1. 12 Oct, 2020 1 commit
  2. 01 Oct, 2020 1 commit
  3. 29 Sep, 2020 1 commit
    • Andre Przywara's avatar
      drivers: arm: gicv3: Allow detecting number of cores · 79d89e3d
      Andre Przywara authored
      
      
      A GICv3 interrupt controller will be instantiated for a certain number
      of cores. This will result in the respective number of GICR frames. The
      last frame will have the "Last" bit set in its GICR_TYPER register.
      
      For platforms with a topology unknown at build time (the Arm FPGAs, for
      instance), we need to learn the number of used cores at runtime, to size
      the GICR region in the devicetree accordingly.
      
      Add a generic function that iterates over all GICR frames until it
      encounters one with the "Last" bit set. It returns the number of cores
      the GICv3 has been configured for.
      
      Change-Id: I79f033c50dfc1c275aba7122725868811abcc4f8
      Signed-off-by: default avatarAndre Przywara <andre.przywara@arm.com>
      79d89e3d
  4. 24 Sep, 2020 2 commits
  5. 22 Sep, 2020 1 commit
  6. 15 Sep, 2020 1 commit
  7. 12 Aug, 2020 1 commit
    • Manish Pandey's avatar
      dualroot: add chain of trust for Platform owned SPs · 2947412d
      Manish Pandey authored
      
      
      For dualroot CoT there are two sets of SP certificates, one owned by
      Silicon Provider(SiP) and other owned by Platform. Each certificate can
      have a maximum of 4 SPs.
      
      This patch reduces the number of SiP owned SPs from 8 to 4 and adds
      the remaining 4 to Plat owned SP.
      Plat owned SP certificate is signed using Platform RoT key and
      protected against anti-rollback using the Non-trusted Non-volatile
      counter.
      
      Change-Id: Idc3ddd87d6d85a5506a7435f45a6ec17c4c50425
      Signed-off-by: default avatarManish Pandey <manish.pandey2@arm.com>
      2947412d
  8. 11 Aug, 2020 1 commit
    • Stefan Chulski's avatar
      plat: marvell: ap807: implement workaround for errata-id 3033912 · 5e4c97d0
      Stefan Chulski authored
      
      
      ERRATA ID: RES-3033912 - Internal Address Space Init state causes
      a hang upon accesses to [0xf070_0000, 0xf07f_ffff]
      Workaround: Boot Firmware (ATF) should configure CCU_RGF_WIN(4) to
      split [0x6e_0000, 0xff_ffff] to values [0x6e_0000, 0x6f_ffff] and
      [0x80_0000, 0xff_ffff] that cause accesses to the segment of
      [0xf070_0000, 0xf07f_ffff] to act as RAZWI. Reuse common
      work-around code for both AP806 and AP807.
      
      Change-Id: Ia91a4802d02917d1682faa0c81571093d1687d97
      Signed-off-by: default avatarStefan Chulski <stefanc@marvell.com>
      5e4c97d0
  9. 31 Jul, 2020 1 commit
    • Manish Pandey's avatar
      tbbr/dualroot: rename SP package certificate file · 03a5225c
      Manish Pandey authored
      
      
      Currently only single signing domain is supported for SP packages but
      there is plan to support dual signing domains if CoT is dualroot.
      
      SP_CONTENT_CERT_ID is the certificate file which is currently generated
      and signed with trusted world key which in-turn is derived from Silicon
      provider RoT key.
      To allow dual signing domain for SP packages, other certificate file
      will be derived from Platform owned RoT key.
      
      This patch renames "SP_CONTENT_CERT_ID" to "SIP_SP_CONTENT_CERT_ID" and
      does other related changes.
      Signed-off-by: default avatarManish Pandey <manish.pandey2@arm.com>
      Change-Id: I0bc445a3ab257e2dac03faa64f46e36a9fed5e93
      03a5225c
  10. 30 Jul, 2020 1 commit
  11. 29 Jul, 2020 1 commit
  12. 27 Jul, 2020 1 commit
  13. 21 Jul, 2020 1 commit
  14. 10 Jul, 2020 1 commit
  15. 08 Jul, 2020 1 commit
  16. 24 Jun, 2020 2 commits
  17. 22 Jun, 2020 2 commits
    • Sandeep Tripathy's avatar
      TF-A GIC driver: Add barrier before eoi · 5eb16c47
      Sandeep Tripathy authored
      
      
      It is desired to have the peripheral writes completed to clear the
      interrupt condition and de-assert the interrupt request to GIC before
      EOI write. Failing which spurious interrupt will occurred.
      
      A barrier is needed to ensure peripheral register write transfers are
      complete before EOI is done.
      
      GICv2 memory mapped DEVICE nGnR(n)E writes are ordered from core point
      of view. However these writes may pass over different interconnects,
      bridges, buffers leaving some rare chances for the actual write to
      complete out of order.
      
      GICv3 ICC EOI system register writes have no ordering against nGnR(n)E
      memory writes as they are over different interfaces.
      
      Hence a dsb can ensure from core no writes are issued before the previous
      writes are *complete*.
      Signed-off-by: default avatarSandeep Tripathy <sandeep.tripathy@broadcom.com>
      Change-Id: Ie6362009e2f91955be99dca8ece14ade7b4811d6
      5eb16c47
    • Sheetal Tigadoli's avatar
      Fix typo in file Header guard · 49fe535b
      Sheetal Tigadoli authored
      
      Signed-off-by: default avatarSheetal Tigadoli <sheetal.tigadoli@broadcom.com>
      Change-Id: Iaf6deaeee2069720518221157edbb052bc42850a
      49fe535b
  18. 19 Jun, 2020 3 commits
  19. 17 Jun, 2020 4 commits
  20. 09 Jun, 2020 2 commits
    • Andre Przywara's avatar
      GICv3: GIC-600: Detect GIC-600 at runtime · b4ad365a
      Andre Przywara authored
      
      
      The only difference between GIC-500 and GIC-600 relevant to TF-A is the
      differing power management sequence.
      A certain GIC implementation is detectable at runtime, for instance by
      checking the IIDR register. Let's add that test before initiating the
      GIC-600 specific sequence, so the code can be used on both GIC-600 and
      GIC-500 chips alike, without deciding on a GIC chip at compile time.
      
      This means that the GIC-500 "driver" is now redundant. To allow minimal
      platform support, add a switch to disable GIC-600 support.
      
      Change-Id: I17ea97d9fb05874772ebaa13e6678b4ba3415557
      Signed-off-by: default avatarAndre Przywara <andre.przywara@arm.com>
      b4ad365a
    • Manish Pandey's avatar
      dualroot: add chain of trust for secure partitions · 44f1aa8e
      Manish Pandey authored
      
      
      A new certificate "sip-sp-cert" has been added for Silicon Provider(SiP)
      owned Secure Partitions(SP). A similar support for Platform owned SP can
      be added in future. The certificate is also protected against anti-
      rollback using the trusted Non-Volatile counter.
      
      To avoid deviating from TBBR spec, support for SP CoT is only provided
      in dualroot.
      Secure Partition content certificate is assigned image ID 31 and SP
      images follows after it.
      
      The CoT for secure partition look like below.
      +------------------+       +-------------------+
      | ROTPK/ROTPK Hash |------>| Trusted Key       |
      +------------------+       | Certificate       |
                                 | (Auth Image)      |
                                /+-------------------+
                               /                   |
                              /                    |
                             /                     |
                            /                      |
                           L                       v
      +------------------+       +-------------------+
      | Trusted World    |------>| SiP owned SPs     |
      | Public Key       |       | Content Cert      |
      +------------------+       | (Auth Image)      |
                              /   +-------------------+
                             /                      |
                            /                      v|
      +------------------+ L     +-------------------+
      | SP_PKG1 Hash     |------>| SP_PKG1           |
      |                  |       | (Data Image)      |
      +------------------+       +-------------------+
              .                           .
              .                           .
              .                           .
      +------------------+       +-------------------+
      | SP_PKG8 Hash     |------>| SP_PKG8           |
      |                  |       | (Data Image)      |
      +------------------+       +-------------------+
      Signed-off-by: default avatarManish Pandey <manish.pandey2@arm.com>
      Change-Id: Ia31546bac1327a3e0b5d37e8b99c808442d5e53f
      44f1aa8e
  21. 06 Jun, 2020 4 commits
  22. 03 Jun, 2020 1 commit
  23. 01 Jun, 2020 1 commit
    • Etienne Carriere's avatar
      drivers: stm32_reset adapt interface to timeout argument · 45c70e68
      Etienne Carriere authored
      
      
      Changes stm32mp1 reset driver to API to add a timeout argument
      to stm32mp_reset_assert() and stm32mp_reset_deassert() and
      a return value.
      
      With a supplied timeout, the functions wait the target reset state
      is reached before returning. With a timeout of zero, the functions
      simply load target reset state in SoC interface and return without
      waiting.
      
      Helper functions stm32mp_reset_set() and stm32mp_reset_release()
      use a zero timeout and return without a return code.
      
      This change updates few stm32 drivers and plat/stm32mp1 blé_plat_setup.c
      accordingly without any functional change.
      functional change.
      
      Change-Id: Ia1a73a15125d3055fd8739c125b70bcb9562c27f
      Signed-off-by: default avatarEtienne Carriere <etienne.carriere@st.com>
      45c70e68
  24. 19 May, 2020 1 commit
  25. 11 May, 2020 1 commit
  26. 28 Apr, 2020 1 commit
    • Andre Przywara's avatar
      plat/stm32: Use generic fdt_read_uint32_array() implementation · 52a616b4
      Andre Przywara authored
      
      
      The device tree parsing code for the STM32 platform is using its own FDT
      helper functions, some of them being rather generic.
      In particular the existing fdt_read_uint32_array() implementation is now
      almost identical to the new generic code in fdt_wrappers.c, so we can
      remove the ST specific version and adjust the existing callers.
      
      Compared to the original ST implementation the new version takes a
      pointer to the DTB as the first argument, and also swaps the order of
      the number of cells and the pointer.
      
      Change-Id: Id06b0f1ba4db1ad1f733be40e82c34f46638551a
      Signed-off-by: default avatarAndre Przywara <andre.przywara@arm.com>
      52a616b4
  27. 07 Apr, 2020 1 commit
  28. 06 Apr, 2020 1 commit