- 10 Nov, 2017 2 commits
-
-
davidcunado-arm authored
SPM: Fix pointer to MP info in boot info struct
-
Antonio Nino Diaz authored
The MP info struct is placed right after the boot info struct. However, when calculating the address of the MP info, the size of the boot info struct was being multiplied by the size of the MP boot info. This left a big gap of empty space between the structs. This didn't break any code because the boot info struct has a pointer to the MP info struct. It was just wasting space. Change-Id: I1668e3540d9173261968f6740623549000bd48db Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 09 Nov, 2017 2 commits
-
-
davidcunado-arm authored
Introduce Secure Partition Manager
-
Antonio Nino Diaz authored
This initial port of the Secure Partitions Manager to FVP supports BL31 in both SRAM and Trusted DRAM. A document with instructions to build the SPM has been added. Change-Id: I4ea83ff0a659be77f2cd72eaf2302cdf8ba98b32 Co-authored-by: Douglas Raillard <douglas.raillard@arm.com> Co-authored-by: Sandrine Bailleux <sandrine.bailleux@arm.com> Co-authored-by: Achin Gupta <achin.gupta@arm.com> Co-authored-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com> Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 08 Nov, 2017 4 commits
-
-
Antonio Nino Diaz authored
A Secure Partition is a software execution environment instantiated in S-EL0 that can be used to implement simple management and security services. Since S-EL0 is an unprivileged exception level, a Secure Partition relies on privileged firmware e.g. ARM Trusted Firmware to be granted access to system and processor resources. Essentially, it is a software sandbox that runs under the control of privileged software in the Secure World and accesses the following system resources: - Memory and device regions in the system address map. - PE system registers. - A range of asynchronous exceptions e.g. interrupts. - A range of synchronous exceptions e.g. SMC function identifiers. A Secure Partition enables privileged firmware to implement only the absolutely essential secure services in EL3 and instantiate the rest in a partition. Since the partition executes in S-EL0, its implementation cannot be overly complex. The component in ARM Trusted Firmware responsible for managing a Secure Partition is called the Secure Partition Manager (SPM). The SPM is responsible for the following: - Validating and allocating resources requested by a Secure Partition. - Implementing a well defined interface that is used for initialising a Secure Partition. - Implementing a well defined interface that is used by the normal world and other secure services for accessing the services exported by a Secure Partition. - Implementing a well defined interface that is used by a Secure Partition to fulfil service requests. - Instantiating the software execution environment required by a Secure Partition to fulfil a service request. Change-Id: I6f7862d6bba8732db5b73f54e789d717a35e802f Co-authored-by: Douglas Raillard <douglas.raillard@arm.com> Co-authored-by: Sandrine Bailleux <sandrine.bailleux@arm.com> Co-authored-by: Achin Gupta <achin.gupta@arm.com> Co-authored-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com> Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Antonio Nino Diaz authored
This function can be useful to setup TCR_ELx by callers that don't use the translation tables library to setup the system registers related to them. By making it common, it can be reused whenever it is needed without duplicating code. Change-Id: Ibfada9e846d2a6cd113b1925ac911bb27327d375 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Antonio Nino Diaz authored
A line in the upstream SPDs is only compiled in in `DEBUG` builds. This line is used to help with assertions and so assertion failures can happen in release builds with assertions enabled. Use `ENABLE_ASSERTIONS` instead of `DEBUG`. This bug was introduced in commit aa61368e , which introduced the build option `ENABLE_ASSERTIONS`. Change-Id: I7977df9c89c68677b00099b2a1926fa3cb0937c6 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
davidcunado-arm authored
Fix PSCI STAT time stamp collection
-
- 07 Nov, 2017 1 commit
-
-
davidcunado-arm authored
Fix build error when creating ROT key for UniPhier platform
-
- 06 Nov, 2017 3 commits
-
-
Masahiro Yamada authored
Building the UniPhier platform in parallel with TRUSTED_BOARD_BOOT=1 could fail due to non-existing directory. It might be difficult to reproduce, but here is an easier way to trigger the problem: $ make PLAT=uniphier TRUSTED_BOARD_BOOT=1 MBEDTLS_DIR=mbedtls certificates OPENSSL build/uniphier/release/rot_key.pem /bin/sh: 1: cannot create build/uniphier/release/rot_key.pem: Directory nonexistent make: *** [build/uniphier/release/rot_key.pem] Error 2 The $(ROT_KEY) must depend on $(BUILD_PLAT) so that the build directory is created before the key. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
Some platforms (for ex. UniPhier) want to create files in the very top of the build directory. Add ${BUILD_PLAT} so such files can depend on it. Make existing directory targets depend on ${BUILD_PLAT} because they are sub-directories of ${BUILD_PLAT}. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
davidcunado-arm authored
Avoid use of undefined macros
-
- 03 Nov, 2017 4 commits
-
-
davidcunado-arm authored
Change sizeof to use type of struct not function
-
davidcunado-arm authored
qemu: update deprecated interrupt registering
-
Soby Mathew authored
This patch includes various fixes for PSCI STAT functionality relating to timestamp collection: 1. The PSCI stat accounting for retention states for higher level power domains were done outside the locks which could lead to spurious values in some race conditions. This is moved inside the locks. Also, the call to start the stat accounting was redundant which is now removed. 2. The timestamp wrap-around case when calculating residency did not cater for AArch32. This is now fixed. 3. In the warm boot path, `plat_psci_stat_accounting_stop()` was getting invoked prior to population of target power states. This is now corrected. Change-Id: I851526455304fb74ff0a724f4d5318cd89e19589 Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
davidcunado-arm authored
Enable GICv3 save for ARM platforms
-
- 02 Nov, 2017 1 commit
-
-
Etienne Carriere authored
Registered interrupts are configured in edge detection as the default previous configuration assumed in previous code. Not target mask required as Qemu BL31 will not send/route SGIs. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
-
- 01 Nov, 2017 4 commits
-
-
davidcunado-arm authored
aarch64: Add PubSub events to capture security state transitions
-
Roberto Vargas authored
These macros are only defined for corresponding image, and they are undefined for other images. It means that we have to use ifdef or defined() instead of relying on being 0 by default. Change-Id: Iad11efab9830ddf471599b46286e1c56581ef5a7 Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
-
Roberto Vargas authored
ARM_TSP_RAM_LOCATION_ID was defined only in AARCH64, but the macro was also used in AARCH32, and it meant that it was taking the value 0, which happened to equal ARM_TRUSTED_SRAM_ID. Change-Id: If9f4dbee1a2ba15e7806f2a03305b554bd327363 Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
-
Roberto Vargas authored
debug.S was using macros defined in debug.h, but since it didn't include it, these macros were taking the value 0, which means that all the preprocessor conditionals were wrong. Change-Id: If4ca81cc5a1662991589f914a2557ceff0eaaede Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
-
- 31 Oct, 2017 5 commits
-
-
davidcunado-arm authored
Add FWU booting instructions to the user guide
-
davidcunado-arm authored
Add platform hooks for boot redundancy support
-
Joel Hutton authored
Change sizeof call so it references a static type instead of return of a function in order to be MISRA compliant. Change-Id: I6f1adb206073d6cd200156e281b8d76249e3af0e Signed-off-by: Joel Hutton <joel.hutton@arm.com>
-
Dimitris Papastamos authored
Add events that trigger before entry to normal/secure world. The events trigger after the normal/secure context has been restored. Similarly add events that trigger after leaving normal/secure world. The events trigger after the normal/secure context has been saved. Change-Id: I1b48a7ea005d56b1f25e2b5313d77e67d2f02bc5 Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
-
Roberto Vargas authored
FWU uses additional images that have to be loaded, and this patch adds the documentation of how to do it in FVP and Juno. Change-Id: I1a40641c11c5a4c8db0aadeaeb2bec30c9279e28 Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
-
- 30 Oct, 2017 1 commit
-
-
davidcunado-arm authored
Change the default option of ARM_TSP_RAM_LOCATION and Enlarge the BL2 size on ARM platforms
-
- 27 Oct, 2017 1 commit
-
-
davidcunado-arm authored
qemu/optee: load OP-TEE pageable part 2MB above OP-TEE image
-
- 26 Oct, 2017 3 commits
-
-
davidcunado-arm authored
qemu: fix holding pen mailbox sequence
-
Etienne Carriere authored
OP-TEE dedicates the end of the Qemu secure DRAM as specific out-of-TEE secure RAM. To support this configuration the trusted firmware should not load OP-TEE resources in this area. To overcome the issue, OP-TEE pageable image is now loaded 2MByte above the secure RAM base address. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
-
davidcunado-arm authored
qemu: Add support for Trusted Board Boot
-
- 25 Oct, 2017 3 commits
-
-
Michalis Pappas authored
This patch adds support for TBB to qemu. An RSA ROT keypair is generated at build time and is included into BL1/BL2. The key and content certificates are read over semihosting. Fixes ARM-software/tf-issues#526 Signed-off-by: Michalis Pappas <mpappas@fastmail.fm>
-
Qixiang Xu authored
For Trusted Board Boot, BL2 needs more space to support the ECDSA and ECDSA+RSA algorithms. Change-Id: Ie7eda9a1315ce836dbc6d18d6588f8d17891a92d Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>
-
Qixiang Xu authored
On Arm standard platforms, it runs out of SRAM space when TBB is enabled, so the TSP default location is changed to dram when TBB is enabled. Change-Id: I516687013ad436ef454d2055d4e6fce06e467044 Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>
-
- 24 Oct, 2017 2 commits
-
-
Roberto Vargas authored
These hooks are intended to allow one platform to try load images from alternative places. There is a hook to initialize the sequence of boot locations and a hook to pass to the next sequence. Change-Id: Ia0f84c415208dc4fa4f9d060d58476db23efa5b2 Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
-
Etienne Carriere authored
Before this change, plat_secondary_cold_boot_setup reads wake up mailbox as a byte array but through 64bit accesses on unaligned 64bit addresses. In the other hand qemu_pwr_domain_on wakes secondary cores by writing into a 64bit array. This change forces the 64bit mailbox format as PLAT_QEMU_HOLD_ENTRY_SIZE explicitly specifies it. Signed-off-by: Etienne Carriere <etienne.carriere@linaro.org>
-
- 23 Oct, 2017 4 commits
-
-
davidcunado-arm authored
Fix edmac
-
davidcunado-arm authored
Publish and Subscribe framework
-
Jeenu Viswambharan authored
This allows other EL3 components to subscribe to CPU on events. Update Firmware Design guide to list psci_cpu_on_finish as an available event. Change-Id: Ida774afe0f9cdce4021933fcc33a9527ba7aaae2 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
-
Jeenu Viswambharan authored
This light-weight framework enables some EL3 components to publish events which other EL3 components can subscribe to. Publisher can optionally pass opaque data for subscribers. The order in which subscribers are called is not defined. Firmware design updated. Change-Id: I24a3a70b2b1dedcb1f73cf48313818aebf75ebb6 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
-