1. 31 Mar, 2017 4 commits
    • dp-arm's avatar
      Juno: Initialize stack protector canary from the trusted entropy source · e6d2aea1
      dp-arm authored
      
      
      Change-Id: I7f3e4bfd46613c6311ba4015d56705414fd6feab
      Signed-off-by: default avatardp-arm <dimitris.papastamos@arm.com>
      e6d2aea1
    • dp-arm's avatar
      Juno: Introduce juno_getentropy(void *buf, size_t len) · df9a39ea
      dp-arm authored
      
      
      This function fills the buffer (first argument) with the specified
      number of bytes (second argument) from the trusted entropy source.
      
      This function will be used to initialize the stack protector canary.
      
      Change-Id: Iff15aaf4778c13fa883ecb5528fcf9b8479d4489
      Signed-off-by: default avatardp-arm <dimitris.papastamos@arm.com>
      df9a39ea
    • dp-arm's avatar
      Introduce MIN()/MAX() macros in utils.h · 233d83d0
      dp-arm authored
      
      
      Change-Id: If88270bc9edb32634a793b1e1be6c4829f39b9c5
      Signed-off-by: default avatardp-arm <dimitris.papastamos@arm.com>
      233d83d0
    • Douglas Raillard's avatar
      Add support for GCC stack protection · 51faada7
      Douglas Raillard authored
      
      
      Introduce new build option ENABLE_STACK_PROTECTOR. It enables
      compilation of all BL images with one of the GCC -fstack-protector-*
      options.
      
      A new platform function plat_get_stack_protector_canary() is introduced.
      It returns a value that is used to initialize the canary for stack
      corruption detection. Returning a random value will prevent an attacker
      from predicting the value and greatly increase the effectiveness of the
      protection.
      
      A message is printed at the ERROR level when a stack corruption is
      detected.
      
      To be effective, the global data must be stored at an address
      lower than the base of the stacks. Failure to do so would allow an
      attacker to overwrite the canary as part of an attack which would void
      the protection.
      
      FVP implementation of plat_get_stack_protector_canary is weak as
      there is no real source of entropy on the FVP. It therefore relies on a
      timer's value, which could be predictable.
      
      Change-Id: Icaaee96392733b721fa7c86a81d03660d3c1bc06
      Signed-off-by: default avatarDouglas Raillard <douglas.raillard@arm.com>
      51faada7
  2. 29 Mar, 2017 2 commits
  3. 28 Mar, 2017 3 commits
  4. 27 Mar, 2017 3 commits
  5. 24 Mar, 2017 1 commit
  6. 23 Mar, 2017 1 commit
  7. 22 Mar, 2017 3 commits
    • Varun Wadekar's avatar
      Tegra186: implement support for System Suspend · 50402b17
      Varun Wadekar authored
      
      
      This patch adds the chip level support for System Suspend entry
      and exit. As part of the entry sequence we first query the MCE
      firmware to check if it is safe to enter system suspend. Once
      we get a green light, we save hardware block settings and enter
      the power state. As expected, all the hardware settings are
      restored once we exit the power state.
      
      Change-Id: I6d192d7568d6a555eb10efdfd45f6d79c20f74ea
      Signed-off-by: default avatarVarun Wadekar <vwadekar@nvidia.com>
      50402b17
    • Varun Wadekar's avatar
      Tegra186: memctrl_v2: restore video memory settings · ea96ac17
      Varun Wadekar authored
      
      
      The memory controller loses its settings when the device enters system
      suspend state.
      
      This patch adds a handler to restore the Video Memory settings in the
      memory controller, which would be called after exiting the system suspend
      state.
      
      Change-Id: I1ac12426d7290ac1452983d3c9e05fabbf3327fa
      Signed-off-by: default avatarVarun Wadekar <vwadekar@nvidia.com>
      ea96ac17
    • Varun Wadekar's avatar
      Tegra186: smmu: driver for the smmu hardware block · 4122151f
      Varun Wadekar authored
      
      
      This patch adds a device driver for the SMMU hardware block on
      Tegra186 SoCs. We use the generic ARM SMMU-500 IP block on
      Tegra186. The driver only supports saving the SMMU settings
      before entering system suspend. The MC driver and the NS world
      clients take care of programming their own settings.
      
      Change-Id: Iab5a90310ee10f6bc8745451ce50952ab3de7188
      Signed-off-by: default avatarVarun Wadekar <vwadekar@nvidia.com>
      4122151f
  8. 20 Mar, 2017 23 commits