2015-03-19 18:58:55 +00:00
|
|
|
#
|
2017-01-31 13:01:04 +00:00
|
|
|
# Copyright (c) 2015-2017, ARM Limited and Contributors. All rights reserved.
|
2015-03-19 18:58:55 +00:00
|
|
|
#
|
2017-05-03 09:38:09 +01:00
|
|
|
# SPDX-License-Identifier: BSD-3-Clause
|
2015-03-19 18:58:55 +00:00
|
|
|
#
|
|
|
|
|
2016-07-11 14:13:56 +01:00
|
|
|
ifeq (${ARCH}, aarch64)
|
|
|
|
# On ARM standard platorms, the TSP can execute from Trusted SRAM, Trusted
|
|
|
|
# DRAM (if available) or the TZC secured area of DRAM.
|
|
|
|
# Trusted SRAM is the default.
|
|
|
|
|
|
|
|
ARM_TSP_RAM_LOCATION := tsram
|
|
|
|
ifeq (${ARM_TSP_RAM_LOCATION}, tsram)
|
|
|
|
ARM_TSP_RAM_LOCATION_ID = ARM_TRUSTED_SRAM_ID
|
|
|
|
else ifeq (${ARM_TSP_RAM_LOCATION}, tdram)
|
|
|
|
ARM_TSP_RAM_LOCATION_ID = ARM_TRUSTED_DRAM_ID
|
|
|
|
else ifeq (${ARM_TSP_RAM_LOCATION}, dram)
|
|
|
|
ARM_TSP_RAM_LOCATION_ID = ARM_DRAM_ID
|
|
|
|
else
|
|
|
|
$(error "Unsupported ARM_TSP_RAM_LOCATION value")
|
|
|
|
endif
|
2015-03-19 18:58:55 +00:00
|
|
|
|
2016-07-11 14:13:56 +01:00
|
|
|
# Process flags
|
|
|
|
$(eval $(call add_define,ARM_TSP_RAM_LOCATION_ID))
|
|
|
|
|
|
|
|
# Process ARM_BL31_IN_DRAM flag
|
|
|
|
ARM_BL31_IN_DRAM := 0
|
|
|
|
$(eval $(call assert_boolean,ARM_BL31_IN_DRAM))
|
|
|
|
$(eval $(call add_define,ARM_BL31_IN_DRAM))
|
|
|
|
endif
|
2015-03-19 18:58:55 +00:00
|
|
|
|
2015-04-16 14:49:09 +01:00
|
|
|
# For the original power-state parameter format, the State-ID can be encoded
|
|
|
|
# according to the recommended encoding or zero. This flag determines which
|
|
|
|
# State-ID encoding to be parsed.
|
|
|
|
ARM_RECOM_STATE_ID_ENC := 0
|
|
|
|
|
2016-11-07 17:29:34 +00:00
|
|
|
# If the PSCI_EXTENDED_STATE_ID is set, then ARM_RECOM_STATE_ID_ENC need to
|
|
|
|
# be set. Else throw a build error.
|
2015-04-16 14:49:09 +01:00
|
|
|
ifeq (${PSCI_EXTENDED_STATE_ID}, 1)
|
|
|
|
ifeq (${ARM_RECOM_STATE_ID_ENC}, 0)
|
2016-11-07 17:29:34 +00:00
|
|
|
$(error Build option ARM_RECOM_STATE_ID_ENC needs to be set if \
|
|
|
|
PSCI_EXTENDED_STATE_ID is set for ARM platforms)
|
2015-04-16 14:49:09 +01:00
|
|
|
endif
|
|
|
|
endif
|
|
|
|
|
|
|
|
# Process ARM_RECOM_STATE_ID_ENC flag
|
|
|
|
$(eval $(call assert_boolean,ARM_RECOM_STATE_ID_ENC))
|
|
|
|
$(eval $(call add_define,ARM_RECOM_STATE_ID_ENC))
|
|
|
|
|
2015-10-06 14:01:35 +01:00
|
|
|
# Process ARM_DISABLE_TRUSTED_WDOG flag
|
|
|
|
# By default, Trusted Watchdog is always enabled unless SPIN_ON_BL1_EXIT is set
|
|
|
|
ARM_DISABLE_TRUSTED_WDOG := 0
|
|
|
|
ifeq (${SPIN_ON_BL1_EXIT}, 1)
|
|
|
|
ARM_DISABLE_TRUSTED_WDOG := 1
|
|
|
|
endif
|
|
|
|
$(eval $(call assert_boolean,ARM_DISABLE_TRUSTED_WDOG))
|
|
|
|
$(eval $(call add_define,ARM_DISABLE_TRUSTED_WDOG))
|
|
|
|
|
2015-11-06 16:02:32 +00:00
|
|
|
# Process ARM_CONFIG_CNTACR
|
|
|
|
ARM_CONFIG_CNTACR := 1
|
|
|
|
$(eval $(call assert_boolean,ARM_CONFIG_CNTACR))
|
|
|
|
$(eval $(call add_define,ARM_CONFIG_CNTACR))
|
|
|
|
|
2016-03-07 03:02:57 +00:00
|
|
|
# Process ARM_BL31_IN_DRAM flag
|
|
|
|
ARM_BL31_IN_DRAM := 0
|
|
|
|
$(eval $(call assert_boolean,ARM_BL31_IN_DRAM))
|
|
|
|
$(eval $(call add_define,ARM_BL31_IN_DRAM))
|
|
|
|
|
2017-02-28 16:46:17 +00:00
|
|
|
# Process ARM_PLAT_MT flag
|
|
|
|
ARM_PLAT_MT := 0
|
|
|
|
$(eval $(call assert_boolean,ARM_PLAT_MT))
|
|
|
|
$(eval $(call add_define,ARM_PLAT_MT))
|
|
|
|
|
2017-04-11 14:04:56 +01:00
|
|
|
# Use translation tables library v2 by default
|
|
|
|
ARM_XLAT_TABLES_LIB_V1 := 0
|
|
|
|
$(eval $(call assert_boolean,ARM_XLAT_TABLES_LIB_V1))
|
|
|
|
$(eval $(call add_define,ARM_XLAT_TABLES_LIB_V1))
|
|
|
|
|
2017-05-24 14:11:07 +01:00
|
|
|
# Use an implementation of SHA-256 with a smaller memory footprint but reduced
|
|
|
|
# speed.
|
|
|
|
$(eval $(call add_define,MBEDTLS_SHA256_SMALLER))
|
|
|
|
|
2016-05-23 16:07:53 +01:00
|
|
|
# Enable PSCI_STAT_COUNT/RESIDENCY APIs on ARM platforms
|
2016-07-11 14:13:56 +01:00
|
|
|
ENABLE_PSCI_STAT := 1
|
2017-01-31 13:01:04 +00:00
|
|
|
ENABLE_PMF := 1
|
2016-05-23 16:07:53 +01:00
|
|
|
|
2016-07-08 14:38:16 +01:00
|
|
|
# On ARM platforms, separate the code and read-only data sections to allow
|
|
|
|
# mapping the former as executable and the latter as execute-never.
|
|
|
|
SEPARATE_CODE_AND_RODATA := 1
|
|
|
|
|
2016-11-11 13:57:50 +00:00
|
|
|
# Enable new version of image loading on ARM platforms
|
|
|
|
LOAD_IMAGE_V2 := 1
|
2016-07-08 14:38:16 +01:00
|
|
|
|
2017-05-23 11:41:36 +01:00
|
|
|
# Use generic OID definition (tbbr_oid.h)
|
|
|
|
USE_TBBR_DEFS := 1
|
|
|
|
|
2017-05-10 11:50:30 +01:00
|
|
|
# Disable ARM Cryptocell by default
|
|
|
|
ARM_CRYPTOCELL_INTEG := 0
|
|
|
|
$(eval $(call assert_boolean,ARM_CRYPTOCELL_INTEG))
|
|
|
|
$(eval $(call add_define,ARM_CRYPTOCELL_INTEG))
|
|
|
|
|
2015-05-07 14:52:44 +01:00
|
|
|
PLAT_INCLUDES += -Iinclude/common/tbbr \
|
2016-07-11 14:13:56 +01:00
|
|
|
-Iinclude/plat/arm/common
|
2015-03-19 18:58:55 +00:00
|
|
|
|
2016-07-11 14:13:56 +01:00
|
|
|
ifeq (${ARCH}, aarch64)
|
|
|
|
PLAT_INCLUDES += -Iinclude/plat/arm/common/aarch64
|
|
|
|
endif
|
2015-03-19 18:58:55 +00:00
|
|
|
|
2017-04-11 14:04:56 +01:00
|
|
|
PLAT_BL_COMMON_SOURCES += plat/arm/common/${ARCH}/arm_helpers.S \
|
|
|
|
plat/arm/common/arm_common.c
|
|
|
|
|
|
|
|
ifeq (${ARM_XLAT_TABLES_LIB_V1}, 1)
|
|
|
|
PLAT_BL_COMMON_SOURCES += lib/xlat_tables/xlat_tables_common.c \
|
|
|
|
lib/xlat_tables/${ARCH}/xlat_tables.c
|
|
|
|
else
|
2017-02-23 17:22:58 +00:00
|
|
|
include lib/xlat_tables_v2/xlat_tables.mk
|
|
|
|
|
2017-04-11 14:04:56 +01:00
|
|
|
PLAT_BL_COMMON_SOURCES += ${XLAT_TABLES_LIB_SRCS}
|
|
|
|
endif
|
2015-03-19 18:58:55 +00:00
|
|
|
|
2016-02-15 11:54:14 +00:00
|
|
|
BL1_SOURCES += drivers/arm/sp805/sp805.c \
|
2015-03-19 18:58:55 +00:00
|
|
|
drivers/io/io_fip.c \
|
|
|
|
drivers/io/io_memmap.c \
|
|
|
|
drivers/io/io_storage.c \
|
|
|
|
plat/arm/common/arm_bl1_setup.c \
|
2017-03-07 11:02:47 +00:00
|
|
|
plat/arm/common/arm_io_storage.c
|
2015-11-26 16:31:34 +00:00
|
|
|
ifdef EL3_PAYLOAD_BASE
|
|
|
|
# Need the arm_program_trusted_mailbox() function to release secondary CPUs from
|
|
|
|
# their holding pen
|
|
|
|
BL1_SOURCES += plat/arm/common/arm_pm.c
|
|
|
|
endif
|
2015-03-19 18:58:55 +00:00
|
|
|
|
2016-02-10 14:50:53 +00:00
|
|
|
BL2_SOURCES += drivers/io/io_fip.c \
|
2015-03-19 18:58:55 +00:00
|
|
|
drivers/io/io_memmap.c \
|
|
|
|
drivers/io/io_storage.c \
|
|
|
|
plat/arm/common/arm_bl2_setup.c \
|
2017-03-07 11:02:47 +00:00
|
|
|
plat/arm/common/arm_io_storage.c
|
2016-09-13 17:07:57 +01:00
|
|
|
ifeq (${LOAD_IMAGE_V2},1)
|
2016-11-14 12:01:04 +00:00
|
|
|
# Because BL1/BL2 execute in AArch64 mode but BL32 in AArch32 we need to use
|
|
|
|
# the AArch32 descriptors.
|
|
|
|
ifeq (${JUNO_AARCH32_EL3_RUNTIME},1)
|
|
|
|
BL2_SOURCES += plat/arm/common/aarch32/arm_bl2_mem_params_desc.c
|
|
|
|
else
|
|
|
|
BL2_SOURCES += plat/arm/common/${ARCH}/arm_bl2_mem_params_desc.c
|
|
|
|
endif
|
|
|
|
BL2_SOURCES += plat/arm/common/arm_image_load.c \
|
2016-09-13 17:07:57 +01:00
|
|
|
common/desc_image_load.c
|
|
|
|
endif
|
2015-03-19 18:58:55 +00:00
|
|
|
|
2017-03-07 11:02:47 +00:00
|
|
|
BL2U_SOURCES += plat/arm/common/arm_bl2u_setup.c
|
2015-10-14 15:28:11 +01:00
|
|
|
|
2016-02-15 11:54:14 +00:00
|
|
|
BL31_SOURCES += plat/arm/common/arm_bl31_setup.c \
|
2015-03-19 18:58:55 +00:00
|
|
|
plat/arm/common/arm_pm.c \
|
|
|
|
plat/arm/common/arm_topology.c \
|
Introduce ARM SiP service to switch execution state
In AArch64, privileged exception levels control the execution state
(a.k.a. register width) of the immediate lower Exception Level; i.e.
whether the lower exception level executes in AArch64 or AArch32 state.
For an exception level to have its execution state changed at run time,
it must request the change by raising a synchronous exception to the
higher exception level.
This patch implements and adds such a provision to the ARM SiP service,
by which an immediate lower exception level can request to switch its
execution state. The execution state is switched if the request is:
- raised from non-secure world;
- raised on the primary CPU, before any secondaries are brought online
with CPU_ON PSCI call;
- raised from an exception level immediately below EL3: EL2, if
implemented; otherwise NS EL1.
If successful, the SMC doesn't return to the caller, but to the entry
point supplied with the call. Otherwise, the caller will observe the SMC
returning with STATE_SW_E_DENIED code. If ARM Trusted Firmware is built
for AArch32, the feature is not supported, and the call will always
fail.
For the ARM SiP service:
- Add SMC function IDs for both AArch32 and AArch64;
- Increment the SiP service minor version to 2;
- Adjust the number of supported SiP service calls.
Add documentation for ARM SiP service.
Fixes ARM-software/tf-issues#436
Change-Id: I4347f2d6232e69fbfbe333b340fcd0caed0a4cea
Signed-off-by: Jeenu Viswambharan <jeenu.viswambharan@arm.com>
2017-02-16 14:55:15 +00:00
|
|
|
plat/arm/common/execution_state_switch.c \
|
2016-05-03 12:31:18 +01:00
|
|
|
plat/common/plat_psci_common.c
|
2015-05-19 11:54:12 +01:00
|
|
|
|
2016-09-19 11:21:03 +01:00
|
|
|
ifeq (${ENABLE_PMF}, 1)
|
|
|
|
BL31_SOURCES += plat/arm/common/arm_sip_svc.c \
|
|
|
|
lib/pmf/pmf_smc.c
|
|
|
|
endif
|
|
|
|
|
2015-05-19 11:54:12 +01:00
|
|
|
ifneq (${TRUSTED_BOARD_BOOT},0)
|
|
|
|
|
|
|
|
# By default, ARM platforms use RSA keys
|
|
|
|
KEY_ALG := rsa
|
|
|
|
|
|
|
|
# Include common TBB sources
|
|
|
|
AUTH_SOURCES := drivers/auth/auth_mod.c \
|
2015-11-03 14:18:34 +00:00
|
|
|
drivers/auth/crypto_mod.c \
|
|
|
|
drivers/auth/img_parser_mod.c \
|
|
|
|
drivers/auth/tbbr/tbbr_cot.c \
|
2015-05-19 11:54:12 +01:00
|
|
|
|
2015-10-11 14:14:55 +01:00
|
|
|
PLAT_INCLUDES += -Iinclude/bl1/tbbr
|
|
|
|
|
2016-02-01 11:04:46 +00:00
|
|
|
BL1_SOURCES += ${AUTH_SOURCES} \
|
|
|
|
bl1/tbbr/tbbr_img_desc.c \
|
2016-12-12 14:48:13 +00:00
|
|
|
plat/arm/common/arm_bl1_fwu.c \
|
|
|
|
plat/common/tbbr/plat_tbbr.c
|
2015-10-11 14:14:55 +01:00
|
|
|
|
2016-12-12 14:48:13 +00:00
|
|
|
BL2_SOURCES += ${AUTH_SOURCES} \
|
|
|
|
plat/common/tbbr/plat_tbbr.c
|
2015-05-19 11:54:12 +01:00
|
|
|
|
2016-01-05 11:55:36 +00:00
|
|
|
$(eval $(call FWU_FIP_ADD_IMG,NS_BL2U,--fwu))
|
2015-10-12 12:33:47 +01:00
|
|
|
|
2017-05-10 00:29:54 +01:00
|
|
|
TF_MBEDTLS_KEY_ALG := ${KEY_ALG}
|
2015-05-19 11:54:12 +01:00
|
|
|
|
|
|
|
# We expect to locate the *.mk files under the directories specified below
|
2017-05-10 11:50:30 +01:00
|
|
|
ifeq (${ARM_CRYPTOCELL_INTEG},0)
|
2015-05-19 11:54:12 +01:00
|
|
|
CRYPTO_LIB_MK := drivers/auth/mbedtls/mbedtls_crypto.mk
|
2017-05-10 11:50:30 +01:00
|
|
|
else
|
|
|
|
CRYPTO_LIB_MK := drivers/auth/cryptocell/cryptocell_crypto.mk
|
|
|
|
endif
|
2015-05-19 11:54:12 +01:00
|
|
|
IMG_PARSER_LIB_MK := drivers/auth/mbedtls/mbedtls_x509.mk
|
|
|
|
|
|
|
|
$(info Including ${CRYPTO_LIB_MK})
|
|
|
|
include ${CRYPTO_LIB_MK}
|
|
|
|
|
|
|
|
$(info Including ${IMG_PARSER_LIB_MK})
|
|
|
|
include ${IMG_PARSER_LIB_MK}
|
|
|
|
|
|
|
|
endif
|