The UEFI specification details the represenatation
for the EFI_GUID type. Add this representation to the
uuid_helper_t union type so that GUID definitions
can be shared verbatim between UEFI and TF-A header
files.
Change-Id: Ie44ac141f70dd0025e186581d26dce1c1c29fce6
Signed-off-by: Tomas Pilar <tomas@nuviainc.com>
Remove the former impdef SPMD service for SPMC entry point
registration. Replace with FFA_SECONDARY_EP_REGISTER ABI
providing a single entry point address into the SPMC for
primary and secondary cold boot.
Signed-off-by: Olivier Deprez <olivier.deprez@arm.com>
Change-Id: I067adeec25fc12cdae90c15a616903b4ac4d4d83
ARMv8.6 adds virtual offset registers to support virtualization of the
event counters in EL1 and EL0. This patch enables support for this
feature in EL3 firmware.
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: I7ee1f3d9f554930bf5ef6f3d492e932e6d95b217
* changes:
plat/marvell/armada: cleanup MSS SRAM if used for copy
plat/marvell: cn913x: allow CP1/CP2 mapping at BLE stage
plat/marvell/armada/common/mss: use MSS SRAM in secure mode
include/drivers/marvell/mochi: add detection of secure mode
plat/marvell: fix SPD handling in dram port
marvell: drivers: move XOR0/1 DIOB from WIN 0 to 1
drivers/marvell/mochi: add support for cn913x in PCIe EP mode
drivers/marvell/mochi: add missing stream IDs configurations
plat/marvell/armada/a8k: support HW RNG by SMC
drivers/rambus: add TRNG-IP-76 driver
The Juno Trusted Entropy Source has a bias, which makes the generated
raw numbers fail a FIPS 140-2 statistic test.
To improve the quality of the numbers, we can use the CPU's CRC
instructions, which do a decent job on conditioning the bits.
This adds a *very* simple version of arm_acle.h, which is typically
provided by the compiler, and contains the CRC instrinsics definitions
we need. We need the original version by using -nostdinc.
Change-Id: I83d3e6902d6a1164aacd5060ac13a38f0057bd1a
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
Add Rambus (InsideSecure) TRNG-IP-76 HW RNG driver.
This IP is part of Marvell Armada CP110/CP115 die integrated
to Armada 7k/8K/CN913x SoCs
Change-Id: I9c5f510ad6728c7ed168da43d85b19d5852cd873
Signed-off-by: Konstantin Porotchkin <kostap@marvell.com>
Reviewed-by: Stefan Chulski <stefanc@marvell.com>
The filters parameter passed to tzc400_configure_region() is supposed
to be filter bit flag without bit shift, so the macros
TZC_400_REGION_ATTR_FILTER_BIT and TZC_400_REGION_ATTR_FILTER_BIT_ALL
should always construct the value without any shift.
It is not a functional issue for TZC_REGION_ATTR_F_EN_SHIFT is lucky
to be 0.
Signed-off-by: Heyi Guo <guoheyi@linux.alibaba.com>
Change-Id: I5d363c462b8517256523f637e670eefa56722afd
This adds the TRNG Firmware Interface Service to the standard
service dispatcher. This includes a method for dispatching entropy
requests to platforms and includes an entropy pool implementation to
avoid dropping any entropy requested from the platform.
Change-Id: I71cadb3cb377a507652eca9e0d68714c973026e9
Signed-off-by: Jimmy Brisson <jimmy.brisson@arm.com>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
In DDR controller PWRTMG register, the mask for field SELFREF_TO_X32 is
wrong. This field is from bit 16 to 23.
Change-Id: Id336fb08c88f0a153df186dd819e41af72febb88
Signed-off-by: Yann Gautier <yann.gautier@st.com>
From commit: 21571b1d140ae7bb44e94c0afba2ec61456b275b
The coding guidelines[1] in TF-A forbid the use of ato*() functions
in favour of strto*(). However, the TF-A libc does not provide an
implementation of strto*(), making this rule impossible to satisfy.
Also made small changes to fit into TF-A project. Added the source
files to the libc makefile
[1] https://trustedfirmware-a.readthedocs.io/en/latest/process/coding-guidelines.html#libc-functions-that-are-banned-or-to-be-used-with-caution
Change-Id: I2e94a0b227ec39f6f4530dc50bb477999d27730f
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
From commit: 21571b1d140ae7bb44e94c0afba2ec61456b275b
The coding guidelines[1] in TF-A forbid the use of ato*() functions
in favour of strto*(). However, the TF-A libc does not provide an
implementation of strto*(), making this rule impossible to satisfy.
Also made small changes to fit into TF-A project. Added the source
files to the libc makefile
[1] https://trustedfirmware-a.readthedocs.io/en/latest/process/coding-guidelines.html#libc-functions-that-are-banned-or-to-be-used-with-caution
Change-Id: I9cb581574d46de73c3d6917ebf78935fc5ac075a
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
From commit: 21571b1d140ae7bb44e94c0afba2ec61456b275b
The coding guidelines[1] in TF-A forbid the use of ato*() functions
in favour of strto*(). However, the TF-A libc does not provide an
implementation of strto*(), making this rule impossible to satisfy.
Also made small changes to fit into TF-A project. Added the source
files to the libc makefile
[1] https://trustedfirmware-a.readthedocs.io/en/latest/process/coding-guidelines.html#libc-functions-that-are-banned-or-to-be-used-with-caution
Change-Id: I8c3b92751d1ce226c966f7c81fedd83f0846865e
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
From commit: 21571b1d140ae7bb44e94c0afba2ec61456b275b
The coding guidelines[1] in TF-A forbid the use of ato*() functions
in favour of strto*(). However, the TF-A libc does not provide an
implementation of strto*(), making this rule impossible to satisfy.
Also made small changes to fit into TF-A project. Added the source
files to the libc makefile
[1] https://trustedfirmware-a.readthedocs.io/en/latest/process/coding-guidelines.html#libc-functions-that-are-banned-or-to-be-used-with-caution
Change-Id: Ica95bf5da722913834fe90bf3fe743aa34e01e80
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
For SoCs which do not implement RAS, use DSB as a barrier to
synchronize pending external aborts at the entry and exit of
exception handlers. This is needed to isolate the SErrors to
appropriate context.
However, this introduces an unintended side effect as discussed
in the https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/3440
A summary of the side effect and a quick workaround is provided as
part of this patch and summarized here:
The explicit DSB at the entry of various exception vectors in BL31
for handling exceptions from lower ELs can inadvertently trigger an
SError exception in EL3 due to pending asyncrhonouus aborts in lower
ELs. This will end up being handled by serror_sp_elx in EL3 which will
ultimately panic and die.
The way to workaround is to update a flag to indicate if the exception
truly came from EL3. This flag is allocated in the cpu_context
structure. This is not a bullet proof solution to the problem at hand
because we assume the instructions following "isb" that help to update
the flag (lines 100-102 & 139-141) execute without causing further
exceptions.
Change-Id: I4d345b07d746a727459435ddd6abb37fda24a9bf
Signed-off-by: Madhukar Pappireddy <madhukar.pappireddy@arm.com>
This patch does not change code, it only updates comments and macro name
for 6th bit of Status Register. So TF-A binary stay same.
6th bit of the Status Register is named TX EMPTY and is set to 1 when both
Transmitter Holding Register (THR) or Transmitter Shift Register (TSR) are
empty. It is when all characters were already transmitted.
There is also TX FIFO EMPTY bit in the Status Register which is set to 1
only when THR is empty.
In both console_a3700_core_init() and console_a3700_core_flush() functions
we should wait until both THR and TSR are empty therefore we should check
6th bit of the Status Register.
So current code is correct, just had misleading macro names and comments.
This change fixes this "documentation" issue, fixes macro name for 6th bit
of the Status Register and also updates comments.
Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: I19e4e7f53a90bcfb318e6dd1b1249b6cbf81c4d3
Implementation is simple, just check if there is a pending character in
RX FIFO via RXRDY bit of Status Register and if yes, read it from
UART_RX_REG register.
Signed-off-by: Pali Rohár <pali@kernel.org>
Change-Id: I226b6e336f44f5d0ca8dcb68e49a68e8f2f49708
Add ISAR0 feature register read helper, location
of FEAT_RNG bits, feature support helper and the
rndr/rndrrs register read helpers.
Signed-off-by: Tomas Pilar <tomas@nuviainc.com>
Change-Id: I2a785a36f62a917548e55892ce92fa8b72fcb99d
Cortex A78 erratum 1951500 is a Cat B erratum that applies to revisions
r0p0, r1p0, and r1p1. The workaround is to insert a DMB ST before
acquire atomic instructions without release semantics. This workaround
works on revisions r1p0 and r1p1, in r0p0 there is no workaround.
SDEN can be found here:
https://documentation-service.arm.com/static/5fb66157ca04df4095c1cc2e
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: I47610cee75af6a127ea65edc4d5cffc7e6a2d0a3
Cortex A78 erratum 1941498 is a Cat B erratum that applies to revisions
r0p0, r1p0, and r1p1. The workaround is to set bit 8 in the ECTLR_EL1
register, there is a small performance cost (<0.5%) for setting this bit.
SDEN can be found here:
https://documentation-service.arm.com/static/5fb66157ca04df4095c1cc2e
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: I959cee8e3d46c1b84ff5e4409ce5945e459cc6a9
Write char if fifo is empty. If this is done like this all chars are
printed. Because origin code just put that chars to fifo and in case of
reset messages were missing.
Before this change chars are put to fifo and only check before adding if
fifo is full. The patch is changing this logic that it is adding char only
when fifo is empty to make sure that in case of reset (by another SW for
example) all chars are printed. Maybe one char can be missed but for IP
itself it is much easier to send just one char compare to full fifo.
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Change-Id: Ic24c2c1252bce24be2aed68ee29477ca4a549e5f
* changes:
allwinner: Use RSB for the PMIC connection on H6
allwinner: Return the PMIC to I2C mode after use
allwinner: Always use a 3MHz RSB bus clock
Increase SP max size for latest OP-TEE build with debug and
stats enabled.
Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>
Change-Id: I4593884e0deb39ada10009f6876d815136f8ee65
This gives the rich OS the flexibility to choose between I2C and RSB
communication. Since a runtime address can only be assigned once after
entering RSB mode, it also lets the rich OS choose any runtime address.
Signed-off-by: Samuel Holland <samuel@sholland.org>
Change-Id: Id49c124c5e925985fc31c0ba38c7fb6c941aafa8
If FEAT_PMUv3 is implemented and PMEVTYPER<n>(_EL0).MT bit is implemented
as well, it is possible to control whether PMU counters take into account
events happening on other threads.
If FEAT_MTPMU is implemented, EL3 (or EL2) can override the MT bit
leaving it to effective state of 0 regardless of any write to it.
This patch introduces the DISABLE_MTPMU flag, which allows to diable
multithread event count from EL3 (or EL2). The flag is disabled
by default so the behavior is consistent with those architectures
that do not implement FEAT_MTPMU.
Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Change-Id: Iee3a8470ae8ba13316af1bd40c8d4aa86e0cb85e
This patch provides the following changes:
- Adds definition for FEAT_MTE3 value in ID_AA64PFR1_EL1 register
- Enables Memory Tagging Extension for FEAT_MTE3.
Change-Id: I735988575466fdc083892ec12c1aee89b5faa472
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
Enable basic support for Neoverse-N2 CPUs.
Signed-off-by: Javier Almansa Sobrino <javier.almansasobrino@arm.com>
Change-Id: I498adc2d9fc61ac6e1af8ece131039410872e8ad
This patch provides the changes listed below:
- Adds new bit fields definitions for SCTLR_EL1/2 registers
- Corrects the name of SCTLR_EL1/2.[20] bit field from
SCTLR_UWXN_BIT to SCTLR_TSCXT_BIT
- Adds FEAT_PANx bit field definitions and their possible
values for ID_AA64MMFR1_EL1 register.
- Adds setting of SCTLR_EL1.SPAN bit to preserve PSTATE.PAN
on taking an exception to EL1 in spm_sp_setup() function
(services\std_svc\spm_mm\spm_mm_setup.c)
Change-Id: If51f20e7995c649126a7728a4d0867041fdade19
Signed-off-by: Alexei Fedorov <Alexei.Fedorov@arm.com>
This errata workaround did not work as intended and was revised in
subsequent SDEN releases so we are reverting this change.
This is the patch being reverted:
https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4686
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: I8554c75d7217331c7effd781b5f7f49b781bbebe
This errata workaround did not work as intended and was revised in
subsequent SDEN releases so we are reverting this change.
This is the patch being reverted:
https://review.trustedfirmware.org/c/TF-A/trusted-firmware-a/+/4684
Signed-off-by: John Powell <john.powell@arm.com>
Change-Id: I560749a5b55e22fbe49d3f428a8b9545d6bdaaf0
Currently, when RECLAIM_INIT_CODE is set, the
stacks are scaled to ensure that the entirety
of the init section can be reclaimed as stack.
This causes an issue in lib/psci/aarch64/psci_helpers.S,
where the stack size is used for cache operations in
psci_do_pwrdown_cache_maintenance(). If the stacks
are scaled, then the PSCI code may fail to invalidate
some of the stack memory before power down.
Resizing stacks is also not good for stability in general,
since code that works with a small number of cores may
overflow the stack when the number of cores is increased.
Change to make every stack be PLATFORM_STACK_SIZE big,
and allow the total stack to be smaller than the
init section.
Any pages of the init section not reclaimed as
stack will be set to read-only and execute-never,
for security.
Change-Id: I10b3884981006431f2fcbec3864c81d4a8c246e8
Signed-off-by: David Horstmann <david.horstmann@arm.com>
When issuing barrier instructions like DSB or DMB, we must make sure
that the compiler does not undermine out efforts to fence off
instructions. Currently the compiler is free to move the barrier
instruction around, in respect to former or later memory access
statements, which is not what we want.
Add a compiler barrier to the inline assembly statement in our
DEFINE_SYSOP_TYPE_FUNC macro, to make sure memory accesses are not
reordered by the compiler.
This is in line with Linux' definition:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/arch/arm64/include/asm/barrier.h
Since those instructions share a definition, apart from DSB and DMB this
now also covers some TLBI instructions. Having a compiler barrier there
also is useful, although we probably have stronger barriers in place
already.
Change-Id: If6fe97b13a562643a643efc507cb4aad29daa5b6
Reported-by: Alexandru Elisei <alexandru.elisei@arm.com>
Signed-off-by: Andre Przywara <andre.przywara@arm.com>
To support platforms without Trusted DRAM this patch defines
PLAT_ARM_SPMC_BASE and enables platform to use either Trusted DRAM or
DRAM region behind TZC.
Change-Id: Icaa5c7d33334258ff27e8e0bfd0812c304e68ae4
Signed-off-by: Arunachalam Ganapathy <arunachalam.ganapathy@arm.com>