1. 02 Nov, 2015 2 commits
    • Sandrine Bailleux's avatar
      Improve display_boot_progress() function · ee5c2b13
      Sandrine Bailleux authored
       - Remove out-dated information about the use of printf() in the
         function comment.
      
       - Make the argument const, as the function doesn't need to modify it.
      
       - Rename the function into bl1_print_bl31_ep_info() to make its
         purpose clearer.
      
      Change-Id: I2a9d215a37f0ec11aefce0c5c9e050473b7a6b25
      ee5c2b13
    • Sandrine Bailleux's avatar
      Introduce print_entry_point_info() function · 68a68c92
      Sandrine Bailleux authored
      This patch introduces a new function called 'print_entry_point_info'
      that prints an entry_point_t structure for debugging purposes.
      As such, it can be used to display the entry point address, SPSR and
      arguments passed from a firmware image to the next one.
      
      This function is now called in the following images transitions:
       - BL1 to BL2
       - BL1 to BL31
       - BL31 to the next image (typically BL32 or BL33)
      
      The following changes have been introduced:
      
       - Fix the output format of the SPSR value : SPSR is a 32-bit value,
         not a 64-bit one.
      
       - Print all arguments values.
         The entry_point_info_t structure allows to pass up to 8 arguments.
         In most cases, only the first 2 arguments were printed.
         print_entry_point_info() now prints all of them as 'VERBOSE'
         traces.
      
      Change-Id: Ieb384bffaa7849e6cb95a01a47c0b7fc2308653a
      68a68c92
  2. 28 Oct, 2015 1 commit
    • Juan Castillo's avatar
      Add optional platform error handler API · 40fc6cd1
      Juan Castillo authored
      This patch adds an optional API to the platform port:
      
          void plat_error_handler(int err) __dead2;
      
      The platform error handler is called when there is a specific error
      condition after which Trusted Firmware cannot continue. While panic()
      simply prints the crash report (if enabled) and spins, the platform
      error handler can be used to hand control over to the platform port
      so it can perform specific bookeeping or post-error actions (for
      example, reset the system). This function must not return.
      
      The parameter indicates the type of error using standard codes from
      errno.h. Possible errors reported by the generic code are:
      
          -EAUTH  : a certificate or image could not be authenticated
                    (when Trusted Board Boot is enabled)
          -ENOENT : the requested image or certificate could not be found
                    or an IO error was detected
          -ENOMEM : resources exhausted. Trusted Firmware does not use
                    dynamic memory, so this error is usually an indication
                    of an incorrect array size
      
      A default weak implementation of this function has been provided.
      It simply implements an infinite loop.
      
      Change-Id: Iffaf9eee82d037da6caa43b3aed51df555e597a3
      40fc6cd1
  3. 02 Sep, 2015 1 commit
    • Vikram Kanigiri's avatar
      Ensure BL2 security state is secure · a2f8b166
      Vikram Kanigiri authored
      BL2 loads secure runtime code(BL3-1, BL3-2) and hence it has to
      run in secure world otherwise BL3-1/BL3-2 have to execute from
      non-secure memory. Hence, This patch removes the change_security_state()
      call in bl1_run_bl2() and replaces it with an assert to confirm
      the BL2 as secure.
      
      Fixes ARM-software/tf-issues#314
      
      Change-Id: I611b83f5c4090e58a76a2e950b0d797b46df3c29
      a2f8b166
  4. 25 Jun, 2015 2 commits
    • Juan Castillo's avatar
      TBB: switch to the new authentication framework · 1779ba6b
      Juan Castillo authored
      This patch modifies the Trusted Board Boot implementation to use
      the new authentication framework, making use of the authentication
      module, the cryto module and the image parser module to
      authenticate the images in the Chain of Trust.
      
      A new function 'load_auth_image()' has been implemented. When TBB
      is enabled, this function will call the authentication module to
      authenticate parent images following the CoT up to the root of
      trust to finally load and authenticate the requested image.
      
      The platform is responsible for picking up the right makefiles to
      build the corresponding cryptographic and image parser libraries.
      ARM platforms use the mbedTLS based libraries.
      
      The platform may also specify what key algorithm should be used
      to sign the certificates. This is done by declaring the 'KEY_ALG'
      variable in the platform makefile. FVP and Juno use ECDSA keys.
      
      On ARM platforms, BL2 and BL1-RW regions have been increased 4KB
      each to accommodate the ECDSA code.
      
      REMOVED BUILD OPTIONS:
      
        * 'AUTH_MOD'
      
      Change-Id: I47d436589fc213a39edf5f5297bbd955f15ae867
      1779ba6b
    • Juan Castillo's avatar
      Use numbers to identify images instead of names · 16948ae1
      Juan Castillo authored
      The Trusted firmware code identifies BL images by name. The platform
      port defines a name for each image e.g. the IO framework uses this
      mechanism in the platform function plat_get_image_source(). For
      a given image name, it returns the handle to the image file which
      involves comparing images names. In addition, if the image is
      packaged in a FIP, a name comparison is required to find the UUID
      for the image. This method is not optimal.
      
      This patch changes the interface between the generic and platform
      code with regard to identifying images. The platform port must now
      allocate a unique number (ID) for every image. The generic code will
      use the image ID instead of the name to access its attributes.
      
      As a result, the plat_get_image_source() function now takes an image
      ID as an input parameter. The organisation of data structures within
      the IO framework has been rationalised to use an image ID as an index
      into an array which contains attributes of the image such as UUID and
      name. This prevents the name comparisons.
      
      A new type 'io_uuid_spec_t' has been introduced in the IO framework
      to specify images identified by UUID (i.e. when the image is contained
      in a FIP file). There is no longer need to maintain a look-up table
      [iname_name --> uuid] in the io_fip driver code.
      
      Because image names are no longer mandatory in the platform port, the
      debug messages in the generic code will show the image identifier
      instead of the file name. The platforms that support semihosting to
      load images (i.e. FVP) must provide the file names as definitions
      private to the platform.
      
      The ARM platform ports and documentation have been updated accordingly.
      All ARM platforms reuse the image IDs defined in the platform common
      code. These IDs will be used to access other attributes of an image in
      subsequent patches.
      
      IMPORTANT: applying this patch breaks compatibility for platforms that
      use TF BL1 or BL2 images or the image loading code. The platform port
      must be updated to match the new interface.
      
      Change-Id: I9c1b04cb1a0684c6ee65dee66146dd6731751ea5
      16948ae1
  5. 19 Jun, 2015 1 commit
    • Andrew Thoelke's avatar
      Fix incorrect assertions in bl1_main() · 354ab57d
      Andrew Thoelke authored
      The validation of the caching enable state in bl1_main() was
      incorrect resulting in the state not being checked. Using the right
      operator fixes this.
      
      Change-Id: I2a99478f420281a1dcdf365d3d4fd8394cd21b51
      354ab57d
  6. 27 Apr, 2015 1 commit
    • Dan Handley's avatar
      Remove use of PLATFORM_CACHE_LINE_SIZE · ce4c820d
      Dan Handley authored
      The required platform constant PLATFORM_CACHE_LINE_SIZE is
      unnecessary since CACHE_WRITEBACK_GRANULE effectively provides the
      same information. CACHE_WRITEBACK_GRANULE is preferred since this
      is an architecturally defined term and allows comparison with the
      corresponding hardware register value.
      
      Replace all usage of PLATFORM_CACHE_LINE_SIZE with
      CACHE_WRITEBACK_GRANULE.
      
      Also, add a runtime assert in BL1 to check that the provided
      CACHE_WRITEBACK_GRANULE matches the value provided in CTR_EL0.
      
      Change-Id: If87286be78068424217b9f3689be358356500dcd
      ce4c820d
  7. 28 Jan, 2015 1 commit
    • Juan Castillo's avatar
      TBB: authenticate BL2 image and certificate · 01df3c14
      Juan Castillo authored
      This patch adds support to authenticate the BL2 content certificate
      and image using the authentication module in BL1.
      
      The FIP driver has been extended to include the BL2 certificate
      UUID.
      
      FVP and Juno ports include the BL2 certificate FIP file
      definition.
      
      Change-Id: I32680e9bd123c8db4a4193c14448c9b32b0e9325
      01df3c14
  8. 12 Aug, 2014 1 commit
    • Dan Handley's avatar
      Rationalize console log output · 6ad2e461
      Dan Handley authored
      Fix the following issues with the console log output:
      
      * Make sure the welcome string is the first thing in the log output
      (during normal boot).
      * Prefix each message with the BL image name so it's clear which
      BL the output is coming from.
      * Ensure all output is wrapped in one of the log output macros so it can
      be easily compiled out if necessary. Change some of the INFO() messages
      to VERBOSE(), especially in the TSP.
      * Create some extra NOTICE() and INFO() messages during cold boot.
      * Remove all usage of \r in log output.
      
      Fixes ARM-software/tf-issues#231
      
      Change-Id: Ib24f7acb36ce64bbba549f204b9cde2dbb46c8a3
      6ad2e461
  9. 25 Jul, 2014 2 commits
    • Juan Castillo's avatar
      Add support for printing version at runtime · aaa3e722
      Juan Castillo authored
      Print out Trusted Firmware version at runtime at each BL stage.
      Message consists of TF version as defined statically in the Makefile
      (e.g. v0.4), build mode (debug|release) and a customizable build
      string:
      
        1. By defining BUILD_STRING in command line when building TF
        2. Default string is git commit ID
        3. Empty if git meta-data is not available
      
      Fixes ARM-software/tf-issues#203
      
      Change-Id: I5c5ba438f66ab68810427d76b49c5b9177a957d6
      aaa3e722
    • Soby Mathew's avatar
      Implement a leaner printf for Trusted Firmware · b79af934
      Soby Mathew authored
      This patch implements a "tf_printf" which supports only the commonly
      used format specifiers in Trusted Firmware, which uses a lot less
      stack space than the stdlib printf function.
      
      Fixes ARM-software/tf-issues#116
      
      Change-Id: I7dfa1944f4c1e634b3e2d571f49afe02d109a351
      b79af934
  10. 01 Jul, 2014 1 commit
    • Sandrine Bailleux's avatar
      Remove concept of top/bottom image loading · 8f55dfb4
      Sandrine Bailleux authored
      This concept is no longer required since we now support loading of
      images at fixed addresses only.
      
      The image loader now automatically detects the position of the image
      inside the current memory layout and updates the layout such that
      memory fragmentation is minimised.
      
      The 'attr' field of the meminfo data structure, which used to hold
      the bottom/top loading information, has been removed. Also the 'next'
      field has been removed as it wasn't used anywhere.
      
      The 'init_bl2_mem_layout()' function has been moved out of common
      code and put in BL1-specific code. It has also been renamed into
      'bl1_init_bl2_mem_layout'.
      
      Fixes ARM-software/tf-issues#109
      
      Change-Id: I3f54642ce7b763d5ee3b047ad0ab59eabbcf916d
      8f55dfb4
  11. 23 May, 2014 2 commits
    • Dan Handley's avatar
      Move BL porting functions into platform.h · dec5e0d1
      Dan Handley authored
      Some platform porting functions were in BL specific header files.
      These have been moved to platform.h so that all porting functions
      are in the same place. The functions are now grouped by BL.
      Obsolete BL headers files have been removed.
      
      Also, the weak declaration of the init_bl2_mem_layout() function
      has been moved out the header file and into the source file
      (bl_common.c) using the more succinct #pragma syntax. This
      mitigates the risk of 2 weak definitions being created and the
      wrong one being picked up by the compiler.
      
      Change-Id: Ib19934939fd755f3e5a5a5bceec88da684308a83
      dec5e0d1
    • Dan Handley's avatar
      Split platform.h into separate headers · 5f0cdb05
      Dan Handley authored
      Previously, platform.h contained many declarations and definitions
      used for different purposes. This file has been split so that:
      
      * Platform definitions used by common code that must be defined
        by the platform are now in platform_def.h. The exact include
        path is exported through $PLAT_INCLUDES in the platform makefile.
      
      * Platform definitions specific to the FVP platform are now in
        /plat/fvp/fvp_def.h.
      
      * Platform API declarations specific to the FVP platform are now
        in /plat/fvp/fvp_private.h.
      
      * The remaining platform API declarations that must be ported by
        each platform are still in platform.h but this file has been
        moved to /include/plat/common since this can be shared by all
        platforms.
      
      Change-Id: Ieb3bb22fbab3ee8027413c6b39a783534aee474a
      5f0cdb05
  12. 22 May, 2014 3 commits
    • Vikram Kanigiri's avatar
      Populate BL31 input parameters as per new spec · 4112bfa0
      Vikram Kanigiri authored
      This patch is based on spec published at
      https://github.com/ARM-software/tf-issues/issues/133
      
      It rearranges the bl31_args struct into
      bl31_params and bl31_plat_params which provide the
      information needed for Trusted firmware and platform
      specific data via x0 and x1
      
      On the FVP platform BL3-1 params and BL3-1 plat params
      and its constituents are stored at the start of TZDRAM.
      
      The information about memory availability and size for
      BL3-1, BL3-2 and BL3-3 is moved into platform specific data.
      
      Change-Id: I8b32057a3d0dd3968ea26c2541a0714177820da9
      4112bfa0
    • Vikram Kanigiri's avatar
      Rework handover interface between BL stages · 29fb905d
      Vikram Kanigiri authored
      This patch reworks the handover interface from: BL1 to BL2 and
      BL2 to BL3-1. It removes the raise_el(), change_el(), drop_el()
      and run_image() functions as they catered for code paths that were
      never exercised.
      BL1 calls bl1_run_bl2() to jump into BL2 instead of doing the same
      by calling run_image(). Similarly, BL2 issues the SMC to transfer
      execution to BL3-1 through BL1 directly. Only x0 and x1 are used
      to pass arguments to BL31. These arguments and parameters for
      running BL3-1 are passed through a reference to a
      'el_change_info_t' structure. They were being passed value in
      general purpose registers earlier.
      
      Change-Id: Id4fd019a19a9595de063766d4a66295a2c9307e1
      29fb905d
    • Vikram Kanigiri's avatar
      Introduce macros to manipulate the SPSR · 23ff9baa
      Vikram Kanigiri authored
      This patch introduces macros (SPSR_64 and SPSR_32) to
      create a SPSR for both aarch32 and aarch64 execution
      states. These macros allow the user to set fields
      in the SPSR depending upon its format.
      The make_spsr() function which did not allow
      manipulation of all the fields in the aarch32 SPSR
      has been replaced by these new macros.
      
      Change-Id: I9425dda0923e8d5f03d03ddb8fa0e28392c4c61e
      23ff9baa
  13. 06 May, 2014 3 commits
    • Dan Handley's avatar
      Reduce deep nesting of header files · 97043ac9
      Dan Handley authored
      Reduce the number of header files included from other header
      files as much as possible without splitting the files. Use forward
      declarations where possible. This allows removal of some unnecessary
      "#ifndef __ASSEMBLY__" statements.
      
      Also, review the .c and .S files for which header files really need
      including and reorder the #include statements alphabetically.
      
      Fixes ARM-software/tf-issues#31
      
      Change-Id: Iec92fb976334c77453e010b60bcf56f3be72bd3e
      97043ac9
    • Dan Handley's avatar
      Always use named structs in header files · fb037bfb
      Dan Handley authored
      Add tag names to all unnamed structs in header files. This
      allows forward declaration of structs, which is necessary to
      reduce header file nesting (to be implemented in a subsequent
      commit).
      
      Also change the typedef names across the codebase to use the _t
      suffix to be more conformant with the Linux coding style. The
      coding style actually prefers us not to use typedefs at all but
      this is considered a step too far for Trusted Firmware.
      
      Also change the IO framework structs defintions to use typedef'd
      structs to be consistent with the rest of the codebase.
      
      Change-Id: I722b2c86fc0d92e4da3b15e5cab20373dd26786f
      fb037bfb
    • Dan Handley's avatar
      Separate BL functions out of arch.h · 5b827a8f
      Dan Handley authored
      Move the BL function prototypes out of arch.h and into the
      appropriate header files to allow more efficient header file
      inclusion. Create new BL private header files where there is no
      sensible existing header file.
      
      Change-Id: I45f3e10b72b5d835254a6f25a5e47cf4cfb274c3
      5b827a8f
  14. 21 Mar, 2014 1 commit
    • Vikram Kanigiri's avatar
      Remove partially qualified asm helper functions · 6ba0b6d6
      Vikram Kanigiri authored
      Each ARM Trusted Firmware image should know in which EL it is running
      and it should use the corresponding register directly instead of reading
      currentEL and knowing which asm register to read/write
      
      Change-Id: Ief35630190b6f07c8fbb7ba6cb20db308f002945
      6ba0b6d6
  15. 05 Mar, 2014 1 commit
  16. 20 Feb, 2014 1 commit
    • Achin Gupta's avatar
      Rework BL2 to BL3-1 hand over interface · e4d084ea
      Achin Gupta authored
      This patch reworks BL2 to BL3-1 hand over interface by introducing a
      composite structure (bl31_args) that holds the superset of information
      that needs to be passed from BL2 to BL3-1.
      
        - The extents of secure memory available to BL3-1
        - The extents of memory available to BL3-2 (not yet implemented) and
          BL3-3
        - Information to execute BL3-2 (not yet implemented) and BL3-3 images
      
      This patch also introduces a new platform API (bl2_get_bl31_args_ptr)
      that needs to be implemented by the platform code to export reference to
      bl31_args structure which has been allocated in platform-defined memory.
      
      The platform will initialize the extents of memory available to BL3-3
      during early platform setup in bl31_args structure. This obviates the
      need for bl2_get_ns_mem_layout platform API.
      
      BL2 calls the bl2_get_bl31_args_ptr function to get a reference to
      bl31_args structure. It uses the 'bl33_meminfo' field of this structure
      to load the BL3-3 image. It sets the entry point information for the
      BL3-3 image in the 'bl33_image_info' field of this structure. The
      reference to this structure is passed to the BL3-1 image.
      
      Also fixes issue ARM-software/tf-issues#25
      
      Change-Id: Ic36426196dd5ebf89e60ff42643bed01b3500517
      e4d084ea
  17. 17 Feb, 2014 1 commit
  18. 17 Jan, 2014 1 commit
  19. 12 Dec, 2013 1 commit
    • Sandrine Bailleux's avatar
      Remove useless copies of meminfo structures · ee12f6f7
      Sandrine Bailleux authored
      Platform setup code has to reserve some memory for storing the
      memory layout information.  It is populated in early platform setup
      code.
      
      blx_get_sec_mem_layout() functions used to return a copy of this
      structure.  This patch modifies blx_get_sec_mem_layout() functions
      so that they now directly return a pointer to their memory layout
      structure.  It ensures that the memory layout returned by
      blx_get_sec_mem_layout() is always up-to-date and also avoids a
      useless copy of the meminfo structure.
      
      Also rename blx_get_sec_mem_layout() to blx_plat_sec_mem_layout()
      to make it clear those functions are platform specific.
      
      Change-Id: Ic7a6f9d6b6236b14865ab48a9f5eff545ce56551
      ee12f6f7
  20. 05 Dec, 2013 1 commit
    • Dan Handley's avatar
      Enable third party contributions · ab2d31ed
      Dan Handley authored
      - Add instructions for contributing to ARM Trusted Firmware.
      
      - Update copyright text in all files to acknowledge contributors.
      
      Change-Id: I9311aac81b00c6c167d2f8c889aea403b84450e5
      ab2d31ed
  21. 25 Oct, 2013 1 commit