- 29 Mar, 2021 9 commits
-
-
Omkar Anand Kulkarni authored
Add the secure partition mmap table and the secure partition boot information to support secure partitions on RD-N2 platform. In addition to this, add the required memory region mapping for accessing the SoC peripherals from the secure partition. Signed-off-by: Omkar Anand Kulkarni <omkar.kulkarni@arm.com> Change-Id: I2c75760d6c8c3da3ff4885599be420e924aeaf3c
-
Aditya Angadi authored
A TZC400 controller is placed inline on DRAM channels and regulates the secure and non-secure accesses to both secure and non-secure regions of the DRAM memory. Configure each of the TZC controllers across the Chips. For use by secure software, configure the first chip's trustzone controller to protect the upper 16MB of the memory of the first DRAM block for secure accesses only. The other regions are configured for non-secure read write access. For all the remote chips, all the DRAM regions are allowed for non-secure read and write access. Signed-off-by: Aditya Angadi <aditya.angadi@arm.com> Change-Id: I809f27eccadfc23ea0ef64e2fd87f95eb8f195c1
-
Aditya Angadi authored
On a multi-chip platform, the boot CPU on the first chip programs the TZC controllers on all the remote chips. Define a memory region map for the TZC controllers for all the remote chips and include it in the BL2 memory map table. In addition to this, for SPM_MM enabled multi-chip platforms, increase the number of mmap entries and xlat table counts for EL3 execution context as well because the shared RAM regions and GIC address space of remote chips are accessed. Signed-off-by: Aditya Angadi <aditya.angadi@arm.com> Change-Id: I6f0b5fd22f9f28046451e382eef7f1f9258d88f7
-
Aditya Angadi authored
For multi-chip platforms, add a macro to define the memory regions on chip numbers >1 and its associated access permissions. These memory regions are marked with non-secure access. Signed-off-by: Aditya Angadi <aditya.angadi@arm.com> Change-Id: If3d6180fd8ea61f45147c39d3140d694abf06617
-
Thomas Abraham authored
Allow the access of system registers and nor2 flash memory region from s-el0. This allows the secure parititions residing at s-el0 to access these memory regions. Signed-off-by: Thomas Abraham <thomas.abraham@arm.com> Change-Id: I3887a86770de806323fbde0d20fdc96eec6e0c3c
-
Thomas Abraham authored
Define a default DMC-620 TZC memory region configuration and use it to specify the TZC memory regions on sgi575, rdn1edge and rde1edge platforms. The default DMC-620 TZC memory regions are defined considering the support for secure paritition as well. Signed-off-by: Thomas Abraham <thomas.abraham@arm.com> Change-Id: Iedee3e57d0d3de5b65321444da51ec990d3702db
-
Thomas Abraham authored
Remove the 'ARM_' prefix from the macros defining the CPER buffer memory and replace it with 'CSS_SGI_' prefix. These macros are applicable only for platforms supported within plat/sgi. In addition to this, ensure that these macros are defined only if the RAS_EXTENSION build option is enabled. Signed-off-by: Thomas Abraham <thomas.abraham@arm.com> Change-Id: I44df42cded18d9d3a4cb13e5c990e9ab3194daee
-
Thomas Abraham authored
The macros defining the SMC function ids for DMC-620 error handling are listed in the sgi_base_platform_def.h header file. But these macros are not applicable for all platforms supported under plat/sgi. So move these macro definitions to sgi_ras.c file in which these are consumed. While at it, remove the AArch32 and error injection function ids as these are unused. Signed-off-by: Thomas Abraham <thomas.abraham@arm.com> Change-Id: I249b54bf4c1b1694188a1e3b297345b942f16bc9
-
Thomas Abraham authored
The macros specific to SDEI defined in the sgi_base_platform_def.h are not applicable for all the platforms supported by plat/sgi. So refactor the SDEI specific macros into a new header file and include this file on only on platforms it is applicable on. Signed-off-by: Thomas Abraham <thomas.abraham@arm.com> Change-Id: I0cb7125334f02a21cae1837cdfd765c16ab50bf5
-
- 15 Mar, 2021 1 commit
-
-
Olivier Deprez authored
The FF-A v1.0 spec allows two configurations for the number of EC/vCPU instantiated in a Secure Partition: -A MultiProcessor (MP) SP instantiates as many ECs as the number of PEs. An EC is pinned to a corresponding physical CPU. -An UniProcessor (UP) SP instantiates a single EC. The EC is migrated to the physical CPU from which the FF-A call is originating. This change permits exercising the latter case within the TF-A-tests framework. Signed-off-by: Olivier Deprez <olivier.deprez@arm.com> Change-Id: I7fae0e7b873f349b34e57de5cea496210123aea0
-
- 10 Mar, 2021 1 commit
-
-
Usama Arif authored
Signed-off-by: Usama Arif <usama.arif@arm.com> Change-Id: Ie199c60553477c43d1665548ae78cdfd1aa7ffcf
-
- 01 Mar, 2021 1 commit
-
-
johpow01 authored
Add basic support for Makalu CPU. Signed-off-by: John Powell <john.powell@arm.com> Change-Id: I4e85d425eedea499adf585eb8ab548931185043d
-
- 17 Feb, 2021 1 commit
-
-
Aditya Angadi authored
Rename rd_n1e1_edge_scmi_plat_info array to plat_rd_scmi_info as the same array is used to provide SCMI platform info across mulitple RD platforms and is not resitricted to only RD-N1 and RD-E1 platforms. Signed-off-by: Aditya Angadi <aditya.angadi@arm.com> Change-Id: I42ba33e0afa3003c731ce513c6a5754b602ec01f
-
- 16 Feb, 2021 1 commit
-
-
Andre Przywara authored
Now that we have a framework for the SMCCC TRNG interface, and the existing Juno entropy code has been prepared, add the few remaining bits to implement this interface for the Juno Trusted Entropy Source. We retire the existing Juno specific RNG interface, and use the generic one for the stack canary generation. Change-Id: Ib6a6e5568cb8e0059d71740e2d18d6817b07127d Signed-off-by: Andre Przywara <andre.przywara@arm.com>
-
- 15 Feb, 2021 1 commit
-
-
Andre Przywara authored
The Juno Trusted Entropy Source has a bias, which makes the generated raw numbers fail a FIPS 140-2 statistic test. To improve the quality of the numbers, we can use the CPU's CRC instructions, which do a decent job on conditioning the bits. This adds a *very* simple version of arm_acle.h, which is typically provided by the compiler, and contains the CRC instrinsics definitions we need. We need the original version by using -nostdinc. Change-Id: I83d3e6902d6a1164aacd5060ac13a38f0057bd1a Signed-off-by: Andre Przywara <andre.przywara@arm.com>
-
- 11 Feb, 2021 2 commits
-
-
Andre Przywara authored
Currently we use the Juno's TRNG hardware entropy source to initialise the stack canary. The current function allows to fill a buffer of any size, but we will actually only ever request 16 bytes, as this is what the hardware implements. Out of this, we only need at most 64 bits for the canary. In preparation for the introduction of the SMCCC TRNG interface, we can simplify this Juno specific interface by making it compatible with the generic one: We just deliver 64 bits of entropy on each call. This reduces the complexity of the code. As the raw entropy register readouts seem to be biased, it makes sense to do some conditioning inside the juno_getentropy() function already. Also initialise the TRNG hardware, if not already done. Change-Id: I11b977ddc5417d52ac38709a9a7b61499eee481f Signed-off-by: Andre Przywara <andre.przywara@arm.com>
-
Vijayenthiran Subramaniam authored
Update TZC base address to align with the recent changes in the platform memory map. Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com> Change-Id: I0d0ad528a2e236607c744979e1ddc5c6d426687a
-
- 09 Feb, 2021 4 commits
-
-
Manish V Badarkhe authored
Currently, BLs are mapping the GIC memory region as read-write for all cores on boot-up. This opens up the security hole where the active core can write the GICR frame of fused/inactive core. To avoid this issue, disable the GICR frame of all inactive cores as below: 1. After primary CPU boots up, map GICR region of all cores as read-only. 2. After primary CPU boots up, map its GICR region as read-write and initialize its redistributor interface. 3. After secondary CPU boots up, map its GICR region as read-write and initialize its redistributor interface. 4. All unused/fused core's redistributor regions remain read-only and write attempt to such protected regions results in an exception. As mentioned above, this patch offers only the GICR memory-mapped region protection considering there is no facility at the GIC IP level to avoid writing the redistributor area. These changes are currently done in BL31 of Arm FVP and guarded under the flag 'FVP_GICR_REGION_PROTECTION'. As of now, this patch is tested manually as below: 1. Disable the FVP cores (core 1, 2, 3) with core 0 as an active core. 2. Verify data abort triggered by manually updating the ‘GICR_CTLR’ register of core 1’s(fused) redistributor from core 0(active). Change-Id: I86c99c7b41bae137b2011cf2ac17fad0a26e776d Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
-
Manish V Badarkhe authored
GIC memory region is not getting used in BL1 and BL2. Hence avoid its mapping in BL1 and BL2 that freed some page table entries to map other memory regions in the future. Retains mapping of CCN interconnect region in BL1 and BL2 overlapped with the GIC memory region. Change-Id: I880dd0690f94b140e59e4ff0c0d436961b9cb0a7 Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
-
Andre Przywara authored
So far the ARM platform Makefile would require that RESET_TO_BL31 is set when we ask for the ARM_LINUX_KERNEL_AS_BL33 feature. There is no real technical reason for that, and the one place in the code where this was needed has been fixed. Remove the requirement of those two options to be always enabled together. This enables the direct kernel boot feature for the Foundation FVP (as described in the documentation), which requires a BL1/FIP combination to boot, so cannot use RESET_TO_BL31. Change-Id: I6814797b6431b6614d684bab3c5830bfd9481851 Signed-off-by: Andre Przywara <andre.przywara@arm.com>
-
Andre Przywara authored
At the moment we have the somewhat artifical limitation of ARM_LINUX_KERNEL_AS_BL33 only being used together with RESET_TO_BL31. However there does not seem to be a good technical reason for that, it was probably just to differentate between two different boot flows. Move the initial register setup for ARM_LINUX_KERNEL_AS_BL33 out of the RESET_TO_BL31 #ifdef, so that we initialise the registers in any case. This allows to use a preloaded kernel image when using BL1 and FIP. Change-Id: I832df272d3829f077661f4ee6d3dd9a276a0118f Signed-off-by: Andre Przywara <andre.przywara@arm.com>
-
- 08 Feb, 2021 1 commit
-
-
Manoj Kumar authored
The structure has been modified to specify the memory size in bytes instead of Gigabytes. Signed-off-by: Manoj Kumar <manoj.kumar3@arm.com> Signed-off-by: Chandni Cherukuri <chandni.cherukuri@arm.com> Change-Id: I3384677d79af4f3cf55d3c353b6c20bb827b5ae7
-
- 05 Feb, 2021 1 commit
-
-
Manoj Kumar authored
This patch removes the Neoverse N1 CPU errata workaround for bug 1542419 as the bug is not present in Rainier R0P0 core. Change-Id: Icaca299b13ef830b2ee5129576aae655a6288e69 Signed-off-by: Manoj Kumar <manoj.kumar3@arm.com>
-
- 03 Feb, 2021 1 commit
-
-
Avinash Mehta authored
Increase the core count and add respective entries in DTS. Add Klein assembly file to cpu sources for core initialization. Add SCMI entries for cores. Signed-off-by: Avinash Mehta <avinash.mehta@arm.com> Change-Id: I14dc1d87df6dcc8d560ade833ce1f92507054747
-
- 02 Feb, 2021 1 commit
-
-
Zelalem authored
When building TF-A with USE_ROMLIB=1 and -j make options, the build fails with the following error: make[1]: *** No rule to make target '/build/juno/debug/romlib/romlib.bin', needed by 'bl1_romlib.bin'. This patch fixes that issue. Signed-off-by: Zelalem <zelalem.aweke@arm.com> Change-Id: I0cca416f3f50f400759164e0735c2d6b520ebf84
-
- 29 Jan, 2021 3 commits
-
-
Pranav Madhu authored
AMU counters are used for monitoring the CPU performance. RD-N2 platform has architected AMU available for each core. Enable the use of AMU by non-secure OS for supporting the use of counters for processor performance control (ACPI CPPC). Change-Id: I5cc749cf63c18fc5c7563dd754c2f42990a97e23 Signed-off-by: Pranav Madhu <pranav.madhu@arm.com>
-
Pranav Madhu authored
AMU counters are used for monitoring the CPU performance. RD-V1 platform has architected AMU available for each core. Enable the use of AMU by non-secure OS for supporting the use of counters for processor performance control (ACPI CPPC). Change-Id: I4003d21407953f65b3ce99eaa8f496d6052546e0 Signed-off-by: Pranav Madhu <pranav.madhu@arm.com>
-
Pranav Madhu authored
Some of the PSCI platform callbacks were restricted on RD-V1 platform because the idle was not functional. Now that it is functional, remove all the restrictions on the use PSCI platform callbacks. Change-Id: I4cb97cb54de7ee166c30f28df8fea653b6b425c7 Signed-off-by: Pranav Madhu <pranav.madhu@arm.com>
-
- 20 Jan, 2021 3 commits
-
-
Ming Huang authored
Violation of MISRA-C Rule 14.4 Signed-off-by: Ming Huang <huangming@linux.alibaba.com> Change-Id: I44ef50dadb54fb056a91f3de962b6e63ba6d7ac4
-
Ming Huang authored
The issue is that, when interrupt is triggered and RAS handler is entered, after interrupt handler finishes, TF-A will re-enter bl32 and then crash. sdei_dispatch_event() may return failing result in some cases, for example kernel may not have registered a handler or RAS event may happen early during boot. We restore the NS context when sdei_dispatch_event() returns failing result. error log : Received delegated event X0 : 0xC4000061 X1 : 0x0 X2 : 0x0 X3 : 0x0 Received event - 0xC4000061 on cpu 0 UnRecognized Event - 0xC4000061 Failed delegated event 0xC4000061, Status Invalid Parameter Unhandled Exception in EL3. x30 = 0x000000000401f700 x0 = 0xfffffffffffffffe x1 = 0xfffffffffffffffe x2 = 0x00000000600003c0 Signed-off-by: Ming Huang <huangming@linux.alibaba.com> Change-Id: I9802e9a32eee0ac3b5a8bcc0362d0b0e3b71dc9f
-
Jagadeesh Ujja authored
Turn ON/OFF GIC redistributor in sync with GIC CPU interface ON/OFF. Issue : The Linux prompt hangs when all the cores in a cluster are turned OFF and we try to turn ON a core in that cluster. Previously when TF-A turns ON a core, TF-A first turns ON the redistributor followed by the core. This did not match the flow when turning OFF a core, as TF-A did not turn OFF redistributor when the corresponding core[s] are disabled. This hang is resolved by disabling redistributor as cores are disabled, keeping them in sync. Signed-off-by: Jagadeesh Ujja <jagadeesh.ujja@arm.com> Change-Id: Ifd04fdcfd47b45e00f874f15b098471883d023f0
-
- 11 Jan, 2021 2 commits
-
-
Aditya Angadi authored
Reference Design platform RD-Daniel-ConfigXLR has been renamed to RD-V1-MC. Correspondingly, remove all uses of 'rddanielxlr' and replace it with 'rdv1mc' where appropriate. Signed-off-by: Aditya Angadi <aditya.angadi@arm.com> Change-Id: I5d91c69738397b19ced43949b4080c74678e604c
-
Aditya Angadi authored
Reference Design platform RD-Daniel has been renamed to RD-V1. Correspondingly, remove all uses of 'rddaniel' and replace it with 'rdv1' where appropriate. Signed-off-by: Aditya Angadi <aditya.angadi@arm.com> Change-Id: I1702bab39c501f8c0a09df131cb2394d54c83bcf
-
- 07 Jan, 2021 1 commit
-
-
Pali Rohár authored
Only non-file targets should be set a .PHONY. Otherwise if file target is set as .PHONY then targets which depends on those file .PHONY targets would be always rebuilt even when their prerequisites are not changed. File target which needs to be always rebuilt can be specified in Make system via having a prerequisite on some .PHONY target, instead of marking whole target as .PHONY. In Makefile projects it is common to create empty .PHONY target named FORCE for this purpose. This patch changes all file targets which are set as .PHONY to depends on new .PHONY target FORCE, to ensure that these file targets are always rebuilt (as before). Basically they are those targets which calls external make subprocess. After FORCE target is specified in main Makefile, remove it from other Makefile files to prevent duplicate definitions. Signed-off-by: Pali Rohár <pali@kernel.org> Change-Id: Iee3b4e0de93879b95eb29a1745a041538412e69e
-
- 16 Dec, 2020 1 commit
-
-
Vijayenthiran Subramaniam authored
RD-N2 platform has been updated to use six GIC ITS blocks. This results in change in base address of the GIC Redistributor to accomodate two new GIC ITS blocks. Update the base address of GICR to reflect the same. Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com> Change-Id: I740a547328fb9a9f25d7a09c08e61bdbc8bf781c
-
- 14 Dec, 2020 2 commits
-
-
Arunachalam Ganapathy authored
This patch adds support to enable OP-TEE as S-EL1 SP with SPMC at S-EL2 - create SPMC manifest file with OP-TEE as SP - add support for ARM_SPMC_MANIFEST_DTS build option - add optee entry with ffa as method in tc0.dts Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com> Change-Id: Ia9b5c22c6f605d3886914bbac8ac45e8365671cb
-
Arunachalam Ganapathy authored
Enable SPD=opteed support for tc0 platform. Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com> Change-Id: Ieb038d645c68fbe6b5a211c7279569e21b476fc3
-
- 09 Dec, 2020 3 commits
-
-
Aditya Angadi authored
Add the initial board support for RD-N2 platform. Change-Id: I8325885bf248dd92191d6fc92a2da91c23118f8c Signed-off-by: Aditya Angadi <aditya.angadi@arm.com>
-
Aditya Angadi authored
Upcoming RD platforms will have an updated memory map for the various pheripherals on the system. So, for the newer platforms, handle the memory mapping and other platform specific functionality separately from the existing platforms. Change-Id: Iab1355a4c8ea1f6db4f79fcdd6eed907903b6a18 Signed-off-by: Aditya Angadi <aditya.angadi@arm.com>
-
Aditya Angadi authored
In preparation for adding the board support for RD-N2 platform, add macros to define the platform id and the corresponding SCMI platform info for the RD-N2 platform. Change-Id: Ie764ae618732b39e316f7ed080421f5d79adab21 Signed-off-by: Aditya Angadi <aditya.angadi@arm.com>
-