- 07 Feb, 2018 2 commits
-
-
Victor Chong authored
Signed-off-by: Victor Chong <victor.chong@linaro.org> Tested-by: Shawn Guo <shawn.guo@linaro.org>
-
davidcunado-arm authored
support to boot OP-TEE on AArch32/Armv7+example with Cortex-A15/Qemu
-
- 06 Feb, 2018 2 commits
-
-
Etienne Carriere authored
As per MISRA C-2012 Rule 10.4. arg0 is a u_register_t, can be a 32bit or 64bit upon architecture. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
-
davidcunado-arm authored
Support GZIP-compressed images for faster loading and verification
-
- 05 Feb, 2018 2 commits
-
-
Etienne Carriere authored
Define Qemu AArch32 implementation for some platform functions (core position, secondary boot cores, crash console). These are derived from the AArch64 implementation. BL31 on Qemu is needed only for ARMv8 and later. On ARMv7, BL32 is the first executable image after BL2. Support SP_MIN and OP-TEE as BL32: create a sp_min make script target in Qemu, define mapping for IMAGE_BL32 Minor fix Qemu return value type for plat_get_ns_image_entrypoint(). Qemu model for the Cortex-A15 does not support the virtualization extension although the core expects it. To overcome the issue, Qemu ARMv7 configuration set ARCH_SUPPORTS_VIRTUALIZATION to 0. Add missing AArch32 assembly macro arm_print_gic_regs from ARM platform used by the Qemu platform. Qemu Cortex-A15 model integrates a single cluster with up to 4 cores. Change-Id: I65b44399071d6f5aa40d5183be11422b9ee9ca15 Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
-
Etienne Carriere authored
AArch32 only platforms can boot the OP-TEE secure firmware as a BL32 secure payload. Such configuration can be defined through AARCH32_SP=optee. The source files can rely on AARCH32_SP_OPTEE to condition OP-TEE boot specific instruction sequences. OP-TEE does not expect ARM Trusted Firmware formatted structure as boot argument. Load sequence is expected to have already loaded to OP-TEE boot arguments into the bl32 entrypoint info structure. Last, AArch32 platform can only boot AArch32 OP-TEE images. Change-Id: Ic28eec5004315fc9111051add6bb1a1d607fc815 Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
-
- 02 Feb, 2018 6 commits
-
-
davidcunado-arm authored
uniphier: fix and improve memory layout
-
Etienne Carriere authored
Add 'lr_svc' as a boot parameter in AArch32 bl1. This is used by Optee and Trusty to get the non-secure entry point on AArch32 platforms. This change is not ported in AArch64 mode where the BL31, not BL32, is in charge of booting the non secure image (BL33). Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
-
davidcunado-arm authored
AMUv1 support for AArch32
-
Masahiro Yamada authored
Looks like this is requirement in the pre-merge static analysis. misra_violation: [Required] MISRA C-2012 Rule 7.2 violation: Unsigned constants must be declared with U or u suffix. Adding ULL as requested. I used ULL() macros for BL*_{BASE,LIMIT} because they are referenced from linker scripts. Requested-by: David Cunado <david.cunado@arm.com> Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
Currently, the xlat region of the on-chip SRAM is always allocated for all BL images. The access to the on-chip SRAM is necessary for loading images from a USB memory device (i.e. when updating firmware), so unneeded for the usual boot procedure. To avoid this waste, allocate the xlat region dynamically only for BL2, and only when it is necessary. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
Commit 247fc043 ("uniphier: switch to BL2-AT-EL3 and remove BL1 support") accidentally changed the location of BL31 and BL32. The new memory map overlaps with the audio DSP images, also gives impact to OP-TEE. They are both out of control of ARM Trusted Firmware, so not easy to change. This commit restores the image layout that was originally used prior to the BL2-AT-EL3 migration. Reported-by: Katsuhiro Suzuki <suzuki.katsuhiro@socionext.com> Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
- 01 Feb, 2018 26 commits
-
-
davidcunado-arm authored
rockchip/rk3399: Fix memory corruptions or illegal memory access
-
davidcunado-arm authored
Analyze coding style of patches individually
-
Masahiro Yamada authored
Allow to handle GZIP-compressed images by giving FIP_GZIP=1 from the command line. - Images are GZIP-compressed, then packed into FIP. If Trusted Board Boot is enabled, certificates are generated based on the compressed images. - GZIP decompressor is linked into BL2 to decompress images at run-time. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
In the next commit, I will have more usecases to get struct image_info from image ID. It is better to make a helper function at a different layer. I do not need the current uniphier_image_descs_fixup() since the code is small enough to be squashed into the caller side. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
These APIs are used by platforms that need to decompress images. image_decompress_init(): This registers a temporary buffer and a decompressor callback. This should be called from platform init code. image_decompress_prepare(): This should be called before each compressed image is loaded. The best location to call this will be bl*_plat_handle_pre_image_load(). image_decompress(): This should be called after each compressed image is loaded. The best location to call this will be bl*_plat_handle_post_image_load(). Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
Just like bl2_, add pre/post image load handlers for BL1. No argument is needed since BL2 is the only image loaded by BL1. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
There are cases where we need to manipulate image information before the load. For example, for decompressing data, we cannot load the compressed images to their final destination. Instead, we need to load them to the temporary buffer for the decompressor. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
When we add a new callback, we need to duplicate fallbacks among plat/common/{aarch32,aarch64}/platform_helpers.S This is tedious. I created a new C file, then moved 3 functions: plat_error_handler bl2_plat_preload_setup plat_try_next_boot_source They are called from C, so I do not see a good reason to implement them in assembly. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
This commit adds some more files to use zlib from TF. To use zlib, ->zalloc and ->zfree hooks are needed. The implementation depends on the system. For user-space, the libc provides malloc() and friends. Unfortunately, ARM Trusted Firmware does not provide malloc() or any concept of dynamic memory allocation. I implemented very simple calloc() and free() for this. Stupidly, zfree() never frees memory, but it works enough for this. The purpose of using zlib is to implement gunzip() - this function takes compressed data from in_buf, then dumps the decompressed data to oub_buf. The work_buf is used for memory allocation during the decompress. Upon exit, it updates in_buf and out_buf. If successful, in_buf points to the end of input data, out_buf to the end of the decompressed data. To use this feature, you need to do: - include lib/zlib/zlib.mk from your platform.mk - add $(ZLIB_SOURCES) to your BL*_SOURCES Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
Import the following files from zlib 1.2.11: adler32.c crc32.c crc32.h inffast.c inffast.h inffixed.h inflate.c inflate.h inftrees.c inftrees.h zconf.h zlib.h zutil.c zutil.h The original tarball is available from http://zlib.net/ The zlib is free software, distributed under the zlib license. The license text is included in the "zlib.h" file. It should be compatible with BSD-3-Clause. The zlib license is included in the SPDX license list available at https://spdx.org/licenses/ , but I did not add the SPDX license tag to the imported files above, to keep them as they are in the upstream project. This seems the general policy for ARM Trusted Firmware, as SPDX License Identifier was not added to files imported from FreeBSD. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
One typical usage of the pre-tool image filter is data compression, and GZIP is one of the most commonly used compression methods. I guess this is generic enough to be put in the common script instead of platform.mk. If you want to use this, you can add something like follows to your platform.mk: BL32_PRE_TOOL_FILTER := GZIP BL33_PRE_TOOL_FILTER := GZIP Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
There are cases where we want to process images before they are passed to cert_create / fiptool. My main motivation is data compression. By compressing images, we can save data storage, and possibly speed up loading images. The image verification will also get faster because certificates are generated based on compressed images. Other image transformation filters (for ex. encryption), and their combinations would be possible. So, our build system should support transformation filters in a generic manner. The choice of applied filters is up to platforms (so specified in platform.mk) To define a new filter, <FILTER_NAME>_RULE and <FILTER_NAME>_SUFFIX are needed. For example, the GZIP compression filter can be implemented as follows: ------------------------>8------------------------ define GZIP_RULE $(1): $(2) @echo " GZIP $$@" $(Q)gzip -n -f -9 $$< --stdout > $$@ endef GZIP_SUFFIX := .gz ------------------------>8------------------------ The _RULE defines how to create the target $(1) from the source $(2). The _SUFFIX defines the extension appended to the processed image path. The suffix is not so important because the file name information is not propagated to FIP, but adding a sensible suffix will be good to classify the data file. Platforms can specify which filter is applied to which BL image, like this: ------------------------>8------------------------ BL32_PRE_TOOL_FILTER := GZIP BL33_PRE_TOOL_FILTER := GZIP ------------------------>8------------------------ <IMAGE_NAME>_PRE_TOOL_FILTER specifies per-image filter. With this, different images can be transformed differently. For the case above, only BL32 and BL33 are GZIP-compressed. Nothing is done for other images. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
In the next commit, I need the image name in lowercase because output files are generally named in lowercase. Unfortunately, TOOL_ADD_IMG takes the first argument in uppercase since we generally use uppercase Make variables. make_helpers/build_macros.mk provides 'uppercase' macro to convert a string into uppercase, but 'lowercase' does not exist. We can implement it if we like, but it would be more straightforward to change the argument of TOOL_ADD_IMG. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
The PHONY target "bl*" generate $(BIN) and $(DUMP), but host tools (fiptool, cert_create) only need $(BIN). Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
The third argument was given "true" by images, but it was moved to TOOL_ADD_PAYLOAD. No more caller of CERT_ADD_CMD_OPT uses this. So, the third argument is always empty. Remove it. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
Now FIP_ADD_IMG takes care of both fiptool and cert_create symmetrically. Rename it so that it matches the behavior. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
Now FIP_ADD_PAYLOAD takes care of both fiptool and cert_create symmetrically. Rename it so that it matches the behavior. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
The fiptool and cert_create use the same command options for images. It is pretty easy to handle both in the same, symmetrical way. Move CRT_ARGS and CRT_DEPS to FIP_ADD_PAYLOAD. This refactoring makes sense because FIP_ADD_PAYLOAD is called from MAKE_BL (when building images from source), and from FIP_ADD_IMG (when including external images). (FIP_ADD_PAYLOAD will be renamed later on since it now caters to both fiptool and cert_create). We can delete CERT_ADD_CMD_OPT for images in tbbr.mk. It still needs to call CERT_ADD_CMD_OPT directly for certificates. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
The callers of these macros are supposed to use $(eval $(call, ...)). The $(eval ...) on the callee side is unneeded. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
The build system supports generating two FIP images, fip and fwu_fip. Accordingly, we have similar build macros. FIP_ADD_PAYLOAD <--> FWU_FIP_ADD_PAYLOAD CERT_ADD_CMD_OPT <--> FWU_CERT_ADD_CMD_OPT FIP_ADD_IMG <--> FWU_FIP_ADD_IMG The duplicated code increases the maintenance burden. Also, the build rule of BL2U looks clumsy - we want to call MAKE_BL to compile it from source files, but we want to put it in fwu_fip. We can not do it in a single macro call since the current MAKE_BL does not support fwu_fip. To refactor those in a clean way is to support one more argument to specify the FIP prefix. If it is empty, the images are targeted to fip, whereas if the argument is "FWU_", targeted to fwu_fip. The build macros prefixed with FWU_ go away. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
Now, MAKE_TOOL_ARGS is only called from MAKE_BL. Squash it. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
This complicated if-conditional combo was introduced by commit 70d1fc53 ("Fix build error when `BL32` is not defined") in order to fix the compile error of "make all" when SPD=opteed is given. The requirement for the build system is like follows: - If both BL32 and BL32_SOURCES are defined, the former takes precedence. - If BL32 is undefined but BL32_SOURCES is defined, we compile BL32 from the source files. - We want to let the build fail if neither of them is defined, but we want to check it only when we are building FIP. Refactor the code to not call FIP_ADD_IMG twice. The behavior is still the same. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
We use $(call MAKE_TOOL_ARGS,...) or $(call FIP_ADD_IMG,...) where we expect externally built images. The difference between the two is check_* target. It now checks if the given path exists, so it is a good thing to use $(call FIP_ADD_IMG,...) in all the places. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
check_* targets check if the required option are given, but do not check the validity of the argument. If the specified file does not exist, let the build fail immediately instead of passing the invalid file path to tools. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
davidcunado-arm authored
Implement support for SMCCC v1.1 and optimize security mitigations for CVE-2017-5715 on AArch64
-
davidcunado-arm authored
RK3399 GIC save/restore
-
- 31 Jan, 2018 2 commits
-
-
Joel Hutton authored
Add amu_context_save() and amu_context_restore() functions for aarch32 Change-Id: I4df83d447adeaa9d9f203e16dc5a919ffc04d87a Signed-off-by: Joel Hutton <joel.hutton@arm.com>
-
Joel Hutton authored
Change-Id: Id6dfe885a63561b1d2649521bd020367b96ae1af Signed-off-by: Joel Hutton <joel.hutton@arm.com>
-