GitLab

Update the skeleton implementation of the console interface.

The 32 bit version was outdated and has been copied from the 64 bit
version.

Change-Id: Ib3e4eb09402ffccb1a30c703a53829a7bf064dfe
Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>

This patch removes incorrect SCTLR_V_BIT definition and adds
definitions for ARMv8.3-Pauth EnIB, EnDA and EnDB bits.

Change-Id: I1384c0a01f56f3d945833464a827036252c75c2e
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>

Those defines are used in STM32MP1 clock driver.
It is better to put them altogether with already defined registers.

Change-Id: I6f8ad8c2477b947af6f76283a4ef5c40212d0027
Signed-off-by: Yann Gautier <yann.gautier@st.com>

This patch adds the functionality needed for platforms to provide
Branch Target Identification (BTI) extension, introduced to AArch64
in Armv8.5-A by adding BTI instruction used to mark valid targets
for indirect branches. The patch sets new GP bit [50] to the stage 1
Translation Table Block and Page entries to denote guarded EL3 code
pages which will cause processor to trap instructions in protected
pages trying to perform an indirect branch to any instruction other
than BTI.
BTI feature is selected by BRANCH_PROTECTION option which supersedes
the previous ENABLE_PAUTH used for Armv8.3-A Pointer Authentication
and is disabled by default. Enabling BTI requires compiler support
and was tested with GCC versions 9.0.0, 9.0.1 and 10.0.0.
The assembly macros and helpers are modified to accommodate the BTI
instruction.
This is an experimental feature.
Note. The previous ENABLE_PAUTH build option to enable PAuth in EL3
is now made as an internal flag and BRANCH_PROTECTION flag should be
used instead to enable Pointer Authentication.
Note. USE_LIBROM=1 option is currently not supported.

Change-Id: Ifaf4438609b16647dc79468b70cd1f47a623362e
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>

The workaround for Cortex-A76 errata #1286807 is implemented
in this patch.

Change-Id: I6c15af962ac99ce223e009f6d299cefb41043bed
Signed-off-by: Soby Mathew <soby.mathew@arm.com>

ARMv7 and Cortex-A32(ARMv8/aarch32) uses "arm-linux-gnueabi" toolchain which
has both soft-float and hard-float variants and so there could be scenarios
where soft-float toolchain is used.Even though TF-A documentation recommends
to use hard-float toolchain for aarch32 but there are external projects where
we cannot mandate the selection of toolchain and for those projects at least
the build should not fail.

Current TF-A source fails to build with soft-float toolchain because assembler
does not recognizes "vmsr" instruction which is required to enable floating
point unit.

To avoid this piece of code being compiled with soft-float toolchain add
predefined macro guard " __SOFTFP__" exposed by soft-float toolchain.

Change-Id: I76ba40906a8d622dcd476dd36ab4d277a925996c
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>

Change-Id: I14fcabbdfd53153d1d5f187f6f8b23a045794408
Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>

The old version of the macro is deprecated.

Commit cc5859ca

 ("Multi-console: Deprecate the
`finish_console_register` macro") provides more details.

Change-Id: I3d1cdf6496db7d8e6cfbb5804f508ff46ae7e67e
Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>

This gives each Secure Partition complete freedom on its address space.
Previously, the memory used by the exception vectors was reserved and
couldn't be used. Also, it always had to be mapped, forcing SPM to
generate translation tables that included the exception vectors as well
as the Partition memory regions. With this change, partitions can reduce
their address space size easily.

Change-Id: I67fb5e9bdf2870b73347f23bff702fab0a8f8711
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

This patch applies the new MSR instruction to directly set the
PSTATE.SSBS bit which controls speculative loads. This new instruction
is available at Neoverse N1 core so it's utilised.

Change-Id: Iee18a8b042c90fdb72d2b98f364dcfbb17510728
Signed-off-by: John Tsichritzis <john.tsichritzis@arm.com>

SSBS support is determined by checking ID_AA64PFR1_EL1 and not
ID_AA64PFR0_EL1.

Fixes ARM-Software/tf-issues#679

Change-Id: I8ecba13b850995ec6a6ede3c2a1e02e69a3a95db
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>

Check for both IMPLEMENTATION_DEFINED and Architected algorithms of
Address Authentication.

Change-Id: I209dcc6087172cfef7baf8d09e0454628f02cbd0
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

Complete the MPAM enablement in TF-A for lower ELs by enabling the EL2
traps in MPAMHCR_EL2 and MPAM2_EL2.This prevents an
MPAM-unaware-hypervisor to be restricted by an MPAM-aware-guest.

Change-Id: I47bf3f833fa22baa590f83d49cc0e3f2974e698d
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>

The workarounds for these errata are so closely related that it is
better to only have one patch to make it easier to understand.

Change-Id: I0287fa69aefa8b72f884833f6ed0e7775ca834e9
Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>

The previous commit added the infrastructure to load and save
ARMv8.3-PAuth registers during Non-secure <-> Secure world switches, but
didn't actually enable pointer authentication in the firmware.

This patch adds the functionality needed for platforms to provide
authentication keys for the firmware, and a new option (ENABLE_PAUTH) to
enable pointer authentication in the firmware itself. This option is
disabled by default, and it requires CTX_INCLUDE_PAUTH_REGS to be
enabled.

Change-Id: I35127ec271e1198d43209044de39fa712ef202a5
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

ARMv8.3-PAuth adds functionality that supports address authentication of
the contents of a register before that register is used as the target of
an indirect branch, or as a load.

This feature is supported only in AArch64 state.

This feature is mandatory in ARMv8.3 implementations.

This feature adds several registers to EL1. A new option called
CTX_INCLUDE_PAUTH_REGS has been added to select if the TF needs to save
them during Non-secure <-> Secure world switches. This option must be
enabled if the hardware has the registers or the values will be leaked
during world switches.

To prevent leaks, this patch also disables pointer authentication in the
Secure world if CTX_INCLUDE_PAUTH_REGS is 0. Any attempt to use it will
be trapped in EL3.

Change-Id: I27beba9907b9a86c6df1d0c5bf6180c972830855
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

Implicit Error Synchronization Barrier (IESB) might not be correctly
generated in Cortex-A75 r0p0. To prevent this, IESB are enabled at all
expection levels.

Change-Id: I2a1a568668a31e4f3f38d0fba1d632ad9939e5ad
Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>

Cortex A5 doesnt support VFP, Large Page addressing and generic timer
which are addressed in this patch. The device tree for Cortex a5
is also included.

Change-Id: I0722345721b145dfcc80bebd36a1afbdc44bb678
Signed-off-by: Usama Arif <usama.arif@arm.com>

Cortex a5 doesnt support hardware division such as sdiv and udiv commands.
This commit adds a software division function in assembly as well as include
appropriate files for software divison.

The software division algorithm is a modified version obtained from:
http://www.keil.com/support/man/docs/armasm/armasm_dom1359731155623.htm



Change-Id: Ib405a330da5f1cea1e68e07e7b520edeef9e2652
Signed-off-by: Usama Arif <usama.arif@arm.com>

In a system with ARMv8.5-PMU implemented:

- If EL3 is using AArch32, setting MDCR_EL3.SCCD to 1 disables counting
  in Secure state in PMCCNTR.

- If EL3 is using AArch64, setting SDCR.SCCD to 1 disables counting in
  Secure state in PMCCNTR_EL0.

So far this effect has been achieved by setting PMCR_EL0.DP (in AArch64)
or PMCR.DP (in AArch32) to 1 instead, but this isn't considered secure
as any EL can change that value.

Change-Id: I82cbb3e48f2e5a55c44d9c4445683c5881ef1f6f
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

Now that setjmp() and longjmp() are compliant with the standard they can
be moved with the other libc files.

Change-Id: Iea3b91c34eb353ace5e171e72f331602d57774d5
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

Instead of having a custom implementation of setjmp() and longjmp() it
is better to follow the C standard.

The comments in setjmp.h are no longer needed as there are no deviations
from the expected one, so they have been removed.

All SDEI code that relied on them has been fixed to use the new function
prototypes and structs.

Change-Id: I6cd2e21cb5a5bcf81ba12283f2e4c067bd5172ca
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

The Generic Timer is an optional extension to an ARMv7-A implementation.
The generic delay timer can be used from any architecture supported by
the Trusted Firmware. In ARMv7 it is needed to check that this feature
is present. In ARMv8 it is always present.

Change-Id: Ib7e8ec13ffbb2f64445d4ee48ed00f26e34b79b7
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

ARMv8.4-TTST (Small Translation tables) relaxes the lower limit on the
size of translation tables by increasing the maximum permitted value
of the T1SZ and T0SZ fields in TCR_EL1, TCR_EL2, TCR_EL3, VTCR_EL2 and
VSTCR_EL2.

This feature is supported in AArch64 state only.

This patch adds support for this feature to both versions of the
translation tables library. It also removes the static build time
checks for virtual address space size checks to runtime assertions.

Change-Id: I4e8cebc197ec1c2092dc7d307486616786e6c093
Signed-off-by: Sathees Balya <sathees.balya@arm.com>

This patch provides helper function to read the ID_AFR0_EL1
system register for platforms.

Change-Id: Id5491b18e3bf9f619d98d6cc8efd9d2cf5918c9d
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>

ARMv8.2-TTCNP is mandatory from ARMv8.2 onwards, but it can be implemented
in CPUs that don't implement all mandatory 8.2 features (and so have to
claim to be a lower version).

This patch removes usage of the ARM_ARCH_AT_LEAST() macro and uses system
ID registers to detect whether it is needed to set the bit or not.

Change-Id: I7bcbf0c7c937590dfc2ca668cfd9267c50f7d52c
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

Enforce full include path for includes. Deprecate old paths.

The following folders inside include/lib have been left unchanged:

- include/lib/cpus/${ARCH}
- include/lib/el3_runtime/${ARCH}

The reason for this change is that having a global namespace for
includes isn't a good idea. It defeats one of the advantages of having
folders and it introduces problems that are sometimes subtle (because
you may not know the header you are actually including if there are two
of them).

For example, this patch had to be created because two headers were
called the same way: e0ea0928 ("Fix gpio includes of mt8173 platform
to avoid collision."). More recently, this patch has had similar
problems: 46f9b2c3 ("drivers: add tzc380 support").

This problem was introduced in commit 4ecca339

 ("Move include and
source files to logical locations"). At that time, there weren't too
many headers so it wasn't a real issue. However, time has shown that
this creates problems.

Platforms that want to preserve the way they include headers may add the
removed paths to PLAT_INCLUDES, but this is discouraged.

Change-Id: I39dc53ed98f9e297a5966e723d1936d6ccf2fc8f
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>

The architecture dependant header files in include/lib/${ARCH} and
include/common/${ARCH} have been moved to /include/arch/${ARCH}.

Change-Id: I96f30fdb80b191a51448ddf11b1d4a0624c03394
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>