- 02 Mar, 2016 1 commit
-
-
Antonio Nino Diaz authored
Enable alternative boot flow where BL2 does not load BL33 from non-volatile storage, and BL31 hands execution over to a preloaded BL33. The flag used to enable this bootflow is BL33_BASE, which must hold the entrypoint address of the BL33 image. The User Guide has been updated with an example of how to use this option with a bootwrapped kernel. Change-Id: I48087421a7b0636ac40dca7d457d745129da474f
-
- 08 Feb, 2016 1 commit
-
-
Sandrine Bailleux authored
The LDNP/STNP instructions as implemented on Cortex-A53 and Cortex-A57 do not behave in a way most programmers expect, and will most probably result in a significant speed degradation to any code that employs them. The ARMv8-A architecture (see Document ARM DDI 0487A.h, section D3.4.3) allows cores to ignore the non-temporal hint and treat LDNP/STNP as LDP/STP instead. This patch introduces 2 new build flags: A53_DISABLE_NON_TEMPORAL_HINT and A57_DISABLE_NON_TEMPORAL_HINT to enforce this behaviour on Cortex-A53 and Cortex-A57. They are enabled by default. The string printed in debug builds when a specific CPU errata workaround is compiled in but skipped at runtime has been generalised, so that it can be reused for the non-temporal hint use case as well. Change-Id: I3e354f4797fd5d3959872a678e160322b13867a1
-
- 29 Jan, 2016 2 commits
-
-
Sandrine Bailleux authored
The memory translation library in Trusted Firmware supports non-identity mappings for Physical to Virtual addresses since commit f984ce84. However, the porting guide hasn't been updated accordingly and still mandates the platform ports to use identity-mapped page tables for all addresses. This patch removes this out-dated information from the Porting Guide and clarifies in which circumstances non-identity mapping may safely be used. Fixes ARM-software/tf-issues#258 Change-Id: I84dab9f3cabfc43794951b1828bfecb13049f706
-
Sandrine Bailleux authored
This patch reworks the section about booting an EL3 payload in the User Guide: - Centralize all EL3 payload related information in the same section. - Mention the possibility to program the EL3 payload in flash memory and execute it in place. - Provide model parameters for both the Base and Foundation FVPs. - Provide some guidance to boot an EL3 payload on Juno. Change-Id: I975c8de6b9b54ff4de01a1154cba63271d709912
-
- 21 Jan, 2016 1 commit
-
-
Juan Castillo authored
The PL011 TRM (ARM DDI 0183G) specifies that the UART must be disabled before any of the control registers are programmed. The PL011 driver included in TF does not disable the UART, so the initialization in BL2 and BL31 is violating this requirement (and potentially in BL1 if the UART is enabled after reset). This patch modifies the initialization function in the PL011 console driver to disable the UART before programming the control registers. Register clobber list and documentation updated. Fixes ARM-software/tf-issues#300 Change-Id: I839b2d681d48b03f821ac53663a6a78e8b30a1a1
-
- 20 Jan, 2016 1 commit
-
-
Juan Castillo authored
Currently, Trusted Firmware on ARM platforms unlocks access to the timer frame registers that will be used by the Non-Secure world. This unlock operation should be done by the Non-Secure software itself, instead of relying on secure firmware settings. This patch adds a new ARM specific build option 'ARM_CONFIG_CNTACR' to unlock access to the timer frame by setting the corresponding bits in the CNTACR<N> register. The frame id <N> is defined by 'PLAT_ARM_NSTIMER_FRAME_ID'. Default value is true (unlock timer access). Documentation updated accordingly. Fixes ARM-software/tf-issues#170 Change-Id: Id9d606efd781e43bc581868cd2e5f9c8905bdbf6
-
- 18 Jan, 2016 1 commit
-
-
Yuping Luo authored
GIC v2 and v3 specification references in the porting guide should refer to publically visible links, not ARM internal links. Change-Id: Ib47c8adda6a03581f23bcaed72d71c08c7dd9fb1 Signed-off-by: Yuping Luo <yuping.luo@arm.com>
-
- 15 Jan, 2016 1 commit
-
-
Sandrine Bailleux authored
Since commit 804040d1, the Juno port has moved from per-CPU mailboxes to a single shared one. This patch updates an out-dated reference to the former per-CPU mailboxes mechanism in the Firmware Design. Change-Id: I355b54156b1ace1b3df4c4416e1e8625211677fc
-
- 14 Jan, 2016 1 commit
-
-
Soren Brinkmann authored
Migrate all direct usage of __attribute__ to usage of their corresponding macros from cdefs.h. e.g.: - __attribute__((unused)) -> __unused Signed-off-by: Soren Brinkmann <soren.brinkmann@xilinx.com>
-
- 13 Jan, 2016 1 commit
-
-
Juan Castillo authored
This patch adds a brief description of 'MAX_MMAP_REGIONS' and 'ADDR_SPACE_SIZE' to the Porting Guide. These fields must be defined by the platform in order to use the translation table library. Change-Id: Ida366458fe2bc01979091a014dc38da0fae5991e
-
- 12 Jan, 2016 1 commit
-
-
Sandrine Bailleux authored
Change-Id: I4fcdb8e813e0392c2cd3d0623698e8319b3b0593
-
- 08 Jan, 2016 1 commit
-
-
Sandrine Bailleux authored
This patch fixes a couple of issues in the "CPU specific operations framework" section in the Firmware Design document. * Fix broken link to the CPU Specific Build Macros document. * Fix the path to the cortex_a53.S file. * Fix power levels terminology. Change-Id: Ib610791eaba13dab2823b7699bb63534bcd1c8fb
-
- 05 Jan, 2016 1 commit
-
-
Juan Castillo authored
The fip_create tool specifies images in the command line using the ARM TF naming convention (--bl2, --bl31, etc), while the cert_create tool uses the TBBR convention (--tb-fw, --soc-fw, etc). This double convention is confusing and should be aligned. This patch updates the fip_create command line options to follow the TBBR naming convention. Usage examples in the User Guide have been also updated. NOTE: users that build the FIP by calling the fip_create tool directly from the command line must update the command line options in their scripts. Users that build the FIP by invoking the main ARM TF Makefile should not notice any difference. Change-Id: I84d602630a2585e558d927b50dfde4dd2112496f
-
- 21 Dec, 2015 3 commits
-
-
Sandrine Bailleux authored
Change-Id: I23a852fc7d91f91923bb84bc3167a830d1bb7463
-
Sandrine Bailleux authored
Change-Id: I6f49bd779f2a4d577c6443dd160290656cdbc59b
-
Dan Handley authored
Remove the following redundant sentence from the user guide, which implies the user should use the TF version from the Linaro release, which was not the intention: "However, the rest of this document assumes that you got the Trusted Firmware as part of the Linaro release." Also, tidied up the grammar in this section. Change-Id: I5dae0b68d3683e2a85a7b3c6a31222182a66f6c8
-
- 17 Dec, 2015 3 commits
-
-
Yatharth Kochar authored
This patch adds design documentation for the Firmware Update (FWU) feature in `firmware-update.md`. It provides an overview of FWU, describes the BL1 SMC interface, and includes diagrams showing an example FWU boot flow and the FWU state machine. This patch also updates the existing TF documents where needed: * `porting-guide.md` * `user-guide.md` * `firmware-design.md` * `rt-svc-writers-guide.md` * `trusted_board_boot.md` Change-Id: Ie6de31544429b18f01327bd763175e218299a4ce Co-Authored-By: Dan Handley <dan.handley@arm.com>
-
Olivier Martin authored
-
Olivier Martin authored
`FVP_TSP_RAM_LOCATION` has been renamed into `ARM_TSP_RAM_LOCATION`.
-
- 15 Dec, 2015 2 commits
-
-
Sandrine Bailleux authored
This patch introduces a new document presenting the ARM Trusted Firmware Reset Design. It shows the reset code flow, lists the different build options that affect it, in which case to use them and what their exact effect is. The section about using BL31 entrypoint as the reset address has been moved from the general firmware design document to this one. It's also been improved to explain why the FVP port supports the RESET_TO_BL31 configuration, even though the reset vector address can't be programmed dynamically. This document includes some images, which have been generated using Dia version 0.97.2. This tool can be obtained from: https://wiki.gnome.org/Apps/Dia/Download This patch provides: - the image files describing the different reset flow diagrams; - the source '.dia' file; - a script automating the generation of the images from the '.dia' file. Note that the 2 latter files are not actually needed for the document and are provided for convenience only, in case the reset images need to be modified. Change-Id: Ib6302e8209d418a5b31c4e85e55fd9e83caf2ca2
-
Soby Mathew authored
This patch updates the relevant documentation in ARM Trusted Firmware for the new GIC drivers. The user-guide.md and porting-guide.md have been updated as follows: * The build option to compile Trusted Firmware with different GIC drivers for FVP has been explained in the user-guide.md. * The implementation details of interrupt management framework porting APIs for GICv3 have been added in porting-guide.md. * The Linaro tracking kernel release does not work OOB in GICv3 mode. The instructions for changing UEFI configuration in order to run with the new GICv3 driver in ARM TF have been added to user-guide.md. The interrupt-framework-design.md has been updated as follows: * Describes support for registering and handling interrupts targeted to EL3 e.g. Group 0 interrupts in GICv3. * Describes the build option `TSP_NS_INTR_ASYNC_PREEMPT` in detail. * Describes preemption of TSP in S-EL1 by non secure interrupts and also possibly by higher priority EL3 interrupts. * Describes the normal world sequence for issuing `standard` SMC calls. * Modifies the document to correspond to the current state of interrupt handling in TSPD and TSP. * Modifies the various functions names in the document to reflect the current names used in code. Change-Id: I78c9514b5be834f193405aad3c1752a4a9e27a6c
-
- 14 Dec, 2015 3 commits
-
-
Juan Castillo authored
This patch removes the dash character from the image name, to follow the image terminology in the Trusted Firmware Wiki page: https://github.com/ARM-software/arm-trusted-firmware/wiki Changes apply to output messages, comments and documentation. non-ARM platform files have been left unmodified. Change-Id: Ic2a99be4ed929d52afbeb27ac765ceffce46ed76
-
Juan Castillo authored
This patch replaces all references to the SCP Firmware (BL0, BL30, BL3-0, bl30) with the image terminology detailed in the TF wiki (https://github.com/ARM-software/arm-trusted-firmware/wiki): BL0 --> SCP_BL1 BL30, BL3-0 --> SCP_BL2 bl30 --> scp_bl2 This change affects code, documentation, build system, tools and platform ports that load SCP firmware. ARM plaforms have been updated to the new porting API. IMPORTANT: build option to specify the SCP FW image has changed: BL30 --> SCP_BL2 IMPORTANT: This patch breaks compatibility for platforms that use BL2 to load SCP firmware. Affected platforms must be updated as follows: BL30_IMAGE_ID --> SCP_BL2_IMAGE_ID BL30_BASE --> SCP_BL2_BASE bl2_plat_get_bl30_meminfo() --> bl2_plat_get_scp_bl2_meminfo() bl2_plat_handle_bl30() --> bl2_plat_handle_scp_bl2() Change-Id: I24c4c1a4f0e4b9f17c9e4929da815c4069549e58
-
Juan Castillo authored
This patch applies the TBBR naming convention to the certificates and the corresponding extensions defined by the CoT: * Certificate UUID names * Certificate identifier names * OID names Changes apply to: * Generic code (variables and defines) * The default certificate identifiers provided in the generic code * Build system * ARM platforms port * cert_create tool internal definitions * fip_create and cert_create tools command line options * Documentation IMPORTANT: this change breaks the compatibility with platforms that use TBBR. The platform will need to adapt the identifiers and OIDs to the TBBR naming convention introduced by this patch: Certificate UUIDs: UUID_TRUSTED_BOOT_FIRMWARE_BL2_CERT --> UUID_TRUSTED_BOOT_FW_CERT UUID_SCP_FIRMWARE_BL30_KEY_CERT --> UUID_SCP_FW_KEY_CERT UUID_SCP_FIRMWARE_BL30_CERT --> UUID_SCP_FW_CONTENT_CERT UUID_EL3_RUNTIME_FIRMWARE_BL31_KEY_CERT --> UUID_SOC_FW_KEY_CERT UUID_EL3_RUNTIME_FIRMWARE_BL31_CERT --> UUID_SOC_FW_CONTENT_CERT UUID_SECURE_PAYLOAD_BL32_KEY_CERT --> UUID_TRUSTED_OS_FW_KEY_CERT UUID_SECURE_PAYLOAD_BL32_CERT --> UUID_TRUSTED_OS_FW_CONTENT_CERT UUID_NON_TRUSTED_FIRMWARE_BL33_KEY_CERT --> UUID_NON_TRUSTED_FW_KEY_CERT UUID_NON_TRUSTED_FIRMWARE_BL33_CERT --> UUID_NON_TRUSTED_FW_CONTENT_CERT Certificate identifiers: BL2_CERT_ID --> TRUSTED_BOOT_FW_CERT_ID BL30_KEY_CERT_ID --> SCP_FW_KEY_CERT_ID BL30_CERT_ID --> SCP_FW_CONTENT_CERT_ID BL31_KEY_CERT_ID --> SOC_FW_KEY_CERT_ID BL31_CERT_ID --> SOC_FW_CONTENT_CERT_ID BL32_KEY_CERT_ID --> TRUSTED_OS_FW_KEY_CERT_ID BL32_CERT_ID --> TRUSTED_OS_FW_CONTENT_CERT_ID BL33_KEY_CERT_ID --> NON_TRUSTED_FW_KEY_CERT_ID BL33_CERT_ID --> NON_TRUSTED_FW_CONTENT_CERT_ID OIDs: TZ_FW_NVCOUNTER_OID --> TRUSTED_FW_NVCOUNTER_OID NTZ_FW_NVCOUNTER_OID --> NON_TRUSTED_FW_NVCOUNTER_OID BL2_HASH_OID --> TRUSTED_BOOT_FW_HASH_OID TZ_WORLD_PK_OID --> TRUSTED_WORLD_PK_OID NTZ_WORLD_PK_OID --> NON_TRUSTED_WORLD_PK_OID BL30_CONTENT_CERT_PK_OID --> SCP_FW_CONTENT_CERT_PK_OID BL30_HASH_OID --> SCP_FW_HASH_OID BL31_CONTENT_CERT_PK_OID --> SOC_FW_CONTENT_CERT_PK_OID BL31_HASH_OID --> SOC_AP_FW_HASH_OID BL32_CONTENT_CERT_PK_OID --> TRUSTED_OS_FW_CONTENT_CERT_PK_OID BL32_HASH_OID --> TRUSTED_OS_FW_HASH_OID BL33_CONTENT_CERT_PK_OID --> NON_TRUSTED_FW_CONTENT_CERT_PK_OID BL33_HASH_OID --> NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID BL2U_HASH_OID --> AP_FWU_CFG_HASH_OID SCP_BL2U_HASH_OID --> SCP_FWU_CFG_HASH_OID NS_BL2U_HASH_OID --> FWU_HASH_OID Change-Id: I1e047ae046299ca913911c39ac3a6e123bd41079
-
- 10 Dec, 2015 3 commits
-
-
Juan Castillo authored
The mbed TLS library has introduced some changes in the API from the 1.3.x to the 2.x releases. Using the 2.x releases requires some changes to the crypto and transport modules. This patch updates both modules to the mbed TLS 2.x API. All references to the mbed TLS library in the code or documentation have been updated to 'mbed TLS'. Old references to PolarSSL have been updated to 'mbed TLS'. User guide updated to use mbed TLS 2.2.0. NOTE: moving up to mbed TLS 2.x from 1.3.x is not backward compatible. Applying this patch will require an mbed TLS 2.x release to be used. Also note that the mbed TLS license changed to Apache version 2.0. Change-Id: Iba4584408653cf153091f2ca2ee23bc9add7fda4
-
Sandrine Bailleux authored
Move up the version numbers in the user guide of: * DS-5 (to v5.22) * Base FVP (to 7.0) * Foundation FVP (to 9.4) * Linaro release (to 15.10) Note that, starting from Linaro release 15.10, the related release instructions have migrated from http://releases.linaro.org to the ARM Connected Community website. The URLs in the User Guide have been updated accordingly. The 'libssl-dev' package has been removed from the list of prerequisite tools, as it is already referenced on the ARM Connected Community page. Also, the 'device-tree-compiler' package has been marked as an optional dependency, since the Trusted Firmware repository provides the prebuilt DTB files. Hence, this tool is needed only when the user wants to rebuild the DTS files. Change-Id: I4a172ece60bf90437131c6b96e73a9f1e9b40117
-
Juan Castillo authored
The Server Base System Architecture document (ARM-DEN-0029) specifies a generic UART device. The programmer's view of this generic UART is a subset of the ARM PL011 UART. However, the current PL011 driver in Trusted Firmware uses some features that are outside the generic UART specification. This patch modifies the PL011 driver to exclude features outside the SBSA generic UART specification by setting the boolean build option 'PL011_GENERIC_UART=1'. Default value is 0 (use full PL011 features). User guide updated. Fixes ARM-software/tf-issues#216 Change-Id: I6e0eb86f9d69569bc3980fb57e70d6da5d91a737
-
- 09 Dec, 2015 2 commits
-
-
Soby Mathew authored
This patch overrides the default weak definition of `bl31_plat_runtime_setup()` for ARM Standard platforms to specify a BL31 runtime console. ARM Standard platforms are now expected to define `PLAT_ARM_BL31_RUN_UART_BASE` and `PLAT_ARM_BL31_RUN_UART_CLK_IN_HZ` macros which is required by `arm_bl31_plat_runtime_setup()` to initialize the runtime console. The system suspend resume helper `arm_system_pwr_domain_resume()` is fixed to initialize the runtime console rather than the boot console on resumption from system suspend. Fixes ARM-software/tf-issues#220 Change-Id: I80eafe5b6adcfc7f1fdf8b99659aca1c64d96975
-
Soby Mathew authored
It is not ideal for BL31 to continue to use boot console at runtime which could be potentially uninitialized. This patch introduces a new optional platform porting API `bl31_plat_runtime_setup()` which allows the platform to perform any BL31 runtime setup just prior to BL31 exit during cold boot. The default weak implementation of this function will invoke `console_uninit()` which will suppress any BL31 runtime logs. On the ARM Standard platforms, there is an anomaly that the boot console will be reinitialized on resumption from system suspend in `arm_system_pwr_domain_resume()`. This will be resolved in the following patch. NOTE: The default weak definition of `bl31_plat_runtime_setup()` disables the BL31 console. To print the BL31 runtime messages, platforms must override this API and initialize a runtime console. Fixes ARM-software/tf-issues#328 Change-Id: Ibaf8346fcceb447fe1a5674094c9f8eb4c09ac4a
-
- 04 Dec, 2015 1 commit
-
-
Soby Mathew authored
On a GICv2 system, interrupts that should be handled in the secure world are typically signalled as FIQs. On a GICv3 system, these interrupts are signalled as IRQs instead. The mechanism for handling both types of interrupts is the same in both cases. This patch enables the TSP to run on a GICv3 system by: 1. adding support for handling IRQs in the exception handling code. 2. removing use of "fiq" in the names of data structures, macros and functions. The build option TSPD_ROUTE_IRQ_TO_EL3 is deprecated and is replaced with a new build flag TSP_NS_INTR_ASYNC_PREEMPT. For compatibility reasons, if the former build flag is defined, it will be used to define the value for the new build flag. The documentation is also updated accordingly. Change-Id: I1807d371f41c3656322dd259340a57649833065e
-
- 02 Dec, 2015 1 commit
-
-
Juan Castillo authored
This patch adds watchdog support on ARM platforms (FVP and Juno). A secure instance of SP805 is used as Trusted Watchdog. It is entirely managed in BL1, being enabled in the early platform setup hook and disabled in the exit hook. By default, the watchdog is enabled in every build (even when TBB is disabled). A new ARM platform specific build option `ARM_DISABLE_TRUSTED_WDOG` has been introduced to allow the user to disable the watchdog at build time. This feature may be used for testing or debugging purposes. Specific error handlers for Juno and FVP are also provided in this patch. These handlers will be called after an image load or authentication error. On FVP, the Table of Contents (ToC) in the FIP is erased. On Juno, the corresponding error code is stored in the V2M Non-Volatile flags register. In both cases, the CPU spins until a watchdog reset is generated after 256 seconds (as specified in the TBBR document). Change-Id: I9ca11dcb0fe15af5dbc5407ab3cf05add962f4b4
-
- 26 Nov, 2015 8 commits
-
-
Sandrine Bailleux authored
The implications of the 'PROGRAMMABLE_RESET_ADDRESS' build option on the platform porting layer are simple enough to be described in the User Guide directly. This patch removes the reference to the Porting Guide. Change-Id: I7f753b18abd20effc4fd30836609e1fd51d9221d
-
Sandrine Bailleux authored
This patch introduces a new build option named COLD_BOOT_SINGLE_CPU, which allows platforms that only release a single CPU out of reset to slightly optimise their cold boot code, both in terms of code size and performance. COLD_BOOT_SINGLE_CPU defaults to 0, which assumes that the platform may release several CPUs out of reset. In this case, the cold reset code needs to coordinate all CPUs via the usual primary/secondary CPU distinction. If a platform guarantees that only a single CPU will ever be released out of reset, there is no need to arbitrate execution ; the notion of primary and secondary CPUs itself no longer exists. Such platforms may set COLD_BOOT_SINGLE_CPU to 1 in order to compile out the primary/secondary CPU identification in the cold reset code. All ARM standard platforms can release several CPUs out of reset so they use COLD_BOOT_SINGLE_CPU=0. However, on CSS platforms like Juno, bringing up more than one CPU at reset should only be attempted when booting an EL3 payload, as it is not fully supported in the normal boot flow. For platforms using COLD_BOOT_SINGLE_CPU=1, the following 2 platform APIs become optional: - plat_secondary_cold_boot_setup(); - plat_is_my_cpu_primary(). The Porting Guide has been updated to reflect that. User Guide updated as well. Change-Id: Ic5b474e61b7aec1377d1e0b6925d17dfc376c46b
-
Sandrine Bailleux authored
- Document the new build option EL3_PAYLOAD_BASE - Document the EL3 payload boot flow - Document the FVP model parameters to boot an EL3 payload Change-Id: Ie6535914a9a68626e4401659bee4fcfd53d4bd37
-
Sandrine Bailleux authored
Normally, in the FVP port, secondary CPUs are immediately powered down if they are powered on at reset. However, when booting an EL3 payload, we need to keep them powered on as the requirement is for all CPUs to enter the EL3 payload image. This patch puts them in a holding pen instead of powering them off. Change-Id: I6526a88b907a0ddb820bead72f1d350a99b1692c
-
Sandrine Bailleux authored
This patch adds support for booting EL3 payloads on CSS platforms, for example Juno. In this scenario, the Trusted Firmware follows its normal boot flow up to the point where it would normally pass control to the BL31 image. At this point, it jumps to the EL3 payload entry point address instead. Before handing over to the EL3 payload, the data SCP writes for AP at the beginning of the Trusted SRAM is restored, i.e. we zero the first 128 bytes and restore the SCP Boot configuration. The latter is saved before transferring the BL30 image to SCP and is restored just after the transfer (in BL2). The goal is to make it appear that the EL3 payload is the first piece of software to run on the target. The BL31 entrypoint info structure is updated to make the primary CPU jump to the EL3 payload instead of the BL31 image. The mailbox is populated with the EL3 payload entrypoint address, which releases the secondary CPUs out of their holding pen (if the SCP has powered them on). The arm_program_trusted_mailbox() function has been exported for this purpose. The TZC-400 configuration in BL2 is simplified: it grants secure access only to the whole DRAM. Other security initialization is unchanged. This alternative boot flow is disabled by default. A new build option EL3_PAYLOAD_BASE has been introduced to enable it and provide the EL3 payload's entry point address. The build system has been modified such that BL31 and BL33 are not compiled and/or not put in the FIP in this case, as those images are not used in this boot flow. Change-Id: Id2e26fa57988bbc32323a0effd022ab42f5b5077
-
Sandrine Bailleux authored
This patch modifies the prototype of the bl1_plat_prepare_exit() platform API to pass the address of the entry point info structure received from BL2. The structure contains information that can be useful, depending on the kind of clean up or bookkeeping operations to perform. The weak implementation of this function ignores this argument to preserve platform backwards compatibility. NOTE: THIS PATCH MAY BREAK PLATFORM PORTS THAT ARE RELYING ON THE FORMER PROTOTYPE OF THE BL1_PLAT_PREPARE_EXIT() API. Change-Id: I3fc18f637de06c85719c4ee84c85d6a4572a0fdb
-
Sandrine Bailleux authored
This patch introduces a new build flag, SPIN_ON_BL1_EXIT, which puts an infinite loop in BL1. It is intended to help debugging the post-BL2 phase of the Trusted Firmware by stopping execution in BL1 just before handing over to BL31. At this point, the developer may take control of the target using a debugger. This feature is disabled by default and can be enabled by rebuilding BL1 with SPIN_ON_BL1_EXIT=1. User Guide updated accordingly. Change-Id: I6b6779d5949c9e5571dd371255520ef1ac39685c
-
Soby Mathew authored
The IMF_READ_INTERRUPT_ID build option enables a feature where the interrupt ID of the highest priority pending interrupt is passed as a parameter to the interrupt handler registered for that type of interrupt. This additional read of highest pending interrupt id from GIC is problematic as it is possible that the original interrupt may get deasserted and another interrupt of different type maybe become the highest pending interrupt. Hence it is safer to prevent such behaviour by removing the IMF_READ_INTERRUPT_ID build option. The `id` parameter of the interrupt handler `interrupt_type_handler_t` is now made a reserved parameter with this patch. It will always contain INTR_ID_UNAVAILABLE. Fixes ARM-software/tf-issues#307 Change-Id: I2173aae1dd37edad7ba6bdfb1a99868635fa34de
-
- 24 Nov, 2015 1 commit
-
-
Soby Mathew authored
This patch changes the build time behaviour when using deprecated API within Trusted Firmware. Previously the use of deprecated APIs would only trigger a build warning (which was always treated as a build error), when WARN_DEPRECATED = 1. Now, the use of deprecated C declarations will always trigger a build time warning. Whether this warning is treated as error or not is determined by the build flag ERROR_DEPRECATED which is disabled by default. When the build flag ERROR_DEPRECATED=1, the invocation of deprecated API or inclusion of deprecated headers will result in a build error. Also the deprecated context management helpers in context_mgmt.c are now conditionally compiled depending on the value of ERROR_DEPRECATED flag so that the APIs themselves do not result in a build error when the ERROR_DEPRECATED flag is set. NOTE: Build systems that use the macro WARN_DEPRECATED must migrate to using ERROR_DEPRECATED, otherwise deprecated API usage will no longer trigger a build error. Change-Id: I843bceef6bde979af7e9b51dddf861035ec7965a
-