davidcunado-arm [Wed, 24 Jan 2018 14:31:53 +0000 (14:31 +0000)]
Merge pull request #1193 from jwerner-chromium/JW_coreboot
New console API and coreboot support [v4]
davidcunado-arm [Wed, 24 Jan 2018 12:31:06 +0000 (12:31 +0000)]
Merge pull request #1233 from soby-mathew/sm/rm_uniphier_override
Allow API deprecation for uniphier platform
Soby Mathew [Fri, 10 Nov 2017 12:08:46 +0000 (12:08 +0000)]
Allow API deprecation for uniphier platform
The `override ERROR_DEPRECATION = 1` setting in uniphier platform
makes deprecation of API difficult. Hence removing the same. This
flag should be specified on the command line if needed.
Change-Id: I8c82d8d13944e450a8cd636de3326137c04d7560
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
davidcunado-arm [Sat, 20 Jan 2018 17:04:49 +0000 (17:04 +0000)]
Merge pull request #1229 from manojkumar-arm/manojkumar-arm/ca72-aarch32-reset-fix
lib/cpus: fix branching in reset function for cortex-a72 AARCH32 mode
davidcunado-arm [Fri, 19 Jan 2018 23:56:58 +0000 (23:56 +0000)]
Merge pull request #1227 from geesun/qx/emmc_macros
emmc: add macros CMD21, BUS_WIDTH_DDR_4 and BUS_WIDTH_DDR_8
Julius Werner [Tue, 13 Jun 2017 22:53:45 +0000 (15:53 -0700)]
coreboot: Add support for CBMEM console
coreboot supports an in-memory console to store firmware logs even when
no serial console is available. It is widely supported by
coreboot-compatible bootloaders (including SeaBIOS and GRUB) and can be
read by the Linux kernel.
This patch allows BL31 to add its own log messages to this console. The
driver will be registered automatically if coreboot support is compiled
in and detects the presence of a console buffer in the coreboot tables.
Change-Id: I31254dfa0c2fdeb7454634134b5707b4b4154907
Signed-off-by: Julius Werner <jwerner@chromium.org>
Julius Werner [Wed, 2 Aug 2017 23:31:04 +0000 (16:31 -0700)]
rockchip: Move to MULTI_CONSOLE_API
This patch changes all Rockchip platforms to use the new
MULTI_CONSOLE_API. The platform-specific plat_crash_console
implementations are removed so that the platform can use the ones from
the common platform code instead.
Also change the registers used in plat_crash_print_regs. The existing
use of x16 and x17 has always been illegal, since those registers are
reserved for use by the linker as a temporary scratch registers in
intra-procedure-call veneers and can never be expected to maintain their
values across a function call.
Change-Id: I8249424150be8d5543ed4af93b56756795a5288f
Signed-off-by: Julius Werner <jwerner@chromium.org>
Julius Werner [Fri, 9 Jun 2017 22:22:44 +0000 (15:22 -0700)]
rockchip: Use coreboot-supplied serial console on coreboot systems
This patch changes all Rockchip platforms to initialize the serial
console with information supplied by coreboot rather than hardcoded
base address and divisor values if BL31 is run on top of coreboot.
Moving the BL2-to-BL31 parameter parsing as early as possible to ensure
that the console is available for all following code.
Also update the Rockchip platform to use MULTI_CONSOLE_API.
Change-Id: I670d350fa2f8b8133539f91ac14977ab47db60d9
Signed-off-by: Julius Werner <jwerner@chromium.org>
Julius Werner [Fri, 9 Jun 2017 22:17:15 +0000 (15:17 -0700)]
Add platform-independent coreboot support library
This patch adds the foundation for a platform-independent coreboot
support library that can be shared by all platforms that boot BL31 from
coreboot (acting as BL2). It adds code to parse the "coreboot table", a
data structure that coreboot uses to communicate different kinds of
information to later-stage firmware and certain OS drivers.
As a first small use case for this information, allow platforms to
access the serial console configuration used by coreboot, removing the
need to hardcode base address and divisors and allowing Trusted Firmware
to benefit from coreboot's user configuration (e.g. which UART to pick
and which baud rate to use).
Change-Id: I2bfb39cd2609ce6640b844ab68df6c9ae3f28e9e
Signed-off-by: Julius Werner <jwerner@chromium.org>
Julius Werner [Tue, 19 Sep 2017 00:01:06 +0000 (17:01 -0700)]
drivers: cadence: cdns: Update CDNS driver to support MULTI_CONSOLE_API
This patch updates the Cadence CDNS console driver to support the new
console API. The driver will continue to support the old API as well by
checking the MULTI_CONSOLE_API compile-time flag.
Change-Id: I2ef8fb0d6ab72696997db1e0243a533499569d6b
Signed-off-by: Julius Werner <jwerner@chromium.org>
Julius Werner [Mon, 18 Sep 2017 23:59:43 +0000 (16:59 -0700)]
drivers: arm: pl011: Update PL011 driver to support MULTI_CONSOLE_API
This patch updates the ARM PL011 console driver to support the new
console API. The driver will continue to support the old API as well by
checking the MULTI_CONSOLE_API compile-time flag.
Change-Id: Ic34e4158addbb0c5fae500c9cff899c05a4f4206
Signed-off-by: Julius Werner <jwerner@chromium.org>
Julius Werner [Mon, 18 Sep 2017 23:57:51 +0000 (16:57 -0700)]
drivers: ti: uart: Update 16550 UART driver to support MULTI_CONSOLE_API
This patch updates the TI 16550 console driver to support the new
console API. The driver will continue to support the old API as well by
checking the MULTI_CONSOLE_API compile-time flag.
Change-Id: I60a44b7ba3c35c74561824c04b8dbe3e3039324c
Signed-off-by: Julius Werner <jwerner@chromium.org>
Julius Werner [Mon, 18 Sep 2017 23:49:48 +0000 (16:49 -0700)]
Add default crash console code to hook up to new console API
This patch expands the weak stubs for the plat_crash_console_xxx
functions in common platform code to use the new console API for crash
output. This should make crash console output "just work" for most cases
without the need for the platform to explicitly set up a crash console.
For cases where the normal console framework doesn't work (e.g. very
early crashes, before the platform can register any consoles), platforms
are still able to override the functions just like before.
This feature requires the MULTI_CONSOLE_API compile-time flag to work.
For builds which don't have it set, this patch has no practical effect.
Change-Id: I80dd161cb43f9db59a0bad2dae33c6560cfac584
Signed-off-by: Julius Werner <jwerner@chromium.org>
davidcunado-arm [Fri, 19 Jan 2018 13:40:12 +0000 (13:40 +0000)]
Merge pull request #1200 from robertovargas-arm/bl2-el3
Add BL2_AT_EL3 build option
Manoj Kumar [Fri, 19 Jan 2018 12:21:31 +0000 (17:51 +0530)]
lib/cpus: fix branching in reset function for cortex-a72 AARCH32 mode
In AARCH32 mode, cortex_a72_reset_func branches to address in lr
register instead of r5 register. This leads to linux boot failure
of Cortex-A72 cores in AARCH32 mode on Juno-R2 board.
This patch fixes the branching of cortex_a72_reset_func to r5
register as in cortex_a57_reset_func implementation.
Signed-off-by: Manoj Kumar <manoj.kumar3@arm.com>
Roberto Vargas [Tue, 16 Jan 2018 10:35:23 +0000 (10:35 +0000)]
bl2-el3: Don't compile BL1 when BL2_AT_EL3 is defined in FVP
This patch modifies the makefiles to avoid the definition
of BL1_SOURCES and BL2_SOURCES in the tbbr makefiles, and
it lets to the platform makefiles to define them if they
actually need these images. In the case of BL2_AT_EL3
BL1 will not be needed usually because the Boot ROM will
jump directly to BL2.
Change-Id: Ib6845a260633a22a646088629bcd7387fe35dcf9
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
Roberto Vargas [Tue, 2 Jan 2018 11:23:41 +0000 (11:23 +0000)]
bl2-el3: Don't include BL2 in fip for BL2 at EL3
It is better to not include BL2 in FIP when using `BL2 at EL3` as
platforms using this config would not have the capability to parse the
FIP format in Boot ROM and BL2 needs to be loaded independently. This
patch does the required changes for the same.
Change-Id: Iad285c247b3440e2d827fef97c3dd81f5c09cabc
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
Roberto Vargas [Mon, 20 Nov 2017 13:36:10 +0000 (13:36 +0000)]
bl2-el3: Add documentation for BL2 at EL3
Update firmware-design.rst, porting-guide.rst and user-guide.rst
with the information about BL2 at EL3. Firmware-design.rst is
also update to explain how to test this feauture with FVP.
Change-Id: I86d64bc64594e13eb041cea9cefa3f7f3fa745bd
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
Roberto Vargas [Fri, 17 Nov 2017 10:51:54 +0000 (10:51 +0000)]
bl2-el3: Mark all the assembly functions in bl2 at el3
When BL2_AT_EL3 option is enabled some platforms are going to
need a resident part in BL2 because the boot rom may jump to it
after a reset. This patch introduces __TEXT_RESIDENT_START__ and
__TEXT_RESIDENT_END__ linker symbols that mark the resident region.
Change-Id: Ib20c1b8ee257831bcc0ca7d3df98d0cb617a04f8
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
Roberto Vargas [Thu, 2 Nov 2017 16:36:51 +0000 (16:36 +0000)]
Mark functions defined in assembly files
This patch change the name of the section containing the functions
defined in assembly files from text.* to text.asm.*. This change
makes possible to select in the linker script the functions
defined in those files.
Change-Id: If35e44ef1b43ffd951dfac5e052db75d7198e2e0
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
Roberto Vargas [Fri, 17 Nov 2017 13:22:18 +0000 (13:22 +0000)]
bl2-el3: Add BL2 at EL3 support in FVP
This patch add supports for the new API added for BL2 at EL3 for
FVP. We don't have a non-TF Boot ROM for FVP, but this option can be
tested setting specific parameters in the model.
The bl2 image is loaded directly in memory instead of being loaded
by a non-TF Boot ROM and the reset address is changed:
--data cluster0.cpu0=bl2.bin@0x4001000
-C cluster0.cpu0.RVBAR=0x4001000
These parameters mean that in the cold boot path the processor will
jump to BL2 again. For this reason, BL2 is loaded in dram in this
case, to avoid other images reclaiming BL2 memory.
Change-Id: Ieb2ff8535a9e67ccebcd8c2212cad366e7776422
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
Roberto Vargas [Mon, 30 Oct 2017 14:43:43 +0000 (14:43 +0000)]
bl2-el3: Add BL2_EL3 image
This patch enables BL2 to execute at the highest exception level
without any dependancy on TF BL1. This enables platforms which already
have a non-TF Boot ROM to directly load and execute BL2 and subsequent BL
stages without need for BL1. This is not currently possible because
BL2 executes at S-EL1 and cannot jump straight to EL3.
Change-Id: Ief1efca4598560b1b8c8e61fbe26d1f44e929d69
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
davidcunado-arm [Wed, 17 Jan 2018 20:22:57 +0000 (20:22 +0000)]
Merge pull request #1226 from masahir0y/utils
utils: rename struct mem_region_t to struct mem_region
davidcunado-arm [Wed, 17 Jan 2018 17:34:29 +0000 (17:34 +0000)]
Merge pull request #1211 from Leo-Yan/remove_ca73_cpu_nap_state
Hikey960: Remove ca73 cpu nap state
Qixiang Xu [Wed, 17 Jan 2018 05:31:21 +0000 (13:31 +0800)]
emmc: add macros CMD21, BUS_WIDTH_DDR_4 and BUS_WIDTH_DDR_8
Add some macros according to JEDEC Standard Embedded Multi-Media
Card (eMMC) Electrical Standard (5.1)": Table 145 - Bus Mode
Selection.
Change-Id: Iaa45e0582653ef4290efd60d039f0bdc420eeb47
Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>
Masahiro Yamada [Tue, 16 Jan 2018 14:15:38 +0000 (23:15 +0900)]
utils: rename struct mem_region_t to struct mem_region
typedef mem_region_t mem_region_t;
... seems to work because they belong to different name-spaces,
but humans are confused even if compilers are not.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Leo Yan [Thu, 4 Jan 2018 01:32:50 +0000 (09:32 +0800)]
Hikey960: Change CPU standby state for WFI
At early time, the CPU CA73 retention state has been supported on
Hikey960. Later we found the system has the hang issue and for
resolving this issue Hisilicon released new MCU firmware, but
unfortunately the new MCU firmware has side effect and results in the
CA73 CPU cannot really enter retention state and roll back to WFI state.
After discussion we cannot see the possibility to enable CA73 retention
state anymore on Hikey960, based on this conclusion we should remove
this state supporting from ARM-TF and roll back to WFI state only. We
will commit one patch to remove CA73 CPU retention state in kernel DT
binding as well.
Cc: Daniel Lezcano <daniel.lezcano@linaro.org>
Cc: Haojian Zhuang <haojian.zhuang@linaro.org>
Cc: Kevin Wang <jean.wangtao@linaro.org>
Cc: Vincent Guittot <vincent.guittot@linaro.org>
Signed-off-by: Leo Yan <leo.yan@linaro.org>
Leo Yan [Wed, 3 Jan 2018 06:52:19 +0000 (14:52 +0800)]
Revert "Hikey960: Change to use recommended power state id format"
This reverts commit
fdae60b6ba27c216fd86d13b7432a1ff4f57dd84.
The commit
fdae60b6ba27c216fd86d13b7432a1ff4f57dd84 changed the
parameter encoding for the hikey960. However that implies a DT change
in the kernel side. After submitting the DT change for upstreaming,
the backward compatibility issue and the interface change raise some
concerns from the Linux community about the issues related to kernel <->
ATF alignment. There is no way to detect a mis-alignment of those
without a deep knowledge of the ATF and the kernel. Furthermore, the
failing calls to PSCI in the idle path (because of bad parameters), will
lead to busy looping, implying: thermal issues and extra energy
consumption.
In regard of the Linux community concerns, the potential issues when the
ATF and the kernel are not aligned, it is preferable to revert the
commit.
Cc: Vincent Guittot <vincent.guittot@linaro.org>
Cc: Haojian Zhuang <haojian.zhuang@linaro.org>
Cc: Kevin Wang <jean.wangtao@linaro.org>
Co-authored-by: Daniel Lezcano <daniel.lezcano@linaro.org>
Signed-off-by: Leo Yan <leo.yan@linaro.org>
davidcunado-arm [Tue, 16 Jan 2018 10:44:30 +0000 (10:44 +0000)]
Merge pull request #1221 from hzhuang1/fix_HLE
emmc/dw_mmc: fix the assert on HLE bit
davidcunado-arm [Tue, 16 Jan 2018 01:10:26 +0000 (01:10 +0000)]
Merge pull request #1219 from antonio-nino-diaz-arm/an/mm-version
SPM: Fix version header definitions
davidcunado-arm [Tue, 16 Jan 2018 01:10:13 +0000 (01:10 +0000)]
Merge pull request #1218 from antonio-nino-diaz-arm/an/xlat-fix
xlat v2: Correctly unmap regions on map error
davidcunado-arm [Tue, 16 Jan 2018 01:09:57 +0000 (01:09 +0000)]
Merge pull request #1216 from hzhuang1/fix_psci
Hikey960: Fix hikey960 pcie mount fail
davidcunado-arm [Tue, 16 Jan 2018 01:09:37 +0000 (01:09 +0000)]
Merge pull request #1215 from vwadekar/tlkd-ns-dram-ranges
spd: tlkd: support for "NS memory ranges" function ID
davidcunado-arm [Mon, 15 Jan 2018 23:58:52 +0000 (23:58 +0000)]
Merge pull request #1217 from robertovargas-arm/doc-plat_try_next_boot_source
Add documentation about plat_try_next_boot_source to bl1_platform_setup
davidcunado-arm [Mon, 15 Jan 2018 23:58:20 +0000 (23:58 +0000)]
Merge pull request #1213 from masahir0y/uniphier
uniphier: clean-up platform makefile
davidcunado-arm [Mon, 15 Jan 2018 16:37:39 +0000 (16:37 +0000)]
Merge pull request #1225 from dp-arm/dp/amu-remove-warn
AMU: Remove unnecessary WARN()
Dimitris Papastamos [Mon, 15 Jan 2018 14:52:57 +0000 (14:52 +0000)]
AMU: Remove unnecessary WARN()
If AMU is not supported by the hardware but it is enabled in Trusted
Firmware, the console will be spammed with warnings every time a CPU
is brought up with a CPU ON call.
Remove the warning message as this is more in line with how other
extensions like SPE and SVE are handled.
Change-Id: Iba6d367e4d1375ab554d23d2eaceab3ae1362c5a
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
davidcunado-arm [Fri, 12 Jan 2018 09:02:24 +0000 (09:02 +0000)]
Merge pull request #1197 from dp-arm/dp/amu
AMUv1 support
davidcunado-arm [Thu, 11 Jan 2018 23:39:30 +0000 (23:39 +0000)]
Merge pull request #1214 from dp-arm/dp/cve_2017_5715
Workarounds for CVE-2017-5715 on Cortex A57/A72/A73 and A75
davidcunado-arm [Thu, 11 Jan 2018 18:33:43 +0000 (18:33 +0000)]
Merge pull request #1222 from davidcunado-arm/dp/bl31_mem
Increase BL31 memory space by 2 pages
Dimitris Papastamos [Thu, 11 Jan 2018 15:32:32 +0000 (15:32 +0000)]
Increase BL31 memory space by 2 pages
On some build configurations BL31 is running out of space. Now that
TSP is moved to secure dram, we have a bit of additional space to use
in BL31.
Change-Id: Ib89fcd8bae99c85c9c5e5d9228bb42fb7048dcb6
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
Signed-off-by: David Cunado <david.cunado@arm.com>
Dimitris Papastamos [Mon, 11 Dec 2017 11:45:35 +0000 (11:45 +0000)]
Add hooks to save/restore AMU context for Cortex A75
Change-Id: I504d3f65ca5829bc1f4ebadb764931f8379ee81f
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
Dimitris Papastamos [Tue, 28 Nov 2017 13:47:06 +0000 (13:47 +0000)]
AMU: Add hooks to save/restore AMU context
On some systems, the AMU counters might reset to 0 when a CPU
powerdown happens. This behaviour conflicts with the intended
use-case of AMU as lower ELs are only expected to see non-decreasing
counter values.
Change-Id: If25519965d4e6e47e09225d0e732947986cbb5ec
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
Dimitris Papastamos [Mon, 13 Nov 2017 09:49:45 +0000 (09:49 +0000)]
AMU: Add configuration helpers for aarch64
Add some AMU helper functions to allow configuring, reading and
writing of the Group 0 and Group 1 counters. Documentation for these
helpers will come in a separate patch.
Change-Id: I656e070d2dae830c22414f694aa655341d4e2c40
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
Dimitris Papastamos [Wed, 13 Dec 2017 10:54:37 +0000 (10:54 +0000)]
AMU: Add plat interface to select which group 1 counters to enable
A new platform macro `PLAT_AMU_GROUP1_COUNTERS_MASK` controls which
group 1 counters should be enabled. The maximum number of group 1
counters supported by AMUv1 is 16 so the mask can be at most 0xffff.
If the platform does not define this mask, no group 1 counters are
enabled.
A related platform macro `PLAT_AMU_GROUP1_NR_COUNTERS` is used by
generic code to allocate an array to save and restore the counters on
CPU suspend.
Change-Id: I6d135badf4846292de931a43bb563077f42bb47b
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
Dimitris Papastamos [Tue, 28 Nov 2017 15:16:00 +0000 (15:16 +0000)]
Add PubSub events for CPU powerdown/powerup
The suspend hook is published at the start of a CPU powerdown
operation. The resume hook is published at the end of a CPU powerup
operation.
Change-Id: I50c05e2dde0d33834095ac41b4fcea4c161bb434
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
Dimitris Papastamos [Tue, 2 Jan 2018 15:53:01 +0000 (15:53 +0000)]
Use PFR0 to identify need for mitigation of CVE-2017-5915
If the CSV2 field reads as 1 then branch targets trained in one
context cannot affect speculative execution in a different context.
In that case skip the workaround on Cortex A75.
Change-Id: I4d5504cba516a67311fb5f0657b08f72909cbd38
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
Dimitris Papastamos [Mon, 18 Dec 2017 13:46:21 +0000 (13:46 +0000)]
Workaround for CVE-2017-5715 on Cortex A73 and A75
Invalidate the Branch Target Buffer (BTB) on entry to EL3 by
temporarily dropping into AArch32 Secure-EL1 and executing the
`BPIALL` instruction.
This is achieved by using 3 vector tables. There is the runtime
vector table which is used to handle exceptions and 2 additional
tables which are required to implement this workaround. The
additional tables are `vbar0` and `vbar1`.
The sequence of events for handling a single exception is
as follows:
1) Install vector table `vbar0` which saves the CPU context on entry
to EL3 and sets up the Secure-EL1 context to execute in AArch32 mode
with the MMU disabled and I$ enabled. This is the default vector table.
2) Before doing an ERET into Secure-EL1, switch vbar to point to
another vector table `vbar1`. This is required to restore EL3 state
when returning from the workaround, before proceeding with normal EL3
exception handling.
3) While in Secure-EL1, the `BPIALL` instruction is executed and an
SMC call back to EL3 is performed.
4) On entry to EL3 from Secure-EL1, the saved context from step 1) is
restored. The vbar is switched to point to `vbar0` in preparation to
handle further exceptions. Finally a branch to the runtime vector
table entry is taken to complete the handling of the original
exception.
This workaround is enabled by default on the affected CPUs.
NOTE
====
There are 4 different stubs in Secure-EL1. Each stub corresponds to
an exception type such as Sync/IRQ/FIQ/SError. Each stub will move a
different value in `R0` before doing an SMC call back into EL3.
Without this piece of information it would not be possible to know
what the original exception type was as we cannot use `ESR_EL3` to
distinguish between IRQs and FIQs.
Change-Id: I90b32d14a3735290b48685d43c70c99daaa4b434
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
Dimitris Papastamos [Thu, 30 Nov 2017 14:53:53 +0000 (14:53 +0000)]
Workaround for CVE-2017-5715 on Cortex A57 and A72
Invalidate the Branch Target Buffer (BTB) on entry to EL3 by disabling
and enabling the MMU. To achieve this without performing any branch
instruction, a per-cpu vbar is installed which executes the workaround
and then branches off to the corresponding vector entry in the main
vector table. A side effect of this change is that the main vbar is
configured before any reset handling. This is to allow the per-cpu
reset function to override the vbar setting.
This workaround is enabled by default on the affected CPUs.
Change-Id: I97788d38463a5840a410e3cea85ed297a1678265
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
Haojian Zhuang [Thu, 11 Jan 2018 05:49:56 +0000 (13:49 +0800)]
emmc/dw_mmc: fix the assert on HLE bit
When check HLE bit in interrupt register, it should check whether
HLE bit is set, not clear.
Signed-off-by: Haojian Zhuang <haojian.zhuang@linaro.org>
Antonio Nino Diaz [Fri, 5 Jan 2018 11:30:36 +0000 (11:30 +0000)]
xlat v2: Correctly unmap regions on map error
`mm_cursor` doesn't have the needed data because the `memmove()` that
is called right before it overwrites that information. In order to get
the information of the region that was being mapped, `mm` has to be used
instead (like it is done to fill the fields of `unmap_mm`).
If the incorrect information is read, this check isn't reliable and
`xlat_tables_unmap_region` may be requested to unmap memory that isn't
mapped at all, triggering assertions.
Change-Id: I602d4ac83095d4e5dac9deb34aa5d00d00e6c289
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Antonio Nino Diaz [Mon, 8 Jan 2018 17:33:34 +0000 (17:33 +0000)]
SPM: Fix version header definitions
Rename SP_VERSION macros to MM_VERSION, which is the name used in the MM
specification [1]. Also, a few more helper macros have been added.
MM-specific definitions have been moved to their own header file.
[1] http://infocenter.arm.com/help/topic/com.arm.doc.den0060a/DEN0060A_ARM_MM_Interface_Specification.pdf
Change-Id: Ia10e48c7e81a7a1f5eeca29a5270cae740a4a88a
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
davidcunado-arm [Wed, 10 Jan 2018 14:57:22 +0000 (14:57 +0000)]
Merge pull request #1176 from wjliang/zynqmp-ipi-mb-svc
plat: xilinx: Add ZynqMP IPI mailbox service [v4]
Roberto Vargas [Tue, 12 Dec 2017 10:39:44 +0000 (10:39 +0000)]
Add documentation about plat_try_next_boot_source to bl1_platform_setup
If boot redundancy is required in BL1 then the initialization
of the boot sequence must be done in bl1_platform_setup. In BL2,
we had to add a new function, bl2_preload_setup, because
bl2_platform_setup is called after the images are loaded, making it
invalid for the boot sequence initialization.
Change-Id: I5c177ff142608ed38b4192288b06614343b2b83b
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
davidcunado-arm [Wed, 10 Jan 2018 01:10:51 +0000 (01:10 +0000)]
Merge pull request #1208 from masahir0y/build
Build: trivial fixes
davidcunado-arm [Wed, 10 Jan 2018 00:21:25 +0000 (00:21 +0000)]
Merge pull request #1207 from hzhuang1/isp_clk
hikey960: set isp clks as unsecure mode
Kaihua Zhong [Tue, 9 Jan 2018 08:51:38 +0000 (16:51 +0800)]
Hikey960: Fix hikey960 pcie mount fail
Set IOC_AO_IOMG_033 function from GPIO213 to PCIE_CLKREQ_N
bit[0-2]: 000: GPIO_213;
001: PCIE_CLKREQ_N;
010: GPIO_018_SH;
100: GPIO_014_SE;
110: FAC_TEST24;
111: FAC_TEST24;
bit[3-31]: reserved
Signed-off-by: Guangtao Zhang <zhangguangtao@hisilicon.com>
Tested-by: Yao Chen <chenyao11@huawei.com>
Acked-by: Haojian Zhuang <haojian.zhuang@linaro.org>
davidcunado-arm [Tue, 9 Jan 2018 08:58:41 +0000 (08:58 +0000)]
Merge pull request #1167 from Leo-Yan/hikey-fix-alignment
Set alignment size to 512B for Hikey/Hikey960
Wendy Liang [Wed, 4 Oct 2017 06:21:11 +0000 (23:21 -0700)]
zynqmp: pm_service: use zynqmp_ipi APIs
Use zynqmp_ipi APIs to access IPI registers in pm_service.
As the zynqmp_ipi APIs doesn't cover IPI buffers, the pm_ipi
in pm_service will still directly access the IPI buffers.
Signed-off-by: Wendy Liang <jliang@xilinx.com>
Wendy Liang [Wed, 6 Sep 2017 16:39:55 +0000 (09:39 -0700)]
Add Xilinx ZynqMP IPI mailbox service
Add IPI mailbox service to manage Xilinx ZynqMP IPI(Inter Processors
Interrupt) access.
Signed-off-by: Wendy Liang <jliang@xilinx.com>
Wendy Liang [Wed, 13 Sep 2017 18:02:42 +0000 (11:02 -0700)]
Introduce ZynqMP IPI implementation
Previously, ZynqMP IPI in ATF is only for ZynqMP PM,
This patch is to have a ZynqMP IPI implementation to handle
both ZynqMP PM IPI requirement and IPI mailbox service requirement
which will be introduced next.
We control IPI agents registers access but not IPI buffers access in
this implementation. Each IPI mailbox user will directly access the
IPI buffers.
Signed-off-by: Wendy Liang <jliang@xilinx.com>
Varun Wadekar [Mon, 8 Jan 2018 19:35:40 +0000 (11:35 -0800)]
spd: tlkd: support for "NS memory ranges" function ID
This patch adds support to receive function ID with NS world's
memory ranges to provide the memory snapshot to TLK.
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
davidcunado-arm [Mon, 8 Jan 2018 22:59:37 +0000 (22:59 +0000)]
Merge pull request #1202 from antonio-nino-diaz-arm/an/spm-secondary-cores
SPM: Allow secondary CPUs to use the Secure Partition
Antonio Nino Diaz [Mon, 8 Jan 2018 09:59:33 +0000 (09:59 +0000)]
SPM: Allow secondary CPUs to use the Secure Partition
The Secure Partition should be able to be used from any CPU, not just
the lead one. This patch point the secure contexts of all secondary
CPUs to the same one used by the lead CPU for the Secure Partition. This
way, they can also use it.
In order to prevent more than one CPU from using the Secure Partition at
the same time, a lock has been added.
Change-Id: Ica76373127c3626498b06c558a4874ce72201ff7
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Antonio Nino Diaz [Mon, 18 Dec 2017 10:51:58 +0000 (10:51 +0000)]
SPM: Move initialization flag to context struct
Whether a Secure Partition is being initialized or not is something
related to that specific partition, so it should be saved with the
rest of the information related to it.
Change-Id: Ie8a780f70df83fb03ef9c01ba37960208d9b5319
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Masahiro Yamada [Thu, 4 Jan 2018 03:59:11 +0000 (12:59 +0900)]
uniphier: simplify GZIP compress rule
It is not necessary to read data from stdin. The input file name
is ripped off by -n option, anyway. I still use the redirect for
the output to specify the output file name.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
davidcunado-arm [Wed, 3 Jan 2018 23:48:51 +0000 (23:48 +0000)]
Merge pull request #1204 from davidcunado-arm/rv/fip_tool
Add padding at the end of the last entry
davidcunado-arm [Wed, 3 Jan 2018 21:13:43 +0000 (21:13 +0000)]
Merge pull request #1206 from davidcunado-arm/dc/update_userguide
Update dependencies for ARM TF
Jett Zhou [Fri, 24 Nov 2017 08:03:58 +0000 (16:03 +0800)]
docs: Update the ToC end marker description in the document
Change-Id: I2e29a63f08aed3b8ea0bb10170a3d55b8d033e62
Signed-off-by: Jett Zhou <jett.zhou@arm.com>
Signed-off-by: David Cunado <david.cunado@arm.com>
Roberto Vargas [Tue, 19 Dec 2017 11:56:57 +0000 (11:56 +0000)]
Add padding at the end of the last entry
This patch adds padding bytes at the end of the last image in the
fip to be able to transfer by DMA the last image.
Change-Id: I8c6f07dee389cb3d1dc919936d9d52841d7e5723
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
Signed-off-by: David Cunado <david.cunado@arm.com>
davidcunado-arm [Wed, 3 Jan 2018 11:20:56 +0000 (11:20 +0000)]
Merge pull request #1212 from dp-arm/dp/tsp_dram
Move TSP to TZC secured DRAM
Dimitris Papastamos [Tue, 2 Jan 2018 10:25:50 +0000 (10:25 +0000)]
Move TSP to TZC secured DRAM
To allow BL31 to grow in SRAM, move TSP in TZC secured DRAM
by default.
Increase the BL31 max limit by one page.
Change-Id: Idd3479be02f0f9bafac2f275376d7db0c2015431
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
davidcunado-arm [Sun, 24 Dec 2017 19:52:17 +0000 (19:52 +0000)]
Merge pull request #1203 from masahir0y/uniphier
uniphier: a bundle of fixes
Masahiro Yamada [Sun, 24 Dec 2017 04:08:00 +0000 (13:08 +0900)]
Build: specify check_* targets as .PHONY
check_* targets just check necessary command line argument, not
build any images. They should be specified as .PHONY.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
davidcunado-arm [Sun, 24 Dec 2017 10:58:53 +0000 (10:58 +0000)]
Merge pull request #1201 from jeenu-arm/sdei-plat-events
ARM platforms: Allow platforms to define SDEI events
Masahiro Yamada [Sat, 23 Dec 2017 14:56:18 +0000 (23:56 +0900)]
Build: update comment lines for macros
Commit
8f0617ef9e46 ("Apply TBBR naming convention to the fip_create
options") changed fiptool command options. We often forget to update
documentation.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
David Cunado [Tue, 19 Dec 2017 16:33:25 +0000 (16:33 +0000)]
Update dependencies for ARM TF
ARM TF has been tested as part of its CI system with the following
dependencies updated:
- Linaro binaries: 17.04 --> 17.10
- mbed TLS library: 2.4.2 --> 2.6.0
The version of AEM, Cortex-A and Foundation models that ARM TF is
tested on has also been updated:
- v11.1 build 11.1:22 --> v11.2 build 11.2:33
- v8.9 build 0.8:8805 --> v9.0 build 0.8:9005
This patch updates the user guide documentation to reflect these
changes to the dependencies.
Additionally, links to Linaro resources have been updated.
Change-Id: I9ea5cb76e7443c9dbb0c9525069f450a02f59e58
Signed-off-by: David Cunado <david.cunado@arm.com>
davidcunado-arm [Wed, 20 Dec 2017 10:59:15 +0000 (10:59 +0000)]
Merge pull request #1198 from antonio-nino-diaz-arm/an/spm-doc
Add Secure Partition Manager (SPM) design document
Masahiro Yamada [Tue, 19 Dec 2017 16:37:15 +0000 (01:37 +0900)]
uniphier: fix alignment of build log
The build log should be indented with two spaces for correct alignment.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Masahiro Yamada [Tue, 19 Dec 2017 16:30:08 +0000 (01:30 +0900)]
uniphier: fix base address of IO block buffer
The current IO block buffer overlaps with BL2 image location.
So, BL2 may corrupt itself.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Masahiro Yamada [Tue, 19 Dec 2017 13:30:24 +0000 (22:30 +0900)]
doc: uniphier: reformat reStructuredText manually
Commit
6f6257476754 ("Convert documentation to reStructuredText")
automatically converted all documents by a tool. I see some parts
were converted in an ugly way (or, at least, it is not my intention).
Also, the footnote is apparently broken.
I checked this document by my eyes, and reformated it so that it looks
nicer both in plain text and reST form.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
davidcunado-arm [Tue, 19 Dec 2017 21:51:08 +0000 (21:51 +0000)]
Merge pull request #1196 from antonio-nino-diaz-arm/an/zero-pad
Add support to left-pad with zeroes in tf_printf
davidcunado-arm [Tue, 19 Dec 2017 20:41:53 +0000 (20:41 +0000)]
Merge pull request #1195 from davidcunado-arm/dc/fix_pie
Disable PIE compilation option
davidcunado-arm [Tue, 19 Dec 2017 17:39:20 +0000 (17:39 +0000)]
Merge pull request #1194 from robertovargas-arm/io-fix
io: block: fix block_read/write may read/write overlap buffer
davidcunado-arm [Tue, 19 Dec 2017 15:58:32 +0000 (15:58 +0000)]
Merge pull request #1192 from sandrine-bailleux-arm/sb/fix-mm-communicate
SPM: Fix MM_COMMUNICATE_AARCH32/64 parameters
Jeenu Viswambharan [Fri, 8 Dec 2017 10:38:24 +0000 (10:38 +0000)]
ARM platforms: Allow platforms to define SDEI events
With this patch, ARM platforms are expected to define the macros
PLAT_ARM_SDEI_PRIVATE_EVENTS and PLAT_ARM_SDEI_SHARED_EVENTS as a list
of private and shared events, respectively. This allows for individual
platforms to define their own events.
Change-Id: I66851fdcbff83fd9568c2777ade9eb12df284b49
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
davidcunado-arm [Mon, 18 Dec 2017 14:28:46 +0000 (14:28 +0000)]
Merge pull request #1190 from vchong/poplar_hisi_review2
poplar: Add BL32 (OP-TEE) support and misc updates
Haojian Zhuang [Mon, 18 Dec 2017 01:45:37 +0000 (09:45 +0800)]
hikey960: set isp clks as unsecure mode
Signed-off-by: Haojian Zhuang <haojian.zhuang@linaro.org>
Antonio Nino Diaz [Fri, 15 Dec 2017 10:36:20 +0000 (10:36 +0000)]
Add support to left-pad with zeroes in tf_printf
Add support to formats %i, %d, %p, %x and %u for left-padding numbers
with zeroes (e.g. `%08x`).
Change-Id: Ifd4795a82a8d83da2c00b44b9e482a2d9be797e3
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Antonio Nino Diaz [Fri, 15 Dec 2017 11:41:17 +0000 (11:41 +0000)]
Add Secure Partition Manager (SPM) design document
This patch adds documentation that describes the design of the Secure
Partition Manager and the specific choices in their current
implementation.
The document "SPM User Guide" has been integrated into the design
document.
Change-Id: I0a4f21a2af631c8aa6c739d97a5b634f3cb39991
Co-authored-by: Achin Gupta <achin.gupta@arm.com>
Co-authored-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
david cunado [Thu, 30 Nov 2017 21:58:01 +0000 (21:58 +0000)]
Disable PIE compilation option
ARM TF does not work correctly if built with a version of gcc
that is configured to use PIE by default (e.g. Debian Stretch).
This patch identifies when such a version of gcc is being used
(by searching for --enable-default-pie) and adds -fno-PIE option
to TF_CFLAGS.
fixes arm-software/tf-issues#519
Change-Id: I2322122c49841746d35d152694e14f6f73beb0fd
Signed-off-by: David Cunado <david.cunado@arm.com>
Co-Authored-by: Evan Lloyd <evan.lloyd@arm.com>
Tested-by: Steve Capper <steve.capper@arm.com>
Tested-by: Alexei Fedorov <alexei.fedorov@arm.com>
davidcunado-arm [Thu, 14 Dec 2017 22:11:06 +0000 (22:11 +0000)]
Merge pull request #1104 from nmenon/dtb_build-v2
Makefile: Add ability to build dtb (v2)
Roberto Vargas [Thu, 23 Nov 2017 12:03:46 +0000 (12:03 +0000)]
io: block: fix block_read/write may read/write overlap buffer
The block operations were trying to optimize the number of memory
copies, and it tried to use directly the buffer supplied by the user
to them. This was a mistake because it created too many corner cases:
1- It was possible to generate unaligned
operations to unaligned buffers. Drivers that were using
DMA transfer failed in that case.
2- It was possible to generate read operations
with sizes that weren't a multiple of the block size. Some
low level drivers assumed that condition and they calculated
the number of blocks dividing the number of bytes by the
size of the block, without considering the remaining bytes.
3- The block_* operations didn't control the
number of bytes actually copied to memory, because the
low level drivers were writing directly to the user buffer.
This patch rewrite block_read and block_write to use always the device
buffer, which the platform ensures that has the correct aligment and
the correct size.
Change-Id: I5e479bb7bc137e6ec205a8573eb250acd5f40420
Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
Julius Werner [Tue, 1 Aug 2017 01:15:11 +0000 (18:15 -0700)]
Add new function-pointer-based console API
This patch overhauls the console API to allow for multiple console
instances of different drivers that are active at the same time. Instead
of binding to well-known function names (like console_core_init),
consoles now provide a register function (e.g. console_16550_register())
that will hook them into the list of active consoles. All console
operations will be dispatched to all consoles currently in the list.
The new API will be selected by the build-time option MULTI_CONSOLE_API,
which defaults to ${ERROR_DEPRECATED} for now. The old console API code
will be retained to stay backwards-compatible to older platforms, but
should no longer be used for any newly added platforms and can hopefully
be removed at some point in the future.
The new console API is intended to be used for both normal (bootup) and
crash use cases, freeing platforms of the need to set up the crash
console separately. Consoles can be individually configured to be active
active at boot (until first handoff to EL2), at runtime (after first
handoff to EL2), and/or after a crash. Console drivers should set a sane
default upon registration that can be overridden with the
console_set_scope() call. Code to hook up the crash reporting mechanism
to this framework will be added with a later patch.
This patch only affects AArch64, but the new API could easily be ported
to AArch32 as well if desired.
Change-Id: I35c5aa2cb3f719cfddd15565eb13c7cde4162549
Signed-off-by: Julius Werner <jwerner@chromium.org>
Julius Werner [Tue, 20 Jun 2017 00:05:30 +0000 (17:05 -0700)]
rockchip: Implement a panic handler that will reboot the system
The current Rockchip platform code retains the "common" default panic
handler which simply hangs the system (until the watchdog kicks in, if
enabled). This is usually not a great user experience.
This patch implements a Rockchip-specific panic handler that calls the
platform's reboot implementation to reset the system.
Change-Id: I4cbe09c48f1b3f86ebdfc0108c186565f9ffc119
Signed-off-by: Julius Werner <jwerner@chromium.org>
Julius Werner [Tue, 12 Dec 2017 22:23:26 +0000 (14:23 -0800)]
utils_def: Add REGSZ and make BIT() assembly-compatible
In assembly code it can be useful to have a constant for the width of a
register in the current architecture, so this patch adds one to
<utils_def.h> and replaces the existing custom one in crash_reporting.S
with that. It also fixes up the BIT() macro in the same file so that it
can be safely used in assembly code.
Change-Id: I10513a311f3379e767396e6ddfbae8d2d8201464
Signed-off-by: Julius Werner <jwerner@chromium.org>
Sandrine Bailleux [Thu, 7 Dec 2017 09:48:56 +0000 (09:48 +0000)]
SPM: Fix MM_COMMUNICATE_AARCH32/64 parameters
This partially reverts commit
d6b532b50f8, keeping only the fixes to
the assertions. The changes related to the order of arguments passed
to the secure partition were not correct and violated the
specification of the SP_EVENT_COMPLETE SMC.
This patch also improves the MM_COMMUNICATE argument validation. The
cookie argument, as it comes from normal world, can't be trusted and thus
needs to always be validated at run time rather than using an assertion.
Also validate the communication buffer address and return
INVALID_PARAMETER if it is zero, as per the MM specification.
Fix a few typos in comments and use the "secure partition" terminology
rather than "secure payload".
Change-Id: Ice6b7b5494b729dd44611f9a93d362c55ab244f7
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Victor Chong [Fri, 27 Oct 2017 16:59:41 +0000 (01:59 +0900)]
poplar: Add BL32 (OP-TEE) support
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Jiancheng Xue [Mon, 28 Aug 2017 10:55:43 +0000 (18:55 +0800)]
Poplar: Initialize security properties of IP blocks.
The security properties of some IP blocks are configured to secure mode
after reset. This means these IP blocks can only be accessed by cpus
in secure state by default. These should be configured correclty as needed.
Signed-off-by: y00241285 <yyangwei.yangwei@hisilicon.com>
Signed-off-by: Jiancheng Xue <xuejiancheng@hisilicon.com>
Victor Chong [Fri, 27 Oct 2017 15:22:10 +0000 (00:22 +0900)]
poplar: Increase FIP_SIZE
This is currently the maximum allowed without affecting bootup.
Signed-off-by: Victor Chong <victor.chong@linaro.org>
projects / project / bcm63xx / atf.git / log