- 10 Jul, 2019 1 commit
-
-
John Tsichritzis authored
The project has been renamed from "Arm Trusted Firmware (ATF)" to "Trusted Firmware-A (TF-A)" long ago. A few references to the old project name that still remained in various places have now been removed. This change doesn't affect any platform files. Any "ATF" references inside platform files, still remain. Change-Id: Id97895faa5b1845e851d4d50f5750de7a55bf99e Signed-off-by: John Tsichritzis <john.tsichritzis@arm.com>
-
- 28 Jun, 2019 1 commit
-
-
Ambroise Vincent authored
The new API becomes the default one. Change-Id: Ic1d602da3dff4f4ebbcc158b885295c902a24fec Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>
-
- 24 May, 2019 4 commits
-
-
Alexei Fedorov authored
This patch adds the functionality needed for platforms to provide Branch Target Identification (BTI) extension, introduced to AArch64 in Armv8.5-A by adding BTI instruction used to mark valid targets for indirect branches. The patch sets new GP bit [50] to the stage 1 Translation Table Block and Page entries to denote guarded EL3 code pages which will cause processor to trap instructions in protected pages trying to perform an indirect branch to any instruction other than BTI. BTI feature is selected by BRANCH_PROTECTION option which supersedes the previous ENABLE_PAUTH used for Armv8.3-A Pointer Authentication and is disabled by default. Enabling BTI requires compiler support and was tested with GCC versions 9.0.0, 9.0.1 and 10.0.0. The assembly macros and helpers are modified to accommodate the BTI instruction. This is an experimental feature. Note. The previous ENABLE_PAUTH build option to enable PAuth in EL3 is now made as an internal flag and BRANCH_PROTECTION flag should be used instead to enable Pointer Authentication. Note. USE_LIBROM=1 option is currently not supported. Change-Id: Ifaf4438609b16647dc79468b70cd1f47a623362e Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
-
Ambroise Vincent authored
The flags are taken from the different warning levels of the build system when they do not generate any error with the current upstreamed platforms. Change-Id: Ia70cff83bedefb6d2f0dd266394ef77fe47e7f65 Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>
-
John Tsichritzis authored
When TF-A is compiled with BTI enabled, the branches in the ROMLIB jumptable must be preceded by a "bti j" instruction. Moreover, when the additional "bti" instruction is inserted, the jumptable entries have a distance of 8 bytes between them instead of 4. Hence, the wrappers are also modified accordinly. If TF-A is compiled without BTI enabled, the ROMLIB jumptable and wrappers are generated as before. Change-Id: Iaa59897668f8e59888d39046233300c2241d8de7 Signed-off-by: John Tsichritzis <john.tsichritzis@arm.com>
-
John Tsichritzis authored
Changes to make the help text a bit more readable: 1) The "usage" part is now a one-liner 2) The supported platforms list is printed separately Change-Id: I93e48a6cf1d28f0ef9f3db16ce17725e4dff33c9 Signed-off-by: John Tsichritzis <john.tsichritzis@arm.com>
-
- 22 May, 2019 1 commit
-
-
Paul Beesley authored
Previously checkpatch was invoked with options to make it ignore Markdown (md) files as this was the dominant format for TF-A documents. Now that rst is being used everywhere this option needs updating. Change-Id: I59b5a0bcc45d2386df4f880b8d333baef0bbee77 Signed-off-by: Paul Beesley <paul.beesley@arm.com>
-
- 09 May, 2019 1 commit
-
-
John Tsichritzis authored
Pointer authentication is supported only in AArch64. A relevant check is added for that in the Makefile. Change-Id: I021ba65a9bd5764fd33292bee42617015e04a870 Signed-off-by: John Tsichritzis <john.tsichritzis@arm.com>
-
- 03 Apr, 2019 1 commit
-
-
Ambroise Vincent authored
Now it is needed to use the full path of the common header files. Commit 09d40e0e ("Sanitise includes across codebase") provides more information. Change-Id: Ifedc79d9f664d208ba565f5736612a3edd94c647 Signed-off-by: Ambroise Vincent <ambroise.vincent@arm.com>
-
- 26 Mar, 2019 1 commit
-
-
Soby Mathew authored
Change-Id: I6d8a6419df4d4924214115facbce90715a1a0371 Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
- 18 Mar, 2019 1 commit
-
-
Alexei Fedorov authored
Declare ENABLE_PAUTH and CTX_INCLUDE_PAUTH_REGS build options as experimental. Pointer Authentication is enabled for Non-secure world irrespective of the value of these build flags if the CPU supports it. The patch also fixes the description of fiptool 'help' command. Change-Id: I46de3228fbcce774a2624cd387798680d8504c38 Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
-
- 12 Mar, 2019 2 commits
-
-
Alexei Fedorov authored
Change-Id: I56ea088f415bdb9077c385bd3450ff4b2cfa2eac Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
-
Louis Mayencourt authored
Since binutils 1a9ccd70f9a7[1] TFA will not link when the PIE option is used: aarch64-linux-gnu-ld: build/fvp/debug/bl31/bl31.elf: Not enough room for program headers, try linking with -N aarch64-linux-gnu-ld: final link failed: Bad value This issue was also encountered by u-boot[2] and linux powerpc kernel [3]. The fix is to provide --no-dynamic-linker for the linker. This tells the linker that PIE does not need loaded program program headers. Fix https://github.com/ARM-software/tf-issues/issues/675 [1] https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=commit;h=1a9ccd70f9a7 [2] http://git.denx.de/?p=u-boot.git;a=commit;h=e391b1e64b0bd65709a28a4764afe4f32d408243 [3] https://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git/commit/?h=next&id=ff45000fcb56b5b0f1a14a865d3541746d838a0a Change-Id: Ic3c33c795a9b7bdeab0e87c4345153ce2703a524 Signed-off-by: Louis Mayencourt <louis.mayencourt@arm.com>
-
- 11 Mar, 2019 1 commit
-
-
Yann Gautier authored
It can be handy for example to add --strict option which can detect more coding issues, even if not mandated by TF-A coding rules. To use it: CHECKPATCH_OPTS="--strict" make checkpatch Change-Id: I707e4cc2d1250b21f18ff16169b5f1e5ab03a7ed Signed-off-by: Yann Gautier <yann.gautier@st.com>
-
- 27 Feb, 2019 3 commits
-
-
Varun Wadekar authored
This patch provides support for using the scatterfile format as the linker script with the 'armlink' linker for Tegra platforms. In order to enable the scatterfile usage the following changes have been made: * provide mapping for ld.S symbols in bl_common.h * include bl_common.h from all the affected files * update the makefile rules to use the scatterfile and armlink to compile BL31 * update pubsub.h to add sections to the scatterfile NOTE: THIS CHANGE HAS BEEN VERIFIED WITH TEGRA PLATFORMS ONLY. Change-Id: I7bb78b991c97d74a842e5635c74cb0b18e0fce67 Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
-
Antonio Nino Diaz authored
The previous commit added the infrastructure to load and save ARMv8.3-PAuth registers during Non-secure <-> Secure world switches, but didn't actually enable pointer authentication in the firmware. This patch adds the functionality needed for platforms to provide authentication keys for the firmware, and a new option (ENABLE_PAUTH) to enable pointer authentication in the firmware itself. This option is disabled by default, and it requires CTX_INCLUDE_PAUTH_REGS to be enabled. Change-Id: I35127ec271e1198d43209044de39fa712ef202a5 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Antonio Nino Diaz authored
ARMv8.3-PAuth adds functionality that supports address authentication of the contents of a register before that register is used as the target of an indirect branch, or as a load. This feature is supported only in AArch64 state. This feature is mandatory in ARMv8.3 implementations. This feature adds several registers to EL1. A new option called CTX_INCLUDE_PAUTH_REGS has been added to select if the TF needs to save them during Non-secure <-> Secure world switches. This option must be enabled if the hardware has the registers or the values will be leaked during world switches. To prevent leaks, this patch also disables pointer authentication in the Secure world if CTX_INCLUDE_PAUTH_REGS is 0. Any attempt to use it will be trapped in EL3. Change-Id: I27beba9907b9a86c6df1d0c5bf6180c972830855 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 05 Feb, 2019 1 commit
-
-
Varun Wadekar authored
This patch introduces a build option 'OVERRIDE_LIBC' that platforms can set to override libc from the BL image. The default value is '0' to keep the library. Change-Id: I10a0b247f6a782eeea4a0359e30a8d79b1e9e4e1 Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
-
- 30 Jan, 2019 1 commit
-
-
Antonio Nino Diaz authored
This reverts commit 2f370465 ("Add support for the SMC Calling Convention 2.0"). SMCCC v2.0 is no longer required for SPM, and won't be needed in the future. Removing it makes the SMC handling code less complicated. The SPM implementation based on SPCI and SPRT was using it, but it has been adapted to SMCCC v1.0. Change-Id: I36795b91857b2b9c00437cfbfed04b3c1627f578 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 24 Jan, 2019 1 commit
-
-
Manish Pandey authored
Following changes are done to make DT pre-processing similar to that of U-boot/Linux kernel. 1. Creating seperate CPPFLAGS for DT preprocessing so that compiler options specific to it can be accommodated. e.g: "-undef" compiler option avoids replacing "linux" string(used in device trees) with "1" as "linux" is a pre-defined macro in gnu99 standard. 2. Replace CPP with PP for DT pre-processing, as CPP in U-boot/Linux is exported as "${CROSS_COMPILE}gcc -E" while in TF-A it is exported as "${CROSS_COMPILE}cpp". Change-Id: If4c61a249d51614d9f53ae30b602036d50c02349 Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
-
- 22 Jan, 2019 1 commit
-
-
Antonio Nino Diaz authored
The SPM implementation based on MM is going to be kept for the foreseeable future. Change-Id: I11e96778a4f52a1aa803e7e048d9a7cb24a53954 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com> Acked-by: Sumit Garg <sumit.garg@linaro.org>
-
- 21 Jan, 2019 1 commit
-
-
Antonio Nino Diaz authored
This flag was removed in 79eb1aff ("Remove `DISABLE_PEDANTIC` build option"). Change-Id: Ic3584a4c5f0100ed9e57b068ec672b0baae8cfab Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 04 Jan, 2019 3 commits
-
-
Antonio Nino Diaz authored
ASM_ASSERTION was deprecated long ago, this check is no longer needed. Change-Id: I2a5770f76ea1317461c0059dad8dba9dc0e5af32 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Antonio Nino Diaz authored
Enforce full include path for includes. Deprecate old paths. The following folders inside include/lib have been left unchanged: - include/lib/cpus/${ARCH} - include/lib/el3_runtime/${ARCH} The reason for this change is that having a global namespace for includes isn't a good idea. It defeats one of the advantages of having folders and it introduces problems that are sometimes subtle (because you may not know the header you are actually including if there are two of them). For example, this patch had to be created because two headers were called the same way: e0ea0928 ("Fix gpio includes of mt8173 platform to avoid collision."). More recently, this patch has had similar problems: 46f9b2c3 ("drivers: add tzc380 support"). This problem was introduced in commit 4ecca339 ("Move include and source files to logical locations"). At that time, there weren't too many headers so it wasn't a real issue. However, time has shown that this creates problems. Platforms that want to preserve the way they include headers may add the removed paths to PLAT_INCLUDES, but this is discouraged. Change-Id: I39dc53ed98f9e297a5966e723d1936d6ccf2fc8f Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Antonio Nino Diaz authored
The architecture dependant header files in include/lib/${ARCH} and include/common/${ARCH} have been moved to /include/arch/${ARCH}. Change-Id: I96f30fdb80b191a51448ddf11b1d4a0624c03394 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 18 Dec, 2018 2 commits
-
-
Sathees Balya authored
This patch allows platforms to define their own jump table list for library at ROM. The file has the list of functions to be used from library at ROM. It can also include other list files. Change-Id: I721c35d7dad3dcadbb3a7f3277bfd5d3e1f6e00a Signed-off-by: Sathees Balya <sathees.balya@arm.com>
-
Yann Gautier authored
This is done for other compilers, and without this some code does not compile, like inline assembly code. Fixes ARM-software/tf-issues#657. Signed-off-by: Yann Gautier <yann.gautier@st.com>
-
- 12 Dec, 2018 1 commit
-
-
Varun Wadekar authored
This patch modifies the search criteria to see if we are using 'armclang' as the compiler. Switch over to using 'findstring' which enables platforms to do fancy stuff using scripts e.g. check if armclang timed out and retry compilation. Change-Id: If2162ebadb9033f6457a4e8d4243345e711defe6 Signed-off-by: Kalyani Chidambaram Vaidyanathan <kalyanic@nvidia.com> Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
-
- 11 Dec, 2018 1 commit
-
-
Antonio Nino Diaz authored
This tool packages Secure Partitions and Resource Descriptor blobs into a simple file that can be loaded by SPM. Change-Id: If3800064f30bdc3d7fc6a15ffbb3007ef632bcaa Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 10 Dec, 2018 3 commits
-
-
Yann Gautier authored
Setting E=0 in the make command line disables -Werror in CPPFLAGS. Signed-off-by: Yann Gautier <yann.gautier@st.com>
-
Yann Gautier authored
The list of warning is taken from kernel and also divided in 3. The option to activate that is W=x, with x=1, 2 or 3. Signed-off-by: Yann Gautier <yann.gautier@st.com>
-
Antonio Nino Diaz authored
The current SPM is a prototype that only supports one secure partition in EL0. The objective of SPM is to have multiple partitions. The current MM interface isn't adequate for this, so it is needed to modify heavily the code to add proper support for it. However, there are platforms which are already using this (like SGI) and removing the code would break it. For this reason, the current SPM code has been duplicated in order to temporarily preserve compatibility. All new improvements/changes to SPM will be done in the non-deprecated copy, that may change without notice. The new build option SPM_DEPRECATED has been introduced to select the SPM implementation. It defaults to 1, that selects the deprecated SPM. Change-Id: Ic9f80b53b450e97b4d3f47e4ef4a138ee8d87443 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 07 Dec, 2018 2 commits
-
-
Julius Werner authored
Now that we have switched to using the stack in MULTI_CONSOLE_API framework functions and have factored all code involved in crash reporting out into a separate file, there's really no reason to keep the main framework code in assembly anymore. This patch rewrites it in C which allows us to have a single implementation across aarch32/64 and should be much easier to maintain going forward. Change-Id: I6c85a01e89a79e8b233f3f8bee812f0dbd026221 Signed-off-by: Julius Werner <jwerner@chromium.org>
-
Julius Werner authored
This patch makes the build system link the console framework code by default, like it already does with other common libraries (e.g. cache helpers). This should not make a difference in practice since TF is linked with --gc-sections, so the linker will garbage collect all functions and data that are not referenced by any other code. Thus, if a platform doesn't want to include console code for size reasons and doesn't make any references to console functions, the code will not be included in the final binary. To avoid compatibility issues with older platform ports, only make this change for the MULTI_CONSOLE_API. Change-Id: I153a9dbe680d57aadb860d1c829759ba701130d3 Signed-off-by: Julius Werner <jwerner@chromium.org>
-
- 19 Nov, 2018 1 commit
-
-
Antonio Nino Diaz authored
It's better to have them in a separate file instead of having them spread across the Makefile. This is what the stack protector is already doing. Change-Id: Id30742c0af10de5ea6d10674ca25bf52b0f2b262 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 29 Oct, 2018 1 commit
-
-
Soby Mathew authored
Change-Id: I0b8ccba15024c55bb03927cdb50370913eb8010c Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
- 19 Oct, 2018 1 commit
-
-
Antonio Nino Diaz authored
Commit <ee1ba6d4 > ("Makefile: Support totally quiet output with -s") broke verbose (V=1) builds on Windows. This patch fixes it by adding helpers to silence echo prints in a OS-dependent way. Change-Id: I24669150457516e9fb34fa32fa103398efe8082d Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 08 Oct, 2018 1 commit
-
-
Andre Przywara authored
"-s" is a command line option to the make tool, to suppress normal output, something to the effect of prepending every line with '@' in the Makefile. However with our V={0|1} support, we now print the shortened command line output in any case (even with V=1, in addition to the long line!). Normally -s helps to not miss non-fatal warnings, which tend to scroll out of the window easily. Introduce a new Makefile variable ECHO, to control the shortened output. We only set it in the (current default) V=0 case, and replace every occurence of "@echo" with that variable. When the user specifies "-s", we set ECHO to some magic string which changes the output line into a comment, so the output is suppressed. Beside suppressing every output for "-s", we also avoid the redundant short output when compiling with V=1. This changes the output to: ========== $ make -s PLAT=.... bl31 Built build/.../release/bl31.bin ========== $ make PLAT=.... bl31 ... CC lib/libc/strncmp.c CC lib/libc/strnlen.c ... ========== $ make V=1 PLAT=.... bl31 ... gcc -DDEBUG=0 .... -o build/.../release/libc/strncmp.o gcc -DDEBUG=0 .... -o build/.../release/libc/strnlen.o ... ========== Signed-off-by: Andre Przywara <andre.przywara@arm.com>
-
- 03 Oct, 2018 2 commits
-
-
Sandrine Bailleux authored
When attempting to compile TF-A with "SPD=something ARCH=aarch32", the following error message is printed: Makefile:291: *** recipe commences before first target. Stop. This is because the call to the error function is indented using a tab whereas it's not part of a rule's recipe. Replace the tab by spaces. Change-Id: Ic9b603837a0e43f2f7070cb39137541c332365d2 Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
-
Daniel Boulby authored
This patch introduces a build flag "RECLAIM_INIT_CODE" to mark boot time code which allows platforms to place this memory in an appropriate section to be reclaimed later. This features is primarily targeted for BL31. Appropriate documentation updates are also done. Change-Id: If0ca062851614805d769c332c771083d46599194 Signed-off-by: Daniel Boulby <daniel.boulby@arm.com>
-