- 24 Mar, 2021 26 commits
-
-
Pankaj Gupta authored
Signed-off-by:Pankaj Gupta <pankaj.gupta@nxp.com> Change-Id: Ic6c3a173f9f1f7b85244fc4484e247fdbb438b9c
-
Pankaj Gupta authored
NXP tool to create pbl from bl2 binary: - RCW is prepended to BL2.bin - If TRUSTED_BOARD_BOOT=1, pre-append the CSF header to be understood by NXP boot-rom. Signed-off-by: -
Pankaj Gupta authored
NXP SMMU driver API for NXP SoC. - Currently it supports by-passing SMMU, called only when NXP CAAM is enabled. - (TBD) AMQ based SMMU access control: Access Management Qualifiers (AMQ) advertised by a bus master for a given transaction. Signed-off-by: -
Pankaj Gupta authored
Chain of trust(CoT) is enabled on NXP SoC in two ways: - Using MbedTLS, parsing X509 Certificates. - Using NXP internal method parsing CSF header Signed-off-by:
Ruchika Gupta <ruchika.gupta@nxp.com> Signed-off-by:
-
Pankaj Gupta authored
NXP has hardware crypto accelerator called CAAM. - Work with Job ring - Jobs are submitted to CAAM in the form of 64 word descriptor. Signed-off-by:
-
Pankaj Gupta authored
SD & eMMC driver support for NXP SoC. Signed-off-by:
-
Pankaj Gupta authored
NXP QuadSPI driver support NXP SoC. - Supporting QSPI flash Signed-off-by: -
Kuldeep Singh authored
Flexspi driver now introduces read/write/erase APIs for complete flash size, FAST-READ are by default used and IP bus is used for erase, read and write using flexspi APIs. Framework layer is currently embedded in driver itself using flash_info defines. Test cases are also added to confirm flash functionality currently under DEBUG flag. Signed-off-by:
Ashish Kumar <Ashish.Kumar@nxp.com> Signed-off-by:
Kuldeep Singh <kuldeep.singh@nxp.com> Change-Id: I755c0f763f6297a35cad6885f84640de50f51bb0
-
Pankaj Gupta authored
GIC api used by NXP SoC is based on: - arm provided drivers: /drivers/arm/gic Signed-off-by: -
Pankaj Gupta authored
NXP General Purpose Input/Output driver support for NXP platforms. Signed-off-by: -
Pankaj Gupta authored
NXP Central Security Unit(CSU) for NXP SoC. CSU is used for: - Access permissions for peripheral that donot have their own access control. - Locking of individual CSU settings until the next POR - General purpose security related control bits Refer NXP SoC manuals fro more details. Signed-off-by: -
Pankaj Gupta authored
Driver for NXP IP for Power Management Unit. Signed-off-by: -
Pankaj Gupta authored
DDR driver for NXP layerscape SoC(s): - lx2160aqds - lx2162aqds - lx2160ardb - Other Board with SoC(s) like ls1046a, ls1043a etc; -- These other boards are not verified yet. Signed-off-by:
Rajesh Bhagat <rajesh.bhagat@nxp.com> Signed-off-by:
York Sun <york.sun@nxp.com> Signed-off-by:
Udit Agarwal <udit.agarwal@nxp.com> Signed-off-by:
-
Pankaj Gupta authored
NXP I2C driver support for NXP SoC(s). Signed-off-by:
-
Pankaj Gupta authored
NXP Security Monitor IP provides hardware anchored - current security state of the SoC. - Tamper detect etc. Signed-off-by:
-
Pankaj Gupta authored
NXP Security Fuse Processor is used to read and write fuses. - Fuses once written, are cannot be un-done. - Used as trust anchor for monotonic counter, different platform keys etc. Signed-off-by:
-
Pankaj Gupta authored
CCN API(s) to be used NXP SoC(s) are added. These API(s) based on ARM CCN driver - driver/arm/ccn CCI API(s) to be used NXP SoC(s) are added. These API(s) based on ARM CCI driver - driver/arm/cci Signed-off-by: -
Pankaj Gupta authored
NXP TZC-400 API(s) to configure ddr regions are based on: - drivers/arm/tzc Signed-off-by: -
Pankaj Gupta authored
NXP Timer Apis are based on: - drivers/delay_timer Signed-off-by: -
Pankaj Gupta authored
NXP SoC needs Device Configuration driver to fetch the current SoC configuration. Signed-off-by: -
Pankaj Gupta authored
NXP SoCs, supports two types of UART controller: - PL011 - using ARM drivers sources - 16550 - using TI drivers source Signed-off-by: -
Pankaj Gupta authored
Generic framework is added to include platform defined UUID. This framework is added for the following: - All NXP SoC based platforms needed additional fip-fuse.bin - NXP SoC lx2160a based platforms requires additional fip-ddr.bin Signed-off-by: -
Pankaj Gupta authored
Conditional definition for the macro MAX_NUMBER_IDS. This will allow to update this definition by the platform specific implementation. Since, NXP SoC lx2160a based platforms requires additional FIP DDR to be loaded before initializing the DDR. It requires addition of defines for DDR image IDs. A dedicated header plat_tbbr_img_def.h is added to the platform folder - plat/nxp/common/include/default/ Inclusion of this header file will depend on the compile time flag PLAT_TBBR_IMG_DEF. Signed-off-by: -
Pankaj Gupta authored
Incorrect value is picked for TF_MBEDTLS_USE_RSA defination, even if the TF_MBEDTLS_RSA is enabled. Due to which PK_DER_LEN is defined incorrectly. Signed-off-by: -
Pankaj Gupta authored
Changes to 'tools/cert_create' folder, to include platform defined certificates, keys, and extensions. NXP SoC lx2160a : based platforms requires additional FIP DDR to be loaded before initializing the DDR. To enable chain of trust on these platforms, FIP DDR image needs to be authenticated, additionally. Platform specific folder 'tools/nxp/cert_create_helper' is added to support platform specific macros and definitions. Signed-off-by: -
Pankaj Gupta authored
Platforms, which requires additional images to be verified using TBBR; such that their key certificate is tied to TRUSTED_KEY_CERT. For such platforms, if make commands runs twice: - Once with targets as bl2 & fip.bin, and - Again to build the target as the additional image. then, if path to the TRUSTED_KEY_CERT varies in the makefile with make-target of the additional image, then there would be two location where "trusted_key.crt" will be created. This patch helps overriding the TRUSTED_KEY_CERT from any .mk in the platform's makefile structure. Signed-off-by:
-
- 23 Mar, 2021 3 commits
-
-
André Przywara authored
-
Andre Przywara authored
The devicetree binding document[1] for the /reserved-memory node demands that the number of address and size-cells in the reserved-memory node must match those values in the root node. So far we were forcing a 64-bit address along with a 32-bit size. Adjust the code to query the cells values from the root node, and populate the newly created /reserved-memory node accordingly. This fixes the fdt_add_reserved_memory() function when called on a devicetree which does not use the 2/1 pair. Linux is picky about this and will bail out the parsing routine, effectively ignoring the reserved-memory node: [ 0.000000] OF: fdt: Reserved memory: unsupported node format, ignoring [1] Documentation/devicetree/bindings/reserved-memory/reserved-memory.txt in the Linux kernel source tree Change-Id: Ie126ebab4f3fedd48e12c9ed4bd8fa123acc86d3 Signed-off-by:Andre Przywara <andre.przywara@arm.com>
-
Olivier Deprez authored
-
- 19 Mar, 2021 3 commits
-
-
Madhukar Pappireddy authored
-
Tejas Patel authored
BIT24 of IPI command header is used to determine if caller is secure or non-secure. Mark BIT24 of IPI command header as non-secure if SMC caller is non-secure. Signed-off-by:
Tejas Patel <tejas.patel@xilinx.com> Signed-off-by:
Abhyuday Godhasara <abhyuday.godhasara@xilinx.com> Change-Id: Iec25af8f4b202093f58e858ee47cd9cd46890267
-
J-Alves authored
FF-A specification states that error codes should be typed int32_t. SPMD's uses uint64_t for return values, which if assigned with a signed type would have sign extension, and change the size of the return from 32-bit to 64-bit. Signed-off-by:J-Alves <joao.alves@arm.com> Change-Id: I288ab2ffec8330a2fe1f21df14e22c34bd83ced3
-
- 18 Mar, 2021 7 commits
-
-
Madhukar Pappireddy authored
Merge "Bug fix in tspd interrupt handling when TSP_NS_INTR_ASYNC_PREEMPT is enabled" into integration
-
Madhukar Pappireddy authored
-
Madhukar Pappireddy authored
-
Madhukar Pappireddy authored
Typically, interrupts for a specific security state get handled in the same security execption level if the execution is in the same security state. For example, if a non-secure interrupt gets fired when CPU is executing in NS-EL2 it gets handled in the non-secure world. However, interrupts belonging to the opposite security state typically demand a world(context) switch. This is inline with the security principle which states a secure interrupt has to be handled in the secure world. Hence, the TSPD in EL3 expects the context(handle) for a secure interrupt to be non-secure and vice versa. The function "tspd_sel1_interrupt_handler" is the handler registered for S-EL1 interrupts by the TSPD. Based on the above assumption, it provides an assertion to validate if the interrupt originated from non-secure world and upon success arranges entry into the TSP at 'tsp_sel1_intr_entry' for handling the interrupt. However, a race condition between non-secure and secure interrupts can lead to a scenario where the above assumptions do not hold true and further leading to following assert fail. This patch fixes the bug which causes this assert fail: ASSERT: services/spd/tspd/tspd_main.c:105 BACKTRACE: START: assert 0: EL3: 0x400c128 1: EL3: 0x400faf8 2: EL3: 0x40099a4 3: EL3: 0x4010d54 BACKTRACE: END: assert Change-Id: I359d30fb5dbb1429a4a3c3fff37fdc64c07e9414 Signed-off-by:Madhukar Pappireddy <madhukar.pappireddy@arm.com>
-
Madhukar Pappireddy authored
-
Tomas Pilar authored
The UEFI specification details the represenatation for the EFI_GUID type. Add this representation to the uuid_helper_t union type so that GUID definitions can be shared verbatim between UEFI and TF-A header files. Change-Id: Ie44ac141f70dd0025e186581d26dce1c1c29fce6 Signed-off-by:Tomas Pilar <tomas@nuviainc.com>
-
Madhukar Pappireddy authored
-
- 17 Mar, 2021 1 commit
-
-
Sandrine Bailleux authored
-
