1. 12 Jul, 2017 1 commit
    • Isla Mitchell's avatar
      Fix order of #includes · 2a4b4b71
      Isla Mitchell authored
      
      
      This fix modifies the order of system includes to meet the ARM TF coding
      standard. There are some exceptions in order to retain header groupings,
      minimise changes to imported headers, and where there are headers within
      the #if and #ifndef statements.
      
      Change-Id: I65085a142ba6a83792b26efb47df1329153f1624
      Signed-off-by: default avatarIsla Mitchell <isla.mitchell@arm.com>
      2a4b4b71
  2. 28 Jun, 2017 1 commit
    • Soby Mathew's avatar
      Add headers to enable CryptoCell integration · bdd1cbf5
      Soby Mathew authored
      
      
      This patch adds header files with required declarations and
      macro definitions to enable integration with CryptoCell SBROM
      version `CC712 – Release 1.0.0.1061`. These headers enable ARM
      Trusted Firmware to build and link with CryptoCell SBROM
      library.
      
      Change-Id: I501eda7fe1429acb61db8e1cab78cc9aee9c1871
      Signed-off-by: default avatarSoby Mathew <soby.mathew@arm.com>
      bdd1cbf5
  3. 15 Jun, 2017 1 commit
  4. 05 Jun, 2017 1 commit
  5. 31 May, 2017 2 commits
  6. 24 May, 2017 1 commit
    • Antonio Nino Diaz's avatar
      mbedtls: Use `tf_snprintf` instead of `snprintf` · ab1794f5
      Antonio Nino Diaz authored
      
      
      The Trusted Firmware uses a subset of the APIs provided by mbed TLS.
      This subset internally uses `snprintf`, but the only format specifier
      used is '%d', which is supported by `tf_snprintf`.
      
      This patch makes mbed TLS use `tf_snprintf` instead of `snprintf`,
      saving 3 KB in both debug and release builds when TBBR is enabled.
      
      Change-Id: I7f992a21015930d7c0f4660e7a28ceefd60b9597
      Signed-off-by: default avatarAntonio Nino Diaz <antonio.ninodiaz@arm.com>
      ab1794f5
  7. 12 May, 2017 1 commit
    • David Cunado's avatar
      mbedtls: Namespace for TF specific macros · b1883510
      David Cunado authored
      
      
      An earlier patch (arm-trusted-firmware#874) migrated MBEDTLS_ suffixed
      macros to have a TBBR_ suffix to avoid any potential clash with future
      mbedtls macros.
      
      But on reflection the TBBR_ suffix could be confusing as the macros
      are used to drive TF-specific configuration of mbedtls. As such
      this patch migrates these macros from TBBR_suffix to TF_MBEDTLS_
      suffix which more accurately conveys their use.
      
      Change-Id: Ic87642b653ceeaa03d62f724976abd5e12e867d4
      Signed-off-by: default avatarDavid Cunado <david.cunado@arm.com>
      b1883510
  8. 03 May, 2017 1 commit
  9. 31 Mar, 2017 1 commit
  10. 22 Mar, 2017 1 commit
    • dp-arm's avatar
      mbedtls: Namespace TF specific macros · 66b4c166
      dp-arm authored
      
      
      These macros are not part of mbed TLS so they should not be prefixed
      with `MBEDTLS_` to avoid potential collision in the future. Use the
      `TBBR_` suffix to highlight that they only used in TF.
      
      `MBEDTLS_KEY_ALG` was not modified because that is documented and used
      by platforms to select the key algorithm.
      
      Change-Id: Ief224681715c481691c80810501830ce16e210b0
      Signed-off-by: default avatardp-arm <dimitris.papastamos@arm.com>
      66b4c166
  11. 23 Jan, 2017 1 commit
  12. 10 Jan, 2017 1 commit
  13. 15 Dec, 2016 1 commit
  14. 14 Dec, 2016 1 commit
  15. 01 Dec, 2016 1 commit
  16. 20 Sep, 2016 1 commit
  17. 12 Aug, 2016 1 commit
    • Haojian Zhuang's avatar
      emmc: support CMD23 · 445b1e70
      Haojian Zhuang authored
      
      
      Support CMD23. When CMD23 is used, CMD12 could be avoided.
      
      Two scenarios:
      1. CMD17 for single block, CMD18 + CMD12 for multiple blocks.
      2. CMD23 + CMD18 for both single block and multiple blocks.
      
      The emmc_init() should initialize whether CMD23 is supported
      or not.
      Signed-off-by: default avatarHaojian Zhuang <haojian.zhuang@linaro.org>
      445b1e70
  18. 27 Jul, 2016 1 commit
    • Soby Mathew's avatar
      GICv3: Fix the GICD_IROUTER offset · 61e30277
      Soby Mathew authored
      This patch fixes the offset of GICD_IROUTER register defined in gicv3.h.
      Although the GICv3 documention mentions that the offset for this register
      is 0x6100-0x7FD8, the offset calculation for an interrupt id `n` is :
      
         0x6000 + 8n, where n >= 32
      
      This requires the offset for GICD_IROUTER to be defined as 0x6000.
      
      Fixes ARM-software/tf-issues#410
      
      Change-Id: If9e91e30d946afe7f1f60fea4f065c7567093fa8
      61e30277
  19. 18 Jul, 2016 1 commit
    • Soby Mathew's avatar
      Rework type usage in Trusted Firmware · 4c0d0390
      Soby Mathew authored
      This patch reworks type usage in generic code, drivers and ARM platform files
      to make it more portable. The major changes done with respect to
      type usage are as listed below:
      
      * Use uintptr_t for storing address instead of uint64_t or unsigned long.
      * Review usage of unsigned long as it can no longer be assumed to be 64 bit.
      * Use u_register_t for register values whose width varies depending on
        whether AArch64 or AArch32.
      * Use generic C types where-ever possible.
      
      In addition to the above changes, this patch also modifies format specifiers
      in print invocations so that they are AArch64/AArch32 agnostic. Only files
      related to upcoming feature development have been reworked.
      
      Change-Id: I9f8c78347c5a52ba7027ff389791f1dad63ee5f8
      4c0d0390
  20. 27 May, 2016 1 commit
    • Caesar Wang's avatar
      gpio: support gpio set/get pull status · 19588982
      Caesar Wang authored
      On some platform gpio can set/get pull status when input, add these
      function so we can set/get gpio pull status when need it. And they are
      optional function.
      19588982
  21. 25 May, 2016 1 commit
    • Soby Mathew's avatar
      CCN: Add API to query the PART0 ID from CCN · 6331a31a
      Soby Mathew authored
      This patch adds the API `ccn_get_part0_id` to query the PART0 ID from the
      PERIPHERAL_ID 0 register in the CCN driver. This ID allows to distinguish
      the variant of CCN present on the system and possibly enable dynamic
      configuration of the IP based on the variant. Also added an assert in
      `ccn_master_to_rn_id_map()` to ensure that the master map bitfield provided
      by the platform is within the expected interface id.
      
      Change-Id: I92d2db7bd93a9be8a7fbe72a522cbcba0aba2d0e
      6331a31a
  22. 20 May, 2016 1 commit
    • Antonio Nino Diaz's avatar
      Implement generic delay timer · 0bcedb22
      Antonio Nino Diaz authored
      Add delay timer implementation based on the system generic counter.
      This either uses the platform's implementation of
      `plat_get_syscnt_freq()` or explicit clock multiplier/divider values
      provided by the platform.
      
      The current implementation of udelay has been modified to avoid
      unnecessary calculations while waiting on the loop and to make it
      easier to check for overflows.
      
      Change-Id: I9062e1d506dc2f68367fd9289250b93444721732
      0bcedb22
  23. 12 May, 2016 1 commit
  24. 27 Apr, 2016 2 commits
    • Haojian Zhuang's avatar
      drivers: add emmc stack · 2da36042
      Haojian Zhuang authored
      
      
      In a lot of embedded platforms, eMMC device is the only one storage
      device. So loading content from eMMC device is required in ATF.
      
      Create the emmc stack that could co-work with IO block driver.
      Support to read/write/erase eMMC blocks on both rpmb and normal
      user area. Support to change the IO speed and bus width.
      Signed-off-by: default avatarHaojian Zhuang <haojian.zhuang@linaro.org>
      2da36042
    • Haojian Zhuang's avatar
      IO: support block device type · 9da7a653
      Haojian Zhuang authored
      
      
      FIP is accessed as memory-mapped type. eMMC is block device type.
      In order to support FIP based on eMMC, add the new io_block layer.
      
      io_block always access eMMC device as block size. And it'll only
      copy the required data into buffer in io_block driver. So preparing
      an temporary buffer is required.
      
      When use io_block device, MAX_IO_BLOCK_DEVICES should be declared
      in platform_def.h. It's used to support multiple block devices.
      Signed-off-by: default avatarHaojian Zhuang <haojian.zhuang@linaro.org>
      9da7a653
  25. 12 Apr, 2016 1 commit
    • Yatharth Kochar's avatar
      Use unsigned long long instead of uintptr_t in TZC400/DMC500 drivers · 9fbdb802
      Yatharth Kochar authored
      Currently the `tzc400_configure_region` and `tzc_dmc500_configure_region`
      functions uses uintptr_t as the data type for `region_top` and `region_base`
      variables, which will be converted to 32/64 bits for AArch32/AArch64
      respectively. But the expectation is to keep these addresses at least 64 bit.
      
      This patch modifies the data types to make it at least 64 bit by using
      unsigned long long instead of uintptr_t for the `region_top` and
      `region_base` variables. It also modifies the associated macros
      `_tzc##fn_name##_write_region_xxx` accordingly.
      
      Change-Id: I4e3c6a8a39ad04205cf0f3bda336c3970b15a28b
      9fbdb802
  26. 01 Apr, 2016 1 commit
  27. 31 Mar, 2016 3 commits
    • Vikram Kanigiri's avatar
      Add ARM CoreLink DMC-500 driver to program TrustZone protection · f568604b
      Vikram Kanigiri authored
      The ARM CoreLink DMC-500 Dynamic Memory Controller provides the
      programmable address region control of a TrustZone Address Space
      Controller. The access permissions can be defined for eight
      separate address regions plus a background or default region.
      This patch adds a DMC-500 driver to define address regions and
      program their access permissions as per ARM 100131_0000_02_en
      (r0p0) document.
      
      Change-Id: I9d33120f9480d742bcf7937e4b876f9d40c727e6
      f568604b
    • Vikram Kanigiri's avatar
      Refactor the ARM CoreLink TZC-400 driver · 6b477063
      Vikram Kanigiri authored
      TrustZone protection can be programmed by both memory and TrustZone
      address space controllers like DMC-500 and TZC-400. These peripherals
      share a similar programmer's view.
      
      Furthermore, it is possible to have multiple instances of each type of
      peripheral in a system resulting in multiple programmer's views.
      For example, on the TZC-400 each of the 4 filter units can be enabled
      or disabled for each region. There is a single set of registers to
      program the region attributes. On the DMC-500, each filter unit has its
      own programmer's view resulting in multiple sets of registers to program
      the region attributes. The layout of the registers is almost the same
      across all these variations.
      
      Hence the existing driver in `tzc400\tzc400.c` is refactored into the
      new driver in `tzc\tzc400.c`. The previous driver file is still maintained
      for compatibility and it is now deprecated.
      
      Change-Id: Ieabd0528e244582875bc7e65029a00517671216d
      6b477063
    • Juan Castillo's avatar
      TBB: add non-volatile counter support · 48279d52
      Juan Castillo authored
      This patch adds support for non-volatile counter authentication to
      the Authentication Module. This method consists of matching the
      counter values provided in the certificates with the ones stored
      in the platform. If the value from the certificate is lower than
      the platform, the boot process is aborted. This mechanism protects
      the system against rollback.
      
      The TBBR CoT has been updated to include this method as part of the
      authentication process. Two counters are used: one for the trusted
      world images and another for the non trusted world images.
      
      ** NEW PLATFORM APIs (mandatory when TBB is enabled) **
      
      int plat_get_nv_ctr(void *cookie, unsigned int *nv_ctr);
      
          This API returns the non-volatile counter value stored
          in the platform. The cookie in the first argument may be
          used to select the counter in case the platform provides
          more than one (i.e. TBSA compliant platforms must provide
          trusted and non-trusted counters). This cookie is specified
          in the CoT.
      
      int plat_set_nv_ctr(void *cookie, unsigned int nv_ctr);
      
          This API sets a new counter value. The cookie may be
          used to select the counter to be updated.
      
      An implementation of these new APIs for ARM platforms is also
      provided. The values are obtained from the Trusted Non-Volatile
      Counters peripheral. The cookie is used to pass the extension OID.
      This OID may be interpreted by the platform to know which counter
      must return. On Juno, The trusted and non-trusted counter values
      have been tied to 31 and 223, respectively, and cannot be modified.
      
      ** IMPORTANT **
      
      THIS PATCH BREAKS THE BUILD WHEN TRUSTED_BOARD_BOOT IS ENABLED. THE
      NEW PLATFORM APIs INTRODUCED IN THIS PATCH MUST BE IMPLEMENTED IN
      ORDER TO SUCCESSFULLY BUILD TF.
      
      Change-Id: Ic943b76b25f2a37f490eaaab6d87b4a8b3cbc89a
      48279d52
  28. 12 Feb, 2016 2 commits
  29. 09 Feb, 2016 2 commits
    • Soby Mathew's avatar
      Move private APIs in gic_common.h to a private header · e9ec3cec
      Soby Mathew authored
      This patch moves the private GIC common accessors from `gic_common.h` to
      a new private header file `gic_common_private.h`. This patch also adds
      additional comments to GIC register accessors to highlight the fact
      that some of them access register values that correspond to multiple
      interrupt IDs. The convention used is that the `set`, `get` and `clr`
      accessors access and modify the values corresponding to a single interrupt
      ID whereas the `read` and `write` GIC register accessors access the raw
      GIC registers and it could correspond to multiple interrupt IDs depending
      on the register accessed.
      
      Change-Id: I2643ecb2533f01e3d3219fcedfb5f80c120622f9
      e9ec3cec
    • Soby Mathew's avatar
      Fix GIC_IPRIORITYR setting in new drivers · 38a78614
      Soby Mathew authored
      The code to set the interrupt priority for secure interrupts in the
      new GICv2 and GICv3 drivers is incorrect. The setup code to configure
      interrupt priorities of secure interrupts, one interrupt at a time, used
      gicd_write_ipriorityr()/gicr_write_ipriority() function affecting
      4 interrupts at a time. This bug did not manifest itself because all the
      secure interrupts were configured to the highest secure priority(0) during
      cold boot and the adjacent non secure interrupt priority would be configured
      later by the normal world. This patch introduces new accessors,
      gicd_set_ipriorityr() and gicr_set_ipriorityr(), for configuring priority
      one interrupt at a time and fixes the the setup code to use the new
      accessors.
      
      Fixes ARM-software/tf-issues#344
      
      Change-Id: I470fd74d2b7fce7058b55d83f604be05a27e1341
      38a78614
  30. 21 Jan, 2016 1 commit
    • Juan Castillo's avatar
      Disable PL011 UART before configuring it · 9400b40e
      Juan Castillo authored
      The PL011 TRM (ARM DDI 0183G) specifies that the UART must be
      disabled before any of the control registers are programmed. The
      PL011 driver included in TF does not disable the UART, so the
      initialization in BL2 and BL31 is violating this requirement
      (and potentially in BL1 if the UART is enabled after reset).
      
      This patch modifies the initialization function in the PL011
      console driver to disable the UART before programming the
      control registers.
      
      Register clobber list and documentation updated.
      
      Fixes ARM-software/tf-issues#300
      
      Change-Id: I839b2d681d48b03f821ac53663a6a78e8b30a1a1
      9400b40e
  31. 14 Jan, 2016 2 commits
  32. 13 Jan, 2016 1 commit
    • Soby Mathew's avatar
      Rearrange fields in TF data structures to reduce padding · b313d755
      Soby Mathew authored
      This patch rearranges fields of the `image_desc_t` & `auth_img_desc_t`
      data structures to reduce padding between the fields and thereby
      save memory.
      
      NOTE: Platform ports which anonymously initialize these structures
      should be aware of the rearrangement and do the required
      modification.
      
      Change-Id: I428b5429632797b31d5bd306174599c07e24c060
      b313d755
  33. 05 Jan, 2016 1 commit
    • Sandrine Bailleux's avatar
      Always build with '-pedantic' · aa856917
      Sandrine Bailleux authored
      By default ARM TF is built with the '-pedantic' compiler flag, which
      helps detecting violations of the C standard. However, the mbed TLS
      library and its associated authentication module in TF used to fail
      building with this compiler flag. As a workaround, the mbed TLS
      authentication module makefile used to set the 'DISABLE_PEDANTIC'
      TF build flag.
      
      The compiler errors flagged by '-pedantic' in the mbed TLS library
      have been fixed between versions 1.3.9 and 2.2.0 and the library now
      properly builds with this compiler flag.
      
      This patch fixes the remaining compiler errors in the mbed TLS
      authentication module in TF and unsets the 'DISABLE_PEDANTIC' TF
      build flag. This means that TF is now always built with '-pedantic'.
      
      In particular, this patch:
      
       * Removes the final semi-colon in REGISTER_COT() macro.
      
         This semi-colon was causing the following error message:
      
         drivers/auth/tbbr/tbbr_cot.c:544:23: error: ISO C does not allow
         extra ';' outside of a function [-Werror=pedantic]
      
         This has been fixed both in the mbed TLS authentication module
         as well as in the certificate generation tool. Note that the latter
         code didn't need fixing since it is not built with '-pedantic' but
         the change has been propagated for consistency.
      
         Also fixed the REGISTER_KEYS() and REGISTER_EXTENSIONS() macros,
         which were suffering from the same issue.
      
       * Fixes a pointer type.
      
         It was causing the following error message:
      
         drivers/auth/mbedtls/mbedtls_crypto.c: In function 'verify_hash':
         drivers/auth/mbedtls/mbedtls_crypto.c:177:42: error: pointer of
         type 'void *' used in arithmetic [-Werror=pointer-arith]
      
      Change-Id: I7b7a04ef711efd65e17b5be26990d1a0d940257d
      aa856917