- 04 Sep, 2018 1 commit
-
-
Bryan O'Donoghue authored
This patch describes the boot-flow and building of the WaRP7 TF-A port. What it describes is booting and unsigned TF-A. A very brief section has been added on signing BL2 which is in no-way comprehensive. For a comprehensive description of the signing process try the Boundary Devices blog on the matter. https://boundarydevices.com/high-assurance-boot-hab-dummies/ Signed-off-by: Bryan O'Donoghue <bryan.odonoghue@linaro.org>
-
- 30 Aug, 2018 3 commits
-
-
Douglas Raillard authored
This function diplays the backtrace, the current EL and security state to allow a post-processing tool to choose the right binary to interpret the dump. The output can be fed to GNU addr2line to resolve function names given an ELF binary compiled with debug information. The "-i" flag is recommended to improve display in case of inlined functions. The *.dump files generated during the build process can also be used. The function works in AArch64 and AArch32. In AArch32 it only works in A32 mode (without T32 interworking), which is enforced in the Makefile. Sample output of a backtrace at EL3: BACKTRACE: START: function_name 0: EL3: 0x798 1: EL3: 0x538 2: EL3: 0x550 3: EL3: 0x55c 4: EL3: 0x568 5: EL3: 0x5a8 6: EL3: 0xf4 BACKTRACE: END: function_name In order to enable it the new option ENABLE_BACKTRACE must be set to 1. This option is set to 1 by default only in AArch64 debug builds. As usual, it can be overridden by the platform makefile and in the build command line. Change-Id: Icaff39b0e5188329728be2f3c72b868b2368e794 Co-authored-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com> Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com> Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
-
Antonio Nino Diaz authored
At the moment the AArch32 instruction set isn't specified in the command line, which means that the compiler is free to choose the one it sees fit. This decision may change between compiler versions, so it is better to specify it manually. The build option AARCH32_INSTRUCTION_SET has been introduced for this reason. This option can be set to T32 or A32 to pass the correct flags to the compiler. The current behaviour is to default to T32 due to it's smaller size. Change-Id: I02297eb1d9404b5868ff7c054fbff9b3cda7fdb6 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Julius Werner authored
This patch fixes a bug in the context management code that causes it to ignore the HANDLE_EA_EL3_FIRST compile-time option and instead always configure SCR_EL3 to force all external aborts to trap into EL3. The code used #ifdef to read compile-time option declared with add_define in the Makefile... however, those options are always defined, they're just defined to either 0 or 1, so #if is the correct syntax to check for them. Also update the documentation to match. This bug has existed since the Nov 2017 commit 76454abf (AArch64: Introduce External Abort handling), which changed the HANDLE_EA_EL3_FIRST option to use add_define. Change-Id: I7189f41d0daee78fa2fcf4066323e663e1e04d3d Signed-off-by: Julius Werner <jwerner@chromium.org>
-
- 22 Aug, 2018 2 commits
-
-
Antonio Nino Diaz authored
Change their names to printf and snprintf. They are much smaller than the previous versions we had, which makes them better suited for the Trusted Firmware. Change-Id: Ia872af91b7b967c47fce012eccecede7873a3daf Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Antonio Nino Diaz authored
Taken from http://git.simple-cc.org/scc/ from the following commit: 67508ad14af314cea2229783d3c084f28c41daf0 Permission has been granted from the author to use them under the license BSD-3-Clause instead of ISC. Change-Id: I65c0ce3ab60c49d34a57533af12a74bd7bde88e5 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 20 Aug, 2018 1 commit
-
-
Jeenu Viswambharan authored
Memory Partitioning And Monitoring is an Armv8.4 feature that enables various memory system components and resources to define partitions. Software running at various ELs can then assign themselves to the desired partition to control their performance aspects. With this patch, when ENABLE_MPAM_FOR_LOWER_ELS is set to 1, EL3 allows lower ELs to access their own MPAM registers without trapping to EL3. This patch however doesn't make use of partitioning in EL3; platform initialisation code should configure and use partitions in EL3 if required. Change-Id: I5a55b6771ccaa0c1cffc05543d2116b60cbbcdcd Co-authored-by: James Morse <james.morse@arm.com> Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
-
- 17 Aug, 2018 2 commits
-
-
John Tsichritzis authored
If the system is in near idle conditions, this erratum could cause a deadlock or data corruption. This patch applies the workaround that prevents this. This DSU erratum affects only the DSUs that contain the ACP interface and it was fixed in r2p0. The workaround is applied only to the DSUs that are actually affected. Link to respective Arm documentation: http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.epm138168/index.html Change-Id: I033213b3077685130fc1e3f4f79c4d15d7483ec9 Signed-off-by: John Tsichritzis <john.tsichritzis@arm.com>
-
Sathees Balya authored
Change-Id: Ice87052e41a24b0ede5610467e12941ae1d886e0 Signed-off-by: Sathees Balya <sathees.balya@arm.com>
-
- 15 Aug, 2018 1 commit
-
-
John Tsichritzis authored
Change-Id: I426ffc8717757e35e556f675162a729ba095b7d5 Signed-off-by: John Tsichritzis <john.tsichritzis@arm.com>
-
- 24 Jul, 2018 2 commits
-
-
Yann Gautier authored
Signed-off-by: Yann Gautier <yann.gautier@st.com>
-
John Tsichritzis authored
Change-Id: Id2639218dfffec84d8b0fa295d7e896129d4fcd7 Signed-off-by: John Tsichritzis <john.tsichritzis@arm.com>
-
- 19 Jul, 2018 1 commit
-
-
Jeenu Viswambharan authored
Change-Id: I76cb1d387ab51ee48fa91fd7458c7041b454ceee Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
-
- 18 Jul, 2018 2 commits
-
-
Konstantin Porotchkin authored
Change-Id: I341440701b7e5e3555e604dd9d0a356795e6c4fb Signed-off-by: Hanna Hawa <hannah@marvell.com> Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
-
Konstantin Porotchkin authored
Add address decoding unit drivers for Marvell SoCs. Address decoding flow and address translation units chart are located at docs/marvell/misc/mvebu-a8k-addr-map.txt Change-Id: Id6ce311fa1f4f112df3adfac5d20449f495f71ed Signed-off-by: Hanna Hawa <hannah@marvell.com> Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
-
- 16 Jul, 2018 5 commits
-
-
Antonio Nino Diaz authored
The Non-secure DRAM region shouldn't be protected in the range specified in the Linux command line with memmap. This change also increases the size of the Secure DRAM region. Change-Id: I306e9e443a84b834c99739f54a534a3ca3be2424 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Antonio Nino Diaz authored
In the memory map of the documentation the kernel only had 16MiB of allocated space. This leaves very little room for growth, so the addresses of the DTB and the kernel have been interchanged. The documentation has been updated to reflect this change. Change-Id: Ib6eab69f047fa88561fb755397ce3a0b356c8860 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Antonio Nino Diaz authored
Add information about direct Linux kernel boot for kernels that support PSCI. Change-Id: I05f76aa36398edabf411cb25a646437af1862e6e Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Antonio Nino Diaz authored
It uses the hardware RNG in a similar way as Juno (it gets 128 bits of entropy and does xor on them). It is disabled by default. Change-Id: I8b3adb61f5a5623716e0e8b6799404c68dd94c60 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Antonio Nino Diaz authored
There is no way to boot BL31 at the addresses specified in the platform memory map unless an extra loader is used at address 0x00000000. It is better to remove it to prevent confusion. Having it enabled was a bug. Change-Id: I3229fbc080f5996cff47efce8e799bae94e0d5cb Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 13 Jul, 2018 1 commit
-
-
Antonio Nino Diaz authored
Add a new default makefile target to concatenate BL1 and the FIP and generate armstub8.bin. This way it isn't needed to do it manually. Documentation updated to reflect the changes. Change-Id: Id5b5b1b7b9f87767db63fd01180ddfea855a7207 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 12 Jul, 2018 1 commit
-
-
Ying-Chun Liu (PaulLiu) authored
Running optee_test failed because SEC_DRAM0_SIZE is too small. Previous is 2 MB. We enlarge it to 11 MB for passing the test. Also we reduce the NS_DRAM0_SIZE from 13MB to 4MB so that the whole section is still fit in 16MB. This commit also modified the document to reflect the changes we've made in code. Tested-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com> Signed-off-by: Ying-Chun Liu (PaulLiu) <paulliu@debian.org>
-
- 11 Jul, 2018 3 commits
-
-
Antonio Nino Diaz authored
Implement minimal interrupt routing functions. All interrupts are treated as non-secure interrupts to be handled by the non-secure world. Add note to the documentation about disabling FIQs qhen using OP-TEE with Linux. Change-Id: I937096542d973925e43ae946c5d0b306d0d95a94 Tested-by: Ying-Chun Liu (PaulLiu) <paul.liu@linaro.org> Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Roberto Vargas authored
Change-Id: Ie65eb779b048940cf32ed5744ff40610b3c5499d Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
-
Roberto Vargas authored
The user guide didn't contain any information about the requirements of the clang version needed by TF, which is at least 4.0. Change-Id: I1ea120aca0fb2c0950fbeaf6978c654ec277afde Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
-
- 10 Jul, 2018 1 commit
-
-
Sathees Balya authored
Change-Id: Ia7800dae52f152b2c3a3b41f1078ab7499d2f4b6 Signed-off-by: Sathees Balya <sathees.balya@arm.com>
-
- 05 Jul, 2018 2 commits
-
-
Ying-Chun Liu (PaulLiu) authored
Add paragraph for how to enable Trusted Board Boot for rpi3 Tested-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com> Signed-off-by: Ying-Chun Liu (PaulLiu) <paul.liu@linaro.org>
-
Ying-Chun Liu (PaulLiu) authored
For Trusted Board Boot we enlarge the BL1 size from 64k to 128k. Tested-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com> Signed-off-by: Ying-Chun Liu (PaulLiu) <paulliu@debian.org>
-
- 03 Jul, 2018 2 commits
-
-
Andre Przywara authored
The H6 is Allwinner's most recent SoC. It shares most peripherals with the other ARMv8 Allwinner SoCs (A64/H5), but has a completely different memory map. Introduce a separate platform target, which includes a different header file to cater for the address differences. Also add the new build target to the documentation. The new ATF platform name is "sun50i_h6". Signed-off-by: Andre Przywara <andre.przywara@arm.com>
-
Antonio Nino Diaz authored
Update documentation to reflect the current state of the library. Change-Id: Ic72f90ee322d2ebd6ea7f4296315700d6bc434e6 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 28 Jun, 2018 2 commits
-
-
Andre Przywara authored
Add two empty lines to denote the paragraphs properly and improve readability. Reported-by: Samuel Holland <samuel@sholland.org> Signed-off-by: Andre Przywara <andre.przywara@arm.com>
-
Amit Singh Tomar authored
This patch is an attempt to run Trusted OS (OP-TEE OS being one of them) along side BL31 image. ATF supports multiple SPD's that can take dispatcher name (opteed for OP-TEE OS) as an input using the 'SPD=<dispatcher name>' option during bl31 build. Signed-off-by: Amit Singh Tomar <amittomer25@gmail.com>
-
- 27 Jun, 2018 1 commit
-
-
Jeenu Viswambharan authored
Having an active stack while enabling MMU has shown coherency problems. This patch builds on top of translation library changes that introduces MMU-enabling without using stacks. Previously, with HW_ASSISTED_COHERENCY, data caches were disabled while enabling MMU only because of active stack. Now that we can enable MMU without using stack, we can enable both MMU and data caches at the same time. NOTE: Since this feature depends on using translation table library v2, disallow using translation table library v1 with HW_ASSISTED_COHERENCY. Fixes ARM-software/tf-issues#566 Change-Id: Ie55aba0c23ee9c5109eb3454cb8fa45d74f8bbb2 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
-
- 26 Jun, 2018 1 commit
-
-
Soby Mathew authored
Currenly the CNTFRQ register and system timer is initialized in BL31 for use by the normal world. During firmware update, the NS-BL1 or NS-BL2U may need to access the system timer. Hence this patch duplicates the CNTFRQ and system timer initialization in BL1 as well. Signed-off-by: Soby Mathew <soby.mathew@arm.com> Change-Id: I1ede78b4ae64080fb418cb93f3e48b26d7b724dc
-
- 23 Jun, 2018 1 commit
-
-
Amit Singh Tomar authored
This patch is an attempt to run Trusted OS (OP-TEE OS being one of them) along side BL31 image. ATF supports multiple SPD's that can take dispatcher name (opteed for OP-TEE OS) as an input using the 'SPD=<dispatcher name>' option during bl31 build. Signed-off-by: Amit Singh Tomar <amittomer25@gmail.com>
-
- 22 Jun, 2018 2 commits
-
-
John Tsichritzis authored
In the porting guide, there are blue boxes that describe the argument types and the return type of each function. A small typo caused some of these boxes not being properly rendered. In the user guide, small typos were fixed that caused random text being unintentionally rendered as bold. Also, a slight rewording was done in the section describing the DYN_DISABLE_AUTH flag. Change-Id: I57303ca609436a82162fa9b42c06b0d5a63da6df Signed-off-by: John Tsichritzis <john.tsichritzis@arm.com>
-
Antonio Nino Diaz authored
The values defined in this type are used in logical operations, which goes against MISRA Rule 10.1: "Operands shall not be of an inappropriate essential type". Now, `unsigned int` is used instead. This also allows us to move the dynamic mapping bit from 30 to 31. It was an undefined behaviour in the past because an enum is signed by default, and bit 31 corresponds to the sign bit. It is undefined behaviour to modify the sign bit. Now, bit 31 is free to use as it was originally meant to be. mmap_attr_t is now defined as an `unsigned int` for backwards compatibility. Change-Id: I6b31218c14b9c7fdabebe432de7fae6e90a97f34 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 21 Jun, 2018 3 commits
-
-
Jeenu Viswambharan authored
SDEI event dispatches currently only sets up the Non-secure context before returning to the caller. The actual dispatch only happens upon exiting EL3 next time. However, for various error handling scenarios, it's beneficial to have the dispatch happen synchronously. I.e. when receiving SDEI interrupt, or for a successful sdei_dispatch_event() call, the event handler is executed; and upon the event completion, dispatcher execution resumes after the point of dispatch. The jump primitives introduced in the earlier patch facilitates this feature. With this patch: - SDEI interrupts and calls to sdei_dispatch_event prepares the NS context for event dispatch, then sets a jump point, and immediately exits EL3. This results in the client handler executing in Non-secure. - When the SDEI client completes the dispatched event, the SDEI dispatcher does a longjmp to the jump pointer created earlier. For the caller of the sdei_dispatch_event() in particular, this would appear as if call returned successfully. The dynamic workaround for CVE_2018_3639 is slightly shifted around as part of related minor refactoring. It doesn't affect the workaround functionality. Documentation updated. NOTE: This breaks the semantics of the explicit dispatch API, and any exiting usages should be carefully reviewed. Change-Id: Ib9c876d27ea2af7fb22de49832e55a0da83da3f9 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
-
Jeenu Viswambharan authored
The current macros only allow to define dynamic and statically-bound SDEI events. However, there ought be a mechanism to define SDEI events that are explicitly dispatched; i.e., events that are dispatched as a result of a previous secure interrupt or other exception This patch introduces SDEI_EXPLICIT_EVENT() macro to define an explicit event. They must be placed under private mappings. Only the priority flags are allowed to be additionally specified. Documentation updated. Change-Id: I2e12f5571381195d6234c9dfbd5904608ad41db3 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
-
Sumit Garg authored
Add Makefile and plaform definations file. My thanks to Daniel Thompson and Ard Biesheuvel for the bits and pieces I've taken from their earlier work regarding build and deploy steps for Developerbox based on Synquacer SoCs. They deserve much of the credit for this work although, since I assembled and tested things, any blame is probably mine. Signed-off-by: Sumit Garg <sumit.garg@linaro.org> Tested-by: Daniel Thompson <daniel.thompson@linaro.org> Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
-