- 12 Jul, 2017 1 commit
-
-
Victor Chong authored
Signed-off-by: Victor Chong <victor.chong@linaro.org>
-
- 07 Jul, 2017 1 commit
-
-
Eleanor Bonnici authored
Change-Id: I0cd355d9fc7f14fb4eabb443d596d6f0858f609e Signed-off-by: Eleanor Bonnici <Eleanor.bonnici@arm.com>
-
- 06 Jul, 2017 2 commits
-
-
David Cunado authored
Updated change-log.rst with summary of changes since release v1.3. Change-Id: Iecd31ed315bd9ad7ffe8bce6550f7c90e1e3a9b0 Signed-off-by: David Cunado <david.cunado@arm.com>
-
David Cunado authored
ARM TF has been tested against Linaro Release 17.04 - the Linaro binaries have been update and also the version of the compiler. Linaro binaries: 17.01 --> 17.04 AArch64 & AArch32 compilers: 5.3-2015.05 (gcc 5.3) -> 6.2-2016.11 (gcc 6.2) This patch updates the User Guide is to state that Linaro release 17.04 is supported. Additionally, the following fixes are made to the User Guide: - Removed out of date reference to Linaro release 16.06. - Updated the Juno variant coverage to include r2. Change-Id: Iebbced3356f8c6b3c2bff2df62574db9f937ca7b Signed-off-by: David Cunado <david.cunado@arm.com>
-
- 05 Jul, 2017 1 commit
-
-
David Cunado authored
Trusted Firmware has been tested as part of its CI system against Cortex and Foundation models in the 11.0 Model release available on developer.arm.com. Trusted Firmware has also been tested against the v8.5 AEM model. This patch updates the user guide documentation to reflect the version of the Foundation, AEM and Cortex Models that Trusted Firmware has been tested against. Change-Id: I3b5b4d1e4220bda1dcc88aa9cfa01fa711ed92cd Signed-off-by: David Cunado <david.cunado@arm.com>
-
- 29 Jun, 2017 4 commits
-
-
Douglas Raillard authored
Removed Markdown documents as they have been converted to reStructuredText. Change-Id: I3148222eb31258f158f64de4ddcdda4b232ce483 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
-
Douglas Raillard authored
Non-automated fixes to the converted documentation. Change-Id: I61f3d37c7a8d6a56a7351048060b970c5b3751e4 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
-
Douglas Raillard authored
Due to recent issues in the rendering of the documentation on GitHub and some long-standing issues like the lack of automatic table of content in Markdown, the documentation has been converted to reStructuredText. Basic constructs looks pretty similar to Markdown. Automatically convert GitHub markdown documentation to reStructuredText using pandoc. Change-Id: If20b695acedc6d1b49c8d9fb64efd6b6ba23f4a9 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
-
Douglas Raillard authored
Change some hard-to-convert constructs to cleaner ones. Fix a broken link. Change-Id: Ida70aa1da0af7a107b0e05eb20b8d46669a0380b Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
-
- 28 Jun, 2017 5 commits
-
-
Soby Mathew authored
This patch makes the necessary changes to enable ARM platform to successfully integrate CryptoCell during Trusted Board Boot. The changes are as follows: * A new build option `ARM_CRYPTOCELL_INTEG` is introduced to select the CryptoCell crypto driver for Trusted Board boot. * The TrustZone filter settings for Non Secure DRAM is modified to allow CryptoCell to read this memory. This is required to authenticate BL33 which is loaded into the Non Secure DDR. * The CSS platforms are modified to use coherent stacks in BL1 and BL2 when CryptoCell crypto is selected. This is because CryptoCell makes use of DMA to transfer data and the CryptoCell SBROM library allocates buffers on the stack during signature/hash verification. Change-Id: I1e6f6dcd1899784f1edeabfa2a9f279bbfb90e31 Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
Douglas Raillard authored
CFLAGS content can be set on the command line to allow passing extra options to the compiler. Its content is appended after the options set by the Makefile (TF_CFLAGS). The Makefiles must use TF_CFLAGS instead of CFLAGS, as the latter can be completely overriden by setting it on the command line. Also tell about LDFLAGS in the "Debugging options" section. Change-Id: Iaf27b424002898ef3040133f78cb133983a37aee Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
-
Douglas Raillard authored
Use TF_LDFLAGS from the Makefiles, and still append LDFLAGS as well to the compiler's invocation. This allows passing extra options from the make command line using LDFLAGS. Document new LDFLAGS Makefile option. Change-Id: I88c5ac26ca12ac2b2d60a6f150ae027639991f27 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
-
Isla Mitchell authored
Updated section 6, building a FIP for Juno and FVP, adding instructions for AArch32 and AArch64. Updated section 4.1, summary of build options, to include a description of the `JUNO_AARCH32_EL3_RUNTIME` build flag. Change-Id: I4ed006522cab981371c382859063f088fbfcb8f7 Signed-off-by: Isla Mitchell <isla.mitchell@arm.com>
-
Roberto Vargas authored
Without the additional newlines all the text becomes a single paragraph and next newlines are ignored. Change-Id: I783198477f654e3923fcabb21248f2bc62c33e9d Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
-
- 27 Jun, 2017 1 commit
-
-
Douglas Raillard authored
Fix link in docs/firmware-update.md and docs/change-log.md: https://github.com/ARM-software/arm-trusted-firmware/wiki/ARM-Trusted-Firmware-Image-Terminology Change-Id: I2d51d373fd0f7da59b548cd6bed52c47772014fd Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
-
- 22 Jun, 2017 1 commit
-
-
dp-arm authored
SPE is only supported in non-secure state. Accesses to SPE specific registers from SEL1 will trap to EL3. During a world switch, before `TTBR` is modified the SPE profiling buffers are drained. This is to avoid a potential invalid memory access in SEL1. SPE is architecturally specified only for AArch64. Change-Id: I04a96427d9f9d586c331913d815fdc726855f6b0 Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
-
- 21 Jun, 2017 1 commit
-
-
David Cunado authored
This patch updates the el3_arch_init_common macro so that it fully initialises essential control registers rather then relying on hardware to set the reset values. The context management functions are also updated to fully initialise the appropriate control registers when initialising the non-secure and secure context structures and when preparing to leave EL3 for a lower EL. This gives better alignement with the ARM ARM which states that software must initialise RES0 and RES1 fields with 0 / 1. This patch also corrects the following typos: "NASCR definitions" -> "NSACR definitions" Change-Id: Ia8940b8351dc27bc09e2138b011e249655041cfc Signed-off-by: David Cunado <david.cunado@arm.com>
-
- 12 Jun, 2017 2 commits
-
-
Masahiro Yamada authored
Add TSP to test BL32 without relying on external projects. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
Masahiro Yamada authored
Initial commit for Socionext UniPhier SoC support. BL1, Bl2, and BL31 are supported. Refer to docs/plat/socionext-uniphier.md for more detais. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
- 07 Jun, 2017 1 commit
-
-
Haojian Zhuang authored
Add document on HiKey960 platform and how to build. Signed-off-by: Haojian Zhuang <haojian.zhuang@linaro.org>
-
- 05 Jun, 2017 1 commit
-
-
Soby Mathew authored
This patch adds the SCMI driver for communicating with SCP. The power domain management and system power management protocol of the SCMI specification[1] is implemented in the driver. The SCP power management abstraction layer for SCMI for CSS power management is also added. A new buid option `CSS_USE_SCMI_DRIVER` is introduced to select SCMI driver over SCPI. [1] ARM System Control and Management Interface v1.0 (SCMI) Document number: ARM DEN 0056A Change-Id: I67265615a17e679a2afe810b9b0043711ba09dbb Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
- 02 Jun, 2017 1 commit
-
-
Summer Qin authored
Change-Id: Ic0a9b3c6d212e7171b37f944e11f079282dcce87 Signed-off-by: Summer Qin <summer.qin@arm.com>
-
- 01 Jun, 2017 4 commits
-
-
Antonio Nino Diaz authored
This SMC is as a means for the image loading state machine to go from COPYING, COPIED or AUTHENTICATED states to RESET state. Previously, this was only done when the authentication of an image failed or when the execution of the image finished. Documentation updated. Change-Id: Ida6d4c65017f83ae5e27465ec36f54499c6534d9 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Antonio Nino Diaz authored
Added checks to FWU_SMC_IMAGE_COPY to prevent loading data into a memory region where another image data is already loaded. Without this check, if two images are configured to be loaded in overlapping memory regions, one of them can be loaded and authenticated and the copy function is still able to load data from the second image on top of the first one. Since the first image is still in authenticated state, it can be executed, which could lead to the execution of unauthenticated arbitrary code of the second image. Firmware update documentation updated. Change-Id: Ib6871e569794c8e610a5ea59fe162ff5dcec526c Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Antonio Nino Diaz authored
It doesn't make sense to use the `-pedantic` flag when building the Trusted Firmware as we use GNU extensions and so our code is not fully ISO C compliant. This flag only makes sense if the code intends to be ISO C compliant. Change-Id: I6273564112759ff57f03b273f5349733a5f38aef Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Jeenu Viswambharan authored
ARM GIC-600 IP complies with ARM GICv3 architecture, but among others, implements a power control register in the Redistributor frame. This register must be programmed to mark the frame as powered on, before accessing other registers in the frame. Rest of initialization sequence remains the same. The driver provides APIs for Redistributor power management, and overrides those in the generic GICv3 driver. The driver data is shared between generic GICv3 driver and that of GIC-600. For FVP platform, the GIC-600 driver is chosen when FVP_USE_GIC_DRIVER is set to FVP_GIC600. Also update user guide. Change-Id: I321b2360728d69f6d4b0a747b2cfcc3fe5a20d67 Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
-
- 24 May, 2017 3 commits
-
-
Haojian Zhuang authored
Add the description on hikey and how to build. Signed-off-by: Haojian Zhuang <haojian.zhuang@linaro.org>
-
dp-arm authored
Change-Id: I92fd2fb920fcfc31bfcdadae787d8c84c5ca463b Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
-
Antonio Nino Diaz authored
This options enables an implementation of SHA-256 that has a smaller code footprint (~1.6 KB less) but is also ~30% slower. For ARM platforms, code size is currently considered more important than execution speed in the mbed TLS crypto module. Added a small note about this option to the documentation of the authentication framework. Change-Id: I4c0b221ea5d3466465261316ba07b627fa01b233 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 23 May, 2017 1 commit
-
-
Masahiro Yamada authored
Platforms aligned with TBBR are supposed to use their own OIDs, but defining the same macros with different OIDs does not provide any value (at least technically). For easier use of TBBR, this commit allows platforms to reuse the OIDs obtained by ARM Ltd. This will be useful for non-ARM vendors that do not need their own extension fields in their certificate files. The OIDs of ARM Ltd. have been moved to include/tools_share/tbbr_oid.h Platforms can include <tbbr_oid.h> instead of <platform_oid.h> by defining USE_TBBR_DEFS as 1. USE_TBBR_DEFS is 0 by default to keep the backward compatibility. For clarification, I inserted a blank line between headers from the include/ directory (#include <...>) and ones from a local directory (#include "..." ). Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
-
- 19 May, 2017 1 commit
-
-
David Cunado authored
This Linaro release updates just the binaries: Linaro binaries upgraded 16.12 --> 17.01 The toolchain remains at 5.3-2015.05 (gcc 5.3) for both AArch64 and AArch32. The ARM TF codebase has been tested against these new binaries. This patch updates the User Guide to reflect that the 17.01 release is now a supported Linaro Release. Change-Id: I83c579dabd3fa9861ba0d41507036efbd87abcb5 Signed-off-by: David Cunado <david.cunado@arm.com>
-
- 16 May, 2017 1 commit
-
-
Antonio Nino Diaz authored
The behaviour of assert() now depends on the value of the new optional platform define `PLAT_LOG_LEVEL_ASSERT`. This defaults to `LOG_LEVEL` if not defined by the platform. - If `PLAT_LOG_LEVEL_ASSERT` >= `LOG_LEVEL_VERBOSE`, it prints the file name, line and asserted expression. - If `PLAT_LOG_LEVEL_ASSERT` >= `LOG_LEVEL_INFO`, it prints the file name and line. - If not, it doesn't print anything. Note the old behaviour was to print the function name whereas now it prints the file name. This reduces memory usage because the file name is shared between all assert calls in a given file. Also, the default behaviour in debug builds is to no longer print the asserted expression, greatly reducing the string usage. For FVP debug builds this change saves approximately: No TBBR TBBR BL1 1.6 KB 2.2 KB BL2 1.7 KB 2.1 KB BL31 2.6 KB 3.3 KB Change-Id: I2947569d593df0b25611dc3c7a6096f42155c115 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 05 May, 2017 1 commit
-
-
David Cunado authored
AEMv8-A Model release v8.4 has been made available and Trusted Firmware has been tested against these versions as part of its CI system. This patch updates the user guide documentation to reflect the version of AEM and Cortex Models that Trusted Firmware has been tested against. Additionally, ARM FVPs FVP_Base_Cortex-A57x1-A53x1 and FVP_Base_Cortex-A57x2-A53x4 are removed from the list of tested FVPs as they are currently not being tested with the latest version of ARM Trusted Firmware. Also, documentation and links to Linaro pages have been updated to reflect the changes in the ARM community document hosting. Change-Id: Idae97303ce0929c82b137017de84ce94678f6f2b Signed-off-by: David Cunado <david.cunado@arm.com>
-
- 04 May, 2017 1 commit
-
-
Jeenu Viswambharan authored
In AArch64, privileged exception levels control the execution state (a.k.a. register width) of the immediate lower Exception Level; i.e. whether the lower exception level executes in AArch64 or AArch32 state. For an exception level to have its execution state changed at run time, it must request the change by raising a synchronous exception to the higher exception level. This patch implements and adds such a provision to the ARM SiP service, by which an immediate lower exception level can request to switch its execution state. The execution state is switched if the request is: - raised from non-secure world; - raised on the primary CPU, before any secondaries are brought online with CPU_ON PSCI call; - raised from an exception level immediately below EL3: EL2, if implemented; otherwise NS EL1. If successful, the SMC doesn't return to the caller, but to the entry point supplied with the call. Otherwise, the caller will observe the SMC returning with STATE_SW_E_DENIED code. If ARM Trusted Firmware is built for AArch32, the feature is not supported, and the call will always fail. For the ARM SiP service: - Add SMC function IDs for both AArch32 and AArch64; - Increment the SiP service minor version to 2; - Adjust the number of supported SiP service calls. Add documentation for ARM SiP service. Fixes ARM-software/tf-issues#436 Change-Id: I4347f2d6232e69fbfbe333b340fcd0caed0a4cea Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
-
- 26 Apr, 2017 1 commit
-
-
David Cunado authored
Since Issue B (November 2016) of the SMC Calling Convention document standard SMC calls are renamed to yielding SMC calls to help avoid confusion with the standard service SMC range, which remains unchanged. http://infocenter.arm.com/help/topic/com.arm.doc.den0028b/ARM_DEN0028B_SMC_Calling_Convention.pdf This patch adds a new define for yielding SMC call type and deprecates the current standard SMC call type. The tsp is migrated to use this new terminology and, additionally, the documentation and code comments are updated to use this new terminology. Change-Id: I0d7cc0224667ee6c050af976745f18c55906a793 Signed-off-by: David Cunado <david.cunado@arm.com>
-
- 20 Apr, 2017 1 commit
-
-
Antonio Nino Diaz authored
The build option `ENABLE_ASSERTIONS` should be used instead. That way both C and ASM assertions can be enabled or disabled together. All occurrences of `ASM_ASSERTION` in common code and ARM platforms have been replaced by `ENABLE_ASSERTIONS`. ASM_ASSERTION has been removed from the user guide. Change-Id: I51f1991f11b9b7ff83e787c9a3270c274748ec6f Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 19 Apr, 2017 3 commits
-
-
Antonio Nino Diaz authored
Add the new build option `ENABLE_ASSERTIONS` that controls whether or not assert functions are compiled out. It defaults to 1 for debug builds and to 0 for release builds. Additionally, a following patch will be done to allow this build option to hide auxiliary code used for the checks done in an `assert()`. This code is is currently under the DEBUG build flag. Assert messages are now only printed if LOG_LEVEL >= LOG_LEVEL_INFO, which is the default for debug builds. This patch also updates the User Guide. Change-Id: I1401530b56bab25561bb0f274529f1d12c5263bc Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
Soby Mathew authored
This patch introduces a build option to enable D-cache early on the CPU after warm boot. This is applicable for platforms which do not require interconnect programming to enable cache coherency (eg: single cluster platforms). If this option is enabled, then warm boot path enables D-caches immediately after enabling MMU. Fixes ARM-Software/tf-issues#456 Change-Id: I44c8787d116d7217837ced3bcf0b1d3441c8d80e Signed-off-by: Soby Mathew <soby.mathew@arm.com>
-
Antonio Nino Diaz authored
ARM platforms have migrated to the translation tables library v2. However, for testing purposes, it can be useful to temporarily switch back to the old version. This patch introduces the option `ARM_XLAT_TABLES_LIB_V1`, that switches to v1 of the library when is set to 1. By default, it is 0, so that ARM platforms use the new version unless specifically stated. Updated User Guide. Change-Id: I53d3c8dd97706f6af9c6fca0364a88ef341efd31 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
-
- 31 Mar, 2017 1 commit
-
-
Douglas Raillard authored
Introduce new build option ENABLE_STACK_PROTECTOR. It enables compilation of all BL images with one of the GCC -fstack-protector-* options. A new platform function plat_get_stack_protector_canary() is introduced. It returns a value that is used to initialize the canary for stack corruption detection. Returning a random value will prevent an attacker from predicting the value and greatly increase the effectiveness of the protection. A message is printed at the ERROR level when a stack corruption is detected. To be effective, the global data must be stored at an address lower than the base of the stacks. Failure to do so would allow an attacker to overwrite the canary as part of an attack which would void the protection. FVP implementation of plat_get_stack_protector_canary is weak as there is no real source of entropy on the FVP. It therefore relies on a timer's value, which could be predictable. Change-Id: Icaaee96392733b721fa7c86a81d03660d3c1bc06 Signed-off-by: Douglas Raillard <douglas.raillard@arm.com>
-