davidcunado-arm [Tue, 16 Jan 2018 01:10:13 +0000 (01:10 +0000)]
Merge pull request #1218 from antonio-nino-diaz-arm/an/xlat-fix
xlat v2: Correctly unmap regions on map error
davidcunado-arm [Tue, 16 Jan 2018 01:09:57 +0000 (01:09 +0000)]
Merge pull request #1216 from hzhuang1/fix_psci
Hikey960: Fix hikey960 pcie mount fail
davidcunado-arm [Tue, 16 Jan 2018 01:09:37 +0000 (01:09 +0000)]
Merge pull request #1215 from vwadekar/tlkd-ns-dram-ranges
spd: tlkd: support for "NS memory ranges" function ID
davidcunado-arm [Mon, 15 Jan 2018 23:58:52 +0000 (23:58 +0000)]
Merge pull request #1217 from robertovargas-arm/doc-plat_try_next_boot_source
Add documentation about plat_try_next_boot_source to bl1_platform_setup
davidcunado-arm [Mon, 15 Jan 2018 23:58:20 +0000 (23:58 +0000)]
Merge pull request #1213 from masahir0y/uniphier
uniphier: clean-up platform makefile
davidcunado-arm [Mon, 15 Jan 2018 16:37:39 +0000 (16:37 +0000)]
Merge pull request #1225 from dp-arm/dp/amu-remove-warn
AMU: Remove unnecessary WARN()
Dimitris Papastamos [Mon, 15 Jan 2018 14:52:57 +0000 (14:52 +0000)]
AMU: Remove unnecessary WARN()
If AMU is not supported by the hardware but it is enabled in Trusted
Firmware, the console will be spammed with warnings every time a CPU
is brought up with a CPU ON call.
Remove the warning message as this is more in line with how other
extensions like SPE and SVE are handled.
Change-Id: Iba6d367e4d1375ab554d23d2eaceab3ae1362c5a
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
davidcunado-arm [Fri, 12 Jan 2018 09:02:24 +0000 (09:02 +0000)]
Merge pull request #1197 from dp-arm/dp/amu
AMUv1 support
davidcunado-arm [Thu, 11 Jan 2018 23:39:30 +0000 (23:39 +0000)]
Merge pull request #1214 from dp-arm/dp/cve_2017_5715
Workarounds for CVE-2017-5715 on Cortex A57/A72/A73 and A75
davidcunado-arm [Thu, 11 Jan 2018 18:33:43 +0000 (18:33 +0000)]
Merge pull request #1222 from davidcunado-arm/dp/bl31_mem
Increase BL31 memory space by 2 pages
Dimitris Papastamos [Thu, 11 Jan 2018 15:32:32 +0000 (15:32 +0000)]
Increase BL31 memory space by 2 pages
On some build configurations BL31 is running out of space. Now that
TSP is moved to secure dram, we have a bit of additional space to use
in BL31.
Change-Id: Ib89fcd8bae99c85c9c5e5d9228bb42fb7048dcb6
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
Signed-off-by: David Cunado <david.cunado@arm.com>
Dimitris Papastamos [Mon, 11 Dec 2017 11:45:35 +0000 (11:45 +0000)]
Add hooks to save/restore AMU context for Cortex A75
Change-Id: I504d3f65ca5829bc1f4ebadb764931f8379ee81f
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
Dimitris Papastamos [Tue, 28 Nov 2017 13:47:06 +0000 (13:47 +0000)]
AMU: Add hooks to save/restore AMU context
On some systems, the AMU counters might reset to 0 when a CPU
powerdown happens. This behaviour conflicts with the intended
use-case of AMU as lower ELs are only expected to see non-decreasing
counter values.
Change-Id: If25519965d4e6e47e09225d0e732947986cbb5ec
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
Dimitris Papastamos [Mon, 13 Nov 2017 09:49:45 +0000 (09:49 +0000)]
AMU: Add configuration helpers for aarch64
Add some AMU helper functions to allow configuring, reading and
writing of the Group 0 and Group 1 counters. Documentation for these
helpers will come in a separate patch.
Change-Id: I656e070d2dae830c22414f694aa655341d4e2c40
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
Dimitris Papastamos [Wed, 13 Dec 2017 10:54:37 +0000 (10:54 +0000)]
AMU: Add plat interface to select which group 1 counters to enable
A new platform macro `PLAT_AMU_GROUP1_COUNTERS_MASK` controls which
group 1 counters should be enabled. The maximum number of group 1
counters supported by AMUv1 is 16 so the mask can be at most 0xffff.
If the platform does not define this mask, no group 1 counters are
enabled.
A related platform macro `PLAT_AMU_GROUP1_NR_COUNTERS` is used by
generic code to allocate an array to save and restore the counters on
CPU suspend.
Change-Id: I6d135badf4846292de931a43bb563077f42bb47b
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
Dimitris Papastamos [Tue, 28 Nov 2017 15:16:00 +0000 (15:16 +0000)]
Add PubSub events for CPU powerdown/powerup
The suspend hook is published at the start of a CPU powerdown
operation. The resume hook is published at the end of a CPU powerup
operation.
Change-Id: I50c05e2dde0d33834095ac41b4fcea4c161bb434
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
Dimitris Papastamos [Tue, 2 Jan 2018 15:53:01 +0000 (15:53 +0000)]
Use PFR0 to identify need for mitigation of CVE-2017-5915
If the CSV2 field reads as 1 then branch targets trained in one
context cannot affect speculative execution in a different context.
In that case skip the workaround on Cortex A75.
Change-Id: I4d5504cba516a67311fb5f0657b08f72909cbd38
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
Dimitris Papastamos [Mon, 18 Dec 2017 13:46:21 +0000 (13:46 +0000)]
Workaround for CVE-2017-5715 on Cortex A73 and A75
Invalidate the Branch Target Buffer (BTB) on entry to EL3 by
temporarily dropping into AArch32 Secure-EL1 and executing the
`BPIALL` instruction.
This is achieved by using 3 vector tables. There is the runtime
vector table which is used to handle exceptions and 2 additional
tables which are required to implement this workaround. The
additional tables are `vbar0` and `vbar1`.
The sequence of events for handling a single exception is
as follows:
1) Install vector table `vbar0` which saves the CPU context on entry
to EL3 and sets up the Secure-EL1 context to execute in AArch32 mode
with the MMU disabled and I$ enabled. This is the default vector table.
2) Before doing an ERET into Secure-EL1, switch vbar to point to
another vector table `vbar1`. This is required to restore EL3 state
when returning from the workaround, before proceeding with normal EL3
exception handling.
3) While in Secure-EL1, the `BPIALL` instruction is executed and an
SMC call back to EL3 is performed.
4) On entry to EL3 from Secure-EL1, the saved context from step 1) is
restored. The vbar is switched to point to `vbar0` in preparation to
handle further exceptions. Finally a branch to the runtime vector
table entry is taken to complete the handling of the original
exception.
This workaround is enabled by default on the affected CPUs.
NOTE
====
There are 4 different stubs in Secure-EL1. Each stub corresponds to
an exception type such as Sync/IRQ/FIQ/SError. Each stub will move a
different value in `R0` before doing an SMC call back into EL3.
Without this piece of information it would not be possible to know
what the original exception type was as we cannot use `ESR_EL3` to
distinguish between IRQs and FIQs.
Change-Id: I90b32d14a3735290b48685d43c70c99daaa4b434
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
Dimitris Papastamos [Thu, 30 Nov 2017 14:53:53 +0000 (14:53 +0000)]
Workaround for CVE-2017-5715 on Cortex A57 and A72
Invalidate the Branch Target Buffer (BTB) on entry to EL3 by disabling
and enabling the MMU. To achieve this without performing any branch
instruction, a per-cpu vbar is installed which executes the workaround
and then branches off to the corresponding vector entry in the main
vector table. A side effect of this change is that the main vbar is
configured before any reset handling. This is to allow the per-cpu
reset function to override the vbar setting.
This workaround is enabled by default on the affected CPUs.
Change-Id: I97788d38463a5840a410e3cea85ed297a1678265
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
Antonio Nino Diaz [Fri, 5 Jan 2018 11:30:36 +0000 (11:30 +0000)]
xlat v2: Correctly unmap regions on map error
`mm_cursor` doesn't have the needed data because the `memmove()` that
is called right before it overwrites that information. In order to get
the information of the region that was being mapped, `mm` has to be used
instead (like it is done to fill the fields of `unmap_mm`).
If the incorrect information is read, this check isn't reliable and
`xlat_tables_unmap_region` may be requested to unmap memory that isn't
mapped at all, triggering assertions.
Change-Id: I602d4ac83095d4e5dac9deb34aa5d00d00e6c289
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
davidcunado-arm [Wed, 10 Jan 2018 14:57:22 +0000 (14:57 +0000)]
Merge pull request #1176 from wjliang/zynqmp-ipi-mb-svc
plat: xilinx: Add ZynqMP IPI mailbox service [v4]
Roberto Vargas [Tue, 12 Dec 2017 10:39:44 +0000 (10:39 +0000)]
Add documentation about plat_try_next_boot_source to bl1_platform_setup
If boot redundancy is required in BL1 then the initialization
of the boot sequence must be done in bl1_platform_setup. In BL2,
we had to add a new function, bl2_preload_setup, because
bl2_platform_setup is called after the images are loaded, making it
invalid for the boot sequence initialization.
Change-Id: I5c177ff142608ed38b4192288b06614343b2b83b
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
davidcunado-arm [Wed, 10 Jan 2018 01:10:51 +0000 (01:10 +0000)]
Merge pull request #1208 from masahir0y/build
Build: trivial fixes
davidcunado-arm [Wed, 10 Jan 2018 00:21:25 +0000 (00:21 +0000)]
Merge pull request #1207 from hzhuang1/isp_clk
hikey960: set isp clks as unsecure mode
Kaihua Zhong [Tue, 9 Jan 2018 08:51:38 +0000 (16:51 +0800)]
Hikey960: Fix hikey960 pcie mount fail
Set IOC_AO_IOMG_033 function from GPIO213 to PCIE_CLKREQ_N
bit[0-2]: 000: GPIO_213;
001: PCIE_CLKREQ_N;
010: GPIO_018_SH;
100: GPIO_014_SE;
110: FAC_TEST24;
111: FAC_TEST24;
bit[3-31]: reserved
Signed-off-by: Guangtao Zhang <zhangguangtao@hisilicon.com>
Tested-by: Yao Chen <chenyao11@huawei.com>
Acked-by: Haojian Zhuang <haojian.zhuang@linaro.org>
davidcunado-arm [Tue, 9 Jan 2018 08:58:41 +0000 (08:58 +0000)]
Merge pull request #1167 from Leo-Yan/hikey-fix-alignment
Set alignment size to 512B for Hikey/Hikey960
Wendy Liang [Wed, 4 Oct 2017 06:21:11 +0000 (23:21 -0700)]
zynqmp: pm_service: use zynqmp_ipi APIs
Use zynqmp_ipi APIs to access IPI registers in pm_service.
As the zynqmp_ipi APIs doesn't cover IPI buffers, the pm_ipi
in pm_service will still directly access the IPI buffers.
Signed-off-by: Wendy Liang <jliang@xilinx.com>
Wendy Liang [Wed, 6 Sep 2017 16:39:55 +0000 (09:39 -0700)]
Add Xilinx ZynqMP IPI mailbox service
Add IPI mailbox service to manage Xilinx ZynqMP IPI(Inter Processors
Interrupt) access.
Signed-off-by: Wendy Liang <jliang@xilinx.com>
Wendy Liang [Wed, 13 Sep 2017 18:02:42 +0000 (11:02 -0700)]
Introduce ZynqMP IPI implementation
Previously, ZynqMP IPI in ATF is only for ZynqMP PM,
This patch is to have a ZynqMP IPI implementation to handle
both ZynqMP PM IPI requirement and IPI mailbox service requirement
which will be introduced next.
We control IPI agents registers access but not IPI buffers access in
this implementation. Each IPI mailbox user will directly access the
IPI buffers.
Signed-off-by: Wendy Liang <jliang@xilinx.com>
Varun Wadekar [Mon, 8 Jan 2018 19:35:40 +0000 (11:35 -0800)]
spd: tlkd: support for "NS memory ranges" function ID
This patch adds support to receive function ID with NS world's
memory ranges to provide the memory snapshot to TLK.
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
davidcunado-arm [Mon, 8 Jan 2018 22:59:37 +0000 (22:59 +0000)]
Merge pull request #1202 from antonio-nino-diaz-arm/an/spm-secondary-cores
SPM: Allow secondary CPUs to use the Secure Partition
Antonio Nino Diaz [Mon, 8 Jan 2018 09:59:33 +0000 (09:59 +0000)]
SPM: Allow secondary CPUs to use the Secure Partition
The Secure Partition should be able to be used from any CPU, not just
the lead one. This patch point the secure contexts of all secondary
CPUs to the same one used by the lead CPU for the Secure Partition. This
way, they can also use it.
In order to prevent more than one CPU from using the Secure Partition at
the same time, a lock has been added.
Change-Id: Ica76373127c3626498b06c558a4874ce72201ff7
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Antonio Nino Diaz [Mon, 18 Dec 2017 10:51:58 +0000 (10:51 +0000)]
SPM: Move initialization flag to context struct
Whether a Secure Partition is being initialized or not is something
related to that specific partition, so it should be saved with the
rest of the information related to it.
Change-Id: Ie8a780f70df83fb03ef9c01ba37960208d9b5319
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Masahiro Yamada [Thu, 4 Jan 2018 03:59:11 +0000 (12:59 +0900)]
uniphier: simplify GZIP compress rule
It is not necessary to read data from stdin. The input file name
is ripped off by -n option, anyway. I still use the redirect for
the output to specify the output file name.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
davidcunado-arm [Wed, 3 Jan 2018 23:48:51 +0000 (23:48 +0000)]
Merge pull request #1204 from davidcunado-arm/rv/fip_tool
Add padding at the end of the last entry
davidcunado-arm [Wed, 3 Jan 2018 21:13:43 +0000 (21:13 +0000)]
Merge pull request #1206 from davidcunado-arm/dc/update_userguide
Update dependencies for ARM TF
Jett Zhou [Fri, 24 Nov 2017 08:03:58 +0000 (16:03 +0800)]
docs: Update the ToC end marker description in the document
Change-Id: I2e29a63f08aed3b8ea0bb10170a3d55b8d033e62
Signed-off-by: Jett Zhou <jett.zhou@arm.com>
Signed-off-by: David Cunado <david.cunado@arm.com>
Roberto Vargas [Tue, 19 Dec 2017 11:56:57 +0000 (11:56 +0000)]
Add padding at the end of the last entry
This patch adds padding bytes at the end of the last image in the
fip to be able to transfer by DMA the last image.
Change-Id: I8c6f07dee389cb3d1dc919936d9d52841d7e5723
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
Signed-off-by: David Cunado <david.cunado@arm.com>
davidcunado-arm [Wed, 3 Jan 2018 11:20:56 +0000 (11:20 +0000)]
Merge pull request #1212 from dp-arm/dp/tsp_dram
Move TSP to TZC secured DRAM
Dimitris Papastamos [Tue, 2 Jan 2018 10:25:50 +0000 (10:25 +0000)]
Move TSP to TZC secured DRAM
To allow BL31 to grow in SRAM, move TSP in TZC secured DRAM
by default.
Increase the BL31 max limit by one page.
Change-Id: Idd3479be02f0f9bafac2f275376d7db0c2015431
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
davidcunado-arm [Sun, 24 Dec 2017 19:52:17 +0000 (19:52 +0000)]
Merge pull request #1203 from masahir0y/uniphier
uniphier: a bundle of fixes
Masahiro Yamada [Sun, 24 Dec 2017 04:08:00 +0000 (13:08 +0900)]
Build: specify check_* targets as .PHONY
check_* targets just check necessary command line argument, not
build any images. They should be specified as .PHONY.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
davidcunado-arm [Sun, 24 Dec 2017 10:58:53 +0000 (10:58 +0000)]
Merge pull request #1201 from jeenu-arm/sdei-plat-events
ARM platforms: Allow platforms to define SDEI events
Masahiro Yamada [Sat, 23 Dec 2017 14:56:18 +0000 (23:56 +0900)]
Build: update comment lines for macros
Commit
8f0617ef9e46 ("Apply TBBR naming convention to the fip_create
options") changed fiptool command options. We often forget to update
documentation.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
David Cunado [Tue, 19 Dec 2017 16:33:25 +0000 (16:33 +0000)]
Update dependencies for ARM TF
ARM TF has been tested as part of its CI system with the following
dependencies updated:
- Linaro binaries: 17.04 --> 17.10
- mbed TLS library: 2.4.2 --> 2.6.0
The version of AEM, Cortex-A and Foundation models that ARM TF is
tested on has also been updated:
- v11.1 build 11.1:22 --> v11.2 build 11.2:33
- v8.9 build 0.8:8805 --> v9.0 build 0.8:9005
This patch updates the user guide documentation to reflect these
changes to the dependencies.
Additionally, links to Linaro resources have been updated.
Change-Id: I9ea5cb76e7443c9dbb0c9525069f450a02f59e58
Signed-off-by: David Cunado <david.cunado@arm.com>
davidcunado-arm [Wed, 20 Dec 2017 10:59:15 +0000 (10:59 +0000)]
Merge pull request #1198 from antonio-nino-diaz-arm/an/spm-doc
Add Secure Partition Manager (SPM) design document
Masahiro Yamada [Tue, 19 Dec 2017 16:37:15 +0000 (01:37 +0900)]
uniphier: fix alignment of build log
The build log should be indented with two spaces for correct alignment.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Masahiro Yamada [Tue, 19 Dec 2017 16:30:08 +0000 (01:30 +0900)]
uniphier: fix base address of IO block buffer
The current IO block buffer overlaps with BL2 image location.
So, BL2 may corrupt itself.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Masahiro Yamada [Tue, 19 Dec 2017 13:30:24 +0000 (22:30 +0900)]
doc: uniphier: reformat reStructuredText manually
Commit
6f6257476754 ("Convert documentation to reStructuredText")
automatically converted all documents by a tool. I see some parts
were converted in an ugly way (or, at least, it is not my intention).
Also, the footnote is apparently broken.
I checked this document by my eyes, and reformated it so that it looks
nicer both in plain text and reST form.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
davidcunado-arm [Tue, 19 Dec 2017 21:51:08 +0000 (21:51 +0000)]
Merge pull request #1196 from antonio-nino-diaz-arm/an/zero-pad
Add support to left-pad with zeroes in tf_printf
davidcunado-arm [Tue, 19 Dec 2017 20:41:53 +0000 (20:41 +0000)]
Merge pull request #1195 from davidcunado-arm/dc/fix_pie
Disable PIE compilation option
davidcunado-arm [Tue, 19 Dec 2017 17:39:20 +0000 (17:39 +0000)]
Merge pull request #1194 from robertovargas-arm/io-fix
io: block: fix block_read/write may read/write overlap buffer
davidcunado-arm [Tue, 19 Dec 2017 15:58:32 +0000 (15:58 +0000)]
Merge pull request #1192 from sandrine-bailleux-arm/sb/fix-mm-communicate
SPM: Fix MM_COMMUNICATE_AARCH32/64 parameters
Jeenu Viswambharan [Fri, 8 Dec 2017 10:38:24 +0000 (10:38 +0000)]
ARM platforms: Allow platforms to define SDEI events
With this patch, ARM platforms are expected to define the macros
PLAT_ARM_SDEI_PRIVATE_EVENTS and PLAT_ARM_SDEI_SHARED_EVENTS as a list
of private and shared events, respectively. This allows for individual
platforms to define their own events.
Change-Id: I66851fdcbff83fd9568c2777ade9eb12df284b49
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
davidcunado-arm [Mon, 18 Dec 2017 14:28:46 +0000 (14:28 +0000)]
Merge pull request #1190 from vchong/poplar_hisi_review2
poplar: Add BL32 (OP-TEE) support and misc updates
Haojian Zhuang [Mon, 18 Dec 2017 01:45:37 +0000 (09:45 +0800)]
hikey960: set isp clks as unsecure mode
Signed-off-by: Haojian Zhuang <haojian.zhuang@linaro.org>
Antonio Nino Diaz [Fri, 15 Dec 2017 10:36:20 +0000 (10:36 +0000)]
Add support to left-pad with zeroes in tf_printf
Add support to formats %i, %d, %p, %x and %u for left-padding numbers
with zeroes (e.g. `%08x`).
Change-Id: Ifd4795a82a8d83da2c00b44b9e482a2d9be797e3
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Antonio Nino Diaz [Fri, 15 Dec 2017 11:41:17 +0000 (11:41 +0000)]
Add Secure Partition Manager (SPM) design document
This patch adds documentation that describes the design of the Secure
Partition Manager and the specific choices in their current
implementation.
The document "SPM User Guide" has been integrated into the design
document.
Change-Id: I0a4f21a2af631c8aa6c739d97a5b634f3cb39991
Co-authored-by: Achin Gupta <achin.gupta@arm.com>
Co-authored-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
david cunado [Thu, 30 Nov 2017 21:58:01 +0000 (21:58 +0000)]
Disable PIE compilation option
ARM TF does not work correctly if built with a version of gcc
that is configured to use PIE by default (e.g. Debian Stretch).
This patch identifies when such a version of gcc is being used
(by searching for --enable-default-pie) and adds -fno-PIE option
to TF_CFLAGS.
fixes arm-software/tf-issues#519
Change-Id: I2322122c49841746d35d152694e14f6f73beb0fd
Signed-off-by: David Cunado <david.cunado@arm.com>
Co-Authored-by: Evan Lloyd <evan.lloyd@arm.com>
Tested-by: Steve Capper <steve.capper@arm.com>
Tested-by: Alexei Fedorov <alexei.fedorov@arm.com>
davidcunado-arm [Thu, 14 Dec 2017 22:11:06 +0000 (22:11 +0000)]
Merge pull request #1104 from nmenon/dtb_build-v2
Makefile: Add ability to build dtb (v2)
Roberto Vargas [Thu, 23 Nov 2017 12:03:46 +0000 (12:03 +0000)]
io: block: fix block_read/write may read/write overlap buffer
The block operations were trying to optimize the number of memory
copies, and it tried to use directly the buffer supplied by the user
to them. This was a mistake because it created too many corner cases:
1- It was possible to generate unaligned
operations to unaligned buffers. Drivers that were using
DMA transfer failed in that case.
2- It was possible to generate read operations
with sizes that weren't a multiple of the block size. Some
low level drivers assumed that condition and they calculated
the number of blocks dividing the number of bytes by the
size of the block, without considering the remaining bytes.
3- The block_* operations didn't control the
number of bytes actually copied to memory, because the
low level drivers were writing directly to the user buffer.
This patch rewrite block_read and block_write to use always the device
buffer, which the platform ensures that has the correct aligment and
the correct size.
Change-Id: I5e479bb7bc137e6ec205a8573eb250acd5f40420
Signed-off-by: Qixiang Xu <qixiang.xu@arm.com>
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
Sandrine Bailleux [Thu, 7 Dec 2017 09:48:56 +0000 (09:48 +0000)]
SPM: Fix MM_COMMUNICATE_AARCH32/64 parameters
This partially reverts commit
d6b532b50f8, keeping only the fixes to
the assertions. The changes related to the order of arguments passed
to the secure partition were not correct and violated the
specification of the SP_EVENT_COMPLETE SMC.
This patch also improves the MM_COMMUNICATE argument validation. The
cookie argument, as it comes from normal world, can't be trusted and thus
needs to always be validated at run time rather than using an assertion.
Also validate the communication buffer address and return
INVALID_PARAMETER if it is zero, as per the MM specification.
Fix a few typos in comments and use the "secure partition" terminology
rather than "secure payload".
Change-Id: Ice6b7b5494b729dd44611f9a93d362c55ab244f7
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Victor Chong [Fri, 27 Oct 2017 16:59:41 +0000 (01:59 +0900)]
poplar: Add BL32 (OP-TEE) support
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Jiancheng Xue [Mon, 28 Aug 2017 10:55:43 +0000 (18:55 +0800)]
Poplar: Initialize security properties of IP blocks.
The security properties of some IP blocks are configured to secure mode
after reset. This means these IP blocks can only be accessed by cpus
in secure state by default. These should be configured correclty as needed.
Signed-off-by: y00241285 <yyangwei.yangwei@hisilicon.com>
Signed-off-by: Jiancheng Xue <xuejiancheng@hisilicon.com>
Victor Chong [Fri, 27 Oct 2017 15:22:10 +0000 (00:22 +0900)]
poplar: Increase FIP_SIZE
This is currently the maximum allowed without affecting bootup.
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Victor Chong [Thu, 26 Oct 2017 15:09:14 +0000 (00:09 +0900)]
poplar: Rename PLAT_ARM_NS_IMAGE_OFFSET
to PLAT_POPLAR_NS_IMAGE_OFFSET
Signed-off-by: Victor Chong <victor.chong@linaro.org>
Victor Chong [Thu, 19 Oct 2017 07:49:52 +0000 (16:49 +0900)]
poplar: Fix GPIO_MAX
Per
https://github.com/sdrobertw/Poplar/blob/master/HardwareDocs/Processor_Datasheet_v2XX.pdf
there are 13 groups of GPIO controllers, not 12.
Signed-off-by: Victor Chong <victor.chong@linaro.org>
davidcunado-arm [Mon, 11 Dec 2017 12:29:47 +0000 (12:29 +0000)]
Merge pull request #1178 from davidcunado-arm/dc/enable_sve
Enable SVE for Non-secure world
davidcunado-arm [Sun, 10 Dec 2017 14:01:37 +0000 (14:01 +0000)]
Merge pull request #1187 from antonio-nino-diaz-arm/an/spm-xlat-dram
SPM: Move S-EL1/S-EL0 xlat tables to TZC DRAM
davidcunado-arm [Sat, 9 Dec 2017 23:10:24 +0000 (23:10 +0000)]
Merge pull request #1184 from antonio-nino-diaz-arm/an/bl31-in-dram
fvp: Disable SYSTEM_SUSPEND when ARM_BL31_IN_DRAM
davidcunado-arm [Sat, 9 Dec 2017 20:42:25 +0000 (20:42 +0000)]
Merge pull request #1183 from jeenu-arm/sdei-reset-fix
SDEI: Fix return value of reset calls
davidcunado-arm [Sat, 9 Dec 2017 15:22:48 +0000 (15:22 +0000)]
Merge pull request #1186 from antonio-nino-diaz-arm/an/poplar-doc
poplar: Fix format of documentation
davidcunado-arm [Sat, 9 Dec 2017 15:16:00 +0000 (15:16 +0000)]
Merge pull request #1182 from soby-mathew/sm/opt_tbbr_flush
Unify cache flush code path after image load
davidcunado-arm [Sat, 9 Dec 2017 10:13:11 +0000 (10:13 +0000)]
Merge pull request #1181 from soby-mathew/sm/el3_payload_tzc_permissions
ARM Platforms: Change the TZC access permissions for EL3 payload
davidcunado-arm [Sat, 9 Dec 2017 09:36:09 +0000 (09:36 +0000)]
Merge pull request #1180 from sandrine-bailleux-arm/sb/spm-rename
Rename some macros in SPM code
davidcunado-arm [Sat, 9 Dec 2017 08:43:02 +0000 (08:43 +0000)]
Merge pull request #1179 from paulkocialkowski/integration
rockchip: Include stdint header in plat_sip_calls.c
davidcunado-arm [Fri, 8 Dec 2017 16:29:19 +0000 (16:29 +0000)]
Merge pull request #1174 from antonio-nino-diaz-arm/an/page-size
Replace magic numbers in linkerscripts by PAGE_SIZE
davidcunado-arm [Wed, 6 Dec 2017 22:20:05 +0000 (22:20 +0000)]
Merge pull request #1171 from Leo-Yan/hikey960-change-use-recommend-state-id
Hikey960: Change to use recommended power state id format
davidcunado-arm [Wed, 6 Dec 2017 21:08:48 +0000 (21:08 +0000)]
Merge pull request #1185 from danh-arm/dh/rk-maint
Miscellaneous fixes to maintainers.rst
Dan Handley [Wed, 6 Dec 2017 10:13:17 +0000 (10:13 +0000)]
Miscellaneous fixes to maintainers.rst
* Update the RockChip sub-maintainer from rkchrome to rockchip-linux
in maintainers.rst.
* Add missing documentation files and change extensions from `md` to `rst`.
* Add sub-maintainer for Socionext UniPhier platform.
Change-Id: I7f498316acb0f7947c6432dbe14988e61a8903fe
Co-Authored-By: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Signed-off-by: Dan Handley <dan.handley@arm.com>
Antonio Nino Diaz [Fri, 17 Nov 2017 11:48:55 +0000 (11:48 +0000)]
SPM: Move S-EL1/S-EL0 xlat tables to TZC DRAM
A new platform define, `PLAT_SP_IMAGE_XLAT_SECTION_NAME`, has been
introduced to select the section where the translation tables used by
the S-EL1/S-EL0 are placed.
This define has been used to move the translation tables to DRAM secured
by TrustZone.
Most of the extra needed space in BL31 when SPM is enabled is due to the
large size of the translation tables. By moving them to this memory
region we can save 44 KiB.
A new argument has been added to REGISTER_XLAT_CONTEXT2() to specify the
region where the translation tables have to be placed by the linker.
Change-Id: Ia81709b4227cb8c92601f0caf258f624c0467719
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
davidcunado-arm [Wed, 6 Dec 2017 13:59:58 +0000 (13:59 +0000)]
Merge pull request #1177 from sivadur/master
Update Xilinx maintainer details
Antonio Nino Diaz [Wed, 6 Dec 2017 10:33:15 +0000 (10:33 +0000)]
poplar: Fix format of documentation
The document was being rendered incorrectly.
Change-Id: I6e243d17d7cb6247f91698bc195eb0f6efeb7d17
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Antonio Nino Diaz [Wed, 22 Nov 2017 12:00:44 +0000 (12:00 +0000)]
fvp: Disable SYSTEM_SUSPEND when ARM_BL31_IN_DRAM
After returning from SYSTEM_SUSPEND state, BL31 reconfigures the
TrustZone Controller during the boot sequence. If BL31 is placed in
TZC-secured DRAM, it will try to change the permissions of the memory it
is being executed from, causing an exception.
The solution is to disable SYSTEM_SUSPEND when the Trusted Firmware has
been compiled with ``ARM_BL31_IN_DRAM=1``.
Change-Id: I96dc50decaacd469327c6b591d07964726e58db4
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Antonio Nino Diaz [Fri, 24 Nov 2017 16:43:15 +0000 (16:43 +0000)]
SPM: Remove ARM platforms header from SPM common code
Common code mustn't include ARM platforms headers.
Change-Id: Ib6e4f5a77c2d095e6e8c3ad89c89cb1959cd3043
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Jeenu Viswambharan [Thu, 30 Nov 2017 10:25:10 +0000 (10:25 +0000)]
SDEI: Fix return value of reset calls
At present, both SDEI_PRIVATE_RESET and SDEI_SHARED_RESET returns
SDEI_PENDING if they fail to unregister an event. The SDEI specification
however requires that the APIs return SDEI_EDENY in these cases. This
patch fixes the return codes for the reset APIs.
Change-Id: Ic14484c91fa8396910387196c256d1ff13d03afd
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
Leo Yan [Fri, 24 Nov 2017 06:19:51 +0000 (14:19 +0800)]
Hikey960: Change to use recommended power state id format
ARM Power State Coordination Interface (ARM DEN 0022D) chapter
6.5 "Recommended StateID Encoding" defines the state ID which can be
used by platforms. The recommended power states can be presented by
below values; and it divides into three fields, every field has 4 bits
to present power states corresponding to core level, cluster level and
system level.
0: Run
1: Standby
2: Retention
3: Powerdown
This commit changes to use upper recommended power states definition on
Hikey960; and changes the power state validate function to check the
power state passed from kernel side.
Signed-off-by: Leo Yan <leo.yan@linaro.org>
davidcunado-arm [Tue, 5 Dec 2017 23:26:40 +0000 (23:26 +0000)]
Merge pull request #1157 from antonio-nino-diaz-arm/an/rpi3
Introduce AArch64 Raspberry Pi 3 port
Soby Mathew [Fri, 10 Nov 2017 13:14:40 +0000 (13:14 +0000)]
Unify cache flush code path after image load
Previously the cache flush happened in 2 different places in code
depending on whether TRUSTED_BOARD_BOOT is enabled or not. This
patch unifies this code path for both the cases. The `load_image()`
function is now made an internal static function.
Change-Id: I96a1da29d29236bbc34b1c95053e6a9a7fc98a54
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Soby Mathew [Mon, 13 Nov 2017 08:29:45 +0000 (08:29 +0000)]
ARM Platforms: Change the TZC access permissions for EL3 payload
This patch allows non-secure bus masters to access TZC region0 as well
as the EL3 Payload itself.
Change-Id: I7e44f2673a2992920d41503fb4c57bd7fb30747a
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Sandrine Bailleux [Fri, 1 Dec 2017 09:44:21 +0000 (09:44 +0000)]
SPM: Rename SP_COMMUNICATE macros
Rename SP_COMMUNICATE_AARCH32/AARCH64 into MM_COMMUNICATE_AARCH32/AARCH64
to align with the MM specification [1].
[1] http://infocenter.arm.com/help/topic/com.arm.doc.den0060a/DEN0060A_ARM_MM_Interface_Specification.pdf
Change-Id: I478aa4024ace7507d14a5d366aa8e20681075b03
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
Antonio Nino Diaz [Fri, 1 Dec 2017 14:12:43 +0000 (14:12 +0000)]
SPM: Rename SP_MEM_ATTR*** defines
The defines have been renamed to match the names used in the
documentation.
Change-Id: I2f18b65112d2db040a89d5a8522e9790c3e21628
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
davidcunado-arm [Mon, 4 Dec 2017 22:39:40 +0000 (22:39 +0000)]
Merge pull request #1168 from matt2048/master
Replace macro ASM_ASSERTION with macro ENABLE_ASSERTIONS
Paul Kocialkowski [Sat, 2 Dec 2017 15:41:38 +0000 (16:41 +0100)]
rockchip: Include stdint header in plat_sip_calls.c
This includes the stdint header to declare the various types used within
the file, preventing build errors with recent GCC versions.
Change-Id: I9e7e92bb31deb58d4ff2732067dd88b53124bcc9
Signed-off-by: Paul Kocialkowski <contact@paulk.fr>
Antonio Nino Diaz [Fri, 1 Dec 2017 11:11:26 +0000 (11:11 +0000)]
rpi3: Add documentation of Raspberry Pi 3 port
Added design documentation and usage guide for the AArch64 port of the
Arm Trusted Firmware to the Raspberry Pi 3.
Change-Id: I1be60fbbd54c797b48a1bcebfb944d332616a0de
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Antonio Nino Diaz [Mon, 6 Nov 2017 14:49:04 +0000 (14:49 +0000)]
rpi3: Introduce AArch64 Raspberry Pi 3 port
This port can be compiled to boot an AArch64 or AArch32 payload with the
build option `RPI3_BL33_AARCH32`.
Note: This is not a secure port of the Trusted Firmware. This port is
only meant to be a reference implementation to experiment with an
inexpensive board in real hardware.
Change-Id: Ide58114299289bf765ef1366199eb05c46f81903
Co-authored-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
davidcunado-arm [Fri, 1 Dec 2017 00:31:09 +0000 (00:31 +0000)]
Merge pull request #1175 from soby-mathew/sm/juno-a32-bl32-changes
Fix issues for AArch32 builds on ARM platforms
David Cunado [Tue, 31 Oct 2017 23:19:21 +0000 (23:19 +0000)]
Do not enable SVE on pre-v8.2 platforms
Pre-v8.2 platforms such as the Juno platform does not have
the Scalable Vector Extensions implemented and so the build
option ENABLE_SVE is set to zero.
This has a minor performance improvement with no functional
impact.
Change-Id: Ib072735db7a0247406f8b60e325b7e28b1e04ad1
Signed-off-by: David Cunado <david.cunado@arm.com>
David Cunado [Fri, 20 Oct 2017 10:30:57 +0000 (11:30 +0100)]
Enable SVE for Non-secure world
This patch adds a new build option, ENABLE_SVE_FOR_NS, which when set
to one EL3 will check to see if the Scalable Vector Extension (SVE) is
implemented when entering and exiting the Non-secure world.
If SVE is implemented, EL3 will do the following:
- Entry to Non-secure world: SIMD, FP and SVE functionality is enabled.
- Exit from Non-secure world: SIMD, FP and SVE functionality is
disabled. As SIMD and FP registers are part of the SVE Z-registers
then any use of SIMD / FP functionality would corrupt the SVE
registers.
The build option default is 1. The SVE functionality is only supported
on AArch64 and so the build option is set to zero when the target
archiecture is AArch32.
This build option is not compatible with the CTX_INCLUDE_FPREGS - an
assert will be raised on platforms where SVE is implemented and both
ENABLE_SVE_FOR_NS and CTX_INCLUDE_FPREGS are set to 1.
Also note this change prevents secure world use of FP&SIMD registers on
SVE-enabled platforms. Existing Secure-EL1 Payloads will not work on
such platforms unless ENABLE_SVE_FOR_NS is set to 0.
Additionally, on the first entry into the Non-secure world the SVE
functionality is enabled and the SVE Z-register length is set to the
maximum size allowed by the architecture. This includes the use case
where EL2 is implemented but not used.
Change-Id: Ie2d733ddaba0b9bef1d7c9765503155188fe7dae
Signed-off-by: David Cunado <david.cunado@arm.com>
Siva Durga Prasad Paladugu [Thu, 30 Nov 2017 04:51:20 +0000 (10:21 +0530)]
Update Xilinx maintainer details
This patch updates Xilinx maintainers details
as sorenb is no more the maintainer for xilinx
and the email id is invalid now.
Signed-off-by: Siva Durga Prasad Paladugu <sivadur@xilinx.com>