- 23 May, 2017 2 commits
-
-
Masahiro Yamada authored
Platforms aligned with TBBR are supposed to use their own OIDs, but defining the same macros with different OIDs does not provide any value (at least technically). For easier use of TBBR, this commit allows platforms to reuse the OIDs obtained by ARM Ltd. This will be useful for non-ARM vendors that do not need their own extension fields in their certificate files. The OIDs of ARM Ltd. have been moved to include/tools_share/tbbr_oid.h Platforms can include <tbbr_oid.h> instead of <platform_oid.h> by defining USE_TBBR_DEFS as 1. USE_TBBR_DEFS is 0 by default to keep the backward compatibility. For clarification, I inserted a blank line between headers from the include/ directory (#include <...>) and ones from a local directory (#include "..." ). Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
Some header files need to be shared between TF and host programs. For fiptool, two headers are copied to the tools/fiptool directory, but it looks clumsy. This commit introduces a new directory, include/tools_share, which collects headers that should be shared between TF and host programs. This will clarify the interface exposed to host tools. We should add new headers to this directory only when we really need to do so. For clarification, I inserted a blank line between headers from the include/ directory (#include <...>) and ones from a local directory (#include "..." ). Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
- 03 May, 2017 1 commit
-
-
dp-arm authored
To make software license auditing simpler, use SPDX[0] license identifiers instead of duplicating the license text in every file. NOTE: Files that have been imported by FreeBSD have not been modified. [0]: https://spdx.org/ Change-Id: I80a00e1f641b8cc075ca5a95b10607ed9ed8761a Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
-
- 02 May, 2017 1 commit
-
-
Evan Lloyd authored
Some recent changes have added direct use of the echo command without parameters. This fails on a Windows shell, because echo without parameters reports the mode ("ECHO is on"). This is corrected using the ECHO_BLANK_LINE macro already provided for that purpose. Change-Id: I5fd7192861b4496f6f46b4f096e80a752cd135d6 Signed-off-by: Evan Lloyd <evan.lloyd@arm.com>
-
- 20 Apr, 2017 1 commit
-
-
Antonio Nino Diaz authored
The build option `ENABLE_ASSERTIONS` should be used instead. That way both C and ASM assertions can be enabled or disabled together. All occurrences of `ASM_ASSERTION` in common code and ARM platforms have been replaced by `ENABLE_ASSERTIONS`. ASM_ASSERTION has been removed from the user guide. Change-Id: I51f1991f11b9b7ff83e787c9a3270c274748ec6f Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 19 Apr, 2017 2 commits
-
-
Antonio Nino Diaz authored
Add the new build option `ENABLE_ASSERTIONS` that controls whether or not assert functions are compiled out. It defaults to 1 for debug builds and to 0 for release builds. Additionally, a following patch will be done to allow this build option to hide auxiliary code used for the checks done in an `assert()`. This code is is currently under the DEBUG build flag. Assert messages are now only printed if LOG_LEVEL >= LOG_LEVEL_INFO, which is the default for debug builds. This patch also updates the User Guide. Change-Id: I1401530b56bab25561bb0f274529f1d12c5263bc Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Soby Mathew authored
This patch introduces a build option to enable D-cache early on the CPU after warm boot. This is applicable for platforms which do not require interconnect programming to enable cache coherency (eg: single cluster platforms). If this option is enabled, then warm boot path enables D-caches immediately after enabling MMU. Fixes ARM-Software/tf-issues#456 Change-Id: I44c8787d116d7217837ced3bcf0b1d3441c8d80e Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
- 05 Apr, 2017 1 commit
-
-
Masahiro Yamada authored
If SCP_BL2 is passed in from the command line, it is recognized by make_helpers/tbbr/tbbr_tools.mk, and the cert_create tool generates the corresponding key and content certificates. On the other hand, the top-level Makefile does not care SCP_BL2, so the --scp-fw option is not passed to the fiptool. As far as I see plat/arm/css/common/css_common.mk, it looks like a platform's job to add $(eval $(call FIP_ADD_IMG,SCP_BL2,--scp-fw)). We can make the top-level Makefile kind enough to take care of it. This is useful when we want to have optional SCP_BL2 firmware. Adjust css_common.mk so that Juno still requires SCP_BL2 by default. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
- 31 Mar, 2017 1 commit
-
-
Douglas Raillard authored
Introduce new build option ENABLE_STACK_PROTECTOR. It enables compilation of all BL images with one of the GCC -fstack-protector-* options. A new platform function plat_get_stack_protector_canary() is introduced. It returns a value that is used to initialize the canary for stack corruption detection. Returning a random value will prevent an attacker from predicting the value and greatly increase the effectiveness of the protection. A message is printed at the ERROR level when a stack corruption is detected. To be effective, the global data must be stored at an address lower than the base of the stacks. Failure to do so would allow an attacker to overwrite the canary as part of an attack which would void the protection. FVP implementation of plat_get_stack_protector_canary is weak as there is no real source of entropy on the FVP. It therefore relies on a timer's value, which could be predictable. Change-Id: Icaaee96392733b721fa7c86a81d03660d3c1bc06 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
-
- 27 Mar, 2017 1 commit
-
-
Soby Mathew authored
At present, the build option checks are done prior to inclusion of BL makefiles. This meant if the BL makefiles modified any of the options then these checks were bypassed. This patch corrects this problem. Change-Id: I0b591392a74d6d456d2b19bbe292f42b5aeae048 Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
- 20 Mar, 2017 1 commit
-
-
dp-arm authored
These source file definitions should be defined in generic Makefiles so that all platforms can benefit. Ensure that the symbols are properly marked as weak so they can be overridden by platforms. NOTE: This change is a potential compatibility break for non-upstream platforms. Change-Id: I7b892efa9f2d6d216931360dc6c436e1d10cffed Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
-
- 08 Mar, 2017 1 commit
-
-
Antonio Nino Diaz authored
The folder lib/xlat_tables_v2 has been created to store a new version of the translation tables library for further modifications in patches to follow. At the moment it only contains a basic implementation that supports static regions. This library allows different translation tables to be modified by using different 'contexts'. For now, the implementation defaults to the translation tables used by the current image, but it is possible to modify other tables than the ones in use. Added a new API to print debug information for the current state of the translation tables, rather than printing the information while the tables are being created. This allows subsequent debug printing of the xlat tables after they have been changed, which will be useful when dynamic regions are implemented in a patch to follow. The common definitions stored in `xlat_tables.h` header have been moved to a new file common to both versions, `xlat_tables_defs.h`. All headers related to the translation tables library have been moved to a the subfolder `xlat_tables`. Change-Id: Ia55962c33e0b781831d43a548e505206dffc5ea9 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 02 Mar, 2017 2 commits
-
-
Jeenu Viswambharan authored
ARM Trusted Firmware keeps certain data structures in a memory region with non-cacheable attributes (termed as "coherent memory") to keep data coherent with observers that are cache-coherent, and those not. These data structures pertain to power management and mutual exclusion. Using coherent memory also costs at least an additional page to map memory with special memory attributes. On systems with hardware-assisted coherency, all CPUs that participate in power management and mutual exclusion are cache-coherent, obviating the need for special memory attributes for such data structures. Instead, they can be placed in normal memory, along with rest of data. On systems with hardware-assisted coherency, where build option HW_ASSISTED_COHERENCY will be set, also having USE_COHERENT_MEMORY enabled only wastes a page of memory without any benefit. Therefore, with HW_ASSISTED_COHERENCY set to 1, require that USE_COHERENT_MEMORY is explicitly set to 0. Change-Id: I5101657ae6b1a46278069f23e2d88ee5cbd98efa Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
-
Jeenu Viswambharan authored
The boolean build option HW_ASSISTED_COHERENCY is introduced to enable various optimizations in ARM Trusted Software, when built for such systems. It's set to 0 by default. Change-Id: I638390da6e1718fe024dcf5b402e07084f1eb014 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
-
- 14 Feb, 2017 1 commit
-
-
Jeenu Viswambharan authored
The ARMv8v.1 architecture extension has introduced support for far atomics, which includes compare-and-swap. Compare and Swap instruction is only available for AArch64. Introduce build options to choose the architecture versions to target ARM Trusted Firmware: - ARM_ARCH_MAJOR: selects the major version of target ARM Architecture. Default value is 8. - ARM_ARCH_MINOR: selects the minor version of target ARM Architecture. Default value is 0. When: (ARM_ARCH_MAJOR > 8) || ((ARM_ARCH_MAJOR == 8) && (ARM_ARCH_MINOR >= 1)), for AArch64, Compare and Swap instruction is used to implement spin locks. Otherwise, the implementation falls back to using load-/store-exclusive instructions. Update user guide, and introduce a section in Firmware Design guide to summarize support for features introduced in ARMv8 Architecture Extensions. Change-Id: I73096a0039502f7aef9ec6ab3ae36680da033f16 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
-
- 13 Feb, 2017 1 commit
-
-
dp-arm authored
This patch introduces the following three platform interfaces: * void plat_psci_stat_accounting_start(const psci_power_state_t *state_info) This is an optional hook that platforms can implement in order to perform accounting before entering a low power state. This typically involves capturing a timestamp. * void plat_psci_stat_accounting_stop(const psci_power_state_t *state_info) This is an optional hook that platforms can implement in order to perform accounting after exiting from a low power state. This typically involves capturing a timestamp. * u_register_t plat_psci_stat_get_residency(unsigned int lvl, const psci_power_state_t *state_info, unsigned int last_cpu_index) This is an optional hook that platforms can implement in order to calculate the PSCI stat residency. If any of these interfaces are overridden by the platform, it is recommended that all of them are. By default `ENABLE_PSCI_STAT` is disabled. If `ENABLE_PSCI_STAT` is set but `ENABLE_PMF` is not set then an alternative PSCI stat collection backend must be provided. If both are set, then default weak definitions of these functions are provided, using PMF to calculate the residency. NOTE: Previously, platforms did not have to explicitly set `ENABLE_PMF` since this was automatically done by the top-level Makefile. Change-Id: I17b47804dea68c77bc284df15ee1ccd66bc4b79b Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
-
- 03 Feb, 2017 1 commit
-
-
Masahiro Yamada authored
Currently, the BUILD_STRING is just 7-digits git hash. It is true we can identify which version is running, but we can not get a quick idea about how new or old it is. The command "git describe" provides us a bit more useful information in the format of: (tag-name)-(number of commits on top the tag)-g(7 digits hash) I added some options: --always Make "git describe" work without any tag in case the upstream ATF is cloned, but all the tags are locally dropped. --tags Use any tag instead of only annotated tags. In ATF, only some tags are annotated, actually the last annotated tag is "v0.2", whereas we are on "v1.3" tag now. This option is needed to get something like v1.3-233-gbcc2bf09 instead of v0.2-1713-gbcc2bf09. --dirty The mark "-dirty" is appended if the source tree is locally modified. With this commit, the welcome string NOTICE: BL1: v1.3(debug):bcc2bf09 will become like follows: NOTICE: BL1: v1.3(debug):v1.3-233-gbcc2bf09 -dirty While we are here, let's add "2> /dev/null" as well to silently ignore any error message from git. We should not assume that users always work in a git repository; the ATF might be released in a tarball form instead of a git repository. In such a case, the git command will fail, then the ugly message "fatal: Not a git ..." will be displayed during the build: $ make CROSS_COMPILE=aarch64-linux-gnu- fatal: Not a git repository (or any of the parent directories): .git Building fvp CC drivers/io/io_semihosting.c CC lib/semihosting/semihosting.c ... Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
- 31 Jan, 2017 1 commit
-
-
Douglas Raillard authored
Sharing the same CFLAGS for both the firmware and host tools is not useful and can lead to compilation failure when CFLAGS is set on the command line. This patch make MAKEOVERRIDES special variable empty so make's command line variable definitions are not implicitly forwarded to sub make invocations. However, make options are still forwarded like "-s" option to make the build silent. Change-Id: Ia921c02beb1fd2041696a26160b9e7974ae000fa Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
-
- 30 Jan, 2017 2 commits
-
-
Jeenu Viswambharan authored
The errata reporting policy is as follows: - If an errata workaround is enabled: - If it applies (i.e. the CPU is affected by the errata), an INFO message is printed, confirming that the errata workaround has been applied. - If it does not apply, a VERBOSE message is printed, confirming that the errata workaround has been skipped. - If an errata workaround is not enabled, but would have applied had it been, a WARN message is printed, alerting that errata workaround is missing. The CPU errata messages are printed by both BL1 (primary CPU only) and runtime firmware on debug builds, once for each CPU/errata combination. Relevant output from Juno r1 console when ARM Trusted Firmware is built with PLAT=juno LOG_LEVEL=50 DEBUG=1: VERBOSE: BL1: cortex_a57: errata workaround for 806969 was not applied VERBOSE: BL1: cortex_a57: errata workaround for 813420 was not applied INFO: BL1: cortex_a57: errata workaround for disable_ldnp_overread was applied WARNING: BL1: cortex_a57: errata workaround for 826974 was missing! WARNING: BL1: cortex_a57: errata workaround for 826977 was missing! WARNING: BL1: cortex_a57: errata workaround for 828024 was missing! WARNING: BL1: cortex_a57: errata workaround for 829520 was missing! WARNING: BL1: cortex_a57: errata workaround for 833471 was missing! ... VERBOSE: BL31: cortex_a57: errata workaround for 806969 was not applied VERBOSE: BL31: cortex_a57: errata workaround for 813420 was not applied INFO: BL31: cortex_a57: errata workaround for disable_ldnp_overread was applied WARNING: BL31: cortex_a57: errata workaround for 826974 was missing! WARNING: BL31: cortex_a57: errata workaround for 826977 was missing! WARNING: BL31: cortex_a57: errata workaround for 828024 was missing! WARNING: BL31: cortex_a57: errata workaround for 829520 was missing! WARNING: BL31: cortex_a57: errata workaround for 833471 was missing! ... VERBOSE: BL31: cortex_a53: errata workaround for 826319 was not applied INFO: BL31: cortex_a53: errata workaround for disable_non_temporal_hint was applied Also update documentation. Change-Id: Iccf059d3348adb876ca121cdf5207bdbbacf2aba Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
-
Douglas Raillard authored
Disable the automatic substitution of functions with builtins. The existing -ffreestanding option should already do this but explicitly adding -fno-builtin reduces the risk of compiler variation. With this option, GCC is not supposed to be able to make assumptions on what the function does, which could otherwise lead to security-sensitive code removal. This can lead to potentially less efficient code but improves predictability of what code is actually compiled into the binary. Change-Id: I06ad151c61318bd1b00d84976f051d2d94314acc Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
-
- 28 Jan, 2017 1 commit
-
-
Masahiro Yamada authored
The current fiptool packs all the images without any padding between them. So, the offset to each image has no alignment. This is not efficient, for example, when the FIP is read from a block-oriented device. For example, (e)MMC is accessed by block-addressing. The block size is 512 byte. So, the best case is each image is aligned by 512 byte since the DMA engine can transfer the whole of the image to its load address directly. The worst case is the offset does not have even DMA-capable alignment (this is where we stand now). In this case, we need to transfer every block to a bounce buffer, then do memcpy() from the bounce buffer to our final destination. At least, this should work with the abstraction by the block I/O layer, but the CPU-intervention for the whole data transfer makes it really slow. This commit adds a new option --align to the fiptool. This option, if given, requests the tool to align each component in the FIP file by the specified byte. Also, add a new Make option FIP_ALIGN for easier access to this feature; users can give something like FIP_ALIGN=512 from the command line, or add "FIP_ALIGN := 512" to their platform.mk file. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
- 16 Jan, 2017 1 commit
-
-
Antonio Nino Diaz authored
When generating the list of files to check by checkpatch.pl, the list generated by `git ls-files` is filtered by a regular expression with grep. Due to a malformed regex, the dot of `.md` was considered a wildcard instead of a dot. This patch fixes this so that it matches only dots, thus allowing the two following files to be checked: * tools/cert_create/include/cmd_opt.h * tools/cert_create/src/cmd_opt.c Also extended the list of library directories to check by checkpatch to exclude any folder starting with libfdt. Change-Id: Ie7bf18efe4df29e364e5d67ba1118515304ed9a4 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 05 Jan, 2017 2 commits
-
-
Masahiro Yamada authored
Using AS for pre-processing looks a bit weird, and some assembly specific options are given for nothing. Rather, use CPP. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
The -c flag should not be included in the global variable TF_CFLAGS; it should be specified in the build rule only when its target is a *.o file. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
- 14 Dec, 2016 1 commit
-
-
Yatharth Kochar authored
This patch enables TRUSTED_BOARD_BOOT (Authentication and FWU) support, for AArch64, when LOAD_IMAGE_V2 is enabled. This patch also enables LOAD_IMAGE_V2 for ARM platforms. Change-Id: I294a2eebce7a30b6784c80c9d4ac7752808ee3ad Signed-off-by: Yatharth Kochar <yatharth.kochar@arm.com>
-
- 08 Nov, 2016 1 commit
-
-
Jeenu Viswambharan authored
When build variables are assigned or processed en masse, they'd appear neater in alphabetical order. Static initializations are moved to a separate file, make_helpers/defaults.mk, which in itself is sorted alphabetically. No functional changes. Change-Id: I966010042b33de6b67592fb9ffcef8fc44d7d128 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
-
- 27 Oct, 2016 1 commit
-
-
Antonio Nino Diaz authored
Checkpatch is a script developed to verify the style of Linux kernel patches. As Kernel developers use emails to send patches for review, checkpatch is prepared for that specific format. This change adapts the Makefile to use said format. As a result, indentation in the commit message has been removed, thus fixing the warnings about Signed-off-by lines being preceded by whitespace. Fixes ARM-software/tf-issues#432 Change-Id: I00cb86365fe15f7e2c3a99a306c8eb51cf02fe86 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 13 Oct, 2016 1 commit
-
-
David Cunado authored
Change-Id: I05991543d28e70b67be600b714990af6a8d7ba29
-
- 12 Oct, 2016 1 commit
-
-
dp-arm authored
In order to quantify the overall time spent in the PSCI software implementation, an initial collection of PMF instrumentation points has been added. Instrumentation has been added to the following code paths: - Entry to PSCI SMC handler. The timestamp is captured as early as possible during the runtime exception and stored in memory before entering the PSCI SMC handler. - Exit from PSCI SMC handler. The timestamp is captured after normal return from the PSCI SMC handler or if a low power state was requested it is captured in the bl31 warm boot path before return to normal world. - Entry to low power state. The timestamp is captured before entry to a low power state which implies either standby or power down. As these power states are mutually exclusive, only one timestamp is defined to describe both. It is possible to differentiate between the two power states using the PSCI STAT interface. - Exit from low power state. The timestamp is captured after a standby or power up operation has completed. To calculate the number of cycles spent running code in Trusted Firmware one can perform the following calculation: (exit_psci - enter_psci) - (exit_low_pwr - enter_low_pwr). The resulting number of cycles can be converted to time given the frequency of the counter. Change-Id: Ie3b8f3d16409b6703747093b3a2d5c7429ad0166 Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
-
- 10 Oct, 2016 1 commit
-
-
Andreas Färber authored
Insert a cosmetic space before "(FIP)". Signed-off-by: Andreas Färber <afaerber@suse.de>
-
- 21 Sep, 2016 3 commits
-
-
Yatharth Kochar authored
This patch adds ARM platform changes in BL2 for AArch32 state. It instantiates a descriptor array for ARM platforms describing image and entrypoint information for `SCP_BL2`, `BL32` and `BL33`. It also enables building of BL2 for ARCH=aarch32. Change-Id: I60dc7a284311eceba401fc789311c50ac746c51e
-
Yatharth Kochar authored
This patch adds ARM platform changes in BL1 for AArch32 state. It also enables building of BL1 for ARCH=aarch32. Change-Id: I079be81a93d027f37b0f7d8bb474b1252bb4cf48
-
Yatharth Kochar authored
This patch adds common changes to support AArch32 state in BL1 and BL2. Following are the changes: * Added functions for disabling MMU from Secure state. * Added AArch32 specific SMC function. * Added semihosting support. * Added reporting of unhandled exceptions. * Added uniprocessor stack support. * Added `el3_entrypoint_common` macro that can be shared by BL1 and BL32 (SP_MIN) BL stages. The `el3_entrypoint_common` is similar to the AArch64 counterpart with the main difference in the assembly instructions and the registers that are relevant to AArch32 execution state. * Enabled `LOAD_IMAGE_V2` flag in Makefile for `ARCH=aarch32` and added check to make sure that platform has not overridden to disable it. Change-Id: I33c6d8dfefb2e5d142fdfd06a0f4a7332962e1a3
-
- 20 Sep, 2016 1 commit
-
-
Yatharth Kochar authored
This patch adds capability to load BL images based on image descriptors instead of hard coded way of loading BL images. This framework is designed such that it can be readily adapted by any BL stage that needs to load images. In order to provide the above capability the following new platform functions are introduced: bl_load_info_t *plat_get_bl_image_load_info(void); This function returns pointer to the list of images that the platform has populated to load. bl_params_t *plat_get_next_bl_params(void); This function returns a pointer to the shared memory that the platform has kept aside to pass trusted firmware related information that next BL image needs. void plat_flush_next_bl_params(void); This function flushes to main memory all the params that are passed to next image. int bl2_plat_handle_post_image_load(unsigned int image_id) This function can be used by the platforms to update/use image information for given `image_id`. `desc_image_load.c` contains utility functions which can be used by the platforms to generate, load and executable, image list based on the registered image descriptors. This patch also adds new version of `load_image/load_auth_image` functions in-order to achieve the above capability. Following are the changes for the new version as compared to old: - Refactor the signature and only keep image_id and image_info_t arguments. Removed image_base argument as it is already passed through image_info_t. Given that the BL image base addresses and limit/size are already provided by the platforms, the meminfo_t and entry_point_info arguments are not needed to provide/reserve the extent of free memory for the given BL image. - Added check for the image size against the defined max size. This is needed because the image size could come from an unauthenticated source (e.g. the FIP header). To make this check, new member is added to the image_info_t struct for identifying the image maximum size. New flag `LOAD_IMAGE_V2` is added in the Makefile. Default value is 0. NOTE: `TRUSTED_BOARD_BOOT` is currently not supported when `LOAD_IMAGE_V2` is enabled. Change-Id: Ia7b643f4817a170d5a2fbf479b9bc12e63112e79
-
- 26 Aug, 2016 1 commit
-
-
dp-arm authored
More headers will be needed soon so better to move these to their own directory to avoid cluttering include/lib. Change-Id: I6a72dc5b602d6f51954cf60aadd1beb52a268670
-
- 15 Aug, 2016 1 commit
-
-
Soby Mathew authored
This patch enables the AArch32 build including SP_MIN in the top level Makefile. The build flag `ARCH` now can specify either `aarch64`(default) or `aarch32`. Currently only FVP AEM model is supported for AArch32 build. Another new build flag `AARCH32_SP` is introduced to specify the AArch32 secure payload to be built. Change-Id: Ie1198cb9e52d7da1b79b93243338fc3868b08faa
-
- 10 Aug, 2016 1 commit
-
-
Soby Mathew authored
This patch adds the essential AArch32 architecture helpers arch.h and arch_helpers.h and modifies `_types.h` to add AArch32 support. A new build option `ARCH` is defined in the top level makefile to enable the component makefiles to choose the right files based on the Architecture it is being build for. Depending on this flag, either `AARCH32` or `AARCH64` flag is defined by the Makefile. The default value of `ARCH` flag is `aarch64`. The AArch32 build support will be added in a later patch. Change-Id: I405e5fac02db828a55cd25989b572b64cb005241
-
- 29 Jul, 2016 1 commit
-
-
dp-arm authored
fiptool provides a more consistent and intuitive interface compared to the fip_create program. It serves as a better base to build on more features in the future. fiptool supports various subcommands. Below are the currently supported subcommands: 1) info - List the images contained in a FIP file. 2) create - Create a new FIP file with the given images. 3) update - Update an existing FIP with the given images. 4) unpack - Extract a selected set or all the images from a FIP file. 5) remove - Remove images from a FIP file. This is a new command that was not present in fip_create. To create a new FIP file, replace "fip_create" with "fiptool create". To update a FIP file, replace "fip_create" with "fiptool update". To dump the contents of a FIP file, replace "fip_create --dump" with "fiptool info". A compatibility script that emulates the basic functionality of fip_create is provided. Existing scripts might or might not work with the compatibility script. Users are strongly encouraged to migrate to fiptool. Fixes ARM-Software/tf-issues#87 Fixes ARM-Software/tf-issues#108 Fixes ARM-Software/tf-issues#361 Change-Id: I7ee4da7ac60179cc83cf46af890fd8bc61a53330
-
- 18 Jul, 2016 1 commit
-
-
Soby Mathew authored
This patch moves the PSCI services and BL31 frameworks like context management and per-cpu data into new library components `PSCI` and `el3_runtime` respectively. This enables PSCI to be built independently from BL31. A new `psci_lib.mk` makefile is introduced which adds the relevant PSCI library sources and gets included by `bl31.mk`. Other changes which are done as part of this patch are: * The runtime services framework is now moved to the `common/` folder to enable reuse. * The `asm_macros.S` and `assert_macros.S` helpers are moved to architecture specific folder. * The `plat_psci_common.c` is moved from the `plat/common/aarch64/` folder to `plat/common` folder. The original file location now has a stub which just includes the file from new location to maintain platform compatibility. Most of the changes wouldn't affect platform builds as they just involve changes to the generic bl1.mk and bl31.mk makefiles. NOTE: THE `plat_psci_common.c` FILE HAS MOVED LOCATION AND THE STUB FILE AT THE ORIGINAL LOCATION IS NOW DEPRECATED. PLATFORMS SHOULD MODIFY THEIR MAKEFILES TO INCLUDE THE FILE FROM THE NEW LOCATION. Change-Id: I6bd87d5b59424995c6a65ef8076d4fda91ad5e86
-
- 08 Jul, 2016 1 commit
-
-
Sandrine Bailleux authored
At the moment, all BL images share a similar memory layout: they start with their code section, followed by their read-only data section. The two sections are contiguous in memory. Therefore, the end of the code section and the beginning of the read-only data one might share a memory page. This forces both to be mapped with the same memory attributes. As the code needs to be executable, this means that the read-only data stored on the same memory page as the code are executable as well. This could potentially be exploited as part of a security attack. This patch introduces a new build flag called SEPARATE_CODE_AND_RODATA, which isolates the code and read-only data on separate memory pages. This in turn allows independent control of the access permissions for the code and read-only data. This has an impact on memory footprint, as padding bytes need to be introduced between the code and read-only data to ensure the segragation of the two. To limit the memory cost, the memory layout of the read-only section has been changed in this case. - When SEPARATE_CODE_AND_RODATA=0, the layout is unchanged, i.e. the read-only section still looks like this (padding omitted): | ... | +-------------------+ | Exception vectors | +-------------------+ | Read-only data | +-------------------+ | Code | +-------------------+ BLx_BASE In this case, the linker script provides the limits of the whole read-only section. - When SEPARATE_CODE_AND_RODATA=1, the exception vectors and read-only data are swapped, such that the code and exception vectors are contiguous, followed by the read-only data. This gives the following new layout (padding omitted): | ... | +-------------------+ | Read-only data | +-------------------+ | Exception vectors | +-------------------+ | Code | +-------------------+ BLx_BASE In this case, the linker script now exports 2 sets of addresses instead: the limits of the code and the limits of the read-only data. Refer to the Firmware Design guide for more details. This provides platform code with a finer-grained view of the image layout and allows it to map these 2 regions with the appropriate access permissions. Note that SEPARATE_CODE_AND_RODATA applies to all BL images. Change-Id: I936cf80164f6b66b6ad52b8edacadc532c935a49
-