- 24 Mar, 2021 12 commits
-
-
Pankaj Gupta authored
NXP Security Monitor IP provides hardware anchored - current security state of the SoC. - Tamper detect etc. Signed-off-by: Ruchika Gupta <ruchika.gupta@nxp.com> Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com> Change-Id: I8ff809fe2f3fd013844ab3d4a8733f53c2b06c81
-
Pankaj Gupta authored
NXP Security Fuse Processor is used to read and write fuses. - Fuses once written, are cannot be un-done. - Used as trust anchor for monotonic counter, different platform keys etc. Signed-off-by: Udit Agarwal <udit.agarwal@nxp.com> Signed-off-by: Ruchika Gupta <ruchika.gupta@nxp.com> Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com> Change-Id: I347e806dd87078150fbbbfc28355bb44d9eacb9c
-
Pankaj Gupta authored
CCN API(s) to be used NXP SoC(s) are added. These API(s) based on ARM CCN driver - driver/arm/ccn CCI API(s) to be used NXP SoC(s) are added. These API(s) based on ARM CCI driver - driver/arm/cci Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com> Change-Id: I7682c4c9bd42f63542b3ffd3cb6c5d2effe4ae0a
-
Pankaj Gupta authored
NXP TZC-400 API(s) to configure ddr regions are based on: - drivers/arm/tzc Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com> Change-Id: I524433ff9fafe1170b13e99b7de01fe957b6d305
-
Pankaj Gupta authored
NXP Timer Apis are based on: - drivers/delay_timer Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com> Change-Id: I2cbccf4c082a10affee1143390905b9cc99c3382
-
Pankaj Gupta authored
NXP SoC needs Device Configuration driver to fetch the current SoC configuration. Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com> Change-Id: Ie17cca01a8eb9a6f5feebb093756f577692432bf
-
Pankaj Gupta authored
NXP SoCs, supports two types of UART controller: - PL011 - using ARM drivers sources - 16550 - using TI drivers source Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com> Change-Id: Iacbcefd2b6e5d96f83fa00ad25b4f63a4c822bb4
-
Pankaj Gupta authored
Generic framework is added to include platform defined UUID. This framework is added for the following: - All NXP SoC based platforms needed additional fip-fuse.bin - NXP SoC lx2160a based platforms requires additional fip-ddr.bin Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com> Change-Id: Ibe05d9c596256e34077287a490dfcd5b731ef2cf
-
Pankaj Gupta authored
Conditional definition for the macro MAX_NUMBER_IDS. This will allow to update this definition by the platform specific implementation. Since, NXP SoC lx2160a based platforms requires additional FIP DDR to be loaded before initializing the DDR. It requires addition of defines for DDR image IDs. A dedicated header plat_tbbr_img_def.h is added to the platform folder - plat/nxp/common/include/default/ Inclusion of this header file will depend on the compile time flag PLAT_TBBR_IMG_DEF. Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com> Change-Id: I4faba74dce578e2a34acbc8915ff75d7b8368cee
-
Pankaj Gupta authored
Incorrect value is picked for TF_MBEDTLS_USE_RSA defination, even if the TF_MBEDTLS_RSA is enabled. Due to which PK_DER_LEN is defined incorrectly. Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com> Change-Id: I2ca4ca121e0287b88ea689c885ddcd45a34a3e91
-
Pankaj Gupta authored
Changes to 'tools/cert_create' folder, to include platform defined certificates, keys, and extensions. NXP SoC lx2160a : based platforms requires additional FIP DDR to be loaded before initializing the DDR. To enable chain of trust on these platforms, FIP DDR image needs to be authenticated, additionally. Platform specific folder 'tools/nxp/cert_create_helper' is added to support platform specific macros and definitions. Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com> Change-Id: I4752a30a9ff3aa1d403e9babe3a07ba0e6b2bf8f
-
Pankaj Gupta authored
Platforms, which requires additional images to be verified using TBBR; such that their key certificate is tied to TRUSTED_KEY_CERT. For such platforms, if make commands runs twice: - Once with targets as bl2 & fip.bin, and - Again to build the target as the additional image. then, if path to the TRUSTED_KEY_CERT varies in the makefile with make-target of the additional image, then there would be two location where "trusted_key.crt" will be created. This patch helps overriding the TRUSTED_KEY_CERT from any .mk in the platform's makefile structure. Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com> Change-Id: I775a2c409035504b21b0bbe5a4f9046898163eed
-
- 23 Mar, 2021 3 commits
-
-
André Przywara authored
-
Andre Przywara authored
The devicetree binding document[1] for the /reserved-memory node demands that the number of address and size-cells in the reserved-memory node must match those values in the root node. So far we were forcing a 64-bit address along with a 32-bit size. Adjust the code to query the cells values from the root node, and populate the newly created /reserved-memory node accordingly. This fixes the fdt_add_reserved_memory() function when called on a devicetree which does not use the 2/1 pair. Linux is picky about this and will bail out the parsing routine, effectively ignoring the reserved-memory node: [ 0.000000] OF: fdt: Reserved memory: unsupported node format, ignoring [1] Documentation/devicetree/bindings/reserved-memory/reserved-memory.txt in the Linux kernel source tree Change-Id: Ie126ebab4f3fedd48e12c9ed4bd8fa123acc86d3 Signed-off-by: Andre Przywara <andre.przywara@arm.com>
-
Olivier Deprez authored
-
- 19 Mar, 2021 3 commits
-
-
Madhukar Pappireddy authored
-
Tejas Patel authored
BIT24 of IPI command header is used to determine if caller is secure or non-secure. Mark BIT24 of IPI command header as non-secure if SMC caller is non-secure. Signed-off-by: Tejas Patel <tejas.patel@xilinx.com> Signed-off-by: Abhyuday Godhasara <abhyuday.godhasara@xilinx.com> Change-Id: Iec25af8f4b202093f58e858ee47cd9cd46890267
-
J-Alves authored
FF-A specification states that error codes should be typed int32_t. SPMD's uses uint64_t for return values, which if assigned with a signed type would have sign extension, and change the size of the return from 32-bit to 64-bit. Signed-off-by: J-Alves <joao.alves@arm.com> Change-Id: I288ab2ffec8330a2fe1f21df14e22c34bd83ced3
-
- 18 Mar, 2021 7 commits
-
-
Madhukar Pappireddy authored
Merge "Bug fix in tspd interrupt handling when TSP_NS_INTR_ASYNC_PREEMPT is enabled" into integration
-
Madhukar Pappireddy authored
-
Madhukar Pappireddy authored
-
Madhukar Pappireddy authored
Typically, interrupts for a specific security state get handled in the same security execption level if the execution is in the same security state. For example, if a non-secure interrupt gets fired when CPU is executing in NS-EL2 it gets handled in the non-secure world. However, interrupts belonging to the opposite security state typically demand a world(context) switch. This is inline with the security principle which states a secure interrupt has to be handled in the secure world. Hence, the TSPD in EL3 expects the context(handle) for a secure interrupt to be non-secure and vice versa. The function "tspd_sel1_interrupt_handler" is the handler registered for S-EL1 interrupts by the TSPD. Based on the above assumption, it provides an assertion to validate if the interrupt originated from non-secure world and upon success arranges entry into the TSP at 'tsp_sel1_intr_entry' for handling the interrupt. However, a race condition between non-secure and secure interrupts can lead to a scenario where the above assumptions do not hold true and further leading to following assert fail. This patch fixes the bug which causes this assert fail: ASSERT: services/spd/tspd/tspd_main.c:105 BACKTRACE: START: assert 0: EL3: 0x400c128 1: EL3: 0x400faf8 2: EL3: 0x40099a4 3: EL3: 0x4010d54 BACKTRACE: END: assert Change-Id: I359d30fb5dbb1429a4a3c3fff37fdc64c07e9414 Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
-
Madhukar Pappireddy authored
-
Tomas Pilar authored
The UEFI specification details the represenatation for the EFI_GUID type. Add this representation to the uuid_helper_t union type so that GUID definitions can be shared verbatim between UEFI and TF-A header files. Change-Id: Ie44ac141f70dd0025e186581d26dce1c1c29fce6 Signed-off-by: Tomas Pilar <tomas@nuviainc.com>
-
Madhukar Pappireddy authored
-
- 17 Mar, 2021 2 commits
-
-
Sandrine Bailleux authored
-
deqi.hu authored
1.Since in mmc_init, the most of mmc_device_info passed in are temporary variables. In order to avoid referencing the released space on the stack when maybe MISUSED, it`s better to use global variables to store mmc_device_info in mmc.c 2.Delete redundant; Signed-off-by: deqi.hu@siengine.com Change-Id: I51ae90e7f878b19b4963508b3f7ec66339015ebc
-
- 16 Mar, 2021 2 commits
-
-
Olivier Deprez authored
* changes: SPM: declare third cactus instance as UP SP SPMD: lock the g_spmd_pm structure FF-A: implement FFA_SECONDARY_EP_REGISTER
-
Michal Simek authored
Versal is a72 based that's why there is no reason to build low level assemble code for a53. Signed-off-by: Michal Simek <michal.simek@xilinx.com> Change-Id: Iff9cf2582102d951825b87fd9af18e831ca717d6
-
- 15 Mar, 2021 4 commits
-
-
Madhukar Pappireddy authored
* changes: plat: tc0: add matterhorn_elp_arm library to tc0 cpus: add Matterhorn ELP ARM cpu library
-
Olivier Deprez authored
The FF-A v1.0 spec allows two configurations for the number of EC/vCPU instantiated in a Secure Partition: -A MultiProcessor (MP) SP instantiates as many ECs as the number of PEs. An EC is pinned to a corresponding physical CPU. -An UniProcessor (UP) SP instantiates a single EC. The EC is migrated to the physical CPU from which the FF-A call is originating. This change permits exercising the latter case within the TF-A-tests framework. Signed-off-by: Olivier Deprez <olivier.deprez@arm.com> Change-Id: I7fae0e7b873f349b34e57de5cea496210123aea0
-
Olivier Deprez authored
Add a lock and spin lock/unlock calls when accessing the fields of the SPMD PM structure. Signed-off-by: Olivier Deprez <olivier.deprez@arm.com> Change-Id: I9bab705564dc1ba003c29512b1f9be5f126fbb0d
-
Olivier Deprez authored
Remove the former impdef SPMD service for SPMC entry point registration. Replace with FFA_SECONDARY_EP_REGISTER ABI providing a single entry point address into the SPMC for primary and secondary cold boot. Signed-off-by: Olivier Deprez <olivier.deprez@arm.com> Change-Id: I067adeec25fc12cdae90c15a616903b4ac4d4d83
-
- 12 Mar, 2021 1 commit
-
-
Sandrine Bailleux authored
* changes: plat/arm: Remove ARM_LINUX_KERNEL_AS_BL33 relying on RESET_TO_BL31 plat/arm: Always allow ARM_LINUX_KERNEL_AS_BL33
-
- 10 Mar, 2021 4 commits
-
-
Usama Arif authored
Signed-off-by: Usama Arif <usama.arif@arm.com> Change-Id: Ie199c60553477c43d1665548ae78cdfd1aa7ffcf
-
Usama Arif authored
Change-Id: Ie1acde619a5b21e09717c0e80befb6d53fd16607 Signed-off-by: Usama Arif <usama.arif@arm.com>
-
Madhukar Pappireddy authored
* changes: qemu/qemu_sbsa: fix memory type of secure NOR flash qemu/qemu_sbsa: spm_mm supports 512 cores
-
Madhukar Pappireddy authored
-
- 09 Mar, 2021 2 commits
-
-
Manish Pandey authored
-
Heiko Stuebner authored
Compiling BL31 for the Rockchip platform now produces a message about the deprecation of gic_common.c. Follow the advice and use include gicv2.mk instead. Signed-off-by: Heiko Stuebner <heiko.stuebner@theobroma-systems.com> Change-Id: I396b977d57975dba27cfed801ad5264bbbde2b5e
-