1. 08 Nov, 2018 1 commit
    • Antonio Nino Diaz's avatar
      Standardise header guards across codebase · c3cf06f1
      Antonio Nino Diaz authored
      
      
      All identifiers, regardless of use, that start with two underscores are
      reserved. This means they can't be used in header guards.
      
      The style that this project is now to use the full name of the file in
      capital letters followed by 'H'. For example, for a file called
      "uart_example.h", the header guard is UART_EXAMPLE_H.
      
      The exceptions are files that are imported from other projects:
      
      - CryptoCell driver
      - dt-bindings folders
      - zlib headers
      
      Change-Id: I50561bf6c88b491ec440d0c8385c74650f3c106e
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      c3cf06f1
  2. 22 Oct, 2018 1 commit
  3. 17 Oct, 2018 1 commit
    • Jorge Ramirez-Ortiz's avatar
      rcar-gen3: initial commit for the rcar-gen3 boards · 7e532c4b
      Jorge Ramirez-Ortiz authored
      Reference code:
      ==============
      
      rar_gen3: IPL and Secure Monitor Rev1.0.22
      https://github.com/renesas-rcar/arm-trusted-firmware [rcar_gen3]
      
      Author: Takuya Sakata <takuya.sakata.wz@bp.renesas.com>
      Date:   Thu Aug 30 21:26:41 2018 +0900
      	Update IPL and Secure Monitor Rev1.0.22
      
      General Information:
      ===================
      
      This port has been tested on the Salvator-X Soc_id r8a7795 revision
      ES1.1 (uses an SPD).
      
      Build Tested:
      -------------
      ATFW_OPT="LSI=H3 RCAR_DRAM_SPLIT=1 RCAR_LOSSY_ENABLE=1"
      MBEDTLS_DIR=$mbedtls
      
      $ make clean bl2 bl31 rcar PLAT=rcar ${ATFW_OPT} SPD=opteed
      
      Other dependencies:
      ------------------
      * mbed_tls:
        git@github.com:ARMmbed/mbedtls.git [devel]
      
        Merge: 68dbc94 f34a4c1
        Author: Simon Butcher <simon.butcher@arm.com>
        Date:   Thu Aug 30 00:57:28 2018 +0100
      
      * optee_os:
        https://github.com/BayLibre/optee_os
      
      
      
        Until it gets merged into OP-TEE, the port requires Renesas' Trusted
        Environment with a modification to support power management.
      
        Author: Jorge Ramirez-Ortiz <jramirez@baylibre.com>
        Date:   Thu Aug 30 16:49:49 2018 +0200
          plat-rcar: cpu-suspend: handle the power level
      Signed-off-by: default avatarJorge Ramirez-Ortiz <jramirez@baylibre.com>
      
      * u-boot:
        The port has beent tested using mainline uboot.
      
        Author: Fabio Estevam <festevam@gmail.com>
        Date:   Tue Sep 4 10:23:12 2018 -0300
      
      *linux:
        The port has beent tested using mainline kernel.
      
        Author: Linus Torvalds <torvalds@linux-foundation.org>
        Date:   Sun Sep 16 11:52:37 2018 -0700
            Linux 4.19-rc4
      
      Overview
      ---------
      
      BOOTROM starts the cpu at EL3; In this port BL2 will therefore be entered
      at this exception level (the Renesas' ATF reference tree [1] resets into
      EL1 before entering BL2 - see its bl2.ld.S)
      
      BL2 initializes DDR (and i2c to talk to the PMIC on some platforms)
      before determining the boot reason (cold or warm).
      
      During suspend all CPUs are switched off and the DDR is put in
      backup mode (some kind of self-refresh mode). This means that BL2 is
      always entered in a cold boot scenario.
      
      Once BL2 boots, it determines the boot reason, writes it to shared
      memory (BOOT_KIND_BASE) together with the BL31 parameters
      (PARAMS_BASE) and jumps to BL31.
      
      To all effects, BL31 is as if it is being entered in reset mode since
      it still needs to initialize the rest of the cores; this is the reason
      behind using direct shared memory access to  BOOT_KIND_BASE and
      PARAMS_BASE instead of using registers to get to those locations (see
      el3_common_macros.S and bl31_entrypoint.S for the RESET_TO_BL31 use
      case).
      
      Depending on the boot reason BL31 initializes the rest of the cores:
      in case of suspend, it uses a MBOX memory region to recover the
      program counters.
      
      [1] https://github.com/renesas-rcar/arm-trusted-firmware
      
      
      Tests
      -----
      
      * cpuidle
        -------
         enable kernel's cpuidle arm_idle driver and boot
      
      * system suspend
        --------------
        $ cat suspend.sh
          #!/bin/bash
          i2cset -f -y 7 0x30 0x20 0x0F
          read -p "Switch off SW23 and press return " foo
          echo mem > /sys/power/state
      
      * cpu hotplug:
        ------------
        $ cat offline.sh
          #!/bin/bash
          nbr=$1
          echo 0 > /sys/devices/system/cpu/cpu$nbr/online
          printf "ONLINE:  " && cat /sys/devices/system/cpu/online
          printf "OFFLINE: " && cat /sys/devices/system/cpu/offline
      
        $ cat online.sh
          #!/bin/bash
          nbr=$1
          echo 1 > /sys/devices/system/cpu/cpu$nbr/online
          printf "ONLINE:  " && cat /sys/devices/system/cpu/online
          printf "OFFLINE: " && cat /sys/devices/system/cpu/offline
      Signed-off-by: default avatarldts <jramirez@baylibre.com>
      7e532c4b
  4. 15 Oct, 2018 1 commit
  5. 04 Oct, 2018 1 commit
    • Antonio Nino Diaz's avatar
      tools: Make invocation of host compiler correct · 750e8d80
      Antonio Nino Diaz authored
      
      
      HOSTCC should be used in any of the tools inside the tools/ directory
      instead of CC. That way it is possible to override both values from the
      command line when building the Trusted Firmware and the tools at the
      same time. Also, use HOSTCCFLAGS instead of CFLAGS.
      
      Also, instead of printing the strings CC and LD in the console during
      the compilation of the tools, HOSTCC and HOSTLD have to be used for
      clarity. This is how it is done in other projects like U-Boot or Linux.
      
      Change-Id: Icd6f74c31eb74cdd1c353583399ab19e173e293e
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      750e8d80
  6. 03 Oct, 2018 1 commit
    • Jan Kiszka's avatar
      tools: Fix broken object compilation rules · c0f73edc
      Jan Kiszka authored
      
      
      As these rules depend on non-existing headers as well (likely copy &
      pasted from fiptool), they never matched, and the built-in rules were
      used. That led to random breakages when e.g. CPPFLAGS was suddenly
      evaluated and contained invalid options.
      
      For the stm32image, this reveals that we were relying on the built-in
      rules by passing -D_GNU_SOURCE via CPPFLAGS, rather than using CFLAGS as
      used in the local rule. Fix that as well.
      Signed-off-by: default avatarJan Kiszka <jan.kiszka@siemens.com>
      c0f73edc
  7. 28 Sep, 2018 1 commit
  8. 24 Sep, 2018 1 commit
  9. 03 Sep, 2018 2 commits
  10. 24 Jul, 2018 1 commit
  11. 18 Jul, 2018 1 commit
  12. 06 Jul, 2018 1 commit
  13. 27 Jun, 2018 1 commit
  14. 14 Jun, 2018 1 commit
    • Roberto Vargas's avatar
      Make TF UUID RFC 4122 compliant · 03364865
      Roberto Vargas authored
      
      
      RFC4122 defines that fields are stored in network order (big endian),
      but TF-A stores them in machine order (little endian by default in TF-A).
      We cannot change the future UUIDs that are already generated, but we can store
      all the bytes using arrays and modify fiptool to generate the UUIDs with
      the correct byte order.
      
      Change-Id: I97be2d3168d91f4dee7ccfafc533ea55ff33e46f
      Signed-off-by: default avatarRoberto Vargas <roberto.vargas@arm.com>
      03364865
  15. 18 May, 2018 1 commit
  16. 03 May, 2018 1 commit
  17. 30 Apr, 2018 1 commit
  18. 05 Mar, 2018 1 commit
  19. 26 Feb, 2018 1 commit
    • Soby Mathew's avatar
      Dynamic cfg: Update the tools · e24659df
      Soby Mathew authored
      
      
      This patch updates the `fiptool` and `cert_create` for the
      `hw_config` and `tb_fw_config` dynamic configuration files.
      The necessary UUIDs and OIDs are assigned to these files and
      the `cert_create` is updated to generate appropriate hashes
      and include them in the "Trusted Boot FW Certificate". The
      `fiptool` is updated to allow the configs to be specified
      via cmdline and included in the generated FIP.
      
      Change-Id: I940e751a49621ae681d14e162aa1f5697eb0cb15
      Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      e24659df
  20. 27 Jan, 2018 1 commit
  21. 03 Jan, 2018 1 commit
  22. 21 Nov, 2017 1 commit
  23. 17 Oct, 2017 1 commit
    • Evan Lloyd's avatar
      fiptool: Enable Visual Studio build · a1ee3836
      Evan Lloyd authored
      
      
      Updates are required to enable the fiptool utility to be built on a
      Windows platform.  This change modifies the source files to enable
      building with Visual Studio (detected via preprocessor settings).
      The primary changes are:
        1.  Provide an implementation of the getopt_long function.  This does
            not exist in the Visual Studio CRT libraries because Windows
            commands normally use '/' not '-' as an option indicator.
        2.  Redirect some function names to match those supported by the
            Visual Studio libraries (when building with Visual Studio).
        2.  Modify a structure name (stat) to match that provided
            by the Visual Studio libraries (_stat).
      
      Note - this change does not provide makefile updates.  It only modifies
             the sources to enable the fiptool to be built from a Visual
             Studio project.  In normal use the presence of FIPTOOL.EXE is
             enough to satisfy the make requirements.  A makefile change may
             be derived from the Visual Studio command line information at
             some point in the future.
      
      Change-Id: I3ade77ea140246af3c030920b3f97c070087f111
      Signed-off-by: default avatarEvan Lloyd <evan.lloyd@arm.com>
      a1ee3836
  24. 11 Oct, 2017 1 commit
    • Evan Lloyd's avatar
      fiptool: Precursor changes for Visual Studio · 96851114
      Evan Lloyd authored
      
      
      In order to compile the source of Fiptool using Visual Studio a number
      of adjustments are required to the source.  This commit modifies the
      source with changes that will be required, but makes no functional
      modification.  The intent is to allow confirmation that the GCC build
      is unaffected.
      
      Change-Id: I4055bd941c646dd0a1aa2e24b940a1db3bf629ce
      Signed-off-by: default avatarEvan Lloyd <evan.lloyd@arm.com>
      96851114
  25. 09 Oct, 2017 1 commit
    • Qixiang Xu's avatar
      cert_tool: Fix ECDSA certificates create failure · 1727de0e
      Qixiang Xu authored
      Commit a8eb286a
      
       introduced the
      following error when creating ECDSA certificates.
          ERROR:   Error creating key 'Trusted World key'
          Makefile:634: recipe for target 'certificates' failed
          make: *** [certificates] Error 1
      
      this patch adds the function to create PKCS#1 v1.5.
      
      Change-Id: Ief96d55969d5e9877aeb528c6bb503b560563537
      Signed-off-by: default avatarQixiang Xu <qixiang.xu@arm.com>
      1727de0e
  26. 08 Oct, 2017 1 commit
  27. 11 Sep, 2017 1 commit
    • Soby Mathew's avatar
      Set default value of USE_TBBR_DEFS · 4a2bf951
      Soby Mathew authored
      
      
      Using the OIDs defined in tbbr_oids.h is the recommended way to build
      the cert_create tool. This patch hence sets default value of the build
      flag USE_TBBR_DEFS to 1 in the Makefile in `tools/cert_create` folder
      when cert_create is built from this folder.
      
      Fixes ARM-software/tf-issues#482
      
      Change-Id: Id1d224826b3417770bccbefa1b68d9bdb3b567f0
      Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      4a2bf951
  28. 31 Aug, 2017 1 commit
    • Soby Mathew's avatar
      cert_tool: Support for legacy RSA PKCS#1 v1.5 · a8eb286a
      Soby Mathew authored
      
      
      This patch enables choice of RSA version at run time to be used for
      generating signatures by the cert_tool. The RSA PSS as defined in
      PKCS#1 v2.1 becomes the default version and this patch enables to specify
      the RSA PKCS#1 v1.5 algorithm to `cert_create` through the command line
      -a option. Also, the build option `KEY_ALG` can be used to pass this
      option from the build system. Please note that RSA PSS is mandated
      by Trusted Board Boot requirements (TBBR) and legacy RSA support is
      being added for compatibility reasons.
      
      Fixes ARM-Software/tf-issues#499
      Change-Id: Ifaa3f2f7c9b43f3d7b3effe2cde76bf6745a5d73
      Co-Authored-By: default avatarEleanor Bonnici <Eleanor.bonnici@arm.com>
      Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      a8eb286a
  29. 30 Aug, 2017 1 commit
  30. 09 Aug, 2017 1 commit
  31. 31 Jul, 2017 1 commit
  32. 26 Jul, 2017 1 commit
  33. 12 Jul, 2017 1 commit
    • Isla Mitchell's avatar
      Fix order of #includes · 2a4b4b71
      Isla Mitchell authored
      
      
      This fix modifies the order of system includes to meet the ARM TF coding
      standard. There are some exceptions in order to retain header groupings,
      minimise changes to imported headers, and where there are headers within
      the #if and #ifndef statements.
      
      Change-Id: I65085a142ba6a83792b26efb47df1329153f1624
      Signed-off-by: default avatarIsla Mitchell <isla.mitchell@arm.com>
      2a4b4b71
  34. 12 Jun, 2017 1 commit
  35. 05 Jun, 2017 1 commit
    • Soby Mathew's avatar
      cert_create: Use RSASSA-PSS signature scheme for certificates · 1f33ad4e
      Soby Mathew authored
      
      
      This patch modifies the `cert_create` tool to use RSASSA-PSS scheme for
      signing the certificates. This is compliant with RSA PKCS_2_1 standard as
      mandated by TBBR.
      
      Note that the certificates generated by using cert_create tool after this
      patch can be authenticated during TBB only if the corresponding mbedtls
      driver in ARM Trusted Firmware has the corresponding support.
      
      Change-Id: If224f41c76b3c4765ae2af5259e67f73602818a4
      Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      1f33ad4e
  36. 24 May, 2017 1 commit
  37. 23 May, 2017 2 commits
    • Masahiro Yamada's avatar
      cert: move platform_oid.h to include/tools_share for all platforms · bb41eb7a
      Masahiro Yamada authored
      
      
      Platforms aligned with TBBR are supposed to use their own OIDs, but
      defining the same macros with different OIDs does not provide any
      value (at least technically).
      
      For easier use of TBBR, this commit allows platforms to reuse the OIDs
      obtained by ARM Ltd.  This will be useful for non-ARM vendors that
      do not need their own extension fields in their certificate files.
      
      The OIDs of ARM Ltd. have been moved to include/tools_share/tbbr_oid.h
      
      Platforms can include <tbbr_oid.h> instead of <platform_oid.h> by
      defining USE_TBBR_DEFS as 1.  USE_TBBR_DEFS is 0 by default to keep the
      backward compatibility.
      
      For clarification, I inserted a blank line between headers from the
      include/ directory (#include <...>) and ones from a local directory
      (#include "..." ).
      Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      bb41eb7a
    • Masahiro Yamada's avatar
      fip: move headers shared between TF and fiptool to include/tools_share · 2a6c1a8f
      Masahiro Yamada authored
      
      
      Some header files need to be shared between TF and host programs.
      For fiptool, two headers are copied to the tools/fiptool directory,
      but it looks clumsy.
      
      This commit introduces a new directory, include/tools_share, which
      collects headers that should be shared between TF and host programs.
      
      This will clarify the interface exposed to host tools.  We should
      add new headers to this directory only when we really need to do so.
      
      For clarification, I inserted a blank line between headers from the
      include/ directory (#include <...>) and ones from a local directory
      (#include "..." ).
      Signed-off-by: default avatarMasahiro Yamada <yamada.masahiro@socionext.com>
      2a6c1a8f
  38. 03 May, 2017 1 commit