1. 20 Mar, 2017 1 commit
    • Douglas Raillard's avatar
      Replace ASM signed tests with unsigned · 355a5d03
      Douglas Raillard authored
      
      
      ge, lt, gt and le condition codes in assembly provide a signed test
      whereas hs, lo, hi and ls provide the unsigned counterpart. Signed tests
      should only be used when strictly necessary, as using them on logically
      unsigned values can lead to inverting the test for high enough values.
      All offsets, addresses and usually counters are actually unsigned
      values, and should be tested as such.
      
      Replace the occurrences of signed condition codes where it was
      unnecessary by an unsigned test as the unsigned tests allow the full
      range of unsigned values to be used without inverting the result with
      some large operands.
      
      Change-Id: I58b7e98d03e3a4476dfb45230311f296d224980a
      Signed-off-by: default avatarDouglas Raillard <douglas.raillard@arm.com>
      355a5d03
  2. 06 Feb, 2017 1 commit
    • Douglas Raillard's avatar
      Introduce unified API to zero memory · 308d359b
      Douglas Raillard authored
      
      
      Introduce zeromem_dczva function on AArch64 that can handle unaligned
      addresses and make use of DC ZVA instruction to zero a whole block at a
      time. This zeroing takes place directly in the cache to speed it up
      without doing external memory access.
      
      Remove the zeromem16 function on AArch64 and replace it with an alias to
      zeromem. This zeromem16 function is now deprecated.
      
      Remove the 16-bytes alignment constraint on __BSS_START__ in
      firmware-design.md as it is now not mandatory anymore (it used to comply
      with zeromem16 requirements).
      
      Change the 16-bytes alignment constraints in SP min's linker script to a
      8-bytes alignment constraint as the AArch32 zeromem implementation is now
      more efficient on 8-bytes aligned addresses.
      
      Introduce zero_normalmem and zeromem helpers in platform agnostic header
      that are implemented this way:
      * AArch32:
      	* zero_normalmem: zero using usual data access
      	* zeromem: alias for zero_normalmem
      * AArch64:
      	* zero_normalmem: zero normal memory  using DC ZVA instruction
      	                  (needs MMU enabled)
      	* zeromem: zero using usual data access
      
      Usage guidelines: in most cases, zero_normalmem should be preferred.
      
      There are 2 scenarios where zeromem (or memset) must be used instead:
      * Code that must run with MMU disabled (which means all memory is
        considered device memory for data accesses).
      * Code that fills device memory with null bytes.
      
      Optionally, the following rule can be applied if performance is
      important:
      * Code zeroing small areas (few bytes) that are not secrets should use
        memset to take advantage of compiler optimizations.
      
        Note: Code zeroing security-related critical information should use
        zero_normalmem/zeromem instead of memset to avoid removal by
        compilers' optimizations in some cases or misbehaving versions of GCC.
      
      Fixes ARM-software/tf-issues#408
      
      Change-Id: Iafd9663fc1070413c3e1904e54091cf60effaa82
      Signed-off-by: default avatarDouglas Raillard <douglas.raillard@arm.com>
      308d359b
  3. 28 Sep, 2016 1 commit
    • Yatharth Kochar's avatar
      AArch32: Add `memcpy4` function in assembly · 9c1dceb1
      Yatharth Kochar authored
      At present the `el3_entrypoint_common` macro uses `memcpy`
      function defined in lib/stdlib/mem.c file, to copy data
      from ROM to RAM for BL1. Depending on the compiler being
      used the stack could potentially be used, in `memcpy`,
      for storing the local variables. Since the stack is
      initialized much later in `el3_entrypoint_common` it
      may result in unknown behaviour.
      
      This patch adds `memcpy4` function definition in assembly so
      that it can be used before the stack is initialized and it
      also replaces `memcpy` by `memcpy4` in `el3_entrypoint_common`
      macro, to copy data from ROM to RAM for BL1.
      
      Change-Id: I3357a0e8095f05f71bbbf0b185585d9499bfd5e0
      9c1dceb1
  4. 21 Sep, 2016 1 commit
    • Yatharth Kochar's avatar
      AArch32: Common changes needed for BL1/BL2 · 1a0a3f06
      Yatharth Kochar authored
      This patch adds common changes to support AArch32 state in
      BL1 and BL2. Following are the changes:
      
      * Added functions for disabling MMU from Secure state.
      * Added AArch32 specific SMC function.
      * Added semihosting support.
      * Added reporting of unhandled exceptions.
      * Added uniprocessor stack support.
      * Added `el3_entrypoint_common` macro that can be
        shared by BL1 and BL32 (SP_MIN) BL stages. The
        `el3_entrypoint_common` is similar to the AArch64
        counterpart with the main difference in the assembly
        instructions and the registers that are relevant to
        AArch32 execution state.
      * Enabled `LOAD_IMAGE_V2` flag in Makefile for
        `ARCH=aarch32` and added check to make sure that
        platform has not overridden to disable it.
      
      Change-Id: I33c6d8dfefb2e5d142fdfd06a0f4a7332962e1a3
      1a0a3f06
  5. 10 Aug, 2016 1 commit
    • Soby Mathew's avatar
      AArch32: Add assembly helpers · f24307de
      Soby Mathew authored
      This patch adds various assembly helpers for AArch32 like :
      
      * cache management : Functions to flush, invalidate and clean
      cache by MVA. Also helpers to do cache operations by set-way
      are also added.
      
      * stack management: Macros to declare stack and get the current
      stack corresponding to current CPU.
      
      * Misc: Macros to access co processor registers in AArch32,
      macros to define functions in assembly, assert macros, generic
      `do_panic()` implementation and function to zero block of memory.
      
      Change-Id: I7b78ca3f922c0eda39beb9786b7150e9193425be
      f24307de
  6. 01 Apr, 2016 1 commit
  7. 12 Feb, 2016 1 commit
  8. 25 Jun, 2015 1 commit
    • Juan Castillo's avatar
      TBB: add TBBR Chain of Trust · dff93c86
      Juan Castillo authored
      This patch adds a CoT based on the Trusted Board Boot Requirements
      document*. The CoT consists of an array of authentication image
      descriptors indexed by the image identifiers.
      
      A new header file with TBBR image identifiers has been added.
      Platforms that use the TBBR (i.e. ARM platforms) may reuse these
      definitions as part of their platform porting.
      
      PLATFORM PORT - IMPORTANT:
      
      Default image IDs have been removed from the platform common
      definitions file (common_def.h). As a consequence, platforms that
      used those common definitons must now either include the IDs
      provided by the TBBR header file or define their own IDs.
      
      *The NVCounter authentication method has not been implemented yet.
      
      Change-Id: I7c4d591863ef53bb0cd4ce6c52a60b06fa0102d5
      dff93c86
  9. 28 Jan, 2015 1 commit
    • Juan Castillo's avatar
      TBB: add tool to generate certificates · 6f971622
      Juan Castillo authored
      This patch adds a tool that generates all the necessary elements
      to establish the chain of trust (CoT) between the images.
      
      The tool reads the binary images and signing keys and outputs the
      corresponding certificates that will be used by the target at run
      time to verify the authenticity of the images.
      
      Note: the platform port must provide the file platform_oid.h. This
      file will define the OIDs of the x509 extensions that will be added
      to the certificates in order to establish the CoT.
      
      Change-Id: I2734d6808b964a2107ab3a4805110698066a04be
      6f971622
  10. 21 Aug, 2014 2 commits
    • Sandrine Bailleux's avatar
      Juno: Add support for Test Secure-EL1 Payload · edfda10a
      Sandrine Bailleux authored
      This patch implements the TSP on Juno. It executes from on-chip Trusted
      SRAM.
      
      Also, the other bootloader images (i.e. BL1 R/W, BL2 and BL3-1) have
      been moved around. The reason is, although there was enough space
      overall to store the TSP in SRAM, there was no contiguous free chunk
      of SRAM big enough to hold it.
      
      This patch keeps the overall memory layout (i.e. keeping BL1 R/W at
      the bottom, BL2 at the top and BL3-1 in between) but moves the base
      addresses of all the bootloader images in such a way that:
       - memory fragmentation is reduced enough to fit BL3-2 in;
       - new base addresses are suitable for release builds as well as debug
         ones;
       - each image has a few extra kilobytes for future growth.
         BL3-1 and BL3-2 are the images which received the biggest allocations
         since they will most probably grow the most.
      
      This patch also adds instruction synchronization barriers around the code which
      handles the timer interrupt in the TSP. This ensures that the interrupt is not
      acknowledged after or EOIed before it is deactivated at the peripheral.
      
      Change-Id: I1c5b51858700027ee283ac85d18e06863a27c72e
      edfda10a
    • Sandrine Bailleux's avatar
      Juno: Implement initial platform port · 01b916bf
      Sandrine Bailleux authored
      This patch adds the initial port of the ARM Trusted Firmware on the Juno
      development platform. This port does not support a BL3-2 image or any PSCI APIs
      apart from PSCI_VERSION and PSCI_CPU_ON. It enables workarounds for selected
      Cortex-A57 (#806969 & #813420) errata and implements the workaround for a Juno
      platform errata (Defect id 831273).
      
      Change-Id: Ib3d92df3af53820cfbb2977582ed0d7abf6ef893
      01b916bf
  11. 14 Aug, 2014 1 commit
    • Dan Handley's avatar
      Move IO storage source to drivers directory · 935db693
      Dan Handley authored
      Move the remaining IO storage source file (io_storage.c) from the
      lib to the drivers directory. This requires that platform ports
      explicitly add this file to the list of source files.
      
      Also move the IO header files to a new sub-directory, include/io.
      
      Change-Id: I862b1252a796b3bcac0d93e50b11e7fb2ded93d6
      935db693
  12. 06 May, 2014 3 commits
    • Dan Handley's avatar
      Remove variables from .data section · 625de1d4
      Dan Handley authored
      Update code base to remove variables from the .data section,
      mainly by using const static data where possible and adding
      the const specifier as required. Most changes are to the IO
      subsystem, including the framework APIs. The FVP power
      management code is also affected.
      
      Delay initialization of the global static variable,
      next_image_type in bl31_main.c, until it is realy needed.
      Doing this moves the variable from the .data to the .bss
      section.
      
      Also review the IO interface for inconsistencies, using
      uintptr_t where possible instead of void *. Remove the
      io_handle and io_dev_handle typedefs, which were
      unnecessary, replacing instances with uintptr_t.
      
      Fixes ARM-software/tf-issues#107.
      
      Change-Id: I085a62197c82410b566e4698e5590063563ed304
      625de1d4
    • Dan Handley's avatar
      Reduce deep nesting of header files · 97043ac9
      Dan Handley authored
      Reduce the number of header files included from other header
      files as much as possible without splitting the files. Use forward
      declarations where possible. This allows removal of some unnecessary
      "#ifndef __ASSEMBLY__" statements.
      
      Also, review the .c and .S files for which header files really need
      including and reorder the #include statements alphabetically.
      
      Fixes ARM-software/tf-issues#31
      
      Change-Id: Iec92fb976334c77453e010b60bcf56f3be72bd3e
      97043ac9
    • Dan Handley's avatar
      Move include and source files to logical locations · 4ecca339
      Dan Handley authored
      Move almost all system include files to a logical sub-directory
      under ./include. The only remaining system include directories
      not under ./include are specific to the platform. Move the
      corresponding source files to match the include directory
      structure.
      
      Also remove pm.h as it is no longer used.
      
      Change-Id: Ie5ea6368ec5fad459f3e8a802ad129135527f0b3
      4ecca339
  13. 17 Feb, 2014 1 commit
    • James Morrissey's avatar
      Implement load_image in terms of IO abstraction · 9d72b4ea
      James Morrissey authored
      The modified implementation uses the IO abstraction rather than
      making direct semi-hosting calls.  The semi-hosting driver is now
      registered for the FVP platform during initialisation of each boot
      stage where it is used.  Additionally, the FVP platform includes a
      straightforward implementation of 'plat_get_image_source' which
      provides a generic means for the 'load_image' function to determine
      how to access the image data.
      
      Change-Id: Ia34457b471dbee990c7b3c79de7aee4ceea51aa6
      9d72b4ea
  14. 17 Jan, 2014 2 commits
    • Jeenu Viswambharan's avatar
      Change comments in assembler files to help ctags · 3a4cae05
      Jeenu Viswambharan authored
      Ctags seem to have a problem with generating tags for assembler symbols
      when a comment immediately follows an assembly label.
      
      This patch inserts a single space character between the label
      definition and the following comments to help ctags.
      
      The patch is generated by the command:
      
        git ls-files -- \*.S | xargs sed -i 's/^\([^:]\+\):;/\1: ;/1'
      
      Change-Id: If7a3c9d0f51207ea033cc8b8e1b34acaa0926475
      3a4cae05
    • Dan Handley's avatar
      Update year in copyright text to 2014 · e83b0cad
      Dan Handley authored
      Change-Id: Ic7fb61aabae1d515b9e6baf3dd003807ff42da60
      e83b0cad
  15. 05 Dec, 2013 1 commit
    • Dan Handley's avatar
      Enable third party contributions · ab2d31ed
      Dan Handley authored
      - Add instructions for contributing to ARM Trusted Firmware.
      
      - Update copyright text in all files to acknowledge contributors.
      
      Change-Id: I9311aac81b00c6c167d2f8c889aea403b84450e5
      ab2d31ed
  16. 25 Oct, 2013 1 commit