- 31 Mar, 2016 3 commits
-
-
Vikram Kanigiri authored
The ARM CoreLink DMC-500 Dynamic Memory Controller provides the programmable address region control of a TrustZone Address Space Controller. The access permissions can be defined for eight separate address regions plus a background or default region. This patch adds a DMC-500 driver to define address regions and program their access permissions as per ARM 100131_0000_02_en (r0p0) document. Change-Id: I9d33120f9480d742bcf7937e4b876f9d40c727e6
-
Soby Mathew authored
This patch migrates ARM Standard platforms to the refactored TZC driver. Change-Id: I2a2f60b645f73e14d8f416740c4551cec87cb1fb
-
Vikram Kanigiri authored
TrustZone protection can be programmed by both memory and TrustZone address space controllers like DMC-500 and TZC-400. These peripherals share a similar programmer's view. Furthermore, it is possible to have multiple instances of each type of peripheral in a system resulting in multiple programmer's views. For example, on the TZC-400 each of the 4 filter units can be enabled or disabled for each region. There is a single set of registers to program the region attributes. On the DMC-500, each filter unit has its own programmer's view resulting in multiple sets of registers to program the region attributes. The layout of the registers is almost the same across all these variations. Hence the existing driver in `tzc400\tzc400.c` is refactored into the new driver in `tzc\tzc400.c`. The previous driver file is still maintained for compatibility and it is now deprecated. Change-Id: Ieabd0528e244582875bc7e65029a00517671216d
-
- 22 Mar, 2016 1 commit
-
-
Soby Mathew authored
The assembler helper function `print_revision_warning` is used when a CPU specific operation is enabled in the debug build (e.g. an errata workaround) but doesn't apply to the executing CPU's revision/part number. However, in some cases the system integrator may want a single binary to support multiple platforms with different IP versions, only some of which contain a specific erratum. In this case, the warning can be emitted very frequently when CPUs are being powered on/off. This patch modifies this warning print behaviour so that it is emitted only when LOG_LEVEL >= LOG_LEVEL_VERBOSE. The `debug.h` header file now contains guard macros so that it can be included in assembly code. Change-Id: Ic6e7a07f128dcdb8498a5bfdae920a8feeea1345
-
- 14 Mar, 2016 1 commit
-
-
Antonio Nino Diaz authored
Added a new platform porting function plat_panic_handler, to allow platforms to handle unexpected error situations. It must be implemented in assembly as it may be called before the C environment is initialized. A default implementation is provided, which simply spins. Corrected all dead loops in generic code to call this function instead. This includes the dead loop that occurs at the end of the call to panic(). All unnecesary wfis from bl32/tsp/aarch64/tsp_exceptions.S have been removed. Change-Id: I67cb85f6112fa8e77bd62f5718efcef4173d8134
-
- 07 Mar, 2016 1 commit
-
-
Antonio Nino Diaz authored
The previous reset code in BL1 performed the following steps in order: 1. Warm/Cold boot detection. If it's a warm boot, jump to warm boot entrypoint. 2. Primary/Secondary CPU detection. If it's a secondary CPU, jump to plat_secondary_cold_boot_setup(), which doesn't return. 3. CPU initialisations (cache, TLB...). 4. Memory and C runtime initialization. For a secondary CPU, steps 3 and 4 are never reached. This shouldn't be a problem in most cases, since current implementations of plat_secondary_cold_boot_setup() either panic or power down the secondary CPUs. The main concern is the lack of secondary CPU initialization when bare metal EL3 payloads are used in case they don't take care of this initialisation themselves. This patch moves the detection of primary/secondary CPU after step 3 so that the CPU initialisations are performed per-CPU, while the memory and the C runtime initialisation are only performed on the primary CPU. The diagrams used in the ARM Trusted Firmware Reset Design documentation file have been updated to reflect the new boot flow. Platforms ports might be affected by this patch depending on the behaviour of plat_secondary_cold_boot_setup(), as the state of the platform when entering this function will be different. Fixes ARM-software/tf-issues#342 Change-Id: Icbf4a0ee2a3e5b856030064472f9fa6696f2eb9e
-
- 03 Mar, 2016 1 commit
-
-
Sandrine Bailleux authored
At the moment, the memory translation library allows to create memory mappings of 2 types: - Device nGnRE memory (named MT_DEVICE in the library); - Normal, Inner Write-back non-transient, Outer Write-back non-transient memory (named MT_MEMORY in the library). As a consequence, the library code treats the memory type field as a boolean: everything that is not device memory is normal memory and vice-versa. In reality, the ARMv8 architecture allows up to 8 types of memory to be used at a single time for a given exception level. This patch reworks the memory attributes such that the memory type is now defined as an integer ranging from 0 to 7 instead of a boolean. This makes it possible to extend the list of memory types supported by the memory translation library. The priority system dictating memory attributes for overlapping memory regions has been extended to cope with these changes but the algorithm at its core has been preserved. When a memory region is re-mapped with different memory attributes, the memory translation library examines the former attributes and updates them only if the new attributes create a more restrictive mapping. This behaviour is unchanged, only the manipulation of the value has been modified to cope with the new format. This patch also introduces a new type of memory mapping in the memory translation library: MT_NON_CACHEABLE, meaning Normal, Inner Non-cacheable, Outer Non-cacheable memory. This can be useful to map a non-cacheable memory region, such as a DMA buffer for example. The rules around the Execute-Never (XN) bit in a translation table for an MT_NON_CACHEABLE memory mapping have been aligned on the rules used for MT_MEMORY mappings: - If the memory is read-only then it is also executable (XN = 0); - If the memory is read-write then it is not executable (XN = 1). The shareability field for MT_NON_CACHEABLE mappings is always set as 'Outer-Shareable'. Note that this is not strictly needed since shareability is only relevant if the memory is a Normal Cacheable memory type, but this is to align with the existing device memory mappings setup. All Device and Normal Non-cacheable memory regions are always treated as Outer Shareable, regardless of the translation table shareability attributes. This patch also removes the 'ATTR_SO' and 'ATTR_SO_INDEX' #defines. They were introduced to map memory as Device nGnRnE (formerly called "Strongly-Ordered" memory in the ARMv7 architecture) but were not used anywhere in the code base. Removing them avoids any confusion about the memory types supported by the library. Upstream platforms do not currently use the MT_NON_CACHEABLE memory type. NOTE: THIS CHANGE IS SOURCE COMPATIBLE BUT PLATFORMS THAT RELY ON THE BINARY VALUES OF `mmap_attr_t` or the `attr` argument of `mmap_add_region()` MAY BE BROKEN. Change-Id: I717d6ed79b4c845a04e34132432f98b93d661d79
-
- 22 Feb, 2016 2 commits
-
-
Yatharth Kochar authored
This patch fixes inconsistencies in bl1_tbbr_image_descs[] and miscellaneous fixes in Firmware Update code. Following are the changes: * As part of the original FWU changes, a `copied_size` field was added to `image_info_t`. This was a subtle binary compatibility break because it changed the size of the `bl31_params_t` struct, which could cause problems if somebody used different versions of BL2 or BL31, one with the old `image_info_t` and one with the new version. This patch put the `copied_size` within the `image_desc_t`. * EXECUTABLE flag is now stored in `ep_info.h.attr` in place of `image_info.h.attr`, associating it to an entrypoint. * The `image_info.image_base` is only relevant for secure images that are copied from non-secure memory into secure memory. This patch removes initializing `image_base` for non secure images in the bl1_tbbr_image_descs[]. * A new macro `SET_STATIC_PARAM_HEAD` is added for populating bl1_tbbr_image_descs[].ep_info/image_info.h members statically. The version, image_type and image attributes are now populated using this new macro. * Added PLAT_ARM_NVM_BASE and PLAT_ARM_NVM_SIZE to avoid direct usage of V2M_FLASH0_XXX in plat/arm/common/arm_bl1_fwu.c. * Refactoring of code/macros related to SECURE and EXECUTABLE flags. NOTE: PLATFORM PORTS THAT RELY ON THE SIZE OF `image_info_t` OR USE the "EXECUTABLE" BIT WITHIN `image_info_t.h.attr` OR USE THEIR OWN `image_desc_t` ARRAY IN BL1, MAY BE BROKEN BY THIS CHANGE. THIS IS CONSIDERED UNLIKELY. Change-Id: Id4e5989af7bf0ed263d19d3751939da1169b561d
-
Vikram Kanigiri authored
`board_arm_def.h` contains multiple definitions of `PLAT_ARM_MMAP_ENTRIES` and `MAX_XLAT_TABLES` that are optimised for memory usage depending upon the chosen build configuration. To ease maintenance of these constants, this patch replaces their multiple definitions with a single set of definitions that will work on all ARM platforms. Platforms can override the defaults with optimal values by enabling the `ARM_BOARD_OPTIMISE_MMAP` build option. An example has been provided in the Juno ADP port. Additionally, `PLAT_ARM_MMAP_ENTRIES` is increased by one to accomodate future ARM platforms. Change-Id: I5ba6490fdd1e118cc9cc2d988ad7e9c38492b6f0
-
- 19 Feb, 2016 1 commit
-
-
Soby Mathew authored
The common topology description helper funtions and macros for ARM Standard platforms assumed a dual cluster system. This is not flexible enough to scale to multi cluster platforms. This patch does the following changes for more flexibility in defining topology: 1. The `plat_get_power_domain_tree_desc()` definition is moved from `arm_topology.c` to platform specific files, that is `fvp_topology.c` and `juno_topology.c`. Similarly the common definition of the porting macro `PLATFORM_CORE_COUNT` in `arm_def.h` is moved to platform specific `platform_def.h` header. 2. The ARM common layer porting macros which were dual cluster specific are now removed and a new macro PLAT_ARM_CLUSTER_COUNT is introduced which must be defined by each ARM standard platform. 3. A new mandatory ARM common layer porting API `plat_arm_get_cluster_core_count()` is introduced to enable the common implementation of `arm_check_mpidr()` to validate MPIDR. 4. For the FVP platforms, a new build option `FVP_NUM_CLUSTERS` has been introduced which allows the user to specify the cluster count to be used to build the topology tree within Trusted Firmare. This enables Trusted Firmware to be built for multi cluster FVP models. Change-Id: Ie7a2e38e5661fe2fdb2c8fdf5641d2b2614c2b6b
-
- 18 Feb, 2016 1 commit
-
-
Juan Castillo authored
The shared memory region on ARM platforms contains the mailboxes and, on Juno, the payload area for communication with the SCP. This shared memory may be configured as normal memory or device memory at build time by setting the platform flag 'PLAT_ARM_SHARED_RAM_CACHED' (on Juno, the value of this flag is defined by 'MHU_PAYLOAD_CACHED'). When set as normal memory, the platform port performs the corresponding cache maintenance operations. From a functional point of view, this is the equivalent of setting the shared memory as device memory, so there is no need to maintain both options. This patch removes the option to specify the shared memory as normal memory on ARM platforms. Shared memory is always treated as device memory. Cache maintenance operations are no longer needed and have been replaced by data memory barriers to guarantee that payload and MHU are accessed in the right order. Change-Id: I7f958621d6a536dd4f0fa8768385eedc4295e79f
-
- 16 Feb, 2016 2 commits
-
-
Vikram Kanigiri authored
ARM Trusted Firmware supports 2 different interconnect peripheral drivers: CCI and CCN. ARM platforms are implemented using either of the interconnect peripherals. This patch adds a layer of abstraction to help ARM platform ports to choose the right interconnect driver and corresponding platform support. This is as described below: 1. A set of ARM common functions have been implemented to initialise an interconnect and for entering/exiting a cluster from coherency. These functions are prefixed as "plat_arm_interconnect_". Weak definitions of these functions have been provided for each type of driver. 2.`plat_print_interconnect_regs` macro used for printing CCI registers is moved from a common arm_macros.S to cci_macros.S. 3. The `ARM_CONFIG_HAS_CCI` flag used in `arm_config_flags` structure is renamed to `ARM_CONFIG_HAS_INTERCONNECT`. Change-Id: I02f31184fbf79b784175892d5ce1161b65a0066c
-
Vikram Kanigiri authored
Current code mandates loading of SCP_BL2/SCP_BL2U images for all CSS platforms. On future ARM CSS platforms, the Application Processor (AP) might not need to load these images. So, these items can be removed from the FIP on those platforms. BL2 tries to load SCP_BL2/SCP_BL2U images if their base addresses are defined causing boot error if the images are not found in FIP. This change adds a make flag `CSS_LOAD_SCP_IMAGES` which if set to `1` does: 1. Adds SCP_BL2, SCP_BL2U images to FIP. 2. Defines the base addresses of these images so that AP loads them. And vice-versa if it is set to `0`. The default value is set to `1`. Change-Id: I5abfe22d5dc1e9d80d7809acefc87b42a462204a
-
- 15 Feb, 2016 2 commits
-
-
Vikram Kanigiri authored
Current code assumes `SCP_COM_SHARED_MEM_BASE` as the base address for BOM/SCPI protocol between AP<->SCP on all CSS platforms. To cater for future ARM platforms this is made platform specific. Similarly, the bit shifts of `SCP_BOOT_CONFIG_ADDR` are also made platform specific. Change-Id: Ie8866c167abf0229a37b3c72576917f085c142e8
-
Vikram Kanigiri authored
Functions to configure the MMU in S-EL1 and EL3 on ARM platforms expect each platform to export its memory map in the `plat_arm_mmap` data structure. This approach does not scale well in case the memory map cannot be determined until runtime. To cater for this possibility, this patch introduces the plat_arm_get_mmap() API. It returns a reference to the `plat_arm_mmap` by default but can be overridden by a platform if required. Change-Id: Idae6ad8fdf40cdddcd8b992abc188455fa047c74
-
- 12 Feb, 2016 2 commits
-
-
Haojian Zhuang authored
Add PL061 GPIO driver that is depend on gpio framework. Signed-off-by: Haojian Zhuang <haojian.zhuang@linaro.org>
-
Haojian Zhuang authored
Define the gpio ops in gpio driver. Signed-off-by: Haojian Zhuang <haojian.zhuang@linaro.org>
-
- 11 Feb, 2016 2 commits
-
-
Vikram Kanigiri authored
Each ARM Compute Subsystem based platform implements a System Security Control (SSC) Registers Unit. The SSC_VERSION register inside it carries information to identify the platform. This enables ARM Trusted Firmware to compile in support for multiple ARM platforms and choose one at runtime. This patch adds macros to enable access to this register. Each platform is expected to export its PART_NUMBER separately. Additionally, it also adds juno part number. Change-Id: I2b1d5f5b65a9c7b76c6f64480cc7cf0aef019422
-
Vikram Kanigiri authored
This patch moves the definition of some macros used only on ARM platforms from common headers to platform specific headers. It also forces all ARM standard platforms to have distinct definitions (even if they are usually the same). 1. `PLAT_ARM_TZC_BASE` and `PLAT_ARM_NSTIMER_FRAME_ID` have been moved from `css_def.h` to `platform_def.h`. 2. `MHU_BASE` used in CSS platforms is moved from common css_def.h to platform specific header `platform_def.h` on Juno and renamed as `PLAT_ARM_MHU_BASE`. 3. To cater for different sizes of BL images, new macros like `PLAT_ARM_MAX_BL31_SIZE` have been created for each BL image. All ARM platforms need to define them for each image. Change-Id: I9255448bddfad734b387922aa9e68d2117338c3f
-
- 09 Feb, 2016 2 commits
-
-
Soby Mathew authored
This patch moves the private GIC common accessors from `gic_common.h` to a new private header file `gic_common_private.h`. This patch also adds additional comments to GIC register accessors to highlight the fact that some of them access register values that correspond to multiple interrupt IDs. The convention used is that the `set`, `get` and `clr` accessors access and modify the values corresponding to a single interrupt ID whereas the `read` and `write` GIC register accessors access the raw GIC registers and it could correspond to multiple interrupt IDs depending on the register accessed. Change-Id: I2643ecb2533f01e3d3219fcedfb5f80c120622f9
-
Soby Mathew authored
The code to set the interrupt priority for secure interrupts in the new GICv2 and GICv3 drivers is incorrect. The setup code to configure interrupt priorities of secure interrupts, one interrupt at a time, used gicd_write_ipriorityr()/gicr_write_ipriority() function affecting 4 interrupts at a time. This bug did not manifest itself because all the secure interrupts were configured to the highest secure priority(0) during cold boot and the adjacent non secure interrupt priority would be configured later by the normal world. This patch introduces new accessors, gicd_set_ipriorityr() and gicr_set_ipriorityr(), for configuring priority one interrupt at a time and fixes the the setup code to use the new accessors. Fixes ARM-software/tf-issues#344 Change-Id: I470fd74d2b7fce7058b55d83f604be05a27e1341
-
- 08 Feb, 2016 1 commit
-
-
Sandrine Bailleux authored
The LDNP/STNP instructions as implemented on Cortex-A53 and Cortex-A57 do not behave in a way most programmers expect, and will most probably result in a significant speed degradation to any code that employs them. The ARMv8-A architecture (see Document ARM DDI 0487A.h, section D3.4.3) allows cores to ignore the non-temporal hint and treat LDNP/STNP as LDP/STP instead. This patch introduces 2 new build flags: A53_DISABLE_NON_TEMPORAL_HINT and A57_DISABLE_NON_TEMPORAL_HINT to enforce this behaviour on Cortex-A53 and Cortex-A57. They are enabled by default. The string printed in debug builds when a specific CPU errata workaround is compiled in but skipped at runtime has been generalised, so that it can be reused for the non-temporal hint use case as well. Change-Id: I3e354f4797fd5d3959872a678e160322b13867a1
-
- 01 Feb, 2016 1 commit
-
-
Soby Mathew authored
The debug prints used to debug translation table setup in xlat_tables.c used the `printf()` standard library function instead of the stack optimized `tf_printf()` API. DEBUG_XLAT_TABLE option was used to enable debug logs within xlat_tables.c and it configured a much larger stack size for the platform in case it was enabled. This patch modifies these debug prints within xlat_tables.c to use tf_printf() and modifies the format specifiers to be compatible with tf_printf(). The debug prints are now enabled if the VERBOSE prints are enabled in Trusted Firmware via LOG_LEVEL build option. The much larger stack size definition when DEBUG_XLAT_TABLE is defined is no longer required and the platform ports are modified to remove this stack size definition. Change-Id: I2f7d77ea12a04b827fa15e2adc3125b1175e4c23
-
- 21 Jan, 2016 1 commit
-
-
Juan Castillo authored
The PL011 TRM (ARM DDI 0183G) specifies that the UART must be disabled before any of the control registers are programmed. The PL011 driver included in TF does not disable the UART, so the initialization in BL2 and BL31 is violating this requirement (and potentially in BL1 if the UART is enabled after reset). This patch modifies the initialization function in the PL011 console driver to disable the UART before programming the control registers. Register clobber list and documentation updated. Fixes ARM-software/tf-issues#300 Change-Id: I839b2d681d48b03f821ac53663a6a78e8b30a1a1
-
- 20 Jan, 2016 1 commit
-
-
Soren Brinkmann authored
Use the form with underscores to define the '__deprecated' macro to avoid collisions with potentially defined macros, as suggested in gcc docs (https://gcc.gnu.org/onlinedocs/gcc/Attribute-Syntax.html#Attribute-Syntax ). Signed-off-by: Soren Brinkmann <soren.brinkmann@xilinx.com>
-
- 14 Jan, 2016 3 commits
-
-
Soren Brinkmann authored
Migrate all direct usage of __attribute__ to usage of their corresponding macros from cdefs.h. e.g.: - __attribute__((unused)) -> __unused Signed-off-by: Soren Brinkmann <soren.brinkmann@xilinx.com>
-
Soren Brinkmann authored
Use the new __deprecated macro from the generic cdefs header and remove the deprecated __warn_deprecated. Signed-off-by: Soren Brinkmann <soren.brinkmann@xilinx.com>
-
Soren Brinkmann authored
Introduce a macro to mark functions as deprecated. Signed-off-by: Soren Brinkmann <soren.brinkmann@xilinx.com>
-
- 13 Jan, 2016 2 commits
-
-
Soby Mathew authored
This patch rearranges fields of the `image_desc_t` & `auth_img_desc_t` data structures to reduce padding between the fields and thereby save memory. NOTE: Platform ports which anonymously initialize these structures should be aware of the rearrangement and do the required modification. Change-Id: I428b5429632797b31d5bd306174599c07e24c060
-
Soby Mathew authored
This patch changes the anonymous initialization of `rt_svc_desc_t` structure by the `DECLARE_RT_SVC` macro to designated initialization. This makes the code more robust and less sensitive to potential changes to the `rt_svc_desc_t` structure. Change-Id: If6f1586730c0d29d92ef09e07eff7dd0d22857c7
-
- 12 Jan, 2016 1 commit
-
-
Sandrine Bailleux authored
This patch adds support for ARM Cortex-A35 processor in the CPU specific framework, as described in the Cortex-A35 TRM (r0p0). Change-Id: Ief930a0bdf6cd82f6cb1c3b106f591a71c883464
-
- 05 Jan, 2016 1 commit
-
-
Sandrine Bailleux authored
By default ARM TF is built with the '-pedantic' compiler flag, which helps detecting violations of the C standard. However, the mbed TLS library and its associated authentication module in TF used to fail building with this compiler flag. As a workaround, the mbed TLS authentication module makefile used to set the 'DISABLE_PEDANTIC' TF build flag. The compiler errors flagged by '-pedantic' in the mbed TLS library have been fixed between versions 1.3.9 and 2.2.0 and the library now properly builds with this compiler flag. This patch fixes the remaining compiler errors in the mbed TLS authentication module in TF and unsets the 'DISABLE_PEDANTIC' TF build flag. This means that TF is now always built with '-pedantic'. In particular, this patch: * Removes the final semi-colon in REGISTER_COT() macro. This semi-colon was causing the following error message: drivers/auth/tbbr/tbbr_cot.c:544:23: error: ISO C does not allow extra ';' outside of a function [-Werror=pedantic] This has been fixed both in the mbed TLS authentication module as well as in the certificate generation tool. Note that the latter code didn't need fixing since it is not built with '-pedantic' but the change has been propagated for consistency. Also fixed the REGISTER_KEYS() and REGISTER_EXTENSIONS() macros, which were suffering from the same issue. * Fixes a pointer type. It was causing the following error message: drivers/auth/mbedtls/mbedtls_crypto.c: In function 'verify_hash': drivers/auth/mbedtls/mbedtls_crypto.c:177:42: error: pointer of type 'void *' used in arithmetic [-Werror=pointer-arith] Change-Id: I7b7a04ef711efd65e17b5be26990d1a0d940257d
-
- 21 Dec, 2015 1 commit
-
-
Sandrine Bailleux authored
Change-Id: I6f49bd779f2a4d577c6443dd160290656cdbc59b
-
- 15 Dec, 2015 1 commit
-
-
Dan Handley authored
The current FWU_SMC_UPDATE_DONE implementation incorrectly passes an unused framework cookie through to the 1st argument in the platform function `bl1_plat_fwu_done`. The intent is to allow the SMC caller to pass a cookie through to this function. This patch fixes FWU_SMC_UPDATE_DONE to pass x1 from the caller through to `bl1_plat_fwu_done`. The argument names are updated for clarity. Upstream platforms currently do not use this argument so no impact is expected. Change-Id: I107f4b51eb03e7394f66d9a534ffab1cbc09a9b2
-
- 14 Dec, 2015 3 commits
-
-
Juan Castillo authored
This patch removes the dash character from the image name, to follow the image terminology in the Trusted Firmware Wiki page: https://github.com/ARM-software/arm-trusted-firmware/wiki Changes apply to output messages, comments and documentation. non-ARM platform files have been left unmodified. Change-Id: Ic2a99be4ed929d52afbeb27ac765ceffce46ed76
-
Juan Castillo authored
This patch replaces all references to the SCP Firmware (BL0, BL30, BL3-0, bl30) with the image terminology detailed in the TF wiki (https://github.com/ARM-software/arm-trusted-firmware/wiki): BL0 --> SCP_BL1 BL30, BL3-0 --> SCP_BL2 bl30 --> scp_bl2 This change affects code, documentation, build system, tools and platform ports that load SCP firmware. ARM plaforms have been updated to the new porting API. IMPORTANT: build option to specify the SCP FW image has changed: BL30 --> SCP_BL2 IMPORTANT: This patch breaks compatibility for platforms that use BL2 to load SCP firmware. Affected platforms must be updated as follows: BL30_IMAGE_ID --> SCP_BL2_IMAGE_ID BL30_BASE --> SCP_BL2_BASE bl2_plat_get_bl30_meminfo() --> bl2_plat_get_scp_bl2_meminfo() bl2_plat_handle_bl30() --> bl2_plat_handle_scp_bl2() Change-Id: I24c4c1a4f0e4b9f17c9e4929da815c4069549e58
-
Juan Castillo authored
This patch applies the TBBR naming convention to the certificates and the corresponding extensions defined by the CoT: * Certificate UUID names * Certificate identifier names * OID names Changes apply to: * Generic code (variables and defines) * The default certificate identifiers provided in the generic code * Build system * ARM platforms port * cert_create tool internal definitions * fip_create and cert_create tools command line options * Documentation IMPORTANT: this change breaks the compatibility with platforms that use TBBR. The platform will need to adapt the identifiers and OIDs to the TBBR naming convention introduced by this patch: Certificate UUIDs: UUID_TRUSTED_BOOT_FIRMWARE_BL2_CERT --> UUID_TRUSTED_BOOT_FW_CERT UUID_SCP_FIRMWARE_BL30_KEY_CERT --> UUID_SCP_FW_KEY_CERT UUID_SCP_FIRMWARE_BL30_CERT --> UUID_SCP_FW_CONTENT_CERT UUID_EL3_RUNTIME_FIRMWARE_BL31_KEY_CERT --> UUID_SOC_FW_KEY_CERT UUID_EL3_RUNTIME_FIRMWARE_BL31_CERT --> UUID_SOC_FW_CONTENT_CERT UUID_SECURE_PAYLOAD_BL32_KEY_CERT --> UUID_TRUSTED_OS_FW_KEY_CERT UUID_SECURE_PAYLOAD_BL32_CERT --> UUID_TRUSTED_OS_FW_CONTENT_CERT UUID_NON_TRUSTED_FIRMWARE_BL33_KEY_CERT --> UUID_NON_TRUSTED_FW_KEY_CERT UUID_NON_TRUSTED_FIRMWARE_BL33_CERT --> UUID_NON_TRUSTED_FW_CONTENT_CERT Certificate identifiers: BL2_CERT_ID --> TRUSTED_BOOT_FW_CERT_ID BL30_KEY_CERT_ID --> SCP_FW_KEY_CERT_ID BL30_CERT_ID --> SCP_FW_CONTENT_CERT_ID BL31_KEY_CERT_ID --> SOC_FW_KEY_CERT_ID BL31_CERT_ID --> SOC_FW_CONTENT_CERT_ID BL32_KEY_CERT_ID --> TRUSTED_OS_FW_KEY_CERT_ID BL32_CERT_ID --> TRUSTED_OS_FW_CONTENT_CERT_ID BL33_KEY_CERT_ID --> NON_TRUSTED_FW_KEY_CERT_ID BL33_CERT_ID --> NON_TRUSTED_FW_CONTENT_CERT_ID OIDs: TZ_FW_NVCOUNTER_OID --> TRUSTED_FW_NVCOUNTER_OID NTZ_FW_NVCOUNTER_OID --> NON_TRUSTED_FW_NVCOUNTER_OID BL2_HASH_OID --> TRUSTED_BOOT_FW_HASH_OID TZ_WORLD_PK_OID --> TRUSTED_WORLD_PK_OID NTZ_WORLD_PK_OID --> NON_TRUSTED_WORLD_PK_OID BL30_CONTENT_CERT_PK_OID --> SCP_FW_CONTENT_CERT_PK_OID BL30_HASH_OID --> SCP_FW_HASH_OID BL31_CONTENT_CERT_PK_OID --> SOC_FW_CONTENT_CERT_PK_OID BL31_HASH_OID --> SOC_AP_FW_HASH_OID BL32_CONTENT_CERT_PK_OID --> TRUSTED_OS_FW_CONTENT_CERT_PK_OID BL32_HASH_OID --> TRUSTED_OS_FW_HASH_OID BL33_CONTENT_CERT_PK_OID --> NON_TRUSTED_FW_CONTENT_CERT_PK_OID BL33_HASH_OID --> NON_TRUSTED_WORLD_BOOTLOADER_HASH_OID BL2U_HASH_OID --> AP_FWU_CFG_HASH_OID SCP_BL2U_HASH_OID --> SCP_FWU_CFG_HASH_OID NS_BL2U_HASH_OID --> FWU_HASH_OID Change-Id: I1e047ae046299ca913911c39ac3a6e123bd41079
-
- 10 Dec, 2015 2 commits
-
-
Juan Castillo authored
The mbed TLS library has introduced some changes in the API from the 1.3.x to the 2.x releases. Using the 2.x releases requires some changes to the crypto and transport modules. This patch updates both modules to the mbed TLS 2.x API. All references to the mbed TLS library in the code or documentation have been updated to 'mbed TLS'. Old references to PolarSSL have been updated to 'mbed TLS'. User guide updated to use mbed TLS 2.2.0. NOTE: moving up to mbed TLS 2.x from 1.3.x is not backward compatible. Applying this patch will require an mbed TLS 2.x release to be used. Also note that the mbed TLS license changed to Apache version 2.0. Change-Id: Iba4584408653cf153091f2ca2ee23bc9add7fda4
-
Juan Castillo authored
The Server Base System Architecture document (ARM-DEN-0029) specifies a generic UART device. The programmer's view of this generic UART is a subset of the ARM PL011 UART. However, the current PL011 driver in Trusted Firmware uses some features that are outside the generic UART specification. This patch modifies the PL011 driver to exclude features outside the SBSA generic UART specification by setting the boolean build option 'PL011_GENERIC_UART=1'. Default value is 0 (use full PL011 features). User guide updated. Fixes ARM-software/tf-issues#216 Change-Id: I6e0eb86f9d69569bc3980fb57e70d6da5d91a737
-
- 09 Dec, 2015 1 commit
-
-
Yatharth Kochar authored
Firmware Update (FWU) introduces a new set of images called SCP_BL2U, BL2U and NS_BL2U, which can be packed in a FWU FIP file. This patch introduces new UUIDs for the Firmware Update images and extends the 'fip'create' tool so that these new images can be packed in a FIP file. Change-Id: I7c60211b4f3cc265411efb131e6d3c624768f522
-