Ying-Chun Liu (PaulLiu) [Tue, 3 Jul 2018 18:32:27 +0000 (02:32 +0800)]
docs: rpi3: fix the size of BL1
For Trusted Board Boot we enlarge the BL1 size from 64k to 128k.
Tested-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Signed-off-by: Ying-Chun Liu (PaulLiu) <paulliu@debian.org>
Ying-Chun Liu (PaulLiu) [Tue, 3 Jul 2018 18:26:48 +0000 (02:26 +0800)]
rpi3: Add support for Trusted Board Boot
This patch adds support for TBB to rpi3. The ROTPK is generated at build
time and is included into BL1/BL2. The key and content certificates are
read over semihosting.
Tested-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Signed-off-by: Ying-Chun Liu (PaulLiu) <paul.liu@linaro.org>
Dimitris Papastamos [Tue, 3 Jul 2018 13:38:01 +0000 (14:38 +0100)]
Merge pull request #1459 from antonio-nino-diaz-arm/an/xlat-refactor
Refactor of the xlat tables v2 library
Dimitris Papastamos [Tue, 3 Jul 2018 13:36:55 +0000 (14:36 +0100)]
Merge pull request #1458 from Andre-ARM/allwinner/fixes
allwinner: various smaller fixes
Dimitris Papastamos [Tue, 3 Jul 2018 13:36:46 +0000 (14:36 +0100)]
Merge pull request #1447 from Amit-Radur/bl32_v1
allwinner: Add BL32 (corresponds to Trusted OS) support
Antonio Nino Diaz [Mon, 2 Jul 2018 08:26:51 +0000 (09:26 +0100)]
xlat v2: Make get/set attrs functions less verbose
It is useful to have LOG_LEVEL_VERBOSE because it prints the memory map
of each image, but that also means that the change_mem_attributes and
get_mem_attributes functions have verbose prints, and generate a too
long text output that hides other useful information.
As they were mostly there for debug purposes, this patch removes them.
Change-Id: I2986537377d1f78be2b79cc8a6cf230c380bdb55
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Antonio Nino Diaz [Wed, 27 Jun 2018 13:59:22 +0000 (14:59 +0100)]
xlat v2: Clean debug xlat tables descriptor print
The previous debug output for EL1&0 translation regimes was too verbose,
which makes it hard to read and hides the intent behind the parameters
assigned to each region. This patch simplifies this output and makes the
outputs for EL3 and EL1&0 mostly the same. The difference is that in
EL1&0 it is specified whether the region is exclusively accessible from
EL1 (PRIV) or both EL0 and EL1 (USER).
For example:
MEM-RW(PRIV)-NOACCESS(USER)-XN(PRIV)-XN(USER)-S
MEM-RO(PRIV)-NOACCESS(USER)-EXEC(PRIV)-EXEC(USER)-S
After the change, it becomes this:
MEM-RW-XN-PRIV-S
MEM-RO-EXEC-PRIV-S
Change-Id: I15f4b99058429d42107fbf89e15f4838a9b559a5
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Antonio Nino Diaz [Tue, 3 Jul 2018 10:58:49 +0000 (11:58 +0100)]
xlat v2: Split code into separate files
Instead of having one big file with all the code, it's better to have
a few smaller files that are more manageable:
- xlat_tables_core.c: Code related to the core functionality of the
library (map and unmap regions, initialize xlat context).
- xlat_tables_context.c: Instantiation of the active image context
as well as APIs to manipulate it.
- xlat_tables_utils.c: Helper code that isn't part of the core
functionality (change attributes, debug print messages).
Change-Id: I3ea956fc1afd7473c0bb5e7c6aab3b2e5d88c711
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Dimitris Papastamos [Mon, 2 Jul 2018 10:39:22 +0000 (11:39 +0100)]
Merge pull request #1456 from robertovargas-arm/make_cert
make_cert: return error when invalid options are used
Dimitris Papastamos [Mon, 2 Jul 2018 10:39:06 +0000 (11:39 +0100)]
Merge pull request #1452 from glneo/fixups-for-k3
Couple of fixups for K3 platform
Andrew F. Davis [Mon, 25 Jun 2018 17:36:25 +0000 (12:36 -0500)]
ti: k3: common: Enable interrupts before entering standby state
To wake a core from wfi interrupts must be enabled, in some cases they
may not be and so we can lock up here. Unconditionally enable interrupts
before wfi and then restore interrupt state.
Signed-off-by: Andrew F. Davis <afd@ti.com>
Andrew F. Davis [Mon, 25 Jun 2018 17:10:53 +0000 (12:10 -0500)]
ti: k3: common: Add root domain node to platform topology
Actions may need to be taken by the last core when all clusters
have been shutdown. Add a top level root domain node to coordinate
this between clusters.
Signed-off-by: Andrew F. Davis <afd@ti.com>
Andre Przywara [Thu, 28 Jun 2018 22:49:39 +0000 (23:49 +0100)]
allwinner: Add Samuel as second maintainer
As Samuel contributed most of the original code and he has an interest
in that, add him as a second maintainer for the Allwinner port.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Andre Przywara [Thu, 21 Jun 2018 23:47:08 +0000 (00:47 +0100)]
allwinner: Detect and output current SoC
So far we already support booting on two different SoCs, and we will
shortly add a third, so add some code to determine the current SoC type.
This can be later used to runtime detect certain properties.
Also print the SoC name to the console, to give valuable debug information.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Andre Przywara [Thu, 21 Jun 2018 23:53:44 +0000 (00:53 +0100)]
allwinner: Don't map boot ROM
There is nothing we need from the BootROM area, so we also don't need
to map it in EL3.
Remove the mapping and reduce the number of MMAP regions by one.
Reported-by: Samuel Holland <samuel@sholland.org>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Andre Przywara [Thu, 21 Jun 2018 23:48:15 +0000 (00:48 +0100)]
allwinner: Relax PSCI entry point check
The DRAM controller supports up to 4GB of DRAM, and there are actually
boards out there where we can use at least 3GB of this.
Relax the PSCI entry point check, to be not restricted to 2GB of DRAM.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Andre Przywara [Thu, 21 Jun 2018 23:28:31 +0000 (00:28 +0100)]
allwinner: security: Fix SPC guard
The "#ifdef SUNXI_SPC_BASE" guard was meant to allow the build on SoCs
without a Secure Peripherals Controller, so that we skip that part of
the security setup. But in the current position this will trigger a
warning about an unused variable.
Simply move the guard one line up to cover the variable as well.
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Andre Przywara [Fri, 22 Jun 2018 00:33:34 +0000 (01:33 +0100)]
allwinner: cpu-ops: avoid PSCI on/off output
The "INFO" output in sunxi_cpu_ops.c is quite verbose, so make this more
obvious by changing the log level to "VERBOSE" and so avoiding it to
be printed in a normal (even debug) build.
Reported-by: Samuel Holland <samuel@sholland.org>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Andre Przywara [Thu, 21 Jun 2018 23:34:16 +0000 (00:34 +0100)]
allwinner: sun50i_a64: remove unneeded VER_REG offset
The relative VER_REG *offset* is the same across all known SoCs, so we
can define this offset near it's user.
Remove it from the memory map.
Reported-by: Samuel Holland <samuel@sholland.org>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Andre Przywara [Thu, 21 Jun 2018 23:33:28 +0000 (00:33 +0100)]
allwinner: doc: add missing paragraphs
Add two empty lines to denote the paragraphs properly and improve
readability.
Reported-by: Samuel Holland <samuel@sholland.org>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Andre Przywara [Thu, 21 Jun 2018 23:32:18 +0000 (00:32 +0100)]
allwinner: common: add missing header
Some code in sunxi_common.c requires symbols defined in sunxi_private.h,
so add the header to that file.
It was included via another header before, but let's make this explicit.
Reported-by: Samuel Holland <samuel@sholland.org>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Amit Singh Tomar [Tue, 19 Jun 2018 19:14:50 +0000 (00:44 +0530)]
allwinner: Add BL32 (corresponds to Trusted OS) support
This patch is an attempt to run Trusted OS (OP-TEE OS being one of them) along
side BL31 image.
ATF supports multiple SPD's that can take dispatcher name (opteed for OP-TEE OS)
as an input using the 'SPD=<dispatcher name>' option during bl31 build.
Signed-off-by: Amit Singh Tomar <amittomer25@gmail.com>
Dimitris Papastamos [Thu, 28 Jun 2018 13:49:33 +0000 (14:49 +0100)]
Merge pull request #1457 from antonio-nino-diaz-arm/an/maintainers
maintainers: Modify format of file
Antonio Nino Diaz [Mon, 25 Jun 2018 18:06:49 +0000 (19:06 +0100)]
maintainers: Modify format of file
The previous format was not very practical and hard to parse by
scripts. The current format is easier as it uses more tokens that can be
identified by scripts, while maintaining a reasonably good result when
it is rendered.
Some maintainers maintain more than one subsystem but they were all
part of the same entry. In cases like this the entry has been split
into two to clarify what file belongs to which subsystem.
The list of maintainers of the Trusted Firmware has been updated.
Change-Id: I4be2d527c5171e8d2d86fb49e45e1d9dbcbd2d80
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Dimitris Papastamos [Wed, 27 Jun 2018 11:59:47 +0000 (12:59 +0100)]
Merge pull request #1429 from jeenu-arm/mmu-direct
Enable MMU without stack for xlat v2/DynamIQ
Jeenu Viswambharan [Fri, 27 Apr 2018 15:28:12 +0000 (16:28 +0100)]
TSP: Enable cache along with MMU
Previously, data caches were disabled while enabling MMU only because of
active stack. Now that we can enable MMU without using stack, we can
enable both MMU and data caches at the same time.
Change-Id: I73f3b8bae5178610e17e9ad06f81f8f6f97734a6
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
Jeenu Viswambharan [Fri, 27 Apr 2018 14:17:03 +0000 (15:17 +0100)]
DynamIQ: Enable MMU without using stack
Having an active stack while enabling MMU has shown coherency problems.
This patch builds on top of translation library changes that introduces
MMU-enabling without using stacks.
Previously, with HW_ASSISTED_COHERENCY, data caches were disabled while
enabling MMU only because of active stack. Now that we can enable MMU
without using stack, we can enable both MMU and data caches at the same
time.
NOTE: Since this feature depends on using translation table library v2,
disallow using translation table library v1 with HW_ASSISTED_COHERENCY.
Fixes ARM-software/tf-issues#566
Change-Id: Ie55aba0c23ee9c5109eb3454cb8fa45d74f8bbb2
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
Jeenu Viswambharan [Fri, 27 Apr 2018 14:06:57 +0000 (15:06 +0100)]
xlat v1: Provide direct MMU-enabling stubs
An earlier patch split MMU-enabling function for translation library v2.
Although we don't intend to introduce the exact same functionality for
xlat v1, this patch introduces stubs for directly enabling MMU to
maintain API-compatibility.
Change-Id: Id7d56e124c80af71de999fcda10f1734b50bca97
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
Jeenu Viswambharan [Fri, 27 Apr 2018 14:06:57 +0000 (15:06 +0100)]
xlat v2: Split MMU setup and enable
At present, the function provided by the translation library to enable
MMU constructs appropriate values for translation library, and programs
them to the right registers. The construction of initial values,
however, is only required once as both the primary and secondaries
program the same values.
Additionally, the MMU-enabling function is written in C, which means
there's an active stack at the time of enabling MMU. On some systems,
like Arm DynamIQ, having active stack while enabling MMU during warm
boot might lead to coherency problems.
This patch addresses both the above problems by:
- Splitting the MMU-enabling function into two: one that sets up
values to be programmed into the registers, and another one that
takes the pre-computed values and writes to the appropriate
registers. With this, the primary effectively calls both functions
to have the MMU enabled, but secondaries only need to call the
latter.
- Rewriting the function that enables MMU in assembly so that it
doesn't use stack.
This patch fixes a bunch of MISRA issues on the way.
Change-Id: I0faca97263a970ffe765f0e731a1417e43fbfc45
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
Dimitris Papastamos [Wed, 27 Jun 2018 08:25:52 +0000 (09:25 +0100)]
Merge pull request #1453 from soby-mathew/sm/set_cntfrq_bl1
ARM platforms: Initialize cntfrq for BL1 Firmware update
Dimitris Papastamos [Wed, 27 Jun 2018 08:25:38 +0000 (09:25 +0100)]
Merge pull request #1455 from antonio-nino-diaz-arm/an/ep-doc
Document ep_info attribute flags
Roberto Vargas [Wed, 27 Jun 2018 07:23:22 +0000 (08:23 +0100)]
make_cert: return error when invalid options are used
Print_help was used in different contexts and returning no
error in that function was hiding the error when incorrect
options were used.
Change-Id: Ic3f71748be7ff8440c9d54810b986e9f177f4439
Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
Antonio Nino Diaz [Tue, 26 Jun 2018 20:42:51 +0000 (21:42 +0100)]
Document ep_info attribute flags
The meaning of them wasn't clear in the header file, it was needed to
search the code for the places where they are used.
Add parentheses to macros in the same header.
Change-Id: I700bc0fd75ccfc0a34f439cb3b2692861bb73b9b
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Soby Mathew [Mon, 11 Jun 2018 15:40:36 +0000 (16:40 +0100)]
ARM platforms: Initialize cntfrq for BL1 Firmware update
Currenly the CNTFRQ register and system timer is initialized in BL31 for
use by the normal world. During firmware update, the NS-BL1 or NS-BL2U
may need to access the system timer. Hence this patch duplicates the
CNTFRQ and system timer initialization in BL1 as well.
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Change-Id: I1ede78b4ae64080fb418cb93f3e48b26d7b724dc
Dimitris Papastamos [Mon, 25 Jun 2018 14:12:47 +0000 (15:12 +0100)]
Merge pull request #1445 from danielboulby-arm/db/DynamicAuthentication
Set FVP DYN_DISABLE_AUTH authentication default to 0
Daniel Boulby [Fri, 22 Jun 2018 15:44:57 +0000 (16:44 +0100)]
Set FVP DYN_DISABLE_AUTH authentication default to 0
Set the ability to dynamically disable Trusted Boot Board
authentication to be off by default
Change-Id: Ibd2aa179179f7d9b0e7731c6e450f200a8c67529
Signed-off-by: Daniel Boulby <daniel.boulby@arm.com>
Dimitris Papastamos [Mon, 25 Jun 2018 12:38:29 +0000 (13:38 +0100)]
Merge pull request #1448 from npoushin/npoushin/sgi575-coverity-fixes
npoushin/sgi575 coverity fixes
Dimitris Papastamos [Mon, 25 Jun 2018 08:32:33 +0000 (09:32 +0100)]
Merge pull request #1446 from masahir0y/uniphier
maintainers.rst: separate maintainership of uniphier and synquacer
Nariman Poushin [Tue, 1 May 2018 12:07:47 +0000 (13:07 +0100)]
plat/arm: css: Sanitize the input to css_validate_power_state
In the case of the platform max power level being less than the system
power level, make sure to not overrun the array of power states.
This fixes Coverity Scan OVERRUN defect CID 267021.
Change-Id: I52646ab9be2fceeb5c331b5dad7a6267991f4197
Signed-off-by: Nariman Poushin <nariman.poushin@linaro.org>
Nariman Poushin [Tue, 1 May 2018 08:28:40 +0000 (09:28 +0100)]
plat/arm: css: Convert CSS_SYSTEM_PWR_STATE from macro to inline function
This is to fix a number of Coverity Scan DEADCODE defects, CID numbers
listed below, as reported from
https://scan.coverity.com/projects/arm-software-arm-trusted-firmware
CID 267023
CID 267022
CID 267020
Change-Id: I2963a799b210149e84ccab5c5b9082267ddfe337
Signed-off-by: Nariman Poushin <nariman.poushin@linaro.org>
Amit Singh Tomar [Tue, 19 Jun 2018 19:14:50 +0000 (00:44 +0530)]
allwinner: Add BL32 (corresponds to Trusted OS) support
This patch is an attempt to run Trusted OS (OP-TEE OS being one of them) along
side BL31 image.
ATF supports multiple SPD's that can take dispatcher name (opteed for OP-TEE OS)
as an input using the 'SPD=<dispatcher name>' option during bl31 build.
Signed-off-by: Amit Singh Tomar <amittomer25@gmail.com>
Masahiro Yamada [Fri, 22 Jun 2018 16:09:51 +0000 (01:09 +0900)]
maintainers.rst: separate maintainership of uniphier and synquacer
Socionext has multiple product lines. The UniPhier is not the only
platform any more. Correct the maintainership.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Dimitris Papastamos [Fri, 22 Jun 2018 14:58:11 +0000 (15:58 +0100)]
Merge pull request #1441 from robertovargas-arm/mem_protect_board
Move mem-protect definitions to board specific files
Dimitris Papastamos [Fri, 22 Jun 2018 14:57:40 +0000 (15:57 +0100)]
Merge pull request #1444 from jts-arm/docs
Fix typos in documentation
Dimitris Papastamos [Fri, 22 Jun 2018 14:56:42 +0000 (15:56 +0100)]
Merge pull request #1406 from robertovargas-arm/uuid
Make TF UUID RFC 4122 compliant
John Tsichritzis [Wed, 6 Jun 2018 08:38:10 +0000 (09:38 +0100)]
Fix typos in documentation
In the porting guide, there are blue boxes that describe the argument
types and the return type of each function. A small typo caused some of
these boxes not being properly rendered.
In the user guide, small typos were fixed that caused random text being
unintentionally rendered as bold. Also, a slight rewording was done in
the section describing the DYN_DISABLE_AUTH flag.
Change-Id: I57303ca609436a82162fa9b42c06b0d5a63da6df
Signed-off-by: John Tsichritzis <john.tsichritzis@arm.com>
Dimitris Papastamos [Fri, 22 Jun 2018 11:42:17 +0000 (12:42 +0100)]
Merge pull request #1443 from jeenu-arm/sdei-fixes
SDEI client EL determination fix
Jeenu Viswambharan [Fri, 22 Jun 2018 11:03:44 +0000 (12:03 +0100)]
SDEI: Fix name of internal function
The function end_sdei_explicit_dispatch() was intended to be
end_sdei_synchronous_dispatch() which does the opposite of
begin_sdei_synchronous_dispatch(). This patch fixes that.
No functional changes.
Change-Id: I141bd91eb342ecf4ddfd05b49513eee4549e7a56
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
Jeenu Viswambharan [Fri, 22 Jun 2018 11:00:20 +0000 (12:00 +0100)]
SDEI: Fix determining client EL
commit
2ccfcb2ea555eb86122e7780010cc50fcee08f54 ("SDEI: Determine client
EL from NS context's SCR_EL3") intended to read from SCR_EL3, but
wrongly read from SPSR_EL3 instead. This patch fixes that.
Change-Id: I8ffea39cc98ef59cb8e7a4c6ef4cb12011c58536
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
Dimitris Papastamos [Fri, 22 Jun 2018 10:38:12 +0000 (11:38 +0100)]
Merge pull request #1442 from jeenu-arm/sdei-dispatch-fix
SDEI: Fix dispatch bug
Jeenu Viswambharan [Fri, 22 Jun 2018 10:21:35 +0000 (11:21 +0100)]
SDEI: Fix dispatch bug
The Commit
cdb6ac94ecb3c4caa784cd4d7580cf6252146196 introduced a bug
because of which the SDEI dispatcher wrongly panic when an SDEI event
dispatched earlier as a result of interrupt. This patch fixes the check
for a bound interrupt.
Change-Id: If55c8f0422ff781731248bbbc9c1b59fa0d3c4b0
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
Dimitris Papastamos [Fri, 22 Jun 2018 08:36:59 +0000 (09:36 +0100)]
Merge pull request #1437 from jeenu-arm/ras-remaining
SDEI dispatch changes to enable RAS use cases
Dimitris Papastamos [Fri, 22 Jun 2018 08:36:45 +0000 (09:36 +0100)]
Merge pull request #1440 from antonio-nino-diaz-arm/an/xlat-enums
xlat: Remove mmap_attr_t enum type
Dimitris Papastamos [Fri, 22 Jun 2018 08:36:15 +0000 (09:36 +0100)]
Merge pull request #1427 from b49020/integration
Add support for Socionext Synquacer SC2A11 SoC based Developerbox platform.
Antonio Nino Diaz [Thu, 21 Jun 2018 13:39:16 +0000 (14:39 +0100)]
xlat: Remove mmap_attr_t enum type
The values defined in this type are used in logical operations, which
goes against MISRA Rule 10.1: "Operands shall not be of an inappropriate
essential type".
Now, `unsigned int` is used instead. This also allows us to move the
dynamic mapping bit from 30 to 31. It was an undefined behaviour in the
past because an enum is signed by default, and bit 31 corresponds to the
sign bit. It is undefined behaviour to modify the sign bit. Now, bit 31
is free to use as it was originally meant to be.
mmap_attr_t is now defined as an `unsigned int` for backwards
compatibility.
Change-Id: I6b31218c14b9c7fdabebe432de7fae6e90a97f34
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Dimitris Papastamos [Thu, 21 Jun 2018 15:34:42 +0000 (16:34 +0100)]
Merge pull request #1436 from antonio-nino-diaz-arm/an/spm-sync
SPM: Allow entering the SP without needing a SMC
Jeenu Viswambharan [Fri, 8 Jun 2018 07:44:36 +0000 (08:44 +0100)]
Arm platforms: Remove common RAS configuration source
The file arm_ras.c intended to provide common platform-specific RAS
configuration for Arm platforms. Because this file has symbol
definitions, it's proving difficult to provide a common definition.
This patch therefore renames and makes the file specific to FVP. Other
platforms shall provide their own configuration in similar fashion.
Change-Id: I766fd238946e3e49cdb659680e1b45f41b237901
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
Jeenu Viswambharan [Fri, 16 Feb 2018 12:07:48 +0000 (12:07 +0000)]
SDEI: Make dispatches synchronous
SDEI event dispatches currently only sets up the Non-secure context
before returning to the caller. The actual dispatch only happens upon
exiting EL3 next time.
However, for various error handling scenarios, it's beneficial to have
the dispatch happen synchronously. I.e. when receiving SDEI interrupt,
or for a successful sdei_dispatch_event() call, the event handler is
executed; and upon the event completion, dispatcher execution resumes
after the point of dispatch. The jump primitives introduced in the
earlier patch facilitates this feature.
With this patch:
- SDEI interrupts and calls to sdei_dispatch_event prepares the NS
context for event dispatch, then sets a jump point, and immediately
exits EL3. This results in the client handler executing in
Non-secure.
- When the SDEI client completes the dispatched event, the SDEI
dispatcher does a longjmp to the jump pointer created earlier. For
the caller of the sdei_dispatch_event() in particular, this would
appear as if call returned successfully.
The dynamic workaround for CVE_2018_3639 is slightly shifted around as
part of related minor refactoring. It doesn't affect the workaround
functionality.
Documentation updated.
NOTE: This breaks the semantics of the explicit dispatch API, and any
exiting usages should be carefully reviewed.
Change-Id: Ib9c876d27ea2af7fb22de49832e55a0da83da3f9
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
Jeenu Viswambharan [Fri, 16 Feb 2018 11:54:24 +0000 (11:54 +0000)]
BL31: Introduce jump primitives
This patch introduces setjmp() and ongjmp() primitives to enable
standard setjmp/longjmp style execution. Both APIs parameters take a
pointer to struct jmpbuf type, which hosts CPU registers saved/restored
during jump.
As per the standard usage:
- setjmp() return 0 when a jump is setup; and a non-zero value when
returning from jump.
- The caller of setjmp() must not return, or otherwise update stack
pointer since.
Change-Id: I4af1d32e490cfa547979631b762b4cba188d0551
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
Jeenu Viswambharan [Thu, 21 Jun 2018 07:47:42 +0000 (08:47 +0100)]
SDEI: Determine client EL from NS context's SCR_EL3
Currently, the dispatcher reads from SCR_EL3 register directly to
determine the EL of SDEI client. This is with the assumption that
SCR_EL3 is not modified throughout. However, with RAS work flows, it's
possible that SCR_EL3 register contains values corresponding to Secure
world, and therefore EL determination can go wrong. To mitigate this,
always read the register from the saved Non-secure context.
Change-Id: Ic85e4021deb18eb58757f676f9a001174998543a
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
Jeenu Viswambharan [Wed, 17 Jan 2018 12:30:11 +0000 (12:30 +0000)]
SDEI: Allow platforms to define explicit events
The current macros only allow to define dynamic and statically-bound
SDEI events. However, there ought be a mechanism to define SDEI events
that are explicitly dispatched; i.e., events that are dispatched as a
result of a previous secure interrupt or other exception
This patch introduces SDEI_EXPLICIT_EVENT() macro to define an explicit
event. They must be placed under private mappings. Only the priority
flags are allowed to be additionally specified.
Documentation updated.
Change-Id: I2e12f5571381195d6234c9dfbd5904608ad41db3
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
Dimitris Papastamos [Thu, 21 Jun 2018 15:03:05 +0000 (16:03 +0100)]
Merge pull request #1439 from dp-arm/dp/bl2_size
fvp: Increase BL2 size for TBBR builds
Dimitris Papastamos [Thu, 21 Jun 2018 14:49:08 +0000 (15:49 +0100)]
fvp: Increase BL2 size for TBBR builds
Change-Id: I67e64bb79cc984ea3263f069e22738a42321c46d
Signed-off-by: Dimitris Papastamos <dimitris.papastamos@arm.com>
Dimitris Papastamos [Thu, 21 Jun 2018 13:35:54 +0000 (14:35 +0100)]
Merge pull request #1428 from jeenu-arm/mbedtls
Move to mbedtls-2.10.0 tag
Dimitris Papastamos [Thu, 21 Jun 2018 12:42:45 +0000 (13:42 +0100)]
Merge pull request #1434 from soby-mathew/sm/fix_cntfrq
ARM Platforms: Update CNTFRQ register in CNTCTLBase frame
Dimitris Papastamos [Thu, 21 Jun 2018 12:35:48 +0000 (13:35 +0100)]
Merge pull request #1435 from antonio-nino-diaz-arm/an/xlat-fix
xlat_v2: Fix descriptor debug print
Dimitris Papastamos [Thu, 21 Jun 2018 11:55:27 +0000 (12:55 +0100)]
Merge pull request #1433 from sivadur/integration
xilinx: fix zynqmp build when tsp is enabled
Antonio Nino Diaz [Thu, 21 Jun 2018 09:52:44 +0000 (10:52 +0100)]
xlat_v2: Fix descriptor debug print
The XN, PXN and UXN bits are part of the upper attributes, not the
lower attributes.
Change-Id: Ia5e83f06f2a8de88b551f55f1d36d694918ccbc0
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Sumit Garg [Thu, 21 Jun 2018 05:58:18 +0000 (11:28 +0530)]
synquacer: Add platform makefile and documentation
Add Makefile and plaform definations file.
My thanks to Daniel Thompson and Ard Biesheuvel for the bits and pieces
I've taken from their earlier work regarding build and deploy steps for
Developerbox based on Synquacer SoCs. They deserve much of the credit
for this work although, since I assembled and tested things, any blame
is probably mine.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Tested-by: Daniel Thompson <daniel.thompson@linaro.org>
Tested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Sumit Garg [Fri, 15 Jun 2018 09:59:02 +0000 (15:29 +0530)]
synquacer: Enable PSCI framework
PSCI framework uses SCPI driver to communicate to SCP firmware for
various power management operations. Following PSCI operations are
supported:
- CPU ON
- CPU OFF
- CPU STANDBY
- SYSTEM RESET
- SYSTEM OFF
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Ard Biesheuvel [Fri, 15 Jun 2018 09:55:42 +0000 (15:25 +0530)]
synquacer: Retrieve DRAM info from SCP firmware
Retrieve DRAM info from SCP firmware using SCPI driver. Board supports
multiple DRAM slots so its required to fetch DRAM info from SCP firmware
and pass this info to UEFI via non-secure SRAM.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Sumit Garg [Fri, 15 Jun 2018 09:50:53 +0000 (15:20 +0530)]
synquacer: Add SCPI driver
Add System Control and Power Interface (SCPI) driver which provides APIs
for PSCI framework to work. SCPI driver uses MHU driver APIs to communicate
with SCP firmware for various system control and power operations.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Sumit Garg [Fri, 15 Jun 2018 09:47:10 +0000 (15:17 +0530)]
synquacer: Add MHU driver
Add Message Handling Unit (MHU) driver used to communicate among
Application Processors (AP) and System Control Processor (SCP).
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Sumit Garg [Fri, 15 Jun 2018 09:40:16 +0000 (15:10 +0530)]
synquacer: Enable MMU using xlat_tables_v2 library
BL31 runs from SRAM which is a non-coherent memory on synquacer. So
enable MMU with SRAM memory marked as Non-Cacheable and mark page tables
kept on SRAM as Non-Cacheable via XLAT_TABLE_NC flag. Also add page tables
for Device address space.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Sumit Garg [Fri, 15 Jun 2018 09:32:31 +0000 (15:02 +0530)]
synquacer: Enable System level Generic timer
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Sumit Garg [Fri, 15 Jun 2018 09:28:25 +0000 (14:58 +0530)]
synquacer: Enable GICv3 support
synquacer uses GICv3 compliant GIC500. So enable proper GICv3 driver
initialization.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Sumit Garg [Fri, 15 Jun 2018 09:20:19 +0000 (14:50 +0530)]
synquacer: Enable CCN driver support
synquacer has CCN-512 interconnect. So enable proper CCN driver
initialization.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Sumit Garg [Fri, 15 Jun 2018 09:13:35 +0000 (14:43 +0530)]
synquacer: Implement topology functions
These functions describe the layout of the cores and clusters in order
to support the PSCI framework.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Sumit Garg [Fri, 15 Jun 2018 09:08:50 +0000 (14:38 +0530)]
synquacer: Populate BL32 and BL33 entrypoints
As this platform supports direct entry to BL31 and no BL2, so
populate BL32 and BL33 entrypoints with static memory load info.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Sumit Garg [Fri, 15 Jun 2018 09:04:42 +0000 (14:34 +0530)]
synquacer: Enable PL011 UART Console
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Sumit Garg [Fri, 15 Jun 2018 08:18:11 +0000 (13:48 +0530)]
synquacer: Add platform core management helpers
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Sumit Garg [Fri, 15 Jun 2018 08:11:59 +0000 (13:41 +0530)]
synquacer: Introduce basic platform support
synquacer supports direct entry to BL31 without BL1 and BL2 as
SCP firmware does similar work. So this patch adds BL31 stub APIs.
Signed-off-by: Sumit Garg <sumit.garg@linaro.org>
Siva Durga Prasad Paladugu [Wed, 20 Jun 2018 11:33:57 +0000 (17:03 +0530)]
plat: xilinx: zynqmp: Get chipid from registers for BL32
This patch reads the chipid registers directly instead of making
pm call when running at BL32. User should ensure that these registers
should always be accessed from APU in their system configuration.
Signed-off-by: Siva Durga Prasad Paladugu <siva.durga.paladugu@xilinx.com>
Siva Durga Prasad Paladugu [Wed, 20 Jun 2018 11:31:13 +0000 (17:01 +0530)]
plat: xilinx: zynqmp: Build for DDR if SPD is enabled
This patch builds ATF to DDR if SPD is enabled as it cant fit in
On chip memory(OCM) with SPD enabled. This solves the issue
of build failure with SPD enabled for ZynqMP platform.
Signed-off-by: Siva Durga Prasad Paladugu <siva.durga.paladugu@xilinx.com>
Dimitris Papastamos [Wed, 20 Jun 2018 15:37:01 +0000 (16:37 +0100)]
Merge pull request #1403 from glneo/for-upstream-k3
TI K3 platform support
Dimitris Papastamos [Wed, 20 Jun 2018 15:36:00 +0000 (16:36 +0100)]
Merge pull request #1421 from Yann-lms/cpp_dtc
Build: add cpp build processing for dtb
Dimitris Papastamos [Wed, 20 Jun 2018 15:34:10 +0000 (16:34 +0100)]
Merge pull request #1413 from grandpaul/paulliu-rpi3-0
rpi3: BL32 optee support
Antonio Nino Diaz [Wed, 20 Jun 2018 11:05:02 +0000 (12:05 +0100)]
SPM: Allow entering the SP without needing a SMC
It may be needed to enter the Secure Partition through other means than
an MM_COMMUNICATE SMC. This patch enables this behaviour by extracting
the necessary code from mm_communicate() and allowing other parts of the
code to use it.
Change-Id: I59f6638d22d9c9d0baff0984f39d056298a8dc8e
Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
Soby Mathew [Mon, 11 Jun 2018 15:21:30 +0000 (16:21 +0100)]
ARM Platforms: Update CNTFRQ register in CNTCTLBase frame
Currently TF-A doesn't initialise CNTFRQ register in CNTCTLBase
frame of the system timer. ARM ARM states that "The instance of
the register in the CNTCTLBase frame must be programmed with this
value as part of system initialization."
The psci_arch_setup() updates the CNTFRQ system register but
according to the ARM ARM, this instance of the register is
independent of the memory mapped instance. This is only an issue
for Normal world software which relies on the memory mapped
instance rather than the system register one.
This patch resolves the issue for ARM platforms.
The patch also solves a related issue on Juno, wherein
CNTBaseN.CNTFRQ can be written and does not reflect the value of
the register in CNTCTLBase frame. Hence this patch additionally
updates CNTFRQ register in the Non Secure frame of the CNTBaseN.
Fixes ARM-Software/tf-issues#593
Change-Id: I09cebb6633688b34d5b1bc349fbde4751025b350
Signed-off-by: Soby Mathew <soby.mathew@arm.com>
Dimitris Papastamos [Wed, 20 Jun 2018 08:50:56 +0000 (09:50 +0100)]
Merge pull request #1423 from chandnich/sgi-575/dyncfg
Sgi 575/dyncfg
Nishanth Menon [Wed, 20 Sep 2017 06:32:13 +0000 (01:32 -0500)]
ti: k3: Introduce basic generic board support
While it would be useful to have a device tree based build, the
required components are not in place yet, so support just a simple
statically defined configuration to begin with.
Signed-off-by: Nishanth Menon <nm@ti.com>
Signed-off-by: Andrew F. Davis <afd@ti.com>
Benjamin Fair [Fri, 14 Oct 2016 01:13:46 +0000 (01:13 +0000)]
ti: k3: common: Add PSCI stubs
These functions are used for the PSCI implementation and are needed to
build BL31, but we cannot implement them until we add several more drivers
related to ti-sci so these are only stubs for now.
Signed-off-by: Nishanth Menon <nm@ti.com>
Signed-off-by: Benjamin Fair <b-fair@ti.com>
Signed-off-by: Andrew F. Davis <afd@ti.com>
Nishanth Menon [Fri, 14 Oct 2016 01:13:49 +0000 (01:13 +0000)]
ti: k3: common: Enable GICv3 support
Do proper initialization of GIC V3. This will allow CP15 access to GIC
from "normal world" (aka HLOS) via mrc/mcr calls.
K3 SoC family uses GICv3 compliant GIC500 without compatibility for
legacy GICv2.
Signed-off-by: Nishanth Menon <nm@ti.com>
Signed-off-by: Benjamin Fair <b-fair@ti.com>
Signed-off-by: Andrew F. Davis <afd@ti.com>
Nishanth Menon [Fri, 14 Oct 2016 01:13:48 +0000 (01:13 +0000)]
ti: k3: common: Program A53 arch timer frequency
Provide K3_TIMER_FREQUENCY for the platform configuration if the GTC
clock is selected statically and override option if the platform has a
different configuration.
Signed-off-by: Nishanth Menon <nm@ti.com>
Signed-off-by: Benjamin Fair <b-fair@ti.com>
Nishanth Menon [Fri, 14 Oct 2016 01:13:44 +0000 (01:13 +0000)]
ti: k3: common: Add console initialization base
Signed-off-by: Nishanth Menon <nm@ti.com>
Signed-off-by: Benjamin Fair <b-fair@ti.com>
Signed-off-by: Andrew F. Davis <afd@ti.com>
Nishanth Menon [Fri, 14 Oct 2016 01:13:45 +0000 (01:13 +0000)]
ti: k3: common: Enable MMU using xlat_tables_v2 library
This library will be used to properly set up mappings from different
bootloaders at different exception levels. It ensures that memory mapped
devices such as UARTs are still accessible and memory regions have the
correct access permissions.
Signed-off-by: Benjamin Fair <b-fair@ti.com>
Signed-off-by: Nishanth Menon <nm@ti.com>
Signed-off-by: Andrew F. Davis <afd@ti.com>
Benjamin Fair [Fri, 14 Oct 2016 01:13:47 +0000 (01:13 +0000)]
ti: k3: common: Implement topology functions
These functions describe the layout of the cores and clusters in order to
support the PSCI framework.
Signed-off-by: Benjamin Fair <b-fair@ti.com>
Signed-off-by: Nishanth Menon <nm@ti.com>
Signed-off-by: Andrew F. Davis <afd@ti.com>
Benjamin Fair [Fri, 14 Oct 2016 01:13:52 +0000 (01:13 +0000)]
ti: k3: common: Populate BL32 and BL33 entrypoint
Because there is no BL2, BL31 must determine the entrypoint and memory
location of BL32 and BL33 on its own.
BL32_BASE and PRELOADED_BL33_BASE will be set in the corresponding board
makefile. We also allow a DTB address to be specified for cases when BL33
is a Linux image.
NOTE: It is possible to pull in this information from device tree as
well, however libfdt does not contain the required hooks to make this
happen at this point in time.
Signed-off-by: Benjamin Fair <b-fair@ti.com>
Signed-off-by: Nishanth Menon <nm@ti.com>
Signed-off-by: Andrew F. Davis <afd@ti.com>
Benjamin Fair [Tue, 18 Oct 2016 19:32:06 +0000 (14:32 -0500)]
ti: k3: common: Add platform core management helpers
The K3 family of SoCs has multiple interconnects. The key interconnect
for high performance processors is the MSMC3 interconnect. This is
an io-coherent interconnect which exports multiple ports for each
processor cluster.
Sometimes, port 0 of the MSMC may not have an ARM cluster OR is isolated
such that the instance of ATF does not manage it. Define macros
in platform_def.h to help handle this.
Signed-off-by: Benjamin Fair <b-fair@ti.com>
Signed-off-by: Nishanth Menon <nm@ti.com>
Signed-off-by: Andrew F. Davis <afd@ti.com>
Nishanth Menon [Fri, 14 Oct 2016 01:13:34 +0000 (01:13 +0000)]
ti: k3: Setup initial files for platform
Create the baseline Makefile, platform definitions file and platform
specific assembly macros file. This includes first set of constants
for the platform including cache sizes and linker format and a stub for
BL31 and the basic memory layout
K3 SoC family of processors do not use require a BL1 or BL2 binary,
since such functions are provided by an system controller on the SoC.
This lowers the burden of ATF to purely managing the local ARM cores
themselves.
Signed-off-by: Benjamin Fair <b-fair@ti.com>
Signed-off-by: Nishanth Menon <nm@ti.com>
Signed-off-by: Andrew F. Davis <afd@ti.com>