1. 10 Jul, 2019 1 commit
  2. 28 Jun, 2019 1 commit
  3. 26 Jun, 2019 1 commit
    • Manoj Kumar's avatar
      n1sdp: add code for DDR ECC enablement and BL33 copy to DDR · de8bc83e
      Manoj Kumar authored
      
      
      N1SDP platform supports RDIMMs with ECC capability. To use the ECC
      capability, the entire DDR memory space has to be zeroed out before
      enabling the ECC bits in DMC620. Zeroing out several gigabytes of
      memory from SCP is quite time consuming so functions are added that
      zeros out the DDR memory from application processor which is
      much faster compared to SCP. BL33 binary cannot be copied to DDR memory
      before enabling ECC so this is also done by TF-A from IOFPGA-DDR3
      memory to main DDR4 memory after ECC is enabled.
      
      Original PLAT_PHY_ADDR_SPACE_SIZE was limited to 36-bits with which
      the entire DDR space cannot be accessed as DRAM2 starts in base
      0x8080000000. So these macros are redefined for all ARM platforms.
      
      Change-Id: If09524fb65b421b7a368b1b9fc52c49f2ddb7846
      Signed-off-by: default avatarManoj Kumar <manoj.kumar3@arm.com>
      de8bc83e
  4. 11 Jun, 2019 1 commit
  5. 05 Jun, 2019 1 commit
    • John Tsichritzis's avatar
      FVP: Remove GIC initialisation from secondary core cold boot · 9c29e5f7
      John Tsichritzis authored
      
      
      During the secondary cores' cold boot path, the cores initialise the GIC
      CPU interface. However this is a redundant action since 1) the cores are
      powered down immediately after that, 2) the GIC CPU interface is
      initialised from scratch when the secondary cores are powered up again
      later.
      
      Moreover, this part of code was introducing a bug. In a GICv3 system,
      the GIC's CPU interface system registers must not be written without the
      core being marked as "awake" in the redistributor. However, this
      sequence was performing such accesses and this would cause those cores
      to hang. The hang was caused by the DSB instruction that would never
      complete because of the GIC not recognising those writes.
      
      For the two aforementioned reasons, the entire part of the GIC CPU
      interface initialisation is removed.
      
      Change-Id: I6c33a1edda69dd5b6add16a27390a70731b5532a
      Signed-off-by: default avatarJohn Tsichritzis <john.tsichritzis@arm.com>
      9c29e5f7
  6. 04 Jun, 2019 1 commit
    • John Tsichritzis's avatar
      Apply compile-time check for AArch64-only cores · 629d04f5
      John Tsichritzis authored
      
      
      Some cores support only AArch64 mode. In those cores, only a limited
      subset of the AArch32 system registers are implemented. Hence, if TF-A
      is supposed to run on AArch64-only cores, it must be compiled with
      CTX_INCLUDE_AARCH32_REGS=0.
      
      Currently, the default settings for compiling TF-A are with the AArch32
      system registers included. So, if we compile TF-A the default way and
      attempt to run it on an AArch64-only core, we only get a runtime panic.
      
      Now a compile-time check has been added to ensure that this flag has the
      appropriate value when AArch64-only cores are included in the build.
      
      Change-Id: I298ec550037fafc9347baafb056926d149197d4c
      Signed-off-by: default avatarJohn Tsichritzis <john.tsichritzis@arm.com>
      629d04f5
  7. 15 May, 2019 3 commits
    • Sami Mujawar's avatar
      N1SDP: Initialise CNTFRQ in Non Secure CNTBaseN · 603b372e
      Sami Mujawar authored
      
      
      N1SDP exhibits the behavior similar to Juno wherein CNTBaseN.CNTFRQ
      can be written but does not reflect the value of the CNTFRQ register
      in CNTCTLBase frame. This doesn't follow ARM ARM in that the value
      updated in CNTCTLBase.CNTFRQ is not reflected in CNTBaseN.CNTFRQ.
      
      Hence enable the workaround (applied to Juno) for N1SDP that updates
      the CNTFRQ register in the Non Secure CNTBaseN frame.
      
      Change-Id: Id89ee1bca0f25c9d62f8f794f2c4f4e618cdf092
      Signed-off-by: default avatarSami Mujawar <sami.mujawar@arm.com>
      603b372e
    • Sami Mujawar's avatar
      N1SDP: Fix DRAM2 start address · 49d64e5d
      Sami Mujawar authored
      
      
      The default DRAM2 start address for Arm platforms
      is 0x880000000. However, for N1SDP platform this is
      0x8080000000.
      
      Fix the DRAM2 start address by initialising
      PLAT_ARM_DRAM2_BASE.
      
      Without this fix there is a mismatch of the System
      memory region view as seen by the BL31 runtime
      firmware (PSCI) versus the view of the OS (which
      is based on the description provided by UEFI. In
      this case UEFI is correctly describing the DRAM2
      start address).
      
      This implicates in secondary cores failing to start
      on some Operating Systems if the OS decides to place
      the secondary start address in the mismatched region.
      
      Change-Id: I57220e753219353dda429868b4c5e1a69944cc64
      Signed-off-by: default avatarSami Mujawar <sami.mujawar@arm.com>
      49d64e5d
    • Sami Mujawar's avatar
      Add option for defining platform DRAM2 base · 6bb6015f
      Sami Mujawar authored
      
      
      The default DRAM2 base address for Arm platforms
      is 0x880000000. However, on some platforms the
      firmware may want to move the start address to
      a different value.
      
      To support this introduce PLAT_ARM_DRAM2_BASE that
      defaults to 0x880000000; but can be overridden by
      a platform (e.g. in platform_def.h).
      
      Change-Id: I0d81195e06070bc98f376444b48ada2db1666e28
      Signed-off-by: default avatarSami Mujawar <sami.mujawar@arm.com>
      6bb6015f
  8. 10 May, 2019 1 commit
    • Alexei Fedorov's avatar
      SMMUv3: Abort DMA transactions · 1461ad9f
      Alexei Fedorov authored
      
      
      For security DMA should be blocked at the SMMU by default
      unless explicitly enabled for a device. SMMU is disabled
      after reset with all streams bypassing the SMMU, and
      abortion of all incoming transactions implements a default
      deny policy on reset.
      This patch also moves "bl1_platform_setup()" function from
      arm_bl1_setup.c to FVP platforms' fvp_bl1_setup.c and
      fvp_ve_bl1_setup.c files.
      
      Change-Id: Ie0ffedc10219b1b884eb8af625bd4b6753749b1a
      Signed-off-by: default avatarAlexei Fedorov <Alexei.Fedorov@arm.com>
      1461ad9f
  9. 03 May, 2019 2 commits
    • John Tsichritzis's avatar
      Add compile-time errors for HW_ASSISTED_COHERENCY flag · 076b5f02
      John Tsichritzis authored
      This patch fixes this issue:
      https://github.com/ARM-software/tf-issues/issues/660
      
      
      
      The introduced changes are the following:
      
      1) Some cores implement cache coherency maintenance operation on the
      hardware level. For those cores, such as - but not only - the DynamIQ
      cores, it is mandatory that TF-A is compiled with the
      HW_ASSISTED_COHERENCY flag. If not, the core behaviour at runtime is
      unpredictable. To prevent this, compile time checks have been added and
      compilation errors are generated, if needed.
      
      2) To enable this change for FVP, a logical separation has been done for
      the core libraries. A system cannot contain cores of both groups, i.e.
      cores that manage coherency on hardware and cores that don't do it. As
      such, depending on the HW_ASSISTED_COHERENCY flag, FVP includes the
      libraries only of the relevant cores.
      
      3) The neoverse_e1.S file has been added to the FVP sources.
      
      Change-Id: I787d15819b2add4ec0d238249e04bf0497dc12f3
      Signed-off-by: default avatarJohn Tsichritzis <john.tsichritzis@arm.com>
      076b5f02
    • Alexei Fedorov's avatar
      SMMUv3: refactor the driver code · ccd4d475
      Alexei Fedorov authored
      
      
      This patch is a preparation for the subsequent changes in
      SMMUv3 driver. It introduces a new "smmuv3_poll" function
      and replaces inline functions for accessing SMMU registers
      with mmio read/write operations. Also the infinite loop
      for the poll has been replaced with a counter based timeout.
      
      Change-Id: I7a0547beb1509601f253e126b1a7a6ab3b0307e7
      Signed-off-by: default avatarAlexei Fedorov <Alexei.Fedorov@arm.com>
      ccd4d475
  10. 30 Apr, 2019 1 commit
  11. 24 Apr, 2019 1 commit
  12. 17 Apr, 2019 1 commit
    • Aditya Angadi's avatar
      plat/arm: introduce wrapper functions to setup secure watchdog · b0c97daf
      Aditya Angadi authored
      
      
      The BL1 stage setup code for ARM platforms sets up the SP805 watchdog
      controller as the secure watchdog. But not all ARM platforms use SP805
      as the secure watchdog controller.
      
      So introduce two new ARM platform code specific wrapper functions to
      start and stop the secure watchdog. These functions then replace the
      calls to SP805 driver in common BL1 setup code. All the ARM platforms
      implement these wrapper functions by either calling into SP805 driver
      or the SBSA watchdog driver.
      
      Change-Id: I1a9a11b124cf3fac2a84f22ca40acd440a441257
      Signed-off-by: default avatarAditya Angadi <aditya.angadi@arm.com>
      b0c97daf
  13. 16 Apr, 2019 1 commit
  14. 12 Apr, 2019 1 commit
    • Ambroise Vincent's avatar
      Mbed TLS: Remove weak heap implementation · 2374ab17
      Ambroise Vincent authored
      
      
      The implementation of the heap function plat_get_mbedtls_heap() becomes
      mandatory for platforms supporting TRUSTED_BOARD_BOOT.
      
      The shared Mbed TLS heap default weak function implementation is
      converted to a helper function get_mbedtls_heap_helper() which can be
      used by the platforms for their own function implementation.
      
      Change-Id: Ic8f2994e25e3d9fcd371a21ac459fdcafe07433e
      Signed-off-by: default avatarAmbroise Vincent <ambroise.vincent@arm.com>
      2374ab17
  15. 11 Apr, 2019 2 commits
    • Ambroise Vincent's avatar
      sgm: Fix bl2 sources · e5be1f95
      Ambroise Vincent authored
      
      
      The weak version of plat_get_mbedtls_heap() was being used.
      
      Change-Id: I6da331a098dd1af5bb64729d5b914cfb74b8869e
      Signed-off-by: default avatarAmbroise Vincent <ambroise.vincent@arm.com>
      e5be1f95
    • Paul Beesley's avatar
      plat/sgm: Remove redundant platform_oid.h · 551631aa
      Paul Beesley authored
      This file is used when building the cert_create tool without using
      the 'standard' set of Arm OID values as defined in the TBBR
      specification (see tbbr_oid.h). This configuration is enabled by
      setting USE_TBBR_DEFS to 0 during build.
      
      At the moment this will fail because the header file included by
      this file was removed in commit bb41eb7a
      
       ("cert: move
      platform_oid.h to include/tools_share for all platforms"). For
      the SGM platform this means that there is no current use for
      this file.
      
      Change-Id: I3c82983ada62330f1ab6be6d6c0cf489adabae7b
      Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      551631aa
  16. 08 Apr, 2019 1 commit
  17. 01 Apr, 2019 2 commits
  18. 21 Mar, 2019 1 commit
    • John Tsichritzis's avatar
      ROMLIB bug fixes · ae2e01b8
      John Tsichritzis authored
      
      
      Fixed the below bugs:
      1) Bug related to build flag V=1: if the flag was V=0, building with
      ROMLIB would fail.
      2) Due to a syntax bug in genwrappers.sh, index file entries marked as
      "patch" or "reserved" were ignored.
      3) Added a prepending hash to constants that genwrappers is generating.
      4) Due to broken dependencies, currently the inclusion functionality is
      intentionally not utilised. This is why the contents of romlib/jmptbl.i
      have been copied to platform specific jmptbl.i files. As a result of the
      broken dependencies, when changing the index files, e.g. patching
      functions, a clean build is always required. This is a known issue that
      will be fixed in the future.
      
      Change-Id: I9d92aa9724e86d8f90fcd3e9f66a27aa3cab7aaa
      Signed-off-by: default avatarJohn Tsichritzis <john.tsichritzis@arm.com>
      ae2e01b8
  19. 14 Mar, 2019 3 commits
    • Louis Mayencourt's avatar
      fvp: Increase the size of the stack for FVP · 01aa5247
      Louis Mayencourt authored
      
      
      When RECLAIM_INIT_CODE is 1, the stack is used to contain the .text.init
      section. This is by default enable on FVP. Due to the size increase of
      the .text.init section, the stack had to be adjusted contain it.
      
      Change-Id: Ia392341970fb86c0426cf2229b1a7295453e2e32
      Signed-off-by: default avatarLouis Mayencourt <louis.mayencourt@arm.com>
      01aa5247
    • Sandrine Bailleux's avatar
      Put Pointer Authentication key value in BSS section · 47102b35
      Sandrine Bailleux authored
      
      
      The dummy implementation of the plat_init_apiakey() platform API uses
      an internal 128-bit buffer to store the initial key value used for
      Pointer Authentication support.
      
      The intent - as stated in the file comments - was for this buffer to
      be write-protected by the MMU. Initialization of the buffer would be
      performed before enabling the MMU, thus bypassing write protection
      checks.
      
      However, the key buffer ended up into its own read-write section by
      mistake due to a typo on the section name ('rodata.apiakey' instead of
      '.rodata.apiakey', note the leading dot). As a result, the linker
      script was not pulling it into the .rodata output section.
      
      One way to address this issue could have been to fix the section
      name. However, this approach does not work well for BL1. Being the
      first image in the boot flow, it typically is sitting in real ROM
      so we don't have the capacity to update the key buffer at any time.
      
      The dummy implementation of plat_init_apiakey() provided at the moment
      is just there to demonstrate the Pointer Authentication feature in
      action. Proper key management and key generation would have to be a
      lot more careful on a production system.
      
      Therefore, the approach chosen here to leave the key buffer in
      writable memory but move it to the BSS section. This does mean that
      the key buffer could be maliciously updated for intalling unintended
      keys on the warm boot path but at the feature is only at an
      experimental stage right now, this is deemed acceptable.
      
      Change-Id: I121ccf35fe7bc86c73275a4586b32d4bc14698d6
      Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
      47102b35
    • John Tsichritzis's avatar
      Introduce preliminary support for Neoverse Zeus · a4546e80
      John Tsichritzis authored
      
      
      Change-Id: If56d1e200a31bd716726d7fdc1cc0ae8a63ba3ee
      Signed-off-by: default avatarJohn Tsichritzis <john.tsichritzis@arm.com>
      a4546e80
  20. 13 Mar, 2019 1 commit
  21. 28 Feb, 2019 2 commits
  22. 27 Feb, 2019 3 commits
  23. 19 Feb, 2019 4 commits
  24. 18 Feb, 2019 1 commit
  25. 12 Feb, 2019 1 commit
  26. 01 Feb, 2019 2 commits