Skip to content

GitLab

Switch branch/tag
  1. 13 Sep, 2019 1 commit
    • Alexei Fedorov's avatar
      Refactor ARMv8.3 Pointer Authentication support code · ed108b56
      Alexei Fedorov authored 
      

This patch provides the following features and makes modifications
listed below:
- Individual APIAKey key generation for each CPU.
- New key generation on every BL31 warm boot and TSP CPU On event.
- Per-CPU storage of APIAKey added in percpu_data[]
  of cpu_data structure.
- `plat_init_apiakey()` function replaced with `plat_init_apkey()`
  which returns 128-bit value and uses Generic timer physical counter
  value to increase the randomness of the generated key.
  The new function can be used for generation of all ARMv8.3-PAuth keys
- ARMv8.3-PAuth specific code placed in `lib\extensions\pauth`.
- New `pauth_init_enable_el1()` and `pauth_init_enable_el3()` functions
  generate, program and enable APIAKey_EL1 for EL1 and EL3 respectively;
  pauth_disable_el1()` and `pauth_disable_el3()` functions disable
  PAuth for EL1 and EL3 respectively;
  `pauth_load_bl31_apiakey()` loads saved per-CPU APIAKey_EL1 from
  cpu-data structure.
- Combined `save_gp_pauth_registers()` function replaces calls to
  `save_gp_registers()` and `pauth_context_save()`;
  `restore_gp_pauth_registers()` replaces `pauth_context_restore()`
  and `restore_gp_registers()` calls.
- `restore_gp_registers_eret()` function removed with corresponding
  code placed in `el3_exit()`.
- Fixed the issue when `pauth_t pauth_ctx` structure allocated space
  for 12 uint64_t PAuth registers instead of 10 by removal of macro
  CTX_PACGAKEY_END from `include/lib/el3_runtime/aarch64/context.h`
  and assigning its value to CTX_PAUTH_REGS_END.
- Use of MODE_SP_ELX and MODE_SP_EL0 macro definitions
  in `msr	spsel`  instruction instead of hard-coded values.
- Changes in documentation related to ARMv8.3-PAuth and ARMv8.5-BTI.

Change-Id: Id18b81cc46f52a783a7e6a09b9f149b6ce803211
Signed-off-by: default avatarAlexei Fedorov <Alexei.Fedorov@arm.com>
      ed108b56
  3. 18 Jul, 2019 1 commit
  5. 30 May, 2019 1 commit
  7. 22 May, 2019 4 commits
    • Paul Beesley's avatar
      doc: Use proper note and warning annotations · e1c5026a
      Paul Beesley authored 
      

The documentation contains plenty of notes and warnings. Enable
special rendering of these blocks by converting the note prefix
into a .. note:: annotation.

Change-Id: I34e26ca6bf313d335672ab6c2645741900338822
Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      e1c5026a
    • Paul Beesley's avatar
      doc: Add minimal glossary · 8f62ca7b
      Paul Beesley authored 
      

One of the current issues with the documentation is that terms and
abbreviations are frequently redefined. For example, we might have
a sentence like "... the SCP (System Control Processor) will ...".

These definitions might be repeated several times across pages, or
even within the same document. Equally, some of these abbreviations
are missed and are never expanded.

Sphinx provides a :term: keyword that takes some text and,
if that text is defined in a glossary document, links to its glossary
entry. Using this functionality will prevent repeated definitions
and will make the docs more maintainable by using a single
definition source.

The glossary added in this patch was created from a quick scrub of
the source code - there may be missing entries. The SDEI abbreviation
was used as an example.

Note that a global_substitutions file was created. This file contains
the RST 'replace' statements that convert plain text terms into linked
terms (by adding the ':term:' keyword to them). An example is:

.. |TF-A| replace:: :term:`TF-A`

The 'rst_prolog' variable in conf.py is used to inject this list of
replacements into each page. Terms must be surrounded with the pipe
character to be turned into links - this means that we can still
prevent certain terms from being linked if we don't want them to be.

Change-Id: I87010ed9cfa4a60011a9b4a431b98cb4bb7baa28
Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      8f62ca7b
    • Paul Beesley's avatar
      doc: Remove per-page contents lists · 57354abb
      Paul Beesley authored 
      

These are no longer needed as there will always be a table of contents
rendered to the left of every page.

Some of these lists can be quite long and, when opening a page, the
reader sees nothing but a huge list of contents! After this patch,
the document contents are front-and-centre and the contents are
nicely rendered in the sidebar without duplication.

Change-Id: I444754d548ec91d00f2b04e861de8dde8856aa62
Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      57354abb
    • Paul Beesley's avatar
      doc: Reword document titles · 8aa05055
      Paul Beesley authored 
      

This patch attempts to standardise the document titles as well as
adding titles to documents that were missing one. The aim is to
remove needless references to "TF-A" or "Trusted Firmware" in the
title of every document and to make sure that the title matches
with the document content.

Change-Id: I9b93ccf43b5d57e8dc793a5311b8ed7c4dd245cc
Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      8aa05055
  9. 21 May, 2019 1 commit
    • Paul Beesley's avatar
      doc: Move documents into subdirectories · 40d553cf
      Paul Beesley authored 
      

This change creates the following directories under docs/
in order to provide a grouping for the content:

- components
- design
- getting_started
- perf
- process

In each of these directories an index.rst file is created
and this serves as an index / landing page for each of the
groups when the pages are compiled. Proper layout of the
top-level table of contents relies on this directory/index
structure.

Without this patch it is possible to build the documents
correctly with Sphinx but the output looks messy because
there is no overall hierarchy.

Change-Id: I3c9f4443ec98571a56a6edf775f2c8d74d7f429f
Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      40d553cf
  11. 12 Apr, 2019 1 commit
    • Ambroise Vincent's avatar
      Mbed TLS: Remove weak heap implementation · 2374ab17
      Ambroise Vincent authored 
      

The implementation of the heap function plat_get_mbedtls_heap() becomes
mandatory for platforms supporting TRUSTED_BOARD_BOOT.

The shared Mbed TLS heap default weak function implementation is
converted to a helper function get_mbedtls_heap_helper() which can be
used by the platforms for their own function implementation.

Change-Id: Ic8f2994e25e3d9fcd371a21ac459fdcafe07433e
Signed-off-by: default avatarAmbroise Vincent <ambroise.vincent@arm.com>
      2374ab17
  13. 28 Feb, 2019 1 commit
  15. 27 Feb, 2019 1 commit
    • Antonio Nino Diaz's avatar
      Add support for pointer authentication · b86048c4
      Antonio Nino Diaz authored 
      

The previous commit added the infrastructure to load and save
ARMv8.3-PAuth registers during Non-secure <-> Secure world switches, but
didn't actually enable pointer authentication in the firmware.

This patch adds the functionality needed for platforms to provide
authentication keys for the firmware, and a new option (ENABLE_PAUTH) to
enable pointer authentication in the firmware itself. This option is
disabled by default, and it requires CTX_INCLUDE_PAUTH_REGS to be
enabled.

Change-Id: I35127ec271e1198d43209044de39fa712ef202a5
Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      b86048c4
  17. 13 Feb, 2019 1 commit
  19. 08 Feb, 2019 3 commits
  21. 01 Feb, 2019 1 commit
  23. 31 Jan, 2019 1 commit
  25. 15 Jan, 2019 1 commit
    • Paul Beesley's avatar
      Correct typographical errors · 8aabea33
      Paul Beesley authored 
      

Corrects typos in core code, documentation files, drivers, Arm
platforms and services.

None of the corrections affect code; changes are limited to comments
and other documentation.

Change-Id: I5c1027b06ef149864f315ccc0ea473e2a16bfd1d
Signed-off-by: default avatarPaul Beesley <paul.beesley@arm.com>
      8aabea33
  27. 07 Dec, 2018 1 commit
    • Julius Werner's avatar
      plat/common/crash_console_helpers.S: Fix MULTI_CONSOLE_API support · 63c52d00
      Julius Werner authored 
      Crash reporting via the default consoles registered by MULTI_CONSOLE_API
has been broken since commit d35cc347

 (Console: Use callee-saved
registers), which was introduced to allow console drivers written in C.
It's not really possible with the current crash reporting framework to
support console drivers in C, however we should make sure that the
existing assembly drivers that do support crash reporting continue to
work through the MULTI_CONSOLE_API.

This patch fixes the problem by creating custom console_putc() and
console_flush() implementations for the crash reporting case that do not
use the stack. Platforms that want to use this feature will have to link
plat/common/aarch64/crash_console_helpers.S explicitly.

Also update the documentation to better reflect the new reality (of this
being an option rather than the expected default for most platforms).

Change-Id: Id0c761e5e2fddaf25c277bc7b8ab603946ca73cb
Signed-off-by: default avatarJulius Werner <jwerner@chromium.org>
      63c52d00
  29. 26 Nov, 2018 1 commit
  31. 25 Oct, 2018 1 commit
  33. 02 Oct, 2018 2 commits
  35. 01 Oct, 2018 1 commit
  37. 28 Sep, 2018 2 commits
  39. 04 Sep, 2018 2 commits
    • John Tsichritzis's avatar
      Support shared Mbed TLS heap for FVP · ba597da7
      John Tsichritzis authored 
      

This patch introduces the shared Mbed TLS heap optimisation for Arm
platforms. The objective is the Mbed TLS heap to be shared between BL1
and BL2 so as to not allocate the heap memory twice. To achieve that,
the patch introduces all the necessary helpers for implementing this
optimisation. It also applies it for FVP.

Change-Id: I6d85eaa1361517b7490956b2ac50f5fa0d0bb008
Signed-off-by: default avatarJohn Tsichritzis <john.tsichritzis@arm.com>
      ba597da7
    • John Tsichritzis's avatar
      Prepare Mbed TLS drivers for shared heap · 6d01a463
      John Tsichritzis authored 
      

The Mbed TLS drivers, in order to work, need a heap for internal usage.
This heap, instead of being directly referenced by the drivers, now it
is being accessed indirectly through a pointer. Also, the heap, instead
of being part of the drivers, now it is being received through the
plat_get_mbedtls_heap() function. This function requests a heap from the
current BL image which utilises the Mbed TLS drivers.

Those changes create the opportunity for the Mbed TLS heap to be shared
among different images, thus saving memory. A default heap
implementation is provided but it can be overridden by a platform
specific, optimised implemenetation.

Change-Id: I286a1f10097a9cdcbcd312201eea576c18d157fa
Signed-off-by: default avatarJohn Tsichritzis <john.tsichritzis@arm.com>
      6d01a463
  41. 22 Aug, 2018 1 commit
  43. 24 Jul, 2018 1 commit
  45. 19 Jul, 2018 1 commit
  47. 27 Jun, 2018 1 commit
    • Jeenu Viswambharan's avatar
      DynamIQ: Enable MMU without using stack · 64ee263e
      Jeenu Viswambharan authored 
      

Having an active stack while enabling MMU has shown coherency problems.
This patch builds on top of translation library changes that introduces
MMU-enabling without using stacks.

Previously, with HW_ASSISTED_COHERENCY, data caches were disabled while
enabling MMU only because of active stack. Now that we can enable MMU
without using stack, we can enable both MMU and data caches at the same
time.

NOTE: Since this feature depends on using translation table library v2,
disallow using translation table library v1 with HW_ASSISTED_COHERENCY.

Fixes ARM-software/tf-issues#566

Change-Id: Ie55aba0c23ee9c5109eb3454cb8fa45d74f8bbb2
Signed-off-by: default avatarJeenu Viswambharan <jeenu.viswambharan@arm.com>
      64ee263e
  49. 22 Jun, 2018 1 commit
    • John Tsichritzis's avatar
      Fix typos in documentation · 677ad32c
      John Tsichritzis authored 
      

In the porting guide, there are blue boxes that describe the argument
types and the return type of each function.  A small typo caused some of
these boxes not being properly rendered.

In the user guide, small typos were fixed that caused random text being
unintentionally rendered as bold.  Also, a slight rewording was done in
the section describing the DYN_DISABLE_AUTH flag.

Change-Id: I57303ca609436a82162fa9b42c06b0d5a63da6df
Signed-off-by: default avatarJohn Tsichritzis <john.tsichritzis@arm.com>
      677ad32c
  51. 14 May, 2018 1 commit
  53. 07 Apr, 2018 1 commit
    • Jiafei Pan's avatar
      Add support for BL2 in XIP memory · 7d173fc5
      Jiafei Pan authored 
      

In some use-cases BL2 will be stored in eXecute In Place (XIP) memory,
like BL1. In these use-cases, it is necessary to initialize the RW sections
in RAM, while leaving the RO sections in place. This patch enable this
use-case with a new build option, BL2_IN_XIP_MEM. For now, this option
is only supported when BL2_AT_EL3 is 1.
Signed-off-by: default avatarJiafei Pan <Jiafei.Pan@nxp.com>
      7d173fc5
  55. 15 Mar, 2018 1 commit
  57. 13 Mar, 2018 1 commit
  59. 27 Feb, 2018 2 commits
  61. 26 Feb, 2018 1 commit