andrius
/
arm-trusted-firmware
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
arm-trusted-firmware/include/common/bl_common.h

195 lines
7.0 KiB
C
Raw Permalink Normal View History

ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
/*
feat(spmc/lsp): add logical partition framework Introduce a framework to support running logical partitions alongside the SPMC in EL3 as per the v1.1 FF-A spec. The DECLARE_LOGICAL_PARTITION macro has been added to simplify the process to define a Logical Partition. The partitions themselves are statically allocated with the descriptors placed in RO memory. It is assumed that the MAX_EL3_LP_DESCS_COUNT will be defined by the platform. Change-Id: I1c2523e0ad2d9c5d36aeeef6b8bcb1e80db7c443 Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
2022-02-14 17:06:09 +00:00
* Copyright (c) 2013-2022, ARM Limited and Contributors. All rights reserved.
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
*
Use SPDX license identifiers To make software license auditing simpler, use SPDX[0] license identifiers instead of duplicating the license text in every file. NOTE: Files that have been imported by FreeBSD have not been modified. [0]: https://spdx.org/ Change-Id: I80a00e1f641b8cc075ca5a95b10607ed9ed8761a Signed-off-by: dp-arm <dimitris.papastamos@arm.com>
2017-05-03 09:38:09 +01:00
* SPDX-License-Identifier: BSD-3-Clause
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
*/
Standardise header guards across codebase All identifiers, regardless of use, that start with two underscores are reserved. This means they can't be used in header guards. The style that this project is now to use the full name of the file in capital letters followed by 'H'. For example, for a file called "uart_example.h", the header guard is UART_EXAMPLE_H. The exceptions are files that are imported from other projects: - CryptoCell driver - dt-bindings folders - zlib headers Change-Id: I50561bf6c88b491ec440d0c8385c74650f3c106e Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-11-08 10:20:19 +00:00
#ifndef BL_COMMON_H
#define BL_COMMON_H
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
Sanitise includes across codebase Enforce full include path for includes. Deprecate old paths. The following folders inside include/lib have been left unchanged: - include/lib/cpus/${ARCH} - include/lib/el3_runtime/${ARCH} The reason for this change is that having a global namespace for includes isn't a good idea. It defeats one of the advantages of having folders and it introduces problems that are sometimes subtle (because you may not know the header you are actually including if there are two of them). For example, this patch had to be created because two headers were called the same way: e0ea0928d5b7 ("Fix gpio includes of mt8173 platform to avoid collision."). More recently, this patch has had similar problems: 46f9b2c3a282 ("drivers: add tzc380 support"). This problem was introduced in commit 4ecca33988b9 ("Move include and source files to logical locations"). At that time, there weren't too many headers so it wasn't a real issue. However, time has shown that this creates problems. Platforms that want to preserve the way they include headers may add the removed paths to PLAT_INCLUDES, but this is discouraged. Change-Id: I39dc53ed98f9e297a5966e723d1936d6ccf2fc8f Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-12-14 00:18:21 +00:00
#include <common/ep_info.h>
#include <common/param_header.h>
#include <lib/utils_def.h>
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
Replace __ASSEMBLY__ with compiler-builtin __ASSEMBLER__ NOTE: __ASSEMBLY__ macro is now deprecated in favor of __ASSEMBLER__. All common C compilers predefine a macro called __ASSEMBLER__ when preprocessing a .S file. There is no reason for TF-A to define it's own __ASSEMBLY__ macro for this purpose instead. To unify code with the export headers (which use __ASSEMBLER__ to avoid one extra dependency), let's deprecate __ASSEMBLY__ and switch the code base over to the predefined standard. Change-Id: Id7d0ec8cf330195da80499c68562b65cb5ab7417 Signed-off-by: Julius Werner <jwerner@chromium.org>
2019-07-09 21:49:11 +01:00
#ifndef __ASSEMBLER__
Factor out cross-BL API into export headers suitable for 3rd party code This patch adds a new include/export/ directory meant for inclusion in third-party code. This is useful for cases where third-party code needs to interact with TF-A interfaces and data structures (such as a custom BL2-implementation like coreboot handing off to BL31). Directly including headers from the TF-A repository avoids having to duplicate all these definitions (and risk them going stale), but with the current header structure this is not possible because handoff API definitions are too deeply intertwined with other TF code/headers and chain-include other headers that will not be available in the other environment. The new approach aims to solve this by separating only the parts that are really needed into these special headers that are self-contained and will not chain-include other (non-export) headers. TF-A code should never include them directly but should instead always include the respective wrapper header, which will include the required prerequisites (like <stdint.h>) before including the export header. Third-party code can include the export headers via its own wrappers that make sure the necessary definitions are available in whatever way that environment can provide them. Change-Id: Ifd769320ba51371439a8e5dd5b79c2516c3b43ab Signed-off-by: Julius Werner <jwerner@chromium.org>
2019-05-29 05:03:58 +01:00
#include <stddef.h>
#include <stdint.h>
#include <lib/cassert.h>
Replace __ASSEMBLY__ with compiler-builtin __ASSEMBLER__ NOTE: __ASSEMBLY__ macro is now deprecated in favor of __ASSEMBLER__. All common C compilers predefine a macro called __ASSEMBLER__ when preprocessing a .S file. There is no reason for TF-A to define it's own __ASSEMBLY__ macro for this purpose instead. To unify code with the export headers (which use __ASSEMBLER__ to avoid one extra dependency), let's deprecate __ASSEMBLY__ and switch the code base over to the predefined standard. Change-Id: Id7d0ec8cf330195da80499c68562b65cb5ab7417 Signed-off-by: Julius Werner <jwerner@chromium.org>
2019-07-09 21:49:11 +01:00
#endif /* __ASSEMBLER__ */
Factor out cross-BL API into export headers suitable for 3rd party code This patch adds a new include/export/ directory meant for inclusion in third-party code. This is useful for cases where third-party code needs to interact with TF-A interfaces and data structures (such as a custom BL2-implementation like coreboot handing off to BL31). Directly including headers from the TF-A repository avoids having to duplicate all these definitions (and risk them going stale), but with the current header structure this is not possible because handoff API definitions are too deeply intertwined with other TF code/headers and chain-include other headers that will not be available in the other environment. The new approach aims to solve this by separating only the parts that are really needed into these special headers that are self-contained and will not chain-include other (non-export) headers. TF-A code should never include them directly but should instead always include the respective wrapper header, which will include the required prerequisites (like <stdint.h>) before including the export header. Third-party code can include the export headers via its own wrappers that make sure the necessary definitions are available in whatever way that environment can provide them. Change-Id: Ifd769320ba51371439a8e5dd5b79c2516c3b43ab Signed-off-by: Julius Werner <jwerner@chromium.org>
2019-05-29 05:03:58 +01:00
#include <export/common/bl_common_exp.h>
Remove some MISRA defects in common code No functional changes. Change-Id: I9638e02acb9b22eb794ebf45aad84348a710287e Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-10-04 09:55:23 +01:00
#define UP U(1)
#define DOWN U(0)
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
/*******************************************************************************
Remove concept of top/bottom image loading This concept is no longer required since we now support loading of images at fixed addresses only. The image loader now automatically detects the position of the image inside the current memory layout and updates the layout such that memory fragmentation is minimised. The 'attr' field of the meminfo data structure, which used to hold the bottom/top loading information, has been removed. Also the 'next' field has been removed as it wasn't used anywhere. The 'init_bl2_mem_layout()' function has been moved out of common code and put in BL1-specific code. It has also been renamed into 'bl1_init_bl2_mem_layout'. Fixes ARM-software/tf-issues#109 Change-Id: I3f54642ce7b763d5ee3b047ad0ab59eabbcf916d
2014-06-24 14:02:34 +01:00
* Constants to identify the location of a memory region in a given memory
* layout.
******************************************************************************/
Remove some MISRA defects in common code No functional changes. Change-Id: I9638e02acb9b22eb794ebf45aad84348a710287e Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-10-04 09:55:23 +01:00
#define TOP U(0x1)
#define BOTTOM U(0x0)
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
Move context management code to common location The upcoming Firmware Update feature needs transitioning across Secure/Normal worlds to complete the FWU process and hence requires context management code to perform this task. Currently context management code is part of BL31 stage only. This patch moves the code from (include)/bl31 to (include)/common. Some function declarations/definitions and macros have also moved to different files to help code sharing. Change-Id: I3858b08aecdb76d390765ab2b099f457873f7b0c
2015-10-02 17:56:48 +01:00
/*******************************************************************************
* Constants to indicate type of exception to the common exception handler.
******************************************************************************/
Remove some MISRA defects in common code No functional changes. Change-Id: I9638e02acb9b22eb794ebf45aad84348a710287e Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-10-04 09:55:23 +01:00
#define SYNC_EXCEPTION_SP_EL0 U(0x0)
#define IRQ_SP_EL0 U(0x1)
#define FIQ_SP_EL0 U(0x2)
#define SERROR_SP_EL0 U(0x3)
#define SYNC_EXCEPTION_SP_ELX U(0x4)
#define IRQ_SP_ELX U(0x5)
#define FIQ_SP_ELX U(0x6)
#define SERROR_SP_ELX U(0x7)
#define SYNC_EXCEPTION_AARCH64 U(0x8)
#define IRQ_AARCH64 U(0x9)
#define FIQ_AARCH64 U(0xa)
#define SERROR_AARCH64 U(0xb)
#define SYNC_EXCEPTION_AARCH32 U(0xc)
#define IRQ_AARCH32 U(0xd)
#define FIQ_AARCH32 U(0xe)
#define SERROR_AARCH32 U(0xf)
Move context management code to common location The upcoming Firmware Update feature needs transitioning across Secure/Normal worlds to complete the FWU process and hence requires context management code to perform this task. Currently context management code is part of BL31 stage only. This patch moves the code from (include)/bl31 to (include)/common. Some function declarations/definitions and macros have also moved to different files to help code sharing. Change-Id: I3858b08aecdb76d390765ab2b099f457873f7b0c
2015-10-02 17:56:48 +01:00
Tegra: Support for scatterfile for the BL31 image This patch provides support for using the scatterfile format as the linker script with the 'armlink' linker for Tegra platforms. In order to enable the scatterfile usage the following changes have been made: * provide mapping for ld.S symbols in bl_common.h * include bl_common.h from all the affected files * update the makefile rules to use the scatterfile and armlink to compile BL31 * update pubsub.h to add sections to the scatterfile NOTE: THIS CHANGE HAS BEEN VERIFIED WITH TEGRA PLATFORMS ONLY. Change-Id: I7bb78b991c97d74a842e5635c74cb0b18e0fce67 Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
2019-01-11 22:47:48 +00:00
/*
* Mapping to connect linker symbols from .ld.S with their counterparts
* from .scat for the BL31 image
*/
#if defined(USE_ARM_LINK)
#define __BL31_END__ Load$$LR$$LR_END$$Base
#define __BSS_START__ Load$$LR$$LR_BSS$$Base
#define __BSS_END__ Load$$LR$$LR_BSS$$Limit
#define __BSS_SIZE__ Load$$LR$$LR_BSS$$Length
#define __COHERENT_RAM_START__ Load$$LR$$LR_COHERENT_RAM$$Base
#define __COHERENT_RAM_END_UNALIGNED__ Load$$__COHERENT_RAM_EPILOGUE_UNALIGNED__$$Base
#define __COHERENT_RAM_END__ Load$$LR$$LR_COHERENT_RAM$$Limit
#define __COHERENT_RAM_UNALIGNED_SIZE__ Load$$__COHERENT_RAM__$$Length
#define __CPU_OPS_START__ Load$$__CPU_OPS__$$Base
#define __CPU_OPS_END__ Load$$__CPU_OPS__$$Limit
#define __DATA_START__ Load$$__DATA__$$Base
#define __DATA_END__ Load$$__DATA__$$Limit
#define __GOT_START__ Load$$__GOT__$$Base
#define __GOT_END__ Load$$__GOT__$$Limit
#define __PERCPU_BAKERY_LOCK_START__ Load$$__BAKERY_LOCKS__$$Base
#define __PERCPU_BAKERY_LOCK_END__ Load$$__BAKERY_LOCKS_EPILOGUE__$$Base
#define __PMF_SVC_DESCS_START__ Load$$__PMF_SVC_DESCS__$$Base
#define __PMF_SVC_DESCS_END__ Load$$__PMF_SVC_DESCS__$$Limit
#define __PMF_TIMESTAMP_START__ Load$$__PMF_TIMESTAMP__$$Base
#define __PMF_TIMESTAMP_END__ Load$$__PER_CPU_TIMESTAMPS__$$Limit
#define __PMF_PERCPU_TIMESTAMP_END__ Load$$__PMF_TIMESTAMP_EPILOGUE__$$Base
#define __RELA_END__ Load$$__RELA__$$Limit
#define __RELA_START__ Load$$__RELA__$$Base
#define __RODATA_START__ Load$$__RODATA__$$Base
#define __RODATA_END__ Load$$__RODATA_EPILOGUE__$$Base
#define __RT_SVC_DESCS_START__ Load$$__RT_SVC_DESCS__$$Base
#define __RT_SVC_DESCS_END__ Load$$__RT_SVC_DESCS__$$Limit
feat(spmc/lsp): add logical partition framework Introduce a framework to support running logical partitions alongside the SPMC in EL3 as per the v1.1 FF-A spec. The DECLARE_LOGICAL_PARTITION macro has been added to simplify the process to define a Logical Partition. The partitions themselves are statically allocated with the descriptors placed in RO memory. It is assumed that the MAX_EL3_LP_DESCS_COUNT will be defined by the platform. Change-Id: I1c2523e0ad2d9c5d36aeeef6b8bcb1e80db7c443 Signed-off-by: Marc Bonnici <marc.bonnici@arm.com>
2022-02-14 17:06:09 +00:00
#if SPMC_AT_EL3
#define __EL3_LP_DESCS_START__ Load$$__EL3_LP_DESCS__$$Base
#define __EL3_LP_DESCS_END__ Load$$__EL3_LP_DESCS__$$Limit
#endif
Tegra: Support for scatterfile for the BL31 image This patch provides support for using the scatterfile format as the linker script with the 'armlink' linker for Tegra platforms. In order to enable the scatterfile usage the following changes have been made: * provide mapping for ld.S symbols in bl_common.h * include bl_common.h from all the affected files * update the makefile rules to use the scatterfile and armlink to compile BL31 * update pubsub.h to add sections to the scatterfile NOTE: THIS CHANGE HAS BEEN VERIFIED WITH TEGRA PLATFORMS ONLY. Change-Id: I7bb78b991c97d74a842e5635c74cb0b18e0fce67 Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
2019-01-11 22:47:48 +00:00
#define __RW_START__ Load$$LR$$LR_RW_DATA$$Base
#define __RW_END__ Load$$LR$$LR_END$$Base
#define __SPM_SHIM_EXCEPTIONS_START__ Load$$__SPM_SHIM_EXCEPTIONS__$$Base
#define __SPM_SHIM_EXCEPTIONS_END__ Load$$__SPM_SHIM_EXCEPTIONS_EPILOGUE__$$Base
#define __STACKS_START__ Load$$__STACKS__$$Base
#define __STACKS_END__ Load$$__STACKS__$$Limit
#define __TEXT_START__ Load$$__TEXT__$$Base
#define __TEXT_END__ Load$$__TEXT_EPILOGUE__$$Base
#endif /* USE_ARM_LINK */
Replace __ASSEMBLY__ with compiler-builtin __ASSEMBLER__ NOTE: __ASSEMBLY__ macro is now deprecated in favor of __ASSEMBLER__. All common C compilers predefine a macro called __ASSEMBLER__ when preprocessing a .S file. There is no reason for TF-A to define it's own __ASSEMBLY__ macro for this purpose instead. To unify code with the export headers (which use __ASSEMBLER__ to avoid one extra dependency), let's deprecate __ASSEMBLY__ and switch the code base over to the predefined standard. Change-Id: Id7d0ec8cf330195da80499c68562b65cb5ab7417 Signed-off-by: Julius Werner <jwerner@chromium.org>
2019-07-09 21:49:11 +01:00
#ifndef __ASSEMBLER__
Sanitise includes across codebase Enforce full include path for includes. Deprecate old paths. The following folders inside include/lib have been left unchanged: - include/lib/cpus/${ARCH} - include/lib/el3_runtime/${ARCH} The reason for this change is that having a global namespace for includes isn't a good idea. It defeats one of the advantages of having folders and it introduces problems that are sometimes subtle (because you may not know the header you are actually including if there are two of them). For example, this patch had to be created because two headers were called the same way: e0ea0928d5b7 ("Fix gpio includes of mt8173 platform to avoid collision."). More recently, this patch has had similar problems: 46f9b2c3a282 ("drivers: add tzc380 support"). This problem was introduced in commit 4ecca33988b9 ("Move include and source files to logical locations"). At that time, there weren't too many headers so it wasn't a real issue. However, time has shown that this creates problems. Platforms that want to preserve the way they include headers may add the removed paths to PLAT_INCLUDES, but this is discouraged. Change-Id: I39dc53ed98f9e297a5966e723d1936d6ccf2fc8f Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-12-14 00:18:21 +00:00
Add linker symbol declarations to bl_common.h Add extern declarations of linker symbols to bl_common.h. These are used by platform ports to determine the memory layout of BL images. Adding the declarations to this file facilitates removal of these declarations from the platform porting source files in subsequent patches. Also remove the linker symbol declarations from common TSP source code. Change-Id: I8ed0426bc815317c4536b588e4e78bc15b4fe91c
2015-04-27 11:49:22 +01:00
/*
* Declarations of linker defined symbols to help determine memory layout of
* BL images
*/
Introduce SEPARATE_CODE_AND_RODATA build flag At the moment, all BL images share a similar memory layout: they start with their code section, followed by their read-only data section. The two sections are contiguous in memory. Therefore, the end of the code section and the beginning of the read-only data one might share a memory page. This forces both to be mapped with the same memory attributes. As the code needs to be executable, this means that the read-only data stored on the same memory page as the code are executable as well. This could potentially be exploited as part of a security attack. This patch introduces a new build flag called SEPARATE_CODE_AND_RODATA, which isolates the code and read-only data on separate memory pages. This in turn allows independent control of the access permissions for the code and read-only data. This has an impact on memory footprint, as padding bytes need to be introduced between the code and read-only data to ensure the segragation of the two. To limit the memory cost, the memory layout of the read-only section has been changed in this case. - When SEPARATE_CODE_AND_RODATA=0, the layout is unchanged, i.e. the read-only section still looks like this (padding omitted): | ... | +-------------------+ | Exception vectors | +-------------------+ | Read-only data | +-------------------+ | Code | +-------------------+ BLx_BASE In this case, the linker script provides the limits of the whole read-only section. - When SEPARATE_CODE_AND_RODATA=1, the exception vectors and read-only data are swapped, such that the code and exception vectors are contiguous, followed by the read-only data. This gives the following new layout (padding omitted): | ... | +-------------------+ | Read-only data | +-------------------+ | Exception vectors | +-------------------+ | Code | +-------------------+ BLx_BASE In this case, the linker script now exports 2 sets of addresses instead: the limits of the code and the limits of the read-only data. Refer to the Firmware Design guide for more details. This provides platform code with a finer-grained view of the image layout and allows it to map these 2 regions with the appropriate access permissions. Note that SEPARATE_CODE_AND_RODATA applies to all BL images. Change-Id: I936cf80164f6b66b6ad52b8edacadc532c935a49
2016-07-08 14:37:40 +01:00
#if SEPARATE_CODE_AND_RODATA
Remove duplicated definitions of linker symbols Many parts of the code were duplicating symbols that are defined in include/common/bl_common.h. It is better to only use the definitions in this header. As all the symbols refer to virtual addresses, they have to be uintptr_t, not unsigned long. This has also been fixed in bl_common.h. Change-Id: I204081af78326ced03fb05f69846f229d324c711 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2019-01-25 13:28:38 +00:00
IMPORT_SYM(uintptr_t, __TEXT_START__, BL_CODE_BASE);
IMPORT_SYM(uintptr_t, __TEXT_END__, BL_CODE_END);
IMPORT_SYM(uintptr_t, __RODATA_START__, BL_RO_DATA_BASE);
IMPORT_SYM(uintptr_t, __RODATA_END__, BL_RO_DATA_END);
Introduce SEPARATE_CODE_AND_RODATA build flag At the moment, all BL images share a similar memory layout: they start with their code section, followed by their read-only data section. The two sections are contiguous in memory. Therefore, the end of the code section and the beginning of the read-only data one might share a memory page. This forces both to be mapped with the same memory attributes. As the code needs to be executable, this means that the read-only data stored on the same memory page as the code are executable as well. This could potentially be exploited as part of a security attack. This patch introduces a new build flag called SEPARATE_CODE_AND_RODATA, which isolates the code and read-only data on separate memory pages. This in turn allows independent control of the access permissions for the code and read-only data. This has an impact on memory footprint, as padding bytes need to be introduced between the code and read-only data to ensure the segragation of the two. To limit the memory cost, the memory layout of the read-only section has been changed in this case. - When SEPARATE_CODE_AND_RODATA=0, the layout is unchanged, i.e. the read-only section still looks like this (padding omitted): | ... | +-------------------+ | Exception vectors | +-------------------+ | Read-only data | +-------------------+ | Code | +-------------------+ BLx_BASE In this case, the linker script provides the limits of the whole read-only section. - When SEPARATE_CODE_AND_RODATA=1, the exception vectors and read-only data are swapped, such that the code and exception vectors are contiguous, followed by the read-only data. This gives the following new layout (padding omitted): | ... | +-------------------+ | Read-only data | +-------------------+ | Exception vectors | +-------------------+ | Code | +-------------------+ BLx_BASE In this case, the linker script now exports 2 sets of addresses instead: the limits of the code and the limits of the read-only data. Refer to the Firmware Design guide for more details. This provides platform code with a finer-grained view of the image layout and allows it to map these 2 regions with the appropriate access permissions. Note that SEPARATE_CODE_AND_RODATA applies to all BL images. Change-Id: I936cf80164f6b66b6ad52b8edacadc532c935a49
2016-07-08 14:37:40 +01:00
#else
Remove duplicated definitions of linker symbols Many parts of the code were duplicating symbols that are defined in include/common/bl_common.h. It is better to only use the definitions in this header. As all the symbols refer to virtual addresses, they have to be uintptr_t, not unsigned long. This has also been fixed in bl_common.h. Change-Id: I204081af78326ced03fb05f69846f229d324c711 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2019-01-25 13:28:38 +00:00
IMPORT_SYM(uintptr_t, __RO_START__, BL_CODE_BASE);
IMPORT_SYM(uintptr_t, __RO_END__, BL_CODE_END);
Introduce SEPARATE_CODE_AND_RODATA build flag At the moment, all BL images share a similar memory layout: they start with their code section, followed by their read-only data section. The two sections are contiguous in memory. Therefore, the end of the code section and the beginning of the read-only data one might share a memory page. This forces both to be mapped with the same memory attributes. As the code needs to be executable, this means that the read-only data stored on the same memory page as the code are executable as well. This could potentially be exploited as part of a security attack. This patch introduces a new build flag called SEPARATE_CODE_AND_RODATA, which isolates the code and read-only data on separate memory pages. This in turn allows independent control of the access permissions for the code and read-only data. This has an impact on memory footprint, as padding bytes need to be introduced between the code and read-only data to ensure the segragation of the two. To limit the memory cost, the memory layout of the read-only section has been changed in this case. - When SEPARATE_CODE_AND_RODATA=0, the layout is unchanged, i.e. the read-only section still looks like this (padding omitted): | ... | +-------------------+ | Exception vectors | +-------------------+ | Read-only data | +-------------------+ | Code | +-------------------+ BLx_BASE In this case, the linker script provides the limits of the whole read-only section. - When SEPARATE_CODE_AND_RODATA=1, the exception vectors and read-only data are swapped, such that the code and exception vectors are contiguous, followed by the read-only data. This gives the following new layout (padding omitted): | ... | +-------------------+ | Read-only data | +-------------------+ | Exception vectors | +-------------------+ | Code | +-------------------+ BLx_BASE In this case, the linker script now exports 2 sets of addresses instead: the limits of the code and the limits of the read-only data. Refer to the Firmware Design guide for more details. This provides platform code with a finer-grained view of the image layout and allows it to map these 2 regions with the appropriate access permissions. Note that SEPARATE_CODE_AND_RODATA applies to all BL images. Change-Id: I936cf80164f6b66b6ad52b8edacadc532c935a49
2016-07-08 14:37:40 +01:00
#endif
feat(bl_common): import BL_NOBITS_{BASE,END} when defined If SEPARATE_NOBITS_REGION is enabled, the platform may need to map memory specifically for that region. Import the symbols from the linker script to allow the platform to do so. Signed-off-by: Samuel Holland <samuel@sholland.org> Change-Id: Iaec4dee94a6735b22f58f7b61f18d53e7bc6ca8d
2020-12-14 02:42:22 +00:00
#if SEPARATE_NOBITS_REGION
IMPORT_SYM(uintptr_t, __NOBITS_START__, BL_NOBITS_BASE);
IMPORT_SYM(uintptr_t, __NOBITS_END__, BL_NOBITS_END);
#endif
bl_common: add BL_END macro Currently, the end address macros are defined per BL, like BL2_END, BL31_END, BL32_END. They are not handy in the common code shared between multiple BL stages. This commit introduces BL_END, which is equivalent to BL{2,31,32}_END, and will be useful for the BL-common code. Change-Id: I3c39bf6096d99ce920a5b9fa21c0f65456fbfe8a Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2020-01-17 04:45:47 +00:00
IMPORT_SYM(uintptr_t, __RW_END__, BL_END);
Introduce SEPARATE_CODE_AND_RODATA build flag At the moment, all BL images share a similar memory layout: they start with their code section, followed by their read-only data section. The two sections are contiguous in memory. Therefore, the end of the code section and the beginning of the read-only data one might share a memory page. This forces both to be mapped with the same memory attributes. As the code needs to be executable, this means that the read-only data stored on the same memory page as the code are executable as well. This could potentially be exploited as part of a security attack. This patch introduces a new build flag called SEPARATE_CODE_AND_RODATA, which isolates the code and read-only data on separate memory pages. This in turn allows independent control of the access permissions for the code and read-only data. This has an impact on memory footprint, as padding bytes need to be introduced between the code and read-only data to ensure the segragation of the two. To limit the memory cost, the memory layout of the read-only section has been changed in this case. - When SEPARATE_CODE_AND_RODATA=0, the layout is unchanged, i.e. the read-only section still looks like this (padding omitted): | ... | +-------------------+ | Exception vectors | +-------------------+ | Read-only data | +-------------------+ | Code | +-------------------+ BLx_BASE In this case, the linker script provides the limits of the whole read-only section. - When SEPARATE_CODE_AND_RODATA=1, the exception vectors and read-only data are swapped, such that the code and exception vectors are contiguous, followed by the read-only data. This gives the following new layout (padding omitted): | ... | +-------------------+ | Read-only data | +-------------------+ | Exception vectors | +-------------------+ | Code | +-------------------+ BLx_BASE In this case, the linker script now exports 2 sets of addresses instead: the limits of the code and the limits of the read-only data. Refer to the Firmware Design guide for more details. This provides platform code with a finer-grained view of the image layout and allows it to map these 2 regions with the appropriate access permissions. Note that SEPARATE_CODE_AND_RODATA applies to all BL images. Change-Id: I936cf80164f6b66b6ad52b8edacadc532c935a49
2016-07-08 14:37:40 +01:00
Move BL1 and BL2 private defines to bl_common.h The definitions in bl1/bl1_private.h and bl2/bl2_private.h are useful for platforms that may need to access them. Change-Id: Ifd1880f855ddafcb3bfcaf1ed4a4e0f121eda174 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-12-18 13:49:46 +00:00
#if defined(IMAGE_BL1)
Remove duplicated definitions of linker symbols Many parts of the code were duplicating symbols that are defined in include/common/bl_common.h. It is better to only use the definitions in this header. As all the symbols refer to virtual addresses, they have to be uintptr_t, not unsigned long. This has also been fixed in bl_common.h. Change-Id: I204081af78326ced03fb05f69846f229d324c711 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2019-01-25 13:28:38 +00:00
IMPORT_SYM(uintptr_t, __BL1_ROM_END__, BL1_ROM_END);
Move BL1 and BL2 private defines to bl_common.h The definitions in bl1/bl1_private.h and bl2/bl2_private.h are useful for platforms that may need to access them. Change-Id: Ifd1880f855ddafcb3bfcaf1ed4a4e0f121eda174 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-12-18 13:49:46 +00:00
Remove duplicated definitions of linker symbols Many parts of the code were duplicating symbols that are defined in include/common/bl_common.h. It is better to only use the definitions in this header. As all the symbols refer to virtual addresses, they have to be uintptr_t, not unsigned long. This has also been fixed in bl_common.h. Change-Id: I204081af78326ced03fb05f69846f229d324c711 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2019-01-25 13:28:38 +00:00
IMPORT_SYM(uintptr_t, __BL1_RAM_START__, BL1_RAM_BASE);
IMPORT_SYM(uintptr_t, __BL1_RAM_END__, BL1_RAM_LIMIT);
Move BL1 and BL2 private defines to bl_common.h The definitions in bl1/bl1_private.h and bl2/bl2_private.h are useful for platforms that may need to access them. Change-Id: Ifd1880f855ddafcb3bfcaf1ed4a4e0f121eda174 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-12-18 13:49:46 +00:00
#elif defined(IMAGE_BL2)
Remove duplicated definitions of linker symbols Many parts of the code were duplicating symbols that are defined in include/common/bl_common.h. It is better to only use the definitions in this header. As all the symbols refer to virtual addresses, they have to be uintptr_t, not unsigned long. This has also been fixed in bl_common.h. Change-Id: I204081af78326ced03fb05f69846f229d324c711 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2019-01-25 13:28:38 +00:00
IMPORT_SYM(uintptr_t, __BL2_END__, BL2_END);
Use #ifdef for IMAGE_BL* instead of #if One nasty part of ATF is some of boolean macros are always defined as 1 or 0, and the rest of them are only defined under certain conditions. For the former group, "#if FOO" or "#if !FOO" must be used because "#ifdef FOO" is always true. (Options passed by $(call add_define,) are the cases.) For the latter, "#ifdef FOO" or "#ifndef FOO" should be used because checking the value of an undefined macro is strange. Here, IMAGE_BL* is handled by make_helpers/build_macro.mk like follows: $(eval IMAGE := IMAGE_BL$(call uppercase,$(3))) $(OBJ): $(2) @echo " CC $$<" $$(Q)$$(CC) $$(TF_CFLAGS) $$(CFLAGS) -D$(IMAGE) -c $$< -o $$@ This means, IMAGE_BL* is defined when building the corresponding image, but *undefined* for the other images. So, IMAGE_BL* belongs to the latter group where we should use #ifdef or #ifndef. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2016-12-25 14:36:24 +00:00
#elif defined(IMAGE_BL2U)
Remove duplicated definitions of linker symbols Many parts of the code were duplicating symbols that are defined in include/common/bl_common.h. It is better to only use the definitions in this header. As all the symbols refer to virtual addresses, they have to be uintptr_t, not unsigned long. This has also been fixed in bl_common.h. Change-Id: I204081af78326ced03fb05f69846f229d324c711 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2019-01-25 13:28:38 +00:00
IMPORT_SYM(uintptr_t, __BL2U_END__, BL2U_END);
Use #ifdef for IMAGE_BL* instead of #if One nasty part of ATF is some of boolean macros are always defined as 1 or 0, and the rest of them are only defined under certain conditions. For the former group, "#if FOO" or "#if !FOO" must be used because "#ifdef FOO" is always true. (Options passed by $(call add_define,) are the cases.) For the latter, "#ifdef FOO" or "#ifndef FOO" should be used because checking the value of an undefined macro is strange. Here, IMAGE_BL* is handled by make_helpers/build_macro.mk like follows: $(eval IMAGE := IMAGE_BL$(call uppercase,$(3))) $(OBJ): $(2) @echo " CC $$<" $$(Q)$$(CC) $$(TF_CFLAGS) $$(CFLAGS) -D$(IMAGE) -c $$< -o $$@ This means, IMAGE_BL* is defined when building the corresponding image, but *undefined* for the other images. So, IMAGE_BL* belongs to the latter group where we should use #ifdef or #ifndef. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2016-12-25 14:36:24 +00:00
#elif defined(IMAGE_BL31)
Remove duplicated definitions of linker symbols Many parts of the code were duplicating symbols that are defined in include/common/bl_common.h. It is better to only use the definitions in this header. As all the symbols refer to virtual addresses, they have to be uintptr_t, not unsigned long. This has also been fixed in bl_common.h. Change-Id: I204081af78326ced03fb05f69846f229d324c711 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2019-01-25 13:28:38 +00:00
IMPORT_SYM(uintptr_t, __BL31_START__, BL31_START);
IMPORT_SYM(uintptr_t, __BL31_END__, BL31_END);
Use #ifdef for IMAGE_BL* instead of #if One nasty part of ATF is some of boolean macros are always defined as 1 or 0, and the rest of them are only defined under certain conditions. For the former group, "#if FOO" or "#if !FOO" must be used because "#ifdef FOO" is always true. (Options passed by $(call add_define,) are the cases.) For the latter, "#ifdef FOO" or "#ifndef FOO" should be used because checking the value of an undefined macro is strange. Here, IMAGE_BL* is handled by make_helpers/build_macro.mk like follows: $(eval IMAGE := IMAGE_BL$(call uppercase,$(3))) $(OBJ): $(2) @echo " CC $$<" $$(Q)$$(CC) $$(TF_CFLAGS) $$(CFLAGS) -D$(IMAGE) -c $$< -o $$@ This means, IMAGE_BL* is defined when building the corresponding image, but *undefined* for the other images. So, IMAGE_BL* belongs to the latter group where we should use #ifdef or #ifndef. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
2016-12-25 14:36:24 +00:00
#elif defined(IMAGE_BL32)
Remove duplicated definitions of linker symbols Many parts of the code were duplicating symbols that are defined in include/common/bl_common.h. It is better to only use the definitions in this header. As all the symbols refer to virtual addresses, they have to be uintptr_t, not unsigned long. This has also been fixed in bl_common.h. Change-Id: I204081af78326ced03fb05f69846f229d324c711 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2019-01-25 13:28:38 +00:00
IMPORT_SYM(uintptr_t, __BL32_END__, BL32_END);
feat(rme): add ENABLE_RME build option and support for RMM image The changes include: - A new build option (ENABLE_RME) to enable FEAT_RME - New image called RMM. RMM is R-EL2 firmware that manages Realms. When building TF-A, a path to RMM image can be specified using the "RMM" build flag. If RMM image is not provided, TRP is built by default and used as RMM image. - Support for RMM image in fiptool Signed-off-by: Zelalem Aweke <zelalem.aweke@arm.com> Change-Id: I017c23ef02e465a5198baafd665a60858ecd1b25
2021-07-12 00:33:20 +01:00
#elif defined(IMAGE_RMM)
IMPORT_SYM(uintptr_t, __RMM_END__, RMM_END);
Add linker symbol declarations to bl_common.h Add extern declarations of linker symbols to bl_common.h. These are used by platform ports to determine the memory layout of BL images. Adding the declarations to this file facilitates removal of these declarations from the platform porting source files in subsequent patches. Also remove the linker symbol declarations from common TSP source code. Change-Id: I8ed0426bc815317c4536b588e4e78bc15b4fe91c
2015-04-27 11:49:22 +01:00
#endif /* IMAGE_BLX */
Move BL1 and BL2 private defines to bl_common.h The definitions in bl1/bl1_private.h and bl2/bl2_private.h are useful for platforms that may need to access them. Change-Id: Ifd1880f855ddafcb3bfcaf1ed4a4e0f121eda174 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-12-18 13:49:46 +00:00
/* The following symbols are only exported from the BL2 at EL3 linker script. */
#if BL2_IN_XIP_MEM && defined(IMAGE_BL2)
Remove duplicated definitions of linker symbols Many parts of the code were duplicating symbols that are defined in include/common/bl_common.h. It is better to only use the definitions in this header. As all the symbols refer to virtual addresses, they have to be uintptr_t, not unsigned long. This has also been fixed in bl_common.h. Change-Id: I204081af78326ced03fb05f69846f229d324c711 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2019-01-25 13:28:38 +00:00
IMPORT_SYM(uintptr_t, __BL2_ROM_END__, BL2_ROM_END);
Move BL1 and BL2 private defines to bl_common.h The definitions in bl1/bl1_private.h and bl2/bl2_private.h are useful for platforms that may need to access them. Change-Id: Ifd1880f855ddafcb3bfcaf1ed4a4e0f121eda174 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-12-18 13:49:46 +00:00
Remove duplicated definitions of linker symbols Many parts of the code were duplicating symbols that are defined in include/common/bl_common.h. It is better to only use the definitions in this header. As all the symbols refer to virtual addresses, they have to be uintptr_t, not unsigned long. This has also been fixed in bl_common.h. Change-Id: I204081af78326ced03fb05f69846f229d324c711 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2019-01-25 13:28:38 +00:00
IMPORT_SYM(uintptr_t, __BL2_RAM_START__, BL2_RAM_BASE);
IMPORT_SYM(uintptr_t, __BL2_RAM_END__, BL2_RAM_END);
Move BL1 and BL2 private defines to bl_common.h The definitions in bl1/bl1_private.h and bl2/bl2_private.h are useful for platforms that may need to access them. Change-Id: Ifd1880f855ddafcb3bfcaf1ed4a4e0f121eda174 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-12-18 13:49:46 +00:00
#endif /* BL2_IN_XIP_MEM */
Clean usage of void pointers to access symbols Void pointers have been used to access linker symbols, by declaring an extern pointer, then taking the address of it. This limits symbols values to aligned pointer values. To remove this restriction an IMPORT_SYM macro has been introduced, which declares it as a char pointer and casts it to the required type. Change-Id: I89877fc3b13ed311817bb8ba79d4872b89bfd3b0 Signed-off-by: Joel Hutton <Joel.Hutton@Arm.com>
2018-03-21 11:40:57 +00:00
/*
* The next 2 constants identify the extents of the coherent memory region.
* These addresses are used by the MMU setup code and therefore they must be
* page-aligned. It is the responsibility of the linker script to ensure that
* __COHERENT_RAM_START__ and __COHERENT_RAM_END__ linker symbols refer to
* page-aligned addresses.
*/
Add linker symbol declarations to bl_common.h Add extern declarations of linker symbols to bl_common.h. These are used by platform ports to determine the memory layout of BL images. Adding the declarations to this file facilitates removal of these declarations from the platform porting source files in subsequent patches. Also remove the linker symbol declarations from common TSP source code. Change-Id: I8ed0426bc815317c4536b588e4e78bc15b4fe91c
2015-04-27 11:49:22 +01:00
#if USE_COHERENT_MEM
Remove duplicated definitions of linker symbols Many parts of the code were duplicating symbols that are defined in include/common/bl_common.h. It is better to only use the definitions in this header. As all the symbols refer to virtual addresses, they have to be uintptr_t, not unsigned long. This has also been fixed in bl_common.h. Change-Id: I204081af78326ced03fb05f69846f229d324c711 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2019-01-25 13:28:38 +00:00
IMPORT_SYM(uintptr_t, __COHERENT_RAM_START__, BL_COHERENT_RAM_BASE);
IMPORT_SYM(uintptr_t, __COHERENT_RAM_END__, BL_COHERENT_RAM_END);
Add linker symbol declarations to bl_common.h Add extern declarations of linker symbols to bl_common.h. These are used by platform ports to determine the memory layout of BL images. Adding the declarations to this file facilitates removal of these declarations from the platform porting source files in subsequent patches. Also remove the linker symbol declarations from common TSP source code. Change-Id: I8ed0426bc815317c4536b588e4e78bc15b4fe91c
2015-04-27 11:49:22 +01:00
#endif
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
/*******************************************************************************
* Structure used for telling the next BL how much of a particular type of
* memory is available for its use and how much is already used.
******************************************************************************/
Always use named structs in header files Add tag names to all unnamed structs in header files. This allows forward declaration of structs, which is necessary to reduce header file nesting (to be implemented in a subsequent commit). Also change the typedef names across the codebase to use the _t suffix to be more conformant with the Linux coding style. The coding style actually prefers us not to use typedefs at all but this is considered a step too far for Trusted Firmware. Also change the IO framework structs defintions to use typedef'd structs to be consistent with the rest of the codebase. Change-Id: I722b2c86fc0d92e4da3b15e5cab20373dd26786f
2014-04-10 15:37:22 +01:00
typedef struct meminfo {
Rework type usage in Trusted Firmware This patch reworks type usage in generic code, drivers and ARM platform files to make it more portable. The major changes done with respect to type usage are as listed below: * Use uintptr_t for storing address instead of uint64_t or unsigned long. * Review usage of unsigned long as it can no longer be assumed to be 64 bit. * Use u_register_t for register values whose width varies depending on whether AArch64 or AArch32. * Use generic C types where-ever possible. In addition to the above changes, this patch also modifies format specifiers in print invocations so that they are AArch64/AArch32 agnostic. Only files related to upcoming feature development have been reworked. Change-Id: I9f8c78347c5a52ba7027ff389791f1dad63ee5f8
2016-06-16 14:52:04 +01:00
uintptr_t total_base;
Remove concept of top/bottom image loading This concept is no longer required since we now support loading of images at fixed addresses only. The image loader now automatically detects the position of the image inside the current memory layout and updates the layout such that memory fragmentation is minimised. The 'attr' field of the meminfo data structure, which used to hold the bottom/top loading information, has been removed. Also the 'next' field has been removed as it wasn't used anywhere. The 'init_bl2_mem_layout()' function has been moved out of common code and put in BL1-specific code. It has also been renamed into 'bl1_init_bl2_mem_layout'. Fixes ARM-software/tf-issues#109 Change-Id: I3f54642ce7b763d5ee3b047ad0ab59eabbcf916d
2014-06-24 14:02:34 +01:00
size_t total_size;
Always use named structs in header files Add tag names to all unnamed structs in header files. This allows forward declaration of structs, which is necessary to reduce header file nesting (to be implemented in a subsequent commit). Also change the typedef names across the codebase to use the _t suffix to be more conformant with the Linux coding style. The coding style actually prefers us not to use typedefs at all but this is considered a step too far for Trusted Firmware. Also change the IO framework structs defintions to use typedef'd structs to be consistent with the rest of the codebase. Change-Id: I722b2c86fc0d92e4da3b15e5cab20373dd26786f
2014-04-10 15:37:22 +01:00
} meminfo_t;
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
/*******************************************************************************
* Function & variable prototypes
******************************************************************************/
Add new version of image loading. This patch adds capability to load BL images based on image descriptors instead of hard coded way of loading BL images. This framework is designed such that it can be readily adapted by any BL stage that needs to load images. In order to provide the above capability the following new platform functions are introduced: bl_load_info_t *plat_get_bl_image_load_info(void); This function returns pointer to the list of images that the platform has populated to load. bl_params_t *plat_get_next_bl_params(void); This function returns a pointer to the shared memory that the platform has kept aside to pass trusted firmware related information that next BL image needs. void plat_flush_next_bl_params(void); This function flushes to main memory all the params that are passed to next image. int bl2_plat_handle_post_image_load(unsigned int image_id) This function can be used by the platforms to update/use image information for given `image_id`. `desc_image_load.c` contains utility functions which can be used by the platforms to generate, load and executable, image list based on the registered image descriptors. This patch also adds new version of `load_image/load_auth_image` functions in-order to achieve the above capability. Following are the changes for the new version as compared to old: - Refactor the signature and only keep image_id and image_info_t arguments. Removed image_base argument as it is already passed through image_info_t. Given that the BL image base addresses and limit/size are already provided by the platforms, the meminfo_t and entry_point_info arguments are not needed to provide/reserve the extent of free memory for the given BL image. - Added check for the image size against the defined max size. This is needed because the image size could come from an unauthenticated source (e.g. the FIP header). To make this check, new member is added to the image_info_t struct for identifying the image maximum size. New flag `LOAD_IMAGE_V2` is added in the Makefile. Default value is 0. NOTE: `TRUSTED_BOARD_BOOT` is currently not supported when `LOAD_IMAGE_V2` is enabled. Change-Id: Ia7b643f4817a170d5a2fbf479b9bc12e63112e79
2016-09-12 16:08:41 +01:00
int load_auth_image(unsigned int image_id, image_info_t *image_data);
Allow disabling authentication dynamically This patch allows platforms to dynamically disable authentication of images during cold boot. This capability is controlled via the DYN_DISABLE_AUTH build flag and is only meant for development purposes. Change-Id: Ia3df8f898824319bb76d5cc855b5ad6c3d227260 Signed-off-by: Soby Mathew <soby.mathew@arm.com>
2018-03-26 12:43:37 +01:00
#if TRUSTED_BOARD_BOOT && defined(DYN_DISABLE_AUTH)
/*
* API to dynamically disable authentication. Only meant for development
* systems.
*/
void dyn_disable_auth(void);
#endif
Add new version of image loading. This patch adds capability to load BL images based on image descriptors instead of hard coded way of loading BL images. This framework is designed such that it can be readily adapted by any BL stage that needs to load images. In order to provide the above capability the following new platform functions are introduced: bl_load_info_t *plat_get_bl_image_load_info(void); This function returns pointer to the list of images that the platform has populated to load. bl_params_t *plat_get_next_bl_params(void); This function returns a pointer to the shared memory that the platform has kept aside to pass trusted firmware related information that next BL image needs. void plat_flush_next_bl_params(void); This function flushes to main memory all the params that are passed to next image. int bl2_plat_handle_post_image_load(unsigned int image_id) This function can be used by the platforms to update/use image information for given `image_id`. `desc_image_load.c` contains utility functions which can be used by the platforms to generate, load and executable, image list based on the registered image descriptors. This patch also adds new version of `load_image/load_auth_image` functions in-order to achieve the above capability. Following are the changes for the new version as compared to old: - Refactor the signature and only keep image_id and image_info_t arguments. Removed image_base argument as it is already passed through image_info_t. Given that the BL image base addresses and limit/size are already provided by the platforms, the meminfo_t and entry_point_info arguments are not needed to provide/reserve the extent of free memory for the given BL image. - Added check for the image size against the defined max size. This is needed because the image size could come from an unauthenticated source (e.g. the FIP header). To make this check, new member is added to the image_info_t struct for identifying the image maximum size. New flag `LOAD_IMAGE_V2` is added in the Makefile. Default value is 0. NOTE: `TRUSTED_BOARD_BOOT` is currently not supported when `LOAD_IMAGE_V2` is enabled. Change-Id: Ia7b643f4817a170d5a2fbf479b9bc12e63112e79
2016-09-12 16:08:41 +01:00
extern const char build_message[];
extern const char version_string[];
Introduce print_entry_point_info() function This patch introduces a new function called 'print_entry_point_info' that prints an entry_point_t structure for debugging purposes. As such, it can be used to display the entry point address, SPSR and arguments passed from a firmware image to the next one. This function is now called in the following images transitions: - BL1 to BL2 - BL1 to BL31 - BL31 to the next image (typically BL32 or BL33) The following changes have been introduced: - Fix the output format of the SPSR value : SPSR is a 32-bit value, not a 64-bit one. - Print all arguments values. The entry_point_info_t structure allows to pass up to 8 arguments. In most cases, only the first 2 arguments were printed. print_entry_point_info() now prints all of them as 'VERBOSE' traces. Change-Id: Ieb384bffaa7849e6cb95a01a47c0b7fc2308653a
2015-09-28 17:03:06 +01:00
void print_entry_point_info(const entry_point_info_t *ep_info);
Fix MISRA rule 8.4 Part 1 Rule 8.4: A compatible declaration shall be visible when an object or function with external linkage is defined Fixed for: make DEBUG=1 PLAT=fvp LOG_LEVEL=50 all Change-Id: I7c2ad3f5c015411c202605851240d5347e4cc8c7 Signed-off-by: Roberto Vargas <roberto.vargas@arm.com>
2018-02-12 12:36:17 +00:00
uintptr_t page_align(uintptr_t value, unsigned dir);
Introduce print_entry_point_info() function This patch introduces a new function called 'print_entry_point_info' that prints an entry_point_t structure for debugging purposes. As such, it can be used to display the entry point address, SPSR and arguments passed from a firmware image to the next one. This function is now called in the following images transitions: - BL1 to BL2 - BL1 to BL31 - BL31 to the next image (typically BL32 or BL33) The following changes have been introduced: - Fix the output format of the SPSR value : SPSR is a 32-bit value, not a 64-bit one. - Print all arguments values. The entry_point_info_t structure allows to pass up to 8 arguments. In most cases, only the first 2 arguments were printed. print_entry_point_info() now prints all of them as 'VERBOSE' traces. Change-Id: Ieb384bffaa7849e6cb95a01a47c0b7fc2308653a
2015-09-28 17:03:06 +01:00
Convert arm_setup_page_tables into a generic helper This function is not related to Arm platforms and can be reused by other platforms if needed. Change-Id: Ia9c328ce57ce7e917b825a9e09a42b0abb1a53e8 Co-authored-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com> Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-10-19 16:44:18 +01:00
struct mmap_region;
void setup_page_tables(const struct mmap_region *bl_regions,
const struct mmap_region *plat_regions);
Add support for pointer authentication The previous commit added the infrastructure to load and save ARMv8.3-PAuth registers during Non-secure <-> Secure world switches, but didn't actually enable pointer authentication in the firmware. This patch adds the functionality needed for platforms to provide authentication keys for the firmware, and a new option (ENABLE_PAUTH) to enable pointer authentication in the firmware itself. This option is disabled by default, and it requires CTX_INCLUDE_PAUTH_REGS to be enabled. Change-Id: I35127ec271e1198d43209044de39fa712ef202a5 Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2019-02-19 11:53:51 +00:00
void bl_handle_pauth(void);
Replace __ASSEMBLY__ with compiler-builtin __ASSEMBLER__ NOTE: __ASSEMBLY__ macro is now deprecated in favor of __ASSEMBLER__. All common C compilers predefine a macro called __ASSEMBLER__ when preprocessing a .S file. There is no reason for TF-A to define it's own __ASSEMBLY__ macro for this purpose instead. To unify code with the export headers (which use __ASSEMBLER__ to avoid one extra dependency), let's deprecate __ASSEMBLY__ and switch the code base over to the predefined standard. Change-Id: Id7d0ec8cf330195da80499c68562b65cb5ab7417 Signed-off-by: Julius Werner <jwerner@chromium.org>
2019-07-09 21:49:11 +01:00
#endif /*__ASSEMBLER__*/
ARMv8 Trusted Firmware release v0.2
2013-10-25 09:08:21 +01:00
Standardise header guards across codebase All identifiers, regardless of use, that start with two underscores are reserved. This means they can't be used in header guards. The style that this project is now to use the full name of the file in capital letters followed by 'H'. For example, for a file called "uart_example.h", the header guard is UART_EXAMPLE_H. The exceptions are files that are imported from other projects: - CryptoCell driver - dt-bindings folders - zlib headers Change-Id: I50561bf6c88b491ec440d0c8385c74650f3c106e Signed-off-by: Antonio Nino Diaz <antonio.ninodiaz@arm.com>
2018-11-08 10:20:19 +00:00
#endif /* BL_COMMON_H */