Skip to content

GitLab

Switch branch/tag
  1. 20 Sep, 2019 1 commit
  3. 13 Sep, 2019 2 commits
  5. 12 Sep, 2019 1 commit
    • Justin Chadwell's avatar
      Support larger RSA key sizes when using MBEDTLS · aacff749
      Justin Chadwell authored 
      

Previously, TF-A could not support large RSA key sizes as the
configuration options passed to MBEDTLS prevented storing and performing
calculations with the larger, higher-precision numbers required. With
these changes to the arguments passed to MBEDTLS, TF-A now supports
using 3072 (3K) and 4096 (4K) keys in certificates.

Change-Id: Ib73a6773145d2faa25c28d04f9a42e86f2fd555f
Signed-off-by: default avatarJustin Chadwell <justin.chadwell@arm.com>
      aacff749
  7. 05 Sep, 2019 2 commits
  9. 04 Sep, 2019 1 commit
    • Masahiro Yamada's avatar
      mbedtls: use #include <...> instead of "..." · 948a0c0d
      Masahiro Yamada authored 
      

The #include "mbedtls/check_config.h" directive first searches for
the header in the relative path to mbedtls_config.h, i.e.
include/drivers/auth/mbedtls/mbedtls/check_config.h

Obviously, it does not exist since check_config.h is located in
the mbedtls project.

It is more sensible to use #include <...> form.

Change-Id: If72a71381f84e7748a2c9f07dd1176559d9bb1d2
Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      948a0c0d
  11. 02 Sep, 2019 2 commits
  13. 19 Aug, 2019 1 commit
  15. 01 Aug, 2019 1 commit
    • Julius Werner's avatar
      Replace __ASSEMBLY__ with compiler-builtin __ASSEMBLER__ · d5dfdeb6
      Julius Werner authored 
      

NOTE: __ASSEMBLY__ macro is now deprecated in favor of __ASSEMBLER__.

All common C compilers predefine a macro called __ASSEMBLER__ when
preprocessing a .S file. There is no reason for TF-A to define it's own
__ASSEMBLY__ macro for this purpose instead. To unify code with the
export headers (which use __ASSEMBLER__ to avoid one extra dependency),
let's deprecate __ASSEMBLY__ and switch the code base over to the
predefined standard.

Change-Id: Id7d0ec8cf330195da80499c68562b65cb5ab7417
Signed-off-by: default avatarJulius Werner <jwerner@chromium.org>
      d5dfdeb6
  17. 25 Jul, 2019 2 commits
    • Gilad Ben-Yossef's avatar
      cryptocell: add product version awareness support · 76f3c7dc
      Gilad Ben-Yossef authored 
      

Add support for multiple Cryptocell revisions which
use different APIs.

This commit only refactors the existing code in preperation to the addition
of another Cryptocell revisions later on.
Signed-off-by: default avatarGilad Ben-Yossef <gilad.benyossef@arm.com>
Change-Id: I16d80b31afb6edd56dc645fee5ea619cc74f09b6
      76f3c7dc
    • Gilad Ben-Yossef's avatar
      cryptocell: move Cryptocell specific API into driver · 36ec2bb0
      Gilad Ben-Yossef authored 
      

Code using Cryptocell specific APIs was used as part of the
arm common board ROT support, instead of being abstracted
in Cryptocell specific driver code, creating two problems:
- Any none arm board that uses Cryptocell wuld need to
  copy and paste the same code.
- Inability to cleanly support multiple versions of Cryptocell
  API and products.

Move over Cryptocell specific API calls into the Cryptocell
driver, creating abstraction API where needed.
Signed-off-by: default avatarGilad Ben-Yossef <gilad.benyossef@arm.com>
Change-Id: I9e03ddce90fcc47cfdc747098bece86dbd11c58e
      36ec2bb0
  19. 24 Jul, 2019 1 commit
    • Julius Werner's avatar
      Factor out cross-BL API into export headers suitable for 3rd party code · 57bf6057
      Julius Werner authored 
      

This patch adds a new include/export/ directory meant for inclusion in
third-party code. This is useful for cases where third-party code needs
to interact with TF-A interfaces and data structures (such as a custom
BL2-implementation like coreboot handing off to BL31). Directly
including headers from the TF-A repository avoids having to duplicate
all these definitions (and risk them going stale), but with the current
header structure this is not possible because handoff API definitions
are too deeply intertwined with other TF code/headers and chain-include
other headers that will not be available in the other environment.

The new approach aims to solve this by separating only the parts that
are really needed into these special headers that are self-contained and
will not chain-include other (non-export) headers. TF-A code should
never include them directly but should instead always include the
respective wrapper header, which will include the required prerequisites
(like <stdint.h>) before including the export header. Third-party code
can include the export headers via its own wrappers that make sure the
necessary definitions are available in whatever way that environment can
provide them.

Change-Id: Ifd769320ba51371439a8e5dd5b79c2516c3b43ab
Signed-off-by: default avatarJulius Werner <jwerner@chromium.org>
      57bf6057
  21. 12 Jul, 2019 1 commit
  23. 28 Jun, 2019 1 commit
  25. 17 Jun, 2019 2 commits
    • Yann Gautier's avatar
      clk: stm32mp1: use defines for mask values in stm32mp1_clk_sel array · d4151d2f
      Yann Gautier authored 
      

Rework the macro that eases the table definition: the src and msk fields
are now using MASK and SHIFT defines of each source register.
Some macros had then to be modified: _USART1_SEL, _ASS_SEL and _MSS_SEL to
_UART1_SEL, _AXIS_SEL, and _MCUS_SEL to match register fields.

Note: the mask for RCC_ASSCKSELR_AXISSRC is changed from 0x3 to 0x7
to reflect the size of the register field, even if there are only
3 possible clock sources.

The mask value is also corrected for QSPI and FMC clock selection.

Change-Id: I44114e3c1dd37b9fa1be1ba519611abd9a07764c
Signed-off-by: default avatarYann Gautier <yann.gautier@st.com>
Signed-off-by: default avatarEtienne Carriere <etienne.carriere@st.com>
      d4151d2f
    • Yann Gautier's avatar
      clk: stm32mp1: move oscillator functions to generic file · f66358af
      Yann Gautier authored 
      

Those functions are generic for parsing nodes from device tree
hence could be located in generic source file.

The oscillators description structure is also moved to STM32MP1 clock
driver, as it is no more used in stm32mp1_clkfunc and cannot be in a
generic file.

Change-Id: I93ba74f4eea916440fef9b160d306af1b39f17c6
Signed-off-by: default avatarYann Gautier <yann.gautier@st.com>
      f66358af
  27. 13 Jun, 2019 2 commits
    • Marek Vasut's avatar
      rcar_gen3: console: Convert to multi-console API · 018358fc
      Marek Vasut authored 
      

Convert the R-Car Gen3 platform and both SCIF and Log drivers
to multi-console API.
Signed-off-by: default avatarMarek Vasut <marek.vasut+renesas@gmail.com>
Change-Id: I18556973937d150b60453f9150d54ee612571e35
      018358fc
    • Sandrine Bailleux's avatar
      Fix type of cot_desc_ptr · 2efb7ddc
      Sandrine Bailleux authored 
      

The chain of trust description and the pointer pointing to its first
element were incompatible, thus requiring an explicit type cast for
the assignment.

- cot_desc was an array of
  const pointers to const image descriptors.

- cot_desc_ptr was a const pointer to
  (non-constant) pointers to const image descriptors.

Thus, trying to assign cot_desc to cot_desc_ptr (with no cast) would
generate the following compiler warning:

drivers/auth/tbbr/tbbr_cot.c:826:14: warning: initialization discards
  ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers]
 REGISTER_COT(cot_desc);
              ^~~~~~~~

Change-Id: Iae62dd1bdb43fe379e3843d96461d47cc2f68a06
Signed-off-by: default avatarSandrine Bailleux <sandrine.bailleux@arm.com>
      2efb7ddc
  29. 10 May, 2019 1 commit
    • Alexei Fedorov's avatar
      SMMUv3: Abort DMA transactions · 1461ad9f
      Alexei Fedorov authored 
      

For security DMA should be blocked at the SMMU by default
unless explicitly enabled for a device. SMMU is disabled
after reset with all streams bypassing the SMMU, and
abortion of all incoming transactions implements a default
deny policy on reset.
This patch also moves "bl1_platform_setup()" function from
arm_bl1_setup.c to FVP platforms' fvp_bl1_setup.c and
fvp_ve_bl1_setup.c files.

Change-Id: Ie0ffedc10219b1b884eb8af625bd4b6753749b1a
Signed-off-by: default avatarAlexei Fedorov <Alexei.Fedorov@arm.com>
      1461ad9f
  31. 03 May, 2019 1 commit
    • Alexei Fedorov's avatar
      SMMUv3: refactor the driver code · ccd4d475
      Alexei Fedorov authored 
      

This patch is a preparation for the subsequent changes in
SMMUv3 driver. It introduces a new "smmuv3_poll" function
and replaces inline functions for accessing SMMU registers
with mmio read/write operations. Also the infinite loop
for the poll has been replaced with a counter based timeout.

Change-Id: I7a0547beb1509601f253e126b1a7a6ab3b0307e7
Signed-off-by: default avatarAlexei Fedorov <Alexei.Fedorov@arm.com>
      ccd4d475
  33. 17 Apr, 2019 1 commit
  35. 08 Apr, 2019 2 commits
    • Joel Hutton's avatar
      cot-desc: optimise memory further · 30070427
      Joel Hutton authored 
      

This changes the auth_img_desc_t struct to have pointers to struct
arrays instead of struct arrays. This saves memory as many of these
were never used, and can be NULL pointers. Note the memory savings are
only when these arrays are not initialised, as it is assumed these
arrays are fixed length. A possible future optimisation could allow for
variable length.

memory diff:
bl1:        bl2:
    text        text
      -12         -12
    bss         bss
      -1463       0
    data        data
      -56         -48
    rodata      rodata
      -5688       -2592
    total       total
      -7419       -2652

Change-Id: I8f9bdedf75048b8867f40c56381e3a6dc6402bcc
Signed-off-by: default avatarJoel Hutton <Joel.Hutton@Arm.com>
      30070427
    • Joel Hutton's avatar
      Reduce memory needed for CoT description · 0b6377d1
      Joel Hutton authored 
      

When Trusted Board Boot is enabled, we need to specify the Chain of
Trust (CoT) of the BL1 and BL2 images. A CoT consists of an array
of image descriptors. The authentication module assumes that each
image descriptor in this array is indexed by its unique image
identifier. For example, the Trusted Boot Firmware Certificate has to
be at index [TRUSTED_BOOT_FW_CERT_ID].

Unique image identifiers may not necessarily be consecutive. Also,
a given BL image might not use all image descriptors. For example, BL1
does not need any of the descriptors related to BL31. As a result, the
CoT array might contain holes, which unnecessarily takes up space in
the BL binary.

Using pointers to auth_img_desc_t structs (rather than structs
themselves) means these unused elements only use 1 pointer worth of
space, rather than one struct worth of space. This patch also changes
the code which accesses this array to reflect the change to pointers.

Image descriptors not needed in BL1 or BL2 respectively are also
ifdef'd out in this patch. For example, verifying the BL31 image is
the responsibility of BL2 so BL1 does not need any of the data
structures describing BL31.

memory diff:
bl1:        bl2:
    text        text
      -20         -20
    bss         bss
      -1463       0
    data        data
      -256        -48
    rodata      rodata
      -5240       -1952
    total       total
      -6979       -2020

Change-Id: I163668b174dc2b9bbb183acec817f2126864aaad
Signed-off-by: default avatarJoel Hutton <Joel.Hutton@Arm.com>
      0b6377d1
  37. 03 Apr, 2019 1 commit
  39. 02 Apr, 2019 1 commit
  41. 01 Apr, 2019 1 commit
    • Ambroise Vincent's avatar
      Remove several warnings reported with W=1 · 609e053c
      Ambroise Vincent authored 
      

Improved support for W=1 compilation flag by solving missing-prototypes
and old-style-definition warnings.

The libraries are compiling with warnings (which turn into errors with
the Werror flag).

Outside of libraries, some warnings cannot be fixed without heavy
structural changes.

Change-Id: I1668cf99123ac4195c2a6a1d48945f7a64c67f16
Signed-off-by: default avatarAmbroise Vincent <ambroise.vincent@arm.com>
      609e053c
  43. 13 Mar, 2019 1 commit
  45. 12 Mar, 2019 2 commits
    • Paul Beesley's avatar
      drivers: Remove TODO from io_storage · 9a2fffb8
      Paul Beesley authored 
      

This TODO was added five years ago so I assume that there is not
going to be a shutdown API added after all.

Change-Id: If0f4e2066454df773bd9bf41ed65d3a10248a2d3
Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      9a2fffb8
    • Tien Hock, Loh's avatar
      drivers: synopsys: Fix synopsys MMC driver · 3d0f30bb
      Tien Hock, Loh authored 
      

There are some issues with synopsys MMC driver:
- CMD8 should not expect data (for SD)
- ACMD51 should expect data (Send SCR for SD)
- dw_prepare should not dictate size to be MMC_BLOCK_SIZE, block size is
now handled in the dw_prepare function
- after the CMD completes, when doing dw_read, we need to invalidate cache
and wait for the data transfer to complete
- Need to set FIFO threshold, otherwise DMA might never get the interrupt
to read or write
Signed-off-by: default avatarTien Hock, Loh <tien.hock.loh@intel.com>
      3d0f30bb
  47. 07 Mar, 2019 1 commit
    • Tien Hock, Loh's avatar
      drivers: mmc: Fix some issues with MMC stack · a468e756
      Tien Hock, Loh authored 
      

Some bugs in MMC stack needs to be fixed:
- scr cannot be local as this will cause cache issue when invalidating
after the read DMA transfer is completed
- ACMD41 needs to send voltage information in initialization, otherwise the
command is a query, thus will not initialize the controller
- when checking device state, retry until the retries counter goes to zero
before failing
Signed-off-by: default avatarTien Hock, Loh <tien.hock.loh@intel.com>
      a468e756
  49. 26 Feb, 2019 1 commit
    • Ying-Chun Liu (PaulLiu)'s avatar
      rpi3: sdhost: SDHost driver improvement · 2c8ef2ae
      Ying-Chun Liu (PaulLiu) authored 
      

This commit improves the SDHost driver for RPi3 as following:
 * Unblock MMC_CMD(17). Using MMC_CMD(17) is more efficient on
   block reading.
 * In some low probability that SEND_OP_COND might results CRC7
   error. We can consider that the command runs correctly. We don't
   need to retry this command so removing the code for retry.
 * Using MMC_BUS_WIDTH_1 as MMC default value to improve the stability.
 * Increase the clock to 50Mhz in data mode to speed up the io.
 * Change the pull resistors configuration to gain more stability.
Signed-off-by: default avatarYing-Chun Liu (PaulLiu) <paulliu@debian.org>
      2c8ef2ae
  51. 20 Feb, 2019 1 commit
  53. 14 Feb, 2019 6 commits