

For clarification, I inserted a blank line between headers from the
include/ directory (#include <...>) and ones from a local directory
(#include "..." ).
Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      2a6c1a8f
  31. 16 May, 2017 1 commit
    • Antonio Nino Diaz's avatar
      Simplify assert() to reduce memory usage · 0da2fe7e
      Antonio Nino Diaz authored 
      

The behaviour of assert() now depends on the value of the new optional
platform define `PLAT_LOG_LEVEL_ASSERT`. This defaults to `LOG_LEVEL` if
not defined by the platform.

- If `PLAT_LOG_LEVEL_ASSERT` >= `LOG_LEVEL_VERBOSE`, it prints the file
  name, line and asserted expression.
- If `PLAT_LOG_LEVEL_ASSERT` >= `LOG_LEVEL_INFO`, it prints the file
  name and line.
- If not, it doesn't print anything.

Note the old behaviour was to print the function name whereas now it
prints the file name. This reduces memory usage because the file name is
shared between all assert calls in a given file. Also, the default
behaviour in debug builds is to no longer print the asserted expression,
greatly reducing the string usage.

For FVP debug builds this change saves approximately:

              No TBBR    TBBR
        BL1    1.6 KB   2.2 KB
        BL2    1.7 KB   2.1 KB
        BL31   2.6 KB   3.3 KB

Change-Id: I2947569d593df0b25611dc3c7a6096f42155c115
Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      0da2fe7e
  33. 15 May, 2017 2 commits
  35. 12 May, 2017 2 commits
    • David Cunado's avatar
      mbedtls: Namespace for TF specific macros · b1883510
      David Cunado authored 
      

An earlier patch (arm-trusted-firmware#874) migrated MBEDTLS_ suffixed
macros to have a TBBR_ suffix to avoid any potential clash with future
mbedtls macros.

But on reflection the TBBR_ suffix could be confusing as the macros
are used to drive TF-specific configuration of mbedtls. As such
this patch migrates these macros from TBBR_suffix to TF_MBEDTLS_
suffix which more accurately conveys their use.

Change-Id: Ic87642b653ceeaa03d62f724976abd5e12e867d4
Signed-off-by: default avatarDavid Cunado <david.cunado@arm.com>
      b1883510
    • Soby Mathew's avatar
      AArch32: Rework SMC context save and restore mechanism · b6285d64
      Soby Mathew authored 
      

The current SMC context data structure `smc_ctx_t` and related helpers are
optimized for case when SMC call does not result in world switch. This was
the case for SP_MIN and BL1 cold boot flow. But the firmware update usecase
requires world switch as a result of SMC and the current SMC context helpers
were not helping very much in this regard. Therefore this patch does the
following changes to improve this:

1. Add monitor stack pointer, `spmon` to `smc_ctx_t`

The C Runtime stack pointer in monitor mode, `sp_mon` is added to the
SMC context, and the `smc_ctx_t` pointer is cached in `sp_mon` prior
to exit from Monitor mode. This makes is easier to retrieve the
context when the next SMC call happens. As a result of this change,
the SMC context helpers no longer depend on the stack to save and
restore the register.

This aligns it with the context save and restore mechanism in AArch64.

2. Add SCR in `smc_ctx_t`

Adding the SCR register to `smc_ctx_t` makes it easier to manage this
register state when switching between non secure and secure world as a
result of an SMC call.

Change-Id: I5e12a7056107c1701b457b8f7363fdbf892230bf
Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
Signed-off-by: default avatardp-arm <dimitris.papastamos@arm.com>
      b6285d64
  37. 09 May, 2017 1 commit
  39. 04 May, 2017 2 commits
    • David Cunado's avatar
      Migrate secure payload dispatchers to new SMC terminology · bbbbcdae
      David Cunado authored 
      Since Issue B (November 2016) of the SMC Calling Convention document
standard SMC calls are renamed to yielding SMC calls to help avoid
confusion with the standard service SMC range, which remains unchanged.

http://infocenter.arm.com/help/topic/com.arm.doc.den0028b/ARM_DEN0028B_SMC_Calling_Convention.pd



A previous patch introduced a new define for yielding SMC call type.
This patch updates the secure payload dispatchers (except the TSPD) to
use this new define and also migrates the code to use the new
terminology.

Change-Id: I3d2437c04e3b21fdbd32019f55c066c87679a5bf
Signed-off-by: default avatarDavid Cunado <david.cunado@arm.com>
      bbbbcdae
    • Jeenu Viswambharan's avatar
      Introduce ARM SiP service to switch execution state · b10d4499
      Jeenu Viswambharan authored 
      

In AArch64, privileged exception levels control the execution state
(a.k.a. register width) of the immediate lower Exception Level; i.e.
whether the lower exception level executes in AArch64 or AArch32 state.
For an exception level to have its execution state changed at run time,
it must request the change by raising a synchronous exception to the
higher exception level.

This patch implements and adds such a provision to the ARM SiP service,
by which an immediate lower exception level can request to switch its
execution state. The execution state is switched if the request is:

  - raised from non-secure world;

  - raised on the primary CPU, before any secondaries are brought online
    with CPU_ON PSCI call;

  - raised from an exception level immediately below EL3: EL2, if
    implemented; otherwise NS EL1.

If successful, the SMC doesn't return to the caller, but to the entry
point supplied with the call. Otherwise, the caller will observe the SMC
returning with STATE_SW_E_DENIED code. If ARM Trusted Firmware is built
for AArch32, the feature is not supported, and the call will always
fail.

For the ARM SiP service:

  - Add SMC function IDs for both AArch32 and AArch64;
  - Increment the SiP service minor version to 2;
  - Adjust the number of supported SiP service calls.

Add documentation for ARM SiP service.

Fixes ARM-software/tf-issues#436

Change-Id: I4347f2d6232e69fbfbe333b340fcd0caed0a4cea
Signed-off-by: default avatarJeenu Viswambharan <jeenu.viswambharan@arm.com>
      b10d4499
  41. 03 May, 2017 1 commit
  43. 02 May, 2017 1 commit