BL2 passes FW_CONFIG to BL31 which contains information
about different DTBs present. BL31 then uses FW_CONFIG
to get the base address of HW_CONFIG and populate fconf.
Signed-off-by: Usama Arif <usama.arif@arm.com>
Change-Id: I0b4fc83e6e0a0b9401f692516654eb9a3b037616
Currently the list of SP UUIDs loaded by BL2 is hardcoded in the DT.
This is a problem when building a system with other SPs (e.g. from
Trusted Services). This commit implements a workaround to enable adding
SP UUIDs to the list at build time.
Signed-off-by: Balint Dobszay <balint.dobszay@arm.com>
Change-Id: Iff85d3778596d23d777dec458f131bd7a8647031
Up until now we relied on the GICs used in our FPGA images to be GICv3
compliant, without the "direct virtual injection" feature (aka GICv4)
enabled.
To support newer images which have GICv4 compliant GICs, enable the
newly introduced GICv4 detection code, and use that also when we adjust
the redistributor region size in the devicetree.
This allows the same BL31 image to be used with GICv3 or GICv4 FPGA
images.
Change-Id: I9f6435a6d5150983625efe3650a8b7d1ef11b1d1
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
At the moment we have a GIC_ENABLE_V4_EXTN build time variable to
determine whether the GIC interrupt controller is compliant to version
4.0 of the spec or not. This just changes the number of 64K MMIO pages
we expect per redistributor.
To support firmware builds which run on variable systems (emulators,
fast model or FPGAs), let's make this decision at runtime.
The GIC specification provides several architected flags to learn the
size of the MMIO frame per redistributor, we use GICR_TYPER[VLPI] here.
Provide a (static inline) function to return the size of each
redistributor.
We keep the GIC_ENABLE_V4_EXTN build time variable around, but change
its meaning to enable this autodetection code. Systems not defining this
rely on a "pure" GICv3 (as before), but platforms setting it to "1" can
now deal with both configurations.
Change-Id: I9ede4acf058846157a0a9e2ef6103bf07c7655d9
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Add TZC master source id for DMA in the SoC space and for the DMAs
behind the I/O Virtualization block to allow the non-secure transactions
from these DMAs targeting DRAM.
Signed-off-by: Vijayenthiran Subramaniam <vijayenthiran.subramaniam@arm.com>
Change-Id: I77a2947b01b4b49a7c1940f09cf62b7b5257657c
The GIC IP formerly known as "GIC Clayton" has been released under the
name of "GIC-700".
Rename occurences of Clayton in comments and macro names to reflect the
official name.
Change-Id: Ie8c55f7da7753127d58c8382b0033c1b486f7909
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
This patch adds the basic CPU library code to support the Demeter
CPU. This CPU is based on the Makalu-ELP core so that CPU lib code
was adapted to create this patch.
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: Ib5740b748008a72788c557f0654d8d5e9ec0bb7f
As done recently for plat/tc0 in b5863cab9, enable AMU explicitly.
This is necessary as the recent changes that enable SVE for the secure
world disable AMU by default in the CPTR_EL3 reset value.
Change-Id: Ie3abf1dee8a4e1c8c39f934da8e32d67891f5f09
Signed-off-by: Tom Cosgrove <tom.cosgrove@arm.com>
This commit activates the stack protector feature for the diphda
platform.
Change-Id: Ib16b74871c62b67e593a76ecc12cd3634d212614
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
This renames tc0 platform folder and files to tc, and introduces
TARGET_PLATFORM variable to account for the differences between
TC0 and TC1.
Signed-off-by: Usama Arif <usama.arif@arm.com>
Change-Id: I5b4a83f3453afd12542267091b3edab4c139c5cd
Fixed the build error by removing the local definition of 'efi_guid'
structure in 'sgi_ras.c' file as this structure definition is already
populated in 'sgi_ras.c' file via 'uuid.h' header.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I57687336863f2a0761c09b6c1aa00b4aa82a6a12
Bump the required FF-A version in framework and manifests to v1.1 as
upstream feature development goes.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I89b2bd3828a13fc4344ccd53bc3ac9c0c22ab29f
Renamed hw_crc32 to tf_crc32 to make the file and function
name more generic so that the same name can be used in upcoming
software CRC32 implementation.
Change-Id: Idff8f70c50ca700a4328a27b49d5e1f14d2095eb
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Added firmware update support in Arm platforms by using
FWU platform hooks and compiling FWU driver in BL2
component.
Change-Id: I71af06c09d95c2c58e3fd766c4a61c5652637151
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
These files are needed during boot, but they were missing
for semihosting.
With this patch, the list of files is complete enough to
boot on ATF platform via semihosting.
Change-Id: I2f0ca25983a6e18096f040780776f19f8040ea79
Signed-off-by: stsp@users.sourceforge.net
Recent changes to enable SVE for the secure world have disabled AMU
extension by default in the reset value of CPTR_EL3 register. So the
platform has to enable this extension explicitly.
Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Change-Id: I7d930d96ec22d7c3db961411370564bece0ce272
At this stage of development Non Volatile counters are not implemented
in the Diphda platform.
This commit disables their use during the Trusted Board Boot by
overriding the NV counters get/set functions.
Change-Id: I8dcbebe0281cc4d0837c283ff637e20b850988ef
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
This commit enables trusted-firmware-a with Trusted Board Boot support
for the Diphda 64-bit platform.
Diphda uses a FIP image located in the flash. The FIP contains the
following components:
- BL2
- BL31
- BL32
- BL32 SPMC manifest
- BL33
- The TBB certificates
The board boot relies on CoT (chain of trust). The trusted-firmware-a
BL2 is extracted from the FIP and verified by the Secure Enclave
processor. BL2 verification relies on the signature area at the
beginning of the BL2 image. This area is needed by the SecureEnclave
bootloader.
Then, the application processor is released from reset and starts by
executing BL2.
BL2 performs the actions described in the trusted-firmware-a TBB design
document.
Signed-off-by: Rui Miguel Silva <rui.silva@arm.com>
Signed-off-by: Abdellatif El Khlifi <abdellatif.elkhlifi@arm.com>
Change-Id: Iddb1cb9c2a0324a9635e23821c210ac81dfc305d
Align documentation with changes of messaging method for partition
manifest:
- Bit[0]: support for receiving direct message requests
- Bit[1]: support for sending direct messages
- Bit[2]: support for indirect messaging
- Bit[3]: support for managed exit
Change the optee_sp_manifest to align with the new messaging method
description.
Signed-off-by: Maksims Svecovs <maksims.svecovs@arm.com>
Change-Id: I333e82c546c03698c95f0c77293018f8dca5ba9c
Used mmio* functions to read/write NVFLAGS registers to avoid
possibile reordering of instructions by compiler.
Change-Id: Iae50ac30e5413259cf8554f0fff47512ad83b0fd
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
In the FVP platform, BL1 uses flash only for read purpose
hence marked this flash region as read-only.
Change-Id: I3b57130fd4f3b4df522ac075f66e9799f237ebb7
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Erasing the FIP TOC header present in a flash is replaced by updating NV
flags with an error code on image load/authentication failure.
BL1 component uses these NV flags to detect whether a firmware update is
needed or not.
These NV flags get cleared once the firmware update gets completed.
Signed-off-by: Manish V Badarkhe <Manish.Badarkhe@arm.com>
Change-Id: I6232a0db07c89b2373b7b9d28acd37df6203d914
The partition layout description JSON file generated by TF-A tests
declares a fourth test partition called Ivy demonstrating the
implementation of a S-EL0 partition supported by a S-EL1 shim.
Change-Id: If8562acfc045d6496dfdb3df0524b3a069357f8e
Signed-off-by: Daniel Boulby <daniel.boulby@arm.com>
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
We don't ever expect to load a binary with an STM32 header on the Arm
FVP platform so remove this type of image from the list of
measurements.
Also remove the GPT image type from the list, as it does not get
measured. GPT is a container, just like FIP is. We don't measure the FIP
but rather the images inside it. It would seem logical to treat GPT the
same way.
Besides, only images that get loaded through load_auth_image() get
measured right now. GPT processing happens before that and is handled in
a different way (see partition_init()).
Change-Id: Iac4de75380ed625b228e69ee4564cf9e67e19336
Signed-off-by: Sandrine Bailleux <sandrine.bailleux@arm.com>
For Arm platforms PIE is enabled when RESET_TO_BL31=1 in aarch64 mode on
the similar lines enable PIE when RESET_TO_SP_MIN=1 in aarch32 mode.
The underlying changes for enabling PIE in aarch32 is submitted in
commit 4324a14bf
Signed-off-by: Manish Pandey <manish.pandey2@arm.com>
Change-Id: Ib8bb860198b3f97cdc91005503a3184d63e15469
Third instance of cactus is a UP SP. Set its vcpu count to 1.
Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Change-Id: I34b7feb2915e6d335e690e89dea466e75944ed1b
* changes:
refactor(plat/nvidia): use SOC_ID defines
refactor(plat/mediatek): use SOC_ID defines
refactor(plat/arm): use SOC_ID defines
feat(plat/st): implement platform functions for SMCCC_ARCH_SOC_ID
refactor(plat/st): export functions to get SoC information
feat(smccc): add bit definition for SMCCC_ARCH_SOC_ID
Fix a remainder from early prototyping. OP-TEE as a secure partition
does not need specific SMC function id pass through to EL3.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I2843d1b9a5eb4c966f82790e1655fb569c2de7d4
The UUID strings used in FW_CONFIG DT are not aligned with UUIDs defined
in include/tools_share/firmware_image_package.h for BL32_EXTRA1 and
TRUSTED_KEY_CERT.
Signed-off-by: Yann Gautier <yann.gautier@foss.st.com>
Change-Id: I517f8f9311585931f2cb931e0588414da449b694
Morello exhibits the behavior similar to Juno wherein CNTBaseN.CNTFRQ
can be written but does not reflect the value of the CNTFRQ register
in CNTCTLBase frame. This doesn't follow ARM ARM in that the value
updated in CNTCTLBase.CNTFRQ is not reflected in CNTBaseN.CNTFRQ.
Hence enable the workaround (applied to Juno) for Morello that updates
the CNTFRQ register in the Non Secure CNTBaseN frame.
Change-Id: Iabe53bf3c25152052107e08321323e4bde5fbef4
Signed-off-by: Manoj Kumar <manoj.kumar3@arm.com>
This patch renames the Matterhorn, Matterhorn ELP, and Klein CPUs to
Cortex A710, Cortex X2, and Cortex A510 respectively.
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: I056d3114210db71c2840a24562b51caf2546e195